[每日信息流] 2024-08-22

[chainreactorbot]

每日安全资讯（2024-08-22）

• SecWiki News
  • [ ] SecWiki News 2024-08-21 Review
• Private Feed for M09Ic
  • [ ] wh0amitz starred jas502n/oracleShell
  • [ ] 4ra1n started following chenlvtang
  • [ ] 4ra1n started following sw0rd1ight
  • [ ] orangetw created a repository orangetw/blog.orange.tw
  • [ ] theLSA started following rpetrich
  • [ ] theLSA started following asmjmp0
  • [ ] theLSA starred klezVirus/DriverJack
  • [ ] theLSA starred pot-app/pot-desktop
  • [ ] theLSA starred vectra-ai-research/Halberd
  • [ ] theLSA starred Charlie-belmer/nosqli
  • [ ] theLSA starred go-gitea/gitea
  • [ ] theLSA starred YouChenJun/Keydd
  • [ ] wuhan005 starred wenlng/go-captcha
  • [ ] niudaii made niudaii/zp-crack public
  • [ ] g1an123 started following M09Ic
  • [ ] niudaii starred niudaii/zp-crack
  • [ ] zema1 starred jas502n/oracleShell
  • [ ] nightRainy started following Cracked5pider
  • [ ] Safe3 forked Safe3/tail from nxadm/tail
  • [ ] Safe3 forked Safe3/tail from grafana/tail
  • [ ] FunnyWolf starred msoedov/agentic_security
  • [ ] FunnyWolf starred lobehub/lobe-chat
  • [ ] FunnyWolf starred microsoft/graphrag
  • [ ] phith0n starred CstCamaro/TweetTrace
  • [ ] wabzsy starred MoonshotAI/MoonshotAI-Cookbook
  • [ ] timwhitez started following CstCamaro
  • [ ] timwhitez starred CstCamaro/TweetTrace
  • [ ] zema1 starred DeEpinGh0st/MDUT-Extend-Release
• Doonsec's feed
  • [ ] 从未玩过3A大作的人上手黑神话的三小时体验
  • [ ] IAM身份安全系统以及如何攻击它的操作
  • [ ] 第101篇：一个绕过5层权限校验的0day漏洞的代码审计分析
  • [ ] 秦安：你信吗？特朗普发出重要信号，与中国改善关系和以色列灭亡
  • [ ] 《诗词游记》第364期：诗酒趁年华
  • [ ] 《诗词游记》第365期：大本大宗与天和
  • [ ] 我的红队回忆录
  • [ ] 基础速查 | 敏感文件和目录
  • [ ] 学习干货|实战学习应急响应之Windows日志分析(附镜像)
  • [ ] 8.21hvv情报
  • [ ] 工信部部长金壮龙：建立健全国家公共数据资源体系，推动公共数据资源安全有序开放
  • [ ] WPS回应“崩了”：服务已恢复，向全体用户提供15天会员补偿
  • [ ] 印度国家支付系统部分中断：因供应商高风险漏洞迟迟不修后被黑
  • [ ] 观点 | 软法视域下人工智能的标准化治理
  • [ ] 3个近期间谍案例公布
  • [ ] 关于近期暗网上国内信息泄露的情报汇总
  • [ ] 第十五课-系统学习代码审计：SSRF漏洞利用和常见防御写法以及绕过方式
  • [ ] 深入了解LG如何通过CSMS自动化确保汽车产品的安全
  • [ ] 安全 AI 系统开发指南
  • [ ] 人工智能安全标准化白皮书（2023版）-信安标委
  • [ ] CVE-2024-7928 FastAdmin 任意文件读取 全网20w+潜在风险资产 含批量验证脚本
  • [ ] 《黑神话：悟空》疯狂24小时：爆火下的网络安全陷阱
  • [ ] ISC带队！数十家网安中坚力量共绘上海安全大脑建设蓝图
  • [ ] 应急“国家队”！360支撑全国20+省市网络安全应急工作
  • [ ] 安钥®「漏洞处置标准作业程序（SOP）」征文启示
  • [ ] G.O.S.S.I.P 阅读推荐 2024-08-21 击败波加查？
  • [ ] 「 典型安全漏洞系列 」08.文件上传漏洞详解
  • [ ] 谷歌防护——pairip
  • [ ] 08-21-攻防演练之请防守方重点关注威胁情报样本信息
  • [ ] 让XSS漏洞无处遁形！0x1
  • [ ] 帆软报表 channel 反序列化漏洞分析与利用<复习>
  • [ ] 每日安全动态推送(8-21)
  • [ ] 大学生在哪里？羊毛速薅→OffSec课程
  • [ ] 工业互联网标识应用成熟度评估正式发布，赋能企业数字化发展 | 2024星火全连接活动
  • [ ] 中国信通院罗松：星火业务围绕IDNA构建自主可控产品体系，夯实业务发展基础
  • [ ] 工业互联网观察：内蒙古2024年工业互联网一体化进园区“百城千园行”活动成功举办；全国首个工业互联网标识解析纤维制造行业节点上线
  • [ ] 唉！
  • [ ] 240GB数据信息被窃取，丰田再发数据泄露事件
  • [ ] 模型对抗时代，金融行业智能化风险经营怎么做？ | 产业安全专家谈
  • [ ] 可悲，死都不怕，都要学安全！
  • [ ] 西游挑战轻松应对：三款神级修改器助你畅游《黑神话：悟空》，还有最新豪华中文版等你下载游玩最新最全资源尽在这里。
  • [ ] 【0821】重保演习每日情报汇总
  • [ ] 网安新声 | 网易云音乐崩了：网络安全如何守护在线体验
  • [ ] 【安全圈】丰田再发数据泄露事件，涉及240GB员工和客户信息
  • [ ] 【安全圈】因配置错误，智利超半数个人数据被暴露
  • [ ] 【安全圈】适用于macOS的多个微软应用程序发现库注入漏洞，用户数据安全受威胁
  • [ ] 【安全圈】攻击手法罕见！ESET披露最新网络钓鱼活动，专门针对Android、iPhone用户
  • [ ] 报告丨工业领域云安全实践指南（附下载）
  • [ ] 关注丨全球首部！欧盟《人工智能法案》正式生效
  • [ ] 自然资源部发布《关于保护和永续利用自然资源扎实推进美丽中国建设的实施意见》
  • [ ] 中国电子技术标准化研究院就行业标准《城市轨道交通人脸识别通行系统技术要求》征求意见
  • [ ] 一图读懂丨网络身份认证来了，五大焦点为你释疑
  • [ ] Net-NTLMv1加密降级攻击
  • [ ] 黑神话悟空修改器 【灭火器团队】
  • [ ] “AI+Security”系列第2期（五）：大模型自身安全
  • [ ] 漏洞分析 | Apache Tomcat 信息泄露漏洞 (CVE-2024-21733)
  • [ ] 网络安全不是残次品，而是“银弹市场”！
  • [ ] 科沃斯“隐私门”：智能家居的B面
  • [ ] 喜讯！云起无垠创始人沈凯文博士荣列科学家创业先锋榜
  • [ ] 行业首发，私域部署，高效执法！Qiko大模型智能本，打造您的专属业务大模型
  • [ ] 《黑神话：悟空》爆火！背后隐藏了这些网络安全“暗战”
  • [ ] 邀请函 | 奇安信与您相约HICOOL2024全球创业者峰会
  • [ ] 慢雾余弦：今早5547万枚DAI是被黑客通过名为Inferno Drainer的攻击工具钓鱼盗取
  • [ ] 我有一个朋友……
  • [ ] 2024年CCF-绿盟科技“鲲鹏”科研基金正式发布
  • [ ] 2024“数盾”生态大会｜绿盟科技圆满承办算力基础设施与算力调度安全研讨会
  • [ ] [CTF复现计划]2024巅峰极客初赛 easy_java
  • [ ] 限时开启！i春秋海量精品课程免费学
  • [ ] 【领跑新学期】9月开班计划助你开启学习模式！
  • [ ] burpsuite常用插件总结
  • [ ] 智能电表安全研究：原理分析与攻击测试
  • [ ] 【新课抢先购】FART 脱壳王：突破加壳APP的层层保护
  • [ ] 获得并修改硬件序列号——CPU、主板、内存、硬盘等(有源码)
  • [ ] 极客育儿经：解决孩子需求的新视角 | 即刻说第八期抢先看
  • [ ] 数安智用 · 甄选 | 万里红虹膜检验鉴定实验室解决方案
  • [ ] 全球人工智能治理任重道远
  • [ ] 安恒总裁宋端智还是懂流量的，今晚的大排档估计要排队了
  • [ ] 梆梆安全汽车信息安全测试平台荣获“2024年网络安全优秀创新成果大赛”优胜奖
• 安全客-有思想的安全新媒体
  • [ ] 区块链分析公司 Chainalysis 发布报告分析勒索软件支付趋势
  • [ ] AWS CloudTrail在检测潜在安全威胁中的应用及最佳实践
  • [ ] 针对 Android 和 iPhone 用户的新网络钓鱼方法
  • [ ] 博通赛门铁克的研究人员发现了一个名为 Msupedge 的以前未被发现的后门
  • [ ] 报告发现，四分之三的公司保留了越来越多的敏感数据
  • [ ] 微软的托管 Azure Kubernetes Service（AKS）存在严重的特权升级漏洞
  • [ ] 黑客利用PHP漏洞部署隐蔽的Msupedge后门
  • [ ] Oracle NetSuite 配置漏洞可能导致数据泄露
  • [ ] “源”聚创新力量，“洞”见安全未来：360漏洞云亮相GOGC，共促开源漏洞安全发展
  • [ ] 捷克移动用户成为新银行凭证盗窃计划的目标
• obaby@mars
  • [ ] Centos 7 安装PyMuPDF
• CXSECURITY Database RSS Feed - CXSecurity.com
  • [ ] SourceCodester Computer Laboratory Management System 1.0 (manage_item.php) - SQL Injection
  • [ ] used_car_showroom-1.0-2024 Multiple-SQLi
• 奇安信攻防社区
  • [ ] .NET恶意软件Dark Crystal RAT的详细样本分析
• Armin Ronacher's Thoughts and Writings
  • [ ] Rye and uv: August is Harvest Season for Python Packaging
• Flanker Sky
  • [ ] 魔形女再袭？最新Android通杀漏洞CVE-2024-31317分析与利用研究
• Trustwave Blog
  • [ ] Trustwave Earns Dual Honors in ISG’s 2024 Provider Lens™ Quadrant Reports
• Files ≈ Packet Storm
  • [ ] Debian Security Advisory 5756-1
  • [ ] Debian Security Advisory 5755-1
  • [ ] Debian Security Advisory 5754-1
  • [ ] Debian Security Advisory 5753-1
  • [ ] Debian Security Advisory 5752-1
  • [ ] Ubuntu Security Notice USN-6965-1
  • [ ] Ubuntu Security Notice USN-6966-2
  • [ ] Ubuntu Security Notice USN-6944-2
  • [ ] Online Diagnostic Lab Management System 1.0 Arbitrary File Upload
  • [ ] Online Banking System 1.0 Cross Site Request Forgery
  • [ ] Music Gallery Site 1.0 Cross Site Request Forgery
  • [ ] Multi-Vendor Online Groceries Management System 1.0 Cross Site Request Forgery
  • [ ] Medical Center Portal 1.0 Cross Site Request Forgery
  • [ ] Ubuntu Security Notice USN-6970-1
  • [ ] Event Registration and Attendance System 1.0 Cross Site Request Forgery
  • [ ] Cab Management System 1.0 Cross Site Request Forgery
  • [ ] Alphaware E-Commerce System 1.0 Code Injection
  • [ ] Red Hat Security Advisory 2024-5696-03
  • [ ] Red Hat Security Advisory 2024-5695-03
  • [ ] Red Hat Security Advisory 2024-5694-03
  • [ ] Red Hat Security Advisory 2024-5693-03
  • [ ] Red Hat Security Advisory 2024-5692-03
  • [ ] Red Hat Security Advisory 2024-5690-03
  • [ ] Red Hat Security Advisory 2024-5689-03
  • [ ] Red Hat Security Advisory 2024-5662-03
• Security Boulevard
  • [ ] Backdoor in RFID Cards for Offices, Hotels Can Lead to Instant Cloning
  • [ ] 2024 Identity Breach Report: Navigating the GenAI Attack Revolution
  • [ ] Gartner Report: Implement a Continuous Threat Exposure Management (CTEM) Program
  • [ ] How CTI Analysts Use Threat-Informed Defense to Overcome Top Challenges
  • [ ] Enhance Your Identity Governance and Administration Strategy
  • [ ] Randall Munroe’s XKCD ‘Ferris Wheels’
  • [ ] What’s New in CodeSonar 8.2
  • [ ] How Pen Testing is Evolving and Where it’s Headed Next
  • [ ] USENIX Security ’23 – ICSPatch: Automated Vulnerability Localization And Non-Intrusive Hotpatching In Industrial Control Systems Using Data Dependence Graphs
  • [ ] Patch Tuesday not Done ’til LINUX Won’t Run?
• Recent Commits to cve:main
  • [ ] Update Wed Aug 21 22:21:48 UTC 2024
  • [ ] Update Wed Aug 21 14:35:20 UTC 2024
  • [ ] Update Wed Aug 21 06:32:46 UTC 2024
• 嘶吼 RoarTalk – 网络安全行业综合服务平台,4hou.com
  • [ ] XCon2024完整版参会攻略，速速来看，果断收藏~~
  • [ ] 丰田网络后台遭黑客入侵 大量数据被泄露
  • [ ] 2024 年 7 月头号恶意软件：Remcos 和 RansomHub 大行其道
• Filippo Valsorda
  • [ ] Let’s All Agree to Use Seeds as ML-KEM Keys
• cloud world
  • [ ] Notion 如何处理 2000 亿个数据实体？
• Horizon3.ai
  • [ ] Mastering Cloud Security: Uncovering Hidden Vulnerabilities with NodeZero™
• Trail of Bits Blog
  • [ ] “YOLO” is not a valid hash construction
• Malwarebytes
  • [ ] Fraudulent Slack ad shows malvertiser’s patience and skills
  • [ ] My child had her data stolen—here’s how to protect your kids from identity theft
  • [ ] Man certifies his own (fake) death after hacking into registry system using stolen identity
  • [ ] National Public Data leaked passwords online
  • [ ] Toyota confirms customer and employee data stolen, says breach at third party to blame
• Toooold
  • [ ] Agentic Systems: Snake Oil or the Future of AI?
• FreeBuf网络安全行业门户
  • [ ] 安恒信息总裁离职，转头创业开起了大排档，你怎么看？
  • [ ] WPS今天突然崩了，补偿15天会员
  • [ ] FreeBuf早报 | 伊朗黑客对特朗普竞选进行攻击；印度国家支付系统部分中断
  • [ ] CannonDesign遭勒索软件攻击，导致客户数据泄露
  • [ ] 攻击手法罕见！ESET披露最新网络钓鱼活动，专门针对Android、iPhone用户
• rtl-sdr.com
  • [ ] Moving on from WXtoIMG for NOAA APT Weather Satellite Decoding
  • [ ] Exploring Russian and International Analog TV From Leaky Cable TV Networks via the Airspy Server Network
• 奇客Solidot–传递最新科技情报
  • [ ] 2023 年美国出生率再创新低
  • [ ] 丰田证实遭黑客入侵
  • [ ] 适度游戏有益身心健康
  • [ ] GIMP 3.0 接近发布
  • [ ] 美国法官阻止 FTC 的竞业禁止协议禁令
  • [ ] 迪士尼撤回受争议的强制仲裁动议
  • [ ] 大脑为一个记忆创建三个副本
  • [ ] 英伟达放弃专用的 G-Sync 模块
  • [ ] 微软上周释出的更新影响双系统用户
• 安全牛
  • [ ] 2024年上半年勒索攻击赎金支付再创新高，总额超32亿元；半数智利国民隐私信息因社保基金数据库配置不当泄露 | 牛览
  • [ ] 9款软件敏感信息检测工具特点分析
• HackerNews
  • [ ] 一大学遭遇 Msupedge 后门攻击
  • [ ] 印度国家支付系统部分中断：因供应商高风险漏洞迟迟不修后被黑
  • [ ] 攻击手法罕见！ESET 披露最新网络钓鱼活动，专门针对 Android、iPhone 用户
  • [ ] 乌克兰银行军事捐款服务遭“大规模” DDoS 攻击
  • [ ] 伊朗黑客组织 TA453 利用新型 AnvilEcho 恶意软件攻击犹太知名人物
  • [ ] 美国某知名建筑公司遭勒索软件攻击，1.3 万名客户数据被泄露
• 黑海洋 - WIKI
  • [ ] EdrawMind Pro 思维导图.安装版绿色版（持续更新）
  • [ ] Kazumi：动漫追番神器，无广告清爽免费看动画
• 代码卫士
  • [ ] Atlassian Bamboo Data Center and Server中存在RCE漏洞
  • [ ] CISA：严重的 Jenkins 漏洞已被用于勒索攻击
• 安全内参
  • [ ] 网安巨头Palo Alto市值逼近万亿规模：平台化战略成关键抓手
  • [ ] 覆盖700余种风险，MIT发布最全AI风险数据库
• 黑奇士
  • [ ] CEO吴泳铭居然不是阿里这季财报的最大功臣？
• 吾爱破解论坛
  • [ ] 【Android 原创】Fake Location 1.3.2.2专业版破解教程(虚拟定位软件)
• 丁爸 情报分析师的工具箱
  • [ ] 【视频解读】摩萨德间谍和波兰特工如何获取机密情报
• 奇安信病毒响应中心
  • [ ] Rhysida勒索家族分析报告
• 安全研究GoSSIP
  • [ ] G.O.S.S.I.P 阅读推荐 2024-08-21 击败波加查？
• CNCERT国家工程研究中心
  • [ ] 丰田再发数据泄露事件，涉及240GB员工和客户信息
  • [ ] 微软禁用 BitLocker 安全修复程序，建议手动缓解
  • [ ] 某A股上市公司疑似泄漏2.3TB数据
• 数世咨询
  • [ ] NIST最终确定量子加密新标准
• 国家互联网应急中心CNCERT
  • [ ] 网络安全信息与动态周报2024年第33期（8月12日-8月18日）
• 奇安信威胁情报中心
  • [ ] 补贴钓鱼花样多，请看好个人”钱包”
• dotNet安全矩阵
  • [ ] .NET 一款内网收集本地用户哈希的工具
  • [ ] 2024hvv | 29套.NET系统漏洞威胁情报(08.21更新)
  • [ ] .NET 安全基础入门学习知识库
• 极客公园
  • [ ] 小米 SU7 Ultra，让比亚迪腾势给造出来了，只要 33 万
  • [ ] 后·移动互联网时代，谁是第一个 DAU 破亿的产品？
  • [ ] 黑神话上线首日在线超两百万，破 Steam 记录；特斯拉 Semi 发生严重火灾致高速封闭；淘特已接入微信支付 | 极客早知道
• 嘶吼专业版
  • [ ] XCon2024完整版参会攻略，速速来看，果断收藏~~
  • [ ] 丰田网络后台遭黑客入侵 大量数据被泄露
• KCon 黑客大会
  • [ ] 倒计时3天！KCon 2024 必备「参会指南」请查收！
• 情报分析师
  • [ ] 全球最全武器装备资源大公开
  • [ ] 【连载】美国正在为即将到来的高科技战争做准备(五）
• 中国信息安全
  • [ ] 通知 | 中央网信办 工信部联合印发《全国重点城市IPv6流量提升专项行动工作方案》（附全文）
  • [ ] 权威解读 | 《全国重点城市IPv6流量提升专项行动工作方案》解读
  • [ ] 前沿 | 软法视域下人工智能的标准化治理
  • [ ] 关注 | 反网暴新规落地，平台如何构建预警机制？“吃瓜群众”如何避免成为“帮凶”？
  • [ ] 观点 | 个人信息保护与数据有序使用要平衡发展
  • [ ] 法治 | 整治利用“网红儿童”牟利乱象，平台如何做好“把关人”？
  • [ ] 一图读懂 | 《全国重点城市IPv6流量提升专项行动工作方案》
• 关键基础设施安全应急响应中心
  • [ ] 大模型的安全风险及应对建议
  • [ ] 黑客利用Xeon Sender发起大规模短信钓鱼攻击
  • [ ] 印度国家支付系统部分中断：因供应商高风险漏洞迟迟不修后被黑
• 字节跳动安全中心
  • [ ] 【爆！0元购】师傅速来 字节中秋礼盒0元购
• Beacon Tower Lab
  • [ ] 【0821】重保演习每日情报汇总
• 字节跳动技术团队
  • [ ] Kitex Thrift Streaming 在字节跳动 Prompt 平台的实践
  • [ ] 【线下席位最后30个！】掘金AI Talk沙龙-深圳站《AOP 框架在永劫无间手游 Copilot 的应用实践》分享内容提前享！
• 补天平台
  • [ ] 2024补天定制中秋礼盒来啦！精美周边+美味月饼
• Securityinfo.it
  • [ ] Phishing laterale: una minaccia crescente per le aziende
• 迪哥讲事
  • [ ] 让XSS漏洞无处遁形！0x1
• HACKMAGEDDON
  • [ ] 1-15 May 2024 Cyber Attacks Timeline
• Over Security - Cybersecurity news aggregator
  • [ ] Man sentenced for hacking state registry to fake his own death
  • [ ] Google fixes ninth Chrome zero-day exploited in attacks this year
  • [ ] FAA proposes new cybersecurity rules for airplanes
  • [ ] Hackers steal banking creds from iOS, Android users via PWA apps
  • [ ] Microsoft to roll out Windows Recall to Insiders in October
  • [ ] Microsoft to rollout Windows Recall to Insiders in October
  • [ ] Financial firm fined $850k for violating SEC cyber rules
  • [ ] QNAP adds NAS ransomware protection to latest QTS version
  • [ ] Typing these four characters could crash your iPhone
  • [ ] Litespeed Cache bug exposes millions of WordPress sites to takeover attacks
  • [ ] Phrack hacker zine publishes new edition after three years
  • [ ] What is Malware? Understanding, Prevention, and Protection
  • [ ] Microchip Technology says operations disrupted by cyberattack
  • [ ] August Windows security update breaks dual boot on Linux systems
  • [ ] Threat Thursday: STRRat Malware
  • [ ] GitHub Enterprise Server vulnerable to critical auth bypass flaw
  • [ ] Contrastata nuova campagna Vidar diffusa via PEC
  • [ ] Moscow detains scientist suspected of carrying out DDoS attacks on Russia
  • [ ] Euro forger who produced EUR 11 million in fake bills arrested in Italy | Europol
  • [ ] Rewriting Hysteria: Rising Abuse of URL Rewriting in Phishing - Perception Point
  • [ ] ‘Pro-Palestine’ hacking group banned on X as US criticizes Iran over cyberattacks
  • [ ] 1-15 May 2024 Cyber Attacks Timeline
  • [ ] Phishing laterale: una minaccia crescente per le aziende
  • [ ] Exploits and vulnerabilities in Q2 2024
  • [ ] MoonPeak malware from North Korean actors unveils new details on attacker infrastructure
  • [ ] ~/redTeam/comsvcs-lsass.dump
• SANS Internet Storm Center, InfoCON: green
  • [ ] ISC Stormcast For Wednesday, August 21st, 2024 https://isc.sans.edu/podcastdetail/9106, (Wed, Aug 21st)
  • [ ] Mapping Threats with DNSTwist and the Internet Storm Center [Guest Diary], (Tue, Aug 20th)
• Schneier on Security
  • [ ] Story of an Undercover CIA Agent who Penetrated Al Qaeda
• Securelist
  • [ ] Exploits and vulnerabilities in Q2 2024
• Instapaper: Unread
  • [ ] NIST Releases First Post-Quantum Encryption Algorithms
  • [ ] Digital Detectives vs. Android 14 overcoming new forensic challenges
  • [ ] The State of Ransomware
  • [ ] Secure by Design iOS 18”s privacy evolution and its impact on the DFIR
  • [ ] Hacking Wireless Bicycle Shifters
  • [ ] Data breach The StormouS group exfiltrates 100GB from the servers of the Italian company Teleco srl
  • [ ] Gli hack-tivisti pro Palestina “bucano” la Ferrari
• NetSPI
  • [ ] An Introduction to GCPwn – Parts 2 and 3
• Graham Cluley
  • [ ] The AI Fix #12: AI made from human brain cells, and is there life after death?
• The Hacker News
  • [ ] Microsoft Patches Critical Copilot Studio Vulnerability Exposing Sensitive Data
  • [ ] North Korean Hackers Deploy New MoonPeak Trojan in Cyber Campaign
  • [ ] It's Time To Untangle the SaaS Ball of Yarn
  • [ ] Styx Stealer Creator's OPSEC Fail Leaks Client List and Profit Details
  • [ ] New macOS Malware TodoSwift Linked to North Korean Hacking Groups
  • [ ] CERT-UA Warns of New Vermin-Linked Phishing Attacks with PoW Bait
  • [ ] GiveWP WordPress Plugin Vulnerability Puts 100,000+ Websites at Risk
• TorrentFreak
  • [ ] Webtoon Targets 170+ Pirate Domains Through DMCA Subpoena
  • [ ] Kakao Reveals Anti-Piracy Successes, Legal Action Against Major Manga Sites
• The Register - Security
  • [ ] You probably want to patch this critical GitHub Enterprise Server bug now
  • [ ] 110K domains targeted in 'sophisticated' AWS cloud extortion campaign
  • [ ] Russia tells citizens to switch off home surveillance because the Ukrainians are coming
  • [ ] Deadbeat dad faked his own death by hacking government databases
  • [ ] Chipmaker Microchip reveals cyber attack whacked manufacturing capacity
• Posts By SpecterOps Team Members - Medium
  • [ ] Life at SpecterOps: The Red Team Dream
  • [ ] Teach a Man to Phish
• Computer Forensics
  • [ ] iCloud collection - especially backups
  • [ ] Call For Papers - Hackfest 2024 - Quebec City, Canada
• Technical Information Security Content & Discussion
  • [ ] BLUUID: Firewallas, Diabetics, And… Bluetooth
  • [ ] Call For Papers - Hackfest 2024 - Quebec City, Canada
• Your Open Hacker Community
  • [ ] John the ripper help
  • [ ] Get access to a computer
• Deeplinks
  • [ ] Geofence Warrants Are 'Categorically' Unconstitutional | EFFector 36.11
• Palo Alto Networks Blog
  • [ ] AI in OT Security — Balancing Industrial Innovation and Cyber Risk
• Security Affairs
  • [ ] Experts disclosed a critical information-disclosure flaw in Microsoft Copilot Studio
  • [ ] North Korea-linked APT used a new RAT called MoonPeak
  • [ ] Pro-Russia group Vermin targets Ukraine with a new malware family
  • [ ] A backdoor in millions of Shanghai Fudan Microelectronics RFID cards allows cloning
• Information Security
  • [ ] The Inductees May 2024
  • [ ] Cyber Briefing 21-08-2024
• Blackhat Library: Hacking techniques and research
  • [ ] A curated and opinionated list of hacking with JavaScript resources
  • [ ] Is there a DIY/open source version of a Wifi Pineapple?
• netsecstudents: Subreddit for students studying Network Security and its related subjects
  • [ ] Understanding Game Theory for Cybersecurity
  • [ ] New PG_MEM Malware Targets PostgreSQL Databases to Mine Cryptocurrency Night Sky
  • [ ] Understanding Software Exploitation beyond Buffer Overflow
  • [ ] learning web pentesting
• Deep Web
  • [ ] DoingFedTime
  • [ ] Looking for a deepweb ai named whispering with the beast
  • [ ] I'm finding a person that can do some quick searches for me on deep/dark web, I'm trying to gain information on a particular scientific topic, and I'm checking its legitimacy. I very highly think there's a good amount of info present there about this topic.
• Social Engineering
  • [ ] How does one get through to people?