[每日信息流] 2024-08-10

[ruohong2018]

每日安全资讯（2024-08-10）

• Files ≈ Packet Storm
  • Gentoo Linux Security Advisory 202408-19
  • Debian Security Advisory 5746-1
  • I2P 2.6.1
  • Gentoo Linux Security Advisory 202408-18
  • Debian Security Advisory 5745-1
  • Faraday 5.5.0
  • Gentoo Linux Security Advisory 202408-17
  • Debian Security Advisory 5744-1
  • Gentoo Linux Security Advisory 202408-16
  • Gentoo Linux Security Advisory 202408-15
  • Gentoo Linux Security Advisory 202408-14
  • Ubuntu Security Notice USN-6953-1
  • Ubuntu Security Notice USN-6952-1
  • Ubuntu Security Notice USN-6951-1
  • Ubuntu Security Notice USN-6950-1
  • Gaati Track 1.0-2023 Insecure Direct Object Reference
  • Red Hat Security Advisory 2024-5147-03
  • Ubuntu Security Notice USN-6949-1
  • Ubuntu Security Notice USN-6948-1
  • Farmacia Gama 1.0 File Inclusion
  • Red Hat Security Advisory 2024-5145-03
  • Employee Management System 1.0 Cross Site Request Forgery
  • Red Hat Security Advisory 2024-5144-03
  • Red Hat Security Advisory 2024-5143-03
  • E-Commerce Site Using PHP PDO 1.0 Cross Site Scripting
• Security Boulevard
  • Cyber attacks 2024: The biggest attacks of the first half of 2024
  • Sonatype’s summer webinar series: Future cybersecurity requirements
  • USENIX Security ’23 – Cheesecloth: Zero-Knowledge Proofs of Real World Vulnerabilities
  • HPE Infuses AI Into Network Detection and Response Platform
  • Aqua Security Researchers Disclose Series of AWS Flaws
  • Randall Munroe’s XKCD ‘University Age’
  • Preview of State of GitHub Actions Security Report: Security of GH Workflows Building Blocks
  • USENIX Security ’23 – Trojan Source: Invisible Vulnerabilities
  • The Role of Microsegmentation in Kubernetes Environments
  • Trail of Bits’ Buttercup heads to DARPA’s AIxCC
• Trustwave Blog
  • Balancing Escalating Security Concerns While Pursuing Business Innovation
• Recent Commits to cve:main
  • Update Fri Aug 9 22:29:11 UTC 2024
  • Update Fri Aug 9 14:22:14 UTC 2024
  • Update Fri Aug 9 06:18:34 UTC 2024
• 美团技术团队
  • ACL 2024 | 美团技术团队精选论文解读
  • 大众点评技术部包揽KDD 2024 OAG-Challenge Cup赛道全部3项冠军
• 安全客-有思想的安全新媒体
  • 被称为“0.0.0.0日”的漏洞允许恶意网站绕过 Chrome、火狐和 Safari 的安全机制来破坏本地网络。
  • 如何将 Microsoft Copilot 武器化以供网络攻击者使用
  • 微软谈CISO：蓬勃发展的社区意味着更强的安全性
  • 新型网络钓鱼欺诈利用 Google 图纸和 WhatsApp 快捷链接
  • FBI和CISA更新了关于BlackSuit勒索软件组织的联合咨询
  • Progress Software 的 WhatsUp Gold 存在严重安全漏洞，正遭受主动攻击利用，用户需尽快采取措施
  • NHS 软件供应商因勒索软件故障面临 600 万英镑的罚款
  • 以太坊区块链中的 Ronin Network 本周遭遇约 1200 万美元的损失，但被盗资金已被道德黑客归还
  • 共探移动智能业务安全新篇章！ISC.AI 2024移动智能业务安全技术论坛召开
  • Windows 降级攻击有可能使已打补丁的系统遭受旧漏洞的攻击
• 嘶吼 RoarTalk – 网络安全行业综合服务平台,4hou.com
  • 榜单揭晓 | 第七届（2024）数字金融创新案例征集“创·见”中国式现代化
  • 中美“网络空间地图（测绘）”趋势洞察，探访盛邦安全DayDayMap
  • 增长稳健 盈利卓越 | Fortinet 发布 2024 年第二季度财报
  • 央行就《修改〈中国人民银行关于进一步加强征信信息安全管理的通知〉有关公告（征求意见稿）》公开征求意见
  • SEC 终止对 MOVEit 零日漏洞攻击事件的调查
  • CACTER直播预告：重保期间邮件网关与SMC2如何多维度防护
• Insinuator.net
  • Disclosure: Apple ADE – Network Based Provisioning Bypass
• Tenable Blog
  • Cybersecurity Snapshot: New Report Ranks Top Cloud Threats, while CISA Guide Helps Assess Security of Software Products
  • CVE-2024-20419: Cisco Smart Software Manager On-Prem Password Change Vulnerability
• obaby@mars
  • Uniapp 鸿蒙 next 初体验（+随笔）
• Twitter @bytehx
  • RT Orange Tsai 🍊: Thrilled to release my latest research on Apache HTTP Server, revealing several architectural issues! https://blog.orange.tw/2024...
  • Re @corraldev Can I get the beta access?
• Trail of Bits Blog
  • Trail of Bits’ Buttercup heads to DARPA’s AIxCC
• CCC Event Blog
  • Hacks on the Beach 2024 #hotb24
• SentinelOne
  • The Good, the Bad and the Ugly in Cybersecurity – Week 32
• Reverse Engineering
  • Beginner in Reverse Engineering: Where Should I Start?
  • LiveCTF @ DEF CON CTF 2024 Finals [livestream]
• daniel.haxx.se
  • more curl help
• Malwarebytes
  • Security company ADT announces security breach of customer data
• Orange
  • [EN] Confusion Attacks: Exploiting Hidden Semantic Ambiguity in Apache HTTP Server!
  • [中文] Confusion Attacks: Exploiting Hidden Semantic Ambiguity in Apache HTTP Server!
• DEVCORE 戴夫寇爾
  • Confusion Attacks: Exploiting Hidden Semantic Ambiguity in Apache HTTP Server!
• FreeBuf网络安全行业门户
  • 已复现！微软超高危漏洞“狂躁许可”波及全球
  • 渗透测试指南（五）后利用及报告
  • FreeBuf 周报 | CrowdStrike发布蓝屏事件调查报告；微软AI助手安全隐患曝光
  • 警惕：新型网络钓鱼利用 Google Drawings 和 WhatsApp 短链接窃取信息
  • 见证历史，被全球网安人吐槽，一个参数导致巨大灾难事故
  • 0.0.0.0 Day漏洞曝光，谷歌、Safari、火狐等主流浏览器面临威胁
• 奇客Solidot–传递最新科技情报
  • 甜味剂赤藻糖醇可能增加心血管疾病风险
  • 华硕和微星下周开始向用户提供英特尔 CPU 微码
  • 消除肠道有害微生物有助于减少胃癌
  • 俄罗斯棋手使用汞给对手下毒
  • 发射宽带卫星的长征火箭末级在轨道解体
  • 研究显示远程工作者更享受工作
  • 胎儿早期遭遇饥荒会增加成年后罹患 2 型糖尿病的风险
  • Verisign 对 .com 涨价招致批评
  • 土耳其以剥削儿童为由封杀 Roblox
  • 亚马逊为对抗 Temu 吸引中国卖家进驻
  • macOS Sequoia 上的屏幕截图和屏录应用将需要每周授权
  • 拥抱 AI 的 openKylin 2.0 释出
  • ICANN 同意将 .internal 保留用于内部使用
• 浮萍's Blog
  • 积木报表授权绕过漏洞缓解措施
• 腾讯玄武实验室
  • 每日安全动态推送(8-9)
• 安全牛
  • CACTER直播预告：重保期间邮件网关与SMC2如何多维度防护
  • 增长稳健 盈利卓越 | Fortinet 发布 2024 年第二季度财报
• 代码卫士
  • 0.0.0.0 Day漏洞已存在18年，影响 MacOS和Linux设备
  • 思科：注意这些已达生命周期IP电话中的RCE 0day
• 安全内参
  • 微软2024财年发放了约1.2亿元漏洞赏金：平均每个漏洞8.6万元
  • 2024黑帽大会最热门的九大AI网络安全工具
• 黑海洋 - WIKI
  • 光猫刷clash
  • EasyVideoTrans-免费开源且易用的AI视频翻译配音工具
• 奇安信威胁情报中心
  • 近期值得关注的IOC（2024-08-09）
  • 每周高级威胁情报解读(2024.08.02~08.08)
  • 【8月8日获奖榜】以下网络安全专家已免费获赠阿瑞斯武器库批量查询工具
• 阿里云应急响应
  • Windows 远程桌面授权服务远程代码执行漏洞（CVE-2024-38077）
• 丁爸 情报分析师的工具箱
  • 【AI速读】情报界如何阻碍开源情报的发展，以及需要如何改变
• 长亭安全应急响应中心
  • 【风险提示】Windows 远程桌面授权服务远程代码执行漏洞（CVE-2024-38077）
• 安全研究GoSSIP
  • G.O.S.S.I.P 阅读推荐 2024-08-09 PLC安全总览
• dotNet安全矩阵
  • .NET 一款Web版本远程下载马子的工具
  • 2024hvv | 21套.NET系统漏洞威胁情报(08.09更新)
  • .NET 内网攻防实战电子报刊
• 君哥的体历
  • 关于甲方安全管理及相关事务的讨论| 总第257周
• 极客公园
  • 罗永浩 5000 字长文回应「五宗罪」；ChatGPT 移动版月收入超2亿元；抖音外卖战略调整 | 极客早知道
  • Google，依然离不开中国开发者
• 数世咨询
  • 道德规范在网络安全中的重要性
• 长亭科技
  • 首次揭秘！演练充电，长亭漏洞应急响应奉上「三大法宝」
• 看雪学苑
  • Linux 内核重大安全漏洞曝光！indler 漏洞威胁数亿计算机系统
  • 存在近30年的零点击RCE漏洞，所有Windows服务器都可能受害
  • 机会和实力一样重要
  • 新课已完结！零基础入门Android漏洞挖掘-入门篇
• 山石网科安全技术研究院
  • 山石重磅安全研究成果亮相DEF CON安全大会
• 360Quake空间测绘
  • “狂躁许可”全球来袭，0-Click RCE
• KCon 黑客大会
  • 【高端培训招募】KCon大会培训日，正式回归啦！
• 字节跳动技术团队
  • 最高优化529倍！豆包大模型团队&港大提出ByteCheckpoint提效LLM训练
  • 奥特曼秀 5 颗草莓疯狂暗示 GPT-5？匿名新模型神秘现身，数学超强！｜AGI 掘金资讯
• 京东安全应急响应中心
  • 京东安全亮相Black Hat USA ！探讨Mac安全和静态代码分析新高地
• 情报分析师
  • 2024 年面向专业分析师的十大开源情报工具（第一期）
  • 美国情报评估伊朗不会很快袭击以色列
• 天融信阿尔法实验室
  • 【风险提示】天融信关于Windows 远程桌面许可服务远程代码执行漏洞(CVE-2024-38077)的风险提示
• Beacon Tower Lab
  • 开机就能打？没那么玄乎！客观分析 “狂躁许可”漏洞（CVE-2024-38077）及其影响范围
  • 【0809】重保演习每日情报汇总
• 青藤云安全
  • 十年罕见的高危漏洞“狂躁许可”来袭：青藤THP快速发现、监控受影响资产
• 火绒安全
  • 【火绒安全周报】巴黎奥运场馆遭网络攻击/男子裸聊遭诈骗14000元
• 奇安信 CERT
  • 【POC已发现，立即打补丁】微软RDL服务极危远程代码执行漏洞（CVE-2024-38077）
• Qualys Security Blog
  • Subscription Health Dashboard Update: Optimize Deployments and Identify Issues
• 安全牛
  • 传闻趋势科技正在寻求出售，美股ADRs应声上涨超10%；美国拟通过立法将勒索软件攻击定义为恐怖主义威胁 | 牛览
  • 提升企业级密码应用安全性的8个最佳实践
• DEF CON Announcements!
  • DEF CON Badge Update!
• Have I Been Pwned latest breaches
  • Not SOCRadar - 282,478,425 breached accounts
• Il Disinformatico
  • Podcast RSI - Frodi milionarie con numeri di telefono falsificati, in manette i fornitori: il caso Russian Coms
• 中国信息安全
  • 论坛·全球人工智能治理 | 欧盟人工智能立法的特点与影响
  • 沈逸：遏制体育界“饭圈”乱象，刻不容缓
  • 专家观点 | 提高人工智能安全治理水平
  • 评论 | 整治网络直播领域虚假和低俗乱象 让网络空间天朗气清
  • 发布 | 北数所发布《个人信息授权运营管理办法（试行）》（附全文）
  • 国际 | 韩国未成年人网络保护制度考察
• 微步在线研究响应中心
  • Windows Server 远程桌面授权服务 RDL曝高危漏洞
• SANS Internet Storm Center, InfoCON: green
  • ISC Stormcast For Friday, August 9th, 2024 https://isc.sans.edu/podcastdetail/9090, (Fri, Aug 9th)
• Over Security - Cybersecurity news aggregator
  • Ecovacs home robots can be hacked to spy on their owners, researchers say
  • White House working on cyber insurance policy proposal for ‘catastrophic’ incidents
  • Russia blocks Signal for 'violating' anti-terrorism laws
  • White House cyber czar touts regulatory harmonization bill advancing through Congress
  • CSC ServiceWorks discloses data breach after 2023 cyberattack
  • How a cybersecurity researcher befriended, then doxed, the leader of LockBit ransomware gang
  • New AMD SinkClose flaw helps install nearly undetectable malware
  • Iranian hackers ramping up US election interference, Microsoft warns
  • Microsoft discloses Office zero-day, still working on a patch
  • Malware force-installs Chrome extensions on 300,000 browsers, patches DLLs
  • MadLicense
  • Sintesi riepilogativa delle campagne malevole nella settimana del 03 – 09 agosto
  • Roblox game platform blocked in Turkey over child abuse concerns
  • Not SOCRadar - 282,478,425 breached accounts
  • Il collettivo NoName057(16) e le offensive DDoS a sostegno della narrativa russa
  • Impianti fotovoltaici a rischio attacco: scoperte diverse vulnerabilità
  • Privacy Policy of www.cleafy.com
  • UN cybercrime treaty passes in unanimous vote
  • Tennessee man charged over role in North Korea IT worker scheme
• Securityinfo.it
  • Impianti fotovoltaici a rischio attacco: scoperte diverse vulnerabilità
• Luca Mercatanti
  • Come il ronzio di un frigorifero permette di ricostruire eventi passati
• NetSPI
  • Improving Ransomware Detection with Breach and Attack Simulation (BAS)
• The Hacker News
  • Experts Uncover Severe AWS Flaws Leading to RCE, Data Theft, and Full-Service Takeovers
  • Microsoft Reveals Four OpenVPN Flaws Leading to Potential RCE and LPE
  • New Flaws in Sonos Smart Speakers Allow Hackers to Eavesdrop on Users
  • DOJ Charges Nashville Man for Helping North Koreans Get U.S. Tech Jobs
  • CISA Warns of Hackers Exploiting Legacy Cisco Smart Install Feature
• Trend Micro Research, News and Perspectives
  • A Dive into Earth Baku’s Latest Campaign
• Schneier on Security
  • Friday Squid Blogging: SQUID Is a New Computational Tool for Analyzing Genomic AI
  • People-Search Site Removal Services Largely Ineffective
• Computer Forensics
  • Training
• TorrentFreak
  • UFC Links Increase in Piracy Numbers to ESPN Price Hikes
  • Cloudflare Can’t Be Forced to Use Piracy Shield to Block IPTV, Court Tells Serie A
• Information Security
  • Former CrowdStrike Director Reveals Plurilock’s Potential
  • Protecting Technical Data within A&D
• Your Open Hacker Community
  • How to legally practice aspects of a red team operation?
  • What about the deanonymization of vpn?
• Deep Web
  • Leaked Military Drawings
  • Hacker community idea
• Security Affairs
  • Five zero-days impacts EoL Cisco Small Business IP Phones. Replace them with newer models asap!
  • CISA adds Apache OFBiz and Android kernel bugs to its Known Exploited Vulnerabilities catalog
  • Russian cyber spies stole data and emails from UK government systems
• Technical Information Security Content & Discussion
  • We discovered critical vulnerabilities in 6 AWS services
  • BBoT 2.0 Released!
  • Exploiting pfsense Remote Code Execution – CVE-2022-31814
• Blackhat Library: Hacking techniques and research
  • How Password Spraying & ASREP Roasting Work in Windows Active Directory?
  • How is my stalker is blocked but commenting on my Twitter.
• Social Engineering
  • How to take back ownership of a group without causing issues?
  • What are techniques and tips to generate trust with people at a very fast pace
• The Register - Security
  • Raptor Lake microcode limits Intel chips to a mere 1.55 volts to prevent CPU destruction
  • Understanding escalating cyber threats
  • Pro-Iran groups lay groundwork for 'chaos and violence' as US election meddling attempts intensify
  • It's 2024 and we're just getting round to stopping browsers insecurely accessing 0.0.0.0
  • Hello? Are you talking on a Cisco SPA300 or SPA500 IP phone? Now's the time to junk 'em
• 迪哥讲事
  • 【实战分享】某系统任意密码修改漏洞
• Security Weekly Podcast Network (Audio)
  • 0.0.0.0, Blacksuit, OpenAI, AWS, Cisco Phones, Win 10, Aaran Leyland, and More... - SWN #405
  • AI Red Teaming and AI Safety - Sounil Yu, Amanda Minnich - ESW #371