Astra Linux - уязвимость в linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: crypto: hisilicon/sec – Fixed memory leak during sec resource release The AIV is one of the SEC resources. When releasing resources, it is necessary to release the AIV resources at the same time. Otherwise, memory leaks will occu...

Siemens COMOS

SUMMARY COMOS is affected by multiple vulnerabilities that could allow an attacker to execute arbitrary code or cause denial of service condition, data infiltration or perform access control violations. Siemens has released new versions for several affected products and recommends to update to...

EUVD-2023-53990

Malicious code in bioql PyPI...

osx-security-awesome

It is an offensive tool for collecting and categorizing OSX and iOS security resources. The primary CVE ID is not present in the provided context. The target product/service or framework is not explicitly stated, but the tool appears to be collecting resources related to OSX and iOS security. The...

CISA: Industrial Control Systems Vulnerabilities and Resources

System About Files News Vote Help | Services API Advertise Contact | Account Join Login ---|---|---...

CVE-2024-43642

creationtimestamp| type| source ---|---|--- 2024-11-12 18:26:35+00:00| seen| https://www.thezdi.com/blog/2024/11/12/the-november-2024-security-update-review 2024-11-12 20:10:59+00:00| seen| https://infosec.exchange/users/cve/statuses/113471799910181368...

Security and Human Behavior (SHB) 2024

This week, I hosted the seventeenth Workshop on Security and Human Behavior at the Harvard Kennedy School. This is the first workshop since our co-founder, Ross Anderson, died unexpectedly. SHB is a small, annual, invitational workshop of people studying various aspects of the human side of...

Security and Human Behavior (SHB) 2022

Today is the second day of the fifteenth Workshop on Security and Human Behavior, hosted by Ross Anderson and Alice Hutchings at the University of Cambridge. After two years of having this conference remotely on Zoom, its nice to be back together in person. SHB is a small, annual, invitational...

多款Qualcomm产品信息泄露漏洞

A Qualcomm chip is a chip from Qualcomm Incorporated USA. A way of miniaturizing circuits mainly semiconductor devices, but also passive components, etc. and is often manufactured on the surface of semiconductor wafers. An information disclosure vulnerability exists in several Qualcomm products,...

awesome-mobile-security

It is an offensive tool for mobile security research. The repository xynsd/awesome-mobile-security is a curated collection of resources and tools for mobile security research, covering both Android and iOS platforms. It aggregates various references and tools from their respective owners, serving...

IBM Security Guardium Data Encryption 访问控制错误漏洞

IBM Security Guardium Data Encryption GDE provides a modular set of encryption solutions that help security teams effectively implement data-at-rest security across the organization. An improper privilege control vulnerability exists in IBM Security Guardium Data Encryption 3.0.0.2. An attacker...

Exploit for Buffer Underflow in Microsoft

简介 安全行业小工具以及学习资源收集项目，此项目部分内容来自：https://www.t00ls.net/thread-38964-1-1.html 感谢其分享，这里只是作为个人备份，如有问题可邮件通知。 安全资源 安全资源包括安全书籍，资料，安全教程，学习平台等等。 设备基线加固资料 https://github.com/re4lity/Benchmarks https://learn.cisecurity.org/benchmarks https://nvd.nist.gov/ncp/repository 内网渗透学习资料...

SMB Cybersecurity Catching Up to Enterprise… But the Human Element Still a Major Concern

Cyberattacks on small to medium-sized businesses SMBs are continuing at a relentless pace, with the vast majority of data breaches coming from outside the organization. Some believe hackers are aggressively targeting these smaller firms because they believe SMBs lack adequate resources and...

Security and Human Behavior (SHB) 2020

Today is the second day of the thirteenth Workshop on Security and Human Behavior. It's being hosted by the University of Cambridge, which in today's world means we're all meeting on Zoom. SHB is a small, annual, invitational workshop of people studying various aspects of the human side of...

Presentation Template: Build Your 2020 Security Plan

As the end of the year approaches, security decision makers are creating their 2020 plans and running them by management for approval. In most cases, this means requesting and making the case for the necessary resources that need to be allocated, while still providing value to the organization. T...

IBM Security Guardium Big Data Intelligence Information Disclosure Vulnerability (CNVD-2019-38279)

IBM Security Guardium Big Data Intelligence SonarG is a suite of big data security intelligence solutions from IBM, USA. The solution features interactive data exploration, automated connectivity analysis, and user activity analysis. A security vulnerability exists in IBM Security Guardium Big Da...

National Consumer Protection Week

National Consumer Protection Week NCPW is March 3–9. This annual event encourages individuals and businesses to learn about their consumer rights and how to keep themselves secure. The Federal Trade Commission FTC and its NCPW partners provide free resources to protect consumers from fraud, scams...

World Economic Forum Sees Dark Side To Connectivity

The latest edition World Economic Forum’s Global Risks Report takes a dim view of our hyper connected world. At the group’s annual meeting in Davos, Switzerland, members wrestled with the consequences of ubiquitous Internet connectivity, concluding that groups or individuals with few resources ar...

The Hacker News (THN) 1st Anniversary Celebration

The Hacker News THN 1st Anniversary Celebration It has been a wonderful "HACK" filled year as we disseminated security and hacking information around the world. We are grateful for our loyal readership and welcome new readers and contributors. Let's face it. Hacking isn't going away and growing...

The Open Pentest Bookmark Collection v1.4

We are pleased to announce the release of version 1.4 yes 1.3 squeaked by without a blog post of the Open Pentest Bookmarks Collection. They have added a large amount of community submissions, with the addition of severalnew sections. They have also moved around some of the bookmarks to better...