chainreactors / picker

将repo变成RSS订阅,文章整理归档, 讨论的社区

GNU General Public License v3.0

111 stars 18 forks source link

[每日信息流] 2024-11-20 #716

Open chainreactorbot opened 6 days ago

chainreactorbot commented 6 days ago

每日安全资讯（2024-11-20）

SecWiki News
- [ ] SecWiki News 2024-11-19 Review
Security Boulevard
- [ ] 5-Star Fraud: The FTC’s Ban on Fake Reviews
- [ ] Imperva and the Secure by Design Pledge: A Commitment to Cybersecurity Excellence
- [ ] EPA IG Office: ‘High-Risk’ Security Flaws in Hundreds of Water Systems
- [ ] DEF CON 32 – Breaching AWS Through Shadow Resources
- [ ] Randall Munroe’s XKCD ‘The Future of Orion’
- [ ] Unraveling Raspberry Robin's Layers: Analyzing Obfuscation Techniques and Core Mechanisms
- [ ] Why Shadow APIs provide a defenseless path for threat actors
- [ ] Ransomware is doubling down—What you need to know about the recent surge
- [ ] Adware on the rise—Why your phone isn’t as safe as you think
- [ ] DEF CON 32 – Bricked & Abandoned: How To Keep IoT From Becoming An IoTrash
Private Feed for M09Ic
- [ ] h3zh1 pushed to master in chainreactors/malefic
- [ ] HuYlllc pushed to dev in chainreactors/malice-network
- [ ] CHYbeta starred m4ll0k/autobreakpointer
- [ ] CHYbeta starred Lopseg/Jsdir
- [ ] CHYbeta starred VoorivexTeam/from-an-Android-Hook-to-RCE-5000-bounty
- [ ] mgeeky starred armel/uv-k5-firmware-custom
- [ ] zer0yu starred PKU-YuanGroup/LLaVA-o1
- [ ] zer0yu starred gavz/ExplorerPersist
- [ ] WAY29 starred gospider007/requests
- [ ] mgeeky starred amnemonic/Quansheng_UV-K5_Firmware
- [ ] zer0yu started following XuGW-Kevin
- [ ] panjf2000 starred v2fly/v2ray-core
- [ ] zema1 starred RustPython/RustPython
- [ ] Wh0ale started following Evil0ctal
- [ ] CCob forked CCob/titanldr-ng from realoriginal/titanldr-ng
- [ ] esrrhs starred metarank/lightgbm4j
- [ ] XTeam-Wing started following M09Ic
- [ ] mgeeky starred eronnen/procmon-parser
- [ ] 4ra1n forked 4ra1n/upload-labs from c0ny1/upload-labs
- [ ] FunnyWolf starred dwillowtree/diana
- [ ] FunnyWolf starred yj94/BinarySpy
- [ ] veo forked veo/go from golang/go
- [ ] ManassehZhou starred DaoCloud/public-image-mirror
- [ ] WAY29 starred 0xjeffro/tx-parser
- [ ] pmiaowu starred SwagXz/encrypt-labs
- [ ] zema1 released Watchvuln v2.3.0 发布 at zema1/watchvuln
- [ ] wuhan005 starred fergusstrange/embedded-postgres
Recent Commits to cve:main
- [ ] Update Tue Nov 19 22:30:27 UTC 2024
- [ ] Update Tue Nov 19 14:34:32 UTC 2024
- [ ] Update Tue Nov 19 06:27:11 UTC 2024
Files ≈ Packet Storm
- [ ] WordPress Really Simple Security Authentication Bypass
- [ ] Palo Alto PAN-OS Authentication Bypass / Remote Command Execution
- [ ] Ubuntu Security Notice USN-7116-1
- [ ] Ubuntu Security Notice USN-7015-5
- [ ] Ubuntu Security Notice USN-7114-1
- [ ] Ubuntu Security Notice USN-7104-1
- [ ] Ubuntu Security Notice USN-7113-1
奇安信攻防社区
- [ ] house of pig与house of pig orw
Trustwave Blog
- [ ] Managed Vulnerability Scanning: Key Findings and the Importance of Regular Patching
一个被知识诅咒的人
- [ ] 【Python】深入理解Python中的懒加载：从零实现按需加载提升程序性能
- [ ] 【人工智能】用Python构建词向量模型：从零实现Word2Vec并探索FastText在低频词上的优势
- [ ] 【人工智能】从零实现朴素贝叶斯算法并应用于垃圾邮件分类
安全客-有思想的安全新媒体
- [ ] 加密货币贷款机构 Polter Finance 在被黑客攻击 1,200 万美元后停止运营
- [ ] 最近披露的 VMware vCenter Server 漏洞在攻击中被积极利用
- [ ] 再获认可！360多领域入选《2024年中国数据安全企业全景图》
- [ ] CVE-2024-52308：GitHub CLI 漏洞可能导致远程代码执行
- [ ] 小心了，Solana：Starknet在3个月内达到4X TPS
- [ ] Palo Alto Networks 证实积极利用最近披露的零日漏洞
- [ ] Polter 遭闪电贷款攻击，男子因诈骗被判 24 年：Crypto-Sec
- [ ] BIT Mining因前身贿赂日本政客而被处以1000万美元罚款
- [ ] 关键 WordPress 插件漏洞导致 400 万个网站被接管
- [ ] CVE-2024-0012 和 CVE-2024-9474：影响 Palo Alto Networks PAN-OS 的主动利用漏洞
- [ ] 在 Baxter Life2000 通风系统中发现的关键漏洞
- [ ] CVE-2024-31141： Apache Kafka 漏洞将用户数据暴露给潜在攻击者
Doonsec's feed
- [ ] 【招聘】平安银河实验室招人啦，严选可内推～
- [ ] 【工具】查俄罗斯企业信息的网站
- [ ] 【通知】第12期全国开源情报能力提升班12月北京开班
- [ ] 这是一个SQL注入的优秀资源精选（2）
- [ ] 发布 | 17家单位联合发布《工业和信息化领域数据安全合规指引》（附下载）
- [ ] 工行完成3类场景抗量子密码算法试点，以防范量子计算攻击
- [ ] 美国饮用水系统存在300多个漏洞，影响1.1亿人
- [ ] 专家解读 | 构建国家数据标准体系推动数据要素高水平应用
- [ ] VulnHub靶机 | Kioptrix-Level 1.1
- [ ] 微软2024年11月补丁日重点漏洞安全预警
- [ ] 【漏洞预警】Apache Kafka Clients权限管理不当漏洞可致信息泄露
- [ ] 【漏洞预警】Palo Alto Networks PAN-OS Web管理界面身份验证缺陷漏洞
- [ ] 【漏洞预警】Apache Tomcat资源控制不当漏洞
- [ ] SecWiki周刊（第559期）
- [ ] 人工智能时代可能的网络安全职业
- [ ] 人工智能安全概述
- [ ] 「人脑替代计划-6」LLM是什么？
- [ ] 「人脑替代计划-5」必不可少的生成式人工智能
- [ ] 「人脑替代计划-4」初识深度学习
- [ ] 「人脑替代计划-3」一周内的两个核弹SORA& Gemma
- [ ] 「人脑替代计划-2」机器学习到底怎么学习怎么工作？
- [ ] 「人脑替代计划-1」每个人都应该了解的AI知识
- [ ] 隐侠必备网安利器之 Chrome 扩展（渗透测试篇・二）大揭秘，不可错过！
- [ ] 漏洞挖掘|电子商城类漏洞挖掘案例灵感复现
- [ ] 红队安全攻防知识库
- [ ] G.O.S.S.I.P 资源推荐 2024-11-19 办公软件宇宙
- [ ] 【资讯】习近平在二十国集团领导人第十九次峰会第二阶段会议关于“全球治理机构改革”议题的讲话
- [ ] 【资讯】上海市经信委等部门印发《上海市加快培育材料智能引擎发展专项方案（2025-2027年）》
- [ ] 【资讯】广东省通管局等部门印发《加快推进“宽带粤疆”建设支撑“百千万工程”促进城乡区域协调发展实施方案》
- [ ] 【资讯】上海市知识产权局等部门印发《上海市数据产品知识产权登记存证暂行办法》
- [ ] 【资讯】江苏省政府办公厅发布《省政府办公厅关于加快释放数据要素价值培育壮大数据产业的意见》
- [ ] 「漏洞复现」D-Link NAS设备 sc_mgr.cgi 未授权漏洞
- [ ] 如何快速找到 RCE
- [ ] 谋略与协作：《十日终焉》中游戏的外部拓展
- [ ] CSA GCR 2024 | 深度解析大模型原生安全的系统构建
- [ ] 新书推荐：《OSINT 技术》第11版
- [ ] 漏洞预警｜Apache OFBiz远程代码执行漏洞(CVE-2024-47208)
- [ ] 漏洞预警｜Palo Alto Networks PAN-OSS身份验证绕过等多个漏洞
- [ ] 朝鲜黑客利用Flutter应用绕过macOS安全机制
- [ ] 资产管理系统 - testnet
- [ ] YAK 亮相2024年世界互联网大会！携手中国联通共塑网络安全新生态
- [ ] 保护数字汽车：汽车数据生态系统中的网络安全挑战
- [ ] 汽车数据 - 互联汽车领域的机遇、货币化和网络安全威胁
- [ ] 智能网联汽车数据合规白皮书 2022 - 大成律师事务所
- [ ] 云安全联盟大中华区主席李雨航：AI 是一个成长中的小孩
- [ ] 互联网之父、谷歌副总裁Vinton G. Cerf | 确保数字空间的责任
- [ ] pwn109-ret2libc
- [ ] 告别网络切换之痛：HTTP/3 开启移动互联网新篇章
- [ ] 防火墙管理界面RCE漏洞被攻击者利用，Palo Alto发出警告
- [ ] TinyBPT 和面向 buildroot 的二进制包管理服务（1）：设计简介与框架
- [ ] 工具分析 | Shiro 注入冰蝎内存马坑点小记
- [ ] 慢雾(SlowMist) 应中国人民公安大学邀请，讲授区块链安全攻防课程
- [ ] 一个很强的漏洞库
- [ ] Tor Project | 一个使用临时WebRTC的审查规避系统——Snowflake
嘶吼 RoarTalk – 网络安全行业综合服务平台,4hou.com
- [ ] 梆梆安全实力入选《2024年中国数据安全企业全景图》及典型数据安全产品案例集
- [ ] 2024年人工智能技术赋能网络安全应用测试：广东盈世在钓鱼邮件识别场景荣获第三名！
- [ ] 黑客使用 ZIP 文件串联来逃避检测
gynvael.coldwind//vx.log (en)
- [ ] Paged Out! #5 is out
Tenable Blog
- [ ] Volt Typhoon: What State and Local Government Officials Need to Know
- [ ] Volt Typhoon: U.S. Critical Infrastructure Targeted by State-Sponsored Actors
gynvael.coldwind//vx.log (pl)
- [ ] Wyszedł Paged Out! #5
NVISO Labs
- [ ] The Importance of Establishing a Solid Third Party Risk Management Framework for Risk Mitigation
hn security
- [ ] Extending Burp Suite for fun and profit – The Montoya way – Part 7
blog.avast.com EN
- [ ] Ransomware is doubling down—What you need to know about the recent surge
- [ ] Adware on the rise—Why your phone isn’t as safe as you think
Reverse Engineering
- [ ] Why is Apple’s Rosetta 2 so fast?
Malwarebytes
- [ ] Free AI editor lures in victims, installs information stealer instead on Windows and Mac
- [ ] AI is everywhere, and Boomers don’t trust it
128 nops
- [ ] Errors in Rust
Trail of Bits Blog
- [ ] Evaluating Solidity support in AI coding assistants
Securelist
- [ ] Scammer Black Friday offers: Online shopping threats and dark web sales
Microsoft Security Response Center
- [ ] Securing AI and Cloud with the Zero Day Quest
Security Café
- [ ] Azure CloudQuarry: Searching for secrets in Public VM Images
Dhole Moments
- [ ] Some Thoughts on the Twitter Mass Exodus
绿盟科技技术博客
- [ ] 绿盟科技威胁周报（2024.11.11-2024.11.17）
- [ ] GDB查看结构或类的内存布局及分离终端
黑海洋 - WIKI
- [ ] WeChat微信多开管理器（防劫持）
安全牛
- [ ] 2024年人工智能技术赋能网络安全应用测试：广东盈世在钓鱼邮件识别场景荣获第三名！
- [ ] 美柚、宝宝树等App平台推送涉黄短信？官方回应：数据库安全，启动自查；网络钓鱼攻击手法升级：SVG附件成为规避安全检测帮凶|牛览
- [ ] 透析恶意软件“四大家族”
奇客Solidot–传递最新科技情报
- [ ] 恐龙时代的鸟脑化石填补了鸟脑演化的空白
- [ ] 中国启动世界最大超重力实验装置
- [ ] 科学家发现耐药菌的致命弱点
- [ ] 哈珀柯林斯证实出售部分非虚构作品用于 AI 训练
- [ ] 中国人口未来十年预计将减少 5100 万
- [ ] 减肥药诺和盈在中国上市
- [ ] 使用互联网可能有助于提升 50 岁以上人群幸福感
- [ ] 微软在东京设立日本首个研究基地
- [ ] AlmaLinux 9.5 释出
- [ ] Google 将杀死 Chrome OS
- [ ] El Capitan 登顶 Top500 超算榜单
- [ ] Valve 开发者解释为什么取消开发《半条命 2：第三章》
- [ ] 美国司法部将推动 Google 出售 Chrome
HackerNews
- [ ] 关键的 WordPress 插件漏洞导致超400万网站暴露
- [ ] VMware vCenter Server 远程代码执行漏洞正被黑客广泛利用
- [ ] 因泄露超 23.5 万患者数据，地方医疗机构赔偿超千万元
- [ ] Palo Alto Networks 确认 0day 漏洞正在被黑客利用
rtl-sdr.com
- [ ] Weather Satellite HRPT and LRPT Megaprojection Project Nov 30 – Dec 1
微步在线研究响应中心
- [ ] 不是老洞！宝兰德最新漏洞绕过补丁黑名单，速修
代码卫士
- [ ] 补丁不给力，VMware vCenter 严重RCE漏洞遭利用
- [ ] DHS发布在关键基础设施安全开发部署AI的框架
威努特安全网络
- [ ] 极速可靠，威努特助力高速公路构建综合信息化网络
暗影安全
- [ ] 实名制方便了谁？
安全内参
- [ ] 美全国水务系统存在大量漏洞，可致使上亿人供水中断
- [ ] 瑞典发布数字化备战指南，强调网络安全和心理建设
dotNet安全矩阵
- [ ] .NET 通过动态编译实现的Shellcode加载器
- [ ] .NET内网实战：通过隐藏任务计划实现权限持久化
- [ ] .NET 一款提权至系统SYSTEM的工具
慢雾科技
- [ ] 慢雾(SlowMist) 应中国人民公安大学邀请，讲授区块链安全攻防课程
FreeBuf网络安全行业门户
- [ ] FreeBuf早报 |BitSight以1.15亿美元大手笔收购；马斯克要削减网络安全预算
- [ ] CI配置项，IT服务的关键要素
- [ ] 关键的WordPress插件漏洞导致超400万网站暴露
- [ ] 美国饮用水系统存在300多个漏洞，影响1.1亿人
- [ ] 收藏！如何有效实施DevOps？
- [ ] VMware vCenter Server远程代码执行漏洞正被黑客广泛利用
- [ ] 35 岁危机： IT 从业者自救指南
奇安信 CERT
- [ ] 【在野利用】Palo Alto Networks PAN-OS 身份认证绕过漏洞(CVE-2024-0012)安全风险通告
腾讯玄武实验室
- [ ] 每日安全动态推送(24/11/19)
ChaMd5安全团队
- [ ] 西门子PLC固件分析技术研究
数世咨询
- [ ] 《数据泄露态势月度报告》（2024年11月）| 附下载地址
二道情报贩子
- [ ] 日常避险攻略
情报分析师
- [ ] 北欧三国发放战时全民应急手册应对局势升级
- [ ] 开源情报信息，一网打尽！
安全学术圈
- [ ] Tor Project | 一个使用临时WebRTC的审查规避系统——Snowflake
国家互联网应急中心CNCERT
- [ ] CNVD漏洞周报2024年第46期
- [ ] 上周关注度较高的产品安全漏洞(20241111-20241117)
复旦白泽战队
- [ ] 喜报 | 我实验室获“松山湖杯”第一届中国研究生操作系统开源创新大赛二等奖
安全研究GoSSIP
- [ ] G.O.S.S.I.P 资源推荐 2024-11-19 办公软件宇宙
中国信息安全
- [ ] 杂志征订 | 2025年《中国信息安全》杂志征订开始！
- [ ] 聚焦乌镇 | 2024年世界互联网大会“互联网之光”博览会在浙江乌镇开幕
- [ ] 聚焦乌镇 | 共赴美好数字未来——我国积极推动全球互联网发展治理迈向更高水平
- [ ] 发布 | 17家单位联合发布《工业和信息化领域数据安全合规指引》（附下载）
- [ ] 专家解读 | 构建国家数据标准体系推动数据要素高水平应用
- [ ] 专家观点 | 法治化防控人工智能风险
- [ ] 关注 | 起底网络水军：“这必然是一场持久的较量”
- [ ] 评论 | 为“吃谷”未成年人构建防诈安全网
天御攻防实验室
- [ ] 首发 | 特朗普政府对华网络政策评估
安全圈
- [ ] 【安全圈】2024全球最弱密码排名揭晓：“123456”再度登顶，你的密码安全吗？
- [ ] 【安全圈】谷歌Gemini AI 聊天机器人不断让用户“去死”
- [ ] 【安全圈】美国饮用水系统存在300多个漏洞，影响1.1亿人
- [ ] 【安全圈】VMware vCenter Server远程代码执行漏洞正被黑客广泛利用
极客公园
- [ ] AI 最好的载体，为什么只能是 AR 眼镜？
- [ ] 和水滴聊聊，怎么用大模型造一个接近 99% 真人水平的「Sales Agent」
- [ ] 美国司法部勒令谷歌出售 Chrome；卢伟冰：小米15涨价但销量好于14；《黑神话：悟空》获TGA四项提名 | 极客早知道
百度安全实验室
- [ ] CSA GCR 2024 | 深度解析大模型原生安全的系统构建
默安科技
- [ ] 雳鉴SSCRA·软件供应链风险评估平台升级版正式发布
OPPO安全中心
- [ ] 2024年10月奖励公告
深信服千里目安全技术中心
- [ ] 【漏洞通告】Palo Alto Networks PAN-OS 身份验证绕过漏洞(CVE-2024-0012)
- [ ] 【漏洞通告】Apache OFBiz远程代码执行漏洞(CVE-2024-47208)
- [ ] 上周关注度较高的产品安全漏洞(20241111-20241117)
迪哥讲事
- [ ] 如何快速找到 RCE
360数字安全
- [ ] 双奖加冕！360引领AI+安全新风向
安全村SecUN
- [ ] “三位一体”构建供应链系统安全防护体系｜大湾区金融安全专刊·安全村
- [ ] 报名！2024 BUGPWN「商业秘密保护主题」开放研讨会·深圳
Qualys Security Blog
- [ ] Qualys TRU Uncovers Five Local Privilege Escalation Vulnerabilities in needrestart
嘶吼专业版
- [ ] 黑客使用 ZIP 文件串联来逃避检测
Securityinfo.it
- [ ] Scoperta una nuova variante del ransomware Helldown che colpisce Linux
ICT Security Magazine
- [ ] Sanità: Come proteggere un settore vulnerabile agli attacchi informatici
- [ ] I recenti Information Leakage in Italia: perché non è stato un hacking e perché avrebbe dovuto esserlo
bellingcat
- [ ] Bellingcat Discord Members Geolocate New 1xBet Stream Sites
Have I Been Pwned latest breaches
- [ ] Finsure - 296,124 breached accounts
LuxSci
- [ ] Ethical Considerations for Using PHI in Communications
SANS Internet Storm Center, InfoCON: green
- [ ] Apple Fixes Two Exploited Vulnerabilities, (Tue, Nov 19th)
- [ ] Detecting the Presence of a Debugger in Linux, (Tue, Nov 19th)
- [ ] ISC Stormcast For Tuesday, November 19th, 2024 https://isc.sans.edu/podcastdetail/9224, (Tue, Nov 19th)
Schneier on Security
- [ ] Why Italy Sells So Much Spyware
安全419
- [ ] 案例征集 | 合规门槛高安全建设滞后政府行业需要怎样的安全保障？
Trend Micro Research, News and Perspectives
- [ ] Spot the Difference: Earth Kasha's New LODEINFO Campaign And The Correlation Analysis With The APT10 Umbrella
The Register - Security
- [ ] China-linked group abuses Fortinet 0-day with post-exploit VPN-credential stealer
- [ ] Russian suspected Phobos ransomware admin extradited to US over $16M extortion
- [ ] America's drinking water systems have a hard-to-swallow cybersecurity problem
- [ ] Palo Alto Networks tackles firewall-busting zero-days with critical patches
- [ ] Navigating third-party risks
- [ ] Crook breaks into AI biz, points $250K wire payment at their own account
- [ ] Join in the festive cybersecurity fun
- [ ] iOS 18 added secret and smart security feature that reboots iThings after three days
Technical Information Security Content & Discussion
- [ ] Remediation for CVE-2024-20767 and CVE-2024-21216 Potential Exploitable Bugs
- [ ] Pots and Pans, AKA an SSLVPN - Palo Alto PAN-OS CVE-2024-0012 and CVE-2024-9474 - watchTowr Labs
- [ ] Extending Burp Suite for fun and profit - The Montoya way - Part 7 (Using the Collaborator)
- [ ] OpenBMC Remote OS Deployment: A Simplified Approach
Information Security
- [ ] iOS 18 added secret and smart security feature that reboots iThings after three days -- "Security researcher's reverse engineering effort reveals undocumented reboot timer that will make life harder for attackers"
- [ ] Vendor Due Diligence Checklist
Deeplinks
- [ ] The U.S. National Security State is Here to Make AI Even Less Transparent and Accountable
- [ ] Now's The Time to Start (or Renew) a Pledge for EFF Through the CFC
- [ ] Speaking Freely: Marjorie Heins
The Hacker News
- [ ] Ngioweb Botnet Fuels NSOCKS Residential Proxy Network Exploiting IoT Devices
- [ ] Hackers Hijack Unsecured Jupyter Notebooks to Stream Illegal Sports Broadcasts
- [ ] Privileged Accounts, Hidden Threats: Why Privileged Access Security Must Be a Top Priority
- [ ] New 'Helldown' Ransomware Variant Expands Attacks to VMware and Linux Systems
- [ ] Chinese Hackers Exploit T-Mobile and Other U.S. Telecoms in Broader Espionage Campaign
- [ ] Warning: VMware vCenter and Kemp LoadMaster Flaws Under Active Exploitation
Tor Project blog
- [ ] Memory quota tracking in Arti, for Onion Service DoS resistance
Over Security - Cybersecurity news aggregator
- [ ] TSA not monitoring transportation sector efforts to stop ransomware, watchdog says
- [ ] Apple fixes two zero-days used in attacks on Intel-based Macs
- [ ] CISA tags Progress Kemp LoadMaster flaw as exploited in attacks
- [ ] Ford investgates alleged breach following customer data leak
- [ ] Oracle warns of Agile PLM file disclosure flaw exploited in attacks
- [ ] Landmark ruling by Australian regulator sets guardrails for commercial use of facial recognition tech
- [ ] D-Link urges users to retire VPN routers impacted by unfixed RCE flaw
- [ ] Microsoft now testing hotpatch on Windows 11 24H2 and Windows 365
- [ ] German court says victims of massive Facebook data breach can be compensated
- [ ] Helldown ransomware exploits Zyxel VPN flaw to breach networks
- [ ] Botnet fueling residential proxies disrupted in cybercrime crackdown
- [ ] New Windows 11 recovery tool to let admins remotely fix unbootable devices
- [ ] Testimony from NSO Group raises questions about its culpability for spyware abuses
- [ ] Data privacy experts predict some wins under Trump 2.0
- [ ] Scoperta una nuova variante del ransomware Helldown che colpisce Linux
- [ ] Middle East Cybersecurity in 2024: From Zero-Day Exploits to Supply Chain Attacks
- [ ] Microsoft launches Zero Day Quest hacking event with $4 million in rewards
- [ ] Microsoft shares more details on Windows 11 admin protection
- [ ] Gen Q3/2024 Threat Report
- [ ] Spotify abused to promote pirated software and game cheats
- [ ] Scammer Black Friday offers: Online shopping threats and dark web
- [ ] Extending Burp Suite for fun and profit – The Montoya way – Part 7
- [ ] CISA Adds Three Critical Vulnerabilities to the Known Exploited Vulnerabilities Catalog
- [ ] Helldown Ransomware: an overview of this emerging threat
- [ ] Finsure - 296,124 breached accounts
- [ ] Phobos Ransomware Administrator Extradited from South Korea to Face Cybercrime Charges
Palo Alto Networks Blog
- [ ] Empower Developers to Secure AI Applications Through Code
Computer Forensics
- [ ] Identifying author of .doc files?
- [ ] Need help in ESXI Forensics
Deep Web
- [ ] Does darkweb really have more content than clearweb? No way that's true right?
Your Open Hacker Community
- [ ] New & Curious & Looking for help!
- [ ] Need help with scammer trying to scam my company via text
Social Engineering
- [ ] Should online elicitation be done differently than offline elicitation ?
Graham Cluley
- [ ] The AI Fix #25: Beware of the superintelligence, and a spam-eating AI super gran
- [ ] Malware delivered via malicious QR codes sent in the post
Security Affairs
- [ ] Russian Phobos ransomware operator faces cybercrime charges
- [ ] China-linked actor’s malware DeepData exploits FortiClient VPN zero-day
- [ ] U.S. CISA adds Progress Kemp LoadMaster, Palo Alto Networks PAN-OS and Expedition bugs to its Known Exploited Vulnerabilities catalog
- [ ] Great Plains Regional Medical Center ransomware attack impacted 133,000 individuals
TorrentFreak
- [ ] Brazil Blocks Another 250+ Pirate Domains, Milestone #15,000 Just Ahead
- [ ] Half of Young Norwegians Say Online Piracy Is an Acceptable Way to Save Money
网安寻路人
- [ ] 数字司法中的个人信息保护
Security Weekly Podcast Network (Audio)
- [ ] Biometric Frontiers: Unlocking The Future Of Engagement - Andras Cser, Enza Iannopollo - ASW #308
- [ ] Google DeGoogled, Hammerbarn, Blofeld, VMWare, DeepData, SafePay, Josh Marpet and... - SWN #432
- [ ] Similarities Between SOX And SEC's Cyber Rule - Padraic O'Reilly - BSW #373