[每日信息流] 2024-09-20

[ruohong2018]

每日安全资讯（2024-09-20）

• Security Boulevard
  • Tackle Cyber Resilience Act requirements with our CRA checklist
  • What is Network Security Automation?
  • Sonatype can help you navigate DORA compliance
  • USENIX NSDI ’24 – Flow Scheduling With Imprecise Knowledge
  • Countering the Codex: The Rise of LLM Platform Abuse
  • Training Your Team on the Security of CPS & IoT Systems
  • Compliance webinar series: Understanding the Cyber Resilience Act
  • Product Updates: Escape’s Advanced Jira Integration – Send Remediation Details to Your Developers
  • Randall Munroe’s XKCD ‘Every Scientific Field’
  • Century-Long Innovation: A Legacy of Outpacing Cyber Threats
• Trustwave Blog
  • Industry Analysts Call Trustwave Security Colony a Vital Tool for Enhanced Cybersecurity
• Files ≈ Packet Storm
  • Ubuntu Security Notice USN-7025-1
  • htmly 2.9.9 Cross Site Scripting
  • WordPress LMS 4.2.7 SQL Injection
  • Nexus Repository Manager 3 Path Traversal
  • Check Point Security Gateways Information Disclosure
  • Telerik Report Server 2024 Q1 Authentication Bypass
  • CVE-2024-26581 Checker
  • Red Hat Security Advisory 2024-6850-03
  • Red Hat Security Advisory 2024-6843-03
  • Red Hat Security Advisory 2024-6842-03
  • Red Hat Security Advisory 2024-6840-03
  • Red Hat Security Advisory 2024-6839-03
  • Red Hat Security Advisory 2024-6838-03
  • Red Hat Security Advisory 2024-6837-03
  • Red Hat Security Advisory 2024-6816-03
  • Red Hat Security Advisory 2024-6786-03
  • Red Hat Security Advisory 2024-6785-03
  • Red Hat Security Advisory 2024-6784-03
  • Red Hat Security Advisory 2024-6783-03
  • Red Hat Security Advisory 2024-6782-03
  • Red Hat Security Advisory 2024-6779-03
  • Red Hat Security Advisory 2024-6765-03
  • Red Hat Security Advisory 2024-6757-03
  • Red Hat Security Advisory 2024-6755-03
  • Red Hat Security Advisory 2024-6754-03
• SecWiki News
  • SecWiki News 2024-09-19 Review
• Recent Commits to cve:main
  • Update Thu Sep 19 22:28:25 UTC 2024
  • Update Thu Sep 19 14:35:12 UTC 2024
  • Update Thu Sep 19 06:39:30 UTC 2024
• Tenable Blog
  • An Analyst’s Guide to Cloud-Native Vulnerability Management: Where to Start and How to Scale
• Armin Ronacher's Thoughts and Writings
  • Accidental Spending: A Case For an Open Source Tax?
• 安全客-有思想的安全新媒体
  • Broadcom 修复了关键 VMware vCenter Server 漏洞 CVE-2024-38812
  • Chrome 推出一次性权限和增强的安全检查功能，以实现更安全的浏览
  • 建筑行业会计软件Foundation遭受攻击，威胁行为者利用MSSQL漏洞进行入侵
  • Ethena 域名注册商被黑客入侵，Ethena Labs 警告用户远离
  • 随着欧洲刑警组织关闭加密聊天应用程序 Ghost ，全球犯罪受到打击
  • Chainlink 的 Sergey Nazarov 预测资产代币化将改变 Web3
  • CISA 警告称Apache、Microsoft 和 Oracle 漏洞正在被积极利用
  • GitLab 修补了 CE 和 EE 版本中的关键 SAML 身份验证绕过漏洞
  • “Marko Polo”打造全球网络犯罪巨头
  • 全球首起通信设备武器化事件！黎巴嫩BP机爆炸致数千人死伤
• 先知安全技术社区
  • 针对spring二次开发的BladeX站点的渗透测试
• 嘶吼 RoarTalk – 网络安全行业综合服务平台,4hou.com
  • 再获殊荣！梆梆安全荣获第九届“创客中国”网络安全中小企业创新创业大赛“卓越奖”
  • 黎巴嫩寻呼机（BP机）爆炸事件研判分析
  • 专家解读 | 框架重磅发布，加快构建我国人工智能安全治理格局
  • 助力移动政务应用安全防御 | 梆梆安全亮相关基安全防护专家认证培训，共话安全之道
  • 新的 Linux 恶意软件 Hadooken 针对 Oracle WebLogic 服务器
  • Check Point 软件技术公司在《GigaOm 安全策略即代码探测报告》中被评为领导者
• 先知安全技术社区
  • 针对spring二次开发的BladeX站点的渗透测试
• 一个被知识诅咒的人
  • Go 并发模式：扩展与聚合的高效并行
  • Go 并发模式：管道的妙用
• bunnie's blog
  • Turning Everyday Gadgets into Bombs is a Bad Idea
• GuidePoint Security
  • Risky Recovery: Ransomware “Decryption” Scams Remain in 2024
• Horizon3.ai
  • Century-Long Innovation: A Legacy of Outpacing Cyber Threats
  • Nicholas Warner Joins Horizon3.ai as Independent Board Director, Bringing Over Two Decades of Cybersecurity Expertise
• blog.avast.com EN
  • The time I almost got scammed from my college email
• Malwarebytes
  • Tor anonymity compromised by law enforcement. Is it still safe to use?
• Trail of Bits Blog
  • Announcing the Trail of Bits and Semgrep partnership
• Reverse Engineering
  • Setting up Lumen for IDA PRO 9
  • Connecting HQD Screen to Raspberry and arduino
• KitPloit - PenTest & Hacking Tools
  • Mass-Assigner - Simple Tool Made To Probe For Mass Assignment Vulnerability Through JSON Field Modification In HTTP Requests
• daniel.haxx.se
  • trurl 0.16
• 安全牛
  • 实力再证｜海云安连续三年荣登中国网络安全产业联盟（CCIA）榜单，蝉联两届“中国网安产业成长之星”
  • 【国家级认定】海云安获评国家级专精特新“小巨人”企业
  • 2024国家网络安全周 | 海云安凭借AI大模型在软件开发安全领域的创新实践，跻身创新创业投资专场活动决赛圈
  • 这次是对讲机！黎巴嫩再次发生移动通讯设备群体爆炸事件；CSTIS就防范新型勒索病毒Cicada3301发布风险提示 | 牛览
  • 7款流行的用户行为分析（UEBA）工具及特点分析
• 奇客Solidot–传递最新科技情报
  • W玻色子质量测量结果与标准模型预测一致
  • CERN 准备于 11 月 30 日驱逐俄罗斯科学家但不完全切断与俄的联系
  • 地球七成人口可能会在未来二十年经历极端气候
  • FBI 接管了一个中国黑客组织控制的僵尸网络
  • X 通过 Cloudflare 代理绕过巴西的屏蔽
  • Real-Time Linux 合并到内核主线
  • 任天堂和宝可梦公司起诉《幻兽帕鲁》开发商
  • 《魔兽世界》允许玩家独自完成故事
  • 以色列对黎巴嫩的无差别攻击导致 至少 32 人死亡数千人受伤
• FreeBuf网络安全行业门户
  • BP机爆炸后，对讲机也爆炸了 | 网络+供应链攻击之迷
  • FreeBuf早报 | 黎巴嫩再发生爆炸事件；谷歌宣布启用NIST抗量子加密最新标准
  • 黎巴嫩再发生爆炸事件，这次是对讲机
  • 苹果试图保护你的隐私，OpenAI可能做不到
  • Discord 推出端到端音频、视频加密通话功能
• HackerNews
  • PKfail 漏洞曝光：全球近千种设备安全启动机制失效
  • Discord 推出端到端音频、视频加密通话功能
  • 黎巴嫩再发生爆炸事件，这次是对讲机
  • 俄罗斯安全公司 Doctor Web 遭黑客攻击
  • GitLab 发布针对严重 SAML 身份验证绕过漏洞的修复程序
  • 朝鲜黑客利用虚假职位诱骗关键基础设施员工
• 安全客
  • 全球首起通信设备武器化事件！黎巴嫩BP机爆炸致数千人死伤
• 黑海洋 - WIKI
  • 法定社保退休年龄计算器
  • 免费文档下载工具 能看见多少我能下载多少 百度文库豆丁等等：kill-doc
  • 监控Android手机短信、来电、APP通知（短信转发器）
• 安全分析与研究
  • 伪装成京东金融候选人登记表的钓鱼样本详细分析
• 腾讯玄武实验室
  • 每日安全动态推送(9-19)
• 安全内参
  • 供应商泄露用户信息，甲方被罚近一亿元
  • 谷歌云被曝重大漏洞：或影响数百万台服务器
• Black Hills Information Security
  • Enable Auditing of Changes to msDS-KeyCredentialLink
• 代码卫士
  • GitLab修复严重的 SAML 认证绕过漏洞
  • CISA、FBI督促消除XSS漏洞
• 奇安信 CERT
  • GitLab SAML 认证绕过漏洞(QVD-2024-40180)安全风险通告
  • 【在野利用】Ivanti Cloud Service Appliance 命令注入漏洞(CVE-2024-8190)安全风险通告
• 数世咨询
  • SOAR永垂不朽
• 中国信息安全
  • 专题·大模型安全 | 大模型安全风险评估与防御技术综述
  • 专家解读 | 从中欧美比较的角度理解我国《人工智能安全治理框架》的特点
  • 专家观点 | 为什么要加装抗量子攻击护盾？
  • 前沿 | 数字经济法治保障机制的挑战与应对
  • 观点 | 辩证看待数据共享与隐私保护
  • 评论 | 使用AI技术当守住法律边界
• 安全圈
  • 【安全圈】黎巴嫩再发生爆炸事件，这次是对讲机
  • 【安全圈】随着欧洲刑警组织关闭加密聊天应用程序 Ghost ，全球犯罪受到打击
  • 【安全圈】建筑行业会计软件Foundation遭受攻击，威胁行为者利用MSSQL漏洞进行入侵
• 青藤云安全
  • 第一！青藤在《云原生安全能力指南》报告中取得双维度第一
• 丁爸 情报分析师的工具箱
  • 【情报资料】猜猜美军到中国来出差，每天差旅补助是多少？
• 极客公园
  • o1 发布后，信息量最大的圆桌对话：杨植麟、姜大昕、朱军探讨大模型技术路径
  • 22 个月后，大模型现在在「卷」什么？
  • AI、社区、带货，YouTube 平台要「变天」了
  • 云栖大会开幕，将推重磅发布；谷歌论文揭示o1模型原理；iPhone 16 首周销量下降 12.7% | 极客早知道
• 国家互联网应急中心CNCERT
  • CNVD漏洞周报2024年第37期
  • 上周关注度较高的产品安全漏洞(20240909-20240915)
• 情报分析师
  • 第二波来袭，黎巴嫩通讯设备爆炸事件升级
  • 西方非政府组织在吉尔吉斯斯坦的操控分析
• KCon 黑客大会
  • 定义网安培训新风向，KCon有奖调研等你发声！
• 深信服千里目安全技术中心
  • 【漏洞通告】VMware vCenter Server缓冲区溢出漏洞(CVE-2024-38812)
  • CNVD漏洞周报2024年第37期
• 阿里安全响应中心
  • 活动正式开始｜14家SRC邀您加入双11安全保卫战
• 默安科技
  • 默安科技携手"M局" 护航边疆铁路软件供应链安全建设
• TrustedSec
  • Console Cowboys: Navigating the Modern Terminal Frontier
• Over Security - Cybersecurity news aggregator
  • Chipmaker Qualcomm lays off hundreds of workers in San Diego
  • CISA warns of actively exploited Apache HugeGraph-Server bug
  • Suspects behind $230 million cryptocurrency theft arrested in Miami
  • Federal civil rights watchdog sounds alarm over DOJ, DHS and HUD use of facial recognition technology
  • Microsoft Edge will flag extensions causing performance issues
  • HuntStand - 2,795,947 breached accounts
  • Unexplained ‘Noise Storms’ flood the Internet, puzzle experts
  • This Windows PowerShell Phish Has Scary Potential
  • Tor says it’s "still safe" amid reports of police deanonymizing users
  • Ivanti warns of another critical CSA flaw exploited in attacks
  • Iran backdoors planted across Middle East telecoms, government agencies, Google says
  • Apple’s new macOS Sequoia update is breaking some cybersecurity tools
  • Talk of election security is good, but we still need more money to solve the problem
  • Google Password Manager now automatically syncs your passkeys
  • FTC exposes massive surveillance of kids, teens by social media giants
  • 17 arrested in takedown targeting phishing service with nearly 500,000 victims
  • UK spyware victims file criminal complaint against NSO Group
  • Nakasone on his new gig at Vanderbilt, deliberations at OpenAI, and nation-state threats
  • How to reduce cyber risk during employee onboarding
  • Germany seizes 47 crypto exchanges used by ransomware gangs
  • Police dismantles phone unlocking ring linked to 483,000 victims
  • Leverage Flashpoint Known Exploited Vulnerabilities (FP KEV) for Vulnerability Triage
  • Cyberspace Solarium’s successor points to 10 things Washington can do for US digital security
  • US agencies say Iran offered hacked Trump docs to Democrats but was ignored
  • 'Iran vs. Trump, and Russia vs. Harris': Congress presses Silicon Valley giants on disinformation
  • FTC: Social media and video streaming companies violate user privacy on 'vast' scale
  • Hackers deliver popular crypto-miner through malicious email auto replies, researchers say
  • Mysterious "LOVE" packet storms flood the internet since 2020
  • Applying Security Engineering to Make Phishing Harder - A Case Study
  • Clever 'GitHub Scanner' campaign abusing repos to push malware
  • What is Spearphishing: Definition, Techniques, Real-world Example
  • Getting Ready for PSR in the UK: Why Fraud Fusion Experts Should Care
  • Il costo di un cyberattacco va oltre le perdite finanziarie dirette
  • WebDAV-as-a-Service: Uncovering the infrastructure behind Emmenhtal loader distribution
  • CISA Adds Progress WhatsUp Gold and MSHTML Vulnerabilities to Known Exploited Vulnerabilities Catalog
  • Top ICS Vulnerabilities This Week: Critical Bugs in Rockwell Automation, Siemens, and Viessmann
• 安全牛
  • 7款流行的用户行为分析（UEBA）工具及特点分析
  • 这次是对讲机！黎巴嫩再次发生移动通讯设备群体爆炸事件；CSTIS就防范新型勒索病毒Cicada3301发布风险提示 | 牛览
• Qualys Security Blog
  • Black Basta Ransomware: What You Need to Know
• dotNet安全矩阵
  • .NET 一款执行命令回显的微软白名单工具
  • .NET 内网攻防实战电子报刊
  • 36套.NET系统漏洞威胁情报(09.19更新)
• SANS Internet Storm Center, InfoCON: green
  • Fake GitHub Site Targeting Developers, (Thu, Sep 19th)
  • ISC Stormcast For Thursday, September 19th, 2024 https://isc.sans.edu/podcastdetail/9144, (Thu, Sep 19th)
  • Time-to-Live Analysis of DShield Data with Vega-Lite, (Wed, Sep 18th)
• Schneier on Security
  • FBI Shuts Down Chinese Botnet
• ICT Security Magazine
  • Aumento dei Data Breach Globali: 7 attacchi su 10 in EMEA hanno rubato i tuoi dati. Attenzione anche alle minacce interne!
  • Operazione Flax Typhoon: L’FBI neutralizza una sofisticata botnet cinese in un’epica battaglia cibernetica
  • Zero Trust e Smart Industry: mettere in sicurezza Cloud, OT, IIoT, e ambienti M2M attraverso strategie avanzate di Sicurezza Informatica con l’aiuto dell’Intelligenza Artificiale
• Il Disinformatico
  • Due piccole novità
• Security Current
  • CISO Spotlight: Oded Blatman, Fireblocks CIO & CISO
• 信息安全国家工程研究中心
  • 处罚案例 | 不履行网络安全保护义务是违法行为！多家单位被通报！
• contagio
  • 2024-08-18 RAPTOR TRAIN NOSEDIVE - Mirai-type IoT Botnet Samples
• Have I Been Pwned latest breaches
  • HuntStand - 2,795,947 breached accounts
• Securityinfo.it
  • Il costo di un cyberattacco va oltre le perdite finanziarie dirette
• Full Disclosure
  • Stored XSS in "Edit Profile" - htmlyv2.9.9
  • Stored XSS in "Menu Editor" - htmlyv2.9.9
  • Backdoor.Win32.BlackAngel.13 / Unauthenticated Remote Command Execution
  • Backdoor.Win32.CCInvader.10 / Authentication Bypass
  • Backdoor.Win32.Delf.yj / Information Disclosure
• Instapaper: Unread
  • 14 dead as Hezbollah walkie-talkies explode in second, deadlier attack
  • 10 Ways to Detect Deepfakes Created by Text-to-image Services and GANs
  • Chinese Spies Built Massive Botnet of IoT Devices to Target US, Taiwan Military
  • SambaSpy, il malware che colpisce solo gli utenti italiani
• Krebs on Security
  • This Windows PowerShell Phish Has Scary Potential
• Security Affairs
  • Ivanti warns of a new actively exploited Cloud Services Appliance (CSA) flaw
  • International law enforcement operation dismantled criminal communication platform Ghost
  • U.S. CISA adds Microsoft Windows, Apache HugeGraph-Server, Oracle JDeveloper, Oracle WebLogic Server, and Microsoft SQL Server bugs to its Known Exploited Vulnerabilities catalog
  • SIEM for Small and Medium-Sized Enterprises: What you need to know
  • Antivirus firm Dr.Web disconnected all servers following a cyberattack
• Palo Alto Networks Blog
  • The Hidden AI Risk Lurking In Your Business
• Trend Micro Research, News and Perspectives
  • Earth Baxia Uses Spear-Phishing and GeoServer Exploit to Target APAC
  • Identifying Rogue AI
• KitPloit - PenTest Tools!
  • Mass-Assigner - Simple Tool Made To Probe For Mass Assignment Vulnerability Through JSON Field Modification In HTTP Requests
• Computer Forensics
  • Looking for career advice for getting into digital forensics
  • eDiscovery Premium update
• Information Security
  • Open source maintainers underpaid, swamped by security, going gray
• Technical Information Security Content & Discussion
  • New free, open, online, practical security class from Czech Technical University.
  • An Elliptic Curve-based Secure Chat, written using Rust and Protobuf
  • Exploiting Android Client WebViews with Help from HSTS
  • SAP Hash Cracking Techniques
  • Seezo SDR – Automated security design reviews
  • Applying security engineering to make phishing harder
  • Stowaway -- Multi-hop Proxy Tool for pentesters
• Blackhat Library: Hacking techniques and research
  • Opsec while Hacking
  • Intel
• Your Open Hacker Community
  • Trouble with Hashcat and Kali Linux
  • diploma thesis - which password cracker tools?
  • Help Needed to Bypass Orange Social Media Pack Restrictions
• netsecstudents: Subreddit for students studying Network Security and its related subjects
  • EAP-TLS: Breaking Into Secure TLS Deployments
• Deeplinks
  • Prison Banned Books Week: Being in Jail Shouldn’t Mean Having Nothing to Read
  • Square Peg, Meet Round Hole: Previously Classified TikTok Briefing Shows Error of Ban
  • Strong End-to-End Encryption Comes to Discord Calls
  • Canada’s Leaders Must Reject Overbroad Age Verification Bill
• TorrentFreak
  • Pirate Video Hosting Domain of Fmovies ‘Mothership’ Makes Surprise Comeback
  • Magis TV IPTV Crackdown Blocks 70 Domains, Hundreds Already Wiped Out
• The Hacker News
  • Wherever There's Ransomware, There's Service Account Compromise. Are You Protected?
  • Hackers Exploit Default Credentials in FOUNDATION Software to Breach Construction Firms
  • New Brazilian-Linked SambaSpy Malware Targets Italian Users via Phishing Emails
  • New TeamTNT Cryptojacking Campaign Targets CentOS Servers with Rootkit
  • Healthcare's Diagnosis is Critical: The Cure is Cybersecurity Hygiene
  • Microsoft Warns of New INC Ransomware Targeting U.S. Healthcare Sector
  • GitLab Patches Critical SAML Authentication Bypass Flaw in CE and EE Editions
• The Register - Security
  • Valencia Ransomware explodes on the scene, claims California city, fashion giant, more as victims
  • No way? Big Tech's 'lucrative surveillance' of everyone is terrible for privacy, freedom
  • Iran's cyber-goons emailed stolen Trump info to Team Biden – which ignored them
  • 1 in 10 orgs dumping their security vendors after CrowdStrike outage
  • Thousands of orgs at risk of knowledge base data leaks via ServiceNow misconfigurations
  • UK activists targeted with Pegasus spyware ask police to charge NSO Group
  • Tor insists its network is safe after German cops convict CSAM dark-web admin
• 360数字安全
  • 独家！揭秘黎巴嫩传呼机、对讲机两轮爆炸背后的“供应链战争”
  • 首批！360安全大模型获中国信通院基础网络安全能力评估认证
• Security Weekly Podcast Network (Audio)
  • Exploding Pagers - Tod Beardsley - PSW #843