unSafe.sh - 不安全
我的收藏
今日热榜
公众号文章
导航
Github CVE
Github Tools
编码/解码
文件传输
Twitter Bot
Telegram Bot
Search
Rss
黑夜模式
Open Graph Spoofing Toolkit: Old Exploitation Techniques Still in Use to Lure Social Media Users into Phishing Attacks
文章介绍了Open Graph Protocol(OGP)在社交媒体内容分享中的重要性,并揭示了名为“OG Spoof”的恶意工具包如何利用OGP漏洞进行钓鱼攻击。该工具包允许攻击者伪装链接来源、实时更改重定向目标,并通过Telegram bot操控元数据,从而误导用户点击有害链接。此类工具降低了网络攻击门槛,并可能被用于加密货币诈骗等非法活动。...
2025-2-7 13:1:33 | 阅读: 1 |
收藏
|
Over Security - Cybersecurity news aggregator - cyble.com
attackers
og
fraudulent
spoof
security
Critical Vulnerabilities Reported in Cyble’s Weekly Vulnerability Insights
Cyble报告指出,在1月29日至2月4日期间,CISA新增了五个关键漏洞至KEV目录,影响PRTG、.NET和Zyxel等系统。此外,7-Zip和Windows OLE也存在高危漏洞。地下论坛活跃分享这些漏洞的利用方法。建议企业及时更新系统、实施补丁管理策略,并加强网络安全措施以应对威胁。...
2025-2-7 11:46:13 | 阅读: 8 |
收藏
|
Over Security - Cybersecurity news aggregator - cyble.com
security
cyble
threats
exploited
U.S. Ransomware Attacks Surge to Start 2025
根据Cyble的数据分析,美国2025年初的勒索软件攻击激增了近150%,部分原因是去年部分组织支付赎金导致美国成为更有吸引力的目标。加拿大也面临类似增长。勒索软件集团如CL0P和Akira活跃度上升。建筑、医疗保健和IT等行业受创严重。尽管赎金支付有所下降,但网络安全仍需加强以应对持续威胁。...
2025-2-7 11:1:15 | 阅读: 2 |
收藏
|
Over Security - Cybersecurity news aggregator - cyble.com
ransomware
cyble
lockbit
omissions
CISA Issues Nine Critical Industrial Control Systems Advisories, Addressing Vulnerabilities in Key Equipment
这篇文章总结了美国网络安全和基础设施安全局(CISA)发布的九个工业控制系统(ICS)漏洞公告,涉及施耐德电气、罗克韦尔自动化等厂商的产品。这些漏洞可能导致拒绝服务攻击或远程代码执行等风险。CISA建议用户及时更新固件和软件,并采取安全措施如多因素认证和VPN加密通信以保护关键基础设施。...
2025-2-6 11:46:10 | 阅读: 5 |
收藏
|
Over Security - Cybersecurity news aggregator - cyble.com
remote
schneider
icsa
electric
Five Eyes Cyber Agencies Share New Security Guidelines for Edge Device Manufacturers
五眼联盟国家针对日益增长的网络威胁发布了新的指导方针,旨在加强边缘设备(如路由器、物联网传感器等)的安全性。这些设备常因配置不当或漏洞成为攻击目标。新指南要求制造商集成强大的日志记录和取证功能,并建议采用安全配置和及时更新以降低风险。...
2025-2-6 10:46:15 | 阅读: 1 |
收藏
|
Over Security - Cybersecurity news aggregator - cyble.com
security
guidelines
network
threats
CISA Adds New Vulnerabilities to Known Exploited Vulnerabilities Catalog – Critical Updates Required
CISA更新了已知被利用的漏洞目录,新增四个关键漏洞(CVE-2024-45195、CVE-2024-29059、CVE-2018-9276、CVE-2018-19410),涉及Apache OFBiz、Microsoft .NET Framework和Paessler PRTG Network Monitor。这些漏洞被积极利用,可能导致严重安全风险。CISA建议相关组织及时修补以降低风险。...
2025-2-5 12:31:12 | 阅读: 7 |
收藏
|
Over Security - Cybersecurity news aggregator - cyble.com
attackers
exploited
network
security
Australian Cyber Security Centre Urges Immediate Action to Combat Email Scammers
这篇文章介绍了Cyble公司提供的多种网络安全产品和服务,包括针对企业和政府的AI驱动威胁情报平台(如Cyble Vision和Cyble Hawk)、面向个人和企业的暗网风险管理和实时威胁检测工具(如AmIBreached和Odin by Cyble),以及涵盖攻击面管理、品牌保护、暗网监控等的全面网络安全解决方案。...
2025-2-5 10:46:19 | 阅读: 1 |
收藏
|
Over Security - Cybersecurity news aggregator - cyble.com
cyble
security
threats
monitoring
proactive
Stealthy Attack: Dual Injection Undermines Chrome’s App-Bound Encryption
这篇文章描述了一种针对越南电销和销售行业的恶意软件,通过伪装成PDF和PNG文件的ZIP传播。该恶意软件利用LNK文件创建定时任务,在内存中执行恶意代码并绕过Chrome加密窃取数据。它通过Telegram API与攻击者通信,并使用双重注入技术规避检测。...
2025-2-5 09:46:17 | 阅读: 10 |
收藏
|
Over Security - Cybersecurity news aggregator - cyble.com
chrome
malicious
injection
encryption
msbuild
DeepSeek’s Growing Influence Sparks a Surge in Frauds and Phishing Attacks
Overview DeepSeek is a Chinese artificial intelligence company that has developed open-source large...
2025-2-4 11:46:12 | 阅读: 9 |
收藏
|
Over Security - Cybersecurity news aggregator - cyble.com
deepseek
phishing
investment
qr
fraudulent
NETGEAR Urges Immediate Firmware Updates for Critical Security Flaws
Overview NETGEAR has recently addressed two critical security vulnerabilities affecting its produc...
2025-2-4 11:2:31 | 阅读: 5 |
收藏
|
Over Security - Cybersecurity news aggregator - cyble.com
firmware
netgear
security
network
Cyble Sensors Detect Attacks on Apache OFBiz, Palo Alto Networks
Overview Cyble honeypot sensors have detected new attack attempts on vulnerabilities in Palo Alto...
2025-2-3 14:1:12 | 阅读: 8 |
收藏
|
Over Security - Cybersecurity news aggregator - cyble.com
cyble
alto
palo
security
Apple Issues Security Updates for iOS, macOS, watchOS, and More—Patch Now!
Apple released urgent security updates for CVE-2025-24085, a vulnerability exploited in the wild....
2025-2-3 12:31:10 | 阅读: 6 |
收藏
|
Over Security - Cybersecurity news aggregator - cyble.com
security
24085
memory
malicious
attackers
Cyble’s Weekly Vulnerability Update: Critical SonicWall Zero-Day and Exploited Flaws Discovered
OverviewCyble’s weekly vulnerability insights to clients cover key vulnerabilities di...
2025-1-31 10:31:15 | 阅读: 13 |
收藏
|
Over Security - Cybersecurity news aggregator - cyble.com
cyble
attackers
remote
exploited
Dark Web Activity January 2025: A New Hacktivist Group Emerges
Overview Cyble dark web researchers investigated more than 250 dark web claims by threat actors i...
2025-1-31 08:1:15 | 阅读: 12 |
收藏
|
Over Security - Cybersecurity news aggregator - cyble.com
cyble
ransomware
claimed
monitoring
selling
UK, US Introduce “Content Credentials” Labeling to Counter Deepfakes, Misinformation in the Age of AI
Products For Enterprises(B2B) and Governments AI-Driven Threat Intelligence Products Cyble...
2025-1-30 11:1:19 | 阅读: 13 |
收藏
|
Over Security - Cybersecurity news aggregator - cyble.com
cyble
security
threats
cloud
monitoring
ICS Vulnerability Report: Cyble Urges Critical mySCADA Fixes
Products For Enterprises(B2B) and Governments AI-Driven Threat Intelligence Products Cyble...
2025-1-30 08:47:49 | 阅读: 7 |
收藏
|
Over Security - Cybersecurity news aggregator - cyble.com
cyble
security
threats
proactive
cloud
New ICS Vulnerabilities Discovered in Schneider Electric and B&R Automation Systems
Overview The U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued two urgent adviso...
2025-1-29 13:2:1 | 阅读: 6 |
收藏
|
Over Security - Cybersecurity news aggregator - cyble.com
schneider
electric
scadapack
network
Australia’s Health Sector Receives $6.4 Million Cybersecurity Boost with New Threat Information-Sharing Network
The Australian Government has awarded a $6.4 million grant to CI-ISAC Australia, enabling the...
2025-1-29 10:46:40 | 阅读: 5 |
收藏
|
Over Security - Cybersecurity news aggregator - cyble.com
healthcare
network
australia
isac
Critical Vulnerabilities in Node.js Expose Systems to Remote Attacks
Critical security vulnerabilities in multiple Node.js versions (v18.x, v20.x, v22.x, v23.x) pose h...
2025-1-28 12:15:48 | 阅读: 10 |
收藏
|
Over Security - Cybersecurity news aggregator - cyble.com
security
v22
v23
v20
phpMyAdmin 5.2.2 Addresses Critical XSS and Library Vulnerabilities
Overview phpMyAdmin, a popular web-based tool for managing MySQL and MariaDB databases, has recent...
2025-1-28 09:45:46 | 阅读: 6 |
收藏
|
Over Security - Cybersecurity news aggregator - cyble.com
phpmyadmin
security
malicious
database
Previous
1
2
3
4
5
6
7
8
Next