Aggregator

Some IoT vulnerabilities, some Microsoft Exchange vulnerabilities, but not too much going on in March.

无法提供摘要。这是一篇受保护的文章。

Summary Sophos has released an update to mitigate three vulnerabilities in the Sophos Web Appliance (SWA). The most important of these three flaws is rated as critical and if exploited could lead to the execution of arbitrary code. Threat Type Vulnerability Overview **Update 04/25/2023** According to multiple sources, now that the patch for this vulnerability has been reverse engineered, functional Proof of Concept (POC) exploit code has been released. The POC code is available now to the public on Github

深度伪造技术在近几年迅速兴起，这种技术可以利用人工智能和大数据生成虚假图片、视频、文本等，其逼真程度往往让人难辨真伪，给政治安全、经济安全、社会安全、国民安全等国家安全领域带来了诸多风险。

On Friday, April 21, 2023, CISA added CVE-2023-27350 (a critical unauthenticated remote code execution vulnerability) impacting PaperCut MF and PaperCut NG to the Known Exploited Vulnerabilities (KEV) list. PaperCut MF and PaperCut NG are both enterprise printer management software. 

GreyNoise, in conjunction with TrinityCyber, has observed active exploitation attempts using weaknesses found in CVE-2023-1389 against TP-Link Archer gigabit routers. This post provides information about a new GreyNoise tag for this activity as well as details on the exploit attempt and how organizations can keep themselves safe from harm.

无法提供摘要。这是一篇受保护的文章。

最近手机空间越来越小，备份以后删除一些不必要的文件就显得很重要了。 但是默认情况下itunes备份ios数据是 […]

GreyNoise is changing how we classify environment file crawlers from unknown intent to malicious intent. This change will result in the reclassification of over 11,000 IPs as malicious. Users who use GreyNoise’s malicious tag to block IPs based on malicious intent will see an increase in blocked IPs.

无法提供摘要。这是一篇受保护的文章。

农历兔年到来的第一场CTF比赛，和校队的小师傅佛系看了看题目，学习学习练练手写写writeup记录下好了。