威胁情报[CTI]
-
Microsoft的AI GitHub存储库暴露38TB数据,数据包括私钥、密码和超过30,000条内部Microsoft Teams消息。
-
据vxunderground发文,Lockbit勒索软件组织想要测试他们的僵尸网络,于是vxunderground公开邀请Lockbit测试,结果立马被DDOS攻击导致服务器离线状态,还说明"这是我们收到过的最大的DDoS攻击"。
-
Anonymous Sudan最近声称针对荷兰的云服务提供商Leaseweb发动DDOS攻击。
-
勒索软件组织NoEscape新增3名新受害者,分别是:
- Center for Urban Community Services 70GB
- IKP 50GB
- Kool-Air inc (http://kool-air-inc.com) 100GB
[安全简报]
-
HackerOne
[X (Formerly Twitter)]赏金: $560.00
在X上对列表功能编辑不当会导致删除任何推特用户的列表封面照片IDOR
https://hackerone.com/reports/1437004
X订阅信息泄露
https://hackerone.com/reports/2063636
[Cosmos]赏金: $2,500.00
Circuit Breaker授权问题
https://hackerone.com/reports/2120609
[Cloudflare]
由于访问控制不当+混淆代理问题而导致的永久CASB集成接管
赏金: $1,000.00
https://hackerone.com/reports/2086301
2FA 绕过
https://hackerone.com/reports/1805779
-
PacketStorm
Atos Unify OpenScape Code Execution / Missing Authentication
https://packetstormsecurity.com/files/174704/Atos-Unify-OpenScape-Code-Execution-Missing-Authentication.html
PTC - Codebeamer Cross Site Scripting
https://packetstormsecurity.com/files/174703/PTC-Codebeamer-Cross-Site-Scripting.html
Ivanti Avalanche MDM Buffer Overflow
https://packetstormsecurity.com/files/174698/Ivanti-Avalanche-MDM-Buffer-Overflow.html
Razer Synapse Race Condition / DLL Hijacking
https://packetstormsecurity.com/files/174696/Razer-Synapse-Race-Condition-DLL-Hijacking.html
KPOT Stealer CMS 2.0 Directory Traversal
https://packetstormsecurity.com/files/174687/KPOT-Stealer-CMS-2.0-Directory-Traversal.html
KPK CMS 1.0 SQL Injection
https://packetstormsecurity.com/files/174686/KPK-CMS-1.0-SQL-Injection.html
Karenderia MRS 5.3 Directory Traversal
https://packetstormsecurity.com/files/174685/Karenderia-MRS-5.3-Directory-Traversal.html
-
wiz.io
Microsoft AI研究人员意外暴露的38TB数据
https://www.wiz.io/blog/38-terabytes-of-private-data-accidentally-exposed-by-microsoft-ai-researchers
-
unit42
每月45%的新高/关键风险暴露是由云的不断变化造成的
https://unit42.paloaltonetworks.com/unit-42-2023-attack-surface-threat-report/
-
404media
我在美高梅被黑的赌场赌博
https://www.404media.co/inside-mgms-hacked-casinos/
-
HackRead
针对阿塞拜疆目标的新恶意软件活动
https://www.hackread.com/rust-implant-used-malware-campaign-azerbaijan/
-
BleepingComputer
APT36黑客使用YouTube应用程序克隆感染Android设备
https://www.bleepingcomputer.com/news/security/apt36-state-hackers-infect-android-devices-using-youtube-app-clones/
适用于Linux的Windows子系统获得新的"镜像"网络模式
https://www.bleepingcomputer.com/news/microsoft/windows-subsystem-for-linux-gets-new-mirrored-network-mode/
数以千计的Juniper网络设备容易受到未经身份验证的RCE缺陷的攻击
https://www.bleepingcomputer.com/news/security/thousands-of-juniper-devices-vulnerable-to-unauthenticated-rce-flaw/
Microsoft画图终于对图层和透明度支持
https://www.bleepingcomputer.com/news/microsoft/microsoft-paint-finally-gets-support-for-layers-and-transparency/
大黄蜂(Bumblebee)恶意软件在滥用WebDAV文件夹的新攻击中卷土重来
https://www.bleepingcomputer.com/news/security/bumblebee-malware-returns-in-new-attacks-abusing-webdav-folders/
Microsoft通过不安全的Azure存储泄露38TB的私有数据
https://www.bleepingcomputer.com/news/microsoft/microsoft-leaks-38tb-of-private-data-via-unsecured-azure-storage/
用于网络间谍攻击的新SprySOCKS Linux恶意软件
https://www.bleepingcomputer.com/news/security/new-sprysocks-linux-malware-used-in-cyber-espionage-attacks/
-
TheHackerNews
新的AMBERSQUID加密劫持针对不常见的AWS服务
https://thehackernews.com/2023/09/new-ambersquid-cryptojacking-operation.html
Hook:新的Android银行木马,扩展了ERMAC的功能
https://thehackernews.com/2023/09/hook-new-android-banking-trojan-that.html
Retool的27个云客户端账户遭到基于SMS的网络钓鱼攻击
https://thehackernews.com/2023/09/retool-falls-victim-to-sms-based.html
出于经济动机UNC3944威胁行为者将重点转移到勒索软件攻击
https://thehackernews.com/2023/09/financially-motivated-unc3944-threat.html
-
DataBreaches
纽约市的学校正在加强网络安全。一些教育工作者担心意想不到的后果。
https://www.databreaches.net/nyc-schools-are-tightening-cybersecurity-some-educators-fear-unintended-consequences/
更多MOVEit泄露的受害者被揭露
https://www.databreaches.net/more-victims-of-moveit-breach-are-revealed-nuance-discloses-for-covered-entities/
针对布列顿市的一个网络攻击:私人数据被公布
https://www.databreaches.net/cyberattack-on-a-breton-municipality-private-data-released/
德克萨斯州的医师访问网络对勒索软件攻击和事件响应保持沉默
https://www.databreaches.net/visiting-physicians-network-in-texas-silent-about-ransomware-attack-and-incident-response/
-
SANS
从单个/24网络进行互联网范围内的VPN搜索
https://isc.sans.edu/diary/rss/30226
暂无评论内容