chainreactors / picker

将repo变成RSS订阅,文章整理归档, 讨论的社区

GNU General Public License v3.0

111 stars 18 forks source link

[每日信息流] 2024-10-12 #677

Closed chainreactorbot closed 2 weeks ago

chainreactorbot commented 1 month ago

每日安全资讯（2024-10-12）

SecWiki News
- [ ] SecWiki News 2024-10-11 Review
Security Boulevard
- [ ] More on My AI and Democracy Book
- [ ] Identity Under Siege: Responding to the National Public Data Breach
- [ ] SDLC Methodologies: The 7 Most Common
- [ ] What Is the Agile SDLC? Benefits, Stages And Implementation
- [ ] Apple Releases Draft Ballot to Shorten Certificate Lifespan to 45 Days
- [ ] Prevent Path Traversal Attacks with ADR | Contrast Security
- [ ] (In)Fidelity Admits Data Breach 8 Weeks Ago — 77K PII Lost
- [ ] ISO 27001 – 2013 vs 2022: Changes, Transition & More
- [ ] Exploring Goldilocks: ‘Just Right’ Resource Management
- [ ] Generative AI Fueling More Sophisticated Cyberattacks: Survey
Private Feed for M09Ic
- [ ] AliffPutra started following M09Ic
- [ ] Ak74-577 started following shaddy43
- [ ] Ak74-577 starred shaddy43/BrowserSnatch
- [ ] zer0yu started following krisnova
- [ ] Rvn0xsy starred OdysseusYuan/LKY_OfficeTools
- [ ] UnT7 starred M09Ic/SharpRDPConns
- [ ] Ridter starred shaddy43/BrowserSnatch
- [ ] killeven starred AutomaApp/automa
- [ ] gh0stkey starred ansible/ansible
- [ ] gh0stkey starred tangjie1/-Baseline-check
- [ ] gh0stkey starred DeEpinGh0st/WindowsBaselineAssistant
- [ ] zer0yu starred adolfintel/OpenPods
- [ ] RicterZ starred al-one/hass-xiaomi-miot
- [ ] wh0amitz starred Chocapikk/CVE-2024-45519
- [ ] helloyw starred M09Ic/SharpRDPConns
- [ ] INotGreen starred namazso/dll-universal-patcher
- [ ] INotGreen starred namazso/dll-proxy-generator
- [ ] INotGreen started following namazso
- [ ] Tripse starred M09Ic/SharpRDPConns
- [ ] suixingteng started following M09Ic
- [ ] timwhitez starred unclecode/crawl4ai
- [ ] yzddmr6 starred bd4sur/Nano
- [ ] FunnyWolf starred langchain-ai/rag-from-scratch
嘶吼 RoarTalk – 网络安全行业综合服务平台,4hou.com
- [ ] 大咖征稿|清华大学新生钓鱼演练分析报告
- [ ] IDC最新报告发布，360获安全软件全类别推荐厂商
- [ ] 嘶吼专访|蚂蚁集团高级技术专家杨洋：以密码为基探循铜锁/Tongsuo的开源之路
- [ ] macOS Sequoia 更新后出现防护软件网络连接错误问题
- [ ] Check Point 软件技术公司在 2024 年 Gartner® 端点防护平台魔力象限™ 报告中获评端点安全防护远见者
Files ≈ Packet Storm
- [ ] ABB Cylon Aspect 3.07.02 user.properties Default Credentials
- [ ] ABB Cylon Aspect 3.08.00 dialupSwitch.php Remote Code Execution
- [ ] ABB Cylon Aspect 3.07.02 sshUpdate.php Unauthenticated Remote SSH Service Control
- [ ] Debian Security Advisory 5788-1
- [ ] Ubuntu Security Notice USN-7020-4
- [ ] Ubuntu Security Notice USN-7062-1
- [ ] Red Hat Security Advisory 2024-7994-03
- [ ] TerraMaster TOS 4.2.29 Code Injection / Local File Inclusion
- [ ] Red Hat Security Advisory 2024-7987-03
- [ ] SolarView Compact 6.00 Code Injection
- [ ] Openfire 4.8.0 Code Injection
- [ ] Red Hat Security Advisory 2024-7977-03
- [ ] MagnusBilling 6.x Code Injection
- [ ] Kafka UI 0.7.1 Code Injection
- [ ] Red Hat Security Advisory 2024-7972-03
- [ ] GL.iNet 4.4.3 Code Injection
- [ ] Gibbon School Platform 26.0.00 Code Injection
- [ ] Craft CMS 4.4.14 Code Injection
- [ ] Chamilo 1.11.18 Code Injection
- [ ] Artica Proxy 4.40 Code Injection
- [ ] XNU Insufficient Locking Use-After-Free
奇安信攻防社区
- [ ] gson参数走私浅析
Doonsec's feed
- [ ] 渗透测试｜记一次SQL注入新用法
- [ ] 一次贪污数百万美元的程序员
- [ ] 旅行篇-如何找到隐藏摄像头
- [ ] Suricata之dnslog域名检测
- [ ] 【漏洞复现】孚盟云系统/Ajax/AjaxSendDingdingMessage接口处存在sql注入漏洞
- [ ] Java安全基础之反射、类加载、动态代理
- [ ] 漏洞案例：提升Self-XSS危害
- [ ] 【OSCP】friendly3
- [ ] 第1篇：windows 入侵排查
- [ ] 实战 | 一次敏感信息到接口fuzz-RCE
- [ ] 建了个SRC专项漏洞知识库
- [ ] 谷歌揭示量子计算机如何击败当今最好的超级计算机
- [ ] 基于报告分析的2024年全球网络安全趋势研究
- [ ] 专家解读 | 蒋艳：健全数据安全法律制度筑牢网络数据安全防线
- [ ] 泄露全球数亿人信息，这家巨头被罚超3.6亿元
- [ ] 2024年四川省“5G+工业互联网”一体化进园区暨工业互联网标识大会召开，加快数字化转型进程
- [ ] 工业互联网标识解析国家顶级节点（成都托管与灾备节点）展示体验中心正式开幕！
- [ ] 2024网络犯罪案例分享
- [ ] 漏洞推送|某户协同办公平台GeneralWeb_XXE漏洞
- [ ] Windows安全的守护者还是系统的软肋？lsass.exe全面解析
- [ ] 【年会】网络与信息法学研究会2024年年会精彩观点回顾（主论坛部分）
- [ ] 【资讯】黑龙江省工信厅就《黑龙江省推广数字化转型咨询诊断服务奖励政策实施细则》公开征求意见
- [ ] 【资讯】江西省工信厅等三部门联合印发《江西省省级数字化转型促进中心管理办法》
- [ ] 【资讯】北京市知产局就《北京市知识产权信息公共服务网点建设管理办法（修订稿）》公开征求意见
- [ ] 【资讯】中国互联网协会就《工业和信息化领域数据安全合规指引》公开征求意见
- [ ] 以太网安全 - 效果如何? nxp
- [ ] 距离 1000 公里之外对特斯拉 ModelY NFC进行中继攻击
- [ ] 面向未来的软件定义汽车网络安全策略
- [ ] 同望OA tooneAssistantAttachement.jsp 任意文件读取漏洞
- [ ] G.O.S.S.I.P 阅读推荐 2024-10-11 RAID 2024最佳实践论文奖之KernJC
- [ ] 【基于哈希的密码体系】减少私钥的大小(BC)
- [ ] 甲方安全和乙方安全的区别
- [ ] 伊朗黑客使用ChatGPT策划ICS攻击
- [ ] 研究人员在Windows版的SVN中发现代码执行漏洞
- [ ] Veeam曝出关键漏洞，勒索团伙趁火打劫利用RCE攻击全球企业
- [ ] Nullinux：一款针对Linux操作系统的安全检测工具
- [ ] 黑客必刷的16个靶场（渗透基础、CTF、漏洞实战、内网渗透）
- [ ] 招生开启 | CAISP人工智能安全认证专家
- [ ] 重阳节，为爸妈做7件事儿
- [ ] CNNVD关于微软多个安全漏洞的通报
- [ ] 工业和信息化部办公厅关于分级打造中国消费名品方阵的通知
- [ ] 重磅！工信部“数字三品”应用场景典型案例正式启动
- [ ] 中国软件评测中心牵头制定的四项团体标准正式发布
- [ ] 《移动互联网应用程序（App）安全认证技术要求与评价指标》焕新升级，APP安全认证轻装上阵
- [ ] 突破封锁，深入腹地：网络跳板技术全解析
- [ ] 8年老网安关于职场的一点思考
- [ ] 【安全圈】黑客利用YouTube 平台传播复杂的恶意软件
- [ ] 【安全圈】卡巴斯基在没有任何提示的情况下安装 UltraAV 防病毒软件
- [ ] 【安全圈】Veeam曝出关键漏洞，勒索团伙趁火打劫利用RCE攻击全球企业
- [ ] 【安全圈】0ktapus威胁组织对130多家企业发起网络攻击
- [ ] 倒计时6天！2024补天白帽大会全议程发布！
- [ ] 权威力荐｜360安全大模型获机构首推，树立网安行业新标杆！
- [ ] 爆破及喷洒过程中与常见限制机制的对抗思路
- [ ] 互联网档案馆被黑，3100万用户信息暴露
- [ ] 政策解读 | 欧盟发布《数据治理法案》实施指导文件
- [ ] 金秋10月，数“链”上海，这封2024全球数商大会邀请函请查收！
- [ ] 【通知】10.26-27第四届全国开源情报技术大会在武汉举行（附会议日程）
- [ ] 【转载】大战在即——美军大量增兵中东地区支持以色列对伊朗动武报复
- [ ] cnvd通用型漏洞挖掘思路
- [ ] 盛邦安全荣获IDC满分评价, 以资产为核心，打造全场景、智能化攻击面管理解决方案
- [ ] 小红书提出大模型推理加速算法 HASS 刷新 SOTA
- [ ] Ruby-SAML Bypass && GitLab SAML Bypass(CVE-2024-45409)
- [ ] 2024上半年全球云上数据泄露风险分析报告发布：12亿条隐私数据泄露
- [ ] 中共中央办公厅国务院办公厅关于加快公共数据资源开发利用的意见
- [ ] 9项网络安全国家标准获批发布
- [ ] 专题·“微软蓝屏”事件 | “微软蓝屏”事件对提升网络安全保障能力的启示
- [ ] 发布 | 中国移动发布《AI+智慧城市安全解决方案白皮书》
- [ ] CNNVD | 关于微软多个安全漏洞的通报
- [ ] 关注 | 中央网信办部署开展“清朗·规范网络语言文字使用”专项行动
- [ ] 解读 | 激发供数动力释放用数活力——解读《关于加快公共数据资源开发利用的意见》
- [ ] 国际 | 韩国个人数据开发利用有何经验可循？
- [ ] 物理隔离竟也被攻破？多国政府遭APT攻击凸显网络战升级
- [ ] 第39次全国计算机安全学术交流会数据安全论坛圆满落幕
安全客-有思想的安全新媒体
- [ ] Kingsoft × Hacking Group 议题征集，引领AI 安全新纪元！
- [ ] 指针分析与Java反序列化利用链挖掘实践（一）
- [ ] 权威机构推荐：360引领中国网络安全软件技术发展趋势
- [ ] F5 的报告：近 30% 面向客户的 API 未受 Https 保护
- [ ] Coinbase 进行重大升级，用户现在可以向 Taproot 地址发送比特币
- [ ] 开源身份和访问管理平台 Keycloak 发布了安全更新以解决一个高严重性漏洞
- [ ] 美国证券交易委员会与贸易公司达成和解，称其利用人工智能“流行语”欺骗投资者
- [ ] AsyncRAT 恶意软件活动利用 Bitbucket 发起多阶段攻击
- [ ] Progress 修补 Telerik 报告服务器中的重大安全漏洞 CVE-2024-8015 (CVSS 9.1)
- [ ] CVE-2024-41713 (CVSS 9.8)：未修补的 MiCollab 漏洞允许未经授权的访问
- [ ] Zyxel 设备遭恶意攻击：需要紧急固件更新
- [ ] Palo Alto Expedition 中的 CVE-2024-9465 (CVSS 9.2) SQLi 漏洞曝光：发布完整漏洞利用和 PoC
Recent Commits to cve:main
- [ ] Update Fri Oct 11 22:33:45 UTC 2024
- [ ] Update Fri Oct 11 14:36:25 UTC 2024
- [ ] Update Fri Oct 11 06:33:32 UTC 2024
一个被知识诅咒的人
- [ ] Python与虚拟现实：使用Python构建简单的VR场景
- [ ] AIGC在游戏开发中的应用：用Python结合AI生成游戏场景和角色，结合Unity与Unreal Engine
- [ ] 生成艺术：用Python随机生成抽象艺术作品
- [ ] 用Python和GPT创建自己的智能聊天助手：从零构建一个多功能对话系统
Tenable Blog
- [ ] Cybersecurity Snapshot: How AI Can Boost Your Cybersecurity Program
blog.avast.com EN
- [ ] How AI is being used this 2024 election season
SentinelOne
- [ ] The Good, the Bad and the Ugly in Cybersecurity – Week 41
Mozilla Security Blog
- [ ] Behind the Scenes: Fixing an In-the-Wild Firefox Exploit
FreeBuf网络安全行业门户
- [ ] FreeBuf周报 | Apache Avro SDK曝关键漏洞；Word神奇Bug会直接删除文件
- [ ] 蚂蚁国际安全团队诚招安全人才！
- [ ] FreeBuf早报 | 国安部警告闲置网络设备莫大意；欧洲理事会通过《网络弹性法案》
- [ ] 研究人员在Windows版的SVN中发现代码执行漏洞
- [ ] 黑客利用YouTube 平台传播复杂的恶意软件
- [ ] Veeam曝出关键漏洞，勒索团伙趁火打劫利用RCE攻击全球企业
- [ ] 伊朗黑客使用ChatGPT策划ICS攻击
安全牛
- [ ] 冷眼看雷军AI配音恶搞，这热闹还看得下去吗？
- [ ] 在办公环境中开启iPhone 镜像功能或存在严重的隐私和法律违规风险；合法互联网服务武器化正在成为一种流行的攻击趋势 | 牛览
HackerNews
- [ ] Progress 修补 Telerik 报告服务器中的重大安全漏洞 CVE-2024-8015 (CVSS 9.1)
- [ ] AsyncRAT 恶意软件活动利用 Bitbucket 发起多阶段攻击
- [ ] 美国证券交易委员会与贸易公司达成和解，称其利用人工智能“流行语”欺骗投资者
- [ ] Coinbase 进行重大升级，用户现在可以向 Taproot 地址发送比特币
- [ ] 伊朗黑客使用 ChatGPT 策划 ICS 攻击
- [ ] 黑客利用 YouTube 平台传播复杂的恶意软件
- [ ] Veeam 曝出关键漏洞，勒索团伙趁火打劫利用 RCE 攻击全球企业
- [ ] 因配置不当，约 5000 个 AI 模型与训练数据集在公网暴露
- [ ] 在数据泄露高达 3100 万人后，黑客组织对互联网档案馆的 DDoS 攻击仍在继续
奇客Solidot–传递最新科技情报
- [ ] Fedora Asahi Remix 支持运行部分 3A 游戏
- [ ] 网信办展开规范网络语言文字专项行动
- [ ] X-37B 将执行一系列机动
- [ ] 诺贝尔和平奖授予日本核爆受害者团体
- [ ] 调查发现父母更信任 ChatGPT 生成的健康指导
- [ ] Google 量子计算机能打败今天最强的超算
- [ ] 哆啦A梦声优大山羡代去世
- [ ] 英特尔宣布了酷睿 Ultra 200 系列桌面处理器
- [ ] 研究称盗版会导致游戏收益损失 19%
- [ ] 黑客入侵美国 ISP 访问后门系统证明苹果关于加密后门的观点是正确的
- [ ] FIFA 和 PES 展开合作
半块西瓜皮
- [ ] grs-通过REALITY协议实现的内网穿透工具
腾讯玄武实验室
- [ ] 每日安全动态推送(10-11)
威努特安全网络
- [ ] 直击痛点！威努特解决智能制造企业远程运维难题
安全客
- [ ] 全球资产管理巨头富达投资数据泄露：7.7万客户信息遭曝光
青衣十三楼飞花堂
- [ ] Unix系列(18)--Seccomp BPF初探
安全内参
- [ ] 泄露全球数亿人信息，这家巨头被罚超3.6亿元
- [ ] 互联网档案馆被黑，3100万用户信息暴露
信安之路
- [ ] 白帽子手机APK渗透神器（实测）
代码卫士
- [ ] GitLab：注意严重的任意分支管道执行漏洞
- [ ] 谷歌应用商店突然下架卡巴斯基所有产品
奇安信威胁情报中心
- [ ] 每周高级威胁情报解读(2024.09.27~10.10)
暗影安全
- [ ] 倒计时6天！2024补天白帽大会全议程发布！
丁爸情报分析师的工具箱
- [ ] 【通知】10.26-27第四届全国开源情报技术大会在武汉举行（附会议日程）
- [ ] 【转载】大战在即——美军大量增兵中东地区支持以色列对伊朗动武报复
君哥的体历
- [ ] 如何做软件正版化管控？是否有项目能同时解决安全、运维和开发的问题？以及在生产环境开web应用漏扫策略的探讨...｜总第265周
安全研究GoSSIP
- [ ] G.O.S.S.I.P 阅读推荐 2024-10-11 RAID 2024最佳实践论文奖之KernJC
dotNet安全矩阵
- [ ] .NET 一款事件查看器反序列化漏洞绕过UAC的工具
- [ ] .NET 安全基础入门学习知识库
- [ ] 40套.NET系统漏洞威胁情报(10.11更新)
慢雾科技
- [ ] 慢雾：貔貅盘防范指南
网络空间安全科学学报
- [ ] 第39届全国计算机安全学术交流会在西安顺利召开
- [ ] 通知 | 计算机安全专委会网络安全科普工作组征集科普专家
火绒安全
- [ ] 【火绒安全周报】韩国“AI换脸”色情犯罪已入刑/乐高网站被黑客入侵
极客公园
- [ ] 马斯克再画「无人车」大饼，Party 开完特斯拉股票就跌了
- [ ] 字节版「小红书」，为什么成为2024年北美最火的App？
- [ ] 字节豆包推出 AI 智能体耳机；小米 SU7 Ultra 首次征战纽北遇雨；任天堂推出「体感闹钟」｜极客早知道
数世咨询
- [ ] 云CRM用户必看：7个数据安全实践指南！
阿里安全响应中心
- [ ] 第三周奖励情况｜2024双11安全保卫战倒计时三天！
情报分析师
- [ ] 美国政府电话通讯录曝光（24年10月最新版）
- [ ] 暗影力量：美中情局的隐秘军事行动队
嘶吼专业版
- [ ] macOS Sequoia 更新后出现防护软件网络连接错误问题
- [ ] 嘶吼专访|蚂蚁集团高级技术专家杨洋：以密码为基探循铜锁/Tongsuo的开源之路
深信服千里目安全技术中心
- [ ] 【漏洞通告】Mozilla Firefox Animation timelines远程代码执行漏洞(CVE-2024-9680)
- [ ] 【漏洞通告】GitLab EE 权限绕过漏洞(CVE-2024-9164)
- [ ] Microsoft发布2024年10月安全更新
CNVD漏洞平台
- [ ] Microsoft发布2024年10月安全更新
360数字安全
- [ ] 权威力荐｜360安全大模型获机构首推，树立网安行业新标杆！
迪哥讲事
- [ ] 渗透测试｜记一次SQL注入新用法
白泽安全实验室
- [ ] GoldenJackal组织利用定制工具针对外交和物理隔离网络展开攻击——每周威胁情报动态第195期（10.04-10.10）
Securityinfo.it
- [ ] Google lancia Global Signal Exchange per combattere le frodi online
ICT Security Magazine
- [ ] Valutare i rischi Cyber al tempo dell’Intelligenza Artificiale
DEF CON Announcements!
- [ ] Room blocks now open at Sahara and Venetian for DEF CON 33!
- [ ] DEF CON 32 Video is Here!
Over Security - Cybersecurity news aggregator
- [ ] Casio says ransomware attack exposed info of employees, customers and business partners
- [ ] Il nuovo Piracy shield è legge. E per internet è un grosso problema
- [ ] National Public Data files for bankruptcy, citing fallout from cyberattack
- [ ] CISA: Hackers abuse F5 BIG-IP cookies to map internal servers
- [ ] Ukraine police arrest hacker for operating illegal VPN service to access sanctioned Russian sites
- [ ] CISA: Hackers abuse F5 BIG-IP cookies to map network devices
- [ ] AT&T, Verizon, Lumen executives hear from lawmakers about reported China hacks
- [ ] Perché è il momento di fare (e informare)
- [ ] Rider, come ti calcolo il punteggio
- [ ] Così ci siamo dimenticati delle falle nel silicio
- [ ] Il grande puzzle del metaverso
- [ ] L’irresistibile ascesa dei troll di Stato
- [ ] Startup malware: come lavorano le gang cybercriminali
- [ ] Non solo balletti: il ruolo di TikTok nell’infowar
- [ ] Reparto ransomware: quando viene attaccato un ospedale
- [ ] Incoscienti e sfacciati: le tecniche dei teenager che violano aziende
- [ ] Russia, così viene aggirata la censura internet
- [ ] Perché il Web3 ci fa litigare
- [ ] Guerra e armi autonome: perché è l’ora di parlarne
- [ ] Per l’Ue (e l’Italia) la sovranità digitale è ancora lontana
- [ ] Google lancia Global Signal Exchange per combattere le frodi online
- [ ] Casio confirms customer data stolen in a ransomware attack
- [ ] Cyber insurer says ransomware attacks drove a spike in claim sizes
- [ ] Sintesi riepilogativa delle campagne malevole nella settimana del 05 – 11 ottobre
- [ ] Cyberattack targets healthcare nonprofit overseeing 13 Colorado facilities
- [ ] Russian court websites down after breach claimed by pro-Ukraine hackers
- [ ] NATO moves ‘most experienced and expert individual’ on cyber out of cyber section
- [ ] Stalkphish.io – Launch of our Professional Plan
- [ ] WooCommerce Security Essentials for Store Owners
bellingcat
- [ ] From Mauritius to Sudan, You Told Us Where To Look. Here Are the Results
安全419
- [ ] 共建新一代互联网生态 IPv6改造势在必行
- [ ] 安全419企业探营 | 走进海云安
TaoSecurity Blog
- [ ] What Are Normal Users Supposed to Do with IDS Alerts from Network Gear?
SANS Internet Storm Center, InfoCON: green
- [ ] ISC Stormcast For Friday, October 11th, 2024 https://isc.sans.edu/podcastdetail/9176, (Fri, Oct 11th)
Schneier on Security
- [ ] Indian Fishermen Are Catching Less Squid
- [ ] More on My AI and Democracy Book
- [ ] IronNet Has Shut Down
Instapaper: Unread
- [ ] A forensic approach identification of source printer through deep learning
- [ ] Exploiting LNK Metadata
- [ ] Milano Digital Week Il digitale per la sicurezza
- [ ] Le nuove norme anti-pirateria sono ancora peggio di quanto si pensasse
- [ ] Cybersecurity, la Corte dei conti europea ha bocciato l'Italia
LockBoxx
- [ ] Frequently Asked Questions from AMA
Trend Micro Research, News and Perspectives
- [ ] Earth Simnavaz Levies Advanced Cyberattacks Against UAE and Gulf Regions
- [ ] Earth Simnavaz (aka APT34) Levies Advanced Cyberattacks Against UAE and Gulf Regions
The Hacker News
- [ ] GitHub, Telegram Bots, and QR Codes Abused in New Wave of Phishing Attacks
- [ ] How Hybrid Password Attacks Work and How to Defend Against Them
- [ ] CISA Warns of Threat Actors Exploiting F5 BIG-IP Cookies for Network Reconnaissance
- [ ] New Critical GitLab Vulnerability Could Allow Arbitrary CI/CD Pipeline Execution
- [ ] Bohemia and Cannabia Dark Web Markets Taken Down After Joint Police Operation
Il Disinformatico
- [ ] Podcast RSI – Password, Microsoft e NIST dicono che cambiarle periodicamente è sbagliato
The Register - Security
- [ ] INC ransomware rebrands to Lynx – same code, new name, still up to no good
- [ ] US lawmakers seek answers on alleged Salt Typhoon breach of telecom giants
- [ ] RAC duo busted for stealing and selling crash victims' data
- [ ] Keir Starmer hands ex-Darktrace boss investment minister gig
- [ ] FBI created a cryptocurrency so it could watch it being abused
- [ ] Healthcare attacks spread beyond US – just ask India's Star Health
Computer Forensics
- [ ] TRACE - ForensicToolkit v1.0.1 Update
Your Open Hacker Community
- [ ] How a Simple Extension Transformed My Hunt for Hidden Endpoints
- [ ] RCE after exploiting a buffer overflow
netsecstudents: Subreddit for students studying Network Security and its related subjects
- [ ] i m looking for a partner, or a small group to prepare for the ejpt cert !?
Deep Web
- [ ] Is the content on a platform via an onion link in any way different?
Social Engineering
- [ ] Do I understand Social Engineering?
- [ ] Getting Free Stuff
- [ ] How This Teenager Stole $230,000,000
Deeplinks
- [ ] Should I Use My State’s Digital Driver’s License?
- [ ] Podcast Episode Rerelease: So You Think You’re A Critical Thinker
TorrentFreak
- [ ] RIAA’s Flags Latest Piracy Threats, Sees a Future for AI
- [ ] Flawless IPTV Kingpin’s 11-Year Prison Sentence Upheld at Court of Appeal
Security Affairs
- [ ] GitLab fixed a critical flaw that could allow arbitrary CI/CD pipeline execution
- [ ] Iran and China-linked actors used ChatGPT for preparing attacks
- [ ] Internet Archive data breach impacted 31M users
Blackhat Library: Hacking techniques and research
- [ ] Your tech + my skills = the next moonshot meme
网安寻路人
- [ ] 欧洲健康数据空间建设历程分析与启示
Security Weekly Podcast Network (Audio)
- [ ] Cybercab, Golden Jackal, Mamba 2FA, Microsoft, iPhone thieves, esims, Aaran Leyland.. - SWN #421
- [ ] Community Knowledge Sharing with CyberNest - Ben Siegel, Aaron Costello - ESW #379