-
Notifications
You must be signed in to change notification settings - Fork 230
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
2 changed files
with
234 additions
and
269 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,125 @@ | ||
| # 每日安全资讯(2025-01-12) | ||
|
|
||
| - Twitter @Nicolas Krassas | ||
| - [HTB: Sightless https://0xdf.gitlab.io/2025/01/11/htb-sightless.html](https://x.com/Dinosn/status/1878163997142213087) | ||
| - [Re @piedpiper1616 Looks like chatgpt wrote this](https://x.com/Dinosn/status/1878038502257877501) | ||
| - [DoJ Indicts Three Russians for Operating Crypto Mixers Used in Cybercrime Laundering https://thehackernews.com/2025/01/doj-indicts-three-russians-for....](https://x.com/Dinosn/status/1878003388274688322) | ||
| - [Microsoft Sues Hacking Group Exploiting Azure AI for Harmful Content Creation https://thehackernews.com/2025/01/microsoft-sues-hacking-group-exploitin...](https://x.com/Dinosn/status/1878003262273491307) | ||
| - [LDAP Watchdog: monitor record changes in an LDAP directory in real-time https://meterpreter.org/ldap-watchdog-monitor-record-changes-in-an-ldap-direct...](https://x.com/Dinosn/status/1877972215808852393) | ||
| - [MemProcFS Analyzer: Automated Forensic Analysis of Windows Memory Dumps https://meterpreter.org/memprocfs-analyzer-automated-forensic-analysis-of-wind...](https://x.com/Dinosn/status/1877967099139694902) | ||
| - [legba: multiprotocol credentials bruteforcer / password sprayer and enumerator https://meterpreter.org/legba-multiprotocol-credentials-bruteforcer-pas...](https://x.com/Dinosn/status/1877926759175159937) | ||
| - [CVE-2024-12847 (CVSS 9.8): NETGEAR Router Flaw Exploited in the Wild for Years, PoC Published https://securityonline.info/cve-2024-12847-cvss-9-8-netg...](https://x.com/Dinosn/status/1877926466765066607) | ||
| - [RT watchTowr: 🫡](https://x.com/Dinosn/status/1877926930000822468) | ||
| - Recent Commits to cve:main | ||
| - [Update Sat Jan 11 20:16:57 UTC 2025](https://github.com/trickest/cve/commit/a529fd5d50c90c432baec70219470b5f625a25a0) | ||
| - [Update Sat Jan 11 12:19:24 UTC 2025](https://github.com/trickest/cve/commit/4ee809fb0c944239e63a757ad04299a07cefae04) | ||
| - [Update Sat Jan 11 04:10:25 UTC 2025](https://github.com/trickest/cve/commit/b1d77c9032f2c34f807b30264034a2a5ea416a0b) | ||
| - Security Boulevard | ||
| - [Advancements in Machine Identity Protections](https://securityboulevard.com/2025/01/advancements-in-machine-identity-protections/) | ||
| - [From Chaos to Control: Building Your Company’s Access Management Foundation](https://securityboulevard.com/2025/01/from-chaos-to-control-building-your-companys-access-management-foundation/) | ||
| - [DEF CON 32 – Porn & Privacy – ET](https://securityboulevard.com/2025/01/def-con-32-porn-privacy-et/) | ||
| - InfoSec Write-ups - Medium | ||
| - [Linux Shells [Cyber Security 101] Learning Path TryHackMe Writeup | Detailed Walkthrough](https://infosecwriteups.com/linux-shells-cyber-security-101-learning-path-tryhackme-writeup-detailed-walkthrough-440e6863fb1a?source=rss----7b722bfd1b8d---4) | ||
| - [Windows PowerShell [Cyber Security 101 ] Learning Path TryHackMe Writeup | Detailed Walkthrough](https://infosecwriteups.com/windows-powershell-cyber-security-101-learning-path-tryhackme-writeup-detailed-walkthrough-958e3f1ec51b?source=rss----7b722bfd1b8d---4) | ||
| - [SQLMap: The Basics [ Cyber Security 101 ] TryHackMe Writeup | Detailed Walkthrough | THM Premium…](https://infosecwriteups.com/sqlmap-the-basics-cyber-security-101-tryhackme-writeup-detailed-walkthrough-thm-premium-9c04f57cc574?source=rss----7b722bfd1b8d---4) | ||
| - [Reversing, Discovering, And Exploiting A TP-Link Router Vulnerability — CVE-2024–54887](https://infosecwriteups.com/reversing-discovering-and-exploiting-a-tp-link-router-vulnerability-cve-2024-54887-341552c4b104?source=rss----7b722bfd1b8d---4) | ||
| - [Revisiting a Simple SQL Injection Methodology](https://infosecwriteups.com/revisiting-a-simple-sql-injection-methodology-ecd42634a21e?source=rss----7b722bfd1b8d---4) | ||
| - [Hacking Cicada on HackTheBox: An OSCP Step-by-Step Journey](https://infosecwriteups.com/hacking-cicada-on-hackthebox-an-oscp-step-by-step-journey-abd7e56ab53e?source=rss----7b722bfd1b8d---4) | ||
| - 一个被知识诅咒的人 | ||
| - [【人工智能】构建智能语音助手:使用Python实现语音识别与合成的全面指南](https://blog.csdn.net/nokiaguy/article/details/145075956) | ||
| - [【人工智能】用Python进行对象检测:从OpenCV到YOLO的全面指南](https://blog.csdn.net/nokiaguy/article/details/145075935) | ||
| - SecWiki News | ||
| - [SecWiki News 2025-01-11 Review](http://www.sec-wiki.com/?2025-01-11) | ||
| - Bug Bounty in InfoSec Write-ups on Medium | ||
| - [Revisiting a Simple SQL Injection Methodology](https://infosecwriteups.com/revisiting-a-simple-sql-injection-methodology-ecd42634a21e?source=rss----7b722bfd1b8d--bug_bounty) | ||
| - Reverse Engineering | ||
| - [Reverse-engineering meets AI: My new benchmark asks you to deduce hidden byte transforms—thoughts?](https://www.reddit.com/r/ReverseEngineering/comments/1hyuf9w/reverseengineering_meets_ai_my_new_benchmark_asks/) | ||
| - HAHWUL | ||
| - [ZAP 2.16 Review ⚡️](https://www.hahwul.com/2025/01/11/zap-2-16-review/) | ||
| - Malware-Traffic-Analysis.net - Blog Entries | ||
| - [2025-01-09: CVE-2017-0199 XLS --> HTA --> VBS --> steganography --> DBatLoader/GuiLoader style malware](https://www.malware-traffic-analysis.net/2025/01/09/index.html) | ||
| - HAHWUL | ||
| - [ZAP 2.16 Review ⚡️](https://www.hahwul.com/2025/01/11/zap-2-16-review/) | ||
| - 奇客Solidot–传递最新科技情报 | ||
| - [物理学家发现新粒子分数激子](https://www.solidot.org/story?sid=80307) | ||
| - [YouTube 主播向 AI 公司出售未发布视频去训练 AI](https://www.solidot.org/story?sid=80306) | ||
| - [世界最强超算 El Capitan 正式启用](https://www.solidot.org/story?sid=80305) | ||
| - [StackOverflow 新问题数量大幅减少](https://www.solidot.org/story?sid=80304) | ||
| - [德国众多大学机构集体宣布退出 X](https://www.solidot.org/story?sid=80303) | ||
| - [Automattic 大幅缩减对 WordPress.org 的支持](https://www.solidot.org/story?sid=80302) | ||
| - [巴西给 Meta 72 小时时间解释其事实核查政策的变化](https://www.solidot.org/story?sid=80301) | ||
| - 杨龙 | ||
| - [-2209017943](https://www.yanglong.pro/2209017943-2/) | ||
| - 黑海洋 - IT技术知识库 | ||
| - [Fluent Read:上下文语境的人工智能翻译引擎(浏览器插件)](https://blog.upx8.com/4651) | ||
| - 长亭安全应急响应中心 | ||
| - [【已复现】Ivanti Connect Secure 堆栈溢出致远程代码执行漏洞(CVE-2025-0282)](https://mp.weixin.qq.com/s?__biz=MzIwMDk1MjMyMg==&mid=2247492691&idx=1&sn=e1d64db4b8957907e6417a61d2c40fa4&chksm=96f7fb3ea1807228c78b8469fdfa3a9fad83374094781eb88c48ae6e598331b3bd87ae4c659c&scene=58&subscene=0#rd) | ||
| - 看雪学苑 | ||
| - [CTF自毁程序密码:逆向分析](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458588573&idx=1&sn=c40b84e0094dfcbca49818f166d4c1f8&chksm=b18c251786fbac0172b4c573bca3dbdc17e0efad3bf6e5dace210a9b96023fdf89feccf64ba1&scene=58&subscene=0#rd) | ||
| - 安全内参 | ||
| - [网站域名遭非法盗用篡改,郑州两家公司被行政处罚](https://mp.weixin.qq.com/s?__biz=MzI4NDY2MDMwMw==&mid=2247513467&idx=1&sn=3ea80990fd1c334a5bbf3e29305787b1&chksm=ebfaf25bdc8d7b4dad90dcea755636cf357c28f3dcec82aaf943cbeefa88a5b135fbdc372038&scene=58&subscene=0#rd) | ||
| - 威努特安全网络 | ||
| - [我国牵头的国际标准发布,联合国航空数据库遭入侵 | 一周特辑](https://mp.weixin.qq.com/s?__biz=MzAwNTgyODU3NQ==&mid=2651130318&idx=1&sn=322960576db32a5d4485b1c0dc16d542&chksm=80e7137eb7909a680deaa85714119cb89492b504024287b112b4cab04f1b3fdc24bbab99c3e0&scene=58&subscene=0#rd) | ||
| - dotNet安全矩阵 | ||
| - [.NET 第54期红队武器库和资源汇总](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498152&idx=1&sn=e082b4077e255091892be37fff847a78&chksm=fa595745cd2ede53bf9b66ae351f313cf7bf5dd1650cf01cd2dab30f1a615a0813a8427e859a&scene=58&subscene=0#rd) | ||
| - [国内最专业、最全面的 [ .NET 代码审计 ] 体系化学习交流社区](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498152&idx=2&sn=68b7c98d93dba9cd5cb2feb37795f5c0&chksm=fa595745cd2ede5310d59456ace4b1b2d00ad3e60a2946ee0a394adc50759ab9b978584b956a&scene=58&subscene=0#rd) | ||
| - [无独有偶,通过.NET反序列化漏洞实现 Visual Studio 钓鱼攻击](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498152&idx=3&sn=a45de16edbca5168f73ea7ed4ffeca36&chksm=fa595745cd2ede53cd0f763edff055aeced78d85bdeea1f2be5fd2d80d72a65ed86e0df928f3&scene=58&subscene=0#rd) | ||
| - 丁爸 情报分析师的工具箱 | ||
| - [【资料】创建开源情报机构的理由](https://mp.weixin.qq.com/s?__biz=MzI2MTE0NTE3Mw==&mid=2651148500&idx=1&sn=6cb5b45ccad95f39148ef2240c25d8f8&chksm=f1af27eec6d8aef85b73213a31ddbb5ff35a3ab0c56351b3885e6105b67a593a975858b141d8&scene=58&subscene=0#rd) | ||
| - 安全分析与研究 | ||
| - [新型Hellcat勒索病毒分析](https://mp.weixin.qq.com/s?__biz=MzA4ODEyODA3MQ==&mid=2247489905&idx=1&sn=d221af8624b76e73a62cffd81d4afb24&chksm=902fb659a7583f4f105f2bc9bb1490bdf8d2781611e9f73c12246ee56ca3b7525b5263d975bd&scene=58&subscene=0#rd) | ||
| - 极客公园 | ||
| - [特朗普上任前,Meta、微软等取消多元化项目;新 Model Y 上市,雷军隔空玩梗;京东 App 大改版 | 极客早知道](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653071834&idx=1&sn=9726e5881ed20e810b87b68ef06af200&chksm=7e57d46c49205d7a678f880e93b38ad8df5661f949d2dd27442559ef9f751a6af0d9bc2b6514&scene=58&subscene=0#rd) | ||
| - 网络空间安全科学学报 | ||
| - [学术前沿 | 鹏城实验室威胁情报团队:网络威胁情报共享与融合技术综述](https://mp.weixin.qq.com/s?__biz=MzI0NjU2NDMwNQ==&mid=2247504587&idx=1&sn=4eaf1ab6a4b15883ae9a77be4357a271&chksm=e9bfc675dec84f63b347462da5f7bce1abed74f36bf037a16432d25f075367ff3d1fd224cdf6&scene=58&subscene=0#rd) | ||
| - 安全圈 | ||
| - [【安全圈】江苏一男子利用小程序Bug逃匿28万加油费,法院判了](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067274&idx=1&sn=5bef640b5980a10e736f5e8b28bb6773&chksm=f36e798ac419f09cdbd5129a3bf75829108cf7f7a7de0b1d6ac854dbbb635e3a6b7d50a7bd0d&scene=58&subscene=0#rd) | ||
| - [【安全圈】涉案3.3亿!有人非法搭建支付平台获利超200万](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067274&idx=2&sn=792e4a8d18c9865be6e1131bf29116e9&chksm=f36e798ac419f09c4674ed1ba0a3d10573e7a3ba50adc72984e3afc698d37c2172cb8076dc0b&scene=58&subscene=0#rd) | ||
| - [【安全圈】Ivanti VPN 零日漏洞正在被黑客利用](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067274&idx=3&sn=8eb5cc6c0a00bef351ca6ec387133310&chksm=f36e798ac419f09cca9472d89e0009706062cc803d7b61065e39083441ba8c9e646c932b6efe&scene=58&subscene=0#rd) | ||
| - 迪哥讲事 | ||
| - [从 SQL 注入到远程代码执行](https://mp.weixin.qq.com/s?__biz=MzIzMTIzNTM0MA==&mid=2247496813&idx=1&sn=eab6d19d242d637c1797d76ec3ae43fa&chksm=e8a5fe0edfd277188a3ce54336fe9ddf992716daadef1e899d9d6e4de34f5c25335a2222782c&scene=58&subscene=0#rd) | ||
| - GobySec | ||
| - [锦鲤揭秘时刻!快来看看锦鲤礼包花落谁家吧~](https://mp.weixin.qq.com/s?__biz=MzI4MzcwNTAzOQ==&mid=2247545717&idx=1&sn=309283dd2ed10d791e052cf798b5e174&chksm=eb84d8d5dcf351c3ade60c164cef5dcf834d3e5db4c15add66752b789281fb770f82226b0664&scene=58&subscene=0#rd) | ||
| - Over Security - Cybersecurity news aggregator | ||
| - [Scammers file first — Get your IRS Identity Protection PIN now](https://www.bleepingcomputer.com/news/security/scammers-file-first-get-your-irs-identity-protection-pin-now/) | ||
| - [Fake LDAPNightmware exploit on GitHub spreads infostealer malware](https://www.bleepingcomputer.com/news/security/fake-ldapnightmware-exploit-on-github-spreads-infostealer-malware/) | ||
| - 山石网科安全技术研究院 | ||
| - [2024年度重大数据泄露事件盘点-国外版](https://mp.weixin.qq.com/s?__biz=MzUzMDUxNTE1Mw==&mid=2247509629&idx=1&sn=29247d0381639fa3501942c67c219470&chksm=fa5273c3cd25fad5d99967bf051e1337733f3c3082433d432cf1da5a2100a7b651661c585277&scene=58&subscene=0#rd) | ||
| - 吴鲁加 | ||
| - [我工作里使用的软件和工作流](https://mp.weixin.qq.com/s?__biz=Mzg5NDY4ODM1MA==&mid=2247485135&idx=1&sn=0510f35c72516e30adcd494474dd6df1&chksm=c01a8bfef76d02e8f7fb3e9696d8b0cee09ab8dee030fe992b916e71468791be793abbc80527&scene=58&subscene=0#rd) | ||
| - ICT Security Magazine | ||
| - [Living-off-the-Land Binaries (LOLBins) negli attacchi fileless: Analisi Tecnica e Implicazioni per la Sicurezza](https://www.ictsecuritymagazine.com/articoli/living-off-the-land-binaries-lolbins/) | ||
| - Deep Web | ||
| - [Would you like this reward?](https://www.reddit.com/r/deepweb/comments/1hz9bjv/would_you_like_this_reward/) | ||
| - Information Security | ||
| - [Open Source Shadow IT Detection](https://www.reddit.com/r/Information_Security/comments/1hyoren/open_source_shadow_it_detection/) | ||
| - Computer Forensics | ||
| - [How do you read a $MFT? (First Computer Forensics class)](https://www.reddit.com/r/computerforensics/comments/1hyvbdc/how_do_you_read_a_mft_first_computer_forensics/) | ||
| - Your Open Hacker Community | ||
| - [Getting infinite lives in Prehistorik on Windows 11](https://www.reddit.com/r/HowToHack/comments/1hz6pee/getting_infinite_lives_in_prehistorik_on_windows/) | ||
| - [How to convert a password protected zip file into a RAR file?](https://www.reddit.com/r/HowToHack/comments/1hz3bgu/how_to_convert_a_password_protected_zip_file_into/) | ||
| - [recovering google account](https://www.reddit.com/r/HowToHack/comments/1hyx8qq/recovering_google_account/) | ||
| - [Has anyone tried hijacking school Apple TVs for a prank?](https://www.reddit.com/r/HowToHack/comments/1hz3nxz/has_anyone_tried_hijacking_school_apple_tvs_for_a/) | ||
| - [Help](https://www.reddit.com/r/HowToHack/comments/1hyzqf5/help/) | ||
| - [Can anyone help me with a teleg private group(pls dm me)](https://www.reddit.com/r/HowToHack/comments/1hyzpji/can_anyone_help_me_with_a_teleg_private_grouppls/) | ||
| - [I need to find someone's IP address or something](https://www.reddit.com/r/HowToHack/comments/1hyzxt3/i_need_to_find_someones_ip_address_or_something/) | ||
| - OnionSec | ||
| - [短文:对现实里网络安全领域的新认识](https://mp.weixin.qq.com/s?__biz=MzUyMTUwMzI3Ng==&mid=2247485562&idx=1&sn=8b6790ca85055bf567130a044261ebda&chksm=f9db5f39ceacd62f1d9d93c36893e92be17a408acced658927b37d165077e523234bfe823d95&scene=58&subscene=0#rd) | ||
| - 银针安全 | ||
| - [高版本Fastjson在Java原生反序列化中的利用](https://mp.weixin.qq.com/s?__biz=Mzg2MDY2ODc5MA==&mid=2247484185&idx=1&sn=9068c43597d87c94568fe70974fd6365&chksm=ce239500f9541c160287b545120d6495c7a2aa9c5c75e0ad101c7a3d3600e86ea6b64ef75f63&scene=58&subscene=0#rd) | ||
| - 希潭实验室 | ||
| - [第112篇:美国APT震网病毒入侵伊朗核工厂后续与启示(第4篇)](https://mp.weixin.qq.com/s?__biz=MzkzMjI1NjI3Ng==&mid=2247487306&idx=1&sn=00dc7cf337a613d22207cecd7674ec88&chksm=c25fc031f5284927d968a7121718ccfa82db72798405bf0100bd1d248c3cb88d1360e288e491&scene=58&subscene=0#rd) | ||
| - Technical Information Security Content & Discussion | ||
| - [$2m laundered: the YouTube crypto tutorials’ huge scam (investigation)](https://www.reddit.com/r/netsec/comments/1hz54x4/2m_laundered_the_youtube_crypto_tutorials_huge/) | ||
| - [Gayfemboy: A Botnet Deliver Through a Four-Faith Industrial Router 0-day Exploit.](https://www.reddit.com/r/netsec/comments/1hyjjpb/gayfemboy_a_botnet_deliver_through_a_fourfaith/) | ||
| - Blackhat Library: Hacking techniques and research | ||
| - [Telefonica Breach: Infostealer Malware Opens Door for Social Engineering Tactics](https://www.reddit.com/r/blackhat/comments/1hysvc3/telefonica_breach_infostealer_malware_opens_door/) | ||
| - The Hacker News | ||
| - [Microsoft Sues Hacking Group Exploiting Azure AI for Harmful Content Creation](https://thehackernews.com/2025/01/microsoft-sues-hacking-group-exploiting.html) | ||
| - [DoJ Indicts Three Russians for Operating Crypto Mixers Used in Cybercrime Laundering](https://thehackernews.com/2025/01/doj-indicts-three-russians-for.html) | ||
| - Security Affairs | ||
| - [DoJ charged three Russian citizens with operating crypto-mixing services](https://securityaffairs.com/172957/cyber-crime/doj-charged-russian-citizens-with-operating-crypto-mixing-services.html) | ||
| - [U.S. cannabis dispensary STIIIZY disclosed a data breach](https://securityaffairs.com/172950/data-breach/marijuana-dispensary-stiiizy-data-breach.html) | ||
| - [A novel PayPal phishing campaign hijacks accounts](https://securityaffairs.com/172935/cyber-crime/paypal-phishing-campaign-hijacks-accounts.html) | ||
| - Social Engineering | ||
| - [The hidden psychology of abusers](https://www.reddit.com/r/SocialEngineering/comments/1hyxk74/the_hidden_psychology_of_abusers/) |
Oops, something went wrong.