Cybersecurity information flow

干净的信息流推送工具,偏向安全圈的点点滴滴,为安全研究人员每日发现优质内容.

了解更多 »

全部节点
时间 节点
2023年12月7日 03:33 Marco Ramilli Web Corner
Category: DDoS Attack Content: Proof of downtime: https://check-host.net/check-report/13b8243bk821 Source: telegram Source Link: https://t.me/executor_ddos_v2/3705 Threat Actor: EXECUTOR DDOS Victimology Country : India Industry : Social Media & Online Social Networking Organization : antvlovers
2023年12月7日 03:33 Marco Ramilli Web Corner
Category: Defacement Content: Group claims to defaced the website of NATIONAL SPORTS AUTHORITY Source: telegram Source Link: https://t.me/Cyb3r_Drag0nz/738 Threat Actor: Cyb3r Drag0nz Victimology Country : Sierra Leone Industry : Government Administration Organization : national sports authority sierra leone
2023年12月7日 03:33 Marco Ramilli Web Corner
Category: Defacement Content: Group claims to defaced the website of The Flying Cakes Source: telegram Source Link: https://t.me/duniamayateam/2827 Threat Actor: DUNIA MAYA TEAM Victimology Country : undefined Industry : Food & Beverages Organization : the flying cakes
2023年12月7日 03:31 hackone
影响厂商:curl 奖励: 危险等级:medium
2023年12月7日 03:31 hackone
2023年12月7日 03:31 hackone
2023年12月7日 03:31 hackone
影响厂商:LinkedIn 奖励: 危险等级:low
2023年12月7日 03:31 hackone
影响厂商:b'LinkedIn'(https://hackerone.com/linkedin) 
2023年12月7日 03:31 hackone
2023年12月7日 03:31 hackone
2023年12月7日 03:31 hackone
影响厂商:b'curl'(https://hackerone.com/curl) 
2023年12月7日 03:01 Github_POC
Versions of the package tough-cookie before 4.1.3 are vulnerable to Prototype Pollution due to improper handling of Cookies when using CookieJar in rejectPublicSuffixes=false mode. This issue arises from the manner in which the objects are initialized.
[GitHub]Researching on the vulnrability CVE-2023-26136
2023年12月7日 01:13 Github关注
Python tool and library for decrypting MS Office files with passwords or other keys
2023年12月7日 01:13 Github关注
Generate fully typed Python client for any GraphQL API from schema, queries and mutations
2023年12月7日 00:53 SecWiki周报
2023年黑灰产攻防最新趋势 https://mp.weixin.qq.com/s/jusqCymbMUSMtMqLntnuMQ
从ChatGPT代码执行逃逸到LLMs应用安全思考 https://mp.weixin.qq.com/s/XAH4y1F0ukyyqdQx_XYhYg
LLMs安全:针对业务模型应用场景下提示词的攻击手段与危害 https://mp.weixin.qq.com/s/2bm7nuXkORLZ20mfpOmwrA
IDA 插件大赛 2023 https://mp.weixin.qq.com/s/yuAz4plaJH1l-IV2Ftjt1Q
2023年12月7日 00:00 Microsoft Security Blog
Our fourth installation in the Cyberattack Series examines a smishing and social engineering attack and outlines the steps organizations can take to help minimize the risk and prepare for the possibility.
The post Protecting credentials against social engineering: Cyberattack Series appeared first on Microsoft Security Blog.
2023年12月7日 00:00 Microsoft Security Blog
Discover these three recent customer stories to better understand the full value of becoming cloud native.
The post 3 reasons why now is the time to go cloud native for device management appeared first on Microsoft Security Blog.
2023年12月7日 00:00 Microsoft Security Blog
In real-world customer engagements, Microsoft Incident Response (Microsoft IR) sees combinations of issues and misconfigurations that could lead to attacker access to customers’ Microsoft Entra ID tenants. Effective protection of a customer’s Entra ID tenant is less challenging than protecting an Active Directory deployment but does require governance and monitoring. Reducing risk and exposure of your most privileged accounts plays a critical role in preventing or detecting attempts at tenant-wide compromise.
The post Microsoft Incident Response lessons on preventing cloud identity compromise appeared first on Microsoft Security Blog.
2023年12月6日 23:57 Marco Ramilli Web Corner
Category: Malware Content: GEOBOX software for Raspberry Pi 4, emphasizing easy setup via a Windows or Mac app, detailed instructions, and 24/7 tech support. It offers traffic routing, VPN protocol support, DNS flexibility, proxy management, LTE modem support, container setup, and features like Proxy Mimic for IP masking and GPS emulation. The latest release includes […]
2023年12月6日 23:57 loecho
最终结果:
代理验证
单目标-存活检测
命令执行(嫖来的)
JNI Windows 命令执行 (嫖来的)
内存马管理(嫖来的)
代理管理
diy_狗洞
Stowaway
Spp 多协议代理 (Quic算法实现的TCP代理)
正向代理
反向代理
代理情况记录:
2023年12月6日 23:57 Marco Ramilli Web Corner
Category: DDoS Attack Content: Proof of down time: https://check-host.net/check-report/13b7857dkafa Source: telegram Source Link: https://t.me/starsxteam2/403 Threat Actor: StarsX Team Victimology Country : India Industry : Information Technology (IT) Services Organization : porter
2023年12月6日 23:57 Marco Ramilli Web Corner
Category: Malware Content: Threat actor is offering to add a digital signature to malware, certifying it to evade detection by SmartScreen. They provide a private key certificate and code signature to encrypt the executable file, along with other features like a time-server stamp and SmartScreen bypass. They offer USB token devices, certificates valid for 1-2 […]
2023年12月6日 23:57 Marco Ramilli Web Corner
Category: Ransomware Content: Group claims to have access to the organizations data. Source: tor Source Link: http://alphvmmm27o3abo3r2mlmjrpdmzle3rykajqc5xsj7j7ejksbpsa36ad.onion/d1f4e251-3b9d-4a88-96d4-c118584657f8 Threat Actor: ALPHV Victimology Country : Germany Industry : Think Tanks Organization : german energy agency (dena)
2023年12月6日 23:23 Packet Storm
Red Hat Security Advisory 2023-7602-03 - Red Hat OpenShift Container Platform release 4.13.25 is now available with updates to packages and images that fix several bugs.
2023年12月6日 23:23 Packet Storm
Red Hat Security Advisory 2023-7604-03 - Red Hat OpenShift Container Platform release 4.13.25 is now available with updates to packages and images that fix several bugs and add enhancements.
2023年12月6日 23:23 Packet Storm
Red Hat Security Advisory 2023-7606-03 - Red Hat OpenShift Container Platform release 4.13.25 is now available with updates to packages and images that fix several bugs and add enhancements.
2023年12月6日 23:23 Packet Storm
Red Hat Security Advisory 2023-7653-03 - An update to the images for Red Hat Integration - Service Registry is now available from the Red Hat Container Catalog. The purpose of this text-only errata is to inform you about the security issues fixed in this release. Issues addressed include bypass and denial of service vulnerabilities.
2023年12月6日 23:23 Packet Storm
Red Hat Security Advisory 2023-7656-03 - An update for the postgresql:12 module is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Issues addressed include integer overflow and remote SQL injection vulnerabilities.
2023年12月6日 23:23 Packet Storm
Red Hat Security Advisory 2023-7662-03 - An update for windows-machine-config-operator-bundle-container and windows-machine-config-operator-container is now available for Red Hat OpenShift Container Platform 4.11. Issues addressed include a privilege escalation vulnerability.
2023年12月6日 23:23 Packet Storm
Red Hat Security Advisory 2023-7663-03 - Red Hat OpenShift distributed tracing 3.0.0. Issues addressed include a denial of service vulnerability.