Aggregator

模糊测试 ASan 模式下有关堆的 ASan Redzone 和 Check 的源码解析

从search入手的jndi注入技术学习

house of force进阶利用--结合tcache头污染

pwn-ret2mprotect全解

PolarCTF网络安全2024秋季个人挑战赛PWN方向详细题解

由Snake YAML反序列化漏洞引出的出网与不出网情况下C3P0链子的利用

路由器dd手动提取固件---迅捷PoEAC路由一体机FR100P-AC固件提取

imagickd写shell的技术学习

kernel pwn从小白到大神(一)

浅析riscv逆向-由2024工业互联网一道零解题plctlove开始

英特尔过去大半年一直在调查和修复第 13/14 代酷睿高端桌面处理器的不稳定问题。英特尔早些时候称问题是因为电压过高导致的，它已经释出了多轮微码更新。最新释出的修正应该是该问题的最终修复，它包含了四部分：主板默认值过高、CPU 在运行过热时无法降频的 bug、CPU 长时间电压过高的 bug，以及 CPU 在空闲时电压过高的 bug。新的 0x12B 微码更新将修复最后一个问题。英特尔新一代 Arrow Lake 桌面处理器将通过台积电而不是自己的工厂制造，芯片巨人称新处理器没有电压过高和稳定性问题。

Hackers are increasingly exploiting third-party email infrastructures to send spam emails. This tactic complicates the detection and prevention of spam and threatens the integrity of legitimate email communications. By leveraging vulnerabilities in various online platforms, cybercriminals can masquerade as legitimate users and send unsolicited emails that can bypass traditional spam filters. Exploiting Online Registration and […]

The post Hackers Abusing Third-Party Email Infrastructure to Send Spam Mails appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

От подопытных кроликов до диктаторов - кто же мы такие?

$10 млн за голову преступника, заработавшего до $1 млрд на краденных картах.

​​Microsoft released the September 2024 preview update (KB5043145) for Windows 11 23H2 and 22H2, with 13 improvements and fixes for multiple issues, including Edge and task manager freezes. [...]

The U.S. government sanctioned the virtual currency exchanges Cryptex and PM2BTC for facilitating cybercrime and money maundering. The U.S. government sanctioned two cryptocurrency exchanges, Cryptex and PM2BTC, and indicted a Russian national for allegedly facilitating cybercriminal activities and money laundering. The authorities believe that these exchanges facilitate the laundering of proceeds from cybercrime. “The Justice […]

After much hyping and following prematurely leaked information by a third party, security researcher Simone Margaritelli has released details about four zero-day vulnerabilities in the Common UNIX Printing System (CUPS) that can be abused by remote, unauthenticated attackers to achieve code execution on vulnerable Linux and Unix-like sistems. The CUPS vulnerabilities CUPS is an open-source printing system that allows a computer on which is installed to act as a print server. It is developed by … More →

The post CUPS vulnerabilities affecting Linux, Unix systems can lead to RCE appeared first on Help Net Security.

数据安全再敲警钟

连中三元！