[每日信息流] 2024-08-08

[ruohong2018]

每日安全资讯（2024-08-08）

• Files ≈ Packet Storm
  • Gentoo Linux Security Advisory 202408-13
  • Debian Security Advisory 5740-1
  • Mailcow TFA Authentication Bypass
  • Firebeam CVE-2024-26229 Plugin
  • WordPress PayPlus Payment Gateway SQL Injection
  • Gentoo Linux Security Advisory 202408-12
  • Debian Security Advisory 5739-1
  • Ubuntu Security Notice USN-6945-1
  • Gentoo Linux Security Advisory 202408-11
  • Gentoo Linux Security Advisory 202408-10
  • Gentoo Linux Security Advisory 202408-09
  • Red Hat Security Advisory 2024-5067-03
  • Red Hat Security Advisory 2024-5065-03
  • Gentoo Linux Security Advisory 202408-08
  • Gentoo Linux Security Advisory 202408-07
  • Red Hat Security Advisory 2024-5056-03
  • Red Hat Security Advisory 2024-5054-03
  • Red Hat Security Advisory 2024-5041-03
  • Red Hat Security Advisory 2024-5040-03
  • Red Hat Security Advisory 2024-5025-03
  • Gentoo Linux Security Advisory 202408-05
  • E-Commerce Site Using PHP PDO 1.0 Directory Traversal
  • Covid-19 Directory On Vaccination System 1.0 Insecure Settings
  • Red Hat Security Advisory 2024-5024-03
  • Red Hat Security Advisory 2024-5002-03
• Recent Commits to cve:main
  • Update Wed Aug 7 22:31:46 UTC 2024
  • Update Wed Aug 7 14:34:30 UTC 2024
  • Update Wed Aug 7 06:26:17 UTC 2024
• 嘶吼 RoarTalk – 网络安全行业综合服务平台,4hou.com
  • 勒索软件团伙利用新型 SharpRhino 恶意软件攻击 IT 工作者
  • 重磅推出 | 2024年上半年移动应用隐私安全观测报告
• Security Boulevard
  • Democracy’s Challenge: Secure Elections Worldwide
  • USENIX Security ’23 – Eos: Efficient Private Delegation of zkSNARK Provers
  • D3 Introduces Program to Help SOC Teams Migrate Successfully from Legacy SOAR
  • Student Devices Wiped — Mobile Guardian Hacked AGAIN
  • Windows Downdate: Downgrade Attacks Using Windows Updates
  • Botnet 7777: Are You Betting on a Compromised Router?
  • Randall Munroe’s XKCD ‘Matter’
  • How Sonar Helps Meeting NIST SSDF Code Security Requirements
  • Tenable Adds Ability to Prioritize Vulnerabilities by Threat Level
  • How Escape’s agentless API discovery technology works
• paper - Last paper
  • Building a Local Security AI Big Model Attack and Defence Knowledge Base from Scratch
  • 从零开始搭建本地安全 AI 大模型攻防知识库
• Tenable Blog
  • Detecting Risky Third-party Drivers on Windows Assets
  • Securing the AI Attack Surface: Separating the Unknown from the Well Understood
• obaby@mars
  • 愚妄
• Trustwave Blog
  • Unleashing the Power of Microsoft Security with Trustwave
  • How to Limit Extra Costs When Implementing Microsoft E5 Security Products
• Der Flounder
  • Using the Jamf Pro agent to set computer name to match the Mac’s hardware serial number on macOS Sonoma
• 安全客-有思想的安全新媒体
  • 黑客入侵了MDM公司Mobile Guardian并清除了数千台设备的数据
  • 微软回击达美航空及其法律威胁
  • 联邦贸易委员会（FTC）警告消费者提防那些提供清除信用报告中所有负面信息的骗子
  • 国际刑警组织在新加坡有史以来最大的BEC诈骗案中追回了4100万美元
  • CrowdStrike 聘请了两家外部安全公司对代码进行审查
  • CISA 将 Microsoft COM for Windows bug 添加到其已知利用的漏洞目录中
  • 勒索软件团伙利用伪装成 IP 扫描仪的新型 RAT 攻击 IT 工作者
  • 研究人员发现威胁行为者使用多年的 MotW 绕过技术
  • 新的 Android 间谍软件 LianSpy 使用 Yandex Cloud 逃避检测
• SecWiki News
  • SecWiki News 2024-08-07 Review
• Forcepoint
  • Risk to Reward: How ChatGPT Security Fuels AI Transformation
• Publications | Outflank
  • Introducing Outflank C2 with Implant Support for Windows, macOS, and Linux
• SentinelOne
  • Defusing AD-Based Risks | Best Practices for Securing Modern Directory Services
• Hex Rays
  • Madame de Maintenon’s  Enigmatic Bouillotte Game
• PortSwigger Research
  • Splitting the email atom: exploiting parsers to bypass access controls
  • Listen to the whispers: web timing attacks that actually work
• Microsoft Security Response Center
  • Announcing BlueHat 2024: Call for Papers now open
• Reverse Engineering
  • Tony Hawk's Pro Strcpy
  • Need assistance
• Hexacorn
  • Counting the API arguments…
• Security Blog | Praetorian
  • Embracing the Future: The Power of a Global Workforce in Cybersecurity
• FreeBuf网络安全行业门户
  • 零基础网安就业，需要多久？
  • 知名黑客公开近30亿条国家公共数据，包括全名、地址、SSN...
  • 懂开发的网安人才，到底有多吃香？
  • 揭秘新型安卓间谍软件LianSpy的攻击手段
  • FreeBuf早报 | 迄今为止最大BEC骗局被侦破；法国博物馆奥运期间遭遇网络攻击
  • 迄今为止最大BEC骗局被侦破！国际刑警组织利用I-GRIP为企业追回 4100 万美元
• Wallarm
  • Elasticidad de la nube
• 安全牛
  • 2023年度互联网安全报告：全球Web攻击数超七千亿次，生成式AI让网络攻击更高效
• 奇客Solidot–传递最新科技情报
  • Valve 也许在开发《半条命3》
  • 研究称猫表现出对其它宠物死亡的悲痛之情
  • 马斯克将 X 变成个人的政治游乐场
  • 中国发射首批宽带卫星
  • 科学家发现尺寸最小的人类化石
  • FireFox 129 释出
  • Google Chrome 将允许用户打赏其喜欢的网站
  • 日产新车漆显著降低车内温度
  • 一村民被气象炮弹砸断腿
  • 新加坡学生设备数据因 Mobile Guardian 网络攻击事故被远程清除
  • 罗伯特·索耶发布免费 DOS 版 WordStar 7
• HackerNews
  • 一新型 Android 木马试图窃取土耳其用户的财务数据
  • 研究人员发现 Windows 智能应用控制和 SmartScreen 中的漏洞
  • 揭秘新型安卓间谍软件 LianSpy 的攻击手段
  • 谷歌称 Android 0day 漏洞（CVE-2024-36971）已被广泛利用
  • 黑客攻击数字教室管理平台 Mobile Guardian，新加坡 13000 台设备被远程清除数据
  • 法国博物馆网络遭勒索软件攻击，奥运会赛事未出现中断
• 腾讯玄武实验室
  • 每日安全动态推送(8-7)
• 看雪学苑
  • 逆向中的GL与着色器逆向
  • 创下新纪录，国际刑警组织为企业追回4000万美元
  • 今日更新：设计加壳软件 | .NET程序的文件解析及保护技术
• 代码卫士
  • 奇安信代码安全实验室研究员入选“2024 MSRC 全球最具价值安全研究者”榜单
• 奇安信威胁情报中心
  • 近期值得关注的IOC（2024-08-07）
  • 【8月6日获奖榜】以下网络安全专家已免费获赠阿瑞斯武器库批量查询工具
• 安全内参
  • 巴黎奥运会比赛场馆遭勒索软件攻击
  • 微软宣布绩效改革：员工工资与安全直接挂钩
• 安全研究GoSSIP
  • G.O.S.S.I.P 阅读推荐 2024-08-07 ESem
• 知道创宇404实验室
  • 原创 Paper | 从零开始搭建本地安全 AI 大模型攻防知识库
• 黑奇士
  • 创始人1.58亿买豪宅，裁员信不敢写“裁员”，得物到底怎么了？
• 关键基础设施安全应急响应中心
  • 智能网联汽车网络安全事件分析溯源挑战与思考
  • 打击勒索最高一招？美拟立法将勒索软件攻击定性为恐怖主义
  • 知名电子大厂因勒索攻击损失超1.2亿元，此前曾停运两周
• 中国信息安全
  • 人物访谈 | 孙嘉蓬：践行数字经济强国战略，护航数字经济安全发展
  • 前沿 | 商用密码技术在工业企业场景化应用的探索
  • 专家观点 | 进一步确立个人信息保护合规审计标准——《数据安全技术 个人信息保护合规审计要求（征求意见稿）》的主要亮点及完善建议
  • 通知 | 网安标委就《网络安全标准实践指南—互联网平台停服数据处理安全要求（征求意见稿）》公开征求意见（附全文）
  • 关注 | 法国约40家博物馆数据系统被勒索软件攻击
  • 国际 | 日本网络犯罪事件增多，造成严重社会危害
  • 行业 | IDC发布中国隐私计算市场份额报告 蚂蚁数科位居第一
• 吾爱破解论坛
  • 吾爱破解安卓逆向入门教程《安卓逆向这档事》番外实战篇3-拨云见日之浅谈Flutter逆向
• 极客公园
  • 爆火的小游戏，成了苹果 VS 腾讯的导火索
  • OpenAI 再传人事巨变；特斯拉 Cybertruck 发生第一起死亡事故；罗永浩回应俞敏洪好友「五宗罪」 | 极客早知道
• 情报分析师
  • 【情报报告】哈里斯的政策立场及与特朗普在关键问题上的比较
  • 美国加密货币ATM：诈骗者的新宠
• 斗象智能安全
  • 攻防演练值守资源不足下的“灵活用工”最佳实践
• 国家互联网应急中心CNCERT
  • 网络安全信息与动态周报2024年第31期（7月29日-8月4日）
• 唯品会安全应急响应中心
  • 2024年“广东通信杯”广东省信息通信行业第四届网络安全技能大赛唯品会获得团体赛一等奖
• CNCERT国家工程研究中心
  • CrowdStrike与达美航空互撕，拒付5亿美元赔偿
  • 自2018年一直被黑客利用，Windows又一「后门」揭秘
  • 当鱼叉式网络钓鱼遇到大规模网络钓鱼
• 虎符智库
  • 深度：北约人工智能战略举措与影响分析
• 字节跳动技术团队
  • 性能提升20%，字节跳动HTTPDNS从中心下沉到边缘
• NETRESEC Network Security Blog
  • How to Inspect TLS Encrypted Traffic
• bellingcat
  • The Fall of Sheikh Hasina: Footage from the Streets of Bangladesh
• 安全牛
  • 简析网络安全中的伦理困境与道德守则
  • ​以个人用户为目标的Magniber勒索软件攻击激增；黑客通过窃听HDMI电缆来窃取密码 | 牛­览
• Beacon Tower Lab
  • 【突发】国内大量家用路由器网络访问异常和流量劫持事件分析
  • 【0807】重保演习每日情报汇总
• 数世咨询
  • 勒索软件对基础设施企业带来巨额账单
  • 业内诚聘 | IT企业诚招人才 2024.8.7
• Over Security - Cybersecurity news aggregator
  • Ronin Network hacked, $12 million returned by "white hat" hackers
  • SEC ends probe into MOVEit attacks impacting 95 million people
  • FBI: BlackSuit ransomware made over $500 million in ransom demands
  • Easterly: Too early to say if Supreme Court’s Chevron decision will affect cyber incident notification rules
  • New CMoon USB worm targets Russians in data theft attacks
  • Royal ransomware successor BlackSuit has demanded more than $500 million
  • Windows Update downgrade attack "unpatches" fully-updated systems
  • Cybercrime Rapper Sues Bank over Fraud Investigation
  • UK IT provider faces $7.7 million fine for 2022 ransomware breach
  • McLaren hospitals disruption linked to INC ransomware attack
  • macOS Sequoia brings better Gatekeeper, stalkerware protections
  • Hackers could spy on cellphone users by abusing 5G baseband flaws, researchers say
  • Microsoft 365 anti-phishing feature can be bypassed with CSS
  • How MSPs and MSSPs offer vCISO services with skilled CISOs in short supply
  • Critical Progress WhatsUp RCE flaw now under active exploitation
  • Cybercriminals target Canadian restaurant chain with Chameleon malware
  • Facial authentication is surging across sports leagues. A tech exec explains the interest.
  • 60 Hurts per Second – How We Got Access to Enough Solar Power to Run the United States
  • Un nuovo trend di phishing usa lo spear phishing per campagne massive
  • Hacker cinesi hanno compromesso un ISP per distribuire malware
  • NHS software supplier Advanced faces £6m fine over ransomware attack failings
• KCon 黑客大会
  • 演讲议题巡展 | 高级恶意软件开发之RDI的进化
  • 招募漏洞猎手！OPPO、字节跳动企业专场激战正酣，大奖等你解锁！
  • 【高端培训招募】KCon大会培训日，正式回归啦！
• Shodan Blog
  • 5 Free Things for Everybody
• Securityinfo.it
  • Un nuovo trend di phishing usa lo spear phishing per campagne massive
  • Hacker cinesi hanno compromesso un ISP per distribuire malware
• Schneier on Security
  • Problems with Georgia’s Voter Registration Portal
• Full Disclosure
  • KL-001-2024-010: Journyx Unauthenticated XML External Entities Injection
  • KL-001-2024-009: Journyx Reflected Cross Site Scripting
  • KL-001-2024-008: Journyx Authenticated Remote Code Execution
  • KL-001-2024-007: Journyx Unauthenticated Password Reset Bruteforce
  • KL-001-2024-006: Open WebUI Arbitrary File Upload + Path Traversal
  • KL-001-2024-005: Open WebUI Stored Cross-Site Scripting
• Graham Cluley
  • Pig-butchering scammer targets BBC journalist
• Krebs on Security
  • Cybercrime Rapper Sues Bank over Fraud Investigation
• The Hacker News
  • New Linux Kernel Exploit Technique 'SLUBStick' Discovered by Researchers
  • Roundcube Webmail Flaws Allow Hackers to Steal Emails and Passwords
  • New Go-based Backdoor GoGra Targets South Asian Media Organization
  • CrowdStrike Reveals Root Cause of Global System Outages
  • Chameleon Android Banking Trojan Targets Users Through Fake CRM App
  • Apple’s New macOS Sequoia Tightens Gatekeeper Controls to Block Unauthorized Software
• Palo Alto Networks Blog
  • Attack Vectors at a Glance
• TorrentFreak
  • ISPs Hijack Cloudflare/Google DNS Requests, Ending Site-Blocking Workarounds
  • RIAA Backs AI Copyright Lawsuit Against Anthropic, Sees Similarities with Napster
• 嘶吼专业版
  • XCon2024议题：LLM Infra Security：大模型供应链的阿喀琉斯之踵
  • 勒索软件团伙利用新型 SharpRhino 恶意软件攻击 IT 工作者
• Deeplinks
  • EFF Tells Yet Another Court to Ensure Everyone Has Access to the Law and Reject Private Gatekeepers
• The Register - Security
  • Faulty instructions in Alibaba's T-Head C910 RISC-V CPUs blow away all security
  • Fighting AI fire with AI fire
  • Small CSS tweaks can help nasty emails slip through Outlook's anti-phishing net
  • Police take just 2 days to recover $40M stolen in business email scam
  • EQT buys majority share in Swiss cybersecurity biz Acronis
  • UK health services call-handling vendor faces $7.7M fine over 2022 ransomware attack
  • SharpRhino malware targets IT admins – Hunters International gang suspected
  • Georgia's voter portal gets a crash course in client versus backend input validation
  • Microsoft punches back at Delta Air Lines and its legal threats
  • CrowdStrike hires outside security outfits to review troubled Falcon code
• Blackhat Library: Hacking techniques and research
  • Question: Windows Secure boot
  • Hypothetically, if you stole my BTC would you return it?
• Security Affairs
  • Critical XSS bug in Roundcube Webmail allows attackers to steal emails and sensitive data
  • New Android spyware LianSpy relies on Yandex Cloud to avoid detection
  • Hackers breached MDM firm Mobile Guardian and wiped thousands of devices
• Information Security
  • VPN/Anonymizing IP list
  • Cybersecurity Boom: Abnormal Security Closes Funding At 25x Revenue Valuation
  • Announcing the Vulnerability Management program pack 1.0
• 山石网科安全技术研究院
  • 山石上榜2024年微软全球最具价值安全研究员榜单
• Computer Forensics
  • Why would splunk show a network login from a machine but the machine doesn't show anything?
  • evaluating the authenticity of a scanned document pdf
• Technical Information Security Content & Discussion
  • Tony Hawk's Pro Strcpy
  • 0.0.0.0 Day: Exploiting Localhost APIs From the Browser
  • My keyboard was misbehaving so I had to exploit my NAS
  • Exploiting authorization by nonce in WordPress plugins
  • Extracting Forensics Data from Unitronics PLCs
  • “Zovek” , My Offensive IoT Redteam Implant v1.0
• Your Open Hacker Community
  • How many “A”s to create a strong password?
  • JohnTheRipper
  • Be careful of free logs
  • PortSwigger Clickjacking first lab
  • Flashing an old device? Garmin
• Social Engineering
  • Has anyone come across this statement?
• 360数字安全
  • 全球领创！360 AI企业浏览器开启智能办公新篇章
  • AI增量一小步，安全运营一大步！ISC.AI 2024大模型重塑安全运营论坛召开！
• 迪哥讲事
  • 通过Elasticsearch服务发现的信息泄露