[威胁情报CTI]
黑客组织UAC-0057利用CVE-2023-38831漏洞攻击。
NET-WORKER ALLIANCE对s国际刑警组织(cyber-emea.interpol.int)发起DDOS攻击。
勒索软件组织BlackCat(ALPHV)添加Lawson Lundell律师事务所(lawsonlundell.com)受害者,声称1.59TB数据泄露。
勒索软件组织Everest添加美国互助保险公司State Farm(statefarm.com)受害者,声称400,000,000条保险客户数据泄露。
[安全简报]
whereisk0shl Blog
探索CNG密钥隔离的权限提升
https://whereisk0shl.top/post/isolate-me-from-sandbox-explore-elevation-of-privilege-of-cng-key-isolation
Tavis Ormandy Blog
黑掉Timex m851
https://lock.cmpxchg8b.com/timex.html
Huli's blog
corCTF 2023 & Sekai CTF 2023 筆記
https://blog.huli.tw/2023/09/02/corctf-sekaictf-2023-writeup/
ssd-disclosure
Windows文件历史记录服务中的特权提升CVE-2023-35359
https://ssd-disclosure.com/ssd-advisory-file-history-service-fhsvc-dll-elevation-of-privilege/
SANS
分析有缺陷的网络钓鱼PDF文件
https://isc.sans.edu/diary/rss/30184
The Hacker News
针对VMware Aria SSH身份验证绕过漏洞发布Poc
https://thehackernews.com/2023/09/poc-exploit-released-for-critical.html
SecurityAffairs
LockBit勒索软件团伙攻击了蒙特利尔电力服务委员会(CSEM)
https://securityaffairs.com/150247/cyber-crime/lockbit-ransomware-csem.html
hexacorn
961c151d2e87f2686a955a9be24d316f1362bf21的秘密
https://www.hexacorn.com/blog/2023/09/03/the-secret-of-961c151d2e87f2686a955a9be24d316f1362bf21/
BleepingComputer
悉尼大学(USYD)数据泄露影响最近的申请人个人数据
https://www.bleepingcomputer.com/news/security/university-of-sydney-data-breach-impacts-recent-applicants/
Microsoft提醒用户Windows将很快禁用不安全的TLS
https://www.bleepingcomputer.com/news/microsoft/microsoft-reminds-users-windows-will-disable-insecure-tls-soon/
儿童零食在其网站被发现提供色情内容后被召回
https://www.bleepingcomputer.com/news/security/childrens-snack-recalled-after-its-website-caught-serving-porn/
推荐站内搜索:最好用的开发软件、免费开源系统、渗透测试工具云盘下载、最新渗透测试资料、最新黑客工具下载……
还没有评论,来说两句吧...