Cybersecurity information flow

干净的信息流推送工具,偏向安全圈的点点滴滴,为安全研究人员每日发现优质内容.

了解更多 »

最近更新
时间 节点
2023年9月23日 14:51 Github关注
State machines and statecharts for the modern web.
2023年9月23日 14:51 T00ls论坛
2023年9月23日 14:51 T00ls论坛
2023年9月23日 14:51 T00ls论坛
2023年9月23日 13:51 Github关注
2023年9月23日 13:51 T00ls论坛
2023年9月23日 13:34 Marco Ramilli Web Corner
Malware persistence is a crucial aspect of cyber threats that often goes unnoticed by unsuspecting users. In the realm of cybersecurity, it refers to the ability of malicious software to establish a foothold on a targeted system, allowing it to maintain its presence over an extended period. This persistence is achieved through various covert techniques, […]
2023年9月23日 13:11 freebuf
本文讲解如何通过 Contract Size Check 判断调用者身份。
2023年9月23日 12:51 Github关注
🍺 Scaffolding your Chrome extension! Boilerplates: react \ vue \ svelte \ solid \ preact \ alpine \ lit \ stencil \ inferno \ vanilla
2023年9月23日 10:31 T00ls论坛
2023年9月23日 10:11 freebuf
Apache Shiro 是一个可执行身份验证、授权、加密和会话管理的 Java 安全框架。
2023年9月23日 09:36 Microsoft Security Blog
Microsoft is proud to be recognized as a Leader in The Forrester Wave™: Zero Trust Platform Providers, Q3 2023 report.
The post Forrester names Microsoft a Leader in the 2023 Zero Trust Platform Providers Wave™ report appeared first on Microsoft Security Blog.
2023年9月23日 09:36 Microsoft Security Blog
For the fifth consecutive year, Microsoft 365 Defender demonstrated leading extended detection and response (XDR) capabilities in the independent MITRE Engenuity ATT&CK® Evaluations: Enterprise. The attack used during the test highlights the importance of a unified XDR platform and showcases Microsoft 365 Defender as a leading solution, enabled by next-gen protection, industry-first capabilities like automatic attack disruption, and more.
The post Microsoft 365 Defender demonstrates 100 percent protection coverage in the 2023 MITRE Engenuity ATT&CK® Evaluations: Enterprise  appeared first on Microsoft Security Blog.
2023年9月23日 09:36 Microsoft Security Blog
Today, Microsoft announced several major innovations to empower people across work and life and redefine how we live and work with AI.
The post New Microsoft security tools to protect families and businesses appeared first on Microsoft Security Blog.
2023年9月23日 09:31 Github关注
.NET port of Leron Gray's azbelt tool.
2023年9月23日 09:11 freebuf
总结推荐本周的热点资讯、安全事件、一周好文和省心工具,保证大家不错过本周的每一个重点!
2023年9月23日 09:01 Github_POC
SQL injection vulnerbility in jeecgboot jeecg-boot v 3.0, 3.5.3 that allows a remote attacker to execute arbitrary code via a crafted request to the report/jeecgboot/jmreport/queryFieldBySql component.
[GitHub]SQL injection vulnerbility in jeecgboot jeecg-boot v. allows a remote attacker to execute arbitrary code via a crafted request to the report/jeecgboot/jmreport/queryFieldBySql component.
2023年9月23日 08:11 freebuf
该项目在执行read模块时会从内核堆地址中拷贝信息到用户空间中去,但是这里的拷贝没有对长度做限制,因此存在着越界读的漏洞。
2023年9月23日 05:36 Black Hills Information Securi
The post Talkin’ About Infosec News – 9/18/2023 appeared first on Black Hills Information Security.
2023年9月23日 03:31 hackone
影响厂商:LinkedIn 奖励: 危险等级:critical
2023年9月23日 03:31 hackone
影响厂商:Nord Security 奖励:250.0USD 危险等级:medium
2023年9月23日 03:31 hackone
影响厂商:b'LinkedIn'(https://hackerone.com/linkedin) 
2023年9月23日 02:01 Packet Storm
Taskhub version 2.8.8 suffers from a cross site scripting vulnerability.
2023年9月23日 02:01 Packet Storm
Ubuntu Security Notice 6360-2 - USN-6360-1 fixed a vulnerability in FLAC. This update provides the corresponding update for Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, and Ubuntu 18.04 LTS. It was discovered that FLAC incorrectly handled encoding certain files. A remote attacker could use this issue to cause FLAC to crash, resulting in a denial of service, or possibly execute arbitrary code.
2023年9月23日 02:01 Packet Storm
Ftrace-based Linux loadable kernel module rootkit for Linux kernel versions 5.x and 6.x on x86_64. It hides files, hides process, hides a bind shell and reverse shell port, provides privilege escalation, and cleans up logs and bash history during installation.
2023年9月23日 02:01 Packet Storm
BDS Freebsd KLD rootkit for FreeBSD 13 that hides files, hides processes, hides ports, and has a bind shell backdoor.
2023年9月23日 02:01 Packet Storm
Elasticsearch version 8.5.3 stack overflow proof of concept exploit.
2023年9月23日 02:01 Packet Storm
Red Hat Security Advisory 2023-5337-01 - A security update for Camel K 1.10.2 is now available. The purpose of this text-only errata is to inform you about the security issues fixed. Issues addressed include a bypass vulnerability.
2023年9月23日 02:01 Packet Storm
Ubuntu Security Notice 6395-1 - Mickael Karatekin discovered that GNOME Shell incorrectly allowed the screenshot tool to view open windows when a session was locked. A local attacker could possibly use this issue to obtain sensitive information.
2023年9月23日 02:01 Packet Storm
Ubuntu Security Notice 6394-1 - It was discovered that Python incorrectly handled certain scripts. An attacker could possibly use this issue to execute arbitrary code or cause a crash.