Aggregator

When we perform security assessments at Include Security, we like to have a holistic view of th

那些非常好用的红队工具正在被滥用于日益增长的攻击中，因为越来越多的黑客开始寻求非技术性和暴力破解方法。

Cybersecurity Training and Education Must Evolve to Keep Pace With the Profession
Over the past few decades, cybersecurity has evolved from a niche concern into a global priority, creating a vast and dynamic career field. While we celebrate the journey, let's also focus on how today's cybersecurity professionals will shape the future.

LA County Clinic Delayed Access to Patient's Medical Records During Pandemic
Federal regulators have fined a Los Angeles county mental health clinic $100,000 for failure to provide a patient with timely access to her requested health records during the COVID-19 pandemic. The case is the U.S. government's 51st HIPAA patient right-of-access enforcement action.

Military Says Ship-to-Shore Cranes Made in China Include Dangerous Security Flaws
The United States Coast Guard is continuing to warn of significant security risks embedded in ship-to-shore cranes developed by companies with ties to Beijing while issuing new sensitive requirements for ports operating Chinese-made cranes across the country.

Nightwing's John DeSimone Talks Growth, Threats, National Security and AI Strategy
Nightwing CEO John DeSimone reveals how the company’s independence from Raytheon allows it to better serve customers, invest in intelligence, advanced AI and data solutions, address sophisticated cyberthreats, and maintain a no-fail mission approach in the face of rising security threats.

Justice Department Dismantles Cybercrime Hub, Announces Charges and Seizes Crypto
The Justice Department has seized PopeyeTools, a notorious cybercrime marketplace, while announcing criminal charges for three alleged operators behind the website, which generated over $1.7 million in revenue, according to a Wednesday announcement.

Cybersecurity Training and Education Must Evolve to Keep Pace With the Profession
Over the past few decades, cybersecurity has evolved from a niche concern into a global priority, creating a vast and dynamic career field. While we celebrate the journey, let's also focus on how today's cybersecurity professionals will shape the future.

LA County Clinic Delayed Access to Patient's Medical Records During Pandemic
Federal regulators have fined a Los Angeles county mental health clinic $100,000 for failure to provide a patient with timely access to her requested health records during the COVID-19 pandemic. The case is the U.S. government's 51st HIPAA patient right-of-access enforcement action.

Military Says Ship-to-Shore Cranes Made in China Include Dangerous Security Flaws
The United States Coast Guard is continuing to warn of significant security risks embedded in ship-to-shore cranes developed by companies with ties to Beijing while issuing new sensitive requirements for ports operating Chinese-made cranes across the country.

Nightwing's John DeSimone Talks Growth, Threats, National Security and AI Strategy
Nightwing CEO John DeSimone reveals how the company’s independence from Raytheon allows it to better serve customers, invest in intelligence, advanced AI and data solutions, address sophisticated cyberthreats, and maintain a no-fail mission approach in the face of rising security threats.

Justice Department Dismantles Cybercrime Hub, Announces Charges and Seizes Crypto
The Justice Department has seized PopeyeTools, a notorious cybercrime marketplace, while announcing criminal charges for three alleged operators behind the website, which generated over $1.7 million in revenue, according to a Wednesday announcement.

The software supply chain is under siege. Threat actors increasingly exploit weaknesses in code

Ubuntu系统中的实用程序Needrestart近日被曝出存在5个本地权限提升（LPE）漏洞，这些漏洞已经潜藏了10年才被发现。

Over the past year we have been hard at work on refreshing the Kali Forums, and today we are proud t

A vulnerability was found in itsourcecode Agri-Trading Online Shopping System 1.0. It has been classified as problematic. Affected is an unknown function of the component Add to Cart. The manipulation of the argument quantity with the input -0 leads to enforcement of behavioral workflow. This vulnerability is traded as CVE-2024-50968. It is possible to launch the attack remotely. There is no exploit available.

A vulnerability was found in Google Android 8.0/8.1. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component Autofill Service. The manipulation leads to information disclosure. This vulnerability is known as CVE-2017-13227. The attack needs to be initiated within the local network. There is no exploit available. It is recommended to apply a patch to fix this issue.