威胁情报[CTI]
-
CISA发布识别和破坏QakBot基础设施。
8月,FBI和国际合作伙伴执行了一项协调行动,以破坏全球QakBot基础设施。(网址在下面简报)
2.臭名昭著的NoName057(16)针对法国,英国,德国发起DDOS攻击。
3.黑客组织Hacktivist Indonesia声称已经入侵印度网站edureshub.co.in
4.勒索软件组织Lockbit新增1名新受害者,分别是:
- 韩华集团(hanwha.com) 800GB
5.勒索软件组织Rhysida新增1名新受害者,分别是:
- Core Desktop (http://coredesktop.com.au)
[安全简报]
-
HackerOne
[Node.js]
process.binding()可以通过路径遍历绕过权限(CVE-2023-32558)
https://hackerone.com/reports/2051257
fs.statfs 绕过权限(CVE-2023-32005)
https://hackerone.com/reports/2051224
-
CISA
QakBot基础设施的识别和破坏
https://www.cisa.gov/sites/default/files/2023-08/aa23-242a-identification-and-disruption-of-qakbot-infrastructure.pdf
-
Cxsecurity
Cinema Booking System 1.0 Cross Site Scripting
https://cxsecurity.com/issue/WLB-2023090036
Event Booking Calendar 4.0 Cross Site Scripting
https://cxsecurity.com/issue/WLB-2023090035
Meeting Room Booking System 1.0 SQL Injection
https://cxsecurity.com/issue/WLB-2023090034
OpenTSDB 2.4.1 Unauthenticated Command Injection
https://cxsecurity.com/issue/WLB-2023090033
GOM Player 2.3.90.5360 Buffer Overflow
https://cxsecurity.com/issue/WLB-2023090032
Drupal 10.1.2 Web Cache Poisoning
https://cxsecurity.com/issue/WLB-2023090031
-
BleepingComputer
美联社警告说美联社样本数据泄露导致网络钓鱼攻击
https://www.bleepingcomputer.com/news/security/associated-press-warns-that-ap-stylebook-data-breach-led-to-phishing-attack/
Google Play上的"Evil Telegram"间谍软件感染6万Android用户
https://www.bleepingcomputer.com/news/security/evil-telegram-android-apps-on-google-play-infected-60k-with-spyware/
-
Malwarebytes Labs
Chrome的"增强广告隐私":您需要了解的内容
https://www.malwarebytes.com/blog/personal/2023/09/chromes-enhanced-ad-privacy-what-you-need-to-know
-
Canva Developers
当URL解析器不一致时的安全性(CVE-2023-38633)
https://www.canva.dev/blog/engineering/when-url-parsers-disagree-cve-2023-38633/
-
TheRegister
谷歌警告信息安全者:小心朝鲜间谍溜进你的DMs
https://www.theregister.com/2023/09/11/infosec_roundup/
-
SANS
快速生成YARA规则来检测混淆的字符串
https://isc.sans.edu/diary/rss/30206
暂无评论内容