chainreactors / picker

将repo变成RSS订阅,文章整理归档, 讨论的社区

GNU General Public License v3.0

110 stars 19 forks source link

[每日信息流] 2024-08-07 #614

Closed chainreactorbot closed 2 months ago

chainreactorbot commented 3 months ago

每日安全资讯（2024-08-07）

Doonsec's feed
- [ ] 通过远程线程注入DLL功能实现
- [ ] 通过远程线程注入DLL源码分析
- [ ] 满客宝智慧食堂管理系统selectUserByOrgId接口存在敏感信息泄露漏洞
- [ ] 世邦通信SPON IP网络对讲广播系统my_parser.php 接口处存在文件上传漏洞
- [ ] 世邦通信SPON IP网络对讲广播系统busyscreenshotpush.php 接口处存在文件上传漏洞
- [ ] 满客宝后台管理系统 downloadWebFile 任意文件读取漏洞
- [ ] Bazaar v1.4.3 任意文件读取漏洞
- [ ] 8月6日hvv情报推送
- [ ] 棱镜 | 隐藏的攻防、应急利器
- [ ] 某系统漏洞挖掘小记
- [ ] Apache OFBiz系统ProgramExport接口存在远程命令执行漏洞CVE-2024-38856 附POC
- [ ] 8.6hvv情报
- [ ] 【漏洞通告】Apache OFBiz 存在代码注入漏洞CVE-2024-38856
- [ ] 安全研究｜公开冰蝎传输协议RCE漏洞
- [ ] 《诗词游记》第352期：幸甚出陇山
- [ ] 《诗词游记》第353期：青山环坐莲
- [ ] 《诗词游记》第354期：钓鱼石痕深
- [ ] 【HVV情报】2024-08-06
- [ ] Hvv-day12威胁情报日记
- [ ] nuclei-快速漏洞扫描器【安装&使用详解】
- [ ] MPEGTSUtils逆向工程
- [ ] 国家互联网信息办公室关于发布第七批深度合成服务算法备案信息的公告
- [ ] 江苏组建省数据集团，注册资本30亿元
- [ ] 从“蓝屏事件”说开来：“网络卫士”实为“黑客帝国”
- [ ] 行业动态 | 网安重大事件精选
- [ ] 观点｜构建生成式人工智能分层治理体系
- [ ] 知名电子大厂因勒索攻击损失超1.2亿元，此前曾停运两周
- [ ] 防护验证通告|Apache OFBiz 未授权访问致代码执行漏洞(CVE-2024-38856)
- [ ] 阳阳，要不你把香蕉哥开了吧
- [ ] 网络技术领域专业术语大全，200个术语！收藏收藏！
- [ ] 世界历史上十大死亡最多的时期
- [ ] Apache OFBiz ERP 中的新零日漏洞允许远程代码执行
- [ ] 2024星火全连接活动首场“标识+园区”，议程来了！
- [ ] 分享的图片、视频、链接
- [ ] 记一次Ueditor上传Bypass
- [ ] 安全小报
- [ ] 【漏洞预警】Roundcube Webmail跨站脚本漏洞（CVE-2024-42009、CVE-2024-42008）
- [ ] 某系统回显SSRF+文件上传0Day审计过程
- [ ] 《信息技术大数据数据治理实施指南》GB/T 44109-2024解析与下载
- [ ] 浅谈AV&EDR Bypass之道-C免杀上线C2
- [ ] 【资讯】国家网信办发布《第七批深度合成服务算法备案信息》
- [ ] 【资讯】工信部办公厅发布《关于组织开展2024年物联网赋能行业发展典型案例征集工作的通知》
- [ ] 【资讯】《关于开展2024年度国家知识产权信息公共服务网点备案及2021年度国家知识产权信息公共服务网点续期工作的通知》
- [ ] 重保战报20240806｜通知类定向钓鱼文件
- [ ] CISO应该对AI说“不”！
- [ ] 知道创宇推出小微企业免费云防御计划
- [ ] 阿里高薪诚招webshell检测安全工程师、网络流量安全技术、安全工程师
- [ ] 探索AI聊天机器人工作流程实现RCE
- [ ] 3.Wireshark导出SMB流量恶意文件
- [ ] Python解包及反编译
- [ ] 沈阳深蓝常规项目招录
- [ ] 论坛·原创 | 新技术环境下保密工作面临的挑战和应对策略
- [ ] 关注 | 从“蓝屏事件”说开来：“网络卫士”实为“黑客帝国”
- [ ] 发布 | 工信部印发《关于创新信息通信行业管理优化营商环境的意见》（附全文）
- [ ] 前沿 | 欧盟《人工智能法案》生效将完善监管规则
- [ ] 法治 | 加强算法风险侵权法律规制
- [ ] 专家观点 | 如何加强数据知识产权保护
- [ ] 评论 | 针对网络传销新变化开展精准治理
- [ ] 网安一哥拿的是投资款还是救济款？
- [ ] 亿赛通CDG产品补丁下载（20240806）
- [ ] 【8/6特辑】今日热点漏洞请查收
Files ≈ Packet Storm
- [ ] Korenix JetPort Series 1.2 Command Injection / Insufficient Authentication
- [ ] Microweber 2.0.15 Cross Site Scripting
- [ ] Gentoo Linux Security Advisory 202408-02
- [ ] eduAuthorities 1.0 SQL Injection
- [ ] Gentoo Linux Security Advisory 202408-01
- [ ] Concert Ticket Reservation System 1.0 SQL Injection
- [ ] Computer Laboratory Management System 1.0 Insecure Settings
- [ ] Ubuntu Security Notice USN-6200-2
- [ ] Codeprojects E-Commerce 1.0 Cross Site Scripting
- [ ] Blog Site 1.0 Cross Site Scripting
- [ ] Red Hat Security Advisory 2024-5001-03
奇安信攻防社区
- [ ] 2024 RWCTF群晖 BC500摄像头RCE--未授权+栈溢出
Private Feed for M09Ic
- [ ] phith0n starred ariga/atlas
- [ ] kpcyrd starred rustls/homebrew-tap
- [ ] CHYbeta starred synacktiv/octoscan
- [ ] DVKunion starred ssut/payload-dumper-go
- [ ] DVKunion forked DVKunion/KernelSU from tiann/KernelSU
- [ ] Rvn0xsy starred joaoviictorti/shadow-rs
- [ ] Rvn0xsy created a repository Rvn0xsy/zinc-client
- [ ] gh0stkey started following yj94
- [ ] gh0stkey starred yj94/BinarySpy
- [ ] timwhitez starred tandasat/ExploitCapcom
- [ ] wabzsy starred coreos/go-oidc
- [ ] timwhitez starred WKL-Sec/LayeredSyscall
- [ ] gh0stkey starred Ackites/KillWxapkg
- [ ] liamg released v0.0.5 at liamg/loading
- [ ] threedr3am starred skylot/jadx
- [ ] LloydLabs starred PwCUK-CTO/iis-helper-plugin
- [ ] wabzsy starred zitadel/oidc
- [ ] Rvn0xsy starred iyear/tdl
- [ ] phith0n starred bazingaedward/monaco-editor-vue3
Twitter @Nicolas Krassas
- [ ] Sonic Automotive says ransomware-linked CDK software outage cost it $30M https://go.theregister.com/feed/www.theregister.com/2024/08/06/sonic_automoti...
- [ ] Samsung to pay $1,000,000 for RCEs on Galaxy’s secure vault https://www.bleepingcomputer.com/news/security/samsung-to-pay-1-000-000-for-rces-on-galax...
- [ ] Hunters International Disguises SharpRhino RAT as Legitimate Network Admin Tool https://www.darkreading.com/cyberattacks-data-breaches/hunters-interna...
- [ ] INTERPOL Recovers $41 Million in Largest Ever BEC Scam in Singapore https://thehackernews.com/2024/08/interpol-recovers-41-million-in-largest.html
- [ ] Hacker wipes 13,000 devices after breaching classroom management platform https://www.bleepingcomputer.com/news/security/hacker-wipes-13-000-devices-a...
- [ ] Over 300M scraped http://SOCRadar.io emails exposed https://www.scmagazine.com/brief/over-300m-scraped-socradar-io-emails-exposed
- [ ] Key Tronic's ransomware-related losses exceed $17M https://www.scmagazine.com/brief/key-tronics-ransomware-related-losses-exceed-17m
- [ ] France's Grand Palais discloses cyberattack during Olympic games https://www.bleepingcomputer.com/news/security/frances-grand-palais-discloses-cyberat...
- [ ] Bad apps bypass Windows security alerts for six years using newly unveiled trick https://go.theregister.com/feed/www.theregister.com/2024/08/06/bad_ap...
- [ ] Vestaboard: Exploring Broken Access Controls and Privilege Escalation https://rhinosecuritylabs.com/research/vestaboard-vulnerabilities/
- [ ] Proton Ransomware Evolves With Latest Zola Variant https://packetstormsecurity.com/news/view/36181/Proton-Ransomware-Evolves-With-Latest-Zola-Variant....
- [ ] Thousands Of Devices Wiped Remotely Following Mobile Guardian Hack https://packetstormsecurity.com/news/view/36182/Thousands-Of-Devices-Wiped-Remotely...
- [ ] Rockwell PLC Security Bypass Threatens Manufacturing Processes https://www.darkreading.com/ics-ot-security/rockwell-plc-security-bypass-threatens-manu...
- [ ] North Korean Hackers Moonstone Sleet Push Malicious JS Packages to npm Registry https://thehackernews.com/2024/08/north-korean-hackers-moonstone-sleet...
- [ ] Samsung Boosts Bug Bounty Program: $1 Million Top Prize for Mobile Vulnerabilities https://securityonline.info/samsung-boosts-bug-bounty-program-1-mil...
- [ ] CVE-2024-22169: Western Digital’s WD Discovery App Exposed to Code Execution Vulnerability https://securityonline.info/cve-2024-22169-western-digital...
- [ ] New Android Spyware LianSpy Evades Detection Using Yandex Cloud https://thehackernews.com/2024/08/new-android-spyware-lianspy-evades.html
- [ ] Medusa Ransomware Group’s OPSEC Failure: Infiltrating Their Cloud Storage https://darkatlas.io/blog/medusa-ransomware-group-opsec-failure
- [ ] Billion-dollar bust as international op shutters Cryptonator wallet https://go.theregister.com/feed/www.theregister.com/2024/08/06/cryptonator_closure...
- [ ] Google’s Billion-Dollar Apple Search Deal Deemed Illegal https://securityonline.info/googles-billion-dollar-apple-search-deal-deemed-illegal/
CXSECURITY Database RSS Feed - CXSecurity.com
- [ ] Genexus Protection Server 9.7.2.10 Unquoted Service Path
- [ ] Linux DRM drm_file_update_pid() Race Condition / Use-After-Free
- [ ] Ivanti ADC 9.9 Authentication Bypass
- [ ] Korenix JetPort Series 1.2 Command Injection / Insufficient Authentication
- [ ] eduAuthorities-1.0 Multiple-SQLi
Recent Commits to cve:main
- [ ] Update Tue Aug 6 22:31:01 UTC 2024
- [ ] Update Tue Aug 6 14:39:50 UTC 2024
嘶吼 RoarTalk – 网络安全行业综合服务平台,4hou.com
- [ ] “职”属于你的Offer | 中电安科多个岗位热招
- [ ] XCon2024议题：LLM Infra Security：大模型供应链的阿喀琉斯之踵
- [ ] 当鱼叉式网络钓鱼遇到大规模网络钓鱼
安全客-有思想的安全新媒体
- [ ] 生成式人工智能的伦理治理与风险防控——破解科林格里奇困境的新路径
- [ ] 中国视角下的网络信息安全监管法治化建设与体系化发展
- [ ] 危害严重的 Apache OFBiz 未授权远程代码执行漏洞需立即修复
- [ ] 研究人员发现 Windows 智能应用控制和 SmartScreen 中的漏洞
- [ ] 数以万计的Ubiquiti物联网摄像头与路由器成为黑客的攻击目标
- [ ] Rockwell Automation ControlLogix 1756 中存在一个未经授权的访问漏洞
- [ ] SnakeKeylogger潜入Windows 收件箱以窃取敏感机密
- [ ] 新的Android木马“BlankBot”针对土耳其用户的财务数据
- [ ] 白宫和欧盟委员会启动1500万美元的网络安全奖学金计划
- [ ] APT 组织 StormBamboo 通过 DNS 欺骗攻击 ISP 客户
- [ ] 骗子利用谷歌广告系统诱导用户下载有问题的软件
- [ ] ISC.AI 2024第二届全国信息安全产教融合发展大会圆满召开
- [ ] 弘扬数字时代青年力量，ISC.AI 2024漏洞生态与实战人才发展论坛召开
Tenable Blog
- [ ] Do You Think You Have No AI Exposures? Think Again
- [ ] Never Trust User Inputs -- And AI Isn't an Exception: A Security-First Approach
Trustwave Blog
- [ ] Trustwave Managed Vulnerability Scanning Shines a Light on Vulnerabilities
Security Boulevard
- [ ] How AHEAD Enhanced SecOps Efficiency with Low-code Security Automation
- [ ] USENIX Security ’23 – Prime Match: A Privacy-Preserving Inventory Matching System
- [ ] Joint Certification Program (DD 2345)
- [ ] Daniel Stori’s ‘The chroot Case’
- [ ] Breach Debrief Series: EchoSpoofing Phishing Campaign Exploiting Proofpoint’s Email Protection
- [ ] Why API Security Testing Matters – Learning from Tracfone
- [ ] DataDome Now Protects Keycloak IAM
- [ ] The Prevalence of DarkComet in Dynamic DNS
- [ ] USENIX Security ’23 – FreeEagle: Detecting Complex Neural Trojans in Data-Free Cases
- [ ] Understanding the Dark Web: A Hidden Realm
obaby@mars
- [ ] Delphi7 idhttpserver Post Json
GuidePoint Security
- [ ] White House Memo Pushes Federal Agencies on Cybersecurity
Horizon3.ai
- [ ] Tech Ascension 2024 Best Cloud Security Solution
- [ ] Tech Mahindra and Horizon3.ai Partner to Enhance AI-based Cyber Resilience for Global Customers
Webroot Blog
- [ ] AI in Education: Balancing Innovation with Security
Reverse Engineering
- [ ] Master Your Craft - Tavis Ormandy Analysis on The CrowdStrike Incident
daniel.haxx.se
- [ ] libcurl is 24 years old
Microsoft Security Response Center
- [ ] Congratulations to the MSRC 2024 Most Valuable Security Researchers!
杨龙
- [ ] CSS防止顶部和底部margin溢出影响父元素
安全牛
- [ ] 借口国家安全，美国商务部要求在自动驾驶汽车中禁用我国软件；Linux内存分配错误或可导致对内核内存的任意读写 | 牛览
- [ ] 加大预算投入来对抗AI驱动的网络攻击已经势在必行
腾讯玄武实验室
- [ ] 每日安全动态推送(8-6)
奇安信 CERT
- [ ] Roundcube Webmail 多个XSS高危漏洞安全风险通告
FreeBuf网络安全行业门户
- [ ] FreeBuf早报 | secureserver.net域被滥用；朝鲜黑客攻击韩国建筑和机械行业
- [ ] 市值暴跌、巨额诉讼，网安一哥走下神坛
- [ ] 自2018年一直被黑客利用，Windows又一“后门”揭秘
- [ ] Gartner安全运营成熟度曲线：XDR、SOAR 泡沫破裂；EDR、SIEM 进入生产成熟期
- [ ] Apache OFBiz 曝出严重漏洞，允许预身份验证 RCE
rtl-sdr.com
- [ ] RadioWorld Magazine Article about Software Defined Radios for Shortwave Listening
- [ ] SignalsEverywhere: Using HackTV to Transmit Analog Television with a HackRF
代码卫士
- [ ] 再创新高：财富50强公司支付勒索赎金7500万美元
- [ ] 谷歌修复已遭利用的安卓内核0day漏洞
奇客Solidot–传递最新科技情报
- [ ] OpenAI 联合创始人 John Schulman 加盟 Anthropic
- [ ] 三星电子工会调整罢工策略恢复工作
- [ ] 美国航空公司耗尽四位数航班号
- [ ] 美国法官裁决 Google 付费成为默认搜索引擎违反了反垄断法
- [ ] Windows 11 市场份额突破三成
- [ ] 马斯克重启对 OpenAI 和 Sam Altman 的诉讼
- [ ] 印尼以赌博色情理由封锁 DuckDuckGo
安全内参
- [ ] 知名电子大厂因勒索攻击损失超1.2亿元，此前曾停运两周
- [ ] 智能网联汽车网络安全事件分析溯源挑战与思考
微步在线研究响应中心
- [ ] 微步协助H3C修复iMC智能管理中心远程代码执行漏洞
HackerNews
- [ ] Gartner 安全运营成熟度曲线：XDR、SOAR 泡沫破裂；EDR、SIEM 进入生产成熟期
- [ ] CrowdStrike 与达美航空互撕，拒付 5 亿美元赔偿
- [ ] Apache OFBiz 用户被警告存在新的和被利用的漏洞
- [ ] 朝鲜黑客利用 VPN 更新漏洞安装恶意软件，试图窃取商业情报
- [ ] 因受勒索软件攻击，某电子制造服务公司损失超过 1700 万美元
奇安信威胁情报中心
- [ ] 近期值得关注的IOC（2024-08-06）
- [ ] 【8月5日获奖榜】以下网络安全专家已免费获赠阿瑞斯武器库批量查询工具
关键基础设施安全应急响应中心
- [ ] 进一步推进国家安全法治体系建设
- [ ] 香港网络安全法案：保护关键基础设施，而非侵犯个人隐私
- [ ] 近30亿人个人数据遭暗网售卖，这家公司被起诉
信息安全国家工程研究中心
- [ ] 加强网络安全体制建设，为高质量发展保驾护航
dotNet安全矩阵
- [ ] .NET 一款提权工具：Sharp4PetitPotato
- [ ] 2024hvv | 19套.NET系统漏洞威胁情报(08.07更新)
- [ ] .NET 内网攻防实战电子报刊
极客公园
- [ ] 为什么消费者需要「仅退款」？
- [ ] 木卫四发布大模型智能体群，蝴蝶 AI 2.0 开启汽车安全新篇章
- [ ] 美科技七巨头一夜蒸发 6500 亿；荣耀回应 IPO 传闻；微信订阅号灰度测试「快讯」| 极客早知道
国家互联网应急中心CNCERT
- [ ] CNVD漏洞周报2024年第31期
- [ ] 上周关注度较高的产品安全漏洞(20240729-20240804)
山石网科安全技术研究院
- [ ] 第四届山石CTF夏令营入营名单来啦！
丁爸情报分析师的工具箱
- [ ] 【资源】查询NGO信息网站汇总
数世咨询
- [ ] 攻击者是如何绕过EDR/XDR的——对此我们又该怎么做？
字节跳动技术团队
- [ ] 豆包大模型视觉、语音能力升级！文生图更懂“国风”，TTS“拿捏”情绪
看雪学苑
- [ ] 让创意闪耀：SDC 2024「极客市集」展商招募中
- [ ] 记录一次秀动APP的逆向
- [ ] 员工工资直接与安全挂钩，微软改革将安全视为首要任务
KCon 黑客大会
- [ ] 演讲议题巡展 | 新视角关注Windows漏洞挖掘-从USB设备到操作系统内核
- [ ] 【高端培训招募】KCon大会培训日，正式回归啦！
中国信息安全
- [ ] 论坛·原创 | 新技术环境下保密工作面临的挑战和应对策略
- [ ] 关注 | 从“蓝屏事件”说开来：“网络卫士”实为“黑客帝国”
- [ ] 发布 | 工信部印发《关于创新信息通信行业管理优化营商环境的意见》（附全文）
- [ ] 前沿 | 欧盟《人工智能法案》生效将完善监管规则
- [ ] 法治 | 加强算法风险侵权法律规制
- [ ] 专家观点 | 如何加强数据知识产权保护
- [ ] 评论 | 针对网络传销新变化开展精准治理
Beacon Tower Lab
- [ ] 【0806】重保演习每日情报汇总
火绒安全
- [ ] 火绒安全终端防护数据月报（2024-07）
CNCERT国家工程研究中心
- [ ] 新的 Specula 工具利用 Outlook 在 Windows 中执行远程代码
- [ ] 因办公应用程序导致大规模数据泄露，涉及900家公司
- [ ] 比肩“飞马”:专攻Android的新型间谍软件LianSpy曝光
TrustedSec
- [ ] Execution Guardrails: No One Likes Unintentional Exposure
迪哥讲事
- [ ] Web API 渗透测试指南
不忘初心px1624
- [ ] 看漫画学越权 5
安全419
- [ ] 安全大模型迈入场景之年：融合关键业务产品化发挥价值
- [ ] 资料下载 | 数据接口安全风险监测方法、贵州省数据流通交易促进条例
Over Security - Cybersecurity news aggregator
- [ ] Venezuelan government ratchets up digital repression surrounding tainted election
- [ ] Google Chrome will let you send money to your favourite website
- [ ] INTERPOL recovers over $40 million stolen in a BEC attack
- [ ] Google says Android zero-day was exploited in the wild
- [ ] Samsung to pay $1,000,000 for RCEs on Galaxy’s secure vault
- [ ] Hackers remotely wipe 13,000 students’ iPads and Chromebooks after breaching safety software
- [ ] France's Grand Palais discloses cyberattack during Olympic games
- [ ] Nearly 40 French museums reportedly affected by ransomware attack
- [ ] Proton VPN adds ‘Discreet Icons’ to hide app on Android devices
- [ ] Point of entry: Why hackers target stolen credentials for initial access
- [ ] Hacker wipes 13,000 devices after breaching classroom management platform
- [ ] Ritorna Vidar in Italia con una campagna di malspam tramite PEC
- [ ] Rockwell Automation, una vulnerabilità consente l’accesso non autorizzato ai dispositivi
- [ ] Nathan Howe: “ecco come Zscaler protegge i dispositivi IoT/OT”
- [ ] From Weaponization to Victimization: Fallout from the ServiceNow Vulnerability
- [ ] From Weaponization to Victimization: Fallout from ServiceNow Vulnerability
- [ ] Shoe Zone - 46,140 breached accounts
Securityinfo.it
- [ ] Rockwell Automation, una vulnerabilità consente l’accesso non autorizzato ai dispositivi
- [ ] Nathan Howe: “ecco come Zscaler protegge i dispositivi IoT/OT”
SANS Internet Storm Center, InfoCON: green
- [ ] A Survey of Scans for GeoServer Vulnerabilities, (Tue, Aug 6th)
- [ ] ISC Stormcast For Tuesday, August 6th, 2024 https://isc.sans.edu/podcastdetail/9084, (Tue, Aug 6th)
Posts By SpecterOps Team Members - Medium
- [ ] BloodHound Operator — Dog Whispering Reloaded
Deeplinks
- [ ] Support Justice for Digital Creators and Tech Users
- [ ] EFF at the Las Vegas Hacker Conferences
Schneier on Security
- [ ] On the Cyber Safety Review Board
Graham Cluley
- [ ] FTC warns consumers of scammers offering to remove all negative information from credit reports
- [ ] The AI Fix #10: An AI cookery dumpster fire, the ARC prize, and a creepy new AI friend
The Hacker News
- [ ] INTERPOL Recovers $41 Million in Largest Ever BEC Scam in Singapore
- [ ] North Korean Hackers Moonstone Sleet Push Malicious JS Packages to npm Registry
- [ ] Suspicious Minds: Insider Threats in The SaaS World
- [ ] New Android Spyware LianSpy Evades Detection Using Yandex Cloud
- [ ] Google Patches New Android Kernel Vulnerability Exploited in the Wild
- [ ] New Zero-Day Flaw in Apache OFBiz ERP Allows Remote Code Execution
Tor Project blog
- [ ] New Release: Tor Browser 13.5.2
Full Disclosure
- [ ] CyberDanube Security Research 20240805-0 | Multiple Vulnerabilities in JetPort Series
- [ ] CVE-2024-40101 exploit: Reflected Cross-Site Scripting (XSS) on Microweber
The Register - Security
- [ ] Google splats device-hijacking exploited-in-the-wild Android kernel bug among others
- [ ] Sonic Automotive says ransomware-linked CDK software outage cost it $30M
- [ ] Bad apps bypass Windows security alerts for six years using newly unveiled trick
- [ ] Users call on Microsoft to update Outlook's friendly name feature
- [ ] Billion-dollar bust as international op shutters Cryptonator wallet
- [ ] MDM vendor Mobile Guardian attacked, leading to remote wiping of 13,000 devices
- [ ] Illinois relaxes biometric privacy law so snafus won't cost businesses billions
- [ ] NFL to begin using face scanning tech across all of its stadiums
TorrentFreak
- [ ] Pirate Site Blocking Can’t Prevent Pay TV Subscriber Decline in Uruguay
- [ ] Record Labels Ask Court to Deny Cox’s Challenge of ‘$1 Billion’ Piracy Verdict
360数字安全
- [ ] 360安全大模型为什么是“非卖品”？
- [ ] 连续11年亮相BlackHat大会，360发布重磅漏洞研究成果
- [ ] ISC.AI 2024｜数据安全与创新应用论坛召开助推数据安全高质量发展
- [ ] 寻找明星场景·赋能垂直领域，ISC.AI 2024安全大模型联合峰会圆满召开
Computer Forensics
- [ ] Why when I do the forensic acquisition I get all the 830GB? I am using FTK and I do select logical drive, I want only the 85GB, but my E01 File always ends up being 830GB... Is there a way for me to only get the 85GB worth of memory?
- [ ] Free Digital Forensic Policies & Documents
- [ ] Digital Forensics Interview - FBI
- [ ] DIGITAL TREASURE HUNT
Qualys Security Blog
- [ ] 2024 Midyear Threat Landscape Review
Security Affairs
- [ ] A ransomware attack hit French museum network
- [ ] CISA adds Microsoft COM for Windows bug to its Known Exploited Vulnerabilities catalog
- [ ] Google warns of an actively exploited Android kernel flaw
- [ ] Should Organizations Pay Ransom Demands?
- [ ] North Korea-linked hackers target construction and machinery sectors with watering hole and supply chain attacks
Palo Alto Networks Blog
- [ ] Palo Alto Networks Zero Trust Platform Featured in New NIST Guidance
Blackhat Library: Hacking techniques and research
- [ ] Booting up kali Linux from usb
- [ ] Black hat 2024
netsecstudents: Subreddit for students studying Network Security and its related subjects
- [ ] Network Devices Configuration Manager
Information Security
- [ ] Why don’t more cybersecurity internships include internal ethical hacking challenges?
- [ ] What’s the buzz at BlackHat 2024 so far?
Your Open Hacker Community
- [ ] jQuery UI 1.12.1
- [ ] Is monitor mode a must have for pentesting ?
Technical Information Security Content & Discussion
- [ ] Announcing the Vulnerability Management program pack 1.0
- [ ] Unveiling the Power Duo: osquery and osctrl
- [ ] Vestaboard: Exploring Broken Access Controls and Privilege Escalation
- [ ] Homebrew Security Audit 2023
- [ ] Master Your Craft - Tavis Ormandy Analysis on The CrowdStrike Incident
Social Engineering
- [ ] Meta launches AI chatbots for Instagram
- [ ] Good brands are social engineering and it makes me sick
- [ ] Tim Walz providing free school meals to kids vs. Sarah H. Sanders loosening child labor protections.
Tails - News
- [ ] Converting dangerous documents to safe PDFs using Dangerzone
Security Weekly Podcast Network (Audio)
- [ ] Fake IDS, Storm Bamboo, uBlock, Rhysida, Snake, Delta, TikTok, Josh Marpet... - SWN #404
- [ ] Building Successful Security Champions Programs - Marisa Fagan - ASW #294
Dark Space Blogspot
- [ ] Cosa è Successo ai Mercati Azionari e Cripto? Crollo del 4-5 Agosto 2024
- [ ] Cos'è Il Carry Trade Nei Mercati Finanziari?