issues
search
chainreactors
/
picker
将你的repo变为讨论社区
GNU General Public License v3.0
104
stars
19
forks
source link
[每日信息流] 2024-09-20
#654
Open
chainreactorbot
opened
1 week ago
chainreactorbot
commented
1 week ago
每日安全资讯(2024-09-20)
SecWiki News
[ ]
SecWiki News 2024-09-19 Review
奇安信攻防社区
[ ]
一种颠覆防守方防守规则的流量隐藏方法
[ ]
利用LLVM解释器执行你的代码
Files ≈ Packet Storm
[ ]
Ubuntu Security Notice USN-7025-1
[ ]
htmly 2.9.9 Cross Site Scripting
[ ]
WordPress LMS 4.2.7 SQL Injection
[ ]
Nexus Repository Manager 3 Path Traversal
[ ]
Check Point Security Gateways Information Disclosure
[ ]
Telerik Report Server 2024 Q1 Authentication Bypass
[ ]
CVE-2024-26581 Checker
[ ]
Red Hat Security Advisory 2024-6850-03
[ ]
Red Hat Security Advisory 2024-6843-03
[ ]
Red Hat Security Advisory 2024-6842-03
[ ]
Red Hat Security Advisory 2024-6840-03
[ ]
Red Hat Security Advisory 2024-6839-03
[ ]
Red Hat Security Advisory 2024-6838-03
[ ]
Red Hat Security Advisory 2024-6837-03
[ ]
Red Hat Security Advisory 2024-6816-03
[ ]
Red Hat Security Advisory 2024-6786-03
[ ]
Red Hat Security Advisory 2024-6785-03
[ ]
Red Hat Security Advisory 2024-6784-03
[ ]
Red Hat Security Advisory 2024-6783-03
[ ]
Red Hat Security Advisory 2024-6782-03
[ ]
Red Hat Security Advisory 2024-6779-03
[ ]
Red Hat Security Advisory 2024-6765-03
[ ]
Red Hat Security Advisory 2024-6757-03
[ ]
Red Hat Security Advisory 2024-6755-03
[ ]
Red Hat Security Advisory 2024-6754-03
Security Boulevard
[ ]
Tackle Cyber Resilience Act requirements with our CRA checklist
[ ]
What is Network Security Automation?
[ ]
Sonatype can help you navigate DORA compliance
[ ]
USENIX NSDI ’24 – Flow Scheduling With Imprecise Knowledge
[ ]
Countering the Codex: The Rise of LLM Platform Abuse
[ ]
Training Your Team on the Security of CPS & IoT Systems
[ ]
Compliance webinar series: Understanding the Cyber Resilience Act
[ ]
Product Updates: Escape’s Advanced Jira Integration – Send Remediation Details to Your Developers
[ ]
Randall Munroe’s XKCD ‘Every Scientific Field’
[ ]
Century-Long Innovation: A Legacy of Outpacing Cyber Threats
Doonsec's feed
[ ]
Linux中Time Travel Debugging (TTD)
[ ]
一次十分详细的漏洞挖掘记录,新思路+多个高危
[ ]
中国人有福了!极氪汽车和以色列智驾公司Mobileye强强联合,加快在华技术落地
[ ]
工具更新-修复过数字杀毒注入的崩溃问题
[ ]
《网络安全标准实践指南——敏感个人信息识别指南》正式发布!(附全文)
[ ]
供应商泄露用户信息,甲方被罚近一亿元
[ ]
网络隐蔽通道构建关键技术研究综述
[ ]
专家解读 | 从中欧美比较的角度理解我国《人工智能安全治理框架》的特点
[ ]
BP机爆炸后,对讲机也爆炸了 | 网络+供应链攻击之迷
[ ]
世界黑客大会Black Hat USA 2024 全部文档
[ ]
【海外SRC赏金挖掘】供应链攻击,通过依赖投毒实现RCE(Dependency Confusion 漏洞)
[ ]
eBPF:云原生安全的超级英雄,重塑未来安全防御格局!
[ ]
世界最牛安全架构SAFE,它来了!
[ ]
【SRC】我们需要从JS文件里提取哪些信息?
[ ]
建了个SRC专项漏洞知识库
[ ]
Vidar-Team 信息安全协会2024招新啦!!!
[ ]
在单片机上开发汽车软件功能的几个关键错误
[ ]
SOA软件架构设计与开发-自动驾驶系统架构师在线证书培训课程(高级班)
[ ]
S32 汽车处理平台的安全架构
[ ]
百度副总裁陈洋:大模型让软件开发更高效、更安全
[ ]
2024健身打卡第 46 天
[ ]
脑洞大开的新型钓鱼方法 -- reCAPTCHA 网络钓鱼
[ ]
深度拆解滴滴国际化建站提效利器:环境差异配置管理
[ ]
传统网络安全与零信任网络安全的对比
[ ]
红队笑传之穿穿部-记一次攻防演练被某部委安全团队拷打全过程
[ ]
安芯网盾荣获CREST认证,网络安全服务能力获国际权威认可
[ ]
著名威胁行为者在违规论坛上发布的信息为此次行动提供了新线索,揭示了摩萨德和 8200 部队等以色列情报机构在复杂破坏行动中的影响
[ ]
真主党仍然受到攻击,黎巴嫩的大规模寻呼机爆炸的第二天, 真主党成员的无线电设备对讲机开始在黎巴嫩集体爆炸!
[ ]
德国当局关闭了 47 家网络犯罪分子使用的加密货币交易所
[ ]
寻呼机在生产和运输过程中被篡改,恐怖的供应链!
[ ]
暗网新倒计时:Orca 勒索软件进入网络犯罪世界
[ ]
独家!揭秘黎巴嫩传呼机、对讲机两轮爆炸背后的“供应链战争”
[ ]
首批!360安全大模型获中国信通院基础网络安全能力评估认证
[ ]
web选手入门pwn(20) ——csu+magic
[ ]
“BP机爆炸”事件 可能重新定义未来的网络战
[ ]
CertiK:Ventures宣布4500万美元投资计划,Token Scan等社区安全工具免费开放
[ ]
【安全圈】黎巴嫩再发生爆炸事件,这次是对讲机
[ ]
【安全圈】随着欧洲刑警组织关闭加密聊天应用程序 Ghost ,全球犯罪受到打击
[ ]
【安全圈】建筑行业会计软件Foundation遭受攻击,威胁行为者利用MSSQL漏洞进行入侵
[ ]
安全聘 | 小米诚邀您的加入
[ ]
小红书推出AIGC加速新算法TDD
[ ]
金融监管总局:金融机构应加强App数据安全管理、建立移动应用个人信息保护制度
[ ]
盛邦安全入选IDC《中国WAAP厂商技术能力评估,2024》报告,获满分评价!
[ ]
「漏洞复现」华望云会议管理平台 checkDoubleUserNameForAdd SQL注入漏洞
[ ]
即刻报名!电子数据取证分析师职业技能等级认定,开启职业新篇章
[ ]
传呼机、对讲机接连爆炸,黎巴嫩通信设备爆炸事件的警示
[ ]
一种Nmap扫描性能改进方法浅析
[ ]
不履行网络安全保护义务,内蒙古网警通报多家单位
[ ]
网络安全为人民,网络安全靠人民!创信华通国家网络安全宣传周活动回顾
[ ]
案例精讲 | FOBrain带你领略运营商的资产安全运营和降本增效平衡秘籍
[ ]
奇安信获湖南省科学技术进步一等奖
[ ]
因勒索攻击泄露患者敏感数据,这家医疗巨头赔偿超4.6亿元
[ ]
IM推广的部分案例与原理
[ ]
以“算”为擎 以“智”扬帆 | 启明星辰出席2024中国移动数智金融大会
[ ]
首批!启明星辰安星人工智能安全运营系统获中国信通院认证
[ ]
处罚案例 | 不履行网络安全保护义务是违法行为!多家单位被通报!
[ ]
CISA、FBI督促消除XSS漏洞
[ ]
2024补天白帽大会:报名通道已开启,早鸟票限时抢!
[ ]
“AI+Security”系列第3期(二):AI赋能自动化渗透测试
[ ]
云起无垠荣获第九届“创客中国”网络安全专题赛二等奖
[ ]
权威认可!腾讯安全入选Forrester API安全市场报告
[ ]
突发!某新车发布会被叫停!
[ ]
10月精品课程 | 中国汽车出海--汽车数据保护和GDPR合规专题培训
[ ]
曝蔚来欲收购奥迪工厂!
[ ]
观点 | 一文读懂《粤港澳大湾区(内地、澳门)个人信息跨境流动标准合同实施指引》
[ ]
技术支持|珞安科技助力2024年中国工业互联网安全大赛河南省选拔赛圆满成功
[ ]
安全圈神偷毒瘤\"星落安全\"
[ ]
消息队列选型看这一篇就够了
[ ]
第一!青藤在《云原生安全能力指南》报告中取得双维度第一
[ ]
AI时代 安全护航 | OPPO,助力第八届安全开发者峰会(SDC 2024)
[ ]
网信办关于《人工智能生成合成内容标识办法(征求意见稿)》公开征求意见的通知
[ ]
攻击者视角看安全,全域风险防护还能这样做!
[ ]
供应链阴谋:黎巴嫩爆炸事件背后的网络攻防
[ ]
易行网安学习平台技能测试,引领精准学习之旅
[ ]
默安科技携手\"M局\" 护航边疆铁路软件供应链安全建设
[ ]
CNVD漏洞周报2024年第37期
[ ]
专题·大模型安全 | 大模型安全风险评估与防御技术综述
[ ]
专家观点 | 为什么要加装抗量子攻击护盾?
[ ]
前沿 | 数字经济法治保障机制的挑战与应对
[ ]
观点 | 辩证看待数据共享与隐私保护
[ ]
评论 | 使用AI技术当守住法律边界
[ ]
托管云,照亮一条不同寻常的上云之路
[ ]
【周年总结】极核安全一周年纪念!
[ ]
天融信出席「第八届深港澳大数据论坛」,谈AI赋能打造网安新质生产力
[ ]
辽宁省工业互联网标识解析“贯通”行动计划正式启动 | 2024全球工业互联网大会
[ ]
新美国安全中心发布:《人工智能与国家生物安全风险的演变:能力、阈值和干预措施》
[ ]
美国和日本即将达成协议,限制对华芯片技术出口
[ ]
成都网安周暨CCS2024 | 大模型安全与产业应用创新研讨活动成功举办
[ ]
百度安全与云安全联盟CSA大中华区联合发布《AI安全产业图谱(2024)》
[ ]
定义网安培训新风向,KCon有奖调研等你发声!
[ ]
【漏洞复现】泛微e-Mobile移动管理任意文件读取
[ ]
【漏洞复现】某联达软件存在前台任意文件上传漏洞
[ ]
【漏洞复现】Kedacom-Phoenix-监控平台任意文件上传
[ ]
【漏洞复现】九思OA系列漏洞之文件上传-文件读取-SQL注入漏洞
[ ]
Patchwork(白象)APT组织PGoshell后门攻击场景复现
[ ]
黎巴嫩BP机一声炸响,开启了未来网络战的新形态
[ ]
亚信安全“猎狐行动”亮相第八届(2024)华南智能交通大会
[ ]
真主党寻呼机连环爆炸,疑似暗藏以色列恶意软件
[ ]
发布 | 金融监管总局印发《关于加强银行业保险业移动互联网应用程序管理的通知》
[ ]
【安全科普】OSS存储桶漏洞总结
先知安全技术社区
[ ]
针对spring二次开发的BladeX站点的渗透测试
bunnie's blog
[ ]
Turning Everyday Gadgets into Bombs is a Bad Idea
安全客-有思想的安全新媒体
[ ]
Broadcom 修复了关键 VMware vCenter Server 漏洞 CVE-2024-38812
[ ]
Chrome 推出一次性权限和增强的安全检查功能,以实现更安全的浏览
[ ]
建筑行业会计软件Foundation遭受攻击,威胁行为者利用MSSQL漏洞进行入侵
[ ]
Ethena 域名注册商被黑客入侵,Ethena Labs 警告用户远离
[ ]
随着欧洲刑警组织关闭加密聊天应用程序 Ghost ,全球犯罪受到打击
[ ]
Chainlink 的 Sergey Nazarov 预测资产代币化将改变 Web3
[ ]
CISA 警告称Apache、Microsoft 和 Oracle 漏洞正在被积极利用
[ ]
GitLab 修补了 CE 和 EE 版本中的关键 SAML 身份验证绕过漏洞
[ ]
“Marko Polo”打造全球网络犯罪巨头
[ ]
全球首起通信设备武器化事件!黎巴嫩BP机爆炸致数千人死伤
Private Feed for M09Ic
[ ]
spf13 starred silbinarywolf/preferdiscretegpu
[ ]
HuYlllc pushed to dev in chainreactors/malice-network
[ ]
4ra1n released 0.1.2 at 4ra1n/poc-runner
[ ]
uknowsec starred verdaccio/verdaccio
[ ]
Rvn0xsy starred p4gefau1t/trojan-go
[ ]
wabzsy starred klzgrad/naiveproxy
[ ]
gh0stkey released CaA 1.0.1 at gh0stkey/CaA
[ ]
jeffzh3ng starred wh1t3zer/SpringBootVul-GUI
[ ]
gh0stkey released HaE 3.3.3 at gh0stkey/HaE
[ ]
4ra1n released temurin-23.0.0 at jar-analyzer/workflow_jre
[ ]
timwhitez starred ebitengine/purego
[ ]
Rvn0xsy starred SillyTavern/SillyTavern
[ ]
gh0stkey starred session-replay-tools/tcpcopy
[ ]
gh0stkey starred Cinnamon/kotaemon
[ ]
zema1 starred smaugx/setproctitle
[ ]
INotGreen starred Dec0ne/ShadowSpray
[ ]
yuligesec starred FGRibreau/mailchecker
[ ]
HuYlllc pushed to listener in chainreactors/malice-network
[ ]
gh0stkey starred Mufanc/DexHunter
[ ]
lz520520 starred lintstar/LSTAR
[ ]
gh0stkey starred sz3/libcimbar
[ ]
timwhitez starred rotarydrone/GlobalUnProtect
[ ]
Ak74-577 started following yasukata
[ ]
Ak74-577 starred CCob/DGPOEdit
[ ]
Ak74-577 starred rotarydrone/GlobalUnProtect
[ ]
kpcyrd starred mfontanini/presenterm
Armin Ronacher's Thoughts and Writings
[ ]
Accidental Spending: A Case For an Open Source Tax?
Trustwave Blog
[ ]
Industry Analysts Call Trustwave Security Colony a Vital Tool for Enhanced Cybersecurity
嘶吼 RoarTalk – 网络安全行业综合服务平台,4hou.com
[ ]
再获殊荣!梆梆安全荣获第九届“创客中国”网络安全中小企业创新创业大赛“卓越奖”
[ ]
黎巴嫩寻呼机(BP机)爆炸事件研判分析
[ ]
专家解读 | 框架重磅发布,加快构建我国人工智能安全治理格局
[ ]
助力移动政务应用安全防御 | 梆梆安全亮相关基安全防护专家认证培训,共话安全之道
[ ]
新的 Linux 恶意软件 Hadooken 针对 Oracle WebLogic 服务器
[ ]
Check Point 软件技术公司在《GigaOm 安全策略即代码探测报告》中被评为领导者
一个被知识诅咒的人
[ ]
Go 并发模式:扩展与聚合的高效并行
[ ]
Go 并发模式:管道的妙用
Recent Commits to cve:main
[ ]
Update Thu Sep 19 22:28:25 UTC 2024
[ ]
Update Thu Sep 19 14:35:12 UTC 2024
[ ]
Update Thu Sep 19 06:39:30 UTC 2024
Tenable Blog
[ ]
An Analyst’s Guide to Cloud-Native Vulnerability Management: Where to Start and How to Scale
Horizon3.ai
[ ]
Century-Long Innovation: A Legacy of Outpacing Cyber Threats
[ ]
Nicholas Warner Joins Horizon3.ai as Independent Board Director, Bringing Over Two Decades of Cybersecurity Expertise
Trail of Bits Blog
[ ]
Announcing the Trail of Bits and Semgrep partnership
Malwarebytes
[ ]
Tor anonymity compromised by law enforcement. Is it still safe to use?
GuidePoint Security
[ ]
Risky Recovery: Ransomware “Decryption” Scams Remain in 2024
Reverse Engineering
[ ]
Setting up Lumen for IDA PRO 9
[ ]
Connecting HQD Screen to Raspberry and arduino
blog.avast.com EN
[ ]
The time I almost got scammed from my college email
daniel.haxx.se
[ ]
trurl 0.16
FreeBuf网络安全行业门户
[ ]
BP机爆炸后,对讲机也爆炸了 | 网络+供应链攻击之迷
[ ]
FreeBuf早报 | 黎巴嫩再发生爆炸事件;谷歌宣布启用NIST抗量子加密最新标准
[ ]
黎巴嫩再发生爆炸事件,这次是对讲机
[ ]
苹果试图保护你的隐私,OpenAI可能做不到
[ ]
Discord 推出端到端音频、视频加密通话功能
安全牛
[ ]
7款流行的用户行为分析(UEBA)工具及特点分析
[ ]
这次是对讲机!黎巴嫩再次发生移动通讯设备群体爆炸事件;CSTIS就防范新型勒索病毒Cicada3301发布风险提示 | 牛览
奇客Solidot–传递最新科技情报
[ ]
W玻色子质量测量结果与标准模型预测一致
[ ]
CERN 准备于 11 月 30 日驱逐俄罗斯科学家但不完全切断与俄的联系
[ ]
地球七成人口可能会在未来二十年经历极端气候
[ ]
FBI 接管了一个中国黑客组织控制的僵尸网络
[ ]
X 通过 Cloudflare 代理绕过巴西的屏蔽
[ ]
Real-Time Linux 合并到内核主线
[ ]
任天堂和宝可梦公司起诉《幻兽帕鲁》开发商
[ ]
《魔兽世界》允许玩家独自完成故事
[ ]
以色列对黎巴嫩的无差别攻击导致 至少 32 人死亡数千人受伤
HackerNews
[ ]
PKfail 漏洞曝光:全球近千种设备安全启动机制失效
[ ]
Discord 推出端到端音频、视频加密通话功能
[ ]
黎巴嫩再发生爆炸事件,这次是对讲机
[ ]
俄罗斯安全公司 Doctor Web 遭黑客攻击
[ ]
GitLab 发布针对严重 SAML 身份验证绕过漏洞的修复程序
[ ]
朝鲜黑客利用虚假职位诱骗关键基础设施员工
黑海洋 - WIKI
[ ]
法定社保退休年龄计算器
[ ]
免费文档下载工具 能看见多少我能下载多少 百度文库豆丁等等:kill-doc
[ ]
监控Android手机短信、来电、APP通知(短信转发器)
腾讯玄武实验室
[ ]
每日安全动态推送(9-19)
KitPloit - PenTest & Hacking Tools
[ ]
Mass-Assigner - Simple Tool Made To Probe For Mass Assignment Vulnerability Through JSON Field Modification In HTTP Requests
安全客
[ ]
全球首起通信设备武器化事件!黎巴嫩BP机爆炸致数千人死伤
安全内参
[ ]
供应商泄露用户信息,甲方被罚近一亿元
[ ]
谷歌云被曝重大漏洞:或影响数百万台服务器
奇安信 CERT
[ ]
GitLab SAML 认证绕过漏洞(QVD-2024-40180)安全风险通告
[ ]
【在野利用】Ivanti Cloud Service Appliance 命令注入漏洞(CVE-2024-8190)安全风险通告
代码卫士
[ ]
GitLab修复严重的 SAML 认证绕过漏洞
[ ]
CISA、FBI督促消除XSS漏洞
dotNet安全矩阵
[ ]
.NET 一款执行命令回显的微软白名单工具
[ ]
.NET 内网攻防实战电子报刊
[ ]
36套.NET系统漏洞威胁情报(09.19更新)
Black Hills Information Security
[ ]
Enable Auditing of Changes to msDS-KeyCredentialLink
丁爸 情报分析师的工具箱
[ ]
【情报资料】猜猜美军到中国来出差,每天差旅补助是多少?
[ ]
【通知】第11期全国体制内单位及相关专业单位开源情报能力提升班—开源尖兵实战训练营10月20-25日成都开班
KCon 黑客大会
[ ]
定义网安培训新风向,KCon有奖调研等你发声!
信息安全国家工程研究中心
[ ]
处罚案例 | 不履行网络安全保护义务是违法行为!多家单位被通报!
补天平台
[ ]
2024补天白帽大会:报名通道已开启,早鸟票限时抢!
中国信息安全
[ ]
专题·大模型安全 | 大模型安全风险评估与防御技术综述
[ ]
专家解读 | 从中欧美比较的角度理解我国《人工智能安全治理框架》的特点
[ ]
专家观点 | 为什么要加装抗量子攻击护盾?
[ ]
前沿 | 数字经济法治保障机制的挑战与应对
[ ]
观点 | 辩证看待数据共享与隐私保护
[ ]
评论 | 使用AI技术当守住法律边界
数世咨询
[ ]
SOAR永垂不朽
国家互联网应急中心CNCERT
[ ]
CNVD漏洞周报2024年第37期
[ ]
上周关注度较高的产品安全漏洞(20240909-20240915)
默安科技
[ ]
默安科技携手"M局" 护航边疆铁路软件供应链安全建设
情报分析师
[ ]
第二波来袭,黎巴嫩通讯设备爆炸事件升级
[ ]
西方非政府组织在吉尔吉斯斯坦的操控分析
阿里安全响应中心
[ ]
活动正式开始|14家SRC邀您加入双11安全保卫战
极客公园
[ ]
o1 发布后,信息量最大的圆桌对话:杨植麟、姜大昕、朱军探讨大模型技术路径
[ ]
22 个月后,大模型现在在「卷」什么?
[ ]
AI、社区、带货,YouTube 平台要「变天」了
[ ]
云栖大会开幕,将推重磅发布;谷歌论文揭示o1模型原理;iPhone 16 首周销量下降 12.7% | 极客早知道
安全圈
[ ]
【安全圈】黎巴嫩再发生爆炸事件,这次是对讲机
[ ]
【安全圈】随着欧洲刑警组织关闭加密聊天应用程序 Ghost ,全球犯罪受到打击
[ ]
【安全圈】建筑行业会计软件Foundation遭受攻击,威胁行为者利用MSSQL漏洞进行入侵
青藤云安全
[ ]
第一!青藤在《云原生安全能力指南》报告中取得双维度第一
安全分析与研究
[ ]
伪装成京东金融候选人登记表的钓鱼样本详细分析
Qualys Security Blog
[ ]
Black Basta Ransomware: What You Need to Know
深信服千里目安全技术中心
[ ]
【漏洞通告】VMware vCenter Server缓冲区溢出漏洞(CVE-2024-38812)
[ ]
CNVD漏洞周报2024年第37期
TrustedSec
[ ]
Console Cowboys: Navigating the Modern Terminal Frontier
Over Security - Cybersecurity news aggregator
[ ]
Chipmaker Qualcomm lays off hundreds of workers in San Diego
[ ]
CISA warns of actively exploited Apache HugeGraph-Server bug
[ ]
Suspects behind $230 million cryptocurrency theft arrested in Miami
[ ]
Federal civil rights watchdog sounds alarm over DOJ, DHS and HUD use of facial recognition technology
[ ]
Microsoft Edge will flag extensions causing performance issues
[ ]
HuntStand - 2,795,947 breached accounts
[ ]
Unexplained ‘Noise Storms’ flood the Internet, puzzle experts
[ ]
This Windows PowerShell Phish Has Scary Potential
[ ]
Tor says it’s "still safe" amid reports of police deanonymizing users
[ ]
Ivanti warns of another critical CSA flaw exploited in attacks
[ ]
Iran backdoors planted across Middle East telecoms, government agencies, Google says
[ ]
Apple’s new macOS Sequoia update is breaking some cybersecurity tools
[ ]
Talk of election security is good, but we still need more money to solve the problem
[ ]
Google Password Manager now automatically syncs your passkeys
[ ]
FTC exposes massive surveillance of kids, teens by social media giants
[ ]
17 arrested in takedown targeting phishing service with nearly 500,000 victims
[ ]
UK spyware victims file criminal complaint against NSO Group
[ ]
Nakasone on his new gig at Vanderbilt, deliberations at OpenAI, and nation-state threats
[ ]
How to reduce cyber risk during employee onboarding
[ ]
Germany seizes 47 crypto exchanges used by ransomware gangs
[ ]
Police dismantles phone unlocking ring linked to 483,000 victims
[ ]
Leverage Flashpoint Known Exploited Vulnerabilities (FP KEV) for Vulnerability Triage
[ ]
Cyberspace Solarium’s successor points to 10 things Washington can do for US digital security
[ ]
US agencies say Iran offered hacked Trump docs to Democrats but was ignored
[ ]
'Iran vs. Trump, and Russia vs. Harris': Congress presses Silicon Valley giants on disinformation
[ ]
FTC: Social media and video streaming companies violate user privacy on 'vast' scale
[ ]
Hackers deliver popular crypto-miner through malicious email auto replies, researchers say
[ ]
Mysterious "LOVE" packet storms flood the internet since 2020
[ ]
Applying Security Engineering to Make Phishing Harder - A Case Study
[ ]
Clever 'GitHub Scanner' campaign abusing repos to push malware
[ ]
What is Spearphishing: Definition, Techniques, Real-world Example
[ ]
Getting Ready for PSR in the UK: Why Fraud Fusion Experts Should Care
[ ]
Il costo di un cyberattacco va oltre le perdite finanziarie dirette
[ ]
WebDAV-as-a-Service: Uncovering the infrastructure behind Emmenhtal loader distribution
[ ]
CISA Adds Progress WhatsUp Gold and MSHTML Vulnerabilities to Known Exploited Vulnerabilities Catalog
[ ]
Top ICS Vulnerabilities This Week: Critical Bugs in Rockwell Automation, Siemens, and Viessmann
Securityinfo.it
[ ]
Il costo di un cyberattacco va oltre le perdite finanziarie dirette
安全419
[ ]
“BP机爆炸”事件 可能重新定义未来的网络战
ICT Security Magazine
[ ]
Aumento dei Data Breach Globali: 7 attacchi su 10 in EMEA hanno rubato i tuoi dati. Attenzione anche alle minacce interne!
[ ]
Operazione Flax Typhoon: L’FBI neutralizza una sofisticata botnet cinese in un’epica battaglia cibernetica
[ ]
Zero Trust e Smart Industry: mettere in sicurezza Cloud, OT, IIoT, e ambienti M2M attraverso strategie avanzate di Sicurezza Informatica con l’aiuto dell’Intelligenza Artificiale
contagio
[ ]
2024-08-18 RAPTOR TRAIN NOSEDIVE - Mirai-type IoT Botnet Samples
Security Current
[ ]
CISO Spotlight: Oded Blatman, Fireblocks CIO & CISO
SANS Internet Storm Center, InfoCON: green
[ ]
Fake GitHub Site Targeting Developers, (Thu, Sep 19th)
[ ]
ISC Stormcast For Thursday, September 19th, 2024 https://isc.sans.edu/podcastdetail/9144, (Thu, Sep 19th)
[ ]
Time-to-Live Analysis of DShield Data with Vega-Lite, (Wed, Sep 18th)
Il Disinformatico
[ ]
Due piccole novità
Full Disclosure
[ ]
Stored XSS in "Edit Profile" - htmlyv2.9.9
[ ]
Stored XSS in "Menu Editor" - htmlyv2.9.9
[ ]
Backdoor.Win32.BlackAngel.13 / Unauthenticated Remote Command Execution
[ ]
Backdoor.Win32.CCInvader.10 / Authentication Bypass
[ ]
Backdoor.Win32.Delf.yj / Information Disclosure
Trend Micro Research, News and Perspectives
[ ]
Earth Baxia Uses Spear-Phishing and GeoServer Exploit to Target APAC
[ ]
Identifying Rogue AI
The Hacker News
[ ]
Wherever There's Ransomware, There's Service Account Compromise. Are You Protected?
[ ]
Hackers Exploit Default Credentials in FOUNDATION Software to Breach Construction Firms
[ ]
New Brazilian-Linked SambaSpy Malware Targets Italian Users via Phishing Emails
[ ]
New TeamTNT Cryptojacking Campaign Targets CentOS Servers with Rootkit
[ ]
Healthcare's Diagnosis is Critical: The Cure is Cybersecurity Hygiene
[ ]
Microsoft Warns of New INC Ransomware Targeting U.S. Healthcare Sector
[ ]
GitLab Patches Critical SAML Authentication Bypass Flaw in CE and EE Editions
Have I Been Pwned latest breaches
[ ]
HuntStand - 2,795,947 breached accounts
Palo Alto Networks Blog
[ ]
The Hidden AI Risk Lurking In Your Business
360数字安全
[ ]
独家!揭秘黎巴嫩传呼机、对讲机两轮爆炸背后的“供应链战争”
[ ]
首批!360安全大模型获中国信通院基础网络安全能力评估认证
Computer Forensics
[ ]
Looking for career advice for getting into digital forensics
[ ]
eDiscovery Premium update
Schneier on Security
[ ]
FBI Shuts Down Chinese Botnet
The Register - Security
[ ]
Valencia Ransomware explodes on the scene, claims California city, fashion giant, more as victims
[ ]
No way? Big Tech's 'lucrative surveillance' of everyone is terrible for privacy, freedom
[ ]
Iran's cyber-goons emailed stolen Trump info to Team Biden – which ignored them
[ ]
1 in 10 orgs dumping their security vendors after CrowdStrike outage
[ ]
Thousands of orgs at risk of knowledge base data leaks via ServiceNow misconfigurations
[ ]
UK activists targeted with Pegasus spyware ask police to charge NSO Group
[ ]
Tor insists its network is safe after German cops convict CSAM dark-web admin
Information Security
[ ]
Open source maintainers underpaid, swamped by security, going gray
netsecstudents: Subreddit for students studying Network Security and its related subjects
[ ]
EAP-TLS: Breaking Into Secure TLS Deployments
KitPloit - PenTest Tools!
[ ]
Mass-Assigner - Simple Tool Made To Probe For Mass Assignment Vulnerability Through JSON Field Modification In HTTP Requests
Security Affairs
[ ]
Ivanti warns of a new actively exploited Cloud Services Appliance (CSA) flaw
[ ]
International law enforcement operation dismantled criminal communication platform Ghost
[ ]
U.S. CISA adds Microsoft Windows, Apache HugeGraph-Server, Oracle JDeveloper, Oracle WebLogic Server, and Microsoft SQL Server bugs to its Known Exploited Vulnerabilities catalog
[ ]
SIEM for Small and Medium-Sized Enterprises: What you need to know
[ ]
Antivirus firm Dr.Web disconnected all servers following a cyberattack
Instapaper: Unread
[ ]
14 dead as Hezbollah walkie-talkies explode in second, deadlier attack
[ ]
10 Ways to Detect Deepfakes Created by Text-to-image Services and GANs
[ ]
Chinese Spies Built Massive Botnet of IoT Devices to Target US, Taiwan Military
[ ]
SambaSpy, il malware che colpisce solo gli utenti italiani
Deeplinks
[ ]
Prison Banned Books Week: Being in Jail Shouldn’t Mean Having Nothing to Read
[ ]
Square Peg, Meet Round Hole: Previously Classified TikTok Briefing Shows Error of Ban
[ ]
Strong End-to-End Encryption Comes to Discord Calls
[ ]
Canada’s Leaders Must Reject Overbroad Age Verification Bill
Blackhat Library: Hacking techniques and research
[ ]
Opsec while Hacking
[ ]
Intel
Your Open Hacker Community
[ ]
Trouble with Hashcat and Kali Linux
[ ]
diploma thesis - which password cracker tools?
[ ]
Help Needed to Bypass Orange Social Media Pack Restrictions
Technical Information Security Content & Discussion
[ ]
New free, open, online, practical security class from Czech Technical University.
[ ]
An Elliptic Curve-based Secure Chat, written using Rust and Protobuf
[ ]
Exploiting Android Client WebViews with Help from HSTS
[ ]
SAP Hash Cracking Techniques
[ ]
Seezo SDR – Automated security design reviews
[ ]
Applying security engineering to make phishing harder
[ ]
Stowaway -- Multi-hop Proxy Tool for pentesters
Krebs on Security
[ ]
This Windows PowerShell Phish Has Scary Potential
TorrentFreak
[ ]
Pirate Video Hosting Domain of Fmovies ‘Mothership’ Makes Surprise Comeback
[ ]
Magis TV IPTV Crackdown Blocks 70 Domains, Hundreds Already Wiped Out
Security Weekly Podcast Network (Audio)
[ ]
Exploding Pagers - Tod Beardsley - PSW #843
每日安全资讯(2024-09-20)