正文

Matrix SEC每日安全简报(2023.09.26)

admin
admin V管理员 /0 评论 /186 阅读
0926
此篇文章发布距今已超过424天,您需要注意文章的内容或图片是否可用!

[威胁情报CTI]

  1. Docker vs Kubernetes


  2. 勒索软件组织Ransomedvc新增1名新受害者,分别是

    - 索尼(sony.com)

    早些时候,索尼被CL0P勒索件组织添加受害者。

    Sample


  3. 勒索软件组织NoEscape新增1名新受害者,分别是

    - Leekes (leekes.co.uk) 130GB

    Leekes是位于威尔士的家居用品,家居装饰用品和相关物品零售商


  4. 勒索软件组织Rhysida新增1名新受害者,分别是

    - 科威特财政部 (mof.gov.kw)

    其官网已经Down


[安全简报]

  • HackerOne

[LinkedIn]

可以观看需要订阅的LinkedIn学习视频,而无需通过"共享功能"订阅

https://hackerone.com/reports/1809633

LinkedIn用户主电子邮件+全名可见性

https://hackerone.com/reports/878724

HTTP请求走私(CL.0)导致在没有用户交互的情况下将用户大量重定向到攻击者服务器

https://hackerone.com/reports/1943608

  • PacketStorm

RoyalTSX 6.0.1 RTSZ File Handling Heap Memory Corruption

https://packetstormsecurity.com/files/174827/RoyalTSX-6.0.1-RTSZ-File-Handling-Heap-Memory-Corruption.html

OPNsense 23.1.11_1/23.7.3/23.7.4 Cross Site Scripting/Privilege Escalation

https://packetstormsecurity.com/files/174826/OPNsense-23.1.11_1-23.7.3-23.7.4-Cross-Site-Scripting-Privilege-Escalation.html

LogoBee CMS 0.2 Cross Site Scripting

https://packetstormsecurity.com/files/174815/LogoBee-CMS-0.2-Cross-Site-Scripting.html

Lamano LMS 0.1 Insecure Settings

https://packetstormsecurity.com/files/174814/Lamano-LMS-0.1-Insecure-Settings.html

  • Portswigger

DOM 入侵者和直接评估与间接评估的情况

https://portswigger.net/blog/dom-invader-and-the-case-of-direct-eval-vs-indirect-eval

  • The DFIR Report

在61小时内从屏幕连接到Hive勒索软件

https://thedfirreport.com/2023/09/25/from-screenconnect-to-hive-ransomware-in-61-hours/

  • Socradar

由于云配置错误,超过400K存储桶和10.4B文件是公开的

https://socradar.io/over-400k-buckets-and-104b-files-are-public-due-to-cloud-misconfigurations/

  • HackRead

Mixin Network在200亿美元加密黑客攻击后停止服务

https://www.hackread.com/mixin-network-loses-200m-crypto-hack/

900所美国学校受到MOVEit黑客攻击,暴露了学生数据

https://www.hackread.com/900-us-schools-moveit-hack-student-data-expose/

Deadglyph: 与中东隐形猎鹰APT相关的新后门

https://www.hackread.com/deadglyph-backdoor-stealth-falcon-apt-middle-east/

  • BleepingComputer

Better OutcomesRegistry & Network(BORN)安大略儿童注册数据泄露影响3万人

https://www.bleepingcomputer.com/news/security/born-ontario-child-registry-data-breach-affects-34-million-people/

谷歌将于2024年1月停用Gmail基本HTML视图

https://www.bleepingcomputer.com/news/security/google-is-retiring-its-gmail-basic-html-view-in-january-2024/

Xenomorph Android恶意软件现在针对美国银行和加密钱包

https://www.bleepingcomputer.com/news/security/xenomorph-android-malware-now-targets-us-banks-and-crypto-wallets/

Mixin Network在200亿美元黑客攻击后暂停运营

https://www.bleepingcomputer.com/news/security/mixin-network-suspends-operations-following-200-million-hack/

  • TheHackerNews

乌克兰军方利用无人机手册瞄准网络钓鱼活动

https://thehackernews.com/2023/09/ukrainian-military-targeted-in-phishing.html

从水坑到间谍软件: EvilBamboo

https://thehackernews.com/2023/09/from-watering-hole-to-spyware.html

  • DataBreaches

AlphV声称已经打击了明尼苏达州MNGI

https://www.databreaches.net/alphv-claims-to-have-hit-mngi-digestive-health-developing/

25,000名香港人在消费者监管机构受到网络攻击后面临风险的个人数据,高于早前估计的8,000

https://www.databreaches.net/personal-data-of-25000-hongkongers-at-risk-after-cyberattack-against-consumer-watchdog-up-from-earlier-estimate-of-8000/

  • SANS

YARA 支持 .LNK 文件

https://isc.sans.edu/diary/rss/30244


推荐站内搜索:最好用的开发软件、免费开源系统、渗透测试工具云盘下载、最新渗透测试资料、最新黑客工具下载……
ZhouSa.com