【安全圈】Telegram惊现公开群组聊天索引机器人 抓取8.6亿名用户的560亿条发言记录
关键词数据泄露即时通讯应用Telegram近期出现了一款名为Funstatgrtbot的监控机器人,该服务引发
Aggregator
High-Severity Cloud Security Alerts Tripled in 2024
8 months 2 weeks ago
Attackers aren't just spending more time targeting the cloud — they're ruthlessly stealing more sensitive data and accessing more critical systems than ever before.
Nate Nelson, Contributing Writer
CVE-2024-45356 | Xiaomi Phone Framework missing authentication
8 months 2 weeks ago
A vulnerability was found in Xiaomi Phone Framework. It has been rated as critical. This issue affects some unknown processing. The manipulation leads to missing authentication.
The identification of this vulnerability is CVE-2024-45356. It is possible to launch the attack on the local host. There is no exploit available.
vuldb.com
Clickflix 攻击:YouTube 创作者面临的品牌合作钓鱼危机
8 months 2 weeks ago
安全客
Видеозвонок от курьера? За ним может скрываться цифровая афера
8 months 2 weeks ago
Мошенники масштабируют атаки с ИИ.
Business Email Compromise, ACH Transactions, and Liability
8 months 2 weeks ago
Business Email Compromise (BEC) fraud represents one of the most insidious threats facing businesses and individuals today.
The post Business Email Compromise, ACH Transactions, and Liability appeared first on Security Boulevard.
Mark Rasch
法治 | “AI帮你一分钟搞定问诊开药”被叫停!如何为人工智能应用划红线?
8 months 2 weeks ago
当前,多家医院引入人工智能,并将其应用于临床、科研等多个场景。甚至,有营销宣传声称——“AI帮你一分钟搞定问诊、开药”。近期,湖南省医保局印发通知明确规定:“严禁使用 AI人工智能等自动生成处方”,引发网络热议。
国际 | 瑞典政府发布《国家网络安全战略2025-2029年》
8 months 2 weeks ago
3月20日,瑞典政府正式向议会提交了《国家网络安全战略2025-2029年》,对未来五年的国家网络安全建设进行了整体谋划,以应对日益复杂的网络安全威胁,提升国家整体网络安全水平。
评论 | 筑牢人脸信息安全防线
8 months 2 weeks ago
近日,国家互联网信息办公室、公安部联合公布了《人脸识别技术应用安全管理办法》,对应用人脸识别技术处理人脸信息的基本要求、处理规则、应用安全规范、监督管理职责等作出规定,旨在进一步扎紧人脸信息保护的“篱...
评论 | 给AI生成内容加标识的治理启示
8 months 2 weeks ago
近日,国家网信办、工业和信息化部、公安部、国家广播电视总局联合发布《人工智能生成合成内容标识办法》,将于今年9月1日起施行。
通知 | 北京市网信办等三部门印发《北京市数据跨境流动便利化综合配套改革实施方案》(附全文)
8 months 2 weeks ago
近日,北京市互联网信息办公室等三部门印发《北京市数据跨境流动便利化综合配套改革实施方案》。
发布 | 《工业和信息化领域人工智能安全治理标准体系建设指南(2025)(征求意见稿)》公开征求意见(附全文)
8 months 2 weeks ago
意见反馈截止日期为2025年4月15日前。
关于第二届“长城杯”铁人三项赛(防护赛)决赛入围队伍名单公示的通知
8 months 2 weeks ago
关于第二届“长城杯”铁人三项赛(防护赛)决赛入围队伍名单公示的通知
SectopRAT:作为武器化 Cloudflare Turnstile Challenge 向 Windows 用户发起攻击
8 months 2 weeks ago
安全客
FamousSparrow resurfaces to spy on targets in the US, Latin America
8 months 2 weeks ago
Once thought to be dormant, the China-aligned group has also been observed using the privately-sold ShadowPad backdoor for the first time
大模型安全警报:你的AI客服正在泄露客户银行卡号
8 months 2 weeks ago
本研究旨在系统性分析Prompt注入的类型、攻击方式及防御策略,以提升大模型的安全性。
CVE-2011-4595 | Pretty Links Plugin up to 1.5.5 on WordPress URL Parameter cross site scripting (EDB-36408)
8 months 2 weeks ago
A vulnerability was found in Pretty Links Plugin up to 1.5.5 on WordPress. It has been classified as problematic. Affected is an unknown function of the component URL Parameter Handler. The manipulation leads to cross site scripting.
This vulnerability is traded as CVE-2011-4595. It is possible to launch the attack remotely. Furthermore, there is an exploit available.
It is recommended to upgrade the affected component.
vuldb.com
Бессмертные бэкдоры: новая тактика атак на экосистему npm
8 months 2 weeks ago
Инновационный метод позволяет хакерам навсегда сохранить доступ к скомпрометированным системам.
数据跨境 | 韩国数据安全与跨境合规实践
8 months 2 weeks ago
韩国个人信息安全法律法规及企业实践参考
新型 npm 恶意软件对热门以太坊库发动后门感染攻击
8 months 2 weeks ago
安全客