[每日信息流] 2024-08-28

[ruohong2018]

每日安全资讯（2024-08-28）

• Trustwave Blog
  • Protecting Patient Safety: Trustwave's Role in Healthcare Cybersecurity
• CXSECURITY Database RSS Feed - CXSecurity.com
  • Puma Peru - Reflected Cross-Site Scripting (XSS)
  • WBCE CMS v1.6.2 Remote Code Execution (RCE)
  • Backdrop CMS 1.27.1 Authenticated Remote Command Execution (RCE)
  • Helpdeskz 2.0.2 Cross Site Scripting
• SecWiki News
  • SecWiki News 2024-08-27 Review
• Security Boulevard
  • Scott Kannry on the What’s Up with Tech? Podcast
  • Not a SOC FAQ! This is SOC FMD!
  • Facebook Whistleblower Fears Election Abuse
  • How Security Teams are Strengthening Their Threat Hunting
  • Windows Downdate Attacks, Quick Share Vulnerability Exploit, and More: Hacker’s Playbook Threat Coverage Round-up: August 2024
  • USENIX Security ’23 – Extracting Protocol Format As State Machine Via Controlled Static Loop Analysis
  • How fernao magellan Customized 140 Automation Use Cases
  • The Urgent Need to Get MOVING for PCI DSS v4.0 Compliance
  • Seeing the Unseen: How Generative AI Elevates Situational Awareness in Cybersecurity
  • ‘Terrorgram’ Telegram Terrorists Trash Transformers — Grid in Peril
• Files ≈ Packet Storm
  • Debian Security Advisory 5759-1
  • Ubuntu Security Notice USN-6973-3
  • Red Hat Security Advisory 2024-5894-03
  • Red Hat Security Advisory 2024-5886-03
  • Red Hat Security Advisory 2024-5884-03
  • Linux lock_get_status() Use-After-Free
  • Red Hat Security Advisory 2024-5883-03
  • Red Hat Security Advisory 2024-5882-03
  • PowerVR DevmemIntChangeSparse2() Use-After-Free
  • Red Hat Security Advisory 2024-5871-03
  • Red Hat Security Advisory 2024-5858-03
  • miniProxy 1.0.0 Remote File Inclusion
  • Medicine Tracker System 1.0 Insecure Settings
  • Medical Hub Directory Site 1.0 Insecure Settings
  • Red Hat Security Advisory 2024-5856-03
  • Red Hat Security Advisory 2024-5838-03
  • Medical Center Portal 1.0 SQL Injection
  • Red Hat Security Advisory 2024-5832-03
  • Red Hat Security Advisory 2024-5815-03
  • Marc@TMS CMS 1.0 SQL Injection
  • Lodging Reservation Management System 1.0 Insecure Settings
  • Red Hat Security Advisory 2024-5814-03
  • Red Hat Security Advisory 2024-5813-03
  • Red Hat Security Advisory 2024-5812-03
  • Login System Project 1.0 SQL Injection
• Tenable Blog
  • Secure Your Sprawling Attack Surface With Risk-based Vulnerability Management
  • $200 Million Cybersecurity Funding Available for K-12 Schools and Libraries through FCC Cybersecurity Pilot Program
• Armin Ronacher's Thoughts and Writings
  • MiniJinja: Learnings from Building a Template Engine in Rust
• Recent Commits to cve:main
  • Update Tue Aug 27 22:30:00 UTC 2024
  • Update Tue Aug 27 14:38:24 UTC 2024
  • Update Tue Aug 27 06:33:53 UTC 2024
• 嘶吼 RoarTalk – 网络安全行业综合服务平台,4hou.com
  • 警惕！工业企业生产网核心系统接口发现漏洞，生产设备可被操控
  • 国家市场监督管理总局认证监管司副司长姚雷一行莅临盛邦安全开展调研
  • 重磅！尤文图斯携手Fortinet打造足球界的网络安全堡垒
  • CACTER直播预告：聚焦EDLP邮件数据防泄露实战重点
  • 网络攻击影响《黑神话：悟空》发布：Steam平台遭受威胁
  • Litespeed Cache 漏洞导致数百万 WordPress 网站遭受接管攻击
  • 乘KCon 2024场域之势 赴网络安全「同道」盛宴
• 安全客-有思想的安全新媒体
  • 新型安卓恶意软件 NGate 窃取 NFC 数据克隆非接触式支付卡
  • 积极监控变化是网络安全的一个关键方面
  • Linux 恶意软件 sedexp 利用 udev 规则实现持久化和逃避检测
  • Microsoft 将在 CrowdStrike 服务中断后举办 Windows 安全峰会
  • Traccar GPS 系统的严重漏洞使用户面临远程攻击
  • 研究人员在 MLOps 平台中发现了 20 多个供应链漏洞
  • SonicWall 修补影响其防火墙的严重漏洞（CVE-2024-40766）
  • 网络犯罪分子利用 Greasy Opal 创建 750M 个虚假微软帐户
  • 家人们，咱安全圈可不兴“没苦硬吃”！
  • 荷兰数据保护局（DPA）对优步处以创纪录的 2.9 亿欧元（约合 3.24 亿美元）罚款
• obaby@mars
  • 秋风起
• GuidePoint Security
  • So-Phish-ticated Attacks
• SpiderLabs Blog
  • Exposed and Encrypted: Inside a Mallox Ransomware Attack
• Trail of Bits Blog
  • Provisioning cloud infrastructure the wrong way, but faster
• Reusable Security
  • Extracting Secrets from Packet Captures (A CMIYC2024 Story)
• MalwareTech
  • CVE-2024-38063 - Remotely Exploiting The Kernel Via IPv6
• FreeBuf网络安全行业门户
  • FreeBuf早报 | Uber因违反GDPR被罚23亿；谷歌发布2024年第10个零日漏洞
  • 存在严重供应链安全风险，MLOps平台曝20多个漏洞
  • Mirai 僵尸网络发现新漏洞，能同时被攻守双方利用
  • 2024年网安最高处罚记录诞生，Uber因违反GDPR被罚23亿
• Malware-Traffic-Analysis.net - Blog Entries
  • 2024-08-26 - GuLoader for Remcos RAT
• 安全牛
  • CSTIS就防范新型ValleyRAT恶意软件发布风险提示；上海电信发生断网事故，部分云宽带业务受到影响 | 牛览
  • 高级端点安全防护方案发展的12个关键特性
  • CACTER直播预告：聚焦EDLP邮件数据防泄露实战重点
  • 重磅！尤文图斯携手Fortinet打造足球界的网络安全堡垒
• HackerNews
  • Telegram 创始人在法国被捕，涉平台监管问题
  • 新型 NGate Android 恶意软件利用 NFC 芯片窃取信用卡数据
  • 黑客可以接管 Ecovacs 家用机器人来监视其主人
  • Meta 揭露伊朗黑客组织利用 WhatsApp 攻击全球政治人物
  • 新的 Linux 恶意软件 ‘sedexp’ 使用 Udev 规则隐藏信用卡盗刷器
  • 罚款 2.9 亿欧元！Uber 因将欧洲数据传输至美国服务器遭到严惩
  • APT 黑客利用罕见隐形技术攻击军事和政府目标
  • 西雅图-塔科马机场 IT 系统因网络攻击而瘫痪
  • 研究人员在 MLOps 平台中发现 20 多个供应链漏洞
• 奇客Solidot–传递最新科技情报
  • 众多高校撤销外语专业
  • Google Chrome 今年至今修复了 10 个 0day
  • 中国科学家发现新长寿基因
  • 干细胞疗法治愈病人的糖尿病
  • Stephen Wolfram 认为需要哲学家参与 AI 相关重要问题的讨论
  • 加拿大对中国造电动汽车征收 100% 关税
  • Forgejo 许可证切换到 GPLv3+
  • 三星为其智能电视提供七年操作系统更新
  • 日本结束登月探测器 SLIM 任务
  • 微软撤回了弃用控制面板的声明
  • Telegram 被俄罗斯广泛用于军事通信
  • 中国年轻人与肥胖相关癌症发病率大幅增长
• 锦行科技
  • 锦行科技作为广州市天河区代表企业受邀亮相广州博览会
• 看雪学苑
  • 安全工具开发实战，助你轻松打造实用工具系统
  • 记一次cms的web渗透测试练习
  • 为逃避抚养费，一黑客黑进死亡登记系统，将自己登记为已故人员
  • 2024 KCTF赛况 | Nepnep战队率先提交第六题flag，用时5小时12分25秒
• 雷神众测
  • 雷神众测漏洞周报2024.08.19-2024.08.25
• 奇安信威胁情报中心
  • 连续上榜|奇安信三次入选Gartner®安全威胁情报市场指南
  • 近期值得关注的IOC（2024-08-27）
• 黑奇士
  • 网传：李开复大模型企业联合创始人离职，此前刚宣布新一轮融资
• 安全内参
  • 全球石油巨头因网络攻击被迫关闭系统
  • 2024年最高罚单！Uber因违反GDPR被罚超23亿元
• 360漏洞云
  • XCon2024 x 360漏洞云精彩链动 | 焕新出发，共见未来
• 代码卫士
  • 谷歌修复今年第10个已遭利用0day
  • MLOps 平台存在20多个供应链漏洞
• dotNet安全矩阵
  • .NET 一款模拟管道和传递哈希的工具
  • .NET 内网攻防实战电子报刊
• 奇安信 CERT
  • 【可用POC已公开】Windows TCP/IP IPv6远程拒绝服务/代码执行漏洞(CVE-2024-38063)安全风险通告
• CNCERT国家工程研究中心
  • 全球数据跨境流动合规 半月观察（第三十三期）
  • 人工智能在数据安全领域的应用探析
  • 数据勒索团伙利用虚假 Windows 更新屏幕隐藏数据窃取行为
  • Telegram首席执行官逮捕案影响深远！网络黑客行动“FreeDurov”袭来-Telegram下载量不降反升
• 情报分析师
  • 幕后操控者：美国情报界合同授予专报分析
• 斗象智能安全
  • 与漏洞管理平台“人机对话”：斗象VMS DSL数据语法引擎
• 嘶吼专业版
  • 《黑神话：悟空》发布平台Steam 持续遭受网络攻击
  • Litespeed Cache 漏洞导致数百万 WordPress 网站遭受接管攻击
• 数世咨询
  • 研究报告：网络安全保险可降低公司网络风险
• 关键基础设施安全应急响应中心
  • 全球数据跨境流动合规 半月观察（第三十三期）
  • 人工智能的意识形态风险审视
  • Telegram创始人在法国被捕，涉平台监管问题
  • 审计发现FBI的数据存储管理存在重大漏洞
• 中国信息安全
  • 科来流量处理能力成功突破200Gbps大关！
  • 网号、网证是什么？权威专家解答来了！
  • 关注 | 贪吃蛇、迅雷游戏……工信部通报21款侵害用户权益行为的APP（SDK）
  • 通知 | 工信部、国家标准委联合印发《物联网标准体系建设指南（2024版）》（附全文）
  • 发布 | 中国信通院发布《中国数字经济发展研究报告（2024年）》
  • 直播预告 | 关基安全保护攻防实录 Vol.18
• Beacon Tower Lab
  • 【0827】重保演习每日情报汇总
• 安全牛
  • 高级端点安全防护方案发展的12个关键特性
  • CSTIS就防范新型ValleyRAT恶意软件发布风险提示；上海电信发生断网事故，部分云宽带业务受到影响 | 牛览
• 国家互联网应急中心CNCERT
  • CNVD漏洞周报2024年第34期
  • 上周关注度较高的产品安全漏洞(20240819-20240825)
• 字节跳动技术团队
  • Kubernetes RBAC 最佳安全实践
  • 40 亿美金打造，马斯克亲自展示！特斯拉 Cortex AI 超级集群内部视频曝光｜AGI 掘金资讯
• 极客公园
  • 赛博朋克能不能实现，就看这家公司了
  • 苹果官宣 iPhone16 新品发布时间；罗永浩：已还债 8.24 亿；传索尼PS5 Pro下月发布，性能暴涨 | 极客早知道
• 赛博回忆录
  • High-value Web Application Post-RCE Penetration Research
• Over Security - Cybersecurity news aggregator
  • BlackSuit ransomware stole data of 950,000 from software vendor
  • US Marshals Service disputes ransomware gang's breach claims
  • Windows 11 KB5041587 update adds sharing to Android devices
  • Notion exits Russia and will terminate accounts in September
  • China’s Volt Typhoon targets US internet providers using new Versa zero-day
  • US Marshals say data posted by ransomware gang not from 'new or undisclosed incident'
  • US offers $2.5 million reward for information on Belarusian hacker
  • Windows Downdate tool lets you 'unpatch' Windows systems
  • Malware infiltrates Pidgin messenger’s official plugin repository
  • Park’N Fly notifies 1 million customers of data breach
  • Cloud Storage Bucket Security: PII Leak Brings Renewed Focus to Storage Bucket Access Controls
  • New 0-Day Attacks Linked to China’s ‘Volt Typhoon’
  • High-Risk CVE-2024-7965 Vulnerability in Chrome’s V8 Engine Requires Quick Fix
  • How to identify unknown assets while pen testing
  • Chinese government hackers targeted U.S. internet providers with zero-day exploit, researchers say
  • Microsoft Sway abused in massive QR code phishing campaign
  • Chinese Volt Typhoon hackers exploited Versa zero-day to breach ISPs, MSPs
  • Internet outages spread across Ukraine following Russian air strikes on critical infrastructure
  • Member of Russian Cybercrime Group Charged in Ohio
  • Abigail Bradshaw picked as new head of Australia’s cyber intelligence agency
  • La protezione dei dati dei sistemi SaaS soffre di gravi lacune
  • Truffa bancaria, Bper e Tim chiamate a risarcire: quali considerazioni
  • Contratti per freelance e società cyber: regole di collaborazione trasparente con i clienti
  • SIM Swap e truffe bancarie: cosa impariamo dalla condanna a Bper e Tim
  • Quando l’IT va in tilt: come, perché e con quali costi aziendali
  • Rappresentante dei lavoratori per la privacy: un ruolo di tutela dei dati dall’IA
  • Trattato globale Onu sulla criminalità informatica: perché è importante
  • Crittografia post quantistica: i nuovi standard NIST e la Quantum-Key Distribution (QKD)
  • I browser enterprise per proteggere il nostro lavoro: quali sono e vantaggi offerti
  • La giornata della cyber sicurezza, per rafforzare consapevolezza e protezione
  • Raven Sentry, così gli USA hanno sfruttato l’AI per predire gli attacchi talebani
  • HZ Rat backdoor for macOS attacks users of China’s DingTalk and WeChat
  • 16-31 May 2024 Cyber Attacks Timeline
  • L’IA è un Alleato fondamentale per i CISO
• Securityinfo.it
  • La protezione dei dati dei sistemi SaaS soffre di gravi lacune
  • L’IA è un Alleato fondamentale per i CISO
• SANS Internet Storm Center, InfoCON: green
  • Why Is Python so Popular to Infect Windows Hosts?, (Tue, Aug 27th)
  • ISC Stormcast For Tuesday, August 27th, 2024 https://isc.sans.edu/podcastdetail/9114, (Tue, Aug 27th)
• Schneier on Security
  • The Present and Future of TV Surveillance
• Posts By SpecterOps Team Members - Medium
  • Ghostwriter ❤ Tool Integration
• HACKMAGEDDON
  • 16-31 May 2024 Cyber Attacks Timeline
• Securelist
  • HZ Rat backdoor for macOS attacks users of China’s DingTalk and WeChat
• The Register - Security
  • Intel's Software Guard Extensions broken? Don't panic
  • Volt Typhoon suspected of exploiting Versa SD-WAN bug since June
  • Microsoft security tools questioned for treating employees as threats
• Krebs on Security
  • New 0-Day Attacks Linked to China’s ‘Volt Typhoon’
• MalwareTech
  • CVE-2024-38063 - Remotely Exploiting The Kernel Via IPv6
• Blackhat Library: Hacking techniques and research
  • Anyone with experience with growing telegram groups?
  • What could/would you do with this info?
• Information Security
  • Cyber Briefing 28-08-2024
  • Rapid7 question
  • 𝐒𝐈𝐄𝐌 𝐯𝐬. 𝐒𝐎𝐀𝐑 𝐔𝐧𝐝𝐞𝐫𝐬𝐭𝐚𝐧𝐝𝐢𝐧𝐠 𝐭𝐡𝐞 𝐊𝐞𝐲 𝐃𝐢𝐟𝐟𝐞𝐫𝐞𝐧𝐜𝐞𝐬 𝐟𝐨𝐫 𝐄𝐧𝐡𝐚𝐧𝐜𝐞𝐝 𝐒𝐞𝐜𝐮𝐫𝐢𝐭𝐲
• Your Open Hacker Community
  • The Ideal Approach
• The Hacker News
  • macOS Version of HZ RAT Backdoor Targets Chinese Messaging App Users
  • Chinese Volt Typhoon Exploits Versa Director Flaw, Targets U.S. and Global IT Sectors
  • CTEM in the Spotlight: How Gartner's New Categories Help to Manage Exposures
  • Microsoft Fixes ASCII Smuggling Flaw That Enabled Data Theft from Microsoft 365 Copilot
  • Google Warns of CVE-2024-7965 Chrome Security Flaw Under Active Exploitation
• Deeplinks
  • Backyard Privacy in the Age of Drones
• Palo Alto Networks Blog
  • Join SASE Converge — Where the Future of SASE Comes Together
• Graham Cluley
  • The AI Fix #13: ChatGPT runs for mayor, and should we stop killer robots?
• Full Disclosure
  • Re: [SYSS-2024-038] DiCal-RED - Use of Password Hash Instead of Password for Authentication
• 360数字安全
  • 360告警：全球知名大模型框架被曝漏洞！或致AI设备集体失控
  • 就在明天！360亮相2024数博会“全剧透”
• 网安寻路人
  • 《互操作性欧洲法》全文翻译（数据基础设施专题之一）
• Technical Information Security Content & Discussion
  • I found 14 CVEs by downloading every Wordpress plugin and scanning all of it with Semgrep - full dataset published if you want to do some sifting yourself, there's plenty of output I haven't looked at.
  • Exploring inner workings of a random free android VPN
  • Back to School - Exploiting a Remote Code Execution Vulnerability in Moodle
  • Taking the Crossroads: The Versa Director Zero-Day Exploitation
• Computer Forensics
  • Targeted forensic training/certs
• TorrentFreak
  • Pirate Streaming Giants Fboxz, AniWave, Zoroxtv & Others Dead in Major Collapse
• Security Affairs
  • Critical flaw in WPML WordPress plugin impacts 1M websites
  • China-linked APT Volt Typhoon exploited a zero-day in Versa Director
  • Researchers unmasked the notorious threat actor USDoD
  • The Dutch Data Protection Authority (DPA) has fined Uber a record €290M
• Javvad Malik
  • When Less is More (And $ is Everything)
• bellingcat
  • Satellite Imagery Shows Vast Destruction in Rafah
• Trend Micro Research, News and Perspectives
  • Complete Guide to Protecting Seven Attack Vectors
• NetSPI
  • CVE-2024-37888 – CKEditor 4 Open Link plugin XSS
• Security Weekly Podcast Network (Audio)
  • MGs, Free Speech, sedexp, Cthulhu, SeaTac, GrimResource, ServiceBridge, Josh Marpet.. - SWN #410
  • Changing the Course of IoT's Future from Its Insecure Past - Paddy Harrington - ASW #297