issues
search
chainreactors
/
picker
将你的repo变为讨论社区
GNU General Public License v3.0
104
stars
19
forks
source link
[每日信息流] 2024-08-21
#625
Closed
chainreactorbot
closed
1 week ago
chainreactorbot
commented
1 month ago
每日安全资讯(2024-08-21)
Files ≈ Packet Storm
[ ]
Kernel Live Patch Security Notice LSN-0106-1
[ ]
Ubuntu Security Notice USN-6969-1
[ ]
Ubuntu Security Notice USN-6967-1
[ ]
Akuvox Smart Intercom/Doorphone Unauthenticated Stream Disclosure
[ ]
Linux Landlock Logic Bug
[ ]
Ubuntu Security Notice USN-6968-1
[ ]
Lost and Found Information System 1.0 Cross Site Request Forgery
[ ]
Loan Management System 1.0 Cross Site Request Forgery
[ ]
Ubuntu Security Notice USN-6951-3
[ ]
Debian Security Advisory 5751-1
[ ]
Simple Machines Forum 2.1.4 Code Injection
[ ]
Red Hat Security Advisory 2024-5608-03
[ ]
Biobook Social Networking Site 1.0 Arbitrary File Upload
[ ]
Red Hat Security Advisory 2024-5607-03
[ ]
Accounting Journal Management System 1.0 Code Injection
[ ]
Red Hat Security Advisory 2024-5599-03
[ ]
Red Hat Security Advisory 2024-5598-03
[ ]
ABIC Cardiology Management System 1.0 Cross Site Request Forgery
[ ]
Red Hat Security Advisory 2024-5584-03
[ ]
Hospital Management System 1.0 Code Injection
[ ]
Event Registration and Attendance System 1.0 Code Injection
[ ]
Red Hat Security Advisory 2024-5583-03
[ ]
Red Hat Security Advisory 2024-5582-03
[ ]
Red Hat Security Advisory 2024-5522-03
[ ]
Red Hat Security Advisory 2024-5082-03
Tenable Blog
[ ]
SSRFing the Web with the help of Copilot Studio
奇安信攻防社区
[ ]
实战 | 对自己学校内网的渗透测试
安全客-有思想的安全新媒体
[ ]
CISA 将 Jenkins 命令行界面 (CLI) 漏洞添加到其已知利用的漏洞目录中
[ ]
被盗、被锁定的支付卡仍然可在数字钱包使用
[ ]
研究人员发现了与网络犯罪集团 FIN7 有关的新基础设施
[ ]
多款 MacOS 版微软应用程序易受库注入攻击影响
[ ]
新型 UULoader 恶意软件 Gh0st RAT 和 Mimikatz 在东亚地区传播
[ ]
网络犯罪分子利用热门软件搜索传播 FakeBat 恶意软件
[ ]
IBM 新发布针对"网络安全"和"数据分析"的 IBM SkillsBuild 证书
[ ]
Xeon Sender Tool 利用云 API 进行大规模短信钓鱼攻击
[ ]
网络犯罪分子利用文件共享服务推进网络钓鱼攻击
[ ]
360零信任安全办公平台升级!构筑一体化数字安全办公空间
Security Boulevard
[ ]
Black Hat USA 2024: Key Takeaways from the Premier Cybersecurity Event
[ ]
USENIX Security ’23 – CipherH: Automated Detection of Ciphertext Side-channel Vulnerabilities in Cryptographic Implementations
[ ]
Identity Crisis: Hidden Threats In Digital Infrastructure
[ ]
What You Get with AKS, EKS, GKE vs. Managed Kubernetes-as-a-Service
[ ]
Comic Agilé – Mikkel Noe-Nygaard, Luxshan Ratnaravi – #304 – Fail Fast
[ ]
Agentless is a DAM Better Option for Securing Cloud Data
[ ]
From False Positives to Potential Breaches: The Risks of Prematurely Closing Incidents
[ ]
INE Security Alert: The Steep Cost of Neglecting Cybersecurity Training
[ ]
USENIX Security ’23 – Pspray: Timing Side-Channel Based Linux Kernel Heap Exploitation Technique
[ ]
Navigating the Uncharted: A Framework for Attack Path Discovery
嘶吼 RoarTalk – 网络安全行业综合服务平台,4hou.com
[ ]
爱加密品牌LOGO焕新,新LOGO传递了哪些信号
[ ]
微软禁用 BitLocker 安全修复程序,建议手动缓解
[ ]
单位敏感数据泄露,罪魁祸首竟然是食堂管理系统
[ ]
开机就能打?没那么玄乎!客观分析 “狂躁许可”漏洞(CVE-2024-38077)及其影响范围
Private Feed for M09Ic
[ ]
wuhan005 starred thomseddon/traefik-forward-auth
[ ]
b1nhack starred NationalSecurityAgency/ghidra
[ ]
veo starred ebitengine/purego
[ ]
ourren starred action-ai-institute/MABEL-dataset
[ ]
ourren starred ucsb-seclab/DeepCASE
[ ]
ourren starred yunionio/cloudpods
[ ]
skelsec released 0.0.1 at skelsec/adiskreader
[ ]
niudaii started following phplaber
[ ]
niudaii starred Amulab/CAudit
[ ]
niudaii starred qwqdanchun/Pillager
[ ]
niudaii starred qi4L/JYso
[ ]
niudaii starred phplaber/yawf
[ ]
kunpen started following M09Ic
[ ]
gh0stkey starred ollama/ollama
[ ]
zema1 starred pot-app/pot-desktop
[ ]
niudaii started following INotGreen
[ ]
niudaii starred INotGreen/XiebroC2
[ ]
mozhu1024 starred shibukawa/gotomation
[ ]
LinLuosheng started following M09Ic
[ ]
gh0stkey starred Calcium-Ion/new-api
[ ]
zema1 starred ly4k/PwnKit
[ ]
wabzsy starred cider-security-research/cicd-goat
[ ]
wabzsy starred joho/godotenv
[ ]
niudaii starred itsOwen/CyberScraper-2077
[ ]
INotGreen started following l3m0n
[ ]
INotGreen starred l3m0n/pentest_study
[ ]
niudaii starred chainreactors/malice-network
SecWiki News
[ ]
SecWiki News 2024-08-20 Review
Y4tacker:Hacking The World!
[ ]
浅析泛微ec10权限绕过到命令执行
Trustwave Blog
[ ]
Trustwave Government Solutions Attains StateRAMP Authorization Status
obaby@mars
[ ]
将多个图片合并为 PDF
Recent Commits to cve:main
[ ]
Update Tue Aug 20 22:28:59 UTC 2024
[ ]
Update Tue Aug 20 14:33:25 UTC 2024
[ ]
Update Tue Aug 20 06:33:39 UTC 2024
ongoing by Tim Bray
[ ]
2024 Pollscrolling
Chromium Blog
[ ]
Seamlessly use your passwords and addresses in Chrome across all devices
Insinuator.net
[ ]
CrowdStrike: What is the worldwide BSOD all about?
Doonsec's feed
[ ]
北京商用密码行业协会第四届会员大会暨换届大会圆满召开
[ ]
2024\"观安杯\"网络安全管理运维赛初赛部分writeup
[ ]
【原创】某智能系统存在多个漏洞(CVE)
[ ]
涉及办公环境安全!某微e-cology远程代码执行漏洞风险通告
[ ]
一次无语的应急
[ ]
工具二开交流群
[ ]
MDUT-Extend(MDUT-增强版) V1.1.0 Released
[ ]
新的 Webkit 漏洞可让攻击者利用 PS4 和 PS5 游戏机发起攻击
[ ]
研究人员发现了与黑客集团FIN7相关的新基础设施
[ ]
Linux 网卡配置与 Windows 共享管理:运维必备技能
[ ]
探索车联网供应链被忽视的数据安全意识应对思考与实践|科技专刊
[ ]
从“网易云音乐崩了”事件看【网络安全】
[ ]
【HVV】情报推送_0818-0820
[ ]
DC全解,从信息搜集到提权上线
[ ]
木马反制与隐藏技巧
[ ]
护网蓝队之AD域控安全加固
[ ]
【HW-day】某某通某子文档安全管理系统 getAllUsers 信息泄露漏洞【附poc】
[ ]
Hvv 故事吃瓜 28 (明天攻击队暂停攻击一天,安排体验《黑神话.悟空》)
[ ]
FinalShell离线激活工具
[ ]
最新BurpSuite2024.7.3专业版中英文版下载Windows/Linux/Mac仅支持Java21以上
Penetration Testing Lab
[ ]
Web Browser Stored Credentials
Horizon3.ai
[ ]
Strengthening Cloud Security: A Comprehensive Approach
Reverse Engineering
[ ]
SpotAPI: Enjoy Spotify Playback API Without Premium!
[ ]
Keil uVision Infineon C167
SentinelOne
[ ]
Building Resilient Security | Why Fundamentals Matter More Than Ever
FreeBuf网络安全行业门户
[ ]
FreeBuf早报 | 勒索软件2024上半年赎金创新高;消费者遭遇“幽灵机票”
[ ]
适用于macOS的多个微软应用程序发现库注入漏洞,用户数据安全受威胁
[ ]
丰田再发数据泄露事件,涉及240GB员工和客户信息
[ ]
黑客利用 Xeon Sender 发起大规模短信钓鱼攻击
HackerNews
[ ]
丰田再发数据泄露事件,涉及 240GB 员工和客户信息
[ ]
黑客利用 Xeon Sender 发起大规模短信钓鱼攻击
[ ]
境外新型恶意软件爆发,主要针对中韩用户
[ ]
某 A 股上市公司疑似泄漏 2.3TB 数据
[ ]
出售 30 万个被盗登录凭证,被判处 40 个月监禁
[ ]
俄罗斯网络犯罪组织利用假冒品牌网站传播 DanaBot 和 StealC 恶意软件
[ ]
Windows 0day(CVE-2024-38193)攻击与朝鲜 Lazarus APT 有关
[ ]
俄勒冈州动物园售票服务遭黑客攻击,118000 人信息被盗
奇客Solidot–传递最新科技情报
[ ]
世界最长寿者去世,享年 117 岁
[ ]
Snoo 智能摇篮对核心功能推行订阅制
[ ]
帅哥美女花在游戏上的时间较少
[ ]
苹果巴西 App Store 据报下架 VPN 应用
[ ]
持有特斯拉股票的法官拒绝回避 X 诉 Media Matters 案
[ ]
不兼容的波音宇航服可能阻碍宇航员搭乘 SpaceX 飞船返回地球
[ ]
苹果推出其播客应用的 Web 版本
[ ]
日本禁止基于遗传信息的劳动歧视
[ ]
美国科技巨头数据中心用水量大幅增长
[ ]
导致恐龙灭绝的小行星来自外太阳系
[ ]
朝鲜黑客利用最近修复的 Windows 0day 安装 rootkit
[ ]
美国过去一年初创企业倒闭数量激增 60%
安全牛
[ ]
2024年身份验证技术应用10大关键趋势
[ ]
美国众议院议员要求对我国无线路由器厂商TP-Link发起安全调查;网易官方回应“网易云音乐”宕机故障 | 牛览
锦行科技
[ ]
锦行科技入选技术支撑单位,助力网络安全事业!
[ ]
锦行科技荣获“鹏城靶场分靶场”锦行科技分靶场授牌
奇安信威胁情报中心
[ ]
近期值得关注的IOC(2024-08-20)
VMRay
[ ]
Latrodectus updates to version 1.4 with AES-256 string encryption
丁爸 情报分析师的工具箱
[ ]
【通知】第11期全国开源能力提升培训班—开源尖兵实战训练营计划
[ ]
【资料】如何成为一名情报分析师
安全内参
[ ]
印度国家支付系统部分中断:因供应商高风险漏洞迟迟不修后被黑
[ ]
国内某上市公司疑遭勒索攻击泄漏2.3TB数据
代码卫士
[ ]
F5修复BIG-IP 和 NGINX Plus 中的多个高危漏洞
黑海洋 - WIKI
[ ]
用甲骨文ARM服务器免费搭建一部云手机,适合各种24小时挂机
[ ]
阿里免费企业邮箱
[ ]
黑悟空 修改器 Black Myth: Wukong Trainer
天御攻防实验室
[ ]
以色列与伊朗的电子对抗
360漏洞云
[ ]
“源”聚创新力量,“洞”见安全未来:360漏洞云亮相GOGC,共促开源漏洞安全发展
关键基础设施安全应急响应中心
[ ]
个人信息权益保护与个人数据要素化并行不悖
[ ]
WPS Office两个严重漏洞曝光,已被武器化且在野利用
[ ]
乌克兰网络专家联手黑客团队致瘫俄罗斯核弹头开发商
CNCERT国家工程研究中心
[ ]
新的 Webkit 漏洞可让攻击者利用 PS4 和 PS5 游戏机发起攻击
[ ]
攻击者在勒索活动中利用公开的.env文件入侵云账户
[ ]
出售30万个被盗登录凭证,被判处40个月监禁
国家互联网应急中心CNCERT
[ ]
CNVD漏洞周报2024年第33期
[ ]
上周关注度较高的产品安全漏洞(20240812-20240818)
OPPO安全中心
[ ]
OPPO 加入机密计算联盟:共筑隐私安全,共创智能未来
[ ]
2024年7月奖励公告
[ ]
【六周年庆】第二阶段明日开始!联合礼包!翻倍奖励!
嘶吼专业版
[ ]
微软禁用 BitLocker 安全修复程序,建议手动缓解
[ ]
爱加密品牌LOGO焕新,新LOGO传递了哪些信号
中国信息安全
[ ]
专题·大模型安全 | 大模型的安全风险及应对建议
[ ]
前沿 | 智能赋权效应催生“认知+行为”组合式网络安全威胁分析
[ ]
观点 | 全球人工智能治理任重道远
[ ]
评论 | 落实平台责任,坚决打击网络暴力
[ ]
前沿 | 智能化技术在反欺诈领域的应用与实践
[ ]
国际 | 阿联酋、新加坡、爱尔兰加强信息技术人才培养 为数字时代夯实人才基础
[ ]
直播预告 | 关基安全保护攻防实录 Vol.17
情报分析师
[ ]
量子革命:未来战争的隐形利剑
[ ]
西方非政府组织在吉尔吉斯斯坦的操控分析
火绒安全
[ ]
“李鬼”软件暗设后门,对抗杀软侵蚀系统
美团安全应急响应中心
[ ]
美团安全团队在第五期移动互联网APP产品安全漏洞技术沙龙中分享移动应用自动化安全实践历程
KCon 黑客大会
[ ]
KCon 2024开幕在即,会议亮点及议程公布!
字节跳动技术团队
[ ]
字节跳动开源Linux内核网络抓包工具netcap
[ ]
国产 AI 机器人好超前…弹琴泡茶打咏春,还能撸猫??|AGI 掘金资讯
黑伞安全
[ ]
某报表玩坏的反序列化漏洞
[ ]
MDUT-黑神话纪念版 V1.1.0 Released
dotNet安全矩阵
[ ]
.NET 一款支持收集6种浏览器数据的工具
[ ]
2024hvv | 28套.NET系统漏洞威胁情报(08.20更新)
[ ]
.NET 内网攻防实战电子报刊
安全圈
[ ]
【安全圈】紧急!WPS被曝出现两个严重漏洞:且已被利用
360数字安全
[ ]
攻防演练实录 | 360安全大模型再狙0day漏洞,助蓝队“上大分”!
[ ]
国家级培训企业首站!360五张“王牌”赋能新质人才培养
迪哥讲事
[ ]
全自动白帽漏洞扫描器
极客公园
[ ]
被误解的「95 后」,在「大厂」发光
[ ]
《黑神话: 悟空》联名狂潮背后:一场不仅限于游戏的狂欢
[ ]
网易云音乐恢复使用,称没有删库跑路;AMD 49 亿美元收购服务器制造商;特斯拉新一代Roadster实车曝光 | 极客早知道
Securityinfo.it
[ ]
Arriva Copilot Autofix, l’IA di GitHub per la sicurezza del codice
Beacon Tower Lab
[ ]
【0820】重保演习每日情报汇总
安天AVL威胁情报中心
[ ]
盘点:2024年6月移动设备威胁态势
[ ]
安天移动近期威胁情报盘点
SANS Internet Storm Center, InfoCON: green
[ ]
Where are we with CVE-2024-38063: Microsoft IPv6 Vulnerability, (Tue, Aug 20th)
[ ]
ISC Stormcast For Tuesday, August 20th, 2024 https://isc.sans.edu/podcastdetail/9104, (Tue, Aug 20th)
Posts By SpecterOps Team Members - Medium
[ ]
Navigating the Uncharted: A Framework for Attack Path Discovery
Schneier on Security
[ ]
Hacking Wireless Bicycle Shifters
Instapaper: Unread
[ ]
Maximizing Disk Imaging Speeds
[ ]
What is the Dark Web and How Does it Work in 2024
[ ]
iOS 17- The “Forever” Setting That Isn’t… Or Is It
[ ]
Identity Lookup Service
[ ]
Nuova release 2024 di Tsurugi Linux, live distro gratuita e open source per informatica forense
[ ]
Inside the 3 Billion People National Public Data Breach
[ ]
WinFE Builds | The best choices
[ ]
Your Android phone is getting an anti-theft upgrade, thanks to AI. How it works
Technical Information Security Content & Discussion
[ ]
Web Browser Stored Credentials
[ ]
SSRFing the Web with the help of Copilot Studio (Critical Vuln in Microsoft Copilot Studio)
[ ]
Hacking as a pathway to building better Products
netsecstudents: Subreddit for students studying Network Security and its related subjects
[ ]
IT Security Certification
[ ]
Compilation of SWG attacks
[ ]
Protect link with captcha
The Hacker News
[ ]
Detecting AWS Account Compromise: Key Indicators in CloudTrail Logs for Stolen API Keys
[ ]
Czech Mobile Users Targeted in New Banking Credential Theft Scheme
[ ]
Hackers Exploit PHP Vulnerability to Deploy Stealthy Msupedge Backdoor
[ ]
Anatomy of an Attack
[ ]
Researchers Uncover TLS Bootstrap Attack on Azure Kubernetes Clusters
[ ]
Iranian Cyber Group TA453 Targets Jewish Leader with New AnvilEcho Malware
[ ]
Blind Eagle Hackers Exploit Spear-Phishing to Deploy RATs in Latin America
[ ]
Thousands of Oracle NetSuite Sites at Risk of Exposing Customer Information
[ ]
CISA Warns of Critical Jenkins Vulnerability Exploited in Ransomware Attacks
Information Security
[ ]
IT Security Certification
[ ]
Security Solutions for Government Agencies
Your Open Hacker Community
[ ]
Can I make Hydra attacks faster by virtualizing it and running it in multiple environments.
[ ]
Host ip shoing in bettercap
Security Affairs
[ ]
Ransomware payments rose from $449.1 million to $459.8 million
[ ]
Previously unseen Msupedge backdoor targeted a university in Taiwan
[ ]
Oracle NetSuite misconfiguration could lead to data exposure
[ ]
Toyota disclosed a data breach after ZeroSevenGroup leaked stolen data on a cybercrime forum
The Register - Security
[ ]
Plane tracker FlightAware admits user passwords, SSNs exposed for years
[ ]
Iran named as source of Trump campaign phish, leaks
[ ]
Digital wallets can allow purchases with stolen credit cards
TorrentFreak
[ ]
“The Pirate Bay” TV Series Teaser Appears Online
[ ]
Bypass Paywalls Clean Shut Down For DMCA Anti-Circumvention Violations
Unsupervised Learning
[ ]
Aliens Landed in Palo Alto in October of 2027
[ ]
UL NO. 446: AI Ecosystem Components, MS 0-Days, Iranian Campaign Hacks…
Computer Forensics
[ ]
Need help, can’t find this
[ ]
Volatility and WSL2
[ ]
[MAC] Accessing APFS Encrypted at Rest Disk
Blackhat Library: Hacking techniques and research
[ ]
Where Do You Find Breached Data
[ ]
Looking for Korean Phone Number Rental for Genie and Tving Verification
[ ]
Source code of an online game
[ ]
Is it possible to hack a 54 digits rar password?
[ ]
Anyway to get passwords to accounts you’ve forgotten?
Over Security - Cybersecurity news aggregator
[ ]
CannonDesign confirms Avos Locker ransomware data breach
[ ]
Toyota confirms third-party data breach impacting customers
[ ]
Microchip Technology discloses cyberattack impacting operations
[ ]
Cisco employees face a month of silence ahead of second layoff in 2024
[ ]
Microsoft launches unified Teams app for personal, work accounts
[ ]
Man who hacked Hawaii state registry to forge his own death certificate sentenced to 81 months
[ ]
Hackers target bank clients in Czechia, Hungary and Georgia in novel phishing campaign
[ ]
Hackers use PHP exploit to backdoor Windows systems with new malware
[ ]
Oregon Zoo warns visitors their credit card details were stolen
[ ]
Data breach: The StormouS group exfiltrates 100GB from the servers of the Italian company Teleco srl
[ ]
Surge in Software Supply Chain Attacks Demands Heightened Third-Party Vigilance
[ ]
Widespread Cloud Exposure: Extortion Campaign Used Exposed AWS ENV Files to Target 110,000 Domains
[ ]
August Windows updates break dual boot on some Linux systems
[ ]
British civil service to target cyber specialists with new graduate scheme
[ ]
Hacker locks Unicoin staff out of Google accounts for 4 days
[ ]
US government accuses Iran of Trump campaign hack; Iran scoffs
[ ]
Hackers deployed new malware against university in Taiwan
[ ]
‘Styx Stealer’ malware developer accidentally exposes personal info to researchers in ‘critical opsec error’
[ ]
Cyble Repeatedly Recognized as a Sample Vendor for Digital Risk Protection Services in Gartner’s Hype Cycle for Cyber Risk Management, 2024: What This Means?
[ ]
Approach to mainframe penetration testing on z/OS
[ ]
US warns of Iranian hackers escalating influence operations
[ ]
Arriva Copilot Autofix, l’IA di GitHub per la sicurezza del codice
[ ]
Iranian hackers targeted Jewish figure with malware attached to podcast invite, researchers say
[ ]
A Patchdiffing Journey – TP-Link Omada
[ ]
Windows driver zero-day exploited by Lazarus hackers to install rootkit
[ ]
US agencies attribute presidential campaign cyberattacks to Iran
Securelist
[ ]
Approach to mainframe penetration testing on z/OS
Palo Alto Networks Blog
[ ]
Identity Protection That Spans the Entire Attack Lifecycle
Tor Project blog
[ ]
New Alpha Release: Tor Browser 14.0a2
Security Weekly Podcast Network (Audio)
[ ]
The Fallout and Lessons Learned from the CrowdStrike Fiasco - Shimon Modi, Jeff Pollard, Allie Mellen, Boaz Barzel - ASW #296
[ ]
Dangerous books, Microsoft plus, NPD, Solar Winds, Jenkins, and more... - SWN #408
每日安全资讯(2024-08-21)