[每日信息流] 2024-09-07

[ruohong2018]

每日安全资讯（2024-09-07）

• Verne in GitHub
  • 利用 macOS 的 LiveText 轻松复制视频文字实现观看韩综
• Trustwave Blog
  • Cybersecurity Threat Briefing for Organizations Under the SOCI in Australia
• Tenable Blog
  • Cybersecurity Snapshot: RansomHub Group Triggers CISA Warning, While FBI Says North Korean Hackers Are Targeting Crypto Orgs
• Files ≈ Packet Storm
  • C-MOR Video Surveillance 5.2401 / 6.00PL01 Command Injection
  • C-MOR Video Surveillance 5.2401 Insecure Third-Party Components
  • C-MOR Video Surveillance 5.2401 / 6.00PL01 Information Disclosure / Cleartext Secret
  • C-MOR Video Surveillance 5.2401 / 6.00PL01 Privilege Escalation
  • C-MOR Video Surveillance 5.2401 Remote Shell Upload
  • C-MOR Video Surveillance 5.2401 Path Traversal
  • C-MOR Video Surveillance 5.2401 Improper Access Control
  • C-MOR Video Surveillance 5.2401 / 6.00PL01 SQL Injection
  • C-MOR Video Surveillance 5.2401 / 6.00PL01 Cross Site Request Forgery
  • C-MOR Video Surveillance 5.2401 / 6.00PL01 Cross Site Scripting
  • C-MOR Video Surveillance 5.2401 Cross Site Scripting
  • Ubuntu Security Notice USN-6991-1
  • Red Hat Security Advisory 2024-6438-03
  • Travel 1.0 Shell Upload
  • Red Hat Security Advisory 2024-6422-03
  • Webpay E-Commerce 1.0 Insecure Settings
  • Red Hat Security Advisory 2024-6420-03
  • SPIP 4.2.12 Code Execution
  • Online Sports Complex Booking System 1.0 Insecure Settings
  • Red Hat Security Advisory 2024-6419-03
  • Online Shopping Portal Project 2.0 SQL Injection
  • Red Hat Security Advisory 2024-6418-03
  • Red Hat Security Advisory 2024-6417-03
  • Online Pizza Ordering System 1.0 Insecure Settings
  • File Management System 1.0 Insecure Direct Object Reference
• Twitter @Nicolas Krassas
  • Re @devsecurely Young people starting in security and thinking that they will make millions in a year time.
  • “Unstripping” binaries: Restoring debugging information in GDB with Pwndbg https://blog.trailofbits.com/2024/09/06/unstripping-binaries-restoring-de...
  • US sanctions fail to deter Predator spyware utilization https://www.scmagazine.com/brief/us-sanctions-fail-to-deter-predator-spyware-utilization
  • Penpie loses over $27M from crypto heist https://www.scmagazine.com/brief/penpie-loses-over-27m-from-crypto-heist
  • Misconfigured Elasticsearch database exposes 762K Chinese car owners https://www.scmagazine.com/brief/misconfigured-elasticsearch-database-exposes-762...
  • SonicWall SSLVPN access control flaw is now exploited in attacks https://www.bleepingcomputer.com/news/security/sonicwall-sslvpn-access-control-flaw-i...
  • TIDRONE Targets Military and Satellite Industries in Taiwan https://www.trendmicro.com/en_us/research/24/i/tidrone-targets-military-and-satellite-indu...
  • PhysMem(e): When Kernel Drivers Peek into Memory CVE-2024-41498 https://www.reddit.com/r/ReverseEngineering/comments/1fab3jc/physmeme_when_kernel_driv...
  • Russia-linked GRU Unit 29155 targeted critical infrastructure globally https://securityaffairs.com/168095/cyber-warfare-2/russia-gru-unit-29155-critic...
  • Re @chrmina Share your method and your way not your rewards. By all means sharing knowledge is a must. Sharing rewards feels wrong.
  • Re @ant0inet True as it's a way to promote their service, but I feel that is causing a damage to the security community with unrealistic expectations.
  • Re @devsecurely They can publish about it, doesn't have to include an amount received. The problem is that in many occasions false expectations are cr...
  • Critical Security Flaw Found in LiteSpeed Cache Plugin for WordPress https://thehackernews.com/2024/09/critical-security-flaw-found-in.html
  • Re @ArmadaRed1 ublock, brave browser ..
  • Still unsure why bug bounty hunters are putting their rewards public. You work you get paid. I don't remember seeing electricians for example writing ...
  • Even the NSA now has a podcast https://www.engadget.com/entertainment/even-the-nsa-now-has-a-podcast-140028493.html
  • Microsoft removes revenge porn from Bing search using new tool https://www.bleepingcomputer.com/news/security/microsoft-removes-revenge-porn-from-bing...
  • RansomHub Claims Planned Parenthood Hack, Steals 93GB of Sensitive Data https://hackread.com/ransomhub-planned-parenthood-hack-steals-data/
  • RT watchTowr: despite shenanigans with CVSS scores, we can confirm the latest Veeam vulnerabilities (CVE-2024-40711) allow auth bypass. If you want to...
• Recent Commits to cve:main
  • Update Fri Sep 6 22:31:41 UTC 2024
  • Update Fri Sep 6 14:30:24 UTC 2024
  • Update Fri Sep 6 06:29:52 UTC 2024
• paper - Last paper
  • GL-iNet 路由器 CVE-2024-39226 漏洞分析
• SecWiki News
  • SecWiki News 2024-09-06 Review
• 安全客-有思想的安全新媒体
  • 研究人员发现Yubikeys中存在一个难以利用但也难修复的漏洞
  • Cisco 修复 Smart Licensing Utility 中的两个严重漏洞以防止远程攻击
  • 在针对中国贸易公司的攻击中发现新的跨平台恶意软件KTLVdoor
  • Cisco Talos 发现威胁行为者利用 MacroPack 生成框架传播恶意软件
  • PyPI Revival 劫持使数千个应用程序面临风险
  • Microchip Technology 确认员工数据被盗
  • 恶意广告活动针对Lowe's员工构建钓鱼陷阱
  • Earth Lusca将其多平台恶意软件KTLVdoor添加到其武器库中
  • Veeam修复了Veeam Backup & Replication软件中的一个严重漏洞
  • 周鸿祎谈360安全大模型：相当于已具备L4级“自动驾驶” 360数字安全
• 一个被知识诅咒的人
  • 掌握Go语言中的映射、常量与指针
  • 深入探讨Go语言中的切片与数组操作
• 嘶吼 RoarTalk – 网络安全行业综合服务平台,4hou.com
  • Windows再现高危漏洞？！你的“两高一弱”安全问题短板，是时候补齐了！
  • 邀请函 | 梆梆安全诚邀您共襄盛举——2024年国家网络安全宣传周深度参与之旅
  • 梆梆安全走进南京福特工程研究中心，共守智能网联汽车安全测试基线
  • CACTER直播预告：畅联海外，高效通邮——解锁海外通邮新路径
  • 研究人员发现 SQL 注入可绕过机场 TSA 安全检查
  • 黑客通过 PWA 应用窃取 iOS、Android 用户的银行凭证
• Jiajun的技术笔记
  • 让浏览器下载文件
  • 再读《软件随想录》/《黑客与画家》/《软技能》
• Security Boulevard
  • Talking DSPM: Episode 4 – Dr. Mohit Tiwari
  • Threat Actors Abuse Red Team Tool MacroPack to Deliver Malware
  • Unify & Conquer: How Open XDR Streamlines Your Security Operations
  • Cyber Insurers Are Not Your Friend – Why a Warranty May Be a Better Option
  • USENIX Security ’23 – GlitchHiker: Uncovering Vulnerabilities of Image Signal Transmission with IEMI
  • SafeBreach Coverage for AA24-249A (GRU Unit 29155)
  • Comic Agilé – Mikkel Noe-Nygaard, Luxshan Ratnaravi – #305 – Two Full Days on Big Room Planning
  • Russian ‘WhisperGate’ Hacks: 5 More Indicted
  • Navigating Certificate Lifecycle Management in Multi-Cloud Environments
  • Customer Story | How Porter-Gaud School Built A Better Google Workspace Security Strategy
• Hexacorn
  • The art of underDLLoading
• NVISO Labs
  • Hunting Chromium Notifications
• SentinelOne
  • The Good, the Bad and the Ugly in Cybersecurity – Week 36
• SpiderLabs Blog
  • Hypervisor Development in Rust for Security Researchers (Part 1)
• Reverse Engineering
  • Restoring debugging information in GDB with Pwndbg
  • PhysMem(e): When Kernel Drivers Peek into Memory CVE-2024-41498
• Trail of Bits Blog
  • “Unstripping” binaries: Restoring debugging information in GDB with Pwndbg
• FreeBuf网络安全行业门户
  • 微软RDL远程代码执行超高危漏洞（CVE-2024-38077）漏洞检测排查方式
  • FreeBuf 周报 | Telegram创始人被捕后首次发声；俄罗斯版“微信”泄露3.9亿用户数据
  • 被警方逮捕后，Telegram创始人首次公开发声：更安全，更强大
  • 黑客背刺同行，向对方发送信息窃取软件
  • LiteSpeed 曝出严重漏洞，致使超 600 万 WordPress 网站遭攻击
• 安全牛
  • Palo Alto宣布完成对IBM QRadar的收购，原用户将被迁移至新平台；第二届网络空间安全（天津）论坛成功举办
  • 商用密码方案研究 | 智慧医疗商用密码应用安全体系建设
  • CACTER直播预告：畅联海外，高效通邮——解锁海外通邮新路径
  • 我国商用密码技术应用代表性厂商推荐及特点分析（2024版）
  • 《汽车整车信息安全技术要求》等三项智能网联汽车强制性国家标准发布；新型恶意软件利用Google Sheets窃取数据
  • 《商用密码技术创新应用指南（2024版）》报告发布
• 奇客Solidot–传递最新科技情报
  • 美国起诉向乌克兰释放破坏性恶意程序的俄罗斯军官
  • 俄罗斯购买有 25 年历史 ASML 机器制造军用芯片
  • 德银 CEO 督促德国人更努力的工作
  • 高通探讨收购部分英特尔芯片设计业务
  • 2024 年 8 月为有记录以来最热的 8 月
  • Telegram 允许举报私聊内容
  • OpenAI 考虑将先进 AI 模型的月订阅费提高到 2000 美元
  • 半导体制造设备近半销往中国大陆
• 安全客
  • IBM高管谈未来网络安全：密钥、深度伪造和量子计算
• 奇安信威胁情报中心
  • 每周高级威胁情报解读(2024.08.30~09.05)
• 安全内参
  • 预测：特朗普二度当选总统将如何改变网络安全？
  • 改进BGP安全，美国白宫发布《增强互联网路由安全路线图》
• 丁爸 情报分析师的工具箱
  • 【情报简报】美国国家地理空间情报局关注中国在纳米比亚的基础设施援建
• 代码卫士
  • Veeam 修复5个严重漏洞
  • Apache 修复严重的 OFBiz 远程代码执行漏洞
• 奇安信 CERT
  • 【已复现】Apache OFBiz 远程代码执行漏洞(CVE-2024-45195)安全风险通告
• 安全研究GoSSIP
  • G.O.S.S.I.P 阅读推荐 2024-09-06 Key-Multiplexing Attack
• 腾讯玄武实验室
  • 每日安全动态推送(9-6)
• 极客公园
  • 离开 OpenAI 后，Ilya 拿了 10 亿美金对抗 AI 作恶
  • 这辆纯电新车，决定给小米 SU7 上点强度
  • 一年亏 50 亿美元，传 OpenAI 考虑涨价 100 倍
  • 离线图生图、自动旋转屏，联想刚发了新一代 AIPC
  • 特斯拉回应「马斯克北京买房」：假的！；OpenAI 或将订阅价提至 2000 美元/月；蔚来Q2营收增长 99% | 极客早知道
• 知道创宇404实验室
  • 原创 Paper | GL-iNet 路由器 CVE-2024-39226 漏洞分析
• 关键基础设施安全应急响应中心
  • 全球数据跨境流动合规 半月观察（第三十五期）
  • 韩国政府：Telegram已删除韩国Deepfake色情内容
  • 红队工具MacroPack已被攻击者滥用
  • 根治BGP！美国发布互联网路由安全路线图
• 数世咨询
  • 专门攻击EDR的勒索软件：它是什么，如何抵御？
• 安全牛
  • 商用密码方案研究 | 智慧医疗商用密码应用安全体系建设
  • Palo Alto宣布完成对IBM QRadar的收购，原用户将被迁移至新平台；第二届网络空间安全（天津）论坛成功举办 | 牛览
• 情报分析师
  • 网络侦探：如何利用面部识别技术找人
  • 开源情报信息，一网打尽！
• 嘶吼专业版
  • 黑客通过 PWA 应用窃取 iOS、Android 用户的银行凭证
  • 研究人员发现 SQL 注入可绕过机场 TSA 安全检查
• 中国信息安全
  • 吴世忠院士：AI全球治理可以从核控、疾控中得到启示
  • 专题·大模型安全 | AIGC时代大模型的安全风险与防护实践
  • 聚焦 | 2024外滩大会· 科技伦理见解论坛在沪举行
  • 发布 | 中国信通院发布《新质生产力研究报告（2024年）》（附下载）
  • 关注 | 数字化带来隐私保护挑战，2024外滩大会热议分布式可信认证体系
  • 关注 | 2024外滩大会：WDTA发布首个大模型供应链安全领域的国际标准
  • 国际 | 美特种部队演练“网络入侵行动”
  • 前沿 | 欧盟开发、运用生成式人工智能系统中的数据保护体系概览
• 网络空间安全科学学报
  • 网安要闻 | ChinaMFS2024投稿系统已开启
• 火绒安全
  • 【火绒安全周报】美国人脸识别公司面临巨额罚款/VK遭大规模数据泄露
• 微步在线
  • 推动网络安全走向云化 微步三度上榜Cloud 100 China榜单
• CNCERT国家工程研究中心
  • 全球数据跨境流动合规 半月观察（第三十五期）
  • 政务数据安全共享交换技术体系及管理体系研究
  • 新型PyPI攻击技术可能导致超2.2万软件包被劫持
  • 网络攻击影响国家金融稳定！外媒称伊朗被迫支付超2000万元赎金
• 字节跳动技术团队
  • 字节跳动“安全范儿”高校挑战赛来袭！快人一步拿Offer！
• NETRESEC Network Security Blog
  • CapLoader 1.9.7 Released
• 默安科技
  • 连续三年荣登榜单！默安科技稳居2024年中国网安产业竞争力50强
• Securityinfo.it
  • Il quishing usato nelle colonnine di ricarica delle auto elettriche
• Schneier on Security
  • Live Video of Promachoteuthis Squid
  • YubiKey Side-Channel Attack
• Troy Hunt's Blog
  • Weekly Update 416
• SANS Internet Storm Center, InfoCON: green
  • ISC Stormcast For Friday, September 6th, 2024 https://isc.sans.edu/podcastdetail/9128, (Fri, Sep 6th)
• Over Security - Cybersecurity news aggregator
  • Nearly 1 million Wisconsin Medicare users had information leaked in MOVEit breach
  • Transport for London staff faces systems disruptions after cyberattack
  • YouTube removes Tenet Media channel over alleged ties to Russian disinformation effort
  • West Virginia law enforcement sues data broker for publishing personal information online
  • In latest check-in, spy agencies describe 'ramp up' in election influence
  • Car rental giant Avis discloses data breach impacting customers
  • Russian dark web marketplace admins indicted after arrest in Miami
  • ICS/OT/IoT Security: challenges and protection strategies
  • Microsoft Office 2024 to disable ActiveX controls by default
  • SpyAgent Android malware steals your crypto recovery phrases from images
  • Russian authorities able to identify train saboteur from anonymous Telegram account
  • Sintesi riepilogativa delle campagne malevole nella settimana del 31 agosto – 6 settembre
  • Five Russian GRU Officers and One Civilian Charged for Conspiring to Hack Ukrainian Government
  • SonicWall SSLVPN access control flaw is now exploited in attacks
  • The 2024 Threat Landscape State of Play
  • Vulnerability in Tencent WeChat custom browser could lead to remote code execution
  • Spear-Phishing in the Battlefield: Gamaredon’s Ongoing Assault on Ukraine’s Military
  • Il quishing usato nelle colonnine di ricarica delle auto elettriche
  • From Classroom into Bug Bounty: Investigating Motivational Factors Among Swiss Students
  • RansomGuard : an anti-ransomware filter driver
• ICT Security Magazine
  • Intelligenza Artificiale e Governance, il documento di analisi del Senato
• Il Disinformatico
  • Podcast RSI - Gli smartphone ci ascoltano? No, ma...
• Deeplinks
  • School Monitoring Software Sacrifices Student Privacy for Unproven Promises of Safety
  • You Really Do Have Some Expectation of Privacy in Public
• Tor Project blog
  • New Alpha Release: Tor Browser 14.0a4
• Trend Micro Research, News and Perspectives
  • TIDRONE Targets Military and Satellite Industries in Taiwan
• Full Disclosure
  • [SYSS-2024-030]: C-MOR Video Surveillance - OS Command Injection (CWE-78)
  • [SYSS-2024-029]: C-MOR Video Surveillance - Dependency on Vulnerable Third-Party Component (CWE-1395)
  • [SYSS-2024-028]: C-MOR Video Surveillance - Cleartext Storage of Sensitive Information (CWE-312)
  • [SYSS-2024-027]: C-MOR Video Surveillance - Improper Privilege Management (CWE-269)
  • [SYSS-2024-026]: C-MOR Video Surveillance - Unrestricted Upload of File with Dangerous Type (CWE-434)
  • [SYSS-2024-025]: C-MOR Video Surveillance - Relative Path Traversal (CWE-23)
  • Backdoor.Win32.Symmi.qua / Remote Stack Buffer Overflow (SEH)
  • HackTool.Win32.Freezer.br (WinSpy) / Insecure Credential Storage
  • Backdoor.Win32.Optix.02.b / Weak Hardcoded Credentials
  • Backdoor.Win32.JustJoke.21 (BackDoor Pro) / Unauthenticated Remote Command Execution
  • Backdoor.Win32.PoisonIvy.ymw / Insecure Credential Storage
  • [SYSS-2024-024]: C-MOR Video Surveillance - Improper Access Control (CWE-284)
  • [SYSS-2024-023]: C-MOR Video Surveillance - SQL Injection (CWE-89)
  • [SYSS-2024-022]: C-MOR Video Surveillance - Cross-Site Request Forgery (CWE-352)
  • [SYSS-2024-021]: C-MOR Video Surveillance - Persistent Cross-Site Scripting (CWE-79)
• TorrentFreak
  • That’s All Folks: KimCartoon’s 120m Visit Piracy Caper Ends in a DMCA Disaster
  • Man Arrested for Sharing Copyright Infringing Nude Scenes Through Reddit
• Security Affairs
  • Car rental company Avis discloses a data breach
  • SonicWall warns that SonicOS bug exploited in attacks
  • Apache fixed a new remote code execution flaw in Apache OFBiz
  • Russia-linked GRU Unit 29155 targeted critical infrastructure globally
• The Register - Security
  • Google says replacing C/C++ in firmware with Rust is easy
  • Cisco merch shoppers stung in Magecart attack
  • To patch this server, we need to get someone drunk
• The Hacker News
  • SonicWall Urges Users to Patch Critical Firewall Flaw Amid Possible Exploitation
  • GeoServer Vulnerability Targeted by Hackers to Deliver Backdoors and Botnet Malware
  • GitHub Actions Vulnerable to Typosquatting, Exposing Developers to Hidden Malicious Code
  • The State of the Virtual CISO Report: MSP/MSSP Security Strategies for 2025
  • Critical Security Flaw Found in LiteSpeed Cache Plugin for WordPress
  • Apache OFBiz Update Fixes High-Severity Flaw Leading to Remote Code Execution
  • Pavel Durov Criticizes Outdated Laws After Arrest Over Telegram Criminal Activity
• NVISO Labs
  • Hunting Chromium Notifications
• Blackhat Library: Hacking techniques and research
  • RSS feed with thousands of jobs in InfoSec/Cybersecurity every day 👀
• Computer Forensics
  • IACIS pre req courses
  • Shimcache/AppCompatCache Research with nullsec.us
• Your Open Hacker Community
  • DLL Injection Via LoadLibrary Exploit (ie: Replacing Application DLL)
  • How to hack it
• netsecstudents: Subreddit for students studying Network Security and its related subjects
  • Enhance Your Networking Skills with Free Training from Microsoft Senior MCE Engineers
  • Is this privacy policy for a VPN service concerning?
• 银针安全
  • Tomcat CVE-2024-21733漏洞简单复现、分析
• Social Engineering
  • What actions are good for endearing someone towards you?
• 360数字安全
  • 百城联动！360与您相约2024网安周
  • 360打造！首个“津牌”大模型办公平台上线
• 网安寻路人
  • ​欧洲委员会《人工智能与人权、民主与法治框架公约》-中文译文
• Security Weekly Podcast Network (Audio)
  • IP Addresses - SWN Vault