forked from Vu1nT0tal/yarb
-
Notifications
You must be signed in to change notification settings - Fork 1
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
2 changed files
with
196 additions
and
89 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,104 @@ | ||
| # 每日安全资讯(2024-09-09) | ||
|
|
||
| - Taxodium | ||
| - [Weekly#7](https://taxodium.ink/post/weekly/7/) | ||
| - Security Boulevard | ||
| - [USENIX Security ’23 – Collide+Power: Leaking Inaccessible Data with Software-based Power Side Channels](https://securityboulevard.com/2024/09/usenix-security-23-collidepower-leaking-inaccessible-data-with-software-based-power-side-channels/) | ||
| - Twitter @Nicolas Krassas | ||
| - [Process injection done easy - DD Oriented Programming https://www.reddit.com/r/ReverseEngineering/comments/1fbwjw3/process_injection_done_easy_dd_orie...](https://x.com/Dinosn/status/1832834599031910821) | ||
| - [Real World Social Engineering Part 2: Integrating SE With Stealth Badge Readers Tips and Tricks http://console-cowboys.blogspot.com/2024/09/real-world...](https://x.com/Dinosn/status/1832831965738762511) | ||
| - [New RAMBO attack steals data using RAM in air-gapped computers https://www.bleepingcomputer.com/news/security/new-rambo-attack-steals-data-using-ram-i...](https://x.com/Dinosn/status/1832689985457131538) | ||
| - [Sextortion scam now use your "cheating" spouse’s name as a lure https://www.bleepingcomputer.com/news/security/sextortion-scam-now-use-your-cheating-...](https://x.com/Dinosn/status/1832689942679503065) | ||
| - [2024-08-30 Cicada ESXi Ransomware Sample https://contagiodump.blogspot.com/2024/09/2024-08-30-cicada-esxi-ransomware-sample.html](https://x.com/Dinosn/status/1832626748451700743) | ||
| - [Unmasking PackXOR: The FIN7 Packer Exposed https://securityonline.info/unmasking-packxor-the-fin7-packer-exposed/](https://x.com/Dinosn/status/1832622264044363877) | ||
| - [MindsDB Fixes Critical CVE-2024-24759: DNS Rebinding Attack Bypasses Security Protections https://securityonline.info/mindsdb-fixes-critical-cve-2024-...](https://x.com/Dinosn/status/1832622223183532478) | ||
| - [Cracking an old ZIP file to help open source the ANC's "Operation Vula" secret crypto code https://www.reddit.com/r/ReverseEngineering/comments/1fbmml...](https://x.com/Dinosn/status/1832621985160962255) | ||
| - SecWiki News | ||
| - [SecWiki News 2024-09-08 Review](http://www.sec-wiki.com/?2024-09-08) | ||
| - CXSECURITY Database RSS Feed - CXSecurity.com | ||
| - [Backdoor.Win32.PoisonIvy.ymw / Insecure Credential Storage](https://cxsecurity.com/issue/WLB-2024090020) | ||
| - [Backdoor.Win32.JustJoke.21 (BackDoor Pro) / Unauthenticated Remote Command Execution](https://cxsecurity.com/issue/WLB-2024090019) | ||
| - [Backdoor.Win32.Optix.02.b / Weak Hardcoded Credentials](https://cxsecurity.com/issue/WLB-2024090018) | ||
| - [HackTool.Win32.Freezer.br (WinSpy) / Insecure Credential Storage](https://cxsecurity.com/issue/WLB-2024090017) | ||
| - [FortiSiem 7.1.3 Stored XSS](https://cxsecurity.com/issue/WLB-2024090016) | ||
| - [Backdoor.Win32.Symmi.qua / Remote Stack Buffer Overflow (SEH)](https://cxsecurity.com/issue/WLB-2024090015) | ||
| - [OKI Printer Default Login Credential Scanner](https://cxsecurity.com/issue/WLB-2024090014) | ||
| - [Texas Instruments Fusion Digital Power Designer 7.10.1 Credential Disclosure](https://cxsecurity.com/issue/WLB-2024090013) | ||
| - [Multiple DVR Manufacturers Configuration Disclosure](https://cxsecurity.com/issue/WLB-2024090012) | ||
| - unSafe.sh - 不安全 | ||
| - [Guerre di Rete - Il caso Telegram](https://buaq.net/go-260826.html) | ||
| - [Password Cracking & Energy: More Dedails, (Sun, Sep 8th)](https://buaq.net/go-260834.html) | ||
| - [Is that LLM Actually "Open Source"? We need to talk Open-Washing in AI Governance](https://buaq.net/go-260828.html) | ||
| - 先知安全技术社区 | ||
| - [第四届长城杯网络安全大赛暨京津冀网络安全技能竞赛初赛PWN方向部分题解](https://xz.aliyun.com/t/15564) | ||
| - [第四届“长城杯”网络安全大赛 暨京津冀网络安全技能竞赛(初赛) Web&Misc 题解WriteUp全](https://xz.aliyun.com/t/15561) | ||
| - [第四届“长城杯”网络安全大赛 暨京津冀网络安全技能竞赛(WEB和MISC全解)](https://xz.aliyun.com/t/15560) | ||
| - 一个被知识诅咒的人 | ||
| - [深入解析Go语言中的条件控制与数据处理](https://blog.csdn.net/nokiaguy/article/details/142025446) | ||
| - [深入掌握Go语言中的正则表达式与字符串处理](https://blog.csdn.net/nokiaguy/article/details/142025361) | ||
| - arighi's blog | ||
| - [AI-generated Linux kernel schedulers in Rust](http://arighi.blogspot.com/2024/09/ai-generated-linux-kernel-schedulers-in.html) | ||
| - 先知安全技术社区 | ||
| - [第四届长城杯网络安全大赛暨京津冀网络安全技能竞赛初赛PWN方向部分题解](https://xz.aliyun.com/t/15564) | ||
| - [第四届“长城杯”网络安全大赛 暨京津冀网络安全技能竞赛(初赛) Web&Misc 题解WriteUp全](https://xz.aliyun.com/t/15561) | ||
| - [第四届“长城杯”网络安全大赛 暨京津冀网络安全技能竞赛(WEB和MISC全解)](https://xz.aliyun.com/t/15560) | ||
| - 不忘初心 方得始终 | ||
| - [Run lguest on Linux kernel 4.4](http://terenceli.github.io/%E6%8A%80%E6%9C%AF/2024/09/08/lguest-44) | ||
| - cloud world | ||
| - [在Go 1.23 及更高版本中使用 Telemetry](https://cloudsjhan.github.io/2024/09/08/%E5%9C%A8Go-1-23-%E5%8F%8A%E6%9B%B4%E9%AB%98%E7%89%88%E6%9C%AC%E4%B8%AD%E4%BD%BF%E7%94%A8-Telemetry/) | ||
| - Recent Commits to cve:main | ||
| - [Update Sun Sep 8 22:33:07 UTC 2024](https://github.com/trickest/cve/commit/0d5f557af3d5d48c4930e74f2e75ef767194c1c5) | ||
| - [Update Sun Sep 8 14:33:03 UTC 2024](https://github.com/trickest/cve/commit/5bcf0669610f2be258ba017341ed036be229e1a0) | ||
| - [Update Sun Sep 8 06:32:04 UTC 2024](https://github.com/trickest/cve/commit/262664be758bff9dcfb2a910166c053fafdadae4) | ||
| - Twitter @bytehx | ||
| - [Re @aaira34 @Hacker0x01 Thanks. It was store xss](https://x.com/bytehx343/status/1832773185093378468) | ||
| - [100% agree on this](https://x.com/bytehx343/status/1832741876828647649) | ||
| - Reverse Engineering | ||
| - [Cracking an old ZIP file to help open source the ANC's "Operation Vula" secret crypto code](https://www.reddit.com/r/ReverseEngineering/comments/1fbmmlr/cracking_an_old_zip_file_to_help_open_source_the/) | ||
| - [Process injection done easy - DD Oriented Programming](https://www.reddit.com/r/ReverseEngineering/comments/1fbwjw3/process_injection_done_easy_dd_oriented/) | ||
| - 奇客Solidot–传递最新科技情报 | ||
| - [Linux Man pages 维护者因经济压力暂停工作](https://www.solidot.org/story?sid=79192) | ||
| - [马来西亚命令 ISP 重路由 DNS 流量,引发争议后暂停执行](https://www.solidot.org/story?sid=79191) | ||
| - 看雪学苑 | ||
| - [逆向进入内核时代之APatch源码学习](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458572214&idx=1&sn=8d99655757749015c672e096913c55bf&chksm=b18de53c86fa6c2a7dfbaec22faa9e4a62eb4734fd00d307ff133b0ebfd20fe6007f45128905&scene=58&subscene=0#rd) | ||
| - [【新课】FART 脱壳王:突破加壳APP的层层保护](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458572214&idx=2&sn=bcb10cdd5f13b554818ff761ff17ecb1&chksm=b18de53c86fa6c2aa8befe4eb36636ce897516bd8f0d10b62e024a0ab3027eb58cf8c2203f6a&scene=58&subscene=0#rd) | ||
| - 黑奇士 | ||
| - [“疯狂小猴哥”遭遇水军网爆的记者发布会](https://mp.weixin.qq.com/s?__biz=MzI5ODYwNTE4Nw==&mid=2247488477&idx=1&sn=4456398a57e4e0fde8ea7af177fc4219&chksm=eca21c31dbd5952707835df261359a522b633d30b36c30f2cd4a4e4d75768a52a64e782dbea9&scene=58&subscene=0#rd) | ||
| - dotNet安全矩阵 | ||
| - [.NET内网实战:通过命令行解密Web.config](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247495117&idx=1&sn=85623cfc0cb3c989bb6553f0478689f3&chksm=fa594320cd2eca36d0985a2787fa64216946e064c43c0d2edf9ac9b56b7468a6630b9f113dbc&scene=58&subscene=0#rd) | ||
| - [献礼中秋! | .NET 文件上传漏洞对抗最新研究成果和新工具发布预告](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247495117&idx=2&sn=e01a452e7ec7591d0ce4c072ca7a99da&chksm=fa594320cd2eca367401579eda5ca61a2b34d32f0fe1e69f829aca5eecbc06a998e4d565faee&scene=58&subscene=0#rd) | ||
| - [.NET 安全攻防知识交流社区](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247495117&idx=3&sn=cd105a3e80dfbc5e98dc6fd88ed63df1&chksm=fa594320cd2eca3615f4dd3ee91b27347ad5cf8a7652f12cc5614391f14059c9d44b6330dd0a&scene=58&subscene=0#rd) | ||
| - 安全圈 | ||
| - [【安全圈】快手发布通报:一员工泄露数据严重违纪 解除劳动合同](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652064249&idx=1&sn=7db74bfc9d62a009a6499c248abe8b38&chksm=f36e65b9c419ecaf0cdc78a3af144aa01d0b017649bc07fb268f93473b3b8cf534004fa97581&scene=58&subscene=0#rd) | ||
| - [【安全圈】抢票软件不到1秒钟就能抢到票,黑客与“黄牛”被判刑](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652064249&idx=2&sn=4529003433add83f1f83a867c6f50d2f&chksm=f36e65b9c419ecaf377ce825c7e167e9c16e28822331da644bd6568eef0ec3f1cdf0c324d53d&scene=58&subscene=0#rd) | ||
| - [【安全圈】GitHub 上有 3000 个“幽灵账户”传播恶意软件](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652064249&idx=3&sn=be5b899e0bea8af3b290b45b6e5ef67f&chksm=f36e65b9c419ecafca6755f32b32c1b766aa4b099e2fed984e8a28f7e5d61de2cdfd0cc7797d&scene=58&subscene=0#rd) | ||
| - [【安全圈】冒名顶替已下架 PyPI 套件,攻击手法 Revival Hijack 揭露](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652064249&idx=4&sn=61ffe75ef3405adbe977dbbc80ef8dbc&chksm=f36e65b9c419ecafb8672ebf32a39376f9d6995bc07948035c2f59bd600e4b196ae547e2f765&scene=58&subscene=0#rd) | ||
| - 丁爸 情报分析师的工具箱 | ||
| - [【情报知识】战略间谍](https://mp.weixin.qq.com/s?__biz=MzI2MTE0NTE3Mw==&mid=2651146037&idx=1&sn=9360d60ac5981f4d730d9bff996ec58a&chksm=f1af300fc6d8b919fc870b37685847712310e42ad97eaebaa688fe20c386dfb964d845a06bb4&scene=58&subscene=0#rd) | ||
| - [【通知】第二届全国大学生开源情报数据采集与分析大赛](https://mp.weixin.qq.com/s?__biz=MzI2MTE0NTE3Mw==&mid=2651146037&idx=2&sn=854e6fd572514c2dc33afc6f8750b496&chksm=f1af300fc6d8b919a615e4339a9fa9121ae2d2d3317c0764053de7b6d6009f5bdf23d1775489&scene=58&subscene=0#rd) | ||
| - Over Security - Cybersecurity news aggregator | ||
| - [Guerre di Rete - Il caso Telegram](https://guerredirete.substack.com/p/guerre-di-rete-il-caso-telegram) | ||
| - [New RAMBO attack steals data using RAM in air-gapped computers](https://www.bleepingcomputer.com/news/security/new-rambo-attack-steals-data-using-ram-in-air-gapped-computers/) | ||
| - [Sextortion scam now use your "cheating" spouse’s name as a lure](https://www.bleepingcomputer.com/news/security/sextortion-scam-now-use-your-cheating-spouses-name-as-a-lure/) | ||
| - 极客公园 | ||
| - [1000 个智能体,在《我的世界》里创造了世界上第一个 AI 文明](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653054163&idx=1&sn=221ef9978b786b6531e50c4d32ee20a2&chksm=7e571965492090733814cd77292f8f4487dc5086a3ea14501a052c5f75f87138100fe3392fd8&scene=58&subscene=0#rd) | ||
| - [ChatGPT 发布近两年,4B 的端侧模型已经能够复刻当年的水平](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653054163&idx=2&sn=ff82c790ca0d54889a51de1da287eeed&chksm=7e57196549209073b67d5106ae3bd8e89e900dc760f647496db71e8880e7a3a85fa52c6e16a4&scene=58&subscene=0#rd) | ||
| - [罗永浩评微信苹果之争:微信肯定不怕苹果;100万人排队预定华为三折叠手机;英伟达市值蒸发4000亿美元 | 极客早知道](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653054162&idx=1&sn=0b83c0a7f9556eaf0d9942ba328fd757&chksm=7e571964492090722d268c59895229cdb0cbdfb10a822a8e0b1a2910e9584986711adeb94fee&scene=58&subscene=0#rd) | ||
| - SANS Internet Storm Center, InfoCON: green | ||
| - [Password Cracking & Energy: More Dedails, (Sun, Sep 8th)](https://isc.sans.edu/diary/rss/31242) | ||
| - BorderGate | ||
| - [First Hop Redundancy Protocols](https://www.bordergate.co.uk/first-hop-redundancy-protocols/) | ||
| - Security Affairs | ||
| - [Feds indicted two alleged administrators of WWH Club dark web marketplace](https://securityaffairs.com/168177/cyber-crime/feds-indicted-admins-wwh-club-marketplace.html) | ||
| - [SECURITY AFFAIRS MALWARE NEWSLETTER – ROUND 10](https://securityaffairs.com/168168/malware/security-affairs-malware-newsletter-round-10.html) | ||
| - [Security Affairs newsletter Round 488 by Pierluigi Paganini – INTERNATIONAL EDITION](https://securityaffairs.com/168159/breaking-news/security-affairs-newsletter-round-488-by-pierluigi-paganini-international-edition.html) | ||
| - Technical Information Security Content & Discussion | ||
| - [Exploiting CI / CD Pipelines for fun and profit](https://www.reddit.com/r/netsec/comments/1fcbvc8/exploiting_ci_cd_pipelines_for_fun_and_profit/) | ||
| - netsecstudents: Subreddit for students studying Network Security and its related subjects | ||
| - [MSc Cybersecurity @ University of London (Distance Learning in Partnership with Coursera)](https://www.reddit.com/r/netsecstudents/comments/1fc2vq1/msc_cybersecurity_university_of_london_distance/) | ||
| - Computer Forensics | ||
| - [How do you keep your skill fresh?](https://www.reddit.com/r/computerforensics/comments/1fc581f/how_do_you_keep_your_skill_fresh/) | ||
| - [Elcomsoft iOS Forensic Toolkit 7.0 dont see a device](https://www.reddit.com/r/computerforensics/comments/1fbymkz/elcomsoft_ios_forensic_toolkit_70_dont_see_a/) | ||
| - Blackhat Library: Hacking techniques and research | ||
| - [The Tragic Downfall Of Nulled.to (biggest blackhat forum)](https://www.reddit.com/r/blackhat/comments/1fc2bg9/the_tragic_downfall_of_nulledto_biggest_blackhat/) | ||
| - [Mathway/wattpad database?](https://www.reddit.com/r/blackhat/comments/1fbzc1a/mathwaywattpad_database/) |
Oops, something went wrong.