issues
search
BruceFeIix
/
picker
GNU General Public License v3.0
49
stars
6
forks
source link
[每日信息流] 2024-10-22
#1299
Open
BruceFeIix
opened
1 month ago
BruceFeIix
commented
1 month ago
每日安全资讯(2024-10-22)
Security Boulevard
[ ]
Inside the Dark Web: How Threat Actors Are Selling Access to Corporate Networks
[ ]
Are Leaders Ready to Break the Ransomware Cycle
[ ]
USENIX NSDI ’24 – DISTMM: Accelerating Distributed Multimodal Model Training
[ ]
Types of Security Audits: Overview and Best Practices
[ ]
FedRAMP Certification and Compliance: What It Is and Why It Matters
[ ]
Survey Surfaces Depth and Scope of Identity Management Challenge
[ ]
USENIX NSDI ’24 – Accelerating Neural Recommendation Training with Embedding Scheduling
[ ]
DEF CON 32 – AppSec Village – Web2 Meets Web3 Hacking Decentralized Applications
[ ]
Hurricane scammers: How to stay safe during national emergencies
[ ]
Is It Time to Move on from Your Legacy GRC Solution?
paper - Last paper
[ ]
使用 ZoomEye 平台 进行 C2 资产拓线
Files ≈ Packet Storm
[ ]
Ubuntu Security Notice USN-7077-1
[ ]
Rittal IoT Interface / CMC III Processing Unit Signature Verification / Session ID
[ ]
Paxton Net2 API License Bypass
[ ]
Debian Security Advisory 5793-1
[ ]
Helper 0.1
奇安信攻防社区
[ ]
记一次攻防样本——shellcode分析
SecWiki News
[ ]
SecWiki News 2024-10-21 Review
嘶吼 RoarTalk – 网络安全行业综合服务平台,4hou.com
[ ]
入选“2024信创500强”丨盛邦安全信创战略再升级,助力数字经济稳健前行
[ ]
盛邦安全副总裁、董秘袁先登:跳出“安全圈”看安全 探路数字经济新机遇
[ ]
安全动态回顾|9项网络安全国家标准获批发布 Google Play上超过200个恶意应用下载了数百万次
[ ]
窃取加密货币的恶意软件活动感染近3万人
[ ]
福建省唯一入围企业!国投智能入选“2024年中国网络安全前二十家企业”名单
Trustwave Blog
[ ]
Cybersecurity Awareness Month: The Great Offensive Security/Active Defense Strategy
Recent Commits to cve:main
[ ]
Update Mon Oct 21 22:28:30 UTC 2024
[ ]
Update Mon Oct 21 14:26:53 UTC 2024
[ ]
Update Mon Oct 21 06:26:59 UTC 2024
Flanker Sky
[ ]
The Return of Mystique? Possibly the most valuable userspace Android vulnerability in recent years: CVE-2024-31317
安全客-有思想的安全新媒体
[ ]
Synology Camera固件中的关键漏洞使设备面临 RCE 和 DoS 攻击
[ ]
黑客利用伪造的 ESET 电子邮件向以色列公司发送 Wiper 恶意软件
[ ]
CVE-2024-10025 (CVSS 9.1): SICK 产品中的关键漏洞使系统遭受远程攻击
[ ]
Vulnhuntr: 利用 LLM 和静态代码分析查找可利用漏洞的工具
[ ]
360与重庆理工大学达成战略合作!打造产教融合新样板
[ ]
黑客利用 Roundcube Webmail XSS 漏洞窃取登录凭证
[ ]
技术公司 F5 修补了 BIG-IP 中的一个高严重性权限提升漏洞和 BIG-IQ 中的一个中等严重性漏洞
[ ]
Mirai启发的大猩猩僵尸网络在100个国家达到了30万个目标
[ ]
“HM Surf "macOS漏洞可让攻击者访问摄像头和麦克风 - 立即修补!
[ ]
GHOSTPULSE 不断进化: 恶意软件现在隐藏在图像像素中,逃避检测
[ ]
微软 Windows 漏洞:发布 CVE-2024-30090 PoC 漏洞利用程序,构成系统特权威胁
obaby@mars
[ ]
浑浑噩噩
ElcomSoft blog
[ ]
When Speed Matters: Imaging Fast NVMe Drives
Der Flounder
[ ]
Managed Apple Accounts which were out of scope for ABM or ASM federation may be changed to be in scope by the federation process
一个被知识诅咒的人
[ ]
用C++构建自己的编译器:从词法分析到代码生成
[ ]
高效并行计算:使用C++中的std::thread实现多线程编程
cloud world
[ ]
Golang 常用的五种创建型设计模式
Doonsec's feed
[ ]
如何寻找隐藏的参数
[ ]
【漏洞情报】北大方正电子有限公司方正畅享全媒体新闻采编系统存在SQL注入漏洞
[ ]
【DFIR蘇小沐电子取证资源库】202410更新
[ ]
朝鲜渗透者的令人震惊的案件:从雇员到犯罪黑客!
[ ]
安全前沿 | 探索太空网络安全之旅
[ ]
G.O.S.S.I.P 阅读推荐 2024-10-21 广告别乱点!
[ ]
秦安:警惕美狗急跳墙!中东局势大变,中美影响力发生颠覆性变化
[ ]
牟林:这牌坊立得
[ ]
Edusrc证书·实战分享|逻辑缺陷漏洞才是最好挖的高危!
[ ]
【工具】40+思维导图和流程图工具
[ ]
【通知】11月3日-8日第11期开源情报能力提升班成都开班
[ ]
活动预告|2024星火技术生态系列活动即将于10月24—25日举办,共创开源开放未来
[ ]
记一次使用 Xposed RPC 和 BurpGuard 应对金融APP参数签名及加密的详细过程
[ ]
云原生02—K8s(全)
[ ]
软件测试顶会——ISSTA 2024 论文清单与摘要(上)
[ ]
软件测试顶会——ISSTA 2024 论文清单与摘要(下)
[ ]
最牛逼的密码暴力破解工具之一Hydra
[ ]
明源云ERP报表服务GetErpConfig.aspx接口存在敏感信息泄露漏洞 附POC
[ ]
漏洞复现|Apache OFBiz代码执行漏洞(CVE-2024-38856)
[ ]
中科院信工所招聘研究员
[ ]
热搜第一的“伏特台风”是什么风?和美国有什么关系
[ ]
国货之光颠覆传统高端耳机!不入耳,久戴不痛,万元级音效...出口全球60国家地区
[ ]
xss测试利用总结(附个人常用payload)
[ ]
SRC安全知识库,发车!
[ ]
DudeSuite Web Security Tools 渗透测试工具集
[ ]
一只八音盒
[ ]
重磅福利!玄机应急响应靶场邀请码限时领取
[ ]
src|简简单单任意用户注册
[ ]
【年会】网络与信息法学研究会2024年年会精彩观点回顾(分论坛五)
[ ]
【资讯】中共中央 国务院关于深化产业工人队伍建设改革的意见
[ ]
【资讯】山东省通管局印发《山东省工业互联网标识解析体系 “贯通产链赋能鲁造” 行动实施方案(2024-2026年)》
[ ]
【资讯】山东省通管局发布《山东信息通信业高质量发展助力新型工业化和发展新质生产力工作方案》
[ ]
【资讯】山西省通管局发布《创新信息通信行业管理优化营商环境实施意见》
[ ]
近期尽量不要随意报培训!!
[ ]
etcd未授权到控制k8s集群
[ ]
src专项学习知识库
[ ]
「漏洞复现」明源云ERP报表服务 GetErpConfig.aspx 信息泄露漏洞
[ ]
聊聊《技术的本质》
[ ]
最新最全的“美亚杯”大赛指南来了!
[ ]
2023年美亚杯资格赛实操题解(非官方-附镜像)
[ ]
应急实战(13):被上传了一堆恶意程序
[ ]
Fuzz测试之变异模糊测试
[ ]
联达动力OA UpLoadFile.aspx 任意文件上传漏洞
[ ]
明源云ERP报表服务信息泄露漏洞导致后台登录
[ ]
数据安全能力成熟度DSMM 测评师
[ ]
无影(TscanPlus) v2.6发布:弱口令连接校验
[ ]
GITEX GLOBAL 2024 圆满收官,盛邦安全为数字丝绸之路注入全新力量
[ ]
盛邦安全亮相2024年电力行业网络信息安全交流大会,荣获“闪电杯”能源行业网络安全创新实践案例大赛二等奖
[ ]
【吃瓜】重生之我在安全圈卖土豆---纪土豆哥传奇
[ ]
全球瞭望|网络安全重大事件精选(141期)
[ ]
“数据要素×”大赛全国总决赛正式开赛!
[ ]
新技术赋能数据要素安全流通
[ ]
国际 | 韩国修法严惩“深度伪造”犯罪
[ ]
一只遥控器,轻松免停车费!1.2万套设备被查
[ ]
CNVD漏洞周报2024年第42期
[ ]
【成功复现】Bazaar swaggerui任意文件读取漏洞(CVE-2024-40348)
[ ]
国外漏洞平台收集
SpiderLabs Blog
[ ]
Hooked by the Call: A Deep Dive into The Tricks Used in Callback Phishing Emails
NVISO Labs
[ ]
Hunting for Remote Management Tools: Detecting RMMs
Reverse Engineering
[ ]
/r/ReverseEngineering's Weekly Questions Thread
[ ]
Reverse Engineering LAB Setup Tutorial (updated OALABS)
[ ]
Latrodectus Loader - A year in the making
VMRay
[ ]
Latrodectus: A year in the making
Malwarebytes
[ ]
This industry profits from knowing you have cancer, explains Cody Venzke (Lock and Code S05E22)
[ ]
Internet Archive attackers email support users: “Your data is now in the hands of some random guy”
[ ]
A week in security (October 14 – October 20)
Securelist
[ ]
Stealer here, stealer there, stealers everywhere!
secret club
[ ]
‘Reflections on Trusting Trust’, but completely by accident this time
FreeBuf网络安全行业门户
[ ]
马斯克:允许第三方使用X平台用户数据训练AI
[ ]
FreeBuf早报 | 美国保险巨头遭数据勒索攻击;E2EE 云存储平台曝出严重安全漏洞
[ ]
架设IT社会信任的桥梁 | FCIS 2024议题前瞻
[ ]
ESET合作公司遭入侵,向以色列发送数据擦除程序
[ ]
微软运用欺骗性策略大规模打击网络钓鱼活动
[ ]
FreeBuf | 字节大模型被实习生投毒;新的macOS漏洞可绕过安全控制
安全牛
[ ]
14款被严重低估的安全红队测试工具推荐
[ ]
两家企业官宣重要收购计划,新一轮全球数据安全市场整合加速;字节跳动大模型训练遭实习生攻击,被指内部安全管理存在问题 | 牛览
奇客Solidot–传递最新科技情报
[ ]
Linux 6.13 预计将移除 ReiserFS 文件系统
[ ]
GNU Boot 再次发现包含非自由代码
[ ]
字节跳动以恶意干扰 AI 模型训练为由解雇了一名实习生
[ ]
更多证据表明长新冠是一种脑损伤
[ ]
微软用蜜罐大规模欺骗钓鱼者
[ ]
在致命车祸后美国调查特斯拉的 Full Self-Driving 软件
[ ]
Ubuntu 发布二十周年
体验盒子
[ ]
Flutter 中设置 Google Maps 样式深色模式
威努特安全网络
[ ]
构建高性能HPC平台:威努特分布式存储助力科研创新
白帽100安全攻防实验室
[ ]
强网拟态初赛 2024 By W&M
奇安信 CERT
[ ]
安全热点周报:OilRig 利用 Windows 内核漏洞针对阿联酋和海湾地区进行间谍活动
看雪学苑
[ ]
倒计时2天@SDC2024签到、出行指南
[ ]
长城杯初赛WP xiran_encrypto
安全客
[ ]
macOS 用户注意: Safari严重安全漏洞可致摄像头、麦克风数据被捕获
虎符智库
[ ]
分析:美国推进零信任建设的重要举措与启示
黑奇士
[ ]
突发:“易建联”微博已无法搜索,此前陷入“嫖娼丑闻”
Depy's docs
[ ]
Task - Secret
安全内参
[ ]
突破!首次利用大模型在真实环境发现十余个零日漏洞
[ ]
新加坡网络安全局发布《AI系统安全指南》
知道创宇404实验室
[ ]
原创 Paper | 使用 ZoomEye 平台 进行 C2 资产拓线
软件安全与逆向分析
[ ]
来了,Frida源码情景分析
腾讯玄武实验室
[ ]
每日安全动态推送(24/10/21)
代码卫士
[ ]
朝鲜APT被指利用IE 0day 发动供应链攻击
[ ]
Roundcube Webmail XSS 漏洞被用于窃取登录凭据
dotNet安全矩阵
[ ]
.NET 一款内网渗透中替代PowerShell的工具
[ ]
.NET内网实战:通过白名单文件反序列化漏洞绕过UAC
[ ]
.NET 10月红队武器库和资源集合 (上期)
黑哥虾撩
[ ]
聊聊《技术的本质》
威胁棱镜
[ ]
什么是负责任的 Web 服务器扫描?
青藤云安全
[ ]
邀请函 | 2024中国围棋甲级联赛成都站-青藤云安全专场冠名
安全圈
[ ]
【安全圈】罗马法院要求Cloudflare分享盗版网站运营者信息 并永久禁止其注册新域名
[ ]
【安全圈】黑客团伙Anonymous Sudan被FBI重创,组织者被判终身监禁
[ ]
【安全圈】ESET合作公司遭入侵,向以色列发送数据擦除程序
[ ]
【安全圈】微软运用欺骗性策略大规模打击网络钓鱼活动
中国信息安全
[ ]
全球视野 | 国际网安快讯(第33期)
[ ]
通知 | 国家数据局就《可信数据空间发展行动计划(2024—2028年)》向社会公开征求意见(附全文)
[ ]
专家解读 | 张向宏:激发动力 释放活力 构建畅通有序的公共数据资源开发利用体系
[ ]
关注 | 美国才是全球网络空间安全的最大威胁
[ ]
聚焦 | 2024互联网黑灰产攻防技术沙龙在京举办
[ ]
国际 | 韩国修法严惩“深度伪造”犯罪
[ ]
评论 | 持续关注网络坑老骗老现象
情报分析师
[ ]
对哈马斯领导人叶海亚·辛瓦尔遇害地点进行地理定位
[ ]
开源情报信息,一网打尽!
默安科技
[ ]
云上资产360°安全检测,默安开放CSPM限时免费体验!
数世咨询
[ ]
CISO焦虑:砸钱买工具,漏洞为何依旧“逍遥法外”?
[ ]
开启云网安新征程,云科安信与白山云达成深度战略合作
喜马拉雅安全响应平台
[ ]
秋日福利大放送,挖洞奖励享翻倍!
字节跳动技术团队
[ ]
揭秘云数仓ByteHouse四大「降本」硬招
威胁猎人Threat Hunter
[ ]
火热报名中|今年的黑灰产攻防技术沙龙都有些什么?
嘶吼专业版
[ ]
窃取加密货币的恶意软件攻击感染近3万人
[ ]
安全动态回顾|9项网络安全国家标准获批发布 Google Play上超过200个恶意应用下载了数百万次
[ ]
云时代下,如何落地有效的云安全防御体系
网络空间安全科学学报
[ ]
会议预告 | 《网络空间安全科学学报》编委会暨网络空间安全学术会议通知(第三轮)
[ ]
10月26日专题会议 | 大模型安全前沿技术
[ ]
10月26日专题会议 | 数据安全与区块链
京东安全应急响应中心
[ ]
GEEKCON倒计时3天|京东安全与您不见不散
吴鲁加
[ ]
苹果1977年的营销理念:别再草率展示你的作品
CNVD漏洞平台
[ ]
CNVD漏洞周报2024年第42期
[ ]
上周关注度较高的产品安全漏洞(20241014-20241020)
360数字安全
[ ]
360与重庆科技大学战略携手 为数字中国建设输送实战人才!
迪哥讲事
[ ]
如何寻找隐藏的参数
阿里安全响应中心
[ ]
先知先行——灯塔系列城市沙龙 · 杭州站成功举办!
bellingcat
[ ]
Stream Teams: Battery Farming Sport For Bets
IT Service Management News
[ ]
Piracy Shield e il blocco di Google Drive
Securityinfo.it
[ ]
I SOC dedicano quasi due ore al giorno all’analisi di falsi positivi
[ ]
Come funziona Cicada3301 e il suo programma per gli affiliati
SANS Internet Storm Center, InfoCON: green
[ ]
A Network Nerd's Take on Emergency Preparedness, (Tue, Oct 15th)
[ ]
ISC Stormcast For Monday, October 21st, 2024 https://isc.sans.edu/podcastdetail/9188, (Mon, Oct 21st)
Have I Been Pwned latest breaches
[ ]
Fair Vote Canada - 134,336 breached accounts
Schneier on Security
[ ]
AI and the SEC Whistleblower Program
Troy Hunt's Blog
[ ]
Weekly Update 422
Il Disinformatico
[ ]
Da oggi proseguo su Attivissimo.me, qui non ci saranno nuovi post
Over Security - Cybersecurity news aggregator
[ ]
Hackers exploit Roundcube webmail flaw to steal email, credentials
[ ]
Three Groups Strike: Meow Leaks, RansomHub, and Trinity Breach Rocky Mountain Gastroenterology, Affecting Over 169,000 Patients
[ ]
Crypto payment services firm says more than 92,000 affected by data breach
[ ]
Biden administration proposes new rules governing data transfers to adversarial nations
[ ]
Japanese watchmaker Casio warns of product delivery delays after ransomware attack
[ ]
Cyprus' critical infrastructure targeted by coordinated cyberattacks linked to pro-Palestine groups
[ ]
Over 6,000 WordPress hacked to install plugins pushing infostealers
[ ]
Akira ransomware continues to evolve
[ ]
Microsoft blocks Windows 11 24H2 on two ASUS models due to crashes
[ ]
Certain ASUS laptops get BSOD when upgrading to Windows 11 24H2
[ ]
Internet Archive hacker claims to still have access, responds to Zendesk support tickets
[ ]
Bumblebee malware returns after recent law enforcement disruption
[ ]
I SOC dedicano quasi due ore al giorno all’analisi di falsi positivi
[ ]
‘Unprecedented' interference targets Moldova's elections
[ ]
Sophos to acquire Secureworks for $859 million
[ ]
Epic vs. Google: What About Mobile Malware?
[ ]
Splunk’s Latest Advisory: Addressing Multiple Vulnerabilities in Splunk Enterprise
[ ]
Report: China’s Spamouflage disinformation campaign testing techniques on Sen. Marco Rubio
[ ]
Spate of ransomware attacks on German-speaking schools hits another in Switzerland
[ ]
Weekly Industrial Control System (ICS) Intelligence Report: 54 New Vulnerabilities in Siemens, Rockwell Automation, and Delta Products
[ ]
Sicurezza sistemi Giustizia, abbiamo un problema (di fondo)
[ ]
Stealer here, stealer there, stealers everywhere!
[ ]
Malware Analysis Report in One Click
[ ]
Come funziona Cicada3301 e il suo programma per gli affiliati
[ ]
Fair Vote Canada - 134,336 breached accounts
极客公园
[ ]
我们很少用到的 Apple Pay,为什么对苹果这么重要?
[ ]
小米3nm制程芯片成功流片;传微信测试「查找已删除自己好友」;美团辟谣骑手带患儿送外卖|极客早知道 | 极客早知道
Microsoft Browser Vulnerability Research
[ ]
Browser Security Bugs that Aren't - #2: Web Attacks
Full Disclosure
[ ]
SEC Consult SA-20241015-0 :: Multiple Vulnerabilities in Rittal IoT Interface & CMC III Processing Unit (CVE-2024-47943, CVE-2024-47944, CVE-2024-47945)
[ ]
CVE-2024-48939: Unauthorized enabling of API in Paxton Net2 software
Social Engineering
[ ]
How to deal with the golden-child coworker who is causing issues?
[ ]
Hi! I created an AI tool that allows users to talk to Robert Greene's books
[ ]
Social Engineering Conference
[ ]
Use people's assumptions on you to your advantage?
[ ]
Looking for a more competent Social Engineer to help me get evidence to get my cat back.
[ ]
How do I understand people’s headspace when playing an online game?
Deeplinks
[ ]
U.S. Border Surveillance Towers Have Always Been Broken
The Hacker News
[ ]
Chinese Nation-State Hackers APT41 Hit Gambling Sector for Financial Gain
[ ]
Guide: The Ultimate Pentest Checklist for Full-Stack Security
[ ]
THN Cybersecurity Recap: Top Threats, Tools and News (Oct 14 - Oct 20)
[ ]
Researchers Discover Severe Security Flaws in Major E2EE Cloud Storage Providers
Security Affairs
[ ]
Cisco states that data published on cybercrime forum was taken from public-facing DevHub environment
[ ]
Internet Archive was breached twice in a month
[ ]
Unknown threat actors exploit Roundcube Webmail flaw in phishing campaign
Technical Information Security Content & Discussion
[ ]
Attacking APIs using JSON Injection
netsecstudents: Subreddit for students studying Network Security and its related subjects
[ ]
Looking for Netscout Training
[ ]
Looking for resources on malware and vulnerabilities discussions for my master's thesis
Your Open Hacker Community
[ ]
How to find images not stored in APK?
[ ]
Am I wasting my time with Airgeddon?
Information Security
[ ]
Spectre flaws continue to haunt Intel and AMD as researchers find fresh attack method -- "The indirect branch predictor barrier is less of a barrier than hoped"
Computer Forensics
[ ]
Selfstudy or buying the Courses
[ ]
Virus Scan for Apple Macbook
[ ]
Oxygen Forensics
网安寻路人
[ ]
澳洲关于隐私以及开发和训练生成式人工智能模型的指南(全文翻译)
每日安全资讯(2024-10-22)