INC
You must login to view this content
Aggregator
Akira
7 months 1 week ago
You must login to view this content
cohenido
Lynx
7 months 1 week ago
You must login to view this content
cohenido
MITRE Launches New Framework to Tackle Crypto Risks
7 months 1 week ago
MITRE has introduced AADAPT framework, a new cybersecurity framework aimed at mitigating risks in digital financial systems like cryptocurrency
Reddit 开始要求访问成人内容的英国用户验证年龄
7 months 1 week ago
Reddit 宣布,为了遵守英国的新法律 Online Safety Act,它开始要求访问成人内容的英国用户验证年龄。Reddit 是通过第三方服务 Persona 验证用户年龄,Persona 会对用户上传的自拍照或政府颁发的身份证件照片进行验证。Reddit 不会储存用户上传的照片,只会储存验证状态和用户提供的出生日期,用户无需在每次访问成人内容时进行验证。Reddit 称,Persona 承诺保护数据隐私,承诺不会将照片保留超过 7 天,它也无法访问用户的 Reddit 数据。
Lynx
7 months 1 week ago
You must login to view this content
cohenido
Lynx
7 months 1 week ago
You must login to view this content
cohenido
CVE-2007-4976 | Coppermine Photo Gallery docs/showdoc.php path traversal (EDB-30595 / Nessus ID 26084)
7 months 1 week ago
A vulnerability classified as problematic was found in Coppermine Photo Gallery. Affected by this vulnerability is an unknown functionality of the file docs/showdoc.php. The manipulation leads to path traversal.
This vulnerability is known as CVE-2007-4976. The attack can be launched remotely. Furthermore, there is an exploit available.
It is recommended to upgrade the affected component.
vuldb.com
月之暗面发布 1 万亿参数的开源模型
7 months 1 week ago
北京月之暗面科技有限公司上周发布了有 1 万亿总参数、320 亿激活参数的混合专家模型 Kimi K2。基准测试显示它能在部分领域打败 OpenAI 的 GPT-4.1。Kimi K2 在软件工程测试 SWE-bench Verified 中的正确率达到了 65.8%,超过了大多数开源模型,能与私有模型相媲美;在编程测试 LiveCodeBench 中,Kimi K2 的正确率达到了 53.7%,超过了 DeepSeek-V3 的 46.9% 和 GPT-4.1 的 44.7%;在数学推理测试 MATH-500 中的得分为 97.4%,超过了 GPT-4.1 的 92.4%。相比 OpenAI,月之暗面投入的成本更低,速度更快更便宜。
Cloudflare 1.1.1.1 incident on July 14, 2025
7 months 1 week ago
July 14th, 2025, Cloudflare made a change to our service topologies that caused an outage for 1.1.1.1 on the edge, causing downtime for 62 minutes for customers using the 1.1.1.1 public DNS Resolver.
Ash Pallarito
CyberArk: Rise in Machine Identities Poses New Risks
7 months 1 week ago
Comprehensive Machine Identity Security Needed for Non-Human Identities
A study from CyberArk shows that machine identity-related security incidents are increasing as the volume and complexity of machine identities surge. Security leaders must build an end-to-end strategy to secure non-human identities and prevent attacks and outages.
A study from CyberArk shows that machine identity-related security incidents are increasing as the volume and complexity of machine identities surge. Security leaders must build an end-to-end strategy to secure non-human identities and prevent attacks and outages.
No Data on Devices: How Virtual Mobile Infrastructure Changes the Game
7 months 1 week ago
Hypori's Lewandowski on Eliminating Data and Apps From Personal Devices
Traditional BYOD strategies rely on managing personal devices directly, which introduces privacy concerns and leaves organizations vulnerable to attacks such as phishing, network compromise and device rooting, said Wayne Lewandowski, chief revenue officer at Hypori.
Traditional BYOD strategies rely on managing personal devices directly, which introduces privacy concerns and leaves organizations vulnerable to attacks such as phishing, network compromise and device rooting, said Wayne Lewandowski, chief revenue officer at Hypori.
Cloudflare recognized as a Visionary in 2025 Gartner® Magic Quadrant™ for SASE Platforms
7 months 1 week ago
Gartner has recognized Cloudflare as a Visionary in the 2025 Gartner® Magic Quadrant™ for SASE Platforms report.
Abe Carryl
Konfety Android Malware on Google Play Uses ZIP Manipulation to Imitate Legitimate Apps
7 months 1 week ago
Sophisticated Android malware variant exploits ZIP-level manipulation and dynamic code loading to evade detection while conducting ad fraud operations targeting mobile users globally. Zimperium’s zLabs security research team has identified a new and highly sophisticated variant of the Konfety Android malware that employs advanced evasion techniques to bypass security analysis tools and conduct fraudulent advertising […]
The post Konfety Android Malware on Google Play Uses ZIP Manipulation to Imitate Legitimate Apps appeared first on Cyber Security News.
Guru Baran
CVE-2017-15276 | EMC OpenText Documentum Content Server up to 7.3 TAR File path traversal (EDB-43002 / BID-101639)
7 months 1 week ago
A vulnerability classified as critical has been found in EMC OpenText Documentum Content Server up to 7.3. Affected is an unknown function of the component TAR File Handler. The manipulation leads to path traversal.
This vulnerability is traded as CVE-2017-15276. It is possible to launch the attack remotely. Furthermore, there is an exploit available.
vuldb.com
Microsoft Explains How Security Copilot in Intune and Entra Supports Security and IT Teams
7 months 1 week ago
Microsoft has detailed how its Security Copilot, an AI-powered tool, is transforming security and IT operations by embedding generative AI directly into daily workflows, aligning with Zero Trust principles to enable faster threat response and decision-making. Launched last year, Security Copilot simplifies operations for security and IT teams, reducing friction in tools like Microsoft Intune […]
The post Microsoft Explains How Security Copilot in Intune and Entra Supports Security and IT Teams appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
Aman Mishra
How SOC Teams Reduce MTTD And MTTR With Threat Context Enrichment
7 months 1 week ago
Security Operations Centers (SOCs) face a fundamental challenge: distinguishing genuine threats from false positives while maintaining rapid response times. The key to meeting this challenge lies in enriching threat data with actionable context that enables faster, more informed decision-making. Core SOC Performance Metrics SOC teams juggle multiple competing priorities while working under constant time pressure. […]
The post How SOC Teams Reduce MTTD And MTTR With Threat Context Enrichment appeared first on Cyber Security News.
Balaji N
INC
7 months 1 week ago
You must login to view this content
cohenido
INC
7 months 1 week ago
You must login to view this content
cohenido
CVE-2025-6265 | Zyxel NWA50AX PRO up to 7.10(ACGE.2) Configuration File file_upload-cgi path traversal (EUVD-2025-21410)
7 months 1 week ago
A vulnerability, which was classified as critical, was found in Zyxel NWA50AX PRO up to 7.10(ACGE.2). Affected is an unknown function of the file file_upload-cgi of the component Configuration File Handler. The manipulation leads to path traversal.
This vulnerability is traded as CVE-2025-6265. It is possible to launch the attack remotely. There is no exploit available.
vuldb.com