威胁情报[CTI]
-
美高梅(MGM)网络攻击事件中最精彩的转折:据消息人士称,一名男子来到曼德勒湾,要求支付4000万美来阻止勒索软件的攻击。他被拘留了。未经证实,但他们提供了监控照片。多么丰富的表情。
(来自Vital Vegas)
-
一名论坛用户出售Medical Sante(http://medical-sante.fr)数据。
-
勒索软件组织Cloak新增2名新受害者,分别是:
- St. Kitts & Nevis Customs Department
- EURO2000 SpA
-
勒索软件组织NoEscape新增2名新受害者,分别是:
- EDUCAL, S.A. de C.V
- Fondation Vincent de Paul
-
勒索软件组织Monti新增2名新受害者,分别是:
- East Baking Company Inc
- Jaquith Industries, Inc
[安全简报]
-
HackerOne
[RubyGems]
从gravatar图像URL中猜测电子邮件地址的可能性
https://hackerone.com/reports/1536013
[Apache Airflow] 赏金: $540
经过身份验证用户的Apache Airflow路径遍历(CVE-2023-22887)
https://hackerone.com/reports/2070212
libssh的sftp服务器中潜在的NULL取消引用(CVE-2023-3603)
https://hackerone.com/reports/2070810
在2.6.3之前的常规表达式拒绝服务(ReDoS)漏洞 赏金: $540
https://hackerone.com/reports/2068004
-
PacketStorm
Windows Common Log File System Driver (clfs.sys) Privilege Escalation
https://packetstormsecurity.com/files/174668/Windows-Common-Log-File-System-Driver-clfs.sys-Privilege-Escalation.html
iSmile Soft CMS 0.3.0 Add Administrator
https://packetstormsecurity.com/files/174660/iSmile-Soft-CMS-0.3.0-Add-Administrator.html
islamnt CMS 2.1.0 Add Administrator
https://packetstormsecurity.com/files/174655/islamnt-CMS-2.1.0-Add-Administrator.html
islamnt CMS 2.1.0 Cross Site Scripting
https://packetstormsecurity.com/files/174654/islamnt-CMS-2.1.0-Cross-Site-Scripting.html
Night Club Booking Software 1.0 Cross Site Scripting
https://packetstormsecurity.com/files/174652/Night-Club-Booking-Software-1.0-Cross-Site-Scripting.html
ImgHosting 1.3 Cross Site Scripting
https://packetstormsecurity.com/files/174648/ImgHosting-1.3-Cross-Site-Scripting.html
-
Seebug
Konni APT 利用 WinRAR 漏洞(CVE-2023-38831)首次攻击数字货币行业
https://paper.seebug.org/3032/
-
SCMagazine
恶意人工智能工具猖獗,给立法者带来压力
https://www.scmagazine.com/news/malicious-ai-tools-flourish-put-pressure-on-lawmakers
-
TheGuardian
俄罗斯记者被NSO Group间谍软件入侵
https://www.theguardian.com/technology/2023/sep/13/exiled-russian-journalist-galina-timchenko-reportedly-hacked-using-nso-group-spyware
-
SecurityWeek
一个已知的勒索软件团伙声称对美高梅(MGM)的网络攻击负责
https://www.securityweek.com/ransomware-gang-takes-credit-for-highly-disruptive-mgm-resorts-attack/
-
BleepingComputer
美高梅赌场的ESXi服务器据称在勒索软件攻击中加密
https://www.bleepingcomputer.com/news/security/mgm-casinos-esxi-servers-allegedly-encrypted-in-ransomware-attack/
新西兰奥克兰交通局受到疑似勒索软件攻击
https://www.bleepingcomputer.com/news/security/auckland-transport-authority-hit-by-suspected-ransomware-attack/
Windows 11截图工具支持OCR识别,从图像中复制文本
https://www.bleepingcomputer.com/news/microsoft/windows-11-snipping-tool-gets-ocr-support-to-copy-text-from-images/
凯撒娱乐(Caesars Entertainment)确认支付赎金,客户数据被盗
https://www.bleepingcomputer.com/news/security/caesars-entertainment-confirms-ransom-payment-customer-data-theft/
伊朗黑客使用暴力破解入侵多个国防组织
https://www.bleepingcomputer.com/news/security/iranian-hackers-breach-defense-orgs-in-password-spray-attacks/
Windows 11 'ThemeBleed' RCE漏洞被验证利用
https://www.bleepingcomputer.com/news/security/windows-11-themebleed-rce-bug-gets-proof-of-concept-exploit/
曼彻斯特警察的数据在勒索软件攻击中泄露
https://www.bleepingcomputer.com/news/security/manchester-police-officers-data-exposed-in-ransomware-attack/
假冒Cisco Webex Google Ads滥用跟踪模板来推送恶意软件
https://www.bleepingcomputer.com/news/security/fake-cisco-webex-google-ads-abuse-tracking-templates-to-push-malware/
-
Malwarebytes Labs
升级你的苹果手机?先阅读此内容
https://www.malwarebytes.com/blog/news/2023/09/upgrading-your-iphone-read-this-first
当心,这封包含"有关您帐户的重要信息"的LastPass电子邮件是网络钓鱼
https://www.malwarebytes.com/blog/news/2023/09/nasty-lastpass-phish
-
TheHackerNews
Microsoft发现影响Linux和macOS系统的ncurses库中的缺陷
https://thehackernews.com/2023/09/microsoft-uncovers-flaws-in-ncurses.html
免费下载管理器网站遭到入侵,将Linux恶意软件分发给用户3年以上
https://thehackernews.com/2023/09/free-download-manager-site-compromised.html
N-Able的"控制代理"漏洞使Windows系统面临权限提升的风险
https://thehackernews.com/2023/09/n-ables-take-control-agent.html
俄罗斯记者的iPhone被NSO Group的Zero-Click间谍软件入侵
https://thehackernews.com/2023/09/russian-journalists-iphone-compromised.html
-
DarkReading
美高梅网络攻击背后的"分散蜘蛛"瞄准赌场
https://www.darkreading.com/attacks-breaches/-scattered-spider-mgm-cyberattack-casinos
中东零售商被提供"投资"机会的Facebook诈骗页面所困扰
https://www.darkreading.com/dr-global/mideast-retailers-scam-facebook-pages-investment-opportunities
警告管理员要针对Kubernetes集群新的RCE修补漏洞
https://www.darkreading.com/vulnerabilities-threats/kubernetes-admins-warned-to-patch-clusters-against-new-rce-vulns
Microsoft Azure HDInsight 受到XSS漏洞影响
https://www.darkreading.com/application-security/microsoft-azure-hdinsight-xss-vulnerabilities
暂无评论内容