Cybersecurity information flow

Academic Papers about LLM Application on Security

This release of Burp Suite Enterprise Edition updates Java support, boosts scanner performance, and fixes some bugs. Java 21.0.3 support We've updated Burp Suite Enterprise Edition to support Java 21.

" 本次发布的Burp Suite Enterprise Edition更新了Java支持，提升了扫描器性能，并修复了一些漏洞。Java 21.0.3支持我们已经将Burp Suite Enterprise Edition更新至支持Java 21。"

Panda Restaurant Group disclosed a data breach that occurred in March, resulting in the theft of associates’ personal information. Panda Restaurant Group disclosed a data breach that occurred in March, resulting in the theft of personal information belonging to its associates. Panda Restaurant Group, Inc. is the parent company of Panda Inn, Panda Express and […]

" 熊猫餐饮集团披露了一起发生在三月份的数据泄露事件，导致员工个人信息被盗。熊猫餐饮集团透露，三月份发生了一起数据泄露事件，导致其员工的个人信息被盗。熊猫餐饮集团（Panda Restaurant Group, Inc.）是熊猫酒店（Panda Inn）、熊猫快餐（Panda Express）及其他餐饮品牌的母公司。 […]"

DataTrove是一款针对大规模文本数据的处理、过滤和消除重复数据工具，可以提供一组平台无关的可定制管道处理块。

Use a LLM to create the ultimate Leek AI for Leek Wars! 🥬

Atomic counters and rate limiting tools. Limit resource access at any scale.

自2012年4月起，海莲花针对中国政府、科研院所、海事机构、海域建设、航运企业等相关重要领域展开了有组织、有计划、有针对性的长时间不间断攻击...

A C/C++ Code Vulnerability Dataset with Code Changes and CVE Summaries

motikan2010 starred SAWARATSUKI/ServiceLogos · May 2, 2024 02:46
SAWARATSUKI/ServiceLogos
ロゴを可愛く作ろう　節度を持って利用してくださいね🫠
13.3k Updated May 1

🧩 Plug-and-play, zero-config, cross-browser extension development tool.

本文将以对xz-utils相关分析报告为基础，进行翻译、整理和复现，并针对xz-utils后门代码部分展开分析研究。

创新沙盒解读：Bedrock Security。

This blog discusses a misconfiguration in an AWS S3 bucket owned by Oil India Limited, which exposed the Personally Identifiable Information (PII) and documents of job seekers.
https://oil-india.com
Hello, my name is Biraj Baishya, also known as brutexploiter. I am an independent security researcher, a full-time bug bounty hunter, and a mechanical engineer.
In this write-up, I will discuss how I discovered a critical vulnerability and protected the data of job seekers from a misconfiguration that could have been exploited by cyber attackers, potentially leading to a data breach.
Initial Discovery:
The discovery phase of the vulnerability was quite interesting because I visited the Oil India Limited website as a job seeker. Oil India Limited had recently announced job openings for various technical positions, so I visited the site to download the admit card for the examination. Suddenly, during the downloading process, I noticed that the documents were being served from an Amazon Web Services (AWS) S3 Bucket.

影响厂商:Shopify 奖励: 危险等级:none
" 生产密钥和数据在已被Shopify停止运营的子域上被发现／悬挂DNS\n\n（翻译说明：信：忠实于原文，达：表达清晰，雅：语言优美。）"

影响厂商:Shopify 奖励:500.0USD 危险等级:low
" 退出登录后，不会过期，攻击者可以重新使用旧的cookie。"

影响厂商:b'Shopify'(https://hackerone.com/shopify) 
" 生产密钥和数据在由Shopify不再运营的子域名上被发现／悬挂DNS"

影响厂商:b'Shopify'(https://hackerone.com/shopify) 
" 退出登录后，不会过期，攻击者可以重新使用旧的cookie。"

LuatOS -- Powerful embedded Lua Engine for IoT devices, with many components and low memory requirements (16K RAM, 128K Flash)

This blog discusses a misconfiguration in an AWS S3 bucket owned by Oil India Limited, which exposed the Personally Identifiable Information (PII) and documents of job seekers.
https://oil-india.com
Hello, my name is Biraj Baishya, also known as brutexploiter. I am an independent security researcher, a full-time bug bounty hunter, and a mechanical engineer.
In this write-up, I will discuss how I discovered a critical vulnerability and protected the data of job seekers from a misconfiguration that could have been exploited by cyber attackers, potentially leading to a data breach.
Initial Discovery:
The discovery phase of the vulnerability was quite interesting because I visited the Oil India Limited website as a job seeker. Oil India Limited had recently announced job openings for various technical positions, so I visited the site to download the admit card for the examination. Suddenly, during the downloading process, I noticed that the documents were being served from an Amazon Web Services (AWS) S3 Bucket.

Nmap - the Network Mapper. Github mirror of official SVN repository.

Red Hat Security Advisory 2024-2575-03 - An update for expat is now available for Red Hat Enterprise Linux 8. Issues addressed include a denial of service vulnerability.

" 红帽安全公告2024-2575-03 - 针对Red Hat Enterprise Linux 8的expat更新现已可用。解决的问题包括一个拒绝服务漏洞。"

Red Hat Security Advisory 2024-2577-03 - An update for shadow-utils is now available for Red Hat Enterprise Linux 8.8 Extended Update Support.

" 红帽安全公告2024-2577-03 - 现已为红帽企业Linux 8.8延长更新支持提供shadow-utils更新。"

Red Hat Security Advisory 2024-2580-03 - An update for yajl is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Issues addressed include a memory leak vulnerability.

" 红帽安全公告2024-2580-03 - 现已为Red Hat Enterprise Linux 8.8扩展更新支持提供yajl更新。解决的问题包括内存泄漏漏洞。"

Red Hat Security Advisory 2024-2581-03 - An update for pcs is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Issues addressed include a denial of service vulnerability.

" 红帽安全公告2024-2581-03 - 针对Red Hat Enterprise Linux 8.8扩展更新支持的pcs更新现已可用。解决的问题包括服务拒绝漏洞。"

Red Hat Security Advisory 2024-2582-03 - An update for kernel is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions. Issues addressed include a use-after-free vulnerability.

" 红帽安全公告2024-2582-03 - 针对Red Hat Enterprise Linux 8.4高级使命关键更新支持、Red Hat Enterprise Linux 8.4电信更新服务和Red Hat Enterprise Linux 8.4 SAP解决方案更新服务，现已提供内核更新。解决的问题包括使用后释放漏洞。"

Red Hat Security Advisory 2024-2583-03 - An update for linux-firmware is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions.

" 红帽安全公告2024-2583-03 - 适用于红帽企业Linux 8.4高级使命关键更新支持、红帽企业Linux 8.4电信更新服务和红帽企业Linux 8.4 SAP解决方案更新服务的linux-firmware更新现已可用。"

Red Hat Security Advisory 2024-2584-03 - An update for pcs is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions. Issues addressed include a denial of service vulnerability.

" 红帽安全公告2024-2584-03 - 针对Red Hat Enterprise Linux 8.4高级使命关键更新支持、Red Hat Enterprise Linux 8.4电信更新服务和Red Hat Enterprise Linux 8.4 SAP解决方案更新服务，pcs更新已可用。解决的问题包括服务拒绝漏洞。"

Red Hat Security Advisory 2024-2585-03 - An update for kernel-rt is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions. Issues addressed include a use-after-free vulnerability.

" 红帽安全公告2024-2585-03 - 针对 kernel-rt 的更新现已适用于 Red Hat Enterprise Linux 8.4 高级 mission-critical 更新支持、Red Hat Enterprise Linux 8.4 电信更新服务和 Red Hat Enterprise Linux 8.4 SAP 解决方案更新服务。解决的问题包括一个使用后释放漏洞。"