issues
search
ruohong2018
/
ruohong2018.github.io
GNU General Public License v3.0
33
stars
3
forks
source link
[每日信息流] 2024-08-21
#557
Open
ruohong2018
opened
2 months ago
ruohong2018
commented
2 months ago
每日安全资讯(2024-08-21)
Files ≈ Packet Storm
Kernel Live Patch Security Notice LSN-0106-1
Ubuntu Security Notice USN-6969-1
Ubuntu Security Notice USN-6967-1
Akuvox Smart Intercom/Doorphone Unauthenticated Stream Disclosure
Linux Landlock Logic Bug
Ubuntu Security Notice USN-6968-1
Lost and Found Information System 1.0 Cross Site Request Forgery
Loan Management System 1.0 Cross Site Request Forgery
Ubuntu Security Notice USN-6951-3
Debian Security Advisory 5751-1
Simple Machines Forum 2.1.4 Code Injection
Red Hat Security Advisory 2024-5608-03
Biobook Social Networking Site 1.0 Arbitrary File Upload
Red Hat Security Advisory 2024-5607-03
Accounting Journal Management System 1.0 Code Injection
Red Hat Security Advisory 2024-5599-03
Red Hat Security Advisory 2024-5598-03
ABIC Cardiology Management System 1.0 Cross Site Request Forgery
Red Hat Security Advisory 2024-5584-03
Hospital Management System 1.0 Code Injection
Event Registration and Attendance System 1.0 Code Injection
Red Hat Security Advisory 2024-5583-03
Red Hat Security Advisory 2024-5582-03
Red Hat Security Advisory 2024-5522-03
Red Hat Security Advisory 2024-5082-03
Recent Commits to cve:main
Update Tue Aug 20 22:28:59 UTC 2024
Update Tue Aug 20 14:33:25 UTC 2024
Update Tue Aug 20 06:33:39 UTC 2024
SecWiki News
SecWiki News 2024-08-20 Review
Trustwave Blog
Trustwave Government Solutions Attains StateRAMP Authorization Status
安全客-有思想的安全新媒体
CISA 将 Jenkins 命令行界面 (CLI) 漏洞添加到其已知利用的漏洞目录中
被盗、被锁定的支付卡仍然可在数字钱包使用
研究人员发现了与网络犯罪集团 FIN7 有关的新基础设施
多款 MacOS 版微软应用程序易受库注入攻击影响
新型 UULoader 恶意软件 Gh0st RAT 和 Mimikatz 在东亚地区传播
网络犯罪分子利用热门软件搜索传播 FakeBat 恶意软件
IBM 新发布针对"网络安全"和"数据分析"的 IBM SkillsBuild 证书
Xeon Sender Tool 利用云 API 进行大规模短信钓鱼攻击
网络犯罪分子利用文件共享服务推进网络钓鱼攻击
360零信任安全办公平台升级!构筑一体化数字安全办公空间
Chromium Blog
Seamlessly use your passwords and addresses in Chrome across all devices
嘶吼 RoarTalk – 网络安全行业综合服务平台,4hou.com
爱加密品牌LOGO焕新,新LOGO传递了哪些信号
微软禁用 BitLocker 安全修复程序,建议手动缓解
单位敏感数据泄露,罪魁祸首竟然是食堂管理系统
开机就能打?没那么玄乎!客观分析 “狂躁许可”漏洞(CVE-2024-38077)及其影响范围
ongoing by Tim Bray
2024 Pollscrolling
Tenable Blog
SSRFing the Web with the help of Copilot Studio
Security Boulevard
Black Hat USA 2024: Key Takeaways from the Premier Cybersecurity Event
USENIX Security ’23 – CipherH: Automated Detection of Ciphertext Side-channel Vulnerabilities in Cryptographic Implementations
Identity Crisis: Hidden Threats In Digital Infrastructure
What You Get with AKS, EKS, GKE vs. Managed Kubernetes-as-a-Service
Comic Agilé – Mikkel Noe-Nygaard, Luxshan Ratnaravi – #304 – Fail Fast
Agentless is a DAM Better Option for Securing Cloud Data
From False Positives to Potential Breaches: The Risks of Prematurely Closing Incidents
INE Security Alert: The Steep Cost of Neglecting Cybersecurity Training
USENIX Security ’23 – Pspray: Timing Side-Channel Based Linux Kernel Heap Exploitation Technique
Navigating the Uncharted: A Framework for Attack Path Discovery
Insinuator.net
CrowdStrike: What is the worldwide BSOD all about?
Penetration Testing Lab
Web Browser Stored Credentials
VMRay
Latrodectus updates to version 1.4 with AES-256 string encryption
SentinelOne
Building Resilient Security | Why Fundamentals Matter More Than Ever
obaby@mars
将多个图片合并为 PDF
Reverse Engineering
SpotAPI: Enjoy Spotify Playback API Without Premium!
Keil uVision Infineon C167
安全牛
KCon 2024 同道 “汇聚黑客智慧 追求干货有趣”
2024年身份验证技术应用10大关键趋势
美国众议院议员要求对我国无线路由器厂商TP-Link发起安全调查;网易官方回应“网易云音乐”宕机故障 | 牛览
FreeBuf网络安全行业门户
FreeBuf早报 | 勒索软件2024上半年赎金创新高;消费者遭遇“幽灵机票”
适用于macOS的多个微软应用程序发现库注入漏洞,用户数据安全受威胁
丰田再发数据泄露事件,涉及240GB员工和客户信息
黑客利用 Xeon Sender 发起大规模短信钓鱼攻击
HackerNews
丰田再发数据泄露事件,涉及 240GB 员工和客户信息
黑客利用 Xeon Sender 发起大规模短信钓鱼攻击
境外新型恶意软件爆发,主要针对中韩用户
某 A 股上市公司疑似泄漏 2.3TB 数据
出售 30 万个被盗登录凭证,被判处 40 个月监禁
俄罗斯网络犯罪组织利用假冒品牌网站传播 DanaBot 和 StealC 恶意软件
Windows 0day(CVE-2024-38193)攻击与朝鲜 Lazarus APT 有关
俄勒冈州动物园售票服务遭黑客攻击,118000 人信息被盗
奇客Solidot–传递最新科技情报
世界最长寿者去世,享年 117 岁
Snoo 智能摇篮对核心功能推行订阅制
苹果巴西 App Store 据报下架 VPN 应用
持有特斯拉股票的法官拒绝回避 X 诉 Media Matters 案
不兼容的波音宇航服可能阻碍宇航员搭乘 SpaceX 飞船返回地球
苹果推出其播客应用的 Web 版本
日本禁止基于遗传信息的劳动歧视
美国科技巨头数据中心用水量大幅增长
导致恐龙灭绝的小行星来自外太阳系
朝鲜黑客利用最近修复的 Windows 0day 安装 rootkit
美国过去一年初创企业倒闭数量激增 60%
Horizon3.ai
Strengthening Cloud Security: A Comprehensive Approach
黑海洋 - WIKI
用甲骨文ARM服务器免费搭建一部云手机,适合各种24小时挂机
阿里免费企业邮箱
黑悟空 修改器 Black Myth: Wukong Trainer
锦行科技
锦行科技入选技术支撑单位,助力网络安全事业!
锦行科技荣获“鹏城靶场分靶场”锦行科技分靶场授牌
丁爸 情报分析师的工具箱
【通知】第11期全国开源能力提升培训班—开源尖兵实战训练营计划
【资料】如何成为一名情报分析师
dotNet安全矩阵
.NET 一款支持收集6种浏览器数据的工具
2024hvv | 28套.NET系统漏洞威胁情报(08.20更新)
.NET 内网攻防实战电子报刊
360漏洞云
“源”聚创新力量,“洞”见安全未来:360漏洞云亮相GOGC,共促开源漏洞安全发展
天御攻防实验室
以色列与伊朗的电子对抗
安全牛
2024年身份验证技术应用10大关键趋势
美国众议院议员要求对我国无线路由器厂商TP-Link发起安全调查;网易官方回应“网易云音乐”宕机故障 | 牛览
安全内参
印度国家支付系统部分中断:因供应商高风险漏洞迟迟不修后被黑
国内某上市公司疑遭勒索攻击泄漏2.3TB数据
中国信息安全
专题·大模型安全 | 大模型的安全风险及应对建议
前沿 | 智能赋权效应催生“认知+行为”组合式网络安全威胁分析
观点 | 全球人工智能治理任重道远
评论 | 落实平台责任,坚决打击网络暴力
前沿 | 智能化技术在反欺诈领域的应用与实践
国际 | 阿联酋、新加坡、爱尔兰加强信息技术人才培养 为数字时代夯实人才基础
直播预告 | 关基安全保护攻防实录 Vol.17
KCon 黑客大会
KCon 2024开幕在即,会议亮点及议程公布!
情报分析师
量子革命:未来战争的隐形利剑
西方非政府组织在吉尔吉斯斯坦的操控分析
CNCERT国家工程研究中心
新的 Webkit 漏洞可让攻击者利用 PS4 和 PS5 游戏机发起攻击
攻击者在勒索活动中利用公开的.env文件入侵云账户
出售30万个被盗登录凭证,被判处40个月监禁
极客公园
被误解的「95 后」,在「大厂」发光
《黑神话: 悟空》联名狂潮背后:一场不仅限于游戏的狂欢
网易云音乐恢复使用,称没有删库跑路;AMD 49 亿美元收购服务器制造商;特斯拉新一代Roadster实车曝光 | 极客早知道
国家互联网应急中心CNCERT
CNVD漏洞周报2024年第33期
上周关注度较高的产品安全漏洞(20240812-20240818)
关键基础设施安全应急响应中心
个人信息权益保护与个人数据要素化并行不悖
WPS Office两个严重漏洞曝光,已被武器化且在野利用
乌克兰网络专家联手黑客团队致瘫俄罗斯核弹头开发商
OPPO安全中心
OPPO 加入机密计算联盟:共筑隐私安全,共创智能未来
2024年7月奖励公告
【六周年庆】第二阶段明日开始!联合礼包!翻倍奖励!
火绒安全
“李鬼”软件暗设后门,对抗杀软侵蚀系统
安全圈
【安全圈】紧急!WPS被曝出现两个严重漏洞:且已被利用
嘶吼专业版
微软禁用 BitLocker 安全修复程序,建议手动缓解
爱加密品牌LOGO焕新,新LOGO传递了哪些信号
美团安全应急响应中心
美团安全团队在第五期移动互联网APP产品安全漏洞技术沙龙中分享移动应用自动化安全实践历程
奇安信威胁情报中心
近期值得关注的IOC(2024-08-20)
Over Security - Cybersecurity news aggregator
CannonDesign confirms Avos Locker ransomware data breach
Toyota confirms third-party data breach impacting customers
Microchip Technology discloses cyberattack impacting operations
Cisco employees face a month of silence ahead of second layoff in 2024
Microsoft launches unified Teams app for personal, work accounts
Man who hacked Hawaii state registry to forge his own death certificate sentenced to 81 months
Hackers target bank clients in Czechia, Hungary and Georgia in novel phishing campaign
Hackers use PHP exploit to backdoor Windows systems with new malware
Oregon Zoo warns visitors their credit card details were stolen
Data breach: The StormouS group exfiltrates 100GB from the servers of the Italian company Teleco srl
Surge in Software Supply Chain Attacks Demands Heightened Third-Party Vigilance
Widespread Cloud Exposure: Extortion Campaign Used Exposed AWS ENV Files to Target 110,000 Domains
August Windows updates break dual boot on some Linux systems
British civil service to target cyber specialists with new graduate scheme
Hacker locks Unicoin staff out of Google accounts for 4 days
US government accuses Iran of Trump campaign hack; Iran scoffs
Hackers deployed new malware against university in Taiwan
‘Styx Stealer’ malware developer accidentally exposes personal info to researchers in ‘critical opsec error’
Cyble Repeatedly Recognized as a Sample Vendor for Digital Risk Protection Services in Gartner’s Hype Cycle for Cyber Risk Management, 2024: What This Means?
Approach to mainframe penetration testing on z/OS
US warns of Iranian hackers escalating influence operations
Arriva Copilot Autofix, l’IA di GitHub per la sicurezza del codice
Iranian hackers targeted Jewish figure with malware attached to podcast invite, researchers say
A Patchdiffing Journey – TP-Link Omada
Windows driver zero-day exploited by Lazarus hackers to install rootkit
US agencies attribute presidential campaign cyberattacks to Iran
Securityinfo.it
Arriva Copilot Autofix, l’IA di GitHub per la sicurezza del codice
代码卫士
F5修复BIG-IP 和 NGINX Plus 中的多个高危漏洞
Beacon Tower Lab
【0820】重保演习每日情报汇总
Schneier on Security
Hacking Wireless Bicycle Shifters
Posts By SpecterOps Team Members - Medium
Navigating the Uncharted: A Framework for Attack Path Discovery
黑伞安全
某报表玩坏的反序列化漏洞
MDUT-黑神话纪念版 V1.1.0 Released
Securelist
Approach to mainframe penetration testing on z/OS
Palo Alto Networks Blog
Identity Protection That Spans the Entire Attack Lifecycle
Instapaper: Unread
Maximizing Disk Imaging Speeds
What is the Dark Web and How Does it Work in 2024
iOS 17- The “Forever” Setting That Isn’t… Or Is It
Identity Lookup Service
Nuova release 2024 di Tsurugi Linux, live distro gratuita e open source per informatica forense
Inside the 3 Billion People National Public Data Breach
WinFE Builds | The best choices
Your Android phone is getting an anti-theft upgrade, thanks to AI. How it works
字节跳动技术团队
字节跳动开源Linux内核网络抓包工具netcap
国产 AI 机器人好超前…弹琴泡茶打咏春,还能撸猫??|AGI 掘金资讯
Security Affairs
Ransomware payments rose from $449.1 million to $459.8 million
Previously unseen Msupedge backdoor targeted a university in Taiwan
Oracle NetSuite misconfiguration could lead to data exposure
Toyota disclosed a data breach after ZeroSevenGroup leaked stolen data on a cybercrime forum
SANS Internet Storm Center, InfoCON: green
Where are we with CVE-2024-38063: Microsoft IPv6 Vulnerability, (Tue, Aug 20th)
ISC Stormcast For Tuesday, August 20th, 2024 https://isc.sans.edu/podcastdetail/9104, (Tue, Aug 20th)
Technical Information Security Content & Discussion
Web Browser Stored Credentials
SSRFing the Web with the help of Copilot Studio (Critical Vuln in Microsoft Copilot Studio)
Hacking as a pathway to building better Products
Blackhat Library: Hacking techniques and research
Where Do You Find Breached Data
Looking for Korean Phone Number Rental for Genie and Tving Verification
Source code of an online game
Is it possible to hack a 54 digits rar password?
Anyway to get passwords to accounts you’ve forgotten?
Computer Forensics
Need help, can’t find this
Volatility and WSL2
[MAC] Accessing APFS Encrypted at Rest Disk
Information Security
IT Security Certification
Security Solutions for Government Agencies
Your Open Hacker Community
Can I make Hydra attacks faster by virtualizing it and running it in multiple environments.
Host ip shoing in bettercap
迪哥讲事
全自动白帽漏洞扫描器
360数字安全
攻防演练实录 | 360安全大模型再狙0day漏洞,助蓝队“上大分”!
国家级培训企业首站!360五张“王牌”赋能新质人才培养
Tor Project blog
New Alpha Release: Tor Browser 14.0a2
Unsupervised Learning
Aliens Landed in Palo Alto in October of 2027
UL NO. 446: AI Ecosystem Components, MS 0-Days, Iranian Campaign Hacks…
TorrentFreak
“The Pirate Bay” TV Series Teaser Appears Online
Bypass Paywalls Clean Shut Down For DMCA Anti-Circumvention Violations
netsecstudents: Subreddit for students studying Network Security and its related subjects
IT Security Certification
Compilation of SWG attacks
Protect link with captcha
The Hacker News
Detecting AWS Account Compromise: Key Indicators in CloudTrail Logs for Stolen API Keys
Czech Mobile Users Targeted in New Banking Credential Theft Scheme
Hackers Exploit PHP Vulnerability to Deploy Stealthy Msupedge Backdoor
Anatomy of an Attack
Researchers Uncover TLS Bootstrap Attack on Azure Kubernetes Clusters
Iranian Cyber Group TA453 Targets Jewish Leader with New AnvilEcho Malware
Blind Eagle Hackers Exploit Spear-Phishing to Deploy RATs in Latin America
Thousands of Oracle NetSuite Sites at Risk of Exposing Customer Information
CISA Warns of Critical Jenkins Vulnerability Exploited in Ransomware Attacks
The Register - Security
Plane tracker FlightAware admits user passwords, SSNs exposed for years
Iran named as source of Trump campaign phish, leaks
Digital wallets can allow purchases with stolen credit cards
Security Weekly Podcast Network (Audio)
The Fallout and Lessons Learned from the CrowdStrike Fiasco - Shimon Modi, Jeff Pollard, Allie Mellen, Boaz Barzel - ASW #296
Dangerous books, Microsoft plus, NPD, Solar Winds, Jenkins, and more... - SWN #408
每日安全资讯(2024-08-21)