Aggregator

The North Korean threat actor known as ScarCruft has been linked to the zero-day exploitation of a now-patched security flaw in Windows to infect devices with malware known as RokRAT. The vulnerability in question is CVE-2024-38178 (CVSS score: 7.5), a memory corruption bug in the Scripting Engine that could result in remote code execution when using the Edge browser in Internet Explorer Mode.

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Windows Kernel, Mozilla Firefox and SolarWinds Web Help Desk bugs to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the following vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog: An attacker could exploit the vulnerability CVE-2024-30088 to gain SYSTEM privileges. Successful exploitation of […]

Боевая птица открывает новую эру автономной авиации.

在这个信息爆炸的时代，开源情报已成为一种潮流和趋势。越来越多的人开始关注开源，参与到开源情报的行列中来。

-赛博昆仑漏洞安全通告-【复现】 WebLogic T3/IIOP 反序列化漏洞（CVE-2024-21216）风险通告

To stay safe from cyber attacks, organizations need effective ways to gather information about threats before they cause irreparable damage. Let’s look at several methods for gathering threat intelligence (TI) to see how they can help you gain a better view of the current threat landscape.  Why is Threat Intelligence Important?  Threat intelligence is important […]

The post Cyber Information Gathering: Techniques <br>and Tools for Effective Threat Research  appeared first on ANY.RUN's Cybersecurity Blog.

Swift announced that it is rolling out new AI-enhanced fraud detection to help the global payments industry step up its defence as bad actors grow increasingly sophisticated. Available from January 2025, the service is the result of extensive collaboration with banks from around the world and a successful pilot earlier this year. The new capability builds on Swift’s existing Payment Controls Service — used by many small and medium-sized financial institutions — by drawing on … More →

The post Swift launches AI-powered fraud detection service appeared first on Help Net Security.

Android 15 brings enhanced security features to protect your sensitive health, financial, and personal data from theft and fraud. It also introduces productivity improvements for large-screen devices and updates to apps like the camera, messaging, and passkeys. Android theft protection Google has developed and rigorously tested a comprehensive set of features to protect your data at every stage—before, during, and after theft. The new Theft Detection Lock uses AI to protect your data, automatically locking … More →

The post Android 15 unveils new security features to protect sensitive data appeared first on Help Net Security.

Почему американцы все еще тайно пользуются российским антивирусом?

新研究表明，青少年焦虑和抑郁程度的升高与社媒使用密切相关。牛津大学的初步研究发现，约六成的 16-18 岁青少年每天在社交媒体网站上花费 2-4 个小时。最极端的情况下，有青少年报告社媒使用时间长达 8 小时。研究发现，女孩报告的心理健康问题比男孩多，最常用的五大社交媒体平台是 Instagram、Snapchat、TikTok、WhatsApp 和 YouTube。报告称，仅仅增加睡眠和加强锻炼就能大大改善这一年龄段人群的心理健康。研究发现， “agency”——定义为对行动及其后果的控制感——与心理健康密切相关。“当 agency 较低时焦虑和抑郁会升高，而当 agency 较高时焦虑和抑郁会降低。

10月18日，上海五角场凯悦酒店见！

The long-active, India-sponsored cyber-threat group targeted multiple entities across Asia, Africa, the Middle East, and even Europe in a recent attack wave that demonstrated the use of a previously unknown post-exploit tool called StealerBot.

Panduit partners with Hyperview to replace its SmartZone Cloud software product offerings with Hyperview’s cloud-based DCIM platform TINLEY PARK, Ill. & Vancouver, British Columbia – October 16, 2024: Panduit, a global leader in innovative electrical and network infrastructure solutions, and Hyperview, the leading cloud-based data center infrastructure management (DCIM) platform, are excited to ...

The post Panduit Partners with Hyperview to Offer Clients Modern DCIM Software Tools appeared first on Hyperview.

The post Panduit Partners with Hyperview to Offer Clients Modern DCIM Software Tools appeared first on Security Boulevard.

Rond de 150 mariniers leverden in Bosnië-Herzegovina gedurende 1 jaar een bijdrage aan EUFOR Althea. Doel van deze EU-missie is de stabiliteit in de westelijke Balkan te bewaken. Roemeense militairen hebben die rol inmiddels overgenomen. De laatste eenheid van het Korps Mariniers is terug in Nederland. Een overzicht van Defensieoperaties in de week van 9 tot en met 15 oktober 2024.

История о том, как преступники использовали красоту для обмана жертв из нескольких стран.

A vulnerability has been found in Google Cloud Migrate to Containers up to 1.2.2 and classified as critical. Affected by this vulnerability is an unknown functionality. The manipulation leads to incorrect default permissions. This vulnerability is known as CVE-2024-9858. The attack needs to be approached locally. There is no exploit available.

Подмена системных команд открывает новые возможности для киберпреступников.