正文

Matrix SEC每日安全简报(2023.10.07)

admin
admin V管理员 /0 评论 /252 阅读
1007
此篇文章发布距今已超过399天,您需要注意文章的内容或图片是否可用!

[威胁情报CTI]

  1. 一用户发布Colegio de Abogados de Bahía Blanca(cabb.org.ar)数据


  2. 一用户发布Oni.fail数据。


  3. 黑客组织NDT SEC发布泰国财政部(strategy.mof.go.th)50GB数据。


  4. 勒索软件组织LockBit新增7名新受害者,分别是

    - AICSA Corporación

    - Côté

    - Sinedie Advisor

    - Economic Electric Motors

    - Bangsaen Mahanakhon

    - PicoSoft

    - litung.com.tw


[安全简报]

  • HackerOne

[HackerOne]

允许将草稿报告的评论发送到程序的Slack工作区 赏金: $2,500.00

https://hackerone.com/reports/2069593

  • PacketStorm

glibc ld.so Local Privilege Escalation

https://packetstormsecurity.com/files/174986/glibc-ld.so-Local-Privilege-Escalation.html

SAP Application Server ABAP Open Redirection

https://packetstormsecurity.com/files/174985/SAP-Application-Server-ABAP-Open-Redirection.html

  • Microsoft

Microsoft发布关于网络犯罪和国家支持的网络行动的新报告

https://www.microsoft.com/content/dam/microsoft/final/en-us/microsoft-brand/documents/MDDR_FINAL_2023_1004.pdf

  • Rapid7

小面包屑可以变成巨人

https://www.rapid7.com/blog/post/2023/10/05/little-crumbs-can-lead-to-giants/

  • WeliveSecurity

#OP Guyanese: 圭亚那的弃儿霍比特人

https://www.welivesecurity.com/en/eset-research/operation-jacana-spying-guyana-entity/

  • ScMagazine

勒索软件组织QakBot在被联邦调查局查封后重新出现

https://www.scmagazine.com/news/ransomware-gang-qakbot-resurfaces-after-feds-botnet-takedown

  • SecurityWeek

美高梅称勒索软件攻击损失$110亿美元

https://www.securityweek.com/mgm-resorts-says-ransomware-hack-cost-110-million/

在美国学校发现带有后门固件的Android设备

https://www.securityweek.com/android-devices-with-backdoored-firmware-found-in-us-schools/

Microsoft发布关于网络犯罪和国家支持的网络行动的新报告

https://www.securityweek.com/microsoft-releases-new-report-on-cybercrime-state-sponsored-cyber-operations/

  • HackRead

黑客声称拥有来自DNA服务的7万23andMe用户的数据,23andMe正在调查事件

https://www.hackread.com/hacker-claims-dna-service-23andme-users-data/

  • BleepingComputer

哥伦比亚特区选举委员会确认选民数据在网站黑客攻击中被盗

https://www.bleepingcomputer.com/news/security/dc-board-of-elections-confirms-voter-data-stolen-in-site-hack/

Blackbaud同意为勒索软件数据泄露提供49万美元的和解

https://www.bleepingcomputer.com/news/security/blackbaud-agrees-to-495-million-settlement-for-ransomware-data-breach/

FTC 警告说,自2021年以来,社交媒体诈骗的损失"惊人"

https://www.bleepingcomputer.com/news/security/ftc-warns-of-staggering-losses-to-social-media-scams-since-2021/

遗传学公司23andMe表示,用户数据在撞库攻击中被盗

https://www.bleepingcomputer.com/news/security/genetics-firm-23andme-says-user-data-stolen-in-credential-stuffing-attack/

米高梅透露,上个月的网络攻击使该公司损失了100亿美元并且数据被盗

https://www.bleepingcomputer.com/news/security/mgm-resorts-ransomware-attack-led-to-100-million-loss-data-theft/

  • DataBreaches

帕克斯教堂学区网络被黑客入侵,联邦调查局与阿肯色州合作正在调查此事件

https://www.databreaches.net/parkers-chapel-school-district-network-hacked-fbi-investigating/

INC 勒索软件声称已经入侵了联邦劳工关系局

https://www.databreaches.net/inc-ransomware-claims-to-have-hit-federal-labor-relations-authority/


推荐站内搜索:最好用的开发软件、免费开源系统、渗透测试工具云盘下载、最新渗透测试资料、最新黑客工具下载……
宙飒zhousa.om