威胁情报[CTI]
-
不多解释
-
Tremendous Android木马的控制面板,攻击者能够完全控制受感染的设备。可以发送命令并嗅出敏感数据,包括PIN码和银行卡信息。
-
勒索软件组织Lockbit新增1名新受害者,分别是:
- Grant County (http://co.grant.mn.us)
-
勒索软件组织BianLian新增1名新受害者,分别是:
- New Venture Escrow 250GB
-
勒索软件组织Medusa新增2名新受害者,分别是:
- Steripharma
- Wave Hill
-
勒索软件组织Cactus新增4名新受害者,分别是:
- Wardlaw Claims Service LLC
- Unimarketing
- My Insurance Broker
- Leekes
[安全简报]
-
HackerOne
[Mozilla Core Services]
Mozilla Mastodon Staging实例管理API密钥通过Slack泄露
https://hackerone.com/reports/2137154
响应操作以在没有当前密码的情况下启用帐户恢复密钥
https://hackerone.com/reports/1995595
[Tennessee Valley Authority]
忘记密码页面没有速率限制
https://hackerone.com/reports/1438213
反射型XSS(pq.tva.com)
https://hackerone.com/reports/1362995
-
PacketStorm
WordPress Slimstat Analytics 5.0.9
Cross Site Scripting / SQL Injection
https://packetstormsecurity.com/files/174604/WordPress-Slimstat-Analytics-5.0.9-Cross-Site-Scripting-SQL-Injection.html
VMware vRealize Log Insight Unauthenticated Remote Code Execution
https://packetstormsecurity.com/files/174606/VMware-vRealize-Log-Insight-Unauthenticated-Remote-Code-Execution.html
Splunk Enterprise Account Takeover
https://packetstormsecurity.com/files/174602/Splunk-Enterprise-Account-Takeover.html
Linux 6.4 Use-After-Free
https://packetstormsecurity.com/files/174585/Linux-6.4-Use-After-Free.html
OpenPLC Webserver 3 Denial Of Service / Buffer Overflow
https://packetstormsecurity.com/files/174582/OpenPLC-Webserver-3-Denial-Of-Service-Buffer-Overflow.html
Shuttle Booking Software 1.0 SQL Injection
https://packetstormsecurity.com/files/174581/Shuttle-Booking-Software-1.0-SQL-Injection.html
Varient News Magazine Script 1.3.0 Insecure Settings
https://packetstormsecurity.com/files/174580/Varient-News-Magazine-Script-1.3.0-Insecure-Settings.html
IWT Imagine CMS 1.0 Cross Site Scripting
https://packetstormsecurity.com/files/174575/IWT-Imagine-CMS-1.0-Cross-Site-Scripting.html
iSmile Soft CMS 0.3.0 Cross Site Scripting
https://packetstormsecurity.com/files/174574/iSmile-Soft-CMS-0.3.0-Cross-Site-Scripting.html
-
SentinelOne
针对macOS平台的信息窃取恶意软件激增
https://www.sentinelone.com/blog/macos-metastealer-new-family-of-obfuscated-go-infostealers-spread-in-targeted-attacks/
-
BleepingComputer
新的WiKI-Eve攻击可以通过WiFi窃取密码
https://www.bleepingcomputer.com/news/security/new-wiki-eve-attack-can-steal-numerical-passwords-over-wifi/
谷歌修复了另一个在攻击中被利用的Chrome零日漏洞
https://www.bleepingcomputer.com/news/google/google-fixes-another-chrome-zero-day-bug-exploited-in-attacks/
Microsoft将在Windows更新中阻止第 3 方打印机驱动程序
https://www.bleepingcomputer.com/news/microsoft/microsoft-will-block-3rd-party-printer-drivers-in-windows-update/
美高梅酒店集团在网络攻击后关闭IT系统
https://www.bleepingcomputer.com/news/security/mgm-resorts-shuts-down-it-systems-after-cyberattack/
CISA警告政府机构保护iPhone免受间谍软件攻击
https://www.bleepingcomputer.com/news/security/cisa-warns-govt-agencies-to-secure-iphones-against-spyware-attacks/
伊朗黑客利用新的Sponsor恶意软件针对34个组织进行部署后门
https://www.bleepingcomputer.com/news/security/iranian-hackers-backdoor-34-orgs-with-new-sponsor-malware/
Square:上周的中断是由DNS问题引起的,而不是网络攻击
https://www.bleepingcomputer.com/news/technology/square-last-weeks-outage-was-caused-by-dns-issue-not-a-cyberattack/
Facebook Messenger网络钓鱼浪潮每周针对100万个企业账户
https://www.bleepingcomputer.com/news/security/facebook-messenger-phishing-wave-targets-100k-business-accounts-per-week/
-
Malwarebytes Labs
Wyze家用摄像头存在安全问题
https://www.malwarebytes.com/blog/personal/2023/09/wyze-home-cameras-temporarily-show-other-peoples-security-feeds
-
evilpan's blog
Fuzzing 在 Java 漏洞挖掘中的应用
https://evilpan.com/2023/09/09/java-fuzzing/
-
Forcepoint
谷实施零信任 Web 访问:在不停止生产力的情况下阻止网络钓鱼攻击
https://www.forcepoint.com/blog/insights/implement-zero-trust-web-access-stop-phishing-without-stopping-productivity
-
DarkReading
伊朗APT通过ManageEngine,Fortinet漏洞袭击美国航空组织
https://www.darkreading.com/dr-global/iranian-apt-hits-us-aviation-org-via-manageengine-fortinet-bugs
伊朗Charming Kitten扑向以色列交换服务器
https://www.darkreading.com/dr-global/irans-charming-kitten-israeli-exchange-servers
了解卢旺达新的数据保护法
https://www.darkreading.com/dr-global/navigating-rwanda-new-data-protection-law
"Steal-It"活动使用OnlyFans模型作为诱饵
https://www.darkreading.com/application-security/steal-it-campaign-onlyfans-models-lures
-
SANS
Apple修复了旧操作系统中的0-day漏洞
https://isc.sans.edu/diary/rss/30210
-
uptycs
Kubernetes安全: 对NSA强化与合规的Uptycs指南
https://www.uptycs.com/blog/kubernetes-security-actionable-insights-nsa-compliance-reporting
暂无评论内容