Matrix SEC每日安全简报（2023.10.06）

[威胁情报CTI]

1. 十大最常见攻击方式。

   
   

2. 9月份新增43个勒索软件。

   
   

3. 勒索软件组织RANSOMED.VC再次修改网站页面，目前有23位受害者。

   
   

4. 一用户以600$价格出售巴西市政税务秘书处访问权限。

   
   

5. 土耳其黑客组织Cyb3r Drag0nz发布Türkiye Scholarships学生数据。

   
   

6. 勒索软件组织PLAY新增6名新受害者，分别是：

   - Roof Management

   - Security Instrument Corp

   - Filtration Control Ltd

   - Cinépolis Cinemas

   - CHARMANT Group

   - Stavanger municipality

   
   

[安全简报]

• HackerOne

[LinkedIn]

管理页面存在IDOR漏洞

https://hackerone.com/reports/1538177

[Informatica]

mysupport.informatica.com存在反射XSS

https://hackerone.com/reports/39069

• PacketStorm

Chrome ReduceJSLoadPropertyWithEnumeratedKey Out-Of-Bounds Access

https://packetstormsecurity.com/files/174951/Chrome-ReduceJSLoadPropertyWithEnumeratedKey-Out-Of-Bounds-Access.html

Chrome Dangling FixedArray Pointers / Memory Corruption

https://packetstormsecurity.com/files/174950/Chrome-Dangling-FixedArray-Pointers-Memory-Corruption.html

Chrome SKIA Integer Overflow

https://packetstormsecurity.com/files/174949/Chrome-SKIA-Integer-Overflow.html

edgetpu_pin_user_pages Race Condition

https://packetstormsecurity.com/files/174948/edgetpu_pin_user_pages-Race-Condition.html

• Humansecurity

一路深入木马: BADBOX 和 PEACHPIT

https://www.humansecurity.com/hubfs/HUMAN_Report_BADBOX-and-PEACHPIT.pdf

• TheRegister

韩国指责朝鲜进行网络钓鱼和船只攻击

https://www.theregister.com/2023/10/05/north_korea_phishing_attack_on_south/

• SecurityWeek

索尼确认数据在最近的两次黑客攻击中被盗

https://www.securityweek.com/sony-confirms-data-stolen-in-two-recent-hacker-attacks/

Linux基金会宣布OpenPubkey开源加密协议

https://www.securityweek.com/linux-foundation-announces-openpubkey-open-source-cryptographic-protocol/

GitHub 通过扩展令牌有效性检查改进了机密扫描功能

https://www.securityweek.com/github-improves-secret-scanning-feature-with-expanded-token-validity-checks/

加拿大科技巨头黑莓宣布计划拆分其网络安全和IOT物联网业务

https://www.securityweek.com/blackberry-to-split-cybersecurity-iot-business-units/

• HackRead

在线约会: 网络犯罪危险信号

https://www.hackread.com/online-dating-cybercrime-red-flags/

美国警方追回被巴基斯坦加密诈骗者窃取的3万美元

https://www.hackread.com/us-police-recover-3m-pakistani-crypto-scammers/

Major CRM的Really Simple Systems泄漏3万条客户记录

https://www.hackread.com/crm-provider-really-simple-systems-data-leak/

NPM 域名仿冒攻击通过合法软件包部署 r77 Rootkit

https://www.hackread.com/npm-typosquatting-attack-deliver-r77-rootkit/

• BleepingComputer

Microsoft正式删除Windows 11 Insiders的Cortana

https://www.bleepingcomputer.com/news/microsoft/microsoft-officially-removes-cortana-for-windows-11-insiders/

NSA和CISA揭示了十大网络安全错误配置

https://www.bleepingcomputer.com/news/security/nsa-and-cisa-reveal-top-10-cybersecurity-misconfigurations/

Lyca Mobile调查网络攻击后的客户数据泄露

https://www.bleepingcomputer.com/news/security/lyca-mobile-investigates-customer-data-leak-after-cyberattack/

• DataBreaches

在泄漏站点上命名的勒索软件受害者数量创纪录

https://www.databreaches.net/record-numbers-of-ransomware-victims-named-on-leak-sites/

黑客入侵社会服务和学校的WhatsApp帐户后，900名香港人的数据被曝光

https://www.databreaches.net/data-of-900-hongkongers-exposed-after-hackers-breach-whatsapp-accounts-of-social-services-and-schools/

Blackbaud以近50万美元的价格解决了各州的数据泄露调查

https://www.databreaches.net/blackbaud-settles-breach-probe-by-states-for-nearly-50m/

MOVEit 数据泄露诉讼送交马萨诸塞州联邦法院

https://www.databreaches.net/moveit-data-breach-lawsuits-sent-to-massachusetts-federal-court/

• SANS

新工具: le-hex-to-ip.py

https://isc.sans.edu/diary/rss/30284