Microsoft patches bug in video game Age of Empires II
The vulnerability in the decades-old game could have allowed hackers to take over victims’ computers with a malicious game invite.
找到 166 篇相关文章
The vulnerability in the decades-old game could have allowed hackers to take over victims’ computers with a malicious game invite.
Microsoft's monthly release of security fixes, dubbed Patch Tuesday, resolved a record 570 security vulnerabilities across the company's product line, thanks to discoveries with AI.
The 2024 indictment, now unsealed, accuses three Russians and two web hosts of aiding hackers and profiting from cybercrime.
Introduction So imagine you are focused on your cappuccino-frappuccino doing something very important on you win laptop and then have a cringe attack due to the unknown Phone Link notification : Complete linking devices Your PC and mobile device are almost linked. Click here to continue linking devices. via Phone Link Then you switch off bluetooth, wifi, laptop - and you are right. What to do next ? Basic checks Settings -> Bluetooth & devices -> Mobile devices Settings -> Accounts -> Email & accounts Inspect recent notifications in Event Viewer eventvwr.msc Applications and Services Logs └ Microsoft └ Windows └ Notifications Applications and Services Logs └ Microsoft └ Windows └ Shell-Core Digital forensics Windows stores toast notifications in a local database, hence you need to install sqlite Get-ChildItem " $ env : LOCALAPPDATA \Microsoft\Windows\Notifications" output : Directory: C:\Users\$ USERNAME \A ppData \L ocal \M icrosoft \W indows \N otifications Mode LastWriteTime Length Name ---- ------------- ------ ---- d----- 1/1/2026 0:00 AM wpnidm -a---- 1/1/2026 0:00 AM 1000000 wpndatabase.db -a---- 1/1/2026 0:00 AM 10000 wpndatabase.db-shm -a---- 1/1/2026 0:00 AM 1000000 wpndatabase.db-wal wpndatabase.db is a SQLite database. connect to the database : sqlite3 " $env :LOCALAPPDATA \M icrosoft \W indows \N otifications \w pndatabase.db" query the Notification table . headers on . mode column SELECT Notification . Id , Notification . HandlerId , Notification . Type , Notification . ArrivalTime , Notification . Payload FROM Notification LIMIT 20 ; Then you will have something like : Id: [REDACTED] HandlerId: [REDACTED] Type: toast ArrivalTime: [REDACTED] Payload: <?xml version="1.0"?> <toast activationType= "protocol" launch= "ms-phone:fre/?cid=[REDACTED]&ref=FreIncompleteToast&reason=IncompleteNotificationsToast" > <visual> <binding template= "ToastGeneric" > <text hint-maxLines= "1" > Complete linking devices </text> <text> Your PC and mobile device are almost li
Telegram CEO Pavel Durov confirmed an outage in a tweet, saying that shortlinks to the messaging app had "stopped working."
Apple would not comment on the "security breach," which allegedly allowed a former employee to download sensitive files from Apple's network long after he departed the company for rival OpenAI.
The Cybersecurity and Infrastructure Security Agency (CISA) has issued a postmortem on a data leak in which a contractor published dozens of internal CISA credentials -- including AWS Govcloud keys -- in a public GitHub repository for almost six months before being notified by KrebsOnSecurity. Experts say the gaps identified in the agency's initial response provide important lessons that all security teams should absorb.
If you have ever logged into a corporate computer, searched for a colleague in your company’s email directory, or used a single set of credentials to access dozens of different internal applications, you have likely interacted with LDAP . Standing for Lightweight Directory Access Protocol , LDAP is an open, vendor-neutral, industry-standard application protocol for accessing and maintaining distributed directory information services over an IP network. In simpler terms, it is the underlying language that allows different systems and applications to communicate with a central directory to find information about users, devices, and permissions. Think of LDAP as a highly organized, digital phonebook. When an application needs to know if "John Doe" is a valid user and what his password is, it uses LDAP to ask the phonebook. How LDAP Organizes Data Unlike traditional relational databases (like SQL) that store data in tables, LDAP stores data in a hierarchical, tree-like structure known as the Directory Information Tree (DIT) . This makes it incredibly fast at reading and searching for information, which is exactly what an authentication system needs to do millions of times a day. Here are the core components of this structure: Root: The top level of the directory tree, usually representing the organization (e.g., dc=example, dc=com ). Branches (Organizational Units - OU): Categories or departments within the organization (e.g., ou=Marketing , ou=Servers ). Leaves (Entries): The actual objects being stored, such as a specific user, printer, or computer. Attributes: The specific pieces of data tied to an entry. For a user entry, attributes might include givenName (first name), mail (email address), and userPassword . Every entry in an LDAP directory has a unique identifier called a Distinguished Name (DN) . It acts like an absolute file path. For example, John Doe’s DN might look like this: cn=John Doe, ou=Marketing, dc=example, dc=com How Applications Talk to LDAP When an
No hacking — a passive scan only looks at what your browser already downloads when it opens a page. Here's what I found: 6 of 15 load their Supabase database directly client-side. The public API key sits in the page source. That's fine if Row-Level Security is configured right — but it's one wrong setting away from "anyone can read the whole table." 14 of 15 ship no Content-Security-Policy — a simple, high-value hardening against script injection, almost always missing. Is this theoretical? No. Two apps I audited with the owner's permission: A social app: the profiles table — user names, cities, and a password hash — readable by a logged-out stranger. Closed in an afternoon. A paid learning app: 155 paid study sheets and 4,872 answers were readable by anyone, with no account and no subscription — its entire paid catalogue, a single API call away. The paywall lived only in the front-end; the database served everything to everyone. Loading Supabase in the browser isn't the mistake. Not enforcing access in the database (RLS) is. And the tools you build with won't tell you — they'll happily ship it. If you built something on Lovable / Bolt / Replit with real users (or paying ones), it's worth 60 seconds to check what a stranger can already see. I made a free tool that runs the surface check (passive, no signup): sealdy.dev Happy to answer questions on how RLS leaks happen and how to lock them down.
For years, scam prevention has relied on a familiar instruction: educate people so they can recognise danger before they act. Public campaigns warn consumers not to click unexpected links, disclose security codes, transfer money under pressure, or trust unsolicited contact. This advice remains useful, but it places too much defensive responsibility at the final point in a long scam chain. The Australian Scams Prevention Framework, or SPF, reflects a more demanding view. The framework requires selected service providers to take action against scams connected with or using their services. Its governing logic extends across prevention, detection, reporting, disruption, response, governance and intelligence sharing.[1][2] Australia has therefore moved beyond a model in which awareness is treated as the primary control. The emerging standard is an operational system in which institutions must identify scam activity, convert reports into usable intelligence, intervene against infrastructure, assist affected consumers and learn from recurring campaigns. This distinction is important. Awareness changes what a person knows. Operational scam defence changes what a scammer can do. Awareness Operates at the Last Defensible Moment Most awareness controls activate immediately before the victim acts. A warning appears before a transfer, a browser displays a suspicious-site alert, or a public campaign advises the consumer to pause and verify. By that stage, however, the scam may already have passed through several successful phases: The victim has been reached through SMS, email, social media, a search advertisement, a phone call or a marketplace conversation. A trusted brand, institution, employer, government agency or personal identity has been impersonated. The scammer has created urgency, authority, fear, opportunity or emotional dependency. The victim has been moved to a website, app, private chat or phone conversation. Payment, credential, identity or access pressure has begu
CISA said it "missed" an opportunity to get ahead of the security incident by not creating a response plan ahead of time.
In a rare combined cybersecurity/squid post, a twenty-nine-year-old squid proxy bug can leak HTTP requests. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Blog moderation policy.
A third ransomware negotiator has been jailed for helping a notorious ransomware group extort American victim companies into paying the hackers.
certificate link: https://tryhackme.com/certificate/THM-RLPNFMYL4M My LinkedIn: https://www.linkedin.com/in/ahmedaldiab
OpenBSD Privilege Escalation, GitHub AI Agent Leaks, & CDN Supply Chain Risks Today's Highlights This week's top security news features a critical use-after-free vulnerability in OpenBSD, a novel prompt injection attack leading to private repo leaks from GitHub's AI agent, and an unusual case of obfuscated bash scripts delivered via a CDN on consumer products. OpenBSD has a use-after-free allowing local privilege escalation to root (Hacker News) Source: https://nvd.nist.gov/vuln/detail/cve-2026-57589 A newly disclosed vulnerability, CVE-2026-57589, impacts OpenBSD, a renowned security-focused operating system. The vulnerability is identified as a use-after-free (UAF) flaw, which typically occurs when a program attempts to use memory after it has been freed, often leading to crashes or arbitrary code execution. In this specific case, the UAF bug allows for local privilege escalation to root. This type of vulnerability is particularly critical for operating systems, as it can enable an unprivileged attacker with local access to gain complete control over the system. System administrators and users of OpenBSD are advised to monitor official channels for patches and apply them immediately to mitigate the risk of compromise. Understanding the underlying cause of such UAFs is crucial for developing more robust memory management practices and identifying similar vulnerabilities in other systems. Comment: This is a critical reminder for OpenBSD admins to patch immediately, as use-after-free exploits are a classic, dangerous route to full system compromise from local access. GitLost: We Tricked GitHub's AI Agent into Leaking Private Repos (Hacker News) Source: https://noma.security/blog/gitlost-how-we-tricked-githubs-ai-agent-into-leaking-private-repos/ Researchers have uncovered a significant AI-specific security vulnerability, dubbed 'GitLost,' demonstrating how GitHub's AI agent can be manipulated to leak sensitive information from private repositories. The attack leverag
The cyberattack targeting a U.S. insurance giant is the largest known breach of driver's license numbers so far in 2026.
Last week, national security agencies from the Five Eyes—that’s the rich, English-language-speaking countries club—jointly released a statement warning of the increasing cyber risks of AI models: in particular, their ability to autonomously hack into systems and networks. The statement was more measured than some of the breathless headlines about it, and the advice they gave is pretty much the standard advice everyone gives—albeit with newfound urgency. Internet risks are nothing new, and cyberattacks—both large and small—have been a significant issue since long before the current crop of generative AI models...
Burst water mains. Evacuated hospitals. In a closed-door simulation, insurers played out their response to a mass disruption by China’s Volt Typhoon hackers—and found a nightmare scenario.
id CTI-2026-0708-KAKAO title "KakaoTalk Source Code for Sale" — Anatomy of a Dark-Web Claim, the Real Target, and the Blast Radius If It's True subtitle Not a data breach but a leak of intellectual property and infrastructure. Title says KakaoTalk, repo names say ZigZag — an extortion pitch built on a misattributed target author Dennis Kim / HoKwang Kim email gameworker@gmail.com github gameworkerkim date 2026-07-08 classification TLP:GREEN severity HIGH (conditional — CRITICAL if verified) lang en tags Source-Code-Sale · Dark-Web · Extortion · Target-Misattribution · Kakao-Style · ZigZag · Supply-Chain · LLM-Weaponization · DPRK-APT · Secret-Sprawl threat_actors ExtortionLord (unidentified dark-web forum seller) frameworks MITRE ATT&CK · NIST SP 800-207 (Zero Trust) · SLSA / SSDF (SP 800-218) · PIPA Art. 34 (Korea) license CC BY-NC-SA 4.0 "KakaoTalk Source Code for Sale" — Anatomy of a Dark-Web Claim, the Real Target, and the Blast Radius If It's True Report ID CTI-2026-0708-KAKAO · Published 2026-07-08 · Classification TLP:GREEN · Severity 🔴 HIGH (conditional) Author Dennis Kim / HoKwang Kim · gameworker@gmail.com · @gameworkerkim 🌐 한국어 · English (this document) Not a data breach but a leak of intellectual property and infrastructure. The title says KakaoTalk, the repository names say ZigZag — an extortion pitch built on a misattributed target. Table of Contents Executive Summary (TL;DR) Framing — Not "What's Being Sold" but "What's at Stake" The Claim — Anatomy of the Listing The Real Target — Title Says KakaoTalk, Fingerprints Say ZigZag Credibility Assessment — Why We Can't Trust It Yet Blast Radius If True — Why It Exceeds TVING and CU Three-Breach Severity Comparison — Data Leak vs. Code/Infra Leak Korean Context — The Next Stage of the B2C Breach Chain Detection, Mitigation, and Response Recommendations Conclusion References 1. Executive Summary (TL;DR) In early July 2026, a threat actor calling itself "ExtortionLord" posted a dark-web forum listing offering
From a massive DOGE data breach and the hacking of critical energy and water systems to the hack of an FBI surveillance system, here are the most damaging security incidents and data breaches of 2026.