today.md

每日安全资讯（2023-11-22）

• HackerOne Hacker Activity
  • user_ldap app logs user passwords in the log file on level debug
  • Delete external storage of any user
  • HTML injection in search UI when selecting a circle with HTML in the display name
  • Enabling Birthday Contact to any user
• Files ≈ Packet Storm
  • Ubuntu Security Notice USN-6492-1
  • Ubuntu Security Notice USN-6493-2
  • Ubuntu Security Notice USN-6493-1
  • Ubuntu Security Notice USN-6491-1
  • Debian Security Advisory 5560-1
  • Ubuntu Security Notice USN-6490-1
  • Ubuntu Security Notice USN-6488-1
  • Ubuntu Security Notice USN-6489-1
  • Red Hat Security Advisory 2023-7379-01
  • Red Hat Security Advisory 2023-7361-01
  • Ubuntu Security Notice USN-6497-1
• Sploitus.com Exploits RSS Feed
  • Exploit for Vulnerability in Google Chrome exploit
  • Exploit for Improper Input Validation in Apache Log4J exploit
• Security Boulevard
  • DEF CON 31 – Jonathan Bar Or’s, Michael Pearse’s, Anurag Bohra’s ‘Getting A Migraine – Uncovering A Unique SIP Bypass On macOS’
  • Tech the Halls: A Savvy Guide to Beating Holiday Bots
  • Randall Munroe’s XKCD ‘Materials Scientists’
  • Bringing passwords to the pie table for unconventional holiday discussions
  • Uncovering Elusive API Targets via VHOST Discovery
  • Why Isn’t Mobile at the Center of Your Cybersecurity Strategy?
  • How Breach and Attack Simulation Supports Continuous PCI Compliance
  • DEF CON 31 – Tal Skverer’s ‘GhostToken Exploiting Google Cloud Platform To Create Unremovable Trojan Apps’
  • Unpacking the Zimbra Cross-Site Scripting Vulnerability (CVE-2023-37580)
  • Cyber Safety on Sale! How to Navigate Black Friday & Cyber Monday Securely
• SecWiki News
  • SecWiki News 2023-11-21 Review
• Tenable Blog
  • Decrypting CNAPP: Moving Beyond the Acronyms and Analyst Jargon to a Unified Approach to Cloud Security
• InfoSec Write-ups - Medium
  • Part1 static/code analysis of the RAT : NjRAT
  • What are Props and Transforms in Splunk?
  • Python Threat Hunting Tools: Part 12 — MISP and CrowdStrike Falcon Integration
  • Vulnerability Exploiting Privilege Escalation Discovered in WordPress [CVE-2023–32243]
  • Announcing IWCON 2023 Speakers Fourth Batch
  • A Step-by-Step Guide to Setting Up WordPress on XAMPP Server
  • Vulnerabilities in Python Serialization: Pickle
  • Use Fail2ban to Protect Against Brute Force Attacks
  • Exploring Antivirus and EDR evasion techniques step-by-step. Part 3
  • Budget Change: IDOR 1000$ Bug
• 安全客-有思想的安全新媒体
  • 工信部：关于防范利用Confluence高危漏洞实施勒索攻击的风险提示
  • 北京数据基础制度先行区启动运行
  • APT组织 GAMAREDON 使用 USB 蠕虫 LITTERDRIFTER 攻击乌克兰
  • 以色列男子因提供黑客雇佣服务被判处 80 个月监禁
  • 博彩网站 DraftKings 68000 个账户被撞库，幕后之人竟为青少年
  • APT-29 黑客组织利用 WINRAR 0day漏洞CVE-2023-38831 攻击大使馆
  • RHYSIDA 勒索团伙正在拍卖大英图书馆数据
  • LockBit 勒索团伙攻击加拿大政府承包商
  • 全新发布｜《阿里云汽车行业场景化安全解决方案》
• 嘶吼 RoarTalk – 网络安全行业综合服务平台,4hou.com
  • 安谋科技发布“山海”S20F安全解决方案：助力构建智能汽车“芯”安全
  • 研究人员利用SSH服务器签名错误提取RSA密钥
  • 预测2024年将会出现哪些高级威胁
• CTFするぞ
  • Blackhat MEA 運営記
• Payatu
  • Exploring XPath in XML documents
• Bug Bounty in InfoSec Write-ups on Medium
  • Budget Change: IDOR 1000$ Bug
  • #2 Different Burp Suite Tools — Guide for Burp Suite
  • CVE-2023–36025: An In-Depth Analysis of Circumventing Windows SmartScreen Security
  • Chaining CORS by Reflected XSS to Steal Sensitive Data
  • Crafting XSS (Cross-Site Scripting) payloads
• Securelist
  • Crimeware and financial cyberthreats in 2024
• Ronnie's Blog
  • Deception in Depth - Overview of Kerberos, Service Accounts & Attacks - Part 1.5
• • 红队开发：红队开发: Behinder3-Beta11 实战下的二次开发 （5）
  • 漏洞利用: 某开源报表 JDBC命令执行漏洞利用
  • 漏洞利用：某某锁代码执行漏洞实战注入内存马
  • 云安全: 云安全自建靶场答题记录
  • 红队开发: Behinder3-Beta11 实战下的二次开发 （4）
• SAP Blogs
  • Mastering the Art of Reporting a Support Case to SAP Field Service Management: A Comprehensive Guide
  • New SAP Discovery Center Mission: Empower Data-Driven Decisions Through Analytics Forecasting
  • Trigger CPI iFlows from Fiori/SAPUI5 application
• blog.avast.com EN
  • Bringing passwords to the pie table for unconventional holiday discussions
• Malwarebytes
  • Nothing Chats pulled from Google Play
  • How to stop fake System notifications on macOS
  • Why less is more: 10 steps to secure customer data
  • Atomic Stealer distributed to Mac users via fake browser updates
• SentinelOne
  • The Physics of Information Asymmetry | Juan Andrés Guerrero Saade’s Keynote at VB2023
• Hex Rays
  • Plugin focus: Symless
• Microsoft Security Response Center
  • Introducing the Microsoft Defender Bounty Program
• daniel.haxx.se
  • URL parser performance
• Reverse Engineering
  • Analyzing Obfuscated Code With Binary Ninja -- a Flare-On Journey
  • The missing Samsung EVO 840 - 250 GB SSD Repair Manual (July 2016)
  • tmp.0ut Volume 3
• KitPloit - PenTest & Hacking Tools
  • CureIAM - Clean Accounts Over Permissions In GCP Infra At Scale
• 博客园 - sevck
  • 基于langchain使用百度Wenxin自然语言处理MySQL - sevck
• HackerNews
  • 以色列男子因提供黑客雇佣服务被判处 80 个月监禁
  • 博彩网站 DraftKings 68000 个账户被撞库，幕后之人竟为青少年
  • APT 29 黑客组织利用 WINRAR 0day 漏洞（CVE-2023-38831 ）攻击大使馆
  • LockBit 勒索团伙攻击加拿大政府承包商
  • LockBit 勒索软件组织制定新的赎金谈判指南
  • 印度雇佣黑客多年来一直瞄准美国、中国等国
  • 白宫秘密监视计划使警察能够访问数万亿条美国电话记录
  • 庞大的全球网络攻击背后的神秘雇佣黑客组织浮出水面
• Wallarm
  • Unpacking the Zimbra Cross-Site Scripting Vulnerability (CVE-2023-37580)
  • What Is Network Security Management?
• 安全牛
  • 2024年网络访问控制技术应用的6个趋势
  • 报告节选 | 实现数据分类分级自动化的5大核心能力
  • Q3季刊|Coremail管理员社区Q3季刊发布
• 黑海洋 - WIKI
  • 云服务器优惠更新贴（阿里新老99R）
• LoRexxar's Blog
  • Joern In RealWorld (3) - 致远OA A8 SSRF2RCE
• 微步在线研究响应中心
  • 漏洞通告 | I Doc View在线文档预览系统远程代码执行漏洞
• 锦行科技
  • 创新赋能 | 锦行科技受邀参展2023中国创新创业成果交易会！
• Checkmarx.com
  • Checkmarx + Vulcan Cyber: Enabling Customers to Mitigate AI Vulnerabilities
• FreeBuf网络安全行业门户
  • FreeBuf早报 | 美国网安实验室重大数据泄露；勒索软件攻击加拿大政府
  • 印度雇佣黑客多年来一直瞄准美国、中国等国
  • 一万亿条记录，美国监视计划曝光
• 三六零CERT
  • 安全日报（2023.11.21）
• 代码卫士
  • 承包商遭攻击，加拿大政府员工敏感信息被暴露
  • 江森自控修复工业制冷产品中的严重漏洞
• 奇客Solidot–传递最新科技情报
  • 波音 787 飞机首次降落南极机场
  • 报告预测地球气温将比工业化前水平高出 2.9°C
  • Tim Sweeney 称腾讯并不控制 Epic
  • 高效固态电热泵有望改变空调
  • 美国司法部寻求对币安罚款逾 40 亿美元
  • 亚马逊提供生成式 AI 免费教程
  • Firefox 120 将支持新的隐私控制请求头 Sec-GPC
  • Nothing 公司的消息应用被发现是安全灾难
  • FreeBSD 14.0 释出
  • 因拒绝支付赎金勒索软件组织泄露波音 45GB 数据
  • X/Twitter 起诉 Media Matters
• 数世咨询
  • 本地安全与云安全的差异
• M01N Team
  • GPTs在网络安全中的角色：基础能力和场景应用的探讨
• 腾讯玄武实验室
  • 每日安全动态推送(11-21)
• 关键基础设施安全应急响应中心
  • 对人工智能背景下虚假信息治理路径的思考
  • Security Copilot开启全面集成！微软发布AI安全产品路线图
  • 庞大的全球网络攻击背后的神秘雇佣黑客组织浮出水面
• 博客园 - 郑瀚Andrew
  • Apache Spark 认证绕过漏洞（CVE-2020-9480）研究 - 郑瀚Andrew
• 中国信息安全
  • 《中国信息安全》2023 年第 10 期目录
  • 梅宏院士：筑牢数字经济发展“三大基石”
  • 公安部：累计3.1万名缅北电诈犯罪嫌疑人移交我方
  • 前沿 | 全球人工智能发展步入治理轨道
  • 发布 | 中国信通院发布《信息通信行业防范治理电信网络诈骗白皮书（2023年）》
  • 评论 | 遏制网络戾气就要精准打击
  • 关注 | 新生儿信息遭泄露，一案双查！
• 丁爸 情报分析师的工具箱
  • 【技巧】利用chatGPT工具快速阅读文章获取文章摘要
• 小米安全中心
  • 议程与嘉宾公布！宁波沙龙，期待相见
• 斗象智能安全
  • Reactor Netty HTTP Server 目录遍历漏洞(CVE-2023-34062)
• 深信服千里目安全技术中心
  • 【威胁预警】银狐最新样本引入BYOVD技术概述
  • 【高级持续威胁追踪】蔓灵花组织投向国产办公软件的目光与winrar漏洞之触
• 迪哥讲事
  • SQL注入+RCE|获取学校网站shell
• CNCERT国家工程研究中心
  • CNCERT国家工程研究中心安全资讯周报20231120期
  • 2024年高级威胁发展的9个预测
  • API是数据泄露的隐性原因
  • 雅马哈遭勒索攻击，泄露约37GB数据
• 信息安全国家工程研究中心
  • ​浅谈密码技术在电信运营商数字化转型中的应用
  • 2024年网络访问控制技术应用的6个趋势
• 极客公园
  • 超九成 OpenAI 员工签联名信，敦促 Altman 回归；理想年交付破 30 万；Cruise CEO 辞职 | 极客早知道
• 嘶吼专业版
  • 预测2024年将会出现哪些高级威胁
  • 研究人员利用SSH服务器签名错误提取RSA密钥
• 墨菲安全
  • 软件供应链危机：勒索潮涌，安全治理当务之急
• 看雪学苑
  • SWPUCTF 2021 新生赛-老鼠走迷宫
  • 哪些密码最不安全？NordPass 公布2023年 Top 200常见密码
  • 本周更新：syscall fuzz原理分析 | 系统0day安全-Windows平台漏洞挖掘
• 安全内参
  • 突破性试点！美国政府为私营关基设施提供共享网络安全服务
  • 勒索软件攻击导致加拿大政府发生大规模数据泄露
• 火绒安全
  • 关于火绒安全软件5.0下线“火绒剑”安全工具的通知
• OPPO安全应急响应中心
  • 2023年10月奖励公告
  • 【OSRC助力】议程与嘉宾公布！宁波沙龙，期待相见
• ICT Security Magazine
  • Forum ICT Security 2023 – Cosa è emerso durante la Tavola Rotonda “SMART MANUFACTURING E CYBER SECURITY, DIGITALIZZAZIONE SICURA DELLA INDUSTRY 4.0”
  • Il Museo del Queensland elimina l’11% di file duplicati e il 38% di file obsoleti con Voltage Fusion
  • Infrastrutture Critiche e Sicurezza Nazionale: la Roadmap CISA per l’Intelligenza Artificiale 2023-2024
  • Gruppo editoriale Godó migliora la sicurezza e la capacità di integrazione con NetIQ
• Over Security - Cybersecurity news aggregator
  • How to Harden & Secure a Website (12 Steps)
  • Binance agrees to pay $4.3 billion for money laundering violations, CEO steps down
  • Microsoft now rolling out Copilot to Windows 10 devices
  • Tenere in piedi Signal costa sempre di più
  • Hacktivists breach U.S. nuclear research lab, steal employee data
  • Hackers create fake banking apps to steal financial data from Indian users
  • Guide to Retail Security: Protecting Against Cyber and Physical Threats During the Holidays
  • Navy unveils its first cyber strategy
  • ‘Citrix Bleed’ vulnerability targeted by nation-state and criminal hackers: CISA
  • Lumma malware can allegedly restore expired Google auth cookies
  • Microsoft launches Defender Bounty Program with $20,000 rewards
  • Auto parts giant AutoZone warns of MOVEit data breach
  • CISA orders federal agencies to patch Looney Tunables Linux bug
  • Netcraft Recognized as the ​​Most Innovative Security Solution by the 2023 Tech Ascension Awards
  • Netcraft Named Winner of Coveted Top InfoSec Innovator Award for 2023
  • Citrix warns admins to kill NetScaler user sessions to block hackers
  • PoC pubblico per lo sfruttamento della CVE-2023-4911 (AL02/231006/CSIRT-ITA) - Aggiornamento
  • Black Friday deal: Get 50% off Malwarebytes Premium + Privacy VPN
  • Criminal IP Becomes VirusTotal IP and URL Scan Contributor
  • DarkGate and Pikabot malware emerge as Qakbot’s successors
  • Dominio tecnologico israeliano nella lotta ad Hamas: vera forza in campo, ma anche tallone d’Achille
  • Lumma 4.0: il malware che sfida la sicurezza informatica con tecniche avanzate di evasione
  • Crypto firm Kronos Research says $26 million stolen after cyberattack
  • UK regulator demands websites let users ‘Reject All’ cookies
  • Negli attacchi ransomware l’assenza di telemetria ostacola una reazione rapida: ecco le soluzioni
  • OracleIV - A Dockerised DDoS Botnet - Cado Security | Cloud Forensics & Incident Response
  • Aggiornamenti per Zyxel SecuExtender SSL VPN Client (AL02/231121/CSIRT-ITA)
  • Cyber security e privacy: la formazione al centro, per unire due mondi sempre più interconnessi
  • Crimeware and financial cyberthreats in 2024
  • Aggiornamento di sicurezza per prodotti Synology (AL01/231121/CSIRT-ITA)
  • Che cosa sono gli attacchi Man-in-the-browser e come difendersi
  • Kinsing sfrutta un bug di Apache ActiveMQ per eseguire criptominer
  • Tor Project removes relays because of for-profit, risky activity
• LoRexxar自留地
  • Joern In RealWorld (3) - 致远OA A8 SSRF2RCE
• Securityinfo.it
  • Kinsing sfrutta un bug di Apache ActiveMQ per eseguire criptominer
• 安全牛
  • 2024年网络访问控制技术应用的6个趋势
  • 报告节选 | 实现数据分类分级自动化的5大核心能力
• 奇安盘古
  • 电诈及关联犯罪惩戒办法公开征求意见，奇安盘古：重拳严惩诈骗活动
• 微步在线
  • 共护金融数字安全 微步入选“证券期货业网络和数据安全实验室安全合作伙伴”
• 国家互联网应急中心CNCERT
  • CNVD漏洞周报2023年第46期
  • 上周关注度较高的产品安全漏洞(20231113-20231119)
  • Microsoft发布2023年11月安全更新
• KitPloit - PenTest Tools!
  • CureIAM - Clean Accounts Over Permissions In GCP Infra At Scale
• NetSPI
  • Common Terminology in Adversarial Machine Learning
• The Hacker News
  • Play Ransomware Goes Commercial - Now Offered as a Service to Cybercriminals
  • New Agent Tesla Malware Variant Using ZPAQ Compression in Email Attacks
  • How Multi-Stage Phishing Attacks Exploit QRs, CAPTCHAs, and Steganography
  • Kinsing Hackers Exploit Apache ActiveMQ Vulnerability to Deploy Linux Rootkits
  • Malicious Apps Disguised as Banks and Government Agencies Targeting Indian Android Users
  • Mustang Panda Hackers Targets Philippines Government Amid South China Sea Tensions
• Tor Project blog
  • New Release: Tor Browser 13.0.4
• Security Affairs
  • Tor Project removed several relays associated with a suspicious cryptocurrency scheme
  • Experts warn of a surge in NetSupport RAT attacks against education and government sectors
  • The Top 5 Reasons to Use an API Management Platform
• T00ls安全
  • 一次物联网设备app的渗透测试经历
• 安全419
  • 面向数据安全合规与能力提升 DSP成为重要载体
  • 投稿 | 听海外三十年从业经验者谈如何成为首席信息安全官
  • 第三届新耀东方上安会定档2024年7月26-28日在上海举行
• Technical Information Security Content & Discussion
  • The Ticking Supply Chain Attack Bomb of Exposed Kubernetes Secrets
  • How to Use OAuth Scopes for Authorization
  • Private and Secure Windows
  • PyCript Burp Suite Extension v0.3 released
  • [BlackHat MEA 23] SAP Penetration Testing
  • Visual Studio Code Security: Finding New Vulnerabilities in the NPM Integration (3/3)
  • TJNulls list for prepping for OSCP/PWK
  • Log4Shell - different avenues of exploitation
  • OMGCICD - Attacking GitLab CI/CD via Shared Runners
• Computer Forensics
  • Questions about Magnet AXIOM & DFIR in general
  • Job Career change IT Role to Forensic analyst
• netsecstudents: Subreddit for students studying Network Security and its related subjects
  • TJNull released new list to prep for PWK/OSCP
• Your Hacking Tutorial by Zempirians
  • How do I catch and decrypt wifi packets of a smart coffee machine?
  • Is beef-xss a useless tool now?
  • where can I read about how to list shares of an SMB client?
  • Db crypt 14 file saved on another phone - I saved the sim card but not the original phone.
• Deep Web
  • Competitive Exams
• Schneier on Security
  • Email Security Flaw Found in the Wild
• Information Security
  • Cybersecurity forecast: Stormy skies. - BlockAPT
• Deeplinks
  • The Eyes on the Board Act Is Yet Another Misguided Attempt to Limit Social Media for Teens
• Blackhat Library: Hacking techniques and research
  • Self Destructing USB Drive update
  • Port Scanning and Information Gathering With Nmap and Nikto | TryHackMe Probe
• Social Engineering
  • help itifu
  • I have a party tomorrow night and I’m gonna try to get a bunch of people’s contact information. What are some good social engineering assignments that are legal and ethical that I can do?
• Security Weekly Podcast Network (Audio)
  • Travel Security - SDL - SWN Vault