Aggregator

这是一个Reddit社区，专注于网络安全部门的学生交流与学习，提供资源分享、问题解答和互助服务，并要求成员遵守相关规则。

微软总裁 Brad Smith 周一表示，该公司正与法国政府合作，创建巴黎圣母院的数字版本。巴黎圣母院是法国最多人访问的观光景点。这座拥有 862 年历史的哥特式建筑在 2019 年遭遇了一场毁灭性的大火，经过五年修复后于去年 12 月重新开放。微软表示数字版将记录其建筑细节，为游客和无法去参观的人提供虚拟体验。微软实际上在 20 年前就使用名为 PhotoSynth 的技术尝试过构建巴黎圣母院的 3D 模型。

Чем больше обновлений ставят админы, тем сильнее маскируются уже внедрённые бэкдоры.

Thousands of organizations worldwide face active cyberattacks targeting Microsoft SharePoint servers through two critical vulnerabilities, prompting urgent government warnings and emergency patches. Microsoft confirmed over the weekend that threat actors are actively exploiting two zero-day vulnerabilities in on-premises SharePoint servers, designated CVE-2025-53770 and CVE-2025-53771. The attacks, dubbed “ToolShell” by security researchers, have compromised dozens of […]

The post Microsoft Releases Mitigations and Threat Hunting Queries for SharePoint Zero-Day appeared first on Cyber Security News.

Data breaches seem to pop up in the news every other week, so it’s no surprise that keeping sensitive information safe has jumped to the top of the priority list for just about every industry. Hardware-encrypted drives like the iStorage diskAshur PRO3 address this need by offering physical security combined with convenience and flexibility. I’ve been trying out the 2TB SSD version of the diskAshur PRO3 to see how it holds up in everyday use. … More →

The post Product showcase: iStorage diskAshur PRO³ appeared first on Help Net Security.

标准从组织环境、领导、规划、支持、运行、绩效评价和改进七个方面规定了要求。

勒索软件操作利用ClickFix来感染目标，但它转向FileFix表明攻击者很快就适应了更隐蔽的攻击方法。这是首次公开证实FileFix被用于实际的网络攻击。

Маск отвечает детским ИИ на критику Grok 4.

A single compromised password has been identified as the catalyst that destroyed a century-old transport company and displaced 700 employees, highlighting the devastating impact of cybersecurity vulnerabilities on British businesses. The case of KNP, a Northamptonshire-based logistics firm, represents a stark warning about the growing ransomware threat facing UK enterprises. KNP, which had operated for […]

The post Weak Password Enables Ransomware Attack on 158-Year-Old Firm appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

一位负责组织网络安全研讨会的人寻求建议。目标受众是已有基础的学生（如钓鱼、社会工程）。他考虑讨论恶意软件分析但不确定是否合适，并希望得到其他建议（排除CTF和展示型工作坊）。

Austin, United States / TX, 22nd July 2025, CyberNewsWire

Рельсотрон в форме «X» обещает вдвое больше мощности и дальность до 400 км.

In this Help Net Security video, Chad Humphries, Solution Consultant, Networks & Cyber Security at Rockwell Automation, explores how cyber risk quantification is becoming essential for modern organizations. He breaks down global legal frameworks, AI’s growing role in dispute resolution, and how regulatory changes are redefining liability. Learn why understanding technical debt, fiduciary obligations, and “secure by design” standards is crucial for protecting your business and making informed cybersecurity investment decisions.

The post What the law says about your next data breach appeared first on Help Net Security.

Dell Technologies has acknowledged a significant security incident involving its Customer Solution Centers platform, with the World Leaks extortion group successfully infiltrating the isolated demonstration environment used for showcasing products to commercial clients. The breach, which occurred earlier this month, represents another high-profile attack by the newly rebranded threat actor formerly known as Hunters International. […]

The post Dell Data Breach – World Leaks Group Hacks Test Lab Platform appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A financially motivated threat group dubbed Greedy Sponge has been systematically targeting Mexican financial institutions and organizations since 2021 with a heavily modified version of the AllaKore remote access trojan (RAT). The campaign represents a sophisticated evolution of cybercriminal tactics, combining traditional social engineering with advanced technical capabilities designed specifically for financial fraud operations. The […]

The post Greedy Sponge Hackers Attacking Financial Institutions With Modified Version of AllaKore RAT appeared first on Cyber Security News.

澳大利亚网络安全中心警告称，针对本地部署的微软SharePoint服务器的CVE-2025-53770漏洞正被积极利用，可导致远程代码执行。建议立即安装安全更新，并采取防护措施以缓解风险。

Printer platform security is often overlooked in enterprise security strategies, creating security gaps, according to HP Wolf Security. By addressing security at every stage, organizations can strengthen their defenses and ensure their print infrastructure remains a trusted part of their IT ecosystem. The report reveals that during the ongoing management stage, just 36% of IT and security decision-makers (ITSDMs) apply firmware updates promptly. This is despite IT teams spending 3.5 hours per printer per month … More →

The post Enterprise printer security fails at every stage appeared first on Help Net Security.

A CVSS score 8.8 AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H severity vulnerability discovered by '김명규' was reported to the affected vendor on: 2025-07-22, 72 days ago. The vendor is given until 2025-11-19 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

A CVSS score 7.8 AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H severity vulnerability discovered by 'Filip Dragovic (@filip_dragovic)' was reported to the affected vendor on: 2025-07-22, 72 days ago. The vendor is given until 2025-11-19 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

A CVSS score 7.8 AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H severity vulnerability discovered by 'Rocco Calvi (@TecR0c) with TecSecurity' was reported to the affected vendor on: 2025-07-22, 76 days ago. The vendor is given until 2025-11-19 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.