issues
search
ruohong2018
/
ruohong2018.github.io
GNU General Public License v3.0
29
stars
3
forks
source link
[每日信息流] 2024-09-17
#584
Open
ruohong2018
opened
5 days ago
ruohong2018
commented
5 days ago
每日安全资讯(2024-09-17)
CXSECURITY Database RSS Feed - CXSecurity.com
MPlayer Lite r33064 Buffer Overflow
SPIP BigUp 4.3.1 / 4.2.15 / 4.1.17 Unauthenticated Remote Code Execution
SFTRS - PHP (by: oretnom23 ) v1.0 Multiple-SQLi
Trustwave Blog
Transforming IT Security with Microsoft Defender Suite
Recent Commits to cve:main
Update Mon Sep 16 22:29:27 UTC 2024
Update Mon Sep 16 14:32:54 UTC 2024
Update Mon Sep 16 06:34:13 UTC 2024
Der Flounder
Keychain Access app in new location on macOS Sequoia
Blocking system extension disablement via System Settings on macOS Sequoia
Tenable Blog
CloudImposer: Executing Code on Millions of Google Servers with a Single Malicious Package
Security Boulevard
After CrowdStrike Crash, Microsoft Mulls New Windows Security Tools
USENIX Security ’23 – AutoFR: Automated Filter Rule Generation for Adblocking
A Personally Identifiable Cyber Jihadist Domain Portfolio
Point Product vs. CDN for Bot Protection: Striking the Right Balance
The Intersection Between a Snowden Slide and a Supposedly Malicious MD5
The Top 7 AlgoSec Alternatives
Randall Munroe’s XKCD ‘Asteroid News’
Top 5 Enterprise Tufin Competitors
Harnessing the Power of GRC Software for Enhanced Business Resilience and Compliance
Apple Seeks to Drop Its Lawsuit Against Spyware Maker NSO
Files ≈ Packet Storm
VICIdial SQL Injection / Remote Code Execution
Rejetto HTTP File Server 2.3m Template Injection / Arbitrary Code Execution
Calibre 7.14.0 Remote Code Execution
Veeam Backup And Replication 12.1.2.172 Remote Code Execution
Unleashing Worms And Extracting Data
Debian Security Advisory 5769-1
Red Hat Security Advisory 2024-6667-03
Ship Ferry Ticket Reservation System 1.0 SQL Injection
Reservation Management System 1.0 Cross Site Request Forgery
Red Hat Security Advisory 2024-6663-03
Online Job Recruitment Portal Project 1.0 Arbitrary File Upload
Red Hat Security Advisory 2024-6662-03
IFSC Code Finder Portal 1.0 Insecure Settings
Red Hat Security Advisory 2024-6661-03
GYM Management System 1.0 Insecure Settings
Red Hat Security Advisory 2024-6656-03
Emergency Ambulance Hiring Portal 1.0 SQL Injection
ManageEngine DeviceExpert 5.9.7 Build 5970 Hash Disclosure
COVID19 Testing Management System 1.0 Insecure Settings
BP Monitoring Management System 1.0 SQL Injection
Auto/Taxi Stand Management System 1.0 SQL Injection
SecWiki News
SecWiki News 2024-09-16 Review
一个被知识诅咒的人
探索Go语言中的Goroutine并发机制
并发与并行的区别:深入理解Go语言中的核心概念
modexp
Shellcode: Windows on ARM64 / AArch64
Lenny Zeltser
What to Do With Products Without SSO?
Horizon3.ai
CVE-2024-8190: Investigating CISA KEV Ivanti Cloud Service Appliance Command Injection Vulnerability
Malwarebytes
23andMe to pay $30 million in settlement over 2023 data breach
A week in security (September 9 – September 15)
SentinelOne
PinnacleOne ExecBrief | Cyber Gray Zone Risks in the Indo-Pacific
Reverse Engineering
/r/ReverseEngineering's Weekly Questions Thread
Fixing an Elgato HD60 S HDMI capture device with the help of Ghidra
Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
The Intellexa Commercial Spyware Consortium, The Predator Spyware, NSO Group and Bulgaria's Circles Commercial Spyware Vendor
A Personally Identifiable Cyber Jihadist Domain Portfolio
The Intersection Between a Snowden Slide and a Supposedly Malicious MD5
International Embassies Web Malware Exploitation Serving Domain Properties
FreeBuf网络安全行业门户
美军特战部队首次展示WiFi“网络爆破”新技能
奇客Solidot–传递最新科技情报
Flappy Bird 原作者否认参与了新游戏
德国主权科技基金向 Samba 项目投资 69 万欧元
text/plain
Welcome to Fall, I guess?
KitPloit - PenTest & Hacking Tools
Psobf - PowerShell Obfuscator
黑海洋 - WIKI
AcWing工程全套课程
Napkin:AI将文字转可视化工具
新浪微博备份工具 – MemoMe(原Speechless)
闲鱼做好这5个步骤让你店铺迅速抢占市场流量【揭秘】
在线学生证生成器 (娱乐)
青衣十三楼飞花堂
包惠僧回忆录
丁爸 情报分析师的工具箱
【AI速读】美国政府问责局建议加大全球基础设施投入以应对中国“一带一路”
dotNet安全矩阵
一个永久的.NET渗透工具和知识仓库
SoapShell 更新 | 新增调用cmd执行系统命令
.NET内网实战:通过FSharp白名单执行命令
中国信息安全
发布 | 金融监管总局印发《关于加强银行业保险业移动互联网应用程序管理的通知》
答记者问 | 金融监管总局有关负责人就《关于加强银行业保险业移动互联网应用程序管理的通知》答记者问
极客公园
iPhone 16「秋裤色」丑上热搜;特斯拉 Robotaxi 小车曝光;《流浪地球2》3D 版上映 | 极客早知道
Have I Been Pwned latest breaches
Instituto Nacional de Deportes de Chile - 319,613 breached accounts
Over Security - Cybersecurity news aggregator
Instituto Nacional de Deportes de Chile - 319,613 breached accounts
Microsoft fixes bug crashing Microsoft 365 apps when typing
‘Clipper’ malware is being used to steal crypto, Binance warns
Feds sentence 12 crypto thieves behind SIM swaps, home invasions
CISA warns of Windows flaw used in infostealer malware attacks
Owner of only US platinum mine confirms data breach after ransomware claims
Exploit code released for critical Ivanti RCE flaw, patch now
Data on nearly 1 million NHS patients leaked online following ransomware attack on London hospitals
Microsoft rolls out Office LTSC 2024 for Windows and Mac
US hits Intellexa spyware maker with more sanctions
US cracks down on spyware vendor Intellexa with more sanctions
Chrome switching to NIST-approved ML-KEM quantum encryption
D-Link fixes critical RCE, hardcoded password flaws in WiFi 6 routers
CISA Adds Ivanti Cloud Services Appliance Vulnerability to Known Exploited Vulnerabilities Catalog (CVE-2024-8190)
Top Cyber Threats of the Week: Brute Force Attacks, CVE Attempts and Malware Infections
China suspected of hacking diplomatic body for Pacific islands region
Un malware Android ha infettato più di un milione di TV Box
German radio station forced to broadcast 'emergency tape' following cyberattack
Il dominio italiano di Excite riutilizzato in una campagna di malspam via PEC
CERT-AGID 7 – 13 settembre: 350 indicatori di compromissione e due nuove campagne di phishing
GitLab Community and Enterprise Editions Receive New Updates to Mitigate Severe Security Risks
安全圈
【安全圈】美军特战部队首次展示WiFi“网络爆破”新技能
【安全圈】Google Cloud 加强了备份和灾难恢复服务,通过不可修改的保险库为企业提供额外保护
【安全圈】名为Hadooken的新型Linux恶意软件以Oracle WebLogic服务器为目标
【安全圈】Fortinet 通过第三方确认客户数据泄露
Securityinfo.it
Un malware Android ha infettato più di un milione di TV Box
CERT-AGID 7 – 13 settembre: 350 indicatori di compromissione e due nuove campagne di phishing
Lenny Zeltser
What to Do With Products Without SSO?
SANS Internet Storm Center, InfoCON: green
Managing PE Files With Overlays, (Mon, Sep 16th)
ISC Stormcast For Monday, September 16th, 2024 https://isc.sans.edu/podcastdetail/9138, (Mon, Sep 16th)
ICT Security Magazine
Intelligenza artificiale e cybersecurity: rischi e prospettive per diventare resilienti
Adversarial Machine Learning – Aspetti Scientifici
Unsupervised Learning
UL NO. 450: Thoughts on o1-preview and the Path to AGI
NetSPI
Mapping Mainframe Memory Made Easy
The Hacker News
Google Fixes GCP Composer Flaw That Could've Led to Remote Code Execution
North Korean Hackers Target Cryptocurrency Users on LinkedIn with RustDoor Malware
From Breach to Recovery: Designing an Identity-Focused Incident Response Playbook
Master Your PCI DSS v4 Compliance with Innovative Smart Approvals
Apple Drops Spyware Case Against NSO Group, Citing Risk of Threat Intelligence Exposure
Cybercriminals Exploit HTTP Headers for Credential Theft via Large-Scale Phishing Attacks
Your Open Hacker Community
Deauth Attack for Smart TVs
Deep Web
Time to build a legit marketplace 🍀(for educational purposes only)
KitPloit - PenTest Tools!
Psobf - PowerShell Obfuscator
Security Affairs
D-Link addressed three critical RCE in wireless router models
Recently patched Windows flaw CVE-2024-43461 was actively exploited as a zero-day before July 2024
SolarWinds fixed critical RCE CVE-2024-28991 in Access Rights Manager
Apple dismisses lawsuit against surveillance firm NSO Group due to risk of threat intelligence exposure
Hacker tricked ChatGPT into providing detailed instructions to make a homemade bomb
Information Security
Common Myths About Passwordless Authentication Debunked
Schneier on Security
Legacy Ivanti Cloud Service Appliance Being Exploited
IntelTechniques Blog
UNREDACTED Magazine Issue 007
TorrentFreak
Movie Companies Take DMCA Subpoena ‘Shortcut’ Dispute to Court of Appeals
Eddy Grant Wins: Trump’s ‘Fair Use’ of ‘Electric Avenue’ Was Anything But
Technical Information Security Content & Discussion
Exploiting Microsoft Kernel Applocker Driver (CVE-2024-38041)
Hacking the Planet - A DEFCON ICS CTF 2024 Retrospective
CVE-2024-8190: Investigating CISA KEV Ivanti Cloud Service Appliance Command Injection Vulnerability
Deeplinks
Unveiling Venezuela’s Repression: Surveillance and Censorship Following July’s Presidential Election
The Climate Has a Posse – And So Does Political Satire
The Register - Security
The empire of C++ strikes back with Safe C++ blueprint
Snowflake slams 'more MFA' button again – months after Ticketmaster, Santander breaches
Germany’s CDU still struggling to restore data months after June cyberattack
Prison just got rougher as band of heinously violent cybercrims sentenced to lengthy stints
China’s quantum* crypto tech may be unhackable, but it's hardly a secret
23andMe settles class-action breach lawsuit for $30 million
每日安全资讯(2024-09-17)