Aggregator

3.6 亿印度巴帝电信用户将能免费使用先进 AI 模型一年

Solidot
7 months ago
AI 公司 Perplexity 与印度电信巨头巴帝电信(Bharti Airtel)合作,向其 3.6 亿用户免费提供 Pro 服务一整年,这是全球同类服务中规模最大的分销协议。Perplexity 的 Pro 服务年费为 200 美元,提供的先进模型包括了 GPT-4.1、Claude Sonnet 和 Opus 4,甚至还有 xAI 最新的 Grok 4。按移动用户使用量计算印度已成为 ChatGPT 最大的市场。

网宿安全发布《2024年度网络安全态势报告》AI驱动攻防升维,体系化主动安全成破局关键

嘶吼
7 months ago

近日,网宿科技旗下品牌网宿安全正式发布《2024年度网络安全态势报告》(以下简称《报告》)。报告基于其服务金融、政务、制造等数十个行业的攻防数据,对过去一年企业Web安全、办公安全等领域的攻击态势与防御技术进行分析,并系统性提出“AI驱动的体系化主动安全”理念,为企业在AI浪潮下的安全建设提供可落地的实施路径。

资产暴露面风险激增,“AI”正在成为最锋利的“茅”

2024年,数字化转型浪潮下企业资产暴露面风险急剧扩大。

《报告》显示,全球新增CVE漏洞首次突破4万大关,高危漏洞占比高达67.98%。国产软件漏洞利用攻击持续攀升,主要针对协同办公、内容管理和企业资源规划三大类系统。22、3389、443等关键端口的暴露量更达亿级规模。攻击者正沿“暴露面突破→应用层渗透→终端横向移动”的路径重构攻击链。

其中,最引人关注的是AI系统自身脆弱性引发的安全风险,以及AI技术被不当利用衍生的安全风险。网宿安全主机安全平台测绘到,2024年热门AI类应用CVE漏洞新增了250个,同比增长36%,增速超过了整体CVE漏洞的增长。而提示词注入攻击作为位居首位的AI应用特有风险,也已从最初的诱导模型泄露敏感信息,升级为诱导模型调用系统权限的高危行为,凸显健全大模型防御体系的紧迫性。

与此同时,生成式AI技术的普及显著降低了攻击门槛,推动网络攻防呈现"规模化、智能化、强对抗"的新特征。

Web攻击态势方面,T级DDoS攻击达到219次,同比激增10倍;60%的Web攻击聚焦于API接口,大模型应用生态API接口数量的爆发成为API攻击增长的重要来源;恶意Bot请求量突破3200亿次,并呈现出“全链路对抗”特性,动态调整攻击策略绕过防御。

在办公网络方面,攻击事件增长47%,多分支机构企业因防护薄弱成为主要目标;数据泄露风险通过网盘、文库等知识共享平台持续扩散;AI生成的深度伪造的邮件已占商业邮件欺诈的40%。另外以挖矿病毒、大型僵尸网络、勒索病毒等为主的资源占用型攻击手段,以及弱口令、防御绕过技术、持久化攻击等方式,仍然是主机安全的主要威胁来源。

此外,网宿安全遍布全球的攻防网络监测到,东南亚地区争逐步成为DDoS攻击源的新兴区域。具体来看,印度尼西亚、新加坡、越南三国的DDoS攻击源分布跃升至全球第3、第4和第5位,而在2023年这三个国家的排名分别是第10、第17以及第30,变化显著。

会上,胡钢伟指出,在多种攻击手段融合与攻击链条复杂化的双重趋势推动下,企业安全体系正从"规则维度"向"认知维度"升维,从单点防护向“全链条监测、多维度对抗”的立体化防御体系加速演进。

防御变革:以“AI驱动的体系化主动安全”,构筑动态免疫系统

《报告》指出,企业安全建设向‘AI驱动的体系化主动安全’升级,需构建‘暴露面收敛-纵深防御-智能运营’三位一体的动态防护架构。”

在web安全及办公安全方面,针对资产暴露面激增问题,《报告》建议通过MSS(安全托管服务)实现"人机共智"的动态风险治理;针对AI驱动威胁向智能化、强对抗演变等新特征,企业可基于WAAP、SASE等前沿架构,构建覆盖全流量的威胁检测和防御体系,并利用AI技术形成自适应防御模型,实现从“被动防御”到“主动免疫”的转变。

针对大模型的规模化应用过程中带来的安全挑战,《报告》提出分区分域防御的策略,建议大模型基础设施域采用云原生安全技术强化主机与容器安全,大模型应用域依托WAAP架构构建Web与API全链路防护,大模型数据域通过零信任机制与数据库全生命周期审计实现动态管控,形成覆盖"基础设施-应用交互-数据资产"的立体防护体系。

会上,网宿科技售前及解决方案部大区经理王华强重点介绍了一些频发的攻防场景,如:某潮玩商城拦截99%异常订单流量,连锁企业全国门店统一安全管理,以及央国企安全事件发现及响应时效从8小时缩短至10分钟等成功案例,实证了该体系在多阶段智能对抗、终端安全管理、安全运营提效等场景的落地价值,彰显了安全防御与业务发展的深度协同能力。

最后,胡钢伟在交流时表示,网宿安全发布报告不仅是为揭示威胁态势,更是为分享下一代安全体系的建设思路。他强调,“网宿将持续迭代体系化主动安全能力,护航数字生态的稳健发展,这是技术供应商在AI时代必须履行的责任。”

企业资讯

How MSSPs Detect Incidents Early with Threat Intelligence Feeds from ANY.RUN  

Anyrun
7 months ago

Managed Security Service Providers (MSSPs) are tasked with protecting multiple clients simultaneously while maintaining cost efficiency, rapid response times, and customer trust. The key to success lies in early threat detection, which requires access to high-quality, actionable threat intelligence that can be immediately applied across diverse client environments.   Main MSSP Challenges MSSPs operate in a […]

The post How MSSPs Detect Incidents Early with Threat Intelligence Feeds from ANY.RUN   appeared first on ANY.RUN's Cybersecurity Blog.

ANY.RUN

Threat Actors Deploy 28+ Malicious Packages to Spread Protestware Scripts

GBHackers on Security | #1 Globally Trusted Cyber Security News Platform
7 months ago

Socket’s Threat Research Team has discovered a network of at least 28 malicious packages including protestware scripts, totaling approximately 2,000 copies, in a major escalation within the npm supply chain. These packages, initially flagged in two instances for hidden functionality targeting Russian-language users on Russian or Belarusian domains, have proliferated across the ecosystem. The protestware, […]

The post Threat Actors Deploy 28+ Malicious Packages to Spread Protestware Scripts appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Aman Mishra

CVE-2024-26688 | Linux Kernel up to 6.7.5 null pointer dereference (Nessus ID 239850 / WID-SEC-2024-0773)

Vuldb Updates
7 months ago
A vulnerability classified as critical has been found in Linux Kernel up to 6.7.5. This affects an unknown part. The manipulation leads to null pointer dereference. This vulnerability is uniquely identified as CVE-2024-26688. The attack can only be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2024-26697 | Linux Kernel up to 6.7.5 nilfs2 nilfs_recovery_copy_block uninitialized pointer (Nessus ID 239850 / WID-SEC-2024-0773)

Vuldb Updates
7 months ago
A vulnerability was found in Linux Kernel up to 6.7.5. It has been classified as critical. Affected is the function nilfs_recovery_copy_block of the component nilfs2. The manipulation leads to uninitialized pointer. This vulnerability is traded as CVE-2024-26697. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2024-26685 | Linux Kernel up to 6.7.5 nilfs2 end_buffer_async_write race condition (Nessus ID 232182 / WID-SEC-2024-0773)

Vuldb Updates
7 months ago
A vulnerability was found in Linux Kernel up to 6.7.5. It has been rated as problematic. Affected by this issue is the function end_buffer_async_write of the component nilfs2. The manipulation leads to race condition. This vulnerability is handled as CVE-2024-26685. The attack needs to be approached within the local network. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2022-3061 | Linux Kernel i740 Driver ioctl pixclock divide by zero (Nessus ID 236648 / WID-SEC-2024-0773)

Vuldb Updates
7 months ago
A vulnerability classified as problematic has been found in Linux Kernel. This affects the function ioctl of the component i740 Driver. The manipulation of the argument pixclock leads to divide by zero. This vulnerability is uniquely identified as CVE-2022-3061. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to apply a patch to fix this issue.
vuldb.com

CVE-2024-26686 | Linux Kernel up to 6.1.81/6.7.5 lock_task_sighand denial of service (cf4b8c39b9a0/27978243f165/7601df8031fd / Nessus ID 207693)

Vuldb Updates
7 months ago
A vulnerability was found in Linux Kernel up to 6.1.81/6.7.5. It has been classified as critical. This affects the function lock_task_sighand. The manipulation leads to denial of service. This vulnerability is uniquely identified as CVE-2024-26686. The attack needs to be approached within the local network. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

研究揭示全球精英离岸隐藏财富的模式

Solidot
7 months ago
超级富豪和寡头之类的全球精英以利用离岸金融系统隐藏财富著称,美国达特茅斯大学(Dartmouth)的研究人员 利用离岸金融泄密数据库揭示了全球精英离岸隐藏财富的模式,数据库涵盖了近 3000 名全球富豪。研究发现了三种有明显区别的模式:来自威权国家、存在报复风险的精英更可能将财富分散到多个离岸金融中心;来自因缺乏公民权利或政府有限监管而导致财产容易被没收的国家的精英更可能采用隐蔽的策略隐藏财富,他们更希望维持匿名;来自担心资产被没收和腐败国家的精英则倾向于采用混合策略,分散资产并保持隐蔽性。论文主要作者、助理教授 Herbert Chang 以新加坡为例,称该国政府不腐败,但公民参与度很低,其精英仍然会利用离岸金融中心。

CVE-2024-7595 | GRE Protocol/GRE6 Protocol improper authentication (Nessus ID 242166)

Vuldb Updates
7 months ago
A vulnerability was found in GRE Protocol and GRE6 Protocol. It has been declared as critical. Affected by this vulnerability is an unknown functionality. The manipulation leads to improper authentication. This vulnerability is known as CVE-2024-7595. The attack can be launched remotely. There is no exploit available. Due to its background and reception, this vulnerability has an historic impact.
vuldb.com

CVE-2024-47174 | NixOS nix up to 2.18.7/2.24.7 HTTPS Connection certificate validation (GHSA-6fjr-mq49-mm2c / Nessus ID 242201)

Vuldb Updates
7 months ago
A vulnerability was found in NixOS nix up to 2.18.7/2.24.7 and classified as critical. This issue affects some unknown processing of the component HTTPS Connection Handler. The manipulation leads to improper certificate validation. The identification of this vulnerability is CVE-2024-47174. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2024-45593 | NixOS nix up to 2.24.5 NAR path traversal (GHSA-h4vv-h3jq-v493 / Nessus ID 242201)

Vuldb Updates
7 months ago
A vulnerability was found in NixOS nix up to 2.24.5 and classified as critical. Affected by this issue is some unknown functionality of the component NAR Handler. The manipulation leads to path traversal. This vulnerability is handled as CVE-2024-45593. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2024-27297 | NixOS nix up to 2.3.17/2.18.1/2.19.3/2.20.4 on Linux Unix Domain Socket toctou (GHSA-2ffj-w4mj-pg37 / Nessus ID 242201)

Vuldb Updates
7 months ago
A vulnerability was found in NixOS nix up to 2.3.17/2.18.1/2.19.3/2.20.4 on Linux. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component Unix Domain Socket Handler. The manipulation leads to time-of-check time-of-use. This vulnerability is known as CVE-2024-27297. The attack needs to be approached within the local network. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2024-38531 | NixOS nix up to 2.23.0 insecure preserved inherited permissions (Nessus ID 242201)

Vuldb Updates
7 months ago
A vulnerability was found in NixOS nix up to 2.23.0 and classified as problematic. This issue affects some unknown processing. The manipulation leads to insecure preserved inherited permissions. The identification of this vulnerability is CVE-2024-38531. An attack has to be approached locally. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

Managed ad