[每日信息流] 2024-09-03

[ruohong2018]

每日安全资讯（2024-09-03）

• CXSECURITY Database RSS Feed - CXSecurity.com
  • Apache Karaf Default Credentials Command Execution
• Security Boulevard
  • Introducing Goffloader: A Pure Go Implementation of an In-Memory COFFLoader and PE Loader
  • The Role of Digital Adoption in Email Deliverability & Security
  • Demystifying SOC 2 Compliance for Startups: A Simple Guide
  • Happy United States Labor Day 2024 / Feliz Fin de Semana del Día del Trabajo de Estados Unidos 2024 / Joyeux Fin de Semaine de la Fête du Travail aux États-Unis 2024
  • Happy Canada Labour Day! / Bonne Fête du Travail Canadienne!
  • Data Breaches for the Month August 2024
  • DevOpsDays Birmingham AL 2024: Guardrails, Immutable Infrastructures, and Community
  • SQL Injection Attack on Airport Security
  • How SSL Certificates Can Help Prevent Man-in-the-Middle Attacks
  • Ubuntu Fixes Several Linux Kernel AWS Vulnerabilities
• Files ≈ Packet Storm
  • Packet Storm New Exploits For August, 2024
  • libpcap 1.10.5
  • tcpdump 4.99.5
  • Debian Security Advisory 5762-1
  • IntelliNet 2.0 Remote Root
  • Ubuntu Security Notice USN-6982-1
  • Online Musical Instrument Shop IN 1.0 Cross Site Scripting
  • Online Job Portal IN 1.0 SQL Injection
  • Debian Security Advisory 5763-1
  • pgAdmin 8.4 Code Execution
  • SPIP 4.2.7 Code Execution
  • Loan Management System 2024 1.0 Insecure Settings
  • Hostel Management System 1.0 Arbitrary File Upload
  • File Management System 1.0 Cross Site Request Forgery
  • Faculty Evaluation System 1.0 Cross Site Request Forgery
  • eClass LMS 6.2.0 Shell Upload
  • Free Hospital Management System For Small Practices 1.0 CSRF
• SecWiki News
  • SecWiki News 2024-09-02 Review
• 安全客-有思想的安全新媒体
  • Atlassian Confluence 漏洞被利用于加密货币挖矿活动
  • 新的网络攻击以Cobalt Strike有效载荷瞄准华语企业
  • SANS研究所发布2024年关键基础设施战略指南：呼吁采取行动保护ICS/OT环境
  • ‘Voldemort’ 恶意软件利用全球税务机构对组织发动攻击
  • 与韩国有关联的组织 APT-C-60 利用了 WPS Office 零日漏洞
  • 网络攻击者在可能的间谍活动中利用 Google Sheets 进行恶意软件控制
  • 网络安全巨头持续加码 AI 投资：Check Point 和 Cisco 最新收购动向
  • Fortra 修复了 FileCatalyst Workflow 中的两个严重漏洞
  • 模拟“noblox.js”的恶意 npm 包会破坏 Roblox 开发人员的系统
  • 摆脱高级威胁“达摩克利斯之剑”，科教行业再添安全“buff”
• 嘶吼 RoarTalk – 网络安全行业综合服务平台,4hou.com
  • 关于邀请参加2024年度关键信息基础设施安全保护论坛的函
  • 安全动态回顾|工信部通报21款APP及SDK存在侵害用户权益行为 Uber因将司机数据从欧洲转移到美国被罚款3.25亿美元
  • 为什么所有账户（甚至测试账户）都需要强密码
• Recent Commits to cve:main
  • Update Mon Sep 2 22:50:17 UTC 2024
  • Update Mon Sep 2 14:41:23 UTC 2024
  • Update Mon Sep 2 06:33:06 UTC 2024
• paper - Last paper
  • Pwn2Own2020 Synology NAS Netatalk Heap Overflow Analysis
• contagio mobile
  • 2024-08-05 Android CHAMELEON Samples
• Twitter @bytehx
  • Re @zack0x01 Congrats 🎉
• SpiderLabs Blog
  • Your Money or Your Data: Ransomware Readiness Planning
• Hex Rays
  • IDA 9.0: SDK & IDAPython porting guides
• Reverse Engineering
  • /r/ReverseEngineering's Weekly Questions Thread
  • HexWalk 1.8.0, Hex analyzer new release for Windows/Mac/Linux with new Disassembler feature for x86, ARM and MIPS (give it a try!)
• daniel.haxx.se
  • webinar: mastering the curl command line
• Security Blog | Praetorian
  • Introducing Goffloader: A Pure Go Implementation of an In-Memory COFFLoader and PE Loader
• 安全牛
  • 绿盟科技深度参与的“东数西算”工程首个安全标准批准发布
  • 活动预告 |《商用密码技术创新应用指南（2024版）》线上发布会即将举办
  • 工信部：今年1-7月我国信息安全产品和服务收入增长放缓，同比增长7.5% ；加州大学圣克鲁斯分校就误导性网络钓鱼测试道歉| 牛览
  • 揭示网络安全运营中的隐藏挑战
  • 宁德时代回应“威胁美国安全”指控：不可远程访问与控制 ；首批安全运营类（二级）服务资质名单发布，5家企业通过评估 | 牛览
  • Gartner《2024中国安全技术成熟度曲线》AI安全助手代表性产品：开发者安全助手D10
  • 深信服安全GPT荣获第十届数博会「2024优秀科技成果」
• FreeBuf网络安全行业门户
  • 商密解决方案及业务场景阐述
  • GitHub项目评论被用来传播Lumma Stealer恶意软件
  • FreeBuf早报 | 杜蕾斯子公司客户数据遭泄露；马来西亚基建遭勒索攻击300GB数据被窃
  • 又一新型恶意软件曝光！已向全球70多家企业发起网络攻击
• 黑海洋 - WIKI
  • 昊昊听书 听书神器软件，免费听有声读物，去广告纯净版
  • 变声器软件 原变声器大师（解锁vip）
  • 零克查词 - 自媒体违规词检测工具
  • 米禾阅读/笔趣阅读-免费小说追书换源 去广告纯净版
• 代码卫士
  • NPM恶意包假冒 “noblox.js”，攻陷 Roblox 开发系统
  • 研究员利用SQL注入漏洞绕过机场的TSA安全审查
• 奇客Solidot–传递最新科技情报
  • SpaceX Starship 重型火箭的爆炸制造了巨大的电离层空洞
  • ElasticSearch 和 Kibana 再次变成自由软件
  • 微软让受争议的 Recall 功能可卸载
  • Telegram 是言论自由和恋童癖的天堂
  • 狨猴会用名字称呼彼此
  • 日本上半年生育人数再创新低
  • 海洋学家拍到飞行面条怪物
  • 调查显示 6% 的 Python 开发者仍在使用 Python 2
• 丁爸 情报分析师的工具箱
  • 【资料】乌克兰开源情报公司
• dotNet安全矩阵
  • .NET 一款用于解密web.config配置的工具
  • .NET内网实战：通过XOML代码绕过防护
• 慢雾科技
  • 每月动态 | Web3 安全事件总损失约 3.16 亿美元
• 安全内参
  • 遭遇严重数据泄露事件后，这家公司宣布投入超6亿元升级安全系统
  • 李强主持召开国务院常务会议，审议通过《网络数据安全管理条例 (草案)》等
• 中国信息安全
  • 全球视野 | 国际网安快讯（第26期）
  • 专题·大模型安全 | “数字风洞”构造大语言模型的安全“围栏”
  • 专家解读 | 北京自贸区探索高效便利安全数据跨境流动机制的创新举措
  • 通知 | 网安标委就《数据安全技术 二手电子产品信息清除技术要求（征求意见稿）》等3项国家标准征求意见（附下载）
  • 专家观点 | 保障人工智能健康发展 推进人工智能治理法治化
  • 关注 | 公安部公布8起打击广告推广型网络黑灰产犯罪典型案例
  • 评论 | 推动网络执法成为优化营商网络环境“最硬内核”
• 奇安信 CERT
  • 安全热点周报：Google Chrome 和 Apache OFBiz 漏洞被黑客利用，紧急修复措施发布
• 极客公园
  • 大厂不想你有 AI 女友
  • 罗永浩微博暗示将发新产品，不是手机；余承东评「 S9飞坡」：不给钱就搞你；360 推「大模型竞技场」 | 极客早知道
• 补天平台
  • 补天校园GROW计划开学季，校园白帽的专属系列活动来啦！
  • 与补天众测一起共创团圆时刻！
• 阿里安全响应中心
  • 叮！你有一份先知中秋礼盒请注意查收
• 复旦白泽战队
  • 成果分享｜基于危险程度引导的自动驾驶系统交通违规检测工作
• 关键基础设施安全应急响应中心
  • 关键基础设施安全资讯周报20240902期
  • 大模型的安全挑战及应对建议
  • 马来西亚国家基建遭勒索攻击疑泄露超300GB数据
• 安全研究GoSSIP
  • G.O.S.S.I.P 阅读推荐 2024-09-02 功到（CFI）自然成？
• 字节跳动技术团队
  • ByteHouse案例实践：某销售数据平台如何基于OLAP大幅提升复杂查询效率？
  • 穿着西装的「人」却专做家务？OpenAI 家庭机器人 NEO 登场，动作丝滑逼近人类！｜AGI 掘金资讯
• 安全客
  • 美航空管理服务系统存在严重SQL注入漏洞：允许未经授权人员绕过机场安检
• Over Security - Cybersecurity news aggregator
  • Decrypting the ‘Calculator’ App(s)
  • Admins of MFA bypass service plead guilty to fraud
  • Transport for London discloses ongoing “cyber security incident”
  • Italy, exposed database puts dental clinic patients’ data at risk
  • Iranian State-Sponsored Hackers Have Become Access Brokers for Ransomware Gangsca
  • Owners of 1-Time Passcode Theft Service Plead Guilty
  • Verkada to pay $2.95M for security failures leading to breaches
  • HTB Jupiter Walkthrough
  • Linux version of new Cicada ransomware targets VMware ESXi servers
  • Business services giant CBIZ discloses customer data breach
  • HTB RedPanda Walkthrough
  • HTB Support Walkthrough
  • HTB Shoppy Walkthrough
  • HTB Ambassador Walkthrough
  • (9) Breaking Down CraxsRAT: The Making of an Android RAT Menace | LinkedIn
  • Hackers Claiming that EagleSpy Android RAT 3.0 Steals 2FA Google Authenticator Code
  • Thread Analysis: EagleSpy v3.0 Android RAT - The True Trojan Horse Threatening Digital Security
  • Aumentano gli attacchi alle applicazioni e alle API
  • German air traffic control agency confirms cyberattack, says operations unaffected
  • Three UK men convicted of running website behind fraud calls during COVID-19 lockdown
  • Head Mare: adventures of a unicorn in Russia and Belarus
  • Certego and CrowdSec
  • Technical Analysis of Copybara
  • CERT-AGID 24 – 30 agosto: Agenzia delle Entrate e INPS sotto attacco
• 安全牛
  • 工信部：今年1-7月我国信息安全产品和服务收入增长放缓，同比增长7.5% ；加州大学圣克鲁斯分校就误导性网络钓鱼测试道歉| 牛览
  • 活动预告 |《商用密码技术创新应用指南（2024版）》线上发布会即将举办
• Il Disinformatico
  • Stamattina alle 11 torno a Rete Tre con “Niente panico”
• CNVD漏洞平台
  • CNVD漏洞周报2024年第35期
  • 上周关注度较高的产品安全漏洞(20240826-20240901)
• Securityinfo.it
  • Aumentano gli attacchi alle applicazioni e alle API
  • CERT-AGID 24 – 30 agosto: Agenzia delle Entrate e INPS sotto attacco
• Schneier on Security
  • SQL Injection Attack on Airport Security
• Securelist
  • Head Mare: adventures of a unicorn in Russia and Belarus
• SANS Internet Storm Center, InfoCON: green
  • Protected OOXML Text Documents, (Mon, Sep 2nd)
• 嘶吼专业版
  • 为什么所有账户（甚至测试账户）都需要强密码
  • 安全动态回顾|工信部通报21款APP及SDK存在侵害用户权益行为 Uber因将司机数据从欧洲转移到美国被罚款3.25亿美元
• contagio
  • 2022-2024 North Korea Citrine Sleet /Lazarus FUDMODULE ( BYOVD ) Rootkit Samples
  • 2024-08-28 CORONA MIRAI Botnet Spreads via Zero-Day (CVE-2024-7029) - command injection vulnerability found in the brightness function of AVTECH closed-circuit television (CCTV) Samples
  • 2024-08-29 ASYNCRAT Samples
  • 2024-08-29 UNDERGROUND Ransomware Samples
  • 2024-08-23 ANGRY STEALER (Rage stealer variant) Telegram rat . Samples
  • 2024-08-14 OSX BANSHEE infostealer Samples
  • 2024-08-22 PEAKLIGHT Stealthy Memory-Only Malware Samples
  • 2024-08-21 MOONPEAK malware from North Korean UAT-5394 Samples
• TorrentFreak
  • EFF Assists Critic’s Fair Use Defense Over Kids’ Religious Program ‘Leak’
  • Court Denies Cheat Seller AimJunkies a New Trial, Affirms Bungie’s $4.3m Win
• Blackhat Library: Hacking techniques and research
  • hak5 rubber ducky vs O.MG Plug vs Bash Bunny
  • We Discovered an Iranian Company That Should Be Sanctioned Based on Infostealer Infections
• Krebs on Security
  • Owners of 1-Time Passcode Theft Service Plead Guilty
• The Hacker News
  • RansomHub Ransomware Group Targets 210 Victims Across Critical Sectors
  • Webinar: Learn to Boost Cybersecurity with AI-Powered Vulnerability Management
  • Next-Generation Attacks, Same Targets - How to Protect Your Users' Identities
  • Malicious npm Packages Mimicking 'noblox.js' Compromise Roblox Developers’ Systems
• The Register - Security
  • Telegram CEO was 'too free' on content moderation, says Russian minister
  • Novel attack on Windows spotted in phishing campaign run from and targeting China
• NISL实验室
  • 【学术报告】LLM Security and Safety: Taxonomy, Current, and Future
• Information Security
  • 62% of CISOs Would Pay Ransom: Ethical Dilemmas in Cybersecurity Leadership
• netsecstudents: Subreddit for students studying Network Security and its related subjects
  • Learn from the Pros: Burp Suite Tutorial and Cybersecurity Career Insights
  • Where to start in cybersecurity and how to start .
• Graham Cluley
  • IT worker charged over $750,000 cyber extortion plot against former employer
• Your Open Hacker Community
  • Laptop Cooling while using John the Ripper
  • Is LANC any good I was attempting to use wireshark but I can’t get it to sniff how I want it to, it’s for educational purposes, i am basically getting some red team vs blue team practice, a project me and my buddy are trying to do
  • Kali- hotspot - whatsapp IP leak question
  • How To Hack Speaker?
• Social Engineering
  • The Rich Want You to Fear Tax Fairness
  • Exploring Social Skills and Charisma as a Hobby
  • Surveillance Nation: Are We Really Being Watched?
  • Prevent scams through scam emails
• 迪哥讲事
  • Src第五期：来都来了
• Security Affairs
  • Transport for London (TfL) is dealing with an ongoing cyberattack
  • Lockbit gang claims the attack on the Toronto District School Board (TDSB)
  • A new variant of Cicada ransomware targets VMware ESXi systems
• Technical Information Security Content & Discussion
  • The state of sandbox evasion techniques in 2024
• Computer Forensics
  • RECmd vs Regripper
  • Shellbag Weaknesses
  • Using DHCP/DNS logs in a real-life investigations - got a story to tell?
  • Transferring Images or Investigation Data out of China
• 360数字安全
  • 数字政府新标杆！朝阳“City不City啊”？
• Security Weekly Podcast Network (Audio)
  • Leadership Lessons from the First 100 Episodes of CISO Stories - Todd Fitzgerald - BSW Vault
  • Close the Security Theater: Enter Resilience - Kelly Shortridge - ASW Vault