Frequent verification codes may appear for non-Mainland China IP visits. If visitors are severely affected, please send [IP|ASN](|AS14618) to the bottom mailbox to add to the whitelist


dby 19:45   Live-patching security vulnerabilities inside the Linux kernel with eBPF Linux Security Module    #CloudFlare Blog #安全文章 Learn how to patch Linux security vulnerabilities without rebooting the hardware and how to tighten the security of your Linux operating system with eBPF Linux Security Module

dby 19:06   互联网基础资源技术协议的安全发展趋势    #安全内参 #安全文章 随着互联网商业应用的兴起,互联网数据的完整性、真实性、可信性成为重要需求。在斯诺登事件之后,互联网数据的隐私性成为重要需求。

dby 19:06   Firefox 102出爐了,修補19個安全漏洞    #iThome 新聞 #社交媒体 Mozilla於28日釋出了支援Windows、macOS與Linux的Firefox 102,此一版本允許使用者關閉下載時自動開啟的下載面板,進一步改善隱私功能,且其Linux版新增對GeoClue的支援,另也修補了19個安全漏洞。當使用者利用瀏覽器下載檔案時,瀏覽器總會自動跳出一個面板,顯示正在下載的檔案與進度,但Firefox 102允許使用者關閉面板自動跳出功能。

dby 19:00   Amazon quietly patches ‘high severity’ Android photos app vulnerability    #The Record #安全文章 Amazon patched a high severity vulnerability affecting the Amazon Photos Android app in December after researchers notified them of the issue, the company disclosed Tuesday.  Researchers at cybersecurity firm Checkmarx said they discovered a bug in the app that allowed attackers to steal a user

dby 18:40   Mitre shared 2022 CWE Top 25 most dangerous software weaknesses    #Security Affairs #安全文章 The MITRE organization published the 2022 CWE Top 25 most dangerous software weaknesses. The MITRE shared the list of the 2022 top 25 most common and dangerous weaknesses, it could help organizations to assess internal infrastructure and determine their surface of attack. The presence of these vulne

dby 18:29   满帮、BOSS直聘恢复新用户注册    #安全内参 #安全文章 经报网络安全审查办公室同意,即日起恢复“运满满”“货车帮”“BOSS直聘”的新用户注册。

dby 18:25   CVE-2022-32532:Apache Shiro 身份认证绕过漏洞    #360 CERT #安全文章 2022年06月29日,360CERT监测发现 `Apache` 官方发布 `Apache Shiro` 的安全通告,漏洞编号为 `CVE-2022-32532` ,漏洞等级: `中危` ,漏洞评分: `7.5` 。

dby 18:14   ZuoRAT Hijacks SOHO Routers to Silently Stalk Networks    #alienvault #威胁情报 A report from Black Lotus Labs on a sophisticated remote access trojan campaign targeting small office/home office routers in North American and European networks from 2020-20. the first of its kind.

dby 18:06   Google設立專門推動政府服務的新部門Google Public Sector    #iThome 新聞 #社交媒体 Google於6月29日宣布設立了新的Google Public Sector部門,專門協助美國的公共部門進行數位轉型,包括聯邦、各州或各地方政府,也納入了教育機構。新的部門將暫由Google Cloud的CTO辦公室主管Will Grannis負責帶領,Google也打算替該部門尋找新的執行長。

dby 17:53   GlowSand    #alienvault #威胁情报 A look at some of the key technology and services used to protect the enterprise from cyber-attacks in Ukraine and other countries in Eastern Europe.

dby 17:38   Smash-and-grab: AstraLocker 2.0 pushes ransomware direct from Office docs    #alienvault #威胁情报 Researchers recently discovered of a new version of the AstraLocker ransomware (AstraLocker 2.0) that was being distributed directly from Microsoft Office files used as bait in phishing attacks. Analysts suggest that the threat actor responsible for this campaign likely obtained the underlying code

dby 17:36   基于区块链的跨域异构应用间可信数据交换及逻辑执行体系研究    #安全内参 #安全文章 本文以一个涉及政府、银行及其他参与方的扶贫贷款管理系统为例,尝试提出一种基于区块链技术构建的跨域异构应用间可信数据交换及逻辑执行体系,以期能助力各同业机构在最小化改造系统的基础上,实现多机构业务协同。

dby 17:31   RansomHouse gang claims to have stolen 450GB of data from chip maker giant AMD    #Security Affairs #安全文章 The RansomHouse gang claims to have breached the Chipmaker giant AMD and stole 450 GB of data from the company in 2021. The RansomHouse extortion gang claims to have stolen 450 GB of data from the chipmaker giant AMD in 2021 and threatens to leak it or sell it if the company will not pay […]Th

dby 17:31   ASMI学习-总结    #安全脉搏 #安全文章 Microsoft 开发了 AMSI(反恶意软件扫描接口)作为防御常见恶意软件执行和保护最终用户的方法。默认情况下,Windows Defender 与 AMSI API 交互以在执行期间使用 Windows Script Host 技术扫描 PowerShell 脚本、VBA 宏、JavaScript 和脚本,以防止任意执行代码。但是,其他防病毒产品可能包含对 AMSI 的支持,因此组织不限于使用 windows Defender。asmi工作原理当用户执行脚本或启动 PowerShell 时,AMSI.dll 被注入进程内存空间。在执行之前,防病毒软件使用以下两个 API 来扫描缓冲区和字

dby 17:30   Do back offices mean backdoors?    #welivesecurity(ESET) #威胁情报 War in Europe, a reminder for shared service centers and shoring operations to re-examine IT security postureThe post Do back offices mean backdoors? appeared first on WeLiveSecurity