today.md

每日安全资讯（2022-04-16）

• Files ≈ Packet Storm
  • Asterisk Project Security Advisory - AST-2022-003
  • Asterisk Project Security Advisory - AST-2022-002
  • Asterisk Project Security Advisory - AST-2022-001
  • Siemens A8000 CP-8050/CP-8031 SICAM WEB Missing File Download / Missing Authentication
  • Are You Really Muted? A Privacy Analysis Of Mute Buttons In Video Conferencing Apps
  • Backdoor.Win32.NetSpy.10 Remote Command Execution
  • Backdoor.Win32.NetCat32.10 Remote Command Execution
  • Backdoor.Win32.NinjaSpy.c Authentication Bypass
  • Email-Worm.Win32.Pluto.b Insecure Permissions
  • Backdoor.Win32.Kilo.016 Denial Of Service
  • HackTool.Win32.IpcScan.c Buffer Overflow
  • Backdoor.Win32.Psychward.03.a Weak Hardcoded Password
  • Backdoor.Win32.Prorat.cwx Insecure Permissions
  • Backdoor.Win32.MotivFTP.12 Authentication Bypass
  • Red Hat Security Advisory 2022-1379-01
  • Red Hat Security Advisory 2022-1378-01
  • Microsoft HTTP Protocol Stack Denial Of Service
• Sec-News 安全文摘
  • SCA的困境和出路
• CXSECURITY Database RSS Feed - CXSecurity.com
  • Easy!Appointments Information Disclosure
  • Backdoor.Win32.NinjaSpy.c / Authentication Bypass
  • jsharp Technology - Sql Injection Vulnerability
  • Signature Software - Sql Injection Vulnerability
  • Miracle Hunt Services - Sql Injection Vulnerability
  • HackTool.Win32.IpcScan.c / Local Stack Buffer Overflow
  • Email-Worm.Win32.Pluto.b / Insecure Permissions
  • Backdoor.Win32.Prorat.cwx / Insecure Permissions
  • Backdoor.Win32.NetSpy.10 / Unauthenticated Remote Command Execution
  • Backdoor.Win32.Psychward.03.a / Weak Hardcoded Password
  • Backdoor.Win32.Kilo.016 / Denial of Service (UDP Datagram)
  • Backdoor.Win32.NetCat32.10 / Unauthenticated Remote Command Execution
• Sploitus.com Exploits RSS Feed
  • Backdoor.Win32.Kilo.016 Denial Of Service exploit
  • Backdoor.Win32.NetCat32.10 Remote Command Execution exploit
  • Siemens A8000 CP-8050/CP-8031 SICAM WEB Missing File Download / Missing Authentication exploit
  • Backdoor.Win32.NetSpy.10 Remote Command Execution exploit
  • Microsoft HTTP Protocol Stack Denial Of Service exploit
  • Backdoor.Win32.MotivFTP.12 Authentication Bypass exploit
  • Backdoor.Win32.Psychward.03.a Weak Hardcoded Password exploit
  • Email-Worm.Win32.Pluto.b Insecure Permissions exploit
  • Backdoor.Win32.Prorat.cwx Insecure Permissions exploit
  • HackTool.Win32.IpcScan.c Buffer Overflow exploit
  • Backdoor.Win32.NinjaSpy.c Authentication Bypass exploit
  • Exploit for CVE-2021-31805 exploit
  • Exploit for CVE-2022-22954 exploit
  • Exploit for CVE-2022-26809 exploit
  • Exploit for Vulnerability in Wps Wps Office exploit
  • Exploit for Vulnerability in Microsoft exploit
  • Exploit for Code Injection in Vmware Spring Cloud Gateway exploit
  • Exploit for CVE-2022-29072 exploit
• 跳跳糖 - 安全与分享社区
  • 内网渗透--NTLM中继与反射浅析
• Security Boulevard
  • PHP Web Application Security – How to protect your WordPress website
  • What’s the Best Movie About Hackers? (Book Review)
  • INCONTROLLER: Acting to Protect Customers from Unknown Threats
  • BSides Budapest 2021: Vivek Malik’s & Kumar Vikramjeet’s ‘One Stop Anomaly Shop’
  • Russia Losing War Because Unable to “Build Airplane in Flight”
  • CISO Thoughts with David Lindner – April 15
  • Online Document Verification: How Does It Work?
  • Joy Of Tech® ‘AI Mood Detector’
• obaby@mars
  • Win10修改已连接网络的名称
• 安全客-有思想的安全新媒体
  • CVE-2021-22205 GITLAB 未授权 RCE 漏洞
  • 专题·网安意识 | 美国网络安全意识教育举措概述
  • 360核心安全大脑，将17年积累的安全能力直达用户
  • 2022安全客优质分享计划第一期 | V8 Inline Cache源码分析
  • ERC721R 风险分析
  • 数字安全观察-每周简报 （2022.03.26 -2022.04.08）
  • 数据安全事件应急及溯源分析实践案例
  • 新的Fodcha DDoS僵尸网络每天针对100多名受害者
• FreeBuf网络安全行业门户
  • 思科修复高危身份验证绕过漏洞
  • 新型Enemybot DDoS僵尸网络借用Mirai和Gafgyt攻击代码
  • CISA警告机构修补积极利用的Windows LPE错误
  • FreeBuf甲方群话题讨论 | 聊聊企业资产安全管理
  • 谷歌浏览器紧急更新，又修复一零日漏洞
  • 想不到，美国核设施太老竟成保命关键？
  • 2022年第一季度美国数据泄露持续上升，“未知”成最大攻击媒介
  • 常见框架漏洞复现—Apache Struts2
  • Spring Cloud Gateway 远程代码执行漏洞分析（CVE-2022-22947）
• 绿盟科技技术博客
  • 俄乌信息技术供应链制裁中的认知“谜团”观察
• Trail of Bits Blog
  • The Frozen Heart vulnerability in Bulletproofs
• SpiderLabs Blog from Trustwave
  • Tough Times for Ukrainian Honeypot?
• Hex Rays
  • Igor’s tip of the week #85: Source-level debugging
• Reverse Engineering
  • How to Troubleshoot Arcade Boards! Reverse engineering Konami security keys and chips
  • I failed... but tomorrow is another day
• The Daily Swig | Cybersecurity news and views
  • Tearing down red flags: Women in CyberSecurity’s Lynn Dohm on tackling the high exit rate of female infosec pros
• Hacking Articles
  • A Detailed Guide on Medusa
• SentinelOne
  • The Good, the Bad and the Ugly in Cybersecurity – Week 16
• HAHWUL
  • SSE(Server Sent Event)
• Ghostlulz Hacks
  • Cypher Injection (Neo4j) Graph Databases
• 奇客Solidot–传递最新科技情报
  • 主要平台宣布将展示帐号 IP 属地
  • Google 释出紧急更新修复正被利用的 Chrome 0day 漏洞
  • 密码检查算法高危漏洞允许任何人登陆思科的 Wi-Fi 管理软件
  • 从简单 AI 获得新理解
  • 儿童严重肝病病例引发国际调查
  • 融化的冰盖可能不会阻挡洋流
  • 热电池可有效将风能太阳能存储在可再生电网中
  • 玩家普及 Windows 11 的速度远逊于 Windows 10
  • 视频网站禁止直播未经批准的网游
  • 俄罗斯干扰乌克兰地区的 GPS 信号
  • Twitter 董事会准备反击 Elon Musk 的收购提议
• KitPloit - PenTest & Hacking Tools
  • Shhhloader - SysWhispers Shellcode Loader
  • modifyCertTemplate - ADCS Cert Template Modification And ACL Enumeration
• Blog – NTT Application Security
  • 4 Cybersecurity Tax Tips for Last-Minute Filers
• Forensic Focus
  • Magnet Forensics Previews New and Upcoming Product Updates to Magnet Digital Investigation Suite
  • Oxygen Forensics presents major enhancements to computer artifact support
• Have I Been Pwned latest breaches
  • Avvo - 4,101,101 breached accounts
• IT Service Management News
  • Stato degli standard ISO/IEC 270xx
• Troy Hunt's Blog
  • Breach Disclosure Blow-by-Blow: Here's Why It's so Hard
  • Weekly Update 291
• Il Disinformatico
  • Podcast RSI - Il primo video virale di Internet: Star Wars Kid
• Daniel Miessler
  • A Quick Thought on Musk Buying Twitter
• 0x00sec - The Home of the Hacker - Top topics
  • Awesome malware development resources
• SANS Internet Storm Center, InfoCON: green
  • ISC Stormcast For Friday, April 15th, 2022 https://isc.sans.edu/podcastdetail.html?id=7966, (Fri, Apr 15th)
• Schneier on Security
  • Friday Squid Blogging: Strawberry Squid Video
• bellingcat
  • Russia’s QAnon Followers Can’t Make Up Their Minds About Ukraine
• TG Soft Software House - News
  • Auguri di Buona Pasqua dallo staff di TG Soft Cyber Security Specialist
• IntelTechniques Blog
  • The Privacy, Security, & OSINT Show – Episode 257
• Security Affairs
  • Threat actors use Zimbra exploits to target organizations in Ukraine
  • Conti Ransomware Gang claims responsibility for the Nordex hack
  • ZingoStealer crimeware released for free in the cybercrime ecosystem
  • Auth bypass flaw in Cisco Wireless LAN Controller Software allows device takeover
  • Google fixed third zero-day in Chrome since the start of 2022
  • Ways to Develop a Cybersecurity Training Program for Employees
  • Analysis of the SunnyDay ransomware
• The Register - Security
  • Feds offer $5m reward for info on North Korean cyber crooks
  • Star loses $500,000 NFT after crooks exploit Rarible market
  • Cybercriminals do their homework for latest banking scam
  • Google issues third emergency fix for Chrome this year
  • North Korea's Lazarus cyber-gang caught 'spying' on chemical sector companies
• Dark Reading
  • Google Emergency Update Fixes Chrome Zero-Day
  • Cloud Cost, Reliability Raise IT Concerns
  • Lazarus Targets Chemical Sector With 'Dream Jobs,' Then Trojans
  • CISA Alert on ICS, SCADA Devices Highlights Growing Enterprise IoT Security Risks
  • Cybersecurity Act of 2022: A Step in the Right Direction With a Significant Loophole
• Securityinfo.it
  • Nuovo malware cinese per Windows
  • Gli APT minacciano le infrastrutture critiche
• TS-WAY
  • Weekly Threats N. 15 2022
• KitPloit - PenTest Tools!
  • Shhhloader - SysWhispers Shellcode Loader
  • modifyCertTemplate - ADCS Cert Template Modification And ACL Enumeration
• Threatpost
  • Karakurt Ensnares Conti, Diavol Ransomware Groups in Its Web
• TorrentFreak
  • DuckDuckGo Removes Pirate Sites and YouTube-DL from Its Search Results
  • YouTube Rejects Movie Piracy Claims and Content ID Critique
• Computer Forensics
  • Autopsy web cache understanding
  • How Mobile Forensic tools work ??
• Full Disclosure
  • Adversary3 v1.0 / Malware vulnerability intel tool for third-party attackers / updated
  • Email-Worm.Win32.Pluto.b / Insecure Permissions
  • Backdoor.Win32.Kilo.016 / Denial of Service (UDP Datagram)
  • Backdoor.Win32.NinjaSpy.c / Authentication Bypass
  • Backdoor.Win32.NetSpy.10 / Unauthenticated Remote Command Execution
  • Backdoor.Win32.NetCat32.10 / Unauthenticated Remote Command Execution
  • HackTool.Win32.IpcScan.c / Local Stack Buffer Overflow
  • Backdoor.Win32.Psychward.03.a / Weak Hardcoded Password
  • Backdoor.Win32.Prorat.cwx / Insecure Permissions
  • Backdoor.Win32.MotivFTP.12 / Authentication Bypass
  • SEC Consult SA-20220413 :: Missing Authentication at File Download & Denial of Service in Siemens A8000 PLC
• Your Hacking Tutorial by Zempirians
  • How to identify zero-day phishing URL
  • Windows Reverse Shell - Ethical Hacking
  • Evil-WinRM broken
  • Any RAT's working in 2022?
  • How does Nmap and Directory Traversal on a low level?
  • How to download firmware for security cameras
• /r/netsec - Information Security News & Discussion
  • [Techmonitor.ai] Failed cyberattack on Ukraine's electricity grid could indicate Russia's growing willingness to attack critical infrastructure
  • iViewed your API keys
  • New tool to exploit TURN servers - create a socks proxy into the internal network
  • Multiple Vulnerabilities in Cisco Expressway
  • Turncoat - Extract private messages from malware/phishing Telegram Bots
  • PYSA Ransomware Group Technical Analysis
• Blackhat Library: Hacking techniques and research
  • Delta Controls enteliTOUCH 3.40.3935 Cross Site Scripting ≈ Packet Storm
  • Open source software fuzzing with AFL
• Hakin9 – IT Security Magazine
  • 365Inspect - a PowerShell script that automates the security assessment of Microsoft Office 365 environments
• Deeplinks
  • Let's Encrypt Wins Levchin Prize For Work On Internet Security
• Paul's Security Weekly
  • ESW #269 - Bob Erdman & Justin Tolman
  • SWN #204 - Struts, Management Networks, Elon Spits in My Soup, & Zero-Days - Wrap Up
  • PSW #736 - Mike Wilkes & Amanda Berlin