issues
search
BruceFeIix
/
picker
GNU General Public License v3.0
49
stars
6
forks
source link
[每日信息流] 2024-10-31
#1316
Open
BruceFeIix
opened
3 weeks ago
BruceFeIix
commented
3 weeks ago
每日安全资讯(2024-10-31)
奇安信攻防社区
[ ]
在 EDR 时代恶意软件通过虚拟化逃避终端检测
bunnie's blog
[ ]
Name that Ware, October 2024
[ ]
Winner, Name that Ware September 2024
Armin Ronacher's Thoughts and Writings
[ ]
Make It Ephemeral: Software Should Decay and Lose Data
Security Boulevard
[ ]
Cloud Security Alliance Advocates Zero Trust for Critical Infrastructure
[ ]
DEF CON 32 – AppSec Village – Maturing Your Application Security Program – SheHacksPurple
[ ]
Citrix Boosts Security for Remote Application Accesses With “More Security Layers”
[ ]
Survey Surfaces Fundamental Weaknesses in API Security
[ ]
ATPC Cyber Forum to Focus on Next Generation Cybersecurity and Artificial Intelligence Issues
[ ]
Baby Reindeer—The dangers of real-life stalkers
[ ]
DEF CON 32 – AppSec Village – Navigating The Cyber Security Labyrinth Choose Your Own Security Adventure
[ ]
Salt Security and Dazz: A Powerful Partnership for API Security
[ ]
BOFHound: AD CS Integration
[ ]
AI Cyberattacks Rise but Businesses Still Lack Insurance
SecWiki News
[ ]
SecWiki News 2024-10-30 Review
Recent Commits to cve:main
[ ]
Update Wed Oct 30 22:29:32 UTC 2024
[ ]
Update Wed Oct 30 14:35:42 UTC 2024
[ ]
Update Wed Oct 30 06:37:25 UTC 2024
嘶吼 RoarTalk – 网络安全行业综合服务平台,4hou.com
[ ]
卫星互联网产业化提速
[ ]
盛邦安全权小文:卫星互联网“落入凡间” 加密是安全防御唯一手段
[ ]
GEEKCON2024上海站收官:时刻好奇,保持乐观
[ ]
谷歌:2023年披露的被利用漏洞中有70%是零日漏洞
[ ]
2024第三届SCIC网络安全合规创新大会精彩回顾
[ ]
360 NDR获IDC首推 树立网络威胁检测与响应领域新标杆
[ ]
数字化时代的邮件安全守护者:CACTER邮件安全网关解决方案
Trustwave Blog
[ ]
E-Commerce Security Woes: Millions of Stolen User Sessions Found for Sale
obaby@mars
[ ]
运动相机初体验
[ ]
Python 解析 DLT645 协议数据
安全客-有思想的安全新媒体
[ ]
原生鸿蒙正式发布,国产操作系统进入自主可控时代
[ ]
爱尔兰数据保护委员会因侵犯GDPR而对LinkedIn罚款3100万欧元
[ ]
Black Basta附属机构在最近的攻击中使用了Microsoft Teams
[ ]
一个犯罪团伙入侵了意大利国家数据库,倒卖被盗信息
[ ]
新研究揭示最新的AMD和英特尔处理器中仍然存在Spectre漏洞
[ ]
网络钓鱼者通过Eventbrite服务接触目标
[ ]
反复出现的 Windows 漏洞可能暴露用户凭据
[ ]
Hacker Halted 2024:探讨Deepfakes与网络安全,共筑网络乌托邦
[ ]
从目录浏览分析幽盾攻击组织
[ ]
PSAUX 勒索软件正在利用 CyberPanel 中的两个最大严重性漏洞 (CVE-2024-51567、CVE-2024-51568)
Sucuri Blog
[ ]
Indonesian Gambling Redirect Hiding in Plain Sight
一个被知识诅咒的人
[ ]
【Python】深入理解Python中的上下文管理器:揭秘with语句的高级用法
[ ]
【C++】智能指针的奥秘:深度解析std::unique_ptr与std::shared_ptr
[ ]
【C++】掌握C++中的constexpr:编译时计算的奥秘与性能优化
Doonsec's feed
[ ]
CORS
[ ]
微软:俄罗斯黑客利用 RDP 窃取政府数据
[ ]
【工具更新】BurpSuite最新2024.9版Windows/Linux/Mac(附下载)
[ ]
一次代码审计项目案例
[ ]
商业奇迹!某电商APP成功的背后是一群黑客团队?
[ ]
《人才库》
[ ]
《突发》仿冒FB社区域名群发钓鱼信息?
[ ]
【资料】在反恐中利用开源情报
[ ]
总统去哪儿了?社交APP开源情报让你一探究竟!
[ ]
【干货】笑傲职场的独家经验(1)
[ ]
【干货原创】实网攻防演习常态化,会带来什么变化01
[ ]
【干货原创】K12教育,鲜为人知的模式秘密
[ ]
原创文章目录
[ ]
第八届“强网杯”全国网络安全挑战赛竞赛规程
[ ]
第八届“强网杯”全国网络安全挑战赛声明
[ ]
倒计时3天丨第八届“强网杯”线上赛一触即发
[ ]
秦安:必须拦截了,美宣布对台军售20亿美元,“包括一种新武器”
[ ]
秦安:警惕唱空中国股市的逆流,不是蠢就是坏,三大背景不容置疑
[ ]
王常胜:以色列本次袭击是多方斡旋的结果,不会引发中东大战
[ ]
【漏洞复现】Apache Solr路径身份验证绕过漏洞CVE-2024-45216
[ ]
MySQL分层结构由哪些组成?
[ ]
Rust beacon
[ ]
G.O.S.S.I.P 阅读推荐 2024-10-30 SmartAxe
[ ]
自动驾驶汽车时代的网络安全和合规性
[ ]
自动驾驶系统架构师在线培训课程(中级班)
[ ]
掌握模糊测试-如何在法规遵从中克服网络安全挑战
[ ]
攻防教程3==》社会工程学(上)
[ ]
西安旅游小攻略
[ ]
记一些SRC挖掘奇特思路案例
[ ]
建了个SRC专项漏洞知识库
[ ]
2025年毕业生简历,我腆着老脸问了一圈没人要。为什么?
[ ]
9月涉及国内的数据泄露
[ ]
伊朗黑客充当贩卖美国、加拿大和澳大利亚等国家关键基础设施访问权的经纪人
[ ]
议题征集|“智效融合,安全护航”第七期「度安讲」 技术沙龙议题报名!
[ ]
【资讯】工信部就《工业和信息化部通信工程建设领域行政处罚事项裁量权基准》公开征求意见
[ ]
【资讯】福建省工信厅发布《关于开展2024年工业机器人行业规范公告申报工作的通知》
[ ]
【资讯】黑龙江省网信办公布《“清朗”系列专项行动典型案例》
[ ]
震惊安全圈!真香定律不看后悔!
[ ]
【直播预告】:阿加犀基于SiRider S1芯擎开发板的机器人应用分享
[ ]
Linux应急响应:查看文件的创建时间
[ ]
这个健身App意外泄露多位总统的位置信息
[ ]
倒计时10天 | FCIS 2024网络安全创新大会
[ ]
AIGC场景的内生安全防御体系构建 | FCIS 2024大会议题前瞻
[ ]
PsMapExec:一款针对活动目录AD的安全检测工具
[ ]
安全从业者看过来!HTTP请求与响应结构全解析!
[ ]
你的床头灯,可能正在“偷听”!警方提醒
[ ]
12321:2024年9月被投诉钓鱼网站TOP10
[ ]
第二期圆满结束! | “浦江护航”2024 年上海市电信和互联网行业数据安全专项行动公益培训
[ ]
全国数据标准化技术委员会2024-2025年拟制修订的重点标准项目清单
[ ]
【安全圈】2024年9月涉及国内的数据泄露
[ ]
【安全圈】互联网大厂主页疑似遭到篡改?
[ ]
【安全圈】非法获取上亿条公民个人信息,一科技公司员工获刑
[ ]
【安全圈】因健身应用轨迹,贴身保镖恐泄露美国总统位置信息
[ ]
论坛·原创 | 《联合国打击网络犯罪公约》开启网络空间国际规则新篇章
[ ]
发布 | 全国数据标准化技术委员会2024-2025年拟制修订的重点标准项目清单
[ ]
专家解读 | 孟庆国:加快公共数据资源开发利用,推进数据要素市场化配置改革
Files ≈ Packet Storm
[ ]
Debian Security Advisory 5800-1
[ ]
Ubuntu Security Notice USN-7085-1
[ ]
Ubuntu Security Notice USN-7084-1
[ ]
WordPress WP-Automatic SQL Injection
[ ]
ABB Cylon Aspect 3.08.01 jsonProxy.php Username Enumeration
[ ]
ABB Cylon Aspect 3.08.01 jsonProxy.php Information Disclosure
[ ]
ABB Cylon Aspect 3.08.01 jsonProxy.php Unauthenticated Remote SSH Service Control
[ ]
ABB Cylon Aspect 3.08.01 jsonProxy.php Denial Of Service
[ ]
ABB Cylon Aspect 3.08.01 jsonProxy.php Unauthenticated Project Download
[ ]
ABB Cylon Aspect 3.08.01 jsonProxy.php Servlet Inclusion Authentication Bypass
[ ]
ABB Cylon Aspect 3.08.01 jsonProxy.php Unauthenticated Credential Disclosure
[ ]
ABB Cylon Aspect 3.08.01 jsonProxy.php Cross Site Scripting
[ ]
Red Hat Security Advisory 2024-8617-03
[ ]
Red Hat Security Advisory 2024-8616-03
[ ]
Red Hat Security Advisory 2024-8614-03
[ ]
Red Hat Security Advisory 2024-8613-03
[ ]
Red Hat Security Advisory 2024-8577-03
[ ]
Red Hat Security Advisory 2024-8572-03
[ ]
Red Hat Security Advisory 2024-8567-03
[ ]
Red Hat Security Advisory 2024-8563-03
[ ]
Red Hat Security Advisory 2024-8546-03
[ ]
Red Hat Security Advisory 2024-8543-03
[ ]
Red Hat Security Advisory 2024-8534-03
[ ]
Red Hat Security Advisory 2024-8533-03
[ ]
Red Hat Security Advisory 2024-8528-03
NVISO Labs
[ ]
How AI forces us to expand our thinking about basic cybersecurity concepts: Part 1 – Introduction
hn security
[ ]
An analysis of the Keycloak authentication system
Horizon3.ai
[ ]
2025 Fortune Cyber 60
[ ]
Horizon3.ai Named to the 2025 Fortune Cyber 60 for the Second Consecutive Year
blog.avast.com EN
[ ]
Baby Reindeer—The dangers of real-life stalkers
Reusable Security
[ ]
Running JtR's Tokenizer Attack
Malwarebytes
[ ]
Patch now! New Chrome update for two critical vulnerabilities
Reverse Engineering
[ ]
Ancient Monkey: Pwning a 17-Year-Old Version of SpiderMonkey
PortSwigger Blog
[ ]
Take control of your security posture: The Burp Suite Enterprise Edition winter update
Webroot Blog
[ ]
The new Webroot PC Optimizer boosts computer performance
daniel.haxx.se
[ ]
Eighteen years of ABI stability
Wallarm
[ ]
How to Mitigate the Latest API Vulnerability in FortiManager
FreeBuf网络安全行业门户
[ ]
因健身应用轨迹,贴身保镖恐泄露美国总统位置信息
[ ]
FreeBuf早报 | 墨西哥大型机场集团疑遭勒索攻击;开源AI/ML模型曝出30余个漏洞
[ ]
开源AI/ML模型曝出30余个漏洞,可能导致远程代码执行与信息窃取风险
安全牛
[ ]
MFA不再万能,如何守护网安第一道防线?
[ ]
法国电信巨头遭黑客入侵,近2000万用户数据现身暗网;AI安全新挑战:研究揭示ChatGPT可被十六进制代码操纵 | 牛览
Checkmarx
[ ]
Cryptocurrency Enthusiasts Targeted in Multi-Vector Supply Chain Attack
rtl-sdr.com
[ ]
SatDump 1.2.1 Released
黑海洋 - WIKI
[ ]
利用Cloudflare搭建临时域名邮箱
vivo千镜
[ ]
VDC安全与隐私会场专题解读五:AIGC新技术下安全工具的探索实践
VAADATA – Ethical Hacking Services
[ ]
What is a Race Condition? Exploitations and Security Best Practices
[ ]
PHP Security Best Practices, Vulnerabilities and Attacks
腾讯玄武实验室
[ ]
每日安全动态推送(24/10/30)
信安之路
[ ]
听劝!近期不要随意报培训!
安全内参
[ ]
开源情报显威!利用社交APP实时跟踪美俄法等国总统行踪
[ ]
苹果悬赏百万美元查找“苹果智能”安全漏洞
奇客Solidot–传递最新科技情报
[ ]
苹果将 M4 Mac Mini 电源按钮移至底部
[ ]
Dropbox 裁员五分之一
[ ]
OpenAI 与博通和台积电合作设计 AI 芯片
[ ]
X.Org Server 的一个本地提权漏洞存在了 18 年之久
[ ]
索尼关闭《星鸣特攻》开发商 Firewalk Studio
[ ]
中国三季度智能手机出货量增长 3.2%
[ ]
GitHub Copilot 将支持 Claude 3.5 和 Gemini 模型
[ ]
Open Source Initiative 宣布 Open Source AI Definition 1.0
[ ]
Fedora 41 释出
[ ]
Firefox v132.0 释出
威努特安全网络
[ ]
万物互联新时代,威努特助力企业一站式安全用网
微步在线研究响应中心
[ ]
可任意文件读取,警惕Solr身份绕过形成的漏洞利用链
安全分析与研究
[ ]
DarkGate最新攻击样本攻击链详细分析
君哥的体历
[ ]
开源安全检测的漏洞,从哪些维度考虑整改标准?两种场景下(供应链软件入库,应用投产上线)针对检测的漏洞需要强制修复吗|总第270周
青衣十三楼飞花堂
[ ]
电子书解压密码(更新)
虎符智库
[ ]
《政务大模型安全治理框架》: 揭示七大安全风险、提供治理路径
吾爱破解论坛
[ ]
【清理未活跃会员】清理2024年暑假开放注册未活跃会员公告
dotNet安全矩阵
[ ]
.NET 一款内网渗透中用于权限维持的工具
[ ]
.NET 内网攻防实战电子报刊
[ ]
.NET 一款内存加载绕过ASMI和ETW的工具
看雪学苑
[ ]
SDC2024 议题回顾 | Rust 的安全幻影:语言层面的约束及其局限性
[ ]
行踪被保镖泄露?健身APP威胁全球政要和军方机密
[ ]
更新2节:动态分析 | 看雪安卓高级研修班(月薪一万计划)
天御攻防实验室
[ ]
北约多国网络指挥官谈网络空间中的军事角色
数世咨询
[ ]
这谁防得住?Wi-Fi 联盟官方测试套件中存在命令注入漏洞
腾讯科恩实验室
[ ]
BinaryAI更新布告|漏洞存在性分析功能上线
M01N Team
[ ]
绿盟英雄帖|M01N战队研究员直聘,英雄请留步!
网安杂谈
[ ]
书生大模型实战营闯关 第二关:Python 基础知识
[ ]
书生大模型实战营闯关 第三关:Git基础知识
安全圈
[ ]
【安全圈】2024年9月涉及国内的数据泄露
[ ]
【安全圈】互联网大厂主页疑似遭到篡改?
[ ]
【安全圈】非法获取上亿条公民个人信息,一科技公司员工获刑
[ ]
【安全圈】因健身应用轨迹,贴身保镖恐泄露美国总统位置信息
情报分析师
[ ]
【秘密细节】俄罗斯与印度之间的武器合同
[ ]
开源情报信息,一网打尽!
嘶吼专业版
[ ]
GEEKCON2024上海站收官:时刻好奇,保持乐观
[ ]
谷歌:2023年披露的被利用漏洞中有70%是零日漏洞
网络空间安全科学学报
[ ]
喜报 |《网络空间安全科学学报》被哥白尼索引期刊数据库(ICI World of Journals)收录
百度安全应急响应中心
[ ]
议题征集|“智效融合,安全护航”第七期「度安讲」 技术沙龙议题报名!
360数字安全
[ ]
全球头号威胁RansomHub勒索团伙再作案,墨西哥13个机场受影响
极客公园
[ ]
对话小宇宙 Kyth:AI 时代,如何重新理解播客的价值
[ ]
81 万小米 SU7 Ultra,小订破 3680 ;苹果上新 Mac mini;比特币冲破 72000 美元 | 极客早知道
深信服千里目安全技术中心
[ ]
【漏洞通告】Apache Solr 认证绕过漏洞(CVE-2024-45216)
[ ]
【漏洞通告】CyberPanel upgrademysqlstatus接口命令执行漏洞
代码卫士
[ ]
研究员在开源AI和ML模型中发现30多个漏洞
[ ]
这个已存在18年的提权漏洞影响 X.Org 服务器
迪哥讲事
[ ]
CORS
吴鲁加
[ ]
如果你光想,不写,那你只是“以为自己想了”
Have I Been Pwned latest breaches
[ ]
TNAFlix - 1,374,344 breached accounts
[ ]
VimeWorld - 3,118,964 breached accounts
百度安全实验室
[ ]
议题征集|“智效融合,安全护航”第七期「度安讲」 技术沙龙议题报名!
Over Security - Cybersecurity news aggregator
[ ]
Interbank confirms data breach following failed extortion, data leak
[ ]
Cyber Threat Intelligence for Autodidacts
[ ]
Circola una nuova versione di Qilin, ancora più potente
[ ]
Dossieraggio, dipendenti infedeli e mercato nero dei dati. Coinvolte anche figure dell’ACN
[ ]
Microsoft Entra "security defaults" to make MFA setup mandatory
[ ]
Chinese state-backed hackers breached 20 Canadian government networks over four years, agency warns
[ ]
Election systems remain safe from foreign meddling, CISA chief says
[ ]
UnitedHealth hires cybersecurity veteran as new CISO
[ ]
QNAP patches second zero-day exploited at Pwn2Own to get root
[ ]
The FCC’s top privacy cop on how the agency views its data protection mission
[ ]
The Cybersecurity and Infrastructure Security Agency (CISA) Reports Urgent Security Updates for Apple Products
[ ]
North Korean govt hackers linked to Play ransomware attack
[ ]
BackBox Linux 9 released!
[ ]
Android malware "FakeCall" now reroutes bank calls to attackers
[ ]
Le aziende che chiedevano a Equalize di spiare i loro dipendenti - Il Post
[ ]
Hackers steal 15,000 cloud credentials from exposed Git config files
[ ]
FBI: Upcoming U.S. general election fuel multiple fraud schemes
[ ]
Change Healthcare Breach Hits 100M Americans
[ ]
An analysis of the Keycloak authentication system
[ ]
Enhancing Cryptocurrency Investigations: Flashpoint Partners with TRM Labs
[ ]
The Karma connection in Chrome Web Store
[ ]
“CrossBarking” — Exploiting a 0-Day Opera Vulnerability with a Cross-Browser Extension Store Attack
[ ]
North Korean hackers seen collaborating with Play ransomware group, researchers say
[ ]
Malware campaign expands its use of fake CAPTCHAs
[ ]
Strela Stealer targets Central and Southwestern Europe through Stealthy Execution via WebDAV
[ ]
Packers and Crypters in Malware and How to Remove Them
[ ]
Writing a BugSleep C2 server and detecting its traffic with Snort
[ ]
Spectre è ancora presente nei nuovi processori Intel e AMD
[ ]
VimeWorld - 3,118,964 breached accounts
[ ]
Russia’s ‘Midnight Blizzard’ hackers target government workers in novel info-stealing campaign
安全研究GoSSIP
[ ]
G.O.S.S.I.P 阅读推荐 2024-10-30 SmartAxe
复旦白泽战队
[ ]
盐湖城特辑|CCS'24参会记录
Schneier on Security
[ ]
Simson Garfinkel on Spooky Cryptographic Action at a Distance
Securityinfo.it
[ ]
Circola una nuova versione di Qilin, ancora più potente
[ ]
Spectre è ancora presente nei nuovi processori Intel e AMD
Blackhat Library: Hacking techniques and research
[ ]
Best Ad Network for Movie Streaming Site?
Posts By SpecterOps Team Members - Medium
[ ]
BOFHound: AD CS Integration
Computer Forensics
[ ]
Tool to determine when a PDF was created
[ ]
Arsenal: Mounting Read Only Drives
Your Open Hacker Community
[ ]
I wanna hack the audio of a prerecorded toy speaker
[ ]
Can I Capture a WPA2 Handshake with an Incorrect Password Attempt?
SANS Internet Storm Center, InfoCON: green
[ ]
Scans for RDP Gateways, (Wed, Oct 30th)
[ ]
ISC Stormcast For Wednesday, October 30th, 2024 https://isc.sans.edu/podcastdetail/9202, (Wed, Oct 30th)
Social Engineering
[ ]
what kind of stories work well where you don't reveal the outcome, where the other person must imagine how it ends themselves?
The Hacker News
[ ]
North Korean Group Collaborates with Play Ransomware in Significant Cyber Attack
[ ]
Opera Browser Fixes Big Security Hole That Could Have Exposed Your Information
[ ]
Malvertising Campaign Hijacks Facebook Accounts to Spread SYS01stealer Malware
[ ]
Researchers Uncover Python Package Targeting Crypto Wallets with Malicious Code
[ ]
Embarking on a Compliance Journey? Here’s How Intruder Can Help
Security Affairs
[ ]
Russia-linked Midnight Blizzard APT targeted 100+ organizations with a spear-phishing campaign using RDP files
[ ]
Google fixed a critical vulnerability in Chrome browser
[ ]
QNAP fixed NAS backup zero-day demonstrated at Pwn2Own Ireland 2024
Krebs on Security
[ ]
Change Healthcare Breach Hits 100M Americans
Deeplinks
[ ]
Sorry, Gas Companies - Parody Isn't Infringement (Even If It Creeps You Out)
[ ]
The Frightening Stakes of this Halloween’s Net Neutrality Hearing
[ ]
Triumphs, Trials, and Tangles From California's 2024 Legislative Session
[ ]
No Matter What the Bank Says, It's YOUR Money, YOUR Data, and YOUR Choice
Technical Information Security Content & Discussion
[ ]
Exploiting a Blind Format String Vulnerability in Modern Binaries: A Case Study from Pwn2Own Ireland 2024
[ ]
An analysis of the Keycloak authentication system
[ ]
Paranoids’ Vulnerability Research: NetIQ iManager Security Alerts | Paranoids | Yahoo Inc.
[ ]
Using AFL++ on bug bounty programs: an example with Gnome libsoup
[ ]
Give Me the Green Light Part 2: Dirty Little Secrets
国家互联网应急中心CNCERT
[ ]
网络安全信息与动态周报2024年第43期(10月21日-10月27日)
Security Weekly Podcast Network (Audio)
[ ]
Halloween, TikTok, Telcos, Win 11, Five Eyes, AWS, France, ChatGPT, and more... - SWN #426
每日安全资讯(2024-10-31)