Aggregator

原文标题：Sredicting Patch Correctness Based on the Similar

Did you know that 99.9% of businesses in America are small businesses? [1] Small businesses are a major source of innovation for our country—but they’re often faced with limited resources and budgets. Many of them need cybersecurity solutions, guidance, and training so they can cost-effectively address and manage their cybersecurity risks. Hmmm…where can you find guidance like this all in one place? Voila! The Small Business Cybersecurity Corner ! This website was created by NIST in 2019 in response to the NIST Small Business Cybersecurity Act, which directed us to “disseminate clear and

Advice in response to the increase in sextortion scams

添加管理员微信号：quake_360,邀您加入技术交流群~

4月18日，东软集团携全线产品阵容亮相2023年上海车展。

CVE-2023-21931、CVE-2023-201839 在 Goby 已支持回显和反弹 shell

GreyNoise can help SOC teams reduce false positives by providing context to the alerts on internet-wide scanners, crawlers, and other suspicious activity that may trigger false alarms. So what can you do with ~8+ hours of your life back each week?

Bring Your Own Vulnerable Driver (BYOVD) techniques are not new; they can be traced back at least as far as 2012 and the Shamoon wiper that targeted Saudi Aramco. The attack used RawDisk driver, which could manipulate hard drives from user space without any special permissions. This access enabled the malicious actor to erase data … Continued

The post Bring Your Own Backdoor: How Vulnerable Drivers Let Hackers In appeared first on VMware Security Blog.

Google's Threat Analysis Group shares first quarter cyber updates on the threat landscape from the war in Ukraine.

下面是原文，不是割韭菜的，给个面子继续看一看催更的小伙伴我们来啦！「404星链计划」上新了~ 本期我们又收集

Catherine H reflects on how the changes to the refreshed Assured Cyber Security Consultancy scheme go deeper than just a new name - and welcomes two new consultancies to the scheme.

这次应该是以一个NETGEAR R7000路由器的nDay为基础出的题

WebLogic 存在远程代码执行漏洞（CVE-2023-21931），该漏洞允许未经身份验证的攻击者通过T3、IIOP协议网络访问并破坏易受攻击的WebLogic Server，成功的漏洞利用...

The Domain Name System (DNS) root zone will soon be getting a new record type, called ZONEMD, to further ensure the security, stability, and resiliency of the global DNS in the face of emerging new approaches to DNS operation. While this change will be unnoticeable for the vast majority of DNS operators (such as registrars, […]

The post Adding ZONEMD Protections to the Root Zone appeared first on Verisign Blog.

https://quake.360.net/quake/#/member

利用MisConfig HTTP Proxy Scanner发现配置不当的HTTP网关（正反向代理），突破边界访问企业内网应用