[每日信息流] 2024-10-24

[chainreactorbot]

每日安全资讯（2024-10-24）

• 奇安信攻防社区
  • [ ] 2024 Blue Water CTF - The Great Escape
• Security Boulevard
  • [ ] CVE-2024-47575: Frequently Asked Questions About FortiJump Zero-Day in FortiManager and FortiManager Cloud
  • [ ] DEF CON 32 – AppSec Village – Speed Bumps and Speed HacksP: Adventures in Car Mfg Security
  • [ ] One-Week SOAR Migration: It’s a Fact
  • [ ] Comic Agilé – Mikkel Noe-Nygaard, Luxshan Ratnaravi – #310 – The Day After PI Planning
  • [ ] Dark Web Forum Arrests, Columbus Ransomware Attack Updates, and American Background Info Data Leak
  • [ ] API Vulnerabilities Jump 21% in Third Quarter
  • [ ] SEC is Not Accepting Half-Truths
  • [ ] BTS #40 – Backdoors in Backdoors – Matt Johansen
  • [ ] FortiJump: Yet Another Critical Fortinet 0-Day RCE
  • [ ] DEF CON 32 – AppSec Village – Using EPSS for Better Management Vulnerability Management
• 安全客-有思想的安全新媒体
  • [ ] 专家警告称，大黄蜂恶意软件将出现新一波攻击
  • [ ] Styra 公司的开放策略代理（OPA）中存在安全漏洞 CVE-2024-8260，可能导致 NTLM 哈希值泄露
  • [ ] 三星零日缺陷在野外被积极利用
  • [ ] Lumma Stealer利用虚假验证码页面传播无文件恶意软件
  • [ ] 加密劫持警报：黑客利用 gRPC 和 HTTP/2 来部署矿机
  • [ ] Meta 利用面部识别技术打击欺诈和账户接管行为
  • [ ] Symantec 报告称在安卓和 iOS 平台的多款移动应用中发现严重安全问题
  • [ ] 紧急安全更新：Guix 系统修补关键漏洞
  • [ ] 1，700家银行，45个国家：Grandoreiro特洛伊木马扩大其影响范围
  • [ ] 智领未来，安全共生 | 360漏洞云亮相“S创上海2024”，共探AI安全发展
• SecWiki News
  • [ ] SecWiki News 2024-10-23 Review
• Recent Commits to cve:main
  • [ ] Update Wed Oct 23 22:30:03 UTC 2024
  • [ ] Update Wed Oct 23 14:33:21 UTC 2024
  • [ ] Update Wed Oct 23 06:20:47 UTC 2024
• CXSECURITY Database RSS Feed - CXSecurity.com
  • [ ] IBM Security Verify Access 10.0.8 Open Redirection
  • [ ] ABB Cylon Aspect 3.08.01 persistenceManagerAjax.php Command Injection
  • [ ] ABB Cylon Aspect 3.08.01 databaseFileDelete.php Command Injection
  • [ ] Paxton Net2 API License Bypass
• Private Feed for M09Ic
  • [ ] liamg starred liamg/moon
  • [ ] liamg released v1.0.0 at liamg/moon
• Tenable Blog
  • [ ] CVE-2024-47575: Frequently Asked Questions About FortiJump Zero-Day in FortiManager and FortiManager Cloud
• 一个被知识诅咒的人
  • [ ] 【人工智能】掌握深度学习中的时间序列预测：深入解析RNN与LSTM的工作原理与应用
  • [ ] 【AIGC】关键词智能匹配：AI驱动的RAG知识库检索技术全解析
  • [ ] 【人工智能】解锁Transformer的秘密：输入与输出的高效实现与深度解析
  • [ ] 【人工智能】探索自然语言处理中的语音识别技术：基于Recurrent Neural Networks (RNN) 和长短期记忆网络（LSTM）模型的深入剖析
  • [ ] 【C++】高效网络编程的利器：用C++与Boost库实现异步TCP/UDP服务器
  • [ ] C++模板编程：使用模板实现高效泛型算法
• 嘶吼 RoarTalk – 网络安全行业综合服务平台,4hou.com
  • [ ] 开启云网安新征程，云科安信与白山云达成深度战略合作
  • [ ] 手把手玩转路由器漏洞挖掘系列 - UPNP协议安全风险
  • [ ] 手把手玩转路由器漏洞挖掘系列-ZiggBee协议
  • [ ] 黑客滥用 F5 BIG-IP cookie 来映射内部服务器
  • [ ] Jetpack 修复了 2016 年以来存在的关键信息泄露漏洞
  • [ ] 营收同比增长19.57%！一图读懂2024年第三季度报告，看国投智能All in AI
  • [ ] 成功中标！360携手中国移动共建终端安全防线
  • [ ] 警惕黑产团伙“黑猫”广撒网盗窃密币、挖矿，中招企业极多！
• Doonsec's feed
  • [ ] 一些好用的渗透工具推荐0x02
  • [ ] 黑客的睡前一思part56
  • [ ] WhatsApp 推出加密跨设备联系人同步功能
  • [ ] 【漏洞预警】Microsoft Remote Registry Service特权提升漏洞CVE-2024-43532
  • [ ] 2025年之【大学生】网安自学就业指导1.0
  • [ ] 时空智友企业流程化管控系统uploadStudioFile接口存在任意文件上传漏洞 -老漏洞
  • [ ] 高校人力资源管理服务平台系统ReportServer接口存在敏感信息泄露漏洞 附POC
  • [ ] SecWiki周刊（第555期）
  • [ ] IoT安全揭秘：电压注入与密钥窃取的黑暗之路
  • [ ] 央视《焦点访谈》专访齐向东：金融政策的支持让奇安信把科技创新进行到底
  • [ ] 中兴通讯&奇安信举办CXO DAY 暨技术交流日活动圆满举办
  • [ ] 2024智慧安防数字安全高峰论坛在京举行
  • [ ] 网安人的尽头真的是“保安”吗？
  • [ ] 郑州两家公司因违反《数据安全法》被处罚
  • [ ] 安全领域的智慧盛宴！看雪·第八届安全开发者峰会圆满收官
  • [ ] 垃圾洞，在SRC捡了1w赏金。
  • [ ] 【房主直销】北京积分落户&学区好房！低总价、高租金，好地段、好楼层、好户型！
  • [ ] “揭秘联合国数据泄露：全球合作组织信息被曝光！
  • [ ] 【干货原创】实网攻防演习常态化，会带来什么变化01
  • [ ] 【干货】笑傲职场的独家经验（1）
  • [ ] 【干货原创】K12教育，鲜为人知的模式秘密
  • [ ] 原创文章目录
  • [ ] 猎豹浏览器，有必要并入WPS
  • [ ] 号卡极团分销管理系统 index.php SQL注入漏洞
  • [ ] 【年会】网络与信息法学研究会2024年年会精彩观点回顾（分论坛七）
  • [ ] 【资讯】重庆市经信委等九部门印发《重庆市工业互联网标识解析“贯通山城”行动计划（2024—2027年）》
  • [ ] 甄云SRM云平台 SpEL表达式注入漏洞(XVE-2024-18301)
  • [ ] 警惕！泛微E-Office漏洞引发数据泄露风险
  • [ ] 某小说APP-会员分析过程
  • [ ] 长亭科技—2025届校园招聘已经启动，速投！
  • [ ] 华为： Al系统的网络安全治理实践
  • [ ] 以太网安全 - 效果如何? nxp
  • [ ] 在单片机上开发汽车软件功能的几个关键错误
  • [ ] 赛事通知 | 关于举办2024年全国行业职业技能竞赛——第五届全国电信和互联网行业职业技能竞赛的通知
  • [ ] 【转载】介质取证-打印机痕迹取证揭秘
  • [ ] 第二届“数信杯”数据安全大赛数据安全讲师选拔赛、优秀案例征集赛、产品能力评比赛获奖名单及数据安全积分争夺赛决赛晋级名单公布
  • [ ] VMware 发布 vCenter Server 更新以修复关键的 RCE 漏洞
  • [ ] 血与泪的教训，分享我的安全培训踩坑经验
  • [ ] 医学SCI无忧发表 | 大牛帮修改、润色、选刊、投稿、返修，6个月承诺中刊！
  • [ ] 神州希望党支部2024年10月主题党日
  • [ ] 【※】顺手一个小工具拥有自己的ipinfo站点
  • [ ] 马斯克：允许第三方使用X平台用户数据训练AI
  • [ ] 联合国再次发生重大数据泄漏事件，“全球组织”曝光
  • [ ] 工信部：前三季度工业和信息化经济运行平稳 高质量发展扎实推进
  • [ ] 卡西欧遭遇灾难式勒索攻击：系统瘫痪、交付延迟、财报推迟
  • [ ] 你的个人信息可能是这样泄露的……
  • [ ] 谈谈网络安全产业：如何才能走出沼泽地
  • [ ] 原生鸿蒙正式发布，国产操作系统进入自主可控时代
  • [ ] 【安全圈】水军狂喜？Claude AI现在可以控制PC并自己移动鼠标完成任务操作
  • [ ] 【安全圈】高通64款芯片存在0Day漏洞
  • [ ] 【安全圈】K8s曝9.8分漏洞，黑客可获得Root访问权限
  • [ ] 【安全圈】三星设备曝出高危零日漏洞，已在野外被利用
  • [ ] 好物分享｜BurpAPIFinder-Refactor
• Files ≈ Packet Storm
  • [ ] ABB Cylon Aspect 3.08.01 logCriticalLookup.php Unauthenticated Log Disclosure
  • [ ] ABB Cylon Aspect 3.08.01 throttledLog.php Unauthenticated Log Disclosure
  • [ ] Ubuntu Security Notice USN-7082-1
  • [ ] Ubuntu Security Notice USN-7081-1
  • [ ] Ubuntu Security Notice USN-7079-1
  • [ ] Red Hat Security Advisory 2024-8359-03
  • [ ] Red Hat Security Advisory 2024-8358-03
  • [ ] Red Hat Security Advisory 2024-8357-03
  • [ ] Red Hat Security Advisory 2024-8356-03
  • [ ] Red Hat Security Advisory 2024-8355-03
  • [ ] Red Hat Security Advisory 2024-8354-03
  • [ ] Red Hat Security Advisory 2024-8353-03
  • [ ] Red Hat Security Advisory 2024-8352-03
  • [ ] Red Hat Security Advisory 2024-8351-03
  • [ ] Red Hat Security Advisory 2024-8339-03
  • [ ] Red Hat Security Advisory 2024-8338-03
  • [ ] Red Hat Security Advisory 2024-8329-03
  • [ ] Red Hat Security Advisory 2024-8327-03
  • [ ] Red Hat Security Advisory 2024-8312-03
  • [ ] Red Hat Security Advisory 2024-8232-03
  • [ ] Red Hat Security Advisory 2024-8229-03
  • [ ] Red Hat Security Advisory 2024-8228-03
  • [ ] Red Hat Security Advisory 2024-6341-03
• Cerbero Blog
  • [ ] Cerbero Suite 8.1
• Bug Bounty in InfoSec Write-ups on Medium
  • [ ] Parameter tampering result in product price manipulation
• Securelist
  • [ ] The Crypto Game of Lazarus APT: Investors vs. Zero-days
• blog.avast.com EN
  • [ ] Deep web horror stories from the dark side of the internet
• SentinelOne
  • [ ] Climbing The Ladder | Kubernetes Privilege Escalation (Part 1)
• Reverse Engineering
  • [ ] Windows User Space Emulator
  • [ ] Multiple vulnerabilities in the Realtek card reader driver. Affects Dell, Lenovo, etc
• PortSwigger Research
  • [ ] Concealing payloads in URL credentials
• Microsoft Security Response Center
  • [ ] Congratulations to the Top MSRC 2024 Q3 Security Researchers!
• Malwarebytes
  • [ ] After concerns of handing Facebook taxpayer info, four companies found to have improperly shared data
  • [ ] LinkedIn bots and spear phishers target job seekers
• 安全牛
  • [ ] 长扬科技李飞：破解工业安全靶场“建而不用“谜局
  • [ ] 美国海关执法局间谍软件项目被叫停，将接受白宫合规审查；新型Spectre漏洞变种持续威胁Intel和AMD处理器安全性 | 牛览
  • [ ] 安全牛课堂 | “双11”网安培训课程组合包+单课低价返现
• FreeBuf网络安全行业门户
  • [ ] 面向研发过程的软件供应链风险检测与治理 | FCIS 2024大会议题前瞻
  • [ ] FreeBuf早报 | 台防务部门内部个人信息遭泄露；工信部部长会见苹果公司CEO
  • [ ] 攻击者正滥用Gophish传播远程访问木马程序
  • [ ] 三星设备曝出高危零日漏洞，已在野外被利用
• 奇客Solidot–传递最新科技情报
  • [ ] 维基百科遵守印度法庭命令删除了一个条目
  • [ ] 日本公布了其候选登月宇航员
  • [ ] 数学家仍然在追赶拉马努金的神来之手
  • [ ] Arm 向高通发出取消芯片设计授权的通知
  • [ ] 30 亿年前撞击地球的陨石让海洋为之沸腾
  • [ ] 亚马逊声称其反工会策略受到宪法第一修正案的保护
  • [ ] Meta 封禁了跟踪扎克伯格和马斯克私人飞机的账号
  • [ ] Linux 项目以合规为由移除了多名俄籍维护者
• Checkmarx
  • [ ] Why Checkmarx Leads the ASPM Market: A Deep Dive into the Frost & Sullivan 2024 Report
• 黑海洋 - WIKI
  • [ ] Linux 将数名与俄罗斯联邦相关贡献者从维护者列表中移除
  • [ ] NGINX站点开启HTTP/3 提升网站速度与安全性
  • [ ] Cloudflare缓存加速技术,让网站飞起来
• 腾讯安全应急响应中心
  • [ ] 秋日新篇｜腾讯视频专项众测启动！
• 腾讯玄武实验室
  • [ ] 每日安全动态推送(24/10/23)
• 安全客
  • [ ] 互联网档案馆一个月内遭两次黑客攻击，数千万用户数据泄露
• 威努特安全网络
  • [ ] 制造巨头海量数据被勒索公开！看威努特如何有效防治
• 安全分析与研究
  • [ ] 谷堕大盗黑产组织最新攻击样本详细分析
• vivo千镜
  • [ ] VDC安全与隐私会场专题解读三：AI 赋能千镜可信生态
• 代码卫士
  • [ ] 软件责任机制的挣扎：非常非常非常艰难
  • [ ] NPM恶意包利用SSH后门攻击开发人员的以太坊钱包
• 黑奇士
  • [ ] 在德华裔男子通过小红书寻找性侵猎物，法兰克福及周边发生四起连环性侵案，专门针对单身女房东
  • [ ] 筑牢数字安全屏障，360中标中国移动终端安全软件产品集采项目
• 雷神众测
  • [ ] 1024雷神众测想与你碰个面！
• 二道情报贩子
  • [ ] 合法跟踪定位的新思路
• 安全内参
  • [ ] 卡西欧遭遇灾难式勒索攻击：系统瘫痪、交付延迟、财报推迟
  • [ ] 联合国再次发生重大数据泄漏事件，“全球组织”曝光
• DataCon大数据安全分析竞赛
  • [ ] 网络基础设施安全赛道 | 道高一尺还是魔高一丈？（文末抽奖）
• 丁爸 情报分析师的工具箱
  • [ ] 【资料】开源安全与风险分析报告-确保开源供应链安全的指南(2024)
  • [ ] 【资料】美国情报界将如何贴近开源情报的讨论
• dotNet安全矩阵
  • [ ] .NET 一款通过API实现的免杀WebShell
  • [ ] .NET 安全基础入门学习知识库
  • [ ] 42套.NET系统漏洞威胁情报(10.23更新)
• 安全圈
  • [ ] 【安全圈】水军狂喜？Claude AI现在可以控制PC并自己移动鼠标完成任务操作
  • [ ] 【安全圈】高通64款芯片存在0Day漏洞
  • [ ] 【安全圈】K8s曝9.8分漏洞，黑客可获得Root访问权限
  • [ ] 【安全圈】三星设备曝出高危零日漏洞，已在野外被利用
• 微步在线
  • [ ] 问渠哪得清如许，唯有源头活水来 | 蔚来背后的“流量”安全密码
• 数世咨询
  • [ ] 报告显示：勒索软件攻击激增，你的数据安全了吗？
  • [ ] 构建精益安全体系：浅析4个攻击面管理技术
• 情报分析师
  • [ ] 如何从社交网络获取情报
  • [ ] 情报分析的关键工具：情报报告与情报简报
• 默安科技
  • [ ] 默安科技攻击队勇夺湖北省“HW2024”网络攻防实战演习魁首！
• 中国信息安全
  • [ ] 专题·勒索软件治理 | 勒索软件攻击态势及治理研究
  • [ ] 专家解读 | 吴志刚：双力齐发释放公共数据潜能 五措并举助力数字经济发展
  • [ ] 关注 | 国家网络安全通报中心发布重点防范境外恶意网址和恶意IP
  • [ ] 聚焦 | 第十七届（2024）中国国际社会公共安全产品博览会暨智能与安全产业发展大会在京开幕
  • [ ] 行业 | 深信服秋季新品发布：安全GPT 4.0与分布式存储EDS新版本520，助力数字化更简单、更安全
  • [ ] 发布 | 中国移动发布《AI+智慧城市安全解决方案白皮书》
  • [ ] 解读 | 构建有效融合协调的公共数据共享开放利用新格局——浅谈《广东省数据条例（草案征求意见稿）》亮点
• 嘶吼专业版
  • [ ] 黑客滥用 F5 BIG-IP cookie 来映射内部服务器
  • [ ] Jetpack 修复了 2016 年以来存在的关键信息泄露漏洞
• 国家互联网应急中心CNCERT
  • [ ] 网络安全信息与动态周报2024年第42期（10月14日-10月20日）
• 极客公园
  • [ ] 我用一招「隐藏术」，PUA 了所有大模型
  • [ ] 「原生」鸿蒙，华为 AI 生态的「最后一片拼图」
  • [ ] 麦当劳爆发大肠杆菌事故，股价大跌；小鹏飞行汽车完成首飞；《银翼杀手 2049》制片方起诉特斯拉与马斯克 | 极客早知道
• 威胁猎人Threat Hunter
  • [ ] 深圳站看点｜乐信、vivo、如祺出行专家实战分享，黑产武器库现场体验
• OPPO安全中心
  • [ ] ODC24 安全生态分论坛：OPPO构建端云协同技术，守护AI时代隐私安全
  • [ ] 2024年9月及Q3奖励公告
• 吴鲁加
  • [ ] 读贝索斯致股东信，Day 1 秘籍保持活力
• 陌陌安全
  • [ ] AI安全的尝试
• 360数字安全
  • [ ] 原生鸿蒙正式发布，国产操作系统进入自主可控时代
• 深信服千里目安全技术中心
  • [ ] 【二次通告】VMware vCenter Server堆溢出漏洞(CVE-2024-38812)
  • [ ] CNVD漏洞周报2024年第42期
• 迪哥讲事
  • [ ] 垃圾洞，在SRC捡了1w赏金。
• 安全419
  • [ ] 网络资产隐患丛生 攻击面管理如何化解
  • [ ] 落实安全左移迫在眉睫 | 伊朗APT34组织针对阿联酋及海湾关键基础设施发动攻击
• Over Security - Cybersecurity news aggregator
  • [ ] Meta lancia iniziativa di riconoscimento facciale per combattere le truffe online con celebrità
  • [ ] High-severity FortiManager bug being exploited by hackers
  • [ ] Wisconsin sued over voting system’s allegedly weak cyber protections
  • [ ] Windows 11 KB5044380 preview update lets you remap the Copilot key
  • [ ] Ransomware gang stoops to new low, targets prominent nonprofit for disabled people
  • [ ] WhatsApp now encrypts contact databases for privacy-preserving synching
  • [ ] Nigerian court drops charges against detained Binance executive Tigran Gambaryan
  • [ ] Lazarus hackers used fake DeFi game to exploit Google Chrome zero-day
  • [ ] Trickle-down cyber economics: UK hails success of Cyber Essentials certification scheme
  • [ ] Penn State fined $1.25 million for failing to meet cyber requirements in federal contracts
  • [ ] UK court says dissident can sue the Saudi government for targeting him with spyware
  • [ ] Google to let businesses create curated Chrome Web Stores for extensions
  • [ ] The New Cold War is Here: Preparing Your Business for The Convergence of Geopolitical, Physical and Cyber Threats
  • [ ] Fortinet warns of new critical FortiManager flaw used in zero-day attacks
  • [ ] Russia-linked influence campaign shifts focus to US presidential election: report
  • [ ] Hackers exploit 52 zero-days on the first day of Pwn2Own Ireland
  • [ ] CISA Adds ScienceLogic SL1 Vulnerability to Known Exploited Vulnerabilities (KEV) Catalog
  • [ ] Le piattaforme cloud storage E2EE sono vulnerabili al furto di dati
  • [ ] The Global Surveillance Free-for-All in Mobile Ad Data
  • [ ] CISA Warns About New Microsoft SharePoint Vulnerability CVE-2024-38094: High Risks and Immediate Patching Needed
  • [ ] The Crypto Game of Lazarus APT: Investors vs. Zero-days
  • [ ] DarkComet RAT: Technical Analysis of Attack Chain
  • [ ] Highlighting TA866/Asylum Ambuscade Activity Since 2021
  • [ ] Threat Spotlight: WarmCookie/BadSpace
  • [ ] SaaS Terms of Service
  • [ ] Online threat analysis and risk assessment
  • [ ] Digital banking fraud protection and detection
  • [ ] Security Disclosure Policy
  • [ ] Cookie Policy of www.cleafy.com
  • [ ] Attenzione ai falsi link Google Meet che nascondono malware
• IT Service Management News
  • [ ] Pubblicata la ISO/IEC 27019:2024 con i controlli di sicurezza per il settore dell'energia
• Securityinfo.it
  • [ ] Le piattaforme cloud storage E2EE sono vulnerabili al furto di dati
  • [ ] Attenzione ai falsi link Google Meet che nascondono malware
• SANS Internet Storm Center, InfoCON: green
  • [ ] Everybody Loves Bash Scripts. Including Attackers., (Wed, Oct 23rd)
  • [ ] ISC Stormcast For Wednesday, October 23rd, 2024 https://isc.sans.edu/podcastdetail/9192, (Wed, Oct 23rd)
• Schneier on Security
  • [ ] Are Automatic License Plate Scanners Constitutional?
• Instapaper: Unread
  • [ ] 52 Zero-Days Uncovered Hackers Earn $486,250 at Pwn2Own Ireland 2024
  • [ ] Tor Browser 14.0 Released What’s New
• Trend Micro Research, News and Perspectives
  • [ ] Unmasking Prometei: A Deep Dive Into Our MXDR Findings
• The Hacker News
  • [ ] New Grandoreiro Banking Malware Variants Emerge with Advanced Tactics to Evade Detection
  • [ ] Permiso State of Identity Security 2024: A Shake-up in Identity Security Is Looming Large
  • [ ] CISA Warns of Active Exploitation of Microsoft SharePoint Vulnerability (CVE-2024-38094)
  • [ ] Researchers Reveal 'Deceptive Delight' Method to Jailbreak AI Models
  • [ ] Think You’re Secure? 49% of Enterprises Underestimate SaaS Risks
  • [ ] Ransomware Gangs Use LockBit's Fame to Intimidate Victims in Latest Attacks
• The Register - Security
  • [ ] Penn State pays DoJ $1.25M to settle cybersecurity compliance case
  • [ ] Warning! FortiManager critical vulnerability under active attack
  • [ ] 'Satanic' data thief claims to have slipped into 350M Hot Topic shoppers info
  • [ ] Microsoft SharePoint RCE flaw exploits in the wild – you've had 3 months to patch
  • [ ] Millions of Android and iOS users at risk from hardcoded creds in popular apps
• Graham Cluley
  • [ ] Smashing Security podcast #390: When security firms get hacked, and your new North Korean remote worker
• Technical Information Security Content & Discussion
  • [ ] SELinux bypasses
  • [ ] SQL Injection Polyglots / nastystereo.com
  • [ ] Using Nix to Fuzz Test a PDF Parser
  • [ ] Auth RCE in multiple Xerox printer series
• TorrentFreak
  • [ ] Cox Asks Supreme Court to Reject Record Labels’ Petition over ISPs ‘Piracy Profits’
• Security Affairs
  • [ ] Digital Echo Chambers and Erosion of Trust – Key Threats to the US Elections
  • [ ] U.S. CISA adds Microsoft SharePoint flaw to its Known Exploited Vulnerabilities catalog
  • [ ] Crooks are targeting Docker API servers to deploy SRBMiner
  • [ ] Why DSPM is Essential for Achieving Data Privacy in 2024
  • [ ] SEC fined 4 companies for misleading disclosures about the impact of the SolarWinds attack
• Your Open Hacker Community
  • [ ] Thoughts on the Kali Linux exploit data base
• Palo Alto Networks Blog
  • [ ] Democratising Cybersecurity
• Unsupervised Learning
  • [ ] AI Isn't the Thing. It's the Thing That Enables the Thing
  • [ ] UL NO. 455: Anthropic 'Computer Control'
• Krebs on Security
  • [ ] The Global Surveillance Free-for-All in Mobile Ad Data
• netsecstudents: Subreddit for students studying Network Security and its related subjects
  • [ ] Where to strat learning cyber security
• Blackhat Library: Hacking techniques and research
  • [ ] Largest Retail Breach in History: 350 Million "Hot Topic" Customers’ Personal & Payment Data Exposed — As a Result of Infostealer Infection
• Computer Forensics
  • [ ] Recovery CCTV Images
  • [ ] E01’s Belonging to Windows Logical Volune
  • [ ] Need command line tool to acquire C: image
• Dark Space Blogspot
  • [ ] Banche, Trust e Nazioni Cripto Friendly (Bassa o Zero Tassazione)