[每日信息流] 2024-10-29

[BruceFeIix]

每日安全资讯（2024-10-29）

• SecWiki News
  • [ ] SecWiki News 2024-10-28 Review
• The DFIR Report
  • [ ] Inside the Open Directory of the “You Dun” Threat Group
• CXSECURITY Database RSS Feed - CXSecurity.com
  • [ ] Lawo AG vsm LTC Time Sync Path Traversal
  • [ ] UP-RESULT[pro-1.0] Multiple-SQLi
  • [ ] ABB Cylon Aspect 3.08.01 getApplicationNamesJS.php Building/Project Name Exposure
• Trustwave Blog
  • [ ] Cybersecurity Awareness Month: 7 Ways to Treat Yourself to a Safer Year
• 安全客-有思想的安全新媒体
  • [ ] 让中小企业『AI』上安全运营，360态势感知解决方案升级AI含量100%
  • [ ] 美国 CISA 在其已知漏洞目录中增加了思科 ASA 和 FTD 以及 RoundCube Webmail 漏洞
  • [ ] 苹果公司为研究人员开放 PCC 源代码，以找出云计算人工智能安全漏洞
  • [ ] Change Healthcare 数据泄露事件影响超过 1 亿人
  • [ ] cve-2024-10327： Okta Verify for iOS 漏洞可能允许未经授权的访问
  • [ ] 臭名昭著的黑客组织 TeamTNT 启动新的加密货币挖矿云攻击
  • [ ] 安全外联实验室公布 “Windows 降级” 新攻击方法
  • [ ] SolarSys： 新木马框架威胁巴西银行客户
  • [ ] CVE-2024-9488 (CVSS 9.8)： wpDiscuz 插件中的身份验证绕过漏洞，80,000 多个网站面临风险
  • [ ] 四名 REvil 勒索软件成员因黑客攻击和洗钱被判刑
• 奇安信攻防社区
  • [ ] 【2024补天白帽黑客大会】视觉-语言大模型的双重威胁：从对抗到越狱攻击的深入探索
  • [ ] 【2024补天白帽黑客大会】破解人工智能“科林格里奇困境"安全赋能新质生产力发展
  • [ ] 【2024补天白帽黑客大会】数据驱动的软件安全缺陷分析与修复技术
• obaby@mars
  • [ ] 药
• Recent Commits to cve:main
  • [ ] Update Mon Oct 28 22:32:31 UTC 2024
  • [ ] Update Mon Oct 28 14:36:14 UTC 2024
  • [ ] Update Mon Oct 28 06:22:46 UTC 2024
• Files ≈ Packet Storm
  • [ ] Botan C++ Crypto Algorithms Library 3.6.1
  • [ ] Debian Security Advisory 5799-1
  • [ ] Debian Security Advisory 5798-1
  • [ ] Debian Security Advisory 5797-1
  • [ ] Debian Security Advisory 5796-1
  • [ ] ABB Cylon Aspect 3.08.01 getApplicationNamesJS.php Building/Project Name Exposure
  • [ ] Red Hat Security Advisory 2024-8235-03
• Der Flounder
  • [ ] Suppressing Apple Intelligence notifications on macOS Sequoia
  • [ ] Managing Apple Intelligence features on macOS Sequoia 15.1
  • [ ] Disabling iPhone mirroring on macOS Sequoia
• 嘶吼 RoarTalk – 网络安全行业综合服务平台,4hou.com
  • [ ] 荣誉+1！“天擎”荣获2024中国国际数字经济博览会“优秀创新成果”奖
  • [ ] 北京·2024安博会｜国投智能精彩亮相，共筑智能安防新未来
  • [ ] 安全动态回顾|国家网络安全通报中心：重点防范境外恶意网址和恶意IP Pwn2Own黑客大赛举行，三星 Galaxy S24遭遇攻击
  • [ ] Linux 上的 Intel、AMD CPU 受到新披露的 Spectre 绕过的影响
  • [ ] 国投智能并购南京金鼎科技签约仪式在厦举行
• Security Boulevard
  • [ ] The SaaS Governance Gap | Grip Security
  • [ ] Outdated SOAR Is Putting Your Organization at Risk
  • [ ] News alert: INE shares guidance to help companies invest in year-end cybersecurity, networking training
  • [ ] INE Launches Initiative to Optimize Year-End Training Budgets with Enhanced Cybersecurity and Networking Programs
  • [ ] DEF CON 32 – AppSec Village – BOLABuster-Harnessing LLMs for Automating BOLA Detection
  • [ ] NTT Data Taps Palo Alto Networks for MXDR Service
  • [ ] NIS2 Arrives with Major Changes to EU SaaS Cybersecurity
  • [ ] Data Masking Challenges: Overcoming Complexities in Multi-Database Environments
  • [ ] Randall Munroe’s XKCD ‘Sandwich Helix’
  • [ ] Top 10 Valimail Alternatives: A Complete Comparison with Pros & Cons
• 一个被知识诅咒的人
  • [ ] 【人工智能】自然语言处理（NLP）：用Python和spaCy进行文本分析的全面指南
  • [ ] 【人工智能】使用Keras构建图像分类模型：从数据预处理到模型优化的全流程解析
• Doonsec's feed
  • [ ] 马斯克征服美国的选举计划，X、特朗普和数百万美元！
  • [ ] 攻防靶场(24)：竟要拿下5个权限才算突破边界 SUNSET-MIDNIGHT
  • [ ] 如何利用JS
  • [ ] 双十一团队抽奖活动开奖啦！速来围观
  • [ ] 论一个网安人的自我修养
  • [ ] 安天网络行为检测能力升级通告（20241028）
  • [ ] 网络安全行业存在全局性问题，需要正确对待！
  • [ ] 写给网络安全/信息安全/网络空间安全同学掏心窝的话
  • [ ] 重磅！商用密码检测机构技术过审名单112家公示
  • [ ] G.O.S.S.I.P 阅读推荐 2024-10-28 Query Provenance Analysis
  • [ ] 【漏洞预警】Codezips Sales Management System信息泄露漏洞
  • [ ] 12.Fastjson（.NET）反序列化点前篇
  • [ ] 实现一个通过百度网盘中转的C2
  • [ ] 2024届龙信杯电子数据取证题解-流量分析部分
  • [ ] 自动化反编译微信小程序工具 - KillWxapkg
  • [ ] 解锁信息潜能，定制智慧未来 —— 开源情报定制化培训
  • [ ] 2024零售行业最大泄露事件，3.5亿数据被挂暗网
  • [ ] 利用Windows漏洞，攻击者能降级系统组件恢复漏洞
  • [ ] 美国超大型数据泄露事件曝光：超1亿人数据被盗
  • [ ] ADSpider：一款针对活动目录AD的实时安全监控工具
  • [ ] 自动驾驶汽车面临的新兴人工智能安全威胁——案例研究
  • [ ] 自动驾驶系统架构师在线培训课程(中级班）
  • [ ] 智能网联和自动驾驶汽车中的软件安全 .ppt
  • [ ] 【干货总结】浅谈src漏洞挖掘中容易出洞的几种姿势
  • [ ] 建了个SRC专项漏洞知识库
  • [ ] Java安全-URLDNS链审计
  • [ ] JS利用【2024至尊版】
  • [ ] 记一次有趣的地市攻防演练经历
  • [ ] MySQL为什么会有redo log和binlog两份日志
  • [ ] 价值先行：可信赖的人工智能伦理治理
  • [ ] 美国英特尔公司至今尚未收到美国政府芯片法案的任何拨款
  • [ ] 【番外篇】目前已知最大素数2^136,279,841 - 1
  • [ ] 一次URL跳转引发的账户接管
  • [ ] CTF综合工具 - ctftools-all-in-one
  • [ ] 商用密码检测机构（商用密码应用安全性评估业务）资质申请通过技术评审的机构名单公示
  • [ ] 针对 Microsoft Windows 内核的操作系统降级漏洞
  • [ ] 活动预告|Hacking Group 0772x852Ax0512A 线下沙龙活动预告
  • [ ] 教育厅短信风波：你的API安全防线真的坚不可摧吗？
  • [ ] 报告丨云安全发展研究报告（附下载）
  • [ ] 荐读 | 抗量子密码：为全球网络安全筑起新防线
• Perception Point
  • [ ] You’re Invited: Rampant Phishing Abuses Eventbrite
• CCC Event Blog
  • [ ] 38C3 Turnhallen – die preisgünstige Übernachtungsalternative
• Malwarebytes
  • [ ] Europol warns about counterfeit goods and the criminals behind them
  • [ ] A week in security (October 21 – October 27)
• Reverse Engineering
  • [ ] /r/ReverseEngineering's Weekly Questions Thread
  • [ ] Decoding BLE Packets on the FNIRSI FNB58
• Inside Stormshield
  • [ ] Deuxième étoile obtenue !
• text/plain
  • [ ] Lenovo P1, Gen7
• Panda | 热爱安全的理想少年
  • [ ] ByteCTF Guess Cookie 出题思路详解
  • [ ] spring 审计常见 tricks
• FreeBuf网络安全行业门户
  • [ ] 如何在政企环境中主动发现入侵迹象？
  • [ ] 2024零售行业最大泄露事件，3.5亿数据被挂暗网
  • [ ] 探索数智化转型时代的安全服务新业态与创新实践 | FCIS 2024大会议题前瞻
  • [ ] FreeBuf早报 | 香港禁止政务办公电脑使用个人微信；达美航空正式对CS提起诉讼
  • [ ] ADSpider：一款针对活动目录AD的实时安全监控工具
  • [ ] 利用Windows漏洞，攻击者能降级系统组件恢复漏洞
  • [ ] 美国超大型数据泄露事件曝光：超1亿人数据被盗
• 安全牛
  • [ ] 问卷调研 | 2024我国信创安全落地应用情况
  • [ ] 地缘政治冲击开源世界，Linux内核项目移除11名俄罗斯贡献者；Wi-Fi联盟测试工具或藏重大安全隐患，多款路由器面临风险|牛览
• 奇客Solidot–传递最新科技情报
  • [ ] Google Chrome 将引入 AI 执行填写表格、购物和定航班功能
  • [ ] 美国版权局拒绝用于游戏保存的 DMCA 豁免
  • [ ] 《终结者》对 AI 的刻画仍然影响我们在 AI 上的立场
  • [ ] V404 黑洞双星系统被发现是三天体系统
  • [ ] Instagram 和 Meta 会降低低观看量视频的质量
  • [ ] 开源本身不是科技巨头服务的替代
  • [ ] 韦伯望远镜发现了流浪类星体
  • [ ] 昆虫因人为环境变化而改变颜色
  • [ ] Gentoo 引入了 DTrace
  • [ ] 欧洲犯罪组织天天炸 ATM
• 威努特安全网络
  • [ ] 构建绿色网络防线，威努特上网行为审计系统护航学生健康上网
  • [ ] 附下载 | 《中国网络安全产业分析报告（2024年）》全文发布
• 安全分析与研究
  • [ ] 利用MSIX安装包传播恶意软件攻击样本的详细分析
• 腾讯玄武实验室
  • [ ] 每日安全动态推送(24/10/28)
• 代码卫士
  • [ ] Pwn2Own 2024爱尔兰黑客大赛落下帷幕 Master of Pwn 诞生
  • [ ] 因“合规要求”，Linux Kernel 清除了11名俄罗斯开发者的维护者身份
• 奇安信 CERT
  • [ ] 【已复现】Cyber​​Panel 远程命令执行漏洞(QVD-2024-44346)安全风险通告
  • [ ] 安全热点周报：UNC5820 威胁集群利用 Fortinet 零日漏洞窃取企业配置数据
• ChaMd5安全团队
  • [ ] 喜报 | ChaMd5团队荣获ByteAI安全挑战赛决赛第十名
• 看雪学苑
  • [ ] 一种apc注入型的Gamarue病毒的变种
  • [ ] 近年来最大的医疗数据泄露事件！Change Healthcare 数据泄露影响超过1亿人
  • [ ] 非虫大佬带你探索 eBPF安全开发与攻防对抗
• dotNet安全矩阵
  • [ ] .NET 一款通过COM接口绕过UAC的工具
  • [ ] .NET 内网攻防实战电子报刊
  • [ ] .NET 红队武器库和资源集合 (第43期)
• 锦行科技
  • [ ] 【网安实习生招聘】少年请留步，伯乐寻你来了！
• 数世咨询
  • [ ] AI来了：巨头尝试打造一个集成网络和安全的统一平台
  • [ ] 漫画版｜数据安全外包人员篇
• 安全内参
  • [ ] 近年最大规模！超1亿美国人医疗隐私数据被盗
  • [ ] 中南财经政法大学水卡网址打开竟是“色情网站”？学校回应
• 黑奇士
  • [ ] 10月24日深夜，滴滴企业版疑似突发故障，已是四年内第五起
• 信安之路
  • [ ] 一键检测 PbootCMS 历史漏洞
• 安全研究GoSSIP
  • [ ] G.O.S.S.I.P 阅读推荐 2024-10-28 Query Provenance Analysis
• 安全学术圈
  • [ ] 净化安全圈学术环境
• 丁爸 情报分析师的工具箱
  • [ ] 【资料】美国国防情报局编制的伊朗相关情报报告
  • [ ] 【资料】美国地质调查局发布《2020–2021年中国矿产年鉴》
• 安全圈
  • [ ] 【安全圈】中方抗议美国中情局企图蛊惑诱骗中方人员投靠
  • [ ] 【安全圈】臭名昭著的勒索软件 REvil 四名成员在俄罗斯法院被判处4~6年监禁
  • [ ] 【安全圈】美国超大型数据泄露事件曝光：超1亿人数据被盗
  • [ ] 【安全圈】利用Windows漏洞，攻击者能降级系统组件恢复漏洞
• 微步在线研究响应中心
  • [ ] 新黑产团伙“黑猫”技术细节曝光
• 情报分析师
  • [ ] 乌方特种部队如何通过互联网任务招募俄罗斯人
  • [ ] 【情报秘笈】间谍技术内部人士指南
• 复旦白泽战队
  • [ ] 实验室日常生活 | 白泽国庆出游记录（下）
• 电子物证
  • [ ] 【操作系统的隐藏方法】
  • [ ] 【数据库启动问题的处理】
• 威胁棱镜
  • [ ] 俄乌冲突下网络运营商如何加强数字主权
• 极客公园
  • [ ] 推出 AI 耳机，字节真正的野心是什么？
  • [ ] 让 AI 从「语言智能」进化到「现实智能」，这家手机公司想得最透彻
  • [ ] 雷军：小米 15 涨价，但贵得有理；微软考虑投资比特币；传任天堂 Switch 2 本周发布 | 极客早知道
• 山石网科安全技术研究院
  • [ ] Linux内核可利用的结构体总结
• 阿里安全响应中心
  • [ ] 先知安全沙龙 - 北京站 11月9日开启！
• 网安国际
  • [ ] ACM Fellow李宁辉：净化安全圈学术环境
• Securityinfo.it
  • [ ] Nuove attività di Fog e Akira: i ransomware colpiscono i dispositivi SonicWall
  • [ ] Sophos acquisisce Secureworks per ampliare l’offerta MDR e XDR
  • [ ] CERT-AGID 5-11 ottobre: Intesa Sanpaolo e Fortinet sotto attacco
• IT Service Management News
  • [ ] Privacy: sanzionato il backup delle e-mail dopo la cessazione del rapporto di lavoro
• bellingcat
  • [ ] How Russia’s Invasion Flattened a Ukrainian Border City
• Over Security - Cybersecurity news aggregator
  • [ ] PIXM Security Launches AI-Driven Zero-Day Phishing Protection for MSP Community
  • [ ] New tool bypasses Google Chrome’s new cookie encryption system
  • [ ] Texas county says 47,000 had SSNs, medical treatment info leaked during May cyberattack
  • [ ] Exchange Online adds Inbound DANE with DNSSEC for everyone
  • [ ] Wiz CEO explains why he turned down a $23 billion deal
  • [ ] Russia targets Ukrainian conscripts with Windows, Android malware
  • [ ] UK sanctions Russians over anti-Ukrainian disinformation campaigns
  • [ ] Free, France’s second largest ISP, confirms data breach after leak
  • [ ] EU president denounces Russian influence campaigns targeting Western Balkans
  • [ ] Da dove vengono questi dati rubati allo Stato - Il Post
  • [ ] U.S. Agencies Investigate China-Linked Telecom Hacks Targeting High-Profile Politicians
  • [ ] US says Chinese hackers breached multiple telecom providers
  • [ ] Sophos acquisisce Secureworks per ampliare l’offerta MDR e XDR
  • [ ] Nuove attività di Fog e Akira: i ransomware colpiscono i dispositivi SonicWall
  • [ ] Suspected Russian spies target devices of potential Ukrainian military recruits
  • [ ] New Vulnerabilities Identified in Philips Smart Lighting and Matrix Door Controller
  • [ ] ~/docs/favicon_Threat-Hunting
  • [ ] Fortinet CVE-2024-21762
  • [ ] ./cve/CVE-2024-3094/xz.wtf
  • [ ] ~/docs/audit.d
  • [ ] MadLicense
  • [ ] ~/docs/ips-ids.security
  • [ ] ~/redTeam/comsvcs-lsass.dump
  • [ ] /usr/bin/touch nuova_era
  • [ ] ~/tips/fortigate_malware.feed
  • [ ] ~/news/blocklist.news
  • [ ] Redline, Meta infostealer malware operations seized by police
  • [ ] Dozens under investigation in Italy amid scandal over hacked government databases and illegal dossiers
  • [ ] Free, France’s second-largest telecoms company, confirms being hit by cyberattack
  • [ ] 'All servers' for Redline and Meta infostealers hacked by Dutch police and FBI
  • [ ] Recent Cyber Attacks Discovered by ANY.RUN: October 2024
  • [ ] Why text/plain is evil for Web Application Firewall and Input validation
  • [ ] Building Octofence WAAP Cache System & CDN: Lessons Learned and Best Practices
  • [ ] PWNPress: collect vulnerable WordPress websites over internet
  • [ ] Unleashing the Power of Data: Indexing Over 15 Million WordPress Websites with PWNPress
  • [ ] CERT-AGID 5-11 ottobre: Intesa Sanpaolo e Fortinet sotto attacco
  • [ ] Inside the Open Directory of the “You Dun” Threat Group
• 迪哥讲事
  • [ ] 如何利用JS
• SANS Internet Storm Center, InfoCON: green
  • [ ] Apple Updates Everything, (Mon, Oct 28th)
  • [ ] Self-contained HTML phishing attachment using Telegram to exfiltrate stolen credentials, (Mon, Oct 28th)
  • [ ] ISC Stormcast For Monday, October 28th, 2024 https://isc.sans.edu/podcastdetail/9198, (Mon, Oct 28th)
• Schneier on Security
  • [ ] Criminals Are Blowing up ATMs in Germany
• Your Open Hacker Community
  • [ ] Bypass firewall
• The Hacker News
  • [ ] Chinese Hackers Use CloudScout Toolset to Steal Session Cookies from Cloud Services
  • [ ] THN Cybersecurity Recap: Top Threats, Tools and News (Oct 21 - Oct 27)
  • [ ] Russian Espionage Group Targets Ukrainian Military with Malware via Telegram
  • [ ] BeaverTail Malware Resurfaces in Malicious npm Packages Targeting Developers
  • [ ] Cybercriminals Use Webflow to Deceive Users into Sharing Sensitive Login Credentials
  • [ ] Sailing the Seven Seas Securely from Port to Port – OT Access Security for Ships and Cranes
  • [ ] Researchers Uncover OS Downgrade Vulnerability Targeting Microsoft Windows Kernel
• Blackhat Library: Hacking techniques and research
  • [ ] Methods to reveal IP behind Cloudflare?
  • [ ] Law Enforcement Hacked Infrastructure of Redline and Meta Infostealers
• Social Engineering
  • [ ] Good ways to challenge someone without harming a relationship?
• netsecstudents: Subreddit for students studying Network Security and its related subjects
  • [ ] Modern book equivalents
• Technical Information Security Content & Discussion
  • [ ] Give Me the Green Light Part 1: Hacking Traffic Control Systems
  • [ ] Privilege escalation through TPM Sniffing when BitLocker PIN is enabled
  • [ ] Anatomy of an LLM RCE
  • [ ] Engineering WCF Hacks
  • [ ] Introducing zizmor: now you can have beautiful clean workflows
• Deeplinks
  • [ ] Cop Companies Want All Your Data and Other Takeaways from This Year’s IACP Conference
  • [ ] EU to Apple: “Let Users Choose Their Software”; Apple: “Nah”
• Computer Forensics
  • [ ] Going from Audit to forensics. Need advice on tool/software based certifications.
  • [ ] 13Cubed XINTRA Lab Walkthrough
  • [ ] Referral percentage?
  • [ ] Please suggest an app that will help monitor any type of change being made to a windows [server] system
  • [ ] I want to buy "Tableau forensic bridge t35689iu"
  • [ ] App for phone Yeap
• Security Affairs
  • [ ] France’s second-largest telecoms provider Free suffered a cyber attack
  • [ ] A crime ring compromised Italian state databases reselling stolen info
  • [ ] Third-Party Identities: The Weakest Link in Your Cybersecurity Supply Chain
  • [ ] Black Basta affiliates used Microsoft Teams in recent attacks
• Dark Space Blogspot
  • [ ] Le Tecniche Di Ingegneria Sociale Più Note