Aggregator

最新搭建NPS内网穿透，在外轻松远程访问内网设备！非常检查的配置流程，搭配openwrt软路由来使用，非常好用！轻量级NPS内网穿透自带后台设置界面，详解如何设置客户端和服务器 安装准备：VPS...

Инцидент затронул крупнейших провайдеров страны: Bouygues, SFR и Free.

Дельта Аквариды и Альфа Каприкорниды подарят уникальное шоу.

Microsoft Security researchers have observed a vulnerability used by various ransomware operators to get full administrative access to domain-joined ESXi hypervisors and encrypt the virtual machines running on them. The vulnerability involves creating a group called “ESX Admins” in Active Directory and adding an attacker-controlled user account to this group. This manipulation of the Active Directory group takes advantage of a privilege escalation vulnerability (CVE-2024-37085) in ESXi hypervisors that grants the added user full administrative access to the ESXi hypervisor. The vulnerability was fixed by VMware in their June release and ESXi administrators should install this security update.

The post Ransomware operators exploit ESXi hypervisor vulnerability for mass encryption appeared first on Microsoft Security Blog.

SecWiki周刊（第543期) by 路人甲

面向个性化联邦学习的系统化后门攻击：方法与对抗 by 路人甲

⼤模型在⽹络安全⽅⾯的应⽤汇总 by 洞源实验室

更多最新文章，请访问SecWiki

使用dockerfile构建docker镜像，如何创建和构建 Dockerfile|构建属于自己的docker镜像，如何把镜像上传到docker hub|如何打包构建好的镜像 1、更新系统 ap...

这是一种用于秘密监控、数据收集和通过Microsoft Graph、Yandex Cloud和Dropbox云基础设施进行数据泄露的复杂网络间谍工具。

注册Gmail邮箱2024最新谷歌账号&谷歌邮箱注册教程|google账号注册|gmail邮箱注册，免手机验证|国内手机号注册|此号码无法用于验证goole|+86手机号注册google...

Как экс-президент планирует изменить будущее США с помощью криптовалюты.

Looking to strengthen your cyber defense program? Check out this new course on Salesforce Trailhead that walks you through the realistic costs of doing so.

Looking to strengthen your cyber defense program? Check out this new course on Salesforce Trailhead that walks you through the realistic costs of doing so.

Updated Mandrake samples, identified by Kaspersky, displayed enhanced obfuscation and evasion tactics

Acronis warns of a critical vulnerability in its Acronis Cyber Infrastructure (ACI) solution that is being actively exploited in the wild. Acronis is warning of a critical vulnerability, tracked as CVE-2023-45249 (CVSS score of 9.8), in its Acronis Cyber Infrastructure (ACI) solution that is being actively exploited in the wild. ACI is a comprehensive IT […]

Эксперты раскрыли схему шпионской атаки на отечественный бизнес.

For the latest discoveries in cyber research for the week of 29th July, please download our Threat Intelligence Bulletin. TOP ATTACKS AND BREACHES The Superior Court of Los Angeles was forced to shut down its network following a ransomware attack. The court, the largest in the United States, has closed all of its 36 courthouse […]

The post 29th July – Threat Intelligence Report appeared first on Check Point Research.

该研究系统化的探讨了个性化联邦学习中的后门威胁与防御方法。

An attack flow that combines API flaws within "log in with" implementations and Web injection bugs could affect millions of websites.

Утвержден список российских программ для обязательной предустановки в 2025 году.

Adversaries are employing Large Language Models to generate malicious code, delivered via phishing emails, for downloading diverse payloads, including Rhadamanthys, NetSupport, CleanUpLoader, ModiLoader, LokiBot, and Dunihi.  It indicates a concerning trend of threat actors leveraging AI to automate malware creation and distribution, posing significant challenges for cybersecurity defenses.  A broad-spectrum cyberattack campaign leverages phishing emails […]

The post Threat Actots Leveraging ChatGPT To Craft Sophisticated Attacks appeared first on GBHackers on Security | #1 Globally Trusted Cyber Security News Platform.

一切看起来似乎与原来相同，但实际早已不同。