Matrix SEC每日安全简报（2023.10.05）

[威胁情报CTI]

1. 黑客组织ThreatSec发布来自印度的几个数据库。

   - IISER Kolkata

   - Inspirox India

   - Kumari Online

   - PCMM

   - VTinfocom

2. 一名用户发布550,000个泰国个人身份信息。

3. 勒索软件组织Rhysida新增1名新受害者，分别是：

   - 多米尼加共和国移民局(migracion.gob.do)

[安全简报]

• HackerOne

[LY Corporation]

OAUTH2登陆中的反射型xss

https://hackerone.com/reports/1167272

[inDrive]

端点绕过

https://hackerone.com/reports/2078527

[Mozilla Core Services]

子域接管 eideticker.mozilla.org

https://hackerone.com/reports/2017323

子域接管 google-cdn-delivery.dev.mozaws.net

https://hackerone.com/reports/2135054

• PacketStorm

Progress Software WS_FTP Unauthenticated Remote Code Execution

https://packetstormsecurity.com/files/174917/Progress-Software-WS_FTP-Unauthenticated-Remote-Code-Execution.html

• devco.re

你的打印机并不是你的打印机 - 在Pwn2Own黑掉打印机 Part I

https://devco.re/blog/2023/10/05/your-printer-is-not-your-printer-hacking-printers-pwn2own-part1-en/

• Ahnlab

来自Lazarus威胁组织的Scout恶意软件分析

https://asec.ahnlab.com/ko/57427/

• SecurityWeek

新的美超微BMC漏洞可能会使许多服务器受到远程攻击

https://www.securityweek.com/new-supermicro-bmc-vulnerabilities-could-expose-many-servers-to-remote-attacks/

Lyca Mobile运营商因网络攻击而中断

https://www.securityweek.com/lyca-mobile-services-significantly-disrupted-by-cyberattack/

• HackRead

EvilProxy网络钓鱼工具包通过Indeed.com漏洞瞄准Microsoft用户

https://www.hackread.com/evilproxy-phishing-kit-microsoft-indeed-vulnerability/

流媒体劫持: 恶意YouTube直播帮助恶意软件，加密诈骗

https://www.hackread.com/stream-jacking-youtube-livestream-crypto-scams/

索尼通过MOVEit漏洞泄露数据影响美国数千人

https://www.hackread.com/sony-data-breach-moveit-vulnerability-us/

Lyca Mobile遭受网络攻击，调查勒索软件的可能性

https://www.hackread.com/lyca-mobile-cyber-attack-investigate-ransomware/

• BleepingComputer

数百个恶意Python包窃取敏感数据

https://www.bleepingcomputer.com/news/security/hundreds-of-malicious-python-packages-found-stealing-sensitive-data/

苹果紧急更新修复了用于入侵iPhone的新零日漏洞

https://www.bleepingcomputer.com/news/apple/apple-emergency-update-fixes-new-zero-day-used-to-hack-iphones/

Atlassian修补了被利用的关键Confluence零日漏洞

https://www.bleepingcomputer.com/news/security/atlassian-patches-critical-confluence-zero-day-exploited-in-attacks/

研究人员警告说，网上有100万个工业控制系统暴露在外

https://www.bleepingcomputer.com/news/security/researchers-warn-of-100-000-industrial-control-systems-exposed-online/

思科修复了紧急响应程序中的硬编码根凭证

https://www.bleepingcomputer.com/news/security/cisco-fixes-hard-coded-root-credentials-in-emergency-responder/

• DataBreaches

被引渡到美国的一名22岁法国人，Sébastien Raoult (Sezyo Kaizen)承认九项指控欺诈和严重身份盗窃罪中的两项

https://www.databreaches.net/aretis-health-llc-notifies-patients-of-50-entities-about-moveit-breach/

Pathology Lab驳回了大部分患者的数据泄露索赔

https://www.databreaches.net/pathology-lab-has-most-of-patients-data-breach-claims-dismissed/

联邦调查局头号通缉犯俄罗斯黑客Mikhail Matveev透露他为什么"烧毁"护照

https://www.databreaches.net/fbi-most-wanted-russian-hacker-reveals-why-he-burned-his-passport/

• SANS

苹果修复了iOS和iPadOS中的漏洞

https://isc.sans.edu/diary/rss/30280