[每日信息流] 2024-02-17

[ruohong2018]

每日安全资讯（2024-02-17）

• HackerOne Hacker Activity
  • Multiple Open Redirect on TikTok domains
  • HackerOne SAML signup domain enforcement bypass results in unauthorized access to HackerOne PullRequest organization
  • Secure Client-Initiated Renegotiation
• Files ≈ Packet Storm
  • Red Hat Security Advisory 2024-0851-03
  • Red Hat Security Advisory 2024-0850-03
  • Red Hat Security Advisory 2024-0848-03
  • Red Hat Security Advisory 2024-0843-03
  • Ubuntu Security Notice USN-6626-3
  • Ubuntu Security Notice USN-6640-1
• Recent Commits to cve:main
  • Update Fri Feb 16 18:13:14 UTC 2024
  • Update Fri Feb 16 10:16:06 UTC 2024
  • Update Fri Feb 16 02:08:50 UTC 2024
• Security Boulevard
  • State Government Organization Network Breach: SafeBreach Coverage for US-CERT Alert (AA24-046A)
  • USENIX Security ’23 – Xiangyu Qi, Tinghao Xie, Jiachen T. Wang, Tong Wu, Saeed Mahloujifar, Prateek Mittal – Towards A Proactive ML Approach for Detecting Backdoor Poison Samples
  • Daniel Stori’s ‘Clojure Challenge’
  • US Offers $10M for Info on BlackCat/ALPHV Ransomware Leaders
  • Microsoft’s February 2024 Patch Tuesday Addresses 2 Zero-Days and 73 Vulnerabilities
  • The Most Dangerous Entra Role You’ve (Probably) Never Heard Of
  • DoD Email Breach: Pentagon Tells Victims 12 Months Late
  • USENIX Security ’23 – Yi Zeng, Minzhou Pan, Himanshu Jahagirdar, Ming Jin, Lingjuan Lyu, Ruoxi Jia – Meta-Sift: How to Sift Out a Clean Subset in the Presence of Data Poisoning?
  • A few notes on AWS Nitro Enclaves: Images and attestation
  • How Systems Integrators Can Integrate MDR Successfully
• Sucuri Blog
  • Remote Access Trojan (RAT): Types, Mitigation & Removal
• Tenable Blog
  • Cybersecurity Snapshot: ChatGPT Gets So-So Grade in Code Analysis Test, while JCDC Pledges To Focus on Protecting Critical Infrastructure
• Sploitus.com Exploits RSS Feed
  • Exploit for Vulnerability in Jenkins exploit
  • Exploit for CVE-2024-25735 exploit
  • Exploit for CVE-2024-21413 exploit
• Trustwave Blog
  • DOJ Disrupts Russian Botnet Created Using Unchanged Admin Credentials
• Reverse Engineering
  • TPMs Hate Him! (Some Weird Tricks To Break FDE and Bypass Attestation)
  • Reverse-Engineering a Switch Lite Boardview at 6K PPI
• Trail of Bits Blog
  • A few notes on AWS Nitro Enclaves: Images and attestation
• Hacking Dream
  • Use of AI/ML in Penetration Testing and Cyber Security
• Malwarebytes
  • GoldPickaxe Trojan steals your face!
  • Microsoft Exchange vulnerability actively exploited
• Hex Rays
  • Introducing IDA 8.4: Key Features and Enhancements
• SentinelOne
  • The Good, the Bad and the Ugly in Cybersecurity – Week 7
• Sucuri Blog
  • Remote Access Trojan (RAT): Types, Mitigation & Removal
• KitPloit - PenTest & Hacking Tools
  • NullSection - An Anti-Reversing Tool That Applies A Technique That Overwrites The Section Header With Nullbytes
• 安全分析与研究
  • 针对3CX双供应链攻击事件的深度分析与溯源
• 黑海洋 - WIKI
  • 在 Two-DNS 上申请一个免费的二级域名
  • 小米澎湃MIUI HyperOS设备上添加虚拟门禁卡
  • 关于ip伪造的原理探究
  • android手机刷机root教程
  • fart脱壳：mikrom编译刷机
• 白帽100安全攻防实验室
  • VNCTF2024, 我们不见不散
• 看雪学苑
  • 堆利用详解：the house of roman
• 奇客Solidot–传递最新科技情报
  • 吸烟对免疫系统的影响在戒烟后仍然存在
• 极客公园
  • OpenAI「AI 视频」工具出炉：别争了，「视频 GPT」 还是我的！
  • OpenAI「文生视频」Sora 惊艳亮相；14天，果粉狂退 Vision Pro；小米 14 Ultra 曝光 | 极客早知道
• 情报分析师
  • 全球实时摄像头网站工具大汇总
  • 军情内参优选（最新更新版）
• 复旦白泽战队
  • 人物访谈｜杨悉瑜：踏歌而行，做不负星光的赶路人
• 安全研究GoSSIP
  • G.O.S.S.I.P 春节总动员之制作二向箔
• dotNet安全矩阵
  • [活动] 大年初七，星球优惠最后2天！
  • .NET 分享一个某蝶反序列化绕过WAF的方法
• 奇安信威胁情报中心
  • 每周高级威胁情报解读(2024.02.09~02.15)
• Over Security - Cybersecurity news aggregator
  • Remote Access Trojan (RAT): Types, Mitigation & Removal
  • Former NSA chief calls for alternative approach to cyber defense
  • Wyze investigating 'security issue' amid ongoing outage
  • SolarWinds fixes critical RCE bugs in access rights audit solution
  • Trying to wring the bias out of AI algorithms — and why facial recognition software isn’t there yet
  • Charges filed in DDoS-for-hire attacks, including Baltimore schools incident
  • Cyber security: cronaca di un attacco informatico sventato
  • La sanzione al medico per aver esposto ricette senza protezioni sia monito per tutti: ecco perché
  • Alpha ransomware linked to NetWalker operation dismantled in 2021
  • DOJ’s Monaco: US focus on rolling up ransomware and cybercriminals will continue apace
  • Using AI in a cyberattack? DOJ’s Monaco says criminals will face stiffer sentences
  • Japan sees increased cyberthreats to critical infrastructure, particularly from China
  • Pennsylvania county pays $350,000 cyberattack ransom
  • Sintesi riepilogativa delle campagne malevole nella settimana del 10 – 16 Febbraio 2024
  • Belarus opposition leader on working with big tech and countering propaganda under dictatorship
  • North Korean hackers now launder stolen crypto via YoMix tumbler
  • Crittografia, cos’è: guida alla tecnologia che protegge dati e privacy anche delle aziende
  • COURT DOC: Justice Department Conducts Court-Authorized Disruption of Botnet Controlled by the Russian Federation’s Main Intelligence Directorate of the General Staff (GRU)
  • DarkGate sfrutta i network pubblicitari per tracciare le vittime ed eludere i controlli
  • DORA e rischio informatico: automazione del processo di valutazione dei fornitori di servizi ICT
  • Weekly Highlights - February 16th
  • Aggiornamenti per prodotti Eset (AL01/240216/CSIRT-ITA)
  • Cresce la space economy e la cyber security è sempre più necessaria
  • “Command-not-found” di Ubuntu può essere usato per distribuire malware
  • Vulnerabilità ad alta criticità su Cisco Firepower Threat Defense (AL01/200511/CSIRT-ITA)
  • Vulnerable Fortinet Devices: Low-hanging Fruit for Threat Actors
• Securityinfo.it
  • DarkGate sfrutta i network pubblicitari per tracciare le vittime ed eludere i controlli
  • “Command-not-found” di Ubuntu può essere usato per distribuire malware
• 天御攻防实验室
  • 美国对伊朗发动网络攻击
• 中国信息安全
  • 回顾2023 展望2024 | 数据安全加速落地 网络安全持续创新
  • 回顾2023 展望2024 | 充分释放数据要素潜能 数据安全产业迎来新“提速”
  • 回顾2023 展望2024 | 创新数据安全保障思路 促进数据高效流通使用
  • 回顾2023 展望2024 | 用技术保障数据可信流通，助力数据价值大爆发
• Krypt3ia
  • Best Practices Tutorial For Implementing SOAR In Threat Intelligence
  • What I have Learned About Resume Writing in Today’s Cyber Security Landscape…
• SANS Internet Storm Center, InfoCON: green
  • ISC Stormcast For Friday, February 16th, 2024 https://isc.sans.edu/podcastdetail/8856, (Fri, Feb 16th)
• Forensic Focus
  • From FileVault To T2: How To Deal With Native Apple Encryption
  • Forensic Focus Digest, February 16 2024
• Schneier on Security
  • Friday Squid Blogging: Vegan Squid-Ink Pasta
• Diritto dell'Informatica
  • Metadati e posta elettronica dei dipendenti: Cosa dice il documento di indirizzo del Garante
  • Intelligenza Artificiale e business: Sfide, opportunità e criticità legali all’AI Festival di Milano
• Posts By SpecterOps Team Members - Medium
  • The Most Dangerous Entra Role You’ve (Probably) Never Heard Of
• Instapaper: Unread
  • US and partners kicked Russian GRU hackers out of routers, FBI says
• Blackhat Library: Hacking techniques and research
  • Cryptojacking
• Computer Forensics
  • DISCORD Direct Message Capturing
  • Practical test without the skills?
  • Questions about Prefetch
• KitPloit - PenTest Tools!
  • NullSection - An Anti-Reversing Tool That Applies A Technique That Overwrites The Section Header With Nullbytes
• TorrentFreak
  • Pirate Site Shut Down For Trademark, Cybersquatting & Copyright Violations
  • Pirate Site Blocking Boosts Legal Consumption, Research Finds
• 青衣十三楼飞花堂
  • 《第二十条》观后感
• Social Engineering
  • New York financial advice columnist embarrassingly reveals how scammers duped her into handing over $50K in a shoe box to a stranger after claiming to be from the CIA, FTC and Amazon
• Security Affairs
  • CISA adds Microsoft Exchange and Cisco ASA and FTD bugs to its Known Exploited Vulnerabilities catalog
  • US gov offers a reward of up to $10M for info on ALPHV/Blackcat gang leaders
  • U.S. CISA: hackers breached a state government organization
  • Russia-linked Turla APT uses new TinyTurla-NG backdoor to spy on Polish NGOs
• The Register - Security
  • Zeus, IcedID malware kingpin faces 40 years in slammer
  • Cutting kids off from the dark web – the solution can only ever be social
  • Quest Diagnostics pays $5M after mixing patient medical data with hazardous waste
• Technical Information Security Content & Discussion
  • Exploiting Unsynchronised Clocks
  • Exploiting TRACE
  • A Double Free vulnerability on the libdicom library and an in-depth analysis of the DICOM file format.
• Information Security
  • Funny reality cropped
• netsecstudents: Subreddit for students studying Network Security and its related subjects
  • Is this cybersecurity humble bundle worth it?
  • Cyber or Infosec unemployment
  • How’s the career life of an infosec or cyber professional?
• 360数字安全
  • 大年初七｜龙行虎步展宏图
• 迪哥讲事
  • 记一次"91"站点渗透
• The Hacker News
  • CISA Warning: Akira Ransomware Exploiting Cisco ASA/FTD Vulnerability
  • RustDoor macOS Backdoor Targets Cryptocurrency Firms with Fake Job Offers
  • Why We Must Democratize Cybersecurity
  • Malicious 'SNS Sender' Script Abuses AWS for Bulk Smishing Attacks
  • U.S. State Government Network Breached via Former Employee's Account
  • U.S. Government Disrupts Russia-Linked Botnet Engaged in Cyber Espionage
• Your Open Hacker Community
  • Writing Hacking Scenes
  • How do you make a VPN.
  • Radeon RX 470 + Hashcat
  • Bettercap not showing all devices
  • WPA-ENT Evil-Twin attack with ALFA AWUS1900 (windows auth login)
  • How to manually verify whether a software is truly end to end encrypted?
  • I need help making a script to crack a password.
  • Decode image data from texture file?
  • Reverse Access via bluetooth
  • Need help decrypting cisco secret 5
  • hashcat potfile
• Il Disinformatico
  • Podcast RSI - Antibufala: Flipper Zero non è un gadget per “hackerare tutto”
• Security Weekly Podcast Network (Audio)
  • Batman, Microsoft, War Driving, OpenAI, DevDrive, The Dead, Aaran Leyland, and More - SWN #363
• Dark Space Blogspot
  • Cos'è Il Restaking? Migliori Piattaforme Per Eingenlayer

[Linhtvl]

• [ ] -