IT Vulnerability Report: Cyble Urges Fixes for Apple, PHP Flaws Cyble报告分析了17个漏洞，重点指出两个高风险漏洞（CVE-2025-24201和CVE-2024-4577），并提到暗网上有声称的零日漏洞在出售。研究人员建议企业及时修补漏洞、加强网络安全措施以应对威胁。... 2025-3-18 13:46:22 | 阅读: 16 | 收藏 | Over Security - Cybersecurity news aggregator - cyble.com cyble security threats exploited

Fake CEOs, Real Fraud: Singapore Authorities Warn of Deepfake Business Scams 新加坡警方、金融管理局和网络安全局联合警告称，犯罪分子利用AI生成深度伪造视频和音频，冒充公司高管诱骗员工转账。这种新型诈骗手段通过 WhatsApp 和 Zoom 进行联系，并伪造法律文件以增强可信度。企业需加强验证流程、培训员工识别异常迹象，并采用先进技术检测潜在威胁以防范此类欺诈行为。... 2025-3-17 12:33:4 | 阅读: 6 | 收藏 | Over Security - Cybersecurity news aggregator - cyble.com executives singapore fund mas security

Medusa Ransomware Hits Record Levels, FBI and CISA Provide Key Security Insights FBI和CISA发布关于Medusa勒索软件集团的警告，指出其活动激增，今年已发生60起攻击事件。该组织主要针对医疗、教育等关键基础设施行业，并利用钓鱼攻击和漏洞进行网络渗透。报告分析了其战术和技术，并强调加强网络安全防护的重要性。... 2025-3-17 11:16:18 | 阅读: 10 | 收藏 | Over Security - Cybersecurity news aggregator - cyble.com medusa ransomware cyble network remote

Apple Releases Security Updates and Rapid Security Responses for March 2025 苹果于2025年3月发布安全更新，修复了iOS、macOS、Safari和visionOS中的关键漏洞。更新主要针对WebKit组件的安全问题，防止恶意网页突破沙盒限制。这些更新适用于iPhone、iPad、Mac、Apple Vision Pro和Apple TV 4K设备。用户应尽快安装以保护设备安全。... 2025-3-13 11:48:15 | 阅读: 3 | 收藏 | Over Security - Cybersecurity news aggregator - cyble.com security webkit visionos 3rd

ENISA’s NIS360 Report Provides a Strategic View of Cybersecurity Maturity Across Critical Sectors Cyble提供针对企业和政府的AI驱动威胁情报产品及服务，包括实时威胁检测、攻击面管理、品牌保护和漏洞管理等解决方案，并为个人和企业提供暗网风险识别工具及网络扫描服务。同时支持云安全和物理安全监控，助力提升整体网络安全防护能力。... 2025-3-13 10:1:25 | 阅读: 2 | 收藏 | Over Security - Cybersecurity news aggregator - cyble.com cyble security threats monitoring proactive

CISA Adds Five New Vulnerabilities to Its Known Exploited Vulnerabilities Catalog Cyble提供多种网络安全产品和服务，包括AI驱动威胁情报平台、攻击面管理、品牌保护和暗网监控等解决方案，帮助企业及政府提升数字安全能力，并为个人提供风险识别工具。... 2025-3-12 15:16:29 | 阅读: 8 | 收藏 | Over Security - Cybersecurity news aggregator - cyble.com cyble security threats monitoring proactive

NCSC Reports Surge in Cyber Security Incidents with Financial Losses in Q4 2024 新西兰2024年第四季度网络安全报告显示，网络犯罪导致680万美元损失，较上季度增长24%。其中17起案件损失超10万美元，多起始于冒充机构的电话诈骗。尽管总报告数下降34%，但高影响事件增加至100起。... 2025-3-12 11:1:22 | 阅读: 31 | 收藏 | Over Security - Cybersecurity news aggregator - cyble.com ncsc quarter losses security phishing

How Abu Dhabi’s Markets Continue to Expand While Managing Risks Cyble提供多种网络安全解决方案，包括AI驱动的威胁情报、攻击面管理、品牌保护和漏洞管理等服务，帮助企业和政府应对数字风险。其产品涵盖实时威胁检测、暗网监控及第三方风险管理等功能。... 2025-3-11 11:19:36 | 阅读: 12 | 收藏 | Over Security - Cybersecurity news aggregator - cyble.com cyble security threats proactive monitoring

Cyble Sensors Detect Exploit Attempts on WordPress Plugins, Network Devices Cyble蜜罐传感器检测到针对WordPress插件、网络设备及防火墙等的漏洞攻击，包括远程代码执行、SQL注入等高危漏洞。威胁行为者利用这些漏洞进行勒索软件攻击或加入僵尸网络，并持续扫描易受攻击的设备。建议组织立即修补漏洞、阻止恶意IP及加强密码策略以应对持续威胁。... 2025-3-11 07:47:2 | 阅读: 28 | 收藏 | Over Security - Cybersecurity news aggregator - cyble.com cyble wordpress security network

Three VMware Zero-Days Under Active Exploitation – What You Need to Know Broadcom发布安全公告指出VMware ESXi、Workstation和Fusion存在三个零日漏洞（CVE-2024-22224/5/6），已遭野外利用。这些高危漏洞允许攻击者执行恶意代码、逃逸沙盒或泄露敏感信息。VMware已提供补丁修复，请用户立即更新以降低风险。... 2025-3-10 12:15:42 | 阅读: 20 | 收藏 | Over Security - Cybersecurity news aggregator - cyble.com security 22224 workstation attackers

ICS Vulnerability Report: Critical Flaws in CCTV, RTOS and Genome Systems Cyble报告指出近期发现的22个ICS/OT/SCADA漏洞影响多个关键行业，其中4个为高危。常见问题包括路径遍历和信息泄露。关键漏洞涉及摄像头和工业控制系统安全风险。建议组织加强网络安全措施如补丁更新、网络分段和员工培训以应对威胁。... 2025-3-10 09:15:45 | 阅读: 59 | 收藏 | Over Security - Cybersecurity news aggregator - cyble.com security cyble

Weekly Vulnerability Insights Report: Addressing Critical Vulnerabilities and Rising Exploitation Risks Cyble提供多种网络安全产品和服务，包括威胁情报平台、攻击面管理、品牌保护和漏洞管理工具，适用于企业和政府机构。其解决方案利用AI技术实时监测威胁并提供防护策略。最新报告指出近期关键漏洞风险增加。... 2025-3-7 09:31:30 | 阅读: 21 | 收藏 | Over Security - Cybersecurity news aggregator - cyble.com cyble security threats proactive cloud

U.S. Indictments Shed Light on i-Soon Hacking Tools, Methods 美国对10名中国公民提起诉讼，指控其与网络攻击公司i-Soon关联。该公司被指受中国国安部门指示，在全球进行大规模网络入侵和钓鱼攻击，并开发恶意软件及网络克隆工具。受害者包括美国政府机构及多国组织。i-Soon还向客户提供工具和服务以监控公共舆论。... 2025-3-7 08:46:40 | 阅读: 26 | 收藏 | Over Security - Cybersecurity news aggregator - cyble.com doj phishing software security mss

UAC-0173 Resumes Cyberattacks Against Ukrainian Notary Offices Using DARKCRYSTALRAT Malware 乌克兰CERT-UA发现犯罪团伙UAC-0173针对公证处发起网络攻击，通过钓鱼邮件传播恶意软件获取远程访问权限以操控国家登记册。攻击利用RDP协议、窃取凭证等手段展开。CERT-UA已缓解部分攻击。... 2025-3-6 12:1:17 | 阅读: 13 | 收藏 | Over Security - Cybersecurity news aggregator - cyble.com malicious ukraine attackers network 0173

Phantom-Goblin: Covert Credential Theft and VSCode Tunnel Exploitation 一种新型恶意软件通过伪装成PDF的LNK文件传播，利用PowerShell从GitHub下载恶意负载。该软件窃取浏览器数据、创建VSCode隧道以实现远程访问，并通过Telegram外泄数据。... 2025-3-6 08:1:26 | 阅读: 20 | 收藏 | Over Security - Cybersecurity news aggregator - cyble.com vscode powershell malicious remote tunnel

ACSC Warns of Increasing Ransomware Risks and Offers Key Protection Tips Overview The Australian Cyber Security Centre (ACSC) has issued a comprehensive report shedding li... 2025-3-5 12:46:10 | 阅读: 17 | 收藏 | Over Security - Cybersecurity news aggregator - cyble.com ransomware acsc security macros software

February Sees Record-Breaking Ransomware Attacks, New Data Shows Overview February ransomware attacks set a single-month record, according to an analysis of Cyble... 2025-3-5 12:1:23 | 阅读: 21 | 收藏 | Over Security - Cybersecurity news aggregator - cyble.com ransomware cyble cl0p claimed chart

CISA Adds New Critical Vulnerabilities to Known Exploited Vulnerabilities Catalog 美国网络安全机构CISA新增五个高危漏洞至已知被利用目录，涉及路由器、分析服务器、操作系统及网络监控工具，存在严重安全风险。... 2025-3-4 13:16:7 | 阅读: 35 | 收藏 | Over Security - Cybersecurity news aggregator - cyble.com security exploited windows 20118

AI, Ransomware, and Cyberterrorism: How UAE is Fighting 200,000 Daily Attacks OverviewThe UAE Cyber Security Council (CSC) has disclosed that the country faces ove... 2025-3-4 09:46:14 | 阅读: 21 | 收藏 | Over Security - Cybersecurity news aggregator - cyble.com threats csc security uae

Fraud and Ransomware Dominate Malaysia’s Q4 2024 Cybersecurity Report Cyble提供针对企业和政府的AI驱动网络安全解决方案，包括威胁情报、攻击面管理、漏洞管理和暗网监控等服务。其产品覆盖品牌保护、云安全及第三方风险管理等领域，并通过实时监测和自动化工具帮助企业提升数字安全能力。... 2025-3-3 13:16:4 | 阅读: 12 | 收藏 | Over Security - Cybersecurity news aggregator - cyble.com cyble security threats monitoring cloud