unSafe.sh - 不安全
我的收藏
今日热榜
公众号文章
导航
Github CVE
Github Tools
编码/解码
文件传输
Twitter Bot
Telegram Bot
Search
Rss
黑夜模式
France links Russian APT28 to attacks on dozen French entities
法国指责与俄罗斯有关的APT28组织对12个法国政府机构和其他实体实施网络攻击。该组织自2021年起活跃于法国多个领域,包括政府、外交、研究和金融。法国网络安全机构ANSSI报告指出,APT28利用钓鱼邮件、暴力破解和零日漏洞等手段进行间谍活动,并依赖外包基础设施以增强隐蔽性。...
2025-4-30 13:58:30 | 阅读: 6 |
收藏
|
Security Affairs - securityaffairs.com
apt28
french
anssi
france
dozen
Indian Court ordered to block email service Proton Mail
Indian Court ordered to block email service Proton MailIndian C...
2025-4-30 13:20:1 | 阅读: 32 |
收藏
|
Security Affairs - securityaffairs.com
proton
indian
swiss
india
ordered
AirBorne flaws can lead to fully hijack Apple devices
Apple的AirPlay协议和SDK中存在严重漏洞(统称为AirBorne),允许攻击者通过远程代码执行完全控制设备。研究人员发现两个关键漏洞(CVE-2025-24252和CVE-2025-24132),可实现零点击蠕虫式攻击,在未授权情况下传播恶意软件并引发间谍、勒索等威胁。苹果已修复相关问题并发布更新,建议用户及时升级以降低风险。...
2025-4-30 05:36:57 | 阅读: 31 |
收藏
|
Security Affairs - securityaffairs.com
airplay
oligo
airborne
attackers
U.S. CISA adds SAP NetWeaver flaw to its Known Exploited Vulnerabilities catalog
美国网络安全和基础设施安全局(CISA)将SAP NetWeaver的高危零日漏洞CVE-2025-31324(CVSS评分10/10)加入已知被利用漏洞目录。该漏洞源于Visual Composer Metadata Uploader缺乏授权检查,允许未认证攻击者上传恶意文件并控制目标系统。研究人员ReliaQuest发现该漏洞后报告给SAP,后者已发布修复补丁。CISA要求联邦机构于2025年5月20日前完成修复。...
2025-4-30 00:5:43 | 阅读: 34 |
收藏
|
Security Affairs - securityaffairs.com
netweaver
exploited
attackers
reliaquest
SentinelOne warns of threat actors targeting its systems and high-value clients
SentinelOne警告称,与中国有关的APT组织PurpleHaze试图对其系统和高价值客户进行侦察,并使用Go语言后门工具。该组织与已知的中国APT15有联系。此外,朝鲜网络攻击者试图通过虚假身份申请职位。这些行动突显了供应链风险和安全供应商成为目标的趋势。...
2025-4-29 18:49:15 | 阅读: 11 |
收藏
|
Security Affairs - securityaffairs.com
purplehaze
security
shadowpad
warns
Google Threat Intelligence Group (GTIG) tracked 75 actively exploited zero-day flaws in 2024
Google Threat Intelligence Group (GTIG) 在 2024 年追踪到 75 个被积极利用的零日漏洞,较 2023 年减少 98 个,但较 2022 年增加 63 个。大多数攻击针对终端用户平台,但针对企业技术的攻击有所上升,尤其是安全和网络软件成为主要目标。微软 Windows 和一些企业产品如 Ivanti、Palo Alto 和 Cisco 成为热门目标,远程代码执行和特权提升是主要攻击手段。...
2025-4-29 12:25:23 | 阅读: 9 |
收藏
|
Security Affairs - securityaffairs.com
gtig
exploited
security
windows
VeriSource data breach impacted 4M individuals
VeriSource于2024年2月发生数据泄露事件,影响400万人。泄露信息包括姓名、地址等个人数据。公司迅速采取行动并展开调查,最终确认部分敏感信息被窃取,并提供免费身份保护服务以应对潜在风险。...
2025-4-29 10:13:33 | 阅读: 10 |
收藏
|
Security Affairs - securityaffairs.com
vsi
verisource
security
network
4m
U.S. CISA adds Qualitia Active! Mail, Broadcom Brocade Fabric OS, and Commvault Web Server flaws to its Known Exploited Vulnerabilities catalog
美国网络安全和基础设施安全局(CISA)将Qualitia Active! Mail、Broadcom Brocade Fabric OS和Commvault Web Server的三个漏洞加入其已知被利用的漏洞目录,并要求联邦机构在指定日期前修复这些漏洞以防止网络攻击。...
2025-4-29 07:17:43 | 阅读: 9 |
收藏
|
Security Affairs - securityaffairs.com
commvault
brocade
exploited
fabric
The Turmoil Following BreachForums Shutdown: Confusion, Risks, and a New Beginning
BreachForums因MyBB零日漏洞被执法机构入侵而关闭,引发替代论坛涌现及潜在风险。管理员称无数据泄露,并警告用户远离克隆网站。...
2025-4-28 20:48:56 | 阅读: 40 |
收藏
|
Security Affairs - securityaffairs.com
mybb
emerged
confusion
Earth Kurma APT is actively targeting government and telecommunications orgs in Southeast Asia
Earth Kurma APT targeting Southeast Asian government and telecom sectors since 2020, using custom malware, rootkits, and cloud storage for espionage and data theft. Targets include Philippines, Vietnam, Thailand, and Malaysia. Attackers maintain persistence with tools like TESDAT, SIMPOBOXSPY, KRNRAT, and MORIYA. Data exfiltration via Dropbox and OneDrive....
2025-4-28 19:44:41 | 阅读: 12 |
收藏
|
Security Affairs - securityaffairs.com
kurma
earth
rootkits
southeast
moriya
A large-scale phishing campaign targets WordPress WooCommerce users
大型网络钓鱼活动针对WordPress WooCommerce用户,通过虚假安全警报诱骗用户下载隐藏后门的恶意补丁。该补丁创建隐藏管理员账户并下载恶意软件,控制网站服务器以进行广告注入、数据窃取等攻击活动。...
2025-4-28 11:43:54 | 阅读: 8 |
收藏
|
Security Affairs - securityaffairs.com
woocommerce
phishing
wordpress
download
wp
PoC rootkit Curing evades traditional Linux detection systems
研究人员开发了一款名为Curing的PoC rootkit,利用Linux的io_uring特性规避传统检测系统。该rootkit通过异步I/O机制实现任务执行而不依赖系统调用,使基于系统调用的安全工具失效。其影响包括多个流行的安全解决方案,并展示了与C2服务器的通信能力。...
2025-4-28 09:38:36 | 阅读: 9 |
收藏
|
Security Affairs - securityaffairs.com
curing
security
monitoring
ebpf
Attackers chained Craft CMS zero-days attacks in the wild
Orange Cyberdefense报告称,威胁 actors 利用Craft CMS的两个零日漏洞(CVE-2025-32432和CVE-2024-58136)入侵服务器并窃取数据。攻击者通过RCE漏洞上传恶意文件管理器进一步控制服务器。已有约3.5万Craft CMS实例受影响,修复版本已发布。...
2025-4-28 08:34:17 | 阅读: 29 |
收藏
|
Security Affairs - securityaffairs.com
craft
orange
csirt
Storm-1977 targets education sector with password spraying, Microsoft warns
微软警告称,威胁行为者Storm-1977利用AzureChecker.exe对教育行业云租户实施密码喷射攻击,导致账户入侵并用于挖矿。微软指出容器化资产面临多重风险,并强调保护措施的重要性。...
2025-4-27 13:12:34 | 阅读: 8 |
收藏
|
Security Affairs - securityaffairs.com
microsoft
1977
tenants
cloud
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 43
This newsletter highlights numerous cyber incidents, including data breaches at MTN Group, Cisco, and SAP; malware attacks targeting hospitals and telecom firms; ransomware campaigns by groups like LockBit and BlackCat; and state-sponsored espionage activities. It also covers vulnerabilities in software like Ivanti, Fortinet, and Apache, as well as emerging threats like AI-based attacks and supply chain compromises....
2025-4-27 08:53:11 | 阅读: 19 |
收藏
|
Security Affairs - securityaffairs.com
exploited
ransomware
security
affairs
Security Affairs newsletter Round 521 by Pierluigi Paganini – INTERNATIONAL EDITION
这篇文章总结了近期网络安全事件,包括数据泄露、勒索软件攻击、恶意软件活动以及漏洞利用,涉及医疗、金融、科技和政府等多个领域。关键事件包括针对关键基础设施的国家支持的网络间谍活动和攻击,以及广泛使用的软件中的漏洞被积极利用。文章强调了网络安全威胁的多样性和严重性。...
2025-4-27 08:38:56 | 阅读: 4 |
收藏
|
Security Affairs - securityaffairs.com
exploited
ransomware
security
affairs
African multinational telco giant MTN Group disclosed a data breach
非洲最大跨国电信公司MTN Group遭遇数据泄露事件,部分用户个人信息被暴露,但核心网络、计费系统和金融服务未受影响。公司已向南非警方报案,并将通知受影响用户,同时建议用户提高警惕并采取安全措施,目前尚无勒索软件组织声称对此负责。...
2025-4-26 19:13:17 | 阅读: 11 |
收藏
|
Security Affairs - securityaffairs.com
mtn
africa
african
subscribers
claimed
CEO of cybersecurity firm charged with installing malware on hospital systems
Jeffrey Bowie, CEO of cybersecurity firm Veritaco, is charged with installing malware on computers at Oklahoma City's St. Anthony Hospital on August 6, 2024. Security footage shows him accessing multiple offices and claiming a family member was undergoing surgery. The malware captured screenshots every 20 minutes and transmitted them externally. No patient data was accessed, and the issue was quickly contained. Bowie was arrested on April 14....
2025-4-26 07:53:27 | 阅读: 8 |
收藏
|
Security Affairs - securityaffairs.com
hospital
bowie
oklahoma
veritaco
JPCERT warns of DslogdRAT malware deployed in Ivanti Connect Secure
JPCERT警告称,Ivanti Connect Secure中的零日漏洞CVE-2025-0282被用于部署DslogdRAT恶意软件。该漏洞允许远程代码执行和权限提升。DslogdRAT具备C2通信、文件操作和命令执行功能,并使用XOR编码混淆配置数据以逃避检测。攻击者还利用了一个Perl脚本的网络shell来运行该恶意软件,并在同一系统中发现了另一个恶意软件SPAWNSNARE。...
2025-4-25 17:56:11 | 阅读: 15 |
收藏
|
Security Affairs - securityaffairs.com
dslogdrat
ivanti
jpcert
c2
attackers
SAP NetWeaver zero-day allegedly exploited by an initial access broker
SAP NetWeaver被发现零日漏洞(CVE-2025-31324),CVSS评分为满分10分。该漏洞允许未认证攻击者上传恶意文件并控制目标系统。SAP已发布补丁修复该问题。研究人员指出攻击者可能是初始访问代理,并可能利用未报告的远程文件包含漏洞进行攻击。...
2025-4-25 15:48:27 | 阅读: 5 |
收藏
|
Security Affairs - securityaffairs.com
netweaver
attackers
exploited
reliaquest
webshells
Previous
10
11
12
13
14
15
16
17
Next
