Aggregator

活动时间延长啦～ 活动时间：2024.10.18 - 2024.10.31

活动时间延长啦～ 活动时间：2024.10.18 - 2024.10.31

A vulnerability classified as very critical was found in Oracle Insurance Calculation Engine 9.7/10.0/10.1/10.2. This vulnerability affects unknown code of the component Apache Commons FileUpload. The manipulation leads to improper access controls. This vulnerability was named CVE-2016-1000031. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

sliver (二)流量分析&源码分析&特征对抗

分享某单位众测项目渗透测试经验

抓取微信小程序的包(保姆教程)

sandbox之侧信道攻击

LinkedIn violated the EU’s GDPR in how it processes its users personal data for behavioral purposes

A vulnerability has been found in HP Secure OS 1.0 and classified as critical. This vulnerability affects the function system of the component dvips Converter. The manipulation leads to improper privilege management. This vulnerability was named CVE-2002-0836. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

Продвинутые алгоритмы становятся новым инструментом в геополитике.

A vulnerability classified as very critical was found in Oracle WebCenter Sites 12.2.1.3.0. This vulnerability affects unknown code of the component OpenSSL. The manipulation leads to improper access controls. This vulnerability was named CVE-2016-1000031. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

В РФ стартовал эксперимент по добровольной маркировке видеоигр.

Белые хакеры ломают умный дом и создают новые банкноты.

The U.S. Securities and Exchange Commission (SEC) has charged four current and former public companies for making "materially misleading disclosures" related to the large-scale cyber attack that stemmed from the hack of SolarWinds in 2020. The SEC said the companies – Avaya, Check Point, Mimecast, and Unisys – are being penalized for how they handled the disclosure process in the aftermath of

DPC公开表示，LinkedIn 平台违反了多项 GDPR 原则，决议对 LinkedIn 处以 3.1 亿欧元（约23.8亿人民币）的罚款。

总结推荐本周的热点资讯、安全事件、一周好文和省心工具，保证大家不错过本周的每一个重点！

DLP is key in cybersecurity; a risk assessment identifies data risks, helping turn findings into real-world security improvements. Data loss prevention (DLP) is a cornerstone of any effective cybersecurity strategy. Protecting sensitive data is what cybersecurity is all about. So, how can you conduct a DLP risk assessment? And how can you translate those findings […]

ESET раскрывает опасный тандем MDeployer и MS4Killer

点击了解更新详情~

高盛集团分析了光伏面板、锂离子电池、空调、电动汽车、建筑机械、钢铁、功率半导体的供需动向。其中除钢铁和功率半导体以外，其他 5 个行业都陷入了全球水平的产能过剩。产能过剩最为严重的是光伏面板。中国的供应能力达到 1036 吉瓦，这是 2023 年全球需求（533 吉瓦）的 1.9 倍。预计 2024 年以后中国的供应能力会继续高于全球需求。中国的电动汽车产能已达到全球EV需求的 1.2 倍。锂电池的供应能力是国内需求的 3.3 倍、全球需求的 1.5 倍。