issues
search
ruohong2018
/
ruohong2018.github.io
GNU General Public License v3.0
29
stars
3
forks
source link
[每日信息流] 2024-08-10
#546
Open
ruohong2018
opened
1 month ago
ruohong2018
commented
1 month ago
每日安全资讯(2024-08-10)
Files ≈ Packet Storm
Gentoo Linux Security Advisory 202408-19
Debian Security Advisory 5746-1
I2P 2.6.1
Gentoo Linux Security Advisory 202408-18
Debian Security Advisory 5745-1
Faraday 5.5.0
Gentoo Linux Security Advisory 202408-17
Debian Security Advisory 5744-1
Gentoo Linux Security Advisory 202408-16
Gentoo Linux Security Advisory 202408-15
Gentoo Linux Security Advisory 202408-14
Ubuntu Security Notice USN-6953-1
Ubuntu Security Notice USN-6952-1
Ubuntu Security Notice USN-6951-1
Ubuntu Security Notice USN-6950-1
Gaati Track 1.0-2023 Insecure Direct Object Reference
Red Hat Security Advisory 2024-5147-03
Ubuntu Security Notice USN-6949-1
Ubuntu Security Notice USN-6948-1
Farmacia Gama 1.0 File Inclusion
Red Hat Security Advisory 2024-5145-03
Employee Management System 1.0 Cross Site Request Forgery
Red Hat Security Advisory 2024-5144-03
Red Hat Security Advisory 2024-5143-03
E-Commerce Site Using PHP PDO 1.0 Cross Site Scripting
Security Boulevard
Cyber attacks 2024: The biggest attacks of the first half of 2024
Sonatype’s summer webinar series: Future cybersecurity requirements
USENIX Security ’23 – Cheesecloth: Zero-Knowledge Proofs of Real World Vulnerabilities
HPE Infuses AI Into Network Detection and Response Platform
Aqua Security Researchers Disclose Series of AWS Flaws
Randall Munroe’s XKCD ‘University Age’
Preview of State of GitHub Actions Security Report: Security of GH Workflows Building Blocks
USENIX Security ’23 – Trojan Source: Invisible Vulnerabilities
The Role of Microsegmentation in Kubernetes Environments
Trail of Bits’ Buttercup heads to DARPA’s AIxCC
Trustwave Blog
Balancing Escalating Security Concerns While Pursuing Business Innovation
Recent Commits to cve:main
Update Fri Aug 9 22:29:11 UTC 2024
Update Fri Aug 9 14:22:14 UTC 2024
Update Fri Aug 9 06:18:34 UTC 2024
美团技术团队
ACL 2024 | 美团技术团队精选论文解读
大众点评技术部包揽KDD 2024 OAG-Challenge Cup赛道全部3项冠军
安全客-有思想的安全新媒体
被称为“0.0.0.0日”的漏洞允许恶意网站绕过 Chrome、火狐和 Safari 的安全机制来破坏本地网络。
如何将 Microsoft Copilot 武器化以供网络攻击者使用
微软谈CISO:蓬勃发展的社区意味着更强的安全性
新型网络钓鱼欺诈利用 Google 图纸和 WhatsApp 快捷链接
FBI和CISA更新了关于BlackSuit勒索软件组织的联合咨询
Progress Software 的 WhatsUp Gold 存在严重安全漏洞,正遭受主动攻击利用,用户需尽快采取措施
NHS 软件供应商因勒索软件故障面临 600 万英镑的罚款
以太坊区块链中的 Ronin Network 本周遭遇约 1200 万美元的损失,但被盗资金已被道德黑客归还
共探移动智能业务安全新篇章!ISC.AI 2024移动智能业务安全技术论坛召开
Windows 降级攻击有可能使已打补丁的系统遭受旧漏洞的攻击
嘶吼 RoarTalk – 网络安全行业综合服务平台,4hou.com
榜单揭晓 | 第七届(2024)数字金融创新案例征集“创·见”中国式现代化
中美“网络空间地图(测绘)”趋势洞察,探访盛邦安全DayDayMap
增长稳健 盈利卓越 | Fortinet 发布 2024 年第二季度财报
央行就《修改〈中国人民银行关于进一步加强征信信息安全管理的通知〉有关公告(征求意见稿)》公开征求意见
SEC 终止对 MOVEit 零日漏洞攻击事件的调查
CACTER直播预告:重保期间邮件网关与SMC2如何多维度防护
Insinuator.net
Disclosure: Apple ADE – Network Based Provisioning Bypass
Tenable Blog
Cybersecurity Snapshot: New Report Ranks Top Cloud Threats, while CISA Guide Helps Assess Security of Software Products
CVE-2024-20419: Cisco Smart Software Manager On-Prem Password Change Vulnerability
obaby@mars
Uniapp 鸿蒙 next 初体验(+随笔)
Twitter @bytehx
RT Orange Tsai 🍊: Thrilled to release my latest research on Apache HTTP Server, revealing several architectural issues! https://blog.orange.tw/2024...
Re @corraldev Can I get the beta access?
Trail of Bits Blog
Trail of Bits’ Buttercup heads to DARPA’s AIxCC
CCC Event Blog
Hacks on the Beach 2024 #hotb24
SentinelOne
The Good, the Bad and the Ugly in Cybersecurity – Week 32
Reverse Engineering
Beginner in Reverse Engineering: Where Should I Start?
LiveCTF @ DEF CON CTF 2024 Finals [livestream]
daniel.haxx.se
more curl help
Malwarebytes
Security company ADT announces security breach of customer data
Orange
[EN] Confusion Attacks: Exploiting Hidden Semantic Ambiguity in Apache HTTP Server!
[中文] Confusion Attacks: Exploiting Hidden Semantic Ambiguity in Apache HTTP Server!
DEVCORE 戴夫寇爾
Confusion Attacks: Exploiting Hidden Semantic Ambiguity in Apache HTTP Server!
FreeBuf网络安全行业门户
已复现!微软超高危漏洞“狂躁许可”波及全球
渗透测试指南(五)后利用及报告
FreeBuf 周报 | CrowdStrike发布蓝屏事件调查报告;微软AI助手安全隐患曝光
警惕:新型网络钓鱼利用 Google Drawings 和 WhatsApp 短链接窃取信息
见证历史,被全球网安人吐槽,一个参数导致巨大灾难事故
0.0.0.0 Day漏洞曝光,谷歌、Safari、火狐等主流浏览器面临威胁
奇客Solidot–传递最新科技情报
甜味剂赤藻糖醇可能增加心血管疾病风险
华硕和微星下周开始向用户提供英特尔 CPU 微码
消除肠道有害微生物有助于减少胃癌
俄罗斯棋手使用汞给对手下毒
发射宽带卫星的长征火箭末级在轨道解体
研究显示远程工作者更享受工作
胎儿早期遭遇饥荒会增加成年后罹患 2 型糖尿病的风险
Verisign 对 .com 涨价招致批评
土耳其以剥削儿童为由封杀 Roblox
亚马逊为对抗 Temu 吸引中国卖家进驻
macOS Sequoia 上的屏幕截图和屏录应用将需要每周授权
拥抱 AI 的 openKylin 2.0 释出
ICANN 同意将 .internal 保留用于内部使用
浮萍's Blog
积木报表授权绕过漏洞缓解措施
腾讯玄武实验室
每日安全动态推送(8-9)
安全牛
CACTER直播预告:重保期间邮件网关与SMC2如何多维度防护
增长稳健 盈利卓越 | Fortinet 发布 2024 年第二季度财报
代码卫士
0.0.0.0 Day漏洞已存在18年,影响 MacOS和Linux设备
思科:注意这些已达生命周期IP电话中的RCE 0day
安全内参
微软2024财年发放了约1.2亿元漏洞赏金:平均每个漏洞8.6万元
2024黑帽大会最热门的九大AI网络安全工具
黑海洋 - WIKI
光猫刷clash
EasyVideoTrans-免费开源且易用的AI视频翻译配音工具
奇安信威胁情报中心
近期值得关注的IOC(2024-08-09)
每周高级威胁情报解读(2024.08.02~08.08)
【8月8日获奖榜】以下网络安全专家已免费获赠阿瑞斯武器库批量查询工具
阿里云应急响应
Windows 远程桌面授权服务远程代码执行漏洞(CVE-2024-38077)
丁爸 情报分析师的工具箱
【AI速读】情报界如何阻碍开源情报的发展,以及需要如何改变
长亭安全应急响应中心
【风险提示】Windows 远程桌面授权服务远程代码执行漏洞(CVE-2024-38077)
安全研究GoSSIP
G.O.S.S.I.P 阅读推荐 2024-08-09 PLC安全总览
dotNet安全矩阵
.NET 一款Web版本远程下载马子的工具
2024hvv | 21套.NET系统漏洞威胁情报(08.09更新)
.NET 内网攻防实战电子报刊
君哥的体历
关于甲方安全管理及相关事务的讨论| 总第257周
极客公园
罗永浩 5000 字长文回应「五宗罪」;ChatGPT 移动版月收入超2亿元;抖音外卖战略调整 | 极客早知道
Google,依然离不开中国开发者
数世咨询
道德规范在网络安全中的重要性
长亭科技
首次揭秘!演练充电,长亭漏洞应急响应奉上「三大法宝」
看雪学苑
Linux 内核重大安全漏洞曝光!indler 漏洞威胁数亿计算机系统
存在近30年的零点击RCE漏洞,所有Windows服务器都可能受害
机会和实力一样重要
新课已完结!零基础入门Android漏洞挖掘-入门篇
山石网科安全技术研究院
山石重磅安全研究成果亮相DEF CON安全大会
360Quake空间测绘
“狂躁许可”全球来袭,0-Click RCE
KCon 黑客大会
【高端培训招募】KCon大会培训日,正式回归啦!
字节跳动技术团队
最高优化529倍!豆包大模型团队&港大提出ByteCheckpoint提效LLM训练
奥特曼秀 5 颗草莓疯狂暗示 GPT-5?匿名新模型神秘现身,数学超强!|AGI 掘金资讯
京东安全应急响应中心
京东安全亮相Black Hat USA !探讨Mac安全和静态代码分析新高地
情报分析师
2024 年面向专业分析师的十大开源情报工具(第一期)
美国情报评估伊朗不会很快袭击以色列
天融信阿尔法实验室
【风险提示】天融信关于Windows 远程桌面许可服务远程代码执行漏洞(CVE-2024-38077)的风险提示
Beacon Tower Lab
开机就能打?没那么玄乎!客观分析 “狂躁许可”漏洞(CVE-2024-38077)及其影响范围
【0809】重保演习每日情报汇总
青藤云安全
十年罕见的高危漏洞“狂躁许可”来袭:青藤THP快速发现、监控受影响资产
火绒安全
【火绒安全周报】巴黎奥运场馆遭网络攻击/男子裸聊遭诈骗14000元
奇安信 CERT
【POC已发现,立即打补丁】微软RDL服务极危远程代码执行漏洞(CVE-2024-38077)
Qualys Security Blog
Subscription Health Dashboard Update: Optimize Deployments and Identify Issues
安全牛
传闻趋势科技正在寻求出售,美股ADRs应声上涨超10%;美国拟通过立法将勒索软件攻击定义为恐怖主义威胁 | 牛览
提升企业级密码应用安全性的8个最佳实践
DEF CON Announcements!
DEF CON Badge Update!
Have I Been Pwned latest breaches
Not SOCRadar - 282,478,425 breached accounts
Il Disinformatico
Podcast RSI - Frodi milionarie con numeri di telefono falsificati, in manette i fornitori: il caso Russian Coms
中国信息安全
论坛·全球人工智能治理 | 欧盟人工智能立法的特点与影响
沈逸:遏制体育界“饭圈”乱象,刻不容缓
专家观点 | 提高人工智能安全治理水平
评论 | 整治网络直播领域虚假和低俗乱象 让网络空间天朗气清
发布 | 北数所发布《个人信息授权运营管理办法(试行)》(附全文)
国际 | 韩国未成年人网络保护制度考察
微步在线研究响应中心
Windows Server 远程桌面授权服务 RDL曝高危漏洞
SANS Internet Storm Center, InfoCON: green
ISC Stormcast For Friday, August 9th, 2024 https://isc.sans.edu/podcastdetail/9090, (Fri, Aug 9th)
Over Security - Cybersecurity news aggregator
Ecovacs home robots can be hacked to spy on their owners, researchers say
White House working on cyber insurance policy proposal for ‘catastrophic’ incidents
Russia blocks Signal for 'violating' anti-terrorism laws
White House cyber czar touts regulatory harmonization bill advancing through Congress
CSC ServiceWorks discloses data breach after 2023 cyberattack
How a cybersecurity researcher befriended, then doxed, the leader of LockBit ransomware gang
New AMD SinkClose flaw helps install nearly undetectable malware
Iranian hackers ramping up US election interference, Microsoft warns
Microsoft discloses Office zero-day, still working on a patch
Malware force-installs Chrome extensions on 300,000 browsers, patches DLLs
MadLicense
Sintesi riepilogativa delle campagne malevole nella settimana del 03 – 09 agosto
Roblox game platform blocked in Turkey over child abuse concerns
Not SOCRadar - 282,478,425 breached accounts
Il collettivo NoName057(16) e le offensive DDoS a sostegno della narrativa russa
Impianti fotovoltaici a rischio attacco: scoperte diverse vulnerabilità
Privacy Policy of www.cleafy.com
UN cybercrime treaty passes in unanimous vote
Tennessee man charged over role in North Korea IT worker scheme
Securityinfo.it
Impianti fotovoltaici a rischio attacco: scoperte diverse vulnerabilità
Luca Mercatanti
Come il ronzio di un frigorifero permette di ricostruire eventi passati
NetSPI
Improving Ransomware Detection with Breach and Attack Simulation (BAS)
The Hacker News
Experts Uncover Severe AWS Flaws Leading to RCE, Data Theft, and Full-Service Takeovers
Microsoft Reveals Four OpenVPN Flaws Leading to Potential RCE and LPE
New Flaws in Sonos Smart Speakers Allow Hackers to Eavesdrop on Users
DOJ Charges Nashville Man for Helping North Koreans Get U.S. Tech Jobs
CISA Warns of Hackers Exploiting Legacy Cisco Smart Install Feature
Trend Micro Research, News and Perspectives
A Dive into Earth Baku’s Latest Campaign
Schneier on Security
Friday Squid Blogging: SQUID Is a New Computational Tool for Analyzing Genomic AI
People-Search Site Removal Services Largely Ineffective
Computer Forensics
Training
TorrentFreak
UFC Links Increase in Piracy Numbers to ESPN Price Hikes
Cloudflare Can’t Be Forced to Use Piracy Shield to Block IPTV, Court Tells Serie A
Information Security
Former CrowdStrike Director Reveals Plurilock’s Potential
Protecting Technical Data within A&D
Your Open Hacker Community
How to legally practice aspects of a red team operation?
What about the deanonymization of vpn?
Deep Web
Leaked Military Drawings
Hacker community idea
Security Affairs
Five zero-days impacts EoL Cisco Small Business IP Phones. Replace them with newer models asap!
CISA adds Apache OFBiz and Android kernel bugs to its Known Exploited Vulnerabilities catalog
Russian cyber spies stole data and emails from UK government systems
Technical Information Security Content & Discussion
We discovered critical vulnerabilities in 6 AWS services
BBoT 2.0 Released!
Exploiting pfsense Remote Code Execution – CVE-2022-31814
Blackhat Library: Hacking techniques and research
How Password Spraying & ASREP Roasting Work in Windows Active Directory?
How is my stalker is blocked but commenting on my Twitter.
Social Engineering
How to take back ownership of a group without causing issues?
What are techniques and tips to generate trust with people at a very fast pace
The Register - Security
Raptor Lake microcode limits Intel chips to a mere 1.55 volts to prevent CPU destruction
Understanding escalating cyber threats
Pro-Iran groups lay groundwork for 'chaos and violence' as US election meddling attempts intensify
It's 2024 and we're just getting round to stopping browsers insecurely accessing 0.0.0.0
Hello? Are you talking on a Cisco SPA300 or SPA500 IP phone? Now's the time to junk 'em
迪哥讲事
【实战分享】某系统任意密码修改漏洞
Security Weekly Podcast Network (Audio)
0.0.0.0, Blacksuit, OpenAI, AWS, Cisco Phones, Win 10, Aaran Leyland, and More... - SWN #405
AI Red Teaming and AI Safety - Sounil Yu, Amanda Minnich - ESW #371
每日安全资讯(2024-08-10)