issues
search
chainreactors
/
picker
将你的repo变为讨论社区
GNU General Public License v3.0
104
stars
19
forks
source link
[每日信息流] 2024-09-24
#658
Open
chainreactorbot
opened
4 days ago
chainreactorbot
commented
4 days ago
每日安全资讯(2024-09-24)
SecWiki News
[ ]
SecWiki News 2024-09-23 Review
Files ≈ Packet Storm
[ ]
Invesalius 3.1 Arbitrary File Write / Directory Traversal
[ ]
Faraday 5.7.0
[ ]
nullcon Goa 2025 Call For Papers
[ ]
Ubuntu Security Notice USN-7028-1
[ ]
Ubuntu Security Notice USN-7020-2
[ ]
Ubuntu Security Notice USN-7007-2
[ ]
Gentoo Linux Security Advisory 202409-20
[ ]
Gentoo Linux Security Advisory 202409-19
[ ]
Gentoo Linux Security Advisory 202409-18
[ ]
Gentoo Linux Security Advisory 202409-17
[ ]
Gentoo Linux Security Advisory 202409-16
[ ]
Gentoo Linux Security Advisory 202409-15
[ ]
Debian Security Advisory 5774-1
[ ]
Linux i915 PTE Use-After-Free
[ ]
Gentoo Linux Security Advisory 202409-14
[ ]
Gentoo Linux Security Advisory 202409-13
[ ]
Registration And Login System 1.0 SQL Injection
[ ]
Ubuntu Security Notice USN-6992-2
[ ]
Gentoo Linux Security Advisory 202409-12
[ ]
Gentoo Linux Security Advisory 202409-11
[ ]
SPIP BigUp 4.3.1 Code Injection
[ ]
Gentoo Linux Security Advisory 202409-10
[ ]
Gentoo Linux Security Advisory 202409-09
[ ]
Gentoo Linux Security Advisory 202409-08
[ ]
RecipePoint 1.9 Insecure Settings
Security Boulevard
[ ]
What Is Noise-Down Automation?
[ ]
USENIX NSDI ’24 – Towards Intelligent Automobile Cockpit via A New Container Architecture
[ ]
Podcast Episode 19: Interview with Bill McInnis from Nucleus Security
[ ]
Randall Munroe’s XKCD ‘Tectonic Surfing’
[ ]
2024 NIST Password Guidelines: Enhancing Security Practices
[ ]
USENIX NSDI ’24 – Can’t Be Late: Optimizing Spot Instance Savings under Deadlines
[ ]
Exploring the foundations of lattice-based cryptography
[ ]
Freemium Model Optimization for B2B SaaS: A Strategic Growth Approach
[ ]
A Fresh Approach to Cybersecurity: Unifying Intelligence, Technology and Human Expertise
[ ]
Unmasking Malware Through IP Tracking: How Attackers Exploit IP and Geo-Location Data to Target Your Network
安全客-有思想的安全新媒体
[ ]
Chainalysis CEO 认为政府可能会使用人工智能代理来追踪链上加密货币违法者
[ ]
严重Ivanti 云设备漏洞在主动网络攻击中被利用
[ ]
揭露“Marko Polo”: 一个以数千人为目标的信息窃取团伙
[ ]
BianLian 和 Rhysida 使用 Azure 进行勒索软件攻击
[ ]
CISA发布协调联邦机构网络安全的计划
[ ]
Versa Networks 在 Versa Director 中暴露了关键 API 漏洞 (CVE-2024-45229)
[ ]
Apple 的 macOS Sequoia 更新引发了与流行安全工具的重大兼容性问题
[ ]
CVE-2024-8698:Keycloak 漏洞使 SAML 身份验证面临风险
[ ]
Citrine Sleet用Mac Linux恶意软件毒害PyPI包
[ ]
攻击面管理“六边形战士”!360获权威报告满分评价
Doonsec's feed
[ ]
微软宣布弃用 Windows Server 更新服务 (WSUS)
[ ]
暗网上的国际象棋游戏
[ ]
信息窃取者对抗 Chrome:谁会赢得这场战斗?
[ ]
破解“黑神话:悟空”传播 Lumma 窃取恶意软件
[ ]
付费开源维护者在安全方面花费更多时间
[ ]
围绕人工智能的全球规则初具规模,但仍有些模糊
[ ]
Necro 恶意软件加载器通过 Google Play 感染了 1100 万台 Android 设备
[ ]
【情报实战】黎巴嫩爆炸寻呼机背后的公司和人
[ ]
【资讯】内蒙古自治区政府办公厅印发《自治区低空经济高质量发展实施方案(2024—2027年)》
[ ]
【资讯】浙江省政府办公厅印发《浙江省加力推动跨境电商高质量发展行动计划(2024—2027年)》
[ ]
【资讯】济南市政府公布《济南市公共数据开放利用管理办法》
[ ]
【资讯】厦门市政府办公厅印发《厦门市支持专精特新企业高质量发展的若干措施》
[ ]
寻找IDOR漏洞:Key Endpoints and Resources
[ ]
美军特战部队军演中展现WiFi“网络爆破”新技能
[ ]
【漏洞预警】Ivanti CloudServiceAppliance 未授权 路径遍历漏洞CVE-2024-8963
[ ]
G.O.S.S.I.P 阅读推荐 2024-09-23 大模型越狱,攻防战谁更胜一筹
[ ]
美政府打击勒索软件重心拟转向:从抓捕起诉到破坏犯罪生态
[ ]
【干货原创】实网攻防演习常态化,会带来什么变化01
[ ]
【干货】笑傲职场的独家经验(1)
[ ]
【干货原创】K12教育,鲜为人知的模式秘密
[ ]
原创文章目录
[ ]
灵当CRM multipleUpload.php接口处存在文件上传漏洞 附POC
[ ]
【SRC】实战中获取JS文件的各种场景
[ ]
建了个SRC专项漏洞知识库
[ ]
【相关分享】记一次某985高校的漏洞挖掘
[ ]
一个命令扫遍天下无敌手:端口扫描从入门到精通
[ ]
菜狗安全公开课第一期《JAVA代码审计实战》
[ ]
金壮龙:深入学习贯彻习近平总书记重要论述 奋力开创推进新型工业化新局面
[ ]
《智能网联汽车领域AI大模型发展技术路线图1.0》研讨会顺利召开
[ ]
电子招标投标系统检测认证服务 助力中央企业采购管理规范化建设
[ ]
Android活动(Activities)Exploiting 技术
[ ]
漏洞推送|数字通云平台智慧政务存在登录绕过漏洞
[ ]
烽火狼烟丨暗网数据及攻击威胁情报分析周报(09/16-09/20)
[ ]
2024 | ZAC首届线下闭门沙龙会议完美落幕
[ ]
ScopeSentry-V1.4-端口扫描更新
[ ]
倒计时2天 | 嘉宾阵容揭晓!邀你共聚工业智能边缘计算2024年会
[ ]
荐读丨超过1000个ServiceNow实例被发现泄露企业知识库数据
[ ]
2024年第四届“长城杯”网络安全大赛(初赛)Writeup
[ ]
隐藏在 Python 包中的新 PondRAT 恶意软件以软件开发人员为目标
[ ]
2024信息学奥赛CSP-J/S第一轮认证题目涉嫌泄露!
[ ]
破解并使用手表解锁带NFC功能的电动车
[ ]
带你认识微信多模态大模型 POINTS
[ ]
整车渗透测试,网络安全车辆型式认证的灵丹妙药
[ ]
智能网联汽车安全渗透白皮书3.0
[ ]
车辆渗透测试概述
[ ]
第12章 安全通信与网络攻击
[ ]
第13章 管理身份和认证
[ ]
Patriot CTF · 2024 WriteUp
[ ]
乌克兰因安全风险首次禁用Telegram
[ ]
年度安全品牌影响力&年度热门安全产品花落谁家 | WitAwards 2024 评选
[ ]
@所有人,我们更名了 文末有福利!
[ ]
PatrOwl:一款开源可扩展的安全协调运营平台
[ ]
红队笑传之穿穿部-记一次攻防演练被某部委安全团队拷打全过程【补档】
[ ]
AntSword新增类型:JSPRAW的一些玩法
[ ]
【安全圈】乌克兰因安全风险首次禁用Telegram
[ ]
【安全圈】不要赎金只破坏基础设施,Twelve 黑客大肆攻击俄罗斯实体
[ ]
【安全圈】Chainalysis CEO 认为政府可能会使用人工智能代理来追踪链上加密货币违法者
[ ]
【安全圈】啊这?钓鱼网站忽悠用户打开Windows运行执行恶意命令来完成人机验证
[ ]
记一次基于Union的sqlmap自定义payload
[ ]
2024网络安全行业证书推荐
[ ]
一键Windows应急响应检测脚本 - Winscan
[ ]
活动预告 | “人工智能对网络空间安全带来的新机遇和新挑战”工程科技学术研讨会
Recent Commits to cve:main
[ ]
Update Mon Sep 23 22:34:45 UTC 2024
[ ]
Update Mon Sep 23 14:30:17 UTC 2024
[ ]
Update Mon Sep 23 06:37:03 UTC 2024
Private Feed for M09Ic
[ ]
SpecterOps forked SpecterOps/terminal_sync from breakid/terminal_sync
[ ]
h3zh1 pushed to master in chainreactors/malefic
[ ]
CHYbeta starred PhonePe/mantis
[ ]
INotGreen forked INotGreen/v2rayNvpn from githubvpn007/v2rayNvpn
[ ]
INotGreen starred githubvpn007/v2rayNvpn
[ ]
pmiaowu starred alibaba/arthas
[ ]
pmiaowu starred c0ny1/java-memshell-scanner
[ ]
uknowsec starred rweijnen/createdump
[ ]
nightRainy pushed to master in chainreactors/malefic
[ ]
HuYlllc pushed to dev in chainreactors/malice-network
[ ]
mgeeky starred YS-L/csvlens
[ ]
Ascotbe starred caorushizi/mediago
[ ]
Rvn0xsy starred yudai/gotty
[ ]
Rvn0xsy starred jimmy201602/webterminal
[ ]
gh0stkey starred lencx/tauri-tutorial
[ ]
phith0n starred caorushizi/mediago
[ ]
gh0stkey created a repository gh0stkey/DSK
[ ]
gh0stkey started following Ackites
[ ]
zer0yu starred outlaws-bai/Galaxy
[ ]
zer0yu starred sleeepeer/PoisonedRAG
嘶吼 RoarTalk – 网络安全行业综合服务平台,4hou.com
[ ]
客户案例:CACTER硬件网关精准防护,助力互联网企业安全升级
[ ]
标准应用 | 敏感个人信息的界定与告知同意
[ ]
安全动态回顾|《网络安全人才实战能力白皮书-安全测试评估篇》发布 X黑客狂潮使“$HACKED”加密代币遭哄抬
[ ]
Windows 漏洞利用盲文“空格”进行零日攻击
[ ]
威努特与华为正式签约,共建繁荣生态
[ ]
蚂蚁安全开放基于“函数级”SBOM的新一代软件供应链安全技术【源蜥】
一个被知识诅咒的人
[ ]
深入理解华为仓颉语言的数值类型
[ ]
Go语言中的Mutex实现探讨
Armin Ronacher's Thoughts and Writings
[ ]
FSL: A Better Business/Open Source Balance Than AGPL
奇安信攻防社区
[ ]
JDK高版本的模块化以及反射类加载限制绕过
[ ]
JasperReports 命令执行问题
[ ]
对抗样本生成技术分析与实现2
Perception Point
[ ]
Quishing 2.0: QR Code Phishing Evolves with Two-Step Attacks and SharePoint Abuse
Der Flounder
[ ]
spctl command line tool no longer able to manage Gatekeeper on macOS Sequoia
SpiderLabs Blog
[ ]
Why Do Criminals Love Phishing-as-a-Service Platforms?
Blogs dade
[ ]
Weekly Retro 2024-W38
SentinelOne
[ ]
PinnacleOne ExecBrief | State and Local Election Security Advisory
Malwarebytes
[ ]
100 million+ US citizens have records leaked by background check service
[ ]
San Francisco’s fight against deepfake porn, with City Attorney David Chiu (Lock and Code S05E20)
[ ]
Relationship broken up? Here’s how to separate your online accounts
[ ]
SpaceX, CNN, and The White House internal data allegedly published online. Is it real?
[ ]
A week in security (September 16 – September 22)
Reverse Engineering
[ ]
/r/ReverseEngineering's Weekly Questions Thread
[ ]
Inside a ferroelectric RAM chip
[ ]
GitHub - ReFirmLabs/binwalk at binwalkv3
FreeBuf网络安全行业门户
[ ]
FreeBuf早报 | 国安部起底台独黑客组织;韩欲打造网络安全演习国际枢纽
[ ]
@所有人 邀请函已送达!等一个靓仔slay全场~| FCIS 2024「白帽大会」议题征集
[ ]
乌克兰因安全风险首次禁用Telegram
[ ]
不要赎金只破坏基础设施,Twelve 黑客大肆攻击俄罗斯实体
KitPloit - PenTest & Hacking Tools
[ ]
PolyDrop - A BYOSI (Bring-Your-Own-Script-Interpreter) Rapid Payload Deployment Toolkit
安全牛
[ ]
警惕风险突出的100个高危漏洞
[ ]
锁定3人!国家安全部门立案侦察“台独”网军“匿名者64”;中证协发布《证券公司网络安全事件舆情处置示范案例》 | 牛览
HackerNews
[ ]
不要赎金只破坏基础设施,Twelve 黑客大肆攻击俄罗斯实体
[ ]
美政府打击勒索软件重心拟转向:从抓捕起诉到破坏犯罪生态
安全客
[ ]
ZeroLogon 到 NoPac 漏洞:Black Basta的漏洞利用武器库
奇安信 CERT
[ ]
安全热点周报:时隔一周,Ivanti 又公开一云服务设备漏洞正面临在野利用
Huli's blog
[ ]
HITCON CTF & corCTF & sekaiCTF 2024 筆記
微步在线研究响应中心
[ ]
漏洞通告 | Ivanti Cloud Service Appliance 路径穿越漏洞
安全内参
[ ]
美政府打击勒索软件重心拟转向:从抓捕起诉到破坏犯罪生态
[ ]
“蓝屏事件”后大量德国企业抛弃CrowdStrike
奇客Solidot–传递最新科技情报
[ ]
日本科学家用猫制作 iPS 细胞
[ ]
数学家发现一种新形状
[ ]
Bruce Schneier 认为以色列的袭击改变了世界
[ ]
愈来愈多的大学研究生人数超过本科生
[ ]
1951 年被拐走的加州男孩还活着
[ ]
地球曾经也有星环
腾讯玄武实验室
[ ]
每日安全动态推送(9-23)
代码卫士
[ ]
CISA 提醒注意已遭利用的 Apache HugeGraph-Server 漏洞
[ ]
速修复!FreeBSD 中存在严重漏洞
雷神众测
[ ]
雷神众测漏洞周报2024.09.18-2024.09.22
白帽100安全攻防实验室
[ ]
五冠王!ByteCTF 2024 初赛WriteUp By W&M
dotNet安全矩阵
[ ]
.NET 一款通过虚拟键盘绕过UAC的工具
[ ]
.NET内网实战:白名单文件反序列化执行命令
[ ]
SoapShell 更新 | 新增站点根目录下适配某版本哥斯拉的WebShell
学蚁致用
[ ]
AntSword新增类型:JSPRAW的一些玩法
默安科技
[ ]
卓越攻击团队|默安科技信息通信领域再获佳绩
安全分析与研究
[ ]
Lazarus APT组织针对海事研究组织进行网络攻击活动
威胁猎人Threat Hunter
[ ]
2024互联网黑灰产攻防技术沙龙·北京站,10月17日等你来!
字节跳动安全中心
[ ]
积分翻倍、奖金再加码,推荐好礼送不停
情报分析师
[ ]
揭开美国情报界的神秘面孔
[ ]
克格勃秘密实验室:特异功能与心理操控
CNVD漏洞平台
[ ]
CNVD漏洞周报2024年第38期
[ ]
上周关注度较高的产品安全漏洞(20240916-20240922)
中国信息安全
[ ]
全球视野 | 国际网安快讯(第29期)
[ ]
专家解读 | 推进本土治理系统工程,技管结合引导安全开发 人工智能安全治理的中国认知与方案
[ ]
关注 | 起底“台独”网军“匿名者64”
[ ]
观点 | AI产业如何实现向善发展
[ ]
观点 | 构建公共数据授权运营的生态体系
[ ]
关注 | 欧盟建立人工智能工厂提升创新竞争力
[ ]
国际 | 韩欲打造网络安全演习国际枢纽
安全圈
[ ]
【安全圈】乌克兰因安全风险首次禁用Telegram
[ ]
【安全圈】不要赎金只破坏基础设施,Twelve 黑客大肆攻击俄罗斯实体
[ ]
【安全圈】Chainalysis CEO 认为政府可能会使用人工智能代理来追踪链上加密货币违法者
[ ]
【安全圈】啊这?钓鱼网站忽悠用户打开Windows运行执行恶意命令来完成人机验证
数世咨询
[ ]
百密一疏!你是否败给了“最土”的攻击方式(ATO)?
阿里安全响应中心
[ ]
阿里云边缘安全加速(ESA)产品功能众测 - WAF功能挑战赛
极客公园
[ ]
对话地瓜机器人 CEO 王丛:500 元的机器人「心脏」,是怎么炼成的?
[ ]
预训练的 Scaling Law 正在走入死胡同,o1 让更多创业公司重新复活
[ ]
卖出 68 亿,「黑神话」成 Steam 最畅销游戏;魅族产「红旗手机」曝光;「AI Siri」明年 1 月到来|极客早知道
Tails - News
[ ]
Tails report for August 2024
安全419
[ ]
关键领域数据安全建设观察——智能网联汽车领域
[ ]
威努特与华为正式达成合作
[ ]
2024年度关键信息基础设施安全保护论坛召开
[ ]
万径安全完成数千万元融资 深创投独家投资
补天平台
[ ]
仅需9.9元,提升技能,赢得荣誉,来补天训练“赢”开启白帽之路!
IT Service Management News
[ ]
Sui cercapersone esplosi in Libano
Over Security - Cybersecurity news aggregator
[ ]
US proposes ban on connected vehicle tech from China, Russia
[ ]
US intelligence agencies confirm Russia is pushing fake videos of Kamala Harris
[ ]
Dozens of Fortune 100 companies have unwittingly hired North Korean IT workers, according to report
[ ]
Some Kaspersky customers receive surprise forced-update to new antivirus software
[ ]
Legislation to mandate universal data privacy opt-outs vetoed in California
[ ]
Telegram now shares users’ IP and phone number on legal requests
[ ]
New Mallox ransomware Linux variant based on leaked Kryptina code
[ ]
Ransomware attack on Kansas county exposed sensitive info of nearly 30,000 residents
[ ]
Kaspersky deletes itself, installs UltraAV antivirus without warning
[ ]
Biden administration proposes rule banning Chinese, Russian connected vehicles and parts
[ ]
Telegram says it will share phone numbers and IP addresses of ‘bad actors’ to authorities
[ ]
Android malware 'Necro' infects 11 million devices via Google Play
[ ]
Russian hackers have shifted tactics in third year of war, Ukraine cyber agency says
[ ]
New Google Chrome feature will translate complex pages in real time
[ ]
How to manage shadow IT and reduce your attack surface
[ ]
D-Link risolve tre vulnerabilità critiche nei suoi router Wi-Fi
[ ]
Kransom Ransomware: New Threat Using DLL-Sideloading to Hijack Popular RPG
[ ]
How the Necro Trojan infiltrated Google Play, again
[ ]
Undetected Android Spyware Targeting Individuals In South Korea
[ ]
CERT-AGID 14 – 20 settembre: 778 IoC e una campagna di phishing che sfrutta lo SPID
[ ]
GameVN - 1,369,485 breached accounts
360威胁情报中心
[ ]
APT-C-00(海莲花)双重加载器及同源VMP加载器分析
Securityinfo.it
[ ]
D-Link risolve tre vulnerabilità critiche nei suoi router Wi-Fi
[ ]
CERT-AGID 14 – 20 settembre: 778 IoC e una campagna di phishing che sfrutta lo SPID
Have I Been Pwned latest breaches
[ ]
GameVN - 1,369,485 breached accounts
ICT Security Magazine
[ ]
Il ciclo di vita dei dati rubati: dal furto al profitto
[ ]
Sicurezza del sistema operativo Android
安天AVL威胁情报中心
[ ]
盘点:2024年7月移动设备威胁态势
[ ]
安天移动近期威胁情报盘点(9月6日-9月23日)
SANS Internet Storm Center, InfoCON: green
[ ]
Phishing links with @ sign and the need for effective security awareness building, (Mon, Sep 23rd)
[ ]
ISC Stormcast For Monday, September 23rd, 2024 https://isc.sans.edu/podcastdetail/9148, (Mon, Sep 23rd)
Il Disinformatico
[ ]
Niente Panico RSI - Puntata del 2024/09/23
Posts By SpecterOps Team Members - Medium
[ ]
Ghostwriter v4.3: SSO, JSON Fields, and Reporting with BloodHound
Schneier on Security
[ ]
Hacking the “Bike Angels” System for Moving Bikeshares
Security Current
[ ]
Congratulations to the 2024 CISOs Top 100 Accelerated CISOs Awards (A100) Winners
Deeplinks
[ ]
EFF to Supreme Court: Strike Down Texas’ Unconstitutional Age Verification Law
Securelist
[ ]
How the Necro Trojan infiltrated Google Play, again
The Register - Security
[ ]
Telegram will now hand over IP addresses, phone numbers of suspects to cops
[ ]
'Cybersecurity issue' takes MoneyGram offline for three days – and counting
[ ]
Necro malware continues to haunt side-loaders of dodgy Android mods
[ ]
US proposes ban on Chinese, Russian connected car tech over security fears
[ ]
So how's Microsoft's Secure Future Initiative going?
[ ]
UPS supplier's password policy flip-flops from unlimited, to 32, then 64 characters
[ ]
Move over, Cobalt Strike. Splinter’s the new post-exploit menace in town
[ ]
Apple's latest macOS release is breaking security software, network connections
Unsupervised Learning
[ ]
UL NO. 451: Altman Says ASI in "Thousands of Days"
Information Security
[ ]
Malware Abuses Browser Kiosk Mode to Steal Google Credentials: New Attack Vector
Blackhat Library: Hacking techniques and research
[ ]
Sextortion Is About to Get Much Worse with Infostealers – A Red Flag for Victims
[ ]
Telegram groups for blackhat SEO
TorrentFreak
[ ]
Telegram Removes Z-Library Posts ‘Due to Copyright Infringement’
[ ]
Court Orders Google to “Uninstall” Pirate IPTV App Sideloaded on Android Devices
TG Soft Software House - News
[ ]
Vir.IT eXplorer PRO
supera, ottenendo il massimo risultato, l'ultimo
test
effettuato ad
Agosto 2024
da
AppEsteem
per i
prodotti AV DeceptorFighters
Security Affairs
[ ]
ESET fixed two privilege escalation flaws in its products
[ ]
North Korea-linked APT Gleaming Pisces deliver new PondRAT backdoor via malicious Python packages
[ ]
Chinese APT Earth Baxia target APAC by exploiting GeoServer flaw
[ ]
Hacktivist group Twelve is back and targets Russian entities
KitPloit - PenTest Tools!
[ ]
PolyDrop - A BYOSI (Bring-Your-Own-Script-Interpreter) Rapid Payload Deployment Toolkit
The Hacker News
[ ]
THN Cybersecurity Recap: Last Week's Top Threats and Trends (September 16-22)
[ ]
Why 'Never Expire' Passwords Can Be a Risky Decision
[ ]
Critical Flaw in Microchip ASF Exposes IoT Devices to Remote Code Execution Risk
[ ]
Discord Introduces DAVE Protocol for End-to-End Encryption in Audio and Video Calls
[ ]
New PondRAT Malware Hidden in Python Packages Targets Software Developers
[ ]
Chinese Hackers Exploit GeoServer Flaw to Target APAC Nations with EAGLEDOOR Malware
Technical Information Security Content & Discussion
[ ]
Open to Exploitation: The Security Risks of Unauthenticated Pager Networks
Computer Forensics
[ ]
I wrote a blog to learn and get familiar with some Incident Response tools and techniques. Hope it will be a good read :)
Your Open Hacker Community
[ ]
When I put my Alfa adapter to monitor, it shows wlan0 wlan1 as well.
[ ]
Reverse shell question
Security Weekly Podcast Network (Audio)
[ ]
Authentication and Authorization in the AI Era - Shiven Ramji - BSW #365
每日安全资讯(2024-09-24)