[每日信息流] 2024-09-21

[ruohong2018]

每日安全资讯（2024-09-21）

• Recent Commits to cve:main
  • Update Fri Sep 20 22:33:23 UTC 2024
  • Update Fri Sep 20 14:26:18 UTC 2024
  • Update Fri Sep 20 06:35:15 UTC 2024
• Files ≈ Packet Storm
  • Ubuntu Security Notice USN-7027-1
  • Debian Security Advisory 5773-1
  • OpenSSH 9.9p1
  • Ubuntu Security Notice USN-6968-2
  • BlackNET 3.7.0.0 Missing Authentication / File Deletion / Traversal
  • Red Hat Security Advisory 2024-6893-03
  • Red Hat Security Advisory 2024-6892-03
  • Red Hat Security Advisory 2024-6891-03
  • Red Hat Security Advisory 2024-6890-03
  • Ubuntu Security Notice USN-7015-2
  • Red Hat Security Advisory 2024-6889-03
  • Red Hat Security Advisory 2024-6888-03
  • Red Hat Security Advisory 2024-6887-03
  • Red Hat Security Advisory 2024-6886-03
  • Ubuntu Security Notice USN-7024-1
  • Red Hat Security Advisory 2024-6883-03
  • Red Hat Security Advisory 2024-6882-03
  • SPIP BigUp 4.2.15 Code Injection
  • Red Hat Security Advisory 2024-6880-03
  • Red Hat Security Advisory 2024-6879-03
  • Taskhub 3.0.3 Insecure Settings
  • Red Hat Security Advisory 2024-6878-03
  • Teacher Subject Allocation Management System 1.0 Cross Site Scripting
  • Red Hat Security Advisory 2024-6849-03
  • Red Hat Security Advisory 2024-6848-03
• SecWiki News
  • SecWiki News 2024-09-20 Review
• Security Boulevard
  • USENIX NSDI ’24 – Revisiting Congestion Control for Lossless Ethernet
  • How Asset Discovery Tools Work
  • Comic Agilé – Mikkel Noe-Nygaard, Luxshan Ratnaravi – #306 – My Door Is Always Open
  • How API Security Fits into DORA Compliance: Everything You Need to Know
  • Behavioral Baselining and its Critical Role in Cybersecurity
  • Google Expands Chrome Security and Privacy Capabilities
  • USENIX NSDI ’24 – Pudica: Toward Near-Zero Queuing Delay in Congestion Control for Cloud Gaming
  • Chicago API Security Summit 2024
  • Cybersecurity Insights with Contrast CISO David Lindner | 09/20/24
  • Simplify NIS2 compliance with Sonatype
• 一个被知识诅咒的人
  • 编程工具的未来风暴：颠覆效率的秘密武器
  • 与AI共舞：程序员在智能时代的核心竞争力之道
  • 中国IT产业的未来：自主创新与全球竞争力的双重奏
  • 华为仓颉语言入门（1）：仓颉概述
  • 用Go语言构建健壮的并发系统：深入理解错误传播与处理
  • Go语言并发模式详解：深入理解管道与上下文的高级用法
• Tenable Blog
  • Cybersecurity Snapshot: Critical Infrastructure Orgs Found Vulnerable to Basic Hacks, While New MITRE Tool Uses ML to Predict Attack Chains
• 嘶吼 RoarTalk – 网络安全行业综合服务平台,4hou.com
  • 寻呼机爆炸，炸醒通讯安全警惕心
  • 武汉大学：如何做好高校电子邮件账号安全防护
  • 关于发布《网络安全标准实践指南——敏感个人信息识别指南》的通知
  • 超过 1000 个 ServiceNow 实例被发现泄露企业知识库数据
  • 周鸿祎谈黎巴嫩寻呼机爆炸案：供应链和网络安全必须掌握在自己手中
• 安全客-有思想的安全新媒体
  • Vice Society 转向使用Inc勒索软件攻击医疗行业
  • 警惕新网络钓鱼手法：虚假 CAPTCHA 页面诱骗用户安装 Lumma Stealer 恶意软件
  • 利用加密货币敏捷性应对后量子威胁
  • 朝鲜 APT 在网络间谍攻击中绕过 DMARC 电子邮件策略
  • 黑客声称对戴尔公司进行了数据泄露，曝光超过10,000名员工信息
  • 联邦调查局逮捕了涉嫌窃取 2.3 亿美元比特币的加密货币骗子
  • 谷歌发出警告： 依赖性扫描程序经常误报漏洞
  • Ivanti 云服务设备中被利用漏洞 CVE-2024-8190 的 PoC 漏洞利用版本
  • SambaSpy RAT 在独特的恶意软件活动中以意大利用户为目标
  • 首批！360安全大模型获中国信通院基础网络安全能力评估认证
  • 探索隐私计算的标准化之路 | Jeddak亮相国家网络安全宣传周
• obaby@mars
  • 秋老虎不发猫，你当我病危啊？
• Hexacorn
  • Dexray v2.34
• SentinelOne
  • The Good, the Bad and the Ugly in Cybersecurity – Week 38
• Malwarebytes
  • “Simply staggering” surveillance conducted by social media and streaming services, FTC finds
• Reverse Engineering
  • Reverse Engineering a Kernel Driver chall: S01 E02
  • Plasma launcher
• Wallarm
  • Chicago API Security Summit 2024
• Hackerman's Hacking Tutorials
  • Steam's 'Open in Desktop' Button
• FreeBuf网络安全行业门户
  • FreeBuf 周报 | 美社交巨头被曝长期监视未成年用户；黎巴嫩发生大量通讯设备爆炸事件
  • LockBit 勒索美国在线报税服务平台eFile
  • Meta、YouTube等巨头被曝长期监视未成年用户，牟利数十亿美元
• 绿盟科技技术博客
  • 绿盟科技威胁周报（2024.09.09-2024.09.15）
  • Linux中Time Travel Debugging (TTD)
• KitPloit - PenTest & Hacking Tools
  • File-Unpumper - Tool That Can Be Used To Trim Useless Things From A PE File Such As The Things A File Pumper Would Add
• 奇客Solidot–传递最新科技情报
  • 三里岛重启核反应堆向微软出售电力驱动 AI
  • 美国 ISP 表示他们不想切断被控盗版的用户宽带接入
  • iPhone 16 支持 JPEG XL 格式
  • 德国十分之一受 CrowdStrike 事件影响的组织抛弃旧的安全供应商
  • 黑洞喷流长达 2300 万光年
  • 在被黑客入侵窃取内部数据之后迪士尼将停用 Slack
  • 美国科技行业的工作岗位枯竭
  • 减肥药 GLP-1 研究者赢得拉斯克奖
  • 美国特情局调查马斯克暗杀现任总统副总统的言论
• Dhole Moments
  • Cryptographic Innuendos
• 腾讯玄武实验室
  • 每日安全动态推送(9-20)
• 安全牛
  • 下一代SAST |灵脉SAST3.5智能AI漏洞验证技术智慧再升级！
  • 简析自动化在安全运营中的4个典型用例及流程
  • 查处3.1万余人！公安机关打击网络谣言取得显著成效；警惕一种新型凭证窃取手法：浏览器操控+恶意软件 | 牛览
• 奇安信威胁情报中心
  • 每周高级威胁情报解读(2024.09.13~09.19)
• 软件安全与逆向分析
  • eBPF第六季免费开更来袭，主打你问我答！
• 安全客
  • 车臣领导人卡德罗夫称马斯克远程禁用其Cybertruck电动皮卡车
• 长亭安全应急响应中心
  • 【已复现】Ivanti Endpoint Manager 反序列化致远程代码执行漏洞（CVE-2024-29847）
• 奇安信病毒响应中心
  • 每周勒索威胁摘要
• 代码卫士
  • 微软SQL服务器漏洞被用于攻击承包商软件
  • 以色列宣布进入战争“新阶段”，黎巴嫩对讲机爆炸已致14人死亡
• 丁爸 情报分析师的工具箱
  • 【情报实战】如何查询黎巴嫩爆炸BP机的台湾生产厂家
• 安全内参
  • 原来是它！医药巨头支付了超5亿元勒索软件赎金
  • “PKfail”漏洞曝光：全球近千种设备安全启动机制失效
• 微步在线研究响应中心
  • 漏洞通告 | Ivanti Endpoint Manager 远程代码执行漏洞（CVE-2024-29847）
• dotNet安全矩阵
  • .NET 红队武器库和资源集合 (第38期)
  • .NET 安全基础入门学习知识库
  • .NET 一款执行命令回显的微软白名单工具
  • .NET安全基础 | 视频详细介绍系统程序集
  • .NET 安全攻防知识交流社区
  • SoapShell 更新 | 新增站点根目录下适配某版本哥斯拉的WebShell
• 极客公园
  • 爆火的华为「三折叠」背后，到底隐藏了多少黑科技
  • 售价高达 100 万的 AI 产品，有钱人排队求买，为什么？
  • 微信朋友圈支持发布实况照片；欧盟要求苹果对第三方开放操作系统；特朗普首次使用比特币支付餐费 | 极客早知道
• 奇安信 CERT
  • 【已复现】Ivanti Endpoint Manager反序列化漏洞(CVE-2024-29847)安全风险通告第二次更新
• 百度安全实验室
  • 2024网安周 | 百度安全深度参与，探索人工智能与数字安全的融合发展之路
• 安全牛
  • 简析自动化在安全运营中的4个典型用例及流程
  • 查处3.1万余人！公安机关打击网络谣言取得显著成效；警惕一种新型凭证窃取手法：浏览器操控+恶意软件 | 牛览
• 火绒安全
  • 【火绒安全周报】31万购机被掉包成火腿肠/阿里云盘bug泄露用户照片
• 京东安全应急响应中心
  • 【活动】反爬专项开测！
• 青藤云安全
  • 青藤天睿RASP荣获“2024应用安全卓越产品奖”
• 长亭科技
  • 更多维，更硬核｜一串数字，揭秘长亭科技2024网安周足迹
  • 三维一体——基于信创环境的安全运营落地实践｜大湾区金融安全专刊·安全村
• 国家互联网应急中心CNCERT
  • 网络安全信息与动态周报2024年第37期（9月9日-9月15日）
• 安全圈
  • 【安全圈】Meta、YouTube等巨头被曝长期监视未成年用户，牟利数十亿美元
  • 【安全圈】洋葱路由(Tor)也并不是完全安全的 执法机构利用时序分析追溯特定用户
  • 【安全圈】LockBit 勒索美国在线报税服务平台eFile
  • 【安全圈】Vice Society 转向使用Inc勒索软件攻击医疗行业
• 嘶吼专业版
  • 超过 1000 个 ServiceNow 实例被发现泄露企业知识库数据
  • 关于发布《网络安全标准实践指南——敏感个人信息识别指南》的通知
• 中国信息安全
  • 《中国信息安全》2024年第7期目录
  • 打造软件安全风险感知能力 | 某经济特区安全实践
  • 专家解读 | 内外兼修防未然，技管并举护周全——《人工智能安全治理框架》
  • 专家观点 | 强化信息保护，防范深伪犯罪风险
  • 关注 | 公安部公布5起打击整治“移花接木”拼接网络谣言违法犯罪典型案例
  • 前沿 | 《全球网络安全指数2024年版》报告显示——各国网络安全措施普遍加强
  • 国际 | 分析法国、日本网络暴力信息治理模式
• bellingcat
  • Mystery Profile Linked to Hungarian Firm Implicated in Exploding Pagers
• contagio
  • 2024-09-19 UNC1860 Iran APT - Temple of Oats ( OATBOAT, TEMPLEDOOR, SASHEYAWAY, OBFUSLAY, WINTAPIX, CRYPTOSLAY) Samples
  • 2024-09-18 SAMBASPY Java RAT Samples
  • 2024-09-18 Earth Baxia APT - RIPCOY + SWORDLDR Samples (Spear-Phishing and GeoServer Exploit used to Target APAC)
• Blog on Shielder
  • A Journey From sudo iptables To Local Privilege Escalation
• Yak Project
  • 抱歉占用公共资源，大家别猜啦，我们在一起了@Yaker
• Trend Micro Research, News and Perspectives
  • How Ransomhub Ransomware Uses EDRKillShifter to Disable EDR and Antivirus Protections
• Securityinfo.it
  • I cybercriminali prendono di mira l’autenticazione multi-fattore
• SANS Internet Storm Center, InfoCON: green
  • ISC Stormcast For Friday, September 20th, 2024 https://isc.sans.edu/podcastdetail/9146, (Fri, Sep 20th)
• The Register - Security
  • US indicts two over socially engineered $230M+ crypto heist
  • Ivanti patches exploited admin command execution flaw
  • Cybercrooks strut away with haute couture Harvey Nichols data
  • CISA boss: Makers of insecure software are the real cyber villains
• KitPloit - PenTest Tools!
  • File-Unpumper - Tool That Can Be Used To Trim Useless Things From A PE File Such As The Things A File Pumper Would Add
• The Hacker News
  • Europol Shuts Down Major Phishing Scheme Targeting Mobile Phone Credentials
  • Passwordless AND Keyless: The Future of (Privileged) Access Management
  • Iranian APT UNC1860 Linked to MOIS Facilitates Cyber Intrusions in Middle East
  • Chrome Users Can Now Sync Passkeys Across Devices with New Google PIN Feature
  • Critical Ivanti Cloud Appliance Vulnerability Exploited in Active Cyberattacks
• Securelist
  • -=TWELVE=- is back
• Security Current
  • CISOs Connect™ Scottsdale 2024
• Security Affairs
  • Tor Project responded to claims that law enforcement can de-anonymize Tor users
  • UNC1860 provides Iran-linked APTs with access to Middle Eastern networks
  • US DoJ charged two men with stealing and laundering $230 Million worth of cryptocurrency
  • The Vanilla Tempest cybercrime gang used INC ransomware for the first time in attacks on the healthcare sector
  • U.S. CISA adds new Ivanti Cloud Services Appliance Vulnerability to its Known Exploited Vulnerabilities catalog
• Schneier on Security
  • Clever Social Engineering Attack Using Captchas
• Social Engineering
  • Should you directly address gossip in a group?
• Computer Forensics
  • Sharing indexes
  • Using FTK file content print feature to bulk convert files to PDF
  • Encase Practical Exam
• Your Open Hacker Community
  • How hard it’s to learn reverse engineering?
  • Is there a field of hacking or cybersecurity like this?
• TorrentFreak
  • Operation 404.7 Targets 675 Pirate Sites, Brazil’s ISPs Now Block 6,700+ Domains
• Technical Information Security Content & Discussion
  • Using YouTube to steal your files ($41337 bounty)
  • A Journey From sudo iptables To Local Privilege Escalation - Shielder
  • Link-Write Attack: A sweet combination to attack extraction implementations
• 360数字安全
  • 攻击面管理“六边形战士”！360获权威报告满分评价
  • 360携手中海油服斩获2024 IDC中国20大杰出安全项目
• 吴鲁加
  • 不仅阅读
• Deep Web
  • Something very interesting to check out
• Blackhat Library: Hacking techniques and research
  • Infostealer Infected Computers Could Lead to Cybercriminal Arrests After Exchanges Takedown
  • what other consumer or enterprise electronics supply chains do you think has israel infiltrated for surveillance, espionage, cyber warfare?
• Over Security - Cybersecurity news aggregator
  • Microsoft ends development of Windows Server Update Services (WSUS)
  • More than $44 million in cryptocurrency stolen from Singaporean platform BingX
  • UK regulator stops LinkedIn from training AI models with British users’ content
  • Windows Server 2025 previews security updates without restarts
  • Airline exec settles hack-for-hire case against law firm, pledging to ‘vigorously’ prosecute other alleged conspirators
  • Disney ditching Slack after massive July data breach
  • Internet surveillance firm Sandvine says it’s leaving 56 “non-democratic” countries
  • Republicans demand FBI hearing on Iran theft of Trump documents
  • Ukraine bans Telegram on military, govt devices over security risks
  • Dell investigates data breach claims after hacker leaks employee info
  • macOS Sequoia change breaks networking for VPN, antivirus software
  • Vulnerabilità di Commad Injection in Rust
  • Vulnerabilità critica su PaloAlto OS
  • Vulnerabilità critica su PuTTY
  • CVE Advisory - Oracle BI Publisher - Unauthenticated Remote Code Execution
  • Vulnerabilità risolte in GOlang
  • Uncovering an undetected KeyPlug implant attacking industries in Italy
  • Vulnerabilità critica in Zabbix
  • Vulnerabilità su Checkpoint VPN sfruttata in the wild
  • Vulnerabilità critica in PHP sfruttata in the wild
  • Polyfill Supply Chain Attack
  • Vulnerabilità regreSSHion in OpenSSH server
  • Gravi vulnerabilità in MOVEit
  • Cyble Sensor Intelligence: Attacks, Phishing Scams and Brute-Force Detections
  • How do website owners know that their website is hacked?
  • Clickbaity or genius? 'BF cheated on you' QR codes pop up across UK
  • A Journey From sudo iptables To Local Privilege Escalation
  • Sintesi riepilogativa delle campagne malevole nella settimana del 14 – 20 settembre
  • Ukraine bans Telegram on state and military devices
  • -=TWELVE=- is back
  • Court finds former German cyber chief was falsely accused of associating with Russian spies
  • Germany shuts down 47 cryptocurrency exchange services used by cybercriminals
  • HED: Weekly IT Vulnerability Report for September 11 – September 17, 2024
  • Solar Monitoring Solutions in Hacktivists’ Crosshairs
  • I cybercriminali prendono di mira l’autenticazione multi-fattore
  • DOJ charges hackers for stealing $230 million in crypto from individual
• Security Weekly Podcast Network (Audio)
  • Shroombots, pagers, Tor, Raptor Train, GRU, Blue Light, Aaran Leyland, and More... - SWN #415
  • Do phishing tests do more harm than good? & Speed, Flexibility, and AI - Wolfgang Goerlich, Whitney Young - ESW #376