chainreactors / picker

将repo变成RSS订阅,文章整理归档, 讨论的社区

GNU General Public License v3.0

110 stars 19 forks source link

[每日信息流] 2024-09-06 #640

Closed chainreactorbot closed 1 month ago

chainreactorbot commented 2 months ago

每日安全资讯（2024-09-06）

SecWiki News
- [ ] SecWiki News 2024-09-05 Review
Doonsec's feed
- [ ] 《网络数据安全管理条例(草案)》审议通过，分级分类再引热议！
- [ ] 倒计时3天！2024中国（厦门）国际警安法务科技展即将开幕
- [ ] 用DLNA投屏链接下载手机APP视频
- [ ] 秦安：普京出访蒙古，逮捕令、生物实验室、稀土和中国，都很敏感
- [ ] 王常胜：被动挨打不还手不是开战，主动出击降伏敌人也不是开战
- [ ] 羊城杯2024 WP
- [ ] 用友NC show_download_content SQL注入漏洞复现及POC
- [ ] u200b用友UFIDA NC portal/pt/file/upload接口存在任意文件上传漏洞附POC
- [ ] X管家listUploadIntelligent.htm接口存在sql注入附POC
- [ ] 9.5hvv情报
- [ ] 【资讯】关于共筑新时代全天候中非命运共同体的北京宣言（全文）
- [ ] 【资讯】国家网信办发布《2024年数字化绿色化协同转型发展优秀案例征集活动公告》
- [ ] 【资讯】工信部印发《中外中小企业合作区管理暂行办法》
- [ ] 【资讯】北京市通管局发布《关于开展2024年电信和互联网行业网络与数据安全检查的通知》
- [ ] 豆包招聘速递｜豆包大模型 Vision 团队热招中
- [ ] 向250万个主机发送5亿次HTTP请求
- [ ] 三大技术都有的零信任厂商，他来打擂了！
- [ ] Linux取证收集工具
- [ ] 百度热搜出商推，跟进
- [ ] 【《地图上的中国通史》】豆瓣9.4，畅销百年
- [ ] 从“有”到“优”，中山市网络安全能力如何实现华丽转身？
- [ ] 恶意软件攻击者使用 MacroPack 进行 Havoc、Brute Ratel 和 PhantomCore
- [ ] “图灵计划”2023级师生见面会
- [ ] G.O.S.S.I.P 阅读推荐 2024-09-05 用PDF做点坏事
- [ ] SpEL表达式注入漏洞总结
- [ ] 第八届美亚杯团体赛-朗尼计算机题解（虚拟货币取证）
- [ ] 第五届国际反病毒大会，理解“运行对抗”，筑牢网空防线
- [ ] 一图读懂强制性国家标准GB 44495—2024《汽车整车信息安全技术要求》
- [ ] SOA软件架构设计与开发-自动驾驶系统架构师在线证书培训课程（高级班）
- [ ] 一图读懂强制性国家标准GB 44496—2024《汽车软件升级通用技术要求》
- [ ] 【漏洞复现】赛蓝企业管理系统 EHR_Holidays_SubmitUploadify 任意文件上传漏洞
- [ ] 别让“特殊门槛”毁了网络安全
- [ ] 盘点15个臭名昭著的网络病毒或恶意软件
- [ ] 汤道生：数智共生、全球一体，共筑增长新引擎
- [ ] 6大产品升级+1个最佳实践！腾讯安全重磅发布
- [ ] 人工智能时代，滴滴 OrangeFS 数据湖存储的探索与实践
- [ ] nuclei+burp 快速构建护网漏洞武器库！！
- [ ] 超高危 Wordpress RCE漏洞 CVE-2024-5932 全网资产 5W+ 附POC
- [ ] 倒计时7天！CCS2024「大模型安全与产业应用创新研讨活动」诚邀你来
- [ ] 某视讯平台存在敏感目录文件泄露漏洞
- [ ] 不乱于心，不困于情。不念过往，不畏将来。如此，安好。
- [ ] 新一代实验分析引擎：驱动履约平台的数据决策
- [ ] 校招 | 美团基础研发平台，心动Offer等你来！
- [ ] 社招｜美团Keeta技术岗位热招中，邀你共赴星辰大海！
- [ ] 非常适合≠符合要求
- [ ] 新型供应链攻击手法 — “Revival Hijack”
- [ ] 盛邦安全出席第二届网络空间安全（天津）论坛信创产业安全发展主题论坛
- [ ] 喜报|火绒受邀加入国家计算机病毒协同分析平台并荣获“天网杯”网络安全大赛奖项
- [ ] 分享图片
- [ ] 斩获佳绩 | 众智维科技AI+安全场景闯入决赛
- [ ] 本周六，一份南京双碳产业大会邀请函请你查收！
- [ ] PPT解读商用密码法律法规及标准体系（附下载）
- [ ] tomcat批量弱口令检测工具 -- TomcatWeakPassChecker
- [ ] 2024年哪一款手机适合买给爸爸妈妈？送长辈用的手机推荐大全（9月更新）
- [ ] 【LSP专享】更新56位抖音女主播直播录屏，助眠视频思思魔丸高清视频1V
- [ ] 通知 | 工信部等十一部门联合发文推动新型信息基础设施协调发展（附全文）
- [ ] 抗量子密码：为全球网络安全筑起新防线
- [ ] 4问+1图 | 读懂《关于推动新型信息基础设施协调发展有关事项的通知》
- [ ] 山东区块链研究院多项成果入选《2024数字信任产业图谱》
- [ ] 俄罗斯版“微信”遭黑客入侵，泄露3.9亿条用户数据
奇安信攻防社区
- [ ] 转载|保姆级教程---前端加密的对抗（附带靶场）
- [ ] Solon框架注入内存马
Twitter @Nicolas Krassas
- [ ] Lowe's employees phished via Google ads https://www.malwarebytes.com/blog/cybercrime/2024/09/lowes-employees-phished-via-google-ads
- [ ] Patch diffing CVE-2024-30078 - Windows Wi-Fi Driver RCE Vulnerability https://www.reddit.com/r/ReverseEngineering/comments/1f9qb3m/patch_diffing_cve20...
- [ ] U.S. Seizes 32 Pro-Russian Propaganda Domains in Major Disinformation Crackdown https://thehackernews.com/2024/09/us-seizes-32-pro-russian-propaganda....
- [ ] Musician charged with $10M streaming royalties fraud using AI and bots https://www.bleepingcomputer.com/news/security/musician-charged-with-10m-stream...
- [ ] RT CODE WHITE GmbH: Better patch your Veeam Backup & Replication servers! Full system takeover via CVE-2024-40711, discovered by our very own @frycos ...
- [ ] 4 exploits, 1 bug: exploiting CVE-2024-20017 4 different ways http://0.0.0.0:4000/0day/2024/08/30/exploiting-CVE-2024-20017-four-different-ways.html
- [ ] Web3’s Billion-Dollar Bleeding: Cybercrime in DeFi https://securityonline.info/web3s-billion-dollar-bleeding-cybercrime-in-defi/
- [ ] Long Analysis of the M-209 https://www.schneier.com/blog/archives/2024/09/long-analysis-of-the-m-209.html
- [ ] Banking Trojans: Mekotio Looks to Expand Targets, BBTok Abuses Utility Command https://www.trendmicro.com/en_us/research/24/i/banking-trojans-mekotio-...
- [ ] Is Russian group APT28 behind the cyber attack on the German air traffic control agency (DFS)? https://securityaffairs.com/168070/apt/apt28-cyber-atta...
- [ ] Fake OnlyFans cybercrime tool infects hackers with malware https://www.bleepingcomputer.com/news/security/fake-onlyfans-cybercrime-tool-infects-hacker...
- [ ] The fingerpointing starts as cyber incident at London transport body continues https://go.theregister.com/feed/www.theregister.com/2024/09/05/the_fing...
- [ ] Validate your Windows Audit Policy Configuration with KQL https://blog.nviso.eu/2024/09/05/validate-your-windows-audit-policy-configuration-with-kql/
- [ ] Malware Attackers Using MacroPack to Deliver Havoc, Brute Ratel, and PhantomCore https://thehackernews.com/2024/09/malware-attackers-using-macropack-t...
- [ ] Re @haxor31337 Give it time and also set priorities. Family comes first. After some years balance will be achieved also and you will have your rhythm
- [ ] Security biz Verkada to pay $3m penalty under deal that also enforces infosec upgrade https://go.theregister.com/feed/www.theregister.com/2024/09/05/v...
- [ ] Planned Parenthood confirms cyberattack as RansomHub claims breach https://www.bleepingcomputer.com/news/security/planned-parenthood-confirms-cyberatt...
Security Boulevard
- [ ] An Introduction to Trackers and the Data They Collect
- [ ] USENIX Security ’23 – UnGANable: Defending Against GAN-based Face Manipulation
- [ ] Managing Certificate Chaos After Google’s Entrust Distrust
- [ ] Randall Munroe’s XKCD ‘Lava Lakes’
- [ ] Understanding Quantum Threats and How to Secure Data with Post-Quantum Cryptography
- [ ] Hackers Want Your Customers’ Data: It’s Time to Hit Back
- [ ] BlindEagle Targets Colombian Insurance Sector with BlotchyQuasar
- [ ] Storage & Data Protection Trends & Innovations To Watch in 2025
- [ ] USENIX Security ’23 – FACE-AUDITOR: Data Auditing in Facial Recognition Systems
- [ ] How StorageGuard Can Assist With CISA’s Advised Mitigations For Newly Emerged BlackSuit Ransomware
Files ≈ Packet Storm
- [ ] ASUS RT-AC3200 3.0.0.4.382.50010 Command Injection
- [ ] Clam AntiVirus Toolkit 1.4.1
- [ ] Debian Security Advisory 5766-1
- [ ] ASIS 3.2.0 SQL Injection
- [ ] Ubuntu Security Notice USN-6993-1
- [ ] Ubuntu Security Notice USN-6992-1
- [ ] Ubuntu Security Notice USN-6990-1
- [ ] Ubuntu Security Notice USN-6989-1
- [ ] Red Hat Security Advisory 2024-6360-03
- [ ] Red Hat Security Advisory 2024-6358-03
- [ ] Red Hat Security Advisory 2024-6357-03
- [ ] Red Hat Security Advisory 2024-6356-03
- [ ] Red Hat Security Advisory 2024-6355-03
- [ ] Red Hat Security Advisory 2024-6337-03
- [ ] Red Hat Security Advisory 2024-6336-03
- [ ] Red Hat Security Advisory 2024-6335-03
- [ ] Red Hat Security Advisory 2024-6313-03
- [ ] Red Hat Security Advisory 2024-6312-03
- [ ] Red Hat Security Advisory 2024-6311-03
- [ ] Red Hat Security Advisory 2024-6310-03
- [ ] Red Hat Security Advisory 2024-6309-03
- [ ] Red Hat Security Advisory 2024-6016-03
- [ ] Red Hat Security Advisory 2024-6013-03
Private Feed for M09Ic
- [ ] skelsec made skelsec/adiskreader-secretsdump public
- [ ] kpcyrd forked kpcyrd/AngryOxide from Ragnt/AngryOxide
- [ ] skelsec released 0.0.1 at skelsec/adiskreader-secretsdump
- [ ] skelsec released 0.0.8 at skelsec/aardwolfgui
- [ ] kpcyrd starred Ragnt/AngryOxide
- [ ] skelsec released 0.4.11 at skelsec/aiosmb
- [ ] skelsec released 0.2.9 at skelsec/aardwolf
- [ ] skelsec released 0.5.12 at skelsec/msldap
- [ ] 4ra1n made 4ra1n/poc-runner public
- [ ] 4ra1n released 0.0.1 at 4ra1n/poc-runner
- [ ] zema1 starred RuoJi6/HackerPermKeeper
- [ ] zema1 starred Ackites/KillWxapkg
- [ ] zema1 starred ihciah/rust2go
- [ ] zema1 starred wealeson1/wcpvs
- [ ] b1nhack starred mit-pdos/xv6-riscv
- [ ] glzjin starred WebFuzzing/EvoMaster
- [ ] glzjin starred jthack/ffufai
- [ ] zer0yu starred hanbufei/isCdn
- [ ] skelsec released 0.0.21 at skelsec/asyauth
- [ ] zer0yu starred shuanx/BurpFingerPrint
- [ ] skelsec released 0.2.13 at skelsec/asysocks
- [ ] b1nhack starred mit-pdos/xv6-public
- [ ] INotGreen started following zhzyker
- [ ] Safe3 forked Safe3/ip2region-xdb from alading89/ip2region-xdb
- [ ] wuhan005 starred mangiucugna/json_repair
- [ ] skelsec released 0.0.2 at skelsec/webhooktest
- [ ] skelsec released 0.0.1 at skelsec/webhooktest
- [ ] skelsec created a repository skelsec/webhooktest
- [ ] 4ra1n starred byt3bl33d3r/ItWasAllADream
- [ ] outflanknl made outflanknl/macho-loader public
Trustwave Blog
- [ ] Trustwave Named Frost & Sullivan Company of the Year
Recent Commits to cve:main
- [ ] Update Thu Sep 5 22:34:37 UTC 2024
- [ ] Update Thu Sep 5 14:39:44 UTC 2024
- [ ] Update Thu Sep 5 06:40:34 UTC 2024
嘶吼 RoarTalk – 网络安全行业综合服务平台,4hou.com
- [ ] 专访盛邦安全董事长权小文：不做保安做保镖，卫星互联网安全需坚持“长期主义”
- [ ] 2024 年上半年勒索软件赎金达 4.5 亿美元创历史新高
一个被知识诅咒的人
- [ ] 深入掌握 Go 语言中的数值类型与循环技巧
- [ ] 深入理解 Go 中的 defer、panic 、日志管理与WebAssembly
NVISO Labs
- [ ] Validate your Windows Audit Policy Configuration with KQL
Reverse Engineering
- [ ] Patch diffing CVE-2024-30078 - Windows Wi-Fi Driver RCE Vulnerability
Hex Rays
- [ ] Unveiling IDA Pro 9.0: C++ Exceptions Support in the Decompiler
Trail of Bits Blog
- [ ] What would you do with that old GPU?
GuidePoint Security
- [ ] Building a Hardware Hacking Arsenal: The Right Bits for Every Byte
Malwarebytes
- [ ] Lowe’s employees phished via Google ads
- [ ] Planned Parenthood partly offline after ransomware attack
Hexacorn
- [ ] The art of overDLLoading
- [ ] Technical debt of C:\Windows\System path
FreeBuf网络安全行业门户
- [ ] FreeBuf早报 | OpenAI前首席科学家创立AI安全公司；美英欧将签署人工智能标准协议
- [ ] 红队工具MacroPack已被攻击者滥用
- [ ] 0day的产生 | 文件读取深度利用
- [ ] 新型PyPI攻击技术可能导致超2.2万软件包被劫持
安全牛
- [ ] 专访盛邦安全董事长权小文：不做保安做保镖，卫星互联网安全需坚持“长期主义”
奇客Solidot–传递最新科技情报
- [ ] 华为 AI 芯片受困于 Bug 和性能
- [ ] 伪造学历的南非铁路客运集团前首席工程师被判 15 年徒刑
- [ ] 法庭裁决互联网档案馆的数字借阅不是合理使用
- [ ] Snapchat 将在用户消息旁放置广告
- [ ] WHO 委托的研究称脑癌与手机使用无关
- [ ] 宏碁推出了它的 AMD APU 掌机 Nitro Blaze 7
- [ ] Telegram 与韩国合作删除部分深度伪造色情视频
HackerNews
- [ ] 红队工具 MacroPack 已被攻击者滥用
- [ ] 根治 BGP！美国发布互联网路由安全路线图
- [ ] 黑客 HikkI-Chan，今年以来已攻击美国、俄罗斯、以色列等
- [ ] 战略转向！勒索软件正在肆虐东南亚地区
- [ ] 针对 Windows 内核权限提升 0day 漏洞(CVE-2024-38106)的 PoC 已发布
- [ ] 研究人员发现一种针对 Python 包索引 (PyPI) 注册表的新型供应链攻击技术已被广泛利用
- [ ] 美国联邦调查局：朝鲜积极攻击加密货币公司
- [ ] 美国某州计划生育协会确认遭入侵，近 100GB 敏感数据被泄露
黑海洋 - WIKI
- [ ] 安卓app 一键安装Debian 12 +xfce桌面
- [ ] nekobox 安卓支持设置链式代理的v2客户端
- [ ] 使用docker安装chrome浏览器
奇安信 CERT
- [ ] 公开的隐秘：CVE-2024-30051在野提权漏洞研究
腾讯玄武实验室
- [ ] 每日安全动态推送(9-5)
体验盒子
- [ ] 2024免费在线影视/动漫番剧优质网站，汇总更新
Black Hills Information Security
- [ ] How to Put Yourself Out There – Networking on Social Media
- [ ] How to Get a Job in Cybersecurity
吾爱破解论坛
- [ ] 【原创】音频采样率转换的研究与Rust代码实现
奇安信威胁情报中心
- [ ] 公开的隐秘：CVE-2024-30051在野提权漏洞研究
安全内参
- [ ] 网络攻击影响国家金融稳定！外媒称伊朗被迫支付超2000万元赎金
- [ ] 报告：活跃的勒索软件团伙在2024年激增56%
慢雾科技
- [ ] 观点｜国际合作执法将成打击加密货币犯罪的大趋势
关键基础设施安全应急响应中心
- [ ] 法律如何应对人工智能的发展
- [ ] 战略转向！勒索软件正在肆虐东南亚地区
- [ ] 黑客HikkI-Chan，今年以来已攻击美国、俄罗斯、以色列等
极客公园
- [ ] 「搜索」迈入 3.0 时代
- [ ] 腾讯云升级 AI 全家桶，混元对标 GPT-4o
- [ ] MiniMax，也许做出了最接近 Sora 的文生视频产品
- [ ] OpenAI 前科学家新公司融资 10 亿美元；飞书 CEO：今年 ARR 超 3 亿美元；淘宝计划接入微信支付 | 极客早知道
dotNet安全矩阵
- [ ] .NET基础 | 实战详解 csc.exe 编译技术
- [ ] .NET 安全攻防知识交流社区
- [ ] .NET 一款无Python环境下支持运行脚本的渗透工具
- [ ] .NET 一款在线解密Web.config的脚本
- [ ] Freebuf 推荐 | 一个顶级的安全攻防知识库
- [ ] .NET 一款用于解密web.config配置的工具
KCon 黑客大会
- [ ] KCon 2024 特别售后篇：欢迎参加有奖满意度调研～
青藤云安全
- [ ] 国家网安周 | 青藤邀您相约2024国家网络安全宣传周
安全研究GoSSIP
- [ ] G.O.S.S.I.P 阅读推荐 2024-09-05 用PDF做点坏事
火绒安全
- [ ] 喜报|火绒受邀加入国家计算机病毒协同分析平台并荣获“天网杯”网络安全大赛奖项
专注安管平台
- [ ] SANS 2024年SOC调查报告解读
代码卫士
- [ ] 思科修复已有 PoC 的根提权漏洞
- [ ] “复活劫持”供应链攻击威胁2.2万个PyPI包的安全
- [ ] 黑客在思科商店注入恶意JS，窃取信用卡和凭据
百度安全实验室
- [ ] 倒计时7天！CCS2024「大模型安全与产业应用创新研讨活动」诚邀你来
情报分析师
- [ ] 培养开源情报调查的思维方式和创造力提升分析效率
- [ ] 【连载】美国正在为高科技战争做准备(七）
嘶吼专业版
- [ ] 2024 年上半年勒索软件赎金达 4.5 亿美元创历史新高
中国信息安全
- [ ] 可信数据空间 | 启明星辰数据要素安全流通平台正式发布
- [ ] 报名开启 | CCS 2024成都网络安全系列活动——国家漏洞库网络安全漏洞治理产业协同创新研讨活动
- [ ] 聚焦 | 2024外滩大会今日起在上海黄浦举办
- [ ] 关注 | 公安机关网安部门指导互联网平台强化自律自治
- [ ] 专家观点 | 如何让人工智能实现认知正义
- [ ] 评论 | 整治“人肉开盒”，不妨换个思路
- [ ] 评论 | 把未成年人模式建设好、运用好
山石网科安全技术研究院
- [ ] 2024年羊城杯粤港澳大湾区网络安全大赛WP-Reverse篇
深信服千里目安全技术中心
- [ ] 【漏洞通告】Apache OFBiz服务端请求伪造漏洞（CVE-2024-45507）
LuxSci
- [ ] LuxSci Unveils New Website and Branding – A New Era of Personalized Healthcare Engagement
CNCERT国家工程研究中心
- [ ] 人工智能大模型的数据治理
- [ ] Cicada3301 勒索软件的 Linux 加密器针对 VMware ESXi 系统
- [ ] 俄罗斯版“微信”遭黑客入侵，泄露3.9亿条用户数据
字节跳动安全中心
- [ ] “安全范儿”高校挑战赛｜三大赛道，开启全新赛制
360数字安全
- [ ] 周鸿祎谈360安全大模型：相当于已具备L4级“自动驾驶”
- [ ] 第二届“天网杯”网络安全大赛落幕，为新质生产力发展保驾护航
- [ ] 助力鸿蒙生态发展！三六零天御推HarmonyOS NEXT应用一体化安全保护方案
安全419
- [ ] 网络数据安全管理条例靴子落地企业如何应对更严苛的合规要求？
- [ ] CCS2024 多场创新研讨活动、技术交流活动议程公布
Securityinfo.it
- [ ] Il settore dell’istruzione è tra i principali bersagli degli attacchi informatici
- [ ] Proteggersi dal furto di account rendendo più sicuro il browser
白泽安全实验室
- [ ] 黑客泄露超过3.9亿俄罗斯社交平台VK用户数据
Over Security - Cybersecurity news aggregator
- [ ] Apache fixes critical OFBiz remote code execution vulnerability
- [ ] Microsoft removes revenge porn from Bing search using new tool
- [ ] US charges five Russian military hackers with targeting Ukraine’s government with destructive malware
- [ ] US posts indictments, rewards in Russia’s WhisperGate hacks against Ukraine
- [ ] Ransomware hackers threaten Montana branch of Planned Parenthood
- [ ] The best and worst ways to get users to improve their account security
- [ ] LiteSpeed Cache bug exposes 6 million WordPress sites to takeover attacks
- [ ] Russian military hackers linked to critical infrastructure attacks
- [ ] Colombian president suggests prior administration illegally sent $11 million in cash to Israel for spyware
- [ ] Musician charged with $10M streaming royalties fraud using AI and bots
- [ ] Watch our new documentary, "The Light We Keep: A Project PowerUp Story"
- [ ] Microchip Technology says employee contact info stolen by hackers during cyberattack
- [ ] Hacker trap: Fake OnlyFans tool backstabs cybercriminals, steals passwords
- [ ] Use of Predator spyware rebounds after a dip from Biden sanctions, researchers say
- [ ] US offers $1 million for details on alleged Russian hacker
- [ ] The Rise of Head Mare: A Geopolitical and Cybersecurity Analysis
- [ ] Veeam warns of critical RCE flaw in Backup & Replication software
- [ ] Penpie DeFi platform files reports with FBI, Singapore police after $27 million crypto theft
- [ ] Il settore dell’istruzione è tra i principali bersagli degli attacchi informatici
- [ ] Services disrupted as local council near GCHQ’s headquarters hit by cyberattack
- [ ] Iranian State-Sponsored Hackers Have Become Access Brokers for Ransomware Gangs
- [ ] Understanding Threat Intelligence Benefits for a Business
- [ ] Fake OnlyFans cybercrime tool infects hackers with malware
- [ ] Proteggersi dal furto di account rendendo più sicuro il browser
- [ ] Fusion Fireside #2: Threat Intelligence, Collaboration and Community with Teresa Walsh
- [ ] Tropic Trooper spies on government entities in the Middle East
- [ ] Planned Parenthood confirms cyberattack as RansomHub claims breach
IT Service Management News
- [ ] Gli uomini possono fare tutto (settembre 2024)
- [ ] Alcune riflessioni sulla "cyber resilience"
美团安全应急响应中心
- [ ] 你的中秋福利已上线！美团SRC预祝各位中秋佳节愉快
- [ ] 美团安全25届秋招启动，心动offer等你拿！
赛博昆仑CERT
- [ ] 【复现】 Apache OFBiz远程代码执行漏洞（CVE-2024-45507）风险通告
Schneier on Security
- [ ] Long Analysis of the M-209
Securelist
- [ ] Tropic Trooper spies on government entities in the Middle East
SANS Internet Storm Center, InfoCON: green
- [ ] Enrichment Data: Keeping it Fresh, (Fri, Sep 6th)
- [ ] ISC Stormcast For Thursday, September 5th, 2024 https://isc.sans.edu/podcastdetail/9126, (Thu, Sep 5th)
- [ ] Attack Surface [Guest Diary], (Wed, Sep 4th)
Il Disinformatico
- [ ] Pranzo dei Disinformatici 2024: aperte le iscrizioni. Ci troveremo sabato 5 ottobre
Instapaper: Unread
- [ ] Clearview AI Faces €30.5M Fine for Building Illegal Facial Recognition Database
- [ ] The New Effective Way to Prevent Account Takeovers
- [ ] Worried about the YubiKey 5 vulnerability Here's why I'm not
Graham Cluley
- [ ] Cicada ransomware – what you need to know
Trend Micro Research, News and Perspectives
- [ ] Banking Trojans: Mekotio Looks to Expand Targets, BBTok Abuses Utility Command
Qualys Security Blog
- [ ] Simplifying Azure Cloud Security with Snapshot-Based Scans
Security Affairs
- [ ] Veeam fixed a critical flaw in Veeam Backup & Replication software
- [ ] Earth Lusca adds multiplatform malware KTLVdoor to its arsenal
- [ ] Is Russian group APT28 behind the cyber attack on the German air traffic control agency (DFS)?
- [ ] Quishing, an insidious threat to electric car owners
Deeplinks
- [ ] EFF & 140 Other Organizations Call for an End to AI Use in Immigration Decisions
Your Open Hacker Community
- [ ] Having trouble trying to crack a zip file password
- [ ] Static Joomla website. Is it hackable?
The Hacker News
- [ ] Chinese-Speaking Hacker Group Targets Human Rights Studies in Middle East
- [ ] Veeam Releases Security Updates to Fix 18 Flaws, Including 5 Critical Issues
- [ ] U.S. Seizes 32 Pro-Russian Propaganda Domains in Major Disinformation Crackdown
- [ ] NIST Cybersecurity Framework (CSF) and CTEM – Better Together
- [ ] Malware Attackers Using MacroPack to Deliver Havoc, Brute Ratel, and PhantomCore
- [ ] New Cross-Platform Malware KTLVdoor Discovered in Attack on Chinese Trading Firm
- [ ] Cisco Fixes Two Critical Flaws in Smart Licensing Utility to Prevent Remote Attacks
Tor Project blog
- [ ] 'A newspaper without borders': Mediapart now available as .onion
The Register - Security
- [ ] Homeland security hopes to scuttle maritime cyber-threats with port infosec testbed
- [ ] White House’s new fix for cyber job gaps: Serve the nation in infosec
- [ ] Uncle Sam charges Russian GRU cyber-spies behind 'WhisperGate intrusions'
- [ ] Cisco's Smart Licensing Utility flaws suggest it's pretty dumb on security
- [ ] Quantum computing is coming – are you ready?
- [ ] Security boom is over, with over a third of CISOs reporting flat or falling budgets
- [ ] The fingerpointing starts as cyber incident at London transport body continues
- [ ] Security biz Verkada to pay $3M penalty under deal that also enforces infosec upgrade
- [ ] White House seizes 32 domains, issues criminal charges in massive election-meddling crackdown
- [ ] North Korean scammers plan wave of stealth attacks on crypto companies, FBI warns
TorrentFreak
- [ ] Internet Archive Loses Landmark E-Book Lending Copyright Appeal Against Publishers
Technical Information Security Content & Discussion
- [ ] Windows Wi-Fi Driver RCE Vulnerability - CVE-2024-30078
- [ ] A Security Analysis of Azure DevOps Job Execution
Computer Forensics
- [ ] Parser
Blackhat Library: Hacking techniques and research
- [ ] Patch diffing Windows Wi-Fi Driver RCE Vulnerability - CVE-2024-30078
ICT Security Magazine
- [ ] Regolamento DORA: tempi, contenuti e implicazioni di cybersecurity. 7Layers in prima fila
Social Engineering
- [ ] Debunking Chase Hughes
- [ ] Social climbing
Information Security
- [ ] Question about Account Ownership
- [ ] Meet Your Cyber Guardians: Types of Cyber Defense Teams
Deep Web
- [ ] Data extraction
netsecstudents: Subreddit for students studying Network Security and its related subjects
- [ ] Cyber Security Project Idea
Sector 7
- [ ] Pwn2Own Automotive 2024: Hacking the Autel MaxiCharger
Security Weekly Podcast Network (Audio)
- [ ] How to Make the World Quantum Safe - Vadim Lyubashevsky - ESW Vault