From 54ad457e2729edd60fd8fd9f91be249ff59e2529 Mon Sep 17 00:00:00 2001 From: zh-ao-ch-en <2434417767@qq.com> Date: Sat, 11 Jan 2025 15:09:57 +0800 Subject: [PATCH 01/29] 1 --- .github/workflows/auto-close.yml | 2 +- .github/workflows/comment.yml | 23 +++++++++++------------ 2 files changed, 12 insertions(+), 13 deletions(-) diff --git a/.github/workflows/auto-close.yml b/.github/workflows/auto-close.yml index b8cfaa197e..b082b290c6 100644 --- a/.github/workflows/auto-close.yml +++ b/.github/workflows/auto-close.yml @@ -1,7 +1,7 @@ name: Close inactive issues on: schedule: - - cron: "30 1 * * *" + - cron: "30 * * * *" workflow_dispatch: jobs: diff --git a/.github/workflows/comment.yml b/.github/workflows/comment.yml index 695391e951..708e28a010 100644 --- a/.github/workflows/comment.yml +++ b/.github/workflows/comment.yml @@ -18,16 +18,15 @@ jobs: run: | body=`echo ${{ toJson(github.event.comment.body) }} | sed "s/\"/\\\'/g"` echo "::set-output name=body::$body" - - name: Send dingding notify - uses: zcong1993/actions-ding@master - with: - dingToken: ${{ secrets.PICKER_DINGTALK_KEY }} - secret: ${{ secrets.PICKER_DINGTALK_SECRET }} - body: | - { - "msgtype": "markdown", - "markdown": { - "text": " ${{ github.event.comment.user.login }} 评论了 [${{ steps.title.outputs.title }}](${{ github.event.comment.html_url }}): \n\n${{ steps.body.outputs.body }}", - "title": "${{ steps.title.outputs.title }} 新增评论" - } + - name: Send WeCom notify + run: | + curl -X POST "https://qyapi.weixin.qq.com/cgi-bin/webhook/send?key=${{ secrets.WECOM_KEY }}" \ + -H "Content-Type: application/json" \ + -d '{ + "msgtype": "markdown", + "markdown": { + "text": " *${{ github.event.comment.user.login }}* 评论了 [${{ steps.title.outputs.title }}](${{ github.event.comment.html_url }}): \n\n${{ steps.body.outputs.body }}", + "title": "${{ steps.title.outputs.title }} 新增评论" } + }' + From 3eaebfbdfefbab3eed5a3d0f0528842fac05daee Mon Sep 17 00:00:00 2001 From: zh-ao-ch-en <2434417767@qq.com> Date: Sat, 11 Jan 2025 15:54:25 +0800 Subject: [PATCH 02/29] Update check.yml --- .github/workflows/check.yml | 24 +++++++++++++++++++++++- 1 file changed, 23 insertions(+), 1 deletion(-) diff --git a/.github/workflows/check.yml b/.github/workflows/check.yml index 30a7dd9cc0..2d093f7505 100644 --- a/.github/workflows/check.yml +++ b/.github/workflows/check.yml @@ -39,4 +39,26 @@ jobs: MAIL_KEY: ${{ secrets.MAIL_KEY }} MAIL_RECEIVER: ${{ secrets.MAIL_RECEIVER }} GITHUB_TOKEN: ${{ secrets.MY_GITHUB_TOKEN }} - run: python3 picker.py --check \ No newline at end of file + run: python3 picker.py --check + name: Create GitHub Issue + +on: + push: + branches: + - main + +jobs: + create_issue: + runs-on: ubuntu-latest + steps: + - name: Checkout repository + uses: actions/checkout@v2 + + - name: Set up GitHub CLI + uses: cli/cli@v2 + + - name: Create GitHub issue + env: + GH_TOKEN: ${{ github.token }} # 设置 GitHub token + run: | + gh issue create --title "[每日信息流] $(date +'%Y-%m-%d')" -F today.md --label "daily" From 656f91b1686db568d9ac1d2723b768884cdfa810 Mon Sep 17 00:00:00 2001 From: zh-ao-ch-en <2434417767@qq.com> Date: Sat, 11 Jan 2025 16:08:09 +0800 Subject: [PATCH 03/29] Update check.yml --- .github/workflows/check.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.github/workflows/check.yml b/.github/workflows/check.yml index 2d093f7505..37b4be8f5e 100644 --- a/.github/workflows/check.yml +++ b/.github/workflows/check.yml @@ -51,6 +51,9 @@ jobs: create_issue: runs-on: ubuntu-latest steps: + - name: Install GitHub CLI + run: sudo apt-get install gh + - name: Checkout repository uses: actions/checkout@v2 From 1ad6538e9ab769e95754f0f70d06da4e488e52fe Mon Sep 17 00:00:00 2001 From: zh-ao-ch-en <2434417767@qq.com> Date: Sat, 11 Jan 2025 16:17:38 +0800 Subject: [PATCH 04/29] Update check.yml --- .github/workflows/check.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/workflows/check.yml b/.github/workflows/check.yml index 37b4be8f5e..e99f23a839 100644 --- a/.github/workflows/check.yml +++ b/.github/workflows/check.yml @@ -65,3 +65,5 @@ jobs: GH_TOKEN: ${{ github.token }} # 设置 GitHub token run: | gh issue create --title "[每日信息流] $(date +'%Y-%m-%d')" -F today.md --label "daily" +env: + GH_TOKEN: ${{ github.token }} From 2748cee8c8ec80e28d1f794a8078b8d78bef1ec1 Mon Sep 17 00:00:00 2001 From: zh-ao-ch-en <2434417767@qq.com> Date: Sat, 11 Jan 2025 16:18:05 +0800 Subject: [PATCH 05/29] Update check.yml From dcca0647d1639f36d24f2053bd129572c3985d62 Mon Sep 17 00:00:00 2001 From: zh-ao-ch-en <2434417767@qq.com> Date: Sat, 11 Jan 2025 16:19:05 +0800 Subject: [PATCH 06/29] Update check.yml --- .github/workflows/check.yml | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/.github/workflows/check.yml b/.github/workflows/check.yml index e99f23a839..27719d8519 100644 --- a/.github/workflows/check.yml +++ b/.github/workflows/check.yml @@ -67,3 +67,11 @@ jobs: gh issue create --title "[每日信息流] $(date +'%Y-%m-%d')" -F today.md --label "daily" env: GH_TOKEN: ${{ github.token }} +steps: + - name: Set up GitHub CLI + uses: cli/cli@v2 + - name: Create GitHub issue + env: + GH_TOKEN: ${{ github.token }} + run: | + gh issue create --title "[每日信息流] $(date +'%Y-%m-%d')" -F today.md --label "daily" From a293d066b90f6b4404003f1ea5494e824dafd9f3 Mon Sep 17 00:00:00 2001 From: chainreactorbot Date: Sat, 11 Jan 2025 10:59:09 +0000 Subject: [PATCH 07/29] =?UTF-8?q?=E6=AF=8F=E6=97=A5=E5=AE=89=E5=85=A8?= =?UTF-8?q?=E8=B5=84=E8=AE=AF=EF=BC=882025-01-11=EF=BC=89?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- archive/daily/2025/2025-01-11.md | 455 +++++++++++++++++++ archive/tmp/2025-01-11.json | 547 +++++++++++++++++++++++ today.md | 740 ++++++++++++++++++------------- 3 files changed, 1434 insertions(+), 308 deletions(-) create mode 100644 archive/daily/2025/2025-01-11.md create mode 100644 archive/tmp/2025-01-11.json diff --git a/archive/daily/2025/2025-01-11.md b/archive/daily/2025/2025-01-11.md new file mode 100644 index 0000000000..260114ebb4 --- /dev/null +++ b/archive/daily/2025/2025-01-11.md @@ -0,0 +1,455 @@ +# 每日安全资讯(2025-01-11) + +- paper - Last paper + - [ ] [Self-changing Data Type - CVE-2024-40676 漏洞分析](https://paper.seebug.org/3266/) +- Recent Commits to cve:main + - [ ] [Update Fri Jan 10 20:11:13 UTC 2025](https://github.com/trickest/cve/commit/35ab00cc0e2f9453ab25383a9a5c9d4cfa1182d1) + - [ ] [Update Fri Jan 10 12:19:12 UTC 2025](https://github.com/trickest/cve/commit/bb4ddf1816df72235be5cd596f20b2ed83504f0c) + - [ ] [Update Fri Jan 10 04:22:20 UTC 2025](https://github.com/trickest/cve/commit/0eba4829b48b6e4109d4f696f205771712d068c3) +- 嘶吼 RoarTalk – 网络安全行业综合服务平台,4hou.com + - [ ] [国家网络安全通报中心:重点防范境外恶意网址和恶意IP](https://www.4hou.com/posts/VW2o) + - [ ] [Check Point:企业如何应对复杂网络挑战?](https://www.4hou.com/posts/W1Ko) +- Doonsec's feed + - [ ] [特朗普上台,中美会发生网络战吗?](https://mp.weixin.qq.com/s?__biz=MzU0MzgyMzM2Nw==&mid=2247486232&idx=1&sn=5527e80a86875c017071d27f5b315e3e) + - [ ] [30天渗透测试练习计划(2025 第一部分)](https://mp.weixin.qq.com/s?__biz=MzkyODYwODkyMA==&mid=2247484899&idx=1&sn=9aae3d9926fe3695441f5c88f9f5546f) + - [ ] [2025 年,炼石计划@赛博代审之旅又带来了什么好东西呢?](https://mp.weixin.qq.com/s?__biz=Mzg3MDU1MjgwNA==&mid=2247487164&idx=1&sn=ee4ecadbaa3c2616b6e600c1711926e0) + - [ ] [中国软件评测中心2024年干部述职述廉考核 工作总结表彰大会暨2025年工作计划会圆满召开](https://mp.weixin.qq.com/s?__biz=MjM5NzYwNDU0Mg==&mid=2649249217&idx=1&sn=efe8d1f5b3fa8193ede8e5ee31c840e9) + - [ ] [国家互联网信息办公室关于《网络信息内容多渠道分发服务机构相关业务活动管理规定(草案稿)》公开征求意见的通知](https://mp.weixin.qq.com/s?__biz=MzI5NTM4OTQ5Mg==&mid=2247633711&idx=1&sn=7ade192a71c4b34eb6cf7fd5930216ce) + - [ ] [突发!美国拟(全面禁止)向中国出口 GPU](https://mp.weixin.qq.com/s?__biz=MzI5NTM4OTQ5Mg==&mid=2247633711&idx=3&sn=a171f86485cabe24801c9536db242e1e) + - [ ] [海南发布商超消费领域个人信息保护合规指引,涉及门店APP、小程序运行规范(附全文)](https://mp.weixin.qq.com/s?__biz=MzI5NTM4OTQ5Mg==&mid=2247633711&idx=4&sn=068613b0262e30ac174c7fa092dfc2ec) + - [ ] [豆包好用的关键在于你得会用❗熬夜整理](https://mp.weixin.qq.com/s?__biz=MzU5MjI1NTY1Mg==&mid=2247483976&idx=1&sn=ef740b84f599f005ce29d414f97b0ad7) + - [ ] [2025考试安排 | CCRC数据安全官、数据安全评估师](https://mp.weixin.qq.com/s?__biz=MzU0Mzk0NDQyOA==&mid=2247521211&idx=1&sn=f5888344ad57191e78dfff778e714701) + - [ ] [信创加速,腾讯安全湖现已完成全栈国产化适配,助力企业高效替换](https://mp.weixin.qq.com/s?__biz=Mzg5OTE4NTczMQ==&mid=2247526338&idx=1&sn=d932d0ca3339bddabd79d6e04f350b57) + - [ ] [2025网安行业优质播客精选集⑤](https://mp.weixin.qq.com/s?__biz=Mzg2MTAwNzg1Ng==&mid=2247495438&idx=1&sn=0dfa956916eecc08f617ada58c6a41aa) + - [ ] [CSDN挂马事件的安全警醒;平时如何应对钓鱼攻击| FB甲方群话题讨论](https://mp.weixin.qq.com/s?__biz=Mzg2MTAwNzg1Ng==&mid=2247495438&idx=2&sn=9a03ea5cc87ec11de2f5a5418b852d13) + - [ ] [中国网络空间安全协会关键信息基础设施安全保护专业委员会在京成立](https://mp.weixin.qq.com/s?__biz=MzA3ODE0NDA4MA==&mid=2649401216&idx=1&sn=de77c2a7f5191211b4a1eddf1353dadf) + - [ ] [武汉科技大学2025-2027年网络安全服务采购](https://mp.weixin.qq.com/s?__biz=MzIxMDIwODM2MA==&mid=2653931394&idx=1&sn=38fbb62c75ca1ac3d4006f41b7847662) + - [ ] [建行超大规模数据中心开建,定位包括大数据业务主生产中心、核心数据备份中心等](https://mp.weixin.qq.com/s?__biz=MzIxMDIwODM2MA==&mid=2653931394&idx=2&sn=faea67696fc3676c501d4b313aa0e8e8) + - [ ] [【1CPE】ISC2Webinar丨降低关键基础设施数字化带来的风险](https://mp.weixin.qq.com/s?__biz=MzUzNTg4NDAyMg==&mid=2247492278&idx=1&sn=68ad8bcc9a61f861bb328a88abfed21f) + - [ ] [通知 | 国家网信办就《网络信息内容多渠道分发服务机构相关业务活动管理规定(草案稿)》公开征求意见(附全文)](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664234365&idx=1&sn=af17f45f731d0c43256ce450f1d66690) + - [ ] [解读 | 《网络数据安全管理条例》有哪些亮点?](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664234365&idx=3&sn=bad4d027f0d756a436be1f46a3d63af6) + - [ ] [关注 | 勇闯“春运”,要注意这些问题!](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664234365&idx=7&sn=26075d2a4c3c7515c08c1b7d9fd68c01) + - [ ] [网安周讯 | 辟谣!“西藏地震小孩被埋”为AI制图(一月第2期)](https://mp.weixin.qq.com/s?__biz=Mzg4MjQ4MjM4OA==&mid=2247523453&idx=1&sn=dc3496239f549ecdc6a72269c1ab8a91) + - [ ] [开放申请 | 2025腾讯犀牛鸟精英人才计划](https://mp.weixin.qq.com/s?__biz=MjM5ODYwMjI2MA==&mid=2649789536&idx=2&sn=f280f844c57c71c77c1e662f9ebb8811) + - [ ] [【云安全】云服务-云服务器ECS-安全问题分析](https://mp.weixin.qq.com/s?__biz=MzUyNTUyNTA5OQ==&mid=2247484084&idx=1&sn=56999ea9f438281ffad8f0d920528b0a) + - [ ] [安全资讯汇总:2025.1.6-2025.1.10](https://mp.weixin.qq.com/s?__biz=MzA4MTE0MTEwNQ==&mid=2668669972&idx=1&sn=1909e2d8e657b12e3eff8fcae8a0b168) + - [ ] [VMProtect本地授权锁的分析与破解](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458588572&idx=1&sn=f7ad4ebbe10787b233f29e316423ebc0) + - [ ] [超4000个后门通过注册过期域名被劫持](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458588572&idx=2&sn=59a0f2be5e5bacf99eec4b02e9d3c5b6) + - [ ] [本周职位大更新!众多企业抛出橄榄枝,你的心动岗位来了吗?](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458588572&idx=3&sn=abdd6a29e3e32a98636c35e70688f0aa) + - [ ] [首次!欧盟委员会因违反数据隐私法规被追责,向个人支付赔偿金](https://mp.weixin.qq.com/s?__biz=MzIzOTc2OTAxMg==&mid=2247548655&idx=1&sn=519c63daf361d43b3bb6e33cf198c0d0) + - [ ] [奇瑞汽车1亿元成立机器人科技公司“墨甲智创”](https://mp.weixin.qq.com/s?__biz=MzIzOTc2OTAxMg==&mid=2247548655&idx=2&sn=1bf760ffea9a49dcd8851b8ecb78cb79) + - [ ] [鹏城实验室与为辰信安联合发布《2024智能网联汽车网络安全报告》(附下载)](https://mp.weixin.qq.com/s?__biz=MzIzOTc2OTAxMg==&mid=2247548655&idx=3&sn=bc9f58e42eefcd52d0731448b4f2df0a) + - [ ] [扫码下载 | 12个鸿蒙生态文件(报告、白皮书)](https://mp.weixin.qq.com/s?__biz=MjM5OTk4MDE2MA==&mid=2655263596&idx=1&sn=a883bc4a6cd7c37fe586151df6fe96ee) + - [ ] [安全牛《中国网络安全全景图》(第十二版)调研启动](https://mp.weixin.qq.com/s?__biz=MjM5Njc3NjM4MA==&mid=2651134576&idx=1&sn=e86ab5b49773d2d99aa5756c964bd0a5) + - [ ] [欧盟委员会因隐私违规行为首次被追责;苹果以9500万美元和解持续了5年的Siri隐私诉讼 | 牛览](https://mp.weixin.qq.com/s?__biz=MjM5Njc3NjM4MA==&mid=2651134576&idx=2&sn=a7d8e8804916170cb6b3ad59b218d42d) + - [ ] [《工业互联网赋能的企业数字化转型》连载及解读之四十三:工业互联网安全技术体系](https://mp.weixin.qq.com/s?__biz=Mzg2ODUxODk3OA==&mid=2247499779&idx=1&sn=42d42838b8d321bb9ae3db7c423fde7f) + - [ ] [《车路云一体化系统 第7部分:信息安全要求和试验方法》(草案)](https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247619208&idx=1&sn=8b8a2f1379020358aa3348970c263aeb) + - [ ] [面向软件定义车辆的E/E架构技术&市场分析报告2025](https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247619208&idx=2&sn=c9683ecfca0fa974f586aa1bec72693c) + - [ ] [2025年智能网联汽车数据分类分级白皮书](https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247619208&idx=3&sn=af703f71840d3044485d467962af982c) + - [ ] [手机上的后门|防不胜防的RAT攻击](https://mp.weixin.qq.com/s?__biz=Mzg2NDYzNDM2NQ==&mid=2247485162&idx=1&sn=134a10ad8e58a3e356511f857fa123a5) + - [ ] [副业天花板,hvv趋势预测](https://mp.weixin.qq.com/s?__biz=MzkxNTIwNTkyNg==&mid=2247553000&idx=1&sn=b1baac10d19b08b13bf3cf699d23d247) + - [ ] [【免费领】网安岗位必备:互联网企业安全建设最佳实践指南](https://mp.weixin.qq.com/s?__biz=MzkxNTIwNTkyNg==&mid=2247553000&idx=2&sn=d488db920cfd91aac90202ba8bc8d7f2) + - [ ] [网络安全动态 - 2025.01.10](https://mp.weixin.qq.com/s?__biz=MzU1MzEzMzAxMA==&mid=2247499873&idx=1&sn=176dfb8874521ec82f865a95f5a1b0d2) + - [ ] [翼开岁首:天空卫士荣膺北京市独角兽企业](https://mp.weixin.qq.com/s?__biz=MzkwMTMyMDQ3Mw==&mid=2247597378&idx=2&sn=6f6f7ac4d7374f0c0f32db92dbdeca3f) + - [ ] [孙凝晖院士:建设面向智能时代的国家数据基础设施](https://mp.weixin.qq.com/s?__biz=MzkwMTMyMDQ3Mw==&mid=2247597378&idx=3&sn=f567eb44e3edd09bd82c2263b3ef3ec4) + - [ ] [安全威胁情报周报(2025/01/04-2025/01/10)](https://mp.weixin.qq.com/s?__biz=Mzg4NjYyMzUyNg==&mid=2247491122&idx=1&sn=898a05c3ec3c50263fa0eb51fd544bdd) + - [ ] [【自研报告】美国对格陵兰利益的战略分析及对策建议](https://mp.weixin.qq.com/s?__biz=MzkxMTA3MDk3NA==&mid=2247487051&idx=1&sn=ec33b2838d1fb6eed3391701e077b62e) + - [ ] [每周网络安全简讯 ( 2025年 第2周 )](https://mp.weixin.qq.com/s?__biz=MzU2MjcwOTY1Mg==&mid=2247521163&idx=1&sn=de51aa92eee1967c687270ff682fa764) + - [ ] [烽火狼烟丨暗网数据及攻击威胁情报分析周报(01/06-01/10)](https://mp.weixin.qq.com/s?__biz=Mzk0NjMxNTgyOQ==&mid=2247484510&idx=1&sn=f233df30c66fbd58c30c6ee06afb3270) + - [ ] [《网络数据安全管理条例》施行数据安全要求再升级](https://mp.weixin.qq.com/s?__biz=MjM5MTI2NDQzNg==&mid=2654552239&idx=1&sn=51440c7606c836fa1630fe46c5453bbb) + - [ ] [盗版影视APP的社会危害,只是“盗版”吗?](https://mp.weixin.qq.com/s?__biz=MjM5NTY4NzcyNg==&mid=2650249786&idx=1&sn=e4aef09e652f443508cfccf851714130) + - [ ] [学术前沿《工业信息安全》(第23期)主要内容速览](https://mp.weixin.qq.com/s?__biz=MzUyMzA1MTM2NA==&mid=2247499039&idx=1&sn=77cb9434d2ba8c5fc83182ffc43400fd) + - [ ] [ShellcodeLoader免杀加载器](https://mp.weixin.qq.com/s?__biz=Mzk0Mjg4MTQxMw==&mid=2247485418&idx=1&sn=bdc4d8fe72641276491413edaa1c2a87) + - [ ] [【观演指南】| 明晚 | 摇滚黑客2025演唱会北京现场见!](https://mp.weixin.qq.com/s?__biz=MzUyMDQ4OTkyMg==&mid=2247546519&idx=1&sn=0b14341dacc638097b304b34c2fce4b7) + - [ ] [听摇滚黑客2025演唱会 享滴滴打车五折优惠](https://mp.weixin.qq.com/s?__biz=MzUyMDQ4OTkyMg==&mid=2247546519&idx=2&sn=9c53a50b2d2fd5f2dd014e5726399bac) + - [ ] [推动数据要素发挥乘数效应](https://mp.weixin.qq.com/s?__biz=MjM5MzMwMDU5NQ==&mid=2649170105&idx=3&sn=f82cb6976156695f8fde5f17613d583a) + - [ ] [权威认可|悬镜再次入选2024年度毕马威中国金融科技企业双50强](https://mp.weixin.qq.com/s?__biz=MzA3NzE2ODk1Mg==&mid=2647795461&idx=1&sn=ea056881a28c848a31e57e1b2b75317c) + - [ ] [苹果mac用户警惕:Banshee Stealer新变种来袭](https://mp.weixin.qq.com/s?__biz=Mzk0MDYwMjE3OQ==&mid=2247486041&idx=1&sn=33813042ecc95b0f290c4fd3aff241f9) + - [ ] [【业界动态】我国牵头提出的国际标准《信息技术 信息安全事件管理 第4部分:协同》正式发布](https://mp.weixin.qq.com/s?__biz=MzA3NzgzNDM0OQ==&mid=2664992672&idx=2&sn=2fc4cff7ac2dfaec2b37f0ae52f72383) + - [ ] [【业界动态】工业和信息化部启动万兆光网试点工作 有序引导万兆光网从技术试点走向部署应用](https://mp.weixin.qq.com/s?__biz=MzA3NzgzNDM0OQ==&mid=2664992672&idx=3&sn=19a4fcbfa5be472c033f7007e87acaba) + - [ ] [掌握网络安全应急响应领域核心技能,你可能需要这两个证书](https://mp.weixin.qq.com/s?__biz=MzU4MjUxNjQ1Ng==&mid=2247521060&idx=1&sn=0248e268143e4e1f742932c65e85a9aa) + - [ ] [购课回馈|现在报名软考高项赠送3999元技术会员1年](https://mp.weixin.qq.com/s?__biz=MzU4MjUxNjQ1Ng==&mid=2247521060&idx=2&sn=262bc464e02d76e1223837f47e161d2b) + - [ ] [IDA技巧(98)analysis-options](https://mp.weixin.qq.com/s?__biz=MzI1Mjk2MTM1OQ==&mid=2247485211&idx=1&sn=0cbdd4418d779736e55176cb101121a4) + - [ ] [【流量分析】WireShark解析非标端口下SSH协议](https://mp.weixin.qq.com/s?__biz=MzU1Mjk3MDY1OA==&mid=2247519273&idx=1&sn=7a7e3bfdfb38fdfe33a5904a20cfa760) + - [ ] [从任意文件下载到getshell](https://mp.weixin.qq.com/s?__biz=MzkzMjIxNjExNg==&mid=2247486168&idx=1&sn=91eaac8e536f7aa3fae5d4ac01da95e9) + - [ ] [【商密测评】快速定位SSH数据包的密码套件](https://mp.weixin.qq.com/s?__biz=MzU1Mjk3MDY1OA==&mid=2247519271&idx=1&sn=fcd3a7d9d7a3d99f0743b3dd69f1817b) + - [ ] [【已复现】大华智能物联综合管理平台 GetClassValue 远程代码执行漏洞](https://mp.weixin.qq.com/s?__biz=MzIwMDk1MjMyMg==&mid=2247492684&idx=1&sn=3b0a607c660f6ba2dfc3db280cbf8e40) + - [ ] [俄罗斯互联网服务提供商证实乌克兰黑客“破坏”了其网络](https://mp.weixin.qq.com/s?__biz=MzI5NTA0MTY2Mw==&mid=2247485741&idx=1&sn=79a4fdb76ec8a43d1966f3ebd78d9d4f) + - [ ] [[0110] 一周重点威胁情报|天际友盟情报站](https://mp.weixin.qq.com/s?__biz=MzIwNjQ4OTU3NA==&mid=2247509999&idx=1&sn=ca5344ff0b02d3f92c43c0ad6be20284) + - [ ] [国家网信办发布2024年生成式人工智能服务已备案信息的公告](https://mp.weixin.qq.com/s?__biz=MzkwMTQyODI4Ng==&mid=2247495536&idx=1&sn=d9f85550a15c225b4186134eba2ac87c) + - [ ] [工信部:2024年我国网络和数据安全取得新突破](https://mp.weixin.qq.com/s?__biz=MzA5MzU5MzQzMA==&mid=2652113878&idx=1&sn=cbbd81e4fcb158219d4e3e8f3f2fa05d) + - [ ] [从一次溯源国际APT组织浅谈蜜罐运营](https://mp.weixin.qq.com/s?__biz=MzkwMTQyODI4Ng==&mid=2247495536&idx=3&sn=57593e331dce228f533ac3fe3787190c) + - [ ] [【工具推荐】Hawkeye 一款Windows综合应急响应工具](https://mp.weixin.qq.com/s?__biz=MzI1NTE2NzQ3NQ==&mid=2247487241&idx=1&sn=839e749479e300a8d7b930a213a06216) + - [ ] [【急聘】京东集团信息安全部招人啦~~](https://mp.weixin.qq.com/s?__biz=MzU4ODUzMTU4Mg==&mid=2247486659&idx=1&sn=64bfb54bfcc8b2685406aa46acae83b1) + - [ ] [国家网络安全通报中心:重点防范境外恶意网址和恶意IP](https://mp.weixin.qq.com/s?__biz=MzI0MDY1MDU4MQ==&mid=2247580725&idx=2&sn=63fd746c589e9cd1b6647a823ca163d3) + - [ ] [BoardLight](https://mp.weixin.qq.com/s?__biz=Mzk1NzY0NzMyMw==&mid=2247485204&idx=1&sn=8d8e4038082ae1cbd3fa5607cab82a83) + - [ ] [感恩同行|知其安获 OSRC 2024年度优秀合作伙伴](https://mp.weixin.qq.com/s?__biz=MzkzNTI5NTgyMw==&mid=2247510626&idx=1&sn=5f86ee189ac6754c4a7418ea77b04529) + - [ ] [云天安全入选中国信通院《数字安全护航技术能力全景图》28项领域,持续引领数字安全创新](https://mp.weixin.qq.com/s?__biz=MzI2NDYzNjY0Mg==&mid=2247501066&idx=1&sn=fe3fd86c1b199574b5893611ae04d58f) + - [ ] [【图一乐】在 pdf 文档中玩俄罗斯方块游戏](https://mp.weixin.qq.com/s?__biz=MzkzNDIzNDUxOQ==&mid=2247494124&idx=1&sn=ac20fe3efd1ce74b9f3927211c877cec) + - [ ] [TOPSRC 2024年第四季度奖励公告](https://mp.weixin.qq.com/s?__biz=Mzk0MTM1MTg3Nw==&mid=2247483903&idx=1&sn=a6b8b89ea06c0d846a8b9c2e3db8d5b5) + - [ ] [2025年,网络安全意识宣贯该怎么做?](https://mp.weixin.qq.com/s?__biz=MzU4NDExNDQwNA==&mid=2247489876&idx=1&sn=b620b4c55efe620eca9ebafa67d5c1b7) + - [ ] [技战法:剖析涉网站点后台加盐绕过技术](https://mp.weixin.qq.com/s?__biz=Mzk0Mzc2MDQyMg==&mid=2247486418&idx=1&sn=822fe24dc33064052db10431aeaac661) + - [ ] [u200b致人民警察的一封信](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650558871&idx=1&sn=2049a81dea035595445267831bbf8eba) + - [ ] [深挖缅甸妙瓦底 KK 园区:电信诈骗的阴暗角落与跨国打击的艰难之路](https://mp.weixin.qq.com/s?__biz=MzkwNzM0NzA5MA==&mid=2247503709&idx=1&sn=29a4a7741686d4bd4033ffbee78f1ce7) + - [ ] [2025年日本国防战略调整分析](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650558871&idx=3&sn=5dc7c0bf081673ac6520dbd2dd7aec61) + - [ ] [基于Tauri+Rust构建的新型免杀马生成器](https://mp.weixin.qq.com/s?__biz=MzU2NzY5MjAwNQ==&mid=2247486726&idx=1&sn=a770a2c26a407edd6ce426c70235b35c) + - [ ] [科普时间 | 蜜罐:给黑客精心准备的“甜蜜”陷阱](https://mp.weixin.qq.com/s?__biz=MzIyNzc3OTMzNw==&mid=2247485712&idx=1&sn=9a641e71d4d416bd3bd0a5b0e55affdf) + - [ ] [拜登政府新网络安全行政令寻求为新一届政府提供政策蓝图](https://mp.weixin.qq.com/s?__biz=MzI4ODQzMzk3MA==&mid=2247489550&idx=1&sn=26d503014824376c8155e36ecaa4c09f) + - [ ] [中国人民警察节 | 致敬我们的安全守护者!](https://mp.weixin.qq.com/s?__biz=MzkxMzQwNDcxNg==&mid=2247486835&idx=1&sn=bec31322bfb58a4913410c8d9ab33c2b) + - [ ] [发现Web API漏洞居然能赚到400w刀](https://mp.weixin.qq.com/s?__biz=Mzg2ODYxMzY3OQ==&mid=2247518149&idx=1&sn=6498c967abc2646198bd742a3d2232e6) + - [ ] [【漏洞预警】Apache OpenMeetings未授权 反序列化漏洞](https://mp.weixin.qq.com/s?__biz=MzI3NzMzNzE5Ng==&mid=2247489437&idx=1&sn=86a7c25e1f15115c4f1bfe3bf9529dae) + - [ ] [2024年度游戏安全报告发布:200+亿次风险检测背后的攻防全景](https://mp.weixin.qq.com/s?__biz=MzAwNTg2NjYxOA==&mid=2650742854&idx=1&sn=9a962b361752a5d23f40f791245fc33c) + - [ ] [智能汽车的强大功能](https://mp.weixin.qq.com/s?__biz=MzUzMjQyMDE3Ng==&mid=2247487868&idx=1&sn=38f654feb41f7697779f05deda25a854) + - [ ] [新活动平台建设历程与架构演进](https://mp.weixin.qq.com/s?__biz=Mzg3Njc0NTgwMg==&mid=2247502230&idx=1&sn=76feb6f4717cedf7c7fc1aaaf16d619d) + - [ ] [亚太地区APT网络攻击趋势分析与解读](https://mp.weixin.qq.com/s?__biz=Mzg3OTYxODQxNg==&mid=2247485594&idx=1&sn=e741dd51bb23c3d86fb494a60623a03e) + - [ ] [「专精型」优能企业 | 珞安科技荣登《嘶吼2024中国网络安全产业势能榜》](https://mp.weixin.qq.com/s?__biz=MzU2NjI5NzY1OA==&mid=2247512093&idx=1&sn=38d32dbb721779788a5aa550aa438acc) + - [ ] [BTC跨链监控&Chainlink PoR数据源|打造BTCFi安全新标准](https://mp.weixin.qq.com/s?__biz=MzkyMzI2NzIyMw==&mid=2247488553&idx=1&sn=a29ed9e4773fab41333e0f1f342441b4) + - [ ] [记一次利用堡垒机内部邮件钓鱼突破外网](https://mp.weixin.qq.com/s?__biz=MzUyODkwNDIyMg==&mid=2247546579&idx=1&sn=7b98384283af5b40e65bffd578e10edd) + - [ ] [2025掌控安全封神台第七届CTF获奖队伍公示](https://mp.weixin.qq.com/s?__biz=MzUyODkwNDIyMg==&mid=2247546579&idx=2&sn=74ed267221ac90fe1cefffdad9969d1b) + - [ ] [HirGen:针对深度学习编译器的模糊测试技术](https://mp.weixin.qq.com/s?__biz=MzU1NTEzODc3MQ==&mid=2247486850&idx=1&sn=dced461f84a7bc0c0fce0bc7d690ea72) + - [ ] [国金证券与持安科技共研课题,荣获证券期货业网络安全创新实验室“优秀课题三等奖”](https://mp.weixin.qq.com/s?__biz=Mzg2NTYxNjMzMg==&mid=2247495747&idx=1&sn=f5822d19ef79d87997ef2c87b1df1c88) + - [ ] [信息安全等级保护测评的价值](https://mp.weixin.qq.com/s?__biz=MzU5MTIxNzg0Ng==&mid=2247488126&idx=1&sn=be5e2217a7458c0b445edba62ec64bd3) + - [ ] [当歌 - RSS 订阅分发平台开发](https://mp.weixin.qq.com/s?__biz=Mzg3MTE0NTg4OQ==&mid=2247484105&idx=1&sn=3793c462d03f9093ac8349454d179d59) + - [ ] [安利一款逆向辅助神器WPeChatGPT](https://mp.weixin.qq.com/s?__biz=Mzk0ODY1NzEwMA==&mid=2247485720&idx=1&sn=987788354775c7ae7c1bc7f48235e5f9) + - [ ] [漏洞赏金方法 2025 版](https://mp.weixin.qq.com/s?__biz=MzkwOTE5MDY5NA==&mid=2247504442&idx=1&sn=b38e2fd23874bcc57a2cad01406af7aa) + - [ ] [【插件推荐】Heimdallr-被动嗅探浏览器流量](https://mp.weixin.qq.com/s?__biz=MzkxNjY1MjY3OQ==&mid=2247488163&idx=1&sn=51556518b5b93659b3f07fa1f165dd43) + - [ ] [【黑产大数据】恶意贷款中介揭秘](https://mp.weixin.qq.com/s?__biz=MzI3NDY3NDUxNg==&mid=2247498437&idx=1&sn=5c259f2e9ba6de730bc41e763ee2d2dd) + - [ ] [【漏洞通告】Ivanti 多款产品缓冲区溢出漏洞安全风险通告](https://mp.weixin.qq.com/s?__biz=MzU4NjY4MDAyNQ==&mid=2247496924&idx=1&sn=cde3f8dcc5062f5bae2fbcc43db8c4d1) + - [ ] [【漏洞通告】SonicOS SSLVPN 认证绕过漏洞安全风险通告](https://mp.weixin.qq.com/s?__biz=MzU4NjY4MDAyNQ==&mid=2247496924&idx=2&sn=b5e7145e48fd905325fcdf22665c67cd) + - [ ] [工具 | 一款替代Frp完美消除网络特征的内网穿透神器](https://mp.weixin.qq.com/s?__biz=MzkxNDAyNTY2NA==&mid=2247519413&idx=1&sn=acd47706d52a5ccae891e48e5d3d7cff) + - [ ] [实战 | 攻防演练某x医院内网拿下集权](https://mp.weixin.qq.com/s?__biz=MzkxNDAyNTY2NA==&mid=2247519413&idx=2&sn=2363399bbb13f91288886c2db1c060b9) + - [ ] [Ignition工控系统反序列化漏洞(CVE-2020-10644)](https://mp.weixin.qq.com/s?__biz=Mzg2NzkxOTQ0OA==&mid=2247484500&idx=1&sn=bc5612c622b398355de7cfab77b9ff4e) + - [ ] [2024补天平台【专属SRC】年度榜单发布!](https://mp.weixin.qq.com/s?__biz=MzI2NzY5MDI3NQ==&mid=2247507272&idx=1&sn=4dda0db202724e951d5e867b98fbb1be) + - [ ] [黑吉蛇机械键盘驱动](https://mp.weixin.qq.com/s?__biz=Mzk0MTI4NTIzNQ==&mid=2247492158&idx=1&sn=cd2af2f382815ebd64d1646b16fee7c9) + - [ ] [ISRC-2025新年活动来咯~~](https://mp.weixin.qq.com/s?__biz=MzI4NTYwMzc5OQ==&mid=2247500722&idx=1&sn=6f3485b3faf3babb15fbaeb302371ad9) + - [ ] [265种windows渗透工具合集--灵兔宝盒](https://mp.weixin.qq.com/s?__biz=MzA5MzYzMzkzNg==&mid=2650962339&idx=1&sn=e05bc1fa240d96de64e878ee294e2550) + - [ ] [华为手机地震报警怎么设置](https://mp.weixin.qq.com/s?__biz=MzA5MzYzMzkzNg==&mid=2650962339&idx=2&sn=ccd29e6433da05cac227a2252dfe072b) + - [ ] [2024年华为手机哪一款性价比高?华为手机推荐与市场分析(12月更新)](https://mp.weixin.qq.com/s?__biz=MzA5MzYzMzkzNg==&mid=2650962339&idx=3&sn=e27a33cc1f78deb0520803d748308723) + - [ ] [【艺术鉴赏】抖音直播更新,睡眠更新左颜玉很下饭8个视频](https://mp.weixin.qq.com/s?__biz=MzA5MzYzMzkzNg==&mid=2650962339&idx=4&sn=48ad9b276b80077931b9c155810e2ccf) + - [ ] [安全分析师 2025 年应该知道的 OSINT 工具](https://mp.weixin.qq.com/s?__biz=MzkxMDIwMTMxMw==&mid=2247494403&idx=1&sn=219174cdbe6daef3141b46dbc0ccf839) +- SecWiki News + - [ ] [SecWiki News 2025-01-10 Review](http://www.sec-wiki.com/?2025-01-10) +- 安全脉搏 + - [ ] [后门函数技术在二进制对抗中的应用](https://www.secpulse.com/archives/205266.html) + - [ ] [靶场战神为何会陨落?](https://www.secpulse.com/archives/205395.html) +- 安全客-有思想的安全新媒体 + - [ ] [入选“磐安”教育应用优秀案例!360打造人才培育标杆](https://www.anquanke.com/post/id/303426) + - [ ] [初始访问代理(IAB)如何出售用户证书](https://www.anquanke.com/post/id/303423) + - [ ] [注册过期域名,4000 多个后门被劫持](https://www.anquanke.com/post/id/303420) + - [ ] [俄罗斯 ISP 证实乌克兰黑客“摧毁”了其网络](https://www.anquanke.com/post/id/303417) + - [ ] [联合国航空机构确认招聘数据库存在安全漏洞](https://www.anquanke.com/post/id/303414) + - [ ] [医疗计费公司 Medusind 披露漏洞影响 36 万人](https://www.anquanke.com/post/id/303411) + - [ ] [黑客利用 KerioControl 防火墙漏洞窃取管理员 CSRF 标记](https://www.anquanke.com/post/id/303408) + - [ ] [SonicWall 敦促管理员立即修补可被利用的 SSLVPN 漏洞](https://www.anquanke.com/post/id/303404) + - [ ] [未修补的关键缺陷影响 Fancy Product Designer WordPress 插件](https://www.anquanke.com/post/id/303401) + - [ ] [2025 年的网络安全: 全球冲突、成熟的人工智能和群众的智慧](https://www.anquanke.com/post/id/303398) +- Security Boulevard + - [ ] [2025 SaaS Security Word of the Year: Adaptability | Grip](https://securityboulevard.com/2025/01/2025-saas-security-word-of-the-year-adaptability-grip/) + - [ ] [Strategic Approaches to Enhance Data Security](https://securityboulevard.com/2025/01/strategic-approaches-to-enhance-data-security/) + - [ ] [The Cost of Complacency in Credential Hygiene](https://securityboulevard.com/2025/01/the-cost-of-complacency-in-credential-hygiene/) + - [ ] [DEF CON 32 – Practical Exploitation of DoS in Bug Bounty](https://securityboulevard.com/2025/01/def-con-32-practical-exploitation-of-dos-in-bug-bounty/) + - [ ] [Below the Surface Winter 2024 Edition – The Year in Review](https://securityboulevard.com/2025/01/below-the-surface-winter-2024-edition-the-year-in-review/) + - [ ] [New Paper: “Future of SOC: Transform the ‘How’” (Paper 5)](https://securityboulevard.com/2025/01/new-paper-future-of-soc-transform-the-how-paper-5/) + - [ ] [Comic Agilé – Mikkel Noe-Nygaard, Luxshan Ratnaravi – #320 – Aligning Teams](https://securityboulevard.com/2025/01/comic-agile-mikkel-noe-nygaard-luxshan-ratnaravi-320-aligning-teams/) + - [ ] [Hackers Attack PowerSchool, Expose K-12 Teacher and Student Data](https://securityboulevard.com/2025/01/hackers-attack-powerschool-expose-k-12-teacher-and-student-data/) + - [ ] [Unlock collaboration and efficiency in software management with SBOMs](https://securityboulevard.com/2025/01/unlock-collaboration-and-efficiency-in-software-management-with-sboms/) + - [ ] [DEF CON 32 – Programming A CTS-V Gauge Cluster Into An ATS-V: Out Of Pure Spite](https://securityboulevard.com/2025/01/def-con-32-programming-a-cts-v-gauge-cluster-into-an-ats-v-out-of-pure-spite/) +- Private Feed for M09Ic + - [ ] [mgeeky starred Azr43lKn1ght/Rusty-PE-Packer](https://github.com/Azr43lKn1ght/Rusty-PE-Packer) + - [ ] [safedv starred TestingPens/CPLDropper](https://github.com/TestingPens/CPLDropper) + - [ ] [h3zh1 pushed to v0.0.4dev in chainreactors/malice-network](https://github.com/chainreactors/malice-network/compare/33010b5436...7b59033129) + - [ ] [wh0amitz starred sma11new/Pyke-Shiro](https://github.com/sma11new/Pyke-Shiro) + - [ ] [glzjin starred Inokinoki/ai-no-jimaku-gumi](https://github.com/Inokinoki/ai-no-jimaku-gumi) + - [ ] [cmjlove1 started following M09Ic](https://github.com/M09Ic) + - [ ] [HuYlllc pushed to v0.0.4dev in chainreactors/malice-network](https://github.com/chainreactors/malice-network/compare/7b59033129...419072b6e1) + - [ ] [zema1 starred BurntSushi/byteorder](https://github.com/BurntSushi/byteorder) + - [ ] [safedv starred Azr43lKn1ght/Rusty-PE-Packer](https://github.com/Azr43lKn1ght/Rusty-PE-Packer) + - [ ] [safedv started following zyn3rgy](https://github.com/zyn3rgy) + - [ ] [gh0stkey released HaE 4.0.3 at gh0stkey/HaE](https://github.com/gh0stkey/HaE/releases/tag/4.0.3) + - [ ] [mgeeky starred ColeHouston/Sunder](https://github.com/ColeHouston/Sunder) + - [ ] [ZeddYu starred liriliri/aya](https://github.com/liriliri/aya) + - [ ] [ZeddYu starred sourcebot-dev/sourcebot](https://github.com/sourcebot-dev/sourcebot) + - [ ] [Ridter starred kekingcn/kkFileView](https://github.com/kekingcn/kkFileView) + - [ ] [niudaii starred berdav/CVE-2021-4034](https://github.com/berdav/CVE-2021-4034) + - [ ] [Ascotbe starred WPeace-HcH/WPeChatGPT](https://github.com/WPeace-HcH/WPeChatGPT) + - [ ] [TideSec released v2.6.9 升级Zoomeye接口 at TideSec/TscanPlus](https://github.com/TideSec/TscanPlus/releases/tag/v2.6.9) + - [ ] [Ridter starred orbstack/orbstack](https://github.com/orbstack/orbstack) + - [ ] [CHYbeta starred DIYgod/RSSHub-Radar](https://github.com/DIYgod/RSSHub-Radar) + - [ ] [evilashz starred 0xthirteen/AssemblyHunter](https://github.com/0xthirteen/AssemblyHunter) + - [ ] [evilashz starred CICADA8-Research/Spyndicapped](https://github.com/CICADA8-Research/Spyndicapped) + - [ ] [xxDark forked xxDark/jna from java-native-access/jna](https://github.com/xxDark/jna) + - [ ] [shmilylty starred 4ra1n/poc-runner](https://github.com/4ra1n/poc-runner) + - [ ] [zema1 starred H4ckF0rFun/elf_to_shellcode](https://github.com/H4ckF0rFun/elf_to_shellcode) + - [ ] [zema1 starred JustRustThings/windows-rs](https://github.com/JustRustThings/windows-rs) + - [ ] [zema1 started following roblabla](https://github.com/roblabla) + - [ ] [CHYbeta starred juanfont/headscale](https://github.com/juanfont/headscale) + - [ ] [FunnyWolf starred criblio/python-api-wrapper](https://github.com/criblio/python-api-wrapper) +- ElcomSoft blog + - [ ] [iPhone and iPad Acquisition Methods: Yet Another Comparison](https://blog.elcomsoft.com/2025/01/iphone-and-ipad-acquisition-methods-yet-another-comparison/) +- ongoing by Tim Bray + - [ ] [AI Noise Reduction](https://www.tbray.org/ongoing/When/202x/2025/01/10/Photo-Noise-Reduction) +- 奇安信攻防社区 + - [ ] [从任意文件下载到getshell](https://forum.butian.net/share/4031) + - [ ] [记一次渗透测试过程中碰到的Symfony框架的利用](https://forum.butian.net/share/4028) +- Trustwave Blog + - [ ] [Why Vulnerability Scanning Alone Isn’t Enough: The Case for Penetration Testing](https://www.trustwave.com/en-us/resources/blogs/trustwave-blog/why-vulnerability-scanning-alone-isnt-enough-the-case-for-penetration-testing/) +- 一个被知识诅咒的人 + - [ ] [【Python】深入Python元类:动态生成类与对象的艺术](https://blog.csdn.net/nokiaguy/article/details/145055724) + - [ ] [【Python】深入探索 Python 装饰器链:创建组合装饰器的技巧与应用](https://blog.csdn.net/nokiaguy/article/details/145055719) +- Bug Bounty in InfoSec Write-ups on Medium + - [ ] [Unlock the Ultimate Resource Hub for Security Researchers](https://infosecwriteups.com/unlock-the-ultimate-resource-hub-for-security-researchers-9fa52bbff1ff?source=rss----7b722bfd1b8d--bug_bounty) + - [ ] [Race Condition to Bypass Rate-Limiting: A new technique made by Nillsx](https://infosecwriteups.com/race-condition-to-bypass-rate-limiting-a-new-technique-made-by-nillsx-6a60f41dbae6?source=rss----7b722bfd1b8d--bug_bounty) + - [ ] [Blind OS Command Injection with Output Redirection](https://infosecwriteups.com/blind-os-command-injection-with-output-redirection-1d08c3793ff1?source=rss----7b722bfd1b8d--bug_bounty) + - [ ] [Finding Hidden Subdomains with OSINT Tools](https://infosecwriteups.com/finding-hidden-subdomains-with-osint-tools-ad7e411587ee?source=rss----7b722bfd1b8d--bug_bounty) +- Twitter @bytehx + - [ ] [RT Patrik Fehrenbach: Made a simple dashboard to help track/search CVEs and security vulnerabilities in near real-time. No fancy stuff - just a clean ...](https://x.com/bytehx343/status/1877932990619095171) + - [ ] [Re @YoyoDavelion Congrats 🎉🎉🎉](https://x.com/bytehx343/status/1877752584888357175) + - [ ] [RT Ali@s: Hey hunters, I'm sharing a little tool I created to gather all the #YWH program info you have and sort it by relevance in one place. Choose ...](https://x.com/bytehx343/status/1877742892816433173) +- SentinelOne + - [ ] [The Good, the Bad and the Ugly in Cybersecurity – Week 2](https://www.sentinelone.com/blog/the-good-the-bad-and-the-ugly-in-cybersecurity-week-2-6/) +- Reverse Engineering + - [ ] [One Dog v. the Windows 3.1 Graphics Stack](https://www.reddit.com/r/ReverseEngineering/comments/1hyhhvq/one_dog_v_the_windows_31_graphics_stack/) + - [ ] [Parsing the c64 Bubble Bobble Wind Currents](https://www.reddit.com/r/ReverseEngineering/comments/1hy2u3c/parsing_the_c64_bubble_bobble_wind_currents/) +- Intigriti + - [ ] [Intigriti Bug Bytes #220 - January 2025 🚀](https://www.intigriti.com/researchers/blog/bug-bytes/bug-bytes-220-january-2025) +- PortSwigger Blog + - [ ] [Make Burp Suite your own: high-powered extensibility to customize and enhance your testing. 🛠️](https://portswigger.net/blog/make-burp-suite-your-own-high-powered-extensibility-to-customize-and-enhance-your-testing) +- Malwarebytes + - [ ] [BayMark Health Services sends breach notifications after ransomware attack](https://www.malwarebytes.com/blog/news/2025/01/baymark-health-services-sends-breach-notifications-after-ransomware-attack) +- 绿盟科技技术博客 + - [ ] [【漏洞通告】Ivanti多款产品缓冲区溢出漏洞(CVE-2025-0282)](https://blog.nsfocus.net/cve-2025-0282/) +- 奇客Solidot–传递最新科技情报 + - [ ] [独立分析认为巴勒斯坦卫生部严重低估了加沙死亡人数](https://www.solidot.org/story?sid=80300) + - [ ] [四分之一淡水动物面临灭绝](https://www.solidot.org/story?sid=80299) + - [ ] [美国司法部准备出售扣押的丝绸之路比特币](https://www.solidot.org/story?sid=80298) + - [ ] [法官拒绝了试图从垃圾堆里挖出 8000 比特币的诉讼](https://www.solidot.org/story?sid=80297) + - [ ] [三星量产笔记本用的卷轴 OLED 显示屏](https://www.solidot.org/story?sid=80296) + - [ ] [2024 年是平均气温比工业化前水平高出1.5 摄氏度的第一年](https://www.solidot.org/story?sid=80295) + - [ ] [氟化物暴露与 IQ 分数低相关](https://www.solidot.org/story?sid=80294) + - [ ] [中国在前沿 AI 研究上紧追美国](https://www.solidot.org/story?sid=80293) + - [ ] [中国风投让失败的创业者成为失信债务人](https://www.solidot.org/story?sid=80292) + - [ ] [ispace 准备再次发射登月舱](https://www.solidot.org/story?sid=80291) + - [ ] [乳腺癌是最常见的癌症肺癌是最致命的癌症](https://www.solidot.org/story?sid=80290) + - [ ] [拜登计划在离任前对 AI 芯片出口实施新限制](https://www.solidot.org/story?sid=80289) +- darkless + - [ ] [云原生安全学习小记](https://darkless.cn/2025/01/10/cloud-native-security/) +- 锦行科技 + - [ ] [为民立命 有你皆安](https://mp.weixin.qq.com/s?__biz=MzIxNTQxMjQyNg==&mid=2247493604&idx=1&sn=f55d84097f6ddb9e0003210e450ddce3&chksm=979a1c41a0ed95578df3916b75adf84b4e80f1c1293be8bff28598fcb76a955be2bcbf6c5b14&scene=58&subscene=0#rd) +- 安全客 + - [ ] [首次!欧盟委员会因违反数据隐私法规被追责,向个人支付赔偿金](https://mp.weixin.qq.com/s?__biz=MzA5ODA0NDE2MA==&mid=2649787718&idx=1&sn=595ef4ff6fd363b4a5ef609a5edbb03c&chksm=8893bd29bfe4343f1dc30aec83f8a2a219d20f2068a6c361ed62f6122690c1864311788597e5&scene=58&subscene=0#rd) +- 绿盟科技CERT + - [ ] [【漏洞通告】Ivanti多款产品缓冲区溢出漏洞(CVE-2025-0282)](https://mp.weixin.qq.com/s?__biz=Mzk0MjE3ODkxNg==&mid=2247488825&idx=1&sn=5e77e5178823b42679dcaa1914251bf3&chksm=c2c64232f5b1cb24e14a80899dc4fedc64d3489130f642d9a59175803b8acb8d6455c3e2f7d2&scene=58&subscene=0#rd) +- 看雪学苑 + - [ ] [VMProtect本地授权锁的分析与破解](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458588572&idx=1&sn=f7ad4ebbe10787b233f29e316423ebc0&chksm=b18c251686fbac000c0d9e48e4e58a84a1b590532c52b8d159cc104abf0757844caf4d8eb544&scene=58&subscene=0#rd) + - [ ] [超4000个后门通过注册过期域名被劫持](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458588572&idx=2&sn=59a0f2be5e5bacf99eec4b02e9d3c5b6&chksm=b18c251686fbac006a376e63c212d61451edceb7ec989fea2e2c5c0b1c38d098c6729bf85e3e&scene=58&subscene=0#rd) + - [ ] [本周职位大更新!众多企业抛出橄榄枝,你的心动岗位来了吗?](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458588572&idx=3&sn=abdd6a29e3e32a98636c35e70688f0aa&chksm=b18c251686fbac006bd5419dfb500501416d0536da5467876cade8cc988f21cde5cef1bc230e&scene=58&subscene=0#rd) +- 威努特安全网络 + - [ ] [从全年重大网络安全事件,观2025年威胁走势和行业发展](https://mp.weixin.qq.com/s?__biz=MzAwNTgyODU3NQ==&mid=2651130288&idx=1&sn=3bc2382268d5fe7ce39f24acbdad0f6e&chksm=80e71300b7909a16105976d01df0935ffee83e178b812014b8e38c0ab6bc1398f7c8aaced5c9&scene=58&subscene=0#rd) +- 安全内参 + - [ ] [AI Agents越来越火,它可能存在一个严重安全隐患](https://mp.weixin.qq.com/s?__biz=MzI4NDY2MDMwMw==&mid=2247513463&idx=1&sn=b35ecbae92733cf9b66597ee744d842b&chksm=ebfaf257dc8d7b416ce794352466d8ad74c53bfe8a79bf635dfaf0d4187386f3da80fab3ef45&scene=58&subscene=0#rd) + - [ ] [首次!欧盟官方因违反数据保护法规向用户赔偿3000元](https://mp.weixin.qq.com/s?__biz=MzI4NDY2MDMwMw==&mid=2247513463&idx=2&sn=b2d4253ee32d9fc32803935873f93db4&chksm=ebfaf257dc8d7b418d97da9d0d19a8213331ca808d892243fd9e63ad78142b36470304149cde&scene=58&subscene=0#rd) +- 安全分析与研究 + - [ ] [海莲花APT钓鱼样本分析-下](https://mp.weixin.qq.com/s?__biz=MzA4ODEyODA3MQ==&mid=2247489899&idx=1&sn=e632c0c221f0dfd7da57d0f9e6395910&chksm=902fb643a7583f5581237165cb513c8ae2848334de49c6fe3a037dc46f7b707baa995d7b6703&scene=58&subscene=0#rd) +- 黑海洋 - IT技术知识库 + - [ ] [windows日志分析工具](https://blog.upx8.com/4650) +- 青衣十三楼飞花堂 + - [ ] [智能汽车的强大功能](https://mp.weixin.qq.com/s?__biz=MzUzMjQyMDE3Ng==&mid=2247487868&idx=1&sn=38f654feb41f7697779f05deda25a854&chksm=fab2d243cdc55b55c5f372aeb393d132f828265e4f572b79938e9332ace4bd70a4e34e18deee&scene=58&subscene=0#rd) +- 代码卫士 + - [ ] [DNA测序设备运行老旧BIOS,影响临床研究](https://mp.weixin.qq.com/s?__biz=MzI2NTg4OTc5Nw==&mid=2247522035&idx=1&sn=a607aca6553fbf1ed41e27c839e45bea&chksm=ea94a799dde32e8f87b51465ef7f6ed4449ddc0857c8c220dcc378283ba9fd8b9880b6e27544&scene=58&subscene=0#rd) + - [ ] [Palo Alto Networks 修复退市 Migration Tool中的高危漏洞](https://mp.weixin.qq.com/s?__biz=MzI2NTg4OTc5Nw==&mid=2247522035&idx=2&sn=71c00b294647fadae4e56ffc500f1300&chksm=ea94a799dde32e8fec367a20f0630181350a5ca556cc26cfaa9fcbefdac76ae3c3831523c87e&scene=58&subscene=0#rd) +- 奇安信病毒响应中心 + - [ ] [每周勒索威胁摘要](https://mp.weixin.qq.com/s?__biz=MzI5Mzg5MDM3NQ==&mid=2247498230&idx=1&sn=1bb3e3b09b57458fc4b2f0b9fd3ca424&chksm=ec6989dedb1e00c86bf7d7fea369ccd3f9712b4fb1c02711d2ae2af119b3943bdf107ef28197&scene=58&subscene=0#rd) +- 安全研究GoSSIP + - [ ] [G.O.S.S.I.P 阅读推荐 2025-01-10 北约中出了叛徒](https://mp.weixin.qq.com/s?__biz=Mzg5ODUxMzg0Ng==&mid=2247499599&idx=1&sn=aaff9bb2d932f3d15da87fd721e4b5ee&chksm=c063d196f714588069633ee369d1c821a9ce001298b2e69b28a3157796203208d8b50ce1d9da&scene=58&subscene=0#rd) +- leveryd + - [ ] [没想到x-waf还可以用来测rasp](https://mp.weixin.qq.com/s?__biz=MzkyMDIxMjE5MA==&mid=2247485491&idx=1&sn=9e4d62e3c2d058cba9fa930fd49aa2b7&chksm=c1970f82f6e0869445bca851e6fb22753206fbbbb42ffe7fbac3ed702da4b9fb08fef0e81a46&scene=58&subscene=0#rd) +- 数世咨询 + - [ ] [解锁DSPM的价值:全面提升数据安全](https://mp.weixin.qq.com/s?__biz=MzkxNzA3MTgyNg==&mid=2247533977&idx=1&sn=90efd3be6f2ded1fe885486889a0db92&chksm=c1443724f633be320e1f457d145081f6d0c7281486fff91ac016d0f2df8e0f983e02a2cfafdb&scene=58&subscene=0#rd) +- 信息安全国家工程研究中心 + - [ ] [人民警察,节日快乐!](https://mp.weixin.qq.com/s?__biz=MzU5OTQ0NzY3Ng==&mid=2247498717&idx=1&sn=9a841ab270b3e6f950325770726410c3&chksm=feb67acec9c1f3d83bd56a154d26c900d8c4ca178b66d9424180b2322fffee6fffb414af5cb6&scene=58&subscene=0#rd) +- 天御攻防实验室 + - [ ] [特朗普上台,中美会发生网络战吗?](https://mp.weixin.qq.com/s?__biz=MzU0MzgyMzM2Nw==&mid=2247486232&idx=1&sn=5527e80a86875c017071d27f5b315e3e&chksm=fb04c870cc734166b62da7615b11c8f548c2c9dc95b0052d19fa52bc94805b96216c5e98af05&scene=58&subscene=0#rd) +- XCTF联赛 + - [ ] [SUCTF 2025|倒计时1天!](https://mp.weixin.qq.com/s?__biz=MjM5NDU3MjExNw==&mid=2247515473&idx=1&sn=6719fed82acc7d0877686b37ec2466a5&chksm=a6874f6b91f0c67d1f6003d51caeeed9ed952912bae9f6b9710e07b95144532bd90916777336&scene=58&subscene=0#rd) +- FreeBuf网络安全行业门户 + - [ ] [CVE-2024-6768漏洞分析](https://www.freebuf.com/vuls/419530.html) + - [ ] [YAK-SSA,古希腊掌管PHP代码审计的神](https://www.freebuf.com/articles/web/419509.html) + - [ ] [【论文速读】| 利用大语言模型在灰盒模糊测试中生成初始种子](https://www.freebuf.com/articles/network/419499.html) + - [ ] [FreeBuf周报 | AWS屡曝严重RCE漏洞;2025年需要防范这五大恶意软件](https://www.freebuf.com/news/419455.html) + - [ ] [超4000个Web后门通过注册过期域名被劫持](https://www.freebuf.com/news/419479.html) + - [ ] [网络钓鱼活动利用CrowdStrike招聘骗局传播挖矿软件](https://www.freebuf.com/news/419446.html) + - [ ] [Banshee Stealer新变种正借Apple XProtect加密技术躲避杀毒软件](https://www.freebuf.com/news/419475.html) + - [ ] [给DevOps加点料:融入安全性的DevSecOps](https://www.freebuf.com/news/419443.html) +- 中国信息安全 + - [ ] [通知 | 国家网信办就《网络信息内容多渠道分发服务机构相关业务活动管理规定(草案稿)》公开征求意见(附全文)](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664234365&idx=1&sn=af17f45f731d0c43256ce450f1d66690&chksm=8b59ff84bc2e7692f51814ffc268d5308bbd8679786942b61f1698a65e23c06a719f2e4f91b3&scene=58&subscene=0#rd) + - [ ] [专家解读 | 张金平:个人信息保护认证的中国创新方案](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664234365&idx=2&sn=a02c27826be18902ca053d25a2e5522b&chksm=8b59ff84bc2e769235dba763756fd24e2891c73c13e32d630a4cbbbec0b85918576265190726&scene=58&subscene=0#rd) + - [ ] [解读 | 《网络数据安全管理条例》有哪些亮点?](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664234365&idx=3&sn=bad4d027f0d756a436be1f46a3d63af6&chksm=8b59ff84bc2e769270a72ca471da37713cc209a6abcfa9d95c9a38987d76559afb93501fca7c&scene=58&subscene=0#rd) + - [ ] [公安部:公安机关2024年办理网暴案件8600余起](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664234365&idx=4&sn=bb86fc6ef4b9ac1b523049d343d2cf93&chksm=8b59ff84bc2e7692c756205917a14db9a101220f4c93944f14dcad1669a1d5a7e6c182dee584&scene=58&subscene=0#rd) + - [ ] [发布 | 中国信通院发布《城市全域数字化转型行业洞察报告(2024年)》(附下载)](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664234365&idx=5&sn=9e22dc9b697d9182120297617fff2713&chksm=8b59ff84bc2e7692e221e04bb2de5a7f021ac72afcac3f11536f59e4c14f1404a0c9804cb06d&scene=58&subscene=0#rd) + - [ ] [评论 | 用AI生成“地震被埋图”存在诸多不妥](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664234365&idx=6&sn=f4dfe25b2035fdf63eed7cc30883651d&chksm=8b59ff84bc2e7692345e58297f5dcd2ed4d71c9834c440ac19ecfdf7fe8be2bacd7d3a3d0c93&scene=58&subscene=0#rd) + - [ ] [关注 | 勇闯“春运”,要注意这些问题!](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664234365&idx=7&sn=26075d2a4c3c7515c08c1b7d9fd68c01&chksm=8b59ff84bc2e76929ea213b189e5dd0cc52a2f9e91a3ed315e497e449d3d1e69c05f3cf29062&scene=58&subscene=0#rd) +- 丁爸 情报分析师的工具箱 + - [ ] [【资料】网络的三张面孔:网络和平活动家,间谍,攻击者](https://mp.weixin.qq.com/s?__biz=MzI2MTE0NTE3Mw==&mid=2651148492&idx=1&sn=e284a7e43cbcb6ab36ec5a1f003ab059&chksm=f1af27f6c6d8aee040256534a8be599a13aa1d52d2e03ec456307340c1fd877521c5f767fb35&scene=58&subscene=0#rd) +- 安全圈 + - [ ] [【安全圈】日本炒作“中国疑似参与黑客攻击”,外交部:日方判断既不专业也不负责任](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067255&idx=1&sn=a41ccbc8f9fc9de8ed0dfe5c7a296033&chksm=f36e79f7c419f0e1b35e1a159d0ecdc609b196301a8249fba8092baf5dfe98047bd31c2f61e2&scene=58&subscene=0#rd) + - [ ] [【安全圈】数百万电子邮件服务器因缺少 TLS 加密而暴露](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067255&idx=2&sn=c42d9289f9097a99b0e9de5638c25da5&chksm=f36e79f7c419f0e10c2b64215d46af042d6d4538f0c26663174d24372c62af1b974a8b8a08ef&scene=58&subscene=0#rd) + - [ ] [【安全圈】超4000个Web后门通过注册过期域名被劫持](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067255&idx=3&sn=12454a2419a60abfe0219df1db8fc9ff&chksm=f36e79f7c419f0e1ce0df613111e8c48cf52ca20de42869051bf60a997f620888b67420c0ca5&scene=58&subscene=0#rd) + - [ ] [【安全圈】联合国航空机构确认招聘数据库存在安全漏洞](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067255&idx=4&sn=3fd244b5403280e26cbc308f9d938be2&chksm=f36e79f7c419f0e19717a852043341319ec8c0f73e0e9daa2e8a6064deb75c8df3e4e101920a&scene=58&subscene=0#rd) +- 网络空间安全科学学报 + - [ ] [学术前沿 | 基于尺寸变换的图像级特征增强隐写分析方法](https://mp.weixin.qq.com/s?__biz=MzI0NjU2NDMwNQ==&mid=2247504586&idx=1&sn=667f8402bebdb572ddabe5ecd419bfca&chksm=e9bfc674dec84f6234750fd856ba4bfd720b2739fd6d525d5cf469d492beaac34d64762021e2&scene=58&subscene=0#rd) +- M01N Team + - [ ] [每周蓝军技术推送(2025.1.4-1.10)](https://mp.weixin.qq.com/s?__biz=MzkyMTI0NjA3OA==&mid=2247493958&idx=1&sn=fc9a1bbf6caf95a8b7e36393cad78eda&chksm=c1842957f6f3a0415494df511f9508dc96bd52859b394da2d476577ba2244cf005425fb0422e&scene=58&subscene=0#rd) +- 腾讯科恩实验室 + - [ ] [揭秘SecBench大模型网络安全测评数据集构建](https://mp.weixin.qq.com/s?__biz=MzU1MjgwNzc4Ng==&mid=2247512655&idx=1&sn=106694cb80bebae36c6c05265abd108f&chksm=fbfe8e4acc89075c0720dc0dac3598a15c0586527b20f0963008dc6c927d76b0371b080c1c05&scene=58&subscene=0#rd) +- 补天平台 + - [ ] [2024补天平台【专属SRC】年度榜单发布!](https://mp.weixin.qq.com/s?__biz=MzI2NzY5MDI3NQ==&mid=2247507272&idx=1&sn=4dda0db202724e951d5e867b98fbb1be&chksm=eaf99504dd8e1c125b693c288f80a10c9a88fd21edea65a6ab9f6a61d5e21822f182145141ed&scene=58&subscene=0#rd) +- 奇安信威胁情报中心 + - [ ] [每周高级威胁情报解读(2025.01.03~01.09)](https://mp.weixin.qq.com/s?__biz=MzI2MDc2MDA4OA==&mid=2247513719&idx=1&sn=7ba22c6c00a862dcc9bd46f1f73fc77d&chksm=ea664100dd11c8160f008b33f2a15aa0b4839d1559f4b3481539f9536f92c79c36c5b9357879&scene=58&subscene=0#rd) +- NOVASEC + - [ ] [Hawkeye 一款Windows综合应急响应工具](https://mp.weixin.qq.com/s?__biz=MzUzODU3ODA0MA==&mid=2247490417&idx=1&sn=fe9dad38c72edfe0050a8f09afa05153&chksm=fad4c666cda34f704ce062d76decee29ad7ca69d6ac2c2a7d4c25273beae358cc3303fec21de&scene=58&subscene=0#rd) +- 极客公园 + - [ ] [26.3 万,特斯拉焕新 Model Y 突然上市,雷军「发贺电」](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653071793&idx=1&sn=3f07ac1e0a74b594446d172b6befabfa&chksm=7e57d40749205d111364fb0ebdb1493de6a3d45c0dcad2921ffbc85a307b04963edeab946d87&scene=58&subscene=0#rd) + - [ ] [2025 年 CES,为什么变成了世界最大「眼镜城」?](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653071781&idx=1&sn=dca04f483bca99394f6c3d127dcfc9ac&chksm=7e57d41349205d05c6dcd85def9e879d572cf93f982b13b01c05aa53447eab4c6350e6b57877&scene=58&subscene=0#rd) + - [ ] [B 站成春晚「独家弹幕视频平台」;西藏地震「小孩被埋」AI 生成图将被追责;加州大火危及好莱坞等景点 | 极客早知道](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653071702&idx=1&sn=7edc49de07482379ea1a9dbd199dc069&chksm=7e57d4e049205df61a63b790d9e5e6242217bc39d86a43681249ef2057e91f76a9ed5ff3e317&scene=58&subscene=0#rd) +- Tide安全团队 + - [ ] [Pwn入门之格式化字符串漏洞](https://mp.weixin.qq.com/s?__biz=Mzg2NTA4OTI5NA==&mid=2247519568&idx=1&sn=a136e2cd3ab3db52ce3b8f15811f0411&chksm=ce5daf31f92a2627e42e6f140583642241a9cce471e1727c960141e4bda457f55374ea16de47&scene=58&subscene=0#rd) +- 情报分析师 + - [ ] [​致人民警察的一封信](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650558871&idx=1&sn=2049a81dea035595445267831bbf8eba&chksm=87117fdcb066f6ca90663192d96ff49aed9c05534fe81b7648f73162d5573546a71af8d1bf83&scene=58&subscene=0#rd) + - [ ] [深挖缅甸妙瓦底 KK 园区:电信诈骗的阴暗角落与跨国打击的艰难之路](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650558871&idx=2&sn=425102a0a5e829f41bce07b26f791afb&chksm=87117fdcb066f6ca21d4a5bc70df0464f5c0045f99e6be6137f53a7c7185427bf4511495f63e&scene=58&subscene=0#rd) + - [ ] [2025年日本国防战略调整分析](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650558871&idx=3&sn=5dc7c0bf081673ac6520dbd2dd7aec61&chksm=87117fdcb066f6cae78b04d12794725fee009f42e9b6f3afe33590cd3d1fe9a7b6ae8e9c49f1&scene=58&subscene=0#rd) +- ChaMd5安全团队 + - [ ] [共赴商用密码盛事,开启创新发展新篇--2025第三届商用密码展将于6月11日-13日在上海举办!](https://mp.weixin.qq.com/s?__biz=MzIzMTc1MjExOQ==&mid=2247511835&idx=1&sn=74578ef36cfe67c4677beb96c5d15795&chksm=e89d87c3dfea0ed56fbfb4aaa6133aa385822fce6524d09512079841830c9e533d5a57e3d129&scene=58&subscene=0#rd) +- 威胁猎人Threat Hunter + - [ ] [【黑产大数据】恶意贷款中介揭秘](https://mp.weixin.qq.com/s?__biz=MzI3NDY3NDUxNg==&mid=2247498437&idx=1&sn=5c259f2e9ba6de730bc41e763ee2d2dd&chksm=eb12dcfedc6555e8683ea4e9d3ef00a820ab4767b92370d3181b0f11552e01f1c8081d185d44&scene=58&subscene=0#rd) +- Beacon Tower Lab + - [ ] [DayDayMap新年回馈——免费抽取终身会员,另有更多好礼等你来拿!](https://mp.weixin.qq.com/s?__biz=MzkyNzcxNTczNA==&mid=2247486924&idx=1&sn=c7a4a0ad299a4e872a4cc0ac31de6468&chksm=c2229535f5551c23a4f1b84c0ceaa260a77296571764bab74d7d6b1a719e7f7db3c0cd8eb44e&scene=58&subscene=0#rd) +- 吴鲁加 + - [ ] [来组队运动打卡](https://mp.weixin.qq.com/s?__biz=Mzg5NDY4ODM1MA==&mid=2247485130&idx=1&sn=9ac53212495be2d6d3ae106527dc1009&chksm=c01a8bfbf76d02edf3bf046517683cdf658dd75a6a766df06f5e25848753313bd5f19050a436&scene=58&subscene=0#rd) +- 复旦白泽战队 + - [ ] [复旦白泽天梯多轮对话专项天梯结果出炉](https://mp.weixin.qq.com/s?__biz=MzU4NzUxOTI0OQ==&mid=2247492826&idx=1&sn=488d035b0ded0b568d5556b3f1b6b236&chksm=fde860a4ca9fe9b2256b7824f2c6a0194a6196776cfb30fc1a38a18a9c49960ca335769238d8&scene=58&subscene=0#rd) +- 嘶吼专业版 + - [ ] [【急聘】京东集团信息安全部招人啦~~](https://mp.weixin.qq.com/s?__biz=MzI0MDY1MDU4MQ==&mid=2247580725&idx=1&sn=b63dd1e7fcbf3c546ef2120ab62800cc&chksm=e9146c0fde63e519ca57b762b500b310a8d68a3c49aed5115723adb48468e79935456c477c21&scene=58&subscene=0#rd) + - [ ] [国家网络安全通报中心:重点防范境外恶意网址和恶意IP](https://mp.weixin.qq.com/s?__biz=MzI0MDY1MDU4MQ==&mid=2247580725&idx=2&sn=63fd746c589e9cd1b6647a823ca163d3&chksm=e9146c0fde63e519285ec50431f0b8a8d25de8216245362a6d0c32046f930271a801895c78e0&scene=58&subscene=0#rd) +- dotNet安全矩阵 + - [ ] [接二连三,通过 .NET AppDomain 注入后门实现权限维持](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498124&idx=1&sn=34076b04cb96fa929b7d8a8cbae565cc&chksm=fa595761cd2ede7736fb0ecec4ef46c342c1320893e64801929a44e06a7d4c2b387f41f899a1&scene=58&subscene=0#rd) + - [ ] [.NET 安全基础入门学习知识库](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498124&idx=2&sn=4ea7c449c3918b19d0dbc98deac36034&chksm=fa595761cd2ede772a770f375217321f3d306206ea48e79b69d580bfd14adece2f9ca4fa0032&scene=58&subscene=0#rd) + - [ ] [来来来,喝酒不够持久的都不配叫APT玩家!](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498124&idx=3&sn=764005c46751c846ff68b2d7b52522b1&chksm=fa595761cd2ede779c023189b1b634746fe96cf81f90b0705cd4910d47db55c81a8d4f8e0183&scene=58&subscene=0#rd) +- 安全419 + - [ ] [【观演指南】| 明晚 | 摇滚黑客2025演唱会北京现场见!](https://mp.weixin.qq.com/s?__biz=MzUyMDQ4OTkyMg==&mid=2247546519&idx=1&sn=0b14341dacc638097b304b34c2fce4b7&chksm=f9ebe83ace9c612ca4bedf40cd1a69fd40513b21d20cb4e73812294b7534c71420f3211ccbda&scene=58&subscene=0#rd) + - [ ] [听摇滚黑客2025演唱会 享滴滴打车五折优惠](https://mp.weixin.qq.com/s?__biz=MzUyMDQ4OTkyMg==&mid=2247546519&idx=2&sn=9c53a50b2d2fd5f2dd014e5726399bac&chksm=f9ebe83ace9c612c3d89c04885de278be3a60f45746a387b90ef49a61b6c52b882ccab8a1a96&scene=58&subscene=0#rd) +- 360数字安全 + - [ ] [致敬警察节|警企携手,筑牢安全防护网!](https://mp.weixin.qq.com/s?__biz=MzA4MTg0MDQ4Nw==&mid=2247578636&idx=1&sn=13cefe2c13751df91b8d32c27800f0d1&chksm=9f8d2404a8faad12c120e53ebaadc85d8d03fcad4cfc00507ef69d50593b088ba16adc9e449d&scene=58&subscene=0#rd) +- 迪哥讲事 + - [ ] [记某次测试翻阅海量js语句黑盒出sql注入](https://mp.weixin.qq.com/s?__biz=MzIzMTIzNTM0MA==&mid=2247496807&idx=1&sn=44a86c5974f7824fcfd2d43bc5bd70b3&chksm=e8a5fe04dfd277126cdac3b07133c0a9ac6eaa4ef20c878e69b9c97e40377d22ed09e081aacd&scene=58&subscene=0#rd) +- 悬镜安全 + - [ ] [权威认可|悬镜再次入选2024年度毕马威中国金融科技企业双50强](https://mp.weixin.qq.com/s?__biz=MzA3NzE2ODk1Mg==&mid=2647795461&idx=1&sn=ea056881a28c848a31e57e1b2b75317c&chksm=8770af52b007264447b448eb912a971a9cdc84538023218ca3f23da02af85dac925dded42dd8&scene=58&subscene=0#rd) +- LuxSci + - [ ] [LuxSci Strengthens Leadership Position in G2 Winter 2025 Reports](https://luxsci.com/blog/luxsci-g2-reviews-winter-2025.html) +- IT Service Management News + - [ ] [Sull'incidente InfoCert](http://blog.cesaregallotti.it/2025/01/sullincidente-infocert.html) +- bellingcat + - [ ] [Seeing More With Satellite Imagery Using Band Combinations, Ratios and Indices](https://www.bellingcat.com/resources/2025/01/10/satellite-imagery-bands-guide/) +- 火绒安全 + - [ ] [【火绒安全周报】T1电竞选手直播因DDoS攻击再度中断/不法分子假冒网安公司招聘发动钓鱼攻击](https://mp.weixin.qq.com/s?__biz=MzI3NjYzMDM1Mg==&mid=2247521496&idx=1&sn=c7605f161604bbc226e351e4634ef9af&chksm=eb704ae7dc07c3f1af99f7500c637baf22504d2a8f12b042a27370ebb8a87ab2ff9813e53d6a&scene=58&subscene=0#rd) + - [ ] [诚邀渠道合作伙伴共启新征程](https://mp.weixin.qq.com/s?__biz=MzI3NjYzMDM1Mg==&mid=2247521496&idx=2&sn=bdaa413a8417b3ecd5583b9fe9fc3b65&chksm=eb704ae7dc07c3f1b01fc69498a1ea604c8c4bdf26b76844d6e141500693739c5cb578317b77&scene=58&subscene=0#rd) +- 安全牛 + - [ ] [安全牛《中国网络安全全景图》(第十二版)调研启动](https://mp.weixin.qq.com/s?__biz=MjM5Njc3NjM4MA==&mid=2651134576&idx=1&sn=e86ab5b49773d2d99aa5756c964bd0a5&chksm=bd15aaa38a6223b5ee9ca73cc3c5a819f983c98155cd6ed258f90a86c33c690cb9604f8bfe3c&scene=58&subscene=0#rd) + - [ ] [欧盟委员会因隐私违规行为首次被追责;苹果以9500万美元和解持续了5年的Siri隐私诉讼 | 牛览](https://mp.weixin.qq.com/s?__biz=MjM5Njc3NjM4MA==&mid=2651134576&idx=2&sn=a7d8e8804916170cb6b3ad59b218d42d&chksm=bd15aaa38a6223b5d84b077a9d24888eb1504e4c9b7448a0c8d86e9c4aa1ab32a1d9d8746acd&scene=58&subscene=0#rd) +- ICT Security Magazine + - [ ] [Perché le aziende dovrebbero prepararsi agli attacchi informatici durante le festività](https://www.ictsecuritymagazine.com/notizie/attacchi-informatici-semperis/) + - [ ] [La Remediation nella Sicurezza Informatica: sfide e prospettive](https://www.ictsecuritymagazine.com/articoli/remediation-sicurezza/) +- Schneier on Security + - [ ] [Friday Squid Blogging: Cotton-and-Squid-Bone Sponge](https://www.schneier.com/blog/archives/2025/01/friday-squid-blogging-cotton-and-squid-bone-sponge.html) + - [ ] [Apps That Are Spying on Your Location](https://www.schneier.com/blog/archives/2025/01/apps-that-are-spying-on-your-location.html) +- FuzzWiki + - [ ] [HirGen:针对深度学习编译器的模糊测试技术](https://mp.weixin.qq.com/s?__biz=MzU1NTEzODc3MQ==&mid=2247486850&idx=1&sn=dced461f84a7bc0c0fce0bc7d690ea72&chksm=fbd9a63eccae2f28d233d59f36d0bbff14a8c6daae02b28bae378464ea8a92da71dc90e8cde1&scene=58&subscene=0#rd) +- Hacking Exposed Computer Forensics Blog + - [ ] [Daily Blog #714: Forensic Lunch 1/10/25 with Ryatt Roesrma talking about fine tuning AI models](https://www.hecfblog.com/2025/01/daily-blog-714-forensic-lunch-11025.html) +- Over Security - Cybersecurity news aggregator + - [ ] [Marijuana dispensary STIIIZY warns of leaked IDs after November data breach](https://therecord.media/marijuana-dispensary-warns-of-data-breach) + - [ ] [NSO ruling is a victory for WhatsApp, but could have a small impact on spyware industry](https://therecord.media/nso-whatsapp-ruling-may-have-limited-impact-on-spyware-ecosystem) + - [ ] [New York sues to recover $2 million in crypto stolen in remote job scams](https://therecord.media/new-york-sues-recover-millions) + - [ ] [Telefónica confirms internal ticketing system breach after data leak](https://www.bleepingcomputer.com/news/security/telefonica-confirms-internal-ticketing-system-breach-after-data-leak/) + - [ ] [New Web3 attack exploits transaction simulations to steal crypto](https://www.bleepingcomputer.com/news/security/new-web3-attack-exploits-transaction-simulations-to-steal-crypto/) + - [ ] [Russian nationals arrested by US, accused of running crypto mixers Blender and Sinbad](https://therecord.media/russian-nationals-indicted-blender-sinbad-crypto-mixers) + - [ ] [US charges operators of cryptomixers linked to ransomware gangs](https://www.bleepingcomputer.com/news/security/us-charges-operators-of-cryptomixers-linked-to-ransomware-gangs/) + - [ ] [Flashpoint Intelligence: Delivering Actionable Data for a Safer World](https://flashpoint.io/blog/flashpoint-intelligence-delivering-actionable-data/) + - [ ] [Slovakia’s land registry hit by biggest cyberattack in country’s history, minister says](https://therecord.media/slovakia-registry-cyberattack-land-agriculture) + - [ ] [US government charges operators of crypto mixing service used by North Korea and ransomware gangs](https://techcrunch.com/2025/01/10/us-government-charges-operators-of-crypto-mixing-service-used-by-north-korea-and-ransomware-gangs/) + - [ ] [Treasury hackers also breached US foreign investments review office](https://www.bleepingcomputer.com/news/security/treasury-hackers-also-breached-us-foreign-investments-review-office/) + - [ ] [Docker Desktop blocked on Macs due to false malware alert](https://www.bleepingcomputer.com/news/security/docker-desktop-blocked-on-macs-due-to-false-malware-alert/) + - [ ] [Proton worldwide outage caused by Kubernetes migration, software change](https://www.bleepingcomputer.com/news/technology/proton-worldwide-outage-caused-by-kubernetes-migration-software-change/) + - [ ] [New amateurish ransomware group FunkSec using AI to develop malware](https://therecord.media/funksec-ransomware-using-ai-malware) + - [ ] [STIIIZY data breach exposes cannabis buyers’ IDs and purchases](https://www.bleepingcomputer.com/news/security/stiiizy-data-breach-exposes-cannabis-buyers-ids-and-purchases/) + - [ ] [Sintesi riepilogativa delle campagne malevole nella settimana del 4 – 10 gennaio](https://cert-agid.gov.it/news/sintesi-riepilogativa-delle-campagne-malevole-nella-settimana-del-4-10-gennaio/) + - [ ] [Microsoft to force install new Outlook on Windows 10 PCs in February](https://www.bleepingcomputer.com/news/microsoft/microsoft-to-force-install-new-outlook-on-windows-10-pcs-in-february/) + - [ ] [BlinkenCity: From Art Project to Europe-wide Blackout Scenario](https://positive.security/blog/blinkencity-38c3) + - [ ] [Bots identified pushing anti-NATO messages in Croatian presidential runoff](https://therecord.media/bots-pushing-anti-nato-messages-croatian-election) + - [ ] [U.S. Telecom, Zero-Day Attacks Show Need for Cybersecurity Hygiene](https://cyble.com/blog/us-telecom-zero-day-attacks-show-need-for-cybersecurity-hygiene/) + - [ ] [WorstFit: Unveiling Hidden Transformers in Windows ANSI!](https://blog.orange.tw/posts/2025-01-worstfit-unveiling-hidden-transformers-in-windows-ansi/) + - [ ] [Critical ICS Vulnerabilities Uncovered in Weekly Vulnerability Report](https://cyble.com/blog/new-ics-vulnerabilities-report/) +- 白泽安全实验室 + - [ ] [APT组织Turla瞄准巴基斯坦关键基础设施展开攻击活动——每周威胁情报动态第208期 (01.03-01.09)](https://mp.weixin.qq.com/s?__biz=MzI0MTE4ODY3Nw==&mid=2247492512&idx=1&sn=c207ba89352dde2873ca1a70add44b6e&chksm=e90dc98ade7a409cc199fc590cf3e312dc6eaa82247b6b584125cb7f616538f5b28e41749a4a&scene=58&subscene=0#rd) +- 安全村SecUN + - [ ] [躬行|《电子数据取证与网络犯罪调查》专刊第七辑50份惊喜抽奖:)警察节快乐!](https://mp.weixin.qq.com/s?__biz=MzkyODM5NzQwNQ==&mid=2247496405&idx=1&sn=17b40406394060c7c389957502b86cb2&chksm=c21bd3e7f56c5af18c89a7436057ceea52e2c7e320b66f8f0807b3848982e27e0681de90f2e0&scene=58&subscene=0#rd) +- The Hacker News + - [ ] [Google Project Zero Researcher Uncovers Zero-Click Exploit Targeting Samsung Devices](https://thehackernews.com/2025/01/google-project-zero-researcher-uncovers.html) + - [ ] [Taking the Pain Out of Cybersecurity Reporting: A Practical Guide for MSPs](https://thehackernews.com/2025/01/taking-pain-out-of-cybersecurity.html) + - [ ] [AI-Driven Ransomware FunkSec Targets 85 Victims Using Double Extortion Tactics](https://thehackernews.com/2025/01/ai-driven-ransomware-funksec-targets-85.html) + - [ ] [Hands-On Walkthrough: Microsegmentation For all Users, Workloads and Devices by Elisity](https://thehackernews.com/2025/01/hands-on-walkthrough-microsegmentation.html) + - [ ] [RedDelta Deploys PlugX Malware to Target Mongolia and Taiwan in Espionage Campaigns](https://thehackernews.com/2025/01/reddelta-deploys-plugx-malware-to.html) + - [ ] [CrowdStrike Warns of Phishing Scam Targeting Job Seekers with XMRig Cryptominer](https://thehackernews.com/2025/01/crowdstrike-warns-of-phishing-scam.html) +- TorrentFreak + - [ ] [‘Strike 3’ Filed a Record Number of Piracy Lawsuits in 2024](https://torrentfreak.com/strike-3-filed-a-record-number-of-piracy-lawsuits-in-2024-250110/) +- SANS Internet Storm Center, InfoCON: green + - [ ] [ISC Stormcast For Friday, January 10th, 2025 https://isc.sans.edu/podcastdetail/9274, (Fri, Jan 10th)](https://isc.sans.edu/diary/rss/31576) + - [ ] [Windows Defender Chrome Extension Detection, (Fri, Jan 10th)](https://isc.sans.edu/diary/rss/31574) +- Graham Cluley + - [ ] [Canadian man loses a cryptocurrency fortune to scammers – here’s how you can stop it happening to you](https://www.bitdefender.com/en-us/blog/hotforsecurity/canadian-man-loses-a-cryptocurrency-fortune-to-scammers-heres-how-you-can-stop-it-happening-to-you) +- Information Security + - [ ] [Organized my cybersecurity bookmarks into a GitHub repo (300+ sources)](https://www.reddit.com/r/Information_Security/comments/1hy0exs/organized_my_cybersecurity_bookmarks_into_a/) + - [ ] [RBI PA-PG (Payment Aggregators & Payment Gateways) Audit](https://www.reddit.com/r/Information_Security/comments/1hxz9tj/rbi_papg_payment_aggregators_payment_gateways/) +- Deep Web + - [ ] [How safe is posting on forums on the darkweb?](https://www.reddit.com/r/deepweb/comments/1hy0bdu/how_safe_is_posting_on_forums_on_the_darkweb/) + - [ ] [Dark web purchase](https://www.reddit.com/r/deepweb/comments/1hy1wwb/dark_web_purchase/) +- Computer Forensics + - [ ] [CREST Certs (CPIA|CRIA)](https://www.reddit.com/r/computerforensics/comments/1hyahq4/crest_certs_cpiacria/) + - [ ] [Mac OS - need application logs](https://www.reddit.com/r/computerforensics/comments/1hxtfyh/mac_os_need_application_logs/) + - [ ] [Macbook M4/M4 Pro Collections](https://www.reddit.com/r/computerforensics/comments/1hxtktu/macbook_m4m4_pro_collections/) +- Blackhat Library: Hacking techniques and research + - [ ] [Just question](https://www.reddit.com/r/blackhat/comments/1hyesag/just_question/) +- Your Open Hacker Community + - [ ] [A question](https://www.reddit.com/r/HowToHack/comments/1hyauea/a_question/) + - [ ] [Question about windows](https://www.reddit.com/r/HowToHack/comments/1hye2lu/question_about_windows/) + - [ ] [Is this Vulnerable ?](https://www.reddit.com/r/HowToHack/comments/1hyi8hk/is_this_vulnerable/) + - [ ] [Could anyone help me in understanding this "Not Operational or Intended Public Access" vulnerability ?](https://www.reddit.com/r/HowToHack/comments/1hy7xk7/could_anyone_help_me_in_understanding_this_not/) + - [ ] [Help](https://www.reddit.com/r/HowToHack/comments/1hyhuu9/help/) + - [ ] [Wardriving Question](https://www.reddit.com/r/HowToHack/comments/1hy5hha/wardriving_question/) + - [ ] [How to hack a new ai website?](https://www.reddit.com/r/HowToHack/comments/1hyhm2r/how_to_hack_a_new_ai_website/) + - [ ] [Any idea how to gg cpm2 ?](https://www.reddit.com/r/HowToHack/comments/1hy96jp/any_idea_how_to_gg_cpm2/) + - [ ] [how to loop a cctv camera](https://www.reddit.com/r/HowToHack/comments/1hy7y62/how_to_loop_a_cctv_camera/) + - [ ] [Taking down Defender experiment](https://www.reddit.com/r/HowToHack/comments/1hxtxzr/taking_down_defender_experiment/) +- Security Affairs + - [ ] [Banshee macOS stealer supports new evasion mechanisms](https://securityaffairs.com/172918/malware/new-version-of-the-banshee-macos-stealer.html) + - [ ] [Researchers disclosed details of a now-patched Samsung zero-click flaw](https://securityaffairs.com/172909/hacking/samsung-zero-click-flaw.html) + - [ ] [Phishers abuse CrowdStrike brand targeting job seekers with cryptominer](https://securityaffairs.com/172900/cyber-crime/crowdstrike-phishing-campaign-recruitment-branding.html) + - [ ] [China-linked APT group MirrorFace targets Japan](https://securityaffairs.com/172890/apt/china-linked-apt-mirrorface-targets-japan.html) +- netsecstudents: Subreddit for students studying Network Security and its related subjects + - [ ] [Passed Cisco 100-140 (CCST IT Support) Exam! Here's How I Prepared](https://www.reddit.com/r/netsecstudents/comments/1hy26je/passed_cisco_100140_ccst_it_support_exam_heres/) + - [ ] [What is the best practice to securely host an application in Linux?](https://www.reddit.com/r/netsecstudents/comments/1hxzw9c/what_is_the_best_practice_to_securely_host_an/) + - [ ] [What project should be added in resume as a cyber security beginner?](https://www.reddit.com/r/netsecstudents/comments/1hxvis0/what_project_should_be_added_in_resume_as_a_cyber/) + - [ ] [Guidance Needed for Safe Demonstration of GIF Malware Detection](https://www.reddit.com/r/netsecstudents/comments/1hxyr5d/guidance_needed_for_safe_demonstration_of_gif/) + - [ ] [Graduating soon at 19, Sec+ done - what’s the next cert or skill to pursue?](https://www.reddit.com/r/netsecstudents/comments/1hxra7i/graduating_soon_at_19_sec_done_whats_the_next/) +- Trend Micro Research, News and Perspectives + - [ ] [How Cracks and Installers Bring Malware to Your Device](https://www.trendmicro.com/en_us/research/25/a/how-cracks-and-installers-bring-malware-to-your-device.html) +- Technical Information Security Content & Discussion + - [ ] [ACE up the sleeve: Hacking into Apple's new USB-C Controller](https://www.reddit.com/r/netsec/comments/1hy9t8i/ace_up_the_sleeve_hacking_into_apples_new_usbc/) + - [ ] [How to jailbreak most/all LLMs using Assistant Prefill](https://www.reddit.com/r/netsec/comments/1hy6snm/how_to_jailbreak_mostall_llms_using_assistant/) + - [ ] [Exploiting SSTI in a Modern Spring Boot Application (3.3.4)](https://www.reddit.com/r/netsec/comments/1hy06vj/exploiting_ssti_in_a_modern_spring_boot/) + - [ ] [Do Secure-By-Design Pledges Come With Stickers? - Ivanti Connect Secure RCE (CVE-2025-0282) - watchTowr Labs](https://www.reddit.com/r/netsec/comments/1hxt46x/do_securebydesign_pledges_come_with_stickers/) +- The Register - Security + - [ ] [Chinese cyber-spies peek over shoulder of officials probing real-estate deals near American military bases](https://go.theregister.com/feed/www.theregister.com/2025/01/10/china_treasury_foreign_investment/) + - [ ] [Drug addiction treatment service admits attackers stole sensitive patient data](https://go.theregister.com/feed/www.theregister.com/2025/01/10/baymark_data_breach/) + - [ ] [Devs sent into security panic by 'feature that was helpful … until it wasn't'](https://go.theregister.com/feed/www.theregister.com/2025/01/10/on_call/) +- Security Weekly Podcast Network (Audio) + - [ ] [Robot Dogs, Ivanti, SonicWall, Banshee, Telegram, Motorola, Aaran Leyland, and more. - SWN #441](http://sites.libsyn.com/18678/robot-dogs-ivanti-sonicwall-banshee-telegram-motorola-aaran-leyland-and-more-swn-441) diff --git a/archive/tmp/2025-01-11.json b/archive/tmp/2025-01-11.json new file mode 100644 index 0000000000..0280bab35f --- /dev/null +++ b/archive/tmp/2025-01-11.json @@ -0,0 +1,547 @@ +{ + "paper - Last paper": { + "Self-changing Data Type - CVE-2024-40676 漏洞分析": "https://paper.seebug.org/3266/" + }, + "Recent Commits to cve:main": { + "Update Fri Jan 10 20:11:13 UTC 2025": "https://github.com/trickest/cve/commit/35ab00cc0e2f9453ab25383a9a5c9d4cfa1182d1", + "Update Fri Jan 10 12:19:12 UTC 2025": "https://github.com/trickest/cve/commit/bb4ddf1816df72235be5cd596f20b2ed83504f0c", + "Update Fri Jan 10 04:22:20 UTC 2025": "https://github.com/trickest/cve/commit/0eba4829b48b6e4109d4f696f205771712d068c3" + }, + "嘶吼 RoarTalk – 网络安全行业综合服务平台,4hou.com": { + "国家网络安全通报中心:重点防范境外恶意网址和恶意IP": "https://www.4hou.com/posts/VW2o", + "Check Point:企业如何应对复杂网络挑战?": "https://www.4hou.com/posts/W1Ko" + }, + "Doonsec's feed": { + "特朗普上台,中美会发生网络战吗?": "https://mp.weixin.qq.com/s?__biz=MzU0MzgyMzM2Nw==&mid=2247486232&idx=1&sn=5527e80a86875c017071d27f5b315e3e", + "30天渗透测试练习计划(2025 第一部分)": "https://mp.weixin.qq.com/s?__biz=MzkyODYwODkyMA==&mid=2247484899&idx=1&sn=9aae3d9926fe3695441f5c88f9f5546f", + "2025 年,炼石计划@赛博代审之旅又带来了什么好东西呢?": "https://mp.weixin.qq.com/s?__biz=Mzg3MDU1MjgwNA==&mid=2247487164&idx=1&sn=ee4ecadbaa3c2616b6e600c1711926e0", + "中国软件评测中心2024年干部述职述廉考核 工作总结表彰大会暨2025年工作计划会圆满召开": "https://mp.weixin.qq.com/s?__biz=MjM5NzYwNDU0Mg==&mid=2649249217&idx=1&sn=efe8d1f5b3fa8193ede8e5ee31c840e9", + "国家互联网信息办公室关于《网络信息内容多渠道分发服务机构相关业务活动管理规定(草案稿)》公开征求意见的通知": "https://mp.weixin.qq.com/s?__biz=MzI5NTM4OTQ5Mg==&mid=2247633711&idx=1&sn=7ade192a71c4b34eb6cf7fd5930216ce", + "突发!美国拟(全面禁止)向中国出口 GPU": "https://mp.weixin.qq.com/s?__biz=MzI5NTM4OTQ5Mg==&mid=2247633711&idx=3&sn=a171f86485cabe24801c9536db242e1e", + "海南发布商超消费领域个人信息保护合规指引,涉及门店APP、小程序运行规范(附全文)": "https://mp.weixin.qq.com/s?__biz=MzI5NTM4OTQ5Mg==&mid=2247633711&idx=4&sn=068613b0262e30ac174c7fa092dfc2ec", + "豆包好用的关键在于你得会用❗熬夜整理": "https://mp.weixin.qq.com/s?__biz=MzU5MjI1NTY1Mg==&mid=2247483976&idx=1&sn=ef740b84f599f005ce29d414f97b0ad7", + "2025考试安排 | CCRC数据安全官、数据安全评估师": "https://mp.weixin.qq.com/s?__biz=MzU0Mzk0NDQyOA==&mid=2247521211&idx=1&sn=f5888344ad57191e78dfff778e714701", + "信创加速,腾讯安全湖现已完成全栈国产化适配,助力企业高效替换": "https://mp.weixin.qq.com/s?__biz=Mzg5OTE4NTczMQ==&mid=2247526338&idx=1&sn=d932d0ca3339bddabd79d6e04f350b57", + "2025网安行业优质播客精选集⑤": "https://mp.weixin.qq.com/s?__biz=Mzg2MTAwNzg1Ng==&mid=2247495438&idx=1&sn=0dfa956916eecc08f617ada58c6a41aa", + "CSDN挂马事件的安全警醒;平时如何应对钓鱼攻击| FB甲方群话题讨论": "https://mp.weixin.qq.com/s?__biz=Mzg2MTAwNzg1Ng==&mid=2247495438&idx=2&sn=9a03ea5cc87ec11de2f5a5418b852d13", + "中国网络空间安全协会关键信息基础设施安全保护专业委员会在京成立": "https://mp.weixin.qq.com/s?__biz=MzA3ODE0NDA4MA==&mid=2649401216&idx=1&sn=de77c2a7f5191211b4a1eddf1353dadf", + "武汉科技大学2025-2027年网络安全服务采购": "https://mp.weixin.qq.com/s?__biz=MzIxMDIwODM2MA==&mid=2653931394&idx=1&sn=38fbb62c75ca1ac3d4006f41b7847662", + "建行超大规模数据中心开建,定位包括大数据业务主生产中心、核心数据备份中心等": "https://mp.weixin.qq.com/s?__biz=MzIxMDIwODM2MA==&mid=2653931394&idx=2&sn=faea67696fc3676c501d4b313aa0e8e8", + "【1CPE】ISC2Webinar丨降低关键基础设施数字化带来的风险": "https://mp.weixin.qq.com/s?__biz=MzUzNTg4NDAyMg==&mid=2247492278&idx=1&sn=68ad8bcc9a61f861bb328a88abfed21f", + "通知 | 国家网信办就《网络信息内容多渠道分发服务机构相关业务活动管理规定(草案稿)》公开征求意见(附全文)": "https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664234365&idx=1&sn=af17f45f731d0c43256ce450f1d66690", + "解读 | 《网络数据安全管理条例》有哪些亮点?": "https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664234365&idx=3&sn=bad4d027f0d756a436be1f46a3d63af6", + "关注 | 勇闯“春运”,要注意这些问题!": "https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664234365&idx=7&sn=26075d2a4c3c7515c08c1b7d9fd68c01", + "网安周讯 | 辟谣!“西藏地震小孩被埋”为AI制图(一月第2期)": "https://mp.weixin.qq.com/s?__biz=Mzg4MjQ4MjM4OA==&mid=2247523453&idx=1&sn=dc3496239f549ecdc6a72269c1ab8a91", + "开放申请 | 2025腾讯犀牛鸟精英人才计划": "https://mp.weixin.qq.com/s?__biz=MjM5ODYwMjI2MA==&mid=2649789536&idx=2&sn=f280f844c57c71c77c1e662f9ebb8811", + "【云安全】云服务-云服务器ECS-安全问题分析": "https://mp.weixin.qq.com/s?__biz=MzUyNTUyNTA5OQ==&mid=2247484084&idx=1&sn=56999ea9f438281ffad8f0d920528b0a", + "安全资讯汇总:2025.1.6-2025.1.10": "https://mp.weixin.qq.com/s?__biz=MzA4MTE0MTEwNQ==&mid=2668669972&idx=1&sn=1909e2d8e657b12e3eff8fcae8a0b168", + "VMProtect本地授权锁的分析与破解": "https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458588572&idx=1&sn=f7ad4ebbe10787b233f29e316423ebc0", + "超4000个后门通过注册过期域名被劫持": "https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458588572&idx=2&sn=59a0f2be5e5bacf99eec4b02e9d3c5b6", + "本周职位大更新!众多企业抛出橄榄枝,你的心动岗位来了吗?": "https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458588572&idx=3&sn=abdd6a29e3e32a98636c35e70688f0aa", + "首次!欧盟委员会因违反数据隐私法规被追责,向个人支付赔偿金": "https://mp.weixin.qq.com/s?__biz=MzIzOTc2OTAxMg==&mid=2247548655&idx=1&sn=519c63daf361d43b3bb6e33cf198c0d0", + "奇瑞汽车1亿元成立机器人科技公司“墨甲智创”": "https://mp.weixin.qq.com/s?__biz=MzIzOTc2OTAxMg==&mid=2247548655&idx=2&sn=1bf760ffea9a49dcd8851b8ecb78cb79", + "鹏城实验室与为辰信安联合发布《2024智能网联汽车网络安全报告》(附下载)": "https://mp.weixin.qq.com/s?__biz=MzIzOTc2OTAxMg==&mid=2247548655&idx=3&sn=bc9f58e42eefcd52d0731448b4f2df0a", + "扫码下载 | 12个鸿蒙生态文件(报告、白皮书)": "https://mp.weixin.qq.com/s?__biz=MjM5OTk4MDE2MA==&mid=2655263596&idx=1&sn=a883bc4a6cd7c37fe586151df6fe96ee", + "安全牛《中国网络安全全景图》(第十二版)调研启动": "https://mp.weixin.qq.com/s?__biz=MjM5Njc3NjM4MA==&mid=2651134576&idx=1&sn=e86ab5b49773d2d99aa5756c964bd0a5", + "欧盟委员会因隐私违规行为首次被追责;苹果以9500万美元和解持续了5年的Siri隐私诉讼 | 牛览": "https://mp.weixin.qq.com/s?__biz=MjM5Njc3NjM4MA==&mid=2651134576&idx=2&sn=a7d8e8804916170cb6b3ad59b218d42d", + "《工业互联网赋能的企业数字化转型》连载及解读之四十三:工业互联网安全技术体系": "https://mp.weixin.qq.com/s?__biz=Mzg2ODUxODk3OA==&mid=2247499779&idx=1&sn=42d42838b8d321bb9ae3db7c423fde7f", + "《车路云一体化系统 第7部分:信息安全要求和试验方法》(草案)": "https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247619208&idx=1&sn=8b8a2f1379020358aa3348970c263aeb", + "面向软件定义车辆的E/E架构技术&市场分析报告2025": "https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247619208&idx=2&sn=c9683ecfca0fa974f586aa1bec72693c", + "2025年智能网联汽车数据分类分级白皮书": "https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247619208&idx=3&sn=af703f71840d3044485d467962af982c", + "手机上的后门|防不胜防的RAT攻击": "https://mp.weixin.qq.com/s?__biz=Mzg2NDYzNDM2NQ==&mid=2247485162&idx=1&sn=134a10ad8e58a3e356511f857fa123a5", + "副业天花板,hvv趋势预测": "https://mp.weixin.qq.com/s?__biz=MzkxNTIwNTkyNg==&mid=2247553000&idx=1&sn=b1baac10d19b08b13bf3cf699d23d247", + "【免费领】网安岗位必备:互联网企业安全建设最佳实践指南": "https://mp.weixin.qq.com/s?__biz=MzkxNTIwNTkyNg==&mid=2247553000&idx=2&sn=d488db920cfd91aac90202ba8bc8d7f2", + "网络安全动态 - 2025.01.10": "https://mp.weixin.qq.com/s?__biz=MzU1MzEzMzAxMA==&mid=2247499873&idx=1&sn=176dfb8874521ec82f865a95f5a1b0d2", + "翼开岁首:天空卫士荣膺北京市独角兽企业": "https://mp.weixin.qq.com/s?__biz=MzkwMTMyMDQ3Mw==&mid=2247597378&idx=2&sn=6f6f7ac4d7374f0c0f32db92dbdeca3f", + "孙凝晖院士:建设面向智能时代的国家数据基础设施": "https://mp.weixin.qq.com/s?__biz=MzkwMTMyMDQ3Mw==&mid=2247597378&idx=3&sn=f567eb44e3edd09bd82c2263b3ef3ec4", + "安全威胁情报周报(2025/01/04-2025/01/10)": "https://mp.weixin.qq.com/s?__biz=Mzg4NjYyMzUyNg==&mid=2247491122&idx=1&sn=898a05c3ec3c50263fa0eb51fd544bdd", + "【自研报告】美国对格陵兰利益的战略分析及对策建议": "https://mp.weixin.qq.com/s?__biz=MzkxMTA3MDk3NA==&mid=2247487051&idx=1&sn=ec33b2838d1fb6eed3391701e077b62e", + "每周网络安全简讯 ( 2025年 第2周 )": "https://mp.weixin.qq.com/s?__biz=MzU2MjcwOTY1Mg==&mid=2247521163&idx=1&sn=de51aa92eee1967c687270ff682fa764", + "烽火狼烟丨暗网数据及攻击威胁情报分析周报(01/06-01/10)": "https://mp.weixin.qq.com/s?__biz=Mzk0NjMxNTgyOQ==&mid=2247484510&idx=1&sn=f233df30c66fbd58c30c6ee06afb3270", + "《网络数据安全管理条例》施行数据安全要求再升级": "https://mp.weixin.qq.com/s?__biz=MjM5MTI2NDQzNg==&mid=2654552239&idx=1&sn=51440c7606c836fa1630fe46c5453bbb", + "盗版影视APP的社会危害,只是“盗版”吗?": "https://mp.weixin.qq.com/s?__biz=MjM5NTY4NzcyNg==&mid=2650249786&idx=1&sn=e4aef09e652f443508cfccf851714130", + "学术前沿《工业信息安全》(第23期)主要内容速览": "https://mp.weixin.qq.com/s?__biz=MzUyMzA1MTM2NA==&mid=2247499039&idx=1&sn=77cb9434d2ba8c5fc83182ffc43400fd", + "ShellcodeLoader免杀加载器": "https://mp.weixin.qq.com/s?__biz=Mzk0Mjg4MTQxMw==&mid=2247485418&idx=1&sn=bdc4d8fe72641276491413edaa1c2a87", + "【观演指南】| 明晚 | 摇滚黑客2025演唱会北京现场见!": "https://mp.weixin.qq.com/s?__biz=MzUyMDQ4OTkyMg==&mid=2247546519&idx=1&sn=0b14341dacc638097b304b34c2fce4b7", + "听摇滚黑客2025演唱会 享滴滴打车五折优惠": "https://mp.weixin.qq.com/s?__biz=MzUyMDQ4OTkyMg==&mid=2247546519&idx=2&sn=9c53a50b2d2fd5f2dd014e5726399bac", + "推动数据要素发挥乘数效应": "https://mp.weixin.qq.com/s?__biz=MjM5MzMwMDU5NQ==&mid=2649170105&idx=3&sn=f82cb6976156695f8fde5f17613d583a", + "权威认可|悬镜再次入选2024年度毕马威中国金融科技企业双50强": "https://mp.weixin.qq.com/s?__biz=MzA3NzE2ODk1Mg==&mid=2647795461&idx=1&sn=ea056881a28c848a31e57e1b2b75317c", + "苹果mac用户警惕:Banshee Stealer新变种来袭": "https://mp.weixin.qq.com/s?__biz=Mzk0MDYwMjE3OQ==&mid=2247486041&idx=1&sn=33813042ecc95b0f290c4fd3aff241f9", + "【业界动态】我国牵头提出的国际标准《信息技术 信息安全事件管理 第4部分:协同》正式发布": "https://mp.weixin.qq.com/s?__biz=MzA3NzgzNDM0OQ==&mid=2664992672&idx=2&sn=2fc4cff7ac2dfaec2b37f0ae52f72383", + "【业界动态】工业和信息化部启动万兆光网试点工作 有序引导万兆光网从技术试点走向部署应用": "https://mp.weixin.qq.com/s?__biz=MzA3NzgzNDM0OQ==&mid=2664992672&idx=3&sn=19a4fcbfa5be472c033f7007e87acaba", + "掌握网络安全应急响应领域核心技能,你可能需要这两个证书": "https://mp.weixin.qq.com/s?__biz=MzU4MjUxNjQ1Ng==&mid=2247521060&idx=1&sn=0248e268143e4e1f742932c65e85a9aa", + "购课回馈|现在报名软考高项赠送3999元技术会员1年": "https://mp.weixin.qq.com/s?__biz=MzU4MjUxNjQ1Ng==&mid=2247521060&idx=2&sn=262bc464e02d76e1223837f47e161d2b", + "IDA技巧(98)analysis-options": "https://mp.weixin.qq.com/s?__biz=MzI1Mjk2MTM1OQ==&mid=2247485211&idx=1&sn=0cbdd4418d779736e55176cb101121a4", + "【流量分析】WireShark解析非标端口下SSH协议": "https://mp.weixin.qq.com/s?__biz=MzU1Mjk3MDY1OA==&mid=2247519273&idx=1&sn=7a7e3bfdfb38fdfe33a5904a20cfa760", + "从任意文件下载到getshell": "https://mp.weixin.qq.com/s?__biz=MzkzMjIxNjExNg==&mid=2247486168&idx=1&sn=91eaac8e536f7aa3fae5d4ac01da95e9", + "【商密测评】快速定位SSH数据包的密码套件": "https://mp.weixin.qq.com/s?__biz=MzU1Mjk3MDY1OA==&mid=2247519271&idx=1&sn=fcd3a7d9d7a3d99f0743b3dd69f1817b", + "【已复现】大华智能物联综合管理平台 GetClassValue 远程代码执行漏洞": "https://mp.weixin.qq.com/s?__biz=MzIwMDk1MjMyMg==&mid=2247492684&idx=1&sn=3b0a607c660f6ba2dfc3db280cbf8e40", + "俄罗斯互联网服务提供商证实乌克兰黑客“破坏”了其网络": "https://mp.weixin.qq.com/s?__biz=MzI5NTA0MTY2Mw==&mid=2247485741&idx=1&sn=79a4fdb76ec8a43d1966f3ebd78d9d4f", + "[0110] 一周重点威胁情报|天际友盟情报站": "https://mp.weixin.qq.com/s?__biz=MzIwNjQ4OTU3NA==&mid=2247509999&idx=1&sn=ca5344ff0b02d3f92c43c0ad6be20284", + "国家网信办发布2024年生成式人工智能服务已备案信息的公告": "https://mp.weixin.qq.com/s?__biz=MzkwMTQyODI4Ng==&mid=2247495536&idx=1&sn=d9f85550a15c225b4186134eba2ac87c", + "工信部:2024年我国网络和数据安全取得新突破": "https://mp.weixin.qq.com/s?__biz=MzA5MzU5MzQzMA==&mid=2652113878&idx=1&sn=cbbd81e4fcb158219d4e3e8f3f2fa05d", + "从一次溯源国际APT组织浅谈蜜罐运营": "https://mp.weixin.qq.com/s?__biz=MzkwMTQyODI4Ng==&mid=2247495536&idx=3&sn=57593e331dce228f533ac3fe3787190c", + "【工具推荐】Hawkeye 一款Windows综合应急响应工具": "https://mp.weixin.qq.com/s?__biz=MzI1NTE2NzQ3NQ==&mid=2247487241&idx=1&sn=839e749479e300a8d7b930a213a06216", + "【急聘】京东集团信息安全部招人啦~~": "https://mp.weixin.qq.com/s?__biz=MzU4ODUzMTU4Mg==&mid=2247486659&idx=1&sn=64bfb54bfcc8b2685406aa46acae83b1", + "国家网络安全通报中心:重点防范境外恶意网址和恶意IP": "https://mp.weixin.qq.com/s?__biz=MzI0MDY1MDU4MQ==&mid=2247580725&idx=2&sn=63fd746c589e9cd1b6647a823ca163d3", + "BoardLight": "https://mp.weixin.qq.com/s?__biz=Mzk1NzY0NzMyMw==&mid=2247485204&idx=1&sn=8d8e4038082ae1cbd3fa5607cab82a83", + "感恩同行|知其安获 OSRC 2024年度优秀合作伙伴": "https://mp.weixin.qq.com/s?__biz=MzkzNTI5NTgyMw==&mid=2247510626&idx=1&sn=5f86ee189ac6754c4a7418ea77b04529", + "云天安全入选中国信通院《数字安全护航技术能力全景图》28项领域,持续引领数字安全创新": "https://mp.weixin.qq.com/s?__biz=MzI2NDYzNjY0Mg==&mid=2247501066&idx=1&sn=fe3fd86c1b199574b5893611ae04d58f", + "【图一乐】在 pdf 文档中玩俄罗斯方块游戏": "https://mp.weixin.qq.com/s?__biz=MzkzNDIzNDUxOQ==&mid=2247494124&idx=1&sn=ac20fe3efd1ce74b9f3927211c877cec", + "TOPSRC 2024年第四季度奖励公告": "https://mp.weixin.qq.com/s?__biz=Mzk0MTM1MTg3Nw==&mid=2247483903&idx=1&sn=a6b8b89ea06c0d846a8b9c2e3db8d5b5", + "2025年,网络安全意识宣贯该怎么做?": "https://mp.weixin.qq.com/s?__biz=MzU4NDExNDQwNA==&mid=2247489876&idx=1&sn=b620b4c55efe620eca9ebafa67d5c1b7", + "技战法:剖析涉网站点后台加盐绕过技术": "https://mp.weixin.qq.com/s?__biz=Mzk0Mzc2MDQyMg==&mid=2247486418&idx=1&sn=822fe24dc33064052db10431aeaac661", + "u200b致人民警察的一封信": "https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650558871&idx=1&sn=2049a81dea035595445267831bbf8eba", + "深挖缅甸妙瓦底 KK 园区:电信诈骗的阴暗角落与跨国打击的艰难之路": "https://mp.weixin.qq.com/s?__biz=MzkwNzM0NzA5MA==&mid=2247503709&idx=1&sn=29a4a7741686d4bd4033ffbee78f1ce7", + "2025年日本国防战略调整分析": "https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650558871&idx=3&sn=5dc7c0bf081673ac6520dbd2dd7aec61", + "基于Tauri+Rust构建的新型免杀马生成器": "https://mp.weixin.qq.com/s?__biz=MzU2NzY5MjAwNQ==&mid=2247486726&idx=1&sn=a770a2c26a407edd6ce426c70235b35c", + "科普时间 | 蜜罐:给黑客精心准备的“甜蜜”陷阱": "https://mp.weixin.qq.com/s?__biz=MzIyNzc3OTMzNw==&mid=2247485712&idx=1&sn=9a641e71d4d416bd3bd0a5b0e55affdf", + "拜登政府新网络安全行政令寻求为新一届政府提供政策蓝图": "https://mp.weixin.qq.com/s?__biz=MzI4ODQzMzk3MA==&mid=2247489550&idx=1&sn=26d503014824376c8155e36ecaa4c09f", + "中国人民警察节 | 致敬我们的安全守护者!": "https://mp.weixin.qq.com/s?__biz=MzkxMzQwNDcxNg==&mid=2247486835&idx=1&sn=bec31322bfb58a4913410c8d9ab33c2b", + "发现Web API漏洞居然能赚到400w刀": "https://mp.weixin.qq.com/s?__biz=Mzg2ODYxMzY3OQ==&mid=2247518149&idx=1&sn=6498c967abc2646198bd742a3d2232e6", + "【漏洞预警】Apache OpenMeetings未授权 反序列化漏洞": "https://mp.weixin.qq.com/s?__biz=MzI3NzMzNzE5Ng==&mid=2247489437&idx=1&sn=86a7c25e1f15115c4f1bfe3bf9529dae", + "2024年度游戏安全报告发布:200+亿次风险检测背后的攻防全景": "https://mp.weixin.qq.com/s?__biz=MzAwNTg2NjYxOA==&mid=2650742854&idx=1&sn=9a962b361752a5d23f40f791245fc33c", + "智能汽车的强大功能": "https://mp.weixin.qq.com/s?__biz=MzUzMjQyMDE3Ng==&mid=2247487868&idx=1&sn=38f654feb41f7697779f05deda25a854", + "新活动平台建设历程与架构演进": "https://mp.weixin.qq.com/s?__biz=Mzg3Njc0NTgwMg==&mid=2247502230&idx=1&sn=76feb6f4717cedf7c7fc1aaaf16d619d", + "亚太地区APT网络攻击趋势分析与解读": "https://mp.weixin.qq.com/s?__biz=Mzg3OTYxODQxNg==&mid=2247485594&idx=1&sn=e741dd51bb23c3d86fb494a60623a03e", + "「专精型」优能企业 | 珞安科技荣登《嘶吼2024中国网络安全产业势能榜》": "https://mp.weixin.qq.com/s?__biz=MzU2NjI5NzY1OA==&mid=2247512093&idx=1&sn=38d32dbb721779788a5aa550aa438acc", + "BTC跨链监控&Chainlink PoR数据源|打造BTCFi安全新标准": "https://mp.weixin.qq.com/s?__biz=MzkyMzI2NzIyMw==&mid=2247488553&idx=1&sn=a29ed9e4773fab41333e0f1f342441b4", + "记一次利用堡垒机内部邮件钓鱼突破外网": "https://mp.weixin.qq.com/s?__biz=MzUyODkwNDIyMg==&mid=2247546579&idx=1&sn=7b98384283af5b40e65bffd578e10edd", + "2025掌控安全封神台第七届CTF获奖队伍公示": "https://mp.weixin.qq.com/s?__biz=MzUyODkwNDIyMg==&mid=2247546579&idx=2&sn=74ed267221ac90fe1cefffdad9969d1b", + "HirGen:针对深度学习编译器的模糊测试技术": "https://mp.weixin.qq.com/s?__biz=MzU1NTEzODc3MQ==&mid=2247486850&idx=1&sn=dced461f84a7bc0c0fce0bc7d690ea72", + "国金证券与持安科技共研课题,荣获证券期货业网络安全创新实验室“优秀课题三等奖”": "https://mp.weixin.qq.com/s?__biz=Mzg2NTYxNjMzMg==&mid=2247495747&idx=1&sn=f5822d19ef79d87997ef2c87b1df1c88", + "信息安全等级保护测评的价值": "https://mp.weixin.qq.com/s?__biz=MzU5MTIxNzg0Ng==&mid=2247488126&idx=1&sn=be5e2217a7458c0b445edba62ec64bd3", + "当歌 - RSS 订阅分发平台开发": "https://mp.weixin.qq.com/s?__biz=Mzg3MTE0NTg4OQ==&mid=2247484105&idx=1&sn=3793c462d03f9093ac8349454d179d59", + "安利一款逆向辅助神器WPeChatGPT": "https://mp.weixin.qq.com/s?__biz=Mzk0ODY1NzEwMA==&mid=2247485720&idx=1&sn=987788354775c7ae7c1bc7f48235e5f9", + "漏洞赏金方法 2025 版": "https://mp.weixin.qq.com/s?__biz=MzkwOTE5MDY5NA==&mid=2247504442&idx=1&sn=b38e2fd23874bcc57a2cad01406af7aa", + "【插件推荐】Heimdallr-被动嗅探浏览器流量": "https://mp.weixin.qq.com/s?__biz=MzkxNjY1MjY3OQ==&mid=2247488163&idx=1&sn=51556518b5b93659b3f07fa1f165dd43", + "【黑产大数据】恶意贷款中介揭秘": "https://mp.weixin.qq.com/s?__biz=MzI3NDY3NDUxNg==&mid=2247498437&idx=1&sn=5c259f2e9ba6de730bc41e763ee2d2dd", + "【漏洞通告】Ivanti 多款产品缓冲区溢出漏洞安全风险通告": "https://mp.weixin.qq.com/s?__biz=MzU4NjY4MDAyNQ==&mid=2247496924&idx=1&sn=cde3f8dcc5062f5bae2fbcc43db8c4d1", + "【漏洞通告】SonicOS SSLVPN 认证绕过漏洞安全风险通告": "https://mp.weixin.qq.com/s?__biz=MzU4NjY4MDAyNQ==&mid=2247496924&idx=2&sn=b5e7145e48fd905325fcdf22665c67cd", + "工具 | 一款替代Frp完美消除网络特征的内网穿透神器": "https://mp.weixin.qq.com/s?__biz=MzkxNDAyNTY2NA==&mid=2247519413&idx=1&sn=acd47706d52a5ccae891e48e5d3d7cff", + "实战 | 攻防演练某x医院内网拿下集权": "https://mp.weixin.qq.com/s?__biz=MzkxNDAyNTY2NA==&mid=2247519413&idx=2&sn=2363399bbb13f91288886c2db1c060b9", + "Ignition工控系统反序列化漏洞(CVE-2020-10644)": "https://mp.weixin.qq.com/s?__biz=Mzg2NzkxOTQ0OA==&mid=2247484500&idx=1&sn=bc5612c622b398355de7cfab77b9ff4e", + "2024补天平台【专属SRC】年度榜单发布!": "https://mp.weixin.qq.com/s?__biz=MzI2NzY5MDI3NQ==&mid=2247507272&idx=1&sn=4dda0db202724e951d5e867b98fbb1be", + "黑吉蛇机械键盘驱动": "https://mp.weixin.qq.com/s?__biz=Mzk0MTI4NTIzNQ==&mid=2247492158&idx=1&sn=cd2af2f382815ebd64d1646b16fee7c9", + "ISRC-2025新年活动来咯~~": "https://mp.weixin.qq.com/s?__biz=MzI4NTYwMzc5OQ==&mid=2247500722&idx=1&sn=6f3485b3faf3babb15fbaeb302371ad9", + "265种windows渗透工具合集--灵兔宝盒": "https://mp.weixin.qq.com/s?__biz=MzA5MzYzMzkzNg==&mid=2650962339&idx=1&sn=e05bc1fa240d96de64e878ee294e2550", + "华为手机地震报警怎么设置": "https://mp.weixin.qq.com/s?__biz=MzA5MzYzMzkzNg==&mid=2650962339&idx=2&sn=ccd29e6433da05cac227a2252dfe072b", + "2024年华为手机哪一款性价比高?华为手机推荐与市场分析(12月更新)": "https://mp.weixin.qq.com/s?__biz=MzA5MzYzMzkzNg==&mid=2650962339&idx=3&sn=e27a33cc1f78deb0520803d748308723", + "【艺术鉴赏】抖音直播更新,睡眠更新左颜玉很下饭8个视频": "https://mp.weixin.qq.com/s?__biz=MzA5MzYzMzkzNg==&mid=2650962339&idx=4&sn=48ad9b276b80077931b9c155810e2ccf", + "安全分析师 2025 年应该知道的 OSINT 工具": "https://mp.weixin.qq.com/s?__biz=MzkxMDIwMTMxMw==&mid=2247494403&idx=1&sn=219174cdbe6daef3141b46dbc0ccf839" + }, + "SecWiki News": { + "SecWiki News 2025-01-10 Review": "http://www.sec-wiki.com/?2025-01-10" + }, + "安全脉搏": { + "后门函数技术在二进制对抗中的应用": "https://www.secpulse.com/archives/205266.html", + "靶场战神为何会陨落?": "https://www.secpulse.com/archives/205395.html" + }, + "安全客-有思想的安全新媒体": { + "入选“磐安”教育应用优秀案例!360打造人才培育标杆": "https://www.anquanke.com/post/id/303426", + "初始访问代理(IAB)如何出售用户证书": "https://www.anquanke.com/post/id/303423", + "注册过期域名,4000 多个后门被劫持": "https://www.anquanke.com/post/id/303420", + "俄罗斯 ISP 证实乌克兰黑客“摧毁”了其网络": "https://www.anquanke.com/post/id/303417", + "联合国航空机构确认招聘数据库存在安全漏洞": "https://www.anquanke.com/post/id/303414", + "医疗计费公司 Medusind 披露漏洞影响 36 万人": "https://www.anquanke.com/post/id/303411", + "黑客利用 KerioControl 防火墙漏洞窃取管理员 CSRF 标记": "https://www.anquanke.com/post/id/303408", + "SonicWall 敦促管理员立即修补可被利用的 SSLVPN 漏洞": "https://www.anquanke.com/post/id/303404", + "未修补的关键缺陷影响 Fancy Product Designer WordPress 插件": "https://www.anquanke.com/post/id/303401", + "2025 年的网络安全: 全球冲突、成熟的人工智能和群众的智慧": "https://www.anquanke.com/post/id/303398" + }, + "Security Boulevard": { + "2025 SaaS Security Word of the Year: Adaptability | Grip": "https://securityboulevard.com/2025/01/2025-saas-security-word-of-the-year-adaptability-grip/", + "Strategic Approaches to Enhance Data Security": "https://securityboulevard.com/2025/01/strategic-approaches-to-enhance-data-security/", + "The Cost of Complacency in Credential Hygiene": "https://securityboulevard.com/2025/01/the-cost-of-complacency-in-credential-hygiene/", + "DEF CON 32 – Practical Exploitation of DoS in Bug Bounty": "https://securityboulevard.com/2025/01/def-con-32-practical-exploitation-of-dos-in-bug-bounty/", + "Below the Surface Winter 2024 Edition – The Year in Review": "https://securityboulevard.com/2025/01/below-the-surface-winter-2024-edition-the-year-in-review/", + "New Paper: “Future of SOC: Transform the ‘How’” (Paper 5)": "https://securityboulevard.com/2025/01/new-paper-future-of-soc-transform-the-how-paper-5/", + "Comic Agilé – Mikkel Noe-Nygaard, Luxshan Ratnaravi – #320 – Aligning Teams": "https://securityboulevard.com/2025/01/comic-agile-mikkel-noe-nygaard-luxshan-ratnaravi-320-aligning-teams/", + "Hackers Attack PowerSchool, Expose K-12 Teacher and Student Data": "https://securityboulevard.com/2025/01/hackers-attack-powerschool-expose-k-12-teacher-and-student-data/", + "Unlock collaboration and efficiency in software management with SBOMs": "https://securityboulevard.com/2025/01/unlock-collaboration-and-efficiency-in-software-management-with-sboms/", + "DEF CON 32 – Programming A CTS-V Gauge Cluster Into An ATS-V: Out Of Pure Spite": "https://securityboulevard.com/2025/01/def-con-32-programming-a-cts-v-gauge-cluster-into-an-ats-v-out-of-pure-spite/" + }, + "Private Feed for M09Ic": { + "mgeeky starred Azr43lKn1ght/Rusty-PE-Packer": "https://github.com/Azr43lKn1ght/Rusty-PE-Packer", + "safedv starred TestingPens/CPLDropper": "https://github.com/TestingPens/CPLDropper", + "h3zh1 pushed to v0.0.4dev in chainreactors/malice-network": "https://github.com/chainreactors/malice-network/compare/33010b5436...7b59033129", + "wh0amitz starred sma11new/Pyke-Shiro": "https://github.com/sma11new/Pyke-Shiro", + "glzjin starred Inokinoki/ai-no-jimaku-gumi": "https://github.com/Inokinoki/ai-no-jimaku-gumi", + "cmjlove1 started following M09Ic": "https://github.com/M09Ic", + "HuYlllc pushed to v0.0.4dev in chainreactors/malice-network": "https://github.com/chainreactors/malice-network/compare/7b59033129...419072b6e1", + "zema1 starred BurntSushi/byteorder": "https://github.com/BurntSushi/byteorder", + "safedv starred Azr43lKn1ght/Rusty-PE-Packer": "https://github.com/Azr43lKn1ght/Rusty-PE-Packer", + "safedv started following zyn3rgy": "https://github.com/zyn3rgy", + "gh0stkey released HaE 4.0.3 at gh0stkey/HaE": "https://github.com/gh0stkey/HaE/releases/tag/4.0.3", + "mgeeky starred ColeHouston/Sunder": "https://github.com/ColeHouston/Sunder", + "ZeddYu starred liriliri/aya": "https://github.com/liriliri/aya", + "ZeddYu starred sourcebot-dev/sourcebot": "https://github.com/sourcebot-dev/sourcebot", + "Ridter starred kekingcn/kkFileView": "https://github.com/kekingcn/kkFileView", + "niudaii starred berdav/CVE-2021-4034": "https://github.com/berdav/CVE-2021-4034", + "Ascotbe starred WPeace-HcH/WPeChatGPT": "https://github.com/WPeace-HcH/WPeChatGPT", + "TideSec released v2.6.9 升级Zoomeye接口 at TideSec/TscanPlus": "https://github.com/TideSec/TscanPlus/releases/tag/v2.6.9", + "Ridter starred orbstack/orbstack": "https://github.com/orbstack/orbstack", + "CHYbeta starred DIYgod/RSSHub-Radar": "https://github.com/DIYgod/RSSHub-Radar", + "evilashz starred 0xthirteen/AssemblyHunter": "https://github.com/0xthirteen/AssemblyHunter", + "evilashz starred CICADA8-Research/Spyndicapped": "https://github.com/CICADA8-Research/Spyndicapped", + "xxDark forked xxDark/jna from java-native-access/jna": "https://github.com/xxDark/jna", + "shmilylty starred 4ra1n/poc-runner": "https://github.com/4ra1n/poc-runner", + "zema1 starred H4ckF0rFun/elf_to_shellcode": "https://github.com/H4ckF0rFun/elf_to_shellcode", + "zema1 starred JustRustThings/windows-rs": "https://github.com/JustRustThings/windows-rs", + "zema1 started following roblabla": "https://github.com/roblabla", + "CHYbeta starred juanfont/headscale": "https://github.com/juanfont/headscale", + "FunnyWolf starred criblio/python-api-wrapper": "https://github.com/criblio/python-api-wrapper" + }, + "ElcomSoft blog": { + "iPhone and iPad Acquisition Methods: Yet Another Comparison": "https://blog.elcomsoft.com/2025/01/iphone-and-ipad-acquisition-methods-yet-another-comparison/" + }, + "ongoing by Tim Bray": { + "AI Noise Reduction": "https://www.tbray.org/ongoing/When/202x/2025/01/10/Photo-Noise-Reduction" + }, + "奇安信攻防社区": { + "从任意文件下载到getshell": "https://forum.butian.net/share/4031", + "记一次渗透测试过程中碰到的Symfony框架的利用": "https://forum.butian.net/share/4028" + }, + "Trustwave Blog": { + "Why Vulnerability Scanning Alone Isn’t Enough: The Case for Penetration Testing": "https://www.trustwave.com/en-us/resources/blogs/trustwave-blog/why-vulnerability-scanning-alone-isnt-enough-the-case-for-penetration-testing/" + }, + "一个被知识诅咒的人": { + "【Python】深入Python元类:动态生成类与对象的艺术": "https://blog.csdn.net/nokiaguy/article/details/145055724", + "【Python】深入探索 Python 装饰器链:创建组合装饰器的技巧与应用": "https://blog.csdn.net/nokiaguy/article/details/145055719" + }, + "Bug Bounty in InfoSec Write-ups on Medium": { + "Unlock the Ultimate Resource Hub for Security Researchers": "https://infosecwriteups.com/unlock-the-ultimate-resource-hub-for-security-researchers-9fa52bbff1ff?source=rss----7b722bfd1b8d--bug_bounty", + "Race Condition to Bypass Rate-Limiting: A new technique made by Nillsx": "https://infosecwriteups.com/race-condition-to-bypass-rate-limiting-a-new-technique-made-by-nillsx-6a60f41dbae6?source=rss----7b722bfd1b8d--bug_bounty", + "Blind OS Command Injection with Output Redirection": "https://infosecwriteups.com/blind-os-command-injection-with-output-redirection-1d08c3793ff1?source=rss----7b722bfd1b8d--bug_bounty", + "Finding Hidden Subdomains with OSINT Tools": "https://infosecwriteups.com/finding-hidden-subdomains-with-osint-tools-ad7e411587ee?source=rss----7b722bfd1b8d--bug_bounty" + }, + "Twitter @bytehx": { + "RT Patrik Fehrenbach: Made a simple dashboard to help track/search CVEs and security vulnerabilities in near real-time. No fancy stuff - just a clean ...": "https://x.com/bytehx343/status/1877932990619095171", + "Re @YoyoDavelion Congrats 🎉🎉🎉": "https://x.com/bytehx343/status/1877752584888357175", + "RT Ali@s: Hey hunters, I'm sharing a little tool I created to gather all the #YWH program info you have and sort it by relevance in one place. Choose ...": "https://x.com/bytehx343/status/1877742892816433173" + }, + "SentinelOne": { + "The Good, the Bad and the Ugly in Cybersecurity – Week 2": "https://www.sentinelone.com/blog/the-good-the-bad-and-the-ugly-in-cybersecurity-week-2-6/" + }, + "Reverse Engineering": { + "One Dog v. the Windows 3.1 Graphics Stack": "https://www.reddit.com/r/ReverseEngineering/comments/1hyhhvq/one_dog_v_the_windows_31_graphics_stack/", + "Parsing the c64 Bubble Bobble Wind Currents": "https://www.reddit.com/r/ReverseEngineering/comments/1hy2u3c/parsing_the_c64_bubble_bobble_wind_currents/" + }, + "Intigriti": { + "Intigriti Bug Bytes #220 - January 2025 🚀": "https://www.intigriti.com/researchers/blog/bug-bytes/bug-bytes-220-january-2025" + }, + "PortSwigger Blog": { + "Make Burp Suite your own: high-powered extensibility to customize and enhance your testing. 🛠️": "https://portswigger.net/blog/make-burp-suite-your-own-high-powered-extensibility-to-customize-and-enhance-your-testing" + }, + "Malwarebytes": { + "BayMark Health Services sends breach notifications after ransomware attack": "https://www.malwarebytes.com/blog/news/2025/01/baymark-health-services-sends-breach-notifications-after-ransomware-attack" + }, + "绿盟科技技术博客": { + "【漏洞通告】Ivanti多款产品缓冲区溢出漏洞(CVE-2025-0282)": "https://blog.nsfocus.net/cve-2025-0282/" + }, + "奇客Solidot–传递最新科技情报": { + "独立分析认为巴勒斯坦卫生部严重低估了加沙死亡人数": "https://www.solidot.org/story?sid=80300", + "四分之一淡水动物面临灭绝": "https://www.solidot.org/story?sid=80299", + "美国司法部准备出售扣押的丝绸之路比特币": "https://www.solidot.org/story?sid=80298", + "法官拒绝了试图从垃圾堆里挖出 8000 比特币的诉讼": "https://www.solidot.org/story?sid=80297", + "三星量产笔记本用的卷轴 OLED 显示屏": "https://www.solidot.org/story?sid=80296", + "2024 年是平均气温比工业化前水平高出1.5 摄氏度的第一年": "https://www.solidot.org/story?sid=80295", + "氟化物暴露与 IQ 分数低相关": "https://www.solidot.org/story?sid=80294", + "中国在前沿 AI 研究上紧追美国": "https://www.solidot.org/story?sid=80293", + "中国风投让失败的创业者成为失信债务人": "https://www.solidot.org/story?sid=80292", + "ispace 准备再次发射登月舱": "https://www.solidot.org/story?sid=80291", + "乳腺癌是最常见的癌症肺癌是最致命的癌症": "https://www.solidot.org/story?sid=80290", + "拜登计划在离任前对 AI 芯片出口实施新限制": "https://www.solidot.org/story?sid=80289" + }, + "darkless": { + "云原生安全学习小记": "https://darkless.cn/2025/01/10/cloud-native-security/" + }, + "锦行科技": { + "为民立命 有你皆安": "https://mp.weixin.qq.com/s?__biz=MzIxNTQxMjQyNg==&mid=2247493604&idx=1&sn=f55d84097f6ddb9e0003210e450ddce3&chksm=979a1c41a0ed95578df3916b75adf84b4e80f1c1293be8bff28598fcb76a955be2bcbf6c5b14&scene=58&subscene=0#rd" + }, + "安全客": { + "首次!欧盟委员会因违反数据隐私法规被追责,向个人支付赔偿金": "https://mp.weixin.qq.com/s?__biz=MzA5ODA0NDE2MA==&mid=2649787718&idx=1&sn=595ef4ff6fd363b4a5ef609a5edbb03c&chksm=8893bd29bfe4343f1dc30aec83f8a2a219d20f2068a6c361ed62f6122690c1864311788597e5&scene=58&subscene=0#rd" + }, + "绿盟科技CERT": { + "【漏洞通告】Ivanti多款产品缓冲区溢出漏洞(CVE-2025-0282)": "https://mp.weixin.qq.com/s?__biz=Mzk0MjE3ODkxNg==&mid=2247488825&idx=1&sn=5e77e5178823b42679dcaa1914251bf3&chksm=c2c64232f5b1cb24e14a80899dc4fedc64d3489130f642d9a59175803b8acb8d6455c3e2f7d2&scene=58&subscene=0#rd" + }, + "看雪学苑": { + "VMProtect本地授权锁的分析与破解": "https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458588572&idx=1&sn=f7ad4ebbe10787b233f29e316423ebc0&chksm=b18c251686fbac000c0d9e48e4e58a84a1b590532c52b8d159cc104abf0757844caf4d8eb544&scene=58&subscene=0#rd", + "超4000个后门通过注册过期域名被劫持": "https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458588572&idx=2&sn=59a0f2be5e5bacf99eec4b02e9d3c5b6&chksm=b18c251686fbac006a376e63c212d61451edceb7ec989fea2e2c5c0b1c38d098c6729bf85e3e&scene=58&subscene=0#rd", + "本周职位大更新!众多企业抛出橄榄枝,你的心动岗位来了吗?": "https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458588572&idx=3&sn=abdd6a29e3e32a98636c35e70688f0aa&chksm=b18c251686fbac006bd5419dfb500501416d0536da5467876cade8cc988f21cde5cef1bc230e&scene=58&subscene=0#rd" + }, + "威努特安全网络": { + "从全年重大网络安全事件,观2025年威胁走势和行业发展": "https://mp.weixin.qq.com/s?__biz=MzAwNTgyODU3NQ==&mid=2651130288&idx=1&sn=3bc2382268d5fe7ce39f24acbdad0f6e&chksm=80e71300b7909a16105976d01df0935ffee83e178b812014b8e38c0ab6bc1398f7c8aaced5c9&scene=58&subscene=0#rd" + }, + "安全内参": { + "AI Agents越来越火,它可能存在一个严重安全隐患": "https://mp.weixin.qq.com/s?__biz=MzI4NDY2MDMwMw==&mid=2247513463&idx=1&sn=b35ecbae92733cf9b66597ee744d842b&chksm=ebfaf257dc8d7b416ce794352466d8ad74c53bfe8a79bf635dfaf0d4187386f3da80fab3ef45&scene=58&subscene=0#rd", + "首次!欧盟官方因违反数据保护法规向用户赔偿3000元": "https://mp.weixin.qq.com/s?__biz=MzI4NDY2MDMwMw==&mid=2247513463&idx=2&sn=b2d4253ee32d9fc32803935873f93db4&chksm=ebfaf257dc8d7b418d97da9d0d19a8213331ca808d892243fd9e63ad78142b36470304149cde&scene=58&subscene=0#rd" + }, + "安全分析与研究": { + "海莲花APT钓鱼样本分析-下": "https://mp.weixin.qq.com/s?__biz=MzA4ODEyODA3MQ==&mid=2247489899&idx=1&sn=e632c0c221f0dfd7da57d0f9e6395910&chksm=902fb643a7583f5581237165cb513c8ae2848334de49c6fe3a037dc46f7b707baa995d7b6703&scene=58&subscene=0#rd" + }, + "黑海洋 - IT技术知识库": { + "windows日志分析工具": "https://blog.upx8.com/4650" + }, + "青衣十三楼飞花堂": { + "智能汽车的强大功能": "https://mp.weixin.qq.com/s?__biz=MzUzMjQyMDE3Ng==&mid=2247487868&idx=1&sn=38f654feb41f7697779f05deda25a854&chksm=fab2d243cdc55b55c5f372aeb393d132f828265e4f572b79938e9332ace4bd70a4e34e18deee&scene=58&subscene=0#rd" + }, + "代码卫士": { + "DNA测序设备运行老旧BIOS,影响临床研究": "https://mp.weixin.qq.com/s?__biz=MzI2NTg4OTc5Nw==&mid=2247522035&idx=1&sn=a607aca6553fbf1ed41e27c839e45bea&chksm=ea94a799dde32e8f87b51465ef7f6ed4449ddc0857c8c220dcc378283ba9fd8b9880b6e27544&scene=58&subscene=0#rd", + "Palo Alto Networks 修复退市 Migration Tool中的高危漏洞": "https://mp.weixin.qq.com/s?__biz=MzI2NTg4OTc5Nw==&mid=2247522035&idx=2&sn=71c00b294647fadae4e56ffc500f1300&chksm=ea94a799dde32e8fec367a20f0630181350a5ca556cc26cfaa9fcbefdac76ae3c3831523c87e&scene=58&subscene=0#rd" + }, + "奇安信病毒响应中心": { + "每周勒索威胁摘要": "https://mp.weixin.qq.com/s?__biz=MzI5Mzg5MDM3NQ==&mid=2247498230&idx=1&sn=1bb3e3b09b57458fc4b2f0b9fd3ca424&chksm=ec6989dedb1e00c86bf7d7fea369ccd3f9712b4fb1c02711d2ae2af119b3943bdf107ef28197&scene=58&subscene=0#rd" + }, + "安全研究GoSSIP": { + "G.O.S.S.I.P 阅读推荐 2025-01-10 北约中出了叛徒": "https://mp.weixin.qq.com/s?__biz=Mzg5ODUxMzg0Ng==&mid=2247499599&idx=1&sn=aaff9bb2d932f3d15da87fd721e4b5ee&chksm=c063d196f714588069633ee369d1c821a9ce001298b2e69b28a3157796203208d8b50ce1d9da&scene=58&subscene=0#rd" + }, + "leveryd": { + "没想到x-waf还可以用来测rasp": "https://mp.weixin.qq.com/s?__biz=MzkyMDIxMjE5MA==&mid=2247485491&idx=1&sn=9e4d62e3c2d058cba9fa930fd49aa2b7&chksm=c1970f82f6e0869445bca851e6fb22753206fbbbb42ffe7fbac3ed702da4b9fb08fef0e81a46&scene=58&subscene=0#rd" + }, + "数世咨询": { + "解锁DSPM的价值:全面提升数据安全": "https://mp.weixin.qq.com/s?__biz=MzkxNzA3MTgyNg==&mid=2247533977&idx=1&sn=90efd3be6f2ded1fe885486889a0db92&chksm=c1443724f633be320e1f457d145081f6d0c7281486fff91ac016d0f2df8e0f983e02a2cfafdb&scene=58&subscene=0#rd" + }, + "信息安全国家工程研究中心": { + "人民警察,节日快乐!": "https://mp.weixin.qq.com/s?__biz=MzU5OTQ0NzY3Ng==&mid=2247498717&idx=1&sn=9a841ab270b3e6f950325770726410c3&chksm=feb67acec9c1f3d83bd56a154d26c900d8c4ca178b66d9424180b2322fffee6fffb414af5cb6&scene=58&subscene=0#rd" + }, + "天御攻防实验室": { + "特朗普上台,中美会发生网络战吗?": "https://mp.weixin.qq.com/s?__biz=MzU0MzgyMzM2Nw==&mid=2247486232&idx=1&sn=5527e80a86875c017071d27f5b315e3e&chksm=fb04c870cc734166b62da7615b11c8f548c2c9dc95b0052d19fa52bc94805b96216c5e98af05&scene=58&subscene=0#rd" + }, + "XCTF联赛": { + "SUCTF 2025|倒计时1天!": "https://mp.weixin.qq.com/s?__biz=MjM5NDU3MjExNw==&mid=2247515473&idx=1&sn=6719fed82acc7d0877686b37ec2466a5&chksm=a6874f6b91f0c67d1f6003d51caeeed9ed952912bae9f6b9710e07b95144532bd90916777336&scene=58&subscene=0#rd" + }, + "FreeBuf网络安全行业门户": { + "CVE-2024-6768漏洞分析": "https://www.freebuf.com/vuls/419530.html", + "YAK-SSA,古希腊掌管PHP代码审计的神": "https://www.freebuf.com/articles/web/419509.html", + "【论文速读】| 利用大语言模型在灰盒模糊测试中生成初始种子": "https://www.freebuf.com/articles/network/419499.html", + "FreeBuf周报 | AWS屡曝严重RCE漏洞;2025年需要防范这五大恶意软件": "https://www.freebuf.com/news/419455.html", + "超4000个Web后门通过注册过期域名被劫持": "https://www.freebuf.com/news/419479.html", + "网络钓鱼活动利用CrowdStrike招聘骗局传播挖矿软件": "https://www.freebuf.com/news/419446.html", + "Banshee Stealer新变种正借Apple XProtect加密技术躲避杀毒软件": "https://www.freebuf.com/news/419475.html", + "给DevOps加点料:融入安全性的DevSecOps": "https://www.freebuf.com/news/419443.html" + }, + "中国信息安全": { + "通知 | 国家网信办就《网络信息内容多渠道分发服务机构相关业务活动管理规定(草案稿)》公开征求意见(附全文)": "https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664234365&idx=1&sn=af17f45f731d0c43256ce450f1d66690&chksm=8b59ff84bc2e7692f51814ffc268d5308bbd8679786942b61f1698a65e23c06a719f2e4f91b3&scene=58&subscene=0#rd", + "专家解读 | 张金平:个人信息保护认证的中国创新方案": "https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664234365&idx=2&sn=a02c27826be18902ca053d25a2e5522b&chksm=8b59ff84bc2e769235dba763756fd24e2891c73c13e32d630a4cbbbec0b85918576265190726&scene=58&subscene=0#rd", + "解读 | 《网络数据安全管理条例》有哪些亮点?": "https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664234365&idx=3&sn=bad4d027f0d756a436be1f46a3d63af6&chksm=8b59ff84bc2e769270a72ca471da37713cc209a6abcfa9d95c9a38987d76559afb93501fca7c&scene=58&subscene=0#rd", + "公安部:公安机关2024年办理网暴案件8600余起": "https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664234365&idx=4&sn=bb86fc6ef4b9ac1b523049d343d2cf93&chksm=8b59ff84bc2e7692c756205917a14db9a101220f4c93944f14dcad1669a1d5a7e6c182dee584&scene=58&subscene=0#rd", + "发布 | 中国信通院发布《城市全域数字化转型行业洞察报告(2024年)》(附下载)": "https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664234365&idx=5&sn=9e22dc9b697d9182120297617fff2713&chksm=8b59ff84bc2e7692e221e04bb2de5a7f021ac72afcac3f11536f59e4c14f1404a0c9804cb06d&scene=58&subscene=0#rd", + "评论 | 用AI生成“地震被埋图”存在诸多不妥": "https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664234365&idx=6&sn=f4dfe25b2035fdf63eed7cc30883651d&chksm=8b59ff84bc2e7692345e58297f5dcd2ed4d71c9834c440ac19ecfdf7fe8be2bacd7d3a3d0c93&scene=58&subscene=0#rd", + "关注 | 勇闯“春运”,要注意这些问题!": "https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664234365&idx=7&sn=26075d2a4c3c7515c08c1b7d9fd68c01&chksm=8b59ff84bc2e76929ea213b189e5dd0cc52a2f9e91a3ed315e497e449d3d1e69c05f3cf29062&scene=58&subscene=0#rd" + }, + "丁爸 情报分析师的工具箱": { + "【资料】网络的三张面孔:网络和平活动家,间谍,攻击者": "https://mp.weixin.qq.com/s?__biz=MzI2MTE0NTE3Mw==&mid=2651148492&idx=1&sn=e284a7e43cbcb6ab36ec5a1f003ab059&chksm=f1af27f6c6d8aee040256534a8be599a13aa1d52d2e03ec456307340c1fd877521c5f767fb35&scene=58&subscene=0#rd" + }, + "安全圈": { + "【安全圈】日本炒作“中国疑似参与黑客攻击”,外交部:日方判断既不专业也不负责任": "https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067255&idx=1&sn=a41ccbc8f9fc9de8ed0dfe5c7a296033&chksm=f36e79f7c419f0e1b35e1a159d0ecdc609b196301a8249fba8092baf5dfe98047bd31c2f61e2&scene=58&subscene=0#rd", + "【安全圈】数百万电子邮件服务器因缺少 TLS 加密而暴露": "https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067255&idx=2&sn=c42d9289f9097a99b0e9de5638c25da5&chksm=f36e79f7c419f0e10c2b64215d46af042d6d4538f0c26663174d24372c62af1b974a8b8a08ef&scene=58&subscene=0#rd", + "【安全圈】超4000个Web后门通过注册过期域名被劫持": "https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067255&idx=3&sn=12454a2419a60abfe0219df1db8fc9ff&chksm=f36e79f7c419f0e1ce0df613111e8c48cf52ca20de42869051bf60a997f620888b67420c0ca5&scene=58&subscene=0#rd", + "【安全圈】联合国航空机构确认招聘数据库存在安全漏洞": "https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067255&idx=4&sn=3fd244b5403280e26cbc308f9d938be2&chksm=f36e79f7c419f0e19717a852043341319ec8c0f73e0e9daa2e8a6064deb75c8df3e4e101920a&scene=58&subscene=0#rd" + }, + "网络空间安全科学学报": { + "学术前沿 | 基于尺寸变换的图像级特征增强隐写分析方法": "https://mp.weixin.qq.com/s?__biz=MzI0NjU2NDMwNQ==&mid=2247504586&idx=1&sn=667f8402bebdb572ddabe5ecd419bfca&chksm=e9bfc674dec84f6234750fd856ba4bfd720b2739fd6d525d5cf469d492beaac34d64762021e2&scene=58&subscene=0#rd" + }, + "M01N Team": { + "每周蓝军技术推送(2025.1.4-1.10)": "https://mp.weixin.qq.com/s?__biz=MzkyMTI0NjA3OA==&mid=2247493958&idx=1&sn=fc9a1bbf6caf95a8b7e36393cad78eda&chksm=c1842957f6f3a0415494df511f9508dc96bd52859b394da2d476577ba2244cf005425fb0422e&scene=58&subscene=0#rd" + }, + "腾讯科恩实验室": { + "揭秘SecBench大模型网络安全测评数据集构建": "https://mp.weixin.qq.com/s?__biz=MzU1MjgwNzc4Ng==&mid=2247512655&idx=1&sn=106694cb80bebae36c6c05265abd108f&chksm=fbfe8e4acc89075c0720dc0dac3598a15c0586527b20f0963008dc6c927d76b0371b080c1c05&scene=58&subscene=0#rd" + }, + "补天平台": { + "2024补天平台【专属SRC】年度榜单发布!": "https://mp.weixin.qq.com/s?__biz=MzI2NzY5MDI3NQ==&mid=2247507272&idx=1&sn=4dda0db202724e951d5e867b98fbb1be&chksm=eaf99504dd8e1c125b693c288f80a10c9a88fd21edea65a6ab9f6a61d5e21822f182145141ed&scene=58&subscene=0#rd" + }, + "奇安信威胁情报中心": { + "每周高级威胁情报解读(2025.01.03~01.09)": "https://mp.weixin.qq.com/s?__biz=MzI2MDc2MDA4OA==&mid=2247513719&idx=1&sn=7ba22c6c00a862dcc9bd46f1f73fc77d&chksm=ea664100dd11c8160f008b33f2a15aa0b4839d1559f4b3481539f9536f92c79c36c5b9357879&scene=58&subscene=0#rd" + }, + "NOVASEC": { + "Hawkeye 一款Windows综合应急响应工具": "https://mp.weixin.qq.com/s?__biz=MzUzODU3ODA0MA==&mid=2247490417&idx=1&sn=fe9dad38c72edfe0050a8f09afa05153&chksm=fad4c666cda34f704ce062d76decee29ad7ca69d6ac2c2a7d4c25273beae358cc3303fec21de&scene=58&subscene=0#rd" + }, + "极客公园": { + "26.3 万,特斯拉焕新 Model Y 突然上市,雷军「发贺电」": "https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653071793&idx=1&sn=3f07ac1e0a74b594446d172b6befabfa&chksm=7e57d40749205d111364fb0ebdb1493de6a3d45c0dcad2921ffbc85a307b04963edeab946d87&scene=58&subscene=0#rd", + "2025 年 CES,为什么变成了世界最大「眼镜城」?": "https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653071781&idx=1&sn=dca04f483bca99394f6c3d127dcfc9ac&chksm=7e57d41349205d05c6dcd85def9e879d572cf93f982b13b01c05aa53447eab4c6350e6b57877&scene=58&subscene=0#rd", + "B 站成春晚「独家弹幕视频平台」;西藏地震「小孩被埋」AI 生成图将被追责;加州大火危及好莱坞等景点 | 极客早知道": "https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653071702&idx=1&sn=7edc49de07482379ea1a9dbd199dc069&chksm=7e57d4e049205df61a63b790d9e5e6242217bc39d86a43681249ef2057e91f76a9ed5ff3e317&scene=58&subscene=0#rd" + }, + "Tide安全团队": { + "Pwn入门之格式化字符串漏洞": "https://mp.weixin.qq.com/s?__biz=Mzg2NTA4OTI5NA==&mid=2247519568&idx=1&sn=a136e2cd3ab3db52ce3b8f15811f0411&chksm=ce5daf31f92a2627e42e6f140583642241a9cce471e1727c960141e4bda457f55374ea16de47&scene=58&subscene=0#rd" + }, + "情报分析师": { + "​致人民警察的一封信": "https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650558871&idx=1&sn=2049a81dea035595445267831bbf8eba&chksm=87117fdcb066f6ca90663192d96ff49aed9c05534fe81b7648f73162d5573546a71af8d1bf83&scene=58&subscene=0#rd", + "深挖缅甸妙瓦底 KK 园区:电信诈骗的阴暗角落与跨国打击的艰难之路": "https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650558871&idx=2&sn=425102a0a5e829f41bce07b26f791afb&chksm=87117fdcb066f6ca21d4a5bc70df0464f5c0045f99e6be6137f53a7c7185427bf4511495f63e&scene=58&subscene=0#rd", + "2025年日本国防战略调整分析": "https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650558871&idx=3&sn=5dc7c0bf081673ac6520dbd2dd7aec61&chksm=87117fdcb066f6cae78b04d12794725fee009f42e9b6f3afe33590cd3d1fe9a7b6ae8e9c49f1&scene=58&subscene=0#rd" + }, + "ChaMd5安全团队": { + "共赴商用密码盛事,开启创新发展新篇--2025第三届商用密码展将于6月11日-13日在上海举办!": "https://mp.weixin.qq.com/s?__biz=MzIzMTc1MjExOQ==&mid=2247511835&idx=1&sn=74578ef36cfe67c4677beb96c5d15795&chksm=e89d87c3dfea0ed56fbfb4aaa6133aa385822fce6524d09512079841830c9e533d5a57e3d129&scene=58&subscene=0#rd" + }, + "威胁猎人Threat Hunter": { + "【黑产大数据】恶意贷款中介揭秘": "https://mp.weixin.qq.com/s?__biz=MzI3NDY3NDUxNg==&mid=2247498437&idx=1&sn=5c259f2e9ba6de730bc41e763ee2d2dd&chksm=eb12dcfedc6555e8683ea4e9d3ef00a820ab4767b92370d3181b0f11552e01f1c8081d185d44&scene=58&subscene=0#rd" + }, + "Beacon Tower Lab": { + "DayDayMap新年回馈——免费抽取终身会员,另有更多好礼等你来拿!": "https://mp.weixin.qq.com/s?__biz=MzkyNzcxNTczNA==&mid=2247486924&idx=1&sn=c7a4a0ad299a4e872a4cc0ac31de6468&chksm=c2229535f5551c23a4f1b84c0ceaa260a77296571764bab74d7d6b1a719e7f7db3c0cd8eb44e&scene=58&subscene=0#rd" + }, + "吴鲁加": { + "来组队运动打卡": "https://mp.weixin.qq.com/s?__biz=Mzg5NDY4ODM1MA==&mid=2247485130&idx=1&sn=9ac53212495be2d6d3ae106527dc1009&chksm=c01a8bfbf76d02edf3bf046517683cdf658dd75a6a766df06f5e25848753313bd5f19050a436&scene=58&subscene=0#rd" + }, + "复旦白泽战队": { + "复旦白泽天梯多轮对话专项天梯结果出炉": "https://mp.weixin.qq.com/s?__biz=MzU4NzUxOTI0OQ==&mid=2247492826&idx=1&sn=488d035b0ded0b568d5556b3f1b6b236&chksm=fde860a4ca9fe9b2256b7824f2c6a0194a6196776cfb30fc1a38a18a9c49960ca335769238d8&scene=58&subscene=0#rd" + }, + "嘶吼专业版": { + "【急聘】京东集团信息安全部招人啦~~": "https://mp.weixin.qq.com/s?__biz=MzI0MDY1MDU4MQ==&mid=2247580725&idx=1&sn=b63dd1e7fcbf3c546ef2120ab62800cc&chksm=e9146c0fde63e519ca57b762b500b310a8d68a3c49aed5115723adb48468e79935456c477c21&scene=58&subscene=0#rd", + "国家网络安全通报中心:重点防范境外恶意网址和恶意IP": "https://mp.weixin.qq.com/s?__biz=MzI0MDY1MDU4MQ==&mid=2247580725&idx=2&sn=63fd746c589e9cd1b6647a823ca163d3&chksm=e9146c0fde63e519285ec50431f0b8a8d25de8216245362a6d0c32046f930271a801895c78e0&scene=58&subscene=0#rd" + }, + "dotNet安全矩阵": { + "接二连三,通过 .NET AppDomain 注入后门实现权限维持": "https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498124&idx=1&sn=34076b04cb96fa929b7d8a8cbae565cc&chksm=fa595761cd2ede7736fb0ecec4ef46c342c1320893e64801929a44e06a7d4c2b387f41f899a1&scene=58&subscene=0#rd", + ".NET 安全基础入门学习知识库": "https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498124&idx=2&sn=4ea7c449c3918b19d0dbc98deac36034&chksm=fa595761cd2ede772a770f375217321f3d306206ea48e79b69d580bfd14adece2f9ca4fa0032&scene=58&subscene=0#rd", + "来来来,喝酒不够持久的都不配叫APT玩家!": "https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498124&idx=3&sn=764005c46751c846ff68b2d7b52522b1&chksm=fa595761cd2ede779c023189b1b634746fe96cf81f90b0705cd4910d47db55c81a8d4f8e0183&scene=58&subscene=0#rd" + }, + "安全419": { + "【观演指南】| 明晚 | 摇滚黑客2025演唱会北京现场见!": "https://mp.weixin.qq.com/s?__biz=MzUyMDQ4OTkyMg==&mid=2247546519&idx=1&sn=0b14341dacc638097b304b34c2fce4b7&chksm=f9ebe83ace9c612ca4bedf40cd1a69fd40513b21d20cb4e73812294b7534c71420f3211ccbda&scene=58&subscene=0#rd", + "听摇滚黑客2025演唱会 享滴滴打车五折优惠": "https://mp.weixin.qq.com/s?__biz=MzUyMDQ4OTkyMg==&mid=2247546519&idx=2&sn=9c53a50b2d2fd5f2dd014e5726399bac&chksm=f9ebe83ace9c612c3d89c04885de278be3a60f45746a387b90ef49a61b6c52b882ccab8a1a96&scene=58&subscene=0#rd" + }, + "360数字安全": { + "致敬警察节|警企携手,筑牢安全防护网!": "https://mp.weixin.qq.com/s?__biz=MzA4MTg0MDQ4Nw==&mid=2247578636&idx=1&sn=13cefe2c13751df91b8d32c27800f0d1&chksm=9f8d2404a8faad12c120e53ebaadc85d8d03fcad4cfc00507ef69d50593b088ba16adc9e449d&scene=58&subscene=0#rd" + }, + "迪哥讲事": { + "记某次测试翻阅海量js语句黑盒出sql注入": "https://mp.weixin.qq.com/s?__biz=MzIzMTIzNTM0MA==&mid=2247496807&idx=1&sn=44a86c5974f7824fcfd2d43bc5bd70b3&chksm=e8a5fe04dfd277126cdac3b07133c0a9ac6eaa4ef20c878e69b9c97e40377d22ed09e081aacd&scene=58&subscene=0#rd" + }, + "悬镜安全": { + "权威认可|悬镜再次入选2024年度毕马威中国金融科技企业双50强": "https://mp.weixin.qq.com/s?__biz=MzA3NzE2ODk1Mg==&mid=2647795461&idx=1&sn=ea056881a28c848a31e57e1b2b75317c&chksm=8770af52b007264447b448eb912a971a9cdc84538023218ca3f23da02af85dac925dded42dd8&scene=58&subscene=0#rd" + }, + "LuxSci": { + "LuxSci Strengthens Leadership Position in G2 Winter 2025 Reports": "https://luxsci.com/blog/luxsci-g2-reviews-winter-2025.html" + }, + "IT Service Management News": { + "Sull'incidente InfoCert": "http://blog.cesaregallotti.it/2025/01/sullincidente-infocert.html" + }, + "bellingcat": { + "Seeing More With Satellite Imagery Using Band Combinations, Ratios and Indices": "https://www.bellingcat.com/resources/2025/01/10/satellite-imagery-bands-guide/" + }, + "火绒安全": { + "【火绒安全周报】T1电竞选手直播因DDoS攻击再度中断/不法分子假冒网安公司招聘发动钓鱼攻击": "https://mp.weixin.qq.com/s?__biz=MzI3NjYzMDM1Mg==&mid=2247521496&idx=1&sn=c7605f161604bbc226e351e4634ef9af&chksm=eb704ae7dc07c3f1af99f7500c637baf22504d2a8f12b042a27370ebb8a87ab2ff9813e53d6a&scene=58&subscene=0#rd", + "诚邀渠道合作伙伴共启新征程": "https://mp.weixin.qq.com/s?__biz=MzI3NjYzMDM1Mg==&mid=2247521496&idx=2&sn=bdaa413a8417b3ecd5583b9fe9fc3b65&chksm=eb704ae7dc07c3f1b01fc69498a1ea604c8c4bdf26b76844d6e141500693739c5cb578317b77&scene=58&subscene=0#rd" + }, + "安全牛": { + "安全牛《中国网络安全全景图》(第十二版)调研启动": "https://mp.weixin.qq.com/s?__biz=MjM5Njc3NjM4MA==&mid=2651134576&idx=1&sn=e86ab5b49773d2d99aa5756c964bd0a5&chksm=bd15aaa38a6223b5ee9ca73cc3c5a819f983c98155cd6ed258f90a86c33c690cb9604f8bfe3c&scene=58&subscene=0#rd", + "欧盟委员会因隐私违规行为首次被追责;苹果以9500万美元和解持续了5年的Siri隐私诉讼 | 牛览": "https://mp.weixin.qq.com/s?__biz=MjM5Njc3NjM4MA==&mid=2651134576&idx=2&sn=a7d8e8804916170cb6b3ad59b218d42d&chksm=bd15aaa38a6223b5d84b077a9d24888eb1504e4c9b7448a0c8d86e9c4aa1ab32a1d9d8746acd&scene=58&subscene=0#rd" + }, + "ICT Security Magazine": { + "Perché le aziende dovrebbero prepararsi agli attacchi informatici durante le festività": "https://www.ictsecuritymagazine.com/notizie/attacchi-informatici-semperis/", + "La Remediation nella Sicurezza Informatica: sfide e prospettive": "https://www.ictsecuritymagazine.com/articoli/remediation-sicurezza/" + }, + "Schneier on Security": { + "Friday Squid Blogging: Cotton-and-Squid-Bone Sponge": "https://www.schneier.com/blog/archives/2025/01/friday-squid-blogging-cotton-and-squid-bone-sponge.html", + "Apps That Are Spying on Your Location": "https://www.schneier.com/blog/archives/2025/01/apps-that-are-spying-on-your-location.html" + }, + "FuzzWiki": { + "HirGen:针对深度学习编译器的模糊测试技术": "https://mp.weixin.qq.com/s?__biz=MzU1NTEzODc3MQ==&mid=2247486850&idx=1&sn=dced461f84a7bc0c0fce0bc7d690ea72&chksm=fbd9a63eccae2f28d233d59f36d0bbff14a8c6daae02b28bae378464ea8a92da71dc90e8cde1&scene=58&subscene=0#rd" + }, + "Hacking Exposed Computer Forensics Blog": { + "Daily Blog #714: Forensic Lunch 1/10/25 with Ryatt Roesrma talking about fine tuning AI models": "https://www.hecfblog.com/2025/01/daily-blog-714-forensic-lunch-11025.html" + }, + "Over Security - Cybersecurity news aggregator": { + "Marijuana dispensary STIIIZY warns of leaked IDs after November data breach": "https://therecord.media/marijuana-dispensary-warns-of-data-breach", + "NSO ruling is a victory for WhatsApp, but could have a small impact on spyware industry": "https://therecord.media/nso-whatsapp-ruling-may-have-limited-impact-on-spyware-ecosystem", + "New York sues to recover $2 million in crypto stolen in remote job scams": "https://therecord.media/new-york-sues-recover-millions", + "Telefónica confirms internal ticketing system breach after data leak": "https://www.bleepingcomputer.com/news/security/telefonica-confirms-internal-ticketing-system-breach-after-data-leak/", + "New Web3 attack exploits transaction simulations to steal crypto": "https://www.bleepingcomputer.com/news/security/new-web3-attack-exploits-transaction-simulations-to-steal-crypto/", + "Russian nationals arrested by US, accused of running crypto mixers Blender and Sinbad": "https://therecord.media/russian-nationals-indicted-blender-sinbad-crypto-mixers", + "US charges operators of cryptomixers linked to ransomware gangs": "https://www.bleepingcomputer.com/news/security/us-charges-operators-of-cryptomixers-linked-to-ransomware-gangs/", + "Flashpoint Intelligence: Delivering Actionable Data for a Safer World": "https://flashpoint.io/blog/flashpoint-intelligence-delivering-actionable-data/", + "Slovakia’s land registry hit by biggest cyberattack in country’s history, minister says": "https://therecord.media/slovakia-registry-cyberattack-land-agriculture", + "US government charges operators of crypto mixing service used by North Korea and ransomware gangs": "https://techcrunch.com/2025/01/10/us-government-charges-operators-of-crypto-mixing-service-used-by-north-korea-and-ransomware-gangs/", + "Treasury hackers also breached US foreign investments review office": "https://www.bleepingcomputer.com/news/security/treasury-hackers-also-breached-us-foreign-investments-review-office/", + "Docker Desktop blocked on Macs due to false malware alert": "https://www.bleepingcomputer.com/news/security/docker-desktop-blocked-on-macs-due-to-false-malware-alert/", + "Proton worldwide outage caused by Kubernetes migration, software change": "https://www.bleepingcomputer.com/news/technology/proton-worldwide-outage-caused-by-kubernetes-migration-software-change/", + "New amateurish ransomware group FunkSec using AI to develop malware": "https://therecord.media/funksec-ransomware-using-ai-malware", + "STIIIZY data breach exposes cannabis buyers’ IDs and purchases": "https://www.bleepingcomputer.com/news/security/stiiizy-data-breach-exposes-cannabis-buyers-ids-and-purchases/", + "Sintesi riepilogativa delle campagne malevole nella settimana del 4 – 10 gennaio": "https://cert-agid.gov.it/news/sintesi-riepilogativa-delle-campagne-malevole-nella-settimana-del-4-10-gennaio/", + "Microsoft to force install new Outlook on Windows 10 PCs in February": "https://www.bleepingcomputer.com/news/microsoft/microsoft-to-force-install-new-outlook-on-windows-10-pcs-in-february/", + "BlinkenCity: From Art Project to Europe-wide Blackout Scenario": "https://positive.security/blog/blinkencity-38c3", + "Bots identified pushing anti-NATO messages in Croatian presidential runoff": "https://therecord.media/bots-pushing-anti-nato-messages-croatian-election", + "U.S. Telecom, Zero-Day Attacks Show Need for Cybersecurity Hygiene": "https://cyble.com/blog/us-telecom-zero-day-attacks-show-need-for-cybersecurity-hygiene/", + "WorstFit: Unveiling Hidden Transformers in Windows ANSI!": "https://blog.orange.tw/posts/2025-01-worstfit-unveiling-hidden-transformers-in-windows-ansi/", + "Critical ICS Vulnerabilities Uncovered in Weekly Vulnerability Report": "https://cyble.com/blog/new-ics-vulnerabilities-report/" + }, + "白泽安全实验室": { + "APT组织Turla瞄准巴基斯坦关键基础设施展开攻击活动——每周威胁情报动态第208期 (01.03-01.09)": "https://mp.weixin.qq.com/s?__biz=MzI0MTE4ODY3Nw==&mid=2247492512&idx=1&sn=c207ba89352dde2873ca1a70add44b6e&chksm=e90dc98ade7a409cc199fc590cf3e312dc6eaa82247b6b584125cb7f616538f5b28e41749a4a&scene=58&subscene=0#rd" + }, + "安全村SecUN": { + "躬行|《电子数据取证与网络犯罪调查》专刊第七辑50份惊喜抽奖:)警察节快乐!": "https://mp.weixin.qq.com/s?__biz=MzkyODM5NzQwNQ==&mid=2247496405&idx=1&sn=17b40406394060c7c389957502b86cb2&chksm=c21bd3e7f56c5af18c89a7436057ceea52e2c7e320b66f8f0807b3848982e27e0681de90f2e0&scene=58&subscene=0#rd" + }, + "The Hacker News": { + "Google Project Zero Researcher Uncovers Zero-Click Exploit Targeting Samsung Devices": "https://thehackernews.com/2025/01/google-project-zero-researcher-uncovers.html", + "Taking the Pain Out of Cybersecurity Reporting: A Practical Guide for MSPs": "https://thehackernews.com/2025/01/taking-pain-out-of-cybersecurity.html", + "AI-Driven Ransomware FunkSec Targets 85 Victims Using Double Extortion Tactics": "https://thehackernews.com/2025/01/ai-driven-ransomware-funksec-targets-85.html", + "Hands-On Walkthrough: Microsegmentation For all Users, Workloads and Devices by Elisity": "https://thehackernews.com/2025/01/hands-on-walkthrough-microsegmentation.html", + "RedDelta Deploys PlugX Malware to Target Mongolia and Taiwan in Espionage Campaigns": "https://thehackernews.com/2025/01/reddelta-deploys-plugx-malware-to.html", + "CrowdStrike Warns of Phishing Scam Targeting Job Seekers with XMRig Cryptominer": "https://thehackernews.com/2025/01/crowdstrike-warns-of-phishing-scam.html" + }, + "TorrentFreak": { + "‘Strike 3’ Filed a Record Number of Piracy Lawsuits in 2024": "https://torrentfreak.com/strike-3-filed-a-record-number-of-piracy-lawsuits-in-2024-250110/" + }, + "SANS Internet Storm Center, InfoCON: green": { + "ISC Stormcast For Friday, January 10th, 2025 https://isc.sans.edu/podcastdetail/9274, (Fri, Jan 10th)": "https://isc.sans.edu/diary/rss/31576", + "Windows Defender Chrome Extension Detection, (Fri, Jan 10th)": "https://isc.sans.edu/diary/rss/31574" + }, + "Graham Cluley": { + "Canadian man loses a cryptocurrency fortune to scammers – here’s how you can stop it happening to you": "https://www.bitdefender.com/en-us/blog/hotforsecurity/canadian-man-loses-a-cryptocurrency-fortune-to-scammers-heres-how-you-can-stop-it-happening-to-you" + }, + "Information Security": { + "Organized my cybersecurity bookmarks into a GitHub repo (300+ sources)": "https://www.reddit.com/r/Information_Security/comments/1hy0exs/organized_my_cybersecurity_bookmarks_into_a/", + "RBI PA-PG (Payment Aggregators & Payment Gateways) Audit": "https://www.reddit.com/r/Information_Security/comments/1hxz9tj/rbi_papg_payment_aggregators_payment_gateways/" + }, + "Deep Web": { + "How safe is posting on forums on the darkweb?": "https://www.reddit.com/r/deepweb/comments/1hy0bdu/how_safe_is_posting_on_forums_on_the_darkweb/", + "Dark web purchase": "https://www.reddit.com/r/deepweb/comments/1hy1wwb/dark_web_purchase/" + }, + "Computer Forensics": { + "CREST Certs (CPIA|CRIA)": "https://www.reddit.com/r/computerforensics/comments/1hyahq4/crest_certs_cpiacria/", + "Mac OS - need application logs": "https://www.reddit.com/r/computerforensics/comments/1hxtfyh/mac_os_need_application_logs/", + "Macbook M4/M4 Pro Collections": "https://www.reddit.com/r/computerforensics/comments/1hxtktu/macbook_m4m4_pro_collections/" + }, + "Blackhat Library: Hacking techniques and research": { + "Just question": "https://www.reddit.com/r/blackhat/comments/1hyesag/just_question/" + }, + "Your Open Hacker Community": { + "A question": "https://www.reddit.com/r/HowToHack/comments/1hyauea/a_question/", + "Question about windows": "https://www.reddit.com/r/HowToHack/comments/1hye2lu/question_about_windows/", + "Is this Vulnerable ?": "https://www.reddit.com/r/HowToHack/comments/1hyi8hk/is_this_vulnerable/", + "Could anyone help me in understanding this \"Not Operational or Intended Public Access\" vulnerability ?": "https://www.reddit.com/r/HowToHack/comments/1hy7xk7/could_anyone_help_me_in_understanding_this_not/", + "Help": "https://www.reddit.com/r/HowToHack/comments/1hyhuu9/help/", + "Wardriving Question": "https://www.reddit.com/r/HowToHack/comments/1hy5hha/wardriving_question/", + "How to hack a new ai website?": "https://www.reddit.com/r/HowToHack/comments/1hyhm2r/how_to_hack_a_new_ai_website/", + "Any idea how to gg cpm2 ?": "https://www.reddit.com/r/HowToHack/comments/1hy96jp/any_idea_how_to_gg_cpm2/", + "how to loop a cctv camera": "https://www.reddit.com/r/HowToHack/comments/1hy7y62/how_to_loop_a_cctv_camera/", + "Taking down Defender experiment": "https://www.reddit.com/r/HowToHack/comments/1hxtxzr/taking_down_defender_experiment/" + }, + "Security Affairs": { + "Banshee macOS stealer supports new evasion mechanisms": "https://securityaffairs.com/172918/malware/new-version-of-the-banshee-macos-stealer.html", + "Researchers disclosed details of a now-patched Samsung zero-click flaw": "https://securityaffairs.com/172909/hacking/samsung-zero-click-flaw.html", + "Phishers abuse CrowdStrike brand targeting job seekers with cryptominer": "https://securityaffairs.com/172900/cyber-crime/crowdstrike-phishing-campaign-recruitment-branding.html", + "China-linked APT group MirrorFace targets Japan": "https://securityaffairs.com/172890/apt/china-linked-apt-mirrorface-targets-japan.html" + }, + "netsecstudents: Subreddit for students studying Network Security and its related subjects": { + "Passed Cisco 100-140 (CCST IT Support) Exam! Here's How I Prepared": "https://www.reddit.com/r/netsecstudents/comments/1hy26je/passed_cisco_100140_ccst_it_support_exam_heres/", + "What is the best practice to securely host an application in Linux?": "https://www.reddit.com/r/netsecstudents/comments/1hxzw9c/what_is_the_best_practice_to_securely_host_an/", + "What project should be added in resume as a cyber security beginner?": "https://www.reddit.com/r/netsecstudents/comments/1hxvis0/what_project_should_be_added_in_resume_as_a_cyber/", + "Guidance Needed for Safe Demonstration of GIF Malware Detection": "https://www.reddit.com/r/netsecstudents/comments/1hxyr5d/guidance_needed_for_safe_demonstration_of_gif/", + "Graduating soon at 19, Sec+ done - what’s the next cert or skill to pursue?": "https://www.reddit.com/r/netsecstudents/comments/1hxra7i/graduating_soon_at_19_sec_done_whats_the_next/" + }, + "Trend Micro Research, News and Perspectives": { + "How Cracks and Installers Bring Malware to Your Device": "https://www.trendmicro.com/en_us/research/25/a/how-cracks-and-installers-bring-malware-to-your-device.html" + }, + "Technical Information Security Content & Discussion": { + "ACE up the sleeve: Hacking into Apple's new USB-C Controller": "https://www.reddit.com/r/netsec/comments/1hy9t8i/ace_up_the_sleeve_hacking_into_apples_new_usbc/", + "How to jailbreak most/all LLMs using Assistant Prefill": "https://www.reddit.com/r/netsec/comments/1hy6snm/how_to_jailbreak_mostall_llms_using_assistant/", + "Exploiting SSTI in a Modern Spring Boot Application (3.3.4)": "https://www.reddit.com/r/netsec/comments/1hy06vj/exploiting_ssti_in_a_modern_spring_boot/", + "Do Secure-By-Design Pledges Come With Stickers? - Ivanti Connect Secure RCE (CVE-2025-0282) - watchTowr Labs": "https://www.reddit.com/r/netsec/comments/1hxt46x/do_securebydesign_pledges_come_with_stickers/" + }, + "The Register - Security": { + "Chinese cyber-spies peek over shoulder of officials probing real-estate deals near American military bases": "https://go.theregister.com/feed/www.theregister.com/2025/01/10/china_treasury_foreign_investment/", + "Drug addiction treatment service admits attackers stole sensitive patient data": "https://go.theregister.com/feed/www.theregister.com/2025/01/10/baymark_data_breach/", + "Devs sent into security panic by 'feature that was helpful … until it wasn't'": "https://go.theregister.com/feed/www.theregister.com/2025/01/10/on_call/" + }, + "Security Weekly Podcast Network (Audio)": { + "Robot Dogs, Ivanti, SonicWall, Banshee, Telegram, Motorola, Aaran Leyland, and more. - SWN #441": "http://sites.libsyn.com/18678/robot-dogs-ivanti-sonicwall-banshee-telegram-motorola-aaran-leyland-and-more-swn-441" + } +} \ No newline at end of file diff --git a/today.md b/today.md index e354846059..260114ebb4 100644 --- a/today.md +++ b/today.md @@ -1,331 +1,455 @@ -# 每日安全资讯(2025-01-10) +# 每日安全资讯(2025-01-11) -- Private Feed for M09Ic - - [ ] [CHYbeta starred blanboom/awesome-home-networking-cn](https://github.com/blanboom/awesome-home-networking-cn) - - [ ] [zema1 starred howmp/iisproxy](https://github.com/howmp/iisproxy) - - [ ] [zema1 starred howmp/wget](https://github.com/howmp/wget) - - [ ] [gh0stkey starred kylemanna/docker-openvpn](https://github.com/kylemanna/docker-openvpn) - - [ ] [zema1 started following howmp](https://github.com/howmp) - - [ ] [zema1 starred howmp/LdrpHandleTlsData](https://github.com/howmp/LdrpHandleTlsData) - - [ ] [tennc starred janhq/jan](https://github.com/janhq/jan) - - [ ] [mozhu1024 released v0.1.0 at virzz/gh-mozhu](https://github.com/virzz/gh-mozhu/releases/tag/v0.1.0) - - [ ] [mozhu1024 created a repository virzz/gh-mozhu](https://github.com/virzz/gh-mozhu//) - - [ ] [huoji120 starred elastic/gosigar](https://github.com/elastic/gosigar) - - [ ] [gh0stkey starred ozguralp/gmapsapiscanner](https://github.com/ozguralp/gmapsapiscanner) - - [ ] [gh0stkey starred joanbono/gap](https://github.com/joanbono/gap) - - [ ] [yzddmr6 starred langflow-ai/langflow](https://github.com/langflow-ai/langflow) - - [ ] [zema1 starred andfoy/winpty-rs](https://github.com/andfoy/winpty-rs) - - [ ] [shmilylty starred Tencent/CodeAnalysis](https://github.com/Tencent/CodeAnalysis) - - [ ] [ring04h starred alitto/pond](https://github.com/alitto/pond) - - [ ] [ring04h starred panjf2000/ants](https://github.com/panjf2000/ants) - - [ ] [gh0stkey starred sz3/cfc](https://github.com/sz3/cfc) - - [ ] [niudaii starred INotGreen/SharpScan](https://github.com/INotGreen/SharpScan) - - [ ] [uknowsec starred n0a/telegram-get-remote-ip](https://github.com/n0a/telegram-get-remote-ip) - - [ ] [Ridter starred CICADA8-Research/IHxExec](https://github.com/CICADA8-Research/IHxExec) - - [ ] [Ridter starred FalconForceTeam/SOAPHound](https://github.com/FalconForceTeam/SOAPHound) - - [ ] [Ridter starred Friends-Security/ShadowHound](https://github.com/Friends-Security/ShadowHound) - - [ ] [Ridter starred kyxiaxiang/DetectCobaltStrike](https://github.com/kyxiaxiang/DetectCobaltStrike) - - [ ] [Ridter starred nashaofu/xcap](https://github.com/nashaofu/xcap) - - [ ] [Ridter forked Ridter/BinHol from timwhitez/BinHol](https://github.com/Ridter/BinHol) - - [ ] [Ridter starred timwhitez/BinHol](https://github.com/timwhitez/BinHol) - - [ ] [killeven starred yaklang/yakit](https://github.com/yaklang/yakit) - - [ ] [yzddmr6 starred bbruceyuan/Hands-On-Large-Language-Models-CN](https://github.com/bbruceyuan/Hands-On-Large-Language-Models-CN) - - [ ] [yzddmr6 starred HandsOnLLM/Hands-On-Large-Language-Models](https://github.com/HandsOnLLM/Hands-On-Large-Language-Models) -- CXSECURITY Database RSS Feed - CXSecurity.com - - [ ] [WebKraze,Vibgyor Media Web Application Union-based Sql Injection](https://cxsecurity.com/issue/WLB-2025010012) - - [ ] [banking-1.0-Copyright©2025-Multiple-SQLi](https://cxsecurity.com/issue/WLB-2025010011) -- 奇安信攻防社区 - - [ ] [深入剖析Linux堆内存分配机制:从基础原理到安全漏洞利用](https://forum.butian.net/share/4032) - - [ ] [Linux内核安全:漏洞利用与防护技术的博弈](https://forum.butian.net/share/4007) - - [ ] [CVE-2024-41009 Linux内核的bpf ringbuf中存在一个缓冲区重叠漏洞分析与利用](https://forum.butian.net/share/4024) -- 嘶吼 RoarTalk – 网络安全行业综合服务平台,4hou.com - - [ ] [360发布2024年勒索软件流行态势报告,全面展现威胁传播与演化趋势](https://www.4hou.com/posts/QXK5) - - [ ] [倒计时启动 | 第八届西湖论剑·中国杭州网络安全技能大赛,速抓最后机会!](https://www.4hou.com/posts/PGK6) - - [ ] [橄榄球队Green Bay Packers网上商店遭黑客攻击 信用卡被盗](https://www.4hou.com/posts/OGXE) - - [ ] [黑客模仿社会保障管理局传播 ConnectWise RAT](https://www.4hou.com/posts/NGK8) +- paper - Last paper + - [ ] [Self-changing Data Type - CVE-2024-40676 漏洞分析](https://paper.seebug.org/3266/) - Recent Commits to cve:main - - [ ] [Update Thu Jan 9 20:20:51 UTC 2025](https://github.com/trickest/cve/commit/efc306e3585fb2346b046c08a8a89c4d7644eb30) - - [ ] [Update Thu Jan 9 12:19:44 UTC 2025](https://github.com/trickest/cve/commit/9c82c18aae4815bb8f8baa1057c1d11a900c061f) - - [ ] [Update Thu Jan 9 04:20:03 UTC 2025](https://github.com/trickest/cve/commit/554ae22ad4d5abc9d889646cec8c7b0515baeea5) + - [ ] [Update Fri Jan 10 20:11:13 UTC 2025](https://github.com/trickest/cve/commit/35ab00cc0e2f9453ab25383a9a5c9d4cfa1182d1) + - [ ] [Update Fri Jan 10 12:19:12 UTC 2025](https://github.com/trickest/cve/commit/bb4ddf1816df72235be5cd596f20b2ed83504f0c) + - [ ] [Update Fri Jan 10 04:22:20 UTC 2025](https://github.com/trickest/cve/commit/0eba4829b48b6e4109d4f696f205771712d068c3) +- 嘶吼 RoarTalk – 网络安全行业综合服务平台,4hou.com + - [ ] [国家网络安全通报中心:重点防范境外恶意网址和恶意IP](https://www.4hou.com/posts/VW2o) + - [ ] [Check Point:企业如何应对复杂网络挑战?](https://www.4hou.com/posts/W1Ko) +- Doonsec's feed + - [ ] [特朗普上台,中美会发生网络战吗?](https://mp.weixin.qq.com/s?__biz=MzU0MzgyMzM2Nw==&mid=2247486232&idx=1&sn=5527e80a86875c017071d27f5b315e3e) + - [ ] [30天渗透测试练习计划(2025 第一部分)](https://mp.weixin.qq.com/s?__biz=MzkyODYwODkyMA==&mid=2247484899&idx=1&sn=9aae3d9926fe3695441f5c88f9f5546f) + - [ ] [2025 年,炼石计划@赛博代审之旅又带来了什么好东西呢?](https://mp.weixin.qq.com/s?__biz=Mzg3MDU1MjgwNA==&mid=2247487164&idx=1&sn=ee4ecadbaa3c2616b6e600c1711926e0) + - [ ] [中国软件评测中心2024年干部述职述廉考核 工作总结表彰大会暨2025年工作计划会圆满召开](https://mp.weixin.qq.com/s?__biz=MjM5NzYwNDU0Mg==&mid=2649249217&idx=1&sn=efe8d1f5b3fa8193ede8e5ee31c840e9) + - [ ] [国家互联网信息办公室关于《网络信息内容多渠道分发服务机构相关业务活动管理规定(草案稿)》公开征求意见的通知](https://mp.weixin.qq.com/s?__biz=MzI5NTM4OTQ5Mg==&mid=2247633711&idx=1&sn=7ade192a71c4b34eb6cf7fd5930216ce) + - [ ] [突发!美国拟(全面禁止)向中国出口 GPU](https://mp.weixin.qq.com/s?__biz=MzI5NTM4OTQ5Mg==&mid=2247633711&idx=3&sn=a171f86485cabe24801c9536db242e1e) + - [ ] [海南发布商超消费领域个人信息保护合规指引,涉及门店APP、小程序运行规范(附全文)](https://mp.weixin.qq.com/s?__biz=MzI5NTM4OTQ5Mg==&mid=2247633711&idx=4&sn=068613b0262e30ac174c7fa092dfc2ec) + - [ ] [豆包好用的关键在于你得会用❗熬夜整理](https://mp.weixin.qq.com/s?__biz=MzU5MjI1NTY1Mg==&mid=2247483976&idx=1&sn=ef740b84f599f005ce29d414f97b0ad7) + - [ ] [2025考试安排 | CCRC数据安全官、数据安全评估师](https://mp.weixin.qq.com/s?__biz=MzU0Mzk0NDQyOA==&mid=2247521211&idx=1&sn=f5888344ad57191e78dfff778e714701) + - [ ] [信创加速,腾讯安全湖现已完成全栈国产化适配,助力企业高效替换](https://mp.weixin.qq.com/s?__biz=Mzg5OTE4NTczMQ==&mid=2247526338&idx=1&sn=d932d0ca3339bddabd79d6e04f350b57) + - [ ] [2025网安行业优质播客精选集⑤](https://mp.weixin.qq.com/s?__biz=Mzg2MTAwNzg1Ng==&mid=2247495438&idx=1&sn=0dfa956916eecc08f617ada58c6a41aa) + - [ ] [CSDN挂马事件的安全警醒;平时如何应对钓鱼攻击| FB甲方群话题讨论](https://mp.weixin.qq.com/s?__biz=Mzg2MTAwNzg1Ng==&mid=2247495438&idx=2&sn=9a03ea5cc87ec11de2f5a5418b852d13) + - [ ] [中国网络空间安全协会关键信息基础设施安全保护专业委员会在京成立](https://mp.weixin.qq.com/s?__biz=MzA3ODE0NDA4MA==&mid=2649401216&idx=1&sn=de77c2a7f5191211b4a1eddf1353dadf) + - [ ] [武汉科技大学2025-2027年网络安全服务采购](https://mp.weixin.qq.com/s?__biz=MzIxMDIwODM2MA==&mid=2653931394&idx=1&sn=38fbb62c75ca1ac3d4006f41b7847662) + - [ ] [建行超大规模数据中心开建,定位包括大数据业务主生产中心、核心数据备份中心等](https://mp.weixin.qq.com/s?__biz=MzIxMDIwODM2MA==&mid=2653931394&idx=2&sn=faea67696fc3676c501d4b313aa0e8e8) + - [ ] [【1CPE】ISC2Webinar丨降低关键基础设施数字化带来的风险](https://mp.weixin.qq.com/s?__biz=MzUzNTg4NDAyMg==&mid=2247492278&idx=1&sn=68ad8bcc9a61f861bb328a88abfed21f) + - [ ] [通知 | 国家网信办就《网络信息内容多渠道分发服务机构相关业务活动管理规定(草案稿)》公开征求意见(附全文)](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664234365&idx=1&sn=af17f45f731d0c43256ce450f1d66690) + - [ ] [解读 | 《网络数据安全管理条例》有哪些亮点?](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664234365&idx=3&sn=bad4d027f0d756a436be1f46a3d63af6) + - [ ] [关注 | 勇闯“春运”,要注意这些问题!](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664234365&idx=7&sn=26075d2a4c3c7515c08c1b7d9fd68c01) + - [ ] [网安周讯 | 辟谣!“西藏地震小孩被埋”为AI制图(一月第2期)](https://mp.weixin.qq.com/s?__biz=Mzg4MjQ4MjM4OA==&mid=2247523453&idx=1&sn=dc3496239f549ecdc6a72269c1ab8a91) + - [ ] [开放申请 | 2025腾讯犀牛鸟精英人才计划](https://mp.weixin.qq.com/s?__biz=MjM5ODYwMjI2MA==&mid=2649789536&idx=2&sn=f280f844c57c71c77c1e662f9ebb8811) + - [ ] [【云安全】云服务-云服务器ECS-安全问题分析](https://mp.weixin.qq.com/s?__biz=MzUyNTUyNTA5OQ==&mid=2247484084&idx=1&sn=56999ea9f438281ffad8f0d920528b0a) + - [ ] [安全资讯汇总:2025.1.6-2025.1.10](https://mp.weixin.qq.com/s?__biz=MzA4MTE0MTEwNQ==&mid=2668669972&idx=1&sn=1909e2d8e657b12e3eff8fcae8a0b168) + - [ ] [VMProtect本地授权锁的分析与破解](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458588572&idx=1&sn=f7ad4ebbe10787b233f29e316423ebc0) + - [ ] [超4000个后门通过注册过期域名被劫持](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458588572&idx=2&sn=59a0f2be5e5bacf99eec4b02e9d3c5b6) + - [ ] [本周职位大更新!众多企业抛出橄榄枝,你的心动岗位来了吗?](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458588572&idx=3&sn=abdd6a29e3e32a98636c35e70688f0aa) + - [ ] [首次!欧盟委员会因违反数据隐私法规被追责,向个人支付赔偿金](https://mp.weixin.qq.com/s?__biz=MzIzOTc2OTAxMg==&mid=2247548655&idx=1&sn=519c63daf361d43b3bb6e33cf198c0d0) + - [ ] [奇瑞汽车1亿元成立机器人科技公司“墨甲智创”](https://mp.weixin.qq.com/s?__biz=MzIzOTc2OTAxMg==&mid=2247548655&idx=2&sn=1bf760ffea9a49dcd8851b8ecb78cb79) + - [ ] [鹏城实验室与为辰信安联合发布《2024智能网联汽车网络安全报告》(附下载)](https://mp.weixin.qq.com/s?__biz=MzIzOTc2OTAxMg==&mid=2247548655&idx=3&sn=bc9f58e42eefcd52d0731448b4f2df0a) + - [ ] [扫码下载 | 12个鸿蒙生态文件(报告、白皮书)](https://mp.weixin.qq.com/s?__biz=MjM5OTk4MDE2MA==&mid=2655263596&idx=1&sn=a883bc4a6cd7c37fe586151df6fe96ee) + - [ ] [安全牛《中国网络安全全景图》(第十二版)调研启动](https://mp.weixin.qq.com/s?__biz=MjM5Njc3NjM4MA==&mid=2651134576&idx=1&sn=e86ab5b49773d2d99aa5756c964bd0a5) + - [ ] [欧盟委员会因隐私违规行为首次被追责;苹果以9500万美元和解持续了5年的Siri隐私诉讼 | 牛览](https://mp.weixin.qq.com/s?__biz=MjM5Njc3NjM4MA==&mid=2651134576&idx=2&sn=a7d8e8804916170cb6b3ad59b218d42d) + - [ ] [《工业互联网赋能的企业数字化转型》连载及解读之四十三:工业互联网安全技术体系](https://mp.weixin.qq.com/s?__biz=Mzg2ODUxODk3OA==&mid=2247499779&idx=1&sn=42d42838b8d321bb9ae3db7c423fde7f) + - [ ] [《车路云一体化系统 第7部分:信息安全要求和试验方法》(草案)](https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247619208&idx=1&sn=8b8a2f1379020358aa3348970c263aeb) + - [ ] [面向软件定义车辆的E/E架构技术&市场分析报告2025](https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247619208&idx=2&sn=c9683ecfca0fa974f586aa1bec72693c) + - [ ] [2025年智能网联汽车数据分类分级白皮书](https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247619208&idx=3&sn=af703f71840d3044485d467962af982c) + - [ ] [手机上的后门|防不胜防的RAT攻击](https://mp.weixin.qq.com/s?__biz=Mzg2NDYzNDM2NQ==&mid=2247485162&idx=1&sn=134a10ad8e58a3e356511f857fa123a5) + - [ ] [副业天花板,hvv趋势预测](https://mp.weixin.qq.com/s?__biz=MzkxNTIwNTkyNg==&mid=2247553000&idx=1&sn=b1baac10d19b08b13bf3cf699d23d247) + - [ ] [【免费领】网安岗位必备:互联网企业安全建设最佳实践指南](https://mp.weixin.qq.com/s?__biz=MzkxNTIwNTkyNg==&mid=2247553000&idx=2&sn=d488db920cfd91aac90202ba8bc8d7f2) + - [ ] [网络安全动态 - 2025.01.10](https://mp.weixin.qq.com/s?__biz=MzU1MzEzMzAxMA==&mid=2247499873&idx=1&sn=176dfb8874521ec82f865a95f5a1b0d2) + - [ ] [翼开岁首:天空卫士荣膺北京市独角兽企业](https://mp.weixin.qq.com/s?__biz=MzkwMTMyMDQ3Mw==&mid=2247597378&idx=2&sn=6f6f7ac4d7374f0c0f32db92dbdeca3f) + - [ ] [孙凝晖院士:建设面向智能时代的国家数据基础设施](https://mp.weixin.qq.com/s?__biz=MzkwMTMyMDQ3Mw==&mid=2247597378&idx=3&sn=f567eb44e3edd09bd82c2263b3ef3ec4) + - [ ] [安全威胁情报周报(2025/01/04-2025/01/10)](https://mp.weixin.qq.com/s?__biz=Mzg4NjYyMzUyNg==&mid=2247491122&idx=1&sn=898a05c3ec3c50263fa0eb51fd544bdd) + - [ ] [【自研报告】美国对格陵兰利益的战略分析及对策建议](https://mp.weixin.qq.com/s?__biz=MzkxMTA3MDk3NA==&mid=2247487051&idx=1&sn=ec33b2838d1fb6eed3391701e077b62e) + - [ ] [每周网络安全简讯 ( 2025年 第2周 )](https://mp.weixin.qq.com/s?__biz=MzU2MjcwOTY1Mg==&mid=2247521163&idx=1&sn=de51aa92eee1967c687270ff682fa764) + - [ ] [烽火狼烟丨暗网数据及攻击威胁情报分析周报(01/06-01/10)](https://mp.weixin.qq.com/s?__biz=Mzk0NjMxNTgyOQ==&mid=2247484510&idx=1&sn=f233df30c66fbd58c30c6ee06afb3270) + - [ ] [《网络数据安全管理条例》施行数据安全要求再升级](https://mp.weixin.qq.com/s?__biz=MjM5MTI2NDQzNg==&mid=2654552239&idx=1&sn=51440c7606c836fa1630fe46c5453bbb) + - [ ] [盗版影视APP的社会危害,只是“盗版”吗?](https://mp.weixin.qq.com/s?__biz=MjM5NTY4NzcyNg==&mid=2650249786&idx=1&sn=e4aef09e652f443508cfccf851714130) + - [ ] [学术前沿《工业信息安全》(第23期)主要内容速览](https://mp.weixin.qq.com/s?__biz=MzUyMzA1MTM2NA==&mid=2247499039&idx=1&sn=77cb9434d2ba8c5fc83182ffc43400fd) + - [ ] [ShellcodeLoader免杀加载器](https://mp.weixin.qq.com/s?__biz=Mzk0Mjg4MTQxMw==&mid=2247485418&idx=1&sn=bdc4d8fe72641276491413edaa1c2a87) + - [ ] [【观演指南】| 明晚 | 摇滚黑客2025演唱会北京现场见!](https://mp.weixin.qq.com/s?__biz=MzUyMDQ4OTkyMg==&mid=2247546519&idx=1&sn=0b14341dacc638097b304b34c2fce4b7) + - [ ] [听摇滚黑客2025演唱会 享滴滴打车五折优惠](https://mp.weixin.qq.com/s?__biz=MzUyMDQ4OTkyMg==&mid=2247546519&idx=2&sn=9c53a50b2d2fd5f2dd014e5726399bac) + - [ ] [推动数据要素发挥乘数效应](https://mp.weixin.qq.com/s?__biz=MjM5MzMwMDU5NQ==&mid=2649170105&idx=3&sn=f82cb6976156695f8fde5f17613d583a) + - [ ] [权威认可|悬镜再次入选2024年度毕马威中国金融科技企业双50强](https://mp.weixin.qq.com/s?__biz=MzA3NzE2ODk1Mg==&mid=2647795461&idx=1&sn=ea056881a28c848a31e57e1b2b75317c) + - [ ] [苹果mac用户警惕:Banshee Stealer新变种来袭](https://mp.weixin.qq.com/s?__biz=Mzk0MDYwMjE3OQ==&mid=2247486041&idx=1&sn=33813042ecc95b0f290c4fd3aff241f9) + - [ ] [【业界动态】我国牵头提出的国际标准《信息技术 信息安全事件管理 第4部分:协同》正式发布](https://mp.weixin.qq.com/s?__biz=MzA3NzgzNDM0OQ==&mid=2664992672&idx=2&sn=2fc4cff7ac2dfaec2b37f0ae52f72383) + - [ ] [【业界动态】工业和信息化部启动万兆光网试点工作 有序引导万兆光网从技术试点走向部署应用](https://mp.weixin.qq.com/s?__biz=MzA3NzgzNDM0OQ==&mid=2664992672&idx=3&sn=19a4fcbfa5be472c033f7007e87acaba) + - [ ] [掌握网络安全应急响应领域核心技能,你可能需要这两个证书](https://mp.weixin.qq.com/s?__biz=MzU4MjUxNjQ1Ng==&mid=2247521060&idx=1&sn=0248e268143e4e1f742932c65e85a9aa) + - [ ] [购课回馈|现在报名软考高项赠送3999元技术会员1年](https://mp.weixin.qq.com/s?__biz=MzU4MjUxNjQ1Ng==&mid=2247521060&idx=2&sn=262bc464e02d76e1223837f47e161d2b) + - [ ] [IDA技巧(98)analysis-options](https://mp.weixin.qq.com/s?__biz=MzI1Mjk2MTM1OQ==&mid=2247485211&idx=1&sn=0cbdd4418d779736e55176cb101121a4) + - [ ] [【流量分析】WireShark解析非标端口下SSH协议](https://mp.weixin.qq.com/s?__biz=MzU1Mjk3MDY1OA==&mid=2247519273&idx=1&sn=7a7e3bfdfb38fdfe33a5904a20cfa760) + - [ ] [从任意文件下载到getshell](https://mp.weixin.qq.com/s?__biz=MzkzMjIxNjExNg==&mid=2247486168&idx=1&sn=91eaac8e536f7aa3fae5d4ac01da95e9) + - [ ] [【商密测评】快速定位SSH数据包的密码套件](https://mp.weixin.qq.com/s?__biz=MzU1Mjk3MDY1OA==&mid=2247519271&idx=1&sn=fcd3a7d9d7a3d99f0743b3dd69f1817b) + - [ ] [【已复现】大华智能物联综合管理平台 GetClassValue 远程代码执行漏洞](https://mp.weixin.qq.com/s?__biz=MzIwMDk1MjMyMg==&mid=2247492684&idx=1&sn=3b0a607c660f6ba2dfc3db280cbf8e40) + - [ ] [俄罗斯互联网服务提供商证实乌克兰黑客“破坏”了其网络](https://mp.weixin.qq.com/s?__biz=MzI5NTA0MTY2Mw==&mid=2247485741&idx=1&sn=79a4fdb76ec8a43d1966f3ebd78d9d4f) + - [ ] [[0110] 一周重点威胁情报|天际友盟情报站](https://mp.weixin.qq.com/s?__biz=MzIwNjQ4OTU3NA==&mid=2247509999&idx=1&sn=ca5344ff0b02d3f92c43c0ad6be20284) + - [ ] [国家网信办发布2024年生成式人工智能服务已备案信息的公告](https://mp.weixin.qq.com/s?__biz=MzkwMTQyODI4Ng==&mid=2247495536&idx=1&sn=d9f85550a15c225b4186134eba2ac87c) + - [ ] [工信部:2024年我国网络和数据安全取得新突破](https://mp.weixin.qq.com/s?__biz=MzA5MzU5MzQzMA==&mid=2652113878&idx=1&sn=cbbd81e4fcb158219d4e3e8f3f2fa05d) + - [ ] [从一次溯源国际APT组织浅谈蜜罐运营](https://mp.weixin.qq.com/s?__biz=MzkwMTQyODI4Ng==&mid=2247495536&idx=3&sn=57593e331dce228f533ac3fe3787190c) + - [ ] [【工具推荐】Hawkeye 一款Windows综合应急响应工具](https://mp.weixin.qq.com/s?__biz=MzI1NTE2NzQ3NQ==&mid=2247487241&idx=1&sn=839e749479e300a8d7b930a213a06216) + - [ ] [【急聘】京东集团信息安全部招人啦~~](https://mp.weixin.qq.com/s?__biz=MzU4ODUzMTU4Mg==&mid=2247486659&idx=1&sn=64bfb54bfcc8b2685406aa46acae83b1) + - [ ] [国家网络安全通报中心:重点防范境外恶意网址和恶意IP](https://mp.weixin.qq.com/s?__biz=MzI0MDY1MDU4MQ==&mid=2247580725&idx=2&sn=63fd746c589e9cd1b6647a823ca163d3) + - [ ] [BoardLight](https://mp.weixin.qq.com/s?__biz=Mzk1NzY0NzMyMw==&mid=2247485204&idx=1&sn=8d8e4038082ae1cbd3fa5607cab82a83) + - [ ] [感恩同行|知其安获 OSRC 2024年度优秀合作伙伴](https://mp.weixin.qq.com/s?__biz=MzkzNTI5NTgyMw==&mid=2247510626&idx=1&sn=5f86ee189ac6754c4a7418ea77b04529) + - [ ] [云天安全入选中国信通院《数字安全护航技术能力全景图》28项领域,持续引领数字安全创新](https://mp.weixin.qq.com/s?__biz=MzI2NDYzNjY0Mg==&mid=2247501066&idx=1&sn=fe3fd86c1b199574b5893611ae04d58f) + - [ ] [【图一乐】在 pdf 文档中玩俄罗斯方块游戏](https://mp.weixin.qq.com/s?__biz=MzkzNDIzNDUxOQ==&mid=2247494124&idx=1&sn=ac20fe3efd1ce74b9f3927211c877cec) + - [ ] [TOPSRC 2024年第四季度奖励公告](https://mp.weixin.qq.com/s?__biz=Mzk0MTM1MTg3Nw==&mid=2247483903&idx=1&sn=a6b8b89ea06c0d846a8b9c2e3db8d5b5) + - [ ] [2025年,网络安全意识宣贯该怎么做?](https://mp.weixin.qq.com/s?__biz=MzU4NDExNDQwNA==&mid=2247489876&idx=1&sn=b620b4c55efe620eca9ebafa67d5c1b7) + - [ ] [技战法:剖析涉网站点后台加盐绕过技术](https://mp.weixin.qq.com/s?__biz=Mzk0Mzc2MDQyMg==&mid=2247486418&idx=1&sn=822fe24dc33064052db10431aeaac661) + - [ ] [u200b致人民警察的一封信](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650558871&idx=1&sn=2049a81dea035595445267831bbf8eba) + - [ ] [深挖缅甸妙瓦底 KK 园区:电信诈骗的阴暗角落与跨国打击的艰难之路](https://mp.weixin.qq.com/s?__biz=MzkwNzM0NzA5MA==&mid=2247503709&idx=1&sn=29a4a7741686d4bd4033ffbee78f1ce7) + - [ ] [2025年日本国防战略调整分析](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650558871&idx=3&sn=5dc7c0bf081673ac6520dbd2dd7aec61) + - [ ] [基于Tauri+Rust构建的新型免杀马生成器](https://mp.weixin.qq.com/s?__biz=MzU2NzY5MjAwNQ==&mid=2247486726&idx=1&sn=a770a2c26a407edd6ce426c70235b35c) + - [ ] [科普时间 | 蜜罐:给黑客精心准备的“甜蜜”陷阱](https://mp.weixin.qq.com/s?__biz=MzIyNzc3OTMzNw==&mid=2247485712&idx=1&sn=9a641e71d4d416bd3bd0a5b0e55affdf) + - [ ] [拜登政府新网络安全行政令寻求为新一届政府提供政策蓝图](https://mp.weixin.qq.com/s?__biz=MzI4ODQzMzk3MA==&mid=2247489550&idx=1&sn=26d503014824376c8155e36ecaa4c09f) + - [ ] [中国人民警察节 | 致敬我们的安全守护者!](https://mp.weixin.qq.com/s?__biz=MzkxMzQwNDcxNg==&mid=2247486835&idx=1&sn=bec31322bfb58a4913410c8d9ab33c2b) + - [ ] [发现Web API漏洞居然能赚到400w刀](https://mp.weixin.qq.com/s?__biz=Mzg2ODYxMzY3OQ==&mid=2247518149&idx=1&sn=6498c967abc2646198bd742a3d2232e6) + - [ ] [【漏洞预警】Apache OpenMeetings未授权 反序列化漏洞](https://mp.weixin.qq.com/s?__biz=MzI3NzMzNzE5Ng==&mid=2247489437&idx=1&sn=86a7c25e1f15115c4f1bfe3bf9529dae) + - [ ] [2024年度游戏安全报告发布:200+亿次风险检测背后的攻防全景](https://mp.weixin.qq.com/s?__biz=MzAwNTg2NjYxOA==&mid=2650742854&idx=1&sn=9a962b361752a5d23f40f791245fc33c) + - [ ] [智能汽车的强大功能](https://mp.weixin.qq.com/s?__biz=MzUzMjQyMDE3Ng==&mid=2247487868&idx=1&sn=38f654feb41f7697779f05deda25a854) + - [ ] [新活动平台建设历程与架构演进](https://mp.weixin.qq.com/s?__biz=Mzg3Njc0NTgwMg==&mid=2247502230&idx=1&sn=76feb6f4717cedf7c7fc1aaaf16d619d) + - [ ] [亚太地区APT网络攻击趋势分析与解读](https://mp.weixin.qq.com/s?__biz=Mzg3OTYxODQxNg==&mid=2247485594&idx=1&sn=e741dd51bb23c3d86fb494a60623a03e) + - [ ] [「专精型」优能企业 | 珞安科技荣登《嘶吼2024中国网络安全产业势能榜》](https://mp.weixin.qq.com/s?__biz=MzU2NjI5NzY1OA==&mid=2247512093&idx=1&sn=38d32dbb721779788a5aa550aa438acc) + - [ ] [BTC跨链监控&Chainlink PoR数据源|打造BTCFi安全新标准](https://mp.weixin.qq.com/s?__biz=MzkyMzI2NzIyMw==&mid=2247488553&idx=1&sn=a29ed9e4773fab41333e0f1f342441b4) + - [ ] [记一次利用堡垒机内部邮件钓鱼突破外网](https://mp.weixin.qq.com/s?__biz=MzUyODkwNDIyMg==&mid=2247546579&idx=1&sn=7b98384283af5b40e65bffd578e10edd) + - [ ] [2025掌控安全封神台第七届CTF获奖队伍公示](https://mp.weixin.qq.com/s?__biz=MzUyODkwNDIyMg==&mid=2247546579&idx=2&sn=74ed267221ac90fe1cefffdad9969d1b) + - [ ] [HirGen:针对深度学习编译器的模糊测试技术](https://mp.weixin.qq.com/s?__biz=MzU1NTEzODc3MQ==&mid=2247486850&idx=1&sn=dced461f84a7bc0c0fce0bc7d690ea72) + - [ ] [国金证券与持安科技共研课题,荣获证券期货业网络安全创新实验室“优秀课题三等奖”](https://mp.weixin.qq.com/s?__biz=Mzg2NTYxNjMzMg==&mid=2247495747&idx=1&sn=f5822d19ef79d87997ef2c87b1df1c88) + - [ ] [信息安全等级保护测评的价值](https://mp.weixin.qq.com/s?__biz=MzU5MTIxNzg0Ng==&mid=2247488126&idx=1&sn=be5e2217a7458c0b445edba62ec64bd3) + - [ ] [当歌 - RSS 订阅分发平台开发](https://mp.weixin.qq.com/s?__biz=Mzg3MTE0NTg4OQ==&mid=2247484105&idx=1&sn=3793c462d03f9093ac8349454d179d59) + - [ ] [安利一款逆向辅助神器WPeChatGPT](https://mp.weixin.qq.com/s?__biz=Mzk0ODY1NzEwMA==&mid=2247485720&idx=1&sn=987788354775c7ae7c1bc7f48235e5f9) + - [ ] [漏洞赏金方法 2025 版](https://mp.weixin.qq.com/s?__biz=MzkwOTE5MDY5NA==&mid=2247504442&idx=1&sn=b38e2fd23874bcc57a2cad01406af7aa) + - [ ] [【插件推荐】Heimdallr-被动嗅探浏览器流量](https://mp.weixin.qq.com/s?__biz=MzkxNjY1MjY3OQ==&mid=2247488163&idx=1&sn=51556518b5b93659b3f07fa1f165dd43) + - [ ] [【黑产大数据】恶意贷款中介揭秘](https://mp.weixin.qq.com/s?__biz=MzI3NDY3NDUxNg==&mid=2247498437&idx=1&sn=5c259f2e9ba6de730bc41e763ee2d2dd) + - [ ] [【漏洞通告】Ivanti 多款产品缓冲区溢出漏洞安全风险通告](https://mp.weixin.qq.com/s?__biz=MzU4NjY4MDAyNQ==&mid=2247496924&idx=1&sn=cde3f8dcc5062f5bae2fbcc43db8c4d1) + - [ ] [【漏洞通告】SonicOS SSLVPN 认证绕过漏洞安全风险通告](https://mp.weixin.qq.com/s?__biz=MzU4NjY4MDAyNQ==&mid=2247496924&idx=2&sn=b5e7145e48fd905325fcdf22665c67cd) + - [ ] [工具 | 一款替代Frp完美消除网络特征的内网穿透神器](https://mp.weixin.qq.com/s?__biz=MzkxNDAyNTY2NA==&mid=2247519413&idx=1&sn=acd47706d52a5ccae891e48e5d3d7cff) + - [ ] [实战 | 攻防演练某x医院内网拿下集权](https://mp.weixin.qq.com/s?__biz=MzkxNDAyNTY2NA==&mid=2247519413&idx=2&sn=2363399bbb13f91288886c2db1c060b9) + - [ ] [Ignition工控系统反序列化漏洞(CVE-2020-10644)](https://mp.weixin.qq.com/s?__biz=Mzg2NzkxOTQ0OA==&mid=2247484500&idx=1&sn=bc5612c622b398355de7cfab77b9ff4e) + - [ ] [2024补天平台【专属SRC】年度榜单发布!](https://mp.weixin.qq.com/s?__biz=MzI2NzY5MDI3NQ==&mid=2247507272&idx=1&sn=4dda0db202724e951d5e867b98fbb1be) + - [ ] [黑吉蛇机械键盘驱动](https://mp.weixin.qq.com/s?__biz=Mzk0MTI4NTIzNQ==&mid=2247492158&idx=1&sn=cd2af2f382815ebd64d1646b16fee7c9) + - [ ] [ISRC-2025新年活动来咯~~](https://mp.weixin.qq.com/s?__biz=MzI4NTYwMzc5OQ==&mid=2247500722&idx=1&sn=6f3485b3faf3babb15fbaeb302371ad9) + - [ ] [265种windows渗透工具合集--灵兔宝盒](https://mp.weixin.qq.com/s?__biz=MzA5MzYzMzkzNg==&mid=2650962339&idx=1&sn=e05bc1fa240d96de64e878ee294e2550) + - [ ] [华为手机地震报警怎么设置](https://mp.weixin.qq.com/s?__biz=MzA5MzYzMzkzNg==&mid=2650962339&idx=2&sn=ccd29e6433da05cac227a2252dfe072b) + - [ ] [2024年华为手机哪一款性价比高?华为手机推荐与市场分析(12月更新)](https://mp.weixin.qq.com/s?__biz=MzA5MzYzMzkzNg==&mid=2650962339&idx=3&sn=e27a33cc1f78deb0520803d748308723) + - [ ] [【艺术鉴赏】抖音直播更新,睡眠更新左颜玉很下饭8个视频](https://mp.weixin.qq.com/s?__biz=MzA5MzYzMzkzNg==&mid=2650962339&idx=4&sn=48ad9b276b80077931b9c155810e2ccf) + - [ ] [安全分析师 2025 年应该知道的 OSINT 工具](https://mp.weixin.qq.com/s?__biz=MzkxMDIwMTMxMw==&mid=2247494403&idx=1&sn=219174cdbe6daef3141b46dbc0ccf839) - SecWiki News - - [ ] [SecWiki News 2025-01-09 Review](http://www.sec-wiki.com/?2025-01-09) + - [ ] [SecWiki News 2025-01-10 Review](http://www.sec-wiki.com/?2025-01-10) +- 安全脉搏 + - [ ] [后门函数技术在二进制对抗中的应用](https://www.secpulse.com/archives/205266.html) + - [ ] [靶场战神为何会陨落?](https://www.secpulse.com/archives/205395.html) +- 安全客-有思想的安全新媒体 + - [ ] [入选“磐安”教育应用优秀案例!360打造人才培育标杆](https://www.anquanke.com/post/id/303426) + - [ ] [初始访问代理(IAB)如何出售用户证书](https://www.anquanke.com/post/id/303423) + - [ ] [注册过期域名,4000 多个后门被劫持](https://www.anquanke.com/post/id/303420) + - [ ] [俄罗斯 ISP 证实乌克兰黑客“摧毁”了其网络](https://www.anquanke.com/post/id/303417) + - [ ] [联合国航空机构确认招聘数据库存在安全漏洞](https://www.anquanke.com/post/id/303414) + - [ ] [医疗计费公司 Medusind 披露漏洞影响 36 万人](https://www.anquanke.com/post/id/303411) + - [ ] [黑客利用 KerioControl 防火墙漏洞窃取管理员 CSRF 标记](https://www.anquanke.com/post/id/303408) + - [ ] [SonicWall 敦促管理员立即修补可被利用的 SSLVPN 漏洞](https://www.anquanke.com/post/id/303404) + - [ ] [未修补的关键缺陷影响 Fancy Product Designer WordPress 插件](https://www.anquanke.com/post/id/303401) + - [ ] [2025 年的网络安全: 全球冲突、成熟的人工智能和群众的智慧](https://www.anquanke.com/post/id/303398) - Security Boulevard - - [ ] [Chinese-linked Hackers May Be Exploiting Latest Ivanti Vulnerability](https://securityboulevard.com/2025/01/chinese-linked-hackers-may-be-exploiting-latest-ivanti-vulnerability/) - - [ ] [DEF CON 32 – Reflections on a Decade in Bug Bounties](https://securityboulevard.com/2025/01/def-con-32-reflections-on-a-decade-in-bug-bounties/) - - [ ] [Randall Munroe’s XKCD ‘Features of Adulthood’](https://securityboulevard.com/2025/01/randall-munroes-xkcd-features-of-adulthood/) - - [ ] [Open Interfaces Needed to Cut Security Operations Costs & Boost Efficiency](https://securityboulevard.com/2025/01/open-interfaces-needed-to-cut-security-operations-costs-boost-efficiency/) - - [ ] [8 Cyber Predictions for 2025: A CSO’s Perspective](https://securityboulevard.com/2025/01/8-cyber-predictions-for-2025-a-csos-perspective/) - - [ ] [Vulnerability Research Highlights 2024](https://securityboulevard.com/2025/01/vulnerability-research-highlights-2024/) - - [ ] [DEF CON 32 – Reverse Engineering And Hacking Ecovacs Robots](https://securityboulevard.com/2025/01/def-con-32-reverse-engineering-and-hacking-ecovacs-robots/) - - [ ] [The Hidden Costs of Poor Access Management: Why Small Businesses Can’t Afford to Ignore It](https://securityboulevard.com/2025/01/the-hidden-costs-of-poor-access-management-why-small-businesses-cant-afford-to-ignore-it/) - - [ ] [SafeBreach 2024 Year in Review: Reflections from Co-Founder & CEO Guy Bejerano](https://securityboulevard.com/2025/01/safebreach-2024-year-in-review-reflections-from-co-founder-ceo-guy-bejerano/) - - [ ] [Security Implications of Configuration Drift](https://securityboulevard.com/2025/01/security-implications-of-configuration-drift/) -- obaby@mars - - [ ] [铁处女](https://h4ck.org.cn/2025/01/18985) + - [ ] [2025 SaaS Security Word of the Year: Adaptability | Grip](https://securityboulevard.com/2025/01/2025-saas-security-word-of-the-year-adaptability-grip/) + - [ ] [Strategic Approaches to Enhance Data Security](https://securityboulevard.com/2025/01/strategic-approaches-to-enhance-data-security/) + - [ ] [The Cost of Complacency in Credential Hygiene](https://securityboulevard.com/2025/01/the-cost-of-complacency-in-credential-hygiene/) + - [ ] [DEF CON 32 – Practical Exploitation of DoS in Bug Bounty](https://securityboulevard.com/2025/01/def-con-32-practical-exploitation-of-dos-in-bug-bounty/) + - [ ] [Below the Surface Winter 2024 Edition – The Year in Review](https://securityboulevard.com/2025/01/below-the-surface-winter-2024-edition-the-year-in-review/) + - [ ] [New Paper: “Future of SOC: Transform the ‘How’” (Paper 5)](https://securityboulevard.com/2025/01/new-paper-future-of-soc-transform-the-how-paper-5/) + - [ ] [Comic Agilé – Mikkel Noe-Nygaard, Luxshan Ratnaravi – #320 – Aligning Teams](https://securityboulevard.com/2025/01/comic-agile-mikkel-noe-nygaard-luxshan-ratnaravi-320-aligning-teams/) + - [ ] [Hackers Attack PowerSchool, Expose K-12 Teacher and Student Data](https://securityboulevard.com/2025/01/hackers-attack-powerschool-expose-k-12-teacher-and-student-data/) + - [ ] [Unlock collaboration and efficiency in software management with SBOMs](https://securityboulevard.com/2025/01/unlock-collaboration-and-efficiency-in-software-management-with-sboms/) + - [ ] [DEF CON 32 – Programming A CTS-V Gauge Cluster Into An ATS-V: Out Of Pure Spite](https://securityboulevard.com/2025/01/def-con-32-programming-a-cts-v-gauge-cluster-into-an-ats-v-out-of-pure-spite/) +- Private Feed for M09Ic + - [ ] [mgeeky starred Azr43lKn1ght/Rusty-PE-Packer](https://github.com/Azr43lKn1ght/Rusty-PE-Packer) + - [ ] [safedv starred TestingPens/CPLDropper](https://github.com/TestingPens/CPLDropper) + - [ ] [h3zh1 pushed to v0.0.4dev in chainreactors/malice-network](https://github.com/chainreactors/malice-network/compare/33010b5436...7b59033129) + - [ ] [wh0amitz starred sma11new/Pyke-Shiro](https://github.com/sma11new/Pyke-Shiro) + - [ ] [glzjin starred Inokinoki/ai-no-jimaku-gumi](https://github.com/Inokinoki/ai-no-jimaku-gumi) + - [ ] [cmjlove1 started following M09Ic](https://github.com/M09Ic) + - [ ] [HuYlllc pushed to v0.0.4dev in chainreactors/malice-network](https://github.com/chainreactors/malice-network/compare/7b59033129...419072b6e1) + - [ ] [zema1 starred BurntSushi/byteorder](https://github.com/BurntSushi/byteorder) + - [ ] [safedv starred Azr43lKn1ght/Rusty-PE-Packer](https://github.com/Azr43lKn1ght/Rusty-PE-Packer) + - [ ] [safedv started following zyn3rgy](https://github.com/zyn3rgy) + - [ ] [gh0stkey released HaE 4.0.3 at gh0stkey/HaE](https://github.com/gh0stkey/HaE/releases/tag/4.0.3) + - [ ] [mgeeky starred ColeHouston/Sunder](https://github.com/ColeHouston/Sunder) + - [ ] [ZeddYu starred liriliri/aya](https://github.com/liriliri/aya) + - [ ] [ZeddYu starred sourcebot-dev/sourcebot](https://github.com/sourcebot-dev/sourcebot) + - [ ] [Ridter starred kekingcn/kkFileView](https://github.com/kekingcn/kkFileView) + - [ ] [niudaii starred berdav/CVE-2021-4034](https://github.com/berdav/CVE-2021-4034) + - [ ] [Ascotbe starred WPeace-HcH/WPeChatGPT](https://github.com/WPeace-HcH/WPeChatGPT) + - [ ] [TideSec released v2.6.9 升级Zoomeye接口 at TideSec/TscanPlus](https://github.com/TideSec/TscanPlus/releases/tag/v2.6.9) + - [ ] [Ridter starred orbstack/orbstack](https://github.com/orbstack/orbstack) + - [ ] [CHYbeta starred DIYgod/RSSHub-Radar](https://github.com/DIYgod/RSSHub-Radar) + - [ ] [evilashz starred 0xthirteen/AssemblyHunter](https://github.com/0xthirteen/AssemblyHunter) + - [ ] [evilashz starred CICADA8-Research/Spyndicapped](https://github.com/CICADA8-Research/Spyndicapped) + - [ ] [xxDark forked xxDark/jna from java-native-access/jna](https://github.com/xxDark/jna) + - [ ] [shmilylty starred 4ra1n/poc-runner](https://github.com/4ra1n/poc-runner) + - [ ] [zema1 starred H4ckF0rFun/elf_to_shellcode](https://github.com/H4ckF0rFun/elf_to_shellcode) + - [ ] [zema1 starred JustRustThings/windows-rs](https://github.com/JustRustThings/windows-rs) + - [ ] [zema1 started following roblabla](https://github.com/roblabla) + - [ ] [CHYbeta starred juanfont/headscale](https://github.com/juanfont/headscale) + - [ ] [FunnyWolf starred criblio/python-api-wrapper](https://github.com/criblio/python-api-wrapper) +- ElcomSoft blog + - [ ] [iPhone and iPad Acquisition Methods: Yet Another Comparison](https://blog.elcomsoft.com/2025/01/iphone-and-ipad-acquisition-methods-yet-another-comparison/) +- ongoing by Tim Bray + - [ ] [AI Noise Reduction](https://www.tbray.org/ongoing/When/202x/2025/01/10/Photo-Noise-Reduction) +- 奇安信攻防社区 + - [ ] [从任意文件下载到getshell](https://forum.butian.net/share/4031) + - [ ] [记一次渗透测试过程中碰到的Symfony框架的利用](https://forum.butian.net/share/4028) +- Trustwave Blog + - [ ] [Why Vulnerability Scanning Alone Isn’t Enough: The Case for Penetration Testing](https://www.trustwave.com/en-us/resources/blogs/trustwave-blog/why-vulnerability-scanning-alone-isnt-enough-the-case-for-penetration-testing/) - 一个被知识诅咒的人 - - [ ] [【人工智能】自然语言生成的前沿探索:利用GPT-2和BERT实现自动文本生成与完形填空](https://blog.csdn.net/nokiaguy/article/details/145030703) - - [ ] [【人工智能】Python在强化学习中的应用:利用Gym库构建与训练智能代理](https://blog.csdn.net/nokiaguy/article/details/145030668) -- Light Cube - - [ ] [深夜随笔](https://github.red/focus-is-all-you-need/) -- Chromium Blog - - [ ] [Announcing Supporters of Chromium-based Browsers](http://blog.chromium.org/2025/01/announcing-supporters-of-chromium-based.html) -- 安全客-有思想的安全新媒体 - - [ ] [树立金融标杆!360 BAS入选2024年度新一代信息技术实践案例](https://www.anquanke.com/post/id/303392) - - [ ] [PowerSchool 的学生和教师信息数据库表在网络攻击中被盗](https://www.anquanke.com/post/id/303389) - - [ ] [Ivanti Connect Secure 的零日漏洞被攻击者利用 (CVE-2025-0282)](https://www.anquanke.com/post/id/303385) - - [ ] [CVE-2024-54006 & CVE-2024-54007: HPE Aruba 设备中的命令注入漏洞,公开提供 PoC](https://www.anquanke.com/post/id/303382) - - [ ] [MacOS 漏洞 CVE-2024-54527 曝光: 发布 TCC 旁路 PoC 漏洞利用代码](https://www.anquanke.com/post/id/303379) - - [ ] [橄榄球队Green Bay Packers网上商店遭黑客攻击 信用卡被盗](https://www.anquanke.com/post/id/303375) - - [ ] [零日警报:UNC5337 利用 Ivanti VPN 漏洞 CVE-2025-0282 进行间谍活动](https://www.anquanke.com/post/id/303372) - - [ ] [敦促 Apache OpenMeetings 用户修补关键漏洞 - CVE-2024-54676 (CVSS 9.8)](https://www.anquanke.com/post/id/303368) - - [ ] [GitLab 在最新发布的补丁中解决了重大安全漏洞问题](https://www.anquanke.com/post/id/303365) - - [ ] [Netis 路由器中的三个关键漏洞导致未经验证的 RCE](https://www.anquanke.com/post/id/303362) -- 安全脉搏 - - [ ] [LLVM IR 深入研究分析](https://www.secpulse.com/archives/205330.html) - - [ ] [MFC框架软件逆向研究](https://www.secpulse.com/archives/205348.html) - - [ ] [软件系统安全逆向分析-混淆对抗](https://www.secpulse.com/archives/205826.html) -- Sucuri Blog - - [ ] [Stealthy Credit Card Skimmer Targets WordPress Checkout Pages via Database Injection](https://blog.sucuri.net/2025/01/stealthy-credit-card-skimmer-targets-wordpress-checkout-pages-via-database-injection.html) -- Horizon3.ai - - [ ] [Maximizing MSSP Revenue with NodeZero™: A Four-Pillar Strategy for Comprehensive Security Services](https://go.horizon3.ai/MSSP-Business-Plan-Whitepaper#new_tab) -- SpiderLabs Blog - - [ ] [The State of Magecart: A Persistent Threat to E-Commerce Security](https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/the-state-of-magecart-a-persistent-threat-to-e-commerce-security/) + - [ ] [【Python】深入Python元类:动态生成类与对象的艺术](https://blog.csdn.net/nokiaguy/article/details/145055724) + - [ ] [【Python】深入探索 Python 装饰器链:创建组合装饰器的技巧与应用](https://blog.csdn.net/nokiaguy/article/details/145055719) - Bug Bounty in InfoSec Write-ups on Medium - - [ ] [P4 Bugs and POC | Part-9](https://infosecwriteups.com/p4-bugs-and-poc-part-9-16b5a8ffb52d?source=rss----7b722bfd1b8d--bug_bounty) - - [ ] [Weird JavaScript files](https://infosecwriteups.com/weird-javascript-files-7e6e7296e914?source=rss----7b722bfd1b8d--bug_bounty) -- Sandfly Security Blog RSS Feed - - [ ] [Immutable File Attack Persistence on Linux](https://sandflysecurity.com/blog/immutable-file-attack-persistence-on-linux/) + - [ ] [Unlock the Ultimate Resource Hub for Security Researchers](https://infosecwriteups.com/unlock-the-ultimate-resource-hub-for-security-researchers-9fa52bbff1ff?source=rss----7b722bfd1b8d--bug_bounty) + - [ ] [Race Condition to Bypass Rate-Limiting: A new technique made by Nillsx](https://infosecwriteups.com/race-condition-to-bypass-rate-limiting-a-new-technique-made-by-nillsx-6a60f41dbae6?source=rss----7b722bfd1b8d--bug_bounty) + - [ ] [Blind OS Command Injection with Output Redirection](https://infosecwriteups.com/blind-os-command-injection-with-output-redirection-1d08c3793ff1?source=rss----7b722bfd1b8d--bug_bounty) + - [ ] [Finding Hidden Subdomains with OSINT Tools](https://infosecwriteups.com/finding-hidden-subdomains-with-osint-tools-ad7e411587ee?source=rss----7b722bfd1b8d--bug_bounty) - Twitter @bytehx - - [ ] [Re @w_n1rmala congrats and more to come 🎉🎉🎉](https://x.com/bytehx343/status/1877407941348962611) - - [ ] [Re @Icare1337 @yeswehack congrats!!!🎉🎉🎉](https://x.com/bytehx343/status/1877407739980222880) - - [ ] [RT YesWeHack ⠵: Master the art of recon with our new blog series 😎 In this opening article, we explore the essential first steps of #BugBounty rec...](https://x.com/bytehx343/status/1877408479607918670) - - [ ] [RT Orange Tsai 🍊: The detailed version of our #WorstFit attack is available now! 🔥 Check it out! 👉 https://blog.orange.tw/posts/2025-01-worst...](https://x.com/bytehx343/status/1877410630740639824) -- Malwarebytes - - [ ] [Google Chrome AI extensions deliver info-stealing malware in broad attack](https://www.malwarebytes.com/blog/news/2025/01/google-chrome-ai-extensions-deliver-info-stealing-malware-in-broad-attack) - - [ ] [Massive breach at location data seller: “Millions” of users affected](https://www.malwarebytes.com/blog/news/2025/01/massive-breach-at-location-data-seller-millions-of-users-affected) - - [ ] [GroupGreeting e-card site attacked in “zqxq” campaign](https://www.malwarebytes.com/blog/news/2025/01/groupgreeting-e-card-site-attacked-inzqxq-campaign) + - [ ] [RT Patrik Fehrenbach: Made a simple dashboard to help track/search CVEs and security vulnerabilities in near real-time. No fancy stuff - just a clean ...](https://x.com/bytehx343/status/1877932990619095171) + - [ ] [Re @YoyoDavelion Congrats 🎉🎉🎉](https://x.com/bytehx343/status/1877752584888357175) + - [ ] [RT Ali@s: Hey hunters, I'm sharing a little tool I created to gather all the #YWH program info you have and sort it by relevance in one place. Choose ...](https://x.com/bytehx343/status/1877742892816433173) +- SentinelOne + - [ ] [The Good, the Bad and the Ugly in Cybersecurity – Week 2](https://www.sentinelone.com/blog/the-good-the-bad-and-the-ugly-in-cybersecurity-week-2-6/) - Reverse Engineering - - [ ] [Semantic foundations of equality saturation](https://www.reddit.com/r/ReverseEngineering/comments/1hx19iz/semantic_foundations_of_equality_saturation/) + - [ ] [One Dog v. the Windows 3.1 Graphics Stack](https://www.reddit.com/r/ReverseEngineering/comments/1hyhhvq/one_dog_v_the_windows_31_graphics_stack/) + - [ ] [Parsing the c64 Bubble Bobble Wind Currents](https://www.reddit.com/r/ReverseEngineering/comments/1hy2u3c/parsing_the_c64_bubble_bobble_wind_currents/) - Intigriti - - [ ] [Supercharge your vulnerability triage: Our investment in your efficiency](https://www.intigriti.com/blog/business-insights/supercharge-your-vulnerability-triage-our-investment-in-your-efficiency) -- rtl-sdr.com - - [ ] [CCC Conference Talk: Investigating the Iridium Satellite Network](https://www.rtl-sdr.com/ccc-conference-talk-investigating-the-iridium-satellite-network/) - - [ ] [Saveitforparts: Hacking an Motorized RV Satellite Dish for Tracking LEO Satellites](https://www.rtl-sdr.com/saveitforparts-hacking-an-motorized-rv-satellite-dish-for-tracking-leo-satellites/) - - [ ] [Setting up a Dual RX System with an SDR and Ham Radio Rig via an SDRSwitch](https://www.rtl-sdr.com/setting-up-a-dual-rx-system-with-an-sdr-and-ham-radio-rig-via-an-sdrswitch/) -- FreeBuf网络安全行业门户 - - [ ] [二进制安全入门](https://www.freebuf.com/articles/system/419416.html) - - [ ] [FreeBuf早报 | 欧盟因违反自身数据保护法被罚;Ivanti VPN零日漏洞被积极利用](https://www.freebuf.com/news/419403.html) - - [ ] [Ivanti VPN 零日漏洞正在被黑客利用](https://www.freebuf.com/news/419390.html) - - [ ] [俄乌网络战大事件,乌克兰黑客黑掉了俄罗斯互联网](https://www.freebuf.com/news/419374.html) - - [ ] [戴尔系统更新包框架现严重漏洞,可提升攻击者权限](https://www.freebuf.com/news/419366.html) - - [ ] [2025年需要防范这五大恶意软件](https://www.freebuf.com/news/419358.html) - - [ ] [某银行的网络攻击防御案例:从威胁检测到快速响应](https://www.freebuf.com/news/419357.html) -- 黑海洋 - IT技术知识库 - - [ ] [ping工具](https://blog.upx8.com/4649) -- 安全分析与研究 - - [ ] [海莲花APT钓鱼样本分析-上](https://mp.weixin.qq.com/s?__biz=MzA4ODEyODA3MQ==&mid=2247489893&idx=1&sn=fe99651b70f1cc5e1b806753b70c1977&chksm=902fb64da7583f5b7bfd6c2de9ef6247bdaea437c502ccbadacf3aa3796c7c55bdff3dc0dfa9&scene=58&subscene=0#rd) -- 腾讯玄武实验室 - - [ ] [每日安全动态推送(25/1/9)](https://mp.weixin.qq.com/s?__biz=MzA5NDYyNDI0MA==&mid=2651959981&idx=1&sn=0753efc5736d66cb1a32064a6c654863&chksm=8baed232bcd95b24681d9f920ecf416daf5acb86dacfdef3491fabd434d94a65529f28480301&scene=58&subscene=0#rd) + - [ ] [Intigriti Bug Bytes #220 - January 2025 🚀](https://www.intigriti.com/researchers/blog/bug-bytes/bug-bytes-220-january-2025) +- PortSwigger Blog + - [ ] [Make Burp Suite your own: high-powered extensibility to customize and enhance your testing. 🛠️](https://portswigger.net/blog/make-burp-suite-your-own-high-powered-extensibility-to-customize-and-enhance-your-testing) +- Malwarebytes + - [ ] [BayMark Health Services sends breach notifications after ransomware attack](https://www.malwarebytes.com/blog/news/2025/01/baymark-health-services-sends-breach-notifications-after-ransomware-attack) +- 绿盟科技技术博客 + - [ ] [【漏洞通告】Ivanti多款产品缓冲区溢出漏洞(CVE-2025-0282)](https://blog.nsfocus.net/cve-2025-0282/) - 奇客Solidot–传递最新科技情报 - - [ ] [VLC 预览本地 AI 字幕翻译功能](https://www.solidot.org/story?sid=80288) - - [ ] [WHO 称中国的人偏肺病毒感染在正常水平](https://www.solidot.org/story?sid=80287) - - [ ] [Google 为停止支持的 Pixel 4a 释出新更新,代价是电池寿命缩短](https://www.solidot.org/story?sid=80286) - - [ ] [树莓派推出售价 120 美元 16GB 内存版本的 Raspberry Pi 5](https://www.solidot.org/story?sid=80285) - - [ ] [眨眼可能有助于认知休息](https://www.solidot.org/story?sid=80284) - - [ ] [Firefox 134.0 释出](https://www.solidot.org/story?sid=80283) - - [ ] [日本警告中国黑客攻击](https://www.solidot.org/story?sid=80282) - - [ ] [Telegram 向美国提供了数千用户数据](https://www.solidot.org/story?sid=80281) - - [ ] [雄性早期的运气会增加成年后的竞争优势](https://www.solidot.org/story?sid=80280) - - [ ] [禁令即将生效 TikTok 鼓励美国用户使用 Lemon8](https://www.solidot.org/story?sid=80279) - - [ ] [三星准备推出智能手机订阅服务](https://www.solidot.org/story?sid=80278) -- 安全牛 - - [ ] [数据安全案例研究 | 电信运营商数据安全运营平台](https://www.aqniu.com/homenews/107931.html) - - [ ] [美国Cybertruck爆炸嫌疑人利用ChatGPT策划袭击,引发AI安全担忧;逾4000个后门通过过期域名被劫持 | 牛览](https://www.aqniu.com/industry/107930.html) - - [ ] [黄仁勋眼中的万亿美元机会,AI Agent也是网络安全的下一个关注点](https://www.aqniu.com/homenews/107924.html) - - [ ] [Telegram交出数千个用户数据,隐私政策转变引发关注;美国启动网络信任标识计划,提升设备安全性 | 牛览](https://www.aqniu.com/homenews/107925.html) -- 威努特安全网络 - - [ ] [威努特零信任终端沙箱:守护政务外网终端数据安全](https://mp.weixin.qq.com/s?__biz=MzAwNTgyODU3NQ==&mid=2651130241&idx=1&sn=304bc3d728979e54ae6128200966a39e&chksm=80e71331b7909a27b5edb13439dea1f53f6aa6afa93546cc1b94a1c15e863ac1212b9304bac2&scene=58&subscene=0#rd) -- 虎符智库 - - [ ] [2024年安全运营五大关键词](https://mp.weixin.qq.com/s?__biz=MzIwNjYwMTMyNQ==&mid=2247492904&idx=1&sn=0372d8db7a34893e40a55a25a4ea950f&chksm=971d882aa06a013ce867d929cde0adef7b005eb50585f7668e5d92a760574d6a04b33a318a66&scene=58&subscene=0#rd) + - [ ] [独立分析认为巴勒斯坦卫生部严重低估了加沙死亡人数](https://www.solidot.org/story?sid=80300) + - [ ] [四分之一淡水动物面临灭绝](https://www.solidot.org/story?sid=80299) + - [ ] [美国司法部准备出售扣押的丝绸之路比特币](https://www.solidot.org/story?sid=80298) + - [ ] [法官拒绝了试图从垃圾堆里挖出 8000 比特币的诉讼](https://www.solidot.org/story?sid=80297) + - [ ] [三星量产笔记本用的卷轴 OLED 显示屏](https://www.solidot.org/story?sid=80296) + - [ ] [2024 年是平均气温比工业化前水平高出1.5 摄氏度的第一年](https://www.solidot.org/story?sid=80295) + - [ ] [氟化物暴露与 IQ 分数低相关](https://www.solidot.org/story?sid=80294) + - [ ] [中国在前沿 AI 研究上紧追美国](https://www.solidot.org/story?sid=80293) + - [ ] [中国风投让失败的创业者成为失信债务人](https://www.solidot.org/story?sid=80292) + - [ ] [ispace 准备再次发射登月舱](https://www.solidot.org/story?sid=80291) + - [ ] [乳腺癌是最常见的癌症肺癌是最致命的癌症](https://www.solidot.org/story?sid=80290) + - [ ] [拜登计划在离任前对 AI 芯片出口实施新限制](https://www.solidot.org/story?sid=80289) +- darkless + - [ ] [云原生安全学习小记](https://darkless.cn/2025/01/10/cloud-native-security/) +- 锦行科技 + - [ ] [为民立命 有你皆安](https://mp.weixin.qq.com/s?__biz=MzIxNTQxMjQyNg==&mid=2247493604&idx=1&sn=f55d84097f6ddb9e0003210e450ddce3&chksm=979a1c41a0ed95578df3916b75adf84b4e80f1c1293be8bff28598fcb76a955be2bcbf6c5b14&scene=58&subscene=0#rd) +- 安全客 + - [ ] [首次!欧盟委员会因违反数据隐私法规被追责,向个人支付赔偿金](https://mp.weixin.qq.com/s?__biz=MzA5ODA0NDE2MA==&mid=2649787718&idx=1&sn=595ef4ff6fd363b4a5ef609a5edbb03c&chksm=8893bd29bfe4343f1dc30aec83f8a2a219d20f2068a6c361ed62f6122690c1864311788597e5&scene=58&subscene=0#rd) +- 绿盟科技CERT + - [ ] [【漏洞通告】Ivanti多款产品缓冲区溢出漏洞(CVE-2025-0282)](https://mp.weixin.qq.com/s?__biz=Mzk0MjE3ODkxNg==&mid=2247488825&idx=1&sn=5e77e5178823b42679dcaa1914251bf3&chksm=c2c64232f5b1cb24e14a80899dc4fedc64d3489130f642d9a59175803b8acb8d6455c3e2f7d2&scene=58&subscene=0#rd) - 看雪学苑 - - [ ] [当全加密M1卡沦陷之后](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458588417&idx=1&sn=5be4f315dc3a7c74a7c9af4eb2745ba9&chksm=b18c258b86fbac9dc5825384788af7b4fd99f936b6c9c8d3ce76492a22a3b271d84da0f16585&scene=58&subscene=0#rd) - - [ ] [特斯拉Cybertruck爆炸案:嫌疑人利用ChatGPT策划攻击](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458588417&idx=2&sn=770493efa1597d71a217bd8e274a2d35&chksm=b18c258b86fbac9d036327a039aa56aabbed2937b13d266915161294bf9f60b9701cbf97d0f6&scene=58&subscene=0#rd) - - [ ] [公告 | 1月13日下午服务器迁机,网站将暂停访问1~2h](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458588417&idx=3&sn=8bba79752973cdee2d9ee5dd670196ae&chksm=b18c258b86fbac9de4571d4aab9bb22ae92c35619ad786e5b7b3484261a998e9311a78152ef0&scene=58&subscene=0#rd) -- 奇安信 CERT - - [ ] [ALPC 之殇 - 8月未知 Windows 在野提权 Nday 漏洞研究](https://mp.weixin.qq.com/s?__biz=MzU5NDgxODU1MQ==&mid=2247502729&idx=1&sn=7ef5d7ec018d1cb5555c10fcdd5b2159&chksm=fe79ef11c90e6607ce559b542b8bd98818ca25459580709a7207e3cb503592487b4af411dd45&scene=58&subscene=0#rd) -- 代码卫士 - - [ ] [SonicWall:立即修复已遭利用的SSLVPN漏洞!](https://mp.weixin.qq.com/s?__biz=MzI2NTg4OTc5Nw==&mid=2247522025&idx=1&sn=5fd3517667080fa3c953fe0d2afa966b&chksm=ea94a783dde32e9525f0fb0b763e86e9b9f4e7b2b0e8472055ffc4a880291d848b42241fefb1&scene=58&subscene=0#rd) - - [ ] [Ivanti提醒注意 Connect Secure 产品中的新0day](https://mp.weixin.qq.com/s?__biz=MzI2NTg4OTc5Nw==&mid=2247522025&idx=2&sn=f67e98879ae334210339981b77e939e9&chksm=ea94a783dde32e95cdc7f507b228d2e8c85822c8950419c515b096009972bdf7a059d31d6dfc&scene=58&subscene=0#rd) -- Black Hills Information Security - - [ ] [Indecent Exposure: Your Secrets are Showing](https://www.blackhillsinfosec.com/indecent-exposure-your-secrets-are-showing/) -- 中国信息安全 - - [ ] [孙凝晖院士:建设面向智能时代的国家数据基础设施](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664234253&idx=1&sn=87caab1626124babbcc3972b5299b501&chksm=8b59fff4bc2e76e2e5f5ec2e83adf53da213f15bbde8198c5b28c92732ce994d6735fc1af0c7&scene=58&subscene=0#rd) - - [ ] [专家解读 | 构建个人信息出境个人信息保护认证制度 保障个人信息跨境安全有序流动](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664234253&idx=2&sn=9116151d742e6d74f9a03ef669723ab8&chksm=8b59fff4bc2e76e2ba23b60c5b512778b55002e5907bd594d0a764658aa54743789369879102&scene=58&subscene=0#rd) - - [ ] [我们这一年 | 网络和数据安全取得新突破](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664234253&idx=3&sn=630ab58b17a5c220d6d892dc420ae11a&chksm=8b59fff4bc2e76e2ce5a445c0db57146040c2d61447a70e3d28dc5187441c7d2454c3d93368b&scene=58&subscene=0#rd) - - [ ] [专家观点 | 加快建设AI基础设施体系,夯实网络强国建设根基](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664234253&idx=4&sn=ea557c85d6c4a22e2b963b7bd3b1be13&chksm=8b59fff4bc2e76e29e4f255129101b9570ca768a0e3791abcefe5652e110a6ea95fb1aed4bc5&scene=58&subscene=0#rd) - - [ ] [发布 | 中国信通院发布《政府数字化转型发展研究报告(2024年)》(附下载)](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664234253&idx=5&sn=0d8e974888df21363dbb2f4bf3c5f28e&chksm=8b59fff4bc2e76e2e01fa7bcf0f01dd0036591183d5ceb22c1430e1e3843afd228327c5ab4b3&scene=58&subscene=0#rd) - - [ ] [评论 | “非必要不刷脸”须靠法治保障](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664234253&idx=6&sn=1f1d7eee536d52e5b4cb3d4f78898a5e&chksm=8b59fff4bc2e76e2cd75868fc934c30f2f751f52da8f55c74529f533bc385a0a54ad54c02675&scene=58&subscene=0#rd) - - [ ] [关注 | 寒假将至!点击查看网络安全知识→](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664234253&idx=7&sn=9b3eb3c16fe38a7377e399fc59cfe7f9&chksm=8b59fff4bc2e76e23390e47e9d9c64cd739da5b70cf275b58b25c1f8b566b68ab90b4dc221d7&scene=58&subscene=0#rd) -- 网络空间安全科学学报 - - [ ] [学术前沿 | 匿名数据集隐私保护效果度量机制](https://mp.weixin.qq.com/s?__biz=MzI0NjU2NDMwNQ==&mid=2247504585&idx=1&sn=af6cc5daab50d382b044a0b7bc41afb8&chksm=e9bfc677dec84f61b608c1b14d0dde6f1d0d3ef9657f7818747b41c3ddb9245a6ba3c909a673&scene=58&subscene=0#rd) + - [ ] [VMProtect本地授权锁的分析与破解](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458588572&idx=1&sn=f7ad4ebbe10787b233f29e316423ebc0&chksm=b18c251686fbac000c0d9e48e4e58a84a1b590532c52b8d159cc104abf0757844caf4d8eb544&scene=58&subscene=0#rd) + - [ ] [超4000个后门通过注册过期域名被劫持](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458588572&idx=2&sn=59a0f2be5e5bacf99eec4b02e9d3c5b6&chksm=b18c251686fbac006a376e63c212d61451edceb7ec989fea2e2c5c0b1c38d098c6729bf85e3e&scene=58&subscene=0#rd) + - [ ] [本周职位大更新!众多企业抛出橄榄枝,你的心动岗位来了吗?](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458588572&idx=3&sn=abdd6a29e3e32a98636c35e70688f0aa&chksm=b18c251686fbac006bd5419dfb500501416d0536da5467876cade8cc988f21cde5cef1bc230e&scene=58&subscene=0#rd) +- 威努特安全网络 + - [ ] [从全年重大网络安全事件,观2025年威胁走势和行业发展](https://mp.weixin.qq.com/s?__biz=MzAwNTgyODU3NQ==&mid=2651130288&idx=1&sn=3bc2382268d5fe7ce39f24acbdad0f6e&chksm=80e71300b7909a16105976d01df0935ffee83e178b812014b8e38c0ab6bc1398f7c8aaced5c9&scene=58&subscene=0#rd) - 安全内参 - - [ ] [重大事故!美国超千万中小学生个人数据疑似泄露](https://mp.weixin.qq.com/s?__biz=MzI4NDY2MDMwMw==&mid=2247513457&idx=1&sn=64bd09ff82309ee13e9dd0d96af01f6a&chksm=ebfaf251dc8d7b47acd805812e71780ff9cb41311380bbbd85bc09359fda72440e968683ee12&scene=58&subscene=0#rd) - - [ ] [工信部:2024年我国网络和数据安全取得新突破](https://mp.weixin.qq.com/s?__biz=MzI4NDY2MDMwMw==&mid=2247513457&idx=2&sn=5456eb966d10151eb5452f511066a858&chksm=ebfaf251dc8d7b47b921ceed4928d953b6c082ab28195f5929a880f39f0e9d7c771279419e52&scene=58&subscene=0#rd) + - [ ] [AI Agents越来越火,它可能存在一个严重安全隐患](https://mp.weixin.qq.com/s?__biz=MzI4NDY2MDMwMw==&mid=2247513463&idx=1&sn=b35ecbae92733cf9b66597ee744d842b&chksm=ebfaf257dc8d7b416ce794352466d8ad74c53bfe8a79bf635dfaf0d4187386f3da80fab3ef45&scene=58&subscene=0#rd) + - [ ] [首次!欧盟官方因违反数据保护法规向用户赔偿3000元](https://mp.weixin.qq.com/s?__biz=MzI4NDY2MDMwMw==&mid=2247513463&idx=2&sn=b2d4253ee32d9fc32803935873f93db4&chksm=ebfaf257dc8d7b418d97da9d0d19a8213331ca808d892243fd9e63ad78142b36470304149cde&scene=58&subscene=0#rd) +- 安全分析与研究 + - [ ] [海莲花APT钓鱼样本分析-下](https://mp.weixin.qq.com/s?__biz=MzA4ODEyODA3MQ==&mid=2247489899&idx=1&sn=e632c0c221f0dfd7da57d0f9e6395910&chksm=902fb643a7583f5581237165cb513c8ae2848334de49c6fe3a037dc46f7b707baa995d7b6703&scene=58&subscene=0#rd) +- 黑海洋 - IT技术知识库 + - [ ] [windows日志分析工具](https://blog.upx8.com/4650) +- 青衣十三楼飞花堂 + - [ ] [智能汽车的强大功能](https://mp.weixin.qq.com/s?__biz=MzUzMjQyMDE3Ng==&mid=2247487868&idx=1&sn=38f654feb41f7697779f05deda25a854&chksm=fab2d243cdc55b55c5f372aeb393d132f828265e4f572b79938e9332ace4bd70a4e34e18deee&scene=58&subscene=0#rd) +- 代码卫士 + - [ ] [DNA测序设备运行老旧BIOS,影响临床研究](https://mp.weixin.qq.com/s?__biz=MzI2NTg4OTc5Nw==&mid=2247522035&idx=1&sn=a607aca6553fbf1ed41e27c839e45bea&chksm=ea94a799dde32e8f87b51465ef7f6ed4449ddc0857c8c220dcc378283ba9fd8b9880b6e27544&scene=58&subscene=0#rd) + - [ ] [Palo Alto Networks 修复退市 Migration Tool中的高危漏洞](https://mp.weixin.qq.com/s?__biz=MzI2NTg4OTc5Nw==&mid=2247522035&idx=2&sn=71c00b294647fadae4e56ffc500f1300&chksm=ea94a799dde32e8fec367a20f0630181350a5ca556cc26cfaa9fcbefdac76ae3c3831523c87e&scene=58&subscene=0#rd) +- 奇安信病毒响应中心 + - [ ] [每周勒索威胁摘要](https://mp.weixin.qq.com/s?__biz=MzI5Mzg5MDM3NQ==&mid=2247498230&idx=1&sn=1bb3e3b09b57458fc4b2f0b9fd3ca424&chksm=ec6989dedb1e00c86bf7d7fea369ccd3f9712b4fb1c02711d2ae2af119b3943bdf107ef28197&scene=58&subscene=0#rd) +- 安全研究GoSSIP + - [ ] [G.O.S.S.I.P 阅读推荐 2025-01-10 北约中出了叛徒](https://mp.weixin.qq.com/s?__biz=Mzg5ODUxMzg0Ng==&mid=2247499599&idx=1&sn=aaff9bb2d932f3d15da87fd721e4b5ee&chksm=c063d196f714588069633ee369d1c821a9ce001298b2e69b28a3157796203208d8b50ce1d9da&scene=58&subscene=0#rd) +- leveryd + - [ ] [没想到x-waf还可以用来测rasp](https://mp.weixin.qq.com/s?__biz=MzkyMDIxMjE5MA==&mid=2247485491&idx=1&sn=9e4d62e3c2d058cba9fa930fd49aa2b7&chksm=c1970f82f6e0869445bca851e6fb22753206fbbbb42ffe7fbac3ed702da4b9fb08fef0e81a46&scene=58&subscene=0#rd) - 数世咨询 - - [ ] [研究发现:AI可以在0.02秒内猜出加密货币的助记词](https://mp.weixin.qq.com/s?__biz=MzkxNzA3MTgyNg==&mid=2247533909&idx=1&sn=251ab889a58e026d4bf0ebef43591977&chksm=c14437e8f633befec8933414e2e96f7da0a616772a7dcdd66475e671b320efd733bef397e122&scene=58&subscene=0#rd) -- 安全圈 - - [ ] [【安全圈】2025年需要防范这五大恶意软件](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067236&idx=1&sn=2eebf9921c1caa1961bfa6f12cfb1672&chksm=f36e79e4c419f0f2deda540b109b53eecbce4de524e2a5052fae025c72d505b2c9f3704e0b5a&scene=58&subscene=0#rd) - - [ ] [【安全圈】俄罗斯 ISP 确认乌克兰黑客“摧毁”了其网络](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067236&idx=2&sn=84d90f5af72b000fc4a7a9f0ad6d9538&chksm=f36e79e4c419f0f2e021e1579a809f5aed766ababae8a208bf683d0a5c57073faa1842bc8c06&scene=58&subscene=0#rd) - - [ ] [【安全圈】戴尔更新包框架漏洞可让攻击者提升权限](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067236&idx=3&sn=d7fa7834d01e924cd20217efa4042c0c&chksm=f36e79e4c419f0f2715d10259d56af993acf26a7cd9cb2e0ee31dd8c02ead0683bf3dc502c49&scene=58&subscene=0#rd) - - [ ] [【安全圈】Redis服务器曝2个严重的RCE漏洞,数百万系统面临风险](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067236&idx=4&sn=b0147296a18e71da729ab28bc5c2ff3d&chksm=f36e79e4c419f0f2a35ef7ccb2f9e02e1ff05a8932fae3aec068182b76b3971be1050410a85a&scene=58&subscene=0#rd) -- dotNet安全矩阵 - - [ ] [无独有偶,通过.NET反序列化漏洞实现 Visual Studio 钓鱼攻击](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498100&idx=1&sn=ff112648ce0fae2852f5b79963e28f49&chksm=fa595799cd2ede8ff4a679bf8626e583b72433563a159a817c84571918c4ce14e1699abea334&scene=58&subscene=0#rd) - - [ ] [.NET 内网攻防实战电子报刊](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498100&idx=2&sn=b169640f47d8ffd11cb95818200156a9&chksm=fa595799cd2ede8f155d577f3cd71aea0eb423bf29f4e45d432480909f86b3975ee6dddb8905&scene=58&subscene=0#rd) - - [ ] [.NET 一款域渗透执行密码喷射的工具](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498100&idx=3&sn=e4ed320fd4cfe5d3036637e7de1d4e6f&chksm=fa595799cd2ede8fb587c504b52212f7d4c94ab9a309418fa14bf97a907b8003a62ea6bf30f1&scene=58&subscene=0#rd) -- 默安科技 - - [ ] [案例分享:Z农商行携手默安完成开发安全能力进阶之旅](https://mp.weixin.qq.com/s?__biz=MzIzODQxMjM2NQ==&mid=2247500111&idx=1&sn=5ca9b84dd9854d800b32ecb25c36f49a&chksm=e93b366dde4cbf7be19bd02c6fa347d25e535fd2f6ab199ce57073d38b6287da22b573892132&scene=58&subscene=0#rd) + - [ ] [解锁DSPM的价值:全面提升数据安全](https://mp.weixin.qq.com/s?__biz=MzkxNzA3MTgyNg==&mid=2247533977&idx=1&sn=90efd3be6f2ded1fe885486889a0db92&chksm=c1443724f633be320e1f457d145081f6d0c7281486fff91ac016d0f2df8e0f983e02a2cfafdb&scene=58&subscene=0#rd) +- 信息安全国家工程研究中心 + - [ ] [人民警察,节日快乐!](https://mp.weixin.qq.com/s?__biz=MzU5OTQ0NzY3Ng==&mid=2247498717&idx=1&sn=9a841ab270b3e6f950325770726410c3&chksm=feb67acec9c1f3d83bd56a154d26c900d8c4ca178b66d9424180b2322fffee6fffb414af5cb6&scene=58&subscene=0#rd) +- 天御攻防实验室 + - [ ] [特朗普上台,中美会发生网络战吗?](https://mp.weixin.qq.com/s?__biz=MzU0MzgyMzM2Nw==&mid=2247486232&idx=1&sn=5527e80a86875c017071d27f5b315e3e&chksm=fb04c870cc734166b62da7615b11c8f548c2c9dc95b0052d19fa52bc94805b96216c5e98af05&scene=58&subscene=0#rd) +- XCTF联赛 + - [ ] [SUCTF 2025|倒计时1天!](https://mp.weixin.qq.com/s?__biz=MjM5NDU3MjExNw==&mid=2247515473&idx=1&sn=6719fed82acc7d0877686b37ec2466a5&chksm=a6874f6b91f0c67d1f6003d51caeeed9ed952912bae9f6b9710e07b95144532bd90916777336&scene=58&subscene=0#rd) +- FreeBuf网络安全行业门户 + - [ ] [CVE-2024-6768漏洞分析](https://www.freebuf.com/vuls/419530.html) + - [ ] [YAK-SSA,古希腊掌管PHP代码审计的神](https://www.freebuf.com/articles/web/419509.html) + - [ ] [【论文速读】| 利用大语言模型在灰盒模糊测试中生成初始种子](https://www.freebuf.com/articles/network/419499.html) + - [ ] [FreeBuf周报 | AWS屡曝严重RCE漏洞;2025年需要防范这五大恶意软件](https://www.freebuf.com/news/419455.html) + - [ ] [超4000个Web后门通过注册过期域名被劫持](https://www.freebuf.com/news/419479.html) + - [ ] [网络钓鱼活动利用CrowdStrike招聘骗局传播挖矿软件](https://www.freebuf.com/news/419446.html) + - [ ] [Banshee Stealer新变种正借Apple XProtect加密技术躲避杀毒软件](https://www.freebuf.com/news/419475.html) + - [ ] [给DevOps加点料:融入安全性的DevSecOps](https://www.freebuf.com/news/419443.html) +- 中国信息安全 + - [ ] [通知 | 国家网信办就《网络信息内容多渠道分发服务机构相关业务活动管理规定(草案稿)》公开征求意见(附全文)](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664234365&idx=1&sn=af17f45f731d0c43256ce450f1d66690&chksm=8b59ff84bc2e7692f51814ffc268d5308bbd8679786942b61f1698a65e23c06a719f2e4f91b3&scene=58&subscene=0#rd) + - [ ] [专家解读 | 张金平:个人信息保护认证的中国创新方案](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664234365&idx=2&sn=a02c27826be18902ca053d25a2e5522b&chksm=8b59ff84bc2e769235dba763756fd24e2891c73c13e32d630a4cbbbec0b85918576265190726&scene=58&subscene=0#rd) + - [ ] [解读 | 《网络数据安全管理条例》有哪些亮点?](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664234365&idx=3&sn=bad4d027f0d756a436be1f46a3d63af6&chksm=8b59ff84bc2e769270a72ca471da37713cc209a6abcfa9d95c9a38987d76559afb93501fca7c&scene=58&subscene=0#rd) + - [ ] [公安部:公安机关2024年办理网暴案件8600余起](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664234365&idx=4&sn=bb86fc6ef4b9ac1b523049d343d2cf93&chksm=8b59ff84bc2e7692c756205917a14db9a101220f4c93944f14dcad1669a1d5a7e6c182dee584&scene=58&subscene=0#rd) + - [ ] [发布 | 中国信通院发布《城市全域数字化转型行业洞察报告(2024年)》(附下载)](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664234365&idx=5&sn=9e22dc9b697d9182120297617fff2713&chksm=8b59ff84bc2e7692e221e04bb2de5a7f021ac72afcac3f11536f59e4c14f1404a0c9804cb06d&scene=58&subscene=0#rd) + - [ ] [评论 | 用AI生成“地震被埋图”存在诸多不妥](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664234365&idx=6&sn=f4dfe25b2035fdf63eed7cc30883651d&chksm=8b59ff84bc2e7692345e58297f5dcd2ed4d71c9834c440ac19ecfdf7fe8be2bacd7d3a3d0c93&scene=58&subscene=0#rd) + - [ ] [关注 | 勇闯“春运”,要注意这些问题!](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664234365&idx=7&sn=26075d2a4c3c7515c08c1b7d9fd68c01&chksm=8b59ff84bc2e76929ea213b189e5dd0cc52a2f9e91a3ed315e497e449d3d1e69c05f3cf29062&scene=58&subscene=0#rd) - 丁爸 情报分析师的工具箱 - - [ ] [【通知】13号(下周一)开源情报能力提升班北京开班啦](https://mp.weixin.qq.com/s?__biz=MzI2MTE0NTE3Mw==&mid=2651148485&idx=1&sn=7c17a56ab551083d94245847210d7834&chksm=f1af27ffc6d8aee99147b46c21c715ba336aa00d97d1af45a64076ed97ac0349a15fc2da6cc4&scene=58&subscene=0#rd) - - [ ] [【反恐】2024年12月全球恐怖主义事件](https://mp.weixin.qq.com/s?__biz=MzI2MTE0NTE3Mw==&mid=2651148485&idx=2&sn=5c30df429684f2f65485ccf12091b331&chksm=f1af27ffc6d8aee9074bb35053824348f7595f7cd30f1eaff041c23a07377202fa8c2e053363&scene=58&subscene=0#rd) -- 慢雾科技 - - [ ] [2024 区块链安全与反洗钱年度报告解读之反洗钱态势和数据](https://mp.weixin.qq.com/s?__biz=MzU4ODQ3NTM2OA==&mid=2247500849&idx=1&sn=a4c8a7404ac4c33d52ec625858d74fc6&chksm=fddebab6caa933a0963129d89832d345d52cc74ccf6fdc9895f500e92924a79b023e59a082d2&scene=58&subscene=0#rd) - - [ ] [2024 区块链安全与反洗钱年度报告解读之朝鲜黑客和混币工具](https://mp.weixin.qq.com/s?__biz=MzU4ODQ3NTM2OA==&mid=2247500849&idx=2&sn=03cec5bfbda8fc30283fb3e05ded7803&chksm=fddebab6caa933a01b7c5515fe84f438c0a1836b4c39fa4f1799c74b45974375254a1d9c8d46&scene=58&subscene=0#rd) + - [ ] [【资料】网络的三张面孔:网络和平活动家,间谍,攻击者](https://mp.weixin.qq.com/s?__biz=MzI2MTE0NTE3Mw==&mid=2651148492&idx=1&sn=e284a7e43cbcb6ab36ec5a1f003ab059&chksm=f1af27f6c6d8aee040256534a8be599a13aa1d52d2e03ec456307340c1fd877521c5f767fb35&scene=58&subscene=0#rd) +- 安全圈 + - [ ] [【安全圈】日本炒作“中国疑似参与黑客攻击”,外交部:日方判断既不专业也不负责任](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067255&idx=1&sn=a41ccbc8f9fc9de8ed0dfe5c7a296033&chksm=f36e79f7c419f0e1b35e1a159d0ecdc609b196301a8249fba8092baf5dfe98047bd31c2f61e2&scene=58&subscene=0#rd) + - [ ] [【安全圈】数百万电子邮件服务器因缺少 TLS 加密而暴露](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067255&idx=2&sn=c42d9289f9097a99b0e9de5638c25da5&chksm=f36e79f7c419f0e10c2b64215d46af042d6d4538f0c26663174d24372c62af1b974a8b8a08ef&scene=58&subscene=0#rd) + - [ ] [【安全圈】超4000个Web后门通过注册过期域名被劫持](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067255&idx=3&sn=12454a2419a60abfe0219df1db8fc9ff&chksm=f36e79f7c419f0e1ce0df613111e8c48cf52ca20de42869051bf60a997f620888b67420c0ca5&scene=58&subscene=0#rd) + - [ ] [【安全圈】联合国航空机构确认招聘数据库存在安全漏洞](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067255&idx=4&sn=3fd244b5403280e26cbc308f9d938be2&chksm=f36e79f7c419f0e19717a852043341319ec8c0f73e0e9daa2e8a6064deb75c8df3e4e101920a&scene=58&subscene=0#rd) +- 网络空间安全科学学报 + - [ ] [学术前沿 | 基于尺寸变换的图像级特征增强隐写分析方法](https://mp.weixin.qq.com/s?__biz=MzI0NjU2NDMwNQ==&mid=2247504586&idx=1&sn=667f8402bebdb572ddabe5ecd419bfca&chksm=e9bfc674dec84f6234750fd856ba4bfd720b2739fd6d525d5cf469d492beaac34d64762021e2&scene=58&subscene=0#rd) +- M01N Team + - [ ] [每周蓝军技术推送(2025.1.4-1.10)](https://mp.weixin.qq.com/s?__biz=MzkyMTI0NjA3OA==&mid=2247493958&idx=1&sn=fc9a1bbf6caf95a8b7e36393cad78eda&chksm=c1842957f6f3a0415494df511f9508dc96bd52859b394da2d476577ba2244cf005425fb0422e&scene=58&subscene=0#rd) +- 腾讯科恩实验室 + - [ ] [揭秘SecBench大模型网络安全测评数据集构建](https://mp.weixin.qq.com/s?__biz=MzU1MjgwNzc4Ng==&mid=2247512655&idx=1&sn=106694cb80bebae36c6c05265abd108f&chksm=fbfe8e4acc89075c0720dc0dac3598a15c0586527b20f0963008dc6c927d76b0371b080c1c05&scene=58&subscene=0#rd) +- 补天平台 + - [ ] [2024补天平台【专属SRC】年度榜单发布!](https://mp.weixin.qq.com/s?__biz=MzI2NzY5MDI3NQ==&mid=2247507272&idx=1&sn=4dda0db202724e951d5e867b98fbb1be&chksm=eaf99504dd8e1c125b693c288f80a10c9a88fd21edea65a6ab9f6a61d5e21822f182145141ed&scene=58&subscene=0#rd) +- 奇安信威胁情报中心 + - [ ] [每周高级威胁情报解读(2025.01.03~01.09)](https://mp.weixin.qq.com/s?__biz=MzI2MDc2MDA4OA==&mid=2247513719&idx=1&sn=7ba22c6c00a862dcc9bd46f1f73fc77d&chksm=ea664100dd11c8160f008b33f2a15aa0b4839d1559f4b3481539f9536f92c79c36c5b9357879&scene=58&subscene=0#rd) +- NOVASEC + - [ ] [Hawkeye 一款Windows综合应急响应工具](https://mp.weixin.qq.com/s?__biz=MzUzODU3ODA0MA==&mid=2247490417&idx=1&sn=fe9dad38c72edfe0050a8f09afa05153&chksm=fad4c666cda34f704ce062d76decee29ad7ca69d6ac2c2a7d4c25273beae358cc3303fec21de&scene=58&subscene=0#rd) +- 极客公园 + - [ ] [26.3 万,特斯拉焕新 Model Y 突然上市,雷军「发贺电」](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653071793&idx=1&sn=3f07ac1e0a74b594446d172b6befabfa&chksm=7e57d40749205d111364fb0ebdb1493de6a3d45c0dcad2921ffbc85a307b04963edeab946d87&scene=58&subscene=0#rd) + - [ ] [2025 年 CES,为什么变成了世界最大「眼镜城」?](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653071781&idx=1&sn=dca04f483bca99394f6c3d127dcfc9ac&chksm=7e57d41349205d05c6dcd85def9e879d572cf93f982b13b01c05aa53447eab4c6350e6b57877&scene=58&subscene=0#rd) + - [ ] [B 站成春晚「独家弹幕视频平台」;西藏地震「小孩被埋」AI 生成图将被追责;加州大火危及好莱坞等景点 | 极客早知道](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653071702&idx=1&sn=7edc49de07482379ea1a9dbd199dc069&chksm=7e57d4e049205df61a63b790d9e5e6242217bc39d86a43681249ef2057e91f76a9ed5ff3e317&scene=58&subscene=0#rd) +- Tide安全团队 + - [ ] [Pwn入门之格式化字符串漏洞](https://mp.weixin.qq.com/s?__biz=Mzg2NTA4OTI5NA==&mid=2247519568&idx=1&sn=a136e2cd3ab3db52ce3b8f15811f0411&chksm=ce5daf31f92a2627e42e6f140583642241a9cce471e1727c960141e4bda457f55374ea16de47&scene=58&subscene=0#rd) - 情报分析师 - - [ ] [BBC中东编辑被指与CIA和摩萨德有联系](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650558865&idx=1&sn=12331907f98489cea8cf68bc9215a514&chksm=87117fdab066f6cc86b63c4ef149333b566fc9905a38631cc179b2874c196216f9102b6bee16&scene=58&subscene=0#rd) - - [ ] [日美科技合作全方位审视:从现状剖析到未来战略规划](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650558865&idx=2&sn=c542f15dd65556acb8890275808f6032&chksm=87117fdab066f6ccdf43d017e53050206b8e6f4affa0051d47d2c427f2bf0f027ce0e82fce59&scene=58&subscene=0#rd) + - [ ] [​致人民警察的一封信](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650558871&idx=1&sn=2049a81dea035595445267831bbf8eba&chksm=87117fdcb066f6ca90663192d96ff49aed9c05534fe81b7648f73162d5573546a71af8d1bf83&scene=58&subscene=0#rd) + - [ ] [深挖缅甸妙瓦底 KK 园区:电信诈骗的阴暗角落与跨国打击的艰难之路](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650558871&idx=2&sn=425102a0a5e829f41bce07b26f791afb&chksm=87117fdcb066f6ca21d4a5bc70df0464f5c0045f99e6be6137f53a7c7185427bf4511495f63e&scene=58&subscene=0#rd) + - [ ] [2025年日本国防战略调整分析](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650558871&idx=3&sn=5dc7c0bf081673ac6520dbd2dd7aec61&chksm=87117fdcb066f6cae78b04d12794725fee009f42e9b6f3afe33590cd3d1fe9a7b6ae8e9c49f1&scene=58&subscene=0#rd) +- ChaMd5安全团队 + - [ ] [共赴商用密码盛事,开启创新发展新篇--2025第三届商用密码展将于6月11日-13日在上海举办!](https://mp.weixin.qq.com/s?__biz=MzIzMTc1MjExOQ==&mid=2247511835&idx=1&sn=74578ef36cfe67c4677beb96c5d15795&chksm=e89d87c3dfea0ed56fbfb4aaa6133aa385822fce6524d09512079841830c9e533d5a57e3d129&scene=58&subscene=0#rd) +- 威胁猎人Threat Hunter + - [ ] [【黑产大数据】恶意贷款中介揭秘](https://mp.weixin.qq.com/s?__biz=MzI3NDY3NDUxNg==&mid=2247498437&idx=1&sn=5c259f2e9ba6de730bc41e763ee2d2dd&chksm=eb12dcfedc6555e8683ea4e9d3ef00a820ab4767b92370d3181b0f11552e01f1c8081d185d44&scene=58&subscene=0#rd) +- Beacon Tower Lab + - [ ] [DayDayMap新年回馈——免费抽取终身会员,另有更多好礼等你来拿!](https://mp.weixin.qq.com/s?__biz=MzkyNzcxNTczNA==&mid=2247486924&idx=1&sn=c7a4a0ad299a4e872a4cc0ac31de6468&chksm=c2229535f5551c23a4f1b84c0ceaa260a77296571764bab74d7d6b1a719e7f7db3c0cd8eb44e&scene=58&subscene=0#rd) +- 吴鲁加 + - [ ] [来组队运动打卡](https://mp.weixin.qq.com/s?__biz=Mzg5NDY4ODM1MA==&mid=2247485130&idx=1&sn=9ac53212495be2d6d3ae106527dc1009&chksm=c01a8bfbf76d02edf3bf046517683cdf658dd75a6a766df06f5e25848753313bd5f19050a436&scene=58&subscene=0#rd) +- 复旦白泽战队 + - [ ] [复旦白泽天梯多轮对话专项天梯结果出炉](https://mp.weixin.qq.com/s?__biz=MzU4NzUxOTI0OQ==&mid=2247492826&idx=1&sn=488d035b0ded0b568d5556b3f1b6b236&chksm=fde860a4ca9fe9b2256b7824f2c6a0194a6196776cfb30fc1a38a18a9c49960ca335769238d8&scene=58&subscene=0#rd) - 嘶吼专业版 - - [ ] [警惕!假冒社会保障局邮件链接暗藏ConnectWise RAT木马](https://mp.weixin.qq.com/s?__biz=MzI0MDY1MDU4MQ==&mid=2247580716&idx=1&sn=e19d5b79bedab81f2b92bf1f99c9154e&chksm=e9146c16de63e500a02a357f02836e2f3c7d22603d62c6ed08346dd89ddfc8e8ec1228850a8e&scene=58&subscene=0#rd) - - [ ] [绿湾包装工队官方商店遭黑客入侵,客户信息被盗风险大增!](https://mp.weixin.qq.com/s?__biz=MzI0MDY1MDU4MQ==&mid=2247580716&idx=2&sn=ed8f3e5300fc9cd3fa7f598c4a2c93d9&chksm=e9146c16de63e50040e1ba28cfda1fcf1056209b51fe3c8829e0277a4df3616d6b3e74121b38&scene=58&subscene=0#rd) -- 深信服千里目安全技术中心 - - [ ] [【漏洞通告】Ivanti Connect Secure,Policy Secure&ZTA Gateways缓冲区溢出漏洞](https://mp.weixin.qq.com/s?__biz=Mzg2NjgzNjA5NQ==&mid=2247523980&idx=1&sn=00c541e42b5d70c852de427d37e2f096&chksm=ce46159cf9319c8a729953194779090bd1c84ad058c699f94cbd276f6cbf3556d6387638af95&scene=58&subscene=0#rd) - - [ ] [网络安全信息与动态周报2025年第1期(2024年12月30日-2025年1月5日)](https://mp.weixin.qq.com/s?__biz=Mzg2NjgzNjA5NQ==&mid=2247523980&idx=2&sn=0655eb8a49e9579b57a59daee2130052&chksm=ce46159cf9319c8a5acbb92fd655e842002a393692891ead531df93561abe9d3970a427acb41&scene=58&subscene=0#rd) -- 极客公园 - - [ ] [CES2025,哪些奇特产品火到出圈?](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653071670&idx=1&sn=37f2a13bbd639116874e34e673515119&chksm=7e57d48049205d968592a2bdb26e277652a8472a450b1df73b65f6d933dc704dc5368f125a43&scene=58&subscene=0#rd) - - [ ] [CES 最大黑马收获七成女性订单;硬刚微信,淘宝上线「送礼」功能;Meta 放松内容管控,讨好准总统 | 极客早知道](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653071646&idx=1&sn=2f49bfc8fb60e1657d8adcf01f7fe981&chksm=7e57d4a849205dbe6bc767b9d948176a7e2700ac33579519895f43bff30d7050fd330ff7c794&scene=58&subscene=0#rd) -- 黑伞安全 - - [ ] [国企网安岗位招聘](https://mp.weixin.qq.com/s?__biz=MzU0MzkzOTYzOQ==&mid=2247489595&idx=1&sn=c60a3048d1001b0c0340aeb46f552cb9&chksm=fb029563cc751c7525a4a956b8abebfe205329c9652eeb0085999778b7ebabb18e4a7cf8689d&scene=58&subscene=0#rd) -- 字节跳动技术团队 - - [ ] [半空:LLM 辅助的 Go2Rust 项目迁移](https://mp.weixin.qq.com/s?__biz=MzI1MzYzMjE0MQ==&mid=2247512796&idx=1&sn=349504697de0c8697e3b70c4e9f40922&chksm=e9d3793edea4f028a460d11f961bf245141a930e98b9bd9337b62798342ea5936552a9007b72&scene=58&subscene=0#rd) -- Yak Project - - [ ] [YAK-SSA,古希腊掌管PHP代码审计的神](https://mp.weixin.qq.com/s?__biz=Mzk0MTM4NzIxMQ==&mid=2247527451&idx=1&sn=4b2437412b3ace4a09c992456162bad7&chksm=c2d110bff5a699a9734277d9db22716b10c1dc66637932c73b7170faadfc1818227b8088fcb9&scene=58&subscene=0#rd) -- 360数字安全 - - [ ] [360年度勒索软件报告请查收:AI“催生”天价赎金危机](https://mp.weixin.qq.com/s?__biz=MzA4MTg0MDQ4Nw==&mid=2247578622&idx=1&sn=7d13c9b1e1c5a1d50ad9d926748c6949&chksm=9f8d23f6a8faaae02f2e2ae1374ac2980096b7253c8817aa4c6d23de9a0bd90c9ed2d258bf46&scene=58&subscene=0#rd) + - [ ] [【急聘】京东集团信息安全部招人啦~~](https://mp.weixin.qq.com/s?__biz=MzI0MDY1MDU4MQ==&mid=2247580725&idx=1&sn=b63dd1e7fcbf3c546ef2120ab62800cc&chksm=e9146c0fde63e519ca57b762b500b310a8d68a3c49aed5115723adb48468e79935456c477c21&scene=58&subscene=0#rd) + - [ ] [国家网络安全通报中心:重点防范境外恶意网址和恶意IP](https://mp.weixin.qq.com/s?__biz=MzI0MDY1MDU4MQ==&mid=2247580725&idx=2&sn=63fd746c589e9cd1b6647a823ca163d3&chksm=e9146c0fde63e519285ec50431f0b8a8d25de8216245362a6d0c32046f930271a801895c78e0&scene=58&subscene=0#rd) +- dotNet安全矩阵 + - [ ] [接二连三,通过 .NET AppDomain 注入后门实现权限维持](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498124&idx=1&sn=34076b04cb96fa929b7d8a8cbae565cc&chksm=fa595761cd2ede7736fb0ecec4ef46c342c1320893e64801929a44e06a7d4c2b387f41f899a1&scene=58&subscene=0#rd) + - [ ] [.NET 安全基础入门学习知识库](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498124&idx=2&sn=4ea7c449c3918b19d0dbc98deac36034&chksm=fa595761cd2ede772a770f375217321f3d306206ea48e79b69d580bfd14adece2f9ca4fa0032&scene=58&subscene=0#rd) + - [ ] [来来来,喝酒不够持久的都不配叫APT玩家!](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498124&idx=3&sn=764005c46751c846ff68b2d7b52522b1&chksm=fa595761cd2ede779c023189b1b634746fe96cf81f90b0705cd4910d47db55c81a8d4f8e0183&scene=58&subscene=0#rd) - 安全419 - - [ ] [2025 年网络安全趋势洞察:多维度的挑战与应对之策](https://mp.weixin.qq.com/s?__biz=MzUyMDQ4OTkyMg==&mid=2247546480&idx=1&sn=4f089802537225d6a9c5eb8714dee1a8&chksm=f9ebe8ddce9c61cbeb0483fcdea1df29e5821f76d646c1e870e85ce462ed0bf0c038b6960e53&scene=58&subscene=0#rd) -- Over Security - Cybersecurity news aggregator - - [ ] [Stealthy Credit Card Skimmer Targets WordPress Checkout Pages via Database Injection](https://blog.sucuri.net/2025/01/stealthy-credit-card-skimmer-targets-wordpress-checkout-pages-via-database-injection.html) - - [ ] [Fake CrowdStrike job offer emails target devs with crypto miners](https://www.bleepingcomputer.com/news/security/fake-crowdstrike-job-offer-emails-target-devs-with-crypto-miners/) - - [ ] [Largest US addiction treatment provider notifies patients of data breach](https://www.bleepingcomputer.com/news/security/largest-us-addiction-treatment-provider-notifies-patients-of-data-breach/) - - [ ] [Chinese spies targeting new Ivanti vulnerability, Mandiant says](https://therecord.media/china-espionage-ivanti-vulnerabilities-mandiant) - - [ ] [Do we still have to keep doing it like this?](https://blog.talosintelligence.com/do-we-still-have-to-keep-doing-it-like-this/) - - [ ] [Banshee stealer evades detection using Apple XProtect encryption algo](https://www.bleepingcomputer.com/news/security/banshee-stealer-evades-detection-using-apple-xprotect-encryption-algo/) - - [ ] [Infocert data breach: che è successo e quali rischi per milioni di italiani. Interrogazione del Garante](https://www.cybersecurity360.it/nuove-minacce/infocert-data-breach-che-e-successo-e-quali-rischi-per-milioni-di-italiani/) - - [ ] [Privacy Badger: come e perché proteggersi dal tracciamento online](https://www.cybersecurity360.it/legal/privacy-dati-personali/privacy-badger-come-e-perche-proteggersi-dal-tracciamento-online/) - - [ ] [Truffe online e attacchi alle infrastrutture critiche: il report 2024 della Polizia Postale](https://www.cybersecurity360.it/nuove-minacce/truffe-online-e-attacchi-alle-infrastrutture-critiche-il-report-2024-della-polizia-postale/) - - [ ] [Shadow AI, i rischi per le aziende: perché serve una strategia](https://www.cybersecurity360.it/news/shadow-ai-i-rischi-per-le-aziende-perche-serve-una-strategia/) - - [ ] [FireScam per Android si maschera da app Telegram Premium, ma ruba dati: come proteggersi](https://www.cybersecurity360.it/news/firescam-per-android-si-maschera-da-app-telegram-premium-ma-ruba-dati-come-proteggersi/) - - [ ] [Corte UE sul caso Serpico: bilanciare diritto alla riservatezza e obblighi statali di tutela](https://www.cybersecurity360.it/legal/corte-europea-caso-serpico-bilanciamento-tra-diritto-alla-riservatezza-ed-obblighi-statali-di-tutela/) - - [ ] [Sviluppo delle capacità cyber dell’Italia. A che punto siamo](https://www.cybersecurity360.it/outlook/sviluppo-capacita-cyber-italia-a-che-punto-siamo/) - - [ ] [Starlink e sicurezza nelle telecomunicazioni Italiane: le sfide da affrontare](https://www.cybersecurity360.it/cybersecurity-nazionale/starlink-e-sicurezza-nelle-telecomunicazioni-italiane-le-sfide-da-affrontare/) - - [ ] [Vidar, il malspam prende di mira le PEC con nuove tecniche di offuscamento](https://www.cybersecurity360.it/news/vidar-il-malspam-prende-di-mira-le-pec-con-nuove-tecniche-di-offuscamento/) - - [ ] [Le proprietà dei LLM applicati ai sistemi critici: precisione, regolazione e stabilità](https://www.cybersecurity360.it/cultura-cyber/le-proprieta-dei-llm-applicati-ai-sistemi-critici-precisione-regolazione-e-stabilita/) - - [ ] [Facebook awards researcher $100,000 for finding bug that granted internal access](https://techcrunch.com/2025/01/09/facebook-awards-researcher-100000-for-finding-bug-that-granted-internal-access/) - - [ ] [Microsoft fixes OneDrive bug causing macOS app freezes](https://www.bleepingcomputer.com/news/microsoft/microsoft-fixes-onedrive-bug-causing-macos-app-freezes/) - - [ ] [Proton Mail still down as Proton recovers from worldwide outage](https://www.bleepingcomputer.com/news/technology/proton-mail-still-down-as-proton-recovers-from-worldwide-outage/) - - [ ] [MirrorFace hackers targeting Japanese govt, politicians since 2019](https://www.bleepingcomputer.com/news/security/mirrorface-hackers-targeting-japanese-govt-politicians-since-2019/) - - [ ] [Microsoft fixes bug causing Outlook to freeze when copying text](https://www.bleepingcomputer.com/news/microsoft/microsoft-fixes-bug-causing-outlook-to-freeze-when-copying-text/) - - [ ] [US Treasury hack linked to Silk Typhoon Chinese state hackers](https://www.bleepingcomputer.com/news/security/us-treasury-hack-linked-to-silk-typhoon-chinese-state-hackers/) - - [ ] [Hackers claim to breach Russian state agency managing property, land records](https://therecord.media/hackers-claim-to-breach-russian-state-agency-land-records) - - [ ] [Google: Chinese hackers likely behind Ivanti VPN zero-day attacks](https://www.bleepingcomputer.com/news/security/google-chinese-hackers-likely-behind-ivanti-vpn-zero-day-attacks/) - - [ ] [Apple says it does not use Siri audio for advertising](https://therecord.media/apple-says-siri-audio-not-used-advertising) - - [ ] [Criminal IP: Bringing Real-Time Phishing Detection to Microsoft Outlook](https://www.bleepingcomputer.com/news/security/criminal-ip-bringing-real-time-phishing-detection-to-microsoft-outlook/) - - [ ] [Microsoft fixes bug causing Outlook freezes when copying text](https://www.bleepingcomputer.com/news/microsoft/microsoft-fixes-bug-causing-outlook-freezes-when-copying-text/) - - [ ] [Some Winston-Salem city services knocked offline by cyberattack](https://therecord.media/winston-salem-north-carolina-services-offline-cyberattack) - - [ ] [HexaLocker V2: Skuld Stealer Paving the Way prior to Encryption](https://cyble.com/blog/hexalocker-v2-being-proliferated-by-skuld-stealer/) - - [ ] [Lithuania’s New Cyber Command is a Strategic Step Towards National and NATO Cybersecurity Resilience](https://cyble.com/blog/lithuanian-cyber-command-begins-operations/) - - [ ] [The (Almost) Forgotten Vulnerable Driver](https://decoder.cloud/2025/01/09/the-almost-forgotten-vulnerable-driver/) - - [ ] [Nuovo formato per ClamAV disponibile tramite il flusso IoC del CERT-AGID](https://cert-agid.gov.it/news/nuovo-formato-per-clamav-disponibile-tramite-il-flusso-ioc-del-cert-agid/) - - [ ] [Una campagna di phishing sfrutta Microsoft 365 per compromettere gli account PayPal](https://www.securityinfo.it/2025/01/09/una-campagna-di-phishing-sfrutta-microsoft-365-per-compromettere-gli-account-paypal/) - - [ ] [Boost Your Flipper Zero with FEBERIS: 3-in-1 SubGhz, NRF24, and WiFi board](https://www.mobile-hacker.com/2025/01/09/boost-your-flipper-zero-with-feberis-3-in-1-subghz-nrf24-and-wifi-board/) - - [ ] [Bypassing File Upload Restrictions To Exploit Client-Side Path Traversal](https://blog.doyensec.com/2025/01/09/cspt-file-upload.html) -- ICT Security Magazine - - [ ] [Come Implementare una Efficiente Gestione di Identità e Accessi nel Cloud](https://www.ictsecuritymagazine.com/notizie/gestione-di-identita-e-accessi/) - - [ ] [Quantum Technologies – La Seconda Rivoluzione Quantistica tra opportunità e sfide](https://www.ictsecuritymagazine.com/articoli/quantum-technologies-security/) -- Tails - News - - [ ] [Tails 6.11](https://tails.net/news/version_6.11/index.en.html) -- Securityinfo.it - - [ ] [Una campagna di phishing sfrutta Microsoft 365 per compromettere gli account PayPal](https://www.securityinfo.it/2025/01/09/una-campagna-di-phishing-sfrutta-microsoft-365-per-compromettere-gli-account-paypal/?utm_source=rss&utm_medium=rss&utm_campaign=una-campagna-di-phishing-sfrutta-microsoft-365-per-compromettere-gli-account-paypal) -- Krypt3ia - - [ ] [Improving ATT&CK’s Relevance for Living Off the Land (LOTL) Detection](https://krypt3ia.wordpress.com/2025/01/09/improving-attcks-relevance-for-living-off-the-land-lotl-detection/) - - [ ] [APT vs. Cybercriminal Groups: Understanding Their Differences and Overlaps](https://krypt3ia.wordpress.com/2025/01/09/apt-vs-cybercriminal-groups-understanding-their-differences-and-overlaps/) - - [ ] [Geopolitical Implications of Greenland Annexation & Potential Russian Influence](https://krypt3ia.wordpress.com/2025/01/09/geopolitical-implications-of-greenland-annexation-potential-russian-influence/) -- SANS Internet Storm Center, InfoCON: green - - [ ] [Examining Redtail Analyzing a Sophisticated Cryptomining Malware and its Advanced Tactics [Guest Diary], (Thu, Jan 9th)](https://isc.sans.edu/diary/rss/31568) - - [ ] [ISC Stormcast For Thursday, January 9th, 2025 https://isc.sans.edu/podcastdetail/9272, (Thu, Jan 9th)](https://isc.sans.edu/diary/rss/31572) + - [ ] [【观演指南】| 明晚 | 摇滚黑客2025演唱会北京现场见!](https://mp.weixin.qq.com/s?__biz=MzUyMDQ4OTkyMg==&mid=2247546519&idx=1&sn=0b14341dacc638097b304b34c2fce4b7&chksm=f9ebe83ace9c612ca4bedf40cd1a69fd40513b21d20cb4e73812294b7534c71420f3211ccbda&scene=58&subscene=0#rd) + - [ ] [听摇滚黑客2025演唱会 享滴滴打车五折优惠](https://mp.weixin.qq.com/s?__biz=MzUyMDQ4OTkyMg==&mid=2247546519&idx=2&sn=9c53a50b2d2fd5f2dd014e5726399bac&chksm=f9ebe83ace9c612c3d89c04885de278be3a60f45746a387b90ef49a61b6c52b882ccab8a1a96&scene=58&subscene=0#rd) +- 360数字安全 + - [ ] [致敬警察节|警企携手,筑牢安全防护网!](https://mp.weixin.qq.com/s?__biz=MzA4MTg0MDQ4Nw==&mid=2247578636&idx=1&sn=13cefe2c13751df91b8d32c27800f0d1&chksm=9f8d2404a8faad12c120e53ebaadc85d8d03fcad4cfc00507ef69d50593b088ba16adc9e449d&scene=58&subscene=0#rd) - 迪哥讲事 - - [ ] [JS利用](https://mp.weixin.qq.com/s?__biz=MzIzMTIzNTM0MA==&mid=2247496799&idx=1&sn=2e3e129b9b455b7cd662f88f074c1660&chksm=e8a5fe3cdfd2772a413a5ad832b72591598f506eacfbb05249d72eb1b8731d83166bae11faf9&scene=58&subscene=0#rd) -- 美团技术团队 - - [ ] [怕你错过美团技术团队2024年的25个分享,看这篇吧!(送2025新春礼盒)](https://mp.weixin.qq.com/s?__biz=MjM5NjQ5MTI5OA==&mid=2651779720&idx=1&sn=e1041b073f5e8486edeb6354315a0c09&chksm=bd122bc58a65a2d3da4993771b9c719d99d27b958bd5ae51292d7983efc6babc406ca2d316d4&scene=58&subscene=0#rd) - - [ ] [具身智能:从 “走近” 到 “走进”,寻找和突破人机共融边界](https://mp.weixin.qq.com/s?__biz=MjM5NjQ5MTI5OA==&mid=2651779720&idx=2&sn=366dd74bad418fff2ba1a3a1265a947a&chksm=bd122bc58a65a2d3236240e9532678691a6201db43b3a8081e12300dd33af1db0f2e264ca2dd&scene=58&subscene=0#rd) -- Tor Project blog - - [ ] [New Release: Tails 6.11](https://blog.torproject.org/new-release-tails-611/) -- 娜璋AI安全之家 - - [ ] [[AI安全论文] (35)TIFS24 MEGR-APT:基于攻击表示学习的高效内存APT猎杀系统](https://mp.weixin.qq.com/s?__biz=Mzg5MTM5ODU2Mg==&mid=2247501201&idx=1&sn=709a7a8f892f19870b9ed0d31f4f57aa&chksm=cfcf755cf8b8fc4a71ce77f85d729cb7786e2c6403626fe5b8e0a65fd94cc65f0a2d4503116a&scene=58&subscene=0#rd) -- The Hacker News - - [ ] [Major Vulnerabilities Patched in SonicWall, Palo Alto Expedition, and Aviatrix Controllers](https://thehackernews.com/2025/01/major-vulnerabilities-patched-in.html) - - [ ] [New Banshee Stealer Variant Bypasses Antivirus with Apple’s XProtect-Inspired Encryption](https://thehackernews.com/2025/01/new-banshee-stealer-variant-bypasses.html) - - [ ] [Product Walkthrough: How Reco Discovers Shadow AI in SaaS](https://thehackernews.com/2025/01/product-review-how-reco-discovers.html) - - [ ] [MirrorFace Leverages ANEL and NOOPDOOR in Multi-Year Cyberattacks on Japan](https://thehackernews.com/2025/01/mirrorface-leverages-anel-and-noopdoor.html) - - [ ] [Webinar: Learn How to Stop Encrypted Attacks Before They Cost You Millions](https://thehackernews.com/2025/01/webinar-learn-how-to-stop-encrypted.html) - - [ ] [Critical RCE Flaw in GFI KerioControl Allows Remote Code Execution via CRLF Injection](https://thehackernews.com/2025/01/critical-rce-flaw-in-gfi-keriocontrol.html) - - [ ] [E.U. Commission Fined for Transferring User Data to Meta in Violation of Privacy Laws](https://thehackernews.com/2025/01/eu-commission-fined-for-transferring.html) - - [ ] [Ivanti Flaw CVE-2025-0282 Actively Exploited, Impacts Connect Secure and Policy Secure](https://thehackernews.com/2025/01/ivanti-flaw-cve-2025-0282-actively.html) + - [ ] [记某次测试翻阅海量js语句黑盒出sql注入](https://mp.weixin.qq.com/s?__biz=MzIzMTIzNTM0MA==&mid=2247496807&idx=1&sn=44a86c5974f7824fcfd2d43bc5bd70b3&chksm=e8a5fe04dfd277126cdac3b07133c0a9ac6eaa4ef20c878e69b9c97e40377d22ed09e081aacd&scene=58&subscene=0#rd) +- 悬镜安全 + - [ ] [权威认可|悬镜再次入选2024年度毕马威中国金融科技企业双50强](https://mp.weixin.qq.com/s?__biz=MzA3NzE2ODk1Mg==&mid=2647795461&idx=1&sn=ea056881a28c848a31e57e1b2b75317c&chksm=8770af52b007264447b448eb912a971a9cdc84538023218ca3f23da02af85dac925dded42dd8&scene=58&subscene=0#rd) +- LuxSci + - [ ] [LuxSci Strengthens Leadership Position in G2 Winter 2025 Reports](https://luxsci.com/blog/luxsci-g2-reviews-winter-2025.html) +- IT Service Management News + - [ ] [Sull'incidente InfoCert](http://blog.cesaregallotti.it/2025/01/sullincidente-infocert.html) +- bellingcat + - [ ] [Seeing More With Satellite Imagery Using Band Combinations, Ratios and Indices](https://www.bellingcat.com/resources/2025/01/10/satellite-imagery-bands-guide/) +- 火绒安全 + - [ ] [【火绒安全周报】T1电竞选手直播因DDoS攻击再度中断/不法分子假冒网安公司招聘发动钓鱼攻击](https://mp.weixin.qq.com/s?__biz=MzI3NjYzMDM1Mg==&mid=2247521496&idx=1&sn=c7605f161604bbc226e351e4634ef9af&chksm=eb704ae7dc07c3f1af99f7500c637baf22504d2a8f12b042a27370ebb8a87ab2ff9813e53d6a&scene=58&subscene=0#rd) + - [ ] [诚邀渠道合作伙伴共启新征程](https://mp.weixin.qq.com/s?__biz=MzI3NjYzMDM1Mg==&mid=2247521496&idx=2&sn=bdaa413a8417b3ecd5583b9fe9fc3b65&chksm=eb704ae7dc07c3f1b01fc69498a1ea604c8c4bdf26b76844d6e141500693739c5cb578317b77&scene=58&subscene=0#rd) +- 安全牛 + - [ ] [安全牛《中国网络安全全景图》(第十二版)调研启动](https://mp.weixin.qq.com/s?__biz=MjM5Njc3NjM4MA==&mid=2651134576&idx=1&sn=e86ab5b49773d2d99aa5756c964bd0a5&chksm=bd15aaa38a6223b5ee9ca73cc3c5a819f983c98155cd6ed258f90a86c33c690cb9604f8bfe3c&scene=58&subscene=0#rd) + - [ ] [欧盟委员会因隐私违规行为首次被追责;苹果以9500万美元和解持续了5年的Siri隐私诉讼 | 牛览](https://mp.weixin.qq.com/s?__biz=MjM5Njc3NjM4MA==&mid=2651134576&idx=2&sn=a7d8e8804916170cb6b3ad59b218d42d&chksm=bd15aaa38a6223b5d84b077a9d24888eb1504e4c9b7448a0c8d86e9c4aa1ab32a1d9d8746acd&scene=58&subscene=0#rd) +- ICT Security Magazine + - [ ] [Perché le aziende dovrebbero prepararsi agli attacchi informatici durante le festività](https://www.ictsecuritymagazine.com/notizie/attacchi-informatici-semperis/) + - [ ] [La Remediation nella Sicurezza Informatica: sfide e prospettive](https://www.ictsecuritymagazine.com/articoli/remediation-sicurezza/) - Schneier on Security - - [ ] [Zero-Day Vulnerability in Ivanti VPN](https://www.schneier.com/blog/archives/2025/01/zero-day-vulnerability-in-ivanti-vpn.html) -- Trend Micro Research, News and Perspectives - - [ ] [Information Stealer Masquerades as LDAPNightmare (CVE-2024-49113) PoC Exploit](https://www.trendmicro.com/en_us/research/25/a/information-stealer-masquerades-as-ldapnightmare-poc-exploit.html) -- Technical Information Security Content & Discussion - - [ ] [WorstFit: Unveiling Hidden Transformers in Windows ANSI!](https://www.reddit.com/r/netsec/comments/1hxg7yx/worstfit_unveiling_hidden_transformers_in_windows/) - - [ ] [Top 10 web hacking techniques of 2024: nominations open](https://www.reddit.com/r/netsec/comments/1hx8c98/top_10_web_hacking_techniques_of_2024_nominations/) - - [ ] [Bypassing File Upload Restrictions To Exploit Client-Side Path Traversal (CSPT, CSPT2CSRF)](https://www.reddit.com/r/netsec/comments/1hx8bu7/bypassing_file_upload_restrictions_to_exploit/) - - [ ] [Abuse a time-based SQL injection by customizing SQLMAP](https://www.reddit.com/r/netsec/comments/1hx969x/abuse_a_timebased_sql_injection_by_customizing/) + - [ ] [Friday Squid Blogging: Cotton-and-Squid-Bone Sponge](https://www.schneier.com/blog/archives/2025/01/friday-squid-blogging-cotton-and-squid-bone-sponge.html) + - [ ] [Apps That Are Spying on Your Location](https://www.schneier.com/blog/archives/2025/01/apps-that-are-spying-on-your-location.html) +- FuzzWiki + - [ ] [HirGen:针对深度学习编译器的模糊测试技术](https://mp.weixin.qq.com/s?__biz=MzU1NTEzODc3MQ==&mid=2247486850&idx=1&sn=dced461f84a7bc0c0fce0bc7d690ea72&chksm=fbd9a63eccae2f28d233d59f36d0bbff14a8c6daae02b28bae378464ea8a92da71dc90e8cde1&scene=58&subscene=0#rd) +- Hacking Exposed Computer Forensics Blog + - [ ] [Daily Blog #714: Forensic Lunch 1/10/25 with Ryatt Roesrma talking about fine tuning AI models](https://www.hecfblog.com/2025/01/daily-blog-714-forensic-lunch-11025.html) +- Over Security - Cybersecurity news aggregator + - [ ] [Marijuana dispensary STIIIZY warns of leaked IDs after November data breach](https://therecord.media/marijuana-dispensary-warns-of-data-breach) + - [ ] [NSO ruling is a victory for WhatsApp, but could have a small impact on spyware industry](https://therecord.media/nso-whatsapp-ruling-may-have-limited-impact-on-spyware-ecosystem) + - [ ] [New York sues to recover $2 million in crypto stolen in remote job scams](https://therecord.media/new-york-sues-recover-millions) + - [ ] [Telefónica confirms internal ticketing system breach after data leak](https://www.bleepingcomputer.com/news/security/telefonica-confirms-internal-ticketing-system-breach-after-data-leak/) + - [ ] [New Web3 attack exploits transaction simulations to steal crypto](https://www.bleepingcomputer.com/news/security/new-web3-attack-exploits-transaction-simulations-to-steal-crypto/) + - [ ] [Russian nationals arrested by US, accused of running crypto mixers Blender and Sinbad](https://therecord.media/russian-nationals-indicted-blender-sinbad-crypto-mixers) + - [ ] [US charges operators of cryptomixers linked to ransomware gangs](https://www.bleepingcomputer.com/news/security/us-charges-operators-of-cryptomixers-linked-to-ransomware-gangs/) + - [ ] [Flashpoint Intelligence: Delivering Actionable Data for a Safer World](https://flashpoint.io/blog/flashpoint-intelligence-delivering-actionable-data/) + - [ ] [Slovakia’s land registry hit by biggest cyberattack in country’s history, minister says](https://therecord.media/slovakia-registry-cyberattack-land-agriculture) + - [ ] [US government charges operators of crypto mixing service used by North Korea and ransomware gangs](https://techcrunch.com/2025/01/10/us-government-charges-operators-of-crypto-mixing-service-used-by-north-korea-and-ransomware-gangs/) + - [ ] [Treasury hackers also breached US foreign investments review office](https://www.bleepingcomputer.com/news/security/treasury-hackers-also-breached-us-foreign-investments-review-office/) + - [ ] [Docker Desktop blocked on Macs due to false malware alert](https://www.bleepingcomputer.com/news/security/docker-desktop-blocked-on-macs-due-to-false-malware-alert/) + - [ ] [Proton worldwide outage caused by Kubernetes migration, software change](https://www.bleepingcomputer.com/news/technology/proton-worldwide-outage-caused-by-kubernetes-migration-software-change/) + - [ ] [New amateurish ransomware group FunkSec using AI to develop malware](https://therecord.media/funksec-ransomware-using-ai-malware) + - [ ] [STIIIZY data breach exposes cannabis buyers’ IDs and purchases](https://www.bleepingcomputer.com/news/security/stiiizy-data-breach-exposes-cannabis-buyers-ids-and-purchases/) + - [ ] [Sintesi riepilogativa delle campagne malevole nella settimana del 4 – 10 gennaio](https://cert-agid.gov.it/news/sintesi-riepilogativa-delle-campagne-malevole-nella-settimana-del-4-10-gennaio/) + - [ ] [Microsoft to force install new Outlook on Windows 10 PCs in February](https://www.bleepingcomputer.com/news/microsoft/microsoft-to-force-install-new-outlook-on-windows-10-pcs-in-february/) + - [ ] [BlinkenCity: From Art Project to Europe-wide Blackout Scenario](https://positive.security/blog/blinkencity-38c3) + - [ ] [Bots identified pushing anti-NATO messages in Croatian presidential runoff](https://therecord.media/bots-pushing-anti-nato-messages-croatian-election) + - [ ] [U.S. Telecom, Zero-Day Attacks Show Need for Cybersecurity Hygiene](https://cyble.com/blog/us-telecom-zero-day-attacks-show-need-for-cybersecurity-hygiene/) + - [ ] [WorstFit: Unveiling Hidden Transformers in Windows ANSI!](https://blog.orange.tw/posts/2025-01-worstfit-unveiling-hidden-transformers-in-windows-ansi/) + - [ ] [Critical ICS Vulnerabilities Uncovered in Weekly Vulnerability Report](https://cyble.com/blog/new-ics-vulnerabilities-report/) +- 白泽安全实验室 + - [ ] [APT组织Turla瞄准巴基斯坦关键基础设施展开攻击活动——每周威胁情报动态第208期 (01.03-01.09)](https://mp.weixin.qq.com/s?__biz=MzI0MTE4ODY3Nw==&mid=2247492512&idx=1&sn=c207ba89352dde2873ca1a70add44b6e&chksm=e90dc98ade7a409cc199fc590cf3e312dc6eaa82247b6b584125cb7f616538f5b28e41749a4a&scene=58&subscene=0#rd) +- 安全村SecUN + - [ ] [躬行|《电子数据取证与网络犯罪调查》专刊第七辑50份惊喜抽奖:)警察节快乐!](https://mp.weixin.qq.com/s?__biz=MzkyODM5NzQwNQ==&mid=2247496405&idx=1&sn=17b40406394060c7c389957502b86cb2&chksm=c21bd3e7f56c5af18c89a7436057ceea52e2c7e320b66f8f0807b3848982e27e0681de90f2e0&scene=58&subscene=0#rd) +- The Hacker News + - [ ] [Google Project Zero Researcher Uncovers Zero-Click Exploit Targeting Samsung Devices](https://thehackernews.com/2025/01/google-project-zero-researcher-uncovers.html) + - [ ] [Taking the Pain Out of Cybersecurity Reporting: A Practical Guide for MSPs](https://thehackernews.com/2025/01/taking-pain-out-of-cybersecurity.html) + - [ ] [AI-Driven Ransomware FunkSec Targets 85 Victims Using Double Extortion Tactics](https://thehackernews.com/2025/01/ai-driven-ransomware-funksec-targets-85.html) + - [ ] [Hands-On Walkthrough: Microsegmentation For all Users, Workloads and Devices by Elisity](https://thehackernews.com/2025/01/hands-on-walkthrough-microsegmentation.html) + - [ ] [RedDelta Deploys PlugX Malware to Target Mongolia and Taiwan in Espionage Campaigns](https://thehackernews.com/2025/01/reddelta-deploys-plugx-malware-to.html) + - [ ] [CrowdStrike Warns of Phishing Scam Targeting Job Seekers with XMRig Cryptominer](https://thehackernews.com/2025/01/crowdstrike-warns-of-phishing-scam.html) +- TorrentFreak + - [ ] [‘Strike 3’ Filed a Record Number of Piracy Lawsuits in 2024](https://torrentfreak.com/strike-3-filed-a-record-number-of-piracy-lawsuits-in-2024-250110/) +- SANS Internet Storm Center, InfoCON: green + - [ ] [ISC Stormcast For Friday, January 10th, 2025 https://isc.sans.edu/podcastdetail/9274, (Fri, Jan 10th)](https://isc.sans.edu/diary/rss/31576) + - [ ] [Windows Defender Chrome Extension Detection, (Fri, Jan 10th)](https://isc.sans.edu/diary/rss/31574) +- Graham Cluley + - [ ] [Canadian man loses a cryptocurrency fortune to scammers – here’s how you can stop it happening to you](https://www.bitdefender.com/en-us/blog/hotforsecurity/canadian-man-loses-a-cryptocurrency-fortune-to-scammers-heres-how-you-can-stop-it-happening-to-you) - Information Security - - [ ] [What is Typosquatting?](https://www.reddit.com/r/Information_Security/comments/1hxgl3d/what_is_typosquatting/) - - [ ] [Securing AI-Generated Code - Step-By-Step Guide](https://www.reddit.com/r/Information_Security/comments/1hxi01w/securing_aigenerated_code_stepbystep_guide/) -- The Register - Security - - [ ] [Look for the label: White House rolls out 'Cyber Trust Mark' for smart devices](https://go.theregister.com/feed/www.theregister.com/2025/01/09/white_house_smart_device_security_label/) - - [ ] [Zero-day exploits plague Ivanti Connect Secure appliances for second year running](https://go.theregister.com/feed/www.theregister.com/2025/01/09/zeroday_exploits_ivanti/) - - [ ] [Security pros baited with fake Windows LDAP exploit traps](https://go.theregister.com/feed/www.theregister.com/2025/01/09/security_pros_baited_by_fake/) - - [ ] [Japanese police claim China ran five-year cyberattack campaign targeting local orgs](https://go.theregister.com/feed/www.theregister.com/2025/01/09/japan_mirrorface_china_attack/) - - [ ] [Database tables of student, teacher info stolen from PowerSchool in cyberattack](https://go.theregister.com/feed/www.theregister.com/2025/01/09/powerschool_school_data/) -- Instapaper: Unread - - [ ] [La verità nelle tracce - 120 anni di Polizia Scientifica](https://www.tipiloschi.net/drupal/la-verit%C3%A0-nelle-tracce-120-anni-polizia-scientifica) - - [ ] [8 Essential OSINT tools collections for Digital Intelligence](https://andreafortuna.org/2025/01/08/8-essential-osint-tools-collections-for-digital-intelligence.html) - - [ ] [HBO documentary “Surveilled” investigates the growing business of commercial spyware](https://citizenlab.ca/2024/12/hbo-documentary-surveilled-investigates-the-growing-business-of-commercial-spyware/) + - [ ] [Organized my cybersecurity bookmarks into a GitHub repo (300+ sources)](https://www.reddit.com/r/Information_Security/comments/1hy0exs/organized_my_cybersecurity_bookmarks_into_a/) + - [ ] [RBI PA-PG (Payment Aggregators & Payment Gateways) Audit](https://www.reddit.com/r/Information_Security/comments/1hxz9tj/rbi_papg_payment_aggregators_payment_gateways/) +- Deep Web + - [ ] [How safe is posting on forums on the darkweb?](https://www.reddit.com/r/deepweb/comments/1hy0bdu/how_safe_is_posting_on_forums_on_the_darkweb/) + - [ ] [Dark web purchase](https://www.reddit.com/r/deepweb/comments/1hy1wwb/dark_web_purchase/) - Computer Forensics - - [ ] [Advice with forensic career](https://www.reddit.com/r/computerforensics/comments/1hxpdj5/advice_with_forensic_career/) - - [ ] [Testing Malware samples with or without internet connection.](https://www.reddit.com/r/computerforensics/comments/1hx9m9e/testing_malware_samples_with_or_without_internet/) -- Graham Cluley - - [ ] [Smashing Security podcast #399: Honey in hot water, and reset your devices](https://grahamcluley.com/smashing-security-podcast-399/) - - [ ] [Space Bears ransomware: what you need to know](https://www.tripwire.com/state-of-security/space-bears-ransomware-what-you-need-know) - - [ ] [United Nations aviation agency hacked, recruitment database plundered](https://www.bitdefender.com/en-us/blog/hotforsecurity/united-nations-aviation-agency-hacked-recruitment-database-plundered) -- Security Affairs - - [ ] [U.S. Medical billing provider Medusind suffered a sata breach](https://securityaffairs.com/172870/data-breach/medusind-data-breach.html) - - [ ] [Ukrainian Cyber Alliance destroyed the connectivity of Russian ISP Nodex](https://securityaffairs.com/172864/hacktivism/ukrainian-cyber-alliance-destroyed-russian-isp-nodex.html) - - [ ] [U.S. CISA adds Ivanti Connect Secure, Policy Secure, and ZTA Gateways flaw to its Known Exploited Vulnerabilities catalog](https://securityaffairs.com/172857/hacking/u-s-cisa-adds-ivanti-connect-secure-policy-secure-and-zta-gateways-flaw-to-its-known-exploited-vulnerabilities-catalog.html) - - [ ] [SOC Scalability: How AI Supports Growth Without Overloading Analysts](https://securityaffairs.com/172831/security/scaling-up-a-security-operations-center-soc.html) + - [ ] [CREST Certs (CPIA|CRIA)](https://www.reddit.com/r/computerforensics/comments/1hyahq4/crest_certs_cpiacria/) + - [ ] [Mac OS - need application logs](https://www.reddit.com/r/computerforensics/comments/1hxtfyh/mac_os_need_application_logs/) + - [ ] [Macbook M4/M4 Pro Collections](https://www.reddit.com/r/computerforensics/comments/1hxtktu/macbook_m4m4_pro_collections/) +- Blackhat Library: Hacking techniques and research + - [ ] [Just question](https://www.reddit.com/r/blackhat/comments/1hyesag/just_question/) - Your Open Hacker Community - - [ ] [Overthewire Bandit 23](https://www.reddit.com/r/HowToHack/comments/1hxoujl/overthewire_bandit_23/) - - [ ] [How to bypass Walmart location restriction](https://www.reddit.com/r/HowToHack/comments/1hxmmz6/how_to_bypass_walmart_location_restriction/) - - [ ] [Anyone know how to tab out of respondus lockdown browser?](https://www.reddit.com/r/HowToHack/comments/1hxg35u/anyone_know_how_to_tab_out_of_respondus_lockdown/) - - [ ] [finidng ip/adress](https://www.reddit.com/r/HowToHack/comments/1hxahr7/finidng_ipadress/) - - [ ] [How can I turn a Sony Smart TV (non-Android) into a streaming TV with all the essential apps for free binge-watching?](https://www.reddit.com/r/HowToHack/comments/1hxb7eb/how_can_i_turn_a_sony_smart_tv_nonandroid_into_a/) - - [ ] [The Hack is Back](https://www.reddit.com/r/HowToHack/comments/1hx12u5/the_hack_is_back/) - - [ ] [How would you make an RAT undetectable](https://www.reddit.com/r/HowToHack/comments/1hwzelu/how_would_you_make_an_rat_undetectable/) -- TorrentFreak - - [ ] [DoodStream Can’t Comply With Court Orders, Major Investor is a Russian Dude](https://torrentfreak.com/doodstream-cant-comply-with-court-orders-major-investor-is-a-russian-dude-250109/) - - [ ] [EFF Sides with Cox to Protect Piracy-Accused Internet Users from ‘Copyright Trolls’](https://torrentfreak.com/eff-sides-with-cox-to-protect-piracy-accused-internet-users-from-copyright-trolls-250109/) -- Deeplinks - - [ ] [Meta’s New Content Policy Will Harm Vulnerable Users. If It Really Valued Free Speech, It Would Make These Changes](https://www.eff.org/deeplinks/2025/01/metas-new-content-policy-will-harm-vulnerable-users-if-it-really-valued-free) + - [ ] [A question](https://www.reddit.com/r/HowToHack/comments/1hyauea/a_question/) + - [ ] [Question about windows](https://www.reddit.com/r/HowToHack/comments/1hye2lu/question_about_windows/) + - [ ] [Is this Vulnerable ?](https://www.reddit.com/r/HowToHack/comments/1hyi8hk/is_this_vulnerable/) + - [ ] [Could anyone help me in understanding this "Not Operational or Intended Public Access" vulnerability ?](https://www.reddit.com/r/HowToHack/comments/1hy7xk7/could_anyone_help_me_in_understanding_this_not/) + - [ ] [Help](https://www.reddit.com/r/HowToHack/comments/1hyhuu9/help/) + - [ ] [Wardriving Question](https://www.reddit.com/r/HowToHack/comments/1hy5hha/wardriving_question/) + - [ ] [How to hack a new ai website?](https://www.reddit.com/r/HowToHack/comments/1hyhm2r/how_to_hack_a_new_ai_website/) + - [ ] [Any idea how to gg cpm2 ?](https://www.reddit.com/r/HowToHack/comments/1hy96jp/any_idea_how_to_gg_cpm2/) + - [ ] [how to loop a cctv camera](https://www.reddit.com/r/HowToHack/comments/1hy7y62/how_to_loop_a_cctv_camera/) + - [ ] [Taking down Defender experiment](https://www.reddit.com/r/HowToHack/comments/1hxtxzr/taking_down_defender_experiment/) +- Security Affairs + - [ ] [Banshee macOS stealer supports new evasion mechanisms](https://securityaffairs.com/172918/malware/new-version-of-the-banshee-macos-stealer.html) + - [ ] [Researchers disclosed details of a now-patched Samsung zero-click flaw](https://securityaffairs.com/172909/hacking/samsung-zero-click-flaw.html) + - [ ] [Phishers abuse CrowdStrike brand targeting job seekers with cryptominer](https://securityaffairs.com/172900/cyber-crime/crowdstrike-phishing-campaign-recruitment-branding.html) + - [ ] [China-linked APT group MirrorFace targets Japan](https://securityaffairs.com/172890/apt/china-linked-apt-mirrorface-targets-japan.html) +- netsecstudents: Subreddit for students studying Network Security and its related subjects + - [ ] [Passed Cisco 100-140 (CCST IT Support) Exam! Here's How I Prepared](https://www.reddit.com/r/netsecstudents/comments/1hy26je/passed_cisco_100140_ccst_it_support_exam_heres/) + - [ ] [What is the best practice to securely host an application in Linux?](https://www.reddit.com/r/netsecstudents/comments/1hxzw9c/what_is_the_best_practice_to_securely_host_an/) + - [ ] [What project should be added in resume as a cyber security beginner?](https://www.reddit.com/r/netsecstudents/comments/1hxvis0/what_project_should_be_added_in_resume_as_a_cyber/) + - [ ] [Guidance Needed for Safe Demonstration of GIF Malware Detection](https://www.reddit.com/r/netsecstudents/comments/1hxyr5d/guidance_needed_for_safe_demonstration_of_gif/) + - [ ] [Graduating soon at 19, Sec+ done - what’s the next cert or skill to pursue?](https://www.reddit.com/r/netsecstudents/comments/1hxra7i/graduating_soon_at_19_sec_done_whats_the_next/) +- Trend Micro Research, News and Perspectives + - [ ] [How Cracks and Installers Bring Malware to Your Device](https://www.trendmicro.com/en_us/research/25/a/how-cracks-and-installers-bring-malware-to-your-device.html) +- Technical Information Security Content & Discussion + - [ ] [ACE up the sleeve: Hacking into Apple's new USB-C Controller](https://www.reddit.com/r/netsec/comments/1hy9t8i/ace_up_the_sleeve_hacking_into_apples_new_usbc/) + - [ ] [How to jailbreak most/all LLMs using Assistant Prefill](https://www.reddit.com/r/netsec/comments/1hy6snm/how_to_jailbreak_mostall_llms_using_assistant/) + - [ ] [Exploiting SSTI in a Modern Spring Boot Application (3.3.4)](https://www.reddit.com/r/netsec/comments/1hy06vj/exploiting_ssti_in_a_modern_spring_boot/) + - [ ] [Do Secure-By-Design Pledges Come With Stickers? - Ivanti Connect Secure RCE (CVE-2025-0282) - watchTowr Labs](https://www.reddit.com/r/netsec/comments/1hxt46x/do_securebydesign_pledges_come_with_stickers/) +- The Register - Security + - [ ] [Chinese cyber-spies peek over shoulder of officials probing real-estate deals near American military bases](https://go.theregister.com/feed/www.theregister.com/2025/01/10/china_treasury_foreign_investment/) + - [ ] [Drug addiction treatment service admits attackers stole sensitive patient data](https://go.theregister.com/feed/www.theregister.com/2025/01/10/baymark_data_breach/) + - [ ] [Devs sent into security panic by 'feature that was helpful … until it wasn't'](https://go.theregister.com/feed/www.theregister.com/2025/01/10/on_call/) - Security Weekly Podcast Network (Audio) - - [ ] [Threat Actors With A Thousand Names - PSW #856](http://sites.libsyn.com/18678/threat-actors-with-a-thousand-names-psw-856) + - [ ] [Robot Dogs, Ivanti, SonicWall, Banshee, Telegram, Motorola, Aaran Leyland, and more. - SWN #441](http://sites.libsyn.com/18678/robot-dogs-ivanti-sonicwall-banshee-telegram-motorola-aaran-leyland-and-more-swn-441) From 51b67176ad8dbea6557df31105bf210bf24d34e2 Mon Sep 17 00:00:00 2001 From: chainreactorbot Date: Sun, 12 Jan 2025 02:57:49 +0000 Subject: [PATCH 08/29] =?UTF-8?q?=E6=AF=8F=E6=97=A5=E5=AE=89=E5=85=A8?= =?UTF-8?q?=E8=B5=84=E8=AE=AF=EF=BC=882025-01-12=EF=BC=89?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- archive/daily/2025/2025-01-12.md | 273 ++++++++++++ archive/tmp/2025-01-12.json | 317 ++++++++++++++ today.md | 688 ++++++++++++------------------- 3 files changed, 843 insertions(+), 435 deletions(-) create mode 100644 archive/daily/2025/2025-01-12.md create mode 100644 archive/tmp/2025-01-12.json diff --git a/archive/daily/2025/2025-01-12.md b/archive/daily/2025/2025-01-12.md new file mode 100644 index 0000000000..aa5936d602 --- /dev/null +++ b/archive/daily/2025/2025-01-12.md @@ -0,0 +1,273 @@ +# 每日安全资讯(2025-01-12) + +- Security Boulevard + - [ ] [Advancements in Machine Identity Protections](https://securityboulevard.com/2025/01/advancements-in-machine-identity-protections/) + - [ ] [From Chaos to Control: Building Your Company’s Access Management Foundation](https://securityboulevard.com/2025/01/from-chaos-to-control-building-your-companys-access-management-foundation/) + - [ ] [DEF CON 32 – Porn & Privacy – ET](https://securityboulevard.com/2025/01/def-con-32-porn-privacy-et/) +- Doonsec's feed + - [ ] [一种新的安卓恶意软件伪装成 Telegram 的高级版本](https://mp.weixin.qq.com/s?__biz=MzkxNDM4OTM3OQ==&mid=2247505688&idx=1&sn=51fc10c9de18920df368d2f73f9869b5) + - [ ] [Chrome 扩展程序利用关键字操纵漏洞](https://mp.weixin.qq.com/s?__biz=MzkxNDM4OTM3OQ==&mid=2247505688&idx=2&sn=477172aee3cdadaaf70998c3cea3b917) + - [ ] [Proton 称大规模停电是由基础设施超载造成的](https://mp.weixin.qq.com/s?__biz=MzkxNDM4OTM3OQ==&mid=2247505688&idx=3&sn=6cc097c5896476f06ddf9fcaeaafcccb) + - [ ] [蒋昌建&沈逸东方夜话 | 网络安全审查:隔离墙?安全阀!](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485395&idx=1&sn=16953adf52d1c675c4f5c4001dfdba21) + - [ ] [原创文章目录](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485395&idx=6&sn=64fdadc2be07e6e80090a862faa9369e) + - [ ] [黑客攻击21个省市社保、医疗系统,“爬取”公民信息获利500余万](https://mp.weixin.qq.com/s?__biz=MzkxMjYxODcyNA==&mid=2247485436&idx=1&sn=a0980e4928229561330fac1109576927) + - [ ] [小白必看之漏洞区分](https://mp.weixin.qq.com/s?__biz=Mzk1NzQwNjQ4Ng==&mid=2247484134&idx=1&sn=723a6d60f099a461d07ed5d08217cc40) + - [ ] [今日ootd](https://mp.weixin.qq.com/s?__biz=MzI1Mjc3NTUwMQ==&mid=2247538427&idx=1&sn=54f7435160b21f5bcb326d08a651ef51) + - [ ] [Android手机微信怎么找回删除的好友?其实很简单只需要简单几步就可以搞定](https://mp.weixin.qq.com/s?__biz=MzI2OTk4MTA3Ng==&mid=2247496703&idx=1&sn=79bf4b6fe407e5271f65f5f94917dd00) + - [ ] [FOFA搜索引擎语法---信息收集篇](https://mp.weixin.qq.com/s?__biz=MzkxNjg3NTQ4NA==&mid=2247485322&idx=1&sn=30ebbff69ae793676247af3791e49cd9) + - [ ] [‘黑掉’NASA:SSRF、子域接管以及XSS](https://mp.weixin.qq.com/s?__biz=Mzg2ODYxMzY3OQ==&mid=2247518163&idx=1&sn=45bb532ff4bec0fd51a5a77eab8d2359) + - [ ] [PotatoTool一款功能强大的网络安全综合工具支持免杀、自定义内存马、提权、扫描、一键解密、AI分析、溯源等等](https://mp.weixin.qq.com/s?__biz=MzkzMDg1MzIwNA==&mid=2247486334&idx=1&sn=f538d24db455aad0f34937d750facd60) + - [ ] [小程序抓包教程(全网最简单教程)](https://mp.weixin.qq.com/s?__biz=Mzk0MzQxODc3NA==&mid=2247484313&idx=1&sn=5e4aa0124d1589ce722dda5c18861f9f) + - [ ] [手机上的后门|防不胜防的RAT攻击](https://mp.weixin.qq.com/s?__biz=Mzg3OTUxNTU2NQ==&mid=2247489945&idx=3&sn=05f2df570592ec160dc273c008c6b48b) + - [ ] [Dirsearch | 目录枚举神器 你真的会用吗?](https://mp.weixin.qq.com/s?__biz=MzkzMzg3MzMyOA==&mid=2247485921&idx=1&sn=55199c6c42e12ae12c6933d3c57895bb) + - [ ] [为何企业需实施信息安全等级保护?](https://mp.weixin.qq.com/s?__biz=MzU5MTIxNzg0Ng==&mid=2247488131&idx=1&sn=b0942d524e678ad4cb0e6bff4f646f31) + - [ ] [中安协数字安全专业委员会第一届第二次会议在京举行](https://mp.weixin.qq.com/s?__biz=MjM5NTY4NTM1OQ==&mid=2650683479&idx=1&sn=9f35a5a195aa37a6f05fc85b20315c6d) + - [ ] [你们这些黑客到底用不用python啊?](https://mp.weixin.qq.com/s?__biz=MzkyOTQzNjIwNw==&mid=2247491345&idx=1&sn=58551e8465f73714ac7176fb6fbee68e) + - [ ] [【漏洞工具】某路由器任意文件读取漏洞Goby低级模式利用工具](https://mp.weixin.qq.com/s?__biz=Mzg5NTU2NjA1Mw==&mid=2247495975&idx=1&sn=b05958a60bbf5bbaa0abccc2f249abb9) + - [ ] [信息收集平台的使用方法](https://mp.weixin.qq.com/s?__biz=MzI0NjE1NDYyOA==&mid=2247484781&idx=1&sn=45b2722155dfaf5f077435685336f3aa) + - [ ] [接私活神器!ThingsKit 国产开源 IoT 物联网平台+边缘网关,轻松交付可视化大屏](https://mp.weixin.qq.com/s?__biz=MjM5OTA4MzA0MA==&mid=2454936559&idx=1&sn=18c770486e56d8200c441ace43890bc8) + - [ ] [IT知识百科:公钥和私钥是什么?有啥区别?一篇文章全搞懂!](https://mp.weixin.qq.com/s?__biz=MzIyMzIwNzAxMQ==&mid=2649464441&idx=1&sn=a7a893c6b4db5dc6f80b48af3b3b308b) + - [ ] [在看 | 周报:中国铁路12306网站出现网络故障;Kimi崩上热搜;美国超千万中小学生个人数据疑似泄露](https://mp.weixin.qq.com/s?__biz=MzU5ODgzNTExOQ==&mid=2247634455&idx=1&sn=3e9529a11f81c8fe2b01f3d030fa0af0) + - [ ] [在看 | 厂商:本周热门网络安全产业动态](https://mp.weixin.qq.com/s?__biz=MzU5ODgzNTExOQ==&mid=2247634455&idx=2&sn=41247f17b16e02cc9ae636b8ee9dc7b3) + - [ ] [带你解锁编码新世界!--随波逐流CTF编码工具使用教程33 --JJEncode密码](https://mp.weixin.qq.com/s?__biz=MzU2NzIzNzU4Mg==&mid=2247489433&idx=1&sn=87cfa9aec661b04493ce3613c43f289a) + - [ ] [【安全圈】江苏一男子利用小程序Bug逃匿28万加油费,法院判了](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067274&idx=1&sn=5bef640b5980a10e736f5e8b28bb6773) + - [ ] [【安全圈】涉案3.3亿!有人非法搭建支付平台获利超200万](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067274&idx=2&sn=792e4a8d18c9865be6e1131bf29116e9) + - [ ] [【安全圈】Ivanti VPN 零日漏洞正在被黑客利用](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067274&idx=3&sn=8eb5cc6c0a00bef351ca6ec387133310) + - [ ] [浏览器如何阻止进程注入的 RWX 执行](https://mp.weixin.qq.com/s?__biz=MzAxODM5ODQzNQ==&mid=2247486268&idx=1&sn=052b0ec1bfa44b1828fc15b689b694ce) + - [ ] [学术前沿 | 鹏城实验室威胁情报团队:网络威胁情报共享与融合技术综述](https://mp.weixin.qq.com/s?__biz=MzI0NjU2NDMwNQ==&mid=2247504587&idx=1&sn=4eaf1ab6a4b15883ae9a77be4357a271) + - [ ] [机票诈骗路线简图分析(原创)](https://mp.weixin.qq.com/s?__biz=MzA5MTYyMDQ0OQ==&mid=2247493500&idx=1&sn=5a162845740d94d3905f334b97524029) + - [ ] [机票诈骗路线分析简图](https://mp.weixin.qq.com/s?__biz=MzA5MTYyMDQ0OQ==&mid=2247493494&idx=1&sn=befb46f4cf55c317d53c5c8bcfc9dcb6) + - [ ] [新一代Github投毒|针对网络安全人员钓鱼](https://mp.weixin.qq.com/s?__biz=MzkyMzI3OTY4Mg==&mid=2247486844&idx=1&sn=184e1f0c5c593d95b0b5414c05c9e171) + - [ ] [疑黑客出售国内某IT企业服务器访问权限,456GB数据遭泄露](https://mp.weixin.qq.com/s?__biz=MzkyMjQ5ODk5OA==&mid=2247506729&idx=1&sn=99faf6c867705475671630c95a81b63a) + - [ ] [fsacn工具及二开](https://mp.weixin.qq.com/s?__biz=Mzk0Mjg4MTQxMw==&mid=2247485498&idx=1&sn=af916ec09177e84bf30acb1afcbed6d4) + - [ ] [护网行动——筑牢网络防线的关键战役](https://mp.weixin.qq.com/s?__biz=MzkxODc5OTg5MQ==&mid=2247484228&idx=1&sn=78f7850c6323e7fd2e092f810c2c5006) + - [ ] [嵌入式软件OTA升级,有哪几种FLASH划分方式?](https://mp.weixin.qq.com/s?__biz=MzIzOTc2OTAxMg==&mid=2247548769&idx=1&sn=32ba30356cabef720cf10639cb786fc6) + - [ ] [有趣的linux文件系统](https://mp.weixin.qq.com/s?__biz=MzIzOTc2OTAxMg==&mid=2247548769&idx=2&sn=a0d02cbb173ca18db47b1fec30deb2ff) + - [ ] [时代的痕迹](https://mp.weixin.qq.com/s?__biz=MzIwODc2NjgxNA==&mid=2247484965&idx=1&sn=6e1b33697f9299571f6559d8a66d1606) + - [ ] [CTF自毁程序密码:逆向分析](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458588573&idx=1&sn=c40b84e0094dfcbca49818f166d4c1f8) + - [ ] [欢迎报名!新课《Frida源码情景分析》](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458588573&idx=2&sn=faff2f0fd2cdc5ddab970c5ab150d74c) + - [ ] [扫码下载 | 信息技术应用创新 信息系统适配改造成本度量](https://mp.weixin.qq.com/s?__biz=MjM5OTk4MDE2MA==&mid=2655263684&idx=1&sn=376629b883698a615a6e3025f05f926b) + - [ ] [国家网信办就《网络信息内容多渠道分发服务机构相关业务活动管理规定(草案稿)》公开征求意见](https://mp.weixin.qq.com/s?__biz=MjM5MzMwMDU5NQ==&mid=2649170115&idx=1&sn=1b3539813ba293f5cb2035f9db5f03d9) + - [ ] [中文互联网语料资源平台发布](https://mp.weixin.qq.com/s?__biz=MjM5MzMwMDU5NQ==&mid=2649170115&idx=2&sn=970cf26d470dc1bf1f3c07a281c1f8b8) + - [ ] [短文:对现实里网络安全领域的新认识](https://mp.weixin.qq.com/s?__biz=MzUyMTUwMzI3Ng==&mid=2247485562&idx=1&sn=8b6790ca85055bf567130a044261ebda) + - [ ] [[论文翻译]多步骤越狱隐私攻击对ChatGPT的影响](https://mp.weixin.qq.com/s?__biz=Mzg4NDMyOTE3MQ==&mid=2247483707&idx=1&sn=a33f0657bbd604fcbcef3831065f344e) + - [ ] [强烈建议尽快搞个软考证!(重大利好)](https://mp.weixin.qq.com/s?__biz=MzkxMzIwNTY1OA==&mid=2247510688&idx=1&sn=91e1b11170faaac8b622422bacbbee1d) + - [ ] [IDEA研究院:低空经济发展白皮书3.0-安全体系](https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247619257&idx=1&sn=96e34669c425319bcf2492a6d8490989) + - [ ] [低空经济启航,安全体系护航 低空经济网络安全体系化研究报告](https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247619257&idx=2&sn=9a3a8d4176b9464783118adcb475a303) + - [ ] [《车路云一体化系统 第7部分:信息安全要求和试验方法》(草案)](https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247619257&idx=3&sn=6c3b2101700e191b3d5daa0e12edac8f) + - [ ] [基于大模型(LLM)的黑盒RCE漏洞挖掘](https://mp.weixin.qq.com/s?__biz=MzU0NDI5NTY4OQ==&mid=2247486253&idx=1&sn=62124571618afa3afa400518ed8a9638) + - [ ] [因敏感数据泄露、未分类分级、个人信息未脱敏等行为违反《数据安全法》,2公司被处罚](https://mp.weixin.qq.com/s?__biz=MzIxMDIwODM2MA==&mid=2653931395&idx=1&sn=e6190c89b218ac0c466a14c75e7a6b05) + - [ ] [【吃瓜】安全圈里我们带专真的没有未来了么?](https://mp.weixin.qq.com/s?__biz=Mzg4MTkwMTI5Mw==&mid=2247488580&idx=1&sn=fe3d7fd390432632c7f806abaad20c70) + - [ ] [区块链和加密货币的基础知识](https://mp.weixin.qq.com/s?__biz=Mzg4NzgyODEzNQ==&mid=2247488593&idx=1&sn=54713e09991db527898a10feed8de69a) + - [ ] [阿里云WAF日志接入到线下GrayLog日志系统并实现一键联动CFW封锁攻击IP](https://mp.weixin.qq.com/s?__biz=MzU2MjU1OTE0MA==&mid=2247499573&idx=1&sn=8741fa4bb7cd732d193174aaa6906d4c) + - [ ] [科技部:科技体制迎来重大变革!将赋予科学家更大技术路线决定权、经费支配权和资源调度权](https://mp.weixin.qq.com/s?__biz=Mzg4MDU0NTQ4Mw==&mid=2247528558&idx=1&sn=b3c0525a2c26829c266c59189b5cb80d) + - [ ] [焦点 | 为应对车辆网络风险,车联网安全新国标将于2025年4月1日起实施](https://mp.weixin.qq.com/s?__biz=Mzg4MDU0NTQ4Mw==&mid=2247528558&idx=2&sn=c261577265abf34f283f3a072d7e8c30) + - [ ] [开发Tips|用JS判断并采集webpack路由](https://mp.weixin.qq.com/s?__biz=MzIzNDU5Mzk2OQ==&mid=2247486354&idx=1&sn=8977447058f845375a7ecf6bd858e8f2) + - [ ] [【web靶场】之upload-labs专项训练(基于BUUCTF平台)](https://mp.weixin.qq.com/s?__biz=MzAxNTg1MDYxNA==&mid=2247488087&idx=1&sn=3f4f3a7e578bc86cf83395782f006b6e) + - [ ] [传输速率和带宽介绍](https://mp.weixin.qq.com/s?__biz=Mzg3NTUzOTg3NA==&mid=2247514946&idx=1&sn=ca0755f2190ba765dc7cb8b15f37258a) + - [ ] [利用 Coze(扣子)打造微信公众号MD5解密工具](https://mp.weixin.qq.com/s?__biz=Mzg3MTE0NTg4OQ==&mid=2247484129&idx=1&sn=d7256d4765b83eaab55bf028680cc65e) + - [ ] [交换机背板带宽、交换容量与包转发率到底是啥?](https://mp.weixin.qq.com/s?__biz=MzUyNTExOTY1Nw==&mid=2247527815&idx=1&sn=bc9179f78ebb563fe9e3bc8f9329d802) + - [ ] [【吃瓜】要不是真的没绷住,没周末还发吃瓜啊?](https://mp.weixin.qq.com/s?__biz=MzU3MjU4MjM3MQ==&mid=2247489545&idx=1&sn=47aa25dcfe2bfe62d27bf19209914f1d) + - [ ] [哥斯拉Godzilla](https://mp.weixin.qq.com/s?__biz=MzkwNDg4MTg5MQ==&mid=2247483814&idx=1&sn=2e64891b89d7016a24ed852389c96dcc) + - [ ] [新型攻击 CSPT2CSR-利用客户端路径遍历实现 CSRF 攻击](https://mp.weixin.qq.com/s?__biz=MzkwODI1ODgzOA==&mid=2247506468&idx=1&sn=57c909dcd40beda22cb475698eb15791) + - [ ] [对不起兄弟,这太搞笑了,我还以为多吊呢](https://mp.weixin.qq.com/s?__biz=MzkxMTUwOTY1MA==&mid=2247489953&idx=1&sn=74f06278ff67fa66bf183f9636075354) + - [ ] [【2025-01-11】每日安全资讯](https://mp.weixin.qq.com/s?__biz=MzIzNDU5NTI4OQ==&mid=2247488273&idx=1&sn=5ea90e3b65326e9f7869f6e800b2ca9e) + - [ ] [美国位置数据泄露第三季](https://mp.weixin.qq.com/s?__biz=MzkzNDIzNDUxOQ==&mid=2247494161&idx=1&sn=d61fecfaafcdf6eda88e6e06c5f7b80d) + - [ ] [狩猎网络罪犯读书笔记1](https://mp.weixin.qq.com/s?__biz=MzkzNDIzNDUxOQ==&mid=2247494161&idx=2&sn=b46158940c7fe32183842671c3f549e8) + - [ ] [为什么说震网是改变战争形态的里程碑?内情令人胆寒](https://mp.weixin.qq.com/s?__biz=MzI5MjY4MTMyMQ==&mid=2247489576&idx=1&sn=618cdfd9a4f8ab5cbab648eeae5b9079) + - [ ] [TestNet资产管理系统](https://mp.weixin.qq.com/s?__biz=Mzk1NzIzOTc5MQ==&mid=2247484053&idx=1&sn=9c3e53535e4f024cf173b956cdb5405c) + - [ ] [ISO 45001: 2018 标准详解与实施(6)5.2 职业健康安全方针](https://mp.weixin.qq.com/s?__biz=MzA5OTEyNzc1Nw==&mid=2247485907&idx=1&sn=4ec38baeea4c73ba0e7c361f48f95c65) + - [ ] [ISO 14001: 2015 标准详解与实施(6)5.2 环境方针](https://mp.weixin.qq.com/s?__biz=MzA5OTEyNzc1Nw==&mid=2247485907&idx=2&sn=01eed680f2d0e787b6f0312c6a08cdad) + - [ ] [中国网络空间安全协会人工智能安全治理专委会工作年会在京召开](https://mp.weixin.qq.com/s?__biz=MzA3ODE0NDA4MA==&mid=2649401237&idx=1&sn=df00863fc872c7f6d3cc548bc8eb730f) + - [ ] [中国软件评测中心2024年干部述职述廉考核 工作总结表彰大会暨2025年工作计划会圆满召开](https://mp.weixin.qq.com/s?__biz=MjM5NzYwNDU0Mg==&mid=2649249349&idx=1&sn=5ce3e4372ef3f4c1f5df64146ba51e2c) + - [ ] [工业和信息化部多项调研报告获评中央和国家机关“关键小事”优秀调研成果](https://mp.weixin.qq.com/s?__biz=MjM5NzYwNDU0Mg==&mid=2649249349&idx=2&sn=6fcd5f820bab0fb3c9659c2250eac6a3) + - [ ] [电子科大、成都信息工程大学因串通投标被军队暂停采购资格……](https://mp.weixin.qq.com/s?__biz=MzUzNjkxODE5MA==&mid=2247488019&idx=1&sn=c5c14590da29f654d004e4ab4d305c1d) + - [ ] [网络安全团队里的“中坚力量”,你是吗?](https://mp.weixin.qq.com/s?__biz=MzUzNjkxODE5MA==&mid=2247488017&idx=1&sn=f15565cbb18bc234379fb50d266fcf33) + - [ ] [「漏洞复现」瑞友天翼应用虚拟化系统 GetPwdPolicy SQL注入漏洞](https://mp.weixin.qq.com/s?__biz=MzkyNDY3MTY3MA==&mid=2247486728&idx=1&sn=a2987c4ca400a3a3686e1c8ebff60b66) + - [ ] [锦鲤揭秘时刻!快来看看锦鲤礼包花落谁家吧~](https://mp.weixin.qq.com/s?__biz=MzkyNzIwMzY4OQ==&mid=2247489533&idx=1&sn=f4c093ed6016e977e9eb01ba7d80d4a6) + - [ ] [【已复现】Ivanti Connect Secure 堆栈溢出致远程代码执行漏洞(CVE-2025-0282)](https://mp.weixin.qq.com/s?__biz=MzIwMDk1MjMyMg==&mid=2247492691&idx=1&sn=e1d64db4b8957907e6417a61d2c40fa4) + - [ ] [区块链 智能合约安全 重入漏洞](https://mp.weixin.qq.com/s?__biz=MzUyODkwNDIyMg==&mid=2247546608&idx=1&sn=b4f5a8e22730b23ce5aafde8d28133c7) + - [ ] [记一次利用堡垒机内部邮件钓鱼突破外网](https://mp.weixin.qq.com/s?__biz=MzUyODkwNDIyMg==&mid=2247546608&idx=2&sn=fa2f54df172222e03c35ea3caf1c0049) + - [ ] [3分钟搞懂网络安全中的等保测评与密评](https://mp.weixin.qq.com/s?__biz=MzI5MTIwOTQ5MA==&mid=2247487550&idx=1&sn=e69ab6059767dbbf0aac795e8df1be31) + - [ ] [【资料】创建开源情报机构的理由](https://mp.weixin.qq.com/s?__biz=MzI2MTE0NTE3Mw==&mid=2651148500&idx=1&sn=6cb5b45ccad95f39148ef2240c25d8f8) + - [ ] [AI 监工软件盯梢员工太疯狂:5 秒截屏,打字慢、上网久都拿“红牌”!网友狂喷,但巨头争相使用](https://mp.weixin.qq.com/s?__biz=MzIyMDEzMTA2MQ==&mid=2651168298&idx=1&sn=3c5b0ded6cad54b292862f58f5369831) + - [ ] [度盘下载加速工具推荐:ODE多功能助手](https://mp.weixin.qq.com/s?__biz=Mzk1NzI5MTc0Nw==&mid=2247484517&idx=1&sn=2bd3b00e674a0d1be43b66ac5724db1e) + - [ ] [专刊抽奖中奖名单](https://mp.weixin.qq.com/s?__biz=MzAwMTMzMDUwNg==&mid=2650889518&idx=1&sn=ba617630ef1fac5cd159e0c01ae1fd53) + - [ ] [“冒充领导”类诈骗,卷土重来;|超4000个Web后门通过注册过期域名被劫持](https://mp.weixin.qq.com/s?__biz=MzAxMjE3ODU3MQ==&mid=2650606471&idx=1&sn=120c2e88e30369b733fa97f03501efa5) + - [ ] [Outlaw挖矿僵尸网络近期活动分析](https://mp.weixin.qq.com/s?__biz=MzkxNjU2NjY5MQ==&mid=2247509606&idx=1&sn=50a3a3d1504439cffe889651d80783f9) + - [ ] [2025年网络安全的关键预测](https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651311810&idx=1&sn=0949ff64635d18a43417f0b5f69206dc) + - [ ] [2024年网络空间安全漏洞态势分析研究报告](https://mp.weixin.qq.com/s?__biz=MjM5OTk4MDE2MA==&mid=2655263668&idx=1&sn=ac8c38d0522ed2d4c979644a09ff179d) + - [ ] [PHP_webshell免杀01-变量绕过](https://mp.weixin.qq.com/s?__biz=Mzk0ODY1NzEwMA==&mid=2247485722&idx=1&sn=a2c7c523ae398f2abeb6964e913d5fe1) + - [ ] [技战法免费领取](https://mp.weixin.qq.com/s?__biz=MzU4OTg4Nzc4MQ==&mid=2247505461&idx=1&sn=31702cac17f1ecb8039b4f709027dbba) + - [ ] [赛欧思一周资讯分类汇总(2025-01-06 ~ 2025-01-11)](https://mp.weixin.qq.com/s?__biz=MzU0MjE2Mjk3Ng==&mid=2247488390&idx=1&sn=28a42a161f0dd7b4c89a8ec66f2b3688) + - [ ] [网络安全资讯周报](https://mp.weixin.qq.com/s?__biz=MzkwNjQxOTk1Mg==&mid=2247486048&idx=1&sn=4b9c18e6c9bcd1ed7b24cb583ee574af) + - [ ] [乌克兰黑客杀疯了:斯洛伐克土地登记处遭遇该国历史上最大规模网络攻击](https://mp.weixin.qq.com/s?__biz=MzI2NzAwOTg4NQ==&mid=2649793817&idx=1&sn=31d98bca3e3dddf22ab92e0463ca9e8b) + - [ ] [RedDelta 黑客组织在最新的活动中部署 PlugX 恶意软件](https://mp.weixin.qq.com/s?__biz=MzI2NzAwOTg4NQ==&mid=2649793817&idx=2&sn=e2891ae57a7c8de111ae54c7ce929e6e) + - [ ] [Google Project Zero 研究人员发现针对三星设备的零点击漏洞](https://mp.weixin.qq.com/s?__biz=MzI2NzAwOTg4NQ==&mid=2649793817&idx=3&sn=76e96780b09c070feb5068ffc86b1d38) + - [ ] [安全、运维、网工必备神器——堡垒机,你竟然还不知道?](https://mp.weixin.qq.com/s?__biz=MzIwMzIyMjYzNA==&mid=2247517703&idx=1&sn=50348211d1074a0deed597c3d360d687) + - [ ] [Secator - 渗透测试人员的瑞士军刀](https://mp.weixin.qq.com/s?__biz=Mzk0Mzc1MTI2Nw==&mid=2247486995&idx=1&sn=20ab12dd8d9081f2494ba15ed7357885) + - [ ] [新型Hellcat勒索病毒分析](https://mp.weixin.qq.com/s?__biz=MzA4ODEyODA3MQ==&mid=2247489905&idx=1&sn=d221af8624b76e73a62cffd81d4afb24) + - [ ] [印度发布重磅数据保护法规草案:最高罚款25亿卢比!](https://mp.weixin.qq.com/s?__biz=MzA4NTY4MjAyMQ==&mid=2447900021&idx=1&sn=fc88038644d5a0b0c105263ee4ab7338) + - [ ] [网站域名遭非法盗用篡改,郑州两家公司被行政处罚](https://mp.weixin.qq.com/s?__biz=MzI4NDY2MDMwMw==&mid=2247513467&idx=1&sn=3ea80990fd1c334a5bbf3e29305787b1) + - [ ] [暗网情报:涉国内网络赌博平台用户、泰国矿产、西班牙电信](https://mp.weixin.qq.com/s?__biz=MzkyMjQ5ODk5OA==&mid=2247506720&idx=1&sn=650965b4297334d5e4a6234b8583f8a8) + - [ ] [不容错过!2025年十大顶级网络安全盛会](https://mp.weixin.qq.com/s?__biz=MzkyMjQ5ODk5OA==&mid=2247506720&idx=2&sn=88b06af4662ae0dfcbde4ca62eb88931) + - [ ] [5th域安全微讯早报【20250111】010期](https://mp.weixin.qq.com/s?__biz=MzkyMjQ5ODk5OA==&mid=2247506720&idx=3&sn=af839aa95e78efb7be5e2e06e6b8b2ee) + - [ ] [星禾团队 | 网络安全征程中的温暖与成长](https://mp.weixin.qq.com/s?__biz=MzkyNzY1NzEwMQ==&mid=2247484514&idx=1&sn=04484173f93ff63f798fb1b2a3ed2317) + - [ ] [防务简报丨美国完成B61-12核航弹的延寿计划](https://mp.weixin.qq.com/s?__biz=Mzg2NTYyODgyNg==&mid=2247504378&idx=1&sn=16f19e21d9a01dfc01822f9de3c62558) + - [ ] [大模型安全的漏洞](https://mp.weixin.qq.com/s?__biz=MzAwMjA5OTY5Ng==&mid=2247525574&idx=1&sn=71fbd1aa0ae586008514d626ad81cd1e) + - [ ] [国产化综合红队协同工具TangGo](https://mp.weixin.qq.com/s?__biz=MzkyNzIxMjM3Mg==&mid=2247488858&idx=1&sn=5a77b79821ec4386d514cd9d4778e29b) + - [ ] [被释放前的幻想罢了](https://mp.weixin.qq.com/s?__biz=MzkyNzIxMjM3Mg==&mid=2247488858&idx=2&sn=0446c2906e8992ebc7000672d885bf69) + - [ ] [某电商平台如何在黑客攻击中快速恢复业务?](https://mp.weixin.qq.com/s?__biz=Mzg4NDc0Njk1MQ==&mid=2247487166&idx=1&sn=98a2f1aca47e19e7c549633c8a24edcd) + - [ ] [某初创公司如何用有限预算实现高效安全防护?](https://mp.weixin.qq.com/s?__biz=Mzg4NDc0Njk1MQ==&mid=2247487166&idx=2&sn=16007712fa9ae625a2f68f95f2233bf8) + - [ ] [【oscp】靶机-election](https://mp.weixin.qq.com/s?__biz=Mzg2Nzk0NjA4Mg==&mid=2247497830&idx=1&sn=aa42b57935b72725f2ee5ec3a9dcdc6d) + - [ ] [揭秘威胁情报:企业安全防线的智能守护者!(附下载)](https://mp.weixin.qq.com/s?__biz=MzkyODY5ODAyOA==&mid=2247489198&idx=1&sn=6317dda5d9369d93f16a15df246337f4) + - [ ] [原始数据的防护之基:业务数据化阶段的数据安全建设(第九章)](https://mp.weixin.qq.com/s?__biz=MzkwNTI3MjIyOQ==&mid=2247484108&idx=1&sn=855d8b552ad49246be156a25554fc794) + - [ ] [修电脑](https://mp.weixin.qq.com/s?__biz=MzAwMjQ2NTQ4Mg==&mid=2247496556&idx=1&sn=df372d4fcbabb1a9eb0061fd1481fab5) + - [ ] [寻找隐藏的 API 密钥以及如何使用它们](https://mp.weixin.qq.com/s?__biz=MzkwOTE5MDY5NA==&mid=2247504443&idx=1&sn=909a173e7711238591b789421da6f974) + - [ ] [寒假将至 | 网络安全温馨提醒](https://mp.weixin.qq.com/s?__biz=Mzg5OTg5OTI1NQ==&mid=2247489677&idx=1&sn=9321eb9dd76ad1030c9edc27a3356a64) + - [ ] [侧信道分析测评套件更新-全面支持智能密码钥匙采波分析](https://mp.weixin.qq.com/s?__biz=MzI2NTUyODMwNA==&mid=2247494096&idx=1&sn=80632feea28c999c821305a083fe4055) + - [ ] [关于渗透应急CISP-PTE/CISP-IRE考试重要通知](https://mp.weixin.qq.com/s?__biz=MzIxNTM4NDY2MQ==&mid=2247515671&idx=1&sn=d09813014ef21089c6b16471091ce062) + - [ ] [【神兵利器】红队内网横向之CheeseTools](https://mp.weixin.qq.com/s?__biz=Mzg4MTU4NTc2Nw==&mid=2247494862&idx=1&sn=a00294b52f53901205a725cbe45a81d1) + - [ ] [应急响应靶机训练-Linux1](https://mp.weixin.qq.com/s?__biz=Mzg4MTU4NTc2Nw==&mid=2247494862&idx=2&sn=3ed1520df9278988298a6d804288f6a5) + - [ ] [国家网信办《网络信息内容多渠道分发服务机构相关业务活动管理规定(草案稿)》公开征求意见](https://mp.weixin.qq.com/s?__biz=MzkxNTI2NTQxOA==&mid=2247495920&idx=1&sn=8b95351dff8c95d58566f186d8f3172b) + - [ ] [武汉农商行因“数据管理不到位”等被罚365万](https://mp.weixin.qq.com/s?__biz=MzkxNTI2NTQxOA==&mid=2247495920&idx=2&sn=a4260d13e2e990efb71c627cba215b85) + - [ ] [中国网络空间安全协会发布中文互联网基础语料2.0](https://mp.weixin.qq.com/s?__biz=MzkxNTI2NTQxOA==&mid=2247495920&idx=3&sn=cde62e74e2a71716fed6509658b7fe15) + - [ ] [北京发布数据流通交易领域3项地方标准](https://mp.weixin.qq.com/s?__biz=MzkxNTI2NTQxOA==&mid=2247495920&idx=4&sn=1ee8ba2104e4fae0185c8eb47c32c346) + - [ ] [海南发布《海南省商场超市消费领域个人信息保护合规指引》](https://mp.weixin.qq.com/s?__biz=MzkxNTI2NTQxOA==&mid=2247495920&idx=5&sn=0a9a9bd9c4dbe7e03820563d31e31fc8) + - [ ] [妲己陪你玩,来和妲己玩耍吧!!!](https://mp.weixin.qq.com/s?__biz=Mzk0NDQwMDY1Nw==&mid=2247485639&idx=1&sn=de89f7127fe3b8508d5d032492f2744a) + - [ ] [每周文章分享-194](https://mp.weixin.qq.com/s?__biz=MzI1MTQwMjYwNA==&mid=2247501360&idx=1&sn=4ca6b7627bd52fea89a2d983b898d091) + - [ ] [分享的图片、视频、链接](https://mp.weixin.qq.com/s?__biz=MzkzNTIwNDEwNA==&mid=2247488530&idx=1&sn=ba35cce9938c913e917f5066b51ab338) + - [ ] [【讨论】当网安圈子变得越来越封闭,是否更有利于行业发展?u200b](https://mp.weixin.qq.com/s?__biz=MzU3MjU4MjM3MQ==&mid=2247489532&idx=1&sn=1a00fdd1c1ea4e99f35cb9fdbe525ee2) + - [ ] [分享图片](https://mp.weixin.qq.com/s?__biz=MzI3Njc1MjcxMg==&mid=2247494210&idx=1&sn=7326c6248aa355f405a445d31f896229) + - [ ] [渗透测试 -- 域渗透](https://mp.weixin.qq.com/s?__biz=MzI4MDQ5MjY1Mg==&mid=2247515531&idx=2&sn=d83de3a9eab0093f6533c21c7138aa97) + - [ ] [合理化堆栈:安全供应商整合案例](https://mp.weixin.qq.com/s?__biz=MzA5MzU5MzQzMA==&mid=2652113901&idx=1&sn=e5b249271c7340b3bb1092713434466f) + - [ ] [网信部门严厉打击整治网络水军问题](https://mp.weixin.qq.com/s?__biz=MzA5MzU5MzQzMA==&mid=2652113901&idx=2&sn=ca83165ac442d1d6d45528cf7c479135) + - [ ] [安卓逆向2025 -- Frida学习之hook案例(三)](https://mp.weixin.qq.com/s?__biz=MzA4MzgzNTU5MA==&mid=2652037513&idx=1&sn=5524b6772bc0ebff5ff1608375d7c682) + - [ ] [PC逆向 -- 异常简介](https://mp.weixin.qq.com/s?__biz=MzA4MzgzNTU5MA==&mid=2652037513&idx=2&sn=6cf66c78ed6df9414d26315873a30df7) + - [ ] [日本最大电信公司 NTT Docomo 因 DDoS 攻击瘫痪 12 小时](https://mp.weixin.qq.com/s?__biz=Mzg3ODY0NTczMA==&mid=2247491963&idx=1&sn=3b846beb566a085f5f4a647c6d6cee7a) + - [ ] [常见的网站安全漏洞视频课程](https://mp.weixin.qq.com/s?__biz=MzU3NzY3MzYzMw==&mid=2247499125&idx=2&sn=ed1a771fa6447002aa2fcf070c71c910) + - [ ] [aistudio有两把刷子](https://mp.weixin.qq.com/s?__biz=MzUzMjQyMDE3Ng==&mid=2247487873&idx=1&sn=129a164676242eb9768fdbf20a4b4840) +- SecWiki News + - [ ] [SecWiki News 2025-01-11 Review](http://www.sec-wiki.com/?2025-01-11) +- Private Feed for M09Ic + - [ ] [spf13 starred trimmer-io/go-xmp](https://github.com/trimmer-io/go-xmp) + - [ ] [tennc starred linexjlin/GPTs](https://github.com/linexjlin/GPTs) + - [ ] [tennc starred PlexPt/awesome-chatgpt-prompts-zh](https://github.com/PlexPt/awesome-chatgpt-prompts-zh) + - [ ] [tennc starred f/awesome-chatgpt-prompts](https://github.com/f/awesome-chatgpt-prompts) + - [ ] [h3zh1 pushed to v0.0.4-patch in chainreactors/malefic](https://github.com/chainreactors/malefic/compare/9bf5e3ab84...3aea9cd265) + - [ ] [zema1 starred P1-Team/AlliN](https://github.com/P1-Team/AlliN) + - [ ] [safedv started following alfarom256](https://github.com/alfarom256) + - [ ] [safedv started following byt3bl33d3r](https://github.com/byt3bl33d3r) + - [ ] [safedv starred FujiwaraChoki/MoneyPrinterV2](https://github.com/FujiwaraChoki/MoneyPrinterV2) + - [ ] [zer0yu starred usagi-flow/evil-helix](https://github.com/usagi-flow/evil-helix) + - [ ] [zer0yu starred librasn/rasn](https://github.com/librasn/rasn) + - [ ] [zer0yu starred y21/tl](https://github.com/y21/tl) + - [ ] [HuYlllc pushed to v0.0.4dev in chainreactors/malice-network](https://github.com/chainreactors/malice-network/compare/3c4541da98...dd59b84145) + - [ ] [INotGreen released XiebroC2-v3.1.7 at INotGreen/XiebroC2](https://github.com/INotGreen/XiebroC2/releases/tag/XiebroC2-v3.1.7) + - [ ] [glzjin forked glzjin/MetasploitCoop_0x727 from 0x727/MetasploitCoop_0x727](https://github.com/glzjin/MetasploitCoop_0x727) + - [ ] [itsKayWat started following M09Ic](https://github.com/M09Ic) +- Recent Commits to cve:main + - [ ] [Update Sat Jan 11 20:16:57 UTC 2025](https://github.com/trickest/cve/commit/a529fd5d50c90c432baec70219470b5f625a25a0) + - [ ] [Update Sat Jan 11 12:19:24 UTC 2025](https://github.com/trickest/cve/commit/4ee809fb0c944239e63a757ad04299a07cefae04) + - [ ] [Update Sat Jan 11 04:10:25 UTC 2025](https://github.com/trickest/cve/commit/b1d77c9032f2c34f807b30264034a2a5ea416a0b) +- 一个被知识诅咒的人 + - [ ] [【人工智能】构建智能语音助手:使用Python实现语音识别与合成的全面指南](https://blog.csdn.net/nokiaguy/article/details/145075956) + - [ ] [【人工智能】用Python进行对象检测:从OpenCV到YOLO的全面指南](https://blog.csdn.net/nokiaguy/article/details/145075935) +- Bug Bounty in InfoSec Write-ups on Medium + - [ ] [Revisiting a Simple SQL Injection Methodology](https://infosecwriteups.com/revisiting-a-simple-sql-injection-methodology-ecd42634a21e?source=rss----7b722bfd1b8d--bug_bounty) +- Twitter @bytehx + - [ ] [RT Sina Yeganeh: Find hidden Endpoint : https://raw.githubusercontent.com/sinaayeganeh/Find-Hidden-Endpoint/refs/heads/main/js.txt #bugbounty #bugboun...](https://x.com/bytehx343/status/1878087922488090801) +- Malware-Traffic-Analysis.net - Blog Entries + - [ ] [2025-01-09: CVE-2017-0199 XLS --> HTA --> VBS --> steganography --> DBatLoader/GuiLoader style malware](https://www.malware-traffic-analysis.net/2025/01/09/index.html) +- Reverse Engineering + - [ ] [Reverse-engineering meets AI: My new benchmark asks you to deduce hidden byte transforms—thoughts?](https://www.reddit.com/r/ReverseEngineering/comments/1hyuf9w/reverseengineering_meets_ai_my_new_benchmark_asks/) +- HAHWUL + - [ ] [ZAP 2.16 Review ⚡️](https://www.hahwul.com/2025/01/11/zap-2-16-review/) +- 杨龙 + - [ ] [-2209017943](https://www.yanglong.pro/2209017943-2/) +- 黑海洋 - IT技术知识库 + - [ ] [Fluent Read:上下文语境的人工智能翻译引擎(浏览器插件)](https://blog.upx8.com/4651) +- 安全分析与研究 + - [ ] [新型Hellcat勒索病毒分析](https://mp.weixin.qq.com/s?__biz=MzA4ODEyODA3MQ==&mid=2247489905&idx=1&sn=d221af8624b76e73a62cffd81d4afb24&chksm=902fb659a7583f4f105f2bc9bb1490bdf8d2781611e9f73c12246ee56ca3b7525b5263d975bd&scene=58&subscene=0#rd) +- 奇客Solidot–传递最新科技情报 + - [ ] [物理学家发现新粒子分数激子](https://www.solidot.org/story?sid=80307) + - [ ] [YouTube 主播向 AI 公司出售未发布视频去训练 AI](https://www.solidot.org/story?sid=80306) + - [ ] [世界最强超算 El Capitan 正式启用](https://www.solidot.org/story?sid=80305) + - [ ] [StackOverflow 新问题数量大幅减少](https://www.solidot.org/story?sid=80304) + - [ ] [德国众多大学机构集体宣布退出 X](https://www.solidot.org/story?sid=80303) + - [ ] [Automattic 大幅缩减对 WordPress.org 的支持](https://www.solidot.org/story?sid=80302) + - [ ] [巴西给 Meta 72 小时时间解释其事实核查政策的变化](https://www.solidot.org/story?sid=80301) +- 威努特安全网络 + - [ ] [我国牵头的国际标准发布,联合国航空数据库遭入侵 | 一周特辑](https://mp.weixin.qq.com/s?__biz=MzAwNTgyODU3NQ==&mid=2651130318&idx=1&sn=322960576db32a5d4485b1c0dc16d542&chksm=80e7137eb7909a680deaa85714119cb89492b504024287b112b4cab04f1b3fdc24bbab99c3e0&scene=58&subscene=0#rd) +- 丁爸 情报分析师的工具箱 + - [ ] [【资料】创建开源情报机构的理由](https://mp.weixin.qq.com/s?__biz=MzI2MTE0NTE3Mw==&mid=2651148500&idx=1&sn=6cb5b45ccad95f39148ef2240c25d8f8&chksm=f1af27eec6d8aef85b73213a31ddbb5ff35a3ab0c56351b3885e6105b67a593a975858b141d8&scene=58&subscene=0#rd) +- 长亭安全应急响应中心 + - [ ] [【已复现】Ivanti Connect Secure 堆栈溢出致远程代码执行漏洞(CVE-2025-0282)](https://mp.weixin.qq.com/s?__biz=MzIwMDk1MjMyMg==&mid=2247492691&idx=1&sn=e1d64db4b8957907e6417a61d2c40fa4&chksm=96f7fb3ea1807228c78b8469fdfa3a9fad83374094781eb88c48ae6e598331b3bd87ae4c659c&scene=58&subscene=0#rd) +- 看雪学苑 + - [ ] [CTF自毁程序密码:逆向分析](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458588573&idx=1&sn=c40b84e0094dfcbca49818f166d4c1f8&chksm=b18c251786fbac0172b4c573bca3dbdc17e0efad3bf6e5dace210a9b96023fdf89feccf64ba1&scene=58&subscene=0#rd) + - [ ] [欢迎报名!新课《Frida源码情景分析》](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458588573&idx=2&sn=faff2f0fd2cdc5ddab970c5ab150d74c&chksm=b18c251786fbac01987d449630eb908309f812aa88b611c439eaa12acdb36a199b9e212512e3&scene=58&subscene=0#rd) +- 安全内参 + - [ ] [网站域名遭非法盗用篡改,郑州两家公司被行政处罚](https://mp.weixin.qq.com/s?__biz=MzI4NDY2MDMwMw==&mid=2247513467&idx=1&sn=3ea80990fd1c334a5bbf3e29305787b1&chksm=ebfaf25bdc8d7b4dad90dcea755636cf357c28f3dcec82aaf943cbeefa88a5b135fbdc372038&scene=58&subscene=0#rd) +- dotNet安全矩阵 + - [ ] [.NET 第54期红队武器库和资源汇总](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498152&idx=1&sn=e082b4077e255091892be37fff847a78&chksm=fa595745cd2ede53bf9b66ae351f313cf7bf5dd1650cf01cd2dab30f1a615a0813a8427e859a&scene=58&subscene=0#rd) + - [ ] [国内最专业、最全面的 [ .NET 代码审计 ] 体系化学习交流社区](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498152&idx=2&sn=68b7c98d93dba9cd5cb2feb37795f5c0&chksm=fa595745cd2ede5310d59456ace4b1b2d00ad3e60a2946ee0a394adc50759ab9b978584b956a&scene=58&subscene=0#rd) + - [ ] [无独有偶,通过.NET反序列化漏洞实现 Visual Studio 钓鱼攻击](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498152&idx=3&sn=a45de16edbca5168f73ea7ed4ffeca36&chksm=fa595745cd2ede53cd0f763edff055aeced78d85bdeea1f2be5fd2d80d72a65ed86e0df928f3&scene=58&subscene=0#rd) +- 安全圈 + - [ ] [【安全圈】江苏一男子利用小程序Bug逃匿28万加油费,法院判了](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067274&idx=1&sn=5bef640b5980a10e736f5e8b28bb6773&chksm=f36e798ac419f09cdbd5129a3bf75829108cf7f7a7de0b1d6ac854dbbb635e3a6b7d50a7bd0d&scene=58&subscene=0#rd) + - [ ] [【安全圈】涉案3.3亿!有人非法搭建支付平台获利超200万](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067274&idx=2&sn=792e4a8d18c9865be6e1131bf29116e9&chksm=f36e798ac419f09c4674ed1ba0a3d10573e7a3ba50adc72984e3afc698d37c2172cb8076dc0b&scene=58&subscene=0#rd) + - [ ] [【安全圈】Ivanti VPN 零日漏洞正在被黑客利用](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067274&idx=3&sn=8eb5cc6c0a00bef351ca6ec387133310&chksm=f36e798ac419f09cca9472d89e0009706062cc803d7b61065e39083441ba8c9e646c932b6efe&scene=58&subscene=0#rd) +- 网络空间安全科学学报 + - [ ] [学术前沿 | 鹏城实验室威胁情报团队:网络威胁情报共享与融合技术综述](https://mp.weixin.qq.com/s?__biz=MzI0NjU2NDMwNQ==&mid=2247504587&idx=1&sn=4eaf1ab6a4b15883ae9a77be4357a271&chksm=e9bfc675dec84f63b347462da5f7bce1abed74f36bf037a16432d25f075367ff3d1fd224cdf6&scene=58&subscene=0#rd) +- 网安杂谈 + - [ ] [专刊抽奖中奖名单](https://mp.weixin.qq.com/s?__biz=MzAwMTMzMDUwNg==&mid=2650889518&idx=1&sn=ba617630ef1fac5cd159e0c01ae1fd53&chksm=812ea10bb659281d60613b07fbcdcaebd1d770235c4af465c07bc94e0c538244fa08dc76c8d8&scene=58&subscene=0#rd) +- 极客公园 + - [ ] [特朗普上任前,Meta、微软等取消多元化项目;新 Model Y 上市,雷军隔空玩梗;京东 App 大改版 | 极客早知道](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653071834&idx=1&sn=9726e5881ed20e810b87b68ef06af200&chksm=7e57d46c49205d7a678f880e93b38ad8df5661f949d2dd27442559ef9f751a6af0d9bc2b6514&scene=58&subscene=0#rd) +- 吴鲁加 + - [ ] [我工作里使用的软件和工作流](https://mp.weixin.qq.com/s?__biz=Mzg5NDY4ODM1MA==&mid=2247485135&idx=1&sn=0510f35c72516e30adcd494474dd6df1&chksm=c01a8bfef76d02e8f7fb3e9696d8b0cee09ab8dee030fe992b916e71468791be793abbc80527&scene=58&subscene=0#rd) +- 希潭实验室 + - [ ] [第112篇:美国APT震网病毒入侵伊朗核工厂后续与启示(第4篇)](https://mp.weixin.qq.com/s?__biz=MzkzMjI1NjI3Ng==&mid=2247487306&idx=1&sn=00dc7cf337a613d22207cecd7674ec88&chksm=c25fc031f5284927d968a7121718ccfa82db72798405bf0100bd1d248c3cb88d1360e288e491&scene=58&subscene=0#rd) +- OnionSec + - [ ] [短文:对现实里网络安全领域的新认识](https://mp.weixin.qq.com/s?__biz=MzUyMTUwMzI3Ng==&mid=2247485562&idx=1&sn=8b6790ca85055bf567130a044261ebda&chksm=f9db5f39ceacd62f1d9d93c36893e92be17a408acced658927b37d165077e523234bfe823d95&scene=58&subscene=0#rd) +- 山石网科安全技术研究院 + - [ ] [2024年度重大数据泄露事件盘点-国外版](https://mp.weixin.qq.com/s?__biz=MzUzMDUxNTE1Mw==&mid=2247509629&idx=1&sn=29247d0381639fa3501942c67c219470&chksm=fa5273c3cd25fad5d99967bf051e1337733f3c3082433d432cf1da5a2100a7b651661c585277&scene=58&subscene=0#rd) +- Over Security - Cybersecurity news aggregator + - [ ] [Scammers file first — Get your IRS Identity Protection PIN now](https://www.bleepingcomputer.com/news/security/scammers-file-first-get-your-irs-identity-protection-pin-now/) + - [ ] [Fake LDAPNightmware exploit on GitHub spreads infostealer malware](https://www.bleepingcomputer.com/news/security/fake-ldapnightmware-exploit-on-github-spreads-infostealer-malware/) +- ICT Security Magazine + - [ ] [Living-off-the-Land Binaries (LOLBins) negli attacchi fileless: Analisi Tecnica e Implicazioni per la Sicurezza](https://www.ictsecuritymagazine.com/articoli/living-off-the-land-binaries-lolbins/) +- 迪哥讲事 + - [ ] [从 SQL 注入到远程代码执行](https://mp.weixin.qq.com/s?__biz=MzIzMTIzNTM0MA==&mid=2247496813&idx=1&sn=eab6d19d242d637c1797d76ec3ae43fa&chksm=e8a5fe0edfd277188a3ce54336fe9ddf992716daadef1e899d9d6e4de34f5c25335a2222782c&scene=58&subscene=0#rd) +- GobySec + - [ ] [锦鲤揭秘时刻!快来看看锦鲤礼包花落谁家吧~](https://mp.weixin.qq.com/s?__biz=MzI4MzcwNTAzOQ==&mid=2247545717&idx=1&sn=309283dd2ed10d791e052cf798b5e174&chksm=eb84d8d5dcf351c3ade60c164cef5dcf834d3e5db4c15add66752b789281fb770f82226b0664&scene=58&subscene=0#rd) +- TorrentFreak + - [ ] [Tonga! Tonga! Tonga! Online Piracy’s Unusual Attraction to ccTLD .to](https://torrentfreak.com/tonga-tonga-tonga-online-piracys-unusual-attraction-to-cctld-to-250111/) +- 银针安全 + - [ ] [高版本Fastjson在Java原生反序列化中的利用](https://mp.weixin.qq.com/s?__biz=Mzg2MDY2ODc5MA==&mid=2247484185&idx=1&sn=9068c43597d87c94568fe70974fd6365&chksm=ce239500f9541c160287b545120d6495c7a2aa9c5c75e0ad101c7a3d3600e86ea6b64ef75f63&scene=58&subscene=0#rd) +- Technical Information Security Content & Discussion + - [ ] [$2m laundered: the YouTube crypto tutorials’ huge scam (investigation)](https://www.reddit.com/r/netsec/comments/1hz54x4/2m_laundered_the_youtube_crypto_tutorials_huge/) + - [ ] [Gayfemboy: A Botnet Deliver Through a Four-Faith Industrial Router 0-day Exploit.](https://www.reddit.com/r/netsec/comments/1hyjjpb/gayfemboy_a_botnet_deliver_through_a_fourfaith/) +- Your Open Hacker Community + - [ ] [Getting infinite lives in Prehistorik on Windows 11](https://www.reddit.com/r/HowToHack/comments/1hz6pee/getting_infinite_lives_in_prehistorik_on_windows/) + - [ ] [How to convert a password protected zip file into a RAR file?](https://www.reddit.com/r/HowToHack/comments/1hz3bgu/how_to_convert_a_password_protected_zip_file_into/) + - [ ] [recovering google account](https://www.reddit.com/r/HowToHack/comments/1hyx8qq/recovering_google_account/) + - [ ] [Has anyone tried hijacking school Apple TVs for a prank?](https://www.reddit.com/r/HowToHack/comments/1hz3nxz/has_anyone_tried_hijacking_school_apple_tvs_for_a/) + - [ ] [Help](https://www.reddit.com/r/HowToHack/comments/1hyzqf5/help/) + - [ ] [Can anyone help me with a teleg private group(pls dm me)](https://www.reddit.com/r/HowToHack/comments/1hyzpji/can_anyone_help_me_with_a_teleg_private_grouppls/) + - [ ] [I need to find someone's IP address or something](https://www.reddit.com/r/HowToHack/comments/1hyzxt3/i_need_to_find_someones_ip_address_or_something/) +- Security Affairs + - [ ] [DoJ charged three Russian citizens with operating crypto-mixing services](https://securityaffairs.com/172957/cyber-crime/doj-charged-russian-citizens-with-operating-crypto-mixing-services.html) + - [ ] [U.S. cannabis dispensary STIIIZY disclosed a data breach](https://securityaffairs.com/172950/data-breach/marijuana-dispensary-stiiizy-data-breach.html) + - [ ] [A novel PayPal phishing campaign hijacks accounts](https://securityaffairs.com/172935/cyber-crime/paypal-phishing-campaign-hijacks-accounts.html) +- Social Engineering + - [ ] [The hidden psychology of abusers](https://www.reddit.com/r/SocialEngineering/comments/1hyxk74/the_hidden_psychology_of_abusers/) +- The Hacker News + - [ ] [Microsoft Sues Hacking Group Exploiting Azure AI for Harmful Content Creation](https://thehackernews.com/2025/01/microsoft-sues-hacking-group-exploiting.html) + - [ ] [DoJ Indicts Three Russians for Operating Crypto Mixers Used in Cybercrime Laundering](https://thehackernews.com/2025/01/doj-indicts-three-russians-for.html) +- Computer Forensics + - [ ] [How do you read a $MFT? (First Computer Forensics class)](https://www.reddit.com/r/computerforensics/comments/1hyvbdc/how_do_you_read_a_mft_first_computer_forensics/) +- Information Security + - [ ] [Open Source Shadow IT Detection](https://www.reddit.com/r/Information_Security/comments/1hyoren/open_source_shadow_it_detection/) +- Deep Web + - [ ] [Would you like this reward?](https://www.reddit.com/r/deepweb/comments/1hz9bjv/would_you_like_this_reward/) +- Blackhat Library: Hacking techniques and research + - [ ] [Telefonica Breach: Infostealer Malware Opens Door for Social Engineering Tactics](https://www.reddit.com/r/blackhat/comments/1hysvc3/telefonica_breach_infostealer_malware_opens_door/) diff --git a/archive/tmp/2025-01-12.json b/archive/tmp/2025-01-12.json new file mode 100644 index 0000000000..d731c29a42 --- /dev/null +++ b/archive/tmp/2025-01-12.json @@ -0,0 +1,317 @@ +{ + "Security Boulevard": { + "Advancements in Machine Identity Protections": "https://securityboulevard.com/2025/01/advancements-in-machine-identity-protections/", + "From Chaos to Control: Building Your Company’s Access Management Foundation": "https://securityboulevard.com/2025/01/from-chaos-to-control-building-your-companys-access-management-foundation/", + "DEF CON 32 – Porn & Privacy – ET": "https://securityboulevard.com/2025/01/def-con-32-porn-privacy-et/" + }, + "Doonsec's feed": { + "一种新的安卓恶意软件伪装成 Telegram 的高级版本": "https://mp.weixin.qq.com/s?__biz=MzkxNDM4OTM3OQ==&mid=2247505688&idx=1&sn=51fc10c9de18920df368d2f73f9869b5", + "Chrome 扩展程序利用关键字操纵漏洞": "https://mp.weixin.qq.com/s?__biz=MzkxNDM4OTM3OQ==&mid=2247505688&idx=2&sn=477172aee3cdadaaf70998c3cea3b917", + "Proton 称大规模停电是由基础设施超载造成的": "https://mp.weixin.qq.com/s?__biz=MzkxNDM4OTM3OQ==&mid=2247505688&idx=3&sn=6cc097c5896476f06ddf9fcaeaafcccb", + "蒋昌建&沈逸东方夜话 | 网络安全审查:隔离墙?安全阀!": "https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485395&idx=1&sn=16953adf52d1c675c4f5c4001dfdba21", + "原创文章目录": "https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485395&idx=6&sn=64fdadc2be07e6e80090a862faa9369e", + "黑客攻击21个省市社保、医疗系统,“爬取”公民信息获利500余万": "https://mp.weixin.qq.com/s?__biz=MzkxMjYxODcyNA==&mid=2247485436&idx=1&sn=a0980e4928229561330fac1109576927", + "小白必看之漏洞区分": "https://mp.weixin.qq.com/s?__biz=Mzk1NzQwNjQ4Ng==&mid=2247484134&idx=1&sn=723a6d60f099a461d07ed5d08217cc40", + "今日ootd": "https://mp.weixin.qq.com/s?__biz=MzI1Mjc3NTUwMQ==&mid=2247538427&idx=1&sn=54f7435160b21f5bcb326d08a651ef51", + "Android手机微信怎么找回删除的好友?其实很简单只需要简单几步就可以搞定": "https://mp.weixin.qq.com/s?__biz=MzI2OTk4MTA3Ng==&mid=2247496703&idx=1&sn=79bf4b6fe407e5271f65f5f94917dd00", + "FOFA搜索引擎语法---信息收集篇": "https://mp.weixin.qq.com/s?__biz=MzkxNjg3NTQ4NA==&mid=2247485322&idx=1&sn=30ebbff69ae793676247af3791e49cd9", + "‘黑掉’NASA:SSRF、子域接管以及XSS": "https://mp.weixin.qq.com/s?__biz=Mzg2ODYxMzY3OQ==&mid=2247518163&idx=1&sn=45bb532ff4bec0fd51a5a77eab8d2359", + "PotatoTool一款功能强大的网络安全综合工具支持免杀、自定义内存马、提权、扫描、一键解密、AI分析、溯源等等": "https://mp.weixin.qq.com/s?__biz=MzkzMDg1MzIwNA==&mid=2247486334&idx=1&sn=f538d24db455aad0f34937d750facd60", + "小程序抓包教程(全网最简单教程)": "https://mp.weixin.qq.com/s?__biz=Mzk0MzQxODc3NA==&mid=2247484313&idx=1&sn=5e4aa0124d1589ce722dda5c18861f9f", + "手机上的后门|防不胜防的RAT攻击": "https://mp.weixin.qq.com/s?__biz=Mzg3OTUxNTU2NQ==&mid=2247489945&idx=3&sn=05f2df570592ec160dc273c008c6b48b", + "Dirsearch | 目录枚举神器 你真的会用吗?": "https://mp.weixin.qq.com/s?__biz=MzkzMzg3MzMyOA==&mid=2247485921&idx=1&sn=55199c6c42e12ae12c6933d3c57895bb", + "为何企业需实施信息安全等级保护?": "https://mp.weixin.qq.com/s?__biz=MzU5MTIxNzg0Ng==&mid=2247488131&idx=1&sn=b0942d524e678ad4cb0e6bff4f646f31", + "中安协数字安全专业委员会第一届第二次会议在京举行": "https://mp.weixin.qq.com/s?__biz=MjM5NTY4NTM1OQ==&mid=2650683479&idx=1&sn=9f35a5a195aa37a6f05fc85b20315c6d", + "你们这些黑客到底用不用python啊?": "https://mp.weixin.qq.com/s?__biz=MzkyOTQzNjIwNw==&mid=2247491345&idx=1&sn=58551e8465f73714ac7176fb6fbee68e", + "【漏洞工具】某路由器任意文件读取漏洞Goby低级模式利用工具": "https://mp.weixin.qq.com/s?__biz=Mzg5NTU2NjA1Mw==&mid=2247495975&idx=1&sn=b05958a60bbf5bbaa0abccc2f249abb9", + "信息收集平台的使用方法": "https://mp.weixin.qq.com/s?__biz=MzI0NjE1NDYyOA==&mid=2247484781&idx=1&sn=45b2722155dfaf5f077435685336f3aa", + "接私活神器!ThingsKit 国产开源 IoT 物联网平台+边缘网关,轻松交付可视化大屏": "https://mp.weixin.qq.com/s?__biz=MjM5OTA4MzA0MA==&mid=2454936559&idx=1&sn=18c770486e56d8200c441ace43890bc8", + "IT知识百科:公钥和私钥是什么?有啥区别?一篇文章全搞懂!": "https://mp.weixin.qq.com/s?__biz=MzIyMzIwNzAxMQ==&mid=2649464441&idx=1&sn=a7a893c6b4db5dc6f80b48af3b3b308b", + "在看 | 周报:中国铁路12306网站出现网络故障;Kimi崩上热搜;美国超千万中小学生个人数据疑似泄露": "https://mp.weixin.qq.com/s?__biz=MzU5ODgzNTExOQ==&mid=2247634455&idx=1&sn=3e9529a11f81c8fe2b01f3d030fa0af0", + "在看 | 厂商:本周热门网络安全产业动态": "https://mp.weixin.qq.com/s?__biz=MzU5ODgzNTExOQ==&mid=2247634455&idx=2&sn=41247f17b16e02cc9ae636b8ee9dc7b3", + "带你解锁编码新世界!--随波逐流CTF编码工具使用教程33 --JJEncode密码": "https://mp.weixin.qq.com/s?__biz=MzU2NzIzNzU4Mg==&mid=2247489433&idx=1&sn=87cfa9aec661b04493ce3613c43f289a", + "【安全圈】江苏一男子利用小程序Bug逃匿28万加油费,法院判了": "https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067274&idx=1&sn=5bef640b5980a10e736f5e8b28bb6773", + "【安全圈】涉案3.3亿!有人非法搭建支付平台获利超200万": "https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067274&idx=2&sn=792e4a8d18c9865be6e1131bf29116e9", + "【安全圈】Ivanti VPN 零日漏洞正在被黑客利用": "https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067274&idx=3&sn=8eb5cc6c0a00bef351ca6ec387133310", + "浏览器如何阻止进程注入的 RWX 执行": "https://mp.weixin.qq.com/s?__biz=MzAxODM5ODQzNQ==&mid=2247486268&idx=1&sn=052b0ec1bfa44b1828fc15b689b694ce", + "学术前沿 | 鹏城实验室威胁情报团队:网络威胁情报共享与融合技术综述": "https://mp.weixin.qq.com/s?__biz=MzI0NjU2NDMwNQ==&mid=2247504587&idx=1&sn=4eaf1ab6a4b15883ae9a77be4357a271", + "机票诈骗路线简图分析(原创)": "https://mp.weixin.qq.com/s?__biz=MzA5MTYyMDQ0OQ==&mid=2247493500&idx=1&sn=5a162845740d94d3905f334b97524029", + "机票诈骗路线分析简图": "https://mp.weixin.qq.com/s?__biz=MzA5MTYyMDQ0OQ==&mid=2247493494&idx=1&sn=befb46f4cf55c317d53c5c8bcfc9dcb6", + "新一代Github投毒|针对网络安全人员钓鱼": "https://mp.weixin.qq.com/s?__biz=MzkyMzI3OTY4Mg==&mid=2247486844&idx=1&sn=184e1f0c5c593d95b0b5414c05c9e171", + "疑黑客出售国内某IT企业服务器访问权限,456GB数据遭泄露": "https://mp.weixin.qq.com/s?__biz=MzkyMjQ5ODk5OA==&mid=2247506729&idx=1&sn=99faf6c867705475671630c95a81b63a", + "fsacn工具及二开": "https://mp.weixin.qq.com/s?__biz=Mzk0Mjg4MTQxMw==&mid=2247485498&idx=1&sn=af916ec09177e84bf30acb1afcbed6d4", + "护网行动——筑牢网络防线的关键战役": "https://mp.weixin.qq.com/s?__biz=MzkxODc5OTg5MQ==&mid=2247484228&idx=1&sn=78f7850c6323e7fd2e092f810c2c5006", + "嵌入式软件OTA升级,有哪几种FLASH划分方式?": "https://mp.weixin.qq.com/s?__biz=MzIzOTc2OTAxMg==&mid=2247548769&idx=1&sn=32ba30356cabef720cf10639cb786fc6", + "有趣的linux文件系统": "https://mp.weixin.qq.com/s?__biz=MzIzOTc2OTAxMg==&mid=2247548769&idx=2&sn=a0d02cbb173ca18db47b1fec30deb2ff", + "时代的痕迹": "https://mp.weixin.qq.com/s?__biz=MzIwODc2NjgxNA==&mid=2247484965&idx=1&sn=6e1b33697f9299571f6559d8a66d1606", + "CTF自毁程序密码:逆向分析": "https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458588573&idx=1&sn=c40b84e0094dfcbca49818f166d4c1f8", + "欢迎报名!新课《Frida源码情景分析》": "https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458588573&idx=2&sn=faff2f0fd2cdc5ddab970c5ab150d74c", + "扫码下载 | 信息技术应用创新 信息系统适配改造成本度量": "https://mp.weixin.qq.com/s?__biz=MjM5OTk4MDE2MA==&mid=2655263684&idx=1&sn=376629b883698a615a6e3025f05f926b", + "国家网信办就《网络信息内容多渠道分发服务机构相关业务活动管理规定(草案稿)》公开征求意见": "https://mp.weixin.qq.com/s?__biz=MjM5MzMwMDU5NQ==&mid=2649170115&idx=1&sn=1b3539813ba293f5cb2035f9db5f03d9", + "中文互联网语料资源平台发布": "https://mp.weixin.qq.com/s?__biz=MjM5MzMwMDU5NQ==&mid=2649170115&idx=2&sn=970cf26d470dc1bf1f3c07a281c1f8b8", + "短文:对现实里网络安全领域的新认识": "https://mp.weixin.qq.com/s?__biz=MzUyMTUwMzI3Ng==&mid=2247485562&idx=1&sn=8b6790ca85055bf567130a044261ebda", + "[论文翻译]多步骤越狱隐私攻击对ChatGPT的影响": "https://mp.weixin.qq.com/s?__biz=Mzg4NDMyOTE3MQ==&mid=2247483707&idx=1&sn=a33f0657bbd604fcbcef3831065f344e", + "强烈建议尽快搞个软考证!(重大利好)": "https://mp.weixin.qq.com/s?__biz=MzkxMzIwNTY1OA==&mid=2247510688&idx=1&sn=91e1b11170faaac8b622422bacbbee1d", + "IDEA研究院:低空经济发展白皮书3.0-安全体系": "https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247619257&idx=1&sn=96e34669c425319bcf2492a6d8490989", + "低空经济启航,安全体系护航 低空经济网络安全体系化研究报告": "https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247619257&idx=2&sn=9a3a8d4176b9464783118adcb475a303", + "《车路云一体化系统 第7部分:信息安全要求和试验方法》(草案)": "https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247619257&idx=3&sn=6c3b2101700e191b3d5daa0e12edac8f", + "基于大模型(LLM)的黑盒RCE漏洞挖掘": "https://mp.weixin.qq.com/s?__biz=MzU0NDI5NTY4OQ==&mid=2247486253&idx=1&sn=62124571618afa3afa400518ed8a9638", + "因敏感数据泄露、未分类分级、个人信息未脱敏等行为违反《数据安全法》,2公司被处罚": "https://mp.weixin.qq.com/s?__biz=MzIxMDIwODM2MA==&mid=2653931395&idx=1&sn=e6190c89b218ac0c466a14c75e7a6b05", + "【吃瓜】安全圈里我们带专真的没有未来了么?": "https://mp.weixin.qq.com/s?__biz=Mzg4MTkwMTI5Mw==&mid=2247488580&idx=1&sn=fe3d7fd390432632c7f806abaad20c70", + "区块链和加密货币的基础知识": "https://mp.weixin.qq.com/s?__biz=Mzg4NzgyODEzNQ==&mid=2247488593&idx=1&sn=54713e09991db527898a10feed8de69a", + "阿里云WAF日志接入到线下GrayLog日志系统并实现一键联动CFW封锁攻击IP": "https://mp.weixin.qq.com/s?__biz=MzU2MjU1OTE0MA==&mid=2247499573&idx=1&sn=8741fa4bb7cd732d193174aaa6906d4c", + "科技部:科技体制迎来重大变革!将赋予科学家更大技术路线决定权、经费支配权和资源调度权": "https://mp.weixin.qq.com/s?__biz=Mzg4MDU0NTQ4Mw==&mid=2247528558&idx=1&sn=b3c0525a2c26829c266c59189b5cb80d", + "焦点 | 为应对车辆网络风险,车联网安全新国标将于2025年4月1日起实施": "https://mp.weixin.qq.com/s?__biz=Mzg4MDU0NTQ4Mw==&mid=2247528558&idx=2&sn=c261577265abf34f283f3a072d7e8c30", + "开发Tips|用JS判断并采集webpack路由": "https://mp.weixin.qq.com/s?__biz=MzIzNDU5Mzk2OQ==&mid=2247486354&idx=1&sn=8977447058f845375a7ecf6bd858e8f2", + "【web靶场】之upload-labs专项训练(基于BUUCTF平台)": "https://mp.weixin.qq.com/s?__biz=MzAxNTg1MDYxNA==&mid=2247488087&idx=1&sn=3f4f3a7e578bc86cf83395782f006b6e", + "传输速率和带宽介绍": "https://mp.weixin.qq.com/s?__biz=Mzg3NTUzOTg3NA==&mid=2247514946&idx=1&sn=ca0755f2190ba765dc7cb8b15f37258a", + "利用 Coze(扣子)打造微信公众号MD5解密工具": "https://mp.weixin.qq.com/s?__biz=Mzg3MTE0NTg4OQ==&mid=2247484129&idx=1&sn=d7256d4765b83eaab55bf028680cc65e", + "交换机背板带宽、交换容量与包转发率到底是啥?": "https://mp.weixin.qq.com/s?__biz=MzUyNTExOTY1Nw==&mid=2247527815&idx=1&sn=bc9179f78ebb563fe9e3bc8f9329d802", + "【吃瓜】要不是真的没绷住,没周末还发吃瓜啊?": "https://mp.weixin.qq.com/s?__biz=MzU3MjU4MjM3MQ==&mid=2247489545&idx=1&sn=47aa25dcfe2bfe62d27bf19209914f1d", + "哥斯拉Godzilla": "https://mp.weixin.qq.com/s?__biz=MzkwNDg4MTg5MQ==&mid=2247483814&idx=1&sn=2e64891b89d7016a24ed852389c96dcc", + "新型攻击 CSPT2CSR-利用客户端路径遍历实现 CSRF 攻击": "https://mp.weixin.qq.com/s?__biz=MzkwODI1ODgzOA==&mid=2247506468&idx=1&sn=57c909dcd40beda22cb475698eb15791", + "对不起兄弟,这太搞笑了,我还以为多吊呢": "https://mp.weixin.qq.com/s?__biz=MzkxMTUwOTY1MA==&mid=2247489953&idx=1&sn=74f06278ff67fa66bf183f9636075354", + "【2025-01-11】每日安全资讯": "https://mp.weixin.qq.com/s?__biz=MzIzNDU5NTI4OQ==&mid=2247488273&idx=1&sn=5ea90e3b65326e9f7869f6e800b2ca9e", + "美国位置数据泄露第三季": "https://mp.weixin.qq.com/s?__biz=MzkzNDIzNDUxOQ==&mid=2247494161&idx=1&sn=d61fecfaafcdf6eda88e6e06c5f7b80d", + "狩猎网络罪犯读书笔记1": "https://mp.weixin.qq.com/s?__biz=MzkzNDIzNDUxOQ==&mid=2247494161&idx=2&sn=b46158940c7fe32183842671c3f549e8", + "为什么说震网是改变战争形态的里程碑?内情令人胆寒": "https://mp.weixin.qq.com/s?__biz=MzI5MjY4MTMyMQ==&mid=2247489576&idx=1&sn=618cdfd9a4f8ab5cbab648eeae5b9079", + "TestNet资产管理系统": "https://mp.weixin.qq.com/s?__biz=Mzk1NzIzOTc5MQ==&mid=2247484053&idx=1&sn=9c3e53535e4f024cf173b956cdb5405c", + "ISO 45001: 2018 标准详解与实施(6)5.2 职业健康安全方针": "https://mp.weixin.qq.com/s?__biz=MzA5OTEyNzc1Nw==&mid=2247485907&idx=1&sn=4ec38baeea4c73ba0e7c361f48f95c65", + "ISO 14001: 2015 标准详解与实施(6)5.2 环境方针": "https://mp.weixin.qq.com/s?__biz=MzA5OTEyNzc1Nw==&mid=2247485907&idx=2&sn=01eed680f2d0e787b6f0312c6a08cdad", + "中国网络空间安全协会人工智能安全治理专委会工作年会在京召开": "https://mp.weixin.qq.com/s?__biz=MzA3ODE0NDA4MA==&mid=2649401237&idx=1&sn=df00863fc872c7f6d3cc548bc8eb730f", + "中国软件评测中心2024年干部述职述廉考核 工作总结表彰大会暨2025年工作计划会圆满召开": "https://mp.weixin.qq.com/s?__biz=MjM5NzYwNDU0Mg==&mid=2649249349&idx=1&sn=5ce3e4372ef3f4c1f5df64146ba51e2c", + "工业和信息化部多项调研报告获评中央和国家机关“关键小事”优秀调研成果": "https://mp.weixin.qq.com/s?__biz=MjM5NzYwNDU0Mg==&mid=2649249349&idx=2&sn=6fcd5f820bab0fb3c9659c2250eac6a3", + "电子科大、成都信息工程大学因串通投标被军队暂停采购资格……": "https://mp.weixin.qq.com/s?__biz=MzUzNjkxODE5MA==&mid=2247488019&idx=1&sn=c5c14590da29f654d004e4ab4d305c1d", + "网络安全团队里的“中坚力量”,你是吗?": "https://mp.weixin.qq.com/s?__biz=MzUzNjkxODE5MA==&mid=2247488017&idx=1&sn=f15565cbb18bc234379fb50d266fcf33", + "「漏洞复现」瑞友天翼应用虚拟化系统 GetPwdPolicy SQL注入漏洞": "https://mp.weixin.qq.com/s?__biz=MzkyNDY3MTY3MA==&mid=2247486728&idx=1&sn=a2987c4ca400a3a3686e1c8ebff60b66", + "锦鲤揭秘时刻!快来看看锦鲤礼包花落谁家吧~": "https://mp.weixin.qq.com/s?__biz=MzkyNzIwMzY4OQ==&mid=2247489533&idx=1&sn=f4c093ed6016e977e9eb01ba7d80d4a6", + "【已复现】Ivanti Connect Secure 堆栈溢出致远程代码执行漏洞(CVE-2025-0282)": "https://mp.weixin.qq.com/s?__biz=MzIwMDk1MjMyMg==&mid=2247492691&idx=1&sn=e1d64db4b8957907e6417a61d2c40fa4", + "区块链 智能合约安全 重入漏洞": "https://mp.weixin.qq.com/s?__biz=MzUyODkwNDIyMg==&mid=2247546608&idx=1&sn=b4f5a8e22730b23ce5aafde8d28133c7", + "记一次利用堡垒机内部邮件钓鱼突破外网": "https://mp.weixin.qq.com/s?__biz=MzUyODkwNDIyMg==&mid=2247546608&idx=2&sn=fa2f54df172222e03c35ea3caf1c0049", + "3分钟搞懂网络安全中的等保测评与密评": "https://mp.weixin.qq.com/s?__biz=MzI5MTIwOTQ5MA==&mid=2247487550&idx=1&sn=e69ab6059767dbbf0aac795e8df1be31", + "【资料】创建开源情报机构的理由": "https://mp.weixin.qq.com/s?__biz=MzI2MTE0NTE3Mw==&mid=2651148500&idx=1&sn=6cb5b45ccad95f39148ef2240c25d8f8", + "AI 监工软件盯梢员工太疯狂:5 秒截屏,打字慢、上网久都拿“红牌”!网友狂喷,但巨头争相使用": "https://mp.weixin.qq.com/s?__biz=MzIyMDEzMTA2MQ==&mid=2651168298&idx=1&sn=3c5b0ded6cad54b292862f58f5369831", + "度盘下载加速工具推荐:ODE多功能助手": "https://mp.weixin.qq.com/s?__biz=Mzk1NzI5MTc0Nw==&mid=2247484517&idx=1&sn=2bd3b00e674a0d1be43b66ac5724db1e", + "专刊抽奖中奖名单": "https://mp.weixin.qq.com/s?__biz=MzAwMTMzMDUwNg==&mid=2650889518&idx=1&sn=ba617630ef1fac5cd159e0c01ae1fd53", + "“冒充领导”类诈骗,卷土重来;|超4000个Web后门通过注册过期域名被劫持": "https://mp.weixin.qq.com/s?__biz=MzAxMjE3ODU3MQ==&mid=2650606471&idx=1&sn=120c2e88e30369b733fa97f03501efa5", + "Outlaw挖矿僵尸网络近期活动分析": "https://mp.weixin.qq.com/s?__biz=MzkxNjU2NjY5MQ==&mid=2247509606&idx=1&sn=50a3a3d1504439cffe889651d80783f9", + "2025年网络安全的关键预测": "https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651311810&idx=1&sn=0949ff64635d18a43417f0b5f69206dc", + "2024年网络空间安全漏洞态势分析研究报告": "https://mp.weixin.qq.com/s?__biz=MjM5OTk4MDE2MA==&mid=2655263668&idx=1&sn=ac8c38d0522ed2d4c979644a09ff179d", + "PHP_webshell免杀01-变量绕过": "https://mp.weixin.qq.com/s?__biz=Mzk0ODY1NzEwMA==&mid=2247485722&idx=1&sn=a2c7c523ae398f2abeb6964e913d5fe1", + "技战法免费领取": "https://mp.weixin.qq.com/s?__biz=MzU4OTg4Nzc4MQ==&mid=2247505461&idx=1&sn=31702cac17f1ecb8039b4f709027dbba", + "赛欧思一周资讯分类汇总(2025-01-06 ~ 2025-01-11)": "https://mp.weixin.qq.com/s?__biz=MzU0MjE2Mjk3Ng==&mid=2247488390&idx=1&sn=28a42a161f0dd7b4c89a8ec66f2b3688", + "网络安全资讯周报": "https://mp.weixin.qq.com/s?__biz=MzkwNjQxOTk1Mg==&mid=2247486048&idx=1&sn=4b9c18e6c9bcd1ed7b24cb583ee574af", + "乌克兰黑客杀疯了:斯洛伐克土地登记处遭遇该国历史上最大规模网络攻击": "https://mp.weixin.qq.com/s?__biz=MzI2NzAwOTg4NQ==&mid=2649793817&idx=1&sn=31d98bca3e3dddf22ab92e0463ca9e8b", + "RedDelta 黑客组织在最新的活动中部署 PlugX 恶意软件": "https://mp.weixin.qq.com/s?__biz=MzI2NzAwOTg4NQ==&mid=2649793817&idx=2&sn=e2891ae57a7c8de111ae54c7ce929e6e", + "Google Project Zero 研究人员发现针对三星设备的零点击漏洞": "https://mp.weixin.qq.com/s?__biz=MzI2NzAwOTg4NQ==&mid=2649793817&idx=3&sn=76e96780b09c070feb5068ffc86b1d38", + "安全、运维、网工必备神器——堡垒机,你竟然还不知道?": "https://mp.weixin.qq.com/s?__biz=MzIwMzIyMjYzNA==&mid=2247517703&idx=1&sn=50348211d1074a0deed597c3d360d687", + "Secator - 渗透测试人员的瑞士军刀": "https://mp.weixin.qq.com/s?__biz=Mzk0Mzc1MTI2Nw==&mid=2247486995&idx=1&sn=20ab12dd8d9081f2494ba15ed7357885", + "新型Hellcat勒索病毒分析": "https://mp.weixin.qq.com/s?__biz=MzA4ODEyODA3MQ==&mid=2247489905&idx=1&sn=d221af8624b76e73a62cffd81d4afb24", + "印度发布重磅数据保护法规草案:最高罚款25亿卢比!": "https://mp.weixin.qq.com/s?__biz=MzA4NTY4MjAyMQ==&mid=2447900021&idx=1&sn=fc88038644d5a0b0c105263ee4ab7338", + "网站域名遭非法盗用篡改,郑州两家公司被行政处罚": "https://mp.weixin.qq.com/s?__biz=MzI4NDY2MDMwMw==&mid=2247513467&idx=1&sn=3ea80990fd1c334a5bbf3e29305787b1", + "暗网情报:涉国内网络赌博平台用户、泰国矿产、西班牙电信": "https://mp.weixin.qq.com/s?__biz=MzkyMjQ5ODk5OA==&mid=2247506720&idx=1&sn=650965b4297334d5e4a6234b8583f8a8", + "不容错过!2025年十大顶级网络安全盛会": "https://mp.weixin.qq.com/s?__biz=MzkyMjQ5ODk5OA==&mid=2247506720&idx=2&sn=88b06af4662ae0dfcbde4ca62eb88931", + "5th域安全微讯早报【20250111】010期": "https://mp.weixin.qq.com/s?__biz=MzkyMjQ5ODk5OA==&mid=2247506720&idx=3&sn=af839aa95e78efb7be5e2e06e6b8b2ee", + "星禾团队 | 网络安全征程中的温暖与成长": "https://mp.weixin.qq.com/s?__biz=MzkyNzY1NzEwMQ==&mid=2247484514&idx=1&sn=04484173f93ff63f798fb1b2a3ed2317", + "防务简报丨美国完成B61-12核航弹的延寿计划": "https://mp.weixin.qq.com/s?__biz=Mzg2NTYyODgyNg==&mid=2247504378&idx=1&sn=16f19e21d9a01dfc01822f9de3c62558", + "大模型安全的漏洞": "https://mp.weixin.qq.com/s?__biz=MzAwMjA5OTY5Ng==&mid=2247525574&idx=1&sn=71fbd1aa0ae586008514d626ad81cd1e", + "国产化综合红队协同工具TangGo": "https://mp.weixin.qq.com/s?__biz=MzkyNzIxMjM3Mg==&mid=2247488858&idx=1&sn=5a77b79821ec4386d514cd9d4778e29b", + "被释放前的幻想罢了": "https://mp.weixin.qq.com/s?__biz=MzkyNzIxMjM3Mg==&mid=2247488858&idx=2&sn=0446c2906e8992ebc7000672d885bf69", + "某电商平台如何在黑客攻击中快速恢复业务?": "https://mp.weixin.qq.com/s?__biz=Mzg4NDc0Njk1MQ==&mid=2247487166&idx=1&sn=98a2f1aca47e19e7c549633c8a24edcd", + "某初创公司如何用有限预算实现高效安全防护?": "https://mp.weixin.qq.com/s?__biz=Mzg4NDc0Njk1MQ==&mid=2247487166&idx=2&sn=16007712fa9ae625a2f68f95f2233bf8", + "【oscp】靶机-election": "https://mp.weixin.qq.com/s?__biz=Mzg2Nzk0NjA4Mg==&mid=2247497830&idx=1&sn=aa42b57935b72725f2ee5ec3a9dcdc6d", + "揭秘威胁情报:企业安全防线的智能守护者!(附下载)": "https://mp.weixin.qq.com/s?__biz=MzkyODY5ODAyOA==&mid=2247489198&idx=1&sn=6317dda5d9369d93f16a15df246337f4", + "原始数据的防护之基:业务数据化阶段的数据安全建设(第九章)": "https://mp.weixin.qq.com/s?__biz=MzkwNTI3MjIyOQ==&mid=2247484108&idx=1&sn=855d8b552ad49246be156a25554fc794", + "修电脑": "https://mp.weixin.qq.com/s?__biz=MzAwMjQ2NTQ4Mg==&mid=2247496556&idx=1&sn=df372d4fcbabb1a9eb0061fd1481fab5", + "寻找隐藏的 API 密钥以及如何使用它们": "https://mp.weixin.qq.com/s?__biz=MzkwOTE5MDY5NA==&mid=2247504443&idx=1&sn=909a173e7711238591b789421da6f974", + "寒假将至 | 网络安全温馨提醒": "https://mp.weixin.qq.com/s?__biz=Mzg5OTg5OTI1NQ==&mid=2247489677&idx=1&sn=9321eb9dd76ad1030c9edc27a3356a64", + "侧信道分析测评套件更新-全面支持智能密码钥匙采波分析": "https://mp.weixin.qq.com/s?__biz=MzI2NTUyODMwNA==&mid=2247494096&idx=1&sn=80632feea28c999c821305a083fe4055", + "关于渗透应急CISP-PTE/CISP-IRE考试重要通知": "https://mp.weixin.qq.com/s?__biz=MzIxNTM4NDY2MQ==&mid=2247515671&idx=1&sn=d09813014ef21089c6b16471091ce062", + "【神兵利器】红队内网横向之CheeseTools": "https://mp.weixin.qq.com/s?__biz=Mzg4MTU4NTc2Nw==&mid=2247494862&idx=1&sn=a00294b52f53901205a725cbe45a81d1", + "应急响应靶机训练-Linux1": "https://mp.weixin.qq.com/s?__biz=Mzg4MTU4NTc2Nw==&mid=2247494862&idx=2&sn=3ed1520df9278988298a6d804288f6a5", + "国家网信办《网络信息内容多渠道分发服务机构相关业务活动管理规定(草案稿)》公开征求意见": "https://mp.weixin.qq.com/s?__biz=MzkxNTI2NTQxOA==&mid=2247495920&idx=1&sn=8b95351dff8c95d58566f186d8f3172b", + "武汉农商行因“数据管理不到位”等被罚365万": "https://mp.weixin.qq.com/s?__biz=MzkxNTI2NTQxOA==&mid=2247495920&idx=2&sn=a4260d13e2e990efb71c627cba215b85", + "中国网络空间安全协会发布中文互联网基础语料2.0": "https://mp.weixin.qq.com/s?__biz=MzkxNTI2NTQxOA==&mid=2247495920&idx=3&sn=cde62e74e2a71716fed6509658b7fe15", + "北京发布数据流通交易领域3项地方标准": "https://mp.weixin.qq.com/s?__biz=MzkxNTI2NTQxOA==&mid=2247495920&idx=4&sn=1ee8ba2104e4fae0185c8eb47c32c346", + "海南发布《海南省商场超市消费领域个人信息保护合规指引》": "https://mp.weixin.qq.com/s?__biz=MzkxNTI2NTQxOA==&mid=2247495920&idx=5&sn=0a9a9bd9c4dbe7e03820563d31e31fc8", + "妲己陪你玩,来和妲己玩耍吧!!!": "https://mp.weixin.qq.com/s?__biz=Mzk0NDQwMDY1Nw==&mid=2247485639&idx=1&sn=de89f7127fe3b8508d5d032492f2744a", + "每周文章分享-194": "https://mp.weixin.qq.com/s?__biz=MzI1MTQwMjYwNA==&mid=2247501360&idx=1&sn=4ca6b7627bd52fea89a2d983b898d091", + "分享的图片、视频、链接": "https://mp.weixin.qq.com/s?__biz=MzkzNTIwNDEwNA==&mid=2247488530&idx=1&sn=ba35cce9938c913e917f5066b51ab338", + "【讨论】当网安圈子变得越来越封闭,是否更有利于行业发展?u200b": "https://mp.weixin.qq.com/s?__biz=MzU3MjU4MjM3MQ==&mid=2247489532&idx=1&sn=1a00fdd1c1ea4e99f35cb9fdbe525ee2", + "分享图片": "https://mp.weixin.qq.com/s?__biz=MzI3Njc1MjcxMg==&mid=2247494210&idx=1&sn=7326c6248aa355f405a445d31f896229", + "渗透测试 -- 域渗透": "https://mp.weixin.qq.com/s?__biz=MzI4MDQ5MjY1Mg==&mid=2247515531&idx=2&sn=d83de3a9eab0093f6533c21c7138aa97", + "合理化堆栈:安全供应商整合案例": "https://mp.weixin.qq.com/s?__biz=MzA5MzU5MzQzMA==&mid=2652113901&idx=1&sn=e5b249271c7340b3bb1092713434466f", + "网信部门严厉打击整治网络水军问题": "https://mp.weixin.qq.com/s?__biz=MzA5MzU5MzQzMA==&mid=2652113901&idx=2&sn=ca83165ac442d1d6d45528cf7c479135", + "安卓逆向2025 -- Frida学习之hook案例(三)": "https://mp.weixin.qq.com/s?__biz=MzA4MzgzNTU5MA==&mid=2652037513&idx=1&sn=5524b6772bc0ebff5ff1608375d7c682", + "PC逆向 -- 异常简介": "https://mp.weixin.qq.com/s?__biz=MzA4MzgzNTU5MA==&mid=2652037513&idx=2&sn=6cf66c78ed6df9414d26315873a30df7", + "日本最大电信公司 NTT Docomo 因 DDoS 攻击瘫痪 12 小时": "https://mp.weixin.qq.com/s?__biz=Mzg3ODY0NTczMA==&mid=2247491963&idx=1&sn=3b846beb566a085f5f4a647c6d6cee7a", + "常见的网站安全漏洞视频课程": "https://mp.weixin.qq.com/s?__biz=MzU3NzY3MzYzMw==&mid=2247499125&idx=2&sn=ed1a771fa6447002aa2fcf070c71c910", + "aistudio有两把刷子": "https://mp.weixin.qq.com/s?__biz=MzUzMjQyMDE3Ng==&mid=2247487873&idx=1&sn=129a164676242eb9768fdbf20a4b4840" + }, + "SecWiki News": { + "SecWiki News 2025-01-11 Review": "http://www.sec-wiki.com/?2025-01-11" + }, + "Private Feed for M09Ic": { + "spf13 starred trimmer-io/go-xmp": "https://github.com/trimmer-io/go-xmp", + "tennc starred linexjlin/GPTs": "https://github.com/linexjlin/GPTs", + "tennc starred PlexPt/awesome-chatgpt-prompts-zh": "https://github.com/PlexPt/awesome-chatgpt-prompts-zh", + "tennc starred f/awesome-chatgpt-prompts": "https://github.com/f/awesome-chatgpt-prompts", + "h3zh1 pushed to v0.0.4-patch in chainreactors/malefic": "https://github.com/chainreactors/malefic/compare/9bf5e3ab84...3aea9cd265", + "zema1 starred P1-Team/AlliN": "https://github.com/P1-Team/AlliN", + "safedv started following alfarom256": "https://github.com/alfarom256", + "safedv started following byt3bl33d3r": "https://github.com/byt3bl33d3r", + "safedv starred FujiwaraChoki/MoneyPrinterV2": "https://github.com/FujiwaraChoki/MoneyPrinterV2", + "zer0yu starred usagi-flow/evil-helix": "https://github.com/usagi-flow/evil-helix", + "zer0yu starred librasn/rasn": "https://github.com/librasn/rasn", + "zer0yu starred y21/tl": "https://github.com/y21/tl", + "HuYlllc pushed to v0.0.4dev in chainreactors/malice-network": "https://github.com/chainreactors/malice-network/compare/3c4541da98...dd59b84145", + "INotGreen released XiebroC2-v3.1.7 at INotGreen/XiebroC2": "https://github.com/INotGreen/XiebroC2/releases/tag/XiebroC2-v3.1.7", + "glzjin forked glzjin/MetasploitCoop_0x727 from 0x727/MetasploitCoop_0x727": "https://github.com/glzjin/MetasploitCoop_0x727", + "itsKayWat started following M09Ic": "https://github.com/M09Ic" + }, + "Recent Commits to cve:main": { + "Update Sat Jan 11 20:16:57 UTC 2025": "https://github.com/trickest/cve/commit/a529fd5d50c90c432baec70219470b5f625a25a0", + "Update Sat Jan 11 12:19:24 UTC 2025": "https://github.com/trickest/cve/commit/4ee809fb0c944239e63a757ad04299a07cefae04", + "Update Sat Jan 11 04:10:25 UTC 2025": "https://github.com/trickest/cve/commit/b1d77c9032f2c34f807b30264034a2a5ea416a0b" + }, + "一个被知识诅咒的人": { + "【人工智能】构建智能语音助手:使用Python实现语音识别与合成的全面指南": "https://blog.csdn.net/nokiaguy/article/details/145075956", + "【人工智能】用Python进行对象检测:从OpenCV到YOLO的全面指南": "https://blog.csdn.net/nokiaguy/article/details/145075935" + }, + "Bug Bounty in InfoSec Write-ups on Medium": { + "Revisiting a Simple SQL Injection Methodology": "https://infosecwriteups.com/revisiting-a-simple-sql-injection-methodology-ecd42634a21e?source=rss----7b722bfd1b8d--bug_bounty" + }, + "Twitter @bytehx": { + "RT Sina Yeganeh: Find hidden Endpoint : https://raw.githubusercontent.com/sinaayeganeh/Find-Hidden-Endpoint/refs/heads/main/js.txt #bugbounty #bugboun...": "https://x.com/bytehx343/status/1878087922488090801" + }, + "Malware-Traffic-Analysis.net - Blog Entries": { + "2025-01-09: CVE-2017-0199 XLS --> HTA --> VBS --> steganography --> DBatLoader/GuiLoader style malware": "https://www.malware-traffic-analysis.net/2025/01/09/index.html" + }, + "Reverse Engineering": { + "Reverse-engineering meets AI: My new benchmark asks you to deduce hidden byte transforms—thoughts?": "https://www.reddit.com/r/ReverseEngineering/comments/1hyuf9w/reverseengineering_meets_ai_my_new_benchmark_asks/" + }, + "HAHWUL": { + "ZAP 2.16 Review ⚡️": "https://www.hahwul.com/2025/01/11/zap-2-16-review/" + }, + "杨龙": { + "-2209017943": "https://www.yanglong.pro/2209017943-2/" + }, + "黑海洋 - IT技术知识库": { + "Fluent Read:上下文语境的人工智能翻译引擎(浏览器插件)": "https://blog.upx8.com/4651" + }, + "安全分析与研究": { + "新型Hellcat勒索病毒分析": "https://mp.weixin.qq.com/s?__biz=MzA4ODEyODA3MQ==&mid=2247489905&idx=1&sn=d221af8624b76e73a62cffd81d4afb24&chksm=902fb659a7583f4f105f2bc9bb1490bdf8d2781611e9f73c12246ee56ca3b7525b5263d975bd&scene=58&subscene=0#rd" + }, + "奇客Solidot–传递最新科技情报": { + "物理学家发现新粒子分数激子": "https://www.solidot.org/story?sid=80307", + "YouTube 主播向 AI 公司出售未发布视频去训练 AI": "https://www.solidot.org/story?sid=80306", + "世界最强超算 El Capitan 正式启用": "https://www.solidot.org/story?sid=80305", + "StackOverflow 新问题数量大幅减少": "https://www.solidot.org/story?sid=80304", + "德国众多大学机构集体宣布退出 X": "https://www.solidot.org/story?sid=80303", + "Automattic 大幅缩减对 WordPress.org 的支持": "https://www.solidot.org/story?sid=80302", + "巴西给 Meta 72 小时时间解释其事实核查政策的变化": "https://www.solidot.org/story?sid=80301" + }, + "威努特安全网络": { + "我国牵头的国际标准发布,联合国航空数据库遭入侵 | 一周特辑": "https://mp.weixin.qq.com/s?__biz=MzAwNTgyODU3NQ==&mid=2651130318&idx=1&sn=322960576db32a5d4485b1c0dc16d542&chksm=80e7137eb7909a680deaa85714119cb89492b504024287b112b4cab04f1b3fdc24bbab99c3e0&scene=58&subscene=0#rd" + }, + "丁爸 情报分析师的工具箱": { + "【资料】创建开源情报机构的理由": "https://mp.weixin.qq.com/s?__biz=MzI2MTE0NTE3Mw==&mid=2651148500&idx=1&sn=6cb5b45ccad95f39148ef2240c25d8f8&chksm=f1af27eec6d8aef85b73213a31ddbb5ff35a3ab0c56351b3885e6105b67a593a975858b141d8&scene=58&subscene=0#rd" + }, + "长亭安全应急响应中心": { + "【已复现】Ivanti Connect Secure 堆栈溢出致远程代码执行漏洞(CVE-2025-0282)": "https://mp.weixin.qq.com/s?__biz=MzIwMDk1MjMyMg==&mid=2247492691&idx=1&sn=e1d64db4b8957907e6417a61d2c40fa4&chksm=96f7fb3ea1807228c78b8469fdfa3a9fad83374094781eb88c48ae6e598331b3bd87ae4c659c&scene=58&subscene=0#rd" + }, + "看雪学苑": { + "CTF自毁程序密码:逆向分析": "https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458588573&idx=1&sn=c40b84e0094dfcbca49818f166d4c1f8&chksm=b18c251786fbac0172b4c573bca3dbdc17e0efad3bf6e5dace210a9b96023fdf89feccf64ba1&scene=58&subscene=0#rd", + "欢迎报名!新课《Frida源码情景分析》": "https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458588573&idx=2&sn=faff2f0fd2cdc5ddab970c5ab150d74c&chksm=b18c251786fbac01987d449630eb908309f812aa88b611c439eaa12acdb36a199b9e212512e3&scene=58&subscene=0#rd" + }, + "安全内参": { + "网站域名遭非法盗用篡改,郑州两家公司被行政处罚": "https://mp.weixin.qq.com/s?__biz=MzI4NDY2MDMwMw==&mid=2247513467&idx=1&sn=3ea80990fd1c334a5bbf3e29305787b1&chksm=ebfaf25bdc8d7b4dad90dcea755636cf357c28f3dcec82aaf943cbeefa88a5b135fbdc372038&scene=58&subscene=0#rd" + }, + "dotNet安全矩阵": { + ".NET 第54期红队武器库和资源汇总": "https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498152&idx=1&sn=e082b4077e255091892be37fff847a78&chksm=fa595745cd2ede53bf9b66ae351f313cf7bf5dd1650cf01cd2dab30f1a615a0813a8427e859a&scene=58&subscene=0#rd", + "国内最专业、最全面的 [ .NET 代码审计 ] 体系化学习交流社区": "https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498152&idx=2&sn=68b7c98d93dba9cd5cb2feb37795f5c0&chksm=fa595745cd2ede5310d59456ace4b1b2d00ad3e60a2946ee0a394adc50759ab9b978584b956a&scene=58&subscene=0#rd", + "无独有偶,通过.NET反序列化漏洞实现 Visual Studio 钓鱼攻击": "https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498152&idx=3&sn=a45de16edbca5168f73ea7ed4ffeca36&chksm=fa595745cd2ede53cd0f763edff055aeced78d85bdeea1f2be5fd2d80d72a65ed86e0df928f3&scene=58&subscene=0#rd" + }, + "安全圈": { + "【安全圈】江苏一男子利用小程序Bug逃匿28万加油费,法院判了": "https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067274&idx=1&sn=5bef640b5980a10e736f5e8b28bb6773&chksm=f36e798ac419f09cdbd5129a3bf75829108cf7f7a7de0b1d6ac854dbbb635e3a6b7d50a7bd0d&scene=58&subscene=0#rd", + "【安全圈】涉案3.3亿!有人非法搭建支付平台获利超200万": "https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067274&idx=2&sn=792e4a8d18c9865be6e1131bf29116e9&chksm=f36e798ac419f09c4674ed1ba0a3d10573e7a3ba50adc72984e3afc698d37c2172cb8076dc0b&scene=58&subscene=0#rd", + "【安全圈】Ivanti VPN 零日漏洞正在被黑客利用": "https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067274&idx=3&sn=8eb5cc6c0a00bef351ca6ec387133310&chksm=f36e798ac419f09cca9472d89e0009706062cc803d7b61065e39083441ba8c9e646c932b6efe&scene=58&subscene=0#rd" + }, + "网络空间安全科学学报": { + "学术前沿 | 鹏城实验室威胁情报团队:网络威胁情报共享与融合技术综述": "https://mp.weixin.qq.com/s?__biz=MzI0NjU2NDMwNQ==&mid=2247504587&idx=1&sn=4eaf1ab6a4b15883ae9a77be4357a271&chksm=e9bfc675dec84f63b347462da5f7bce1abed74f36bf037a16432d25f075367ff3d1fd224cdf6&scene=58&subscene=0#rd" + }, + "网安杂谈": { + "专刊抽奖中奖名单": "https://mp.weixin.qq.com/s?__biz=MzAwMTMzMDUwNg==&mid=2650889518&idx=1&sn=ba617630ef1fac5cd159e0c01ae1fd53&chksm=812ea10bb659281d60613b07fbcdcaebd1d770235c4af465c07bc94e0c538244fa08dc76c8d8&scene=58&subscene=0#rd" + }, + "极客公园": { + "特朗普上任前,Meta、微软等取消多元化项目;新 Model Y 上市,雷军隔空玩梗;京东 App 大改版 | 极客早知道": "https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653071834&idx=1&sn=9726e5881ed20e810b87b68ef06af200&chksm=7e57d46c49205d7a678f880e93b38ad8df5661f949d2dd27442559ef9f751a6af0d9bc2b6514&scene=58&subscene=0#rd" + }, + "吴鲁加": { + "我工作里使用的软件和工作流": "https://mp.weixin.qq.com/s?__biz=Mzg5NDY4ODM1MA==&mid=2247485135&idx=1&sn=0510f35c72516e30adcd494474dd6df1&chksm=c01a8bfef76d02e8f7fb3e9696d8b0cee09ab8dee030fe992b916e71468791be793abbc80527&scene=58&subscene=0#rd" + }, + "希潭实验室": { + "第112篇:美国APT震网病毒入侵伊朗核工厂后续与启示(第4篇)": "https://mp.weixin.qq.com/s?__biz=MzkzMjI1NjI3Ng==&mid=2247487306&idx=1&sn=00dc7cf337a613d22207cecd7674ec88&chksm=c25fc031f5284927d968a7121718ccfa82db72798405bf0100bd1d248c3cb88d1360e288e491&scene=58&subscene=0#rd" + }, + "OnionSec": { + "短文:对现实里网络安全领域的新认识": "https://mp.weixin.qq.com/s?__biz=MzUyMTUwMzI3Ng==&mid=2247485562&idx=1&sn=8b6790ca85055bf567130a044261ebda&chksm=f9db5f39ceacd62f1d9d93c36893e92be17a408acced658927b37d165077e523234bfe823d95&scene=58&subscene=0#rd" + }, + "山石网科安全技术研究院": { + "2024年度重大数据泄露事件盘点-国外版": "https://mp.weixin.qq.com/s?__biz=MzUzMDUxNTE1Mw==&mid=2247509629&idx=1&sn=29247d0381639fa3501942c67c219470&chksm=fa5273c3cd25fad5d99967bf051e1337733f3c3082433d432cf1da5a2100a7b651661c585277&scene=58&subscene=0#rd" + }, + "Over Security - Cybersecurity news aggregator": { + "Scammers file first — Get your IRS Identity Protection PIN now": "https://www.bleepingcomputer.com/news/security/scammers-file-first-get-your-irs-identity-protection-pin-now/", + "Fake LDAPNightmware exploit on GitHub spreads infostealer malware": "https://www.bleepingcomputer.com/news/security/fake-ldapnightmware-exploit-on-github-spreads-infostealer-malware/" + }, + "ICT Security Magazine": { + "Living-off-the-Land Binaries (LOLBins) negli attacchi fileless: Analisi Tecnica e Implicazioni per la Sicurezza": "https://www.ictsecuritymagazine.com/articoli/living-off-the-land-binaries-lolbins/" + }, + "迪哥讲事": { + "从 SQL 注入到远程代码执行": "https://mp.weixin.qq.com/s?__biz=MzIzMTIzNTM0MA==&mid=2247496813&idx=1&sn=eab6d19d242d637c1797d76ec3ae43fa&chksm=e8a5fe0edfd277188a3ce54336fe9ddf992716daadef1e899d9d6e4de34f5c25335a2222782c&scene=58&subscene=0#rd" + }, + "GobySec": { + "锦鲤揭秘时刻!快来看看锦鲤礼包花落谁家吧~": "https://mp.weixin.qq.com/s?__biz=MzI4MzcwNTAzOQ==&mid=2247545717&idx=1&sn=309283dd2ed10d791e052cf798b5e174&chksm=eb84d8d5dcf351c3ade60c164cef5dcf834d3e5db4c15add66752b789281fb770f82226b0664&scene=58&subscene=0#rd" + }, + "TorrentFreak": { + "Tonga! Tonga! Tonga! Online Piracy’s Unusual Attraction to ccTLD .to": "https://torrentfreak.com/tonga-tonga-tonga-online-piracys-unusual-attraction-to-cctld-to-250111/" + }, + "银针安全": { + "高版本Fastjson在Java原生反序列化中的利用": "https://mp.weixin.qq.com/s?__biz=Mzg2MDY2ODc5MA==&mid=2247484185&idx=1&sn=9068c43597d87c94568fe70974fd6365&chksm=ce239500f9541c160287b545120d6495c7a2aa9c5c75e0ad101c7a3d3600e86ea6b64ef75f63&scene=58&subscene=0#rd" + }, + "Technical Information Security Content & Discussion": { + "$2m laundered: the YouTube crypto tutorials’ huge scam (investigation)": "https://www.reddit.com/r/netsec/comments/1hz54x4/2m_laundered_the_youtube_crypto_tutorials_huge/", + "Gayfemboy: A Botnet Deliver Through a Four-Faith Industrial Router 0-day Exploit.": "https://www.reddit.com/r/netsec/comments/1hyjjpb/gayfemboy_a_botnet_deliver_through_a_fourfaith/" + }, + "Your Open Hacker Community": { + "Getting infinite lives in Prehistorik on Windows 11": "https://www.reddit.com/r/HowToHack/comments/1hz6pee/getting_infinite_lives_in_prehistorik_on_windows/", + "How to convert a password protected zip file into a RAR file?": "https://www.reddit.com/r/HowToHack/comments/1hz3bgu/how_to_convert_a_password_protected_zip_file_into/", + "recovering google account": "https://www.reddit.com/r/HowToHack/comments/1hyx8qq/recovering_google_account/", + "Has anyone tried hijacking school Apple TVs for a prank?": "https://www.reddit.com/r/HowToHack/comments/1hz3nxz/has_anyone_tried_hijacking_school_apple_tvs_for_a/", + "Help": "https://www.reddit.com/r/HowToHack/comments/1hyzqf5/help/", + "Can anyone help me with a teleg private group(pls dm me)": "https://www.reddit.com/r/HowToHack/comments/1hyzpji/can_anyone_help_me_with_a_teleg_private_grouppls/", + "I need to find someone's IP address or something": "https://www.reddit.com/r/HowToHack/comments/1hyzxt3/i_need_to_find_someones_ip_address_or_something/" + }, + "Security Affairs": { + "DoJ charged three Russian citizens with operating crypto-mixing services": "https://securityaffairs.com/172957/cyber-crime/doj-charged-russian-citizens-with-operating-crypto-mixing-services.html", + "U.S. cannabis dispensary STIIIZY disclosed a data breach": "https://securityaffairs.com/172950/data-breach/marijuana-dispensary-stiiizy-data-breach.html", + "A novel PayPal phishing campaign hijacks accounts": "https://securityaffairs.com/172935/cyber-crime/paypal-phishing-campaign-hijacks-accounts.html" + }, + "Social Engineering": { + "The hidden psychology of abusers": "https://www.reddit.com/r/SocialEngineering/comments/1hyxk74/the_hidden_psychology_of_abusers/" + }, + "The Hacker News": { + "Microsoft Sues Hacking Group Exploiting Azure AI for Harmful Content Creation": "https://thehackernews.com/2025/01/microsoft-sues-hacking-group-exploiting.html", + "DoJ Indicts Three Russians for Operating Crypto Mixers Used in Cybercrime Laundering": "https://thehackernews.com/2025/01/doj-indicts-three-russians-for.html" + }, + "Computer Forensics": { + "How do you read a $MFT? (First Computer Forensics class)": "https://www.reddit.com/r/computerforensics/comments/1hyvbdc/how_do_you_read_a_mft_first_computer_forensics/" + }, + "Information Security": { + "Open Source Shadow IT Detection": "https://www.reddit.com/r/Information_Security/comments/1hyoren/open_source_shadow_it_detection/" + }, + "Deep Web": { + "Would you like this reward?": "https://www.reddit.com/r/deepweb/comments/1hz9bjv/would_you_like_this_reward/" + }, + "Blackhat Library: Hacking techniques and research": { + "Telefonica Breach: Infostealer Malware Opens Door for Social Engineering Tactics": "https://www.reddit.com/r/blackhat/comments/1hysvc3/telefonica_breach_infostealer_malware_opens_door/" + } +} \ No newline at end of file diff --git a/today.md b/today.md index 260114ebb4..aa5936d602 100644 --- a/today.md +++ b/today.md @@ -1,455 +1,273 @@ -# 每日安全资讯(2025-01-11) +# 每日安全资讯(2025-01-12) -- paper - Last paper - - [ ] [Self-changing Data Type - CVE-2024-40676 漏洞分析](https://paper.seebug.org/3266/) -- Recent Commits to cve:main - - [ ] [Update Fri Jan 10 20:11:13 UTC 2025](https://github.com/trickest/cve/commit/35ab00cc0e2f9453ab25383a9a5c9d4cfa1182d1) - - [ ] [Update Fri Jan 10 12:19:12 UTC 2025](https://github.com/trickest/cve/commit/bb4ddf1816df72235be5cd596f20b2ed83504f0c) - - [ ] [Update Fri Jan 10 04:22:20 UTC 2025](https://github.com/trickest/cve/commit/0eba4829b48b6e4109d4f696f205771712d068c3) -- 嘶吼 RoarTalk – 网络安全行业综合服务平台,4hou.com - - [ ] [国家网络安全通报中心:重点防范境外恶意网址和恶意IP](https://www.4hou.com/posts/VW2o) - - [ ] [Check Point:企业如何应对复杂网络挑战?](https://www.4hou.com/posts/W1Ko) +- Security Boulevard + - [ ] [Advancements in Machine Identity Protections](https://securityboulevard.com/2025/01/advancements-in-machine-identity-protections/) + - [ ] [From Chaos to Control: Building Your Company’s Access Management Foundation](https://securityboulevard.com/2025/01/from-chaos-to-control-building-your-companys-access-management-foundation/) + - [ ] [DEF CON 32 – Porn & Privacy – ET](https://securityboulevard.com/2025/01/def-con-32-porn-privacy-et/) - Doonsec's feed - - [ ] [特朗普上台,中美会发生网络战吗?](https://mp.weixin.qq.com/s?__biz=MzU0MzgyMzM2Nw==&mid=2247486232&idx=1&sn=5527e80a86875c017071d27f5b315e3e) - - [ ] [30天渗透测试练习计划(2025 第一部分)](https://mp.weixin.qq.com/s?__biz=MzkyODYwODkyMA==&mid=2247484899&idx=1&sn=9aae3d9926fe3695441f5c88f9f5546f) - - [ ] [2025 年,炼石计划@赛博代审之旅又带来了什么好东西呢?](https://mp.weixin.qq.com/s?__biz=Mzg3MDU1MjgwNA==&mid=2247487164&idx=1&sn=ee4ecadbaa3c2616b6e600c1711926e0) - - [ ] [中国软件评测中心2024年干部述职述廉考核 工作总结表彰大会暨2025年工作计划会圆满召开](https://mp.weixin.qq.com/s?__biz=MjM5NzYwNDU0Mg==&mid=2649249217&idx=1&sn=efe8d1f5b3fa8193ede8e5ee31c840e9) - - [ ] [国家互联网信息办公室关于《网络信息内容多渠道分发服务机构相关业务活动管理规定(草案稿)》公开征求意见的通知](https://mp.weixin.qq.com/s?__biz=MzI5NTM4OTQ5Mg==&mid=2247633711&idx=1&sn=7ade192a71c4b34eb6cf7fd5930216ce) - - [ ] [突发!美国拟(全面禁止)向中国出口 GPU](https://mp.weixin.qq.com/s?__biz=MzI5NTM4OTQ5Mg==&mid=2247633711&idx=3&sn=a171f86485cabe24801c9536db242e1e) - - [ ] [海南发布商超消费领域个人信息保护合规指引,涉及门店APP、小程序运行规范(附全文)](https://mp.weixin.qq.com/s?__biz=MzI5NTM4OTQ5Mg==&mid=2247633711&idx=4&sn=068613b0262e30ac174c7fa092dfc2ec) - - [ ] [豆包好用的关键在于你得会用❗熬夜整理](https://mp.weixin.qq.com/s?__biz=MzU5MjI1NTY1Mg==&mid=2247483976&idx=1&sn=ef740b84f599f005ce29d414f97b0ad7) - - [ ] [2025考试安排 | CCRC数据安全官、数据安全评估师](https://mp.weixin.qq.com/s?__biz=MzU0Mzk0NDQyOA==&mid=2247521211&idx=1&sn=f5888344ad57191e78dfff778e714701) - - [ ] [信创加速,腾讯安全湖现已完成全栈国产化适配,助力企业高效替换](https://mp.weixin.qq.com/s?__biz=Mzg5OTE4NTczMQ==&mid=2247526338&idx=1&sn=d932d0ca3339bddabd79d6e04f350b57) - - [ ] [2025网安行业优质播客精选集⑤](https://mp.weixin.qq.com/s?__biz=Mzg2MTAwNzg1Ng==&mid=2247495438&idx=1&sn=0dfa956916eecc08f617ada58c6a41aa) - - [ ] [CSDN挂马事件的安全警醒;平时如何应对钓鱼攻击| FB甲方群话题讨论](https://mp.weixin.qq.com/s?__biz=Mzg2MTAwNzg1Ng==&mid=2247495438&idx=2&sn=9a03ea5cc87ec11de2f5a5418b852d13) - - [ ] [中国网络空间安全协会关键信息基础设施安全保护专业委员会在京成立](https://mp.weixin.qq.com/s?__biz=MzA3ODE0NDA4MA==&mid=2649401216&idx=1&sn=de77c2a7f5191211b4a1eddf1353dadf) - - [ ] [武汉科技大学2025-2027年网络安全服务采购](https://mp.weixin.qq.com/s?__biz=MzIxMDIwODM2MA==&mid=2653931394&idx=1&sn=38fbb62c75ca1ac3d4006f41b7847662) - - [ ] [建行超大规模数据中心开建,定位包括大数据业务主生产中心、核心数据备份中心等](https://mp.weixin.qq.com/s?__biz=MzIxMDIwODM2MA==&mid=2653931394&idx=2&sn=faea67696fc3676c501d4b313aa0e8e8) - - [ ] [【1CPE】ISC2Webinar丨降低关键基础设施数字化带来的风险](https://mp.weixin.qq.com/s?__biz=MzUzNTg4NDAyMg==&mid=2247492278&idx=1&sn=68ad8bcc9a61f861bb328a88abfed21f) - - [ ] [通知 | 国家网信办就《网络信息内容多渠道分发服务机构相关业务活动管理规定(草案稿)》公开征求意见(附全文)](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664234365&idx=1&sn=af17f45f731d0c43256ce450f1d66690) - - [ ] [解读 | 《网络数据安全管理条例》有哪些亮点?](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664234365&idx=3&sn=bad4d027f0d756a436be1f46a3d63af6) - - [ ] [关注 | 勇闯“春运”,要注意这些问题!](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664234365&idx=7&sn=26075d2a4c3c7515c08c1b7d9fd68c01) - - [ ] [网安周讯 | 辟谣!“西藏地震小孩被埋”为AI制图(一月第2期)](https://mp.weixin.qq.com/s?__biz=Mzg4MjQ4MjM4OA==&mid=2247523453&idx=1&sn=dc3496239f549ecdc6a72269c1ab8a91) - - [ ] [开放申请 | 2025腾讯犀牛鸟精英人才计划](https://mp.weixin.qq.com/s?__biz=MjM5ODYwMjI2MA==&mid=2649789536&idx=2&sn=f280f844c57c71c77c1e662f9ebb8811) - - [ ] [【云安全】云服务-云服务器ECS-安全问题分析](https://mp.weixin.qq.com/s?__biz=MzUyNTUyNTA5OQ==&mid=2247484084&idx=1&sn=56999ea9f438281ffad8f0d920528b0a) - - [ ] [安全资讯汇总:2025.1.6-2025.1.10](https://mp.weixin.qq.com/s?__biz=MzA4MTE0MTEwNQ==&mid=2668669972&idx=1&sn=1909e2d8e657b12e3eff8fcae8a0b168) - - [ ] [VMProtect本地授权锁的分析与破解](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458588572&idx=1&sn=f7ad4ebbe10787b233f29e316423ebc0) - - [ ] [超4000个后门通过注册过期域名被劫持](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458588572&idx=2&sn=59a0f2be5e5bacf99eec4b02e9d3c5b6) - - [ ] [本周职位大更新!众多企业抛出橄榄枝,你的心动岗位来了吗?](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458588572&idx=3&sn=abdd6a29e3e32a98636c35e70688f0aa) - - [ ] [首次!欧盟委员会因违反数据隐私法规被追责,向个人支付赔偿金](https://mp.weixin.qq.com/s?__biz=MzIzOTc2OTAxMg==&mid=2247548655&idx=1&sn=519c63daf361d43b3bb6e33cf198c0d0) - - [ ] [奇瑞汽车1亿元成立机器人科技公司“墨甲智创”](https://mp.weixin.qq.com/s?__biz=MzIzOTc2OTAxMg==&mid=2247548655&idx=2&sn=1bf760ffea9a49dcd8851b8ecb78cb79) - - [ ] [鹏城实验室与为辰信安联合发布《2024智能网联汽车网络安全报告》(附下载)](https://mp.weixin.qq.com/s?__biz=MzIzOTc2OTAxMg==&mid=2247548655&idx=3&sn=bc9f58e42eefcd52d0731448b4f2df0a) - - [ ] [扫码下载 | 12个鸿蒙生态文件(报告、白皮书)](https://mp.weixin.qq.com/s?__biz=MjM5OTk4MDE2MA==&mid=2655263596&idx=1&sn=a883bc4a6cd7c37fe586151df6fe96ee) - - [ ] [安全牛《中国网络安全全景图》(第十二版)调研启动](https://mp.weixin.qq.com/s?__biz=MjM5Njc3NjM4MA==&mid=2651134576&idx=1&sn=e86ab5b49773d2d99aa5756c964bd0a5) - - [ ] [欧盟委员会因隐私违规行为首次被追责;苹果以9500万美元和解持续了5年的Siri隐私诉讼 | 牛览](https://mp.weixin.qq.com/s?__biz=MjM5Njc3NjM4MA==&mid=2651134576&idx=2&sn=a7d8e8804916170cb6b3ad59b218d42d) - - [ ] [《工业互联网赋能的企业数字化转型》连载及解读之四十三:工业互联网安全技术体系](https://mp.weixin.qq.com/s?__biz=Mzg2ODUxODk3OA==&mid=2247499779&idx=1&sn=42d42838b8d321bb9ae3db7c423fde7f) - - [ ] [《车路云一体化系统 第7部分:信息安全要求和试验方法》(草案)](https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247619208&idx=1&sn=8b8a2f1379020358aa3348970c263aeb) - - [ ] [面向软件定义车辆的E/E架构技术&市场分析报告2025](https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247619208&idx=2&sn=c9683ecfca0fa974f586aa1bec72693c) - - [ ] [2025年智能网联汽车数据分类分级白皮书](https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247619208&idx=3&sn=af703f71840d3044485d467962af982c) - - [ ] [手机上的后门|防不胜防的RAT攻击](https://mp.weixin.qq.com/s?__biz=Mzg2NDYzNDM2NQ==&mid=2247485162&idx=1&sn=134a10ad8e58a3e356511f857fa123a5) - - [ ] [副业天花板,hvv趋势预测](https://mp.weixin.qq.com/s?__biz=MzkxNTIwNTkyNg==&mid=2247553000&idx=1&sn=b1baac10d19b08b13bf3cf699d23d247) - - [ ] [【免费领】网安岗位必备:互联网企业安全建设最佳实践指南](https://mp.weixin.qq.com/s?__biz=MzkxNTIwNTkyNg==&mid=2247553000&idx=2&sn=d488db920cfd91aac90202ba8bc8d7f2) - - [ ] [网络安全动态 - 2025.01.10](https://mp.weixin.qq.com/s?__biz=MzU1MzEzMzAxMA==&mid=2247499873&idx=1&sn=176dfb8874521ec82f865a95f5a1b0d2) - - [ ] [翼开岁首:天空卫士荣膺北京市独角兽企业](https://mp.weixin.qq.com/s?__biz=MzkwMTMyMDQ3Mw==&mid=2247597378&idx=2&sn=6f6f7ac4d7374f0c0f32db92dbdeca3f) - - [ ] [孙凝晖院士:建设面向智能时代的国家数据基础设施](https://mp.weixin.qq.com/s?__biz=MzkwMTMyMDQ3Mw==&mid=2247597378&idx=3&sn=f567eb44e3edd09bd82c2263b3ef3ec4) - - [ ] [安全威胁情报周报(2025/01/04-2025/01/10)](https://mp.weixin.qq.com/s?__biz=Mzg4NjYyMzUyNg==&mid=2247491122&idx=1&sn=898a05c3ec3c50263fa0eb51fd544bdd) - - [ ] [【自研报告】美国对格陵兰利益的战略分析及对策建议](https://mp.weixin.qq.com/s?__biz=MzkxMTA3MDk3NA==&mid=2247487051&idx=1&sn=ec33b2838d1fb6eed3391701e077b62e) - - [ ] [每周网络安全简讯 ( 2025年 第2周 )](https://mp.weixin.qq.com/s?__biz=MzU2MjcwOTY1Mg==&mid=2247521163&idx=1&sn=de51aa92eee1967c687270ff682fa764) - - [ ] [烽火狼烟丨暗网数据及攻击威胁情报分析周报(01/06-01/10)](https://mp.weixin.qq.com/s?__biz=Mzk0NjMxNTgyOQ==&mid=2247484510&idx=1&sn=f233df30c66fbd58c30c6ee06afb3270) - - [ ] [《网络数据安全管理条例》施行数据安全要求再升级](https://mp.weixin.qq.com/s?__biz=MjM5MTI2NDQzNg==&mid=2654552239&idx=1&sn=51440c7606c836fa1630fe46c5453bbb) - - [ ] [盗版影视APP的社会危害,只是“盗版”吗?](https://mp.weixin.qq.com/s?__biz=MjM5NTY4NzcyNg==&mid=2650249786&idx=1&sn=e4aef09e652f443508cfccf851714130) - - [ ] [学术前沿《工业信息安全》(第23期)主要内容速览](https://mp.weixin.qq.com/s?__biz=MzUyMzA1MTM2NA==&mid=2247499039&idx=1&sn=77cb9434d2ba8c5fc83182ffc43400fd) - - [ ] [ShellcodeLoader免杀加载器](https://mp.weixin.qq.com/s?__biz=Mzk0Mjg4MTQxMw==&mid=2247485418&idx=1&sn=bdc4d8fe72641276491413edaa1c2a87) - - [ ] [【观演指南】| 明晚 | 摇滚黑客2025演唱会北京现场见!](https://mp.weixin.qq.com/s?__biz=MzUyMDQ4OTkyMg==&mid=2247546519&idx=1&sn=0b14341dacc638097b304b34c2fce4b7) - - [ ] [听摇滚黑客2025演唱会 享滴滴打车五折优惠](https://mp.weixin.qq.com/s?__biz=MzUyMDQ4OTkyMg==&mid=2247546519&idx=2&sn=9c53a50b2d2fd5f2dd014e5726399bac) - - [ ] [推动数据要素发挥乘数效应](https://mp.weixin.qq.com/s?__biz=MjM5MzMwMDU5NQ==&mid=2649170105&idx=3&sn=f82cb6976156695f8fde5f17613d583a) - - [ ] [权威认可|悬镜再次入选2024年度毕马威中国金融科技企业双50强](https://mp.weixin.qq.com/s?__biz=MzA3NzE2ODk1Mg==&mid=2647795461&idx=1&sn=ea056881a28c848a31e57e1b2b75317c) - - [ ] [苹果mac用户警惕:Banshee Stealer新变种来袭](https://mp.weixin.qq.com/s?__biz=Mzk0MDYwMjE3OQ==&mid=2247486041&idx=1&sn=33813042ecc95b0f290c4fd3aff241f9) - - [ ] [【业界动态】我国牵头提出的国际标准《信息技术 信息安全事件管理 第4部分:协同》正式发布](https://mp.weixin.qq.com/s?__biz=MzA3NzgzNDM0OQ==&mid=2664992672&idx=2&sn=2fc4cff7ac2dfaec2b37f0ae52f72383) - - [ ] [【业界动态】工业和信息化部启动万兆光网试点工作 有序引导万兆光网从技术试点走向部署应用](https://mp.weixin.qq.com/s?__biz=MzA3NzgzNDM0OQ==&mid=2664992672&idx=3&sn=19a4fcbfa5be472c033f7007e87acaba) - - [ ] [掌握网络安全应急响应领域核心技能,你可能需要这两个证书](https://mp.weixin.qq.com/s?__biz=MzU4MjUxNjQ1Ng==&mid=2247521060&idx=1&sn=0248e268143e4e1f742932c65e85a9aa) - - [ ] [购课回馈|现在报名软考高项赠送3999元技术会员1年](https://mp.weixin.qq.com/s?__biz=MzU4MjUxNjQ1Ng==&mid=2247521060&idx=2&sn=262bc464e02d76e1223837f47e161d2b) - - [ ] [IDA技巧(98)analysis-options](https://mp.weixin.qq.com/s?__biz=MzI1Mjk2MTM1OQ==&mid=2247485211&idx=1&sn=0cbdd4418d779736e55176cb101121a4) - - [ ] [【流量分析】WireShark解析非标端口下SSH协议](https://mp.weixin.qq.com/s?__biz=MzU1Mjk3MDY1OA==&mid=2247519273&idx=1&sn=7a7e3bfdfb38fdfe33a5904a20cfa760) - - [ ] [从任意文件下载到getshell](https://mp.weixin.qq.com/s?__biz=MzkzMjIxNjExNg==&mid=2247486168&idx=1&sn=91eaac8e536f7aa3fae5d4ac01da95e9) - - [ ] [【商密测评】快速定位SSH数据包的密码套件](https://mp.weixin.qq.com/s?__biz=MzU1Mjk3MDY1OA==&mid=2247519271&idx=1&sn=fcd3a7d9d7a3d99f0743b3dd69f1817b) - - [ ] [【已复现】大华智能物联综合管理平台 GetClassValue 远程代码执行漏洞](https://mp.weixin.qq.com/s?__biz=MzIwMDk1MjMyMg==&mid=2247492684&idx=1&sn=3b0a607c660f6ba2dfc3db280cbf8e40) - - [ ] [俄罗斯互联网服务提供商证实乌克兰黑客“破坏”了其网络](https://mp.weixin.qq.com/s?__biz=MzI5NTA0MTY2Mw==&mid=2247485741&idx=1&sn=79a4fdb76ec8a43d1966f3ebd78d9d4f) - - [ ] [[0110] 一周重点威胁情报|天际友盟情报站](https://mp.weixin.qq.com/s?__biz=MzIwNjQ4OTU3NA==&mid=2247509999&idx=1&sn=ca5344ff0b02d3f92c43c0ad6be20284) - - [ ] [国家网信办发布2024年生成式人工智能服务已备案信息的公告](https://mp.weixin.qq.com/s?__biz=MzkwMTQyODI4Ng==&mid=2247495536&idx=1&sn=d9f85550a15c225b4186134eba2ac87c) - - [ ] [工信部:2024年我国网络和数据安全取得新突破](https://mp.weixin.qq.com/s?__biz=MzA5MzU5MzQzMA==&mid=2652113878&idx=1&sn=cbbd81e4fcb158219d4e3e8f3f2fa05d) - - [ ] [从一次溯源国际APT组织浅谈蜜罐运营](https://mp.weixin.qq.com/s?__biz=MzkwMTQyODI4Ng==&mid=2247495536&idx=3&sn=57593e331dce228f533ac3fe3787190c) - - [ ] [【工具推荐】Hawkeye 一款Windows综合应急响应工具](https://mp.weixin.qq.com/s?__biz=MzI1NTE2NzQ3NQ==&mid=2247487241&idx=1&sn=839e749479e300a8d7b930a213a06216) - - [ ] [【急聘】京东集团信息安全部招人啦~~](https://mp.weixin.qq.com/s?__biz=MzU4ODUzMTU4Mg==&mid=2247486659&idx=1&sn=64bfb54bfcc8b2685406aa46acae83b1) - - [ ] [国家网络安全通报中心:重点防范境外恶意网址和恶意IP](https://mp.weixin.qq.com/s?__biz=MzI0MDY1MDU4MQ==&mid=2247580725&idx=2&sn=63fd746c589e9cd1b6647a823ca163d3) - - [ ] [BoardLight](https://mp.weixin.qq.com/s?__biz=Mzk1NzY0NzMyMw==&mid=2247485204&idx=1&sn=8d8e4038082ae1cbd3fa5607cab82a83) - - [ ] [感恩同行|知其安获 OSRC 2024年度优秀合作伙伴](https://mp.weixin.qq.com/s?__biz=MzkzNTI5NTgyMw==&mid=2247510626&idx=1&sn=5f86ee189ac6754c4a7418ea77b04529) - - [ ] [云天安全入选中国信通院《数字安全护航技术能力全景图》28项领域,持续引领数字安全创新](https://mp.weixin.qq.com/s?__biz=MzI2NDYzNjY0Mg==&mid=2247501066&idx=1&sn=fe3fd86c1b199574b5893611ae04d58f) - - [ ] [【图一乐】在 pdf 文档中玩俄罗斯方块游戏](https://mp.weixin.qq.com/s?__biz=MzkzNDIzNDUxOQ==&mid=2247494124&idx=1&sn=ac20fe3efd1ce74b9f3927211c877cec) - - [ ] [TOPSRC 2024年第四季度奖励公告](https://mp.weixin.qq.com/s?__biz=Mzk0MTM1MTg3Nw==&mid=2247483903&idx=1&sn=a6b8b89ea06c0d846a8b9c2e3db8d5b5) - - [ ] [2025年,网络安全意识宣贯该怎么做?](https://mp.weixin.qq.com/s?__biz=MzU4NDExNDQwNA==&mid=2247489876&idx=1&sn=b620b4c55efe620eca9ebafa67d5c1b7) - - [ ] [技战法:剖析涉网站点后台加盐绕过技术](https://mp.weixin.qq.com/s?__biz=Mzk0Mzc2MDQyMg==&mid=2247486418&idx=1&sn=822fe24dc33064052db10431aeaac661) - - [ ] [u200b致人民警察的一封信](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650558871&idx=1&sn=2049a81dea035595445267831bbf8eba) - - [ ] [深挖缅甸妙瓦底 KK 园区:电信诈骗的阴暗角落与跨国打击的艰难之路](https://mp.weixin.qq.com/s?__biz=MzkwNzM0NzA5MA==&mid=2247503709&idx=1&sn=29a4a7741686d4bd4033ffbee78f1ce7) - - [ ] [2025年日本国防战略调整分析](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650558871&idx=3&sn=5dc7c0bf081673ac6520dbd2dd7aec61) - - [ ] [基于Tauri+Rust构建的新型免杀马生成器](https://mp.weixin.qq.com/s?__biz=MzU2NzY5MjAwNQ==&mid=2247486726&idx=1&sn=a770a2c26a407edd6ce426c70235b35c) - - [ ] [科普时间 | 蜜罐:给黑客精心准备的“甜蜜”陷阱](https://mp.weixin.qq.com/s?__biz=MzIyNzc3OTMzNw==&mid=2247485712&idx=1&sn=9a641e71d4d416bd3bd0a5b0e55affdf) - - [ ] [拜登政府新网络安全行政令寻求为新一届政府提供政策蓝图](https://mp.weixin.qq.com/s?__biz=MzI4ODQzMzk3MA==&mid=2247489550&idx=1&sn=26d503014824376c8155e36ecaa4c09f) - - [ ] [中国人民警察节 | 致敬我们的安全守护者!](https://mp.weixin.qq.com/s?__biz=MzkxMzQwNDcxNg==&mid=2247486835&idx=1&sn=bec31322bfb58a4913410c8d9ab33c2b) - - [ ] [发现Web API漏洞居然能赚到400w刀](https://mp.weixin.qq.com/s?__biz=Mzg2ODYxMzY3OQ==&mid=2247518149&idx=1&sn=6498c967abc2646198bd742a3d2232e6) - - [ ] [【漏洞预警】Apache OpenMeetings未授权 反序列化漏洞](https://mp.weixin.qq.com/s?__biz=MzI3NzMzNzE5Ng==&mid=2247489437&idx=1&sn=86a7c25e1f15115c4f1bfe3bf9529dae) - - [ ] [2024年度游戏安全报告发布:200+亿次风险检测背后的攻防全景](https://mp.weixin.qq.com/s?__biz=MzAwNTg2NjYxOA==&mid=2650742854&idx=1&sn=9a962b361752a5d23f40f791245fc33c) - - [ ] [智能汽车的强大功能](https://mp.weixin.qq.com/s?__biz=MzUzMjQyMDE3Ng==&mid=2247487868&idx=1&sn=38f654feb41f7697779f05deda25a854) - - [ ] [新活动平台建设历程与架构演进](https://mp.weixin.qq.com/s?__biz=Mzg3Njc0NTgwMg==&mid=2247502230&idx=1&sn=76feb6f4717cedf7c7fc1aaaf16d619d) - - [ ] [亚太地区APT网络攻击趋势分析与解读](https://mp.weixin.qq.com/s?__biz=Mzg3OTYxODQxNg==&mid=2247485594&idx=1&sn=e741dd51bb23c3d86fb494a60623a03e) - - [ ] [「专精型」优能企业 | 珞安科技荣登《嘶吼2024中国网络安全产业势能榜》](https://mp.weixin.qq.com/s?__biz=MzU2NjI5NzY1OA==&mid=2247512093&idx=1&sn=38d32dbb721779788a5aa550aa438acc) - - [ ] [BTC跨链监控&Chainlink PoR数据源|打造BTCFi安全新标准](https://mp.weixin.qq.com/s?__biz=MzkyMzI2NzIyMw==&mid=2247488553&idx=1&sn=a29ed9e4773fab41333e0f1f342441b4) - - [ ] [记一次利用堡垒机内部邮件钓鱼突破外网](https://mp.weixin.qq.com/s?__biz=MzUyODkwNDIyMg==&mid=2247546579&idx=1&sn=7b98384283af5b40e65bffd578e10edd) - - [ ] [2025掌控安全封神台第七届CTF获奖队伍公示](https://mp.weixin.qq.com/s?__biz=MzUyODkwNDIyMg==&mid=2247546579&idx=2&sn=74ed267221ac90fe1cefffdad9969d1b) - - [ ] [HirGen:针对深度学习编译器的模糊测试技术](https://mp.weixin.qq.com/s?__biz=MzU1NTEzODc3MQ==&mid=2247486850&idx=1&sn=dced461f84a7bc0c0fce0bc7d690ea72) - - [ ] [国金证券与持安科技共研课题,荣获证券期货业网络安全创新实验室“优秀课题三等奖”](https://mp.weixin.qq.com/s?__biz=Mzg2NTYxNjMzMg==&mid=2247495747&idx=1&sn=f5822d19ef79d87997ef2c87b1df1c88) - - [ ] [信息安全等级保护测评的价值](https://mp.weixin.qq.com/s?__biz=MzU5MTIxNzg0Ng==&mid=2247488126&idx=1&sn=be5e2217a7458c0b445edba62ec64bd3) - - [ ] [当歌 - RSS 订阅分发平台开发](https://mp.weixin.qq.com/s?__biz=Mzg3MTE0NTg4OQ==&mid=2247484105&idx=1&sn=3793c462d03f9093ac8349454d179d59) - - [ ] [安利一款逆向辅助神器WPeChatGPT](https://mp.weixin.qq.com/s?__biz=Mzk0ODY1NzEwMA==&mid=2247485720&idx=1&sn=987788354775c7ae7c1bc7f48235e5f9) - - [ ] [漏洞赏金方法 2025 版](https://mp.weixin.qq.com/s?__biz=MzkwOTE5MDY5NA==&mid=2247504442&idx=1&sn=b38e2fd23874bcc57a2cad01406af7aa) - - [ ] [【插件推荐】Heimdallr-被动嗅探浏览器流量](https://mp.weixin.qq.com/s?__biz=MzkxNjY1MjY3OQ==&mid=2247488163&idx=1&sn=51556518b5b93659b3f07fa1f165dd43) - - [ ] [【黑产大数据】恶意贷款中介揭秘](https://mp.weixin.qq.com/s?__biz=MzI3NDY3NDUxNg==&mid=2247498437&idx=1&sn=5c259f2e9ba6de730bc41e763ee2d2dd) - - [ ] [【漏洞通告】Ivanti 多款产品缓冲区溢出漏洞安全风险通告](https://mp.weixin.qq.com/s?__biz=MzU4NjY4MDAyNQ==&mid=2247496924&idx=1&sn=cde3f8dcc5062f5bae2fbcc43db8c4d1) - - [ ] [【漏洞通告】SonicOS SSLVPN 认证绕过漏洞安全风险通告](https://mp.weixin.qq.com/s?__biz=MzU4NjY4MDAyNQ==&mid=2247496924&idx=2&sn=b5e7145e48fd905325fcdf22665c67cd) - - [ ] [工具 | 一款替代Frp完美消除网络特征的内网穿透神器](https://mp.weixin.qq.com/s?__biz=MzkxNDAyNTY2NA==&mid=2247519413&idx=1&sn=acd47706d52a5ccae891e48e5d3d7cff) - - [ ] [实战 | 攻防演练某x医院内网拿下集权](https://mp.weixin.qq.com/s?__biz=MzkxNDAyNTY2NA==&mid=2247519413&idx=2&sn=2363399bbb13f91288886c2db1c060b9) - - [ ] [Ignition工控系统反序列化漏洞(CVE-2020-10644)](https://mp.weixin.qq.com/s?__biz=Mzg2NzkxOTQ0OA==&mid=2247484500&idx=1&sn=bc5612c622b398355de7cfab77b9ff4e) - - [ ] [2024补天平台【专属SRC】年度榜单发布!](https://mp.weixin.qq.com/s?__biz=MzI2NzY5MDI3NQ==&mid=2247507272&idx=1&sn=4dda0db202724e951d5e867b98fbb1be) - - [ ] [黑吉蛇机械键盘驱动](https://mp.weixin.qq.com/s?__biz=Mzk0MTI4NTIzNQ==&mid=2247492158&idx=1&sn=cd2af2f382815ebd64d1646b16fee7c9) - - [ ] [ISRC-2025新年活动来咯~~](https://mp.weixin.qq.com/s?__biz=MzI4NTYwMzc5OQ==&mid=2247500722&idx=1&sn=6f3485b3faf3babb15fbaeb302371ad9) - - [ ] [265种windows渗透工具合集--灵兔宝盒](https://mp.weixin.qq.com/s?__biz=MzA5MzYzMzkzNg==&mid=2650962339&idx=1&sn=e05bc1fa240d96de64e878ee294e2550) - - [ ] [华为手机地震报警怎么设置](https://mp.weixin.qq.com/s?__biz=MzA5MzYzMzkzNg==&mid=2650962339&idx=2&sn=ccd29e6433da05cac227a2252dfe072b) - - [ ] [2024年华为手机哪一款性价比高?华为手机推荐与市场分析(12月更新)](https://mp.weixin.qq.com/s?__biz=MzA5MzYzMzkzNg==&mid=2650962339&idx=3&sn=e27a33cc1f78deb0520803d748308723) - - [ ] [【艺术鉴赏】抖音直播更新,睡眠更新左颜玉很下饭8个视频](https://mp.weixin.qq.com/s?__biz=MzA5MzYzMzkzNg==&mid=2650962339&idx=4&sn=48ad9b276b80077931b9c155810e2ccf) - - [ ] [安全分析师 2025 年应该知道的 OSINT 工具](https://mp.weixin.qq.com/s?__biz=MzkxMDIwMTMxMw==&mid=2247494403&idx=1&sn=219174cdbe6daef3141b46dbc0ccf839) + - [ ] [一种新的安卓恶意软件伪装成 Telegram 的高级版本](https://mp.weixin.qq.com/s?__biz=MzkxNDM4OTM3OQ==&mid=2247505688&idx=1&sn=51fc10c9de18920df368d2f73f9869b5) + - [ ] [Chrome 扩展程序利用关键字操纵漏洞](https://mp.weixin.qq.com/s?__biz=MzkxNDM4OTM3OQ==&mid=2247505688&idx=2&sn=477172aee3cdadaaf70998c3cea3b917) + - [ ] [Proton 称大规模停电是由基础设施超载造成的](https://mp.weixin.qq.com/s?__biz=MzkxNDM4OTM3OQ==&mid=2247505688&idx=3&sn=6cc097c5896476f06ddf9fcaeaafcccb) + - [ ] [蒋昌建&沈逸东方夜话 | 网络安全审查:隔离墙?安全阀!](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485395&idx=1&sn=16953adf52d1c675c4f5c4001dfdba21) + - [ ] [原创文章目录](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485395&idx=6&sn=64fdadc2be07e6e80090a862faa9369e) + - [ ] [黑客攻击21个省市社保、医疗系统,“爬取”公民信息获利500余万](https://mp.weixin.qq.com/s?__biz=MzkxMjYxODcyNA==&mid=2247485436&idx=1&sn=a0980e4928229561330fac1109576927) + - [ ] [小白必看之漏洞区分](https://mp.weixin.qq.com/s?__biz=Mzk1NzQwNjQ4Ng==&mid=2247484134&idx=1&sn=723a6d60f099a461d07ed5d08217cc40) + - [ ] [今日ootd](https://mp.weixin.qq.com/s?__biz=MzI1Mjc3NTUwMQ==&mid=2247538427&idx=1&sn=54f7435160b21f5bcb326d08a651ef51) + - [ ] [Android手机微信怎么找回删除的好友?其实很简单只需要简单几步就可以搞定](https://mp.weixin.qq.com/s?__biz=MzI2OTk4MTA3Ng==&mid=2247496703&idx=1&sn=79bf4b6fe407e5271f65f5f94917dd00) + - [ ] [FOFA搜索引擎语法---信息收集篇](https://mp.weixin.qq.com/s?__biz=MzkxNjg3NTQ4NA==&mid=2247485322&idx=1&sn=30ebbff69ae793676247af3791e49cd9) + - [ ] [‘黑掉’NASA:SSRF、子域接管以及XSS](https://mp.weixin.qq.com/s?__biz=Mzg2ODYxMzY3OQ==&mid=2247518163&idx=1&sn=45bb532ff4bec0fd51a5a77eab8d2359) + - [ ] [PotatoTool一款功能强大的网络安全综合工具支持免杀、自定义内存马、提权、扫描、一键解密、AI分析、溯源等等](https://mp.weixin.qq.com/s?__biz=MzkzMDg1MzIwNA==&mid=2247486334&idx=1&sn=f538d24db455aad0f34937d750facd60) + - [ ] [小程序抓包教程(全网最简单教程)](https://mp.weixin.qq.com/s?__biz=Mzk0MzQxODc3NA==&mid=2247484313&idx=1&sn=5e4aa0124d1589ce722dda5c18861f9f) + - [ ] [手机上的后门|防不胜防的RAT攻击](https://mp.weixin.qq.com/s?__biz=Mzg3OTUxNTU2NQ==&mid=2247489945&idx=3&sn=05f2df570592ec160dc273c008c6b48b) + - [ ] [Dirsearch | 目录枚举神器 你真的会用吗?](https://mp.weixin.qq.com/s?__biz=MzkzMzg3MzMyOA==&mid=2247485921&idx=1&sn=55199c6c42e12ae12c6933d3c57895bb) + - [ ] [为何企业需实施信息安全等级保护?](https://mp.weixin.qq.com/s?__biz=MzU5MTIxNzg0Ng==&mid=2247488131&idx=1&sn=b0942d524e678ad4cb0e6bff4f646f31) + - [ ] [中安协数字安全专业委员会第一届第二次会议在京举行](https://mp.weixin.qq.com/s?__biz=MjM5NTY4NTM1OQ==&mid=2650683479&idx=1&sn=9f35a5a195aa37a6f05fc85b20315c6d) + - [ ] [你们这些黑客到底用不用python啊?](https://mp.weixin.qq.com/s?__biz=MzkyOTQzNjIwNw==&mid=2247491345&idx=1&sn=58551e8465f73714ac7176fb6fbee68e) + - [ ] [【漏洞工具】某路由器任意文件读取漏洞Goby低级模式利用工具](https://mp.weixin.qq.com/s?__biz=Mzg5NTU2NjA1Mw==&mid=2247495975&idx=1&sn=b05958a60bbf5bbaa0abccc2f249abb9) + - [ ] [信息收集平台的使用方法](https://mp.weixin.qq.com/s?__biz=MzI0NjE1NDYyOA==&mid=2247484781&idx=1&sn=45b2722155dfaf5f077435685336f3aa) + - [ ] [接私活神器!ThingsKit 国产开源 IoT 物联网平台+边缘网关,轻松交付可视化大屏](https://mp.weixin.qq.com/s?__biz=MjM5OTA4MzA0MA==&mid=2454936559&idx=1&sn=18c770486e56d8200c441ace43890bc8) + - [ ] [IT知识百科:公钥和私钥是什么?有啥区别?一篇文章全搞懂!](https://mp.weixin.qq.com/s?__biz=MzIyMzIwNzAxMQ==&mid=2649464441&idx=1&sn=a7a893c6b4db5dc6f80b48af3b3b308b) + - [ ] [在看 | 周报:中国铁路12306网站出现网络故障;Kimi崩上热搜;美国超千万中小学生个人数据疑似泄露](https://mp.weixin.qq.com/s?__biz=MzU5ODgzNTExOQ==&mid=2247634455&idx=1&sn=3e9529a11f81c8fe2b01f3d030fa0af0) + - [ ] [在看 | 厂商:本周热门网络安全产业动态](https://mp.weixin.qq.com/s?__biz=MzU5ODgzNTExOQ==&mid=2247634455&idx=2&sn=41247f17b16e02cc9ae636b8ee9dc7b3) + - [ ] [带你解锁编码新世界!--随波逐流CTF编码工具使用教程33 --JJEncode密码](https://mp.weixin.qq.com/s?__biz=MzU2NzIzNzU4Mg==&mid=2247489433&idx=1&sn=87cfa9aec661b04493ce3613c43f289a) + - [ ] [【安全圈】江苏一男子利用小程序Bug逃匿28万加油费,法院判了](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067274&idx=1&sn=5bef640b5980a10e736f5e8b28bb6773) + - [ ] [【安全圈】涉案3.3亿!有人非法搭建支付平台获利超200万](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067274&idx=2&sn=792e4a8d18c9865be6e1131bf29116e9) + - [ ] [【安全圈】Ivanti VPN 零日漏洞正在被黑客利用](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067274&idx=3&sn=8eb5cc6c0a00bef351ca6ec387133310) + - [ ] [浏览器如何阻止进程注入的 RWX 执行](https://mp.weixin.qq.com/s?__biz=MzAxODM5ODQzNQ==&mid=2247486268&idx=1&sn=052b0ec1bfa44b1828fc15b689b694ce) + - [ ] [学术前沿 | 鹏城实验室威胁情报团队:网络威胁情报共享与融合技术综述](https://mp.weixin.qq.com/s?__biz=MzI0NjU2NDMwNQ==&mid=2247504587&idx=1&sn=4eaf1ab6a4b15883ae9a77be4357a271) + - [ ] [机票诈骗路线简图分析(原创)](https://mp.weixin.qq.com/s?__biz=MzA5MTYyMDQ0OQ==&mid=2247493500&idx=1&sn=5a162845740d94d3905f334b97524029) + - [ ] [机票诈骗路线分析简图](https://mp.weixin.qq.com/s?__biz=MzA5MTYyMDQ0OQ==&mid=2247493494&idx=1&sn=befb46f4cf55c317d53c5c8bcfc9dcb6) + - [ ] [新一代Github投毒|针对网络安全人员钓鱼](https://mp.weixin.qq.com/s?__biz=MzkyMzI3OTY4Mg==&mid=2247486844&idx=1&sn=184e1f0c5c593d95b0b5414c05c9e171) + - [ ] [疑黑客出售国内某IT企业服务器访问权限,456GB数据遭泄露](https://mp.weixin.qq.com/s?__biz=MzkyMjQ5ODk5OA==&mid=2247506729&idx=1&sn=99faf6c867705475671630c95a81b63a) + - [ ] [fsacn工具及二开](https://mp.weixin.qq.com/s?__biz=Mzk0Mjg4MTQxMw==&mid=2247485498&idx=1&sn=af916ec09177e84bf30acb1afcbed6d4) + - [ ] [护网行动——筑牢网络防线的关键战役](https://mp.weixin.qq.com/s?__biz=MzkxODc5OTg5MQ==&mid=2247484228&idx=1&sn=78f7850c6323e7fd2e092f810c2c5006) + - [ ] [嵌入式软件OTA升级,有哪几种FLASH划分方式?](https://mp.weixin.qq.com/s?__biz=MzIzOTc2OTAxMg==&mid=2247548769&idx=1&sn=32ba30356cabef720cf10639cb786fc6) + - [ ] [有趣的linux文件系统](https://mp.weixin.qq.com/s?__biz=MzIzOTc2OTAxMg==&mid=2247548769&idx=2&sn=a0d02cbb173ca18db47b1fec30deb2ff) + - [ ] [时代的痕迹](https://mp.weixin.qq.com/s?__biz=MzIwODc2NjgxNA==&mid=2247484965&idx=1&sn=6e1b33697f9299571f6559d8a66d1606) + - [ ] [CTF自毁程序密码:逆向分析](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458588573&idx=1&sn=c40b84e0094dfcbca49818f166d4c1f8) + - [ ] [欢迎报名!新课《Frida源码情景分析》](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458588573&idx=2&sn=faff2f0fd2cdc5ddab970c5ab150d74c) + - [ ] [扫码下载 | 信息技术应用创新 信息系统适配改造成本度量](https://mp.weixin.qq.com/s?__biz=MjM5OTk4MDE2MA==&mid=2655263684&idx=1&sn=376629b883698a615a6e3025f05f926b) + - [ ] [国家网信办就《网络信息内容多渠道分发服务机构相关业务活动管理规定(草案稿)》公开征求意见](https://mp.weixin.qq.com/s?__biz=MjM5MzMwMDU5NQ==&mid=2649170115&idx=1&sn=1b3539813ba293f5cb2035f9db5f03d9) + - [ ] [中文互联网语料资源平台发布](https://mp.weixin.qq.com/s?__biz=MjM5MzMwMDU5NQ==&mid=2649170115&idx=2&sn=970cf26d470dc1bf1f3c07a281c1f8b8) + - [ ] [短文:对现实里网络安全领域的新认识](https://mp.weixin.qq.com/s?__biz=MzUyMTUwMzI3Ng==&mid=2247485562&idx=1&sn=8b6790ca85055bf567130a044261ebda) + - [ ] [[论文翻译]多步骤越狱隐私攻击对ChatGPT的影响](https://mp.weixin.qq.com/s?__biz=Mzg4NDMyOTE3MQ==&mid=2247483707&idx=1&sn=a33f0657bbd604fcbcef3831065f344e) + - [ ] [强烈建议尽快搞个软考证!(重大利好)](https://mp.weixin.qq.com/s?__biz=MzkxMzIwNTY1OA==&mid=2247510688&idx=1&sn=91e1b11170faaac8b622422bacbbee1d) + - [ ] [IDEA研究院:低空经济发展白皮书3.0-安全体系](https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247619257&idx=1&sn=96e34669c425319bcf2492a6d8490989) + - [ ] [低空经济启航,安全体系护航 低空经济网络安全体系化研究报告](https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247619257&idx=2&sn=9a3a8d4176b9464783118adcb475a303) + - [ ] [《车路云一体化系统 第7部分:信息安全要求和试验方法》(草案)](https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247619257&idx=3&sn=6c3b2101700e191b3d5daa0e12edac8f) + - [ ] [基于大模型(LLM)的黑盒RCE漏洞挖掘](https://mp.weixin.qq.com/s?__biz=MzU0NDI5NTY4OQ==&mid=2247486253&idx=1&sn=62124571618afa3afa400518ed8a9638) + - [ ] [因敏感数据泄露、未分类分级、个人信息未脱敏等行为违反《数据安全法》,2公司被处罚](https://mp.weixin.qq.com/s?__biz=MzIxMDIwODM2MA==&mid=2653931395&idx=1&sn=e6190c89b218ac0c466a14c75e7a6b05) + - [ ] [【吃瓜】安全圈里我们带专真的没有未来了么?](https://mp.weixin.qq.com/s?__biz=Mzg4MTkwMTI5Mw==&mid=2247488580&idx=1&sn=fe3d7fd390432632c7f806abaad20c70) + - [ ] [区块链和加密货币的基础知识](https://mp.weixin.qq.com/s?__biz=Mzg4NzgyODEzNQ==&mid=2247488593&idx=1&sn=54713e09991db527898a10feed8de69a) + - [ ] [阿里云WAF日志接入到线下GrayLog日志系统并实现一键联动CFW封锁攻击IP](https://mp.weixin.qq.com/s?__biz=MzU2MjU1OTE0MA==&mid=2247499573&idx=1&sn=8741fa4bb7cd732d193174aaa6906d4c) + - [ ] [科技部:科技体制迎来重大变革!将赋予科学家更大技术路线决定权、经费支配权和资源调度权](https://mp.weixin.qq.com/s?__biz=Mzg4MDU0NTQ4Mw==&mid=2247528558&idx=1&sn=b3c0525a2c26829c266c59189b5cb80d) + - [ ] [焦点 | 为应对车辆网络风险,车联网安全新国标将于2025年4月1日起实施](https://mp.weixin.qq.com/s?__biz=Mzg4MDU0NTQ4Mw==&mid=2247528558&idx=2&sn=c261577265abf34f283f3a072d7e8c30) + - [ ] [开发Tips|用JS判断并采集webpack路由](https://mp.weixin.qq.com/s?__biz=MzIzNDU5Mzk2OQ==&mid=2247486354&idx=1&sn=8977447058f845375a7ecf6bd858e8f2) + - [ ] [【web靶场】之upload-labs专项训练(基于BUUCTF平台)](https://mp.weixin.qq.com/s?__biz=MzAxNTg1MDYxNA==&mid=2247488087&idx=1&sn=3f4f3a7e578bc86cf83395782f006b6e) + - [ ] [传输速率和带宽介绍](https://mp.weixin.qq.com/s?__biz=Mzg3NTUzOTg3NA==&mid=2247514946&idx=1&sn=ca0755f2190ba765dc7cb8b15f37258a) + - [ ] [利用 Coze(扣子)打造微信公众号MD5解密工具](https://mp.weixin.qq.com/s?__biz=Mzg3MTE0NTg4OQ==&mid=2247484129&idx=1&sn=d7256d4765b83eaab55bf028680cc65e) + - [ ] [交换机背板带宽、交换容量与包转发率到底是啥?](https://mp.weixin.qq.com/s?__biz=MzUyNTExOTY1Nw==&mid=2247527815&idx=1&sn=bc9179f78ebb563fe9e3bc8f9329d802) + - [ ] [【吃瓜】要不是真的没绷住,没周末还发吃瓜啊?](https://mp.weixin.qq.com/s?__biz=MzU3MjU4MjM3MQ==&mid=2247489545&idx=1&sn=47aa25dcfe2bfe62d27bf19209914f1d) + - [ ] [哥斯拉Godzilla](https://mp.weixin.qq.com/s?__biz=MzkwNDg4MTg5MQ==&mid=2247483814&idx=1&sn=2e64891b89d7016a24ed852389c96dcc) + - [ ] [新型攻击 CSPT2CSR-利用客户端路径遍历实现 CSRF 攻击](https://mp.weixin.qq.com/s?__biz=MzkwODI1ODgzOA==&mid=2247506468&idx=1&sn=57c909dcd40beda22cb475698eb15791) + - [ ] [对不起兄弟,这太搞笑了,我还以为多吊呢](https://mp.weixin.qq.com/s?__biz=MzkxMTUwOTY1MA==&mid=2247489953&idx=1&sn=74f06278ff67fa66bf183f9636075354) + - [ ] [【2025-01-11】每日安全资讯](https://mp.weixin.qq.com/s?__biz=MzIzNDU5NTI4OQ==&mid=2247488273&idx=1&sn=5ea90e3b65326e9f7869f6e800b2ca9e) + - [ ] [美国位置数据泄露第三季](https://mp.weixin.qq.com/s?__biz=MzkzNDIzNDUxOQ==&mid=2247494161&idx=1&sn=d61fecfaafcdf6eda88e6e06c5f7b80d) + - [ ] [狩猎网络罪犯读书笔记1](https://mp.weixin.qq.com/s?__biz=MzkzNDIzNDUxOQ==&mid=2247494161&idx=2&sn=b46158940c7fe32183842671c3f549e8) + - [ ] [为什么说震网是改变战争形态的里程碑?内情令人胆寒](https://mp.weixin.qq.com/s?__biz=MzI5MjY4MTMyMQ==&mid=2247489576&idx=1&sn=618cdfd9a4f8ab5cbab648eeae5b9079) + - [ ] [TestNet资产管理系统](https://mp.weixin.qq.com/s?__biz=Mzk1NzIzOTc5MQ==&mid=2247484053&idx=1&sn=9c3e53535e4f024cf173b956cdb5405c) + - [ ] [ISO 45001: 2018 标准详解与实施(6)5.2 职业健康安全方针](https://mp.weixin.qq.com/s?__biz=MzA5OTEyNzc1Nw==&mid=2247485907&idx=1&sn=4ec38baeea4c73ba0e7c361f48f95c65) + - [ ] [ISO 14001: 2015 标准详解与实施(6)5.2 环境方针](https://mp.weixin.qq.com/s?__biz=MzA5OTEyNzc1Nw==&mid=2247485907&idx=2&sn=01eed680f2d0e787b6f0312c6a08cdad) + - [ ] [中国网络空间安全协会人工智能安全治理专委会工作年会在京召开](https://mp.weixin.qq.com/s?__biz=MzA3ODE0NDA4MA==&mid=2649401237&idx=1&sn=df00863fc872c7f6d3cc548bc8eb730f) + - [ ] [中国软件评测中心2024年干部述职述廉考核 工作总结表彰大会暨2025年工作计划会圆满召开](https://mp.weixin.qq.com/s?__biz=MjM5NzYwNDU0Mg==&mid=2649249349&idx=1&sn=5ce3e4372ef3f4c1f5df64146ba51e2c) + - [ ] [工业和信息化部多项调研报告获评中央和国家机关“关键小事”优秀调研成果](https://mp.weixin.qq.com/s?__biz=MjM5NzYwNDU0Mg==&mid=2649249349&idx=2&sn=6fcd5f820bab0fb3c9659c2250eac6a3) + - [ ] [电子科大、成都信息工程大学因串通投标被军队暂停采购资格……](https://mp.weixin.qq.com/s?__biz=MzUzNjkxODE5MA==&mid=2247488019&idx=1&sn=c5c14590da29f654d004e4ab4d305c1d) + - [ ] [网络安全团队里的“中坚力量”,你是吗?](https://mp.weixin.qq.com/s?__biz=MzUzNjkxODE5MA==&mid=2247488017&idx=1&sn=f15565cbb18bc234379fb50d266fcf33) + - [ ] [「漏洞复现」瑞友天翼应用虚拟化系统 GetPwdPolicy SQL注入漏洞](https://mp.weixin.qq.com/s?__biz=MzkyNDY3MTY3MA==&mid=2247486728&idx=1&sn=a2987c4ca400a3a3686e1c8ebff60b66) + - [ ] [锦鲤揭秘时刻!快来看看锦鲤礼包花落谁家吧~](https://mp.weixin.qq.com/s?__biz=MzkyNzIwMzY4OQ==&mid=2247489533&idx=1&sn=f4c093ed6016e977e9eb01ba7d80d4a6) + - [ ] [【已复现】Ivanti Connect Secure 堆栈溢出致远程代码执行漏洞(CVE-2025-0282)](https://mp.weixin.qq.com/s?__biz=MzIwMDk1MjMyMg==&mid=2247492691&idx=1&sn=e1d64db4b8957907e6417a61d2c40fa4) + - [ ] [区块链 智能合约安全 重入漏洞](https://mp.weixin.qq.com/s?__biz=MzUyODkwNDIyMg==&mid=2247546608&idx=1&sn=b4f5a8e22730b23ce5aafde8d28133c7) + - [ ] [记一次利用堡垒机内部邮件钓鱼突破外网](https://mp.weixin.qq.com/s?__biz=MzUyODkwNDIyMg==&mid=2247546608&idx=2&sn=fa2f54df172222e03c35ea3caf1c0049) + - [ ] [3分钟搞懂网络安全中的等保测评与密评](https://mp.weixin.qq.com/s?__biz=MzI5MTIwOTQ5MA==&mid=2247487550&idx=1&sn=e69ab6059767dbbf0aac795e8df1be31) + - [ ] [【资料】创建开源情报机构的理由](https://mp.weixin.qq.com/s?__biz=MzI2MTE0NTE3Mw==&mid=2651148500&idx=1&sn=6cb5b45ccad95f39148ef2240c25d8f8) + - [ ] [AI 监工软件盯梢员工太疯狂:5 秒截屏,打字慢、上网久都拿“红牌”!网友狂喷,但巨头争相使用](https://mp.weixin.qq.com/s?__biz=MzIyMDEzMTA2MQ==&mid=2651168298&idx=1&sn=3c5b0ded6cad54b292862f58f5369831) + - [ ] [度盘下载加速工具推荐:ODE多功能助手](https://mp.weixin.qq.com/s?__biz=Mzk1NzI5MTc0Nw==&mid=2247484517&idx=1&sn=2bd3b00e674a0d1be43b66ac5724db1e) + - [ ] [专刊抽奖中奖名单](https://mp.weixin.qq.com/s?__biz=MzAwMTMzMDUwNg==&mid=2650889518&idx=1&sn=ba617630ef1fac5cd159e0c01ae1fd53) + - [ ] [“冒充领导”类诈骗,卷土重来;|超4000个Web后门通过注册过期域名被劫持](https://mp.weixin.qq.com/s?__biz=MzAxMjE3ODU3MQ==&mid=2650606471&idx=1&sn=120c2e88e30369b733fa97f03501efa5) + - [ ] [Outlaw挖矿僵尸网络近期活动分析](https://mp.weixin.qq.com/s?__biz=MzkxNjU2NjY5MQ==&mid=2247509606&idx=1&sn=50a3a3d1504439cffe889651d80783f9) + - [ ] [2025年网络安全的关键预测](https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651311810&idx=1&sn=0949ff64635d18a43417f0b5f69206dc) + - [ ] [2024年网络空间安全漏洞态势分析研究报告](https://mp.weixin.qq.com/s?__biz=MjM5OTk4MDE2MA==&mid=2655263668&idx=1&sn=ac8c38d0522ed2d4c979644a09ff179d) + - [ ] [PHP_webshell免杀01-变量绕过](https://mp.weixin.qq.com/s?__biz=Mzk0ODY1NzEwMA==&mid=2247485722&idx=1&sn=a2c7c523ae398f2abeb6964e913d5fe1) + - [ ] [技战法免费领取](https://mp.weixin.qq.com/s?__biz=MzU4OTg4Nzc4MQ==&mid=2247505461&idx=1&sn=31702cac17f1ecb8039b4f709027dbba) + - [ ] [赛欧思一周资讯分类汇总(2025-01-06 ~ 2025-01-11)](https://mp.weixin.qq.com/s?__biz=MzU0MjE2Mjk3Ng==&mid=2247488390&idx=1&sn=28a42a161f0dd7b4c89a8ec66f2b3688) + - [ ] [网络安全资讯周报](https://mp.weixin.qq.com/s?__biz=MzkwNjQxOTk1Mg==&mid=2247486048&idx=1&sn=4b9c18e6c9bcd1ed7b24cb583ee574af) + - [ ] [乌克兰黑客杀疯了:斯洛伐克土地登记处遭遇该国历史上最大规模网络攻击](https://mp.weixin.qq.com/s?__biz=MzI2NzAwOTg4NQ==&mid=2649793817&idx=1&sn=31d98bca3e3dddf22ab92e0463ca9e8b) + - [ ] [RedDelta 黑客组织在最新的活动中部署 PlugX 恶意软件](https://mp.weixin.qq.com/s?__biz=MzI2NzAwOTg4NQ==&mid=2649793817&idx=2&sn=e2891ae57a7c8de111ae54c7ce929e6e) + - [ ] [Google Project Zero 研究人员发现针对三星设备的零点击漏洞](https://mp.weixin.qq.com/s?__biz=MzI2NzAwOTg4NQ==&mid=2649793817&idx=3&sn=76e96780b09c070feb5068ffc86b1d38) + - [ ] [安全、运维、网工必备神器——堡垒机,你竟然还不知道?](https://mp.weixin.qq.com/s?__biz=MzIwMzIyMjYzNA==&mid=2247517703&idx=1&sn=50348211d1074a0deed597c3d360d687) + - [ ] [Secator - 渗透测试人员的瑞士军刀](https://mp.weixin.qq.com/s?__biz=Mzk0Mzc1MTI2Nw==&mid=2247486995&idx=1&sn=20ab12dd8d9081f2494ba15ed7357885) + - [ ] [新型Hellcat勒索病毒分析](https://mp.weixin.qq.com/s?__biz=MzA4ODEyODA3MQ==&mid=2247489905&idx=1&sn=d221af8624b76e73a62cffd81d4afb24) + - [ ] [印度发布重磅数据保护法规草案:最高罚款25亿卢比!](https://mp.weixin.qq.com/s?__biz=MzA4NTY4MjAyMQ==&mid=2447900021&idx=1&sn=fc88038644d5a0b0c105263ee4ab7338) + - [ ] [网站域名遭非法盗用篡改,郑州两家公司被行政处罚](https://mp.weixin.qq.com/s?__biz=MzI4NDY2MDMwMw==&mid=2247513467&idx=1&sn=3ea80990fd1c334a5bbf3e29305787b1) + - [ ] [暗网情报:涉国内网络赌博平台用户、泰国矿产、西班牙电信](https://mp.weixin.qq.com/s?__biz=MzkyMjQ5ODk5OA==&mid=2247506720&idx=1&sn=650965b4297334d5e4a6234b8583f8a8) + - [ ] [不容错过!2025年十大顶级网络安全盛会](https://mp.weixin.qq.com/s?__biz=MzkyMjQ5ODk5OA==&mid=2247506720&idx=2&sn=88b06af4662ae0dfcbde4ca62eb88931) + - [ ] [5th域安全微讯早报【20250111】010期](https://mp.weixin.qq.com/s?__biz=MzkyMjQ5ODk5OA==&mid=2247506720&idx=3&sn=af839aa95e78efb7be5e2e06e6b8b2ee) + - [ ] [星禾团队 | 网络安全征程中的温暖与成长](https://mp.weixin.qq.com/s?__biz=MzkyNzY1NzEwMQ==&mid=2247484514&idx=1&sn=04484173f93ff63f798fb1b2a3ed2317) + - [ ] [防务简报丨美国完成B61-12核航弹的延寿计划](https://mp.weixin.qq.com/s?__biz=Mzg2NTYyODgyNg==&mid=2247504378&idx=1&sn=16f19e21d9a01dfc01822f9de3c62558) + - [ ] [大模型安全的漏洞](https://mp.weixin.qq.com/s?__biz=MzAwMjA5OTY5Ng==&mid=2247525574&idx=1&sn=71fbd1aa0ae586008514d626ad81cd1e) + - [ ] [国产化综合红队协同工具TangGo](https://mp.weixin.qq.com/s?__biz=MzkyNzIxMjM3Mg==&mid=2247488858&idx=1&sn=5a77b79821ec4386d514cd9d4778e29b) + - [ ] [被释放前的幻想罢了](https://mp.weixin.qq.com/s?__biz=MzkyNzIxMjM3Mg==&mid=2247488858&idx=2&sn=0446c2906e8992ebc7000672d885bf69) + - [ ] [某电商平台如何在黑客攻击中快速恢复业务?](https://mp.weixin.qq.com/s?__biz=Mzg4NDc0Njk1MQ==&mid=2247487166&idx=1&sn=98a2f1aca47e19e7c549633c8a24edcd) + - [ ] [某初创公司如何用有限预算实现高效安全防护?](https://mp.weixin.qq.com/s?__biz=Mzg4NDc0Njk1MQ==&mid=2247487166&idx=2&sn=16007712fa9ae625a2f68f95f2233bf8) + - [ ] [【oscp】靶机-election](https://mp.weixin.qq.com/s?__biz=Mzg2Nzk0NjA4Mg==&mid=2247497830&idx=1&sn=aa42b57935b72725f2ee5ec3a9dcdc6d) + - [ ] [揭秘威胁情报:企业安全防线的智能守护者!(附下载)](https://mp.weixin.qq.com/s?__biz=MzkyODY5ODAyOA==&mid=2247489198&idx=1&sn=6317dda5d9369d93f16a15df246337f4) + - [ ] [原始数据的防护之基:业务数据化阶段的数据安全建设(第九章)](https://mp.weixin.qq.com/s?__biz=MzkwNTI3MjIyOQ==&mid=2247484108&idx=1&sn=855d8b552ad49246be156a25554fc794) + - [ ] [修电脑](https://mp.weixin.qq.com/s?__biz=MzAwMjQ2NTQ4Mg==&mid=2247496556&idx=1&sn=df372d4fcbabb1a9eb0061fd1481fab5) + - [ ] [寻找隐藏的 API 密钥以及如何使用它们](https://mp.weixin.qq.com/s?__biz=MzkwOTE5MDY5NA==&mid=2247504443&idx=1&sn=909a173e7711238591b789421da6f974) + - [ ] [寒假将至 | 网络安全温馨提醒](https://mp.weixin.qq.com/s?__biz=Mzg5OTg5OTI1NQ==&mid=2247489677&idx=1&sn=9321eb9dd76ad1030c9edc27a3356a64) + - [ ] [侧信道分析测评套件更新-全面支持智能密码钥匙采波分析](https://mp.weixin.qq.com/s?__biz=MzI2NTUyODMwNA==&mid=2247494096&idx=1&sn=80632feea28c999c821305a083fe4055) + - [ ] [关于渗透应急CISP-PTE/CISP-IRE考试重要通知](https://mp.weixin.qq.com/s?__biz=MzIxNTM4NDY2MQ==&mid=2247515671&idx=1&sn=d09813014ef21089c6b16471091ce062) + - [ ] [【神兵利器】红队内网横向之CheeseTools](https://mp.weixin.qq.com/s?__biz=Mzg4MTU4NTc2Nw==&mid=2247494862&idx=1&sn=a00294b52f53901205a725cbe45a81d1) + - [ ] [应急响应靶机训练-Linux1](https://mp.weixin.qq.com/s?__biz=Mzg4MTU4NTc2Nw==&mid=2247494862&idx=2&sn=3ed1520df9278988298a6d804288f6a5) + - [ ] [国家网信办《网络信息内容多渠道分发服务机构相关业务活动管理规定(草案稿)》公开征求意见](https://mp.weixin.qq.com/s?__biz=MzkxNTI2NTQxOA==&mid=2247495920&idx=1&sn=8b95351dff8c95d58566f186d8f3172b) + - [ ] [武汉农商行因“数据管理不到位”等被罚365万](https://mp.weixin.qq.com/s?__biz=MzkxNTI2NTQxOA==&mid=2247495920&idx=2&sn=a4260d13e2e990efb71c627cba215b85) + - [ ] [中国网络空间安全协会发布中文互联网基础语料2.0](https://mp.weixin.qq.com/s?__biz=MzkxNTI2NTQxOA==&mid=2247495920&idx=3&sn=cde62e74e2a71716fed6509658b7fe15) + - [ ] [北京发布数据流通交易领域3项地方标准](https://mp.weixin.qq.com/s?__biz=MzkxNTI2NTQxOA==&mid=2247495920&idx=4&sn=1ee8ba2104e4fae0185c8eb47c32c346) + - [ ] [海南发布《海南省商场超市消费领域个人信息保护合规指引》](https://mp.weixin.qq.com/s?__biz=MzkxNTI2NTQxOA==&mid=2247495920&idx=5&sn=0a9a9bd9c4dbe7e03820563d31e31fc8) + - [ ] [妲己陪你玩,来和妲己玩耍吧!!!](https://mp.weixin.qq.com/s?__biz=Mzk0NDQwMDY1Nw==&mid=2247485639&idx=1&sn=de89f7127fe3b8508d5d032492f2744a) + - [ ] [每周文章分享-194](https://mp.weixin.qq.com/s?__biz=MzI1MTQwMjYwNA==&mid=2247501360&idx=1&sn=4ca6b7627bd52fea89a2d983b898d091) + - [ ] [分享的图片、视频、链接](https://mp.weixin.qq.com/s?__biz=MzkzNTIwNDEwNA==&mid=2247488530&idx=1&sn=ba35cce9938c913e917f5066b51ab338) + - [ ] [【讨论】当网安圈子变得越来越封闭,是否更有利于行业发展?u200b](https://mp.weixin.qq.com/s?__biz=MzU3MjU4MjM3MQ==&mid=2247489532&idx=1&sn=1a00fdd1c1ea4e99f35cb9fdbe525ee2) + - [ ] [分享图片](https://mp.weixin.qq.com/s?__biz=MzI3Njc1MjcxMg==&mid=2247494210&idx=1&sn=7326c6248aa355f405a445d31f896229) + - [ ] [渗透测试 -- 域渗透](https://mp.weixin.qq.com/s?__biz=MzI4MDQ5MjY1Mg==&mid=2247515531&idx=2&sn=d83de3a9eab0093f6533c21c7138aa97) + - [ ] [合理化堆栈:安全供应商整合案例](https://mp.weixin.qq.com/s?__biz=MzA5MzU5MzQzMA==&mid=2652113901&idx=1&sn=e5b249271c7340b3bb1092713434466f) + - [ ] [网信部门严厉打击整治网络水军问题](https://mp.weixin.qq.com/s?__biz=MzA5MzU5MzQzMA==&mid=2652113901&idx=2&sn=ca83165ac442d1d6d45528cf7c479135) + - [ ] [安卓逆向2025 -- Frida学习之hook案例(三)](https://mp.weixin.qq.com/s?__biz=MzA4MzgzNTU5MA==&mid=2652037513&idx=1&sn=5524b6772bc0ebff5ff1608375d7c682) + - [ ] [PC逆向 -- 异常简介](https://mp.weixin.qq.com/s?__biz=MzA4MzgzNTU5MA==&mid=2652037513&idx=2&sn=6cf66c78ed6df9414d26315873a30df7) + - [ ] [日本最大电信公司 NTT Docomo 因 DDoS 攻击瘫痪 12 小时](https://mp.weixin.qq.com/s?__biz=Mzg3ODY0NTczMA==&mid=2247491963&idx=1&sn=3b846beb566a085f5f4a647c6d6cee7a) + - [ ] [常见的网站安全漏洞视频课程](https://mp.weixin.qq.com/s?__biz=MzU3NzY3MzYzMw==&mid=2247499125&idx=2&sn=ed1a771fa6447002aa2fcf070c71c910) + - [ ] [aistudio有两把刷子](https://mp.weixin.qq.com/s?__biz=MzUzMjQyMDE3Ng==&mid=2247487873&idx=1&sn=129a164676242eb9768fdbf20a4b4840) - SecWiki News - - [ ] [SecWiki News 2025-01-10 Review](http://www.sec-wiki.com/?2025-01-10) -- 安全脉搏 - - [ ] [后门函数技术在二进制对抗中的应用](https://www.secpulse.com/archives/205266.html) - - [ ] [靶场战神为何会陨落?](https://www.secpulse.com/archives/205395.html) -- 安全客-有思想的安全新媒体 - - [ ] [入选“磐安”教育应用优秀案例!360打造人才培育标杆](https://www.anquanke.com/post/id/303426) - - [ ] [初始访问代理(IAB)如何出售用户证书](https://www.anquanke.com/post/id/303423) - - [ ] [注册过期域名,4000 多个后门被劫持](https://www.anquanke.com/post/id/303420) - - [ ] [俄罗斯 ISP 证实乌克兰黑客“摧毁”了其网络](https://www.anquanke.com/post/id/303417) - - [ ] [联合国航空机构确认招聘数据库存在安全漏洞](https://www.anquanke.com/post/id/303414) - - [ ] [医疗计费公司 Medusind 披露漏洞影响 36 万人](https://www.anquanke.com/post/id/303411) - - [ ] [黑客利用 KerioControl 防火墙漏洞窃取管理员 CSRF 标记](https://www.anquanke.com/post/id/303408) - - [ ] [SonicWall 敦促管理员立即修补可被利用的 SSLVPN 漏洞](https://www.anquanke.com/post/id/303404) - - [ ] [未修补的关键缺陷影响 Fancy Product Designer WordPress 插件](https://www.anquanke.com/post/id/303401) - - [ ] [2025 年的网络安全: 全球冲突、成熟的人工智能和群众的智慧](https://www.anquanke.com/post/id/303398) -- Security Boulevard - - [ ] [2025 SaaS Security Word of the Year: Adaptability | Grip](https://securityboulevard.com/2025/01/2025-saas-security-word-of-the-year-adaptability-grip/) - - [ ] [Strategic Approaches to Enhance Data Security](https://securityboulevard.com/2025/01/strategic-approaches-to-enhance-data-security/) - - [ ] [The Cost of Complacency in Credential Hygiene](https://securityboulevard.com/2025/01/the-cost-of-complacency-in-credential-hygiene/) - - [ ] [DEF CON 32 – Practical Exploitation of DoS in Bug Bounty](https://securityboulevard.com/2025/01/def-con-32-practical-exploitation-of-dos-in-bug-bounty/) - - [ ] [Below the Surface Winter 2024 Edition – The Year in Review](https://securityboulevard.com/2025/01/below-the-surface-winter-2024-edition-the-year-in-review/) - - [ ] [New Paper: “Future of SOC: Transform the ‘How’” (Paper 5)](https://securityboulevard.com/2025/01/new-paper-future-of-soc-transform-the-how-paper-5/) - - [ ] [Comic Agilé – Mikkel Noe-Nygaard, Luxshan Ratnaravi – #320 – Aligning Teams](https://securityboulevard.com/2025/01/comic-agile-mikkel-noe-nygaard-luxshan-ratnaravi-320-aligning-teams/) - - [ ] [Hackers Attack PowerSchool, Expose K-12 Teacher and Student Data](https://securityboulevard.com/2025/01/hackers-attack-powerschool-expose-k-12-teacher-and-student-data/) - - [ ] [Unlock collaboration and efficiency in software management with SBOMs](https://securityboulevard.com/2025/01/unlock-collaboration-and-efficiency-in-software-management-with-sboms/) - - [ ] [DEF CON 32 – Programming A CTS-V Gauge Cluster Into An ATS-V: Out Of Pure Spite](https://securityboulevard.com/2025/01/def-con-32-programming-a-cts-v-gauge-cluster-into-an-ats-v-out-of-pure-spite/) + - [ ] [SecWiki News 2025-01-11 Review](http://www.sec-wiki.com/?2025-01-11) - Private Feed for M09Ic - - [ ] [mgeeky starred Azr43lKn1ght/Rusty-PE-Packer](https://github.com/Azr43lKn1ght/Rusty-PE-Packer) - - [ ] [safedv starred TestingPens/CPLDropper](https://github.com/TestingPens/CPLDropper) - - [ ] [h3zh1 pushed to v0.0.4dev in chainreactors/malice-network](https://github.com/chainreactors/malice-network/compare/33010b5436...7b59033129) - - [ ] [wh0amitz starred sma11new/Pyke-Shiro](https://github.com/sma11new/Pyke-Shiro) - - [ ] [glzjin starred Inokinoki/ai-no-jimaku-gumi](https://github.com/Inokinoki/ai-no-jimaku-gumi) - - [ ] [cmjlove1 started following M09Ic](https://github.com/M09Ic) - - [ ] [HuYlllc pushed to v0.0.4dev in chainreactors/malice-network](https://github.com/chainreactors/malice-network/compare/7b59033129...419072b6e1) - - [ ] [zema1 starred BurntSushi/byteorder](https://github.com/BurntSushi/byteorder) - - [ ] [safedv starred Azr43lKn1ght/Rusty-PE-Packer](https://github.com/Azr43lKn1ght/Rusty-PE-Packer) - - [ ] [safedv started following zyn3rgy](https://github.com/zyn3rgy) - - [ ] [gh0stkey released HaE 4.0.3 at gh0stkey/HaE](https://github.com/gh0stkey/HaE/releases/tag/4.0.3) - - [ ] [mgeeky starred ColeHouston/Sunder](https://github.com/ColeHouston/Sunder) - - [ ] [ZeddYu starred liriliri/aya](https://github.com/liriliri/aya) - - [ ] [ZeddYu starred sourcebot-dev/sourcebot](https://github.com/sourcebot-dev/sourcebot) - - [ ] [Ridter starred kekingcn/kkFileView](https://github.com/kekingcn/kkFileView) - - [ ] [niudaii starred berdav/CVE-2021-4034](https://github.com/berdav/CVE-2021-4034) - - [ ] [Ascotbe starred WPeace-HcH/WPeChatGPT](https://github.com/WPeace-HcH/WPeChatGPT) - - [ ] [TideSec released v2.6.9 升级Zoomeye接口 at TideSec/TscanPlus](https://github.com/TideSec/TscanPlus/releases/tag/v2.6.9) - - [ ] [Ridter starred orbstack/orbstack](https://github.com/orbstack/orbstack) - - [ ] [CHYbeta starred DIYgod/RSSHub-Radar](https://github.com/DIYgod/RSSHub-Radar) - - [ ] [evilashz starred 0xthirteen/AssemblyHunter](https://github.com/0xthirteen/AssemblyHunter) - - [ ] [evilashz starred CICADA8-Research/Spyndicapped](https://github.com/CICADA8-Research/Spyndicapped) - - [ ] [xxDark forked xxDark/jna from java-native-access/jna](https://github.com/xxDark/jna) - - [ ] [shmilylty starred 4ra1n/poc-runner](https://github.com/4ra1n/poc-runner) - - [ ] [zema1 starred H4ckF0rFun/elf_to_shellcode](https://github.com/H4ckF0rFun/elf_to_shellcode) - - [ ] [zema1 starred JustRustThings/windows-rs](https://github.com/JustRustThings/windows-rs) - - [ ] [zema1 started following roblabla](https://github.com/roblabla) - - [ ] [CHYbeta starred juanfont/headscale](https://github.com/juanfont/headscale) - - [ ] [FunnyWolf starred criblio/python-api-wrapper](https://github.com/criblio/python-api-wrapper) -- ElcomSoft blog - - [ ] [iPhone and iPad Acquisition Methods: Yet Another Comparison](https://blog.elcomsoft.com/2025/01/iphone-and-ipad-acquisition-methods-yet-another-comparison/) -- ongoing by Tim Bray - - [ ] [AI Noise Reduction](https://www.tbray.org/ongoing/When/202x/2025/01/10/Photo-Noise-Reduction) -- 奇安信攻防社区 - - [ ] [从任意文件下载到getshell](https://forum.butian.net/share/4031) - - [ ] [记一次渗透测试过程中碰到的Symfony框架的利用](https://forum.butian.net/share/4028) -- Trustwave Blog - - [ ] [Why Vulnerability Scanning Alone Isn’t Enough: The Case for Penetration Testing](https://www.trustwave.com/en-us/resources/blogs/trustwave-blog/why-vulnerability-scanning-alone-isnt-enough-the-case-for-penetration-testing/) + - [ ] [spf13 starred trimmer-io/go-xmp](https://github.com/trimmer-io/go-xmp) + - [ ] [tennc starred linexjlin/GPTs](https://github.com/linexjlin/GPTs) + - [ ] [tennc starred PlexPt/awesome-chatgpt-prompts-zh](https://github.com/PlexPt/awesome-chatgpt-prompts-zh) + - [ ] [tennc starred f/awesome-chatgpt-prompts](https://github.com/f/awesome-chatgpt-prompts) + - [ ] [h3zh1 pushed to v0.0.4-patch in chainreactors/malefic](https://github.com/chainreactors/malefic/compare/9bf5e3ab84...3aea9cd265) + - [ ] [zema1 starred P1-Team/AlliN](https://github.com/P1-Team/AlliN) + - [ ] [safedv started following alfarom256](https://github.com/alfarom256) + - [ ] [safedv started following byt3bl33d3r](https://github.com/byt3bl33d3r) + - [ ] [safedv starred FujiwaraChoki/MoneyPrinterV2](https://github.com/FujiwaraChoki/MoneyPrinterV2) + - [ ] [zer0yu starred usagi-flow/evil-helix](https://github.com/usagi-flow/evil-helix) + - [ ] [zer0yu starred librasn/rasn](https://github.com/librasn/rasn) + - [ ] [zer0yu starred y21/tl](https://github.com/y21/tl) + - [ ] [HuYlllc pushed to v0.0.4dev in chainreactors/malice-network](https://github.com/chainreactors/malice-network/compare/3c4541da98...dd59b84145) + - [ ] [INotGreen released XiebroC2-v3.1.7 at INotGreen/XiebroC2](https://github.com/INotGreen/XiebroC2/releases/tag/XiebroC2-v3.1.7) + - [ ] [glzjin forked glzjin/MetasploitCoop_0x727 from 0x727/MetasploitCoop_0x727](https://github.com/glzjin/MetasploitCoop_0x727) + - [ ] [itsKayWat started following M09Ic](https://github.com/M09Ic) +- Recent Commits to cve:main + - [ ] [Update Sat Jan 11 20:16:57 UTC 2025](https://github.com/trickest/cve/commit/a529fd5d50c90c432baec70219470b5f625a25a0) + - [ ] [Update Sat Jan 11 12:19:24 UTC 2025](https://github.com/trickest/cve/commit/4ee809fb0c944239e63a757ad04299a07cefae04) + - [ ] [Update Sat Jan 11 04:10:25 UTC 2025](https://github.com/trickest/cve/commit/b1d77c9032f2c34f807b30264034a2a5ea416a0b) - 一个被知识诅咒的人 - - [ ] [【Python】深入Python元类:动态生成类与对象的艺术](https://blog.csdn.net/nokiaguy/article/details/145055724) - - [ ] [【Python】深入探索 Python 装饰器链:创建组合装饰器的技巧与应用](https://blog.csdn.net/nokiaguy/article/details/145055719) + - [ ] [【人工智能】构建智能语音助手:使用Python实现语音识别与合成的全面指南](https://blog.csdn.net/nokiaguy/article/details/145075956) + - [ ] [【人工智能】用Python进行对象检测:从OpenCV到YOLO的全面指南](https://blog.csdn.net/nokiaguy/article/details/145075935) - Bug Bounty in InfoSec Write-ups on Medium - - [ ] [Unlock the Ultimate Resource Hub for Security Researchers](https://infosecwriteups.com/unlock-the-ultimate-resource-hub-for-security-researchers-9fa52bbff1ff?source=rss----7b722bfd1b8d--bug_bounty) - - [ ] [Race Condition to Bypass Rate-Limiting: A new technique made by Nillsx](https://infosecwriteups.com/race-condition-to-bypass-rate-limiting-a-new-technique-made-by-nillsx-6a60f41dbae6?source=rss----7b722bfd1b8d--bug_bounty) - - [ ] [Blind OS Command Injection with Output Redirection](https://infosecwriteups.com/blind-os-command-injection-with-output-redirection-1d08c3793ff1?source=rss----7b722bfd1b8d--bug_bounty) - - [ ] [Finding Hidden Subdomains with OSINT Tools](https://infosecwriteups.com/finding-hidden-subdomains-with-osint-tools-ad7e411587ee?source=rss----7b722bfd1b8d--bug_bounty) + - [ ] [Revisiting a Simple SQL Injection Methodology](https://infosecwriteups.com/revisiting-a-simple-sql-injection-methodology-ecd42634a21e?source=rss----7b722bfd1b8d--bug_bounty) - Twitter @bytehx - - [ ] [RT Patrik Fehrenbach: Made a simple dashboard to help track/search CVEs and security vulnerabilities in near real-time. No fancy stuff - just a clean ...](https://x.com/bytehx343/status/1877932990619095171) - - [ ] [Re @YoyoDavelion Congrats 🎉🎉🎉](https://x.com/bytehx343/status/1877752584888357175) - - [ ] [RT Ali@s: Hey hunters, I'm sharing a little tool I created to gather all the #YWH program info you have and sort it by relevance in one place. Choose ...](https://x.com/bytehx343/status/1877742892816433173) -- SentinelOne - - [ ] [The Good, the Bad and the Ugly in Cybersecurity – Week 2](https://www.sentinelone.com/blog/the-good-the-bad-and-the-ugly-in-cybersecurity-week-2-6/) + - [ ] [RT Sina Yeganeh: Find hidden Endpoint : https://raw.githubusercontent.com/sinaayeganeh/Find-Hidden-Endpoint/refs/heads/main/js.txt #bugbounty #bugboun...](https://x.com/bytehx343/status/1878087922488090801) +- Malware-Traffic-Analysis.net - Blog Entries + - [ ] [2025-01-09: CVE-2017-0199 XLS --> HTA --> VBS --> steganography --> DBatLoader/GuiLoader style malware](https://www.malware-traffic-analysis.net/2025/01/09/index.html) - Reverse Engineering - - [ ] [One Dog v. the Windows 3.1 Graphics Stack](https://www.reddit.com/r/ReverseEngineering/comments/1hyhhvq/one_dog_v_the_windows_31_graphics_stack/) - - [ ] [Parsing the c64 Bubble Bobble Wind Currents](https://www.reddit.com/r/ReverseEngineering/comments/1hy2u3c/parsing_the_c64_bubble_bobble_wind_currents/) -- Intigriti - - [ ] [Intigriti Bug Bytes #220 - January 2025 🚀](https://www.intigriti.com/researchers/blog/bug-bytes/bug-bytes-220-january-2025) -- PortSwigger Blog - - [ ] [Make Burp Suite your own: high-powered extensibility to customize and enhance your testing. 🛠️](https://portswigger.net/blog/make-burp-suite-your-own-high-powered-extensibility-to-customize-and-enhance-your-testing) -- Malwarebytes - - [ ] [BayMark Health Services sends breach notifications after ransomware attack](https://www.malwarebytes.com/blog/news/2025/01/baymark-health-services-sends-breach-notifications-after-ransomware-attack) -- 绿盟科技技术博客 - - [ ] [【漏洞通告】Ivanti多款产品缓冲区溢出漏洞(CVE-2025-0282)](https://blog.nsfocus.net/cve-2025-0282/) + - [ ] [Reverse-engineering meets AI: My new benchmark asks you to deduce hidden byte transforms—thoughts?](https://www.reddit.com/r/ReverseEngineering/comments/1hyuf9w/reverseengineering_meets_ai_my_new_benchmark_asks/) +- HAHWUL + - [ ] [ZAP 2.16 Review ⚡️](https://www.hahwul.com/2025/01/11/zap-2-16-review/) +- 杨龙 + - [ ] [-2209017943](https://www.yanglong.pro/2209017943-2/) +- 黑海洋 - IT技术知识库 + - [ ] [Fluent Read:上下文语境的人工智能翻译引擎(浏览器插件)](https://blog.upx8.com/4651) +- 安全分析与研究 + - [ ] [新型Hellcat勒索病毒分析](https://mp.weixin.qq.com/s?__biz=MzA4ODEyODA3MQ==&mid=2247489905&idx=1&sn=d221af8624b76e73a62cffd81d4afb24&chksm=902fb659a7583f4f105f2bc9bb1490bdf8d2781611e9f73c12246ee56ca3b7525b5263d975bd&scene=58&subscene=0#rd) - 奇客Solidot–传递最新科技情报 - - [ ] [独立分析认为巴勒斯坦卫生部严重低估了加沙死亡人数](https://www.solidot.org/story?sid=80300) - - [ ] [四分之一淡水动物面临灭绝](https://www.solidot.org/story?sid=80299) - - [ ] [美国司法部准备出售扣押的丝绸之路比特币](https://www.solidot.org/story?sid=80298) - - [ ] [法官拒绝了试图从垃圾堆里挖出 8000 比特币的诉讼](https://www.solidot.org/story?sid=80297) - - [ ] [三星量产笔记本用的卷轴 OLED 显示屏](https://www.solidot.org/story?sid=80296) - - [ ] [2024 年是平均气温比工业化前水平高出1.5 摄氏度的第一年](https://www.solidot.org/story?sid=80295) - - [ ] [氟化物暴露与 IQ 分数低相关](https://www.solidot.org/story?sid=80294) - - [ ] [中国在前沿 AI 研究上紧追美国](https://www.solidot.org/story?sid=80293) - - [ ] [中国风投让失败的创业者成为失信债务人](https://www.solidot.org/story?sid=80292) - - [ ] [ispace 准备再次发射登月舱](https://www.solidot.org/story?sid=80291) - - [ ] [乳腺癌是最常见的癌症肺癌是最致命的癌症](https://www.solidot.org/story?sid=80290) - - [ ] [拜登计划在离任前对 AI 芯片出口实施新限制](https://www.solidot.org/story?sid=80289) -- darkless - - [ ] [云原生安全学习小记](https://darkless.cn/2025/01/10/cloud-native-security/) -- 锦行科技 - - [ ] [为民立命 有你皆安](https://mp.weixin.qq.com/s?__biz=MzIxNTQxMjQyNg==&mid=2247493604&idx=1&sn=f55d84097f6ddb9e0003210e450ddce3&chksm=979a1c41a0ed95578df3916b75adf84b4e80f1c1293be8bff28598fcb76a955be2bcbf6c5b14&scene=58&subscene=0#rd) -- 安全客 - - [ ] [首次!欧盟委员会因违反数据隐私法规被追责,向个人支付赔偿金](https://mp.weixin.qq.com/s?__biz=MzA5ODA0NDE2MA==&mid=2649787718&idx=1&sn=595ef4ff6fd363b4a5ef609a5edbb03c&chksm=8893bd29bfe4343f1dc30aec83f8a2a219d20f2068a6c361ed62f6122690c1864311788597e5&scene=58&subscene=0#rd) -- 绿盟科技CERT - - [ ] [【漏洞通告】Ivanti多款产品缓冲区溢出漏洞(CVE-2025-0282)](https://mp.weixin.qq.com/s?__biz=Mzk0MjE3ODkxNg==&mid=2247488825&idx=1&sn=5e77e5178823b42679dcaa1914251bf3&chksm=c2c64232f5b1cb24e14a80899dc4fedc64d3489130f642d9a59175803b8acb8d6455c3e2f7d2&scene=58&subscene=0#rd) -- 看雪学苑 - - [ ] [VMProtect本地授权锁的分析与破解](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458588572&idx=1&sn=f7ad4ebbe10787b233f29e316423ebc0&chksm=b18c251686fbac000c0d9e48e4e58a84a1b590532c52b8d159cc104abf0757844caf4d8eb544&scene=58&subscene=0#rd) - - [ ] [超4000个后门通过注册过期域名被劫持](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458588572&idx=2&sn=59a0f2be5e5bacf99eec4b02e9d3c5b6&chksm=b18c251686fbac006a376e63c212d61451edceb7ec989fea2e2c5c0b1c38d098c6729bf85e3e&scene=58&subscene=0#rd) - - [ ] [本周职位大更新!众多企业抛出橄榄枝,你的心动岗位来了吗?](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458588572&idx=3&sn=abdd6a29e3e32a98636c35e70688f0aa&chksm=b18c251686fbac006bd5419dfb500501416d0536da5467876cade8cc988f21cde5cef1bc230e&scene=58&subscene=0#rd) + - [ ] [物理学家发现新粒子分数激子](https://www.solidot.org/story?sid=80307) + - [ ] [YouTube 主播向 AI 公司出售未发布视频去训练 AI](https://www.solidot.org/story?sid=80306) + - [ ] [世界最强超算 El Capitan 正式启用](https://www.solidot.org/story?sid=80305) + - [ ] [StackOverflow 新问题数量大幅减少](https://www.solidot.org/story?sid=80304) + - [ ] [德国众多大学机构集体宣布退出 X](https://www.solidot.org/story?sid=80303) + - [ ] [Automattic 大幅缩减对 WordPress.org 的支持](https://www.solidot.org/story?sid=80302) + - [ ] [巴西给 Meta 72 小时时间解释其事实核查政策的变化](https://www.solidot.org/story?sid=80301) - 威努特安全网络 - - [ ] [从全年重大网络安全事件,观2025年威胁走势和行业发展](https://mp.weixin.qq.com/s?__biz=MzAwNTgyODU3NQ==&mid=2651130288&idx=1&sn=3bc2382268d5fe7ce39f24acbdad0f6e&chksm=80e71300b7909a16105976d01df0935ffee83e178b812014b8e38c0ab6bc1398f7c8aaced5c9&scene=58&subscene=0#rd) -- 安全内参 - - [ ] [AI Agents越来越火,它可能存在一个严重安全隐患](https://mp.weixin.qq.com/s?__biz=MzI4NDY2MDMwMw==&mid=2247513463&idx=1&sn=b35ecbae92733cf9b66597ee744d842b&chksm=ebfaf257dc8d7b416ce794352466d8ad74c53bfe8a79bf635dfaf0d4187386f3da80fab3ef45&scene=58&subscene=0#rd) - - [ ] [首次!欧盟官方因违反数据保护法规向用户赔偿3000元](https://mp.weixin.qq.com/s?__biz=MzI4NDY2MDMwMw==&mid=2247513463&idx=2&sn=b2d4253ee32d9fc32803935873f93db4&chksm=ebfaf257dc8d7b418d97da9d0d19a8213331ca808d892243fd9e63ad78142b36470304149cde&scene=58&subscene=0#rd) -- 安全分析与研究 - - [ ] [海莲花APT钓鱼样本分析-下](https://mp.weixin.qq.com/s?__biz=MzA4ODEyODA3MQ==&mid=2247489899&idx=1&sn=e632c0c221f0dfd7da57d0f9e6395910&chksm=902fb643a7583f5581237165cb513c8ae2848334de49c6fe3a037dc46f7b707baa995d7b6703&scene=58&subscene=0#rd) -- 黑海洋 - IT技术知识库 - - [ ] [windows日志分析工具](https://blog.upx8.com/4650) -- 青衣十三楼飞花堂 - - [ ] [智能汽车的强大功能](https://mp.weixin.qq.com/s?__biz=MzUzMjQyMDE3Ng==&mid=2247487868&idx=1&sn=38f654feb41f7697779f05deda25a854&chksm=fab2d243cdc55b55c5f372aeb393d132f828265e4f572b79938e9332ace4bd70a4e34e18deee&scene=58&subscene=0#rd) -- 代码卫士 - - [ ] [DNA测序设备运行老旧BIOS,影响临床研究](https://mp.weixin.qq.com/s?__biz=MzI2NTg4OTc5Nw==&mid=2247522035&idx=1&sn=a607aca6553fbf1ed41e27c839e45bea&chksm=ea94a799dde32e8f87b51465ef7f6ed4449ddc0857c8c220dcc378283ba9fd8b9880b6e27544&scene=58&subscene=0#rd) - - [ ] [Palo Alto Networks 修复退市 Migration Tool中的高危漏洞](https://mp.weixin.qq.com/s?__biz=MzI2NTg4OTc5Nw==&mid=2247522035&idx=2&sn=71c00b294647fadae4e56ffc500f1300&chksm=ea94a799dde32e8fec367a20f0630181350a5ca556cc26cfaa9fcbefdac76ae3c3831523c87e&scene=58&subscene=0#rd) -- 奇安信病毒响应中心 - - [ ] [每周勒索威胁摘要](https://mp.weixin.qq.com/s?__biz=MzI5Mzg5MDM3NQ==&mid=2247498230&idx=1&sn=1bb3e3b09b57458fc4b2f0b9fd3ca424&chksm=ec6989dedb1e00c86bf7d7fea369ccd3f9712b4fb1c02711d2ae2af119b3943bdf107ef28197&scene=58&subscene=0#rd) -- 安全研究GoSSIP - - [ ] [G.O.S.S.I.P 阅读推荐 2025-01-10 北约中出了叛徒](https://mp.weixin.qq.com/s?__biz=Mzg5ODUxMzg0Ng==&mid=2247499599&idx=1&sn=aaff9bb2d932f3d15da87fd721e4b5ee&chksm=c063d196f714588069633ee369d1c821a9ce001298b2e69b28a3157796203208d8b50ce1d9da&scene=58&subscene=0#rd) -- leveryd - - [ ] [没想到x-waf还可以用来测rasp](https://mp.weixin.qq.com/s?__biz=MzkyMDIxMjE5MA==&mid=2247485491&idx=1&sn=9e4d62e3c2d058cba9fa930fd49aa2b7&chksm=c1970f82f6e0869445bca851e6fb22753206fbbbb42ffe7fbac3ed702da4b9fb08fef0e81a46&scene=58&subscene=0#rd) -- 数世咨询 - - [ ] [解锁DSPM的价值:全面提升数据安全](https://mp.weixin.qq.com/s?__biz=MzkxNzA3MTgyNg==&mid=2247533977&idx=1&sn=90efd3be6f2ded1fe885486889a0db92&chksm=c1443724f633be320e1f457d145081f6d0c7281486fff91ac016d0f2df8e0f983e02a2cfafdb&scene=58&subscene=0#rd) -- 信息安全国家工程研究中心 - - [ ] [人民警察,节日快乐!](https://mp.weixin.qq.com/s?__biz=MzU5OTQ0NzY3Ng==&mid=2247498717&idx=1&sn=9a841ab270b3e6f950325770726410c3&chksm=feb67acec9c1f3d83bd56a154d26c900d8c4ca178b66d9424180b2322fffee6fffb414af5cb6&scene=58&subscene=0#rd) -- 天御攻防实验室 - - [ ] [特朗普上台,中美会发生网络战吗?](https://mp.weixin.qq.com/s?__biz=MzU0MzgyMzM2Nw==&mid=2247486232&idx=1&sn=5527e80a86875c017071d27f5b315e3e&chksm=fb04c870cc734166b62da7615b11c8f548c2c9dc95b0052d19fa52bc94805b96216c5e98af05&scene=58&subscene=0#rd) -- XCTF联赛 - - [ ] [SUCTF 2025|倒计时1天!](https://mp.weixin.qq.com/s?__biz=MjM5NDU3MjExNw==&mid=2247515473&idx=1&sn=6719fed82acc7d0877686b37ec2466a5&chksm=a6874f6b91f0c67d1f6003d51caeeed9ed952912bae9f6b9710e07b95144532bd90916777336&scene=58&subscene=0#rd) -- FreeBuf网络安全行业门户 - - [ ] [CVE-2024-6768漏洞分析](https://www.freebuf.com/vuls/419530.html) - - [ ] [YAK-SSA,古希腊掌管PHP代码审计的神](https://www.freebuf.com/articles/web/419509.html) - - [ ] [【论文速读】| 利用大语言模型在灰盒模糊测试中生成初始种子](https://www.freebuf.com/articles/network/419499.html) - - [ ] [FreeBuf周报 | AWS屡曝严重RCE漏洞;2025年需要防范这五大恶意软件](https://www.freebuf.com/news/419455.html) - - [ ] [超4000个Web后门通过注册过期域名被劫持](https://www.freebuf.com/news/419479.html) - - [ ] [网络钓鱼活动利用CrowdStrike招聘骗局传播挖矿软件](https://www.freebuf.com/news/419446.html) - - [ ] [Banshee Stealer新变种正借Apple XProtect加密技术躲避杀毒软件](https://www.freebuf.com/news/419475.html) - - [ ] [给DevOps加点料:融入安全性的DevSecOps](https://www.freebuf.com/news/419443.html) -- 中国信息安全 - - [ ] [通知 | 国家网信办就《网络信息内容多渠道分发服务机构相关业务活动管理规定(草案稿)》公开征求意见(附全文)](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664234365&idx=1&sn=af17f45f731d0c43256ce450f1d66690&chksm=8b59ff84bc2e7692f51814ffc268d5308bbd8679786942b61f1698a65e23c06a719f2e4f91b3&scene=58&subscene=0#rd) - - [ ] [专家解读 | 张金平:个人信息保护认证的中国创新方案](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664234365&idx=2&sn=a02c27826be18902ca053d25a2e5522b&chksm=8b59ff84bc2e769235dba763756fd24e2891c73c13e32d630a4cbbbec0b85918576265190726&scene=58&subscene=0#rd) - - [ ] [解读 | 《网络数据安全管理条例》有哪些亮点?](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664234365&idx=3&sn=bad4d027f0d756a436be1f46a3d63af6&chksm=8b59ff84bc2e769270a72ca471da37713cc209a6abcfa9d95c9a38987d76559afb93501fca7c&scene=58&subscene=0#rd) - - [ ] [公安部:公安机关2024年办理网暴案件8600余起](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664234365&idx=4&sn=bb86fc6ef4b9ac1b523049d343d2cf93&chksm=8b59ff84bc2e7692c756205917a14db9a101220f4c93944f14dcad1669a1d5a7e6c182dee584&scene=58&subscene=0#rd) - - [ ] [发布 | 中国信通院发布《城市全域数字化转型行业洞察报告(2024年)》(附下载)](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664234365&idx=5&sn=9e22dc9b697d9182120297617fff2713&chksm=8b59ff84bc2e7692e221e04bb2de5a7f021ac72afcac3f11536f59e4c14f1404a0c9804cb06d&scene=58&subscene=0#rd) - - [ ] [评论 | 用AI生成“地震被埋图”存在诸多不妥](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664234365&idx=6&sn=f4dfe25b2035fdf63eed7cc30883651d&chksm=8b59ff84bc2e7692345e58297f5dcd2ed4d71c9834c440ac19ecfdf7fe8be2bacd7d3a3d0c93&scene=58&subscene=0#rd) - - [ ] [关注 | 勇闯“春运”,要注意这些问题!](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664234365&idx=7&sn=26075d2a4c3c7515c08c1b7d9fd68c01&chksm=8b59ff84bc2e76929ea213b189e5dd0cc52a2f9e91a3ed315e497e449d3d1e69c05f3cf29062&scene=58&subscene=0#rd) + - [ ] [我国牵头的国际标准发布,联合国航空数据库遭入侵 | 一周特辑](https://mp.weixin.qq.com/s?__biz=MzAwNTgyODU3NQ==&mid=2651130318&idx=1&sn=322960576db32a5d4485b1c0dc16d542&chksm=80e7137eb7909a680deaa85714119cb89492b504024287b112b4cab04f1b3fdc24bbab99c3e0&scene=58&subscene=0#rd) - 丁爸 情报分析师的工具箱 - - [ ] [【资料】网络的三张面孔:网络和平活动家,间谍,攻击者](https://mp.weixin.qq.com/s?__biz=MzI2MTE0NTE3Mw==&mid=2651148492&idx=1&sn=e284a7e43cbcb6ab36ec5a1f003ab059&chksm=f1af27f6c6d8aee040256534a8be599a13aa1d52d2e03ec456307340c1fd877521c5f767fb35&scene=58&subscene=0#rd) + - [ ] [【资料】创建开源情报机构的理由](https://mp.weixin.qq.com/s?__biz=MzI2MTE0NTE3Mw==&mid=2651148500&idx=1&sn=6cb5b45ccad95f39148ef2240c25d8f8&chksm=f1af27eec6d8aef85b73213a31ddbb5ff35a3ab0c56351b3885e6105b67a593a975858b141d8&scene=58&subscene=0#rd) +- 长亭安全应急响应中心 + - [ ] [【已复现】Ivanti Connect Secure 堆栈溢出致远程代码执行漏洞(CVE-2025-0282)](https://mp.weixin.qq.com/s?__biz=MzIwMDk1MjMyMg==&mid=2247492691&idx=1&sn=e1d64db4b8957907e6417a61d2c40fa4&chksm=96f7fb3ea1807228c78b8469fdfa3a9fad83374094781eb88c48ae6e598331b3bd87ae4c659c&scene=58&subscene=0#rd) +- 看雪学苑 + - [ ] [CTF自毁程序密码:逆向分析](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458588573&idx=1&sn=c40b84e0094dfcbca49818f166d4c1f8&chksm=b18c251786fbac0172b4c573bca3dbdc17e0efad3bf6e5dace210a9b96023fdf89feccf64ba1&scene=58&subscene=0#rd) + - [ ] [欢迎报名!新课《Frida源码情景分析》](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458588573&idx=2&sn=faff2f0fd2cdc5ddab970c5ab150d74c&chksm=b18c251786fbac01987d449630eb908309f812aa88b611c439eaa12acdb36a199b9e212512e3&scene=58&subscene=0#rd) +- 安全内参 + - [ ] [网站域名遭非法盗用篡改,郑州两家公司被行政处罚](https://mp.weixin.qq.com/s?__biz=MzI4NDY2MDMwMw==&mid=2247513467&idx=1&sn=3ea80990fd1c334a5bbf3e29305787b1&chksm=ebfaf25bdc8d7b4dad90dcea755636cf357c28f3dcec82aaf943cbeefa88a5b135fbdc372038&scene=58&subscene=0#rd) +- dotNet安全矩阵 + - [ ] [.NET 第54期红队武器库和资源汇总](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498152&idx=1&sn=e082b4077e255091892be37fff847a78&chksm=fa595745cd2ede53bf9b66ae351f313cf7bf5dd1650cf01cd2dab30f1a615a0813a8427e859a&scene=58&subscene=0#rd) + - [ ] [国内最专业、最全面的 [ .NET 代码审计 ] 体系化学习交流社区](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498152&idx=2&sn=68b7c98d93dba9cd5cb2feb37795f5c0&chksm=fa595745cd2ede5310d59456ace4b1b2d00ad3e60a2946ee0a394adc50759ab9b978584b956a&scene=58&subscene=0#rd) + - [ ] [无独有偶,通过.NET反序列化漏洞实现 Visual Studio 钓鱼攻击](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498152&idx=3&sn=a45de16edbca5168f73ea7ed4ffeca36&chksm=fa595745cd2ede53cd0f763edff055aeced78d85bdeea1f2be5fd2d80d72a65ed86e0df928f3&scene=58&subscene=0#rd) - 安全圈 - - [ ] [【安全圈】日本炒作“中国疑似参与黑客攻击”,外交部:日方判断既不专业也不负责任](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067255&idx=1&sn=a41ccbc8f9fc9de8ed0dfe5c7a296033&chksm=f36e79f7c419f0e1b35e1a159d0ecdc609b196301a8249fba8092baf5dfe98047bd31c2f61e2&scene=58&subscene=0#rd) - - [ ] [【安全圈】数百万电子邮件服务器因缺少 TLS 加密而暴露](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067255&idx=2&sn=c42d9289f9097a99b0e9de5638c25da5&chksm=f36e79f7c419f0e10c2b64215d46af042d6d4538f0c26663174d24372c62af1b974a8b8a08ef&scene=58&subscene=0#rd) - - [ ] [【安全圈】超4000个Web后门通过注册过期域名被劫持](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067255&idx=3&sn=12454a2419a60abfe0219df1db8fc9ff&chksm=f36e79f7c419f0e1ce0df613111e8c48cf52ca20de42869051bf60a997f620888b67420c0ca5&scene=58&subscene=0#rd) - - [ ] [【安全圈】联合国航空机构确认招聘数据库存在安全漏洞](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067255&idx=4&sn=3fd244b5403280e26cbc308f9d938be2&chksm=f36e79f7c419f0e19717a852043341319ec8c0f73e0e9daa2e8a6064deb75c8df3e4e101920a&scene=58&subscene=0#rd) + - [ ] [【安全圈】江苏一男子利用小程序Bug逃匿28万加油费,法院判了](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067274&idx=1&sn=5bef640b5980a10e736f5e8b28bb6773&chksm=f36e798ac419f09cdbd5129a3bf75829108cf7f7a7de0b1d6ac854dbbb635e3a6b7d50a7bd0d&scene=58&subscene=0#rd) + - [ ] [【安全圈】涉案3.3亿!有人非法搭建支付平台获利超200万](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067274&idx=2&sn=792e4a8d18c9865be6e1131bf29116e9&chksm=f36e798ac419f09c4674ed1ba0a3d10573e7a3ba50adc72984e3afc698d37c2172cb8076dc0b&scene=58&subscene=0#rd) + - [ ] [【安全圈】Ivanti VPN 零日漏洞正在被黑客利用](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067274&idx=3&sn=8eb5cc6c0a00bef351ca6ec387133310&chksm=f36e798ac419f09cca9472d89e0009706062cc803d7b61065e39083441ba8c9e646c932b6efe&scene=58&subscene=0#rd) - 网络空间安全科学学报 - - [ ] [学术前沿 | 基于尺寸变换的图像级特征增强隐写分析方法](https://mp.weixin.qq.com/s?__biz=MzI0NjU2NDMwNQ==&mid=2247504586&idx=1&sn=667f8402bebdb572ddabe5ecd419bfca&chksm=e9bfc674dec84f6234750fd856ba4bfd720b2739fd6d525d5cf469d492beaac34d64762021e2&scene=58&subscene=0#rd) -- M01N Team - - [ ] [每周蓝军技术推送(2025.1.4-1.10)](https://mp.weixin.qq.com/s?__biz=MzkyMTI0NjA3OA==&mid=2247493958&idx=1&sn=fc9a1bbf6caf95a8b7e36393cad78eda&chksm=c1842957f6f3a0415494df511f9508dc96bd52859b394da2d476577ba2244cf005425fb0422e&scene=58&subscene=0#rd) -- 腾讯科恩实验室 - - [ ] [揭秘SecBench大模型网络安全测评数据集构建](https://mp.weixin.qq.com/s?__biz=MzU1MjgwNzc4Ng==&mid=2247512655&idx=1&sn=106694cb80bebae36c6c05265abd108f&chksm=fbfe8e4acc89075c0720dc0dac3598a15c0586527b20f0963008dc6c927d76b0371b080c1c05&scene=58&subscene=0#rd) -- 补天平台 - - [ ] [2024补天平台【专属SRC】年度榜单发布!](https://mp.weixin.qq.com/s?__biz=MzI2NzY5MDI3NQ==&mid=2247507272&idx=1&sn=4dda0db202724e951d5e867b98fbb1be&chksm=eaf99504dd8e1c125b693c288f80a10c9a88fd21edea65a6ab9f6a61d5e21822f182145141ed&scene=58&subscene=0#rd) -- 奇安信威胁情报中心 - - [ ] [每周高级威胁情报解读(2025.01.03~01.09)](https://mp.weixin.qq.com/s?__biz=MzI2MDc2MDA4OA==&mid=2247513719&idx=1&sn=7ba22c6c00a862dcc9bd46f1f73fc77d&chksm=ea664100dd11c8160f008b33f2a15aa0b4839d1559f4b3481539f9536f92c79c36c5b9357879&scene=58&subscene=0#rd) -- NOVASEC - - [ ] [Hawkeye 一款Windows综合应急响应工具](https://mp.weixin.qq.com/s?__biz=MzUzODU3ODA0MA==&mid=2247490417&idx=1&sn=fe9dad38c72edfe0050a8f09afa05153&chksm=fad4c666cda34f704ce062d76decee29ad7ca69d6ac2c2a7d4c25273beae358cc3303fec21de&scene=58&subscene=0#rd) + - [ ] [学术前沿 | 鹏城实验室威胁情报团队:网络威胁情报共享与融合技术综述](https://mp.weixin.qq.com/s?__biz=MzI0NjU2NDMwNQ==&mid=2247504587&idx=1&sn=4eaf1ab6a4b15883ae9a77be4357a271&chksm=e9bfc675dec84f63b347462da5f7bce1abed74f36bf037a16432d25f075367ff3d1fd224cdf6&scene=58&subscene=0#rd) +- 网安杂谈 + - [ ] [专刊抽奖中奖名单](https://mp.weixin.qq.com/s?__biz=MzAwMTMzMDUwNg==&mid=2650889518&idx=1&sn=ba617630ef1fac5cd159e0c01ae1fd53&chksm=812ea10bb659281d60613b07fbcdcaebd1d770235c4af465c07bc94e0c538244fa08dc76c8d8&scene=58&subscene=0#rd) - 极客公园 - - [ ] [26.3 万,特斯拉焕新 Model Y 突然上市,雷军「发贺电」](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653071793&idx=1&sn=3f07ac1e0a74b594446d172b6befabfa&chksm=7e57d40749205d111364fb0ebdb1493de6a3d45c0dcad2921ffbc85a307b04963edeab946d87&scene=58&subscene=0#rd) - - [ ] [2025 年 CES,为什么变成了世界最大「眼镜城」?](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653071781&idx=1&sn=dca04f483bca99394f6c3d127dcfc9ac&chksm=7e57d41349205d05c6dcd85def9e879d572cf93f982b13b01c05aa53447eab4c6350e6b57877&scene=58&subscene=0#rd) - - [ ] [B 站成春晚「独家弹幕视频平台」;西藏地震「小孩被埋」AI 生成图将被追责;加州大火危及好莱坞等景点 | 极客早知道](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653071702&idx=1&sn=7edc49de07482379ea1a9dbd199dc069&chksm=7e57d4e049205df61a63b790d9e5e6242217bc39d86a43681249ef2057e91f76a9ed5ff3e317&scene=58&subscene=0#rd) -- Tide安全团队 - - [ ] [Pwn入门之格式化字符串漏洞](https://mp.weixin.qq.com/s?__biz=Mzg2NTA4OTI5NA==&mid=2247519568&idx=1&sn=a136e2cd3ab3db52ce3b8f15811f0411&chksm=ce5daf31f92a2627e42e6f140583642241a9cce471e1727c960141e4bda457f55374ea16de47&scene=58&subscene=0#rd) -- 情报分析师 - - [ ] [​致人民警察的一封信](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650558871&idx=1&sn=2049a81dea035595445267831bbf8eba&chksm=87117fdcb066f6ca90663192d96ff49aed9c05534fe81b7648f73162d5573546a71af8d1bf83&scene=58&subscene=0#rd) - - [ ] [深挖缅甸妙瓦底 KK 园区:电信诈骗的阴暗角落与跨国打击的艰难之路](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650558871&idx=2&sn=425102a0a5e829f41bce07b26f791afb&chksm=87117fdcb066f6ca21d4a5bc70df0464f5c0045f99e6be6137f53a7c7185427bf4511495f63e&scene=58&subscene=0#rd) - - [ ] [2025年日本国防战略调整分析](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650558871&idx=3&sn=5dc7c0bf081673ac6520dbd2dd7aec61&chksm=87117fdcb066f6cae78b04d12794725fee009f42e9b6f3afe33590cd3d1fe9a7b6ae8e9c49f1&scene=58&subscene=0#rd) -- ChaMd5安全团队 - - [ ] [共赴商用密码盛事,开启创新发展新篇--2025第三届商用密码展将于6月11日-13日在上海举办!](https://mp.weixin.qq.com/s?__biz=MzIzMTc1MjExOQ==&mid=2247511835&idx=1&sn=74578ef36cfe67c4677beb96c5d15795&chksm=e89d87c3dfea0ed56fbfb4aaa6133aa385822fce6524d09512079841830c9e533d5a57e3d129&scene=58&subscene=0#rd) -- 威胁猎人Threat Hunter - - [ ] [【黑产大数据】恶意贷款中介揭秘](https://mp.weixin.qq.com/s?__biz=MzI3NDY3NDUxNg==&mid=2247498437&idx=1&sn=5c259f2e9ba6de730bc41e763ee2d2dd&chksm=eb12dcfedc6555e8683ea4e9d3ef00a820ab4767b92370d3181b0f11552e01f1c8081d185d44&scene=58&subscene=0#rd) -- Beacon Tower Lab - - [ ] [DayDayMap新年回馈——免费抽取终身会员,另有更多好礼等你来拿!](https://mp.weixin.qq.com/s?__biz=MzkyNzcxNTczNA==&mid=2247486924&idx=1&sn=c7a4a0ad299a4e872a4cc0ac31de6468&chksm=c2229535f5551c23a4f1b84c0ceaa260a77296571764bab74d7d6b1a719e7f7db3c0cd8eb44e&scene=58&subscene=0#rd) + - [ ] [特朗普上任前,Meta、微软等取消多元化项目;新 Model Y 上市,雷军隔空玩梗;京东 App 大改版 | 极客早知道](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653071834&idx=1&sn=9726e5881ed20e810b87b68ef06af200&chksm=7e57d46c49205d7a678f880e93b38ad8df5661f949d2dd27442559ef9f751a6af0d9bc2b6514&scene=58&subscene=0#rd) - 吴鲁加 - - [ ] [来组队运动打卡](https://mp.weixin.qq.com/s?__biz=Mzg5NDY4ODM1MA==&mid=2247485130&idx=1&sn=9ac53212495be2d6d3ae106527dc1009&chksm=c01a8bfbf76d02edf3bf046517683cdf658dd75a6a766df06f5e25848753313bd5f19050a436&scene=58&subscene=0#rd) -- 复旦白泽战队 - - [ ] [复旦白泽天梯多轮对话专项天梯结果出炉](https://mp.weixin.qq.com/s?__biz=MzU4NzUxOTI0OQ==&mid=2247492826&idx=1&sn=488d035b0ded0b568d5556b3f1b6b236&chksm=fde860a4ca9fe9b2256b7824f2c6a0194a6196776cfb30fc1a38a18a9c49960ca335769238d8&scene=58&subscene=0#rd) -- 嘶吼专业版 - - [ ] [【急聘】京东集团信息安全部招人啦~~](https://mp.weixin.qq.com/s?__biz=MzI0MDY1MDU4MQ==&mid=2247580725&idx=1&sn=b63dd1e7fcbf3c546ef2120ab62800cc&chksm=e9146c0fde63e519ca57b762b500b310a8d68a3c49aed5115723adb48468e79935456c477c21&scene=58&subscene=0#rd) - - [ ] [国家网络安全通报中心:重点防范境外恶意网址和恶意IP](https://mp.weixin.qq.com/s?__biz=MzI0MDY1MDU4MQ==&mid=2247580725&idx=2&sn=63fd746c589e9cd1b6647a823ca163d3&chksm=e9146c0fde63e519285ec50431f0b8a8d25de8216245362a6d0c32046f930271a801895c78e0&scene=58&subscene=0#rd) -- dotNet安全矩阵 - - [ ] [接二连三,通过 .NET AppDomain 注入后门实现权限维持](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498124&idx=1&sn=34076b04cb96fa929b7d8a8cbae565cc&chksm=fa595761cd2ede7736fb0ecec4ef46c342c1320893e64801929a44e06a7d4c2b387f41f899a1&scene=58&subscene=0#rd) - - [ ] [.NET 安全基础入门学习知识库](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498124&idx=2&sn=4ea7c449c3918b19d0dbc98deac36034&chksm=fa595761cd2ede772a770f375217321f3d306206ea48e79b69d580bfd14adece2f9ca4fa0032&scene=58&subscene=0#rd) - - [ ] [来来来,喝酒不够持久的都不配叫APT玩家!](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498124&idx=3&sn=764005c46751c846ff68b2d7b52522b1&chksm=fa595761cd2ede779c023189b1b634746fe96cf81f90b0705cd4910d47db55c81a8d4f8e0183&scene=58&subscene=0#rd) -- 安全419 - - [ ] [【观演指南】| 明晚 | 摇滚黑客2025演唱会北京现场见!](https://mp.weixin.qq.com/s?__biz=MzUyMDQ4OTkyMg==&mid=2247546519&idx=1&sn=0b14341dacc638097b304b34c2fce4b7&chksm=f9ebe83ace9c612ca4bedf40cd1a69fd40513b21d20cb4e73812294b7534c71420f3211ccbda&scene=58&subscene=0#rd) - - [ ] [听摇滚黑客2025演唱会 享滴滴打车五折优惠](https://mp.weixin.qq.com/s?__biz=MzUyMDQ4OTkyMg==&mid=2247546519&idx=2&sn=9c53a50b2d2fd5f2dd014e5726399bac&chksm=f9ebe83ace9c612c3d89c04885de278be3a60f45746a387b90ef49a61b6c52b882ccab8a1a96&scene=58&subscene=0#rd) -- 360数字安全 - - [ ] [致敬警察节|警企携手,筑牢安全防护网!](https://mp.weixin.qq.com/s?__biz=MzA4MTg0MDQ4Nw==&mid=2247578636&idx=1&sn=13cefe2c13751df91b8d32c27800f0d1&chksm=9f8d2404a8faad12c120e53ebaadc85d8d03fcad4cfc00507ef69d50593b088ba16adc9e449d&scene=58&subscene=0#rd) -- 迪哥讲事 - - [ ] [记某次测试翻阅海量js语句黑盒出sql注入](https://mp.weixin.qq.com/s?__biz=MzIzMTIzNTM0MA==&mid=2247496807&idx=1&sn=44a86c5974f7824fcfd2d43bc5bd70b3&chksm=e8a5fe04dfd277126cdac3b07133c0a9ac6eaa4ef20c878e69b9c97e40377d22ed09e081aacd&scene=58&subscene=0#rd) -- 悬镜安全 - - [ ] [权威认可|悬镜再次入选2024年度毕马威中国金融科技企业双50强](https://mp.weixin.qq.com/s?__biz=MzA3NzE2ODk1Mg==&mid=2647795461&idx=1&sn=ea056881a28c848a31e57e1b2b75317c&chksm=8770af52b007264447b448eb912a971a9cdc84538023218ca3f23da02af85dac925dded42dd8&scene=58&subscene=0#rd) -- LuxSci - - [ ] [LuxSci Strengthens Leadership Position in G2 Winter 2025 Reports](https://luxsci.com/blog/luxsci-g2-reviews-winter-2025.html) -- IT Service Management News - - [ ] [Sull'incidente InfoCert](http://blog.cesaregallotti.it/2025/01/sullincidente-infocert.html) -- bellingcat - - [ ] [Seeing More With Satellite Imagery Using Band Combinations, Ratios and Indices](https://www.bellingcat.com/resources/2025/01/10/satellite-imagery-bands-guide/) -- 火绒安全 - - [ ] [【火绒安全周报】T1电竞选手直播因DDoS攻击再度中断/不法分子假冒网安公司招聘发动钓鱼攻击](https://mp.weixin.qq.com/s?__biz=MzI3NjYzMDM1Mg==&mid=2247521496&idx=1&sn=c7605f161604bbc226e351e4634ef9af&chksm=eb704ae7dc07c3f1af99f7500c637baf22504d2a8f12b042a27370ebb8a87ab2ff9813e53d6a&scene=58&subscene=0#rd) - - [ ] [诚邀渠道合作伙伴共启新征程](https://mp.weixin.qq.com/s?__biz=MzI3NjYzMDM1Mg==&mid=2247521496&idx=2&sn=bdaa413a8417b3ecd5583b9fe9fc3b65&chksm=eb704ae7dc07c3f1b01fc69498a1ea604c8c4bdf26b76844d6e141500693739c5cb578317b77&scene=58&subscene=0#rd) -- 安全牛 - - [ ] [安全牛《中国网络安全全景图》(第十二版)调研启动](https://mp.weixin.qq.com/s?__biz=MjM5Njc3NjM4MA==&mid=2651134576&idx=1&sn=e86ab5b49773d2d99aa5756c964bd0a5&chksm=bd15aaa38a6223b5ee9ca73cc3c5a819f983c98155cd6ed258f90a86c33c690cb9604f8bfe3c&scene=58&subscene=0#rd) - - [ ] [欧盟委员会因隐私违规行为首次被追责;苹果以9500万美元和解持续了5年的Siri隐私诉讼 | 牛览](https://mp.weixin.qq.com/s?__biz=MjM5Njc3NjM4MA==&mid=2651134576&idx=2&sn=a7d8e8804916170cb6b3ad59b218d42d&chksm=bd15aaa38a6223b5d84b077a9d24888eb1504e4c9b7448a0c8d86e9c4aa1ab32a1d9d8746acd&scene=58&subscene=0#rd) -- ICT Security Magazine - - [ ] [Perché le aziende dovrebbero prepararsi agli attacchi informatici durante le festività](https://www.ictsecuritymagazine.com/notizie/attacchi-informatici-semperis/) - - [ ] [La Remediation nella Sicurezza Informatica: sfide e prospettive](https://www.ictsecuritymagazine.com/articoli/remediation-sicurezza/) -- Schneier on Security - - [ ] [Friday Squid Blogging: Cotton-and-Squid-Bone Sponge](https://www.schneier.com/blog/archives/2025/01/friday-squid-blogging-cotton-and-squid-bone-sponge.html) - - [ ] [Apps That Are Spying on Your Location](https://www.schneier.com/blog/archives/2025/01/apps-that-are-spying-on-your-location.html) -- FuzzWiki - - [ ] [HirGen:针对深度学习编译器的模糊测试技术](https://mp.weixin.qq.com/s?__biz=MzU1NTEzODc3MQ==&mid=2247486850&idx=1&sn=dced461f84a7bc0c0fce0bc7d690ea72&chksm=fbd9a63eccae2f28d233d59f36d0bbff14a8c6daae02b28bae378464ea8a92da71dc90e8cde1&scene=58&subscene=0#rd) -- Hacking Exposed Computer Forensics Blog - - [ ] [Daily Blog #714: Forensic Lunch 1/10/25 with Ryatt Roesrma talking about fine tuning AI models](https://www.hecfblog.com/2025/01/daily-blog-714-forensic-lunch-11025.html) + - [ ] [我工作里使用的软件和工作流](https://mp.weixin.qq.com/s?__biz=Mzg5NDY4ODM1MA==&mid=2247485135&idx=1&sn=0510f35c72516e30adcd494474dd6df1&chksm=c01a8bfef76d02e8f7fb3e9696d8b0cee09ab8dee030fe992b916e71468791be793abbc80527&scene=58&subscene=0#rd) +- 希潭实验室 + - [ ] [第112篇:美国APT震网病毒入侵伊朗核工厂后续与启示(第4篇)](https://mp.weixin.qq.com/s?__biz=MzkzMjI1NjI3Ng==&mid=2247487306&idx=1&sn=00dc7cf337a613d22207cecd7674ec88&chksm=c25fc031f5284927d968a7121718ccfa82db72798405bf0100bd1d248c3cb88d1360e288e491&scene=58&subscene=0#rd) +- OnionSec + - [ ] [短文:对现实里网络安全领域的新认识](https://mp.weixin.qq.com/s?__biz=MzUyMTUwMzI3Ng==&mid=2247485562&idx=1&sn=8b6790ca85055bf567130a044261ebda&chksm=f9db5f39ceacd62f1d9d93c36893e92be17a408acced658927b37d165077e523234bfe823d95&scene=58&subscene=0#rd) +- 山石网科安全技术研究院 + - [ ] [2024年度重大数据泄露事件盘点-国外版](https://mp.weixin.qq.com/s?__biz=MzUzMDUxNTE1Mw==&mid=2247509629&idx=1&sn=29247d0381639fa3501942c67c219470&chksm=fa5273c3cd25fad5d99967bf051e1337733f3c3082433d432cf1da5a2100a7b651661c585277&scene=58&subscene=0#rd) - Over Security - Cybersecurity news aggregator - - [ ] [Marijuana dispensary STIIIZY warns of leaked IDs after November data breach](https://therecord.media/marijuana-dispensary-warns-of-data-breach) - - [ ] [NSO ruling is a victory for WhatsApp, but could have a small impact on spyware industry](https://therecord.media/nso-whatsapp-ruling-may-have-limited-impact-on-spyware-ecosystem) - - [ ] [New York sues to recover $2 million in crypto stolen in remote job scams](https://therecord.media/new-york-sues-recover-millions) - - [ ] [Telefónica confirms internal ticketing system breach after data leak](https://www.bleepingcomputer.com/news/security/telefonica-confirms-internal-ticketing-system-breach-after-data-leak/) - - [ ] [New Web3 attack exploits transaction simulations to steal crypto](https://www.bleepingcomputer.com/news/security/new-web3-attack-exploits-transaction-simulations-to-steal-crypto/) - - [ ] [Russian nationals arrested by US, accused of running crypto mixers Blender and Sinbad](https://therecord.media/russian-nationals-indicted-blender-sinbad-crypto-mixers) - - [ ] [US charges operators of cryptomixers linked to ransomware gangs](https://www.bleepingcomputer.com/news/security/us-charges-operators-of-cryptomixers-linked-to-ransomware-gangs/) - - [ ] [Flashpoint Intelligence: Delivering Actionable Data for a Safer World](https://flashpoint.io/blog/flashpoint-intelligence-delivering-actionable-data/) - - [ ] [Slovakia’s land registry hit by biggest cyberattack in country’s history, minister says](https://therecord.media/slovakia-registry-cyberattack-land-agriculture) - - [ ] [US government charges operators of crypto mixing service used by North Korea and ransomware gangs](https://techcrunch.com/2025/01/10/us-government-charges-operators-of-crypto-mixing-service-used-by-north-korea-and-ransomware-gangs/) - - [ ] [Treasury hackers also breached US foreign investments review office](https://www.bleepingcomputer.com/news/security/treasury-hackers-also-breached-us-foreign-investments-review-office/) - - [ ] [Docker Desktop blocked on Macs due to false malware alert](https://www.bleepingcomputer.com/news/security/docker-desktop-blocked-on-macs-due-to-false-malware-alert/) - - [ ] [Proton worldwide outage caused by Kubernetes migration, software change](https://www.bleepingcomputer.com/news/technology/proton-worldwide-outage-caused-by-kubernetes-migration-software-change/) - - [ ] [New amateurish ransomware group FunkSec using AI to develop malware](https://therecord.media/funksec-ransomware-using-ai-malware) - - [ ] [STIIIZY data breach exposes cannabis buyers’ IDs and purchases](https://www.bleepingcomputer.com/news/security/stiiizy-data-breach-exposes-cannabis-buyers-ids-and-purchases/) - - [ ] [Sintesi riepilogativa delle campagne malevole nella settimana del 4 – 10 gennaio](https://cert-agid.gov.it/news/sintesi-riepilogativa-delle-campagne-malevole-nella-settimana-del-4-10-gennaio/) - - [ ] [Microsoft to force install new Outlook on Windows 10 PCs in February](https://www.bleepingcomputer.com/news/microsoft/microsoft-to-force-install-new-outlook-on-windows-10-pcs-in-february/) - - [ ] [BlinkenCity: From Art Project to Europe-wide Blackout Scenario](https://positive.security/blog/blinkencity-38c3) - - [ ] [Bots identified pushing anti-NATO messages in Croatian presidential runoff](https://therecord.media/bots-pushing-anti-nato-messages-croatian-election) - - [ ] [U.S. Telecom, Zero-Day Attacks Show Need for Cybersecurity Hygiene](https://cyble.com/blog/us-telecom-zero-day-attacks-show-need-for-cybersecurity-hygiene/) - - [ ] [WorstFit: Unveiling Hidden Transformers in Windows ANSI!](https://blog.orange.tw/posts/2025-01-worstfit-unveiling-hidden-transformers-in-windows-ansi/) - - [ ] [Critical ICS Vulnerabilities Uncovered in Weekly Vulnerability Report](https://cyble.com/blog/new-ics-vulnerabilities-report/) -- 白泽安全实验室 - - [ ] [APT组织Turla瞄准巴基斯坦关键基础设施展开攻击活动——每周威胁情报动态第208期 (01.03-01.09)](https://mp.weixin.qq.com/s?__biz=MzI0MTE4ODY3Nw==&mid=2247492512&idx=1&sn=c207ba89352dde2873ca1a70add44b6e&chksm=e90dc98ade7a409cc199fc590cf3e312dc6eaa82247b6b584125cb7f616538f5b28e41749a4a&scene=58&subscene=0#rd) -- 安全村SecUN - - [ ] [躬行|《电子数据取证与网络犯罪调查》专刊第七辑50份惊喜抽奖:)警察节快乐!](https://mp.weixin.qq.com/s?__biz=MzkyODM5NzQwNQ==&mid=2247496405&idx=1&sn=17b40406394060c7c389957502b86cb2&chksm=c21bd3e7f56c5af18c89a7436057ceea52e2c7e320b66f8f0807b3848982e27e0681de90f2e0&scene=58&subscene=0#rd) -- The Hacker News - - [ ] [Google Project Zero Researcher Uncovers Zero-Click Exploit Targeting Samsung Devices](https://thehackernews.com/2025/01/google-project-zero-researcher-uncovers.html) - - [ ] [Taking the Pain Out of Cybersecurity Reporting: A Practical Guide for MSPs](https://thehackernews.com/2025/01/taking-pain-out-of-cybersecurity.html) - - [ ] [AI-Driven Ransomware FunkSec Targets 85 Victims Using Double Extortion Tactics](https://thehackernews.com/2025/01/ai-driven-ransomware-funksec-targets-85.html) - - [ ] [Hands-On Walkthrough: Microsegmentation For all Users, Workloads and Devices by Elisity](https://thehackernews.com/2025/01/hands-on-walkthrough-microsegmentation.html) - - [ ] [RedDelta Deploys PlugX Malware to Target Mongolia and Taiwan in Espionage Campaigns](https://thehackernews.com/2025/01/reddelta-deploys-plugx-malware-to.html) - - [ ] [CrowdStrike Warns of Phishing Scam Targeting Job Seekers with XMRig Cryptominer](https://thehackernews.com/2025/01/crowdstrike-warns-of-phishing-scam.html) + - [ ] [Scammers file first — Get your IRS Identity Protection PIN now](https://www.bleepingcomputer.com/news/security/scammers-file-first-get-your-irs-identity-protection-pin-now/) + - [ ] [Fake LDAPNightmware exploit on GitHub spreads infostealer malware](https://www.bleepingcomputer.com/news/security/fake-ldapnightmware-exploit-on-github-spreads-infostealer-malware/) +- ICT Security Magazine + - [ ] [Living-off-the-Land Binaries (LOLBins) negli attacchi fileless: Analisi Tecnica e Implicazioni per la Sicurezza](https://www.ictsecuritymagazine.com/articoli/living-off-the-land-binaries-lolbins/) +- 迪哥讲事 + - [ ] [从 SQL 注入到远程代码执行](https://mp.weixin.qq.com/s?__biz=MzIzMTIzNTM0MA==&mid=2247496813&idx=1&sn=eab6d19d242d637c1797d76ec3ae43fa&chksm=e8a5fe0edfd277188a3ce54336fe9ddf992716daadef1e899d9d6e4de34f5c25335a2222782c&scene=58&subscene=0#rd) +- GobySec + - [ ] [锦鲤揭秘时刻!快来看看锦鲤礼包花落谁家吧~](https://mp.weixin.qq.com/s?__biz=MzI4MzcwNTAzOQ==&mid=2247545717&idx=1&sn=309283dd2ed10d791e052cf798b5e174&chksm=eb84d8d5dcf351c3ade60c164cef5dcf834d3e5db4c15add66752b789281fb770f82226b0664&scene=58&subscene=0#rd) - TorrentFreak - - [ ] [‘Strike 3’ Filed a Record Number of Piracy Lawsuits in 2024](https://torrentfreak.com/strike-3-filed-a-record-number-of-piracy-lawsuits-in-2024-250110/) -- SANS Internet Storm Center, InfoCON: green - - [ ] [ISC Stormcast For Friday, January 10th, 2025 https://isc.sans.edu/podcastdetail/9274, (Fri, Jan 10th)](https://isc.sans.edu/diary/rss/31576) - - [ ] [Windows Defender Chrome Extension Detection, (Fri, Jan 10th)](https://isc.sans.edu/diary/rss/31574) -- Graham Cluley - - [ ] [Canadian man loses a cryptocurrency fortune to scammers – here’s how you can stop it happening to you](https://www.bitdefender.com/en-us/blog/hotforsecurity/canadian-man-loses-a-cryptocurrency-fortune-to-scammers-heres-how-you-can-stop-it-happening-to-you) + - [ ] [Tonga! Tonga! Tonga! Online Piracy’s Unusual Attraction to ccTLD .to](https://torrentfreak.com/tonga-tonga-tonga-online-piracys-unusual-attraction-to-cctld-to-250111/) +- 银针安全 + - [ ] [高版本Fastjson在Java原生反序列化中的利用](https://mp.weixin.qq.com/s?__biz=Mzg2MDY2ODc5MA==&mid=2247484185&idx=1&sn=9068c43597d87c94568fe70974fd6365&chksm=ce239500f9541c160287b545120d6495c7a2aa9c5c75e0ad101c7a3d3600e86ea6b64ef75f63&scene=58&subscene=0#rd) +- Technical Information Security Content & Discussion + - [ ] [$2m laundered: the YouTube crypto tutorials’ huge scam (investigation)](https://www.reddit.com/r/netsec/comments/1hz54x4/2m_laundered_the_youtube_crypto_tutorials_huge/) + - [ ] [Gayfemboy: A Botnet Deliver Through a Four-Faith Industrial Router 0-day Exploit.](https://www.reddit.com/r/netsec/comments/1hyjjpb/gayfemboy_a_botnet_deliver_through_a_fourfaith/) +- Your Open Hacker Community + - [ ] [Getting infinite lives in Prehistorik on Windows 11](https://www.reddit.com/r/HowToHack/comments/1hz6pee/getting_infinite_lives_in_prehistorik_on_windows/) + - [ ] [How to convert a password protected zip file into a RAR file?](https://www.reddit.com/r/HowToHack/comments/1hz3bgu/how_to_convert_a_password_protected_zip_file_into/) + - [ ] [recovering google account](https://www.reddit.com/r/HowToHack/comments/1hyx8qq/recovering_google_account/) + - [ ] [Has anyone tried hijacking school Apple TVs for a prank?](https://www.reddit.com/r/HowToHack/comments/1hz3nxz/has_anyone_tried_hijacking_school_apple_tvs_for_a/) + - [ ] [Help](https://www.reddit.com/r/HowToHack/comments/1hyzqf5/help/) + - [ ] [Can anyone help me with a teleg private group(pls dm me)](https://www.reddit.com/r/HowToHack/comments/1hyzpji/can_anyone_help_me_with_a_teleg_private_grouppls/) + - [ ] [I need to find someone's IP address or something](https://www.reddit.com/r/HowToHack/comments/1hyzxt3/i_need_to_find_someones_ip_address_or_something/) +- Security Affairs + - [ ] [DoJ charged three Russian citizens with operating crypto-mixing services](https://securityaffairs.com/172957/cyber-crime/doj-charged-russian-citizens-with-operating-crypto-mixing-services.html) + - [ ] [U.S. cannabis dispensary STIIIZY disclosed a data breach](https://securityaffairs.com/172950/data-breach/marijuana-dispensary-stiiizy-data-breach.html) + - [ ] [A novel PayPal phishing campaign hijacks accounts](https://securityaffairs.com/172935/cyber-crime/paypal-phishing-campaign-hijacks-accounts.html) +- Social Engineering + - [ ] [The hidden psychology of abusers](https://www.reddit.com/r/SocialEngineering/comments/1hyxk74/the_hidden_psychology_of_abusers/) +- The Hacker News + - [ ] [Microsoft Sues Hacking Group Exploiting Azure AI for Harmful Content Creation](https://thehackernews.com/2025/01/microsoft-sues-hacking-group-exploiting.html) + - [ ] [DoJ Indicts Three Russians for Operating Crypto Mixers Used in Cybercrime Laundering](https://thehackernews.com/2025/01/doj-indicts-three-russians-for.html) +- Computer Forensics + - [ ] [How do you read a $MFT? (First Computer Forensics class)](https://www.reddit.com/r/computerforensics/comments/1hyvbdc/how_do_you_read_a_mft_first_computer_forensics/) - Information Security - - [ ] [Organized my cybersecurity bookmarks into a GitHub repo (300+ sources)](https://www.reddit.com/r/Information_Security/comments/1hy0exs/organized_my_cybersecurity_bookmarks_into_a/) - - [ ] [RBI PA-PG (Payment Aggregators & Payment Gateways) Audit](https://www.reddit.com/r/Information_Security/comments/1hxz9tj/rbi_papg_payment_aggregators_payment_gateways/) + - [ ] [Open Source Shadow IT Detection](https://www.reddit.com/r/Information_Security/comments/1hyoren/open_source_shadow_it_detection/) - Deep Web - - [ ] [How safe is posting on forums on the darkweb?](https://www.reddit.com/r/deepweb/comments/1hy0bdu/how_safe_is_posting_on_forums_on_the_darkweb/) - - [ ] [Dark web purchase](https://www.reddit.com/r/deepweb/comments/1hy1wwb/dark_web_purchase/) -- Computer Forensics - - [ ] [CREST Certs (CPIA|CRIA)](https://www.reddit.com/r/computerforensics/comments/1hyahq4/crest_certs_cpiacria/) - - [ ] [Mac OS - need application logs](https://www.reddit.com/r/computerforensics/comments/1hxtfyh/mac_os_need_application_logs/) - - [ ] [Macbook M4/M4 Pro Collections](https://www.reddit.com/r/computerforensics/comments/1hxtktu/macbook_m4m4_pro_collections/) + - [ ] [Would you like this reward?](https://www.reddit.com/r/deepweb/comments/1hz9bjv/would_you_like_this_reward/) - Blackhat Library: Hacking techniques and research - - [ ] [Just question](https://www.reddit.com/r/blackhat/comments/1hyesag/just_question/) -- Your Open Hacker Community - - [ ] [A question](https://www.reddit.com/r/HowToHack/comments/1hyauea/a_question/) - - [ ] [Question about windows](https://www.reddit.com/r/HowToHack/comments/1hye2lu/question_about_windows/) - - [ ] [Is this Vulnerable ?](https://www.reddit.com/r/HowToHack/comments/1hyi8hk/is_this_vulnerable/) - - [ ] [Could anyone help me in understanding this "Not Operational or Intended Public Access" vulnerability ?](https://www.reddit.com/r/HowToHack/comments/1hy7xk7/could_anyone_help_me_in_understanding_this_not/) - - [ ] [Help](https://www.reddit.com/r/HowToHack/comments/1hyhuu9/help/) - - [ ] [Wardriving Question](https://www.reddit.com/r/HowToHack/comments/1hy5hha/wardriving_question/) - - [ ] [How to hack a new ai website?](https://www.reddit.com/r/HowToHack/comments/1hyhm2r/how_to_hack_a_new_ai_website/) - - [ ] [Any idea how to gg cpm2 ?](https://www.reddit.com/r/HowToHack/comments/1hy96jp/any_idea_how_to_gg_cpm2/) - - [ ] [how to loop a cctv camera](https://www.reddit.com/r/HowToHack/comments/1hy7y62/how_to_loop_a_cctv_camera/) - - [ ] [Taking down Defender experiment](https://www.reddit.com/r/HowToHack/comments/1hxtxzr/taking_down_defender_experiment/) -- Security Affairs - - [ ] [Banshee macOS stealer supports new evasion mechanisms](https://securityaffairs.com/172918/malware/new-version-of-the-banshee-macos-stealer.html) - - [ ] [Researchers disclosed details of a now-patched Samsung zero-click flaw](https://securityaffairs.com/172909/hacking/samsung-zero-click-flaw.html) - - [ ] [Phishers abuse CrowdStrike brand targeting job seekers with cryptominer](https://securityaffairs.com/172900/cyber-crime/crowdstrike-phishing-campaign-recruitment-branding.html) - - [ ] [China-linked APT group MirrorFace targets Japan](https://securityaffairs.com/172890/apt/china-linked-apt-mirrorface-targets-japan.html) -- netsecstudents: Subreddit for students studying Network Security and its related subjects - - [ ] [Passed Cisco 100-140 (CCST IT Support) Exam! Here's How I Prepared](https://www.reddit.com/r/netsecstudents/comments/1hy26je/passed_cisco_100140_ccst_it_support_exam_heres/) - - [ ] [What is the best practice to securely host an application in Linux?](https://www.reddit.com/r/netsecstudents/comments/1hxzw9c/what_is_the_best_practice_to_securely_host_an/) - - [ ] [What project should be added in resume as a cyber security beginner?](https://www.reddit.com/r/netsecstudents/comments/1hxvis0/what_project_should_be_added_in_resume_as_a_cyber/) - - [ ] [Guidance Needed for Safe Demonstration of GIF Malware Detection](https://www.reddit.com/r/netsecstudents/comments/1hxyr5d/guidance_needed_for_safe_demonstration_of_gif/) - - [ ] [Graduating soon at 19, Sec+ done - what’s the next cert or skill to pursue?](https://www.reddit.com/r/netsecstudents/comments/1hxra7i/graduating_soon_at_19_sec_done_whats_the_next/) -- Trend Micro Research, News and Perspectives - - [ ] [How Cracks and Installers Bring Malware to Your Device](https://www.trendmicro.com/en_us/research/25/a/how-cracks-and-installers-bring-malware-to-your-device.html) -- Technical Information Security Content & Discussion - - [ ] [ACE up the sleeve: Hacking into Apple's new USB-C Controller](https://www.reddit.com/r/netsec/comments/1hy9t8i/ace_up_the_sleeve_hacking_into_apples_new_usbc/) - - [ ] [How to jailbreak most/all LLMs using Assistant Prefill](https://www.reddit.com/r/netsec/comments/1hy6snm/how_to_jailbreak_mostall_llms_using_assistant/) - - [ ] [Exploiting SSTI in a Modern Spring Boot Application (3.3.4)](https://www.reddit.com/r/netsec/comments/1hy06vj/exploiting_ssti_in_a_modern_spring_boot/) - - [ ] [Do Secure-By-Design Pledges Come With Stickers? - Ivanti Connect Secure RCE (CVE-2025-0282) - watchTowr Labs](https://www.reddit.com/r/netsec/comments/1hxt46x/do_securebydesign_pledges_come_with_stickers/) -- The Register - Security - - [ ] [Chinese cyber-spies peek over shoulder of officials probing real-estate deals near American military bases](https://go.theregister.com/feed/www.theregister.com/2025/01/10/china_treasury_foreign_investment/) - - [ ] [Drug addiction treatment service admits attackers stole sensitive patient data](https://go.theregister.com/feed/www.theregister.com/2025/01/10/baymark_data_breach/) - - [ ] [Devs sent into security panic by 'feature that was helpful … until it wasn't'](https://go.theregister.com/feed/www.theregister.com/2025/01/10/on_call/) -- Security Weekly Podcast Network (Audio) - - [ ] [Robot Dogs, Ivanti, SonicWall, Banshee, Telegram, Motorola, Aaran Leyland, and more. - SWN #441](http://sites.libsyn.com/18678/robot-dogs-ivanti-sonicwall-banshee-telegram-motorola-aaran-leyland-and-more-swn-441) + - [ ] [Telefonica Breach: Infostealer Malware Opens Door for Social Engineering Tactics](https://www.reddit.com/r/blackhat/comments/1hysvc3/telefonica_breach_infostealer_malware_opens_door/) From b31564e5be6b53126945c7f1060007c19e8f2721 Mon Sep 17 00:00:00 2001 From: chainreactorbot Date: Mon, 13 Jan 2025 02:56:03 +0000 Subject: [PATCH 09/29] =?UTF-8?q?=E6=AF=8F=E6=97=A5=E5=AE=89=E5=85=A8?= =?UTF-8?q?=E8=B5=84=E8=AE=AF=EF=BC=882025-01-13=EF=BC=89?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- archive/daily/2025/2025-01-13.md | 299 +++++++++++++++++ archive/tmp/2025-01-13.json | 340 +++++++++++++++++++ today.md | 538 ++++++++++++++++--------------- 3 files changed, 921 insertions(+), 256 deletions(-) create mode 100644 archive/daily/2025/2025-01-13.md create mode 100644 archive/tmp/2025-01-13.json diff --git a/archive/daily/2025/2025-01-13.md b/archive/daily/2025/2025-01-13.md new file mode 100644 index 0000000000..0762b34589 --- /dev/null +++ b/archive/daily/2025/2025-01-13.md @@ -0,0 +1,299 @@ +# 每日安全资讯(2025-01-13) + +- SecWiki News + - [ ] [SecWiki News 2025-01-12 Review](http://www.sec-wiki.com/?2025-01-12) +- Private Feed for M09Ic + - [ ] [safedv starred m4b/goblin](https://github.com/m4b/goblin) + - [ ] [skelsec released v1.2 at octopwn/octopwn-wasm-documentation](https://github.com/octopwn/octopwn-wasm-documentation/releases/tag/v1.2) + - [ ] [liamg starred Cyan4973/xxHash](https://github.com/Cyan4973/xxHash) + - [ ] [liamg starred ogxd/gxhash](https://github.com/ogxd/gxhash) + - [ ] [liamg starred hybridgroup/go-haystack](https://github.com/hybridgroup/go-haystack) + - [ ] [safedv starred klezVirus/SilentMoonwalk](https://github.com/klezVirus/SilentMoonwalk) + - [ ] [safedv starred Yaxxine7/ASRepCatcher](https://github.com/Yaxxine7/ASRepCatcher) + - [ ] [safedv starred LuemmelSec/APEX](https://github.com/LuemmelSec/APEX) + - [ ] [safedv starred Teach2Breach/snapinject_rs](https://github.com/Teach2Breach/snapinject_rs) + - [ ] [safedv starred djackreuter/btexec](https://github.com/djackreuter/btexec) + - [ ] [safedv starred BlackSnufkin/Rusty-Playground](https://github.com/BlackSnufkin/Rusty-Playground) + - [ ] [panjf2000 starred mudler/LocalAI](https://github.com/mudler/LocalAI) +- Security Boulevard + - [ ] [The Vanity Press in Academia](https://securityboulevard.com/2025/01/the-vanity-press-in-academia/) + - [ ] [DEF CON 32 – Open Source Hacker V. Government Lawyer](https://securityboulevard.com/2025/01/def-con-32-open-source-hacker-v-government-lawyer/) + - [ ] [PCI DSS Requirements With v4.0.1 Updates For 2024](https://securityboulevard.com/2025/01/pci-dss-requirements-with-v4-0-1-updates-for-2024/) + - [ ] [What is PCI DSS 4.0: Is This Still Applicable For 2024?](https://securityboulevard.com/2025/01/what-is-pci-dss-4-0-is-this-still-applicable-for-2024/) +- Doonsec's feed + - [ ] [老牌免杀工具veil免杀](https://mp.weixin.qq.com/s?__biz=MzU4MjYxNTYwNA==&mid=2247487586&idx=1&sn=580b6b99b07e7b2d60df7ccedd172155) + - [ ] [最新公告!可拨打12336举报泄密或保密违法违规行为](https://mp.weixin.qq.com/s?__biz=MzI3NzM5NDA0NA==&mid=2247490237&idx=1&sn=4b60620bdc57dda141d8ec196e6aae9d) + - [ ] [第二届獬豸杯 期望时间统计](https://mp.weixin.qq.com/s?__biz=MzkzNTQzNTQzMQ==&mid=2247485316&idx=1&sn=a79943db1ccb943a5f352bfb659fb23b) + - [ ] [盲猜2024年出生人口,900-930万之间](https://mp.weixin.qq.com/s?__biz=MzkwMzI1ODUwNA==&mid=2247487808&idx=1&sn=b9284860c9b323bee6e1f20a50cd932c) + - [ ] [在 Kali 上利用 Zmap 搭建攻击炮台](https://mp.weixin.qq.com/s?__biz=Mzg3OTUxNTU2NQ==&mid=2247489972&idx=1&sn=bc2d1d4fe2b6fd60fcb4dc23c290f745) + - [ ] [再说 API 安全:52个可被利用的弱点分析](https://mp.weixin.qq.com/s?__biz=Mzg3OTUxNTU2NQ==&mid=2247489972&idx=2&sn=b0255b231297a0608167a5b2afa46867) + - [ ] [探秘缅甸诈骗产业链,美国为何能成为 “例外”?惊人真相曝光!](https://mp.weixin.qq.com/s?__biz=Mzg3OTUxNTU2NQ==&mid=2247489972&idx=3&sn=a1b8e66e4a1273000914f77111051201) + - [ ] [开源情报|军事动态|美国军事医疗AI试点的战略意图分析](https://mp.weixin.qq.com/s?__biz=Mzg2NTcyNjU4Nw==&mid=2247485849&idx=1&sn=04dd254dfb2728a2b9aac91874acd731) + - [ ] [【工具更新】Nessus 最新windows/ubuntu版Cracked(附下载)](https://mp.weixin.qq.com/s?__biz=Mzk0NjQ5MTM1MA==&mid=2247492783&idx=1&sn=f3eb1a652c0c48844181dbe7ef02e859) + - [ ] [HTB-EscapeTwo](https://mp.weixin.qq.com/s?__biz=Mzk0MTQxOTA3Ng==&mid=2247489297&idx=1&sn=b0ffebdfd3a6487f693f72266dfdea81) + - [ ] [奇安信十年战略演变,2025将会去向何方?](https://mp.weixin.qq.com/s?__biz=MzAxOTk3NTg5OQ==&mid=2247492157&idx=1&sn=6ca188023575d8e0b7fe73143bb8b4f6) + - [ ] [沈逸:构建系统性国家战略和完备法律应对网络安全威胁](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485399&idx=1&sn=ed19d839bcd07df958388f69d835d849) + - [ ] [【直卖实拍】北七家3居变4居豪装,理想楼层、户型、朝向](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485399&idx=2&sn=7839308f2bbfb1c87f3f67da9514b04c) + - [ ] [【干货】笑傲职场的独家经验(1)](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485399&idx=3&sn=003268c4507b82995cc22aa9b8be9caf) + - [ ] [【干货原创】实网攻防演习常态化,会带来什么变化01](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485399&idx=4&sn=4bf0aaa6b237c29ebbffca4d8efe20f5) + - [ ] [【干货原创】K12教育,鲜为人知的模式秘密](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485399&idx=5&sn=612460e36200e9070bff5286c1e7641f) + - [ ] [【云安全】AccessKey泄露-安全问题分析](https://mp.weixin.qq.com/s?__biz=MzUyNTUyNTA5OQ==&mid=2247484392&idx=1&sn=c8e8b6f7c95e894a44040d9c69cdd7e6) + - [ ] [【不要看】修复 CS 4.8、4.9 截图保存为空 bug](https://mp.weixin.qq.com/s?__biz=Mzg5MDg0NzUzMw==&mid=2247484343&idx=1&sn=c4f25f132bcc360975cfabf5a10a7d00) + - [ ] [SSRF 漏洞自动化 寻找](https://mp.weixin.qq.com/s?__biz=MzIzMTIzNTM0MA==&mid=2247496832&idx=1&sn=5c72712e20772f2279b09ca9a748afc2) + - [ ] [JeecgBoot passwordChange 任意用户密码重置漏洞](https://mp.weixin.qq.com/s?__biz=MzkzMTcwMTg1Mg==&mid=2247490122&idx=1&sn=53609c160a2964063bb4bc1b113c77b8) + - [ ] [攻防3.0 - 信任攻击](https://mp.weixin.qq.com/s?__biz=MzU0NTI4MDQwMQ==&mid=2247484194&idx=1&sn=cb404b0fcfa2490d458d482fa704e98a) + - [ ] [我的评价是雀氏不错!](https://mp.weixin.qq.com/s?__biz=Mzk0ODM0NDIxNQ==&mid=2247493263&idx=1&sn=ac3d3e4ada3080ab6307d47ef976124e) + - [ ] [又是谁统计📉](https://mp.weixin.qq.com/s?__biz=MzAwMjQ2NTQ4Mg==&mid=2247496568&idx=1&sn=d1c783dfd0596633a2f0987a713d6544) + - [ ] [国护成功溯源的攻击事件](https://mp.weixin.qq.com/s?__biz=MzAwMjQ2NTQ4Mg==&mid=2247496568&idx=2&sn=15d3082cae89edff90bef47052b40e3d) + - [ ] [Sekiro+Yakit 热加载无痛绕sign](https://mp.weixin.qq.com/s?__biz=Mzg4Mzg2MjgxNg==&mid=2247485601&idx=1&sn=d35f997e047ae7ff451a8b0cbdd0fd32) + - [ ] [分享的图片、视频、链接](https://mp.weixin.qq.com/s?__biz=MzkyNTQyMzk0MA==&mid=2247484677&idx=1&sn=d516ac44f6cb69e2fe1d0d790ca55e0a) + - [ ] [2025版最新vmware虚拟机下载安装及使用教程(非常详细)零基础入门到精通,收藏这篇就够了](https://mp.weixin.qq.com/s?__biz=Mzk1NzMwNTM5NQ==&mid=2247483778&idx=1&sn=8f994e5be5db7a988192f9eb5e65d5f3) + - [ ] [我的评价是全是干货](https://mp.weixin.qq.com/s?__biz=Mzg2ODYxMzY3OQ==&mid=2247518178&idx=1&sn=1784f7c0cf09898d76e4898883ec6570) + - [ ] [“WorstFit”学习](https://mp.weixin.qq.com/s?__biz=MzkyODUzMjEzOA==&mid=2247483844&idx=1&sn=4ee90bc1b7dc42b880998bfaadb02af4) + - [ ] [【安全工具】一款免费的APP IOS抓包工具 支持Flutter应用抓包|漏洞探测](https://mp.weixin.qq.com/s?__biz=MzA5MzYzMzkzNg==&mid=2650962428&idx=1&sn=b6d1444de2a91eaf1aa348721b0ce44f) + - [ ] [@所有人,手机、电视可设置地震预警](https://mp.weixin.qq.com/s?__biz=MzA5MzYzMzkzNg==&mid=2650962428&idx=2&sn=385568e41c3f6747ea879e9d5d2fee80) + - [ ] [2025年1月哪一款手机性价比高?全品牌、全价位手机推荐与选购指南(万字版)](https://mp.weixin.qq.com/s?__biz=MzA5MzYzMzkzNg==&mid=2650962428&idx=3&sn=c2c40168926041d7f0ed19353de9df69) + - [ ] [【艺术鉴赏】抖音直播更新,睡眠更新小一熟了视频](https://mp.weixin.qq.com/s?__biz=MzA5MzYzMzkzNg==&mid=2650962428&idx=4&sn=f5d5c2e737809957a84698e2f020f2c6) + - [ ] [【漏洞复现】CVE-2024-50603](https://mp.weixin.qq.com/s?__biz=MzUxMTk4OTA1NQ==&mid=2247484899&idx=1&sn=ebdbb1fe5f94622276851862e5a4dbb5) + - [ ] [国家保密局公告!](https://mp.weixin.qq.com/s?__biz=MzI5NTM4OTQ5Mg==&mid=2247633750&idx=1&sn=218e67e73d6e8930e26ddb1c7bfca532) + - [ ] [扎实推动数据工作取得新突破新进展,全国数据工作会议在京召开](https://mp.weixin.qq.com/s?__biz=MzI5NTM4OTQ5Mg==&mid=2247633750&idx=2&sn=1c888a7557747fd2599fcb1e431e5747) + - [ ] [网络安全市场正面临“红海”困境](https://mp.weixin.qq.com/s?__biz=MzI5NTM4OTQ5Mg==&mid=2247633750&idx=3&sn=13095461ade11d1fd2e6c3a2b593979f) + - [ ] [2025 年美国军费的 3%(300 亿美元)用于网络安全](https://mp.weixin.qq.com/s?__biz=MzI5NTM4OTQ5Mg==&mid=2247633750&idx=4&sn=cc30ff23a8d536a16b5c79922cbe6dd4) + - [ ] [首次!欧盟官方因违反数据保护法规向用户赔偿3000元](https://mp.weixin.qq.com/s?__biz=MzI5NTM4OTQ5Mg==&mid=2247633750&idx=5&sn=ebc4a68c6f3c91b3d97e4e88828499a3) + - [ ] [【极思】安全运营第6年实践总结](https://mp.weixin.qq.com/s?__biz=MzI2NTMwNjYyMA==&mid=2247484980&idx=1&sn=f83670f089e041e2071a66c2436c1e2b) + - [ ] [Powershell使用指南](https://mp.weixin.qq.com/s?__biz=Mzk1Nzk0NDY3Nw==&mid=2247484058&idx=1&sn=278d5f6c0faf6206a391f655f08af6e1) + - [ ] [【网络安全实验室】渗透测试综合实战](https://mp.weixin.qq.com/s?__biz=Mzg5NTU2NjA1Mw==&mid=2247495993&idx=1&sn=d979b7c06d07e0afdff5f066d3ad97d3) + - [ ] [《黑客安全报告2024-2025》第 8 版请查阅](https://mp.weixin.qq.com/s?__biz=MzA3MTM0NTQzNA==&mid=2455780124&idx=1&sn=65a340bd360728d417c9379976fe1de2) + - [ ] [DC靶场系列--DC-3](https://mp.weixin.qq.com/s?__biz=Mzk1NzIzMzQ3OA==&mid=2247484222&idx=1&sn=34a784d7d46663dd4452ad71caa78152) + - [ ] [从车内入侵检测到攻击防护响应](https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247619327&idx=1&sn=ee4dbe6a3305f75cbd3566da337518b3) + - [ ] [GB T 汽车信息安全应急响应管理指南-市场监督总局、国标委 (征求意见稿)](https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247619327&idx=2&sn=9774d4bb12c8732e5292772f6445cce1) + - [ ] [GB T 41871-2022 信息安全技术u3000汽车数据处理安全要求](https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247619327&idx=3&sn=6b9e0fe22c31420d410f000fa3e46abc) + - [ ] [蓝凌OA WebService sysFormMainDataInsystemWebservice 任意文件读取漏洞](https://mp.weixin.qq.com/s?__biz=MzkzMTcwMTg1Mg==&mid=2247490110&idx=1&sn=f8eff8b0b09439af303df311d04a6b75) + - [ ] [Qt 开源 Serial Studio 支持串口、MQTT、BLE的嵌入式可视化工具](https://mp.weixin.qq.com/s?__biz=MjM5OTA4MzA0MA==&mid=2454936573&idx=1&sn=fd087acdd19e1ec79e0d44f75ecd1ee2) + - [ ] [学术前沿 | 国防科技大学李爱平教授团队:物联网威胁情报知识图谱综述](https://mp.weixin.qq.com/s?__biz=MzI0NjU2NDMwNQ==&mid=2247504588&idx=1&sn=2d8592df92f5803bf485752d5f217d87) + - [ ] [21124_ctfshow_misc_原谅3_来份色图xa0writeup](https://mp.weixin.qq.com/s?__biz=MzU2NzIzNzU4Mg==&mid=2247489475&idx=1&sn=759bb9966312d2339d39de30003fd7ce) + - [ ] [【安全圈】腾讯协助警方破获木马盗窃游戏账号案,涉案金额超 3000 万](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067304&idx=1&sn=e99889dcbf4e15a2ad7a2217e3f850a3) + - [ ] [【安全圈】勒索木马 Banshee 针对苹果 macOS 下手,冒充安全组件躲避检测](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067304&idx=2&sn=72944b1de7bb9205840492e28ba936b4) + - [ ] [【安全圈】卡西欧遭勒索软件攻击?8500人数据被窃取!](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067304&idx=3&sn=1f094579cd41cb8e1f1583f6eb592503) + - [ ] [知识星球xa0|xa0网安战略技术、网安产业分析等资源更新;历年网安报告、PPT合集下载](https://mp.weixin.qq.com/s?__biz=MzU5ODgzNTExOQ==&mid=2247634477&idx=1&sn=f16b5cd9732e725dd39a79d93e3e0c0f) + - [ ] [2025-悟已往之不谏](https://mp.weixin.qq.com/s?__biz=Mzg3NzIxMDYxMw==&mid=2247504320&idx=1&sn=b8e11abf5072713197e1a08b31c69af6) + - [ ] [红队-shell编程基础(六)](https://mp.weixin.qq.com/s?__biz=Mzk1Nzk2NjI3Ng==&mid=2247483783&idx=1&sn=740cf22cc7407823de45414e1b6ef1f5) + - [ ] [天空卫士10周年丨积厚致远,迈十而强](https://mp.weixin.qq.com/s?__biz=MzA5MjQyODY1Mw==&mid=2648516486&idx=1&sn=c0445ec208cb5f49a0321affaef6ccf9) + - [ ] [基于Davinci的HSM开发实践(13):安全启动细节补充](https://mp.weixin.qq.com/s?__biz=MzIzOTc2OTAxMg==&mid=2247548768&idx=1&sn=70a8095e6736bfc1cc2494205bb147bf) + - [ ] [新能源汽车之CAN总线知识](https://mp.weixin.qq.com/s?__biz=MzIzOTc2OTAxMg==&mid=2247548768&idx=2&sn=8041069d0b6f147683ef5036e7de0ab8) + - [ ] [扫码下载 | 电信行业关键信息基础设施安全保护安全管理总体要求](https://mp.weixin.qq.com/s?__biz=MjM5OTk4MDE2MA==&mid=2655263760&idx=1&sn=76ef227352966eeaacd31da36db50522) + - [ ] [流程控制语句](https://mp.weixin.qq.com/s?__biz=MzkzODQzNTU2NA==&mid=2247486287&idx=1&sn=805850077aa1f925c8fc7f5264c79fce) + - [ ] [ptcpdump,一个让黑客无处遁形的网络分析神器|突破传统tcpdump限制,精准定位容器环境下的恶意流量](https://mp.weixin.qq.com/s?__biz=MzI5MjY4MTMyMQ==&mid=2247489633&idx=1&sn=7b7974900e912926da197b141b8b03c8) + - [ ] [亿赛通-9处SQL注入](https://mp.weixin.qq.com/s?__biz=MzkyOTg3ODc5OA==&mid=2247484155&idx=1&sn=26084264025488750f67307d91e78787) + - [ ] [工信部:2024年我国网络和数据安全取得新突破](https://mp.weixin.qq.com/s?__biz=MzkwMTMyMDQ3Mw==&mid=2247597394&idx=1&sn=484fc5f368eeaa52c803449704426e63) + - [ ] [《网络数据安全管理条例》有哪些亮点?](https://mp.weixin.qq.com/s?__biz=MzkwMTMyMDQ3Mw==&mid=2247597394&idx=2&sn=a16caf62b43639fb28e4cf0d6382e6db) + - [ ] [网站域名遭非法盗用篡改,郑州两家公司被行政处罚](https://mp.weixin.qq.com/s?__biz=MzkwMTMyMDQ3Mw==&mid=2247597394&idx=3&sn=6a9956452b2a1f329ba8bd4b07f8ba28) + - [ ] [网络工程师成长之路:从零基础到技术大牛的进阶指南!](https://mp.weixin.qq.com/s?__biz=MzIyMzIwNzAxMQ==&mid=2649464462&idx=1&sn=8a4209e9983e719ed78815096cf9874f) + - [ ] [Kunlun-Mirror源代码审计工具](https://mp.weixin.qq.com/s?__biz=Mzk0Mjg4MTQxMw==&mid=2247485551&idx=1&sn=f80a57db32ca3494a91c9da832e56af3) + - [ ] [我只想要一个 CVE-2024-30085 Exploit 作为圣诞礼物](https://mp.weixin.qq.com/s?__biz=MzAxODM5ODQzNQ==&mid=2247486285&idx=1&sn=8188907190a4d5beb3fed38fd5275049) + - [ ] [无敌了,这5个SSH客户端也太好用了!](https://mp.weixin.qq.com/s?__biz=MzUyNTExOTY1Nw==&mid=2247527831&idx=1&sn=171ff0749c760a4ff3d785751f5b369c) + - [ ] [国家重点研发计划“分布式无证书网络身份系统的关键技术”2025第一季度项目研讨会议在北京举行](https://mp.weixin.qq.com/s?__biz=Mzk0MDMwNjU3Ng==&mid=2247484583&idx=1&sn=e8a5d1eb7a8bc73b0936d6ff109e7f26) + - [ ] [因违反数据安全、信用信息管理规定等,又一家银行被罚](https://mp.weixin.qq.com/s?__biz=MzIxMDIwODM2MA==&mid=2653931396&idx=1&sn=53a89c643400992dcf65cb058efedea8) + - [ ] [网安全牛马注意了!!!某提权工具被投毒植入后门](https://mp.weixin.qq.com/s?__biz=Mzg2NTk4MTE1MQ==&mid=2247486453&idx=1&sn=9b0269672a20c13f853f4df1deb3b50f) + - [ ] [【相关分享】记一次小程序逻辑漏洞](https://mp.weixin.qq.com/s?__biz=Mzk0OTUwNTU5Nw==&mid=2247488478&idx=1&sn=0e94195de32c6cc2af2df00db511b92a) + - [ ] [接到领导指示](https://mp.weixin.qq.com/s?__biz=MzkwNDg1NTU0Mg==&mid=2247484366&idx=1&sn=3d2fa1e9ef24575bac2f68d64da1bc68) + - [ ] [Bleem: 面向数据包序列的协议模糊测试 | 技术进展](https://mp.weixin.qq.com/s?__biz=MzU1NTEzODc3MQ==&mid=2247486874&idx=1&sn=311b59a1953758bc2f69485cbf107d4b) + - [ ] [孙凝晖院士:建设面向智能时代的国家数据基础设施](https://mp.weixin.qq.com/s?__biz=Mzg4MDU0NTQ4Mw==&mid=2247528560&idx=1&sn=916a81824870f383b56330f6df479448) + - [ ] [智库报告 | 人工智能领域的六大预测](https://mp.weixin.qq.com/s?__biz=Mzg4MDU0NTQ4Mw==&mid=2247528560&idx=2&sn=babe127daba4c7530d8fab4f1f929d81) + - [ ] [【工具分享】攻防利器 - ProxyCat 轻量级代理池轮换工具](https://mp.weixin.qq.com/s?__biz=Mzg4MTkwMTI5Mw==&mid=2247488604&idx=1&sn=fe8a84631ecdf0cdfdcbd71c55b2937f) + - [ ] [【供应链攻击】使用Proxy SwitchyOmega (V3)版本的了解一下](https://mp.weixin.qq.com/s?__biz=MzkzNDIzNDUxOQ==&mid=2247494189&idx=1&sn=ba54efd6acd2d1ffd162f44149cbd9dc) + - [ ] [如何在Ansible中轻松实现复杂SSH跳转?这个参数搞定](https://mp.weixin.qq.com/s?__biz=MjM5OTc5MjM4Nw==&mid=2457385987&idx=1&sn=1acdbabefa8f2844520839562450287c) + - [ ] [网络安全领域研究人员遭遇假PoC专项攻击](https://mp.weixin.qq.com/s?__biz=MzI0MTE4ODY3Nw==&mid=2247492518&idx=1&sn=d4196de8b812e3a2d29209b50328cec0) + - [ ] [请一等奖获奖选手私聊领取奖励](https://mp.weixin.qq.com/s?__biz=MzI5MzkwMzU1Nw==&mid=2247485224&idx=1&sn=dc0d2fc4dbe9c289ecf727c067e6349c) + - [ ] [通过代码研究空字节和无文件方式注册表隐藏技术](https://mp.weixin.qq.com/s?__biz=MjM5NDcxMDQzNA==&mid=2247489348&idx=1&sn=29c8552f1aaa9e42c2b836be06f5f795) + - [ ] [BurpSuite插件之autoDecoder](https://mp.weixin.qq.com/s?__biz=Mzk1NzIzOTc5MQ==&mid=2247484054&idx=1&sn=32f69a3a0f79604736097b850a15d317) + - [ ] [2024龙信年终技术考核参考WP](https://mp.weixin.qq.com/s?__biz=Mzk0MTQzNjIyNg==&mid=2247493354&idx=1&sn=02c0c4f95a8dbadb54bbf82b04aa84db) + - [ ] [吐槽一下某位记性差的情报大佬](https://mp.weixin.qq.com/s?__biz=MzU5OTMxNjkxMA==&mid=2247488423&idx=1&sn=bc632db8cfabe6b70249ad6a603c32d1) + - [ ] [联合国国际民航组织(ICAO)遭黑客攻击,4.2万份文件泄露!全球航空安全面临新威胁?](https://mp.weixin.qq.com/s?__biz=MzA4NTY4MjAyMQ==&mid=2447900023&idx=1&sn=abbeb590028956425cc68d46bfeaa940) + - [ ] [JS中的漏洞信息](https://mp.weixin.qq.com/s?__biz=MzU2NzY5MjAwNQ==&mid=2247486764&idx=1&sn=69cdc86ba9528ef7448abb4bdd976484) + - [ ] [自建IPTV源iptv-sources](https://mp.weixin.qq.com/s?__biz=MzkxMzIwNTY1OA==&mid=2247510709&idx=1&sn=0ba982135c9676de49536fc693b7eb38) + - [ ] [什么是IPV4?个人有吗?怎么获得?](https://mp.weixin.qq.com/s?__biz=MzkyMTQzNTM3Ng==&mid=2247483863&idx=1&sn=619d9fb761418b2cb752cf729f31e2f1) + - [ ] [在spring-aop中挖掘新反序列化gadget-chain](https://mp.weixin.qq.com/s?__biz=Mzg2MDY2ODc5MA==&mid=2247484198&idx=1&sn=6b6a82bb543e879295b7cd2d85f3a37f) + - [ ] [什么?资深高级红队队长已经在研究超能力黑电脑了?](https://mp.weixin.qq.com/s?__biz=Mzg2NDg2MDIxNQ==&mid=2247485319&idx=1&sn=ad8f40bdb5b1c07dc233047b958df904) + - [ ] [网安原创文章推荐【2025/1/11】](https://mp.weixin.qq.com/s?__biz=MzAxNzg3NzMyNQ==&mid=2247489441&idx=1&sn=4c04b2d66f2fec8cef967dd2579359f8) + - [ ] [「漏洞复现」某源地产ERP Service.asmx X-Forwarded-For注入漏洞](https://mp.weixin.qq.com/s?__biz=MzkyNDY3MTY3MA==&mid=2247486739&idx=1&sn=6463b2b41421b6514b200a5d9b397ac6) + - [ ] [IDA技巧(99)IDA 枚举类型](https://mp.weixin.qq.com/s?__biz=MzI1Mjk2MTM1OQ==&mid=2247485212&idx=1&sn=7bb441b2d54ca6a4df55ddbc5940888b) + - [ ] [ISO 14001: 2015 标准详解与实施(7)5.3 组织的角色、职责和权限](https://mp.weixin.qq.com/s?__biz=MzA5OTEyNzc1Nw==&mid=2247485913&idx=1&sn=ee0d2911362dd63adba8d841e38363ae) + - [ ] [ISO 45001: 2018 标准详解与实施(7)5.3 组织的角色、职责和权限](https://mp.weixin.qq.com/s?__biz=MzA5OTEyNzc1Nw==&mid=2247485913&idx=2&sn=2a32b64b88721f6b0653db89c30e9344) + - [ ] [古河大佬发现CVE-2024-49113 被黑客利用,发布恶意 PoC(好害怕发布带毒 poc 啊)](https://mp.weixin.qq.com/s?__biz=MzkzNDIzNDUxOQ==&mid=2247494172&idx=1&sn=8437b6bd83d4cea051dbc558260056d8) + - [ ] [独家揭秘:chatgpt帮你快速锁定高分伦理学论文选题指南!](https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247486113&idx=1&sn=f727b3d4b79cb12fbbdec06949fbfd96) + - [ ] [独家揭秘:ChatGPT快速生成放射医学高质量论文初稿指南。](https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247486113&idx=2&sn=2d975ff5f459526b25046d0d25e9b9fa) + - [ ] [独家揭秘:ChatGPT助力广告学论文初稿快速生成的内部攻略!](https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247486113&idx=3&sn=8ef4aa139f805205d0d62ff888cd5769) + - [ ] [独家揭秘!9年材料科研老兵的文献搜集内部绝密指南。](https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247486113&idx=4&sn=e30c9d109ab824323c910f78e80e50a7) + - [ ] [独家揭秘!用AI辅助网络安全论文初稿快速生成的高分攻略。](https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247486113&idx=5&sn=6b31a2c29bbce13ead1650e69a695cde) + - [ ] [不是,哥!你们网安圈那么抽象的么?](https://mp.weixin.qq.com/s?__biz=MzkwODI1ODgzOA==&mid=2247506503&idx=1&sn=c305dff91ced69c5b1f9ff5ddafd807d) + - [ ] [实战 | 域环境下通过anydesk进入生产网](https://mp.weixin.qq.com/s?__biz=MzUyODkwNDIyMg==&mid=2247546664&idx=1&sn=fd057d1a7854dfa5f0ebd433ee1ed398) + - [ ] [区块链 智能合约安全 重入漏洞](https://mp.weixin.qq.com/s?__biz=MzUyODkwNDIyMg==&mid=2247546664&idx=2&sn=4c18d53fa9dcc5cfebddcb4102d7baaf) + - [ ] [东盟地区APT攻击趋势:聚焦网络安全的新战场](https://mp.weixin.qq.com/s?__biz=Mzg3OTYxODQxNg==&mid=2247485596&idx=1&sn=f4d528677329d17c835b53e3aaa7feb4) + - [ ] [新春活动,翻倍奖金!福利享不停~](https://mp.weixin.qq.com/s?__biz=MzU5MDg0MDc2MQ==&mid=2247496518&idx=1&sn=f48a22cd763034d2dc47db5ee28720ec) + - [ ] [Csrf与Json劫持](https://mp.weixin.qq.com/s?__biz=Mzk0ODY1NzEwMA==&mid=2247485772&idx=1&sn=59e0c43184aaddec6997502fdda3a2be) + - [ ] [微信小程序抓包方式](https://mp.weixin.qq.com/s?__biz=Mzg4NDg3NjE5MQ==&mid=2247485114&idx=1&sn=fb9b1348eac1586c93d73aadc659a3bc) + - [ ] [通过高效的侦察发现关键漏洞接管整个IT基础设施](https://mp.weixin.qq.com/s?__biz=MzI4NTcxMjQ1MA==&mid=2247615101&idx=1&sn=1c11d3cd73b424e3335a64efba88679c) + - [ ] [通知 | 国家网信办就《网络信息内容多渠道分发服务机构相关业务活动管理规定(草案稿)》公开征求意见(附全文)](https://mp.weixin.qq.com/s?__biz=MzkwMTQyODI4Ng==&mid=2247495559&idx=1&sn=2ad25e8767f0eeb988faea4eb4cdd255) + - [ ] [警惕!暗网市场现最新高级免杀服务,可长期绕过主流安全检测](https://mp.weixin.qq.com/s?__biz=MzkyMjQ5ODk5OA==&mid=2247506753&idx=1&sn=c6dacf9030910a5b9eddc826030afb99) + - [ ] [2025年需要防范的五大恶意软件](https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651311815&idx=3&sn=e6c5675db6f0e57973dcd1817459dc10) + - [ ] [盘点网络安全行业那些让领导深恶痛绝的性格!](https://mp.weixin.qq.com/s?__biz=MzUzNjkxODE5MA==&mid=2247488025&idx=1&sn=7e84e26f46b61dd1cc258a94d2ed3773) + - [ ] [春节反诈常识](https://mp.weixin.qq.com/s?__biz=MzA5MTYyMDQ0OQ==&mid=2247493510&idx=1&sn=8e5f68e91641ea3a040bf4ca8c1b09f5) + - [ ] [今日截止!第八届西湖论剑大赛报名将于今日18:00截止~](https://mp.weixin.qq.com/s?__biz=MzU1MzE3Njg2Mw==&mid=2247510220&idx=1&sn=f4a316f50a355d874b4cc38ae4dad77e) + - [ ] [文件包含漏洞等你来看](https://mp.weixin.qq.com/s?__biz=MzI5MTIwOTQ5MA==&mid=2247487572&idx=1&sn=598542b01490ec8a8f9825c4a20f54f6) + - [ ] [【小技巧】怎么调整Burpsuite的字体大小](https://mp.weixin.qq.com/s?__biz=MzI5MTIwOTQ5MA==&mid=2247487572&idx=2&sn=0bd5f93b72cf2c55ffffda9d7371e9e2) + - [ ] [2024年安全四大顶会大陆学者发表论文数量统计](https://mp.weixin.qq.com/s?__biz=MzA3OTQ4OTY5OA==&mid=2653147892&idx=1&sn=9a0a042a06d5b484ffb1d89f756a5ebf) + - [ ] [2024年安全七大顶会大陆机构发表论文数量统计](https://mp.weixin.qq.com/s?__biz=MzA3OTQ4OTY5OA==&mid=2653147891&idx=1&sn=0f9c47eabb0b5502f154baafa3b2ae52) + - [ ] [2024年三大密码会大陆机构发表论文数量统计](https://mp.weixin.qq.com/s?__biz=MzA3OTQ4OTY5OA==&mid=2653147890&idx=1&sn=57d4ab5822b35e22a3d319af3510309b) + - [ ] [实战|记一次代码审计打穿多所高校](https://mp.weixin.qq.com/s?__biz=MzkyMjM5NDM3NQ==&mid=2247486202&idx=1&sn=2d35a85c8d1a352feea4382d8f6f9825) + - [ ] [2024年安全四大顶会大陆机构发表论文数量统计](https://mp.weixin.qq.com/s?__biz=MzA3OTQ4OTY5OA==&mid=2653147889&idx=1&sn=be077ae32c22ef2d64f3d53755ddbfa8) + - [ ] [信奥之路:从启蒙到卓越](https://mp.weixin.qq.com/s?__biz=MzU2NDY2OTU4Nw==&mid=2247518166&idx=1&sn=fc5e06eaa2e74d5cf545596d51ae8f93) + - [ ] [2025年,我们应当如何保护云安全?](https://mp.weixin.qq.com/s?__biz=Mzg3NTY0MjIwNg==&mid=2247485476&idx=1&sn=c22f13f338cc253e4e31b0b59753d950) + - [ ] [大量恶意npm包盯上了开发者](https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651311815&idx=1&sn=40eddfee1242b4b1518db9b0ecb9e786) + - [ ] [一周网安优质PDF资源推荐丨FreeBuf知识大陆](https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651311815&idx=2&sn=f9bf7b789caff212720edecb5c9fb294) + - [ ] [XXEinjector:一款功能强大的自动化XXE注射工具](https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651311815&idx=4&sn=ed616b030da36e54593c0510d6d4aa8a) + - [ ] [VxWorks固件系统研究技术总结一](https://mp.weixin.qq.com/s?__biz=MjM5MjEyMTcyMQ==&mid=2651037259&idx=1&sn=ec2f0980685456e15ec5ae58b3fe415b) + - [ ] [JS Hook脚本分享 | Fixed_window_size](https://mp.weixin.qq.com/s?__biz=MzkzNTcwOTgxMQ==&mid=2247485275&idx=1&sn=513575ad84bb71853764c14c16a001be) + - [ ] [上海市智算中心建设导则(2025年版)](https://mp.weixin.qq.com/s?__biz=MjM5OTk4MDE2MA==&mid=2655263752&idx=1&sn=a4c7652b7d0d40f08fadfb47500374cb) + - [ ] [2024年安全运营五大关键词](https://mp.weixin.qq.com/s?__biz=MjM5OTk4MDE2MA==&mid=2655263752&idx=2&sn=ee7b4367fd9b5533336d41bae1a41cc0) + - [ ] [GB∕T 44463-2024 互联网数据中心(IDC)总体技术要求](https://mp.weixin.qq.com/s?__biz=MjM5OTk4MDE2MA==&mid=2655263752&idx=3&sn=90ce4438de76976c8cccebfe506f6782) + - [ ] [GA∕T 2147-2024 公安视频图像信息系统安全事件分类分级指南](https://mp.weixin.qq.com/s?__biz=MjM5OTk4MDE2MA==&mid=2655263752&idx=4&sn=1a8d313b56c5fe6f5ee4103ef527ae53) + - [ ] [YD∕T 6030-2024 物联网基础安全 网关管理平台安全分级分类管理技术要求](https://mp.weixin.qq.com/s?__biz=MjM5OTk4MDE2MA==&mid=2655263752&idx=5&sn=052472828db8ad3933d76e0196e72577) + - [ ] [YD∕T 6034-2024 互联网域名服务信息安全管理要求](https://mp.weixin.qq.com/s?__biz=MjM5OTk4MDE2MA==&mid=2655263752&idx=6&sn=bd634c27f8a75d8ead0eabaa019c50b0) + - [ ] [YD∕T 6036-2024 移动智能终端安全态势感知平台技术要求](https://mp.weixin.qq.com/s?__biz=MjM5OTk4MDE2MA==&mid=2655263752&idx=7&sn=775ad59404f783eb2cd05ff69b611d68) + - [ ] [YD∕T 6038-2024 物联网基础安全 物联网平台安全分级分类管理技术要求](https://mp.weixin.qq.com/s?__biz=MjM5OTk4MDE2MA==&mid=2655263752&idx=8&sn=43d084f3e379735cb0e52f6e73f60c91) + - [ ] [新的国家情报标准如何使整个社会的 OSINT 专业化](https://mp.weixin.qq.com/s?__biz=MzkxMDIwMTMxMw==&mid=2247494404&idx=1&sn=17c743018b0e4c33f9e4b39670e0bdb8) + - [ ] [【资料】全球和平、恐怖主义、军事化、生态威胁等指数](https://mp.weixin.qq.com/s?__biz=MzI2MTE0NTE3Mw==&mid=2651148514&idx=1&sn=3662709654286db5bff36e15df25195b) + - [ ] [.NET内网实战:通过密码喷射遍历域账户](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498161&idx=1&sn=be37da545ba59c118c2d8331ddebf95e) + - [ ] [.NET 安全攻防知识交流社区](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498161&idx=2&sn=cb9eb4af6f38a0fdf4bec4b4c0b9af0e) + - [ ] [.NET 第54期红队武器库和资源汇总](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498161&idx=3&sn=0bdf117aa614c48e6e2fa2e51a3e83eb) + - [ ] [美国军事资金的3%(300亿美元)专款用于网络安全建设](https://mp.weixin.qq.com/s?__biz=MzkwNDI0MjkzOA==&mid=2247485648&idx=1&sn=9d2a476f4ca9e09f4e586b461c5e540b) + - [ ] [【警惕!】带着脑子辨别网安传销与培训诈骗](https://mp.weixin.qq.com/s?__biz=MzkxMTUwOTY1MA==&mid=2247489979&idx=1&sn=7504423edbf1814042a0cd8721329e53) + - [ ] [海康威视AK/SK泄露利用](https://mp.weixin.qq.com/s?__biz=MzU0MTc2NTExNg==&mid=2247491476&idx=1&sn=f36ac4a80164cf5e6fcc8d37c6123ab8) + - [ ] [2025开年大瓜:七年红队大牛教你什么是《炮塔》](https://mp.weixin.qq.com/s?__biz=MzkyOTQzNjIwNw==&mid=2247491387&idx=1&sn=318437e24f0dee591576c17b1865f082) + - [ ] [禅道CMS开源版SQL注入漏洞分析](https://mp.weixin.qq.com/s?__biz=Mzk0Mzc1MTI2Nw==&mid=2247487016&idx=1&sn=740c4dccda5bc675cb15d583a7867ad6) + - [ ] [【电子取证入门电子书】DFIR蘇小沐电子数据取证实务教程v20250110](https://mp.weixin.qq.com/s?__biz=Mzg3NTU3NTY0Nw==&mid=2247489493&idx=1&sn=c1cefd6ab9f90e9a27866ee920c4f9c9) + - [ ] [从被撤稿看网络安全法](https://mp.weixin.qq.com/s?__biz=MzkxNTY4NTQwMg==&mid=2247484243&idx=1&sn=45bfda4281542cab87e4c57741928f3a) + - [ ] [Yarr:一款简洁高效的 RSS 阅读器,让你轻松追蹤资讯!](https://mp.weixin.qq.com/s?__biz=MzA4MjkzMTcxMg==&mid=2449046655&idx=1&sn=683d1691190a69cc712b6b914ae85d74) + - [ ] [CISA紧急警告:Oracle与Mitel高危漏洞正被攻击者利用,企业需立即修复!](https://mp.weixin.qq.com/s?__biz=MzA4NTY4MjAyMQ==&mid=2447900022&idx=1&sn=468ab732933d168f76e10f10d930551d) + - [ ] [使用 LeakIX 查找易受攻击的主机](https://mp.weixin.qq.com/s?__biz=MzkwOTE5MDY5NA==&mid=2247504444&idx=1&sn=ca2fbdb4c118e45c099026b71f549f33) + - [ ] [2024年度上海网络与信息安全测评工程技术研究中心开放课题申请指南](https://mp.weixin.qq.com/s?__biz=MzU5MTM5MTQ2MA==&mid=2247491552&idx=1&sn=f1a376f0e49cff2ddca8fd74d0ecb5d9) + - [ ] [为啥找黑客帮忙的人,绝大多数都上当了呢?](https://mp.weixin.qq.com/s?__biz=MzkxMjYxODcyNA==&mid=2247485444&idx=1&sn=b7d97d3a17d6472120303b2c242c4bcb) + - [ ] [NETworkManager 强大的网络管理工具](https://mp.weixin.qq.com/s?__biz=MzkyNzIxMjM3Mg==&mid=2247488859&idx=1&sn=b74a7ab8bb978845a04a6f96cf7f17d6) + - [ ] [魔怔了](https://mp.weixin.qq.com/s?__biz=MzkyNzIxMjM3Mg==&mid=2247488859&idx=2&sn=57f256d8d6bd915fbb90714b789e06a2) + - [ ] [21119_ctfshow_misc_1024_重新签到xa0writeup](https://mp.weixin.qq.com/s?__biz=MzU2NzIzNzU4Mg==&mid=2247489458&idx=1&sn=a04fdf96f697a07c4c6f042dda66b812) + - [ ] [在线游戏靶场【overthewire.org】之linux基础练兵场](https://mp.weixin.qq.com/s?__biz=MzAxNTg1MDYxNA==&mid=2247488316&idx=1&sn=0d2d1f896068b716e0ddf57a87a7fe08) + - [ ] [来啊、浑蛋、那就对着我打!!!](https://mp.weixin.qq.com/s?__biz=Mzk0NDQwMDY1Nw==&mid=2247485783&idx=1&sn=18cd0973bc2d333b15a3053c155729b4) + - [ ] [2024年中网络安全威胁全解析:你,我,都身处其中(附下载)](https://mp.weixin.qq.com/s?__biz=MzkyODY5ODAyOA==&mid=2247489199&idx=1&sn=84d006f71c9995570547e4f7fb6df985) + - [ ] [国外:一周网络安全态势回顾之第81期](https://mp.weixin.qq.com/s?__biz=Mzg2NjY2MTI3Mg==&mid=2247498173&idx=1&sn=7afa71c7e7649ce5daf390576355983e) + - [ ] [暗网情报五则:涉美财政部数据泄露、以色列军队医院、中国股票业务公司数据、中国汽车经销商客户关系数据等](https://mp.weixin.qq.com/s?__biz=MzkyMjQ5ODk5OA==&mid=2247506753&idx=2&sn=2a87fbe42656da803e7b40a2b53ae278) + - [ ] [每周网安态势概览【20250112】002期](https://mp.weixin.qq.com/s?__biz=MzkyMjQ5ODk5OA==&mid=2247506753&idx=3&sn=5f0dfaa5af1377939b33c49069ee361f) + - [ ] [广西多家企业不履行网络安全保护义务被依法处罚](https://mp.weixin.qq.com/s?__biz=MzkxNTI2NTQxOA==&mid=2247495935&idx=1&sn=8e944270687efaf0287b59b0c6b1509a) + - [ ] [中信银行日照分行因“未及时处置数据安全漏洞风险”等被罚54万元](https://mp.weixin.qq.com/s?__biz=MzkxNTI2NTQxOA==&mid=2247495935&idx=2&sn=00a08f04efcb34f608a0a212fe9f18a0) + - [ ] [中国证监会《期货公司互联网营销管理规定(征求意见稿)》公开征求意见](https://mp.weixin.qq.com/s?__biz=MzkxNTI2NTQxOA==&mid=2247495935&idx=3&sn=59120d2fb2aa126651098e343db5d757) + - [ ] [假冒地图软件应用推广员 诈骗团伙盗取信息非法获利](https://mp.weixin.qq.com/s?__biz=MzkxNTI2NTQxOA==&mid=2247495935&idx=4&sn=2310f32e2838a70b5d64d6283d7c3b00) + - [ ] [这些网安“传奇产品”都凉了?](https://mp.weixin.qq.com/s?__biz=Mzg5OTg5OTI1NQ==&mid=2247489685&idx=1&sn=cb450029238b217c0e62810c2d9ea3e4) + - [ ] [【神兵利器】 Socks5 代理采集与使用工具](https://mp.weixin.qq.com/s?__biz=Mzg4MTU4NTc2Nw==&mid=2247494929&idx=1&sn=593a633db1de3399bf433ffed8be4bcc) + - [ ] [Linux环境反弹shell原理与姿势](https://mp.weixin.qq.com/s?__biz=Mzg4MTU4NTc2Nw==&mid=2247494929&idx=2&sn=423a37e0a046706839a0673709de6da3) +- Der Flounder + - [ ] [Generating randomized long usernames for Jamf Pro standard user accounts](https://derflounder.wordpress.com/2025/01/12/generating-randomized-long-usernames-for-jamf-pro-standard-users/) +- CXSECURITY Database RSS Feed - CXSecurity.com + - [ ] [Ecommerce-PHP-kurniaramadhan-1.0- Stored Cross Site Scripting](https://cxsecurity.com/issue/WLB-2025010013) +- Blogs on STAR Labs + - [ ] [Celebrating 7 Years of STAR Labs SG](https://starlabs.sg/blog/2025/01-celebrating-7-years/) +- MaskRay + - [ ] [Understanding and improving Clang -ftime-report](https://maskray.me/blog/2025-01-12-understanding-and-improving-clang-ftime-report) +- Recent Commits to cve:main + - [ ] [Update Sun Jan 12 20:21:03 UTC 2025](https://github.com/trickest/cve/commit/cc05860a3fa72fd7eeb469c2f4c3c2393bdf9799) + - [ ] [Update Sun Jan 12 12:11:36 UTC 2025](https://github.com/trickest/cve/commit/bc5f623348434ad1564e0c0b3b25484b76ac5bce) + - [ ] [Update Sun Jan 12 03:57:29 UTC 2025](https://github.com/trickest/cve/commit/53bdd20be67eb117cbfb421f1172dacc167ade8d) +- 一个被知识诅咒的人 + - [ ] [Python协程与生成器深度解析:从yield到async的演进之路](https://blog.csdn.net/nokiaguy/article/details/145091808) + - [ ] [Python数据类(dataclass):简化类的定义与数据管理](https://blog.csdn.net/nokiaguy/article/details/145091802) +- Twitter @bytehx + - [ ] [Re @hbenja_m @Bugcrowd That is a very good explanation. Thanks for sharing!](https://x.com/bytehx343/status/1878340302697824475) +- CCC Event Blog + - [ ] [38C3: Last (and Lost) Things](https://events.ccc.de/2025/01/12/38c3-last-things/) +- Reverse Engineering + - [ ] [Core Explorer, a core dump analysis tool that runs in the browser](https://www.reddit.com/r/ReverseEngineering/comments/1hzy97x/core_explorer_a_core_dump_analysis_tool_that_runs/) +- FreeBuf网络安全行业门户 + - [ ] [网络安全市场的“冬天”还长](https://www.freebuf.com/articles/neopoints/419651.html) +- 奇客Solidot–传递最新科技情报 + - [ ] [台积电亚利桑那州工厂开始量产 4 纳米芯片](https://www.solidot.org/story?sid=80310) + - [ ] [安然宣布预售蛋形家用核反应堆](https://www.solidot.org/story?sid=80309) + - [ ] [加拿大灭火飞机疑与无人机相撞受损停飞](https://www.solidot.org/story?sid=80308) +- dotNet安全矩阵 + - [ ] [.NET内网实战:通过密码喷射遍历域账户](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498161&idx=1&sn=be37da545ba59c118c2d8331ddebf95e&chksm=fa59575ccd2ede4a649d9a0b0a50098ed73b9a63406c87ad5501b7b911333561666fb79b058a&scene=58&subscene=0#rd) + - [ ] [.NET 安全攻防知识交流社区](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498161&idx=2&sn=cb9eb4af6f38a0fdf4bec4b4c0b9af0e&chksm=fa59575ccd2ede4af7bc01070c20719aa57677190a7abc5c307d5d82adcea645f6d47879c671&scene=58&subscene=0#rd) + - [ ] [.NET 第54期红队武器库和资源汇总](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498161&idx=3&sn=0bdf117aa614c48e6e2fa2e51a3e83eb&chksm=fa59575ccd2ede4a84e6210bd8ee96f463cb3a9b0b75bb9c70b96a5a0bdc4420e9ed4ed132fd&scene=58&subscene=0#rd) +- 丁爸 情报分析师的工具箱 + - [ ] [【资料】全球和平、恐怖主义、军事化、生态威胁等指数](https://mp.weixin.qq.com/s?__biz=MzI2MTE0NTE3Mw==&mid=2651148514&idx=1&sn=3662709654286db5bff36e15df25195b&chksm=f1af27d8c6d8aece6156e703a95e85d1ba2b73fefb64d14a75c43344e36d8f73bacd9081ee78&scene=58&subscene=0#rd) +- 认知独省 + - [ ] [攻防3.0 - 信任攻击](https://mp.weixin.qq.com/s?__biz=MzU0NTI4MDQwMQ==&mid=2247484194&idx=1&sn=cb404b0fcfa2490d458d482fa704e98a&chksm=fb6e1bdccc1992cafa5f8bb0a62392a5c3106254f7cf233badf5cd133389fd95f6ac43fdde1d&scene=58&subscene=0#rd) +- 安全学术圈 + - [ ] [2024年度上海网络与信息安全测评工程技术研究中心开放课题申请指南](https://mp.weixin.qq.com/s?__biz=MzU5MTM5MTQ2MA==&mid=2247491552&idx=1&sn=f1a376f0e49cff2ddca8fd74d0ecb5d9&chksm=fe2ee06bc959697dfc17c1f03a2e333582869bfcf92999139190432c960e259a75bb8f9aef7d&scene=58&subscene=0#rd) +- 网络空间安全科学学报 + - [ ] [学术前沿 | 国防科技大学李爱平教授团队:物联网威胁情报知识图谱综述](https://mp.weixin.qq.com/s?__biz=MzI0NjU2NDMwNQ==&mid=2247504588&idx=1&sn=2d8592df92f5803bf485752d5f217d87&chksm=e9bfc672dec84f64e1b5b257c4048e3bbf80232a46cb63503acfd5a8c04a35f89fca0fc9aaa4&scene=58&subscene=0#rd) +- 安全圈 + - [ ] [【安全圈】腾讯协助警方破获木马盗窃游戏账号案,涉案金额超 3000 万](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067304&idx=1&sn=e99889dcbf4e15a2ad7a2217e3f850a3&chksm=f36e79a8c419f0be15d9a86cb5b587e283772858d26f145297e29b9b3cde7371bfdb14bf0184&scene=58&subscene=0#rd) + - [ ] [【安全圈】勒索木马 Banshee 针对苹果 macOS 下手,冒充安全组件躲避检测](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067304&idx=2&sn=72944b1de7bb9205840492e28ba936b4&chksm=f36e79a8c419f0beeb3739f5c2b85fca0f00fde58f920f33c1f515465e6d0cb38db195bc441a&scene=58&subscene=0#rd) + - [ ] [【安全圈】卡西欧遭勒索软件攻击?8500人数据被窃取!](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067304&idx=3&sn=1f094579cd41cb8e1f1583f6eb592503&chksm=f36e79a8c419f0be1987e866d745c558b9b4a20e4ada1f1f63ccf2a0b42d84e9bf4434724c69&scene=58&subscene=0#rd) +- 极客公园 + - [ ] [AI 巨头花钱买 UP 主「废片」训练 AI;「三折叠」投影仪现身;多地现发光不明飞行物,应急局:未接到异常通知|极客早知道](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653071852&idx=1&sn=8bfae10375f4237c5a546b2df6f3acac&chksm=7e57d45a49205d4c804e47147898cbc9af5d4a4c7a5749e93da824310ba3f5332631ec136946&scene=58&subscene=0#rd) +- 吴鲁加 + - [ ] [最近在试的学习工作方法](https://mp.weixin.qq.com/s?__biz=Mzg5NDY4ODM1MA==&mid=2247485142&idx=1&sn=404d04f9faadc52634e236ebd8a95b9a&chksm=c01a8be7f76d02f16927f92ee10be8d20555c480f00ae93e372a6421d5e07b5fdcd0d10c252f&scene=58&subscene=0#rd) +- Over Security - Cybersecurity news aggregator + - [ ] [Phishing texts trick Apple iMessage users into disabling protection](https://www.bleepingcomputer.com/news/security/phishing-texts-trick-apple-imessage-users-into-disabling-protection/) + - [ ] [Pastor who saw crypto project in his "dream" indicted for fraud](https://www.bleepingcomputer.com/news/legal/pastor-who-saw-crypto-project-in-his-dream-indicted-for-fraud/) + - [ ] [Guerre di Rete - Italia, Musk e Ue: che partite si stanno giocando](https://guerredirete.substack.com/p/guerre-di-rete-italia-musk-e-ue-che) + - [ ] [Analysis of Counter-Ransomware Activities in 2024](https://blog.bushidotoken.net/2025/01/analysis-of-counter-ransomware.html) + - [ ] [SuperDraft - 300,187 breached accounts](https://haveibeenpwned.com/PwnedWebsites#SuperDraft) +- IT Service Management News + - [ ] [US Cyber Trust Mark Program](http://blog.cesaregallotti.it/2025/01/us-cyber-trust-mark-program.html) +- Have I Been Pwned latest breaches + - [ ] [SuperDraft - 300,187 breached accounts](https://haveibeenpwned.com/PwnedWebsites#SuperDraft) +- SANS Internet Storm Center, InfoCON: green + - [ ] [Multi-OLE, (Sun, Jan 12th)](https://isc.sans.edu/diary/rss/31580) + - [ ] [Wireshark 4.4.3 Released, (Sat, Jan 11th)](https://isc.sans.edu/diary/rss/31578) +- Troy Hunt's Blog + - [ ] [Weekly Update 434](https://www.troyhunt.com/weekly-update-434/) +- TorrentFreak + - [ ] [Nhentai Asks California Court to Dismiss Piracy Lawsuit](https://torrentfreak.com/nhentai-asks-california-court-to-dismiss-piracy-lawsuit-250112/) +- 白泽安全实验室 + - [ ] [网络安全领域研究人员遭遇假PoC专项攻击](https://mp.weixin.qq.com/s?__biz=MzI0MTE4ODY3Nw==&mid=2247492518&idx=1&sn=d4196de8b812e3a2d29209b50328cec0&chksm=e90dc98cde7a409a795581029d39c4e66bc71c3ad662c7e7c84782d0baae9a74a858889ab838&scene=58&subscene=0#rd) +- FuzzWiki + - [ ] [Bleem: 面向数据包序列的协议模糊测试 | 技术进展](https://mp.weixin.qq.com/s?__biz=MzU1NTEzODc3MQ==&mid=2247486874&idx=1&sn=311b59a1953758bc2f69485cbf107d4b&chksm=fbd9a626ccae2f30d7167e5d9ee742af35355e569368a8dbc1d983fbcb3d90104f174138b5fa&scene=58&subscene=0#rd) +- 迪哥讲事 + - [ ] [SSRF 漏洞自动化 寻找](https://mp.weixin.qq.com/s?__biz=MzIzMTIzNTM0MA==&mid=2247496832&idx=1&sn=5c72712e20772f2279b09ca9a748afc2&chksm=e8a5fee3dfd277f5990fbe3dfe7247c7dd7bf125a233ad4ec99a8afb49b1b2e29ae25f7866b6&scene=58&subscene=0#rd) +- Computer Forensics + - [ ] [Dream equipement](https://www.reddit.com/r/computerforensics/comments/1hzw6t7/dream_equipement/) + - [ ] [Will live acquisition result in different hash values using FTK?](https://www.reddit.com/r/computerforensics/comments/1hzp7ny/will_live_acquisition_result_in_different_hash/) +- Your Open Hacker Community + - [ ] [Check out a botnet (c2) framework I made!](https://www.reddit.com/r/HowToHack/comments/1hztta4/check_out_a_botnet_c2_framework_i_made/) + - [ ] [Dell admin pw](https://www.reddit.com/r/HowToHack/comments/1hzvwwu/dell_admin_pw/) + - [ ] [Where to find phishing templates?](https://www.reddit.com/r/HowToHack/comments/1hzlv04/where_to_find_phishing_templates/) + - [ ] [Trace a call spoofer](https://www.reddit.com/r/HowToHack/comments/1hzpbak/trace_a_call_spoofer/) + - [ ] [Does anyone know any effective websites to learn efficient and relevant hacking methods that teach with simplicity and are free](https://www.reddit.com/r/HowToHack/comments/1hzsc4j/does_anyone_know_any_effective_websites_to_learn/) + - [ ] [KANN MAN HIER HACKEN LERNEN ?](https://www.reddit.com/r/HowToHack/comments/1hzv1o0/kann_man_hier_hacken_lernen/) + - [ ] [Need help with switching accounts once logged into a site](https://www.reddit.com/r/HowToHack/comments/1hzjamc/need_help_with_switching_accounts_once_logged/) + - [ ] [Help](https://www.reddit.com/r/HowToHack/comments/1hzi5gh/help/) + - [ ] [Hi guys, Can someone crack a $zip2$ hash?](https://www.reddit.com/r/HowToHack/comments/1hzgzjv/hi_guys_can_someone_crack_a_zip2_hash/) + - [ ] [Hack Iphone with charger](https://www.reddit.com/r/HowToHack/comments/1hzbsmp/hack_iphone_with_charger/) + - [ ] [IP](https://www.reddit.com/r/HowToHack/comments/1hzdh3n/ip/) +- Technical Information Security Content & Discussion + - [ ] [Exploitation Walkthrough and Techniques - Ivanti Connect Secure RCE (CVE-2025-0282) - watchTowr Labs](https://www.reddit.com/r/netsec/comments/1hzipca/exploitation_walkthrough_and_techniques_ivanti/) +- Hacking Exposed Computer Forensics Blog + - [ ] [Daily Blog #715: Solution Saturday 1/11/25](https://www.hecfblog.com/2025/01/daily-blog-715-solution-saturday-11125.html) +- Security Affairs + - [ ] [Pro-Russia hackers NoName057 targets Italy again after Zelensky’s visit to the country](https://securityaffairs.com/172982/hacktivism/noname057-targets-italy.html) + - [ ] [SECURITY AFFAIRS MALWARE NEWSLETTER – ROUND 28](https://securityaffairs.com/172978/malware/security-affairs-malware-newsletter-round-28.html) + - [ ] [Security Affairs newsletter Round 506 by Pierluigi Paganini – INTERNATIONAL EDITION](https://securityaffairs.com/172972/breaking-news/security-affairs-newsletter-round-506-by-pierluigi-paganini-international-edition.html) + - [ ] [How a researcher earned $100,000 hacking a Facebook server](https://securityaffairs.com/172964/hacking/researcher-earned-100000-hacking-facebook-server.html) +- Blackhat Library: Hacking techniques and research + - [ ] [Black Hat Training pass doesn't include main event Briefings](https://www.reddit.com/r/blackhat/comments/1hzs0nd/black_hat_training_pass_doesnt_include_main_event/) +- Randy Westergren + - [ ] [Building pyodbc for AWS Lambda’s Python 3.13 Runtime](https://randywestergren.com/building-pyodbc-for-aws-lambdas-python-3-13-runtime/) +- 银针安全 + - [ ] [在spring-aop中挖掘新反序列化gadget-chain](https://mp.weixin.qq.com/s?__biz=Mzg2MDY2ODc5MA==&mid=2247484198&idx=1&sn=6b6a82bb543e879295b7cd2d85f3a37f&chksm=ce23953ff9541c29418831b4e192b385e5c92d59562b40a7a28283e8468773caac9ad9736b1c&scene=58&subscene=0#rd) +- Dark Space Blogspot + - [ ] [Il Segreto Di Chiavalentine Su Youtube: Successo Reale o Fake?](http://darkwhite666.blogspot.com/2025/01/il-segreto-del-successo-di.html) diff --git a/archive/tmp/2025-01-13.json b/archive/tmp/2025-01-13.json new file mode 100644 index 0000000000..903f309e2d --- /dev/null +++ b/archive/tmp/2025-01-13.json @@ -0,0 +1,340 @@ +{ + "SecWiki News": { + "SecWiki News 2025-01-12 Review": "http://www.sec-wiki.com/?2025-01-12" + }, + "Private Feed for M09Ic": { + "safedv starred m4b/goblin": "https://github.com/m4b/goblin", + "skelsec released v1.2 at octopwn/octopwn-wasm-documentation": "https://github.com/octopwn/octopwn-wasm-documentation/releases/tag/v1.2", + "liamg starred Cyan4973/xxHash": "https://github.com/Cyan4973/xxHash", + "liamg starred ogxd/gxhash": "https://github.com/ogxd/gxhash", + "liamg starred hybridgroup/go-haystack": "https://github.com/hybridgroup/go-haystack", + "safedv starred klezVirus/SilentMoonwalk": "https://github.com/klezVirus/SilentMoonwalk", + "safedv starred Yaxxine7/ASRepCatcher": "https://github.com/Yaxxine7/ASRepCatcher", + "safedv starred LuemmelSec/APEX": "https://github.com/LuemmelSec/APEX", + "safedv starred Teach2Breach/snapinject_rs": "https://github.com/Teach2Breach/snapinject_rs", + "safedv starred djackreuter/btexec": "https://github.com/djackreuter/btexec", + "safedv starred BlackSnufkin/Rusty-Playground": "https://github.com/BlackSnufkin/Rusty-Playground", + "panjf2000 starred mudler/LocalAI": "https://github.com/mudler/LocalAI" + }, + "Security Boulevard": { + "The Vanity Press in Academia": "https://securityboulevard.com/2025/01/the-vanity-press-in-academia/", + "DEF CON 32 – Open Source Hacker V. Government Lawyer": "https://securityboulevard.com/2025/01/def-con-32-open-source-hacker-v-government-lawyer/", + "PCI DSS Requirements With v4.0.1 Updates For 2024": "https://securityboulevard.com/2025/01/pci-dss-requirements-with-v4-0-1-updates-for-2024/", + "What is PCI DSS 4.0: Is This Still Applicable For 2024?": "https://securityboulevard.com/2025/01/what-is-pci-dss-4-0-is-this-still-applicable-for-2024/" + }, + "Doonsec's feed": { + "老牌免杀工具veil免杀": "https://mp.weixin.qq.com/s?__biz=MzU4MjYxNTYwNA==&mid=2247487586&idx=1&sn=580b6b99b07e7b2d60df7ccedd172155", + "最新公告!可拨打12336举报泄密或保密违法违规行为": "https://mp.weixin.qq.com/s?__biz=MzI3NzM5NDA0NA==&mid=2247490237&idx=1&sn=4b60620bdc57dda141d8ec196e6aae9d", + "第二届獬豸杯 期望时间统计": "https://mp.weixin.qq.com/s?__biz=MzkzNTQzNTQzMQ==&mid=2247485316&idx=1&sn=a79943db1ccb943a5f352bfb659fb23b", + "盲猜2024年出生人口,900-930万之间": "https://mp.weixin.qq.com/s?__biz=MzkwMzI1ODUwNA==&mid=2247487808&idx=1&sn=b9284860c9b323bee6e1f20a50cd932c", + "在 Kali 上利用 Zmap 搭建攻击炮台": "https://mp.weixin.qq.com/s?__biz=Mzg3OTUxNTU2NQ==&mid=2247489972&idx=1&sn=bc2d1d4fe2b6fd60fcb4dc23c290f745", + "再说 API 安全:52个可被利用的弱点分析": "https://mp.weixin.qq.com/s?__biz=Mzg3OTUxNTU2NQ==&mid=2247489972&idx=2&sn=b0255b231297a0608167a5b2afa46867", + "探秘缅甸诈骗产业链,美国为何能成为 “例外”?惊人真相曝光!": "https://mp.weixin.qq.com/s?__biz=Mzg3OTUxNTU2NQ==&mid=2247489972&idx=3&sn=a1b8e66e4a1273000914f77111051201", + "开源情报|军事动态|美国军事医疗AI试点的战略意图分析": "https://mp.weixin.qq.com/s?__biz=Mzg2NTcyNjU4Nw==&mid=2247485849&idx=1&sn=04dd254dfb2728a2b9aac91874acd731", + "【工具更新】Nessus 最新windows/ubuntu版Cracked(附下载)": "https://mp.weixin.qq.com/s?__biz=Mzk0NjQ5MTM1MA==&mid=2247492783&idx=1&sn=f3eb1a652c0c48844181dbe7ef02e859", + "HTB-EscapeTwo": "https://mp.weixin.qq.com/s?__biz=Mzk0MTQxOTA3Ng==&mid=2247489297&idx=1&sn=b0ffebdfd3a6487f693f72266dfdea81", + "奇安信十年战略演变,2025将会去向何方?": "https://mp.weixin.qq.com/s?__biz=MzAxOTk3NTg5OQ==&mid=2247492157&idx=1&sn=6ca188023575d8e0b7fe73143bb8b4f6", + "沈逸:构建系统性国家战略和完备法律应对网络安全威胁": "https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485399&idx=1&sn=ed19d839bcd07df958388f69d835d849", + "【直卖实拍】北七家3居变4居豪装,理想楼层、户型、朝向": "https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485399&idx=2&sn=7839308f2bbfb1c87f3f67da9514b04c", + "【干货】笑傲职场的独家经验(1)": "https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485399&idx=3&sn=003268c4507b82995cc22aa9b8be9caf", + "【干货原创】实网攻防演习常态化,会带来什么变化01": "https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485399&idx=4&sn=4bf0aaa6b237c29ebbffca4d8efe20f5", + "【干货原创】K12教育,鲜为人知的模式秘密": "https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485399&idx=5&sn=612460e36200e9070bff5286c1e7641f", + "【云安全】AccessKey泄露-安全问题分析": "https://mp.weixin.qq.com/s?__biz=MzUyNTUyNTA5OQ==&mid=2247484392&idx=1&sn=c8e8b6f7c95e894a44040d9c69cdd7e6", + "【不要看】修复 CS 4.8、4.9 截图保存为空 bug": "https://mp.weixin.qq.com/s?__biz=Mzg5MDg0NzUzMw==&mid=2247484343&idx=1&sn=c4f25f132bcc360975cfabf5a10a7d00", + "SSRF 漏洞自动化 寻找": "https://mp.weixin.qq.com/s?__biz=MzIzMTIzNTM0MA==&mid=2247496832&idx=1&sn=5c72712e20772f2279b09ca9a748afc2", + "JeecgBoot passwordChange 任意用户密码重置漏洞": "https://mp.weixin.qq.com/s?__biz=MzkzMTcwMTg1Mg==&mid=2247490122&idx=1&sn=53609c160a2964063bb4bc1b113c77b8", + "攻防3.0 - 信任攻击": "https://mp.weixin.qq.com/s?__biz=MzU0NTI4MDQwMQ==&mid=2247484194&idx=1&sn=cb404b0fcfa2490d458d482fa704e98a", + "我的评价是雀氏不错!": "https://mp.weixin.qq.com/s?__biz=Mzk0ODM0NDIxNQ==&mid=2247493263&idx=1&sn=ac3d3e4ada3080ab6307d47ef976124e", + "又是谁统计📉": "https://mp.weixin.qq.com/s?__biz=MzAwMjQ2NTQ4Mg==&mid=2247496568&idx=1&sn=d1c783dfd0596633a2f0987a713d6544", + "国护成功溯源的攻击事件": "https://mp.weixin.qq.com/s?__biz=MzAwMjQ2NTQ4Mg==&mid=2247496568&idx=2&sn=15d3082cae89edff90bef47052b40e3d", + "Sekiro+Yakit 热加载无痛绕sign": "https://mp.weixin.qq.com/s?__biz=Mzg4Mzg2MjgxNg==&mid=2247485601&idx=1&sn=d35f997e047ae7ff451a8b0cbdd0fd32", + "分享的图片、视频、链接": "https://mp.weixin.qq.com/s?__biz=MzkyNTQyMzk0MA==&mid=2247484677&idx=1&sn=d516ac44f6cb69e2fe1d0d790ca55e0a", + "2025版最新vmware虚拟机下载安装及使用教程(非常详细)零基础入门到精通,收藏这篇就够了": "https://mp.weixin.qq.com/s?__biz=Mzk1NzMwNTM5NQ==&mid=2247483778&idx=1&sn=8f994e5be5db7a988192f9eb5e65d5f3", + "我的评价是全是干货": "https://mp.weixin.qq.com/s?__biz=Mzg2ODYxMzY3OQ==&mid=2247518178&idx=1&sn=1784f7c0cf09898d76e4898883ec6570", + "“WorstFit”学习": "https://mp.weixin.qq.com/s?__biz=MzkyODUzMjEzOA==&mid=2247483844&idx=1&sn=4ee90bc1b7dc42b880998bfaadb02af4", + "【安全工具】一款免费的APP IOS抓包工具 支持Flutter应用抓包|漏洞探测": "https://mp.weixin.qq.com/s?__biz=MzA5MzYzMzkzNg==&mid=2650962428&idx=1&sn=b6d1444de2a91eaf1aa348721b0ce44f", + "@所有人,手机、电视可设置地震预警": "https://mp.weixin.qq.com/s?__biz=MzA5MzYzMzkzNg==&mid=2650962428&idx=2&sn=385568e41c3f6747ea879e9d5d2fee80", + "2025年1月哪一款手机性价比高?全品牌、全价位手机推荐与选购指南(万字版)": "https://mp.weixin.qq.com/s?__biz=MzA5MzYzMzkzNg==&mid=2650962428&idx=3&sn=c2c40168926041d7f0ed19353de9df69", + "【艺术鉴赏】抖音直播更新,睡眠更新小一熟了视频": "https://mp.weixin.qq.com/s?__biz=MzA5MzYzMzkzNg==&mid=2650962428&idx=4&sn=f5d5c2e737809957a84698e2f020f2c6", + "【漏洞复现】CVE-2024-50603": "https://mp.weixin.qq.com/s?__biz=MzUxMTk4OTA1NQ==&mid=2247484899&idx=1&sn=ebdbb1fe5f94622276851862e5a4dbb5", + "国家保密局公告!": "https://mp.weixin.qq.com/s?__biz=MzI5NTM4OTQ5Mg==&mid=2247633750&idx=1&sn=218e67e73d6e8930e26ddb1c7bfca532", + "扎实推动数据工作取得新突破新进展,全国数据工作会议在京召开": "https://mp.weixin.qq.com/s?__biz=MzI5NTM4OTQ5Mg==&mid=2247633750&idx=2&sn=1c888a7557747fd2599fcb1e431e5747", + "网络安全市场正面临“红海”困境": "https://mp.weixin.qq.com/s?__biz=MzI5NTM4OTQ5Mg==&mid=2247633750&idx=3&sn=13095461ade11d1fd2e6c3a2b593979f", + "2025 年美国军费的 3%(300 亿美元)用于网络安全": "https://mp.weixin.qq.com/s?__biz=MzI5NTM4OTQ5Mg==&mid=2247633750&idx=4&sn=cc30ff23a8d536a16b5c79922cbe6dd4", + "首次!欧盟官方因违反数据保护法规向用户赔偿3000元": "https://mp.weixin.qq.com/s?__biz=MzI5NTM4OTQ5Mg==&mid=2247633750&idx=5&sn=ebc4a68c6f3c91b3d97e4e88828499a3", + "【极思】安全运营第6年实践总结": "https://mp.weixin.qq.com/s?__biz=MzI2NTMwNjYyMA==&mid=2247484980&idx=1&sn=f83670f089e041e2071a66c2436c1e2b", + "Powershell使用指南": "https://mp.weixin.qq.com/s?__biz=Mzk1Nzk0NDY3Nw==&mid=2247484058&idx=1&sn=278d5f6c0faf6206a391f655f08af6e1", + "【网络安全实验室】渗透测试综合实战": "https://mp.weixin.qq.com/s?__biz=Mzg5NTU2NjA1Mw==&mid=2247495993&idx=1&sn=d979b7c06d07e0afdff5f066d3ad97d3", + "《黑客安全报告2024-2025》第 8 版请查阅": "https://mp.weixin.qq.com/s?__biz=MzA3MTM0NTQzNA==&mid=2455780124&idx=1&sn=65a340bd360728d417c9379976fe1de2", + "DC靶场系列--DC-3": "https://mp.weixin.qq.com/s?__biz=Mzk1NzIzMzQ3OA==&mid=2247484222&idx=1&sn=34a784d7d46663dd4452ad71caa78152", + "从车内入侵检测到攻击防护响应": "https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247619327&idx=1&sn=ee4dbe6a3305f75cbd3566da337518b3", + "GB T 汽车信息安全应急响应管理指南-市场监督总局、国标委 (征求意见稿)": "https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247619327&idx=2&sn=9774d4bb12c8732e5292772f6445cce1", + "GB T 41871-2022 信息安全技术u3000汽车数据处理安全要求": "https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247619327&idx=3&sn=6b9e0fe22c31420d410f000fa3e46abc", + "蓝凌OA WebService sysFormMainDataInsystemWebservice 任意文件读取漏洞": "https://mp.weixin.qq.com/s?__biz=MzkzMTcwMTg1Mg==&mid=2247490110&idx=1&sn=f8eff8b0b09439af303df311d04a6b75", + "Qt 开源 Serial Studio 支持串口、MQTT、BLE的嵌入式可视化工具": "https://mp.weixin.qq.com/s?__biz=MjM5OTA4MzA0MA==&mid=2454936573&idx=1&sn=fd087acdd19e1ec79e0d44f75ecd1ee2", + "学术前沿 | 国防科技大学李爱平教授团队:物联网威胁情报知识图谱综述": "https://mp.weixin.qq.com/s?__biz=MzI0NjU2NDMwNQ==&mid=2247504588&idx=1&sn=2d8592df92f5803bf485752d5f217d87", + "21124_ctfshow_misc_原谅3_来份色图xa0writeup": "https://mp.weixin.qq.com/s?__biz=MzU2NzIzNzU4Mg==&mid=2247489475&idx=1&sn=759bb9966312d2339d39de30003fd7ce", + "【安全圈】腾讯协助警方破获木马盗窃游戏账号案,涉案金额超 3000 万": "https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067304&idx=1&sn=e99889dcbf4e15a2ad7a2217e3f850a3", + "【安全圈】勒索木马 Banshee 针对苹果 macOS 下手,冒充安全组件躲避检测": "https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067304&idx=2&sn=72944b1de7bb9205840492e28ba936b4", + "【安全圈】卡西欧遭勒索软件攻击?8500人数据被窃取!": "https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067304&idx=3&sn=1f094579cd41cb8e1f1583f6eb592503", + "知识星球xa0|xa0网安战略技术、网安产业分析等资源更新;历年网安报告、PPT合集下载": "https://mp.weixin.qq.com/s?__biz=MzU5ODgzNTExOQ==&mid=2247634477&idx=1&sn=f16b5cd9732e725dd39a79d93e3e0c0f", + "2025-悟已往之不谏": "https://mp.weixin.qq.com/s?__biz=Mzg3NzIxMDYxMw==&mid=2247504320&idx=1&sn=b8e11abf5072713197e1a08b31c69af6", + "红队-shell编程基础(六)": "https://mp.weixin.qq.com/s?__biz=Mzk1Nzk2NjI3Ng==&mid=2247483783&idx=1&sn=740cf22cc7407823de45414e1b6ef1f5", + "天空卫士10周年丨积厚致远,迈十而强": "https://mp.weixin.qq.com/s?__biz=MzA5MjQyODY1Mw==&mid=2648516486&idx=1&sn=c0445ec208cb5f49a0321affaef6ccf9", + "基于Davinci的HSM开发实践(13):安全启动细节补充": "https://mp.weixin.qq.com/s?__biz=MzIzOTc2OTAxMg==&mid=2247548768&idx=1&sn=70a8095e6736bfc1cc2494205bb147bf", + "新能源汽车之CAN总线知识": "https://mp.weixin.qq.com/s?__biz=MzIzOTc2OTAxMg==&mid=2247548768&idx=2&sn=8041069d0b6f147683ef5036e7de0ab8", + "扫码下载 | 电信行业关键信息基础设施安全保护安全管理总体要求": "https://mp.weixin.qq.com/s?__biz=MjM5OTk4MDE2MA==&mid=2655263760&idx=1&sn=76ef227352966eeaacd31da36db50522", + "流程控制语句": "https://mp.weixin.qq.com/s?__biz=MzkzODQzNTU2NA==&mid=2247486287&idx=1&sn=805850077aa1f925c8fc7f5264c79fce", + "ptcpdump,一个让黑客无处遁形的网络分析神器|突破传统tcpdump限制,精准定位容器环境下的恶意流量": "https://mp.weixin.qq.com/s?__biz=MzI5MjY4MTMyMQ==&mid=2247489633&idx=1&sn=7b7974900e912926da197b141b8b03c8", + "亿赛通-9处SQL注入": "https://mp.weixin.qq.com/s?__biz=MzkyOTg3ODc5OA==&mid=2247484155&idx=1&sn=26084264025488750f67307d91e78787", + "工信部:2024年我国网络和数据安全取得新突破": "https://mp.weixin.qq.com/s?__biz=MzkwMTMyMDQ3Mw==&mid=2247597394&idx=1&sn=484fc5f368eeaa52c803449704426e63", + "《网络数据安全管理条例》有哪些亮点?": "https://mp.weixin.qq.com/s?__biz=MzkwMTMyMDQ3Mw==&mid=2247597394&idx=2&sn=a16caf62b43639fb28e4cf0d6382e6db", + "网站域名遭非法盗用篡改,郑州两家公司被行政处罚": "https://mp.weixin.qq.com/s?__biz=MzkwMTMyMDQ3Mw==&mid=2247597394&idx=3&sn=6a9956452b2a1f329ba8bd4b07f8ba28", + "网络工程师成长之路:从零基础到技术大牛的进阶指南!": "https://mp.weixin.qq.com/s?__biz=MzIyMzIwNzAxMQ==&mid=2649464462&idx=1&sn=8a4209e9983e719ed78815096cf9874f", + "Kunlun-Mirror源代码审计工具": "https://mp.weixin.qq.com/s?__biz=Mzk0Mjg4MTQxMw==&mid=2247485551&idx=1&sn=f80a57db32ca3494a91c9da832e56af3", + "我只想要一个 CVE-2024-30085 Exploit 作为圣诞礼物": "https://mp.weixin.qq.com/s?__biz=MzAxODM5ODQzNQ==&mid=2247486285&idx=1&sn=8188907190a4d5beb3fed38fd5275049", + "无敌了,这5个SSH客户端也太好用了!": "https://mp.weixin.qq.com/s?__biz=MzUyNTExOTY1Nw==&mid=2247527831&idx=1&sn=171ff0749c760a4ff3d785751f5b369c", + "国家重点研发计划“分布式无证书网络身份系统的关键技术”2025第一季度项目研讨会议在北京举行": "https://mp.weixin.qq.com/s?__biz=Mzk0MDMwNjU3Ng==&mid=2247484583&idx=1&sn=e8a5d1eb7a8bc73b0936d6ff109e7f26", + "因违反数据安全、信用信息管理规定等,又一家银行被罚": "https://mp.weixin.qq.com/s?__biz=MzIxMDIwODM2MA==&mid=2653931396&idx=1&sn=53a89c643400992dcf65cb058efedea8", + "网安全牛马注意了!!!某提权工具被投毒植入后门": "https://mp.weixin.qq.com/s?__biz=Mzg2NTk4MTE1MQ==&mid=2247486453&idx=1&sn=9b0269672a20c13f853f4df1deb3b50f", + "【相关分享】记一次小程序逻辑漏洞": "https://mp.weixin.qq.com/s?__biz=Mzk0OTUwNTU5Nw==&mid=2247488478&idx=1&sn=0e94195de32c6cc2af2df00db511b92a", + "接到领导指示": "https://mp.weixin.qq.com/s?__biz=MzkwNDg1NTU0Mg==&mid=2247484366&idx=1&sn=3d2fa1e9ef24575bac2f68d64da1bc68", + "Bleem: 面向数据包序列的协议模糊测试 | 技术进展": "https://mp.weixin.qq.com/s?__biz=MzU1NTEzODc3MQ==&mid=2247486874&idx=1&sn=311b59a1953758bc2f69485cbf107d4b", + "孙凝晖院士:建设面向智能时代的国家数据基础设施": "https://mp.weixin.qq.com/s?__biz=Mzg4MDU0NTQ4Mw==&mid=2247528560&idx=1&sn=916a81824870f383b56330f6df479448", + "智库报告 | 人工智能领域的六大预测": "https://mp.weixin.qq.com/s?__biz=Mzg4MDU0NTQ4Mw==&mid=2247528560&idx=2&sn=babe127daba4c7530d8fab4f1f929d81", + "【工具分享】攻防利器 - ProxyCat 轻量级代理池轮换工具": "https://mp.weixin.qq.com/s?__biz=Mzg4MTkwMTI5Mw==&mid=2247488604&idx=1&sn=fe8a84631ecdf0cdfdcbd71c55b2937f", + "【供应链攻击】使用Proxy SwitchyOmega (V3)版本的了解一下": "https://mp.weixin.qq.com/s?__biz=MzkzNDIzNDUxOQ==&mid=2247494189&idx=1&sn=ba54efd6acd2d1ffd162f44149cbd9dc", + "如何在Ansible中轻松实现复杂SSH跳转?这个参数搞定": "https://mp.weixin.qq.com/s?__biz=MjM5OTc5MjM4Nw==&mid=2457385987&idx=1&sn=1acdbabefa8f2844520839562450287c", + "网络安全领域研究人员遭遇假PoC专项攻击": "https://mp.weixin.qq.com/s?__biz=MzI0MTE4ODY3Nw==&mid=2247492518&idx=1&sn=d4196de8b812e3a2d29209b50328cec0", + "请一等奖获奖选手私聊领取奖励": "https://mp.weixin.qq.com/s?__biz=MzI5MzkwMzU1Nw==&mid=2247485224&idx=1&sn=dc0d2fc4dbe9c289ecf727c067e6349c", + "通过代码研究空字节和无文件方式注册表隐藏技术": "https://mp.weixin.qq.com/s?__biz=MjM5NDcxMDQzNA==&mid=2247489348&idx=1&sn=29c8552f1aaa9e42c2b836be06f5f795", + "BurpSuite插件之autoDecoder": "https://mp.weixin.qq.com/s?__biz=Mzk1NzIzOTc5MQ==&mid=2247484054&idx=1&sn=32f69a3a0f79604736097b850a15d317", + "2024龙信年终技术考核参考WP": "https://mp.weixin.qq.com/s?__biz=Mzk0MTQzNjIyNg==&mid=2247493354&idx=1&sn=02c0c4f95a8dbadb54bbf82b04aa84db", + "吐槽一下某位记性差的情报大佬": "https://mp.weixin.qq.com/s?__biz=MzU5OTMxNjkxMA==&mid=2247488423&idx=1&sn=bc632db8cfabe6b70249ad6a603c32d1", + "联合国国际民航组织(ICAO)遭黑客攻击,4.2万份文件泄露!全球航空安全面临新威胁?": "https://mp.weixin.qq.com/s?__biz=MzA4NTY4MjAyMQ==&mid=2447900023&idx=1&sn=abbeb590028956425cc68d46bfeaa940", + "JS中的漏洞信息": "https://mp.weixin.qq.com/s?__biz=MzU2NzY5MjAwNQ==&mid=2247486764&idx=1&sn=69cdc86ba9528ef7448abb4bdd976484", + "自建IPTV源iptv-sources": "https://mp.weixin.qq.com/s?__biz=MzkxMzIwNTY1OA==&mid=2247510709&idx=1&sn=0ba982135c9676de49536fc693b7eb38", + "什么是IPV4?个人有吗?怎么获得?": "https://mp.weixin.qq.com/s?__biz=MzkyMTQzNTM3Ng==&mid=2247483863&idx=1&sn=619d9fb761418b2cb752cf729f31e2f1", + "在spring-aop中挖掘新反序列化gadget-chain": "https://mp.weixin.qq.com/s?__biz=Mzg2MDY2ODc5MA==&mid=2247484198&idx=1&sn=6b6a82bb543e879295b7cd2d85f3a37f", + "什么?资深高级红队队长已经在研究超能力黑电脑了?": "https://mp.weixin.qq.com/s?__biz=Mzg2NDg2MDIxNQ==&mid=2247485319&idx=1&sn=ad8f40bdb5b1c07dc233047b958df904", + "网安原创文章推荐【2025/1/11】": "https://mp.weixin.qq.com/s?__biz=MzAxNzg3NzMyNQ==&mid=2247489441&idx=1&sn=4c04b2d66f2fec8cef967dd2579359f8", + "「漏洞复现」某源地产ERP Service.asmx X-Forwarded-For注入漏洞": "https://mp.weixin.qq.com/s?__biz=MzkyNDY3MTY3MA==&mid=2247486739&idx=1&sn=6463b2b41421b6514b200a5d9b397ac6", + "IDA技巧(99)IDA 枚举类型": "https://mp.weixin.qq.com/s?__biz=MzI1Mjk2MTM1OQ==&mid=2247485212&idx=1&sn=7bb441b2d54ca6a4df55ddbc5940888b", + "ISO 14001: 2015 标准详解与实施(7)5.3 组织的角色、职责和权限": "https://mp.weixin.qq.com/s?__biz=MzA5OTEyNzc1Nw==&mid=2247485913&idx=1&sn=ee0d2911362dd63adba8d841e38363ae", + "ISO 45001: 2018 标准详解与实施(7)5.3 组织的角色、职责和权限": "https://mp.weixin.qq.com/s?__biz=MzA5OTEyNzc1Nw==&mid=2247485913&idx=2&sn=2a32b64b88721f6b0653db89c30e9344", + "古河大佬发现CVE-2024-49113 被黑客利用,发布恶意 PoC(好害怕发布带毒 poc 啊)": "https://mp.weixin.qq.com/s?__biz=MzkzNDIzNDUxOQ==&mid=2247494172&idx=1&sn=8437b6bd83d4cea051dbc558260056d8", + "独家揭秘:chatgpt帮你快速锁定高分伦理学论文选题指南!": "https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247486113&idx=1&sn=f727b3d4b79cb12fbbdec06949fbfd96", + "独家揭秘:ChatGPT快速生成放射医学高质量论文初稿指南。": "https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247486113&idx=2&sn=2d975ff5f459526b25046d0d25e9b9fa", + "独家揭秘:ChatGPT助力广告学论文初稿快速生成的内部攻略!": "https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247486113&idx=3&sn=8ef4aa139f805205d0d62ff888cd5769", + "独家揭秘!9年材料科研老兵的文献搜集内部绝密指南。": "https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247486113&idx=4&sn=e30c9d109ab824323c910f78e80e50a7", + "独家揭秘!用AI辅助网络安全论文初稿快速生成的高分攻略。": "https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247486113&idx=5&sn=6b31a2c29bbce13ead1650e69a695cde", + "不是,哥!你们网安圈那么抽象的么?": "https://mp.weixin.qq.com/s?__biz=MzkwODI1ODgzOA==&mid=2247506503&idx=1&sn=c305dff91ced69c5b1f9ff5ddafd807d", + "实战 | 域环境下通过anydesk进入生产网": "https://mp.weixin.qq.com/s?__biz=MzUyODkwNDIyMg==&mid=2247546664&idx=1&sn=fd057d1a7854dfa5f0ebd433ee1ed398", + "区块链 智能合约安全 重入漏洞": "https://mp.weixin.qq.com/s?__biz=MzUyODkwNDIyMg==&mid=2247546664&idx=2&sn=4c18d53fa9dcc5cfebddcb4102d7baaf", + "东盟地区APT攻击趋势:聚焦网络安全的新战场": "https://mp.weixin.qq.com/s?__biz=Mzg3OTYxODQxNg==&mid=2247485596&idx=1&sn=f4d528677329d17c835b53e3aaa7feb4", + "新春活动,翻倍奖金!福利享不停~": "https://mp.weixin.qq.com/s?__biz=MzU5MDg0MDc2MQ==&mid=2247496518&idx=1&sn=f48a22cd763034d2dc47db5ee28720ec", + "Csrf与Json劫持": "https://mp.weixin.qq.com/s?__biz=Mzk0ODY1NzEwMA==&mid=2247485772&idx=1&sn=59e0c43184aaddec6997502fdda3a2be", + "微信小程序抓包方式": "https://mp.weixin.qq.com/s?__biz=Mzg4NDg3NjE5MQ==&mid=2247485114&idx=1&sn=fb9b1348eac1586c93d73aadc659a3bc", + "通过高效的侦察发现关键漏洞接管整个IT基础设施": "https://mp.weixin.qq.com/s?__biz=MzI4NTcxMjQ1MA==&mid=2247615101&idx=1&sn=1c11d3cd73b424e3335a64efba88679c", + "通知 | 国家网信办就《网络信息内容多渠道分发服务机构相关业务活动管理规定(草案稿)》公开征求意见(附全文)": "https://mp.weixin.qq.com/s?__biz=MzkwMTQyODI4Ng==&mid=2247495559&idx=1&sn=2ad25e8767f0eeb988faea4eb4cdd255", + "警惕!暗网市场现最新高级免杀服务,可长期绕过主流安全检测": "https://mp.weixin.qq.com/s?__biz=MzkyMjQ5ODk5OA==&mid=2247506753&idx=1&sn=c6dacf9030910a5b9eddc826030afb99", + "2025年需要防范的五大恶意软件": "https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651311815&idx=3&sn=e6c5675db6f0e57973dcd1817459dc10", + "盘点网络安全行业那些让领导深恶痛绝的性格!": "https://mp.weixin.qq.com/s?__biz=MzUzNjkxODE5MA==&mid=2247488025&idx=1&sn=7e84e26f46b61dd1cc258a94d2ed3773", + "春节反诈常识": "https://mp.weixin.qq.com/s?__biz=MzA5MTYyMDQ0OQ==&mid=2247493510&idx=1&sn=8e5f68e91641ea3a040bf4ca8c1b09f5", + "今日截止!第八届西湖论剑大赛报名将于今日18:00截止~": "https://mp.weixin.qq.com/s?__biz=MzU1MzE3Njg2Mw==&mid=2247510220&idx=1&sn=f4a316f50a355d874b4cc38ae4dad77e", + "文件包含漏洞等你来看": "https://mp.weixin.qq.com/s?__biz=MzI5MTIwOTQ5MA==&mid=2247487572&idx=1&sn=598542b01490ec8a8f9825c4a20f54f6", + "【小技巧】怎么调整Burpsuite的字体大小": "https://mp.weixin.qq.com/s?__biz=MzI5MTIwOTQ5MA==&mid=2247487572&idx=2&sn=0bd5f93b72cf2c55ffffda9d7371e9e2", + "2024年安全四大顶会大陆学者发表论文数量统计": "https://mp.weixin.qq.com/s?__biz=MzA3OTQ4OTY5OA==&mid=2653147892&idx=1&sn=9a0a042a06d5b484ffb1d89f756a5ebf", + "2024年安全七大顶会大陆机构发表论文数量统计": "https://mp.weixin.qq.com/s?__biz=MzA3OTQ4OTY5OA==&mid=2653147891&idx=1&sn=0f9c47eabb0b5502f154baafa3b2ae52", + "2024年三大密码会大陆机构发表论文数量统计": "https://mp.weixin.qq.com/s?__biz=MzA3OTQ4OTY5OA==&mid=2653147890&idx=1&sn=57d4ab5822b35e22a3d319af3510309b", + "实战|记一次代码审计打穿多所高校": "https://mp.weixin.qq.com/s?__biz=MzkyMjM5NDM3NQ==&mid=2247486202&idx=1&sn=2d35a85c8d1a352feea4382d8f6f9825", + "2024年安全四大顶会大陆机构发表论文数量统计": "https://mp.weixin.qq.com/s?__biz=MzA3OTQ4OTY5OA==&mid=2653147889&idx=1&sn=be077ae32c22ef2d64f3d53755ddbfa8", + "信奥之路:从启蒙到卓越": "https://mp.weixin.qq.com/s?__biz=MzU2NDY2OTU4Nw==&mid=2247518166&idx=1&sn=fc5e06eaa2e74d5cf545596d51ae8f93", + "2025年,我们应当如何保护云安全?": "https://mp.weixin.qq.com/s?__biz=Mzg3NTY0MjIwNg==&mid=2247485476&idx=1&sn=c22f13f338cc253e4e31b0b59753d950", + "大量恶意npm包盯上了开发者": "https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651311815&idx=1&sn=40eddfee1242b4b1518db9b0ecb9e786", + "一周网安优质PDF资源推荐丨FreeBuf知识大陆": "https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651311815&idx=2&sn=f9bf7b789caff212720edecb5c9fb294", + "XXEinjector:一款功能强大的自动化XXE注射工具": "https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651311815&idx=4&sn=ed616b030da36e54593c0510d6d4aa8a", + "VxWorks固件系统研究技术总结一": "https://mp.weixin.qq.com/s?__biz=MjM5MjEyMTcyMQ==&mid=2651037259&idx=1&sn=ec2f0980685456e15ec5ae58b3fe415b", + "JS Hook脚本分享 | Fixed_window_size": "https://mp.weixin.qq.com/s?__biz=MzkzNTcwOTgxMQ==&mid=2247485275&idx=1&sn=513575ad84bb71853764c14c16a001be", + "上海市智算中心建设导则(2025年版)": "https://mp.weixin.qq.com/s?__biz=MjM5OTk4MDE2MA==&mid=2655263752&idx=1&sn=a4c7652b7d0d40f08fadfb47500374cb", + "2024年安全运营五大关键词": "https://mp.weixin.qq.com/s?__biz=MjM5OTk4MDE2MA==&mid=2655263752&idx=2&sn=ee7b4367fd9b5533336d41bae1a41cc0", + "GB∕T 44463-2024 互联网数据中心(IDC)总体技术要求": "https://mp.weixin.qq.com/s?__biz=MjM5OTk4MDE2MA==&mid=2655263752&idx=3&sn=90ce4438de76976c8cccebfe506f6782", + "GA∕T 2147-2024 公安视频图像信息系统安全事件分类分级指南": "https://mp.weixin.qq.com/s?__biz=MjM5OTk4MDE2MA==&mid=2655263752&idx=4&sn=1a8d313b56c5fe6f5ee4103ef527ae53", + "YD∕T 6030-2024 物联网基础安全 网关管理平台安全分级分类管理技术要求": "https://mp.weixin.qq.com/s?__biz=MjM5OTk4MDE2MA==&mid=2655263752&idx=5&sn=052472828db8ad3933d76e0196e72577", + "YD∕T 6034-2024 互联网域名服务信息安全管理要求": "https://mp.weixin.qq.com/s?__biz=MjM5OTk4MDE2MA==&mid=2655263752&idx=6&sn=bd634c27f8a75d8ead0eabaa019c50b0", + "YD∕T 6036-2024 移动智能终端安全态势感知平台技术要求": "https://mp.weixin.qq.com/s?__biz=MjM5OTk4MDE2MA==&mid=2655263752&idx=7&sn=775ad59404f783eb2cd05ff69b611d68", + "YD∕T 6038-2024 物联网基础安全 物联网平台安全分级分类管理技术要求": "https://mp.weixin.qq.com/s?__biz=MjM5OTk4MDE2MA==&mid=2655263752&idx=8&sn=43d084f3e379735cb0e52f6e73f60c91", + "新的国家情报标准如何使整个社会的 OSINT 专业化": "https://mp.weixin.qq.com/s?__biz=MzkxMDIwMTMxMw==&mid=2247494404&idx=1&sn=17c743018b0e4c33f9e4b39670e0bdb8", + "【资料】全球和平、恐怖主义、军事化、生态威胁等指数": "https://mp.weixin.qq.com/s?__biz=MzI2MTE0NTE3Mw==&mid=2651148514&idx=1&sn=3662709654286db5bff36e15df25195b", + ".NET内网实战:通过密码喷射遍历域账户": "https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498161&idx=1&sn=be37da545ba59c118c2d8331ddebf95e", + ".NET 安全攻防知识交流社区": "https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498161&idx=2&sn=cb9eb4af6f38a0fdf4bec4b4c0b9af0e", + ".NET 第54期红队武器库和资源汇总": "https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498161&idx=3&sn=0bdf117aa614c48e6e2fa2e51a3e83eb", + "美国军事资金的3%(300亿美元)专款用于网络安全建设": "https://mp.weixin.qq.com/s?__biz=MzkwNDI0MjkzOA==&mid=2247485648&idx=1&sn=9d2a476f4ca9e09f4e586b461c5e540b", + "【警惕!】带着脑子辨别网安传销与培训诈骗": "https://mp.weixin.qq.com/s?__biz=MzkxMTUwOTY1MA==&mid=2247489979&idx=1&sn=7504423edbf1814042a0cd8721329e53", + "海康威视AK/SK泄露利用": "https://mp.weixin.qq.com/s?__biz=MzU0MTc2NTExNg==&mid=2247491476&idx=1&sn=f36ac4a80164cf5e6fcc8d37c6123ab8", + "2025开年大瓜:七年红队大牛教你什么是《炮塔》": "https://mp.weixin.qq.com/s?__biz=MzkyOTQzNjIwNw==&mid=2247491387&idx=1&sn=318437e24f0dee591576c17b1865f082", + "禅道CMS开源版SQL注入漏洞分析": "https://mp.weixin.qq.com/s?__biz=Mzk0Mzc1MTI2Nw==&mid=2247487016&idx=1&sn=740c4dccda5bc675cb15d583a7867ad6", + "【电子取证入门电子书】DFIR蘇小沐电子数据取证实务教程v20250110": "https://mp.weixin.qq.com/s?__biz=Mzg3NTU3NTY0Nw==&mid=2247489493&idx=1&sn=c1cefd6ab9f90e9a27866ee920c4f9c9", + "从被撤稿看网络安全法": "https://mp.weixin.qq.com/s?__biz=MzkxNTY4NTQwMg==&mid=2247484243&idx=1&sn=45bfda4281542cab87e4c57741928f3a", + "Yarr:一款简洁高效的 RSS 阅读器,让你轻松追蹤资讯!": "https://mp.weixin.qq.com/s?__biz=MzA4MjkzMTcxMg==&mid=2449046655&idx=1&sn=683d1691190a69cc712b6b914ae85d74", + "CISA紧急警告:Oracle与Mitel高危漏洞正被攻击者利用,企业需立即修复!": "https://mp.weixin.qq.com/s?__biz=MzA4NTY4MjAyMQ==&mid=2447900022&idx=1&sn=468ab732933d168f76e10f10d930551d", + "使用 LeakIX 查找易受攻击的主机": "https://mp.weixin.qq.com/s?__biz=MzkwOTE5MDY5NA==&mid=2247504444&idx=1&sn=ca2fbdb4c118e45c099026b71f549f33", + "2024年度上海网络与信息安全测评工程技术研究中心开放课题申请指南": "https://mp.weixin.qq.com/s?__biz=MzU5MTM5MTQ2MA==&mid=2247491552&idx=1&sn=f1a376f0e49cff2ddca8fd74d0ecb5d9", + "为啥找黑客帮忙的人,绝大多数都上当了呢?": "https://mp.weixin.qq.com/s?__biz=MzkxMjYxODcyNA==&mid=2247485444&idx=1&sn=b7d97d3a17d6472120303b2c242c4bcb", + "NETworkManager 强大的网络管理工具": "https://mp.weixin.qq.com/s?__biz=MzkyNzIxMjM3Mg==&mid=2247488859&idx=1&sn=b74a7ab8bb978845a04a6f96cf7f17d6", + "魔怔了": "https://mp.weixin.qq.com/s?__biz=MzkyNzIxMjM3Mg==&mid=2247488859&idx=2&sn=57f256d8d6bd915fbb90714b789e06a2", + "21119_ctfshow_misc_1024_重新签到xa0writeup": "https://mp.weixin.qq.com/s?__biz=MzU2NzIzNzU4Mg==&mid=2247489458&idx=1&sn=a04fdf96f697a07c4c6f042dda66b812", + "在线游戏靶场【overthewire.org】之linux基础练兵场": "https://mp.weixin.qq.com/s?__biz=MzAxNTg1MDYxNA==&mid=2247488316&idx=1&sn=0d2d1f896068b716e0ddf57a87a7fe08", + "来啊、浑蛋、那就对着我打!!!": "https://mp.weixin.qq.com/s?__biz=Mzk0NDQwMDY1Nw==&mid=2247485783&idx=1&sn=18cd0973bc2d333b15a3053c155729b4", + "2024年中网络安全威胁全解析:你,我,都身处其中(附下载)": "https://mp.weixin.qq.com/s?__biz=MzkyODY5ODAyOA==&mid=2247489199&idx=1&sn=84d006f71c9995570547e4f7fb6df985", + "国外:一周网络安全态势回顾之第81期": "https://mp.weixin.qq.com/s?__biz=Mzg2NjY2MTI3Mg==&mid=2247498173&idx=1&sn=7afa71c7e7649ce5daf390576355983e", + "暗网情报五则:涉美财政部数据泄露、以色列军队医院、中国股票业务公司数据、中国汽车经销商客户关系数据等": "https://mp.weixin.qq.com/s?__biz=MzkyMjQ5ODk5OA==&mid=2247506753&idx=2&sn=2a87fbe42656da803e7b40a2b53ae278", + "每周网安态势概览【20250112】002期": "https://mp.weixin.qq.com/s?__biz=MzkyMjQ5ODk5OA==&mid=2247506753&idx=3&sn=5f0dfaa5af1377939b33c49069ee361f", + "广西多家企业不履行网络安全保护义务被依法处罚": "https://mp.weixin.qq.com/s?__biz=MzkxNTI2NTQxOA==&mid=2247495935&idx=1&sn=8e944270687efaf0287b59b0c6b1509a", + "中信银行日照分行因“未及时处置数据安全漏洞风险”等被罚54万元": "https://mp.weixin.qq.com/s?__biz=MzkxNTI2NTQxOA==&mid=2247495935&idx=2&sn=00a08f04efcb34f608a0a212fe9f18a0", + "中国证监会《期货公司互联网营销管理规定(征求意见稿)》公开征求意见": "https://mp.weixin.qq.com/s?__biz=MzkxNTI2NTQxOA==&mid=2247495935&idx=3&sn=59120d2fb2aa126651098e343db5d757", + "假冒地图软件应用推广员 诈骗团伙盗取信息非法获利": "https://mp.weixin.qq.com/s?__biz=MzkxNTI2NTQxOA==&mid=2247495935&idx=4&sn=2310f32e2838a70b5d64d6283d7c3b00", + "这些网安“传奇产品”都凉了?": "https://mp.weixin.qq.com/s?__biz=Mzg5OTg5OTI1NQ==&mid=2247489685&idx=1&sn=cb450029238b217c0e62810c2d9ea3e4", + "【神兵利器】 Socks5 代理采集与使用工具": "https://mp.weixin.qq.com/s?__biz=Mzg4MTU4NTc2Nw==&mid=2247494929&idx=1&sn=593a633db1de3399bf433ffed8be4bcc", + "Linux环境反弹shell原理与姿势": "https://mp.weixin.qq.com/s?__biz=Mzg4MTU4NTc2Nw==&mid=2247494929&idx=2&sn=423a37e0a046706839a0673709de6da3" + }, + "Der Flounder": { + "Generating randomized long usernames for Jamf Pro standard user accounts": "https://derflounder.wordpress.com/2025/01/12/generating-randomized-long-usernames-for-jamf-pro-standard-users/" + }, + "CXSECURITY Database RSS Feed - CXSecurity.com": { + "Ecommerce-PHP-kurniaramadhan-1.0- Stored Cross Site Scripting": "https://cxsecurity.com/issue/WLB-2025010013" + }, + "Blogs on STAR Labs": { + "Celebrating 7 Years of STAR Labs SG": "https://starlabs.sg/blog/2025/01-celebrating-7-years/" + }, + "MaskRay": { + "Understanding and improving Clang -ftime-report": "https://maskray.me/blog/2025-01-12-understanding-and-improving-clang-ftime-report" + }, + "Recent Commits to cve:main": { + "Update Sun Jan 12 20:21:03 UTC 2025": "https://github.com/trickest/cve/commit/cc05860a3fa72fd7eeb469c2f4c3c2393bdf9799", + "Update Sun Jan 12 12:11:36 UTC 2025": "https://github.com/trickest/cve/commit/bc5f623348434ad1564e0c0b3b25484b76ac5bce", + "Update Sun Jan 12 03:57:29 UTC 2025": "https://github.com/trickest/cve/commit/53bdd20be67eb117cbfb421f1172dacc167ade8d" + }, + "一个被知识诅咒的人": { + "Python协程与生成器深度解析:从yield到async的演进之路": "https://blog.csdn.net/nokiaguy/article/details/145091808", + "Python数据类(dataclass):简化类的定义与数据管理": "https://blog.csdn.net/nokiaguy/article/details/145091802" + }, + "Twitter @bytehx": { + "Re @hbenja_m @Bugcrowd That is a very good explanation. Thanks for sharing!": "https://x.com/bytehx343/status/1878340302697824475" + }, + "CCC Event Blog": { + "38C3: Last (and Lost) Things": "https://events.ccc.de/2025/01/12/38c3-last-things/" + }, + "Reverse Engineering": { + "Core Explorer, a core dump analysis tool that runs in the browser": "https://www.reddit.com/r/ReverseEngineering/comments/1hzy97x/core_explorer_a_core_dump_analysis_tool_that_runs/" + }, + "FreeBuf网络安全行业门户": { + "网络安全市场的“冬天”还长": "https://www.freebuf.com/articles/neopoints/419651.html" + }, + "奇客Solidot–传递最新科技情报": { + "台积电亚利桑那州工厂开始量产 4 纳米芯片": "https://www.solidot.org/story?sid=80310", + "安然宣布预售蛋形家用核反应堆": "https://www.solidot.org/story?sid=80309", + "加拿大灭火飞机疑与无人机相撞受损停飞": "https://www.solidot.org/story?sid=80308" + }, + "dotNet安全矩阵": { + ".NET内网实战:通过密码喷射遍历域账户": "https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498161&idx=1&sn=be37da545ba59c118c2d8331ddebf95e&chksm=fa59575ccd2ede4a649d9a0b0a50098ed73b9a63406c87ad5501b7b911333561666fb79b058a&scene=58&subscene=0#rd", + ".NET 安全攻防知识交流社区": "https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498161&idx=2&sn=cb9eb4af6f38a0fdf4bec4b4c0b9af0e&chksm=fa59575ccd2ede4af7bc01070c20719aa57677190a7abc5c307d5d82adcea645f6d47879c671&scene=58&subscene=0#rd", + ".NET 第54期红队武器库和资源汇总": "https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498161&idx=3&sn=0bdf117aa614c48e6e2fa2e51a3e83eb&chksm=fa59575ccd2ede4a84e6210bd8ee96f463cb3a9b0b75bb9c70b96a5a0bdc4420e9ed4ed132fd&scene=58&subscene=0#rd" + }, + "丁爸 情报分析师的工具箱": { + "【资料】全球和平、恐怖主义、军事化、生态威胁等指数": "https://mp.weixin.qq.com/s?__biz=MzI2MTE0NTE3Mw==&mid=2651148514&idx=1&sn=3662709654286db5bff36e15df25195b&chksm=f1af27d8c6d8aece6156e703a95e85d1ba2b73fefb64d14a75c43344e36d8f73bacd9081ee78&scene=58&subscene=0#rd" + }, + "认知独省": { + "攻防3.0 - 信任攻击": "https://mp.weixin.qq.com/s?__biz=MzU0NTI4MDQwMQ==&mid=2247484194&idx=1&sn=cb404b0fcfa2490d458d482fa704e98a&chksm=fb6e1bdccc1992cafa5f8bb0a62392a5c3106254f7cf233badf5cd133389fd95f6ac43fdde1d&scene=58&subscene=0#rd" + }, + "安全学术圈": { + "2024年度上海网络与信息安全测评工程技术研究中心开放课题申请指南": "https://mp.weixin.qq.com/s?__biz=MzU5MTM5MTQ2MA==&mid=2247491552&idx=1&sn=f1a376f0e49cff2ddca8fd74d0ecb5d9&chksm=fe2ee06bc959697dfc17c1f03a2e333582869bfcf92999139190432c960e259a75bb8f9aef7d&scene=58&subscene=0#rd" + }, + "网络空间安全科学学报": { + "学术前沿 | 国防科技大学李爱平教授团队:物联网威胁情报知识图谱综述": "https://mp.weixin.qq.com/s?__biz=MzI0NjU2NDMwNQ==&mid=2247504588&idx=1&sn=2d8592df92f5803bf485752d5f217d87&chksm=e9bfc672dec84f64e1b5b257c4048e3bbf80232a46cb63503acfd5a8c04a35f89fca0fc9aaa4&scene=58&subscene=0#rd" + }, + "安全圈": { + "【安全圈】腾讯协助警方破获木马盗窃游戏账号案,涉案金额超 3000 万": "https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067304&idx=1&sn=e99889dcbf4e15a2ad7a2217e3f850a3&chksm=f36e79a8c419f0be15d9a86cb5b587e283772858d26f145297e29b9b3cde7371bfdb14bf0184&scene=58&subscene=0#rd", + "【安全圈】勒索木马 Banshee 针对苹果 macOS 下手,冒充安全组件躲避检测": "https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067304&idx=2&sn=72944b1de7bb9205840492e28ba936b4&chksm=f36e79a8c419f0beeb3739f5c2b85fca0f00fde58f920f33c1f515465e6d0cb38db195bc441a&scene=58&subscene=0#rd", + "【安全圈】卡西欧遭勒索软件攻击?8500人数据被窃取!": "https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067304&idx=3&sn=1f094579cd41cb8e1f1583f6eb592503&chksm=f36e79a8c419f0be1987e866d745c558b9b4a20e4ada1f1f63ccf2a0b42d84e9bf4434724c69&scene=58&subscene=0#rd" + }, + "极客公园": { + "AI 巨头花钱买 UP 主「废片」训练 AI;「三折叠」投影仪现身;多地现发光不明飞行物,应急局:未接到异常通知|极客早知道": "https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653071852&idx=1&sn=8bfae10375f4237c5a546b2df6f3acac&chksm=7e57d45a49205d4c804e47147898cbc9af5d4a4c7a5749e93da824310ba3f5332631ec136946&scene=58&subscene=0#rd" + }, + "吴鲁加": { + "最近在试的学习工作方法": "https://mp.weixin.qq.com/s?__biz=Mzg5NDY4ODM1MA==&mid=2247485142&idx=1&sn=404d04f9faadc52634e236ebd8a95b9a&chksm=c01a8be7f76d02f16927f92ee10be8d20555c480f00ae93e372a6421d5e07b5fdcd0d10c252f&scene=58&subscene=0#rd" + }, + "Over Security - Cybersecurity news aggregator": { + "Phishing texts trick Apple iMessage users into disabling protection": "https://www.bleepingcomputer.com/news/security/phishing-texts-trick-apple-imessage-users-into-disabling-protection/", + "Pastor who saw crypto project in his \"dream\" indicted for fraud": "https://www.bleepingcomputer.com/news/legal/pastor-who-saw-crypto-project-in-his-dream-indicted-for-fraud/", + "Guerre di Rete - Italia, Musk e Ue: che partite si stanno giocando": "https://guerredirete.substack.com/p/guerre-di-rete-italia-musk-e-ue-che", + "Analysis of Counter-Ransomware Activities in 2024": "https://blog.bushidotoken.net/2025/01/analysis-of-counter-ransomware.html", + "SuperDraft - 300,187 breached accounts": "https://haveibeenpwned.com/PwnedWebsites#SuperDraft" + }, + "IT Service Management News": { + "US Cyber Trust Mark Program": "http://blog.cesaregallotti.it/2025/01/us-cyber-trust-mark-program.html" + }, + "Have I Been Pwned latest breaches": { + "SuperDraft - 300,187 breached accounts": "https://haveibeenpwned.com/PwnedWebsites#SuperDraft" + }, + "SANS Internet Storm Center, InfoCON: green": { + "Multi-OLE, (Sun, Jan 12th)": "https://isc.sans.edu/diary/rss/31580", + "Wireshark 4.4.3 Released, (Sat, Jan 11th)": "https://isc.sans.edu/diary/rss/31578" + }, + "Troy Hunt's Blog": { + "Weekly Update 434": "https://www.troyhunt.com/weekly-update-434/" + }, + "TorrentFreak": { + "Nhentai Asks California Court to Dismiss Piracy Lawsuit": "https://torrentfreak.com/nhentai-asks-california-court-to-dismiss-piracy-lawsuit-250112/" + }, + "白泽安全实验室": { + "网络安全领域研究人员遭遇假PoC专项攻击": "https://mp.weixin.qq.com/s?__biz=MzI0MTE4ODY3Nw==&mid=2247492518&idx=1&sn=d4196de8b812e3a2d29209b50328cec0&chksm=e90dc98cde7a409a795581029d39c4e66bc71c3ad662c7e7c84782d0baae9a74a858889ab838&scene=58&subscene=0#rd" + }, + "FuzzWiki": { + "Bleem: 面向数据包序列的协议模糊测试 | 技术进展": "https://mp.weixin.qq.com/s?__biz=MzU1NTEzODc3MQ==&mid=2247486874&idx=1&sn=311b59a1953758bc2f69485cbf107d4b&chksm=fbd9a626ccae2f30d7167e5d9ee742af35355e569368a8dbc1d983fbcb3d90104f174138b5fa&scene=58&subscene=0#rd" + }, + "迪哥讲事": { + "SSRF 漏洞自动化 寻找": "https://mp.weixin.qq.com/s?__biz=MzIzMTIzNTM0MA==&mid=2247496832&idx=1&sn=5c72712e20772f2279b09ca9a748afc2&chksm=e8a5fee3dfd277f5990fbe3dfe7247c7dd7bf125a233ad4ec99a8afb49b1b2e29ae25f7866b6&scene=58&subscene=0#rd" + }, + "Computer Forensics": { + "Dream equipement": "https://www.reddit.com/r/computerforensics/comments/1hzw6t7/dream_equipement/", + "Will live acquisition result in different hash values using FTK?": "https://www.reddit.com/r/computerforensics/comments/1hzp7ny/will_live_acquisition_result_in_different_hash/" + }, + "Your Open Hacker Community": { + "Check out a botnet (c2) framework I made!": "https://www.reddit.com/r/HowToHack/comments/1hztta4/check_out_a_botnet_c2_framework_i_made/", + "Dell admin pw": "https://www.reddit.com/r/HowToHack/comments/1hzvwwu/dell_admin_pw/", + "Where to find phishing templates?": "https://www.reddit.com/r/HowToHack/comments/1hzlv04/where_to_find_phishing_templates/", + "Trace a call spoofer": "https://www.reddit.com/r/HowToHack/comments/1hzpbak/trace_a_call_spoofer/", + "Does anyone know any effective websites to learn efficient and relevant hacking methods that teach with simplicity and are free": "https://www.reddit.com/r/HowToHack/comments/1hzsc4j/does_anyone_know_any_effective_websites_to_learn/", + "KANN MAN HIER HACKEN LERNEN ?": "https://www.reddit.com/r/HowToHack/comments/1hzv1o0/kann_man_hier_hacken_lernen/", + "Need help with switching accounts once logged into a site": "https://www.reddit.com/r/HowToHack/comments/1hzjamc/need_help_with_switching_accounts_once_logged/", + "Help": "https://www.reddit.com/r/HowToHack/comments/1hzi5gh/help/", + "Hi guys, Can someone crack a $zip2$ hash?": "https://www.reddit.com/r/HowToHack/comments/1hzgzjv/hi_guys_can_someone_crack_a_zip2_hash/", + "Hack Iphone with charger": "https://www.reddit.com/r/HowToHack/comments/1hzbsmp/hack_iphone_with_charger/", + "IP": "https://www.reddit.com/r/HowToHack/comments/1hzdh3n/ip/" + }, + "Technical Information Security Content & Discussion": { + "Exploitation Walkthrough and Techniques - Ivanti Connect Secure RCE (CVE-2025-0282) - watchTowr Labs": "https://www.reddit.com/r/netsec/comments/1hzipca/exploitation_walkthrough_and_techniques_ivanti/" + }, + "Hacking Exposed Computer Forensics Blog": { + "Daily Blog #715: Solution Saturday 1/11/25": "https://www.hecfblog.com/2025/01/daily-blog-715-solution-saturday-11125.html" + }, + "Security Affairs": { + "Pro-Russia hackers NoName057 targets Italy again after Zelensky’s visit to the country": "https://securityaffairs.com/172982/hacktivism/noname057-targets-italy.html", + "SECURITY AFFAIRS MALWARE NEWSLETTER – ROUND 28": "https://securityaffairs.com/172978/malware/security-affairs-malware-newsletter-round-28.html", + "Security Affairs newsletter Round 506 by Pierluigi Paganini – INTERNATIONAL EDITION": "https://securityaffairs.com/172972/breaking-news/security-affairs-newsletter-round-506-by-pierluigi-paganini-international-edition.html", + "How a researcher earned $100,000 hacking a Facebook server": "https://securityaffairs.com/172964/hacking/researcher-earned-100000-hacking-facebook-server.html" + }, + "Blackhat Library: Hacking techniques and research": { + "Black Hat Training pass doesn't include main event Briefings": "https://www.reddit.com/r/blackhat/comments/1hzs0nd/black_hat_training_pass_doesnt_include_main_event/" + }, + "Randy Westergren": { + "Building pyodbc for AWS Lambda’s Python 3.13 Runtime": "https://randywestergren.com/building-pyodbc-for-aws-lambdas-python-3-13-runtime/" + }, + "银针安全": { + "在spring-aop中挖掘新反序列化gadget-chain": "https://mp.weixin.qq.com/s?__biz=Mzg2MDY2ODc5MA==&mid=2247484198&idx=1&sn=6b6a82bb543e879295b7cd2d85f3a37f&chksm=ce23953ff9541c29418831b4e192b385e5c92d59562b40a7a28283e8468773caac9ad9736b1c&scene=58&subscene=0#rd" + }, + "Dark Space Blogspot": { + "Il Segreto Di Chiavalentine Su Youtube: Successo Reale o Fake?": "http://darkwhite666.blogspot.com/2025/01/il-segreto-del-successo-di.html" + } +} \ No newline at end of file diff --git a/today.md b/today.md index aa5936d602..0762b34589 100644 --- a/today.md +++ b/today.md @@ -1,273 +1,299 @@ -# 每日安全资讯(2025-01-12) +# 每日安全资讯(2025-01-13) -- Security Boulevard - - [ ] [Advancements in Machine Identity Protections](https://securityboulevard.com/2025/01/advancements-in-machine-identity-protections/) - - [ ] [From Chaos to Control: Building Your Company’s Access Management Foundation](https://securityboulevard.com/2025/01/from-chaos-to-control-building-your-companys-access-management-foundation/) - - [ ] [DEF CON 32 – Porn & Privacy – ET](https://securityboulevard.com/2025/01/def-con-32-porn-privacy-et/) -- Doonsec's feed - - [ ] [一种新的安卓恶意软件伪装成 Telegram 的高级版本](https://mp.weixin.qq.com/s?__biz=MzkxNDM4OTM3OQ==&mid=2247505688&idx=1&sn=51fc10c9de18920df368d2f73f9869b5) - - [ ] [Chrome 扩展程序利用关键字操纵漏洞](https://mp.weixin.qq.com/s?__biz=MzkxNDM4OTM3OQ==&mid=2247505688&idx=2&sn=477172aee3cdadaaf70998c3cea3b917) - - [ ] [Proton 称大规模停电是由基础设施超载造成的](https://mp.weixin.qq.com/s?__biz=MzkxNDM4OTM3OQ==&mid=2247505688&idx=3&sn=6cc097c5896476f06ddf9fcaeaafcccb) - - [ ] [蒋昌建&沈逸东方夜话 | 网络安全审查:隔离墙?安全阀!](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485395&idx=1&sn=16953adf52d1c675c4f5c4001dfdba21) - - [ ] [原创文章目录](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485395&idx=6&sn=64fdadc2be07e6e80090a862faa9369e) - - [ ] [黑客攻击21个省市社保、医疗系统,“爬取”公民信息获利500余万](https://mp.weixin.qq.com/s?__biz=MzkxMjYxODcyNA==&mid=2247485436&idx=1&sn=a0980e4928229561330fac1109576927) - - [ ] [小白必看之漏洞区分](https://mp.weixin.qq.com/s?__biz=Mzk1NzQwNjQ4Ng==&mid=2247484134&idx=1&sn=723a6d60f099a461d07ed5d08217cc40) - - [ ] [今日ootd](https://mp.weixin.qq.com/s?__biz=MzI1Mjc3NTUwMQ==&mid=2247538427&idx=1&sn=54f7435160b21f5bcb326d08a651ef51) - - [ ] [Android手机微信怎么找回删除的好友?其实很简单只需要简单几步就可以搞定](https://mp.weixin.qq.com/s?__biz=MzI2OTk4MTA3Ng==&mid=2247496703&idx=1&sn=79bf4b6fe407e5271f65f5f94917dd00) - - [ ] [FOFA搜索引擎语法---信息收集篇](https://mp.weixin.qq.com/s?__biz=MzkxNjg3NTQ4NA==&mid=2247485322&idx=1&sn=30ebbff69ae793676247af3791e49cd9) - - [ ] [‘黑掉’NASA:SSRF、子域接管以及XSS](https://mp.weixin.qq.com/s?__biz=Mzg2ODYxMzY3OQ==&mid=2247518163&idx=1&sn=45bb532ff4bec0fd51a5a77eab8d2359) - - [ ] [PotatoTool一款功能强大的网络安全综合工具支持免杀、自定义内存马、提权、扫描、一键解密、AI分析、溯源等等](https://mp.weixin.qq.com/s?__biz=MzkzMDg1MzIwNA==&mid=2247486334&idx=1&sn=f538d24db455aad0f34937d750facd60) - - [ ] [小程序抓包教程(全网最简单教程)](https://mp.weixin.qq.com/s?__biz=Mzk0MzQxODc3NA==&mid=2247484313&idx=1&sn=5e4aa0124d1589ce722dda5c18861f9f) - - [ ] [手机上的后门|防不胜防的RAT攻击](https://mp.weixin.qq.com/s?__biz=Mzg3OTUxNTU2NQ==&mid=2247489945&idx=3&sn=05f2df570592ec160dc273c008c6b48b) - - [ ] [Dirsearch | 目录枚举神器 你真的会用吗?](https://mp.weixin.qq.com/s?__biz=MzkzMzg3MzMyOA==&mid=2247485921&idx=1&sn=55199c6c42e12ae12c6933d3c57895bb) - - [ ] [为何企业需实施信息安全等级保护?](https://mp.weixin.qq.com/s?__biz=MzU5MTIxNzg0Ng==&mid=2247488131&idx=1&sn=b0942d524e678ad4cb0e6bff4f646f31) - - [ ] [中安协数字安全专业委员会第一届第二次会议在京举行](https://mp.weixin.qq.com/s?__biz=MjM5NTY4NTM1OQ==&mid=2650683479&idx=1&sn=9f35a5a195aa37a6f05fc85b20315c6d) - - [ ] [你们这些黑客到底用不用python啊?](https://mp.weixin.qq.com/s?__biz=MzkyOTQzNjIwNw==&mid=2247491345&idx=1&sn=58551e8465f73714ac7176fb6fbee68e) - - [ ] [【漏洞工具】某路由器任意文件读取漏洞Goby低级模式利用工具](https://mp.weixin.qq.com/s?__biz=Mzg5NTU2NjA1Mw==&mid=2247495975&idx=1&sn=b05958a60bbf5bbaa0abccc2f249abb9) - - [ ] [信息收集平台的使用方法](https://mp.weixin.qq.com/s?__biz=MzI0NjE1NDYyOA==&mid=2247484781&idx=1&sn=45b2722155dfaf5f077435685336f3aa) - - [ ] [接私活神器!ThingsKit 国产开源 IoT 物联网平台+边缘网关,轻松交付可视化大屏](https://mp.weixin.qq.com/s?__biz=MjM5OTA4MzA0MA==&mid=2454936559&idx=1&sn=18c770486e56d8200c441ace43890bc8) - - [ ] [IT知识百科:公钥和私钥是什么?有啥区别?一篇文章全搞懂!](https://mp.weixin.qq.com/s?__biz=MzIyMzIwNzAxMQ==&mid=2649464441&idx=1&sn=a7a893c6b4db5dc6f80b48af3b3b308b) - - [ ] [在看 | 周报:中国铁路12306网站出现网络故障;Kimi崩上热搜;美国超千万中小学生个人数据疑似泄露](https://mp.weixin.qq.com/s?__biz=MzU5ODgzNTExOQ==&mid=2247634455&idx=1&sn=3e9529a11f81c8fe2b01f3d030fa0af0) - - [ ] [在看 | 厂商:本周热门网络安全产业动态](https://mp.weixin.qq.com/s?__biz=MzU5ODgzNTExOQ==&mid=2247634455&idx=2&sn=41247f17b16e02cc9ae636b8ee9dc7b3) - - [ ] [带你解锁编码新世界!--随波逐流CTF编码工具使用教程33 --JJEncode密码](https://mp.weixin.qq.com/s?__biz=MzU2NzIzNzU4Mg==&mid=2247489433&idx=1&sn=87cfa9aec661b04493ce3613c43f289a) - - [ ] [【安全圈】江苏一男子利用小程序Bug逃匿28万加油费,法院判了](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067274&idx=1&sn=5bef640b5980a10e736f5e8b28bb6773) - - [ ] [【安全圈】涉案3.3亿!有人非法搭建支付平台获利超200万](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067274&idx=2&sn=792e4a8d18c9865be6e1131bf29116e9) - - [ ] [【安全圈】Ivanti VPN 零日漏洞正在被黑客利用](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067274&idx=3&sn=8eb5cc6c0a00bef351ca6ec387133310) - - [ ] [浏览器如何阻止进程注入的 RWX 执行](https://mp.weixin.qq.com/s?__biz=MzAxODM5ODQzNQ==&mid=2247486268&idx=1&sn=052b0ec1bfa44b1828fc15b689b694ce) - - [ ] [学术前沿 | 鹏城实验室威胁情报团队:网络威胁情报共享与融合技术综述](https://mp.weixin.qq.com/s?__biz=MzI0NjU2NDMwNQ==&mid=2247504587&idx=1&sn=4eaf1ab6a4b15883ae9a77be4357a271) - - [ ] [机票诈骗路线简图分析(原创)](https://mp.weixin.qq.com/s?__biz=MzA5MTYyMDQ0OQ==&mid=2247493500&idx=1&sn=5a162845740d94d3905f334b97524029) - - [ ] [机票诈骗路线分析简图](https://mp.weixin.qq.com/s?__biz=MzA5MTYyMDQ0OQ==&mid=2247493494&idx=1&sn=befb46f4cf55c317d53c5c8bcfc9dcb6) - - [ ] [新一代Github投毒|针对网络安全人员钓鱼](https://mp.weixin.qq.com/s?__biz=MzkyMzI3OTY4Mg==&mid=2247486844&idx=1&sn=184e1f0c5c593d95b0b5414c05c9e171) - - [ ] [疑黑客出售国内某IT企业服务器访问权限,456GB数据遭泄露](https://mp.weixin.qq.com/s?__biz=MzkyMjQ5ODk5OA==&mid=2247506729&idx=1&sn=99faf6c867705475671630c95a81b63a) - - [ ] [fsacn工具及二开](https://mp.weixin.qq.com/s?__biz=Mzk0Mjg4MTQxMw==&mid=2247485498&idx=1&sn=af916ec09177e84bf30acb1afcbed6d4) - - [ ] [护网行动——筑牢网络防线的关键战役](https://mp.weixin.qq.com/s?__biz=MzkxODc5OTg5MQ==&mid=2247484228&idx=1&sn=78f7850c6323e7fd2e092f810c2c5006) - - [ ] [嵌入式软件OTA升级,有哪几种FLASH划分方式?](https://mp.weixin.qq.com/s?__biz=MzIzOTc2OTAxMg==&mid=2247548769&idx=1&sn=32ba30356cabef720cf10639cb786fc6) - - [ ] [有趣的linux文件系统](https://mp.weixin.qq.com/s?__biz=MzIzOTc2OTAxMg==&mid=2247548769&idx=2&sn=a0d02cbb173ca18db47b1fec30deb2ff) - - [ ] [时代的痕迹](https://mp.weixin.qq.com/s?__biz=MzIwODc2NjgxNA==&mid=2247484965&idx=1&sn=6e1b33697f9299571f6559d8a66d1606) - - [ ] [CTF自毁程序密码:逆向分析](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458588573&idx=1&sn=c40b84e0094dfcbca49818f166d4c1f8) - - [ ] [欢迎报名!新课《Frida源码情景分析》](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458588573&idx=2&sn=faff2f0fd2cdc5ddab970c5ab150d74c) - - [ ] [扫码下载 | 信息技术应用创新 信息系统适配改造成本度量](https://mp.weixin.qq.com/s?__biz=MjM5OTk4MDE2MA==&mid=2655263684&idx=1&sn=376629b883698a615a6e3025f05f926b) - - [ ] [国家网信办就《网络信息内容多渠道分发服务机构相关业务活动管理规定(草案稿)》公开征求意见](https://mp.weixin.qq.com/s?__biz=MjM5MzMwMDU5NQ==&mid=2649170115&idx=1&sn=1b3539813ba293f5cb2035f9db5f03d9) - - [ ] [中文互联网语料资源平台发布](https://mp.weixin.qq.com/s?__biz=MjM5MzMwMDU5NQ==&mid=2649170115&idx=2&sn=970cf26d470dc1bf1f3c07a281c1f8b8) - - [ ] [短文:对现实里网络安全领域的新认识](https://mp.weixin.qq.com/s?__biz=MzUyMTUwMzI3Ng==&mid=2247485562&idx=1&sn=8b6790ca85055bf567130a044261ebda) - - [ ] [[论文翻译]多步骤越狱隐私攻击对ChatGPT的影响](https://mp.weixin.qq.com/s?__biz=Mzg4NDMyOTE3MQ==&mid=2247483707&idx=1&sn=a33f0657bbd604fcbcef3831065f344e) - - [ ] [强烈建议尽快搞个软考证!(重大利好)](https://mp.weixin.qq.com/s?__biz=MzkxMzIwNTY1OA==&mid=2247510688&idx=1&sn=91e1b11170faaac8b622422bacbbee1d) - - [ ] [IDEA研究院:低空经济发展白皮书3.0-安全体系](https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247619257&idx=1&sn=96e34669c425319bcf2492a6d8490989) - - [ ] [低空经济启航,安全体系护航 低空经济网络安全体系化研究报告](https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247619257&idx=2&sn=9a3a8d4176b9464783118adcb475a303) - - [ ] [《车路云一体化系统 第7部分:信息安全要求和试验方法》(草案)](https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247619257&idx=3&sn=6c3b2101700e191b3d5daa0e12edac8f) - - [ ] [基于大模型(LLM)的黑盒RCE漏洞挖掘](https://mp.weixin.qq.com/s?__biz=MzU0NDI5NTY4OQ==&mid=2247486253&idx=1&sn=62124571618afa3afa400518ed8a9638) - - [ ] [因敏感数据泄露、未分类分级、个人信息未脱敏等行为违反《数据安全法》,2公司被处罚](https://mp.weixin.qq.com/s?__biz=MzIxMDIwODM2MA==&mid=2653931395&idx=1&sn=e6190c89b218ac0c466a14c75e7a6b05) - - [ ] [【吃瓜】安全圈里我们带专真的没有未来了么?](https://mp.weixin.qq.com/s?__biz=Mzg4MTkwMTI5Mw==&mid=2247488580&idx=1&sn=fe3d7fd390432632c7f806abaad20c70) - - [ ] [区块链和加密货币的基础知识](https://mp.weixin.qq.com/s?__biz=Mzg4NzgyODEzNQ==&mid=2247488593&idx=1&sn=54713e09991db527898a10feed8de69a) - - [ ] [阿里云WAF日志接入到线下GrayLog日志系统并实现一键联动CFW封锁攻击IP](https://mp.weixin.qq.com/s?__biz=MzU2MjU1OTE0MA==&mid=2247499573&idx=1&sn=8741fa4bb7cd732d193174aaa6906d4c) - - [ ] [科技部:科技体制迎来重大变革!将赋予科学家更大技术路线决定权、经费支配权和资源调度权](https://mp.weixin.qq.com/s?__biz=Mzg4MDU0NTQ4Mw==&mid=2247528558&idx=1&sn=b3c0525a2c26829c266c59189b5cb80d) - - [ ] [焦点 | 为应对车辆网络风险,车联网安全新国标将于2025年4月1日起实施](https://mp.weixin.qq.com/s?__biz=Mzg4MDU0NTQ4Mw==&mid=2247528558&idx=2&sn=c261577265abf34f283f3a072d7e8c30) - - [ ] [开发Tips|用JS判断并采集webpack路由](https://mp.weixin.qq.com/s?__biz=MzIzNDU5Mzk2OQ==&mid=2247486354&idx=1&sn=8977447058f845375a7ecf6bd858e8f2) - - [ ] [【web靶场】之upload-labs专项训练(基于BUUCTF平台)](https://mp.weixin.qq.com/s?__biz=MzAxNTg1MDYxNA==&mid=2247488087&idx=1&sn=3f4f3a7e578bc86cf83395782f006b6e) - - [ ] [传输速率和带宽介绍](https://mp.weixin.qq.com/s?__biz=Mzg3NTUzOTg3NA==&mid=2247514946&idx=1&sn=ca0755f2190ba765dc7cb8b15f37258a) - - [ ] [利用 Coze(扣子)打造微信公众号MD5解密工具](https://mp.weixin.qq.com/s?__biz=Mzg3MTE0NTg4OQ==&mid=2247484129&idx=1&sn=d7256d4765b83eaab55bf028680cc65e) - - [ ] [交换机背板带宽、交换容量与包转发率到底是啥?](https://mp.weixin.qq.com/s?__biz=MzUyNTExOTY1Nw==&mid=2247527815&idx=1&sn=bc9179f78ebb563fe9e3bc8f9329d802) - - [ ] [【吃瓜】要不是真的没绷住,没周末还发吃瓜啊?](https://mp.weixin.qq.com/s?__biz=MzU3MjU4MjM3MQ==&mid=2247489545&idx=1&sn=47aa25dcfe2bfe62d27bf19209914f1d) - - [ ] [哥斯拉Godzilla](https://mp.weixin.qq.com/s?__biz=MzkwNDg4MTg5MQ==&mid=2247483814&idx=1&sn=2e64891b89d7016a24ed852389c96dcc) - - [ ] [新型攻击 CSPT2CSR-利用客户端路径遍历实现 CSRF 攻击](https://mp.weixin.qq.com/s?__biz=MzkwODI1ODgzOA==&mid=2247506468&idx=1&sn=57c909dcd40beda22cb475698eb15791) - - [ ] [对不起兄弟,这太搞笑了,我还以为多吊呢](https://mp.weixin.qq.com/s?__biz=MzkxMTUwOTY1MA==&mid=2247489953&idx=1&sn=74f06278ff67fa66bf183f9636075354) - - [ ] [【2025-01-11】每日安全资讯](https://mp.weixin.qq.com/s?__biz=MzIzNDU5NTI4OQ==&mid=2247488273&idx=1&sn=5ea90e3b65326e9f7869f6e800b2ca9e) - - [ ] [美国位置数据泄露第三季](https://mp.weixin.qq.com/s?__biz=MzkzNDIzNDUxOQ==&mid=2247494161&idx=1&sn=d61fecfaafcdf6eda88e6e06c5f7b80d) - - [ ] [狩猎网络罪犯读书笔记1](https://mp.weixin.qq.com/s?__biz=MzkzNDIzNDUxOQ==&mid=2247494161&idx=2&sn=b46158940c7fe32183842671c3f549e8) - - [ ] [为什么说震网是改变战争形态的里程碑?内情令人胆寒](https://mp.weixin.qq.com/s?__biz=MzI5MjY4MTMyMQ==&mid=2247489576&idx=1&sn=618cdfd9a4f8ab5cbab648eeae5b9079) - - [ ] [TestNet资产管理系统](https://mp.weixin.qq.com/s?__biz=Mzk1NzIzOTc5MQ==&mid=2247484053&idx=1&sn=9c3e53535e4f024cf173b956cdb5405c) - - [ ] [ISO 45001: 2018 标准详解与实施(6)5.2 职业健康安全方针](https://mp.weixin.qq.com/s?__biz=MzA5OTEyNzc1Nw==&mid=2247485907&idx=1&sn=4ec38baeea4c73ba0e7c361f48f95c65) - - [ ] [ISO 14001: 2015 标准详解与实施(6)5.2 环境方针](https://mp.weixin.qq.com/s?__biz=MzA5OTEyNzc1Nw==&mid=2247485907&idx=2&sn=01eed680f2d0e787b6f0312c6a08cdad) - - [ ] [中国网络空间安全协会人工智能安全治理专委会工作年会在京召开](https://mp.weixin.qq.com/s?__biz=MzA3ODE0NDA4MA==&mid=2649401237&idx=1&sn=df00863fc872c7f6d3cc548bc8eb730f) - - [ ] [中国软件评测中心2024年干部述职述廉考核 工作总结表彰大会暨2025年工作计划会圆满召开](https://mp.weixin.qq.com/s?__biz=MjM5NzYwNDU0Mg==&mid=2649249349&idx=1&sn=5ce3e4372ef3f4c1f5df64146ba51e2c) - - [ ] [工业和信息化部多项调研报告获评中央和国家机关“关键小事”优秀调研成果](https://mp.weixin.qq.com/s?__biz=MjM5NzYwNDU0Mg==&mid=2649249349&idx=2&sn=6fcd5f820bab0fb3c9659c2250eac6a3) - - [ ] [电子科大、成都信息工程大学因串通投标被军队暂停采购资格……](https://mp.weixin.qq.com/s?__biz=MzUzNjkxODE5MA==&mid=2247488019&idx=1&sn=c5c14590da29f654d004e4ab4d305c1d) - - [ ] [网络安全团队里的“中坚力量”,你是吗?](https://mp.weixin.qq.com/s?__biz=MzUzNjkxODE5MA==&mid=2247488017&idx=1&sn=f15565cbb18bc234379fb50d266fcf33) - - [ ] [「漏洞复现」瑞友天翼应用虚拟化系统 GetPwdPolicy SQL注入漏洞](https://mp.weixin.qq.com/s?__biz=MzkyNDY3MTY3MA==&mid=2247486728&idx=1&sn=a2987c4ca400a3a3686e1c8ebff60b66) - - [ ] [锦鲤揭秘时刻!快来看看锦鲤礼包花落谁家吧~](https://mp.weixin.qq.com/s?__biz=MzkyNzIwMzY4OQ==&mid=2247489533&idx=1&sn=f4c093ed6016e977e9eb01ba7d80d4a6) - - [ ] [【已复现】Ivanti Connect Secure 堆栈溢出致远程代码执行漏洞(CVE-2025-0282)](https://mp.weixin.qq.com/s?__biz=MzIwMDk1MjMyMg==&mid=2247492691&idx=1&sn=e1d64db4b8957907e6417a61d2c40fa4) - - [ ] [区块链 智能合约安全 重入漏洞](https://mp.weixin.qq.com/s?__biz=MzUyODkwNDIyMg==&mid=2247546608&idx=1&sn=b4f5a8e22730b23ce5aafde8d28133c7) - - [ ] [记一次利用堡垒机内部邮件钓鱼突破外网](https://mp.weixin.qq.com/s?__biz=MzUyODkwNDIyMg==&mid=2247546608&idx=2&sn=fa2f54df172222e03c35ea3caf1c0049) - - [ ] [3分钟搞懂网络安全中的等保测评与密评](https://mp.weixin.qq.com/s?__biz=MzI5MTIwOTQ5MA==&mid=2247487550&idx=1&sn=e69ab6059767dbbf0aac795e8df1be31) - - [ ] [【资料】创建开源情报机构的理由](https://mp.weixin.qq.com/s?__biz=MzI2MTE0NTE3Mw==&mid=2651148500&idx=1&sn=6cb5b45ccad95f39148ef2240c25d8f8) - - [ ] [AI 监工软件盯梢员工太疯狂:5 秒截屏,打字慢、上网久都拿“红牌”!网友狂喷,但巨头争相使用](https://mp.weixin.qq.com/s?__biz=MzIyMDEzMTA2MQ==&mid=2651168298&idx=1&sn=3c5b0ded6cad54b292862f58f5369831) - - [ ] [度盘下载加速工具推荐:ODE多功能助手](https://mp.weixin.qq.com/s?__biz=Mzk1NzI5MTc0Nw==&mid=2247484517&idx=1&sn=2bd3b00e674a0d1be43b66ac5724db1e) - - [ ] [专刊抽奖中奖名单](https://mp.weixin.qq.com/s?__biz=MzAwMTMzMDUwNg==&mid=2650889518&idx=1&sn=ba617630ef1fac5cd159e0c01ae1fd53) - - [ ] [“冒充领导”类诈骗,卷土重来;|超4000个Web后门通过注册过期域名被劫持](https://mp.weixin.qq.com/s?__biz=MzAxMjE3ODU3MQ==&mid=2650606471&idx=1&sn=120c2e88e30369b733fa97f03501efa5) - - [ ] [Outlaw挖矿僵尸网络近期活动分析](https://mp.weixin.qq.com/s?__biz=MzkxNjU2NjY5MQ==&mid=2247509606&idx=1&sn=50a3a3d1504439cffe889651d80783f9) - - [ ] [2025年网络安全的关键预测](https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651311810&idx=1&sn=0949ff64635d18a43417f0b5f69206dc) - - [ ] [2024年网络空间安全漏洞态势分析研究报告](https://mp.weixin.qq.com/s?__biz=MjM5OTk4MDE2MA==&mid=2655263668&idx=1&sn=ac8c38d0522ed2d4c979644a09ff179d) - - [ ] [PHP_webshell免杀01-变量绕过](https://mp.weixin.qq.com/s?__biz=Mzk0ODY1NzEwMA==&mid=2247485722&idx=1&sn=a2c7c523ae398f2abeb6964e913d5fe1) - - [ ] [技战法免费领取](https://mp.weixin.qq.com/s?__biz=MzU4OTg4Nzc4MQ==&mid=2247505461&idx=1&sn=31702cac17f1ecb8039b4f709027dbba) - - [ ] [赛欧思一周资讯分类汇总(2025-01-06 ~ 2025-01-11)](https://mp.weixin.qq.com/s?__biz=MzU0MjE2Mjk3Ng==&mid=2247488390&idx=1&sn=28a42a161f0dd7b4c89a8ec66f2b3688) - - [ ] [网络安全资讯周报](https://mp.weixin.qq.com/s?__biz=MzkwNjQxOTk1Mg==&mid=2247486048&idx=1&sn=4b9c18e6c9bcd1ed7b24cb583ee574af) - - [ ] [乌克兰黑客杀疯了:斯洛伐克土地登记处遭遇该国历史上最大规模网络攻击](https://mp.weixin.qq.com/s?__biz=MzI2NzAwOTg4NQ==&mid=2649793817&idx=1&sn=31d98bca3e3dddf22ab92e0463ca9e8b) - - [ ] [RedDelta 黑客组织在最新的活动中部署 PlugX 恶意软件](https://mp.weixin.qq.com/s?__biz=MzI2NzAwOTg4NQ==&mid=2649793817&idx=2&sn=e2891ae57a7c8de111ae54c7ce929e6e) - - [ ] [Google Project Zero 研究人员发现针对三星设备的零点击漏洞](https://mp.weixin.qq.com/s?__biz=MzI2NzAwOTg4NQ==&mid=2649793817&idx=3&sn=76e96780b09c070feb5068ffc86b1d38) - - [ ] [安全、运维、网工必备神器——堡垒机,你竟然还不知道?](https://mp.weixin.qq.com/s?__biz=MzIwMzIyMjYzNA==&mid=2247517703&idx=1&sn=50348211d1074a0deed597c3d360d687) - - [ ] [Secator - 渗透测试人员的瑞士军刀](https://mp.weixin.qq.com/s?__biz=Mzk0Mzc1MTI2Nw==&mid=2247486995&idx=1&sn=20ab12dd8d9081f2494ba15ed7357885) - - [ ] [新型Hellcat勒索病毒分析](https://mp.weixin.qq.com/s?__biz=MzA4ODEyODA3MQ==&mid=2247489905&idx=1&sn=d221af8624b76e73a62cffd81d4afb24) - - [ ] [印度发布重磅数据保护法规草案:最高罚款25亿卢比!](https://mp.weixin.qq.com/s?__biz=MzA4NTY4MjAyMQ==&mid=2447900021&idx=1&sn=fc88038644d5a0b0c105263ee4ab7338) - - [ ] [网站域名遭非法盗用篡改,郑州两家公司被行政处罚](https://mp.weixin.qq.com/s?__biz=MzI4NDY2MDMwMw==&mid=2247513467&idx=1&sn=3ea80990fd1c334a5bbf3e29305787b1) - - [ ] [暗网情报:涉国内网络赌博平台用户、泰国矿产、西班牙电信](https://mp.weixin.qq.com/s?__biz=MzkyMjQ5ODk5OA==&mid=2247506720&idx=1&sn=650965b4297334d5e4a6234b8583f8a8) - - [ ] [不容错过!2025年十大顶级网络安全盛会](https://mp.weixin.qq.com/s?__biz=MzkyMjQ5ODk5OA==&mid=2247506720&idx=2&sn=88b06af4662ae0dfcbde4ca62eb88931) - - [ ] [5th域安全微讯早报【20250111】010期](https://mp.weixin.qq.com/s?__biz=MzkyMjQ5ODk5OA==&mid=2247506720&idx=3&sn=af839aa95e78efb7be5e2e06e6b8b2ee) - - [ ] [星禾团队 | 网络安全征程中的温暖与成长](https://mp.weixin.qq.com/s?__biz=MzkyNzY1NzEwMQ==&mid=2247484514&idx=1&sn=04484173f93ff63f798fb1b2a3ed2317) - - [ ] [防务简报丨美国完成B61-12核航弹的延寿计划](https://mp.weixin.qq.com/s?__biz=Mzg2NTYyODgyNg==&mid=2247504378&idx=1&sn=16f19e21d9a01dfc01822f9de3c62558) - - [ ] [大模型安全的漏洞](https://mp.weixin.qq.com/s?__biz=MzAwMjA5OTY5Ng==&mid=2247525574&idx=1&sn=71fbd1aa0ae586008514d626ad81cd1e) - - [ ] [国产化综合红队协同工具TangGo](https://mp.weixin.qq.com/s?__biz=MzkyNzIxMjM3Mg==&mid=2247488858&idx=1&sn=5a77b79821ec4386d514cd9d4778e29b) - - [ ] [被释放前的幻想罢了](https://mp.weixin.qq.com/s?__biz=MzkyNzIxMjM3Mg==&mid=2247488858&idx=2&sn=0446c2906e8992ebc7000672d885bf69) - - [ ] [某电商平台如何在黑客攻击中快速恢复业务?](https://mp.weixin.qq.com/s?__biz=Mzg4NDc0Njk1MQ==&mid=2247487166&idx=1&sn=98a2f1aca47e19e7c549633c8a24edcd) - - [ ] [某初创公司如何用有限预算实现高效安全防护?](https://mp.weixin.qq.com/s?__biz=Mzg4NDc0Njk1MQ==&mid=2247487166&idx=2&sn=16007712fa9ae625a2f68f95f2233bf8) - - [ ] [【oscp】靶机-election](https://mp.weixin.qq.com/s?__biz=Mzg2Nzk0NjA4Mg==&mid=2247497830&idx=1&sn=aa42b57935b72725f2ee5ec3a9dcdc6d) - - [ ] [揭秘威胁情报:企业安全防线的智能守护者!(附下载)](https://mp.weixin.qq.com/s?__biz=MzkyODY5ODAyOA==&mid=2247489198&idx=1&sn=6317dda5d9369d93f16a15df246337f4) - - [ ] [原始数据的防护之基:业务数据化阶段的数据安全建设(第九章)](https://mp.weixin.qq.com/s?__biz=MzkwNTI3MjIyOQ==&mid=2247484108&idx=1&sn=855d8b552ad49246be156a25554fc794) - - [ ] [修电脑](https://mp.weixin.qq.com/s?__biz=MzAwMjQ2NTQ4Mg==&mid=2247496556&idx=1&sn=df372d4fcbabb1a9eb0061fd1481fab5) - - [ ] [寻找隐藏的 API 密钥以及如何使用它们](https://mp.weixin.qq.com/s?__biz=MzkwOTE5MDY5NA==&mid=2247504443&idx=1&sn=909a173e7711238591b789421da6f974) - - [ ] [寒假将至 | 网络安全温馨提醒](https://mp.weixin.qq.com/s?__biz=Mzg5OTg5OTI1NQ==&mid=2247489677&idx=1&sn=9321eb9dd76ad1030c9edc27a3356a64) - - [ ] [侧信道分析测评套件更新-全面支持智能密码钥匙采波分析](https://mp.weixin.qq.com/s?__biz=MzI2NTUyODMwNA==&mid=2247494096&idx=1&sn=80632feea28c999c821305a083fe4055) - - [ ] [关于渗透应急CISP-PTE/CISP-IRE考试重要通知](https://mp.weixin.qq.com/s?__biz=MzIxNTM4NDY2MQ==&mid=2247515671&idx=1&sn=d09813014ef21089c6b16471091ce062) - - [ ] [【神兵利器】红队内网横向之CheeseTools](https://mp.weixin.qq.com/s?__biz=Mzg4MTU4NTc2Nw==&mid=2247494862&idx=1&sn=a00294b52f53901205a725cbe45a81d1) - - [ ] [应急响应靶机训练-Linux1](https://mp.weixin.qq.com/s?__biz=Mzg4MTU4NTc2Nw==&mid=2247494862&idx=2&sn=3ed1520df9278988298a6d804288f6a5) - - [ ] [国家网信办《网络信息内容多渠道分发服务机构相关业务活动管理规定(草案稿)》公开征求意见](https://mp.weixin.qq.com/s?__biz=MzkxNTI2NTQxOA==&mid=2247495920&idx=1&sn=8b95351dff8c95d58566f186d8f3172b) - - [ ] [武汉农商行因“数据管理不到位”等被罚365万](https://mp.weixin.qq.com/s?__biz=MzkxNTI2NTQxOA==&mid=2247495920&idx=2&sn=a4260d13e2e990efb71c627cba215b85) - - [ ] [中国网络空间安全协会发布中文互联网基础语料2.0](https://mp.weixin.qq.com/s?__biz=MzkxNTI2NTQxOA==&mid=2247495920&idx=3&sn=cde62e74e2a71716fed6509658b7fe15) - - [ ] [北京发布数据流通交易领域3项地方标准](https://mp.weixin.qq.com/s?__biz=MzkxNTI2NTQxOA==&mid=2247495920&idx=4&sn=1ee8ba2104e4fae0185c8eb47c32c346) - - [ ] [海南发布《海南省商场超市消费领域个人信息保护合规指引》](https://mp.weixin.qq.com/s?__biz=MzkxNTI2NTQxOA==&mid=2247495920&idx=5&sn=0a9a9bd9c4dbe7e03820563d31e31fc8) - - [ ] [妲己陪你玩,来和妲己玩耍吧!!!](https://mp.weixin.qq.com/s?__biz=Mzk0NDQwMDY1Nw==&mid=2247485639&idx=1&sn=de89f7127fe3b8508d5d032492f2744a) - - [ ] [每周文章分享-194](https://mp.weixin.qq.com/s?__biz=MzI1MTQwMjYwNA==&mid=2247501360&idx=1&sn=4ca6b7627bd52fea89a2d983b898d091) - - [ ] [分享的图片、视频、链接](https://mp.weixin.qq.com/s?__biz=MzkzNTIwNDEwNA==&mid=2247488530&idx=1&sn=ba35cce9938c913e917f5066b51ab338) - - [ ] [【讨论】当网安圈子变得越来越封闭,是否更有利于行业发展?u200b](https://mp.weixin.qq.com/s?__biz=MzU3MjU4MjM3MQ==&mid=2247489532&idx=1&sn=1a00fdd1c1ea4e99f35cb9fdbe525ee2) - - [ ] [分享图片](https://mp.weixin.qq.com/s?__biz=MzI3Njc1MjcxMg==&mid=2247494210&idx=1&sn=7326c6248aa355f405a445d31f896229) - - [ ] [渗透测试 -- 域渗透](https://mp.weixin.qq.com/s?__biz=MzI4MDQ5MjY1Mg==&mid=2247515531&idx=2&sn=d83de3a9eab0093f6533c21c7138aa97) - - [ ] [合理化堆栈:安全供应商整合案例](https://mp.weixin.qq.com/s?__biz=MzA5MzU5MzQzMA==&mid=2652113901&idx=1&sn=e5b249271c7340b3bb1092713434466f) - - [ ] [网信部门严厉打击整治网络水军问题](https://mp.weixin.qq.com/s?__biz=MzA5MzU5MzQzMA==&mid=2652113901&idx=2&sn=ca83165ac442d1d6d45528cf7c479135) - - [ ] [安卓逆向2025 -- Frida学习之hook案例(三)](https://mp.weixin.qq.com/s?__biz=MzA4MzgzNTU5MA==&mid=2652037513&idx=1&sn=5524b6772bc0ebff5ff1608375d7c682) - - [ ] [PC逆向 -- 异常简介](https://mp.weixin.qq.com/s?__biz=MzA4MzgzNTU5MA==&mid=2652037513&idx=2&sn=6cf66c78ed6df9414d26315873a30df7) - - [ ] [日本最大电信公司 NTT Docomo 因 DDoS 攻击瘫痪 12 小时](https://mp.weixin.qq.com/s?__biz=Mzg3ODY0NTczMA==&mid=2247491963&idx=1&sn=3b846beb566a085f5f4a647c6d6cee7a) - - [ ] [常见的网站安全漏洞视频课程](https://mp.weixin.qq.com/s?__biz=MzU3NzY3MzYzMw==&mid=2247499125&idx=2&sn=ed1a771fa6447002aa2fcf070c71c910) - - [ ] [aistudio有两把刷子](https://mp.weixin.qq.com/s?__biz=MzUzMjQyMDE3Ng==&mid=2247487873&idx=1&sn=129a164676242eb9768fdbf20a4b4840) - SecWiki News - - [ ] [SecWiki News 2025-01-11 Review](http://www.sec-wiki.com/?2025-01-11) + - [ ] [SecWiki News 2025-01-12 Review](http://www.sec-wiki.com/?2025-01-12) - Private Feed for M09Ic - - [ ] [spf13 starred trimmer-io/go-xmp](https://github.com/trimmer-io/go-xmp) - - [ ] [tennc starred linexjlin/GPTs](https://github.com/linexjlin/GPTs) - - [ ] [tennc starred PlexPt/awesome-chatgpt-prompts-zh](https://github.com/PlexPt/awesome-chatgpt-prompts-zh) - - [ ] [tennc starred f/awesome-chatgpt-prompts](https://github.com/f/awesome-chatgpt-prompts) - - [ ] [h3zh1 pushed to v0.0.4-patch in chainreactors/malefic](https://github.com/chainreactors/malefic/compare/9bf5e3ab84...3aea9cd265) - - [ ] [zema1 starred P1-Team/AlliN](https://github.com/P1-Team/AlliN) - - [ ] [safedv started following alfarom256](https://github.com/alfarom256) - - [ ] [safedv started following byt3bl33d3r](https://github.com/byt3bl33d3r) - - [ ] [safedv starred FujiwaraChoki/MoneyPrinterV2](https://github.com/FujiwaraChoki/MoneyPrinterV2) - - [ ] [zer0yu starred usagi-flow/evil-helix](https://github.com/usagi-flow/evil-helix) - - [ ] [zer0yu starred librasn/rasn](https://github.com/librasn/rasn) - - [ ] [zer0yu starred y21/tl](https://github.com/y21/tl) - - [ ] [HuYlllc pushed to v0.0.4dev in chainreactors/malice-network](https://github.com/chainreactors/malice-network/compare/3c4541da98...dd59b84145) - - [ ] [INotGreen released XiebroC2-v3.1.7 at INotGreen/XiebroC2](https://github.com/INotGreen/XiebroC2/releases/tag/XiebroC2-v3.1.7) - - [ ] [glzjin forked glzjin/MetasploitCoop_0x727 from 0x727/MetasploitCoop_0x727](https://github.com/glzjin/MetasploitCoop_0x727) - - [ ] [itsKayWat started following M09Ic](https://github.com/M09Ic) + - [ ] [safedv starred m4b/goblin](https://github.com/m4b/goblin) + - [ ] [skelsec released v1.2 at octopwn/octopwn-wasm-documentation](https://github.com/octopwn/octopwn-wasm-documentation/releases/tag/v1.2) + - [ ] [liamg starred Cyan4973/xxHash](https://github.com/Cyan4973/xxHash) + - [ ] [liamg starred ogxd/gxhash](https://github.com/ogxd/gxhash) + - [ ] [liamg starred hybridgroup/go-haystack](https://github.com/hybridgroup/go-haystack) + - [ ] [safedv starred klezVirus/SilentMoonwalk](https://github.com/klezVirus/SilentMoonwalk) + - [ ] [safedv starred Yaxxine7/ASRepCatcher](https://github.com/Yaxxine7/ASRepCatcher) + - [ ] [safedv starred LuemmelSec/APEX](https://github.com/LuemmelSec/APEX) + - [ ] [safedv starred Teach2Breach/snapinject_rs](https://github.com/Teach2Breach/snapinject_rs) + - [ ] [safedv starred djackreuter/btexec](https://github.com/djackreuter/btexec) + - [ ] [safedv starred BlackSnufkin/Rusty-Playground](https://github.com/BlackSnufkin/Rusty-Playground) + - [ ] [panjf2000 starred mudler/LocalAI](https://github.com/mudler/LocalAI) +- Security Boulevard + - [ ] [The Vanity Press in Academia](https://securityboulevard.com/2025/01/the-vanity-press-in-academia/) + - [ ] [DEF CON 32 – Open Source Hacker V. Government Lawyer](https://securityboulevard.com/2025/01/def-con-32-open-source-hacker-v-government-lawyer/) + - [ ] [PCI DSS Requirements With v4.0.1 Updates For 2024](https://securityboulevard.com/2025/01/pci-dss-requirements-with-v4-0-1-updates-for-2024/) + - [ ] [What is PCI DSS 4.0: Is This Still Applicable For 2024?](https://securityboulevard.com/2025/01/what-is-pci-dss-4-0-is-this-still-applicable-for-2024/) +- Doonsec's feed + - [ ] [老牌免杀工具veil免杀](https://mp.weixin.qq.com/s?__biz=MzU4MjYxNTYwNA==&mid=2247487586&idx=1&sn=580b6b99b07e7b2d60df7ccedd172155) + - [ ] [最新公告!可拨打12336举报泄密或保密违法违规行为](https://mp.weixin.qq.com/s?__biz=MzI3NzM5NDA0NA==&mid=2247490237&idx=1&sn=4b60620bdc57dda141d8ec196e6aae9d) + - [ ] [第二届獬豸杯 期望时间统计](https://mp.weixin.qq.com/s?__biz=MzkzNTQzNTQzMQ==&mid=2247485316&idx=1&sn=a79943db1ccb943a5f352bfb659fb23b) + - [ ] [盲猜2024年出生人口,900-930万之间](https://mp.weixin.qq.com/s?__biz=MzkwMzI1ODUwNA==&mid=2247487808&idx=1&sn=b9284860c9b323bee6e1f20a50cd932c) + - [ ] [在 Kali 上利用 Zmap 搭建攻击炮台](https://mp.weixin.qq.com/s?__biz=Mzg3OTUxNTU2NQ==&mid=2247489972&idx=1&sn=bc2d1d4fe2b6fd60fcb4dc23c290f745) + - [ ] [再说 API 安全:52个可被利用的弱点分析](https://mp.weixin.qq.com/s?__biz=Mzg3OTUxNTU2NQ==&mid=2247489972&idx=2&sn=b0255b231297a0608167a5b2afa46867) + - [ ] [探秘缅甸诈骗产业链,美国为何能成为 “例外”?惊人真相曝光!](https://mp.weixin.qq.com/s?__biz=Mzg3OTUxNTU2NQ==&mid=2247489972&idx=3&sn=a1b8e66e4a1273000914f77111051201) + - [ ] [开源情报|军事动态|美国军事医疗AI试点的战略意图分析](https://mp.weixin.qq.com/s?__biz=Mzg2NTcyNjU4Nw==&mid=2247485849&idx=1&sn=04dd254dfb2728a2b9aac91874acd731) + - [ ] [【工具更新】Nessus 最新windows/ubuntu版Cracked(附下载)](https://mp.weixin.qq.com/s?__biz=Mzk0NjQ5MTM1MA==&mid=2247492783&idx=1&sn=f3eb1a652c0c48844181dbe7ef02e859) + - [ ] [HTB-EscapeTwo](https://mp.weixin.qq.com/s?__biz=Mzk0MTQxOTA3Ng==&mid=2247489297&idx=1&sn=b0ffebdfd3a6487f693f72266dfdea81) + - [ ] [奇安信十年战略演变,2025将会去向何方?](https://mp.weixin.qq.com/s?__biz=MzAxOTk3NTg5OQ==&mid=2247492157&idx=1&sn=6ca188023575d8e0b7fe73143bb8b4f6) + - [ ] [沈逸:构建系统性国家战略和完备法律应对网络安全威胁](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485399&idx=1&sn=ed19d839bcd07df958388f69d835d849) + - [ ] [【直卖实拍】北七家3居变4居豪装,理想楼层、户型、朝向](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485399&idx=2&sn=7839308f2bbfb1c87f3f67da9514b04c) + - [ ] [【干货】笑傲职场的独家经验(1)](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485399&idx=3&sn=003268c4507b82995cc22aa9b8be9caf) + - [ ] [【干货原创】实网攻防演习常态化,会带来什么变化01](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485399&idx=4&sn=4bf0aaa6b237c29ebbffca4d8efe20f5) + - [ ] [【干货原创】K12教育,鲜为人知的模式秘密](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485399&idx=5&sn=612460e36200e9070bff5286c1e7641f) + - [ ] [【云安全】AccessKey泄露-安全问题分析](https://mp.weixin.qq.com/s?__biz=MzUyNTUyNTA5OQ==&mid=2247484392&idx=1&sn=c8e8b6f7c95e894a44040d9c69cdd7e6) + - [ ] [【不要看】修复 CS 4.8、4.9 截图保存为空 bug](https://mp.weixin.qq.com/s?__biz=Mzg5MDg0NzUzMw==&mid=2247484343&idx=1&sn=c4f25f132bcc360975cfabf5a10a7d00) + - [ ] [SSRF 漏洞自动化 寻找](https://mp.weixin.qq.com/s?__biz=MzIzMTIzNTM0MA==&mid=2247496832&idx=1&sn=5c72712e20772f2279b09ca9a748afc2) + - [ ] [JeecgBoot passwordChange 任意用户密码重置漏洞](https://mp.weixin.qq.com/s?__biz=MzkzMTcwMTg1Mg==&mid=2247490122&idx=1&sn=53609c160a2964063bb4bc1b113c77b8) + - [ ] [攻防3.0 - 信任攻击](https://mp.weixin.qq.com/s?__biz=MzU0NTI4MDQwMQ==&mid=2247484194&idx=1&sn=cb404b0fcfa2490d458d482fa704e98a) + - [ ] [我的评价是雀氏不错!](https://mp.weixin.qq.com/s?__biz=Mzk0ODM0NDIxNQ==&mid=2247493263&idx=1&sn=ac3d3e4ada3080ab6307d47ef976124e) + - [ ] [又是谁统计📉](https://mp.weixin.qq.com/s?__biz=MzAwMjQ2NTQ4Mg==&mid=2247496568&idx=1&sn=d1c783dfd0596633a2f0987a713d6544) + - [ ] [国护成功溯源的攻击事件](https://mp.weixin.qq.com/s?__biz=MzAwMjQ2NTQ4Mg==&mid=2247496568&idx=2&sn=15d3082cae89edff90bef47052b40e3d) + - [ ] [Sekiro+Yakit 热加载无痛绕sign](https://mp.weixin.qq.com/s?__biz=Mzg4Mzg2MjgxNg==&mid=2247485601&idx=1&sn=d35f997e047ae7ff451a8b0cbdd0fd32) + - [ ] [分享的图片、视频、链接](https://mp.weixin.qq.com/s?__biz=MzkyNTQyMzk0MA==&mid=2247484677&idx=1&sn=d516ac44f6cb69e2fe1d0d790ca55e0a) + - [ ] [2025版最新vmware虚拟机下载安装及使用教程(非常详细)零基础入门到精通,收藏这篇就够了](https://mp.weixin.qq.com/s?__biz=Mzk1NzMwNTM5NQ==&mid=2247483778&idx=1&sn=8f994e5be5db7a988192f9eb5e65d5f3) + - [ ] [我的评价是全是干货](https://mp.weixin.qq.com/s?__biz=Mzg2ODYxMzY3OQ==&mid=2247518178&idx=1&sn=1784f7c0cf09898d76e4898883ec6570) + - [ ] [“WorstFit”学习](https://mp.weixin.qq.com/s?__biz=MzkyODUzMjEzOA==&mid=2247483844&idx=1&sn=4ee90bc1b7dc42b880998bfaadb02af4) + - [ ] [【安全工具】一款免费的APP IOS抓包工具 支持Flutter应用抓包|漏洞探测](https://mp.weixin.qq.com/s?__biz=MzA5MzYzMzkzNg==&mid=2650962428&idx=1&sn=b6d1444de2a91eaf1aa348721b0ce44f) + - [ ] [@所有人,手机、电视可设置地震预警](https://mp.weixin.qq.com/s?__biz=MzA5MzYzMzkzNg==&mid=2650962428&idx=2&sn=385568e41c3f6747ea879e9d5d2fee80) + - [ ] [2025年1月哪一款手机性价比高?全品牌、全价位手机推荐与选购指南(万字版)](https://mp.weixin.qq.com/s?__biz=MzA5MzYzMzkzNg==&mid=2650962428&idx=3&sn=c2c40168926041d7f0ed19353de9df69) + - [ ] [【艺术鉴赏】抖音直播更新,睡眠更新小一熟了视频](https://mp.weixin.qq.com/s?__biz=MzA5MzYzMzkzNg==&mid=2650962428&idx=4&sn=f5d5c2e737809957a84698e2f020f2c6) + - [ ] [【漏洞复现】CVE-2024-50603](https://mp.weixin.qq.com/s?__biz=MzUxMTk4OTA1NQ==&mid=2247484899&idx=1&sn=ebdbb1fe5f94622276851862e5a4dbb5) + - [ ] [国家保密局公告!](https://mp.weixin.qq.com/s?__biz=MzI5NTM4OTQ5Mg==&mid=2247633750&idx=1&sn=218e67e73d6e8930e26ddb1c7bfca532) + - [ ] [扎实推动数据工作取得新突破新进展,全国数据工作会议在京召开](https://mp.weixin.qq.com/s?__biz=MzI5NTM4OTQ5Mg==&mid=2247633750&idx=2&sn=1c888a7557747fd2599fcb1e431e5747) + - [ ] [网络安全市场正面临“红海”困境](https://mp.weixin.qq.com/s?__biz=MzI5NTM4OTQ5Mg==&mid=2247633750&idx=3&sn=13095461ade11d1fd2e6c3a2b593979f) + - [ ] [2025 年美国军费的 3%(300 亿美元)用于网络安全](https://mp.weixin.qq.com/s?__biz=MzI5NTM4OTQ5Mg==&mid=2247633750&idx=4&sn=cc30ff23a8d536a16b5c79922cbe6dd4) + - [ ] [首次!欧盟官方因违反数据保护法规向用户赔偿3000元](https://mp.weixin.qq.com/s?__biz=MzI5NTM4OTQ5Mg==&mid=2247633750&idx=5&sn=ebc4a68c6f3c91b3d97e4e88828499a3) + - [ ] [【极思】安全运营第6年实践总结](https://mp.weixin.qq.com/s?__biz=MzI2NTMwNjYyMA==&mid=2247484980&idx=1&sn=f83670f089e041e2071a66c2436c1e2b) + - [ ] [Powershell使用指南](https://mp.weixin.qq.com/s?__biz=Mzk1Nzk0NDY3Nw==&mid=2247484058&idx=1&sn=278d5f6c0faf6206a391f655f08af6e1) + - [ ] [【网络安全实验室】渗透测试综合实战](https://mp.weixin.qq.com/s?__biz=Mzg5NTU2NjA1Mw==&mid=2247495993&idx=1&sn=d979b7c06d07e0afdff5f066d3ad97d3) + - [ ] [《黑客安全报告2024-2025》第 8 版请查阅](https://mp.weixin.qq.com/s?__biz=MzA3MTM0NTQzNA==&mid=2455780124&idx=1&sn=65a340bd360728d417c9379976fe1de2) + - [ ] [DC靶场系列--DC-3](https://mp.weixin.qq.com/s?__biz=Mzk1NzIzMzQ3OA==&mid=2247484222&idx=1&sn=34a784d7d46663dd4452ad71caa78152) + - [ ] [从车内入侵检测到攻击防护响应](https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247619327&idx=1&sn=ee4dbe6a3305f75cbd3566da337518b3) + - [ ] [GB T 汽车信息安全应急响应管理指南-市场监督总局、国标委 (征求意见稿)](https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247619327&idx=2&sn=9774d4bb12c8732e5292772f6445cce1) + - [ ] [GB T 41871-2022 信息安全技术u3000汽车数据处理安全要求](https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247619327&idx=3&sn=6b9e0fe22c31420d410f000fa3e46abc) + - [ ] [蓝凌OA WebService sysFormMainDataInsystemWebservice 任意文件读取漏洞](https://mp.weixin.qq.com/s?__biz=MzkzMTcwMTg1Mg==&mid=2247490110&idx=1&sn=f8eff8b0b09439af303df311d04a6b75) + - [ ] [Qt 开源 Serial Studio 支持串口、MQTT、BLE的嵌入式可视化工具](https://mp.weixin.qq.com/s?__biz=MjM5OTA4MzA0MA==&mid=2454936573&idx=1&sn=fd087acdd19e1ec79e0d44f75ecd1ee2) + - [ ] [学术前沿 | 国防科技大学李爱平教授团队:物联网威胁情报知识图谱综述](https://mp.weixin.qq.com/s?__biz=MzI0NjU2NDMwNQ==&mid=2247504588&idx=1&sn=2d8592df92f5803bf485752d5f217d87) + - [ ] [21124_ctfshow_misc_原谅3_来份色图xa0writeup](https://mp.weixin.qq.com/s?__biz=MzU2NzIzNzU4Mg==&mid=2247489475&idx=1&sn=759bb9966312d2339d39de30003fd7ce) + - [ ] [【安全圈】腾讯协助警方破获木马盗窃游戏账号案,涉案金额超 3000 万](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067304&idx=1&sn=e99889dcbf4e15a2ad7a2217e3f850a3) + - [ ] [【安全圈】勒索木马 Banshee 针对苹果 macOS 下手,冒充安全组件躲避检测](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067304&idx=2&sn=72944b1de7bb9205840492e28ba936b4) + - [ ] [【安全圈】卡西欧遭勒索软件攻击?8500人数据被窃取!](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067304&idx=3&sn=1f094579cd41cb8e1f1583f6eb592503) + - [ ] [知识星球xa0|xa0网安战略技术、网安产业分析等资源更新;历年网安报告、PPT合集下载](https://mp.weixin.qq.com/s?__biz=MzU5ODgzNTExOQ==&mid=2247634477&idx=1&sn=f16b5cd9732e725dd39a79d93e3e0c0f) + - [ ] [2025-悟已往之不谏](https://mp.weixin.qq.com/s?__biz=Mzg3NzIxMDYxMw==&mid=2247504320&idx=1&sn=b8e11abf5072713197e1a08b31c69af6) + - [ ] [红队-shell编程基础(六)](https://mp.weixin.qq.com/s?__biz=Mzk1Nzk2NjI3Ng==&mid=2247483783&idx=1&sn=740cf22cc7407823de45414e1b6ef1f5) + - [ ] [天空卫士10周年丨积厚致远,迈十而强](https://mp.weixin.qq.com/s?__biz=MzA5MjQyODY1Mw==&mid=2648516486&idx=1&sn=c0445ec208cb5f49a0321affaef6ccf9) + - [ ] [基于Davinci的HSM开发实践(13):安全启动细节补充](https://mp.weixin.qq.com/s?__biz=MzIzOTc2OTAxMg==&mid=2247548768&idx=1&sn=70a8095e6736bfc1cc2494205bb147bf) + - [ ] [新能源汽车之CAN总线知识](https://mp.weixin.qq.com/s?__biz=MzIzOTc2OTAxMg==&mid=2247548768&idx=2&sn=8041069d0b6f147683ef5036e7de0ab8) + - [ ] [扫码下载 | 电信行业关键信息基础设施安全保护安全管理总体要求](https://mp.weixin.qq.com/s?__biz=MjM5OTk4MDE2MA==&mid=2655263760&idx=1&sn=76ef227352966eeaacd31da36db50522) + - [ ] [流程控制语句](https://mp.weixin.qq.com/s?__biz=MzkzODQzNTU2NA==&mid=2247486287&idx=1&sn=805850077aa1f925c8fc7f5264c79fce) + - [ ] [ptcpdump,一个让黑客无处遁形的网络分析神器|突破传统tcpdump限制,精准定位容器环境下的恶意流量](https://mp.weixin.qq.com/s?__biz=MzI5MjY4MTMyMQ==&mid=2247489633&idx=1&sn=7b7974900e912926da197b141b8b03c8) + - [ ] [亿赛通-9处SQL注入](https://mp.weixin.qq.com/s?__biz=MzkyOTg3ODc5OA==&mid=2247484155&idx=1&sn=26084264025488750f67307d91e78787) + - [ ] [工信部:2024年我国网络和数据安全取得新突破](https://mp.weixin.qq.com/s?__biz=MzkwMTMyMDQ3Mw==&mid=2247597394&idx=1&sn=484fc5f368eeaa52c803449704426e63) + - [ ] [《网络数据安全管理条例》有哪些亮点?](https://mp.weixin.qq.com/s?__biz=MzkwMTMyMDQ3Mw==&mid=2247597394&idx=2&sn=a16caf62b43639fb28e4cf0d6382e6db) + - [ ] [网站域名遭非法盗用篡改,郑州两家公司被行政处罚](https://mp.weixin.qq.com/s?__biz=MzkwMTMyMDQ3Mw==&mid=2247597394&idx=3&sn=6a9956452b2a1f329ba8bd4b07f8ba28) + - [ ] [网络工程师成长之路:从零基础到技术大牛的进阶指南!](https://mp.weixin.qq.com/s?__biz=MzIyMzIwNzAxMQ==&mid=2649464462&idx=1&sn=8a4209e9983e719ed78815096cf9874f) + - [ ] [Kunlun-Mirror源代码审计工具](https://mp.weixin.qq.com/s?__biz=Mzk0Mjg4MTQxMw==&mid=2247485551&idx=1&sn=f80a57db32ca3494a91c9da832e56af3) + - [ ] [我只想要一个 CVE-2024-30085 Exploit 作为圣诞礼物](https://mp.weixin.qq.com/s?__biz=MzAxODM5ODQzNQ==&mid=2247486285&idx=1&sn=8188907190a4d5beb3fed38fd5275049) + - [ ] [无敌了,这5个SSH客户端也太好用了!](https://mp.weixin.qq.com/s?__biz=MzUyNTExOTY1Nw==&mid=2247527831&idx=1&sn=171ff0749c760a4ff3d785751f5b369c) + - [ ] [国家重点研发计划“分布式无证书网络身份系统的关键技术”2025第一季度项目研讨会议在北京举行](https://mp.weixin.qq.com/s?__biz=Mzk0MDMwNjU3Ng==&mid=2247484583&idx=1&sn=e8a5d1eb7a8bc73b0936d6ff109e7f26) + - [ ] [因违反数据安全、信用信息管理规定等,又一家银行被罚](https://mp.weixin.qq.com/s?__biz=MzIxMDIwODM2MA==&mid=2653931396&idx=1&sn=53a89c643400992dcf65cb058efedea8) + - [ ] [网安全牛马注意了!!!某提权工具被投毒植入后门](https://mp.weixin.qq.com/s?__biz=Mzg2NTk4MTE1MQ==&mid=2247486453&idx=1&sn=9b0269672a20c13f853f4df1deb3b50f) + - [ ] [【相关分享】记一次小程序逻辑漏洞](https://mp.weixin.qq.com/s?__biz=Mzk0OTUwNTU5Nw==&mid=2247488478&idx=1&sn=0e94195de32c6cc2af2df00db511b92a) + - [ ] [接到领导指示](https://mp.weixin.qq.com/s?__biz=MzkwNDg1NTU0Mg==&mid=2247484366&idx=1&sn=3d2fa1e9ef24575bac2f68d64da1bc68) + - [ ] [Bleem: 面向数据包序列的协议模糊测试 | 技术进展](https://mp.weixin.qq.com/s?__biz=MzU1NTEzODc3MQ==&mid=2247486874&idx=1&sn=311b59a1953758bc2f69485cbf107d4b) + - [ ] [孙凝晖院士:建设面向智能时代的国家数据基础设施](https://mp.weixin.qq.com/s?__biz=Mzg4MDU0NTQ4Mw==&mid=2247528560&idx=1&sn=916a81824870f383b56330f6df479448) + - [ ] [智库报告 | 人工智能领域的六大预测](https://mp.weixin.qq.com/s?__biz=Mzg4MDU0NTQ4Mw==&mid=2247528560&idx=2&sn=babe127daba4c7530d8fab4f1f929d81) + - [ ] [【工具分享】攻防利器 - ProxyCat 轻量级代理池轮换工具](https://mp.weixin.qq.com/s?__biz=Mzg4MTkwMTI5Mw==&mid=2247488604&idx=1&sn=fe8a84631ecdf0cdfdcbd71c55b2937f) + - [ ] [【供应链攻击】使用Proxy SwitchyOmega (V3)版本的了解一下](https://mp.weixin.qq.com/s?__biz=MzkzNDIzNDUxOQ==&mid=2247494189&idx=1&sn=ba54efd6acd2d1ffd162f44149cbd9dc) + - [ ] [如何在Ansible中轻松实现复杂SSH跳转?这个参数搞定](https://mp.weixin.qq.com/s?__biz=MjM5OTc5MjM4Nw==&mid=2457385987&idx=1&sn=1acdbabefa8f2844520839562450287c) + - [ ] [网络安全领域研究人员遭遇假PoC专项攻击](https://mp.weixin.qq.com/s?__biz=MzI0MTE4ODY3Nw==&mid=2247492518&idx=1&sn=d4196de8b812e3a2d29209b50328cec0) + - [ ] [请一等奖获奖选手私聊领取奖励](https://mp.weixin.qq.com/s?__biz=MzI5MzkwMzU1Nw==&mid=2247485224&idx=1&sn=dc0d2fc4dbe9c289ecf727c067e6349c) + - [ ] [通过代码研究空字节和无文件方式注册表隐藏技术](https://mp.weixin.qq.com/s?__biz=MjM5NDcxMDQzNA==&mid=2247489348&idx=1&sn=29c8552f1aaa9e42c2b836be06f5f795) + - [ ] [BurpSuite插件之autoDecoder](https://mp.weixin.qq.com/s?__biz=Mzk1NzIzOTc5MQ==&mid=2247484054&idx=1&sn=32f69a3a0f79604736097b850a15d317) + - [ ] [2024龙信年终技术考核参考WP](https://mp.weixin.qq.com/s?__biz=Mzk0MTQzNjIyNg==&mid=2247493354&idx=1&sn=02c0c4f95a8dbadb54bbf82b04aa84db) + - [ ] [吐槽一下某位记性差的情报大佬](https://mp.weixin.qq.com/s?__biz=MzU5OTMxNjkxMA==&mid=2247488423&idx=1&sn=bc632db8cfabe6b70249ad6a603c32d1) + - [ ] [联合国国际民航组织(ICAO)遭黑客攻击,4.2万份文件泄露!全球航空安全面临新威胁?](https://mp.weixin.qq.com/s?__biz=MzA4NTY4MjAyMQ==&mid=2447900023&idx=1&sn=abbeb590028956425cc68d46bfeaa940) + - [ ] [JS中的漏洞信息](https://mp.weixin.qq.com/s?__biz=MzU2NzY5MjAwNQ==&mid=2247486764&idx=1&sn=69cdc86ba9528ef7448abb4bdd976484) + - [ ] [自建IPTV源iptv-sources](https://mp.weixin.qq.com/s?__biz=MzkxMzIwNTY1OA==&mid=2247510709&idx=1&sn=0ba982135c9676de49536fc693b7eb38) + - [ ] [什么是IPV4?个人有吗?怎么获得?](https://mp.weixin.qq.com/s?__biz=MzkyMTQzNTM3Ng==&mid=2247483863&idx=1&sn=619d9fb761418b2cb752cf729f31e2f1) + - [ ] [在spring-aop中挖掘新反序列化gadget-chain](https://mp.weixin.qq.com/s?__biz=Mzg2MDY2ODc5MA==&mid=2247484198&idx=1&sn=6b6a82bb543e879295b7cd2d85f3a37f) + - [ ] [什么?资深高级红队队长已经在研究超能力黑电脑了?](https://mp.weixin.qq.com/s?__biz=Mzg2NDg2MDIxNQ==&mid=2247485319&idx=1&sn=ad8f40bdb5b1c07dc233047b958df904) + - [ ] [网安原创文章推荐【2025/1/11】](https://mp.weixin.qq.com/s?__biz=MzAxNzg3NzMyNQ==&mid=2247489441&idx=1&sn=4c04b2d66f2fec8cef967dd2579359f8) + - [ ] [「漏洞复现」某源地产ERP Service.asmx X-Forwarded-For注入漏洞](https://mp.weixin.qq.com/s?__biz=MzkyNDY3MTY3MA==&mid=2247486739&idx=1&sn=6463b2b41421b6514b200a5d9b397ac6) + - [ ] [IDA技巧(99)IDA 枚举类型](https://mp.weixin.qq.com/s?__biz=MzI1Mjk2MTM1OQ==&mid=2247485212&idx=1&sn=7bb441b2d54ca6a4df55ddbc5940888b) + - [ ] [ISO 14001: 2015 标准详解与实施(7)5.3 组织的角色、职责和权限](https://mp.weixin.qq.com/s?__biz=MzA5OTEyNzc1Nw==&mid=2247485913&idx=1&sn=ee0d2911362dd63adba8d841e38363ae) + - [ ] [ISO 45001: 2018 标准详解与实施(7)5.3 组织的角色、职责和权限](https://mp.weixin.qq.com/s?__biz=MzA5OTEyNzc1Nw==&mid=2247485913&idx=2&sn=2a32b64b88721f6b0653db89c30e9344) + - [ ] [古河大佬发现CVE-2024-49113 被黑客利用,发布恶意 PoC(好害怕发布带毒 poc 啊)](https://mp.weixin.qq.com/s?__biz=MzkzNDIzNDUxOQ==&mid=2247494172&idx=1&sn=8437b6bd83d4cea051dbc558260056d8) + - [ ] [独家揭秘:chatgpt帮你快速锁定高分伦理学论文选题指南!](https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247486113&idx=1&sn=f727b3d4b79cb12fbbdec06949fbfd96) + - [ ] [独家揭秘:ChatGPT快速生成放射医学高质量论文初稿指南。](https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247486113&idx=2&sn=2d975ff5f459526b25046d0d25e9b9fa) + - [ ] [独家揭秘:ChatGPT助力广告学论文初稿快速生成的内部攻略!](https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247486113&idx=3&sn=8ef4aa139f805205d0d62ff888cd5769) + - [ ] [独家揭秘!9年材料科研老兵的文献搜集内部绝密指南。](https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247486113&idx=4&sn=e30c9d109ab824323c910f78e80e50a7) + - [ ] [独家揭秘!用AI辅助网络安全论文初稿快速生成的高分攻略。](https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247486113&idx=5&sn=6b31a2c29bbce13ead1650e69a695cde) + - [ ] [不是,哥!你们网安圈那么抽象的么?](https://mp.weixin.qq.com/s?__biz=MzkwODI1ODgzOA==&mid=2247506503&idx=1&sn=c305dff91ced69c5b1f9ff5ddafd807d) + - [ ] [实战 | 域环境下通过anydesk进入生产网](https://mp.weixin.qq.com/s?__biz=MzUyODkwNDIyMg==&mid=2247546664&idx=1&sn=fd057d1a7854dfa5f0ebd433ee1ed398) + - [ ] [区块链 智能合约安全 重入漏洞](https://mp.weixin.qq.com/s?__biz=MzUyODkwNDIyMg==&mid=2247546664&idx=2&sn=4c18d53fa9dcc5cfebddcb4102d7baaf) + - [ ] [东盟地区APT攻击趋势:聚焦网络安全的新战场](https://mp.weixin.qq.com/s?__biz=Mzg3OTYxODQxNg==&mid=2247485596&idx=1&sn=f4d528677329d17c835b53e3aaa7feb4) + - [ ] [新春活动,翻倍奖金!福利享不停~](https://mp.weixin.qq.com/s?__biz=MzU5MDg0MDc2MQ==&mid=2247496518&idx=1&sn=f48a22cd763034d2dc47db5ee28720ec) + - [ ] [Csrf与Json劫持](https://mp.weixin.qq.com/s?__biz=Mzk0ODY1NzEwMA==&mid=2247485772&idx=1&sn=59e0c43184aaddec6997502fdda3a2be) + - [ ] [微信小程序抓包方式](https://mp.weixin.qq.com/s?__biz=Mzg4NDg3NjE5MQ==&mid=2247485114&idx=1&sn=fb9b1348eac1586c93d73aadc659a3bc) + - [ ] [通过高效的侦察发现关键漏洞接管整个IT基础设施](https://mp.weixin.qq.com/s?__biz=MzI4NTcxMjQ1MA==&mid=2247615101&idx=1&sn=1c11d3cd73b424e3335a64efba88679c) + - [ ] [通知 | 国家网信办就《网络信息内容多渠道分发服务机构相关业务活动管理规定(草案稿)》公开征求意见(附全文)](https://mp.weixin.qq.com/s?__biz=MzkwMTQyODI4Ng==&mid=2247495559&idx=1&sn=2ad25e8767f0eeb988faea4eb4cdd255) + - [ ] [警惕!暗网市场现最新高级免杀服务,可长期绕过主流安全检测](https://mp.weixin.qq.com/s?__biz=MzkyMjQ5ODk5OA==&mid=2247506753&idx=1&sn=c6dacf9030910a5b9eddc826030afb99) + - [ ] [2025年需要防范的五大恶意软件](https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651311815&idx=3&sn=e6c5675db6f0e57973dcd1817459dc10) + - [ ] [盘点网络安全行业那些让领导深恶痛绝的性格!](https://mp.weixin.qq.com/s?__biz=MzUzNjkxODE5MA==&mid=2247488025&idx=1&sn=7e84e26f46b61dd1cc258a94d2ed3773) + - [ ] [春节反诈常识](https://mp.weixin.qq.com/s?__biz=MzA5MTYyMDQ0OQ==&mid=2247493510&idx=1&sn=8e5f68e91641ea3a040bf4ca8c1b09f5) + - [ ] [今日截止!第八届西湖论剑大赛报名将于今日18:00截止~](https://mp.weixin.qq.com/s?__biz=MzU1MzE3Njg2Mw==&mid=2247510220&idx=1&sn=f4a316f50a355d874b4cc38ae4dad77e) + - [ ] [文件包含漏洞等你来看](https://mp.weixin.qq.com/s?__biz=MzI5MTIwOTQ5MA==&mid=2247487572&idx=1&sn=598542b01490ec8a8f9825c4a20f54f6) + - [ ] [【小技巧】怎么调整Burpsuite的字体大小](https://mp.weixin.qq.com/s?__biz=MzI5MTIwOTQ5MA==&mid=2247487572&idx=2&sn=0bd5f93b72cf2c55ffffda9d7371e9e2) + - [ ] [2024年安全四大顶会大陆学者发表论文数量统计](https://mp.weixin.qq.com/s?__biz=MzA3OTQ4OTY5OA==&mid=2653147892&idx=1&sn=9a0a042a06d5b484ffb1d89f756a5ebf) + - [ ] [2024年安全七大顶会大陆机构发表论文数量统计](https://mp.weixin.qq.com/s?__biz=MzA3OTQ4OTY5OA==&mid=2653147891&idx=1&sn=0f9c47eabb0b5502f154baafa3b2ae52) + - [ ] [2024年三大密码会大陆机构发表论文数量统计](https://mp.weixin.qq.com/s?__biz=MzA3OTQ4OTY5OA==&mid=2653147890&idx=1&sn=57d4ab5822b35e22a3d319af3510309b) + - [ ] [实战|记一次代码审计打穿多所高校](https://mp.weixin.qq.com/s?__biz=MzkyMjM5NDM3NQ==&mid=2247486202&idx=1&sn=2d35a85c8d1a352feea4382d8f6f9825) + - [ ] [2024年安全四大顶会大陆机构发表论文数量统计](https://mp.weixin.qq.com/s?__biz=MzA3OTQ4OTY5OA==&mid=2653147889&idx=1&sn=be077ae32c22ef2d64f3d53755ddbfa8) + - [ ] [信奥之路:从启蒙到卓越](https://mp.weixin.qq.com/s?__biz=MzU2NDY2OTU4Nw==&mid=2247518166&idx=1&sn=fc5e06eaa2e74d5cf545596d51ae8f93) + - [ ] [2025年,我们应当如何保护云安全?](https://mp.weixin.qq.com/s?__biz=Mzg3NTY0MjIwNg==&mid=2247485476&idx=1&sn=c22f13f338cc253e4e31b0b59753d950) + - [ ] [大量恶意npm包盯上了开发者](https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651311815&idx=1&sn=40eddfee1242b4b1518db9b0ecb9e786) + - [ ] [一周网安优质PDF资源推荐丨FreeBuf知识大陆](https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651311815&idx=2&sn=f9bf7b789caff212720edecb5c9fb294) + - [ ] [XXEinjector:一款功能强大的自动化XXE注射工具](https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651311815&idx=4&sn=ed616b030da36e54593c0510d6d4aa8a) + - [ ] [VxWorks固件系统研究技术总结一](https://mp.weixin.qq.com/s?__biz=MjM5MjEyMTcyMQ==&mid=2651037259&idx=1&sn=ec2f0980685456e15ec5ae58b3fe415b) + - [ ] [JS Hook脚本分享 | Fixed_window_size](https://mp.weixin.qq.com/s?__biz=MzkzNTcwOTgxMQ==&mid=2247485275&idx=1&sn=513575ad84bb71853764c14c16a001be) + - [ ] [上海市智算中心建设导则(2025年版)](https://mp.weixin.qq.com/s?__biz=MjM5OTk4MDE2MA==&mid=2655263752&idx=1&sn=a4c7652b7d0d40f08fadfb47500374cb) + - [ ] [2024年安全运营五大关键词](https://mp.weixin.qq.com/s?__biz=MjM5OTk4MDE2MA==&mid=2655263752&idx=2&sn=ee7b4367fd9b5533336d41bae1a41cc0) + - [ ] [GB∕T 44463-2024 互联网数据中心(IDC)总体技术要求](https://mp.weixin.qq.com/s?__biz=MjM5OTk4MDE2MA==&mid=2655263752&idx=3&sn=90ce4438de76976c8cccebfe506f6782) + - [ ] [GA∕T 2147-2024 公安视频图像信息系统安全事件分类分级指南](https://mp.weixin.qq.com/s?__biz=MjM5OTk4MDE2MA==&mid=2655263752&idx=4&sn=1a8d313b56c5fe6f5ee4103ef527ae53) + - [ ] [YD∕T 6030-2024 物联网基础安全 网关管理平台安全分级分类管理技术要求](https://mp.weixin.qq.com/s?__biz=MjM5OTk4MDE2MA==&mid=2655263752&idx=5&sn=052472828db8ad3933d76e0196e72577) + - [ ] [YD∕T 6034-2024 互联网域名服务信息安全管理要求](https://mp.weixin.qq.com/s?__biz=MjM5OTk4MDE2MA==&mid=2655263752&idx=6&sn=bd634c27f8a75d8ead0eabaa019c50b0) + - [ ] [YD∕T 6036-2024 移动智能终端安全态势感知平台技术要求](https://mp.weixin.qq.com/s?__biz=MjM5OTk4MDE2MA==&mid=2655263752&idx=7&sn=775ad59404f783eb2cd05ff69b611d68) + - [ ] [YD∕T 6038-2024 物联网基础安全 物联网平台安全分级分类管理技术要求](https://mp.weixin.qq.com/s?__biz=MjM5OTk4MDE2MA==&mid=2655263752&idx=8&sn=43d084f3e379735cb0e52f6e73f60c91) + - [ ] [新的国家情报标准如何使整个社会的 OSINT 专业化](https://mp.weixin.qq.com/s?__biz=MzkxMDIwMTMxMw==&mid=2247494404&idx=1&sn=17c743018b0e4c33f9e4b39670e0bdb8) + - [ ] [【资料】全球和平、恐怖主义、军事化、生态威胁等指数](https://mp.weixin.qq.com/s?__biz=MzI2MTE0NTE3Mw==&mid=2651148514&idx=1&sn=3662709654286db5bff36e15df25195b) + - [ ] [.NET内网实战:通过密码喷射遍历域账户](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498161&idx=1&sn=be37da545ba59c118c2d8331ddebf95e) + - [ ] [.NET 安全攻防知识交流社区](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498161&idx=2&sn=cb9eb4af6f38a0fdf4bec4b4c0b9af0e) + - [ ] [.NET 第54期红队武器库和资源汇总](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498161&idx=3&sn=0bdf117aa614c48e6e2fa2e51a3e83eb) + - [ ] [美国军事资金的3%(300亿美元)专款用于网络安全建设](https://mp.weixin.qq.com/s?__biz=MzkwNDI0MjkzOA==&mid=2247485648&idx=1&sn=9d2a476f4ca9e09f4e586b461c5e540b) + - [ ] [【警惕!】带着脑子辨别网安传销与培训诈骗](https://mp.weixin.qq.com/s?__biz=MzkxMTUwOTY1MA==&mid=2247489979&idx=1&sn=7504423edbf1814042a0cd8721329e53) + - [ ] [海康威视AK/SK泄露利用](https://mp.weixin.qq.com/s?__biz=MzU0MTc2NTExNg==&mid=2247491476&idx=1&sn=f36ac4a80164cf5e6fcc8d37c6123ab8) + - [ ] [2025开年大瓜:七年红队大牛教你什么是《炮塔》](https://mp.weixin.qq.com/s?__biz=MzkyOTQzNjIwNw==&mid=2247491387&idx=1&sn=318437e24f0dee591576c17b1865f082) + - [ ] [禅道CMS开源版SQL注入漏洞分析](https://mp.weixin.qq.com/s?__biz=Mzk0Mzc1MTI2Nw==&mid=2247487016&idx=1&sn=740c4dccda5bc675cb15d583a7867ad6) + - [ ] [【电子取证入门电子书】DFIR蘇小沐电子数据取证实务教程v20250110](https://mp.weixin.qq.com/s?__biz=Mzg3NTU3NTY0Nw==&mid=2247489493&idx=1&sn=c1cefd6ab9f90e9a27866ee920c4f9c9) + - [ ] [从被撤稿看网络安全法](https://mp.weixin.qq.com/s?__biz=MzkxNTY4NTQwMg==&mid=2247484243&idx=1&sn=45bfda4281542cab87e4c57741928f3a) + - [ ] [Yarr:一款简洁高效的 RSS 阅读器,让你轻松追蹤资讯!](https://mp.weixin.qq.com/s?__biz=MzA4MjkzMTcxMg==&mid=2449046655&idx=1&sn=683d1691190a69cc712b6b914ae85d74) + - [ ] [CISA紧急警告:Oracle与Mitel高危漏洞正被攻击者利用,企业需立即修复!](https://mp.weixin.qq.com/s?__biz=MzA4NTY4MjAyMQ==&mid=2447900022&idx=1&sn=468ab732933d168f76e10f10d930551d) + - [ ] [使用 LeakIX 查找易受攻击的主机](https://mp.weixin.qq.com/s?__biz=MzkwOTE5MDY5NA==&mid=2247504444&idx=1&sn=ca2fbdb4c118e45c099026b71f549f33) + - [ ] [2024年度上海网络与信息安全测评工程技术研究中心开放课题申请指南](https://mp.weixin.qq.com/s?__biz=MzU5MTM5MTQ2MA==&mid=2247491552&idx=1&sn=f1a376f0e49cff2ddca8fd74d0ecb5d9) + - [ ] [为啥找黑客帮忙的人,绝大多数都上当了呢?](https://mp.weixin.qq.com/s?__biz=MzkxMjYxODcyNA==&mid=2247485444&idx=1&sn=b7d97d3a17d6472120303b2c242c4bcb) + - [ ] [NETworkManager 强大的网络管理工具](https://mp.weixin.qq.com/s?__biz=MzkyNzIxMjM3Mg==&mid=2247488859&idx=1&sn=b74a7ab8bb978845a04a6f96cf7f17d6) + - [ ] [魔怔了](https://mp.weixin.qq.com/s?__biz=MzkyNzIxMjM3Mg==&mid=2247488859&idx=2&sn=57f256d8d6bd915fbb90714b789e06a2) + - [ ] [21119_ctfshow_misc_1024_重新签到xa0writeup](https://mp.weixin.qq.com/s?__biz=MzU2NzIzNzU4Mg==&mid=2247489458&idx=1&sn=a04fdf96f697a07c4c6f042dda66b812) + - [ ] [在线游戏靶场【overthewire.org】之linux基础练兵场](https://mp.weixin.qq.com/s?__biz=MzAxNTg1MDYxNA==&mid=2247488316&idx=1&sn=0d2d1f896068b716e0ddf57a87a7fe08) + - [ ] [来啊、浑蛋、那就对着我打!!!](https://mp.weixin.qq.com/s?__biz=Mzk0NDQwMDY1Nw==&mid=2247485783&idx=1&sn=18cd0973bc2d333b15a3053c155729b4) + - [ ] [2024年中网络安全威胁全解析:你,我,都身处其中(附下载)](https://mp.weixin.qq.com/s?__biz=MzkyODY5ODAyOA==&mid=2247489199&idx=1&sn=84d006f71c9995570547e4f7fb6df985) + - [ ] [国外:一周网络安全态势回顾之第81期](https://mp.weixin.qq.com/s?__biz=Mzg2NjY2MTI3Mg==&mid=2247498173&idx=1&sn=7afa71c7e7649ce5daf390576355983e) + - [ ] [暗网情报五则:涉美财政部数据泄露、以色列军队医院、中国股票业务公司数据、中国汽车经销商客户关系数据等](https://mp.weixin.qq.com/s?__biz=MzkyMjQ5ODk5OA==&mid=2247506753&idx=2&sn=2a87fbe42656da803e7b40a2b53ae278) + - [ ] [每周网安态势概览【20250112】002期](https://mp.weixin.qq.com/s?__biz=MzkyMjQ5ODk5OA==&mid=2247506753&idx=3&sn=5f0dfaa5af1377939b33c49069ee361f) + - [ ] [广西多家企业不履行网络安全保护义务被依法处罚](https://mp.weixin.qq.com/s?__biz=MzkxNTI2NTQxOA==&mid=2247495935&idx=1&sn=8e944270687efaf0287b59b0c6b1509a) + - [ ] [中信银行日照分行因“未及时处置数据安全漏洞风险”等被罚54万元](https://mp.weixin.qq.com/s?__biz=MzkxNTI2NTQxOA==&mid=2247495935&idx=2&sn=00a08f04efcb34f608a0a212fe9f18a0) + - [ ] [中国证监会《期货公司互联网营销管理规定(征求意见稿)》公开征求意见](https://mp.weixin.qq.com/s?__biz=MzkxNTI2NTQxOA==&mid=2247495935&idx=3&sn=59120d2fb2aa126651098e343db5d757) + - [ ] [假冒地图软件应用推广员 诈骗团伙盗取信息非法获利](https://mp.weixin.qq.com/s?__biz=MzkxNTI2NTQxOA==&mid=2247495935&idx=4&sn=2310f32e2838a70b5d64d6283d7c3b00) + - [ ] [这些网安“传奇产品”都凉了?](https://mp.weixin.qq.com/s?__biz=Mzg5OTg5OTI1NQ==&mid=2247489685&idx=1&sn=cb450029238b217c0e62810c2d9ea3e4) + - [ ] [【神兵利器】 Socks5 代理采集与使用工具](https://mp.weixin.qq.com/s?__biz=Mzg4MTU4NTc2Nw==&mid=2247494929&idx=1&sn=593a633db1de3399bf433ffed8be4bcc) + - [ ] [Linux环境反弹shell原理与姿势](https://mp.weixin.qq.com/s?__biz=Mzg4MTU4NTc2Nw==&mid=2247494929&idx=2&sn=423a37e0a046706839a0673709de6da3) +- Der Flounder + - [ ] [Generating randomized long usernames for Jamf Pro standard user accounts](https://derflounder.wordpress.com/2025/01/12/generating-randomized-long-usernames-for-jamf-pro-standard-users/) +- CXSECURITY Database RSS Feed - CXSecurity.com + - [ ] [Ecommerce-PHP-kurniaramadhan-1.0- Stored Cross Site Scripting](https://cxsecurity.com/issue/WLB-2025010013) +- Blogs on STAR Labs + - [ ] [Celebrating 7 Years of STAR Labs SG](https://starlabs.sg/blog/2025/01-celebrating-7-years/) +- MaskRay + - [ ] [Understanding and improving Clang -ftime-report](https://maskray.me/blog/2025-01-12-understanding-and-improving-clang-ftime-report) - Recent Commits to cve:main - - [ ] [Update Sat Jan 11 20:16:57 UTC 2025](https://github.com/trickest/cve/commit/a529fd5d50c90c432baec70219470b5f625a25a0) - - [ ] [Update Sat Jan 11 12:19:24 UTC 2025](https://github.com/trickest/cve/commit/4ee809fb0c944239e63a757ad04299a07cefae04) - - [ ] [Update Sat Jan 11 04:10:25 UTC 2025](https://github.com/trickest/cve/commit/b1d77c9032f2c34f807b30264034a2a5ea416a0b) + - [ ] [Update Sun Jan 12 20:21:03 UTC 2025](https://github.com/trickest/cve/commit/cc05860a3fa72fd7eeb469c2f4c3c2393bdf9799) + - [ ] [Update Sun Jan 12 12:11:36 UTC 2025](https://github.com/trickest/cve/commit/bc5f623348434ad1564e0c0b3b25484b76ac5bce) + - [ ] [Update Sun Jan 12 03:57:29 UTC 2025](https://github.com/trickest/cve/commit/53bdd20be67eb117cbfb421f1172dacc167ade8d) - 一个被知识诅咒的人 - - [ ] [【人工智能】构建智能语音助手:使用Python实现语音识别与合成的全面指南](https://blog.csdn.net/nokiaguy/article/details/145075956) - - [ ] [【人工智能】用Python进行对象检测:从OpenCV到YOLO的全面指南](https://blog.csdn.net/nokiaguy/article/details/145075935) -- Bug Bounty in InfoSec Write-ups on Medium - - [ ] [Revisiting a Simple SQL Injection Methodology](https://infosecwriteups.com/revisiting-a-simple-sql-injection-methodology-ecd42634a21e?source=rss----7b722bfd1b8d--bug_bounty) + - [ ] [Python协程与生成器深度解析:从yield到async的演进之路](https://blog.csdn.net/nokiaguy/article/details/145091808) + - [ ] [Python数据类(dataclass):简化类的定义与数据管理](https://blog.csdn.net/nokiaguy/article/details/145091802) - Twitter @bytehx - - [ ] [RT Sina Yeganeh: Find hidden Endpoint : https://raw.githubusercontent.com/sinaayeganeh/Find-Hidden-Endpoint/refs/heads/main/js.txt #bugbounty #bugboun...](https://x.com/bytehx343/status/1878087922488090801) -- Malware-Traffic-Analysis.net - Blog Entries - - [ ] [2025-01-09: CVE-2017-0199 XLS --> HTA --> VBS --> steganography --> DBatLoader/GuiLoader style malware](https://www.malware-traffic-analysis.net/2025/01/09/index.html) + - [ ] [Re @hbenja_m @Bugcrowd That is a very good explanation. Thanks for sharing!](https://x.com/bytehx343/status/1878340302697824475) +- CCC Event Blog + - [ ] [38C3: Last (and Lost) Things](https://events.ccc.de/2025/01/12/38c3-last-things/) - Reverse Engineering - - [ ] [Reverse-engineering meets AI: My new benchmark asks you to deduce hidden byte transforms—thoughts?](https://www.reddit.com/r/ReverseEngineering/comments/1hyuf9w/reverseengineering_meets_ai_my_new_benchmark_asks/) -- HAHWUL - - [ ] [ZAP 2.16 Review ⚡️](https://www.hahwul.com/2025/01/11/zap-2-16-review/) -- 杨龙 - - [ ] [-2209017943](https://www.yanglong.pro/2209017943-2/) -- 黑海洋 - IT技术知识库 - - [ ] [Fluent Read:上下文语境的人工智能翻译引擎(浏览器插件)](https://blog.upx8.com/4651) -- 安全分析与研究 - - [ ] [新型Hellcat勒索病毒分析](https://mp.weixin.qq.com/s?__biz=MzA4ODEyODA3MQ==&mid=2247489905&idx=1&sn=d221af8624b76e73a62cffd81d4afb24&chksm=902fb659a7583f4f105f2bc9bb1490bdf8d2781611e9f73c12246ee56ca3b7525b5263d975bd&scene=58&subscene=0#rd) + - [ ] [Core Explorer, a core dump analysis tool that runs in the browser](https://www.reddit.com/r/ReverseEngineering/comments/1hzy97x/core_explorer_a_core_dump_analysis_tool_that_runs/) +- FreeBuf网络安全行业门户 + - [ ] [网络安全市场的“冬天”还长](https://www.freebuf.com/articles/neopoints/419651.html) - 奇客Solidot–传递最新科技情报 - - [ ] [物理学家发现新粒子分数激子](https://www.solidot.org/story?sid=80307) - - [ ] [YouTube 主播向 AI 公司出售未发布视频去训练 AI](https://www.solidot.org/story?sid=80306) - - [ ] [世界最强超算 El Capitan 正式启用](https://www.solidot.org/story?sid=80305) - - [ ] [StackOverflow 新问题数量大幅减少](https://www.solidot.org/story?sid=80304) - - [ ] [德国众多大学机构集体宣布退出 X](https://www.solidot.org/story?sid=80303) - - [ ] [Automattic 大幅缩减对 WordPress.org 的支持](https://www.solidot.org/story?sid=80302) - - [ ] [巴西给 Meta 72 小时时间解释其事实核查政策的变化](https://www.solidot.org/story?sid=80301) -- 威努特安全网络 - - [ ] [我国牵头的国际标准发布,联合国航空数据库遭入侵 | 一周特辑](https://mp.weixin.qq.com/s?__biz=MzAwNTgyODU3NQ==&mid=2651130318&idx=1&sn=322960576db32a5d4485b1c0dc16d542&chksm=80e7137eb7909a680deaa85714119cb89492b504024287b112b4cab04f1b3fdc24bbab99c3e0&scene=58&subscene=0#rd) -- 丁爸 情报分析师的工具箱 - - [ ] [【资料】创建开源情报机构的理由](https://mp.weixin.qq.com/s?__biz=MzI2MTE0NTE3Mw==&mid=2651148500&idx=1&sn=6cb5b45ccad95f39148ef2240c25d8f8&chksm=f1af27eec6d8aef85b73213a31ddbb5ff35a3ab0c56351b3885e6105b67a593a975858b141d8&scene=58&subscene=0#rd) -- 长亭安全应急响应中心 - - [ ] [【已复现】Ivanti Connect Secure 堆栈溢出致远程代码执行漏洞(CVE-2025-0282)](https://mp.weixin.qq.com/s?__biz=MzIwMDk1MjMyMg==&mid=2247492691&idx=1&sn=e1d64db4b8957907e6417a61d2c40fa4&chksm=96f7fb3ea1807228c78b8469fdfa3a9fad83374094781eb88c48ae6e598331b3bd87ae4c659c&scene=58&subscene=0#rd) -- 看雪学苑 - - [ ] [CTF自毁程序密码:逆向分析](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458588573&idx=1&sn=c40b84e0094dfcbca49818f166d4c1f8&chksm=b18c251786fbac0172b4c573bca3dbdc17e0efad3bf6e5dace210a9b96023fdf89feccf64ba1&scene=58&subscene=0#rd) - - [ ] [欢迎报名!新课《Frida源码情景分析》](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458588573&idx=2&sn=faff2f0fd2cdc5ddab970c5ab150d74c&chksm=b18c251786fbac01987d449630eb908309f812aa88b611c439eaa12acdb36a199b9e212512e3&scene=58&subscene=0#rd) -- 安全内参 - - [ ] [网站域名遭非法盗用篡改,郑州两家公司被行政处罚](https://mp.weixin.qq.com/s?__biz=MzI4NDY2MDMwMw==&mid=2247513467&idx=1&sn=3ea80990fd1c334a5bbf3e29305787b1&chksm=ebfaf25bdc8d7b4dad90dcea755636cf357c28f3dcec82aaf943cbeefa88a5b135fbdc372038&scene=58&subscene=0#rd) + - [ ] [台积电亚利桑那州工厂开始量产 4 纳米芯片](https://www.solidot.org/story?sid=80310) + - [ ] [安然宣布预售蛋形家用核反应堆](https://www.solidot.org/story?sid=80309) + - [ ] [加拿大灭火飞机疑与无人机相撞受损停飞](https://www.solidot.org/story?sid=80308) - dotNet安全矩阵 - - [ ] [.NET 第54期红队武器库和资源汇总](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498152&idx=1&sn=e082b4077e255091892be37fff847a78&chksm=fa595745cd2ede53bf9b66ae351f313cf7bf5dd1650cf01cd2dab30f1a615a0813a8427e859a&scene=58&subscene=0#rd) - - [ ] [国内最专业、最全面的 [ .NET 代码审计 ] 体系化学习交流社区](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498152&idx=2&sn=68b7c98d93dba9cd5cb2feb37795f5c0&chksm=fa595745cd2ede5310d59456ace4b1b2d00ad3e60a2946ee0a394adc50759ab9b978584b956a&scene=58&subscene=0#rd) - - [ ] [无独有偶,通过.NET反序列化漏洞实现 Visual Studio 钓鱼攻击](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498152&idx=3&sn=a45de16edbca5168f73ea7ed4ffeca36&chksm=fa595745cd2ede53cd0f763edff055aeced78d85bdeea1f2be5fd2d80d72a65ed86e0df928f3&scene=58&subscene=0#rd) -- 安全圈 - - [ ] [【安全圈】江苏一男子利用小程序Bug逃匿28万加油费,法院判了](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067274&idx=1&sn=5bef640b5980a10e736f5e8b28bb6773&chksm=f36e798ac419f09cdbd5129a3bf75829108cf7f7a7de0b1d6ac854dbbb635e3a6b7d50a7bd0d&scene=58&subscene=0#rd) - - [ ] [【安全圈】涉案3.3亿!有人非法搭建支付平台获利超200万](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067274&idx=2&sn=792e4a8d18c9865be6e1131bf29116e9&chksm=f36e798ac419f09c4674ed1ba0a3d10573e7a3ba50adc72984e3afc698d37c2172cb8076dc0b&scene=58&subscene=0#rd) - - [ ] [【安全圈】Ivanti VPN 零日漏洞正在被黑客利用](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067274&idx=3&sn=8eb5cc6c0a00bef351ca6ec387133310&chksm=f36e798ac419f09cca9472d89e0009706062cc803d7b61065e39083441ba8c9e646c932b6efe&scene=58&subscene=0#rd) + - [ ] [.NET内网实战:通过密码喷射遍历域账户](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498161&idx=1&sn=be37da545ba59c118c2d8331ddebf95e&chksm=fa59575ccd2ede4a649d9a0b0a50098ed73b9a63406c87ad5501b7b911333561666fb79b058a&scene=58&subscene=0#rd) + - [ ] [.NET 安全攻防知识交流社区](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498161&idx=2&sn=cb9eb4af6f38a0fdf4bec4b4c0b9af0e&chksm=fa59575ccd2ede4af7bc01070c20719aa57677190a7abc5c307d5d82adcea645f6d47879c671&scene=58&subscene=0#rd) + - [ ] [.NET 第54期红队武器库和资源汇总](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498161&idx=3&sn=0bdf117aa614c48e6e2fa2e51a3e83eb&chksm=fa59575ccd2ede4a84e6210bd8ee96f463cb3a9b0b75bb9c70b96a5a0bdc4420e9ed4ed132fd&scene=58&subscene=0#rd) +- 丁爸 情报分析师的工具箱 + - [ ] [【资料】全球和平、恐怖主义、军事化、生态威胁等指数](https://mp.weixin.qq.com/s?__biz=MzI2MTE0NTE3Mw==&mid=2651148514&idx=1&sn=3662709654286db5bff36e15df25195b&chksm=f1af27d8c6d8aece6156e703a95e85d1ba2b73fefb64d14a75c43344e36d8f73bacd9081ee78&scene=58&subscene=0#rd) +- 认知独省 + - [ ] [攻防3.0 - 信任攻击](https://mp.weixin.qq.com/s?__biz=MzU0NTI4MDQwMQ==&mid=2247484194&idx=1&sn=cb404b0fcfa2490d458d482fa704e98a&chksm=fb6e1bdccc1992cafa5f8bb0a62392a5c3106254f7cf233badf5cd133389fd95f6ac43fdde1d&scene=58&subscene=0#rd) +- 安全学术圈 + - [ ] [2024年度上海网络与信息安全测评工程技术研究中心开放课题申请指南](https://mp.weixin.qq.com/s?__biz=MzU5MTM5MTQ2MA==&mid=2247491552&idx=1&sn=f1a376f0e49cff2ddca8fd74d0ecb5d9&chksm=fe2ee06bc959697dfc17c1f03a2e333582869bfcf92999139190432c960e259a75bb8f9aef7d&scene=58&subscene=0#rd) - 网络空间安全科学学报 - - [ ] [学术前沿 | 鹏城实验室威胁情报团队:网络威胁情报共享与融合技术综述](https://mp.weixin.qq.com/s?__biz=MzI0NjU2NDMwNQ==&mid=2247504587&idx=1&sn=4eaf1ab6a4b15883ae9a77be4357a271&chksm=e9bfc675dec84f63b347462da5f7bce1abed74f36bf037a16432d25f075367ff3d1fd224cdf6&scene=58&subscene=0#rd) -- 网安杂谈 - - [ ] [专刊抽奖中奖名单](https://mp.weixin.qq.com/s?__biz=MzAwMTMzMDUwNg==&mid=2650889518&idx=1&sn=ba617630ef1fac5cd159e0c01ae1fd53&chksm=812ea10bb659281d60613b07fbcdcaebd1d770235c4af465c07bc94e0c538244fa08dc76c8d8&scene=58&subscene=0#rd) + - [ ] [学术前沿 | 国防科技大学李爱平教授团队:物联网威胁情报知识图谱综述](https://mp.weixin.qq.com/s?__biz=MzI0NjU2NDMwNQ==&mid=2247504588&idx=1&sn=2d8592df92f5803bf485752d5f217d87&chksm=e9bfc672dec84f64e1b5b257c4048e3bbf80232a46cb63503acfd5a8c04a35f89fca0fc9aaa4&scene=58&subscene=0#rd) +- 安全圈 + - [ ] [【安全圈】腾讯协助警方破获木马盗窃游戏账号案,涉案金额超 3000 万](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067304&idx=1&sn=e99889dcbf4e15a2ad7a2217e3f850a3&chksm=f36e79a8c419f0be15d9a86cb5b587e283772858d26f145297e29b9b3cde7371bfdb14bf0184&scene=58&subscene=0#rd) + - [ ] [【安全圈】勒索木马 Banshee 针对苹果 macOS 下手,冒充安全组件躲避检测](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067304&idx=2&sn=72944b1de7bb9205840492e28ba936b4&chksm=f36e79a8c419f0beeb3739f5c2b85fca0f00fde58f920f33c1f515465e6d0cb38db195bc441a&scene=58&subscene=0#rd) + - [ ] [【安全圈】卡西欧遭勒索软件攻击?8500人数据被窃取!](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067304&idx=3&sn=1f094579cd41cb8e1f1583f6eb592503&chksm=f36e79a8c419f0be1987e866d745c558b9b4a20e4ada1f1f63ccf2a0b42d84e9bf4434724c69&scene=58&subscene=0#rd) - 极客公园 - - [ ] [特朗普上任前,Meta、微软等取消多元化项目;新 Model Y 上市,雷军隔空玩梗;京东 App 大改版 | 极客早知道](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653071834&idx=1&sn=9726e5881ed20e810b87b68ef06af200&chksm=7e57d46c49205d7a678f880e93b38ad8df5661f949d2dd27442559ef9f751a6af0d9bc2b6514&scene=58&subscene=0#rd) + - [ ] [AI 巨头花钱买 UP 主「废片」训练 AI;「三折叠」投影仪现身;多地现发光不明飞行物,应急局:未接到异常通知|极客早知道](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653071852&idx=1&sn=8bfae10375f4237c5a546b2df6f3acac&chksm=7e57d45a49205d4c804e47147898cbc9af5d4a4c7a5749e93da824310ba3f5332631ec136946&scene=58&subscene=0#rd) - 吴鲁加 - - [ ] [我工作里使用的软件和工作流](https://mp.weixin.qq.com/s?__biz=Mzg5NDY4ODM1MA==&mid=2247485135&idx=1&sn=0510f35c72516e30adcd494474dd6df1&chksm=c01a8bfef76d02e8f7fb3e9696d8b0cee09ab8dee030fe992b916e71468791be793abbc80527&scene=58&subscene=0#rd) -- 希潭实验室 - - [ ] [第112篇:美国APT震网病毒入侵伊朗核工厂后续与启示(第4篇)](https://mp.weixin.qq.com/s?__biz=MzkzMjI1NjI3Ng==&mid=2247487306&idx=1&sn=00dc7cf337a613d22207cecd7674ec88&chksm=c25fc031f5284927d968a7121718ccfa82db72798405bf0100bd1d248c3cb88d1360e288e491&scene=58&subscene=0#rd) -- OnionSec - - [ ] [短文:对现实里网络安全领域的新认识](https://mp.weixin.qq.com/s?__biz=MzUyMTUwMzI3Ng==&mid=2247485562&idx=1&sn=8b6790ca85055bf567130a044261ebda&chksm=f9db5f39ceacd62f1d9d93c36893e92be17a408acced658927b37d165077e523234bfe823d95&scene=58&subscene=0#rd) -- 山石网科安全技术研究院 - - [ ] [2024年度重大数据泄露事件盘点-国外版](https://mp.weixin.qq.com/s?__biz=MzUzMDUxNTE1Mw==&mid=2247509629&idx=1&sn=29247d0381639fa3501942c67c219470&chksm=fa5273c3cd25fad5d99967bf051e1337733f3c3082433d432cf1da5a2100a7b651661c585277&scene=58&subscene=0#rd) + - [ ] [最近在试的学习工作方法](https://mp.weixin.qq.com/s?__biz=Mzg5NDY4ODM1MA==&mid=2247485142&idx=1&sn=404d04f9faadc52634e236ebd8a95b9a&chksm=c01a8be7f76d02f16927f92ee10be8d20555c480f00ae93e372a6421d5e07b5fdcd0d10c252f&scene=58&subscene=0#rd) - Over Security - Cybersecurity news aggregator - - [ ] [Scammers file first — Get your IRS Identity Protection PIN now](https://www.bleepingcomputer.com/news/security/scammers-file-first-get-your-irs-identity-protection-pin-now/) - - [ ] [Fake LDAPNightmware exploit on GitHub spreads infostealer malware](https://www.bleepingcomputer.com/news/security/fake-ldapnightmware-exploit-on-github-spreads-infostealer-malware/) -- ICT Security Magazine - - [ ] [Living-off-the-Land Binaries (LOLBins) negli attacchi fileless: Analisi Tecnica e Implicazioni per la Sicurezza](https://www.ictsecuritymagazine.com/articoli/living-off-the-land-binaries-lolbins/) -- 迪哥讲事 - - [ ] [从 SQL 注入到远程代码执行](https://mp.weixin.qq.com/s?__biz=MzIzMTIzNTM0MA==&mid=2247496813&idx=1&sn=eab6d19d242d637c1797d76ec3ae43fa&chksm=e8a5fe0edfd277188a3ce54336fe9ddf992716daadef1e899d9d6e4de34f5c25335a2222782c&scene=58&subscene=0#rd) -- GobySec - - [ ] [锦鲤揭秘时刻!快来看看锦鲤礼包花落谁家吧~](https://mp.weixin.qq.com/s?__biz=MzI4MzcwNTAzOQ==&mid=2247545717&idx=1&sn=309283dd2ed10d791e052cf798b5e174&chksm=eb84d8d5dcf351c3ade60c164cef5dcf834d3e5db4c15add66752b789281fb770f82226b0664&scene=58&subscene=0#rd) + - [ ] [Phishing texts trick Apple iMessage users into disabling protection](https://www.bleepingcomputer.com/news/security/phishing-texts-trick-apple-imessage-users-into-disabling-protection/) + - [ ] [Pastor who saw crypto project in his "dream" indicted for fraud](https://www.bleepingcomputer.com/news/legal/pastor-who-saw-crypto-project-in-his-dream-indicted-for-fraud/) + - [ ] [Guerre di Rete - Italia, Musk e Ue: che partite si stanno giocando](https://guerredirete.substack.com/p/guerre-di-rete-italia-musk-e-ue-che) + - [ ] [Analysis of Counter-Ransomware Activities in 2024](https://blog.bushidotoken.net/2025/01/analysis-of-counter-ransomware.html) + - [ ] [SuperDraft - 300,187 breached accounts](https://haveibeenpwned.com/PwnedWebsites#SuperDraft) +- IT Service Management News + - [ ] [US Cyber Trust Mark Program](http://blog.cesaregallotti.it/2025/01/us-cyber-trust-mark-program.html) +- Have I Been Pwned latest breaches + - [ ] [SuperDraft - 300,187 breached accounts](https://haveibeenpwned.com/PwnedWebsites#SuperDraft) +- SANS Internet Storm Center, InfoCON: green + - [ ] [Multi-OLE, (Sun, Jan 12th)](https://isc.sans.edu/diary/rss/31580) + - [ ] [Wireshark 4.4.3 Released, (Sat, Jan 11th)](https://isc.sans.edu/diary/rss/31578) +- Troy Hunt's Blog + - [ ] [Weekly Update 434](https://www.troyhunt.com/weekly-update-434/) - TorrentFreak - - [ ] [Tonga! Tonga! Tonga! Online Piracy’s Unusual Attraction to ccTLD .to](https://torrentfreak.com/tonga-tonga-tonga-online-piracys-unusual-attraction-to-cctld-to-250111/) -- 银针安全 - - [ ] [高版本Fastjson在Java原生反序列化中的利用](https://mp.weixin.qq.com/s?__biz=Mzg2MDY2ODc5MA==&mid=2247484185&idx=1&sn=9068c43597d87c94568fe70974fd6365&chksm=ce239500f9541c160287b545120d6495c7a2aa9c5c75e0ad101c7a3d3600e86ea6b64ef75f63&scene=58&subscene=0#rd) -- Technical Information Security Content & Discussion - - [ ] [$2m laundered: the YouTube crypto tutorials’ huge scam (investigation)](https://www.reddit.com/r/netsec/comments/1hz54x4/2m_laundered_the_youtube_crypto_tutorials_huge/) - - [ ] [Gayfemboy: A Botnet Deliver Through a Four-Faith Industrial Router 0-day Exploit.](https://www.reddit.com/r/netsec/comments/1hyjjpb/gayfemboy_a_botnet_deliver_through_a_fourfaith/) + - [ ] [Nhentai Asks California Court to Dismiss Piracy Lawsuit](https://torrentfreak.com/nhentai-asks-california-court-to-dismiss-piracy-lawsuit-250112/) +- 白泽安全实验室 + - [ ] [网络安全领域研究人员遭遇假PoC专项攻击](https://mp.weixin.qq.com/s?__biz=MzI0MTE4ODY3Nw==&mid=2247492518&idx=1&sn=d4196de8b812e3a2d29209b50328cec0&chksm=e90dc98cde7a409a795581029d39c4e66bc71c3ad662c7e7c84782d0baae9a74a858889ab838&scene=58&subscene=0#rd) +- FuzzWiki + - [ ] [Bleem: 面向数据包序列的协议模糊测试 | 技术进展](https://mp.weixin.qq.com/s?__biz=MzU1NTEzODc3MQ==&mid=2247486874&idx=1&sn=311b59a1953758bc2f69485cbf107d4b&chksm=fbd9a626ccae2f30d7167e5d9ee742af35355e569368a8dbc1d983fbcb3d90104f174138b5fa&scene=58&subscene=0#rd) +- 迪哥讲事 + - [ ] [SSRF 漏洞自动化 寻找](https://mp.weixin.qq.com/s?__biz=MzIzMTIzNTM0MA==&mid=2247496832&idx=1&sn=5c72712e20772f2279b09ca9a748afc2&chksm=e8a5fee3dfd277f5990fbe3dfe7247c7dd7bf125a233ad4ec99a8afb49b1b2e29ae25f7866b6&scene=58&subscene=0#rd) +- Computer Forensics + - [ ] [Dream equipement](https://www.reddit.com/r/computerforensics/comments/1hzw6t7/dream_equipement/) + - [ ] [Will live acquisition result in different hash values using FTK?](https://www.reddit.com/r/computerforensics/comments/1hzp7ny/will_live_acquisition_result_in_different_hash/) - Your Open Hacker Community - - [ ] [Getting infinite lives in Prehistorik on Windows 11](https://www.reddit.com/r/HowToHack/comments/1hz6pee/getting_infinite_lives_in_prehistorik_on_windows/) - - [ ] [How to convert a password protected zip file into a RAR file?](https://www.reddit.com/r/HowToHack/comments/1hz3bgu/how_to_convert_a_password_protected_zip_file_into/) - - [ ] [recovering google account](https://www.reddit.com/r/HowToHack/comments/1hyx8qq/recovering_google_account/) - - [ ] [Has anyone tried hijacking school Apple TVs for a prank?](https://www.reddit.com/r/HowToHack/comments/1hz3nxz/has_anyone_tried_hijacking_school_apple_tvs_for_a/) - - [ ] [Help](https://www.reddit.com/r/HowToHack/comments/1hyzqf5/help/) - - [ ] [Can anyone help me with a teleg private group(pls dm me)](https://www.reddit.com/r/HowToHack/comments/1hyzpji/can_anyone_help_me_with_a_teleg_private_grouppls/) - - [ ] [I need to find someone's IP address or something](https://www.reddit.com/r/HowToHack/comments/1hyzxt3/i_need_to_find_someones_ip_address_or_something/) + - [ ] [Check out a botnet (c2) framework I made!](https://www.reddit.com/r/HowToHack/comments/1hztta4/check_out_a_botnet_c2_framework_i_made/) + - [ ] [Dell admin pw](https://www.reddit.com/r/HowToHack/comments/1hzvwwu/dell_admin_pw/) + - [ ] [Where to find phishing templates?](https://www.reddit.com/r/HowToHack/comments/1hzlv04/where_to_find_phishing_templates/) + - [ ] [Trace a call spoofer](https://www.reddit.com/r/HowToHack/comments/1hzpbak/trace_a_call_spoofer/) + - [ ] [Does anyone know any effective websites to learn efficient and relevant hacking methods that teach with simplicity and are free](https://www.reddit.com/r/HowToHack/comments/1hzsc4j/does_anyone_know_any_effective_websites_to_learn/) + - [ ] [KANN MAN HIER HACKEN LERNEN ?](https://www.reddit.com/r/HowToHack/comments/1hzv1o0/kann_man_hier_hacken_lernen/) + - [ ] [Need help with switching accounts once logged into a site](https://www.reddit.com/r/HowToHack/comments/1hzjamc/need_help_with_switching_accounts_once_logged/) + - [ ] [Help](https://www.reddit.com/r/HowToHack/comments/1hzi5gh/help/) + - [ ] [Hi guys, Can someone crack a $zip2$ hash?](https://www.reddit.com/r/HowToHack/comments/1hzgzjv/hi_guys_can_someone_crack_a_zip2_hash/) + - [ ] [Hack Iphone with charger](https://www.reddit.com/r/HowToHack/comments/1hzbsmp/hack_iphone_with_charger/) + - [ ] [IP](https://www.reddit.com/r/HowToHack/comments/1hzdh3n/ip/) +- Technical Information Security Content & Discussion + - [ ] [Exploitation Walkthrough and Techniques - Ivanti Connect Secure RCE (CVE-2025-0282) - watchTowr Labs](https://www.reddit.com/r/netsec/comments/1hzipca/exploitation_walkthrough_and_techniques_ivanti/) +- Hacking Exposed Computer Forensics Blog + - [ ] [Daily Blog #715: Solution Saturday 1/11/25](https://www.hecfblog.com/2025/01/daily-blog-715-solution-saturday-11125.html) - Security Affairs - - [ ] [DoJ charged three Russian citizens with operating crypto-mixing services](https://securityaffairs.com/172957/cyber-crime/doj-charged-russian-citizens-with-operating-crypto-mixing-services.html) - - [ ] [U.S. cannabis dispensary STIIIZY disclosed a data breach](https://securityaffairs.com/172950/data-breach/marijuana-dispensary-stiiizy-data-breach.html) - - [ ] [A novel PayPal phishing campaign hijacks accounts](https://securityaffairs.com/172935/cyber-crime/paypal-phishing-campaign-hijacks-accounts.html) -- Social Engineering - - [ ] [The hidden psychology of abusers](https://www.reddit.com/r/SocialEngineering/comments/1hyxk74/the_hidden_psychology_of_abusers/) -- The Hacker News - - [ ] [Microsoft Sues Hacking Group Exploiting Azure AI for Harmful Content Creation](https://thehackernews.com/2025/01/microsoft-sues-hacking-group-exploiting.html) - - [ ] [DoJ Indicts Three Russians for Operating Crypto Mixers Used in Cybercrime Laundering](https://thehackernews.com/2025/01/doj-indicts-three-russians-for.html) -- Computer Forensics - - [ ] [How do you read a $MFT? (First Computer Forensics class)](https://www.reddit.com/r/computerforensics/comments/1hyvbdc/how_do_you_read_a_mft_first_computer_forensics/) -- Information Security - - [ ] [Open Source Shadow IT Detection](https://www.reddit.com/r/Information_Security/comments/1hyoren/open_source_shadow_it_detection/) -- Deep Web - - [ ] [Would you like this reward?](https://www.reddit.com/r/deepweb/comments/1hz9bjv/would_you_like_this_reward/) + - [ ] [Pro-Russia hackers NoName057 targets Italy again after Zelensky’s visit to the country](https://securityaffairs.com/172982/hacktivism/noname057-targets-italy.html) + - [ ] [SECURITY AFFAIRS MALWARE NEWSLETTER – ROUND 28](https://securityaffairs.com/172978/malware/security-affairs-malware-newsletter-round-28.html) + - [ ] [Security Affairs newsletter Round 506 by Pierluigi Paganini – INTERNATIONAL EDITION](https://securityaffairs.com/172972/breaking-news/security-affairs-newsletter-round-506-by-pierluigi-paganini-international-edition.html) + - [ ] [How a researcher earned $100,000 hacking a Facebook server](https://securityaffairs.com/172964/hacking/researcher-earned-100000-hacking-facebook-server.html) - Blackhat Library: Hacking techniques and research - - [ ] [Telefonica Breach: Infostealer Malware Opens Door for Social Engineering Tactics](https://www.reddit.com/r/blackhat/comments/1hysvc3/telefonica_breach_infostealer_malware_opens_door/) + - [ ] [Black Hat Training pass doesn't include main event Briefings](https://www.reddit.com/r/blackhat/comments/1hzs0nd/black_hat_training_pass_doesnt_include_main_event/) +- Randy Westergren + - [ ] [Building pyodbc for AWS Lambda’s Python 3.13 Runtime](https://randywestergren.com/building-pyodbc-for-aws-lambdas-python-3-13-runtime/) +- 银针安全 + - [ ] [在spring-aop中挖掘新反序列化gadget-chain](https://mp.weixin.qq.com/s?__biz=Mzg2MDY2ODc5MA==&mid=2247484198&idx=1&sn=6b6a82bb543e879295b7cd2d85f3a37f&chksm=ce23953ff9541c29418831b4e192b385e5c92d59562b40a7a28283e8468773caac9ad9736b1c&scene=58&subscene=0#rd) +- Dark Space Blogspot + - [ ] [Il Segreto Di Chiavalentine Su Youtube: Successo Reale o Fake?](http://darkwhite666.blogspot.com/2025/01/il-segreto-del-successo-di.html) From fff98d38e30dfeab28fa48d63cdfbac446949564 Mon Sep 17 00:00:00 2001 From: chainreactorbot Date: Tue, 14 Jan 2025 02:43:41 +0000 Subject: [PATCH 10/29] =?UTF-8?q?=E6=AF=8F=E6=97=A5=E5=AE=89=E5=85=A8?= =?UTF-8?q?=E8=B5=84=E8=AE=AF=EF=BC=882025-01-14=EF=BC=89?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- archive/daily/2025/2025-01-14.md | 490 ++++++++++++++++++++ archive/tmp/2025-01-14.json | 567 +++++++++++++++++++++++ today.md | 747 +++++++++++++++++++------------ 3 files changed, 1526 insertions(+), 278 deletions(-) create mode 100644 archive/daily/2025/2025-01-14.md create mode 100644 archive/tmp/2025-01-14.json diff --git a/archive/daily/2025/2025-01-14.md b/archive/daily/2025/2025-01-14.md new file mode 100644 index 0000000000..abaf133c89 --- /dev/null +++ b/archive/daily/2025/2025-01-14.md @@ -0,0 +1,490 @@ +# 每日安全资讯(2025-01-14) + +- SecWiki News + - [ ] [SecWiki News 2025-01-13 Review](http://www.sec-wiki.com/?2025-01-13) +- Security Boulevard + - [ ] [Why Scalability Matters in Non-Human Identity and Access Management](https://securityboulevard.com/2025/01/why-scalability-matters-in-non-human-identity-and-access-management/) + - [ ] [HHS Proposes Major Overhaul of HIPAA Security Rule in the Wake of Change Healthcare Breach](https://securityboulevard.com/2025/01/hhs-proposes-major-overhaul-of-hipaa-security-rule-in-the-wake-of-change-healthcare-breach/) + - [ ] [FunkSec: A New Ransomware Group Buoyed by AI](https://securityboulevard.com/2025/01/funksec-a-new-ransomware-group-buoyed-by-ai/) + - [ ] [Inside a 90-Minute Attack: Breaking Ground with All-New AI Defeating Black Basta Tactics](https://securityboulevard.com/2025/01/inside-a-90-minute-attack-breaking-ground-with-all-new-ai-defeating-black-basta-tactics/) + - [ ] [How Ephemeral on-demand data can improve DORA DevOps scores](https://securityboulevard.com/2025/01/how-ephemeral-on-demand-data-can-improve-dora-devops-scores/) + - [ ] [Ephemeral data environments in Azure, leveraging the cloud](https://securityboulevard.com/2025/01/ephemeral-data-environments-in-azure-leveraging-the-cloud/) + - [ ] [How to create de-identified embeddings with Tonic Textual & Pinecone](https://securityboulevard.com/2025/01/how-to-create-de-identified-embeddings-with-tonic-textual-pinecone/) + - [ ] [De-identifying Salesforce data for testing and development. Tonic Structural now connects to Salesforce](https://securityboulevard.com/2025/01/de-identifying-salesforce-data-for-testing-and-development-tonic-structural-now-connects-to-salesforce/) + - [ ] [Open Bullet 2: The Preferred Credential Stuffing Tool for Bots](https://securityboulevard.com/2025/01/open-bullet-2-the-preferred-credential-stuffing-tool-for-bots/) + - [ ] [Network Configuration and Change Management Best Practices](https://securityboulevard.com/2025/01/network-configuration-and-change-management-best-practices/) +- 安全客-有思想的安全新媒体 + - [ ] [致敬警察节|警企携手,筑牢安全防护网!](https://www.anquanke.com/post/id/303459) + - [ ] [Fancy Product Designer 插件中未修补的漏洞使 20,000 多个网站面临风险](https://www.anquanke.com/post/id/303456) + - [ ] [Google Project Zero 研究人员发现针对三星设备的零点击漏洞](https://www.anquanke.com/post/id/303453) + - [ ] [西班牙电信公司确认数据泄露后内部票务系统遭到破坏](https://www.anquanke.com/post/id/303450) + - [ ] [GitHub 上的假冒 LDAPNightmware 利用程序传播信息窃取型恶意软件](https://www.anquanke.com/post/id/303447) + - [ ] [研究人员如何通过黑客攻击 Facebook 服务器赚取 10 万美元](https://www.anquanke.com/post/id/303444) + - [ ] [网络钓鱼短信诱骗Apple iMessage用户禁用保护](https://www.anquanke.com/post/id/303439) + - [ ] [印度加密货币交易所 Mudrex 解释提款暂停原因](https://www.anquanke.com/post/id/303436) + - [ ] [2024年的网络钓鱼:应对持续威胁和人工智能的双刃剑](https://www.anquanke.com/post/id/303433) + - [ ] [CVE-2025-22777 (CVSS 9.8): 针对拥有 100,000 个活跃安装的 GiveWP 插件的严重安全警报](https://www.anquanke.com/post/id/303430) +- Doonsec's feed + - [ ] [从UP主燕三嘤嘤嘤看百度好看视频的苟活](https://mp.weixin.qq.com/s?__biz=MzkwMzI1ODUwNA==&mid=2247487814&idx=1&sn=4907df26be08cacdb7178f0d18e5a39d) + - [ ] [2024龙信年终技术考核WP](https://mp.weixin.qq.com/s?__biz=MzkzMjE4NzU5MA==&mid=2247491395&idx=1&sn=6490bb127a2104f8fb27f349103d0dff) + - [ ] [【干货】笑傲职场的独家经验(1)](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485401&idx=3&sn=9f5c7558a30fbc3a8e126121a0bd5602) + - [ ] [渗透Vulnhub-hackme靶机](https://mp.weixin.qq.com/s?__biz=Mzk1NzI5NzA3NQ==&mid=2247485970&idx=1&sn=4318edd93f051ba1be4bda1efb08ec5f) + - [ ] [回顾新姿势:击穿星巴克获取 1 亿用户详细信息](https://mp.weixin.qq.com/s?__biz=MzkwODI1ODgzOA==&mid=2247506517&idx=1&sn=72ebf3f4238eab2fce2b83da193e8e8b) + - [ ] [老牌免杀工具veil免杀](https://mp.weixin.qq.com/s?__biz=Mzg3OTUxNTU2NQ==&mid=2247489983&idx=1&sn=cb128069a995e8223bc74fee5557df01) + - [ ] [实战 | 域环境下通过anydesk进入生产网](https://mp.weixin.qq.com/s?__biz=Mzg5NTUyNTI5OA==&mid=2247486384&idx=1&sn=0e2db706f9c844a38b39297450e60d91) + - [ ] [【漏洞预警】Vim缓冲区溢出漏洞可导致拒绝服务](https://mp.weixin.qq.com/s?__biz=MzI3NzMzNzE5Ng==&mid=2247489446&idx=1&sn=28468e250cf5d9b29d7a5b263e158c99) + - [ ] [用于渗透测试练习的 15 个高危 Web应用和网站](https://mp.weixin.qq.com/s?__biz=MzkyODYwODkyMA==&mid=2247484934&idx=1&sn=7dc7c525120b59a96e436bf0ea9450b2) + - [ ] [四部委联合印发《关于促进数据标注产业高质量发展的实施意见》(附全文)](https://mp.weixin.qq.com/s?__biz=MzI5NTM4OTQ5Mg==&mid=2247633785&idx=1&sn=dc43c64287c137445c087fd164343665) + - [ ] [一图读懂 | 关于促进数据标注产业高质量发展的实施意见](https://mp.weixin.qq.com/s?__biz=MjM5MzMwMDU5NQ==&mid=2649170151&idx=3&sn=452310fbb337de2f7c1083f65b9d088c) + - [ ] [专家观点 | “人工智能+”赋能新质生产力发展](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664234446&idx=5&sn=f51375043d265a4573734624811787a2) + - [ ] [泄露近600万客户敏感数据,美国这家金融机构被罚超1.4亿元](https://mp.weixin.qq.com/s?__biz=MzI5NTM4OTQ5Mg==&mid=2247633785&idx=4&sn=4855ab43a37b7af0cfdeee4133a386aa) + - [ ] [记录一次博彩网站的实战渗透记录](https://mp.weixin.qq.com/s?__biz=MzkyMDY1MDI3OA==&mid=2247483742&idx=1&sn=e88bdf3f85236fa63fdae8b5fbc283e4) + - [ ] [Nuclei,一键发现99%的漏洞,白帽子都在私藏的扫描神器| |基于YAML模板的新一代漏洞扫描工具,让渗透测试效率提升10倍](https://mp.weixin.qq.com/s?__biz=MzI5MjY4MTMyMQ==&mid=2247489648&idx=1&sn=5b79daec6f19ffd0c170a8b2bc6f32ae) + - [ ] [“可信计算”专题征稿](https://mp.weixin.qq.com/s?__biz=MzI0NjU2NDMwNQ==&mid=2247504642&idx=1&sn=c447628a36e58e0247573195b34c3d8b) + - [ ] [红队-shell编程基础(七)](https://mp.weixin.qq.com/s?__biz=Mzk1Nzk2NjI3Ng==&mid=2247483789&idx=1&sn=0b8152350e676cfe9b706c0828aacfb9) + - [ ] [仅一文轻松拿捏 “加密站点的渗透测试”](https://mp.weixin.qq.com/s?__biz=Mzg3NzIxMDYxMw==&mid=2247504325&idx=1&sn=0ad6f807b8aee72e8c66f6cfddc6ad2a) + - [ ] [25年前最后一波招生 CTF实战特训营第三期](https://mp.weixin.qq.com/s?__biz=MzU1NjgzOTAyMg==&mid=2247522855&idx=1&sn=915db17a17b876be464130a746201f36) + - [ ] [信创认证,欢迎报名!](https://mp.weixin.qq.com/s?__biz=MzU1NjgzOTAyMg==&mid=2247522855&idx=2&sn=ae5be0d697f8654404d4c729ec56df65) + - [ ] [【话题】你刚开始接触安全的时候干过什么傻事?](https://mp.weixin.qq.com/s?__biz=MzkxMTUwOTY1MA==&mid=2247489984&idx=1&sn=0661c75b5b9216776b0ea9ad4e82724f) + - [ ] [一次绕过Burp检测的水洞记录](https://mp.weixin.qq.com/s?__biz=Mzg2ODYxMzY3OQ==&mid=2247518192&idx=1&sn=43d2c8a5ec62acb9c57d20b0958a7921) + - [ ] [SRC专项知识库](https://mp.weixin.qq.com/s?__biz=Mzg2ODYxMzY3OQ==&mid=2247518192&idx=2&sn=5b24f29c61064cbf6535255d152c2585) + - [ ] [关于如何解决 Cartopy 中的 GEOSException 问题](https://mp.weixin.qq.com/s?__biz=MzI2MDQ0ODIzNg==&mid=2247485188&idx=1&sn=c3ef736723f5f8583fe8586f09fec883) + - [ ] [第六届国家网络与信息安全信息通报机制中央企业网络安全大赛即将拉开帷幕](https://mp.weixin.qq.com/s?__biz=MzU1MTE1MjU5Nw==&mid=2247485436&idx=1&sn=10a33f4c919bdcaa2cb8b28761b8484f) + - [ ] [【漏洞工具】某路由器任意文件读取漏洞Goby高级模式利用工具](https://mp.weixin.qq.com/s?__biz=Mzg5NTU2NjA1Mw==&mid=2247496006&idx=1&sn=ff0667fdbf667156d8c9d0910b6bf0e3) + - [ ] [聚焦人工智能大模型可信治理 | “何以杨数浦”品牌沙龙第二期精彩回顾](https://mp.weixin.qq.com/s?__biz=MzUzODYyMDIzNw==&mid=2247516633&idx=1&sn=77b5ae3e9b2800cfb18c8b22869fc54f) + - [ ] [20元就能仿冒一家官网,小心这类山寨网页!](https://mp.weixin.qq.com/s?__biz=MzI0NzE4ODk1Mw==&mid=2652094576&idx=2&sn=b96d84ee36acd17877a0b42e11feb687) + - [ ] [识别漏洞成了大海捞针?](https://mp.weixin.qq.com/s?__biz=Mzg2MDc0NTIxOQ==&mid=2247484709&idx=1&sn=b238620c27395ab7c78718f7ef256c83) + - [ ] [卡西欧黑客事件报告发布:近 8600 名员工/客户隐私信息泄露](https://mp.weixin.qq.com/s?__biz=MzU2MTQwMzMxNA==&mid=2247541394&idx=1&sn=0789faf00c32980d17e95080f8788f99) + - [ ] [【安全圈】建立数据跨境服务中心、便利化访问国际互联网,上海虹桥商务区国际贸易中心新平台建设进一步落实](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067321&idx=1&sn=dd8f1699f9d8cbba67e8abc6091ffa6c) + - [ ] [【安全圈】微软起诉利用 Azure AI 创建有害内容的黑客组织](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067321&idx=4&sn=4ea1e634e045d59be08019f06a4fd52b) + - [ ] [价值3999,送!CISP新年福利不容错过](https://mp.weixin.qq.com/s?__biz=MzU4MjUxNjQ1Ng==&mid=2247521085&idx=2&sn=e0d640470ef26a02e6f1a0f0be864053) + - [ ] [SUCTF 2025落幕|S1uM4i战队实力夺冠!](https://mp.weixin.qq.com/s?__biz=MjM5NDU3MjExNw==&mid=2247515484&idx=1&sn=0c506fe6fa7d8296675e4a1821546192) + - [ ] [2025年人工智能带来的五大网络安全趋势及其应对策略](https://mp.weixin.qq.com/s?__biz=MjM5Njc3NjM4MA==&mid=2651134627&idx=1&sn=6c71adfab711410ac4d54f0d1602e6a7) + - [ ] [2025 ICT深度观察报告会|腾讯云李滨:企业数字安全建设的四个关键要素](https://mp.weixin.qq.com/s?__biz=Mzg5OTE4NTczMQ==&mid=2247526340&idx=1&sn=d5418212a88f343e949c90ac05e3ca99) + - [ ] [慢雾:演员王星被骗事件相关聊天截图调查](https://mp.weixin.qq.com/s?__biz=MzU4ODQ3NTM2OA==&mid=2247500907&idx=1&sn=1e629e1d6e96b48b3c5962aadba90a92) + - [ ] [GFI KerioControl 防火墙存在严重的RCE漏洞](https://mp.weixin.qq.com/s?__biz=MzI2NTg4OTc5Nw==&mid=2247522044&idx=1&sn=71bbcad32c9a0753d8385256ee5dad03) + - [ ] [CrowdStrike虚假工作邀约通过密币挖矿机感染开发人员](https://mp.weixin.qq.com/s?__biz=MzI2NTg4OTc5Nw==&mid=2247522044&idx=2&sn=f72144000ab0d2c1280f017af0018e6e) + - [ ] [物联网丨2024年中国物联网安全行业概览:解除网络威胁,物联网的智能守护(附下载)](https://mp.weixin.qq.com/s?__biz=MzI2MDk2NDA0OA==&mid=2247531021&idx=1&sn=9aa5cb200c685e768a56581a2f7cc8eb) + - [ ] [趋势丨2025年网络安全趋势洞察:多维度的挑战与应对之策](https://mp.weixin.qq.com/s?__biz=MzI2MDk2NDA0OA==&mid=2247531021&idx=2&sn=c562ed427ae6c2e710e4dded0bdf3bb9) + - [ ] [云服务器知多少](https://mp.weixin.qq.com/s?__biz=MzkxNTEzMTA0Mw==&mid=2247496603&idx=1&sn=30ce3b66d3f3a49187c050357e5e49aa) + - [ ] [每周网安资讯 (1.7-1.13)|Adobe多款产品存在越界读取漏洞](https://mp.weixin.qq.com/s?__biz=MzI2MzU0NTk3OA==&mid=2247505577&idx=1&sn=f82c60e6b9567f984c4c17d0e98e150a) + - [ ] [捷豹路虎中国到访奇安信安全中心](https://mp.weixin.qq.com/s?__biz=MzU0NDk0NTAwMw==&mid=2247624408&idx=1&sn=c77a280be315f4c37b588b6b7abc5e31) + - [ ] [泄露近600万客户敏感数据,这家金融机构被罚超1.4亿元](https://mp.weixin.qq.com/s?__biz=MzU0NDk0NTAwMw==&mid=2247624408&idx=2&sn=a55317c4ca276ccce4b320dfa6ab6b32) + - [ ] [Dex文件结构-ReadDex解析器实现](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458588591&idx=1&sn=f3af400aa11be8f19a775a31e96d7740) + - [ ] [10万美金!研究员如何黑进 Facebook 服务器](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458588591&idx=2&sn=0adaab3ebee5e866ad30ef7799307d47) + - [ ] [成为看雪讲师,开启技术分享的高光时刻](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458588591&idx=3&sn=b11fa1206f5347a3696b9363851d9aa9) + - [ ] [【金松奖】工行企业级数据要素流通全链路建设项目:集成数据安全、隐私计算等技术](https://mp.weixin.qq.com/s?__biz=MzIxMDIwODM2MA==&mid=2653931425&idx=1&sn=c1b619510a29b6a8bf9dfe7ba78649a3) + - [ ] [139款车型成功通过汽车数据安全合规检测](https://mp.weixin.qq.com/s?__biz=MzIxMDIwODM2MA==&mid=2653931425&idx=2&sn=f8ec500385ff22c0db9cd9b34d400ac6) + - [ ] [连续三年上榜!亚信安全成功入选毕马威中国金融科技企业双50榜单](https://mp.weixin.qq.com/s?__biz=MjM5NjY2MTIzMw==&mid=2650620698&idx=1&sn=2c718264abe114475c3b892a8f582efc) + - [ ] [全球瞭望|网络安全重大事件精选(152期)](https://mp.weixin.qq.com/s?__biz=MzkwMTMyMDQ3Mw==&mid=2247597421&idx=1&sn=be9598279f20a952fb0e19be307030dd) + - [ ] [国家保密局公告!](https://mp.weixin.qq.com/s?__biz=MzkwMTMyMDQ3Mw==&mid=2247597421&idx=2&sn=dfe5368b5e159e2231298817a047eeba) + - [ ] [基于区域预推荐和特征富集的SOD R-CNN交通标志检测网络](https://mp.weixin.qq.com/s?__biz=MzkwMTMyMDQ3Mw==&mid=2247597421&idx=3&sn=736013f6dea7772337ae25b3b6431881) + - [ ] [网络安全动态 - 2025.01.13](https://mp.weixin.qq.com/s?__biz=MzU1MzEzMzAxMA==&mid=2247499881&idx=1&sn=e66d795b31109a64bd94e8a129da6227) + - [ ] [企业级攻防技术揭秘](https://mp.weixin.qq.com/s?__biz=MzkxNTIwNTkyNg==&mid=2247553013&idx=1&sn=5a53c74b485756c6132de205dab8d238) + - [ ] [【免费领】黑客工具之王:DDoS攻击与防范实战技术大全](https://mp.weixin.qq.com/s?__biz=MzkxNTIwNTkyNg==&mid=2247553013&idx=2&sn=48cf79ce6b93328800d06a2cf1e15afa) + - [ ] [观安信息荣获“2024年海南能源数据要素应用创新大赛”优秀奖](https://mp.weixin.qq.com/s?__biz=MzIxNDIzNTcxMg==&mid=2247506478&idx=1&sn=a256623b122e68b48ef83b82df2ee77d) + - [ ] [洞·见 | 20250113](https://mp.weixin.qq.com/s?__biz=Mzk0MDQ5MTQ4NA==&mid=2247487338&idx=1&sn=7a588ce30f39ed317dde637ba1a2bb7b) + - [ ] [载誉前行 | 绿盟科技在NVDB-CAVD2024年度年终总结会上获得多项荣誉](https://mp.weixin.qq.com/s?__biz=MjM5ODYyMTM4MA==&mid=2650464189&idx=1&sn=84418624ed0bcf001f07ae24d5436b05) + - [ ] [通知 | 国家网信办就《网络信息内容多渠道分发服务机构相关业务活动管理规定(草案稿)》公开征求意见(附全文)](https://mp.weixin.qq.com/s?__biz=MzkyNDUyNzU1MQ==&mid=2247486653&idx=1&sn=772e1446d8dcf92eed8aa21e53329aab) + - [ ] [ios逆向攻防-应用重签名&代码注入](https://mp.weixin.qq.com/s?__biz=MzkxNDY0NjY3MQ==&mid=2247485283&idx=1&sn=0a2f46d49d80b5e7d674b91967e36b2a) + - [ ] [聚铭网络成功当选中关村华安关键信息基础设施安全保护联盟理事单位](https://mp.weixin.qq.com/s?__biz=MzIzMDQwMjg5NA==&mid=2247506484&idx=1&sn=7b1418949cde0ca75bab5f4f0f5f7b71) + - [ ] [第83期 | GPTSecurity周报](https://mp.weixin.qq.com/s?__biz=MzkzNDUxOTk2Mw==&mid=2247495678&idx=1&sn=c0825173d0cbbef6762dcdaf19b55727) + - [ ] [国家发展改革委等四部门联合印发《关于促进数据标注产业高质量发展的实施意见》](https://mp.weixin.qq.com/s?__biz=MjM5MzMwMDU5NQ==&mid=2649170151&idx=1&sn=3ad07afdb31186657760655f6da40abb) + - [ ] [划重点!2025年我国数据领域明确重点任务](https://mp.weixin.qq.com/s?__biz=MjM5MzMwMDU5NQ==&mid=2649170151&idx=2&sn=2caaf47c4cc04e9595155dabfb1bb770) + - [ ] [原创丨 近期观察 全球网络安全动态](https://mp.weixin.qq.com/s?__biz=Mzg2MTU5ODQ2Mg==&mid=2247507088&idx=1&sn=a6cabc27681f5e6a03d9e97fb8d7218b) + - [ ] [原创丨欧盟网络安全局发布《2024年欧盟网络安全状况报告》](https://mp.weixin.qq.com/s?__biz=Mzg2MTU5ODQ2Mg==&mid=2247507088&idx=2&sn=af8a1c12b18ecbda8f5bbd38c7e7b938) + - [ ] [对话|无影如何助力企业构建办公安全防护体系](https://mp.weixin.qq.com/s?__biz=MzA4MTQ2MjI5OA==&mid=2664091916&idx=1&sn=7a9b4fb48560a3e24eb8fe8b512f834f) + - [ ] [Frida从hook websocket协议看通杀流量加密](https://mp.weixin.qq.com/s?__biz=Mzk0ODM0MjA0OA==&mid=2247483896&idx=1&sn=1f6bf11a478f0f74a347455b0120e088) + - [ ] [【吃瓜】已上岸!](https://mp.weixin.qq.com/s?__biz=MzU3MjU4MjM3MQ==&mid=2247489591&idx=1&sn=96a899a7d742fa79856b5712bf1591bd) + - [ ] [年底裁员后坎坷的求职之路](https://mp.weixin.qq.com/s?__biz=Mzk0NTY5Nzc1OA==&mid=2247484262&idx=1&sn=194ead1613e2e6be48848984aa94d15c) + - [ ] [议题征集 | 关于征集第六期移动互联网APP产品安全漏洞技术沙龙议题的通知](https://mp.weixin.qq.com/s?__biz=MjM5NzYwNDU0Mg==&mid=2649249384&idx=1&sn=0ec25d262d67ca8b1b6ee4c4392ff393) + - [ ] [【数字政府优秀案例联播】交通智搜新升级:打造智能、专业、便捷的政务服务新体验](https://mp.weixin.qq.com/s?__biz=MjM5NzYwNDU0Mg==&mid=2649249384&idx=2&sn=1c6e329c6bca81c452ca789eab537c93) + - [ ] [安全简讯(2025.01.13)](https://mp.weixin.qq.com/s?__biz=MzkzNzY5OTg2Ng==&mid=2247500607&idx=1&sn=5ee26fcda2a35cda8864abdaef1b718c) + - [ ] [恶意软件容器化](https://mp.weixin.qq.com/s?__biz=Mzg5MDg3OTc0OA==&mid=2247489348&idx=1&sn=b58d14adab4a2ed80d2cf2457a31a0f0) + - [ ] [打造企业级安全护城河](https://mp.weixin.qq.com/s?__biz=MzkyNTY3Nzc3Mg==&mid=2247488105&idx=1&sn=d864d13b811f1050a778f9fd6cbff18f) + - [ ] [2025,感恩一路有你活动](https://mp.weixin.qq.com/s?__biz=MzI5ODE0ODA5MQ==&mid=2652281687&idx=1&sn=7934a57fd8a96c7620b9cc67dbab42c9) + - [ ] [贡献度排名第一!国舜股份积极支撑工信部车联网产品安全漏洞专业库](https://mp.weixin.qq.com/s?__biz=MzA3NjU5MTIxMg==&mid=2650575169&idx=1&sn=cf48f807b0a583ce0d72513c0185627d) + - [ ] [星火年鉴· 顶级篇 |注册量、解析量破200亿,工业互联网标识解析国家顶级节点(成都托管与灾备节点)加速推动制造业数字化转型](https://mp.weixin.qq.com/s?__biz=MzU1OTUxNTI1NA==&mid=2247592097&idx=1&sn=d31278c73cd636214c13c4a2520241ca) + - [ ] [如何充分利用网络安全保险](https://mp.weixin.qq.com/s?__biz=MzkxNzA3MTgyNg==&mid=2247534049&idx=1&sn=2beee14167a5b03d33ff211f021b29aa) + - [ ] [鼎信安全 | 网络安全一周资讯](https://mp.weixin.qq.com/s?__biz=MzIwOTc4MTE4Nw==&mid=2247500968&idx=1&sn=bb2762cbe059ca3cdb2ee97beb412f1e) + - [ ] [当猎人成为猎物:使用自定义回调禁用 EDR](https://mp.weixin.qq.com/s?__biz=MzAxODM5ODQzNQ==&mid=2247486308&idx=1&sn=8899e2a734b64f0ee44bb7c5b4a68ce6) + - [ ] [文心一言、智谱清言等302款生成式人工智能服务已在国家网信办完成备案!](https://mp.weixin.qq.com/s?__biz=MzA3NDIwNTY5Mw==&mid=2247507430&idx=1&sn=8fc56ec498e142e1cebb8ae9b7417166) + - [ ] [图解|我国数据出境合规指引](https://mp.weixin.qq.com/s?__biz=MzA3NDIwNTY5Mw==&mid=2247507430&idx=2&sn=b216dc6d7750bf76b4e299028ddc5923) + - [ ] [Proxy SwitchyOmega 被下架:一场针对浏览器扩展的大规模网络钓鱼攻击](https://mp.weixin.qq.com/s?__biz=MzIxMTg1ODAwNw==&mid=2247500395&idx=1&sn=291602b8ac131845db401dffb6b28de4) + - [ ] [元宇宙将比现实世界更受欢迎:现实世界会消失吗?](https://mp.weixin.qq.com/s?__biz=MzkxNDM4OTM3OQ==&mid=2247505731&idx=1&sn=60fbc4a4e811e38a7177d875e09e5cfa) + - [ ] [用于快速搜索 Windows 取证文件的开源工具](https://mp.weixin.qq.com/s?__biz=MzkxNDM4OTM3OQ==&mid=2247505731&idx=2&sn=59228995909b2e9daf2da495fa67be1c) + - [ ] [全球银行准备大规模裁员:人工智能改变游戏规则!](https://mp.weixin.qq.com/s?__biz=MzkxNDM4OTM3OQ==&mid=2247505731&idx=3&sn=5ec7b52e4a549a6f310663542aa58998) + - [ ] [DNA 测序仪漏洞标志着医疗器械行业固件存在问题](https://mp.weixin.qq.com/s?__biz=MzkxNDM4OTM3OQ==&mid=2247505731&idx=4&sn=eb4cadc77282c758c13dc8b2f01bb34f) + - [ ] [2025 年工作场所 Workplace 5.0 以人为本的人工智能](https://mp.weixin.qq.com/s?__biz=MzkxNDM4OTM3OQ==&mid=2247505731&idx=5&sn=7b760f6272929df09f16f94e15beb494) + - [ ] [网安牛马专属表情包分享](https://mp.weixin.qq.com/s?__biz=MzkwOTczNzIxNQ==&mid=2247485599&idx=1&sn=9c09dca6ca7bf3bb75677d03031d4acc) + - [ ] [新兴AI驱动勒索软件FunkSec:信息全球化与灰黑产的交汇](https://mp.weixin.qq.com/s?__biz=MzUxMjc0MTE3Mw==&mid=2247494897&idx=1&sn=33db12375b3946b756923f83a33eaeb3) + - [ ] [电子数据取证分析师培训通知](https://mp.weixin.qq.com/s?__biz=MzIyNzU0NjIyMg==&mid=2247488370&idx=1&sn=0d9e6254e52faf7fd8d6dbd9ab67cda7) + - [ ] [2024中国网络安全产业势能榜优能企业「制造行业」典型案例展示](https://mp.weixin.qq.com/s?__biz=MzI0MDY1MDU4MQ==&mid=2247580751&idx=1&sn=38ed7d42fddd1b5e624f8f2ac1ec4a44) + - [ ] [安全动态回顾|国家网络安全通报中心:重点防范境外恶意网址和恶意IP 超过4000个后门因注册过期域名而被劫持](https://mp.weixin.qq.com/s?__biz=MzI0MDY1MDU4MQ==&mid=2247580751&idx=2&sn=7886e26f1ed368509d62b0ced61b3b4c) + - [ ] [年终盘点之二|2024山石网科全国巡展,完美收官](https://mp.weixin.qq.com/s?__biz=MzAxMDE4MTAzMQ==&mid=2661297991&idx=1&sn=c48a9589b1b5c97bd4210077795118e6) + - [ ] [年终盘点之三|2024数据泄露十大事件(国内版)](https://mp.weixin.qq.com/s?__biz=MzAxMDE4MTAzMQ==&mid=2661297991&idx=2&sn=d17fb507b2dd73a6e5154a5f05396b9d) + - [ ] [大规模破解和黑客包泄漏 100 GB | 优质内容](https://mp.weixin.qq.com/s?__biz=MzkyNzYzNTQ2Nw==&mid=2247484004&idx=1&sn=669d69c22450a67894253aa651e376e2) + - [ ] [PHP服务器可能正在被挖矿!](https://mp.weixin.qq.com/s?__biz=MzU5OTMxNjkxMA==&mid=2247488442&idx=1&sn=c560220ca14fbb5f472bca815ee389f8) + - [ ] [【赠书抽奖】发现Web API漏洞居然能赚到400w刀,看懂这本书你也可以!](https://mp.weixin.qq.com/s?__biz=MzI1ODI0MTczNQ==&mid=2247491165&idx=1&sn=25ca0a0520923eeb18c1e1e347e391f0) + - [ ] [Sekiro+Yakit 热加载无痛绕sign](https://mp.weixin.qq.com/s?__biz=Mzg4Njg3MDk5Ng==&mid=2247486843&idx=1&sn=024bf3ec0b7902fb330412308737508b) + - [ ] [通用大模型分析恶意软件,完全不靠谱](https://mp.weixin.qq.com/s?__biz=Mzg5NTMxMjQ4OA==&mid=2247485549&idx=1&sn=5032b5ba9b4f8a43089a9684d4e3055a) + - [ ] [【游戏数据安全】反作弊分析分类](https://mp.weixin.qq.com/s?__biz=MzkyMTQzNTM3Ng==&mid=2247483865&idx=1&sn=2b58775007261ee5d7399fbefdbb34dd) + - [ ] [展望未来:Radware专家对2025年网络安全趋势的看法](https://mp.weixin.qq.com/s?__biz=MjM5ODE0Njk2Nw==&mid=2653021290&idx=1&sn=8e9017dd859c7b00e41e88c01b8d7746) + - [ ] [图形化漏洞利用Demo-JavaFX版](https://mp.weixin.qq.com/s?__biz=MzU2MDU5MDE2MA==&mid=2247484178&idx=1&sn=d1b640eaba093986d2a9b2be283ed362) + - [ ] [【挖洞实战】这不是只要有手就能批量挖Dom Xss漏洞](https://mp.weixin.qq.com/s?__biz=MzU2NDgzOTQzNw==&mid=2247503014&idx=1&sn=cea00ee2401be5a3b7910e4830df9796) + - [ ] [不妙,中招了【被供应链攻击的多个浏览器插件】,包含Proxy SwitchyOmega (V3)快看看你有没有中招!!!](https://mp.weixin.qq.com/s?__biz=Mzk0MzY3MDE5Mg==&mid=2247483900&idx=1&sn=bc2a24cb3acce687934d446c9b8e54ba) + - [ ] [DH POC撤稿之后还有后续......](https://mp.weixin.qq.com/s?__biz=MzkxNTY4NTQwMg==&mid=2247484250&idx=1&sn=94a79a0c3a5d9b0fd98cd00f3eb6e7c2) + - [ ] [工具集:Jar Analyzer【JAR包分析工具】](https://mp.weixin.qq.com/s?__biz=Mzk0MjY1ODE5Mg==&mid=2247485173&idx=1&sn=5a73100d1f93e564e9a47a52edecf6c9) + - [ ] [浅谈蜜罐原理与规避](https://mp.weixin.qq.com/s?__biz=MzUyODkwNDIyMg==&mid=2247546700&idx=1&sn=a1c5f7adaa827ba876c2a6f9ecca2c6c) + - [ ] [记一次简单的微信洗车小程序渗透学习](https://mp.weixin.qq.com/s?__biz=MzI3NjA4MjMyMw==&mid=2647789913&idx=1&sn=711f295d77c716f63cb014faa429975e) + - [ ] [从用户注册绕过到纵向权限提升接管SaaS平台](https://mp.weixin.qq.com/s?__biz=MzI4NTcxMjQ1MA==&mid=2247615126&idx=1&sn=0f4af4c6a0614c4c7d3cb8630b905b40) + - [ ] [通过高效的侦察发现关键漏洞接管整个IT基础设施](https://mp.weixin.qq.com/s?__biz=MzI4NTcxMjQ1MA==&mid=2247615126&idx=2&sn=5bd8af62ab97fbe13a4424ee9e7ce5b6) + - [ ] [网络抓包调试实践](https://mp.weixin.qq.com/s?__biz=MzkxMzMyNzMyMA==&mid=2247569635&idx=1&sn=2db73304bb7a151c07a5821530e7a565) + - [ ] [过来人告诉你网络安全到底要学什么?(附学习笔记、电子资料、安装包)](https://mp.weixin.qq.com/s?__biz=MzkxNDU0MTUyNw==&mid=2247491900&idx=1&sn=043fcafa82bfe031643f27f0ef9df91a) + - [ ] [Linux上常用的防火墙软件iptables详解](https://mp.weixin.qq.com/s?__biz=MzkxMzMyNzMyMA==&mid=2247569635&idx=2&sn=133bf1a2d285f34ca1fc65124517bc07) + - [ ] [行业动态|2025第三届商用密码展将于6月11日-13日在上海举办!](https://mp.weixin.qq.com/s?__biz=MzUyNjk2MDU4MQ==&mid=2247486408&idx=1&sn=1e184be0b0c354c02923ec5534f1dcc8) + - [ ] [南部非洲发展共同体(SADC)APT网络攻击趋势解析](https://mp.weixin.qq.com/s?__biz=Mzg3OTYxODQxNg==&mid=2247485597&idx=1&sn=158ede6f488e8ad3e77873fbeeb3c4d0) + - [ ] [章管家前台任意文件上传漏洞(XVE-2024-19042)](https://mp.weixin.qq.com/s?__biz=Mzg4NDg3NjE5MQ==&mid=2247485124&idx=1&sn=de4ced0e1f786160e9142f28356cf6df) + - [ ] [【黑产大数据】2024年数据泄露风险态势报告](https://mp.weixin.qq.com/s?__biz=MzI3NDY3NDUxNg==&mid=2247498732&idx=1&sn=4ba0213d21420c4b3a5fdde9907f5853) + - [ ] [第七届入侵检测挑战赛报名开启!](https://mp.weixin.qq.com/s?__biz=MzIxMjEwNTc4NA==&mid=2652997294&idx=1&sn=ec666eebc045f5a7137e852bd81614c9) + - [ ] [绘制网络拓扑图,这5款工具助你轻松搞定!](https://mp.weixin.qq.com/s?__biz=MzUyNTExOTY1Nw==&mid=2247527848&idx=1&sn=fe56854d8e8b69a9ccf90c73e04c010b) + - [ ] [MS-RPC 流程浅析](https://mp.weixin.qq.com/s?__biz=Mzg5NTkxNzg4MA==&mid=2247489836&idx=1&sn=a254b1c12d9a3d79caebaffc09e532e7) + - [ ] [Sec新闻周刊:中新赛克强势入选中国网络安全行业全景册](https://mp.weixin.qq.com/s?__biz=Mzk0ODUwNTg0Ng==&mid=2247489672&idx=1&sn=2c40fad5ea6c330b3e5af5fdc18c46a5) + - [ ] [对新人友好的云认证是?CCSK!!!](https://mp.weixin.qq.com/s?__biz=MzIxNTM4NDY2MQ==&mid=2247515685&idx=1&sn=60a26b482d668f9a65b58f8392a9aa76) + - [ ] [ITIL4 的职业发展前景](https://mp.weixin.qq.com/s?__biz=MzIxNTM4NDY2MQ==&mid=2247515685&idx=2&sn=dffc254743eee027c264d8b52275ee6d) + - [ ] [凭CZTP,进入零信任安全工程师赛道](https://mp.weixin.qq.com/s?__biz=MzIxNTM4NDY2MQ==&mid=2247515685&idx=3&sn=12e8c8877d43cab65bf2d3eae44546e5) + - [ ] [最新公告!可拨打12336举报泄密或保密违法违规行为](https://mp.weixin.qq.com/s?__biz=MzkyMDY4MTc2Ng==&mid=2247483966&idx=1&sn=e636d329a5b5ee3cc07d3b0281708352) + - [ ] [北京市西城区委常委、统战部部长江岚一行到访安博通](https://mp.weixin.qq.com/s?__biz=MzIyNTA5Mzc2OA==&mid=2651137396&idx=1&sn=a72bdcc625e7a11c1756e5501a86fd0f) + - [ ] [联想全球安全实验室热招AI安全领域精英,欢迎志同道合的小伙伴加入!](https://mp.weixin.qq.com/s?__biz=MzU1ODk1MzI1NQ==&mid=2247491476&idx=1&sn=41e46c9f328fd2e9c315fb6f0fb022ec) + - [ ] [【漏洞复现】科荣AIO系统存在代码执行漏洞](https://mp.weixin.qq.com/s?__biz=Mzg2MjkwMDY3OA==&mid=2247485529&idx=1&sn=5379f2f365b78268422e0aa297eaa61c) + - [ ] [论安全运营的本质(第十章)](https://mp.weixin.qq.com/s?__biz=MzkwNTI3MjIyOQ==&mid=2247484113&idx=1&sn=7f019dca19eb8721e20b86ecde235940) + - [ ] [CISSP管理者思路系列-6](https://mp.weixin.qq.com/s?__biz=MzIyMjYzNDgzMg==&mid=2247487609&idx=1&sn=53179fc57883fbb8721e1024c4d4fa23) + - [ ] [欢迎「金山云」入驻补天专属SRC!](https://mp.weixin.qq.com/s?__biz=MzI2NzY5MDI3NQ==&mid=2247507273&idx=1&sn=19b1a506b7082cf3e664e77cdd6e1e2e) + - [ ] [【吃瓜】优越感从何而来](https://mp.weixin.qq.com/s?__biz=Mzk0OTY2ODE1NA==&mid=2247484965&idx=1&sn=458ff1e5072a7220fb1597b412c31d4e) + - [ ] [无条件帮转高质量原创文章](https://mp.weixin.qq.com/s?__biz=MzkzNDIzNDUxOQ==&mid=2247494201&idx=1&sn=773dee3b8b7be36c839fd06a1f45d440) + - [ ] [【分析报告】蒙古国首都发生示威游行事件](https://mp.weixin.qq.com/s?__biz=MzkwNzM0NzA5MA==&mid=2247503784&idx=1&sn=fbcceefe3a99ba33bc9366707787a161) + - [ ] [蒙古国与日本及欧洲合作的多维影响:地缘政治、军事与经济分析](https://mp.weixin.qq.com/s?__biz=MzkwNzM0NzA5MA==&mid=2247503784&idx=2&sn=0567f454c7c6080d119916d7c420d945) + - [ ] [蒙古国与印度合作 :挑战交织下的地缘政治棋局](https://mp.weixin.qq.com/s?__biz=MzkwNzM0NzA5MA==&mid=2247503784&idx=3&sn=75dc380dad6d85821f4a51c795ceae3c) + - [ ] [CommonsCollections CC1攻击链详解](https://mp.weixin.qq.com/s?__biz=MzkzNzI2Mzc0Ng==&mid=2247486395&idx=1&sn=16923b6435b723ef0bceb14373cac87a) + - [ ] [西班牙电信巨头 Telefónica 发生严重数据泄露](https://mp.weixin.qq.com/s?__biz=MjM5Mzc4MzUzMQ==&mid=2650260383&idx=1&sn=2d52c9c19f4213f6db6138421d57362d) + - [ ] [算法治病还是杀人?留神医疗大模型被“投毒”](https://mp.weixin.qq.com/s?__biz=MzI1OTA1MzQzNA==&mid=2651247414&idx=1&sn=df34afa6162156e52419024004e80cad) + - [ ] [20元就能山寨官网!央视曝光克隆网站黑幕](https://mp.weixin.qq.com/s?__biz=MzU0MjE2Mjk3Ng==&mid=2247488395&idx=1&sn=5f461e90183934cf2a555d8bb1eb8628) + - [ ] [数据安全治理实践指南(4.0)](https://mp.weixin.qq.com/s?__biz=MzI3NjUzOTQ0NQ==&mid=2247517052&idx=1&sn=9ceaace23a7ee3df679b0ac1f15241dd) + - [ ] [坦诚点,让我们谈谈网络安全行业现状](https://mp.weixin.qq.com/s?__biz=Mzg4NzgyODEzNQ==&mid=2247488595&idx=1&sn=e0d96d17cc81d1fc1f9023201479b3d1) + - [ ] [网安全牛马注意了!!!某提权工具被投毒植入后门](https://mp.weixin.qq.com/s?__biz=MzkwODM3NjIxOQ==&mid=2247502254&idx=1&sn=65722ab7fe999110e71098d246f9b1fa) + - [ ] [澳门司法警察局“电子数据取证”交流培训活动圆满落幕](https://mp.weixin.qq.com/s?__biz=Mzg3MjE1NjQ0NA==&mid=2247514135&idx=1&sn=5db549d49218818eeb0c16de15922c25) + - [ ] [CES 2025的十大“人工智障”产品](https://mp.weixin.qq.com/s?__biz=MzkxNTI2MTI1NA==&mid=2247502100&idx=1&sn=c77ce9430cd56a9714c2b241df526cc7) + - [ ] [周刊 | 网安大事回顾(2025.1.6-2025.1.12)](https://mp.weixin.qq.com/s?__biz=MzkxNTI2MTI1NA==&mid=2247502100&idx=2&sn=12de4dfa2cd4a5a3b507b90cfa668bcc) + - [ ] [【我们这一年】网络和数据安全取得新突破](https://mp.weixin.qq.com/s?__biz=MzkyMDMwNTkwNg==&mid=2247487228&idx=1&sn=24663c9da168168f965aff20afce7a58) + - [ ] [轻量级、自适应Web爬虫工具](https://mp.weixin.qq.com/s?__biz=MzkyMDM4NDM5Ng==&mid=2247490227&idx=1&sn=74f8d20a405e1b97c6c308e7c5596e66) + - [ ] [一个永久的.NET渗透工具和知识仓库](https://mp.weixin.qq.com/s?__biz=MzkyMDM4NDM5Ng==&mid=2247490227&idx=2&sn=d9c48450125c96e885b697b496a8b413) + - [ ] [AAAI 25 | 融合分隔:协同专家混合模型用于数据稀缺环境下的药物-靶点相互作用预测](https://mp.weixin.qq.com/s?__biz=Mzg4MzE1MTQzNw==&mid=2247491733&idx=1&sn=83e02623adec1c30364f023dbc550518) + - [ ] [MITRE ATT&CK:应用指南与学习路径](https://mp.weixin.qq.com/s?__biz=MzkzMDQ0NzQwNA==&mid=2247485871&idx=1&sn=4a8fedb2de4d6a2fcf2456d0fd86e9b5) + - [ ] [罪恶角落,带你了解什么是暗网](https://mp.weixin.qq.com/s?__biz=Mzg3NTY0MjIwNg==&mid=2247485518&idx=1&sn=4883cd2d4061a65371d5afe9e0196c58) + - [ ] [【文中抽奖】一杯奶茶钱开挣生活费 SRC漏洞挖掘基础及赏金培训](https://mp.weixin.qq.com/s?__biz=MzI0NjE1NDYyOA==&mid=2247484790&idx=1&sn=7c58b5be658c0fb646c28fda9f8aeb33) + - [ ] [腾讯协助警方破获木马盗窃游戏账号案,涉案金额超 3000 万;|江苏一男子利用小程序Bug逃匿28万加油费,法院判了](https://mp.weixin.qq.com/s?__biz=MzAxMjE3ODU3MQ==&mid=2650606485&idx=1&sn=e6574ea4808aafdb1a8939a0e61f67e5) + - [ ] [国家网信办征求意见:平台应当以显著方式展示账号所属 MCN 机构](https://mp.weixin.qq.com/s?__biz=MzAxMjE3ODU3MQ==&mid=2650606485&idx=2&sn=ca90501b4575d0ee15461348ca0a7817) + - [ ] [记一次某OA渗透测试有意思的文件上传漏洞挖掘经历以及分析](https://mp.weixin.qq.com/s?__biz=MzAxMjE3ODU3MQ==&mid=2650606485&idx=3&sn=4bdcf90b59f41c99b28e4613268a24c6) + - [ ] [一个好用的越权扫描工具](https://mp.weixin.qq.com/s?__biz=MzAxMjE3ODU3MQ==&mid=2650606485&idx=4&sn=ead6d8702819a5443a5124688e8a6934) + - [ ] [【技术分享】WS视频流地址泄露利用方式](https://mp.weixin.qq.com/s?__biz=MzkxMTY1MTIzOA==&mid=2247484571&idx=1&sn=52dc59bb8dfe62fb3fd057d1f7a29b0c) + - [ ] [记一次从任意文件下载到getshell](https://mp.weixin.qq.com/s?__biz=Mzk0MTIzNTgzMQ==&mid=2247519178&idx=1&sn=ffc262a1b50eb5cd080dd71e5ec057ec) + - [ ] [常用浏览器的安全取证分析技术总结](https://mp.weixin.qq.com/s?__biz=MjM5MjEyMTcyMQ==&mid=2651037264&idx=1&sn=a1c62cd4e27808340ee69e684ca70983) + - [ ] [【神兵利器】HeavenlyBypassAV免杀工具](https://mp.weixin.qq.com/s?__biz=Mzg4MTU4NTc2Nw==&mid=2247494941&idx=1&sn=850fc249132011cdab654923792fead7) + - [ ] [程序源码保护攻防对抗记录](https://mp.weixin.qq.com/s?__biz=Mzg4MTU4NTc2Nw==&mid=2247494941&idx=2&sn=d2e1544fd257d23974c5f6f7fc9a3c23) + - [ ] [[0113]一周重点暗网情报|天际友盟情报站](https://mp.weixin.qq.com/s?__biz=MzIwNjQ4OTU3NA==&mid=2247510005&idx=1&sn=c48e4d5efd2041457d33e5f84223f855) + - [ ] [数十个Chrome扩展程序被黑客攻击,数百万用户数据被盗(包括Proxy SwitchyOmega在内)](https://mp.weixin.qq.com/s?__biz=MzkyODY3NjkyNQ==&mid=2247484756&idx=1&sn=388375c011cc6ec8046a8ec235ed4d62) + - [ ] [华硕(ASUS)RT-AX56U系列路由器error_page存在文件读取](https://mp.weixin.qq.com/s?__biz=MzkyOTg3ODc5OA==&mid=2247484162&idx=1&sn=535c46098f7db6c25a0500484da29ddc) + - [ ] [AI引领2024|智能体200+,执行任务近50000000次,这一年恒脑很忙](https://mp.weixin.qq.com/s?__biz=MjM5NTE0MjQyMg==&mid=2650623724&idx=1&sn=9537ef0dac94cf46a5a8a10023bc7f9b) + - [ ] [把握“AI”新浪潮 | 浙商总会数字资产及交易委员会一届二次委员会议举行](https://mp.weixin.qq.com/s?__biz=MjM5NTE0MjQyMg==&mid=2650623724&idx=2&sn=745381a3f0fbf8d64db495cffddd92c8) + - [ ] [美国超千万中小学生个人数据疑似泄露](https://mp.weixin.qq.com/s?__biz=MzIwNzAwOTQxMg==&mid=2652251197&idx=1&sn=a6f8126cf569ae8d1d20db2ec9ba5471) + - [ ] [从“金疙瘩”到“烫手山芋”,智算中心面临过剩危机](https://mp.weixin.qq.com/s?__biz=Mzg4MDE0MzQzMw==&mid=2247487996&idx=1&sn=7fc7f3d3e3de1061c83a2bd052aa06b6) + - [ ] [“迪普信创AI全流量态势感知”入选浙江省信息技术应用创新优秀解决方案](https://mp.weixin.qq.com/s?__biz=MzA4NzE5MzkzNA==&mid=2650370114&idx=1&sn=aad65c650effe7c6eb2b12046665ca6e) + - [ ] [泛微-云桥e-Bridge addTasteJsonp SQL注入漏洞](https://mp.weixin.qq.com/s?__biz=MzkzMTcwMTg1Mg==&mid=2247490141&idx=1&sn=9bdeb4a82982b626048e1a9069b4d1e9) + - [ ] [一次敏感信息泄露引发的逻辑漏洞挖掘](https://mp.weixin.qq.com/s?__biz=MzkxNzY5MTg1Ng==&mid=2247485481&idx=1&sn=1115561690fb800d94b50913f07bd6d2) + - [ ] [IClean](https://mp.weixin.qq.com/s?__biz=Mzk1NzY0NzMyMw==&mid=2247485282&idx=1&sn=fe2ef5eaa6f84e12f45e5f806d37f2b8) + - [ ] [企业防线的薄弱环节:深入了解供应链网络攻击的风险](https://mp.weixin.qq.com/s?__biz=MzA3MTUxNzQxMQ==&mid=2453885717&idx=1&sn=02370f3718668f2fb513019d1e09d686) + - [ ] [浅谈金融资产机构数据质量问题与应对策略](https://mp.weixin.qq.com/s?__biz=MzkwNDI0MjkzOA==&mid=2247485650&idx=1&sn=d18cd67e0c5c4da244c8b9bcf826c396) + - [ ] [微软采取法律行动保护公众免受人工智能生成内容的侵害](https://mp.weixin.qq.com/s?__biz=MzI2NzAwOTg4NQ==&mid=2649793828&idx=1&sn=46ceaef5035a0a62be54836973ba1e77) + - [ ] [GitHub 上的虚假 LDAPNightmware 漏洞投放信息窃取恶意软件](https://mp.weixin.qq.com/s?__biz=MzI2NzAwOTg4NQ==&mid=2649793828&idx=2&sn=75c89a73f526a3eef48834b9589071a7) + - [ ] [泽连斯基访问意大利后,亲俄黑客发动新一波 DDoS 攻击](https://mp.weixin.qq.com/s?__biz=MzI2NzAwOTg4NQ==&mid=2649793828&idx=3&sn=e0a4e09c8099a8284fd038f81a885f3b) + - [ ] [2025的第一个私活,赚了2w](https://mp.weixin.qq.com/s?__biz=MzUzMDQ1MTY0MQ==&mid=2247506577&idx=1&sn=dd37e4692c9c7937254675370f08279d) + - [ ] [Lua项目下SSRF利用Redis文件覆盖lua回显RCE](https://mp.weixin.qq.com/s?__biz=Mzk0Mzc1MTI2Nw==&mid=2247487032&idx=1&sn=3953d7b15c531d645369722844c65578) + - [ ] [实战|拿下了自己学校的大屏幕](https://mp.weixin.qq.com/s?__biz=MzU2NzY5MzI5Ng==&mid=2247504764&idx=1&sn=5c021b505429afbebdaa8a822ad917e9) + - [ ] [【快收藏】信创认证一文通:你想知道的都在这儿](https://mp.weixin.qq.com/s?__biz=MzU2NzY5MzI5Ng==&mid=2247504764&idx=2&sn=3078de2e0ecc85d9808e62d9c2dad6c9) + - [ ] [vulnhub之Sputnik的实践](https://mp.weixin.qq.com/s?__biz=MzA3MjM5MDc2Nw==&mid=2650748923&idx=1&sn=da1b2662ae1830f66e01ee29a39ce551) + - [ ] [【吃瓜】要不是真的没绷住,没周末还发吃瓜啊?](https://mp.weixin.qq.com/s?__biz=MzIxNTIzNTExMQ==&mid=2247490663&idx=1&sn=76c8f084b038a53cb020772026ab8e04) + - [ ] [网络安全讲师(兼职)招募](https://mp.weixin.qq.com/s?__biz=MzU4OTg4Nzc4MQ==&mid=2247505479&idx=1&sn=33e43aa495d88306d800d5786147d55b) + - [ ] [网络安全ctf比赛/学习资源整理,解题工具、比赛时间、解题思路、实战靶场、学习路线,推荐收藏!](https://mp.weixin.qq.com/s?__biz=MzU4OTg4Nzc4MQ==&mid=2247505479&idx=2&sn=b430206fc0a060fe581e40f7929f1724) + - [ ] [云上安全的五大威胁及防护措施](https://mp.weixin.qq.com/s?__biz=Mzg2MDg0ODg1NQ==&mid=2247539478&idx=1&sn=7a255a9243b48db12349cb6c05714760) +- Private Feed for M09Ic + - [ ] [safedv starred RedByte1337/GraphSpy](https://github.com/RedByte1337/GraphSpy) + - [ ] [kpcyrd starred woodruffw/zizmor](https://github.com/woodruffw/zizmor) + - [ ] [zema1 started following kotori2](https://github.com/kotori2) + - [ ] [zer0yu starred afnanenayet/diffsitter](https://github.com/afnanenayet/diffsitter) + - [ ] [wh0amitz starred pureqh/Hyacinth](https://github.com/pureqh/Hyacinth) + - [ ] [4ra1n starred icsharpcode/ILSpy](https://github.com/icsharpcode/ILSpy) + - [ ] [Ridter starred doyensec/CSPTBurpExtension](https://github.com/doyensec/CSPTBurpExtension) + - [ ] [h3zh1 pushed to master in chainreactors/malefic](https://github.com/chainreactors/malefic/compare/c71ba53e38...3aea9cd265) + - [ ] [Rvn0xsy starred bytevet/proxyverse](https://github.com/bytevet/proxyverse) + - [ ] [DVKunion starred zero-peak/ZeroOmega](https://github.com/zero-peak/ZeroOmega) + - [ ] [INotGreen starred H4ckF0rFun/elf_to_shellcode](https://github.com/H4ckF0rFun/elf_to_shellcode) + - [ ] [zer0yu started following mal-tee](https://github.com/mal-tee) + - [ ] [Ridter forked Ridter/reality from howmp/reality](https://github.com/Ridter/reality) + - [ ] [pmiaowu starred lemono0/FastJsonParty](https://github.com/lemono0/FastJsonParty) + - [ ] [glzjin starred cliffe/SecGen](https://github.com/cliffe/SecGen) + - [ ] [Ridter starred howmp/reality](https://github.com/howmp/reality) + - [ ] [ring04h starred uber-go/goleak](https://github.com/uber-go/goleak) + - [ ] [yzddmr6 forked yzddmr6/520apkhook from sec-db/520apkhook](https://github.com/yzddmr6/520apkhook) + - [ ] [yzddmr6 starred howmp/reality](https://github.com/howmp/reality) +- Recent Commits to cve:main + - [ ] [Update Mon Jan 13 20:21:05 UTC 2025](https://github.com/trickest/cve/commit/6d1183495f89140d47f2cca943f8e3e0b0c86f4a) + - [ ] [Update Mon Jan 13 12:18:30 UTC 2025](https://github.com/trickest/cve/commit/25b0ea30350fdeb5c900d370af0419f11ef61acc) + - [ ] [Update Mon Jan 13 04:15:26 UTC 2025](https://github.com/trickest/cve/commit/e8cfcd643185168d79075322c94dc7a7868ad6f0) +- 奇安信攻防社区 + - [ ] [AFL++工具运行原理与实战分析](https://forum.butian.net/share/4033) + - [ ] [安全开发原则与编码规范](https://forum.butian.net/share/4036) +- 一个被知识诅咒的人 + - [ ] [【Python】深入解析Python的上下文管理器与资源管理:实现自定义的`with`语句](https://blog.csdn.net/nokiaguy/article/details/145113849) + - [ ] [Python中的动态属性:用__getattr__和__setattr__实现灵活的数据访问](https://blog.csdn.net/nokiaguy/article/details/145113830) +- Bug Bounty in InfoSec Write-ups on Medium + - [ ] [How I got my first bounty of $$$](https://infosecwriteups.com/how-i-got-my-first-bounty-of-e163f970d1e0?source=rss----7b722bfd1b8d--bug_bounty) + - [ ] [The Subdomain They Forgot — How I Chained Bugs for a $1,000 Bounty](https://infosecwriteups.com/the-subdomain-they-forgot-how-i-chained-bugs-for-a-1-000-bounty-094d89758489?source=rss----7b722bfd1b8d--bug_bounty) + - [ ] [How I got my name on WHO’s Hall of Fame](https://infosecwriteups.com/how-i-got-my-name-on-whos-hall-of-fame-060d57662b16?source=rss----7b722bfd1b8d--bug_bounty) +- Twitter @bytehx + - [ ] [Re @0xRAYAN7 @Hacker0x01 Congrats 🎉](https://x.com/bytehx343/status/1878754781633896462) +- Reverse Engineering + - [ ] [/r/ReverseEngineering's Weekly Questions Thread](https://www.reddit.com/r/ReverseEngineering/comments/1i0967i/rreverseengineerings_weekly_questions_thread/) + - [ ] [How Hard Is It to Port Frida to an Unsupported Platform? (Let’s Find Out)](https://www.reddit.com/r/ReverseEngineering/comments/1i0hser/how_hard_is_it_to_port_frida_to_an_unsupported/) + - [ ] [The Permission Slip Attack, Leveraging a Confused Deputy in Android with 'pSlip'](https://www.reddit.com/r/ReverseEngineering/comments/1i0ih4y/the_permission_slip_attack_leveraging_a_confused/) +- Malwarebytes + - [ ] [The new rules for AI and encrypted messaging, with Mallory Knodel (Lock and Code S06E01)](https://www.malwarebytes.com/blog/uncategorized/2025/01/the-new-rules-for-ai-and-encrypted-messaging-with-mallory-knodel-lock-and-code-s06e01) + - [ ] [iMessage text gets recipient to disable phishing protection so they can be phished](https://www.malwarebytes.com/blog/news/2025/01/imessage-text-gets-recipient-to-disable-phishing-protection-so-they-can-be-phished) + - [ ] [A week in security (January 6 – January 12)](https://www.malwarebytes.com/blog/news/2025/01/a-week-in-security-january-6-january-12) +- Webroot Blog + - [ ] [Why MSPs must offer 24/7 cybersecurity protection and response — and how OpenText MDR can help](https://www.webroot.com/blog/2025/01/13/why-msps-must-offer-24-7-cybersecurity-protection-and-response/) +- Intigriti + - [ ] [7 Overlooked recon techniques to find more vulnerabilities](https://www.intigriti.com/researchers/blog/hacking-tools/7-overlooked-recon-techniques-to-find-more-vulnerabilities) +- Horizon3.ai + - [ ] [The Death of BAS and the Rise of Autonomous Pentesting](https://www.horizon3.ai/intelligence/blogs/the-death-of-bas-and-the-rise-of-autonomous-pentesting/) + - [ ] [Critical Vulnerabilities in SimpleHelp Remote Support Software](https://www.horizon3.ai/attack-research/disclosures/critical-vulnerabilities-in-simplehelp-remote-support-software/) +- FreeBuf网络安全行业门户 + - [ ] [FreeBuf早报 | 央视曝光“克隆网站”;IBM漏洞允许攻击者嵌入任意JS代码](https://www.freebuf.com/news/419728.html) + - [ ] [警惕!1亿macOS用户面临Banshee新变种威胁](https://www.freebuf.com/news/419718.html) + - [ ] [Azure AI被黑客越狱,提供“黑客即服务”](https://www.freebuf.com/news/419701.html) + - [ ] [研究人员成功入侵苹果新型USB-C控制器](https://www.freebuf.com/news/419681.html) + - [ ] [SaaS安全大考:黑客“全明星”盘点与2025年备战指南](https://www.freebuf.com/articles/419699.html) +- 绿盟科技技术博客 + - [ ] [绿盟科技威胁情报周报(2025.01.06-2025.01.12)](https://blog.nsfocus.net/2025-01-06-2025-01-12/) +- HackerNews + - [ ] [泽连斯基访问意大利后亲俄黑客发动新一波 DDoS 攻击](https://hackernews.cc/archives/56858) + - [ ] [印度加密货币交易所 Mudrex 解释提款暂停原因](https://hackernews.cc/archives/56852) + - [ ] [新型 Web3 攻击利用交易模拟窃取加密货币](https://hackernews.cc/archives/56845) + - [ ] [网络钓鱼短信诱骗苹果 iMessage 用户关闭保护机制](https://hackernews.cc/archives/56837) + - [ ] [AI 驱动勒索软件 FunkSec 采用双重勒索战术攻击 85 名受害者](https://hackernews.cc/archives/56832) +- 安全牛 + - [ ] [2025年人工智能带来的五大网络安全预测及其应对策略](https://www.aqniu.com/homenews/107946.html) + - [ ] [苹果最新ACE3 USB-C控制器被破解,引发设备安全担忧;IBM watsonx.ai平台安全漏洞或导致XSS攻击风险 |牛览](https://www.aqniu.com/homenews/107947.html) +- 奇客Solidot–传递最新科技情报 + - [ ] [Mastodon 将控制权转交给一家非盈利组织](https://www.solidot.org/story?sid=80320) + - [ ] [微软在六地测试 Microsoft 365 涨价](https://www.solidot.org/story?sid=80319) + - [ ] [《疯狂出租车》速通玩家用现场演奏避免版权问题](https://www.solidot.org/story?sid=80318) + - [ ] [售价 12 美元衣服的背后](https://www.solidot.org/story?sid=80317) + - [ ] [2024 年德国可更新能源占到发电量的 62.7%](https://www.solidot.org/story?sid=80316) + - [ ] [NASA JPL 和威尔逊山天文台未被山火波及](https://www.solidot.org/story?sid=80315) + - [ ] [小鼠研究解释为何新记忆不会覆盖旧记忆](https://www.solidot.org/story?sid=80314) + - [ ] [TikTok 在世界各地都面临法律诉讼](https://www.solidot.org/story?sid=80313) + - [ ] [Matt Mullenweg 关闭了多位据称试图创建分支的 WordPress.org 贡献者账号](https://www.solidot.org/story?sid=80312) + - [ ] [关系衰退成为一种全球性现象](https://www.solidot.org/story?sid=80311) +- 黑海洋 - IT技术知识库 + - [ ] [Nezha V1:哪吒监控自定义代码美化](https://blog.upx8.com/4652) +- 腾讯玄武实验室 + - [ ] [每日安全动态推送(25/1/13)](https://mp.weixin.qq.com/s?__biz=MzA5NDYyNDI0MA==&mid=2651959984&idx=1&sn=daac9046ff73a9a0334acecde2fdd4cf&chksm=8baed22fbcd95b39cca160d7f1d5ce7eec7ae7a66b8907a88b9f41db4f4b2423dccc01f85b54&scene=58&subscene=0#rd) +- 安全分析与研究 + - [ ] [伪装成Chrome安装程序传播银狐最新变种](https://mp.weixin.qq.com/s?__biz=MzA4ODEyODA3MQ==&mid=2247489956&idx=1&sn=91861b57be376b8d6fa0d075edf1d6b6&chksm=902fb68ca7583f9a4714da177a1e775f3170d9875f63c7e39f99f27ff826fa2f22f3cec354c2&scene=58&subscene=0#rd) +- 奇安信 CERT + - [ ] [【技术细节公开】Ivanti 多款产品缓冲区溢出漏洞(CVE-2025-0282)安全风险通告](https://mp.weixin.qq.com/s?__biz=MzU5NDgxODU1MQ==&mid=2247502754&idx=1&sn=48a21e24bdfc8908bb32481d68e1cb9b&chksm=fe79ef3ac90e662c847aaac7838231f459a77d12388ca13ee7bb9ae8b12b5e2b051c5fd1d54e&scene=58&subscene=0#rd) + - [ ] [安全热点周报:黑客利用自定义恶意软件对受感染的 Ivanti 设备发起零日攻击](https://mp.weixin.qq.com/s?__biz=MzU5NDgxODU1MQ==&mid=2247502754&idx=2&sn=71834c7ec593bc49ee831cf81afb0628&chksm=fe79ef3ac90e662c0938869f54ea887addd6c578f54932f05bf3901d6b96b1048e3ae3fee67c&scene=58&subscene=0#rd) +- 雷神众测 + - [ ] [雷神众测漏洞周报2025.1.6-2025.1.12](https://mp.weixin.qq.com/s?__biz=MzI0NzEwOTM0MA==&mid=2652503275&idx=1&sn=2b10bfb0eb83fdb8f10466f9476b7a57&chksm=f2585f58c52fd64e76b8d6e69b0939688a5ad89e9a654a4eb9345d294e495326b8a5b197a01b&scene=58&subscene=0#rd) +- Black Hills Information Security + - [ ] [Introduction to Zeek Log Analysis](https://www.blackhillsinfosec.com/introduction-to-zeek-log-analysis-wrap/) +- 看雪学苑 + - [ ] [Dex文件结构-ReadDex解析器实现](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458588591&idx=1&sn=f3af400aa11be8f19a775a31e96d7740&chksm=b18c252586fbac3333019757efad00be145ea661a9a9fcd7c622c441e62f07dc2c3f4bc04f0f&scene=58&subscene=0#rd) + - [ ] [10万美金!研究员如何黑进 Facebook 服务器](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458588591&idx=2&sn=0adaab3ebee5e866ad30ef7799307d47&chksm=b18c252586fbac33941785182240f8c6b7e6cb0ae71488a6845d7fc5236e82b4cd7f416efc73&scene=58&subscene=0#rd) + - [ ] [成为看雪讲师,开启技术分享的高光时刻](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458588591&idx=3&sn=b11fa1206f5347a3696b9363851d9aa9&chksm=b18c252586fbac337f968ef57b1c1b5fef6e47c287b8a331ba6e79c740794c1b13359655edf3&scene=58&subscene=0#rd) +- 威努特安全网络 + - [ ] [5G+AI+信创,深度揭秘智慧矿山工业控制网络构建之道](https://mp.weixin.qq.com/s?__biz=MzAwNTgyODU3NQ==&mid=2651130319&idx=1&sn=345bdcb858d6db350bb617bf16fd1016&chksm=80e7137fb7909a699eb5c07fdd6d2f9bef27138bffc3f57a27cc512027d7bd4045cee717da3e&scene=58&subscene=0#rd) +- 软件安全与逆向分析 + - [ ] [eBPF开发指南从原理到应用如何学习](https://mp.weixin.qq.com/s?__biz=MzU3MTY5MzQxMA==&mid=2247484752&idx=1&sn=488c75243ec385aeda8c794e69785718&chksm=fcdd055dcbaa8c4bc476588f2467b3531d64c869ec3b4eea33f0b82d3153f79da8ef2fa34521&scene=58&subscene=0#rd) +- 安全内参 + - [ ] [泄露近600万客户敏感数据,这家金融机构被罚超1.4亿元](https://mp.weixin.qq.com/s?__biz=MzI4NDY2MDMwMw==&mid=2247513476&idx=1&sn=605167ebb5844cbdb4b12e1f489b5730&chksm=ebfaf2a4dc8d7bb25f7b717c165921f0c5af838718a2072ecef6f2e98d7daa0faadd51b8688e&scene=58&subscene=0#rd) + - [ ] [算法治病还是杀人?留神医疗大模型被“投毒”](https://mp.weixin.qq.com/s?__biz=MzI4NDY2MDMwMw==&mid=2247513476&idx=2&sn=3b473e5b6b3eadea5cc1f0973885d17d&chksm=ebfaf2a4dc8d7bb2d21d3da21117942d17be63755bbb6828059cf21f8e9124f7375675fd76a9&scene=58&subscene=0#rd) +- 绿盟科技研究通讯 + - [ ] [从云原生攻防靶场看新型计算环境下的网络安全实战人才培养](https://mp.weixin.qq.com/s?__biz=MzIyODYzNTU2OA==&mid=2247498256&idx=1&sn=b2635dc70b17f67d197e6cceb52ebd1e&chksm=e84c5ccfdf3bd5d9566dc0f75159a4507fa4c58e8cc505f8a16eafc62825cd80b6a7b1a853bd&scene=58&subscene=0#rd) +- 代码卫士 + - [ ] [GFI KerioControl 防火墙存在严重的RCE漏洞](https://mp.weixin.qq.com/s?__biz=MzI2NTg4OTc5Nw==&mid=2247522044&idx=1&sn=71bbcad32c9a0753d8385256ee5dad03&chksm=ea94a796dde32e80febb13e46990720e4748e375842d7d932e99d76c82cb55e561bf2219c17c&scene=58&subscene=0#rd) + - [ ] [CrowdStrike虚假工作邀约通过密币挖矿机感染开发人员](https://mp.weixin.qq.com/s?__biz=MzI2NTg4OTc5Nw==&mid=2247522044&idx=2&sn=f72144000ab0d2c1280f017af0018e6e&chksm=ea94a796dde32e802b549f6142713bd6d30abcff4fb2dad9a2d96d274145d96f5962e976b84c&scene=58&subscene=0#rd) +- dotNet安全矩阵 + - [ ] [.NET 实战中批量获取数据库凭据的工具](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498183&idx=1&sn=93271af446b9fab68ddccddd1c8d42fa&chksm=fa59572acd2ede3c188f8fba769e989eafc4d9a5d892cc3dca36098c37de2975099065f1c4f8&scene=58&subscene=0#rd) + - [ ] [国内最专业、最全面的 [ .NET 代码审计 ] 体系化学习交流社区](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498183&idx=2&sn=f8f8e1c70409762960a7fae57b956271&chksm=fa59572acd2ede3cedb794d2838a04af22159a4117a372cf7add6b7d007dfc63f631a9b5f619&scene=58&subscene=0#rd) + - [ ] [.NET 第54期红队武器库和资源汇总](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498183&idx=3&sn=fa292ad02108f28ed17b5fde3b8a7c88&chksm=fa59572acd2ede3cf7b38bbd15169bf26c14b1e0eb68076c59512d1c8c6a33d5f08631afd4f3&scene=58&subscene=0#rd) +- 安全研究GoSSIP + - [ ] [G.O.S.S.I.P 阅读推荐(?) 2025-01-13 Nothing Bad](https://mp.weixin.qq.com/s?__biz=Mzg5ODUxMzg0Ng==&mid=2247499611&idx=1&sn=f4c84ebd4655e6b7c270acc34692023d&chksm=c063d182f71458946d68d728ea7c53c8c927518a5bf7034bbac7c87669e69efa83fec019fcae&scene=58&subscene=0#rd) +- 丁爸 情报分析师的工具箱 + - [ ] [【资料】大语言模型对开源情报的影响](https://mp.weixin.qq.com/s?__biz=MzI2MTE0NTE3Mw==&mid=2651148521&idx=1&sn=4c4aa636b9f05e358e1ed6469a640d2a&chksm=f1af27d3c6d8aec5afa85e4307e772bd2f2cca8056aa8bafa63d4dd65dd2fb8977a9dbed3550&scene=58&subscene=0#rd) +- 安全圈 + - [ ] [【安全圈】建立数据跨境服务中心、便利化访问国际互联网,上海虹桥商务区国际贸易中心新平台建设进一步落实](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067321&idx=1&sn=dd8f1699f9d8cbba67e8abc6091ffa6c&chksm=f36e79b9c419f0af2618c6816f0e6608ea027b7cad85fab87f7b8f411d608609fcee8157d58f&scene=58&subscene=0#rd) + - [ ] [【安全圈】浙江某海岛发现间谍!抓了!](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067321&idx=2&sn=6fab346cb4be5016a1f9a40489cc5d01&chksm=f36e79b9c419f0af38c10930f488326095bfe4671378c6afd9bb07992f854d2172088ac98e14&scene=58&subscene=0#rd) + - [ ] [【安全圈】研究人员入侵苹果新 USB-C 控制器](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067321&idx=3&sn=0baa019796225a8a1f3681f24e502952&chksm=f36e79b9c419f0afe0189b75ee69031de31213c10e55e69f5d89c92abcaabad3e78d2661af5f&scene=58&subscene=0#rd) + - [ ] [【安全圈】微软起诉利用 Azure AI 创建有害内容的黑客组织](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067321&idx=4&sn=4ea1e634e045d59be08019f06a4fd52b&chksm=f36e79b9c419f0afb77e12ec0c05482c0c727401e2761ea07b3093e610802a46b227f479adae&scene=58&subscene=0#rd) +- XCTF联赛 + - [ ] [SUCTF 2025落幕|S1uM4i战队实力夺冠!](https://mp.weixin.qq.com/s?__biz=MjM5NDU3MjExNw==&mid=2247515484&idx=1&sn=0c506fe6fa7d8296675e4a1821546192&chksm=a6874f6691f0c6701e164a48a8ed8c4bde1eddca05b9ff21a02a8863935a46ed8b2e6c369f39&scene=58&subscene=0#rd) +- 慢雾科技 + - [ ] [慢雾:演员王星被骗事件相关聊天截图调查](https://mp.weixin.qq.com/s?__biz=MzU4ODQ3NTM2OA==&mid=2247500907&idx=1&sn=1e629e1d6e96b48b3c5962aadba90a92&chksm=fddebaeccaa933fac3c0ee1a35cabeede882a8c5d99b8cab223c3abf838eb73b0a8b16aac029&scene=58&subscene=0#rd) +- 唯品会安全应急响应中心 + - [ ] [2025,感恩一路有你活动](https://mp.weixin.qq.com/s?__biz=MzI5ODE0ODA5MQ==&mid=2652281687&idx=1&sn=7934a57fd8a96c7620b9cc67dbab42c9&chksm=f74872c3c03ffbd5a39cf25b67cca249855855c79ad62cc9f41efbfc513ddaa3dfb8523cad10&scene=58&subscene=0#rd) +- 数世咨询 + - [ ] [如何充分利用网络安全保险](https://mp.weixin.qq.com/s?__biz=MzkxNzA3MTgyNg==&mid=2247534049&idx=1&sn=2beee14167a5b03d33ff211f021b29aa&chksm=c144375cf633be4a2ef79af31f437db15f11d64a03e292555e3305690495a36e1d1963d05ab1&scene=58&subscene=0#rd) +- 情报分析师 + - [ ] [俄罗斯如何塑造间谍高手:训练体系深度剖析](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650558899&idx=1&sn=2915b6a37534cfc83230d3de7449dcaa&chksm=87117ff8b066f6ee06eb18ad521152f3716b0d9258666c7779e81b545c70bdc3cfceca103fa4&scene=58&subscene=0#rd) + - [ ] [【分析报告】蒙古国首都发生示威游行事件](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650558899&idx=2&sn=77b7afadae9bddf9b737487ca90c52fe&chksm=87117ff8b066f6ee084e62fc5d2a41918294746a76c56d216b230fd80f5b820b9186c49869df&scene=58&subscene=0#rd) + - [ ] [蒙古国与日本及欧洲合作的多维影响:地缘政治、军事与经济分析](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650558899&idx=3&sn=58043dc5d2b15fd6d20c09516df03fad&chksm=87117ff8b066f6eedba595c9c512b301a9789917018b6d62d28b3bc361131a4ba02ff17b2738&scene=58&subscene=0#rd) +- 网络空间安全科学学报 + - [ ] [“可信计算”专题征稿](https://mp.weixin.qq.com/s?__biz=MzI0NjU2NDMwNQ==&mid=2247504642&idx=1&sn=c447628a36e58e0247573195b34c3d8b&chksm=e9bfc7bcdec84eaa8510c6005dc89ac688fc5192fecb9e012fdf5b83d4f181e939f4ba124580&scene=58&subscene=0#rd) +- 嘶吼专业版 + - [ ] [2024中国网络安全产业势能榜优能企业「制造行业」典型案例展示](https://mp.weixin.qq.com/s?__biz=MzI0MDY1MDU4MQ==&mid=2247580751&idx=1&sn=38ed7d42fddd1b5e624f8f2ac1ec4a44&chksm=e9146c75de63e56358f97bd26b9565f64210ce19c2b9a55727c9b577b37fca91fab1a28f274a&scene=58&subscene=0#rd) + - [ ] [安全动态回顾|国家网络安全通报中心:重点防范境外恶意网址和恶意IP 超过4000个后门因注册过期域名而被劫持](https://mp.weixin.qq.com/s?__biz=MzI0MDY1MDU4MQ==&mid=2247580751&idx=2&sn=7886e26f1ed368509d62b0ced61b3b4c&chksm=e9146c75de63e563f72002cb53362e5fa9e384504cdfcc9ec47eacd59f6a3696caccfa63665a&scene=58&subscene=0#rd) +- 补天平台 + - [ ] [欢迎「金山云」入驻补天专属SRC!](https://mp.weixin.qq.com/s?__biz=MzI2NzY5MDI3NQ==&mid=2247507273&idx=1&sn=19b1a506b7082cf3e664e77cdd6e1e2e&chksm=eaf99505dd8e1c135ce0c1a1e5f8fd384644130faee4eae62a6916b89c631d8954aaab977e87&scene=58&subscene=0#rd) +- 极客公园 + - [ ] [每年 CES 都在产生共识,今年的共识是「端侧 AI」](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653071933&idx=1&sn=d7693f2c1d7c3eb862f6ff0bb8526f41&chksm=7e57d78b49205e9da2a691dd98bdc22a24d333c801f0a90a5898a83a6b3d048af13a7b31efbe&scene=58&subscene=0#rd) + - [ ] [外国车企的「智能树」,原来是这么「点歪」的](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653071901&idx=1&sn=5864aeebb9264f2381a2342858667d85&chksm=7e57d7ab49205ebda200c07e6ee6ae1b853dcdb8a9c077758a7e777598d73c7045e16320a1c3&scene=58&subscene=0#rd) + - [ ] [英伟达员工 78% 成为百万富翁;三星推出可穿戴设备固态电池原型;苹果在英国面临 18.3 亿美元罚款 | 极客早知道](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653071869&idx=1&sn=6c39746dfc45cb66b03b8e02c4549351&chksm=7e57d44b49205d5deea6c8f731ebecc14742ed3ff7879b77c91745b654df34b03012ee061c86&scene=58&subscene=0#rd) +- 字节跳动技术团队 + - [ ] [豆包MarsCode新年宠粉|参与老带新,赢索尼PS5、HHKB键盘、京东卡等惊喜好礼](https://mp.weixin.qq.com/s?__biz=MzI1MzYzMjE0MQ==&mid=2247512805&idx=1&sn=83842ceb2d52096df8947db282dcdc4c&chksm=e9d37907dea4f011803f1ed11270cfa75f7b5614ef994bc46b4d4f34d809b4a87f8e830f56c2&scene=58&subscene=0#rd) +- 威胁猎人Threat Hunter + - [ ] [【黑产大数据】2024年数据泄露风险态势报告](https://mp.weixin.qq.com/s?__biz=MzI3NDY3NDUxNg==&mid=2247498732&idx=1&sn=4ba0213d21420c4b3a5fdde9907f5853&chksm=eb12ddd7dc6554c159f48548263a9a233949da1046c171f8b9bb2618db59d043d9bacf4bd21d&scene=58&subscene=0#rd) +- CNVD漏洞平台 + - [ ] [CNVD漏洞周报2025年第2期](https://mp.weixin.qq.com/s?__biz=MzU3ODM2NTg2Mg==&mid=2247495678&idx=1&sn=7e9c30d0d4f9240a45a5e9618ff48fdb&chksm=fd74df37ca03562164a2b3c76c24dc512ef7ad74eb26251804eb0b78b40a3220adf127ca577f&scene=58&subscene=0#rd) + - [ ] [上周关注度较高的产品安全漏洞(20250106-20250112)](https://mp.weixin.qq.com/s?__biz=MzU3ODM2NTg2Mg==&mid=2247495678&idx=2&sn=27fbe9305e2b484bc5effac02d04f64a&chksm=fd74df37ca0356219bbde36812ef8acecf2a9c42679ccda3598d1c426be88c2934c747fbbb77&scene=58&subscene=0#rd) +- 阿里安全响应中心 + - [ ] [第七届入侵检测挑战赛报名开启!](https://mp.weixin.qq.com/s?__biz=MzIxMjEwNTc4NA==&mid=2652997294&idx=1&sn=ec666eebc045f5a7137e852bd81614c9&chksm=8c9e09f9bbe980efd176856df4a8a886d129663f65f3bd92dfbefa211145e734dd0e7fb7aaeb&scene=58&subscene=0#rd) +- 360数字安全 + - [ ] [2024,我们这一年|“AI”启新章 安全踏新程!](https://mp.weixin.qq.com/s?__biz=MzA4MTg0MDQ4Nw==&mid=2247578968&idx=1&sn=2179071a8126d2033abf57b40c957aff&chksm=9f8d2550a8faac464879455a2b8d765d89bd3a0d869d68221fb1610e7288441f554d5df8f067&scene=58&subscene=0#rd) + - [ ] [喜报!360入围中央国家机关及多地省政府采购名单!](https://mp.weixin.qq.com/s?__biz=MzA4MTg0MDQ4Nw==&mid=2247578968&idx=2&sn=122c7d0f43281f375fa24d61e5c03b76&chksm=9f8d2550a8faac462bc8b72d219989082a053da57d4152426bebd0063636c435c8f470cadc01&scene=58&subscene=0#rd) +- Over Security - Cybersecurity news aggregator + - [ ] [OneBlood confirms personal data stolen in July ransomware attack](https://www.bleepingcomputer.com/news/security/oneblood-confirms-personal-data-stolen-in-july-ransomware-attack/) + - [ ] [Stealer Logs, Jan 2025 - 71,039,833 breached accounts](https://haveibeenpwned.com/PwnedWebsites#StealerLogsJan2025) + - [ ] [Major location data broker reports hack to Norwegian authorities](https://therecord.media/location-data-broker-gravy-breach) + - [ ] [CISA orders agencies to patch BeyondTrust bug exploited in attacks](https://www.bleepingcomputer.com/news/security/cisa-orders-agencies-to-patch-beyondtrust-bug-exploited-in-attacks/) + - [ ] [Hackers with likely Kremlin ties target Kazakhstan in espionage campaign](https://therecord.media/hackers-kremlin-kazakhstan-espionage-campaign) + - [ ] [Stolen Path of Exile 2 admin account used to hack player accounts](https://www.bleepingcomputer.com/news/security/stolen-path-of-exile-2-admin-account-used-to-hack-player-accounts/) + - [ ] [Turks and Caicos recovering from pre-Christmas ransomware attack](https://therecord.media/turks-and-caicos-recovering-from-ransomware-attack) + - [ ] [Poland uncovers Russia-linked disinformation campaign targeting upcoming presidential election](https://therecord.media/poland-uncovers-russia-linked-disinformation-campaign-presidential-election) + - [ ] [‘Codefinger’ hackers encrypting Amazon cloud storage buckets](https://therecord.media/hackers-encrypting-amazon-cloud-buckets) + - [ ] [Microsoft: macOS bug lets hackers install malicious kernel drivers](https://www.bleepingcomputer.com/news/security/microsoft-macos-bug-lets-hackers-install-malicious-kernel-drivers/) + - [ ] [Hackers exploit critical Aviatrix Controller RCE flaw in attacks](https://www.bleepingcomputer.com/news/security/hackers-exploit-critical-aviatrix-controller-rce-flaw-in-attacks/) + - [ ] [Texas sues Allstate, alleging it violated data privacy rights of 45 million Americans](https://therecord.media/texas-sues-allstate-data-privacy-cars) + - [ ] [UK domain registry Nominet confirms breach via Ivanti zero-day](https://www.bleepingcomputer.com/news/security/uk-domain-registry-nominet-confirms-breach-via-ivanti-zero-day-vulnerability/) + - [ ] [BforeAI Series B Announcement Brief](https://bfore.ai/bforeai-secures-series-b-funding-to-preempt-malicious-attacks-through-precrime-ai/) + - [ ] [Ransomware abuses Amazon AWS feature to encrypt S3 buckets](https://www.bleepingcomputer.com/news/security/ransomware-abuses-amazon-aws-feature-to-encrypt-s3-buckets/) + - [ ] [Rep. Don Bacon on cyber deterrence: ‘Speak softly and carry a big ass stick’](https://therecord.media/rep-don-bacon-interview-cyber-deterrence-china-nsa) + - [ ] [Inside the Active Threats of Ivanti’s Exploited Vulnerabilities](https://cyble.com/blog/ivanti-exploited-vulnerabilites/) + - [ ] [Chrome Web Store is a mess](https://palant.info/2025/01/13/chrome-web-store-is-a-mess/) + - [ ] [Banshee macOS sfrutta XProtect di Apple per eludere i controlli di sicurezza](https://www.securityinfo.it/2025/01/13/banshee-macos-sfrutta-xprotect-di-apple-per-eludere-i-controlli-di-sicurezza/) + - [ ] [BIScience: Collecting browsing history under false pretenses](https://palant.info/2025/01/13/biscience-collecting-browsing-history-under-false-pretenses/) + - [ ] [Cyberattack forces Dutch university to cancel lectures](https://therecord.media/tu-eindhoven-cyberattack-lectures-canceled) + - [ ] [CyberSecurity Malaysia Flags Major Threats in Chrome and WordPress – Are You Safe?](https://cyble.com/blog/cybersecurity-malaysia-flags-major-threats-in-chrome-and-wordpress-are-you-safe/) + - [ ] [Microsoft MFA outage blocking access to Microsoft 365 apps](https://www.bleepingcomputer.com/news/microsoft/microsoft-mfa-outage-blocking-access-to-microsoft-365-apps/) + - [ ] [Double-Tap Campaign : Russia-nexus APT possibly related to APT28 conducts cyber espionage on Central Asia and Kazakhstan diplomatic relations](https://blog.sekoia.io/double-tap-campaign-russia-nexus-apt-possibly-related-to-apt28-conducts-cyber-espionage-on-central-asia-and-kazakhstan-diplomatic-relations/) + - [ ] [Analisi di una campagna Lumma Stealer con falso CAPTCHA condotta attraverso domino italiano compromesso](https://cert-agid.gov.it/news/analisi-di-una-campagna-lumma-stealer-con-falso-captcha-condotta-attraverso-domino-italiano-compromesso/) + - [ ] [Threat Intelligence - Vulnerability insights](https://www.certego.net/blog/whitepaper-dicembre-2024-threat-intelligence-insights/) + - [ ] [CERT-AGID 4 – 10 gennaio: Vidar protagonista con una campagna malspam](https://www.securityinfo.it/2025/01/13/cert-agid-4-10-gennaio-vidar-protagonista-con-una-campagna-malspam/) + - [ ] [Scholastic - 4,247,768 breached accounts](https://haveibeenpwned.com/PwnedWebsites#Scholastic) +- 山石网科安全技术研究院 + - [ ] [2024年度智能网联汽车重点安全漏洞盘点](https://mp.weixin.qq.com/s?__biz=MzUzMDUxNTE1Mw==&mid=2247509761&idx=1&sn=a2cbe8ad893d3ab348e298ee016644dc&chksm=fa5272bfcd25fba90c69028243dcc3561afae389ab16a31faf15d757d37a79fd51eea2856d83&scene=58&subscene=0#rd) +- Have I Been Pwned latest breaches + - [ ] [Stealer Logs, Jan 2025 - 71,039,833 breached accounts](https://haveibeenpwned.com/PwnedWebsites#StealerLogsJan2025) + - [ ] [Scholastic - 4,247,768 breached accounts](https://haveibeenpwned.com/PwnedWebsites#Scholastic) +- Krypt3ia + - [ ] [The Evolution of Cybercrime Cartels: From Lone Wolves to Sophisticated Syndicates](https://krypt3ia.wordpress.com/2025/01/13/the-evolution-of-cybercrime-cartels-from-lone-wolves-to-sophisticated-syndicates/) + - [ ] [Top 5 Non-State Actor Groups Targeting Critical Infrastructure](https://krypt3ia.wordpress.com/2025/01/13/top-5-non-state-actor-groups-targeting-critical-infrastructure/) +- ICT Security Magazine + - [ ] [Cyber Resilience Act: Un Nuovo Strumento per la Sicurezza Digitale nell’UE](https://www.ictsecuritymagazine.com/articoli/cyber-resilience-act-sicurezza-digitale/) +- 0x727开源安全团队 + - [ ] [论安全运营的本质(第十章)](https://mp.weixin.qq.com/s?__biz=MzkwNTI3MjIyOQ==&mid=2247484113&idx=1&sn=7f019dca19eb8721e20b86ecde235940&chksm=c0fb0c1bf78c850dafefd9f5fdac7388b99e83af92a1362a090064fdd8b2a8e1fb1a796bb01a&scene=58&subscene=0#rd) +- 安全村SecUN + - [ ] [【极思】安全运营第6年实践总结](https://mp.weixin.qq.com/s?__biz=MzkyODM5NzQwNQ==&mid=2247496429&idx=1&sn=379e57e4ac389d0afadd44e65168dfcd&chksm=c21bd3dff56c5ac935b25b0568822053fb5bed39a4db28a35ffa2ea0c7ede3755f7071dd353f&scene=58&subscene=0#rd) +- 迪哥讲事 + - [ ] [抛开day不谈,为什么同样一个站你挖不到洞,别人却能咔咔上分?](https://mp.weixin.qq.com/s?__biz=MzIzMTIzNTM0MA==&mid=2247496846&idx=1&sn=446f62009a5b4a78356459656e925b2a&chksm=e8a5feeddfd277fbb42bbd793665bc8de01733bf220a34f8ece1e83142823685a046f1dd4699&scene=58&subscene=0#rd) +- Troy Hunt's Blog + - [ ] [Experimenting with Stealer Logs in Have I Been Pwned](https://www.troyhunt.com/experimenting-with-stealer-logs-in-have-i-been-pwned/) +- SANS Internet Storm Center, InfoCON: green + - [ ] [ISC Stormcast For Tuesday, January 14th, 2025 https://isc.sans.edu/podcastdetail/9278, (Mon, Jan 13th)](https://isc.sans.edu/diary/rss/31588) + - [ ] [Hikvision Password Reset Brute Forcing, (Mon, Jan 13th)](https://isc.sans.edu/diary/rss/31586) + - [ ] [ISC Stormcast For Monday, January 13th, 2025 https://isc.sans.edu/podcastdetail/9276, (Mon, Jan 13th)](https://isc.sans.edu/diary/rss/31584) +- Posts By SpecterOps Team Members - Medium + - [ ] [Part 16: Tool Description](https://posts.specterops.io/part-16-tool-description-e09506ebc2c7?source=rss----f05f8696e3cc---4) +- Securityinfo.it + - [ ] [Banshee macOS sfrutta XProtect di Apple per eludere i controlli di sicurezza](https://www.securityinfo.it/2025/01/13/banshee-macos-sfrutta-xprotect-di-apple-per-eludere-i-controlli-di-sicurezza/?utm_source=rss&utm_medium=rss&utm_campaign=banshee-macos-sfrutta-xprotect-di-apple-per-eludere-i-controlli-di-sicurezza) + - [ ] [CERT-AGID 4 – 10 gennaio: Vidar protagonista con una campagna malspam](https://www.securityinfo.it/2025/01/13/cert-agid-4-10-gennaio-vidar-protagonista-con-una-campagna-malspam/?utm_source=rss&utm_medium=rss&utm_campaign=cert-agid-4-10-gennaio-vidar-protagonista-con-una-campagna-malspam) +- Schneier on Security + - [ ] [Microsoft Takes Legal Action Against AI “Hacking as a Service” Scheme](https://www.schneier.com/blog/archives/2025/01/microsoft-takes-legal-action-against-ai-hacking-as-a-service-scheme.html) +- Graham Cluley + - [ ] [Pastor’s “dream” crypto scheme alleged to be a multi-million dollar scam](https://www.bitdefender.com/en-us/blog/hotforsecurity/pastors-dream-crypto-scheme-alleged-to-be-a-multi-million-dollar-scam) +- The Hacker News + - [ ] [Hackers Exploit Aviatrix Controller Vulnerability to Deploy Backdoors and Crypto Miners](https://thehackernews.com/2025/01/hackers-exploit-aviatrix-controller.html) + - [ ] [⚡ THN Weekly Recap: Top Cybersecurity Threats, Tools and Tips [13 January]](https://thehackernews.com/2025/01/thn-weekly-recap-top-cybersecurity_01424177917.html) + - [ ] [Ransomware on ESXi: The Mechanization of Virtualized Attacks](https://thehackernews.com/2025/01/ransomware-on-esxi-mechanization-of.html) + - [ ] [WordPress Skimmers Evade Detection by Injecting Themselves into Database Tables](https://thehackernews.com/2025/01/wordpress-skimmers-evade-detection-by.html) + - [ ] [Expired Domains Allowed Control Over 4,000 Backdoors on Compromised Systems](https://thehackernews.com/2025/01/expired-domains-allowed-control-over.html) +- Instapaper: Unread + - [ ] [Candy Crush, Tinder, MyFitnessPal See the Thousands of Apps Hijacked to Spy on Your Location](https://www.wired.com/story/gravy-location-data-app-leak-rtb/) + - [ ] [Robot Vacuums Hacked To Spy On Their Owners](https://cybersecuritynews.com/robot-vacuums-hacked/) + - [ ] [L'iPad Pro che si autodistrugge in caso di morte dell'utente](https://www.wired.it/article/ipad-pro-morte-in-case-of-death/) + - [ ] [Attacchi hacker filorussi all’Italia. Il cyber-caos come arma ibrida di Mosca](https://formiche.net/2025/01/italia-filorussi-hacker/) +- Computer Forensics + - [ ] [Using an MD5 hash to validate evidence](https://www.reddit.com/r/computerforensics/comments/1i0ofl7/using_an_md5_hash_to_validate_evidence/) + - [ ] [Tools I should learn?](https://www.reddit.com/r/computerforensics/comments/1i0d8h6/tools_i_should_learn/) +- Technical Information Security Content & Discussion + - [ ] [Fireblocks Black Box Security Review](https://www.reddit.com/r/netsec/comments/1i0gmdv/fireblocks_black_box_security_review/) +- TorrentFreak + - [ ] [ISP Huffs and Puffs Then Apologizes to 3 Little Piggies Over Pirate Downloads](https://torrentfreak.com/isp-huffs-and-puffs-then-apologizes-to-3-little-piggies-over-pirate-downloads-250113/) + - [ ] [MissAV: One of the World’s Largest ‘Pirate’ Sites Targeted in Takedown Effort](https://torrentfreak.com/missav-one-of-the-worlds-largest-pirate-sites-targeted-in-takedown-effort-250113/) +- Your Open Hacker Community + - [ ] [Feeling im so behind in cybersecurity](https://www.reddit.com/r/HowToHack/comments/1i0oa70/feeling_im_so_behind_in_cybersecurity/) + - [ ] [Insta problem](https://www.reddit.com/r/HowToHack/comments/1i0qyt4/insta_problem/) + - [ ] [How to connect](https://www.reddit.com/r/HowToHack/comments/1i0oz3r/how_to_connect/) + - [ ] [What should i learn first when it comes to hacking?](https://www.reddit.com/r/HowToHack/comments/1i0a33k/what_should_i_learn_first_when_it_comes_to_hacking/) + - [ ] [How do I recognize a o.mg cable?](https://www.reddit.com/r/HowToHack/comments/1i0mty3/how_do_i_recognize_a_omg_cable/) + - [ ] [Email info](https://www.reddit.com/r/HowToHack/comments/1i0iuzt/email_info/) + - [ ] [How to make a " creek" with a pump and a retention pond?](https://www.reddit.com/r/HowToHack/comments/1i0msvj/how_to_make_a_creek_with_a_pump_and_a_retention/) + - [ ] [How?](https://www.reddit.com/r/HowToHack/comments/1i0auj4/how/) + - [ ] [Can someone help with my friend's account?](https://www.reddit.com/r/HowToHack/comments/1i0fafc/can_someone_help_with_my_friends_account/) + - [ ] [How to start your own website](https://www.reddit.com/r/HowToHack/comments/1i0583q/how_to_start_your_own_website/) + - [ ] [I need to know if there’s anyway I can bypass a game suspension?](https://www.reddit.com/r/HowToHack/comments/1i09z4w/i_need_to_know_if_theres_anyway_i_can_bypass_a/) + - [ ] [Is it possible to find the server IP of a game while playing it on PC?](https://www.reddit.com/r/HowToHack/comments/1i070ch/is_it_possible_to_find_the_server_ip_of_a_game/) +- netsecstudents: Subreddit for students studying Network Security and its related subjects + - [ ] [[Micro Challenge] Break YieldCat's Markdown Validation Checks - Active Until Jan 20](https://www.reddit.com/r/netsecstudents/comments/1i0ag5t/micro_challenge_break_yieldcats_markdown/) + - [ ] [I created a website to apply my knowledge of AI and Natural Language Processing into something useful](https://www.reddit.com/r/netsecstudents/comments/1i05t70/i_created_a_website_to_apply_my_knowledge_of_ai/) +- The Register - Security + - [ ] [Cryptojacking, backdoors abound as fiends abuse Aviatrix Controller bug](https://go.theregister.com/feed/www.theregister.com/2025/01/13/severe_aviatrix_controller_vulnerability/) + - [ ] [Microsoft sues 'foreign-based' cyber-crooks, seizes sites used to abuse AI](https://go.theregister.com/feed/www.theregister.com/2025/01/13/microsoft_sues_foreignbased_crims_seizes/) + - [ ] [Azure, Microsoft 365 MFA outage locks out users across regions](https://go.theregister.com/feed/www.theregister.com/2025/01/13/azure_m365_outage/) + - [ ] [NATO's newest member comes out swinging following latest Baltic Sea cable attack](https://go.theregister.com/feed/www.theregister.com/2025/01/13/sweden_baltic_cable_attack/) + - [ ] [Ransomware crew abuses AWS native encryption, sets data-destruct timer for 7 days](https://go.theregister.com/feed/www.theregister.com/2025/01/13/ransomware_crew_abuses_compromised_aws/) + - [ ] [Nominet probes network intrusion linked to Ivanti zero-day exploit](https://go.theregister.com/feed/www.theregister.com/2025/01/13/nominet_ivanti_zero_day/) + - [ ] [Europe coughs up €400 to punter after breaking its own GDPR data protection rules](https://go.theregister.com/feed/www.theregister.com/2025/01/13/data_broker_hacked/) +- Security Affairs + - [ ] [U.S. CISA adds BeyondTrust PRA and RS and Qlik Sense flaws to its Known Exploited Vulnerabilities catalog](https://securityaffairs.com/173031/security/u-s-cisa-adds-beyondtrust-pra-and-rs-and-qlik-sense-flaws-to-its-known-exploited-vulnerabilities-catalog.html) + - [ ] [Inexperienced actors developed the FunkSec ransomware using AI tools](https://securityaffairs.com/173018/cyber-crime/funksec-ransomware-was-developed-using-ai-tools.html) + - [ ] [Credit Card Skimmer campaign targets WordPress via database injection](https://securityaffairs.com/173010/malware/stealthy-credit-card-skimmer-targets-wordpress.html) + - [ ] [Microsoft took legal action against crooks who developed a tool to abuse its AI-based services](https://securityaffairs.com/173000/cyber-crime/microsoft-took-legal-action-against-crooks-developed-a-tool-to-abuse-its-ai.html) +- Deeplinks + - [ ] [Five Things to Know about the Supreme Court Case on Texas’ Age Verification Law, Free Speech Coalition v Paxton](https://www.eff.org/deeplinks/2025/01/five-things-know-about-supreme-court-case-texas-age-verification-law-free-speech) +- Blackhat Library: Hacking techniques and research + - [ ] [I created a Cybersecurity Hub - All cyber tools and resources!](https://www.reddit.com/r/blackhat/comments/1i09dxz/i_created_a_cybersecurity_hub_all_cyber_tools_and/) +- Hacking Exposed Computer Forensics Blog + - [ ] [Daily Blog #716: Sunday Funday 1/12/25](https://www.hecfblog.com/2025/01/daily-blog-716-sunday-funday-11225.html) +- Security Weekly Podcast Network (Audio) + - [ ] [How threat-informed defense benefits each security team member - Frank Duff, Nathan Sportsman - ESW #389](http://sites.libsyn.com/18678/how-threat-informed-defense-benefits-each-security-team-member-frank-duff-nathan-sportsman-esw-389) diff --git a/archive/tmp/2025-01-14.json b/archive/tmp/2025-01-14.json new file mode 100644 index 0000000000..430eeed928 --- /dev/null +++ b/archive/tmp/2025-01-14.json @@ -0,0 +1,567 @@ +{ + "SecWiki News": { + "SecWiki News 2025-01-13 Review": "http://www.sec-wiki.com/?2025-01-13" + }, + "Security Boulevard": { + "Why Scalability Matters in Non-Human Identity and Access Management": "https://securityboulevard.com/2025/01/why-scalability-matters-in-non-human-identity-and-access-management/", + "HHS Proposes Major Overhaul of HIPAA Security Rule in the Wake of Change Healthcare Breach": "https://securityboulevard.com/2025/01/hhs-proposes-major-overhaul-of-hipaa-security-rule-in-the-wake-of-change-healthcare-breach/", + "FunkSec: A New Ransomware Group Buoyed by AI": "https://securityboulevard.com/2025/01/funksec-a-new-ransomware-group-buoyed-by-ai/", + "Inside a 90-Minute Attack: Breaking Ground with All-New AI Defeating Black Basta Tactics": "https://securityboulevard.com/2025/01/inside-a-90-minute-attack-breaking-ground-with-all-new-ai-defeating-black-basta-tactics/", + "How Ephemeral on-demand data can improve DORA DevOps scores": "https://securityboulevard.com/2025/01/how-ephemeral-on-demand-data-can-improve-dora-devops-scores/", + "Ephemeral data environments in Azure, leveraging the cloud": "https://securityboulevard.com/2025/01/ephemeral-data-environments-in-azure-leveraging-the-cloud/", + "How to create de-identified embeddings with Tonic Textual & Pinecone": "https://securityboulevard.com/2025/01/how-to-create-de-identified-embeddings-with-tonic-textual-pinecone/", + "De-identifying Salesforce data for testing and development. Tonic Structural now connects to Salesforce": "https://securityboulevard.com/2025/01/de-identifying-salesforce-data-for-testing-and-development-tonic-structural-now-connects-to-salesforce/", + "Open Bullet 2: The Preferred Credential Stuffing Tool for Bots": "https://securityboulevard.com/2025/01/open-bullet-2-the-preferred-credential-stuffing-tool-for-bots/", + "Network Configuration and Change Management Best Practices": "https://securityboulevard.com/2025/01/network-configuration-and-change-management-best-practices/" + }, + "安全客-有思想的安全新媒体": { + "致敬警察节|警企携手,筑牢安全防护网!": "https://www.anquanke.com/post/id/303459", + "Fancy Product Designer 插件中未修补的漏洞使 20,000 多个网站面临风险": "https://www.anquanke.com/post/id/303456", + "Google Project Zero 研究人员发现针对三星设备的零点击漏洞": "https://www.anquanke.com/post/id/303453", + "西班牙电信公司确认数据泄露后内部票务系统遭到破坏": "https://www.anquanke.com/post/id/303450", + "GitHub 上的假冒 LDAPNightmware 利用程序传播信息窃取型恶意软件": "https://www.anquanke.com/post/id/303447", + "研究人员如何通过黑客攻击 Facebook 服务器赚取 10 万美元": "https://www.anquanke.com/post/id/303444", + "网络钓鱼短信诱骗Apple iMessage用户禁用保护": "https://www.anquanke.com/post/id/303439", + "印度加密货币交易所 Mudrex 解释提款暂停原因": "https://www.anquanke.com/post/id/303436", + "2024年的网络钓鱼:应对持续威胁和人工智能的双刃剑": "https://www.anquanke.com/post/id/303433", + "CVE-2025-22777 (CVSS 9.8): 针对拥有 100,000 个活跃安装的 GiveWP 插件的严重安全警报": "https://www.anquanke.com/post/id/303430" + }, + "Doonsec's feed": { + "从UP主燕三嘤嘤嘤看百度好看视频的苟活": "https://mp.weixin.qq.com/s?__biz=MzkwMzI1ODUwNA==&mid=2247487814&idx=1&sn=4907df26be08cacdb7178f0d18e5a39d", + "2024龙信年终技术考核WP": "https://mp.weixin.qq.com/s?__biz=MzkzMjE4NzU5MA==&mid=2247491395&idx=1&sn=6490bb127a2104f8fb27f349103d0dff", + "【干货】笑傲职场的独家经验(1)": "https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485401&idx=3&sn=9f5c7558a30fbc3a8e126121a0bd5602", + "渗透Vulnhub-hackme靶机": "https://mp.weixin.qq.com/s?__biz=Mzk1NzI5NzA3NQ==&mid=2247485970&idx=1&sn=4318edd93f051ba1be4bda1efb08ec5f", + "回顾新姿势:击穿星巴克获取 1 亿用户详细信息": "https://mp.weixin.qq.com/s?__biz=MzkwODI1ODgzOA==&mid=2247506517&idx=1&sn=72ebf3f4238eab2fce2b83da193e8e8b", + "老牌免杀工具veil免杀": "https://mp.weixin.qq.com/s?__biz=Mzg3OTUxNTU2NQ==&mid=2247489983&idx=1&sn=cb128069a995e8223bc74fee5557df01", + "实战 | 域环境下通过anydesk进入生产网": "https://mp.weixin.qq.com/s?__biz=Mzg5NTUyNTI5OA==&mid=2247486384&idx=1&sn=0e2db706f9c844a38b39297450e60d91", + "【漏洞预警】Vim缓冲区溢出漏洞可导致拒绝服务": "https://mp.weixin.qq.com/s?__biz=MzI3NzMzNzE5Ng==&mid=2247489446&idx=1&sn=28468e250cf5d9b29d7a5b263e158c99", + "用于渗透测试练习的 15 个高危 Web应用和网站": "https://mp.weixin.qq.com/s?__biz=MzkyODYwODkyMA==&mid=2247484934&idx=1&sn=7dc7c525120b59a96e436bf0ea9450b2", + "四部委联合印发《关于促进数据标注产业高质量发展的实施意见》(附全文)": "https://mp.weixin.qq.com/s?__biz=MzI5NTM4OTQ5Mg==&mid=2247633785&idx=1&sn=dc43c64287c137445c087fd164343665", + "一图读懂 | 关于促进数据标注产业高质量发展的实施意见": "https://mp.weixin.qq.com/s?__biz=MjM5MzMwMDU5NQ==&mid=2649170151&idx=3&sn=452310fbb337de2f7c1083f65b9d088c", + "专家观点 | “人工智能+”赋能新质生产力发展": "https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664234446&idx=5&sn=f51375043d265a4573734624811787a2", + "泄露近600万客户敏感数据,美国这家金融机构被罚超1.4亿元": "https://mp.weixin.qq.com/s?__biz=MzI5NTM4OTQ5Mg==&mid=2247633785&idx=4&sn=4855ab43a37b7af0cfdeee4133a386aa", + "记录一次博彩网站的实战渗透记录": "https://mp.weixin.qq.com/s?__biz=MzkyMDY1MDI3OA==&mid=2247483742&idx=1&sn=e88bdf3f85236fa63fdae8b5fbc283e4", + "Nuclei,一键发现99%的漏洞,白帽子都在私藏的扫描神器| |基于YAML模板的新一代漏洞扫描工具,让渗透测试效率提升10倍": "https://mp.weixin.qq.com/s?__biz=MzI5MjY4MTMyMQ==&mid=2247489648&idx=1&sn=5b79daec6f19ffd0c170a8b2bc6f32ae", + "“可信计算”专题征稿": "https://mp.weixin.qq.com/s?__biz=MzI0NjU2NDMwNQ==&mid=2247504642&idx=1&sn=c447628a36e58e0247573195b34c3d8b", + "红队-shell编程基础(七)": "https://mp.weixin.qq.com/s?__biz=Mzk1Nzk2NjI3Ng==&mid=2247483789&idx=1&sn=0b8152350e676cfe9b706c0828aacfb9", + "仅一文轻松拿捏 “加密站点的渗透测试”": "https://mp.weixin.qq.com/s?__biz=Mzg3NzIxMDYxMw==&mid=2247504325&idx=1&sn=0ad6f807b8aee72e8c66f6cfddc6ad2a", + "25年前最后一波招生 CTF实战特训营第三期": "https://mp.weixin.qq.com/s?__biz=MzU1NjgzOTAyMg==&mid=2247522855&idx=1&sn=915db17a17b876be464130a746201f36", + "信创认证,欢迎报名!": "https://mp.weixin.qq.com/s?__biz=MzU1NjgzOTAyMg==&mid=2247522855&idx=2&sn=ae5be0d697f8654404d4c729ec56df65", + "【话题】你刚开始接触安全的时候干过什么傻事?": "https://mp.weixin.qq.com/s?__biz=MzkxMTUwOTY1MA==&mid=2247489984&idx=1&sn=0661c75b5b9216776b0ea9ad4e82724f", + "一次绕过Burp检测的水洞记录": "https://mp.weixin.qq.com/s?__biz=Mzg2ODYxMzY3OQ==&mid=2247518192&idx=1&sn=43d2c8a5ec62acb9c57d20b0958a7921", + "SRC专项知识库": "https://mp.weixin.qq.com/s?__biz=Mzg2ODYxMzY3OQ==&mid=2247518192&idx=2&sn=5b24f29c61064cbf6535255d152c2585", + "关于如何解决 Cartopy 中的 GEOSException 问题": "https://mp.weixin.qq.com/s?__biz=MzI2MDQ0ODIzNg==&mid=2247485188&idx=1&sn=c3ef736723f5f8583fe8586f09fec883", + "第六届国家网络与信息安全信息通报机制中央企业网络安全大赛即将拉开帷幕": "https://mp.weixin.qq.com/s?__biz=MzU1MTE1MjU5Nw==&mid=2247485436&idx=1&sn=10a33f4c919bdcaa2cb8b28761b8484f", + "【漏洞工具】某路由器任意文件读取漏洞Goby高级模式利用工具": "https://mp.weixin.qq.com/s?__biz=Mzg5NTU2NjA1Mw==&mid=2247496006&idx=1&sn=ff0667fdbf667156d8c9d0910b6bf0e3", + "聚焦人工智能大模型可信治理 | “何以杨数浦”品牌沙龙第二期精彩回顾": "https://mp.weixin.qq.com/s?__biz=MzUzODYyMDIzNw==&mid=2247516633&idx=1&sn=77b5ae3e9b2800cfb18c8b22869fc54f", + "20元就能仿冒一家官网,小心这类山寨网页!": "https://mp.weixin.qq.com/s?__biz=MzI0NzE4ODk1Mw==&mid=2652094576&idx=2&sn=b96d84ee36acd17877a0b42e11feb687", + "识别漏洞成了大海捞针?": "https://mp.weixin.qq.com/s?__biz=Mzg2MDc0NTIxOQ==&mid=2247484709&idx=1&sn=b238620c27395ab7c78718f7ef256c83", + "卡西欧黑客事件报告发布:近 8600 名员工/客户隐私信息泄露": "https://mp.weixin.qq.com/s?__biz=MzU2MTQwMzMxNA==&mid=2247541394&idx=1&sn=0789faf00c32980d17e95080f8788f99", + "【安全圈】建立数据跨境服务中心、便利化访问国际互联网,上海虹桥商务区国际贸易中心新平台建设进一步落实": "https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067321&idx=1&sn=dd8f1699f9d8cbba67e8abc6091ffa6c", + "【安全圈】微软起诉利用 Azure AI 创建有害内容的黑客组织": "https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067321&idx=4&sn=4ea1e634e045d59be08019f06a4fd52b", + "价值3999,送!CISP新年福利不容错过": "https://mp.weixin.qq.com/s?__biz=MzU4MjUxNjQ1Ng==&mid=2247521085&idx=2&sn=e0d640470ef26a02e6f1a0f0be864053", + "SUCTF 2025落幕|S1uM4i战队实力夺冠!": "https://mp.weixin.qq.com/s?__biz=MjM5NDU3MjExNw==&mid=2247515484&idx=1&sn=0c506fe6fa7d8296675e4a1821546192", + "2025年人工智能带来的五大网络安全趋势及其应对策略": "https://mp.weixin.qq.com/s?__biz=MjM5Njc3NjM4MA==&mid=2651134627&idx=1&sn=6c71adfab711410ac4d54f0d1602e6a7", + "2025 ICT深度观察报告会|腾讯云李滨:企业数字安全建设的四个关键要素": "https://mp.weixin.qq.com/s?__biz=Mzg5OTE4NTczMQ==&mid=2247526340&idx=1&sn=d5418212a88f343e949c90ac05e3ca99", + "慢雾:演员王星被骗事件相关聊天截图调查": "https://mp.weixin.qq.com/s?__biz=MzU4ODQ3NTM2OA==&mid=2247500907&idx=1&sn=1e629e1d6e96b48b3c5962aadba90a92", + "GFI KerioControl 防火墙存在严重的RCE漏洞": "https://mp.weixin.qq.com/s?__biz=MzI2NTg4OTc5Nw==&mid=2247522044&idx=1&sn=71bbcad32c9a0753d8385256ee5dad03", + "CrowdStrike虚假工作邀约通过密币挖矿机感染开发人员": "https://mp.weixin.qq.com/s?__biz=MzI2NTg4OTc5Nw==&mid=2247522044&idx=2&sn=f72144000ab0d2c1280f017af0018e6e", + "物联网丨2024年中国物联网安全行业概览:解除网络威胁,物联网的智能守护(附下载)": "https://mp.weixin.qq.com/s?__biz=MzI2MDk2NDA0OA==&mid=2247531021&idx=1&sn=9aa5cb200c685e768a56581a2f7cc8eb", + "趋势丨2025年网络安全趋势洞察:多维度的挑战与应对之策": "https://mp.weixin.qq.com/s?__biz=MzI2MDk2NDA0OA==&mid=2247531021&idx=2&sn=c562ed427ae6c2e710e4dded0bdf3bb9", + "云服务器知多少": "https://mp.weixin.qq.com/s?__biz=MzkxNTEzMTA0Mw==&mid=2247496603&idx=1&sn=30ce3b66d3f3a49187c050357e5e49aa", + "每周网安资讯 (1.7-1.13)|Adobe多款产品存在越界读取漏洞": "https://mp.weixin.qq.com/s?__biz=MzI2MzU0NTk3OA==&mid=2247505577&idx=1&sn=f82c60e6b9567f984c4c17d0e98e150a", + "捷豹路虎中国到访奇安信安全中心": "https://mp.weixin.qq.com/s?__biz=MzU0NDk0NTAwMw==&mid=2247624408&idx=1&sn=c77a280be315f4c37b588b6b7abc5e31", + "泄露近600万客户敏感数据,这家金融机构被罚超1.4亿元": "https://mp.weixin.qq.com/s?__biz=MzU0NDk0NTAwMw==&mid=2247624408&idx=2&sn=a55317c4ca276ccce4b320dfa6ab6b32", + "Dex文件结构-ReadDex解析器实现": "https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458588591&idx=1&sn=f3af400aa11be8f19a775a31e96d7740", + "10万美金!研究员如何黑进 Facebook 服务器": "https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458588591&idx=2&sn=0adaab3ebee5e866ad30ef7799307d47", + "成为看雪讲师,开启技术分享的高光时刻": "https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458588591&idx=3&sn=b11fa1206f5347a3696b9363851d9aa9", + "【金松奖】工行企业级数据要素流通全链路建设项目:集成数据安全、隐私计算等技术": "https://mp.weixin.qq.com/s?__biz=MzIxMDIwODM2MA==&mid=2653931425&idx=1&sn=c1b619510a29b6a8bf9dfe7ba78649a3", + "139款车型成功通过汽车数据安全合规检测": "https://mp.weixin.qq.com/s?__biz=MzIxMDIwODM2MA==&mid=2653931425&idx=2&sn=f8ec500385ff22c0db9cd9b34d400ac6", + "连续三年上榜!亚信安全成功入选毕马威中国金融科技企业双50榜单": "https://mp.weixin.qq.com/s?__biz=MjM5NjY2MTIzMw==&mid=2650620698&idx=1&sn=2c718264abe114475c3b892a8f582efc", + "全球瞭望|网络安全重大事件精选(152期)": "https://mp.weixin.qq.com/s?__biz=MzkwMTMyMDQ3Mw==&mid=2247597421&idx=1&sn=be9598279f20a952fb0e19be307030dd", + "国家保密局公告!": "https://mp.weixin.qq.com/s?__biz=MzkwMTMyMDQ3Mw==&mid=2247597421&idx=2&sn=dfe5368b5e159e2231298817a047eeba", + "基于区域预推荐和特征富集的SOD R-CNN交通标志检测网络": "https://mp.weixin.qq.com/s?__biz=MzkwMTMyMDQ3Mw==&mid=2247597421&idx=3&sn=736013f6dea7772337ae25b3b6431881", + "网络安全动态 - 2025.01.13": "https://mp.weixin.qq.com/s?__biz=MzU1MzEzMzAxMA==&mid=2247499881&idx=1&sn=e66d795b31109a64bd94e8a129da6227", + "企业级攻防技术揭秘": "https://mp.weixin.qq.com/s?__biz=MzkxNTIwNTkyNg==&mid=2247553013&idx=1&sn=5a53c74b485756c6132de205dab8d238", + "【免费领】黑客工具之王:DDoS攻击与防范实战技术大全": "https://mp.weixin.qq.com/s?__biz=MzkxNTIwNTkyNg==&mid=2247553013&idx=2&sn=48cf79ce6b93328800d06a2cf1e15afa", + "观安信息荣获“2024年海南能源数据要素应用创新大赛”优秀奖": "https://mp.weixin.qq.com/s?__biz=MzIxNDIzNTcxMg==&mid=2247506478&idx=1&sn=a256623b122e68b48ef83b82df2ee77d", + "洞·见 | 20250113": "https://mp.weixin.qq.com/s?__biz=Mzk0MDQ5MTQ4NA==&mid=2247487338&idx=1&sn=7a588ce30f39ed317dde637ba1a2bb7b", + "载誉前行 | 绿盟科技在NVDB-CAVD2024年度年终总结会上获得多项荣誉": "https://mp.weixin.qq.com/s?__biz=MjM5ODYyMTM4MA==&mid=2650464189&idx=1&sn=84418624ed0bcf001f07ae24d5436b05", + "通知 | 国家网信办就《网络信息内容多渠道分发服务机构相关业务活动管理规定(草案稿)》公开征求意见(附全文)": "https://mp.weixin.qq.com/s?__biz=MzkyNDUyNzU1MQ==&mid=2247486653&idx=1&sn=772e1446d8dcf92eed8aa21e53329aab", + "ios逆向攻防-应用重签名&代码注入": "https://mp.weixin.qq.com/s?__biz=MzkxNDY0NjY3MQ==&mid=2247485283&idx=1&sn=0a2f46d49d80b5e7d674b91967e36b2a", + "聚铭网络成功当选中关村华安关键信息基础设施安全保护联盟理事单位": "https://mp.weixin.qq.com/s?__biz=MzIzMDQwMjg5NA==&mid=2247506484&idx=1&sn=7b1418949cde0ca75bab5f4f0f5f7b71", + "第83期 | GPTSecurity周报": "https://mp.weixin.qq.com/s?__biz=MzkzNDUxOTk2Mw==&mid=2247495678&idx=1&sn=c0825173d0cbbef6762dcdaf19b55727", + "国家发展改革委等四部门联合印发《关于促进数据标注产业高质量发展的实施意见》": "https://mp.weixin.qq.com/s?__biz=MjM5MzMwMDU5NQ==&mid=2649170151&idx=1&sn=3ad07afdb31186657760655f6da40abb", + "划重点!2025年我国数据领域明确重点任务": "https://mp.weixin.qq.com/s?__biz=MjM5MzMwMDU5NQ==&mid=2649170151&idx=2&sn=2caaf47c4cc04e9595155dabfb1bb770", + "原创丨 近期观察 全球网络安全动态": "https://mp.weixin.qq.com/s?__biz=Mzg2MTU5ODQ2Mg==&mid=2247507088&idx=1&sn=a6cabc27681f5e6a03d9e97fb8d7218b", + "原创丨欧盟网络安全局发布《2024年欧盟网络安全状况报告》": "https://mp.weixin.qq.com/s?__biz=Mzg2MTU5ODQ2Mg==&mid=2247507088&idx=2&sn=af8a1c12b18ecbda8f5bbd38c7e7b938", + "对话|无影如何助力企业构建办公安全防护体系": "https://mp.weixin.qq.com/s?__biz=MzA4MTQ2MjI5OA==&mid=2664091916&idx=1&sn=7a9b4fb48560a3e24eb8fe8b512f834f", + "Frida从hook websocket协议看通杀流量加密": "https://mp.weixin.qq.com/s?__biz=Mzk0ODM0MjA0OA==&mid=2247483896&idx=1&sn=1f6bf11a478f0f74a347455b0120e088", + "【吃瓜】已上岸!": "https://mp.weixin.qq.com/s?__biz=MzU3MjU4MjM3MQ==&mid=2247489591&idx=1&sn=96a899a7d742fa79856b5712bf1591bd", + "年底裁员后坎坷的求职之路": "https://mp.weixin.qq.com/s?__biz=Mzk0NTY5Nzc1OA==&mid=2247484262&idx=1&sn=194ead1613e2e6be48848984aa94d15c", + "议题征集 | 关于征集第六期移动互联网APP产品安全漏洞技术沙龙议题的通知": "https://mp.weixin.qq.com/s?__biz=MjM5NzYwNDU0Mg==&mid=2649249384&idx=1&sn=0ec25d262d67ca8b1b6ee4c4392ff393", + "【数字政府优秀案例联播】交通智搜新升级:打造智能、专业、便捷的政务服务新体验": "https://mp.weixin.qq.com/s?__biz=MjM5NzYwNDU0Mg==&mid=2649249384&idx=2&sn=1c6e329c6bca81c452ca789eab537c93", + "安全简讯(2025.01.13)": "https://mp.weixin.qq.com/s?__biz=MzkzNzY5OTg2Ng==&mid=2247500607&idx=1&sn=5ee26fcda2a35cda8864abdaef1b718c", + "恶意软件容器化": "https://mp.weixin.qq.com/s?__biz=Mzg5MDg3OTc0OA==&mid=2247489348&idx=1&sn=b58d14adab4a2ed80d2cf2457a31a0f0", + "打造企业级安全护城河": "https://mp.weixin.qq.com/s?__biz=MzkyNTY3Nzc3Mg==&mid=2247488105&idx=1&sn=d864d13b811f1050a778f9fd6cbff18f", + "2025,感恩一路有你活动": "https://mp.weixin.qq.com/s?__biz=MzI5ODE0ODA5MQ==&mid=2652281687&idx=1&sn=7934a57fd8a96c7620b9cc67dbab42c9", + "贡献度排名第一!国舜股份积极支撑工信部车联网产品安全漏洞专业库": "https://mp.weixin.qq.com/s?__biz=MzA3NjU5MTIxMg==&mid=2650575169&idx=1&sn=cf48f807b0a583ce0d72513c0185627d", + "星火年鉴· 顶级篇 |注册量、解析量破200亿,工业互联网标识解析国家顶级节点(成都托管与灾备节点)加速推动制造业数字化转型": "https://mp.weixin.qq.com/s?__biz=MzU1OTUxNTI1NA==&mid=2247592097&idx=1&sn=d31278c73cd636214c13c4a2520241ca", + "如何充分利用网络安全保险": "https://mp.weixin.qq.com/s?__biz=MzkxNzA3MTgyNg==&mid=2247534049&idx=1&sn=2beee14167a5b03d33ff211f021b29aa", + "鼎信安全 | 网络安全一周资讯": "https://mp.weixin.qq.com/s?__biz=MzIwOTc4MTE4Nw==&mid=2247500968&idx=1&sn=bb2762cbe059ca3cdb2ee97beb412f1e", + "当猎人成为猎物:使用自定义回调禁用 EDR": "https://mp.weixin.qq.com/s?__biz=MzAxODM5ODQzNQ==&mid=2247486308&idx=1&sn=8899e2a734b64f0ee44bb7c5b4a68ce6", + "文心一言、智谱清言等302款生成式人工智能服务已在国家网信办完成备案!": "https://mp.weixin.qq.com/s?__biz=MzA3NDIwNTY5Mw==&mid=2247507430&idx=1&sn=8fc56ec498e142e1cebb8ae9b7417166", + "图解|我国数据出境合规指引": "https://mp.weixin.qq.com/s?__biz=MzA3NDIwNTY5Mw==&mid=2247507430&idx=2&sn=b216dc6d7750bf76b4e299028ddc5923", + "Proxy SwitchyOmega 被下架:一场针对浏览器扩展的大规模网络钓鱼攻击": "https://mp.weixin.qq.com/s?__biz=MzIxMTg1ODAwNw==&mid=2247500395&idx=1&sn=291602b8ac131845db401dffb6b28de4", + "元宇宙将比现实世界更受欢迎:现实世界会消失吗?": "https://mp.weixin.qq.com/s?__biz=MzkxNDM4OTM3OQ==&mid=2247505731&idx=1&sn=60fbc4a4e811e38a7177d875e09e5cfa", + "用于快速搜索 Windows 取证文件的开源工具": "https://mp.weixin.qq.com/s?__biz=MzkxNDM4OTM3OQ==&mid=2247505731&idx=2&sn=59228995909b2e9daf2da495fa67be1c", + "全球银行准备大规模裁员:人工智能改变游戏规则!": "https://mp.weixin.qq.com/s?__biz=MzkxNDM4OTM3OQ==&mid=2247505731&idx=3&sn=5ec7b52e4a549a6f310663542aa58998", + "DNA 测序仪漏洞标志着医疗器械行业固件存在问题": "https://mp.weixin.qq.com/s?__biz=MzkxNDM4OTM3OQ==&mid=2247505731&idx=4&sn=eb4cadc77282c758c13dc8b2f01bb34f", + "2025 年工作场所 Workplace 5.0 以人为本的人工智能": "https://mp.weixin.qq.com/s?__biz=MzkxNDM4OTM3OQ==&mid=2247505731&idx=5&sn=7b760f6272929df09f16f94e15beb494", + "网安牛马专属表情包分享": "https://mp.weixin.qq.com/s?__biz=MzkwOTczNzIxNQ==&mid=2247485599&idx=1&sn=9c09dca6ca7bf3bb75677d03031d4acc", + "新兴AI驱动勒索软件FunkSec:信息全球化与灰黑产的交汇": "https://mp.weixin.qq.com/s?__biz=MzUxMjc0MTE3Mw==&mid=2247494897&idx=1&sn=33db12375b3946b756923f83a33eaeb3", + "电子数据取证分析师培训通知": "https://mp.weixin.qq.com/s?__biz=MzIyNzU0NjIyMg==&mid=2247488370&idx=1&sn=0d9e6254e52faf7fd8d6dbd9ab67cda7", + "2024中国网络安全产业势能榜优能企业「制造行业」典型案例展示": "https://mp.weixin.qq.com/s?__biz=MzI0MDY1MDU4MQ==&mid=2247580751&idx=1&sn=38ed7d42fddd1b5e624f8f2ac1ec4a44", + "安全动态回顾|国家网络安全通报中心:重点防范境外恶意网址和恶意IP 超过4000个后门因注册过期域名而被劫持": "https://mp.weixin.qq.com/s?__biz=MzI0MDY1MDU4MQ==&mid=2247580751&idx=2&sn=7886e26f1ed368509d62b0ced61b3b4c", + "年终盘点之二|2024山石网科全国巡展,完美收官": "https://mp.weixin.qq.com/s?__biz=MzAxMDE4MTAzMQ==&mid=2661297991&idx=1&sn=c48a9589b1b5c97bd4210077795118e6", + "年终盘点之三|2024数据泄露十大事件(国内版)": "https://mp.weixin.qq.com/s?__biz=MzAxMDE4MTAzMQ==&mid=2661297991&idx=2&sn=d17fb507b2dd73a6e5154a5f05396b9d", + "大规模破解和黑客包泄漏 100 GB | 优质内容": "https://mp.weixin.qq.com/s?__biz=MzkyNzYzNTQ2Nw==&mid=2247484004&idx=1&sn=669d69c22450a67894253aa651e376e2", + "PHP服务器可能正在被挖矿!": "https://mp.weixin.qq.com/s?__biz=MzU5OTMxNjkxMA==&mid=2247488442&idx=1&sn=c560220ca14fbb5f472bca815ee389f8", + "【赠书抽奖】发现Web API漏洞居然能赚到400w刀,看懂这本书你也可以!": "https://mp.weixin.qq.com/s?__biz=MzI1ODI0MTczNQ==&mid=2247491165&idx=1&sn=25ca0a0520923eeb18c1e1e347e391f0", + "Sekiro+Yakit 热加载无痛绕sign": "https://mp.weixin.qq.com/s?__biz=Mzg4Njg3MDk5Ng==&mid=2247486843&idx=1&sn=024bf3ec0b7902fb330412308737508b", + "通用大模型分析恶意软件,完全不靠谱": "https://mp.weixin.qq.com/s?__biz=Mzg5NTMxMjQ4OA==&mid=2247485549&idx=1&sn=5032b5ba9b4f8a43089a9684d4e3055a", + "【游戏数据安全】反作弊分析分类": "https://mp.weixin.qq.com/s?__biz=MzkyMTQzNTM3Ng==&mid=2247483865&idx=1&sn=2b58775007261ee5d7399fbefdbb34dd", + "展望未来:Radware专家对2025年网络安全趋势的看法": "https://mp.weixin.qq.com/s?__biz=MjM5ODE0Njk2Nw==&mid=2653021290&idx=1&sn=8e9017dd859c7b00e41e88c01b8d7746", + "图形化漏洞利用Demo-JavaFX版": "https://mp.weixin.qq.com/s?__biz=MzU2MDU5MDE2MA==&mid=2247484178&idx=1&sn=d1b640eaba093986d2a9b2be283ed362", + "【挖洞实战】这不是只要有手就能批量挖Dom Xss漏洞": "https://mp.weixin.qq.com/s?__biz=MzU2NDgzOTQzNw==&mid=2247503014&idx=1&sn=cea00ee2401be5a3b7910e4830df9796", + "不妙,中招了【被供应链攻击的多个浏览器插件】,包含Proxy SwitchyOmega (V3)快看看你有没有中招!!!": "https://mp.weixin.qq.com/s?__biz=Mzk0MzY3MDE5Mg==&mid=2247483900&idx=1&sn=bc2a24cb3acce687934d446c9b8e54ba", + "DH POC撤稿之后还有后续......": "https://mp.weixin.qq.com/s?__biz=MzkxNTY4NTQwMg==&mid=2247484250&idx=1&sn=94a79a0c3a5d9b0fd98cd00f3eb6e7c2", + "工具集:Jar Analyzer【JAR包分析工具】": "https://mp.weixin.qq.com/s?__biz=Mzk0MjY1ODE5Mg==&mid=2247485173&idx=1&sn=5a73100d1f93e564e9a47a52edecf6c9", + "浅谈蜜罐原理与规避": "https://mp.weixin.qq.com/s?__biz=MzUyODkwNDIyMg==&mid=2247546700&idx=1&sn=a1c5f7adaa827ba876c2a6f9ecca2c6c", + "记一次简单的微信洗车小程序渗透学习": "https://mp.weixin.qq.com/s?__biz=MzI3NjA4MjMyMw==&mid=2647789913&idx=1&sn=711f295d77c716f63cb014faa429975e", + "从用户注册绕过到纵向权限提升接管SaaS平台": "https://mp.weixin.qq.com/s?__biz=MzI4NTcxMjQ1MA==&mid=2247615126&idx=1&sn=0f4af4c6a0614c4c7d3cb8630b905b40", + "通过高效的侦察发现关键漏洞接管整个IT基础设施": "https://mp.weixin.qq.com/s?__biz=MzI4NTcxMjQ1MA==&mid=2247615126&idx=2&sn=5bd8af62ab97fbe13a4424ee9e7ce5b6", + "网络抓包调试实践": "https://mp.weixin.qq.com/s?__biz=MzkxMzMyNzMyMA==&mid=2247569635&idx=1&sn=2db73304bb7a151c07a5821530e7a565", + "过来人告诉你网络安全到底要学什么?(附学习笔记、电子资料、安装包)": "https://mp.weixin.qq.com/s?__biz=MzkxNDU0MTUyNw==&mid=2247491900&idx=1&sn=043fcafa82bfe031643f27f0ef9df91a", + "Linux上常用的防火墙软件iptables详解": "https://mp.weixin.qq.com/s?__biz=MzkxMzMyNzMyMA==&mid=2247569635&idx=2&sn=133bf1a2d285f34ca1fc65124517bc07", + "行业动态|2025第三届商用密码展将于6月11日-13日在上海举办!": "https://mp.weixin.qq.com/s?__biz=MzUyNjk2MDU4MQ==&mid=2247486408&idx=1&sn=1e184be0b0c354c02923ec5534f1dcc8", + "南部非洲发展共同体(SADC)APT网络攻击趋势解析": "https://mp.weixin.qq.com/s?__biz=Mzg3OTYxODQxNg==&mid=2247485597&idx=1&sn=158ede6f488e8ad3e77873fbeeb3c4d0", + "章管家前台任意文件上传漏洞(XVE-2024-19042)": "https://mp.weixin.qq.com/s?__biz=Mzg4NDg3NjE5MQ==&mid=2247485124&idx=1&sn=de4ced0e1f786160e9142f28356cf6df", + "【黑产大数据】2024年数据泄露风险态势报告": "https://mp.weixin.qq.com/s?__biz=MzI3NDY3NDUxNg==&mid=2247498732&idx=1&sn=4ba0213d21420c4b3a5fdde9907f5853", + "第七届入侵检测挑战赛报名开启!": "https://mp.weixin.qq.com/s?__biz=MzIxMjEwNTc4NA==&mid=2652997294&idx=1&sn=ec666eebc045f5a7137e852bd81614c9", + "绘制网络拓扑图,这5款工具助你轻松搞定!": "https://mp.weixin.qq.com/s?__biz=MzUyNTExOTY1Nw==&mid=2247527848&idx=1&sn=fe56854d8e8b69a9ccf90c73e04c010b", + "MS-RPC 流程浅析": "https://mp.weixin.qq.com/s?__biz=Mzg5NTkxNzg4MA==&mid=2247489836&idx=1&sn=a254b1c12d9a3d79caebaffc09e532e7", + "Sec新闻周刊:中新赛克强势入选中国网络安全行业全景册": "https://mp.weixin.qq.com/s?__biz=Mzk0ODUwNTg0Ng==&mid=2247489672&idx=1&sn=2c40fad5ea6c330b3e5af5fdc18c46a5", + "对新人友好的云认证是?CCSK!!!": "https://mp.weixin.qq.com/s?__biz=MzIxNTM4NDY2MQ==&mid=2247515685&idx=1&sn=60a26b482d668f9a65b58f8392a9aa76", + "ITIL4 的职业发展前景": "https://mp.weixin.qq.com/s?__biz=MzIxNTM4NDY2MQ==&mid=2247515685&idx=2&sn=dffc254743eee027c264d8b52275ee6d", + "凭CZTP,进入零信任安全工程师赛道": "https://mp.weixin.qq.com/s?__biz=MzIxNTM4NDY2MQ==&mid=2247515685&idx=3&sn=12e8c8877d43cab65bf2d3eae44546e5", + "最新公告!可拨打12336举报泄密或保密违法违规行为": "https://mp.weixin.qq.com/s?__biz=MzkyMDY4MTc2Ng==&mid=2247483966&idx=1&sn=e636d329a5b5ee3cc07d3b0281708352", + "北京市西城区委常委、统战部部长江岚一行到访安博通": "https://mp.weixin.qq.com/s?__biz=MzIyNTA5Mzc2OA==&mid=2651137396&idx=1&sn=a72bdcc625e7a11c1756e5501a86fd0f", + "联想全球安全实验室热招AI安全领域精英,欢迎志同道合的小伙伴加入!": "https://mp.weixin.qq.com/s?__biz=MzU1ODk1MzI1NQ==&mid=2247491476&idx=1&sn=41e46c9f328fd2e9c315fb6f0fb022ec", + "【漏洞复现】科荣AIO系统存在代码执行漏洞": "https://mp.weixin.qq.com/s?__biz=Mzg2MjkwMDY3OA==&mid=2247485529&idx=1&sn=5379f2f365b78268422e0aa297eaa61c", + "论安全运营的本质(第十章)": "https://mp.weixin.qq.com/s?__biz=MzkwNTI3MjIyOQ==&mid=2247484113&idx=1&sn=7f019dca19eb8721e20b86ecde235940", + "CISSP管理者思路系列-6": "https://mp.weixin.qq.com/s?__biz=MzIyMjYzNDgzMg==&mid=2247487609&idx=1&sn=53179fc57883fbb8721e1024c4d4fa23", + "欢迎「金山云」入驻补天专属SRC!": "https://mp.weixin.qq.com/s?__biz=MzI2NzY5MDI3NQ==&mid=2247507273&idx=1&sn=19b1a506b7082cf3e664e77cdd6e1e2e", + "【吃瓜】优越感从何而来": "https://mp.weixin.qq.com/s?__biz=Mzk0OTY2ODE1NA==&mid=2247484965&idx=1&sn=458ff1e5072a7220fb1597b412c31d4e", + "无条件帮转高质量原创文章": "https://mp.weixin.qq.com/s?__biz=MzkzNDIzNDUxOQ==&mid=2247494201&idx=1&sn=773dee3b8b7be36c839fd06a1f45d440", + "【分析报告】蒙古国首都发生示威游行事件": "https://mp.weixin.qq.com/s?__biz=MzkwNzM0NzA5MA==&mid=2247503784&idx=1&sn=fbcceefe3a99ba33bc9366707787a161", + "蒙古国与日本及欧洲合作的多维影响:地缘政治、军事与经济分析": "https://mp.weixin.qq.com/s?__biz=MzkwNzM0NzA5MA==&mid=2247503784&idx=2&sn=0567f454c7c6080d119916d7c420d945", + "蒙古国与印度合作 :挑战交织下的地缘政治棋局": "https://mp.weixin.qq.com/s?__biz=MzkwNzM0NzA5MA==&mid=2247503784&idx=3&sn=75dc380dad6d85821f4a51c795ceae3c", + "CommonsCollections CC1攻击链详解": "https://mp.weixin.qq.com/s?__biz=MzkzNzI2Mzc0Ng==&mid=2247486395&idx=1&sn=16923b6435b723ef0bceb14373cac87a", + "西班牙电信巨头 Telefónica 发生严重数据泄露": "https://mp.weixin.qq.com/s?__biz=MjM5Mzc4MzUzMQ==&mid=2650260383&idx=1&sn=2d52c9c19f4213f6db6138421d57362d", + "算法治病还是杀人?留神医疗大模型被“投毒”": "https://mp.weixin.qq.com/s?__biz=MzI1OTA1MzQzNA==&mid=2651247414&idx=1&sn=df34afa6162156e52419024004e80cad", + "20元就能山寨官网!央视曝光克隆网站黑幕": "https://mp.weixin.qq.com/s?__biz=MzU0MjE2Mjk3Ng==&mid=2247488395&idx=1&sn=5f461e90183934cf2a555d8bb1eb8628", + "数据安全治理实践指南(4.0)": "https://mp.weixin.qq.com/s?__biz=MzI3NjUzOTQ0NQ==&mid=2247517052&idx=1&sn=9ceaace23a7ee3df679b0ac1f15241dd", + "坦诚点,让我们谈谈网络安全行业现状": "https://mp.weixin.qq.com/s?__biz=Mzg4NzgyODEzNQ==&mid=2247488595&idx=1&sn=e0d96d17cc81d1fc1f9023201479b3d1", + "网安全牛马注意了!!!某提权工具被投毒植入后门": "https://mp.weixin.qq.com/s?__biz=MzkwODM3NjIxOQ==&mid=2247502254&idx=1&sn=65722ab7fe999110e71098d246f9b1fa", + "澳门司法警察局“电子数据取证”交流培训活动圆满落幕": "https://mp.weixin.qq.com/s?__biz=Mzg3MjE1NjQ0NA==&mid=2247514135&idx=1&sn=5db549d49218818eeb0c16de15922c25", + "CES 2025的十大“人工智障”产品": "https://mp.weixin.qq.com/s?__biz=MzkxNTI2MTI1NA==&mid=2247502100&idx=1&sn=c77ce9430cd56a9714c2b241df526cc7", + "周刊 | 网安大事回顾(2025.1.6-2025.1.12)": "https://mp.weixin.qq.com/s?__biz=MzkxNTI2MTI1NA==&mid=2247502100&idx=2&sn=12de4dfa2cd4a5a3b507b90cfa668bcc", + "【我们这一年】网络和数据安全取得新突破": "https://mp.weixin.qq.com/s?__biz=MzkyMDMwNTkwNg==&mid=2247487228&idx=1&sn=24663c9da168168f965aff20afce7a58", + "轻量级、自适应Web爬虫工具": "https://mp.weixin.qq.com/s?__biz=MzkyMDM4NDM5Ng==&mid=2247490227&idx=1&sn=74f8d20a405e1b97c6c308e7c5596e66", + "一个永久的.NET渗透工具和知识仓库": "https://mp.weixin.qq.com/s?__biz=MzkyMDM4NDM5Ng==&mid=2247490227&idx=2&sn=d9c48450125c96e885b697b496a8b413", + "AAAI 25 | 融合分隔:协同专家混合模型用于数据稀缺环境下的药物-靶点相互作用预测": "https://mp.weixin.qq.com/s?__biz=Mzg4MzE1MTQzNw==&mid=2247491733&idx=1&sn=83e02623adec1c30364f023dbc550518", + "MITRE ATT&CK:应用指南与学习路径": "https://mp.weixin.qq.com/s?__biz=MzkzMDQ0NzQwNA==&mid=2247485871&idx=1&sn=4a8fedb2de4d6a2fcf2456d0fd86e9b5", + "罪恶角落,带你了解什么是暗网": "https://mp.weixin.qq.com/s?__biz=Mzg3NTY0MjIwNg==&mid=2247485518&idx=1&sn=4883cd2d4061a65371d5afe9e0196c58", + "【文中抽奖】一杯奶茶钱开挣生活费 SRC漏洞挖掘基础及赏金培训": "https://mp.weixin.qq.com/s?__biz=MzI0NjE1NDYyOA==&mid=2247484790&idx=1&sn=7c58b5be658c0fb646c28fda9f8aeb33", + "腾讯协助警方破获木马盗窃游戏账号案,涉案金额超 3000 万;|江苏一男子利用小程序Bug逃匿28万加油费,法院判了": "https://mp.weixin.qq.com/s?__biz=MzAxMjE3ODU3MQ==&mid=2650606485&idx=1&sn=e6574ea4808aafdb1a8939a0e61f67e5", + "国家网信办征求意见:平台应当以显著方式展示账号所属 MCN 机构": "https://mp.weixin.qq.com/s?__biz=MzAxMjE3ODU3MQ==&mid=2650606485&idx=2&sn=ca90501b4575d0ee15461348ca0a7817", + "记一次某OA渗透测试有意思的文件上传漏洞挖掘经历以及分析": "https://mp.weixin.qq.com/s?__biz=MzAxMjE3ODU3MQ==&mid=2650606485&idx=3&sn=4bdcf90b59f41c99b28e4613268a24c6", + "一个好用的越权扫描工具": "https://mp.weixin.qq.com/s?__biz=MzAxMjE3ODU3MQ==&mid=2650606485&idx=4&sn=ead6d8702819a5443a5124688e8a6934", + "【技术分享】WS视频流地址泄露利用方式": "https://mp.weixin.qq.com/s?__biz=MzkxMTY1MTIzOA==&mid=2247484571&idx=1&sn=52dc59bb8dfe62fb3fd057d1f7a29b0c", + "记一次从任意文件下载到getshell": "https://mp.weixin.qq.com/s?__biz=Mzk0MTIzNTgzMQ==&mid=2247519178&idx=1&sn=ffc262a1b50eb5cd080dd71e5ec057ec", + "常用浏览器的安全取证分析技术总结": "https://mp.weixin.qq.com/s?__biz=MjM5MjEyMTcyMQ==&mid=2651037264&idx=1&sn=a1c62cd4e27808340ee69e684ca70983", + "【神兵利器】HeavenlyBypassAV免杀工具": "https://mp.weixin.qq.com/s?__biz=Mzg4MTU4NTc2Nw==&mid=2247494941&idx=1&sn=850fc249132011cdab654923792fead7", + "程序源码保护攻防对抗记录": "https://mp.weixin.qq.com/s?__biz=Mzg4MTU4NTc2Nw==&mid=2247494941&idx=2&sn=d2e1544fd257d23974c5f6f7fc9a3c23", + "[0113]一周重点暗网情报|天际友盟情报站": "https://mp.weixin.qq.com/s?__biz=MzIwNjQ4OTU3NA==&mid=2247510005&idx=1&sn=c48e4d5efd2041457d33e5f84223f855", + "数十个Chrome扩展程序被黑客攻击,数百万用户数据被盗(包括Proxy SwitchyOmega在内)": "https://mp.weixin.qq.com/s?__biz=MzkyODY3NjkyNQ==&mid=2247484756&idx=1&sn=388375c011cc6ec8046a8ec235ed4d62", + "华硕(ASUS)RT-AX56U系列路由器error_page存在文件读取": "https://mp.weixin.qq.com/s?__biz=MzkyOTg3ODc5OA==&mid=2247484162&idx=1&sn=535c46098f7db6c25a0500484da29ddc", + "AI引领2024|智能体200+,执行任务近50000000次,这一年恒脑很忙": "https://mp.weixin.qq.com/s?__biz=MjM5NTE0MjQyMg==&mid=2650623724&idx=1&sn=9537ef0dac94cf46a5a8a10023bc7f9b", + "把握“AI”新浪潮 | 浙商总会数字资产及交易委员会一届二次委员会议举行": "https://mp.weixin.qq.com/s?__biz=MjM5NTE0MjQyMg==&mid=2650623724&idx=2&sn=745381a3f0fbf8d64db495cffddd92c8", + "美国超千万中小学生个人数据疑似泄露": "https://mp.weixin.qq.com/s?__biz=MzIwNzAwOTQxMg==&mid=2652251197&idx=1&sn=a6f8126cf569ae8d1d20db2ec9ba5471", + "从“金疙瘩”到“烫手山芋”,智算中心面临过剩危机": "https://mp.weixin.qq.com/s?__biz=Mzg4MDE0MzQzMw==&mid=2247487996&idx=1&sn=7fc7f3d3e3de1061c83a2bd052aa06b6", + "“迪普信创AI全流量态势感知”入选浙江省信息技术应用创新优秀解决方案": "https://mp.weixin.qq.com/s?__biz=MzA4NzE5MzkzNA==&mid=2650370114&idx=1&sn=aad65c650effe7c6eb2b12046665ca6e", + "泛微-云桥e-Bridge addTasteJsonp SQL注入漏洞": "https://mp.weixin.qq.com/s?__biz=MzkzMTcwMTg1Mg==&mid=2247490141&idx=1&sn=9bdeb4a82982b626048e1a9069b4d1e9", + "一次敏感信息泄露引发的逻辑漏洞挖掘": "https://mp.weixin.qq.com/s?__biz=MzkxNzY5MTg1Ng==&mid=2247485481&idx=1&sn=1115561690fb800d94b50913f07bd6d2", + "IClean": "https://mp.weixin.qq.com/s?__biz=Mzk1NzY0NzMyMw==&mid=2247485282&idx=1&sn=fe2ef5eaa6f84e12f45e5f806d37f2b8", + "企业防线的薄弱环节:深入了解供应链网络攻击的风险": "https://mp.weixin.qq.com/s?__biz=MzA3MTUxNzQxMQ==&mid=2453885717&idx=1&sn=02370f3718668f2fb513019d1e09d686", + "浅谈金融资产机构数据质量问题与应对策略": "https://mp.weixin.qq.com/s?__biz=MzkwNDI0MjkzOA==&mid=2247485650&idx=1&sn=d18cd67e0c5c4da244c8b9bcf826c396", + "微软采取法律行动保护公众免受人工智能生成内容的侵害": "https://mp.weixin.qq.com/s?__biz=MzI2NzAwOTg4NQ==&mid=2649793828&idx=1&sn=46ceaef5035a0a62be54836973ba1e77", + "GitHub 上的虚假 LDAPNightmware 漏洞投放信息窃取恶意软件": "https://mp.weixin.qq.com/s?__biz=MzI2NzAwOTg4NQ==&mid=2649793828&idx=2&sn=75c89a73f526a3eef48834b9589071a7", + "泽连斯基访问意大利后,亲俄黑客发动新一波 DDoS 攻击": "https://mp.weixin.qq.com/s?__biz=MzI2NzAwOTg4NQ==&mid=2649793828&idx=3&sn=e0a4e09c8099a8284fd038f81a885f3b", + "2025的第一个私活,赚了2w": "https://mp.weixin.qq.com/s?__biz=MzUzMDQ1MTY0MQ==&mid=2247506577&idx=1&sn=dd37e4692c9c7937254675370f08279d", + "Lua项目下SSRF利用Redis文件覆盖lua回显RCE": "https://mp.weixin.qq.com/s?__biz=Mzk0Mzc1MTI2Nw==&mid=2247487032&idx=1&sn=3953d7b15c531d645369722844c65578", + "实战|拿下了自己学校的大屏幕": "https://mp.weixin.qq.com/s?__biz=MzU2NzY5MzI5Ng==&mid=2247504764&idx=1&sn=5c021b505429afbebdaa8a822ad917e9", + "【快收藏】信创认证一文通:你想知道的都在这儿": "https://mp.weixin.qq.com/s?__biz=MzU2NzY5MzI5Ng==&mid=2247504764&idx=2&sn=3078de2e0ecc85d9808e62d9c2dad6c9", + "vulnhub之Sputnik的实践": "https://mp.weixin.qq.com/s?__biz=MzA3MjM5MDc2Nw==&mid=2650748923&idx=1&sn=da1b2662ae1830f66e01ee29a39ce551", + "【吃瓜】要不是真的没绷住,没周末还发吃瓜啊?": "https://mp.weixin.qq.com/s?__biz=MzIxNTIzNTExMQ==&mid=2247490663&idx=1&sn=76c8f084b038a53cb020772026ab8e04", + "网络安全讲师(兼职)招募": "https://mp.weixin.qq.com/s?__biz=MzU4OTg4Nzc4MQ==&mid=2247505479&idx=1&sn=33e43aa495d88306d800d5786147d55b", + "网络安全ctf比赛/学习资源整理,解题工具、比赛时间、解题思路、实战靶场、学习路线,推荐收藏!": "https://mp.weixin.qq.com/s?__biz=MzU4OTg4Nzc4MQ==&mid=2247505479&idx=2&sn=b430206fc0a060fe581e40f7929f1724", + "云上安全的五大威胁及防护措施": "https://mp.weixin.qq.com/s?__biz=Mzg2MDg0ODg1NQ==&mid=2247539478&idx=1&sn=7a255a9243b48db12349cb6c05714760" + }, + "Private Feed for M09Ic": { + "safedv starred RedByte1337/GraphSpy": "https://github.com/RedByte1337/GraphSpy", + "kpcyrd starred woodruffw/zizmor": "https://github.com/woodruffw/zizmor", + "zema1 started following kotori2": "https://github.com/kotori2", + "zer0yu starred afnanenayet/diffsitter": "https://github.com/afnanenayet/diffsitter", + "wh0amitz starred pureqh/Hyacinth": "https://github.com/pureqh/Hyacinth", + "4ra1n starred icsharpcode/ILSpy": "https://github.com/icsharpcode/ILSpy", + "Ridter starred doyensec/CSPTBurpExtension": "https://github.com/doyensec/CSPTBurpExtension", + "h3zh1 pushed to master in chainreactors/malefic": "https://github.com/chainreactors/malefic/compare/c71ba53e38...3aea9cd265", + "Rvn0xsy starred bytevet/proxyverse": "https://github.com/bytevet/proxyverse", + "DVKunion starred zero-peak/ZeroOmega": "https://github.com/zero-peak/ZeroOmega", + "INotGreen starred H4ckF0rFun/elf_to_shellcode": "https://github.com/H4ckF0rFun/elf_to_shellcode", + "zer0yu started following mal-tee": "https://github.com/mal-tee", + "Ridter forked Ridter/reality from howmp/reality": "https://github.com/Ridter/reality", + "pmiaowu starred lemono0/FastJsonParty": "https://github.com/lemono0/FastJsonParty", + "glzjin starred cliffe/SecGen": "https://github.com/cliffe/SecGen", + "Ridter starred howmp/reality": "https://github.com/howmp/reality", + "ring04h starred uber-go/goleak": "https://github.com/uber-go/goleak", + "yzddmr6 forked yzddmr6/520apkhook from sec-db/520apkhook": "https://github.com/yzddmr6/520apkhook", + "yzddmr6 starred howmp/reality": "https://github.com/howmp/reality" + }, + "Recent Commits to cve:main": { + "Update Mon Jan 13 20:21:05 UTC 2025": "https://github.com/trickest/cve/commit/6d1183495f89140d47f2cca943f8e3e0b0c86f4a", + "Update Mon Jan 13 12:18:30 UTC 2025": "https://github.com/trickest/cve/commit/25b0ea30350fdeb5c900d370af0419f11ef61acc", + "Update Mon Jan 13 04:15:26 UTC 2025": "https://github.com/trickest/cve/commit/e8cfcd643185168d79075322c94dc7a7868ad6f0" + }, + "奇安信攻防社区": { + "AFL++工具运行原理与实战分析": "https://forum.butian.net/share/4033", + "安全开发原则与编码规范": "https://forum.butian.net/share/4036" + }, + "一个被知识诅咒的人": { + "【Python】深入解析Python的上下文管理器与资源管理:实现自定义的`with`语句": "https://blog.csdn.net/nokiaguy/article/details/145113849", + "Python中的动态属性:用__getattr__和__setattr__实现灵活的数据访问": "https://blog.csdn.net/nokiaguy/article/details/145113830" + }, + "Bug Bounty in InfoSec Write-ups on Medium": { + "How I got my first bounty of $$$": "https://infosecwriteups.com/how-i-got-my-first-bounty-of-e163f970d1e0?source=rss----7b722bfd1b8d--bug_bounty", + "The Subdomain They Forgot — How I Chained Bugs for a $1,000 Bounty": "https://infosecwriteups.com/the-subdomain-they-forgot-how-i-chained-bugs-for-a-1-000-bounty-094d89758489?source=rss----7b722bfd1b8d--bug_bounty", + "How I got my name on WHO’s Hall of Fame": "https://infosecwriteups.com/how-i-got-my-name-on-whos-hall-of-fame-060d57662b16?source=rss----7b722bfd1b8d--bug_bounty" + }, + "Twitter @bytehx": { + "Re @0xRAYAN7 @Hacker0x01 Congrats 🎉": "https://x.com/bytehx343/status/1878754781633896462" + }, + "Reverse Engineering": { + "/r/ReverseEngineering's Weekly Questions Thread": "https://www.reddit.com/r/ReverseEngineering/comments/1i0967i/rreverseengineerings_weekly_questions_thread/", + "How Hard Is It to Port Frida to an Unsupported Platform? (Let’s Find Out)": "https://www.reddit.com/r/ReverseEngineering/comments/1i0hser/how_hard_is_it_to_port_frida_to_an_unsupported/", + "The Permission Slip Attack, Leveraging a Confused Deputy in Android with 'pSlip'": "https://www.reddit.com/r/ReverseEngineering/comments/1i0ih4y/the_permission_slip_attack_leveraging_a_confused/" + }, + "Malwarebytes": { + "The new rules for AI and encrypted messaging, with Mallory Knodel (Lock and Code S06E01)": "https://www.malwarebytes.com/blog/uncategorized/2025/01/the-new-rules-for-ai-and-encrypted-messaging-with-mallory-knodel-lock-and-code-s06e01", + "iMessage text gets recipient to disable phishing protection so they can be phished": "https://www.malwarebytes.com/blog/news/2025/01/imessage-text-gets-recipient-to-disable-phishing-protection-so-they-can-be-phished", + "A week in security (January 6 – January 12)": "https://www.malwarebytes.com/blog/news/2025/01/a-week-in-security-january-6-january-12" + }, + "Webroot Blog": { + "Why MSPs must offer 24/7 cybersecurity protection and response — and how OpenText MDR can help": "https://www.webroot.com/blog/2025/01/13/why-msps-must-offer-24-7-cybersecurity-protection-and-response/" + }, + "Intigriti": { + "7 Overlooked recon techniques to find more vulnerabilities": "https://www.intigriti.com/researchers/blog/hacking-tools/7-overlooked-recon-techniques-to-find-more-vulnerabilities" + }, + "Horizon3.ai": { + "The Death of BAS and the Rise of Autonomous Pentesting": "https://www.horizon3.ai/intelligence/blogs/the-death-of-bas-and-the-rise-of-autonomous-pentesting/", + "Critical Vulnerabilities in SimpleHelp Remote Support Software": "https://www.horizon3.ai/attack-research/disclosures/critical-vulnerabilities-in-simplehelp-remote-support-software/" + }, + "FreeBuf网络安全行业门户": { + "FreeBuf早报 | 央视曝光“克隆网站”;IBM漏洞允许攻击者嵌入任意JS代码": "https://www.freebuf.com/news/419728.html", + "警惕!1亿macOS用户面临Banshee新变种威胁": "https://www.freebuf.com/news/419718.html", + "Azure AI被黑客越狱,提供“黑客即服务”": "https://www.freebuf.com/news/419701.html", + "研究人员成功入侵苹果新型USB-C控制器": "https://www.freebuf.com/news/419681.html", + "SaaS安全大考:黑客“全明星”盘点与2025年备战指南": "https://www.freebuf.com/articles/419699.html" + }, + "绿盟科技技术博客": { + "绿盟科技威胁情报周报(2025.01.06-2025.01.12)": "https://blog.nsfocus.net/2025-01-06-2025-01-12/" + }, + "HackerNews": { + "泽连斯基访问意大利后亲俄黑客发动新一波 DDoS 攻击": "https://hackernews.cc/archives/56858", + "印度加密货币交易所 Mudrex 解释提款暂停原因": "https://hackernews.cc/archives/56852", + "新型 Web3 攻击利用交易模拟窃取加密货币": "https://hackernews.cc/archives/56845", + "网络钓鱼短信诱骗苹果 iMessage 用户关闭保护机制": "https://hackernews.cc/archives/56837", + "AI 驱动勒索软件 FunkSec 采用双重勒索战术攻击 85 名受害者": "https://hackernews.cc/archives/56832" + }, + "安全牛": { + "2025年人工智能带来的五大网络安全预测及其应对策略": "https://www.aqniu.com/homenews/107946.html", + "苹果最新ACE3 USB-C控制器被破解,引发设备安全担忧;IBM watsonx.ai平台安全漏洞或导致XSS攻击风险 |牛览": "https://www.aqniu.com/homenews/107947.html" + }, + "奇客Solidot–传递最新科技情报": { + "Mastodon 将控制权转交给一家非盈利组织": "https://www.solidot.org/story?sid=80320", + "微软在六地测试 Microsoft 365 涨价": "https://www.solidot.org/story?sid=80319", + "《疯狂出租车》速通玩家用现场演奏避免版权问题": "https://www.solidot.org/story?sid=80318", + "售价 12 美元衣服的背后": "https://www.solidot.org/story?sid=80317", + "2024 年德国可更新能源占到发电量的 62.7%": "https://www.solidot.org/story?sid=80316", + "NASA JPL 和威尔逊山天文台未被山火波及": "https://www.solidot.org/story?sid=80315", + "小鼠研究解释为何新记忆不会覆盖旧记忆": "https://www.solidot.org/story?sid=80314", + "TikTok 在世界各地都面临法律诉讼": "https://www.solidot.org/story?sid=80313", + "Matt Mullenweg 关闭了多位据称试图创建分支的 WordPress.org 贡献者账号": "https://www.solidot.org/story?sid=80312", + "关系衰退成为一种全球性现象": "https://www.solidot.org/story?sid=80311" + }, + "黑海洋 - IT技术知识库": { + "Nezha V1:哪吒监控自定义代码美化": "https://blog.upx8.com/4652" + }, + "腾讯玄武实验室": { + "每日安全动态推送(25/1/13)": "https://mp.weixin.qq.com/s?__biz=MzA5NDYyNDI0MA==&mid=2651959984&idx=1&sn=daac9046ff73a9a0334acecde2fdd4cf&chksm=8baed22fbcd95b39cca160d7f1d5ce7eec7ae7a66b8907a88b9f41db4f4b2423dccc01f85b54&scene=58&subscene=0#rd" + }, + "安全分析与研究": { + "伪装成Chrome安装程序传播银狐最新变种": "https://mp.weixin.qq.com/s?__biz=MzA4ODEyODA3MQ==&mid=2247489956&idx=1&sn=91861b57be376b8d6fa0d075edf1d6b6&chksm=902fb68ca7583f9a4714da177a1e775f3170d9875f63c7e39f99f27ff826fa2f22f3cec354c2&scene=58&subscene=0#rd" + }, + "奇安信 CERT": { + "【技术细节公开】Ivanti 多款产品缓冲区溢出漏洞(CVE-2025-0282)安全风险通告": "https://mp.weixin.qq.com/s?__biz=MzU5NDgxODU1MQ==&mid=2247502754&idx=1&sn=48a21e24bdfc8908bb32481d68e1cb9b&chksm=fe79ef3ac90e662c847aaac7838231f459a77d12388ca13ee7bb9ae8b12b5e2b051c5fd1d54e&scene=58&subscene=0#rd", + "安全热点周报:黑客利用自定义恶意软件对受感染的 Ivanti 设备发起零日攻击": "https://mp.weixin.qq.com/s?__biz=MzU5NDgxODU1MQ==&mid=2247502754&idx=2&sn=71834c7ec593bc49ee831cf81afb0628&chksm=fe79ef3ac90e662c0938869f54ea887addd6c578f54932f05bf3901d6b96b1048e3ae3fee67c&scene=58&subscene=0#rd" + }, + "雷神众测": { + "雷神众测漏洞周报2025.1.6-2025.1.12": "https://mp.weixin.qq.com/s?__biz=MzI0NzEwOTM0MA==&mid=2652503275&idx=1&sn=2b10bfb0eb83fdb8f10466f9476b7a57&chksm=f2585f58c52fd64e76b8d6e69b0939688a5ad89e9a654a4eb9345d294e495326b8a5b197a01b&scene=58&subscene=0#rd" + }, + "Black Hills Information Security": { + "Introduction to Zeek Log Analysis": "https://www.blackhillsinfosec.com/introduction-to-zeek-log-analysis-wrap/" + }, + "看雪学苑": { + "Dex文件结构-ReadDex解析器实现": "https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458588591&idx=1&sn=f3af400aa11be8f19a775a31e96d7740&chksm=b18c252586fbac3333019757efad00be145ea661a9a9fcd7c622c441e62f07dc2c3f4bc04f0f&scene=58&subscene=0#rd", + "10万美金!研究员如何黑进 Facebook 服务器": "https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458588591&idx=2&sn=0adaab3ebee5e866ad30ef7799307d47&chksm=b18c252586fbac33941785182240f8c6b7e6cb0ae71488a6845d7fc5236e82b4cd7f416efc73&scene=58&subscene=0#rd", + "成为看雪讲师,开启技术分享的高光时刻": "https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458588591&idx=3&sn=b11fa1206f5347a3696b9363851d9aa9&chksm=b18c252586fbac337f968ef57b1c1b5fef6e47c287b8a331ba6e79c740794c1b13359655edf3&scene=58&subscene=0#rd" + }, + "威努特安全网络": { + "5G+AI+信创,深度揭秘智慧矿山工业控制网络构建之道": "https://mp.weixin.qq.com/s?__biz=MzAwNTgyODU3NQ==&mid=2651130319&idx=1&sn=345bdcb858d6db350bb617bf16fd1016&chksm=80e7137fb7909a699eb5c07fdd6d2f9bef27138bffc3f57a27cc512027d7bd4045cee717da3e&scene=58&subscene=0#rd" + }, + "软件安全与逆向分析": { + "eBPF开发指南从原理到应用如何学习": "https://mp.weixin.qq.com/s?__biz=MzU3MTY5MzQxMA==&mid=2247484752&idx=1&sn=488c75243ec385aeda8c794e69785718&chksm=fcdd055dcbaa8c4bc476588f2467b3531d64c869ec3b4eea33f0b82d3153f79da8ef2fa34521&scene=58&subscene=0#rd" + }, + "安全内参": { + "泄露近600万客户敏感数据,这家金融机构被罚超1.4亿元": "https://mp.weixin.qq.com/s?__biz=MzI4NDY2MDMwMw==&mid=2247513476&idx=1&sn=605167ebb5844cbdb4b12e1f489b5730&chksm=ebfaf2a4dc8d7bb25f7b717c165921f0c5af838718a2072ecef6f2e98d7daa0faadd51b8688e&scene=58&subscene=0#rd", + "算法治病还是杀人?留神医疗大模型被“投毒”": "https://mp.weixin.qq.com/s?__biz=MzI4NDY2MDMwMw==&mid=2247513476&idx=2&sn=3b473e5b6b3eadea5cc1f0973885d17d&chksm=ebfaf2a4dc8d7bb2d21d3da21117942d17be63755bbb6828059cf21f8e9124f7375675fd76a9&scene=58&subscene=0#rd" + }, + "绿盟科技研究通讯": { + "从云原生攻防靶场看新型计算环境下的网络安全实战人才培养": "https://mp.weixin.qq.com/s?__biz=MzIyODYzNTU2OA==&mid=2247498256&idx=1&sn=b2635dc70b17f67d197e6cceb52ebd1e&chksm=e84c5ccfdf3bd5d9566dc0f75159a4507fa4c58e8cc505f8a16eafc62825cd80b6a7b1a853bd&scene=58&subscene=0#rd" + }, + "代码卫士": { + "GFI KerioControl 防火墙存在严重的RCE漏洞": "https://mp.weixin.qq.com/s?__biz=MzI2NTg4OTc5Nw==&mid=2247522044&idx=1&sn=71bbcad32c9a0753d8385256ee5dad03&chksm=ea94a796dde32e80febb13e46990720e4748e375842d7d932e99d76c82cb55e561bf2219c17c&scene=58&subscene=0#rd", + "CrowdStrike虚假工作邀约通过密币挖矿机感染开发人员": "https://mp.weixin.qq.com/s?__biz=MzI2NTg4OTc5Nw==&mid=2247522044&idx=2&sn=f72144000ab0d2c1280f017af0018e6e&chksm=ea94a796dde32e802b549f6142713bd6d30abcff4fb2dad9a2d96d274145d96f5962e976b84c&scene=58&subscene=0#rd" + }, + "dotNet安全矩阵": { + ".NET 实战中批量获取数据库凭据的工具": "https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498183&idx=1&sn=93271af446b9fab68ddccddd1c8d42fa&chksm=fa59572acd2ede3c188f8fba769e989eafc4d9a5d892cc3dca36098c37de2975099065f1c4f8&scene=58&subscene=0#rd", + "国内最专业、最全面的 [ .NET 代码审计 ] 体系化学习交流社区": "https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498183&idx=2&sn=f8f8e1c70409762960a7fae57b956271&chksm=fa59572acd2ede3cedb794d2838a04af22159a4117a372cf7add6b7d007dfc63f631a9b5f619&scene=58&subscene=0#rd", + ".NET 第54期红队武器库和资源汇总": "https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498183&idx=3&sn=fa292ad02108f28ed17b5fde3b8a7c88&chksm=fa59572acd2ede3cf7b38bbd15169bf26c14b1e0eb68076c59512d1c8c6a33d5f08631afd4f3&scene=58&subscene=0#rd" + }, + "安全研究GoSSIP": { + "G.O.S.S.I.P 阅读推荐(?) 2025-01-13 Nothing Bad": "https://mp.weixin.qq.com/s?__biz=Mzg5ODUxMzg0Ng==&mid=2247499611&idx=1&sn=f4c84ebd4655e6b7c270acc34692023d&chksm=c063d182f71458946d68d728ea7c53c8c927518a5bf7034bbac7c87669e69efa83fec019fcae&scene=58&subscene=0#rd" + }, + "丁爸 情报分析师的工具箱": { + "【资料】大语言模型对开源情报的影响": "https://mp.weixin.qq.com/s?__biz=MzI2MTE0NTE3Mw==&mid=2651148521&idx=1&sn=4c4aa636b9f05e358e1ed6469a640d2a&chksm=f1af27d3c6d8aec5afa85e4307e772bd2f2cca8056aa8bafa63d4dd65dd2fb8977a9dbed3550&scene=58&subscene=0#rd" + }, + "安全圈": { + "【安全圈】建立数据跨境服务中心、便利化访问国际互联网,上海虹桥商务区国际贸易中心新平台建设进一步落实": "https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067321&idx=1&sn=dd8f1699f9d8cbba67e8abc6091ffa6c&chksm=f36e79b9c419f0af2618c6816f0e6608ea027b7cad85fab87f7b8f411d608609fcee8157d58f&scene=58&subscene=0#rd", + "【安全圈】浙江某海岛发现间谍!抓了!": "https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067321&idx=2&sn=6fab346cb4be5016a1f9a40489cc5d01&chksm=f36e79b9c419f0af38c10930f488326095bfe4671378c6afd9bb07992f854d2172088ac98e14&scene=58&subscene=0#rd", + "【安全圈】研究人员入侵苹果新 USB-C 控制器": "https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067321&idx=3&sn=0baa019796225a8a1f3681f24e502952&chksm=f36e79b9c419f0afe0189b75ee69031de31213c10e55e69f5d89c92abcaabad3e78d2661af5f&scene=58&subscene=0#rd", + "【安全圈】微软起诉利用 Azure AI 创建有害内容的黑客组织": "https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067321&idx=4&sn=4ea1e634e045d59be08019f06a4fd52b&chksm=f36e79b9c419f0afb77e12ec0c05482c0c727401e2761ea07b3093e610802a46b227f479adae&scene=58&subscene=0#rd" + }, + "XCTF联赛": { + "SUCTF 2025落幕|S1uM4i战队实力夺冠!": "https://mp.weixin.qq.com/s?__biz=MjM5NDU3MjExNw==&mid=2247515484&idx=1&sn=0c506fe6fa7d8296675e4a1821546192&chksm=a6874f6691f0c6701e164a48a8ed8c4bde1eddca05b9ff21a02a8863935a46ed8b2e6c369f39&scene=58&subscene=0#rd" + }, + "慢雾科技": { + "慢雾:演员王星被骗事件相关聊天截图调查": "https://mp.weixin.qq.com/s?__biz=MzU4ODQ3NTM2OA==&mid=2247500907&idx=1&sn=1e629e1d6e96b48b3c5962aadba90a92&chksm=fddebaeccaa933fac3c0ee1a35cabeede882a8c5d99b8cab223c3abf838eb73b0a8b16aac029&scene=58&subscene=0#rd" + }, + "唯品会安全应急响应中心": { + "2025,感恩一路有你活动": "https://mp.weixin.qq.com/s?__biz=MzI5ODE0ODA5MQ==&mid=2652281687&idx=1&sn=7934a57fd8a96c7620b9cc67dbab42c9&chksm=f74872c3c03ffbd5a39cf25b67cca249855855c79ad62cc9f41efbfc513ddaa3dfb8523cad10&scene=58&subscene=0#rd" + }, + "数世咨询": { + "如何充分利用网络安全保险": "https://mp.weixin.qq.com/s?__biz=MzkxNzA3MTgyNg==&mid=2247534049&idx=1&sn=2beee14167a5b03d33ff211f021b29aa&chksm=c144375cf633be4a2ef79af31f437db15f11d64a03e292555e3305690495a36e1d1963d05ab1&scene=58&subscene=0#rd" + }, + "情报分析师": { + "俄罗斯如何塑造间谍高手:训练体系深度剖析": "https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650558899&idx=1&sn=2915b6a37534cfc83230d3de7449dcaa&chksm=87117ff8b066f6ee06eb18ad521152f3716b0d9258666c7779e81b545c70bdc3cfceca103fa4&scene=58&subscene=0#rd", + "【分析报告】蒙古国首都发生示威游行事件": "https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650558899&idx=2&sn=77b7afadae9bddf9b737487ca90c52fe&chksm=87117ff8b066f6ee084e62fc5d2a41918294746a76c56d216b230fd80f5b820b9186c49869df&scene=58&subscene=0#rd", + "蒙古国与日本及欧洲合作的多维影响:地缘政治、军事与经济分析": "https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650558899&idx=3&sn=58043dc5d2b15fd6d20c09516df03fad&chksm=87117ff8b066f6eedba595c9c512b301a9789917018b6d62d28b3bc361131a4ba02ff17b2738&scene=58&subscene=0#rd" + }, + "网络空间安全科学学报": { + "“可信计算”专题征稿": "https://mp.weixin.qq.com/s?__biz=MzI0NjU2NDMwNQ==&mid=2247504642&idx=1&sn=c447628a36e58e0247573195b34c3d8b&chksm=e9bfc7bcdec84eaa8510c6005dc89ac688fc5192fecb9e012fdf5b83d4f181e939f4ba124580&scene=58&subscene=0#rd" + }, + "嘶吼专业版": { + "2024中国网络安全产业势能榜优能企业「制造行业」典型案例展示": "https://mp.weixin.qq.com/s?__biz=MzI0MDY1MDU4MQ==&mid=2247580751&idx=1&sn=38ed7d42fddd1b5e624f8f2ac1ec4a44&chksm=e9146c75de63e56358f97bd26b9565f64210ce19c2b9a55727c9b577b37fca91fab1a28f274a&scene=58&subscene=0#rd", + "安全动态回顾|国家网络安全通报中心:重点防范境外恶意网址和恶意IP 超过4000个后门因注册过期域名而被劫持": "https://mp.weixin.qq.com/s?__biz=MzI0MDY1MDU4MQ==&mid=2247580751&idx=2&sn=7886e26f1ed368509d62b0ced61b3b4c&chksm=e9146c75de63e563f72002cb53362e5fa9e384504cdfcc9ec47eacd59f6a3696caccfa63665a&scene=58&subscene=0#rd" + }, + "补天平台": { + "欢迎「金山云」入驻补天专属SRC!": "https://mp.weixin.qq.com/s?__biz=MzI2NzY5MDI3NQ==&mid=2247507273&idx=1&sn=19b1a506b7082cf3e664e77cdd6e1e2e&chksm=eaf99505dd8e1c135ce0c1a1e5f8fd384644130faee4eae62a6916b89c631d8954aaab977e87&scene=58&subscene=0#rd" + }, + "极客公园": { + "每年 CES 都在产生共识,今年的共识是「端侧 AI」": "https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653071933&idx=1&sn=d7693f2c1d7c3eb862f6ff0bb8526f41&chksm=7e57d78b49205e9da2a691dd98bdc22a24d333c801f0a90a5898a83a6b3d048af13a7b31efbe&scene=58&subscene=0#rd", + "外国车企的「智能树」,原来是这么「点歪」的": "https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653071901&idx=1&sn=5864aeebb9264f2381a2342858667d85&chksm=7e57d7ab49205ebda200c07e6ee6ae1b853dcdb8a9c077758a7e777598d73c7045e16320a1c3&scene=58&subscene=0#rd", + "英伟达员工 78% 成为百万富翁;三星推出可穿戴设备固态电池原型;苹果在英国面临 18.3 亿美元罚款 | 极客早知道": "https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653071869&idx=1&sn=6c39746dfc45cb66b03b8e02c4549351&chksm=7e57d44b49205d5deea6c8f731ebecc14742ed3ff7879b77c91745b654df34b03012ee061c86&scene=58&subscene=0#rd" + }, + "字节跳动技术团队": { + "豆包MarsCode新年宠粉|参与老带新,赢索尼PS5、HHKB键盘、京东卡等惊喜好礼": "https://mp.weixin.qq.com/s?__biz=MzI1MzYzMjE0MQ==&mid=2247512805&idx=1&sn=83842ceb2d52096df8947db282dcdc4c&chksm=e9d37907dea4f011803f1ed11270cfa75f7b5614ef994bc46b4d4f34d809b4a87f8e830f56c2&scene=58&subscene=0#rd" + }, + "威胁猎人Threat Hunter": { + "【黑产大数据】2024年数据泄露风险态势报告": "https://mp.weixin.qq.com/s?__biz=MzI3NDY3NDUxNg==&mid=2247498732&idx=1&sn=4ba0213d21420c4b3a5fdde9907f5853&chksm=eb12ddd7dc6554c159f48548263a9a233949da1046c171f8b9bb2618db59d043d9bacf4bd21d&scene=58&subscene=0#rd" + }, + "CNVD漏洞平台": { + "CNVD漏洞周报2025年第2期": "https://mp.weixin.qq.com/s?__biz=MzU3ODM2NTg2Mg==&mid=2247495678&idx=1&sn=7e9c30d0d4f9240a45a5e9618ff48fdb&chksm=fd74df37ca03562164a2b3c76c24dc512ef7ad74eb26251804eb0b78b40a3220adf127ca577f&scene=58&subscene=0#rd", + "上周关注度较高的产品安全漏洞(20250106-20250112)": "https://mp.weixin.qq.com/s?__biz=MzU3ODM2NTg2Mg==&mid=2247495678&idx=2&sn=27fbe9305e2b484bc5effac02d04f64a&chksm=fd74df37ca0356219bbde36812ef8acecf2a9c42679ccda3598d1c426be88c2934c747fbbb77&scene=58&subscene=0#rd" + }, + "阿里安全响应中心": { + "第七届入侵检测挑战赛报名开启!": "https://mp.weixin.qq.com/s?__biz=MzIxMjEwNTc4NA==&mid=2652997294&idx=1&sn=ec666eebc045f5a7137e852bd81614c9&chksm=8c9e09f9bbe980efd176856df4a8a886d129663f65f3bd92dfbefa211145e734dd0e7fb7aaeb&scene=58&subscene=0#rd" + }, + "360数字安全": { + "2024,我们这一年|“AI”启新章 安全踏新程!": "https://mp.weixin.qq.com/s?__biz=MzA4MTg0MDQ4Nw==&mid=2247578968&idx=1&sn=2179071a8126d2033abf57b40c957aff&chksm=9f8d2550a8faac464879455a2b8d765d89bd3a0d869d68221fb1610e7288441f554d5df8f067&scene=58&subscene=0#rd", + "喜报!360入围中央国家机关及多地省政府采购名单!": "https://mp.weixin.qq.com/s?__biz=MzA4MTg0MDQ4Nw==&mid=2247578968&idx=2&sn=122c7d0f43281f375fa24d61e5c03b76&chksm=9f8d2550a8faac462bc8b72d219989082a053da57d4152426bebd0063636c435c8f470cadc01&scene=58&subscene=0#rd" + }, + "Over Security - Cybersecurity news aggregator": { + "OneBlood confirms personal data stolen in July ransomware attack": "https://www.bleepingcomputer.com/news/security/oneblood-confirms-personal-data-stolen-in-july-ransomware-attack/", + "Stealer Logs, Jan 2025 - 71,039,833 breached accounts": "https://haveibeenpwned.com/PwnedWebsites#StealerLogsJan2025", + "Major location data broker reports hack to Norwegian authorities": "https://therecord.media/location-data-broker-gravy-breach", + "CISA orders agencies to patch BeyondTrust bug exploited in attacks": "https://www.bleepingcomputer.com/news/security/cisa-orders-agencies-to-patch-beyondtrust-bug-exploited-in-attacks/", + "Hackers with likely Kremlin ties target Kazakhstan in espionage campaign": "https://therecord.media/hackers-kremlin-kazakhstan-espionage-campaign", + "Stolen Path of Exile 2 admin account used to hack player accounts": "https://www.bleepingcomputer.com/news/security/stolen-path-of-exile-2-admin-account-used-to-hack-player-accounts/", + "Turks and Caicos recovering from pre-Christmas ransomware attack": "https://therecord.media/turks-and-caicos-recovering-from-ransomware-attack", + "Poland uncovers Russia-linked disinformation campaign targeting upcoming presidential election": "https://therecord.media/poland-uncovers-russia-linked-disinformation-campaign-presidential-election", + "‘Codefinger’ hackers encrypting Amazon cloud storage buckets": "https://therecord.media/hackers-encrypting-amazon-cloud-buckets", + "Microsoft: macOS bug lets hackers install malicious kernel drivers": "https://www.bleepingcomputer.com/news/security/microsoft-macos-bug-lets-hackers-install-malicious-kernel-drivers/", + "Hackers exploit critical Aviatrix Controller RCE flaw in attacks": "https://www.bleepingcomputer.com/news/security/hackers-exploit-critical-aviatrix-controller-rce-flaw-in-attacks/", + "Texas sues Allstate, alleging it violated data privacy rights of 45 million Americans": "https://therecord.media/texas-sues-allstate-data-privacy-cars", + "UK domain registry Nominet confirms breach via Ivanti zero-day": "https://www.bleepingcomputer.com/news/security/uk-domain-registry-nominet-confirms-breach-via-ivanti-zero-day-vulnerability/", + "BforeAI Series B Announcement Brief": "https://bfore.ai/bforeai-secures-series-b-funding-to-preempt-malicious-attacks-through-precrime-ai/", + "Ransomware abuses Amazon AWS feature to encrypt S3 buckets": "https://www.bleepingcomputer.com/news/security/ransomware-abuses-amazon-aws-feature-to-encrypt-s3-buckets/", + "Rep. Don Bacon on cyber deterrence: ‘Speak softly and carry a big ass stick’": "https://therecord.media/rep-don-bacon-interview-cyber-deterrence-china-nsa", + "Inside the Active Threats of Ivanti’s Exploited Vulnerabilities": "https://cyble.com/blog/ivanti-exploited-vulnerabilites/", + "Chrome Web Store is a mess": "https://palant.info/2025/01/13/chrome-web-store-is-a-mess/", + "Banshee macOS sfrutta XProtect di Apple per eludere i controlli di sicurezza": "https://www.securityinfo.it/2025/01/13/banshee-macos-sfrutta-xprotect-di-apple-per-eludere-i-controlli-di-sicurezza/", + "BIScience: Collecting browsing history under false pretenses": "https://palant.info/2025/01/13/biscience-collecting-browsing-history-under-false-pretenses/", + "Cyberattack forces Dutch university to cancel lectures": "https://therecord.media/tu-eindhoven-cyberattack-lectures-canceled", + "CyberSecurity Malaysia Flags Major Threats in Chrome and WordPress – Are You Safe?": "https://cyble.com/blog/cybersecurity-malaysia-flags-major-threats-in-chrome-and-wordpress-are-you-safe/", + "Microsoft MFA outage blocking access to Microsoft 365 apps": "https://www.bleepingcomputer.com/news/microsoft/microsoft-mfa-outage-blocking-access-to-microsoft-365-apps/", + "Double-Tap Campaign : Russia-nexus APT possibly related to APT28 conducts cyber espionage on Central Asia and Kazakhstan diplomatic relations": "https://blog.sekoia.io/double-tap-campaign-russia-nexus-apt-possibly-related-to-apt28-conducts-cyber-espionage-on-central-asia-and-kazakhstan-diplomatic-relations/", + "Analisi di una campagna Lumma Stealer con falso CAPTCHA condotta attraverso domino italiano compromesso": "https://cert-agid.gov.it/news/analisi-di-una-campagna-lumma-stealer-con-falso-captcha-condotta-attraverso-domino-italiano-compromesso/", + "Threat Intelligence - Vulnerability insights": "https://www.certego.net/blog/whitepaper-dicembre-2024-threat-intelligence-insights/", + "CERT-AGID 4 – 10 gennaio: Vidar protagonista con una campagna malspam": "https://www.securityinfo.it/2025/01/13/cert-agid-4-10-gennaio-vidar-protagonista-con-una-campagna-malspam/", + "Scholastic - 4,247,768 breached accounts": "https://haveibeenpwned.com/PwnedWebsites#Scholastic" + }, + "山石网科安全技术研究院": { + "2024年度智能网联汽车重点安全漏洞盘点": "https://mp.weixin.qq.com/s?__biz=MzUzMDUxNTE1Mw==&mid=2247509761&idx=1&sn=a2cbe8ad893d3ab348e298ee016644dc&chksm=fa5272bfcd25fba90c69028243dcc3561afae389ab16a31faf15d757d37a79fd51eea2856d83&scene=58&subscene=0#rd" + }, + "Have I Been Pwned latest breaches": { + "Stealer Logs, Jan 2025 - 71,039,833 breached accounts": "https://haveibeenpwned.com/PwnedWebsites#StealerLogsJan2025", + "Scholastic - 4,247,768 breached accounts": "https://haveibeenpwned.com/PwnedWebsites#Scholastic" + }, + "Krypt3ia": { + "The Evolution of Cybercrime Cartels: From Lone Wolves to Sophisticated Syndicates": "https://krypt3ia.wordpress.com/2025/01/13/the-evolution-of-cybercrime-cartels-from-lone-wolves-to-sophisticated-syndicates/", + "Top 5 Non-State Actor Groups Targeting Critical Infrastructure": "https://krypt3ia.wordpress.com/2025/01/13/top-5-non-state-actor-groups-targeting-critical-infrastructure/" + }, + "ICT Security Magazine": { + "Cyber Resilience Act: Un Nuovo Strumento per la Sicurezza Digitale nell’UE": "https://www.ictsecuritymagazine.com/articoli/cyber-resilience-act-sicurezza-digitale/" + }, + "0x727开源安全团队": { + "论安全运营的本质(第十章)": "https://mp.weixin.qq.com/s?__biz=MzkwNTI3MjIyOQ==&mid=2247484113&idx=1&sn=7f019dca19eb8721e20b86ecde235940&chksm=c0fb0c1bf78c850dafefd9f5fdac7388b99e83af92a1362a090064fdd8b2a8e1fb1a796bb01a&scene=58&subscene=0#rd" + }, + "安全村SecUN": { + "【极思】安全运营第6年实践总结": "https://mp.weixin.qq.com/s?__biz=MzkyODM5NzQwNQ==&mid=2247496429&idx=1&sn=379e57e4ac389d0afadd44e65168dfcd&chksm=c21bd3dff56c5ac935b25b0568822053fb5bed39a4db28a35ffa2ea0c7ede3755f7071dd353f&scene=58&subscene=0#rd" + }, + "迪哥讲事": { + "抛开day不谈,为什么同样一个站你挖不到洞,别人却能咔咔上分?": "https://mp.weixin.qq.com/s?__biz=MzIzMTIzNTM0MA==&mid=2247496846&idx=1&sn=446f62009a5b4a78356459656e925b2a&chksm=e8a5feeddfd277fbb42bbd793665bc8de01733bf220a34f8ece1e83142823685a046f1dd4699&scene=58&subscene=0#rd" + }, + "Troy Hunt's Blog": { + "Experimenting with Stealer Logs in Have I Been Pwned": "https://www.troyhunt.com/experimenting-with-stealer-logs-in-have-i-been-pwned/" + }, + "SANS Internet Storm Center, InfoCON: green": { + "ISC Stormcast For Tuesday, January 14th, 2025 https://isc.sans.edu/podcastdetail/9278, (Mon, Jan 13th)": "https://isc.sans.edu/diary/rss/31588", + "Hikvision Password Reset Brute Forcing, (Mon, Jan 13th)": "https://isc.sans.edu/diary/rss/31586", + "ISC Stormcast For Monday, January 13th, 2025 https://isc.sans.edu/podcastdetail/9276, (Mon, Jan 13th)": "https://isc.sans.edu/diary/rss/31584" + }, + "Posts By SpecterOps Team Members - Medium": { + "Part 16: Tool Description": "https://posts.specterops.io/part-16-tool-description-e09506ebc2c7?source=rss----f05f8696e3cc---4" + }, + "Securityinfo.it": { + "Banshee macOS sfrutta XProtect di Apple per eludere i controlli di sicurezza": "https://www.securityinfo.it/2025/01/13/banshee-macos-sfrutta-xprotect-di-apple-per-eludere-i-controlli-di-sicurezza/?utm_source=rss&utm_medium=rss&utm_campaign=banshee-macos-sfrutta-xprotect-di-apple-per-eludere-i-controlli-di-sicurezza", + "CERT-AGID 4 – 10 gennaio: Vidar protagonista con una campagna malspam": "https://www.securityinfo.it/2025/01/13/cert-agid-4-10-gennaio-vidar-protagonista-con-una-campagna-malspam/?utm_source=rss&utm_medium=rss&utm_campaign=cert-agid-4-10-gennaio-vidar-protagonista-con-una-campagna-malspam" + }, + "Schneier on Security": { + "Microsoft Takes Legal Action Against AI “Hacking as a Service” Scheme": "https://www.schneier.com/blog/archives/2025/01/microsoft-takes-legal-action-against-ai-hacking-as-a-service-scheme.html" + }, + "Graham Cluley": { + "Pastor’s “dream” crypto scheme alleged to be a multi-million dollar scam": "https://www.bitdefender.com/en-us/blog/hotforsecurity/pastors-dream-crypto-scheme-alleged-to-be-a-multi-million-dollar-scam" + }, + "The Hacker News": { + "Hackers Exploit Aviatrix Controller Vulnerability to Deploy Backdoors and Crypto Miners": "https://thehackernews.com/2025/01/hackers-exploit-aviatrix-controller.html", + "⚡ THN Weekly Recap: Top Cybersecurity Threats, Tools and Tips [13 January]": "https://thehackernews.com/2025/01/thn-weekly-recap-top-cybersecurity_01424177917.html", + "Ransomware on ESXi: The Mechanization of Virtualized Attacks": "https://thehackernews.com/2025/01/ransomware-on-esxi-mechanization-of.html", + "WordPress Skimmers Evade Detection by Injecting Themselves into Database Tables": "https://thehackernews.com/2025/01/wordpress-skimmers-evade-detection-by.html", + "Expired Domains Allowed Control Over 4,000 Backdoors on Compromised Systems": "https://thehackernews.com/2025/01/expired-domains-allowed-control-over.html" + }, + "Instapaper: Unread": { + "Candy Crush, Tinder, MyFitnessPal See the Thousands of Apps Hijacked to Spy on Your Location": "https://www.wired.com/story/gravy-location-data-app-leak-rtb/", + "Robot Vacuums Hacked To Spy On Their Owners": "https://cybersecuritynews.com/robot-vacuums-hacked/", + "L'iPad Pro che si autodistrugge in caso di morte dell'utente": "https://www.wired.it/article/ipad-pro-morte-in-case-of-death/", + "Attacchi hacker filorussi all’Italia. Il cyber-caos come arma ibrida di Mosca": "https://formiche.net/2025/01/italia-filorussi-hacker/" + }, + "Computer Forensics": { + "Using an MD5 hash to validate evidence": "https://www.reddit.com/r/computerforensics/comments/1i0ofl7/using_an_md5_hash_to_validate_evidence/", + "Tools I should learn?": "https://www.reddit.com/r/computerforensics/comments/1i0d8h6/tools_i_should_learn/" + }, + "Technical Information Security Content & Discussion": { + "Fireblocks Black Box Security Review": "https://www.reddit.com/r/netsec/comments/1i0gmdv/fireblocks_black_box_security_review/" + }, + "TorrentFreak": { + "ISP Huffs and Puffs Then Apologizes to 3 Little Piggies Over Pirate Downloads": "https://torrentfreak.com/isp-huffs-and-puffs-then-apologizes-to-3-little-piggies-over-pirate-downloads-250113/", + "MissAV: One of the World’s Largest ‘Pirate’ Sites Targeted in Takedown Effort": "https://torrentfreak.com/missav-one-of-the-worlds-largest-pirate-sites-targeted-in-takedown-effort-250113/" + }, + "Your Open Hacker Community": { + "Feeling im so behind in cybersecurity": "https://www.reddit.com/r/HowToHack/comments/1i0oa70/feeling_im_so_behind_in_cybersecurity/", + "Insta problem": "https://www.reddit.com/r/HowToHack/comments/1i0qyt4/insta_problem/", + "How to connect": "https://www.reddit.com/r/HowToHack/comments/1i0oz3r/how_to_connect/", + "What should i learn first when it comes to hacking?": "https://www.reddit.com/r/HowToHack/comments/1i0a33k/what_should_i_learn_first_when_it_comes_to_hacking/", + "How do I recognize a o.mg cable?": "https://www.reddit.com/r/HowToHack/comments/1i0mty3/how_do_i_recognize_a_omg_cable/", + "Email info": "https://www.reddit.com/r/HowToHack/comments/1i0iuzt/email_info/", + "How to make a \" creek\" with a pump and a retention pond?": "https://www.reddit.com/r/HowToHack/comments/1i0msvj/how_to_make_a_creek_with_a_pump_and_a_retention/", + "How?": "https://www.reddit.com/r/HowToHack/comments/1i0auj4/how/", + "Can someone help with my friend's account?": "https://www.reddit.com/r/HowToHack/comments/1i0fafc/can_someone_help_with_my_friends_account/", + "How to start your own website": "https://www.reddit.com/r/HowToHack/comments/1i0583q/how_to_start_your_own_website/", + "I need to know if there’s anyway I can bypass a game suspension?": "https://www.reddit.com/r/HowToHack/comments/1i09z4w/i_need_to_know_if_theres_anyway_i_can_bypass_a/", + "Is it possible to find the server IP of a game while playing it on PC?": "https://www.reddit.com/r/HowToHack/comments/1i070ch/is_it_possible_to_find_the_server_ip_of_a_game/" + }, + "netsecstudents: Subreddit for students studying Network Security and its related subjects": { + "[Micro Challenge] Break YieldCat's Markdown Validation Checks - Active Until Jan 20": "https://www.reddit.com/r/netsecstudents/comments/1i0ag5t/micro_challenge_break_yieldcats_markdown/", + "I created a website to apply my knowledge of AI and Natural Language Processing into something useful": "https://www.reddit.com/r/netsecstudents/comments/1i05t70/i_created_a_website_to_apply_my_knowledge_of_ai/" + }, + "The Register - Security": { + "Cryptojacking, backdoors abound as fiends abuse Aviatrix Controller bug": "https://go.theregister.com/feed/www.theregister.com/2025/01/13/severe_aviatrix_controller_vulnerability/", + "Microsoft sues 'foreign-based' cyber-crooks, seizes sites used to abuse AI": "https://go.theregister.com/feed/www.theregister.com/2025/01/13/microsoft_sues_foreignbased_crims_seizes/", + "Azure, Microsoft 365 MFA outage locks out users across regions": "https://go.theregister.com/feed/www.theregister.com/2025/01/13/azure_m365_outage/", + "NATO's newest member comes out swinging following latest Baltic Sea cable attack": "https://go.theregister.com/feed/www.theregister.com/2025/01/13/sweden_baltic_cable_attack/", + "Ransomware crew abuses AWS native encryption, sets data-destruct timer for 7 days": "https://go.theregister.com/feed/www.theregister.com/2025/01/13/ransomware_crew_abuses_compromised_aws/", + "Nominet probes network intrusion linked to Ivanti zero-day exploit": "https://go.theregister.com/feed/www.theregister.com/2025/01/13/nominet_ivanti_zero_day/", + "Europe coughs up €400 to punter after breaking its own GDPR data protection rules": "https://go.theregister.com/feed/www.theregister.com/2025/01/13/data_broker_hacked/" + }, + "Security Affairs": { + "U.S. CISA adds BeyondTrust PRA and RS and Qlik Sense flaws to its Known Exploited Vulnerabilities catalog": "https://securityaffairs.com/173031/security/u-s-cisa-adds-beyondtrust-pra-and-rs-and-qlik-sense-flaws-to-its-known-exploited-vulnerabilities-catalog.html", + "Inexperienced actors developed the FunkSec ransomware using AI tools": "https://securityaffairs.com/173018/cyber-crime/funksec-ransomware-was-developed-using-ai-tools.html", + "Credit Card Skimmer campaign targets WordPress via database injection": "https://securityaffairs.com/173010/malware/stealthy-credit-card-skimmer-targets-wordpress.html", + "Microsoft took legal action against crooks who developed a tool to abuse its AI-based services": "https://securityaffairs.com/173000/cyber-crime/microsoft-took-legal-action-against-crooks-developed-a-tool-to-abuse-its-ai.html" + }, + "Deeplinks": { + "Five Things to Know about the Supreme Court Case on Texas’ Age Verification Law, Free Speech Coalition v Paxton": "https://www.eff.org/deeplinks/2025/01/five-things-know-about-supreme-court-case-texas-age-verification-law-free-speech" + }, + "Blackhat Library: Hacking techniques and research": { + "I created a Cybersecurity Hub - All cyber tools and resources!": "https://www.reddit.com/r/blackhat/comments/1i09dxz/i_created_a_cybersecurity_hub_all_cyber_tools_and/" + }, + "Hacking Exposed Computer Forensics Blog": { + "Daily Blog #716: Sunday Funday 1/12/25": "https://www.hecfblog.com/2025/01/daily-blog-716-sunday-funday-11225.html" + }, + "Security Weekly Podcast Network (Audio)": { + "How threat-informed defense benefits each security team member - Frank Duff, Nathan Sportsman - ESW #389": "http://sites.libsyn.com/18678/how-threat-informed-defense-benefits-each-security-team-member-frank-duff-nathan-sportsman-esw-389" + } +} \ No newline at end of file diff --git a/today.md b/today.md index 0762b34589..abaf133c89 100644 --- a/today.md +++ b/today.md @@ -1,299 +1,490 @@ -# 每日安全资讯(2025-01-13) +# 每日安全资讯(2025-01-14) - SecWiki News - - [ ] [SecWiki News 2025-01-12 Review](http://www.sec-wiki.com/?2025-01-12) -- Private Feed for M09Ic - - [ ] [safedv starred m4b/goblin](https://github.com/m4b/goblin) - - [ ] [skelsec released v1.2 at octopwn/octopwn-wasm-documentation](https://github.com/octopwn/octopwn-wasm-documentation/releases/tag/v1.2) - - [ ] [liamg starred Cyan4973/xxHash](https://github.com/Cyan4973/xxHash) - - [ ] [liamg starred ogxd/gxhash](https://github.com/ogxd/gxhash) - - [ ] [liamg starred hybridgroup/go-haystack](https://github.com/hybridgroup/go-haystack) - - [ ] [safedv starred klezVirus/SilentMoonwalk](https://github.com/klezVirus/SilentMoonwalk) - - [ ] [safedv starred Yaxxine7/ASRepCatcher](https://github.com/Yaxxine7/ASRepCatcher) - - [ ] [safedv starred LuemmelSec/APEX](https://github.com/LuemmelSec/APEX) - - [ ] [safedv starred Teach2Breach/snapinject_rs](https://github.com/Teach2Breach/snapinject_rs) - - [ ] [safedv starred djackreuter/btexec](https://github.com/djackreuter/btexec) - - [ ] [safedv starred BlackSnufkin/Rusty-Playground](https://github.com/BlackSnufkin/Rusty-Playground) - - [ ] [panjf2000 starred mudler/LocalAI](https://github.com/mudler/LocalAI) + - [ ] [SecWiki News 2025-01-13 Review](http://www.sec-wiki.com/?2025-01-13) - Security Boulevard - - [ ] [The Vanity Press in Academia](https://securityboulevard.com/2025/01/the-vanity-press-in-academia/) - - [ ] [DEF CON 32 – Open Source Hacker V. Government Lawyer](https://securityboulevard.com/2025/01/def-con-32-open-source-hacker-v-government-lawyer/) - - [ ] [PCI DSS Requirements With v4.0.1 Updates For 2024](https://securityboulevard.com/2025/01/pci-dss-requirements-with-v4-0-1-updates-for-2024/) - - [ ] [What is PCI DSS 4.0: Is This Still Applicable For 2024?](https://securityboulevard.com/2025/01/what-is-pci-dss-4-0-is-this-still-applicable-for-2024/) + - [ ] [Why Scalability Matters in Non-Human Identity and Access Management](https://securityboulevard.com/2025/01/why-scalability-matters-in-non-human-identity-and-access-management/) + - [ ] [HHS Proposes Major Overhaul of HIPAA Security Rule in the Wake of Change Healthcare Breach](https://securityboulevard.com/2025/01/hhs-proposes-major-overhaul-of-hipaa-security-rule-in-the-wake-of-change-healthcare-breach/) + - [ ] [FunkSec: A New Ransomware Group Buoyed by AI](https://securityboulevard.com/2025/01/funksec-a-new-ransomware-group-buoyed-by-ai/) + - [ ] [Inside a 90-Minute Attack: Breaking Ground with All-New AI Defeating Black Basta Tactics](https://securityboulevard.com/2025/01/inside-a-90-minute-attack-breaking-ground-with-all-new-ai-defeating-black-basta-tactics/) + - [ ] [How Ephemeral on-demand data can improve DORA DevOps scores](https://securityboulevard.com/2025/01/how-ephemeral-on-demand-data-can-improve-dora-devops-scores/) + - [ ] [Ephemeral data environments in Azure, leveraging the cloud](https://securityboulevard.com/2025/01/ephemeral-data-environments-in-azure-leveraging-the-cloud/) + - [ ] [How to create de-identified embeddings with Tonic Textual & Pinecone](https://securityboulevard.com/2025/01/how-to-create-de-identified-embeddings-with-tonic-textual-pinecone/) + - [ ] [De-identifying Salesforce data for testing and development. Tonic Structural now connects to Salesforce](https://securityboulevard.com/2025/01/de-identifying-salesforce-data-for-testing-and-development-tonic-structural-now-connects-to-salesforce/) + - [ ] [Open Bullet 2: The Preferred Credential Stuffing Tool for Bots](https://securityboulevard.com/2025/01/open-bullet-2-the-preferred-credential-stuffing-tool-for-bots/) + - [ ] [Network Configuration and Change Management Best Practices](https://securityboulevard.com/2025/01/network-configuration-and-change-management-best-practices/) +- 安全客-有思想的安全新媒体 + - [ ] [致敬警察节|警企携手,筑牢安全防护网!](https://www.anquanke.com/post/id/303459) + - [ ] [Fancy Product Designer 插件中未修补的漏洞使 20,000 多个网站面临风险](https://www.anquanke.com/post/id/303456) + - [ ] [Google Project Zero 研究人员发现针对三星设备的零点击漏洞](https://www.anquanke.com/post/id/303453) + - [ ] [西班牙电信公司确认数据泄露后内部票务系统遭到破坏](https://www.anquanke.com/post/id/303450) + - [ ] [GitHub 上的假冒 LDAPNightmware 利用程序传播信息窃取型恶意软件](https://www.anquanke.com/post/id/303447) + - [ ] [研究人员如何通过黑客攻击 Facebook 服务器赚取 10 万美元](https://www.anquanke.com/post/id/303444) + - [ ] [网络钓鱼短信诱骗Apple iMessage用户禁用保护](https://www.anquanke.com/post/id/303439) + - [ ] [印度加密货币交易所 Mudrex 解释提款暂停原因](https://www.anquanke.com/post/id/303436) + - [ ] [2024年的网络钓鱼:应对持续威胁和人工智能的双刃剑](https://www.anquanke.com/post/id/303433) + - [ ] [CVE-2025-22777 (CVSS 9.8): 针对拥有 100,000 个活跃安装的 GiveWP 插件的严重安全警报](https://www.anquanke.com/post/id/303430) - Doonsec's feed - - [ ] [老牌免杀工具veil免杀](https://mp.weixin.qq.com/s?__biz=MzU4MjYxNTYwNA==&mid=2247487586&idx=1&sn=580b6b99b07e7b2d60df7ccedd172155) - - [ ] [最新公告!可拨打12336举报泄密或保密违法违规行为](https://mp.weixin.qq.com/s?__biz=MzI3NzM5NDA0NA==&mid=2247490237&idx=1&sn=4b60620bdc57dda141d8ec196e6aae9d) - - [ ] [第二届獬豸杯 期望时间统计](https://mp.weixin.qq.com/s?__biz=MzkzNTQzNTQzMQ==&mid=2247485316&idx=1&sn=a79943db1ccb943a5f352bfb659fb23b) - - [ ] [盲猜2024年出生人口,900-930万之间](https://mp.weixin.qq.com/s?__biz=MzkwMzI1ODUwNA==&mid=2247487808&idx=1&sn=b9284860c9b323bee6e1f20a50cd932c) - - [ ] [在 Kali 上利用 Zmap 搭建攻击炮台](https://mp.weixin.qq.com/s?__biz=Mzg3OTUxNTU2NQ==&mid=2247489972&idx=1&sn=bc2d1d4fe2b6fd60fcb4dc23c290f745) - - [ ] [再说 API 安全:52个可被利用的弱点分析](https://mp.weixin.qq.com/s?__biz=Mzg3OTUxNTU2NQ==&mid=2247489972&idx=2&sn=b0255b231297a0608167a5b2afa46867) - - [ ] [探秘缅甸诈骗产业链,美国为何能成为 “例外”?惊人真相曝光!](https://mp.weixin.qq.com/s?__biz=Mzg3OTUxNTU2NQ==&mid=2247489972&idx=3&sn=a1b8e66e4a1273000914f77111051201) - - [ ] [开源情报|军事动态|美国军事医疗AI试点的战略意图分析](https://mp.weixin.qq.com/s?__biz=Mzg2NTcyNjU4Nw==&mid=2247485849&idx=1&sn=04dd254dfb2728a2b9aac91874acd731) - - [ ] [【工具更新】Nessus 最新windows/ubuntu版Cracked(附下载)](https://mp.weixin.qq.com/s?__biz=Mzk0NjQ5MTM1MA==&mid=2247492783&idx=1&sn=f3eb1a652c0c48844181dbe7ef02e859) - - [ ] [HTB-EscapeTwo](https://mp.weixin.qq.com/s?__biz=Mzk0MTQxOTA3Ng==&mid=2247489297&idx=1&sn=b0ffebdfd3a6487f693f72266dfdea81) - - [ ] [奇安信十年战略演变,2025将会去向何方?](https://mp.weixin.qq.com/s?__biz=MzAxOTk3NTg5OQ==&mid=2247492157&idx=1&sn=6ca188023575d8e0b7fe73143bb8b4f6) - - [ ] [沈逸:构建系统性国家战略和完备法律应对网络安全威胁](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485399&idx=1&sn=ed19d839bcd07df958388f69d835d849) - - [ ] [【直卖实拍】北七家3居变4居豪装,理想楼层、户型、朝向](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485399&idx=2&sn=7839308f2bbfb1c87f3f67da9514b04c) - - [ ] [【干货】笑傲职场的独家经验(1)](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485399&idx=3&sn=003268c4507b82995cc22aa9b8be9caf) - - [ ] [【干货原创】实网攻防演习常态化,会带来什么变化01](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485399&idx=4&sn=4bf0aaa6b237c29ebbffca4d8efe20f5) - - [ ] [【干货原创】K12教育,鲜为人知的模式秘密](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485399&idx=5&sn=612460e36200e9070bff5286c1e7641f) - - [ ] [【云安全】AccessKey泄露-安全问题分析](https://mp.weixin.qq.com/s?__biz=MzUyNTUyNTA5OQ==&mid=2247484392&idx=1&sn=c8e8b6f7c95e894a44040d9c69cdd7e6) - - [ ] [【不要看】修复 CS 4.8、4.9 截图保存为空 bug](https://mp.weixin.qq.com/s?__biz=Mzg5MDg0NzUzMw==&mid=2247484343&idx=1&sn=c4f25f132bcc360975cfabf5a10a7d00) - - [ ] [SSRF 漏洞自动化 寻找](https://mp.weixin.qq.com/s?__biz=MzIzMTIzNTM0MA==&mid=2247496832&idx=1&sn=5c72712e20772f2279b09ca9a748afc2) - - [ ] [JeecgBoot passwordChange 任意用户密码重置漏洞](https://mp.weixin.qq.com/s?__biz=MzkzMTcwMTg1Mg==&mid=2247490122&idx=1&sn=53609c160a2964063bb4bc1b113c77b8) - - [ ] [攻防3.0 - 信任攻击](https://mp.weixin.qq.com/s?__biz=MzU0NTI4MDQwMQ==&mid=2247484194&idx=1&sn=cb404b0fcfa2490d458d482fa704e98a) - - [ ] [我的评价是雀氏不错!](https://mp.weixin.qq.com/s?__biz=Mzk0ODM0NDIxNQ==&mid=2247493263&idx=1&sn=ac3d3e4ada3080ab6307d47ef976124e) - - [ ] [又是谁统计📉](https://mp.weixin.qq.com/s?__biz=MzAwMjQ2NTQ4Mg==&mid=2247496568&idx=1&sn=d1c783dfd0596633a2f0987a713d6544) - - [ ] [国护成功溯源的攻击事件](https://mp.weixin.qq.com/s?__biz=MzAwMjQ2NTQ4Mg==&mid=2247496568&idx=2&sn=15d3082cae89edff90bef47052b40e3d) - - [ ] [Sekiro+Yakit 热加载无痛绕sign](https://mp.weixin.qq.com/s?__biz=Mzg4Mzg2MjgxNg==&mid=2247485601&idx=1&sn=d35f997e047ae7ff451a8b0cbdd0fd32) - - [ ] [分享的图片、视频、链接](https://mp.weixin.qq.com/s?__biz=MzkyNTQyMzk0MA==&mid=2247484677&idx=1&sn=d516ac44f6cb69e2fe1d0d790ca55e0a) - - [ ] [2025版最新vmware虚拟机下载安装及使用教程(非常详细)零基础入门到精通,收藏这篇就够了](https://mp.weixin.qq.com/s?__biz=Mzk1NzMwNTM5NQ==&mid=2247483778&idx=1&sn=8f994e5be5db7a988192f9eb5e65d5f3) - - [ ] [我的评价是全是干货](https://mp.weixin.qq.com/s?__biz=Mzg2ODYxMzY3OQ==&mid=2247518178&idx=1&sn=1784f7c0cf09898d76e4898883ec6570) - - [ ] [“WorstFit”学习](https://mp.weixin.qq.com/s?__biz=MzkyODUzMjEzOA==&mid=2247483844&idx=1&sn=4ee90bc1b7dc42b880998bfaadb02af4) - - [ ] [【安全工具】一款免费的APP IOS抓包工具 支持Flutter应用抓包|漏洞探测](https://mp.weixin.qq.com/s?__biz=MzA5MzYzMzkzNg==&mid=2650962428&idx=1&sn=b6d1444de2a91eaf1aa348721b0ce44f) - - [ ] [@所有人,手机、电视可设置地震预警](https://mp.weixin.qq.com/s?__biz=MzA5MzYzMzkzNg==&mid=2650962428&idx=2&sn=385568e41c3f6747ea879e9d5d2fee80) - - [ ] [2025年1月哪一款手机性价比高?全品牌、全价位手机推荐与选购指南(万字版)](https://mp.weixin.qq.com/s?__biz=MzA5MzYzMzkzNg==&mid=2650962428&idx=3&sn=c2c40168926041d7f0ed19353de9df69) - - [ ] [【艺术鉴赏】抖音直播更新,睡眠更新小一熟了视频](https://mp.weixin.qq.com/s?__biz=MzA5MzYzMzkzNg==&mid=2650962428&idx=4&sn=f5d5c2e737809957a84698e2f020f2c6) - - [ ] [【漏洞复现】CVE-2024-50603](https://mp.weixin.qq.com/s?__biz=MzUxMTk4OTA1NQ==&mid=2247484899&idx=1&sn=ebdbb1fe5f94622276851862e5a4dbb5) - - [ ] [国家保密局公告!](https://mp.weixin.qq.com/s?__biz=MzI5NTM4OTQ5Mg==&mid=2247633750&idx=1&sn=218e67e73d6e8930e26ddb1c7bfca532) - - [ ] [扎实推动数据工作取得新突破新进展,全国数据工作会议在京召开](https://mp.weixin.qq.com/s?__biz=MzI5NTM4OTQ5Mg==&mid=2247633750&idx=2&sn=1c888a7557747fd2599fcb1e431e5747) - - [ ] [网络安全市场正面临“红海”困境](https://mp.weixin.qq.com/s?__biz=MzI5NTM4OTQ5Mg==&mid=2247633750&idx=3&sn=13095461ade11d1fd2e6c3a2b593979f) - - [ ] [2025 年美国军费的 3%(300 亿美元)用于网络安全](https://mp.weixin.qq.com/s?__biz=MzI5NTM4OTQ5Mg==&mid=2247633750&idx=4&sn=cc30ff23a8d536a16b5c79922cbe6dd4) - - [ ] [首次!欧盟官方因违反数据保护法规向用户赔偿3000元](https://mp.weixin.qq.com/s?__biz=MzI5NTM4OTQ5Mg==&mid=2247633750&idx=5&sn=ebc4a68c6f3c91b3d97e4e88828499a3) - - [ ] [【极思】安全运营第6年实践总结](https://mp.weixin.qq.com/s?__biz=MzI2NTMwNjYyMA==&mid=2247484980&idx=1&sn=f83670f089e041e2071a66c2436c1e2b) - - [ ] [Powershell使用指南](https://mp.weixin.qq.com/s?__biz=Mzk1Nzk0NDY3Nw==&mid=2247484058&idx=1&sn=278d5f6c0faf6206a391f655f08af6e1) - - [ ] [【网络安全实验室】渗透测试综合实战](https://mp.weixin.qq.com/s?__biz=Mzg5NTU2NjA1Mw==&mid=2247495993&idx=1&sn=d979b7c06d07e0afdff5f066d3ad97d3) - - [ ] [《黑客安全报告2024-2025》第 8 版请查阅](https://mp.weixin.qq.com/s?__biz=MzA3MTM0NTQzNA==&mid=2455780124&idx=1&sn=65a340bd360728d417c9379976fe1de2) - - [ ] [DC靶场系列--DC-3](https://mp.weixin.qq.com/s?__biz=Mzk1NzIzMzQ3OA==&mid=2247484222&idx=1&sn=34a784d7d46663dd4452ad71caa78152) - - [ ] [从车内入侵检测到攻击防护响应](https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247619327&idx=1&sn=ee4dbe6a3305f75cbd3566da337518b3) - - [ ] [GB T 汽车信息安全应急响应管理指南-市场监督总局、国标委 (征求意见稿)](https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247619327&idx=2&sn=9774d4bb12c8732e5292772f6445cce1) - - [ ] [GB T 41871-2022 信息安全技术u3000汽车数据处理安全要求](https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247619327&idx=3&sn=6b9e0fe22c31420d410f000fa3e46abc) - - [ ] [蓝凌OA WebService sysFormMainDataInsystemWebservice 任意文件读取漏洞](https://mp.weixin.qq.com/s?__biz=MzkzMTcwMTg1Mg==&mid=2247490110&idx=1&sn=f8eff8b0b09439af303df311d04a6b75) - - [ ] [Qt 开源 Serial Studio 支持串口、MQTT、BLE的嵌入式可视化工具](https://mp.weixin.qq.com/s?__biz=MjM5OTA4MzA0MA==&mid=2454936573&idx=1&sn=fd087acdd19e1ec79e0d44f75ecd1ee2) - - [ ] [学术前沿 | 国防科技大学李爱平教授团队:物联网威胁情报知识图谱综述](https://mp.weixin.qq.com/s?__biz=MzI0NjU2NDMwNQ==&mid=2247504588&idx=1&sn=2d8592df92f5803bf485752d5f217d87) - - [ ] [21124_ctfshow_misc_原谅3_来份色图xa0writeup](https://mp.weixin.qq.com/s?__biz=MzU2NzIzNzU4Mg==&mid=2247489475&idx=1&sn=759bb9966312d2339d39de30003fd7ce) - - [ ] [【安全圈】腾讯协助警方破获木马盗窃游戏账号案,涉案金额超 3000 万](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067304&idx=1&sn=e99889dcbf4e15a2ad7a2217e3f850a3) - - [ ] [【安全圈】勒索木马 Banshee 针对苹果 macOS 下手,冒充安全组件躲避检测](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067304&idx=2&sn=72944b1de7bb9205840492e28ba936b4) - - [ ] [【安全圈】卡西欧遭勒索软件攻击?8500人数据被窃取!](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067304&idx=3&sn=1f094579cd41cb8e1f1583f6eb592503) - - [ ] [知识星球xa0|xa0网安战略技术、网安产业分析等资源更新;历年网安报告、PPT合集下载](https://mp.weixin.qq.com/s?__biz=MzU5ODgzNTExOQ==&mid=2247634477&idx=1&sn=f16b5cd9732e725dd39a79d93e3e0c0f) - - [ ] [2025-悟已往之不谏](https://mp.weixin.qq.com/s?__biz=Mzg3NzIxMDYxMw==&mid=2247504320&idx=1&sn=b8e11abf5072713197e1a08b31c69af6) - - [ ] [红队-shell编程基础(六)](https://mp.weixin.qq.com/s?__biz=Mzk1Nzk2NjI3Ng==&mid=2247483783&idx=1&sn=740cf22cc7407823de45414e1b6ef1f5) - - [ ] [天空卫士10周年丨积厚致远,迈十而强](https://mp.weixin.qq.com/s?__biz=MzA5MjQyODY1Mw==&mid=2648516486&idx=1&sn=c0445ec208cb5f49a0321affaef6ccf9) - - [ ] [基于Davinci的HSM开发实践(13):安全启动细节补充](https://mp.weixin.qq.com/s?__biz=MzIzOTc2OTAxMg==&mid=2247548768&idx=1&sn=70a8095e6736bfc1cc2494205bb147bf) - - [ ] [新能源汽车之CAN总线知识](https://mp.weixin.qq.com/s?__biz=MzIzOTc2OTAxMg==&mid=2247548768&idx=2&sn=8041069d0b6f147683ef5036e7de0ab8) - - [ ] [扫码下载 | 电信行业关键信息基础设施安全保护安全管理总体要求](https://mp.weixin.qq.com/s?__biz=MjM5OTk4MDE2MA==&mid=2655263760&idx=1&sn=76ef227352966eeaacd31da36db50522) - - [ ] [流程控制语句](https://mp.weixin.qq.com/s?__biz=MzkzODQzNTU2NA==&mid=2247486287&idx=1&sn=805850077aa1f925c8fc7f5264c79fce) - - [ ] [ptcpdump,一个让黑客无处遁形的网络分析神器|突破传统tcpdump限制,精准定位容器环境下的恶意流量](https://mp.weixin.qq.com/s?__biz=MzI5MjY4MTMyMQ==&mid=2247489633&idx=1&sn=7b7974900e912926da197b141b8b03c8) - - [ ] [亿赛通-9处SQL注入](https://mp.weixin.qq.com/s?__biz=MzkyOTg3ODc5OA==&mid=2247484155&idx=1&sn=26084264025488750f67307d91e78787) - - [ ] [工信部:2024年我国网络和数据安全取得新突破](https://mp.weixin.qq.com/s?__biz=MzkwMTMyMDQ3Mw==&mid=2247597394&idx=1&sn=484fc5f368eeaa52c803449704426e63) - - [ ] [《网络数据安全管理条例》有哪些亮点?](https://mp.weixin.qq.com/s?__biz=MzkwMTMyMDQ3Mw==&mid=2247597394&idx=2&sn=a16caf62b43639fb28e4cf0d6382e6db) - - [ ] [网站域名遭非法盗用篡改,郑州两家公司被行政处罚](https://mp.weixin.qq.com/s?__biz=MzkwMTMyMDQ3Mw==&mid=2247597394&idx=3&sn=6a9956452b2a1f329ba8bd4b07f8ba28) - - [ ] [网络工程师成长之路:从零基础到技术大牛的进阶指南!](https://mp.weixin.qq.com/s?__biz=MzIyMzIwNzAxMQ==&mid=2649464462&idx=1&sn=8a4209e9983e719ed78815096cf9874f) - - [ ] [Kunlun-Mirror源代码审计工具](https://mp.weixin.qq.com/s?__biz=Mzk0Mjg4MTQxMw==&mid=2247485551&idx=1&sn=f80a57db32ca3494a91c9da832e56af3) - - [ ] [我只想要一个 CVE-2024-30085 Exploit 作为圣诞礼物](https://mp.weixin.qq.com/s?__biz=MzAxODM5ODQzNQ==&mid=2247486285&idx=1&sn=8188907190a4d5beb3fed38fd5275049) - - [ ] [无敌了,这5个SSH客户端也太好用了!](https://mp.weixin.qq.com/s?__biz=MzUyNTExOTY1Nw==&mid=2247527831&idx=1&sn=171ff0749c760a4ff3d785751f5b369c) - - [ ] [国家重点研发计划“分布式无证书网络身份系统的关键技术”2025第一季度项目研讨会议在北京举行](https://mp.weixin.qq.com/s?__biz=Mzk0MDMwNjU3Ng==&mid=2247484583&idx=1&sn=e8a5d1eb7a8bc73b0936d6ff109e7f26) - - [ ] [因违反数据安全、信用信息管理规定等,又一家银行被罚](https://mp.weixin.qq.com/s?__biz=MzIxMDIwODM2MA==&mid=2653931396&idx=1&sn=53a89c643400992dcf65cb058efedea8) - - [ ] [网安全牛马注意了!!!某提权工具被投毒植入后门](https://mp.weixin.qq.com/s?__biz=Mzg2NTk4MTE1MQ==&mid=2247486453&idx=1&sn=9b0269672a20c13f853f4df1deb3b50f) - - [ ] [【相关分享】记一次小程序逻辑漏洞](https://mp.weixin.qq.com/s?__biz=Mzk0OTUwNTU5Nw==&mid=2247488478&idx=1&sn=0e94195de32c6cc2af2df00db511b92a) - - [ ] [接到领导指示](https://mp.weixin.qq.com/s?__biz=MzkwNDg1NTU0Mg==&mid=2247484366&idx=1&sn=3d2fa1e9ef24575bac2f68d64da1bc68) - - [ ] [Bleem: 面向数据包序列的协议模糊测试 | 技术进展](https://mp.weixin.qq.com/s?__biz=MzU1NTEzODc3MQ==&mid=2247486874&idx=1&sn=311b59a1953758bc2f69485cbf107d4b) - - [ ] [孙凝晖院士:建设面向智能时代的国家数据基础设施](https://mp.weixin.qq.com/s?__biz=Mzg4MDU0NTQ4Mw==&mid=2247528560&idx=1&sn=916a81824870f383b56330f6df479448) - - [ ] [智库报告 | 人工智能领域的六大预测](https://mp.weixin.qq.com/s?__biz=Mzg4MDU0NTQ4Mw==&mid=2247528560&idx=2&sn=babe127daba4c7530d8fab4f1f929d81) - - [ ] [【工具分享】攻防利器 - ProxyCat 轻量级代理池轮换工具](https://mp.weixin.qq.com/s?__biz=Mzg4MTkwMTI5Mw==&mid=2247488604&idx=1&sn=fe8a84631ecdf0cdfdcbd71c55b2937f) - - [ ] [【供应链攻击】使用Proxy SwitchyOmega (V3)版本的了解一下](https://mp.weixin.qq.com/s?__biz=MzkzNDIzNDUxOQ==&mid=2247494189&idx=1&sn=ba54efd6acd2d1ffd162f44149cbd9dc) - - [ ] [如何在Ansible中轻松实现复杂SSH跳转?这个参数搞定](https://mp.weixin.qq.com/s?__biz=MjM5OTc5MjM4Nw==&mid=2457385987&idx=1&sn=1acdbabefa8f2844520839562450287c) - - [ ] [网络安全领域研究人员遭遇假PoC专项攻击](https://mp.weixin.qq.com/s?__biz=MzI0MTE4ODY3Nw==&mid=2247492518&idx=1&sn=d4196de8b812e3a2d29209b50328cec0) - - [ ] [请一等奖获奖选手私聊领取奖励](https://mp.weixin.qq.com/s?__biz=MzI5MzkwMzU1Nw==&mid=2247485224&idx=1&sn=dc0d2fc4dbe9c289ecf727c067e6349c) - - [ ] [通过代码研究空字节和无文件方式注册表隐藏技术](https://mp.weixin.qq.com/s?__biz=MjM5NDcxMDQzNA==&mid=2247489348&idx=1&sn=29c8552f1aaa9e42c2b836be06f5f795) - - [ ] [BurpSuite插件之autoDecoder](https://mp.weixin.qq.com/s?__biz=Mzk1NzIzOTc5MQ==&mid=2247484054&idx=1&sn=32f69a3a0f79604736097b850a15d317) - - [ ] [2024龙信年终技术考核参考WP](https://mp.weixin.qq.com/s?__biz=Mzk0MTQzNjIyNg==&mid=2247493354&idx=1&sn=02c0c4f95a8dbadb54bbf82b04aa84db) - - [ ] [吐槽一下某位记性差的情报大佬](https://mp.weixin.qq.com/s?__biz=MzU5OTMxNjkxMA==&mid=2247488423&idx=1&sn=bc632db8cfabe6b70249ad6a603c32d1) - - [ ] [联合国国际民航组织(ICAO)遭黑客攻击,4.2万份文件泄露!全球航空安全面临新威胁?](https://mp.weixin.qq.com/s?__biz=MzA4NTY4MjAyMQ==&mid=2447900023&idx=1&sn=abbeb590028956425cc68d46bfeaa940) - - [ ] [JS中的漏洞信息](https://mp.weixin.qq.com/s?__biz=MzU2NzY5MjAwNQ==&mid=2247486764&idx=1&sn=69cdc86ba9528ef7448abb4bdd976484) - - [ ] [自建IPTV源iptv-sources](https://mp.weixin.qq.com/s?__biz=MzkxMzIwNTY1OA==&mid=2247510709&idx=1&sn=0ba982135c9676de49536fc693b7eb38) - - [ ] [什么是IPV4?个人有吗?怎么获得?](https://mp.weixin.qq.com/s?__biz=MzkyMTQzNTM3Ng==&mid=2247483863&idx=1&sn=619d9fb761418b2cb752cf729f31e2f1) - - [ ] [在spring-aop中挖掘新反序列化gadget-chain](https://mp.weixin.qq.com/s?__biz=Mzg2MDY2ODc5MA==&mid=2247484198&idx=1&sn=6b6a82bb543e879295b7cd2d85f3a37f) - - [ ] [什么?资深高级红队队长已经在研究超能力黑电脑了?](https://mp.weixin.qq.com/s?__biz=Mzg2NDg2MDIxNQ==&mid=2247485319&idx=1&sn=ad8f40bdb5b1c07dc233047b958df904) - - [ ] [网安原创文章推荐【2025/1/11】](https://mp.weixin.qq.com/s?__biz=MzAxNzg3NzMyNQ==&mid=2247489441&idx=1&sn=4c04b2d66f2fec8cef967dd2579359f8) - - [ ] [「漏洞复现」某源地产ERP Service.asmx X-Forwarded-For注入漏洞](https://mp.weixin.qq.com/s?__biz=MzkyNDY3MTY3MA==&mid=2247486739&idx=1&sn=6463b2b41421b6514b200a5d9b397ac6) - - [ ] [IDA技巧(99)IDA 枚举类型](https://mp.weixin.qq.com/s?__biz=MzI1Mjk2MTM1OQ==&mid=2247485212&idx=1&sn=7bb441b2d54ca6a4df55ddbc5940888b) - - [ ] [ISO 14001: 2015 标准详解与实施(7)5.3 组织的角色、职责和权限](https://mp.weixin.qq.com/s?__biz=MzA5OTEyNzc1Nw==&mid=2247485913&idx=1&sn=ee0d2911362dd63adba8d841e38363ae) - - [ ] [ISO 45001: 2018 标准详解与实施(7)5.3 组织的角色、职责和权限](https://mp.weixin.qq.com/s?__biz=MzA5OTEyNzc1Nw==&mid=2247485913&idx=2&sn=2a32b64b88721f6b0653db89c30e9344) - - [ ] [古河大佬发现CVE-2024-49113 被黑客利用,发布恶意 PoC(好害怕发布带毒 poc 啊)](https://mp.weixin.qq.com/s?__biz=MzkzNDIzNDUxOQ==&mid=2247494172&idx=1&sn=8437b6bd83d4cea051dbc558260056d8) - - [ ] [独家揭秘:chatgpt帮你快速锁定高分伦理学论文选题指南!](https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247486113&idx=1&sn=f727b3d4b79cb12fbbdec06949fbfd96) - - [ ] [独家揭秘:ChatGPT快速生成放射医学高质量论文初稿指南。](https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247486113&idx=2&sn=2d975ff5f459526b25046d0d25e9b9fa) - - [ ] [独家揭秘:ChatGPT助力广告学论文初稿快速生成的内部攻略!](https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247486113&idx=3&sn=8ef4aa139f805205d0d62ff888cd5769) - - [ ] [独家揭秘!9年材料科研老兵的文献搜集内部绝密指南。](https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247486113&idx=4&sn=e30c9d109ab824323c910f78e80e50a7) - - [ ] [独家揭秘!用AI辅助网络安全论文初稿快速生成的高分攻略。](https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247486113&idx=5&sn=6b31a2c29bbce13ead1650e69a695cde) - - [ ] [不是,哥!你们网安圈那么抽象的么?](https://mp.weixin.qq.com/s?__biz=MzkwODI1ODgzOA==&mid=2247506503&idx=1&sn=c305dff91ced69c5b1f9ff5ddafd807d) - - [ ] [实战 | 域环境下通过anydesk进入生产网](https://mp.weixin.qq.com/s?__biz=MzUyODkwNDIyMg==&mid=2247546664&idx=1&sn=fd057d1a7854dfa5f0ebd433ee1ed398) - - [ ] [区块链 智能合约安全 重入漏洞](https://mp.weixin.qq.com/s?__biz=MzUyODkwNDIyMg==&mid=2247546664&idx=2&sn=4c18d53fa9dcc5cfebddcb4102d7baaf) - - [ ] [东盟地区APT攻击趋势:聚焦网络安全的新战场](https://mp.weixin.qq.com/s?__biz=Mzg3OTYxODQxNg==&mid=2247485596&idx=1&sn=f4d528677329d17c835b53e3aaa7feb4) - - [ ] [新春活动,翻倍奖金!福利享不停~](https://mp.weixin.qq.com/s?__biz=MzU5MDg0MDc2MQ==&mid=2247496518&idx=1&sn=f48a22cd763034d2dc47db5ee28720ec) - - [ ] [Csrf与Json劫持](https://mp.weixin.qq.com/s?__biz=Mzk0ODY1NzEwMA==&mid=2247485772&idx=1&sn=59e0c43184aaddec6997502fdda3a2be) - - [ ] [微信小程序抓包方式](https://mp.weixin.qq.com/s?__biz=Mzg4NDg3NjE5MQ==&mid=2247485114&idx=1&sn=fb9b1348eac1586c93d73aadc659a3bc) - - [ ] [通过高效的侦察发现关键漏洞接管整个IT基础设施](https://mp.weixin.qq.com/s?__biz=MzI4NTcxMjQ1MA==&mid=2247615101&idx=1&sn=1c11d3cd73b424e3335a64efba88679c) - - [ ] [通知 | 国家网信办就《网络信息内容多渠道分发服务机构相关业务活动管理规定(草案稿)》公开征求意见(附全文)](https://mp.weixin.qq.com/s?__biz=MzkwMTQyODI4Ng==&mid=2247495559&idx=1&sn=2ad25e8767f0eeb988faea4eb4cdd255) - - [ ] [警惕!暗网市场现最新高级免杀服务,可长期绕过主流安全检测](https://mp.weixin.qq.com/s?__biz=MzkyMjQ5ODk5OA==&mid=2247506753&idx=1&sn=c6dacf9030910a5b9eddc826030afb99) - - [ ] [2025年需要防范的五大恶意软件](https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651311815&idx=3&sn=e6c5675db6f0e57973dcd1817459dc10) - - [ ] [盘点网络安全行业那些让领导深恶痛绝的性格!](https://mp.weixin.qq.com/s?__biz=MzUzNjkxODE5MA==&mid=2247488025&idx=1&sn=7e84e26f46b61dd1cc258a94d2ed3773) - - [ ] [春节反诈常识](https://mp.weixin.qq.com/s?__biz=MzA5MTYyMDQ0OQ==&mid=2247493510&idx=1&sn=8e5f68e91641ea3a040bf4ca8c1b09f5) - - [ ] [今日截止!第八届西湖论剑大赛报名将于今日18:00截止~](https://mp.weixin.qq.com/s?__biz=MzU1MzE3Njg2Mw==&mid=2247510220&idx=1&sn=f4a316f50a355d874b4cc38ae4dad77e) - - [ ] [文件包含漏洞等你来看](https://mp.weixin.qq.com/s?__biz=MzI5MTIwOTQ5MA==&mid=2247487572&idx=1&sn=598542b01490ec8a8f9825c4a20f54f6) - - [ ] [【小技巧】怎么调整Burpsuite的字体大小](https://mp.weixin.qq.com/s?__biz=MzI5MTIwOTQ5MA==&mid=2247487572&idx=2&sn=0bd5f93b72cf2c55ffffda9d7371e9e2) - - [ ] [2024年安全四大顶会大陆学者发表论文数量统计](https://mp.weixin.qq.com/s?__biz=MzA3OTQ4OTY5OA==&mid=2653147892&idx=1&sn=9a0a042a06d5b484ffb1d89f756a5ebf) - - [ ] [2024年安全七大顶会大陆机构发表论文数量统计](https://mp.weixin.qq.com/s?__biz=MzA3OTQ4OTY5OA==&mid=2653147891&idx=1&sn=0f9c47eabb0b5502f154baafa3b2ae52) - - [ ] [2024年三大密码会大陆机构发表论文数量统计](https://mp.weixin.qq.com/s?__biz=MzA3OTQ4OTY5OA==&mid=2653147890&idx=1&sn=57d4ab5822b35e22a3d319af3510309b) - - [ ] [实战|记一次代码审计打穿多所高校](https://mp.weixin.qq.com/s?__biz=MzkyMjM5NDM3NQ==&mid=2247486202&idx=1&sn=2d35a85c8d1a352feea4382d8f6f9825) - - [ ] [2024年安全四大顶会大陆机构发表论文数量统计](https://mp.weixin.qq.com/s?__biz=MzA3OTQ4OTY5OA==&mid=2653147889&idx=1&sn=be077ae32c22ef2d64f3d53755ddbfa8) - - [ ] [信奥之路:从启蒙到卓越](https://mp.weixin.qq.com/s?__biz=MzU2NDY2OTU4Nw==&mid=2247518166&idx=1&sn=fc5e06eaa2e74d5cf545596d51ae8f93) - - [ ] [2025年,我们应当如何保护云安全?](https://mp.weixin.qq.com/s?__biz=Mzg3NTY0MjIwNg==&mid=2247485476&idx=1&sn=c22f13f338cc253e4e31b0b59753d950) - - [ ] [大量恶意npm包盯上了开发者](https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651311815&idx=1&sn=40eddfee1242b4b1518db9b0ecb9e786) - - [ ] [一周网安优质PDF资源推荐丨FreeBuf知识大陆](https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651311815&idx=2&sn=f9bf7b789caff212720edecb5c9fb294) - - [ ] [XXEinjector:一款功能强大的自动化XXE注射工具](https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651311815&idx=4&sn=ed616b030da36e54593c0510d6d4aa8a) - - [ ] [VxWorks固件系统研究技术总结一](https://mp.weixin.qq.com/s?__biz=MjM5MjEyMTcyMQ==&mid=2651037259&idx=1&sn=ec2f0980685456e15ec5ae58b3fe415b) - - [ ] [JS Hook脚本分享 | Fixed_window_size](https://mp.weixin.qq.com/s?__biz=MzkzNTcwOTgxMQ==&mid=2247485275&idx=1&sn=513575ad84bb71853764c14c16a001be) - - [ ] [上海市智算中心建设导则(2025年版)](https://mp.weixin.qq.com/s?__biz=MjM5OTk4MDE2MA==&mid=2655263752&idx=1&sn=a4c7652b7d0d40f08fadfb47500374cb) - - [ ] [2024年安全运营五大关键词](https://mp.weixin.qq.com/s?__biz=MjM5OTk4MDE2MA==&mid=2655263752&idx=2&sn=ee7b4367fd9b5533336d41bae1a41cc0) - - [ ] [GB∕T 44463-2024 互联网数据中心(IDC)总体技术要求](https://mp.weixin.qq.com/s?__biz=MjM5OTk4MDE2MA==&mid=2655263752&idx=3&sn=90ce4438de76976c8cccebfe506f6782) - - [ ] [GA∕T 2147-2024 公安视频图像信息系统安全事件分类分级指南](https://mp.weixin.qq.com/s?__biz=MjM5OTk4MDE2MA==&mid=2655263752&idx=4&sn=1a8d313b56c5fe6f5ee4103ef527ae53) - - [ ] [YD∕T 6030-2024 物联网基础安全 网关管理平台安全分级分类管理技术要求](https://mp.weixin.qq.com/s?__biz=MjM5OTk4MDE2MA==&mid=2655263752&idx=5&sn=052472828db8ad3933d76e0196e72577) - - [ ] [YD∕T 6034-2024 互联网域名服务信息安全管理要求](https://mp.weixin.qq.com/s?__biz=MjM5OTk4MDE2MA==&mid=2655263752&idx=6&sn=bd634c27f8a75d8ead0eabaa019c50b0) - - [ ] [YD∕T 6036-2024 移动智能终端安全态势感知平台技术要求](https://mp.weixin.qq.com/s?__biz=MjM5OTk4MDE2MA==&mid=2655263752&idx=7&sn=775ad59404f783eb2cd05ff69b611d68) - - [ ] [YD∕T 6038-2024 物联网基础安全 物联网平台安全分级分类管理技术要求](https://mp.weixin.qq.com/s?__biz=MjM5OTk4MDE2MA==&mid=2655263752&idx=8&sn=43d084f3e379735cb0e52f6e73f60c91) - - [ ] [新的国家情报标准如何使整个社会的 OSINT 专业化](https://mp.weixin.qq.com/s?__biz=MzkxMDIwMTMxMw==&mid=2247494404&idx=1&sn=17c743018b0e4c33f9e4b39670e0bdb8) - - [ ] [【资料】全球和平、恐怖主义、军事化、生态威胁等指数](https://mp.weixin.qq.com/s?__biz=MzI2MTE0NTE3Mw==&mid=2651148514&idx=1&sn=3662709654286db5bff36e15df25195b) - - [ ] [.NET内网实战:通过密码喷射遍历域账户](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498161&idx=1&sn=be37da545ba59c118c2d8331ddebf95e) - - [ ] [.NET 安全攻防知识交流社区](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498161&idx=2&sn=cb9eb4af6f38a0fdf4bec4b4c0b9af0e) - - [ ] [.NET 第54期红队武器库和资源汇总](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498161&idx=3&sn=0bdf117aa614c48e6e2fa2e51a3e83eb) - - [ ] [美国军事资金的3%(300亿美元)专款用于网络安全建设](https://mp.weixin.qq.com/s?__biz=MzkwNDI0MjkzOA==&mid=2247485648&idx=1&sn=9d2a476f4ca9e09f4e586b461c5e540b) - - [ ] [【警惕!】带着脑子辨别网安传销与培训诈骗](https://mp.weixin.qq.com/s?__biz=MzkxMTUwOTY1MA==&mid=2247489979&idx=1&sn=7504423edbf1814042a0cd8721329e53) - - [ ] [海康威视AK/SK泄露利用](https://mp.weixin.qq.com/s?__biz=MzU0MTc2NTExNg==&mid=2247491476&idx=1&sn=f36ac4a80164cf5e6fcc8d37c6123ab8) - - [ ] [2025开年大瓜:七年红队大牛教你什么是《炮塔》](https://mp.weixin.qq.com/s?__biz=MzkyOTQzNjIwNw==&mid=2247491387&idx=1&sn=318437e24f0dee591576c17b1865f082) - - [ ] [禅道CMS开源版SQL注入漏洞分析](https://mp.weixin.qq.com/s?__biz=Mzk0Mzc1MTI2Nw==&mid=2247487016&idx=1&sn=740c4dccda5bc675cb15d583a7867ad6) - - [ ] [【电子取证入门电子书】DFIR蘇小沐电子数据取证实务教程v20250110](https://mp.weixin.qq.com/s?__biz=Mzg3NTU3NTY0Nw==&mid=2247489493&idx=1&sn=c1cefd6ab9f90e9a27866ee920c4f9c9) - - [ ] [从被撤稿看网络安全法](https://mp.weixin.qq.com/s?__biz=MzkxNTY4NTQwMg==&mid=2247484243&idx=1&sn=45bfda4281542cab87e4c57741928f3a) - - [ ] [Yarr:一款简洁高效的 RSS 阅读器,让你轻松追蹤资讯!](https://mp.weixin.qq.com/s?__biz=MzA4MjkzMTcxMg==&mid=2449046655&idx=1&sn=683d1691190a69cc712b6b914ae85d74) - - [ ] [CISA紧急警告:Oracle与Mitel高危漏洞正被攻击者利用,企业需立即修复!](https://mp.weixin.qq.com/s?__biz=MzA4NTY4MjAyMQ==&mid=2447900022&idx=1&sn=468ab732933d168f76e10f10d930551d) - - [ ] [使用 LeakIX 查找易受攻击的主机](https://mp.weixin.qq.com/s?__biz=MzkwOTE5MDY5NA==&mid=2247504444&idx=1&sn=ca2fbdb4c118e45c099026b71f549f33) - - [ ] [2024年度上海网络与信息安全测评工程技术研究中心开放课题申请指南](https://mp.weixin.qq.com/s?__biz=MzU5MTM5MTQ2MA==&mid=2247491552&idx=1&sn=f1a376f0e49cff2ddca8fd74d0ecb5d9) - - [ ] [为啥找黑客帮忙的人,绝大多数都上当了呢?](https://mp.weixin.qq.com/s?__biz=MzkxMjYxODcyNA==&mid=2247485444&idx=1&sn=b7d97d3a17d6472120303b2c242c4bcb) - - [ ] [NETworkManager 强大的网络管理工具](https://mp.weixin.qq.com/s?__biz=MzkyNzIxMjM3Mg==&mid=2247488859&idx=1&sn=b74a7ab8bb978845a04a6f96cf7f17d6) - - [ ] [魔怔了](https://mp.weixin.qq.com/s?__biz=MzkyNzIxMjM3Mg==&mid=2247488859&idx=2&sn=57f256d8d6bd915fbb90714b789e06a2) - - [ ] [21119_ctfshow_misc_1024_重新签到xa0writeup](https://mp.weixin.qq.com/s?__biz=MzU2NzIzNzU4Mg==&mid=2247489458&idx=1&sn=a04fdf96f697a07c4c6f042dda66b812) - - [ ] [在线游戏靶场【overthewire.org】之linux基础练兵场](https://mp.weixin.qq.com/s?__biz=MzAxNTg1MDYxNA==&mid=2247488316&idx=1&sn=0d2d1f896068b716e0ddf57a87a7fe08) - - [ ] [来啊、浑蛋、那就对着我打!!!](https://mp.weixin.qq.com/s?__biz=Mzk0NDQwMDY1Nw==&mid=2247485783&idx=1&sn=18cd0973bc2d333b15a3053c155729b4) - - [ ] [2024年中网络安全威胁全解析:你,我,都身处其中(附下载)](https://mp.weixin.qq.com/s?__biz=MzkyODY5ODAyOA==&mid=2247489199&idx=1&sn=84d006f71c9995570547e4f7fb6df985) - - [ ] [国外:一周网络安全态势回顾之第81期](https://mp.weixin.qq.com/s?__biz=Mzg2NjY2MTI3Mg==&mid=2247498173&idx=1&sn=7afa71c7e7649ce5daf390576355983e) - - [ ] [暗网情报五则:涉美财政部数据泄露、以色列军队医院、中国股票业务公司数据、中国汽车经销商客户关系数据等](https://mp.weixin.qq.com/s?__biz=MzkyMjQ5ODk5OA==&mid=2247506753&idx=2&sn=2a87fbe42656da803e7b40a2b53ae278) - - [ ] [每周网安态势概览【20250112】002期](https://mp.weixin.qq.com/s?__biz=MzkyMjQ5ODk5OA==&mid=2247506753&idx=3&sn=5f0dfaa5af1377939b33c49069ee361f) - - [ ] [广西多家企业不履行网络安全保护义务被依法处罚](https://mp.weixin.qq.com/s?__biz=MzkxNTI2NTQxOA==&mid=2247495935&idx=1&sn=8e944270687efaf0287b59b0c6b1509a) - - [ ] [中信银行日照分行因“未及时处置数据安全漏洞风险”等被罚54万元](https://mp.weixin.qq.com/s?__biz=MzkxNTI2NTQxOA==&mid=2247495935&idx=2&sn=00a08f04efcb34f608a0a212fe9f18a0) - - [ ] [中国证监会《期货公司互联网营销管理规定(征求意见稿)》公开征求意见](https://mp.weixin.qq.com/s?__biz=MzkxNTI2NTQxOA==&mid=2247495935&idx=3&sn=59120d2fb2aa126651098e343db5d757) - - [ ] [假冒地图软件应用推广员 诈骗团伙盗取信息非法获利](https://mp.weixin.qq.com/s?__biz=MzkxNTI2NTQxOA==&mid=2247495935&idx=4&sn=2310f32e2838a70b5d64d6283d7c3b00) - - [ ] [这些网安“传奇产品”都凉了?](https://mp.weixin.qq.com/s?__biz=Mzg5OTg5OTI1NQ==&mid=2247489685&idx=1&sn=cb450029238b217c0e62810c2d9ea3e4) - - [ ] [【神兵利器】 Socks5 代理采集与使用工具](https://mp.weixin.qq.com/s?__biz=Mzg4MTU4NTc2Nw==&mid=2247494929&idx=1&sn=593a633db1de3399bf433ffed8be4bcc) - - [ ] [Linux环境反弹shell原理与姿势](https://mp.weixin.qq.com/s?__biz=Mzg4MTU4NTc2Nw==&mid=2247494929&idx=2&sn=423a37e0a046706839a0673709de6da3) -- Der Flounder - - [ ] [Generating randomized long usernames for Jamf Pro standard user accounts](https://derflounder.wordpress.com/2025/01/12/generating-randomized-long-usernames-for-jamf-pro-standard-users/) -- CXSECURITY Database RSS Feed - CXSecurity.com - - [ ] [Ecommerce-PHP-kurniaramadhan-1.0- Stored Cross Site Scripting](https://cxsecurity.com/issue/WLB-2025010013) -- Blogs on STAR Labs - - [ ] [Celebrating 7 Years of STAR Labs SG](https://starlabs.sg/blog/2025/01-celebrating-7-years/) -- MaskRay - - [ ] [Understanding and improving Clang -ftime-report](https://maskray.me/blog/2025-01-12-understanding-and-improving-clang-ftime-report) + - [ ] [从UP主燕三嘤嘤嘤看百度好看视频的苟活](https://mp.weixin.qq.com/s?__biz=MzkwMzI1ODUwNA==&mid=2247487814&idx=1&sn=4907df26be08cacdb7178f0d18e5a39d) + - [ ] [2024龙信年终技术考核WP](https://mp.weixin.qq.com/s?__biz=MzkzMjE4NzU5MA==&mid=2247491395&idx=1&sn=6490bb127a2104f8fb27f349103d0dff) + - [ ] [【干货】笑傲职场的独家经验(1)](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485401&idx=3&sn=9f5c7558a30fbc3a8e126121a0bd5602) + - [ ] [渗透Vulnhub-hackme靶机](https://mp.weixin.qq.com/s?__biz=Mzk1NzI5NzA3NQ==&mid=2247485970&idx=1&sn=4318edd93f051ba1be4bda1efb08ec5f) + - [ ] [回顾新姿势:击穿星巴克获取 1 亿用户详细信息](https://mp.weixin.qq.com/s?__biz=MzkwODI1ODgzOA==&mid=2247506517&idx=1&sn=72ebf3f4238eab2fce2b83da193e8e8b) + - [ ] [老牌免杀工具veil免杀](https://mp.weixin.qq.com/s?__biz=Mzg3OTUxNTU2NQ==&mid=2247489983&idx=1&sn=cb128069a995e8223bc74fee5557df01) + - [ ] [实战 | 域环境下通过anydesk进入生产网](https://mp.weixin.qq.com/s?__biz=Mzg5NTUyNTI5OA==&mid=2247486384&idx=1&sn=0e2db706f9c844a38b39297450e60d91) + - [ ] [【漏洞预警】Vim缓冲区溢出漏洞可导致拒绝服务](https://mp.weixin.qq.com/s?__biz=MzI3NzMzNzE5Ng==&mid=2247489446&idx=1&sn=28468e250cf5d9b29d7a5b263e158c99) + - [ ] [用于渗透测试练习的 15 个高危 Web应用和网站](https://mp.weixin.qq.com/s?__biz=MzkyODYwODkyMA==&mid=2247484934&idx=1&sn=7dc7c525120b59a96e436bf0ea9450b2) + - [ ] [四部委联合印发《关于促进数据标注产业高质量发展的实施意见》(附全文)](https://mp.weixin.qq.com/s?__biz=MzI5NTM4OTQ5Mg==&mid=2247633785&idx=1&sn=dc43c64287c137445c087fd164343665) + - [ ] [一图读懂 | 关于促进数据标注产业高质量发展的实施意见](https://mp.weixin.qq.com/s?__biz=MjM5MzMwMDU5NQ==&mid=2649170151&idx=3&sn=452310fbb337de2f7c1083f65b9d088c) + - [ ] [专家观点 | “人工智能+”赋能新质生产力发展](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664234446&idx=5&sn=f51375043d265a4573734624811787a2) + - [ ] [泄露近600万客户敏感数据,美国这家金融机构被罚超1.4亿元](https://mp.weixin.qq.com/s?__biz=MzI5NTM4OTQ5Mg==&mid=2247633785&idx=4&sn=4855ab43a37b7af0cfdeee4133a386aa) + - [ ] [记录一次博彩网站的实战渗透记录](https://mp.weixin.qq.com/s?__biz=MzkyMDY1MDI3OA==&mid=2247483742&idx=1&sn=e88bdf3f85236fa63fdae8b5fbc283e4) + - [ ] [Nuclei,一键发现99%的漏洞,白帽子都在私藏的扫描神器| |基于YAML模板的新一代漏洞扫描工具,让渗透测试效率提升10倍](https://mp.weixin.qq.com/s?__biz=MzI5MjY4MTMyMQ==&mid=2247489648&idx=1&sn=5b79daec6f19ffd0c170a8b2bc6f32ae) + - [ ] [“可信计算”专题征稿](https://mp.weixin.qq.com/s?__biz=MzI0NjU2NDMwNQ==&mid=2247504642&idx=1&sn=c447628a36e58e0247573195b34c3d8b) + - [ ] [红队-shell编程基础(七)](https://mp.weixin.qq.com/s?__biz=Mzk1Nzk2NjI3Ng==&mid=2247483789&idx=1&sn=0b8152350e676cfe9b706c0828aacfb9) + - [ ] [仅一文轻松拿捏 “加密站点的渗透测试”](https://mp.weixin.qq.com/s?__biz=Mzg3NzIxMDYxMw==&mid=2247504325&idx=1&sn=0ad6f807b8aee72e8c66f6cfddc6ad2a) + - [ ] [25年前最后一波招生 CTF实战特训营第三期](https://mp.weixin.qq.com/s?__biz=MzU1NjgzOTAyMg==&mid=2247522855&idx=1&sn=915db17a17b876be464130a746201f36) + - [ ] [信创认证,欢迎报名!](https://mp.weixin.qq.com/s?__biz=MzU1NjgzOTAyMg==&mid=2247522855&idx=2&sn=ae5be0d697f8654404d4c729ec56df65) + - [ ] [【话题】你刚开始接触安全的时候干过什么傻事?](https://mp.weixin.qq.com/s?__biz=MzkxMTUwOTY1MA==&mid=2247489984&idx=1&sn=0661c75b5b9216776b0ea9ad4e82724f) + - [ ] [一次绕过Burp检测的水洞记录](https://mp.weixin.qq.com/s?__biz=Mzg2ODYxMzY3OQ==&mid=2247518192&idx=1&sn=43d2c8a5ec62acb9c57d20b0958a7921) + - [ ] [SRC专项知识库](https://mp.weixin.qq.com/s?__biz=Mzg2ODYxMzY3OQ==&mid=2247518192&idx=2&sn=5b24f29c61064cbf6535255d152c2585) + - [ ] [关于如何解决 Cartopy 中的 GEOSException 问题](https://mp.weixin.qq.com/s?__biz=MzI2MDQ0ODIzNg==&mid=2247485188&idx=1&sn=c3ef736723f5f8583fe8586f09fec883) + - [ ] [第六届国家网络与信息安全信息通报机制中央企业网络安全大赛即将拉开帷幕](https://mp.weixin.qq.com/s?__biz=MzU1MTE1MjU5Nw==&mid=2247485436&idx=1&sn=10a33f4c919bdcaa2cb8b28761b8484f) + - [ ] [【漏洞工具】某路由器任意文件读取漏洞Goby高级模式利用工具](https://mp.weixin.qq.com/s?__biz=Mzg5NTU2NjA1Mw==&mid=2247496006&idx=1&sn=ff0667fdbf667156d8c9d0910b6bf0e3) + - [ ] [聚焦人工智能大模型可信治理 | “何以杨数浦”品牌沙龙第二期精彩回顾](https://mp.weixin.qq.com/s?__biz=MzUzODYyMDIzNw==&mid=2247516633&idx=1&sn=77b5ae3e9b2800cfb18c8b22869fc54f) + - [ ] [20元就能仿冒一家官网,小心这类山寨网页!](https://mp.weixin.qq.com/s?__biz=MzI0NzE4ODk1Mw==&mid=2652094576&idx=2&sn=b96d84ee36acd17877a0b42e11feb687) + - [ ] [识别漏洞成了大海捞针?](https://mp.weixin.qq.com/s?__biz=Mzg2MDc0NTIxOQ==&mid=2247484709&idx=1&sn=b238620c27395ab7c78718f7ef256c83) + - [ ] [卡西欧黑客事件报告发布:近 8600 名员工/客户隐私信息泄露](https://mp.weixin.qq.com/s?__biz=MzU2MTQwMzMxNA==&mid=2247541394&idx=1&sn=0789faf00c32980d17e95080f8788f99) + - [ ] [【安全圈】建立数据跨境服务中心、便利化访问国际互联网,上海虹桥商务区国际贸易中心新平台建设进一步落实](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067321&idx=1&sn=dd8f1699f9d8cbba67e8abc6091ffa6c) + - [ ] [【安全圈】微软起诉利用 Azure AI 创建有害内容的黑客组织](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067321&idx=4&sn=4ea1e634e045d59be08019f06a4fd52b) + - [ ] [价值3999,送!CISP新年福利不容错过](https://mp.weixin.qq.com/s?__biz=MzU4MjUxNjQ1Ng==&mid=2247521085&idx=2&sn=e0d640470ef26a02e6f1a0f0be864053) + - [ ] [SUCTF 2025落幕|S1uM4i战队实力夺冠!](https://mp.weixin.qq.com/s?__biz=MjM5NDU3MjExNw==&mid=2247515484&idx=1&sn=0c506fe6fa7d8296675e4a1821546192) + - [ ] [2025年人工智能带来的五大网络安全趋势及其应对策略](https://mp.weixin.qq.com/s?__biz=MjM5Njc3NjM4MA==&mid=2651134627&idx=1&sn=6c71adfab711410ac4d54f0d1602e6a7) + - [ ] [2025 ICT深度观察报告会|腾讯云李滨:企业数字安全建设的四个关键要素](https://mp.weixin.qq.com/s?__biz=Mzg5OTE4NTczMQ==&mid=2247526340&idx=1&sn=d5418212a88f343e949c90ac05e3ca99) + - [ ] [慢雾:演员王星被骗事件相关聊天截图调查](https://mp.weixin.qq.com/s?__biz=MzU4ODQ3NTM2OA==&mid=2247500907&idx=1&sn=1e629e1d6e96b48b3c5962aadba90a92) + - [ ] [GFI KerioControl 防火墙存在严重的RCE漏洞](https://mp.weixin.qq.com/s?__biz=MzI2NTg4OTc5Nw==&mid=2247522044&idx=1&sn=71bbcad32c9a0753d8385256ee5dad03) + - [ ] [CrowdStrike虚假工作邀约通过密币挖矿机感染开发人员](https://mp.weixin.qq.com/s?__biz=MzI2NTg4OTc5Nw==&mid=2247522044&idx=2&sn=f72144000ab0d2c1280f017af0018e6e) + - [ ] [物联网丨2024年中国物联网安全行业概览:解除网络威胁,物联网的智能守护(附下载)](https://mp.weixin.qq.com/s?__biz=MzI2MDk2NDA0OA==&mid=2247531021&idx=1&sn=9aa5cb200c685e768a56581a2f7cc8eb) + - [ ] [趋势丨2025年网络安全趋势洞察:多维度的挑战与应对之策](https://mp.weixin.qq.com/s?__biz=MzI2MDk2NDA0OA==&mid=2247531021&idx=2&sn=c562ed427ae6c2e710e4dded0bdf3bb9) + - [ ] [云服务器知多少](https://mp.weixin.qq.com/s?__biz=MzkxNTEzMTA0Mw==&mid=2247496603&idx=1&sn=30ce3b66d3f3a49187c050357e5e49aa) + - [ ] [每周网安资讯 (1.7-1.13)|Adobe多款产品存在越界读取漏洞](https://mp.weixin.qq.com/s?__biz=MzI2MzU0NTk3OA==&mid=2247505577&idx=1&sn=f82c60e6b9567f984c4c17d0e98e150a) + - [ ] [捷豹路虎中国到访奇安信安全中心](https://mp.weixin.qq.com/s?__biz=MzU0NDk0NTAwMw==&mid=2247624408&idx=1&sn=c77a280be315f4c37b588b6b7abc5e31) + - [ ] [泄露近600万客户敏感数据,这家金融机构被罚超1.4亿元](https://mp.weixin.qq.com/s?__biz=MzU0NDk0NTAwMw==&mid=2247624408&idx=2&sn=a55317c4ca276ccce4b320dfa6ab6b32) + - [ ] [Dex文件结构-ReadDex解析器实现](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458588591&idx=1&sn=f3af400aa11be8f19a775a31e96d7740) + - [ ] [10万美金!研究员如何黑进 Facebook 服务器](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458588591&idx=2&sn=0adaab3ebee5e866ad30ef7799307d47) + - [ ] [成为看雪讲师,开启技术分享的高光时刻](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458588591&idx=3&sn=b11fa1206f5347a3696b9363851d9aa9) + - [ ] [【金松奖】工行企业级数据要素流通全链路建设项目:集成数据安全、隐私计算等技术](https://mp.weixin.qq.com/s?__biz=MzIxMDIwODM2MA==&mid=2653931425&idx=1&sn=c1b619510a29b6a8bf9dfe7ba78649a3) + - [ ] [139款车型成功通过汽车数据安全合规检测](https://mp.weixin.qq.com/s?__biz=MzIxMDIwODM2MA==&mid=2653931425&idx=2&sn=f8ec500385ff22c0db9cd9b34d400ac6) + - [ ] [连续三年上榜!亚信安全成功入选毕马威中国金融科技企业双50榜单](https://mp.weixin.qq.com/s?__biz=MjM5NjY2MTIzMw==&mid=2650620698&idx=1&sn=2c718264abe114475c3b892a8f582efc) + - [ ] [全球瞭望|网络安全重大事件精选(152期)](https://mp.weixin.qq.com/s?__biz=MzkwMTMyMDQ3Mw==&mid=2247597421&idx=1&sn=be9598279f20a952fb0e19be307030dd) + - [ ] [国家保密局公告!](https://mp.weixin.qq.com/s?__biz=MzkwMTMyMDQ3Mw==&mid=2247597421&idx=2&sn=dfe5368b5e159e2231298817a047eeba) + - [ ] [基于区域预推荐和特征富集的SOD R-CNN交通标志检测网络](https://mp.weixin.qq.com/s?__biz=MzkwMTMyMDQ3Mw==&mid=2247597421&idx=3&sn=736013f6dea7772337ae25b3b6431881) + - [ ] [网络安全动态 - 2025.01.13](https://mp.weixin.qq.com/s?__biz=MzU1MzEzMzAxMA==&mid=2247499881&idx=1&sn=e66d795b31109a64bd94e8a129da6227) + - [ ] [企业级攻防技术揭秘](https://mp.weixin.qq.com/s?__biz=MzkxNTIwNTkyNg==&mid=2247553013&idx=1&sn=5a53c74b485756c6132de205dab8d238) + - [ ] [【免费领】黑客工具之王:DDoS攻击与防范实战技术大全](https://mp.weixin.qq.com/s?__biz=MzkxNTIwNTkyNg==&mid=2247553013&idx=2&sn=48cf79ce6b93328800d06a2cf1e15afa) + - [ ] [观安信息荣获“2024年海南能源数据要素应用创新大赛”优秀奖](https://mp.weixin.qq.com/s?__biz=MzIxNDIzNTcxMg==&mid=2247506478&idx=1&sn=a256623b122e68b48ef83b82df2ee77d) + - [ ] [洞·见 | 20250113](https://mp.weixin.qq.com/s?__biz=Mzk0MDQ5MTQ4NA==&mid=2247487338&idx=1&sn=7a588ce30f39ed317dde637ba1a2bb7b) + - [ ] [载誉前行 | 绿盟科技在NVDB-CAVD2024年度年终总结会上获得多项荣誉](https://mp.weixin.qq.com/s?__biz=MjM5ODYyMTM4MA==&mid=2650464189&idx=1&sn=84418624ed0bcf001f07ae24d5436b05) + - [ ] [通知 | 国家网信办就《网络信息内容多渠道分发服务机构相关业务活动管理规定(草案稿)》公开征求意见(附全文)](https://mp.weixin.qq.com/s?__biz=MzkyNDUyNzU1MQ==&mid=2247486653&idx=1&sn=772e1446d8dcf92eed8aa21e53329aab) + - [ ] [ios逆向攻防-应用重签名&代码注入](https://mp.weixin.qq.com/s?__biz=MzkxNDY0NjY3MQ==&mid=2247485283&idx=1&sn=0a2f46d49d80b5e7d674b91967e36b2a) + - [ ] [聚铭网络成功当选中关村华安关键信息基础设施安全保护联盟理事单位](https://mp.weixin.qq.com/s?__biz=MzIzMDQwMjg5NA==&mid=2247506484&idx=1&sn=7b1418949cde0ca75bab5f4f0f5f7b71) + - [ ] [第83期 | GPTSecurity周报](https://mp.weixin.qq.com/s?__biz=MzkzNDUxOTk2Mw==&mid=2247495678&idx=1&sn=c0825173d0cbbef6762dcdaf19b55727) + - [ ] [国家发展改革委等四部门联合印发《关于促进数据标注产业高质量发展的实施意见》](https://mp.weixin.qq.com/s?__biz=MjM5MzMwMDU5NQ==&mid=2649170151&idx=1&sn=3ad07afdb31186657760655f6da40abb) + - [ ] [划重点!2025年我国数据领域明确重点任务](https://mp.weixin.qq.com/s?__biz=MjM5MzMwMDU5NQ==&mid=2649170151&idx=2&sn=2caaf47c4cc04e9595155dabfb1bb770) + - [ ] [原创丨 近期观察 全球网络安全动态](https://mp.weixin.qq.com/s?__biz=Mzg2MTU5ODQ2Mg==&mid=2247507088&idx=1&sn=a6cabc27681f5e6a03d9e97fb8d7218b) + - [ ] [原创丨欧盟网络安全局发布《2024年欧盟网络安全状况报告》](https://mp.weixin.qq.com/s?__biz=Mzg2MTU5ODQ2Mg==&mid=2247507088&idx=2&sn=af8a1c12b18ecbda8f5bbd38c7e7b938) + - [ ] [对话|无影如何助力企业构建办公安全防护体系](https://mp.weixin.qq.com/s?__biz=MzA4MTQ2MjI5OA==&mid=2664091916&idx=1&sn=7a9b4fb48560a3e24eb8fe8b512f834f) + - [ ] [Frida从hook websocket协议看通杀流量加密](https://mp.weixin.qq.com/s?__biz=Mzk0ODM0MjA0OA==&mid=2247483896&idx=1&sn=1f6bf11a478f0f74a347455b0120e088) + - [ ] [【吃瓜】已上岸!](https://mp.weixin.qq.com/s?__biz=MzU3MjU4MjM3MQ==&mid=2247489591&idx=1&sn=96a899a7d742fa79856b5712bf1591bd) + - [ ] [年底裁员后坎坷的求职之路](https://mp.weixin.qq.com/s?__biz=Mzk0NTY5Nzc1OA==&mid=2247484262&idx=1&sn=194ead1613e2e6be48848984aa94d15c) + - [ ] [议题征集 | 关于征集第六期移动互联网APP产品安全漏洞技术沙龙议题的通知](https://mp.weixin.qq.com/s?__biz=MjM5NzYwNDU0Mg==&mid=2649249384&idx=1&sn=0ec25d262d67ca8b1b6ee4c4392ff393) + - [ ] [【数字政府优秀案例联播】交通智搜新升级:打造智能、专业、便捷的政务服务新体验](https://mp.weixin.qq.com/s?__biz=MjM5NzYwNDU0Mg==&mid=2649249384&idx=2&sn=1c6e329c6bca81c452ca789eab537c93) + - [ ] [安全简讯(2025.01.13)](https://mp.weixin.qq.com/s?__biz=MzkzNzY5OTg2Ng==&mid=2247500607&idx=1&sn=5ee26fcda2a35cda8864abdaef1b718c) + - [ ] [恶意软件容器化](https://mp.weixin.qq.com/s?__biz=Mzg5MDg3OTc0OA==&mid=2247489348&idx=1&sn=b58d14adab4a2ed80d2cf2457a31a0f0) + - [ ] [打造企业级安全护城河](https://mp.weixin.qq.com/s?__biz=MzkyNTY3Nzc3Mg==&mid=2247488105&idx=1&sn=d864d13b811f1050a778f9fd6cbff18f) + - [ ] [2025,感恩一路有你活动](https://mp.weixin.qq.com/s?__biz=MzI5ODE0ODA5MQ==&mid=2652281687&idx=1&sn=7934a57fd8a96c7620b9cc67dbab42c9) + - [ ] [贡献度排名第一!国舜股份积极支撑工信部车联网产品安全漏洞专业库](https://mp.weixin.qq.com/s?__biz=MzA3NjU5MTIxMg==&mid=2650575169&idx=1&sn=cf48f807b0a583ce0d72513c0185627d) + - [ ] [星火年鉴· 顶级篇 |注册量、解析量破200亿,工业互联网标识解析国家顶级节点(成都托管与灾备节点)加速推动制造业数字化转型](https://mp.weixin.qq.com/s?__biz=MzU1OTUxNTI1NA==&mid=2247592097&idx=1&sn=d31278c73cd636214c13c4a2520241ca) + - [ ] [如何充分利用网络安全保险](https://mp.weixin.qq.com/s?__biz=MzkxNzA3MTgyNg==&mid=2247534049&idx=1&sn=2beee14167a5b03d33ff211f021b29aa) + - [ ] [鼎信安全 | 网络安全一周资讯](https://mp.weixin.qq.com/s?__biz=MzIwOTc4MTE4Nw==&mid=2247500968&idx=1&sn=bb2762cbe059ca3cdb2ee97beb412f1e) + - [ ] [当猎人成为猎物:使用自定义回调禁用 EDR](https://mp.weixin.qq.com/s?__biz=MzAxODM5ODQzNQ==&mid=2247486308&idx=1&sn=8899e2a734b64f0ee44bb7c5b4a68ce6) + - [ ] [文心一言、智谱清言等302款生成式人工智能服务已在国家网信办完成备案!](https://mp.weixin.qq.com/s?__biz=MzA3NDIwNTY5Mw==&mid=2247507430&idx=1&sn=8fc56ec498e142e1cebb8ae9b7417166) + - [ ] [图解|我国数据出境合规指引](https://mp.weixin.qq.com/s?__biz=MzA3NDIwNTY5Mw==&mid=2247507430&idx=2&sn=b216dc6d7750bf76b4e299028ddc5923) + - [ ] [Proxy SwitchyOmega 被下架:一场针对浏览器扩展的大规模网络钓鱼攻击](https://mp.weixin.qq.com/s?__biz=MzIxMTg1ODAwNw==&mid=2247500395&idx=1&sn=291602b8ac131845db401dffb6b28de4) + - [ ] [元宇宙将比现实世界更受欢迎:现实世界会消失吗?](https://mp.weixin.qq.com/s?__biz=MzkxNDM4OTM3OQ==&mid=2247505731&idx=1&sn=60fbc4a4e811e38a7177d875e09e5cfa) + - [ ] [用于快速搜索 Windows 取证文件的开源工具](https://mp.weixin.qq.com/s?__biz=MzkxNDM4OTM3OQ==&mid=2247505731&idx=2&sn=59228995909b2e9daf2da495fa67be1c) + - [ ] [全球银行准备大规模裁员:人工智能改变游戏规则!](https://mp.weixin.qq.com/s?__biz=MzkxNDM4OTM3OQ==&mid=2247505731&idx=3&sn=5ec7b52e4a549a6f310663542aa58998) + - [ ] [DNA 测序仪漏洞标志着医疗器械行业固件存在问题](https://mp.weixin.qq.com/s?__biz=MzkxNDM4OTM3OQ==&mid=2247505731&idx=4&sn=eb4cadc77282c758c13dc8b2f01bb34f) + - [ ] [2025 年工作场所 Workplace 5.0 以人为本的人工智能](https://mp.weixin.qq.com/s?__biz=MzkxNDM4OTM3OQ==&mid=2247505731&idx=5&sn=7b760f6272929df09f16f94e15beb494) + - [ ] [网安牛马专属表情包分享](https://mp.weixin.qq.com/s?__biz=MzkwOTczNzIxNQ==&mid=2247485599&idx=1&sn=9c09dca6ca7bf3bb75677d03031d4acc) + - [ ] [新兴AI驱动勒索软件FunkSec:信息全球化与灰黑产的交汇](https://mp.weixin.qq.com/s?__biz=MzUxMjc0MTE3Mw==&mid=2247494897&idx=1&sn=33db12375b3946b756923f83a33eaeb3) + - [ ] [电子数据取证分析师培训通知](https://mp.weixin.qq.com/s?__biz=MzIyNzU0NjIyMg==&mid=2247488370&idx=1&sn=0d9e6254e52faf7fd8d6dbd9ab67cda7) + - [ ] [2024中国网络安全产业势能榜优能企业「制造行业」典型案例展示](https://mp.weixin.qq.com/s?__biz=MzI0MDY1MDU4MQ==&mid=2247580751&idx=1&sn=38ed7d42fddd1b5e624f8f2ac1ec4a44) + - [ ] [安全动态回顾|国家网络安全通报中心:重点防范境外恶意网址和恶意IP 超过4000个后门因注册过期域名而被劫持](https://mp.weixin.qq.com/s?__biz=MzI0MDY1MDU4MQ==&mid=2247580751&idx=2&sn=7886e26f1ed368509d62b0ced61b3b4c) + - [ ] [年终盘点之二|2024山石网科全国巡展,完美收官](https://mp.weixin.qq.com/s?__biz=MzAxMDE4MTAzMQ==&mid=2661297991&idx=1&sn=c48a9589b1b5c97bd4210077795118e6) + - [ ] [年终盘点之三|2024数据泄露十大事件(国内版)](https://mp.weixin.qq.com/s?__biz=MzAxMDE4MTAzMQ==&mid=2661297991&idx=2&sn=d17fb507b2dd73a6e5154a5f05396b9d) + - [ ] [大规模破解和黑客包泄漏 100 GB | 优质内容](https://mp.weixin.qq.com/s?__biz=MzkyNzYzNTQ2Nw==&mid=2247484004&idx=1&sn=669d69c22450a67894253aa651e376e2) + - [ ] [PHP服务器可能正在被挖矿!](https://mp.weixin.qq.com/s?__biz=MzU5OTMxNjkxMA==&mid=2247488442&idx=1&sn=c560220ca14fbb5f472bca815ee389f8) + - [ ] [【赠书抽奖】发现Web API漏洞居然能赚到400w刀,看懂这本书你也可以!](https://mp.weixin.qq.com/s?__biz=MzI1ODI0MTczNQ==&mid=2247491165&idx=1&sn=25ca0a0520923eeb18c1e1e347e391f0) + - [ ] [Sekiro+Yakit 热加载无痛绕sign](https://mp.weixin.qq.com/s?__biz=Mzg4Njg3MDk5Ng==&mid=2247486843&idx=1&sn=024bf3ec0b7902fb330412308737508b) + - [ ] [通用大模型分析恶意软件,完全不靠谱](https://mp.weixin.qq.com/s?__biz=Mzg5NTMxMjQ4OA==&mid=2247485549&idx=1&sn=5032b5ba9b4f8a43089a9684d4e3055a) + - [ ] [【游戏数据安全】反作弊分析分类](https://mp.weixin.qq.com/s?__biz=MzkyMTQzNTM3Ng==&mid=2247483865&idx=1&sn=2b58775007261ee5d7399fbefdbb34dd) + - [ ] [展望未来:Radware专家对2025年网络安全趋势的看法](https://mp.weixin.qq.com/s?__biz=MjM5ODE0Njk2Nw==&mid=2653021290&idx=1&sn=8e9017dd859c7b00e41e88c01b8d7746) + - [ ] [图形化漏洞利用Demo-JavaFX版](https://mp.weixin.qq.com/s?__biz=MzU2MDU5MDE2MA==&mid=2247484178&idx=1&sn=d1b640eaba093986d2a9b2be283ed362) + - [ ] [【挖洞实战】这不是只要有手就能批量挖Dom Xss漏洞](https://mp.weixin.qq.com/s?__biz=MzU2NDgzOTQzNw==&mid=2247503014&idx=1&sn=cea00ee2401be5a3b7910e4830df9796) + - [ ] [不妙,中招了【被供应链攻击的多个浏览器插件】,包含Proxy SwitchyOmega (V3)快看看你有没有中招!!!](https://mp.weixin.qq.com/s?__biz=Mzk0MzY3MDE5Mg==&mid=2247483900&idx=1&sn=bc2a24cb3acce687934d446c9b8e54ba) + - [ ] [DH POC撤稿之后还有后续......](https://mp.weixin.qq.com/s?__biz=MzkxNTY4NTQwMg==&mid=2247484250&idx=1&sn=94a79a0c3a5d9b0fd98cd00f3eb6e7c2) + - [ ] [工具集:Jar Analyzer【JAR包分析工具】](https://mp.weixin.qq.com/s?__biz=Mzk0MjY1ODE5Mg==&mid=2247485173&idx=1&sn=5a73100d1f93e564e9a47a52edecf6c9) + - [ ] [浅谈蜜罐原理与规避](https://mp.weixin.qq.com/s?__biz=MzUyODkwNDIyMg==&mid=2247546700&idx=1&sn=a1c5f7adaa827ba876c2a6f9ecca2c6c) + - [ ] [记一次简单的微信洗车小程序渗透学习](https://mp.weixin.qq.com/s?__biz=MzI3NjA4MjMyMw==&mid=2647789913&idx=1&sn=711f295d77c716f63cb014faa429975e) + - [ ] [从用户注册绕过到纵向权限提升接管SaaS平台](https://mp.weixin.qq.com/s?__biz=MzI4NTcxMjQ1MA==&mid=2247615126&idx=1&sn=0f4af4c6a0614c4c7d3cb8630b905b40) + - [ ] [通过高效的侦察发现关键漏洞接管整个IT基础设施](https://mp.weixin.qq.com/s?__biz=MzI4NTcxMjQ1MA==&mid=2247615126&idx=2&sn=5bd8af62ab97fbe13a4424ee9e7ce5b6) + - [ ] [网络抓包调试实践](https://mp.weixin.qq.com/s?__biz=MzkxMzMyNzMyMA==&mid=2247569635&idx=1&sn=2db73304bb7a151c07a5821530e7a565) + - [ ] [过来人告诉你网络安全到底要学什么?(附学习笔记、电子资料、安装包)](https://mp.weixin.qq.com/s?__biz=MzkxNDU0MTUyNw==&mid=2247491900&idx=1&sn=043fcafa82bfe031643f27f0ef9df91a) + - [ ] [Linux上常用的防火墙软件iptables详解](https://mp.weixin.qq.com/s?__biz=MzkxMzMyNzMyMA==&mid=2247569635&idx=2&sn=133bf1a2d285f34ca1fc65124517bc07) + - [ ] [行业动态|2025第三届商用密码展将于6月11日-13日在上海举办!](https://mp.weixin.qq.com/s?__biz=MzUyNjk2MDU4MQ==&mid=2247486408&idx=1&sn=1e184be0b0c354c02923ec5534f1dcc8) + - [ ] [南部非洲发展共同体(SADC)APT网络攻击趋势解析](https://mp.weixin.qq.com/s?__biz=Mzg3OTYxODQxNg==&mid=2247485597&idx=1&sn=158ede6f488e8ad3e77873fbeeb3c4d0) + - [ ] [章管家前台任意文件上传漏洞(XVE-2024-19042)](https://mp.weixin.qq.com/s?__biz=Mzg4NDg3NjE5MQ==&mid=2247485124&idx=1&sn=de4ced0e1f786160e9142f28356cf6df) + - [ ] [【黑产大数据】2024年数据泄露风险态势报告](https://mp.weixin.qq.com/s?__biz=MzI3NDY3NDUxNg==&mid=2247498732&idx=1&sn=4ba0213d21420c4b3a5fdde9907f5853) + - [ ] [第七届入侵检测挑战赛报名开启!](https://mp.weixin.qq.com/s?__biz=MzIxMjEwNTc4NA==&mid=2652997294&idx=1&sn=ec666eebc045f5a7137e852bd81614c9) + - [ ] [绘制网络拓扑图,这5款工具助你轻松搞定!](https://mp.weixin.qq.com/s?__biz=MzUyNTExOTY1Nw==&mid=2247527848&idx=1&sn=fe56854d8e8b69a9ccf90c73e04c010b) + - [ ] [MS-RPC 流程浅析](https://mp.weixin.qq.com/s?__biz=Mzg5NTkxNzg4MA==&mid=2247489836&idx=1&sn=a254b1c12d9a3d79caebaffc09e532e7) + - [ ] [Sec新闻周刊:中新赛克强势入选中国网络安全行业全景册](https://mp.weixin.qq.com/s?__biz=Mzk0ODUwNTg0Ng==&mid=2247489672&idx=1&sn=2c40fad5ea6c330b3e5af5fdc18c46a5) + - [ ] [对新人友好的云认证是?CCSK!!!](https://mp.weixin.qq.com/s?__biz=MzIxNTM4NDY2MQ==&mid=2247515685&idx=1&sn=60a26b482d668f9a65b58f8392a9aa76) + - [ ] [ITIL4 的职业发展前景](https://mp.weixin.qq.com/s?__biz=MzIxNTM4NDY2MQ==&mid=2247515685&idx=2&sn=dffc254743eee027c264d8b52275ee6d) + - [ ] [凭CZTP,进入零信任安全工程师赛道](https://mp.weixin.qq.com/s?__biz=MzIxNTM4NDY2MQ==&mid=2247515685&idx=3&sn=12e8c8877d43cab65bf2d3eae44546e5) + - [ ] [最新公告!可拨打12336举报泄密或保密违法违规行为](https://mp.weixin.qq.com/s?__biz=MzkyMDY4MTc2Ng==&mid=2247483966&idx=1&sn=e636d329a5b5ee3cc07d3b0281708352) + - [ ] [北京市西城区委常委、统战部部长江岚一行到访安博通](https://mp.weixin.qq.com/s?__biz=MzIyNTA5Mzc2OA==&mid=2651137396&idx=1&sn=a72bdcc625e7a11c1756e5501a86fd0f) + - [ ] [联想全球安全实验室热招AI安全领域精英,欢迎志同道合的小伙伴加入!](https://mp.weixin.qq.com/s?__biz=MzU1ODk1MzI1NQ==&mid=2247491476&idx=1&sn=41e46c9f328fd2e9c315fb6f0fb022ec) + - [ ] [【漏洞复现】科荣AIO系统存在代码执行漏洞](https://mp.weixin.qq.com/s?__biz=Mzg2MjkwMDY3OA==&mid=2247485529&idx=1&sn=5379f2f365b78268422e0aa297eaa61c) + - [ ] [论安全运营的本质(第十章)](https://mp.weixin.qq.com/s?__biz=MzkwNTI3MjIyOQ==&mid=2247484113&idx=1&sn=7f019dca19eb8721e20b86ecde235940) + - [ ] [CISSP管理者思路系列-6](https://mp.weixin.qq.com/s?__biz=MzIyMjYzNDgzMg==&mid=2247487609&idx=1&sn=53179fc57883fbb8721e1024c4d4fa23) + - [ ] [欢迎「金山云」入驻补天专属SRC!](https://mp.weixin.qq.com/s?__biz=MzI2NzY5MDI3NQ==&mid=2247507273&idx=1&sn=19b1a506b7082cf3e664e77cdd6e1e2e) + - [ ] [【吃瓜】优越感从何而来](https://mp.weixin.qq.com/s?__biz=Mzk0OTY2ODE1NA==&mid=2247484965&idx=1&sn=458ff1e5072a7220fb1597b412c31d4e) + - [ ] [无条件帮转高质量原创文章](https://mp.weixin.qq.com/s?__biz=MzkzNDIzNDUxOQ==&mid=2247494201&idx=1&sn=773dee3b8b7be36c839fd06a1f45d440) + - [ ] [【分析报告】蒙古国首都发生示威游行事件](https://mp.weixin.qq.com/s?__biz=MzkwNzM0NzA5MA==&mid=2247503784&idx=1&sn=fbcceefe3a99ba33bc9366707787a161) + - [ ] [蒙古国与日本及欧洲合作的多维影响:地缘政治、军事与经济分析](https://mp.weixin.qq.com/s?__biz=MzkwNzM0NzA5MA==&mid=2247503784&idx=2&sn=0567f454c7c6080d119916d7c420d945) + - [ ] [蒙古国与印度合作 :挑战交织下的地缘政治棋局](https://mp.weixin.qq.com/s?__biz=MzkwNzM0NzA5MA==&mid=2247503784&idx=3&sn=75dc380dad6d85821f4a51c795ceae3c) + - [ ] [CommonsCollections CC1攻击链详解](https://mp.weixin.qq.com/s?__biz=MzkzNzI2Mzc0Ng==&mid=2247486395&idx=1&sn=16923b6435b723ef0bceb14373cac87a) + - [ ] [西班牙电信巨头 Telefónica 发生严重数据泄露](https://mp.weixin.qq.com/s?__biz=MjM5Mzc4MzUzMQ==&mid=2650260383&idx=1&sn=2d52c9c19f4213f6db6138421d57362d) + - [ ] [算法治病还是杀人?留神医疗大模型被“投毒”](https://mp.weixin.qq.com/s?__biz=MzI1OTA1MzQzNA==&mid=2651247414&idx=1&sn=df34afa6162156e52419024004e80cad) + - [ ] [20元就能山寨官网!央视曝光克隆网站黑幕](https://mp.weixin.qq.com/s?__biz=MzU0MjE2Mjk3Ng==&mid=2247488395&idx=1&sn=5f461e90183934cf2a555d8bb1eb8628) + - [ ] [数据安全治理实践指南(4.0)](https://mp.weixin.qq.com/s?__biz=MzI3NjUzOTQ0NQ==&mid=2247517052&idx=1&sn=9ceaace23a7ee3df679b0ac1f15241dd) + - [ ] [坦诚点,让我们谈谈网络安全行业现状](https://mp.weixin.qq.com/s?__biz=Mzg4NzgyODEzNQ==&mid=2247488595&idx=1&sn=e0d96d17cc81d1fc1f9023201479b3d1) + - [ ] [网安全牛马注意了!!!某提权工具被投毒植入后门](https://mp.weixin.qq.com/s?__biz=MzkwODM3NjIxOQ==&mid=2247502254&idx=1&sn=65722ab7fe999110e71098d246f9b1fa) + - [ ] [澳门司法警察局“电子数据取证”交流培训活动圆满落幕](https://mp.weixin.qq.com/s?__biz=Mzg3MjE1NjQ0NA==&mid=2247514135&idx=1&sn=5db549d49218818eeb0c16de15922c25) + - [ ] [CES 2025的十大“人工智障”产品](https://mp.weixin.qq.com/s?__biz=MzkxNTI2MTI1NA==&mid=2247502100&idx=1&sn=c77ce9430cd56a9714c2b241df526cc7) + - [ ] [周刊 | 网安大事回顾(2025.1.6-2025.1.12)](https://mp.weixin.qq.com/s?__biz=MzkxNTI2MTI1NA==&mid=2247502100&idx=2&sn=12de4dfa2cd4a5a3b507b90cfa668bcc) + - [ ] [【我们这一年】网络和数据安全取得新突破](https://mp.weixin.qq.com/s?__biz=MzkyMDMwNTkwNg==&mid=2247487228&idx=1&sn=24663c9da168168f965aff20afce7a58) + - [ ] [轻量级、自适应Web爬虫工具](https://mp.weixin.qq.com/s?__biz=MzkyMDM4NDM5Ng==&mid=2247490227&idx=1&sn=74f8d20a405e1b97c6c308e7c5596e66) + - [ ] [一个永久的.NET渗透工具和知识仓库](https://mp.weixin.qq.com/s?__biz=MzkyMDM4NDM5Ng==&mid=2247490227&idx=2&sn=d9c48450125c96e885b697b496a8b413) + - [ ] [AAAI 25 | 融合分隔:协同专家混合模型用于数据稀缺环境下的药物-靶点相互作用预测](https://mp.weixin.qq.com/s?__biz=Mzg4MzE1MTQzNw==&mid=2247491733&idx=1&sn=83e02623adec1c30364f023dbc550518) + - [ ] [MITRE ATT&CK:应用指南与学习路径](https://mp.weixin.qq.com/s?__biz=MzkzMDQ0NzQwNA==&mid=2247485871&idx=1&sn=4a8fedb2de4d6a2fcf2456d0fd86e9b5) + - [ ] [罪恶角落,带你了解什么是暗网](https://mp.weixin.qq.com/s?__biz=Mzg3NTY0MjIwNg==&mid=2247485518&idx=1&sn=4883cd2d4061a65371d5afe9e0196c58) + - [ ] [【文中抽奖】一杯奶茶钱开挣生活费 SRC漏洞挖掘基础及赏金培训](https://mp.weixin.qq.com/s?__biz=MzI0NjE1NDYyOA==&mid=2247484790&idx=1&sn=7c58b5be658c0fb646c28fda9f8aeb33) + - [ ] [腾讯协助警方破获木马盗窃游戏账号案,涉案金额超 3000 万;|江苏一男子利用小程序Bug逃匿28万加油费,法院判了](https://mp.weixin.qq.com/s?__biz=MzAxMjE3ODU3MQ==&mid=2650606485&idx=1&sn=e6574ea4808aafdb1a8939a0e61f67e5) + - [ ] [国家网信办征求意见:平台应当以显著方式展示账号所属 MCN 机构](https://mp.weixin.qq.com/s?__biz=MzAxMjE3ODU3MQ==&mid=2650606485&idx=2&sn=ca90501b4575d0ee15461348ca0a7817) + - [ ] [记一次某OA渗透测试有意思的文件上传漏洞挖掘经历以及分析](https://mp.weixin.qq.com/s?__biz=MzAxMjE3ODU3MQ==&mid=2650606485&idx=3&sn=4bdcf90b59f41c99b28e4613268a24c6) + - [ ] [一个好用的越权扫描工具](https://mp.weixin.qq.com/s?__biz=MzAxMjE3ODU3MQ==&mid=2650606485&idx=4&sn=ead6d8702819a5443a5124688e8a6934) + - [ ] [【技术分享】WS视频流地址泄露利用方式](https://mp.weixin.qq.com/s?__biz=MzkxMTY1MTIzOA==&mid=2247484571&idx=1&sn=52dc59bb8dfe62fb3fd057d1f7a29b0c) + - [ ] [记一次从任意文件下载到getshell](https://mp.weixin.qq.com/s?__biz=Mzk0MTIzNTgzMQ==&mid=2247519178&idx=1&sn=ffc262a1b50eb5cd080dd71e5ec057ec) + - [ ] [常用浏览器的安全取证分析技术总结](https://mp.weixin.qq.com/s?__biz=MjM5MjEyMTcyMQ==&mid=2651037264&idx=1&sn=a1c62cd4e27808340ee69e684ca70983) + - [ ] [【神兵利器】HeavenlyBypassAV免杀工具](https://mp.weixin.qq.com/s?__biz=Mzg4MTU4NTc2Nw==&mid=2247494941&idx=1&sn=850fc249132011cdab654923792fead7) + - [ ] [程序源码保护攻防对抗记录](https://mp.weixin.qq.com/s?__biz=Mzg4MTU4NTc2Nw==&mid=2247494941&idx=2&sn=d2e1544fd257d23974c5f6f7fc9a3c23) + - [ ] [[0113]一周重点暗网情报|天际友盟情报站](https://mp.weixin.qq.com/s?__biz=MzIwNjQ4OTU3NA==&mid=2247510005&idx=1&sn=c48e4d5efd2041457d33e5f84223f855) + - [ ] [数十个Chrome扩展程序被黑客攻击,数百万用户数据被盗(包括Proxy SwitchyOmega在内)](https://mp.weixin.qq.com/s?__biz=MzkyODY3NjkyNQ==&mid=2247484756&idx=1&sn=388375c011cc6ec8046a8ec235ed4d62) + - [ ] [华硕(ASUS)RT-AX56U系列路由器error_page存在文件读取](https://mp.weixin.qq.com/s?__biz=MzkyOTg3ODc5OA==&mid=2247484162&idx=1&sn=535c46098f7db6c25a0500484da29ddc) + - [ ] [AI引领2024|智能体200+,执行任务近50000000次,这一年恒脑很忙](https://mp.weixin.qq.com/s?__biz=MjM5NTE0MjQyMg==&mid=2650623724&idx=1&sn=9537ef0dac94cf46a5a8a10023bc7f9b) + - [ ] [把握“AI”新浪潮 | 浙商总会数字资产及交易委员会一届二次委员会议举行](https://mp.weixin.qq.com/s?__biz=MjM5NTE0MjQyMg==&mid=2650623724&idx=2&sn=745381a3f0fbf8d64db495cffddd92c8) + - [ ] [美国超千万中小学生个人数据疑似泄露](https://mp.weixin.qq.com/s?__biz=MzIwNzAwOTQxMg==&mid=2652251197&idx=1&sn=a6f8126cf569ae8d1d20db2ec9ba5471) + - [ ] [从“金疙瘩”到“烫手山芋”,智算中心面临过剩危机](https://mp.weixin.qq.com/s?__biz=Mzg4MDE0MzQzMw==&mid=2247487996&idx=1&sn=7fc7f3d3e3de1061c83a2bd052aa06b6) + - [ ] [“迪普信创AI全流量态势感知”入选浙江省信息技术应用创新优秀解决方案](https://mp.weixin.qq.com/s?__biz=MzA4NzE5MzkzNA==&mid=2650370114&idx=1&sn=aad65c650effe7c6eb2b12046665ca6e) + - [ ] [泛微-云桥e-Bridge addTasteJsonp SQL注入漏洞](https://mp.weixin.qq.com/s?__biz=MzkzMTcwMTg1Mg==&mid=2247490141&idx=1&sn=9bdeb4a82982b626048e1a9069b4d1e9) + - [ ] [一次敏感信息泄露引发的逻辑漏洞挖掘](https://mp.weixin.qq.com/s?__biz=MzkxNzY5MTg1Ng==&mid=2247485481&idx=1&sn=1115561690fb800d94b50913f07bd6d2) + - [ ] [IClean](https://mp.weixin.qq.com/s?__biz=Mzk1NzY0NzMyMw==&mid=2247485282&idx=1&sn=fe2ef5eaa6f84e12f45e5f806d37f2b8) + - [ ] [企业防线的薄弱环节:深入了解供应链网络攻击的风险](https://mp.weixin.qq.com/s?__biz=MzA3MTUxNzQxMQ==&mid=2453885717&idx=1&sn=02370f3718668f2fb513019d1e09d686) + - [ ] [浅谈金融资产机构数据质量问题与应对策略](https://mp.weixin.qq.com/s?__biz=MzkwNDI0MjkzOA==&mid=2247485650&idx=1&sn=d18cd67e0c5c4da244c8b9bcf826c396) + - [ ] [微软采取法律行动保护公众免受人工智能生成内容的侵害](https://mp.weixin.qq.com/s?__biz=MzI2NzAwOTg4NQ==&mid=2649793828&idx=1&sn=46ceaef5035a0a62be54836973ba1e77) + - [ ] [GitHub 上的虚假 LDAPNightmware 漏洞投放信息窃取恶意软件](https://mp.weixin.qq.com/s?__biz=MzI2NzAwOTg4NQ==&mid=2649793828&idx=2&sn=75c89a73f526a3eef48834b9589071a7) + - [ ] [泽连斯基访问意大利后,亲俄黑客发动新一波 DDoS 攻击](https://mp.weixin.qq.com/s?__biz=MzI2NzAwOTg4NQ==&mid=2649793828&idx=3&sn=e0a4e09c8099a8284fd038f81a885f3b) + - [ ] [2025的第一个私活,赚了2w](https://mp.weixin.qq.com/s?__biz=MzUzMDQ1MTY0MQ==&mid=2247506577&idx=1&sn=dd37e4692c9c7937254675370f08279d) + - [ ] [Lua项目下SSRF利用Redis文件覆盖lua回显RCE](https://mp.weixin.qq.com/s?__biz=Mzk0Mzc1MTI2Nw==&mid=2247487032&idx=1&sn=3953d7b15c531d645369722844c65578) + - [ ] [实战|拿下了自己学校的大屏幕](https://mp.weixin.qq.com/s?__biz=MzU2NzY5MzI5Ng==&mid=2247504764&idx=1&sn=5c021b505429afbebdaa8a822ad917e9) + - [ ] [【快收藏】信创认证一文通:你想知道的都在这儿](https://mp.weixin.qq.com/s?__biz=MzU2NzY5MzI5Ng==&mid=2247504764&idx=2&sn=3078de2e0ecc85d9808e62d9c2dad6c9) + - [ ] [vulnhub之Sputnik的实践](https://mp.weixin.qq.com/s?__biz=MzA3MjM5MDc2Nw==&mid=2650748923&idx=1&sn=da1b2662ae1830f66e01ee29a39ce551) + - [ ] [【吃瓜】要不是真的没绷住,没周末还发吃瓜啊?](https://mp.weixin.qq.com/s?__biz=MzIxNTIzNTExMQ==&mid=2247490663&idx=1&sn=76c8f084b038a53cb020772026ab8e04) + - [ ] [网络安全讲师(兼职)招募](https://mp.weixin.qq.com/s?__biz=MzU4OTg4Nzc4MQ==&mid=2247505479&idx=1&sn=33e43aa495d88306d800d5786147d55b) + - [ ] [网络安全ctf比赛/学习资源整理,解题工具、比赛时间、解题思路、实战靶场、学习路线,推荐收藏!](https://mp.weixin.qq.com/s?__biz=MzU4OTg4Nzc4MQ==&mid=2247505479&idx=2&sn=b430206fc0a060fe581e40f7929f1724) + - [ ] [云上安全的五大威胁及防护措施](https://mp.weixin.qq.com/s?__biz=Mzg2MDg0ODg1NQ==&mid=2247539478&idx=1&sn=7a255a9243b48db12349cb6c05714760) +- Private Feed for M09Ic + - [ ] [safedv starred RedByte1337/GraphSpy](https://github.com/RedByte1337/GraphSpy) + - [ ] [kpcyrd starred woodruffw/zizmor](https://github.com/woodruffw/zizmor) + - [ ] [zema1 started following kotori2](https://github.com/kotori2) + - [ ] [zer0yu starred afnanenayet/diffsitter](https://github.com/afnanenayet/diffsitter) + - [ ] [wh0amitz starred pureqh/Hyacinth](https://github.com/pureqh/Hyacinth) + - [ ] [4ra1n starred icsharpcode/ILSpy](https://github.com/icsharpcode/ILSpy) + - [ ] [Ridter starred doyensec/CSPTBurpExtension](https://github.com/doyensec/CSPTBurpExtension) + - [ ] [h3zh1 pushed to master in chainreactors/malefic](https://github.com/chainreactors/malefic/compare/c71ba53e38...3aea9cd265) + - [ ] [Rvn0xsy starred bytevet/proxyverse](https://github.com/bytevet/proxyverse) + - [ ] [DVKunion starred zero-peak/ZeroOmega](https://github.com/zero-peak/ZeroOmega) + - [ ] [INotGreen starred H4ckF0rFun/elf_to_shellcode](https://github.com/H4ckF0rFun/elf_to_shellcode) + - [ ] [zer0yu started following mal-tee](https://github.com/mal-tee) + - [ ] [Ridter forked Ridter/reality from howmp/reality](https://github.com/Ridter/reality) + - [ ] [pmiaowu starred lemono0/FastJsonParty](https://github.com/lemono0/FastJsonParty) + - [ ] [glzjin starred cliffe/SecGen](https://github.com/cliffe/SecGen) + - [ ] [Ridter starred howmp/reality](https://github.com/howmp/reality) + - [ ] [ring04h starred uber-go/goleak](https://github.com/uber-go/goleak) + - [ ] [yzddmr6 forked yzddmr6/520apkhook from sec-db/520apkhook](https://github.com/yzddmr6/520apkhook) + - [ ] [yzddmr6 starred howmp/reality](https://github.com/howmp/reality) - Recent Commits to cve:main - - [ ] [Update Sun Jan 12 20:21:03 UTC 2025](https://github.com/trickest/cve/commit/cc05860a3fa72fd7eeb469c2f4c3c2393bdf9799) - - [ ] [Update Sun Jan 12 12:11:36 UTC 2025](https://github.com/trickest/cve/commit/bc5f623348434ad1564e0c0b3b25484b76ac5bce) - - [ ] [Update Sun Jan 12 03:57:29 UTC 2025](https://github.com/trickest/cve/commit/53bdd20be67eb117cbfb421f1172dacc167ade8d) + - [ ] [Update Mon Jan 13 20:21:05 UTC 2025](https://github.com/trickest/cve/commit/6d1183495f89140d47f2cca943f8e3e0b0c86f4a) + - [ ] [Update Mon Jan 13 12:18:30 UTC 2025](https://github.com/trickest/cve/commit/25b0ea30350fdeb5c900d370af0419f11ef61acc) + - [ ] [Update Mon Jan 13 04:15:26 UTC 2025](https://github.com/trickest/cve/commit/e8cfcd643185168d79075322c94dc7a7868ad6f0) +- 奇安信攻防社区 + - [ ] [AFL++工具运行原理与实战分析](https://forum.butian.net/share/4033) + - [ ] [安全开发原则与编码规范](https://forum.butian.net/share/4036) - 一个被知识诅咒的人 - - [ ] [Python协程与生成器深度解析:从yield到async的演进之路](https://blog.csdn.net/nokiaguy/article/details/145091808) - - [ ] [Python数据类(dataclass):简化类的定义与数据管理](https://blog.csdn.net/nokiaguy/article/details/145091802) + - [ ] [【Python】深入解析Python的上下文管理器与资源管理:实现自定义的`with`语句](https://blog.csdn.net/nokiaguy/article/details/145113849) + - [ ] [Python中的动态属性:用__getattr__和__setattr__实现灵活的数据访问](https://blog.csdn.net/nokiaguy/article/details/145113830) +- Bug Bounty in InfoSec Write-ups on Medium + - [ ] [How I got my first bounty of $$$](https://infosecwriteups.com/how-i-got-my-first-bounty-of-e163f970d1e0?source=rss----7b722bfd1b8d--bug_bounty) + - [ ] [The Subdomain They Forgot — How I Chained Bugs for a $1,000 Bounty](https://infosecwriteups.com/the-subdomain-they-forgot-how-i-chained-bugs-for-a-1-000-bounty-094d89758489?source=rss----7b722bfd1b8d--bug_bounty) + - [ ] [How I got my name on WHO’s Hall of Fame](https://infosecwriteups.com/how-i-got-my-name-on-whos-hall-of-fame-060d57662b16?source=rss----7b722bfd1b8d--bug_bounty) - Twitter @bytehx - - [ ] [Re @hbenja_m @Bugcrowd That is a very good explanation. Thanks for sharing!](https://x.com/bytehx343/status/1878340302697824475) -- CCC Event Blog - - [ ] [38C3: Last (and Lost) Things](https://events.ccc.de/2025/01/12/38c3-last-things/) + - [ ] [Re @0xRAYAN7 @Hacker0x01 Congrats 🎉](https://x.com/bytehx343/status/1878754781633896462) - Reverse Engineering - - [ ] [Core Explorer, a core dump analysis tool that runs in the browser](https://www.reddit.com/r/ReverseEngineering/comments/1hzy97x/core_explorer_a_core_dump_analysis_tool_that_runs/) + - [ ] [/r/ReverseEngineering's Weekly Questions Thread](https://www.reddit.com/r/ReverseEngineering/comments/1i0967i/rreverseengineerings_weekly_questions_thread/) + - [ ] [How Hard Is It to Port Frida to an Unsupported Platform? (Let’s Find Out)](https://www.reddit.com/r/ReverseEngineering/comments/1i0hser/how_hard_is_it_to_port_frida_to_an_unsupported/) + - [ ] [The Permission Slip Attack, Leveraging a Confused Deputy in Android with 'pSlip'](https://www.reddit.com/r/ReverseEngineering/comments/1i0ih4y/the_permission_slip_attack_leveraging_a_confused/) +- Malwarebytes + - [ ] [The new rules for AI and encrypted messaging, with Mallory Knodel (Lock and Code S06E01)](https://www.malwarebytes.com/blog/uncategorized/2025/01/the-new-rules-for-ai-and-encrypted-messaging-with-mallory-knodel-lock-and-code-s06e01) + - [ ] [iMessage text gets recipient to disable phishing protection so they can be phished](https://www.malwarebytes.com/blog/news/2025/01/imessage-text-gets-recipient-to-disable-phishing-protection-so-they-can-be-phished) + - [ ] [A week in security (January 6 – January 12)](https://www.malwarebytes.com/blog/news/2025/01/a-week-in-security-january-6-january-12) +- Webroot Blog + - [ ] [Why MSPs must offer 24/7 cybersecurity protection and response — and how OpenText MDR can help](https://www.webroot.com/blog/2025/01/13/why-msps-must-offer-24-7-cybersecurity-protection-and-response/) +- Intigriti + - [ ] [7 Overlooked recon techniques to find more vulnerabilities](https://www.intigriti.com/researchers/blog/hacking-tools/7-overlooked-recon-techniques-to-find-more-vulnerabilities) +- Horizon3.ai + - [ ] [The Death of BAS and the Rise of Autonomous Pentesting](https://www.horizon3.ai/intelligence/blogs/the-death-of-bas-and-the-rise-of-autonomous-pentesting/) + - [ ] [Critical Vulnerabilities in SimpleHelp Remote Support Software](https://www.horizon3.ai/attack-research/disclosures/critical-vulnerabilities-in-simplehelp-remote-support-software/) - FreeBuf网络安全行业门户 - - [ ] [网络安全市场的“冬天”还长](https://www.freebuf.com/articles/neopoints/419651.html) + - [ ] [FreeBuf早报 | 央视曝光“克隆网站”;IBM漏洞允许攻击者嵌入任意JS代码](https://www.freebuf.com/news/419728.html) + - [ ] [警惕!1亿macOS用户面临Banshee新变种威胁](https://www.freebuf.com/news/419718.html) + - [ ] [Azure AI被黑客越狱,提供“黑客即服务”](https://www.freebuf.com/news/419701.html) + - [ ] [研究人员成功入侵苹果新型USB-C控制器](https://www.freebuf.com/news/419681.html) + - [ ] [SaaS安全大考:黑客“全明星”盘点与2025年备战指南](https://www.freebuf.com/articles/419699.html) +- 绿盟科技技术博客 + - [ ] [绿盟科技威胁情报周报(2025.01.06-2025.01.12)](https://blog.nsfocus.net/2025-01-06-2025-01-12/) +- HackerNews + - [ ] [泽连斯基访问意大利后亲俄黑客发动新一波 DDoS 攻击](https://hackernews.cc/archives/56858) + - [ ] [印度加密货币交易所 Mudrex 解释提款暂停原因](https://hackernews.cc/archives/56852) + - [ ] [新型 Web3 攻击利用交易模拟窃取加密货币](https://hackernews.cc/archives/56845) + - [ ] [网络钓鱼短信诱骗苹果 iMessage 用户关闭保护机制](https://hackernews.cc/archives/56837) + - [ ] [AI 驱动勒索软件 FunkSec 采用双重勒索战术攻击 85 名受害者](https://hackernews.cc/archives/56832) +- 安全牛 + - [ ] [2025年人工智能带来的五大网络安全预测及其应对策略](https://www.aqniu.com/homenews/107946.html) + - [ ] [苹果最新ACE3 USB-C控制器被破解,引发设备安全担忧;IBM watsonx.ai平台安全漏洞或导致XSS攻击风险 |牛览](https://www.aqniu.com/homenews/107947.html) - 奇客Solidot–传递最新科技情报 - - [ ] [台积电亚利桑那州工厂开始量产 4 纳米芯片](https://www.solidot.org/story?sid=80310) - - [ ] [安然宣布预售蛋形家用核反应堆](https://www.solidot.org/story?sid=80309) - - [ ] [加拿大灭火飞机疑与无人机相撞受损停飞](https://www.solidot.org/story?sid=80308) + - [ ] [Mastodon 将控制权转交给一家非盈利组织](https://www.solidot.org/story?sid=80320) + - [ ] [微软在六地测试 Microsoft 365 涨价](https://www.solidot.org/story?sid=80319) + - [ ] [《疯狂出租车》速通玩家用现场演奏避免版权问题](https://www.solidot.org/story?sid=80318) + - [ ] [售价 12 美元衣服的背后](https://www.solidot.org/story?sid=80317) + - [ ] [2024 年德国可更新能源占到发电量的 62.7%](https://www.solidot.org/story?sid=80316) + - [ ] [NASA JPL 和威尔逊山天文台未被山火波及](https://www.solidot.org/story?sid=80315) + - [ ] [小鼠研究解释为何新记忆不会覆盖旧记忆](https://www.solidot.org/story?sid=80314) + - [ ] [TikTok 在世界各地都面临法律诉讼](https://www.solidot.org/story?sid=80313) + - [ ] [Matt Mullenweg 关闭了多位据称试图创建分支的 WordPress.org 贡献者账号](https://www.solidot.org/story?sid=80312) + - [ ] [关系衰退成为一种全球性现象](https://www.solidot.org/story?sid=80311) +- 黑海洋 - IT技术知识库 + - [ ] [Nezha V1:哪吒监控自定义代码美化](https://blog.upx8.com/4652) +- 腾讯玄武实验室 + - [ ] [每日安全动态推送(25/1/13)](https://mp.weixin.qq.com/s?__biz=MzA5NDYyNDI0MA==&mid=2651959984&idx=1&sn=daac9046ff73a9a0334acecde2fdd4cf&chksm=8baed22fbcd95b39cca160d7f1d5ce7eec7ae7a66b8907a88b9f41db4f4b2423dccc01f85b54&scene=58&subscene=0#rd) +- 安全分析与研究 + - [ ] [伪装成Chrome安装程序传播银狐最新变种](https://mp.weixin.qq.com/s?__biz=MzA4ODEyODA3MQ==&mid=2247489956&idx=1&sn=91861b57be376b8d6fa0d075edf1d6b6&chksm=902fb68ca7583f9a4714da177a1e775f3170d9875f63c7e39f99f27ff826fa2f22f3cec354c2&scene=58&subscene=0#rd) +- 奇安信 CERT + - [ ] [【技术细节公开】Ivanti 多款产品缓冲区溢出漏洞(CVE-2025-0282)安全风险通告](https://mp.weixin.qq.com/s?__biz=MzU5NDgxODU1MQ==&mid=2247502754&idx=1&sn=48a21e24bdfc8908bb32481d68e1cb9b&chksm=fe79ef3ac90e662c847aaac7838231f459a77d12388ca13ee7bb9ae8b12b5e2b051c5fd1d54e&scene=58&subscene=0#rd) + - [ ] [安全热点周报:黑客利用自定义恶意软件对受感染的 Ivanti 设备发起零日攻击](https://mp.weixin.qq.com/s?__biz=MzU5NDgxODU1MQ==&mid=2247502754&idx=2&sn=71834c7ec593bc49ee831cf81afb0628&chksm=fe79ef3ac90e662c0938869f54ea887addd6c578f54932f05bf3901d6b96b1048e3ae3fee67c&scene=58&subscene=0#rd) +- 雷神众测 + - [ ] [雷神众测漏洞周报2025.1.6-2025.1.12](https://mp.weixin.qq.com/s?__biz=MzI0NzEwOTM0MA==&mid=2652503275&idx=1&sn=2b10bfb0eb83fdb8f10466f9476b7a57&chksm=f2585f58c52fd64e76b8d6e69b0939688a5ad89e9a654a4eb9345d294e495326b8a5b197a01b&scene=58&subscene=0#rd) +- Black Hills Information Security + - [ ] [Introduction to Zeek Log Analysis](https://www.blackhillsinfosec.com/introduction-to-zeek-log-analysis-wrap/) +- 看雪学苑 + - [ ] [Dex文件结构-ReadDex解析器实现](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458588591&idx=1&sn=f3af400aa11be8f19a775a31e96d7740&chksm=b18c252586fbac3333019757efad00be145ea661a9a9fcd7c622c441e62f07dc2c3f4bc04f0f&scene=58&subscene=0#rd) + - [ ] [10万美金!研究员如何黑进 Facebook 服务器](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458588591&idx=2&sn=0adaab3ebee5e866ad30ef7799307d47&chksm=b18c252586fbac33941785182240f8c6b7e6cb0ae71488a6845d7fc5236e82b4cd7f416efc73&scene=58&subscene=0#rd) + - [ ] [成为看雪讲师,开启技术分享的高光时刻](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458588591&idx=3&sn=b11fa1206f5347a3696b9363851d9aa9&chksm=b18c252586fbac337f968ef57b1c1b5fef6e47c287b8a331ba6e79c740794c1b13359655edf3&scene=58&subscene=0#rd) +- 威努特安全网络 + - [ ] [5G+AI+信创,深度揭秘智慧矿山工业控制网络构建之道](https://mp.weixin.qq.com/s?__biz=MzAwNTgyODU3NQ==&mid=2651130319&idx=1&sn=345bdcb858d6db350bb617bf16fd1016&chksm=80e7137fb7909a699eb5c07fdd6d2f9bef27138bffc3f57a27cc512027d7bd4045cee717da3e&scene=58&subscene=0#rd) +- 软件安全与逆向分析 + - [ ] [eBPF开发指南从原理到应用如何学习](https://mp.weixin.qq.com/s?__biz=MzU3MTY5MzQxMA==&mid=2247484752&idx=1&sn=488c75243ec385aeda8c794e69785718&chksm=fcdd055dcbaa8c4bc476588f2467b3531d64c869ec3b4eea33f0b82d3153f79da8ef2fa34521&scene=58&subscene=0#rd) +- 安全内参 + - [ ] [泄露近600万客户敏感数据,这家金融机构被罚超1.4亿元](https://mp.weixin.qq.com/s?__biz=MzI4NDY2MDMwMw==&mid=2247513476&idx=1&sn=605167ebb5844cbdb4b12e1f489b5730&chksm=ebfaf2a4dc8d7bb25f7b717c165921f0c5af838718a2072ecef6f2e98d7daa0faadd51b8688e&scene=58&subscene=0#rd) + - [ ] [算法治病还是杀人?留神医疗大模型被“投毒”](https://mp.weixin.qq.com/s?__biz=MzI4NDY2MDMwMw==&mid=2247513476&idx=2&sn=3b473e5b6b3eadea5cc1f0973885d17d&chksm=ebfaf2a4dc8d7bb2d21d3da21117942d17be63755bbb6828059cf21f8e9124f7375675fd76a9&scene=58&subscene=0#rd) +- 绿盟科技研究通讯 + - [ ] [从云原生攻防靶场看新型计算环境下的网络安全实战人才培养](https://mp.weixin.qq.com/s?__biz=MzIyODYzNTU2OA==&mid=2247498256&idx=1&sn=b2635dc70b17f67d197e6cceb52ebd1e&chksm=e84c5ccfdf3bd5d9566dc0f75159a4507fa4c58e8cc505f8a16eafc62825cd80b6a7b1a853bd&scene=58&subscene=0#rd) +- 代码卫士 + - [ ] [GFI KerioControl 防火墙存在严重的RCE漏洞](https://mp.weixin.qq.com/s?__biz=MzI2NTg4OTc5Nw==&mid=2247522044&idx=1&sn=71bbcad32c9a0753d8385256ee5dad03&chksm=ea94a796dde32e80febb13e46990720e4748e375842d7d932e99d76c82cb55e561bf2219c17c&scene=58&subscene=0#rd) + - [ ] [CrowdStrike虚假工作邀约通过密币挖矿机感染开发人员](https://mp.weixin.qq.com/s?__biz=MzI2NTg4OTc5Nw==&mid=2247522044&idx=2&sn=f72144000ab0d2c1280f017af0018e6e&chksm=ea94a796dde32e802b549f6142713bd6d30abcff4fb2dad9a2d96d274145d96f5962e976b84c&scene=58&subscene=0#rd) - dotNet安全矩阵 - - [ ] [.NET内网实战:通过密码喷射遍历域账户](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498161&idx=1&sn=be37da545ba59c118c2d8331ddebf95e&chksm=fa59575ccd2ede4a649d9a0b0a50098ed73b9a63406c87ad5501b7b911333561666fb79b058a&scene=58&subscene=0#rd) - - [ ] [.NET 安全攻防知识交流社区](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498161&idx=2&sn=cb9eb4af6f38a0fdf4bec4b4c0b9af0e&chksm=fa59575ccd2ede4af7bc01070c20719aa57677190a7abc5c307d5d82adcea645f6d47879c671&scene=58&subscene=0#rd) - - [ ] [.NET 第54期红队武器库和资源汇总](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498161&idx=3&sn=0bdf117aa614c48e6e2fa2e51a3e83eb&chksm=fa59575ccd2ede4a84e6210bd8ee96f463cb3a9b0b75bb9c70b96a5a0bdc4420e9ed4ed132fd&scene=58&subscene=0#rd) + - [ ] [.NET 实战中批量获取数据库凭据的工具](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498183&idx=1&sn=93271af446b9fab68ddccddd1c8d42fa&chksm=fa59572acd2ede3c188f8fba769e989eafc4d9a5d892cc3dca36098c37de2975099065f1c4f8&scene=58&subscene=0#rd) + - [ ] [国内最专业、最全面的 [ .NET 代码审计 ] 体系化学习交流社区](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498183&idx=2&sn=f8f8e1c70409762960a7fae57b956271&chksm=fa59572acd2ede3cedb794d2838a04af22159a4117a372cf7add6b7d007dfc63f631a9b5f619&scene=58&subscene=0#rd) + - [ ] [.NET 第54期红队武器库和资源汇总](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498183&idx=3&sn=fa292ad02108f28ed17b5fde3b8a7c88&chksm=fa59572acd2ede3cf7b38bbd15169bf26c14b1e0eb68076c59512d1c8c6a33d5f08631afd4f3&scene=58&subscene=0#rd) +- 安全研究GoSSIP + - [ ] [G.O.S.S.I.P 阅读推荐(?) 2025-01-13 Nothing Bad](https://mp.weixin.qq.com/s?__biz=Mzg5ODUxMzg0Ng==&mid=2247499611&idx=1&sn=f4c84ebd4655e6b7c270acc34692023d&chksm=c063d182f71458946d68d728ea7c53c8c927518a5bf7034bbac7c87669e69efa83fec019fcae&scene=58&subscene=0#rd) - 丁爸 情报分析师的工具箱 - - [ ] [【资料】全球和平、恐怖主义、军事化、生态威胁等指数](https://mp.weixin.qq.com/s?__biz=MzI2MTE0NTE3Mw==&mid=2651148514&idx=1&sn=3662709654286db5bff36e15df25195b&chksm=f1af27d8c6d8aece6156e703a95e85d1ba2b73fefb64d14a75c43344e36d8f73bacd9081ee78&scene=58&subscene=0#rd) -- 认知独省 - - [ ] [攻防3.0 - 信任攻击](https://mp.weixin.qq.com/s?__biz=MzU0NTI4MDQwMQ==&mid=2247484194&idx=1&sn=cb404b0fcfa2490d458d482fa704e98a&chksm=fb6e1bdccc1992cafa5f8bb0a62392a5c3106254f7cf233badf5cd133389fd95f6ac43fdde1d&scene=58&subscene=0#rd) -- 安全学术圈 - - [ ] [2024年度上海网络与信息安全测评工程技术研究中心开放课题申请指南](https://mp.weixin.qq.com/s?__biz=MzU5MTM5MTQ2MA==&mid=2247491552&idx=1&sn=f1a376f0e49cff2ddca8fd74d0ecb5d9&chksm=fe2ee06bc959697dfc17c1f03a2e333582869bfcf92999139190432c960e259a75bb8f9aef7d&scene=58&subscene=0#rd) -- 网络空间安全科学学报 - - [ ] [学术前沿 | 国防科技大学李爱平教授团队:物联网威胁情报知识图谱综述](https://mp.weixin.qq.com/s?__biz=MzI0NjU2NDMwNQ==&mid=2247504588&idx=1&sn=2d8592df92f5803bf485752d5f217d87&chksm=e9bfc672dec84f64e1b5b257c4048e3bbf80232a46cb63503acfd5a8c04a35f89fca0fc9aaa4&scene=58&subscene=0#rd) + - [ ] [【资料】大语言模型对开源情报的影响](https://mp.weixin.qq.com/s?__biz=MzI2MTE0NTE3Mw==&mid=2651148521&idx=1&sn=4c4aa636b9f05e358e1ed6469a640d2a&chksm=f1af27d3c6d8aec5afa85e4307e772bd2f2cca8056aa8bafa63d4dd65dd2fb8977a9dbed3550&scene=58&subscene=0#rd) - 安全圈 - - [ ] [【安全圈】腾讯协助警方破获木马盗窃游戏账号案,涉案金额超 3000 万](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067304&idx=1&sn=e99889dcbf4e15a2ad7a2217e3f850a3&chksm=f36e79a8c419f0be15d9a86cb5b587e283772858d26f145297e29b9b3cde7371bfdb14bf0184&scene=58&subscene=0#rd) - - [ ] [【安全圈】勒索木马 Banshee 针对苹果 macOS 下手,冒充安全组件躲避检测](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067304&idx=2&sn=72944b1de7bb9205840492e28ba936b4&chksm=f36e79a8c419f0beeb3739f5c2b85fca0f00fde58f920f33c1f515465e6d0cb38db195bc441a&scene=58&subscene=0#rd) - - [ ] [【安全圈】卡西欧遭勒索软件攻击?8500人数据被窃取!](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067304&idx=3&sn=1f094579cd41cb8e1f1583f6eb592503&chksm=f36e79a8c419f0be1987e866d745c558b9b4a20e4ada1f1f63ccf2a0b42d84e9bf4434724c69&scene=58&subscene=0#rd) + - [ ] [【安全圈】建立数据跨境服务中心、便利化访问国际互联网,上海虹桥商务区国际贸易中心新平台建设进一步落实](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067321&idx=1&sn=dd8f1699f9d8cbba67e8abc6091ffa6c&chksm=f36e79b9c419f0af2618c6816f0e6608ea027b7cad85fab87f7b8f411d608609fcee8157d58f&scene=58&subscene=0#rd) + - [ ] [【安全圈】浙江某海岛发现间谍!抓了!](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067321&idx=2&sn=6fab346cb4be5016a1f9a40489cc5d01&chksm=f36e79b9c419f0af38c10930f488326095bfe4671378c6afd9bb07992f854d2172088ac98e14&scene=58&subscene=0#rd) + - [ ] [【安全圈】研究人员入侵苹果新 USB-C 控制器](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067321&idx=3&sn=0baa019796225a8a1f3681f24e502952&chksm=f36e79b9c419f0afe0189b75ee69031de31213c10e55e69f5d89c92abcaabad3e78d2661af5f&scene=58&subscene=0#rd) + - [ ] [【安全圈】微软起诉利用 Azure AI 创建有害内容的黑客组织](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067321&idx=4&sn=4ea1e634e045d59be08019f06a4fd52b&chksm=f36e79b9c419f0afb77e12ec0c05482c0c727401e2761ea07b3093e610802a46b227f479adae&scene=58&subscene=0#rd) +- XCTF联赛 + - [ ] [SUCTF 2025落幕|S1uM4i战队实力夺冠!](https://mp.weixin.qq.com/s?__biz=MjM5NDU3MjExNw==&mid=2247515484&idx=1&sn=0c506fe6fa7d8296675e4a1821546192&chksm=a6874f6691f0c6701e164a48a8ed8c4bde1eddca05b9ff21a02a8863935a46ed8b2e6c369f39&scene=58&subscene=0#rd) +- 慢雾科技 + - [ ] [慢雾:演员王星被骗事件相关聊天截图调查](https://mp.weixin.qq.com/s?__biz=MzU4ODQ3NTM2OA==&mid=2247500907&idx=1&sn=1e629e1d6e96b48b3c5962aadba90a92&chksm=fddebaeccaa933fac3c0ee1a35cabeede882a8c5d99b8cab223c3abf838eb73b0a8b16aac029&scene=58&subscene=0#rd) +- 唯品会安全应急响应中心 + - [ ] [2025,感恩一路有你活动](https://mp.weixin.qq.com/s?__biz=MzI5ODE0ODA5MQ==&mid=2652281687&idx=1&sn=7934a57fd8a96c7620b9cc67dbab42c9&chksm=f74872c3c03ffbd5a39cf25b67cca249855855c79ad62cc9f41efbfc513ddaa3dfb8523cad10&scene=58&subscene=0#rd) +- 数世咨询 + - [ ] [如何充分利用网络安全保险](https://mp.weixin.qq.com/s?__biz=MzkxNzA3MTgyNg==&mid=2247534049&idx=1&sn=2beee14167a5b03d33ff211f021b29aa&chksm=c144375cf633be4a2ef79af31f437db15f11d64a03e292555e3305690495a36e1d1963d05ab1&scene=58&subscene=0#rd) +- 情报分析师 + - [ ] [俄罗斯如何塑造间谍高手:训练体系深度剖析](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650558899&idx=1&sn=2915b6a37534cfc83230d3de7449dcaa&chksm=87117ff8b066f6ee06eb18ad521152f3716b0d9258666c7779e81b545c70bdc3cfceca103fa4&scene=58&subscene=0#rd) + - [ ] [【分析报告】蒙古国首都发生示威游行事件](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650558899&idx=2&sn=77b7afadae9bddf9b737487ca90c52fe&chksm=87117ff8b066f6ee084e62fc5d2a41918294746a76c56d216b230fd80f5b820b9186c49869df&scene=58&subscene=0#rd) + - [ ] [蒙古国与日本及欧洲合作的多维影响:地缘政治、军事与经济分析](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650558899&idx=3&sn=58043dc5d2b15fd6d20c09516df03fad&chksm=87117ff8b066f6eedba595c9c512b301a9789917018b6d62d28b3bc361131a4ba02ff17b2738&scene=58&subscene=0#rd) +- 网络空间安全科学学报 + - [ ] [“可信计算”专题征稿](https://mp.weixin.qq.com/s?__biz=MzI0NjU2NDMwNQ==&mid=2247504642&idx=1&sn=c447628a36e58e0247573195b34c3d8b&chksm=e9bfc7bcdec84eaa8510c6005dc89ac688fc5192fecb9e012fdf5b83d4f181e939f4ba124580&scene=58&subscene=0#rd) +- 嘶吼专业版 + - [ ] [2024中国网络安全产业势能榜优能企业「制造行业」典型案例展示](https://mp.weixin.qq.com/s?__biz=MzI0MDY1MDU4MQ==&mid=2247580751&idx=1&sn=38ed7d42fddd1b5e624f8f2ac1ec4a44&chksm=e9146c75de63e56358f97bd26b9565f64210ce19c2b9a55727c9b577b37fca91fab1a28f274a&scene=58&subscene=0#rd) + - [ ] [安全动态回顾|国家网络安全通报中心:重点防范境外恶意网址和恶意IP 超过4000个后门因注册过期域名而被劫持](https://mp.weixin.qq.com/s?__biz=MzI0MDY1MDU4MQ==&mid=2247580751&idx=2&sn=7886e26f1ed368509d62b0ced61b3b4c&chksm=e9146c75de63e563f72002cb53362e5fa9e384504cdfcc9ec47eacd59f6a3696caccfa63665a&scene=58&subscene=0#rd) +- 补天平台 + - [ ] [欢迎「金山云」入驻补天专属SRC!](https://mp.weixin.qq.com/s?__biz=MzI2NzY5MDI3NQ==&mid=2247507273&idx=1&sn=19b1a506b7082cf3e664e77cdd6e1e2e&chksm=eaf99505dd8e1c135ce0c1a1e5f8fd384644130faee4eae62a6916b89c631d8954aaab977e87&scene=58&subscene=0#rd) - 极客公园 - - [ ] [AI 巨头花钱买 UP 主「废片」训练 AI;「三折叠」投影仪现身;多地现发光不明飞行物,应急局:未接到异常通知|极客早知道](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653071852&idx=1&sn=8bfae10375f4237c5a546b2df6f3acac&chksm=7e57d45a49205d4c804e47147898cbc9af5d4a4c7a5749e93da824310ba3f5332631ec136946&scene=58&subscene=0#rd) -- 吴鲁加 - - [ ] [最近在试的学习工作方法](https://mp.weixin.qq.com/s?__biz=Mzg5NDY4ODM1MA==&mid=2247485142&idx=1&sn=404d04f9faadc52634e236ebd8a95b9a&chksm=c01a8be7f76d02f16927f92ee10be8d20555c480f00ae93e372a6421d5e07b5fdcd0d10c252f&scene=58&subscene=0#rd) + - [ ] [每年 CES 都在产生共识,今年的共识是「端侧 AI」](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653071933&idx=1&sn=d7693f2c1d7c3eb862f6ff0bb8526f41&chksm=7e57d78b49205e9da2a691dd98bdc22a24d333c801f0a90a5898a83a6b3d048af13a7b31efbe&scene=58&subscene=0#rd) + - [ ] [外国车企的「智能树」,原来是这么「点歪」的](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653071901&idx=1&sn=5864aeebb9264f2381a2342858667d85&chksm=7e57d7ab49205ebda200c07e6ee6ae1b853dcdb8a9c077758a7e777598d73c7045e16320a1c3&scene=58&subscene=0#rd) + - [ ] [英伟达员工 78% 成为百万富翁;三星推出可穿戴设备固态电池原型;苹果在英国面临 18.3 亿美元罚款 | 极客早知道](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653071869&idx=1&sn=6c39746dfc45cb66b03b8e02c4549351&chksm=7e57d44b49205d5deea6c8f731ebecc14742ed3ff7879b77c91745b654df34b03012ee061c86&scene=58&subscene=0#rd) +- 字节跳动技术团队 + - [ ] [豆包MarsCode新年宠粉|参与老带新,赢索尼PS5、HHKB键盘、京东卡等惊喜好礼](https://mp.weixin.qq.com/s?__biz=MzI1MzYzMjE0MQ==&mid=2247512805&idx=1&sn=83842ceb2d52096df8947db282dcdc4c&chksm=e9d37907dea4f011803f1ed11270cfa75f7b5614ef994bc46b4d4f34d809b4a87f8e830f56c2&scene=58&subscene=0#rd) +- 威胁猎人Threat Hunter + - [ ] [【黑产大数据】2024年数据泄露风险态势报告](https://mp.weixin.qq.com/s?__biz=MzI3NDY3NDUxNg==&mid=2247498732&idx=1&sn=4ba0213d21420c4b3a5fdde9907f5853&chksm=eb12ddd7dc6554c159f48548263a9a233949da1046c171f8b9bb2618db59d043d9bacf4bd21d&scene=58&subscene=0#rd) +- CNVD漏洞平台 + - [ ] [CNVD漏洞周报2025年第2期](https://mp.weixin.qq.com/s?__biz=MzU3ODM2NTg2Mg==&mid=2247495678&idx=1&sn=7e9c30d0d4f9240a45a5e9618ff48fdb&chksm=fd74df37ca03562164a2b3c76c24dc512ef7ad74eb26251804eb0b78b40a3220adf127ca577f&scene=58&subscene=0#rd) + - [ ] [上周关注度较高的产品安全漏洞(20250106-20250112)](https://mp.weixin.qq.com/s?__biz=MzU3ODM2NTg2Mg==&mid=2247495678&idx=2&sn=27fbe9305e2b484bc5effac02d04f64a&chksm=fd74df37ca0356219bbde36812ef8acecf2a9c42679ccda3598d1c426be88c2934c747fbbb77&scene=58&subscene=0#rd) +- 阿里安全响应中心 + - [ ] [第七届入侵检测挑战赛报名开启!](https://mp.weixin.qq.com/s?__biz=MzIxMjEwNTc4NA==&mid=2652997294&idx=1&sn=ec666eebc045f5a7137e852bd81614c9&chksm=8c9e09f9bbe980efd176856df4a8a886d129663f65f3bd92dfbefa211145e734dd0e7fb7aaeb&scene=58&subscene=0#rd) +- 360数字安全 + - [ ] [2024,我们这一年|“AI”启新章 安全踏新程!](https://mp.weixin.qq.com/s?__biz=MzA4MTg0MDQ4Nw==&mid=2247578968&idx=1&sn=2179071a8126d2033abf57b40c957aff&chksm=9f8d2550a8faac464879455a2b8d765d89bd3a0d869d68221fb1610e7288441f554d5df8f067&scene=58&subscene=0#rd) + - [ ] [喜报!360入围中央国家机关及多地省政府采购名单!](https://mp.weixin.qq.com/s?__biz=MzA4MTg0MDQ4Nw==&mid=2247578968&idx=2&sn=122c7d0f43281f375fa24d61e5c03b76&chksm=9f8d2550a8faac462bc8b72d219989082a053da57d4152426bebd0063636c435c8f470cadc01&scene=58&subscene=0#rd) - Over Security - Cybersecurity news aggregator - - [ ] [Phishing texts trick Apple iMessage users into disabling protection](https://www.bleepingcomputer.com/news/security/phishing-texts-trick-apple-imessage-users-into-disabling-protection/) - - [ ] [Pastor who saw crypto project in his "dream" indicted for fraud](https://www.bleepingcomputer.com/news/legal/pastor-who-saw-crypto-project-in-his-dream-indicted-for-fraud/) - - [ ] [Guerre di Rete - Italia, Musk e Ue: che partite si stanno giocando](https://guerredirete.substack.com/p/guerre-di-rete-italia-musk-e-ue-che) - - [ ] [Analysis of Counter-Ransomware Activities in 2024](https://blog.bushidotoken.net/2025/01/analysis-of-counter-ransomware.html) - - [ ] [SuperDraft - 300,187 breached accounts](https://haveibeenpwned.com/PwnedWebsites#SuperDraft) -- IT Service Management News - - [ ] [US Cyber Trust Mark Program](http://blog.cesaregallotti.it/2025/01/us-cyber-trust-mark-program.html) + - [ ] [OneBlood confirms personal data stolen in July ransomware attack](https://www.bleepingcomputer.com/news/security/oneblood-confirms-personal-data-stolen-in-july-ransomware-attack/) + - [ ] [Stealer Logs, Jan 2025 - 71,039,833 breached accounts](https://haveibeenpwned.com/PwnedWebsites#StealerLogsJan2025) + - [ ] [Major location data broker reports hack to Norwegian authorities](https://therecord.media/location-data-broker-gravy-breach) + - [ ] [CISA orders agencies to patch BeyondTrust bug exploited in attacks](https://www.bleepingcomputer.com/news/security/cisa-orders-agencies-to-patch-beyondtrust-bug-exploited-in-attacks/) + - [ ] [Hackers with likely Kremlin ties target Kazakhstan in espionage campaign](https://therecord.media/hackers-kremlin-kazakhstan-espionage-campaign) + - [ ] [Stolen Path of Exile 2 admin account used to hack player accounts](https://www.bleepingcomputer.com/news/security/stolen-path-of-exile-2-admin-account-used-to-hack-player-accounts/) + - [ ] [Turks and Caicos recovering from pre-Christmas ransomware attack](https://therecord.media/turks-and-caicos-recovering-from-ransomware-attack) + - [ ] [Poland uncovers Russia-linked disinformation campaign targeting upcoming presidential election](https://therecord.media/poland-uncovers-russia-linked-disinformation-campaign-presidential-election) + - [ ] [‘Codefinger’ hackers encrypting Amazon cloud storage buckets](https://therecord.media/hackers-encrypting-amazon-cloud-buckets) + - [ ] [Microsoft: macOS bug lets hackers install malicious kernel drivers](https://www.bleepingcomputer.com/news/security/microsoft-macos-bug-lets-hackers-install-malicious-kernel-drivers/) + - [ ] [Hackers exploit critical Aviatrix Controller RCE flaw in attacks](https://www.bleepingcomputer.com/news/security/hackers-exploit-critical-aviatrix-controller-rce-flaw-in-attacks/) + - [ ] [Texas sues Allstate, alleging it violated data privacy rights of 45 million Americans](https://therecord.media/texas-sues-allstate-data-privacy-cars) + - [ ] [UK domain registry Nominet confirms breach via Ivanti zero-day](https://www.bleepingcomputer.com/news/security/uk-domain-registry-nominet-confirms-breach-via-ivanti-zero-day-vulnerability/) + - [ ] [BforeAI Series B Announcement Brief](https://bfore.ai/bforeai-secures-series-b-funding-to-preempt-malicious-attacks-through-precrime-ai/) + - [ ] [Ransomware abuses Amazon AWS feature to encrypt S3 buckets](https://www.bleepingcomputer.com/news/security/ransomware-abuses-amazon-aws-feature-to-encrypt-s3-buckets/) + - [ ] [Rep. Don Bacon on cyber deterrence: ‘Speak softly and carry a big ass stick’](https://therecord.media/rep-don-bacon-interview-cyber-deterrence-china-nsa) + - [ ] [Inside the Active Threats of Ivanti’s Exploited Vulnerabilities](https://cyble.com/blog/ivanti-exploited-vulnerabilites/) + - [ ] [Chrome Web Store is a mess](https://palant.info/2025/01/13/chrome-web-store-is-a-mess/) + - [ ] [Banshee macOS sfrutta XProtect di Apple per eludere i controlli di sicurezza](https://www.securityinfo.it/2025/01/13/banshee-macos-sfrutta-xprotect-di-apple-per-eludere-i-controlli-di-sicurezza/) + - [ ] [BIScience: Collecting browsing history under false pretenses](https://palant.info/2025/01/13/biscience-collecting-browsing-history-under-false-pretenses/) + - [ ] [Cyberattack forces Dutch university to cancel lectures](https://therecord.media/tu-eindhoven-cyberattack-lectures-canceled) + - [ ] [CyberSecurity Malaysia Flags Major Threats in Chrome and WordPress – Are You Safe?](https://cyble.com/blog/cybersecurity-malaysia-flags-major-threats-in-chrome-and-wordpress-are-you-safe/) + - [ ] [Microsoft MFA outage blocking access to Microsoft 365 apps](https://www.bleepingcomputer.com/news/microsoft/microsoft-mfa-outage-blocking-access-to-microsoft-365-apps/) + - [ ] [Double-Tap Campaign : Russia-nexus APT possibly related to APT28 conducts cyber espionage on Central Asia and Kazakhstan diplomatic relations](https://blog.sekoia.io/double-tap-campaign-russia-nexus-apt-possibly-related-to-apt28-conducts-cyber-espionage-on-central-asia-and-kazakhstan-diplomatic-relations/) + - [ ] [Analisi di una campagna Lumma Stealer con falso CAPTCHA condotta attraverso domino italiano compromesso](https://cert-agid.gov.it/news/analisi-di-una-campagna-lumma-stealer-con-falso-captcha-condotta-attraverso-domino-italiano-compromesso/) + - [ ] [Threat Intelligence - Vulnerability insights](https://www.certego.net/blog/whitepaper-dicembre-2024-threat-intelligence-insights/) + - [ ] [CERT-AGID 4 – 10 gennaio: Vidar protagonista con una campagna malspam](https://www.securityinfo.it/2025/01/13/cert-agid-4-10-gennaio-vidar-protagonista-con-una-campagna-malspam/) + - [ ] [Scholastic - 4,247,768 breached accounts](https://haveibeenpwned.com/PwnedWebsites#Scholastic) +- 山石网科安全技术研究院 + - [ ] [2024年度智能网联汽车重点安全漏洞盘点](https://mp.weixin.qq.com/s?__biz=MzUzMDUxNTE1Mw==&mid=2247509761&idx=1&sn=a2cbe8ad893d3ab348e298ee016644dc&chksm=fa5272bfcd25fba90c69028243dcc3561afae389ab16a31faf15d757d37a79fd51eea2856d83&scene=58&subscene=0#rd) - Have I Been Pwned latest breaches - - [ ] [SuperDraft - 300,187 breached accounts](https://haveibeenpwned.com/PwnedWebsites#SuperDraft) -- SANS Internet Storm Center, InfoCON: green - - [ ] [Multi-OLE, (Sun, Jan 12th)](https://isc.sans.edu/diary/rss/31580) - - [ ] [Wireshark 4.4.3 Released, (Sat, Jan 11th)](https://isc.sans.edu/diary/rss/31578) -- Troy Hunt's Blog - - [ ] [Weekly Update 434](https://www.troyhunt.com/weekly-update-434/) -- TorrentFreak - - [ ] [Nhentai Asks California Court to Dismiss Piracy Lawsuit](https://torrentfreak.com/nhentai-asks-california-court-to-dismiss-piracy-lawsuit-250112/) -- 白泽安全实验室 - - [ ] [网络安全领域研究人员遭遇假PoC专项攻击](https://mp.weixin.qq.com/s?__biz=MzI0MTE4ODY3Nw==&mid=2247492518&idx=1&sn=d4196de8b812e3a2d29209b50328cec0&chksm=e90dc98cde7a409a795581029d39c4e66bc71c3ad662c7e7c84782d0baae9a74a858889ab838&scene=58&subscene=0#rd) -- FuzzWiki - - [ ] [Bleem: 面向数据包序列的协议模糊测试 | 技术进展](https://mp.weixin.qq.com/s?__biz=MzU1NTEzODc3MQ==&mid=2247486874&idx=1&sn=311b59a1953758bc2f69485cbf107d4b&chksm=fbd9a626ccae2f30d7167e5d9ee742af35355e569368a8dbc1d983fbcb3d90104f174138b5fa&scene=58&subscene=0#rd) + - [ ] [Stealer Logs, Jan 2025 - 71,039,833 breached accounts](https://haveibeenpwned.com/PwnedWebsites#StealerLogsJan2025) + - [ ] [Scholastic - 4,247,768 breached accounts](https://haveibeenpwned.com/PwnedWebsites#Scholastic) +- Krypt3ia + - [ ] [The Evolution of Cybercrime Cartels: From Lone Wolves to Sophisticated Syndicates](https://krypt3ia.wordpress.com/2025/01/13/the-evolution-of-cybercrime-cartels-from-lone-wolves-to-sophisticated-syndicates/) + - [ ] [Top 5 Non-State Actor Groups Targeting Critical Infrastructure](https://krypt3ia.wordpress.com/2025/01/13/top-5-non-state-actor-groups-targeting-critical-infrastructure/) +- ICT Security Magazine + - [ ] [Cyber Resilience Act: Un Nuovo Strumento per la Sicurezza Digitale nell’UE](https://www.ictsecuritymagazine.com/articoli/cyber-resilience-act-sicurezza-digitale/) +- 0x727开源安全团队 + - [ ] [论安全运营的本质(第十章)](https://mp.weixin.qq.com/s?__biz=MzkwNTI3MjIyOQ==&mid=2247484113&idx=1&sn=7f019dca19eb8721e20b86ecde235940&chksm=c0fb0c1bf78c850dafefd9f5fdac7388b99e83af92a1362a090064fdd8b2a8e1fb1a796bb01a&scene=58&subscene=0#rd) +- 安全村SecUN + - [ ] [【极思】安全运营第6年实践总结](https://mp.weixin.qq.com/s?__biz=MzkyODM5NzQwNQ==&mid=2247496429&idx=1&sn=379e57e4ac389d0afadd44e65168dfcd&chksm=c21bd3dff56c5ac935b25b0568822053fb5bed39a4db28a35ffa2ea0c7ede3755f7071dd353f&scene=58&subscene=0#rd) - 迪哥讲事 - - [ ] [SSRF 漏洞自动化 寻找](https://mp.weixin.qq.com/s?__biz=MzIzMTIzNTM0MA==&mid=2247496832&idx=1&sn=5c72712e20772f2279b09ca9a748afc2&chksm=e8a5fee3dfd277f5990fbe3dfe7247c7dd7bf125a233ad4ec99a8afb49b1b2e29ae25f7866b6&scene=58&subscene=0#rd) + - [ ] [抛开day不谈,为什么同样一个站你挖不到洞,别人却能咔咔上分?](https://mp.weixin.qq.com/s?__biz=MzIzMTIzNTM0MA==&mid=2247496846&idx=1&sn=446f62009a5b4a78356459656e925b2a&chksm=e8a5feeddfd277fbb42bbd793665bc8de01733bf220a34f8ece1e83142823685a046f1dd4699&scene=58&subscene=0#rd) +- Troy Hunt's Blog + - [ ] [Experimenting with Stealer Logs in Have I Been Pwned](https://www.troyhunt.com/experimenting-with-stealer-logs-in-have-i-been-pwned/) +- SANS Internet Storm Center, InfoCON: green + - [ ] [ISC Stormcast For Tuesday, January 14th, 2025 https://isc.sans.edu/podcastdetail/9278, (Mon, Jan 13th)](https://isc.sans.edu/diary/rss/31588) + - [ ] [Hikvision Password Reset Brute Forcing, (Mon, Jan 13th)](https://isc.sans.edu/diary/rss/31586) + - [ ] [ISC Stormcast For Monday, January 13th, 2025 https://isc.sans.edu/podcastdetail/9276, (Mon, Jan 13th)](https://isc.sans.edu/diary/rss/31584) +- Posts By SpecterOps Team Members - Medium + - [ ] [Part 16: Tool Description](https://posts.specterops.io/part-16-tool-description-e09506ebc2c7?source=rss----f05f8696e3cc---4) +- Securityinfo.it + - [ ] [Banshee macOS sfrutta XProtect di Apple per eludere i controlli di sicurezza](https://www.securityinfo.it/2025/01/13/banshee-macos-sfrutta-xprotect-di-apple-per-eludere-i-controlli-di-sicurezza/?utm_source=rss&utm_medium=rss&utm_campaign=banshee-macos-sfrutta-xprotect-di-apple-per-eludere-i-controlli-di-sicurezza) + - [ ] [CERT-AGID 4 – 10 gennaio: Vidar protagonista con una campagna malspam](https://www.securityinfo.it/2025/01/13/cert-agid-4-10-gennaio-vidar-protagonista-con-una-campagna-malspam/?utm_source=rss&utm_medium=rss&utm_campaign=cert-agid-4-10-gennaio-vidar-protagonista-con-una-campagna-malspam) +- Schneier on Security + - [ ] [Microsoft Takes Legal Action Against AI “Hacking as a Service” Scheme](https://www.schneier.com/blog/archives/2025/01/microsoft-takes-legal-action-against-ai-hacking-as-a-service-scheme.html) +- Graham Cluley + - [ ] [Pastor’s “dream” crypto scheme alleged to be a multi-million dollar scam](https://www.bitdefender.com/en-us/blog/hotforsecurity/pastors-dream-crypto-scheme-alleged-to-be-a-multi-million-dollar-scam) +- The Hacker News + - [ ] [Hackers Exploit Aviatrix Controller Vulnerability to Deploy Backdoors and Crypto Miners](https://thehackernews.com/2025/01/hackers-exploit-aviatrix-controller.html) + - [ ] [⚡ THN Weekly Recap: Top Cybersecurity Threats, Tools and Tips [13 January]](https://thehackernews.com/2025/01/thn-weekly-recap-top-cybersecurity_01424177917.html) + - [ ] [Ransomware on ESXi: The Mechanization of Virtualized Attacks](https://thehackernews.com/2025/01/ransomware-on-esxi-mechanization-of.html) + - [ ] [WordPress Skimmers Evade Detection by Injecting Themselves into Database Tables](https://thehackernews.com/2025/01/wordpress-skimmers-evade-detection-by.html) + - [ ] [Expired Domains Allowed Control Over 4,000 Backdoors on Compromised Systems](https://thehackernews.com/2025/01/expired-domains-allowed-control-over.html) +- Instapaper: Unread + - [ ] [Candy Crush, Tinder, MyFitnessPal See the Thousands of Apps Hijacked to Spy on Your Location](https://www.wired.com/story/gravy-location-data-app-leak-rtb/) + - [ ] [Robot Vacuums Hacked To Spy On Their Owners](https://cybersecuritynews.com/robot-vacuums-hacked/) + - [ ] [L'iPad Pro che si autodistrugge in caso di morte dell'utente](https://www.wired.it/article/ipad-pro-morte-in-case-of-death/) + - [ ] [Attacchi hacker filorussi all’Italia. Il cyber-caos come arma ibrida di Mosca](https://formiche.net/2025/01/italia-filorussi-hacker/) - Computer Forensics - - [ ] [Dream equipement](https://www.reddit.com/r/computerforensics/comments/1hzw6t7/dream_equipement/) - - [ ] [Will live acquisition result in different hash values using FTK?](https://www.reddit.com/r/computerforensics/comments/1hzp7ny/will_live_acquisition_result_in_different_hash/) -- Your Open Hacker Community - - [ ] [Check out a botnet (c2) framework I made!](https://www.reddit.com/r/HowToHack/comments/1hztta4/check_out_a_botnet_c2_framework_i_made/) - - [ ] [Dell admin pw](https://www.reddit.com/r/HowToHack/comments/1hzvwwu/dell_admin_pw/) - - [ ] [Where to find phishing templates?](https://www.reddit.com/r/HowToHack/comments/1hzlv04/where_to_find_phishing_templates/) - - [ ] [Trace a call spoofer](https://www.reddit.com/r/HowToHack/comments/1hzpbak/trace_a_call_spoofer/) - - [ ] [Does anyone know any effective websites to learn efficient and relevant hacking methods that teach with simplicity and are free](https://www.reddit.com/r/HowToHack/comments/1hzsc4j/does_anyone_know_any_effective_websites_to_learn/) - - [ ] [KANN MAN HIER HACKEN LERNEN ?](https://www.reddit.com/r/HowToHack/comments/1hzv1o0/kann_man_hier_hacken_lernen/) - - [ ] [Need help with switching accounts once logged into a site](https://www.reddit.com/r/HowToHack/comments/1hzjamc/need_help_with_switching_accounts_once_logged/) - - [ ] [Help](https://www.reddit.com/r/HowToHack/comments/1hzi5gh/help/) - - [ ] [Hi guys, Can someone crack a $zip2$ hash?](https://www.reddit.com/r/HowToHack/comments/1hzgzjv/hi_guys_can_someone_crack_a_zip2_hash/) - - [ ] [Hack Iphone with charger](https://www.reddit.com/r/HowToHack/comments/1hzbsmp/hack_iphone_with_charger/) - - [ ] [IP](https://www.reddit.com/r/HowToHack/comments/1hzdh3n/ip/) + - [ ] [Using an MD5 hash to validate evidence](https://www.reddit.com/r/computerforensics/comments/1i0ofl7/using_an_md5_hash_to_validate_evidence/) + - [ ] [Tools I should learn?](https://www.reddit.com/r/computerforensics/comments/1i0d8h6/tools_i_should_learn/) - Technical Information Security Content & Discussion - - [ ] [Exploitation Walkthrough and Techniques - Ivanti Connect Secure RCE (CVE-2025-0282) - watchTowr Labs](https://www.reddit.com/r/netsec/comments/1hzipca/exploitation_walkthrough_and_techniques_ivanti/) -- Hacking Exposed Computer Forensics Blog - - [ ] [Daily Blog #715: Solution Saturday 1/11/25](https://www.hecfblog.com/2025/01/daily-blog-715-solution-saturday-11125.html) + - [ ] [Fireblocks Black Box Security Review](https://www.reddit.com/r/netsec/comments/1i0gmdv/fireblocks_black_box_security_review/) +- TorrentFreak + - [ ] [ISP Huffs and Puffs Then Apologizes to 3 Little Piggies Over Pirate Downloads](https://torrentfreak.com/isp-huffs-and-puffs-then-apologizes-to-3-little-piggies-over-pirate-downloads-250113/) + - [ ] [MissAV: One of the World’s Largest ‘Pirate’ Sites Targeted in Takedown Effort](https://torrentfreak.com/missav-one-of-the-worlds-largest-pirate-sites-targeted-in-takedown-effort-250113/) +- Your Open Hacker Community + - [ ] [Feeling im so behind in cybersecurity](https://www.reddit.com/r/HowToHack/comments/1i0oa70/feeling_im_so_behind_in_cybersecurity/) + - [ ] [Insta problem](https://www.reddit.com/r/HowToHack/comments/1i0qyt4/insta_problem/) + - [ ] [How to connect](https://www.reddit.com/r/HowToHack/comments/1i0oz3r/how_to_connect/) + - [ ] [What should i learn first when it comes to hacking?](https://www.reddit.com/r/HowToHack/comments/1i0a33k/what_should_i_learn_first_when_it_comes_to_hacking/) + - [ ] [How do I recognize a o.mg cable?](https://www.reddit.com/r/HowToHack/comments/1i0mty3/how_do_i_recognize_a_omg_cable/) + - [ ] [Email info](https://www.reddit.com/r/HowToHack/comments/1i0iuzt/email_info/) + - [ ] [How to make a " creek" with a pump and a retention pond?](https://www.reddit.com/r/HowToHack/comments/1i0msvj/how_to_make_a_creek_with_a_pump_and_a_retention/) + - [ ] [How?](https://www.reddit.com/r/HowToHack/comments/1i0auj4/how/) + - [ ] [Can someone help with my friend's account?](https://www.reddit.com/r/HowToHack/comments/1i0fafc/can_someone_help_with_my_friends_account/) + - [ ] [How to start your own website](https://www.reddit.com/r/HowToHack/comments/1i0583q/how_to_start_your_own_website/) + - [ ] [I need to know if there’s anyway I can bypass a game suspension?](https://www.reddit.com/r/HowToHack/comments/1i09z4w/i_need_to_know_if_theres_anyway_i_can_bypass_a/) + - [ ] [Is it possible to find the server IP of a game while playing it on PC?](https://www.reddit.com/r/HowToHack/comments/1i070ch/is_it_possible_to_find_the_server_ip_of_a_game/) +- netsecstudents: Subreddit for students studying Network Security and its related subjects + - [ ] [[Micro Challenge] Break YieldCat's Markdown Validation Checks - Active Until Jan 20](https://www.reddit.com/r/netsecstudents/comments/1i0ag5t/micro_challenge_break_yieldcats_markdown/) + - [ ] [I created a website to apply my knowledge of AI and Natural Language Processing into something useful](https://www.reddit.com/r/netsecstudents/comments/1i05t70/i_created_a_website_to_apply_my_knowledge_of_ai/) +- The Register - Security + - [ ] [Cryptojacking, backdoors abound as fiends abuse Aviatrix Controller bug](https://go.theregister.com/feed/www.theregister.com/2025/01/13/severe_aviatrix_controller_vulnerability/) + - [ ] [Microsoft sues 'foreign-based' cyber-crooks, seizes sites used to abuse AI](https://go.theregister.com/feed/www.theregister.com/2025/01/13/microsoft_sues_foreignbased_crims_seizes/) + - [ ] [Azure, Microsoft 365 MFA outage locks out users across regions](https://go.theregister.com/feed/www.theregister.com/2025/01/13/azure_m365_outage/) + - [ ] [NATO's newest member comes out swinging following latest Baltic Sea cable attack](https://go.theregister.com/feed/www.theregister.com/2025/01/13/sweden_baltic_cable_attack/) + - [ ] [Ransomware crew abuses AWS native encryption, sets data-destruct timer for 7 days](https://go.theregister.com/feed/www.theregister.com/2025/01/13/ransomware_crew_abuses_compromised_aws/) + - [ ] [Nominet probes network intrusion linked to Ivanti zero-day exploit](https://go.theregister.com/feed/www.theregister.com/2025/01/13/nominet_ivanti_zero_day/) + - [ ] [Europe coughs up €400 to punter after breaking its own GDPR data protection rules](https://go.theregister.com/feed/www.theregister.com/2025/01/13/data_broker_hacked/) - Security Affairs - - [ ] [Pro-Russia hackers NoName057 targets Italy again after Zelensky’s visit to the country](https://securityaffairs.com/172982/hacktivism/noname057-targets-italy.html) - - [ ] [SECURITY AFFAIRS MALWARE NEWSLETTER – ROUND 28](https://securityaffairs.com/172978/malware/security-affairs-malware-newsletter-round-28.html) - - [ ] [Security Affairs newsletter Round 506 by Pierluigi Paganini – INTERNATIONAL EDITION](https://securityaffairs.com/172972/breaking-news/security-affairs-newsletter-round-506-by-pierluigi-paganini-international-edition.html) - - [ ] [How a researcher earned $100,000 hacking a Facebook server](https://securityaffairs.com/172964/hacking/researcher-earned-100000-hacking-facebook-server.html) + - [ ] [U.S. CISA adds BeyondTrust PRA and RS and Qlik Sense flaws to its Known Exploited Vulnerabilities catalog](https://securityaffairs.com/173031/security/u-s-cisa-adds-beyondtrust-pra-and-rs-and-qlik-sense-flaws-to-its-known-exploited-vulnerabilities-catalog.html) + - [ ] [Inexperienced actors developed the FunkSec ransomware using AI tools](https://securityaffairs.com/173018/cyber-crime/funksec-ransomware-was-developed-using-ai-tools.html) + - [ ] [Credit Card Skimmer campaign targets WordPress via database injection](https://securityaffairs.com/173010/malware/stealthy-credit-card-skimmer-targets-wordpress.html) + - [ ] [Microsoft took legal action against crooks who developed a tool to abuse its AI-based services](https://securityaffairs.com/173000/cyber-crime/microsoft-took-legal-action-against-crooks-developed-a-tool-to-abuse-its-ai.html) +- Deeplinks + - [ ] [Five Things to Know about the Supreme Court Case on Texas’ Age Verification Law, Free Speech Coalition v Paxton](https://www.eff.org/deeplinks/2025/01/five-things-know-about-supreme-court-case-texas-age-verification-law-free-speech) - Blackhat Library: Hacking techniques and research - - [ ] [Black Hat Training pass doesn't include main event Briefings](https://www.reddit.com/r/blackhat/comments/1hzs0nd/black_hat_training_pass_doesnt_include_main_event/) -- Randy Westergren - - [ ] [Building pyodbc for AWS Lambda’s Python 3.13 Runtime](https://randywestergren.com/building-pyodbc-for-aws-lambdas-python-3-13-runtime/) -- 银针安全 - - [ ] [在spring-aop中挖掘新反序列化gadget-chain](https://mp.weixin.qq.com/s?__biz=Mzg2MDY2ODc5MA==&mid=2247484198&idx=1&sn=6b6a82bb543e879295b7cd2d85f3a37f&chksm=ce23953ff9541c29418831b4e192b385e5c92d59562b40a7a28283e8468773caac9ad9736b1c&scene=58&subscene=0#rd) -- Dark Space Blogspot - - [ ] [Il Segreto Di Chiavalentine Su Youtube: Successo Reale o Fake?](http://darkwhite666.blogspot.com/2025/01/il-segreto-del-successo-di.html) + - [ ] [I created a Cybersecurity Hub - All cyber tools and resources!](https://www.reddit.com/r/blackhat/comments/1i09dxz/i_created_a_cybersecurity_hub_all_cyber_tools_and/) +- Hacking Exposed Computer Forensics Blog + - [ ] [Daily Blog #716: Sunday Funday 1/12/25](https://www.hecfblog.com/2025/01/daily-blog-716-sunday-funday-11225.html) +- Security Weekly Podcast Network (Audio) + - [ ] [How threat-informed defense benefits each security team member - Frank Duff, Nathan Sportsman - ESW #389](http://sites.libsyn.com/18678/how-threat-informed-defense-benefits-each-security-team-member-frank-duff-nathan-sportsman-esw-389) From 0b0164306359b1357508c3ec9741516e4182ca70 Mon Sep 17 00:00:00 2001 From: chainreactorbot Date: Wed, 15 Jan 2025 02:45:37 +0000 Subject: [PATCH 11/29] =?UTF-8?q?=E6=AF=8F=E6=97=A5=E5=AE=89=E5=85=A8?= =?UTF-8?q?=E8=B5=84=E8=AE=AF=EF=BC=882025-01-15=EF=BC=89?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- archive/daily/2025/2025-01-15.md | 406 +++++++++++++++ archive/tmp/2025-01-15.json | 486 ++++++++++++++++++ today.md | 840 ++++++++++++++----------------- 3 files changed, 1270 insertions(+), 462 deletions(-) create mode 100644 archive/daily/2025/2025-01-15.md create mode 100644 archive/tmp/2025-01-15.json diff --git a/archive/daily/2025/2025-01-15.md b/archive/daily/2025/2025-01-15.md new file mode 100644 index 0000000000..eccf122efb --- /dev/null +++ b/archive/daily/2025/2025-01-15.md @@ -0,0 +1,406 @@ +# 每日安全资讯(2025-01-15) + +- 奇安信攻防社区 + - [ ] [从嵌入式系统到网络设备:路由器安全攻防技术详解](https://forum.butian.net/share/3995) + - [ ] [windows内核驱动开发](https://forum.butian.net/share/4034) + - [ ] [ognl+cc 依赖绕过沙箱](https://forum.butian.net/share/4037) +- Private Feed for M09Ic + - [ ] [safedv starred Karneades/malware-persistence](https://github.com/Karneades/malware-persistence) + - [ ] [safedv starred TabbyML/tabby](https://github.com/TabbyML/tabby) + - [ ] [safedv starred securitytemplates/sectemplates](https://github.com/securitytemplates/sectemplates) + - [ ] [mgeeky starred strandjs/IntroLabs](https://github.com/strandjs/IntroLabs) + - [ ] [BishopFox made BishopFox/raink public](https://github.com/BishopFox/raink) + - [ ] [mgeeky starred Neo23x0/sysmon-config](https://github.com/Neo23x0/sysmon-config) + - [ ] [zer0yu starred yqcs/prismx](https://github.com/yqcs/prismx) + - [ ] [zer0yu starred OWASP/www-project-asvs-security-evaluation-templates-with-nuclei](https://github.com/OWASP/www-project-asvs-security-evaluation-templates-with-nuclei) + - [ ] [zer0yu started following vztu](https://github.com/vztu) + - [ ] [mgeeky starred S3lrius/okta-mullvad-siege](https://github.com/S3lrius/okta-mullvad-siege) + - [ ] [zer0yu started following nicowaisman](https://github.com/nicowaisman) + - [ ] [kpcyrd forked kpcyrd/espflash from esp-rs/espflash](https://github.com/kpcyrd/espflash) + - [ ] [liamg starred dhanishgajjar/vscode-icons](https://github.com/dhanishgajjar/vscode-icons) + - [ ] [glzjin released v1.0.0 at glzjin/lzc-uid-impersonation](https://github.com/glzjin/lzc-uid-impersonation/releases/tag/v1.0.0) + - [ ] [glzjin created a repository glzjin/lzc-uid-impersonation](https://github.com/glzjin/lzc-uid-impersonation//) + - [ ] [Ascotbe starred xpipe-io/xpipe](https://github.com/xpipe-io/xpipe) + - [ ] [safedv starred EvilBytecode/GoDefender](https://github.com/EvilBytecode/GoDefender) + - [ ] [safedv starred BlackSnufkin/NyxInvoke](https://github.com/BlackSnufkin/NyxInvoke) + - [ ] [safedv starred mar10/wsgidav](https://github.com/mar10/wsgidav) + - [ ] [safedv starred Offensive-Panda/ShadowDumper](https://github.com/Offensive-Panda/ShadowDumper) + - [ ] [su18 started following apangin](https://github.com/apangin) + - [ ] [zer0yu starred RedByte1337/GraphSpy](https://github.com/RedByte1337/GraphSpy) + - [ ] [su18 starred yanqi27/core_analyzer](https://github.com/yanqi27/core_analyzer) + - [ ] [lijiejie started following 78](https://github.com/78) + - [ ] [Rvn0xsy starred 0xPlaygrounds/rig](https://github.com/0xPlaygrounds/rig) + - [ ] [FunnyWolf starred androguard/androguard](https://github.com/androguard/androguard) + - [ ] [Rvn0xsy starred astral-sh/uv](https://github.com/astral-sh/uv) + - [ ] [INotGreen starred natemcmaster/DotNetCorePlugins](https://github.com/natemcmaster/DotNetCorePlugins) + - [ ] [4ra1n started following yuanhaiGreg](https://github.com/yuanhaiGreg) + - [ ] [su18 started following Ape1ron](https://github.com/Ape1ron) +- 安全脉搏 + - [ ] [Windows远程桌面的奇技淫巧](https://www.secpulse.com/archives/205196.html) + - [ ] [JMX 反序列化漏洞](https://www.secpulse.com/archives/205242.html) + - [ ] [某个OA系统的代码审计](https://www.secpulse.com/archives/205256.html) +- 嘶吼 RoarTalk – 网络安全行业综合服务平台,4hou.com + - [ ] [CACTER直播预告:大模型网关新品抢先知,惊喜积分礼盒等您兑](https://www.4hou.com/posts/YZYY) + - [ ] [喜报!360入围中央国家机关及多地省政府采购名单](https://www.4hou.com/posts/ZgGg) + - [ ] [2024 年加密货币钱包盗取事件金额多达 4.94 亿美元](https://www.4hou.com/posts/wxgX) + - [ ] [国投智能2024年度十大事件揭晓](https://www.4hou.com/posts/XPXV) +- CXSECURITY Database RSS Feed - CXSecurity.com + - [ ] [IIT Bombay Bodhitree- Malicious Code injection](https://cxsecurity.com/issue/WLB-2025010016) + - [ ] [TheDotStudios Web Application Union-based Sql Injection](https://cxsecurity.com/issue/WLB-2025010015) + - [ ] [FSB: FOR and AGAINST XSS Vulnerability](https://cxsecurity.com/issue/WLB-2025010014) +- Recent Commits to cve:main + - [ ] [Update Tue Jan 14 20:23:05 UTC 2025](https://github.com/trickest/cve/commit/2b68f28ad7d72be76ceb432454fd1e3de100a91e) + - [ ] [Update Tue Jan 14 12:15:13 UTC 2025](https://github.com/trickest/cve/commit/092338135fdd51d78ed23be4a9c2576af612967d) + - [ ] [Update Tue Jan 14 04:11:31 UTC 2025](https://github.com/trickest/cve/commit/d29be7fc385546f1f15f732420b3469cf35461fb) +- Security Boulevard + - [ ] [The Future of Cybersecurity: Global Outlook 2025 and Beyond](https://securityboulevard.com/2025/01/the-future-of-cybersecurity-global-outlook-2025-and-beyond/) + - [ ] [Unsafe Deserialization Attacks Surge | December Attack Data | Contrast Security](https://securityboulevard.com/2025/01/unsafe-deserialization-attacks-surge-december-attack-data-contrast-security/) + - [ ] [How to Prevent Risk From Unknown Build Assets](https://securityboulevard.com/2025/01/how-to-prevent-risk-from-unknown-build-assets/) + - [ ] [CVE-2024-55591: Fortinet Authentication Bypass Zero-Day Vulnerability Exploited in the Wild](https://securityboulevard.com/2025/01/cve-2024-55591-fortinet-authentication-bypass-zero-day-vulnerability-exploited-in-the-wild/) + - [ ] [DEF CON 32 – Pick Your Poison: Navigating A Secure Clean Energy Transition](https://securityboulevard.com/2025/01/def-con-32-pick-your-poison-navigating-a-secure-clean-energy-transition/) + - [ ] [Microsoft’s January 2025 Patch Tuesday Addresses 157 CVEs (CVE-2025-21333, CVE-2025-21334, CVE-2025-21335)](https://securityboulevard.com/2025/01/microsofts-january-2025-patch-tuesday-addresses-157-cves-cve-2025-21333-cve-2025-21334-cve-2025-21335/) + - [ ] [The AI Revolution: Navigating Cybersecurity Challenges in 2025](https://securityboulevard.com/2025/01/the-ai-revolution-navigating-cybersecurity-challenges-in-2025/) + - [ ] [Randall Munroe’s XKCD ‘Trimix’](https://securityboulevard.com/2025/01/randall-munroes-xkcd-trimix/) + - [ ] [Sanitizing Unstructured Data In Motion—and Why It’s Important](https://securityboulevard.com/2025/01/sanitizing-unstructured-data-in-motion-and-why-its-important/) + - [ ] [Six Friends Every Security Team Needs](https://securityboulevard.com/2025/01/six-friends-every-security-team-needs/) +- SecWiki News + - [ ] [SecWiki News 2025-01-14 Review](http://www.sec-wiki.com/?2025-01-14) +- paper - Last paper + - [ ] [探索大型语言模型在Android恶意软件语义分析与分类中的应用](https://paper.seebug.org/3267/) +- Trustwave Blog + - [ ] [Navigating DORA Compliance: A Roadmap to Operational Resilience with Trustwave](https://www.trustwave.com/en-us/resources/blogs/trustwave-blog/navigating-dora-compliance-a-roadmap-to-operational-resilience-with-trustwave/) +- Tenable Blog + - [ ] [CVE-2024-55591: Fortinet Authentication Bypass Zero-Day Vulnerability Exploited in the Wild](https://www.tenable.com/blog/cve-2024-55591-fortinet-authentication-bypass-zero-day-vulnerability-exploited-in-the-wild) + - [ ] [Microsoft’s January 2025 Patch Tuesday Addresses 157 CVEs (CVE-2025-21333, CVE-2025-21334, CVE-2025-21335)](https://www.tenable.com/blog/microsofts-january-2025-patch-tuesday-157-cves-cve-2025-21333-cve-2025-21334-cve-2025-21335) +- Doonsec's feed + - [ ] [牟林:撕掉了价值观的伪装的特朗普赤膊上阵意味深长](https://mp.weixin.qq.com/s?__biz=MzA5MDg1MDUyMA==&mid=2650476159&idx=1&sn=9ee9e8f87fe420fc6c6341795ef49a16) + - [ ] [美国商务部发布联网汽车禁令的双刃剑效应](https://mp.weixin.qq.com/s?__biz=MzU3MDM2NzkwNg==&mid=2247486527&idx=1&sn=ea24c76effd05ec8ea8d35594bc8d6f1) + - [ ] [Kioptrix-Level Four 综合靶机实战思路](https://mp.weixin.qq.com/s?__biz=MzkzMzg3MzMyOA==&mid=2247486096&idx=1&sn=077a1526044ac3b0e5faf5a43b121e34) + - [ ] [2025年5大最佳静态代码分析工具](https://mp.weixin.qq.com/s?__biz=Mzk0MzY1NDc2MA==&mid=2247484248&idx=1&sn=660d1f911b2ba04ced47f27fc379b993) + - [ ] [2025年,AI代码生成器会克服他们的不安全感吗?](https://mp.weixin.qq.com/s?__biz=Mzk0MzY1NDc2MA==&mid=2247484248&idx=2&sn=38859bfbe2dd4ed1e30a56eaf6e7aae0) + - [ ] [战略解码:后量子密码学时代即将到来,到2029年多数传统密码算法将不再安全!(附下载)](https://mp.weixin.qq.com/s?__biz=MzkyMTYyOTQ5NA==&mid=2247486200&idx=1&sn=b8aebdb50b6d0b52cae98068b497ce5c) + - [ ] [信息收集神器--Nmap](https://mp.weixin.qq.com/s?__biz=Mzk1NzQwNjQ4Ng==&mid=2247484155&idx=1&sn=112973fae39d94735fdd696778fd0050) + - [ ] [关注 | 工信部发文 加强互联网数据中心客户数据安全保护](https://mp.weixin.qq.com/s?__biz=MzI5NTM4OTQ5Mg==&mid=2247633806&idx=1&sn=1e8f421710d828b75aaa168efa6c2368) + - [ ] [发布 | 公安部公布8起打击网络黑客犯罪典型案例](https://mp.weixin.qq.com/s?__biz=MzI5NTM4OTQ5Mg==&mid=2247633806&idx=2&sn=124635720d9fd3a4d52758945ac5fbb4) + - [ ] [专家解读 | 大力发展数据标注产业 推动我国人工智能创新发展](https://mp.weixin.qq.com/s?__biz=MzI5NTM4OTQ5Mg==&mid=2247633806&idx=3&sn=2fb371756994036269d4fc5b01dba54a) + - [ ] [专挑执法机构下手!欧盟执法培训机构发生大规模数据泄露](https://mp.weixin.qq.com/s?__biz=MzI4NDY2MDMwMw==&mid=2247513487&idx=2&sn=11bbee0dcc26adcb43a666c1f79059f1) + - [ ] [感受风险的脉搏](https://mp.weixin.qq.com/s?__biz=Mzg2MDc0NTIxOQ==&mid=2247484712&idx=1&sn=37b75b5289eea41ca58444a90f849239) + - [ ] [趋势预测 | 2025年人工智能带来的五大网络安全挑战](https://mp.weixin.qq.com/s?__biz=Mzg4MDU0NTQ4Mw==&mid=2247528636&idx=1&sn=e7b0e6125f4860f6ff6b03f1c2560eb7) + - [ ] [【漏洞预警】科拓全智能停车收费系统Webservice.asmx存在任意文件上传漏洞](https://mp.weixin.qq.com/s?__biz=MzI3NzMzNzE5Ng==&mid=2247489457&idx=1&sn=56aacbec2792c121e13929fa55c1d15c) + - [ ] [HooK iOS内核代码禁用ASLR](https://mp.weixin.qq.com/s?__biz=MzI3NzMzNzE5Ng==&mid=2247489457&idx=2&sn=f8d7f758303e046b7ad7bf007307bb99) + - [ ] [不被大风吹倒](https://mp.weixin.qq.com/s?__biz=MzUzMjQyMDE3Ng==&mid=2247487879&idx=1&sn=2b21fe27106a44fd4d67437654344911) + - [ ] [用于快速搜索 Windows 取证文件的开源工具](https://mp.weixin.qq.com/s?__biz=Mzg3OTUxNTU2NQ==&mid=2247489985&idx=1&sn=7e571dcec614a3df4edd8a9942fda45d) + - [ ] [通用大模型分析恶意软件,完全不靠谱](https://mp.weixin.qq.com/s?__biz=Mzg3OTUxNTU2NQ==&mid=2247489985&idx=2&sn=34221d1abc1654c247f6d48a1358ea27) + - [ ] [浅谈蜜罐原理与规避](https://mp.weixin.qq.com/s?__biz=Mzg3OTUxNTU2NQ==&mid=2247489985&idx=3&sn=d1ad5a883663d7ab9c6733b36f18dea6) + - [ ] [免费 | 一键为图片添加矢量描边,轻松制作精美贴图](https://mp.weixin.qq.com/s?__biz=MzI2MjcwMTgwOQ==&mid=2247492166&idx=1&sn=1bd4586e5113eebd05eef898773dd813) + - [ ] [BS ISO 23799-2024 船舶和海洋技术 机载网络安全评估(中文版)](https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247619473&idx=1&sn=bc75cac851697fceeb2fc6f22d65fb88) + - [ ] [E26 Cyber resilience of ships 船舶网络韧性(中英文)](https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247619473&idx=2&sn=c87c8dfeec334aa7c0648bd5d5fb1c0f) + - [ ] [船舶网络安全态势感知方法研究综述](https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247619473&idx=3&sn=b5af0428d85c47768ab3249823c1e943) + - [ ] [通过Frida-Labs 筑牢frida基础](https://mp.weixin.qq.com/s?__biz=Mzk0ODM0MjA0OA==&mid=2247483898&idx=1&sn=27137752eaa2ec4a2c94554309d28337) + - [ ] [网络安全市场正面临“红海”困境](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485408&idx=1&sn=d3dd148b9a40df582dcc7469214bed24) + - [ ] [【直卖实拍】北七家3居变4居豪装,理想楼层、户型、朝向](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485408&idx=2&sn=d4ddf8594577b5ca40c9df760b5a9bd8) + - [ ] [【干货】笑傲职场的独家经验(1)](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485408&idx=3&sn=19ee1eae4f3f850a6a54da14830621ac) + - [ ] [【干货原创】实网攻防演习常态化,会带来什么变化01](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485408&idx=4&sn=f5757f423a3c082d25670a4f654ca58f) + - [ ] [【干货原创】K12教育,鲜为人知的模式秘密](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485408&idx=5&sn=17f3311b68450e89f1529fc3c79478d5) + - [ ] [原创文章目录](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485408&idx=6&sn=4b5e54c53d30cee295d18757908955a0) + - [ ] [Vulnhub-SkyTower靶机](https://mp.weixin.qq.com/s?__biz=Mzk1NzI5NzA3NQ==&mid=2247486104&idx=1&sn=b465a463e21cb6b5ec8d8e3a492731e0) + - [ ] [记录一次渗透ta的内心(下)](https://mp.weixin.qq.com/s?__biz=MzkyMDY1MDI3OA==&mid=2247483760&idx=1&sn=439de68dc790096679ce33deb91e4080) + - [ ] [重拳出击!公安部公布2024年打击网络黑客犯罪典型案例](https://mp.weixin.qq.com/s?__biz=MzkwMDU5NTE0OQ==&mid=2247488665&idx=1&sn=dafcee6a677014e61d2cee0967d06c8e) + - [ ] [EarlyBirdNTDLL项目解析以绕过Defender](https://mp.weixin.qq.com/s?__biz=Mzg5MDg3OTc0OA==&mid=2247489374&idx=1&sn=3265275266612356110a5deaff62567f) + - [ ] [防翻车,禁止浏览器扩展插件自动更新](https://mp.weixin.qq.com/s?__biz=Mzk0MzY3MDE5Mg==&mid=2247483913&idx=1&sn=162d3d2618498bf04d6dd5703c9eb091) + - [ ] [攻防演练-医院-ez一把梭](https://mp.weixin.qq.com/s?__biz=Mzg2ODYxMzY3OQ==&mid=2247518206&idx=1&sn=c6aeb567802f8bb89727ab12d737130f) + - [ ] [网站篡改入门,一个SQL注入漏洞就能让整个网站大变样,原理详解|!|从SQL注入到XSS攻击,完整还原黑客是如何篡改网站的](https://mp.weixin.qq.com/s?__biz=MzI5MjY4MTMyMQ==&mid=2247489687&idx=1&sn=c004c654be6ef71290e6cc23b82a8083) + - [ ] [原创—再次谏言腾讯走运模式固本培元路线,更长久](https://mp.weixin.qq.com/s?__biz=Mzg4NzAwNzA4NA==&mid=2247485066&idx=1&sn=196b14c1c5ef808aaf7507e6f83adff1) + - [ ] [【资料】全源情报分析指南](https://mp.weixin.qq.com/s?__biz=MzI2MTE0NTE3Mw==&mid=2651148529&idx=1&sn=eb04e2ef8c40d94aef096c369c1ea58b) + - [ ] [实战渗透菠菜网站 II](https://mp.weixin.qq.com/s?__biz=MzkyMDY1MDI3OA==&mid=2247483752&idx=1&sn=e57d2c778125c9aac7b8031e1a35ccd2) + - [ ] [击穿星巴克获取 1 亿用户详细信息](https://mp.weixin.qq.com/s?__biz=MzIzMTIzNTM0MA==&mid=2247496850&idx=1&sn=11bd36bd686dd8f1a78ec89282a6c8ba) + - [ ] [12【邮件安全】如何防护垃圾邮件威胁](https://mp.weixin.qq.com/s?__biz=MzI1OTUyMTI2MQ==&mid=2247484802&idx=1&sn=88e31e317fa0f451073d3b9fc394f749) + - [ ] [校招社招实习推荐](https://mp.weixin.qq.com/s?__biz=MzkwMTU2NzMwOQ==&mid=2247484512&idx=1&sn=420838d4cac10933a522705e4c8c975e) + - [ ] [sql注入之无列名注数据详解](https://mp.weixin.qq.com/s?__biz=MzkzODUzMjA1MQ==&mid=2247484812&idx=1&sn=9c59b82c3fc8797de6dba73d331c9f12) + - [ ] [2025年首个满分漏洞,PoC已公布,可部署后门](https://mp.weixin.qq.com/s?__biz=MzkzNjIzMjM5Ng==&mid=2247490196&idx=1&sn=c5f5b38d186df545679f4ea625394a55) + - [ ] [党建引领促业务 保密护航筑安全 —评测中心党总支举办党务综合素质提升培训班](https://mp.weixin.qq.com/s?__biz=MjM5NzYwNDU0Mg==&mid=2649249440&idx=1&sn=e88cccb31645fdd18ef61f98a10a837e) + - [ ] [【我们这一年】走好践行“两个维护”第一方阵 以高质量党建促进高质量发展](https://mp.weixin.qq.com/s?__biz=MjM5NzYwNDU0Mg==&mid=2649249440&idx=2&sn=d2ffee8f4ca7b688d38a0e0723f9d7aa) + - [ ] [【资讯】《中国法学会章程》全文](https://mp.weixin.qq.com/s?__biz=MzU1NDY3NDgwMQ==&mid=2247549233&idx=1&sn=ba192064261b27a5356a3a08ad291abd) + - [ ] [【资讯】国家发改委等四部门发布《关于促进数据标注产业高质量发展的实施意见》](https://mp.weixin.qq.com/s?__biz=MzU1NDY3NDgwMQ==&mid=2247549233&idx=2&sn=243ef9506e5c59bd5d5c60e73abcd6ae) + - [ ] [【资讯】工信部办公厅发布《关于加强互联网数据中心客户数据安全保护的通知》](https://mp.weixin.qq.com/s?__biz=MzU1NDY3NDgwMQ==&mid=2247549233&idx=3&sn=32b35d16439643bdb98c360fad03b3b1) + - [ ] [HPW大会精彩回顾:无界对话,技术交汇(内含ppt!)](https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651311991&idx=1&sn=2b106d06d500e59c02c0fbeca6846e90) + - [ ] [不干净的视频评论区,攻击者利用Youtube传播窃密软件](https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651311991&idx=2&sn=0132681595daef3f0ff9ff610d912fab) + - [ ] [议题征集 | 关于征集第六期移动互联网APP产品安全漏洞技术沙龙议题的通知](https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651311991&idx=3&sn=db90b0dc624faaae95f965931adc5423) + - [ ] [RequestShield:一款HTTP请求威胁识别与检测工具](https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651311991&idx=4&sn=c569c3a23ae2e04238ecca429244011e) + - [ ] [frida搭建+使用](https://mp.weixin.qq.com/s?__biz=MzkxMjYyMjA3Mg==&mid=2247485367&idx=1&sn=dc03aa1898daa66f43405c5cf951f4df) + - [ ] [【CTF】GeekChallenge极客大挑战](https://mp.weixin.qq.com/s?__biz=Mzg5NTU2NjA1Mw==&mid=2247496426&idx=1&sn=4f06e472671f195bcf272dc5dc4be240) + - [ ] [难绷,一种重命名+符号链接禁用EDR(Crowdstrike)的方法](https://mp.weixin.qq.com/s?__biz=MzU0NDc0NTY3OQ==&mid=2247488378&idx=1&sn=df5f38e5592b90173adcdba1700c594f) + - [ ] [安在盘点 | 2024网络安全报告大合集,1000余份打包下载](https://mp.weixin.qq.com/s?__biz=MzU5ODgzNTExOQ==&mid=2247634547&idx=1&sn=bb5d7af37a68ccc2a10af856d26a25a8) + - [ ] [【黑产大数据】2024年数据泄露风险态势报告](https://mp.weixin.qq.com/s?__biz=MzU5ODgzNTExOQ==&mid=2247634547&idx=2&sn=f81e4408bb90e355b175acb4d120bb39) + - [ ] [开源文件夹同步备份神器-FreeFileSync](https://mp.weixin.qq.com/s?__biz=MzkxMzIwNTY1OA==&mid=2247510760&idx=1&sn=5132d5439191a7f9958d224f34df1565) + - [ ] [2025年TPRM趋势:日益增长的第三方依赖及相关风险](https://mp.weixin.qq.com/s?__biz=MzkxMzQwNDcxNg==&mid=2247486840&idx=1&sn=9cb6cc729144dd71928f5fd8e051fb50) + - [ ] [地表工资最高的公司! 英伟达一半员工净资产破亿,近八成员工百万富翁](https://mp.weixin.qq.com/s?__biz=Mzg2NDYwMDA1NA==&mid=2247543500&idx=1&sn=de1eccf3a6b40841971eed33f4879c09) + - [ ] [2025年各省网络安全人员工资,单日最高14K, 上海最好36K/月,](https://mp.weixin.qq.com/s?__biz=Mzg2NDYwMDA1NA==&mid=2247543500&idx=2&sn=50bc7629d425f93b8db78bad22bddeae) + - [ ] [信息安全漏洞周报(2025年第2期)](https://mp.weixin.qq.com/s?__biz=MzAxODY1OTM5OQ==&mid=2651462564&idx=1&sn=2257357922013ed3d0647f6ff408ccd4) + - [ ] [发布 | 四部门联合印发《关于促进数据标注产业高质量发展的实施意见》(附全文)](https://mp.weixin.qq.com/s?__biz=MzkyNDUyNzU1MQ==&mid=2247486658&idx=1&sn=95a8ac019ad27da2b70d48a51d110459) + - [ ] [智能引领,携誉启航丨盘点国投智能2024下半年高光时刻](https://mp.weixin.qq.com/s?__biz=MjM5NTU4NjgzMg==&mid=2651434634&idx=1&sn=3899dfbd80b88a8f44263c19077320e0) + - [ ] [Hacker有“泰”度!360白帽泰国行圆满落幕~](https://mp.weixin.qq.com/s?__biz=Mzg5MTc5Mzk2OA==&mid=2247502656&idx=1&sn=d52bbd8b88f3468b66737a500d9fe220) + - [ ] [工信部认可!360荣获车联网产品安全漏洞专业库“优秀技术支撑单位”](https://mp.weixin.qq.com/s?__biz=MzA4MTg0MDQ4Nw==&mid=2247579028&idx=1&sn=3d580b0d7ca47a7f72c3197a1199540b) + - [ ] [带你解锁编码新世界!--随波逐流CTF编码工具使用教程34 --Quoted-printable密码](https://mp.weixin.qq.com/s?__biz=MzU2NzIzNzU4Mg==&mid=2247489481&idx=1&sn=8faf84924478a515c65fe12c67b0eb2e) + - [ ] [喜讯!云起无垠获评“国家高新技术企业”认证](https://mp.weixin.qq.com/s?__biz=Mzg3Mjg4NTcyNg==&mid=2247490152&idx=1&sn=6dc7067ab4e8edbb64c06f77c83b9229) + - [ ] [釜山数字资产交易所与CertiK达成战略合作,推动数字资产交易安全升级](https://mp.weixin.qq.com/s?__biz=MzU5OTg4MTIxMw==&mid=2247503883&idx=1&sn=fbc059f2f83a338969145c70a83685c3) + - [ ] [苹果修复 macOS 高危漏洞,被黑客利用可安装恶意内核驱动](https://mp.weixin.qq.com/s?__biz=MzU2MTQwMzMxNA==&mid=2247541399&idx=1&sn=c0dd23b96e9a973bc068a2183d8c1ce0) + - [ ] [【安全圈】2025年首个满分漏洞,PoC已公布,可部署后门](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067342&idx=1&sn=533ba142831a3c994e00cb6ec7d6d36c) + - [ ] [【安全圈】AI抢不走的工作,微软力挺红队测试仍需人类“掌舵”](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067342&idx=2&sn=7630e1838566bfaad814bfbeff239c32) + - [ ] [【安全圈】不干净的视频评论区,攻击者利用Youtube传播窃密软件](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067342&idx=3&sn=488b956f65f869c09be3e3d7874e6d90) + - [ ] [【安全圈】为网络安全研究人员定制的虚假漏洞利用攻击利用恶意软件](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067342&idx=4&sn=380dc9803cf52db7c5d1771d404c4279) + - [ ] [阳光下的阴影:巴塞罗那如何成为全球间谍软件的“新硅谷”?](https://mp.weixin.qq.com/s?__biz=MzkyMjQ5ODk5OA==&mid=2247506780&idx=1&sn=8bba20149bb98ccaeb3d6baf110d8760) + - [ ] [快讯 | 上海安全防范报警协会召开第八届会员代表大会第一次会议,慧盾安全当选常务理事单位](https://mp.weixin.qq.com/s?__biz=MzI2NDcwOTgzOA==&mid=2247493444&idx=1&sn=3dc9af50d6d2be8e1fceab27742a062c) + - [ ] [2025 SUCTF wp](https://mp.weixin.qq.com/s?__biz=Mzk0NzI0NTI2OA==&mid=2247486149&idx=1&sn=567432088d55b1f76b4e6efa614df7a0) + - [ ] [微软OpenAI云遭滥用:攻击者绕过安全护栏 对外售卖违规内容生成服务](https://mp.weixin.qq.com/s?__biz=MzI4NDY2MDMwMw==&mid=2247513487&idx=1&sn=2bb2b3796dd10a13b4a3bf0ae256a199) +- 安全客-有思想的安全新媒体 + - [ ] [共赴商用密码盛事,开启创新发展新篇--2025第三届商用密码展将于6月11日-13日在上海举办!](https://www.anquanke.com/post/id/303497) + - [ ] [喜报!360入围中央国家机关及多地省政府采购名单!](https://www.anquanke.com/post/id/303491) + - [ ] [CVE-2024-56511: DataEase 中的严重身份验证绕过漏洞](https://www.anquanke.com/post/id/303488) + - [ ] [攻击者在不使用勒索软件的情况下加密 AWS S3 数据](https://www.anquanke.com/post/id/303485) + - [ ] [OneBlood 证实个人数据在 7 月份的勒索软件攻击中被盗](https://www.anquanke.com/post/id/303482) + - [ ] [CISA 警告 BeyondTrust 和 Qlik Sense 中的关键漏洞正被积极利用](https://www.anquanke.com/post/id/303479) + - [ ] [新型 Web3 攻击利用交易模拟窃取加密货币](https://www.anquanke.com/post/id/303476) + - [ ] [CVE-2025-22152(CVSS 9.4): 在 Atheos 基于 Web 的集成开发环境中发现严重漏洞](https://www.anquanke.com/post/id/303473) + - [ ] [Aviatrix 控制器 RCE CVE-2024-50603 在野外被利用:部署了加密劫持和后门程序](https://www.anquanke.com/post/id/303470) + - [ ] [新 macOS 漏洞暴露: 针对 CVE-2024-54498 的 PoC 攻破了沙盒安全性](https://www.anquanke.com/post/id/303466) + - [ ] [WordPress Skimmers通过将自己注入数据库表来逃避检测](https://www.anquanke.com/post/id/303463) +- ArthurChiao's Blog + - [ ] [[译] AI Workflow & AI Agent:架构、模式与工程建议(Anthropic,2024)](https://arthurchiao.github.io/blog/build-effective-ai-agent-zh/) +- 一个被知识诅咒的人 + - [ ] [Python内存优化全攻略:深入理解对象池与__slots__的应用](https://blog.csdn.net/nokiaguy/article/details/145135646) + - [ ] [【人工智能】从Keras到TensorFlow 2.0:深入掌握Python深度学习技术](https://blog.csdn.net/nokiaguy/article/details/145135601) +- Horizon3.ai + - [ ] [Prove the impact of cybersecurity investments—holistically and continuously](https://www.horizon3.ai/intelligence/webinars/prove-the-impact-of-cybersecurity-investments-holistically-and-continuously/) +- Blogs dade + - [ ] [Weekly Retro 2025-W02](https://0xda.de/blog/2025/01/weekly-retro-2025-w02/) +- SpiderLabs Blog + - [ ] [CVE-2024-55591: Fortinet FortiOS/FortiProxy Zero Day](https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/cve-2024-55591-fortinet-fortios-fortiproxy-zero-day/) + - [ ] [The Database Slayer: Deep Dive and Simulation of the Xbash Malware](https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/the-database-slayer-deep-dive-and-simulation-of-the-xbash-malware/) +- Malwarebytes + - [ ] [Insurance company accused of using secret software to illegally collect and sell location data on millions of Americans](https://www.malwarebytes.com/blog/news/2025/01/insurance-company-accused-of-using-secret-software-to-illegally-collect-and-sell-location-data-on-millions-of-americans) +- Reverse Engineering + - [ ] [USB Ethernet Adapter Malware??? OALABS Line-by-Line Code Analysis](https://www.reddit.com/r/ReverseEngineering/comments/1i1eylt/usb_ethernet_adapter_malware_oalabs_linebyline/) +- daniel.haxx.se + - [ ] [Secure Transport support in curl is on its way out](https://daniel.haxx.se/blog/2025/01/14/secure-transport-support-in-curl-is-on-its-way-out/) +- FreeBuf网络安全行业门户 + - [ ] [FreeBuf早报 | 由AI大模型生成的勒索软件被曝光;恶意软件利用0Day远程控制Linux](https://www.freebuf.com/news/419812.html) + - [ ] [2025年十大最佳漏洞管理工具分享](https://www.freebuf.com/news/419799.html) + - [ ] [2025年首个满分漏洞,PoC已公布,可部署后门](https://www.freebuf.com/news/419788.html) + - [ ] [不干净的视频评论区,攻击者利用Youtube传播窃密软件](https://www.freebuf.com/news/419785.html) + - [ ] [AI抢不走的工作,微软力挺红队测试仍需人类“掌舵”](https://www.freebuf.com/news/419782.html) +- HackerNews + - [ ] [献血机构 OneBlood 确认去年 7 月勒索软件攻击中个人数据被盗](https://hackernews.cc/archives/56889) + - [ ] [疑似俄黑客组织针对哈萨克斯坦目标](https://hackernews.cc/archives/56882) + - [ ] [信息窃取软件伪装成针对最新 LDAP 漏洞的概念验证代码](https://hackernews.cc/archives/56879) + - [ ] [勒索软件滥用亚马逊 AWS 功能加密 S3 存储桶](https://hackernews.cc/archives/56877) + - [ ] [《流放之路2》管理员账号被盗,玩家账号遭黑客攻击](https://hackernews.cc/archives/56874) +- bishopfox.com + - [ ] [raink: Use LLMs for Document Ranking](https://bishopfox.com/blog/raink-llms-document-ranking) +- 安全牛 + - [ ] [CACTER直播预告:大模型网关新品抢先知,惊喜积分礼盒等您兑!](https://www.aqniu.com/vendor/107954.html) +- text/plain + - [ ] [Welcome to 2025!](https://textslashplain.com/2025/01/14/welcome-to-2025/) +- 奇客Solidot–传递最新科技情报 + - [ ] [USB 简化标签只留下速度](https://www.solidot.org/story?sid=80329) + - [ ] [微软工程师向 Linux 6.13 贡献的代码在发布前夕被禁用](https://www.solidot.org/story?sid=80328) + - [ ] [德国的 LGPL 诉讼获得成功](https://www.solidot.org/story?sid=80327) + - [ ] [美国进一步限制 AI 芯片出口](https://www.solidot.org/story?sid=80326) + - [ ] [PC 出货量三年来首次增长](https://www.solidot.org/story?sid=80325) + - [ ] [中国考虑将 TikTok 美国出售给马斯克](https://www.solidot.org/story?sid=80324) + - [ ] [在 TikTok 在美国面临被禁之际小红书登顶苹果 App Store](https://www.solidot.org/story?sid=80323) + - [ ] [为什么日本儿童独自乘地铁?](https://www.solidot.org/story?sid=80322) + - [ ] [为什么孩子需要更多冒险游戏](https://www.solidot.org/story?sid=80321) +- 安全分析与研究 + - [ ] [盘点全球主流Linux平台的勒索病毒](https://mp.weixin.qq.com/s?__biz=MzA4ODEyODA3MQ==&mid=2247489981&idx=1&sn=f92b58bb6a06cfb2d3596dee93f226ab&chksm=902fb695a7583f834b08a2fe2ada4911c36f0915057d542505372673f82224ea3483bf5bdbc0&scene=58&subscene=0#rd) +- 锦行科技 + - [ ] [锦行科技2024年度图鉴](https://mp.weixin.qq.com/s?__biz=MzIxNTQxMjQyNg==&mid=2247493635&idx=1&sn=34b04bc10d27ff153f275b801950730d&chksm=979a13a6a0ed9ab01f146a40cbb7465749a73ece1bf055c001de7d0d4960c16736ab46568ba7&scene=58&subscene=0#rd) +- 雷神众测 + - [ ] [你的新年礼物待发货!点击本文领取!](https://mp.weixin.qq.com/s?__biz=MzI0NzEwOTM0MA==&mid=2652503286&idx=1&sn=7b0acbf3851e7acca62b3941564d4853&chksm=f2585f45c52fd6536f61f228cb9a2d987ca1e38474d7d841512d33a45ac5902533bc6fa8f87b&scene=58&subscene=0#rd) +- 威努特安全网络 + - [ ] [勒索软件:阴影下的贪婪游戏](https://mp.weixin.qq.com/s?__biz=MzAwNTgyODU3NQ==&mid=2651130376&idx=1&sn=dc358c10ad843138011b94d055322174&chksm=80e710b8b79099aead5194a305ce684f2a1b2784527ceee947e3c8862b400fb3624c60a50842&scene=58&subscene=0#rd) +- 安全内参 + - [ ] [微软OpenAI云遭滥用:攻击者绕过安全护栏 对外售卖违规内容生成服务](https://mp.weixin.qq.com/s?__biz=MzI4NDY2MDMwMw==&mid=2247513487&idx=1&sn=2bb2b3796dd10a13b4a3bf0ae256a199&chksm=ebfaf2afdc8d7bb93ac0a572afdf222ceb9510b5625e64a2d911f9180ad752d2c00975e60c91&scene=58&subscene=0#rd) + - [ ] [专挑执法机构下手!欧盟执法培训机构发生大规模数据泄露](https://mp.weixin.qq.com/s?__biz=MzI4NDY2MDMwMw==&mid=2247513487&idx=2&sn=11bbee0dcc26adcb43a666c1f79059f1&chksm=ebfaf2afdc8d7bb92112f4e0cb2762cf4b05b61ee188586a4259f4eb537405551ce087c57f5c&scene=58&subscene=0#rd) +- 代码卫士 + - [ ] [微软:macOS 漏洞可导致黑客安装恶意内核驱动](https://mp.weixin.qq.com/s?__biz=MzI2NTg4OTc5Nw==&mid=2247522060&idx=1&sn=562313e7f413152c3399933007b147f5&chksm=ea94a666dde32f706b2b66b455dfbe3a9b106e8c0a4a379c3b30ac5c0aa916c5ad8b092cddd1&scene=58&subscene=0#rd) + - [ ] [严重的 Aviatrix Controller RCE 漏洞已遭利用](https://mp.weixin.qq.com/s?__biz=MzI2NTg4OTc5Nw==&mid=2247522060&idx=2&sn=77945a6bc936ca2cbd6fe400e106a420&chksm=ea94a666dde32f702c05d9f642f0ea1c7cbc525dd3805a10ce8441a93f2412a10b40fc913587&scene=58&subscene=0#rd) +- 看雪学苑 + - [ ] [【预售中】无人机安全攻防入门:带你玩转无线电,守护空中隐私与安全!](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458588667&idx=1&sn=83b7402a114088f5888be0eb780f5982&chksm=b18c257186fbac6719f8e5f08cdd6af0db28cf5ba17afa96f5d93f9a9abaa7a4f73d32f29401&scene=58&subscene=0#rd) + - [ ] [你想有多PWN](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458588667&idx=2&sn=8bb1c3bb40eb4a3672a3ee009cc78bd2&chksm=b18c257186fbac67ff5da7b4983f664bc67d3d8715fe5ecd3f5f2c4169c5f64ce55101e4d4f6&scene=58&subscene=0#rd) + - [ ] [2025年首个满分漏洞:云攻击者利用Aviatrix Controller漏洞植入恶意软件](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458588667&idx=3&sn=af4f2eb4bededa0cea574e3cd7963382&chksm=b18c257186fbac670637d659a7511de8c3ead88069367df522ef629a278eaa02c9daf567134d&scene=58&subscene=0#rd) +- 天御攻防实验室 + - [ ] [拜登政府计划制裁北京的一家网络安全公司](https://mp.weixin.qq.com/s?__biz=MzU0MzgyMzM2Nw==&mid=2247486237&idx=1&sn=e3374c3ba2614ee4c1ea93a26351e39e&chksm=fb04c875cc734163987a1143d90ec6e2b854fb872910112ef1afa8486456c9fc9a72a905eb58&scene=58&subscene=0#rd) +- DataCon大数据安全分析竞赛 + - [ ] [DataCon2024解题报告WriteUp—AI安全赛道](https://mp.weixin.qq.com/s?__biz=MzU5Njg1NzMyNw==&mid=2247489053&idx=1&sn=76dcae986b475bf3a1eff49f3d258c00&chksm=fe5d0e9dc92a878b1bb28f26bff904ad0a35d15b7837be5ff82c89203fbb233a7416e209e1cf&scene=58&subscene=0#rd) +- 信息安全国家工程研究中心 + - [ ] [慎终如始,则无败事——多家企业不履行网络安全保护义务被依法处罚](https://mp.weixin.qq.com/s?__biz=MzU5OTQ0NzY3Ng==&mid=2247498725&idx=1&sn=7aef964c19dd8b24207a9253f77aac21&chksm=feb67af6c9c1f3e06a3344510015851b772e440f981f02908a48c1a5a894e7140426d80a1c25&scene=58&subscene=0#rd) +- dotNet安全矩阵 + - [ ] [.NET | 通过 LDAP 技术在域渗透中获取内网所有系统账户数据](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498206&idx=1&sn=5f290cbc0e9c1a8c76d0e0cb8625cf4c&chksm=fa595733cd2ede25f81edaa97c23c5128bf81f91b9853c6992c7ea10cc5b4cccc56a8c991b67&scene=58&subscene=0#rd) + - [ ] [.NET 内网攻防实战电子报刊](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498206&idx=2&sn=ccd7a610c1551ab79faf6c373e36ba0b&chksm=fa595733cd2ede251ab2675874322edb35041922db6c2ab59f6d3be9f9e22dda1afcac4ac38e&scene=58&subscene=0#rd) + - [ ] [无独有偶,通过.NET反序列化漏洞实现 Visual Studio 钓鱼攻击](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498206&idx=3&sn=a00994d537a5909711eda0e855cf39e6&chksm=fa595733cd2ede25105b711c11316a44649792eaf6c84fe1b800624b877fa63c510961c10820&scene=58&subscene=0#rd) +- 微步在线 + - [ ] [情报,又是代表厂商!](https://mp.weixin.qq.com/s?__biz=MzI5NjA0NjI5MQ==&mid=2650182977&idx=1&sn=5034ac95fb46e3ecf415164cc327d667&chksm=f4486efdc33fe7eb4d386ce4263003b8247200d02c6572da6b435588fa6e97b7e97031486f70&scene=58&subscene=0#rd) +- 丁爸 情报分析师的工具箱 + - [ ] [【资料】全源情报分析指南](https://mp.weixin.qq.com/s?__biz=MzI2MTE0NTE3Mw==&mid=2651148529&idx=1&sn=eb04e2ef8c40d94aef096c369c1ea58b&chksm=f1af27cbc6d8aedd5295b2c1330315579336534f3868dbb766dcc55b60fc10ef3c1f859dc96b&scene=58&subscene=0#rd) +- 数世咨询 + - [ ] [2025年美国军方拨款约300亿美元用于网络安全](https://mp.weixin.qq.com/s?__biz=MzkxNzA3MTgyNg==&mid=2247534113&idx=1&sn=3ffe3cc14b3da452f3f37f2ec2fa484d&chksm=c144349cf633bd8a2986e6625ea40da708b7b6fec5bec05a68f31fb9d7b0833f49315860fb80&scene=58&subscene=0#rd) + - [ ] [网络安全产业发展亟需回归行业价值本质](https://mp.weixin.qq.com/s?__biz=MzkxNzA3MTgyNg==&mid=2247534113&idx=2&sn=73919dc8a130b38a923b93cff0c50cdf&chksm=c144349cf633bd8a4ffbade73b3db7266497dee4c0a1c9089fa13d66d50483cb0f39b31039a9&scene=58&subscene=0#rd) +- 火线安全平台 + - [ ] [火线安全|年终大奖熠熠生辉,一起迎接年终分红时刻!](https://mp.weixin.qq.com/s?__biz=MzU4MjEwNzMzMg==&mid=2247494650&idx=1&sn=9b31cd4dbe6d0428c8ab3e835b52c73d&chksm=fdbfc251cac84b475274790dd4931939ae6f145454479889184b723c2dafcbaa4e21aa7706a2&scene=58&subscene=0#rd) +- ChaMd5安全团队 + - [ ] [SUCTF 2025 writeup by Min-Venom](https://mp.weixin.qq.com/s?__biz=MzIzMTc1MjExOQ==&mid=2247511868&idx=1&sn=5a1dc3baed4c78da2b5f75a78d2730a3&chksm=e89d87e4dfea0ef237728e960ff5e2c177f91801f9a16117a02cdb9b62e9adec26ac8ebf7a4d&scene=58&subscene=0#rd) +- 中国信息安全 + - [ ] [关注 | 工信部发文 加强互联网数据中心客户数据安全保护](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664234545&idx=1&sn=dc708bd198a9f572466efd53343dbfd8&chksm=8b59fcc8bc2e75de31b5c2b480b2ec64e92778dc9b35802d59121facc8d6e7c61833feedffc9&scene=58&subscene=0#rd) + - [ ] [专家解读 | 大力发展数据标注产业 推动我国人工智能创新发展](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664234545&idx=2&sn=d91c7578b958313bd7938fef75996fdd&chksm=8b59fcc8bc2e75de6fabe111dccca1c7defcc7ff6d5773e24d7201e332be82ed144efa9251a1&scene=58&subscene=0#rd) + - [ ] [前沿 | 回望2024年国际风云之变:聚焦全球产业核心驱动力 人工智能在全球产业变革中地位凸显](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664234545&idx=3&sn=a05079462b873959a484178e8a5465ca&chksm=8b59fcc8bc2e75deb7ea3bfab761bb926cdf86df478279e3a58fb01d166cb47e3c0efee5a84f&scene=58&subscene=0#rd) + - [ ] [发布 | 公安部公布8起打击网络黑客犯罪典型案例](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664234545&idx=4&sn=2e01732d093aabf1cf5336f813912c9f&chksm=8b59fcc8bc2e75de2780fc803df201f7e209f94b3303aa9c130a1c6c433ed59298e6b8f736b7&scene=58&subscene=0#rd) + - [ ] [关注 | 16款App存在隐私不合规行为被通报!](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664234545&idx=5&sn=252913fbf92cf6fda05be5316b33899c&chksm=8b59fcc8bc2e75defa7884d2220357f94639b0fd3b3ae1ce27224076263b9deca934ac7724d4&scene=58&subscene=0#rd) + - [ ] [国际 | 新加坡个人数据跨境传输规则](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664234545&idx=6&sn=d0ac0ff1882c400ac7dc13ef4ed6630b&chksm=8b59fcc8bc2e75de78cf889fc80038dbbf38903352028fe61fdb87ab0d48f20aa480a5a178ed&scene=58&subscene=0#rd) + - [ ] [评论 | 护好“行驶中”的个人信息安全](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664234545&idx=7&sn=452fc3ec0d32e8049888b868c54dd816&chksm=8b59fcc8bc2e75dee54ec6b6220fa19c4cec530fd3dd8d6c6e35f7c706040e9d36a84c6e1a7d&scene=58&subscene=0#rd) +- 安全圈 + - [ ] [【安全圈】2025年首个满分漏洞,PoC已公布,可部署后门](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067342&idx=1&sn=533ba142831a3c994e00cb6ec7d6d36c&chksm=f36e7a4ec419f35879a33af360eded6ccc081b3546a86d7a969a48f0eeb7b2f5eecb5be455a9&scene=58&subscene=0#rd) + - [ ] [【安全圈】AI抢不走的工作,微软力挺红队测试仍需人类“掌舵”](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067342&idx=2&sn=7630e1838566bfaad814bfbeff239c32&chksm=f36e7a4ec419f3583f2fdeb373ecf1fe61d6e4069f0710503306470b1bb3204f220e2a5f7a97&scene=58&subscene=0#rd) + - [ ] [【安全圈】不干净的视频评论区,攻击者利用Youtube传播窃密软件](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067342&idx=3&sn=488b956f65f869c09be3e3d7874e6d90&chksm=f36e7a4ec419f358aeecef6b9ff71759aabb31d37d791824c440bc665ad4c62bf5aee7f41e6d&scene=58&subscene=0#rd) + - [ ] [【安全圈】为网络安全研究人员定制的虚假漏洞利用攻击利用恶意软件](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067342&idx=4&sn=380dc9803cf52db7c5d1771d404c4279&chksm=f36e7a4ec419f35821fb42bc3692d2e2ea1220de0c7f64fc0b4a684c0758e137b27573afb929&scene=58&subscene=0#rd) +- 极客公园 + - [ ] [TikTok 难民,涌入小红书](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653072003&idx=1&sn=135396558cdffda7575ab9d4db2ba7a2&chksm=7e57d73549205e23f0d5d735b53ab13a39f6db86f72141df0708164e36e4ed09d267a90dd774&scene=58&subscene=0#rd) + - [ ] [美国推出 AI 芯片管制新规,英伟达明确反对;余承东发全员信:鸿蒙三分天下有其一;菜鸟否认拆分 | 极客早知道](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653071986&idx=1&sn=38a32cc680920e2d96eec06c14bb95e8&chksm=7e57d7c449205ed21af2351357692387d8be287f55b6e16ae7f45dfcfc10e798b10f7454c57b&scene=58&subscene=0#rd) +- 嘶吼专业版 + - [ ] [2024 年加密货币钱包盗取事件金额多达 4.94 亿美元](https://mp.weixin.qq.com/s?__biz=MzI0MDY1MDU4MQ==&mid=2247580767&idx=1&sn=8bc4c217da27a315e86c61cc20ef036e&chksm=e9146c65de63e573becf89217a5996287eaf91ca43a548ea4a03a77cf799d364c4a6e1c0c5a7&scene=58&subscene=0#rd) + - [ ] [【我们这一年】网络和数据安全取得新突破](https://mp.weixin.qq.com/s?__biz=MzI0MDY1MDU4MQ==&mid=2247580767&idx=2&sn=e765e5472d74f27fbb2c19fb3b7a82d5&chksm=e9146c65de63e5732e384640aa4c6a61ff4da482b60698b1a0d4afd5a5b0f9090e1c190a0daf&scene=58&subscene=0#rd) +- 情报分析师 + - [ ] [普京与特朗普会晤地点预测:候选国家大揭秘](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650558917&idx=1&sn=33ebe6dacd7ec85aecad0fd5bdfbee69&chksm=87117f8eb066f69870faf705186bd56adef403c6a4dea7903c776475db2ebde947a55fea0702&scene=58&subscene=0#rd) + - [ ] [以演员王星事件为镜:透视妙瓦底产业链的运作机制](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650558917&idx=2&sn=16f94a7627598f1768b88f202f7a3a9f&chksm=87117f8eb066f698165c3f8401efa4c2572c918ed92d690b688af5d21fd6f9b3541d555864f0&scene=58&subscene=0#rd) + - [ ] [巴基斯坦动荡的安全形势2024-2025](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650558917&idx=3&sn=25076a33bf9f5e28ab04068a4deac50e&chksm=87117f8eb066f698ce3b26a1ac7b5786908bc9357f0d08803546ec0eb3d67cc8678a652fea64&scene=58&subscene=0#rd) +- OPPO安全中心 + - [ ] [2024年12月奖励公告](https://mp.weixin.qq.com/s?__biz=MzUyNzc4Mzk3MQ==&mid=2247494162&idx=1&sn=97b16bca0de97ee8a0ef60af2c1807c5&chksm=fa78eb5ecd0f62481463a3d7aee16927a051bcf5dcf6225deb354fe3cfe882d79a3e4dac3ebb&scene=58&subscene=0#rd) + - [ ] [2024年度众测挑战赛奖励公告](https://mp.weixin.qq.com/s?__biz=MzUyNzc4Mzk3MQ==&mid=2247494162&idx=2&sn=cb5346aed774d0f83c617e6bbd006331&chksm=fa78eb5ecd0f6248e815336f3d3a4ece3ebca1ee6119dedcfaf298d1fa7c7f319cdfcad0887a&scene=58&subscene=0#rd) + - [ ] [2024年蜗牛奖励兑换公告](https://mp.weixin.qq.com/s?__biz=MzUyNzc4Mzk3MQ==&mid=2247494162&idx=3&sn=770c765d1832ff2e84865f85d4073e2e&chksm=fa78eb5ecd0f6248b7f379027ae40e588a5804068b056d4edc4aff7a2c64c60dd422feafee49&scene=58&subscene=0#rd) +- 字节跳动技术团队 + - [ ] [详解veImageX助力卓特视觉智能、高效生成设计素材](https://mp.weixin.qq.com/s?__biz=MzI1MzYzMjE0MQ==&mid=2247512825&idx=1&sn=ba087dada2532f864bfbe96b7a339dea&chksm=e9d3791bdea4f00d7e6b38efbe14a2de4122b715564a4e286406a40cfcf460f77bffc2c17f01&scene=58&subscene=0#rd) +- 吴鲁加 + - [ ] [建立习惯系统](https://mp.weixin.qq.com/s?__biz=Mzg5NDY4ODM1MA==&mid=2247485147&idx=1&sn=1620d7cf6289322680963ba87ff33c6d&chksm=c01a8beaf76d02fc79ef2b3b307e77598513970b244b1db86dbb915fa3fa2d9521919113fde3&scene=58&subscene=0#rd) +- 航行笔记 + - [ ] [和顾孔希大佬聊聊怎么从“打黑工”到大厂安全负责人](https://mp.weixin.qq.com/s?__biz=MzIyOTAxOTYwMw==&mid=2650236920&idx=1&sn=45f2e17b8713ae0535d21478b3506746&chksm=f04add44c73d545260a1db5c3adfbae9589b8579eedb1c58ecb4d016e52ecf5ef287ea20a161&scene=58&subscene=0#rd) +- Qualys Security Blog + - [ ] [Microsoft Patch Tuesday, January 2025 Security Update Review](https://blog.qualys.com/category/vulnerabilities-threat-research) +- 青藤智库 + - [ ] [ATT&CK实践进入深水区 ---不要再迷信ATT&CK覆盖率](https://mp.weixin.qq.com/s?__biz=MzUyOTkwNTQ5Mg==&mid=2247489334&idx=1&sn=295109e68e9f73402b29c27581c39184&chksm=fa58b50dcd2f3c1bdef61783e741656b9876e7a7d33ceecc68ec9a2613798c30b01fde577243&scene=58&subscene=0#rd) +- LuxSci + - [ ] [Securing Digital Communications in Healthcare: What You Need to Know](https://luxsci.com/blog/securing-digital-communications-healthcare.html) +- 安全419 + - [ ] [2025 年暗网市场和威胁预测](https://mp.weixin.qq.com/s?__biz=MzUyMDQ4OTkyMg==&mid=2247546688&idx=1&sn=a0efc6e92c206ed8942332d8273afec5&chksm=f9ebe9edce9c60fbcf8b788185281bd95fa99f95c8bd66e54aecebde138f8ac587a5655f2d31&scene=58&subscene=0#rd) +- ICT Security Magazine + - [ ] [La Nuova Era della Cybersecurity: Resilienza, Intelligenza Artificiale e Protezione dei Dati](https://www.ictsecuritymagazine.com/articoli/cybersecurity-resilienza-ai/) +- 360数字安全 + - [ ] [工信部认可!360荣获车联网产品安全漏洞专业库“优秀技术支撑单位”](https://mp.weixin.qq.com/s?__biz=MzA4MTg0MDQ4Nw==&mid=2247579028&idx=1&sn=3d580b0d7ca47a7f72c3197a1199540b&chksm=9f8d259ca8faac8a4d409dfed08e3cc488bb728732fb1f7fb2472e8da2de36263fd911a68379&scene=58&subscene=0#rd) +- 迪哥讲事 + - [ ] [击穿星巴克获取 1 亿用户详细信息](https://mp.weixin.qq.com/s?__biz=MzIzMTIzNTM0MA==&mid=2247496850&idx=1&sn=11bd36bd686dd8f1a78ec89282a6c8ba&chksm=e8a5fef1dfd277e782b82e03c83068b26a37747c1e407b829945c4aa158c498973966d346b4f&scene=58&subscene=0#rd) +- Krypt3ia + - [ ] [Threat Brief: Y2Q and the Convergence of AI Compute and Quantum Computing Power](https://krypt3ia.wordpress.com/2025/01/14/threat-brief-y2q-and-the-convergence-of-ai-compute-and-quantum-computing-power/) +- 360威胁情报中心 + - [ ] [近些年APT-C-60(伪猎者)组织使用的载荷分析](https://mp.weixin.qq.com/s?__biz=MzUyMjk4NzExMA==&mid=2247505493&idx=1&sn=2260fa98c61cff9236bfea3e11059200&chksm=f9c1e55cceb66c4a3a040aeb233338e2770de6a2c767b20e74a64934cc02ca6d9a1d122784c4&scene=58&subscene=0#rd) +- Over Security - Cybersecurity news aggregator + - [ ] [Microsoft: Happy 2025. Here’s 161 Security Updates](https://krebsonsecurity.com/2025/01/microsoft-happy-2025-heres-161-security-updates/) + - [ ] [Allstate car insurer sued for tracking drivers without permission](https://www.bleepingcomputer.com/news/legal/allstate-car-insurer-sued-for-tracking-drivers-without-permission/) + - [ ] [January Windows updates may fail if Citrix SRA is installed](https://www.bleepingcomputer.com/news/microsoft/january-windows-updates-may-fail-if-citrix-sra-is-installed/) + - [ ] [Microsoft Patch Tuesday for January 2025 — Snort rules and prominent vulnerabilities](https://blog.talosintelligence.com/january-patch-tuesday-release/) + - [ ] [WP3.XYZ malware attacks add rogue admins to 5,000+ WordPress sites](https://www.bleepingcomputer.com/news/security/wp3xyz-malware-attacks-add-rogue-admins-to-5-000-plus-wordpress-sites/) + - [ ] [US govt says North Korea stole over $659 million in crypto last year](https://www.bleepingcomputer.com/news/security/us-govt-says-north-korea-stole-over-659-million-in-crypto-last-year/) + - [ ] [DOJ deletes China-linked PlugX malware off more than 4,200 US computers](https://therecord.media/doj-deletes-china-linked-plugx-malware) + - [ ] [Windows 10 KB5049981 update released with new BYOVD blocklist](https://www.bleepingcomputer.com/news/microsoft/windows-10-kb5049981-update-released-with-new-byovd-blocklist/) + - [ ] [Justice Department and FBI Conduct International Operation to Delete Malware Used by China-Backed Hackers](https://flashpoint.io/blog/operation-to-delete-malware-used-by-china-backed-hackers/) + - [ ] [Microsoft January 2025 Patch Tuesday fixes 8 zero-days, 159 flaws](https://www.bleepingcomputer.com/news/microsoft/microsoft-january-2025-patch-tuesday-fixes-8-zero-days-159-flaws/) + - [ ] [Windows 11 KB5050009 & KB5050021 cumulative updates released](https://www.bleepingcomputer.com/news/microsoft/windows-11-kb5050009-and-kb5050021-cumulative-updates-released/) + - [ ] [Hegseth says debate over Cyber Command, NSA leadership would reach ‘conclusion’](https://therecord.media/pete-hegseth-confirmation-hearing-nsa-cybercom-dual-hat) + - [ ] [US issues final rule barring Chinese, Russian connected car tech](https://therecord.media/us-issues-rule-banning-chinese-russian-car-tech) + - [ ] [Google OAuth flaw lets attackers gain access to abandoned accounts](https://www.bleepingcomputer.com/news/security/google-oauth-flaw-lets-attackers-gain-access-to-abandoned-accounts/) + - [ ] [FBI wipes Chinese PlugX malware from over 4,000 US computers](https://www.bleepingcomputer.com/news/security/fbi-wipes-chinese-plugx-malware-from-over-4-000-us-computers/) + - [ ] [Tennessee-based mortgage lender confirms December cyberattack](https://therecord.media/tennessee-mortgage-lender-confirms-cyberattack) + - [ ] [Hackers use FastHTTP in new high-speed Microsoft 365 password attacks](https://www.bleepingcomputer.com/news/security/hackers-use-fasthttp-in-new-high-speed-microsoft-365-password-attacks/) + - [ ] [Connecticut city of West Haven assessing impact of cyberattack](https://therecord.media/west-haven-connecticut-city-government-cyberattack) + - [ ] [Fortinet warns of auth bypass zero-day exploited to hijack firewalls](https://www.bleepingcomputer.com/news/security/fortinet-warns-of-auth-bypass-zero-day-exploited-to-hijack-firewalls/) + - [ ] [Russia's largest platform for state procurement hit by cyberattack from pro-Ukraine group](https://therecord.media/russian-platform-for-state-procurement-hit-cyberattack) + - [ ] [Microsoft 365 apps crash on Windows Server after Office update](https://www.bleepingcomputer.com/news/microsoft/microsoft-365-apps-crash-on-windows-server-after-office-update/) + - [ ] [Russia warned its 'shadow fleet' could face action from NATO allies](https://therecord.media/baltic-nato-allies-warning-russia-shadow-fleet) + - [ ] [Analysis of Python's .pth files as a persistence mechanism](https://dfir.ch/posts/publish_python_pth_extension/) + - [ ] [Deadline Approaching for Rent 2 Own: Medusa Ransomware Threatens Data Release](https://www.suspectfile.com/deadline-approaching-for-rent-2-own-medusa-ransomware-threatens-data-release/) + - [ ] [Products and people are in place for CISA to succeed, agency’s departing No. 2 official says](https://therecord.media/nitin-natarajan-cisa-deputy-director-interview) + - [ ] [Threat Intelligence Pivoting: Actionable Insights Behind Indicators](https://any.run/cybersecurity-blog/threat-intelligence-pivoting/) + - [ ] [IntelBroker Unmasked: KELA’s In-Depth Analysis of a Cybercrime Leader](https://www.kelacyber.com/blog/intelbroker-unmasked-kelas-in-depth-analysis-of-a-cybercrime-leader/) + - [ ] [Hitchhiker’s Guide to Managed Security](https://blog.compass-security.com/2025/01/hitchhikers-guide-to-managed-security/) + - [ ] [How Barcelona became an unlikely hub for spyware startups](https://techcrunch.com/2025/01/13/how-barcelona-became-an-unlikely-hub-for-spyware-startups/) + - [ ] [UK proposes banning hospitals and schools from making ransomware payments](https://therecord.media/uk-proposes-banning-ransoms-hospitals) +- SANS Internet Storm Center, InfoCON: green + - [ ] [Microsoft January 2025 Patch Tuesday, (Tue, Jan 14th)](https://isc.sans.edu/diary/rss/31590) +- 0x727开源安全团队 + - [ ] [“运营”本身是什么?(第十二章)](https://mp.weixin.qq.com/s?__biz=MzkwNTI3MjIyOQ==&mid=2247484125&idx=1&sn=7cf0877900e944a0253bb5351787b5c0&chksm=c0fb0c17f78c8501534fcb1249221aeec70210e176b476718cdb98fc8f77960b4a353b6f6ed9&scene=58&subscene=0#rd) +- The Register - Security + - [ ] [FBI wipes Chinese PlugX malware from thousands of Windows PCs in America](https://go.theregister.com/feed/www.theregister.com/2025/01/14/fbi_french_cops_boot_chinas/) + - [ ] [Snyk appears to deploy 'malicious' packages targeting Cursor for unknown reason](https://go.theregister.com/feed/www.theregister.com/2025/01/14/snyk_npm_deployment_removed/) + - [ ] [It's not just Big Tech: The UK's Online Safety Act applies across the board](https://go.theregister.com/feed/www.theregister.com/2025/01/14/online_safety_act/) + - [ ] [UK floats ransomware payout ban for public sector](https://go.theregister.com/feed/www.theregister.com/2025/01/14/uk_ransomware_payout_ban/) + - [ ] [Miscreants 'mass exploited' Fortinet firewalls, 'highly probable' zero-day used](https://go.theregister.com/feed/www.theregister.com/2025/01/14/miscreants_mass_exploited_fortinet_firewalls/) +- TorrentFreak + - [ ] [‘Notorious’ Pirate IPTV Service MagisTV Applies for US Trademark and Rebrands](https://torrentfreak.com/notorious-pirate-iptv-service-magistv-applies-for-us-trademark-and-rebrands-250114/) +- Silent Signal Techblog + - [ ] [Story of a Pentester Recruitment 2025](https://blog.silentsignal.eu/2025/01/14/pentester-recruitment-2025-mushroom/) +- Instapaper: Unread + - [ ] [FileVault and volume encryption explained](https://eclecticlight.co/2025/01/10/filevault-and-volume-encryption-explained/) + - [ ] [Windows Browser Forensics 101](https://belkasoft.com/windows-browser-forensics) + - [ ] [Windows Recycle Bin - The known and the unknown](https://bebinary4n6.blogspot.com/2025/01/windows-recycle-bin-known-and-unknown.html) + - [ ] [iPhone and iPad Acquisition Methods Yet Another Comparison](https://blog.elcomsoft.com/2025/01/iphone-and-ipad-acquisition-methods-yet-another-comparison/) +- The Hacker News + - [ ] [Microsoft Uncovers macOS Vulnerability CVE-2024-44243 Allowing Rootkit Installation](https://thehackernews.com/2025/01/microsoft-uncovers-macos-vulnerability.html) + - [ ] [Google OAuth Vulnerability Exposes Millions via Failed Startup Domains](https://thehackernews.com/2025/01/google-oauth-vulnerability-exposes.html) + - [ ] [4 Reasons Your SaaS Attack Surface Can No Longer be Ignored](https://thehackernews.com/2025/01/4-reasons-your-saas-attack-surface-can.html) + - [ ] [Illicit HuiOne Telegram Market Surpasses Hydra, Hits $24 Billion in Crypto Transactions](https://thehackernews.com/2025/01/illicit-huione-telegram-market.html) + - [ ] [Zero-Day Vulnerability Suspected in Attacks on Fortinet Firewalls with Exposed Interfaces](https://thehackernews.com/2025/01/zero-day-vulnerability-suspected-in.html) + - [ ] [Russian-Linked Hackers Target Kazakhstan in Espionage Campaign with HATVIBE Malware](https://thehackernews.com/2025/01/russian-linked-hackers-target.html) + - [ ] [CISA Adds Second BeyondTrust Flaw to KEV Catalog Amid Active Attacks](https://thehackernews.com/2025/01/cisa-adds-new-beyondtrust-flaw-to-kev.html) +- Schneier on Security + - [ ] [Upcoming Speaking Engagements](https://www.schneier.com/blog/archives/2025/01/upcoming-speaking-engagements-42.html) + - [ ] [The First Password on the Internet](https://www.schneier.com/blog/archives/2025/01/the-first-password-on-the-internet.html) +- Technical Information Security Content & Discussion + - [ ] [Millions of Accounts Vulnerable due to Google’s OAuth Flaw](https://www.reddit.com/r/netsec/comments/1i1aam8/millions_of_accounts_vulnerable_due_to_googles/) + - [ ] [New Microsoft OLE Vulnerability, Exploitable via Email](https://www.reddit.com/r/netsec/comments/1i1ej02/new_microsoft_ole_vulnerability_exploitable_via/) + - [ ] [RCE in rsync, CVE-2024-12084 (and 5 more vulnerabilities)](https://www.reddit.com/r/netsec/comments/1i1ike5/rce_in_rsync_cve202412084_and_5_more/) + - [ ] [Over 5,000 WordPress sites caught in WP3.XYZ malware attack](https://www.reddit.com/r/netsec/comments/1i15afl/over_5000_wordpress_sites_caught_in_wp3xyz/) + - [ ] [Story of a Pentester Recruitment 2025](https://www.reddit.com/r/netsec/comments/1i16q95/story_of_a_pentester_recruitment_2025/) + - [ ] [Laser Fault Injection on a Budget: RP2350 Edition](https://www.reddit.com/r/netsec/comments/1i1fm6j/laser_fault_injection_on_a_budget_rp2350_edition/) + - [ ] [Threat actors exploit a probable 0-day in exposed management consoles of Fortinet FortiGate firewalls](https://www.reddit.com/r/netsec/comments/1i12s72/threat_actors_exploit_a_probable_0day_in_exposed/) + - [ ] [Command Line Underdog: WMIC in Action -- How to use wmic as an alternate shell in a pinch](https://www.reddit.com/r/netsec/comments/1i19m6a/command_line_underdog_wmic_in_action_how_to_use/) +- Deeplinks + - [ ] [Platforms Systematically Removed a User Because He Made "Most Wanted CEO" Playing Cards](https://www.eff.org/deeplinks/2025/01/platforms-systematically-removed-user-because-he-made-most-wanted-ceo-playing) +- Information Security + - [ ] [¿Alguien sabe donde puedo conseguir alguna pagina/links para descargar virus/troyanos/spywares a propósito?](https://www.reddit.com/r/Information_Security/comments/1i10r2b/alguien_sabe_donde_puedo_conseguir_alguna/) +- Computer Forensics + - [ ] [Trying to find how data was moved off a company computer](https://www.reddit.com/r/computerforensics/comments/1i1bera/trying_to_find_how_data_was_moved_off_a_company/) + - [ ] [Strange Request but anyone have any recommendation for Furniture/Layout for lab environment they enjoy?](https://www.reddit.com/r/computerforensics/comments/1i1b1hs/strange_request_but_anyone_have_any/) + - [ ] [FYI: Free Enterprise licenses for data recovery professionals from Disk Drill](https://www.reddit.com/r/computerforensics/comments/1i18at1/fyi_free_enterprise_licenses_for_data_recovery/) + - [ ] [How to capture and decrypt packets from an iPhone AND use the microphone](https://www.reddit.com/r/computerforensics/comments/1i0wbgh/how_to_capture_and_decrypt_packets_from_an_iphone/) +- netsecstudents: Subreddit for students studying Network Security and its related subjects + - [ ] [Need residential network security consultant in Dallas area](https://www.reddit.com/r/netsecstudents/comments/1i1553g/need_residential_network_security_consultant_in/) +- Krebs on Security + - [ ] [Microsoft: Happy 2025. Here’s 161 Security Updates](https://krebsonsecurity.com/2025/01/microsoft-happy-2025-heres-161-security-updates/) +- Blackhat Library: Hacking techniques and research + - [ ] [Infostealer Logs to Fuel a New Wave of AWS Ransomware Attacks](https://www.reddit.com/r/blackhat/comments/1i12gdl/infostealer_logs_to_fuel_a_new_wave_of_aws/) +- Your Open Hacker Community + - [ ] [Best course for beginner in hacking and cyber security](https://www.reddit.com/r/HowToHack/comments/1i14y6e/best_course_for_beginner_in_hacking_and_cyber/) + - [ ] [Trying to figure out how to pull email addresses and stuff, wanna know how to do that](https://www.reddit.com/r/HowToHack/comments/1i1jdgb/trying_to_figure_out_how_to_pull_email_addresses/) + - [ ] [best ethical Wi-Fi info stealer you can try and also with a gui](https://www.reddit.com/r/HowToHack/comments/1i1i672/best_ethical_wifi_info_stealer_you_can_try_and/) + - [ ] [What's the best way to learn how to start hacking?](https://www.reddit.com/r/HowToHack/comments/1i1afyv/whats_the_best_way_to_learn_how_to_start_hacking/) + - [ ] [Would like some tips](https://www.reddit.com/r/HowToHack/comments/1i1bpxm/would_like_some_tips/) + - [ ] [Access MSSQL DB with lost password?](https://www.reddit.com/r/HowToHack/comments/1i15n6b/access_mssql_db_with_lost_password/) + - [ ] [Name Suggestion:](https://www.reddit.com/r/HowToHack/comments/1i0ytwo/name_suggestion/) + - [ ] [What I should learn about ethical hacking? Or Kali Linux](https://www.reddit.com/r/HowToHack/comments/1i16afj/what_i_should_learn_about_ethical_hacking_or_kali/) + - [ ] [What are some sql queries to bypass login](https://www.reddit.com/r/HowToHack/comments/1i0zuvl/what_are_some_sql_queries_to_bypass_login/) + - [ ] [Need help making a copy of my college id card](https://www.reddit.com/r/HowToHack/comments/1i0weja/need_help_making_a_copy_of_my_college_id_card/) + - [ ] [how can i spoof my mac address on a chromebook? (not school issued)](https://www.reddit.com/r/HowToHack/comments/1i0wr9f/how_can_i_spoof_my_mac_address_on_a_chromebook/) + - [ ] [[ Removed by Reddit ]](https://www.reddit.com/r/HowToHack/comments/1i0syrn/removed_by_reddit/) +- Hacking Exposed Computer Forensics Blog + - [ ] [Daily Blog #717: Getting free Azure credits for testing](https://www.hecfblog.com/2025/01/daily-blog-717-getting-free-azure.html) +- Security Weekly Podcast Network (Audio) + - [ ] [Smishing, Beyond Trust, CryptoReligion, Aviatrix, Azure, Josh Marpet, and more... - SWN #442](http://sites.libsyn.com/18678/smishing-beyond-trust-cryptoreligion-aviatrix-azure-josh-marpet-and-more-swn-442) + - [ ] [Discussing Useful Security Requirements with Developers - Ixchel Ruiz - ASW #313](http://sites.libsyn.com/18678/discussing-useful-security-requirements-with-developers-ixchel-ruiz-asw-313) diff --git a/archive/tmp/2025-01-15.json b/archive/tmp/2025-01-15.json new file mode 100644 index 0000000000..b78bbe49e8 --- /dev/null +++ b/archive/tmp/2025-01-15.json @@ -0,0 +1,486 @@ +{ + "奇安信攻防社区": { + "从嵌入式系统到网络设备:路由器安全攻防技术详解": "https://forum.butian.net/share/3995", + "windows内核驱动开发": "https://forum.butian.net/share/4034", + "ognl+cc 依赖绕过沙箱": "https://forum.butian.net/share/4037" + }, + "Private Feed for M09Ic": { + "safedv starred Karneades/malware-persistence": "https://github.com/Karneades/malware-persistence", + "safedv starred TabbyML/tabby": "https://github.com/TabbyML/tabby", + "safedv starred securitytemplates/sectemplates": "https://github.com/securitytemplates/sectemplates", + "mgeeky starred strandjs/IntroLabs": "https://github.com/strandjs/IntroLabs", + "BishopFox made BishopFox/raink public": "https://github.com/BishopFox/raink", + "mgeeky starred Neo23x0/sysmon-config": "https://github.com/Neo23x0/sysmon-config", + "zer0yu starred yqcs/prismx": "https://github.com/yqcs/prismx", + "zer0yu starred OWASP/www-project-asvs-security-evaluation-templates-with-nuclei": "https://github.com/OWASP/www-project-asvs-security-evaluation-templates-with-nuclei", + "zer0yu started following vztu": "https://github.com/vztu", + "mgeeky starred S3lrius/okta-mullvad-siege": "https://github.com/S3lrius/okta-mullvad-siege", + "zer0yu started following nicowaisman": "https://github.com/nicowaisman", + "kpcyrd forked kpcyrd/espflash from esp-rs/espflash": "https://github.com/kpcyrd/espflash", + "liamg starred dhanishgajjar/vscode-icons": "https://github.com/dhanishgajjar/vscode-icons", + "glzjin released v1.0.0 at glzjin/lzc-uid-impersonation": "https://github.com/glzjin/lzc-uid-impersonation/releases/tag/v1.0.0", + "glzjin created a repository glzjin/lzc-uid-impersonation": "https://github.com/glzjin/lzc-uid-impersonation//", + "Ascotbe starred xpipe-io/xpipe": "https://github.com/xpipe-io/xpipe", + "safedv starred EvilBytecode/GoDefender": "https://github.com/EvilBytecode/GoDefender", + "safedv starred BlackSnufkin/NyxInvoke": "https://github.com/BlackSnufkin/NyxInvoke", + "safedv starred mar10/wsgidav": "https://github.com/mar10/wsgidav", + "safedv starred Offensive-Panda/ShadowDumper": "https://github.com/Offensive-Panda/ShadowDumper", + "su18 started following apangin": "https://github.com/apangin", + "zer0yu starred RedByte1337/GraphSpy": "https://github.com/RedByte1337/GraphSpy", + "su18 starred yanqi27/core_analyzer": "https://github.com/yanqi27/core_analyzer", + "lijiejie started following 78": "https://github.com/78", + "Rvn0xsy starred 0xPlaygrounds/rig": "https://github.com/0xPlaygrounds/rig", + "FunnyWolf starred androguard/androguard": "https://github.com/androguard/androguard", + "Rvn0xsy starred astral-sh/uv": "https://github.com/astral-sh/uv", + "INotGreen starred natemcmaster/DotNetCorePlugins": "https://github.com/natemcmaster/DotNetCorePlugins", + "4ra1n started following yuanhaiGreg": "https://github.com/yuanhaiGreg", + "su18 started following Ape1ron": "https://github.com/Ape1ron" + }, + "安全脉搏": { + "Windows远程桌面的奇技淫巧": "https://www.secpulse.com/archives/205196.html", + "JMX 反序列化漏洞": "https://www.secpulse.com/archives/205242.html", + "某个OA系统的代码审计": "https://www.secpulse.com/archives/205256.html" + }, + "嘶吼 RoarTalk – 网络安全行业综合服务平台,4hou.com": { + "CACTER直播预告:大模型网关新品抢先知,惊喜积分礼盒等您兑": "https://www.4hou.com/posts/YZYY", + "喜报!360入围中央国家机关及多地省政府采购名单": "https://www.4hou.com/posts/ZgGg", + "2024 年加密货币钱包盗取事件金额多达 4.94 亿美元": "https://www.4hou.com/posts/wxgX", + "国投智能2024年度十大事件揭晓": "https://www.4hou.com/posts/XPXV" + }, + "CXSECURITY Database RSS Feed - CXSecurity.com": { + "IIT Bombay Bodhitree- Malicious Code injection": "https://cxsecurity.com/issue/WLB-2025010016", + "TheDotStudios Web Application Union-based Sql Injection": "https://cxsecurity.com/issue/WLB-2025010015", + "FSB: FOR and AGAINST XSS Vulnerability": "https://cxsecurity.com/issue/WLB-2025010014" + }, + "Recent Commits to cve:main": { + "Update Tue Jan 14 20:23:05 UTC 2025": "https://github.com/trickest/cve/commit/2b68f28ad7d72be76ceb432454fd1e3de100a91e", + "Update Tue Jan 14 12:15:13 UTC 2025": "https://github.com/trickest/cve/commit/092338135fdd51d78ed23be4a9c2576af612967d", + "Update Tue Jan 14 04:11:31 UTC 2025": "https://github.com/trickest/cve/commit/d29be7fc385546f1f15f732420b3469cf35461fb" + }, + "Security Boulevard": { + "The Future of Cybersecurity: Global Outlook 2025 and Beyond": "https://securityboulevard.com/2025/01/the-future-of-cybersecurity-global-outlook-2025-and-beyond/", + "Unsafe Deserialization Attacks Surge | December Attack Data | Contrast Security": "https://securityboulevard.com/2025/01/unsafe-deserialization-attacks-surge-december-attack-data-contrast-security/", + "How to Prevent Risk From Unknown Build Assets": "https://securityboulevard.com/2025/01/how-to-prevent-risk-from-unknown-build-assets/", + "CVE-2024-55591: Fortinet Authentication Bypass Zero-Day Vulnerability Exploited in the Wild": "https://securityboulevard.com/2025/01/cve-2024-55591-fortinet-authentication-bypass-zero-day-vulnerability-exploited-in-the-wild/", + "DEF CON 32 – Pick Your Poison: Navigating A Secure Clean Energy Transition": "https://securityboulevard.com/2025/01/def-con-32-pick-your-poison-navigating-a-secure-clean-energy-transition/", + "Microsoft’s January 2025 Patch Tuesday Addresses 157 CVEs (CVE-2025-21333, CVE-2025-21334, CVE-2025-21335)": "https://securityboulevard.com/2025/01/microsofts-january-2025-patch-tuesday-addresses-157-cves-cve-2025-21333-cve-2025-21334-cve-2025-21335/", + "The AI Revolution: Navigating Cybersecurity Challenges in 2025": "https://securityboulevard.com/2025/01/the-ai-revolution-navigating-cybersecurity-challenges-in-2025/", + "Randall Munroe’s XKCD ‘Trimix’": "https://securityboulevard.com/2025/01/randall-munroes-xkcd-trimix/", + "Sanitizing Unstructured Data In Motion—and Why It’s Important": "https://securityboulevard.com/2025/01/sanitizing-unstructured-data-in-motion-and-why-its-important/", + "Six Friends Every Security Team Needs": "https://securityboulevard.com/2025/01/six-friends-every-security-team-needs/" + }, + "SecWiki News": { + "SecWiki News 2025-01-14 Review": "http://www.sec-wiki.com/?2025-01-14" + }, + "paper - Last paper": { + "探索大型语言模型在Android恶意软件语义分析与分类中的应用": "https://paper.seebug.org/3267/" + }, + "Trustwave Blog": { + "Navigating DORA Compliance: A Roadmap to Operational Resilience with Trustwave": "https://www.trustwave.com/en-us/resources/blogs/trustwave-blog/navigating-dora-compliance-a-roadmap-to-operational-resilience-with-trustwave/" + }, + "Tenable Blog": { + "CVE-2024-55591: Fortinet Authentication Bypass Zero-Day Vulnerability Exploited in the Wild": "https://www.tenable.com/blog/cve-2024-55591-fortinet-authentication-bypass-zero-day-vulnerability-exploited-in-the-wild", + "Microsoft’s January 2025 Patch Tuesday Addresses 157 CVEs (CVE-2025-21333, CVE-2025-21334, CVE-2025-21335)": "https://www.tenable.com/blog/microsofts-january-2025-patch-tuesday-157-cves-cve-2025-21333-cve-2025-21334-cve-2025-21335" + }, + "Doonsec's feed": { + "牟林:撕掉了价值观的伪装的特朗普赤膊上阵意味深长": "https://mp.weixin.qq.com/s?__biz=MzA5MDg1MDUyMA==&mid=2650476159&idx=1&sn=9ee9e8f87fe420fc6c6341795ef49a16", + "美国商务部发布联网汽车禁令的双刃剑效应": "https://mp.weixin.qq.com/s?__biz=MzU3MDM2NzkwNg==&mid=2247486527&idx=1&sn=ea24c76effd05ec8ea8d35594bc8d6f1", + "Kioptrix-Level Four 综合靶机实战思路": "https://mp.weixin.qq.com/s?__biz=MzkzMzg3MzMyOA==&mid=2247486096&idx=1&sn=077a1526044ac3b0e5faf5a43b121e34", + "2025年5大最佳静态代码分析工具": "https://mp.weixin.qq.com/s?__biz=Mzk0MzY1NDc2MA==&mid=2247484248&idx=1&sn=660d1f911b2ba04ced47f27fc379b993", + "2025年,AI代码生成器会克服他们的不安全感吗?": "https://mp.weixin.qq.com/s?__biz=Mzk0MzY1NDc2MA==&mid=2247484248&idx=2&sn=38859bfbe2dd4ed1e30a56eaf6e7aae0", + "战略解码:后量子密码学时代即将到来,到2029年多数传统密码算法将不再安全!(附下载)": "https://mp.weixin.qq.com/s?__biz=MzkyMTYyOTQ5NA==&mid=2247486200&idx=1&sn=b8aebdb50b6d0b52cae98068b497ce5c", + "信息收集神器--Nmap": "https://mp.weixin.qq.com/s?__biz=Mzk1NzQwNjQ4Ng==&mid=2247484155&idx=1&sn=112973fae39d94735fdd696778fd0050", + "关注 | 工信部发文 加强互联网数据中心客户数据安全保护": "https://mp.weixin.qq.com/s?__biz=MzI5NTM4OTQ5Mg==&mid=2247633806&idx=1&sn=1e8f421710d828b75aaa168efa6c2368", + "发布 | 公安部公布8起打击网络黑客犯罪典型案例": "https://mp.weixin.qq.com/s?__biz=MzI5NTM4OTQ5Mg==&mid=2247633806&idx=2&sn=124635720d9fd3a4d52758945ac5fbb4", + "专家解读 | 大力发展数据标注产业 推动我国人工智能创新发展": "https://mp.weixin.qq.com/s?__biz=MzI5NTM4OTQ5Mg==&mid=2247633806&idx=3&sn=2fb371756994036269d4fc5b01dba54a", + "专挑执法机构下手!欧盟执法培训机构发生大规模数据泄露": "https://mp.weixin.qq.com/s?__biz=MzI4NDY2MDMwMw==&mid=2247513487&idx=2&sn=11bbee0dcc26adcb43a666c1f79059f1", + "感受风险的脉搏": "https://mp.weixin.qq.com/s?__biz=Mzg2MDc0NTIxOQ==&mid=2247484712&idx=1&sn=37b75b5289eea41ca58444a90f849239", + "趋势预测 | 2025年人工智能带来的五大网络安全挑战": "https://mp.weixin.qq.com/s?__biz=Mzg4MDU0NTQ4Mw==&mid=2247528636&idx=1&sn=e7b0e6125f4860f6ff6b03f1c2560eb7", + "【漏洞预警】科拓全智能停车收费系统Webservice.asmx存在任意文件上传漏洞": "https://mp.weixin.qq.com/s?__biz=MzI3NzMzNzE5Ng==&mid=2247489457&idx=1&sn=56aacbec2792c121e13929fa55c1d15c", + "HooK iOS内核代码禁用ASLR": "https://mp.weixin.qq.com/s?__biz=MzI3NzMzNzE5Ng==&mid=2247489457&idx=2&sn=f8d7f758303e046b7ad7bf007307bb99", + "不被大风吹倒": "https://mp.weixin.qq.com/s?__biz=MzUzMjQyMDE3Ng==&mid=2247487879&idx=1&sn=2b21fe27106a44fd4d67437654344911", + "用于快速搜索 Windows 取证文件的开源工具": "https://mp.weixin.qq.com/s?__biz=Mzg3OTUxNTU2NQ==&mid=2247489985&idx=1&sn=7e571dcec614a3df4edd8a9942fda45d", + "通用大模型分析恶意软件,完全不靠谱": "https://mp.weixin.qq.com/s?__biz=Mzg3OTUxNTU2NQ==&mid=2247489985&idx=2&sn=34221d1abc1654c247f6d48a1358ea27", + "浅谈蜜罐原理与规避": "https://mp.weixin.qq.com/s?__biz=Mzg3OTUxNTU2NQ==&mid=2247489985&idx=3&sn=d1ad5a883663d7ab9c6733b36f18dea6", + "免费 | 一键为图片添加矢量描边,轻松制作精美贴图": "https://mp.weixin.qq.com/s?__biz=MzI2MjcwMTgwOQ==&mid=2247492166&idx=1&sn=1bd4586e5113eebd05eef898773dd813", + "BS ISO 23799-2024 船舶和海洋技术 机载网络安全评估(中文版)": "https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247619473&idx=1&sn=bc75cac851697fceeb2fc6f22d65fb88", + "E26 Cyber resilience of ships 船舶网络韧性(中英文)": "https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247619473&idx=2&sn=c87c8dfeec334aa7c0648bd5d5fb1c0f", + "船舶网络安全态势感知方法研究综述": "https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247619473&idx=3&sn=b5af0428d85c47768ab3249823c1e943", + "通过Frida-Labs 筑牢frida基础": "https://mp.weixin.qq.com/s?__biz=Mzk0ODM0MjA0OA==&mid=2247483898&idx=1&sn=27137752eaa2ec4a2c94554309d28337", + "网络安全市场正面临“红海”困境": "https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485408&idx=1&sn=d3dd148b9a40df582dcc7469214bed24", + "【直卖实拍】北七家3居变4居豪装,理想楼层、户型、朝向": "https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485408&idx=2&sn=d4ddf8594577b5ca40c9df760b5a9bd8", + "【干货】笑傲职场的独家经验(1)": "https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485408&idx=3&sn=19ee1eae4f3f850a6a54da14830621ac", + "【干货原创】实网攻防演习常态化,会带来什么变化01": "https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485408&idx=4&sn=f5757f423a3c082d25670a4f654ca58f", + "【干货原创】K12教育,鲜为人知的模式秘密": "https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485408&idx=5&sn=17f3311b68450e89f1529fc3c79478d5", + "原创文章目录": "https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485408&idx=6&sn=4b5e54c53d30cee295d18757908955a0", + "Vulnhub-SkyTower靶机": "https://mp.weixin.qq.com/s?__biz=Mzk1NzI5NzA3NQ==&mid=2247486104&idx=1&sn=b465a463e21cb6b5ec8d8e3a492731e0", + "记录一次渗透ta的内心(下)": "https://mp.weixin.qq.com/s?__biz=MzkyMDY1MDI3OA==&mid=2247483760&idx=1&sn=439de68dc790096679ce33deb91e4080", + "重拳出击!公安部公布2024年打击网络黑客犯罪典型案例": "https://mp.weixin.qq.com/s?__biz=MzkwMDU5NTE0OQ==&mid=2247488665&idx=1&sn=dafcee6a677014e61d2cee0967d06c8e", + "EarlyBirdNTDLL项目解析以绕过Defender": "https://mp.weixin.qq.com/s?__biz=Mzg5MDg3OTc0OA==&mid=2247489374&idx=1&sn=3265275266612356110a5deaff62567f", + "防翻车,禁止浏览器扩展插件自动更新": "https://mp.weixin.qq.com/s?__biz=Mzk0MzY3MDE5Mg==&mid=2247483913&idx=1&sn=162d3d2618498bf04d6dd5703c9eb091", + "攻防演练-医院-ez一把梭": "https://mp.weixin.qq.com/s?__biz=Mzg2ODYxMzY3OQ==&mid=2247518206&idx=1&sn=c6aeb567802f8bb89727ab12d737130f", + "网站篡改入门,一个SQL注入漏洞就能让整个网站大变样,原理详解|!|从SQL注入到XSS攻击,完整还原黑客是如何篡改网站的": "https://mp.weixin.qq.com/s?__biz=MzI5MjY4MTMyMQ==&mid=2247489687&idx=1&sn=c004c654be6ef71290e6cc23b82a8083", + "原创—再次谏言腾讯走运模式固本培元路线,更长久": "https://mp.weixin.qq.com/s?__biz=Mzg4NzAwNzA4NA==&mid=2247485066&idx=1&sn=196b14c1c5ef808aaf7507e6f83adff1", + "【资料】全源情报分析指南": "https://mp.weixin.qq.com/s?__biz=MzI2MTE0NTE3Mw==&mid=2651148529&idx=1&sn=eb04e2ef8c40d94aef096c369c1ea58b", + "实战渗透菠菜网站 II": "https://mp.weixin.qq.com/s?__biz=MzkyMDY1MDI3OA==&mid=2247483752&idx=1&sn=e57d2c778125c9aac7b8031e1a35ccd2", + "击穿星巴克获取 1 亿用户详细信息": "https://mp.weixin.qq.com/s?__biz=MzIzMTIzNTM0MA==&mid=2247496850&idx=1&sn=11bd36bd686dd8f1a78ec89282a6c8ba", + "12【邮件安全】如何防护垃圾邮件威胁": "https://mp.weixin.qq.com/s?__biz=MzI1OTUyMTI2MQ==&mid=2247484802&idx=1&sn=88e31e317fa0f451073d3b9fc394f749", + "校招社招实习推荐": "https://mp.weixin.qq.com/s?__biz=MzkwMTU2NzMwOQ==&mid=2247484512&idx=1&sn=420838d4cac10933a522705e4c8c975e", + "sql注入之无列名注数据详解": "https://mp.weixin.qq.com/s?__biz=MzkzODUzMjA1MQ==&mid=2247484812&idx=1&sn=9c59b82c3fc8797de6dba73d331c9f12", + "2025年首个满分漏洞,PoC已公布,可部署后门": "https://mp.weixin.qq.com/s?__biz=MzkzNjIzMjM5Ng==&mid=2247490196&idx=1&sn=c5f5b38d186df545679f4ea625394a55", + "党建引领促业务 保密护航筑安全 —评测中心党总支举办党务综合素质提升培训班": "https://mp.weixin.qq.com/s?__biz=MjM5NzYwNDU0Mg==&mid=2649249440&idx=1&sn=e88cccb31645fdd18ef61f98a10a837e", + "【我们这一年】走好践行“两个维护”第一方阵 以高质量党建促进高质量发展": "https://mp.weixin.qq.com/s?__biz=MjM5NzYwNDU0Mg==&mid=2649249440&idx=2&sn=d2ffee8f4ca7b688d38a0e0723f9d7aa", + "【资讯】《中国法学会章程》全文": "https://mp.weixin.qq.com/s?__biz=MzU1NDY3NDgwMQ==&mid=2247549233&idx=1&sn=ba192064261b27a5356a3a08ad291abd", + "【资讯】国家发改委等四部门发布《关于促进数据标注产业高质量发展的实施意见》": "https://mp.weixin.qq.com/s?__biz=MzU1NDY3NDgwMQ==&mid=2247549233&idx=2&sn=243ef9506e5c59bd5d5c60e73abcd6ae", + "【资讯】工信部办公厅发布《关于加强互联网数据中心客户数据安全保护的通知》": "https://mp.weixin.qq.com/s?__biz=MzU1NDY3NDgwMQ==&mid=2247549233&idx=3&sn=32b35d16439643bdb98c360fad03b3b1", + "HPW大会精彩回顾:无界对话,技术交汇(内含ppt!)": "https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651311991&idx=1&sn=2b106d06d500e59c02c0fbeca6846e90", + "不干净的视频评论区,攻击者利用Youtube传播窃密软件": "https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651311991&idx=2&sn=0132681595daef3f0ff9ff610d912fab", + "议题征集 | 关于征集第六期移动互联网APP产品安全漏洞技术沙龙议题的通知": "https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651311991&idx=3&sn=db90b0dc624faaae95f965931adc5423", + "RequestShield:一款HTTP请求威胁识别与检测工具": "https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651311991&idx=4&sn=c569c3a23ae2e04238ecca429244011e", + "frida搭建+使用": "https://mp.weixin.qq.com/s?__biz=MzkxMjYyMjA3Mg==&mid=2247485367&idx=1&sn=dc03aa1898daa66f43405c5cf951f4df", + "【CTF】GeekChallenge极客大挑战": "https://mp.weixin.qq.com/s?__biz=Mzg5NTU2NjA1Mw==&mid=2247496426&idx=1&sn=4f06e472671f195bcf272dc5dc4be240", + "难绷,一种重命名+符号链接禁用EDR(Crowdstrike)的方法": "https://mp.weixin.qq.com/s?__biz=MzU0NDc0NTY3OQ==&mid=2247488378&idx=1&sn=df5f38e5592b90173adcdba1700c594f", + "安在盘点 | 2024网络安全报告大合集,1000余份打包下载": "https://mp.weixin.qq.com/s?__biz=MzU5ODgzNTExOQ==&mid=2247634547&idx=1&sn=bb5d7af37a68ccc2a10af856d26a25a8", + "【黑产大数据】2024年数据泄露风险态势报告": "https://mp.weixin.qq.com/s?__biz=MzU5ODgzNTExOQ==&mid=2247634547&idx=2&sn=f81e4408bb90e355b175acb4d120bb39", + "开源文件夹同步备份神器-FreeFileSync": "https://mp.weixin.qq.com/s?__biz=MzkxMzIwNTY1OA==&mid=2247510760&idx=1&sn=5132d5439191a7f9958d224f34df1565", + "2025年TPRM趋势:日益增长的第三方依赖及相关风险": "https://mp.weixin.qq.com/s?__biz=MzkxMzQwNDcxNg==&mid=2247486840&idx=1&sn=9cb6cc729144dd71928f5fd8e051fb50", + "地表工资最高的公司! 英伟达一半员工净资产破亿,近八成员工百万富翁": "https://mp.weixin.qq.com/s?__biz=Mzg2NDYwMDA1NA==&mid=2247543500&idx=1&sn=de1eccf3a6b40841971eed33f4879c09", + "2025年各省网络安全人员工资,单日最高14K, 上海最好36K/月,": "https://mp.weixin.qq.com/s?__biz=Mzg2NDYwMDA1NA==&mid=2247543500&idx=2&sn=50bc7629d425f93b8db78bad22bddeae", + "信息安全漏洞周报(2025年第2期)": "https://mp.weixin.qq.com/s?__biz=MzAxODY1OTM5OQ==&mid=2651462564&idx=1&sn=2257357922013ed3d0647f6ff408ccd4", + "发布 | 四部门联合印发《关于促进数据标注产业高质量发展的实施意见》(附全文)": "https://mp.weixin.qq.com/s?__biz=MzkyNDUyNzU1MQ==&mid=2247486658&idx=1&sn=95a8ac019ad27da2b70d48a51d110459", + "智能引领,携誉启航丨盘点国投智能2024下半年高光时刻": "https://mp.weixin.qq.com/s?__biz=MjM5NTU4NjgzMg==&mid=2651434634&idx=1&sn=3899dfbd80b88a8f44263c19077320e0", + "Hacker有“泰”度!360白帽泰国行圆满落幕~": "https://mp.weixin.qq.com/s?__biz=Mzg5MTc5Mzk2OA==&mid=2247502656&idx=1&sn=d52bbd8b88f3468b66737a500d9fe220", + "工信部认可!360荣获车联网产品安全漏洞专业库“优秀技术支撑单位”": "https://mp.weixin.qq.com/s?__biz=MzA4MTg0MDQ4Nw==&mid=2247579028&idx=1&sn=3d580b0d7ca47a7f72c3197a1199540b", + "带你解锁编码新世界!--随波逐流CTF编码工具使用教程34 --Quoted-printable密码": "https://mp.weixin.qq.com/s?__biz=MzU2NzIzNzU4Mg==&mid=2247489481&idx=1&sn=8faf84924478a515c65fe12c67b0eb2e", + "喜讯!云起无垠获评“国家高新技术企业”认证": "https://mp.weixin.qq.com/s?__biz=Mzg3Mjg4NTcyNg==&mid=2247490152&idx=1&sn=6dc7067ab4e8edbb64c06f77c83b9229", + "釜山数字资产交易所与CertiK达成战略合作,推动数字资产交易安全升级": "https://mp.weixin.qq.com/s?__biz=MzU5OTg4MTIxMw==&mid=2247503883&idx=1&sn=fbc059f2f83a338969145c70a83685c3", + "苹果修复 macOS 高危漏洞,被黑客利用可安装恶意内核驱动": "https://mp.weixin.qq.com/s?__biz=MzU2MTQwMzMxNA==&mid=2247541399&idx=1&sn=c0dd23b96e9a973bc068a2183d8c1ce0", + "【安全圈】2025年首个满分漏洞,PoC已公布,可部署后门": "https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067342&idx=1&sn=533ba142831a3c994e00cb6ec7d6d36c", + "【安全圈】AI抢不走的工作,微软力挺红队测试仍需人类“掌舵”": "https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067342&idx=2&sn=7630e1838566bfaad814bfbeff239c32", + "【安全圈】不干净的视频评论区,攻击者利用Youtube传播窃密软件": "https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067342&idx=3&sn=488b956f65f869c09be3e3d7874e6d90", + "【安全圈】为网络安全研究人员定制的虚假漏洞利用攻击利用恶意软件": "https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067342&idx=4&sn=380dc9803cf52db7c5d1771d404c4279", + "阳光下的阴影:巴塞罗那如何成为全球间谍软件的“新硅谷”?": "https://mp.weixin.qq.com/s?__biz=MzkyMjQ5ODk5OA==&mid=2247506780&idx=1&sn=8bba20149bb98ccaeb3d6baf110d8760", + "快讯 | 上海安全防范报警协会召开第八届会员代表大会第一次会议,慧盾安全当选常务理事单位": "https://mp.weixin.qq.com/s?__biz=MzI2NDcwOTgzOA==&mid=2247493444&idx=1&sn=3dc9af50d6d2be8e1fceab27742a062c", + "2025 SUCTF wp": "https://mp.weixin.qq.com/s?__biz=Mzk0NzI0NTI2OA==&mid=2247486149&idx=1&sn=567432088d55b1f76b4e6efa614df7a0", + "微软OpenAI云遭滥用:攻击者绕过安全护栏 对外售卖违规内容生成服务": "https://mp.weixin.qq.com/s?__biz=MzI4NDY2MDMwMw==&mid=2247513487&idx=1&sn=2bb2b3796dd10a13b4a3bf0ae256a199" + }, + "安全客-有思想的安全新媒体": { + "共赴商用密码盛事,开启创新发展新篇--2025第三届商用密码展将于6月11日-13日在上海举办!": "https://www.anquanke.com/post/id/303497", + "喜报!360入围中央国家机关及多地省政府采购名单!": "https://www.anquanke.com/post/id/303491", + "CVE-2024-56511: DataEase 中的严重身份验证绕过漏洞": "https://www.anquanke.com/post/id/303488", + "攻击者在不使用勒索软件的情况下加密 AWS S3 数据": "https://www.anquanke.com/post/id/303485", + "OneBlood 证实个人数据在 7 月份的勒索软件攻击中被盗": "https://www.anquanke.com/post/id/303482", + "CISA 警告 BeyondTrust 和 Qlik Sense 中的关键漏洞正被积极利用": "https://www.anquanke.com/post/id/303479", + "新型 Web3 攻击利用交易模拟窃取加密货币": "https://www.anquanke.com/post/id/303476", + "CVE-2025-22152(CVSS 9.4): 在 Atheos 基于 Web 的集成开发环境中发现严重漏洞": "https://www.anquanke.com/post/id/303473", + "Aviatrix 控制器 RCE CVE-2024-50603 在野外被利用:部署了加密劫持和后门程序": "https://www.anquanke.com/post/id/303470", + "新 macOS 漏洞暴露: 针对 CVE-2024-54498 的 PoC 攻破了沙盒安全性": "https://www.anquanke.com/post/id/303466", + "WordPress Skimmers通过将自己注入数据库表来逃避检测": "https://www.anquanke.com/post/id/303463" + }, + "ArthurChiao's Blog": { + "[译] AI Workflow & AI Agent:架构、模式与工程建议(Anthropic,2024)": "https://arthurchiao.github.io/blog/build-effective-ai-agent-zh/" + }, + "一个被知识诅咒的人": { + "Python内存优化全攻略:深入理解对象池与__slots__的应用": "https://blog.csdn.net/nokiaguy/article/details/145135646", + "【人工智能】从Keras到TensorFlow 2.0:深入掌握Python深度学习技术": "https://blog.csdn.net/nokiaguy/article/details/145135601" + }, + "Horizon3.ai": { + "Prove the impact of cybersecurity investments—holistically and continuously": "https://www.horizon3.ai/intelligence/webinars/prove-the-impact-of-cybersecurity-investments-holistically-and-continuously/" + }, + "Blogs dade": { + "Weekly Retro 2025-W02": "https://0xda.de/blog/2025/01/weekly-retro-2025-w02/" + }, + "SpiderLabs Blog": { + "CVE-2024-55591: Fortinet FortiOS/FortiProxy Zero Day": "https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/cve-2024-55591-fortinet-fortios-fortiproxy-zero-day/", + "The Database Slayer: Deep Dive and Simulation of the Xbash Malware": "https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/the-database-slayer-deep-dive-and-simulation-of-the-xbash-malware/" + }, + "Malwarebytes": { + "Insurance company accused of using secret software to illegally collect and sell location data on millions of Americans": "https://www.malwarebytes.com/blog/news/2025/01/insurance-company-accused-of-using-secret-software-to-illegally-collect-and-sell-location-data-on-millions-of-americans" + }, + "Reverse Engineering": { + "USB Ethernet Adapter Malware??? OALABS Line-by-Line Code Analysis": "https://www.reddit.com/r/ReverseEngineering/comments/1i1eylt/usb_ethernet_adapter_malware_oalabs_linebyline/" + }, + "daniel.haxx.se": { + "Secure Transport support in curl is on its way out": "https://daniel.haxx.se/blog/2025/01/14/secure-transport-support-in-curl-is-on-its-way-out/" + }, + "FreeBuf网络安全行业门户": { + "FreeBuf早报 | 由AI大模型生成的勒索软件被曝光;恶意软件利用0Day远程控制Linux": "https://www.freebuf.com/news/419812.html", + "2025年十大最佳漏洞管理工具分享": "https://www.freebuf.com/news/419799.html", + "2025年首个满分漏洞,PoC已公布,可部署后门": "https://www.freebuf.com/news/419788.html", + "不干净的视频评论区,攻击者利用Youtube传播窃密软件": "https://www.freebuf.com/news/419785.html", + "AI抢不走的工作,微软力挺红队测试仍需人类“掌舵”": "https://www.freebuf.com/news/419782.html" + }, + "HackerNews": { + "献血机构 OneBlood 确认去年 7 月勒索软件攻击中个人数据被盗": "https://hackernews.cc/archives/56889", + "疑似俄黑客组织针对哈萨克斯坦目标": "https://hackernews.cc/archives/56882", + "信息窃取软件伪装成针对最新 LDAP 漏洞的概念验证代码": "https://hackernews.cc/archives/56879", + "勒索软件滥用亚马逊 AWS 功能加密 S3 存储桶": "https://hackernews.cc/archives/56877", + "《流放之路2》管理员账号被盗,玩家账号遭黑客攻击": "https://hackernews.cc/archives/56874" + }, + "bishopfox.com": { + "raink: Use LLMs for Document Ranking": "https://bishopfox.com/blog/raink-llms-document-ranking" + }, + "安全牛": { + "CACTER直播预告:大模型网关新品抢先知,惊喜积分礼盒等您兑!": "https://www.aqniu.com/vendor/107954.html" + }, + "text/plain": { + "Welcome to 2025!": "https://textslashplain.com/2025/01/14/welcome-to-2025/" + }, + "奇客Solidot–传递最新科技情报": { + "USB 简化标签只留下速度": "https://www.solidot.org/story?sid=80329", + "微软工程师向 Linux 6.13 贡献的代码在发布前夕被禁用": "https://www.solidot.org/story?sid=80328", + "德国的 LGPL 诉讼获得成功": "https://www.solidot.org/story?sid=80327", + "美国进一步限制 AI 芯片出口": "https://www.solidot.org/story?sid=80326", + "PC 出货量三年来首次增长": "https://www.solidot.org/story?sid=80325", + "中国考虑将 TikTok 美国出售给马斯克": "https://www.solidot.org/story?sid=80324", + "在 TikTok 在美国面临被禁之际小红书登顶苹果 App Store": "https://www.solidot.org/story?sid=80323", + "为什么日本儿童独自乘地铁?": "https://www.solidot.org/story?sid=80322", + "为什么孩子需要更多冒险游戏": "https://www.solidot.org/story?sid=80321" + }, + "安全分析与研究": { + "盘点全球主流Linux平台的勒索病毒": "https://mp.weixin.qq.com/s?__biz=MzA4ODEyODA3MQ==&mid=2247489981&idx=1&sn=f92b58bb6a06cfb2d3596dee93f226ab&chksm=902fb695a7583f834b08a2fe2ada4911c36f0915057d542505372673f82224ea3483bf5bdbc0&scene=58&subscene=0#rd" + }, + "锦行科技": { + "锦行科技2024年度图鉴": "https://mp.weixin.qq.com/s?__biz=MzIxNTQxMjQyNg==&mid=2247493635&idx=1&sn=34b04bc10d27ff153f275b801950730d&chksm=979a13a6a0ed9ab01f146a40cbb7465749a73ece1bf055c001de7d0d4960c16736ab46568ba7&scene=58&subscene=0#rd" + }, + "雷神众测": { + "你的新年礼物待发货!点击本文领取!": "https://mp.weixin.qq.com/s?__biz=MzI0NzEwOTM0MA==&mid=2652503286&idx=1&sn=7b0acbf3851e7acca62b3941564d4853&chksm=f2585f45c52fd6536f61f228cb9a2d987ca1e38474d7d841512d33a45ac5902533bc6fa8f87b&scene=58&subscene=0#rd" + }, + "威努特安全网络": { + "勒索软件:阴影下的贪婪游戏": "https://mp.weixin.qq.com/s?__biz=MzAwNTgyODU3NQ==&mid=2651130376&idx=1&sn=dc358c10ad843138011b94d055322174&chksm=80e710b8b79099aead5194a305ce684f2a1b2784527ceee947e3c8862b400fb3624c60a50842&scene=58&subscene=0#rd" + }, + "安全内参": { + "微软OpenAI云遭滥用:攻击者绕过安全护栏 对外售卖违规内容生成服务": "https://mp.weixin.qq.com/s?__biz=MzI4NDY2MDMwMw==&mid=2247513487&idx=1&sn=2bb2b3796dd10a13b4a3bf0ae256a199&chksm=ebfaf2afdc8d7bb93ac0a572afdf222ceb9510b5625e64a2d911f9180ad752d2c00975e60c91&scene=58&subscene=0#rd", + "专挑执法机构下手!欧盟执法培训机构发生大规模数据泄露": "https://mp.weixin.qq.com/s?__biz=MzI4NDY2MDMwMw==&mid=2247513487&idx=2&sn=11bbee0dcc26adcb43a666c1f79059f1&chksm=ebfaf2afdc8d7bb92112f4e0cb2762cf4b05b61ee188586a4259f4eb537405551ce087c57f5c&scene=58&subscene=0#rd" + }, + "代码卫士": { + "微软:macOS 漏洞可导致黑客安装恶意内核驱动": "https://mp.weixin.qq.com/s?__biz=MzI2NTg4OTc5Nw==&mid=2247522060&idx=1&sn=562313e7f413152c3399933007b147f5&chksm=ea94a666dde32f706b2b66b455dfbe3a9b106e8c0a4a379c3b30ac5c0aa916c5ad8b092cddd1&scene=58&subscene=0#rd", + "严重的 Aviatrix Controller RCE 漏洞已遭利用": "https://mp.weixin.qq.com/s?__biz=MzI2NTg4OTc5Nw==&mid=2247522060&idx=2&sn=77945a6bc936ca2cbd6fe400e106a420&chksm=ea94a666dde32f702c05d9f642f0ea1c7cbc525dd3805a10ce8441a93f2412a10b40fc913587&scene=58&subscene=0#rd" + }, + "看雪学苑": { + "【预售中】无人机安全攻防入门:带你玩转无线电,守护空中隐私与安全!": "https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458588667&idx=1&sn=83b7402a114088f5888be0eb780f5982&chksm=b18c257186fbac6719f8e5f08cdd6af0db28cf5ba17afa96f5d93f9a9abaa7a4f73d32f29401&scene=58&subscene=0#rd", + "你想有多PWN": "https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458588667&idx=2&sn=8bb1c3bb40eb4a3672a3ee009cc78bd2&chksm=b18c257186fbac67ff5da7b4983f664bc67d3d8715fe5ecd3f5f2c4169c5f64ce55101e4d4f6&scene=58&subscene=0#rd", + "2025年首个满分漏洞:云攻击者利用Aviatrix Controller漏洞植入恶意软件": "https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458588667&idx=3&sn=af4f2eb4bededa0cea574e3cd7963382&chksm=b18c257186fbac670637d659a7511de8c3ead88069367df522ef629a278eaa02c9daf567134d&scene=58&subscene=0#rd" + }, + "天御攻防实验室": { + "拜登政府计划制裁北京的一家网络安全公司": "https://mp.weixin.qq.com/s?__biz=MzU0MzgyMzM2Nw==&mid=2247486237&idx=1&sn=e3374c3ba2614ee4c1ea93a26351e39e&chksm=fb04c875cc734163987a1143d90ec6e2b854fb872910112ef1afa8486456c9fc9a72a905eb58&scene=58&subscene=0#rd" + }, + "DataCon大数据安全分析竞赛": { + "DataCon2024解题报告WriteUp—AI安全赛道": "https://mp.weixin.qq.com/s?__biz=MzU5Njg1NzMyNw==&mid=2247489053&idx=1&sn=76dcae986b475bf3a1eff49f3d258c00&chksm=fe5d0e9dc92a878b1bb28f26bff904ad0a35d15b7837be5ff82c89203fbb233a7416e209e1cf&scene=58&subscene=0#rd" + }, + "信息安全国家工程研究中心": { + "慎终如始,则无败事——多家企业不履行网络安全保护义务被依法处罚": "https://mp.weixin.qq.com/s?__biz=MzU5OTQ0NzY3Ng==&mid=2247498725&idx=1&sn=7aef964c19dd8b24207a9253f77aac21&chksm=feb67af6c9c1f3e06a3344510015851b772e440f981f02908a48c1a5a894e7140426d80a1c25&scene=58&subscene=0#rd" + }, + "dotNet安全矩阵": { + ".NET | 通过 LDAP 技术在域渗透中获取内网所有系统账户数据": "https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498206&idx=1&sn=5f290cbc0e9c1a8c76d0e0cb8625cf4c&chksm=fa595733cd2ede25f81edaa97c23c5128bf81f91b9853c6992c7ea10cc5b4cccc56a8c991b67&scene=58&subscene=0#rd", + ".NET 内网攻防实战电子报刊": "https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498206&idx=2&sn=ccd7a610c1551ab79faf6c373e36ba0b&chksm=fa595733cd2ede251ab2675874322edb35041922db6c2ab59f6d3be9f9e22dda1afcac4ac38e&scene=58&subscene=0#rd", + "无独有偶,通过.NET反序列化漏洞实现 Visual Studio 钓鱼攻击": "https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498206&idx=3&sn=a00994d537a5909711eda0e855cf39e6&chksm=fa595733cd2ede25105b711c11316a44649792eaf6c84fe1b800624b877fa63c510961c10820&scene=58&subscene=0#rd" + }, + "微步在线": { + "情报,又是代表厂商!": "https://mp.weixin.qq.com/s?__biz=MzI5NjA0NjI5MQ==&mid=2650182977&idx=1&sn=5034ac95fb46e3ecf415164cc327d667&chksm=f4486efdc33fe7eb4d386ce4263003b8247200d02c6572da6b435588fa6e97b7e97031486f70&scene=58&subscene=0#rd" + }, + "丁爸 情报分析师的工具箱": { + "【资料】全源情报分析指南": "https://mp.weixin.qq.com/s?__biz=MzI2MTE0NTE3Mw==&mid=2651148529&idx=1&sn=eb04e2ef8c40d94aef096c369c1ea58b&chksm=f1af27cbc6d8aedd5295b2c1330315579336534f3868dbb766dcc55b60fc10ef3c1f859dc96b&scene=58&subscene=0#rd" + }, + "数世咨询": { + "2025年美国军方拨款约300亿美元用于网络安全": "https://mp.weixin.qq.com/s?__biz=MzkxNzA3MTgyNg==&mid=2247534113&idx=1&sn=3ffe3cc14b3da452f3f37f2ec2fa484d&chksm=c144349cf633bd8a2986e6625ea40da708b7b6fec5bec05a68f31fb9d7b0833f49315860fb80&scene=58&subscene=0#rd", + "网络安全产业发展亟需回归行业价值本质": "https://mp.weixin.qq.com/s?__biz=MzkxNzA3MTgyNg==&mid=2247534113&idx=2&sn=73919dc8a130b38a923b93cff0c50cdf&chksm=c144349cf633bd8a4ffbade73b3db7266497dee4c0a1c9089fa13d66d50483cb0f39b31039a9&scene=58&subscene=0#rd" + }, + "火线安全平台": { + "火线安全|年终大奖熠熠生辉,一起迎接年终分红时刻!": "https://mp.weixin.qq.com/s?__biz=MzU4MjEwNzMzMg==&mid=2247494650&idx=1&sn=9b31cd4dbe6d0428c8ab3e835b52c73d&chksm=fdbfc251cac84b475274790dd4931939ae6f145454479889184b723c2dafcbaa4e21aa7706a2&scene=58&subscene=0#rd" + }, + "ChaMd5安全团队": { + "SUCTF 2025 writeup by Min-Venom": "https://mp.weixin.qq.com/s?__biz=MzIzMTc1MjExOQ==&mid=2247511868&idx=1&sn=5a1dc3baed4c78da2b5f75a78d2730a3&chksm=e89d87e4dfea0ef237728e960ff5e2c177f91801f9a16117a02cdb9b62e9adec26ac8ebf7a4d&scene=58&subscene=0#rd" + }, + "中国信息安全": { + "关注 | 工信部发文 加强互联网数据中心客户数据安全保护": "https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664234545&idx=1&sn=dc708bd198a9f572466efd53343dbfd8&chksm=8b59fcc8bc2e75de31b5c2b480b2ec64e92778dc9b35802d59121facc8d6e7c61833feedffc9&scene=58&subscene=0#rd", + "专家解读 | 大力发展数据标注产业 推动我国人工智能创新发展": "https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664234545&idx=2&sn=d91c7578b958313bd7938fef75996fdd&chksm=8b59fcc8bc2e75de6fabe111dccca1c7defcc7ff6d5773e24d7201e332be82ed144efa9251a1&scene=58&subscene=0#rd", + "前沿 | 回望2024年国际风云之变:聚焦全球产业核心驱动力 人工智能在全球产业变革中地位凸显": "https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664234545&idx=3&sn=a05079462b873959a484178e8a5465ca&chksm=8b59fcc8bc2e75deb7ea3bfab761bb926cdf86df478279e3a58fb01d166cb47e3c0efee5a84f&scene=58&subscene=0#rd", + "发布 | 公安部公布8起打击网络黑客犯罪典型案例": "https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664234545&idx=4&sn=2e01732d093aabf1cf5336f813912c9f&chksm=8b59fcc8bc2e75de2780fc803df201f7e209f94b3303aa9c130a1c6c433ed59298e6b8f736b7&scene=58&subscene=0#rd", + "关注 | 16款App存在隐私不合规行为被通报!": "https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664234545&idx=5&sn=252913fbf92cf6fda05be5316b33899c&chksm=8b59fcc8bc2e75defa7884d2220357f94639b0fd3b3ae1ce27224076263b9deca934ac7724d4&scene=58&subscene=0#rd", + "国际 | 新加坡个人数据跨境传输规则": "https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664234545&idx=6&sn=d0ac0ff1882c400ac7dc13ef4ed6630b&chksm=8b59fcc8bc2e75de78cf889fc80038dbbf38903352028fe61fdb87ab0d48f20aa480a5a178ed&scene=58&subscene=0#rd", + "评论 | 护好“行驶中”的个人信息安全": "https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664234545&idx=7&sn=452fc3ec0d32e8049888b868c54dd816&chksm=8b59fcc8bc2e75dee54ec6b6220fa19c4cec530fd3dd8d6c6e35f7c706040e9d36a84c6e1a7d&scene=58&subscene=0#rd" + }, + "安全圈": { + "【安全圈】2025年首个满分漏洞,PoC已公布,可部署后门": "https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067342&idx=1&sn=533ba142831a3c994e00cb6ec7d6d36c&chksm=f36e7a4ec419f35879a33af360eded6ccc081b3546a86d7a969a48f0eeb7b2f5eecb5be455a9&scene=58&subscene=0#rd", + "【安全圈】AI抢不走的工作,微软力挺红队测试仍需人类“掌舵”": "https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067342&idx=2&sn=7630e1838566bfaad814bfbeff239c32&chksm=f36e7a4ec419f3583f2fdeb373ecf1fe61d6e4069f0710503306470b1bb3204f220e2a5f7a97&scene=58&subscene=0#rd", + "【安全圈】不干净的视频评论区,攻击者利用Youtube传播窃密软件": "https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067342&idx=3&sn=488b956f65f869c09be3e3d7874e6d90&chksm=f36e7a4ec419f358aeecef6b9ff71759aabb31d37d791824c440bc665ad4c62bf5aee7f41e6d&scene=58&subscene=0#rd", + "【安全圈】为网络安全研究人员定制的虚假漏洞利用攻击利用恶意软件": "https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067342&idx=4&sn=380dc9803cf52db7c5d1771d404c4279&chksm=f36e7a4ec419f35821fb42bc3692d2e2ea1220de0c7f64fc0b4a684c0758e137b27573afb929&scene=58&subscene=0#rd" + }, + "极客公园": { + "TikTok 难民,涌入小红书": "https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653072003&idx=1&sn=135396558cdffda7575ab9d4db2ba7a2&chksm=7e57d73549205e23f0d5d735b53ab13a39f6db86f72141df0708164e36e4ed09d267a90dd774&scene=58&subscene=0#rd", + "美国推出 AI 芯片管制新规,英伟达明确反对;余承东发全员信:鸿蒙三分天下有其一;菜鸟否认拆分 | 极客早知道": "https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653071986&idx=1&sn=38a32cc680920e2d96eec06c14bb95e8&chksm=7e57d7c449205ed21af2351357692387d8be287f55b6e16ae7f45dfcfc10e798b10f7454c57b&scene=58&subscene=0#rd" + }, + "嘶吼专业版": { + "2024 年加密货币钱包盗取事件金额多达 4.94 亿美元": "https://mp.weixin.qq.com/s?__biz=MzI0MDY1MDU4MQ==&mid=2247580767&idx=1&sn=8bc4c217da27a315e86c61cc20ef036e&chksm=e9146c65de63e573becf89217a5996287eaf91ca43a548ea4a03a77cf799d364c4a6e1c0c5a7&scene=58&subscene=0#rd", + "【我们这一年】网络和数据安全取得新突破": "https://mp.weixin.qq.com/s?__biz=MzI0MDY1MDU4MQ==&mid=2247580767&idx=2&sn=e765e5472d74f27fbb2c19fb3b7a82d5&chksm=e9146c65de63e5732e384640aa4c6a61ff4da482b60698b1a0d4afd5a5b0f9090e1c190a0daf&scene=58&subscene=0#rd" + }, + "情报分析师": { + "普京与特朗普会晤地点预测:候选国家大揭秘": "https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650558917&idx=1&sn=33ebe6dacd7ec85aecad0fd5bdfbee69&chksm=87117f8eb066f69870faf705186bd56adef403c6a4dea7903c776475db2ebde947a55fea0702&scene=58&subscene=0#rd", + "以演员王星事件为镜:透视妙瓦底产业链的运作机制": "https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650558917&idx=2&sn=16f94a7627598f1768b88f202f7a3a9f&chksm=87117f8eb066f698165c3f8401efa4c2572c918ed92d690b688af5d21fd6f9b3541d555864f0&scene=58&subscene=0#rd", + "巴基斯坦动荡的安全形势2024-2025": "https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650558917&idx=3&sn=25076a33bf9f5e28ab04068a4deac50e&chksm=87117f8eb066f698ce3b26a1ac7b5786908bc9357f0d08803546ec0eb3d67cc8678a652fea64&scene=58&subscene=0#rd" + }, + "OPPO安全中心": { + "2024年12月奖励公告": "https://mp.weixin.qq.com/s?__biz=MzUyNzc4Mzk3MQ==&mid=2247494162&idx=1&sn=97b16bca0de97ee8a0ef60af2c1807c5&chksm=fa78eb5ecd0f62481463a3d7aee16927a051bcf5dcf6225deb354fe3cfe882d79a3e4dac3ebb&scene=58&subscene=0#rd", + "2024年度众测挑战赛奖励公告": "https://mp.weixin.qq.com/s?__biz=MzUyNzc4Mzk3MQ==&mid=2247494162&idx=2&sn=cb5346aed774d0f83c617e6bbd006331&chksm=fa78eb5ecd0f6248e815336f3d3a4ece3ebca1ee6119dedcfaf298d1fa7c7f319cdfcad0887a&scene=58&subscene=0#rd", + "2024年蜗牛奖励兑换公告": "https://mp.weixin.qq.com/s?__biz=MzUyNzc4Mzk3MQ==&mid=2247494162&idx=3&sn=770c765d1832ff2e84865f85d4073e2e&chksm=fa78eb5ecd0f6248b7f379027ae40e588a5804068b056d4edc4aff7a2c64c60dd422feafee49&scene=58&subscene=0#rd" + }, + "字节跳动技术团队": { + "详解veImageX助力卓特视觉智能、高效生成设计素材": "https://mp.weixin.qq.com/s?__biz=MzI1MzYzMjE0MQ==&mid=2247512825&idx=1&sn=ba087dada2532f864bfbe96b7a339dea&chksm=e9d3791bdea4f00d7e6b38efbe14a2de4122b715564a4e286406a40cfcf460f77bffc2c17f01&scene=58&subscene=0#rd" + }, + "吴鲁加": { + "建立习惯系统": "https://mp.weixin.qq.com/s?__biz=Mzg5NDY4ODM1MA==&mid=2247485147&idx=1&sn=1620d7cf6289322680963ba87ff33c6d&chksm=c01a8beaf76d02fc79ef2b3b307e77598513970b244b1db86dbb915fa3fa2d9521919113fde3&scene=58&subscene=0#rd" + }, + "航行笔记": { + "和顾孔希大佬聊聊怎么从“打黑工”到大厂安全负责人": "https://mp.weixin.qq.com/s?__biz=MzIyOTAxOTYwMw==&mid=2650236920&idx=1&sn=45f2e17b8713ae0535d21478b3506746&chksm=f04add44c73d545260a1db5c3adfbae9589b8579eedb1c58ecb4d016e52ecf5ef287ea20a161&scene=58&subscene=0#rd" + }, + "Qualys Security Blog": { + "Microsoft Patch Tuesday, January 2025 Security Update Review": "https://blog.qualys.com/category/vulnerabilities-threat-research" + }, + "青藤智库": { + "ATT&CK实践进入深水区 ---不要再迷信ATT&CK覆盖率": "https://mp.weixin.qq.com/s?__biz=MzUyOTkwNTQ5Mg==&mid=2247489334&idx=1&sn=295109e68e9f73402b29c27581c39184&chksm=fa58b50dcd2f3c1bdef61783e741656b9876e7a7d33ceecc68ec9a2613798c30b01fde577243&scene=58&subscene=0#rd" + }, + "LuxSci": { + "Securing Digital Communications in Healthcare: What You Need to Know": "https://luxsci.com/blog/securing-digital-communications-healthcare.html" + }, + "安全419": { + "2025 年暗网市场和威胁预测": "https://mp.weixin.qq.com/s?__biz=MzUyMDQ4OTkyMg==&mid=2247546688&idx=1&sn=a0efc6e92c206ed8942332d8273afec5&chksm=f9ebe9edce9c60fbcf8b788185281bd95fa99f95c8bd66e54aecebde138f8ac587a5655f2d31&scene=58&subscene=0#rd" + }, + "ICT Security Magazine": { + "La Nuova Era della Cybersecurity: Resilienza, Intelligenza Artificiale e Protezione dei Dati": "https://www.ictsecuritymagazine.com/articoli/cybersecurity-resilienza-ai/" + }, + "360数字安全": { + "工信部认可!360荣获车联网产品安全漏洞专业库“优秀技术支撑单位”": "https://mp.weixin.qq.com/s?__biz=MzA4MTg0MDQ4Nw==&mid=2247579028&idx=1&sn=3d580b0d7ca47a7f72c3197a1199540b&chksm=9f8d259ca8faac8a4d409dfed08e3cc488bb728732fb1f7fb2472e8da2de36263fd911a68379&scene=58&subscene=0#rd" + }, + "迪哥讲事": { + "击穿星巴克获取 1 亿用户详细信息": "https://mp.weixin.qq.com/s?__biz=MzIzMTIzNTM0MA==&mid=2247496850&idx=1&sn=11bd36bd686dd8f1a78ec89282a6c8ba&chksm=e8a5fef1dfd277e782b82e03c83068b26a37747c1e407b829945c4aa158c498973966d346b4f&scene=58&subscene=0#rd" + }, + "Krypt3ia": { + "Threat Brief: Y2Q and the Convergence of AI Compute and Quantum Computing Power": "https://krypt3ia.wordpress.com/2025/01/14/threat-brief-y2q-and-the-convergence-of-ai-compute-and-quantum-computing-power/" + }, + "360威胁情报中心": { + "近些年APT-C-60(伪猎者)组织使用的载荷分析": "https://mp.weixin.qq.com/s?__biz=MzUyMjk4NzExMA==&mid=2247505493&idx=1&sn=2260fa98c61cff9236bfea3e11059200&chksm=f9c1e55cceb66c4a3a040aeb233338e2770de6a2c767b20e74a64934cc02ca6d9a1d122784c4&scene=58&subscene=0#rd" + }, + "Over Security - Cybersecurity news aggregator": { + "Microsoft: Happy 2025. Here’s 161 Security Updates": "https://krebsonsecurity.com/2025/01/microsoft-happy-2025-heres-161-security-updates/", + "Allstate car insurer sued for tracking drivers without permission": "https://www.bleepingcomputer.com/news/legal/allstate-car-insurer-sued-for-tracking-drivers-without-permission/", + "January Windows updates may fail if Citrix SRA is installed": "https://www.bleepingcomputer.com/news/microsoft/january-windows-updates-may-fail-if-citrix-sra-is-installed/", + "Microsoft Patch Tuesday for January 2025 — Snort rules and prominent vulnerabilities": "https://blog.talosintelligence.com/january-patch-tuesday-release/", + "WP3.XYZ malware attacks add rogue admins to 5,000+ WordPress sites": "https://www.bleepingcomputer.com/news/security/wp3xyz-malware-attacks-add-rogue-admins-to-5-000-plus-wordpress-sites/", + "US govt says North Korea stole over $659 million in crypto last year": "https://www.bleepingcomputer.com/news/security/us-govt-says-north-korea-stole-over-659-million-in-crypto-last-year/", + "DOJ deletes China-linked PlugX malware off more than 4,200 US computers": "https://therecord.media/doj-deletes-china-linked-plugx-malware", + "Windows 10 KB5049981 update released with new BYOVD blocklist": "https://www.bleepingcomputer.com/news/microsoft/windows-10-kb5049981-update-released-with-new-byovd-blocklist/", + "Justice Department and FBI Conduct International Operation to Delete Malware Used by China-Backed Hackers": "https://flashpoint.io/blog/operation-to-delete-malware-used-by-china-backed-hackers/", + "Microsoft January 2025 Patch Tuesday fixes 8 zero-days, 159 flaws": "https://www.bleepingcomputer.com/news/microsoft/microsoft-january-2025-patch-tuesday-fixes-8-zero-days-159-flaws/", + "Windows 11 KB5050009 & KB5050021 cumulative updates released": "https://www.bleepingcomputer.com/news/microsoft/windows-11-kb5050009-and-kb5050021-cumulative-updates-released/", + "Hegseth says debate over Cyber Command, NSA leadership would reach ‘conclusion’": "https://therecord.media/pete-hegseth-confirmation-hearing-nsa-cybercom-dual-hat", + "US issues final rule barring Chinese, Russian connected car tech": "https://therecord.media/us-issues-rule-banning-chinese-russian-car-tech", + "Google OAuth flaw lets attackers gain access to abandoned accounts": "https://www.bleepingcomputer.com/news/security/google-oauth-flaw-lets-attackers-gain-access-to-abandoned-accounts/", + "FBI wipes Chinese PlugX malware from over 4,000 US computers": "https://www.bleepingcomputer.com/news/security/fbi-wipes-chinese-plugx-malware-from-over-4-000-us-computers/", + "Tennessee-based mortgage lender confirms December cyberattack": "https://therecord.media/tennessee-mortgage-lender-confirms-cyberattack", + "Hackers use FastHTTP in new high-speed Microsoft 365 password attacks": "https://www.bleepingcomputer.com/news/security/hackers-use-fasthttp-in-new-high-speed-microsoft-365-password-attacks/", + "Connecticut city of West Haven assessing impact of cyberattack": "https://therecord.media/west-haven-connecticut-city-government-cyberattack", + "Fortinet warns of auth bypass zero-day exploited to hijack firewalls": "https://www.bleepingcomputer.com/news/security/fortinet-warns-of-auth-bypass-zero-day-exploited-to-hijack-firewalls/", + "Russia's largest platform for state procurement hit by cyberattack from pro-Ukraine group": "https://therecord.media/russian-platform-for-state-procurement-hit-cyberattack", + "Microsoft 365 apps crash on Windows Server after Office update": "https://www.bleepingcomputer.com/news/microsoft/microsoft-365-apps-crash-on-windows-server-after-office-update/", + "Russia warned its 'shadow fleet' could face action from NATO allies": "https://therecord.media/baltic-nato-allies-warning-russia-shadow-fleet", + "Analysis of Python's .pth files as a persistence mechanism": "https://dfir.ch/posts/publish_python_pth_extension/", + "Deadline Approaching for Rent 2 Own: Medusa Ransomware Threatens Data Release": "https://www.suspectfile.com/deadline-approaching-for-rent-2-own-medusa-ransomware-threatens-data-release/", + "Products and people are in place for CISA to succeed, agency’s departing No. 2 official says": "https://therecord.media/nitin-natarajan-cisa-deputy-director-interview", + "Threat Intelligence Pivoting: Actionable Insights Behind Indicators": "https://any.run/cybersecurity-blog/threat-intelligence-pivoting/", + "IntelBroker Unmasked: KELA’s In-Depth Analysis of a Cybercrime Leader": "https://www.kelacyber.com/blog/intelbroker-unmasked-kelas-in-depth-analysis-of-a-cybercrime-leader/", + "Hitchhiker’s Guide to Managed Security": "https://blog.compass-security.com/2025/01/hitchhikers-guide-to-managed-security/", + "How Barcelona became an unlikely hub for spyware startups": "https://techcrunch.com/2025/01/13/how-barcelona-became-an-unlikely-hub-for-spyware-startups/", + "UK proposes banning hospitals and schools from making ransomware payments": "https://therecord.media/uk-proposes-banning-ransoms-hospitals" + }, + "SANS Internet Storm Center, InfoCON: green": { + "Microsoft January 2025 Patch Tuesday, (Tue, Jan 14th)": "https://isc.sans.edu/diary/rss/31590" + }, + "0x727开源安全团队": { + "“运营”本身是什么?(第十二章)": "https://mp.weixin.qq.com/s?__biz=MzkwNTI3MjIyOQ==&mid=2247484125&idx=1&sn=7cf0877900e944a0253bb5351787b5c0&chksm=c0fb0c17f78c8501534fcb1249221aeec70210e176b476718cdb98fc8f77960b4a353b6f6ed9&scene=58&subscene=0#rd" + }, + "The Register - Security": { + "FBI wipes Chinese PlugX malware from thousands of Windows PCs in America": "https://go.theregister.com/feed/www.theregister.com/2025/01/14/fbi_french_cops_boot_chinas/", + "Snyk appears to deploy 'malicious' packages targeting Cursor for unknown reason": "https://go.theregister.com/feed/www.theregister.com/2025/01/14/snyk_npm_deployment_removed/", + "It's not just Big Tech: The UK's Online Safety Act applies across the board": "https://go.theregister.com/feed/www.theregister.com/2025/01/14/online_safety_act/", + "UK floats ransomware payout ban for public sector": "https://go.theregister.com/feed/www.theregister.com/2025/01/14/uk_ransomware_payout_ban/", + "Miscreants 'mass exploited' Fortinet firewalls, 'highly probable' zero-day used": "https://go.theregister.com/feed/www.theregister.com/2025/01/14/miscreants_mass_exploited_fortinet_firewalls/" + }, + "TorrentFreak": { + "‘Notorious’ Pirate IPTV Service MagisTV Applies for US Trademark and Rebrands": "https://torrentfreak.com/notorious-pirate-iptv-service-magistv-applies-for-us-trademark-and-rebrands-250114/" + }, + "Silent Signal Techblog": { + "Story of a Pentester Recruitment 2025": "https://blog.silentsignal.eu/2025/01/14/pentester-recruitment-2025-mushroom/" + }, + "Instapaper: Unread": { + "FileVault and volume encryption explained": "https://eclecticlight.co/2025/01/10/filevault-and-volume-encryption-explained/", + "Windows Browser Forensics 101": "https://belkasoft.com/windows-browser-forensics", + "Windows Recycle Bin - The known and the unknown": "https://bebinary4n6.blogspot.com/2025/01/windows-recycle-bin-known-and-unknown.html", + "iPhone and iPad Acquisition Methods Yet Another Comparison": "https://blog.elcomsoft.com/2025/01/iphone-and-ipad-acquisition-methods-yet-another-comparison/" + }, + "The Hacker News": { + "Microsoft Uncovers macOS Vulnerability CVE-2024-44243 Allowing Rootkit Installation": "https://thehackernews.com/2025/01/microsoft-uncovers-macos-vulnerability.html", + "Google OAuth Vulnerability Exposes Millions via Failed Startup Domains": "https://thehackernews.com/2025/01/google-oauth-vulnerability-exposes.html", + "4 Reasons Your SaaS Attack Surface Can No Longer be Ignored": "https://thehackernews.com/2025/01/4-reasons-your-saas-attack-surface-can.html", + "Illicit HuiOne Telegram Market Surpasses Hydra, Hits $24 Billion in Crypto Transactions": "https://thehackernews.com/2025/01/illicit-huione-telegram-market.html", + "Zero-Day Vulnerability Suspected in Attacks on Fortinet Firewalls with Exposed Interfaces": "https://thehackernews.com/2025/01/zero-day-vulnerability-suspected-in.html", + "Russian-Linked Hackers Target Kazakhstan in Espionage Campaign with HATVIBE Malware": "https://thehackernews.com/2025/01/russian-linked-hackers-target.html", + "CISA Adds Second BeyondTrust Flaw to KEV Catalog Amid Active Attacks": "https://thehackernews.com/2025/01/cisa-adds-new-beyondtrust-flaw-to-kev.html" + }, + "Schneier on Security": { + "Upcoming Speaking Engagements": "https://www.schneier.com/blog/archives/2025/01/upcoming-speaking-engagements-42.html", + "The First Password on the Internet": "https://www.schneier.com/blog/archives/2025/01/the-first-password-on-the-internet.html" + }, + "Technical Information Security Content & Discussion": { + "Millions of Accounts Vulnerable due to Google’s OAuth Flaw": "https://www.reddit.com/r/netsec/comments/1i1aam8/millions_of_accounts_vulnerable_due_to_googles/", + "New Microsoft OLE Vulnerability, Exploitable via Email": "https://www.reddit.com/r/netsec/comments/1i1ej02/new_microsoft_ole_vulnerability_exploitable_via/", + "RCE in rsync, CVE-2024-12084 (and 5 more vulnerabilities)": "https://www.reddit.com/r/netsec/comments/1i1ike5/rce_in_rsync_cve202412084_and_5_more/", + "Over 5,000 WordPress sites caught in WP3.XYZ malware attack": "https://www.reddit.com/r/netsec/comments/1i15afl/over_5000_wordpress_sites_caught_in_wp3xyz/", + "Story of a Pentester Recruitment 2025": "https://www.reddit.com/r/netsec/comments/1i16q95/story_of_a_pentester_recruitment_2025/", + "Laser Fault Injection on a Budget: RP2350 Edition": "https://www.reddit.com/r/netsec/comments/1i1fm6j/laser_fault_injection_on_a_budget_rp2350_edition/", + "Threat actors exploit a probable 0-day in exposed management consoles of Fortinet FortiGate firewalls": "https://www.reddit.com/r/netsec/comments/1i12s72/threat_actors_exploit_a_probable_0day_in_exposed/", + "Command Line Underdog: WMIC in Action -- How to use wmic as an alternate shell in a pinch": "https://www.reddit.com/r/netsec/comments/1i19m6a/command_line_underdog_wmic_in_action_how_to_use/" + }, + "Deeplinks": { + "Platforms Systematically Removed a User Because He Made \"Most Wanted CEO\" Playing Cards": "https://www.eff.org/deeplinks/2025/01/platforms-systematically-removed-user-because-he-made-most-wanted-ceo-playing" + }, + "Information Security": { + "¿Alguien sabe donde puedo conseguir alguna pagina/links para descargar virus/troyanos/spywares a propósito?": "https://www.reddit.com/r/Information_Security/comments/1i10r2b/alguien_sabe_donde_puedo_conseguir_alguna/" + }, + "Computer Forensics": { + "Trying to find how data was moved off a company computer": "https://www.reddit.com/r/computerforensics/comments/1i1bera/trying_to_find_how_data_was_moved_off_a_company/", + "Strange Request but anyone have any recommendation for Furniture/Layout for lab environment they enjoy?": "https://www.reddit.com/r/computerforensics/comments/1i1b1hs/strange_request_but_anyone_have_any/", + "FYI: Free Enterprise licenses for data recovery professionals from Disk Drill": "https://www.reddit.com/r/computerforensics/comments/1i18at1/fyi_free_enterprise_licenses_for_data_recovery/", + "How to capture and decrypt packets from an iPhone AND use the microphone": "https://www.reddit.com/r/computerforensics/comments/1i0wbgh/how_to_capture_and_decrypt_packets_from_an_iphone/" + }, + "netsecstudents: Subreddit for students studying Network Security and its related subjects": { + "Need residential network security consultant in Dallas area": "https://www.reddit.com/r/netsecstudents/comments/1i1553g/need_residential_network_security_consultant_in/" + }, + "Krebs on Security": { + "Microsoft: Happy 2025. Here’s 161 Security Updates": "https://krebsonsecurity.com/2025/01/microsoft-happy-2025-heres-161-security-updates/" + }, + "Blackhat Library: Hacking techniques and research": { + "Infostealer Logs to Fuel a New Wave of AWS Ransomware Attacks": "https://www.reddit.com/r/blackhat/comments/1i12gdl/infostealer_logs_to_fuel_a_new_wave_of_aws/" + }, + "Your Open Hacker Community": { + "Best course for beginner in hacking and cyber security": "https://www.reddit.com/r/HowToHack/comments/1i14y6e/best_course_for_beginner_in_hacking_and_cyber/", + "Trying to figure out how to pull email addresses and stuff, wanna know how to do that": "https://www.reddit.com/r/HowToHack/comments/1i1jdgb/trying_to_figure_out_how_to_pull_email_addresses/", + "best ethical Wi-Fi info stealer you can try and also with a gui": "https://www.reddit.com/r/HowToHack/comments/1i1i672/best_ethical_wifi_info_stealer_you_can_try_and/", + "What's the best way to learn how to start hacking?": "https://www.reddit.com/r/HowToHack/comments/1i1afyv/whats_the_best_way_to_learn_how_to_start_hacking/", + "Would like some tips": "https://www.reddit.com/r/HowToHack/comments/1i1bpxm/would_like_some_tips/", + "Access MSSQL DB with lost password?": "https://www.reddit.com/r/HowToHack/comments/1i15n6b/access_mssql_db_with_lost_password/", + "Name Suggestion:": "https://www.reddit.com/r/HowToHack/comments/1i0ytwo/name_suggestion/", + "What I should learn about ethical hacking? Or Kali Linux": "https://www.reddit.com/r/HowToHack/comments/1i16afj/what_i_should_learn_about_ethical_hacking_or_kali/", + "What are some sql queries to bypass login": "https://www.reddit.com/r/HowToHack/comments/1i0zuvl/what_are_some_sql_queries_to_bypass_login/", + "Need help making a copy of my college id card": "https://www.reddit.com/r/HowToHack/comments/1i0weja/need_help_making_a_copy_of_my_college_id_card/", + "how can i spoof my mac address on a chromebook? (not school issued)": "https://www.reddit.com/r/HowToHack/comments/1i0wr9f/how_can_i_spoof_my_mac_address_on_a_chromebook/", + "[ Removed by Reddit ]": "https://www.reddit.com/r/HowToHack/comments/1i0syrn/removed_by_reddit/" + }, + "Hacking Exposed Computer Forensics Blog": { + "Daily Blog #717: Getting free Azure credits for testing": "https://www.hecfblog.com/2025/01/daily-blog-717-getting-free-azure.html" + }, + "Security Weekly Podcast Network (Audio)": { + "Smishing, Beyond Trust, CryptoReligion, Aviatrix, Azure, Josh Marpet, and more... - SWN #442": "http://sites.libsyn.com/18678/smishing-beyond-trust-cryptoreligion-aviatrix-azure-josh-marpet-and-more-swn-442", + "Discussing Useful Security Requirements with Developers - Ixchel Ruiz - ASW #313": "http://sites.libsyn.com/18678/discussing-useful-security-requirements-with-developers-ixchel-ruiz-asw-313" + } +} \ No newline at end of file diff --git a/today.md b/today.md index abaf133c89..eccf122efb 100644 --- a/today.md +++ b/today.md @@ -1,490 +1,406 @@ -# 每日安全资讯(2025-01-14) +# 每日安全资讯(2025-01-15) -- SecWiki News - - [ ] [SecWiki News 2025-01-13 Review](http://www.sec-wiki.com/?2025-01-13) -- Security Boulevard - - [ ] [Why Scalability Matters in Non-Human Identity and Access Management](https://securityboulevard.com/2025/01/why-scalability-matters-in-non-human-identity-and-access-management/) - - [ ] [HHS Proposes Major Overhaul of HIPAA Security Rule in the Wake of Change Healthcare Breach](https://securityboulevard.com/2025/01/hhs-proposes-major-overhaul-of-hipaa-security-rule-in-the-wake-of-change-healthcare-breach/) - - [ ] [FunkSec: A New Ransomware Group Buoyed by AI](https://securityboulevard.com/2025/01/funksec-a-new-ransomware-group-buoyed-by-ai/) - - [ ] [Inside a 90-Minute Attack: Breaking Ground with All-New AI Defeating Black Basta Tactics](https://securityboulevard.com/2025/01/inside-a-90-minute-attack-breaking-ground-with-all-new-ai-defeating-black-basta-tactics/) - - [ ] [How Ephemeral on-demand data can improve DORA DevOps scores](https://securityboulevard.com/2025/01/how-ephemeral-on-demand-data-can-improve-dora-devops-scores/) - - [ ] [Ephemeral data environments in Azure, leveraging the cloud](https://securityboulevard.com/2025/01/ephemeral-data-environments-in-azure-leveraging-the-cloud/) - - [ ] [How to create de-identified embeddings with Tonic Textual & Pinecone](https://securityboulevard.com/2025/01/how-to-create-de-identified-embeddings-with-tonic-textual-pinecone/) - - [ ] [De-identifying Salesforce data for testing and development. Tonic Structural now connects to Salesforce](https://securityboulevard.com/2025/01/de-identifying-salesforce-data-for-testing-and-development-tonic-structural-now-connects-to-salesforce/) - - [ ] [Open Bullet 2: The Preferred Credential Stuffing Tool for Bots](https://securityboulevard.com/2025/01/open-bullet-2-the-preferred-credential-stuffing-tool-for-bots/) - - [ ] [Network Configuration and Change Management Best Practices](https://securityboulevard.com/2025/01/network-configuration-and-change-management-best-practices/) -- 安全客-有思想的安全新媒体 - - [ ] [致敬警察节|警企携手,筑牢安全防护网!](https://www.anquanke.com/post/id/303459) - - [ ] [Fancy Product Designer 插件中未修补的漏洞使 20,000 多个网站面临风险](https://www.anquanke.com/post/id/303456) - - [ ] [Google Project Zero 研究人员发现针对三星设备的零点击漏洞](https://www.anquanke.com/post/id/303453) - - [ ] [西班牙电信公司确认数据泄露后内部票务系统遭到破坏](https://www.anquanke.com/post/id/303450) - - [ ] [GitHub 上的假冒 LDAPNightmware 利用程序传播信息窃取型恶意软件](https://www.anquanke.com/post/id/303447) - - [ ] [研究人员如何通过黑客攻击 Facebook 服务器赚取 10 万美元](https://www.anquanke.com/post/id/303444) - - [ ] [网络钓鱼短信诱骗Apple iMessage用户禁用保护](https://www.anquanke.com/post/id/303439) - - [ ] [印度加密货币交易所 Mudrex 解释提款暂停原因](https://www.anquanke.com/post/id/303436) - - [ ] [2024年的网络钓鱼:应对持续威胁和人工智能的双刃剑](https://www.anquanke.com/post/id/303433) - - [ ] [CVE-2025-22777 (CVSS 9.8): 针对拥有 100,000 个活跃安装的 GiveWP 插件的严重安全警报](https://www.anquanke.com/post/id/303430) -- Doonsec's feed - - [ ] [从UP主燕三嘤嘤嘤看百度好看视频的苟活](https://mp.weixin.qq.com/s?__biz=MzkwMzI1ODUwNA==&mid=2247487814&idx=1&sn=4907df26be08cacdb7178f0d18e5a39d) - - [ ] [2024龙信年终技术考核WP](https://mp.weixin.qq.com/s?__biz=MzkzMjE4NzU5MA==&mid=2247491395&idx=1&sn=6490bb127a2104f8fb27f349103d0dff) - - [ ] [【干货】笑傲职场的独家经验(1)](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485401&idx=3&sn=9f5c7558a30fbc3a8e126121a0bd5602) - - [ ] [渗透Vulnhub-hackme靶机](https://mp.weixin.qq.com/s?__biz=Mzk1NzI5NzA3NQ==&mid=2247485970&idx=1&sn=4318edd93f051ba1be4bda1efb08ec5f) - - [ ] [回顾新姿势:击穿星巴克获取 1 亿用户详细信息](https://mp.weixin.qq.com/s?__biz=MzkwODI1ODgzOA==&mid=2247506517&idx=1&sn=72ebf3f4238eab2fce2b83da193e8e8b) - - [ ] [老牌免杀工具veil免杀](https://mp.weixin.qq.com/s?__biz=Mzg3OTUxNTU2NQ==&mid=2247489983&idx=1&sn=cb128069a995e8223bc74fee5557df01) - - [ ] [实战 | 域环境下通过anydesk进入生产网](https://mp.weixin.qq.com/s?__biz=Mzg5NTUyNTI5OA==&mid=2247486384&idx=1&sn=0e2db706f9c844a38b39297450e60d91) - - [ ] [【漏洞预警】Vim缓冲区溢出漏洞可导致拒绝服务](https://mp.weixin.qq.com/s?__biz=MzI3NzMzNzE5Ng==&mid=2247489446&idx=1&sn=28468e250cf5d9b29d7a5b263e158c99) - - [ ] [用于渗透测试练习的 15 个高危 Web应用和网站](https://mp.weixin.qq.com/s?__biz=MzkyODYwODkyMA==&mid=2247484934&idx=1&sn=7dc7c525120b59a96e436bf0ea9450b2) - - [ ] [四部委联合印发《关于促进数据标注产业高质量发展的实施意见》(附全文)](https://mp.weixin.qq.com/s?__biz=MzI5NTM4OTQ5Mg==&mid=2247633785&idx=1&sn=dc43c64287c137445c087fd164343665) - - [ ] [一图读懂 | 关于促进数据标注产业高质量发展的实施意见](https://mp.weixin.qq.com/s?__biz=MjM5MzMwMDU5NQ==&mid=2649170151&idx=3&sn=452310fbb337de2f7c1083f65b9d088c) - - [ ] [专家观点 | “人工智能+”赋能新质生产力发展](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664234446&idx=5&sn=f51375043d265a4573734624811787a2) - - [ ] [泄露近600万客户敏感数据,美国这家金融机构被罚超1.4亿元](https://mp.weixin.qq.com/s?__biz=MzI5NTM4OTQ5Mg==&mid=2247633785&idx=4&sn=4855ab43a37b7af0cfdeee4133a386aa) - - [ ] [记录一次博彩网站的实战渗透记录](https://mp.weixin.qq.com/s?__biz=MzkyMDY1MDI3OA==&mid=2247483742&idx=1&sn=e88bdf3f85236fa63fdae8b5fbc283e4) - - [ ] [Nuclei,一键发现99%的漏洞,白帽子都在私藏的扫描神器| |基于YAML模板的新一代漏洞扫描工具,让渗透测试效率提升10倍](https://mp.weixin.qq.com/s?__biz=MzI5MjY4MTMyMQ==&mid=2247489648&idx=1&sn=5b79daec6f19ffd0c170a8b2bc6f32ae) - - [ ] [“可信计算”专题征稿](https://mp.weixin.qq.com/s?__biz=MzI0NjU2NDMwNQ==&mid=2247504642&idx=1&sn=c447628a36e58e0247573195b34c3d8b) - - [ ] [红队-shell编程基础(七)](https://mp.weixin.qq.com/s?__biz=Mzk1Nzk2NjI3Ng==&mid=2247483789&idx=1&sn=0b8152350e676cfe9b706c0828aacfb9) - - [ ] [仅一文轻松拿捏 “加密站点的渗透测试”](https://mp.weixin.qq.com/s?__biz=Mzg3NzIxMDYxMw==&mid=2247504325&idx=1&sn=0ad6f807b8aee72e8c66f6cfddc6ad2a) - - [ ] [25年前最后一波招生 CTF实战特训营第三期](https://mp.weixin.qq.com/s?__biz=MzU1NjgzOTAyMg==&mid=2247522855&idx=1&sn=915db17a17b876be464130a746201f36) - - [ ] [信创认证,欢迎报名!](https://mp.weixin.qq.com/s?__biz=MzU1NjgzOTAyMg==&mid=2247522855&idx=2&sn=ae5be0d697f8654404d4c729ec56df65) - - [ ] [【话题】你刚开始接触安全的时候干过什么傻事?](https://mp.weixin.qq.com/s?__biz=MzkxMTUwOTY1MA==&mid=2247489984&idx=1&sn=0661c75b5b9216776b0ea9ad4e82724f) - - [ ] [一次绕过Burp检测的水洞记录](https://mp.weixin.qq.com/s?__biz=Mzg2ODYxMzY3OQ==&mid=2247518192&idx=1&sn=43d2c8a5ec62acb9c57d20b0958a7921) - - [ ] [SRC专项知识库](https://mp.weixin.qq.com/s?__biz=Mzg2ODYxMzY3OQ==&mid=2247518192&idx=2&sn=5b24f29c61064cbf6535255d152c2585) - - [ ] [关于如何解决 Cartopy 中的 GEOSException 问题](https://mp.weixin.qq.com/s?__biz=MzI2MDQ0ODIzNg==&mid=2247485188&idx=1&sn=c3ef736723f5f8583fe8586f09fec883) - - [ ] [第六届国家网络与信息安全信息通报机制中央企业网络安全大赛即将拉开帷幕](https://mp.weixin.qq.com/s?__biz=MzU1MTE1MjU5Nw==&mid=2247485436&idx=1&sn=10a33f4c919bdcaa2cb8b28761b8484f) - - [ ] [【漏洞工具】某路由器任意文件读取漏洞Goby高级模式利用工具](https://mp.weixin.qq.com/s?__biz=Mzg5NTU2NjA1Mw==&mid=2247496006&idx=1&sn=ff0667fdbf667156d8c9d0910b6bf0e3) - - [ ] [聚焦人工智能大模型可信治理 | “何以杨数浦”品牌沙龙第二期精彩回顾](https://mp.weixin.qq.com/s?__biz=MzUzODYyMDIzNw==&mid=2247516633&idx=1&sn=77b5ae3e9b2800cfb18c8b22869fc54f) - - [ ] [20元就能仿冒一家官网,小心这类山寨网页!](https://mp.weixin.qq.com/s?__biz=MzI0NzE4ODk1Mw==&mid=2652094576&idx=2&sn=b96d84ee36acd17877a0b42e11feb687) - - [ ] [识别漏洞成了大海捞针?](https://mp.weixin.qq.com/s?__biz=Mzg2MDc0NTIxOQ==&mid=2247484709&idx=1&sn=b238620c27395ab7c78718f7ef256c83) - - [ ] [卡西欧黑客事件报告发布:近 8600 名员工/客户隐私信息泄露](https://mp.weixin.qq.com/s?__biz=MzU2MTQwMzMxNA==&mid=2247541394&idx=1&sn=0789faf00c32980d17e95080f8788f99) - - [ ] [【安全圈】建立数据跨境服务中心、便利化访问国际互联网,上海虹桥商务区国际贸易中心新平台建设进一步落实](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067321&idx=1&sn=dd8f1699f9d8cbba67e8abc6091ffa6c) - - [ ] [【安全圈】微软起诉利用 Azure AI 创建有害内容的黑客组织](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067321&idx=4&sn=4ea1e634e045d59be08019f06a4fd52b) - - [ ] [价值3999,送!CISP新年福利不容错过](https://mp.weixin.qq.com/s?__biz=MzU4MjUxNjQ1Ng==&mid=2247521085&idx=2&sn=e0d640470ef26a02e6f1a0f0be864053) - - [ ] [SUCTF 2025落幕|S1uM4i战队实力夺冠!](https://mp.weixin.qq.com/s?__biz=MjM5NDU3MjExNw==&mid=2247515484&idx=1&sn=0c506fe6fa7d8296675e4a1821546192) - - [ ] [2025年人工智能带来的五大网络安全趋势及其应对策略](https://mp.weixin.qq.com/s?__biz=MjM5Njc3NjM4MA==&mid=2651134627&idx=1&sn=6c71adfab711410ac4d54f0d1602e6a7) - - [ ] [2025 ICT深度观察报告会|腾讯云李滨:企业数字安全建设的四个关键要素](https://mp.weixin.qq.com/s?__biz=Mzg5OTE4NTczMQ==&mid=2247526340&idx=1&sn=d5418212a88f343e949c90ac05e3ca99) - - [ ] [慢雾:演员王星被骗事件相关聊天截图调查](https://mp.weixin.qq.com/s?__biz=MzU4ODQ3NTM2OA==&mid=2247500907&idx=1&sn=1e629e1d6e96b48b3c5962aadba90a92) - - [ ] [GFI KerioControl 防火墙存在严重的RCE漏洞](https://mp.weixin.qq.com/s?__biz=MzI2NTg4OTc5Nw==&mid=2247522044&idx=1&sn=71bbcad32c9a0753d8385256ee5dad03) - - [ ] [CrowdStrike虚假工作邀约通过密币挖矿机感染开发人员](https://mp.weixin.qq.com/s?__biz=MzI2NTg4OTc5Nw==&mid=2247522044&idx=2&sn=f72144000ab0d2c1280f017af0018e6e) - - [ ] [物联网丨2024年中国物联网安全行业概览:解除网络威胁,物联网的智能守护(附下载)](https://mp.weixin.qq.com/s?__biz=MzI2MDk2NDA0OA==&mid=2247531021&idx=1&sn=9aa5cb200c685e768a56581a2f7cc8eb) - - [ ] [趋势丨2025年网络安全趋势洞察:多维度的挑战与应对之策](https://mp.weixin.qq.com/s?__biz=MzI2MDk2NDA0OA==&mid=2247531021&idx=2&sn=c562ed427ae6c2e710e4dded0bdf3bb9) - - [ ] [云服务器知多少](https://mp.weixin.qq.com/s?__biz=MzkxNTEzMTA0Mw==&mid=2247496603&idx=1&sn=30ce3b66d3f3a49187c050357e5e49aa) - - [ ] [每周网安资讯 (1.7-1.13)|Adobe多款产品存在越界读取漏洞](https://mp.weixin.qq.com/s?__biz=MzI2MzU0NTk3OA==&mid=2247505577&idx=1&sn=f82c60e6b9567f984c4c17d0e98e150a) - - [ ] [捷豹路虎中国到访奇安信安全中心](https://mp.weixin.qq.com/s?__biz=MzU0NDk0NTAwMw==&mid=2247624408&idx=1&sn=c77a280be315f4c37b588b6b7abc5e31) - - [ ] [泄露近600万客户敏感数据,这家金融机构被罚超1.4亿元](https://mp.weixin.qq.com/s?__biz=MzU0NDk0NTAwMw==&mid=2247624408&idx=2&sn=a55317c4ca276ccce4b320dfa6ab6b32) - - [ ] [Dex文件结构-ReadDex解析器实现](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458588591&idx=1&sn=f3af400aa11be8f19a775a31e96d7740) - - [ ] [10万美金!研究员如何黑进 Facebook 服务器](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458588591&idx=2&sn=0adaab3ebee5e866ad30ef7799307d47) - - [ ] [成为看雪讲师,开启技术分享的高光时刻](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458588591&idx=3&sn=b11fa1206f5347a3696b9363851d9aa9) - - [ ] [【金松奖】工行企业级数据要素流通全链路建设项目:集成数据安全、隐私计算等技术](https://mp.weixin.qq.com/s?__biz=MzIxMDIwODM2MA==&mid=2653931425&idx=1&sn=c1b619510a29b6a8bf9dfe7ba78649a3) - - [ ] [139款车型成功通过汽车数据安全合规检测](https://mp.weixin.qq.com/s?__biz=MzIxMDIwODM2MA==&mid=2653931425&idx=2&sn=f8ec500385ff22c0db9cd9b34d400ac6) - - [ ] [连续三年上榜!亚信安全成功入选毕马威中国金融科技企业双50榜单](https://mp.weixin.qq.com/s?__biz=MjM5NjY2MTIzMw==&mid=2650620698&idx=1&sn=2c718264abe114475c3b892a8f582efc) - - [ ] [全球瞭望|网络安全重大事件精选(152期)](https://mp.weixin.qq.com/s?__biz=MzkwMTMyMDQ3Mw==&mid=2247597421&idx=1&sn=be9598279f20a952fb0e19be307030dd) - - [ ] [国家保密局公告!](https://mp.weixin.qq.com/s?__biz=MzkwMTMyMDQ3Mw==&mid=2247597421&idx=2&sn=dfe5368b5e159e2231298817a047eeba) - - [ ] [基于区域预推荐和特征富集的SOD R-CNN交通标志检测网络](https://mp.weixin.qq.com/s?__biz=MzkwMTMyMDQ3Mw==&mid=2247597421&idx=3&sn=736013f6dea7772337ae25b3b6431881) - - [ ] [网络安全动态 - 2025.01.13](https://mp.weixin.qq.com/s?__biz=MzU1MzEzMzAxMA==&mid=2247499881&idx=1&sn=e66d795b31109a64bd94e8a129da6227) - - [ ] [企业级攻防技术揭秘](https://mp.weixin.qq.com/s?__biz=MzkxNTIwNTkyNg==&mid=2247553013&idx=1&sn=5a53c74b485756c6132de205dab8d238) - - [ ] [【免费领】黑客工具之王:DDoS攻击与防范实战技术大全](https://mp.weixin.qq.com/s?__biz=MzkxNTIwNTkyNg==&mid=2247553013&idx=2&sn=48cf79ce6b93328800d06a2cf1e15afa) - - [ ] [观安信息荣获“2024年海南能源数据要素应用创新大赛”优秀奖](https://mp.weixin.qq.com/s?__biz=MzIxNDIzNTcxMg==&mid=2247506478&idx=1&sn=a256623b122e68b48ef83b82df2ee77d) - - [ ] [洞·见 | 20250113](https://mp.weixin.qq.com/s?__biz=Mzk0MDQ5MTQ4NA==&mid=2247487338&idx=1&sn=7a588ce30f39ed317dde637ba1a2bb7b) - - [ ] [载誉前行 | 绿盟科技在NVDB-CAVD2024年度年终总结会上获得多项荣誉](https://mp.weixin.qq.com/s?__biz=MjM5ODYyMTM4MA==&mid=2650464189&idx=1&sn=84418624ed0bcf001f07ae24d5436b05) - - [ ] [通知 | 国家网信办就《网络信息内容多渠道分发服务机构相关业务活动管理规定(草案稿)》公开征求意见(附全文)](https://mp.weixin.qq.com/s?__biz=MzkyNDUyNzU1MQ==&mid=2247486653&idx=1&sn=772e1446d8dcf92eed8aa21e53329aab) - - [ ] [ios逆向攻防-应用重签名&代码注入](https://mp.weixin.qq.com/s?__biz=MzkxNDY0NjY3MQ==&mid=2247485283&idx=1&sn=0a2f46d49d80b5e7d674b91967e36b2a) - - [ ] [聚铭网络成功当选中关村华安关键信息基础设施安全保护联盟理事单位](https://mp.weixin.qq.com/s?__biz=MzIzMDQwMjg5NA==&mid=2247506484&idx=1&sn=7b1418949cde0ca75bab5f4f0f5f7b71) - - [ ] [第83期 | GPTSecurity周报](https://mp.weixin.qq.com/s?__biz=MzkzNDUxOTk2Mw==&mid=2247495678&idx=1&sn=c0825173d0cbbef6762dcdaf19b55727) - - [ ] [国家发展改革委等四部门联合印发《关于促进数据标注产业高质量发展的实施意见》](https://mp.weixin.qq.com/s?__biz=MjM5MzMwMDU5NQ==&mid=2649170151&idx=1&sn=3ad07afdb31186657760655f6da40abb) - - [ ] [划重点!2025年我国数据领域明确重点任务](https://mp.weixin.qq.com/s?__biz=MjM5MzMwMDU5NQ==&mid=2649170151&idx=2&sn=2caaf47c4cc04e9595155dabfb1bb770) - - [ ] [原创丨 近期观察 全球网络安全动态](https://mp.weixin.qq.com/s?__biz=Mzg2MTU5ODQ2Mg==&mid=2247507088&idx=1&sn=a6cabc27681f5e6a03d9e97fb8d7218b) - - [ ] [原创丨欧盟网络安全局发布《2024年欧盟网络安全状况报告》](https://mp.weixin.qq.com/s?__biz=Mzg2MTU5ODQ2Mg==&mid=2247507088&idx=2&sn=af8a1c12b18ecbda8f5bbd38c7e7b938) - - [ ] [对话|无影如何助力企业构建办公安全防护体系](https://mp.weixin.qq.com/s?__biz=MzA4MTQ2MjI5OA==&mid=2664091916&idx=1&sn=7a9b4fb48560a3e24eb8fe8b512f834f) - - [ ] [Frida从hook websocket协议看通杀流量加密](https://mp.weixin.qq.com/s?__biz=Mzk0ODM0MjA0OA==&mid=2247483896&idx=1&sn=1f6bf11a478f0f74a347455b0120e088) - - [ ] [【吃瓜】已上岸!](https://mp.weixin.qq.com/s?__biz=MzU3MjU4MjM3MQ==&mid=2247489591&idx=1&sn=96a899a7d742fa79856b5712bf1591bd) - - [ ] [年底裁员后坎坷的求职之路](https://mp.weixin.qq.com/s?__biz=Mzk0NTY5Nzc1OA==&mid=2247484262&idx=1&sn=194ead1613e2e6be48848984aa94d15c) - - [ ] [议题征集 | 关于征集第六期移动互联网APP产品安全漏洞技术沙龙议题的通知](https://mp.weixin.qq.com/s?__biz=MjM5NzYwNDU0Mg==&mid=2649249384&idx=1&sn=0ec25d262d67ca8b1b6ee4c4392ff393) - - [ ] [【数字政府优秀案例联播】交通智搜新升级:打造智能、专业、便捷的政务服务新体验](https://mp.weixin.qq.com/s?__biz=MjM5NzYwNDU0Mg==&mid=2649249384&idx=2&sn=1c6e329c6bca81c452ca789eab537c93) - - [ ] [安全简讯(2025.01.13)](https://mp.weixin.qq.com/s?__biz=MzkzNzY5OTg2Ng==&mid=2247500607&idx=1&sn=5ee26fcda2a35cda8864abdaef1b718c) - - [ ] [恶意软件容器化](https://mp.weixin.qq.com/s?__biz=Mzg5MDg3OTc0OA==&mid=2247489348&idx=1&sn=b58d14adab4a2ed80d2cf2457a31a0f0) - - [ ] [打造企业级安全护城河](https://mp.weixin.qq.com/s?__biz=MzkyNTY3Nzc3Mg==&mid=2247488105&idx=1&sn=d864d13b811f1050a778f9fd6cbff18f) - - [ ] [2025,感恩一路有你活动](https://mp.weixin.qq.com/s?__biz=MzI5ODE0ODA5MQ==&mid=2652281687&idx=1&sn=7934a57fd8a96c7620b9cc67dbab42c9) - - [ ] [贡献度排名第一!国舜股份积极支撑工信部车联网产品安全漏洞专业库](https://mp.weixin.qq.com/s?__biz=MzA3NjU5MTIxMg==&mid=2650575169&idx=1&sn=cf48f807b0a583ce0d72513c0185627d) - - [ ] [星火年鉴· 顶级篇 |注册量、解析量破200亿,工业互联网标识解析国家顶级节点(成都托管与灾备节点)加速推动制造业数字化转型](https://mp.weixin.qq.com/s?__biz=MzU1OTUxNTI1NA==&mid=2247592097&idx=1&sn=d31278c73cd636214c13c4a2520241ca) - - [ ] [如何充分利用网络安全保险](https://mp.weixin.qq.com/s?__biz=MzkxNzA3MTgyNg==&mid=2247534049&idx=1&sn=2beee14167a5b03d33ff211f021b29aa) - - [ ] [鼎信安全 | 网络安全一周资讯](https://mp.weixin.qq.com/s?__biz=MzIwOTc4MTE4Nw==&mid=2247500968&idx=1&sn=bb2762cbe059ca3cdb2ee97beb412f1e) - - [ ] [当猎人成为猎物:使用自定义回调禁用 EDR](https://mp.weixin.qq.com/s?__biz=MzAxODM5ODQzNQ==&mid=2247486308&idx=1&sn=8899e2a734b64f0ee44bb7c5b4a68ce6) - - [ ] [文心一言、智谱清言等302款生成式人工智能服务已在国家网信办完成备案!](https://mp.weixin.qq.com/s?__biz=MzA3NDIwNTY5Mw==&mid=2247507430&idx=1&sn=8fc56ec498e142e1cebb8ae9b7417166) - - [ ] [图解|我国数据出境合规指引](https://mp.weixin.qq.com/s?__biz=MzA3NDIwNTY5Mw==&mid=2247507430&idx=2&sn=b216dc6d7750bf76b4e299028ddc5923) - - [ ] [Proxy SwitchyOmega 被下架:一场针对浏览器扩展的大规模网络钓鱼攻击](https://mp.weixin.qq.com/s?__biz=MzIxMTg1ODAwNw==&mid=2247500395&idx=1&sn=291602b8ac131845db401dffb6b28de4) - - [ ] [元宇宙将比现实世界更受欢迎:现实世界会消失吗?](https://mp.weixin.qq.com/s?__biz=MzkxNDM4OTM3OQ==&mid=2247505731&idx=1&sn=60fbc4a4e811e38a7177d875e09e5cfa) - - [ ] [用于快速搜索 Windows 取证文件的开源工具](https://mp.weixin.qq.com/s?__biz=MzkxNDM4OTM3OQ==&mid=2247505731&idx=2&sn=59228995909b2e9daf2da495fa67be1c) - - [ ] [全球银行准备大规模裁员:人工智能改变游戏规则!](https://mp.weixin.qq.com/s?__biz=MzkxNDM4OTM3OQ==&mid=2247505731&idx=3&sn=5ec7b52e4a549a6f310663542aa58998) - - [ ] [DNA 测序仪漏洞标志着医疗器械行业固件存在问题](https://mp.weixin.qq.com/s?__biz=MzkxNDM4OTM3OQ==&mid=2247505731&idx=4&sn=eb4cadc77282c758c13dc8b2f01bb34f) - - [ ] [2025 年工作场所 Workplace 5.0 以人为本的人工智能](https://mp.weixin.qq.com/s?__biz=MzkxNDM4OTM3OQ==&mid=2247505731&idx=5&sn=7b760f6272929df09f16f94e15beb494) - - [ ] [网安牛马专属表情包分享](https://mp.weixin.qq.com/s?__biz=MzkwOTczNzIxNQ==&mid=2247485599&idx=1&sn=9c09dca6ca7bf3bb75677d03031d4acc) - - [ ] [新兴AI驱动勒索软件FunkSec:信息全球化与灰黑产的交汇](https://mp.weixin.qq.com/s?__biz=MzUxMjc0MTE3Mw==&mid=2247494897&idx=1&sn=33db12375b3946b756923f83a33eaeb3) - - [ ] [电子数据取证分析师培训通知](https://mp.weixin.qq.com/s?__biz=MzIyNzU0NjIyMg==&mid=2247488370&idx=1&sn=0d9e6254e52faf7fd8d6dbd9ab67cda7) - - [ ] [2024中国网络安全产业势能榜优能企业「制造行业」典型案例展示](https://mp.weixin.qq.com/s?__biz=MzI0MDY1MDU4MQ==&mid=2247580751&idx=1&sn=38ed7d42fddd1b5e624f8f2ac1ec4a44) - - [ ] [安全动态回顾|国家网络安全通报中心:重点防范境外恶意网址和恶意IP 超过4000个后门因注册过期域名而被劫持](https://mp.weixin.qq.com/s?__biz=MzI0MDY1MDU4MQ==&mid=2247580751&idx=2&sn=7886e26f1ed368509d62b0ced61b3b4c) - - [ ] [年终盘点之二|2024山石网科全国巡展,完美收官](https://mp.weixin.qq.com/s?__biz=MzAxMDE4MTAzMQ==&mid=2661297991&idx=1&sn=c48a9589b1b5c97bd4210077795118e6) - - [ ] [年终盘点之三|2024数据泄露十大事件(国内版)](https://mp.weixin.qq.com/s?__biz=MzAxMDE4MTAzMQ==&mid=2661297991&idx=2&sn=d17fb507b2dd73a6e5154a5f05396b9d) - - [ ] [大规模破解和黑客包泄漏 100 GB | 优质内容](https://mp.weixin.qq.com/s?__biz=MzkyNzYzNTQ2Nw==&mid=2247484004&idx=1&sn=669d69c22450a67894253aa651e376e2) - - [ ] [PHP服务器可能正在被挖矿!](https://mp.weixin.qq.com/s?__biz=MzU5OTMxNjkxMA==&mid=2247488442&idx=1&sn=c560220ca14fbb5f472bca815ee389f8) - - [ ] [【赠书抽奖】发现Web API漏洞居然能赚到400w刀,看懂这本书你也可以!](https://mp.weixin.qq.com/s?__biz=MzI1ODI0MTczNQ==&mid=2247491165&idx=1&sn=25ca0a0520923eeb18c1e1e347e391f0) - - [ ] [Sekiro+Yakit 热加载无痛绕sign](https://mp.weixin.qq.com/s?__biz=Mzg4Njg3MDk5Ng==&mid=2247486843&idx=1&sn=024bf3ec0b7902fb330412308737508b) - - [ ] [通用大模型分析恶意软件,完全不靠谱](https://mp.weixin.qq.com/s?__biz=Mzg5NTMxMjQ4OA==&mid=2247485549&idx=1&sn=5032b5ba9b4f8a43089a9684d4e3055a) - - [ ] [【游戏数据安全】反作弊分析分类](https://mp.weixin.qq.com/s?__biz=MzkyMTQzNTM3Ng==&mid=2247483865&idx=1&sn=2b58775007261ee5d7399fbefdbb34dd) - - [ ] [展望未来:Radware专家对2025年网络安全趋势的看法](https://mp.weixin.qq.com/s?__biz=MjM5ODE0Njk2Nw==&mid=2653021290&idx=1&sn=8e9017dd859c7b00e41e88c01b8d7746) - - [ ] [图形化漏洞利用Demo-JavaFX版](https://mp.weixin.qq.com/s?__biz=MzU2MDU5MDE2MA==&mid=2247484178&idx=1&sn=d1b640eaba093986d2a9b2be283ed362) - - [ ] [【挖洞实战】这不是只要有手就能批量挖Dom Xss漏洞](https://mp.weixin.qq.com/s?__biz=MzU2NDgzOTQzNw==&mid=2247503014&idx=1&sn=cea00ee2401be5a3b7910e4830df9796) - - [ ] [不妙,中招了【被供应链攻击的多个浏览器插件】,包含Proxy SwitchyOmega (V3)快看看你有没有中招!!!](https://mp.weixin.qq.com/s?__biz=Mzk0MzY3MDE5Mg==&mid=2247483900&idx=1&sn=bc2a24cb3acce687934d446c9b8e54ba) - - [ ] [DH POC撤稿之后还有后续......](https://mp.weixin.qq.com/s?__biz=MzkxNTY4NTQwMg==&mid=2247484250&idx=1&sn=94a79a0c3a5d9b0fd98cd00f3eb6e7c2) - - [ ] [工具集:Jar Analyzer【JAR包分析工具】](https://mp.weixin.qq.com/s?__biz=Mzk0MjY1ODE5Mg==&mid=2247485173&idx=1&sn=5a73100d1f93e564e9a47a52edecf6c9) - - [ ] [浅谈蜜罐原理与规避](https://mp.weixin.qq.com/s?__biz=MzUyODkwNDIyMg==&mid=2247546700&idx=1&sn=a1c5f7adaa827ba876c2a6f9ecca2c6c) - - [ ] [记一次简单的微信洗车小程序渗透学习](https://mp.weixin.qq.com/s?__biz=MzI3NjA4MjMyMw==&mid=2647789913&idx=1&sn=711f295d77c716f63cb014faa429975e) - - [ ] [从用户注册绕过到纵向权限提升接管SaaS平台](https://mp.weixin.qq.com/s?__biz=MzI4NTcxMjQ1MA==&mid=2247615126&idx=1&sn=0f4af4c6a0614c4c7d3cb8630b905b40) - - [ ] [通过高效的侦察发现关键漏洞接管整个IT基础设施](https://mp.weixin.qq.com/s?__biz=MzI4NTcxMjQ1MA==&mid=2247615126&idx=2&sn=5bd8af62ab97fbe13a4424ee9e7ce5b6) - - [ ] [网络抓包调试实践](https://mp.weixin.qq.com/s?__biz=MzkxMzMyNzMyMA==&mid=2247569635&idx=1&sn=2db73304bb7a151c07a5821530e7a565) - - [ ] [过来人告诉你网络安全到底要学什么?(附学习笔记、电子资料、安装包)](https://mp.weixin.qq.com/s?__biz=MzkxNDU0MTUyNw==&mid=2247491900&idx=1&sn=043fcafa82bfe031643f27f0ef9df91a) - - [ ] [Linux上常用的防火墙软件iptables详解](https://mp.weixin.qq.com/s?__biz=MzkxMzMyNzMyMA==&mid=2247569635&idx=2&sn=133bf1a2d285f34ca1fc65124517bc07) - - [ ] [行业动态|2025第三届商用密码展将于6月11日-13日在上海举办!](https://mp.weixin.qq.com/s?__biz=MzUyNjk2MDU4MQ==&mid=2247486408&idx=1&sn=1e184be0b0c354c02923ec5534f1dcc8) - - [ ] [南部非洲发展共同体(SADC)APT网络攻击趋势解析](https://mp.weixin.qq.com/s?__biz=Mzg3OTYxODQxNg==&mid=2247485597&idx=1&sn=158ede6f488e8ad3e77873fbeeb3c4d0) - - [ ] [章管家前台任意文件上传漏洞(XVE-2024-19042)](https://mp.weixin.qq.com/s?__biz=Mzg4NDg3NjE5MQ==&mid=2247485124&idx=1&sn=de4ced0e1f786160e9142f28356cf6df) - - [ ] [【黑产大数据】2024年数据泄露风险态势报告](https://mp.weixin.qq.com/s?__biz=MzI3NDY3NDUxNg==&mid=2247498732&idx=1&sn=4ba0213d21420c4b3a5fdde9907f5853) - - [ ] [第七届入侵检测挑战赛报名开启!](https://mp.weixin.qq.com/s?__biz=MzIxMjEwNTc4NA==&mid=2652997294&idx=1&sn=ec666eebc045f5a7137e852bd81614c9) - - [ ] [绘制网络拓扑图,这5款工具助你轻松搞定!](https://mp.weixin.qq.com/s?__biz=MzUyNTExOTY1Nw==&mid=2247527848&idx=1&sn=fe56854d8e8b69a9ccf90c73e04c010b) - - [ ] [MS-RPC 流程浅析](https://mp.weixin.qq.com/s?__biz=Mzg5NTkxNzg4MA==&mid=2247489836&idx=1&sn=a254b1c12d9a3d79caebaffc09e532e7) - - [ ] [Sec新闻周刊:中新赛克强势入选中国网络安全行业全景册](https://mp.weixin.qq.com/s?__biz=Mzk0ODUwNTg0Ng==&mid=2247489672&idx=1&sn=2c40fad5ea6c330b3e5af5fdc18c46a5) - - [ ] [对新人友好的云认证是?CCSK!!!](https://mp.weixin.qq.com/s?__biz=MzIxNTM4NDY2MQ==&mid=2247515685&idx=1&sn=60a26b482d668f9a65b58f8392a9aa76) - - [ ] [ITIL4 的职业发展前景](https://mp.weixin.qq.com/s?__biz=MzIxNTM4NDY2MQ==&mid=2247515685&idx=2&sn=dffc254743eee027c264d8b52275ee6d) - - [ ] [凭CZTP,进入零信任安全工程师赛道](https://mp.weixin.qq.com/s?__biz=MzIxNTM4NDY2MQ==&mid=2247515685&idx=3&sn=12e8c8877d43cab65bf2d3eae44546e5) - - [ ] [最新公告!可拨打12336举报泄密或保密违法违规行为](https://mp.weixin.qq.com/s?__biz=MzkyMDY4MTc2Ng==&mid=2247483966&idx=1&sn=e636d329a5b5ee3cc07d3b0281708352) - - [ ] [北京市西城区委常委、统战部部长江岚一行到访安博通](https://mp.weixin.qq.com/s?__biz=MzIyNTA5Mzc2OA==&mid=2651137396&idx=1&sn=a72bdcc625e7a11c1756e5501a86fd0f) - - [ ] [联想全球安全实验室热招AI安全领域精英,欢迎志同道合的小伙伴加入!](https://mp.weixin.qq.com/s?__biz=MzU1ODk1MzI1NQ==&mid=2247491476&idx=1&sn=41e46c9f328fd2e9c315fb6f0fb022ec) - - [ ] [【漏洞复现】科荣AIO系统存在代码执行漏洞](https://mp.weixin.qq.com/s?__biz=Mzg2MjkwMDY3OA==&mid=2247485529&idx=1&sn=5379f2f365b78268422e0aa297eaa61c) - - [ ] [论安全运营的本质(第十章)](https://mp.weixin.qq.com/s?__biz=MzkwNTI3MjIyOQ==&mid=2247484113&idx=1&sn=7f019dca19eb8721e20b86ecde235940) - - [ ] [CISSP管理者思路系列-6](https://mp.weixin.qq.com/s?__biz=MzIyMjYzNDgzMg==&mid=2247487609&idx=1&sn=53179fc57883fbb8721e1024c4d4fa23) - - [ ] [欢迎「金山云」入驻补天专属SRC!](https://mp.weixin.qq.com/s?__biz=MzI2NzY5MDI3NQ==&mid=2247507273&idx=1&sn=19b1a506b7082cf3e664e77cdd6e1e2e) - - [ ] [【吃瓜】优越感从何而来](https://mp.weixin.qq.com/s?__biz=Mzk0OTY2ODE1NA==&mid=2247484965&idx=1&sn=458ff1e5072a7220fb1597b412c31d4e) - - [ ] [无条件帮转高质量原创文章](https://mp.weixin.qq.com/s?__biz=MzkzNDIzNDUxOQ==&mid=2247494201&idx=1&sn=773dee3b8b7be36c839fd06a1f45d440) - - [ ] [【分析报告】蒙古国首都发生示威游行事件](https://mp.weixin.qq.com/s?__biz=MzkwNzM0NzA5MA==&mid=2247503784&idx=1&sn=fbcceefe3a99ba33bc9366707787a161) - - [ ] [蒙古国与日本及欧洲合作的多维影响:地缘政治、军事与经济分析](https://mp.weixin.qq.com/s?__biz=MzkwNzM0NzA5MA==&mid=2247503784&idx=2&sn=0567f454c7c6080d119916d7c420d945) - - [ ] [蒙古国与印度合作 :挑战交织下的地缘政治棋局](https://mp.weixin.qq.com/s?__biz=MzkwNzM0NzA5MA==&mid=2247503784&idx=3&sn=75dc380dad6d85821f4a51c795ceae3c) - - [ ] [CommonsCollections CC1攻击链详解](https://mp.weixin.qq.com/s?__biz=MzkzNzI2Mzc0Ng==&mid=2247486395&idx=1&sn=16923b6435b723ef0bceb14373cac87a) - - [ ] [西班牙电信巨头 Telefónica 发生严重数据泄露](https://mp.weixin.qq.com/s?__biz=MjM5Mzc4MzUzMQ==&mid=2650260383&idx=1&sn=2d52c9c19f4213f6db6138421d57362d) - - [ ] [算法治病还是杀人?留神医疗大模型被“投毒”](https://mp.weixin.qq.com/s?__biz=MzI1OTA1MzQzNA==&mid=2651247414&idx=1&sn=df34afa6162156e52419024004e80cad) - - [ ] [20元就能山寨官网!央视曝光克隆网站黑幕](https://mp.weixin.qq.com/s?__biz=MzU0MjE2Mjk3Ng==&mid=2247488395&idx=1&sn=5f461e90183934cf2a555d8bb1eb8628) - - [ ] [数据安全治理实践指南(4.0)](https://mp.weixin.qq.com/s?__biz=MzI3NjUzOTQ0NQ==&mid=2247517052&idx=1&sn=9ceaace23a7ee3df679b0ac1f15241dd) - - [ ] [坦诚点,让我们谈谈网络安全行业现状](https://mp.weixin.qq.com/s?__biz=Mzg4NzgyODEzNQ==&mid=2247488595&idx=1&sn=e0d96d17cc81d1fc1f9023201479b3d1) - - [ ] [网安全牛马注意了!!!某提权工具被投毒植入后门](https://mp.weixin.qq.com/s?__biz=MzkwODM3NjIxOQ==&mid=2247502254&idx=1&sn=65722ab7fe999110e71098d246f9b1fa) - - [ ] [澳门司法警察局“电子数据取证”交流培训活动圆满落幕](https://mp.weixin.qq.com/s?__biz=Mzg3MjE1NjQ0NA==&mid=2247514135&idx=1&sn=5db549d49218818eeb0c16de15922c25) - - [ ] [CES 2025的十大“人工智障”产品](https://mp.weixin.qq.com/s?__biz=MzkxNTI2MTI1NA==&mid=2247502100&idx=1&sn=c77ce9430cd56a9714c2b241df526cc7) - - [ ] [周刊 | 网安大事回顾(2025.1.6-2025.1.12)](https://mp.weixin.qq.com/s?__biz=MzkxNTI2MTI1NA==&mid=2247502100&idx=2&sn=12de4dfa2cd4a5a3b507b90cfa668bcc) - - [ ] [【我们这一年】网络和数据安全取得新突破](https://mp.weixin.qq.com/s?__biz=MzkyMDMwNTkwNg==&mid=2247487228&idx=1&sn=24663c9da168168f965aff20afce7a58) - - [ ] [轻量级、自适应Web爬虫工具](https://mp.weixin.qq.com/s?__biz=MzkyMDM4NDM5Ng==&mid=2247490227&idx=1&sn=74f8d20a405e1b97c6c308e7c5596e66) - - [ ] [一个永久的.NET渗透工具和知识仓库](https://mp.weixin.qq.com/s?__biz=MzkyMDM4NDM5Ng==&mid=2247490227&idx=2&sn=d9c48450125c96e885b697b496a8b413) - - [ ] [AAAI 25 | 融合分隔:协同专家混合模型用于数据稀缺环境下的药物-靶点相互作用预测](https://mp.weixin.qq.com/s?__biz=Mzg4MzE1MTQzNw==&mid=2247491733&idx=1&sn=83e02623adec1c30364f023dbc550518) - - [ ] [MITRE ATT&CK:应用指南与学习路径](https://mp.weixin.qq.com/s?__biz=MzkzMDQ0NzQwNA==&mid=2247485871&idx=1&sn=4a8fedb2de4d6a2fcf2456d0fd86e9b5) - - [ ] [罪恶角落,带你了解什么是暗网](https://mp.weixin.qq.com/s?__biz=Mzg3NTY0MjIwNg==&mid=2247485518&idx=1&sn=4883cd2d4061a65371d5afe9e0196c58) - - [ ] [【文中抽奖】一杯奶茶钱开挣生活费 SRC漏洞挖掘基础及赏金培训](https://mp.weixin.qq.com/s?__biz=MzI0NjE1NDYyOA==&mid=2247484790&idx=1&sn=7c58b5be658c0fb646c28fda9f8aeb33) - - [ ] [腾讯协助警方破获木马盗窃游戏账号案,涉案金额超 3000 万;|江苏一男子利用小程序Bug逃匿28万加油费,法院判了](https://mp.weixin.qq.com/s?__biz=MzAxMjE3ODU3MQ==&mid=2650606485&idx=1&sn=e6574ea4808aafdb1a8939a0e61f67e5) - - [ ] [国家网信办征求意见:平台应当以显著方式展示账号所属 MCN 机构](https://mp.weixin.qq.com/s?__biz=MzAxMjE3ODU3MQ==&mid=2650606485&idx=2&sn=ca90501b4575d0ee15461348ca0a7817) - - [ ] [记一次某OA渗透测试有意思的文件上传漏洞挖掘经历以及分析](https://mp.weixin.qq.com/s?__biz=MzAxMjE3ODU3MQ==&mid=2650606485&idx=3&sn=4bdcf90b59f41c99b28e4613268a24c6) - - [ ] [一个好用的越权扫描工具](https://mp.weixin.qq.com/s?__biz=MzAxMjE3ODU3MQ==&mid=2650606485&idx=4&sn=ead6d8702819a5443a5124688e8a6934) - - [ ] [【技术分享】WS视频流地址泄露利用方式](https://mp.weixin.qq.com/s?__biz=MzkxMTY1MTIzOA==&mid=2247484571&idx=1&sn=52dc59bb8dfe62fb3fd057d1f7a29b0c) - - [ ] [记一次从任意文件下载到getshell](https://mp.weixin.qq.com/s?__biz=Mzk0MTIzNTgzMQ==&mid=2247519178&idx=1&sn=ffc262a1b50eb5cd080dd71e5ec057ec) - - [ ] [常用浏览器的安全取证分析技术总结](https://mp.weixin.qq.com/s?__biz=MjM5MjEyMTcyMQ==&mid=2651037264&idx=1&sn=a1c62cd4e27808340ee69e684ca70983) - - [ ] [【神兵利器】HeavenlyBypassAV免杀工具](https://mp.weixin.qq.com/s?__biz=Mzg4MTU4NTc2Nw==&mid=2247494941&idx=1&sn=850fc249132011cdab654923792fead7) - - [ ] [程序源码保护攻防对抗记录](https://mp.weixin.qq.com/s?__biz=Mzg4MTU4NTc2Nw==&mid=2247494941&idx=2&sn=d2e1544fd257d23974c5f6f7fc9a3c23) - - [ ] [[0113]一周重点暗网情报|天际友盟情报站](https://mp.weixin.qq.com/s?__biz=MzIwNjQ4OTU3NA==&mid=2247510005&idx=1&sn=c48e4d5efd2041457d33e5f84223f855) - - [ ] [数十个Chrome扩展程序被黑客攻击,数百万用户数据被盗(包括Proxy SwitchyOmega在内)](https://mp.weixin.qq.com/s?__biz=MzkyODY3NjkyNQ==&mid=2247484756&idx=1&sn=388375c011cc6ec8046a8ec235ed4d62) - - [ ] [华硕(ASUS)RT-AX56U系列路由器error_page存在文件读取](https://mp.weixin.qq.com/s?__biz=MzkyOTg3ODc5OA==&mid=2247484162&idx=1&sn=535c46098f7db6c25a0500484da29ddc) - - [ ] [AI引领2024|智能体200+,执行任务近50000000次,这一年恒脑很忙](https://mp.weixin.qq.com/s?__biz=MjM5NTE0MjQyMg==&mid=2650623724&idx=1&sn=9537ef0dac94cf46a5a8a10023bc7f9b) - - [ ] [把握“AI”新浪潮 | 浙商总会数字资产及交易委员会一届二次委员会议举行](https://mp.weixin.qq.com/s?__biz=MjM5NTE0MjQyMg==&mid=2650623724&idx=2&sn=745381a3f0fbf8d64db495cffddd92c8) - - [ ] [美国超千万中小学生个人数据疑似泄露](https://mp.weixin.qq.com/s?__biz=MzIwNzAwOTQxMg==&mid=2652251197&idx=1&sn=a6f8126cf569ae8d1d20db2ec9ba5471) - - [ ] [从“金疙瘩”到“烫手山芋”,智算中心面临过剩危机](https://mp.weixin.qq.com/s?__biz=Mzg4MDE0MzQzMw==&mid=2247487996&idx=1&sn=7fc7f3d3e3de1061c83a2bd052aa06b6) - - [ ] [“迪普信创AI全流量态势感知”入选浙江省信息技术应用创新优秀解决方案](https://mp.weixin.qq.com/s?__biz=MzA4NzE5MzkzNA==&mid=2650370114&idx=1&sn=aad65c650effe7c6eb2b12046665ca6e) - - [ ] [泛微-云桥e-Bridge addTasteJsonp SQL注入漏洞](https://mp.weixin.qq.com/s?__biz=MzkzMTcwMTg1Mg==&mid=2247490141&idx=1&sn=9bdeb4a82982b626048e1a9069b4d1e9) - - [ ] [一次敏感信息泄露引发的逻辑漏洞挖掘](https://mp.weixin.qq.com/s?__biz=MzkxNzY5MTg1Ng==&mid=2247485481&idx=1&sn=1115561690fb800d94b50913f07bd6d2) - - [ ] [IClean](https://mp.weixin.qq.com/s?__biz=Mzk1NzY0NzMyMw==&mid=2247485282&idx=1&sn=fe2ef5eaa6f84e12f45e5f806d37f2b8) - - [ ] [企业防线的薄弱环节:深入了解供应链网络攻击的风险](https://mp.weixin.qq.com/s?__biz=MzA3MTUxNzQxMQ==&mid=2453885717&idx=1&sn=02370f3718668f2fb513019d1e09d686) - - [ ] [浅谈金融资产机构数据质量问题与应对策略](https://mp.weixin.qq.com/s?__biz=MzkwNDI0MjkzOA==&mid=2247485650&idx=1&sn=d18cd67e0c5c4da244c8b9bcf826c396) - - [ ] [微软采取法律行动保护公众免受人工智能生成内容的侵害](https://mp.weixin.qq.com/s?__biz=MzI2NzAwOTg4NQ==&mid=2649793828&idx=1&sn=46ceaef5035a0a62be54836973ba1e77) - - [ ] [GitHub 上的虚假 LDAPNightmware 漏洞投放信息窃取恶意软件](https://mp.weixin.qq.com/s?__biz=MzI2NzAwOTg4NQ==&mid=2649793828&idx=2&sn=75c89a73f526a3eef48834b9589071a7) - - [ ] [泽连斯基访问意大利后,亲俄黑客发动新一波 DDoS 攻击](https://mp.weixin.qq.com/s?__biz=MzI2NzAwOTg4NQ==&mid=2649793828&idx=3&sn=e0a4e09c8099a8284fd038f81a885f3b) - - [ ] [2025的第一个私活,赚了2w](https://mp.weixin.qq.com/s?__biz=MzUzMDQ1MTY0MQ==&mid=2247506577&idx=1&sn=dd37e4692c9c7937254675370f08279d) - - [ ] [Lua项目下SSRF利用Redis文件覆盖lua回显RCE](https://mp.weixin.qq.com/s?__biz=Mzk0Mzc1MTI2Nw==&mid=2247487032&idx=1&sn=3953d7b15c531d645369722844c65578) - - [ ] [实战|拿下了自己学校的大屏幕](https://mp.weixin.qq.com/s?__biz=MzU2NzY5MzI5Ng==&mid=2247504764&idx=1&sn=5c021b505429afbebdaa8a822ad917e9) - - [ ] [【快收藏】信创认证一文通:你想知道的都在这儿](https://mp.weixin.qq.com/s?__biz=MzU2NzY5MzI5Ng==&mid=2247504764&idx=2&sn=3078de2e0ecc85d9808e62d9c2dad6c9) - - [ ] [vulnhub之Sputnik的实践](https://mp.weixin.qq.com/s?__biz=MzA3MjM5MDc2Nw==&mid=2650748923&idx=1&sn=da1b2662ae1830f66e01ee29a39ce551) - - [ ] [【吃瓜】要不是真的没绷住,没周末还发吃瓜啊?](https://mp.weixin.qq.com/s?__biz=MzIxNTIzNTExMQ==&mid=2247490663&idx=1&sn=76c8f084b038a53cb020772026ab8e04) - - [ ] [网络安全讲师(兼职)招募](https://mp.weixin.qq.com/s?__biz=MzU4OTg4Nzc4MQ==&mid=2247505479&idx=1&sn=33e43aa495d88306d800d5786147d55b) - - [ ] [网络安全ctf比赛/学习资源整理,解题工具、比赛时间、解题思路、实战靶场、学习路线,推荐收藏!](https://mp.weixin.qq.com/s?__biz=MzU4OTg4Nzc4MQ==&mid=2247505479&idx=2&sn=b430206fc0a060fe581e40f7929f1724) - - [ ] [云上安全的五大威胁及防护措施](https://mp.weixin.qq.com/s?__biz=Mzg2MDg0ODg1NQ==&mid=2247539478&idx=1&sn=7a255a9243b48db12349cb6c05714760) +- 奇安信攻防社区 + - [ ] [从嵌入式系统到网络设备:路由器安全攻防技术详解](https://forum.butian.net/share/3995) + - [ ] [windows内核驱动开发](https://forum.butian.net/share/4034) + - [ ] [ognl+cc 依赖绕过沙箱](https://forum.butian.net/share/4037) - Private Feed for M09Ic - - [ ] [safedv starred RedByte1337/GraphSpy](https://github.com/RedByte1337/GraphSpy) - - [ ] [kpcyrd starred woodruffw/zizmor](https://github.com/woodruffw/zizmor) - - [ ] [zema1 started following kotori2](https://github.com/kotori2) - - [ ] [zer0yu starred afnanenayet/diffsitter](https://github.com/afnanenayet/diffsitter) - - [ ] [wh0amitz starred pureqh/Hyacinth](https://github.com/pureqh/Hyacinth) - - [ ] [4ra1n starred icsharpcode/ILSpy](https://github.com/icsharpcode/ILSpy) - - [ ] [Ridter starred doyensec/CSPTBurpExtension](https://github.com/doyensec/CSPTBurpExtension) - - [ ] [h3zh1 pushed to master in chainreactors/malefic](https://github.com/chainreactors/malefic/compare/c71ba53e38...3aea9cd265) - - [ ] [Rvn0xsy starred bytevet/proxyverse](https://github.com/bytevet/proxyverse) - - [ ] [DVKunion starred zero-peak/ZeroOmega](https://github.com/zero-peak/ZeroOmega) - - [ ] [INotGreen starred H4ckF0rFun/elf_to_shellcode](https://github.com/H4ckF0rFun/elf_to_shellcode) - - [ ] [zer0yu started following mal-tee](https://github.com/mal-tee) - - [ ] [Ridter forked Ridter/reality from howmp/reality](https://github.com/Ridter/reality) - - [ ] [pmiaowu starred lemono0/FastJsonParty](https://github.com/lemono0/FastJsonParty) - - [ ] [glzjin starred cliffe/SecGen](https://github.com/cliffe/SecGen) - - [ ] [Ridter starred howmp/reality](https://github.com/howmp/reality) - - [ ] [ring04h starred uber-go/goleak](https://github.com/uber-go/goleak) - - [ ] [yzddmr6 forked yzddmr6/520apkhook from sec-db/520apkhook](https://github.com/yzddmr6/520apkhook) - - [ ] [yzddmr6 starred howmp/reality](https://github.com/howmp/reality) + - [ ] [safedv starred Karneades/malware-persistence](https://github.com/Karneades/malware-persistence) + - [ ] [safedv starred TabbyML/tabby](https://github.com/TabbyML/tabby) + - [ ] [safedv starred securitytemplates/sectemplates](https://github.com/securitytemplates/sectemplates) + - [ ] [mgeeky starred strandjs/IntroLabs](https://github.com/strandjs/IntroLabs) + - [ ] [BishopFox made BishopFox/raink public](https://github.com/BishopFox/raink) + - [ ] [mgeeky starred Neo23x0/sysmon-config](https://github.com/Neo23x0/sysmon-config) + - [ ] [zer0yu starred yqcs/prismx](https://github.com/yqcs/prismx) + - [ ] [zer0yu starred OWASP/www-project-asvs-security-evaluation-templates-with-nuclei](https://github.com/OWASP/www-project-asvs-security-evaluation-templates-with-nuclei) + - [ ] [zer0yu started following vztu](https://github.com/vztu) + - [ ] [mgeeky starred S3lrius/okta-mullvad-siege](https://github.com/S3lrius/okta-mullvad-siege) + - [ ] [zer0yu started following nicowaisman](https://github.com/nicowaisman) + - [ ] [kpcyrd forked kpcyrd/espflash from esp-rs/espflash](https://github.com/kpcyrd/espflash) + - [ ] [liamg starred dhanishgajjar/vscode-icons](https://github.com/dhanishgajjar/vscode-icons) + - [ ] [glzjin released v1.0.0 at glzjin/lzc-uid-impersonation](https://github.com/glzjin/lzc-uid-impersonation/releases/tag/v1.0.0) + - [ ] [glzjin created a repository glzjin/lzc-uid-impersonation](https://github.com/glzjin/lzc-uid-impersonation//) + - [ ] [Ascotbe starred xpipe-io/xpipe](https://github.com/xpipe-io/xpipe) + - [ ] [safedv starred EvilBytecode/GoDefender](https://github.com/EvilBytecode/GoDefender) + - [ ] [safedv starred BlackSnufkin/NyxInvoke](https://github.com/BlackSnufkin/NyxInvoke) + - [ ] [safedv starred mar10/wsgidav](https://github.com/mar10/wsgidav) + - [ ] [safedv starred Offensive-Panda/ShadowDumper](https://github.com/Offensive-Panda/ShadowDumper) + - [ ] [su18 started following apangin](https://github.com/apangin) + - [ ] [zer0yu starred RedByte1337/GraphSpy](https://github.com/RedByte1337/GraphSpy) + - [ ] [su18 starred yanqi27/core_analyzer](https://github.com/yanqi27/core_analyzer) + - [ ] [lijiejie started following 78](https://github.com/78) + - [ ] [Rvn0xsy starred 0xPlaygrounds/rig](https://github.com/0xPlaygrounds/rig) + - [ ] [FunnyWolf starred androguard/androguard](https://github.com/androguard/androguard) + - [ ] [Rvn0xsy starred astral-sh/uv](https://github.com/astral-sh/uv) + - [ ] [INotGreen starred natemcmaster/DotNetCorePlugins](https://github.com/natemcmaster/DotNetCorePlugins) + - [ ] [4ra1n started following yuanhaiGreg](https://github.com/yuanhaiGreg) + - [ ] [su18 started following Ape1ron](https://github.com/Ape1ron) +- 安全脉搏 + - [ ] [Windows远程桌面的奇技淫巧](https://www.secpulse.com/archives/205196.html) + - [ ] [JMX 反序列化漏洞](https://www.secpulse.com/archives/205242.html) + - [ ] [某个OA系统的代码审计](https://www.secpulse.com/archives/205256.html) +- 嘶吼 RoarTalk – 网络安全行业综合服务平台,4hou.com + - [ ] [CACTER直播预告:大模型网关新品抢先知,惊喜积分礼盒等您兑](https://www.4hou.com/posts/YZYY) + - [ ] [喜报!360入围中央国家机关及多地省政府采购名单](https://www.4hou.com/posts/ZgGg) + - [ ] [2024 年加密货币钱包盗取事件金额多达 4.94 亿美元](https://www.4hou.com/posts/wxgX) + - [ ] [国投智能2024年度十大事件揭晓](https://www.4hou.com/posts/XPXV) +- CXSECURITY Database RSS Feed - CXSecurity.com + - [ ] [IIT Bombay Bodhitree- Malicious Code injection](https://cxsecurity.com/issue/WLB-2025010016) + - [ ] [TheDotStudios Web Application Union-based Sql Injection](https://cxsecurity.com/issue/WLB-2025010015) + - [ ] [FSB: FOR and AGAINST XSS Vulnerability](https://cxsecurity.com/issue/WLB-2025010014) - Recent Commits to cve:main - - [ ] [Update Mon Jan 13 20:21:05 UTC 2025](https://github.com/trickest/cve/commit/6d1183495f89140d47f2cca943f8e3e0b0c86f4a) - - [ ] [Update Mon Jan 13 12:18:30 UTC 2025](https://github.com/trickest/cve/commit/25b0ea30350fdeb5c900d370af0419f11ef61acc) - - [ ] [Update Mon Jan 13 04:15:26 UTC 2025](https://github.com/trickest/cve/commit/e8cfcd643185168d79075322c94dc7a7868ad6f0) -- 奇安信攻防社区 - - [ ] [AFL++工具运行原理与实战分析](https://forum.butian.net/share/4033) - - [ ] [安全开发原则与编码规范](https://forum.butian.net/share/4036) + - [ ] [Update Tue Jan 14 20:23:05 UTC 2025](https://github.com/trickest/cve/commit/2b68f28ad7d72be76ceb432454fd1e3de100a91e) + - [ ] [Update Tue Jan 14 12:15:13 UTC 2025](https://github.com/trickest/cve/commit/092338135fdd51d78ed23be4a9c2576af612967d) + - [ ] [Update Tue Jan 14 04:11:31 UTC 2025](https://github.com/trickest/cve/commit/d29be7fc385546f1f15f732420b3469cf35461fb) +- Security Boulevard + - [ ] [The Future of Cybersecurity: Global Outlook 2025 and Beyond](https://securityboulevard.com/2025/01/the-future-of-cybersecurity-global-outlook-2025-and-beyond/) + - [ ] [Unsafe Deserialization Attacks Surge | December Attack Data | Contrast Security](https://securityboulevard.com/2025/01/unsafe-deserialization-attacks-surge-december-attack-data-contrast-security/) + - [ ] [How to Prevent Risk From Unknown Build Assets](https://securityboulevard.com/2025/01/how-to-prevent-risk-from-unknown-build-assets/) + - [ ] [CVE-2024-55591: Fortinet Authentication Bypass Zero-Day Vulnerability Exploited in the Wild](https://securityboulevard.com/2025/01/cve-2024-55591-fortinet-authentication-bypass-zero-day-vulnerability-exploited-in-the-wild/) + - [ ] [DEF CON 32 – Pick Your Poison: Navigating A Secure Clean Energy Transition](https://securityboulevard.com/2025/01/def-con-32-pick-your-poison-navigating-a-secure-clean-energy-transition/) + - [ ] [Microsoft’s January 2025 Patch Tuesday Addresses 157 CVEs (CVE-2025-21333, CVE-2025-21334, CVE-2025-21335)](https://securityboulevard.com/2025/01/microsofts-january-2025-patch-tuesday-addresses-157-cves-cve-2025-21333-cve-2025-21334-cve-2025-21335/) + - [ ] [The AI Revolution: Navigating Cybersecurity Challenges in 2025](https://securityboulevard.com/2025/01/the-ai-revolution-navigating-cybersecurity-challenges-in-2025/) + - [ ] [Randall Munroe’s XKCD ‘Trimix’](https://securityboulevard.com/2025/01/randall-munroes-xkcd-trimix/) + - [ ] [Sanitizing Unstructured Data In Motion—and Why It’s Important](https://securityboulevard.com/2025/01/sanitizing-unstructured-data-in-motion-and-why-its-important/) + - [ ] [Six Friends Every Security Team Needs](https://securityboulevard.com/2025/01/six-friends-every-security-team-needs/) +- SecWiki News + - [ ] [SecWiki News 2025-01-14 Review](http://www.sec-wiki.com/?2025-01-14) +- paper - Last paper + - [ ] [探索大型语言模型在Android恶意软件语义分析与分类中的应用](https://paper.seebug.org/3267/) +- Trustwave Blog + - [ ] [Navigating DORA Compliance: A Roadmap to Operational Resilience with Trustwave](https://www.trustwave.com/en-us/resources/blogs/trustwave-blog/navigating-dora-compliance-a-roadmap-to-operational-resilience-with-trustwave/) +- Tenable Blog + - [ ] [CVE-2024-55591: Fortinet Authentication Bypass Zero-Day Vulnerability Exploited in the Wild](https://www.tenable.com/blog/cve-2024-55591-fortinet-authentication-bypass-zero-day-vulnerability-exploited-in-the-wild) + - [ ] [Microsoft’s January 2025 Patch Tuesday Addresses 157 CVEs (CVE-2025-21333, CVE-2025-21334, CVE-2025-21335)](https://www.tenable.com/blog/microsofts-january-2025-patch-tuesday-157-cves-cve-2025-21333-cve-2025-21334-cve-2025-21335) +- Doonsec's feed + - [ ] [牟林:撕掉了价值观的伪装的特朗普赤膊上阵意味深长](https://mp.weixin.qq.com/s?__biz=MzA5MDg1MDUyMA==&mid=2650476159&idx=1&sn=9ee9e8f87fe420fc6c6341795ef49a16) + - [ ] [美国商务部发布联网汽车禁令的双刃剑效应](https://mp.weixin.qq.com/s?__biz=MzU3MDM2NzkwNg==&mid=2247486527&idx=1&sn=ea24c76effd05ec8ea8d35594bc8d6f1) + - [ ] [Kioptrix-Level Four 综合靶机实战思路](https://mp.weixin.qq.com/s?__biz=MzkzMzg3MzMyOA==&mid=2247486096&idx=1&sn=077a1526044ac3b0e5faf5a43b121e34) + - [ ] [2025年5大最佳静态代码分析工具](https://mp.weixin.qq.com/s?__biz=Mzk0MzY1NDc2MA==&mid=2247484248&idx=1&sn=660d1f911b2ba04ced47f27fc379b993) + - [ ] [2025年,AI代码生成器会克服他们的不安全感吗?](https://mp.weixin.qq.com/s?__biz=Mzk0MzY1NDc2MA==&mid=2247484248&idx=2&sn=38859bfbe2dd4ed1e30a56eaf6e7aae0) + - [ ] [战略解码:后量子密码学时代即将到来,到2029年多数传统密码算法将不再安全!(附下载)](https://mp.weixin.qq.com/s?__biz=MzkyMTYyOTQ5NA==&mid=2247486200&idx=1&sn=b8aebdb50b6d0b52cae98068b497ce5c) + - [ ] [信息收集神器--Nmap](https://mp.weixin.qq.com/s?__biz=Mzk1NzQwNjQ4Ng==&mid=2247484155&idx=1&sn=112973fae39d94735fdd696778fd0050) + - [ ] [关注 | 工信部发文 加强互联网数据中心客户数据安全保护](https://mp.weixin.qq.com/s?__biz=MzI5NTM4OTQ5Mg==&mid=2247633806&idx=1&sn=1e8f421710d828b75aaa168efa6c2368) + - [ ] [发布 | 公安部公布8起打击网络黑客犯罪典型案例](https://mp.weixin.qq.com/s?__biz=MzI5NTM4OTQ5Mg==&mid=2247633806&idx=2&sn=124635720d9fd3a4d52758945ac5fbb4) + - [ ] [专家解读 | 大力发展数据标注产业 推动我国人工智能创新发展](https://mp.weixin.qq.com/s?__biz=MzI5NTM4OTQ5Mg==&mid=2247633806&idx=3&sn=2fb371756994036269d4fc5b01dba54a) + - [ ] [专挑执法机构下手!欧盟执法培训机构发生大规模数据泄露](https://mp.weixin.qq.com/s?__biz=MzI4NDY2MDMwMw==&mid=2247513487&idx=2&sn=11bbee0dcc26adcb43a666c1f79059f1) + - [ ] [感受风险的脉搏](https://mp.weixin.qq.com/s?__biz=Mzg2MDc0NTIxOQ==&mid=2247484712&idx=1&sn=37b75b5289eea41ca58444a90f849239) + - [ ] [趋势预测 | 2025年人工智能带来的五大网络安全挑战](https://mp.weixin.qq.com/s?__biz=Mzg4MDU0NTQ4Mw==&mid=2247528636&idx=1&sn=e7b0e6125f4860f6ff6b03f1c2560eb7) + - [ ] [【漏洞预警】科拓全智能停车收费系统Webservice.asmx存在任意文件上传漏洞](https://mp.weixin.qq.com/s?__biz=MzI3NzMzNzE5Ng==&mid=2247489457&idx=1&sn=56aacbec2792c121e13929fa55c1d15c) + - [ ] [HooK iOS内核代码禁用ASLR](https://mp.weixin.qq.com/s?__biz=MzI3NzMzNzE5Ng==&mid=2247489457&idx=2&sn=f8d7f758303e046b7ad7bf007307bb99) + - [ ] [不被大风吹倒](https://mp.weixin.qq.com/s?__biz=MzUzMjQyMDE3Ng==&mid=2247487879&idx=1&sn=2b21fe27106a44fd4d67437654344911) + - [ ] [用于快速搜索 Windows 取证文件的开源工具](https://mp.weixin.qq.com/s?__biz=Mzg3OTUxNTU2NQ==&mid=2247489985&idx=1&sn=7e571dcec614a3df4edd8a9942fda45d) + - [ ] [通用大模型分析恶意软件,完全不靠谱](https://mp.weixin.qq.com/s?__biz=Mzg3OTUxNTU2NQ==&mid=2247489985&idx=2&sn=34221d1abc1654c247f6d48a1358ea27) + - [ ] [浅谈蜜罐原理与规避](https://mp.weixin.qq.com/s?__biz=Mzg3OTUxNTU2NQ==&mid=2247489985&idx=3&sn=d1ad5a883663d7ab9c6733b36f18dea6) + - [ ] [免费 | 一键为图片添加矢量描边,轻松制作精美贴图](https://mp.weixin.qq.com/s?__biz=MzI2MjcwMTgwOQ==&mid=2247492166&idx=1&sn=1bd4586e5113eebd05eef898773dd813) + - [ ] [BS ISO 23799-2024 船舶和海洋技术 机载网络安全评估(中文版)](https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247619473&idx=1&sn=bc75cac851697fceeb2fc6f22d65fb88) + - [ ] [E26 Cyber resilience of ships 船舶网络韧性(中英文)](https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247619473&idx=2&sn=c87c8dfeec334aa7c0648bd5d5fb1c0f) + - [ ] [船舶网络安全态势感知方法研究综述](https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247619473&idx=3&sn=b5af0428d85c47768ab3249823c1e943) + - [ ] [通过Frida-Labs 筑牢frida基础](https://mp.weixin.qq.com/s?__biz=Mzk0ODM0MjA0OA==&mid=2247483898&idx=1&sn=27137752eaa2ec4a2c94554309d28337) + - [ ] [网络安全市场正面临“红海”困境](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485408&idx=1&sn=d3dd148b9a40df582dcc7469214bed24) + - [ ] [【直卖实拍】北七家3居变4居豪装,理想楼层、户型、朝向](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485408&idx=2&sn=d4ddf8594577b5ca40c9df760b5a9bd8) + - [ ] [【干货】笑傲职场的独家经验(1)](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485408&idx=3&sn=19ee1eae4f3f850a6a54da14830621ac) + - [ ] [【干货原创】实网攻防演习常态化,会带来什么变化01](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485408&idx=4&sn=f5757f423a3c082d25670a4f654ca58f) + - [ ] [【干货原创】K12教育,鲜为人知的模式秘密](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485408&idx=5&sn=17f3311b68450e89f1529fc3c79478d5) + - [ ] [原创文章目录](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485408&idx=6&sn=4b5e54c53d30cee295d18757908955a0) + - [ ] [Vulnhub-SkyTower靶机](https://mp.weixin.qq.com/s?__biz=Mzk1NzI5NzA3NQ==&mid=2247486104&idx=1&sn=b465a463e21cb6b5ec8d8e3a492731e0) + - [ ] [记录一次渗透ta的内心(下)](https://mp.weixin.qq.com/s?__biz=MzkyMDY1MDI3OA==&mid=2247483760&idx=1&sn=439de68dc790096679ce33deb91e4080) + - [ ] [重拳出击!公安部公布2024年打击网络黑客犯罪典型案例](https://mp.weixin.qq.com/s?__biz=MzkwMDU5NTE0OQ==&mid=2247488665&idx=1&sn=dafcee6a677014e61d2cee0967d06c8e) + - [ ] [EarlyBirdNTDLL项目解析以绕过Defender](https://mp.weixin.qq.com/s?__biz=Mzg5MDg3OTc0OA==&mid=2247489374&idx=1&sn=3265275266612356110a5deaff62567f) + - [ ] [防翻车,禁止浏览器扩展插件自动更新](https://mp.weixin.qq.com/s?__biz=Mzk0MzY3MDE5Mg==&mid=2247483913&idx=1&sn=162d3d2618498bf04d6dd5703c9eb091) + - [ ] [攻防演练-医院-ez一把梭](https://mp.weixin.qq.com/s?__biz=Mzg2ODYxMzY3OQ==&mid=2247518206&idx=1&sn=c6aeb567802f8bb89727ab12d737130f) + - [ ] [网站篡改入门,一个SQL注入漏洞就能让整个网站大变样,原理详解|!|从SQL注入到XSS攻击,完整还原黑客是如何篡改网站的](https://mp.weixin.qq.com/s?__biz=MzI5MjY4MTMyMQ==&mid=2247489687&idx=1&sn=c004c654be6ef71290e6cc23b82a8083) + - [ ] [原创—再次谏言腾讯走运模式固本培元路线,更长久](https://mp.weixin.qq.com/s?__biz=Mzg4NzAwNzA4NA==&mid=2247485066&idx=1&sn=196b14c1c5ef808aaf7507e6f83adff1) + - [ ] [【资料】全源情报分析指南](https://mp.weixin.qq.com/s?__biz=MzI2MTE0NTE3Mw==&mid=2651148529&idx=1&sn=eb04e2ef8c40d94aef096c369c1ea58b) + - [ ] [实战渗透菠菜网站 II](https://mp.weixin.qq.com/s?__biz=MzkyMDY1MDI3OA==&mid=2247483752&idx=1&sn=e57d2c778125c9aac7b8031e1a35ccd2) + - [ ] [击穿星巴克获取 1 亿用户详细信息](https://mp.weixin.qq.com/s?__biz=MzIzMTIzNTM0MA==&mid=2247496850&idx=1&sn=11bd36bd686dd8f1a78ec89282a6c8ba) + - [ ] [12【邮件安全】如何防护垃圾邮件威胁](https://mp.weixin.qq.com/s?__biz=MzI1OTUyMTI2MQ==&mid=2247484802&idx=1&sn=88e31e317fa0f451073d3b9fc394f749) + - [ ] [校招社招实习推荐](https://mp.weixin.qq.com/s?__biz=MzkwMTU2NzMwOQ==&mid=2247484512&idx=1&sn=420838d4cac10933a522705e4c8c975e) + - [ ] [sql注入之无列名注数据详解](https://mp.weixin.qq.com/s?__biz=MzkzODUzMjA1MQ==&mid=2247484812&idx=1&sn=9c59b82c3fc8797de6dba73d331c9f12) + - [ ] [2025年首个满分漏洞,PoC已公布,可部署后门](https://mp.weixin.qq.com/s?__biz=MzkzNjIzMjM5Ng==&mid=2247490196&idx=1&sn=c5f5b38d186df545679f4ea625394a55) + - [ ] [党建引领促业务 保密护航筑安全 —评测中心党总支举办党务综合素质提升培训班](https://mp.weixin.qq.com/s?__biz=MjM5NzYwNDU0Mg==&mid=2649249440&idx=1&sn=e88cccb31645fdd18ef61f98a10a837e) + - [ ] [【我们这一年】走好践行“两个维护”第一方阵 以高质量党建促进高质量发展](https://mp.weixin.qq.com/s?__biz=MjM5NzYwNDU0Mg==&mid=2649249440&idx=2&sn=d2ffee8f4ca7b688d38a0e0723f9d7aa) + - [ ] [【资讯】《中国法学会章程》全文](https://mp.weixin.qq.com/s?__biz=MzU1NDY3NDgwMQ==&mid=2247549233&idx=1&sn=ba192064261b27a5356a3a08ad291abd) + - [ ] [【资讯】国家发改委等四部门发布《关于促进数据标注产业高质量发展的实施意见》](https://mp.weixin.qq.com/s?__biz=MzU1NDY3NDgwMQ==&mid=2247549233&idx=2&sn=243ef9506e5c59bd5d5c60e73abcd6ae) + - [ ] [【资讯】工信部办公厅发布《关于加强互联网数据中心客户数据安全保护的通知》](https://mp.weixin.qq.com/s?__biz=MzU1NDY3NDgwMQ==&mid=2247549233&idx=3&sn=32b35d16439643bdb98c360fad03b3b1) + - [ ] [HPW大会精彩回顾:无界对话,技术交汇(内含ppt!)](https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651311991&idx=1&sn=2b106d06d500e59c02c0fbeca6846e90) + - [ ] [不干净的视频评论区,攻击者利用Youtube传播窃密软件](https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651311991&idx=2&sn=0132681595daef3f0ff9ff610d912fab) + - [ ] [议题征集 | 关于征集第六期移动互联网APP产品安全漏洞技术沙龙议题的通知](https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651311991&idx=3&sn=db90b0dc624faaae95f965931adc5423) + - [ ] [RequestShield:一款HTTP请求威胁识别与检测工具](https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651311991&idx=4&sn=c569c3a23ae2e04238ecca429244011e) + - [ ] [frida搭建+使用](https://mp.weixin.qq.com/s?__biz=MzkxMjYyMjA3Mg==&mid=2247485367&idx=1&sn=dc03aa1898daa66f43405c5cf951f4df) + - [ ] [【CTF】GeekChallenge极客大挑战](https://mp.weixin.qq.com/s?__biz=Mzg5NTU2NjA1Mw==&mid=2247496426&idx=1&sn=4f06e472671f195bcf272dc5dc4be240) + - [ ] [难绷,一种重命名+符号链接禁用EDR(Crowdstrike)的方法](https://mp.weixin.qq.com/s?__biz=MzU0NDc0NTY3OQ==&mid=2247488378&idx=1&sn=df5f38e5592b90173adcdba1700c594f) + - [ ] [安在盘点 | 2024网络安全报告大合集,1000余份打包下载](https://mp.weixin.qq.com/s?__biz=MzU5ODgzNTExOQ==&mid=2247634547&idx=1&sn=bb5d7af37a68ccc2a10af856d26a25a8) + - [ ] [【黑产大数据】2024年数据泄露风险态势报告](https://mp.weixin.qq.com/s?__biz=MzU5ODgzNTExOQ==&mid=2247634547&idx=2&sn=f81e4408bb90e355b175acb4d120bb39) + - [ ] [开源文件夹同步备份神器-FreeFileSync](https://mp.weixin.qq.com/s?__biz=MzkxMzIwNTY1OA==&mid=2247510760&idx=1&sn=5132d5439191a7f9958d224f34df1565) + - [ ] [2025年TPRM趋势:日益增长的第三方依赖及相关风险](https://mp.weixin.qq.com/s?__biz=MzkxMzQwNDcxNg==&mid=2247486840&idx=1&sn=9cb6cc729144dd71928f5fd8e051fb50) + - [ ] [地表工资最高的公司! 英伟达一半员工净资产破亿,近八成员工百万富翁](https://mp.weixin.qq.com/s?__biz=Mzg2NDYwMDA1NA==&mid=2247543500&idx=1&sn=de1eccf3a6b40841971eed33f4879c09) + - [ ] [2025年各省网络安全人员工资,单日最高14K, 上海最好36K/月,](https://mp.weixin.qq.com/s?__biz=Mzg2NDYwMDA1NA==&mid=2247543500&idx=2&sn=50bc7629d425f93b8db78bad22bddeae) + - [ ] [信息安全漏洞周报(2025年第2期)](https://mp.weixin.qq.com/s?__biz=MzAxODY1OTM5OQ==&mid=2651462564&idx=1&sn=2257357922013ed3d0647f6ff408ccd4) + - [ ] [发布 | 四部门联合印发《关于促进数据标注产业高质量发展的实施意见》(附全文)](https://mp.weixin.qq.com/s?__biz=MzkyNDUyNzU1MQ==&mid=2247486658&idx=1&sn=95a8ac019ad27da2b70d48a51d110459) + - [ ] [智能引领,携誉启航丨盘点国投智能2024下半年高光时刻](https://mp.weixin.qq.com/s?__biz=MjM5NTU4NjgzMg==&mid=2651434634&idx=1&sn=3899dfbd80b88a8f44263c19077320e0) + - [ ] [Hacker有“泰”度!360白帽泰国行圆满落幕~](https://mp.weixin.qq.com/s?__biz=Mzg5MTc5Mzk2OA==&mid=2247502656&idx=1&sn=d52bbd8b88f3468b66737a500d9fe220) + - [ ] [工信部认可!360荣获车联网产品安全漏洞专业库“优秀技术支撑单位”](https://mp.weixin.qq.com/s?__biz=MzA4MTg0MDQ4Nw==&mid=2247579028&idx=1&sn=3d580b0d7ca47a7f72c3197a1199540b) + - [ ] [带你解锁编码新世界!--随波逐流CTF编码工具使用教程34 --Quoted-printable密码](https://mp.weixin.qq.com/s?__biz=MzU2NzIzNzU4Mg==&mid=2247489481&idx=1&sn=8faf84924478a515c65fe12c67b0eb2e) + - [ ] [喜讯!云起无垠获评“国家高新技术企业”认证](https://mp.weixin.qq.com/s?__biz=Mzg3Mjg4NTcyNg==&mid=2247490152&idx=1&sn=6dc7067ab4e8edbb64c06f77c83b9229) + - [ ] [釜山数字资产交易所与CertiK达成战略合作,推动数字资产交易安全升级](https://mp.weixin.qq.com/s?__biz=MzU5OTg4MTIxMw==&mid=2247503883&idx=1&sn=fbc059f2f83a338969145c70a83685c3) + - [ ] [苹果修复 macOS 高危漏洞,被黑客利用可安装恶意内核驱动](https://mp.weixin.qq.com/s?__biz=MzU2MTQwMzMxNA==&mid=2247541399&idx=1&sn=c0dd23b96e9a973bc068a2183d8c1ce0) + - [ ] [【安全圈】2025年首个满分漏洞,PoC已公布,可部署后门](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067342&idx=1&sn=533ba142831a3c994e00cb6ec7d6d36c) + - [ ] [【安全圈】AI抢不走的工作,微软力挺红队测试仍需人类“掌舵”](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067342&idx=2&sn=7630e1838566bfaad814bfbeff239c32) + - [ ] [【安全圈】不干净的视频评论区,攻击者利用Youtube传播窃密软件](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067342&idx=3&sn=488b956f65f869c09be3e3d7874e6d90) + - [ ] [【安全圈】为网络安全研究人员定制的虚假漏洞利用攻击利用恶意软件](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067342&idx=4&sn=380dc9803cf52db7c5d1771d404c4279) + - [ ] [阳光下的阴影:巴塞罗那如何成为全球间谍软件的“新硅谷”?](https://mp.weixin.qq.com/s?__biz=MzkyMjQ5ODk5OA==&mid=2247506780&idx=1&sn=8bba20149bb98ccaeb3d6baf110d8760) + - [ ] [快讯 | 上海安全防范报警协会召开第八届会员代表大会第一次会议,慧盾安全当选常务理事单位](https://mp.weixin.qq.com/s?__biz=MzI2NDcwOTgzOA==&mid=2247493444&idx=1&sn=3dc9af50d6d2be8e1fceab27742a062c) + - [ ] [2025 SUCTF wp](https://mp.weixin.qq.com/s?__biz=Mzk0NzI0NTI2OA==&mid=2247486149&idx=1&sn=567432088d55b1f76b4e6efa614df7a0) + - [ ] [微软OpenAI云遭滥用:攻击者绕过安全护栏 对外售卖违规内容生成服务](https://mp.weixin.qq.com/s?__biz=MzI4NDY2MDMwMw==&mid=2247513487&idx=1&sn=2bb2b3796dd10a13b4a3bf0ae256a199) +- 安全客-有思想的安全新媒体 + - [ ] [共赴商用密码盛事,开启创新发展新篇--2025第三届商用密码展将于6月11日-13日在上海举办!](https://www.anquanke.com/post/id/303497) + - [ ] [喜报!360入围中央国家机关及多地省政府采购名单!](https://www.anquanke.com/post/id/303491) + - [ ] [CVE-2024-56511: DataEase 中的严重身份验证绕过漏洞](https://www.anquanke.com/post/id/303488) + - [ ] [攻击者在不使用勒索软件的情况下加密 AWS S3 数据](https://www.anquanke.com/post/id/303485) + - [ ] [OneBlood 证实个人数据在 7 月份的勒索软件攻击中被盗](https://www.anquanke.com/post/id/303482) + - [ ] [CISA 警告 BeyondTrust 和 Qlik Sense 中的关键漏洞正被积极利用](https://www.anquanke.com/post/id/303479) + - [ ] [新型 Web3 攻击利用交易模拟窃取加密货币](https://www.anquanke.com/post/id/303476) + - [ ] [CVE-2025-22152(CVSS 9.4): 在 Atheos 基于 Web 的集成开发环境中发现严重漏洞](https://www.anquanke.com/post/id/303473) + - [ ] [Aviatrix 控制器 RCE CVE-2024-50603 在野外被利用:部署了加密劫持和后门程序](https://www.anquanke.com/post/id/303470) + - [ ] [新 macOS 漏洞暴露: 针对 CVE-2024-54498 的 PoC 攻破了沙盒安全性](https://www.anquanke.com/post/id/303466) + - [ ] [WordPress Skimmers通过将自己注入数据库表来逃避检测](https://www.anquanke.com/post/id/303463) +- ArthurChiao's Blog + - [ ] [[译] AI Workflow & AI Agent:架构、模式与工程建议(Anthropic,2024)](https://arthurchiao.github.io/blog/build-effective-ai-agent-zh/) - 一个被知识诅咒的人 - - [ ] [【Python】深入解析Python的上下文管理器与资源管理:实现自定义的`with`语句](https://blog.csdn.net/nokiaguy/article/details/145113849) - - [ ] [Python中的动态属性:用__getattr__和__setattr__实现灵活的数据访问](https://blog.csdn.net/nokiaguy/article/details/145113830) -- Bug Bounty in InfoSec Write-ups on Medium - - [ ] [How I got my first bounty of $$$](https://infosecwriteups.com/how-i-got-my-first-bounty-of-e163f970d1e0?source=rss----7b722bfd1b8d--bug_bounty) - - [ ] [The Subdomain They Forgot — How I Chained Bugs for a $1,000 Bounty](https://infosecwriteups.com/the-subdomain-they-forgot-how-i-chained-bugs-for-a-1-000-bounty-094d89758489?source=rss----7b722bfd1b8d--bug_bounty) - - [ ] [How I got my name on WHO’s Hall of Fame](https://infosecwriteups.com/how-i-got-my-name-on-whos-hall-of-fame-060d57662b16?source=rss----7b722bfd1b8d--bug_bounty) -- Twitter @bytehx - - [ ] [Re @0xRAYAN7 @Hacker0x01 Congrats 🎉](https://x.com/bytehx343/status/1878754781633896462) -- Reverse Engineering - - [ ] [/r/ReverseEngineering's Weekly Questions Thread](https://www.reddit.com/r/ReverseEngineering/comments/1i0967i/rreverseengineerings_weekly_questions_thread/) - - [ ] [How Hard Is It to Port Frida to an Unsupported Platform? (Let’s Find Out)](https://www.reddit.com/r/ReverseEngineering/comments/1i0hser/how_hard_is_it_to_port_frida_to_an_unsupported/) - - [ ] [The Permission Slip Attack, Leveraging a Confused Deputy in Android with 'pSlip'](https://www.reddit.com/r/ReverseEngineering/comments/1i0ih4y/the_permission_slip_attack_leveraging_a_confused/) -- Malwarebytes - - [ ] [The new rules for AI and encrypted messaging, with Mallory Knodel (Lock and Code S06E01)](https://www.malwarebytes.com/blog/uncategorized/2025/01/the-new-rules-for-ai-and-encrypted-messaging-with-mallory-knodel-lock-and-code-s06e01) - - [ ] [iMessage text gets recipient to disable phishing protection so they can be phished](https://www.malwarebytes.com/blog/news/2025/01/imessage-text-gets-recipient-to-disable-phishing-protection-so-they-can-be-phished) - - [ ] [A week in security (January 6 – January 12)](https://www.malwarebytes.com/blog/news/2025/01/a-week-in-security-january-6-january-12) -- Webroot Blog - - [ ] [Why MSPs must offer 24/7 cybersecurity protection and response — and how OpenText MDR can help](https://www.webroot.com/blog/2025/01/13/why-msps-must-offer-24-7-cybersecurity-protection-and-response/) -- Intigriti - - [ ] [7 Overlooked recon techniques to find more vulnerabilities](https://www.intigriti.com/researchers/blog/hacking-tools/7-overlooked-recon-techniques-to-find-more-vulnerabilities) + - [ ] [Python内存优化全攻略:深入理解对象池与__slots__的应用](https://blog.csdn.net/nokiaguy/article/details/145135646) + - [ ] [【人工智能】从Keras到TensorFlow 2.0:深入掌握Python深度学习技术](https://blog.csdn.net/nokiaguy/article/details/145135601) - Horizon3.ai - - [ ] [The Death of BAS and the Rise of Autonomous Pentesting](https://www.horizon3.ai/intelligence/blogs/the-death-of-bas-and-the-rise-of-autonomous-pentesting/) - - [ ] [Critical Vulnerabilities in SimpleHelp Remote Support Software](https://www.horizon3.ai/attack-research/disclosures/critical-vulnerabilities-in-simplehelp-remote-support-software/) + - [ ] [Prove the impact of cybersecurity investments—holistically and continuously](https://www.horizon3.ai/intelligence/webinars/prove-the-impact-of-cybersecurity-investments-holistically-and-continuously/) +- Blogs dade + - [ ] [Weekly Retro 2025-W02](https://0xda.de/blog/2025/01/weekly-retro-2025-w02/) +- SpiderLabs Blog + - [ ] [CVE-2024-55591: Fortinet FortiOS/FortiProxy Zero Day](https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/cve-2024-55591-fortinet-fortios-fortiproxy-zero-day/) + - [ ] [The Database Slayer: Deep Dive and Simulation of the Xbash Malware](https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/the-database-slayer-deep-dive-and-simulation-of-the-xbash-malware/) +- Malwarebytes + - [ ] [Insurance company accused of using secret software to illegally collect and sell location data on millions of Americans](https://www.malwarebytes.com/blog/news/2025/01/insurance-company-accused-of-using-secret-software-to-illegally-collect-and-sell-location-data-on-millions-of-americans) +- Reverse Engineering + - [ ] [USB Ethernet Adapter Malware??? OALABS Line-by-Line Code Analysis](https://www.reddit.com/r/ReverseEngineering/comments/1i1eylt/usb_ethernet_adapter_malware_oalabs_linebyline/) +- daniel.haxx.se + - [ ] [Secure Transport support in curl is on its way out](https://daniel.haxx.se/blog/2025/01/14/secure-transport-support-in-curl-is-on-its-way-out/) - FreeBuf网络安全行业门户 - - [ ] [FreeBuf早报 | 央视曝光“克隆网站”;IBM漏洞允许攻击者嵌入任意JS代码](https://www.freebuf.com/news/419728.html) - - [ ] [警惕!1亿macOS用户面临Banshee新变种威胁](https://www.freebuf.com/news/419718.html) - - [ ] [Azure AI被黑客越狱,提供“黑客即服务”](https://www.freebuf.com/news/419701.html) - - [ ] [研究人员成功入侵苹果新型USB-C控制器](https://www.freebuf.com/news/419681.html) - - [ ] [SaaS安全大考:黑客“全明星”盘点与2025年备战指南](https://www.freebuf.com/articles/419699.html) -- 绿盟科技技术博客 - - [ ] [绿盟科技威胁情报周报(2025.01.06-2025.01.12)](https://blog.nsfocus.net/2025-01-06-2025-01-12/) + - [ ] [FreeBuf早报 | 由AI大模型生成的勒索软件被曝光;恶意软件利用0Day远程控制Linux](https://www.freebuf.com/news/419812.html) + - [ ] [2025年十大最佳漏洞管理工具分享](https://www.freebuf.com/news/419799.html) + - [ ] [2025年首个满分漏洞,PoC已公布,可部署后门](https://www.freebuf.com/news/419788.html) + - [ ] [不干净的视频评论区,攻击者利用Youtube传播窃密软件](https://www.freebuf.com/news/419785.html) + - [ ] [AI抢不走的工作,微软力挺红队测试仍需人类“掌舵”](https://www.freebuf.com/news/419782.html) - HackerNews - - [ ] [泽连斯基访问意大利后亲俄黑客发动新一波 DDoS 攻击](https://hackernews.cc/archives/56858) - - [ ] [印度加密货币交易所 Mudrex 解释提款暂停原因](https://hackernews.cc/archives/56852) - - [ ] [新型 Web3 攻击利用交易模拟窃取加密货币](https://hackernews.cc/archives/56845) - - [ ] [网络钓鱼短信诱骗苹果 iMessage 用户关闭保护机制](https://hackernews.cc/archives/56837) - - [ ] [AI 驱动勒索软件 FunkSec 采用双重勒索战术攻击 85 名受害者](https://hackernews.cc/archives/56832) + - [ ] [献血机构 OneBlood 确认去年 7 月勒索软件攻击中个人数据被盗](https://hackernews.cc/archives/56889) + - [ ] [疑似俄黑客组织针对哈萨克斯坦目标](https://hackernews.cc/archives/56882) + - [ ] [信息窃取软件伪装成针对最新 LDAP 漏洞的概念验证代码](https://hackernews.cc/archives/56879) + - [ ] [勒索软件滥用亚马逊 AWS 功能加密 S3 存储桶](https://hackernews.cc/archives/56877) + - [ ] [《流放之路2》管理员账号被盗,玩家账号遭黑客攻击](https://hackernews.cc/archives/56874) +- bishopfox.com + - [ ] [raink: Use LLMs for Document Ranking](https://bishopfox.com/blog/raink-llms-document-ranking) - 安全牛 - - [ ] [2025年人工智能带来的五大网络安全预测及其应对策略](https://www.aqniu.com/homenews/107946.html) - - [ ] [苹果最新ACE3 USB-C控制器被破解,引发设备安全担忧;IBM watsonx.ai平台安全漏洞或导致XSS攻击风险 |牛览](https://www.aqniu.com/homenews/107947.html) + - [ ] [CACTER直播预告:大模型网关新品抢先知,惊喜积分礼盒等您兑!](https://www.aqniu.com/vendor/107954.html) +- text/plain + - [ ] [Welcome to 2025!](https://textslashplain.com/2025/01/14/welcome-to-2025/) - 奇客Solidot–传递最新科技情报 - - [ ] [Mastodon 将控制权转交给一家非盈利组织](https://www.solidot.org/story?sid=80320) - - [ ] [微软在六地测试 Microsoft 365 涨价](https://www.solidot.org/story?sid=80319) - - [ ] [《疯狂出租车》速通玩家用现场演奏避免版权问题](https://www.solidot.org/story?sid=80318) - - [ ] [售价 12 美元衣服的背后](https://www.solidot.org/story?sid=80317) - - [ ] [2024 年德国可更新能源占到发电量的 62.7%](https://www.solidot.org/story?sid=80316) - - [ ] [NASA JPL 和威尔逊山天文台未被山火波及](https://www.solidot.org/story?sid=80315) - - [ ] [小鼠研究解释为何新记忆不会覆盖旧记忆](https://www.solidot.org/story?sid=80314) - - [ ] [TikTok 在世界各地都面临法律诉讼](https://www.solidot.org/story?sid=80313) - - [ ] [Matt Mullenweg 关闭了多位据称试图创建分支的 WordPress.org 贡献者账号](https://www.solidot.org/story?sid=80312) - - [ ] [关系衰退成为一种全球性现象](https://www.solidot.org/story?sid=80311) -- 黑海洋 - IT技术知识库 - - [ ] [Nezha V1:哪吒监控自定义代码美化](https://blog.upx8.com/4652) -- 腾讯玄武实验室 - - [ ] [每日安全动态推送(25/1/13)](https://mp.weixin.qq.com/s?__biz=MzA5NDYyNDI0MA==&mid=2651959984&idx=1&sn=daac9046ff73a9a0334acecde2fdd4cf&chksm=8baed22fbcd95b39cca160d7f1d5ce7eec7ae7a66b8907a88b9f41db4f4b2423dccc01f85b54&scene=58&subscene=0#rd) + - [ ] [USB 简化标签只留下速度](https://www.solidot.org/story?sid=80329) + - [ ] [微软工程师向 Linux 6.13 贡献的代码在发布前夕被禁用](https://www.solidot.org/story?sid=80328) + - [ ] [德国的 LGPL 诉讼获得成功](https://www.solidot.org/story?sid=80327) + - [ ] [美国进一步限制 AI 芯片出口](https://www.solidot.org/story?sid=80326) + - [ ] [PC 出货量三年来首次增长](https://www.solidot.org/story?sid=80325) + - [ ] [中国考虑将 TikTok 美国出售给马斯克](https://www.solidot.org/story?sid=80324) + - [ ] [在 TikTok 在美国面临被禁之际小红书登顶苹果 App Store](https://www.solidot.org/story?sid=80323) + - [ ] [为什么日本儿童独自乘地铁?](https://www.solidot.org/story?sid=80322) + - [ ] [为什么孩子需要更多冒险游戏](https://www.solidot.org/story?sid=80321) - 安全分析与研究 - - [ ] [伪装成Chrome安装程序传播银狐最新变种](https://mp.weixin.qq.com/s?__biz=MzA4ODEyODA3MQ==&mid=2247489956&idx=1&sn=91861b57be376b8d6fa0d075edf1d6b6&chksm=902fb68ca7583f9a4714da177a1e775f3170d9875f63c7e39f99f27ff826fa2f22f3cec354c2&scene=58&subscene=0#rd) -- 奇安信 CERT - - [ ] [【技术细节公开】Ivanti 多款产品缓冲区溢出漏洞(CVE-2025-0282)安全风险通告](https://mp.weixin.qq.com/s?__biz=MzU5NDgxODU1MQ==&mid=2247502754&idx=1&sn=48a21e24bdfc8908bb32481d68e1cb9b&chksm=fe79ef3ac90e662c847aaac7838231f459a77d12388ca13ee7bb9ae8b12b5e2b051c5fd1d54e&scene=58&subscene=0#rd) - - [ ] [安全热点周报:黑客利用自定义恶意软件对受感染的 Ivanti 设备发起零日攻击](https://mp.weixin.qq.com/s?__biz=MzU5NDgxODU1MQ==&mid=2247502754&idx=2&sn=71834c7ec593bc49ee831cf81afb0628&chksm=fe79ef3ac90e662c0938869f54ea887addd6c578f54932f05bf3901d6b96b1048e3ae3fee67c&scene=58&subscene=0#rd) + - [ ] [盘点全球主流Linux平台的勒索病毒](https://mp.weixin.qq.com/s?__biz=MzA4ODEyODA3MQ==&mid=2247489981&idx=1&sn=f92b58bb6a06cfb2d3596dee93f226ab&chksm=902fb695a7583f834b08a2fe2ada4911c36f0915057d542505372673f82224ea3483bf5bdbc0&scene=58&subscene=0#rd) +- 锦行科技 + - [ ] [锦行科技2024年度图鉴](https://mp.weixin.qq.com/s?__biz=MzIxNTQxMjQyNg==&mid=2247493635&idx=1&sn=34b04bc10d27ff153f275b801950730d&chksm=979a13a6a0ed9ab01f146a40cbb7465749a73ece1bf055c001de7d0d4960c16736ab46568ba7&scene=58&subscene=0#rd) - 雷神众测 - - [ ] [雷神众测漏洞周报2025.1.6-2025.1.12](https://mp.weixin.qq.com/s?__biz=MzI0NzEwOTM0MA==&mid=2652503275&idx=1&sn=2b10bfb0eb83fdb8f10466f9476b7a57&chksm=f2585f58c52fd64e76b8d6e69b0939688a5ad89e9a654a4eb9345d294e495326b8a5b197a01b&scene=58&subscene=0#rd) -- Black Hills Information Security - - [ ] [Introduction to Zeek Log Analysis](https://www.blackhillsinfosec.com/introduction-to-zeek-log-analysis-wrap/) -- 看雪学苑 - - [ ] [Dex文件结构-ReadDex解析器实现](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458588591&idx=1&sn=f3af400aa11be8f19a775a31e96d7740&chksm=b18c252586fbac3333019757efad00be145ea661a9a9fcd7c622c441e62f07dc2c3f4bc04f0f&scene=58&subscene=0#rd) - - [ ] [10万美金!研究员如何黑进 Facebook 服务器](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458588591&idx=2&sn=0adaab3ebee5e866ad30ef7799307d47&chksm=b18c252586fbac33941785182240f8c6b7e6cb0ae71488a6845d7fc5236e82b4cd7f416efc73&scene=58&subscene=0#rd) - - [ ] [成为看雪讲师,开启技术分享的高光时刻](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458588591&idx=3&sn=b11fa1206f5347a3696b9363851d9aa9&chksm=b18c252586fbac337f968ef57b1c1b5fef6e47c287b8a331ba6e79c740794c1b13359655edf3&scene=58&subscene=0#rd) + - [ ] [你的新年礼物待发货!点击本文领取!](https://mp.weixin.qq.com/s?__biz=MzI0NzEwOTM0MA==&mid=2652503286&idx=1&sn=7b0acbf3851e7acca62b3941564d4853&chksm=f2585f45c52fd6536f61f228cb9a2d987ca1e38474d7d841512d33a45ac5902533bc6fa8f87b&scene=58&subscene=0#rd) - 威努特安全网络 - - [ ] [5G+AI+信创,深度揭秘智慧矿山工业控制网络构建之道](https://mp.weixin.qq.com/s?__biz=MzAwNTgyODU3NQ==&mid=2651130319&idx=1&sn=345bdcb858d6db350bb617bf16fd1016&chksm=80e7137fb7909a699eb5c07fdd6d2f9bef27138bffc3f57a27cc512027d7bd4045cee717da3e&scene=58&subscene=0#rd) -- 软件安全与逆向分析 - - [ ] [eBPF开发指南从原理到应用如何学习](https://mp.weixin.qq.com/s?__biz=MzU3MTY5MzQxMA==&mid=2247484752&idx=1&sn=488c75243ec385aeda8c794e69785718&chksm=fcdd055dcbaa8c4bc476588f2467b3531d64c869ec3b4eea33f0b82d3153f79da8ef2fa34521&scene=58&subscene=0#rd) + - [ ] [勒索软件:阴影下的贪婪游戏](https://mp.weixin.qq.com/s?__biz=MzAwNTgyODU3NQ==&mid=2651130376&idx=1&sn=dc358c10ad843138011b94d055322174&chksm=80e710b8b79099aead5194a305ce684f2a1b2784527ceee947e3c8862b400fb3624c60a50842&scene=58&subscene=0#rd) - 安全内参 - - [ ] [泄露近600万客户敏感数据,这家金融机构被罚超1.4亿元](https://mp.weixin.qq.com/s?__biz=MzI4NDY2MDMwMw==&mid=2247513476&idx=1&sn=605167ebb5844cbdb4b12e1f489b5730&chksm=ebfaf2a4dc8d7bb25f7b717c165921f0c5af838718a2072ecef6f2e98d7daa0faadd51b8688e&scene=58&subscene=0#rd) - - [ ] [算法治病还是杀人?留神医疗大模型被“投毒”](https://mp.weixin.qq.com/s?__biz=MzI4NDY2MDMwMw==&mid=2247513476&idx=2&sn=3b473e5b6b3eadea5cc1f0973885d17d&chksm=ebfaf2a4dc8d7bb2d21d3da21117942d17be63755bbb6828059cf21f8e9124f7375675fd76a9&scene=58&subscene=0#rd) -- 绿盟科技研究通讯 - - [ ] [从云原生攻防靶场看新型计算环境下的网络安全实战人才培养](https://mp.weixin.qq.com/s?__biz=MzIyODYzNTU2OA==&mid=2247498256&idx=1&sn=b2635dc70b17f67d197e6cceb52ebd1e&chksm=e84c5ccfdf3bd5d9566dc0f75159a4507fa4c58e8cc505f8a16eafc62825cd80b6a7b1a853bd&scene=58&subscene=0#rd) + - [ ] [微软OpenAI云遭滥用:攻击者绕过安全护栏 对外售卖违规内容生成服务](https://mp.weixin.qq.com/s?__biz=MzI4NDY2MDMwMw==&mid=2247513487&idx=1&sn=2bb2b3796dd10a13b4a3bf0ae256a199&chksm=ebfaf2afdc8d7bb93ac0a572afdf222ceb9510b5625e64a2d911f9180ad752d2c00975e60c91&scene=58&subscene=0#rd) + - [ ] [专挑执法机构下手!欧盟执法培训机构发生大规模数据泄露](https://mp.weixin.qq.com/s?__biz=MzI4NDY2MDMwMw==&mid=2247513487&idx=2&sn=11bbee0dcc26adcb43a666c1f79059f1&chksm=ebfaf2afdc8d7bb92112f4e0cb2762cf4b05b61ee188586a4259f4eb537405551ce087c57f5c&scene=58&subscene=0#rd) - 代码卫士 - - [ ] [GFI KerioControl 防火墙存在严重的RCE漏洞](https://mp.weixin.qq.com/s?__biz=MzI2NTg4OTc5Nw==&mid=2247522044&idx=1&sn=71bbcad32c9a0753d8385256ee5dad03&chksm=ea94a796dde32e80febb13e46990720e4748e375842d7d932e99d76c82cb55e561bf2219c17c&scene=58&subscene=0#rd) - - [ ] [CrowdStrike虚假工作邀约通过密币挖矿机感染开发人员](https://mp.weixin.qq.com/s?__biz=MzI2NTg4OTc5Nw==&mid=2247522044&idx=2&sn=f72144000ab0d2c1280f017af0018e6e&chksm=ea94a796dde32e802b549f6142713bd6d30abcff4fb2dad9a2d96d274145d96f5962e976b84c&scene=58&subscene=0#rd) + - [ ] [微软:macOS 漏洞可导致黑客安装恶意内核驱动](https://mp.weixin.qq.com/s?__biz=MzI2NTg4OTc5Nw==&mid=2247522060&idx=1&sn=562313e7f413152c3399933007b147f5&chksm=ea94a666dde32f706b2b66b455dfbe3a9b106e8c0a4a379c3b30ac5c0aa916c5ad8b092cddd1&scene=58&subscene=0#rd) + - [ ] [严重的 Aviatrix Controller RCE 漏洞已遭利用](https://mp.weixin.qq.com/s?__biz=MzI2NTg4OTc5Nw==&mid=2247522060&idx=2&sn=77945a6bc936ca2cbd6fe400e106a420&chksm=ea94a666dde32f702c05d9f642f0ea1c7cbc525dd3805a10ce8441a93f2412a10b40fc913587&scene=58&subscene=0#rd) +- 看雪学苑 + - [ ] [【预售中】无人机安全攻防入门:带你玩转无线电,守护空中隐私与安全!](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458588667&idx=1&sn=83b7402a114088f5888be0eb780f5982&chksm=b18c257186fbac6719f8e5f08cdd6af0db28cf5ba17afa96f5d93f9a9abaa7a4f73d32f29401&scene=58&subscene=0#rd) + - [ ] [你想有多PWN](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458588667&idx=2&sn=8bb1c3bb40eb4a3672a3ee009cc78bd2&chksm=b18c257186fbac67ff5da7b4983f664bc67d3d8715fe5ecd3f5f2c4169c5f64ce55101e4d4f6&scene=58&subscene=0#rd) + - [ ] [2025年首个满分漏洞:云攻击者利用Aviatrix Controller漏洞植入恶意软件](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458588667&idx=3&sn=af4f2eb4bededa0cea574e3cd7963382&chksm=b18c257186fbac670637d659a7511de8c3ead88069367df522ef629a278eaa02c9daf567134d&scene=58&subscene=0#rd) +- 天御攻防实验室 + - [ ] [拜登政府计划制裁北京的一家网络安全公司](https://mp.weixin.qq.com/s?__biz=MzU0MzgyMzM2Nw==&mid=2247486237&idx=1&sn=e3374c3ba2614ee4c1ea93a26351e39e&chksm=fb04c875cc734163987a1143d90ec6e2b854fb872910112ef1afa8486456c9fc9a72a905eb58&scene=58&subscene=0#rd) +- DataCon大数据安全分析竞赛 + - [ ] [DataCon2024解题报告WriteUp—AI安全赛道](https://mp.weixin.qq.com/s?__biz=MzU5Njg1NzMyNw==&mid=2247489053&idx=1&sn=76dcae986b475bf3a1eff49f3d258c00&chksm=fe5d0e9dc92a878b1bb28f26bff904ad0a35d15b7837be5ff82c89203fbb233a7416e209e1cf&scene=58&subscene=0#rd) +- 信息安全国家工程研究中心 + - [ ] [慎终如始,则无败事——多家企业不履行网络安全保护义务被依法处罚](https://mp.weixin.qq.com/s?__biz=MzU5OTQ0NzY3Ng==&mid=2247498725&idx=1&sn=7aef964c19dd8b24207a9253f77aac21&chksm=feb67af6c9c1f3e06a3344510015851b772e440f981f02908a48c1a5a894e7140426d80a1c25&scene=58&subscene=0#rd) - dotNet安全矩阵 - - [ ] [.NET 实战中批量获取数据库凭据的工具](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498183&idx=1&sn=93271af446b9fab68ddccddd1c8d42fa&chksm=fa59572acd2ede3c188f8fba769e989eafc4d9a5d892cc3dca36098c37de2975099065f1c4f8&scene=58&subscene=0#rd) - - [ ] [国内最专业、最全面的 [ .NET 代码审计 ] 体系化学习交流社区](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498183&idx=2&sn=f8f8e1c70409762960a7fae57b956271&chksm=fa59572acd2ede3cedb794d2838a04af22159a4117a372cf7add6b7d007dfc63f631a9b5f619&scene=58&subscene=0#rd) - - [ ] [.NET 第54期红队武器库和资源汇总](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498183&idx=3&sn=fa292ad02108f28ed17b5fde3b8a7c88&chksm=fa59572acd2ede3cf7b38bbd15169bf26c14b1e0eb68076c59512d1c8c6a33d5f08631afd4f3&scene=58&subscene=0#rd) -- 安全研究GoSSIP - - [ ] [G.O.S.S.I.P 阅读推荐(?) 2025-01-13 Nothing Bad](https://mp.weixin.qq.com/s?__biz=Mzg5ODUxMzg0Ng==&mid=2247499611&idx=1&sn=f4c84ebd4655e6b7c270acc34692023d&chksm=c063d182f71458946d68d728ea7c53c8c927518a5bf7034bbac7c87669e69efa83fec019fcae&scene=58&subscene=0#rd) + - [ ] [.NET | 通过 LDAP 技术在域渗透中获取内网所有系统账户数据](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498206&idx=1&sn=5f290cbc0e9c1a8c76d0e0cb8625cf4c&chksm=fa595733cd2ede25f81edaa97c23c5128bf81f91b9853c6992c7ea10cc5b4cccc56a8c991b67&scene=58&subscene=0#rd) + - [ ] [.NET 内网攻防实战电子报刊](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498206&idx=2&sn=ccd7a610c1551ab79faf6c373e36ba0b&chksm=fa595733cd2ede251ab2675874322edb35041922db6c2ab59f6d3be9f9e22dda1afcac4ac38e&scene=58&subscene=0#rd) + - [ ] [无独有偶,通过.NET反序列化漏洞实现 Visual Studio 钓鱼攻击](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498206&idx=3&sn=a00994d537a5909711eda0e855cf39e6&chksm=fa595733cd2ede25105b711c11316a44649792eaf6c84fe1b800624b877fa63c510961c10820&scene=58&subscene=0#rd) +- 微步在线 + - [ ] [情报,又是代表厂商!](https://mp.weixin.qq.com/s?__biz=MzI5NjA0NjI5MQ==&mid=2650182977&idx=1&sn=5034ac95fb46e3ecf415164cc327d667&chksm=f4486efdc33fe7eb4d386ce4263003b8247200d02c6572da6b435588fa6e97b7e97031486f70&scene=58&subscene=0#rd) - 丁爸 情报分析师的工具箱 - - [ ] [【资料】大语言模型对开源情报的影响](https://mp.weixin.qq.com/s?__biz=MzI2MTE0NTE3Mw==&mid=2651148521&idx=1&sn=4c4aa636b9f05e358e1ed6469a640d2a&chksm=f1af27d3c6d8aec5afa85e4307e772bd2f2cca8056aa8bafa63d4dd65dd2fb8977a9dbed3550&scene=58&subscene=0#rd) -- 安全圈 - - [ ] [【安全圈】建立数据跨境服务中心、便利化访问国际互联网,上海虹桥商务区国际贸易中心新平台建设进一步落实](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067321&idx=1&sn=dd8f1699f9d8cbba67e8abc6091ffa6c&chksm=f36e79b9c419f0af2618c6816f0e6608ea027b7cad85fab87f7b8f411d608609fcee8157d58f&scene=58&subscene=0#rd) - - [ ] [【安全圈】浙江某海岛发现间谍!抓了!](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067321&idx=2&sn=6fab346cb4be5016a1f9a40489cc5d01&chksm=f36e79b9c419f0af38c10930f488326095bfe4671378c6afd9bb07992f854d2172088ac98e14&scene=58&subscene=0#rd) - - [ ] [【安全圈】研究人员入侵苹果新 USB-C 控制器](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067321&idx=3&sn=0baa019796225a8a1f3681f24e502952&chksm=f36e79b9c419f0afe0189b75ee69031de31213c10e55e69f5d89c92abcaabad3e78d2661af5f&scene=58&subscene=0#rd) - - [ ] [【安全圈】微软起诉利用 Azure AI 创建有害内容的黑客组织](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067321&idx=4&sn=4ea1e634e045d59be08019f06a4fd52b&chksm=f36e79b9c419f0afb77e12ec0c05482c0c727401e2761ea07b3093e610802a46b227f479adae&scene=58&subscene=0#rd) -- XCTF联赛 - - [ ] [SUCTF 2025落幕|S1uM4i战队实力夺冠!](https://mp.weixin.qq.com/s?__biz=MjM5NDU3MjExNw==&mid=2247515484&idx=1&sn=0c506fe6fa7d8296675e4a1821546192&chksm=a6874f6691f0c6701e164a48a8ed8c4bde1eddca05b9ff21a02a8863935a46ed8b2e6c369f39&scene=58&subscene=0#rd) -- 慢雾科技 - - [ ] [慢雾:演员王星被骗事件相关聊天截图调查](https://mp.weixin.qq.com/s?__biz=MzU4ODQ3NTM2OA==&mid=2247500907&idx=1&sn=1e629e1d6e96b48b3c5962aadba90a92&chksm=fddebaeccaa933fac3c0ee1a35cabeede882a8c5d99b8cab223c3abf838eb73b0a8b16aac029&scene=58&subscene=0#rd) -- 唯品会安全应急响应中心 - - [ ] [2025,感恩一路有你活动](https://mp.weixin.qq.com/s?__biz=MzI5ODE0ODA5MQ==&mid=2652281687&idx=1&sn=7934a57fd8a96c7620b9cc67dbab42c9&chksm=f74872c3c03ffbd5a39cf25b67cca249855855c79ad62cc9f41efbfc513ddaa3dfb8523cad10&scene=58&subscene=0#rd) + - [ ] [【资料】全源情报分析指南](https://mp.weixin.qq.com/s?__biz=MzI2MTE0NTE3Mw==&mid=2651148529&idx=1&sn=eb04e2ef8c40d94aef096c369c1ea58b&chksm=f1af27cbc6d8aedd5295b2c1330315579336534f3868dbb766dcc55b60fc10ef3c1f859dc96b&scene=58&subscene=0#rd) - 数世咨询 - - [ ] [如何充分利用网络安全保险](https://mp.weixin.qq.com/s?__biz=MzkxNzA3MTgyNg==&mid=2247534049&idx=1&sn=2beee14167a5b03d33ff211f021b29aa&chksm=c144375cf633be4a2ef79af31f437db15f11d64a03e292555e3305690495a36e1d1963d05ab1&scene=58&subscene=0#rd) -- 情报分析师 - - [ ] [俄罗斯如何塑造间谍高手:训练体系深度剖析](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650558899&idx=1&sn=2915b6a37534cfc83230d3de7449dcaa&chksm=87117ff8b066f6ee06eb18ad521152f3716b0d9258666c7779e81b545c70bdc3cfceca103fa4&scene=58&subscene=0#rd) - - [ ] [【分析报告】蒙古国首都发生示威游行事件](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650558899&idx=2&sn=77b7afadae9bddf9b737487ca90c52fe&chksm=87117ff8b066f6ee084e62fc5d2a41918294746a76c56d216b230fd80f5b820b9186c49869df&scene=58&subscene=0#rd) - - [ ] [蒙古国与日本及欧洲合作的多维影响:地缘政治、军事与经济分析](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650558899&idx=3&sn=58043dc5d2b15fd6d20c09516df03fad&chksm=87117ff8b066f6eedba595c9c512b301a9789917018b6d62d28b3bc361131a4ba02ff17b2738&scene=58&subscene=0#rd) -- 网络空间安全科学学报 - - [ ] [“可信计算”专题征稿](https://mp.weixin.qq.com/s?__biz=MzI0NjU2NDMwNQ==&mid=2247504642&idx=1&sn=c447628a36e58e0247573195b34c3d8b&chksm=e9bfc7bcdec84eaa8510c6005dc89ac688fc5192fecb9e012fdf5b83d4f181e939f4ba124580&scene=58&subscene=0#rd) -- 嘶吼专业版 - - [ ] [2024中国网络安全产业势能榜优能企业「制造行业」典型案例展示](https://mp.weixin.qq.com/s?__biz=MzI0MDY1MDU4MQ==&mid=2247580751&idx=1&sn=38ed7d42fddd1b5e624f8f2ac1ec4a44&chksm=e9146c75de63e56358f97bd26b9565f64210ce19c2b9a55727c9b577b37fca91fab1a28f274a&scene=58&subscene=0#rd) - - [ ] [安全动态回顾|国家网络安全通报中心:重点防范境外恶意网址和恶意IP 超过4000个后门因注册过期域名而被劫持](https://mp.weixin.qq.com/s?__biz=MzI0MDY1MDU4MQ==&mid=2247580751&idx=2&sn=7886e26f1ed368509d62b0ced61b3b4c&chksm=e9146c75de63e563f72002cb53362e5fa9e384504cdfcc9ec47eacd59f6a3696caccfa63665a&scene=58&subscene=0#rd) -- 补天平台 - - [ ] [欢迎「金山云」入驻补天专属SRC!](https://mp.weixin.qq.com/s?__biz=MzI2NzY5MDI3NQ==&mid=2247507273&idx=1&sn=19b1a506b7082cf3e664e77cdd6e1e2e&chksm=eaf99505dd8e1c135ce0c1a1e5f8fd384644130faee4eae62a6916b89c631d8954aaab977e87&scene=58&subscene=0#rd) + - [ ] [2025年美国军方拨款约300亿美元用于网络安全](https://mp.weixin.qq.com/s?__biz=MzkxNzA3MTgyNg==&mid=2247534113&idx=1&sn=3ffe3cc14b3da452f3f37f2ec2fa484d&chksm=c144349cf633bd8a2986e6625ea40da708b7b6fec5bec05a68f31fb9d7b0833f49315860fb80&scene=58&subscene=0#rd) + - [ ] [网络安全产业发展亟需回归行业价值本质](https://mp.weixin.qq.com/s?__biz=MzkxNzA3MTgyNg==&mid=2247534113&idx=2&sn=73919dc8a130b38a923b93cff0c50cdf&chksm=c144349cf633bd8a4ffbade73b3db7266497dee4c0a1c9089fa13d66d50483cb0f39b31039a9&scene=58&subscene=0#rd) +- 火线安全平台 + - [ ] [火线安全|年终大奖熠熠生辉,一起迎接年终分红时刻!](https://mp.weixin.qq.com/s?__biz=MzU4MjEwNzMzMg==&mid=2247494650&idx=1&sn=9b31cd4dbe6d0428c8ab3e835b52c73d&chksm=fdbfc251cac84b475274790dd4931939ae6f145454479889184b723c2dafcbaa4e21aa7706a2&scene=58&subscene=0#rd) +- ChaMd5安全团队 + - [ ] [SUCTF 2025 writeup by Min-Venom](https://mp.weixin.qq.com/s?__biz=MzIzMTc1MjExOQ==&mid=2247511868&idx=1&sn=5a1dc3baed4c78da2b5f75a78d2730a3&chksm=e89d87e4dfea0ef237728e960ff5e2c177f91801f9a16117a02cdb9b62e9adec26ac8ebf7a4d&scene=58&subscene=0#rd) +- 中国信息安全 + - [ ] [关注 | 工信部发文 加强互联网数据中心客户数据安全保护](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664234545&idx=1&sn=dc708bd198a9f572466efd53343dbfd8&chksm=8b59fcc8bc2e75de31b5c2b480b2ec64e92778dc9b35802d59121facc8d6e7c61833feedffc9&scene=58&subscene=0#rd) + - [ ] [专家解读 | 大力发展数据标注产业 推动我国人工智能创新发展](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664234545&idx=2&sn=d91c7578b958313bd7938fef75996fdd&chksm=8b59fcc8bc2e75de6fabe111dccca1c7defcc7ff6d5773e24d7201e332be82ed144efa9251a1&scene=58&subscene=0#rd) + - [ ] [前沿 | 回望2024年国际风云之变:聚焦全球产业核心驱动力 人工智能在全球产业变革中地位凸显](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664234545&idx=3&sn=a05079462b873959a484178e8a5465ca&chksm=8b59fcc8bc2e75deb7ea3bfab761bb926cdf86df478279e3a58fb01d166cb47e3c0efee5a84f&scene=58&subscene=0#rd) + - [ ] [发布 | 公安部公布8起打击网络黑客犯罪典型案例](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664234545&idx=4&sn=2e01732d093aabf1cf5336f813912c9f&chksm=8b59fcc8bc2e75de2780fc803df201f7e209f94b3303aa9c130a1c6c433ed59298e6b8f736b7&scene=58&subscene=0#rd) + - [ ] [关注 | 16款App存在隐私不合规行为被通报!](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664234545&idx=5&sn=252913fbf92cf6fda05be5316b33899c&chksm=8b59fcc8bc2e75defa7884d2220357f94639b0fd3b3ae1ce27224076263b9deca934ac7724d4&scene=58&subscene=0#rd) + - [ ] [国际 | 新加坡个人数据跨境传输规则](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664234545&idx=6&sn=d0ac0ff1882c400ac7dc13ef4ed6630b&chksm=8b59fcc8bc2e75de78cf889fc80038dbbf38903352028fe61fdb87ab0d48f20aa480a5a178ed&scene=58&subscene=0#rd) + - [ ] [评论 | 护好“行驶中”的个人信息安全](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664234545&idx=7&sn=452fc3ec0d32e8049888b868c54dd816&chksm=8b59fcc8bc2e75dee54ec6b6220fa19c4cec530fd3dd8d6c6e35f7c706040e9d36a84c6e1a7d&scene=58&subscene=0#rd) +- 安全圈 + - [ ] [【安全圈】2025年首个满分漏洞,PoC已公布,可部署后门](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067342&idx=1&sn=533ba142831a3c994e00cb6ec7d6d36c&chksm=f36e7a4ec419f35879a33af360eded6ccc081b3546a86d7a969a48f0eeb7b2f5eecb5be455a9&scene=58&subscene=0#rd) + - [ ] [【安全圈】AI抢不走的工作,微软力挺红队测试仍需人类“掌舵”](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067342&idx=2&sn=7630e1838566bfaad814bfbeff239c32&chksm=f36e7a4ec419f3583f2fdeb373ecf1fe61d6e4069f0710503306470b1bb3204f220e2a5f7a97&scene=58&subscene=0#rd) + - [ ] [【安全圈】不干净的视频评论区,攻击者利用Youtube传播窃密软件](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067342&idx=3&sn=488b956f65f869c09be3e3d7874e6d90&chksm=f36e7a4ec419f358aeecef6b9ff71759aabb31d37d791824c440bc665ad4c62bf5aee7f41e6d&scene=58&subscene=0#rd) + - [ ] [【安全圈】为网络安全研究人员定制的虚假漏洞利用攻击利用恶意软件](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067342&idx=4&sn=380dc9803cf52db7c5d1771d404c4279&chksm=f36e7a4ec419f35821fb42bc3692d2e2ea1220de0c7f64fc0b4a684c0758e137b27573afb929&scene=58&subscene=0#rd) - 极客公园 - - [ ] [每年 CES 都在产生共识,今年的共识是「端侧 AI」](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653071933&idx=1&sn=d7693f2c1d7c3eb862f6ff0bb8526f41&chksm=7e57d78b49205e9da2a691dd98bdc22a24d333c801f0a90a5898a83a6b3d048af13a7b31efbe&scene=58&subscene=0#rd) - - [ ] [外国车企的「智能树」,原来是这么「点歪」的](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653071901&idx=1&sn=5864aeebb9264f2381a2342858667d85&chksm=7e57d7ab49205ebda200c07e6ee6ae1b853dcdb8a9c077758a7e777598d73c7045e16320a1c3&scene=58&subscene=0#rd) - - [ ] [英伟达员工 78% 成为百万富翁;三星推出可穿戴设备固态电池原型;苹果在英国面临 18.3 亿美元罚款 | 极客早知道](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653071869&idx=1&sn=6c39746dfc45cb66b03b8e02c4549351&chksm=7e57d44b49205d5deea6c8f731ebecc14742ed3ff7879b77c91745b654df34b03012ee061c86&scene=58&subscene=0#rd) + - [ ] [TikTok 难民,涌入小红书](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653072003&idx=1&sn=135396558cdffda7575ab9d4db2ba7a2&chksm=7e57d73549205e23f0d5d735b53ab13a39f6db86f72141df0708164e36e4ed09d267a90dd774&scene=58&subscene=0#rd) + - [ ] [美国推出 AI 芯片管制新规,英伟达明确反对;余承东发全员信:鸿蒙三分天下有其一;菜鸟否认拆分 | 极客早知道](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653071986&idx=1&sn=38a32cc680920e2d96eec06c14bb95e8&chksm=7e57d7c449205ed21af2351357692387d8be287f55b6e16ae7f45dfcfc10e798b10f7454c57b&scene=58&subscene=0#rd) +- 嘶吼专业版 + - [ ] [2024 年加密货币钱包盗取事件金额多达 4.94 亿美元](https://mp.weixin.qq.com/s?__biz=MzI0MDY1MDU4MQ==&mid=2247580767&idx=1&sn=8bc4c217da27a315e86c61cc20ef036e&chksm=e9146c65de63e573becf89217a5996287eaf91ca43a548ea4a03a77cf799d364c4a6e1c0c5a7&scene=58&subscene=0#rd) + - [ ] [【我们这一年】网络和数据安全取得新突破](https://mp.weixin.qq.com/s?__biz=MzI0MDY1MDU4MQ==&mid=2247580767&idx=2&sn=e765e5472d74f27fbb2c19fb3b7a82d5&chksm=e9146c65de63e5732e384640aa4c6a61ff4da482b60698b1a0d4afd5a5b0f9090e1c190a0daf&scene=58&subscene=0#rd) +- 情报分析师 + - [ ] [普京与特朗普会晤地点预测:候选国家大揭秘](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650558917&idx=1&sn=33ebe6dacd7ec85aecad0fd5bdfbee69&chksm=87117f8eb066f69870faf705186bd56adef403c6a4dea7903c776475db2ebde947a55fea0702&scene=58&subscene=0#rd) + - [ ] [以演员王星事件为镜:透视妙瓦底产业链的运作机制](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650558917&idx=2&sn=16f94a7627598f1768b88f202f7a3a9f&chksm=87117f8eb066f698165c3f8401efa4c2572c918ed92d690b688af5d21fd6f9b3541d555864f0&scene=58&subscene=0#rd) + - [ ] [巴基斯坦动荡的安全形势2024-2025](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650558917&idx=3&sn=25076a33bf9f5e28ab04068a4deac50e&chksm=87117f8eb066f698ce3b26a1ac7b5786908bc9357f0d08803546ec0eb3d67cc8678a652fea64&scene=58&subscene=0#rd) +- OPPO安全中心 + - [ ] [2024年12月奖励公告](https://mp.weixin.qq.com/s?__biz=MzUyNzc4Mzk3MQ==&mid=2247494162&idx=1&sn=97b16bca0de97ee8a0ef60af2c1807c5&chksm=fa78eb5ecd0f62481463a3d7aee16927a051bcf5dcf6225deb354fe3cfe882d79a3e4dac3ebb&scene=58&subscene=0#rd) + - [ ] [2024年度众测挑战赛奖励公告](https://mp.weixin.qq.com/s?__biz=MzUyNzc4Mzk3MQ==&mid=2247494162&idx=2&sn=cb5346aed774d0f83c617e6bbd006331&chksm=fa78eb5ecd0f6248e815336f3d3a4ece3ebca1ee6119dedcfaf298d1fa7c7f319cdfcad0887a&scene=58&subscene=0#rd) + - [ ] [2024年蜗牛奖励兑换公告](https://mp.weixin.qq.com/s?__biz=MzUyNzc4Mzk3MQ==&mid=2247494162&idx=3&sn=770c765d1832ff2e84865f85d4073e2e&chksm=fa78eb5ecd0f6248b7f379027ae40e588a5804068b056d4edc4aff7a2c64c60dd422feafee49&scene=58&subscene=0#rd) - 字节跳动技术团队 - - [ ] [豆包MarsCode新年宠粉|参与老带新,赢索尼PS5、HHKB键盘、京东卡等惊喜好礼](https://mp.weixin.qq.com/s?__biz=MzI1MzYzMjE0MQ==&mid=2247512805&idx=1&sn=83842ceb2d52096df8947db282dcdc4c&chksm=e9d37907dea4f011803f1ed11270cfa75f7b5614ef994bc46b4d4f34d809b4a87f8e830f56c2&scene=58&subscene=0#rd) -- 威胁猎人Threat Hunter - - [ ] [【黑产大数据】2024年数据泄露风险态势报告](https://mp.weixin.qq.com/s?__biz=MzI3NDY3NDUxNg==&mid=2247498732&idx=1&sn=4ba0213d21420c4b3a5fdde9907f5853&chksm=eb12ddd7dc6554c159f48548263a9a233949da1046c171f8b9bb2618db59d043d9bacf4bd21d&scene=58&subscene=0#rd) -- CNVD漏洞平台 - - [ ] [CNVD漏洞周报2025年第2期](https://mp.weixin.qq.com/s?__biz=MzU3ODM2NTg2Mg==&mid=2247495678&idx=1&sn=7e9c30d0d4f9240a45a5e9618ff48fdb&chksm=fd74df37ca03562164a2b3c76c24dc512ef7ad74eb26251804eb0b78b40a3220adf127ca577f&scene=58&subscene=0#rd) - - [ ] [上周关注度较高的产品安全漏洞(20250106-20250112)](https://mp.weixin.qq.com/s?__biz=MzU3ODM2NTg2Mg==&mid=2247495678&idx=2&sn=27fbe9305e2b484bc5effac02d04f64a&chksm=fd74df37ca0356219bbde36812ef8acecf2a9c42679ccda3598d1c426be88c2934c747fbbb77&scene=58&subscene=0#rd) -- 阿里安全响应中心 - - [ ] [第七届入侵检测挑战赛报名开启!](https://mp.weixin.qq.com/s?__biz=MzIxMjEwNTc4NA==&mid=2652997294&idx=1&sn=ec666eebc045f5a7137e852bd81614c9&chksm=8c9e09f9bbe980efd176856df4a8a886d129663f65f3bd92dfbefa211145e734dd0e7fb7aaeb&scene=58&subscene=0#rd) -- 360数字安全 - - [ ] [2024,我们这一年|“AI”启新章 安全踏新程!](https://mp.weixin.qq.com/s?__biz=MzA4MTg0MDQ4Nw==&mid=2247578968&idx=1&sn=2179071a8126d2033abf57b40c957aff&chksm=9f8d2550a8faac464879455a2b8d765d89bd3a0d869d68221fb1610e7288441f554d5df8f067&scene=58&subscene=0#rd) - - [ ] [喜报!360入围中央国家机关及多地省政府采购名单!](https://mp.weixin.qq.com/s?__biz=MzA4MTg0MDQ4Nw==&mid=2247578968&idx=2&sn=122c7d0f43281f375fa24d61e5c03b76&chksm=9f8d2550a8faac462bc8b72d219989082a053da57d4152426bebd0063636c435c8f470cadc01&scene=58&subscene=0#rd) -- Over Security - Cybersecurity news aggregator - - [ ] [OneBlood confirms personal data stolen in July ransomware attack](https://www.bleepingcomputer.com/news/security/oneblood-confirms-personal-data-stolen-in-july-ransomware-attack/) - - [ ] [Stealer Logs, Jan 2025 - 71,039,833 breached accounts](https://haveibeenpwned.com/PwnedWebsites#StealerLogsJan2025) - - [ ] [Major location data broker reports hack to Norwegian authorities](https://therecord.media/location-data-broker-gravy-breach) - - [ ] [CISA orders agencies to patch BeyondTrust bug exploited in attacks](https://www.bleepingcomputer.com/news/security/cisa-orders-agencies-to-patch-beyondtrust-bug-exploited-in-attacks/) - - [ ] [Hackers with likely Kremlin ties target Kazakhstan in espionage campaign](https://therecord.media/hackers-kremlin-kazakhstan-espionage-campaign) - - [ ] [Stolen Path of Exile 2 admin account used to hack player accounts](https://www.bleepingcomputer.com/news/security/stolen-path-of-exile-2-admin-account-used-to-hack-player-accounts/) - - [ ] [Turks and Caicos recovering from pre-Christmas ransomware attack](https://therecord.media/turks-and-caicos-recovering-from-ransomware-attack) - - [ ] [Poland uncovers Russia-linked disinformation campaign targeting upcoming presidential election](https://therecord.media/poland-uncovers-russia-linked-disinformation-campaign-presidential-election) - - [ ] [‘Codefinger’ hackers encrypting Amazon cloud storage buckets](https://therecord.media/hackers-encrypting-amazon-cloud-buckets) - - [ ] [Microsoft: macOS bug lets hackers install malicious kernel drivers](https://www.bleepingcomputer.com/news/security/microsoft-macos-bug-lets-hackers-install-malicious-kernel-drivers/) - - [ ] [Hackers exploit critical Aviatrix Controller RCE flaw in attacks](https://www.bleepingcomputer.com/news/security/hackers-exploit-critical-aviatrix-controller-rce-flaw-in-attacks/) - - [ ] [Texas sues Allstate, alleging it violated data privacy rights of 45 million Americans](https://therecord.media/texas-sues-allstate-data-privacy-cars) - - [ ] [UK domain registry Nominet confirms breach via Ivanti zero-day](https://www.bleepingcomputer.com/news/security/uk-domain-registry-nominet-confirms-breach-via-ivanti-zero-day-vulnerability/) - - [ ] [BforeAI Series B Announcement Brief](https://bfore.ai/bforeai-secures-series-b-funding-to-preempt-malicious-attacks-through-precrime-ai/) - - [ ] [Ransomware abuses Amazon AWS feature to encrypt S3 buckets](https://www.bleepingcomputer.com/news/security/ransomware-abuses-amazon-aws-feature-to-encrypt-s3-buckets/) - - [ ] [Rep. Don Bacon on cyber deterrence: ‘Speak softly and carry a big ass stick’](https://therecord.media/rep-don-bacon-interview-cyber-deterrence-china-nsa) - - [ ] [Inside the Active Threats of Ivanti’s Exploited Vulnerabilities](https://cyble.com/blog/ivanti-exploited-vulnerabilites/) - - [ ] [Chrome Web Store is a mess](https://palant.info/2025/01/13/chrome-web-store-is-a-mess/) - - [ ] [Banshee macOS sfrutta XProtect di Apple per eludere i controlli di sicurezza](https://www.securityinfo.it/2025/01/13/banshee-macos-sfrutta-xprotect-di-apple-per-eludere-i-controlli-di-sicurezza/) - - [ ] [BIScience: Collecting browsing history under false pretenses](https://palant.info/2025/01/13/biscience-collecting-browsing-history-under-false-pretenses/) - - [ ] [Cyberattack forces Dutch university to cancel lectures](https://therecord.media/tu-eindhoven-cyberattack-lectures-canceled) - - [ ] [CyberSecurity Malaysia Flags Major Threats in Chrome and WordPress – Are You Safe?](https://cyble.com/blog/cybersecurity-malaysia-flags-major-threats-in-chrome-and-wordpress-are-you-safe/) - - [ ] [Microsoft MFA outage blocking access to Microsoft 365 apps](https://www.bleepingcomputer.com/news/microsoft/microsoft-mfa-outage-blocking-access-to-microsoft-365-apps/) - - [ ] [Double-Tap Campaign : Russia-nexus APT possibly related to APT28 conducts cyber espionage on Central Asia and Kazakhstan diplomatic relations](https://blog.sekoia.io/double-tap-campaign-russia-nexus-apt-possibly-related-to-apt28-conducts-cyber-espionage-on-central-asia-and-kazakhstan-diplomatic-relations/) - - [ ] [Analisi di una campagna Lumma Stealer con falso CAPTCHA condotta attraverso domino italiano compromesso](https://cert-agid.gov.it/news/analisi-di-una-campagna-lumma-stealer-con-falso-captcha-condotta-attraverso-domino-italiano-compromesso/) - - [ ] [Threat Intelligence - Vulnerability insights](https://www.certego.net/blog/whitepaper-dicembre-2024-threat-intelligence-insights/) - - [ ] [CERT-AGID 4 – 10 gennaio: Vidar protagonista con una campagna malspam](https://www.securityinfo.it/2025/01/13/cert-agid-4-10-gennaio-vidar-protagonista-con-una-campagna-malspam/) - - [ ] [Scholastic - 4,247,768 breached accounts](https://haveibeenpwned.com/PwnedWebsites#Scholastic) -- 山石网科安全技术研究院 - - [ ] [2024年度智能网联汽车重点安全漏洞盘点](https://mp.weixin.qq.com/s?__biz=MzUzMDUxNTE1Mw==&mid=2247509761&idx=1&sn=a2cbe8ad893d3ab348e298ee016644dc&chksm=fa5272bfcd25fba90c69028243dcc3561afae389ab16a31faf15d757d37a79fd51eea2856d83&scene=58&subscene=0#rd) -- Have I Been Pwned latest breaches - - [ ] [Stealer Logs, Jan 2025 - 71,039,833 breached accounts](https://haveibeenpwned.com/PwnedWebsites#StealerLogsJan2025) - - [ ] [Scholastic - 4,247,768 breached accounts](https://haveibeenpwned.com/PwnedWebsites#Scholastic) -- Krypt3ia - - [ ] [The Evolution of Cybercrime Cartels: From Lone Wolves to Sophisticated Syndicates](https://krypt3ia.wordpress.com/2025/01/13/the-evolution-of-cybercrime-cartels-from-lone-wolves-to-sophisticated-syndicates/) - - [ ] [Top 5 Non-State Actor Groups Targeting Critical Infrastructure](https://krypt3ia.wordpress.com/2025/01/13/top-5-non-state-actor-groups-targeting-critical-infrastructure/) + - [ ] [详解veImageX助力卓特视觉智能、高效生成设计素材](https://mp.weixin.qq.com/s?__biz=MzI1MzYzMjE0MQ==&mid=2247512825&idx=1&sn=ba087dada2532f864bfbe96b7a339dea&chksm=e9d3791bdea4f00d7e6b38efbe14a2de4122b715564a4e286406a40cfcf460f77bffc2c17f01&scene=58&subscene=0#rd) +- 吴鲁加 + - [ ] [建立习惯系统](https://mp.weixin.qq.com/s?__biz=Mzg5NDY4ODM1MA==&mid=2247485147&idx=1&sn=1620d7cf6289322680963ba87ff33c6d&chksm=c01a8beaf76d02fc79ef2b3b307e77598513970b244b1db86dbb915fa3fa2d9521919113fde3&scene=58&subscene=0#rd) +- 航行笔记 + - [ ] [和顾孔希大佬聊聊怎么从“打黑工”到大厂安全负责人](https://mp.weixin.qq.com/s?__biz=MzIyOTAxOTYwMw==&mid=2650236920&idx=1&sn=45f2e17b8713ae0535d21478b3506746&chksm=f04add44c73d545260a1db5c3adfbae9589b8579eedb1c58ecb4d016e52ecf5ef287ea20a161&scene=58&subscene=0#rd) +- Qualys Security Blog + - [ ] [Microsoft Patch Tuesday, January 2025 Security Update Review](https://blog.qualys.com/category/vulnerabilities-threat-research) +- 青藤智库 + - [ ] [ATT&CK实践进入深水区 ---不要再迷信ATT&CK覆盖率](https://mp.weixin.qq.com/s?__biz=MzUyOTkwNTQ5Mg==&mid=2247489334&idx=1&sn=295109e68e9f73402b29c27581c39184&chksm=fa58b50dcd2f3c1bdef61783e741656b9876e7a7d33ceecc68ec9a2613798c30b01fde577243&scene=58&subscene=0#rd) +- LuxSci + - [ ] [Securing Digital Communications in Healthcare: What You Need to Know](https://luxsci.com/blog/securing-digital-communications-healthcare.html) +- 安全419 + - [ ] [2025 年暗网市场和威胁预测](https://mp.weixin.qq.com/s?__biz=MzUyMDQ4OTkyMg==&mid=2247546688&idx=1&sn=a0efc6e92c206ed8942332d8273afec5&chksm=f9ebe9edce9c60fbcf8b788185281bd95fa99f95c8bd66e54aecebde138f8ac587a5655f2d31&scene=58&subscene=0#rd) - ICT Security Magazine - - [ ] [Cyber Resilience Act: Un Nuovo Strumento per la Sicurezza Digitale nell’UE](https://www.ictsecuritymagazine.com/articoli/cyber-resilience-act-sicurezza-digitale/) -- 0x727开源安全团队 - - [ ] [论安全运营的本质(第十章)](https://mp.weixin.qq.com/s?__biz=MzkwNTI3MjIyOQ==&mid=2247484113&idx=1&sn=7f019dca19eb8721e20b86ecde235940&chksm=c0fb0c1bf78c850dafefd9f5fdac7388b99e83af92a1362a090064fdd8b2a8e1fb1a796bb01a&scene=58&subscene=0#rd) -- 安全村SecUN - - [ ] [【极思】安全运营第6年实践总结](https://mp.weixin.qq.com/s?__biz=MzkyODM5NzQwNQ==&mid=2247496429&idx=1&sn=379e57e4ac389d0afadd44e65168dfcd&chksm=c21bd3dff56c5ac935b25b0568822053fb5bed39a4db28a35ffa2ea0c7ede3755f7071dd353f&scene=58&subscene=0#rd) + - [ ] [La Nuova Era della Cybersecurity: Resilienza, Intelligenza Artificiale e Protezione dei Dati](https://www.ictsecuritymagazine.com/articoli/cybersecurity-resilienza-ai/) +- 360数字安全 + - [ ] [工信部认可!360荣获车联网产品安全漏洞专业库“优秀技术支撑单位”](https://mp.weixin.qq.com/s?__biz=MzA4MTg0MDQ4Nw==&mid=2247579028&idx=1&sn=3d580b0d7ca47a7f72c3197a1199540b&chksm=9f8d259ca8faac8a4d409dfed08e3cc488bb728732fb1f7fb2472e8da2de36263fd911a68379&scene=58&subscene=0#rd) - 迪哥讲事 - - [ ] [抛开day不谈,为什么同样一个站你挖不到洞,别人却能咔咔上分?](https://mp.weixin.qq.com/s?__biz=MzIzMTIzNTM0MA==&mid=2247496846&idx=1&sn=446f62009a5b4a78356459656e925b2a&chksm=e8a5feeddfd277fbb42bbd793665bc8de01733bf220a34f8ece1e83142823685a046f1dd4699&scene=58&subscene=0#rd) -- Troy Hunt's Blog - - [ ] [Experimenting with Stealer Logs in Have I Been Pwned](https://www.troyhunt.com/experimenting-with-stealer-logs-in-have-i-been-pwned/) + - [ ] [击穿星巴克获取 1 亿用户详细信息](https://mp.weixin.qq.com/s?__biz=MzIzMTIzNTM0MA==&mid=2247496850&idx=1&sn=11bd36bd686dd8f1a78ec89282a6c8ba&chksm=e8a5fef1dfd277e782b82e03c83068b26a37747c1e407b829945c4aa158c498973966d346b4f&scene=58&subscene=0#rd) +- Krypt3ia + - [ ] [Threat Brief: Y2Q and the Convergence of AI Compute and Quantum Computing Power](https://krypt3ia.wordpress.com/2025/01/14/threat-brief-y2q-and-the-convergence-of-ai-compute-and-quantum-computing-power/) +- 360威胁情报中心 + - [ ] [近些年APT-C-60(伪猎者)组织使用的载荷分析](https://mp.weixin.qq.com/s?__biz=MzUyMjk4NzExMA==&mid=2247505493&idx=1&sn=2260fa98c61cff9236bfea3e11059200&chksm=f9c1e55cceb66c4a3a040aeb233338e2770de6a2c767b20e74a64934cc02ca6d9a1d122784c4&scene=58&subscene=0#rd) +- Over Security - Cybersecurity news aggregator + - [ ] [Microsoft: Happy 2025. Here’s 161 Security Updates](https://krebsonsecurity.com/2025/01/microsoft-happy-2025-heres-161-security-updates/) + - [ ] [Allstate car insurer sued for tracking drivers without permission](https://www.bleepingcomputer.com/news/legal/allstate-car-insurer-sued-for-tracking-drivers-without-permission/) + - [ ] [January Windows updates may fail if Citrix SRA is installed](https://www.bleepingcomputer.com/news/microsoft/january-windows-updates-may-fail-if-citrix-sra-is-installed/) + - [ ] [Microsoft Patch Tuesday for January 2025 — Snort rules and prominent vulnerabilities](https://blog.talosintelligence.com/january-patch-tuesday-release/) + - [ ] [WP3.XYZ malware attacks add rogue admins to 5,000+ WordPress sites](https://www.bleepingcomputer.com/news/security/wp3xyz-malware-attacks-add-rogue-admins-to-5-000-plus-wordpress-sites/) + - [ ] [US govt says North Korea stole over $659 million in crypto last year](https://www.bleepingcomputer.com/news/security/us-govt-says-north-korea-stole-over-659-million-in-crypto-last-year/) + - [ ] [DOJ deletes China-linked PlugX malware off more than 4,200 US computers](https://therecord.media/doj-deletes-china-linked-plugx-malware) + - [ ] [Windows 10 KB5049981 update released with new BYOVD blocklist](https://www.bleepingcomputer.com/news/microsoft/windows-10-kb5049981-update-released-with-new-byovd-blocklist/) + - [ ] [Justice Department and FBI Conduct International Operation to Delete Malware Used by China-Backed Hackers](https://flashpoint.io/blog/operation-to-delete-malware-used-by-china-backed-hackers/) + - [ ] [Microsoft January 2025 Patch Tuesday fixes 8 zero-days, 159 flaws](https://www.bleepingcomputer.com/news/microsoft/microsoft-january-2025-patch-tuesday-fixes-8-zero-days-159-flaws/) + - [ ] [Windows 11 KB5050009 & KB5050021 cumulative updates released](https://www.bleepingcomputer.com/news/microsoft/windows-11-kb5050009-and-kb5050021-cumulative-updates-released/) + - [ ] [Hegseth says debate over Cyber Command, NSA leadership would reach ‘conclusion’](https://therecord.media/pete-hegseth-confirmation-hearing-nsa-cybercom-dual-hat) + - [ ] [US issues final rule barring Chinese, Russian connected car tech](https://therecord.media/us-issues-rule-banning-chinese-russian-car-tech) + - [ ] [Google OAuth flaw lets attackers gain access to abandoned accounts](https://www.bleepingcomputer.com/news/security/google-oauth-flaw-lets-attackers-gain-access-to-abandoned-accounts/) + - [ ] [FBI wipes Chinese PlugX malware from over 4,000 US computers](https://www.bleepingcomputer.com/news/security/fbi-wipes-chinese-plugx-malware-from-over-4-000-us-computers/) + - [ ] [Tennessee-based mortgage lender confirms December cyberattack](https://therecord.media/tennessee-mortgage-lender-confirms-cyberattack) + - [ ] [Hackers use FastHTTP in new high-speed Microsoft 365 password attacks](https://www.bleepingcomputer.com/news/security/hackers-use-fasthttp-in-new-high-speed-microsoft-365-password-attacks/) + - [ ] [Connecticut city of West Haven assessing impact of cyberattack](https://therecord.media/west-haven-connecticut-city-government-cyberattack) + - [ ] [Fortinet warns of auth bypass zero-day exploited to hijack firewalls](https://www.bleepingcomputer.com/news/security/fortinet-warns-of-auth-bypass-zero-day-exploited-to-hijack-firewalls/) + - [ ] [Russia's largest platform for state procurement hit by cyberattack from pro-Ukraine group](https://therecord.media/russian-platform-for-state-procurement-hit-cyberattack) + - [ ] [Microsoft 365 apps crash on Windows Server after Office update](https://www.bleepingcomputer.com/news/microsoft/microsoft-365-apps-crash-on-windows-server-after-office-update/) + - [ ] [Russia warned its 'shadow fleet' could face action from NATO allies](https://therecord.media/baltic-nato-allies-warning-russia-shadow-fleet) + - [ ] [Analysis of Python's .pth files as a persistence mechanism](https://dfir.ch/posts/publish_python_pth_extension/) + - [ ] [Deadline Approaching for Rent 2 Own: Medusa Ransomware Threatens Data Release](https://www.suspectfile.com/deadline-approaching-for-rent-2-own-medusa-ransomware-threatens-data-release/) + - [ ] [Products and people are in place for CISA to succeed, agency’s departing No. 2 official says](https://therecord.media/nitin-natarajan-cisa-deputy-director-interview) + - [ ] [Threat Intelligence Pivoting: Actionable Insights Behind Indicators](https://any.run/cybersecurity-blog/threat-intelligence-pivoting/) + - [ ] [IntelBroker Unmasked: KELA’s In-Depth Analysis of a Cybercrime Leader](https://www.kelacyber.com/blog/intelbroker-unmasked-kelas-in-depth-analysis-of-a-cybercrime-leader/) + - [ ] [Hitchhiker’s Guide to Managed Security](https://blog.compass-security.com/2025/01/hitchhikers-guide-to-managed-security/) + - [ ] [How Barcelona became an unlikely hub for spyware startups](https://techcrunch.com/2025/01/13/how-barcelona-became-an-unlikely-hub-for-spyware-startups/) + - [ ] [UK proposes banning hospitals and schools from making ransomware payments](https://therecord.media/uk-proposes-banning-ransoms-hospitals) - SANS Internet Storm Center, InfoCON: green - - [ ] [ISC Stormcast For Tuesday, January 14th, 2025 https://isc.sans.edu/podcastdetail/9278, (Mon, Jan 13th)](https://isc.sans.edu/diary/rss/31588) - - [ ] [Hikvision Password Reset Brute Forcing, (Mon, Jan 13th)](https://isc.sans.edu/diary/rss/31586) - - [ ] [ISC Stormcast For Monday, January 13th, 2025 https://isc.sans.edu/podcastdetail/9276, (Mon, Jan 13th)](https://isc.sans.edu/diary/rss/31584) -- Posts By SpecterOps Team Members - Medium - - [ ] [Part 16: Tool Description](https://posts.specterops.io/part-16-tool-description-e09506ebc2c7?source=rss----f05f8696e3cc---4) -- Securityinfo.it - - [ ] [Banshee macOS sfrutta XProtect di Apple per eludere i controlli di sicurezza](https://www.securityinfo.it/2025/01/13/banshee-macos-sfrutta-xprotect-di-apple-per-eludere-i-controlli-di-sicurezza/?utm_source=rss&utm_medium=rss&utm_campaign=banshee-macos-sfrutta-xprotect-di-apple-per-eludere-i-controlli-di-sicurezza) - - [ ] [CERT-AGID 4 – 10 gennaio: Vidar protagonista con una campagna malspam](https://www.securityinfo.it/2025/01/13/cert-agid-4-10-gennaio-vidar-protagonista-con-una-campagna-malspam/?utm_source=rss&utm_medium=rss&utm_campaign=cert-agid-4-10-gennaio-vidar-protagonista-con-una-campagna-malspam) -- Schneier on Security - - [ ] [Microsoft Takes Legal Action Against AI “Hacking as a Service” Scheme](https://www.schneier.com/blog/archives/2025/01/microsoft-takes-legal-action-against-ai-hacking-as-a-service-scheme.html) -- Graham Cluley - - [ ] [Pastor’s “dream” crypto scheme alleged to be a multi-million dollar scam](https://www.bitdefender.com/en-us/blog/hotforsecurity/pastors-dream-crypto-scheme-alleged-to-be-a-multi-million-dollar-scam) -- The Hacker News - - [ ] [Hackers Exploit Aviatrix Controller Vulnerability to Deploy Backdoors and Crypto Miners](https://thehackernews.com/2025/01/hackers-exploit-aviatrix-controller.html) - - [ ] [⚡ THN Weekly Recap: Top Cybersecurity Threats, Tools and Tips [13 January]](https://thehackernews.com/2025/01/thn-weekly-recap-top-cybersecurity_01424177917.html) - - [ ] [Ransomware on ESXi: The Mechanization of Virtualized Attacks](https://thehackernews.com/2025/01/ransomware-on-esxi-mechanization-of.html) - - [ ] [WordPress Skimmers Evade Detection by Injecting Themselves into Database Tables](https://thehackernews.com/2025/01/wordpress-skimmers-evade-detection-by.html) - - [ ] [Expired Domains Allowed Control Over 4,000 Backdoors on Compromised Systems](https://thehackernews.com/2025/01/expired-domains-allowed-control-over.html) + - [ ] [Microsoft January 2025 Patch Tuesday, (Tue, Jan 14th)](https://isc.sans.edu/diary/rss/31590) +- 0x727开源安全团队 + - [ ] [“运营”本身是什么?(第十二章)](https://mp.weixin.qq.com/s?__biz=MzkwNTI3MjIyOQ==&mid=2247484125&idx=1&sn=7cf0877900e944a0253bb5351787b5c0&chksm=c0fb0c17f78c8501534fcb1249221aeec70210e176b476718cdb98fc8f77960b4a353b6f6ed9&scene=58&subscene=0#rd) +- The Register - Security + - [ ] [FBI wipes Chinese PlugX malware from thousands of Windows PCs in America](https://go.theregister.com/feed/www.theregister.com/2025/01/14/fbi_french_cops_boot_chinas/) + - [ ] [Snyk appears to deploy 'malicious' packages targeting Cursor for unknown reason](https://go.theregister.com/feed/www.theregister.com/2025/01/14/snyk_npm_deployment_removed/) + - [ ] [It's not just Big Tech: The UK's Online Safety Act applies across the board](https://go.theregister.com/feed/www.theregister.com/2025/01/14/online_safety_act/) + - [ ] [UK floats ransomware payout ban for public sector](https://go.theregister.com/feed/www.theregister.com/2025/01/14/uk_ransomware_payout_ban/) + - [ ] [Miscreants 'mass exploited' Fortinet firewalls, 'highly probable' zero-day used](https://go.theregister.com/feed/www.theregister.com/2025/01/14/miscreants_mass_exploited_fortinet_firewalls/) +- TorrentFreak + - [ ] [‘Notorious’ Pirate IPTV Service MagisTV Applies for US Trademark and Rebrands](https://torrentfreak.com/notorious-pirate-iptv-service-magistv-applies-for-us-trademark-and-rebrands-250114/) +- Silent Signal Techblog + - [ ] [Story of a Pentester Recruitment 2025](https://blog.silentsignal.eu/2025/01/14/pentester-recruitment-2025-mushroom/) - Instapaper: Unread - - [ ] [Candy Crush, Tinder, MyFitnessPal See the Thousands of Apps Hijacked to Spy on Your Location](https://www.wired.com/story/gravy-location-data-app-leak-rtb/) - - [ ] [Robot Vacuums Hacked To Spy On Their Owners](https://cybersecuritynews.com/robot-vacuums-hacked/) - - [ ] [L'iPad Pro che si autodistrugge in caso di morte dell'utente](https://www.wired.it/article/ipad-pro-morte-in-case-of-death/) - - [ ] [Attacchi hacker filorussi all’Italia. Il cyber-caos come arma ibrida di Mosca](https://formiche.net/2025/01/italia-filorussi-hacker/) -- Computer Forensics - - [ ] [Using an MD5 hash to validate evidence](https://www.reddit.com/r/computerforensics/comments/1i0ofl7/using_an_md5_hash_to_validate_evidence/) - - [ ] [Tools I should learn?](https://www.reddit.com/r/computerforensics/comments/1i0d8h6/tools_i_should_learn/) + - [ ] [FileVault and volume encryption explained](https://eclecticlight.co/2025/01/10/filevault-and-volume-encryption-explained/) + - [ ] [Windows Browser Forensics 101](https://belkasoft.com/windows-browser-forensics) + - [ ] [Windows Recycle Bin - The known and the unknown](https://bebinary4n6.blogspot.com/2025/01/windows-recycle-bin-known-and-unknown.html) + - [ ] [iPhone and iPad Acquisition Methods Yet Another Comparison](https://blog.elcomsoft.com/2025/01/iphone-and-ipad-acquisition-methods-yet-another-comparison/) +- The Hacker News + - [ ] [Microsoft Uncovers macOS Vulnerability CVE-2024-44243 Allowing Rootkit Installation](https://thehackernews.com/2025/01/microsoft-uncovers-macos-vulnerability.html) + - [ ] [Google OAuth Vulnerability Exposes Millions via Failed Startup Domains](https://thehackernews.com/2025/01/google-oauth-vulnerability-exposes.html) + - [ ] [4 Reasons Your SaaS Attack Surface Can No Longer be Ignored](https://thehackernews.com/2025/01/4-reasons-your-saas-attack-surface-can.html) + - [ ] [Illicit HuiOne Telegram Market Surpasses Hydra, Hits $24 Billion in Crypto Transactions](https://thehackernews.com/2025/01/illicit-huione-telegram-market.html) + - [ ] [Zero-Day Vulnerability Suspected in Attacks on Fortinet Firewalls with Exposed Interfaces](https://thehackernews.com/2025/01/zero-day-vulnerability-suspected-in.html) + - [ ] [Russian-Linked Hackers Target Kazakhstan in Espionage Campaign with HATVIBE Malware](https://thehackernews.com/2025/01/russian-linked-hackers-target.html) + - [ ] [CISA Adds Second BeyondTrust Flaw to KEV Catalog Amid Active Attacks](https://thehackernews.com/2025/01/cisa-adds-new-beyondtrust-flaw-to-kev.html) +- Schneier on Security + - [ ] [Upcoming Speaking Engagements](https://www.schneier.com/blog/archives/2025/01/upcoming-speaking-engagements-42.html) + - [ ] [The First Password on the Internet](https://www.schneier.com/blog/archives/2025/01/the-first-password-on-the-internet.html) - Technical Information Security Content & Discussion - - [ ] [Fireblocks Black Box Security Review](https://www.reddit.com/r/netsec/comments/1i0gmdv/fireblocks_black_box_security_review/) -- TorrentFreak - - [ ] [ISP Huffs and Puffs Then Apologizes to 3 Little Piggies Over Pirate Downloads](https://torrentfreak.com/isp-huffs-and-puffs-then-apologizes-to-3-little-piggies-over-pirate-downloads-250113/) - - [ ] [MissAV: One of the World’s Largest ‘Pirate’ Sites Targeted in Takedown Effort](https://torrentfreak.com/missav-one-of-the-worlds-largest-pirate-sites-targeted-in-takedown-effort-250113/) -- Your Open Hacker Community - - [ ] [Feeling im so behind in cybersecurity](https://www.reddit.com/r/HowToHack/comments/1i0oa70/feeling_im_so_behind_in_cybersecurity/) - - [ ] [Insta problem](https://www.reddit.com/r/HowToHack/comments/1i0qyt4/insta_problem/) - - [ ] [How to connect](https://www.reddit.com/r/HowToHack/comments/1i0oz3r/how_to_connect/) - - [ ] [What should i learn first when it comes to hacking?](https://www.reddit.com/r/HowToHack/comments/1i0a33k/what_should_i_learn_first_when_it_comes_to_hacking/) - - [ ] [How do I recognize a o.mg cable?](https://www.reddit.com/r/HowToHack/comments/1i0mty3/how_do_i_recognize_a_omg_cable/) - - [ ] [Email info](https://www.reddit.com/r/HowToHack/comments/1i0iuzt/email_info/) - - [ ] [How to make a " creek" with a pump and a retention pond?](https://www.reddit.com/r/HowToHack/comments/1i0msvj/how_to_make_a_creek_with_a_pump_and_a_retention/) - - [ ] [How?](https://www.reddit.com/r/HowToHack/comments/1i0auj4/how/) - - [ ] [Can someone help with my friend's account?](https://www.reddit.com/r/HowToHack/comments/1i0fafc/can_someone_help_with_my_friends_account/) - - [ ] [How to start your own website](https://www.reddit.com/r/HowToHack/comments/1i0583q/how_to_start_your_own_website/) - - [ ] [I need to know if there’s anyway I can bypass a game suspension?](https://www.reddit.com/r/HowToHack/comments/1i09z4w/i_need_to_know_if_theres_anyway_i_can_bypass_a/) - - [ ] [Is it possible to find the server IP of a game while playing it on PC?](https://www.reddit.com/r/HowToHack/comments/1i070ch/is_it_possible_to_find_the_server_ip_of_a_game/) -- netsecstudents: Subreddit for students studying Network Security and its related subjects - - [ ] [[Micro Challenge] Break YieldCat's Markdown Validation Checks - Active Until Jan 20](https://www.reddit.com/r/netsecstudents/comments/1i0ag5t/micro_challenge_break_yieldcats_markdown/) - - [ ] [I created a website to apply my knowledge of AI and Natural Language Processing into something useful](https://www.reddit.com/r/netsecstudents/comments/1i05t70/i_created_a_website_to_apply_my_knowledge_of_ai/) -- The Register - Security - - [ ] [Cryptojacking, backdoors abound as fiends abuse Aviatrix Controller bug](https://go.theregister.com/feed/www.theregister.com/2025/01/13/severe_aviatrix_controller_vulnerability/) - - [ ] [Microsoft sues 'foreign-based' cyber-crooks, seizes sites used to abuse AI](https://go.theregister.com/feed/www.theregister.com/2025/01/13/microsoft_sues_foreignbased_crims_seizes/) - - [ ] [Azure, Microsoft 365 MFA outage locks out users across regions](https://go.theregister.com/feed/www.theregister.com/2025/01/13/azure_m365_outage/) - - [ ] [NATO's newest member comes out swinging following latest Baltic Sea cable attack](https://go.theregister.com/feed/www.theregister.com/2025/01/13/sweden_baltic_cable_attack/) - - [ ] [Ransomware crew abuses AWS native encryption, sets data-destruct timer for 7 days](https://go.theregister.com/feed/www.theregister.com/2025/01/13/ransomware_crew_abuses_compromised_aws/) - - [ ] [Nominet probes network intrusion linked to Ivanti zero-day exploit](https://go.theregister.com/feed/www.theregister.com/2025/01/13/nominet_ivanti_zero_day/) - - [ ] [Europe coughs up €400 to punter after breaking its own GDPR data protection rules](https://go.theregister.com/feed/www.theregister.com/2025/01/13/data_broker_hacked/) -- Security Affairs - - [ ] [U.S. CISA adds BeyondTrust PRA and RS and Qlik Sense flaws to its Known Exploited Vulnerabilities catalog](https://securityaffairs.com/173031/security/u-s-cisa-adds-beyondtrust-pra-and-rs-and-qlik-sense-flaws-to-its-known-exploited-vulnerabilities-catalog.html) - - [ ] [Inexperienced actors developed the FunkSec ransomware using AI tools](https://securityaffairs.com/173018/cyber-crime/funksec-ransomware-was-developed-using-ai-tools.html) - - [ ] [Credit Card Skimmer campaign targets WordPress via database injection](https://securityaffairs.com/173010/malware/stealthy-credit-card-skimmer-targets-wordpress.html) - - [ ] [Microsoft took legal action against crooks who developed a tool to abuse its AI-based services](https://securityaffairs.com/173000/cyber-crime/microsoft-took-legal-action-against-crooks-developed-a-tool-to-abuse-its-ai.html) + - [ ] [Millions of Accounts Vulnerable due to Google’s OAuth Flaw](https://www.reddit.com/r/netsec/comments/1i1aam8/millions_of_accounts_vulnerable_due_to_googles/) + - [ ] [New Microsoft OLE Vulnerability, Exploitable via Email](https://www.reddit.com/r/netsec/comments/1i1ej02/new_microsoft_ole_vulnerability_exploitable_via/) + - [ ] [RCE in rsync, CVE-2024-12084 (and 5 more vulnerabilities)](https://www.reddit.com/r/netsec/comments/1i1ike5/rce_in_rsync_cve202412084_and_5_more/) + - [ ] [Over 5,000 WordPress sites caught in WP3.XYZ malware attack](https://www.reddit.com/r/netsec/comments/1i15afl/over_5000_wordpress_sites_caught_in_wp3xyz/) + - [ ] [Story of a Pentester Recruitment 2025](https://www.reddit.com/r/netsec/comments/1i16q95/story_of_a_pentester_recruitment_2025/) + - [ ] [Laser Fault Injection on a Budget: RP2350 Edition](https://www.reddit.com/r/netsec/comments/1i1fm6j/laser_fault_injection_on_a_budget_rp2350_edition/) + - [ ] [Threat actors exploit a probable 0-day in exposed management consoles of Fortinet FortiGate firewalls](https://www.reddit.com/r/netsec/comments/1i12s72/threat_actors_exploit_a_probable_0day_in_exposed/) + - [ ] [Command Line Underdog: WMIC in Action -- How to use wmic as an alternate shell in a pinch](https://www.reddit.com/r/netsec/comments/1i19m6a/command_line_underdog_wmic_in_action_how_to_use/) - Deeplinks - - [ ] [Five Things to Know about the Supreme Court Case on Texas’ Age Verification Law, Free Speech Coalition v Paxton](https://www.eff.org/deeplinks/2025/01/five-things-know-about-supreme-court-case-texas-age-verification-law-free-speech) + - [ ] [Platforms Systematically Removed a User Because He Made "Most Wanted CEO" Playing Cards](https://www.eff.org/deeplinks/2025/01/platforms-systematically-removed-user-because-he-made-most-wanted-ceo-playing) +- Information Security + - [ ] [¿Alguien sabe donde puedo conseguir alguna pagina/links para descargar virus/troyanos/spywares a propósito?](https://www.reddit.com/r/Information_Security/comments/1i10r2b/alguien_sabe_donde_puedo_conseguir_alguna/) +- Computer Forensics + - [ ] [Trying to find how data was moved off a company computer](https://www.reddit.com/r/computerforensics/comments/1i1bera/trying_to_find_how_data_was_moved_off_a_company/) + - [ ] [Strange Request but anyone have any recommendation for Furniture/Layout for lab environment they enjoy?](https://www.reddit.com/r/computerforensics/comments/1i1b1hs/strange_request_but_anyone_have_any/) + - [ ] [FYI: Free Enterprise licenses for data recovery professionals from Disk Drill](https://www.reddit.com/r/computerforensics/comments/1i18at1/fyi_free_enterprise_licenses_for_data_recovery/) + - [ ] [How to capture and decrypt packets from an iPhone AND use the microphone](https://www.reddit.com/r/computerforensics/comments/1i0wbgh/how_to_capture_and_decrypt_packets_from_an_iphone/) +- netsecstudents: Subreddit for students studying Network Security and its related subjects + - [ ] [Need residential network security consultant in Dallas area](https://www.reddit.com/r/netsecstudents/comments/1i1553g/need_residential_network_security_consultant_in/) +- Krebs on Security + - [ ] [Microsoft: Happy 2025. Here’s 161 Security Updates](https://krebsonsecurity.com/2025/01/microsoft-happy-2025-heres-161-security-updates/) - Blackhat Library: Hacking techniques and research - - [ ] [I created a Cybersecurity Hub - All cyber tools and resources!](https://www.reddit.com/r/blackhat/comments/1i09dxz/i_created_a_cybersecurity_hub_all_cyber_tools_and/) + - [ ] [Infostealer Logs to Fuel a New Wave of AWS Ransomware Attacks](https://www.reddit.com/r/blackhat/comments/1i12gdl/infostealer_logs_to_fuel_a_new_wave_of_aws/) +- Your Open Hacker Community + - [ ] [Best course for beginner in hacking and cyber security](https://www.reddit.com/r/HowToHack/comments/1i14y6e/best_course_for_beginner_in_hacking_and_cyber/) + - [ ] [Trying to figure out how to pull email addresses and stuff, wanna know how to do that](https://www.reddit.com/r/HowToHack/comments/1i1jdgb/trying_to_figure_out_how_to_pull_email_addresses/) + - [ ] [best ethical Wi-Fi info stealer you can try and also with a gui](https://www.reddit.com/r/HowToHack/comments/1i1i672/best_ethical_wifi_info_stealer_you_can_try_and/) + - [ ] [What's the best way to learn how to start hacking?](https://www.reddit.com/r/HowToHack/comments/1i1afyv/whats_the_best_way_to_learn_how_to_start_hacking/) + - [ ] [Would like some tips](https://www.reddit.com/r/HowToHack/comments/1i1bpxm/would_like_some_tips/) + - [ ] [Access MSSQL DB with lost password?](https://www.reddit.com/r/HowToHack/comments/1i15n6b/access_mssql_db_with_lost_password/) + - [ ] [Name Suggestion:](https://www.reddit.com/r/HowToHack/comments/1i0ytwo/name_suggestion/) + - [ ] [What I should learn about ethical hacking? Or Kali Linux](https://www.reddit.com/r/HowToHack/comments/1i16afj/what_i_should_learn_about_ethical_hacking_or_kali/) + - [ ] [What are some sql queries to bypass login](https://www.reddit.com/r/HowToHack/comments/1i0zuvl/what_are_some_sql_queries_to_bypass_login/) + - [ ] [Need help making a copy of my college id card](https://www.reddit.com/r/HowToHack/comments/1i0weja/need_help_making_a_copy_of_my_college_id_card/) + - [ ] [how can i spoof my mac address on a chromebook? (not school issued)](https://www.reddit.com/r/HowToHack/comments/1i0wr9f/how_can_i_spoof_my_mac_address_on_a_chromebook/) + - [ ] [[ Removed by Reddit ]](https://www.reddit.com/r/HowToHack/comments/1i0syrn/removed_by_reddit/) - Hacking Exposed Computer Forensics Blog - - [ ] [Daily Blog #716: Sunday Funday 1/12/25](https://www.hecfblog.com/2025/01/daily-blog-716-sunday-funday-11225.html) + - [ ] [Daily Blog #717: Getting free Azure credits for testing](https://www.hecfblog.com/2025/01/daily-blog-717-getting-free-azure.html) - Security Weekly Podcast Network (Audio) - - [ ] [How threat-informed defense benefits each security team member - Frank Duff, Nathan Sportsman - ESW #389](http://sites.libsyn.com/18678/how-threat-informed-defense-benefits-each-security-team-member-frank-duff-nathan-sportsman-esw-389) + - [ ] [Smishing, Beyond Trust, CryptoReligion, Aviatrix, Azure, Josh Marpet, and more... - SWN #442](http://sites.libsyn.com/18678/smishing-beyond-trust-cryptoreligion-aviatrix-azure-josh-marpet-and-more-swn-442) + - [ ] [Discussing Useful Security Requirements with Developers - Ixchel Ruiz - ASW #313](http://sites.libsyn.com/18678/discussing-useful-security-requirements-with-developers-ixchel-ruiz-asw-313) From dd6f95b6523b47dec424b637ba7f10a2e8565ac6 Mon Sep 17 00:00:00 2001 From: chainreactorbot Date: Fri, 17 Jan 2025 02:44:22 +0000 Subject: [PATCH 12/29] =?UTF-8?q?=E6=AF=8F=E6=97=A5=E5=AE=89=E5=85=A8?= =?UTF-8?q?=E8=B5=84=E8=AE=AF=EF=BC=882025-01-17=EF=BC=89?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- archive/daily/2025/2025-01-17.md | 425 +++++++++++++++++ archive/tmp/2025-01-17.json | 517 +++++++++++++++++++++ today.md | 769 ++++++++++++++++--------------- 3 files changed, 1336 insertions(+), 375 deletions(-) create mode 100644 archive/daily/2025/2025-01-17.md create mode 100644 archive/tmp/2025-01-17.json diff --git a/archive/daily/2025/2025-01-17.md b/archive/daily/2025/2025-01-17.md new file mode 100644 index 0000000000..f6dbef247d --- /dev/null +++ b/archive/daily/2025/2025-01-17.md @@ -0,0 +1,425 @@ +# 每日安全资讯(2025-01-17) + +- 奇安信攻防社区 + - [ ] [Pipe管道利用](https://forum.butian.net/share/4041) + - [ ] [x86_shellcode的一些总结](https://forum.butian.net/share/4045) +- SecWiki News + - [ ] [SecWiki News 2025-01-16 Review](http://www.sec-wiki.com/?2025-01-16) +- Recent Commits to cve:main + - [ ] [Update Thu Jan 16 20:18:31 UTC 2025](https://github.com/trickest/cve/commit/ac7b0793018b914902d4a93cfd97f9c9f5099dc2) + - [ ] [Update Thu Jan 16 12:17:03 UTC 2025](https://github.com/trickest/cve/commit/d2045a1f437c6e51bb209405ecceac7ecd5fb639) + - [ ] [Update Thu Jan 16 04:12:08 UTC 2025](https://github.com/trickest/cve/commit/e9e247db7486d0a878423134b49b830e5ac64c29) +- Security Boulevard + - [ ] [DEF CON 32 – Signature-Based Detection Using Network Timing](https://securityboulevard.com/2025/01/def-con-32-signature-based-detection-using-network-timing/) + - [ ] [Randall Munroe’s XKCD ‘Radon’](https://securityboulevard.com/2025/01/randall-munroes-xkcd-radon/) + - [ ] [Updated Response to CISA Advisory (AA23-136A): #StopRansomware: BianLian Ransomware Group](https://securityboulevard.com/2025/01/updated-response-to-cisa-advisory-aa23-136a-stopransomware-bianlian-ransomware-group/) + - [ ] [White House Executive Order: Strengthening and Promoting Innovation in the Nation’s Cybersecurity](https://securityboulevard.com/2025/01/white-house-executive-order-strengthening-and-promoting-innovation-in-the-nations-cybersecurity/) + - [ ] [Debunking the “On Premise Software” Myth | Grip Security](https://securityboulevard.com/2025/01/debunking-the-on-premise-software-myth-grip-security/) + - [ ] [Veriti mentioned as a Tech Innovator in the 2025 Gartner® Emerging Tech: Tech Innovators in Preemptive Cybersecurity Report in the Preemptive Cybersecuirty Category.](https://securityboulevard.com/2025/01/veriti-mentioned-as-a-tech-innovator-in-the-2025-gartner-emerging-tech-tech-innovators-in-preemptive-cybersecurity-report-in-the-preemptive-cybersecuirty-category/) + - [ ] [Simplifying Compliance in the Complex U.S. FinServ Regulatory Landscape](https://securityboulevard.com/2025/01/simplifying-compliance-in-the-complex-u-s-finserv-regulatory-landscape/) + - [ ] [How a Large Healthcare Company Slashed Their Secrets Incidents by Half](https://securityboulevard.com/2025/01/how-a-large-healthcare-company-slashed-their-secrets-incidents-by-half/) + - [ ] [DEF CON 32 – Small Satellite Modeling and Defender Software](https://securityboulevard.com/2025/01/def-con-32-small-satellite-modeling-and-defender-software-2/) + - [ ] [Smart Spatial and Hyperview Unite to Take Data Centers to the Next Level](https://securityboulevard.com/2025/01/smart-spatial-and-hyperview-unite-to-take-data-centers-to-the-next-level/) +- Trustwave Blog + - [ ] [Upcoming Trustwave SpiderLabs Report Investigates Threats Against the Energy and Utilities Sector](https://www.trustwave.com/en-us/resources/blogs/trustwave-blog/upcoming-trustwave-spiderlabs-report-investigates-threats-against-the-energy-and-utilities-sector/) +- 安全客-有思想的安全新媒体 + - [ ] [360年度勒索软件报告请查收:AI“催生”天价赎金危机](https://www.anquanke.com/post/id/303576) + - [ ] [CVE-2024-9042:在 Kubernetes Windows 节点中发现代码执行漏洞](https://www.anquanke.com/post/id/303573) + - [ ] [CVE-2025-23042 (CVSS 9.1): Gradio 修补了流行机器学习平台中的关键 ACL 旁路漏洞](https://www.anquanke.com/post/id/303570) + - [ ] [超过 66 万台 Rsync 服务器受到代码执行攻击](https://www.anquanke.com/post/id/303567) + - [ ] [思科发布人工智能防御系统,抵御模型安全风险](https://www.anquanke.com/post/id/303564) + - [ ] [俄克拉荷马州提出比特币战略储备法案](https://www.anquanke.com/post/id/303561) + - [ ] [微软将于十月终止对 Windows 10 上 Office 应用程序的支持](https://www.anquanke.com/post/id/303558) + - [ ] [黑客利用Google Search广告窃取Google Ads帐户](https://www.anquanke.com/post/id/303555) + - [ ] [黑色巴斯塔式网络攻击 90 分钟内向收件箱发送 1,165 封电子邮件](https://www.anquanke.com/post/id/303552) + - [ ] [SAP 修复 NetWeaver 应用服务器中的关键漏洞](https://www.anquanke.com/post/id/303549) +- Tenable Blog + - [ ] [New Cybersecurity Executive Order: What It Means for Federal Agencies](https://www.tenable.com/blog/new-cybersecurity-executive-order-what-it-means-for-federal-agencies) +- Google Online Security Blog + - [ ] [OSV-SCALIBR: A library for Software Composition Analysis](http://security.googleblog.com/2025/01/osv-scalibr-library-for-software.html) +- Doonsec's feed + - [ ] [中国APP攻陷美国](https://mp.weixin.qq.com/s?__biz=MzkwMzI1ODUwNA==&mid=2247487822&idx=1&sn=08ec2dec88cfefd75d64bb05d64681f4) + - [ ] [CSDN NB!!!](https://mp.weixin.qq.com/s?__biz=Mzg3MTE0NTg4OQ==&mid=2247484145&idx=1&sn=9707b33311207262bedee6cdedd1f4a3) + - [ ] [软考信安(五)](https://mp.weixin.qq.com/s?__biz=MzkzMjYzOTc5NQ==&mid=2247484672&idx=1&sn=f4ab8d1a56765d02166ddf40dc3c453b) + - [ ] [SharpScan: 内网资产扫描工具](https://mp.weixin.qq.com/s?__biz=MzU2MTc4NTEyNw==&mid=2247486296&idx=1&sn=806c15e88353abd397dccabb76927b77) + - [ ] [2025年,我们尝试为实战能力赋能做点推动](https://mp.weixin.qq.com/s?__biz=Mzg4MDkyMTE4OQ==&mid=2247488992&idx=1&sn=c3472a8dcec51704e7257f1d55ac0bf2) + - [ ] [TikTok禁令倒计时](https://mp.weixin.qq.com/s?__biz=MzI3MDY0Nzg1Nw==&mid=2247489463&idx=1&sn=0ddd529420f80f2d51d777860f143685) + - [ ] [公众号2024年度回顾](https://mp.weixin.qq.com/s?__biz=MzU1NjczNjA0Nw==&mid=2247486233&idx=1&sn=292dce339e7afa224eb541aca3f2e23d) + - [ ] [排版神器之Markdown Nice](https://mp.weixin.qq.com/s?__biz=Mzk1NzI2NDQyMw==&mid=2247484215&idx=1&sn=3646a1d963934f45a7c284e0a946a436) + - [ ] [简单操作几下就可以实现在微信群聊点歌](https://mp.weixin.qq.com/s?__biz=Mzg3MTY3NzUwMQ==&mid=2247490254&idx=1&sn=4387d226daf848daa9c396c791db156b) + - [ ] [美国会很快封杀小红书吗?](https://mp.weixin.qq.com/s?__biz=MzU1NjgzOTAyMg==&mid=2247522933&idx=3&sn=98036ed8b9e52304f3ac6cda4eae78fb) + - [ ] [我认为最好的威胁和风险关系模型,蚂蚁集团韦韬为什么不这么看?](https://mp.weixin.qq.com/s?__biz=MzAxOTk3NTg5OQ==&mid=2247492175&idx=1&sn=5ca001d900c874319dc7c70c87a53d32) + - [ ] [垂直越权,你只会替换 COOKIE ?啊、这、](https://mp.weixin.qq.com/s?__biz=Mzg3OTUxNTU2NQ==&mid=2247489991&idx=1&sn=4ee0dce8f2e3b4664001b5826924a483) + - [ ] [Python黑客工具库详解:10个让黑客效率提升10倍的神级库](https://mp.weixin.qq.com/s?__biz=MzI5MjY4MTMyMQ==&mid=2247489710&idx=1&sn=af7b0f143c0bfcef45855c3cafb9109a) + - [ ] [译文|韩国国家网络安全战略](https://mp.weixin.qq.com/s?__biz=MzkwMTMyMDQ3Mw==&mid=2247597488&idx=1&sn=b742395aa377ae841d5658003e035f50) + - [ ] [两会之声 | 人大代表李雪莹:强化安全体系,助力北京全球数字经济标杆城市建设](https://mp.weixin.qq.com/s?__biz=MzA3OTMxNTcxNA==&mid=2650960522&idx=1&sn=5121df2d76b035220e78b978d790d4ac) + - [ ] [国家数据基础设施建设的四个核心问题](https://mp.weixin.qq.com/s?__biz=MzkwMTMyMDQ3Mw==&mid=2247597488&idx=3&sn=4c7d930dfe77ef29904d787a139d6677) + - [ ] [安全简讯(2025.01.16)](https://mp.weixin.qq.com/s?__biz=MzkzNzY5OTg2Ng==&mid=2247500628&idx=1&sn=99a356fbab1b3b9c42d0f724fa99271e) + - [ ] [实战|拿下了自己学校的大屏幕](https://mp.weixin.qq.com/s?__biz=MzkxMzMyNzMyMA==&mid=2247569765&idx=2&sn=8cdde0bcc80f23fd58938ae6a1b4f361) + - [ ] [【吃瓜】u200b好消息,发年终奖了!坏消息,是员工给公司发的!](https://mp.weixin.qq.com/s?__biz=MzU3MjU4MjM3MQ==&mid=2247489663&idx=1&sn=1022a546269df3a7ea265a02353f11b7) + - [ ] [记某OA系统Ajax旧服务的0day漏洞挖掘](https://mp.weixin.qq.com/s?__biz=MzkzMzE5OTQzMA==&mid=2247485723&idx=1&sn=7c957b9f8d1e7a6f0094a12068b8720d) + - [ ] [【漏洞通告】FortiOS and FortiProxy身份验证绕过漏洞安全风险通告](https://mp.weixin.qq.com/s?__biz=MzU4NjY4MDAyNQ==&mid=2247496947&idx=1&sn=cfb80fee4820f74fe4d4da502d629282) + - [ ] [【漏洞通告】Ivanti Endpoint Manager多个信息泄露漏洞安全风险通告](https://mp.weixin.qq.com/s?__biz=MzU4NjY4MDAyNQ==&mid=2247496947&idx=2&sn=4d5f7bf05f88fe132cade2806d79c596) + - [ ] [江西教育在线疑似被删库!!!这可不能开玩笑](https://mp.weixin.qq.com/s?__biz=MzU2MjU2MzI3MA==&mid=2247484508&idx=1&sn=3793caf5f8c7b8ef5d3b3e6ef14a29af) + - [ ] [2024年反勒索软件行动分析](https://mp.weixin.qq.com/s?__biz=MzU2MjU2MzI3MA==&mid=2247484508&idx=2&sn=56dba8409470f69386b4a36666b1e850) + - [ ] [没有公网怎么访问家庭网络、NAS?免费无门槛,十分钟搞定!](https://mp.weixin.qq.com/s?__biz=MzU2MjU2MzI3MA==&mid=2247484508&idx=3&sn=691a9cba123fe29430ef29b3c2b6a103) + - [ ] [网安人的年度总结](https://mp.weixin.qq.com/s?__biz=Mzk0OTY2ODE1NA==&mid=2247484970&idx=1&sn=b3205215ccac49595accadd35fe0b802) + - [ ] [征文|《信息安全研究》2025年“机密计算”专题征文](https://mp.weixin.qq.com/s?__biz=MzA3NzgzNDM0OQ==&mid=2664992827&idx=1&sn=12351a7b4481dd065c24d1507589d012) + - [ ] [【业界动态】工信部发文加强互联网数据中心客户数据安全保护](https://mp.weixin.qq.com/s?__biz=MzA3NzgzNDM0OQ==&mid=2664992827&idx=2&sn=ffc6c77f065e24300395fecd2752f2f5) + - [ ] [国内外网络安全热点情报(2025年第2期)](https://mp.weixin.qq.com/s?__biz=MzkzNjM4ODc3OQ==&mid=2247485644&idx=1&sn=2678bf67645c7d5967844182840b4b34) + - [ ] [探讨 Poseidon 延展性攻击,可影响零知识证明应用的安全性](https://mp.weixin.qq.com/s?__biz=MzU4ODQ3NTM2OA==&mid=2247500936&idx=1&sn=433dc45041abe0603c4c00d7a3db7ced) + - [ ] [无问社区|春节大放送](https://mp.weixin.qq.com/s?__biz=MzkxNjQyODY5MA==&mid=2247486971&idx=1&sn=624b1d81c297cd2579d60bc1959721f2) + - [ ] [韩国总统尹锡悦被捕事件深度解读](https://mp.weixin.qq.com/s?__biz=MzkwNzM0NzA5MA==&mid=2247504090&idx=1&sn=e552539780ef7da02bd2a7ba6af4b128) + - [ ] [拜登政府末期全力推动加沙停火协议:复杂局势下的外交](https://mp.weixin.qq.com/s?__biz=MzkwNzM0NzA5MA==&mid=2247504090&idx=2&sn=fece80f58e66edb84cf6d282168aecb4) + - [ ] [2025,从读一本优秀的图书开始](https://mp.weixin.qq.com/s?__biz=MzA3NDE0NDUyNA==&mid=2650804752&idx=1&sn=aad52aa81ac9ee5fee0c724cf80b1d6b) + - [ ] [图解OSI七层模型,言简意赅!](https://mp.weixin.qq.com/s?__biz=MzIyMzIwNzAxMQ==&mid=2649464520&idx=1&sn=ef97d15e0bdfff6f43c101e609536b15) + - [ ] [业务上新|BytePlus开放测试](https://mp.weixin.qq.com/s?__biz=MzUzMzcyMDYzMw==&mid=2247494456&idx=1&sn=08dd5c76c4e63b643bf83e6e67376f72) + - [ ] [暗网情报:15,000多台FortiGate设备的配置和VPN凭据泄露](https://mp.weixin.qq.com/s?__biz=MzkyMjQ5ODk5OA==&mid=2247506836&idx=1&sn=a871fac7bf74d1c799e9679c9e3fce12) + - [ ] [诚邀渠道合作伙伴共启新征程](https://mp.weixin.qq.com/s?__biz=MzI3NjYzMDM1Mg==&mid=2247521662&idx=2&sn=a82fab2199cc8b53db07300512a91f88) + - [ ] [黑客在Windows系统下提权的20种主要姿势!](https://mp.weixin.qq.com/s?__biz=Mzk0MzY1NDc2MA==&mid=2247484250&idx=1&sn=adcc04e14f1f9e181205110f8bf6c0ef) + - [ ] [网安认证指南:穿越认证丛林,开启职业坦途](https://mp.weixin.qq.com/s?__biz=MzU4NDExNDQwNA==&mid=2247489889&idx=1&sn=03b458260a1a89a7973c8ea2a099d8f0) + - [ ] [网络安全实战练习资源整合](https://mp.weixin.qq.com/s?__biz=MzkyMzg4MTY4Ng==&mid=2247484590&idx=1&sn=9aeca055dcc662ea4cc63b9219559bc9) + - [ ] [数据经纪商Gravy Analytics遭黑客攻击 数百万用户位置信息泄露](https://mp.weixin.qq.com/s?__biz=MzIwNzAwOTQxMg==&mid=2652251218&idx=1&sn=c179c7c00ec35fb67ad2420914827b89) + - [ ] [美国CISA将Fortinet FortiOS列入已知漏洞目录](https://mp.weixin.qq.com/s?__biz=MzU0MjE2Mjk3Ng==&mid=2247488407&idx=1&sn=9f14c87a5bd0069bcb81779ce3d4c4d2) + - [ ] [全面理解数据字化时代的网络安全](https://mp.weixin.qq.com/s?__biz=MzUzNjkxODE5MA==&mid=2247488067&idx=1&sn=11730602b3512d2291c9cd323eb5f1b9) + - [ ] [一款图形化的代码审计工具](https://mp.weixin.qq.com/s?__biz=MzU2NzY5MzI5Ng==&mid=2247504768&idx=1&sn=c7739c819a858a3fb7d89c7807ba2f5e) + - [ ] [仅退款的正确用法](https://mp.weixin.qq.com/s?__biz=MzkyNzIxMjM3Mg==&mid=2247488941&idx=2&sn=75554bc5d9be3c252a69819f06a34fd2) + - [ ] [21094_ctfshow_misc_迷惑行为大赏(之)无中生you_菜鸡杯xa0writeup](https://mp.weixin.qq.com/s?__biz=MzU2NzIzNzU4Mg==&mid=2247489494&idx=1&sn=01d30ab0c4610de825aeb2a146dce749) + - [ ] [安全圈年底跳槽招人!](https://mp.weixin.qq.com/s?__biz=MzAwMjA5OTY5Ng==&mid=2247525609&idx=1&sn=e4ca144fa5af39781a932d6c5d616620) + - [ ] [工作中,少空想多行动](https://mp.weixin.qq.com/s?__biz=MzU4NjY3OTAzMg==&mid=2247514778&idx=1&sn=84d1c105550a3f883dcd811fca17bde2) + - [ ] [如何保护企业员工免受基于身份的攻击](https://mp.weixin.qq.com/s?__biz=MzU4NjY3OTAzMg==&mid=2247514778&idx=2&sn=be9f4625665303015ba2732ca3c0c688) + - [ ] [哔哩哔哩网页端疑似曝出存储型XSS漏洞](https://mp.weixin.qq.com/s?__biz=MzU5MjgwMDg1Mg==&mid=2247484697&idx=1&sn=41f33dac5bec6ee1a38fe28b75e95977) + - [ ] [全球最早的勒索病毒以及勒索病毒攻击活动](https://mp.weixin.qq.com/s?__biz=MzA4ODEyODA3MQ==&mid=2247490009&idx=2&sn=af11ef8f497a3070ea6fe5ef688cdcbe) + - [ ] [Babuk勒索病毒攻击](https://mp.weixin.qq.com/s?__biz=MzA4ODEyODA3MQ==&mid=2247490009&idx=3&sn=55ecf2eeea1924914478f985389b495e) + - [ ] [AvosLocker恶意病毒攻击](https://mp.weixin.qq.com/s?__biz=MzA4ODEyODA3MQ==&mid=2247490009&idx=4&sn=183fc1d996f53449e72e5616cfbc64c5) + - [ ] [【oscp】Node](https://mp.weixin.qq.com/s?__biz=Mzg2Nzk0NjA4Mg==&mid=2247497975&idx=1&sn=278c0ccc74de00ab14f9b6ce5882a0c4) + - [ ] [干货福利放送:ISO/IEC 27001:2022 培训课程直播计划1.22 – 1.25](https://mp.weixin.qq.com/s?__biz=MzA5OTEyNzc1Nw==&mid=2247485941&idx=1&sn=23c992137d4fcad435b191198b14fb48) + - [ ] [ISO 14001: 2015 标准详解与实施(11)6.1.4 措施的策划](https://mp.weixin.qq.com/s?__biz=MzA5OTEyNzc1Nw==&mid=2247485941&idx=2&sn=d9494bf6b2f51efd007dfb662cf2c074) + - [ ] [暗网情报:涉某电信运营商巨头、赌博平台](https://mp.weixin.qq.com/s?__biz=MzkyMjQ5ODk5OA==&mid=2247506826&idx=1&sn=646c100aff317bc3bd44b7e73b6b1e60) + - [ ] [AutoFilm:连接Alist,为Emby/Jellyfin提供Strm直链播放](https://mp.weixin.qq.com/s?__biz=MzA4MjkzMTcxMg==&mid=2449046691&idx=1&sn=d24c3ad465e8e74457d5e21204adadc0) + - [ ] [从302到RCE,拿shell就像喝水一样简单](https://mp.weixin.qq.com/s?__biz=Mzg3NzkwMTYyOQ==&mid=2247488263&idx=1&sn=269b6a44555f773dd66be01cffb6ef76) + - [ ] [喜报!炼石入选北京市知识产权试点单位](https://mp.weixin.qq.com/s?__biz=MzkyNzE5MDUzMw==&mid=2247568533&idx=1&sn=c78448a9651bb3f8b2c0f5cac1208d7f) + - [ ] [最新kali2024.4保姆级安装教程,附换源、汉化、中文输入法、解决root用户无法登录问题等,附打包好的vm文件下载地址](https://mp.weixin.qq.com/s?__biz=Mzk1NzE0ODk3Nw==&mid=2247490258&idx=1&sn=86fe8c70b8f874a5e010b13bc99bd2cc) + - [ ] [2024年值得赞赏的开源安全项目收集](https://mp.weixin.qq.com/s?__biz=MzU1NDkwMzAyMg==&mid=2247502661&idx=1&sn=008900b107c89bec896eef97714da8e8) + - [ ] [年度管理随笔](https://mp.weixin.qq.com/s?__biz=Mzg2MDc0NTIxOQ==&mid=2247484717&idx=1&sn=5f92532a5420c592a133bc8364b5cc17) + - [ ] [文件包含漏洞从入门到精通](https://mp.weixin.qq.com/s?__biz=MzU2NDY2OTU4Nw==&mid=2247518316&idx=1&sn=b954fbb2f35fff3cfba2f1951d3c827b) + - [ ] [你们都是开玩笑,他才是真的](https://mp.weixin.qq.com/s?__biz=MzkxNzY5MTg1Ng==&mid=2247485494&idx=1&sn=44806adf358814ac0fdf3acaec2f4250) + - [ ] [【相关分享】记一次小程序支付逻辑漏洞](https://mp.weixin.qq.com/s?__biz=Mzk0OTUwNTU5Nw==&mid=2247488515&idx=1&sn=305bbcdc6b74a5b775bcad8028dbd7f1) + - [ ] [分享图片](https://mp.weixin.qq.com/s?__biz=MzI3Njc1MjcxMg==&mid=2247494255&idx=1&sn=21acb34ae1b3837ab16a8b0506d3516f) + - [ ] [漏扫工具 -- hscan](https://mp.weixin.qq.com/s?__biz=MzI4MDQ5MjY1Mg==&mid=2247515611&idx=1&sn=ea7441c1db522c42ed9a0165e6617cf8) + - [ ] [CTF赛前指导 -- 流量取证](https://mp.weixin.qq.com/s?__biz=MzI4MDQ5MjY1Mg==&mid=2247515611&idx=2&sn=119c6d1c1b2b6c381941e8fc3319e9a4) + - [ ] [API漏洞挖掘神器API_kit的二开版本|Burp Suite 插件](https://mp.weixin.qq.com/s?__biz=Mzg3ODE2MjkxMQ==&mid=2247489927&idx=1&sn=4585f639e37390f637445498148b70f7) + - [ ] [让\"WAF绕过\"变得简单 -- x-waf(V0.2)](https://mp.weixin.qq.com/s?__biz=MzU3NzY3MzYzMw==&mid=2247499165&idx=1&sn=30ee5801ed9925a615b9171f265585ed) + - [ ] [CTF赛前指导 -- 文件上传漏洞&一句话木马](https://mp.weixin.qq.com/s?__biz=MzU3NzY3MzYzMw==&mid=2247499165&idx=2&sn=1bcea16d2d17f234caf752fcf51a3d66) + - [ ] [三个阶段阻止DDoS攻击](https://mp.weixin.qq.com/s?__biz=Mzg2NjY2MTI3Mg==&mid=2247498219&idx=1&sn=7968756bf7e19003e4ff18396be8c3c8) + - [ ] [2025年值得关注的网络安全趋势](https://mp.weixin.qq.com/s?__biz=Mzg2NjY2MTI3Mg==&mid=2247498219&idx=2&sn=e2336a616bf941d074da171e51db5da3) + - [ ] [英国考虑禁止支付勒索软件费用](https://mp.weixin.qq.com/s?__biz=MzA5MzU5MzQzMA==&mid=2652113973&idx=1&sn=09d4b3e0d13f4ea9c16aad1b297cb084) + - [ ] [国家发展改革委等部门印发《关于完善数据流通安全治理 更好促进数据要素市场化价值化的实施方案》的通知](https://mp.weixin.qq.com/s?__biz=MzA5MzU5MzQzMA==&mid=2652113973&idx=2&sn=ef53cb3a6fde363046d710893ac7eed1) +- 安全脉搏 + - [ ] [DataCube 漏洞小结](https://www.secpulse.com/archives/205081.html) + - [ ] [记某次攻防演练:大战UEditor并突破](https://www.secpulse.com/archives/205162.html) +- Blog - AppSec Labs + - [ ] [Still Using SSRF to Take Over Cloud Deployments Once Again](https://appsec-labs.com/still-using-ssrf-to-take-over-cloud-deployments-once-again/) +- 一个被知识诅咒的人 + - [ ] [用Python管理Docker容器:从docker-py到自动化部署的全面指南](https://blog.csdn.net/nokiaguy/article/details/145180393) + - [ ] [Python在DevOps中的应用:自动化CI/CD管道的实现](https://blog.csdn.net/nokiaguy/article/details/145180389) +- 嘶吼 RoarTalk – 网络安全行业综合服务平台,4hou.com + - [ ] [个人信息安全三重防线(上):App隐私合规检测、PIA认证与个保合规审计](https://www.4hou.com/posts/BvXo) + - [ ] [正式签约!360为宁波城市大模型发展注入新动能](https://www.4hou.com/posts/42vJ) + - [ ] [国家计算机病毒应急处理中心监测发现16款违规移动应用](https://www.4hou.com/posts/33rp) + - [ ] [Nuclei 漏洞允许恶意模板绕过签名验证](https://www.4hou.com/posts/xyjP) +- Private Feed for M09Ic + - [ ] [mgeeky starred MISP/misp-docker](https://github.com/MISP/misp-docker) + - [ ] [mgeeky starred MISP/PyMISP](https://github.com/MISP/PyMISP) + - [ ] [mgeeky starred MISP/MISP](https://github.com/MISP/MISP) + - [ ] [gh0stkey starred clash-verge-rev/clash-verge-rev](https://github.com/clash-verge-rev/clash-verge-rev) + - [ ] [Ridter starred yint-tech/sekiro-samples](https://github.com/yint-tech/sekiro-samples) + - [ ] [Ridter starred Nutlope/logocreator](https://github.com/Nutlope/logocreator) + - [ ] [zer0yu starred lencx/Noi](https://github.com/lencx/Noi) + - [ ] [zer0yu started following theMackabu](https://github.com/theMackabu) + - [ ] [wuhan005 starred Nutlope/logocreator](https://github.com/Nutlope/logocreator) + - [ ] [4ra1n starred saoshao/DetSql](https://github.com/saoshao/DetSql) + - [ ] [zer0yu starred Nutlope/logocreator](https://github.com/Nutlope/logocreator) + - [ ] [boy-hack starred empijei/wapty](https://github.com/empijei/wapty) + - [ ] [4ra1n starred verhas/License3j](https://github.com/verhas/License3j) + - [ ] [gh0stkey starred ventoy/Ventoy](https://github.com/ventoy/Ventoy) + - [ ] [Y4er starred Archeb/opentrace](https://github.com/Archeb/opentrace) + - [ ] [0xbug starred pyper-dev/pyper](https://github.com/pyper-dev/pyper) + - [ ] [glzjin starred composecraft/docker-compose-lib](https://github.com/composecraft/docker-compose-lib) + - [ ] [zema1 starred 0xCaner/DoH-ECH-Demo](https://github.com/0xCaner/DoH-ECH-Demo) + - [ ] [zema1 starred saoshao/DetSql](https://github.com/saoshao/DetSql) + - [ ] [CHYbeta starred yint-tech/sekiro-open](https://github.com/yint-tech/sekiro-open) + - [ ] [zer0yu started following leonjza](https://github.com/leonjza) + - [ ] [zema1 starred ljc545w/ComWeChatRobot](https://github.com/ljc545w/ComWeChatRobot) + - [ ] [zer0yu starred xnl-h4ck3r/knoxnl](https://github.com/xnl-h4ck3r/knoxnl) + - [ ] [zer0yu started following K1sna](https://github.com/K1sna) + - [ ] [yzddmr6 started following lintstar](https://github.com/lintstar) +- obaby@mars + - [ ] [不再可用](https://h4ck.org.cn/2025/01/19004) +- GuidePoint Security + - [ ] [Unveiling the GRIT 2025 Ransomware and Cyber Threat Report](https://www.guidepointsecurity.com/blog/unveiling-the-grit-2025-ransomware-and-cyber-threat-report/) +- blog.avast.com EN + - [ ] [Super bowl scams—How to avoid getting sacked by cybercriminals](https://blog.avast.com/super-bowl-ticket-scams) +- NVISO Labs + - [ ] [Detecting Teams Chat Phishing Attacks (Black Basta)](https://blog.nviso.eu/2025/01/16/detecting-teams-chat-phishing-attacks-black-basta/) +- SentinelOne + - [ ] [New Possibilities with Purple AI | Third-Party Log Sources & Multilingual Question Support](https://www.sentinelone.com/blog/unlocking-new-possibilities-with-purple-ai-new-log-sources-and-multilingual-support/) +- CCC Event Blog + - [ ] [Easterhegg 2025: Call for Participation](https://events.ccc.de/2025/01/16/easterhegg-2025-call-for-participation/) +- Dancho Danchev's Blog - Mind Streams of Information Security Knowledge + - [ ] [A Peek Inside the Current State of BitCoin Exchanges](https://ddanchev.blogspot.com/2025/01/a-peek-inside-current-state-of-bitcoin_17.html) + - [ ] [A Peek Inside the Current State of BitCoin Mixers](https://ddanchev.blogspot.com/2025/01/a-peek-inside-current-state-of-bitcoin.html) + - [ ] [Profiling the iSpoof Cybercrime Enterprise](https://ddanchev.blogspot.com/2025/01/profiling-ispoof-cybercrime-enterprise.html) + - [ ] [Profiling a Currently Active Portfolio of High-Profile Cybercriminal Jabber and XMPP Accounts Including Email Address Accounts - Part Six](https://ddanchev.blogspot.com/2025/01/profiling-currently-active-portfolio-of.html) + - [ ] [New Project - Malware C&C Domains Offensive Network Reconnaissance Monitoring Project](https://ddanchev.blogspot.com/2025/01/new-project-malware-c-domains-offensive.html) + - [ ] [New Project - 419 Scam Domains WHOIS Registrar Monitoring Project](https://ddanchev.blogspot.com/2025/01/new-project-419-scam-domains-whois.html) + - [ ] [Happy New Year](https://ddanchev.blogspot.com/2025/01/happy-new-year.html) + - [ ] [Dancho Danchev's Testimony on “How Facebook Today's Meta Failed To Protect Its Users and React To The Koobface Botnet And What We Should Do About It?”](https://ddanchev.blogspot.com/2025/01/dancho-danchevs-testimony-on-how.html) +- Malwarebytes + - [ ] [Avery had credit card skimmer stuck on its site for months](https://www.malwarebytes.com/blog/news/2025/01/avery-had-credit-card-skimmer-stuck-on-its-site-for-months) + - [ ] [PlugX malware deleted from thousands of systems by FBI](https://www.malwarebytes.com/blog/news/2025/01/plugx-malware-deleted-from-thousands-of-systems-by-fbi) +- daniel.haxx.se + - [ ] [Presentation: curl from start to end](https://daniel.haxx.se/blog/2025/01/16/presentation-curl-from-start-to-end/) +- HackerNews + - [ ] [标签巨头艾利公司称网站遭黑客入侵以窃取信用卡信息](https://hackernews.cc/archives/56936) + - [ ] [米克罗提克僵尸网络利用配置错误的 SPF DNS 记录传播恶意软件](https://hackernews.cc/archives/56933) + - [ ] [SAP 修复 NetWeaver 应用服务器中的关键漏洞](https://hackernews.cc/archives/56930) + - [ ] [SimpleHelp 重大漏洞:可导致文件窃取、权限提升和远程代码执行攻击](https://hackernews.cc/archives/56927) + - [ ] [谷歌云研究人员发现 Rsync 文件同步工具漏洞](https://hackernews.cc/archives/56924) + - [ ] [FBI 在数月行动中从 4250 台被黑电脑中删除 PlugX 恶意软件](https://hackernews.cc/archives/56922) +- 奇客Solidot–传递最新科技情报 + - [ ] [RISC-V 开发商算能公司被美国列入实体名单](https://www.solidot.org/story?sid=80353) + - [ ] [Blue Origin 的重型火箭 New Glenn 首次抵达轨道](https://www.solidot.org/story?sid=80352) + - [ ] [Proton CEO 拥抱特朗普引发争议](https://www.solidot.org/story?sid=80351) + - [ ] [动视对微软 Xbox Game Pass 订阅量增加帮助不大](https://www.solidot.org/story?sid=80350) + - [ ] [日英意下一代战斗机计划本年内开始制造试制机](https://www.solidot.org/story?sid=80349) + - [ ] [新泽西州州长呼吁 K-12 学校禁止学生使用手机](https://www.solidot.org/story?sid=80348) + - [ ] [英特尔开源 Tofino P4 软件](https://www.solidot.org/story?sid=80347) + - [ ] [LinkedIn 用 AI 劝阻求职者不要申请不符合条件的职位](https://www.solidot.org/story?sid=80346) + - [ ] [深圳大疆让无人机操作人员决定是否在禁飞区飞行](https://www.solidot.org/story?sid=80345) + - [ ] [Telegram 关闭 Z-Library 和 Anna's Archive 频道](https://www.solidot.org/story?sid=80344) +- 安全牛 + - [ ] [六部门印发《关于完善数据流通安全治理 更好促进数据要素市场化价值化的实施方案》;TikTok在美关停在即,特朗普有意挽救 |牛览](https://mp.weixin.qq.com/s?__biz=MjM5Njc3NjM4MA==&mid=2651134747&idx=1&sn=7fb3c006d6af7e55e5391cf29e23164d&chksm=bd15abc88a6222deeb8ad366d3d93a2396148eabc4910de5027d5eeed07370fd3917a1d9f3a8&scene=58&subscene=0#rd) + - [ ] [精彩汇集,业务宝典:《2024安全牛百篇文章精选集》发布](https://mp.weixin.qq.com/s?__biz=MjM5Njc3NjM4MA==&mid=2651134747&idx=2&sn=643272181de389de86be6fc5e58c5448&chksm=bd15abc88a6222dee2a597f0f61ec3c1636d98ae8d8fb53c35744aa517a4ce301c222ae8e804&scene=58&subscene=0#rd) +- 绿盟科技技术博客 + - [ ] [【漏洞通告】Rsync缓冲区溢出与信息泄露漏洞(CVE-2024-12084/CVE-2024-12085)通告](https://blog.nsfocus.net/cve-2024-12084-cve-2024/) +- 黑海洋 - IT技术知识库 + - [ ] [Raphael AI:几秒生成图像(无限制)](https://blog.upx8.com/4666) + - [ ] [完美解决软路由openwrt分流问题:chinadns + xray + iptables](https://blog.upx8.com/4665) +- Shostack & Friends Blog + - [ ] [Lessons for Cybersecurity from the American Public Health System](https://shostack.org/blog/lessons-for-cyber-from-the-public-health-system/) +- 锦行科技 + - [ ] [喜讯 | 锦行科技连续两年荣获广州大学网络空间安全学院 “优秀合作企业奖”!](https://mp.weixin.qq.com/s?__biz=MzIxNTQxMjQyNg==&mid=2247493674&idx=1&sn=e4f389bf7f5896a23f762b851bf62e88&chksm=979a138fa0ed9a99007d6e8999e8d429298d74dde4a2cb23fa82fa60897128f6c0165b45e150&scene=58&subscene=0#rd) + - [ ] [锦行科技入选“2024网络安全TOP50榜单”!](https://mp.weixin.qq.com/s?__biz=MzIxNTQxMjQyNg==&mid=2247493674&idx=2&sn=4ce09cf88bd39c0cb840c1949aab8b51&chksm=979a138fa0ed9a9996e6872943c2861e53b3470eb9c2f66e0a54646045bfa22943afbb4cca9f&scene=58&subscene=0#rd) +- Reverse Engineering + - [ ] [Reverse Engineering Conference happening this February in Orlando!](https://www.reddit.com/r/ReverseEngineering/comments/1i2yah6/reverse_engineering_conference_happening_this/) + - [ ] [Release of IDA Python script helper (community_base.py)](https://www.reddit.com/r/ReverseEngineering/comments/1i2brvi/release_of_ida_python_script_helper_community/) +- FreeBuf网络安全行业门户 + - [ ] [FreeBuf早报 | 泰国总理遭遇电诈;腾讯回应用户被异地刷脸支付成功](https://www.freebuf.com/news/420003.html) + - [ ] [最好用的文件同步工具曝6个严重漏洞,可执行远程代码](https://www.freebuf.com/news/419987.html) + - [ ] [Palo Alto Networks防火墙迁移工具曝多个关键漏洞,可泄露明文密码](https://www.freebuf.com/news/419970.html) + - [ ] [Fortinet新的零日漏洞被黑客利用](https://www.freebuf.com/news/419968.html) + - [ ] [Google Ads用户成恶意广告诈骗新目标,凭据及双因素认证码被盗](https://www.freebuf.com/articles/419985.html) +- 代码卫士 + - [ ] [Ivanti修复Endpoint Manager中的多个严重漏洞](https://mp.weixin.qq.com/s?__biz=MzI2NTg4OTc5Nw==&mid=2247522089&idx=1&sn=a04239b89ce2032e8e28b49d05782135&chksm=ea94a643dde32f55fd65e0ec66115b17b1cfe6c18f35bb55ece3c45dfce09c46bdf368f9009f&scene=58&subscene=0#rd) + - [ ] [SimpleHelp 多个严重漏洞可导致文件窃取、提权和RCE攻击](https://mp.weixin.qq.com/s?__biz=MzI2NTg4OTc5Nw==&mid=2247522089&idx=2&sn=46178e7445995e2b3a605d7fd3c37a93&chksm=ea94a643dde32f5500a0b9ba085731e8b6fcd21c96d42f6dbb5597cd5ac92f61c77907616c88&scene=58&subscene=0#rd) +- 看雪学苑 + - [ ] [【Windows 内核基础篇】-内核入门-段基础](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458588707&idx=1&sn=d94feda75be18bc50c1a4e1b3e8562dc&chksm=b18c26a986fbafbf5d4bae96661feee0121f0b4a7d68ec53bf20422ad8be57c2d8885cbde9a1&scene=58&subscene=0#rd) + - [ ] [Palo Alto Networks Expedition 工具曝关键漏洞,明文密码或泄露](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458588707&idx=2&sn=d8b388917808b4ab77f7526a37a8f228&chksm=b18c26a986fbafbfafefb07442a2524806b1f3c1598ea59eff936f42c6f1d5c9c7346e8eb91e&scene=58&subscene=0#rd) + - [ ] [Windows内核漏洞分析与EXP编写技巧](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458588707&idx=3&sn=e956cfff8deabe1f7326baacac64eef9&chksm=b18c26a986fbafbf0481872368b731450bf7c0dd4efa35180ae1fdcb91d09ff87bfcfda869c7&scene=58&subscene=0#rd) +- 安全内参 + - [ ] [首个AI驱动的勒索软件组织:大模型生成代码、聊天机器人自主运营](https://mp.weixin.qq.com/s?__biz=MzI4NDY2MDMwMw==&mid=2247513518&idx=1&sn=fe28a4824b27c5537d65babed6d5c44f&chksm=ebfaf28edc8d7b9869d2b2b4b8daeb1905fb01803f567a2477bfe3f226caaea259ca1fa79638&scene=58&subscene=0#rd) + - [ ] [微信支付存漏洞?用户被异地刷脸支付成功,官方回应](https://mp.weixin.qq.com/s?__biz=MzI4NDY2MDMwMw==&mid=2247513518&idx=2&sn=e3691228661dd921114c81bc336d3c7a&chksm=ebfaf28edc8d7b987cbca67e7facee84ece62bb9db75aeb0b865aafa069342f157193c760e9b&scene=58&subscene=0#rd) +- 长亭安全应急响应中心 + - [ ] [【已复现】Fortinet FortiOS/FortiProxy 认证绕过漏洞(CVE-2024-55591)](https://mp.weixin.qq.com/s?__biz=MzIwMDk1MjMyMg==&mid=2247492698&idx=1&sn=31b2a6d8629fb3f69e5a9c159e42c650&chksm=96f7fb37a1807221e222b2e62698c88569521b9b0ec86deebfe7d0dab53b302b142b23b9358f&scene=58&subscene=0#rd) +- 腾讯玄武实验室 + - [ ] [每日安全动态推送(25/1/16)](https://mp.weixin.qq.com/s?__biz=MzA5NDYyNDI0MA==&mid=2651959990&idx=1&sn=30d3c830c7207583d9ca8e9c9d4c9c7e&chksm=8baed229bcd95b3f6fe66b785e1c1c07b4d0cf4020f57121b573a83bde1e49c0b789ff02fde0&scene=58&subscene=0#rd) +- 吾爱破解论坛 + - [ ] [征集吾爱破解论坛微信红包封面设计](https://mp.weixin.qq.com/s?__biz=MjM5Mjc3MDM2Mw==&mid=2651141557&idx=1&sn=91d30c43aac8a1110c1286d481927d35&chksm=bd50a5e18a272cf785cf136f38cddd5c40d02b83fc5d168b8863afaed962fdca39e2f5aa7e1b&scene=58&subscene=0#rd) +- Black Hills Information Security + - [ ] [One Active Directory Account Can Be Your Best Early Warning](https://www.blackhillsinfosec.com/one-active-directory-account-can-be-your-best-early-warning/) +- 威努特安全网络 + - [ ] [追逐国产化发展新浪潮,助力长航自主可控安全体系建设](https://mp.weixin.qq.com/s?__biz=MzAwNTgyODU3NQ==&mid=2651130378&idx=1&sn=8b069880e459491f3fddd6240c7b6f5e&chksm=80e710bab79099ac2d06407cf67ff5e9e36adae2361ee1b6b1cac0a2edfc4407bef4a522aca6&scene=58&subscene=0#rd) +- 奇安信 CERT + - [ ] [奇安信集团2025年01月补丁库更新通告-第一次更新](https://mp.weixin.qq.com/s?__biz=MzU5NDgxODU1MQ==&mid=2247502851&idx=1&sn=7f2bbf94f6a150066e8b83295b2969dc&chksm=fe79e89bc90e618d32ddc7a6e1890807a83f451da51d9b64113505750e5d57cda9740e43f62c&scene=58&subscene=0#rd) +- 丁爸 情报分析师的工具箱 + - [ ] [【资料】情报分析的应用思维 :从业者指南](https://mp.weixin.qq.com/s?__biz=MzI2MTE0NTE3Mw==&mid=2651148536&idx=1&sn=dbc7dff83031ab6b8004c22b387ea793&chksm=f1af27c2c6d8aed465d513db940dfb4aa0d8037c31b60cb7a6e20ae396904b5875269b05a4fa&scene=58&subscene=0#rd) +- 微步在线研究响应中心 + - [ ] [Rsync修复数个高危漏洞,两个RCE需要重点关注](https://mp.weixin.qq.com/s?__biz=Mzg5MTc3ODY4Mw==&mid=2247507685&idx=1&sn=f6f13d9e6ca46b986c4c17ce7424d252&chksm=cfcabdf1f8bd34e7a4bb18b1d16702e6a4feb5c65a3c5642728ea446c51edaaba876ffe2c928&scene=58&subscene=0#rd) +- 绿盟科技CERT + - [ ] [【漏洞通告】Rsync缓冲区溢出与信息泄露漏洞(CVE-2024-12084/CVE-2024-12085)](https://mp.weixin.qq.com/s?__biz=Mzk0MjE3ODkxNg==&mid=2247488860&idx=1&sn=d1d87ac982c32f01e05fc74e29efccff&chksm=c2c64257f5b1cb416e9fd6d3a45e35247f42e76947e51170f466288638bc9ff50a5e290f30c1&scene=58&subscene=0#rd) +- dotNet安全矩阵 + - [ ] [.NET 内网横向移动,通过模拟用户令牌实现远程权限提升](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498252&idx=1&sn=cf0ab90b357c9de769fa264d92b5d3db&chksm=fa5954e1cd2eddf79d8bdfb7da7b322787b306361d64639876956062b76e3e3e827960b2bbb5&scene=58&subscene=0#rd) + - [ ] [国内最专业、最全面的 [ .NET 代码审计 ] 体系化学习交流社区](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498252&idx=2&sn=1482f0c46b8108d2d17d067aa5a82739&chksm=fa5954e1cd2eddf7a9f0115b6b81ec954b2000fc15ff35f05fdecc531bd61d4087ff091e4c9a&scene=58&subscene=0#rd) + - [ ] [.NET 实战中批量获取数据库凭据的工具](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498252&idx=3&sn=a2cb571fb0ac54647dc4f5ae74194aa4&chksm=fa5954e1cd2eddf72a8664ea41621ed2a2c0d089b2d4c7dad4be2ea79878ad831fbc5dbbced8&scene=58&subscene=0#rd) +- 慢雾科技 + - [ ] [探讨 Poseidon 延展性攻击,可影响零知识证明应用的安全性](https://mp.weixin.qq.com/s?__biz=MzU4ODQ3NTM2OA==&mid=2247500936&idx=1&sn=433dc45041abe0603c4c00d7a3db7ced&chksm=fddeba0fcaa9331903775c679192d7df3cb0be4b43575a5ac854e2f5dd19fb7c3465ca2299cf&scene=58&subscene=0#rd) +- 微步在线 + - [ ] [银狐叒进化,溯源不了,清理不掉!](https://mp.weixin.qq.com/s?__biz=MzI5NjA0NjI5MQ==&mid=2650182999&idx=1&sn=ea90cb2b6d56950310409bf3e32feeb3&chksm=f4486eebc33fe7fd48e6aced8e580fe90c58251598b1cfd54c65b4a1d86832a3e3c23521c4a8&scene=58&subscene=0#rd) +- 58安全应急响应中心 + - [ ] [58集团|春节放假通知](https://mp.weixin.qq.com/s?__biz=MzU4NTMzNjU4Mw==&mid=2247490167&idx=1&sn=74d119b85e31259bf2ce342602ce9d4f&chksm=fd8d481fcafac109e3a81983cfc87fe697401620c1993eb92cd26311c65badd1e321668c51c1&scene=58&subscene=0#rd) +- 情报分析师 + - [ ] [【可视化】情报分析师教你如何辨别数据、信息和情报](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650558974&idx=1&sn=5cab57b2a1d0dd82507a737097ce3f2c&chksm=87117fb5b066f6a3cb6871541c268adf5cbe42afd9c93b1ea0100bfecb2ef227ba0ad25acff8&scene=58&subscene=0#rd) + - [ ] [缅甸诈骗产业链条:军阀、幕后大佬深度剖析](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650558974&idx=2&sn=0651bf621a409a62f4cc2de29da5da57&chksm=87117fb5b066f6a3e7585739b3ef800e3723ef179cc273ca78b610152178c990bffab28a5c04&scene=58&subscene=0#rd) +- 中国信息安全 + - [ ] [专题·人工智能安全治理 | 关于《人工智能安全治理框架》的解读与思考](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664234775&idx=1&sn=83ab940ab301a0f823a6e47ed7b51c15&chksm=8b59fdeebc2e74f8b7a174a9b5260fa421c3d74a9f3d3eef6564785924f1c7114ca46617dffc&scene=58&subscene=0#rd) + - [ ] [专家解读 | 魏亮:繁荣数据标注产业,赋能人工智能高质量发展](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664234775&idx=2&sn=df6cb8e9e959e150ba19c755ad71542c&chksm=8b59fdeebc2e74f87e89cb3871bfc40378b4ec75a027fa28f285e53e1fd4a5b83a838040e0a3&scene=58&subscene=0#rd) + - [ ] [CNNVD | 关于Fortinet FortiOS和FortiProxy安全漏洞的通报](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664234775&idx=3&sn=82b000440fa4c60ceae4b17d4472d670&chksm=8b59fdeebc2e74f8f1e114cc8a17881077bd3708e814560f198b1085ef506d998bb5bd1dec9b&scene=58&subscene=0#rd) + - [ ] [CNNVD | 关于微软多个安全漏洞的通报](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664234775&idx=4&sn=ec548ccac6f3d80540906533ca87ecf9&chksm=8b59fdeebc2e74f8c64ef4317b09ff932b30314e4bf6a8856a5aa49afbd1509722c124378ab7&scene=58&subscene=0#rd) + - [ ] [国际 | 全球产业各方强烈反对美国AI新限令](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664234775&idx=5&sn=e78991ce80797a2d231c237b288a0161&chksm=8b59fdeebc2e74f87507ad451c5da6ad2e961a19138f1f15a8a698c703959b7413eedc8f4faf&scene=58&subscene=0#rd) + - [ ] [发布 | 中国信通院发布《高质量大模型基础设施研究报告(2024年)》(附下载)](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664234775&idx=6&sn=673d2d303997d8b3ec28dab3c35e6269&chksm=8b59fdeebc2e74f8448eb96681ff2ef19be35ba4ea0cdb7022870c364d6bf20aa162fd349456&scene=58&subscene=0#rd) + - [ ] [公安部提示:警惕境外高薪招聘 避免落入电诈窝点](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664234775&idx=7&sn=a17f63056a3bfc0d3f5dc8e5bd566831&chksm=8b59fdeebc2e74f86114c487390974b20b8eb87fa964089e6574931fc1cc4da62b267bc45ed9&scene=58&subscene=0#rd) +- 安全圈 + - [ ] [【安全圈】2024年12月涉国内数据泄露事件汇总](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067407&idx=1&sn=47291e4d3be4fe5aba124eaf42090def&chksm=f36e7a0fc419f31979de403434ebbb3d4e9eb54623f6bea7eeee1c6ca71d85f271efbe2b4598&scene=58&subscene=0#rd) + - [ ] [【安全圈】TikTok计划本周日关停美国业务](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067407&idx=2&sn=c4ea18f86a062710556f1866f61a834d&chksm=f36e7a0fc419f31923da14b7bb88e95381f39c1784189c56b88853af1571446b91763d2b87a3&scene=58&subscene=0#rd) + - [ ] [【安全圈】超过 660,000 个 Rsync 服务器遭受代码执行攻击](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067407&idx=3&sn=8ab61dc14be99150b80875b0242ba5ee&chksm=f36e7a0fc419f31991628c4d2745df5c3bc235f99efb1f272830e57fe97a8ce3d84f7a21bcb2&scene=58&subscene=0#rd) + - [ ] [【安全圈】Fortinet 又被确认存在新的零日漏洞](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067407&idx=4&sn=0e43cb3c3a8763dcfcbd7b70a9d16464&chksm=f36e7a0fc419f319a7965eec0e32510033e5b2543bbe6ce51c54334af84e58c2c68a4a803549&scene=58&subscene=0#rd) +- 数世咨询 + - [ ] ["TikTok难民"涌入 ,小红书如何应对安全挑战?](https://mp.weixin.qq.com/s?__biz=MzkxNzA3MTgyNg==&mid=2247534365&idx=1&sn=f588bf9917f2c9ea08f7e4a1b7bd0fa1&chksm=c14435a0f633bcb6e8081a918f1c1f1b0a773c8c5cab714e55d4396a4353943fd6de59281d88&scene=58&subscene=0#rd) +- 极客公园 + - [ ] [只用 45 天达成 100 万美金 ARR,这家创业公司找到了 AI 落地的解法](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653072187&idx=1&sn=3d684d310b02fde9036a7b380e174561&chksm=7e57d68d49205f9b271fb04d2c021c24035447ca229df15fc35d9141b95d71ef9d96a4cac22f&scene=58&subscene=0#rd) + - [ ] [前华为智驾主管转投地平线后首秀:对手只有特斯拉,天天营销没用](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653072187&idx=2&sn=1804eeacd4a39d7558ce0924efafc873&chksm=7e57d68d49205f9b70c422202cc67af03e9d5383daa790831590702dc6b0788d64b18dcbb861&scene=58&subscene=0#rd) + - [ ] [TikTok「硬刚」之下,转机来了](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653072182&idx=1&sn=07ecbd9641c4e5dc91ae910dbee03330&chksm=7e57d68049205f96e71c86167379f753f018f4b6c491b3c1ede6d838a3ce3c6ae01efac68ee9&scene=58&subscene=0#rd) + - [ ] [传 TikTok 计划周日完全关停美业务;OpenAI 推出新功能「Tasks」;《王者荣耀》纯血鸿蒙版上线 | 极客早知道](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653072123&idx=1&sn=a2b3df514f9f43169cdb6d3fb6529d09&chksm=7e57d74d49205e5bd59bfa31969dbc073fc123b54a6c6d6485961460d2fd1219eda233e694a5&scene=58&subscene=0#rd) +- 嘶吼专业版 + - [ ] [Nuclei 漏洞允许恶意模板绕过签名验证](https://mp.weixin.qq.com/s?__biz=MzI0MDY1MDU4MQ==&mid=2247580839&idx=1&sn=9bbf94cef195dc62ef4e9c2767e40736&chksm=e9146c9dde63e58b38dc1102ff184f3f04def7647e879875cf84eea98fd90bd0fb589e54a1ae&scene=58&subscene=0#rd) + - [ ] [国家计算机病毒应急处理中心监测发现16款违规移动应用](https://mp.weixin.qq.com/s?__biz=MzI0MDY1MDU4MQ==&mid=2247580839&idx=2&sn=ba6339b09bc11710fbe1b0d53e455d2e&chksm=e9146c9dde63e58bdb54281cedb98d47988111a4dc35b2d7b1da0f4e522afe4a0514ee5a3dcf&scene=58&subscene=0#rd) +- 字节跳动安全中心 + - [ ] [业务上新|BytePlus开放测试](https://mp.weixin.qq.com/s?__biz=MzUzMzcyMDYzMw==&mid=2247494456&idx=1&sn=08dd5c76c4e63b643bf83e6e67376f72&chksm=fa9d106ecdea9978cd783823f2d8d73ad96e7742cdf39c379eb7dae0e4e2c2bf87075fb5a6f1&scene=58&subscene=0#rd) +- 威胁猎人Threat Hunter + - [ ] [【黑产大数据】2024年互联网黑灰产趋势年度总结](https://mp.weixin.qq.com/s?__biz=MzI3NDY3NDUxNg==&mid=2247498891&idx=1&sn=9f040f1179476893f7e090a25d5c7db6&chksm=eb12dab0dc6553a6688a1502538c0a93299a3ae6095c314d0db7c1c3f67008f121543a1aa9df&scene=58&subscene=0#rd) +- Yak Project + - [ ] [一种简单又强势的Js-Forward脚本编写方式](https://mp.weixin.qq.com/s?__biz=Mzk0MTM4NzIxMQ==&mid=2247527481&idx=1&sn=9bee930fcf19964ae14c0d949c517570&chksm=c2d1109df5a6998b7ef18c9aa6230c5759ef54ac86481b4372e0b3e08e5217cc312d81f83fe4&scene=58&subscene=0#rd) +- DataCon大数据安全分析竞赛 + - [ ] [DataCon2024解题报告WriteUp—网络基础设施安全赛道](https://mp.weixin.qq.com/s?__biz=MzU5Njg1NzMyNw==&mid=2247489113&idx=1&sn=f50d636aa1d51351143f9cdf801aedeb&chksm=fe5d0ed9c92a87cf2d0cb0ac85dcfb860d8e5684ae9d60f6eaad2c43357757367e274d6cacf0&scene=58&subscene=0#rd) +- 火绒安全 + - [ ] [聚焦银狐丨探究病毒肆虐传播背后隐藏的迭代玄机](https://mp.weixin.qq.com/s?__biz=MzI3NjYzMDM1Mg==&mid=2247521662&idx=1&sn=d892c1ee59c408fd2318701d76ce76eb&chksm=eb704b41dc07c257e791093a007f7281efb53f3f4302acc7f352f5567cc85528f957695de501&scene=58&subscene=0#rd) + - [ ] [诚邀渠道合作伙伴共启新征程](https://mp.weixin.qq.com/s?__biz=MzI3NjYzMDM1Mg==&mid=2247521662&idx=2&sn=a82fab2199cc8b53db07300512a91f88&chksm=eb704b41dc07c257eaa7c89bd1beb5aa42864668fdd898b231ff7f0f412a808ed8ef8519964e&scene=58&subscene=0#rd) +- 美团技术团队 + - [ ] [没猜错的话,你在等美团技术年货 | 送10份美团新春礼盒](https://mp.weixin.qq.com/s?__biz=MjM5NjQ5MTI5OA==&mid=2651779737&idx=1&sn=34c1ad2e924f5724af10680a2079e410&chksm=bd122bd48a65a2c2a7c45122b8b55b8ed496d0d1d72d9adb1d5039567f111852ebf314f01416&scene=58&subscene=0#rd) +- 360数字安全 + - [ ] [正式签约!360为宁波城市大模型发展注入新动能](https://mp.weixin.qq.com/s?__biz=MzA4MTg0MDQ4Nw==&mid=2247579041&idx=1&sn=2f7055867704f94db13304cebae8ada0&chksm=9f8d25a9a8faacbfa4674c94f494a1791f0840109f3b0b78273934fb04f0405c1565a6d12d5c&scene=58&subscene=0#rd) +- LuxSci + - [ ] [HIPAA-Compliant Personalization With PHI: A How-To Guide](https://luxsci.com/blog/hipaa-compliant-personalization.html) +- 安全419 + - [ ] [人工智能和机器学习如何改变数字银行安全](https://mp.weixin.qq.com/s?__biz=MzUyMDQ4OTkyMg==&mid=2247546715&idx=1&sn=59b38fd23de2ac6cd1e972f8ce8fd022&chksm=f9ebe9f6ce9c60e06d2a7dc7e7ea3652f451882a9fdd79ca021c75265aa830efe30ac8736cdf&scene=58&subscene=0#rd) +- Qualys Security Blog + - [ ] [Cybersecurity 2025: Qualys’ Predictions for Navigating the Evolving Threat Landscape](https://blog.qualys.com/category/qualys-insights) +- Over Security - Cybersecurity news aggregator + - [ ] [GDPR complaints filed against TikTok, Temu for sending user data to China](https://www.bleepingcomputer.com/news/security/gdpr-complaints-filed-against-tiktok-temu-for-sending-user-data-to-china/) + - [ ] [Qualche grafico: Analisi del leak Fortinet su 15K server esposti](https://www.insicurezzadigitale.com/qualche-grafico-analisi-del-leak-fortinet-su-15k-server-esposti/) + - [ ] [FTC updates closely watched children’s online privacy rule](https://therecord.media/ftc-coppa-childrens-data-privacy-updated-regulation) + - [ ] [Chinese Innovations Spawn Wave of Toll Phishing Via SMS](https://krebsonsecurity.com/2025/01/chinese-innovations-spawn-wave-of-toll-phishing-via-sms/) + - [ ] [W3 Total Cache plugin flaw exposes 1 million WordPress sites to attacks](https://www.bleepingcomputer.com/news/security/w3-total-cache-plugin-flaw-exposes-1-million-wordpress-sites-to-attacks/) + - [ ] [US issues sanctions against companies in Laos, China tied to North Korean IT worker scheme](https://therecord.media/us-issues-sanctions-laos-china-north-korean-worker-scheme) + - [ ] [Balancing Celebration with Security at Trump’s Second Inauguration and Beyond](https://flashpoint.io/blog/balancing-celebration-with-security-at-trumps-second-inauguration/) + - [ ] [Microsoft expands testing of Windows 11 admin protection feature](https://www.bleepingcomputer.com/news/security/microsoft-expands-testing-of-windows-11-admin-protection-feature/) + - [ ] [Find the helpers](https://blog.talosintelligence.com/find-the-helpers/) + - [ ] [US cracks down on North Korean IT worker army with more sanctions](https://www.bleepingcomputer.com/news/security/us-cracks-down-on-north-korean-it-worker-army-with-more-sanctions/) + - [ ] [Biden signs executive order to bolster national cybersecurity](https://www.bleepingcomputer.com/news/security/biden-signs-executive-order-to-bolster-national-cybersecurity/) + - [ ] [Biotech firm settles class action lawsuit over ransomware attack for $7.5 million](https://therecord.media/enzo-biochem-ransomware-class-action-lawsuit-settlement) + - [ ] [German defense and foreign ministries suspend activity on Elon Musk’s platform](https://therecord.media/german-defense-foreign-ministries-suspend-accounts-on-x) + - [ ] [Wolf Haldenstein law firm says 3.5 million impacted by data breach](https://www.bleepingcomputer.com/news/security/wolf-haldenstein-law-firm-says-35-million-impacted-by-data-breach/) + - [ ] [FTC sues GoDaddy for years of poor hosting security practices](https://www.bleepingcomputer.com/news/security/ftc-sues-godaddy-for-years-of-poor-hosting-security-practices/) + - [ ] [Karmada Security Audit](https://www.shielder.com/blog/2025/01/karmada-security-audit/) + - [ ] [Una vulnerabilità di UEFI Secure Boot permette l’esecuzione di codice durante il boot di sistema](https://www.securityinfo.it/2025/01/16/una-vulnerabilita-di-uefi-secure-boot-permette-lesecuzione-di-codice-durante-il-boot-di-sistema/) + - [ ] [MFA Failures - The Worst is Yet to Come](https://www.bleepingcomputer.com/news/security/mfa-failures-the-worst-is-yet-to-come/) + - [ ] [New UEFI Secure Boot flaw exposes systems to bootkits, patch now](https://www.bleepingcomputer.com/news/security/new-uefi-secure-boot-flaw-exposes-systems-to-bootkits-patch-now/) + - [ ] [UK’s porn age checks to arrive in July, raising fears over security and privacy](https://therecord.media/ofcom-uk-pornography-age-verification-checks) + - [ ] [Government Sector Bears the Brunt of Cyberattacks in Ukraine: Report](https://cyble.com/blog/ukraine-cyberthreat-landscape-2024/) + - [ ] [Ransomware sanctions, software security among key points in new Biden executive order](https://therecord.media/biden-cybersecurity-executive-order) + - [ ] [ICS Vulnerability Report: Hitachi Energy Network Management Flaw Scores a Perfect 10](https://cyble.com/blog/ics-vulnerability-report-hitachi-energy-network-management-flaw-scores-a-perfect-10/) + - [ ] [16-31 October 2024 Cyber Attacks Timeline](https://www.hackmageddon.com/2025/01/16/16-31-october-2024-cyber-attacks-timeline/) + - [ ] [Malware Trends Overview Report: 2024](https://any.run/cybersecurity-blog/malware-trends-2024/) + - [ ] [The Truth of the Matter: Scammers Targeting Truth Social Users](https://www.netcraft.com/blog/truth-social-scam-threat-review/) + - [ ] [Sneaky 2FA: exposing a new AiTM Phishing-as-a-Service](https://blog.sekoia.io/sneaky-2fa-exposing-a-new-aitm-phishing-as-a-service/) + - [ ] [Le Coq Sportif Columbia - 79,712 breached accounts](https://haveibeenpwned.com/PwnedWebsites#LeCoqSportif) + - [ ] [Hackers leak configs and VPN credentials for 15,000 FortiGate devices](https://www.bleepingcomputer.com/news/security/hackers-leak-configs-and-vpn-credentials-for-15-000-fortigate-devices/) + - [ ] [Japanese Spam on a Cleaned WordPress Site: The Hidden Sitemap Problem](https://blog.sucuri.net/2025/01/japanese-spam-on-a-cleaned-wordpress-site-the-hidden-sitemap-problem.html) + - [ ] [Supreme Court seems poised to uphold age-gating law for online sexual content](https://therecord.media/supreme-court-poised-to-uphold-porn-age-gating-law) +- Securityinfo.it + - [ ] [Una vulnerabilità di UEFI Secure Boot permette l’esecuzione di codice durante il boot di sistema](https://www.securityinfo.it/2025/01/16/una-vulnerabilita-di-uefi-secure-boot-permette-lesecuzione-di-codice-durante-il-boot-di-sistema/?utm_source=rss&utm_medium=rss&utm_campaign=una-vulnerabilita-di-uefi-secure-boot-permette-lesecuzione-di-codice-durante-il-boot-di-sistema) +- 娜璋AI安全之家 + - [ ] [[系统安全] 六十一.恶意软件分析 (12)LLM赋能Lark工具提取XLM代码的抽象语法树(初探)](https://mp.weixin.qq.com/s?__biz=Mzg5MTM5ODU2Mg==&mid=2247501228&idx=1&sn=b09f8443148d480c875e52d77103988a&chksm=cfcf7561f8b8fc774623011fade9c0218ad64e57b3768912d4159b85716e79823aa0097bc495&scene=58&subscene=0#rd) +- HACKMAGEDDON + - [ ] [16-31 October 2024 Cyber Attacks Timeline](https://www.hackmageddon.com/2025/01/16/16-31-october-2024-cyber-attacks-timeline/) +- FuzzWiki + - [ ] [Atropos:对Web应用程序服务器端漏洞的模糊测试技术](https://mp.weixin.qq.com/s?__biz=MzU1NTEzODc3MQ==&mid=2247486892&idx=1&sn=a6724b98a3098cb4aafd29db4607bbea&chksm=fbd9a610ccae2f06142212f5bb3152632f1397c33284590d3a060c069821d719e57417138604&scene=58&subscene=0#rd) +- ICT Security Magazine + - [ ] [Continuous Threat Exposure Management e Cyber Risk Operation Center: Architettura Avanzata per la Cybersecurity](https://www.ictsecuritymagazine.com/articoli/continuous-threat-exposure-management-e-cyber-risk-operation-center/) +- Krypt3ia + - [ ] [Daily Krypt3ia Cyber Threat Intelligence Digest:](https://krypt3ia.wordpress.com/2025/01/16/daily-krypt3ia-cyber-threat-intelligence-daily-digest/) +- Blog on Shielder + - [ ] [Karmada Security Audit](https://www.shielder.com/blog/2025/01/karmada-security-audit/) +- 迪哥讲事 + - [ ] [垂直越权,你只会替换 COOKIE ?](https://mp.weixin.qq.com/s?__biz=MzIzMTIzNTM0MA==&mid=2247496878&idx=1&sn=da95b7064e7bdbbf53ae06a6b9df0f66&chksm=e8a5fecddfd277db713446ce20375d8d5ba31517f0fae716a2a6b9433fe0fcf2a8a56428ca89&scene=58&subscene=0#rd) + - [ ] [备考宝典来啦!华为ICT大赛实践赛真题解析丛书出版](https://mp.weixin.qq.com/s?__biz=MzIzMTIzNTM0MA==&mid=2247496878&idx=2&sn=04d8b2a71c966daf1e511947fc487d90&chksm=e8a5fecddfd277dbc517e73f975a682e6a45ebb4323c75f666e3bb644d0c29040bcdbd17f937&scene=58&subscene=0#rd) +- SANS Internet Storm Center, InfoCON: green + - [ ] [Extracting Practical Observations from Impractical Datasets, (Thu, Jan 16th)](https://isc.sans.edu/diary/rss/31582) +- Schneier on Security + - [ ] [FBI Deletes PlugX Malware from Thousands of Computers](https://www.schneier.com/blog/archives/2025/01/fbi-deletes-plugx-malware-from-thousands-of-computers.html) +- Full Disclosure + - [ ] [CVE-2024-48463](https://seclists.org/fulldisclosure/2025/Jan/6) + - [ ] [CyberDanube Security Research 20250107-0 | Multiple Vulnerabilities in ABB AC500v3](https://seclists.org/fulldisclosure/2025/Jan/5) + - [ ] [Certified Asterisk Security Release certified-20.7-cert4](https://seclists.org/fulldisclosure/2025/Jan/7) + - [ ] [Certified Asterisk Security Release certified-18.9-cert13](https://seclists.org/fulldisclosure/2025/Jan/4) + - [ ] [Asterisk Security Release 22.1.1](https://seclists.org/fulldisclosure/2025/Jan/3) + - [ ] [Asterisk Security Release 18.26.1](https://seclists.org/fulldisclosure/2025/Jan/2) + - [ ] [[asterisk-dev] Asterisk Security Release 21.6.1](https://seclists.org/fulldisclosure/2025/Jan/1) + - [ ] [[asterisk-dev] Asterisk Security Release 20.11.1](https://seclists.org/fulldisclosure/2025/Jan/0) +- TorrentFreak + - [ ] [Poppy Playtime Sues Google for Failing to Remove Copyright Infringing ‘Scam’ Apps](https://torrentfreak.com/poppy-playtime-sues-google-for-failing-to-remove-copyright-infringing-scam-apps-250116/) +- Deeplinks + - [ ] [Systemic Risk Reporting: A System in Crisis?](https://www.eff.org/deeplinks/2025/01/systemic-risk-reporting-system-crisis) +- 洞源实验室 + - [ ] [企业信息化建设的探索与实践](https://mp.weixin.qq.com/s?__biz=Mzg4Nzk3MTg3MA==&mid=2247487704&idx=1&sn=c180012e3a4418e25b760a61aeccacdc&chksm=cf8319a9f8f490bfd408a4cef87a0500e53bf20076190d3a9ac2b53d1a8aebda09b4d74307cf&scene=58&subscene=0#rd) +- Have I Been Pwned latest breaches + - [ ] [Le Coq Sportif Columbia - 79,712 breached accounts](https://haveibeenpwned.com/PwnedWebsites#LeCoqSportif) +- Your Open Hacker Community + - [ ] [How to find someone email](https://www.reddit.com/r/HowToHack/comments/1i2oo3o/how_to_find_someone_email/) + - [ ] [[ Removed by Reddit ]](https://www.reddit.com/r/HowToHack/comments/1i2m4hc/removed_by_reddit/) + - [ ] [Interested in learning batch](https://www.reddit.com/r/HowToHack/comments/1i2jqgm/interested_in_learning_batch/) + - [ ] [Getting an email](https://www.reddit.com/r/HowToHack/comments/1i2fna5/getting_an_email/) +- Technical Information Security Content & Discussion + - [ ] [How to Create Vulnerable-Looking Endpoints to Detect and Mislead Attackers](https://www.reddit.com/r/netsec/comments/1i2tizr/how_to_create_vulnerablelooking_endpoints_to/) + - [ ] [Microsoft Configuration Manager (ConfigMgr / SCCM) 2403 Unauthenticated SQL injections (CVE-2024-43468)](https://www.reddit.com/r/netsec/comments/1i2vo90/microsoft_configuration_manager_configmgr_sccm/) + - [ ] [The Role of Emulators in OT Research](https://www.reddit.com/r/netsec/comments/1i2x0vx/the_role_of_emulators_in_ot_research/) + - [ ] [Karmada Security Audit - Shielder](https://www.reddit.com/r/netsec/comments/1i2sbk4/karmada_security_audit_shielder/) + - [ ] [PoC for CVE-2025-0282 published (Ivanti Connect Secure stack bof)](https://www.reddit.com/r/netsec/comments/1i2te2v/poc_for_cve20250282_published_ivanti_connect/) + - [ ] [A publicly available OpenCTI connector for IoC analysis FOSS tool](https://www.reddit.com/r/netsec/comments/1i2ymf3/a_publicly_available_opencti_connector_for_ioc/) +- Computer Forensics + - [ ] [Can you run memory forensics using Kolide?](https://www.reddit.com/r/computerforensics/comments/1i2g8a1/can_you_run_memory_forensics_using_kolide/) +- Information Security + - [ ] [Hey guys can I ask you a question?](https://www.reddit.com/r/Information_Security/comments/1i2z2li/hey_guys_can_i_ask_you_a_question/) + - [ ] [ALERT: Phishers use fake online shops with surveys to steal users’ credit card information](https://www.reddit.com/r/Information_Security/comments/1i2tran/alert_phishers_use_fake_online_shops_with_surveys/) +- Deep Web + - [ ] [If someone wanted to find soon to be released ebooks...what sites would you look first?](https://www.reddit.com/r/deepweb/comments/1i2utii/if_someone_wanted_to_find_soon_to_be_released/) +- Security Affairs + - [ ] [Prominent US law firm Wolf Haldenstein disclosed a data breach](https://securityaffairs.com/173150/data-breach/us-law-firm-wolf-haldenstein-data-breach.html) + - [ ] [Clop Ransomware exploits Cleo File Transfer flaw: dozens of claims, disputed breaches](https://securityaffairs.com/173135/cyber-crime/clop-ransomware-gang-claims-hack-of-cleo-file-transfer-customers.html) + - [ ] [MikroTik botnet relies on DNS misconfiguration to spread malware](https://securityaffairs.com/173126/hacking/13000-device-mikrotik-botnet-exploiting-dns-flaws.html) + - [ ] [Threat actor leaked config files and VPN passwords for over Fortinet Fortigate devices](https://securityaffairs.com/173111/cyber-crime/fortinet-fortigate-devices-data-leak.html) +- Krebs on Security + - [ ] [Chinese Innovations Spawn Wave of Toll Phishing Via SMS](https://krebsonsecurity.com/2025/01/chinese-innovations-spawn-wave-of-toll-phishing-via-sms/) +- Hacking Exposed Computer Forensics Blog + - [ ] [Daily Blog #719: Installing project adaz](https://www.hecfblog.com/2025/01/daily-blog-719-installing-project-adaz.html) +- The Hacker News + - [ ] [Russian Star Blizzard Shifts Tactics to Exploit WhatsApp QR Codes for Credential Harvesting](https://thehackernews.com/2025/01/russian-star-blizzard-shifts-tactics-to.html) + - [ ] [Ready to Simplify Trust Management? Join Free Webinar to See DigiCert ONE in Action](https://thehackernews.com/2025/01/ready-to-simplify-trust-management-join.html) + - [ ] [The $10 Cyber Threat Responsible for the Biggest Breaches of 2024](https://thehackernews.com/2025/01/the-10-cyber-threat-responsible-for.html) + - [ ] [New UEFI Secure Boot Vulnerability Could Allow Attackers to Load Malicious Bootkits](https://thehackernews.com/2025/01/new-uefi-secure-boot-vulnerability.html) + - [ ] [Researchers Find Exploit Allowing NTLMv1 Despite Active Directory Restrictions](https://thehackernews.com/2025/01/researchers-find-exploit-allowing.html) + - [ ] [Hackers Hide Malware in Images to Deploy VIP Keylogger and 0bj3ctivity Stealer](https://thehackernews.com/2025/01/hackers-hide-malware-in-images-to.html) + - [ ] [Python-Based Malware Powers RansomHub Ransomware to Exploit Network Flaws](https://thehackernews.com/2025/01/python-based-malware-powers-ransomhub.html) + - [ ] [Researcher Uncovers Critical Flaws in Multiple Versions of Ivanti Endpoint Manager](https://thehackernews.com/2025/01/researcher-uncovers-critical-flaws-in.html) +- Graham Cluley + - [ ] [Smashing Security podcast #400: Hacker games, AI travel surveillance, and 25 years of IoT](https://grahamcluley.com/smashing-security-podcast-400/) +- Social Engineering + - [ ] [Richard Madeley: Homeowner & Homeless Skeptic](https://www.reddit.com/r/SocialEngineering/comments/1i2wr0q/richard_madeley_homeowner_homeless_skeptic/) + - [ ] [How to effectively persuade businesses to collaborate with you?](https://www.reddit.com/r/SocialEngineering/comments/1i2hv9a/how_to_effectively_persuade_businesses_to/) +- The Register - Security + - [ ] [Russia's Star Blizzard phishing crew caught targeting WhatsApp accounts](https://go.theregister.com/feed/www.theregister.com/2025/01/16/russia_star_blizzard_whatsapp/) + - [ ] [Enzo Biochem settles lawsuit over 2023 ransomware attack for $7.5M](https://go.theregister.com/feed/www.theregister.com/2025/01/16/enzo_biochem_ransomware_lawsuit/) + - [ ] [Cybersecurity rethink - from reaction to resilience](https://go.theregister.com/feed/www.theregister.com/2025/01/16/cybersecurity_rethink_from_reaction_to/) + - [ ] [Raspberry Pi hands out prizes to all in the RP2350 Hacking Challenge](https://go.theregister.com/feed/www.theregister.com/2025/01/16/raspberry_pi_awards_prizes_for/) + - [ ] [Infoseccer: Private security biz let guard down, exposed 120K+ files](https://go.theregister.com/feed/www.theregister.com/2025/01/16/private_security_biz_lets_guard/) diff --git a/archive/tmp/2025-01-17.json b/archive/tmp/2025-01-17.json new file mode 100644 index 0000000000..92e871db05 --- /dev/null +++ b/archive/tmp/2025-01-17.json @@ -0,0 +1,517 @@ +{ + "奇安信攻防社区": { + "Pipe管道利用": "https://forum.butian.net/share/4041", + "x86_shellcode的一些总结": "https://forum.butian.net/share/4045" + }, + "SecWiki News": { + "SecWiki News 2025-01-16 Review": "http://www.sec-wiki.com/?2025-01-16" + }, + "Recent Commits to cve:main": { + "Update Thu Jan 16 20:18:31 UTC 2025": "https://github.com/trickest/cve/commit/ac7b0793018b914902d4a93cfd97f9c9f5099dc2", + "Update Thu Jan 16 12:17:03 UTC 2025": "https://github.com/trickest/cve/commit/d2045a1f437c6e51bb209405ecceac7ecd5fb639", + "Update Thu Jan 16 04:12:08 UTC 2025": "https://github.com/trickest/cve/commit/e9e247db7486d0a878423134b49b830e5ac64c29" + }, + "Security Boulevard": { + "DEF CON 32 – Signature-Based Detection Using Network Timing": "https://securityboulevard.com/2025/01/def-con-32-signature-based-detection-using-network-timing/", + "Randall Munroe’s XKCD ‘Radon’": "https://securityboulevard.com/2025/01/randall-munroes-xkcd-radon/", + "Updated Response to CISA Advisory (AA23-136A): #StopRansomware: BianLian Ransomware Group": "https://securityboulevard.com/2025/01/updated-response-to-cisa-advisory-aa23-136a-stopransomware-bianlian-ransomware-group/", + "White House Executive Order: Strengthening and Promoting Innovation in the Nation’s Cybersecurity": "https://securityboulevard.com/2025/01/white-house-executive-order-strengthening-and-promoting-innovation-in-the-nations-cybersecurity/", + "Debunking the “On Premise Software” Myth | Grip Security": "https://securityboulevard.com/2025/01/debunking-the-on-premise-software-myth-grip-security/", + "Veriti mentioned as a Tech Innovator in the 2025 Gartner® Emerging Tech: Tech Innovators in Preemptive Cybersecurity Report in the Preemptive Cybersecuirty Category.": "https://securityboulevard.com/2025/01/veriti-mentioned-as-a-tech-innovator-in-the-2025-gartner-emerging-tech-tech-innovators-in-preemptive-cybersecurity-report-in-the-preemptive-cybersecuirty-category/", + "Simplifying Compliance in the Complex U.S. FinServ Regulatory Landscape": "https://securityboulevard.com/2025/01/simplifying-compliance-in-the-complex-u-s-finserv-regulatory-landscape/", + "How a Large Healthcare Company Slashed Their Secrets Incidents by Half": "https://securityboulevard.com/2025/01/how-a-large-healthcare-company-slashed-their-secrets-incidents-by-half/", + "DEF CON 32 – Small Satellite Modeling and Defender Software": "https://securityboulevard.com/2025/01/def-con-32-small-satellite-modeling-and-defender-software-2/", + "Smart Spatial and Hyperview Unite to Take Data Centers to the Next Level": "https://securityboulevard.com/2025/01/smart-spatial-and-hyperview-unite-to-take-data-centers-to-the-next-level/" + }, + "Trustwave Blog": { + "Upcoming Trustwave SpiderLabs Report Investigates Threats Against the Energy and Utilities Sector": "https://www.trustwave.com/en-us/resources/blogs/trustwave-blog/upcoming-trustwave-spiderlabs-report-investigates-threats-against-the-energy-and-utilities-sector/" + }, + "安全客-有思想的安全新媒体": { + "360年度勒索软件报告请查收:AI“催生”天价赎金危机": "https://www.anquanke.com/post/id/303576", + "CVE-2024-9042:在 Kubernetes Windows 节点中发现代码执行漏洞": "https://www.anquanke.com/post/id/303573", + "CVE-2025-23042 (CVSS 9.1): Gradio 修补了流行机器学习平台中的关键 ACL 旁路漏洞": "https://www.anquanke.com/post/id/303570", + "超过 66 万台 Rsync 服务器受到代码执行攻击": "https://www.anquanke.com/post/id/303567", + "思科发布人工智能防御系统,抵御模型安全风险": "https://www.anquanke.com/post/id/303564", + "俄克拉荷马州提出比特币战略储备法案": "https://www.anquanke.com/post/id/303561", + "微软将于十月终止对 Windows 10 上 Office 应用程序的支持": "https://www.anquanke.com/post/id/303558", + "黑客利用Google Search广告窃取Google Ads帐户": "https://www.anquanke.com/post/id/303555", + "黑色巴斯塔式网络攻击 90 分钟内向收件箱发送 1,165 封电子邮件": "https://www.anquanke.com/post/id/303552", + "SAP 修复 NetWeaver 应用服务器中的关键漏洞": "https://www.anquanke.com/post/id/303549" + }, + "Tenable Blog": { + "New Cybersecurity Executive Order: What It Means for Federal Agencies": "https://www.tenable.com/blog/new-cybersecurity-executive-order-what-it-means-for-federal-agencies" + }, + "Google Online Security Blog": { + "OSV-SCALIBR: A library for Software Composition Analysis": "http://security.googleblog.com/2025/01/osv-scalibr-library-for-software.html" + }, + "Doonsec's feed": { + "中国APP攻陷美国": "https://mp.weixin.qq.com/s?__biz=MzkwMzI1ODUwNA==&mid=2247487822&idx=1&sn=08ec2dec88cfefd75d64bb05d64681f4", + "CSDN NB!!!": "https://mp.weixin.qq.com/s?__biz=Mzg3MTE0NTg4OQ==&mid=2247484145&idx=1&sn=9707b33311207262bedee6cdedd1f4a3", + "软考信安(五)": "https://mp.weixin.qq.com/s?__biz=MzkzMjYzOTc5NQ==&mid=2247484672&idx=1&sn=f4ab8d1a56765d02166ddf40dc3c453b", + "SharpScan: 内网资产扫描工具": "https://mp.weixin.qq.com/s?__biz=MzU2MTc4NTEyNw==&mid=2247486296&idx=1&sn=806c15e88353abd397dccabb76927b77", + "2025年,我们尝试为实战能力赋能做点推动": "https://mp.weixin.qq.com/s?__biz=Mzg4MDkyMTE4OQ==&mid=2247488992&idx=1&sn=c3472a8dcec51704e7257f1d55ac0bf2", + "TikTok禁令倒计时": "https://mp.weixin.qq.com/s?__biz=MzI3MDY0Nzg1Nw==&mid=2247489463&idx=1&sn=0ddd529420f80f2d51d777860f143685", + "公众号2024年度回顾": "https://mp.weixin.qq.com/s?__biz=MzU1NjczNjA0Nw==&mid=2247486233&idx=1&sn=292dce339e7afa224eb541aca3f2e23d", + "排版神器之Markdown Nice": "https://mp.weixin.qq.com/s?__biz=Mzk1NzI2NDQyMw==&mid=2247484215&idx=1&sn=3646a1d963934f45a7c284e0a946a436", + "简单操作几下就可以实现在微信群聊点歌": "https://mp.weixin.qq.com/s?__biz=Mzg3MTY3NzUwMQ==&mid=2247490254&idx=1&sn=4387d226daf848daa9c396c791db156b", + "美国会很快封杀小红书吗?": "https://mp.weixin.qq.com/s?__biz=MzU1NjgzOTAyMg==&mid=2247522933&idx=3&sn=98036ed8b9e52304f3ac6cda4eae78fb", + "我认为最好的威胁和风险关系模型,蚂蚁集团韦韬为什么不这么看?": "https://mp.weixin.qq.com/s?__biz=MzAxOTk3NTg5OQ==&mid=2247492175&idx=1&sn=5ca001d900c874319dc7c70c87a53d32", + "垂直越权,你只会替换 COOKIE ?啊、这、": "https://mp.weixin.qq.com/s?__biz=Mzg3OTUxNTU2NQ==&mid=2247489991&idx=1&sn=4ee0dce8f2e3b4664001b5826924a483", + "Python黑客工具库详解:10个让黑客效率提升10倍的神级库": "https://mp.weixin.qq.com/s?__biz=MzI5MjY4MTMyMQ==&mid=2247489710&idx=1&sn=af7b0f143c0bfcef45855c3cafb9109a", + "译文|韩国国家网络安全战略": "https://mp.weixin.qq.com/s?__biz=MzkwMTMyMDQ3Mw==&mid=2247597488&idx=1&sn=b742395aa377ae841d5658003e035f50", + "两会之声 | 人大代表李雪莹:强化安全体系,助力北京全球数字经济标杆城市建设": "https://mp.weixin.qq.com/s?__biz=MzA3OTMxNTcxNA==&mid=2650960522&idx=1&sn=5121df2d76b035220e78b978d790d4ac", + "国家数据基础设施建设的四个核心问题": "https://mp.weixin.qq.com/s?__biz=MzkwMTMyMDQ3Mw==&mid=2247597488&idx=3&sn=4c7d930dfe77ef29904d787a139d6677", + "安全简讯(2025.01.16)": "https://mp.weixin.qq.com/s?__biz=MzkzNzY5OTg2Ng==&mid=2247500628&idx=1&sn=99a356fbab1b3b9c42d0f724fa99271e", + "实战|拿下了自己学校的大屏幕": "https://mp.weixin.qq.com/s?__biz=MzkxMzMyNzMyMA==&mid=2247569765&idx=2&sn=8cdde0bcc80f23fd58938ae6a1b4f361", + "【吃瓜】u200b好消息,发年终奖了!坏消息,是员工给公司发的!": "https://mp.weixin.qq.com/s?__biz=MzU3MjU4MjM3MQ==&mid=2247489663&idx=1&sn=1022a546269df3a7ea265a02353f11b7", + "记某OA系统Ajax旧服务的0day漏洞挖掘": "https://mp.weixin.qq.com/s?__biz=MzkzMzE5OTQzMA==&mid=2247485723&idx=1&sn=7c957b9f8d1e7a6f0094a12068b8720d", + "【漏洞通告】FortiOS and FortiProxy身份验证绕过漏洞安全风险通告": "https://mp.weixin.qq.com/s?__biz=MzU4NjY4MDAyNQ==&mid=2247496947&idx=1&sn=cfb80fee4820f74fe4d4da502d629282", + "【漏洞通告】Ivanti Endpoint Manager多个信息泄露漏洞安全风险通告": "https://mp.weixin.qq.com/s?__biz=MzU4NjY4MDAyNQ==&mid=2247496947&idx=2&sn=4d5f7bf05f88fe132cade2806d79c596", + "江西教育在线疑似被删库!!!这可不能开玩笑": "https://mp.weixin.qq.com/s?__biz=MzU2MjU2MzI3MA==&mid=2247484508&idx=1&sn=3793caf5f8c7b8ef5d3b3e6ef14a29af", + "2024年反勒索软件行动分析": "https://mp.weixin.qq.com/s?__biz=MzU2MjU2MzI3MA==&mid=2247484508&idx=2&sn=56dba8409470f69386b4a36666b1e850", + "没有公网怎么访问家庭网络、NAS?免费无门槛,十分钟搞定!": "https://mp.weixin.qq.com/s?__biz=MzU2MjU2MzI3MA==&mid=2247484508&idx=3&sn=691a9cba123fe29430ef29b3c2b6a103", + "网安人的年度总结": "https://mp.weixin.qq.com/s?__biz=Mzk0OTY2ODE1NA==&mid=2247484970&idx=1&sn=b3205215ccac49595accadd35fe0b802", + "征文|《信息安全研究》2025年“机密计算”专题征文": "https://mp.weixin.qq.com/s?__biz=MzA3NzgzNDM0OQ==&mid=2664992827&idx=1&sn=12351a7b4481dd065c24d1507589d012", + "【业界动态】工信部发文加强互联网数据中心客户数据安全保护": "https://mp.weixin.qq.com/s?__biz=MzA3NzgzNDM0OQ==&mid=2664992827&idx=2&sn=ffc6c77f065e24300395fecd2752f2f5", + "国内外网络安全热点情报(2025年第2期)": "https://mp.weixin.qq.com/s?__biz=MzkzNjM4ODc3OQ==&mid=2247485644&idx=1&sn=2678bf67645c7d5967844182840b4b34", + "探讨 Poseidon 延展性攻击,可影响零知识证明应用的安全性": "https://mp.weixin.qq.com/s?__biz=MzU4ODQ3NTM2OA==&mid=2247500936&idx=1&sn=433dc45041abe0603c4c00d7a3db7ced", + "无问社区|春节大放送": "https://mp.weixin.qq.com/s?__biz=MzkxNjQyODY5MA==&mid=2247486971&idx=1&sn=624b1d81c297cd2579d60bc1959721f2", + "韩国总统尹锡悦被捕事件深度解读": "https://mp.weixin.qq.com/s?__biz=MzkwNzM0NzA5MA==&mid=2247504090&idx=1&sn=e552539780ef7da02bd2a7ba6af4b128", + "拜登政府末期全力推动加沙停火协议:复杂局势下的外交": "https://mp.weixin.qq.com/s?__biz=MzkwNzM0NzA5MA==&mid=2247504090&idx=2&sn=fece80f58e66edb84cf6d282168aecb4", + "2025,从读一本优秀的图书开始": "https://mp.weixin.qq.com/s?__biz=MzA3NDE0NDUyNA==&mid=2650804752&idx=1&sn=aad52aa81ac9ee5fee0c724cf80b1d6b", + "图解OSI七层模型,言简意赅!": "https://mp.weixin.qq.com/s?__biz=MzIyMzIwNzAxMQ==&mid=2649464520&idx=1&sn=ef97d15e0bdfff6f43c101e609536b15", + "业务上新|BytePlus开放测试": "https://mp.weixin.qq.com/s?__biz=MzUzMzcyMDYzMw==&mid=2247494456&idx=1&sn=08dd5c76c4e63b643bf83e6e67376f72", + "暗网情报:15,000多台FortiGate设备的配置和VPN凭据泄露": "https://mp.weixin.qq.com/s?__biz=MzkyMjQ5ODk5OA==&mid=2247506836&idx=1&sn=a871fac7bf74d1c799e9679c9e3fce12", + "诚邀渠道合作伙伴共启新征程": "https://mp.weixin.qq.com/s?__biz=MzI3NjYzMDM1Mg==&mid=2247521662&idx=2&sn=a82fab2199cc8b53db07300512a91f88", + "黑客在Windows系统下提权的20种主要姿势!": "https://mp.weixin.qq.com/s?__biz=Mzk0MzY1NDc2MA==&mid=2247484250&idx=1&sn=adcc04e14f1f9e181205110f8bf6c0ef", + "网安认证指南:穿越认证丛林,开启职业坦途": "https://mp.weixin.qq.com/s?__biz=MzU4NDExNDQwNA==&mid=2247489889&idx=1&sn=03b458260a1a89a7973c8ea2a099d8f0", + "网络安全实战练习资源整合": "https://mp.weixin.qq.com/s?__biz=MzkyMzg4MTY4Ng==&mid=2247484590&idx=1&sn=9aeca055dcc662ea4cc63b9219559bc9", + "数据经纪商Gravy Analytics遭黑客攻击 数百万用户位置信息泄露": "https://mp.weixin.qq.com/s?__biz=MzIwNzAwOTQxMg==&mid=2652251218&idx=1&sn=c179c7c00ec35fb67ad2420914827b89", + "美国CISA将Fortinet FortiOS列入已知漏洞目录": "https://mp.weixin.qq.com/s?__biz=MzU0MjE2Mjk3Ng==&mid=2247488407&idx=1&sn=9f14c87a5bd0069bcb81779ce3d4c4d2", + "全面理解数据字化时代的网络安全": "https://mp.weixin.qq.com/s?__biz=MzUzNjkxODE5MA==&mid=2247488067&idx=1&sn=11730602b3512d2291c9cd323eb5f1b9", + "一款图形化的代码审计工具": "https://mp.weixin.qq.com/s?__biz=MzU2NzY5MzI5Ng==&mid=2247504768&idx=1&sn=c7739c819a858a3fb7d89c7807ba2f5e", + "仅退款的正确用法": "https://mp.weixin.qq.com/s?__biz=MzkyNzIxMjM3Mg==&mid=2247488941&idx=2&sn=75554bc5d9be3c252a69819f06a34fd2", + "21094_ctfshow_misc_迷惑行为大赏(之)无中生you_菜鸡杯xa0writeup": "https://mp.weixin.qq.com/s?__biz=MzU2NzIzNzU4Mg==&mid=2247489494&idx=1&sn=01d30ab0c4610de825aeb2a146dce749", + "安全圈年底跳槽招人!": "https://mp.weixin.qq.com/s?__biz=MzAwMjA5OTY5Ng==&mid=2247525609&idx=1&sn=e4ca144fa5af39781a932d6c5d616620", + "工作中,少空想多行动": "https://mp.weixin.qq.com/s?__biz=MzU4NjY3OTAzMg==&mid=2247514778&idx=1&sn=84d1c105550a3f883dcd811fca17bde2", + "如何保护企业员工免受基于身份的攻击": "https://mp.weixin.qq.com/s?__biz=MzU4NjY3OTAzMg==&mid=2247514778&idx=2&sn=be9f4625665303015ba2732ca3c0c688", + "哔哩哔哩网页端疑似曝出存储型XSS漏洞": "https://mp.weixin.qq.com/s?__biz=MzU5MjgwMDg1Mg==&mid=2247484697&idx=1&sn=41f33dac5bec6ee1a38fe28b75e95977", + "全球最早的勒索病毒以及勒索病毒攻击活动": "https://mp.weixin.qq.com/s?__biz=MzA4ODEyODA3MQ==&mid=2247490009&idx=2&sn=af11ef8f497a3070ea6fe5ef688cdcbe", + "Babuk勒索病毒攻击": "https://mp.weixin.qq.com/s?__biz=MzA4ODEyODA3MQ==&mid=2247490009&idx=3&sn=55ecf2eeea1924914478f985389b495e", + "AvosLocker恶意病毒攻击": "https://mp.weixin.qq.com/s?__biz=MzA4ODEyODA3MQ==&mid=2247490009&idx=4&sn=183fc1d996f53449e72e5616cfbc64c5", + "【oscp】Node": "https://mp.weixin.qq.com/s?__biz=Mzg2Nzk0NjA4Mg==&mid=2247497975&idx=1&sn=278c0ccc74de00ab14f9b6ce5882a0c4", + "干货福利放送:ISO/IEC 27001:2022 培训课程直播计划1.22 – 1.25": "https://mp.weixin.qq.com/s?__biz=MzA5OTEyNzc1Nw==&mid=2247485941&idx=1&sn=23c992137d4fcad435b191198b14fb48", + "ISO 14001: 2015 标准详解与实施(11)6.1.4 措施的策划": "https://mp.weixin.qq.com/s?__biz=MzA5OTEyNzc1Nw==&mid=2247485941&idx=2&sn=d9494bf6b2f51efd007dfb662cf2c074", + "暗网情报:涉某电信运营商巨头、赌博平台": "https://mp.weixin.qq.com/s?__biz=MzkyMjQ5ODk5OA==&mid=2247506826&idx=1&sn=646c100aff317bc3bd44b7e73b6b1e60", + "AutoFilm:连接Alist,为Emby/Jellyfin提供Strm直链播放": "https://mp.weixin.qq.com/s?__biz=MzA4MjkzMTcxMg==&mid=2449046691&idx=1&sn=d24c3ad465e8e74457d5e21204adadc0", + "从302到RCE,拿shell就像喝水一样简单": "https://mp.weixin.qq.com/s?__biz=Mzg3NzkwMTYyOQ==&mid=2247488263&idx=1&sn=269b6a44555f773dd66be01cffb6ef76", + "喜报!炼石入选北京市知识产权试点单位": "https://mp.weixin.qq.com/s?__biz=MzkyNzE5MDUzMw==&mid=2247568533&idx=1&sn=c78448a9651bb3f8b2c0f5cac1208d7f", + "最新kali2024.4保姆级安装教程,附换源、汉化、中文输入法、解决root用户无法登录问题等,附打包好的vm文件下载地址": "https://mp.weixin.qq.com/s?__biz=Mzk1NzE0ODk3Nw==&mid=2247490258&idx=1&sn=86fe8c70b8f874a5e010b13bc99bd2cc", + "2024年值得赞赏的开源安全项目收集": "https://mp.weixin.qq.com/s?__biz=MzU1NDkwMzAyMg==&mid=2247502661&idx=1&sn=008900b107c89bec896eef97714da8e8", + "年度管理随笔": "https://mp.weixin.qq.com/s?__biz=Mzg2MDc0NTIxOQ==&mid=2247484717&idx=1&sn=5f92532a5420c592a133bc8364b5cc17", + "文件包含漏洞从入门到精通": "https://mp.weixin.qq.com/s?__biz=MzU2NDY2OTU4Nw==&mid=2247518316&idx=1&sn=b954fbb2f35fff3cfba2f1951d3c827b", + "你们都是开玩笑,他才是真的": "https://mp.weixin.qq.com/s?__biz=MzkxNzY5MTg1Ng==&mid=2247485494&idx=1&sn=44806adf358814ac0fdf3acaec2f4250", + "【相关分享】记一次小程序支付逻辑漏洞": "https://mp.weixin.qq.com/s?__biz=Mzk0OTUwNTU5Nw==&mid=2247488515&idx=1&sn=305bbcdc6b74a5b775bcad8028dbd7f1", + "分享图片": "https://mp.weixin.qq.com/s?__biz=MzI3Njc1MjcxMg==&mid=2247494255&idx=1&sn=21acb34ae1b3837ab16a8b0506d3516f", + "漏扫工具 -- hscan": "https://mp.weixin.qq.com/s?__biz=MzI4MDQ5MjY1Mg==&mid=2247515611&idx=1&sn=ea7441c1db522c42ed9a0165e6617cf8", + "CTF赛前指导 -- 流量取证": "https://mp.weixin.qq.com/s?__biz=MzI4MDQ5MjY1Mg==&mid=2247515611&idx=2&sn=119c6d1c1b2b6c381941e8fc3319e9a4", + "API漏洞挖掘神器API_kit的二开版本|Burp Suite 插件": "https://mp.weixin.qq.com/s?__biz=Mzg3ODE2MjkxMQ==&mid=2247489927&idx=1&sn=4585f639e37390f637445498148b70f7", + "让\\\"WAF绕过\\\"变得简单 -- x-waf(V0.2)": "https://mp.weixin.qq.com/s?__biz=MzU3NzY3MzYzMw==&mid=2247499165&idx=1&sn=30ee5801ed9925a615b9171f265585ed", + "CTF赛前指导 -- 文件上传漏洞&一句话木马": "https://mp.weixin.qq.com/s?__biz=MzU3NzY3MzYzMw==&mid=2247499165&idx=2&sn=1bcea16d2d17f234caf752fcf51a3d66", + "三个阶段阻止DDoS攻击": "https://mp.weixin.qq.com/s?__biz=Mzg2NjY2MTI3Mg==&mid=2247498219&idx=1&sn=7968756bf7e19003e4ff18396be8c3c8", + "2025年值得关注的网络安全趋势": "https://mp.weixin.qq.com/s?__biz=Mzg2NjY2MTI3Mg==&mid=2247498219&idx=2&sn=e2336a616bf941d074da171e51db5da3", + "英国考虑禁止支付勒索软件费用": "https://mp.weixin.qq.com/s?__biz=MzA5MzU5MzQzMA==&mid=2652113973&idx=1&sn=09d4b3e0d13f4ea9c16aad1b297cb084", + "国家发展改革委等部门印发《关于完善数据流通安全治理 更好促进数据要素市场化价值化的实施方案》的通知": "https://mp.weixin.qq.com/s?__biz=MzA5MzU5MzQzMA==&mid=2652113973&idx=2&sn=ef53cb3a6fde363046d710893ac7eed1" + }, + "安全脉搏": { + "DataCube 漏洞小结": "https://www.secpulse.com/archives/205081.html", + "记某次攻防演练:大战UEditor并突破": "https://www.secpulse.com/archives/205162.html" + }, + "Blog - AppSec Labs": { + "Still Using SSRF to Take Over Cloud Deployments Once Again": "https://appsec-labs.com/still-using-ssrf-to-take-over-cloud-deployments-once-again/" + }, + "一个被知识诅咒的人": { + "用Python管理Docker容器:从docker-py到自动化部署的全面指南": "https://blog.csdn.net/nokiaguy/article/details/145180393", + "Python在DevOps中的应用:自动化CI/CD管道的实现": "https://blog.csdn.net/nokiaguy/article/details/145180389" + }, + "嘶吼 RoarTalk – 网络安全行业综合服务平台,4hou.com": { + "个人信息安全三重防线(上):App隐私合规检测、PIA认证与个保合规审计": "https://www.4hou.com/posts/BvXo", + "正式签约!360为宁波城市大模型发展注入新动能": "https://www.4hou.com/posts/42vJ", + "国家计算机病毒应急处理中心监测发现16款违规移动应用": "https://www.4hou.com/posts/33rp", + "Nuclei 漏洞允许恶意模板绕过签名验证": "https://www.4hou.com/posts/xyjP" + }, + "Private Feed for M09Ic": { + "mgeeky starred MISP/misp-docker": "https://github.com/MISP/misp-docker", + "mgeeky starred MISP/PyMISP": "https://github.com/MISP/PyMISP", + "mgeeky starred MISP/MISP": "https://github.com/MISP/MISP", + "gh0stkey starred clash-verge-rev/clash-verge-rev": "https://github.com/clash-verge-rev/clash-verge-rev", + "Ridter starred yint-tech/sekiro-samples": "https://github.com/yint-tech/sekiro-samples", + "Ridter starred Nutlope/logocreator": "https://github.com/Nutlope/logocreator", + "zer0yu starred lencx/Noi": "https://github.com/lencx/Noi", + "zer0yu started following theMackabu": "https://github.com/theMackabu", + "wuhan005 starred Nutlope/logocreator": "https://github.com/Nutlope/logocreator", + "4ra1n starred saoshao/DetSql": "https://github.com/saoshao/DetSql", + "zer0yu starred Nutlope/logocreator": "https://github.com/Nutlope/logocreator", + "boy-hack starred empijei/wapty": "https://github.com/empijei/wapty", + "4ra1n starred verhas/License3j": "https://github.com/verhas/License3j", + "gh0stkey starred ventoy/Ventoy": "https://github.com/ventoy/Ventoy", + "Y4er starred Archeb/opentrace": "https://github.com/Archeb/opentrace", + "0xbug starred pyper-dev/pyper": "https://github.com/pyper-dev/pyper", + "glzjin starred composecraft/docker-compose-lib": "https://github.com/composecraft/docker-compose-lib", + "zema1 starred 0xCaner/DoH-ECH-Demo": "https://github.com/0xCaner/DoH-ECH-Demo", + "zema1 starred saoshao/DetSql": "https://github.com/saoshao/DetSql", + "CHYbeta starred yint-tech/sekiro-open": "https://github.com/yint-tech/sekiro-open", + "zer0yu started following leonjza": "https://github.com/leonjza", + "zema1 starred ljc545w/ComWeChatRobot": "https://github.com/ljc545w/ComWeChatRobot", + "zer0yu starred xnl-h4ck3r/knoxnl": "https://github.com/xnl-h4ck3r/knoxnl", + "zer0yu started following K1sna": "https://github.com/K1sna", + "yzddmr6 started following lintstar": "https://github.com/lintstar" + }, + "obaby@mars": { + "不再可用": "https://h4ck.org.cn/2025/01/19004" + }, + "GuidePoint Security": { + "Unveiling the GRIT 2025 Ransomware and Cyber Threat Report": "https://www.guidepointsecurity.com/blog/unveiling-the-grit-2025-ransomware-and-cyber-threat-report/" + }, + "blog.avast.com EN": { + "Super bowl scams—How to avoid getting sacked by cybercriminals": "https://blog.avast.com/super-bowl-ticket-scams" + }, + "NVISO Labs": { + "Detecting Teams Chat Phishing Attacks (Black Basta)": "https://blog.nviso.eu/2025/01/16/detecting-teams-chat-phishing-attacks-black-basta/" + }, + "SentinelOne": { + "New Possibilities with Purple AI | Third-Party Log Sources & Multilingual Question Support": "https://www.sentinelone.com/blog/unlocking-new-possibilities-with-purple-ai-new-log-sources-and-multilingual-support/" + }, + "CCC Event Blog": { + "Easterhegg 2025: Call for Participation": "https://events.ccc.de/2025/01/16/easterhegg-2025-call-for-participation/" + }, + "Dancho Danchev's Blog - Mind Streams of Information Security Knowledge": { + "A Peek Inside the Current State of BitCoin Exchanges": "https://ddanchev.blogspot.com/2025/01/a-peek-inside-current-state-of-bitcoin_17.html", + "A Peek Inside the Current State of BitCoin Mixers": "https://ddanchev.blogspot.com/2025/01/a-peek-inside-current-state-of-bitcoin.html", + "Profiling the iSpoof Cybercrime Enterprise": "https://ddanchev.blogspot.com/2025/01/profiling-ispoof-cybercrime-enterprise.html", + "Profiling a Currently Active Portfolio of High-Profile Cybercriminal Jabber and XMPP Accounts Including Email Address Accounts - Part Six": "https://ddanchev.blogspot.com/2025/01/profiling-currently-active-portfolio-of.html", + "New Project - Malware C&C Domains Offensive Network Reconnaissance Monitoring Project": "https://ddanchev.blogspot.com/2025/01/new-project-malware-c-domains-offensive.html", + "New Project - 419 Scam Domains WHOIS Registrar Monitoring Project": "https://ddanchev.blogspot.com/2025/01/new-project-419-scam-domains-whois.html", + "Happy New Year": "https://ddanchev.blogspot.com/2025/01/happy-new-year.html", + "Dancho Danchev's Testimony on “How Facebook Today's Meta Failed To Protect Its Users and React To The Koobface Botnet And What We Should Do About It?”": "https://ddanchev.blogspot.com/2025/01/dancho-danchevs-testimony-on-how.html" + }, + "Malwarebytes": { + "Avery had credit card skimmer stuck on its site for months": "https://www.malwarebytes.com/blog/news/2025/01/avery-had-credit-card-skimmer-stuck-on-its-site-for-months", + "PlugX malware deleted from thousands of systems by FBI": "https://www.malwarebytes.com/blog/news/2025/01/plugx-malware-deleted-from-thousands-of-systems-by-fbi" + }, + "daniel.haxx.se": { + "Presentation: curl from start to end": "https://daniel.haxx.se/blog/2025/01/16/presentation-curl-from-start-to-end/" + }, + "HackerNews": { + "标签巨头艾利公司称网站遭黑客入侵以窃取信用卡信息": "https://hackernews.cc/archives/56936", + "米克罗提克僵尸网络利用配置错误的 SPF DNS 记录传播恶意软件": "https://hackernews.cc/archives/56933", + "SAP 修复 NetWeaver 应用服务器中的关键漏洞": "https://hackernews.cc/archives/56930", + "SimpleHelp 重大漏洞:可导致文件窃取、权限提升和远程代码执行攻击": "https://hackernews.cc/archives/56927", + "谷歌云研究人员发现 Rsync 文件同步工具漏洞": "https://hackernews.cc/archives/56924", + "FBI 在数月行动中从 4250 台被黑电脑中删除 PlugX 恶意软件": "https://hackernews.cc/archives/56922" + }, + "奇客Solidot–传递最新科技情报": { + "RISC-V 开发商算能公司被美国列入实体名单": "https://www.solidot.org/story?sid=80353", + "Blue Origin 的重型火箭 New Glenn 首次抵达轨道": "https://www.solidot.org/story?sid=80352", + "Proton CEO 拥抱特朗普引发争议": "https://www.solidot.org/story?sid=80351", + "动视对微软 Xbox Game Pass 订阅量增加帮助不大": "https://www.solidot.org/story?sid=80350", + "日英意下一代战斗机计划本年内开始制造试制机": "https://www.solidot.org/story?sid=80349", + "新泽西州州长呼吁 K-12 学校禁止学生使用手机": "https://www.solidot.org/story?sid=80348", + "英特尔开源 Tofino P4 软件": "https://www.solidot.org/story?sid=80347", + "LinkedIn 用 AI 劝阻求职者不要申请不符合条件的职位": "https://www.solidot.org/story?sid=80346", + "深圳大疆让无人机操作人员决定是否在禁飞区飞行": "https://www.solidot.org/story?sid=80345", + "Telegram 关闭 Z-Library 和 Anna's Archive 频道": "https://www.solidot.org/story?sid=80344" + }, + "安全牛": { + "六部门印发《关于完善数据流通安全治理 更好促进数据要素市场化价值化的实施方案》;TikTok在美关停在即,特朗普有意挽救 |牛览": "https://mp.weixin.qq.com/s?__biz=MjM5Njc3NjM4MA==&mid=2651134747&idx=1&sn=7fb3c006d6af7e55e5391cf29e23164d&chksm=bd15abc88a6222deeb8ad366d3d93a2396148eabc4910de5027d5eeed07370fd3917a1d9f3a8&scene=58&subscene=0#rd", + "精彩汇集,业务宝典:《2024安全牛百篇文章精选集》发布": "https://mp.weixin.qq.com/s?__biz=MjM5Njc3NjM4MA==&mid=2651134747&idx=2&sn=643272181de389de86be6fc5e58c5448&chksm=bd15abc88a6222dee2a597f0f61ec3c1636d98ae8d8fb53c35744aa517a4ce301c222ae8e804&scene=58&subscene=0#rd" + }, + "绿盟科技技术博客": { + "【漏洞通告】Rsync缓冲区溢出与信息泄露漏洞(CVE-2024-12084/CVE-2024-12085)通告": "https://blog.nsfocus.net/cve-2024-12084-cve-2024/" + }, + "黑海洋 - IT技术知识库": { + "Raphael AI:几秒生成图像(无限制)": "https://blog.upx8.com/4666", + "完美解决软路由openwrt分流问题:chinadns + xray + iptables": "https://blog.upx8.com/4665" + }, + "Shostack & Friends Blog": { + "Lessons for Cybersecurity from the American Public Health System": "https://shostack.org/blog/lessons-for-cyber-from-the-public-health-system/" + }, + "锦行科技": { + "喜讯 | 锦行科技连续两年荣获广州大学网络空间安全学院 “优秀合作企业奖”!": "https://mp.weixin.qq.com/s?__biz=MzIxNTQxMjQyNg==&mid=2247493674&idx=1&sn=e4f389bf7f5896a23f762b851bf62e88&chksm=979a138fa0ed9a99007d6e8999e8d429298d74dde4a2cb23fa82fa60897128f6c0165b45e150&scene=58&subscene=0#rd", + "锦行科技入选“2024网络安全TOP50榜单”!": "https://mp.weixin.qq.com/s?__biz=MzIxNTQxMjQyNg==&mid=2247493674&idx=2&sn=4ce09cf88bd39c0cb840c1949aab8b51&chksm=979a138fa0ed9a9996e6872943c2861e53b3470eb9c2f66e0a54646045bfa22943afbb4cca9f&scene=58&subscene=0#rd" + }, + "Reverse Engineering": { + "Reverse Engineering Conference happening this February in Orlando!": "https://www.reddit.com/r/ReverseEngineering/comments/1i2yah6/reverse_engineering_conference_happening_this/", + "Release of IDA Python script helper (community_base.py)": "https://www.reddit.com/r/ReverseEngineering/comments/1i2brvi/release_of_ida_python_script_helper_community/" + }, + "FreeBuf网络安全行业门户": { + "FreeBuf早报 | 泰国总理遭遇电诈;腾讯回应用户被异地刷脸支付成功": "https://www.freebuf.com/news/420003.html", + "最好用的文件同步工具曝6个严重漏洞,可执行远程代码": "https://www.freebuf.com/news/419987.html", + "Palo Alto Networks防火墙迁移工具曝多个关键漏洞,可泄露明文密码": "https://www.freebuf.com/news/419970.html", + "Fortinet新的零日漏洞被黑客利用": "https://www.freebuf.com/news/419968.html", + "Google Ads用户成恶意广告诈骗新目标,凭据及双因素认证码被盗": "https://www.freebuf.com/articles/419985.html" + }, + "代码卫士": { + "Ivanti修复Endpoint Manager中的多个严重漏洞": "https://mp.weixin.qq.com/s?__biz=MzI2NTg4OTc5Nw==&mid=2247522089&idx=1&sn=a04239b89ce2032e8e28b49d05782135&chksm=ea94a643dde32f55fd65e0ec66115b17b1cfe6c18f35bb55ece3c45dfce09c46bdf368f9009f&scene=58&subscene=0#rd", + "SimpleHelp 多个严重漏洞可导致文件窃取、提权和RCE攻击": "https://mp.weixin.qq.com/s?__biz=MzI2NTg4OTc5Nw==&mid=2247522089&idx=2&sn=46178e7445995e2b3a605d7fd3c37a93&chksm=ea94a643dde32f5500a0b9ba085731e8b6fcd21c96d42f6dbb5597cd5ac92f61c77907616c88&scene=58&subscene=0#rd" + }, + "看雪学苑": { + "【Windows 内核基础篇】-内核入门-段基础": "https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458588707&idx=1&sn=d94feda75be18bc50c1a4e1b3e8562dc&chksm=b18c26a986fbafbf5d4bae96661feee0121f0b4a7d68ec53bf20422ad8be57c2d8885cbde9a1&scene=58&subscene=0#rd", + "Palo Alto Networks Expedition 工具曝关键漏洞,明文密码或泄露": "https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458588707&idx=2&sn=d8b388917808b4ab77f7526a37a8f228&chksm=b18c26a986fbafbfafefb07442a2524806b1f3c1598ea59eff936f42c6f1d5c9c7346e8eb91e&scene=58&subscene=0#rd", + "Windows内核漏洞分析与EXP编写技巧": "https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458588707&idx=3&sn=e956cfff8deabe1f7326baacac64eef9&chksm=b18c26a986fbafbf0481872368b731450bf7c0dd4efa35180ae1fdcb91d09ff87bfcfda869c7&scene=58&subscene=0#rd" + }, + "安全内参": { + "首个AI驱动的勒索软件组织:大模型生成代码、聊天机器人自主运营": "https://mp.weixin.qq.com/s?__biz=MzI4NDY2MDMwMw==&mid=2247513518&idx=1&sn=fe28a4824b27c5537d65babed6d5c44f&chksm=ebfaf28edc8d7b9869d2b2b4b8daeb1905fb01803f567a2477bfe3f226caaea259ca1fa79638&scene=58&subscene=0#rd", + "微信支付存漏洞?用户被异地刷脸支付成功,官方回应": "https://mp.weixin.qq.com/s?__biz=MzI4NDY2MDMwMw==&mid=2247513518&idx=2&sn=e3691228661dd921114c81bc336d3c7a&chksm=ebfaf28edc8d7b987cbca67e7facee84ece62bb9db75aeb0b865aafa069342f157193c760e9b&scene=58&subscene=0#rd" + }, + "长亭安全应急响应中心": { + "【已复现】Fortinet FortiOS/FortiProxy 认证绕过漏洞(CVE-2024-55591)": "https://mp.weixin.qq.com/s?__biz=MzIwMDk1MjMyMg==&mid=2247492698&idx=1&sn=31b2a6d8629fb3f69e5a9c159e42c650&chksm=96f7fb37a1807221e222b2e62698c88569521b9b0ec86deebfe7d0dab53b302b142b23b9358f&scene=58&subscene=0#rd" + }, + "腾讯玄武实验室": { + "每日安全动态推送(25/1/16)": "https://mp.weixin.qq.com/s?__biz=MzA5NDYyNDI0MA==&mid=2651959990&idx=1&sn=30d3c830c7207583d9ca8e9c9d4c9c7e&chksm=8baed229bcd95b3f6fe66b785e1c1c07b4d0cf4020f57121b573a83bde1e49c0b789ff02fde0&scene=58&subscene=0#rd" + }, + "吾爱破解论坛": { + "征集吾爱破解论坛微信红包封面设计": "https://mp.weixin.qq.com/s?__biz=MjM5Mjc3MDM2Mw==&mid=2651141557&idx=1&sn=91d30c43aac8a1110c1286d481927d35&chksm=bd50a5e18a272cf785cf136f38cddd5c40d02b83fc5d168b8863afaed962fdca39e2f5aa7e1b&scene=58&subscene=0#rd" + }, + "Black Hills Information Security": { + "One Active Directory Account Can Be Your Best Early Warning": "https://www.blackhillsinfosec.com/one-active-directory-account-can-be-your-best-early-warning/" + }, + "威努特安全网络": { + "追逐国产化发展新浪潮,助力长航自主可控安全体系建设": "https://mp.weixin.qq.com/s?__biz=MzAwNTgyODU3NQ==&mid=2651130378&idx=1&sn=8b069880e459491f3fddd6240c7b6f5e&chksm=80e710bab79099ac2d06407cf67ff5e9e36adae2361ee1b6b1cac0a2edfc4407bef4a522aca6&scene=58&subscene=0#rd" + }, + "奇安信 CERT": { + "奇安信集团2025年01月补丁库更新通告-第一次更新": "https://mp.weixin.qq.com/s?__biz=MzU5NDgxODU1MQ==&mid=2247502851&idx=1&sn=7f2bbf94f6a150066e8b83295b2969dc&chksm=fe79e89bc90e618d32ddc7a6e1890807a83f451da51d9b64113505750e5d57cda9740e43f62c&scene=58&subscene=0#rd" + }, + "丁爸 情报分析师的工具箱": { + "【资料】情报分析的应用思维 :从业者指南": "https://mp.weixin.qq.com/s?__biz=MzI2MTE0NTE3Mw==&mid=2651148536&idx=1&sn=dbc7dff83031ab6b8004c22b387ea793&chksm=f1af27c2c6d8aed465d513db940dfb4aa0d8037c31b60cb7a6e20ae396904b5875269b05a4fa&scene=58&subscene=0#rd" + }, + "微步在线研究响应中心": { + "Rsync修复数个高危漏洞,两个RCE需要重点关注": "https://mp.weixin.qq.com/s?__biz=Mzg5MTc3ODY4Mw==&mid=2247507685&idx=1&sn=f6f13d9e6ca46b986c4c17ce7424d252&chksm=cfcabdf1f8bd34e7a4bb18b1d16702e6a4feb5c65a3c5642728ea446c51edaaba876ffe2c928&scene=58&subscene=0#rd" + }, + "绿盟科技CERT": { + "【漏洞通告】Rsync缓冲区溢出与信息泄露漏洞(CVE-2024-12084/CVE-2024-12085)": "https://mp.weixin.qq.com/s?__biz=Mzk0MjE3ODkxNg==&mid=2247488860&idx=1&sn=d1d87ac982c32f01e05fc74e29efccff&chksm=c2c64257f5b1cb416e9fd6d3a45e35247f42e76947e51170f466288638bc9ff50a5e290f30c1&scene=58&subscene=0#rd" + }, + "dotNet安全矩阵": { + ".NET 内网横向移动,通过模拟用户令牌实现远程权限提升": "https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498252&idx=1&sn=cf0ab90b357c9de769fa264d92b5d3db&chksm=fa5954e1cd2eddf79d8bdfb7da7b322787b306361d64639876956062b76e3e3e827960b2bbb5&scene=58&subscene=0#rd", + "国内最专业、最全面的 [ .NET 代码审计 ] 体系化学习交流社区": "https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498252&idx=2&sn=1482f0c46b8108d2d17d067aa5a82739&chksm=fa5954e1cd2eddf7a9f0115b6b81ec954b2000fc15ff35f05fdecc531bd61d4087ff091e4c9a&scene=58&subscene=0#rd", + ".NET 实战中批量获取数据库凭据的工具": "https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498252&idx=3&sn=a2cb571fb0ac54647dc4f5ae74194aa4&chksm=fa5954e1cd2eddf72a8664ea41621ed2a2c0d089b2d4c7dad4be2ea79878ad831fbc5dbbced8&scene=58&subscene=0#rd" + }, + "慢雾科技": { + "探讨 Poseidon 延展性攻击,可影响零知识证明应用的安全性": "https://mp.weixin.qq.com/s?__biz=MzU4ODQ3NTM2OA==&mid=2247500936&idx=1&sn=433dc45041abe0603c4c00d7a3db7ced&chksm=fddeba0fcaa9331903775c679192d7df3cb0be4b43575a5ac854e2f5dd19fb7c3465ca2299cf&scene=58&subscene=0#rd" + }, + "微步在线": { + "银狐叒进化,溯源不了,清理不掉!": "https://mp.weixin.qq.com/s?__biz=MzI5NjA0NjI5MQ==&mid=2650182999&idx=1&sn=ea90cb2b6d56950310409bf3e32feeb3&chksm=f4486eebc33fe7fd48e6aced8e580fe90c58251598b1cfd54c65b4a1d86832a3e3c23521c4a8&scene=58&subscene=0#rd" + }, + "58安全应急响应中心": { + "58集团|春节放假通知": "https://mp.weixin.qq.com/s?__biz=MzU4NTMzNjU4Mw==&mid=2247490167&idx=1&sn=74d119b85e31259bf2ce342602ce9d4f&chksm=fd8d481fcafac109e3a81983cfc87fe697401620c1993eb92cd26311c65badd1e321668c51c1&scene=58&subscene=0#rd" + }, + "情报分析师": { + "【可视化】情报分析师教你如何辨别数据、信息和情报": "https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650558974&idx=1&sn=5cab57b2a1d0dd82507a737097ce3f2c&chksm=87117fb5b066f6a3cb6871541c268adf5cbe42afd9c93b1ea0100bfecb2ef227ba0ad25acff8&scene=58&subscene=0#rd", + "缅甸诈骗产业链条:军阀、幕后大佬深度剖析": "https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650558974&idx=2&sn=0651bf621a409a62f4cc2de29da5da57&chksm=87117fb5b066f6a3e7585739b3ef800e3723ef179cc273ca78b610152178c990bffab28a5c04&scene=58&subscene=0#rd" + }, + "中国信息安全": { + "专题·人工智能安全治理 | 关于《人工智能安全治理框架》的解读与思考": "https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664234775&idx=1&sn=83ab940ab301a0f823a6e47ed7b51c15&chksm=8b59fdeebc2e74f8b7a174a9b5260fa421c3d74a9f3d3eef6564785924f1c7114ca46617dffc&scene=58&subscene=0#rd", + "专家解读 | 魏亮:繁荣数据标注产业,赋能人工智能高质量发展": "https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664234775&idx=2&sn=df6cb8e9e959e150ba19c755ad71542c&chksm=8b59fdeebc2e74f87e89cb3871bfc40378b4ec75a027fa28f285e53e1fd4a5b83a838040e0a3&scene=58&subscene=0#rd", + "CNNVD | 关于Fortinet FortiOS和FortiProxy安全漏洞的通报": "https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664234775&idx=3&sn=82b000440fa4c60ceae4b17d4472d670&chksm=8b59fdeebc2e74f8f1e114cc8a17881077bd3708e814560f198b1085ef506d998bb5bd1dec9b&scene=58&subscene=0#rd", + "CNNVD | 关于微软多个安全漏洞的通报": "https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664234775&idx=4&sn=ec548ccac6f3d80540906533ca87ecf9&chksm=8b59fdeebc2e74f8c64ef4317b09ff932b30314e4bf6a8856a5aa49afbd1509722c124378ab7&scene=58&subscene=0#rd", + "国际 | 全球产业各方强烈反对美国AI新限令": "https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664234775&idx=5&sn=e78991ce80797a2d231c237b288a0161&chksm=8b59fdeebc2e74f87507ad451c5da6ad2e961a19138f1f15a8a698c703959b7413eedc8f4faf&scene=58&subscene=0#rd", + "发布 | 中国信通院发布《高质量大模型基础设施研究报告(2024年)》(附下载)": "https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664234775&idx=6&sn=673d2d303997d8b3ec28dab3c35e6269&chksm=8b59fdeebc2e74f8448eb96681ff2ef19be35ba4ea0cdb7022870c364d6bf20aa162fd349456&scene=58&subscene=0#rd", + "公安部提示:警惕境外高薪招聘 避免落入电诈窝点": "https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664234775&idx=7&sn=a17f63056a3bfc0d3f5dc8e5bd566831&chksm=8b59fdeebc2e74f86114c487390974b20b8eb87fa964089e6574931fc1cc4da62b267bc45ed9&scene=58&subscene=0#rd" + }, + "安全圈": { + "【安全圈】2024年12月涉国内数据泄露事件汇总": "https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067407&idx=1&sn=47291e4d3be4fe5aba124eaf42090def&chksm=f36e7a0fc419f31979de403434ebbb3d4e9eb54623f6bea7eeee1c6ca71d85f271efbe2b4598&scene=58&subscene=0#rd", + "【安全圈】TikTok计划本周日关停美国业务": "https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067407&idx=2&sn=c4ea18f86a062710556f1866f61a834d&chksm=f36e7a0fc419f31923da14b7bb88e95381f39c1784189c56b88853af1571446b91763d2b87a3&scene=58&subscene=0#rd", + "【安全圈】超过 660,000 个 Rsync 服务器遭受代码执行攻击": "https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067407&idx=3&sn=8ab61dc14be99150b80875b0242ba5ee&chksm=f36e7a0fc419f31991628c4d2745df5c3bc235f99efb1f272830e57fe97a8ce3d84f7a21bcb2&scene=58&subscene=0#rd", + "【安全圈】Fortinet 又被确认存在新的零日漏洞": "https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067407&idx=4&sn=0e43cb3c3a8763dcfcbd7b70a9d16464&chksm=f36e7a0fc419f319a7965eec0e32510033e5b2543bbe6ce51c54334af84e58c2c68a4a803549&scene=58&subscene=0#rd" + }, + "数世咨询": { + "\"TikTok难民\"涌入 ,小红书如何应对安全挑战?": "https://mp.weixin.qq.com/s?__biz=MzkxNzA3MTgyNg==&mid=2247534365&idx=1&sn=f588bf9917f2c9ea08f7e4a1b7bd0fa1&chksm=c14435a0f633bcb6e8081a918f1c1f1b0a773c8c5cab714e55d4396a4353943fd6de59281d88&scene=58&subscene=0#rd" + }, + "极客公园": { + "只用 45 天达成 100 万美金 ARR,这家创业公司找到了 AI 落地的解法": "https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653072187&idx=1&sn=3d684d310b02fde9036a7b380e174561&chksm=7e57d68d49205f9b271fb04d2c021c24035447ca229df15fc35d9141b95d71ef9d96a4cac22f&scene=58&subscene=0#rd", + "前华为智驾主管转投地平线后首秀:对手只有特斯拉,天天营销没用": "https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653072187&idx=2&sn=1804eeacd4a39d7558ce0924efafc873&chksm=7e57d68d49205f9b70c422202cc67af03e9d5383daa790831590702dc6b0788d64b18dcbb861&scene=58&subscene=0#rd", + "TikTok「硬刚」之下,转机来了": "https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653072182&idx=1&sn=07ecbd9641c4e5dc91ae910dbee03330&chksm=7e57d68049205f96e71c86167379f753f018f4b6c491b3c1ede6d838a3ce3c6ae01efac68ee9&scene=58&subscene=0#rd", + "传 TikTok 计划周日完全关停美业务;OpenAI 推出新功能「Tasks」;《王者荣耀》纯血鸿蒙版上线 | 极客早知道": "https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653072123&idx=1&sn=a2b3df514f9f43169cdb6d3fb6529d09&chksm=7e57d74d49205e5bd59bfa31969dbc073fc123b54a6c6d6485961460d2fd1219eda233e694a5&scene=58&subscene=0#rd" + }, + "嘶吼专业版": { + "Nuclei 漏洞允许恶意模板绕过签名验证": "https://mp.weixin.qq.com/s?__biz=MzI0MDY1MDU4MQ==&mid=2247580839&idx=1&sn=9bbf94cef195dc62ef4e9c2767e40736&chksm=e9146c9dde63e58b38dc1102ff184f3f04def7647e879875cf84eea98fd90bd0fb589e54a1ae&scene=58&subscene=0#rd", + "国家计算机病毒应急处理中心监测发现16款违规移动应用": "https://mp.weixin.qq.com/s?__biz=MzI0MDY1MDU4MQ==&mid=2247580839&idx=2&sn=ba6339b09bc11710fbe1b0d53e455d2e&chksm=e9146c9dde63e58bdb54281cedb98d47988111a4dc35b2d7b1da0f4e522afe4a0514ee5a3dcf&scene=58&subscene=0#rd" + }, + "字节跳动安全中心": { + "业务上新|BytePlus开放测试": "https://mp.weixin.qq.com/s?__biz=MzUzMzcyMDYzMw==&mid=2247494456&idx=1&sn=08dd5c76c4e63b643bf83e6e67376f72&chksm=fa9d106ecdea9978cd783823f2d8d73ad96e7742cdf39c379eb7dae0e4e2c2bf87075fb5a6f1&scene=58&subscene=0#rd" + }, + "威胁猎人Threat Hunter": { + "【黑产大数据】2024年互联网黑灰产趋势年度总结": "https://mp.weixin.qq.com/s?__biz=MzI3NDY3NDUxNg==&mid=2247498891&idx=1&sn=9f040f1179476893f7e090a25d5c7db6&chksm=eb12dab0dc6553a6688a1502538c0a93299a3ae6095c314d0db7c1c3f67008f121543a1aa9df&scene=58&subscene=0#rd" + }, + "Yak Project": { + "一种简单又强势的Js-Forward脚本编写方式": "https://mp.weixin.qq.com/s?__biz=Mzk0MTM4NzIxMQ==&mid=2247527481&idx=1&sn=9bee930fcf19964ae14c0d949c517570&chksm=c2d1109df5a6998b7ef18c9aa6230c5759ef54ac86481b4372e0b3e08e5217cc312d81f83fe4&scene=58&subscene=0#rd" + }, + "DataCon大数据安全分析竞赛": { + "DataCon2024解题报告WriteUp—网络基础设施安全赛道": "https://mp.weixin.qq.com/s?__biz=MzU5Njg1NzMyNw==&mid=2247489113&idx=1&sn=f50d636aa1d51351143f9cdf801aedeb&chksm=fe5d0ed9c92a87cf2d0cb0ac85dcfb860d8e5684ae9d60f6eaad2c43357757367e274d6cacf0&scene=58&subscene=0#rd" + }, + "火绒安全": { + "聚焦银狐丨探究病毒肆虐传播背后隐藏的迭代玄机": "https://mp.weixin.qq.com/s?__biz=MzI3NjYzMDM1Mg==&mid=2247521662&idx=1&sn=d892c1ee59c408fd2318701d76ce76eb&chksm=eb704b41dc07c257e791093a007f7281efb53f3f4302acc7f352f5567cc85528f957695de501&scene=58&subscene=0#rd", + "诚邀渠道合作伙伴共启新征程": "https://mp.weixin.qq.com/s?__biz=MzI3NjYzMDM1Mg==&mid=2247521662&idx=2&sn=a82fab2199cc8b53db07300512a91f88&chksm=eb704b41dc07c257eaa7c89bd1beb5aa42864668fdd898b231ff7f0f412a808ed8ef8519964e&scene=58&subscene=0#rd" + }, + "美团技术团队": { + "没猜错的话,你在等美团技术年货 | 送10份美团新春礼盒": "https://mp.weixin.qq.com/s?__biz=MjM5NjQ5MTI5OA==&mid=2651779737&idx=1&sn=34c1ad2e924f5724af10680a2079e410&chksm=bd122bd48a65a2c2a7c45122b8b55b8ed496d0d1d72d9adb1d5039567f111852ebf314f01416&scene=58&subscene=0#rd" + }, + "360数字安全": { + "正式签约!360为宁波城市大模型发展注入新动能": "https://mp.weixin.qq.com/s?__biz=MzA4MTg0MDQ4Nw==&mid=2247579041&idx=1&sn=2f7055867704f94db13304cebae8ada0&chksm=9f8d25a9a8faacbfa4674c94f494a1791f0840109f3b0b78273934fb04f0405c1565a6d12d5c&scene=58&subscene=0#rd" + }, + "LuxSci": { + "HIPAA-Compliant Personalization With PHI: A How-To Guide": "https://luxsci.com/blog/hipaa-compliant-personalization.html" + }, + "安全419": { + "人工智能和机器学习如何改变数字银行安全": "https://mp.weixin.qq.com/s?__biz=MzUyMDQ4OTkyMg==&mid=2247546715&idx=1&sn=59b38fd23de2ac6cd1e972f8ce8fd022&chksm=f9ebe9f6ce9c60e06d2a7dc7e7ea3652f451882a9fdd79ca021c75265aa830efe30ac8736cdf&scene=58&subscene=0#rd" + }, + "Qualys Security Blog": { + "Cybersecurity 2025: Qualys’ Predictions for Navigating the Evolving Threat Landscape": "https://blog.qualys.com/category/qualys-insights" + }, + "Over Security - Cybersecurity news aggregator": { + "GDPR complaints filed against TikTok, Temu for sending user data to China": "https://www.bleepingcomputer.com/news/security/gdpr-complaints-filed-against-tiktok-temu-for-sending-user-data-to-china/", + "Qualche grafico: Analisi del leak Fortinet su 15K server esposti": "https://www.insicurezzadigitale.com/qualche-grafico-analisi-del-leak-fortinet-su-15k-server-esposti/", + "FTC updates closely watched children’s online privacy rule": "https://therecord.media/ftc-coppa-childrens-data-privacy-updated-regulation", + "Chinese Innovations Spawn Wave of Toll Phishing Via SMS": "https://krebsonsecurity.com/2025/01/chinese-innovations-spawn-wave-of-toll-phishing-via-sms/", + "W3 Total Cache plugin flaw exposes 1 million WordPress sites to attacks": "https://www.bleepingcomputer.com/news/security/w3-total-cache-plugin-flaw-exposes-1-million-wordpress-sites-to-attacks/", + "US issues sanctions against companies in Laos, China tied to North Korean IT worker scheme": "https://therecord.media/us-issues-sanctions-laos-china-north-korean-worker-scheme", + "Balancing Celebration with Security at Trump’s Second Inauguration and Beyond": "https://flashpoint.io/blog/balancing-celebration-with-security-at-trumps-second-inauguration/", + "Microsoft expands testing of Windows 11 admin protection feature": "https://www.bleepingcomputer.com/news/security/microsoft-expands-testing-of-windows-11-admin-protection-feature/", + "Find the helpers": "https://blog.talosintelligence.com/find-the-helpers/", + "US cracks down on North Korean IT worker army with more sanctions": "https://www.bleepingcomputer.com/news/security/us-cracks-down-on-north-korean-it-worker-army-with-more-sanctions/", + "Biden signs executive order to bolster national cybersecurity": "https://www.bleepingcomputer.com/news/security/biden-signs-executive-order-to-bolster-national-cybersecurity/", + "Biotech firm settles class action lawsuit over ransomware attack for $7.5 million": "https://therecord.media/enzo-biochem-ransomware-class-action-lawsuit-settlement", + "German defense and foreign ministries suspend activity on Elon Musk’s platform": "https://therecord.media/german-defense-foreign-ministries-suspend-accounts-on-x", + "Wolf Haldenstein law firm says 3.5 million impacted by data breach": "https://www.bleepingcomputer.com/news/security/wolf-haldenstein-law-firm-says-35-million-impacted-by-data-breach/", + "FTC sues GoDaddy for years of poor hosting security practices": "https://www.bleepingcomputer.com/news/security/ftc-sues-godaddy-for-years-of-poor-hosting-security-practices/", + "Karmada Security Audit": "https://www.shielder.com/blog/2025/01/karmada-security-audit/", + "Una vulnerabilità di UEFI Secure Boot permette l’esecuzione di codice durante il boot di sistema": "https://www.securityinfo.it/2025/01/16/una-vulnerabilita-di-uefi-secure-boot-permette-lesecuzione-di-codice-durante-il-boot-di-sistema/", + "MFA Failures - The Worst is Yet to Come": "https://www.bleepingcomputer.com/news/security/mfa-failures-the-worst-is-yet-to-come/", + "New UEFI Secure Boot flaw exposes systems to bootkits, patch now": "https://www.bleepingcomputer.com/news/security/new-uefi-secure-boot-flaw-exposes-systems-to-bootkits-patch-now/", + "UK’s porn age checks to arrive in July, raising fears over security and privacy": "https://therecord.media/ofcom-uk-pornography-age-verification-checks", + "Government Sector Bears the Brunt of Cyberattacks in Ukraine: Report": "https://cyble.com/blog/ukraine-cyberthreat-landscape-2024/", + "Ransomware sanctions, software security among key points in new Biden executive order": "https://therecord.media/biden-cybersecurity-executive-order", + "ICS Vulnerability Report: Hitachi Energy Network Management Flaw Scores a Perfect 10": "https://cyble.com/blog/ics-vulnerability-report-hitachi-energy-network-management-flaw-scores-a-perfect-10/", + "16-31 October 2024 Cyber Attacks Timeline": "https://www.hackmageddon.com/2025/01/16/16-31-october-2024-cyber-attacks-timeline/", + "Malware Trends Overview Report: 2024": "https://any.run/cybersecurity-blog/malware-trends-2024/", + "The Truth of the Matter: Scammers Targeting Truth Social Users": "https://www.netcraft.com/blog/truth-social-scam-threat-review/", + "Sneaky 2FA: exposing a new AiTM Phishing-as-a-Service": "https://blog.sekoia.io/sneaky-2fa-exposing-a-new-aitm-phishing-as-a-service/", + "Le Coq Sportif Columbia - 79,712 breached accounts": "https://haveibeenpwned.com/PwnedWebsites#LeCoqSportif", + "Hackers leak configs and VPN credentials for 15,000 FortiGate devices": "https://www.bleepingcomputer.com/news/security/hackers-leak-configs-and-vpn-credentials-for-15-000-fortigate-devices/", + "Japanese Spam on a Cleaned WordPress Site: The Hidden Sitemap Problem": "https://blog.sucuri.net/2025/01/japanese-spam-on-a-cleaned-wordpress-site-the-hidden-sitemap-problem.html", + "Supreme Court seems poised to uphold age-gating law for online sexual content": "https://therecord.media/supreme-court-poised-to-uphold-porn-age-gating-law" + }, + "Securityinfo.it": { + "Una vulnerabilità di UEFI Secure Boot permette l’esecuzione di codice durante il boot di sistema": "https://www.securityinfo.it/2025/01/16/una-vulnerabilita-di-uefi-secure-boot-permette-lesecuzione-di-codice-durante-il-boot-di-sistema/?utm_source=rss&utm_medium=rss&utm_campaign=una-vulnerabilita-di-uefi-secure-boot-permette-lesecuzione-di-codice-durante-il-boot-di-sistema" + }, + "娜璋AI安全之家": { + "[系统安全] 六十一.恶意软件分析 (12)LLM赋能Lark工具提取XLM代码的抽象语法树(初探)": "https://mp.weixin.qq.com/s?__biz=Mzg5MTM5ODU2Mg==&mid=2247501228&idx=1&sn=b09f8443148d480c875e52d77103988a&chksm=cfcf7561f8b8fc774623011fade9c0218ad64e57b3768912d4159b85716e79823aa0097bc495&scene=58&subscene=0#rd" + }, + "HACKMAGEDDON": { + "16-31 October 2024 Cyber Attacks Timeline": "https://www.hackmageddon.com/2025/01/16/16-31-october-2024-cyber-attacks-timeline/" + }, + "FuzzWiki": { + "Atropos:对Web应用程序服务器端漏洞的模糊测试技术": "https://mp.weixin.qq.com/s?__biz=MzU1NTEzODc3MQ==&mid=2247486892&idx=1&sn=a6724b98a3098cb4aafd29db4607bbea&chksm=fbd9a610ccae2f06142212f5bb3152632f1397c33284590d3a060c069821d719e57417138604&scene=58&subscene=0#rd" + }, + "ICT Security Magazine": { + "Continuous Threat Exposure Management e Cyber Risk Operation Center: Architettura Avanzata per la Cybersecurity": "https://www.ictsecuritymagazine.com/articoli/continuous-threat-exposure-management-e-cyber-risk-operation-center/" + }, + "Krypt3ia": { + "Daily Krypt3ia Cyber Threat Intelligence Digest:": "https://krypt3ia.wordpress.com/2025/01/16/daily-krypt3ia-cyber-threat-intelligence-daily-digest/" + }, + "Blog on Shielder": { + "Karmada Security Audit": "https://www.shielder.com/blog/2025/01/karmada-security-audit/" + }, + "迪哥讲事": { + "垂直越权,你只会替换 COOKIE ?": "https://mp.weixin.qq.com/s?__biz=MzIzMTIzNTM0MA==&mid=2247496878&idx=1&sn=da95b7064e7bdbbf53ae06a6b9df0f66&chksm=e8a5fecddfd277db713446ce20375d8d5ba31517f0fae716a2a6b9433fe0fcf2a8a56428ca89&scene=58&subscene=0#rd", + "备考宝典来啦!华为ICT大赛实践赛真题解析丛书出版": "https://mp.weixin.qq.com/s?__biz=MzIzMTIzNTM0MA==&mid=2247496878&idx=2&sn=04d8b2a71c966daf1e511947fc487d90&chksm=e8a5fecddfd277dbc517e73f975a682e6a45ebb4323c75f666e3bb644d0c29040bcdbd17f937&scene=58&subscene=0#rd" + }, + "SANS Internet Storm Center, InfoCON: green": { + "Extracting Practical Observations from Impractical Datasets, (Thu, Jan 16th)": "https://isc.sans.edu/diary/rss/31582" + }, + "Schneier on Security": { + "FBI Deletes PlugX Malware from Thousands of Computers": "https://www.schneier.com/blog/archives/2025/01/fbi-deletes-plugx-malware-from-thousands-of-computers.html" + }, + "Full Disclosure": { + "CVE-2024-48463": "https://seclists.org/fulldisclosure/2025/Jan/6", + "CyberDanube Security Research 20250107-0 | Multiple Vulnerabilities in ABB AC500v3": "https://seclists.org/fulldisclosure/2025/Jan/5", + "Certified Asterisk Security Release certified-20.7-cert4": "https://seclists.org/fulldisclosure/2025/Jan/7", + "Certified Asterisk Security Release certified-18.9-cert13": "https://seclists.org/fulldisclosure/2025/Jan/4", + "Asterisk Security Release 22.1.1": "https://seclists.org/fulldisclosure/2025/Jan/3", + "Asterisk Security Release 18.26.1": "https://seclists.org/fulldisclosure/2025/Jan/2", + "[asterisk-dev] Asterisk Security Release 21.6.1": "https://seclists.org/fulldisclosure/2025/Jan/1", + "[asterisk-dev] Asterisk Security Release 20.11.1": "https://seclists.org/fulldisclosure/2025/Jan/0" + }, + "TorrentFreak": { + "Poppy Playtime Sues Google for Failing to Remove Copyright Infringing ‘Scam’ Apps": "https://torrentfreak.com/poppy-playtime-sues-google-for-failing-to-remove-copyright-infringing-scam-apps-250116/" + }, + "Deeplinks": { + "Systemic Risk Reporting: A System in Crisis?": "https://www.eff.org/deeplinks/2025/01/systemic-risk-reporting-system-crisis" + }, + "洞源实验室": { + "企业信息化建设的探索与实践": "https://mp.weixin.qq.com/s?__biz=Mzg4Nzk3MTg3MA==&mid=2247487704&idx=1&sn=c180012e3a4418e25b760a61aeccacdc&chksm=cf8319a9f8f490bfd408a4cef87a0500e53bf20076190d3a9ac2b53d1a8aebda09b4d74307cf&scene=58&subscene=0#rd" + }, + "Have I Been Pwned latest breaches": { + "Le Coq Sportif Columbia - 79,712 breached accounts": "https://haveibeenpwned.com/PwnedWebsites#LeCoqSportif" + }, + "Your Open Hacker Community": { + "How to find someone email": "https://www.reddit.com/r/HowToHack/comments/1i2oo3o/how_to_find_someone_email/", + "[ Removed by Reddit ]": "https://www.reddit.com/r/HowToHack/comments/1i2m4hc/removed_by_reddit/", + "Interested in learning batch": "https://www.reddit.com/r/HowToHack/comments/1i2jqgm/interested_in_learning_batch/", + "Getting an email": "https://www.reddit.com/r/HowToHack/comments/1i2fna5/getting_an_email/" + }, + "Technical Information Security Content & Discussion": { + "How to Create Vulnerable-Looking Endpoints to Detect and Mislead Attackers": "https://www.reddit.com/r/netsec/comments/1i2tizr/how_to_create_vulnerablelooking_endpoints_to/", + "Microsoft Configuration Manager (ConfigMgr / SCCM) 2403 Unauthenticated SQL injections (CVE-2024-43468)": "https://www.reddit.com/r/netsec/comments/1i2vo90/microsoft_configuration_manager_configmgr_sccm/", + "The Role of Emulators in OT Research": "https://www.reddit.com/r/netsec/comments/1i2x0vx/the_role_of_emulators_in_ot_research/", + "Karmada Security Audit - Shielder": "https://www.reddit.com/r/netsec/comments/1i2sbk4/karmada_security_audit_shielder/", + "PoC for CVE-2025-0282 published (Ivanti Connect Secure stack bof)": "https://www.reddit.com/r/netsec/comments/1i2te2v/poc_for_cve20250282_published_ivanti_connect/", + "A publicly available OpenCTI connector for IoC analysis FOSS tool": "https://www.reddit.com/r/netsec/comments/1i2ymf3/a_publicly_available_opencti_connector_for_ioc/" + }, + "Computer Forensics": { + "Can you run memory forensics using Kolide?": "https://www.reddit.com/r/computerforensics/comments/1i2g8a1/can_you_run_memory_forensics_using_kolide/" + }, + "Information Security": { + "Hey guys can I ask you a question?": "https://www.reddit.com/r/Information_Security/comments/1i2z2li/hey_guys_can_i_ask_you_a_question/", + "ALERT: Phishers use fake online shops with surveys to steal users’ credit card information": "https://www.reddit.com/r/Information_Security/comments/1i2tran/alert_phishers_use_fake_online_shops_with_surveys/" + }, + "Deep Web": { + "If someone wanted to find soon to be released ebooks...what sites would you look first?": "https://www.reddit.com/r/deepweb/comments/1i2utii/if_someone_wanted_to_find_soon_to_be_released/" + }, + "Security Affairs": { + "Prominent US law firm Wolf Haldenstein disclosed a data breach": "https://securityaffairs.com/173150/data-breach/us-law-firm-wolf-haldenstein-data-breach.html", + "Clop Ransomware exploits Cleo File Transfer flaw: dozens of claims, disputed breaches": "https://securityaffairs.com/173135/cyber-crime/clop-ransomware-gang-claims-hack-of-cleo-file-transfer-customers.html", + "MikroTik botnet relies on DNS misconfiguration to spread malware": "https://securityaffairs.com/173126/hacking/13000-device-mikrotik-botnet-exploiting-dns-flaws.html", + "Threat actor leaked config files and VPN passwords for over Fortinet Fortigate devices": "https://securityaffairs.com/173111/cyber-crime/fortinet-fortigate-devices-data-leak.html" + }, + "Krebs on Security": { + "Chinese Innovations Spawn Wave of Toll Phishing Via SMS": "https://krebsonsecurity.com/2025/01/chinese-innovations-spawn-wave-of-toll-phishing-via-sms/" + }, + "Hacking Exposed Computer Forensics Blog": { + "Daily Blog #719: Installing project adaz": "https://www.hecfblog.com/2025/01/daily-blog-719-installing-project-adaz.html" + }, + "The Hacker News": { + "Russian Star Blizzard Shifts Tactics to Exploit WhatsApp QR Codes for Credential Harvesting": "https://thehackernews.com/2025/01/russian-star-blizzard-shifts-tactics-to.html", + "Ready to Simplify Trust Management? Join Free Webinar to See DigiCert ONE in Action": "https://thehackernews.com/2025/01/ready-to-simplify-trust-management-join.html", + "The $10 Cyber Threat Responsible for the Biggest Breaches of 2024": "https://thehackernews.com/2025/01/the-10-cyber-threat-responsible-for.html", + "New UEFI Secure Boot Vulnerability Could Allow Attackers to Load Malicious Bootkits": "https://thehackernews.com/2025/01/new-uefi-secure-boot-vulnerability.html", + "Researchers Find Exploit Allowing NTLMv1 Despite Active Directory Restrictions": "https://thehackernews.com/2025/01/researchers-find-exploit-allowing.html", + "Hackers Hide Malware in Images to Deploy VIP Keylogger and 0bj3ctivity Stealer": "https://thehackernews.com/2025/01/hackers-hide-malware-in-images-to.html", + "Python-Based Malware Powers RansomHub Ransomware to Exploit Network Flaws": "https://thehackernews.com/2025/01/python-based-malware-powers-ransomhub.html", + "Researcher Uncovers Critical Flaws in Multiple Versions of Ivanti Endpoint Manager": "https://thehackernews.com/2025/01/researcher-uncovers-critical-flaws-in.html" + }, + "Graham Cluley": { + "Smashing Security podcast #400: Hacker games, AI travel surveillance, and 25 years of IoT": "https://grahamcluley.com/smashing-security-podcast-400/" + }, + "Social Engineering": { + "Richard Madeley: Homeowner & Homeless Skeptic": "https://www.reddit.com/r/SocialEngineering/comments/1i2wr0q/richard_madeley_homeowner_homeless_skeptic/", + "How to effectively persuade businesses to collaborate with you?": "https://www.reddit.com/r/SocialEngineering/comments/1i2hv9a/how_to_effectively_persuade_businesses_to/" + }, + "The Register - Security": { + "Russia's Star Blizzard phishing crew caught targeting WhatsApp accounts": "https://go.theregister.com/feed/www.theregister.com/2025/01/16/russia_star_blizzard_whatsapp/", + "Enzo Biochem settles lawsuit over 2023 ransomware attack for $7.5M": "https://go.theregister.com/feed/www.theregister.com/2025/01/16/enzo_biochem_ransomware_lawsuit/", + "Cybersecurity rethink - from reaction to resilience": "https://go.theregister.com/feed/www.theregister.com/2025/01/16/cybersecurity_rethink_from_reaction_to/", + "Raspberry Pi hands out prizes to all in the RP2350 Hacking Challenge": "https://go.theregister.com/feed/www.theregister.com/2025/01/16/raspberry_pi_awards_prizes_for/", + "Infoseccer: Private security biz let guard down, exposed 120K+ files": "https://go.theregister.com/feed/www.theregister.com/2025/01/16/private_security_biz_lets_guard/" + } +} \ No newline at end of file diff --git a/today.md b/today.md index eccf122efb..f6dbef247d 100644 --- a/today.md +++ b/today.md @@ -1,406 +1,425 @@ -# 每日安全资讯(2025-01-15) +# 每日安全资讯(2025-01-17) - 奇安信攻防社区 - - [ ] [从嵌入式系统到网络设备:路由器安全攻防技术详解](https://forum.butian.net/share/3995) - - [ ] [windows内核驱动开发](https://forum.butian.net/share/4034) - - [ ] [ognl+cc 依赖绕过沙箱](https://forum.butian.net/share/4037) -- Private Feed for M09Ic - - [ ] [safedv starred Karneades/malware-persistence](https://github.com/Karneades/malware-persistence) - - [ ] [safedv starred TabbyML/tabby](https://github.com/TabbyML/tabby) - - [ ] [safedv starred securitytemplates/sectemplates](https://github.com/securitytemplates/sectemplates) - - [ ] [mgeeky starred strandjs/IntroLabs](https://github.com/strandjs/IntroLabs) - - [ ] [BishopFox made BishopFox/raink public](https://github.com/BishopFox/raink) - - [ ] [mgeeky starred Neo23x0/sysmon-config](https://github.com/Neo23x0/sysmon-config) - - [ ] [zer0yu starred yqcs/prismx](https://github.com/yqcs/prismx) - - [ ] [zer0yu starred OWASP/www-project-asvs-security-evaluation-templates-with-nuclei](https://github.com/OWASP/www-project-asvs-security-evaluation-templates-with-nuclei) - - [ ] [zer0yu started following vztu](https://github.com/vztu) - - [ ] [mgeeky starred S3lrius/okta-mullvad-siege](https://github.com/S3lrius/okta-mullvad-siege) - - [ ] [zer0yu started following nicowaisman](https://github.com/nicowaisman) - - [ ] [kpcyrd forked kpcyrd/espflash from esp-rs/espflash](https://github.com/kpcyrd/espflash) - - [ ] [liamg starred dhanishgajjar/vscode-icons](https://github.com/dhanishgajjar/vscode-icons) - - [ ] [glzjin released v1.0.0 at glzjin/lzc-uid-impersonation](https://github.com/glzjin/lzc-uid-impersonation/releases/tag/v1.0.0) - - [ ] [glzjin created a repository glzjin/lzc-uid-impersonation](https://github.com/glzjin/lzc-uid-impersonation//) - - [ ] [Ascotbe starred xpipe-io/xpipe](https://github.com/xpipe-io/xpipe) - - [ ] [safedv starred EvilBytecode/GoDefender](https://github.com/EvilBytecode/GoDefender) - - [ ] [safedv starred BlackSnufkin/NyxInvoke](https://github.com/BlackSnufkin/NyxInvoke) - - [ ] [safedv starred mar10/wsgidav](https://github.com/mar10/wsgidav) - - [ ] [safedv starred Offensive-Panda/ShadowDumper](https://github.com/Offensive-Panda/ShadowDumper) - - [ ] [su18 started following apangin](https://github.com/apangin) - - [ ] [zer0yu starred RedByte1337/GraphSpy](https://github.com/RedByte1337/GraphSpy) - - [ ] [su18 starred yanqi27/core_analyzer](https://github.com/yanqi27/core_analyzer) - - [ ] [lijiejie started following 78](https://github.com/78) - - [ ] [Rvn0xsy starred 0xPlaygrounds/rig](https://github.com/0xPlaygrounds/rig) - - [ ] [FunnyWolf starred androguard/androguard](https://github.com/androguard/androguard) - - [ ] [Rvn0xsy starred astral-sh/uv](https://github.com/astral-sh/uv) - - [ ] [INotGreen starred natemcmaster/DotNetCorePlugins](https://github.com/natemcmaster/DotNetCorePlugins) - - [ ] [4ra1n started following yuanhaiGreg](https://github.com/yuanhaiGreg) - - [ ] [su18 started following Ape1ron](https://github.com/Ape1ron) -- 安全脉搏 - - [ ] [Windows远程桌面的奇技淫巧](https://www.secpulse.com/archives/205196.html) - - [ ] [JMX 反序列化漏洞](https://www.secpulse.com/archives/205242.html) - - [ ] [某个OA系统的代码审计](https://www.secpulse.com/archives/205256.html) -- 嘶吼 RoarTalk – 网络安全行业综合服务平台,4hou.com - - [ ] [CACTER直播预告:大模型网关新品抢先知,惊喜积分礼盒等您兑](https://www.4hou.com/posts/YZYY) - - [ ] [喜报!360入围中央国家机关及多地省政府采购名单](https://www.4hou.com/posts/ZgGg) - - [ ] [2024 年加密货币钱包盗取事件金额多达 4.94 亿美元](https://www.4hou.com/posts/wxgX) - - [ ] [国投智能2024年度十大事件揭晓](https://www.4hou.com/posts/XPXV) -- CXSECURITY Database RSS Feed - CXSecurity.com - - [ ] [IIT Bombay Bodhitree- Malicious Code injection](https://cxsecurity.com/issue/WLB-2025010016) - - [ ] [TheDotStudios Web Application Union-based Sql Injection](https://cxsecurity.com/issue/WLB-2025010015) - - [ ] [FSB: FOR and AGAINST XSS Vulnerability](https://cxsecurity.com/issue/WLB-2025010014) + - [ ] [Pipe管道利用](https://forum.butian.net/share/4041) + - [ ] [x86_shellcode的一些总结](https://forum.butian.net/share/4045) +- SecWiki News + - [ ] [SecWiki News 2025-01-16 Review](http://www.sec-wiki.com/?2025-01-16) - Recent Commits to cve:main - - [ ] [Update Tue Jan 14 20:23:05 UTC 2025](https://github.com/trickest/cve/commit/2b68f28ad7d72be76ceb432454fd1e3de100a91e) - - [ ] [Update Tue Jan 14 12:15:13 UTC 2025](https://github.com/trickest/cve/commit/092338135fdd51d78ed23be4a9c2576af612967d) - - [ ] [Update Tue Jan 14 04:11:31 UTC 2025](https://github.com/trickest/cve/commit/d29be7fc385546f1f15f732420b3469cf35461fb) + - [ ] [Update Thu Jan 16 20:18:31 UTC 2025](https://github.com/trickest/cve/commit/ac7b0793018b914902d4a93cfd97f9c9f5099dc2) + - [ ] [Update Thu Jan 16 12:17:03 UTC 2025](https://github.com/trickest/cve/commit/d2045a1f437c6e51bb209405ecceac7ecd5fb639) + - [ ] [Update Thu Jan 16 04:12:08 UTC 2025](https://github.com/trickest/cve/commit/e9e247db7486d0a878423134b49b830e5ac64c29) - Security Boulevard - - [ ] [The Future of Cybersecurity: Global Outlook 2025 and Beyond](https://securityboulevard.com/2025/01/the-future-of-cybersecurity-global-outlook-2025-and-beyond/) - - [ ] [Unsafe Deserialization Attacks Surge | December Attack Data | Contrast Security](https://securityboulevard.com/2025/01/unsafe-deserialization-attacks-surge-december-attack-data-contrast-security/) - - [ ] [How to Prevent Risk From Unknown Build Assets](https://securityboulevard.com/2025/01/how-to-prevent-risk-from-unknown-build-assets/) - - [ ] [CVE-2024-55591: Fortinet Authentication Bypass Zero-Day Vulnerability Exploited in the Wild](https://securityboulevard.com/2025/01/cve-2024-55591-fortinet-authentication-bypass-zero-day-vulnerability-exploited-in-the-wild/) - - [ ] [DEF CON 32 – Pick Your Poison: Navigating A Secure Clean Energy Transition](https://securityboulevard.com/2025/01/def-con-32-pick-your-poison-navigating-a-secure-clean-energy-transition/) - - [ ] [Microsoft’s January 2025 Patch Tuesday Addresses 157 CVEs (CVE-2025-21333, CVE-2025-21334, CVE-2025-21335)](https://securityboulevard.com/2025/01/microsofts-january-2025-patch-tuesday-addresses-157-cves-cve-2025-21333-cve-2025-21334-cve-2025-21335/) - - [ ] [The AI Revolution: Navigating Cybersecurity Challenges in 2025](https://securityboulevard.com/2025/01/the-ai-revolution-navigating-cybersecurity-challenges-in-2025/) - - [ ] [Randall Munroe’s XKCD ‘Trimix’](https://securityboulevard.com/2025/01/randall-munroes-xkcd-trimix/) - - [ ] [Sanitizing Unstructured Data In Motion—and Why It’s Important](https://securityboulevard.com/2025/01/sanitizing-unstructured-data-in-motion-and-why-its-important/) - - [ ] [Six Friends Every Security Team Needs](https://securityboulevard.com/2025/01/six-friends-every-security-team-needs/) -- SecWiki News - - [ ] [SecWiki News 2025-01-14 Review](http://www.sec-wiki.com/?2025-01-14) -- paper - Last paper - - [ ] [探索大型语言模型在Android恶意软件语义分析与分类中的应用](https://paper.seebug.org/3267/) + - [ ] [DEF CON 32 – Signature-Based Detection Using Network Timing](https://securityboulevard.com/2025/01/def-con-32-signature-based-detection-using-network-timing/) + - [ ] [Randall Munroe’s XKCD ‘Radon’](https://securityboulevard.com/2025/01/randall-munroes-xkcd-radon/) + - [ ] [Updated Response to CISA Advisory (AA23-136A): #StopRansomware: BianLian Ransomware Group](https://securityboulevard.com/2025/01/updated-response-to-cisa-advisory-aa23-136a-stopransomware-bianlian-ransomware-group/) + - [ ] [White House Executive Order: Strengthening and Promoting Innovation in the Nation’s Cybersecurity](https://securityboulevard.com/2025/01/white-house-executive-order-strengthening-and-promoting-innovation-in-the-nations-cybersecurity/) + - [ ] [Debunking the “On Premise Software” Myth | Grip Security](https://securityboulevard.com/2025/01/debunking-the-on-premise-software-myth-grip-security/) + - [ ] [Veriti mentioned as a Tech Innovator in the 2025 Gartner® Emerging Tech: Tech Innovators in Preemptive Cybersecurity Report in the Preemptive Cybersecuirty Category.](https://securityboulevard.com/2025/01/veriti-mentioned-as-a-tech-innovator-in-the-2025-gartner-emerging-tech-tech-innovators-in-preemptive-cybersecurity-report-in-the-preemptive-cybersecuirty-category/) + - [ ] [Simplifying Compliance in the Complex U.S. FinServ Regulatory Landscape](https://securityboulevard.com/2025/01/simplifying-compliance-in-the-complex-u-s-finserv-regulatory-landscape/) + - [ ] [How a Large Healthcare Company Slashed Their Secrets Incidents by Half](https://securityboulevard.com/2025/01/how-a-large-healthcare-company-slashed-their-secrets-incidents-by-half/) + - [ ] [DEF CON 32 – Small Satellite Modeling and Defender Software](https://securityboulevard.com/2025/01/def-con-32-small-satellite-modeling-and-defender-software-2/) + - [ ] [Smart Spatial and Hyperview Unite to Take Data Centers to the Next Level](https://securityboulevard.com/2025/01/smart-spatial-and-hyperview-unite-to-take-data-centers-to-the-next-level/) - Trustwave Blog - - [ ] [Navigating DORA Compliance: A Roadmap to Operational Resilience with Trustwave](https://www.trustwave.com/en-us/resources/blogs/trustwave-blog/navigating-dora-compliance-a-roadmap-to-operational-resilience-with-trustwave/) + - [ ] [Upcoming Trustwave SpiderLabs Report Investigates Threats Against the Energy and Utilities Sector](https://www.trustwave.com/en-us/resources/blogs/trustwave-blog/upcoming-trustwave-spiderlabs-report-investigates-threats-against-the-energy-and-utilities-sector/) +- 安全客-有思想的安全新媒体 + - [ ] [360年度勒索软件报告请查收:AI“催生”天价赎金危机](https://www.anquanke.com/post/id/303576) + - [ ] [CVE-2024-9042:在 Kubernetes Windows 节点中发现代码执行漏洞](https://www.anquanke.com/post/id/303573) + - [ ] [CVE-2025-23042 (CVSS 9.1): Gradio 修补了流行机器学习平台中的关键 ACL 旁路漏洞](https://www.anquanke.com/post/id/303570) + - [ ] [超过 66 万台 Rsync 服务器受到代码执行攻击](https://www.anquanke.com/post/id/303567) + - [ ] [思科发布人工智能防御系统,抵御模型安全风险](https://www.anquanke.com/post/id/303564) + - [ ] [俄克拉荷马州提出比特币战略储备法案](https://www.anquanke.com/post/id/303561) + - [ ] [微软将于十月终止对 Windows 10 上 Office 应用程序的支持](https://www.anquanke.com/post/id/303558) + - [ ] [黑客利用Google Search广告窃取Google Ads帐户](https://www.anquanke.com/post/id/303555) + - [ ] [黑色巴斯塔式网络攻击 90 分钟内向收件箱发送 1,165 封电子邮件](https://www.anquanke.com/post/id/303552) + - [ ] [SAP 修复 NetWeaver 应用服务器中的关键漏洞](https://www.anquanke.com/post/id/303549) - Tenable Blog - - [ ] [CVE-2024-55591: Fortinet Authentication Bypass Zero-Day Vulnerability Exploited in the Wild](https://www.tenable.com/blog/cve-2024-55591-fortinet-authentication-bypass-zero-day-vulnerability-exploited-in-the-wild) - - [ ] [Microsoft’s January 2025 Patch Tuesday Addresses 157 CVEs (CVE-2025-21333, CVE-2025-21334, CVE-2025-21335)](https://www.tenable.com/blog/microsofts-january-2025-patch-tuesday-157-cves-cve-2025-21333-cve-2025-21334-cve-2025-21335) + - [ ] [New Cybersecurity Executive Order: What It Means for Federal Agencies](https://www.tenable.com/blog/new-cybersecurity-executive-order-what-it-means-for-federal-agencies) +- Google Online Security Blog + - [ ] [OSV-SCALIBR: A library for Software Composition Analysis](http://security.googleblog.com/2025/01/osv-scalibr-library-for-software.html) - Doonsec's feed - - [ ] [牟林:撕掉了价值观的伪装的特朗普赤膊上阵意味深长](https://mp.weixin.qq.com/s?__biz=MzA5MDg1MDUyMA==&mid=2650476159&idx=1&sn=9ee9e8f87fe420fc6c6341795ef49a16) - - [ ] [美国商务部发布联网汽车禁令的双刃剑效应](https://mp.weixin.qq.com/s?__biz=MzU3MDM2NzkwNg==&mid=2247486527&idx=1&sn=ea24c76effd05ec8ea8d35594bc8d6f1) - - [ ] [Kioptrix-Level Four 综合靶机实战思路](https://mp.weixin.qq.com/s?__biz=MzkzMzg3MzMyOA==&mid=2247486096&idx=1&sn=077a1526044ac3b0e5faf5a43b121e34) - - [ ] [2025年5大最佳静态代码分析工具](https://mp.weixin.qq.com/s?__biz=Mzk0MzY1NDc2MA==&mid=2247484248&idx=1&sn=660d1f911b2ba04ced47f27fc379b993) - - [ ] [2025年,AI代码生成器会克服他们的不安全感吗?](https://mp.weixin.qq.com/s?__biz=Mzk0MzY1NDc2MA==&mid=2247484248&idx=2&sn=38859bfbe2dd4ed1e30a56eaf6e7aae0) - - [ ] [战略解码:后量子密码学时代即将到来,到2029年多数传统密码算法将不再安全!(附下载)](https://mp.weixin.qq.com/s?__biz=MzkyMTYyOTQ5NA==&mid=2247486200&idx=1&sn=b8aebdb50b6d0b52cae98068b497ce5c) - - [ ] [信息收集神器--Nmap](https://mp.weixin.qq.com/s?__biz=Mzk1NzQwNjQ4Ng==&mid=2247484155&idx=1&sn=112973fae39d94735fdd696778fd0050) - - [ ] [关注 | 工信部发文 加强互联网数据中心客户数据安全保护](https://mp.weixin.qq.com/s?__biz=MzI5NTM4OTQ5Mg==&mid=2247633806&idx=1&sn=1e8f421710d828b75aaa168efa6c2368) - - [ ] [发布 | 公安部公布8起打击网络黑客犯罪典型案例](https://mp.weixin.qq.com/s?__biz=MzI5NTM4OTQ5Mg==&mid=2247633806&idx=2&sn=124635720d9fd3a4d52758945ac5fbb4) - - [ ] [专家解读 | 大力发展数据标注产业 推动我国人工智能创新发展](https://mp.weixin.qq.com/s?__biz=MzI5NTM4OTQ5Mg==&mid=2247633806&idx=3&sn=2fb371756994036269d4fc5b01dba54a) - - [ ] [专挑执法机构下手!欧盟执法培训机构发生大规模数据泄露](https://mp.weixin.qq.com/s?__biz=MzI4NDY2MDMwMw==&mid=2247513487&idx=2&sn=11bbee0dcc26adcb43a666c1f79059f1) - - [ ] [感受风险的脉搏](https://mp.weixin.qq.com/s?__biz=Mzg2MDc0NTIxOQ==&mid=2247484712&idx=1&sn=37b75b5289eea41ca58444a90f849239) - - [ ] [趋势预测 | 2025年人工智能带来的五大网络安全挑战](https://mp.weixin.qq.com/s?__biz=Mzg4MDU0NTQ4Mw==&mid=2247528636&idx=1&sn=e7b0e6125f4860f6ff6b03f1c2560eb7) - - [ ] [【漏洞预警】科拓全智能停车收费系统Webservice.asmx存在任意文件上传漏洞](https://mp.weixin.qq.com/s?__biz=MzI3NzMzNzE5Ng==&mid=2247489457&idx=1&sn=56aacbec2792c121e13929fa55c1d15c) - - [ ] [HooK iOS内核代码禁用ASLR](https://mp.weixin.qq.com/s?__biz=MzI3NzMzNzE5Ng==&mid=2247489457&idx=2&sn=f8d7f758303e046b7ad7bf007307bb99) - - [ ] [不被大风吹倒](https://mp.weixin.qq.com/s?__biz=MzUzMjQyMDE3Ng==&mid=2247487879&idx=1&sn=2b21fe27106a44fd4d67437654344911) - - [ ] [用于快速搜索 Windows 取证文件的开源工具](https://mp.weixin.qq.com/s?__biz=Mzg3OTUxNTU2NQ==&mid=2247489985&idx=1&sn=7e571dcec614a3df4edd8a9942fda45d) - - [ ] [通用大模型分析恶意软件,完全不靠谱](https://mp.weixin.qq.com/s?__biz=Mzg3OTUxNTU2NQ==&mid=2247489985&idx=2&sn=34221d1abc1654c247f6d48a1358ea27) - - [ ] [浅谈蜜罐原理与规避](https://mp.weixin.qq.com/s?__biz=Mzg3OTUxNTU2NQ==&mid=2247489985&idx=3&sn=d1ad5a883663d7ab9c6733b36f18dea6) - - [ ] [免费 | 一键为图片添加矢量描边,轻松制作精美贴图](https://mp.weixin.qq.com/s?__biz=MzI2MjcwMTgwOQ==&mid=2247492166&idx=1&sn=1bd4586e5113eebd05eef898773dd813) - - [ ] [BS ISO 23799-2024 船舶和海洋技术 机载网络安全评估(中文版)](https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247619473&idx=1&sn=bc75cac851697fceeb2fc6f22d65fb88) - - [ ] [E26 Cyber resilience of ships 船舶网络韧性(中英文)](https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247619473&idx=2&sn=c87c8dfeec334aa7c0648bd5d5fb1c0f) - - [ ] [船舶网络安全态势感知方法研究综述](https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247619473&idx=3&sn=b5af0428d85c47768ab3249823c1e943) - - [ ] [通过Frida-Labs 筑牢frida基础](https://mp.weixin.qq.com/s?__biz=Mzk0ODM0MjA0OA==&mid=2247483898&idx=1&sn=27137752eaa2ec4a2c94554309d28337) - - [ ] [网络安全市场正面临“红海”困境](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485408&idx=1&sn=d3dd148b9a40df582dcc7469214bed24) - - [ ] [【直卖实拍】北七家3居变4居豪装,理想楼层、户型、朝向](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485408&idx=2&sn=d4ddf8594577b5ca40c9df760b5a9bd8) - - [ ] [【干货】笑傲职场的独家经验(1)](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485408&idx=3&sn=19ee1eae4f3f850a6a54da14830621ac) - - [ ] [【干货原创】实网攻防演习常态化,会带来什么变化01](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485408&idx=4&sn=f5757f423a3c082d25670a4f654ca58f) - - [ ] [【干货原创】K12教育,鲜为人知的模式秘密](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485408&idx=5&sn=17f3311b68450e89f1529fc3c79478d5) - - [ ] [原创文章目录](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485408&idx=6&sn=4b5e54c53d30cee295d18757908955a0) - - [ ] [Vulnhub-SkyTower靶机](https://mp.weixin.qq.com/s?__biz=Mzk1NzI5NzA3NQ==&mid=2247486104&idx=1&sn=b465a463e21cb6b5ec8d8e3a492731e0) - - [ ] [记录一次渗透ta的内心(下)](https://mp.weixin.qq.com/s?__biz=MzkyMDY1MDI3OA==&mid=2247483760&idx=1&sn=439de68dc790096679ce33deb91e4080) - - [ ] [重拳出击!公安部公布2024年打击网络黑客犯罪典型案例](https://mp.weixin.qq.com/s?__biz=MzkwMDU5NTE0OQ==&mid=2247488665&idx=1&sn=dafcee6a677014e61d2cee0967d06c8e) - - [ ] [EarlyBirdNTDLL项目解析以绕过Defender](https://mp.weixin.qq.com/s?__biz=Mzg5MDg3OTc0OA==&mid=2247489374&idx=1&sn=3265275266612356110a5deaff62567f) - - [ ] [防翻车,禁止浏览器扩展插件自动更新](https://mp.weixin.qq.com/s?__biz=Mzk0MzY3MDE5Mg==&mid=2247483913&idx=1&sn=162d3d2618498bf04d6dd5703c9eb091) - - [ ] [攻防演练-医院-ez一把梭](https://mp.weixin.qq.com/s?__biz=Mzg2ODYxMzY3OQ==&mid=2247518206&idx=1&sn=c6aeb567802f8bb89727ab12d737130f) - - [ ] [网站篡改入门,一个SQL注入漏洞就能让整个网站大变样,原理详解|!|从SQL注入到XSS攻击,完整还原黑客是如何篡改网站的](https://mp.weixin.qq.com/s?__biz=MzI5MjY4MTMyMQ==&mid=2247489687&idx=1&sn=c004c654be6ef71290e6cc23b82a8083) - - [ ] [原创—再次谏言腾讯走运模式固本培元路线,更长久](https://mp.weixin.qq.com/s?__biz=Mzg4NzAwNzA4NA==&mid=2247485066&idx=1&sn=196b14c1c5ef808aaf7507e6f83adff1) - - [ ] [【资料】全源情报分析指南](https://mp.weixin.qq.com/s?__biz=MzI2MTE0NTE3Mw==&mid=2651148529&idx=1&sn=eb04e2ef8c40d94aef096c369c1ea58b) - - [ ] [实战渗透菠菜网站 II](https://mp.weixin.qq.com/s?__biz=MzkyMDY1MDI3OA==&mid=2247483752&idx=1&sn=e57d2c778125c9aac7b8031e1a35ccd2) - - [ ] [击穿星巴克获取 1 亿用户详细信息](https://mp.weixin.qq.com/s?__biz=MzIzMTIzNTM0MA==&mid=2247496850&idx=1&sn=11bd36bd686dd8f1a78ec89282a6c8ba) - - [ ] [12【邮件安全】如何防护垃圾邮件威胁](https://mp.weixin.qq.com/s?__biz=MzI1OTUyMTI2MQ==&mid=2247484802&idx=1&sn=88e31e317fa0f451073d3b9fc394f749) - - [ ] [校招社招实习推荐](https://mp.weixin.qq.com/s?__biz=MzkwMTU2NzMwOQ==&mid=2247484512&idx=1&sn=420838d4cac10933a522705e4c8c975e) - - [ ] [sql注入之无列名注数据详解](https://mp.weixin.qq.com/s?__biz=MzkzODUzMjA1MQ==&mid=2247484812&idx=1&sn=9c59b82c3fc8797de6dba73d331c9f12) - - [ ] [2025年首个满分漏洞,PoC已公布,可部署后门](https://mp.weixin.qq.com/s?__biz=MzkzNjIzMjM5Ng==&mid=2247490196&idx=1&sn=c5f5b38d186df545679f4ea625394a55) - - [ ] [党建引领促业务 保密护航筑安全 —评测中心党总支举办党务综合素质提升培训班](https://mp.weixin.qq.com/s?__biz=MjM5NzYwNDU0Mg==&mid=2649249440&idx=1&sn=e88cccb31645fdd18ef61f98a10a837e) - - [ ] [【我们这一年】走好践行“两个维护”第一方阵 以高质量党建促进高质量发展](https://mp.weixin.qq.com/s?__biz=MjM5NzYwNDU0Mg==&mid=2649249440&idx=2&sn=d2ffee8f4ca7b688d38a0e0723f9d7aa) - - [ ] [【资讯】《中国法学会章程》全文](https://mp.weixin.qq.com/s?__biz=MzU1NDY3NDgwMQ==&mid=2247549233&idx=1&sn=ba192064261b27a5356a3a08ad291abd) - - [ ] [【资讯】国家发改委等四部门发布《关于促进数据标注产业高质量发展的实施意见》](https://mp.weixin.qq.com/s?__biz=MzU1NDY3NDgwMQ==&mid=2247549233&idx=2&sn=243ef9506e5c59bd5d5c60e73abcd6ae) - - [ ] [【资讯】工信部办公厅发布《关于加强互联网数据中心客户数据安全保护的通知》](https://mp.weixin.qq.com/s?__biz=MzU1NDY3NDgwMQ==&mid=2247549233&idx=3&sn=32b35d16439643bdb98c360fad03b3b1) - - [ ] [HPW大会精彩回顾:无界对话,技术交汇(内含ppt!)](https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651311991&idx=1&sn=2b106d06d500e59c02c0fbeca6846e90) - - [ ] [不干净的视频评论区,攻击者利用Youtube传播窃密软件](https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651311991&idx=2&sn=0132681595daef3f0ff9ff610d912fab) - - [ ] [议题征集 | 关于征集第六期移动互联网APP产品安全漏洞技术沙龙议题的通知](https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651311991&idx=3&sn=db90b0dc624faaae95f965931adc5423) - - [ ] [RequestShield:一款HTTP请求威胁识别与检测工具](https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651311991&idx=4&sn=c569c3a23ae2e04238ecca429244011e) - - [ ] [frida搭建+使用](https://mp.weixin.qq.com/s?__biz=MzkxMjYyMjA3Mg==&mid=2247485367&idx=1&sn=dc03aa1898daa66f43405c5cf951f4df) - - [ ] [【CTF】GeekChallenge极客大挑战](https://mp.weixin.qq.com/s?__biz=Mzg5NTU2NjA1Mw==&mid=2247496426&idx=1&sn=4f06e472671f195bcf272dc5dc4be240) - - [ ] [难绷,一种重命名+符号链接禁用EDR(Crowdstrike)的方法](https://mp.weixin.qq.com/s?__biz=MzU0NDc0NTY3OQ==&mid=2247488378&idx=1&sn=df5f38e5592b90173adcdba1700c594f) - - [ ] [安在盘点 | 2024网络安全报告大合集,1000余份打包下载](https://mp.weixin.qq.com/s?__biz=MzU5ODgzNTExOQ==&mid=2247634547&idx=1&sn=bb5d7af37a68ccc2a10af856d26a25a8) - - [ ] [【黑产大数据】2024年数据泄露风险态势报告](https://mp.weixin.qq.com/s?__biz=MzU5ODgzNTExOQ==&mid=2247634547&idx=2&sn=f81e4408bb90e355b175acb4d120bb39) - - [ ] [开源文件夹同步备份神器-FreeFileSync](https://mp.weixin.qq.com/s?__biz=MzkxMzIwNTY1OA==&mid=2247510760&idx=1&sn=5132d5439191a7f9958d224f34df1565) - - [ ] [2025年TPRM趋势:日益增长的第三方依赖及相关风险](https://mp.weixin.qq.com/s?__biz=MzkxMzQwNDcxNg==&mid=2247486840&idx=1&sn=9cb6cc729144dd71928f5fd8e051fb50) - - [ ] [地表工资最高的公司! 英伟达一半员工净资产破亿,近八成员工百万富翁](https://mp.weixin.qq.com/s?__biz=Mzg2NDYwMDA1NA==&mid=2247543500&idx=1&sn=de1eccf3a6b40841971eed33f4879c09) - - [ ] [2025年各省网络安全人员工资,单日最高14K, 上海最好36K/月,](https://mp.weixin.qq.com/s?__biz=Mzg2NDYwMDA1NA==&mid=2247543500&idx=2&sn=50bc7629d425f93b8db78bad22bddeae) - - [ ] [信息安全漏洞周报(2025年第2期)](https://mp.weixin.qq.com/s?__biz=MzAxODY1OTM5OQ==&mid=2651462564&idx=1&sn=2257357922013ed3d0647f6ff408ccd4) - - [ ] [发布 | 四部门联合印发《关于促进数据标注产业高质量发展的实施意见》(附全文)](https://mp.weixin.qq.com/s?__biz=MzkyNDUyNzU1MQ==&mid=2247486658&idx=1&sn=95a8ac019ad27da2b70d48a51d110459) - - [ ] [智能引领,携誉启航丨盘点国投智能2024下半年高光时刻](https://mp.weixin.qq.com/s?__biz=MjM5NTU4NjgzMg==&mid=2651434634&idx=1&sn=3899dfbd80b88a8f44263c19077320e0) - - [ ] [Hacker有“泰”度!360白帽泰国行圆满落幕~](https://mp.weixin.qq.com/s?__biz=Mzg5MTc5Mzk2OA==&mid=2247502656&idx=1&sn=d52bbd8b88f3468b66737a500d9fe220) - - [ ] [工信部认可!360荣获车联网产品安全漏洞专业库“优秀技术支撑单位”](https://mp.weixin.qq.com/s?__biz=MzA4MTg0MDQ4Nw==&mid=2247579028&idx=1&sn=3d580b0d7ca47a7f72c3197a1199540b) - - [ ] [带你解锁编码新世界!--随波逐流CTF编码工具使用教程34 --Quoted-printable密码](https://mp.weixin.qq.com/s?__biz=MzU2NzIzNzU4Mg==&mid=2247489481&idx=1&sn=8faf84924478a515c65fe12c67b0eb2e) - - [ ] [喜讯!云起无垠获评“国家高新技术企业”认证](https://mp.weixin.qq.com/s?__biz=Mzg3Mjg4NTcyNg==&mid=2247490152&idx=1&sn=6dc7067ab4e8edbb64c06f77c83b9229) - - [ ] [釜山数字资产交易所与CertiK达成战略合作,推动数字资产交易安全升级](https://mp.weixin.qq.com/s?__biz=MzU5OTg4MTIxMw==&mid=2247503883&idx=1&sn=fbc059f2f83a338969145c70a83685c3) - - [ ] [苹果修复 macOS 高危漏洞,被黑客利用可安装恶意内核驱动](https://mp.weixin.qq.com/s?__biz=MzU2MTQwMzMxNA==&mid=2247541399&idx=1&sn=c0dd23b96e9a973bc068a2183d8c1ce0) - - [ ] [【安全圈】2025年首个满分漏洞,PoC已公布,可部署后门](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067342&idx=1&sn=533ba142831a3c994e00cb6ec7d6d36c) - - [ ] [【安全圈】AI抢不走的工作,微软力挺红队测试仍需人类“掌舵”](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067342&idx=2&sn=7630e1838566bfaad814bfbeff239c32) - - [ ] [【安全圈】不干净的视频评论区,攻击者利用Youtube传播窃密软件](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067342&idx=3&sn=488b956f65f869c09be3e3d7874e6d90) - - [ ] [【安全圈】为网络安全研究人员定制的虚假漏洞利用攻击利用恶意软件](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067342&idx=4&sn=380dc9803cf52db7c5d1771d404c4279) - - [ ] [阳光下的阴影:巴塞罗那如何成为全球间谍软件的“新硅谷”?](https://mp.weixin.qq.com/s?__biz=MzkyMjQ5ODk5OA==&mid=2247506780&idx=1&sn=8bba20149bb98ccaeb3d6baf110d8760) - - [ ] [快讯 | 上海安全防范报警协会召开第八届会员代表大会第一次会议,慧盾安全当选常务理事单位](https://mp.weixin.qq.com/s?__biz=MzI2NDcwOTgzOA==&mid=2247493444&idx=1&sn=3dc9af50d6d2be8e1fceab27742a062c) - - [ ] [2025 SUCTF wp](https://mp.weixin.qq.com/s?__biz=Mzk0NzI0NTI2OA==&mid=2247486149&idx=1&sn=567432088d55b1f76b4e6efa614df7a0) - - [ ] [微软OpenAI云遭滥用:攻击者绕过安全护栏 对外售卖违规内容生成服务](https://mp.weixin.qq.com/s?__biz=MzI4NDY2MDMwMw==&mid=2247513487&idx=1&sn=2bb2b3796dd10a13b4a3bf0ae256a199) -- 安全客-有思想的安全新媒体 - - [ ] [共赴商用密码盛事,开启创新发展新篇--2025第三届商用密码展将于6月11日-13日在上海举办!](https://www.anquanke.com/post/id/303497) - - [ ] [喜报!360入围中央国家机关及多地省政府采购名单!](https://www.anquanke.com/post/id/303491) - - [ ] [CVE-2024-56511: DataEase 中的严重身份验证绕过漏洞](https://www.anquanke.com/post/id/303488) - - [ ] [攻击者在不使用勒索软件的情况下加密 AWS S3 数据](https://www.anquanke.com/post/id/303485) - - [ ] [OneBlood 证实个人数据在 7 月份的勒索软件攻击中被盗](https://www.anquanke.com/post/id/303482) - - [ ] [CISA 警告 BeyondTrust 和 Qlik Sense 中的关键漏洞正被积极利用](https://www.anquanke.com/post/id/303479) - - [ ] [新型 Web3 攻击利用交易模拟窃取加密货币](https://www.anquanke.com/post/id/303476) - - [ ] [CVE-2025-22152(CVSS 9.4): 在 Atheos 基于 Web 的集成开发环境中发现严重漏洞](https://www.anquanke.com/post/id/303473) - - [ ] [Aviatrix 控制器 RCE CVE-2024-50603 在野外被利用:部署了加密劫持和后门程序](https://www.anquanke.com/post/id/303470) - - [ ] [新 macOS 漏洞暴露: 针对 CVE-2024-54498 的 PoC 攻破了沙盒安全性](https://www.anquanke.com/post/id/303466) - - [ ] [WordPress Skimmers通过将自己注入数据库表来逃避检测](https://www.anquanke.com/post/id/303463) -- ArthurChiao's Blog - - [ ] [[译] AI Workflow & AI Agent:架构、模式与工程建议(Anthropic,2024)](https://arthurchiao.github.io/blog/build-effective-ai-agent-zh/) + - [ ] [中国APP攻陷美国](https://mp.weixin.qq.com/s?__biz=MzkwMzI1ODUwNA==&mid=2247487822&idx=1&sn=08ec2dec88cfefd75d64bb05d64681f4) + - [ ] [CSDN NB!!!](https://mp.weixin.qq.com/s?__biz=Mzg3MTE0NTg4OQ==&mid=2247484145&idx=1&sn=9707b33311207262bedee6cdedd1f4a3) + - [ ] [软考信安(五)](https://mp.weixin.qq.com/s?__biz=MzkzMjYzOTc5NQ==&mid=2247484672&idx=1&sn=f4ab8d1a56765d02166ddf40dc3c453b) + - [ ] [SharpScan: 内网资产扫描工具](https://mp.weixin.qq.com/s?__biz=MzU2MTc4NTEyNw==&mid=2247486296&idx=1&sn=806c15e88353abd397dccabb76927b77) + - [ ] [2025年,我们尝试为实战能力赋能做点推动](https://mp.weixin.qq.com/s?__biz=Mzg4MDkyMTE4OQ==&mid=2247488992&idx=1&sn=c3472a8dcec51704e7257f1d55ac0bf2) + - [ ] [TikTok禁令倒计时](https://mp.weixin.qq.com/s?__biz=MzI3MDY0Nzg1Nw==&mid=2247489463&idx=1&sn=0ddd529420f80f2d51d777860f143685) + - [ ] [公众号2024年度回顾](https://mp.weixin.qq.com/s?__biz=MzU1NjczNjA0Nw==&mid=2247486233&idx=1&sn=292dce339e7afa224eb541aca3f2e23d) + - [ ] [排版神器之Markdown Nice](https://mp.weixin.qq.com/s?__biz=Mzk1NzI2NDQyMw==&mid=2247484215&idx=1&sn=3646a1d963934f45a7c284e0a946a436) + - [ ] [简单操作几下就可以实现在微信群聊点歌](https://mp.weixin.qq.com/s?__biz=Mzg3MTY3NzUwMQ==&mid=2247490254&idx=1&sn=4387d226daf848daa9c396c791db156b) + - [ ] [美国会很快封杀小红书吗?](https://mp.weixin.qq.com/s?__biz=MzU1NjgzOTAyMg==&mid=2247522933&idx=3&sn=98036ed8b9e52304f3ac6cda4eae78fb) + - [ ] [我认为最好的威胁和风险关系模型,蚂蚁集团韦韬为什么不这么看?](https://mp.weixin.qq.com/s?__biz=MzAxOTk3NTg5OQ==&mid=2247492175&idx=1&sn=5ca001d900c874319dc7c70c87a53d32) + - [ ] [垂直越权,你只会替换 COOKIE ?啊、这、](https://mp.weixin.qq.com/s?__biz=Mzg3OTUxNTU2NQ==&mid=2247489991&idx=1&sn=4ee0dce8f2e3b4664001b5826924a483) + - [ ] [Python黑客工具库详解:10个让黑客效率提升10倍的神级库](https://mp.weixin.qq.com/s?__biz=MzI5MjY4MTMyMQ==&mid=2247489710&idx=1&sn=af7b0f143c0bfcef45855c3cafb9109a) + - [ ] [译文|韩国国家网络安全战略](https://mp.weixin.qq.com/s?__biz=MzkwMTMyMDQ3Mw==&mid=2247597488&idx=1&sn=b742395aa377ae841d5658003e035f50) + - [ ] [两会之声 | 人大代表李雪莹:强化安全体系,助力北京全球数字经济标杆城市建设](https://mp.weixin.qq.com/s?__biz=MzA3OTMxNTcxNA==&mid=2650960522&idx=1&sn=5121df2d76b035220e78b978d790d4ac) + - [ ] [国家数据基础设施建设的四个核心问题](https://mp.weixin.qq.com/s?__biz=MzkwMTMyMDQ3Mw==&mid=2247597488&idx=3&sn=4c7d930dfe77ef29904d787a139d6677) + - [ ] [安全简讯(2025.01.16)](https://mp.weixin.qq.com/s?__biz=MzkzNzY5OTg2Ng==&mid=2247500628&idx=1&sn=99a356fbab1b3b9c42d0f724fa99271e) + - [ ] [实战|拿下了自己学校的大屏幕](https://mp.weixin.qq.com/s?__biz=MzkxMzMyNzMyMA==&mid=2247569765&idx=2&sn=8cdde0bcc80f23fd58938ae6a1b4f361) + - [ ] [【吃瓜】u200b好消息,发年终奖了!坏消息,是员工给公司发的!](https://mp.weixin.qq.com/s?__biz=MzU3MjU4MjM3MQ==&mid=2247489663&idx=1&sn=1022a546269df3a7ea265a02353f11b7) + - [ ] [记某OA系统Ajax旧服务的0day漏洞挖掘](https://mp.weixin.qq.com/s?__biz=MzkzMzE5OTQzMA==&mid=2247485723&idx=1&sn=7c957b9f8d1e7a6f0094a12068b8720d) + - [ ] [【漏洞通告】FortiOS and FortiProxy身份验证绕过漏洞安全风险通告](https://mp.weixin.qq.com/s?__biz=MzU4NjY4MDAyNQ==&mid=2247496947&idx=1&sn=cfb80fee4820f74fe4d4da502d629282) + - [ ] [【漏洞通告】Ivanti Endpoint Manager多个信息泄露漏洞安全风险通告](https://mp.weixin.qq.com/s?__biz=MzU4NjY4MDAyNQ==&mid=2247496947&idx=2&sn=4d5f7bf05f88fe132cade2806d79c596) + - [ ] [江西教育在线疑似被删库!!!这可不能开玩笑](https://mp.weixin.qq.com/s?__biz=MzU2MjU2MzI3MA==&mid=2247484508&idx=1&sn=3793caf5f8c7b8ef5d3b3e6ef14a29af) + - [ ] [2024年反勒索软件行动分析](https://mp.weixin.qq.com/s?__biz=MzU2MjU2MzI3MA==&mid=2247484508&idx=2&sn=56dba8409470f69386b4a36666b1e850) + - [ ] [没有公网怎么访问家庭网络、NAS?免费无门槛,十分钟搞定!](https://mp.weixin.qq.com/s?__biz=MzU2MjU2MzI3MA==&mid=2247484508&idx=3&sn=691a9cba123fe29430ef29b3c2b6a103) + - [ ] [网安人的年度总结](https://mp.weixin.qq.com/s?__biz=Mzk0OTY2ODE1NA==&mid=2247484970&idx=1&sn=b3205215ccac49595accadd35fe0b802) + - [ ] [征文|《信息安全研究》2025年“机密计算”专题征文](https://mp.weixin.qq.com/s?__biz=MzA3NzgzNDM0OQ==&mid=2664992827&idx=1&sn=12351a7b4481dd065c24d1507589d012) + - [ ] [【业界动态】工信部发文加强互联网数据中心客户数据安全保护](https://mp.weixin.qq.com/s?__biz=MzA3NzgzNDM0OQ==&mid=2664992827&idx=2&sn=ffc6c77f065e24300395fecd2752f2f5) + - [ ] [国内外网络安全热点情报(2025年第2期)](https://mp.weixin.qq.com/s?__biz=MzkzNjM4ODc3OQ==&mid=2247485644&idx=1&sn=2678bf67645c7d5967844182840b4b34) + - [ ] [探讨 Poseidon 延展性攻击,可影响零知识证明应用的安全性](https://mp.weixin.qq.com/s?__biz=MzU4ODQ3NTM2OA==&mid=2247500936&idx=1&sn=433dc45041abe0603c4c00d7a3db7ced) + - [ ] [无问社区|春节大放送](https://mp.weixin.qq.com/s?__biz=MzkxNjQyODY5MA==&mid=2247486971&idx=1&sn=624b1d81c297cd2579d60bc1959721f2) + - [ ] [韩国总统尹锡悦被捕事件深度解读](https://mp.weixin.qq.com/s?__biz=MzkwNzM0NzA5MA==&mid=2247504090&idx=1&sn=e552539780ef7da02bd2a7ba6af4b128) + - [ ] [拜登政府末期全力推动加沙停火协议:复杂局势下的外交](https://mp.weixin.qq.com/s?__biz=MzkwNzM0NzA5MA==&mid=2247504090&idx=2&sn=fece80f58e66edb84cf6d282168aecb4) + - [ ] [2025,从读一本优秀的图书开始](https://mp.weixin.qq.com/s?__biz=MzA3NDE0NDUyNA==&mid=2650804752&idx=1&sn=aad52aa81ac9ee5fee0c724cf80b1d6b) + - [ ] [图解OSI七层模型,言简意赅!](https://mp.weixin.qq.com/s?__biz=MzIyMzIwNzAxMQ==&mid=2649464520&idx=1&sn=ef97d15e0bdfff6f43c101e609536b15) + - [ ] [业务上新|BytePlus开放测试](https://mp.weixin.qq.com/s?__biz=MzUzMzcyMDYzMw==&mid=2247494456&idx=1&sn=08dd5c76c4e63b643bf83e6e67376f72) + - [ ] [暗网情报:15,000多台FortiGate设备的配置和VPN凭据泄露](https://mp.weixin.qq.com/s?__biz=MzkyMjQ5ODk5OA==&mid=2247506836&idx=1&sn=a871fac7bf74d1c799e9679c9e3fce12) + - [ ] [诚邀渠道合作伙伴共启新征程](https://mp.weixin.qq.com/s?__biz=MzI3NjYzMDM1Mg==&mid=2247521662&idx=2&sn=a82fab2199cc8b53db07300512a91f88) + - [ ] [黑客在Windows系统下提权的20种主要姿势!](https://mp.weixin.qq.com/s?__biz=Mzk0MzY1NDc2MA==&mid=2247484250&idx=1&sn=adcc04e14f1f9e181205110f8bf6c0ef) + - [ ] [网安认证指南:穿越认证丛林,开启职业坦途](https://mp.weixin.qq.com/s?__biz=MzU4NDExNDQwNA==&mid=2247489889&idx=1&sn=03b458260a1a89a7973c8ea2a099d8f0) + - [ ] [网络安全实战练习资源整合](https://mp.weixin.qq.com/s?__biz=MzkyMzg4MTY4Ng==&mid=2247484590&idx=1&sn=9aeca055dcc662ea4cc63b9219559bc9) + - [ ] [数据经纪商Gravy Analytics遭黑客攻击 数百万用户位置信息泄露](https://mp.weixin.qq.com/s?__biz=MzIwNzAwOTQxMg==&mid=2652251218&idx=1&sn=c179c7c00ec35fb67ad2420914827b89) + - [ ] [美国CISA将Fortinet FortiOS列入已知漏洞目录](https://mp.weixin.qq.com/s?__biz=MzU0MjE2Mjk3Ng==&mid=2247488407&idx=1&sn=9f14c87a5bd0069bcb81779ce3d4c4d2) + - [ ] [全面理解数据字化时代的网络安全](https://mp.weixin.qq.com/s?__biz=MzUzNjkxODE5MA==&mid=2247488067&idx=1&sn=11730602b3512d2291c9cd323eb5f1b9) + - [ ] [一款图形化的代码审计工具](https://mp.weixin.qq.com/s?__biz=MzU2NzY5MzI5Ng==&mid=2247504768&idx=1&sn=c7739c819a858a3fb7d89c7807ba2f5e) + - [ ] [仅退款的正确用法](https://mp.weixin.qq.com/s?__biz=MzkyNzIxMjM3Mg==&mid=2247488941&idx=2&sn=75554bc5d9be3c252a69819f06a34fd2) + - [ ] [21094_ctfshow_misc_迷惑行为大赏(之)无中生you_菜鸡杯xa0writeup](https://mp.weixin.qq.com/s?__biz=MzU2NzIzNzU4Mg==&mid=2247489494&idx=1&sn=01d30ab0c4610de825aeb2a146dce749) + - [ ] [安全圈年底跳槽招人!](https://mp.weixin.qq.com/s?__biz=MzAwMjA5OTY5Ng==&mid=2247525609&idx=1&sn=e4ca144fa5af39781a932d6c5d616620) + - [ ] [工作中,少空想多行动](https://mp.weixin.qq.com/s?__biz=MzU4NjY3OTAzMg==&mid=2247514778&idx=1&sn=84d1c105550a3f883dcd811fca17bde2) + - [ ] [如何保护企业员工免受基于身份的攻击](https://mp.weixin.qq.com/s?__biz=MzU4NjY3OTAzMg==&mid=2247514778&idx=2&sn=be9f4625665303015ba2732ca3c0c688) + - [ ] [哔哩哔哩网页端疑似曝出存储型XSS漏洞](https://mp.weixin.qq.com/s?__biz=MzU5MjgwMDg1Mg==&mid=2247484697&idx=1&sn=41f33dac5bec6ee1a38fe28b75e95977) + - [ ] [全球最早的勒索病毒以及勒索病毒攻击活动](https://mp.weixin.qq.com/s?__biz=MzA4ODEyODA3MQ==&mid=2247490009&idx=2&sn=af11ef8f497a3070ea6fe5ef688cdcbe) + - [ ] [Babuk勒索病毒攻击](https://mp.weixin.qq.com/s?__biz=MzA4ODEyODA3MQ==&mid=2247490009&idx=3&sn=55ecf2eeea1924914478f985389b495e) + - [ ] [AvosLocker恶意病毒攻击](https://mp.weixin.qq.com/s?__biz=MzA4ODEyODA3MQ==&mid=2247490009&idx=4&sn=183fc1d996f53449e72e5616cfbc64c5) + - [ ] [【oscp】Node](https://mp.weixin.qq.com/s?__biz=Mzg2Nzk0NjA4Mg==&mid=2247497975&idx=1&sn=278c0ccc74de00ab14f9b6ce5882a0c4) + - [ ] [干货福利放送:ISO/IEC 27001:2022 培训课程直播计划1.22 – 1.25](https://mp.weixin.qq.com/s?__biz=MzA5OTEyNzc1Nw==&mid=2247485941&idx=1&sn=23c992137d4fcad435b191198b14fb48) + - [ ] [ISO 14001: 2015 标准详解与实施(11)6.1.4 措施的策划](https://mp.weixin.qq.com/s?__biz=MzA5OTEyNzc1Nw==&mid=2247485941&idx=2&sn=d9494bf6b2f51efd007dfb662cf2c074) + - [ ] [暗网情报:涉某电信运营商巨头、赌博平台](https://mp.weixin.qq.com/s?__biz=MzkyMjQ5ODk5OA==&mid=2247506826&idx=1&sn=646c100aff317bc3bd44b7e73b6b1e60) + - [ ] [AutoFilm:连接Alist,为Emby/Jellyfin提供Strm直链播放](https://mp.weixin.qq.com/s?__biz=MzA4MjkzMTcxMg==&mid=2449046691&idx=1&sn=d24c3ad465e8e74457d5e21204adadc0) + - [ ] [从302到RCE,拿shell就像喝水一样简单](https://mp.weixin.qq.com/s?__biz=Mzg3NzkwMTYyOQ==&mid=2247488263&idx=1&sn=269b6a44555f773dd66be01cffb6ef76) + - [ ] [喜报!炼石入选北京市知识产权试点单位](https://mp.weixin.qq.com/s?__biz=MzkyNzE5MDUzMw==&mid=2247568533&idx=1&sn=c78448a9651bb3f8b2c0f5cac1208d7f) + - [ ] [最新kali2024.4保姆级安装教程,附换源、汉化、中文输入法、解决root用户无法登录问题等,附打包好的vm文件下载地址](https://mp.weixin.qq.com/s?__biz=Mzk1NzE0ODk3Nw==&mid=2247490258&idx=1&sn=86fe8c70b8f874a5e010b13bc99bd2cc) + - [ ] [2024年值得赞赏的开源安全项目收集](https://mp.weixin.qq.com/s?__biz=MzU1NDkwMzAyMg==&mid=2247502661&idx=1&sn=008900b107c89bec896eef97714da8e8) + - [ ] [年度管理随笔](https://mp.weixin.qq.com/s?__biz=Mzg2MDc0NTIxOQ==&mid=2247484717&idx=1&sn=5f92532a5420c592a133bc8364b5cc17) + - [ ] [文件包含漏洞从入门到精通](https://mp.weixin.qq.com/s?__biz=MzU2NDY2OTU4Nw==&mid=2247518316&idx=1&sn=b954fbb2f35fff3cfba2f1951d3c827b) + - [ ] [你们都是开玩笑,他才是真的](https://mp.weixin.qq.com/s?__biz=MzkxNzY5MTg1Ng==&mid=2247485494&idx=1&sn=44806adf358814ac0fdf3acaec2f4250) + - [ ] [【相关分享】记一次小程序支付逻辑漏洞](https://mp.weixin.qq.com/s?__biz=Mzk0OTUwNTU5Nw==&mid=2247488515&idx=1&sn=305bbcdc6b74a5b775bcad8028dbd7f1) + - [ ] [分享图片](https://mp.weixin.qq.com/s?__biz=MzI3Njc1MjcxMg==&mid=2247494255&idx=1&sn=21acb34ae1b3837ab16a8b0506d3516f) + - [ ] [漏扫工具 -- hscan](https://mp.weixin.qq.com/s?__biz=MzI4MDQ5MjY1Mg==&mid=2247515611&idx=1&sn=ea7441c1db522c42ed9a0165e6617cf8) + - [ ] [CTF赛前指导 -- 流量取证](https://mp.weixin.qq.com/s?__biz=MzI4MDQ5MjY1Mg==&mid=2247515611&idx=2&sn=119c6d1c1b2b6c381941e8fc3319e9a4) + - [ ] [API漏洞挖掘神器API_kit的二开版本|Burp Suite 插件](https://mp.weixin.qq.com/s?__biz=Mzg3ODE2MjkxMQ==&mid=2247489927&idx=1&sn=4585f639e37390f637445498148b70f7) + - [ ] [让\"WAF绕过\"变得简单 -- x-waf(V0.2)](https://mp.weixin.qq.com/s?__biz=MzU3NzY3MzYzMw==&mid=2247499165&idx=1&sn=30ee5801ed9925a615b9171f265585ed) + - [ ] [CTF赛前指导 -- 文件上传漏洞&一句话木马](https://mp.weixin.qq.com/s?__biz=MzU3NzY3MzYzMw==&mid=2247499165&idx=2&sn=1bcea16d2d17f234caf752fcf51a3d66) + - [ ] [三个阶段阻止DDoS攻击](https://mp.weixin.qq.com/s?__biz=Mzg2NjY2MTI3Mg==&mid=2247498219&idx=1&sn=7968756bf7e19003e4ff18396be8c3c8) + - [ ] [2025年值得关注的网络安全趋势](https://mp.weixin.qq.com/s?__biz=Mzg2NjY2MTI3Mg==&mid=2247498219&idx=2&sn=e2336a616bf941d074da171e51db5da3) + - [ ] [英国考虑禁止支付勒索软件费用](https://mp.weixin.qq.com/s?__biz=MzA5MzU5MzQzMA==&mid=2652113973&idx=1&sn=09d4b3e0d13f4ea9c16aad1b297cb084) + - [ ] [国家发展改革委等部门印发《关于完善数据流通安全治理 更好促进数据要素市场化价值化的实施方案》的通知](https://mp.weixin.qq.com/s?__biz=MzA5MzU5MzQzMA==&mid=2652113973&idx=2&sn=ef53cb3a6fde363046d710893ac7eed1) +- 安全脉搏 + - [ ] [DataCube 漏洞小结](https://www.secpulse.com/archives/205081.html) + - [ ] [记某次攻防演练:大战UEditor并突破](https://www.secpulse.com/archives/205162.html) +- Blog - AppSec Labs + - [ ] [Still Using SSRF to Take Over Cloud Deployments Once Again](https://appsec-labs.com/still-using-ssrf-to-take-over-cloud-deployments-once-again/) - 一个被知识诅咒的人 - - [ ] [Python内存优化全攻略:深入理解对象池与__slots__的应用](https://blog.csdn.net/nokiaguy/article/details/145135646) - - [ ] [【人工智能】从Keras到TensorFlow 2.0:深入掌握Python深度学习技术](https://blog.csdn.net/nokiaguy/article/details/145135601) -- Horizon3.ai - - [ ] [Prove the impact of cybersecurity investments—holistically and continuously](https://www.horizon3.ai/intelligence/webinars/prove-the-impact-of-cybersecurity-investments-holistically-and-continuously/) -- Blogs dade - - [ ] [Weekly Retro 2025-W02](https://0xda.de/blog/2025/01/weekly-retro-2025-w02/) -- SpiderLabs Blog - - [ ] [CVE-2024-55591: Fortinet FortiOS/FortiProxy Zero Day](https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/cve-2024-55591-fortinet-fortios-fortiproxy-zero-day/) - - [ ] [The Database Slayer: Deep Dive and Simulation of the Xbash Malware](https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/the-database-slayer-deep-dive-and-simulation-of-the-xbash-malware/) + - [ ] [用Python管理Docker容器:从docker-py到自动化部署的全面指南](https://blog.csdn.net/nokiaguy/article/details/145180393) + - [ ] [Python在DevOps中的应用:自动化CI/CD管道的实现](https://blog.csdn.net/nokiaguy/article/details/145180389) +- 嘶吼 RoarTalk – 网络安全行业综合服务平台,4hou.com + - [ ] [个人信息安全三重防线(上):App隐私合规检测、PIA认证与个保合规审计](https://www.4hou.com/posts/BvXo) + - [ ] [正式签约!360为宁波城市大模型发展注入新动能](https://www.4hou.com/posts/42vJ) + - [ ] [国家计算机病毒应急处理中心监测发现16款违规移动应用](https://www.4hou.com/posts/33rp) + - [ ] [Nuclei 漏洞允许恶意模板绕过签名验证](https://www.4hou.com/posts/xyjP) +- Private Feed for M09Ic + - [ ] [mgeeky starred MISP/misp-docker](https://github.com/MISP/misp-docker) + - [ ] [mgeeky starred MISP/PyMISP](https://github.com/MISP/PyMISP) + - [ ] [mgeeky starred MISP/MISP](https://github.com/MISP/MISP) + - [ ] [gh0stkey starred clash-verge-rev/clash-verge-rev](https://github.com/clash-verge-rev/clash-verge-rev) + - [ ] [Ridter starred yint-tech/sekiro-samples](https://github.com/yint-tech/sekiro-samples) + - [ ] [Ridter starred Nutlope/logocreator](https://github.com/Nutlope/logocreator) + - [ ] [zer0yu starred lencx/Noi](https://github.com/lencx/Noi) + - [ ] [zer0yu started following theMackabu](https://github.com/theMackabu) + - [ ] [wuhan005 starred Nutlope/logocreator](https://github.com/Nutlope/logocreator) + - [ ] [4ra1n starred saoshao/DetSql](https://github.com/saoshao/DetSql) + - [ ] [zer0yu starred Nutlope/logocreator](https://github.com/Nutlope/logocreator) + - [ ] [boy-hack starred empijei/wapty](https://github.com/empijei/wapty) + - [ ] [4ra1n starred verhas/License3j](https://github.com/verhas/License3j) + - [ ] [gh0stkey starred ventoy/Ventoy](https://github.com/ventoy/Ventoy) + - [ ] [Y4er starred Archeb/opentrace](https://github.com/Archeb/opentrace) + - [ ] [0xbug starred pyper-dev/pyper](https://github.com/pyper-dev/pyper) + - [ ] [glzjin starred composecraft/docker-compose-lib](https://github.com/composecraft/docker-compose-lib) + - [ ] [zema1 starred 0xCaner/DoH-ECH-Demo](https://github.com/0xCaner/DoH-ECH-Demo) + - [ ] [zema1 starred saoshao/DetSql](https://github.com/saoshao/DetSql) + - [ ] [CHYbeta starred yint-tech/sekiro-open](https://github.com/yint-tech/sekiro-open) + - [ ] [zer0yu started following leonjza](https://github.com/leonjza) + - [ ] [zema1 starred ljc545w/ComWeChatRobot](https://github.com/ljc545w/ComWeChatRobot) + - [ ] [zer0yu starred xnl-h4ck3r/knoxnl](https://github.com/xnl-h4ck3r/knoxnl) + - [ ] [zer0yu started following K1sna](https://github.com/K1sna) + - [ ] [yzddmr6 started following lintstar](https://github.com/lintstar) +- obaby@mars + - [ ] [不再可用](https://h4ck.org.cn/2025/01/19004) +- GuidePoint Security + - [ ] [Unveiling the GRIT 2025 Ransomware and Cyber Threat Report](https://www.guidepointsecurity.com/blog/unveiling-the-grit-2025-ransomware-and-cyber-threat-report/) +- blog.avast.com EN + - [ ] [Super bowl scams—How to avoid getting sacked by cybercriminals](https://blog.avast.com/super-bowl-ticket-scams) +- NVISO Labs + - [ ] [Detecting Teams Chat Phishing Attacks (Black Basta)](https://blog.nviso.eu/2025/01/16/detecting-teams-chat-phishing-attacks-black-basta/) +- SentinelOne + - [ ] [New Possibilities with Purple AI | Third-Party Log Sources & Multilingual Question Support](https://www.sentinelone.com/blog/unlocking-new-possibilities-with-purple-ai-new-log-sources-and-multilingual-support/) +- CCC Event Blog + - [ ] [Easterhegg 2025: Call for Participation](https://events.ccc.de/2025/01/16/easterhegg-2025-call-for-participation/) +- Dancho Danchev's Blog - Mind Streams of Information Security Knowledge + - [ ] [A Peek Inside the Current State of BitCoin Exchanges](https://ddanchev.blogspot.com/2025/01/a-peek-inside-current-state-of-bitcoin_17.html) + - [ ] [A Peek Inside the Current State of BitCoin Mixers](https://ddanchev.blogspot.com/2025/01/a-peek-inside-current-state-of-bitcoin.html) + - [ ] [Profiling the iSpoof Cybercrime Enterprise](https://ddanchev.blogspot.com/2025/01/profiling-ispoof-cybercrime-enterprise.html) + - [ ] [Profiling a Currently Active Portfolio of High-Profile Cybercriminal Jabber and XMPP Accounts Including Email Address Accounts - Part Six](https://ddanchev.blogspot.com/2025/01/profiling-currently-active-portfolio-of.html) + - [ ] [New Project - Malware C&C Domains Offensive Network Reconnaissance Monitoring Project](https://ddanchev.blogspot.com/2025/01/new-project-malware-c-domains-offensive.html) + - [ ] [New Project - 419 Scam Domains WHOIS Registrar Monitoring Project](https://ddanchev.blogspot.com/2025/01/new-project-419-scam-domains-whois.html) + - [ ] [Happy New Year](https://ddanchev.blogspot.com/2025/01/happy-new-year.html) + - [ ] [Dancho Danchev's Testimony on “How Facebook Today's Meta Failed To Protect Its Users and React To The Koobface Botnet And What We Should Do About It?”](https://ddanchev.blogspot.com/2025/01/dancho-danchevs-testimony-on-how.html) - Malwarebytes - - [ ] [Insurance company accused of using secret software to illegally collect and sell location data on millions of Americans](https://www.malwarebytes.com/blog/news/2025/01/insurance-company-accused-of-using-secret-software-to-illegally-collect-and-sell-location-data-on-millions-of-americans) -- Reverse Engineering - - [ ] [USB Ethernet Adapter Malware??? OALABS Line-by-Line Code Analysis](https://www.reddit.com/r/ReverseEngineering/comments/1i1eylt/usb_ethernet_adapter_malware_oalabs_linebyline/) + - [ ] [Avery had credit card skimmer stuck on its site for months](https://www.malwarebytes.com/blog/news/2025/01/avery-had-credit-card-skimmer-stuck-on-its-site-for-months) + - [ ] [PlugX malware deleted from thousands of systems by FBI](https://www.malwarebytes.com/blog/news/2025/01/plugx-malware-deleted-from-thousands-of-systems-by-fbi) - daniel.haxx.se - - [ ] [Secure Transport support in curl is on its way out](https://daniel.haxx.se/blog/2025/01/14/secure-transport-support-in-curl-is-on-its-way-out/) -- FreeBuf网络安全行业门户 - - [ ] [FreeBuf早报 | 由AI大模型生成的勒索软件被曝光;恶意软件利用0Day远程控制Linux](https://www.freebuf.com/news/419812.html) - - [ ] [2025年十大最佳漏洞管理工具分享](https://www.freebuf.com/news/419799.html) - - [ ] [2025年首个满分漏洞,PoC已公布,可部署后门](https://www.freebuf.com/news/419788.html) - - [ ] [不干净的视频评论区,攻击者利用Youtube传播窃密软件](https://www.freebuf.com/news/419785.html) - - [ ] [AI抢不走的工作,微软力挺红队测试仍需人类“掌舵”](https://www.freebuf.com/news/419782.html) + - [ ] [Presentation: curl from start to end](https://daniel.haxx.se/blog/2025/01/16/presentation-curl-from-start-to-end/) - HackerNews - - [ ] [献血机构 OneBlood 确认去年 7 月勒索软件攻击中个人数据被盗](https://hackernews.cc/archives/56889) - - [ ] [疑似俄黑客组织针对哈萨克斯坦目标](https://hackernews.cc/archives/56882) - - [ ] [信息窃取软件伪装成针对最新 LDAP 漏洞的概念验证代码](https://hackernews.cc/archives/56879) - - [ ] [勒索软件滥用亚马逊 AWS 功能加密 S3 存储桶](https://hackernews.cc/archives/56877) - - [ ] [《流放之路2》管理员账号被盗,玩家账号遭黑客攻击](https://hackernews.cc/archives/56874) -- bishopfox.com - - [ ] [raink: Use LLMs for Document Ranking](https://bishopfox.com/blog/raink-llms-document-ranking) -- 安全牛 - - [ ] [CACTER直播预告:大模型网关新品抢先知,惊喜积分礼盒等您兑!](https://www.aqniu.com/vendor/107954.html) -- text/plain - - [ ] [Welcome to 2025!](https://textslashplain.com/2025/01/14/welcome-to-2025/) + - [ ] [标签巨头艾利公司称网站遭黑客入侵以窃取信用卡信息](https://hackernews.cc/archives/56936) + - [ ] [米克罗提克僵尸网络利用配置错误的 SPF DNS 记录传播恶意软件](https://hackernews.cc/archives/56933) + - [ ] [SAP 修复 NetWeaver 应用服务器中的关键漏洞](https://hackernews.cc/archives/56930) + - [ ] [SimpleHelp 重大漏洞:可导致文件窃取、权限提升和远程代码执行攻击](https://hackernews.cc/archives/56927) + - [ ] [谷歌云研究人员发现 Rsync 文件同步工具漏洞](https://hackernews.cc/archives/56924) + - [ ] [FBI 在数月行动中从 4250 台被黑电脑中删除 PlugX 恶意软件](https://hackernews.cc/archives/56922) - 奇客Solidot–传递最新科技情报 - - [ ] [USB 简化标签只留下速度](https://www.solidot.org/story?sid=80329) - - [ ] [微软工程师向 Linux 6.13 贡献的代码在发布前夕被禁用](https://www.solidot.org/story?sid=80328) - - [ ] [德国的 LGPL 诉讼获得成功](https://www.solidot.org/story?sid=80327) - - [ ] [美国进一步限制 AI 芯片出口](https://www.solidot.org/story?sid=80326) - - [ ] [PC 出货量三年来首次增长](https://www.solidot.org/story?sid=80325) - - [ ] [中国考虑将 TikTok 美国出售给马斯克](https://www.solidot.org/story?sid=80324) - - [ ] [在 TikTok 在美国面临被禁之际小红书登顶苹果 App Store](https://www.solidot.org/story?sid=80323) - - [ ] [为什么日本儿童独自乘地铁?](https://www.solidot.org/story?sid=80322) - - [ ] [为什么孩子需要更多冒险游戏](https://www.solidot.org/story?sid=80321) -- 安全分析与研究 - - [ ] [盘点全球主流Linux平台的勒索病毒](https://mp.weixin.qq.com/s?__biz=MzA4ODEyODA3MQ==&mid=2247489981&idx=1&sn=f92b58bb6a06cfb2d3596dee93f226ab&chksm=902fb695a7583f834b08a2fe2ada4911c36f0915057d542505372673f82224ea3483bf5bdbc0&scene=58&subscene=0#rd) + - [ ] [RISC-V 开发商算能公司被美国列入实体名单](https://www.solidot.org/story?sid=80353) + - [ ] [Blue Origin 的重型火箭 New Glenn 首次抵达轨道](https://www.solidot.org/story?sid=80352) + - [ ] [Proton CEO 拥抱特朗普引发争议](https://www.solidot.org/story?sid=80351) + - [ ] [动视对微软 Xbox Game Pass 订阅量增加帮助不大](https://www.solidot.org/story?sid=80350) + - [ ] [日英意下一代战斗机计划本年内开始制造试制机](https://www.solidot.org/story?sid=80349) + - [ ] [新泽西州州长呼吁 K-12 学校禁止学生使用手机](https://www.solidot.org/story?sid=80348) + - [ ] [英特尔开源 Tofino P4 软件](https://www.solidot.org/story?sid=80347) + - [ ] [LinkedIn 用 AI 劝阻求职者不要申请不符合条件的职位](https://www.solidot.org/story?sid=80346) + - [ ] [深圳大疆让无人机操作人员决定是否在禁飞区飞行](https://www.solidot.org/story?sid=80345) + - [ ] [Telegram 关闭 Z-Library 和 Anna's Archive 频道](https://www.solidot.org/story?sid=80344) +- 安全牛 + - [ ] [六部门印发《关于完善数据流通安全治理 更好促进数据要素市场化价值化的实施方案》;TikTok在美关停在即,特朗普有意挽救 |牛览](https://mp.weixin.qq.com/s?__biz=MjM5Njc3NjM4MA==&mid=2651134747&idx=1&sn=7fb3c006d6af7e55e5391cf29e23164d&chksm=bd15abc88a6222deeb8ad366d3d93a2396148eabc4910de5027d5eeed07370fd3917a1d9f3a8&scene=58&subscene=0#rd) + - [ ] [精彩汇集,业务宝典:《2024安全牛百篇文章精选集》发布](https://mp.weixin.qq.com/s?__biz=MjM5Njc3NjM4MA==&mid=2651134747&idx=2&sn=643272181de389de86be6fc5e58c5448&chksm=bd15abc88a6222dee2a597f0f61ec3c1636d98ae8d8fb53c35744aa517a4ce301c222ae8e804&scene=58&subscene=0#rd) +- 绿盟科技技术博客 + - [ ] [【漏洞通告】Rsync缓冲区溢出与信息泄露漏洞(CVE-2024-12084/CVE-2024-12085)通告](https://blog.nsfocus.net/cve-2024-12084-cve-2024/) +- 黑海洋 - IT技术知识库 + - [ ] [Raphael AI:几秒生成图像(无限制)](https://blog.upx8.com/4666) + - [ ] [完美解决软路由openwrt分流问题:chinadns + xray + iptables](https://blog.upx8.com/4665) +- Shostack & Friends Blog + - [ ] [Lessons for Cybersecurity from the American Public Health System](https://shostack.org/blog/lessons-for-cyber-from-the-public-health-system/) - 锦行科技 - - [ ] [锦行科技2024年度图鉴](https://mp.weixin.qq.com/s?__biz=MzIxNTQxMjQyNg==&mid=2247493635&idx=1&sn=34b04bc10d27ff153f275b801950730d&chksm=979a13a6a0ed9ab01f146a40cbb7465749a73ece1bf055c001de7d0d4960c16736ab46568ba7&scene=58&subscene=0#rd) -- 雷神众测 - - [ ] [你的新年礼物待发货!点击本文领取!](https://mp.weixin.qq.com/s?__biz=MzI0NzEwOTM0MA==&mid=2652503286&idx=1&sn=7b0acbf3851e7acca62b3941564d4853&chksm=f2585f45c52fd6536f61f228cb9a2d987ca1e38474d7d841512d33a45ac5902533bc6fa8f87b&scene=58&subscene=0#rd) -- 威努特安全网络 - - [ ] [勒索软件:阴影下的贪婪游戏](https://mp.weixin.qq.com/s?__biz=MzAwNTgyODU3NQ==&mid=2651130376&idx=1&sn=dc358c10ad843138011b94d055322174&chksm=80e710b8b79099aead5194a305ce684f2a1b2784527ceee947e3c8862b400fb3624c60a50842&scene=58&subscene=0#rd) -- 安全内参 - - [ ] [微软OpenAI云遭滥用:攻击者绕过安全护栏 对外售卖违规内容生成服务](https://mp.weixin.qq.com/s?__biz=MzI4NDY2MDMwMw==&mid=2247513487&idx=1&sn=2bb2b3796dd10a13b4a3bf0ae256a199&chksm=ebfaf2afdc8d7bb93ac0a572afdf222ceb9510b5625e64a2d911f9180ad752d2c00975e60c91&scene=58&subscene=0#rd) - - [ ] [专挑执法机构下手!欧盟执法培训机构发生大规模数据泄露](https://mp.weixin.qq.com/s?__biz=MzI4NDY2MDMwMw==&mid=2247513487&idx=2&sn=11bbee0dcc26adcb43a666c1f79059f1&chksm=ebfaf2afdc8d7bb92112f4e0cb2762cf4b05b61ee188586a4259f4eb537405551ce087c57f5c&scene=58&subscene=0#rd) + - [ ] [喜讯 | 锦行科技连续两年荣获广州大学网络空间安全学院 “优秀合作企业奖”!](https://mp.weixin.qq.com/s?__biz=MzIxNTQxMjQyNg==&mid=2247493674&idx=1&sn=e4f389bf7f5896a23f762b851bf62e88&chksm=979a138fa0ed9a99007d6e8999e8d429298d74dde4a2cb23fa82fa60897128f6c0165b45e150&scene=58&subscene=0#rd) + - [ ] [锦行科技入选“2024网络安全TOP50榜单”!](https://mp.weixin.qq.com/s?__biz=MzIxNTQxMjQyNg==&mid=2247493674&idx=2&sn=4ce09cf88bd39c0cb840c1949aab8b51&chksm=979a138fa0ed9a9996e6872943c2861e53b3470eb9c2f66e0a54646045bfa22943afbb4cca9f&scene=58&subscene=0#rd) +- Reverse Engineering + - [ ] [Reverse Engineering Conference happening this February in Orlando!](https://www.reddit.com/r/ReverseEngineering/comments/1i2yah6/reverse_engineering_conference_happening_this/) + - [ ] [Release of IDA Python script helper (community_base.py)](https://www.reddit.com/r/ReverseEngineering/comments/1i2brvi/release_of_ida_python_script_helper_community/) +- FreeBuf网络安全行业门户 + - [ ] [FreeBuf早报 | 泰国总理遭遇电诈;腾讯回应用户被异地刷脸支付成功](https://www.freebuf.com/news/420003.html) + - [ ] [最好用的文件同步工具曝6个严重漏洞,可执行远程代码](https://www.freebuf.com/news/419987.html) + - [ ] [Palo Alto Networks防火墙迁移工具曝多个关键漏洞,可泄露明文密码](https://www.freebuf.com/news/419970.html) + - [ ] [Fortinet新的零日漏洞被黑客利用](https://www.freebuf.com/news/419968.html) + - [ ] [Google Ads用户成恶意广告诈骗新目标,凭据及双因素认证码被盗](https://www.freebuf.com/articles/419985.html) - 代码卫士 - - [ ] [微软:macOS 漏洞可导致黑客安装恶意内核驱动](https://mp.weixin.qq.com/s?__biz=MzI2NTg4OTc5Nw==&mid=2247522060&idx=1&sn=562313e7f413152c3399933007b147f5&chksm=ea94a666dde32f706b2b66b455dfbe3a9b106e8c0a4a379c3b30ac5c0aa916c5ad8b092cddd1&scene=58&subscene=0#rd) - - [ ] [严重的 Aviatrix Controller RCE 漏洞已遭利用](https://mp.weixin.qq.com/s?__biz=MzI2NTg4OTc5Nw==&mid=2247522060&idx=2&sn=77945a6bc936ca2cbd6fe400e106a420&chksm=ea94a666dde32f702c05d9f642f0ea1c7cbc525dd3805a10ce8441a93f2412a10b40fc913587&scene=58&subscene=0#rd) + - [ ] [Ivanti修复Endpoint Manager中的多个严重漏洞](https://mp.weixin.qq.com/s?__biz=MzI2NTg4OTc5Nw==&mid=2247522089&idx=1&sn=a04239b89ce2032e8e28b49d05782135&chksm=ea94a643dde32f55fd65e0ec66115b17b1cfe6c18f35bb55ece3c45dfce09c46bdf368f9009f&scene=58&subscene=0#rd) + - [ ] [SimpleHelp 多个严重漏洞可导致文件窃取、提权和RCE攻击](https://mp.weixin.qq.com/s?__biz=MzI2NTg4OTc5Nw==&mid=2247522089&idx=2&sn=46178e7445995e2b3a605d7fd3c37a93&chksm=ea94a643dde32f5500a0b9ba085731e8b6fcd21c96d42f6dbb5597cd5ac92f61c77907616c88&scene=58&subscene=0#rd) - 看雪学苑 - - [ ] [【预售中】无人机安全攻防入门:带你玩转无线电,守护空中隐私与安全!](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458588667&idx=1&sn=83b7402a114088f5888be0eb780f5982&chksm=b18c257186fbac6719f8e5f08cdd6af0db28cf5ba17afa96f5d93f9a9abaa7a4f73d32f29401&scene=58&subscene=0#rd) - - [ ] [你想有多PWN](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458588667&idx=2&sn=8bb1c3bb40eb4a3672a3ee009cc78bd2&chksm=b18c257186fbac67ff5da7b4983f664bc67d3d8715fe5ecd3f5f2c4169c5f64ce55101e4d4f6&scene=58&subscene=0#rd) - - [ ] [2025年首个满分漏洞:云攻击者利用Aviatrix Controller漏洞植入恶意软件](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458588667&idx=3&sn=af4f2eb4bededa0cea574e3cd7963382&chksm=b18c257186fbac670637d659a7511de8c3ead88069367df522ef629a278eaa02c9daf567134d&scene=58&subscene=0#rd) -- 天御攻防实验室 - - [ ] [拜登政府计划制裁北京的一家网络安全公司](https://mp.weixin.qq.com/s?__biz=MzU0MzgyMzM2Nw==&mid=2247486237&idx=1&sn=e3374c3ba2614ee4c1ea93a26351e39e&chksm=fb04c875cc734163987a1143d90ec6e2b854fb872910112ef1afa8486456c9fc9a72a905eb58&scene=58&subscene=0#rd) -- DataCon大数据安全分析竞赛 - - [ ] [DataCon2024解题报告WriteUp—AI安全赛道](https://mp.weixin.qq.com/s?__biz=MzU5Njg1NzMyNw==&mid=2247489053&idx=1&sn=76dcae986b475bf3a1eff49f3d258c00&chksm=fe5d0e9dc92a878b1bb28f26bff904ad0a35d15b7837be5ff82c89203fbb233a7416e209e1cf&scene=58&subscene=0#rd) -- 信息安全国家工程研究中心 - - [ ] [慎终如始,则无败事——多家企业不履行网络安全保护义务被依法处罚](https://mp.weixin.qq.com/s?__biz=MzU5OTQ0NzY3Ng==&mid=2247498725&idx=1&sn=7aef964c19dd8b24207a9253f77aac21&chksm=feb67af6c9c1f3e06a3344510015851b772e440f981f02908a48c1a5a894e7140426d80a1c25&scene=58&subscene=0#rd) + - [ ] [【Windows 内核基础篇】-内核入门-段基础](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458588707&idx=1&sn=d94feda75be18bc50c1a4e1b3e8562dc&chksm=b18c26a986fbafbf5d4bae96661feee0121f0b4a7d68ec53bf20422ad8be57c2d8885cbde9a1&scene=58&subscene=0#rd) + - [ ] [Palo Alto Networks Expedition 工具曝关键漏洞,明文密码或泄露](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458588707&idx=2&sn=d8b388917808b4ab77f7526a37a8f228&chksm=b18c26a986fbafbfafefb07442a2524806b1f3c1598ea59eff936f42c6f1d5c9c7346e8eb91e&scene=58&subscene=0#rd) + - [ ] [Windows内核漏洞分析与EXP编写技巧](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458588707&idx=3&sn=e956cfff8deabe1f7326baacac64eef9&chksm=b18c26a986fbafbf0481872368b731450bf7c0dd4efa35180ae1fdcb91d09ff87bfcfda869c7&scene=58&subscene=0#rd) +- 安全内参 + - [ ] [首个AI驱动的勒索软件组织:大模型生成代码、聊天机器人自主运营](https://mp.weixin.qq.com/s?__biz=MzI4NDY2MDMwMw==&mid=2247513518&idx=1&sn=fe28a4824b27c5537d65babed6d5c44f&chksm=ebfaf28edc8d7b9869d2b2b4b8daeb1905fb01803f567a2477bfe3f226caaea259ca1fa79638&scene=58&subscene=0#rd) + - [ ] [微信支付存漏洞?用户被异地刷脸支付成功,官方回应](https://mp.weixin.qq.com/s?__biz=MzI4NDY2MDMwMw==&mid=2247513518&idx=2&sn=e3691228661dd921114c81bc336d3c7a&chksm=ebfaf28edc8d7b987cbca67e7facee84ece62bb9db75aeb0b865aafa069342f157193c760e9b&scene=58&subscene=0#rd) +- 长亭安全应急响应中心 + - [ ] [【已复现】Fortinet FortiOS/FortiProxy 认证绕过漏洞(CVE-2024-55591)](https://mp.weixin.qq.com/s?__biz=MzIwMDk1MjMyMg==&mid=2247492698&idx=1&sn=31b2a6d8629fb3f69e5a9c159e42c650&chksm=96f7fb37a1807221e222b2e62698c88569521b9b0ec86deebfe7d0dab53b302b142b23b9358f&scene=58&subscene=0#rd) +- 腾讯玄武实验室 + - [ ] [每日安全动态推送(25/1/16)](https://mp.weixin.qq.com/s?__biz=MzA5NDYyNDI0MA==&mid=2651959990&idx=1&sn=30d3c830c7207583d9ca8e9c9d4c9c7e&chksm=8baed229bcd95b3f6fe66b785e1c1c07b4d0cf4020f57121b573a83bde1e49c0b789ff02fde0&scene=58&subscene=0#rd) +- 吾爱破解论坛 + - [ ] [征集吾爱破解论坛微信红包封面设计](https://mp.weixin.qq.com/s?__biz=MjM5Mjc3MDM2Mw==&mid=2651141557&idx=1&sn=91d30c43aac8a1110c1286d481927d35&chksm=bd50a5e18a272cf785cf136f38cddd5c40d02b83fc5d168b8863afaed962fdca39e2f5aa7e1b&scene=58&subscene=0#rd) +- Black Hills Information Security + - [ ] [One Active Directory Account Can Be Your Best Early Warning](https://www.blackhillsinfosec.com/one-active-directory-account-can-be-your-best-early-warning/) +- 威努特安全网络 + - [ ] [追逐国产化发展新浪潮,助力长航自主可控安全体系建设](https://mp.weixin.qq.com/s?__biz=MzAwNTgyODU3NQ==&mid=2651130378&idx=1&sn=8b069880e459491f3fddd6240c7b6f5e&chksm=80e710bab79099ac2d06407cf67ff5e9e36adae2361ee1b6b1cac0a2edfc4407bef4a522aca6&scene=58&subscene=0#rd) +- 奇安信 CERT + - [ ] [奇安信集团2025年01月补丁库更新通告-第一次更新](https://mp.weixin.qq.com/s?__biz=MzU5NDgxODU1MQ==&mid=2247502851&idx=1&sn=7f2bbf94f6a150066e8b83295b2969dc&chksm=fe79e89bc90e618d32ddc7a6e1890807a83f451da51d9b64113505750e5d57cda9740e43f62c&scene=58&subscene=0#rd) +- 丁爸 情报分析师的工具箱 + - [ ] [【资料】情报分析的应用思维 :从业者指南](https://mp.weixin.qq.com/s?__biz=MzI2MTE0NTE3Mw==&mid=2651148536&idx=1&sn=dbc7dff83031ab6b8004c22b387ea793&chksm=f1af27c2c6d8aed465d513db940dfb4aa0d8037c31b60cb7a6e20ae396904b5875269b05a4fa&scene=58&subscene=0#rd) +- 微步在线研究响应中心 + - [ ] [Rsync修复数个高危漏洞,两个RCE需要重点关注](https://mp.weixin.qq.com/s?__biz=Mzg5MTc3ODY4Mw==&mid=2247507685&idx=1&sn=f6f13d9e6ca46b986c4c17ce7424d252&chksm=cfcabdf1f8bd34e7a4bb18b1d16702e6a4feb5c65a3c5642728ea446c51edaaba876ffe2c928&scene=58&subscene=0#rd) +- 绿盟科技CERT + - [ ] [【漏洞通告】Rsync缓冲区溢出与信息泄露漏洞(CVE-2024-12084/CVE-2024-12085)](https://mp.weixin.qq.com/s?__biz=Mzk0MjE3ODkxNg==&mid=2247488860&idx=1&sn=d1d87ac982c32f01e05fc74e29efccff&chksm=c2c64257f5b1cb416e9fd6d3a45e35247f42e76947e51170f466288638bc9ff50a5e290f30c1&scene=58&subscene=0#rd) - dotNet安全矩阵 - - [ ] [.NET | 通过 LDAP 技术在域渗透中获取内网所有系统账户数据](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498206&idx=1&sn=5f290cbc0e9c1a8c76d0e0cb8625cf4c&chksm=fa595733cd2ede25f81edaa97c23c5128bf81f91b9853c6992c7ea10cc5b4cccc56a8c991b67&scene=58&subscene=0#rd) - - [ ] [.NET 内网攻防实战电子报刊](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498206&idx=2&sn=ccd7a610c1551ab79faf6c373e36ba0b&chksm=fa595733cd2ede251ab2675874322edb35041922db6c2ab59f6d3be9f9e22dda1afcac4ac38e&scene=58&subscene=0#rd) - - [ ] [无独有偶,通过.NET反序列化漏洞实现 Visual Studio 钓鱼攻击](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498206&idx=3&sn=a00994d537a5909711eda0e855cf39e6&chksm=fa595733cd2ede25105b711c11316a44649792eaf6c84fe1b800624b877fa63c510961c10820&scene=58&subscene=0#rd) + - [ ] [.NET 内网横向移动,通过模拟用户令牌实现远程权限提升](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498252&idx=1&sn=cf0ab90b357c9de769fa264d92b5d3db&chksm=fa5954e1cd2eddf79d8bdfb7da7b322787b306361d64639876956062b76e3e3e827960b2bbb5&scene=58&subscene=0#rd) + - [ ] [国内最专业、最全面的 [ .NET 代码审计 ] 体系化学习交流社区](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498252&idx=2&sn=1482f0c46b8108d2d17d067aa5a82739&chksm=fa5954e1cd2eddf7a9f0115b6b81ec954b2000fc15ff35f05fdecc531bd61d4087ff091e4c9a&scene=58&subscene=0#rd) + - [ ] [.NET 实战中批量获取数据库凭据的工具](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498252&idx=3&sn=a2cb571fb0ac54647dc4f5ae74194aa4&chksm=fa5954e1cd2eddf72a8664ea41621ed2a2c0d089b2d4c7dad4be2ea79878ad831fbc5dbbced8&scene=58&subscene=0#rd) +- 慢雾科技 + - [ ] [探讨 Poseidon 延展性攻击,可影响零知识证明应用的安全性](https://mp.weixin.qq.com/s?__biz=MzU4ODQ3NTM2OA==&mid=2247500936&idx=1&sn=433dc45041abe0603c4c00d7a3db7ced&chksm=fddeba0fcaa9331903775c679192d7df3cb0be4b43575a5ac854e2f5dd19fb7c3465ca2299cf&scene=58&subscene=0#rd) - 微步在线 - - [ ] [情报,又是代表厂商!](https://mp.weixin.qq.com/s?__biz=MzI5NjA0NjI5MQ==&mid=2650182977&idx=1&sn=5034ac95fb46e3ecf415164cc327d667&chksm=f4486efdc33fe7eb4d386ce4263003b8247200d02c6572da6b435588fa6e97b7e97031486f70&scene=58&subscene=0#rd) -- 丁爸 情报分析师的工具箱 - - [ ] [【资料】全源情报分析指南](https://mp.weixin.qq.com/s?__biz=MzI2MTE0NTE3Mw==&mid=2651148529&idx=1&sn=eb04e2ef8c40d94aef096c369c1ea58b&chksm=f1af27cbc6d8aedd5295b2c1330315579336534f3868dbb766dcc55b60fc10ef3c1f859dc96b&scene=58&subscene=0#rd) -- 数世咨询 - - [ ] [2025年美国军方拨款约300亿美元用于网络安全](https://mp.weixin.qq.com/s?__biz=MzkxNzA3MTgyNg==&mid=2247534113&idx=1&sn=3ffe3cc14b3da452f3f37f2ec2fa484d&chksm=c144349cf633bd8a2986e6625ea40da708b7b6fec5bec05a68f31fb9d7b0833f49315860fb80&scene=58&subscene=0#rd) - - [ ] [网络安全产业发展亟需回归行业价值本质](https://mp.weixin.qq.com/s?__biz=MzkxNzA3MTgyNg==&mid=2247534113&idx=2&sn=73919dc8a130b38a923b93cff0c50cdf&chksm=c144349cf633bd8a4ffbade73b3db7266497dee4c0a1c9089fa13d66d50483cb0f39b31039a9&scene=58&subscene=0#rd) -- 火线安全平台 - - [ ] [火线安全|年终大奖熠熠生辉,一起迎接年终分红时刻!](https://mp.weixin.qq.com/s?__biz=MzU4MjEwNzMzMg==&mid=2247494650&idx=1&sn=9b31cd4dbe6d0428c8ab3e835b52c73d&chksm=fdbfc251cac84b475274790dd4931939ae6f145454479889184b723c2dafcbaa4e21aa7706a2&scene=58&subscene=0#rd) -- ChaMd5安全团队 - - [ ] [SUCTF 2025 writeup by Min-Venom](https://mp.weixin.qq.com/s?__biz=MzIzMTc1MjExOQ==&mid=2247511868&idx=1&sn=5a1dc3baed4c78da2b5f75a78d2730a3&chksm=e89d87e4dfea0ef237728e960ff5e2c177f91801f9a16117a02cdb9b62e9adec26ac8ebf7a4d&scene=58&subscene=0#rd) + - [ ] [银狐叒进化,溯源不了,清理不掉!](https://mp.weixin.qq.com/s?__biz=MzI5NjA0NjI5MQ==&mid=2650182999&idx=1&sn=ea90cb2b6d56950310409bf3e32feeb3&chksm=f4486eebc33fe7fd48e6aced8e580fe90c58251598b1cfd54c65b4a1d86832a3e3c23521c4a8&scene=58&subscene=0#rd) +- 58安全应急响应中心 + - [ ] [58集团|春节放假通知](https://mp.weixin.qq.com/s?__biz=MzU4NTMzNjU4Mw==&mid=2247490167&idx=1&sn=74d119b85e31259bf2ce342602ce9d4f&chksm=fd8d481fcafac109e3a81983cfc87fe697401620c1993eb92cd26311c65badd1e321668c51c1&scene=58&subscene=0#rd) +- 情报分析师 + - [ ] [【可视化】情报分析师教你如何辨别数据、信息和情报](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650558974&idx=1&sn=5cab57b2a1d0dd82507a737097ce3f2c&chksm=87117fb5b066f6a3cb6871541c268adf5cbe42afd9c93b1ea0100bfecb2ef227ba0ad25acff8&scene=58&subscene=0#rd) + - [ ] [缅甸诈骗产业链条:军阀、幕后大佬深度剖析](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650558974&idx=2&sn=0651bf621a409a62f4cc2de29da5da57&chksm=87117fb5b066f6a3e7585739b3ef800e3723ef179cc273ca78b610152178c990bffab28a5c04&scene=58&subscene=0#rd) - 中国信息安全 - - [ ] [关注 | 工信部发文 加强互联网数据中心客户数据安全保护](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664234545&idx=1&sn=dc708bd198a9f572466efd53343dbfd8&chksm=8b59fcc8bc2e75de31b5c2b480b2ec64e92778dc9b35802d59121facc8d6e7c61833feedffc9&scene=58&subscene=0#rd) - - [ ] [专家解读 | 大力发展数据标注产业 推动我国人工智能创新发展](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664234545&idx=2&sn=d91c7578b958313bd7938fef75996fdd&chksm=8b59fcc8bc2e75de6fabe111dccca1c7defcc7ff6d5773e24d7201e332be82ed144efa9251a1&scene=58&subscene=0#rd) - - [ ] [前沿 | 回望2024年国际风云之变:聚焦全球产业核心驱动力 人工智能在全球产业变革中地位凸显](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664234545&idx=3&sn=a05079462b873959a484178e8a5465ca&chksm=8b59fcc8bc2e75deb7ea3bfab761bb926cdf86df478279e3a58fb01d166cb47e3c0efee5a84f&scene=58&subscene=0#rd) - - [ ] [发布 | 公安部公布8起打击网络黑客犯罪典型案例](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664234545&idx=4&sn=2e01732d093aabf1cf5336f813912c9f&chksm=8b59fcc8bc2e75de2780fc803df201f7e209f94b3303aa9c130a1c6c433ed59298e6b8f736b7&scene=58&subscene=0#rd) - - [ ] [关注 | 16款App存在隐私不合规行为被通报!](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664234545&idx=5&sn=252913fbf92cf6fda05be5316b33899c&chksm=8b59fcc8bc2e75defa7884d2220357f94639b0fd3b3ae1ce27224076263b9deca934ac7724d4&scene=58&subscene=0#rd) - - [ ] [国际 | 新加坡个人数据跨境传输规则](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664234545&idx=6&sn=d0ac0ff1882c400ac7dc13ef4ed6630b&chksm=8b59fcc8bc2e75de78cf889fc80038dbbf38903352028fe61fdb87ab0d48f20aa480a5a178ed&scene=58&subscene=0#rd) - - [ ] [评论 | 护好“行驶中”的个人信息安全](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664234545&idx=7&sn=452fc3ec0d32e8049888b868c54dd816&chksm=8b59fcc8bc2e75dee54ec6b6220fa19c4cec530fd3dd8d6c6e35f7c706040e9d36a84c6e1a7d&scene=58&subscene=0#rd) + - [ ] [专题·人工智能安全治理 | 关于《人工智能安全治理框架》的解读与思考](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664234775&idx=1&sn=83ab940ab301a0f823a6e47ed7b51c15&chksm=8b59fdeebc2e74f8b7a174a9b5260fa421c3d74a9f3d3eef6564785924f1c7114ca46617dffc&scene=58&subscene=0#rd) + - [ ] [专家解读 | 魏亮:繁荣数据标注产业,赋能人工智能高质量发展](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664234775&idx=2&sn=df6cb8e9e959e150ba19c755ad71542c&chksm=8b59fdeebc2e74f87e89cb3871bfc40378b4ec75a027fa28f285e53e1fd4a5b83a838040e0a3&scene=58&subscene=0#rd) + - [ ] [CNNVD | 关于Fortinet FortiOS和FortiProxy安全漏洞的通报](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664234775&idx=3&sn=82b000440fa4c60ceae4b17d4472d670&chksm=8b59fdeebc2e74f8f1e114cc8a17881077bd3708e814560f198b1085ef506d998bb5bd1dec9b&scene=58&subscene=0#rd) + - [ ] [CNNVD | 关于微软多个安全漏洞的通报](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664234775&idx=4&sn=ec548ccac6f3d80540906533ca87ecf9&chksm=8b59fdeebc2e74f8c64ef4317b09ff932b30314e4bf6a8856a5aa49afbd1509722c124378ab7&scene=58&subscene=0#rd) + - [ ] [国际 | 全球产业各方强烈反对美国AI新限令](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664234775&idx=5&sn=e78991ce80797a2d231c237b288a0161&chksm=8b59fdeebc2e74f87507ad451c5da6ad2e961a19138f1f15a8a698c703959b7413eedc8f4faf&scene=58&subscene=0#rd) + - [ ] [发布 | 中国信通院发布《高质量大模型基础设施研究报告(2024年)》(附下载)](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664234775&idx=6&sn=673d2d303997d8b3ec28dab3c35e6269&chksm=8b59fdeebc2e74f8448eb96681ff2ef19be35ba4ea0cdb7022870c364d6bf20aa162fd349456&scene=58&subscene=0#rd) + - [ ] [公安部提示:警惕境外高薪招聘 避免落入电诈窝点](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664234775&idx=7&sn=a17f63056a3bfc0d3f5dc8e5bd566831&chksm=8b59fdeebc2e74f86114c487390974b20b8eb87fa964089e6574931fc1cc4da62b267bc45ed9&scene=58&subscene=0#rd) - 安全圈 - - [ ] [【安全圈】2025年首个满分漏洞,PoC已公布,可部署后门](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067342&idx=1&sn=533ba142831a3c994e00cb6ec7d6d36c&chksm=f36e7a4ec419f35879a33af360eded6ccc081b3546a86d7a969a48f0eeb7b2f5eecb5be455a9&scene=58&subscene=0#rd) - - [ ] [【安全圈】AI抢不走的工作,微软力挺红队测试仍需人类“掌舵”](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067342&idx=2&sn=7630e1838566bfaad814bfbeff239c32&chksm=f36e7a4ec419f3583f2fdeb373ecf1fe61d6e4069f0710503306470b1bb3204f220e2a5f7a97&scene=58&subscene=0#rd) - - [ ] [【安全圈】不干净的视频评论区,攻击者利用Youtube传播窃密软件](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067342&idx=3&sn=488b956f65f869c09be3e3d7874e6d90&chksm=f36e7a4ec419f358aeecef6b9ff71759aabb31d37d791824c440bc665ad4c62bf5aee7f41e6d&scene=58&subscene=0#rd) - - [ ] [【安全圈】为网络安全研究人员定制的虚假漏洞利用攻击利用恶意软件](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067342&idx=4&sn=380dc9803cf52db7c5d1771d404c4279&chksm=f36e7a4ec419f35821fb42bc3692d2e2ea1220de0c7f64fc0b4a684c0758e137b27573afb929&scene=58&subscene=0#rd) + - [ ] [【安全圈】2024年12月涉国内数据泄露事件汇总](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067407&idx=1&sn=47291e4d3be4fe5aba124eaf42090def&chksm=f36e7a0fc419f31979de403434ebbb3d4e9eb54623f6bea7eeee1c6ca71d85f271efbe2b4598&scene=58&subscene=0#rd) + - [ ] [【安全圈】TikTok计划本周日关停美国业务](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067407&idx=2&sn=c4ea18f86a062710556f1866f61a834d&chksm=f36e7a0fc419f31923da14b7bb88e95381f39c1784189c56b88853af1571446b91763d2b87a3&scene=58&subscene=0#rd) + - [ ] [【安全圈】超过 660,000 个 Rsync 服务器遭受代码执行攻击](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067407&idx=3&sn=8ab61dc14be99150b80875b0242ba5ee&chksm=f36e7a0fc419f31991628c4d2745df5c3bc235f99efb1f272830e57fe97a8ce3d84f7a21bcb2&scene=58&subscene=0#rd) + - [ ] [【安全圈】Fortinet 又被确认存在新的零日漏洞](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067407&idx=4&sn=0e43cb3c3a8763dcfcbd7b70a9d16464&chksm=f36e7a0fc419f319a7965eec0e32510033e5b2543bbe6ce51c54334af84e58c2c68a4a803549&scene=58&subscene=0#rd) +- 数世咨询 + - [ ] ["TikTok难民"涌入 ,小红书如何应对安全挑战?](https://mp.weixin.qq.com/s?__biz=MzkxNzA3MTgyNg==&mid=2247534365&idx=1&sn=f588bf9917f2c9ea08f7e4a1b7bd0fa1&chksm=c14435a0f633bcb6e8081a918f1c1f1b0a773c8c5cab714e55d4396a4353943fd6de59281d88&scene=58&subscene=0#rd) - 极客公园 - - [ ] [TikTok 难民,涌入小红书](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653072003&idx=1&sn=135396558cdffda7575ab9d4db2ba7a2&chksm=7e57d73549205e23f0d5d735b53ab13a39f6db86f72141df0708164e36e4ed09d267a90dd774&scene=58&subscene=0#rd) - - [ ] [美国推出 AI 芯片管制新规,英伟达明确反对;余承东发全员信:鸿蒙三分天下有其一;菜鸟否认拆分 | 极客早知道](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653071986&idx=1&sn=38a32cc680920e2d96eec06c14bb95e8&chksm=7e57d7c449205ed21af2351357692387d8be287f55b6e16ae7f45dfcfc10e798b10f7454c57b&scene=58&subscene=0#rd) + - [ ] [只用 45 天达成 100 万美金 ARR,这家创业公司找到了 AI 落地的解法](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653072187&idx=1&sn=3d684d310b02fde9036a7b380e174561&chksm=7e57d68d49205f9b271fb04d2c021c24035447ca229df15fc35d9141b95d71ef9d96a4cac22f&scene=58&subscene=0#rd) + - [ ] [前华为智驾主管转投地平线后首秀:对手只有特斯拉,天天营销没用](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653072187&idx=2&sn=1804eeacd4a39d7558ce0924efafc873&chksm=7e57d68d49205f9b70c422202cc67af03e9d5383daa790831590702dc6b0788d64b18dcbb861&scene=58&subscene=0#rd) + - [ ] [TikTok「硬刚」之下,转机来了](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653072182&idx=1&sn=07ecbd9641c4e5dc91ae910dbee03330&chksm=7e57d68049205f96e71c86167379f753f018f4b6c491b3c1ede6d838a3ce3c6ae01efac68ee9&scene=58&subscene=0#rd) + - [ ] [传 TikTok 计划周日完全关停美业务;OpenAI 推出新功能「Tasks」;《王者荣耀》纯血鸿蒙版上线 | 极客早知道](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653072123&idx=1&sn=a2b3df514f9f43169cdb6d3fb6529d09&chksm=7e57d74d49205e5bd59bfa31969dbc073fc123b54a6c6d6485961460d2fd1219eda233e694a5&scene=58&subscene=0#rd) - 嘶吼专业版 - - [ ] [2024 年加密货币钱包盗取事件金额多达 4.94 亿美元](https://mp.weixin.qq.com/s?__biz=MzI0MDY1MDU4MQ==&mid=2247580767&idx=1&sn=8bc4c217da27a315e86c61cc20ef036e&chksm=e9146c65de63e573becf89217a5996287eaf91ca43a548ea4a03a77cf799d364c4a6e1c0c5a7&scene=58&subscene=0#rd) - - [ ] [【我们这一年】网络和数据安全取得新突破](https://mp.weixin.qq.com/s?__biz=MzI0MDY1MDU4MQ==&mid=2247580767&idx=2&sn=e765e5472d74f27fbb2c19fb3b7a82d5&chksm=e9146c65de63e5732e384640aa4c6a61ff4da482b60698b1a0d4afd5a5b0f9090e1c190a0daf&scene=58&subscene=0#rd) -- 情报分析师 - - [ ] [普京与特朗普会晤地点预测:候选国家大揭秘](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650558917&idx=1&sn=33ebe6dacd7ec85aecad0fd5bdfbee69&chksm=87117f8eb066f69870faf705186bd56adef403c6a4dea7903c776475db2ebde947a55fea0702&scene=58&subscene=0#rd) - - [ ] [以演员王星事件为镜:透视妙瓦底产业链的运作机制](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650558917&idx=2&sn=16f94a7627598f1768b88f202f7a3a9f&chksm=87117f8eb066f698165c3f8401efa4c2572c918ed92d690b688af5d21fd6f9b3541d555864f0&scene=58&subscene=0#rd) - - [ ] [巴基斯坦动荡的安全形势2024-2025](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650558917&idx=3&sn=25076a33bf9f5e28ab04068a4deac50e&chksm=87117f8eb066f698ce3b26a1ac7b5786908bc9357f0d08803546ec0eb3d67cc8678a652fea64&scene=58&subscene=0#rd) -- OPPO安全中心 - - [ ] [2024年12月奖励公告](https://mp.weixin.qq.com/s?__biz=MzUyNzc4Mzk3MQ==&mid=2247494162&idx=1&sn=97b16bca0de97ee8a0ef60af2c1807c5&chksm=fa78eb5ecd0f62481463a3d7aee16927a051bcf5dcf6225deb354fe3cfe882d79a3e4dac3ebb&scene=58&subscene=0#rd) - - [ ] [2024年度众测挑战赛奖励公告](https://mp.weixin.qq.com/s?__biz=MzUyNzc4Mzk3MQ==&mid=2247494162&idx=2&sn=cb5346aed774d0f83c617e6bbd006331&chksm=fa78eb5ecd0f6248e815336f3d3a4ece3ebca1ee6119dedcfaf298d1fa7c7f319cdfcad0887a&scene=58&subscene=0#rd) - - [ ] [2024年蜗牛奖励兑换公告](https://mp.weixin.qq.com/s?__biz=MzUyNzc4Mzk3MQ==&mid=2247494162&idx=3&sn=770c765d1832ff2e84865f85d4073e2e&chksm=fa78eb5ecd0f6248b7f379027ae40e588a5804068b056d4edc4aff7a2c64c60dd422feafee49&scene=58&subscene=0#rd) -- 字节跳动技术团队 - - [ ] [详解veImageX助力卓特视觉智能、高效生成设计素材](https://mp.weixin.qq.com/s?__biz=MzI1MzYzMjE0MQ==&mid=2247512825&idx=1&sn=ba087dada2532f864bfbe96b7a339dea&chksm=e9d3791bdea4f00d7e6b38efbe14a2de4122b715564a4e286406a40cfcf460f77bffc2c17f01&scene=58&subscene=0#rd) -- 吴鲁加 - - [ ] [建立习惯系统](https://mp.weixin.qq.com/s?__biz=Mzg5NDY4ODM1MA==&mid=2247485147&idx=1&sn=1620d7cf6289322680963ba87ff33c6d&chksm=c01a8beaf76d02fc79ef2b3b307e77598513970b244b1db86dbb915fa3fa2d9521919113fde3&scene=58&subscene=0#rd) -- 航行笔记 - - [ ] [和顾孔希大佬聊聊怎么从“打黑工”到大厂安全负责人](https://mp.weixin.qq.com/s?__biz=MzIyOTAxOTYwMw==&mid=2650236920&idx=1&sn=45f2e17b8713ae0535d21478b3506746&chksm=f04add44c73d545260a1db5c3adfbae9589b8579eedb1c58ecb4d016e52ecf5ef287ea20a161&scene=58&subscene=0#rd) -- Qualys Security Blog - - [ ] [Microsoft Patch Tuesday, January 2025 Security Update Review](https://blog.qualys.com/category/vulnerabilities-threat-research) -- 青藤智库 - - [ ] [ATT&CK实践进入深水区 ---不要再迷信ATT&CK覆盖率](https://mp.weixin.qq.com/s?__biz=MzUyOTkwNTQ5Mg==&mid=2247489334&idx=1&sn=295109e68e9f73402b29c27581c39184&chksm=fa58b50dcd2f3c1bdef61783e741656b9876e7a7d33ceecc68ec9a2613798c30b01fde577243&scene=58&subscene=0#rd) + - [ ] [Nuclei 漏洞允许恶意模板绕过签名验证](https://mp.weixin.qq.com/s?__biz=MzI0MDY1MDU4MQ==&mid=2247580839&idx=1&sn=9bbf94cef195dc62ef4e9c2767e40736&chksm=e9146c9dde63e58b38dc1102ff184f3f04def7647e879875cf84eea98fd90bd0fb589e54a1ae&scene=58&subscene=0#rd) + - [ ] [国家计算机病毒应急处理中心监测发现16款违规移动应用](https://mp.weixin.qq.com/s?__biz=MzI0MDY1MDU4MQ==&mid=2247580839&idx=2&sn=ba6339b09bc11710fbe1b0d53e455d2e&chksm=e9146c9dde63e58bdb54281cedb98d47988111a4dc35b2d7b1da0f4e522afe4a0514ee5a3dcf&scene=58&subscene=0#rd) +- 字节跳动安全中心 + - [ ] [业务上新|BytePlus开放测试](https://mp.weixin.qq.com/s?__biz=MzUzMzcyMDYzMw==&mid=2247494456&idx=1&sn=08dd5c76c4e63b643bf83e6e67376f72&chksm=fa9d106ecdea9978cd783823f2d8d73ad96e7742cdf39c379eb7dae0e4e2c2bf87075fb5a6f1&scene=58&subscene=0#rd) +- 威胁猎人Threat Hunter + - [ ] [【黑产大数据】2024年互联网黑灰产趋势年度总结](https://mp.weixin.qq.com/s?__biz=MzI3NDY3NDUxNg==&mid=2247498891&idx=1&sn=9f040f1179476893f7e090a25d5c7db6&chksm=eb12dab0dc6553a6688a1502538c0a93299a3ae6095c314d0db7c1c3f67008f121543a1aa9df&scene=58&subscene=0#rd) +- Yak Project + - [ ] [一种简单又强势的Js-Forward脚本编写方式](https://mp.weixin.qq.com/s?__biz=Mzk0MTM4NzIxMQ==&mid=2247527481&idx=1&sn=9bee930fcf19964ae14c0d949c517570&chksm=c2d1109df5a6998b7ef18c9aa6230c5759ef54ac86481b4372e0b3e08e5217cc312d81f83fe4&scene=58&subscene=0#rd) +- DataCon大数据安全分析竞赛 + - [ ] [DataCon2024解题报告WriteUp—网络基础设施安全赛道](https://mp.weixin.qq.com/s?__biz=MzU5Njg1NzMyNw==&mid=2247489113&idx=1&sn=f50d636aa1d51351143f9cdf801aedeb&chksm=fe5d0ed9c92a87cf2d0cb0ac85dcfb860d8e5684ae9d60f6eaad2c43357757367e274d6cacf0&scene=58&subscene=0#rd) +- 火绒安全 + - [ ] [聚焦银狐丨探究病毒肆虐传播背后隐藏的迭代玄机](https://mp.weixin.qq.com/s?__biz=MzI3NjYzMDM1Mg==&mid=2247521662&idx=1&sn=d892c1ee59c408fd2318701d76ce76eb&chksm=eb704b41dc07c257e791093a007f7281efb53f3f4302acc7f352f5567cc85528f957695de501&scene=58&subscene=0#rd) + - [ ] [诚邀渠道合作伙伴共启新征程](https://mp.weixin.qq.com/s?__biz=MzI3NjYzMDM1Mg==&mid=2247521662&idx=2&sn=a82fab2199cc8b53db07300512a91f88&chksm=eb704b41dc07c257eaa7c89bd1beb5aa42864668fdd898b231ff7f0f412a808ed8ef8519964e&scene=58&subscene=0#rd) +- 美团技术团队 + - [ ] [没猜错的话,你在等美团技术年货 | 送10份美团新春礼盒](https://mp.weixin.qq.com/s?__biz=MjM5NjQ5MTI5OA==&mid=2651779737&idx=1&sn=34c1ad2e924f5724af10680a2079e410&chksm=bd122bd48a65a2c2a7c45122b8b55b8ed496d0d1d72d9adb1d5039567f111852ebf314f01416&scene=58&subscene=0#rd) +- 360数字安全 + - [ ] [正式签约!360为宁波城市大模型发展注入新动能](https://mp.weixin.qq.com/s?__biz=MzA4MTg0MDQ4Nw==&mid=2247579041&idx=1&sn=2f7055867704f94db13304cebae8ada0&chksm=9f8d25a9a8faacbfa4674c94f494a1791f0840109f3b0b78273934fb04f0405c1565a6d12d5c&scene=58&subscene=0#rd) - LuxSci - - [ ] [Securing Digital Communications in Healthcare: What You Need to Know](https://luxsci.com/blog/securing-digital-communications-healthcare.html) + - [ ] [HIPAA-Compliant Personalization With PHI: A How-To Guide](https://luxsci.com/blog/hipaa-compliant-personalization.html) - 安全419 - - [ ] [2025 年暗网市场和威胁预测](https://mp.weixin.qq.com/s?__biz=MzUyMDQ4OTkyMg==&mid=2247546688&idx=1&sn=a0efc6e92c206ed8942332d8273afec5&chksm=f9ebe9edce9c60fbcf8b788185281bd95fa99f95c8bd66e54aecebde138f8ac587a5655f2d31&scene=58&subscene=0#rd) + - [ ] [人工智能和机器学习如何改变数字银行安全](https://mp.weixin.qq.com/s?__biz=MzUyMDQ4OTkyMg==&mid=2247546715&idx=1&sn=59b38fd23de2ac6cd1e972f8ce8fd022&chksm=f9ebe9f6ce9c60e06d2a7dc7e7ea3652f451882a9fdd79ca021c75265aa830efe30ac8736cdf&scene=58&subscene=0#rd) +- Qualys Security Blog + - [ ] [Cybersecurity 2025: Qualys’ Predictions for Navigating the Evolving Threat Landscape](https://blog.qualys.com/category/qualys-insights) +- Over Security - Cybersecurity news aggregator + - [ ] [GDPR complaints filed against TikTok, Temu for sending user data to China](https://www.bleepingcomputer.com/news/security/gdpr-complaints-filed-against-tiktok-temu-for-sending-user-data-to-china/) + - [ ] [Qualche grafico: Analisi del leak Fortinet su 15K server esposti](https://www.insicurezzadigitale.com/qualche-grafico-analisi-del-leak-fortinet-su-15k-server-esposti/) + - [ ] [FTC updates closely watched children’s online privacy rule](https://therecord.media/ftc-coppa-childrens-data-privacy-updated-regulation) + - [ ] [Chinese Innovations Spawn Wave of Toll Phishing Via SMS](https://krebsonsecurity.com/2025/01/chinese-innovations-spawn-wave-of-toll-phishing-via-sms/) + - [ ] [W3 Total Cache plugin flaw exposes 1 million WordPress sites to attacks](https://www.bleepingcomputer.com/news/security/w3-total-cache-plugin-flaw-exposes-1-million-wordpress-sites-to-attacks/) + - [ ] [US issues sanctions against companies in Laos, China tied to North Korean IT worker scheme](https://therecord.media/us-issues-sanctions-laos-china-north-korean-worker-scheme) + - [ ] [Balancing Celebration with Security at Trump’s Second Inauguration and Beyond](https://flashpoint.io/blog/balancing-celebration-with-security-at-trumps-second-inauguration/) + - [ ] [Microsoft expands testing of Windows 11 admin protection feature](https://www.bleepingcomputer.com/news/security/microsoft-expands-testing-of-windows-11-admin-protection-feature/) + - [ ] [Find the helpers](https://blog.talosintelligence.com/find-the-helpers/) + - [ ] [US cracks down on North Korean IT worker army with more sanctions](https://www.bleepingcomputer.com/news/security/us-cracks-down-on-north-korean-it-worker-army-with-more-sanctions/) + - [ ] [Biden signs executive order to bolster national cybersecurity](https://www.bleepingcomputer.com/news/security/biden-signs-executive-order-to-bolster-national-cybersecurity/) + - [ ] [Biotech firm settles class action lawsuit over ransomware attack for $7.5 million](https://therecord.media/enzo-biochem-ransomware-class-action-lawsuit-settlement) + - [ ] [German defense and foreign ministries suspend activity on Elon Musk’s platform](https://therecord.media/german-defense-foreign-ministries-suspend-accounts-on-x) + - [ ] [Wolf Haldenstein law firm says 3.5 million impacted by data breach](https://www.bleepingcomputer.com/news/security/wolf-haldenstein-law-firm-says-35-million-impacted-by-data-breach/) + - [ ] [FTC sues GoDaddy for years of poor hosting security practices](https://www.bleepingcomputer.com/news/security/ftc-sues-godaddy-for-years-of-poor-hosting-security-practices/) + - [ ] [Karmada Security Audit](https://www.shielder.com/blog/2025/01/karmada-security-audit/) + - [ ] [Una vulnerabilità di UEFI Secure Boot permette l’esecuzione di codice durante il boot di sistema](https://www.securityinfo.it/2025/01/16/una-vulnerabilita-di-uefi-secure-boot-permette-lesecuzione-di-codice-durante-il-boot-di-sistema/) + - [ ] [MFA Failures - The Worst is Yet to Come](https://www.bleepingcomputer.com/news/security/mfa-failures-the-worst-is-yet-to-come/) + - [ ] [New UEFI Secure Boot flaw exposes systems to bootkits, patch now](https://www.bleepingcomputer.com/news/security/new-uefi-secure-boot-flaw-exposes-systems-to-bootkits-patch-now/) + - [ ] [UK’s porn age checks to arrive in July, raising fears over security and privacy](https://therecord.media/ofcom-uk-pornography-age-verification-checks) + - [ ] [Government Sector Bears the Brunt of Cyberattacks in Ukraine: Report](https://cyble.com/blog/ukraine-cyberthreat-landscape-2024/) + - [ ] [Ransomware sanctions, software security among key points in new Biden executive order](https://therecord.media/biden-cybersecurity-executive-order) + - [ ] [ICS Vulnerability Report: Hitachi Energy Network Management Flaw Scores a Perfect 10](https://cyble.com/blog/ics-vulnerability-report-hitachi-energy-network-management-flaw-scores-a-perfect-10/) + - [ ] [16-31 October 2024 Cyber Attacks Timeline](https://www.hackmageddon.com/2025/01/16/16-31-october-2024-cyber-attacks-timeline/) + - [ ] [Malware Trends Overview Report: 2024](https://any.run/cybersecurity-blog/malware-trends-2024/) + - [ ] [The Truth of the Matter: Scammers Targeting Truth Social Users](https://www.netcraft.com/blog/truth-social-scam-threat-review/) + - [ ] [Sneaky 2FA: exposing a new AiTM Phishing-as-a-Service](https://blog.sekoia.io/sneaky-2fa-exposing-a-new-aitm-phishing-as-a-service/) + - [ ] [Le Coq Sportif Columbia - 79,712 breached accounts](https://haveibeenpwned.com/PwnedWebsites#LeCoqSportif) + - [ ] [Hackers leak configs and VPN credentials for 15,000 FortiGate devices](https://www.bleepingcomputer.com/news/security/hackers-leak-configs-and-vpn-credentials-for-15-000-fortigate-devices/) + - [ ] [Japanese Spam on a Cleaned WordPress Site: The Hidden Sitemap Problem](https://blog.sucuri.net/2025/01/japanese-spam-on-a-cleaned-wordpress-site-the-hidden-sitemap-problem.html) + - [ ] [Supreme Court seems poised to uphold age-gating law for online sexual content](https://therecord.media/supreme-court-poised-to-uphold-porn-age-gating-law) +- Securityinfo.it + - [ ] [Una vulnerabilità di UEFI Secure Boot permette l’esecuzione di codice durante il boot di sistema](https://www.securityinfo.it/2025/01/16/una-vulnerabilita-di-uefi-secure-boot-permette-lesecuzione-di-codice-durante-il-boot-di-sistema/?utm_source=rss&utm_medium=rss&utm_campaign=una-vulnerabilita-di-uefi-secure-boot-permette-lesecuzione-di-codice-durante-il-boot-di-sistema) +- 娜璋AI安全之家 + - [ ] [[系统安全] 六十一.恶意软件分析 (12)LLM赋能Lark工具提取XLM代码的抽象语法树(初探)](https://mp.weixin.qq.com/s?__biz=Mzg5MTM5ODU2Mg==&mid=2247501228&idx=1&sn=b09f8443148d480c875e52d77103988a&chksm=cfcf7561f8b8fc774623011fade9c0218ad64e57b3768912d4159b85716e79823aa0097bc495&scene=58&subscene=0#rd) +- HACKMAGEDDON + - [ ] [16-31 October 2024 Cyber Attacks Timeline](https://www.hackmageddon.com/2025/01/16/16-31-october-2024-cyber-attacks-timeline/) +- FuzzWiki + - [ ] [Atropos:对Web应用程序服务器端漏洞的模糊测试技术](https://mp.weixin.qq.com/s?__biz=MzU1NTEzODc3MQ==&mid=2247486892&idx=1&sn=a6724b98a3098cb4aafd29db4607bbea&chksm=fbd9a610ccae2f06142212f5bb3152632f1397c33284590d3a060c069821d719e57417138604&scene=58&subscene=0#rd) - ICT Security Magazine - - [ ] [La Nuova Era della Cybersecurity: Resilienza, Intelligenza Artificiale e Protezione dei Dati](https://www.ictsecuritymagazine.com/articoli/cybersecurity-resilienza-ai/) -- 360数字安全 - - [ ] [工信部认可!360荣获车联网产品安全漏洞专业库“优秀技术支撑单位”](https://mp.weixin.qq.com/s?__biz=MzA4MTg0MDQ4Nw==&mid=2247579028&idx=1&sn=3d580b0d7ca47a7f72c3197a1199540b&chksm=9f8d259ca8faac8a4d409dfed08e3cc488bb728732fb1f7fb2472e8da2de36263fd911a68379&scene=58&subscene=0#rd) -- 迪哥讲事 - - [ ] [击穿星巴克获取 1 亿用户详细信息](https://mp.weixin.qq.com/s?__biz=MzIzMTIzNTM0MA==&mid=2247496850&idx=1&sn=11bd36bd686dd8f1a78ec89282a6c8ba&chksm=e8a5fef1dfd277e782b82e03c83068b26a37747c1e407b829945c4aa158c498973966d346b4f&scene=58&subscene=0#rd) + - [ ] [Continuous Threat Exposure Management e Cyber Risk Operation Center: Architettura Avanzata per la Cybersecurity](https://www.ictsecuritymagazine.com/articoli/continuous-threat-exposure-management-e-cyber-risk-operation-center/) - Krypt3ia - - [ ] [Threat Brief: Y2Q and the Convergence of AI Compute and Quantum Computing Power](https://krypt3ia.wordpress.com/2025/01/14/threat-brief-y2q-and-the-convergence-of-ai-compute-and-quantum-computing-power/) -- 360威胁情报中心 - - [ ] [近些年APT-C-60(伪猎者)组织使用的载荷分析](https://mp.weixin.qq.com/s?__biz=MzUyMjk4NzExMA==&mid=2247505493&idx=1&sn=2260fa98c61cff9236bfea3e11059200&chksm=f9c1e55cceb66c4a3a040aeb233338e2770de6a2c767b20e74a64934cc02ca6d9a1d122784c4&scene=58&subscene=0#rd) -- Over Security - Cybersecurity news aggregator - - [ ] [Microsoft: Happy 2025. Here’s 161 Security Updates](https://krebsonsecurity.com/2025/01/microsoft-happy-2025-heres-161-security-updates/) - - [ ] [Allstate car insurer sued for tracking drivers without permission](https://www.bleepingcomputer.com/news/legal/allstate-car-insurer-sued-for-tracking-drivers-without-permission/) - - [ ] [January Windows updates may fail if Citrix SRA is installed](https://www.bleepingcomputer.com/news/microsoft/january-windows-updates-may-fail-if-citrix-sra-is-installed/) - - [ ] [Microsoft Patch Tuesday for January 2025 — Snort rules and prominent vulnerabilities](https://blog.talosintelligence.com/january-patch-tuesday-release/) - - [ ] [WP3.XYZ malware attacks add rogue admins to 5,000+ WordPress sites](https://www.bleepingcomputer.com/news/security/wp3xyz-malware-attacks-add-rogue-admins-to-5-000-plus-wordpress-sites/) - - [ ] [US govt says North Korea stole over $659 million in crypto last year](https://www.bleepingcomputer.com/news/security/us-govt-says-north-korea-stole-over-659-million-in-crypto-last-year/) - - [ ] [DOJ deletes China-linked PlugX malware off more than 4,200 US computers](https://therecord.media/doj-deletes-china-linked-plugx-malware) - - [ ] [Windows 10 KB5049981 update released with new BYOVD blocklist](https://www.bleepingcomputer.com/news/microsoft/windows-10-kb5049981-update-released-with-new-byovd-blocklist/) - - [ ] [Justice Department and FBI Conduct International Operation to Delete Malware Used by China-Backed Hackers](https://flashpoint.io/blog/operation-to-delete-malware-used-by-china-backed-hackers/) - - [ ] [Microsoft January 2025 Patch Tuesday fixes 8 zero-days, 159 flaws](https://www.bleepingcomputer.com/news/microsoft/microsoft-january-2025-patch-tuesday-fixes-8-zero-days-159-flaws/) - - [ ] [Windows 11 KB5050009 & KB5050021 cumulative updates released](https://www.bleepingcomputer.com/news/microsoft/windows-11-kb5050009-and-kb5050021-cumulative-updates-released/) - - [ ] [Hegseth says debate over Cyber Command, NSA leadership would reach ‘conclusion’](https://therecord.media/pete-hegseth-confirmation-hearing-nsa-cybercom-dual-hat) - - [ ] [US issues final rule barring Chinese, Russian connected car tech](https://therecord.media/us-issues-rule-banning-chinese-russian-car-tech) - - [ ] [Google OAuth flaw lets attackers gain access to abandoned accounts](https://www.bleepingcomputer.com/news/security/google-oauth-flaw-lets-attackers-gain-access-to-abandoned-accounts/) - - [ ] [FBI wipes Chinese PlugX malware from over 4,000 US computers](https://www.bleepingcomputer.com/news/security/fbi-wipes-chinese-plugx-malware-from-over-4-000-us-computers/) - - [ ] [Tennessee-based mortgage lender confirms December cyberattack](https://therecord.media/tennessee-mortgage-lender-confirms-cyberattack) - - [ ] [Hackers use FastHTTP in new high-speed Microsoft 365 password attacks](https://www.bleepingcomputer.com/news/security/hackers-use-fasthttp-in-new-high-speed-microsoft-365-password-attacks/) - - [ ] [Connecticut city of West Haven assessing impact of cyberattack](https://therecord.media/west-haven-connecticut-city-government-cyberattack) - - [ ] [Fortinet warns of auth bypass zero-day exploited to hijack firewalls](https://www.bleepingcomputer.com/news/security/fortinet-warns-of-auth-bypass-zero-day-exploited-to-hijack-firewalls/) - - [ ] [Russia's largest platform for state procurement hit by cyberattack from pro-Ukraine group](https://therecord.media/russian-platform-for-state-procurement-hit-cyberattack) - - [ ] [Microsoft 365 apps crash on Windows Server after Office update](https://www.bleepingcomputer.com/news/microsoft/microsoft-365-apps-crash-on-windows-server-after-office-update/) - - [ ] [Russia warned its 'shadow fleet' could face action from NATO allies](https://therecord.media/baltic-nato-allies-warning-russia-shadow-fleet) - - [ ] [Analysis of Python's .pth files as a persistence mechanism](https://dfir.ch/posts/publish_python_pth_extension/) - - [ ] [Deadline Approaching for Rent 2 Own: Medusa Ransomware Threatens Data Release](https://www.suspectfile.com/deadline-approaching-for-rent-2-own-medusa-ransomware-threatens-data-release/) - - [ ] [Products and people are in place for CISA to succeed, agency’s departing No. 2 official says](https://therecord.media/nitin-natarajan-cisa-deputy-director-interview) - - [ ] [Threat Intelligence Pivoting: Actionable Insights Behind Indicators](https://any.run/cybersecurity-blog/threat-intelligence-pivoting/) - - [ ] [IntelBroker Unmasked: KELA’s In-Depth Analysis of a Cybercrime Leader](https://www.kelacyber.com/blog/intelbroker-unmasked-kelas-in-depth-analysis-of-a-cybercrime-leader/) - - [ ] [Hitchhiker’s Guide to Managed Security](https://blog.compass-security.com/2025/01/hitchhikers-guide-to-managed-security/) - - [ ] [How Barcelona became an unlikely hub for spyware startups](https://techcrunch.com/2025/01/13/how-barcelona-became-an-unlikely-hub-for-spyware-startups/) - - [ ] [UK proposes banning hospitals and schools from making ransomware payments](https://therecord.media/uk-proposes-banning-ransoms-hospitals) + - [ ] [Daily Krypt3ia Cyber Threat Intelligence Digest:](https://krypt3ia.wordpress.com/2025/01/16/daily-krypt3ia-cyber-threat-intelligence-daily-digest/) +- Blog on Shielder + - [ ] [Karmada Security Audit](https://www.shielder.com/blog/2025/01/karmada-security-audit/) +- 迪哥讲事 + - [ ] [垂直越权,你只会替换 COOKIE ?](https://mp.weixin.qq.com/s?__biz=MzIzMTIzNTM0MA==&mid=2247496878&idx=1&sn=da95b7064e7bdbbf53ae06a6b9df0f66&chksm=e8a5fecddfd277db713446ce20375d8d5ba31517f0fae716a2a6b9433fe0fcf2a8a56428ca89&scene=58&subscene=0#rd) + - [ ] [备考宝典来啦!华为ICT大赛实践赛真题解析丛书出版](https://mp.weixin.qq.com/s?__biz=MzIzMTIzNTM0MA==&mid=2247496878&idx=2&sn=04d8b2a71c966daf1e511947fc487d90&chksm=e8a5fecddfd277dbc517e73f975a682e6a45ebb4323c75f666e3bb644d0c29040bcdbd17f937&scene=58&subscene=0#rd) - SANS Internet Storm Center, InfoCON: green - - [ ] [Microsoft January 2025 Patch Tuesday, (Tue, Jan 14th)](https://isc.sans.edu/diary/rss/31590) -- 0x727开源安全团队 - - [ ] [“运营”本身是什么?(第十二章)](https://mp.weixin.qq.com/s?__biz=MzkwNTI3MjIyOQ==&mid=2247484125&idx=1&sn=7cf0877900e944a0253bb5351787b5c0&chksm=c0fb0c17f78c8501534fcb1249221aeec70210e176b476718cdb98fc8f77960b4a353b6f6ed9&scene=58&subscene=0#rd) -- The Register - Security - - [ ] [FBI wipes Chinese PlugX malware from thousands of Windows PCs in America](https://go.theregister.com/feed/www.theregister.com/2025/01/14/fbi_french_cops_boot_chinas/) - - [ ] [Snyk appears to deploy 'malicious' packages targeting Cursor for unknown reason](https://go.theregister.com/feed/www.theregister.com/2025/01/14/snyk_npm_deployment_removed/) - - [ ] [It's not just Big Tech: The UK's Online Safety Act applies across the board](https://go.theregister.com/feed/www.theregister.com/2025/01/14/online_safety_act/) - - [ ] [UK floats ransomware payout ban for public sector](https://go.theregister.com/feed/www.theregister.com/2025/01/14/uk_ransomware_payout_ban/) - - [ ] [Miscreants 'mass exploited' Fortinet firewalls, 'highly probable' zero-day used](https://go.theregister.com/feed/www.theregister.com/2025/01/14/miscreants_mass_exploited_fortinet_firewalls/) -- TorrentFreak - - [ ] [‘Notorious’ Pirate IPTV Service MagisTV Applies for US Trademark and Rebrands](https://torrentfreak.com/notorious-pirate-iptv-service-magistv-applies-for-us-trademark-and-rebrands-250114/) -- Silent Signal Techblog - - [ ] [Story of a Pentester Recruitment 2025](https://blog.silentsignal.eu/2025/01/14/pentester-recruitment-2025-mushroom/) -- Instapaper: Unread - - [ ] [FileVault and volume encryption explained](https://eclecticlight.co/2025/01/10/filevault-and-volume-encryption-explained/) - - [ ] [Windows Browser Forensics 101](https://belkasoft.com/windows-browser-forensics) - - [ ] [Windows Recycle Bin - The known and the unknown](https://bebinary4n6.blogspot.com/2025/01/windows-recycle-bin-known-and-unknown.html) - - [ ] [iPhone and iPad Acquisition Methods Yet Another Comparison](https://blog.elcomsoft.com/2025/01/iphone-and-ipad-acquisition-methods-yet-another-comparison/) -- The Hacker News - - [ ] [Microsoft Uncovers macOS Vulnerability CVE-2024-44243 Allowing Rootkit Installation](https://thehackernews.com/2025/01/microsoft-uncovers-macos-vulnerability.html) - - [ ] [Google OAuth Vulnerability Exposes Millions via Failed Startup Domains](https://thehackernews.com/2025/01/google-oauth-vulnerability-exposes.html) - - [ ] [4 Reasons Your SaaS Attack Surface Can No Longer be Ignored](https://thehackernews.com/2025/01/4-reasons-your-saas-attack-surface-can.html) - - [ ] [Illicit HuiOne Telegram Market Surpasses Hydra, Hits $24 Billion in Crypto Transactions](https://thehackernews.com/2025/01/illicit-huione-telegram-market.html) - - [ ] [Zero-Day Vulnerability Suspected in Attacks on Fortinet Firewalls with Exposed Interfaces](https://thehackernews.com/2025/01/zero-day-vulnerability-suspected-in.html) - - [ ] [Russian-Linked Hackers Target Kazakhstan in Espionage Campaign with HATVIBE Malware](https://thehackernews.com/2025/01/russian-linked-hackers-target.html) - - [ ] [CISA Adds Second BeyondTrust Flaw to KEV Catalog Amid Active Attacks](https://thehackernews.com/2025/01/cisa-adds-new-beyondtrust-flaw-to-kev.html) + - [ ] [Extracting Practical Observations from Impractical Datasets, (Thu, Jan 16th)](https://isc.sans.edu/diary/rss/31582) - Schneier on Security - - [ ] [Upcoming Speaking Engagements](https://www.schneier.com/blog/archives/2025/01/upcoming-speaking-engagements-42.html) - - [ ] [The First Password on the Internet](https://www.schneier.com/blog/archives/2025/01/the-first-password-on-the-internet.html) -- Technical Information Security Content & Discussion - - [ ] [Millions of Accounts Vulnerable due to Google’s OAuth Flaw](https://www.reddit.com/r/netsec/comments/1i1aam8/millions_of_accounts_vulnerable_due_to_googles/) - - [ ] [New Microsoft OLE Vulnerability, Exploitable via Email](https://www.reddit.com/r/netsec/comments/1i1ej02/new_microsoft_ole_vulnerability_exploitable_via/) - - [ ] [RCE in rsync, CVE-2024-12084 (and 5 more vulnerabilities)](https://www.reddit.com/r/netsec/comments/1i1ike5/rce_in_rsync_cve202412084_and_5_more/) - - [ ] [Over 5,000 WordPress sites caught in WP3.XYZ malware attack](https://www.reddit.com/r/netsec/comments/1i15afl/over_5000_wordpress_sites_caught_in_wp3xyz/) - - [ ] [Story of a Pentester Recruitment 2025](https://www.reddit.com/r/netsec/comments/1i16q95/story_of_a_pentester_recruitment_2025/) - - [ ] [Laser Fault Injection on a Budget: RP2350 Edition](https://www.reddit.com/r/netsec/comments/1i1fm6j/laser_fault_injection_on_a_budget_rp2350_edition/) - - [ ] [Threat actors exploit a probable 0-day in exposed management consoles of Fortinet FortiGate firewalls](https://www.reddit.com/r/netsec/comments/1i12s72/threat_actors_exploit_a_probable_0day_in_exposed/) - - [ ] [Command Line Underdog: WMIC in Action -- How to use wmic as an alternate shell in a pinch](https://www.reddit.com/r/netsec/comments/1i19m6a/command_line_underdog_wmic_in_action_how_to_use/) + - [ ] [FBI Deletes PlugX Malware from Thousands of Computers](https://www.schneier.com/blog/archives/2025/01/fbi-deletes-plugx-malware-from-thousands-of-computers.html) +- Full Disclosure + - [ ] [CVE-2024-48463](https://seclists.org/fulldisclosure/2025/Jan/6) + - [ ] [CyberDanube Security Research 20250107-0 | Multiple Vulnerabilities in ABB AC500v3](https://seclists.org/fulldisclosure/2025/Jan/5) + - [ ] [Certified Asterisk Security Release certified-20.7-cert4](https://seclists.org/fulldisclosure/2025/Jan/7) + - [ ] [Certified Asterisk Security Release certified-18.9-cert13](https://seclists.org/fulldisclosure/2025/Jan/4) + - [ ] [Asterisk Security Release 22.1.1](https://seclists.org/fulldisclosure/2025/Jan/3) + - [ ] [Asterisk Security Release 18.26.1](https://seclists.org/fulldisclosure/2025/Jan/2) + - [ ] [[asterisk-dev] Asterisk Security Release 21.6.1](https://seclists.org/fulldisclosure/2025/Jan/1) + - [ ] [[asterisk-dev] Asterisk Security Release 20.11.1](https://seclists.org/fulldisclosure/2025/Jan/0) +- TorrentFreak + - [ ] [Poppy Playtime Sues Google for Failing to Remove Copyright Infringing ‘Scam’ Apps](https://torrentfreak.com/poppy-playtime-sues-google-for-failing-to-remove-copyright-infringing-scam-apps-250116/) - Deeplinks - - [ ] [Platforms Systematically Removed a User Because He Made "Most Wanted CEO" Playing Cards](https://www.eff.org/deeplinks/2025/01/platforms-systematically-removed-user-because-he-made-most-wanted-ceo-playing) -- Information Security - - [ ] [¿Alguien sabe donde puedo conseguir alguna pagina/links para descargar virus/troyanos/spywares a propósito?](https://www.reddit.com/r/Information_Security/comments/1i10r2b/alguien_sabe_donde_puedo_conseguir_alguna/) + - [ ] [Systemic Risk Reporting: A System in Crisis?](https://www.eff.org/deeplinks/2025/01/systemic-risk-reporting-system-crisis) +- 洞源实验室 + - [ ] [企业信息化建设的探索与实践](https://mp.weixin.qq.com/s?__biz=Mzg4Nzk3MTg3MA==&mid=2247487704&idx=1&sn=c180012e3a4418e25b760a61aeccacdc&chksm=cf8319a9f8f490bfd408a4cef87a0500e53bf20076190d3a9ac2b53d1a8aebda09b4d74307cf&scene=58&subscene=0#rd) +- Have I Been Pwned latest breaches + - [ ] [Le Coq Sportif Columbia - 79,712 breached accounts](https://haveibeenpwned.com/PwnedWebsites#LeCoqSportif) +- Your Open Hacker Community + - [ ] [How to find someone email](https://www.reddit.com/r/HowToHack/comments/1i2oo3o/how_to_find_someone_email/) + - [ ] [[ Removed by Reddit ]](https://www.reddit.com/r/HowToHack/comments/1i2m4hc/removed_by_reddit/) + - [ ] [Interested in learning batch](https://www.reddit.com/r/HowToHack/comments/1i2jqgm/interested_in_learning_batch/) + - [ ] [Getting an email](https://www.reddit.com/r/HowToHack/comments/1i2fna5/getting_an_email/) +- Technical Information Security Content & Discussion + - [ ] [How to Create Vulnerable-Looking Endpoints to Detect and Mislead Attackers](https://www.reddit.com/r/netsec/comments/1i2tizr/how_to_create_vulnerablelooking_endpoints_to/) + - [ ] [Microsoft Configuration Manager (ConfigMgr / SCCM) 2403 Unauthenticated SQL injections (CVE-2024-43468)](https://www.reddit.com/r/netsec/comments/1i2vo90/microsoft_configuration_manager_configmgr_sccm/) + - [ ] [The Role of Emulators in OT Research](https://www.reddit.com/r/netsec/comments/1i2x0vx/the_role_of_emulators_in_ot_research/) + - [ ] [Karmada Security Audit - Shielder](https://www.reddit.com/r/netsec/comments/1i2sbk4/karmada_security_audit_shielder/) + - [ ] [PoC for CVE-2025-0282 published (Ivanti Connect Secure stack bof)](https://www.reddit.com/r/netsec/comments/1i2te2v/poc_for_cve20250282_published_ivanti_connect/) + - [ ] [A publicly available OpenCTI connector for IoC analysis FOSS tool](https://www.reddit.com/r/netsec/comments/1i2ymf3/a_publicly_available_opencti_connector_for_ioc/) - Computer Forensics - - [ ] [Trying to find how data was moved off a company computer](https://www.reddit.com/r/computerforensics/comments/1i1bera/trying_to_find_how_data_was_moved_off_a_company/) - - [ ] [Strange Request but anyone have any recommendation for Furniture/Layout for lab environment they enjoy?](https://www.reddit.com/r/computerforensics/comments/1i1b1hs/strange_request_but_anyone_have_any/) - - [ ] [FYI: Free Enterprise licenses for data recovery professionals from Disk Drill](https://www.reddit.com/r/computerforensics/comments/1i18at1/fyi_free_enterprise_licenses_for_data_recovery/) - - [ ] [How to capture and decrypt packets from an iPhone AND use the microphone](https://www.reddit.com/r/computerforensics/comments/1i0wbgh/how_to_capture_and_decrypt_packets_from_an_iphone/) -- netsecstudents: Subreddit for students studying Network Security and its related subjects - - [ ] [Need residential network security consultant in Dallas area](https://www.reddit.com/r/netsecstudents/comments/1i1553g/need_residential_network_security_consultant_in/) + - [ ] [Can you run memory forensics using Kolide?](https://www.reddit.com/r/computerforensics/comments/1i2g8a1/can_you_run_memory_forensics_using_kolide/) +- Information Security + - [ ] [Hey guys can I ask you a question?](https://www.reddit.com/r/Information_Security/comments/1i2z2li/hey_guys_can_i_ask_you_a_question/) + - [ ] [ALERT: Phishers use fake online shops with surveys to steal users’ credit card information](https://www.reddit.com/r/Information_Security/comments/1i2tran/alert_phishers_use_fake_online_shops_with_surveys/) +- Deep Web + - [ ] [If someone wanted to find soon to be released ebooks...what sites would you look first?](https://www.reddit.com/r/deepweb/comments/1i2utii/if_someone_wanted_to_find_soon_to_be_released/) +- Security Affairs + - [ ] [Prominent US law firm Wolf Haldenstein disclosed a data breach](https://securityaffairs.com/173150/data-breach/us-law-firm-wolf-haldenstein-data-breach.html) + - [ ] [Clop Ransomware exploits Cleo File Transfer flaw: dozens of claims, disputed breaches](https://securityaffairs.com/173135/cyber-crime/clop-ransomware-gang-claims-hack-of-cleo-file-transfer-customers.html) + - [ ] [MikroTik botnet relies on DNS misconfiguration to spread malware](https://securityaffairs.com/173126/hacking/13000-device-mikrotik-botnet-exploiting-dns-flaws.html) + - [ ] [Threat actor leaked config files and VPN passwords for over Fortinet Fortigate devices](https://securityaffairs.com/173111/cyber-crime/fortinet-fortigate-devices-data-leak.html) - Krebs on Security - - [ ] [Microsoft: Happy 2025. Here’s 161 Security Updates](https://krebsonsecurity.com/2025/01/microsoft-happy-2025-heres-161-security-updates/) -- Blackhat Library: Hacking techniques and research - - [ ] [Infostealer Logs to Fuel a New Wave of AWS Ransomware Attacks](https://www.reddit.com/r/blackhat/comments/1i12gdl/infostealer_logs_to_fuel_a_new_wave_of_aws/) -- Your Open Hacker Community - - [ ] [Best course for beginner in hacking and cyber security](https://www.reddit.com/r/HowToHack/comments/1i14y6e/best_course_for_beginner_in_hacking_and_cyber/) - - [ ] [Trying to figure out how to pull email addresses and stuff, wanna know how to do that](https://www.reddit.com/r/HowToHack/comments/1i1jdgb/trying_to_figure_out_how_to_pull_email_addresses/) - - [ ] [best ethical Wi-Fi info stealer you can try and also with a gui](https://www.reddit.com/r/HowToHack/comments/1i1i672/best_ethical_wifi_info_stealer_you_can_try_and/) - - [ ] [What's the best way to learn how to start hacking?](https://www.reddit.com/r/HowToHack/comments/1i1afyv/whats_the_best_way_to_learn_how_to_start_hacking/) - - [ ] [Would like some tips](https://www.reddit.com/r/HowToHack/comments/1i1bpxm/would_like_some_tips/) - - [ ] [Access MSSQL DB with lost password?](https://www.reddit.com/r/HowToHack/comments/1i15n6b/access_mssql_db_with_lost_password/) - - [ ] [Name Suggestion:](https://www.reddit.com/r/HowToHack/comments/1i0ytwo/name_suggestion/) - - [ ] [What I should learn about ethical hacking? Or Kali Linux](https://www.reddit.com/r/HowToHack/comments/1i16afj/what_i_should_learn_about_ethical_hacking_or_kali/) - - [ ] [What are some sql queries to bypass login](https://www.reddit.com/r/HowToHack/comments/1i0zuvl/what_are_some_sql_queries_to_bypass_login/) - - [ ] [Need help making a copy of my college id card](https://www.reddit.com/r/HowToHack/comments/1i0weja/need_help_making_a_copy_of_my_college_id_card/) - - [ ] [how can i spoof my mac address on a chromebook? (not school issued)](https://www.reddit.com/r/HowToHack/comments/1i0wr9f/how_can_i_spoof_my_mac_address_on_a_chromebook/) - - [ ] [[ Removed by Reddit ]](https://www.reddit.com/r/HowToHack/comments/1i0syrn/removed_by_reddit/) + - [ ] [Chinese Innovations Spawn Wave of Toll Phishing Via SMS](https://krebsonsecurity.com/2025/01/chinese-innovations-spawn-wave-of-toll-phishing-via-sms/) - Hacking Exposed Computer Forensics Blog - - [ ] [Daily Blog #717: Getting free Azure credits for testing](https://www.hecfblog.com/2025/01/daily-blog-717-getting-free-azure.html) -- Security Weekly Podcast Network (Audio) - - [ ] [Smishing, Beyond Trust, CryptoReligion, Aviatrix, Azure, Josh Marpet, and more... - SWN #442](http://sites.libsyn.com/18678/smishing-beyond-trust-cryptoreligion-aviatrix-azure-josh-marpet-and-more-swn-442) - - [ ] [Discussing Useful Security Requirements with Developers - Ixchel Ruiz - ASW #313](http://sites.libsyn.com/18678/discussing-useful-security-requirements-with-developers-ixchel-ruiz-asw-313) + - [ ] [Daily Blog #719: Installing project adaz](https://www.hecfblog.com/2025/01/daily-blog-719-installing-project-adaz.html) +- The Hacker News + - [ ] [Russian Star Blizzard Shifts Tactics to Exploit WhatsApp QR Codes for Credential Harvesting](https://thehackernews.com/2025/01/russian-star-blizzard-shifts-tactics-to.html) + - [ ] [Ready to Simplify Trust Management? Join Free Webinar to See DigiCert ONE in Action](https://thehackernews.com/2025/01/ready-to-simplify-trust-management-join.html) + - [ ] [The $10 Cyber Threat Responsible for the Biggest Breaches of 2024](https://thehackernews.com/2025/01/the-10-cyber-threat-responsible-for.html) + - [ ] [New UEFI Secure Boot Vulnerability Could Allow Attackers to Load Malicious Bootkits](https://thehackernews.com/2025/01/new-uefi-secure-boot-vulnerability.html) + - [ ] [Researchers Find Exploit Allowing NTLMv1 Despite Active Directory Restrictions](https://thehackernews.com/2025/01/researchers-find-exploit-allowing.html) + - [ ] [Hackers Hide Malware in Images to Deploy VIP Keylogger and 0bj3ctivity Stealer](https://thehackernews.com/2025/01/hackers-hide-malware-in-images-to.html) + - [ ] [Python-Based Malware Powers RansomHub Ransomware to Exploit Network Flaws](https://thehackernews.com/2025/01/python-based-malware-powers-ransomhub.html) + - [ ] [Researcher Uncovers Critical Flaws in Multiple Versions of Ivanti Endpoint Manager](https://thehackernews.com/2025/01/researcher-uncovers-critical-flaws-in.html) +- Graham Cluley + - [ ] [Smashing Security podcast #400: Hacker games, AI travel surveillance, and 25 years of IoT](https://grahamcluley.com/smashing-security-podcast-400/) +- Social Engineering + - [ ] [Richard Madeley: Homeowner & Homeless Skeptic](https://www.reddit.com/r/SocialEngineering/comments/1i2wr0q/richard_madeley_homeowner_homeless_skeptic/) + - [ ] [How to effectively persuade businesses to collaborate with you?](https://www.reddit.com/r/SocialEngineering/comments/1i2hv9a/how_to_effectively_persuade_businesses_to/) +- The Register - Security + - [ ] [Russia's Star Blizzard phishing crew caught targeting WhatsApp accounts](https://go.theregister.com/feed/www.theregister.com/2025/01/16/russia_star_blizzard_whatsapp/) + - [ ] [Enzo Biochem settles lawsuit over 2023 ransomware attack for $7.5M](https://go.theregister.com/feed/www.theregister.com/2025/01/16/enzo_biochem_ransomware_lawsuit/) + - [ ] [Cybersecurity rethink - from reaction to resilience](https://go.theregister.com/feed/www.theregister.com/2025/01/16/cybersecurity_rethink_from_reaction_to/) + - [ ] [Raspberry Pi hands out prizes to all in the RP2350 Hacking Challenge](https://go.theregister.com/feed/www.theregister.com/2025/01/16/raspberry_pi_awards_prizes_for/) + - [ ] [Infoseccer: Private security biz let guard down, exposed 120K+ files](https://go.theregister.com/feed/www.theregister.com/2025/01/16/private_security_biz_lets_guard/) From 06275376c06476bf1c83840bbcb741409d717948 Mon Sep 17 00:00:00 2001 From: chainreactorbot Date: Sun, 19 Jan 2025 02:49:44 +0000 Subject: [PATCH 13/29] =?UTF-8?q?=E6=AF=8F=E6=97=A5=E5=AE=89=E5=85=A8?= =?UTF-8?q?=E8=B5=84=E8=AE=AF=EF=BC=882025-01-19=EF=BC=89?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- archive/daily/2025/2025-01-19.md | 291 +++++++++++++ archive/tmp/2025-01-19.json | 335 +++++++++++++++ today.md | 678 +++++++++++++------------------ 3 files changed, 898 insertions(+), 406 deletions(-) create mode 100644 archive/daily/2025/2025-01-19.md create mode 100644 archive/tmp/2025-01-19.json diff --git a/archive/daily/2025/2025-01-19.md b/archive/daily/2025/2025-01-19.md new file mode 100644 index 0000000000..1c9a9e5c62 --- /dev/null +++ b/archive/daily/2025/2025-01-19.md @@ -0,0 +1,291 @@ +# 每日安全资讯(2025-01-19) + +- 博客园 - potatso + - [ ] [linux实现macos的timeMachine系统备份 - potatso](https://www.cnblogs.com/potatso/p/18678521) + - [ ] [btrfs文件系统从原理到实践 [1] - potatso](https://www.cnblogs.com/potatso/p/18678520) + - [ ] [Git三路合并算法完全指南:优雅处理复杂冲突[2] - potatso](https://www.cnblogs.com/potatso/p/18678518) +- SecWiki News + - [ ] [SecWiki News 2025-01-18 Review](http://www.sec-wiki.com/?2025-01-18) +- Doonsec's feed + - [ ] [软考信安(六)](https://mp.weixin.qq.com/s?__biz=MzkzMjYzOTc5NQ==&mid=2247484676&idx=1&sn=2198cc3fdd3be060e0584d88e273e056) + - [ ] [北美最大戒毒服务提供商BayMark遭遇数据泄露,患者信息被窃取!](https://mp.weixin.qq.com/s?__biz=MzA4NTY4MjAyMQ==&mid=2447900070&idx=1&sn=420bed34960782ce611eeb302ec48440) + - [ ] [【PWN】Edit堆溢出2.23无show函数](https://mp.weixin.qq.com/s?__biz=Mzk0NDYwOTcxNg==&mid=2247485181&idx=1&sn=9eb1f4bf24e5e5ff17f484fad2c76691) + - [ ] [2025最新黑客战争片?](https://mp.weixin.qq.com/s?__biz=MzI1Mjc3NTUwMQ==&mid=2247538493&idx=1&sn=83c7a157ccbf14e9d5b62fb6239744ba) + - [ ] [API BOM - ASPM数据关联分析纽带](https://mp.weixin.qq.com/s?__biz=MzI2NTExNzcxNQ==&mid=2247484361&idx=1&sn=8e472a7a51b24dacdf95759c0a58c4a8) + - [ ] [一款在线的免杀平台](https://mp.weixin.qq.com/s?__biz=MzU2MTc4NTEyNw==&mid=2247486329&idx=1&sn=63f5ee9fd1c43c3f8d3e3c6a5447df48) + - [ ] [《网信自主创新调研报告》编委会召开表彰大会](https://mp.weixin.qq.com/s?__biz=MzkxMzI3MzMwMQ==&mid=2247530967&idx=1&sn=6559955674ede872a826301fb8faea5b) + - [ ] [通过“Typora + PicGo + 腾讯云” 组合方法解决发布图片显示失效的问题](https://mp.weixin.qq.com/s?__biz=Mzk1NzI2NDQyMw==&mid=2247484256&idx=1&sn=398751629c02160c7518f9fe44341c1e) + - [ ] [Win11中安装Linux 教程 | WSL2的使用](https://mp.weixin.qq.com/s?__biz=MzkyMTQzNTM3Ng==&mid=2247483872&idx=1&sn=1773552c6cc692fb98d3963804a03aa9) + - [ ] [CTFSHOW渗透赛(复盘+思路延伸)](https://mp.weixin.qq.com/s?__biz=Mzg3OTUxNTU2NQ==&mid=2247489995&idx=1&sn=d62c2abc72ea72681037cb84feaea5b2) + - [ ] [vulnhub靶场【jangow靶机】,反弹shell的流量及端口选择](https://mp.weixin.qq.com/s?__biz=Mzg3OTUxNTU2NQ==&mid=2247489995&idx=2&sn=a6509021c8a5f578f22b978a23bffcf3) + - [ ] [银狐叒进化?清理不掉!一线应急响应工程师教你如何手工处理](https://mp.weixin.qq.com/s?__biz=Mzg3OTUxNTU2NQ==&mid=2247489995&idx=3&sn=34f8cda58fa253c24141b98c5589294a) + - [ ] [linux下配置python环境及库的安装](https://mp.weixin.qq.com/s?__biz=MzkzMzg3MzMyOA==&mid=2247486352&idx=1&sn=2a8faaf26319ca2e72b856efc8d613e7) + - [ ] [图解正向代理 vs 反向代理:到底有啥区别?](https://mp.weixin.qq.com/s?__biz=MzIyMzIwNzAxMQ==&mid=2649464547&idx=1&sn=f0c26c998e650cb170914046e7ed5ee4) + - [ ] [整合重新发布社区链接](https://mp.weixin.qq.com/s?__biz=MzkyNzYzNTQ2Nw==&mid=2247484042&idx=1&sn=336335efd991b9e11cab091ae61af2c6) + - [ ] [春秋杯WP | 2024春秋杯冬季赛第二天题目部分解析](https://mp.weixin.qq.com/s?__biz=MzkyNDA5NjgyMg==&mid=2247501228&idx=1&sn=4386f7eff6698e6921d12895041c9a18) + - [ ] [开源情报|国际动态|杂谈|TikTok美国封禁临近](https://mp.weixin.qq.com/s?__biz=Mzg2NTcyNjU4Nw==&mid=2247485864&idx=1&sn=1757546545462e16ba7e3a3e8b1f8688) + - [ ] [防范无人机系统(UAS)的威胁](https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247619741&idx=1&sn=fc226e9fa0bb08ad8cb89ee9b82522c7) + - [ ] [IDEA研究院:低空经济发展白皮书3.0-安全体系](https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247619741&idx=2&sn=9a281d31052b030cd47367f8938ba503) + - [ ] [低空经济启航,安全体系护航 低空经济网络安全体系化研究报告](https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247619741&idx=3&sn=7c3ab501fef20b76c4df35a1321f4b01) + - [ ] [Linux服务器中毒?教你一步步精准判断和快速处置!](https://mp.weixin.qq.com/s?__biz=MzUyNTExOTY1Nw==&mid=2247527911&idx=1&sn=8705fa0202976a1f106844025794d83c) + - [ ] [vulnhub靶场【Lampiao靶机】,提权之脏牛提权](https://mp.weixin.qq.com/s?__biz=MzAxNTg1MDYxNA==&mid=2247488884&idx=1&sn=e27d1ae2b776c935534dcebc4a7c3f1f) + - [ ] [TikTok基本没事了,都洗洗睡吧。](https://mp.weixin.qq.com/s?__biz=MzU4NDY3MTk2NQ==&mid=2247491029&idx=1&sn=994f4cf99c69bdca9d7b715d4df0d361) + - [ ] [挖掘有回显ssrf的一类隐藏payload](https://mp.weixin.qq.com/s?__biz=MzIzMTIzNTM0MA==&mid=2247496898&idx=1&sn=b6088e20a8b4fc9fbd887b900d8c5247) + - [ ] [$40,000!如何将路径遍历升级为RCE!](https://mp.weixin.qq.com/s?__biz=Mzg2ODYxMzY3OQ==&mid=2247518264&idx=1&sn=6823adc5590ea93b5292ad7b512fc377) + - [ ] [SRC专项知识库](https://mp.weixin.qq.com/s?__biz=Mzg2ODYxMzY3OQ==&mid=2247518264&idx=2&sn=92373e928418b034514387314198c93b) + - [ ] [深度揭秘SerializeJava:JAVA序列化的全能图形化利器](https://mp.weixin.qq.com/s?__biz=Mzk2NDE3NDUwNg==&mid=2247483806&idx=1&sn=79e10fffa2731ee08f850b85376b73e0) + - [ ] [推荐一款国产开源 IoT 物联网Web云组态,基于RuoYi框架和threeJS支持2D/3D大屏!](https://mp.weixin.qq.com/s?__biz=MjM5OTA4MzA0MA==&mid=2454936626&idx=1&sn=893d191291ac047b22c0fc96c5e9d837) + - [ ] [2025特朗普官宣的暴富神话!揭露 MeMe: $TRUMP 疑云](https://mp.weixin.qq.com/s?__biz=MzkwODI1ODgzOA==&mid=2247506575&idx=1&sn=bf017b2d8232732cd139ea4466043034) + - [ ] [木马反制技巧](https://mp.weixin.qq.com/s?__biz=MzkzNTYwMTk4Mw==&mid=2247488211&idx=1&sn=a4a634096a3ea78aa825239e2869897b) + - [ ] [x64 返回地址欺骗](https://mp.weixin.qq.com/s?__biz=MzAxODM5ODQzNQ==&mid=2247486365&idx=1&sn=59b5d17aa8bcd8631da39637f55d722d) + - [ ] [涉案2000万!网警成功侦破一起特大“造谣引流”网络水军案](https://mp.weixin.qq.com/s?__biz=MzA5MzU5MzQzMA==&mid=2652114079&idx=1&sn=a7d5e08a27ad369af030953529245b83) + - [ ] [21123_ctfshow_misc_原谅2xa0writeup](https://mp.weixin.qq.com/s?__biz=MzU2NzIzNzU4Mg==&mid=2247489496&idx=1&sn=40b774a412a25cde44f211e5c7716a78) + - [ ] [缘分稀薄寡淡 亲爱的 后会无期](https://mp.weixin.qq.com/s?__biz=MzkyMDY1MDI3OA==&mid=2247483792&idx=1&sn=972700e1efd505ff5174aeae2c49c989) + - [ ] [保姆级教学之sqli-labs(less39-53)](https://mp.weixin.qq.com/s?__biz=Mzk1NzQwNjQ4Ng==&mid=2247484497&idx=1&sn=3724e7de301b44949a32f68413fd58e5) + - [ ] [一次应急响应中的Windows Rootkit对抗](https://mp.weixin.qq.com/s?__biz=MzkyOTc0NDY2Nw==&mid=2247484591&idx=1&sn=1c0754974f5680a49f8844cc588eaab0) + - [ ] [SSRF](https://mp.weixin.qq.com/s?__biz=MzkwMjU5MzgzMQ==&mid=2247485221&idx=1&sn=fb4cf74dd862bc8792a0af77a45d1bdc) + - [ ] [在看 | 周报:浙江省国家安全机关破获境外间谍案;腾讯协助警方破获木马盗窃游戏账号案;江苏男子利用小程序Bug逃匿28万加油费](https://mp.weixin.qq.com/s?__biz=MzU5ODgzNTExOQ==&mid=2247634732&idx=1&sn=ae1ec8af39e315727dafdde90a2a4a6b) + - [ ] [在看 | 厂商:本周热门网络安全产业动态](https://mp.weixin.qq.com/s?__biz=MzU5ODgzNTExOQ==&mid=2247634732&idx=2&sn=d9b9e282392fc8e2701eae8eccae5e62) + - [ ] [【代码审计】WeGIA 存在前台任意文件上传漏洞 (RCE)](https://mp.weixin.qq.com/s?__biz=Mzg4MTkwMTI5Mw==&mid=2247488622&idx=1&sn=baced76f27759525c3de42cb9abd4668) + - [ ] [强力工具助你一臂之力:XXECheck–全面提升XML安全,防护XXE漏洞!](https://mp.weixin.qq.com/s?__biz=MzkzNzg4MTI0NQ==&mid=2247485359&idx=1&sn=fc0b810b0174b166b92e61fedd91fe77) + - [ ] [论坛·原创 | 特朗普第二任期美国科技外交战略展望](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235038&idx=1&sn=0985e935a77d468c9918194fcdac28b3) + - [ ] [【直卖实拍】北七家3居变4居豪装,理想楼层、户型、朝向](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485427&idx=2&sn=6b5126bf0393fde06a71c2cd046ee078) + - [ ] [【干货】笑傲职场的独家经验(1)](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485427&idx=3&sn=f03a3ae9e761fb7b6b3209a375353ff2) + - [ ] [【干货原创】实网攻防演习常态化,会带来什么变化01](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485427&idx=4&sn=160e2c5b73ca979cc0c8201d479c0362) + - [ ] [【干货原创】K12教育,鲜为人知的模式秘密](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485427&idx=5&sn=4d67208c0f0ef67418c9311336b301b2) + - [ ] [原创文章目录](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485427&idx=6&sn=54232a5bcf1946b2e632e2047a8b2dfd) + - [ ] [【安全圈】高危!rsync被爆出多个安全漏洞](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067460&idx=1&sn=7e41cdf5b76e20186089903f7171a588) + - [ ] [【安全圈】国家互联网应急中心通报两起美方对我国网络攻击事件](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067460&idx=2&sn=1eeea145994ab308cf3f78f1ca987a19) + - [ ] [【安全圈】网络安全态势研判分析报告 (2024年12月)](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067460&idx=3&sn=86d02f407c0e151d308f83282274bf31) + - [ ] [独特上篮方式突破短信发送限制上分 (企业src意外之喜系列第六集)](https://mp.weixin.qq.com/s?__biz=MzkyNDQ5NDM3OA==&mid=2247484006&idx=1&sn=93736f0bca7b3de26866dfae3775651b) + - [ ] [DVWA漏洞靶场通关手册(万字图文解析)](https://mp.weixin.qq.com/s?__biz=MzkxNjg3NTQ4NA==&mid=2247485767&idx=1&sn=93b546f9ce1febe8901087238dc96ee7) + - [ ] [方正畅享全媒体新闻采编系统 reportCenter.do SQL注入漏洞](https://mp.weixin.qq.com/s?__biz=MzkzMTcwMTg1Mg==&mid=2247490256&idx=1&sn=86fcd7775b4baa4c1dfe975633d73730) + - [ ] [智能座舱架构与芯片- 显示篇](https://mp.weixin.qq.com/s?__biz=MzIzOTc2OTAxMg==&mid=2247549130&idx=1&sn=4983ee3542adee5a9c44607ee12297ed) + - [ ] [舍弗勒与小鹏汇天签订飞行汽车动力量产协议](https://mp.weixin.qq.com/s?__biz=MzIzOTc2OTAxMg==&mid=2247549130&idx=2&sn=5be423869800bfc4aaa2ad9b0a78d086) + - [ ] [CVE-2024-53704|SonicOS SSLVPN认证绕过漏洞](https://mp.weixin.qq.com/s?__biz=Mzg2ODcxMjYzMA==&mid=2247485778&idx=1&sn=f2bab6ffd22425efb72f8b20eeeab29b) + - [ ] [CVE-2024-55591|FortiOS和FortiProxy身份认证绕过漏洞(POC)](https://mp.weixin.qq.com/s?__biz=Mzg2ODcxMjYzMA==&mid=2247485778&idx=2&sn=691f85f7d7a345f2ed5607454b84333b) + - [ ] [欢迎报名!u200b“系统0day安全”系列课程:掌握漏洞挖掘重要技能](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458588749&idx=1&sn=c07163014dddf5e352e4f3683251b0d4) + - [ ] [PWN入门:误入格式化字符串漏洞](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458588749&idx=2&sn=6fc809be9ede10a46f7d204c536cd5bf) + - [ ] [b站大事件!员工代码费尽心机前端投毒竟是为了……喷网友!](https://mp.weixin.qq.com/s?__biz=Mzk0MDY2NTY5Mw==&mid=2247485587&idx=1&sn=b807ce1fae02aa546b49dcaba6635485) + - [ ] [方正畅享全媒体新闻采编系统 screen.do SQL注入漏洞](https://mp.weixin.qq.com/s?__biz=MzkzMTcwMTg1Mg==&mid=2247490248&idx=1&sn=1eba3e69ef0279c4fc7796abe9ca32c6) + - [ ] [网警解密“黄牛”抢票“开挂秘籍”](https://mp.weixin.qq.com/s?__biz=MjM5MzMwMDU5NQ==&mid=2649170310&idx=1&sn=3de41d277ca4e38f14488d237c44844a) + - [ ] [警惕利用人工智能技术绕过图形类验证机制的新型犯罪手法](https://mp.weixin.qq.com/s?__biz=MjM5MzMwMDU5NQ==&mid=2649170310&idx=2&sn=b87113a571fafe09a5f367f860da70ac) + - [ ] [关于利用人工智能技术绕过图形类验证机制新型犯罪手法预警通报;|2025年首个满分漏洞,PoC已公布,可部署后门](https://mp.weixin.qq.com/s?__biz=MzAxMjE3ODU3MQ==&mid=2650606788&idx=1&sn=1d92761760abe35316e9dcf0f7bc34f5) + - [ ] [威胁情报的五个大坑](https://mp.weixin.qq.com/s?__biz=MzAxMjE3ODU3MQ==&mid=2650606788&idx=2&sn=484daf0b2994e2f714d24e5a26157cf2) + - [ ] [记一次从任意文件下载到getshell](https://mp.weixin.qq.com/s?__biz=MzAxMjE3ODU3MQ==&mid=2650606788&idx=3&sn=aaf92b43e956eaffc7241caf6886f23c) + - [ ] [Telegram中进行开源情报调查的高级插件](https://mp.weixin.qq.com/s?__biz=MzAxMjE3ODU3MQ==&mid=2650606788&idx=4&sn=1aa5faf3a41536f88bb7bb582e4d5a50) + - [ ] [【吃瓜】u200b好消息,发年终奖了!坏消息,是员工给公司发的!](https://mp.weixin.qq.com/s?__biz=MzAwMjQ2NTQ4Mg==&mid=2247496665&idx=1&sn=6063f45192263e8c1f815ea46581b3a5) + - [ ] [【学习经验分享】给准大学生的CS-学习路线](https://mp.weixin.qq.com/s?__biz=MzAwMjQ2NTQ4Mg==&mid=2247496665&idx=2&sn=3643759c625630dbed305166d77df167) + - [ ] [第八届西湖论剑·中国杭州网络安全安全技能大赛CTF夺旗赛PWN题部分题解](https://mp.weixin.qq.com/s?__biz=Mzk1NzE2Mjc5Mg==&mid=2247484167&idx=1&sn=6806195fc3e8995d3b15490fa64323ba) + - [ ] [喵苗安全专家组推荐的40个云原生安全RSS订阅源](https://mp.weixin.qq.com/s?__biz=Mzg5MjkwODc4MA==&mid=2247485914&idx=1&sn=e83a2e64c022f8340af0b0598edecd30) + - [ ] [小心!“间谍”正在潜入你的手机](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235038&idx=3&sn=8d7fbaf443b0a9525f6d4b1be446e0a2) + - [ ] [密评科普系列(一)——什么是商业密码?](https://mp.weixin.qq.com/s?__biz=MzI5NTM4OTQ5Mg==&mid=2247633889&idx=2&sn=d7f62b2504acb3f1a969fe71fc163630) + - [ ] [专家解读 | 强化数据标注基地引领作用 带动数据标注产业高质量发展](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235038&idx=2&sn=faf2a988fedc8924e65ab9c9bcbbafa5) + - [ ] [国际 | 越南个人数据跨境传输规则](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235038&idx=4&sn=d5d670e02e6690a029cf91ba98894c4b) + - [ ] [微信支付存漏洞?用户被异地刷脸支付成功,官方回应](https://mp.weixin.qq.com/s?__biz=MzI5NTM4OTQ5Mg==&mid=2247633889&idx=5&sn=0eaed00ffbd92d4c0652fd3e9340e6f4) + - [ ] [美国商务部十年战略规划公布,致力维护国家安全](https://mp.weixin.qq.com/s?__biz=MzI1OTExNDY1NQ==&mid=2651618687&idx=1&sn=982c6522eca5a4b53edea248ad0f7414) + - [ ] [【工具】全球有组织犯罪指数](https://mp.weixin.qq.com/s?__biz=MzI2MTE0NTE3Mw==&mid=2651148608&idx=1&sn=dcde5ba6b230d8fa0b9ffbd97091e78a) + - [ ] [【资料】拜登告别演讲](https://mp.weixin.qq.com/s?__biz=MzI2MTE0NTE3Mw==&mid=2651148608&idx=2&sn=03f1e0c2e178ad80175a035485141a01) + - [ ] [奇安信:被禁 3 年!!](https://mp.weixin.qq.com/s?__biz=MzkxMzMyNzMyMA==&mid=2247569813&idx=1&sn=ab6a255c9dd15cdb7906c67e2fbece7a) + - [ ] [如何用 Wireshark 高效过滤 TCP 数据流](https://mp.weixin.qq.com/s?__biz=MzA5NTUxODA0OA==&mid=2247493116&idx=1&sn=dfbaf2961d5fee876867d903dee25b52) + - [ ] [海南发布商超消费领域个人信息保护合规指引,以加强个人信息保护](https://mp.weixin.qq.com/s?__biz=MzIxMDIwODM2MA==&mid=2653931451&idx=1&sn=0066d975abd60b07ce49c4fbcecbab38) + - [ ] [江苏银行多场景应用大模型,风控能力得到提升](https://mp.weixin.qq.com/s?__biz=MzIxMDIwODM2MA==&mid=2653931451&idx=2&sn=965d5c8f64b9c296a4f9d74e86f1c330) + - [ ] [美日韩联合警告加密货币行业防范朝鲜黑客攻击](https://mp.weixin.qq.com/s?__biz=MzI0MTE4ODY3Nw==&mid=2247492524&idx=1&sn=19d57828e503df304caf2618802d9d27) + - [ ] [SerializeJava-反序列图形化工具](https://mp.weixin.qq.com/s?__biz=Mzk0Mjg4MTQxMw==&mid=2247485694&idx=1&sn=f76d44c9fed7879f6d328bd16a49ac51) + - [ ] [你是否有个忘不掉的它](https://mp.weixin.qq.com/s?__biz=MzkwNDg4MTg5MQ==&mid=2247483853&idx=1&sn=7b77e7dc2bbf210e25ce19dda9332afe) + - [ ] [.NET 第55期红队武器库和资源汇总](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498306&idx=1&sn=672a2a2f57cabb2ce04be6ff29129beb) + - [ ] [国内最专业、最全面的 [ .NET 代码审计 ] 体系化学习交流社区](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498306&idx=2&sn=4c2323d1570eb3b825a6a04eb4520b72) + - [ ] [一种通过 .NET 启动 cmd.exe 的新方法](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498306&idx=3&sn=d5276b7bf7380ce889dc125627631a94) + - [ ] [限量领取!篝火信安蛇年定制红包封面派发中!](https://mp.weixin.qq.com/s?__biz=MzIyNzc3OTMzNw==&mid=2247485751&idx=1&sn=387c2d0644a19e8ecf94580734091cf8) + - [ ] [无问社区|春节大放送](https://mp.weixin.qq.com/s?__biz=MzkzODUzMjA1MQ==&mid=2247484823&idx=1&sn=79c8d9e62761290554ec8eda780fba9c) + - [ ] [分享图片](https://mp.weixin.qq.com/s?__biz=MzkzMDE3ODc1Mw==&mid=2247488944&idx=1&sn=09e4fe21af1fcba3e404660f9d7b32e4) + - [ ] [棉花糖定制手绘红包封面来啦!](https://mp.weixin.qq.com/s?__biz=MzkyOTQzNjIwNw==&mid=2247491430&idx=1&sn=cdd4119a2717173ed1a7f67471f50bd5) + - [ ] [2025年微信「红包封面」第一弹,快查收!](https://mp.weixin.qq.com/s?__biz=Mzk0MTIzNTgzMQ==&mid=2247519221&idx=1&sn=3f456dc497d02c7fb2d6610a1a2afcad) + - [ ] [关于公众号更新以及回复私信的一些事](https://mp.weixin.qq.com/s?__biz=MzkyMDY1MDI3OA==&mid=2247483788&idx=1&sn=93bb002b5b0c0556d46898897a1712a1) + - [ ] [【公开课】晚八点App渗透逆向公开课!](https://mp.weixin.qq.com/s?__biz=MzkxMTUwOTY1MA==&mid=2247490013&idx=1&sn=fda955efd9e128551daa7934f3c0be7b) + - [ ] [Graphql内审查询漏洞分析](https://mp.weixin.qq.com/s?__biz=Mzg4NDg3NjE5MQ==&mid=2247485250&idx=1&sn=cc481b4d430eb2516b235f762c1047cb) + - [ ] [网安一哥发布业绩预告:预计2024年实现营业收入42亿元到45亿元](https://mp.weixin.qq.com/s?__biz=MzUzNjkxODE5MA==&mid=2247488099&idx=1&sn=d6b09346c9c833d04429738908b67944) + - [ ] [一文读懂 Spring 动态代理](https://mp.weixin.qq.com/s?__biz=Mzg4NDY4Mzk3Mw==&mid=2247485498&idx=1&sn=fdb55a27c1ccc7ed9b0326e73e2a649c) + - [ ] [水水水水~~~~](https://mp.weixin.qq.com/s?__biz=MzkxNzY5MTg1Ng==&mid=2247485516&idx=1&sn=a776993f5320c5be544d0f4d1162a06a) + - [ ] [零信任安全,为什么它在当今的威胁环境中至关重要](https://mp.weixin.qq.com/s?__biz=MzA4MzMzOTQ4Mw==&mid=2453672500&idx=1&sn=3ba70755a11d2fd325341b128d2ca7ec) + - [ ] [评论 | 走出应用程序自动扣费的“消费陷阱”](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235038&idx=5&sn=27d2dc92bc541ae96838413ce948ac9c) + - [ ] [安恒信息发布业绩预告,预计2024年年度实现归属于母公司所有者的净利润为-2.2亿元到-1.6亿元](https://mp.weixin.qq.com/s?__biz=MzUzNjkxODE5MA==&mid=2247488091&idx=1&sn=0e3fae68f54835d405aee94c848122e9) + - [ ] [今晚八点App渗透逆向公开课!](https://mp.weixin.qq.com/s?__biz=Mzg3NTk4MzY0MA==&mid=2247487962&idx=1&sn=ebbeeaf7d4f783318725119d4ad97f31) + - [ ] [有人和无人复杂作战系统:概念、能力和战例(9500字干货)](https://mp.weixin.qq.com/s?__biz=MzkyMjY1MTg1MQ==&mid=2247491542&idx=1&sn=0ffc93f646e632e9845622e638f60904) + - [ ] [国外“战场战训数据库”利用研究(韩军视角)](https://mp.weixin.qq.com/s?__biz=MzkyMjY1MTg1MQ==&mid=2247491542&idx=2&sn=0b63c5e22c65c5a3b42ae1dd76e5bc7f) + - [ ] [在盟国领土上进行海外作战:美军在印太地区面临的挑战和机遇(2024兰德最新报告)](https://mp.weixin.qq.com/s?__biz=MzkyMjY1MTg1MQ==&mid=2247491542&idx=3&sn=c182630cad08f8732d501929c6fe2611) + - [ ] [2024兰德报告《将中美台海冲突控制在核门槛以下(第4卷):通过分析战略理论、历史案例和原创分析框架设想首先使用核武器的路径》](https://mp.weixin.qq.com/s?__biz=MzkyMjY1MTg1MQ==&mid=2247491542&idx=4&sn=452931cd6f0c10c818eb4f489d5f6da0) + - [ ] [2024兰德报告《将中美台海冲突控制在核门槛以下(第3卷):u200b中-国不断发展的核战略和核使用阈值及其未来风险因素》](https://mp.weixin.qq.com/s?__biz=MzkyMjY1MTg1MQ==&mid=2247491542&idx=5&sn=e5c5c264c1288570849e547e98aa7af4) + - [ ] [2024兰德报告《将中美台海冲突控制在核门槛以下(第2卷):u200b调查美国常规联合远程打击能力、作战目标和部署决策》](https://mp.weixin.qq.com/s?__biz=MzkyMjY1MTg1MQ==&mid=2247491542&idx=6&sn=408d8cfe126b94e1a6a48bff1eeb4b28) + - [ ] [2024兰德报告《将中美台海冲突控制在核门槛以下(第1卷):美国常规联合远程打击升级管理理念概述》](https://mp.weixin.qq.com/s?__biz=MzkyMjY1MTg1MQ==&mid=2247491542&idx=7&sn=de191e6550e6c769b0bec6abcabf84f4) + - [ ] [新型手法|Telegram 假 Safeguard 骗局](https://mp.weixin.qq.com/s?__biz=MzU4ODQ3NTM2OA==&mid=2247500978&idx=1&sn=8d502d81ee56971fac26b35e70b49081) + - [ ] [STH-RPC识别短期底部](https://mp.weixin.qq.com/s?__biz=MzI3NTcwNTQ2Mg==&mid=2247487603&idx=1&sn=c80291f3e5df7a556fee023c857bd9e4) + - [ ] [【中文调教】免费开源不限量!让 AI 生成高质量 4k 定制图片](https://mp.weixin.qq.com/s?__biz=MzkwODI1ODgzOA==&mid=2247506565&idx=1&sn=0d2c7468fe8213f063154297c0a70895) + - [ ] [公众号交流二群建立了!快来扫码加入](https://mp.weixin.qq.com/s?__biz=MzkwODI1ODgzOA==&mid=2247506565&idx=2&sn=5726611666b67db6aca8251fd26ce47d) + - [ ] [无问社区 | 网安技术资源派送(文末福利)](https://mp.weixin.qq.com/s?__biz=MzkzNDQ0MDcxMw==&mid=2247487155&idx=1&sn=e865c23ab316942e34f7a4e11f209276) + - [ ] [特朗普 x 账号疑似被黑](https://mp.weixin.qq.com/s?__biz=MzkzNDIzNDUxOQ==&mid=2247494382&idx=1&sn=8ddba3acf29f8fc6650c7e46e18b1a6d) + - [ ] [一次通用cnvd案例分享](https://mp.weixin.qq.com/s?__biz=MzkzNTQwNjQ4OA==&mid=2247484053&idx=1&sn=f2f7d10b6cf4337e7ab2212e103f702a) + - [ ] [ChatGPT如何指导知识产权法论文选题,掌握5步精准指南。](https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247493243&idx=1&sn=8f30acca6c4f3b2b6179a8656d558eef) + - [ ] [ChatGPT审核新闻学论文的内部高阶攻略,0经验小白也能轻松找出问题!](https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247493243&idx=2&sn=b529bb3e05fe0200e1b590d4801b1696) + - [ ] [chatgpt视角下的野生动物论文文献综述写作核心攻略。](https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247493243&idx=3&sn=d73f224f40a8c4f610df81cd00335551) + - [ ] [ChatGPT挖掘拉丁语学术论文的9大神仙技巧,学院派必看!](https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247493243&idx=4&sn=7218911d39ff15c8a82b86c5852a968a) + - [ ] [ChatGPT完美助攻,中西医结合论文3天确定逆天选题攻略!](https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247493243&idx=5&sn=b4509068ccdeab0b99c827ee299c55d7) + - [ ] [赛欧思一周资讯分类汇总(2025-01-13 ~ 2025-01-18)](https://mp.weixin.qq.com/s?__biz=MzU0MjE2Mjk3Ng==&mid=2247488416&idx=1&sn=3256d8d3ec398a11297f623fdceef5d2) + - [ ] [Java安全小记-Commons-Collections4反序列化](https://mp.weixin.qq.com/s?__biz=Mzk0ODY1NzEwMA==&mid=2247485860&idx=1&sn=1b65d29dbab6339bc7842474a6211475) + - [ ] [DataCon2024解题报告WriteUp—漏洞分析赛道](https://mp.weixin.qq.com/s?__biz=MzU5Njg1NzMyNw==&mid=2247489123&idx=1&sn=228fa0630cebdc58c6b961b96752dc2f) + - [ ] [中国工程院院士邬贺铨:五方面发力推动信息通信业高质量发展](https://mp.weixin.qq.com/s?__biz=Mzg4MDU0NTQ4Mw==&mid=2247528734&idx=1&sn=354275495b32bddb78bfb6b94a93340d) + - [ ] [国家数据基础设施建设的四个核心问题](https://mp.weixin.qq.com/s?__biz=Mzg4MDU0NTQ4Mw==&mid=2247528734&idx=2&sn=3af167a316f4c6b8b3444a3fc509a2e7) + - [ ] [Proton Mail宕机–大规模中断后服务恢复](https://mp.weixin.qq.com/s?__biz=Mzg2NjY2MTI3Mg==&mid=2247498269&idx=1&sn=6ddb964e3a74df8b9bde7aca97752ef8) + - [ ] [吃瓜,某安一哥起诉某公众号索赔50W](https://mp.weixin.qq.com/s?__biz=Mzk0MzY3MDE5Mg==&mid=2247483932&idx=1&sn=d275d1d865bc82ea56279c6c9c584cd5) + - [ ] [泰晓资讯xa0:xa02025xa0年 1xa0月xa0第xa0二xa0期](https://mp.weixin.qq.com/s?__biz=MzA5NDQzODQ3MQ==&mid=2648194552&idx=1&sn=4b6885310a604cf16f4bc2e14b62287b) + - [ ] [OSDT Weekly 2025-01-15 第289期](https://mp.weixin.qq.com/s?__biz=MzA5NDQzODQ3MQ==&mid=2648194552&idx=2&sn=601b0cc0dc7df856c714123d5adfc94f) + - [ ] [拜登政府AI出口管制破坏秩序与对我的影响](https://mp.weixin.qq.com/s?__biz=MzkwNzM0NzA5MA==&mid=2247504300&idx=2&sn=412c2f98c4028c9f8d6a19833bafdc80) + - [ ] [中吉乌铁路:重塑中亚地缘政治经济格局与国际态度演变](https://mp.weixin.qq.com/s?__biz=MzkwNzM0NzA5MA==&mid=2247504300&idx=3&sn=5f8a05ad7afaf072d44c05829dff3f95) + - [ ] [安天AVL SDK反病毒引擎升级通告(20250118)](https://mp.weixin.qq.com/s?__biz=MjM5MTA3Nzk4MQ==&mid=2650209597&idx=1&sn=91ede5437c5fc60e6c3084c81753784d) + - [ ] [Nuclei POC 管理工具(附POC地址)](https://mp.weixin.qq.com/s?__biz=Mzg5OTg5NzMzMA==&mid=2247484176&idx=1&sn=f4be63e1e0f295963d861967f27eb595) + - [ ] [浏览器取证实战](https://mp.weixin.qq.com/s?__biz=Mzg3NTU3NTY0Nw==&mid=2247489510&idx=1&sn=65afe75391c1243ba91da9dfaf11fced) + - [ ] [AI+代码审计??代码审计新工具内测来了!](https://mp.weixin.qq.com/s?__biz=MzkzMzczODA0OQ==&mid=2247484066&idx=1&sn=71685fde2af3a483cf290a5f14e1c140) + - [ ] [渗透测试 | 某系统垂直越权漏洞的挖掘](https://mp.weixin.qq.com/s?__biz=Mzk0Mzc1MTI2Nw==&mid=2247487115&idx=1&sn=338d1d8129bc7b7f75ae6ad22e4cef7e) + - [ ] [如何利用 OSINT 解决价值 1100 亿美元的商店盗窃问题](https://mp.weixin.qq.com/s?__biz=MzkxMDIwMTMxMw==&mid=2247494428&idx=1&sn=6c841e5efe7e16262098d12e617933c3) +- Private Feed for M09Ic + - [ ] [safedv starred hlldz/Phant0m](https://github.com/hlldz/Phant0m) + - [ ] [safedv starred D3Ext/Hooka](https://github.com/D3Ext/Hooka) + - [ ] [mgeeky starred rainerzufalldererste/windows_x64_shellcode_template](https://github.com/rainerzufalldererste/windows_x64_shellcode_template) + - [ ] [HuYlllc pushed to v0.0.4dev in chainreactors/malice-network](https://github.com/chainreactors/malice-network/compare/95cb131373...ace33f01f9) + - [ ] [mgeeky starred SpecterOps/Nemesis](https://github.com/SpecterOps/Nemesis) + - [ ] [CHYbeta starred louislam/dockge](https://github.com/louislam/dockge) + - [ ] [huoji120 started following SamuelTulach](https://github.com/SamuelTulach) + - [ ] [esrrhs starred tomhea/c2fj](https://github.com/tomhea/c2fj) + - [ ] [esrrhs starred tomhea/flip-jump](https://github.com/tomhea/flip-jump) + - [ ] [mgeeky starred cainiao1992/ollvm-mingw](https://github.com/cainiao1992/ollvm-mingw) +- Recent Commits to cve:main + - [ ] [Update Sat Jan 18 20:13:55 UTC 2025](https://github.com/trickest/cve/commit/b708e26d5a4c98338b505110945c3df0396344c0) + - [ ] [Update Sat Jan 18 12:15:13 UTC 2025](https://github.com/trickest/cve/commit/aef459845426b0cd394ec2be1ea55871b7a78f8a) + - [ ] [Update Sat Jan 18 04:18:41 UTC 2025](https://github.com/trickest/cve/commit/cb8a7b3ec123eb65fb54b26ccb85cfecefc0b1a7) +- Security Boulevard + - [ ] [DEF CON 32 – Breaking Boundaries: Popping Shells In The Airgap With $10 & Arduino Magic](https://securityboulevard.com/2025/01/def-con-32-breaking-boundaries-popping-shells-in-the-airgap-with-10-arduino-magic/) + - [ ] [Cyber Essentials NHS and Healthcare Organisations](https://securityboulevard.com/2025/01/cyber-essentials-nhs-and-healthcare-organisations/) + - [ ] [Trump’s Digital Footprint: Unveiling Malicious Campaigns Amid Political Milestones](https://securityboulevard.com/2025/01/trumps-digital-footprint-unveiling-malicious-campaigns-amid-political-milestones/) + - [ ] [How Imperva Protects the Arts Industry from Ticketing Abuse by Carding Bots](https://securityboulevard.com/2025/01/how-imperva-protects-the-arts-industry-from-ticketing-abuse-by-carding-bots/) +- CXSECURITY Database RSS Feed - CXSecurity.com + - [ ] [OBS (by: oretnom23 ) File Upload-FU and Remote](https://cxsecurity.com/issue/WLB-2025010017) +- 一个被知识诅咒的人 + - [ ] [AIGC与劳动力市场:技术进步与就业结构的重塑](https://blog.csdn.net/nokiaguy/article/details/145234235) + - [ ] [Python中的字典优化:如何高效使用`defaultdict`和`Counter`](https://blog.csdn.net/nokiaguy/article/details/145227999) + - [ ] [【Python运维】用Python管理Docker容器:从`docker-py`到自动化部署的全面指南](https://blog.csdn.net/nokiaguy/article/details/145227982) +- arighi's blog + - [ ] [Accelerating micro-VM boot time with sched_ext](http://arighi.blogspot.com/2025/01/accelerating-micro-vm-boot-time-with.html) +- Twitter @bytehx + - [ ] [Re @rez0__ I made it at my home and love it. It is really good with toasted bread.](https://x.com/bytehx343/status/1880671088092565741) + - [ ] [Re @RelentlessT7 @Bugcrowd Congrats 🎉](https://x.com/bytehx343/status/1880659660078006382) + - [ ] [Re @notgeej haha yes that is quite hurt.](https://x.com/bytehx343/status/1880577440621396144) + - [ ] [Re @h4x0r_dz 🤣🤣🤣](https://x.com/bytehx343/status/1880474260738912721) + - [ ] [Re @696e746c6f6c I did comment about the severity but they never respond to me.](https://x.com/bytehx343/status/1880474183785935318) + - [ ] [Re @HannanHaseeb11 🤣🤣🤣](https://x.com/bytehx343/status/1880473913190412403) +- Bug Bounty in InfoSec Write-ups on Medium + - [ ] [Critical Blind SQL Injection leads to  +$4,134 (7/30 DAYS)](https://infosecwriteups.com/critical-blind-sql-injection-leads-to-4-134-7-30-days-d8918ff3d2d0?source=rss----7b722bfd1b8d--bug_bounty) + - [ ] [Building Your Own Bug Bounty Lab: A Hands-On Guide with Metasploit and More](https://infosecwriteups.com/building-your-own-bug-bounty-lab-a-hands-on-guide-with-metasploit-and-more-9595a71fc4c6?source=rss----7b722bfd1b8d--bug_bounty) + - [ ] [Stored XSS to Admin in Unauthenticated-WordPress](https://infosecwriteups.com/stored-xss-to-admin-in-unauthenticated-wordpress-cb76bae66623?source=rss----7b722bfd1b8d--bug_bounty) + - [ ] [This is How I Turned an Informative Bug into a Valid $500 Bug](https://infosecwriteups.com/this-is-how-i-turned-an-informative-bug-into-a-valid-500-bug-174ffeb94737?source=rss----7b722bfd1b8d--bug_bounty) + - [ ] [CVE-2024-50379: Apache Tomcat Race Condition Vulnerability Leads to Remote Code Execution](https://infosecwriteups.com/cve-2024-50379-apache-tomcat-race-condition-vulnerability-leads-to-remote-code-execution-6b3291780d65?source=rss----7b722bfd1b8d--bug_bounty) +- 奇客Solidot–传递最新科技情报 + - [ ] [原神被禁止向美国 16 岁以下儿童出售战利品箱](https://www.solidot.org/story?sid=80367) + - [ ] [CNNIC 报告称中国有 2.49 亿人使用过生成式 AI](https://www.solidot.org/story?sid=80366) +- 黑海洋 - IT技术知识库 + - [ ] [AniDoc:动画创作草图高保真着色工具](https://blog.upx8.com/4673) + - [ ] [网页翻译插件:接入Deepseekv、Gemini等AI翻译服务](https://blog.upx8.com/4671) + - [ ] [ai_couplets:AI 对联生成器 马上成为春联领域高手](https://blog.upx8.com/4670) + - [ ] [WinNew:微软Windows原版镜像系统](https://blog.upx8.com/4669) +- 威努特安全网络 + - [ ] [西班牙电信公司遭入侵,官方通报16款违规移动应用 | 一周特辑](https://mp.weixin.qq.com/s?__biz=MzAwNTgyODU3NQ==&mid=2651130508&idx=1&sn=2470459b5f48ea1c07856c2d72394829&chksm=80e7103cb790992a65070923895751564457b3909a6b673b81f7dc6c3db5958fd00fd64e76ae&scene=58&subscene=0#rd) +- 代码审计SDL + - [ ] [API BOM - ASPM数据关联分析纽带](https://mp.weixin.qq.com/s?__biz=MzI2NTExNzcxNQ==&mid=2247484361&idx=1&sn=8e472a7a51b24dacdf95759c0a58c4a8&chksm=eaa30ab5ddd483a3ebf52abba4056a525450dc0dd3cd0a1a1aef253b5339b066093ed268e076&scene=58&subscene=0#rd) +- dotNet安全矩阵 + - [ ] [.NET 第55期红队武器库和资源汇总](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498306&idx=1&sn=672a2a2f57cabb2ce04be6ff29129beb&chksm=fa5954afcd2eddb95c9d28b0c0054d2ffc9aeefa6c8453b52d06a54a7256591e3ea8c802d6d9&scene=58&subscene=0#rd) + - [ ] [国内最专业、最全面的 [ .NET 代码审计 ] 体系化学习交流社区](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498306&idx=2&sn=4c2323d1570eb3b825a6a04eb4520b72&chksm=fa5954afcd2eddb9dd3e4a3bbf2b57ba408dd8885947b8fb03d7dc9cf4549bd8cb2784095eaf&scene=58&subscene=0#rd) + - [ ] [一种通过 .NET 启动 cmd.exe 的新方法](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498306&idx=3&sn=d5276b7bf7380ce889dc125627631a94&chksm=fa5954afcd2eddb9766ec4e35c05e11ccf9f4e97162811fc15396171a733e0531e29cabee253&scene=58&subscene=0#rd) +- 看雪学苑 + - [ ] [欢迎报名!​“系统0day安全”系列课程:掌握漏洞挖掘重要技能](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458588749&idx=1&sn=c07163014dddf5e352e4f3683251b0d4&chksm=b18c26c786fbafd14670241f07726032e76e13980b4ff50732d34c76fea9f03ae8979ccaba96&scene=58&subscene=0#rd) + - [ ] [PWN入门:误入格式化字符串漏洞](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458588749&idx=2&sn=6fc809be9ede10a46f7d204c536cd5bf&chksm=b18c26c786fbafd14e4e451e21e415e3d96e93feb517543db94006ba90a0f748c9b78f0cc838&scene=58&subscene=0#rd) +- 安全内参 + - [ ] [CNCERT:美网络攻击我国某先进材料设计研究院事件调查报告](https://mp.weixin.qq.com/s?__biz=MzI4NDY2MDMwMw==&mid=2247513535&idx=1&sn=b266fc240ecfa7219f753220df704fd6&chksm=ebfaf29fdc8d7b895e31b7f387b580348d6200e7d05b1f78b5bbefb52172bf88ccda3fb37a3b&scene=58&subscene=0#rd) + - [ ] [CNCERT:美网络攻击我国某智慧能源和数字信息大型高科技企业事件调查报告](https://mp.weixin.qq.com/s?__biz=MzI4NDY2MDMwMw==&mid=2247513535&idx=2&sn=8013d103c78d04dbb57f8891af08c176&chksm=ebfaf29fdc8d7b89c6ce104f81453910fac57be35385c3d3cefe1beff5e1b59a6307051d12d0&scene=58&subscene=0#rd) +- 中国信息安全 + - [ ] [论坛·原创 | 特朗普第二任期美国科技外交战略展望](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235038&idx=1&sn=0985e935a77d468c9918194fcdac28b3&chksm=8b5802e7bc2f8bf11b2f1b8ca38fc79e014dc4fd73969198e2fcad1f63378e221da7e6975b6f&scene=58&subscene=0#rd) + - [ ] [专家解读 | 强化数据标注基地引领作用 带动数据标注产业高质量发展](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235038&idx=2&sn=faf2a988fedc8924e65ab9c9bcbbafa5&chksm=8b5802e7bc2f8bf126b161de9bd9d5058cff96053115722ea4bc0519184dbbf8d28f097b06c2&scene=58&subscene=0#rd) + - [ ] [小心!“间谍”正在潜入你的手机](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235038&idx=3&sn=8d7fbaf443b0a9525f6d4b1be446e0a2&chksm=8b5802e7bc2f8bf161b0bb62fba700cc8b6a23cdba4d5a9d1aeab4ff10271ea2fbda09f594f5&scene=58&subscene=0#rd) + - [ ] [国际 | 越南个人数据跨境传输规则](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235038&idx=4&sn=d5d670e02e6690a029cf91ba98894c4b&chksm=8b5802e7bc2f8bf12d74db74b6d23efe779dc9b074b80efd47d7ffb4874d0665a003c525e7ac&scene=58&subscene=0#rd) + - [ ] [评论 | 走出应用程序自动扣费的“消费陷阱”](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235038&idx=5&sn=27d2dc92bc541ae96838413ce948ac9c&chksm=8b5802e7bc2f8bf11127a7f375be5953f44d0423fe5f47d299c0e71a4bb5fc2b4b1ebb629812&scene=58&subscene=0#rd) +- 慢雾科技 + - [ ] [新型手法|Telegram 假 Safeguard 骗局](https://mp.weixin.qq.com/s?__biz=MzU4ODQ3NTM2OA==&mid=2247500978&idx=1&sn=8d502d81ee56971fac26b35e70b49081&chksm=fddeba35caa9332370f3eb036a88298138c4c0b3affab16a89684c8be0ea352075d9efbc6119&scene=58&subscene=0#rd) +- ChaMd5安全团队 + - [ ] [2024年ChaMd5安全团队总结](https://mp.weixin.qq.com/s?__biz=MzIzMTc1MjExOQ==&mid=2247511877&idx=1&sn=d8176431e491281ef849226a54134205&chksm=e89d879ddfea0e8bed51009b5df5f17451e07e7d548788096d2d114ae33d709cadabdd53fd21&scene=58&subscene=0#rd) +- 极客公园 + - [ ] [美国最高法裁定支持 TikTok 禁令,周受资回应;传网易裁撤战投部;三星与 OpenAI 合作开发 AI 电视 | 极客早知道](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653072294&idx=1&sn=2ad18c4ecffe9cc504a4c2b913d43446&chksm=7e57d61049205f06adcfbf56f4d2a313bfa3cf0be44336d8b8615ba19db4d9afe35995b8e869&scene=58&subscene=0#rd) +- 丁爸 情报分析师的工具箱 + - [ ] [【工具】全球有组织犯罪指数](https://mp.weixin.qq.com/s?__biz=MzI2MTE0NTE3Mw==&mid=2651148608&idx=1&sn=dcde5ba6b230d8fa0b9ffbd97091e78a&chksm=f1af267ac6d8af6c1e5890468a5afa8695a4219608207c2373863a75d242e13b2b43eb2baa23&scene=58&subscene=0#rd) + - [ ] [【资料】拜登告别演讲](https://mp.weixin.qq.com/s?__biz=MzI2MTE0NTE3Mw==&mid=2651148608&idx=2&sn=03f1e0c2e178ad80175a035485141a01&chksm=f1af267ac6d8af6c2b9fd8e4c2800c517101c6e06ecac0b3e36448e42f84a6301499a6f416bd&scene=58&subscene=0#rd) +- 安全圈 + - [ ] [【安全圈】高危!rsync被爆出多个安全漏洞](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067460&idx=1&sn=7e41cdf5b76e20186089903f7171a588&chksm=f36e7ac4c419f3d2506b8a4fda50d186484d0b429b68fbc2c9fa6a6d793e423ec4e7374d18b2&scene=58&subscene=0#rd) + - [ ] [【安全圈】国家互联网应急中心通报两起美方对我国网络攻击事件](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067460&idx=2&sn=1eeea145994ab308cf3f78f1ca987a19&chksm=f36e7ac4c419f3d249013e9e085dface206bc6cc4b5b7f6d7808a9eb3d92fe36d14ea01b7261&scene=58&subscene=0#rd) + - [ ] [【安全圈】网络安全态势研判分析报告 (2024年12月)](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067460&idx=3&sn=86d02f407c0e151d308f83282274bf31&chksm=f36e7ac4c419f3d2c695e9358023983f6c9908bce56b713651866957afc0ffec8d6486e40553&scene=58&subscene=0#rd) +- 山石网科安全技术研究院 + - [ ] [2024年度人工智能相关重点安全漏洞盘点](https://mp.weixin.qq.com/s?__biz=MzUzMDUxNTE1Mw==&mid=2247510270&idx=1&sn=6e0dfb575d641bc67a2b3f00196df49c&chksm=fa527d40cd25f4569e895e911f8d3e8f3e3bc366ffc8598627f89ba3a175f3b65e348be9866b&scene=58&subscene=0#rd) +- DataCon大数据安全分析竞赛 + - [ ] [DataCon2024解题报告WriteUp—漏洞分析赛道](https://mp.weixin.qq.com/s?__biz=MzU5Njg1NzMyNw==&mid=2247489123&idx=1&sn=228fa0630cebdc58c6b961b96752dc2f&chksm=fe5d0ee3c92a87f539db8736eee19d3b20b91e5cf731b6a9630bc1339b0cd1dfb5e2e9ecca66&scene=58&subscene=0#rd) +- 白泽安全实验室 + - [ ] [美日韩联合警告加密货币行业防范朝鲜黑客攻击](https://mp.weixin.qq.com/s?__biz=MzI0MTE4ODY3Nw==&mid=2247492524&idx=1&sn=19d57828e503df304caf2618802d9d27&chksm=e90dc986de7a4090525887e3393df05546cb69cbdde9be1ad3e3ff9b365906e28e0b0a1640d3&scene=58&subscene=0#rd) +- Over Security - Cybersecurity news aggregator + - [ ] [Microsoft removes Assassin’s Creed Windows 11 upgrade blocks](https://www.bleepingcomputer.com/news/microsoft/microsoft-removes-assassins-creed-windows-11-upgrade-blocks/) + - [ ] [FTC orders GM to stop collecting and selling driver’s data](https://www.bleepingcomputer.com/news/legal/ftc-orders-gm-to-stop-collecting-and-selling-drivers-data/) + - [ ] [Medusa Ransomware Attack on PMUSA: The $1.2 Million Ransom to Prevent Data Exposure](https://www.suspectfile.com/medusa-ransomware-attack-on-pmusa-the-1-2-million-ransom-to-prevent-data-exposure/) + - [ ] [How victims of PowerSchool’s data breach helped each other investigate ‘massive’ hack](https://techcrunch.com/2025/01/18/how-victims-of-powerschools-data-breach-helped-each-other-investigate-massive-hack/) + - [ ] [Otelier - 436,855 breached accounts](https://haveibeenpwned.com/PwnedWebsites#Otelier) +- Desync InfoSec + - [ ] [分享图片](https://mp.weixin.qq.com/s?__biz=MzkzMDE3ODc1Mw==&mid=2247488944&idx=1&sn=09e4fe21af1fcba3e404660f9d7b32e4&chksm=c27f661ef508ef08a55b85b5762be82d9737b6b17f5bba12e75332b0ce96d0d54dc7f5a409e4&scene=58&subscene=0#rd) +- IT Service Management News + - [ ] [Gli uomini possono fare tutto (Gennaio 2025)](http://blog.cesaregallotti.it/2025/01/gli-uomini-possono-fare-tutto-gennaio.html) + - [ ] [Parere EDPB sui modelli di intelligenza artificiale](http://blog.cesaregallotti.it/2025/01/parere-edpb-sui-modelli-di-intelligenza.html) +- 吴鲁加 + - [ ] [黑客思维](https://mp.weixin.qq.com/s?__biz=Mzg5NDY4ODM1MA==&mid=2247485154&idx=1&sn=43d73ef46e2f7ca8d5a52c0fa515843f&chksm=c01a8bd3f76d02c5d4368cdfa4790e59deb43648e7ad8aaf6f4bad39c19707325a280fac689d&scene=58&subscene=0#rd) +- 迪哥讲事 + - [ ] [挖掘有回显ssrf的一类隐藏payload](https://mp.weixin.qq.com/s?__biz=MzIzMTIzNTM0MA==&mid=2247496898&idx=1&sn=b6088e20a8b4fc9fbd887b900d8c5247&chksm=e8a5fea1dfd277b708b1a63e6fa9a1399f8466dce922766f0393e815aca0aa4090c609a9a372&scene=58&subscene=0#rd) +- SANS Internet Storm Center, InfoCON: green + - [ ] [New tool: immutable.py, (Sat, Jan 18th)](https://isc.sans.edu/diary/rss/31598) +- ICT Security Magazine + - [ ] [Autonomic Computing: La Rivoluzione dei Sistemi Auto-Gestiti nella Cybersecurity Moderna](https://www.ictsecuritymagazine.com/articoli/autonomic-computing/) +- Your Open Hacker Community + - [ ] [(for research purposes) how do scammers gain the skills they have?](https://www.reddit.com/r/HowToHack/comments/1i40zkp/for_research_purposes_how_do_scammers_gain_the/) + - [ ] [Fake acc](https://www.reddit.com/r/HowToHack/comments/1i4joo0/fake_acc/) + - [ ] [Complete beginner - 2 days in](https://www.reddit.com/r/HowToHack/comments/1i46c9w/complete_beginner_2_days_in/) + - [ ] [How to create a rat](https://www.reddit.com/r/HowToHack/comments/1i4l1iu/how_to_create_a_rat/) + - [ ] [How do I hack a Roblox account?](https://www.reddit.com/r/HowToHack/comments/1i4jjcn/how_do_i_hack_a_roblox_account/) + - [ ] [Lets bring tiktok back up](https://www.reddit.com/r/HowToHack/comments/1i4ddzb/lets_bring_tiktok_back_up/) + - [ ] [Hi, so I ran my config on open bullet And I’m only getting retries on the runner is it a problem with my proxy, combo list or config?](https://www.reddit.com/r/HowToHack/comments/1i3z2l5/hi_so_i_ran_my_config_on_open_bullet_and_im_only/) + - [ ] [Help making open bullet plugin](https://www.reddit.com/r/HowToHack/comments/1i3xttx/help_making_open_bullet_plugin/) + - [ ] [I need help.](https://www.reddit.com/r/HowToHack/comments/1i3xa2q/i_need_help/) + - [ ] [Help](https://www.reddit.com/r/HowToHack/comments/1i41jrv/help/) + - [ ] [[ Removed by Reddit ]](https://www.reddit.com/r/HowToHack/comments/1i40znr/removed_by_reddit/) + - [ ] [Twitter account](https://www.reddit.com/r/HowToHack/comments/1i3z6bq/twitter_account/) +- Information Security + - [ ] [Newb question: what does an information manager *do*?](https://www.reddit.com/r/Information_Security/comments/1i47ytv/newb_question_what_does_an_information_manager_do/) +- Social Engineering + - [ ] [Best way to keep in touch with people as a freelancer?](https://www.reddit.com/r/SocialEngineering/comments/1i4fug3/best_way_to_keep_in_touch_with_people_as_a/) +- Hacking Exposed Computer Forensics Blog + - [ ] [Daily Blog #720: The new hardest question to answer in an incident](https://www.hecfblog.com/2025/01/daily-blog-720-new-hardest-question-to.html) +- netsecstudents: Subreddit for students studying Network Security and its related subjects + - [ ] [Would the Comptia A+ certification be worth it in this scenario?](https://www.reddit.com/r/netsecstudents/comments/1i3yegb/would_the_comptia_a_certification_be_worth_it_in/) +- Computer Forensics + - [ ] [Seeking Advice: Questions to Ask My Supervisor and IT Manager During My Internship](https://www.reddit.com/r/computerforensics/comments/1i4210m/seeking_advice_questions_to_ask_my_supervisor_and/) + - [ ] [Courses or books](https://www.reddit.com/r/computerforensics/comments/1i446e4/courses_or_books/) +- Security Affairs + - [ ] [U.S. Treasury Sanctions Chinese cybersecurity firm and actor over federal agency breach tied to Salt Typhoon](https://securityaffairs.com/173209/intelligence/u-s-treasury-sanctioned-cybersecurity-firm-and-shanghai-cyber-actor-linked-salt-typhoon.html) +- Have I Been Pwned latest breaches + - [ ] [Otelier - 436,855 breached accounts](https://haveibeenpwned.com/PwnedWebsites#Otelier) +- Blackhat Library: Hacking techniques and research + - [ ] [Dead Grandmas iPhone 11](https://www.reddit.com/r/blackhat/comments/1i404m4/dead_grandmas_iphone_11/) +- The Hacker News + - [ ] [U.S. Sanctions Chinese Cybersecurity Firm Over Treasury Hack Tied to Silk Typhoon](https://thehackernews.com/2025/01/us-sanctions-chinese-cybersecurity-firm.html) +- TorrentFreak + - [ ] [MAME Devs Spent 628 Years Cracking Protection on 712 Retro Games](https://torrentfreak.com/mame-devs-spent-628-years-cracking-protection-on-712-retro-games-250118/) diff --git a/archive/tmp/2025-01-19.json b/archive/tmp/2025-01-19.json new file mode 100644 index 0000000000..ac631e2dd9 --- /dev/null +++ b/archive/tmp/2025-01-19.json @@ -0,0 +1,335 @@ +{ + "博客园 - potatso": { + "linux实现macos的timeMachine系统备份 - potatso": "https://www.cnblogs.com/potatso/p/18678521", + "btrfs文件系统从原理到实践 [1] - potatso": "https://www.cnblogs.com/potatso/p/18678520", + "Git三路合并算法完全指南:优雅处理复杂冲突[2] - potatso": "https://www.cnblogs.com/potatso/p/18678518" + }, + "SecWiki News": { + "SecWiki News 2025-01-18 Review": "http://www.sec-wiki.com/?2025-01-18" + }, + "Doonsec's feed": { + "软考信安(六)": "https://mp.weixin.qq.com/s?__biz=MzkzMjYzOTc5NQ==&mid=2247484676&idx=1&sn=2198cc3fdd3be060e0584d88e273e056", + "北美最大戒毒服务提供商BayMark遭遇数据泄露,患者信息被窃取!": "https://mp.weixin.qq.com/s?__biz=MzA4NTY4MjAyMQ==&mid=2447900070&idx=1&sn=420bed34960782ce611eeb302ec48440", + "【PWN】Edit堆溢出2.23无show函数": "https://mp.weixin.qq.com/s?__biz=Mzk0NDYwOTcxNg==&mid=2247485181&idx=1&sn=9eb1f4bf24e5e5ff17f484fad2c76691", + "2025最新黑客战争片?": "https://mp.weixin.qq.com/s?__biz=MzI1Mjc3NTUwMQ==&mid=2247538493&idx=1&sn=83c7a157ccbf14e9d5b62fb6239744ba", + "API BOM - ASPM数据关联分析纽带": "https://mp.weixin.qq.com/s?__biz=MzI2NTExNzcxNQ==&mid=2247484361&idx=1&sn=8e472a7a51b24dacdf95759c0a58c4a8", + "一款在线的免杀平台": "https://mp.weixin.qq.com/s?__biz=MzU2MTc4NTEyNw==&mid=2247486329&idx=1&sn=63f5ee9fd1c43c3f8d3e3c6a5447df48", + "《网信自主创新调研报告》编委会召开表彰大会": "https://mp.weixin.qq.com/s?__biz=MzkxMzI3MzMwMQ==&mid=2247530967&idx=1&sn=6559955674ede872a826301fb8faea5b", + "通过“Typora + PicGo + 腾讯云” 组合方法解决发布图片显示失效的问题": "https://mp.weixin.qq.com/s?__biz=Mzk1NzI2NDQyMw==&mid=2247484256&idx=1&sn=398751629c02160c7518f9fe44341c1e", + "Win11中安装Linux 教程 | WSL2的使用": "https://mp.weixin.qq.com/s?__biz=MzkyMTQzNTM3Ng==&mid=2247483872&idx=1&sn=1773552c6cc692fb98d3963804a03aa9", + "CTFSHOW渗透赛(复盘+思路延伸)": "https://mp.weixin.qq.com/s?__biz=Mzg3OTUxNTU2NQ==&mid=2247489995&idx=1&sn=d62c2abc72ea72681037cb84feaea5b2", + "vulnhub靶场【jangow靶机】,反弹shell的流量及端口选择": "https://mp.weixin.qq.com/s?__biz=Mzg3OTUxNTU2NQ==&mid=2247489995&idx=2&sn=a6509021c8a5f578f22b978a23bffcf3", + "银狐叒进化?清理不掉!一线应急响应工程师教你如何手工处理": "https://mp.weixin.qq.com/s?__biz=Mzg3OTUxNTU2NQ==&mid=2247489995&idx=3&sn=34f8cda58fa253c24141b98c5589294a", + "linux下配置python环境及库的安装": "https://mp.weixin.qq.com/s?__biz=MzkzMzg3MzMyOA==&mid=2247486352&idx=1&sn=2a8faaf26319ca2e72b856efc8d613e7", + "图解正向代理 vs 反向代理:到底有啥区别?": "https://mp.weixin.qq.com/s?__biz=MzIyMzIwNzAxMQ==&mid=2649464547&idx=1&sn=f0c26c998e650cb170914046e7ed5ee4", + "整合重新发布社区链接": "https://mp.weixin.qq.com/s?__biz=MzkyNzYzNTQ2Nw==&mid=2247484042&idx=1&sn=336335efd991b9e11cab091ae61af2c6", + "春秋杯WP | 2024春秋杯冬季赛第二天题目部分解析": "https://mp.weixin.qq.com/s?__biz=MzkyNDA5NjgyMg==&mid=2247501228&idx=1&sn=4386f7eff6698e6921d12895041c9a18", + "开源情报|国际动态|杂谈|TikTok美国封禁临近": "https://mp.weixin.qq.com/s?__biz=Mzg2NTcyNjU4Nw==&mid=2247485864&idx=1&sn=1757546545462e16ba7e3a3e8b1f8688", + "防范无人机系统(UAS)的威胁": "https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247619741&idx=1&sn=fc226e9fa0bb08ad8cb89ee9b82522c7", + "IDEA研究院:低空经济发展白皮书3.0-安全体系": "https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247619741&idx=2&sn=9a281d31052b030cd47367f8938ba503", + "低空经济启航,安全体系护航 低空经济网络安全体系化研究报告": "https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247619741&idx=3&sn=7c3ab501fef20b76c4df35a1321f4b01", + "Linux服务器中毒?教你一步步精准判断和快速处置!": "https://mp.weixin.qq.com/s?__biz=MzUyNTExOTY1Nw==&mid=2247527911&idx=1&sn=8705fa0202976a1f106844025794d83c", + "vulnhub靶场【Lampiao靶机】,提权之脏牛提权": "https://mp.weixin.qq.com/s?__biz=MzAxNTg1MDYxNA==&mid=2247488884&idx=1&sn=e27d1ae2b776c935534dcebc4a7c3f1f", + "TikTok基本没事了,都洗洗睡吧。": "https://mp.weixin.qq.com/s?__biz=MzU4NDY3MTk2NQ==&mid=2247491029&idx=1&sn=994f4cf99c69bdca9d7b715d4df0d361", + "挖掘有回显ssrf的一类隐藏payload": "https://mp.weixin.qq.com/s?__biz=MzIzMTIzNTM0MA==&mid=2247496898&idx=1&sn=b6088e20a8b4fc9fbd887b900d8c5247", + "$40,000!如何将路径遍历升级为RCE!": "https://mp.weixin.qq.com/s?__biz=Mzg2ODYxMzY3OQ==&mid=2247518264&idx=1&sn=6823adc5590ea93b5292ad7b512fc377", + "SRC专项知识库": "https://mp.weixin.qq.com/s?__biz=Mzg2ODYxMzY3OQ==&mid=2247518264&idx=2&sn=92373e928418b034514387314198c93b", + "深度揭秘SerializeJava:JAVA序列化的全能图形化利器": "https://mp.weixin.qq.com/s?__biz=Mzk2NDE3NDUwNg==&mid=2247483806&idx=1&sn=79e10fffa2731ee08f850b85376b73e0", + "推荐一款国产开源 IoT 物联网Web云组态,基于RuoYi框架和threeJS支持2D/3D大屏!": "https://mp.weixin.qq.com/s?__biz=MjM5OTA4MzA0MA==&mid=2454936626&idx=1&sn=893d191291ac047b22c0fc96c5e9d837", + "2025特朗普官宣的暴富神话!揭露 MeMe: $TRUMP 疑云": "https://mp.weixin.qq.com/s?__biz=MzkwODI1ODgzOA==&mid=2247506575&idx=1&sn=bf017b2d8232732cd139ea4466043034", + "木马反制技巧": "https://mp.weixin.qq.com/s?__biz=MzkzNTYwMTk4Mw==&mid=2247488211&idx=1&sn=a4a634096a3ea78aa825239e2869897b", + "x64 返回地址欺骗": "https://mp.weixin.qq.com/s?__biz=MzAxODM5ODQzNQ==&mid=2247486365&idx=1&sn=59b5d17aa8bcd8631da39637f55d722d", + "涉案2000万!网警成功侦破一起特大“造谣引流”网络水军案": "https://mp.weixin.qq.com/s?__biz=MzA5MzU5MzQzMA==&mid=2652114079&idx=1&sn=a7d5e08a27ad369af030953529245b83", + "21123_ctfshow_misc_原谅2xa0writeup": "https://mp.weixin.qq.com/s?__biz=MzU2NzIzNzU4Mg==&mid=2247489496&idx=1&sn=40b774a412a25cde44f211e5c7716a78", + "缘分稀薄寡淡 亲爱的 后会无期": "https://mp.weixin.qq.com/s?__biz=MzkyMDY1MDI3OA==&mid=2247483792&idx=1&sn=972700e1efd505ff5174aeae2c49c989", + "保姆级教学之sqli-labs(less39-53)": "https://mp.weixin.qq.com/s?__biz=Mzk1NzQwNjQ4Ng==&mid=2247484497&idx=1&sn=3724e7de301b44949a32f68413fd58e5", + "一次应急响应中的Windows Rootkit对抗": "https://mp.weixin.qq.com/s?__biz=MzkyOTc0NDY2Nw==&mid=2247484591&idx=1&sn=1c0754974f5680a49f8844cc588eaab0", + "SSRF": "https://mp.weixin.qq.com/s?__biz=MzkwMjU5MzgzMQ==&mid=2247485221&idx=1&sn=fb4cf74dd862bc8792a0af77a45d1bdc", + "在看 | 周报:浙江省国家安全机关破获境外间谍案;腾讯协助警方破获木马盗窃游戏账号案;江苏男子利用小程序Bug逃匿28万加油费": "https://mp.weixin.qq.com/s?__biz=MzU5ODgzNTExOQ==&mid=2247634732&idx=1&sn=ae1ec8af39e315727dafdde90a2a4a6b", + "在看 | 厂商:本周热门网络安全产业动态": "https://mp.weixin.qq.com/s?__biz=MzU5ODgzNTExOQ==&mid=2247634732&idx=2&sn=d9b9e282392fc8e2701eae8eccae5e62", + "【代码审计】WeGIA 存在前台任意文件上传漏洞 (RCE)": "https://mp.weixin.qq.com/s?__biz=Mzg4MTkwMTI5Mw==&mid=2247488622&idx=1&sn=baced76f27759525c3de42cb9abd4668", + "强力工具助你一臂之力:XXECheck–全面提升XML安全,防护XXE漏洞!": "https://mp.weixin.qq.com/s?__biz=MzkzNzg4MTI0NQ==&mid=2247485359&idx=1&sn=fc0b810b0174b166b92e61fedd91fe77", + "论坛·原创 | 特朗普第二任期美国科技外交战略展望": "https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235038&idx=1&sn=0985e935a77d468c9918194fcdac28b3", + "【直卖实拍】北七家3居变4居豪装,理想楼层、户型、朝向": "https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485427&idx=2&sn=6b5126bf0393fde06a71c2cd046ee078", + "【干货】笑傲职场的独家经验(1)": "https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485427&idx=3&sn=f03a3ae9e761fb7b6b3209a375353ff2", + "【干货原创】实网攻防演习常态化,会带来什么变化01": "https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485427&idx=4&sn=160e2c5b73ca979cc0c8201d479c0362", + "【干货原创】K12教育,鲜为人知的模式秘密": "https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485427&idx=5&sn=4d67208c0f0ef67418c9311336b301b2", + "原创文章目录": "https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485427&idx=6&sn=54232a5bcf1946b2e632e2047a8b2dfd", + "【安全圈】高危!rsync被爆出多个安全漏洞": "https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067460&idx=1&sn=7e41cdf5b76e20186089903f7171a588", + "【安全圈】国家互联网应急中心通报两起美方对我国网络攻击事件": "https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067460&idx=2&sn=1eeea145994ab308cf3f78f1ca987a19", + "【安全圈】网络安全态势研判分析报告 (2024年12月)": "https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067460&idx=3&sn=86d02f407c0e151d308f83282274bf31", + "独特上篮方式突破短信发送限制上分 (企业src意外之喜系列第六集)": "https://mp.weixin.qq.com/s?__biz=MzkyNDQ5NDM3OA==&mid=2247484006&idx=1&sn=93736f0bca7b3de26866dfae3775651b", + "DVWA漏洞靶场通关手册(万字图文解析)": "https://mp.weixin.qq.com/s?__biz=MzkxNjg3NTQ4NA==&mid=2247485767&idx=1&sn=93b546f9ce1febe8901087238dc96ee7", + "方正畅享全媒体新闻采编系统 reportCenter.do SQL注入漏洞": "https://mp.weixin.qq.com/s?__biz=MzkzMTcwMTg1Mg==&mid=2247490256&idx=1&sn=86fcd7775b4baa4c1dfe975633d73730", + "智能座舱架构与芯片- 显示篇": "https://mp.weixin.qq.com/s?__biz=MzIzOTc2OTAxMg==&mid=2247549130&idx=1&sn=4983ee3542adee5a9c44607ee12297ed", + "舍弗勒与小鹏汇天签订飞行汽车动力量产协议": "https://mp.weixin.qq.com/s?__biz=MzIzOTc2OTAxMg==&mid=2247549130&idx=2&sn=5be423869800bfc4aaa2ad9b0a78d086", + "CVE-2024-53704|SonicOS SSLVPN认证绕过漏洞": "https://mp.weixin.qq.com/s?__biz=Mzg2ODcxMjYzMA==&mid=2247485778&idx=1&sn=f2bab6ffd22425efb72f8b20eeeab29b", + "CVE-2024-55591|FortiOS和FortiProxy身份认证绕过漏洞(POC)": "https://mp.weixin.qq.com/s?__biz=Mzg2ODcxMjYzMA==&mid=2247485778&idx=2&sn=691f85f7d7a345f2ed5607454b84333b", + "欢迎报名!u200b“系统0day安全”系列课程:掌握漏洞挖掘重要技能": "https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458588749&idx=1&sn=c07163014dddf5e352e4f3683251b0d4", + "PWN入门:误入格式化字符串漏洞": "https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458588749&idx=2&sn=6fc809be9ede10a46f7d204c536cd5bf", + "b站大事件!员工代码费尽心机前端投毒竟是为了……喷网友!": "https://mp.weixin.qq.com/s?__biz=Mzk0MDY2NTY5Mw==&mid=2247485587&idx=1&sn=b807ce1fae02aa546b49dcaba6635485", + "方正畅享全媒体新闻采编系统 screen.do SQL注入漏洞": "https://mp.weixin.qq.com/s?__biz=MzkzMTcwMTg1Mg==&mid=2247490248&idx=1&sn=1eba3e69ef0279c4fc7796abe9ca32c6", + "网警解密“黄牛”抢票“开挂秘籍”": "https://mp.weixin.qq.com/s?__biz=MjM5MzMwMDU5NQ==&mid=2649170310&idx=1&sn=3de41d277ca4e38f14488d237c44844a", + "警惕利用人工智能技术绕过图形类验证机制的新型犯罪手法": "https://mp.weixin.qq.com/s?__biz=MjM5MzMwMDU5NQ==&mid=2649170310&idx=2&sn=b87113a571fafe09a5f367f860da70ac", + "关于利用人工智能技术绕过图形类验证机制新型犯罪手法预警通报;|2025年首个满分漏洞,PoC已公布,可部署后门": "https://mp.weixin.qq.com/s?__biz=MzAxMjE3ODU3MQ==&mid=2650606788&idx=1&sn=1d92761760abe35316e9dcf0f7bc34f5", + "威胁情报的五个大坑": "https://mp.weixin.qq.com/s?__biz=MzAxMjE3ODU3MQ==&mid=2650606788&idx=2&sn=484daf0b2994e2f714d24e5a26157cf2", + "记一次从任意文件下载到getshell": "https://mp.weixin.qq.com/s?__biz=MzAxMjE3ODU3MQ==&mid=2650606788&idx=3&sn=aaf92b43e956eaffc7241caf6886f23c", + "Telegram中进行开源情报调查的高级插件": "https://mp.weixin.qq.com/s?__biz=MzAxMjE3ODU3MQ==&mid=2650606788&idx=4&sn=1aa5faf3a41536f88bb7bb582e4d5a50", + "【吃瓜】u200b好消息,发年终奖了!坏消息,是员工给公司发的!": "https://mp.weixin.qq.com/s?__biz=MzAwMjQ2NTQ4Mg==&mid=2247496665&idx=1&sn=6063f45192263e8c1f815ea46581b3a5", + "【学习经验分享】给准大学生的CS-学习路线": "https://mp.weixin.qq.com/s?__biz=MzAwMjQ2NTQ4Mg==&mid=2247496665&idx=2&sn=3643759c625630dbed305166d77df167", + "第八届西湖论剑·中国杭州网络安全安全技能大赛CTF夺旗赛PWN题部分题解": "https://mp.weixin.qq.com/s?__biz=Mzk1NzE2Mjc5Mg==&mid=2247484167&idx=1&sn=6806195fc3e8995d3b15490fa64323ba", + "喵苗安全专家组推荐的40个云原生安全RSS订阅源": "https://mp.weixin.qq.com/s?__biz=Mzg5MjkwODc4MA==&mid=2247485914&idx=1&sn=e83a2e64c022f8340af0b0598edecd30", + "小心!“间谍”正在潜入你的手机": "https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235038&idx=3&sn=8d7fbaf443b0a9525f6d4b1be446e0a2", + "密评科普系列(一)——什么是商业密码?": "https://mp.weixin.qq.com/s?__biz=MzI5NTM4OTQ5Mg==&mid=2247633889&idx=2&sn=d7f62b2504acb3f1a969fe71fc163630", + "专家解读 | 强化数据标注基地引领作用 带动数据标注产业高质量发展": "https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235038&idx=2&sn=faf2a988fedc8924e65ab9c9bcbbafa5", + "国际 | 越南个人数据跨境传输规则": "https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235038&idx=4&sn=d5d670e02e6690a029cf91ba98894c4b", + "微信支付存漏洞?用户被异地刷脸支付成功,官方回应": "https://mp.weixin.qq.com/s?__biz=MzI5NTM4OTQ5Mg==&mid=2247633889&idx=5&sn=0eaed00ffbd92d4c0652fd3e9340e6f4", + "美国商务部十年战略规划公布,致力维护国家安全": "https://mp.weixin.qq.com/s?__biz=MzI1OTExNDY1NQ==&mid=2651618687&idx=1&sn=982c6522eca5a4b53edea248ad0f7414", + "【工具】全球有组织犯罪指数": "https://mp.weixin.qq.com/s?__biz=MzI2MTE0NTE3Mw==&mid=2651148608&idx=1&sn=dcde5ba6b230d8fa0b9ffbd97091e78a", + "【资料】拜登告别演讲": "https://mp.weixin.qq.com/s?__biz=MzI2MTE0NTE3Mw==&mid=2651148608&idx=2&sn=03f1e0c2e178ad80175a035485141a01", + "奇安信:被禁 3 年!!": "https://mp.weixin.qq.com/s?__biz=MzkxMzMyNzMyMA==&mid=2247569813&idx=1&sn=ab6a255c9dd15cdb7906c67e2fbece7a", + "如何用 Wireshark 高效过滤 TCP 数据流": "https://mp.weixin.qq.com/s?__biz=MzA5NTUxODA0OA==&mid=2247493116&idx=1&sn=dfbaf2961d5fee876867d903dee25b52", + "海南发布商超消费领域个人信息保护合规指引,以加强个人信息保护": "https://mp.weixin.qq.com/s?__biz=MzIxMDIwODM2MA==&mid=2653931451&idx=1&sn=0066d975abd60b07ce49c4fbcecbab38", + "江苏银行多场景应用大模型,风控能力得到提升": "https://mp.weixin.qq.com/s?__biz=MzIxMDIwODM2MA==&mid=2653931451&idx=2&sn=965d5c8f64b9c296a4f9d74e86f1c330", + "美日韩联合警告加密货币行业防范朝鲜黑客攻击": "https://mp.weixin.qq.com/s?__biz=MzI0MTE4ODY3Nw==&mid=2247492524&idx=1&sn=19d57828e503df304caf2618802d9d27", + "SerializeJava-反序列图形化工具": "https://mp.weixin.qq.com/s?__biz=Mzk0Mjg4MTQxMw==&mid=2247485694&idx=1&sn=f76d44c9fed7879f6d328bd16a49ac51", + "你是否有个忘不掉的它": "https://mp.weixin.qq.com/s?__biz=MzkwNDg4MTg5MQ==&mid=2247483853&idx=1&sn=7b77e7dc2bbf210e25ce19dda9332afe", + ".NET 第55期红队武器库和资源汇总": "https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498306&idx=1&sn=672a2a2f57cabb2ce04be6ff29129beb", + "国内最专业、最全面的 [ .NET 代码审计 ] 体系化学习交流社区": "https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498306&idx=2&sn=4c2323d1570eb3b825a6a04eb4520b72", + "一种通过 .NET 启动 cmd.exe 的新方法": "https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498306&idx=3&sn=d5276b7bf7380ce889dc125627631a94", + "限量领取!篝火信安蛇年定制红包封面派发中!": "https://mp.weixin.qq.com/s?__biz=MzIyNzc3OTMzNw==&mid=2247485751&idx=1&sn=387c2d0644a19e8ecf94580734091cf8", + "无问社区|春节大放送": "https://mp.weixin.qq.com/s?__biz=MzkzODUzMjA1MQ==&mid=2247484823&idx=1&sn=79c8d9e62761290554ec8eda780fba9c", + "分享图片": "https://mp.weixin.qq.com/s?__biz=MzkzMDE3ODc1Mw==&mid=2247488944&idx=1&sn=09e4fe21af1fcba3e404660f9d7b32e4", + "棉花糖定制手绘红包封面来啦!": "https://mp.weixin.qq.com/s?__biz=MzkyOTQzNjIwNw==&mid=2247491430&idx=1&sn=cdd4119a2717173ed1a7f67471f50bd5", + "2025年微信「红包封面」第一弹,快查收!": "https://mp.weixin.qq.com/s?__biz=Mzk0MTIzNTgzMQ==&mid=2247519221&idx=1&sn=3f456dc497d02c7fb2d6610a1a2afcad", + "关于公众号更新以及回复私信的一些事": "https://mp.weixin.qq.com/s?__biz=MzkyMDY1MDI3OA==&mid=2247483788&idx=1&sn=93bb002b5b0c0556d46898897a1712a1", + "【公开课】晚八点App渗透逆向公开课!": "https://mp.weixin.qq.com/s?__biz=MzkxMTUwOTY1MA==&mid=2247490013&idx=1&sn=fda955efd9e128551daa7934f3c0be7b", + "Graphql内审查询漏洞分析": "https://mp.weixin.qq.com/s?__biz=Mzg4NDg3NjE5MQ==&mid=2247485250&idx=1&sn=cc481b4d430eb2516b235f762c1047cb", + "网安一哥发布业绩预告:预计2024年实现营业收入42亿元到45亿元": "https://mp.weixin.qq.com/s?__biz=MzUzNjkxODE5MA==&mid=2247488099&idx=1&sn=d6b09346c9c833d04429738908b67944", + "一文读懂 Spring 动态代理": "https://mp.weixin.qq.com/s?__biz=Mzg4NDY4Mzk3Mw==&mid=2247485498&idx=1&sn=fdb55a27c1ccc7ed9b0326e73e2a649c", + "水水水水~~~~": "https://mp.weixin.qq.com/s?__biz=MzkxNzY5MTg1Ng==&mid=2247485516&idx=1&sn=a776993f5320c5be544d0f4d1162a06a", + "零信任安全,为什么它在当今的威胁环境中至关重要": "https://mp.weixin.qq.com/s?__biz=MzA4MzMzOTQ4Mw==&mid=2453672500&idx=1&sn=3ba70755a11d2fd325341b128d2ca7ec", + "评论 | 走出应用程序自动扣费的“消费陷阱”": "https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235038&idx=5&sn=27d2dc92bc541ae96838413ce948ac9c", + "安恒信息发布业绩预告,预计2024年年度实现归属于母公司所有者的净利润为-2.2亿元到-1.6亿元": "https://mp.weixin.qq.com/s?__biz=MzUzNjkxODE5MA==&mid=2247488091&idx=1&sn=0e3fae68f54835d405aee94c848122e9", + "今晚八点App渗透逆向公开课!": "https://mp.weixin.qq.com/s?__biz=Mzg3NTk4MzY0MA==&mid=2247487962&idx=1&sn=ebbeeaf7d4f783318725119d4ad97f31", + "有人和无人复杂作战系统:概念、能力和战例(9500字干货)": "https://mp.weixin.qq.com/s?__biz=MzkyMjY1MTg1MQ==&mid=2247491542&idx=1&sn=0ffc93f646e632e9845622e638f60904", + "国外“战场战训数据库”利用研究(韩军视角)": "https://mp.weixin.qq.com/s?__biz=MzkyMjY1MTg1MQ==&mid=2247491542&idx=2&sn=0b63c5e22c65c5a3b42ae1dd76e5bc7f", + "在盟国领土上进行海外作战:美军在印太地区面临的挑战和机遇(2024兰德最新报告)": "https://mp.weixin.qq.com/s?__biz=MzkyMjY1MTg1MQ==&mid=2247491542&idx=3&sn=c182630cad08f8732d501929c6fe2611", + "2024兰德报告《将中美台海冲突控制在核门槛以下(第4卷):通过分析战略理论、历史案例和原创分析框架设想首先使用核武器的路径》": "https://mp.weixin.qq.com/s?__biz=MzkyMjY1MTg1MQ==&mid=2247491542&idx=4&sn=452931cd6f0c10c818eb4f489d5f6da0", + "2024兰德报告《将中美台海冲突控制在核门槛以下(第3卷):u200b中-国不断发展的核战略和核使用阈值及其未来风险因素》": "https://mp.weixin.qq.com/s?__biz=MzkyMjY1MTg1MQ==&mid=2247491542&idx=5&sn=e5c5c264c1288570849e547e98aa7af4", + "2024兰德报告《将中美台海冲突控制在核门槛以下(第2卷):u200b调查美国常规联合远程打击能力、作战目标和部署决策》": "https://mp.weixin.qq.com/s?__biz=MzkyMjY1MTg1MQ==&mid=2247491542&idx=6&sn=408d8cfe126b94e1a6a48bff1eeb4b28", + "2024兰德报告《将中美台海冲突控制在核门槛以下(第1卷):美国常规联合远程打击升级管理理念概述》": "https://mp.weixin.qq.com/s?__biz=MzkyMjY1MTg1MQ==&mid=2247491542&idx=7&sn=de191e6550e6c769b0bec6abcabf84f4", + "新型手法|Telegram 假 Safeguard 骗局": "https://mp.weixin.qq.com/s?__biz=MzU4ODQ3NTM2OA==&mid=2247500978&idx=1&sn=8d502d81ee56971fac26b35e70b49081", + "STH-RPC识别短期底部": "https://mp.weixin.qq.com/s?__biz=MzI3NTcwNTQ2Mg==&mid=2247487603&idx=1&sn=c80291f3e5df7a556fee023c857bd9e4", + "【中文调教】免费开源不限量!让 AI 生成高质量 4k 定制图片": "https://mp.weixin.qq.com/s?__biz=MzkwODI1ODgzOA==&mid=2247506565&idx=1&sn=0d2c7468fe8213f063154297c0a70895", + "公众号交流二群建立了!快来扫码加入": "https://mp.weixin.qq.com/s?__biz=MzkwODI1ODgzOA==&mid=2247506565&idx=2&sn=5726611666b67db6aca8251fd26ce47d", + "无问社区 | 网安技术资源派送(文末福利)": "https://mp.weixin.qq.com/s?__biz=MzkzNDQ0MDcxMw==&mid=2247487155&idx=1&sn=e865c23ab316942e34f7a4e11f209276", + "特朗普 x 账号疑似被黑": "https://mp.weixin.qq.com/s?__biz=MzkzNDIzNDUxOQ==&mid=2247494382&idx=1&sn=8ddba3acf29f8fc6650c7e46e18b1a6d", + "一次通用cnvd案例分享": "https://mp.weixin.qq.com/s?__biz=MzkzNTQwNjQ4OA==&mid=2247484053&idx=1&sn=f2f7d10b6cf4337e7ab2212e103f702a", + "ChatGPT如何指导知识产权法论文选题,掌握5步精准指南。": "https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247493243&idx=1&sn=8f30acca6c4f3b2b6179a8656d558eef", + "ChatGPT审核新闻学论文的内部高阶攻略,0经验小白也能轻松找出问题!": "https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247493243&idx=2&sn=b529bb3e05fe0200e1b590d4801b1696", + "chatgpt视角下的野生动物论文文献综述写作核心攻略。": "https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247493243&idx=3&sn=d73f224f40a8c4f610df81cd00335551", + "ChatGPT挖掘拉丁语学术论文的9大神仙技巧,学院派必看!": "https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247493243&idx=4&sn=7218911d39ff15c8a82b86c5852a968a", + "ChatGPT完美助攻,中西医结合论文3天确定逆天选题攻略!": "https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247493243&idx=5&sn=b4509068ccdeab0b99c827ee299c55d7", + "赛欧思一周资讯分类汇总(2025-01-13 ~ 2025-01-18)": "https://mp.weixin.qq.com/s?__biz=MzU0MjE2Mjk3Ng==&mid=2247488416&idx=1&sn=3256d8d3ec398a11297f623fdceef5d2", + "Java安全小记-Commons-Collections4反序列化": "https://mp.weixin.qq.com/s?__biz=Mzk0ODY1NzEwMA==&mid=2247485860&idx=1&sn=1b65d29dbab6339bc7842474a6211475", + "DataCon2024解题报告WriteUp—漏洞分析赛道": "https://mp.weixin.qq.com/s?__biz=MzU5Njg1NzMyNw==&mid=2247489123&idx=1&sn=228fa0630cebdc58c6b961b96752dc2f", + "中国工程院院士邬贺铨:五方面发力推动信息通信业高质量发展": "https://mp.weixin.qq.com/s?__biz=Mzg4MDU0NTQ4Mw==&mid=2247528734&idx=1&sn=354275495b32bddb78bfb6b94a93340d", + "国家数据基础设施建设的四个核心问题": "https://mp.weixin.qq.com/s?__biz=Mzg4MDU0NTQ4Mw==&mid=2247528734&idx=2&sn=3af167a316f4c6b8b3444a3fc509a2e7", + "Proton Mail宕机–大规模中断后服务恢复": "https://mp.weixin.qq.com/s?__biz=Mzg2NjY2MTI3Mg==&mid=2247498269&idx=1&sn=6ddb964e3a74df8b9bde7aca97752ef8", + "吃瓜,某安一哥起诉某公众号索赔50W": "https://mp.weixin.qq.com/s?__biz=Mzk0MzY3MDE5Mg==&mid=2247483932&idx=1&sn=d275d1d865bc82ea56279c6c9c584cd5", + "泰晓资讯xa0:xa02025xa0年 1xa0月xa0第xa0二xa0期": "https://mp.weixin.qq.com/s?__biz=MzA5NDQzODQ3MQ==&mid=2648194552&idx=1&sn=4b6885310a604cf16f4bc2e14b62287b", + "OSDT Weekly 2025-01-15 第289期": "https://mp.weixin.qq.com/s?__biz=MzA5NDQzODQ3MQ==&mid=2648194552&idx=2&sn=601b0cc0dc7df856c714123d5adfc94f", + "拜登政府AI出口管制破坏秩序与对我的影响": "https://mp.weixin.qq.com/s?__biz=MzkwNzM0NzA5MA==&mid=2247504300&idx=2&sn=412c2f98c4028c9f8d6a19833bafdc80", + "中吉乌铁路:重塑中亚地缘政治经济格局与国际态度演变": "https://mp.weixin.qq.com/s?__biz=MzkwNzM0NzA5MA==&mid=2247504300&idx=3&sn=5f8a05ad7afaf072d44c05829dff3f95", + "安天AVL SDK反病毒引擎升级通告(20250118)": "https://mp.weixin.qq.com/s?__biz=MjM5MTA3Nzk4MQ==&mid=2650209597&idx=1&sn=91ede5437c5fc60e6c3084c81753784d", + "Nuclei POC 管理工具(附POC地址)": "https://mp.weixin.qq.com/s?__biz=Mzg5OTg5NzMzMA==&mid=2247484176&idx=1&sn=f4be63e1e0f295963d861967f27eb595", + "浏览器取证实战": "https://mp.weixin.qq.com/s?__biz=Mzg3NTU3NTY0Nw==&mid=2247489510&idx=1&sn=65afe75391c1243ba91da9dfaf11fced", + "AI+代码审计??代码审计新工具内测来了!": "https://mp.weixin.qq.com/s?__biz=MzkzMzczODA0OQ==&mid=2247484066&idx=1&sn=71685fde2af3a483cf290a5f14e1c140", + "渗透测试 | 某系统垂直越权漏洞的挖掘": "https://mp.weixin.qq.com/s?__biz=Mzk0Mzc1MTI2Nw==&mid=2247487115&idx=1&sn=338d1d8129bc7b7f75ae6ad22e4cef7e", + "如何利用 OSINT 解决价值 1100 亿美元的商店盗窃问题": "https://mp.weixin.qq.com/s?__biz=MzkxMDIwMTMxMw==&mid=2247494428&idx=1&sn=6c841e5efe7e16262098d12e617933c3" + }, + "Private Feed for M09Ic": { + "safedv starred hlldz/Phant0m": "https://github.com/hlldz/Phant0m", + "safedv starred D3Ext/Hooka": "https://github.com/D3Ext/Hooka", + "mgeeky starred rainerzufalldererste/windows_x64_shellcode_template": "https://github.com/rainerzufalldererste/windows_x64_shellcode_template", + "HuYlllc pushed to v0.0.4dev in chainreactors/malice-network": "https://github.com/chainreactors/malice-network/compare/95cb131373...ace33f01f9", + "mgeeky starred SpecterOps/Nemesis": "https://github.com/SpecterOps/Nemesis", + "CHYbeta starred louislam/dockge": "https://github.com/louislam/dockge", + "huoji120 started following SamuelTulach": "https://github.com/SamuelTulach", + "esrrhs starred tomhea/c2fj": "https://github.com/tomhea/c2fj", + "esrrhs starred tomhea/flip-jump": "https://github.com/tomhea/flip-jump", + "mgeeky starred cainiao1992/ollvm-mingw": "https://github.com/cainiao1992/ollvm-mingw" + }, + "Recent Commits to cve:main": { + "Update Sat Jan 18 20:13:55 UTC 2025": "https://github.com/trickest/cve/commit/b708e26d5a4c98338b505110945c3df0396344c0", + "Update Sat Jan 18 12:15:13 UTC 2025": "https://github.com/trickest/cve/commit/aef459845426b0cd394ec2be1ea55871b7a78f8a", + "Update Sat Jan 18 04:18:41 UTC 2025": "https://github.com/trickest/cve/commit/cb8a7b3ec123eb65fb54b26ccb85cfecefc0b1a7" + }, + "Security Boulevard": { + "DEF CON 32 – Breaking Boundaries: Popping Shells In The Airgap With $10 & Arduino Magic": "https://securityboulevard.com/2025/01/def-con-32-breaking-boundaries-popping-shells-in-the-airgap-with-10-arduino-magic/", + "Cyber Essentials NHS and Healthcare Organisations": "https://securityboulevard.com/2025/01/cyber-essentials-nhs-and-healthcare-organisations/", + "Trump’s Digital Footprint: Unveiling Malicious Campaigns Amid Political Milestones": "https://securityboulevard.com/2025/01/trumps-digital-footprint-unveiling-malicious-campaigns-amid-political-milestones/", + "How Imperva Protects the Arts Industry from Ticketing Abuse by Carding Bots": "https://securityboulevard.com/2025/01/how-imperva-protects-the-arts-industry-from-ticketing-abuse-by-carding-bots/" + }, + "CXSECURITY Database RSS Feed - CXSecurity.com": { + "OBS (by: oretnom23 ) File Upload-FU and Remote": "https://cxsecurity.com/issue/WLB-2025010017" + }, + "一个被知识诅咒的人": { + "AIGC与劳动力市场:技术进步与就业结构的重塑": "https://blog.csdn.net/nokiaguy/article/details/145234235", + "Python中的字典优化:如何高效使用`defaultdict`和`Counter`": "https://blog.csdn.net/nokiaguy/article/details/145227999", + "【Python运维】用Python管理Docker容器:从`docker-py`到自动化部署的全面指南": "https://blog.csdn.net/nokiaguy/article/details/145227982" + }, + "arighi's blog": { + "Accelerating micro-VM boot time with sched_ext": "http://arighi.blogspot.com/2025/01/accelerating-micro-vm-boot-time-with.html" + }, + "Twitter @bytehx": { + "Re @rez0__ I made it at my home and love it. It is really good with toasted bread.": "https://x.com/bytehx343/status/1880671088092565741", + "Re @RelentlessT7 @Bugcrowd Congrats 🎉": "https://x.com/bytehx343/status/1880659660078006382", + "Re @notgeej haha yes that is quite hurt.": "https://x.com/bytehx343/status/1880577440621396144", + "Re @h4x0r_dz 🤣🤣🤣": "https://x.com/bytehx343/status/1880474260738912721", + "Re @696e746c6f6c I did comment about the severity but they never respond to me.": "https://x.com/bytehx343/status/1880474183785935318", + "Re @HannanHaseeb11 🤣🤣🤣": "https://x.com/bytehx343/status/1880473913190412403" + }, + "Bug Bounty in InfoSec Write-ups on Medium": { + "Critical Blind SQL Injection leads to \n$4,134 (7/30 DAYS)": "https://infosecwriteups.com/critical-blind-sql-injection-leads-to-4-134-7-30-days-d8918ff3d2d0?source=rss----7b722bfd1b8d--bug_bounty", + "Building Your Own Bug Bounty Lab: A Hands-On Guide with Metasploit and More": "https://infosecwriteups.com/building-your-own-bug-bounty-lab-a-hands-on-guide-with-metasploit-and-more-9595a71fc4c6?source=rss----7b722bfd1b8d--bug_bounty", + "Stored XSS to Admin in Unauthenticated-WordPress": "https://infosecwriteups.com/stored-xss-to-admin-in-unauthenticated-wordpress-cb76bae66623?source=rss----7b722bfd1b8d--bug_bounty", + "This is How I Turned an Informative Bug into a Valid $500 Bug": "https://infosecwriteups.com/this-is-how-i-turned-an-informative-bug-into-a-valid-500-bug-174ffeb94737?source=rss----7b722bfd1b8d--bug_bounty", + "CVE-2024-50379: Apache Tomcat Race Condition Vulnerability Leads to Remote Code Execution": "https://infosecwriteups.com/cve-2024-50379-apache-tomcat-race-condition-vulnerability-leads-to-remote-code-execution-6b3291780d65?source=rss----7b722bfd1b8d--bug_bounty" + }, + "奇客Solidot–传递最新科技情报": { + "原神被禁止向美国 16 岁以下儿童出售战利品箱": "https://www.solidot.org/story?sid=80367", + "CNNIC 报告称中国有 2.49 亿人使用过生成式 AI": "https://www.solidot.org/story?sid=80366" + }, + "黑海洋 - IT技术知识库": { + "AniDoc:动画创作草图高保真着色工具": "https://blog.upx8.com/4673", + "网页翻译插件:接入Deepseekv、Gemini等AI翻译服务": "https://blog.upx8.com/4671", + "ai_couplets:AI 对联生成器 马上成为春联领域高手": "https://blog.upx8.com/4670", + "WinNew:微软Windows原版镜像系统": "https://blog.upx8.com/4669" + }, + "威努特安全网络": { + "西班牙电信公司遭入侵,官方通报16款违规移动应用 | 一周特辑": "https://mp.weixin.qq.com/s?__biz=MzAwNTgyODU3NQ==&mid=2651130508&idx=1&sn=2470459b5f48ea1c07856c2d72394829&chksm=80e7103cb790992a65070923895751564457b3909a6b673b81f7dc6c3db5958fd00fd64e76ae&scene=58&subscene=0#rd" + }, + "代码审计SDL": { + "API BOM - ASPM数据关联分析纽带": "https://mp.weixin.qq.com/s?__biz=MzI2NTExNzcxNQ==&mid=2247484361&idx=1&sn=8e472a7a51b24dacdf95759c0a58c4a8&chksm=eaa30ab5ddd483a3ebf52abba4056a525450dc0dd3cd0a1a1aef253b5339b066093ed268e076&scene=58&subscene=0#rd" + }, + "dotNet安全矩阵": { + ".NET 第55期红队武器库和资源汇总": "https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498306&idx=1&sn=672a2a2f57cabb2ce04be6ff29129beb&chksm=fa5954afcd2eddb95c9d28b0c0054d2ffc9aeefa6c8453b52d06a54a7256591e3ea8c802d6d9&scene=58&subscene=0#rd", + "国内最专业、最全面的 [ .NET 代码审计 ] 体系化学习交流社区": "https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498306&idx=2&sn=4c2323d1570eb3b825a6a04eb4520b72&chksm=fa5954afcd2eddb9dd3e4a3bbf2b57ba408dd8885947b8fb03d7dc9cf4549bd8cb2784095eaf&scene=58&subscene=0#rd", + "一种通过 .NET 启动 cmd.exe 的新方法": "https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498306&idx=3&sn=d5276b7bf7380ce889dc125627631a94&chksm=fa5954afcd2eddb9766ec4e35c05e11ccf9f4e97162811fc15396171a733e0531e29cabee253&scene=58&subscene=0#rd" + }, + "看雪学苑": { + "欢迎报名!​“系统0day安全”系列课程:掌握漏洞挖掘重要技能": "https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458588749&idx=1&sn=c07163014dddf5e352e4f3683251b0d4&chksm=b18c26c786fbafd14670241f07726032e76e13980b4ff50732d34c76fea9f03ae8979ccaba96&scene=58&subscene=0#rd", + "PWN入门:误入格式化字符串漏洞": "https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458588749&idx=2&sn=6fc809be9ede10a46f7d204c536cd5bf&chksm=b18c26c786fbafd14e4e451e21e415e3d96e93feb517543db94006ba90a0f748c9b78f0cc838&scene=58&subscene=0#rd" + }, + "安全内参": { + "CNCERT:美网络攻击我国某先进材料设计研究院事件调查报告": "https://mp.weixin.qq.com/s?__biz=MzI4NDY2MDMwMw==&mid=2247513535&idx=1&sn=b266fc240ecfa7219f753220df704fd6&chksm=ebfaf29fdc8d7b895e31b7f387b580348d6200e7d05b1f78b5bbefb52172bf88ccda3fb37a3b&scene=58&subscene=0#rd", + "CNCERT:美网络攻击我国某智慧能源和数字信息大型高科技企业事件调查报告": "https://mp.weixin.qq.com/s?__biz=MzI4NDY2MDMwMw==&mid=2247513535&idx=2&sn=8013d103c78d04dbb57f8891af08c176&chksm=ebfaf29fdc8d7b89c6ce104f81453910fac57be35385c3d3cefe1beff5e1b59a6307051d12d0&scene=58&subscene=0#rd" + }, + "中国信息安全": { + "论坛·原创 | 特朗普第二任期美国科技外交战略展望": "https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235038&idx=1&sn=0985e935a77d468c9918194fcdac28b3&chksm=8b5802e7bc2f8bf11b2f1b8ca38fc79e014dc4fd73969198e2fcad1f63378e221da7e6975b6f&scene=58&subscene=0#rd", + "专家解读 | 强化数据标注基地引领作用 带动数据标注产业高质量发展": "https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235038&idx=2&sn=faf2a988fedc8924e65ab9c9bcbbafa5&chksm=8b5802e7bc2f8bf126b161de9bd9d5058cff96053115722ea4bc0519184dbbf8d28f097b06c2&scene=58&subscene=0#rd", + "小心!“间谍”正在潜入你的手机": "https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235038&idx=3&sn=8d7fbaf443b0a9525f6d4b1be446e0a2&chksm=8b5802e7bc2f8bf161b0bb62fba700cc8b6a23cdba4d5a9d1aeab4ff10271ea2fbda09f594f5&scene=58&subscene=0#rd", + "国际 | 越南个人数据跨境传输规则": "https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235038&idx=4&sn=d5d670e02e6690a029cf91ba98894c4b&chksm=8b5802e7bc2f8bf12d74db74b6d23efe779dc9b074b80efd47d7ffb4874d0665a003c525e7ac&scene=58&subscene=0#rd", + "评论 | 走出应用程序自动扣费的“消费陷阱”": "https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235038&idx=5&sn=27d2dc92bc541ae96838413ce948ac9c&chksm=8b5802e7bc2f8bf11127a7f375be5953f44d0423fe5f47d299c0e71a4bb5fc2b4b1ebb629812&scene=58&subscene=0#rd" + }, + "慢雾科技": { + "新型手法|Telegram 假 Safeguard 骗局": "https://mp.weixin.qq.com/s?__biz=MzU4ODQ3NTM2OA==&mid=2247500978&idx=1&sn=8d502d81ee56971fac26b35e70b49081&chksm=fddeba35caa9332370f3eb036a88298138c4c0b3affab16a89684c8be0ea352075d9efbc6119&scene=58&subscene=0#rd" + }, + "ChaMd5安全团队": { + "2024年ChaMd5安全团队总结": "https://mp.weixin.qq.com/s?__biz=MzIzMTc1MjExOQ==&mid=2247511877&idx=1&sn=d8176431e491281ef849226a54134205&chksm=e89d879ddfea0e8bed51009b5df5f17451e07e7d548788096d2d114ae33d709cadabdd53fd21&scene=58&subscene=0#rd" + }, + "极客公园": { + "美国最高法裁定支持 TikTok 禁令,周受资回应;传网易裁撤战投部;三星与 OpenAI 合作开发 AI 电视 | 极客早知道": "https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653072294&idx=1&sn=2ad18c4ecffe9cc504a4c2b913d43446&chksm=7e57d61049205f06adcfbf56f4d2a313bfa3cf0be44336d8b8615ba19db4d9afe35995b8e869&scene=58&subscene=0#rd" + }, + "丁爸 情报分析师的工具箱": { + "【工具】全球有组织犯罪指数": "https://mp.weixin.qq.com/s?__biz=MzI2MTE0NTE3Mw==&mid=2651148608&idx=1&sn=dcde5ba6b230d8fa0b9ffbd97091e78a&chksm=f1af267ac6d8af6c1e5890468a5afa8695a4219608207c2373863a75d242e13b2b43eb2baa23&scene=58&subscene=0#rd", + "【资料】拜登告别演讲": "https://mp.weixin.qq.com/s?__biz=MzI2MTE0NTE3Mw==&mid=2651148608&idx=2&sn=03f1e0c2e178ad80175a035485141a01&chksm=f1af267ac6d8af6c2b9fd8e4c2800c517101c6e06ecac0b3e36448e42f84a6301499a6f416bd&scene=58&subscene=0#rd" + }, + "安全圈": { + "【安全圈】高危!rsync被爆出多个安全漏洞": "https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067460&idx=1&sn=7e41cdf5b76e20186089903f7171a588&chksm=f36e7ac4c419f3d2506b8a4fda50d186484d0b429b68fbc2c9fa6a6d793e423ec4e7374d18b2&scene=58&subscene=0#rd", + "【安全圈】国家互联网应急中心通报两起美方对我国网络攻击事件": "https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067460&idx=2&sn=1eeea145994ab308cf3f78f1ca987a19&chksm=f36e7ac4c419f3d249013e9e085dface206bc6cc4b5b7f6d7808a9eb3d92fe36d14ea01b7261&scene=58&subscene=0#rd", + "【安全圈】网络安全态势研判分析报告 (2024年12月)": "https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067460&idx=3&sn=86d02f407c0e151d308f83282274bf31&chksm=f36e7ac4c419f3d2c695e9358023983f6c9908bce56b713651866957afc0ffec8d6486e40553&scene=58&subscene=0#rd" + }, + "山石网科安全技术研究院": { + "2024年度人工智能相关重点安全漏洞盘点": "https://mp.weixin.qq.com/s?__biz=MzUzMDUxNTE1Mw==&mid=2247510270&idx=1&sn=6e0dfb575d641bc67a2b3f00196df49c&chksm=fa527d40cd25f4569e895e911f8d3e8f3e3bc366ffc8598627f89ba3a175f3b65e348be9866b&scene=58&subscene=0#rd" + }, + "DataCon大数据安全分析竞赛": { + "DataCon2024解题报告WriteUp—漏洞分析赛道": "https://mp.weixin.qq.com/s?__biz=MzU5Njg1NzMyNw==&mid=2247489123&idx=1&sn=228fa0630cebdc58c6b961b96752dc2f&chksm=fe5d0ee3c92a87f539db8736eee19d3b20b91e5cf731b6a9630bc1339b0cd1dfb5e2e9ecca66&scene=58&subscene=0#rd" + }, + "白泽安全实验室": { + "美日韩联合警告加密货币行业防范朝鲜黑客攻击": "https://mp.weixin.qq.com/s?__biz=MzI0MTE4ODY3Nw==&mid=2247492524&idx=1&sn=19d57828e503df304caf2618802d9d27&chksm=e90dc986de7a4090525887e3393df05546cb69cbdde9be1ad3e3ff9b365906e28e0b0a1640d3&scene=58&subscene=0#rd" + }, + "Over Security - Cybersecurity news aggregator": { + "Microsoft removes Assassin’s Creed Windows 11 upgrade blocks": "https://www.bleepingcomputer.com/news/microsoft/microsoft-removes-assassins-creed-windows-11-upgrade-blocks/", + "FTC orders GM to stop collecting and selling driver’s data": "https://www.bleepingcomputer.com/news/legal/ftc-orders-gm-to-stop-collecting-and-selling-drivers-data/", + "Medusa Ransomware Attack on PMUSA: The $1.2 Million Ransom to Prevent Data Exposure": "https://www.suspectfile.com/medusa-ransomware-attack-on-pmusa-the-1-2-million-ransom-to-prevent-data-exposure/", + "How victims of PowerSchool’s data breach helped each other investigate ‘massive’ hack": "https://techcrunch.com/2025/01/18/how-victims-of-powerschools-data-breach-helped-each-other-investigate-massive-hack/", + "Otelier - 436,855 breached accounts": "https://haveibeenpwned.com/PwnedWebsites#Otelier" + }, + "Desync InfoSec": { + "分享图片": "https://mp.weixin.qq.com/s?__biz=MzkzMDE3ODc1Mw==&mid=2247488944&idx=1&sn=09e4fe21af1fcba3e404660f9d7b32e4&chksm=c27f661ef508ef08a55b85b5762be82d9737b6b17f5bba12e75332b0ce96d0d54dc7f5a409e4&scene=58&subscene=0#rd" + }, + "IT Service Management News": { + "Gli uomini possono fare tutto (Gennaio 2025)": "http://blog.cesaregallotti.it/2025/01/gli-uomini-possono-fare-tutto-gennaio.html", + "Parere EDPB sui modelli di intelligenza artificiale": "http://blog.cesaregallotti.it/2025/01/parere-edpb-sui-modelli-di-intelligenza.html" + }, + "吴鲁加": { + "黑客思维": "https://mp.weixin.qq.com/s?__biz=Mzg5NDY4ODM1MA==&mid=2247485154&idx=1&sn=43d73ef46e2f7ca8d5a52c0fa515843f&chksm=c01a8bd3f76d02c5d4368cdfa4790e59deb43648e7ad8aaf6f4bad39c19707325a280fac689d&scene=58&subscene=0#rd" + }, + "迪哥讲事": { + "挖掘有回显ssrf的一类隐藏payload": "https://mp.weixin.qq.com/s?__biz=MzIzMTIzNTM0MA==&mid=2247496898&idx=1&sn=b6088e20a8b4fc9fbd887b900d8c5247&chksm=e8a5fea1dfd277b708b1a63e6fa9a1399f8466dce922766f0393e815aca0aa4090c609a9a372&scene=58&subscene=0#rd" + }, + "SANS Internet Storm Center, InfoCON: green": { + "New tool: immutable.py, (Sat, Jan 18th)": "https://isc.sans.edu/diary/rss/31598" + }, + "ICT Security Magazine": { + "Autonomic Computing: La Rivoluzione dei Sistemi Auto-Gestiti nella Cybersecurity Moderna": "https://www.ictsecuritymagazine.com/articoli/autonomic-computing/" + }, + "Your Open Hacker Community": { + "(for research purposes) how do scammers gain the skills they have?": "https://www.reddit.com/r/HowToHack/comments/1i40zkp/for_research_purposes_how_do_scammers_gain_the/", + "Fake acc": "https://www.reddit.com/r/HowToHack/comments/1i4joo0/fake_acc/", + "Complete beginner - 2 days in": "https://www.reddit.com/r/HowToHack/comments/1i46c9w/complete_beginner_2_days_in/", + "How to create a rat": "https://www.reddit.com/r/HowToHack/comments/1i4l1iu/how_to_create_a_rat/", + "How do I hack a Roblox account?": "https://www.reddit.com/r/HowToHack/comments/1i4jjcn/how_do_i_hack_a_roblox_account/", + "Lets bring tiktok back up": "https://www.reddit.com/r/HowToHack/comments/1i4ddzb/lets_bring_tiktok_back_up/", + "Hi, so I ran my config on open bullet And I’m only getting retries on the runner is it a problem with my proxy, combo list or config?": "https://www.reddit.com/r/HowToHack/comments/1i3z2l5/hi_so_i_ran_my_config_on_open_bullet_and_im_only/", + "Help making open bullet plugin": "https://www.reddit.com/r/HowToHack/comments/1i3xttx/help_making_open_bullet_plugin/", + "I need help.": "https://www.reddit.com/r/HowToHack/comments/1i3xa2q/i_need_help/", + "Help": "https://www.reddit.com/r/HowToHack/comments/1i41jrv/help/", + "[ Removed by Reddit ]": "https://www.reddit.com/r/HowToHack/comments/1i40znr/removed_by_reddit/", + "Twitter account": "https://www.reddit.com/r/HowToHack/comments/1i3z6bq/twitter_account/" + }, + "Information Security": { + "Newb question: what does an information manager *do*?": "https://www.reddit.com/r/Information_Security/comments/1i47ytv/newb_question_what_does_an_information_manager_do/" + }, + "Social Engineering": { + "Best way to keep in touch with people as a freelancer?": "https://www.reddit.com/r/SocialEngineering/comments/1i4fug3/best_way_to_keep_in_touch_with_people_as_a/" + }, + "Hacking Exposed Computer Forensics Blog": { + "Daily Blog #720: The new hardest question to answer in an incident": "https://www.hecfblog.com/2025/01/daily-blog-720-new-hardest-question-to.html" + }, + "netsecstudents: Subreddit for students studying Network Security and its related subjects": { + "Would the Comptia A+ certification be worth it in this scenario?": "https://www.reddit.com/r/netsecstudents/comments/1i3yegb/would_the_comptia_a_certification_be_worth_it_in/" + }, + "Computer Forensics": { + "Seeking Advice: Questions to Ask My Supervisor and IT Manager During My Internship": "https://www.reddit.com/r/computerforensics/comments/1i4210m/seeking_advice_questions_to_ask_my_supervisor_and/", + "Courses or books": "https://www.reddit.com/r/computerforensics/comments/1i446e4/courses_or_books/" + }, + "Security Affairs": { + "U.S. Treasury Sanctions Chinese cybersecurity firm and actor over federal agency breach tied to Salt Typhoon": "https://securityaffairs.com/173209/intelligence/u-s-treasury-sanctioned-cybersecurity-firm-and-shanghai-cyber-actor-linked-salt-typhoon.html" + }, + "Have I Been Pwned latest breaches": { + "Otelier - 436,855 breached accounts": "https://haveibeenpwned.com/PwnedWebsites#Otelier" + }, + "Blackhat Library: Hacking techniques and research": { + "Dead Grandmas iPhone 11": "https://www.reddit.com/r/blackhat/comments/1i404m4/dead_grandmas_iphone_11/" + }, + "The Hacker News": { + "U.S. Sanctions Chinese Cybersecurity Firm Over Treasury Hack Tied to Silk Typhoon": "https://thehackernews.com/2025/01/us-sanctions-chinese-cybersecurity-firm.html" + }, + "TorrentFreak": { + "MAME Devs Spent 628 Years Cracking Protection on 712 Retro Games": "https://torrentfreak.com/mame-devs-spent-628-years-cracking-protection-on-712-retro-games-250118/" + } +} \ No newline at end of file diff --git a/today.md b/today.md index f6dbef247d..1c9a9e5c62 100644 --- a/today.md +++ b/today.md @@ -1,425 +1,291 @@ -# 每日安全资讯(2025-01-17) +# 每日安全资讯(2025-01-19) -- 奇安信攻防社区 - - [ ] [Pipe管道利用](https://forum.butian.net/share/4041) - - [ ] [x86_shellcode的一些总结](https://forum.butian.net/share/4045) +- 博客园 - potatso + - [ ] [linux实现macos的timeMachine系统备份 - potatso](https://www.cnblogs.com/potatso/p/18678521) + - [ ] [btrfs文件系统从原理到实践 [1] - potatso](https://www.cnblogs.com/potatso/p/18678520) + - [ ] [Git三路合并算法完全指南:优雅处理复杂冲突[2] - potatso](https://www.cnblogs.com/potatso/p/18678518) - SecWiki News - - [ ] [SecWiki News 2025-01-16 Review](http://www.sec-wiki.com/?2025-01-16) + - [ ] [SecWiki News 2025-01-18 Review](http://www.sec-wiki.com/?2025-01-18) +- Doonsec's feed + - [ ] [软考信安(六)](https://mp.weixin.qq.com/s?__biz=MzkzMjYzOTc5NQ==&mid=2247484676&idx=1&sn=2198cc3fdd3be060e0584d88e273e056) + - [ ] [北美最大戒毒服务提供商BayMark遭遇数据泄露,患者信息被窃取!](https://mp.weixin.qq.com/s?__biz=MzA4NTY4MjAyMQ==&mid=2447900070&idx=1&sn=420bed34960782ce611eeb302ec48440) + - [ ] [【PWN】Edit堆溢出2.23无show函数](https://mp.weixin.qq.com/s?__biz=Mzk0NDYwOTcxNg==&mid=2247485181&idx=1&sn=9eb1f4bf24e5e5ff17f484fad2c76691) + - [ ] [2025最新黑客战争片?](https://mp.weixin.qq.com/s?__biz=MzI1Mjc3NTUwMQ==&mid=2247538493&idx=1&sn=83c7a157ccbf14e9d5b62fb6239744ba) + - [ ] [API BOM - ASPM数据关联分析纽带](https://mp.weixin.qq.com/s?__biz=MzI2NTExNzcxNQ==&mid=2247484361&idx=1&sn=8e472a7a51b24dacdf95759c0a58c4a8) + - [ ] [一款在线的免杀平台](https://mp.weixin.qq.com/s?__biz=MzU2MTc4NTEyNw==&mid=2247486329&idx=1&sn=63f5ee9fd1c43c3f8d3e3c6a5447df48) + - [ ] [《网信自主创新调研报告》编委会召开表彰大会](https://mp.weixin.qq.com/s?__biz=MzkxMzI3MzMwMQ==&mid=2247530967&idx=1&sn=6559955674ede872a826301fb8faea5b) + - [ ] [通过“Typora + PicGo + 腾讯云” 组合方法解决发布图片显示失效的问题](https://mp.weixin.qq.com/s?__biz=Mzk1NzI2NDQyMw==&mid=2247484256&idx=1&sn=398751629c02160c7518f9fe44341c1e) + - [ ] [Win11中安装Linux 教程 | WSL2的使用](https://mp.weixin.qq.com/s?__biz=MzkyMTQzNTM3Ng==&mid=2247483872&idx=1&sn=1773552c6cc692fb98d3963804a03aa9) + - [ ] [CTFSHOW渗透赛(复盘+思路延伸)](https://mp.weixin.qq.com/s?__biz=Mzg3OTUxNTU2NQ==&mid=2247489995&idx=1&sn=d62c2abc72ea72681037cb84feaea5b2) + - [ ] [vulnhub靶场【jangow靶机】,反弹shell的流量及端口选择](https://mp.weixin.qq.com/s?__biz=Mzg3OTUxNTU2NQ==&mid=2247489995&idx=2&sn=a6509021c8a5f578f22b978a23bffcf3) + - [ ] [银狐叒进化?清理不掉!一线应急响应工程师教你如何手工处理](https://mp.weixin.qq.com/s?__biz=Mzg3OTUxNTU2NQ==&mid=2247489995&idx=3&sn=34f8cda58fa253c24141b98c5589294a) + - [ ] [linux下配置python环境及库的安装](https://mp.weixin.qq.com/s?__biz=MzkzMzg3MzMyOA==&mid=2247486352&idx=1&sn=2a8faaf26319ca2e72b856efc8d613e7) + - [ ] [图解正向代理 vs 反向代理:到底有啥区别?](https://mp.weixin.qq.com/s?__biz=MzIyMzIwNzAxMQ==&mid=2649464547&idx=1&sn=f0c26c998e650cb170914046e7ed5ee4) + - [ ] [整合重新发布社区链接](https://mp.weixin.qq.com/s?__biz=MzkyNzYzNTQ2Nw==&mid=2247484042&idx=1&sn=336335efd991b9e11cab091ae61af2c6) + - [ ] [春秋杯WP | 2024春秋杯冬季赛第二天题目部分解析](https://mp.weixin.qq.com/s?__biz=MzkyNDA5NjgyMg==&mid=2247501228&idx=1&sn=4386f7eff6698e6921d12895041c9a18) + - [ ] [开源情报|国际动态|杂谈|TikTok美国封禁临近](https://mp.weixin.qq.com/s?__biz=Mzg2NTcyNjU4Nw==&mid=2247485864&idx=1&sn=1757546545462e16ba7e3a3e8b1f8688) + - [ ] [防范无人机系统(UAS)的威胁](https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247619741&idx=1&sn=fc226e9fa0bb08ad8cb89ee9b82522c7) + - [ ] [IDEA研究院:低空经济发展白皮书3.0-安全体系](https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247619741&idx=2&sn=9a281d31052b030cd47367f8938ba503) + - [ ] [低空经济启航,安全体系护航 低空经济网络安全体系化研究报告](https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247619741&idx=3&sn=7c3ab501fef20b76c4df35a1321f4b01) + - [ ] [Linux服务器中毒?教你一步步精准判断和快速处置!](https://mp.weixin.qq.com/s?__biz=MzUyNTExOTY1Nw==&mid=2247527911&idx=1&sn=8705fa0202976a1f106844025794d83c) + - [ ] [vulnhub靶场【Lampiao靶机】,提权之脏牛提权](https://mp.weixin.qq.com/s?__biz=MzAxNTg1MDYxNA==&mid=2247488884&idx=1&sn=e27d1ae2b776c935534dcebc4a7c3f1f) + - [ ] [TikTok基本没事了,都洗洗睡吧。](https://mp.weixin.qq.com/s?__biz=MzU4NDY3MTk2NQ==&mid=2247491029&idx=1&sn=994f4cf99c69bdca9d7b715d4df0d361) + - [ ] [挖掘有回显ssrf的一类隐藏payload](https://mp.weixin.qq.com/s?__biz=MzIzMTIzNTM0MA==&mid=2247496898&idx=1&sn=b6088e20a8b4fc9fbd887b900d8c5247) + - [ ] [$40,000!如何将路径遍历升级为RCE!](https://mp.weixin.qq.com/s?__biz=Mzg2ODYxMzY3OQ==&mid=2247518264&idx=1&sn=6823adc5590ea93b5292ad7b512fc377) + - [ ] [SRC专项知识库](https://mp.weixin.qq.com/s?__biz=Mzg2ODYxMzY3OQ==&mid=2247518264&idx=2&sn=92373e928418b034514387314198c93b) + - [ ] [深度揭秘SerializeJava:JAVA序列化的全能图形化利器](https://mp.weixin.qq.com/s?__biz=Mzk2NDE3NDUwNg==&mid=2247483806&idx=1&sn=79e10fffa2731ee08f850b85376b73e0) + - [ ] [推荐一款国产开源 IoT 物联网Web云组态,基于RuoYi框架和threeJS支持2D/3D大屏!](https://mp.weixin.qq.com/s?__biz=MjM5OTA4MzA0MA==&mid=2454936626&idx=1&sn=893d191291ac047b22c0fc96c5e9d837) + - [ ] [2025特朗普官宣的暴富神话!揭露 MeMe: $TRUMP 疑云](https://mp.weixin.qq.com/s?__biz=MzkwODI1ODgzOA==&mid=2247506575&idx=1&sn=bf017b2d8232732cd139ea4466043034) + - [ ] [木马反制技巧](https://mp.weixin.qq.com/s?__biz=MzkzNTYwMTk4Mw==&mid=2247488211&idx=1&sn=a4a634096a3ea78aa825239e2869897b) + - [ ] [x64 返回地址欺骗](https://mp.weixin.qq.com/s?__biz=MzAxODM5ODQzNQ==&mid=2247486365&idx=1&sn=59b5d17aa8bcd8631da39637f55d722d) + - [ ] [涉案2000万!网警成功侦破一起特大“造谣引流”网络水军案](https://mp.weixin.qq.com/s?__biz=MzA5MzU5MzQzMA==&mid=2652114079&idx=1&sn=a7d5e08a27ad369af030953529245b83) + - [ ] [21123_ctfshow_misc_原谅2xa0writeup](https://mp.weixin.qq.com/s?__biz=MzU2NzIzNzU4Mg==&mid=2247489496&idx=1&sn=40b774a412a25cde44f211e5c7716a78) + - [ ] [缘分稀薄寡淡 亲爱的 后会无期](https://mp.weixin.qq.com/s?__biz=MzkyMDY1MDI3OA==&mid=2247483792&idx=1&sn=972700e1efd505ff5174aeae2c49c989) + - [ ] [保姆级教学之sqli-labs(less39-53)](https://mp.weixin.qq.com/s?__biz=Mzk1NzQwNjQ4Ng==&mid=2247484497&idx=1&sn=3724e7de301b44949a32f68413fd58e5) + - [ ] [一次应急响应中的Windows Rootkit对抗](https://mp.weixin.qq.com/s?__biz=MzkyOTc0NDY2Nw==&mid=2247484591&idx=1&sn=1c0754974f5680a49f8844cc588eaab0) + - [ ] [SSRF](https://mp.weixin.qq.com/s?__biz=MzkwMjU5MzgzMQ==&mid=2247485221&idx=1&sn=fb4cf74dd862bc8792a0af77a45d1bdc) + - [ ] [在看 | 周报:浙江省国家安全机关破获境外间谍案;腾讯协助警方破获木马盗窃游戏账号案;江苏男子利用小程序Bug逃匿28万加油费](https://mp.weixin.qq.com/s?__biz=MzU5ODgzNTExOQ==&mid=2247634732&idx=1&sn=ae1ec8af39e315727dafdde90a2a4a6b) + - [ ] [在看 | 厂商:本周热门网络安全产业动态](https://mp.weixin.qq.com/s?__biz=MzU5ODgzNTExOQ==&mid=2247634732&idx=2&sn=d9b9e282392fc8e2701eae8eccae5e62) + - [ ] [【代码审计】WeGIA 存在前台任意文件上传漏洞 (RCE)](https://mp.weixin.qq.com/s?__biz=Mzg4MTkwMTI5Mw==&mid=2247488622&idx=1&sn=baced76f27759525c3de42cb9abd4668) + - [ ] [强力工具助你一臂之力:XXECheck–全面提升XML安全,防护XXE漏洞!](https://mp.weixin.qq.com/s?__biz=MzkzNzg4MTI0NQ==&mid=2247485359&idx=1&sn=fc0b810b0174b166b92e61fedd91fe77) + - [ ] [论坛·原创 | 特朗普第二任期美国科技外交战略展望](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235038&idx=1&sn=0985e935a77d468c9918194fcdac28b3) + - [ ] [【直卖实拍】北七家3居变4居豪装,理想楼层、户型、朝向](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485427&idx=2&sn=6b5126bf0393fde06a71c2cd046ee078) + - [ ] [【干货】笑傲职场的独家经验(1)](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485427&idx=3&sn=f03a3ae9e761fb7b6b3209a375353ff2) + - [ ] [【干货原创】实网攻防演习常态化,会带来什么变化01](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485427&idx=4&sn=160e2c5b73ca979cc0c8201d479c0362) + - [ ] [【干货原创】K12教育,鲜为人知的模式秘密](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485427&idx=5&sn=4d67208c0f0ef67418c9311336b301b2) + - [ ] [原创文章目录](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485427&idx=6&sn=54232a5bcf1946b2e632e2047a8b2dfd) + - [ ] [【安全圈】高危!rsync被爆出多个安全漏洞](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067460&idx=1&sn=7e41cdf5b76e20186089903f7171a588) + - [ ] [【安全圈】国家互联网应急中心通报两起美方对我国网络攻击事件](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067460&idx=2&sn=1eeea145994ab308cf3f78f1ca987a19) + - [ ] [【安全圈】网络安全态势研判分析报告 (2024年12月)](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067460&idx=3&sn=86d02f407c0e151d308f83282274bf31) + - [ ] [独特上篮方式突破短信发送限制上分 (企业src意外之喜系列第六集)](https://mp.weixin.qq.com/s?__biz=MzkyNDQ5NDM3OA==&mid=2247484006&idx=1&sn=93736f0bca7b3de26866dfae3775651b) + - [ ] [DVWA漏洞靶场通关手册(万字图文解析)](https://mp.weixin.qq.com/s?__biz=MzkxNjg3NTQ4NA==&mid=2247485767&idx=1&sn=93b546f9ce1febe8901087238dc96ee7) + - [ ] [方正畅享全媒体新闻采编系统 reportCenter.do SQL注入漏洞](https://mp.weixin.qq.com/s?__biz=MzkzMTcwMTg1Mg==&mid=2247490256&idx=1&sn=86fcd7775b4baa4c1dfe975633d73730) + - [ ] [智能座舱架构与芯片- 显示篇](https://mp.weixin.qq.com/s?__biz=MzIzOTc2OTAxMg==&mid=2247549130&idx=1&sn=4983ee3542adee5a9c44607ee12297ed) + - [ ] [舍弗勒与小鹏汇天签订飞行汽车动力量产协议](https://mp.weixin.qq.com/s?__biz=MzIzOTc2OTAxMg==&mid=2247549130&idx=2&sn=5be423869800bfc4aaa2ad9b0a78d086) + - [ ] [CVE-2024-53704|SonicOS SSLVPN认证绕过漏洞](https://mp.weixin.qq.com/s?__biz=Mzg2ODcxMjYzMA==&mid=2247485778&idx=1&sn=f2bab6ffd22425efb72f8b20eeeab29b) + - [ ] [CVE-2024-55591|FortiOS和FortiProxy身份认证绕过漏洞(POC)](https://mp.weixin.qq.com/s?__biz=Mzg2ODcxMjYzMA==&mid=2247485778&idx=2&sn=691f85f7d7a345f2ed5607454b84333b) + - [ ] [欢迎报名!u200b“系统0day安全”系列课程:掌握漏洞挖掘重要技能](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458588749&idx=1&sn=c07163014dddf5e352e4f3683251b0d4) + - [ ] [PWN入门:误入格式化字符串漏洞](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458588749&idx=2&sn=6fc809be9ede10a46f7d204c536cd5bf) + - [ ] [b站大事件!员工代码费尽心机前端投毒竟是为了……喷网友!](https://mp.weixin.qq.com/s?__biz=Mzk0MDY2NTY5Mw==&mid=2247485587&idx=1&sn=b807ce1fae02aa546b49dcaba6635485) + - [ ] [方正畅享全媒体新闻采编系统 screen.do SQL注入漏洞](https://mp.weixin.qq.com/s?__biz=MzkzMTcwMTg1Mg==&mid=2247490248&idx=1&sn=1eba3e69ef0279c4fc7796abe9ca32c6) + - [ ] [网警解密“黄牛”抢票“开挂秘籍”](https://mp.weixin.qq.com/s?__biz=MjM5MzMwMDU5NQ==&mid=2649170310&idx=1&sn=3de41d277ca4e38f14488d237c44844a) + - [ ] [警惕利用人工智能技术绕过图形类验证机制的新型犯罪手法](https://mp.weixin.qq.com/s?__biz=MjM5MzMwMDU5NQ==&mid=2649170310&idx=2&sn=b87113a571fafe09a5f367f860da70ac) + - [ ] [关于利用人工智能技术绕过图形类验证机制新型犯罪手法预警通报;|2025年首个满分漏洞,PoC已公布,可部署后门](https://mp.weixin.qq.com/s?__biz=MzAxMjE3ODU3MQ==&mid=2650606788&idx=1&sn=1d92761760abe35316e9dcf0f7bc34f5) + - [ ] [威胁情报的五个大坑](https://mp.weixin.qq.com/s?__biz=MzAxMjE3ODU3MQ==&mid=2650606788&idx=2&sn=484daf0b2994e2f714d24e5a26157cf2) + - [ ] [记一次从任意文件下载到getshell](https://mp.weixin.qq.com/s?__biz=MzAxMjE3ODU3MQ==&mid=2650606788&idx=3&sn=aaf92b43e956eaffc7241caf6886f23c) + - [ ] [Telegram中进行开源情报调查的高级插件](https://mp.weixin.qq.com/s?__biz=MzAxMjE3ODU3MQ==&mid=2650606788&idx=4&sn=1aa5faf3a41536f88bb7bb582e4d5a50) + - [ ] [【吃瓜】u200b好消息,发年终奖了!坏消息,是员工给公司发的!](https://mp.weixin.qq.com/s?__biz=MzAwMjQ2NTQ4Mg==&mid=2247496665&idx=1&sn=6063f45192263e8c1f815ea46581b3a5) + - [ ] [【学习经验分享】给准大学生的CS-学习路线](https://mp.weixin.qq.com/s?__biz=MzAwMjQ2NTQ4Mg==&mid=2247496665&idx=2&sn=3643759c625630dbed305166d77df167) + - [ ] [第八届西湖论剑·中国杭州网络安全安全技能大赛CTF夺旗赛PWN题部分题解](https://mp.weixin.qq.com/s?__biz=Mzk1NzE2Mjc5Mg==&mid=2247484167&idx=1&sn=6806195fc3e8995d3b15490fa64323ba) + - [ ] [喵苗安全专家组推荐的40个云原生安全RSS订阅源](https://mp.weixin.qq.com/s?__biz=Mzg5MjkwODc4MA==&mid=2247485914&idx=1&sn=e83a2e64c022f8340af0b0598edecd30) + - [ ] [小心!“间谍”正在潜入你的手机](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235038&idx=3&sn=8d7fbaf443b0a9525f6d4b1be446e0a2) + - [ ] [密评科普系列(一)——什么是商业密码?](https://mp.weixin.qq.com/s?__biz=MzI5NTM4OTQ5Mg==&mid=2247633889&idx=2&sn=d7f62b2504acb3f1a969fe71fc163630) + - [ ] [专家解读 | 强化数据标注基地引领作用 带动数据标注产业高质量发展](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235038&idx=2&sn=faf2a988fedc8924e65ab9c9bcbbafa5) + - [ ] [国际 | 越南个人数据跨境传输规则](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235038&idx=4&sn=d5d670e02e6690a029cf91ba98894c4b) + - [ ] [微信支付存漏洞?用户被异地刷脸支付成功,官方回应](https://mp.weixin.qq.com/s?__biz=MzI5NTM4OTQ5Mg==&mid=2247633889&idx=5&sn=0eaed00ffbd92d4c0652fd3e9340e6f4) + - [ ] [美国商务部十年战略规划公布,致力维护国家安全](https://mp.weixin.qq.com/s?__biz=MzI1OTExNDY1NQ==&mid=2651618687&idx=1&sn=982c6522eca5a4b53edea248ad0f7414) + - [ ] [【工具】全球有组织犯罪指数](https://mp.weixin.qq.com/s?__biz=MzI2MTE0NTE3Mw==&mid=2651148608&idx=1&sn=dcde5ba6b230d8fa0b9ffbd97091e78a) + - [ ] [【资料】拜登告别演讲](https://mp.weixin.qq.com/s?__biz=MzI2MTE0NTE3Mw==&mid=2651148608&idx=2&sn=03f1e0c2e178ad80175a035485141a01) + - [ ] [奇安信:被禁 3 年!!](https://mp.weixin.qq.com/s?__biz=MzkxMzMyNzMyMA==&mid=2247569813&idx=1&sn=ab6a255c9dd15cdb7906c67e2fbece7a) + - [ ] [如何用 Wireshark 高效过滤 TCP 数据流](https://mp.weixin.qq.com/s?__biz=MzA5NTUxODA0OA==&mid=2247493116&idx=1&sn=dfbaf2961d5fee876867d903dee25b52) + - [ ] [海南发布商超消费领域个人信息保护合规指引,以加强个人信息保护](https://mp.weixin.qq.com/s?__biz=MzIxMDIwODM2MA==&mid=2653931451&idx=1&sn=0066d975abd60b07ce49c4fbcecbab38) + - [ ] [江苏银行多场景应用大模型,风控能力得到提升](https://mp.weixin.qq.com/s?__biz=MzIxMDIwODM2MA==&mid=2653931451&idx=2&sn=965d5c8f64b9c296a4f9d74e86f1c330) + - [ ] [美日韩联合警告加密货币行业防范朝鲜黑客攻击](https://mp.weixin.qq.com/s?__biz=MzI0MTE4ODY3Nw==&mid=2247492524&idx=1&sn=19d57828e503df304caf2618802d9d27) + - [ ] [SerializeJava-反序列图形化工具](https://mp.weixin.qq.com/s?__biz=Mzk0Mjg4MTQxMw==&mid=2247485694&idx=1&sn=f76d44c9fed7879f6d328bd16a49ac51) + - [ ] [你是否有个忘不掉的它](https://mp.weixin.qq.com/s?__biz=MzkwNDg4MTg5MQ==&mid=2247483853&idx=1&sn=7b77e7dc2bbf210e25ce19dda9332afe) + - [ ] [.NET 第55期红队武器库和资源汇总](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498306&idx=1&sn=672a2a2f57cabb2ce04be6ff29129beb) + - [ ] [国内最专业、最全面的 [ .NET 代码审计 ] 体系化学习交流社区](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498306&idx=2&sn=4c2323d1570eb3b825a6a04eb4520b72) + - [ ] [一种通过 .NET 启动 cmd.exe 的新方法](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498306&idx=3&sn=d5276b7bf7380ce889dc125627631a94) + - [ ] [限量领取!篝火信安蛇年定制红包封面派发中!](https://mp.weixin.qq.com/s?__biz=MzIyNzc3OTMzNw==&mid=2247485751&idx=1&sn=387c2d0644a19e8ecf94580734091cf8) + - [ ] [无问社区|春节大放送](https://mp.weixin.qq.com/s?__biz=MzkzODUzMjA1MQ==&mid=2247484823&idx=1&sn=79c8d9e62761290554ec8eda780fba9c) + - [ ] [分享图片](https://mp.weixin.qq.com/s?__biz=MzkzMDE3ODc1Mw==&mid=2247488944&idx=1&sn=09e4fe21af1fcba3e404660f9d7b32e4) + - [ ] [棉花糖定制手绘红包封面来啦!](https://mp.weixin.qq.com/s?__biz=MzkyOTQzNjIwNw==&mid=2247491430&idx=1&sn=cdd4119a2717173ed1a7f67471f50bd5) + - [ ] [2025年微信「红包封面」第一弹,快查收!](https://mp.weixin.qq.com/s?__biz=Mzk0MTIzNTgzMQ==&mid=2247519221&idx=1&sn=3f456dc497d02c7fb2d6610a1a2afcad) + - [ ] [关于公众号更新以及回复私信的一些事](https://mp.weixin.qq.com/s?__biz=MzkyMDY1MDI3OA==&mid=2247483788&idx=1&sn=93bb002b5b0c0556d46898897a1712a1) + - [ ] [【公开课】晚八点App渗透逆向公开课!](https://mp.weixin.qq.com/s?__biz=MzkxMTUwOTY1MA==&mid=2247490013&idx=1&sn=fda955efd9e128551daa7934f3c0be7b) + - [ ] [Graphql内审查询漏洞分析](https://mp.weixin.qq.com/s?__biz=Mzg4NDg3NjE5MQ==&mid=2247485250&idx=1&sn=cc481b4d430eb2516b235f762c1047cb) + - [ ] [网安一哥发布业绩预告:预计2024年实现营业收入42亿元到45亿元](https://mp.weixin.qq.com/s?__biz=MzUzNjkxODE5MA==&mid=2247488099&idx=1&sn=d6b09346c9c833d04429738908b67944) + - [ ] [一文读懂 Spring 动态代理](https://mp.weixin.qq.com/s?__biz=Mzg4NDY4Mzk3Mw==&mid=2247485498&idx=1&sn=fdb55a27c1ccc7ed9b0326e73e2a649c) + - [ ] [水水水水~~~~](https://mp.weixin.qq.com/s?__biz=MzkxNzY5MTg1Ng==&mid=2247485516&idx=1&sn=a776993f5320c5be544d0f4d1162a06a) + - [ ] [零信任安全,为什么它在当今的威胁环境中至关重要](https://mp.weixin.qq.com/s?__biz=MzA4MzMzOTQ4Mw==&mid=2453672500&idx=1&sn=3ba70755a11d2fd325341b128d2ca7ec) + - [ ] [评论 | 走出应用程序自动扣费的“消费陷阱”](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235038&idx=5&sn=27d2dc92bc541ae96838413ce948ac9c) + - [ ] [安恒信息发布业绩预告,预计2024年年度实现归属于母公司所有者的净利润为-2.2亿元到-1.6亿元](https://mp.weixin.qq.com/s?__biz=MzUzNjkxODE5MA==&mid=2247488091&idx=1&sn=0e3fae68f54835d405aee94c848122e9) + - [ ] [今晚八点App渗透逆向公开课!](https://mp.weixin.qq.com/s?__biz=Mzg3NTk4MzY0MA==&mid=2247487962&idx=1&sn=ebbeeaf7d4f783318725119d4ad97f31) + - [ ] [有人和无人复杂作战系统:概念、能力和战例(9500字干货)](https://mp.weixin.qq.com/s?__biz=MzkyMjY1MTg1MQ==&mid=2247491542&idx=1&sn=0ffc93f646e632e9845622e638f60904) + - [ ] [国外“战场战训数据库”利用研究(韩军视角)](https://mp.weixin.qq.com/s?__biz=MzkyMjY1MTg1MQ==&mid=2247491542&idx=2&sn=0b63c5e22c65c5a3b42ae1dd76e5bc7f) + - [ ] [在盟国领土上进行海外作战:美军在印太地区面临的挑战和机遇(2024兰德最新报告)](https://mp.weixin.qq.com/s?__biz=MzkyMjY1MTg1MQ==&mid=2247491542&idx=3&sn=c182630cad08f8732d501929c6fe2611) + - [ ] [2024兰德报告《将中美台海冲突控制在核门槛以下(第4卷):通过分析战略理论、历史案例和原创分析框架设想首先使用核武器的路径》](https://mp.weixin.qq.com/s?__biz=MzkyMjY1MTg1MQ==&mid=2247491542&idx=4&sn=452931cd6f0c10c818eb4f489d5f6da0) + - [ ] [2024兰德报告《将中美台海冲突控制在核门槛以下(第3卷):u200b中-国不断发展的核战略和核使用阈值及其未来风险因素》](https://mp.weixin.qq.com/s?__biz=MzkyMjY1MTg1MQ==&mid=2247491542&idx=5&sn=e5c5c264c1288570849e547e98aa7af4) + - [ ] [2024兰德报告《将中美台海冲突控制在核门槛以下(第2卷):u200b调查美国常规联合远程打击能力、作战目标和部署决策》](https://mp.weixin.qq.com/s?__biz=MzkyMjY1MTg1MQ==&mid=2247491542&idx=6&sn=408d8cfe126b94e1a6a48bff1eeb4b28) + - [ ] [2024兰德报告《将中美台海冲突控制在核门槛以下(第1卷):美国常规联合远程打击升级管理理念概述》](https://mp.weixin.qq.com/s?__biz=MzkyMjY1MTg1MQ==&mid=2247491542&idx=7&sn=de191e6550e6c769b0bec6abcabf84f4) + - [ ] [新型手法|Telegram 假 Safeguard 骗局](https://mp.weixin.qq.com/s?__biz=MzU4ODQ3NTM2OA==&mid=2247500978&idx=1&sn=8d502d81ee56971fac26b35e70b49081) + - [ ] [STH-RPC识别短期底部](https://mp.weixin.qq.com/s?__biz=MzI3NTcwNTQ2Mg==&mid=2247487603&idx=1&sn=c80291f3e5df7a556fee023c857bd9e4) + - [ ] [【中文调教】免费开源不限量!让 AI 生成高质量 4k 定制图片](https://mp.weixin.qq.com/s?__biz=MzkwODI1ODgzOA==&mid=2247506565&idx=1&sn=0d2c7468fe8213f063154297c0a70895) + - [ ] [公众号交流二群建立了!快来扫码加入](https://mp.weixin.qq.com/s?__biz=MzkwODI1ODgzOA==&mid=2247506565&idx=2&sn=5726611666b67db6aca8251fd26ce47d) + - [ ] [无问社区 | 网安技术资源派送(文末福利)](https://mp.weixin.qq.com/s?__biz=MzkzNDQ0MDcxMw==&mid=2247487155&idx=1&sn=e865c23ab316942e34f7a4e11f209276) + - [ ] [特朗普 x 账号疑似被黑](https://mp.weixin.qq.com/s?__biz=MzkzNDIzNDUxOQ==&mid=2247494382&idx=1&sn=8ddba3acf29f8fc6650c7e46e18b1a6d) + - [ ] [一次通用cnvd案例分享](https://mp.weixin.qq.com/s?__biz=MzkzNTQwNjQ4OA==&mid=2247484053&idx=1&sn=f2f7d10b6cf4337e7ab2212e103f702a) + - [ ] [ChatGPT如何指导知识产权法论文选题,掌握5步精准指南。](https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247493243&idx=1&sn=8f30acca6c4f3b2b6179a8656d558eef) + - [ ] [ChatGPT审核新闻学论文的内部高阶攻略,0经验小白也能轻松找出问题!](https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247493243&idx=2&sn=b529bb3e05fe0200e1b590d4801b1696) + - [ ] [chatgpt视角下的野生动物论文文献综述写作核心攻略。](https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247493243&idx=3&sn=d73f224f40a8c4f610df81cd00335551) + - [ ] [ChatGPT挖掘拉丁语学术论文的9大神仙技巧,学院派必看!](https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247493243&idx=4&sn=7218911d39ff15c8a82b86c5852a968a) + - [ ] [ChatGPT完美助攻,中西医结合论文3天确定逆天选题攻略!](https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247493243&idx=5&sn=b4509068ccdeab0b99c827ee299c55d7) + - [ ] [赛欧思一周资讯分类汇总(2025-01-13 ~ 2025-01-18)](https://mp.weixin.qq.com/s?__biz=MzU0MjE2Mjk3Ng==&mid=2247488416&idx=1&sn=3256d8d3ec398a11297f623fdceef5d2) + - [ ] [Java安全小记-Commons-Collections4反序列化](https://mp.weixin.qq.com/s?__biz=Mzk0ODY1NzEwMA==&mid=2247485860&idx=1&sn=1b65d29dbab6339bc7842474a6211475) + - [ ] [DataCon2024解题报告WriteUp—漏洞分析赛道](https://mp.weixin.qq.com/s?__biz=MzU5Njg1NzMyNw==&mid=2247489123&idx=1&sn=228fa0630cebdc58c6b961b96752dc2f) + - [ ] [中国工程院院士邬贺铨:五方面发力推动信息通信业高质量发展](https://mp.weixin.qq.com/s?__biz=Mzg4MDU0NTQ4Mw==&mid=2247528734&idx=1&sn=354275495b32bddb78bfb6b94a93340d) + - [ ] [国家数据基础设施建设的四个核心问题](https://mp.weixin.qq.com/s?__biz=Mzg4MDU0NTQ4Mw==&mid=2247528734&idx=2&sn=3af167a316f4c6b8b3444a3fc509a2e7) + - [ ] [Proton Mail宕机–大规模中断后服务恢复](https://mp.weixin.qq.com/s?__biz=Mzg2NjY2MTI3Mg==&mid=2247498269&idx=1&sn=6ddb964e3a74df8b9bde7aca97752ef8) + - [ ] [吃瓜,某安一哥起诉某公众号索赔50W](https://mp.weixin.qq.com/s?__biz=Mzk0MzY3MDE5Mg==&mid=2247483932&idx=1&sn=d275d1d865bc82ea56279c6c9c584cd5) + - [ ] [泰晓资讯xa0:xa02025xa0年 1xa0月xa0第xa0二xa0期](https://mp.weixin.qq.com/s?__biz=MzA5NDQzODQ3MQ==&mid=2648194552&idx=1&sn=4b6885310a604cf16f4bc2e14b62287b) + - [ ] [OSDT Weekly 2025-01-15 第289期](https://mp.weixin.qq.com/s?__biz=MzA5NDQzODQ3MQ==&mid=2648194552&idx=2&sn=601b0cc0dc7df856c714123d5adfc94f) + - [ ] [拜登政府AI出口管制破坏秩序与对我的影响](https://mp.weixin.qq.com/s?__biz=MzkwNzM0NzA5MA==&mid=2247504300&idx=2&sn=412c2f98c4028c9f8d6a19833bafdc80) + - [ ] [中吉乌铁路:重塑中亚地缘政治经济格局与国际态度演变](https://mp.weixin.qq.com/s?__biz=MzkwNzM0NzA5MA==&mid=2247504300&idx=3&sn=5f8a05ad7afaf072d44c05829dff3f95) + - [ ] [安天AVL SDK反病毒引擎升级通告(20250118)](https://mp.weixin.qq.com/s?__biz=MjM5MTA3Nzk4MQ==&mid=2650209597&idx=1&sn=91ede5437c5fc60e6c3084c81753784d) + - [ ] [Nuclei POC 管理工具(附POC地址)](https://mp.weixin.qq.com/s?__biz=Mzg5OTg5NzMzMA==&mid=2247484176&idx=1&sn=f4be63e1e0f295963d861967f27eb595) + - [ ] [浏览器取证实战](https://mp.weixin.qq.com/s?__biz=Mzg3NTU3NTY0Nw==&mid=2247489510&idx=1&sn=65afe75391c1243ba91da9dfaf11fced) + - [ ] [AI+代码审计??代码审计新工具内测来了!](https://mp.weixin.qq.com/s?__biz=MzkzMzczODA0OQ==&mid=2247484066&idx=1&sn=71685fde2af3a483cf290a5f14e1c140) + - [ ] [渗透测试 | 某系统垂直越权漏洞的挖掘](https://mp.weixin.qq.com/s?__biz=Mzk0Mzc1MTI2Nw==&mid=2247487115&idx=1&sn=338d1d8129bc7b7f75ae6ad22e4cef7e) + - [ ] [如何利用 OSINT 解决价值 1100 亿美元的商店盗窃问题](https://mp.weixin.qq.com/s?__biz=MzkxMDIwMTMxMw==&mid=2247494428&idx=1&sn=6c841e5efe7e16262098d12e617933c3) +- Private Feed for M09Ic + - [ ] [safedv starred hlldz/Phant0m](https://github.com/hlldz/Phant0m) + - [ ] [safedv starred D3Ext/Hooka](https://github.com/D3Ext/Hooka) + - [ ] [mgeeky starred rainerzufalldererste/windows_x64_shellcode_template](https://github.com/rainerzufalldererste/windows_x64_shellcode_template) + - [ ] [HuYlllc pushed to v0.0.4dev in chainreactors/malice-network](https://github.com/chainreactors/malice-network/compare/95cb131373...ace33f01f9) + - [ ] [mgeeky starred SpecterOps/Nemesis](https://github.com/SpecterOps/Nemesis) + - [ ] [CHYbeta starred louislam/dockge](https://github.com/louislam/dockge) + - [ ] [huoji120 started following SamuelTulach](https://github.com/SamuelTulach) + - [ ] [esrrhs starred tomhea/c2fj](https://github.com/tomhea/c2fj) + - [ ] [esrrhs starred tomhea/flip-jump](https://github.com/tomhea/flip-jump) + - [ ] [mgeeky starred cainiao1992/ollvm-mingw](https://github.com/cainiao1992/ollvm-mingw) - Recent Commits to cve:main - - [ ] [Update Thu Jan 16 20:18:31 UTC 2025](https://github.com/trickest/cve/commit/ac7b0793018b914902d4a93cfd97f9c9f5099dc2) - - [ ] [Update Thu Jan 16 12:17:03 UTC 2025](https://github.com/trickest/cve/commit/d2045a1f437c6e51bb209405ecceac7ecd5fb639) - - [ ] [Update Thu Jan 16 04:12:08 UTC 2025](https://github.com/trickest/cve/commit/e9e247db7486d0a878423134b49b830e5ac64c29) + - [ ] [Update Sat Jan 18 20:13:55 UTC 2025](https://github.com/trickest/cve/commit/b708e26d5a4c98338b505110945c3df0396344c0) + - [ ] [Update Sat Jan 18 12:15:13 UTC 2025](https://github.com/trickest/cve/commit/aef459845426b0cd394ec2be1ea55871b7a78f8a) + - [ ] [Update Sat Jan 18 04:18:41 UTC 2025](https://github.com/trickest/cve/commit/cb8a7b3ec123eb65fb54b26ccb85cfecefc0b1a7) - Security Boulevard - - [ ] [DEF CON 32 – Signature-Based Detection Using Network Timing](https://securityboulevard.com/2025/01/def-con-32-signature-based-detection-using-network-timing/) - - [ ] [Randall Munroe’s XKCD ‘Radon’](https://securityboulevard.com/2025/01/randall-munroes-xkcd-radon/) - - [ ] [Updated Response to CISA Advisory (AA23-136A): #StopRansomware: BianLian Ransomware Group](https://securityboulevard.com/2025/01/updated-response-to-cisa-advisory-aa23-136a-stopransomware-bianlian-ransomware-group/) - - [ ] [White House Executive Order: Strengthening and Promoting Innovation in the Nation’s Cybersecurity](https://securityboulevard.com/2025/01/white-house-executive-order-strengthening-and-promoting-innovation-in-the-nations-cybersecurity/) - - [ ] [Debunking the “On Premise Software” Myth | Grip Security](https://securityboulevard.com/2025/01/debunking-the-on-premise-software-myth-grip-security/) - - [ ] [Veriti mentioned as a Tech Innovator in the 2025 Gartner® Emerging Tech: Tech Innovators in Preemptive Cybersecurity Report in the Preemptive Cybersecuirty Category.](https://securityboulevard.com/2025/01/veriti-mentioned-as-a-tech-innovator-in-the-2025-gartner-emerging-tech-tech-innovators-in-preemptive-cybersecurity-report-in-the-preemptive-cybersecuirty-category/) - - [ ] [Simplifying Compliance in the Complex U.S. FinServ Regulatory Landscape](https://securityboulevard.com/2025/01/simplifying-compliance-in-the-complex-u-s-finserv-regulatory-landscape/) - - [ ] [How a Large Healthcare Company Slashed Their Secrets Incidents by Half](https://securityboulevard.com/2025/01/how-a-large-healthcare-company-slashed-their-secrets-incidents-by-half/) - - [ ] [DEF CON 32 – Small Satellite Modeling and Defender Software](https://securityboulevard.com/2025/01/def-con-32-small-satellite-modeling-and-defender-software-2/) - - [ ] [Smart Spatial and Hyperview Unite to Take Data Centers to the Next Level](https://securityboulevard.com/2025/01/smart-spatial-and-hyperview-unite-to-take-data-centers-to-the-next-level/) -- Trustwave Blog - - [ ] [Upcoming Trustwave SpiderLabs Report Investigates Threats Against the Energy and Utilities Sector](https://www.trustwave.com/en-us/resources/blogs/trustwave-blog/upcoming-trustwave-spiderlabs-report-investigates-threats-against-the-energy-and-utilities-sector/) -- 安全客-有思想的安全新媒体 - - [ ] [360年度勒索软件报告请查收:AI“催生”天价赎金危机](https://www.anquanke.com/post/id/303576) - - [ ] [CVE-2024-9042:在 Kubernetes Windows 节点中发现代码执行漏洞](https://www.anquanke.com/post/id/303573) - - [ ] [CVE-2025-23042 (CVSS 9.1): Gradio 修补了流行机器学习平台中的关键 ACL 旁路漏洞](https://www.anquanke.com/post/id/303570) - - [ ] [超过 66 万台 Rsync 服务器受到代码执行攻击](https://www.anquanke.com/post/id/303567) - - [ ] [思科发布人工智能防御系统,抵御模型安全风险](https://www.anquanke.com/post/id/303564) - - [ ] [俄克拉荷马州提出比特币战略储备法案](https://www.anquanke.com/post/id/303561) - - [ ] [微软将于十月终止对 Windows 10 上 Office 应用程序的支持](https://www.anquanke.com/post/id/303558) - - [ ] [黑客利用Google Search广告窃取Google Ads帐户](https://www.anquanke.com/post/id/303555) - - [ ] [黑色巴斯塔式网络攻击 90 分钟内向收件箱发送 1,165 封电子邮件](https://www.anquanke.com/post/id/303552) - - [ ] [SAP 修复 NetWeaver 应用服务器中的关键漏洞](https://www.anquanke.com/post/id/303549) -- Tenable Blog - - [ ] [New Cybersecurity Executive Order: What It Means for Federal Agencies](https://www.tenable.com/blog/new-cybersecurity-executive-order-what-it-means-for-federal-agencies) -- Google Online Security Blog - - [ ] [OSV-SCALIBR: A library for Software Composition Analysis](http://security.googleblog.com/2025/01/osv-scalibr-library-for-software.html) -- Doonsec's feed - - [ ] [中国APP攻陷美国](https://mp.weixin.qq.com/s?__biz=MzkwMzI1ODUwNA==&mid=2247487822&idx=1&sn=08ec2dec88cfefd75d64bb05d64681f4) - - [ ] [CSDN NB!!!](https://mp.weixin.qq.com/s?__biz=Mzg3MTE0NTg4OQ==&mid=2247484145&idx=1&sn=9707b33311207262bedee6cdedd1f4a3) - - [ ] [软考信安(五)](https://mp.weixin.qq.com/s?__biz=MzkzMjYzOTc5NQ==&mid=2247484672&idx=1&sn=f4ab8d1a56765d02166ddf40dc3c453b) - - [ ] [SharpScan: 内网资产扫描工具](https://mp.weixin.qq.com/s?__biz=MzU2MTc4NTEyNw==&mid=2247486296&idx=1&sn=806c15e88353abd397dccabb76927b77) - - [ ] [2025年,我们尝试为实战能力赋能做点推动](https://mp.weixin.qq.com/s?__biz=Mzg4MDkyMTE4OQ==&mid=2247488992&idx=1&sn=c3472a8dcec51704e7257f1d55ac0bf2) - - [ ] [TikTok禁令倒计时](https://mp.weixin.qq.com/s?__biz=MzI3MDY0Nzg1Nw==&mid=2247489463&idx=1&sn=0ddd529420f80f2d51d777860f143685) - - [ ] [公众号2024年度回顾](https://mp.weixin.qq.com/s?__biz=MzU1NjczNjA0Nw==&mid=2247486233&idx=1&sn=292dce339e7afa224eb541aca3f2e23d) - - [ ] [排版神器之Markdown Nice](https://mp.weixin.qq.com/s?__biz=Mzk1NzI2NDQyMw==&mid=2247484215&idx=1&sn=3646a1d963934f45a7c284e0a946a436) - - [ ] [简单操作几下就可以实现在微信群聊点歌](https://mp.weixin.qq.com/s?__biz=Mzg3MTY3NzUwMQ==&mid=2247490254&idx=1&sn=4387d226daf848daa9c396c791db156b) - - [ ] [美国会很快封杀小红书吗?](https://mp.weixin.qq.com/s?__biz=MzU1NjgzOTAyMg==&mid=2247522933&idx=3&sn=98036ed8b9e52304f3ac6cda4eae78fb) - - [ ] [我认为最好的威胁和风险关系模型,蚂蚁集团韦韬为什么不这么看?](https://mp.weixin.qq.com/s?__biz=MzAxOTk3NTg5OQ==&mid=2247492175&idx=1&sn=5ca001d900c874319dc7c70c87a53d32) - - [ ] [垂直越权,你只会替换 COOKIE ?啊、这、](https://mp.weixin.qq.com/s?__biz=Mzg3OTUxNTU2NQ==&mid=2247489991&idx=1&sn=4ee0dce8f2e3b4664001b5826924a483) - - [ ] [Python黑客工具库详解:10个让黑客效率提升10倍的神级库](https://mp.weixin.qq.com/s?__biz=MzI5MjY4MTMyMQ==&mid=2247489710&idx=1&sn=af7b0f143c0bfcef45855c3cafb9109a) - - [ ] [译文|韩国国家网络安全战略](https://mp.weixin.qq.com/s?__biz=MzkwMTMyMDQ3Mw==&mid=2247597488&idx=1&sn=b742395aa377ae841d5658003e035f50) - - [ ] [两会之声 | 人大代表李雪莹:强化安全体系,助力北京全球数字经济标杆城市建设](https://mp.weixin.qq.com/s?__biz=MzA3OTMxNTcxNA==&mid=2650960522&idx=1&sn=5121df2d76b035220e78b978d790d4ac) - - [ ] [国家数据基础设施建设的四个核心问题](https://mp.weixin.qq.com/s?__biz=MzkwMTMyMDQ3Mw==&mid=2247597488&idx=3&sn=4c7d930dfe77ef29904d787a139d6677) - - [ ] [安全简讯(2025.01.16)](https://mp.weixin.qq.com/s?__biz=MzkzNzY5OTg2Ng==&mid=2247500628&idx=1&sn=99a356fbab1b3b9c42d0f724fa99271e) - - [ ] [实战|拿下了自己学校的大屏幕](https://mp.weixin.qq.com/s?__biz=MzkxMzMyNzMyMA==&mid=2247569765&idx=2&sn=8cdde0bcc80f23fd58938ae6a1b4f361) - - [ ] [【吃瓜】u200b好消息,发年终奖了!坏消息,是员工给公司发的!](https://mp.weixin.qq.com/s?__biz=MzU3MjU4MjM3MQ==&mid=2247489663&idx=1&sn=1022a546269df3a7ea265a02353f11b7) - - [ ] [记某OA系统Ajax旧服务的0day漏洞挖掘](https://mp.weixin.qq.com/s?__biz=MzkzMzE5OTQzMA==&mid=2247485723&idx=1&sn=7c957b9f8d1e7a6f0094a12068b8720d) - - [ ] [【漏洞通告】FortiOS and FortiProxy身份验证绕过漏洞安全风险通告](https://mp.weixin.qq.com/s?__biz=MzU4NjY4MDAyNQ==&mid=2247496947&idx=1&sn=cfb80fee4820f74fe4d4da502d629282) - - [ ] [【漏洞通告】Ivanti Endpoint Manager多个信息泄露漏洞安全风险通告](https://mp.weixin.qq.com/s?__biz=MzU4NjY4MDAyNQ==&mid=2247496947&idx=2&sn=4d5f7bf05f88fe132cade2806d79c596) - - [ ] [江西教育在线疑似被删库!!!这可不能开玩笑](https://mp.weixin.qq.com/s?__biz=MzU2MjU2MzI3MA==&mid=2247484508&idx=1&sn=3793caf5f8c7b8ef5d3b3e6ef14a29af) - - [ ] [2024年反勒索软件行动分析](https://mp.weixin.qq.com/s?__biz=MzU2MjU2MzI3MA==&mid=2247484508&idx=2&sn=56dba8409470f69386b4a36666b1e850) - - [ ] [没有公网怎么访问家庭网络、NAS?免费无门槛,十分钟搞定!](https://mp.weixin.qq.com/s?__biz=MzU2MjU2MzI3MA==&mid=2247484508&idx=3&sn=691a9cba123fe29430ef29b3c2b6a103) - - [ ] [网安人的年度总结](https://mp.weixin.qq.com/s?__biz=Mzk0OTY2ODE1NA==&mid=2247484970&idx=1&sn=b3205215ccac49595accadd35fe0b802) - - [ ] [征文|《信息安全研究》2025年“机密计算”专题征文](https://mp.weixin.qq.com/s?__biz=MzA3NzgzNDM0OQ==&mid=2664992827&idx=1&sn=12351a7b4481dd065c24d1507589d012) - - [ ] [【业界动态】工信部发文加强互联网数据中心客户数据安全保护](https://mp.weixin.qq.com/s?__biz=MzA3NzgzNDM0OQ==&mid=2664992827&idx=2&sn=ffc6c77f065e24300395fecd2752f2f5) - - [ ] [国内外网络安全热点情报(2025年第2期)](https://mp.weixin.qq.com/s?__biz=MzkzNjM4ODc3OQ==&mid=2247485644&idx=1&sn=2678bf67645c7d5967844182840b4b34) - - [ ] [探讨 Poseidon 延展性攻击,可影响零知识证明应用的安全性](https://mp.weixin.qq.com/s?__biz=MzU4ODQ3NTM2OA==&mid=2247500936&idx=1&sn=433dc45041abe0603c4c00d7a3db7ced) - - [ ] [无问社区|春节大放送](https://mp.weixin.qq.com/s?__biz=MzkxNjQyODY5MA==&mid=2247486971&idx=1&sn=624b1d81c297cd2579d60bc1959721f2) - - [ ] [韩国总统尹锡悦被捕事件深度解读](https://mp.weixin.qq.com/s?__biz=MzkwNzM0NzA5MA==&mid=2247504090&idx=1&sn=e552539780ef7da02bd2a7ba6af4b128) - - [ ] [拜登政府末期全力推动加沙停火协议:复杂局势下的外交](https://mp.weixin.qq.com/s?__biz=MzkwNzM0NzA5MA==&mid=2247504090&idx=2&sn=fece80f58e66edb84cf6d282168aecb4) - - [ ] [2025,从读一本优秀的图书开始](https://mp.weixin.qq.com/s?__biz=MzA3NDE0NDUyNA==&mid=2650804752&idx=1&sn=aad52aa81ac9ee5fee0c724cf80b1d6b) - - [ ] [图解OSI七层模型,言简意赅!](https://mp.weixin.qq.com/s?__biz=MzIyMzIwNzAxMQ==&mid=2649464520&idx=1&sn=ef97d15e0bdfff6f43c101e609536b15) - - [ ] [业务上新|BytePlus开放测试](https://mp.weixin.qq.com/s?__biz=MzUzMzcyMDYzMw==&mid=2247494456&idx=1&sn=08dd5c76c4e63b643bf83e6e67376f72) - - [ ] [暗网情报:15,000多台FortiGate设备的配置和VPN凭据泄露](https://mp.weixin.qq.com/s?__biz=MzkyMjQ5ODk5OA==&mid=2247506836&idx=1&sn=a871fac7bf74d1c799e9679c9e3fce12) - - [ ] [诚邀渠道合作伙伴共启新征程](https://mp.weixin.qq.com/s?__biz=MzI3NjYzMDM1Mg==&mid=2247521662&idx=2&sn=a82fab2199cc8b53db07300512a91f88) - - [ ] [黑客在Windows系统下提权的20种主要姿势!](https://mp.weixin.qq.com/s?__biz=Mzk0MzY1NDc2MA==&mid=2247484250&idx=1&sn=adcc04e14f1f9e181205110f8bf6c0ef) - - [ ] [网安认证指南:穿越认证丛林,开启职业坦途](https://mp.weixin.qq.com/s?__biz=MzU4NDExNDQwNA==&mid=2247489889&idx=1&sn=03b458260a1a89a7973c8ea2a099d8f0) - - [ ] [网络安全实战练习资源整合](https://mp.weixin.qq.com/s?__biz=MzkyMzg4MTY4Ng==&mid=2247484590&idx=1&sn=9aeca055dcc662ea4cc63b9219559bc9) - - [ ] [数据经纪商Gravy Analytics遭黑客攻击 数百万用户位置信息泄露](https://mp.weixin.qq.com/s?__biz=MzIwNzAwOTQxMg==&mid=2652251218&idx=1&sn=c179c7c00ec35fb67ad2420914827b89) - - [ ] [美国CISA将Fortinet FortiOS列入已知漏洞目录](https://mp.weixin.qq.com/s?__biz=MzU0MjE2Mjk3Ng==&mid=2247488407&idx=1&sn=9f14c87a5bd0069bcb81779ce3d4c4d2) - - [ ] [全面理解数据字化时代的网络安全](https://mp.weixin.qq.com/s?__biz=MzUzNjkxODE5MA==&mid=2247488067&idx=1&sn=11730602b3512d2291c9cd323eb5f1b9) - - [ ] [一款图形化的代码审计工具](https://mp.weixin.qq.com/s?__biz=MzU2NzY5MzI5Ng==&mid=2247504768&idx=1&sn=c7739c819a858a3fb7d89c7807ba2f5e) - - [ ] [仅退款的正确用法](https://mp.weixin.qq.com/s?__biz=MzkyNzIxMjM3Mg==&mid=2247488941&idx=2&sn=75554bc5d9be3c252a69819f06a34fd2) - - [ ] [21094_ctfshow_misc_迷惑行为大赏(之)无中生you_菜鸡杯xa0writeup](https://mp.weixin.qq.com/s?__biz=MzU2NzIzNzU4Mg==&mid=2247489494&idx=1&sn=01d30ab0c4610de825aeb2a146dce749) - - [ ] [安全圈年底跳槽招人!](https://mp.weixin.qq.com/s?__biz=MzAwMjA5OTY5Ng==&mid=2247525609&idx=1&sn=e4ca144fa5af39781a932d6c5d616620) - - [ ] [工作中,少空想多行动](https://mp.weixin.qq.com/s?__biz=MzU4NjY3OTAzMg==&mid=2247514778&idx=1&sn=84d1c105550a3f883dcd811fca17bde2) - - [ ] [如何保护企业员工免受基于身份的攻击](https://mp.weixin.qq.com/s?__biz=MzU4NjY3OTAzMg==&mid=2247514778&idx=2&sn=be9f4625665303015ba2732ca3c0c688) - - [ ] [哔哩哔哩网页端疑似曝出存储型XSS漏洞](https://mp.weixin.qq.com/s?__biz=MzU5MjgwMDg1Mg==&mid=2247484697&idx=1&sn=41f33dac5bec6ee1a38fe28b75e95977) - - [ ] [全球最早的勒索病毒以及勒索病毒攻击活动](https://mp.weixin.qq.com/s?__biz=MzA4ODEyODA3MQ==&mid=2247490009&idx=2&sn=af11ef8f497a3070ea6fe5ef688cdcbe) - - [ ] [Babuk勒索病毒攻击](https://mp.weixin.qq.com/s?__biz=MzA4ODEyODA3MQ==&mid=2247490009&idx=3&sn=55ecf2eeea1924914478f985389b495e) - - [ ] [AvosLocker恶意病毒攻击](https://mp.weixin.qq.com/s?__biz=MzA4ODEyODA3MQ==&mid=2247490009&idx=4&sn=183fc1d996f53449e72e5616cfbc64c5) - - [ ] [【oscp】Node](https://mp.weixin.qq.com/s?__biz=Mzg2Nzk0NjA4Mg==&mid=2247497975&idx=1&sn=278c0ccc74de00ab14f9b6ce5882a0c4) - - [ ] [干货福利放送:ISO/IEC 27001:2022 培训课程直播计划1.22 – 1.25](https://mp.weixin.qq.com/s?__biz=MzA5OTEyNzc1Nw==&mid=2247485941&idx=1&sn=23c992137d4fcad435b191198b14fb48) - - [ ] [ISO 14001: 2015 标准详解与实施(11)6.1.4 措施的策划](https://mp.weixin.qq.com/s?__biz=MzA5OTEyNzc1Nw==&mid=2247485941&idx=2&sn=d9494bf6b2f51efd007dfb662cf2c074) - - [ ] [暗网情报:涉某电信运营商巨头、赌博平台](https://mp.weixin.qq.com/s?__biz=MzkyMjQ5ODk5OA==&mid=2247506826&idx=1&sn=646c100aff317bc3bd44b7e73b6b1e60) - - [ ] [AutoFilm:连接Alist,为Emby/Jellyfin提供Strm直链播放](https://mp.weixin.qq.com/s?__biz=MzA4MjkzMTcxMg==&mid=2449046691&idx=1&sn=d24c3ad465e8e74457d5e21204adadc0) - - [ ] [从302到RCE,拿shell就像喝水一样简单](https://mp.weixin.qq.com/s?__biz=Mzg3NzkwMTYyOQ==&mid=2247488263&idx=1&sn=269b6a44555f773dd66be01cffb6ef76) - - [ ] [喜报!炼石入选北京市知识产权试点单位](https://mp.weixin.qq.com/s?__biz=MzkyNzE5MDUzMw==&mid=2247568533&idx=1&sn=c78448a9651bb3f8b2c0f5cac1208d7f) - - [ ] [最新kali2024.4保姆级安装教程,附换源、汉化、中文输入法、解决root用户无法登录问题等,附打包好的vm文件下载地址](https://mp.weixin.qq.com/s?__biz=Mzk1NzE0ODk3Nw==&mid=2247490258&idx=1&sn=86fe8c70b8f874a5e010b13bc99bd2cc) - - [ ] [2024年值得赞赏的开源安全项目收集](https://mp.weixin.qq.com/s?__biz=MzU1NDkwMzAyMg==&mid=2247502661&idx=1&sn=008900b107c89bec896eef97714da8e8) - - [ ] [年度管理随笔](https://mp.weixin.qq.com/s?__biz=Mzg2MDc0NTIxOQ==&mid=2247484717&idx=1&sn=5f92532a5420c592a133bc8364b5cc17) - - [ ] [文件包含漏洞从入门到精通](https://mp.weixin.qq.com/s?__biz=MzU2NDY2OTU4Nw==&mid=2247518316&idx=1&sn=b954fbb2f35fff3cfba2f1951d3c827b) - - [ ] [你们都是开玩笑,他才是真的](https://mp.weixin.qq.com/s?__biz=MzkxNzY5MTg1Ng==&mid=2247485494&idx=1&sn=44806adf358814ac0fdf3acaec2f4250) - - [ ] [【相关分享】记一次小程序支付逻辑漏洞](https://mp.weixin.qq.com/s?__biz=Mzk0OTUwNTU5Nw==&mid=2247488515&idx=1&sn=305bbcdc6b74a5b775bcad8028dbd7f1) - - [ ] [分享图片](https://mp.weixin.qq.com/s?__biz=MzI3Njc1MjcxMg==&mid=2247494255&idx=1&sn=21acb34ae1b3837ab16a8b0506d3516f) - - [ ] [漏扫工具 -- hscan](https://mp.weixin.qq.com/s?__biz=MzI4MDQ5MjY1Mg==&mid=2247515611&idx=1&sn=ea7441c1db522c42ed9a0165e6617cf8) - - [ ] [CTF赛前指导 -- 流量取证](https://mp.weixin.qq.com/s?__biz=MzI4MDQ5MjY1Mg==&mid=2247515611&idx=2&sn=119c6d1c1b2b6c381941e8fc3319e9a4) - - [ ] [API漏洞挖掘神器API_kit的二开版本|Burp Suite 插件](https://mp.weixin.qq.com/s?__biz=Mzg3ODE2MjkxMQ==&mid=2247489927&idx=1&sn=4585f639e37390f637445498148b70f7) - - [ ] [让\"WAF绕过\"变得简单 -- x-waf(V0.2)](https://mp.weixin.qq.com/s?__biz=MzU3NzY3MzYzMw==&mid=2247499165&idx=1&sn=30ee5801ed9925a615b9171f265585ed) - - [ ] [CTF赛前指导 -- 文件上传漏洞&一句话木马](https://mp.weixin.qq.com/s?__biz=MzU3NzY3MzYzMw==&mid=2247499165&idx=2&sn=1bcea16d2d17f234caf752fcf51a3d66) - - [ ] [三个阶段阻止DDoS攻击](https://mp.weixin.qq.com/s?__biz=Mzg2NjY2MTI3Mg==&mid=2247498219&idx=1&sn=7968756bf7e19003e4ff18396be8c3c8) - - [ ] [2025年值得关注的网络安全趋势](https://mp.weixin.qq.com/s?__biz=Mzg2NjY2MTI3Mg==&mid=2247498219&idx=2&sn=e2336a616bf941d074da171e51db5da3) - - [ ] [英国考虑禁止支付勒索软件费用](https://mp.weixin.qq.com/s?__biz=MzA5MzU5MzQzMA==&mid=2652113973&idx=1&sn=09d4b3e0d13f4ea9c16aad1b297cb084) - - [ ] [国家发展改革委等部门印发《关于完善数据流通安全治理 更好促进数据要素市场化价值化的实施方案》的通知](https://mp.weixin.qq.com/s?__biz=MzA5MzU5MzQzMA==&mid=2652113973&idx=2&sn=ef53cb3a6fde363046d710893ac7eed1) -- 安全脉搏 - - [ ] [DataCube 漏洞小结](https://www.secpulse.com/archives/205081.html) - - [ ] [记某次攻防演练:大战UEditor并突破](https://www.secpulse.com/archives/205162.html) -- Blog - AppSec Labs - - [ ] [Still Using SSRF to Take Over Cloud Deployments Once Again](https://appsec-labs.com/still-using-ssrf-to-take-over-cloud-deployments-once-again/) + - [ ] [DEF CON 32 – Breaking Boundaries: Popping Shells In The Airgap With $10 & Arduino Magic](https://securityboulevard.com/2025/01/def-con-32-breaking-boundaries-popping-shells-in-the-airgap-with-10-arduino-magic/) + - [ ] [Cyber Essentials NHS and Healthcare Organisations](https://securityboulevard.com/2025/01/cyber-essentials-nhs-and-healthcare-organisations/) + - [ ] [Trump’s Digital Footprint: Unveiling Malicious Campaigns Amid Political Milestones](https://securityboulevard.com/2025/01/trumps-digital-footprint-unveiling-malicious-campaigns-amid-political-milestones/) + - [ ] [How Imperva Protects the Arts Industry from Ticketing Abuse by Carding Bots](https://securityboulevard.com/2025/01/how-imperva-protects-the-arts-industry-from-ticketing-abuse-by-carding-bots/) +- CXSECURITY Database RSS Feed - CXSecurity.com + - [ ] [OBS (by: oretnom23 ) File Upload-FU and Remote](https://cxsecurity.com/issue/WLB-2025010017) - 一个被知识诅咒的人 - - [ ] [用Python管理Docker容器:从docker-py到自动化部署的全面指南](https://blog.csdn.net/nokiaguy/article/details/145180393) - - [ ] [Python在DevOps中的应用:自动化CI/CD管道的实现](https://blog.csdn.net/nokiaguy/article/details/145180389) -- 嘶吼 RoarTalk – 网络安全行业综合服务平台,4hou.com - - [ ] [个人信息安全三重防线(上):App隐私合规检测、PIA认证与个保合规审计](https://www.4hou.com/posts/BvXo) - - [ ] [正式签约!360为宁波城市大模型发展注入新动能](https://www.4hou.com/posts/42vJ) - - [ ] [国家计算机病毒应急处理中心监测发现16款违规移动应用](https://www.4hou.com/posts/33rp) - - [ ] [Nuclei 漏洞允许恶意模板绕过签名验证](https://www.4hou.com/posts/xyjP) -- Private Feed for M09Ic - - [ ] [mgeeky starred MISP/misp-docker](https://github.com/MISP/misp-docker) - - [ ] [mgeeky starred MISP/PyMISP](https://github.com/MISP/PyMISP) - - [ ] [mgeeky starred MISP/MISP](https://github.com/MISP/MISP) - - [ ] [gh0stkey starred clash-verge-rev/clash-verge-rev](https://github.com/clash-verge-rev/clash-verge-rev) - - [ ] [Ridter starred yint-tech/sekiro-samples](https://github.com/yint-tech/sekiro-samples) - - [ ] [Ridter starred Nutlope/logocreator](https://github.com/Nutlope/logocreator) - - [ ] [zer0yu starred lencx/Noi](https://github.com/lencx/Noi) - - [ ] [zer0yu started following theMackabu](https://github.com/theMackabu) - - [ ] [wuhan005 starred Nutlope/logocreator](https://github.com/Nutlope/logocreator) - - [ ] [4ra1n starred saoshao/DetSql](https://github.com/saoshao/DetSql) - - [ ] [zer0yu starred Nutlope/logocreator](https://github.com/Nutlope/logocreator) - - [ ] [boy-hack starred empijei/wapty](https://github.com/empijei/wapty) - - [ ] [4ra1n starred verhas/License3j](https://github.com/verhas/License3j) - - [ ] [gh0stkey starred ventoy/Ventoy](https://github.com/ventoy/Ventoy) - - [ ] [Y4er starred Archeb/opentrace](https://github.com/Archeb/opentrace) - - [ ] [0xbug starred pyper-dev/pyper](https://github.com/pyper-dev/pyper) - - [ ] [glzjin starred composecraft/docker-compose-lib](https://github.com/composecraft/docker-compose-lib) - - [ ] [zema1 starred 0xCaner/DoH-ECH-Demo](https://github.com/0xCaner/DoH-ECH-Demo) - - [ ] [zema1 starred saoshao/DetSql](https://github.com/saoshao/DetSql) - - [ ] [CHYbeta starred yint-tech/sekiro-open](https://github.com/yint-tech/sekiro-open) - - [ ] [zer0yu started following leonjza](https://github.com/leonjza) - - [ ] [zema1 starred ljc545w/ComWeChatRobot](https://github.com/ljc545w/ComWeChatRobot) - - [ ] [zer0yu starred xnl-h4ck3r/knoxnl](https://github.com/xnl-h4ck3r/knoxnl) - - [ ] [zer0yu started following K1sna](https://github.com/K1sna) - - [ ] [yzddmr6 started following lintstar](https://github.com/lintstar) -- obaby@mars - - [ ] [不再可用](https://h4ck.org.cn/2025/01/19004) -- GuidePoint Security - - [ ] [Unveiling the GRIT 2025 Ransomware and Cyber Threat Report](https://www.guidepointsecurity.com/blog/unveiling-the-grit-2025-ransomware-and-cyber-threat-report/) -- blog.avast.com EN - - [ ] [Super bowl scams—How to avoid getting sacked by cybercriminals](https://blog.avast.com/super-bowl-ticket-scams) -- NVISO Labs - - [ ] [Detecting Teams Chat Phishing Attacks (Black Basta)](https://blog.nviso.eu/2025/01/16/detecting-teams-chat-phishing-attacks-black-basta/) -- SentinelOne - - [ ] [New Possibilities with Purple AI | Third-Party Log Sources & Multilingual Question Support](https://www.sentinelone.com/blog/unlocking-new-possibilities-with-purple-ai-new-log-sources-and-multilingual-support/) -- CCC Event Blog - - [ ] [Easterhegg 2025: Call for Participation](https://events.ccc.de/2025/01/16/easterhegg-2025-call-for-participation/) -- Dancho Danchev's Blog - Mind Streams of Information Security Knowledge - - [ ] [A Peek Inside the Current State of BitCoin Exchanges](https://ddanchev.blogspot.com/2025/01/a-peek-inside-current-state-of-bitcoin_17.html) - - [ ] [A Peek Inside the Current State of BitCoin Mixers](https://ddanchev.blogspot.com/2025/01/a-peek-inside-current-state-of-bitcoin.html) - - [ ] [Profiling the iSpoof Cybercrime Enterprise](https://ddanchev.blogspot.com/2025/01/profiling-ispoof-cybercrime-enterprise.html) - - [ ] [Profiling a Currently Active Portfolio of High-Profile Cybercriminal Jabber and XMPP Accounts Including Email Address Accounts - Part Six](https://ddanchev.blogspot.com/2025/01/profiling-currently-active-portfolio-of.html) - - [ ] [New Project - Malware C&C Domains Offensive Network Reconnaissance Monitoring Project](https://ddanchev.blogspot.com/2025/01/new-project-malware-c-domains-offensive.html) - - [ ] [New Project - 419 Scam Domains WHOIS Registrar Monitoring Project](https://ddanchev.blogspot.com/2025/01/new-project-419-scam-domains-whois.html) - - [ ] [Happy New Year](https://ddanchev.blogspot.com/2025/01/happy-new-year.html) - - [ ] [Dancho Danchev's Testimony on “How Facebook Today's Meta Failed To Protect Its Users and React To The Koobface Botnet And What We Should Do About It?”](https://ddanchev.blogspot.com/2025/01/dancho-danchevs-testimony-on-how.html) -- Malwarebytes - - [ ] [Avery had credit card skimmer stuck on its site for months](https://www.malwarebytes.com/blog/news/2025/01/avery-had-credit-card-skimmer-stuck-on-its-site-for-months) - - [ ] [PlugX malware deleted from thousands of systems by FBI](https://www.malwarebytes.com/blog/news/2025/01/plugx-malware-deleted-from-thousands-of-systems-by-fbi) -- daniel.haxx.se - - [ ] [Presentation: curl from start to end](https://daniel.haxx.se/blog/2025/01/16/presentation-curl-from-start-to-end/) -- HackerNews - - [ ] [标签巨头艾利公司称网站遭黑客入侵以窃取信用卡信息](https://hackernews.cc/archives/56936) - - [ ] [米克罗提克僵尸网络利用配置错误的 SPF DNS 记录传播恶意软件](https://hackernews.cc/archives/56933) - - [ ] [SAP 修复 NetWeaver 应用服务器中的关键漏洞](https://hackernews.cc/archives/56930) - - [ ] [SimpleHelp 重大漏洞:可导致文件窃取、权限提升和远程代码执行攻击](https://hackernews.cc/archives/56927) - - [ ] [谷歌云研究人员发现 Rsync 文件同步工具漏洞](https://hackernews.cc/archives/56924) - - [ ] [FBI 在数月行动中从 4250 台被黑电脑中删除 PlugX 恶意软件](https://hackernews.cc/archives/56922) + - [ ] [AIGC与劳动力市场:技术进步与就业结构的重塑](https://blog.csdn.net/nokiaguy/article/details/145234235) + - [ ] [Python中的字典优化:如何高效使用`defaultdict`和`Counter`](https://blog.csdn.net/nokiaguy/article/details/145227999) + - [ ] [【Python运维】用Python管理Docker容器:从`docker-py`到自动化部署的全面指南](https://blog.csdn.net/nokiaguy/article/details/145227982) +- arighi's blog + - [ ] [Accelerating micro-VM boot time with sched_ext](http://arighi.blogspot.com/2025/01/accelerating-micro-vm-boot-time-with.html) +- Twitter @bytehx + - [ ] [Re @rez0__ I made it at my home and love it. It is really good with toasted bread.](https://x.com/bytehx343/status/1880671088092565741) + - [ ] [Re @RelentlessT7 @Bugcrowd Congrats 🎉](https://x.com/bytehx343/status/1880659660078006382) + - [ ] [Re @notgeej haha yes that is quite hurt.](https://x.com/bytehx343/status/1880577440621396144) + - [ ] [Re @h4x0r_dz 🤣🤣🤣](https://x.com/bytehx343/status/1880474260738912721) + - [ ] [Re @696e746c6f6c I did comment about the severity but they never respond to me.](https://x.com/bytehx343/status/1880474183785935318) + - [ ] [Re @HannanHaseeb11 🤣🤣🤣](https://x.com/bytehx343/status/1880473913190412403) +- Bug Bounty in InfoSec Write-ups on Medium + - [ ] [Critical Blind SQL Injection leads to  +$4,134 (7/30 DAYS)](https://infosecwriteups.com/critical-blind-sql-injection-leads-to-4-134-7-30-days-d8918ff3d2d0?source=rss----7b722bfd1b8d--bug_bounty) + - [ ] [Building Your Own Bug Bounty Lab: A Hands-On Guide with Metasploit and More](https://infosecwriteups.com/building-your-own-bug-bounty-lab-a-hands-on-guide-with-metasploit-and-more-9595a71fc4c6?source=rss----7b722bfd1b8d--bug_bounty) + - [ ] [Stored XSS to Admin in Unauthenticated-WordPress](https://infosecwriteups.com/stored-xss-to-admin-in-unauthenticated-wordpress-cb76bae66623?source=rss----7b722bfd1b8d--bug_bounty) + - [ ] [This is How I Turned an Informative Bug into a Valid $500 Bug](https://infosecwriteups.com/this-is-how-i-turned-an-informative-bug-into-a-valid-500-bug-174ffeb94737?source=rss----7b722bfd1b8d--bug_bounty) + - [ ] [CVE-2024-50379: Apache Tomcat Race Condition Vulnerability Leads to Remote Code Execution](https://infosecwriteups.com/cve-2024-50379-apache-tomcat-race-condition-vulnerability-leads-to-remote-code-execution-6b3291780d65?source=rss----7b722bfd1b8d--bug_bounty) - 奇客Solidot–传递最新科技情报 - - [ ] [RISC-V 开发商算能公司被美国列入实体名单](https://www.solidot.org/story?sid=80353) - - [ ] [Blue Origin 的重型火箭 New Glenn 首次抵达轨道](https://www.solidot.org/story?sid=80352) - - [ ] [Proton CEO 拥抱特朗普引发争议](https://www.solidot.org/story?sid=80351) - - [ ] [动视对微软 Xbox Game Pass 订阅量增加帮助不大](https://www.solidot.org/story?sid=80350) - - [ ] [日英意下一代战斗机计划本年内开始制造试制机](https://www.solidot.org/story?sid=80349) - - [ ] [新泽西州州长呼吁 K-12 学校禁止学生使用手机](https://www.solidot.org/story?sid=80348) - - [ ] [英特尔开源 Tofino P4 软件](https://www.solidot.org/story?sid=80347) - - [ ] [LinkedIn 用 AI 劝阻求职者不要申请不符合条件的职位](https://www.solidot.org/story?sid=80346) - - [ ] [深圳大疆让无人机操作人员决定是否在禁飞区飞行](https://www.solidot.org/story?sid=80345) - - [ ] [Telegram 关闭 Z-Library 和 Anna's Archive 频道](https://www.solidot.org/story?sid=80344) -- 安全牛 - - [ ] [六部门印发《关于完善数据流通安全治理 更好促进数据要素市场化价值化的实施方案》;TikTok在美关停在即,特朗普有意挽救 |牛览](https://mp.weixin.qq.com/s?__biz=MjM5Njc3NjM4MA==&mid=2651134747&idx=1&sn=7fb3c006d6af7e55e5391cf29e23164d&chksm=bd15abc88a6222deeb8ad366d3d93a2396148eabc4910de5027d5eeed07370fd3917a1d9f3a8&scene=58&subscene=0#rd) - - [ ] [精彩汇集,业务宝典:《2024安全牛百篇文章精选集》发布](https://mp.weixin.qq.com/s?__biz=MjM5Njc3NjM4MA==&mid=2651134747&idx=2&sn=643272181de389de86be6fc5e58c5448&chksm=bd15abc88a6222dee2a597f0f61ec3c1636d98ae8d8fb53c35744aa517a4ce301c222ae8e804&scene=58&subscene=0#rd) -- 绿盟科技技术博客 - - [ ] [【漏洞通告】Rsync缓冲区溢出与信息泄露漏洞(CVE-2024-12084/CVE-2024-12085)通告](https://blog.nsfocus.net/cve-2024-12084-cve-2024/) + - [ ] [原神被禁止向美国 16 岁以下儿童出售战利品箱](https://www.solidot.org/story?sid=80367) + - [ ] [CNNIC 报告称中国有 2.49 亿人使用过生成式 AI](https://www.solidot.org/story?sid=80366) - 黑海洋 - IT技术知识库 - - [ ] [Raphael AI:几秒生成图像(无限制)](https://blog.upx8.com/4666) - - [ ] [完美解决软路由openwrt分流问题:chinadns + xray + iptables](https://blog.upx8.com/4665) -- Shostack & Friends Blog - - [ ] [Lessons for Cybersecurity from the American Public Health System](https://shostack.org/blog/lessons-for-cyber-from-the-public-health-system/) -- 锦行科技 - - [ ] [喜讯 | 锦行科技连续两年荣获广州大学网络空间安全学院 “优秀合作企业奖”!](https://mp.weixin.qq.com/s?__biz=MzIxNTQxMjQyNg==&mid=2247493674&idx=1&sn=e4f389bf7f5896a23f762b851bf62e88&chksm=979a138fa0ed9a99007d6e8999e8d429298d74dde4a2cb23fa82fa60897128f6c0165b45e150&scene=58&subscene=0#rd) - - [ ] [锦行科技入选“2024网络安全TOP50榜单”!](https://mp.weixin.qq.com/s?__biz=MzIxNTQxMjQyNg==&mid=2247493674&idx=2&sn=4ce09cf88bd39c0cb840c1949aab8b51&chksm=979a138fa0ed9a9996e6872943c2861e53b3470eb9c2f66e0a54646045bfa22943afbb4cca9f&scene=58&subscene=0#rd) -- Reverse Engineering - - [ ] [Reverse Engineering Conference happening this February in Orlando!](https://www.reddit.com/r/ReverseEngineering/comments/1i2yah6/reverse_engineering_conference_happening_this/) - - [ ] [Release of IDA Python script helper (community_base.py)](https://www.reddit.com/r/ReverseEngineering/comments/1i2brvi/release_of_ida_python_script_helper_community/) -- FreeBuf网络安全行业门户 - - [ ] [FreeBuf早报 | 泰国总理遭遇电诈;腾讯回应用户被异地刷脸支付成功](https://www.freebuf.com/news/420003.html) - - [ ] [最好用的文件同步工具曝6个严重漏洞,可执行远程代码](https://www.freebuf.com/news/419987.html) - - [ ] [Palo Alto Networks防火墙迁移工具曝多个关键漏洞,可泄露明文密码](https://www.freebuf.com/news/419970.html) - - [ ] [Fortinet新的零日漏洞被黑客利用](https://www.freebuf.com/news/419968.html) - - [ ] [Google Ads用户成恶意广告诈骗新目标,凭据及双因素认证码被盗](https://www.freebuf.com/articles/419985.html) -- 代码卫士 - - [ ] [Ivanti修复Endpoint Manager中的多个严重漏洞](https://mp.weixin.qq.com/s?__biz=MzI2NTg4OTc5Nw==&mid=2247522089&idx=1&sn=a04239b89ce2032e8e28b49d05782135&chksm=ea94a643dde32f55fd65e0ec66115b17b1cfe6c18f35bb55ece3c45dfce09c46bdf368f9009f&scene=58&subscene=0#rd) - - [ ] [SimpleHelp 多个严重漏洞可导致文件窃取、提权和RCE攻击](https://mp.weixin.qq.com/s?__biz=MzI2NTg4OTc5Nw==&mid=2247522089&idx=2&sn=46178e7445995e2b3a605d7fd3c37a93&chksm=ea94a643dde32f5500a0b9ba085731e8b6fcd21c96d42f6dbb5597cd5ac92f61c77907616c88&scene=58&subscene=0#rd) -- 看雪学苑 - - [ ] [【Windows 内核基础篇】-内核入门-段基础](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458588707&idx=1&sn=d94feda75be18bc50c1a4e1b3e8562dc&chksm=b18c26a986fbafbf5d4bae96661feee0121f0b4a7d68ec53bf20422ad8be57c2d8885cbde9a1&scene=58&subscene=0#rd) - - [ ] [Palo Alto Networks Expedition 工具曝关键漏洞,明文密码或泄露](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458588707&idx=2&sn=d8b388917808b4ab77f7526a37a8f228&chksm=b18c26a986fbafbfafefb07442a2524806b1f3c1598ea59eff936f42c6f1d5c9c7346e8eb91e&scene=58&subscene=0#rd) - - [ ] [Windows内核漏洞分析与EXP编写技巧](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458588707&idx=3&sn=e956cfff8deabe1f7326baacac64eef9&chksm=b18c26a986fbafbf0481872368b731450bf7c0dd4efa35180ae1fdcb91d09ff87bfcfda869c7&scene=58&subscene=0#rd) -- 安全内参 - - [ ] [首个AI驱动的勒索软件组织:大模型生成代码、聊天机器人自主运营](https://mp.weixin.qq.com/s?__biz=MzI4NDY2MDMwMw==&mid=2247513518&idx=1&sn=fe28a4824b27c5537d65babed6d5c44f&chksm=ebfaf28edc8d7b9869d2b2b4b8daeb1905fb01803f567a2477bfe3f226caaea259ca1fa79638&scene=58&subscene=0#rd) - - [ ] [微信支付存漏洞?用户被异地刷脸支付成功,官方回应](https://mp.weixin.qq.com/s?__biz=MzI4NDY2MDMwMw==&mid=2247513518&idx=2&sn=e3691228661dd921114c81bc336d3c7a&chksm=ebfaf28edc8d7b987cbca67e7facee84ece62bb9db75aeb0b865aafa069342f157193c760e9b&scene=58&subscene=0#rd) -- 长亭安全应急响应中心 - - [ ] [【已复现】Fortinet FortiOS/FortiProxy 认证绕过漏洞(CVE-2024-55591)](https://mp.weixin.qq.com/s?__biz=MzIwMDk1MjMyMg==&mid=2247492698&idx=1&sn=31b2a6d8629fb3f69e5a9c159e42c650&chksm=96f7fb37a1807221e222b2e62698c88569521b9b0ec86deebfe7d0dab53b302b142b23b9358f&scene=58&subscene=0#rd) -- 腾讯玄武实验室 - - [ ] [每日安全动态推送(25/1/16)](https://mp.weixin.qq.com/s?__biz=MzA5NDYyNDI0MA==&mid=2651959990&idx=1&sn=30d3c830c7207583d9ca8e9c9d4c9c7e&chksm=8baed229bcd95b3f6fe66b785e1c1c07b4d0cf4020f57121b573a83bde1e49c0b789ff02fde0&scene=58&subscene=0#rd) -- 吾爱破解论坛 - - [ ] [征集吾爱破解论坛微信红包封面设计](https://mp.weixin.qq.com/s?__biz=MjM5Mjc3MDM2Mw==&mid=2651141557&idx=1&sn=91d30c43aac8a1110c1286d481927d35&chksm=bd50a5e18a272cf785cf136f38cddd5c40d02b83fc5d168b8863afaed962fdca39e2f5aa7e1b&scene=58&subscene=0#rd) -- Black Hills Information Security - - [ ] [One Active Directory Account Can Be Your Best Early Warning](https://www.blackhillsinfosec.com/one-active-directory-account-can-be-your-best-early-warning/) + - [ ] [AniDoc:动画创作草图高保真着色工具](https://blog.upx8.com/4673) + - [ ] [网页翻译插件:接入Deepseekv、Gemini等AI翻译服务](https://blog.upx8.com/4671) + - [ ] [ai_couplets:AI 对联生成器 马上成为春联领域高手](https://blog.upx8.com/4670) + - [ ] [WinNew:微软Windows原版镜像系统](https://blog.upx8.com/4669) - 威努特安全网络 - - [ ] [追逐国产化发展新浪潮,助力长航自主可控安全体系建设](https://mp.weixin.qq.com/s?__biz=MzAwNTgyODU3NQ==&mid=2651130378&idx=1&sn=8b069880e459491f3fddd6240c7b6f5e&chksm=80e710bab79099ac2d06407cf67ff5e9e36adae2361ee1b6b1cac0a2edfc4407bef4a522aca6&scene=58&subscene=0#rd) -- 奇安信 CERT - - [ ] [奇安信集团2025年01月补丁库更新通告-第一次更新](https://mp.weixin.qq.com/s?__biz=MzU5NDgxODU1MQ==&mid=2247502851&idx=1&sn=7f2bbf94f6a150066e8b83295b2969dc&chksm=fe79e89bc90e618d32ddc7a6e1890807a83f451da51d9b64113505750e5d57cda9740e43f62c&scene=58&subscene=0#rd) -- 丁爸 情报分析师的工具箱 - - [ ] [【资料】情报分析的应用思维 :从业者指南](https://mp.weixin.qq.com/s?__biz=MzI2MTE0NTE3Mw==&mid=2651148536&idx=1&sn=dbc7dff83031ab6b8004c22b387ea793&chksm=f1af27c2c6d8aed465d513db940dfb4aa0d8037c31b60cb7a6e20ae396904b5875269b05a4fa&scene=58&subscene=0#rd) -- 微步在线研究响应中心 - - [ ] [Rsync修复数个高危漏洞,两个RCE需要重点关注](https://mp.weixin.qq.com/s?__biz=Mzg5MTc3ODY4Mw==&mid=2247507685&idx=1&sn=f6f13d9e6ca46b986c4c17ce7424d252&chksm=cfcabdf1f8bd34e7a4bb18b1d16702e6a4feb5c65a3c5642728ea446c51edaaba876ffe2c928&scene=58&subscene=0#rd) -- 绿盟科技CERT - - [ ] [【漏洞通告】Rsync缓冲区溢出与信息泄露漏洞(CVE-2024-12084/CVE-2024-12085)](https://mp.weixin.qq.com/s?__biz=Mzk0MjE3ODkxNg==&mid=2247488860&idx=1&sn=d1d87ac982c32f01e05fc74e29efccff&chksm=c2c64257f5b1cb416e9fd6d3a45e35247f42e76947e51170f466288638bc9ff50a5e290f30c1&scene=58&subscene=0#rd) + - [ ] [西班牙电信公司遭入侵,官方通报16款违规移动应用 | 一周特辑](https://mp.weixin.qq.com/s?__biz=MzAwNTgyODU3NQ==&mid=2651130508&idx=1&sn=2470459b5f48ea1c07856c2d72394829&chksm=80e7103cb790992a65070923895751564457b3909a6b673b81f7dc6c3db5958fd00fd64e76ae&scene=58&subscene=0#rd) +- 代码审计SDL + - [ ] [API BOM - ASPM数据关联分析纽带](https://mp.weixin.qq.com/s?__biz=MzI2NTExNzcxNQ==&mid=2247484361&idx=1&sn=8e472a7a51b24dacdf95759c0a58c4a8&chksm=eaa30ab5ddd483a3ebf52abba4056a525450dc0dd3cd0a1a1aef253b5339b066093ed268e076&scene=58&subscene=0#rd) - dotNet安全矩阵 - - [ ] [.NET 内网横向移动,通过模拟用户令牌实现远程权限提升](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498252&idx=1&sn=cf0ab90b357c9de769fa264d92b5d3db&chksm=fa5954e1cd2eddf79d8bdfb7da7b322787b306361d64639876956062b76e3e3e827960b2bbb5&scene=58&subscene=0#rd) - - [ ] [国内最专业、最全面的 [ .NET 代码审计 ] 体系化学习交流社区](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498252&idx=2&sn=1482f0c46b8108d2d17d067aa5a82739&chksm=fa5954e1cd2eddf7a9f0115b6b81ec954b2000fc15ff35f05fdecc531bd61d4087ff091e4c9a&scene=58&subscene=0#rd) - - [ ] [.NET 实战中批量获取数据库凭据的工具](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498252&idx=3&sn=a2cb571fb0ac54647dc4f5ae74194aa4&chksm=fa5954e1cd2eddf72a8664ea41621ed2a2c0d089b2d4c7dad4be2ea79878ad831fbc5dbbced8&scene=58&subscene=0#rd) -- 慢雾科技 - - [ ] [探讨 Poseidon 延展性攻击,可影响零知识证明应用的安全性](https://mp.weixin.qq.com/s?__biz=MzU4ODQ3NTM2OA==&mid=2247500936&idx=1&sn=433dc45041abe0603c4c00d7a3db7ced&chksm=fddeba0fcaa9331903775c679192d7df3cb0be4b43575a5ac854e2f5dd19fb7c3465ca2299cf&scene=58&subscene=0#rd) -- 微步在线 - - [ ] [银狐叒进化,溯源不了,清理不掉!](https://mp.weixin.qq.com/s?__biz=MzI5NjA0NjI5MQ==&mid=2650182999&idx=1&sn=ea90cb2b6d56950310409bf3e32feeb3&chksm=f4486eebc33fe7fd48e6aced8e580fe90c58251598b1cfd54c65b4a1d86832a3e3c23521c4a8&scene=58&subscene=0#rd) -- 58安全应急响应中心 - - [ ] [58集团|春节放假通知](https://mp.weixin.qq.com/s?__biz=MzU4NTMzNjU4Mw==&mid=2247490167&idx=1&sn=74d119b85e31259bf2ce342602ce9d4f&chksm=fd8d481fcafac109e3a81983cfc87fe697401620c1993eb92cd26311c65badd1e321668c51c1&scene=58&subscene=0#rd) -- 情报分析师 - - [ ] [【可视化】情报分析师教你如何辨别数据、信息和情报](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650558974&idx=1&sn=5cab57b2a1d0dd82507a737097ce3f2c&chksm=87117fb5b066f6a3cb6871541c268adf5cbe42afd9c93b1ea0100bfecb2ef227ba0ad25acff8&scene=58&subscene=0#rd) - - [ ] [缅甸诈骗产业链条:军阀、幕后大佬深度剖析](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650558974&idx=2&sn=0651bf621a409a62f4cc2de29da5da57&chksm=87117fb5b066f6a3e7585739b3ef800e3723ef179cc273ca78b610152178c990bffab28a5c04&scene=58&subscene=0#rd) + - [ ] [.NET 第55期红队武器库和资源汇总](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498306&idx=1&sn=672a2a2f57cabb2ce04be6ff29129beb&chksm=fa5954afcd2eddb95c9d28b0c0054d2ffc9aeefa6c8453b52d06a54a7256591e3ea8c802d6d9&scene=58&subscene=0#rd) + - [ ] [国内最专业、最全面的 [ .NET 代码审计 ] 体系化学习交流社区](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498306&idx=2&sn=4c2323d1570eb3b825a6a04eb4520b72&chksm=fa5954afcd2eddb9dd3e4a3bbf2b57ba408dd8885947b8fb03d7dc9cf4549bd8cb2784095eaf&scene=58&subscene=0#rd) + - [ ] [一种通过 .NET 启动 cmd.exe 的新方法](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498306&idx=3&sn=d5276b7bf7380ce889dc125627631a94&chksm=fa5954afcd2eddb9766ec4e35c05e11ccf9f4e97162811fc15396171a733e0531e29cabee253&scene=58&subscene=0#rd) +- 看雪学苑 + - [ ] [欢迎报名!​“系统0day安全”系列课程:掌握漏洞挖掘重要技能](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458588749&idx=1&sn=c07163014dddf5e352e4f3683251b0d4&chksm=b18c26c786fbafd14670241f07726032e76e13980b4ff50732d34c76fea9f03ae8979ccaba96&scene=58&subscene=0#rd) + - [ ] [PWN入门:误入格式化字符串漏洞](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458588749&idx=2&sn=6fc809be9ede10a46f7d204c536cd5bf&chksm=b18c26c786fbafd14e4e451e21e415e3d96e93feb517543db94006ba90a0f748c9b78f0cc838&scene=58&subscene=0#rd) +- 安全内参 + - [ ] [CNCERT:美网络攻击我国某先进材料设计研究院事件调查报告](https://mp.weixin.qq.com/s?__biz=MzI4NDY2MDMwMw==&mid=2247513535&idx=1&sn=b266fc240ecfa7219f753220df704fd6&chksm=ebfaf29fdc8d7b895e31b7f387b580348d6200e7d05b1f78b5bbefb52172bf88ccda3fb37a3b&scene=58&subscene=0#rd) + - [ ] [CNCERT:美网络攻击我国某智慧能源和数字信息大型高科技企业事件调查报告](https://mp.weixin.qq.com/s?__biz=MzI4NDY2MDMwMw==&mid=2247513535&idx=2&sn=8013d103c78d04dbb57f8891af08c176&chksm=ebfaf29fdc8d7b89c6ce104f81453910fac57be35385c3d3cefe1beff5e1b59a6307051d12d0&scene=58&subscene=0#rd) - 中国信息安全 - - [ ] [专题·人工智能安全治理 | 关于《人工智能安全治理框架》的解读与思考](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664234775&idx=1&sn=83ab940ab301a0f823a6e47ed7b51c15&chksm=8b59fdeebc2e74f8b7a174a9b5260fa421c3d74a9f3d3eef6564785924f1c7114ca46617dffc&scene=58&subscene=0#rd) - - [ ] [专家解读 | 魏亮:繁荣数据标注产业,赋能人工智能高质量发展](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664234775&idx=2&sn=df6cb8e9e959e150ba19c755ad71542c&chksm=8b59fdeebc2e74f87e89cb3871bfc40378b4ec75a027fa28f285e53e1fd4a5b83a838040e0a3&scene=58&subscene=0#rd) - - [ ] [CNNVD | 关于Fortinet FortiOS和FortiProxy安全漏洞的通报](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664234775&idx=3&sn=82b000440fa4c60ceae4b17d4472d670&chksm=8b59fdeebc2e74f8f1e114cc8a17881077bd3708e814560f198b1085ef506d998bb5bd1dec9b&scene=58&subscene=0#rd) - - [ ] [CNNVD | 关于微软多个安全漏洞的通报](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664234775&idx=4&sn=ec548ccac6f3d80540906533ca87ecf9&chksm=8b59fdeebc2e74f8c64ef4317b09ff932b30314e4bf6a8856a5aa49afbd1509722c124378ab7&scene=58&subscene=0#rd) - - [ ] [国际 | 全球产业各方强烈反对美国AI新限令](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664234775&idx=5&sn=e78991ce80797a2d231c237b288a0161&chksm=8b59fdeebc2e74f87507ad451c5da6ad2e961a19138f1f15a8a698c703959b7413eedc8f4faf&scene=58&subscene=0#rd) - - [ ] [发布 | 中国信通院发布《高质量大模型基础设施研究报告(2024年)》(附下载)](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664234775&idx=6&sn=673d2d303997d8b3ec28dab3c35e6269&chksm=8b59fdeebc2e74f8448eb96681ff2ef19be35ba4ea0cdb7022870c364d6bf20aa162fd349456&scene=58&subscene=0#rd) - - [ ] [公安部提示:警惕境外高薪招聘 避免落入电诈窝点](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664234775&idx=7&sn=a17f63056a3bfc0d3f5dc8e5bd566831&chksm=8b59fdeebc2e74f86114c487390974b20b8eb87fa964089e6574931fc1cc4da62b267bc45ed9&scene=58&subscene=0#rd) -- 安全圈 - - [ ] [【安全圈】2024年12月涉国内数据泄露事件汇总](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067407&idx=1&sn=47291e4d3be4fe5aba124eaf42090def&chksm=f36e7a0fc419f31979de403434ebbb3d4e9eb54623f6bea7eeee1c6ca71d85f271efbe2b4598&scene=58&subscene=0#rd) - - [ ] [【安全圈】TikTok计划本周日关停美国业务](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067407&idx=2&sn=c4ea18f86a062710556f1866f61a834d&chksm=f36e7a0fc419f31923da14b7bb88e95381f39c1784189c56b88853af1571446b91763d2b87a3&scene=58&subscene=0#rd) - - [ ] [【安全圈】超过 660,000 个 Rsync 服务器遭受代码执行攻击](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067407&idx=3&sn=8ab61dc14be99150b80875b0242ba5ee&chksm=f36e7a0fc419f31991628c4d2745df5c3bc235f99efb1f272830e57fe97a8ce3d84f7a21bcb2&scene=58&subscene=0#rd) - - [ ] [【安全圈】Fortinet 又被确认存在新的零日漏洞](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067407&idx=4&sn=0e43cb3c3a8763dcfcbd7b70a9d16464&chksm=f36e7a0fc419f319a7965eec0e32510033e5b2543bbe6ce51c54334af84e58c2c68a4a803549&scene=58&subscene=0#rd) -- 数世咨询 - - [ ] ["TikTok难民"涌入 ,小红书如何应对安全挑战?](https://mp.weixin.qq.com/s?__biz=MzkxNzA3MTgyNg==&mid=2247534365&idx=1&sn=f588bf9917f2c9ea08f7e4a1b7bd0fa1&chksm=c14435a0f633bcb6e8081a918f1c1f1b0a773c8c5cab714e55d4396a4353943fd6de59281d88&scene=58&subscene=0#rd) + - [ ] [论坛·原创 | 特朗普第二任期美国科技外交战略展望](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235038&idx=1&sn=0985e935a77d468c9918194fcdac28b3&chksm=8b5802e7bc2f8bf11b2f1b8ca38fc79e014dc4fd73969198e2fcad1f63378e221da7e6975b6f&scene=58&subscene=0#rd) + - [ ] [专家解读 | 强化数据标注基地引领作用 带动数据标注产业高质量发展](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235038&idx=2&sn=faf2a988fedc8924e65ab9c9bcbbafa5&chksm=8b5802e7bc2f8bf126b161de9bd9d5058cff96053115722ea4bc0519184dbbf8d28f097b06c2&scene=58&subscene=0#rd) + - [ ] [小心!“间谍”正在潜入你的手机](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235038&idx=3&sn=8d7fbaf443b0a9525f6d4b1be446e0a2&chksm=8b5802e7bc2f8bf161b0bb62fba700cc8b6a23cdba4d5a9d1aeab4ff10271ea2fbda09f594f5&scene=58&subscene=0#rd) + - [ ] [国际 | 越南个人数据跨境传输规则](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235038&idx=4&sn=d5d670e02e6690a029cf91ba98894c4b&chksm=8b5802e7bc2f8bf12d74db74b6d23efe779dc9b074b80efd47d7ffb4874d0665a003c525e7ac&scene=58&subscene=0#rd) + - [ ] [评论 | 走出应用程序自动扣费的“消费陷阱”](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235038&idx=5&sn=27d2dc92bc541ae96838413ce948ac9c&chksm=8b5802e7bc2f8bf11127a7f375be5953f44d0423fe5f47d299c0e71a4bb5fc2b4b1ebb629812&scene=58&subscene=0#rd) +- 慢雾科技 + - [ ] [新型手法|Telegram 假 Safeguard 骗局](https://mp.weixin.qq.com/s?__biz=MzU4ODQ3NTM2OA==&mid=2247500978&idx=1&sn=8d502d81ee56971fac26b35e70b49081&chksm=fddeba35caa9332370f3eb036a88298138c4c0b3affab16a89684c8be0ea352075d9efbc6119&scene=58&subscene=0#rd) +- ChaMd5安全团队 + - [ ] [2024年ChaMd5安全团队总结](https://mp.weixin.qq.com/s?__biz=MzIzMTc1MjExOQ==&mid=2247511877&idx=1&sn=d8176431e491281ef849226a54134205&chksm=e89d879ddfea0e8bed51009b5df5f17451e07e7d548788096d2d114ae33d709cadabdd53fd21&scene=58&subscene=0#rd) - 极客公园 - - [ ] [只用 45 天达成 100 万美金 ARR,这家创业公司找到了 AI 落地的解法](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653072187&idx=1&sn=3d684d310b02fde9036a7b380e174561&chksm=7e57d68d49205f9b271fb04d2c021c24035447ca229df15fc35d9141b95d71ef9d96a4cac22f&scene=58&subscene=0#rd) - - [ ] [前华为智驾主管转投地平线后首秀:对手只有特斯拉,天天营销没用](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653072187&idx=2&sn=1804eeacd4a39d7558ce0924efafc873&chksm=7e57d68d49205f9b70c422202cc67af03e9d5383daa790831590702dc6b0788d64b18dcbb861&scene=58&subscene=0#rd) - - [ ] [TikTok「硬刚」之下,转机来了](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653072182&idx=1&sn=07ecbd9641c4e5dc91ae910dbee03330&chksm=7e57d68049205f96e71c86167379f753f018f4b6c491b3c1ede6d838a3ce3c6ae01efac68ee9&scene=58&subscene=0#rd) - - [ ] [传 TikTok 计划周日完全关停美业务;OpenAI 推出新功能「Tasks」;《王者荣耀》纯血鸿蒙版上线 | 极客早知道](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653072123&idx=1&sn=a2b3df514f9f43169cdb6d3fb6529d09&chksm=7e57d74d49205e5bd59bfa31969dbc073fc123b54a6c6d6485961460d2fd1219eda233e694a5&scene=58&subscene=0#rd) -- 嘶吼专业版 - - [ ] [Nuclei 漏洞允许恶意模板绕过签名验证](https://mp.weixin.qq.com/s?__biz=MzI0MDY1MDU4MQ==&mid=2247580839&idx=1&sn=9bbf94cef195dc62ef4e9c2767e40736&chksm=e9146c9dde63e58b38dc1102ff184f3f04def7647e879875cf84eea98fd90bd0fb589e54a1ae&scene=58&subscene=0#rd) - - [ ] [国家计算机病毒应急处理中心监测发现16款违规移动应用](https://mp.weixin.qq.com/s?__biz=MzI0MDY1MDU4MQ==&mid=2247580839&idx=2&sn=ba6339b09bc11710fbe1b0d53e455d2e&chksm=e9146c9dde63e58bdb54281cedb98d47988111a4dc35b2d7b1da0f4e522afe4a0514ee5a3dcf&scene=58&subscene=0#rd) -- 字节跳动安全中心 - - [ ] [业务上新|BytePlus开放测试](https://mp.weixin.qq.com/s?__biz=MzUzMzcyMDYzMw==&mid=2247494456&idx=1&sn=08dd5c76c4e63b643bf83e6e67376f72&chksm=fa9d106ecdea9978cd783823f2d8d73ad96e7742cdf39c379eb7dae0e4e2c2bf87075fb5a6f1&scene=58&subscene=0#rd) -- 威胁猎人Threat Hunter - - [ ] [【黑产大数据】2024年互联网黑灰产趋势年度总结](https://mp.weixin.qq.com/s?__biz=MzI3NDY3NDUxNg==&mid=2247498891&idx=1&sn=9f040f1179476893f7e090a25d5c7db6&chksm=eb12dab0dc6553a6688a1502538c0a93299a3ae6095c314d0db7c1c3f67008f121543a1aa9df&scene=58&subscene=0#rd) -- Yak Project - - [ ] [一种简单又强势的Js-Forward脚本编写方式](https://mp.weixin.qq.com/s?__biz=Mzk0MTM4NzIxMQ==&mid=2247527481&idx=1&sn=9bee930fcf19964ae14c0d949c517570&chksm=c2d1109df5a6998b7ef18c9aa6230c5759ef54ac86481b4372e0b3e08e5217cc312d81f83fe4&scene=58&subscene=0#rd) + - [ ] [美国最高法裁定支持 TikTok 禁令,周受资回应;传网易裁撤战投部;三星与 OpenAI 合作开发 AI 电视 | 极客早知道](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653072294&idx=1&sn=2ad18c4ecffe9cc504a4c2b913d43446&chksm=7e57d61049205f06adcfbf56f4d2a313bfa3cf0be44336d8b8615ba19db4d9afe35995b8e869&scene=58&subscene=0#rd) +- 丁爸 情报分析师的工具箱 + - [ ] [【工具】全球有组织犯罪指数](https://mp.weixin.qq.com/s?__biz=MzI2MTE0NTE3Mw==&mid=2651148608&idx=1&sn=dcde5ba6b230d8fa0b9ffbd97091e78a&chksm=f1af267ac6d8af6c1e5890468a5afa8695a4219608207c2373863a75d242e13b2b43eb2baa23&scene=58&subscene=0#rd) + - [ ] [【资料】拜登告别演讲](https://mp.weixin.qq.com/s?__biz=MzI2MTE0NTE3Mw==&mid=2651148608&idx=2&sn=03f1e0c2e178ad80175a035485141a01&chksm=f1af267ac6d8af6c2b9fd8e4c2800c517101c6e06ecac0b3e36448e42f84a6301499a6f416bd&scene=58&subscene=0#rd) +- 安全圈 + - [ ] [【安全圈】高危!rsync被爆出多个安全漏洞](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067460&idx=1&sn=7e41cdf5b76e20186089903f7171a588&chksm=f36e7ac4c419f3d2506b8a4fda50d186484d0b429b68fbc2c9fa6a6d793e423ec4e7374d18b2&scene=58&subscene=0#rd) + - [ ] [【安全圈】国家互联网应急中心通报两起美方对我国网络攻击事件](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067460&idx=2&sn=1eeea145994ab308cf3f78f1ca987a19&chksm=f36e7ac4c419f3d249013e9e085dface206bc6cc4b5b7f6d7808a9eb3d92fe36d14ea01b7261&scene=58&subscene=0#rd) + - [ ] [【安全圈】网络安全态势研判分析报告 (2024年12月)](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067460&idx=3&sn=86d02f407c0e151d308f83282274bf31&chksm=f36e7ac4c419f3d2c695e9358023983f6c9908bce56b713651866957afc0ffec8d6486e40553&scene=58&subscene=0#rd) +- 山石网科安全技术研究院 + - [ ] [2024年度人工智能相关重点安全漏洞盘点](https://mp.weixin.qq.com/s?__biz=MzUzMDUxNTE1Mw==&mid=2247510270&idx=1&sn=6e0dfb575d641bc67a2b3f00196df49c&chksm=fa527d40cd25f4569e895e911f8d3e8f3e3bc366ffc8598627f89ba3a175f3b65e348be9866b&scene=58&subscene=0#rd) - DataCon大数据安全分析竞赛 - - [ ] [DataCon2024解题报告WriteUp—网络基础设施安全赛道](https://mp.weixin.qq.com/s?__biz=MzU5Njg1NzMyNw==&mid=2247489113&idx=1&sn=f50d636aa1d51351143f9cdf801aedeb&chksm=fe5d0ed9c92a87cf2d0cb0ac85dcfb860d8e5684ae9d60f6eaad2c43357757367e274d6cacf0&scene=58&subscene=0#rd) -- 火绒安全 - - [ ] [聚焦银狐丨探究病毒肆虐传播背后隐藏的迭代玄机](https://mp.weixin.qq.com/s?__biz=MzI3NjYzMDM1Mg==&mid=2247521662&idx=1&sn=d892c1ee59c408fd2318701d76ce76eb&chksm=eb704b41dc07c257e791093a007f7281efb53f3f4302acc7f352f5567cc85528f957695de501&scene=58&subscene=0#rd) - - [ ] [诚邀渠道合作伙伴共启新征程](https://mp.weixin.qq.com/s?__biz=MzI3NjYzMDM1Mg==&mid=2247521662&idx=2&sn=a82fab2199cc8b53db07300512a91f88&chksm=eb704b41dc07c257eaa7c89bd1beb5aa42864668fdd898b231ff7f0f412a808ed8ef8519964e&scene=58&subscene=0#rd) -- 美团技术团队 - - [ ] [没猜错的话,你在等美团技术年货 | 送10份美团新春礼盒](https://mp.weixin.qq.com/s?__biz=MjM5NjQ5MTI5OA==&mid=2651779737&idx=1&sn=34c1ad2e924f5724af10680a2079e410&chksm=bd122bd48a65a2c2a7c45122b8b55b8ed496d0d1d72d9adb1d5039567f111852ebf314f01416&scene=58&subscene=0#rd) -- 360数字安全 - - [ ] [正式签约!360为宁波城市大模型发展注入新动能](https://mp.weixin.qq.com/s?__biz=MzA4MTg0MDQ4Nw==&mid=2247579041&idx=1&sn=2f7055867704f94db13304cebae8ada0&chksm=9f8d25a9a8faacbfa4674c94f494a1791f0840109f3b0b78273934fb04f0405c1565a6d12d5c&scene=58&subscene=0#rd) -- LuxSci - - [ ] [HIPAA-Compliant Personalization With PHI: A How-To Guide](https://luxsci.com/blog/hipaa-compliant-personalization.html) -- 安全419 - - [ ] [人工智能和机器学习如何改变数字银行安全](https://mp.weixin.qq.com/s?__biz=MzUyMDQ4OTkyMg==&mid=2247546715&idx=1&sn=59b38fd23de2ac6cd1e972f8ce8fd022&chksm=f9ebe9f6ce9c60e06d2a7dc7e7ea3652f451882a9fdd79ca021c75265aa830efe30ac8736cdf&scene=58&subscene=0#rd) -- Qualys Security Blog - - [ ] [Cybersecurity 2025: Qualys’ Predictions for Navigating the Evolving Threat Landscape](https://blog.qualys.com/category/qualys-insights) + - [ ] [DataCon2024解题报告WriteUp—漏洞分析赛道](https://mp.weixin.qq.com/s?__biz=MzU5Njg1NzMyNw==&mid=2247489123&idx=1&sn=228fa0630cebdc58c6b961b96752dc2f&chksm=fe5d0ee3c92a87f539db8736eee19d3b20b91e5cf731b6a9630bc1339b0cd1dfb5e2e9ecca66&scene=58&subscene=0#rd) +- 白泽安全实验室 + - [ ] [美日韩联合警告加密货币行业防范朝鲜黑客攻击](https://mp.weixin.qq.com/s?__biz=MzI0MTE4ODY3Nw==&mid=2247492524&idx=1&sn=19d57828e503df304caf2618802d9d27&chksm=e90dc986de7a4090525887e3393df05546cb69cbdde9be1ad3e3ff9b365906e28e0b0a1640d3&scene=58&subscene=0#rd) - Over Security - Cybersecurity news aggregator - - [ ] [GDPR complaints filed against TikTok, Temu for sending user data to China](https://www.bleepingcomputer.com/news/security/gdpr-complaints-filed-against-tiktok-temu-for-sending-user-data-to-china/) - - [ ] [Qualche grafico: Analisi del leak Fortinet su 15K server esposti](https://www.insicurezzadigitale.com/qualche-grafico-analisi-del-leak-fortinet-su-15k-server-esposti/) - - [ ] [FTC updates closely watched children’s online privacy rule](https://therecord.media/ftc-coppa-childrens-data-privacy-updated-regulation) - - [ ] [Chinese Innovations Spawn Wave of Toll Phishing Via SMS](https://krebsonsecurity.com/2025/01/chinese-innovations-spawn-wave-of-toll-phishing-via-sms/) - - [ ] [W3 Total Cache plugin flaw exposes 1 million WordPress sites to attacks](https://www.bleepingcomputer.com/news/security/w3-total-cache-plugin-flaw-exposes-1-million-wordpress-sites-to-attacks/) - - [ ] [US issues sanctions against companies in Laos, China tied to North Korean IT worker scheme](https://therecord.media/us-issues-sanctions-laos-china-north-korean-worker-scheme) - - [ ] [Balancing Celebration with Security at Trump’s Second Inauguration and Beyond](https://flashpoint.io/blog/balancing-celebration-with-security-at-trumps-second-inauguration/) - - [ ] [Microsoft expands testing of Windows 11 admin protection feature](https://www.bleepingcomputer.com/news/security/microsoft-expands-testing-of-windows-11-admin-protection-feature/) - - [ ] [Find the helpers](https://blog.talosintelligence.com/find-the-helpers/) - - [ ] [US cracks down on North Korean IT worker army with more sanctions](https://www.bleepingcomputer.com/news/security/us-cracks-down-on-north-korean-it-worker-army-with-more-sanctions/) - - [ ] [Biden signs executive order to bolster national cybersecurity](https://www.bleepingcomputer.com/news/security/biden-signs-executive-order-to-bolster-national-cybersecurity/) - - [ ] [Biotech firm settles class action lawsuit over ransomware attack for $7.5 million](https://therecord.media/enzo-biochem-ransomware-class-action-lawsuit-settlement) - - [ ] [German defense and foreign ministries suspend activity on Elon Musk’s platform](https://therecord.media/german-defense-foreign-ministries-suspend-accounts-on-x) - - [ ] [Wolf Haldenstein law firm says 3.5 million impacted by data breach](https://www.bleepingcomputer.com/news/security/wolf-haldenstein-law-firm-says-35-million-impacted-by-data-breach/) - - [ ] [FTC sues GoDaddy for years of poor hosting security practices](https://www.bleepingcomputer.com/news/security/ftc-sues-godaddy-for-years-of-poor-hosting-security-practices/) - - [ ] [Karmada Security Audit](https://www.shielder.com/blog/2025/01/karmada-security-audit/) - - [ ] [Una vulnerabilità di UEFI Secure Boot permette l’esecuzione di codice durante il boot di sistema](https://www.securityinfo.it/2025/01/16/una-vulnerabilita-di-uefi-secure-boot-permette-lesecuzione-di-codice-durante-il-boot-di-sistema/) - - [ ] [MFA Failures - The Worst is Yet to Come](https://www.bleepingcomputer.com/news/security/mfa-failures-the-worst-is-yet-to-come/) - - [ ] [New UEFI Secure Boot flaw exposes systems to bootkits, patch now](https://www.bleepingcomputer.com/news/security/new-uefi-secure-boot-flaw-exposes-systems-to-bootkits-patch-now/) - - [ ] [UK’s porn age checks to arrive in July, raising fears over security and privacy](https://therecord.media/ofcom-uk-pornography-age-verification-checks) - - [ ] [Government Sector Bears the Brunt of Cyberattacks in Ukraine: Report](https://cyble.com/blog/ukraine-cyberthreat-landscape-2024/) - - [ ] [Ransomware sanctions, software security among key points in new Biden executive order](https://therecord.media/biden-cybersecurity-executive-order) - - [ ] [ICS Vulnerability Report: Hitachi Energy Network Management Flaw Scores a Perfect 10](https://cyble.com/blog/ics-vulnerability-report-hitachi-energy-network-management-flaw-scores-a-perfect-10/) - - [ ] [16-31 October 2024 Cyber Attacks Timeline](https://www.hackmageddon.com/2025/01/16/16-31-october-2024-cyber-attacks-timeline/) - - [ ] [Malware Trends Overview Report: 2024](https://any.run/cybersecurity-blog/malware-trends-2024/) - - [ ] [The Truth of the Matter: Scammers Targeting Truth Social Users](https://www.netcraft.com/blog/truth-social-scam-threat-review/) - - [ ] [Sneaky 2FA: exposing a new AiTM Phishing-as-a-Service](https://blog.sekoia.io/sneaky-2fa-exposing-a-new-aitm-phishing-as-a-service/) - - [ ] [Le Coq Sportif Columbia - 79,712 breached accounts](https://haveibeenpwned.com/PwnedWebsites#LeCoqSportif) - - [ ] [Hackers leak configs and VPN credentials for 15,000 FortiGate devices](https://www.bleepingcomputer.com/news/security/hackers-leak-configs-and-vpn-credentials-for-15-000-fortigate-devices/) - - [ ] [Japanese Spam on a Cleaned WordPress Site: The Hidden Sitemap Problem](https://blog.sucuri.net/2025/01/japanese-spam-on-a-cleaned-wordpress-site-the-hidden-sitemap-problem.html) - - [ ] [Supreme Court seems poised to uphold age-gating law for online sexual content](https://therecord.media/supreme-court-poised-to-uphold-porn-age-gating-law) -- Securityinfo.it - - [ ] [Una vulnerabilità di UEFI Secure Boot permette l’esecuzione di codice durante il boot di sistema](https://www.securityinfo.it/2025/01/16/una-vulnerabilita-di-uefi-secure-boot-permette-lesecuzione-di-codice-durante-il-boot-di-sistema/?utm_source=rss&utm_medium=rss&utm_campaign=una-vulnerabilita-di-uefi-secure-boot-permette-lesecuzione-di-codice-durante-il-boot-di-sistema) -- 娜璋AI安全之家 - - [ ] [[系统安全] 六十一.恶意软件分析 (12)LLM赋能Lark工具提取XLM代码的抽象语法树(初探)](https://mp.weixin.qq.com/s?__biz=Mzg5MTM5ODU2Mg==&mid=2247501228&idx=1&sn=b09f8443148d480c875e52d77103988a&chksm=cfcf7561f8b8fc774623011fade9c0218ad64e57b3768912d4159b85716e79823aa0097bc495&scene=58&subscene=0#rd) -- HACKMAGEDDON - - [ ] [16-31 October 2024 Cyber Attacks Timeline](https://www.hackmageddon.com/2025/01/16/16-31-october-2024-cyber-attacks-timeline/) -- FuzzWiki - - [ ] [Atropos:对Web应用程序服务器端漏洞的模糊测试技术](https://mp.weixin.qq.com/s?__biz=MzU1NTEzODc3MQ==&mid=2247486892&idx=1&sn=a6724b98a3098cb4aafd29db4607bbea&chksm=fbd9a610ccae2f06142212f5bb3152632f1397c33284590d3a060c069821d719e57417138604&scene=58&subscene=0#rd) -- ICT Security Magazine - - [ ] [Continuous Threat Exposure Management e Cyber Risk Operation Center: Architettura Avanzata per la Cybersecurity](https://www.ictsecuritymagazine.com/articoli/continuous-threat-exposure-management-e-cyber-risk-operation-center/) -- Krypt3ia - - [ ] [Daily Krypt3ia Cyber Threat Intelligence Digest:](https://krypt3ia.wordpress.com/2025/01/16/daily-krypt3ia-cyber-threat-intelligence-daily-digest/) -- Blog on Shielder - - [ ] [Karmada Security Audit](https://www.shielder.com/blog/2025/01/karmada-security-audit/) + - [ ] [Microsoft removes Assassin’s Creed Windows 11 upgrade blocks](https://www.bleepingcomputer.com/news/microsoft/microsoft-removes-assassins-creed-windows-11-upgrade-blocks/) + - [ ] [FTC orders GM to stop collecting and selling driver’s data](https://www.bleepingcomputer.com/news/legal/ftc-orders-gm-to-stop-collecting-and-selling-drivers-data/) + - [ ] [Medusa Ransomware Attack on PMUSA: The $1.2 Million Ransom to Prevent Data Exposure](https://www.suspectfile.com/medusa-ransomware-attack-on-pmusa-the-1-2-million-ransom-to-prevent-data-exposure/) + - [ ] [How victims of PowerSchool’s data breach helped each other investigate ‘massive’ hack](https://techcrunch.com/2025/01/18/how-victims-of-powerschools-data-breach-helped-each-other-investigate-massive-hack/) + - [ ] [Otelier - 436,855 breached accounts](https://haveibeenpwned.com/PwnedWebsites#Otelier) +- Desync InfoSec + - [ ] [分享图片](https://mp.weixin.qq.com/s?__biz=MzkzMDE3ODc1Mw==&mid=2247488944&idx=1&sn=09e4fe21af1fcba3e404660f9d7b32e4&chksm=c27f661ef508ef08a55b85b5762be82d9737b6b17f5bba12e75332b0ce96d0d54dc7f5a409e4&scene=58&subscene=0#rd) +- IT Service Management News + - [ ] [Gli uomini possono fare tutto (Gennaio 2025)](http://blog.cesaregallotti.it/2025/01/gli-uomini-possono-fare-tutto-gennaio.html) + - [ ] [Parere EDPB sui modelli di intelligenza artificiale](http://blog.cesaregallotti.it/2025/01/parere-edpb-sui-modelli-di-intelligenza.html) +- 吴鲁加 + - [ ] [黑客思维](https://mp.weixin.qq.com/s?__biz=Mzg5NDY4ODM1MA==&mid=2247485154&idx=1&sn=43d73ef46e2f7ca8d5a52c0fa515843f&chksm=c01a8bd3f76d02c5d4368cdfa4790e59deb43648e7ad8aaf6f4bad39c19707325a280fac689d&scene=58&subscene=0#rd) - 迪哥讲事 - - [ ] [垂直越权,你只会替换 COOKIE ?](https://mp.weixin.qq.com/s?__biz=MzIzMTIzNTM0MA==&mid=2247496878&idx=1&sn=da95b7064e7bdbbf53ae06a6b9df0f66&chksm=e8a5fecddfd277db713446ce20375d8d5ba31517f0fae716a2a6b9433fe0fcf2a8a56428ca89&scene=58&subscene=0#rd) - - [ ] [备考宝典来啦!华为ICT大赛实践赛真题解析丛书出版](https://mp.weixin.qq.com/s?__biz=MzIzMTIzNTM0MA==&mid=2247496878&idx=2&sn=04d8b2a71c966daf1e511947fc487d90&chksm=e8a5fecddfd277dbc517e73f975a682e6a45ebb4323c75f666e3bb644d0c29040bcdbd17f937&scene=58&subscene=0#rd) + - [ ] [挖掘有回显ssrf的一类隐藏payload](https://mp.weixin.qq.com/s?__biz=MzIzMTIzNTM0MA==&mid=2247496898&idx=1&sn=b6088e20a8b4fc9fbd887b900d8c5247&chksm=e8a5fea1dfd277b708b1a63e6fa9a1399f8466dce922766f0393e815aca0aa4090c609a9a372&scene=58&subscene=0#rd) - SANS Internet Storm Center, InfoCON: green - - [ ] [Extracting Practical Observations from Impractical Datasets, (Thu, Jan 16th)](https://isc.sans.edu/diary/rss/31582) -- Schneier on Security - - [ ] [FBI Deletes PlugX Malware from Thousands of Computers](https://www.schneier.com/blog/archives/2025/01/fbi-deletes-plugx-malware-from-thousands-of-computers.html) -- Full Disclosure - - [ ] [CVE-2024-48463](https://seclists.org/fulldisclosure/2025/Jan/6) - - [ ] [CyberDanube Security Research 20250107-0 | Multiple Vulnerabilities in ABB AC500v3](https://seclists.org/fulldisclosure/2025/Jan/5) - - [ ] [Certified Asterisk Security Release certified-20.7-cert4](https://seclists.org/fulldisclosure/2025/Jan/7) - - [ ] [Certified Asterisk Security Release certified-18.9-cert13](https://seclists.org/fulldisclosure/2025/Jan/4) - - [ ] [Asterisk Security Release 22.1.1](https://seclists.org/fulldisclosure/2025/Jan/3) - - [ ] [Asterisk Security Release 18.26.1](https://seclists.org/fulldisclosure/2025/Jan/2) - - [ ] [[asterisk-dev] Asterisk Security Release 21.6.1](https://seclists.org/fulldisclosure/2025/Jan/1) - - [ ] [[asterisk-dev] Asterisk Security Release 20.11.1](https://seclists.org/fulldisclosure/2025/Jan/0) -- TorrentFreak - - [ ] [Poppy Playtime Sues Google for Failing to Remove Copyright Infringing ‘Scam’ Apps](https://torrentfreak.com/poppy-playtime-sues-google-for-failing-to-remove-copyright-infringing-scam-apps-250116/) -- Deeplinks - - [ ] [Systemic Risk Reporting: A System in Crisis?](https://www.eff.org/deeplinks/2025/01/systemic-risk-reporting-system-crisis) -- 洞源实验室 - - [ ] [企业信息化建设的探索与实践](https://mp.weixin.qq.com/s?__biz=Mzg4Nzk3MTg3MA==&mid=2247487704&idx=1&sn=c180012e3a4418e25b760a61aeccacdc&chksm=cf8319a9f8f490bfd408a4cef87a0500e53bf20076190d3a9ac2b53d1a8aebda09b4d74307cf&scene=58&subscene=0#rd) -- Have I Been Pwned latest breaches - - [ ] [Le Coq Sportif Columbia - 79,712 breached accounts](https://haveibeenpwned.com/PwnedWebsites#LeCoqSportif) + - [ ] [New tool: immutable.py, (Sat, Jan 18th)](https://isc.sans.edu/diary/rss/31598) +- ICT Security Magazine + - [ ] [Autonomic Computing: La Rivoluzione dei Sistemi Auto-Gestiti nella Cybersecurity Moderna](https://www.ictsecuritymagazine.com/articoli/autonomic-computing/) - Your Open Hacker Community - - [ ] [How to find someone email](https://www.reddit.com/r/HowToHack/comments/1i2oo3o/how_to_find_someone_email/) - - [ ] [[ Removed by Reddit ]](https://www.reddit.com/r/HowToHack/comments/1i2m4hc/removed_by_reddit/) - - [ ] [Interested in learning batch](https://www.reddit.com/r/HowToHack/comments/1i2jqgm/interested_in_learning_batch/) - - [ ] [Getting an email](https://www.reddit.com/r/HowToHack/comments/1i2fna5/getting_an_email/) -- Technical Information Security Content & Discussion - - [ ] [How to Create Vulnerable-Looking Endpoints to Detect and Mislead Attackers](https://www.reddit.com/r/netsec/comments/1i2tizr/how_to_create_vulnerablelooking_endpoints_to/) - - [ ] [Microsoft Configuration Manager (ConfigMgr / SCCM) 2403 Unauthenticated SQL injections (CVE-2024-43468)](https://www.reddit.com/r/netsec/comments/1i2vo90/microsoft_configuration_manager_configmgr_sccm/) - - [ ] [The Role of Emulators in OT Research](https://www.reddit.com/r/netsec/comments/1i2x0vx/the_role_of_emulators_in_ot_research/) - - [ ] [Karmada Security Audit - Shielder](https://www.reddit.com/r/netsec/comments/1i2sbk4/karmada_security_audit_shielder/) - - [ ] [PoC for CVE-2025-0282 published (Ivanti Connect Secure stack bof)](https://www.reddit.com/r/netsec/comments/1i2te2v/poc_for_cve20250282_published_ivanti_connect/) - - [ ] [A publicly available OpenCTI connector for IoC analysis FOSS tool](https://www.reddit.com/r/netsec/comments/1i2ymf3/a_publicly_available_opencti_connector_for_ioc/) -- Computer Forensics - - [ ] [Can you run memory forensics using Kolide?](https://www.reddit.com/r/computerforensics/comments/1i2g8a1/can_you_run_memory_forensics_using_kolide/) + - [ ] [(for research purposes) how do scammers gain the skills they have?](https://www.reddit.com/r/HowToHack/comments/1i40zkp/for_research_purposes_how_do_scammers_gain_the/) + - [ ] [Fake acc](https://www.reddit.com/r/HowToHack/comments/1i4joo0/fake_acc/) + - [ ] [Complete beginner - 2 days in](https://www.reddit.com/r/HowToHack/comments/1i46c9w/complete_beginner_2_days_in/) + - [ ] [How to create a rat](https://www.reddit.com/r/HowToHack/comments/1i4l1iu/how_to_create_a_rat/) + - [ ] [How do I hack a Roblox account?](https://www.reddit.com/r/HowToHack/comments/1i4jjcn/how_do_i_hack_a_roblox_account/) + - [ ] [Lets bring tiktok back up](https://www.reddit.com/r/HowToHack/comments/1i4ddzb/lets_bring_tiktok_back_up/) + - [ ] [Hi, so I ran my config on open bullet And I’m only getting retries on the runner is it a problem with my proxy, combo list or config?](https://www.reddit.com/r/HowToHack/comments/1i3z2l5/hi_so_i_ran_my_config_on_open_bullet_and_im_only/) + - [ ] [Help making open bullet plugin](https://www.reddit.com/r/HowToHack/comments/1i3xttx/help_making_open_bullet_plugin/) + - [ ] [I need help.](https://www.reddit.com/r/HowToHack/comments/1i3xa2q/i_need_help/) + - [ ] [Help](https://www.reddit.com/r/HowToHack/comments/1i41jrv/help/) + - [ ] [[ Removed by Reddit ]](https://www.reddit.com/r/HowToHack/comments/1i40znr/removed_by_reddit/) + - [ ] [Twitter account](https://www.reddit.com/r/HowToHack/comments/1i3z6bq/twitter_account/) - Information Security - - [ ] [Hey guys can I ask you a question?](https://www.reddit.com/r/Information_Security/comments/1i2z2li/hey_guys_can_i_ask_you_a_question/) - - [ ] [ALERT: Phishers use fake online shops with surveys to steal users’ credit card information](https://www.reddit.com/r/Information_Security/comments/1i2tran/alert_phishers_use_fake_online_shops_with_surveys/) -- Deep Web - - [ ] [If someone wanted to find soon to be released ebooks...what sites would you look first?](https://www.reddit.com/r/deepweb/comments/1i2utii/if_someone_wanted_to_find_soon_to_be_released/) -- Security Affairs - - [ ] [Prominent US law firm Wolf Haldenstein disclosed a data breach](https://securityaffairs.com/173150/data-breach/us-law-firm-wolf-haldenstein-data-breach.html) - - [ ] [Clop Ransomware exploits Cleo File Transfer flaw: dozens of claims, disputed breaches](https://securityaffairs.com/173135/cyber-crime/clop-ransomware-gang-claims-hack-of-cleo-file-transfer-customers.html) - - [ ] [MikroTik botnet relies on DNS misconfiguration to spread malware](https://securityaffairs.com/173126/hacking/13000-device-mikrotik-botnet-exploiting-dns-flaws.html) - - [ ] [Threat actor leaked config files and VPN passwords for over Fortinet Fortigate devices](https://securityaffairs.com/173111/cyber-crime/fortinet-fortigate-devices-data-leak.html) -- Krebs on Security - - [ ] [Chinese Innovations Spawn Wave of Toll Phishing Via SMS](https://krebsonsecurity.com/2025/01/chinese-innovations-spawn-wave-of-toll-phishing-via-sms/) + - [ ] [Newb question: what does an information manager *do*?](https://www.reddit.com/r/Information_Security/comments/1i47ytv/newb_question_what_does_an_information_manager_do/) +- Social Engineering + - [ ] [Best way to keep in touch with people as a freelancer?](https://www.reddit.com/r/SocialEngineering/comments/1i4fug3/best_way_to_keep_in_touch_with_people_as_a/) - Hacking Exposed Computer Forensics Blog - - [ ] [Daily Blog #719: Installing project adaz](https://www.hecfblog.com/2025/01/daily-blog-719-installing-project-adaz.html) + - [ ] [Daily Blog #720: The new hardest question to answer in an incident](https://www.hecfblog.com/2025/01/daily-blog-720-new-hardest-question-to.html) +- netsecstudents: Subreddit for students studying Network Security and its related subjects + - [ ] [Would the Comptia A+ certification be worth it in this scenario?](https://www.reddit.com/r/netsecstudents/comments/1i3yegb/would_the_comptia_a_certification_be_worth_it_in/) +- Computer Forensics + - [ ] [Seeking Advice: Questions to Ask My Supervisor and IT Manager During My Internship](https://www.reddit.com/r/computerforensics/comments/1i4210m/seeking_advice_questions_to_ask_my_supervisor_and/) + - [ ] [Courses or books](https://www.reddit.com/r/computerforensics/comments/1i446e4/courses_or_books/) +- Security Affairs + - [ ] [U.S. Treasury Sanctions Chinese cybersecurity firm and actor over federal agency breach tied to Salt Typhoon](https://securityaffairs.com/173209/intelligence/u-s-treasury-sanctioned-cybersecurity-firm-and-shanghai-cyber-actor-linked-salt-typhoon.html) +- Have I Been Pwned latest breaches + - [ ] [Otelier - 436,855 breached accounts](https://haveibeenpwned.com/PwnedWebsites#Otelier) +- Blackhat Library: Hacking techniques and research + - [ ] [Dead Grandmas iPhone 11](https://www.reddit.com/r/blackhat/comments/1i404m4/dead_grandmas_iphone_11/) - The Hacker News - - [ ] [Russian Star Blizzard Shifts Tactics to Exploit WhatsApp QR Codes for Credential Harvesting](https://thehackernews.com/2025/01/russian-star-blizzard-shifts-tactics-to.html) - - [ ] [Ready to Simplify Trust Management? Join Free Webinar to See DigiCert ONE in Action](https://thehackernews.com/2025/01/ready-to-simplify-trust-management-join.html) - - [ ] [The $10 Cyber Threat Responsible for the Biggest Breaches of 2024](https://thehackernews.com/2025/01/the-10-cyber-threat-responsible-for.html) - - [ ] [New UEFI Secure Boot Vulnerability Could Allow Attackers to Load Malicious Bootkits](https://thehackernews.com/2025/01/new-uefi-secure-boot-vulnerability.html) - - [ ] [Researchers Find Exploit Allowing NTLMv1 Despite Active Directory Restrictions](https://thehackernews.com/2025/01/researchers-find-exploit-allowing.html) - - [ ] [Hackers Hide Malware in Images to Deploy VIP Keylogger and 0bj3ctivity Stealer](https://thehackernews.com/2025/01/hackers-hide-malware-in-images-to.html) - - [ ] [Python-Based Malware Powers RansomHub Ransomware to Exploit Network Flaws](https://thehackernews.com/2025/01/python-based-malware-powers-ransomhub.html) - - [ ] [Researcher Uncovers Critical Flaws in Multiple Versions of Ivanti Endpoint Manager](https://thehackernews.com/2025/01/researcher-uncovers-critical-flaws-in.html) -- Graham Cluley - - [ ] [Smashing Security podcast #400: Hacker games, AI travel surveillance, and 25 years of IoT](https://grahamcluley.com/smashing-security-podcast-400/) -- Social Engineering - - [ ] [Richard Madeley: Homeowner & Homeless Skeptic](https://www.reddit.com/r/SocialEngineering/comments/1i2wr0q/richard_madeley_homeowner_homeless_skeptic/) - - [ ] [How to effectively persuade businesses to collaborate with you?](https://www.reddit.com/r/SocialEngineering/comments/1i2hv9a/how_to_effectively_persuade_businesses_to/) -- The Register - Security - - [ ] [Russia's Star Blizzard phishing crew caught targeting WhatsApp accounts](https://go.theregister.com/feed/www.theregister.com/2025/01/16/russia_star_blizzard_whatsapp/) - - [ ] [Enzo Biochem settles lawsuit over 2023 ransomware attack for $7.5M](https://go.theregister.com/feed/www.theregister.com/2025/01/16/enzo_biochem_ransomware_lawsuit/) - - [ ] [Cybersecurity rethink - from reaction to resilience](https://go.theregister.com/feed/www.theregister.com/2025/01/16/cybersecurity_rethink_from_reaction_to/) - - [ ] [Raspberry Pi hands out prizes to all in the RP2350 Hacking Challenge](https://go.theregister.com/feed/www.theregister.com/2025/01/16/raspberry_pi_awards_prizes_for/) - - [ ] [Infoseccer: Private security biz let guard down, exposed 120K+ files](https://go.theregister.com/feed/www.theregister.com/2025/01/16/private_security_biz_lets_guard/) + - [ ] [U.S. Sanctions Chinese Cybersecurity Firm Over Treasury Hack Tied to Silk Typhoon](https://thehackernews.com/2025/01/us-sanctions-chinese-cybersecurity-firm.html) +- TorrentFreak + - [ ] [MAME Devs Spent 628 Years Cracking Protection on 712 Retro Games](https://torrentfreak.com/mame-devs-spent-628-years-cracking-protection-on-712-retro-games-250118/) From 342ffe2bb610ebec0cc278ff102c7beeba7cdd3a Mon Sep 17 00:00:00 2001 From: chainreactorbot Date: Mon, 20 Jan 2025 02:47:15 +0000 Subject: [PATCH 14/29] =?UTF-8?q?=E6=AF=8F=E6=97=A5=E5=AE=89=E5=85=A8?= =?UTF-8?q?=E8=B5=84=E8=AE=AF=EF=BC=882025-01-20=EF=BC=89?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- archive/daily/2025/2025-01-20.md | 275 ++++++++++++++++ archive/tmp/2025-01-20.json | 312 ++++++++++++++++++ today.md | 530 +++++++++++++++---------------- 3 files changed, 844 insertions(+), 273 deletions(-) create mode 100644 archive/daily/2025/2025-01-20.md create mode 100644 archive/tmp/2025-01-20.json diff --git a/archive/daily/2025/2025-01-20.md b/archive/daily/2025/2025-01-20.md new file mode 100644 index 0000000000..56a6c5e6db --- /dev/null +++ b/archive/daily/2025/2025-01-20.md @@ -0,0 +1,275 @@ +# 每日安全资讯(2025-01-20) + +- Private Feed for M09Ic + - [ ] [mgeeky starred orcasecurity-research/AIGoat](https://github.com/orcasecurity-research/AIGoat) + - [ ] [mgeeky starred ThomasRinsma/pdftris](https://github.com/ThomasRinsma/pdftris) + - [ ] [mgeeky starred osnr/horrifying-pdf-experiments](https://github.com/osnr/horrifying-pdf-experiments) + - [ ] [mgeeky starred ading2210/doompdf](https://github.com/ading2210/doompdf) + - [ ] [lz520520 starred xzh-dx/ZZZ-Balance_Calc](https://github.com/xzh-dx/ZZZ-Balance_Calc) + - [ ] [WafflesExploits started following M09Ic](https://github.com/M09Ic) + - [ ] [zer0yu starred sigoden/aichat](https://github.com/sigoden/aichat) + - [ ] [zer0yu started following leesh3288](https://github.com/leesh3288) + - [ ] [CHYbeta started following leesh3288](https://github.com/leesh3288) + - [ ] [INotGreen starred burpheart/hachimi](https://github.com/burpheart/hachimi) + - [ ] [safedv starred SpecterOps/Nemesis](https://github.com/SpecterOps/Nemesis) +- SecWiki News + - [ ] [SecWiki News 2025-01-19 Review](http://www.sec-wiki.com/?2025-01-19) +- Security Boulevard + - [ ] [DEF CON 32 – Exposing The Occultations In Large Off-Grid Solar Systems](https://securityboulevard.com/2025/01/def-con-32-exposing-the-occultations-in-large-off-grid-solar-systems/) + - [ ] [Legends of Music: Celebrating the Greatest Artists Across Generations Compilation](https://securityboulevard.com/2025/01/legends-of-music-celebrating-the-greatest-artists-across-generations-compilation/) + - [ ] [Confident Cybersecurity: Essentials for Every Business](https://securityboulevard.com/2025/01/confident-cybersecurity-essentials-for-every-business/) + - [ ] [Proactively Managing Cloud Identities to Prevent Breaches](https://securityboulevard.com/2025/01/proactively-managing-cloud-identities-to-prevent-breaches/) + - [ ] [How Secure Is Your PAM Strategy?](https://securityboulevard.com/2025/01/how-secure-is-your-pam-strategy/) +- Doonsec's feed + - [ ] [关键基础设施的安全考虑](https://mp.weixin.qq.com/s?__biz=MzA5MTYyMDQ0OQ==&mid=2247493529&idx=1&sn=4c1cf032bc2b046882889572dc04b067) + - [ ] [tiktok周一大概能重新使用了,特朗普打算签署行政令延长执行tiktok封禁时间](https://mp.weixin.qq.com/s?__biz=MzkzNDIzNDUxOQ==&mid=2247494412&idx=1&sn=253cee4f3c8a0420dcbc3ec02bee9042) + - [ ] [【突发】TikTok活了!周一在美国重新上线!](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485441&idx=1&sn=f2bc12348ab97d3c67b9cf98543807b0) + - [ ] [北七家-未来科学城,3居变4居豪装,理想楼层/户型/朝向](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485441&idx=2&sn=c3a974c73650dc694ab6fcab9c2b19df) + - [ ] [【干货】笑傲职场的独家经验(1)](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485441&idx=3&sn=171db4e77140738cf00fca3ad26dd309) + - [ ] [【干货原创】实网攻防演习常态化,会带来什么变化01](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485441&idx=4&sn=bfc50e69d91c6225e84b24ca06f3db88) + - [ ] [【干货原创】K12教育,鲜为人知的模式秘密](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485441&idx=5&sn=9533a0184971fd9587be72fd4d1d2f43) + - [ ] [原创文章目录](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485441&idx=6&sn=ae2a503c48e99a60e33e130995467a69) + - [ ] [C++ 运算符](https://mp.weixin.qq.com/s?__biz=MzA3NDE0NTY0OQ==&mid=2247484051&idx=1&sn=caca830ad2ccfa12f9438d6dba5b3d00) + - [ ] [每日专业英语4-Clip Art](https://mp.weixin.qq.com/s?__biz=MzA3NDE0NTY0OQ==&mid=2247484051&idx=2&sn=b38e18403f99796e4ac4ad0df813d3c7) + - [ ] [“你的第二大脑:Obsidian让思维飞跃的秘诀”](https://mp.weixin.qq.com/s?__biz=Mzk2NDE5MDgxOQ==&mid=2247484539&idx=1&sn=2422bfc70b1879482a8b50bb52e9ecac) + - [ ] [原创—结合第四维度牛顿物理学谈少吃肉吃肉遭报应,少骂人欺负人害人,迟早遭报应](https://mp.weixin.qq.com/s?__biz=Mzg4NzAwNzA4NA==&mid=2247485078&idx=1&sn=b22b1c50c99887e060c6324d1aaf1e84) + - [ ] [应急响应神器!全面提升Windows系统安全的秘密武器](https://mp.weixin.qq.com/s?__biz=MzU2MTc4NTEyNw==&mid=2247486354&idx=1&sn=7a32c45a376457f19c95a166517157cd) + - [ ] [资料共享 |《银行保险机构数据安全实践指南(2024)》附下载链接](https://mp.weixin.qq.com/s?__biz=MzkzMDY2MDA2Ng==&mid=2247485865&idx=1&sn=849f1ffdbbf4aa62260d54b499344e78) + - [ ] [梦里挖edu src的步骤](https://mp.weixin.qq.com/s?__biz=Mzk0NTg3ODYxNg==&mid=2247485081&idx=1&sn=118dc9ec93b8776d4fd28b1acbb90a5a) + - [ ] [一家安全企业,到底需要多少人?](https://mp.weixin.qq.com/s?__biz=MzAxOTk3NTg5OQ==&mid=2247492199&idx=1&sn=f23ba361ea986537312e24f3de2d9f8a) + - [ ] [推荐一款轻量级且实用的Elasticsearch GUI管理工具elasticvue](https://mp.weixin.qq.com/s?__biz=MzU2MjU1OTE0MA==&mid=2247499652&idx=1&sn=f3d17ffd8145ef57500e071f588dfbc3) + - [ ] [安全圈最被低估的10个神器:一个比一个强大,大佬都在偷偷用!](https://mp.weixin.qq.com/s?__biz=MzI5MjY4MTMyMQ==&mid=2247489723&idx=1&sn=deabf0c25cb271145e18f3909c9cf6c1) + - [ ] [春秋杯WP | 2024春秋杯冬季赛第三天题目部分解析](https://mp.weixin.qq.com/s?__biz=MzkyNDA5NjgyMg==&mid=2247501315&idx=1&sn=d85a30ae678cadbcaa0d69068c18dc6d) + - [ ] [【相关分享】2024春秋杯冬季赛三日Writeup汇总(部分)](https://mp.weixin.qq.com/s?__biz=Mzk0OTUwNTU5Nw==&mid=2247488648&idx=1&sn=dfbb1c72ee4b04ed418652dae9c995d6) + - [ ] [2025 西湖论剑 Writeup](https://mp.weixin.qq.com/s?__biz=Mzg2OTcyODc1OA==&mid=2247488609&idx=1&sn=aa926bf3d6d405d7066fbe28778c457f) + - [ ] [oscp之Kioptrix Level 1靶场](https://mp.weixin.qq.com/s?__biz=Mzk1NzIyODczMA==&mid=2247483766&idx=1&sn=f0beaee5a096f4fb94efc0c4b7b2c7ac) + - [ ] [oscp之Kioptrix Level 2靶场](https://mp.weixin.qq.com/s?__biz=Mzk1NzIyODczMA==&mid=2247483764&idx=1&sn=af510dde395b41a55371c38779e56003) + - [ ] [oscp之Kioptrix Level 3靶场](https://mp.weixin.qq.com/s?__biz=Mzk1NzIyODczMA==&mid=2247483763&idx=1&sn=6ed48b5384dfeb14a4ae2a424ecaa3e9) + - [ ] [新年红包封面派送第一波—6000发,先到先得~](https://mp.weixin.qq.com/s?__biz=Mzg4MTU4NTc2Nw==&mid=2247495119&idx=1&sn=a142f6c2c5b78db448c8e81bdf6959d2) + - [ ] [Spring Boot SpEL表达式注入](https://mp.weixin.qq.com/s?__biz=Mzg4MTU4NTc2Nw==&mid=2247495119&idx=2&sn=37204cbd2cf1d2f0cb8f26b27cbe8757) + - [ ] [x64 调用栈欺骗](https://mp.weixin.qq.com/s?__biz=MzAxODM5ODQzNQ==&mid=2247486407&idx=1&sn=1609112b647f5e4c95d0e5958a985c8c) + - [ ] [俄罗斯关联APT组织UAC-0063利用HATVIBE恶意软件对哈萨克斯坦发起“双击”间谍行动](https://mp.weixin.qq.com/s?__biz=Mzg3OTYxODQxNg==&mid=2247485624&idx=1&sn=63ef0a4493ed5749992be4e4b7e5ffef) + - [ ] [深度调查:图像情报核验缅甸某区域遭轰炸事件](https://mp.weixin.qq.com/s?__biz=Mzg3MDczNjcyNA==&mid=2247488900&idx=1&sn=cec8f81ae56b0b667a205ad766923cd9) + - [ ] [2024 Kali Linux黑客系统定制化魔改](https://mp.weixin.qq.com/s?__biz=MzkzMzg3MzMyOA==&mid=2247486370&idx=1&sn=b8d4e339cb57e68785ffd6573bf86755) + - [ ] [内推|合肥急招驻场渗透测试工程师,要求年前交接,年后正式进场,速投!](https://mp.weixin.qq.com/s?__biz=Mzg5MDA5NzUzNA==&mid=2247489269&idx=1&sn=92888448b0baaf4112e0033ad9d0cd2b) + - [ ] [西湖论剑 2025 Writeup](https://mp.weixin.qq.com/s?__biz=MzU3ODc2NTg1OA==&mid=2247491623&idx=1&sn=6c35eb67c2add8c4817f04ce45bc1faf) + - [ ] [星悦安全公开交流2群已建立,速加!](https://mp.weixin.qq.com/s?__biz=Mzg4MTkwMTI5Mw==&mid=2247488647&idx=1&sn=0b0eea18675e615be66f07438d6d30fa) + - [ ] [$40,000的RCE!](https://mp.weixin.qq.com/s?__biz=MzIzMTIzNTM0MA==&mid=2247496907&idx=1&sn=bf65d0102436150a0dc5482d51b5c998) + - [ ] [加密货币交易所之OKX](https://mp.weixin.qq.com/s?__biz=MzkyNzYzNTQ2Nw==&mid=2247484081&idx=1&sn=f9961b67353a7f332dfef8dd36d8990a) + - [ ] [【资料】拟任美国中央情报局局长的拉特克利夫及其家人](https://mp.weixin.qq.com/s?__biz=MzI2MTE0NTE3Mw==&mid=2651148624&idx=1&sn=576c40259107f8aabc30212443488fee) + - [ ] [2024年度总结 | 网络安全社团的蜕变与前行](https://mp.weixin.qq.com/s?__biz=MzU3MDU5NTA1MQ==&mid=2247499687&idx=1&sn=a30f484f51a78c72dcc13934cab0416e) + - [ ] [工具推荐 Windows应急响应的得力助手-Hawkeye](https://mp.weixin.qq.com/s?__biz=Mzg3OTUxNTU2NQ==&mid=2247490004&idx=1&sn=c71efdc86fe2c3d43d7909ea025b9a49) + - [ ] [SSRF](https://mp.weixin.qq.com/s?__biz=Mzg3OTUxNTU2NQ==&mid=2247490002&idx=1&sn=e641f844e1d2db88d1e130d70cf87c97) + - [ ] [一次通用cnvd案例分享](https://mp.weixin.qq.com/s?__biz=Mzg3OTUxNTU2NQ==&mid=2247490002&idx=2&sn=d5528443216703026dbb5befe50a87c2) + - [ ] [【麦当劳|金拱门双人桶【祝你今年金拱门】【可配送】|多店可用】](https://mp.weixin.qq.com/s?__biz=Mzg3OTUxNTU2NQ==&mid=2247490002&idx=3&sn=06d37b661e8a81b5a804820a09d902eb) + - [ ] [记一次CNNVD通用漏洞证书挖掘](https://mp.weixin.qq.com/s?__biz=MzkyMDY1MDI3OA==&mid=2247483794&idx=1&sn=31e5bf60bafe8e52c06509a0827328b2) + - [ ] [公众号交流三群建立了!快来扫码加入](https://mp.weixin.qq.com/s?__biz=MzkwODI1ODgzOA==&mid=2247506590&idx=1&sn=1ea25d3d719803180b9a2b6d047b799d) + - [ ] [渗透攻防武器库,最后一波了!hacker](https://mp.weixin.qq.com/s?__biz=Mzk0ODM0NDIxNQ==&mid=2247493317&idx=1&sn=f2cdb4363ec6b28c0ca9811ec6899711) + - [ ] [【靶场合集】CTF-2024春秋杯冬季赛:easy_code](https://mp.weixin.qq.com/s?__biz=Mzk0ODM0NDExMg==&mid=2247484553&idx=1&sn=71339b1dc0ce698595ada4e5c686c983) + - [ ] [驾驶舱域控制器虚拟化平台的运行时安全](https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247619796&idx=1&sn=2b4afa38d99946f5b8aa6907c5c8d58e) + - [ ] [GB_T 44778-2024 汽车诊断接口信息安全技术要求及试验方法](https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247619796&idx=2&sn=00be9fb4e3587ff3c7ef45f098acad21) + - [ ] [功能安全和信息安全的挑战:设计功能安全与信息安全之间的流程接口](https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247619796&idx=3&sn=e571a326437e3343d9e100a2d854a8cb) + - [ ] [保姆级教学之sqli-labs(less54-65)](https://mp.weixin.qq.com/s?__biz=Mzk1NzQwNjQ4Ng==&mid=2247484551&idx=1&sn=94fd6238c052ac5fbfcd501a9b205100) + - [ ] [2024年公众号赞赏计划说明](https://mp.weixin.qq.com/s?__biz=MzU1NDkwMzAyMg==&mid=2247502667&idx=1&sn=9e980805fcf6f1fa7a39ce857c57159a) + - [ ] [红包封面](https://mp.weixin.qq.com/s?__biz=MzI3NzI4OTkyNw==&mid=2247489545&idx=1&sn=61afc62a4e4f2bc26d23c139406b90d4) + - [ ] [域渗透系列 - 通过 DNS 进行Kerberos Relay](https://mp.weixin.qq.com/s?__biz=MzkyNzQzNzc3OQ==&mid=2247484366&idx=1&sn=319ac331499931353829a877e7b50aa8) + - [ ] [国家互联网应急中心通报两起美方对我国网络攻击事件](https://mp.weixin.qq.com/s?__biz=MzAxMjE3ODU3MQ==&mid=2650606800&idx=2&sn=f168ef1b7124f595f365e6c984b29b5a) + - [ ] [盲盒=赌具?你以为的“盲盒游戏”实际上是一场网络赌博!](https://mp.weixin.qq.com/s?__biz=MzI0NzE4ODk1Mw==&mid=2652094640&idx=2&sn=fe86741e8142c1c02ff5237d0cfbdb01) + - [ ] [强的飞起!推荐一款国产源码交付,IoT农业灌溉/大田监控项目接单神器,轻松搭建智慧农业物联网平台](https://mp.weixin.qq.com/s?__biz=MjM5OTA4MzA0MA==&mid=2454936646&idx=1&sn=f82de9b38d8d99b32477ffb454c02677) + - [ ] [【安全圈】可能对企业产生严重影响:字节跳动飞书海外版Lark也将在美国市场停止运营](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067480&idx=1&sn=c2d0bb267baf11570d6e3253fa3ff4fe) + - [ ] [【安全圈】微软已经修复Microsoft 365在Windows Server 2016/2019上崩溃的问题](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067480&idx=2&sn=e94b5cb3a624cdca3e6452bf7c79d7a8) + - [ ] [【安全圈】FTC 要求通用汽车停止收集和销售驾驶员数据](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067480&idx=3&sn=220a3c1eb7166bba53400942dfa9cab1) + - [ ] [【安全圈】CL-UNK-0979 利用 Ivanti Connect Secure 中的零日漏洞获取网络访问权限](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067480&idx=4&sn=8dc7094933166fceeb2e467f38e23545) + - [ ] [抽奖啦!](https://mp.weixin.qq.com/s?__biz=MzkwMDQ4MDU2MA==&mid=2247484428&idx=1&sn=4597cfcde4c09ed5ac897164ad30f5e7) + - [ ] [【CobaltStrike】CS4.9.1 特战版 | 自破解+二开+BUG修复+配置优化](https://mp.weixin.qq.com/s?__biz=Mzg5NzUyNTI1Nw==&mid=2247496347&idx=1&sn=80922d559ccaec11588d8ba216b8a118) + - [ ] [AutoSar——28通讯控制](https://mp.weixin.qq.com/s?__biz=MzIzOTc2OTAxMg==&mid=2247549131&idx=1&sn=47986fbf719434864b857903c3f75893) + - [ ] [车载以太网与CAN通信之间的区别](https://mp.weixin.qq.com/s?__biz=MzIzOTc2OTAxMg==&mid=2247549131&idx=2&sn=529ff1a8d6e0e5c362e89a69dfc580b8) + - [ ] [大路:高速中国里的工地纪事](https://mp.weixin.qq.com/s?__biz=MzUzMjQyMDE3Ng==&mid=2247487918&idx=1&sn=62fa743b6f7cd093a352b0917f89a0e8) + - [ ] [知识星球xa0|xa02024网安报告大合集发布;API安全影响、网安战略技术等资源更新](https://mp.weixin.qq.com/s?__biz=MzU5ODgzNTExOQ==&mid=2247634752&idx=1&sn=47de4a43e1fc9566de098c763aa7fd6e) + - [ ] [以太网三大链路类型对比:如何选择Access、Trunk或Hybrid?](https://mp.weixin.qq.com/s?__biz=MzIyMzIwNzAxMQ==&mid=2649464561&idx=1&sn=c2bc71bfe1f649400cf47ed28a2989f6) + - [ ] [揭秘俄罗斯人力情报的全新布局](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650559015&idx=1&sn=37962d35fd4ae69a3f4a81abdff654e7) + - [ ] [渗透测试信息收集指南](https://mp.weixin.qq.com/s?__biz=Mzk0Mjg4MTQxMw==&mid=2247485699&idx=1&sn=4fd6df9190ce90e533d1295d9cf63761) + - [ ] [网络工程师:如何在职场中越老越吃香?掌握这几点,你也能越老越牛!](https://mp.weixin.qq.com/s?__biz=MzUyNTExOTY1Nw==&mid=2247527921&idx=1&sn=63a793fb3dda03d616d12f4df6d2bcfc) + - [ ] [终究是比不过天赋型选手](https://mp.weixin.qq.com/s?__biz=MzIxMTg1ODAwNw==&mid=2247500453&idx=1&sn=1626f0950b23540cba8a39155a446362) + - [ ] [ChatGPT快速审定保险学论文的内部高阶攻略:让论文问题无处藏身!](https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247493244&idx=1&sn=639ee3363c8eaf632543afb9f20f9893) + - [ ] [ChatGPT快速审核比较教育学论文的内部命令指南,1分钟洞察论文问题!](https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247493244&idx=2&sn=643c579b7d7b8267c6a1b523c90ba225) + - [ ] [ChatGPT快速审核法律事务论文的内部秘笈,实用干货全公开!](https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247493244&idx=3&sn=586b5a51d429f8aec48fa0c985f1134c) + - [ ] [ChatGPT快速审核社会法学论文全流程攻略,8分钟找准论文硬伤!](https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247493244&idx=4&sn=81fc0ad275d42828e13ab4954d535d22) + - [ ] [ChatGPT临床检验诊断学论文高效生成:教你快速搞定论文初稿。](https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247493244&idx=5&sn=9be789a4e71f76910c9c45fa8a96a7c6) + - [ ] [微信红包封面免费领取~](https://mp.weixin.qq.com/s?__biz=Mzg3NzkwMTYyOQ==&mid=2247488278&idx=1&sn=dbbadf5a98a72572f4deedfa9ecd5190) + - [ ] [直播倒计时2天:在企业做安全和对外做安全产品有什么差异?](https://mp.weixin.qq.com/s?__biz=MzIyOTAxOTYwMw==&mid=2650236931&idx=1&sn=5b12e1b5c57ec2f8e03facbaa312a866) + - [ ] [干货|常见端口渗透总结](https://mp.weixin.qq.com/s?__biz=MzkxMzMyNzMyMA==&mid=2247569839&idx=1&sn=c5b75f38a7dd5da15b4c7381bde02227) + - [ ] [【珍藏版】渗透测试手册,简直太赞了!](https://mp.weixin.qq.com/s?__biz=MzkxMzMyNzMyMA==&mid=2247569839&idx=2&sn=9749b0b4b3339dac6ee664fbb267dc90) + - [ ] [盘点万亿市值的Palantir在2024年拿下的至少87亿的美军合同都是啥](https://mp.weixin.qq.com/s?__biz=MzI1OTExNDY1NQ==&mid=2651618708&idx=1&sn=8ac9059513377c114628bba994559513) + - [ ] [独家揭秘!美国对华网络攻击已超出传统范围](https://mp.weixin.qq.com/s?__biz=MzkwMTMyMDQ3Mw==&mid=2247597515&idx=2&sn=b9d050cc626f12c62ae6d30eec33fe89) + - [ ] [这家银行因数据管理不到位等而被罚](https://mp.weixin.qq.com/s?__biz=MzIxMDIwODM2MA==&mid=2653931452&idx=1&sn=30dbf45bf12270ee3cd789f4a0e1f7a2) + - [ ] [TikTok在美国停止服务的影响及市场变化分析](https://mp.weixin.qq.com/s?__biz=Mzg4NDY4Mzk3Mw==&mid=2247485502&idx=1&sn=2261338e55f0d49fcd9474dfc082ca85) + - [ ] [公众号交流二群建立了!快来扫码加入](https://mp.weixin.qq.com/s?__biz=MzkwODI1ODgzOA==&mid=2247506582&idx=2&sn=f2c8ea570afdb6c8f7f986373645798b) + - [ ] [KONE-通力电梯管理系统-app_show_log_lines.php-任意文件读取漏洞](https://mp.weixin.qq.com/s?__biz=MzkyOTg3ODc5OA==&mid=2247484259&idx=1&sn=888da6c5443cb2f2ae0c03c3c922dd17) + - [ ] [【工具推荐】一款渗透测试信息收集集成工具--密探 v1.19 版](https://mp.weixin.qq.com/s?__biz=MzkzMDg1MzIwNA==&mid=2247486619&idx=1&sn=a495cb820bd0b97ffd0e75d04cfb8d5a) + - [ ] [【实战案例】记一次通过供应链测试系统拿下靶标的经过](https://mp.weixin.qq.com/s?__biz=MzkyNDYwNTcyNA==&mid=2247487390&idx=1&sn=4615335088b00024e9434956e4255034) + - [ ] [【工具分享】Swagger API Exploit 1.2 - 信息泄露利用工具](https://mp.weixin.qq.com/s?__biz=Mzg4MTkwMTI5Mw==&mid=2247488641&idx=1&sn=af12c4534abac0d07a82bbdb894ba5a7) + - [ ] [吃瓜,培训一哥起诉某公众号索赔50W](https://mp.weixin.qq.com/s?__biz=Mzk0MzY3MDE5Mg==&mid=2247483950&idx=1&sn=ed1b379191fd847a0dbd6880684af211) + - [ ] [救命!!!我真的学会了RMI远程方法调用](https://mp.weixin.qq.com/s?__biz=MzkzNzU5MDMxOA==&mid=2247484226&idx=1&sn=461786564bedfa8b4bcf3ac4724f564c) + - [ ] [HuntBack让黑客无处遁形](https://mp.weixin.qq.com/s?__biz=MzkxMTUwOTY1MA==&mid=2247490031&idx=1&sn=a1f7ad20f610a113f1046bfeee312d78) + - [ ] [K8S集群与应用系统之间关系梳理](https://mp.weixin.qq.com/s?__biz=Mzg3NTUzOTg3NA==&mid=2247515062&idx=1&sn=075664f6f645944dad48e9489a48acbb) + - [ ] [更优雅的nignx内存马后门 | ebpf 内核马](https://mp.weixin.qq.com/s?__biz=Mzk1NzE0ODk3Nw==&mid=2247490404&idx=1&sn=2d6bb4d4aa0b816671fdb5a1c720cf67) + - [ ] [浅谈迪菲赫尔曼密钥交换算法](https://mp.weixin.qq.com/s?__biz=MzAwNTc5MTMyNg==&mid=2247500100&idx=1&sn=b5c374bd03a5274cba5910d9d3a26b89) + - [ ] [饶志宏 | 构筑网络空间安全主动防御体系](https://mp.weixin.qq.com/s?__biz=Mzg4MDU0NTQ4Mw==&mid=2247528735&idx=1&sn=af82df22e9bbc7b90f6a7bff8ac9483f) + - [ ] [专家解读 | 建设可信数据空间,打造新型数据基础设施](https://mp.weixin.qq.com/s?__biz=Mzg4MDU0NTQ4Mw==&mid=2247528735&idx=2&sn=5db52b34f260efee2cbabd9f8161f1f6) + - [ ] [揭秘Android RAT程序:权限滥用与案例分析](https://mp.weixin.qq.com/s?__biz=Mzg2OTU3MzI1OQ==&mid=2247485515&idx=1&sn=af8b4b349e5b0fc56e39fc7442f9d4b9) + - [ ] [中央网信办启动“清朗·2025年春节网络环境整治”专项行动](https://mp.weixin.qq.com/s?__biz=MzUzNjkxODE5MA==&mid=2247488116&idx=1&sn=7d7335dcba54760679a97a688b9494c8) + - [ ] [ISO 14001: 2015 标准详解与实施(17)7.5 文件化信息](https://mp.weixin.qq.com/s?__biz=MzA5OTEyNzc1Nw==&mid=2247485957&idx=1&sn=f314736bad7328324e5dbab086cc6fbc) + - [ ] [ISO 14001: 2015 标准详解与实施(16)7.4 信息交流](https://mp.weixin.qq.com/s?__biz=MzA5OTEyNzc1Nw==&mid=2247485957&idx=2&sn=6476becda88cde2f67f9388df289d55e) + - [ ] [ISO 14001: 2015 标准详解与实施(15)7.3 意识](https://mp.weixin.qq.com/s?__biz=MzA5OTEyNzc1Nw==&mid=2247485957&idx=3&sn=888996499eb4807b9b2aa2f4dc6a9e6b) + - [ ] [ISO 14001: 2015 标准详解与实施(13)7.1 资源](https://mp.weixin.qq.com/s?__biz=MzA5OTEyNzc1Nw==&mid=2247485957&idx=5&sn=0a40ae02d454f03cd52b812d3921490e) + - [ ] [【2025-01-19】每日安全资讯](https://mp.weixin.qq.com/s?__biz=MzIzNDU5NTI4OQ==&mid=2247488320&idx=1&sn=6d342d8bea1a7d4e4d31fa9f9e79bf14) + - [ ] [区块链 智能合约安全 | 回滚攻击](https://mp.weixin.qq.com/s?__biz=MzUyODkwNDIyMg==&mid=2247547396&idx=1&sn=dd36ead706ea97fab71e7281fffcf75c) + - [ ] [tiktok已无法使用😂](https://mp.weixin.qq.com/s?__biz=MzkzNDIzNDUxOQ==&mid=2247494398&idx=1&sn=e64737d718dd422c5356eb94cf751086) + - [ ] [银狐肆虐,小白该如何防范,如何自动化狩猎钓鱼站点---文末附自动化检测程序](https://mp.weixin.qq.com/s?__biz=MzU4NTg4MzIzNA==&mid=2247484329&idx=1&sn=20c31baba359a00aaa54f36bd93f9bcd) + - [ ] [深化网络安全合作,共商情感管理 —— 记1月18日重要电话会谈](https://mp.weixin.qq.com/s?__biz=MzkyMTQzNTM3Ng==&mid=2247483889&idx=1&sn=8ca317a40bb5f24e50d0f00e1c5306ae) + - [ ] [灵蛇献瑞,福满乾坤](https://mp.weixin.qq.com/s?__biz=MzI1ODM1MjUxMQ==&mid=2247494410&idx=1&sn=45fe1b3463f34af5c35aa7b62cfd7cc3) + - [ ] [赛题记录 | 2025西湖论剑两道WEB的一些思考](https://mp.weixin.qq.com/s?__biz=MzkwMzQyMTg5OA==&mid=2247486681&idx=1&sn=3a0fd0f13894f31de83d8dd72d4dd846) + - [ ] [巴塞罗那,何以成为世界间谍软件初创中心?](https://mp.weixin.qq.com/s?__biz=MzkzNjE5NjQ4Mw==&mid=2247543307&idx=1&sn=24802d280d3d002dd86da86d1b78591c) + - [ ] [2025黑客入门教程(非常详细)从零基础入门到精通,看完这一篇就够了](https://mp.weixin.qq.com/s?__biz=Mzk1NzMwNTM5NQ==&mid=2247483844&idx=1&sn=b1a288bed4d824126b3d8719308cc24c) + - [ ] [安天网络行为检测能力升级通告(20250119)](https://mp.weixin.qq.com/s?__biz=MjM5MTA3Nzk4MQ==&mid=2650209598&idx=1&sn=5e5e2d6ece7346b23318db96d9226467) + - [ ] [物联网产业规模和连接数规模测算方法工作座谈会顺利召开](https://mp.weixin.qq.com/s?__biz=MzU1OTUxNTI1NA==&mid=2247592142&idx=1&sn=13b8eae44ec33e417928428f63273aa5) + - [ ] [工业互联网标识解析体系全面建成,奋力构筑信息通信业全面深化改革新图景](https://mp.weixin.qq.com/s?__biz=MzU1OTUxNTI1NA==&mid=2247592142&idx=2&sn=d03d0ae9dc1884dec9666278ea81b04e) + - [ ] [R3 RootKit病毒技术研究入门](https://mp.weixin.qq.com/s?__biz=MzA4ODEyODA3MQ==&mid=2247490049&idx=1&sn=eec060b016a2c2c48b9a5a5a5a6ef745) + - [ ] [攻防技战术动态一周更新 - 20250113](https://mp.weixin.qq.com/s?__biz=MzkzODc4NjE1OQ==&mid=2247483907&idx=1&sn=486fd11536298725e1e9a848a267a9af) + - [ ] [【反面案例】少量生物数据被暴露在公网](https://mp.weixin.qq.com/s?__biz=MzkzNDIzNDUxOQ==&mid=2247494391&idx=1&sn=9a46670c6f765c8770ae558d75f02cb5) + - [ ] [apt 的归因就没看到让人信服的](https://mp.weixin.qq.com/s?__biz=MzkzNDIzNDUxOQ==&mid=2247494391&idx=2&sn=969e7797f3c4f1ced0997799d459d83b) + - [ ] [小某书为新闻采集唯一真神](https://mp.weixin.qq.com/s?__biz=MzkzNDIzNDUxOQ==&mid=2247494391&idx=3&sn=bdccdf154b778c993f48b58ce8b8193b) + - [ ] [哟,搁这玩反差呢。](https://mp.weixin.qq.com/s?__biz=Mzk0MzY3MDE5Mg==&mid=2247483946&idx=1&sn=eef0c77d553e635745a380f04e3a5e3e) + - [ ] [2025年十大最佳漏洞管理工具](https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651312409&idx=1&sn=cb68df3d11a9480a16e2eab801cc662c) + - [ ] [Google Ads用户成恶意广告诈骗新目标,凭据及双因素认证码被盗](https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651312409&idx=3&sn=d3e1c0a64ae860400058cb81618f1fc3) + - [ ] [SuperdEye:一款基于纯Go实现的间接系统调用执行工具](https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651312409&idx=4&sn=a81099ae3c74511c3ebc897f37b2d848) + - [ ] [Spring框架—基础学习](https://mp.weixin.qq.com/s?__biz=Mzk0ODY1NzEwMA==&mid=2247485908&idx=1&sn=0f6a61387171d5f21da91dd84a294e06) + - [ ] [【新年抽奖】一周速成反混淆大师-秒杀变种控制流平坦化(ollvm)](https://mp.weixin.qq.com/s?__biz=MzI1Mjk2MTM1OQ==&mid=2247485300&idx=1&sn=e32bfd9075a39ac821bd3a6ab1424f89) + - [ ] [固件安全分析之符号表恢复技术](https://mp.weixin.qq.com/s?__biz=MjM5MjEyMTcyMQ==&mid=2651037421&idx=1&sn=c4127ac756e63ebc1597aaa82d755d7e) + - [ ] [YD∕T 6032-2024 面向家庭宽带场景的IPv6安全隔离技术要求](https://mp.weixin.qq.com/s?__biz=MjM5OTk4MDE2MA==&mid=2655264115&idx=4&sn=a3b1cfc4b3c623b8d0278793a4e02e3f) + - [ ] [YD∕T 6041-2024 5G移动通信网 核心网网络切片增强技术要求(第二阶段)](https://mp.weixin.qq.com/s?__biz=MjM5OTk4MDE2MA==&mid=2655264115&idx=5&sn=59f216e1b9a569919f11ca3b30bd0b87) + - [ ] [YD∕T 6058-2024 面向车联网应用场景的高精度定位总体技术要求](https://mp.weixin.qq.com/s?__biz=MjM5OTk4MDE2MA==&mid=2655264115&idx=6&sn=31a0921bbb405761eb3588c9c3cabd2e) + - [ ] [YD∕T 6101-2024 深度包检测策略信息库智能管理技术要求](https://mp.weixin.qq.com/s?__biz=MjM5OTk4MDE2MA==&mid=2655264115&idx=7&sn=9b641925ee0f057e6ad96c5721ca2b49) + - [ ] [YD∕T 4565-2023 物联网安全态势感知技术要求](https://mp.weixin.qq.com/s?__biz=MjM5OTk4MDE2MA==&mid=2655264115&idx=8&sn=4a5088a2479b1ea6f5d2fce512b036ad) + - [ ] [既怕兄弟苦又怕兄弟开路虎()o(╥﹏╥)o)](https://mp.weixin.qq.com/s?__biz=Mzk0MzY3MDE5Mg==&mid=2247483938&idx=1&sn=92e645ae20f8705c8b20cd9f91848c84) + - [ ] [西湖论剑WriteUp](https://mp.weixin.qq.com/s?__biz=MzkyMDY5OTg5OA==&mid=2247493338&idx=1&sn=964783a401a2539239644bbccf4ff43e) + - [ ] [解锁企业持续增长的密钥——深入探索企业战略规划方法论(附PPT下载)](https://mp.weixin.qq.com/s?__biz=MzkyODY5ODAyOA==&mid=2247489312&idx=1&sn=4fe2d267861399d0a7097a2920ad121a) + - [ ] [网安原创文章推荐【2025/1/18】](https://mp.weixin.qq.com/s?__biz=MzAxNzg3NzMyNQ==&mid=2247489469&idx=1&sn=b7c1fc722653e74c14d51d4b187836f8) + - [ ] [盘点一下各种奇葩的删库跑路事件](https://mp.weixin.qq.com/s?__biz=MzUzNjkxODE5MA==&mid=2247488110&idx=1&sn=5af4bf3456d5a9f636d31cf2204f7298) + - [ ] [涉案2000万!网警成功侦破一起特大“造谣引流”网络水军案;](https://mp.weixin.qq.com/s?__biz=MzAxMjE3ODU3MQ==&mid=2650606800&idx=1&sn=ec4b2cd3fc2d252b1d3d3b622692d78f) + - [ ] [攻防实战,进入某校内网](https://mp.weixin.qq.com/s?__biz=MzAxMjE3ODU3MQ==&mid=2650606800&idx=3&sn=990d0438b26e59119c79ba0c75cc675d) + - [ ] [一款微信小程序源码包信息收集工具,根据已有项目改编](https://mp.weixin.qq.com/s?__biz=MzAxMjE3ODU3MQ==&mid=2650606800&idx=4&sn=4735e4f51b9fdd9e26d3e719ec291843) + - [ ] [.NET内网实战:通过 findstr 快速获取数据库连接密码](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498317&idx=1&sn=a5fbee0aae201e4dfbe1b11cd8875574) + - [ ] [.NET 安全攻防知识交流社区](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498317&idx=2&sn=d7ca7d91aa1a789626ddce7bc16645ad) + - [ ] [.NET 第55期红队武器库和资源汇总](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498317&idx=3&sn=e32ddb9164eebb4dbe090802a5ff5d22) +- Recent Commits to cve:main + - [ ] [Update Sun Jan 19 20:27:53 UTC 2025](https://github.com/trickest/cve/commit/7e1f2063923cfa93d78465725760773477e387aa) + - [ ] [Update Sun Jan 19 12:26:12 UTC 2025](https://github.com/trickest/cve/commit/82640a9c27a9871a0f3f4be31b4606aa2dfa2dca) + - [ ] [Update Sun Jan 19 04:16:39 UTC 2025](https://github.com/trickest/cve/commit/dc028ae10989ac4ee92b70cb89ffeb4bd20660b6) +- 一个被知识诅咒的人 + - [ ] [Python中的函数式编程:使用map、filter和reduce提升代码表达力](https://blog.csdn.net/nokiaguy/article/details/145243904) + - [ ] [【Python运维】日志分析与监控:用Python进行日志聚合与异常检测的全面指南](https://blog.csdn.net/nokiaguy/article/details/145243887) +- Twitter @Nicolas Krassas + - [ ] [TikTok Goes Dark in the U.S. as Federal Ban Takes Effect January 19, 2025 https://thehackernews.com/2025/01/tiktok-goes-dark-in-us-as-federal-ban.html](https://x.com/Dinosn/status/1880868881063186864) + - [ ] [FCC to telcos: By law you must secure your networks from foreign spies. Get on it https://go.theregister.com/feed/www.theregister.com/2025/01/17/fcc_t...](https://x.com/Dinosn/status/1880824957879697869) + - [ ] [CVE-2024-55591: Follow up: Authentication Bypass Vulnerability in Fortinet FortiOS and FortiProxy https://arcticwolf.com/resources/blog/cve-2024-55591...](https://x.com/Dinosn/status/1880824876187144375) + - [ ] [FTC cracks down on Genshin Impact gacha loot box practices https://www.bleepingcomputer.com/news/gaming/ftc-cracks-down-on-genshin-impact-gacha-loot-b...](https://x.com/Dinosn/status/1880824780108317066) + - [ ] [MITRE Launches D3FEND 1.0 to Standardize Cybersecurity Techniques for Countering Threats https://cybersecuritynews.com/mitre-launches-d3fend-1-0/](https://x.com/Dinosn/status/1880824684910174639) + - [ ] [TikTok Says It Will ‘Go Dark’ Unless It Gets Clarity From Biden Following Supreme Court Ruling https://www.securityweek.com/tiktok-says-it-will-go-d...](https://x.com/Dinosn/status/1880824616345850324) + - [ ] [Treasury Levels Sanctions Tied to a Massive Hack of Telecom Companies and Breach of Its Own Network https://www.securityweek.com/treasury-levels-sanct...](https://x.com/Dinosn/status/1880824543889281362) + - [ ] [HTB: MonitorsThree https://0xdf.gitlab.io/2025/01/18/htb-monitorsthree.html](https://x.com/Dinosn/status/1880824428923408539) + - [ ] [FTC orders GM to stop collecting and selling driver’s data https://www.bleepingcomputer.com/news/legal/ftc-orders-gm-to-stop-collecting-and-selling-d...](https://x.com/Dinosn/status/1880824364985442688) + - [ ] [Lazarus APT Targets Job Seekers with “Contagious Interview” Campaign Using ClickFix Technique https://securityonline.info/lazarus-apt-targets-job-se...](https://x.com/Dinosn/status/1880824305753468968) + - [ ] [ShellSweep: detect potential webshell files in a specified directory https://meterpreter.org/shellsweep-detect-potential-webshell-files-in-a-specified...](https://x.com/Dinosn/status/1880824176409505795) + - [ ] [Krueger: Proof of Concept (PoC) .NET tool for remotely killing EDR with WDAC https://meterpreter.org/krueger-proof-of-concept-poc-net-tool-for-remotel...](https://x.com/Dinosn/status/1880824040413376783) +- Armin Ronacher's Thoughts and Writings + - [ ] [Automatic Server Reloading in Rust on Change: What is listenfd/systemfd?](http://lucumr.pocoo.org/2025/1/19/what-is-systemfd) +- Twitter @bytehx + - [ ] [Re @RootxRavi @Bugcrowd Congrats 🎉](https://x.com/bytehx343/status/1880802330616168804) +- Blogs dade + - [ ] [Weekly Retro 2025-W03](https://0xda.de/blog/2025/01/weekly-retro-2025-w03/) +- Bug Bounty in InfoSec Write-ups on Medium + - [ ] [How I Utilized AI to Discover an Amazon S3 Bucket Takeover Vulnerability in Red Bull’s Bug Bounty…](https://infosecwriteups.com/how-i-utilized-ai-to-discover-an-amazon-s3-bucket-takeover-vulnerability-in-red-bulls-bug-bounty-503d3c4d995f?source=rss----7b722bfd1b8d--bug_bounty) + - [ ] [Finding my First SQL Injection On HackerOne](https://infosecwriteups.com/finding-my-first-sql-injection-on-hackerone-6a031ab5aa1c?source=rss----7b722bfd1b8d--bug_bounty) + - [ ] [Plan Ristriction Bypass for Slack Integration: 500$ Improper Validation Check Bug](https://infosecwriteups.com/plan-ristriction-bypass-for-slack-integration-500-improper-validation-check-bug-0c1acf6f01d3?source=rss----7b722bfd1b8d--bug_bounty) + - [ ] [User Enumeration: From Overlooked to Medium-Impact Bug](https://infosecwriteups.com/user-enumeration-from-overlooked-to-medium-impact-bug-48bbefa2ab3b?source=rss----7b722bfd1b8d--bug_bounty) + - [ ] [Exploiting IDOR in a Support Portal Chatbot](https://infosecwriteups.com/exploiting-idor-in-a-support-portal-chatbot-f1d0617bace1?source=rss----7b722bfd1b8d--bug_bounty) +- Reverse Engineering + - [ ] [Reverse-engineering a carry-lookahead adder in the Pentium](https://www.reddit.com/r/ReverseEngineering/comments/1i4oek3/reverseengineering_a_carrylookahead_adder_in_the/) +- 奇客Solidot–传递最新科技情报 + - [ ] [手游 Marvel Snap 因 TikTok 禁令从应用商店下架](https://www.solidot.org/story?sid=80372) + - [ ] [就业市场上的权力天平倾向了雇主](https://www.solidot.org/story?sid=80371) + - [ ] [对 TikTok 的禁令可能扩散到美国盟国](https://www.solidot.org/story?sid=80370) + - [ ] [TikTok 关闭美国服务](https://www.solidot.org/story?sid=80369) +- 黑海洋 - IT技术知识库 + - [ ] [Emby TV 安卓电视端 使用教程](https://blog.upx8.com/4674) +- 安全分析与研究 + - [ ] [R3 RootKit病毒技术研究入门](https://mp.weixin.qq.com/s?__biz=MzA4ODEyODA3MQ==&mid=2247490049&idx=1&sn=eec060b016a2c2c48b9a5a5a5a6ef745&chksm=902fb529a7583c3f0a2b0935cfd9f3df6108088566ca52d5bd9df83588d2b382a01ee1757d28&scene=58&subscene=0#rd) +- 青衣十三楼飞花堂 + - [ ] [大路:高速中国里的工地纪事](https://mp.weixin.qq.com/s?__biz=MzUzMjQyMDE3Ng==&mid=2247487918&idx=1&sn=62fa743b6f7cd093a352b0917f89a0e8&chksm=fab2d291cdc55b87d7b94cecfbd60540e362d1a5c59f44c62911d214c10d2bce471e9c680efd&scene=58&subscene=0#rd) +- 丁爸 情报分析师的工具箱 + - [ ] [【资料】拟任美国中央情报局局长的拉特克利夫及其家人](https://mp.weixin.qq.com/s?__biz=MzI2MTE0NTE3Mw==&mid=2651148624&idx=1&sn=576c40259107f8aabc30212443488fee&chksm=f1af266ac6d8af7c3bec1081deebb88f2250a0d00614bd70fa3795f753849ec277a9f8463a5b&scene=58&subscene=0#rd) +- dotNet安全矩阵 + - [ ] [.NET内网实战:通过 findstr 快速获取数据库连接密码](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498317&idx=1&sn=a5fbee0aae201e4dfbe1b11cd8875574&chksm=fa5954a0cd2eddb64b0d918c03c9bcd317a860e08c6e4b8154b1b5af1c4146c88ad78be379c2&scene=58&subscene=0#rd) + - [ ] [.NET 安全攻防知识交流社区](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498317&idx=2&sn=d7ca7d91aa1a789626ddce7bc16645ad&chksm=fa5954a0cd2eddb61fd6d64dce4872114b6810630ff226c508b9b940b8bf43a1c5061b1f1e2e&scene=58&subscene=0#rd) + - [ ] [.NET 第55期红队武器库和资源汇总](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498317&idx=3&sn=e32ddb9164eebb4dbe090802a5ff5d22&chksm=fa5954a0cd2eddb69193b05c5c3ffb37d6bff2b7cf2d0c2bfc9a329b7586a39b74d3010d81c3&scene=58&subscene=0#rd) +- 安全圈 + - [ ] [【安全圈】可能对企业产生严重影响:字节跳动飞书海外版Lark也将在美国市场停止运营](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067480&idx=1&sn=c2d0bb267baf11570d6e3253fa3ff4fe&chksm=f36e7ad8c419f3ce38cfc35ec6bd2c637b49c85b101d0b057484bc1ace20d684457a77a7a7eb&scene=58&subscene=0#rd) + - [ ] [【安全圈】微软已经修复Microsoft 365在Windows Server 2016/2019上崩溃的问题](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067480&idx=2&sn=e94b5cb3a624cdca3e6452bf7c79d7a8&chksm=f36e7ad8c419f3cef73c242196a8499de4c2c79ec90ca98bd662ee5575f6ac22d4041dcd89d4&scene=58&subscene=0#rd) + - [ ] [【安全圈】FTC 要求通用汽车停止收集和销售驾驶员数据](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067480&idx=3&sn=220a3c1eb7166bba53400942dfa9cab1&chksm=f36e7ad8c419f3ce7eec3c9934f5c50798a83c044de9ed8607edfb8e503cd95268521f790488&scene=58&subscene=0#rd) + - [ ] [【安全圈】CL-UNK-0979 利用 Ivanti Connect Secure 中的零日漏洞获取网络访问权限](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067480&idx=4&sn=8dc7094933166fceeb2e467f38e23545&chksm=f36e7ad8c419f3ce413fdcd09b7fbf2c3828fe34b5aca8c6a3b0d570a1f213c166b9943c4be8&scene=58&subscene=0#rd) +- 情报分析师 + - [ ] [揭秘俄罗斯人力情报的全新布局](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650559015&idx=1&sn=37962d35fd4ae69a3f4a81abdff654e7&chksm=87117c6cb066f57aa21d4ea03c2085ec0beb649116bd42891f430041cf6993324f15a4dcce41&scene=58&subscene=0#rd) +- 极客公园 + - [ ] [时隔 8 年,任天堂 Switch 2 终于来了,你买吗!](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653072331&idx=1&sn=2f8f2f9d50771b9c3f15cac061f8cff5&chksm=7e57d67d49205f6b80e31d9a0db91bdb72aeb161490952954a50f42f6e6407a71de7670d311a&scene=58&subscene=0#rd) + - [ ] [突发丨TikTok 在美停止服务,美区 iOS、安卓已下架](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653072318&idx=1&sn=39714f4d9915dd2b8a13f2ee5e0d1dc4&chksm=7e57d60849205f1e5b367c604a88c280ee2430767ce018c69a868cd6e0a3ace6cd34660af42f&scene=58&subscene=0#rd) + - [ ] [CES2025 结束后,我们发现这 15 个硬件最好玩](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653072318&idx=2&sn=01f4b2ec30208ccde2ff857f379c582f&chksm=7e57d60849205f1e587b175eb8e43d2af4043ce37102178a86e3559f30e72ee5496af3b47244&scene=58&subscene=0#rd) + - [ ] [特朗普称极有可能给 TT 90 天延期;淘宝成蛇年春晚电商互动平台;罗永浩:不是没有为 AIOS 做手机的可能 | 极客早知道](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653072306&idx=1&sn=89adf3a1ce8d4ba450cc7ac7f6979885&chksm=7e57d60449205f1299e2dbb972c999b2f84092c376740374ba2498ce61e97f58d6c8ad726960&scene=58&subscene=0#rd) +- 航行笔记 + - [ ] [直播倒计时2天:在企业做安全和对外做安全产品有什么差异?](https://mp.weixin.qq.com/s?__biz=MzIyOTAxOTYwMw==&mid=2650236931&idx=1&sn=5b12e1b5c57ec2f8e03facbaa312a866&chksm=f04ad2bfc73d5ba9b46c82cf018950f19f81242dba0075d77e4444c272175b419961197759d8&scene=58&subscene=0#rd) +- 墨菲安全 + - [ ] [直播倒计时2天:在企业做安全和对外做安全产品有什么差异?](https://mp.weixin.qq.com/s?__biz=MzkwOTM0MjI5NQ==&mid=2247488032&idx=1&sn=4979d3ea51fb5e28ee8336d903a77a65&chksm=c13d7118f64af80eba6460f7d74506ba94e2c442fbff6d2f97dd79f0130fe286619c24a178c3&scene=58&subscene=0#rd) +- 迪哥讲事 + - [ ] [$40,000的RCE!](https://mp.weixin.qq.com/s?__biz=MzIzMTIzNTM0MA==&mid=2247496907&idx=1&sn=bf65d0102436150a0dc5482d51b5c998&chksm=e8a5fea8dfd277be56fc6d30fe19c8d65094b9ea55e1628f0c5742c243d612eee6b973167e6b&scene=58&subscene=0#rd) +- Over Security - Cybersecurity news aggregator + - [ ] [Tear Down The Castle - Part 1](https://dfir.ch/posts/tear_down_castle_part_one/) + - [ ] [Tracking Adversaries: Ghostwriter APT Infrastructure](https://blog.bushidotoken.net/2025/01/tracking-adversaries-ghostwriter-apt.html) + - [ ] [TikTok is back up in the US after Trump says he will extend deadline](https://www.bleepingcomputer.com/news/software/tiktok-is-back-up-in-the-us-after-trump-says-he-will-extend-deadline/) + - [ ] [Star Blizzard hackers abuse WhatsApp to target high-value diplomats](https://www.bleepingcomputer.com/news/security/star-blizzard-hackers-abuse-whatsapp-to-target-high-value-diplomats/) + - [ ] [TikTok shuts down in the US as Trump throws the company a lifeline](https://www.bleepingcomputer.com/news/software/tiktok-shuts-down-in-the-us-as-trump-throws-the-company-a-lifeline/) +- SANS Internet Storm Center, InfoCON: green + - [ ] [Zero Trust and Entra ID Conditional Access, (Sun, Jan 19th)](https://isc.sans.edu/diary/rss/31602) +- ICT Security Magazine + - [ ] [Cybercrime 2025: Nuove Sfide per la Sicurezza Digitale](https://www.ictsecuritymagazine.com/notizie/cybercrime-2025/) +- Computer Forensics + - [ ] [Is there a way to recover the original timestamps of a folder or file in Windows?](https://www.reddit.com/r/computerforensics/comments/1i59xff/is_there_a_way_to_recover_the_original_timestamps/) + - [ ] [Hardware recommendations for a Cyber forensics student](https://www.reddit.com/r/computerforensics/comments/1i4po0t/hardware_recommendations_for_a_cyber_forensics/) +- netsecstudents: Subreddit for students studying Network Security and its related subjects + - [ ] [Landed my first internship. What should I do to prepare? How should I set up my homelab?](https://www.reddit.com/r/netsecstudents/comments/1i5aqac/landed_my_first_internship_what_should_i_do_to/) + - [ ] [LFI on DVWA can't open script in /tmp/](https://www.reddit.com/r/netsecstudents/comments/1i51u1q/lfi_on_dvwa_cant_open_script_in_tmp/) +- Social Engineering + - [ ] [Is there a way to see where a phone number is being held or quarantined ?](https://www.reddit.com/r/SocialEngineering/comments/1i53r6k/is_there_a_way_to_see_where_a_phone_number_is/) +- The Register - Security + - [ ] [OpenAI's ChatGPT crawler can be tricked into DDoSing sites, answering your queries](https://go.theregister.com/feed/www.theregister.com/2025/01/19/openais_chatgpt_crawler_vulnerability/) +- Security Affairs + - [ ] [SECURITY AFFAIRS MALWARE NEWSLETTER – ROUND 29](https://securityaffairs.com/173232/malware/security-affairs-malware-newsletter-round-29.html) + - [ ] [Security Affairs newsletter Round 507 by Pierluigi Paganini – INTERNATIONAL EDITION](https://securityaffairs.com/173227/uncategorized/security-affairs-newsletter-round-507-by-pierluigi-paganini-international-edition.html) + - [ ] [A flaw in the W3 Total Cache plugin exposes hundreds of thousands of WordPress sites to attacks](https://securityaffairs.com/173219/security/w3-total-cache-wordpress-plugin-cve-2024-12365.html) +- Hacking Exposed Computer Forensics Blog + - [ ] [Daily Blog #721: Solution Saturday 1/18/25](https://www.hecfblog.com/2025/01/daily-blog-721-solution-saturday-11825.html) +- The Hacker News + - [ ] [TikTok Goes Dark in the U.S. as Federal Ban Takes Effect January 19, 2025](https://thehackernews.com/2025/01/tiktok-goes-dark-in-us-as-federal-ban.html) +- TorrentFreak + - [ ] [‘Piracy Shield’ Fails to Convert Pirates to Paying Subscribers, Data Suggest](https://torrentfreak.com/piracy-shield-fails-to-convert-pirates-to-paying-subscribers-data-suggest-250119/) +- Your Open Hacker Community + - [ ] [How to make mail combos](https://www.reddit.com/r/HowToHack/comments/1i5d082/how_to_make_mail_combos/) + - [ ] [USB AutoRun](https://www.reddit.com/r/HowToHack/comments/1i5613w/usb_autorun/) + - [ ] [I found a huge vulnerability in a website which is live from a while, how should I proceed now?](https://www.reddit.com/r/HowToHack/comments/1i524zp/i_found_a_huge_vulnerability_in_a_website_which/) + - [ ] [Confused about the difference between Bash Shell and Bash Shell SESSION](https://www.reddit.com/r/HowToHack/comments/1i4tyqb/confused_about_the_difference_between_bash_shell/) + - [ ] [How do I start?](https://www.reddit.com/r/HowToHack/comments/1i59myg/how_do_i_start/) + - [ ] [Websites like clone a site](https://www.reddit.com/r/HowToHack/comments/1i561mi/websites_like_clone_a_site/) + - [ ] [How to scam I wanna learn for free I done go scammed tryna learn how to scam](https://www.reddit.com/r/HowToHack/comments/1i582el/how_to_scam_i_wanna_learn_for_free_i_done_go/) + - [ ] [My friends dad is a bad guy, how to hack /phish(nothing too crazy) or Rick roll him as a prank](https://www.reddit.com/r/HowToHack/comments/1i5639j/my_friends_dad_is_a_bad_guy_how_to_hack/) +- Technical Information Security Content & Discussion + - [ ] [Windows BitLocker -- Screwed without a Screwdriver](https://www.reddit.com/r/netsec/comments/1i54psl/windows_bitlocker_screwed_without_a_screwdriver/) diff --git a/archive/tmp/2025-01-20.json b/archive/tmp/2025-01-20.json new file mode 100644 index 0000000000..bad44f8b09 --- /dev/null +++ b/archive/tmp/2025-01-20.json @@ -0,0 +1,312 @@ +{ + "Private Feed for M09Ic": { + "mgeeky starred orcasecurity-research/AIGoat": "https://github.com/orcasecurity-research/AIGoat", + "mgeeky starred ThomasRinsma/pdftris": "https://github.com/ThomasRinsma/pdftris", + "mgeeky starred osnr/horrifying-pdf-experiments": "https://github.com/osnr/horrifying-pdf-experiments", + "mgeeky starred ading2210/doompdf": "https://github.com/ading2210/doompdf", + "lz520520 starred xzh-dx/ZZZ-Balance_Calc": "https://github.com/xzh-dx/ZZZ-Balance_Calc", + "WafflesExploits started following M09Ic": "https://github.com/M09Ic", + "zer0yu starred sigoden/aichat": "https://github.com/sigoden/aichat", + "zer0yu started following leesh3288": "https://github.com/leesh3288", + "CHYbeta started following leesh3288": "https://github.com/leesh3288", + "INotGreen starred burpheart/hachimi": "https://github.com/burpheart/hachimi", + "safedv starred SpecterOps/Nemesis": "https://github.com/SpecterOps/Nemesis" + }, + "SecWiki News": { + "SecWiki News 2025-01-19 Review": "http://www.sec-wiki.com/?2025-01-19" + }, + "Security Boulevard": { + "DEF CON 32 – Exposing The Occultations In Large Off-Grid Solar Systems": "https://securityboulevard.com/2025/01/def-con-32-exposing-the-occultations-in-large-off-grid-solar-systems/", + "Legends of Music: Celebrating the Greatest Artists Across Generations Compilation": "https://securityboulevard.com/2025/01/legends-of-music-celebrating-the-greatest-artists-across-generations-compilation/", + "Confident Cybersecurity: Essentials for Every Business": "https://securityboulevard.com/2025/01/confident-cybersecurity-essentials-for-every-business/", + "Proactively Managing Cloud Identities to Prevent Breaches": "https://securityboulevard.com/2025/01/proactively-managing-cloud-identities-to-prevent-breaches/", + "How Secure Is Your PAM Strategy?": "https://securityboulevard.com/2025/01/how-secure-is-your-pam-strategy/" + }, + "Doonsec's feed": { + "关键基础设施的安全考虑": "https://mp.weixin.qq.com/s?__biz=MzA5MTYyMDQ0OQ==&mid=2247493529&idx=1&sn=4c1cf032bc2b046882889572dc04b067", + "tiktok周一大概能重新使用了,特朗普打算签署行政令延长执行tiktok封禁时间": "https://mp.weixin.qq.com/s?__biz=MzkzNDIzNDUxOQ==&mid=2247494412&idx=1&sn=253cee4f3c8a0420dcbc3ec02bee9042", + "【突发】TikTok活了!周一在美国重新上线!": "https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485441&idx=1&sn=f2bc12348ab97d3c67b9cf98543807b0", + "北七家-未来科学城,3居变4居豪装,理想楼层/户型/朝向": "https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485441&idx=2&sn=c3a974c73650dc694ab6fcab9c2b19df", + "【干货】笑傲职场的独家经验(1)": "https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485441&idx=3&sn=171db4e77140738cf00fca3ad26dd309", + "【干货原创】实网攻防演习常态化,会带来什么变化01": "https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485441&idx=4&sn=bfc50e69d91c6225e84b24ca06f3db88", + "【干货原创】K12教育,鲜为人知的模式秘密": "https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485441&idx=5&sn=9533a0184971fd9587be72fd4d1d2f43", + "原创文章目录": "https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485441&idx=6&sn=ae2a503c48e99a60e33e130995467a69", + "C++ 运算符": "https://mp.weixin.qq.com/s?__biz=MzA3NDE0NTY0OQ==&mid=2247484051&idx=1&sn=caca830ad2ccfa12f9438d6dba5b3d00", + "每日专业英语4-Clip Art": "https://mp.weixin.qq.com/s?__biz=MzA3NDE0NTY0OQ==&mid=2247484051&idx=2&sn=b38e18403f99796e4ac4ad0df813d3c7", + "“你的第二大脑:Obsidian让思维飞跃的秘诀”": "https://mp.weixin.qq.com/s?__biz=Mzk2NDE5MDgxOQ==&mid=2247484539&idx=1&sn=2422bfc70b1879482a8b50bb52e9ecac", + "原创—结合第四维度牛顿物理学谈少吃肉吃肉遭报应,少骂人欺负人害人,迟早遭报应": "https://mp.weixin.qq.com/s?__biz=Mzg4NzAwNzA4NA==&mid=2247485078&idx=1&sn=b22b1c50c99887e060c6324d1aaf1e84", + "应急响应神器!全面提升Windows系统安全的秘密武器": "https://mp.weixin.qq.com/s?__biz=MzU2MTc4NTEyNw==&mid=2247486354&idx=1&sn=7a32c45a376457f19c95a166517157cd", + "资料共享 |《银行保险机构数据安全实践指南(2024)》附下载链接": "https://mp.weixin.qq.com/s?__biz=MzkzMDY2MDA2Ng==&mid=2247485865&idx=1&sn=849f1ffdbbf4aa62260d54b499344e78", + "梦里挖edu src的步骤": "https://mp.weixin.qq.com/s?__biz=Mzk0NTg3ODYxNg==&mid=2247485081&idx=1&sn=118dc9ec93b8776d4fd28b1acbb90a5a", + "一家安全企业,到底需要多少人?": "https://mp.weixin.qq.com/s?__biz=MzAxOTk3NTg5OQ==&mid=2247492199&idx=1&sn=f23ba361ea986537312e24f3de2d9f8a", + "推荐一款轻量级且实用的Elasticsearch GUI管理工具elasticvue": "https://mp.weixin.qq.com/s?__biz=MzU2MjU1OTE0MA==&mid=2247499652&idx=1&sn=f3d17ffd8145ef57500e071f588dfbc3", + "安全圈最被低估的10个神器:一个比一个强大,大佬都在偷偷用!": "https://mp.weixin.qq.com/s?__biz=MzI5MjY4MTMyMQ==&mid=2247489723&idx=1&sn=deabf0c25cb271145e18f3909c9cf6c1", + "春秋杯WP | 2024春秋杯冬季赛第三天题目部分解析": "https://mp.weixin.qq.com/s?__biz=MzkyNDA5NjgyMg==&mid=2247501315&idx=1&sn=d85a30ae678cadbcaa0d69068c18dc6d", + "【相关分享】2024春秋杯冬季赛三日Writeup汇总(部分)": "https://mp.weixin.qq.com/s?__biz=Mzk0OTUwNTU5Nw==&mid=2247488648&idx=1&sn=dfbb1c72ee4b04ed418652dae9c995d6", + "2025 西湖论剑 Writeup": "https://mp.weixin.qq.com/s?__biz=Mzg2OTcyODc1OA==&mid=2247488609&idx=1&sn=aa926bf3d6d405d7066fbe28778c457f", + "oscp之Kioptrix Level 1靶场": "https://mp.weixin.qq.com/s?__biz=Mzk1NzIyODczMA==&mid=2247483766&idx=1&sn=f0beaee5a096f4fb94efc0c4b7b2c7ac", + "oscp之Kioptrix Level 2靶场": "https://mp.weixin.qq.com/s?__biz=Mzk1NzIyODczMA==&mid=2247483764&idx=1&sn=af510dde395b41a55371c38779e56003", + "oscp之Kioptrix Level 3靶场": "https://mp.weixin.qq.com/s?__biz=Mzk1NzIyODczMA==&mid=2247483763&idx=1&sn=6ed48b5384dfeb14a4ae2a424ecaa3e9", + "新年红包封面派送第一波—6000发,先到先得~": "https://mp.weixin.qq.com/s?__biz=Mzg4MTU4NTc2Nw==&mid=2247495119&idx=1&sn=a142f6c2c5b78db448c8e81bdf6959d2", + "Spring Boot SpEL表达式注入": "https://mp.weixin.qq.com/s?__biz=Mzg4MTU4NTc2Nw==&mid=2247495119&idx=2&sn=37204cbd2cf1d2f0cb8f26b27cbe8757", + "x64 调用栈欺骗": "https://mp.weixin.qq.com/s?__biz=MzAxODM5ODQzNQ==&mid=2247486407&idx=1&sn=1609112b647f5e4c95d0e5958a985c8c", + "俄罗斯关联APT组织UAC-0063利用HATVIBE恶意软件对哈萨克斯坦发起“双击”间谍行动": "https://mp.weixin.qq.com/s?__biz=Mzg3OTYxODQxNg==&mid=2247485624&idx=1&sn=63ef0a4493ed5749992be4e4b7e5ffef", + "深度调查:图像情报核验缅甸某区域遭轰炸事件": "https://mp.weixin.qq.com/s?__biz=Mzg3MDczNjcyNA==&mid=2247488900&idx=1&sn=cec8f81ae56b0b667a205ad766923cd9", + "2024 Kali Linux黑客系统定制化魔改": "https://mp.weixin.qq.com/s?__biz=MzkzMzg3MzMyOA==&mid=2247486370&idx=1&sn=b8d4e339cb57e68785ffd6573bf86755", + "内推|合肥急招驻场渗透测试工程师,要求年前交接,年后正式进场,速投!": "https://mp.weixin.qq.com/s?__biz=Mzg5MDA5NzUzNA==&mid=2247489269&idx=1&sn=92888448b0baaf4112e0033ad9d0cd2b", + "西湖论剑 2025 Writeup": "https://mp.weixin.qq.com/s?__biz=MzU3ODc2NTg1OA==&mid=2247491623&idx=1&sn=6c35eb67c2add8c4817f04ce45bc1faf", + "星悦安全公开交流2群已建立,速加!": "https://mp.weixin.qq.com/s?__biz=Mzg4MTkwMTI5Mw==&mid=2247488647&idx=1&sn=0b0eea18675e615be66f07438d6d30fa", + "$40,000的RCE!": "https://mp.weixin.qq.com/s?__biz=MzIzMTIzNTM0MA==&mid=2247496907&idx=1&sn=bf65d0102436150a0dc5482d51b5c998", + "加密货币交易所之OKX": "https://mp.weixin.qq.com/s?__biz=MzkyNzYzNTQ2Nw==&mid=2247484081&idx=1&sn=f9961b67353a7f332dfef8dd36d8990a", + "【资料】拟任美国中央情报局局长的拉特克利夫及其家人": "https://mp.weixin.qq.com/s?__biz=MzI2MTE0NTE3Mw==&mid=2651148624&idx=1&sn=576c40259107f8aabc30212443488fee", + "2024年度总结 | 网络安全社团的蜕变与前行": "https://mp.weixin.qq.com/s?__biz=MzU3MDU5NTA1MQ==&mid=2247499687&idx=1&sn=a30f484f51a78c72dcc13934cab0416e", + "工具推荐 Windows应急响应的得力助手-Hawkeye": "https://mp.weixin.qq.com/s?__biz=Mzg3OTUxNTU2NQ==&mid=2247490004&idx=1&sn=c71efdc86fe2c3d43d7909ea025b9a49", + "SSRF": "https://mp.weixin.qq.com/s?__biz=Mzg3OTUxNTU2NQ==&mid=2247490002&idx=1&sn=e641f844e1d2db88d1e130d70cf87c97", + "一次通用cnvd案例分享": "https://mp.weixin.qq.com/s?__biz=Mzg3OTUxNTU2NQ==&mid=2247490002&idx=2&sn=d5528443216703026dbb5befe50a87c2", + "【麦当劳|金拱门双人桶【祝你今年金拱门】【可配送】|多店可用】": "https://mp.weixin.qq.com/s?__biz=Mzg3OTUxNTU2NQ==&mid=2247490002&idx=3&sn=06d37b661e8a81b5a804820a09d902eb", + "记一次CNNVD通用漏洞证书挖掘": "https://mp.weixin.qq.com/s?__biz=MzkyMDY1MDI3OA==&mid=2247483794&idx=1&sn=31e5bf60bafe8e52c06509a0827328b2", + "公众号交流三群建立了!快来扫码加入": "https://mp.weixin.qq.com/s?__biz=MzkwODI1ODgzOA==&mid=2247506590&idx=1&sn=1ea25d3d719803180b9a2b6d047b799d", + "渗透攻防武器库,最后一波了!hacker": "https://mp.weixin.qq.com/s?__biz=Mzk0ODM0NDIxNQ==&mid=2247493317&idx=1&sn=f2cdb4363ec6b28c0ca9811ec6899711", + "【靶场合集】CTF-2024春秋杯冬季赛:easy_code": "https://mp.weixin.qq.com/s?__biz=Mzk0ODM0NDExMg==&mid=2247484553&idx=1&sn=71339b1dc0ce698595ada4e5c686c983", + "驾驶舱域控制器虚拟化平台的运行时安全": "https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247619796&idx=1&sn=2b4afa38d99946f5b8aa6907c5c8d58e", + "GB_T 44778-2024 汽车诊断接口信息安全技术要求及试验方法": "https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247619796&idx=2&sn=00be9fb4e3587ff3c7ef45f098acad21", + "功能安全和信息安全的挑战:设计功能安全与信息安全之间的流程接口": "https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247619796&idx=3&sn=e571a326437e3343d9e100a2d854a8cb", + "保姆级教学之sqli-labs(less54-65)": "https://mp.weixin.qq.com/s?__biz=Mzk1NzQwNjQ4Ng==&mid=2247484551&idx=1&sn=94fd6238c052ac5fbfcd501a9b205100", + "2024年公众号赞赏计划说明": "https://mp.weixin.qq.com/s?__biz=MzU1NDkwMzAyMg==&mid=2247502667&idx=1&sn=9e980805fcf6f1fa7a39ce857c57159a", + "红包封面": "https://mp.weixin.qq.com/s?__biz=MzI3NzI4OTkyNw==&mid=2247489545&idx=1&sn=61afc62a4e4f2bc26d23c139406b90d4", + "域渗透系列 - 通过 DNS 进行Kerberos Relay": "https://mp.weixin.qq.com/s?__biz=MzkyNzQzNzc3OQ==&mid=2247484366&idx=1&sn=319ac331499931353829a877e7b50aa8", + "国家互联网应急中心通报两起美方对我国网络攻击事件": "https://mp.weixin.qq.com/s?__biz=MzAxMjE3ODU3MQ==&mid=2650606800&idx=2&sn=f168ef1b7124f595f365e6c984b29b5a", + "盲盒=赌具?你以为的“盲盒游戏”实际上是一场网络赌博!": "https://mp.weixin.qq.com/s?__biz=MzI0NzE4ODk1Mw==&mid=2652094640&idx=2&sn=fe86741e8142c1c02ff5237d0cfbdb01", + "强的飞起!推荐一款国产源码交付,IoT农业灌溉/大田监控项目接单神器,轻松搭建智慧农业物联网平台": "https://mp.weixin.qq.com/s?__biz=MjM5OTA4MzA0MA==&mid=2454936646&idx=1&sn=f82de9b38d8d99b32477ffb454c02677", + "【安全圈】可能对企业产生严重影响:字节跳动飞书海外版Lark也将在美国市场停止运营": "https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067480&idx=1&sn=c2d0bb267baf11570d6e3253fa3ff4fe", + "【安全圈】微软已经修复Microsoft 365在Windows Server 2016/2019上崩溃的问题": "https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067480&idx=2&sn=e94b5cb3a624cdca3e6452bf7c79d7a8", + "【安全圈】FTC 要求通用汽车停止收集和销售驾驶员数据": "https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067480&idx=3&sn=220a3c1eb7166bba53400942dfa9cab1", + "【安全圈】CL-UNK-0979 利用 Ivanti Connect Secure 中的零日漏洞获取网络访问权限": "https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067480&idx=4&sn=8dc7094933166fceeb2e467f38e23545", + "抽奖啦!": "https://mp.weixin.qq.com/s?__biz=MzkwMDQ4MDU2MA==&mid=2247484428&idx=1&sn=4597cfcde4c09ed5ac897164ad30f5e7", + "【CobaltStrike】CS4.9.1 特战版 | 自破解+二开+BUG修复+配置优化": "https://mp.weixin.qq.com/s?__biz=Mzg5NzUyNTI1Nw==&mid=2247496347&idx=1&sn=80922d559ccaec11588d8ba216b8a118", + "AutoSar——28通讯控制": "https://mp.weixin.qq.com/s?__biz=MzIzOTc2OTAxMg==&mid=2247549131&idx=1&sn=47986fbf719434864b857903c3f75893", + "车载以太网与CAN通信之间的区别": "https://mp.weixin.qq.com/s?__biz=MzIzOTc2OTAxMg==&mid=2247549131&idx=2&sn=529ff1a8d6e0e5c362e89a69dfc580b8", + "大路:高速中国里的工地纪事": "https://mp.weixin.qq.com/s?__biz=MzUzMjQyMDE3Ng==&mid=2247487918&idx=1&sn=62fa743b6f7cd093a352b0917f89a0e8", + "知识星球xa0|xa02024网安报告大合集发布;API安全影响、网安战略技术等资源更新": "https://mp.weixin.qq.com/s?__biz=MzU5ODgzNTExOQ==&mid=2247634752&idx=1&sn=47de4a43e1fc9566de098c763aa7fd6e", + "以太网三大链路类型对比:如何选择Access、Trunk或Hybrid?": "https://mp.weixin.qq.com/s?__biz=MzIyMzIwNzAxMQ==&mid=2649464561&idx=1&sn=c2bc71bfe1f649400cf47ed28a2989f6", + "揭秘俄罗斯人力情报的全新布局": "https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650559015&idx=1&sn=37962d35fd4ae69a3f4a81abdff654e7", + "渗透测试信息收集指南": "https://mp.weixin.qq.com/s?__biz=Mzk0Mjg4MTQxMw==&mid=2247485699&idx=1&sn=4fd6df9190ce90e533d1295d9cf63761", + "网络工程师:如何在职场中越老越吃香?掌握这几点,你也能越老越牛!": "https://mp.weixin.qq.com/s?__biz=MzUyNTExOTY1Nw==&mid=2247527921&idx=1&sn=63a793fb3dda03d616d12f4df6d2bcfc", + "终究是比不过天赋型选手": "https://mp.weixin.qq.com/s?__biz=MzIxMTg1ODAwNw==&mid=2247500453&idx=1&sn=1626f0950b23540cba8a39155a446362", + "ChatGPT快速审定保险学论文的内部高阶攻略:让论文问题无处藏身!": "https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247493244&idx=1&sn=639ee3363c8eaf632543afb9f20f9893", + "ChatGPT快速审核比较教育学论文的内部命令指南,1分钟洞察论文问题!": "https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247493244&idx=2&sn=643c579b7d7b8267c6a1b523c90ba225", + "ChatGPT快速审核法律事务论文的内部秘笈,实用干货全公开!": "https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247493244&idx=3&sn=586b5a51d429f8aec48fa0c985f1134c", + "ChatGPT快速审核社会法学论文全流程攻略,8分钟找准论文硬伤!": "https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247493244&idx=4&sn=81fc0ad275d42828e13ab4954d535d22", + "ChatGPT临床检验诊断学论文高效生成:教你快速搞定论文初稿。": "https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247493244&idx=5&sn=9be789a4e71f76910c9c45fa8a96a7c6", + "微信红包封面免费领取~": "https://mp.weixin.qq.com/s?__biz=Mzg3NzkwMTYyOQ==&mid=2247488278&idx=1&sn=dbbadf5a98a72572f4deedfa9ecd5190", + "直播倒计时2天:在企业做安全和对外做安全产品有什么差异?": "https://mp.weixin.qq.com/s?__biz=MzIyOTAxOTYwMw==&mid=2650236931&idx=1&sn=5b12e1b5c57ec2f8e03facbaa312a866", + "干货|常见端口渗透总结": "https://mp.weixin.qq.com/s?__biz=MzkxMzMyNzMyMA==&mid=2247569839&idx=1&sn=c5b75f38a7dd5da15b4c7381bde02227", + "【珍藏版】渗透测试手册,简直太赞了!": "https://mp.weixin.qq.com/s?__biz=MzkxMzMyNzMyMA==&mid=2247569839&idx=2&sn=9749b0b4b3339dac6ee664fbb267dc90", + "盘点万亿市值的Palantir在2024年拿下的至少87亿的美军合同都是啥": "https://mp.weixin.qq.com/s?__biz=MzI1OTExNDY1NQ==&mid=2651618708&idx=1&sn=8ac9059513377c114628bba994559513", + "独家揭秘!美国对华网络攻击已超出传统范围": "https://mp.weixin.qq.com/s?__biz=MzkwMTMyMDQ3Mw==&mid=2247597515&idx=2&sn=b9d050cc626f12c62ae6d30eec33fe89", + "这家银行因数据管理不到位等而被罚": "https://mp.weixin.qq.com/s?__biz=MzIxMDIwODM2MA==&mid=2653931452&idx=1&sn=30dbf45bf12270ee3cd789f4a0e1f7a2", + "TikTok在美国停止服务的影响及市场变化分析": "https://mp.weixin.qq.com/s?__biz=Mzg4NDY4Mzk3Mw==&mid=2247485502&idx=1&sn=2261338e55f0d49fcd9474dfc082ca85", + "公众号交流二群建立了!快来扫码加入": "https://mp.weixin.qq.com/s?__biz=MzkwODI1ODgzOA==&mid=2247506582&idx=2&sn=f2c8ea570afdb6c8f7f986373645798b", + "KONE-通力电梯管理系统-app_show_log_lines.php-任意文件读取漏洞": "https://mp.weixin.qq.com/s?__biz=MzkyOTg3ODc5OA==&mid=2247484259&idx=1&sn=888da6c5443cb2f2ae0c03c3c922dd17", + "【工具推荐】一款渗透测试信息收集集成工具--密探 v1.19 版": "https://mp.weixin.qq.com/s?__biz=MzkzMDg1MzIwNA==&mid=2247486619&idx=1&sn=a495cb820bd0b97ffd0e75d04cfb8d5a", + "【实战案例】记一次通过供应链测试系统拿下靶标的经过": "https://mp.weixin.qq.com/s?__biz=MzkyNDYwNTcyNA==&mid=2247487390&idx=1&sn=4615335088b00024e9434956e4255034", + "【工具分享】Swagger API Exploit 1.2 - 信息泄露利用工具": "https://mp.weixin.qq.com/s?__biz=Mzg4MTkwMTI5Mw==&mid=2247488641&idx=1&sn=af12c4534abac0d07a82bbdb894ba5a7", + "吃瓜,培训一哥起诉某公众号索赔50W": "https://mp.weixin.qq.com/s?__biz=Mzk0MzY3MDE5Mg==&mid=2247483950&idx=1&sn=ed1b379191fd847a0dbd6880684af211", + "救命!!!我真的学会了RMI远程方法调用": "https://mp.weixin.qq.com/s?__biz=MzkzNzU5MDMxOA==&mid=2247484226&idx=1&sn=461786564bedfa8b4bcf3ac4724f564c", + "HuntBack让黑客无处遁形": "https://mp.weixin.qq.com/s?__biz=MzkxMTUwOTY1MA==&mid=2247490031&idx=1&sn=a1f7ad20f610a113f1046bfeee312d78", + "K8S集群与应用系统之间关系梳理": "https://mp.weixin.qq.com/s?__biz=Mzg3NTUzOTg3NA==&mid=2247515062&idx=1&sn=075664f6f645944dad48e9489a48acbb", + "更优雅的nignx内存马后门 | ebpf 内核马": "https://mp.weixin.qq.com/s?__biz=Mzk1NzE0ODk3Nw==&mid=2247490404&idx=1&sn=2d6bb4d4aa0b816671fdb5a1c720cf67", + "浅谈迪菲赫尔曼密钥交换算法": "https://mp.weixin.qq.com/s?__biz=MzAwNTc5MTMyNg==&mid=2247500100&idx=1&sn=b5c374bd03a5274cba5910d9d3a26b89", + "饶志宏 | 构筑网络空间安全主动防御体系": "https://mp.weixin.qq.com/s?__biz=Mzg4MDU0NTQ4Mw==&mid=2247528735&idx=1&sn=af82df22e9bbc7b90f6a7bff8ac9483f", + "专家解读 | 建设可信数据空间,打造新型数据基础设施": "https://mp.weixin.qq.com/s?__biz=Mzg4MDU0NTQ4Mw==&mid=2247528735&idx=2&sn=5db52b34f260efee2cbabd9f8161f1f6", + "揭秘Android RAT程序:权限滥用与案例分析": "https://mp.weixin.qq.com/s?__biz=Mzg2OTU3MzI1OQ==&mid=2247485515&idx=1&sn=af8b4b349e5b0fc56e39fc7442f9d4b9", + "中央网信办启动“清朗·2025年春节网络环境整治”专项行动": "https://mp.weixin.qq.com/s?__biz=MzUzNjkxODE5MA==&mid=2247488116&idx=1&sn=7d7335dcba54760679a97a688b9494c8", + "ISO 14001: 2015 标准详解与实施(17)7.5 文件化信息": "https://mp.weixin.qq.com/s?__biz=MzA5OTEyNzc1Nw==&mid=2247485957&idx=1&sn=f314736bad7328324e5dbab086cc6fbc", + "ISO 14001: 2015 标准详解与实施(16)7.4 信息交流": "https://mp.weixin.qq.com/s?__biz=MzA5OTEyNzc1Nw==&mid=2247485957&idx=2&sn=6476becda88cde2f67f9388df289d55e", + "ISO 14001: 2015 标准详解与实施(15)7.3 意识": "https://mp.weixin.qq.com/s?__biz=MzA5OTEyNzc1Nw==&mid=2247485957&idx=3&sn=888996499eb4807b9b2aa2f4dc6a9e6b", + "ISO 14001: 2015 标准详解与实施(13)7.1 资源": "https://mp.weixin.qq.com/s?__biz=MzA5OTEyNzc1Nw==&mid=2247485957&idx=5&sn=0a40ae02d454f03cd52b812d3921490e", + "【2025-01-19】每日安全资讯": "https://mp.weixin.qq.com/s?__biz=MzIzNDU5NTI4OQ==&mid=2247488320&idx=1&sn=6d342d8bea1a7d4e4d31fa9f9e79bf14", + "区块链 智能合约安全 | 回滚攻击": "https://mp.weixin.qq.com/s?__biz=MzUyODkwNDIyMg==&mid=2247547396&idx=1&sn=dd36ead706ea97fab71e7281fffcf75c", + "tiktok已无法使用😂": "https://mp.weixin.qq.com/s?__biz=MzkzNDIzNDUxOQ==&mid=2247494398&idx=1&sn=e64737d718dd422c5356eb94cf751086", + "银狐肆虐,小白该如何防范,如何自动化狩猎钓鱼站点---文末附自动化检测程序": "https://mp.weixin.qq.com/s?__biz=MzU4NTg4MzIzNA==&mid=2247484329&idx=1&sn=20c31baba359a00aaa54f36bd93f9bcd", + "深化网络安全合作,共商情感管理 —— 记1月18日重要电话会谈": "https://mp.weixin.qq.com/s?__biz=MzkyMTQzNTM3Ng==&mid=2247483889&idx=1&sn=8ca317a40bb5f24e50d0f00e1c5306ae", + "灵蛇献瑞,福满乾坤": "https://mp.weixin.qq.com/s?__biz=MzI1ODM1MjUxMQ==&mid=2247494410&idx=1&sn=45fe1b3463f34af5c35aa7b62cfd7cc3", + "赛题记录 | 2025西湖论剑两道WEB的一些思考": "https://mp.weixin.qq.com/s?__biz=MzkwMzQyMTg5OA==&mid=2247486681&idx=1&sn=3a0fd0f13894f31de83d8dd72d4dd846", + "巴塞罗那,何以成为世界间谍软件初创中心?": "https://mp.weixin.qq.com/s?__biz=MzkzNjE5NjQ4Mw==&mid=2247543307&idx=1&sn=24802d280d3d002dd86da86d1b78591c", + "2025黑客入门教程(非常详细)从零基础入门到精通,看完这一篇就够了": "https://mp.weixin.qq.com/s?__biz=Mzk1NzMwNTM5NQ==&mid=2247483844&idx=1&sn=b1a288bed4d824126b3d8719308cc24c", + "安天网络行为检测能力升级通告(20250119)": "https://mp.weixin.qq.com/s?__biz=MjM5MTA3Nzk4MQ==&mid=2650209598&idx=1&sn=5e5e2d6ece7346b23318db96d9226467", + "物联网产业规模和连接数规模测算方法工作座谈会顺利召开": "https://mp.weixin.qq.com/s?__biz=MzU1OTUxNTI1NA==&mid=2247592142&idx=1&sn=13b8eae44ec33e417928428f63273aa5", + "工业互联网标识解析体系全面建成,奋力构筑信息通信业全面深化改革新图景": "https://mp.weixin.qq.com/s?__biz=MzU1OTUxNTI1NA==&mid=2247592142&idx=2&sn=d03d0ae9dc1884dec9666278ea81b04e", + "R3 RootKit病毒技术研究入门": "https://mp.weixin.qq.com/s?__biz=MzA4ODEyODA3MQ==&mid=2247490049&idx=1&sn=eec060b016a2c2c48b9a5a5a5a6ef745", + "攻防技战术动态一周更新 - 20250113": "https://mp.weixin.qq.com/s?__biz=MzkzODc4NjE1OQ==&mid=2247483907&idx=1&sn=486fd11536298725e1e9a848a267a9af", + "【反面案例】少量生物数据被暴露在公网": "https://mp.weixin.qq.com/s?__biz=MzkzNDIzNDUxOQ==&mid=2247494391&idx=1&sn=9a46670c6f765c8770ae558d75f02cb5", + "apt 的归因就没看到让人信服的": "https://mp.weixin.qq.com/s?__biz=MzkzNDIzNDUxOQ==&mid=2247494391&idx=2&sn=969e7797f3c4f1ced0997799d459d83b", + "小某书为新闻采集唯一真神": "https://mp.weixin.qq.com/s?__biz=MzkzNDIzNDUxOQ==&mid=2247494391&idx=3&sn=bdccdf154b778c993f48b58ce8b8193b", + "哟,搁这玩反差呢。": "https://mp.weixin.qq.com/s?__biz=Mzk0MzY3MDE5Mg==&mid=2247483946&idx=1&sn=eef0c77d553e635745a380f04e3a5e3e", + "2025年十大最佳漏洞管理工具": "https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651312409&idx=1&sn=cb68df3d11a9480a16e2eab801cc662c", + "Google Ads用户成恶意广告诈骗新目标,凭据及双因素认证码被盗": "https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651312409&idx=3&sn=d3e1c0a64ae860400058cb81618f1fc3", + "SuperdEye:一款基于纯Go实现的间接系统调用执行工具": "https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651312409&idx=4&sn=a81099ae3c74511c3ebc897f37b2d848", + "Spring框架—基础学习": "https://mp.weixin.qq.com/s?__biz=Mzk0ODY1NzEwMA==&mid=2247485908&idx=1&sn=0f6a61387171d5f21da91dd84a294e06", + "【新年抽奖】一周速成反混淆大师-秒杀变种控制流平坦化(ollvm)": "https://mp.weixin.qq.com/s?__biz=MzI1Mjk2MTM1OQ==&mid=2247485300&idx=1&sn=e32bfd9075a39ac821bd3a6ab1424f89", + "固件安全分析之符号表恢复技术": "https://mp.weixin.qq.com/s?__biz=MjM5MjEyMTcyMQ==&mid=2651037421&idx=1&sn=c4127ac756e63ebc1597aaa82d755d7e", + "YD∕T 6032-2024 面向家庭宽带场景的IPv6安全隔离技术要求": "https://mp.weixin.qq.com/s?__biz=MjM5OTk4MDE2MA==&mid=2655264115&idx=4&sn=a3b1cfc4b3c623b8d0278793a4e02e3f", + "YD∕T 6041-2024 5G移动通信网 核心网网络切片增强技术要求(第二阶段)": "https://mp.weixin.qq.com/s?__biz=MjM5OTk4MDE2MA==&mid=2655264115&idx=5&sn=59f216e1b9a569919f11ca3b30bd0b87", + "YD∕T 6058-2024 面向车联网应用场景的高精度定位总体技术要求": "https://mp.weixin.qq.com/s?__biz=MjM5OTk4MDE2MA==&mid=2655264115&idx=6&sn=31a0921bbb405761eb3588c9c3cabd2e", + "YD∕T 6101-2024 深度包检测策略信息库智能管理技术要求": "https://mp.weixin.qq.com/s?__biz=MjM5OTk4MDE2MA==&mid=2655264115&idx=7&sn=9b641925ee0f057e6ad96c5721ca2b49", + "YD∕T 4565-2023 物联网安全态势感知技术要求": "https://mp.weixin.qq.com/s?__biz=MjM5OTk4MDE2MA==&mid=2655264115&idx=8&sn=4a5088a2479b1ea6f5d2fce512b036ad", + "既怕兄弟苦又怕兄弟开路虎()o(╥﹏╥)o)": "https://mp.weixin.qq.com/s?__biz=Mzk0MzY3MDE5Mg==&mid=2247483938&idx=1&sn=92e645ae20f8705c8b20cd9f91848c84", + "西湖论剑WriteUp": "https://mp.weixin.qq.com/s?__biz=MzkyMDY5OTg5OA==&mid=2247493338&idx=1&sn=964783a401a2539239644bbccf4ff43e", + "解锁企业持续增长的密钥——深入探索企业战略规划方法论(附PPT下载)": "https://mp.weixin.qq.com/s?__biz=MzkyODY5ODAyOA==&mid=2247489312&idx=1&sn=4fe2d267861399d0a7097a2920ad121a", + "网安原创文章推荐【2025/1/18】": "https://mp.weixin.qq.com/s?__biz=MzAxNzg3NzMyNQ==&mid=2247489469&idx=1&sn=b7c1fc722653e74c14d51d4b187836f8", + "盘点一下各种奇葩的删库跑路事件": "https://mp.weixin.qq.com/s?__biz=MzUzNjkxODE5MA==&mid=2247488110&idx=1&sn=5af4bf3456d5a9f636d31cf2204f7298", + "涉案2000万!网警成功侦破一起特大“造谣引流”网络水军案;": "https://mp.weixin.qq.com/s?__biz=MzAxMjE3ODU3MQ==&mid=2650606800&idx=1&sn=ec4b2cd3fc2d252b1d3d3b622692d78f", + "攻防实战,进入某校内网": "https://mp.weixin.qq.com/s?__biz=MzAxMjE3ODU3MQ==&mid=2650606800&idx=3&sn=990d0438b26e59119c79ba0c75cc675d", + "一款微信小程序源码包信息收集工具,根据已有项目改编": "https://mp.weixin.qq.com/s?__biz=MzAxMjE3ODU3MQ==&mid=2650606800&idx=4&sn=4735e4f51b9fdd9e26d3e719ec291843", + ".NET内网实战:通过 findstr 快速获取数据库连接密码": "https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498317&idx=1&sn=a5fbee0aae201e4dfbe1b11cd8875574", + ".NET 安全攻防知识交流社区": "https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498317&idx=2&sn=d7ca7d91aa1a789626ddce7bc16645ad", + ".NET 第55期红队武器库和资源汇总": "https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498317&idx=3&sn=e32ddb9164eebb4dbe090802a5ff5d22" + }, + "Recent Commits to cve:main": { + "Update Sun Jan 19 20:27:53 UTC 2025": "https://github.com/trickest/cve/commit/7e1f2063923cfa93d78465725760773477e387aa", + "Update Sun Jan 19 12:26:12 UTC 2025": "https://github.com/trickest/cve/commit/82640a9c27a9871a0f3f4be31b4606aa2dfa2dca", + "Update Sun Jan 19 04:16:39 UTC 2025": "https://github.com/trickest/cve/commit/dc028ae10989ac4ee92b70cb89ffeb4bd20660b6" + }, + "一个被知识诅咒的人": { + "Python中的函数式编程:使用map、filter和reduce提升代码表达力": "https://blog.csdn.net/nokiaguy/article/details/145243904", + "【Python运维】日志分析与监控:用Python进行日志聚合与异常检测的全面指南": "https://blog.csdn.net/nokiaguy/article/details/145243887" + }, + "Twitter @Nicolas Krassas": { + "TikTok Goes Dark in the U.S. as Federal Ban Takes Effect January 19, 2025 https://thehackernews.com/2025/01/tiktok-goes-dark-in-us-as-federal-ban.html": "https://x.com/Dinosn/status/1880868881063186864", + "FCC to telcos: By law you must secure your networks from foreign spies. Get on it https://go.theregister.com/feed/www.theregister.com/2025/01/17/fcc_t...": "https://x.com/Dinosn/status/1880824957879697869", + "CVE-2024-55591: Follow up: Authentication Bypass Vulnerability in Fortinet FortiOS and FortiProxy https://arcticwolf.com/resources/blog/cve-2024-55591...": "https://x.com/Dinosn/status/1880824876187144375", + "FTC cracks down on Genshin Impact gacha loot box practices https://www.bleepingcomputer.com/news/gaming/ftc-cracks-down-on-genshin-impact-gacha-loot-b...": "https://x.com/Dinosn/status/1880824780108317066", + "MITRE Launches D3FEND 1.0 to Standardize Cybersecurity Techniques for Countering Threats https://cybersecuritynews.com/mitre-launches-d3fend-1-0/": "https://x.com/Dinosn/status/1880824684910174639", + "TikTok Says It Will ‘Go Dark’ Unless It Gets Clarity From Biden Following Supreme Court Ruling https://www.securityweek.com/tiktok-says-it-will-go-d...": "https://x.com/Dinosn/status/1880824616345850324", + "Treasury Levels Sanctions Tied to a Massive Hack of Telecom Companies and Breach of Its Own Network https://www.securityweek.com/treasury-levels-sanct...": "https://x.com/Dinosn/status/1880824543889281362", + "HTB: MonitorsThree https://0xdf.gitlab.io/2025/01/18/htb-monitorsthree.html": "https://x.com/Dinosn/status/1880824428923408539", + "FTC orders GM to stop collecting and selling driver’s data https://www.bleepingcomputer.com/news/legal/ftc-orders-gm-to-stop-collecting-and-selling-d...": "https://x.com/Dinosn/status/1880824364985442688", + "Lazarus APT Targets Job Seekers with “Contagious Interview” Campaign Using ClickFix Technique https://securityonline.info/lazarus-apt-targets-job-se...": "https://x.com/Dinosn/status/1880824305753468968", + "ShellSweep: detect potential webshell files in a specified directory https://meterpreter.org/shellsweep-detect-potential-webshell-files-in-a-specified...": "https://x.com/Dinosn/status/1880824176409505795", + "Krueger: Proof of Concept (PoC) .NET tool for remotely killing EDR with WDAC https://meterpreter.org/krueger-proof-of-concept-poc-net-tool-for-remotel...": "https://x.com/Dinosn/status/1880824040413376783" + }, + "Armin Ronacher's Thoughts and Writings": { + "Automatic Server Reloading in Rust on Change: What is listenfd/systemfd?": "http://lucumr.pocoo.org/2025/1/19/what-is-systemfd" + }, + "Twitter @bytehx": { + "Re @RootxRavi @Bugcrowd Congrats 🎉": "https://x.com/bytehx343/status/1880802330616168804" + }, + "Blogs dade": { + "Weekly Retro 2025-W03": "https://0xda.de/blog/2025/01/weekly-retro-2025-w03/" + }, + "Bug Bounty in InfoSec Write-ups on Medium": { + "How I Utilized AI to Discover an Amazon S3 Bucket Takeover Vulnerability in Red Bull’s Bug Bounty…": "https://infosecwriteups.com/how-i-utilized-ai-to-discover-an-amazon-s3-bucket-takeover-vulnerability-in-red-bulls-bug-bounty-503d3c4d995f?source=rss----7b722bfd1b8d--bug_bounty", + "Finding my First SQL Injection On HackerOne": "https://infosecwriteups.com/finding-my-first-sql-injection-on-hackerone-6a031ab5aa1c?source=rss----7b722bfd1b8d--bug_bounty", + "Plan Ristriction Bypass for Slack Integration: 500$ Improper Validation Check Bug": "https://infosecwriteups.com/plan-ristriction-bypass-for-slack-integration-500-improper-validation-check-bug-0c1acf6f01d3?source=rss----7b722bfd1b8d--bug_bounty", + "User Enumeration: From Overlooked to Medium-Impact Bug": "https://infosecwriteups.com/user-enumeration-from-overlooked-to-medium-impact-bug-48bbefa2ab3b?source=rss----7b722bfd1b8d--bug_bounty", + "Exploiting IDOR in a Support Portal Chatbot": "https://infosecwriteups.com/exploiting-idor-in-a-support-portal-chatbot-f1d0617bace1?source=rss----7b722bfd1b8d--bug_bounty" + }, + "Reverse Engineering": { + "Reverse-engineering a carry-lookahead adder in the Pentium": "https://www.reddit.com/r/ReverseEngineering/comments/1i4oek3/reverseengineering_a_carrylookahead_adder_in_the/" + }, + "奇客Solidot–传递最新科技情报": { + "手游 Marvel Snap 因 TikTok 禁令从应用商店下架": "https://www.solidot.org/story?sid=80372", + "就业市场上的权力天平倾向了雇主": "https://www.solidot.org/story?sid=80371", + "对 TikTok 的禁令可能扩散到美国盟国": "https://www.solidot.org/story?sid=80370", + "TikTok 关闭美国服务": "https://www.solidot.org/story?sid=80369" + }, + "黑海洋 - IT技术知识库": { + "Emby TV 安卓电视端 使用教程": "https://blog.upx8.com/4674" + }, + "安全分析与研究": { + "R3 RootKit病毒技术研究入门": "https://mp.weixin.qq.com/s?__biz=MzA4ODEyODA3MQ==&mid=2247490049&idx=1&sn=eec060b016a2c2c48b9a5a5a5a6ef745&chksm=902fb529a7583c3f0a2b0935cfd9f3df6108088566ca52d5bd9df83588d2b382a01ee1757d28&scene=58&subscene=0#rd" + }, + "青衣十三楼飞花堂": { + "大路:高速中国里的工地纪事": "https://mp.weixin.qq.com/s?__biz=MzUzMjQyMDE3Ng==&mid=2247487918&idx=1&sn=62fa743b6f7cd093a352b0917f89a0e8&chksm=fab2d291cdc55b87d7b94cecfbd60540e362d1a5c59f44c62911d214c10d2bce471e9c680efd&scene=58&subscene=0#rd" + }, + "丁爸 情报分析师的工具箱": { + "【资料】拟任美国中央情报局局长的拉特克利夫及其家人": "https://mp.weixin.qq.com/s?__biz=MzI2MTE0NTE3Mw==&mid=2651148624&idx=1&sn=576c40259107f8aabc30212443488fee&chksm=f1af266ac6d8af7c3bec1081deebb88f2250a0d00614bd70fa3795f753849ec277a9f8463a5b&scene=58&subscene=0#rd" + }, + "dotNet安全矩阵": { + ".NET内网实战:通过 findstr 快速获取数据库连接密码": "https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498317&idx=1&sn=a5fbee0aae201e4dfbe1b11cd8875574&chksm=fa5954a0cd2eddb64b0d918c03c9bcd317a860e08c6e4b8154b1b5af1c4146c88ad78be379c2&scene=58&subscene=0#rd", + ".NET 安全攻防知识交流社区": "https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498317&idx=2&sn=d7ca7d91aa1a789626ddce7bc16645ad&chksm=fa5954a0cd2eddb61fd6d64dce4872114b6810630ff226c508b9b940b8bf43a1c5061b1f1e2e&scene=58&subscene=0#rd", + ".NET 第55期红队武器库和资源汇总": "https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498317&idx=3&sn=e32ddb9164eebb4dbe090802a5ff5d22&chksm=fa5954a0cd2eddb69193b05c5c3ffb37d6bff2b7cf2d0c2bfc9a329b7586a39b74d3010d81c3&scene=58&subscene=0#rd" + }, + "安全圈": { + "【安全圈】可能对企业产生严重影响:字节跳动飞书海外版Lark也将在美国市场停止运营": "https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067480&idx=1&sn=c2d0bb267baf11570d6e3253fa3ff4fe&chksm=f36e7ad8c419f3ce38cfc35ec6bd2c637b49c85b101d0b057484bc1ace20d684457a77a7a7eb&scene=58&subscene=0#rd", + "【安全圈】微软已经修复Microsoft 365在Windows Server 2016/2019上崩溃的问题": "https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067480&idx=2&sn=e94b5cb3a624cdca3e6452bf7c79d7a8&chksm=f36e7ad8c419f3cef73c242196a8499de4c2c79ec90ca98bd662ee5575f6ac22d4041dcd89d4&scene=58&subscene=0#rd", + "【安全圈】FTC 要求通用汽车停止收集和销售驾驶员数据": "https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067480&idx=3&sn=220a3c1eb7166bba53400942dfa9cab1&chksm=f36e7ad8c419f3ce7eec3c9934f5c50798a83c044de9ed8607edfb8e503cd95268521f790488&scene=58&subscene=0#rd", + "【安全圈】CL-UNK-0979 利用 Ivanti Connect Secure 中的零日漏洞获取网络访问权限": "https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067480&idx=4&sn=8dc7094933166fceeb2e467f38e23545&chksm=f36e7ad8c419f3ce413fdcd09b7fbf2c3828fe34b5aca8c6a3b0d570a1f213c166b9943c4be8&scene=58&subscene=0#rd" + }, + "情报分析师": { + "揭秘俄罗斯人力情报的全新布局": "https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650559015&idx=1&sn=37962d35fd4ae69a3f4a81abdff654e7&chksm=87117c6cb066f57aa21d4ea03c2085ec0beb649116bd42891f430041cf6993324f15a4dcce41&scene=58&subscene=0#rd" + }, + "极客公园": { + "时隔 8 年,任天堂 Switch 2 终于来了,你买吗!": "https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653072331&idx=1&sn=2f8f2f9d50771b9c3f15cac061f8cff5&chksm=7e57d67d49205f6b80e31d9a0db91bdb72aeb161490952954a50f42f6e6407a71de7670d311a&scene=58&subscene=0#rd", + "突发丨TikTok 在美停止服务,美区 iOS、安卓已下架": "https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653072318&idx=1&sn=39714f4d9915dd2b8a13f2ee5e0d1dc4&chksm=7e57d60849205f1e5b367c604a88c280ee2430767ce018c69a868cd6e0a3ace6cd34660af42f&scene=58&subscene=0#rd", + "CES2025 结束后,我们发现这 15 个硬件最好玩": "https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653072318&idx=2&sn=01f4b2ec30208ccde2ff857f379c582f&chksm=7e57d60849205f1e587b175eb8e43d2af4043ce37102178a86e3559f30e72ee5496af3b47244&scene=58&subscene=0#rd", + "特朗普称极有可能给 TT 90 天延期;淘宝成蛇年春晚电商互动平台;罗永浩:不是没有为 AIOS 做手机的可能 | 极客早知道": "https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653072306&idx=1&sn=89adf3a1ce8d4ba450cc7ac7f6979885&chksm=7e57d60449205f1299e2dbb972c999b2f84092c376740374ba2498ce61e97f58d6c8ad726960&scene=58&subscene=0#rd" + }, + "航行笔记": { + "直播倒计时2天:在企业做安全和对外做安全产品有什么差异?": "https://mp.weixin.qq.com/s?__biz=MzIyOTAxOTYwMw==&mid=2650236931&idx=1&sn=5b12e1b5c57ec2f8e03facbaa312a866&chksm=f04ad2bfc73d5ba9b46c82cf018950f19f81242dba0075d77e4444c272175b419961197759d8&scene=58&subscene=0#rd" + }, + "墨菲安全": { + "直播倒计时2天:在企业做安全和对外做安全产品有什么差异?": "https://mp.weixin.qq.com/s?__biz=MzkwOTM0MjI5NQ==&mid=2247488032&idx=1&sn=4979d3ea51fb5e28ee8336d903a77a65&chksm=c13d7118f64af80eba6460f7d74506ba94e2c442fbff6d2f97dd79f0130fe286619c24a178c3&scene=58&subscene=0#rd" + }, + "迪哥讲事": { + "$40,000的RCE!": "https://mp.weixin.qq.com/s?__biz=MzIzMTIzNTM0MA==&mid=2247496907&idx=1&sn=bf65d0102436150a0dc5482d51b5c998&chksm=e8a5fea8dfd277be56fc6d30fe19c8d65094b9ea55e1628f0c5742c243d612eee6b973167e6b&scene=58&subscene=0#rd" + }, + "Over Security - Cybersecurity news aggregator": { + "Tear Down The Castle - Part 1": "https://dfir.ch/posts/tear_down_castle_part_one/", + "Tracking Adversaries: Ghostwriter APT Infrastructure": "https://blog.bushidotoken.net/2025/01/tracking-adversaries-ghostwriter-apt.html", + "TikTok is back up in the US after Trump says he will extend deadline": "https://www.bleepingcomputer.com/news/software/tiktok-is-back-up-in-the-us-after-trump-says-he-will-extend-deadline/", + "Star Blizzard hackers abuse WhatsApp to target high-value diplomats": "https://www.bleepingcomputer.com/news/security/star-blizzard-hackers-abuse-whatsapp-to-target-high-value-diplomats/", + "TikTok shuts down in the US as Trump throws the company a lifeline": "https://www.bleepingcomputer.com/news/software/tiktok-shuts-down-in-the-us-as-trump-throws-the-company-a-lifeline/" + }, + "SANS Internet Storm Center, InfoCON: green": { + "Zero Trust and Entra ID Conditional Access, (Sun, Jan 19th)": "https://isc.sans.edu/diary/rss/31602" + }, + "ICT Security Magazine": { + "Cybercrime 2025: Nuove Sfide per la Sicurezza Digitale": "https://www.ictsecuritymagazine.com/notizie/cybercrime-2025/" + }, + "Computer Forensics": { + "Is there a way to recover the original timestamps of a folder or file in Windows?": "https://www.reddit.com/r/computerforensics/comments/1i59xff/is_there_a_way_to_recover_the_original_timestamps/", + "Hardware recommendations for a Cyber forensics student": "https://www.reddit.com/r/computerforensics/comments/1i4po0t/hardware_recommendations_for_a_cyber_forensics/" + }, + "netsecstudents: Subreddit for students studying Network Security and its related subjects": { + "Landed my first internship. What should I do to prepare? How should I set up my homelab?": "https://www.reddit.com/r/netsecstudents/comments/1i5aqac/landed_my_first_internship_what_should_i_do_to/", + "LFI on DVWA can't open script in /tmp/": "https://www.reddit.com/r/netsecstudents/comments/1i51u1q/lfi_on_dvwa_cant_open_script_in_tmp/" + }, + "Social Engineering": { + "Is there a way to see where a phone number is being held or quarantined ?": "https://www.reddit.com/r/SocialEngineering/comments/1i53r6k/is_there_a_way_to_see_where_a_phone_number_is/" + }, + "The Register - Security": { + "OpenAI's ChatGPT crawler can be tricked into DDoSing sites, answering your queries": "https://go.theregister.com/feed/www.theregister.com/2025/01/19/openais_chatgpt_crawler_vulnerability/" + }, + "Security Affairs": { + "SECURITY AFFAIRS MALWARE NEWSLETTER – ROUND 29": "https://securityaffairs.com/173232/malware/security-affairs-malware-newsletter-round-29.html", + "Security Affairs newsletter Round 507 by Pierluigi Paganini – INTERNATIONAL EDITION": "https://securityaffairs.com/173227/uncategorized/security-affairs-newsletter-round-507-by-pierluigi-paganini-international-edition.html", + "A flaw in the W3 Total Cache plugin exposes hundreds of thousands of WordPress sites to attacks": "https://securityaffairs.com/173219/security/w3-total-cache-wordpress-plugin-cve-2024-12365.html" + }, + "Hacking Exposed Computer Forensics Blog": { + "Daily Blog #721: Solution Saturday 1/18/25": "https://www.hecfblog.com/2025/01/daily-blog-721-solution-saturday-11825.html" + }, + "The Hacker News": { + "TikTok Goes Dark in the U.S. as Federal Ban Takes Effect January 19, 2025": "https://thehackernews.com/2025/01/tiktok-goes-dark-in-us-as-federal-ban.html" + }, + "TorrentFreak": { + "‘Piracy Shield’ Fails to Convert Pirates to Paying Subscribers, Data Suggest": "https://torrentfreak.com/piracy-shield-fails-to-convert-pirates-to-paying-subscribers-data-suggest-250119/" + }, + "Your Open Hacker Community": { + "How to make mail combos": "https://www.reddit.com/r/HowToHack/comments/1i5d082/how_to_make_mail_combos/", + "USB AutoRun": "https://www.reddit.com/r/HowToHack/comments/1i5613w/usb_autorun/", + "I found a huge vulnerability in a website which is live from a while, how should I proceed now?": "https://www.reddit.com/r/HowToHack/comments/1i524zp/i_found_a_huge_vulnerability_in_a_website_which/", + "Confused about the difference between Bash Shell and Bash Shell SESSION": "https://www.reddit.com/r/HowToHack/comments/1i4tyqb/confused_about_the_difference_between_bash_shell/", + "How do I start?": "https://www.reddit.com/r/HowToHack/comments/1i59myg/how_do_i_start/", + "Websites like clone a site": "https://www.reddit.com/r/HowToHack/comments/1i561mi/websites_like_clone_a_site/", + "How to scam I wanna learn for free I done go scammed tryna learn how to scam": "https://www.reddit.com/r/HowToHack/comments/1i582el/how_to_scam_i_wanna_learn_for_free_i_done_go/", + "My friends dad is a bad guy, how to hack /phish(nothing too crazy) or Rick roll him as a prank": "https://www.reddit.com/r/HowToHack/comments/1i5639j/my_friends_dad_is_a_bad_guy_how_to_hack/" + }, + "Technical Information Security Content & Discussion": { + "Windows BitLocker -- Screwed without a Screwdriver": "https://www.reddit.com/r/netsec/comments/1i54psl/windows_bitlocker_screwed_without_a_screwdriver/" + } +} \ No newline at end of file diff --git a/today.md b/today.md index 1c9a9e5c62..56a6c5e6db 100644 --- a/today.md +++ b/today.md @@ -1,291 +1,275 @@ -# 每日安全资讯(2025-01-19) +# 每日安全资讯(2025-01-20) -- 博客园 - potatso - - [ ] [linux实现macos的timeMachine系统备份 - potatso](https://www.cnblogs.com/potatso/p/18678521) - - [ ] [btrfs文件系统从原理到实践 [1] - potatso](https://www.cnblogs.com/potatso/p/18678520) - - [ ] [Git三路合并算法完全指南:优雅处理复杂冲突[2] - potatso](https://www.cnblogs.com/potatso/p/18678518) +- Private Feed for M09Ic + - [ ] [mgeeky starred orcasecurity-research/AIGoat](https://github.com/orcasecurity-research/AIGoat) + - [ ] [mgeeky starred ThomasRinsma/pdftris](https://github.com/ThomasRinsma/pdftris) + - [ ] [mgeeky starred osnr/horrifying-pdf-experiments](https://github.com/osnr/horrifying-pdf-experiments) + - [ ] [mgeeky starred ading2210/doompdf](https://github.com/ading2210/doompdf) + - [ ] [lz520520 starred xzh-dx/ZZZ-Balance_Calc](https://github.com/xzh-dx/ZZZ-Balance_Calc) + - [ ] [WafflesExploits started following M09Ic](https://github.com/M09Ic) + - [ ] [zer0yu starred sigoden/aichat](https://github.com/sigoden/aichat) + - [ ] [zer0yu started following leesh3288](https://github.com/leesh3288) + - [ ] [CHYbeta started following leesh3288](https://github.com/leesh3288) + - [ ] [INotGreen starred burpheart/hachimi](https://github.com/burpheart/hachimi) + - [ ] [safedv starred SpecterOps/Nemesis](https://github.com/SpecterOps/Nemesis) - SecWiki News - - [ ] [SecWiki News 2025-01-18 Review](http://www.sec-wiki.com/?2025-01-18) + - [ ] [SecWiki News 2025-01-19 Review](http://www.sec-wiki.com/?2025-01-19) +- Security Boulevard + - [ ] [DEF CON 32 – Exposing The Occultations In Large Off-Grid Solar Systems](https://securityboulevard.com/2025/01/def-con-32-exposing-the-occultations-in-large-off-grid-solar-systems/) + - [ ] [Legends of Music: Celebrating the Greatest Artists Across Generations Compilation](https://securityboulevard.com/2025/01/legends-of-music-celebrating-the-greatest-artists-across-generations-compilation/) + - [ ] [Confident Cybersecurity: Essentials for Every Business](https://securityboulevard.com/2025/01/confident-cybersecurity-essentials-for-every-business/) + - [ ] [Proactively Managing Cloud Identities to Prevent Breaches](https://securityboulevard.com/2025/01/proactively-managing-cloud-identities-to-prevent-breaches/) + - [ ] [How Secure Is Your PAM Strategy?](https://securityboulevard.com/2025/01/how-secure-is-your-pam-strategy/) - Doonsec's feed - - [ ] [软考信安(六)](https://mp.weixin.qq.com/s?__biz=MzkzMjYzOTc5NQ==&mid=2247484676&idx=1&sn=2198cc3fdd3be060e0584d88e273e056) - - [ ] [北美最大戒毒服务提供商BayMark遭遇数据泄露,患者信息被窃取!](https://mp.weixin.qq.com/s?__biz=MzA4NTY4MjAyMQ==&mid=2447900070&idx=1&sn=420bed34960782ce611eeb302ec48440) - - [ ] [【PWN】Edit堆溢出2.23无show函数](https://mp.weixin.qq.com/s?__biz=Mzk0NDYwOTcxNg==&mid=2247485181&idx=1&sn=9eb1f4bf24e5e5ff17f484fad2c76691) - - [ ] [2025最新黑客战争片?](https://mp.weixin.qq.com/s?__biz=MzI1Mjc3NTUwMQ==&mid=2247538493&idx=1&sn=83c7a157ccbf14e9d5b62fb6239744ba) - - [ ] [API BOM - ASPM数据关联分析纽带](https://mp.weixin.qq.com/s?__biz=MzI2NTExNzcxNQ==&mid=2247484361&idx=1&sn=8e472a7a51b24dacdf95759c0a58c4a8) - - [ ] [一款在线的免杀平台](https://mp.weixin.qq.com/s?__biz=MzU2MTc4NTEyNw==&mid=2247486329&idx=1&sn=63f5ee9fd1c43c3f8d3e3c6a5447df48) - - [ ] [《网信自主创新调研报告》编委会召开表彰大会](https://mp.weixin.qq.com/s?__biz=MzkxMzI3MzMwMQ==&mid=2247530967&idx=1&sn=6559955674ede872a826301fb8faea5b) - - [ ] [通过“Typora + PicGo + 腾讯云” 组合方法解决发布图片显示失效的问题](https://mp.weixin.qq.com/s?__biz=Mzk1NzI2NDQyMw==&mid=2247484256&idx=1&sn=398751629c02160c7518f9fe44341c1e) - - [ ] [Win11中安装Linux 教程 | WSL2的使用](https://mp.weixin.qq.com/s?__biz=MzkyMTQzNTM3Ng==&mid=2247483872&idx=1&sn=1773552c6cc692fb98d3963804a03aa9) - - [ ] [CTFSHOW渗透赛(复盘+思路延伸)](https://mp.weixin.qq.com/s?__biz=Mzg3OTUxNTU2NQ==&mid=2247489995&idx=1&sn=d62c2abc72ea72681037cb84feaea5b2) - - [ ] [vulnhub靶场【jangow靶机】,反弹shell的流量及端口选择](https://mp.weixin.qq.com/s?__biz=Mzg3OTUxNTU2NQ==&mid=2247489995&idx=2&sn=a6509021c8a5f578f22b978a23bffcf3) - - [ ] [银狐叒进化?清理不掉!一线应急响应工程师教你如何手工处理](https://mp.weixin.qq.com/s?__biz=Mzg3OTUxNTU2NQ==&mid=2247489995&idx=3&sn=34f8cda58fa253c24141b98c5589294a) - - [ ] [linux下配置python环境及库的安装](https://mp.weixin.qq.com/s?__biz=MzkzMzg3MzMyOA==&mid=2247486352&idx=1&sn=2a8faaf26319ca2e72b856efc8d613e7) - - [ ] [图解正向代理 vs 反向代理:到底有啥区别?](https://mp.weixin.qq.com/s?__biz=MzIyMzIwNzAxMQ==&mid=2649464547&idx=1&sn=f0c26c998e650cb170914046e7ed5ee4) - - [ ] [整合重新发布社区链接](https://mp.weixin.qq.com/s?__biz=MzkyNzYzNTQ2Nw==&mid=2247484042&idx=1&sn=336335efd991b9e11cab091ae61af2c6) - - [ ] [春秋杯WP | 2024春秋杯冬季赛第二天题目部分解析](https://mp.weixin.qq.com/s?__biz=MzkyNDA5NjgyMg==&mid=2247501228&idx=1&sn=4386f7eff6698e6921d12895041c9a18) - - [ ] [开源情报|国际动态|杂谈|TikTok美国封禁临近](https://mp.weixin.qq.com/s?__biz=Mzg2NTcyNjU4Nw==&mid=2247485864&idx=1&sn=1757546545462e16ba7e3a3e8b1f8688) - - [ ] [防范无人机系统(UAS)的威胁](https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247619741&idx=1&sn=fc226e9fa0bb08ad8cb89ee9b82522c7) - - [ ] [IDEA研究院:低空经济发展白皮书3.0-安全体系](https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247619741&idx=2&sn=9a281d31052b030cd47367f8938ba503) - - [ ] [低空经济启航,安全体系护航 低空经济网络安全体系化研究报告](https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247619741&idx=3&sn=7c3ab501fef20b76c4df35a1321f4b01) - - [ ] [Linux服务器中毒?教你一步步精准判断和快速处置!](https://mp.weixin.qq.com/s?__biz=MzUyNTExOTY1Nw==&mid=2247527911&idx=1&sn=8705fa0202976a1f106844025794d83c) - - [ ] [vulnhub靶场【Lampiao靶机】,提权之脏牛提权](https://mp.weixin.qq.com/s?__biz=MzAxNTg1MDYxNA==&mid=2247488884&idx=1&sn=e27d1ae2b776c935534dcebc4a7c3f1f) - - [ ] [TikTok基本没事了,都洗洗睡吧。](https://mp.weixin.qq.com/s?__biz=MzU4NDY3MTk2NQ==&mid=2247491029&idx=1&sn=994f4cf99c69bdca9d7b715d4df0d361) - - [ ] [挖掘有回显ssrf的一类隐藏payload](https://mp.weixin.qq.com/s?__biz=MzIzMTIzNTM0MA==&mid=2247496898&idx=1&sn=b6088e20a8b4fc9fbd887b900d8c5247) - - [ ] [$40,000!如何将路径遍历升级为RCE!](https://mp.weixin.qq.com/s?__biz=Mzg2ODYxMzY3OQ==&mid=2247518264&idx=1&sn=6823adc5590ea93b5292ad7b512fc377) - - [ ] [SRC专项知识库](https://mp.weixin.qq.com/s?__biz=Mzg2ODYxMzY3OQ==&mid=2247518264&idx=2&sn=92373e928418b034514387314198c93b) - - [ ] [深度揭秘SerializeJava:JAVA序列化的全能图形化利器](https://mp.weixin.qq.com/s?__biz=Mzk2NDE3NDUwNg==&mid=2247483806&idx=1&sn=79e10fffa2731ee08f850b85376b73e0) - - [ ] [推荐一款国产开源 IoT 物联网Web云组态,基于RuoYi框架和threeJS支持2D/3D大屏!](https://mp.weixin.qq.com/s?__biz=MjM5OTA4MzA0MA==&mid=2454936626&idx=1&sn=893d191291ac047b22c0fc96c5e9d837) - - [ ] [2025特朗普官宣的暴富神话!揭露 MeMe: $TRUMP 疑云](https://mp.weixin.qq.com/s?__biz=MzkwODI1ODgzOA==&mid=2247506575&idx=1&sn=bf017b2d8232732cd139ea4466043034) - - [ ] [木马反制技巧](https://mp.weixin.qq.com/s?__biz=MzkzNTYwMTk4Mw==&mid=2247488211&idx=1&sn=a4a634096a3ea78aa825239e2869897b) - - [ ] [x64 返回地址欺骗](https://mp.weixin.qq.com/s?__biz=MzAxODM5ODQzNQ==&mid=2247486365&idx=1&sn=59b5d17aa8bcd8631da39637f55d722d) - - [ ] [涉案2000万!网警成功侦破一起特大“造谣引流”网络水军案](https://mp.weixin.qq.com/s?__biz=MzA5MzU5MzQzMA==&mid=2652114079&idx=1&sn=a7d5e08a27ad369af030953529245b83) - - [ ] [21123_ctfshow_misc_原谅2xa0writeup](https://mp.weixin.qq.com/s?__biz=MzU2NzIzNzU4Mg==&mid=2247489496&idx=1&sn=40b774a412a25cde44f211e5c7716a78) - - [ ] [缘分稀薄寡淡 亲爱的 后会无期](https://mp.weixin.qq.com/s?__biz=MzkyMDY1MDI3OA==&mid=2247483792&idx=1&sn=972700e1efd505ff5174aeae2c49c989) - - [ ] [保姆级教学之sqli-labs(less39-53)](https://mp.weixin.qq.com/s?__biz=Mzk1NzQwNjQ4Ng==&mid=2247484497&idx=1&sn=3724e7de301b44949a32f68413fd58e5) - - [ ] [一次应急响应中的Windows Rootkit对抗](https://mp.weixin.qq.com/s?__biz=MzkyOTc0NDY2Nw==&mid=2247484591&idx=1&sn=1c0754974f5680a49f8844cc588eaab0) - - [ ] [SSRF](https://mp.weixin.qq.com/s?__biz=MzkwMjU5MzgzMQ==&mid=2247485221&idx=1&sn=fb4cf74dd862bc8792a0af77a45d1bdc) - - [ ] [在看 | 周报:浙江省国家安全机关破获境外间谍案;腾讯协助警方破获木马盗窃游戏账号案;江苏男子利用小程序Bug逃匿28万加油费](https://mp.weixin.qq.com/s?__biz=MzU5ODgzNTExOQ==&mid=2247634732&idx=1&sn=ae1ec8af39e315727dafdde90a2a4a6b) - - [ ] [在看 | 厂商:本周热门网络安全产业动态](https://mp.weixin.qq.com/s?__biz=MzU5ODgzNTExOQ==&mid=2247634732&idx=2&sn=d9b9e282392fc8e2701eae8eccae5e62) - - [ ] [【代码审计】WeGIA 存在前台任意文件上传漏洞 (RCE)](https://mp.weixin.qq.com/s?__biz=Mzg4MTkwMTI5Mw==&mid=2247488622&idx=1&sn=baced76f27759525c3de42cb9abd4668) - - [ ] [强力工具助你一臂之力:XXECheck–全面提升XML安全,防护XXE漏洞!](https://mp.weixin.qq.com/s?__biz=MzkzNzg4MTI0NQ==&mid=2247485359&idx=1&sn=fc0b810b0174b166b92e61fedd91fe77) - - [ ] [论坛·原创 | 特朗普第二任期美国科技外交战略展望](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235038&idx=1&sn=0985e935a77d468c9918194fcdac28b3) - - [ ] [【直卖实拍】北七家3居变4居豪装,理想楼层、户型、朝向](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485427&idx=2&sn=6b5126bf0393fde06a71c2cd046ee078) - - [ ] [【干货】笑傲职场的独家经验(1)](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485427&idx=3&sn=f03a3ae9e761fb7b6b3209a375353ff2) - - [ ] [【干货原创】实网攻防演习常态化,会带来什么变化01](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485427&idx=4&sn=160e2c5b73ca979cc0c8201d479c0362) - - [ ] [【干货原创】K12教育,鲜为人知的模式秘密](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485427&idx=5&sn=4d67208c0f0ef67418c9311336b301b2) - - [ ] [原创文章目录](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485427&idx=6&sn=54232a5bcf1946b2e632e2047a8b2dfd) - - [ ] [【安全圈】高危!rsync被爆出多个安全漏洞](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067460&idx=1&sn=7e41cdf5b76e20186089903f7171a588) - - [ ] [【安全圈】国家互联网应急中心通报两起美方对我国网络攻击事件](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067460&idx=2&sn=1eeea145994ab308cf3f78f1ca987a19) - - [ ] [【安全圈】网络安全态势研判分析报告 (2024年12月)](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067460&idx=3&sn=86d02f407c0e151d308f83282274bf31) - - [ ] [独特上篮方式突破短信发送限制上分 (企业src意外之喜系列第六集)](https://mp.weixin.qq.com/s?__biz=MzkyNDQ5NDM3OA==&mid=2247484006&idx=1&sn=93736f0bca7b3de26866dfae3775651b) - - [ ] [DVWA漏洞靶场通关手册(万字图文解析)](https://mp.weixin.qq.com/s?__biz=MzkxNjg3NTQ4NA==&mid=2247485767&idx=1&sn=93b546f9ce1febe8901087238dc96ee7) - - [ ] [方正畅享全媒体新闻采编系统 reportCenter.do SQL注入漏洞](https://mp.weixin.qq.com/s?__biz=MzkzMTcwMTg1Mg==&mid=2247490256&idx=1&sn=86fcd7775b4baa4c1dfe975633d73730) - - [ ] [智能座舱架构与芯片- 显示篇](https://mp.weixin.qq.com/s?__biz=MzIzOTc2OTAxMg==&mid=2247549130&idx=1&sn=4983ee3542adee5a9c44607ee12297ed) - - [ ] [舍弗勒与小鹏汇天签订飞行汽车动力量产协议](https://mp.weixin.qq.com/s?__biz=MzIzOTc2OTAxMg==&mid=2247549130&idx=2&sn=5be423869800bfc4aaa2ad9b0a78d086) - - [ ] [CVE-2024-53704|SonicOS SSLVPN认证绕过漏洞](https://mp.weixin.qq.com/s?__biz=Mzg2ODcxMjYzMA==&mid=2247485778&idx=1&sn=f2bab6ffd22425efb72f8b20eeeab29b) - - [ ] [CVE-2024-55591|FortiOS和FortiProxy身份认证绕过漏洞(POC)](https://mp.weixin.qq.com/s?__biz=Mzg2ODcxMjYzMA==&mid=2247485778&idx=2&sn=691f85f7d7a345f2ed5607454b84333b) - - [ ] [欢迎报名!u200b“系统0day安全”系列课程:掌握漏洞挖掘重要技能](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458588749&idx=1&sn=c07163014dddf5e352e4f3683251b0d4) - - [ ] [PWN入门:误入格式化字符串漏洞](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458588749&idx=2&sn=6fc809be9ede10a46f7d204c536cd5bf) - - [ ] [b站大事件!员工代码费尽心机前端投毒竟是为了……喷网友!](https://mp.weixin.qq.com/s?__biz=Mzk0MDY2NTY5Mw==&mid=2247485587&idx=1&sn=b807ce1fae02aa546b49dcaba6635485) - - [ ] [方正畅享全媒体新闻采编系统 screen.do SQL注入漏洞](https://mp.weixin.qq.com/s?__biz=MzkzMTcwMTg1Mg==&mid=2247490248&idx=1&sn=1eba3e69ef0279c4fc7796abe9ca32c6) - - [ ] [网警解密“黄牛”抢票“开挂秘籍”](https://mp.weixin.qq.com/s?__biz=MjM5MzMwMDU5NQ==&mid=2649170310&idx=1&sn=3de41d277ca4e38f14488d237c44844a) - - [ ] [警惕利用人工智能技术绕过图形类验证机制的新型犯罪手法](https://mp.weixin.qq.com/s?__biz=MjM5MzMwMDU5NQ==&mid=2649170310&idx=2&sn=b87113a571fafe09a5f367f860da70ac) - - [ ] [关于利用人工智能技术绕过图形类验证机制新型犯罪手法预警通报;|2025年首个满分漏洞,PoC已公布,可部署后门](https://mp.weixin.qq.com/s?__biz=MzAxMjE3ODU3MQ==&mid=2650606788&idx=1&sn=1d92761760abe35316e9dcf0f7bc34f5) - - [ ] [威胁情报的五个大坑](https://mp.weixin.qq.com/s?__biz=MzAxMjE3ODU3MQ==&mid=2650606788&idx=2&sn=484daf0b2994e2f714d24e5a26157cf2) - - [ ] [记一次从任意文件下载到getshell](https://mp.weixin.qq.com/s?__biz=MzAxMjE3ODU3MQ==&mid=2650606788&idx=3&sn=aaf92b43e956eaffc7241caf6886f23c) - - [ ] [Telegram中进行开源情报调查的高级插件](https://mp.weixin.qq.com/s?__biz=MzAxMjE3ODU3MQ==&mid=2650606788&idx=4&sn=1aa5faf3a41536f88bb7bb582e4d5a50) - - [ ] [【吃瓜】u200b好消息,发年终奖了!坏消息,是员工给公司发的!](https://mp.weixin.qq.com/s?__biz=MzAwMjQ2NTQ4Mg==&mid=2247496665&idx=1&sn=6063f45192263e8c1f815ea46581b3a5) - - [ ] [【学习经验分享】给准大学生的CS-学习路线](https://mp.weixin.qq.com/s?__biz=MzAwMjQ2NTQ4Mg==&mid=2247496665&idx=2&sn=3643759c625630dbed305166d77df167) - - [ ] [第八届西湖论剑·中国杭州网络安全安全技能大赛CTF夺旗赛PWN题部分题解](https://mp.weixin.qq.com/s?__biz=Mzk1NzE2Mjc5Mg==&mid=2247484167&idx=1&sn=6806195fc3e8995d3b15490fa64323ba) - - [ ] [喵苗安全专家组推荐的40个云原生安全RSS订阅源](https://mp.weixin.qq.com/s?__biz=Mzg5MjkwODc4MA==&mid=2247485914&idx=1&sn=e83a2e64c022f8340af0b0598edecd30) - - [ ] [小心!“间谍”正在潜入你的手机](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235038&idx=3&sn=8d7fbaf443b0a9525f6d4b1be446e0a2) - - [ ] [密评科普系列(一)——什么是商业密码?](https://mp.weixin.qq.com/s?__biz=MzI5NTM4OTQ5Mg==&mid=2247633889&idx=2&sn=d7f62b2504acb3f1a969fe71fc163630) - - [ ] [专家解读 | 强化数据标注基地引领作用 带动数据标注产业高质量发展](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235038&idx=2&sn=faf2a988fedc8924e65ab9c9bcbbafa5) - - [ ] [国际 | 越南个人数据跨境传输规则](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235038&idx=4&sn=d5d670e02e6690a029cf91ba98894c4b) - - [ ] [微信支付存漏洞?用户被异地刷脸支付成功,官方回应](https://mp.weixin.qq.com/s?__biz=MzI5NTM4OTQ5Mg==&mid=2247633889&idx=5&sn=0eaed00ffbd92d4c0652fd3e9340e6f4) - - [ ] [美国商务部十年战略规划公布,致力维护国家安全](https://mp.weixin.qq.com/s?__biz=MzI1OTExNDY1NQ==&mid=2651618687&idx=1&sn=982c6522eca5a4b53edea248ad0f7414) - - [ ] [【工具】全球有组织犯罪指数](https://mp.weixin.qq.com/s?__biz=MzI2MTE0NTE3Mw==&mid=2651148608&idx=1&sn=dcde5ba6b230d8fa0b9ffbd97091e78a) - - [ ] [【资料】拜登告别演讲](https://mp.weixin.qq.com/s?__biz=MzI2MTE0NTE3Mw==&mid=2651148608&idx=2&sn=03f1e0c2e178ad80175a035485141a01) - - [ ] [奇安信:被禁 3 年!!](https://mp.weixin.qq.com/s?__biz=MzkxMzMyNzMyMA==&mid=2247569813&idx=1&sn=ab6a255c9dd15cdb7906c67e2fbece7a) - - [ ] [如何用 Wireshark 高效过滤 TCP 数据流](https://mp.weixin.qq.com/s?__biz=MzA5NTUxODA0OA==&mid=2247493116&idx=1&sn=dfbaf2961d5fee876867d903dee25b52) - - [ ] [海南发布商超消费领域个人信息保护合规指引,以加强个人信息保护](https://mp.weixin.qq.com/s?__biz=MzIxMDIwODM2MA==&mid=2653931451&idx=1&sn=0066d975abd60b07ce49c4fbcecbab38) - - [ ] [江苏银行多场景应用大模型,风控能力得到提升](https://mp.weixin.qq.com/s?__biz=MzIxMDIwODM2MA==&mid=2653931451&idx=2&sn=965d5c8f64b9c296a4f9d74e86f1c330) - - [ ] [美日韩联合警告加密货币行业防范朝鲜黑客攻击](https://mp.weixin.qq.com/s?__biz=MzI0MTE4ODY3Nw==&mid=2247492524&idx=1&sn=19d57828e503df304caf2618802d9d27) - - [ ] [SerializeJava-反序列图形化工具](https://mp.weixin.qq.com/s?__biz=Mzk0Mjg4MTQxMw==&mid=2247485694&idx=1&sn=f76d44c9fed7879f6d328bd16a49ac51) - - [ ] [你是否有个忘不掉的它](https://mp.weixin.qq.com/s?__biz=MzkwNDg4MTg5MQ==&mid=2247483853&idx=1&sn=7b77e7dc2bbf210e25ce19dda9332afe) - - [ ] [.NET 第55期红队武器库和资源汇总](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498306&idx=1&sn=672a2a2f57cabb2ce04be6ff29129beb) - - [ ] [国内最专业、最全面的 [ .NET 代码审计 ] 体系化学习交流社区](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498306&idx=2&sn=4c2323d1570eb3b825a6a04eb4520b72) - - [ ] [一种通过 .NET 启动 cmd.exe 的新方法](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498306&idx=3&sn=d5276b7bf7380ce889dc125627631a94) - - [ ] [限量领取!篝火信安蛇年定制红包封面派发中!](https://mp.weixin.qq.com/s?__biz=MzIyNzc3OTMzNw==&mid=2247485751&idx=1&sn=387c2d0644a19e8ecf94580734091cf8) - - [ ] [无问社区|春节大放送](https://mp.weixin.qq.com/s?__biz=MzkzODUzMjA1MQ==&mid=2247484823&idx=1&sn=79c8d9e62761290554ec8eda780fba9c) - - [ ] [分享图片](https://mp.weixin.qq.com/s?__biz=MzkzMDE3ODc1Mw==&mid=2247488944&idx=1&sn=09e4fe21af1fcba3e404660f9d7b32e4) - - [ ] [棉花糖定制手绘红包封面来啦!](https://mp.weixin.qq.com/s?__biz=MzkyOTQzNjIwNw==&mid=2247491430&idx=1&sn=cdd4119a2717173ed1a7f67471f50bd5) - - [ ] [2025年微信「红包封面」第一弹,快查收!](https://mp.weixin.qq.com/s?__biz=Mzk0MTIzNTgzMQ==&mid=2247519221&idx=1&sn=3f456dc497d02c7fb2d6610a1a2afcad) - - [ ] [关于公众号更新以及回复私信的一些事](https://mp.weixin.qq.com/s?__biz=MzkyMDY1MDI3OA==&mid=2247483788&idx=1&sn=93bb002b5b0c0556d46898897a1712a1) - - [ ] [【公开课】晚八点App渗透逆向公开课!](https://mp.weixin.qq.com/s?__biz=MzkxMTUwOTY1MA==&mid=2247490013&idx=1&sn=fda955efd9e128551daa7934f3c0be7b) - - [ ] [Graphql内审查询漏洞分析](https://mp.weixin.qq.com/s?__biz=Mzg4NDg3NjE5MQ==&mid=2247485250&idx=1&sn=cc481b4d430eb2516b235f762c1047cb) - - [ ] [网安一哥发布业绩预告:预计2024年实现营业收入42亿元到45亿元](https://mp.weixin.qq.com/s?__biz=MzUzNjkxODE5MA==&mid=2247488099&idx=1&sn=d6b09346c9c833d04429738908b67944) - - [ ] [一文读懂 Spring 动态代理](https://mp.weixin.qq.com/s?__biz=Mzg4NDY4Mzk3Mw==&mid=2247485498&idx=1&sn=fdb55a27c1ccc7ed9b0326e73e2a649c) - - [ ] [水水水水~~~~](https://mp.weixin.qq.com/s?__biz=MzkxNzY5MTg1Ng==&mid=2247485516&idx=1&sn=a776993f5320c5be544d0f4d1162a06a) - - [ ] [零信任安全,为什么它在当今的威胁环境中至关重要](https://mp.weixin.qq.com/s?__biz=MzA4MzMzOTQ4Mw==&mid=2453672500&idx=1&sn=3ba70755a11d2fd325341b128d2ca7ec) - - [ ] [评论 | 走出应用程序自动扣费的“消费陷阱”](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235038&idx=5&sn=27d2dc92bc541ae96838413ce948ac9c) - - [ ] [安恒信息发布业绩预告,预计2024年年度实现归属于母公司所有者的净利润为-2.2亿元到-1.6亿元](https://mp.weixin.qq.com/s?__biz=MzUzNjkxODE5MA==&mid=2247488091&idx=1&sn=0e3fae68f54835d405aee94c848122e9) - - [ ] [今晚八点App渗透逆向公开课!](https://mp.weixin.qq.com/s?__biz=Mzg3NTk4MzY0MA==&mid=2247487962&idx=1&sn=ebbeeaf7d4f783318725119d4ad97f31) - - [ ] [有人和无人复杂作战系统:概念、能力和战例(9500字干货)](https://mp.weixin.qq.com/s?__biz=MzkyMjY1MTg1MQ==&mid=2247491542&idx=1&sn=0ffc93f646e632e9845622e638f60904) - - [ ] [国外“战场战训数据库”利用研究(韩军视角)](https://mp.weixin.qq.com/s?__biz=MzkyMjY1MTg1MQ==&mid=2247491542&idx=2&sn=0b63c5e22c65c5a3b42ae1dd76e5bc7f) - - [ ] [在盟国领土上进行海外作战:美军在印太地区面临的挑战和机遇(2024兰德最新报告)](https://mp.weixin.qq.com/s?__biz=MzkyMjY1MTg1MQ==&mid=2247491542&idx=3&sn=c182630cad08f8732d501929c6fe2611) - - [ ] [2024兰德报告《将中美台海冲突控制在核门槛以下(第4卷):通过分析战略理论、历史案例和原创分析框架设想首先使用核武器的路径》](https://mp.weixin.qq.com/s?__biz=MzkyMjY1MTg1MQ==&mid=2247491542&idx=4&sn=452931cd6f0c10c818eb4f489d5f6da0) - - [ ] [2024兰德报告《将中美台海冲突控制在核门槛以下(第3卷):u200b中-国不断发展的核战略和核使用阈值及其未来风险因素》](https://mp.weixin.qq.com/s?__biz=MzkyMjY1MTg1MQ==&mid=2247491542&idx=5&sn=e5c5c264c1288570849e547e98aa7af4) - - [ ] [2024兰德报告《将中美台海冲突控制在核门槛以下(第2卷):u200b调查美国常规联合远程打击能力、作战目标和部署决策》](https://mp.weixin.qq.com/s?__biz=MzkyMjY1MTg1MQ==&mid=2247491542&idx=6&sn=408d8cfe126b94e1a6a48bff1eeb4b28) - - [ ] [2024兰德报告《将中美台海冲突控制在核门槛以下(第1卷):美国常规联合远程打击升级管理理念概述》](https://mp.weixin.qq.com/s?__biz=MzkyMjY1MTg1MQ==&mid=2247491542&idx=7&sn=de191e6550e6c769b0bec6abcabf84f4) - - [ ] [新型手法|Telegram 假 Safeguard 骗局](https://mp.weixin.qq.com/s?__biz=MzU4ODQ3NTM2OA==&mid=2247500978&idx=1&sn=8d502d81ee56971fac26b35e70b49081) - - [ ] [STH-RPC识别短期底部](https://mp.weixin.qq.com/s?__biz=MzI3NTcwNTQ2Mg==&mid=2247487603&idx=1&sn=c80291f3e5df7a556fee023c857bd9e4) - - [ ] [【中文调教】免费开源不限量!让 AI 生成高质量 4k 定制图片](https://mp.weixin.qq.com/s?__biz=MzkwODI1ODgzOA==&mid=2247506565&idx=1&sn=0d2c7468fe8213f063154297c0a70895) - - [ ] [公众号交流二群建立了!快来扫码加入](https://mp.weixin.qq.com/s?__biz=MzkwODI1ODgzOA==&mid=2247506565&idx=2&sn=5726611666b67db6aca8251fd26ce47d) - - [ ] [无问社区 | 网安技术资源派送(文末福利)](https://mp.weixin.qq.com/s?__biz=MzkzNDQ0MDcxMw==&mid=2247487155&idx=1&sn=e865c23ab316942e34f7a4e11f209276) - - [ ] [特朗普 x 账号疑似被黑](https://mp.weixin.qq.com/s?__biz=MzkzNDIzNDUxOQ==&mid=2247494382&idx=1&sn=8ddba3acf29f8fc6650c7e46e18b1a6d) - - [ ] [一次通用cnvd案例分享](https://mp.weixin.qq.com/s?__biz=MzkzNTQwNjQ4OA==&mid=2247484053&idx=1&sn=f2f7d10b6cf4337e7ab2212e103f702a) - - [ ] [ChatGPT如何指导知识产权法论文选题,掌握5步精准指南。](https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247493243&idx=1&sn=8f30acca6c4f3b2b6179a8656d558eef) - - [ ] [ChatGPT审核新闻学论文的内部高阶攻略,0经验小白也能轻松找出问题!](https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247493243&idx=2&sn=b529bb3e05fe0200e1b590d4801b1696) - - [ ] [chatgpt视角下的野生动物论文文献综述写作核心攻略。](https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247493243&idx=3&sn=d73f224f40a8c4f610df81cd00335551) - - [ ] [ChatGPT挖掘拉丁语学术论文的9大神仙技巧,学院派必看!](https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247493243&idx=4&sn=7218911d39ff15c8a82b86c5852a968a) - - [ ] [ChatGPT完美助攻,中西医结合论文3天确定逆天选题攻略!](https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247493243&idx=5&sn=b4509068ccdeab0b99c827ee299c55d7) - - [ ] [赛欧思一周资讯分类汇总(2025-01-13 ~ 2025-01-18)](https://mp.weixin.qq.com/s?__biz=MzU0MjE2Mjk3Ng==&mid=2247488416&idx=1&sn=3256d8d3ec398a11297f623fdceef5d2) - - [ ] [Java安全小记-Commons-Collections4反序列化](https://mp.weixin.qq.com/s?__biz=Mzk0ODY1NzEwMA==&mid=2247485860&idx=1&sn=1b65d29dbab6339bc7842474a6211475) - - [ ] [DataCon2024解题报告WriteUp—漏洞分析赛道](https://mp.weixin.qq.com/s?__biz=MzU5Njg1NzMyNw==&mid=2247489123&idx=1&sn=228fa0630cebdc58c6b961b96752dc2f) - - [ ] [中国工程院院士邬贺铨:五方面发力推动信息通信业高质量发展](https://mp.weixin.qq.com/s?__biz=Mzg4MDU0NTQ4Mw==&mid=2247528734&idx=1&sn=354275495b32bddb78bfb6b94a93340d) - - [ ] [国家数据基础设施建设的四个核心问题](https://mp.weixin.qq.com/s?__biz=Mzg4MDU0NTQ4Mw==&mid=2247528734&idx=2&sn=3af167a316f4c6b8b3444a3fc509a2e7) - - [ ] [Proton Mail宕机–大规模中断后服务恢复](https://mp.weixin.qq.com/s?__biz=Mzg2NjY2MTI3Mg==&mid=2247498269&idx=1&sn=6ddb964e3a74df8b9bde7aca97752ef8) - - [ ] [吃瓜,某安一哥起诉某公众号索赔50W](https://mp.weixin.qq.com/s?__biz=Mzk0MzY3MDE5Mg==&mid=2247483932&idx=1&sn=d275d1d865bc82ea56279c6c9c584cd5) - - [ ] [泰晓资讯xa0:xa02025xa0年 1xa0月xa0第xa0二xa0期](https://mp.weixin.qq.com/s?__biz=MzA5NDQzODQ3MQ==&mid=2648194552&idx=1&sn=4b6885310a604cf16f4bc2e14b62287b) - - [ ] [OSDT Weekly 2025-01-15 第289期](https://mp.weixin.qq.com/s?__biz=MzA5NDQzODQ3MQ==&mid=2648194552&idx=2&sn=601b0cc0dc7df856c714123d5adfc94f) - - [ ] [拜登政府AI出口管制破坏秩序与对我的影响](https://mp.weixin.qq.com/s?__biz=MzkwNzM0NzA5MA==&mid=2247504300&idx=2&sn=412c2f98c4028c9f8d6a19833bafdc80) - - [ ] [中吉乌铁路:重塑中亚地缘政治经济格局与国际态度演变](https://mp.weixin.qq.com/s?__biz=MzkwNzM0NzA5MA==&mid=2247504300&idx=3&sn=5f8a05ad7afaf072d44c05829dff3f95) - - [ ] [安天AVL SDK反病毒引擎升级通告(20250118)](https://mp.weixin.qq.com/s?__biz=MjM5MTA3Nzk4MQ==&mid=2650209597&idx=1&sn=91ede5437c5fc60e6c3084c81753784d) - - [ ] [Nuclei POC 管理工具(附POC地址)](https://mp.weixin.qq.com/s?__biz=Mzg5OTg5NzMzMA==&mid=2247484176&idx=1&sn=f4be63e1e0f295963d861967f27eb595) - - [ ] [浏览器取证实战](https://mp.weixin.qq.com/s?__biz=Mzg3NTU3NTY0Nw==&mid=2247489510&idx=1&sn=65afe75391c1243ba91da9dfaf11fced) - - [ ] [AI+代码审计??代码审计新工具内测来了!](https://mp.weixin.qq.com/s?__biz=MzkzMzczODA0OQ==&mid=2247484066&idx=1&sn=71685fde2af3a483cf290a5f14e1c140) - - [ ] [渗透测试 | 某系统垂直越权漏洞的挖掘](https://mp.weixin.qq.com/s?__biz=Mzk0Mzc1MTI2Nw==&mid=2247487115&idx=1&sn=338d1d8129bc7b7f75ae6ad22e4cef7e) - - [ ] [如何利用 OSINT 解决价值 1100 亿美元的商店盗窃问题](https://mp.weixin.qq.com/s?__biz=MzkxMDIwMTMxMw==&mid=2247494428&idx=1&sn=6c841e5efe7e16262098d12e617933c3) -- Private Feed for M09Ic - - [ ] [safedv starred hlldz/Phant0m](https://github.com/hlldz/Phant0m) - - [ ] [safedv starred D3Ext/Hooka](https://github.com/D3Ext/Hooka) - - [ ] [mgeeky starred rainerzufalldererste/windows_x64_shellcode_template](https://github.com/rainerzufalldererste/windows_x64_shellcode_template) - - [ ] [HuYlllc pushed to v0.0.4dev in chainreactors/malice-network](https://github.com/chainreactors/malice-network/compare/95cb131373...ace33f01f9) - - [ ] [mgeeky starred SpecterOps/Nemesis](https://github.com/SpecterOps/Nemesis) - - [ ] [CHYbeta starred louislam/dockge](https://github.com/louislam/dockge) - - [ ] [huoji120 started following SamuelTulach](https://github.com/SamuelTulach) - - [ ] [esrrhs starred tomhea/c2fj](https://github.com/tomhea/c2fj) - - [ ] [esrrhs starred tomhea/flip-jump](https://github.com/tomhea/flip-jump) - - [ ] [mgeeky starred cainiao1992/ollvm-mingw](https://github.com/cainiao1992/ollvm-mingw) + - [ ] [关键基础设施的安全考虑](https://mp.weixin.qq.com/s?__biz=MzA5MTYyMDQ0OQ==&mid=2247493529&idx=1&sn=4c1cf032bc2b046882889572dc04b067) + - [ ] [tiktok周一大概能重新使用了,特朗普打算签署行政令延长执行tiktok封禁时间](https://mp.weixin.qq.com/s?__biz=MzkzNDIzNDUxOQ==&mid=2247494412&idx=1&sn=253cee4f3c8a0420dcbc3ec02bee9042) + - [ ] [【突发】TikTok活了!周一在美国重新上线!](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485441&idx=1&sn=f2bc12348ab97d3c67b9cf98543807b0) + - [ ] [北七家-未来科学城,3居变4居豪装,理想楼层/户型/朝向](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485441&idx=2&sn=c3a974c73650dc694ab6fcab9c2b19df) + - [ ] [【干货】笑傲职场的独家经验(1)](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485441&idx=3&sn=171db4e77140738cf00fca3ad26dd309) + - [ ] [【干货原创】实网攻防演习常态化,会带来什么变化01](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485441&idx=4&sn=bfc50e69d91c6225e84b24ca06f3db88) + - [ ] [【干货原创】K12教育,鲜为人知的模式秘密](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485441&idx=5&sn=9533a0184971fd9587be72fd4d1d2f43) + - [ ] [原创文章目录](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485441&idx=6&sn=ae2a503c48e99a60e33e130995467a69) + - [ ] [C++ 运算符](https://mp.weixin.qq.com/s?__biz=MzA3NDE0NTY0OQ==&mid=2247484051&idx=1&sn=caca830ad2ccfa12f9438d6dba5b3d00) + - [ ] [每日专业英语4-Clip Art](https://mp.weixin.qq.com/s?__biz=MzA3NDE0NTY0OQ==&mid=2247484051&idx=2&sn=b38e18403f99796e4ac4ad0df813d3c7) + - [ ] [“你的第二大脑:Obsidian让思维飞跃的秘诀”](https://mp.weixin.qq.com/s?__biz=Mzk2NDE5MDgxOQ==&mid=2247484539&idx=1&sn=2422bfc70b1879482a8b50bb52e9ecac) + - [ ] [原创—结合第四维度牛顿物理学谈少吃肉吃肉遭报应,少骂人欺负人害人,迟早遭报应](https://mp.weixin.qq.com/s?__biz=Mzg4NzAwNzA4NA==&mid=2247485078&idx=1&sn=b22b1c50c99887e060c6324d1aaf1e84) + - [ ] [应急响应神器!全面提升Windows系统安全的秘密武器](https://mp.weixin.qq.com/s?__biz=MzU2MTc4NTEyNw==&mid=2247486354&idx=1&sn=7a32c45a376457f19c95a166517157cd) + - [ ] [资料共享 |《银行保险机构数据安全实践指南(2024)》附下载链接](https://mp.weixin.qq.com/s?__biz=MzkzMDY2MDA2Ng==&mid=2247485865&idx=1&sn=849f1ffdbbf4aa62260d54b499344e78) + - [ ] [梦里挖edu src的步骤](https://mp.weixin.qq.com/s?__biz=Mzk0NTg3ODYxNg==&mid=2247485081&idx=1&sn=118dc9ec93b8776d4fd28b1acbb90a5a) + - [ ] [一家安全企业,到底需要多少人?](https://mp.weixin.qq.com/s?__biz=MzAxOTk3NTg5OQ==&mid=2247492199&idx=1&sn=f23ba361ea986537312e24f3de2d9f8a) + - [ ] [推荐一款轻量级且实用的Elasticsearch GUI管理工具elasticvue](https://mp.weixin.qq.com/s?__biz=MzU2MjU1OTE0MA==&mid=2247499652&idx=1&sn=f3d17ffd8145ef57500e071f588dfbc3) + - [ ] [安全圈最被低估的10个神器:一个比一个强大,大佬都在偷偷用!](https://mp.weixin.qq.com/s?__biz=MzI5MjY4MTMyMQ==&mid=2247489723&idx=1&sn=deabf0c25cb271145e18f3909c9cf6c1) + - [ ] [春秋杯WP | 2024春秋杯冬季赛第三天题目部分解析](https://mp.weixin.qq.com/s?__biz=MzkyNDA5NjgyMg==&mid=2247501315&idx=1&sn=d85a30ae678cadbcaa0d69068c18dc6d) + - [ ] [【相关分享】2024春秋杯冬季赛三日Writeup汇总(部分)](https://mp.weixin.qq.com/s?__biz=Mzk0OTUwNTU5Nw==&mid=2247488648&idx=1&sn=dfbb1c72ee4b04ed418652dae9c995d6) + - [ ] [2025 西湖论剑 Writeup](https://mp.weixin.qq.com/s?__biz=Mzg2OTcyODc1OA==&mid=2247488609&idx=1&sn=aa926bf3d6d405d7066fbe28778c457f) + - [ ] [oscp之Kioptrix Level 1靶场](https://mp.weixin.qq.com/s?__biz=Mzk1NzIyODczMA==&mid=2247483766&idx=1&sn=f0beaee5a096f4fb94efc0c4b7b2c7ac) + - [ ] [oscp之Kioptrix Level 2靶场](https://mp.weixin.qq.com/s?__biz=Mzk1NzIyODczMA==&mid=2247483764&idx=1&sn=af510dde395b41a55371c38779e56003) + - [ ] [oscp之Kioptrix Level 3靶场](https://mp.weixin.qq.com/s?__biz=Mzk1NzIyODczMA==&mid=2247483763&idx=1&sn=6ed48b5384dfeb14a4ae2a424ecaa3e9) + - [ ] [新年红包封面派送第一波—6000发,先到先得~](https://mp.weixin.qq.com/s?__biz=Mzg4MTU4NTc2Nw==&mid=2247495119&idx=1&sn=a142f6c2c5b78db448c8e81bdf6959d2) + - [ ] [Spring Boot SpEL表达式注入](https://mp.weixin.qq.com/s?__biz=Mzg4MTU4NTc2Nw==&mid=2247495119&idx=2&sn=37204cbd2cf1d2f0cb8f26b27cbe8757) + - [ ] [x64 调用栈欺骗](https://mp.weixin.qq.com/s?__biz=MzAxODM5ODQzNQ==&mid=2247486407&idx=1&sn=1609112b647f5e4c95d0e5958a985c8c) + - [ ] [俄罗斯关联APT组织UAC-0063利用HATVIBE恶意软件对哈萨克斯坦发起“双击”间谍行动](https://mp.weixin.qq.com/s?__biz=Mzg3OTYxODQxNg==&mid=2247485624&idx=1&sn=63ef0a4493ed5749992be4e4b7e5ffef) + - [ ] [深度调查:图像情报核验缅甸某区域遭轰炸事件](https://mp.weixin.qq.com/s?__biz=Mzg3MDczNjcyNA==&mid=2247488900&idx=1&sn=cec8f81ae56b0b667a205ad766923cd9) + - [ ] [2024 Kali Linux黑客系统定制化魔改](https://mp.weixin.qq.com/s?__biz=MzkzMzg3MzMyOA==&mid=2247486370&idx=1&sn=b8d4e339cb57e68785ffd6573bf86755) + - [ ] [内推|合肥急招驻场渗透测试工程师,要求年前交接,年后正式进场,速投!](https://mp.weixin.qq.com/s?__biz=Mzg5MDA5NzUzNA==&mid=2247489269&idx=1&sn=92888448b0baaf4112e0033ad9d0cd2b) + - [ ] [西湖论剑 2025 Writeup](https://mp.weixin.qq.com/s?__biz=MzU3ODc2NTg1OA==&mid=2247491623&idx=1&sn=6c35eb67c2add8c4817f04ce45bc1faf) + - [ ] [星悦安全公开交流2群已建立,速加!](https://mp.weixin.qq.com/s?__biz=Mzg4MTkwMTI5Mw==&mid=2247488647&idx=1&sn=0b0eea18675e615be66f07438d6d30fa) + - [ ] [$40,000的RCE!](https://mp.weixin.qq.com/s?__biz=MzIzMTIzNTM0MA==&mid=2247496907&idx=1&sn=bf65d0102436150a0dc5482d51b5c998) + - [ ] [加密货币交易所之OKX](https://mp.weixin.qq.com/s?__biz=MzkyNzYzNTQ2Nw==&mid=2247484081&idx=1&sn=f9961b67353a7f332dfef8dd36d8990a) + - [ ] [【资料】拟任美国中央情报局局长的拉特克利夫及其家人](https://mp.weixin.qq.com/s?__biz=MzI2MTE0NTE3Mw==&mid=2651148624&idx=1&sn=576c40259107f8aabc30212443488fee) + - [ ] [2024年度总结 | 网络安全社团的蜕变与前行](https://mp.weixin.qq.com/s?__biz=MzU3MDU5NTA1MQ==&mid=2247499687&idx=1&sn=a30f484f51a78c72dcc13934cab0416e) + - [ ] [工具推荐 Windows应急响应的得力助手-Hawkeye](https://mp.weixin.qq.com/s?__biz=Mzg3OTUxNTU2NQ==&mid=2247490004&idx=1&sn=c71efdc86fe2c3d43d7909ea025b9a49) + - [ ] [SSRF](https://mp.weixin.qq.com/s?__biz=Mzg3OTUxNTU2NQ==&mid=2247490002&idx=1&sn=e641f844e1d2db88d1e130d70cf87c97) + - [ ] [一次通用cnvd案例分享](https://mp.weixin.qq.com/s?__biz=Mzg3OTUxNTU2NQ==&mid=2247490002&idx=2&sn=d5528443216703026dbb5befe50a87c2) + - [ ] [【麦当劳|金拱门双人桶【祝你今年金拱门】【可配送】|多店可用】](https://mp.weixin.qq.com/s?__biz=Mzg3OTUxNTU2NQ==&mid=2247490002&idx=3&sn=06d37b661e8a81b5a804820a09d902eb) + - [ ] [记一次CNNVD通用漏洞证书挖掘](https://mp.weixin.qq.com/s?__biz=MzkyMDY1MDI3OA==&mid=2247483794&idx=1&sn=31e5bf60bafe8e52c06509a0827328b2) + - [ ] [公众号交流三群建立了!快来扫码加入](https://mp.weixin.qq.com/s?__biz=MzkwODI1ODgzOA==&mid=2247506590&idx=1&sn=1ea25d3d719803180b9a2b6d047b799d) + - [ ] [渗透攻防武器库,最后一波了!hacker](https://mp.weixin.qq.com/s?__biz=Mzk0ODM0NDIxNQ==&mid=2247493317&idx=1&sn=f2cdb4363ec6b28c0ca9811ec6899711) + - [ ] [【靶场合集】CTF-2024春秋杯冬季赛:easy_code](https://mp.weixin.qq.com/s?__biz=Mzk0ODM0NDExMg==&mid=2247484553&idx=1&sn=71339b1dc0ce698595ada4e5c686c983) + - [ ] [驾驶舱域控制器虚拟化平台的运行时安全](https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247619796&idx=1&sn=2b4afa38d99946f5b8aa6907c5c8d58e) + - [ ] [GB_T 44778-2024 汽车诊断接口信息安全技术要求及试验方法](https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247619796&idx=2&sn=00be9fb4e3587ff3c7ef45f098acad21) + - [ ] [功能安全和信息安全的挑战:设计功能安全与信息安全之间的流程接口](https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247619796&idx=3&sn=e571a326437e3343d9e100a2d854a8cb) + - [ ] [保姆级教学之sqli-labs(less54-65)](https://mp.weixin.qq.com/s?__biz=Mzk1NzQwNjQ4Ng==&mid=2247484551&idx=1&sn=94fd6238c052ac5fbfcd501a9b205100) + - [ ] [2024年公众号赞赏计划说明](https://mp.weixin.qq.com/s?__biz=MzU1NDkwMzAyMg==&mid=2247502667&idx=1&sn=9e980805fcf6f1fa7a39ce857c57159a) + - [ ] [红包封面](https://mp.weixin.qq.com/s?__biz=MzI3NzI4OTkyNw==&mid=2247489545&idx=1&sn=61afc62a4e4f2bc26d23c139406b90d4) + - [ ] [域渗透系列 - 通过 DNS 进行Kerberos Relay](https://mp.weixin.qq.com/s?__biz=MzkyNzQzNzc3OQ==&mid=2247484366&idx=1&sn=319ac331499931353829a877e7b50aa8) + - [ ] [国家互联网应急中心通报两起美方对我国网络攻击事件](https://mp.weixin.qq.com/s?__biz=MzAxMjE3ODU3MQ==&mid=2650606800&idx=2&sn=f168ef1b7124f595f365e6c984b29b5a) + - [ ] [盲盒=赌具?你以为的“盲盒游戏”实际上是一场网络赌博!](https://mp.weixin.qq.com/s?__biz=MzI0NzE4ODk1Mw==&mid=2652094640&idx=2&sn=fe86741e8142c1c02ff5237d0cfbdb01) + - [ ] [强的飞起!推荐一款国产源码交付,IoT农业灌溉/大田监控项目接单神器,轻松搭建智慧农业物联网平台](https://mp.weixin.qq.com/s?__biz=MjM5OTA4MzA0MA==&mid=2454936646&idx=1&sn=f82de9b38d8d99b32477ffb454c02677) + - [ ] [【安全圈】可能对企业产生严重影响:字节跳动飞书海外版Lark也将在美国市场停止运营](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067480&idx=1&sn=c2d0bb267baf11570d6e3253fa3ff4fe) + - [ ] [【安全圈】微软已经修复Microsoft 365在Windows Server 2016/2019上崩溃的问题](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067480&idx=2&sn=e94b5cb3a624cdca3e6452bf7c79d7a8) + - [ ] [【安全圈】FTC 要求通用汽车停止收集和销售驾驶员数据](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067480&idx=3&sn=220a3c1eb7166bba53400942dfa9cab1) + - [ ] [【安全圈】CL-UNK-0979 利用 Ivanti Connect Secure 中的零日漏洞获取网络访问权限](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067480&idx=4&sn=8dc7094933166fceeb2e467f38e23545) + - [ ] [抽奖啦!](https://mp.weixin.qq.com/s?__biz=MzkwMDQ4MDU2MA==&mid=2247484428&idx=1&sn=4597cfcde4c09ed5ac897164ad30f5e7) + - [ ] [【CobaltStrike】CS4.9.1 特战版 | 自破解+二开+BUG修复+配置优化](https://mp.weixin.qq.com/s?__biz=Mzg5NzUyNTI1Nw==&mid=2247496347&idx=1&sn=80922d559ccaec11588d8ba216b8a118) + - [ ] [AutoSar——28通讯控制](https://mp.weixin.qq.com/s?__biz=MzIzOTc2OTAxMg==&mid=2247549131&idx=1&sn=47986fbf719434864b857903c3f75893) + - [ ] [车载以太网与CAN通信之间的区别](https://mp.weixin.qq.com/s?__biz=MzIzOTc2OTAxMg==&mid=2247549131&idx=2&sn=529ff1a8d6e0e5c362e89a69dfc580b8) + - [ ] [大路:高速中国里的工地纪事](https://mp.weixin.qq.com/s?__biz=MzUzMjQyMDE3Ng==&mid=2247487918&idx=1&sn=62fa743b6f7cd093a352b0917f89a0e8) + - [ ] [知识星球xa0|xa02024网安报告大合集发布;API安全影响、网安战略技术等资源更新](https://mp.weixin.qq.com/s?__biz=MzU5ODgzNTExOQ==&mid=2247634752&idx=1&sn=47de4a43e1fc9566de098c763aa7fd6e) + - [ ] [以太网三大链路类型对比:如何选择Access、Trunk或Hybrid?](https://mp.weixin.qq.com/s?__biz=MzIyMzIwNzAxMQ==&mid=2649464561&idx=1&sn=c2bc71bfe1f649400cf47ed28a2989f6) + - [ ] [揭秘俄罗斯人力情报的全新布局](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650559015&idx=1&sn=37962d35fd4ae69a3f4a81abdff654e7) + - [ ] [渗透测试信息收集指南](https://mp.weixin.qq.com/s?__biz=Mzk0Mjg4MTQxMw==&mid=2247485699&idx=1&sn=4fd6df9190ce90e533d1295d9cf63761) + - [ ] [网络工程师:如何在职场中越老越吃香?掌握这几点,你也能越老越牛!](https://mp.weixin.qq.com/s?__biz=MzUyNTExOTY1Nw==&mid=2247527921&idx=1&sn=63a793fb3dda03d616d12f4df6d2bcfc) + - [ ] [终究是比不过天赋型选手](https://mp.weixin.qq.com/s?__biz=MzIxMTg1ODAwNw==&mid=2247500453&idx=1&sn=1626f0950b23540cba8a39155a446362) + - [ ] [ChatGPT快速审定保险学论文的内部高阶攻略:让论文问题无处藏身!](https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247493244&idx=1&sn=639ee3363c8eaf632543afb9f20f9893) + - [ ] [ChatGPT快速审核比较教育学论文的内部命令指南,1分钟洞察论文问题!](https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247493244&idx=2&sn=643c579b7d7b8267c6a1b523c90ba225) + - [ ] [ChatGPT快速审核法律事务论文的内部秘笈,实用干货全公开!](https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247493244&idx=3&sn=586b5a51d429f8aec48fa0c985f1134c) + - [ ] [ChatGPT快速审核社会法学论文全流程攻略,8分钟找准论文硬伤!](https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247493244&idx=4&sn=81fc0ad275d42828e13ab4954d535d22) + - [ ] [ChatGPT临床检验诊断学论文高效生成:教你快速搞定论文初稿。](https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247493244&idx=5&sn=9be789a4e71f76910c9c45fa8a96a7c6) + - [ ] [微信红包封面免费领取~](https://mp.weixin.qq.com/s?__biz=Mzg3NzkwMTYyOQ==&mid=2247488278&idx=1&sn=dbbadf5a98a72572f4deedfa9ecd5190) + - [ ] [直播倒计时2天:在企业做安全和对外做安全产品有什么差异?](https://mp.weixin.qq.com/s?__biz=MzIyOTAxOTYwMw==&mid=2650236931&idx=1&sn=5b12e1b5c57ec2f8e03facbaa312a866) + - [ ] [干货|常见端口渗透总结](https://mp.weixin.qq.com/s?__biz=MzkxMzMyNzMyMA==&mid=2247569839&idx=1&sn=c5b75f38a7dd5da15b4c7381bde02227) + - [ ] [【珍藏版】渗透测试手册,简直太赞了!](https://mp.weixin.qq.com/s?__biz=MzkxMzMyNzMyMA==&mid=2247569839&idx=2&sn=9749b0b4b3339dac6ee664fbb267dc90) + - [ ] [盘点万亿市值的Palantir在2024年拿下的至少87亿的美军合同都是啥](https://mp.weixin.qq.com/s?__biz=MzI1OTExNDY1NQ==&mid=2651618708&idx=1&sn=8ac9059513377c114628bba994559513) + - [ ] [独家揭秘!美国对华网络攻击已超出传统范围](https://mp.weixin.qq.com/s?__biz=MzkwMTMyMDQ3Mw==&mid=2247597515&idx=2&sn=b9d050cc626f12c62ae6d30eec33fe89) + - [ ] [这家银行因数据管理不到位等而被罚](https://mp.weixin.qq.com/s?__biz=MzIxMDIwODM2MA==&mid=2653931452&idx=1&sn=30dbf45bf12270ee3cd789f4a0e1f7a2) + - [ ] [TikTok在美国停止服务的影响及市场变化分析](https://mp.weixin.qq.com/s?__biz=Mzg4NDY4Mzk3Mw==&mid=2247485502&idx=1&sn=2261338e55f0d49fcd9474dfc082ca85) + - [ ] [公众号交流二群建立了!快来扫码加入](https://mp.weixin.qq.com/s?__biz=MzkwODI1ODgzOA==&mid=2247506582&idx=2&sn=f2c8ea570afdb6c8f7f986373645798b) + - [ ] [KONE-通力电梯管理系统-app_show_log_lines.php-任意文件读取漏洞](https://mp.weixin.qq.com/s?__biz=MzkyOTg3ODc5OA==&mid=2247484259&idx=1&sn=888da6c5443cb2f2ae0c03c3c922dd17) + - [ ] [【工具推荐】一款渗透测试信息收集集成工具--密探 v1.19 版](https://mp.weixin.qq.com/s?__biz=MzkzMDg1MzIwNA==&mid=2247486619&idx=1&sn=a495cb820bd0b97ffd0e75d04cfb8d5a) + - [ ] [【实战案例】记一次通过供应链测试系统拿下靶标的经过](https://mp.weixin.qq.com/s?__biz=MzkyNDYwNTcyNA==&mid=2247487390&idx=1&sn=4615335088b00024e9434956e4255034) + - [ ] [【工具分享】Swagger API Exploit 1.2 - 信息泄露利用工具](https://mp.weixin.qq.com/s?__biz=Mzg4MTkwMTI5Mw==&mid=2247488641&idx=1&sn=af12c4534abac0d07a82bbdb894ba5a7) + - [ ] [吃瓜,培训一哥起诉某公众号索赔50W](https://mp.weixin.qq.com/s?__biz=Mzk0MzY3MDE5Mg==&mid=2247483950&idx=1&sn=ed1b379191fd847a0dbd6880684af211) + - [ ] [救命!!!我真的学会了RMI远程方法调用](https://mp.weixin.qq.com/s?__biz=MzkzNzU5MDMxOA==&mid=2247484226&idx=1&sn=461786564bedfa8b4bcf3ac4724f564c) + - [ ] [HuntBack让黑客无处遁形](https://mp.weixin.qq.com/s?__biz=MzkxMTUwOTY1MA==&mid=2247490031&idx=1&sn=a1f7ad20f610a113f1046bfeee312d78) + - [ ] [K8S集群与应用系统之间关系梳理](https://mp.weixin.qq.com/s?__biz=Mzg3NTUzOTg3NA==&mid=2247515062&idx=1&sn=075664f6f645944dad48e9489a48acbb) + - [ ] [更优雅的nignx内存马后门 | ebpf 内核马](https://mp.weixin.qq.com/s?__biz=Mzk1NzE0ODk3Nw==&mid=2247490404&idx=1&sn=2d6bb4d4aa0b816671fdb5a1c720cf67) + - [ ] [浅谈迪菲赫尔曼密钥交换算法](https://mp.weixin.qq.com/s?__biz=MzAwNTc5MTMyNg==&mid=2247500100&idx=1&sn=b5c374bd03a5274cba5910d9d3a26b89) + - [ ] [饶志宏 | 构筑网络空间安全主动防御体系](https://mp.weixin.qq.com/s?__biz=Mzg4MDU0NTQ4Mw==&mid=2247528735&idx=1&sn=af82df22e9bbc7b90f6a7bff8ac9483f) + - [ ] [专家解读 | 建设可信数据空间,打造新型数据基础设施](https://mp.weixin.qq.com/s?__biz=Mzg4MDU0NTQ4Mw==&mid=2247528735&idx=2&sn=5db52b34f260efee2cbabd9f8161f1f6) + - [ ] [揭秘Android RAT程序:权限滥用与案例分析](https://mp.weixin.qq.com/s?__biz=Mzg2OTU3MzI1OQ==&mid=2247485515&idx=1&sn=af8b4b349e5b0fc56e39fc7442f9d4b9) + - [ ] [中央网信办启动“清朗·2025年春节网络环境整治”专项行动](https://mp.weixin.qq.com/s?__biz=MzUzNjkxODE5MA==&mid=2247488116&idx=1&sn=7d7335dcba54760679a97a688b9494c8) + - [ ] [ISO 14001: 2015 标准详解与实施(17)7.5 文件化信息](https://mp.weixin.qq.com/s?__biz=MzA5OTEyNzc1Nw==&mid=2247485957&idx=1&sn=f314736bad7328324e5dbab086cc6fbc) + - [ ] [ISO 14001: 2015 标准详解与实施(16)7.4 信息交流](https://mp.weixin.qq.com/s?__biz=MzA5OTEyNzc1Nw==&mid=2247485957&idx=2&sn=6476becda88cde2f67f9388df289d55e) + - [ ] [ISO 14001: 2015 标准详解与实施(15)7.3 意识](https://mp.weixin.qq.com/s?__biz=MzA5OTEyNzc1Nw==&mid=2247485957&idx=3&sn=888996499eb4807b9b2aa2f4dc6a9e6b) + - [ ] [ISO 14001: 2015 标准详解与实施(13)7.1 资源](https://mp.weixin.qq.com/s?__biz=MzA5OTEyNzc1Nw==&mid=2247485957&idx=5&sn=0a40ae02d454f03cd52b812d3921490e) + - [ ] [【2025-01-19】每日安全资讯](https://mp.weixin.qq.com/s?__biz=MzIzNDU5NTI4OQ==&mid=2247488320&idx=1&sn=6d342d8bea1a7d4e4d31fa9f9e79bf14) + - [ ] [区块链 智能合约安全 | 回滚攻击](https://mp.weixin.qq.com/s?__biz=MzUyODkwNDIyMg==&mid=2247547396&idx=1&sn=dd36ead706ea97fab71e7281fffcf75c) + - [ ] [tiktok已无法使用😂](https://mp.weixin.qq.com/s?__biz=MzkzNDIzNDUxOQ==&mid=2247494398&idx=1&sn=e64737d718dd422c5356eb94cf751086) + - [ ] [银狐肆虐,小白该如何防范,如何自动化狩猎钓鱼站点---文末附自动化检测程序](https://mp.weixin.qq.com/s?__biz=MzU4NTg4MzIzNA==&mid=2247484329&idx=1&sn=20c31baba359a00aaa54f36bd93f9bcd) + - [ ] [深化网络安全合作,共商情感管理 —— 记1月18日重要电话会谈](https://mp.weixin.qq.com/s?__biz=MzkyMTQzNTM3Ng==&mid=2247483889&idx=1&sn=8ca317a40bb5f24e50d0f00e1c5306ae) + - [ ] [灵蛇献瑞,福满乾坤](https://mp.weixin.qq.com/s?__biz=MzI1ODM1MjUxMQ==&mid=2247494410&idx=1&sn=45fe1b3463f34af5c35aa7b62cfd7cc3) + - [ ] [赛题记录 | 2025西湖论剑两道WEB的一些思考](https://mp.weixin.qq.com/s?__biz=MzkwMzQyMTg5OA==&mid=2247486681&idx=1&sn=3a0fd0f13894f31de83d8dd72d4dd846) + - [ ] [巴塞罗那,何以成为世界间谍软件初创中心?](https://mp.weixin.qq.com/s?__biz=MzkzNjE5NjQ4Mw==&mid=2247543307&idx=1&sn=24802d280d3d002dd86da86d1b78591c) + - [ ] [2025黑客入门教程(非常详细)从零基础入门到精通,看完这一篇就够了](https://mp.weixin.qq.com/s?__biz=Mzk1NzMwNTM5NQ==&mid=2247483844&idx=1&sn=b1a288bed4d824126b3d8719308cc24c) + - [ ] [安天网络行为检测能力升级通告(20250119)](https://mp.weixin.qq.com/s?__biz=MjM5MTA3Nzk4MQ==&mid=2650209598&idx=1&sn=5e5e2d6ece7346b23318db96d9226467) + - [ ] [物联网产业规模和连接数规模测算方法工作座谈会顺利召开](https://mp.weixin.qq.com/s?__biz=MzU1OTUxNTI1NA==&mid=2247592142&idx=1&sn=13b8eae44ec33e417928428f63273aa5) + - [ ] [工业互联网标识解析体系全面建成,奋力构筑信息通信业全面深化改革新图景](https://mp.weixin.qq.com/s?__biz=MzU1OTUxNTI1NA==&mid=2247592142&idx=2&sn=d03d0ae9dc1884dec9666278ea81b04e) + - [ ] [R3 RootKit病毒技术研究入门](https://mp.weixin.qq.com/s?__biz=MzA4ODEyODA3MQ==&mid=2247490049&idx=1&sn=eec060b016a2c2c48b9a5a5a5a6ef745) + - [ ] [攻防技战术动态一周更新 - 20250113](https://mp.weixin.qq.com/s?__biz=MzkzODc4NjE1OQ==&mid=2247483907&idx=1&sn=486fd11536298725e1e9a848a267a9af) + - [ ] [【反面案例】少量生物数据被暴露在公网](https://mp.weixin.qq.com/s?__biz=MzkzNDIzNDUxOQ==&mid=2247494391&idx=1&sn=9a46670c6f765c8770ae558d75f02cb5) + - [ ] [apt 的归因就没看到让人信服的](https://mp.weixin.qq.com/s?__biz=MzkzNDIzNDUxOQ==&mid=2247494391&idx=2&sn=969e7797f3c4f1ced0997799d459d83b) + - [ ] [小某书为新闻采集唯一真神](https://mp.weixin.qq.com/s?__biz=MzkzNDIzNDUxOQ==&mid=2247494391&idx=3&sn=bdccdf154b778c993f48b58ce8b8193b) + - [ ] [哟,搁这玩反差呢。](https://mp.weixin.qq.com/s?__biz=Mzk0MzY3MDE5Mg==&mid=2247483946&idx=1&sn=eef0c77d553e635745a380f04e3a5e3e) + - [ ] [2025年十大最佳漏洞管理工具](https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651312409&idx=1&sn=cb68df3d11a9480a16e2eab801cc662c) + - [ ] [Google Ads用户成恶意广告诈骗新目标,凭据及双因素认证码被盗](https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651312409&idx=3&sn=d3e1c0a64ae860400058cb81618f1fc3) + - [ ] [SuperdEye:一款基于纯Go实现的间接系统调用执行工具](https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651312409&idx=4&sn=a81099ae3c74511c3ebc897f37b2d848) + - [ ] [Spring框架—基础学习](https://mp.weixin.qq.com/s?__biz=Mzk0ODY1NzEwMA==&mid=2247485908&idx=1&sn=0f6a61387171d5f21da91dd84a294e06) + - [ ] [【新年抽奖】一周速成反混淆大师-秒杀变种控制流平坦化(ollvm)](https://mp.weixin.qq.com/s?__biz=MzI1Mjk2MTM1OQ==&mid=2247485300&idx=1&sn=e32bfd9075a39ac821bd3a6ab1424f89) + - [ ] [固件安全分析之符号表恢复技术](https://mp.weixin.qq.com/s?__biz=MjM5MjEyMTcyMQ==&mid=2651037421&idx=1&sn=c4127ac756e63ebc1597aaa82d755d7e) + - [ ] [YD∕T 6032-2024 面向家庭宽带场景的IPv6安全隔离技术要求](https://mp.weixin.qq.com/s?__biz=MjM5OTk4MDE2MA==&mid=2655264115&idx=4&sn=a3b1cfc4b3c623b8d0278793a4e02e3f) + - [ ] [YD∕T 6041-2024 5G移动通信网 核心网网络切片增强技术要求(第二阶段)](https://mp.weixin.qq.com/s?__biz=MjM5OTk4MDE2MA==&mid=2655264115&idx=5&sn=59f216e1b9a569919f11ca3b30bd0b87) + - [ ] [YD∕T 6058-2024 面向车联网应用场景的高精度定位总体技术要求](https://mp.weixin.qq.com/s?__biz=MjM5OTk4MDE2MA==&mid=2655264115&idx=6&sn=31a0921bbb405761eb3588c9c3cabd2e) + - [ ] [YD∕T 6101-2024 深度包检测策略信息库智能管理技术要求](https://mp.weixin.qq.com/s?__biz=MjM5OTk4MDE2MA==&mid=2655264115&idx=7&sn=9b641925ee0f057e6ad96c5721ca2b49) + - [ ] [YD∕T 4565-2023 物联网安全态势感知技术要求](https://mp.weixin.qq.com/s?__biz=MjM5OTk4MDE2MA==&mid=2655264115&idx=8&sn=4a5088a2479b1ea6f5d2fce512b036ad) + - [ ] [既怕兄弟苦又怕兄弟开路虎()o(╥﹏╥)o)](https://mp.weixin.qq.com/s?__biz=Mzk0MzY3MDE5Mg==&mid=2247483938&idx=1&sn=92e645ae20f8705c8b20cd9f91848c84) + - [ ] [西湖论剑WriteUp](https://mp.weixin.qq.com/s?__biz=MzkyMDY5OTg5OA==&mid=2247493338&idx=1&sn=964783a401a2539239644bbccf4ff43e) + - [ ] [解锁企业持续增长的密钥——深入探索企业战略规划方法论(附PPT下载)](https://mp.weixin.qq.com/s?__biz=MzkyODY5ODAyOA==&mid=2247489312&idx=1&sn=4fe2d267861399d0a7097a2920ad121a) + - [ ] [网安原创文章推荐【2025/1/18】](https://mp.weixin.qq.com/s?__biz=MzAxNzg3NzMyNQ==&mid=2247489469&idx=1&sn=b7c1fc722653e74c14d51d4b187836f8) + - [ ] [盘点一下各种奇葩的删库跑路事件](https://mp.weixin.qq.com/s?__biz=MzUzNjkxODE5MA==&mid=2247488110&idx=1&sn=5af4bf3456d5a9f636d31cf2204f7298) + - [ ] [涉案2000万!网警成功侦破一起特大“造谣引流”网络水军案;](https://mp.weixin.qq.com/s?__biz=MzAxMjE3ODU3MQ==&mid=2650606800&idx=1&sn=ec4b2cd3fc2d252b1d3d3b622692d78f) + - [ ] [攻防实战,进入某校内网](https://mp.weixin.qq.com/s?__biz=MzAxMjE3ODU3MQ==&mid=2650606800&idx=3&sn=990d0438b26e59119c79ba0c75cc675d) + - [ ] [一款微信小程序源码包信息收集工具,根据已有项目改编](https://mp.weixin.qq.com/s?__biz=MzAxMjE3ODU3MQ==&mid=2650606800&idx=4&sn=4735e4f51b9fdd9e26d3e719ec291843) + - [ ] [.NET内网实战:通过 findstr 快速获取数据库连接密码](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498317&idx=1&sn=a5fbee0aae201e4dfbe1b11cd8875574) + - [ ] [.NET 安全攻防知识交流社区](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498317&idx=2&sn=d7ca7d91aa1a789626ddce7bc16645ad) + - [ ] [.NET 第55期红队武器库和资源汇总](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498317&idx=3&sn=e32ddb9164eebb4dbe090802a5ff5d22) - Recent Commits to cve:main - - [ ] [Update Sat Jan 18 20:13:55 UTC 2025](https://github.com/trickest/cve/commit/b708e26d5a4c98338b505110945c3df0396344c0) - - [ ] [Update Sat Jan 18 12:15:13 UTC 2025](https://github.com/trickest/cve/commit/aef459845426b0cd394ec2be1ea55871b7a78f8a) - - [ ] [Update Sat Jan 18 04:18:41 UTC 2025](https://github.com/trickest/cve/commit/cb8a7b3ec123eb65fb54b26ccb85cfecefc0b1a7) -- Security Boulevard - - [ ] [DEF CON 32 – Breaking Boundaries: Popping Shells In The Airgap With $10 & Arduino Magic](https://securityboulevard.com/2025/01/def-con-32-breaking-boundaries-popping-shells-in-the-airgap-with-10-arduino-magic/) - - [ ] [Cyber Essentials NHS and Healthcare Organisations](https://securityboulevard.com/2025/01/cyber-essentials-nhs-and-healthcare-organisations/) - - [ ] [Trump’s Digital Footprint: Unveiling Malicious Campaigns Amid Political Milestones](https://securityboulevard.com/2025/01/trumps-digital-footprint-unveiling-malicious-campaigns-amid-political-milestones/) - - [ ] [How Imperva Protects the Arts Industry from Ticketing Abuse by Carding Bots](https://securityboulevard.com/2025/01/how-imperva-protects-the-arts-industry-from-ticketing-abuse-by-carding-bots/) -- CXSECURITY Database RSS Feed - CXSecurity.com - - [ ] [OBS (by: oretnom23 ) File Upload-FU and Remote](https://cxsecurity.com/issue/WLB-2025010017) + - [ ] [Update Sun Jan 19 20:27:53 UTC 2025](https://github.com/trickest/cve/commit/7e1f2063923cfa93d78465725760773477e387aa) + - [ ] [Update Sun Jan 19 12:26:12 UTC 2025](https://github.com/trickest/cve/commit/82640a9c27a9871a0f3f4be31b4606aa2dfa2dca) + - [ ] [Update Sun Jan 19 04:16:39 UTC 2025](https://github.com/trickest/cve/commit/dc028ae10989ac4ee92b70cb89ffeb4bd20660b6) - 一个被知识诅咒的人 - - [ ] [AIGC与劳动力市场:技术进步与就业结构的重塑](https://blog.csdn.net/nokiaguy/article/details/145234235) - - [ ] [Python中的字典优化:如何高效使用`defaultdict`和`Counter`](https://blog.csdn.net/nokiaguy/article/details/145227999) - - [ ] [【Python运维】用Python管理Docker容器:从`docker-py`到自动化部署的全面指南](https://blog.csdn.net/nokiaguy/article/details/145227982) -- arighi's blog - - [ ] [Accelerating micro-VM boot time with sched_ext](http://arighi.blogspot.com/2025/01/accelerating-micro-vm-boot-time-with.html) + - [ ] [Python中的函数式编程:使用map、filter和reduce提升代码表达力](https://blog.csdn.net/nokiaguy/article/details/145243904) + - [ ] [【Python运维】日志分析与监控:用Python进行日志聚合与异常检测的全面指南](https://blog.csdn.net/nokiaguy/article/details/145243887) +- Twitter @Nicolas Krassas + - [ ] [TikTok Goes Dark in the U.S. as Federal Ban Takes Effect January 19, 2025 https://thehackernews.com/2025/01/tiktok-goes-dark-in-us-as-federal-ban.html](https://x.com/Dinosn/status/1880868881063186864) + - [ ] [FCC to telcos: By law you must secure your networks from foreign spies. Get on it https://go.theregister.com/feed/www.theregister.com/2025/01/17/fcc_t...](https://x.com/Dinosn/status/1880824957879697869) + - [ ] [CVE-2024-55591: Follow up: Authentication Bypass Vulnerability in Fortinet FortiOS and FortiProxy https://arcticwolf.com/resources/blog/cve-2024-55591...](https://x.com/Dinosn/status/1880824876187144375) + - [ ] [FTC cracks down on Genshin Impact gacha loot box practices https://www.bleepingcomputer.com/news/gaming/ftc-cracks-down-on-genshin-impact-gacha-loot-b...](https://x.com/Dinosn/status/1880824780108317066) + - [ ] [MITRE Launches D3FEND 1.0 to Standardize Cybersecurity Techniques for Countering Threats https://cybersecuritynews.com/mitre-launches-d3fend-1-0/](https://x.com/Dinosn/status/1880824684910174639) + - [ ] [TikTok Says It Will ‘Go Dark’ Unless It Gets Clarity From Biden Following Supreme Court Ruling https://www.securityweek.com/tiktok-says-it-will-go-d...](https://x.com/Dinosn/status/1880824616345850324) + - [ ] [Treasury Levels Sanctions Tied to a Massive Hack of Telecom Companies and Breach of Its Own Network https://www.securityweek.com/treasury-levels-sanct...](https://x.com/Dinosn/status/1880824543889281362) + - [ ] [HTB: MonitorsThree https://0xdf.gitlab.io/2025/01/18/htb-monitorsthree.html](https://x.com/Dinosn/status/1880824428923408539) + - [ ] [FTC orders GM to stop collecting and selling driver’s data https://www.bleepingcomputer.com/news/legal/ftc-orders-gm-to-stop-collecting-and-selling-d...](https://x.com/Dinosn/status/1880824364985442688) + - [ ] [Lazarus APT Targets Job Seekers with “Contagious Interview” Campaign Using ClickFix Technique https://securityonline.info/lazarus-apt-targets-job-se...](https://x.com/Dinosn/status/1880824305753468968) + - [ ] [ShellSweep: detect potential webshell files in a specified directory https://meterpreter.org/shellsweep-detect-potential-webshell-files-in-a-specified...](https://x.com/Dinosn/status/1880824176409505795) + - [ ] [Krueger: Proof of Concept (PoC) .NET tool for remotely killing EDR with WDAC https://meterpreter.org/krueger-proof-of-concept-poc-net-tool-for-remotel...](https://x.com/Dinosn/status/1880824040413376783) +- Armin Ronacher's Thoughts and Writings + - [ ] [Automatic Server Reloading in Rust on Change: What is listenfd/systemfd?](http://lucumr.pocoo.org/2025/1/19/what-is-systemfd) - Twitter @bytehx - - [ ] [Re @rez0__ I made it at my home and love it. It is really good with toasted bread.](https://x.com/bytehx343/status/1880671088092565741) - - [ ] [Re @RelentlessT7 @Bugcrowd Congrats 🎉](https://x.com/bytehx343/status/1880659660078006382) - - [ ] [Re @notgeej haha yes that is quite hurt.](https://x.com/bytehx343/status/1880577440621396144) - - [ ] [Re @h4x0r_dz 🤣🤣🤣](https://x.com/bytehx343/status/1880474260738912721) - - [ ] [Re @696e746c6f6c I did comment about the severity but they never respond to me.](https://x.com/bytehx343/status/1880474183785935318) - - [ ] [Re @HannanHaseeb11 🤣🤣🤣](https://x.com/bytehx343/status/1880473913190412403) + - [ ] [Re @RootxRavi @Bugcrowd Congrats 🎉](https://x.com/bytehx343/status/1880802330616168804) +- Blogs dade + - [ ] [Weekly Retro 2025-W03](https://0xda.de/blog/2025/01/weekly-retro-2025-w03/) - Bug Bounty in InfoSec Write-ups on Medium - - [ ] [Critical Blind SQL Injection leads to  -$4,134 (7/30 DAYS)](https://infosecwriteups.com/critical-blind-sql-injection-leads-to-4-134-7-30-days-d8918ff3d2d0?source=rss----7b722bfd1b8d--bug_bounty) - - [ ] [Building Your Own Bug Bounty Lab: A Hands-On Guide with Metasploit and More](https://infosecwriteups.com/building-your-own-bug-bounty-lab-a-hands-on-guide-with-metasploit-and-more-9595a71fc4c6?source=rss----7b722bfd1b8d--bug_bounty) - - [ ] [Stored XSS to Admin in Unauthenticated-WordPress](https://infosecwriteups.com/stored-xss-to-admin-in-unauthenticated-wordpress-cb76bae66623?source=rss----7b722bfd1b8d--bug_bounty) - - [ ] [This is How I Turned an Informative Bug into a Valid $500 Bug](https://infosecwriteups.com/this-is-how-i-turned-an-informative-bug-into-a-valid-500-bug-174ffeb94737?source=rss----7b722bfd1b8d--bug_bounty) - - [ ] [CVE-2024-50379: Apache Tomcat Race Condition Vulnerability Leads to Remote Code Execution](https://infosecwriteups.com/cve-2024-50379-apache-tomcat-race-condition-vulnerability-leads-to-remote-code-execution-6b3291780d65?source=rss----7b722bfd1b8d--bug_bounty) + - [ ] [How I Utilized AI to Discover an Amazon S3 Bucket Takeover Vulnerability in Red Bull’s Bug Bounty…](https://infosecwriteups.com/how-i-utilized-ai-to-discover-an-amazon-s3-bucket-takeover-vulnerability-in-red-bulls-bug-bounty-503d3c4d995f?source=rss----7b722bfd1b8d--bug_bounty) + - [ ] [Finding my First SQL Injection On HackerOne](https://infosecwriteups.com/finding-my-first-sql-injection-on-hackerone-6a031ab5aa1c?source=rss----7b722bfd1b8d--bug_bounty) + - [ ] [Plan Ristriction Bypass for Slack Integration: 500$ Improper Validation Check Bug](https://infosecwriteups.com/plan-ristriction-bypass-for-slack-integration-500-improper-validation-check-bug-0c1acf6f01d3?source=rss----7b722bfd1b8d--bug_bounty) + - [ ] [User Enumeration: From Overlooked to Medium-Impact Bug](https://infosecwriteups.com/user-enumeration-from-overlooked-to-medium-impact-bug-48bbefa2ab3b?source=rss----7b722bfd1b8d--bug_bounty) + - [ ] [Exploiting IDOR in a Support Portal Chatbot](https://infosecwriteups.com/exploiting-idor-in-a-support-portal-chatbot-f1d0617bace1?source=rss----7b722bfd1b8d--bug_bounty) +- Reverse Engineering + - [ ] [Reverse-engineering a carry-lookahead adder in the Pentium](https://www.reddit.com/r/ReverseEngineering/comments/1i4oek3/reverseengineering_a_carrylookahead_adder_in_the/) - 奇客Solidot–传递最新科技情报 - - [ ] [原神被禁止向美国 16 岁以下儿童出售战利品箱](https://www.solidot.org/story?sid=80367) - - [ ] [CNNIC 报告称中国有 2.49 亿人使用过生成式 AI](https://www.solidot.org/story?sid=80366) + - [ ] [手游 Marvel Snap 因 TikTok 禁令从应用商店下架](https://www.solidot.org/story?sid=80372) + - [ ] [就业市场上的权力天平倾向了雇主](https://www.solidot.org/story?sid=80371) + - [ ] [对 TikTok 的禁令可能扩散到美国盟国](https://www.solidot.org/story?sid=80370) + - [ ] [TikTok 关闭美国服务](https://www.solidot.org/story?sid=80369) - 黑海洋 - IT技术知识库 - - [ ] [AniDoc:动画创作草图高保真着色工具](https://blog.upx8.com/4673) - - [ ] [网页翻译插件:接入Deepseekv、Gemini等AI翻译服务](https://blog.upx8.com/4671) - - [ ] [ai_couplets:AI 对联生成器 马上成为春联领域高手](https://blog.upx8.com/4670) - - [ ] [WinNew:微软Windows原版镜像系统](https://blog.upx8.com/4669) -- 威努特安全网络 - - [ ] [西班牙电信公司遭入侵,官方通报16款违规移动应用 | 一周特辑](https://mp.weixin.qq.com/s?__biz=MzAwNTgyODU3NQ==&mid=2651130508&idx=1&sn=2470459b5f48ea1c07856c2d72394829&chksm=80e7103cb790992a65070923895751564457b3909a6b673b81f7dc6c3db5958fd00fd64e76ae&scene=58&subscene=0#rd) -- 代码审计SDL - - [ ] [API BOM - ASPM数据关联分析纽带](https://mp.weixin.qq.com/s?__biz=MzI2NTExNzcxNQ==&mid=2247484361&idx=1&sn=8e472a7a51b24dacdf95759c0a58c4a8&chksm=eaa30ab5ddd483a3ebf52abba4056a525450dc0dd3cd0a1a1aef253b5339b066093ed268e076&scene=58&subscene=0#rd) -- dotNet安全矩阵 - - [ ] [.NET 第55期红队武器库和资源汇总](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498306&idx=1&sn=672a2a2f57cabb2ce04be6ff29129beb&chksm=fa5954afcd2eddb95c9d28b0c0054d2ffc9aeefa6c8453b52d06a54a7256591e3ea8c802d6d9&scene=58&subscene=0#rd) - - [ ] [国内最专业、最全面的 [ .NET 代码审计 ] 体系化学习交流社区](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498306&idx=2&sn=4c2323d1570eb3b825a6a04eb4520b72&chksm=fa5954afcd2eddb9dd3e4a3bbf2b57ba408dd8885947b8fb03d7dc9cf4549bd8cb2784095eaf&scene=58&subscene=0#rd) - - [ ] [一种通过 .NET 启动 cmd.exe 的新方法](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498306&idx=3&sn=d5276b7bf7380ce889dc125627631a94&chksm=fa5954afcd2eddb9766ec4e35c05e11ccf9f4e97162811fc15396171a733e0531e29cabee253&scene=58&subscene=0#rd) -- 看雪学苑 - - [ ] [欢迎报名!​“系统0day安全”系列课程:掌握漏洞挖掘重要技能](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458588749&idx=1&sn=c07163014dddf5e352e4f3683251b0d4&chksm=b18c26c786fbafd14670241f07726032e76e13980b4ff50732d34c76fea9f03ae8979ccaba96&scene=58&subscene=0#rd) - - [ ] [PWN入门:误入格式化字符串漏洞](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458588749&idx=2&sn=6fc809be9ede10a46f7d204c536cd5bf&chksm=b18c26c786fbafd14e4e451e21e415e3d96e93feb517543db94006ba90a0f748c9b78f0cc838&scene=58&subscene=0#rd) -- 安全内参 - - [ ] [CNCERT:美网络攻击我国某先进材料设计研究院事件调查报告](https://mp.weixin.qq.com/s?__biz=MzI4NDY2MDMwMw==&mid=2247513535&idx=1&sn=b266fc240ecfa7219f753220df704fd6&chksm=ebfaf29fdc8d7b895e31b7f387b580348d6200e7d05b1f78b5bbefb52172bf88ccda3fb37a3b&scene=58&subscene=0#rd) - - [ ] [CNCERT:美网络攻击我国某智慧能源和数字信息大型高科技企业事件调查报告](https://mp.weixin.qq.com/s?__biz=MzI4NDY2MDMwMw==&mid=2247513535&idx=2&sn=8013d103c78d04dbb57f8891af08c176&chksm=ebfaf29fdc8d7b89c6ce104f81453910fac57be35385c3d3cefe1beff5e1b59a6307051d12d0&scene=58&subscene=0#rd) -- 中国信息安全 - - [ ] [论坛·原创 | 特朗普第二任期美国科技外交战略展望](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235038&idx=1&sn=0985e935a77d468c9918194fcdac28b3&chksm=8b5802e7bc2f8bf11b2f1b8ca38fc79e014dc4fd73969198e2fcad1f63378e221da7e6975b6f&scene=58&subscene=0#rd) - - [ ] [专家解读 | 强化数据标注基地引领作用 带动数据标注产业高质量发展](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235038&idx=2&sn=faf2a988fedc8924e65ab9c9bcbbafa5&chksm=8b5802e7bc2f8bf126b161de9bd9d5058cff96053115722ea4bc0519184dbbf8d28f097b06c2&scene=58&subscene=0#rd) - - [ ] [小心!“间谍”正在潜入你的手机](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235038&idx=3&sn=8d7fbaf443b0a9525f6d4b1be446e0a2&chksm=8b5802e7bc2f8bf161b0bb62fba700cc8b6a23cdba4d5a9d1aeab4ff10271ea2fbda09f594f5&scene=58&subscene=0#rd) - - [ ] [国际 | 越南个人数据跨境传输规则](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235038&idx=4&sn=d5d670e02e6690a029cf91ba98894c4b&chksm=8b5802e7bc2f8bf12d74db74b6d23efe779dc9b074b80efd47d7ffb4874d0665a003c525e7ac&scene=58&subscene=0#rd) - - [ ] [评论 | 走出应用程序自动扣费的“消费陷阱”](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235038&idx=5&sn=27d2dc92bc541ae96838413ce948ac9c&chksm=8b5802e7bc2f8bf11127a7f375be5953f44d0423fe5f47d299c0e71a4bb5fc2b4b1ebb629812&scene=58&subscene=0#rd) -- 慢雾科技 - - [ ] [新型手法|Telegram 假 Safeguard 骗局](https://mp.weixin.qq.com/s?__biz=MzU4ODQ3NTM2OA==&mid=2247500978&idx=1&sn=8d502d81ee56971fac26b35e70b49081&chksm=fddeba35caa9332370f3eb036a88298138c4c0b3affab16a89684c8be0ea352075d9efbc6119&scene=58&subscene=0#rd) -- ChaMd5安全团队 - - [ ] [2024年ChaMd5安全团队总结](https://mp.weixin.qq.com/s?__biz=MzIzMTc1MjExOQ==&mid=2247511877&idx=1&sn=d8176431e491281ef849226a54134205&chksm=e89d879ddfea0e8bed51009b5df5f17451e07e7d548788096d2d114ae33d709cadabdd53fd21&scene=58&subscene=0#rd) -- 极客公园 - - [ ] [美国最高法裁定支持 TikTok 禁令,周受资回应;传网易裁撤战投部;三星与 OpenAI 合作开发 AI 电视 | 极客早知道](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653072294&idx=1&sn=2ad18c4ecffe9cc504a4c2b913d43446&chksm=7e57d61049205f06adcfbf56f4d2a313bfa3cf0be44336d8b8615ba19db4d9afe35995b8e869&scene=58&subscene=0#rd) + - [ ] [Emby TV 安卓电视端 使用教程](https://blog.upx8.com/4674) +- 安全分析与研究 + - [ ] [R3 RootKit病毒技术研究入门](https://mp.weixin.qq.com/s?__biz=MzA4ODEyODA3MQ==&mid=2247490049&idx=1&sn=eec060b016a2c2c48b9a5a5a5a6ef745&chksm=902fb529a7583c3f0a2b0935cfd9f3df6108088566ca52d5bd9df83588d2b382a01ee1757d28&scene=58&subscene=0#rd) +- 青衣十三楼飞花堂 + - [ ] [大路:高速中国里的工地纪事](https://mp.weixin.qq.com/s?__biz=MzUzMjQyMDE3Ng==&mid=2247487918&idx=1&sn=62fa743b6f7cd093a352b0917f89a0e8&chksm=fab2d291cdc55b87d7b94cecfbd60540e362d1a5c59f44c62911d214c10d2bce471e9c680efd&scene=58&subscene=0#rd) - 丁爸 情报分析师的工具箱 - - [ ] [【工具】全球有组织犯罪指数](https://mp.weixin.qq.com/s?__biz=MzI2MTE0NTE3Mw==&mid=2651148608&idx=1&sn=dcde5ba6b230d8fa0b9ffbd97091e78a&chksm=f1af267ac6d8af6c1e5890468a5afa8695a4219608207c2373863a75d242e13b2b43eb2baa23&scene=58&subscene=0#rd) - - [ ] [【资料】拜登告别演讲](https://mp.weixin.qq.com/s?__biz=MzI2MTE0NTE3Mw==&mid=2651148608&idx=2&sn=03f1e0c2e178ad80175a035485141a01&chksm=f1af267ac6d8af6c2b9fd8e4c2800c517101c6e06ecac0b3e36448e42f84a6301499a6f416bd&scene=58&subscene=0#rd) + - [ ] [【资料】拟任美国中央情报局局长的拉特克利夫及其家人](https://mp.weixin.qq.com/s?__biz=MzI2MTE0NTE3Mw==&mid=2651148624&idx=1&sn=576c40259107f8aabc30212443488fee&chksm=f1af266ac6d8af7c3bec1081deebb88f2250a0d00614bd70fa3795f753849ec277a9f8463a5b&scene=58&subscene=0#rd) +- dotNet安全矩阵 + - [ ] [.NET内网实战:通过 findstr 快速获取数据库连接密码](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498317&idx=1&sn=a5fbee0aae201e4dfbe1b11cd8875574&chksm=fa5954a0cd2eddb64b0d918c03c9bcd317a860e08c6e4b8154b1b5af1c4146c88ad78be379c2&scene=58&subscene=0#rd) + - [ ] [.NET 安全攻防知识交流社区](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498317&idx=2&sn=d7ca7d91aa1a789626ddce7bc16645ad&chksm=fa5954a0cd2eddb61fd6d64dce4872114b6810630ff226c508b9b940b8bf43a1c5061b1f1e2e&scene=58&subscene=0#rd) + - [ ] [.NET 第55期红队武器库和资源汇总](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498317&idx=3&sn=e32ddb9164eebb4dbe090802a5ff5d22&chksm=fa5954a0cd2eddb69193b05c5c3ffb37d6bff2b7cf2d0c2bfc9a329b7586a39b74d3010d81c3&scene=58&subscene=0#rd) - 安全圈 - - [ ] [【安全圈】高危!rsync被爆出多个安全漏洞](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067460&idx=1&sn=7e41cdf5b76e20186089903f7171a588&chksm=f36e7ac4c419f3d2506b8a4fda50d186484d0b429b68fbc2c9fa6a6d793e423ec4e7374d18b2&scene=58&subscene=0#rd) - - [ ] [【安全圈】国家互联网应急中心通报两起美方对我国网络攻击事件](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067460&idx=2&sn=1eeea145994ab308cf3f78f1ca987a19&chksm=f36e7ac4c419f3d249013e9e085dface206bc6cc4b5b7f6d7808a9eb3d92fe36d14ea01b7261&scene=58&subscene=0#rd) - - [ ] [【安全圈】网络安全态势研判分析报告 (2024年12月)](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067460&idx=3&sn=86d02f407c0e151d308f83282274bf31&chksm=f36e7ac4c419f3d2c695e9358023983f6c9908bce56b713651866957afc0ffec8d6486e40553&scene=58&subscene=0#rd) -- 山石网科安全技术研究院 - - [ ] [2024年度人工智能相关重点安全漏洞盘点](https://mp.weixin.qq.com/s?__biz=MzUzMDUxNTE1Mw==&mid=2247510270&idx=1&sn=6e0dfb575d641bc67a2b3f00196df49c&chksm=fa527d40cd25f4569e895e911f8d3e8f3e3bc366ffc8598627f89ba3a175f3b65e348be9866b&scene=58&subscene=0#rd) -- DataCon大数据安全分析竞赛 - - [ ] [DataCon2024解题报告WriteUp—漏洞分析赛道](https://mp.weixin.qq.com/s?__biz=MzU5Njg1NzMyNw==&mid=2247489123&idx=1&sn=228fa0630cebdc58c6b961b96752dc2f&chksm=fe5d0ee3c92a87f539db8736eee19d3b20b91e5cf731b6a9630bc1339b0cd1dfb5e2e9ecca66&scene=58&subscene=0#rd) -- 白泽安全实验室 - - [ ] [美日韩联合警告加密货币行业防范朝鲜黑客攻击](https://mp.weixin.qq.com/s?__biz=MzI0MTE4ODY3Nw==&mid=2247492524&idx=1&sn=19d57828e503df304caf2618802d9d27&chksm=e90dc986de7a4090525887e3393df05546cb69cbdde9be1ad3e3ff9b365906e28e0b0a1640d3&scene=58&subscene=0#rd) -- Over Security - Cybersecurity news aggregator - - [ ] [Microsoft removes Assassin’s Creed Windows 11 upgrade blocks](https://www.bleepingcomputer.com/news/microsoft/microsoft-removes-assassins-creed-windows-11-upgrade-blocks/) - - [ ] [FTC orders GM to stop collecting and selling driver’s data](https://www.bleepingcomputer.com/news/legal/ftc-orders-gm-to-stop-collecting-and-selling-drivers-data/) - - [ ] [Medusa Ransomware Attack on PMUSA: The $1.2 Million Ransom to Prevent Data Exposure](https://www.suspectfile.com/medusa-ransomware-attack-on-pmusa-the-1-2-million-ransom-to-prevent-data-exposure/) - - [ ] [How victims of PowerSchool’s data breach helped each other investigate ‘massive’ hack](https://techcrunch.com/2025/01/18/how-victims-of-powerschools-data-breach-helped-each-other-investigate-massive-hack/) - - [ ] [Otelier - 436,855 breached accounts](https://haveibeenpwned.com/PwnedWebsites#Otelier) -- Desync InfoSec - - [ ] [分享图片](https://mp.weixin.qq.com/s?__biz=MzkzMDE3ODc1Mw==&mid=2247488944&idx=1&sn=09e4fe21af1fcba3e404660f9d7b32e4&chksm=c27f661ef508ef08a55b85b5762be82d9737b6b17f5bba12e75332b0ce96d0d54dc7f5a409e4&scene=58&subscene=0#rd) -- IT Service Management News - - [ ] [Gli uomini possono fare tutto (Gennaio 2025)](http://blog.cesaregallotti.it/2025/01/gli-uomini-possono-fare-tutto-gennaio.html) - - [ ] [Parere EDPB sui modelli di intelligenza artificiale](http://blog.cesaregallotti.it/2025/01/parere-edpb-sui-modelli-di-intelligenza.html) -- 吴鲁加 - - [ ] [黑客思维](https://mp.weixin.qq.com/s?__biz=Mzg5NDY4ODM1MA==&mid=2247485154&idx=1&sn=43d73ef46e2f7ca8d5a52c0fa515843f&chksm=c01a8bd3f76d02c5d4368cdfa4790e59deb43648e7ad8aaf6f4bad39c19707325a280fac689d&scene=58&subscene=0#rd) + - [ ] [【安全圈】可能对企业产生严重影响:字节跳动飞书海外版Lark也将在美国市场停止运营](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067480&idx=1&sn=c2d0bb267baf11570d6e3253fa3ff4fe&chksm=f36e7ad8c419f3ce38cfc35ec6bd2c637b49c85b101d0b057484bc1ace20d684457a77a7a7eb&scene=58&subscene=0#rd) + - [ ] [【安全圈】微软已经修复Microsoft 365在Windows Server 2016/2019上崩溃的问题](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067480&idx=2&sn=e94b5cb3a624cdca3e6452bf7c79d7a8&chksm=f36e7ad8c419f3cef73c242196a8499de4c2c79ec90ca98bd662ee5575f6ac22d4041dcd89d4&scene=58&subscene=0#rd) + - [ ] [【安全圈】FTC 要求通用汽车停止收集和销售驾驶员数据](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067480&idx=3&sn=220a3c1eb7166bba53400942dfa9cab1&chksm=f36e7ad8c419f3ce7eec3c9934f5c50798a83c044de9ed8607edfb8e503cd95268521f790488&scene=58&subscene=0#rd) + - [ ] [【安全圈】CL-UNK-0979 利用 Ivanti Connect Secure 中的零日漏洞获取网络访问权限](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067480&idx=4&sn=8dc7094933166fceeb2e467f38e23545&chksm=f36e7ad8c419f3ce413fdcd09b7fbf2c3828fe34b5aca8c6a3b0d570a1f213c166b9943c4be8&scene=58&subscene=0#rd) +- 情报分析师 + - [ ] [揭秘俄罗斯人力情报的全新布局](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650559015&idx=1&sn=37962d35fd4ae69a3f4a81abdff654e7&chksm=87117c6cb066f57aa21d4ea03c2085ec0beb649116bd42891f430041cf6993324f15a4dcce41&scene=58&subscene=0#rd) +- 极客公园 + - [ ] [时隔 8 年,任天堂 Switch 2 终于来了,你买吗!](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653072331&idx=1&sn=2f8f2f9d50771b9c3f15cac061f8cff5&chksm=7e57d67d49205f6b80e31d9a0db91bdb72aeb161490952954a50f42f6e6407a71de7670d311a&scene=58&subscene=0#rd) + - [ ] [突发丨TikTok 在美停止服务,美区 iOS、安卓已下架](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653072318&idx=1&sn=39714f4d9915dd2b8a13f2ee5e0d1dc4&chksm=7e57d60849205f1e5b367c604a88c280ee2430767ce018c69a868cd6e0a3ace6cd34660af42f&scene=58&subscene=0#rd) + - [ ] [CES2025 结束后,我们发现这 15 个硬件最好玩](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653072318&idx=2&sn=01f4b2ec30208ccde2ff857f379c582f&chksm=7e57d60849205f1e587b175eb8e43d2af4043ce37102178a86e3559f30e72ee5496af3b47244&scene=58&subscene=0#rd) + - [ ] [特朗普称极有可能给 TT 90 天延期;淘宝成蛇年春晚电商互动平台;罗永浩:不是没有为 AIOS 做手机的可能 | 极客早知道](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653072306&idx=1&sn=89adf3a1ce8d4ba450cc7ac7f6979885&chksm=7e57d60449205f1299e2dbb972c999b2f84092c376740374ba2498ce61e97f58d6c8ad726960&scene=58&subscene=0#rd) +- 航行笔记 + - [ ] [直播倒计时2天:在企业做安全和对外做安全产品有什么差异?](https://mp.weixin.qq.com/s?__biz=MzIyOTAxOTYwMw==&mid=2650236931&idx=1&sn=5b12e1b5c57ec2f8e03facbaa312a866&chksm=f04ad2bfc73d5ba9b46c82cf018950f19f81242dba0075d77e4444c272175b419961197759d8&scene=58&subscene=0#rd) +- 墨菲安全 + - [ ] [直播倒计时2天:在企业做安全和对外做安全产品有什么差异?](https://mp.weixin.qq.com/s?__biz=MzkwOTM0MjI5NQ==&mid=2247488032&idx=1&sn=4979d3ea51fb5e28ee8336d903a77a65&chksm=c13d7118f64af80eba6460f7d74506ba94e2c442fbff6d2f97dd79f0130fe286619c24a178c3&scene=58&subscene=0#rd) - 迪哥讲事 - - [ ] [挖掘有回显ssrf的一类隐藏payload](https://mp.weixin.qq.com/s?__biz=MzIzMTIzNTM0MA==&mid=2247496898&idx=1&sn=b6088e20a8b4fc9fbd887b900d8c5247&chksm=e8a5fea1dfd277b708b1a63e6fa9a1399f8466dce922766f0393e815aca0aa4090c609a9a372&scene=58&subscene=0#rd) + - [ ] [$40,000的RCE!](https://mp.weixin.qq.com/s?__biz=MzIzMTIzNTM0MA==&mid=2247496907&idx=1&sn=bf65d0102436150a0dc5482d51b5c998&chksm=e8a5fea8dfd277be56fc6d30fe19c8d65094b9ea55e1628f0c5742c243d612eee6b973167e6b&scene=58&subscene=0#rd) +- Over Security - Cybersecurity news aggregator + - [ ] [Tear Down The Castle - Part 1](https://dfir.ch/posts/tear_down_castle_part_one/) + - [ ] [Tracking Adversaries: Ghostwriter APT Infrastructure](https://blog.bushidotoken.net/2025/01/tracking-adversaries-ghostwriter-apt.html) + - [ ] [TikTok is back up in the US after Trump says he will extend deadline](https://www.bleepingcomputer.com/news/software/tiktok-is-back-up-in-the-us-after-trump-says-he-will-extend-deadline/) + - [ ] [Star Blizzard hackers abuse WhatsApp to target high-value diplomats](https://www.bleepingcomputer.com/news/security/star-blizzard-hackers-abuse-whatsapp-to-target-high-value-diplomats/) + - [ ] [TikTok shuts down in the US as Trump throws the company a lifeline](https://www.bleepingcomputer.com/news/software/tiktok-shuts-down-in-the-us-as-trump-throws-the-company-a-lifeline/) - SANS Internet Storm Center, InfoCON: green - - [ ] [New tool: immutable.py, (Sat, Jan 18th)](https://isc.sans.edu/diary/rss/31598) + - [ ] [Zero Trust and Entra ID Conditional Access, (Sun, Jan 19th)](https://isc.sans.edu/diary/rss/31602) - ICT Security Magazine - - [ ] [Autonomic Computing: La Rivoluzione dei Sistemi Auto-Gestiti nella Cybersecurity Moderna](https://www.ictsecuritymagazine.com/articoli/autonomic-computing/) -- Your Open Hacker Community - - [ ] [(for research purposes) how do scammers gain the skills they have?](https://www.reddit.com/r/HowToHack/comments/1i40zkp/for_research_purposes_how_do_scammers_gain_the/) - - [ ] [Fake acc](https://www.reddit.com/r/HowToHack/comments/1i4joo0/fake_acc/) - - [ ] [Complete beginner - 2 days in](https://www.reddit.com/r/HowToHack/comments/1i46c9w/complete_beginner_2_days_in/) - - [ ] [How to create a rat](https://www.reddit.com/r/HowToHack/comments/1i4l1iu/how_to_create_a_rat/) - - [ ] [How do I hack a Roblox account?](https://www.reddit.com/r/HowToHack/comments/1i4jjcn/how_do_i_hack_a_roblox_account/) - - [ ] [Lets bring tiktok back up](https://www.reddit.com/r/HowToHack/comments/1i4ddzb/lets_bring_tiktok_back_up/) - - [ ] [Hi, so I ran my config on open bullet And I’m only getting retries on the runner is it a problem with my proxy, combo list or config?](https://www.reddit.com/r/HowToHack/comments/1i3z2l5/hi_so_i_ran_my_config_on_open_bullet_and_im_only/) - - [ ] [Help making open bullet plugin](https://www.reddit.com/r/HowToHack/comments/1i3xttx/help_making_open_bullet_plugin/) - - [ ] [I need help.](https://www.reddit.com/r/HowToHack/comments/1i3xa2q/i_need_help/) - - [ ] [Help](https://www.reddit.com/r/HowToHack/comments/1i41jrv/help/) - - [ ] [[ Removed by Reddit ]](https://www.reddit.com/r/HowToHack/comments/1i40znr/removed_by_reddit/) - - [ ] [Twitter account](https://www.reddit.com/r/HowToHack/comments/1i3z6bq/twitter_account/) -- Information Security - - [ ] [Newb question: what does an information manager *do*?](https://www.reddit.com/r/Information_Security/comments/1i47ytv/newb_question_what_does_an_information_manager_do/) -- Social Engineering - - [ ] [Best way to keep in touch with people as a freelancer?](https://www.reddit.com/r/SocialEngineering/comments/1i4fug3/best_way_to_keep_in_touch_with_people_as_a/) -- Hacking Exposed Computer Forensics Blog - - [ ] [Daily Blog #720: The new hardest question to answer in an incident](https://www.hecfblog.com/2025/01/daily-blog-720-new-hardest-question-to.html) -- netsecstudents: Subreddit for students studying Network Security and its related subjects - - [ ] [Would the Comptia A+ certification be worth it in this scenario?](https://www.reddit.com/r/netsecstudents/comments/1i3yegb/would_the_comptia_a_certification_be_worth_it_in/) + - [ ] [Cybercrime 2025: Nuove Sfide per la Sicurezza Digitale](https://www.ictsecuritymagazine.com/notizie/cybercrime-2025/) - Computer Forensics - - [ ] [Seeking Advice: Questions to Ask My Supervisor and IT Manager During My Internship](https://www.reddit.com/r/computerforensics/comments/1i4210m/seeking_advice_questions_to_ask_my_supervisor_and/) - - [ ] [Courses or books](https://www.reddit.com/r/computerforensics/comments/1i446e4/courses_or_books/) + - [ ] [Is there a way to recover the original timestamps of a folder or file in Windows?](https://www.reddit.com/r/computerforensics/comments/1i59xff/is_there_a_way_to_recover_the_original_timestamps/) + - [ ] [Hardware recommendations for a Cyber forensics student](https://www.reddit.com/r/computerforensics/comments/1i4po0t/hardware_recommendations_for_a_cyber_forensics/) +- netsecstudents: Subreddit for students studying Network Security and its related subjects + - [ ] [Landed my first internship. What should I do to prepare? How should I set up my homelab?](https://www.reddit.com/r/netsecstudents/comments/1i5aqac/landed_my_first_internship_what_should_i_do_to/) + - [ ] [LFI on DVWA can't open script in /tmp/](https://www.reddit.com/r/netsecstudents/comments/1i51u1q/lfi_on_dvwa_cant_open_script_in_tmp/) +- Social Engineering + - [ ] [Is there a way to see where a phone number is being held or quarantined ?](https://www.reddit.com/r/SocialEngineering/comments/1i53r6k/is_there_a_way_to_see_where_a_phone_number_is/) +- The Register - Security + - [ ] [OpenAI's ChatGPT crawler can be tricked into DDoSing sites, answering your queries](https://go.theregister.com/feed/www.theregister.com/2025/01/19/openais_chatgpt_crawler_vulnerability/) - Security Affairs - - [ ] [U.S. Treasury Sanctions Chinese cybersecurity firm and actor over federal agency breach tied to Salt Typhoon](https://securityaffairs.com/173209/intelligence/u-s-treasury-sanctioned-cybersecurity-firm-and-shanghai-cyber-actor-linked-salt-typhoon.html) -- Have I Been Pwned latest breaches - - [ ] [Otelier - 436,855 breached accounts](https://haveibeenpwned.com/PwnedWebsites#Otelier) -- Blackhat Library: Hacking techniques and research - - [ ] [Dead Grandmas iPhone 11](https://www.reddit.com/r/blackhat/comments/1i404m4/dead_grandmas_iphone_11/) + - [ ] [SECURITY AFFAIRS MALWARE NEWSLETTER – ROUND 29](https://securityaffairs.com/173232/malware/security-affairs-malware-newsletter-round-29.html) + - [ ] [Security Affairs newsletter Round 507 by Pierluigi Paganini – INTERNATIONAL EDITION](https://securityaffairs.com/173227/uncategorized/security-affairs-newsletter-round-507-by-pierluigi-paganini-international-edition.html) + - [ ] [A flaw in the W3 Total Cache plugin exposes hundreds of thousands of WordPress sites to attacks](https://securityaffairs.com/173219/security/w3-total-cache-wordpress-plugin-cve-2024-12365.html) +- Hacking Exposed Computer Forensics Blog + - [ ] [Daily Blog #721: Solution Saturday 1/18/25](https://www.hecfblog.com/2025/01/daily-blog-721-solution-saturday-11825.html) - The Hacker News - - [ ] [U.S. Sanctions Chinese Cybersecurity Firm Over Treasury Hack Tied to Silk Typhoon](https://thehackernews.com/2025/01/us-sanctions-chinese-cybersecurity-firm.html) + - [ ] [TikTok Goes Dark in the U.S. as Federal Ban Takes Effect January 19, 2025](https://thehackernews.com/2025/01/tiktok-goes-dark-in-us-as-federal-ban.html) - TorrentFreak - - [ ] [MAME Devs Spent 628 Years Cracking Protection on 712 Retro Games](https://torrentfreak.com/mame-devs-spent-628-years-cracking-protection-on-712-retro-games-250118/) + - [ ] [‘Piracy Shield’ Fails to Convert Pirates to Paying Subscribers, Data Suggest](https://torrentfreak.com/piracy-shield-fails-to-convert-pirates-to-paying-subscribers-data-suggest-250119/) +- Your Open Hacker Community + - [ ] [How to make mail combos](https://www.reddit.com/r/HowToHack/comments/1i5d082/how_to_make_mail_combos/) + - [ ] [USB AutoRun](https://www.reddit.com/r/HowToHack/comments/1i5613w/usb_autorun/) + - [ ] [I found a huge vulnerability in a website which is live from a while, how should I proceed now?](https://www.reddit.com/r/HowToHack/comments/1i524zp/i_found_a_huge_vulnerability_in_a_website_which/) + - [ ] [Confused about the difference between Bash Shell and Bash Shell SESSION](https://www.reddit.com/r/HowToHack/comments/1i4tyqb/confused_about_the_difference_between_bash_shell/) + - [ ] [How do I start?](https://www.reddit.com/r/HowToHack/comments/1i59myg/how_do_i_start/) + - [ ] [Websites like clone a site](https://www.reddit.com/r/HowToHack/comments/1i561mi/websites_like_clone_a_site/) + - [ ] [How to scam I wanna learn for free I done go scammed tryna learn how to scam](https://www.reddit.com/r/HowToHack/comments/1i582el/how_to_scam_i_wanna_learn_for_free_i_done_go/) + - [ ] [My friends dad is a bad guy, how to hack /phish(nothing too crazy) or Rick roll him as a prank](https://www.reddit.com/r/HowToHack/comments/1i5639j/my_friends_dad_is_a_bad_guy_how_to_hack/) +- Technical Information Security Content & Discussion + - [ ] [Windows BitLocker -- Screwed without a Screwdriver](https://www.reddit.com/r/netsec/comments/1i54psl/windows_bitlocker_screwed_without_a_screwdriver/) From 9996ee707e024a1af3dd7c8d284b3c47b2c823c6 Mon Sep 17 00:00:00 2001 From: chainreactorbot Date: Tue, 21 Jan 2025 02:45:38 +0000 Subject: [PATCH 15/29] =?UTF-8?q?=E6=AF=8F=E6=97=A5=E5=AE=89=E5=85=A8?= =?UTF-8?q?=E8=B5=84=E8=AE=AF=EF=BC=882025-01-21=EF=BC=89?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- archive/daily/2025/2025-01-21.md | 445 ++++++++++++++++++++ archive/tmp/2025-01-21.json | 526 ++++++++++++++++++++++++ today.md | 678 +++++++++++++++++++------------ 3 files changed, 1395 insertions(+), 254 deletions(-) create mode 100644 archive/daily/2025/2025-01-21.md create mode 100644 archive/tmp/2025-01-21.json diff --git a/archive/daily/2025/2025-01-21.md b/archive/daily/2025/2025-01-21.md new file mode 100644 index 0000000000..413564fc0a --- /dev/null +++ b/archive/daily/2025/2025-01-21.md @@ -0,0 +1,445 @@ +# 每日安全资讯(2025-01-21) + +- Security Boulevard + - [ ] [U.S. Treasury Sanctions Chinese Individual, Company for Data Breaches](https://securityboulevard.com/2025/01/treasury-sanctions-chinese-individual-company-for-data-breaches/) + - [ ] [The AI Revolution No One Saw Coming Until It Was Too Late](https://securityboulevard.com/2025/01/the-ai-revolution-no-one-saw-coming-until-it-was-too-late/) + - [ ] [Mobile Cybersecurity Trends for 2025: Key Predictions and Preparations](https://securityboulevard.com/2025/01/mobile-cybersecurity-trends-for-2025-key-predictions-and-preparations/) + - [ ] [Executive Order 14144 on Cybersecurity: Building on 2021’s Foundation with Advanced NHI Security](https://securityboulevard.com/2025/01/executive-order-14144-on-cybersecurity-building-on-2021s-foundation-with-advanced-nhi-security/) + - [ ] [Bluesky AT Protocol: Building a Decentralized TikTok](https://securityboulevard.com/2025/01/bluesky-at-protocol-building-a-decentralized-tiktok/) + - [ ] [Privacy Roundup: Week 3 of Year 2025](https://securityboulevard.com/2025/01/privacy-roundup-week-3-of-year-2025/) + - [ ] [Biden Signs New Cybersecurity Order](https://securityboulevard.com/2025/01/biden-signs-new-cybersecurity-order/) + - [ ] [The 2025 Themes on Data GPS](https://securityboulevard.com/2025/01/the-2025-themes-on-data-gps/) + - [ ] [From Dark Web to Jackpot: How Cybercriminals Exploit Stolen Credentials in iGaming](https://securityboulevard.com/2025/01/from-dark-web-to-jackpot-how-cybercriminals-exploit-stolen-credentials-in-igaming/) + - [ ] [Information Security Manual (ISM)](https://securityboulevard.com/2025/01/information-security-manual-ism/) +- Doonsec's feed + - [ ] [【漏洞预警】ZZCMS index.php SQL注入漏洞(CVE-2025-0565)](https://mp.weixin.qq.com/s?__biz=MzI3NzMzNzE5Ng==&mid=2247489485&idx=1&sn=e5ea1e03489d9276fac40db96a823bb7) + - [ ] [TikTok为何起死回生](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485443&idx=1&sn=dd23aa4fd95519d14cc33ef2d54c8810) + - [ ] [【直卖实拍】北七家3居变4居豪装,理想楼层、户型、朝向](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485443&idx=2&sn=b36fdcdc5a0525e1db0a2fa6508f52dc) + - [ ] [【干货】笑傲职场的独家经验(1)](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485443&idx=3&sn=88641f7357a1f75be1dc1d32c6752987) + - [ ] [【干货原创】实网攻防演习常态化,会带来什么变化01](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485443&idx=4&sn=f71b5322469f2fa2ccfe166579caebb1) + - [ ] [【干货原创】K12教育,鲜为人知的模式秘密](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485443&idx=5&sn=6d627d2c0be617514fc89ab29ca4b5e9) + - [ ] [原创文章目录](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485443&idx=6&sn=fad9c90b81fc4f20dcc44dc1f14c9c5f) + - [ ] [SQL注入全知道:网络安全的关键一课](https://mp.weixin.qq.com/s?__biz=Mzk2NDE3NDUwNg==&mid=2247483828&idx=1&sn=8ef20fd531a6dcf1a4e1cda040353abd) + - [ ] [Win11综合渗透系统,第二个”kali“武器库](https://mp.weixin.qq.com/s?__biz=MzU2MTc4NTEyNw==&mid=2247486356&idx=1&sn=a92c101f23fbced3106f21dd7797fe8b) + - [ ] [如何mongodb未授权访问漏洞](https://mp.weixin.qq.com/s?__biz=MzU1NjczNjA0Nw==&mid=2247486273&idx=1&sn=9a0ebba7a700f0ae0410be83b4b1df00) + - [ ] [国家发展改革委 国家数据局印发:《公共数据资源登记管理暂行办法》](https://mp.weixin.qq.com/s?__biz=MzI5NTM4OTQ5Mg==&mid=2247633921&idx=1&sn=18de258173a0a62f2d71cd2ca2582883) + - [ ] [国家发展改革委 国家数据局印发:《公共数据资源授权运营实施规范(试行)》](https://mp.weixin.qq.com/s?__biz=MzI5NTM4OTQ5Mg==&mid=2247633921&idx=2&sn=c418f7c2c0e0d01528c11d8e9353f68c) + - [ ] [国家发展改革委 国家数据局:建立公共数据资源授权运营价格形成机制](https://mp.weixin.qq.com/s?__biz=MzI5NTM4OTQ5Mg==&mid=2247633921&idx=3&sn=6cf19acc3796e33b2cce9a02142745d1) + - [ ] [联播 | 我国首次出台公共数据资源开发利用实施细则](https://mp.weixin.qq.com/s?__biz=MzI5NTM4OTQ5Mg==&mid=2247633921&idx=4&sn=2289a72714579a09896c3c81b515d927) + - [ ] [特朗普发虚拟币,盘中暴涨1250%!](https://mp.weixin.qq.com/s?__biz=MzI5NTM4OTQ5Mg==&mid=2247633921&idx=5&sn=54a5ea5792206d9bae4c05e339bd07d5) + - [ ] [入群交流](https://mp.weixin.qq.com/s?__biz=MzI3NzM5NDA0NA==&mid=2247490304&idx=1&sn=a98b3b79b777c84182792e9c67ffacce) + - [ ] [【知识点】解密:HUMINT、SIGINT、OSINT、MASINT、GEOINT 、IMINT、SOCMINT、MEDINT等](https://mp.weixin.qq.com/s?__biz=MzI2MTE0NTE3Mw==&mid=2651148633&idx=1&sn=80a6c18af41984c8aaa601f82ccd7ac8) + - [ ] [渗透测试人员的 MSSQL:NetExec](https://mp.weixin.qq.com/s?__biz=MzU1NjczNjA0Nw==&mid=2247486268&idx=1&sn=450e1a636c028a9d9e1fe429289a8668) + - [ ] [常见几种网络协议分析](https://mp.weixin.qq.com/s?__biz=MzAxNTg1MDYxNA==&mid=2247489128&idx=1&sn=313dc6f577ec674a9a177d748316db7b) + - [ ] [HGAME 2025 来啦!](https://mp.weixin.qq.com/s?__biz=MzIxNDU2ODg3Mw==&mid=2247485952&idx=1&sn=799660f91d48a13de14372592f792a47) + - [ ] [商务合作](https://mp.weixin.qq.com/s?__biz=MzI3NzM5NDA0NA==&mid=2247490298&idx=1&sn=29a1662bf8226520fd86fc0e9622b590) + - [ ] [游戏数据安全——论各大防封手段](https://mp.weixin.qq.com/s?__biz=MzkyMTQzNTM3Ng==&mid=2247483891&idx=1&sn=2558903c6966574bc94858f004b07211) + - [ ] [由国家医保局集采出现的低价低质药品问题想到网络安全产品采购](https://mp.weixin.qq.com/s?__biz=Mzk0MDI5MTQzMg==&mid=2247483930&idx=1&sn=228a4301c1f6b71dd85754c22ba6beed) + - [ ] [【调研】网络与信息法学研究机构调研问卷](https://mp.weixin.qq.com/s?__biz=MzU1NDY3NDgwMQ==&mid=2247549334&idx=1&sn=82cf21764d504b41a48962823d8ed655) + - [ ] [【资讯】贵州省政府办公厅印发《贵州省公共数据授权运营管理办法(试行)》](https://mp.weixin.qq.com/s?__biz=MzU1NDY3NDgwMQ==&mid=2247549334&idx=2&sn=053caf442ee04b3f5546728815a77d5c) + - [ ] [【资讯】黑龙江省政府办公厅印发《黑龙江省政务数据管理暂行办法》](https://mp.weixin.qq.com/s?__biz=MzU1NDY3NDgwMQ==&mid=2247549334&idx=3&sn=5c8a8470788284305db508aa96bd7c79) + - [ ] [【资讯】重庆市政府办公厅印发《重庆市智慧医疗装备产业创新发展行动计划(2025—2027年)》](https://mp.weixin.qq.com/s?__biz=MzU1NDY3NDgwMQ==&mid=2247549334&idx=4&sn=f2251d4ebfb1aeedfd16c0781ec39e40) + - [ ] [保护开源:软件供应链革命的教训](https://mp.weixin.qq.com/s?__biz=MzA4MzMzOTQ4Mw==&mid=2453672504&idx=1&sn=babb0420709b2e937d08399d4d0253d8) + - [ ] [2024春秋杯冬季赛部分wp](https://mp.weixin.qq.com/s?__biz=MzkzNzg4MTI0NQ==&mid=2247485407&idx=1&sn=1cf860634c2c903157b69595dfaf0367) + - [ ] [梦里挖edu src的步骤](https://mp.weixin.qq.com/s?__biz=Mzg3OTUxNTU2NQ==&mid=2247490011&idx=1&sn=b84ffdb0597e4d6c90da739f541f310c) + - [ ] [渗透测试信息收集指南](https://mp.weixin.qq.com/s?__biz=Mzg3OTUxNTU2NQ==&mid=2247490011&idx=2&sn=493f7191ac6cb9fcfbc24240dc688f1e) + - [ ] [【库迪咖啡|全场饮品任选券|多店可用】现价仅需7.9 低至2.3折](https://mp.weixin.qq.com/s?__biz=Mzg3OTUxNTU2NQ==&mid=2247490011&idx=3&sn=696b18cad8b2a463ec2185c4ac088e12) + - [ ] [告别手动编辑:如何用Python快速创建Ansible hosts文件?](https://mp.weixin.qq.com/s?__biz=MjM5OTc5MjM4Nw==&mid=2457386352&idx=1&sn=8feb8deabf383342740f93b565b22599) + - [ ] [Linux系统沦陷只需1分钟?这些文件权限配置千万别踩坑!](https://mp.weixin.qq.com/s?__biz=MzI5MjY4MTMyMQ==&mid=2247489749&idx=1&sn=7962c59b247991746167fa1a11ae454e) + - [ ] [【云安全】云原生-Docker(一)安全问题概述](https://mp.weixin.qq.com/s?__biz=MzUyNTUyNTA5OQ==&mid=2247484414&idx=1&sn=24240cde29e42a4c1d40be5dc842887c) + - [ ] [三江汇流 共赴未来 | 三未信安2025年全体员工大会暨优秀员工颁奖典礼、迎新年会圆满举办](https://mp.weixin.qq.com/s?__biz=MzA5ODk0ODM5Nw==&mid=2650330729&idx=1&sn=01e972e79a2a22651fe6dc099e789730) + - [ ] [供应链危机四伏:2024年十大供应链安全事件盘点](https://mp.weixin.qq.com/s?__biz=MzkxMzQwNDcxNg==&mid=2247486847&idx=1&sn=d89231f87a5afce0ccd46a4e73f593a8) + - [ ] [下辈子准时点](https://mp.weixin.qq.com/s?__biz=MzAwMjQ2NTQ4Mg==&mid=2247496696&idx=1&sn=3a506bc2e55fccbc563b774c17a54714) + - [ ] [每日情报速递](https://mp.weixin.qq.com/s?__biz=MzkxMzU4ODU2MQ==&mid=2247484008&idx=1&sn=ac715abc887e00dbbfc1436a108e6250) + - [ ] [pikachu靶机-sql注入](https://mp.weixin.qq.com/s?__biz=Mzk1NzI5NzA3NQ==&mid=2247486295&idx=1&sn=62db4342ca546762d7dad726b689a216) + - [ ] [意外发现谷歌Slides越权漏洞,获得赏金$3133.70的故事](https://mp.weixin.qq.com/s?__biz=Mzg2ODYxMzY3OQ==&mid=2247518279&idx=1&sn=7d44805e31cccc886d5a926e01ac7338) + - [ ] [SRC专项知识库](https://mp.weixin.qq.com/s?__biz=Mzg2ODYxMzY3OQ==&mid=2247518279&idx=2&sn=848576913cb502b4079a9268c93b2f96) + - [ ] [新年要到了,地图大师和大家请个假!](https://mp.weixin.qq.com/s?__biz=MzI5MDcyODIzNg==&mid=2247484847&idx=1&sn=ea43296b01431c6d05978d81aca141e9) + - [ ] [金盾信安 | 网络和数据领域资讯第44期(2025.1.14-2025.1.20)](https://mp.weixin.qq.com/s?__biz=MjM5NjA2NzY3NA==&mid=2448682463&idx=1&sn=6b0cf0e4166f632f756e6d7185550a0c) + - [ ] [一图读懂 | 关于完善数据流通安全治理 更好促进数据要素市场化价值化的实施方案](https://mp.weixin.qq.com/s?__biz=MjM5NjA2NzY3NA==&mid=2448682463&idx=2&sn=0b3adf79225cf56eeea212f3b7827b2e) + - [ ] [从信息泄露到越权再到弱口令](https://mp.weixin.qq.com/s?__biz=MzIzMTIzNTM0MA==&mid=2247496915&idx=1&sn=ab34ad81c6b8fa8f2d00b9513c025fa4) + - [ ] [DeepSeek-R1发布:AI模型的新突破与挑战](https://mp.weixin.qq.com/s?__biz=Mzg4NDY4Mzk3Mw==&mid=2247485508&idx=1&sn=24b05cfb5c4bc56938cae5df32894666) + - [ ] [凉山叙事](https://mp.weixin.qq.com/s?__biz=MzUzMjQyMDE3Ng==&mid=2247487923&idx=1&sn=27de2e79a46e08f68e6fd4cadd99c580) + - [ ] [用AI批量画美女,起号快涨粉猛!](https://mp.weixin.qq.com/s?__biz=MzU5MjI1NTY1Mg==&mid=2247484026&idx=1&sn=5fe17628890ac8925d456ec37ddbb401) + - [ ] [什么?超级大黑客挖不到CVE怪别人?](https://mp.weixin.qq.com/s?__biz=Mzg2NDg2MDIxNQ==&mid=2247485337&idx=1&sn=0e18e12e4583d3266cf4cfeef786a4d4) + - [ ] [G.O.S.S.I.P 技术笔记 2025-01-15 薛定谔的寄存器?](https://mp.weixin.qq.com/s?__biz=Mzg5ODUxMzg0Ng==&mid=2247499629&idx=1&sn=2890acf36b4707a5bf91f3c823c4a5db) + - [ ] [重要通知 | 水务行业信息技术应用创新典型案例征集活动正式开启!](https://mp.weixin.qq.com/s?__biz=MjM5NzYwNDU0Mg==&mid=2649249501&idx=1&sn=7fb28777ad09673ab4833b0e29dd508a) + - [ ] [Pycharm接入DeepSeek-Coder](https://mp.weixin.qq.com/s?__biz=MjM5NDcxMDQzNA==&mid=2247489378&idx=1&sn=1aff955a1f6d90eca2719ea543dc1f6e) + - [ ] [区域 EE 架构的网络安全设计原则](https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247619836&idx=1&sn=e0ed060c4fa01b7116987d615eaee244) + - [ ] [汽车行业的4项基本网络安全原则](https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247619836&idx=2&sn=dfcd600112ecc5a305a8575993cad59f) + - [ ] [汽车网络安全原则](https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247619836&idx=3&sn=e130f913bea9bf203e72ceed015b3888) + - [ ] [基于MQTT协议的物联网小基站](https://mp.weixin.qq.com/s?__biz=MzkxMzIwNTY1OA==&mid=2247510807&idx=1&sn=a3f9af8ad8ab86ab84ec3ee023997827) + - [ ] [利用 Windows 常见日志文件系统零日漏洞 (CVE-2024-49138)](https://mp.weixin.qq.com/s?__biz=MzI0NzE4ODk1Mw==&mid=2652094653&idx=1&sn=0a8f46713971d1eae5f9bc98fe0e3049) + - [ ] [严重远程代码执行漏洞(CVE-2024-53691)在QNAP 系统中被发现](https://mp.weixin.qq.com/s?__biz=MzI0NzE4ODk1Mw==&mid=2652094653&idx=2&sn=c69dfb1b57a25f58f75e9a9f5422bd0c) + - [ ] [解读出国劳务:表面邀请拍戏,实则人口交易,走上小路,却是末路!](https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651312480&idx=1&sn=2be5b35dfbdedbfdbcdd3f9202df131a) + - [ ] [惠普被黑客入侵,机密数据在暗网出售](https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651312480&idx=2&sn=a05f6eecc8d3d1f5f003190048e55fcb) + - [ ] [黑客滥用微软VSCode 远程隧道绕过安全工具](https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651312480&idx=3&sn=b0c12a4dddb00af1b5562fe19c9287c8) + - [ ] [Hannibal:一款基于C的x64 Windows代理](https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651312480&idx=4&sn=f4a2e1bfaa023f53f89e41093fef9be4) + - [ ] [豆包实时语音大模型上线即开放!情商智商双高](https://mp.weixin.qq.com/s?__biz=MzI1MzYzMjE0MQ==&mid=2247512895&idx=1&sn=49ed677b655176bbbd6eee6f4ddc18e1) + - [ ] [SQL注入靶场(前22关)保姆级教学](https://mp.weixin.qq.com/s?__biz=MzkzNjg3NzIwOQ==&mid=2247485112&idx=1&sn=80fc51e061a399aa0576b2480a0953a3) + - [ ] [带你解锁编码新世界!--随波逐流CTF编码工具使用教程37 --云影密码](https://mp.weixin.qq.com/s?__biz=MzU2NzIzNzU4Mg==&mid=2247489499&idx=1&sn=56bef61a2ffed756e0bb9b4217c0834e) + - [ ] [第三届N1CTF Junior报名开启](https://mp.weixin.qq.com/s?__biz=MzU4MTg1NzAzMA==&mid=2247490615&idx=1&sn=a3e77db49dc51e0396b2ffd6f5886aee) + - [ ] [【安全圈】宁波某化工企业被境外势力获取危险源监控视频数据](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067503&idx=1&sn=018f26decbcead5c44d6897dcaac4696) + - [ ] [【安全圈】黑客声称惠普企业遭入侵,列出待售数据](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067503&idx=2&sn=91d7e9ae298ff62eea78d7143853f356) + - [ ] [【安全圈】黑客滥用 Microsoft VSCode 远程隧道绕过安全工具](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067503&idx=3&sn=0b2738a898f48ebbcd35b935ea9b9b9b) + - [ ] [【安全圈】无需拆卸笔记本电脑即可访问 Windows 11 BitLocker 加密文件](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067503&idx=4&sn=17aa39950a2ad339c5c9189715ebc4f2) + - [ ] [AI时代-利用Ai赚钱的N中方法](https://mp.weixin.qq.com/s?__biz=Mzg2NDYwMDA1NA==&mid=2247543554&idx=1&sn=6ca82e5051fc54fba128ff1b6bc374ce) + - [ ] [“升官发财”,特朗普虚拟币暴涨41200%!“第一夫人币”两小时近腰斩](https://mp.weixin.qq.com/s?__biz=Mzg2NDYwMDA1NA==&mid=2247543554&idx=2&sn=50d4d9652b497a556e9a9f1a064d6a6e) + - [ ] [多伦多大学年度黑客松“UofTHacks 12” 在DoraHacks正式开启](https://mp.weixin.qq.com/s?__biz=MzU2MTQwMzMxNA==&mid=2247541420&idx=1&sn=7520eaaa0a11fb4924fd960022874b02) + - [ ] [电力安全|2024年新型电力系统安全建设指南报告(附下载)](https://mp.weixin.qq.com/s?__biz=MzI2MDk2NDA0OA==&mid=2247531128&idx=1&sn=7e001d4bfcf9cda041d5c9360cbe2d81) + - [ ] [干货 | 中国市政华北院刘杰:工业信息安全在市政行业的应用(附视频+PPT)](https://mp.weixin.qq.com/s?__biz=MzI2MDk2NDA0OA==&mid=2247531128&idx=2&sn=77375409542f4a968c5c5b2d10088225) + - [ ] [全球视野 | 国际网安快讯(第46期)](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235156&idx=1&sn=0d1b4aa189b788c665f35ccc52b8c79c) + - [ ] [关注 | 中央网信办启动“清朗·2025年春节网络环境整治”专项行动](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235156&idx=2&sn=4b39d631ae07312faba443f5436ad10d) + - [ ] [专家解读 | 蒋艳:促进数据标注能力提升,筑牢工业智能数据基础](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235156&idx=3&sn=558d06cf50feba02ada95b443dd3c827) + - [ ] [专家观点 | 构建多元化的人工智能训练数据供给体系](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235156&idx=4&sn=1dbca4b896271872f13bb321297280ba) + - [ ] [国际 | 欧盟计划加强医疗保健行业网络安全](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235156&idx=5&sn=957baf161a599a455c3db7e971b5e1be) + - [ ] [国际 | 日本强化“主动网络防御”能力](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235156&idx=6&sn=8ccd83bcc4b8e4593e6fdd896fa083e0) + - [ ] [评论 | 请读懂用“反向驯化”对付算法背后的诉求](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235156&idx=7&sn=f84b09b4c82d9bc9efe8c1c5f4c91a4d) + - [ ] [第84期 | GPTSecurity周报](https://mp.weixin.qq.com/s?__biz=MzkzNDUxOTk2Mw==&mid=2247495733&idx=1&sn=b25764a0c1cb74d6cf486000580c406c) + - [ ] [喜报 | 卫达信息董事长兼CEO张长河入选北京信息化协会专家库](https://mp.weixin.qq.com/s?__biz=Mzg5NDY0NTM2Nw==&mid=2247492228&idx=1&sn=9f73182c1bd8a144aa165eee1ff349b8) + - [ ] [保姆级教学之XSS-Labs通关](https://mp.weixin.qq.com/s?__biz=Mzk1NzQwNjQ4Ng==&mid=2247484597&idx=1&sn=48da660e734995c35cec93cddff84fd8) + - [ ] [电科网安*安默科技2024年终总结暨2025年迎新会圆满落幕](https://mp.weixin.qq.com/s?__biz=MzU3ODk0MzE4OA==&mid=2247488051&idx=1&sn=6f19acffa8173f7a20541412fc6576a5) + - [ ] [对话|ESA如何助力企业高效安全开展在线业务?](https://mp.weixin.qq.com/s?__biz=MzU5ODgzNTExOQ==&mid=2247635009&idx=1&sn=69db4caf5105b9b0125c63728b5fecaa) + - [ ] [【黑产大数据】2024年互联网黑灰产趋势年度总结](https://mp.weixin.qq.com/s?__biz=MzU5ODgzNTExOQ==&mid=2247635009&idx=2&sn=3dde0197ea08fcea6abbf1efcc97121e) + - [ ] [T1059.009 命令执行:云API异常调用](https://mp.weixin.qq.com/s?__biz=Mzk0NDcyMjU2OQ==&mid=2247484541&idx=1&sn=c834b9f4ff672abc3b456507acb31eeb) + - [ ] [盘点!美亚柏科电子数据取证技术实现多项关键性突破](https://mp.weixin.qq.com/s?__biz=MjM5NTU4NjgzMg==&mid=2651436426&idx=1&sn=a33191a6dedd3921aaf30e03d59a4725) + - [ ] [国投智能(美亚柏科)2025年首期师资培训班顺利结营](https://mp.weixin.qq.com/s?__biz=MjM5NTU4NjgzMg==&mid=2651436426&idx=2&sn=a927c434d43af1cb6365563dda66f575) + - [ ] [CNVD漏洞周报2025年第3期](https://mp.weixin.qq.com/s?__biz=MzU3ODM2NTg2Mg==&mid=2247495715&idx=1&sn=c02f8d40b18ff20468aa338efd776c5d) + - [ ] [上周关注度较高的产品安全漏洞(20250113-20250119)](https://mp.weixin.qq.com/s?__biz=MzU3ODM2NTg2Mg==&mid=2247495715&idx=2&sn=b9b9d870553d36e181ba7d1702fde7da) + - [ ] [面向脚本小子的360QVM](https://mp.weixin.qq.com/s?__biz=MzU0NDc0NTY3OQ==&mid=2247488404&idx=1&sn=767ba5298bab860a12d1a405c60ff539) + - [ ] [3家公司未履行网络安全保护义务被网信部门约谈](https://mp.weixin.qq.com/s?__biz=MzIxMDIwODM2MA==&mid=2653931455&idx=1&sn=9869843197ad2257ce5e19eceb4cdd5c) + - [ ] [河南农商联合银行1000万扩容大数据平台,服务器中标金额近乎“腰斩”](https://mp.weixin.qq.com/s?__biz=MzIxMDIwODM2MA==&mid=2653931455&idx=2&sn=2b60d33885356d3902384fba93149b07) + - [ ] [滴!您有一封来自360安全大模型的年度报告待查收](https://mp.weixin.qq.com/s?__biz=MzA4MTg0MDQ4Nw==&mid=2247579147&idx=1&sn=0643e297c264261888a85bdd3bd4b117) + - [ ] [国际权威认可!奇安信入选全球外部威胁情报服务代表性提供商](https://mp.weixin.qq.com/s?__biz=MzU0NDk0NTAwMw==&mid=2247624499&idx=1&sn=2bde033592b17124298b7604ce3f2346) + - [ ] [吴云坤总裁荣获CCF计算机博物馆建设年度杰出贡献奖](https://mp.weixin.qq.com/s?__biz=MzU0NDk0NTAwMw==&mid=2247624499&idx=2&sn=1e3dedef1c1a65b4d6d35a1739c53535) + - [ ] [SQL注入的入门指南](https://mp.weixin.qq.com/s?__biz=Mzk0Mjg4MTQxMw==&mid=2247485731&idx=1&sn=001b161a0e206c805ff76545de384fae) + - [ ] [WGS-804HPT 交换机中存在多个严重漏洞,可导致RCE和网络利用](https://mp.weixin.qq.com/s?__biz=MzI2NTg4OTc5Nw==&mid=2247522124&idx=1&sn=8b928d650502c3cebc7b2ae0e85282a2) + - [ ] [PyPI 恶意包窃取Discord 开发人员的认证令牌](https://mp.weixin.qq.com/s?__biz=MzI2NTg4OTc5Nw==&mid=2247522124&idx=2&sn=98991414f4675f83bbb4a3935a2f16e1) + - [ ] [拜登辛苦布局,特朗普一键清零](https://mp.weixin.qq.com/s?__biz=MzkxMTA3MDk3NA==&mid=2247487075&idx=1&sn=76de4b585df35469219561d742159caf) + - [ ] [APT-C-26(Lazarus)组织持续升级攻击武器,利用Electron程序瞄准加密货币行业](https://mp.weixin.qq.com/s?__biz=MzUyMjk4NzExMA==&mid=2247505519&idx=1&sn=594229f2c0123673d1fa9c6cf729858b) + - [ ] [每周网安资讯 (1.7-1.13)|微软补丁日通告:2025年1月版](https://mp.weixin.qq.com/s?__biz=MzI2MzU0NTk3OA==&mid=2247505727&idx=1&sn=05d5f08860d3524fce4b867cf81fddae) + - [ ] [构筑业务系统监测预警体系,中孚信息筑牢国家安全保密新防线](https://mp.weixin.qq.com/s?__biz=MzAxMjE1MDY0NA==&mid=2247508720&idx=1&sn=b1a3fb7b9050e2c9f6897d8018d2fe99) + - [ ] [规划丨2025,对您的未来许下承诺](https://mp.weixin.qq.com/s?__biz=MzUzNTg4NDAyMg==&mid=2247492307&idx=1&sn=3a6a128fe59dd9a6c20465afe53b24a5) + - [ ] [150亿造车新势力,宣布停运破产](https://mp.weixin.qq.com/s?__biz=MzIzOTc2OTAxMg==&mid=2247549173&idx=1&sn=0c7333f70cb52cfe2b8da933eea4de06) + - [ ] [阿维塔确认参展AutoSec 9周年行业年会,亮剑汽车安全防护!](https://mp.weixin.qq.com/s?__biz=MzIzOTc2OTAxMg==&mid=2247549173&idx=2&sn=b66c040ec84ff0496a5cfcad390306df) + - [ ] [智能汽车安全理念的融合发展趋势预测](https://mp.weixin.qq.com/s?__biz=MzIzOTc2OTAxMg==&mid=2247549173&idx=3&sn=294f9fc1441e0a598b1e6efbf7597b66) + - [ ] [拜登再次发布网络安全行政令,全面加强美国国家网络防御创新](https://mp.weixin.qq.com/s?__biz=MzkwMTQyODI4Ng==&mid=2247495621&idx=1&sn=a052c6624c11fc6742d544424b993705) + - [ ] [2025年人工智能带来的五大网络安全趋势及其应对策略](https://mp.weixin.qq.com/s?__biz=MzkwMTQyODI4Ng==&mid=2247495621&idx=2&sn=689ff446f9d50f48c3a51f31d8210332) + - [ ] [Fortinet防火墙配置文件和VPN账户大规模泄露](https://mp.weixin.qq.com/s?__biz=MzkwMTQyODI4Ng==&mid=2247495621&idx=3&sn=9f373b789858198dc0c229e52a1d9911) + - [ ] [测评公告(2025年第1号)](https://mp.weixin.qq.com/s?__biz=MzI0NDg4MTIyNQ==&mid=2247486012&idx=1&sn=3e2ba62d7a8f49614ac4ed43fe5d70c6) + - [ ] [天翁安全 2025年新年粉丝专属红包来啦(第二弹)!](https://mp.weixin.qq.com/s?__biz=MzkwMzUyMjk2MQ==&mid=2247484100&idx=1&sn=c306276e7193d6c54a955c0cc151bb98) + - [ ] [开源前哨 · 热点情报速览(2025.1.14-2025.1.20)](https://mp.weixin.qq.com/s?__biz=Mzg2Nzg0NDkwMw==&mid=2247493204&idx=1&sn=3c970abd0871869c3dee3b7721e01585) + - [ ] [再获认可 |珞安科技自主研发产品入选CCIA第二版《网络安全专用产品指南》](https://mp.weixin.qq.com/s?__biz=MzU2NjI5NzY1OA==&mid=2247512181&idx=1&sn=30d15c8974a91118212031b6ab347066) + - [ ] [学习PE文件后的第一次实践项目之DLL反射型注入](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458588763&idx=1&sn=3f8a5ac4ea9d15820cc2cd6d5692963e) + - [ ] [开源工具 rsync 爆重大漏洞,黑客可越界写入缓冲区执行代码](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458588763&idx=2&sn=987fea6e7bc8cce2c77f2e2035072ac4) + - [ ] [今日更新:第4章2节-模糊测试工具基础使用](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458588763&idx=3&sn=094fc7e969bab88e07445fbca7b4b304) + - [ ] [从国赛到西湖论剑:fenjing进阶通杀jinjia2_SSTI](https://mp.weixin.qq.com/s?__biz=MzkxMDU5MzY0NQ==&mid=2247484461&idx=1&sn=b866a874c1d918dd649f80acfedc093f) + - [ ] [安全赋能丨梆梆安全受邀出席低空智联网专题座谈会暨首发低空安防智库揭牌仪式](https://mp.weixin.qq.com/s?__biz=MjM5NzE0NTIxMg==&mid=2651135123&idx=1&sn=756ef14e26921f7a402507c2c4e138a2) + - [ ] [再获殊荣|梆梆安全荣获中国网络安全产业联盟CCIA“2024年度先进会员单位”](https://mp.weixin.qq.com/s?__biz=MjM5NzE0NTIxMg==&mid=2651135123&idx=2&sn=2f3995fc6ee68b6a2b27acb6df3ba20d) + - [ ] [大寒 | 寒冬岁暮听风雪 静待春来万物生](https://mp.weixin.qq.com/s?__biz=MjM5NzE0NTIxMg==&mid=2651135123&idx=3&sn=0667693e8d3711a95039eee3e967dd29) + - [ ] [扫码下载 | 应急响应实战分析](https://mp.weixin.qq.com/s?__biz=MjM5OTk4MDE2MA==&mid=2655264138&idx=1&sn=76425edffe100ad52ff62ab4daa342e8) + - [ ] [漏洞预警 NetMizer 日志审计 axx.php sql注入漏洞](https://mp.weixin.qq.com/s?__biz=MzkyMTMwNjU1Mg==&mid=2247491972&idx=1&sn=1ca23e5d04a0a77875e0689e1e8c2501) + - [ ] [聚铭网络荣膺“2024年网络安全十大优秀产品”殊荣](https://mp.weixin.qq.com/s?__biz=MzIzMDQwMjg5NA==&mid=2247506558&idx=1&sn=2b88b9ebaf25df77a090a4232cc314e4) + - [ ] [安全服务不打烊 | 聚铭网络2025年春节放假通知](https://mp.weixin.qq.com/s?__biz=MzIzMDQwMjg5NA==&mid=2247506558&idx=2&sn=56a659bd2da7af8f60c01461daab69a2) + - [ ] [重磅!中共中央、国务院印发《教育强国建设规划纲要(2024-2035年)》](https://mp.weixin.qq.com/s?__biz=MzUyMzA1MTM2NA==&mid=2247499058&idx=1&sn=bb88b8e49b482515503e43edbdebdc17) +- Zgao's blog + - [ ] [0889挖矿团伙rootkit后门溯源排查记录](https://zgao.top/0889%e6%8c%96%e7%9f%bf%e5%9b%a2%e4%bc%99rootkit%e5%90%8e%e9%97%a8%e6%ba%af%e6%ba%90%e6%8e%92%e6%9f%a5%e8%ae%b0%e5%bd%95/) +- SecWiki News + - [ ] [SecWiki News 2025-01-20 Review](http://www.sec-wiki.com/?2025-01-20) +- 奇安信攻防社区 + - [ ] [浅谈恶意样本の反沙箱分析](https://forum.butian.net/share/4050) + - [ ] [在 JSP 中优雅的注入 Spring 内存马](https://forum.butian.net/share/4053) +- Private Feed for M09Ic + - [ ] [mgeeky starred jdu2600/Etw-SyscallMonitor](https://github.com/jdu2600/Etw-SyscallMonitor) + - [ ] [mgeeky starred jdu2600/CFG-FindHiddenShellcode](https://github.com/jdu2600/CFG-FindHiddenShellcode) + - [ ] [mgeeky starred jdu2600/EtwTi-FluctuationMonitor](https://github.com/jdu2600/EtwTi-FluctuationMonitor) + - [ ] [mgeeky starred panther-labs/panther-analysis](https://github.com/panther-labs/panther-analysis) + - [ ] [mgeeky starred praetorian-inc/goffloader](https://github.com/praetorian-inc/goffloader) + - [ ] [mgeeky starred hakaioffsec/coffee](https://github.com/hakaioffsec/coffee) + - [ ] [mgeeky starred gabriellandau/EDRSandblast-GodFault](https://github.com/gabriellandau/EDRSandblast-GodFault) + - [ ] [HuYlllc pushed to dev in chainreactors/malice-network](https://github.com/chainreactors/malice-network/compare/40ff4b0d2b...1d104aceb6) + - [ ] [kpcyrd forked kpcyrd/usbd-serial from rust-embedded-community/usbd-serial](https://github.com/kpcyrd/usbd-serial) + - [ ] [mgeeky starred jdu2600/Windows10EtwEvents](https://github.com/jdu2600/Windows10EtwEvents) + - [ ] [mgeeky starred Textualize/rich](https://github.com/Textualize/rich) + - [ ] [mgeeky starred yardenshafir/cet-research](https://github.com/yardenshafir/cet-research) + - [ ] [mgeeky starred gabriellandau/ShadowStackWalk](https://github.com/gabriellandau/ShadowStackWalk) + - [ ] [zema1 starred HACK-THE-WORLD/IDAPluginList](https://github.com/HACK-THE-WORLD/IDAPluginList) + - [ ] [zema1 starred REhints/HexRaysCodeXplorer](https://github.com/REhints/HexRaysCodeXplorer) + - [ ] [kpcyrd started following riotbib](https://github.com/riotbib) + - [ ] [gh0stkey starred zsh-users/zsh-syntax-highlighting](https://github.com/zsh-users/zsh-syntax-highlighting) + - [ ] [nightRainy starred mstorsjo/llvm-mingw](https://github.com/mstorsjo/llvm-mingw) + - [ ] [zema1 starred sigoden/aichat](https://github.com/sigoden/aichat) + - [ ] [mgeeky starred tasooshi/torboost](https://github.com/tasooshi/torboost) + - [ ] [zer0yu started following adysec](https://github.com/adysec) + - [ ] [zer0yu starred 0x727/ChkApi_0x727](https://github.com/0x727/ChkApi_0x727) + - [ ] [h3zh1 pushed to v0.0.4dev in chainreactors/malice-network](https://github.com/chainreactors/malice-network/compare/30083561aa...9ebee1c061) + - [ ] [zema1 starred rainers/cv2pdb](https://github.com/rainers/cv2pdb) + - [ ] [timwhitez starred jaksi/sshesame](https://github.com/jaksi/sshesame) + - [ ] [timwhitez starred droberson/ssh-honeypot](https://github.com/droberson/ssh-honeypot) + - [ ] [timwhitez starred magisterquis/sshhipot](https://github.com/magisterquis/sshhipot) +- 安全脉搏 + - [ ] [记一次攻防演练中的若依(thymeleaf 模板注入)getshell](https://www.secpulse.com/archives/205071.html) + - [ ] [浅谈内联钩取原理与实现](https://www.secpulse.com/archives/205124.html) +- 嘶吼 RoarTalk – 网络安全行业综合服务平台,4hou.com + - [ ] [绿盟科技2024年预计收入高增,亏损大幅收窄](https://www.4hou.com/posts/8gzr) +- Recent Commits to cve:main + - [ ] [Update Mon Jan 20 20:20:12 UTC 2025](https://github.com/trickest/cve/commit/aedb363a6106f923d0179fd99792efccf1112259) + - [ ] [Update Mon Jan 20 12:23:13 UTC 2025](https://github.com/trickest/cve/commit/9d315db2ba795d0c7604551387c8e81ce6d2ef12) + - [ ] [Update Mon Jan 20 04:21:50 UTC 2025](https://github.com/trickest/cve/commit/315f452078d121de79d7ba03d7de4677c9edcea8) +- 一个被知识诅咒的人 + - [ ] [仅249美元!英伟达推出超强AI开发套件,开启机器人与智能应用新纪元](https://blog.csdn.net/nokiaguy/article/details/145265736) + - [ ] [Python性能分析全攻略:从cProfile到line_profiler,全面优化你的代码](https://blog.csdn.net/nokiaguy/article/details/145260325) + - [ ] [Python中的内存管理揭秘:全面防止内存泄漏,提升程序稳定性](https://blog.csdn.net/nokiaguy/article/details/145260311) +- obaby@mars + - [ ] [搬家](https://h4ck.org.cn/2025/01/19019) +- 安全客-有思想的安全新媒体 + - [ ] [四个关键词,回眸360发力人才培育这一年](https://www.anquanke.com/post/id/303648) + - [ ] [Yubico 解决 pam-u2f 软件包中的身份验证绕过漏洞 CVE-2025-23013](https://www.anquanke.com/post/id/303645) + - [ ] [CVE-2024-53691: 针对严重 QNAP RCE 漏洞发布 PoC 漏洞利用程序](https://www.anquanke.com/post/id/303642) + - [ ] [微软开始强制升级 Windows 11 22H2、23H3 设备](https://www.anquanke.com/post/id/303639) + - [ ] [CVE-2024-49113 检测: 通过公开可用 PoC 利用 Windows LDAP 拒绝服务漏洞又名 LDAPNightmare](https://www.anquanke.com/post/id/303636) + - [ ] [微软修复 Windows Server 系统上 Office 365 应用程序崩溃问题](https://www.anquanke.com/post/id/303633) + - [ ] [恶意 PyPi 软件包窃取开发人员的 Discord 验证令牌](https://www.anquanke.com/post/id/303630) + - [ ] [Otelier 数据泄露事件暴露了数百万人的信息和酒店预订信息](https://www.anquanke.com/post/id/303627) + - [ ] [美国联邦贸易委员会命令通用汽车停止收集和出售驾驶员数据](https://www.anquanke.com/post/id/303624) + - [ ] [W3 Total Cache 插件中的一个漏洞使数十万个 WordPress 网站受到攻击](https://www.anquanke.com/post/id/303621) +- MaskRay + - [ ] [Natural loops](https://maskray.me/blog/2025-01-20-natural-loops) +- Bug Bounty in InfoSec Write-ups on Medium + - [ ] [How I found S3 buckets in Bug bounties](https://infosecwriteups.com/how-i-found-s3-buckets-in-bug-bounties-501faf76c3f9?source=rss----7b722bfd1b8d--bug_bounty) + - [ ] [Bypass HackerOne 2FA requirement and reporter blacklist](https://infosecwriteups.com/bypass-hackerone-2fa-requirement-and-reporter-blacklist-46d7959f1ee5?source=rss----7b722bfd1b8d--bug_bounty) +- Twitter @bytehx + - [ ] [Just scored a reward @intigriti, check my profile: https://app.intigriti.com/profile/bytehx #HackWithIntigriti](https://x.com/bytehx343/status/1881380986333839502) +- VMRay + - [ ] [Heavily obfuscated batch file loads XWorm hosted on GitHub](https://www.vmray.com/heavily-obfuscated-batch-file-loads-xworm-hosted-on-github/) +- SentinelOne + - [ ] [2024 macOS Malware Review | Infostealers, Backdoors, and APT Campaigns Targeting the Enterprise](https://www.sentinelone.com/blog/2024-macos-malware-review-infostealers-backdoors-and-apt-campaigns-targeting-the-enterprise/) +- Reverse Engineering + - [ ] [/r/ReverseEngineering's Weekly Questions Thread](https://www.reddit.com/r/ReverseEngineering/comments/1i5lbt8/rreverseengineerings_weekly_questions_thread/) + - [ ] [Malware Analysis of Fake Banking Reward APK Targeting WhatsApp Users](https://www.reddit.com/r/ReverseEngineering/comments/1i5svi7/malware_analysis_of_fake_banking_reward_apk/) + - [ ] [Reverse Engineering Bambu Connect](https://www.reddit.com/r/ReverseEngineering/comments/1i5lw80/reverse_engineering_bambu_connect/) +- Malwarebytes + - [ ] [Your location or browsing habits could lead to price increases when buying online](https://www.malwarebytes.com/blog/news/2025/01/your-location-or-browsing-habits-could-lead-to-price-increases-when-buying-online) + - [ ] [A week in security (January 13 – January 19)](https://www.malwarebytes.com/blog/news/2025/01/a-week-in-security-january-13-january-19) +- Wallarm + - [ ] [Considerations for Selecting the Best API Authentication Option](https://lab.wallarm.com/considerations-selecting-best-api-authentication-option/) +- 安全牛 + - [ ] [《后量子密码安全能力构建技术指南(2025年)》报告暨代表性厂商评估调研启动](https://mp.weixin.qq.com/s?__biz=MjM5Njc3NjM4MA==&mid=2651134771&idx=1&sn=d630c90006781716434e509b97c12856&chksm=bd15abe08a6222f621cc83ed26039da7ba363d15472e1102c14383eecf41b5ee7b6c2ef2e526&scene=58&subscene=0#rd) + - [ ] [马斯克称X不被允许在华运营情况需改变,外交部回应; 美国联邦调查局担忧AT&T数据泄露可能暴露线人身份 | 牛览](https://mp.weixin.qq.com/s?__biz=MjM5Njc3NjM4MA==&mid=2651134771&idx=2&sn=bf214740bb2023a8a3edc38463484c25&chksm=bd15abe08a6222f6f04fa76f0a94d12a1e81b2b7326b136daca55a3f0476d7b9a8d5898ed40d&scene=58&subscene=0#rd) +- rtl-sdr.com + - [ ] [A USB-C Mod for RTL-SDR Blog V3/V4 Dongles](https://www.rtl-sdr.com/a-usb-c-mod-for-rtl-sdr-blog-v3-v4-dongles/) + - [ ] [Locating an Intermittent Interferer with a KrakenSDR](https://www.rtl-sdr.com/locating-an-intermittent-interferer-with-a-krakensdr/) + - [ ] [Using an EFR32 IoT Microcontroller Transceiver as an SDR](https://www.rtl-sdr.com/using-an-efr32-iot-microcontroller-transceiver-as-an-sdr/) +- 奇客Solidot–传递最新科技情报 + - [ ] [2024 年大气二氧化碳增幅创纪录](https://www.solidot.org/story?sid=80382) + - [ ] [欧盟考虑在消费品中禁止使用 PFAS](https://www.solidot.org/story?sid=80381) + - [ ] [Google 搜索服务开始要求启用 JavaScript](https://www.solidot.org/story?sid=80380) + - [ ] [Google Android 运行在 2024 年三分之二的新车上](https://www.solidot.org/story?sid=80379) + - [ ] [LibreOffice Writer 扩展为字处理软件加入可选的本地生成式 AI 功能](https://www.solidot.org/story?sid=80378) + - [ ] [亚马逊强推重返办公室但没有足够办公桌和停车位](https://www.solidot.org/story?sid=80377) + - [ ] [小鼠研究显示安眠药会干扰大脑清除废物](https://www.solidot.org/story?sid=80376) + - [ ] [摄像机首次捕捉到陨石掉落地面瞬间](https://www.solidot.org/story?sid=80375) + - [ ] [Linux 6.13 释出](https://www.solidot.org/story?sid=80374) + - [ ] [TikTok 恢复美国服务](https://www.solidot.org/story?sid=80373) +- HackerNews + - [ ] [欧盟《数字运营弹性法案》正式生效,严至监禁失职管理层](https://hackernews.cc/archives/56991) + - [ ] [网络安全领域研究人员遭遇假 PoC 专项攻击](https://hackernews.cc/archives/56995) + - [ ] [加拿大一 IT 公司被俄罗斯政府列入“不受欢迎”组织名单](https://hackernews.cc/archives/56987) + - [ ] [美国联邦贸易委员会:大数据监控定价导致消费者成本上升](https://hackernews.cc/archives/56985) + - [ ] [谷歌推出 OSV-SCALIBR 开源库用于软件成分分析](https://hackernews.cc/archives/56982) + - [ ] [恶意 PyPi 软件包窃取 Discord 开发者认证令牌](https://hackernews.cc/archives/56977) + - [ ] [俄罗斯黑客组织 Star Blizzard 在新钓鱼攻击活动中瞄准 WhatsApp 账户](https://hackernews.cc/archives/56975) + - [ ] [基于 Python 的机器人利用 PHP 服务器推动赌博平台泛滥](https://hackernews.cc/archives/56973) + - [ ] [WGS-804HPT 交换机存在严重漏洞将导致远程代码执行和网络利用](https://hackernews.cc/archives/56971) +- 绿盟科技技术博客 + - [ ] [【已支持暴露面风险排查】Rsync缓冲区溢出与信息泄露漏洞(CVE-2024-12084/CVE-2024-12085)](https://blog.nsfocus.net/cve-2024-12084-cve-2024-12085/) +- 安全客 + - [ ] [转型中的网络安全:拜登政府的警告和美国的未来](https://mp.weixin.qq.com/s?__biz=MzA5ODA0NDE2MA==&mid=2649787757&idx=1&sn=e5eae9b6df27d7b00015e86ca2284def&chksm=8893bd02bfe43414e51527c12e99fe7dbfabd348bcf33087f7044d95963b1907c7ae795d05e9&scene=58&subscene=0#rd) +- 安全分析与研究 + - [ ] [UEFI BootKit学习路线与资料分享](https://mp.weixin.qq.com/s?__biz=MzA4ODEyODA3MQ==&mid=2247490058&idx=1&sn=8c80dfb3d169392af3a7821398c50637&chksm=902fb522a7583c34dbebe5255d0d954d1ac8bc4735bb19bc926e9c32a531e4f88c2c4666cda7&scene=58&subscene=0#rd) +- 奇安信 CERT + - [ ] [安全热点周报:Fortinet 警告利用身份验证绕过零日漏洞劫持防火墙](https://mp.weixin.qq.com/s?__biz=MzU5NDgxODU1MQ==&mid=2247502869&idx=1&sn=53f5cfd343a3cd7a4e8a32a6fe638138&chksm=fe79e88dc90e619b8c2c010457c1e44f3ff06dd47f4a8abd602deff354192c4b2842a3c0dfc3&scene=58&subscene=0#rd) +- Black Hills Information Security + - [ ] [Attack Tactics 9: Shadow Creds for PrivEsc w/ Kent & Jordan](https://www.blackhillsinfosec.com/attack-tactics-9-shadow-creds-for-privesc-wrapup/) +- 吾爱破解论坛 + - [ ] [吾爱破解论坛微信红包封面设计预览](https://mp.weixin.qq.com/s?__biz=MjM5Mjc3MDM2Mw==&mid=2651141587&idx=1&sn=91deda30d33d111b7478c3a764c2c468&chksm=bd50a5878a272c916e5fdba11db955248dd241def35150160f93e385c9782019e9bf0e6b1764&scene=58&subscene=0#rd) +- 代码卫士 + - [ ] [WGS-804HPT 交换机中存在多个严重漏洞,可导致RCE和网络利用](https://mp.weixin.qq.com/s?__biz=MzI2NTg4OTc5Nw==&mid=2247522124&idx=1&sn=8b928d650502c3cebc7b2ae0e85282a2&chksm=ea94a626dde32f303236d54cf10c68cbf25ac8104fe9a6280306ddbcce4f3ce7624240d24d9d&scene=58&subscene=0#rd) + - [ ] [PyPI 恶意包窃取Discord 开发人员的认证令牌](https://mp.weixin.qq.com/s?__biz=MzI2NTg4OTc5Nw==&mid=2247522124&idx=2&sn=98991414f4675f83bbb4a3935a2f16e1&chksm=ea94a626dde32f3016b9b39f894f63db177129413333eaf003c2ded003a435725967bc152c92&scene=58&subscene=0#rd) +- Dhole Moments + - [ ] [Session Round 2](https://soatok.blog/2025/01/20/session-round-2/) +- 威努特安全网络 + - [ ] [2024 CWE TOP25最危险软件弱点深度解析](https://mp.weixin.qq.com/s?__biz=MzAwNTgyODU3NQ==&mid=2651130546&idx=1&sn=af17cc33bcba30263b1062816452140a&chksm=80e71002b7909914201ecc3158a953b2ce81f616276e5123ebef52b60f922c7ff5b588c7c574&scene=58&subscene=0#rd) +- 青衣十三楼飞花堂 + - [ ] [凉山叙事](https://mp.weixin.qq.com/s?__biz=MzUzMjQyMDE3Ng==&mid=2247487923&idx=1&sn=27de2e79a46e08f68e6fd4cadd99c580&chksm=fab2d28ccdc55b9a7a2a150f12ecb0044c667e16fd09c9138fa3ca96b1c40acd0b8aa1cafd6e&scene=58&subscene=0#rd) +- FreeBuf网络安全行业门户 + - [ ] [新型Android恶意软件模仿聊天应用窃取敏感数据](https://www.freebuf.com/news/420346.html) + - [ ] [B站又爆大瓜!员工“代码投毒”报复网友](https://www.freebuf.com/news/420334.html) + - [ ] [验证码对抗之殇:Clickfix最新钓鱼事件分析报告](https://www.freebuf.com/articles/paper/420320.html) + - [ ] [解读出国劳务:表面邀请拍戏,实则人口交易,走上小路,却是末路!](https://www.freebuf.com/news/420316.html) + - [ ] [FreeBuf早报 | 网信办启动春节网络环境整治行动;美网络攻击我国某研究院细节公布](https://www.freebuf.com/news/420305.html) + - [ ] [惠普被黑客入侵,机密数据在暗网出售](https://www.freebuf.com/news/420293.html) + - [ ] [无需拆机!Windows 11 BitLocker加密文件被破解](https://www.freebuf.com/news/420297.html) + - [ ] [黑客滥用微软VSCode 远程隧道绕过安全工具](https://www.freebuf.com/news/420277.html) + - [ ] [《零日风暴》| 正式前导预告 | Netflix](https://www.freebuf.com/video/420267.html) + - [ ] [ChatGPT被曝存在爬虫漏洞,OpenAI未公开承认](https://www.freebuf.com/news/420273.html) + - [ ] [网络安全领域研究人员遭遇假PoC专项攻击](https://www.freebuf.com/news/420252.html) +- 奇安信威胁情报中心 + - [ ] [Operation(Giỗ Tổ Hùng Vương)hurricane:浅谈新海莲花组织在内存中的技战术](https://mp.weixin.qq.com/s?__biz=MzI2MDc2MDA4OA==&mid=2247513780&idx=1&sn=a2650f77b1b7a4b73b27ec637bef04d1&chksm=ea6641c3dd11c8d58e8cd03792f61e801bc69c868a2c7ccc64826afab019e4e19fa13ab75e3d&scene=58&subscene=0#rd) +- 腾讯玄武实验室 + - [ ] [每日安全动态推送(25/1/20)](https://mp.weixin.qq.com/s?__biz=MzA5NDYyNDI0MA==&mid=2651959996&idx=1&sn=39171e942cfb617360a556b8d9fa2dd3&chksm=8baed223bcd95b358ff9bd5dd95c2f60ad07fa4eaf7b8664a5947a32920fa4092f27c9b4e44d&scene=58&subscene=0#rd) +- 安全研究GoSSIP + - [ ] [G.O.S.S.I.P 技术笔记 2025-01-15 薛定谔的寄存器?](https://mp.weixin.qq.com/s?__biz=Mzg5ODUxMzg0Ng==&mid=2247499629&idx=1&sn=2890acf36b4707a5bf91f3c823c4a5db&chksm=c063d1b4f71458a27e12ffc8ec1fe880002d2d92968fadcda511a91279e30d0dacba4fa59f48&scene=58&subscene=0#rd) +- 中国信息安全 + - [ ] [全球视野 | 国际网安快讯(第46期)](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235156&idx=1&sn=0d1b4aa189b788c665f35ccc52b8c79c&chksm=8b58026dbc2f8b7b6d93de308202cb19c8415133a057bc6da6f722dede97d20b258b1d7472a6&scene=58&subscene=0#rd) + - [ ] [关注 | 中央网信办启动“清朗·2025年春节网络环境整治”专项行动](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235156&idx=2&sn=4b39d631ae07312faba443f5436ad10d&chksm=8b58026dbc2f8b7b91ed7170e231bcd136924c647b87e66b0462da74c185560ce2f6cd9e787a&scene=58&subscene=0#rd) + - [ ] [专家解读 | 蒋艳:促进数据标注能力提升,筑牢工业智能数据基础](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235156&idx=3&sn=558d06cf50feba02ada95b443dd3c827&chksm=8b58026dbc2f8b7b9eef3e6af4d43b30950f7189270bf1a2d3bca5bcca2741a0e8e19ea1ba22&scene=58&subscene=0#rd) + - [ ] [专家观点 | 构建多元化的人工智能训练数据供给体系](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235156&idx=4&sn=1dbca4b896271872f13bb321297280ba&chksm=8b58026dbc2f8b7b971cfdb62ca4b48021e6f8ef3b66a561160856f707769288e10ab71e982c&scene=58&subscene=0#rd) + - [ ] [国际 | 欧盟计划加强医疗保健行业网络安全](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235156&idx=5&sn=957baf161a599a455c3db7e971b5e1be&chksm=8b58026dbc2f8b7bbbcad45c446045a33301e9fff28222efaa28c4e2b68cc21f064468af3e20&scene=58&subscene=0#rd) + - [ ] [国际 | 日本强化“主动网络防御”能力](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235156&idx=6&sn=8ccd83bcc4b8e4593e6fdd896fa083e0&chksm=8b58026dbc2f8b7b5e4b966a6f54625e30dc69faafd8a70ef0171ade51902c00712b1acdc8cd&scene=58&subscene=0#rd) + - [ ] [评论 | 请读懂用“反向驯化”对付算法背后的诉求](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235156&idx=7&sn=f84b09b4c82d9bc9efe8c1c5f4c91a4d&chksm=8b58026dbc2f8b7baae14b0518073604a463b27203a7a6c6a7ba5b8c9cb577ae2d49f270693e&scene=58&subscene=0#rd) +- dotNet安全矩阵 + - [ ] [举一反三 ,通过 Sharp4SuoPoc 从原理上复现 Visual Studio 投毒事件的来龙去脉](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498340&idx=1&sn=f9aecfc3de35b8fac05e7e7d352da9e4&chksm=fa595489cd2edd9f317b3ce1a2e10a23a2a5c3c3fc4a16daa713ac76716cec8ef519e525b37a&scene=58&subscene=0#rd) + - [ ] [国内最专业、最全面的 [ .NET 代码审计 ] 体系化学习交流社区](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498340&idx=2&sn=a8a67dc9e2cd5c4ec82e4a85c1fe2342&chksm=fa595489cd2edd9f25ac05370f0e47f84cb3e8c701746b35f4a0bfb09ae483e152785aeeb67c&scene=58&subscene=0#rd) + - [ ] [.NET 第 55 期红队武器库和资源汇总](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498340&idx=3&sn=7c60cbd1b12469d5e4f5c6db12ca1cb4&chksm=fa595489cd2edd9fd5bb60e9788f1ae5294e1852fb76568985d137f3a1b3dde16d6bcfcd9495&scene=58&subscene=0#rd) +- 丁爸 情报分析师的工具箱 + - [ ] [【知识点】解密:HUMINT、SIGINT、OSINT、MASINT、GEOINT 、IMINT、SOCMINT、MEDINT等](https://mp.weixin.qq.com/s?__biz=MzI2MTE0NTE3Mw==&mid=2651148633&idx=1&sn=80a6c18af41984c8aaa601f82ccd7ac8&chksm=f1af2663c6d8af75a845402ef2f96cb2f9a94fd38ebb787c3390cc9a9cda2de4f06e26baa64f&scene=58&subscene=0#rd) +- 数世咨询 + - [ ] [新西兰跻身云安全漏洞排名前十](https://mp.weixin.qq.com/s?__biz=MzkxNzA3MTgyNg==&mid=2247534891&idx=1&sn=442f5697287365e019e20cb29c0a8008&chksm=c1443b96f633b280e3859a3441a858dda1412ce36b7957734a73bf3c683102b57bad82ee504a&scene=58&subscene=0#rd) +- 微步在线 + - [ ] [零差评的NDR,都做对了什么?](https://mp.weixin.qq.com/s?__biz=MzI5NjA0NjI5MQ==&mid=2650183053&idx=1&sn=92ff24e4a5e517b359ccd30b8274a5f6&chksm=f4486e31c33fe7279d803461244b6437f24fcba89a8c0040cee9fb53be84431992cedcf81281&scene=58&subscene=0#rd) +- 极客公园 + - [ ] [荣耀开启新一轮无限游戏:换帅、AI 和出海](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653072381&idx=1&sn=59b10e027ecd8cf16913597da4808654&chksm=7e57d64b49205f5d6d1a059def189b6fd38bba2e3c0be18dc4bbbd18ed40d8ca4f5a21f028bb&scene=58&subscene=0#rd) + - [ ] [对话 Mirumi 创造者:CES上爆火的陪伴机器人是怎样炼成的?](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653072363&idx=1&sn=feda9287cf8b3068ce7f17923c00d078&chksm=7e57d65d49205f4b15641187aaca3c587e0d4b05aa12dd633c11226bc00b5361d10c22ddf874&scene=58&subscene=0#rd) +- CNVD漏洞平台 + - [ ] [CNVD漏洞周报2025年第3期](https://mp.weixin.qq.com/s?__biz=MzU3ODM2NTg2Mg==&mid=2247495715&idx=1&sn=c02f8d40b18ff20468aa338efd776c5d&chksm=fd74c0eaca0349fcf48893554150aa62b8d148205e3198526c654194241638eafab9530bc6b5&scene=58&subscene=0#rd) + - [ ] [上周关注度较高的产品安全漏洞(20250113-20250119)](https://mp.weixin.qq.com/s?__biz=MzU3ODM2NTg2Mg==&mid=2247495715&idx=2&sn=b9b9d870553d36e181ba7d1702fde7da&chksm=fd74c0eaca0349fcd7eabae533b4d6bf7f8a8cf66309cb1e93c0c20500d376dc0ac4c5436fe6&scene=58&subscene=0#rd) +- 安全圈 + - [ ] [【安全圈】宁波某化工企业被境外势力获取危险源监控视频数据](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067503&idx=1&sn=018f26decbcead5c44d6897dcaac4696&chksm=f36e7aefc419f3f998508894e072b07d360f8ce003a7829c7e3e59b6e38963c000cb35563009&scene=58&subscene=0#rd) + - [ ] [【安全圈】黑客声称惠普企业遭入侵,列出待售数据](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067503&idx=2&sn=91d7e9ae298ff62eea78d7143853f356&chksm=f36e7aefc419f3f91633b7a176be4cb6885a0df37a85ddd11366df9baa8f003ef67da3e56566&scene=58&subscene=0#rd) + - [ ] [【安全圈】黑客滥用 Microsoft VSCode 远程隧道绕过安全工具](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067503&idx=3&sn=0b2738a898f48ebbcd35b935ea9b9b9b&chksm=f36e7aefc419f3f9825e2bcdb1346a6a0cfc125b0362317ae276f36f4a15f976800acc71e733&scene=58&subscene=0#rd) + - [ ] [【安全圈】无需拆卸笔记本电脑即可访问 Windows 11 BitLocker 加密文件](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067503&idx=4&sn=17aa39950a2ad339c5c9189715ebc4f2&chksm=f36e7aefc419f3f9cb51bb87bb1f571572cf3b66429795fbd19cc7536069f74aa0232d0c9cc2&scene=58&subscene=0#rd) +- 情报分析师 + - [ ] [【深度研究】如何用开源情报与验证技术挖掘互联网的隐藏真相](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650559107&idx=1&sn=d4395815742a56a0b089bcbdd91c3d70&chksm=87117cc8b066f5de0c1760ba5048934bc55a194aef2689e5a9a8c6c57dfc9c43f8d060375331&scene=58&subscene=0#rd) + - [ ] [伊俄签订全面战略伙伴条约对我风险研判](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650559107&idx=2&sn=a7f4517c1d2dc7c3812ea3cd778b7ae2&chksm=87117cc8b066f5ded35fd6591e36d01e85717c318664ade912a6ceeeb91d6ea5f65538ff104d&scene=58&subscene=0#rd) +- 墨菲安全 + - [ ] [36氪广东首发 | 以供应链视角推动企业软件安全架构升级,「墨菲安全」获数千万pre-A轮融资](https://mp.weixin.qq.com/s?__biz=MzkwOTM0MjI5NQ==&mid=2247488047&idx=1&sn=3176a6f993fd1c1d1fe0b03cbac70b6c&chksm=c13d7117f64af801d9153ac2691a2c0a56d0ca540e4ff90ee863c60b206f7e32a07d1f39cde4&scene=58&subscene=0#rd) +- 安全内参 + - [ ] [因遭勒索软件泄露超近250万人临床信息,这家生物公司赔偿5400万元](https://mp.weixin.qq.com/s?__biz=MzI4NDY2MDMwMw==&mid=2247513542&idx=1&sn=7dc1d619a87db4ddb927b6fb3ff62ff1&chksm=ebfaf2e6dc8d7bf0a8026fb160bb90c03136633fffceb3237e66198cde12fc14049bcc05e6d0&scene=58&subscene=0#rd) + - [ ] [美国务院首次实施“网络安全运营需求外国援助计划”](https://mp.weixin.qq.com/s?__biz=MzI4NDY2MDMwMw==&mid=2247513542&idx=2&sn=a15c26b60bc01c84fa61304952a8e690&chksm=ebfaf2e6dc8d7bf059c60d0b270de70171b873273cffd4aada3f465a8e3dee5abd717cba2a3a&scene=58&subscene=0#rd) +- 嘶吼专业版 + - [ ] [2024中国网络安全产业势能榜优能企业「医疗行业」典型案例展示](https://mp.weixin.qq.com/s?__biz=MzI0MDY1MDU4MQ==&mid=2247580903&idx=1&sn=44413743a587bf5c4d3afb17ea77ebfc&chksm=e9146cddde63e5cb900190a36756ef024ec4fd8b30f5a7eb06d8fc0c23649cb50159aa96c397&scene=58&subscene=0#rd) + - [ ] [安全动态回顾|《信息技术 信息安全事件管理 第4部分:协同》正式发布 黑客利用Google搜索广告窃取Google Ads帐户](https://mp.weixin.qq.com/s?__biz=MzI0MDY1MDU4MQ==&mid=2247580903&idx=2&sn=9dcd6ddb22e3ee16847f8c8d15241de9&chksm=e9146cddde63e5cb1d7218c1d4585a1f4f7c66c2e3960ea2056660e512ba78b3b4a8c082995b&scene=58&subscene=0#rd) +- 看雪学苑 + - [ ] [学习PE文件后的第一次实践项目之DLL反射型注入](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458588763&idx=1&sn=3f8a5ac4ea9d15820cc2cd6d5692963e&chksm=b18c26d186fbafc70f3e7c1673c15273d3202d1ec5d43301132c3a6e91aee46636b5ff4d87a8&scene=58&subscene=0#rd) + - [ ] [开源工具 rsync 曝重大漏洞,黑客可越界写入缓冲区远程执行代码](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458588763&idx=2&sn=987fea6e7bc8cce2c77f2e2035072ac4&chksm=b18c26d186fbafc74e6a05aa86e92183c63d2d9a959a88738a9e938d04954b0f5f417afec628&scene=58&subscene=0#rd) + - [ ] [今日更新:第4章2节-模糊测试工具基础使用](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458588763&idx=3&sn=094fc7e969bab88e07445fbca7b4b304&chksm=b18c26d186fbafc725a11592c164103b7ebcb3a2f8d879a28251fb5ca867598ddb4028856983&scene=58&subscene=0#rd) +- LuxSci + - [ ] [LuxSci Unveils New Secure Forms Features for Flexible Editing, Integrated Workflows, and Save Histories](https://luxsci.com/blog/new-secure-forms-features.html) +- 威胁棱镜 + - [ ] [实战派第二期沙龙(办公终端安全)随笔](https://mp.weixin.qq.com/s?__biz=MzkyMzE5ODExNQ==&mid=2247487604&idx=1&sn=03667e822fa1aeec7a80ec5277f40f32&chksm=c1e9e7b8f69e6eaef337bb4c0d8c67081221d5e96d5af824eed5bd160b4a99a8b28593dd3238&scene=58&subscene=0#rd) +- Krypt3ia + - [ ] [Threat Brief: Security Issues Surrounding TikTok and Its Potential for Espionage and Misinformation Campaigns](https://krypt3ia.wordpress.com/2025/01/20/threat-brief-security-issues-surrounding-tiktok-and-its-potential-for-espionage-and-misinformation-campaigns/) +- Over Security - Cybersecurity news aggregator + - [ ] [Microsoft: Exchange 2016 and 2019 reach end of support in October](https://www.bleepingcomputer.com/news/microsoft/microsoft-exchange-2016-and-2019-reach-end-of-support-in-october/) + - [ ] [HPE investigates breach as hacker claims to steal source code](https://www.bleepingcomputer.com/news/security/hewlett-packard-enterprise-investigates-new-breach-claims/) + - [ ] [Ukraine restores state registers after suspected Russian cyberattack](https://therecord.media/ukraine-restores-registers-after-cyberattack) + - [ ] [Microsoft fixes Windows Server 2022 bug breaking device boot](https://www.bleepingcomputer.com/news/microsoft/microsoft-fixes-windows-server-2022-bug-breaking-device-boot/) + - [ ] [Philippines arrests Chinese national suspected of spying on critical infrastructure](https://therecord.media/philippines-arrests-chinese-nationa-spying-critical-infrastructure) + - [ ] [Fortinet Zero-Day CVE-2024-55591 Exposed: Super-Admin Access Risk](https://cyble.com/blog/cve-2024-55591-the-fortinet-flaw-putting-critical-systems-at-risk/) + - [ ] [Cyble Sensors Detect Attacks on Check Point, Ivanti and More](https://cyble.com/blog/cyble-sensors-detect-attacks-on-check-point-ivanti-and-more/) + - [ ] [SentinelOne estende Purple AI alle soluzioni di sicurezza di terze parti](https://www.securityinfo.it/2025/01/20/sentinelone-estende-purple-ai-alle-soluzioni-di-sicurezza-di-terze-parti/) + - [ ] [Malicious extensions circumvent Google’s remote code ban](https://palant.info/2025/01/20/malicious-extensions-circumvent-googles-remote-code-ban/) + - [ ] [Transition from IBM QRadar to Sekoia for a modern & rewarding experience](https://blog.sekoia.io/transition-from-ibm-qradar-to-sekoia-for-a-modern-rewarding-experience/) + - [ ] [Microsoft shares temp fix for Outlook crashing when writing emails](https://www.bleepingcomputer.com/news/microsoft/microsoft-shares-temp-fix-for-outlook-crashing-when-writing-emails/) + - [ ] [Ancora attacchi ad opera di Vidar: cadenza regolare e vecchie strategie sempre efficaci](https://cert-agid.gov.it/news/ancora-attacchi-ad-opera-di-vidar-cadenza-regolare-e-vecchie-strategie-sempre-efficaci/) + - [ ] [FOSDEM 2025](https://www.certego.net/blog/fosdem-2025-certego-tra-gli-speaker-evento-dedicato-al-mondo-software-open-source/) + - [ ] [Riflessione sulle Free WiFi](https://roccosicilia.com/2025/01/20/riflessione-sulle-free-wifi/) + - [ ] [CERT-AGID 11 – 17 gennaio: una campagna di phishing sul Ministero della Salute e di nuovo Lumma Stealer.](https://www.securityinfo.it/2025/01/20/cert-agid-11-17-gennaio-una-campagna-di-phishing-sul-ministero-della-salute-e-di-nuovo-lumma-stealer/) +- bellingcat + - [ ] [The Rise of Nitazenes: Chinese Suppliers Behind Ads for Deadly Opioids Targeting Europe](https://www.bellingcat.com/news/2025/01/20/chinese-link-to-nitazenes-targeting-europe/) +- 安全419 + - [ ] [重新定义云优先时代的第三方治理和身份](https://mp.weixin.qq.com/s?__biz=MzUyMDQ4OTkyMg==&mid=2247546726&idx=1&sn=3814386756a35a94f19c0ee42150f30d&chksm=f9ebe9cbce9c60dd07f48ddfa60b488ee7b303a6a8f3f5d7b68cac50988ba9be7d8766abcc1e&scene=58&subscene=0#rd) +- 360数字安全 + - [ ] [滴!您有一封来自360安全大模型的年度报告待查收](https://mp.weixin.qq.com/s?__biz=MzA4MTg0MDQ4Nw==&mid=2247579147&idx=1&sn=0643e297c264261888a85bdd3bd4b117&chksm=9f8d2603a8faaf158eecc4ba3bdcf21338f00b6215aa681a645907b23b47fe843a188c825547&scene=58&subscene=0#rd) +- 迪哥讲事 + - [ ] [从信息泄露到越权再到弱口令](https://mp.weixin.qq.com/s?__biz=MzIzMTIzNTM0MA==&mid=2247496915&idx=1&sn=ab34ad81c6b8fa8f2d00b9513c025fa4&chksm=e8a5feb0dfd277a6690903a4e8d90d6f98dca468b4aedfd0ef1058382c9c1dd0f2e07a75de5e&scene=58&subscene=0#rd) +- Securityinfo.it + - [ ] [SentinelOne estende Purple AI alle soluzioni di sicurezza di terze parti](https://www.securityinfo.it/2025/01/20/sentinelone-estende-purple-ai-alle-soluzioni-di-sicurezza-di-terze-parti/?utm_source=rss&utm_medium=rss&utm_campaign=sentinelone-estende-purple-ai-alle-soluzioni-di-sicurezza-di-terze-parti) + - [ ] [CERT-AGID 11 – 17 gennaio: una campagna di phishing sul Ministero della Salute e di nuovo Lumma Stealer.](https://www.securityinfo.it/2025/01/20/cert-agid-11-17-gennaio-una-campagna-di-phishing-sul-ministero-della-salute-e-di-nuovo-lumma-stealer/?utm_source=rss&utm_medium=rss&utm_campaign=cert-agid-11-17-gennaio-una-campagna-di-phishing-sul-ministero-della-salute-e-di-nuovo-lumma-stealer) +- ICT Security Magazine + - [ ] [Big Data: Gestione e Analisi dei Dati su Larga Scala](https://www.ictsecuritymagazine.com/articoli/big-data-cosa-sono/) +- 娜璋AI安全之家 + - [ ] [[AI安全论文] (36)C&S22 MPSAutodetect:基于自编码器的恶意Powershell脚本检测模型](https://mp.weixin.qq.com/s?__biz=Mzg5MTM5ODU2Mg==&mid=2247501253&idx=1&sn=7f467401adcf67cc67d7c2d3573e7c2e&chksm=cfcf7508f8b8fc1e5be31d7896f233c533e1591fe41a83de83293ee9930109814a8eadfc435b&scene=58&subscene=0#rd) +- SANS Internet Storm Center, InfoCON: green + - [ ] [Partial ZIP File Downloads, (Mon, Jan 20th)](https://isc.sans.edu/diary/rss/31608) + - [ ] [ISC Stormcast For Monday, January 20th, 2025 https://isc.sans.edu/podcastdetail/9286, (Mon, Jan 20th)](https://isc.sans.edu/diary/rss/31604) +- 360威胁情报中心 + - [ ] [APT-C-26(Lazarus)组织持续升级攻击武器,利用Electron程序瞄准加密货币行业](https://mp.weixin.qq.com/s?__biz=MzUyMjk4NzExMA==&mid=2247505519&idx=1&sn=594229f2c0123673d1fa9c6cf729858b&chksm=f9c1e566ceb66c701d875de8481fe02d89654d4b56cfc51088de6e421cb701437cdab52a0851&scene=58&subscene=0#rd) +- FuzzWiki + - [ ] [DeepGo: 预测定向灰盒模糊测试](https://mp.weixin.qq.com/s?__biz=MzU1NTEzODc3MQ==&mid=2247486916&idx=1&sn=6c5e8170932409049927f3b79468ae99&chksm=fbd9a678ccae2f6e581227dcdcc23e37f5f45c8fddefd134ce6a27c2a5563c29dc7126637abb&scene=58&subscene=0#rd) +- 白泽安全实验室 + - [ ] [因WordPress新漏洞,全球数百万网站面临被攻击风险](https://mp.weixin.qq.com/s?__biz=MzI0MTE4ODY3Nw==&mid=2247492526&idx=1&sn=247ea35cbbd8abee04db13ecd2a84025&chksm=e90dc984de7a4092b4afde879c894da6d97959d30ded3154090dba8f222c4e460b1ee2a8519b&scene=58&subscene=0#rd) +- The Hacker News + - [ ] [Unsecured Tunneling Protocols Expose 4.2 Million Hosts, Including VPNs and Routers](https://thehackernews.com/2025/01/unsecured-tunneling-protocols-expose-42.html) + - [ ] [DoNot Team Linked to New Tanzeem Android Malware Targeting Intelligence Collection](https://thehackernews.com/2025/01/donot-team-linked-to-new-tanzeem.html) + - [ ] [⚡ THN Weekly Recap: Top Cybersecurity Threats, Tools and Tips [20 January]](https://thehackernews.com/2025/01/thn-weekly-recap-top-cybersecurity_20.html) + - [ ] [Product Walkthrough: How Satori Secures Sensitive Data From Production to AI](https://thehackernews.com/2025/01/product-walkthrough-how-satori.html) + - [ ] [Hackers Deploy Malicious npm Packages to Steal Solana Wallet Keys via Gmail SMTP](https://thehackernews.com/2025/01/hackers-deploy-malicious-npm-packages.html) +- 0x727开源安全团队 + - [ ] [什么是ChkApi?(专为金融行业开源的API安全检测工具)](https://mp.weixin.qq.com/s?__biz=MzkwNTI3MjIyOQ==&mid=2247484132&idx=1&sn=721763ec693c93569325551122bb5e05&chksm=c0fb0c2ef78c85380ed2cb3e14dff253bd82118f740b9ff0c38dd08d365238d19bd7579adb3d&scene=58&subscene=0#rd) +- TorrentFreak + - [ ] [Authors Seek Meta’s Torrent Client Logs and Seeding Data in AI Piracy Probe](https://torrentfreak.com/authors-seek-metas-torrent-client-logs-and-seeding-data-in-ai-piracy-probe-250120/) + - [ ] [Man Jailed For Pirate IPTV Used By “Hundreds of Thousands” Had 2,000 Users](https://torrentfreak.com/man-jailed-for-pirate-iptv-used-by-100s-of-thousands-had-2000-subscribers-250120/) +- The Register - Security + - [ ] [Hackers game out infowar against China with the US Navy](https://go.theregister.com/feed/www.theregister.com/2025/01/20/china_taiwan_wargames/) + - [ ] [How to leave the submarine cable cutters all at sea – go Swedish](https://go.theregister.com/feed/www.theregister.com/2025/01/20/opinion_column_submarine_cables/) + - [ ] [Ransomware attack forces Brit high school to shut doors](https://go.theregister.com/feed/www.theregister.com/2025/01/20/blacon_high_school_ransomware/) + - [ ] [Sage Copilot grounded briefly to fix AI misbehavior](https://go.theregister.com/feed/www.theregister.com/2025/01/20/sage_copilot_data_issue/) + - [ ] [Datacus extractus: Harry Potter publisher breached without resorting to magic](https://go.theregister.com/feed/www.theregister.com/2025/01/20/harry_potter_publisher_breach/) + - [ ] [When food delivery apps reached Indonesia, everyone put on weight](https://go.theregister.com/feed/www.theregister.com/2025/01/20/asia_tech_news_roundup/) + - [ ] [Donald Trump proposes US government acquire half of TikTok, which thanks him and restores service](https://go.theregister.com/feed/www.theregister.com/2025/01/20/trump_tiktok_nationalization_idea/) +- Security Breached Blog + - [ ] [Purple Teaming: What Not to Do in OT & IoT Testing to Avoid Halting the Factory or Sinking the Oil Rig](https://blog.securitybreached.org/2025/01/20/purple-teaming-what-not-to-do-in-ot-iot-testing-to-avoid-halting-the-factory-or-sinking-the-oil-rig/) +- Security Affairs + - [ ] [HPE is investigating IntelBroker’s claims of the company hack](https://securityaffairs.com/173265/data-breach/hpe-is-investigating-intelbrokers-claims-of-hack.html) + - [ ] [Esperts found new DoNot Team APT group’s Android malware](https://securityaffairs.com/173257/apt/donot-team-android-malware.html) + - [ ] [Malicious npm and PyPI target Solana Private keys to steal funds from victims’ wallets](https://securityaffairs.com/173249/cyber-crime/malicious-npm-and-pypi-target-solana-private-keys.html) + - [ ] [Planet WGS-804HPT Industrial Switch flaws could be chained to achieve remote code execution](https://securityaffairs.com/173237/security/wgs-804hpt-flaws.html) +- Hacking Exposed Computer Forensics Blog + - [ ] [Daily Blog #723: Sunday Funday 1/19/25](https://www.hecfblog.com/2025/01/daily-blog-723-sunday-funday-11925.html) +- Deeplinks + - [ ] [VPNs Are Not a Solution to Age Verification Laws](https://www.eff.org/deeplinks/2025/01/vpns-are-not-solution-age-verification-laws) +- 白帽子章华鹏 + - [ ] [直播倒计时1天:AI生成代码会带来更广泛的软件供应链攻击吗?](https://mp.weixin.qq.com/s?__biz=MzIyOTAxOTYwMw==&mid=2650236946&idx=1&sn=2b4b09bfcc905f6ec14b7d509e1a6ed6&chksm=f04ad2aec73d5bb8e4f014c49705f57df429dafdee65fdf854748b00721ba0d3dbf029444309&scene=58&subscene=0#rd) +- Your Open Hacker Community + - [ ] [How do hackers divert ships? (read description)](https://www.reddit.com/r/HowToHack/comments/1i5nrch/how_do_hackers_divert_ships_read_description/) + - [ ] [Looking for simple step pointers using hashcat on windows.](https://www.reddit.com/r/HowToHack/comments/1i5xd58/looking_for_simple_step_pointers_using_hashcat_on/) + - [ ] [How Many Rooms Should I Solve Per Day? Or Should I Focus More on Theory?](https://www.reddit.com/r/HowToHack/comments/1i5nlnp/how_many_rooms_should_i_solve_per_day_or_should_i/) + - [ ] [Kali home server](https://www.reddit.com/r/HowToHack/comments/1i5whrp/kali_home_server/) + - [ ] [My awus036h cannot scan any wireless](https://www.reddit.com/r/HowToHack/comments/1i5p3nw/my_awus036h_cannot_scan_any_wireless/) + - [ ] [Running Telegram messages, as Terminal commands, by Esp32 USB](https://www.reddit.com/r/HowToHack/comments/1i5hibl/running_telegram_messages_as_terminal_commands_by/) + - [ ] [How to start hacking?](https://www.reddit.com/r/HowToHack/comments/1i62424/how_to_start_hacking/) + - [ ] [Need Advice on combining Learning Hacking While Doing a CS Degree](https://www.reddit.com/r/HowToHack/comments/1i5pop9/need_advice_on_combining_learning_hacking_while/) + - [ ] [Why do you need wifi adapters](https://www.reddit.com/r/HowToHack/comments/1i5z8fs/why_do_you_need_wifi_adapters/) + - [ ] [Hey guys, How can I get Free Internet using HTTP Custom?](https://www.reddit.com/r/HowToHack/comments/1i612x8/hey_guys_how_can_i_get_free_internet_using_http/) + - [ ] [CURIOUSITY IS KILLING ME!](https://www.reddit.com/r/HowToHack/comments/1i60un0/curiousity_is_killing_me/) + - [ ] [Assist ?](https://www.reddit.com/r/HowToHack/comments/1i5viek/assist/) + - [ ] [Whats a good remote acces tool?](https://www.reddit.com/r/HowToHack/comments/1i5q7s8/whats_a_good_remote_acces_tool/) + - [ ] [Chess.com config](https://www.reddit.com/r/HowToHack/comments/1i5nvub/chesscom_config/) +- Technical Information Security Content & Discussion + - [ ] [Malware Analysis of Fake Banking Reward APK Targeting WhatsApp Users](https://www.reddit.com/r/netsec/comments/1i5su0v/malware_analysis_of_fake_banking_reward_apk/) + - [ ] [The cost of false positives - how we became a target](https://www.reddit.com/r/netsec/comments/1i5tioq/the_cost_of_false_positives_how_we_became_a_target/) + - [ ] [v0.1.0 released - Analyze IoC with OpenCTI, Threat fox and more #FOSS](https://www.reddit.com/r/netsec/comments/1i5wimk/v010_released_analyze_ioc_with_opencti_threat_fox/) + - [ ] [Tear Down The Castle - Part 1 | dfir.ch](https://www.reddit.com/r/netsec/comments/1i5p97a/tear_down_the_castle_part_1_dfirch/) +- Schneier on Security + - [ ] [Biden Signs New Cybersecurity Order](https://www.schneier.com/blog/archives/2025/01/biden-signs-new-cybersecurity-order.html) +- Computer Forensics + - [ ] [Release v0.1.0 - Give context to IoC with ease - OpenCTI, Threatfox and more](https://www.reddit.com/r/computerforensics/comments/1i5ugv1/release_v010_give_context_to_ioc_with_ease/) + - [ ] [How is data acquisition performed for small IoT devices or sensors? What is performed static or live acquisition usually?](https://www.reddit.com/r/computerforensics/comments/1i636q6/how_is_data_acquisition_performed_for_small_iot/) + - [ ] [Requesting Assistance - iPhone Photo Data](https://www.reddit.com/r/computerforensics/comments/1i5qyd3/requesting_assistance_iphone_photo_data/) + - [ ] [Career pathway advice](https://www.reddit.com/r/computerforensics/comments/1i5k2ht/career_pathway_advice/) +- Social Engineering + - [ ] [Festival beer run](https://www.reddit.com/r/SocialEngineering/comments/1i5q01m/festival_beer_run/) +- Security Weekly Podcast Network (Audio) + - [ ] [The Next Era of Data Security: AI, Cloud, & Compliance - Jeff Smith, Dimitri Sirota, Kiran Chinnagangannagari - ESW #390](http://sites.libsyn.com/18678/the-next-era-of-data-security-ai-cloud-compliance-jeff-smith-dimitri-sirota-kiran-chinnagangannagari-esw-390) diff --git a/archive/tmp/2025-01-21.json b/archive/tmp/2025-01-21.json new file mode 100644 index 0000000000..d69060f771 --- /dev/null +++ b/archive/tmp/2025-01-21.json @@ -0,0 +1,526 @@ +{ + "Security Boulevard": { + "U.S. Treasury Sanctions Chinese Individual, Company for Data Breaches": "https://securityboulevard.com/2025/01/treasury-sanctions-chinese-individual-company-for-data-breaches/", + "The AI Revolution No One Saw Coming Until It Was Too Late": "https://securityboulevard.com/2025/01/the-ai-revolution-no-one-saw-coming-until-it-was-too-late/", + "Mobile Cybersecurity Trends for 2025: Key Predictions and Preparations": "https://securityboulevard.com/2025/01/mobile-cybersecurity-trends-for-2025-key-predictions-and-preparations/", + "Executive Order 14144 on Cybersecurity: Building on 2021’s Foundation with Advanced NHI Security": "https://securityboulevard.com/2025/01/executive-order-14144-on-cybersecurity-building-on-2021s-foundation-with-advanced-nhi-security/", + "Bluesky AT Protocol: Building a Decentralized TikTok": "https://securityboulevard.com/2025/01/bluesky-at-protocol-building-a-decentralized-tiktok/", + "Privacy Roundup: Week 3 of Year 2025": "https://securityboulevard.com/2025/01/privacy-roundup-week-3-of-year-2025/", + "Biden Signs New Cybersecurity Order": "https://securityboulevard.com/2025/01/biden-signs-new-cybersecurity-order/", + "The 2025 Themes on Data GPS": "https://securityboulevard.com/2025/01/the-2025-themes-on-data-gps/", + "From Dark Web to Jackpot: How Cybercriminals Exploit Stolen Credentials in iGaming": "https://securityboulevard.com/2025/01/from-dark-web-to-jackpot-how-cybercriminals-exploit-stolen-credentials-in-igaming/", + "Information Security Manual (ISM)": "https://securityboulevard.com/2025/01/information-security-manual-ism/" + }, + "Doonsec's feed": { + "【漏洞预警】ZZCMS index.php SQL注入漏洞(CVE-2025-0565)": "https://mp.weixin.qq.com/s?__biz=MzI3NzMzNzE5Ng==&mid=2247489485&idx=1&sn=e5ea1e03489d9276fac40db96a823bb7", + "TikTok为何起死回生": "https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485443&idx=1&sn=dd23aa4fd95519d14cc33ef2d54c8810", + "【直卖实拍】北七家3居变4居豪装,理想楼层、户型、朝向": "https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485443&idx=2&sn=b36fdcdc5a0525e1db0a2fa6508f52dc", + "【干货】笑傲职场的独家经验(1)": "https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485443&idx=3&sn=88641f7357a1f75be1dc1d32c6752987", + "【干货原创】实网攻防演习常态化,会带来什么变化01": "https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485443&idx=4&sn=f71b5322469f2fa2ccfe166579caebb1", + "【干货原创】K12教育,鲜为人知的模式秘密": "https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485443&idx=5&sn=6d627d2c0be617514fc89ab29ca4b5e9", + "原创文章目录": "https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485443&idx=6&sn=fad9c90b81fc4f20dcc44dc1f14c9c5f", + "SQL注入全知道:网络安全的关键一课": "https://mp.weixin.qq.com/s?__biz=Mzk2NDE3NDUwNg==&mid=2247483828&idx=1&sn=8ef20fd531a6dcf1a4e1cda040353abd", + "Win11综合渗透系统,第二个”kali“武器库": "https://mp.weixin.qq.com/s?__biz=MzU2MTc4NTEyNw==&mid=2247486356&idx=1&sn=a92c101f23fbced3106f21dd7797fe8b", + "如何mongodb未授权访问漏洞": "https://mp.weixin.qq.com/s?__biz=MzU1NjczNjA0Nw==&mid=2247486273&idx=1&sn=9a0ebba7a700f0ae0410be83b4b1df00", + "国家发展改革委 国家数据局印发:《公共数据资源登记管理暂行办法》": "https://mp.weixin.qq.com/s?__biz=MzI5NTM4OTQ5Mg==&mid=2247633921&idx=1&sn=18de258173a0a62f2d71cd2ca2582883", + "国家发展改革委 国家数据局印发:《公共数据资源授权运营实施规范(试行)》": "https://mp.weixin.qq.com/s?__biz=MzI5NTM4OTQ5Mg==&mid=2247633921&idx=2&sn=c418f7c2c0e0d01528c11d8e9353f68c", + "国家发展改革委 国家数据局:建立公共数据资源授权运营价格形成机制": "https://mp.weixin.qq.com/s?__biz=MzI5NTM4OTQ5Mg==&mid=2247633921&idx=3&sn=6cf19acc3796e33b2cce9a02142745d1", + "联播 | 我国首次出台公共数据资源开发利用实施细则": "https://mp.weixin.qq.com/s?__biz=MzI5NTM4OTQ5Mg==&mid=2247633921&idx=4&sn=2289a72714579a09896c3c81b515d927", + "特朗普发虚拟币,盘中暴涨1250%!": "https://mp.weixin.qq.com/s?__biz=MzI5NTM4OTQ5Mg==&mid=2247633921&idx=5&sn=54a5ea5792206d9bae4c05e339bd07d5", + "入群交流": "https://mp.weixin.qq.com/s?__biz=MzI3NzM5NDA0NA==&mid=2247490304&idx=1&sn=a98b3b79b777c84182792e9c67ffacce", + "【知识点】解密:HUMINT、SIGINT、OSINT、MASINT、GEOINT 、IMINT、SOCMINT、MEDINT等": "https://mp.weixin.qq.com/s?__biz=MzI2MTE0NTE3Mw==&mid=2651148633&idx=1&sn=80a6c18af41984c8aaa601f82ccd7ac8", + "渗透测试人员的 MSSQL:NetExec": "https://mp.weixin.qq.com/s?__biz=MzU1NjczNjA0Nw==&mid=2247486268&idx=1&sn=450e1a636c028a9d9e1fe429289a8668", + "常见几种网络协议分析": "https://mp.weixin.qq.com/s?__biz=MzAxNTg1MDYxNA==&mid=2247489128&idx=1&sn=313dc6f577ec674a9a177d748316db7b", + "HGAME 2025 来啦!": "https://mp.weixin.qq.com/s?__biz=MzIxNDU2ODg3Mw==&mid=2247485952&idx=1&sn=799660f91d48a13de14372592f792a47", + "商务合作": "https://mp.weixin.qq.com/s?__biz=MzI3NzM5NDA0NA==&mid=2247490298&idx=1&sn=29a1662bf8226520fd86fc0e9622b590", + "游戏数据安全——论各大防封手段": "https://mp.weixin.qq.com/s?__biz=MzkyMTQzNTM3Ng==&mid=2247483891&idx=1&sn=2558903c6966574bc94858f004b07211", + "由国家医保局集采出现的低价低质药品问题想到网络安全产品采购": "https://mp.weixin.qq.com/s?__biz=Mzk0MDI5MTQzMg==&mid=2247483930&idx=1&sn=228a4301c1f6b71dd85754c22ba6beed", + "【调研】网络与信息法学研究机构调研问卷": "https://mp.weixin.qq.com/s?__biz=MzU1NDY3NDgwMQ==&mid=2247549334&idx=1&sn=82cf21764d504b41a48962823d8ed655", + "【资讯】贵州省政府办公厅印发《贵州省公共数据授权运营管理办法(试行)》": "https://mp.weixin.qq.com/s?__biz=MzU1NDY3NDgwMQ==&mid=2247549334&idx=2&sn=053caf442ee04b3f5546728815a77d5c", + "【资讯】黑龙江省政府办公厅印发《黑龙江省政务数据管理暂行办法》": "https://mp.weixin.qq.com/s?__biz=MzU1NDY3NDgwMQ==&mid=2247549334&idx=3&sn=5c8a8470788284305db508aa96bd7c79", + "【资讯】重庆市政府办公厅印发《重庆市智慧医疗装备产业创新发展行动计划(2025—2027年)》": "https://mp.weixin.qq.com/s?__biz=MzU1NDY3NDgwMQ==&mid=2247549334&idx=4&sn=f2251d4ebfb1aeedfd16c0781ec39e40", + "保护开源:软件供应链革命的教训": "https://mp.weixin.qq.com/s?__biz=MzA4MzMzOTQ4Mw==&mid=2453672504&idx=1&sn=babb0420709b2e937d08399d4d0253d8", + "2024春秋杯冬季赛部分wp": "https://mp.weixin.qq.com/s?__biz=MzkzNzg4MTI0NQ==&mid=2247485407&idx=1&sn=1cf860634c2c903157b69595dfaf0367", + "梦里挖edu src的步骤": "https://mp.weixin.qq.com/s?__biz=Mzg3OTUxNTU2NQ==&mid=2247490011&idx=1&sn=b84ffdb0597e4d6c90da739f541f310c", + "渗透测试信息收集指南": "https://mp.weixin.qq.com/s?__biz=Mzg3OTUxNTU2NQ==&mid=2247490011&idx=2&sn=493f7191ac6cb9fcfbc24240dc688f1e", + "【库迪咖啡|全场饮品任选券|多店可用】现价仅需7.9 低至2.3折": "https://mp.weixin.qq.com/s?__biz=Mzg3OTUxNTU2NQ==&mid=2247490011&idx=3&sn=696b18cad8b2a463ec2185c4ac088e12", + "告别手动编辑:如何用Python快速创建Ansible hosts文件?": "https://mp.weixin.qq.com/s?__biz=MjM5OTc5MjM4Nw==&mid=2457386352&idx=1&sn=8feb8deabf383342740f93b565b22599", + "Linux系统沦陷只需1分钟?这些文件权限配置千万别踩坑!": "https://mp.weixin.qq.com/s?__biz=MzI5MjY4MTMyMQ==&mid=2247489749&idx=1&sn=7962c59b247991746167fa1a11ae454e", + "【云安全】云原生-Docker(一)安全问题概述": "https://mp.weixin.qq.com/s?__biz=MzUyNTUyNTA5OQ==&mid=2247484414&idx=1&sn=24240cde29e42a4c1d40be5dc842887c", + "三江汇流 共赴未来 | 三未信安2025年全体员工大会暨优秀员工颁奖典礼、迎新年会圆满举办": "https://mp.weixin.qq.com/s?__biz=MzA5ODk0ODM5Nw==&mid=2650330729&idx=1&sn=01e972e79a2a22651fe6dc099e789730", + "供应链危机四伏:2024年十大供应链安全事件盘点": "https://mp.weixin.qq.com/s?__biz=MzkxMzQwNDcxNg==&mid=2247486847&idx=1&sn=d89231f87a5afce0ccd46a4e73f593a8", + "下辈子准时点": "https://mp.weixin.qq.com/s?__biz=MzAwMjQ2NTQ4Mg==&mid=2247496696&idx=1&sn=3a506bc2e55fccbc563b774c17a54714", + "每日情报速递": "https://mp.weixin.qq.com/s?__biz=MzkxMzU4ODU2MQ==&mid=2247484008&idx=1&sn=ac715abc887e00dbbfc1436a108e6250", + "pikachu靶机-sql注入": "https://mp.weixin.qq.com/s?__biz=Mzk1NzI5NzA3NQ==&mid=2247486295&idx=1&sn=62db4342ca546762d7dad726b689a216", + "意外发现谷歌Slides越权漏洞,获得赏金$3133.70的故事": "https://mp.weixin.qq.com/s?__biz=Mzg2ODYxMzY3OQ==&mid=2247518279&idx=1&sn=7d44805e31cccc886d5a926e01ac7338", + "SRC专项知识库": "https://mp.weixin.qq.com/s?__biz=Mzg2ODYxMzY3OQ==&mid=2247518279&idx=2&sn=848576913cb502b4079a9268c93b2f96", + "新年要到了,地图大师和大家请个假!": "https://mp.weixin.qq.com/s?__biz=MzI5MDcyODIzNg==&mid=2247484847&idx=1&sn=ea43296b01431c6d05978d81aca141e9", + "金盾信安 | 网络和数据领域资讯第44期(2025.1.14-2025.1.20)": "https://mp.weixin.qq.com/s?__biz=MjM5NjA2NzY3NA==&mid=2448682463&idx=1&sn=6b0cf0e4166f632f756e6d7185550a0c", + "一图读懂 | 关于完善数据流通安全治理 更好促进数据要素市场化价值化的实施方案": "https://mp.weixin.qq.com/s?__biz=MjM5NjA2NzY3NA==&mid=2448682463&idx=2&sn=0b3adf79225cf56eeea212f3b7827b2e", + "从信息泄露到越权再到弱口令": "https://mp.weixin.qq.com/s?__biz=MzIzMTIzNTM0MA==&mid=2247496915&idx=1&sn=ab34ad81c6b8fa8f2d00b9513c025fa4", + "DeepSeek-R1发布:AI模型的新突破与挑战": "https://mp.weixin.qq.com/s?__biz=Mzg4NDY4Mzk3Mw==&mid=2247485508&idx=1&sn=24b05cfb5c4bc56938cae5df32894666", + "凉山叙事": "https://mp.weixin.qq.com/s?__biz=MzUzMjQyMDE3Ng==&mid=2247487923&idx=1&sn=27de2e79a46e08f68e6fd4cadd99c580", + "用AI批量画美女,起号快涨粉猛!": "https://mp.weixin.qq.com/s?__biz=MzU5MjI1NTY1Mg==&mid=2247484026&idx=1&sn=5fe17628890ac8925d456ec37ddbb401", + "什么?超级大黑客挖不到CVE怪别人?": "https://mp.weixin.qq.com/s?__biz=Mzg2NDg2MDIxNQ==&mid=2247485337&idx=1&sn=0e18e12e4583d3266cf4cfeef786a4d4", + "G.O.S.S.I.P 技术笔记 2025-01-15 薛定谔的寄存器?": "https://mp.weixin.qq.com/s?__biz=Mzg5ODUxMzg0Ng==&mid=2247499629&idx=1&sn=2890acf36b4707a5bf91f3c823c4a5db", + "重要通知 | 水务行业信息技术应用创新典型案例征集活动正式开启!": "https://mp.weixin.qq.com/s?__biz=MjM5NzYwNDU0Mg==&mid=2649249501&idx=1&sn=7fb28777ad09673ab4833b0e29dd508a", + "Pycharm接入DeepSeek-Coder": "https://mp.weixin.qq.com/s?__biz=MjM5NDcxMDQzNA==&mid=2247489378&idx=1&sn=1aff955a1f6d90eca2719ea543dc1f6e", + "区域 EE 架构的网络安全设计原则": "https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247619836&idx=1&sn=e0ed060c4fa01b7116987d615eaee244", + "汽车行业的4项基本网络安全原则": "https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247619836&idx=2&sn=dfcd600112ecc5a305a8575993cad59f", + "汽车网络安全原则": "https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247619836&idx=3&sn=e130f913bea9bf203e72ceed015b3888", + "基于MQTT协议的物联网小基站": "https://mp.weixin.qq.com/s?__biz=MzkxMzIwNTY1OA==&mid=2247510807&idx=1&sn=a3f9af8ad8ab86ab84ec3ee023997827", + "利用 Windows 常见日志文件系统零日漏洞 (CVE-2024-49138)": "https://mp.weixin.qq.com/s?__biz=MzI0NzE4ODk1Mw==&mid=2652094653&idx=1&sn=0a8f46713971d1eae5f9bc98fe0e3049", + "严重远程代码执行漏洞(CVE-2024-53691)在QNAP 系统中被发现": "https://mp.weixin.qq.com/s?__biz=MzI0NzE4ODk1Mw==&mid=2652094653&idx=2&sn=c69dfb1b57a25f58f75e9a9f5422bd0c", + "解读出国劳务:表面邀请拍戏,实则人口交易,走上小路,却是末路!": "https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651312480&idx=1&sn=2be5b35dfbdedbfdbcdd3f9202df131a", + "惠普被黑客入侵,机密数据在暗网出售": "https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651312480&idx=2&sn=a05f6eecc8d3d1f5f003190048e55fcb", + "黑客滥用微软VSCode 远程隧道绕过安全工具": "https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651312480&idx=3&sn=b0c12a4dddb00af1b5562fe19c9287c8", + "Hannibal:一款基于C的x64 Windows代理": "https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651312480&idx=4&sn=f4a2e1bfaa023f53f89e41093fef9be4", + "豆包实时语音大模型上线即开放!情商智商双高": "https://mp.weixin.qq.com/s?__biz=MzI1MzYzMjE0MQ==&mid=2247512895&idx=1&sn=49ed677b655176bbbd6eee6f4ddc18e1", + "SQL注入靶场(前22关)保姆级教学": "https://mp.weixin.qq.com/s?__biz=MzkzNjg3NzIwOQ==&mid=2247485112&idx=1&sn=80fc51e061a399aa0576b2480a0953a3", + "带你解锁编码新世界!--随波逐流CTF编码工具使用教程37 --云影密码": "https://mp.weixin.qq.com/s?__biz=MzU2NzIzNzU4Mg==&mid=2247489499&idx=1&sn=56bef61a2ffed756e0bb9b4217c0834e", + "第三届N1CTF Junior报名开启": "https://mp.weixin.qq.com/s?__biz=MzU4MTg1NzAzMA==&mid=2247490615&idx=1&sn=a3e77db49dc51e0396b2ffd6f5886aee", + "【安全圈】宁波某化工企业被境外势力获取危险源监控视频数据": "https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067503&idx=1&sn=018f26decbcead5c44d6897dcaac4696", + "【安全圈】黑客声称惠普企业遭入侵,列出待售数据": "https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067503&idx=2&sn=91d7e9ae298ff62eea78d7143853f356", + "【安全圈】黑客滥用 Microsoft VSCode 远程隧道绕过安全工具": "https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067503&idx=3&sn=0b2738a898f48ebbcd35b935ea9b9b9b", + "【安全圈】无需拆卸笔记本电脑即可访问 Windows 11 BitLocker 加密文件": "https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067503&idx=4&sn=17aa39950a2ad339c5c9189715ebc4f2", + "AI时代-利用Ai赚钱的N中方法": "https://mp.weixin.qq.com/s?__biz=Mzg2NDYwMDA1NA==&mid=2247543554&idx=1&sn=6ca82e5051fc54fba128ff1b6bc374ce", + "“升官发财”,特朗普虚拟币暴涨41200%!“第一夫人币”两小时近腰斩": "https://mp.weixin.qq.com/s?__biz=Mzg2NDYwMDA1NA==&mid=2247543554&idx=2&sn=50d4d9652b497a556e9a9f1a064d6a6e", + "多伦多大学年度黑客松“UofTHacks 12” 在DoraHacks正式开启": "https://mp.weixin.qq.com/s?__biz=MzU2MTQwMzMxNA==&mid=2247541420&idx=1&sn=7520eaaa0a11fb4924fd960022874b02", + "电力安全|2024年新型电力系统安全建设指南报告(附下载)": "https://mp.weixin.qq.com/s?__biz=MzI2MDk2NDA0OA==&mid=2247531128&idx=1&sn=7e001d4bfcf9cda041d5c9360cbe2d81", + "干货 | 中国市政华北院刘杰:工业信息安全在市政行业的应用(附视频+PPT)": "https://mp.weixin.qq.com/s?__biz=MzI2MDk2NDA0OA==&mid=2247531128&idx=2&sn=77375409542f4a968c5c5b2d10088225", + "全球视野 | 国际网安快讯(第46期)": "https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235156&idx=1&sn=0d1b4aa189b788c665f35ccc52b8c79c", + "关注 | 中央网信办启动“清朗·2025年春节网络环境整治”专项行动": "https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235156&idx=2&sn=4b39d631ae07312faba443f5436ad10d", + "专家解读 | 蒋艳:促进数据标注能力提升,筑牢工业智能数据基础": "https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235156&idx=3&sn=558d06cf50feba02ada95b443dd3c827", + "专家观点 | 构建多元化的人工智能训练数据供给体系": "https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235156&idx=4&sn=1dbca4b896271872f13bb321297280ba", + "国际 | 欧盟计划加强医疗保健行业网络安全": "https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235156&idx=5&sn=957baf161a599a455c3db7e971b5e1be", + "国际 | 日本强化“主动网络防御”能力": "https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235156&idx=6&sn=8ccd83bcc4b8e4593e6fdd896fa083e0", + "评论 | 请读懂用“反向驯化”对付算法背后的诉求": "https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235156&idx=7&sn=f84b09b4c82d9bc9efe8c1c5f4c91a4d", + "第84期 | GPTSecurity周报": "https://mp.weixin.qq.com/s?__biz=MzkzNDUxOTk2Mw==&mid=2247495733&idx=1&sn=b25764a0c1cb74d6cf486000580c406c", + "喜报 | 卫达信息董事长兼CEO张长河入选北京信息化协会专家库": "https://mp.weixin.qq.com/s?__biz=Mzg5NDY0NTM2Nw==&mid=2247492228&idx=1&sn=9f73182c1bd8a144aa165eee1ff349b8", + "保姆级教学之XSS-Labs通关": "https://mp.weixin.qq.com/s?__biz=Mzk1NzQwNjQ4Ng==&mid=2247484597&idx=1&sn=48da660e734995c35cec93cddff84fd8", + "电科网安*安默科技2024年终总结暨2025年迎新会圆满落幕": "https://mp.weixin.qq.com/s?__biz=MzU3ODk0MzE4OA==&mid=2247488051&idx=1&sn=6f19acffa8173f7a20541412fc6576a5", + "对话|ESA如何助力企业高效安全开展在线业务?": "https://mp.weixin.qq.com/s?__biz=MzU5ODgzNTExOQ==&mid=2247635009&idx=1&sn=69db4caf5105b9b0125c63728b5fecaa", + "【黑产大数据】2024年互联网黑灰产趋势年度总结": "https://mp.weixin.qq.com/s?__biz=MzU5ODgzNTExOQ==&mid=2247635009&idx=2&sn=3dde0197ea08fcea6abbf1efcc97121e", + "T1059.009 命令执行:云API异常调用": "https://mp.weixin.qq.com/s?__biz=Mzk0NDcyMjU2OQ==&mid=2247484541&idx=1&sn=c834b9f4ff672abc3b456507acb31eeb", + "盘点!美亚柏科电子数据取证技术实现多项关键性突破": "https://mp.weixin.qq.com/s?__biz=MjM5NTU4NjgzMg==&mid=2651436426&idx=1&sn=a33191a6dedd3921aaf30e03d59a4725", + "国投智能(美亚柏科)2025年首期师资培训班顺利结营": "https://mp.weixin.qq.com/s?__biz=MjM5NTU4NjgzMg==&mid=2651436426&idx=2&sn=a927c434d43af1cb6365563dda66f575", + "CNVD漏洞周报2025年第3期": "https://mp.weixin.qq.com/s?__biz=MzU3ODM2NTg2Mg==&mid=2247495715&idx=1&sn=c02f8d40b18ff20468aa338efd776c5d", + "上周关注度较高的产品安全漏洞(20250113-20250119)": "https://mp.weixin.qq.com/s?__biz=MzU3ODM2NTg2Mg==&mid=2247495715&idx=2&sn=b9b9d870553d36e181ba7d1702fde7da", + "面向脚本小子的360QVM": "https://mp.weixin.qq.com/s?__biz=MzU0NDc0NTY3OQ==&mid=2247488404&idx=1&sn=767ba5298bab860a12d1a405c60ff539", + "3家公司未履行网络安全保护义务被网信部门约谈": "https://mp.weixin.qq.com/s?__biz=MzIxMDIwODM2MA==&mid=2653931455&idx=1&sn=9869843197ad2257ce5e19eceb4cdd5c", + "河南农商联合银行1000万扩容大数据平台,服务器中标金额近乎“腰斩”": "https://mp.weixin.qq.com/s?__biz=MzIxMDIwODM2MA==&mid=2653931455&idx=2&sn=2b60d33885356d3902384fba93149b07", + "滴!您有一封来自360安全大模型的年度报告待查收": "https://mp.weixin.qq.com/s?__biz=MzA4MTg0MDQ4Nw==&mid=2247579147&idx=1&sn=0643e297c264261888a85bdd3bd4b117", + "国际权威认可!奇安信入选全球外部威胁情报服务代表性提供商": "https://mp.weixin.qq.com/s?__biz=MzU0NDk0NTAwMw==&mid=2247624499&idx=1&sn=2bde033592b17124298b7604ce3f2346", + "吴云坤总裁荣获CCF计算机博物馆建设年度杰出贡献奖": "https://mp.weixin.qq.com/s?__biz=MzU0NDk0NTAwMw==&mid=2247624499&idx=2&sn=1e3dedef1c1a65b4d6d35a1739c53535", + "SQL注入的入门指南": "https://mp.weixin.qq.com/s?__biz=Mzk0Mjg4MTQxMw==&mid=2247485731&idx=1&sn=001b161a0e206c805ff76545de384fae", + "WGS-804HPT 交换机中存在多个严重漏洞,可导致RCE和网络利用": "https://mp.weixin.qq.com/s?__biz=MzI2NTg4OTc5Nw==&mid=2247522124&idx=1&sn=8b928d650502c3cebc7b2ae0e85282a2", + "PyPI 恶意包窃取Discord 开发人员的认证令牌": "https://mp.weixin.qq.com/s?__biz=MzI2NTg4OTc5Nw==&mid=2247522124&idx=2&sn=98991414f4675f83bbb4a3935a2f16e1", + "拜登辛苦布局,特朗普一键清零": "https://mp.weixin.qq.com/s?__biz=MzkxMTA3MDk3NA==&mid=2247487075&idx=1&sn=76de4b585df35469219561d742159caf", + "APT-C-26(Lazarus)组织持续升级攻击武器,利用Electron程序瞄准加密货币行业": "https://mp.weixin.qq.com/s?__biz=MzUyMjk4NzExMA==&mid=2247505519&idx=1&sn=594229f2c0123673d1fa9c6cf729858b", + "每周网安资讯 (1.7-1.13)|微软补丁日通告:2025年1月版": "https://mp.weixin.qq.com/s?__biz=MzI2MzU0NTk3OA==&mid=2247505727&idx=1&sn=05d5f08860d3524fce4b867cf81fddae", + "构筑业务系统监测预警体系,中孚信息筑牢国家安全保密新防线": "https://mp.weixin.qq.com/s?__biz=MzAxMjE1MDY0NA==&mid=2247508720&idx=1&sn=b1a3fb7b9050e2c9f6897d8018d2fe99", + "规划丨2025,对您的未来许下承诺": "https://mp.weixin.qq.com/s?__biz=MzUzNTg4NDAyMg==&mid=2247492307&idx=1&sn=3a6a128fe59dd9a6c20465afe53b24a5", + "150亿造车新势力,宣布停运破产": "https://mp.weixin.qq.com/s?__biz=MzIzOTc2OTAxMg==&mid=2247549173&idx=1&sn=0c7333f70cb52cfe2b8da933eea4de06", + "阿维塔确认参展AutoSec 9周年行业年会,亮剑汽车安全防护!": "https://mp.weixin.qq.com/s?__biz=MzIzOTc2OTAxMg==&mid=2247549173&idx=2&sn=b66c040ec84ff0496a5cfcad390306df", + "智能汽车安全理念的融合发展趋势预测": "https://mp.weixin.qq.com/s?__biz=MzIzOTc2OTAxMg==&mid=2247549173&idx=3&sn=294f9fc1441e0a598b1e6efbf7597b66", + "拜登再次发布网络安全行政令,全面加强美国国家网络防御创新": "https://mp.weixin.qq.com/s?__biz=MzkwMTQyODI4Ng==&mid=2247495621&idx=1&sn=a052c6624c11fc6742d544424b993705", + "2025年人工智能带来的五大网络安全趋势及其应对策略": "https://mp.weixin.qq.com/s?__biz=MzkwMTQyODI4Ng==&mid=2247495621&idx=2&sn=689ff446f9d50f48c3a51f31d8210332", + "Fortinet防火墙配置文件和VPN账户大规模泄露": "https://mp.weixin.qq.com/s?__biz=MzkwMTQyODI4Ng==&mid=2247495621&idx=3&sn=9f373b789858198dc0c229e52a1d9911", + "测评公告(2025年第1号)": "https://mp.weixin.qq.com/s?__biz=MzI0NDg4MTIyNQ==&mid=2247486012&idx=1&sn=3e2ba62d7a8f49614ac4ed43fe5d70c6", + "天翁安全 2025年新年粉丝专属红包来啦(第二弹)!": "https://mp.weixin.qq.com/s?__biz=MzkwMzUyMjk2MQ==&mid=2247484100&idx=1&sn=c306276e7193d6c54a955c0cc151bb98", + "开源前哨 · 热点情报速览(2025.1.14-2025.1.20)": "https://mp.weixin.qq.com/s?__biz=Mzg2Nzg0NDkwMw==&mid=2247493204&idx=1&sn=3c970abd0871869c3dee3b7721e01585", + "再获认可 |珞安科技自主研发产品入选CCIA第二版《网络安全专用产品指南》": "https://mp.weixin.qq.com/s?__biz=MzU2NjI5NzY1OA==&mid=2247512181&idx=1&sn=30d15c8974a91118212031b6ab347066", + "学习PE文件后的第一次实践项目之DLL反射型注入": "https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458588763&idx=1&sn=3f8a5ac4ea9d15820cc2cd6d5692963e", + "开源工具 rsync 爆重大漏洞,黑客可越界写入缓冲区执行代码": "https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458588763&idx=2&sn=987fea6e7bc8cce2c77f2e2035072ac4", + "今日更新:第4章2节-模糊测试工具基础使用": "https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458588763&idx=3&sn=094fc7e969bab88e07445fbca7b4b304", + "从国赛到西湖论剑:fenjing进阶通杀jinjia2_SSTI": "https://mp.weixin.qq.com/s?__biz=MzkxMDU5MzY0NQ==&mid=2247484461&idx=1&sn=b866a874c1d918dd649f80acfedc093f", + "安全赋能丨梆梆安全受邀出席低空智联网专题座谈会暨首发低空安防智库揭牌仪式": "https://mp.weixin.qq.com/s?__biz=MjM5NzE0NTIxMg==&mid=2651135123&idx=1&sn=756ef14e26921f7a402507c2c4e138a2", + "再获殊荣|梆梆安全荣获中国网络安全产业联盟CCIA“2024年度先进会员单位”": "https://mp.weixin.qq.com/s?__biz=MjM5NzE0NTIxMg==&mid=2651135123&idx=2&sn=2f3995fc6ee68b6a2b27acb6df3ba20d", + "大寒 | 寒冬岁暮听风雪 静待春来万物生": "https://mp.weixin.qq.com/s?__biz=MjM5NzE0NTIxMg==&mid=2651135123&idx=3&sn=0667693e8d3711a95039eee3e967dd29", + "扫码下载 | 应急响应实战分析": "https://mp.weixin.qq.com/s?__biz=MjM5OTk4MDE2MA==&mid=2655264138&idx=1&sn=76425edffe100ad52ff62ab4daa342e8", + "漏洞预警 NetMizer 日志审计 axx.php sql注入漏洞": "https://mp.weixin.qq.com/s?__biz=MzkyMTMwNjU1Mg==&mid=2247491972&idx=1&sn=1ca23e5d04a0a77875e0689e1e8c2501", + "聚铭网络荣膺“2024年网络安全十大优秀产品”殊荣": "https://mp.weixin.qq.com/s?__biz=MzIzMDQwMjg5NA==&mid=2247506558&idx=1&sn=2b88b9ebaf25df77a090a4232cc314e4", + "安全服务不打烊 | 聚铭网络2025年春节放假通知": "https://mp.weixin.qq.com/s?__biz=MzIzMDQwMjg5NA==&mid=2247506558&idx=2&sn=56a659bd2da7af8f60c01461daab69a2", + "重磅!中共中央、国务院印发《教育强国建设规划纲要(2024-2035年)》": "https://mp.weixin.qq.com/s?__biz=MzUyMzA1MTM2NA==&mid=2247499058&idx=1&sn=bb88b8e49b482515503e43edbdebdc17" + }, + "Zgao's blog": { + "0889挖矿团伙rootkit后门溯源排查记录": "https://zgao.top/0889%e6%8c%96%e7%9f%bf%e5%9b%a2%e4%bc%99rootkit%e5%90%8e%e9%97%a8%e6%ba%af%e6%ba%90%e6%8e%92%e6%9f%a5%e8%ae%b0%e5%bd%95/" + }, + "SecWiki News": { + "SecWiki News 2025-01-20 Review": "http://www.sec-wiki.com/?2025-01-20" + }, + "奇安信攻防社区": { + "浅谈恶意样本の反沙箱分析": "https://forum.butian.net/share/4050", + "在 JSP 中优雅的注入 Spring 内存马": "https://forum.butian.net/share/4053" + }, + "Private Feed for M09Ic": { + "mgeeky starred jdu2600/Etw-SyscallMonitor": "https://github.com/jdu2600/Etw-SyscallMonitor", + "mgeeky starred jdu2600/CFG-FindHiddenShellcode": "https://github.com/jdu2600/CFG-FindHiddenShellcode", + "mgeeky starred jdu2600/EtwTi-FluctuationMonitor": "https://github.com/jdu2600/EtwTi-FluctuationMonitor", + "mgeeky starred panther-labs/panther-analysis": "https://github.com/panther-labs/panther-analysis", + "mgeeky starred praetorian-inc/goffloader": "https://github.com/praetorian-inc/goffloader", + "mgeeky starred hakaioffsec/coffee": "https://github.com/hakaioffsec/coffee", + "mgeeky starred gabriellandau/EDRSandblast-GodFault": "https://github.com/gabriellandau/EDRSandblast-GodFault", + "HuYlllc pushed to dev in chainreactors/malice-network": "https://github.com/chainreactors/malice-network/compare/40ff4b0d2b...1d104aceb6", + "kpcyrd forked kpcyrd/usbd-serial from rust-embedded-community/usbd-serial": "https://github.com/kpcyrd/usbd-serial", + "mgeeky starred jdu2600/Windows10EtwEvents": "https://github.com/jdu2600/Windows10EtwEvents", + "mgeeky starred Textualize/rich": "https://github.com/Textualize/rich", + "mgeeky starred yardenshafir/cet-research": "https://github.com/yardenshafir/cet-research", + "mgeeky starred gabriellandau/ShadowStackWalk": "https://github.com/gabriellandau/ShadowStackWalk", + "zema1 starred HACK-THE-WORLD/IDAPluginList": "https://github.com/HACK-THE-WORLD/IDAPluginList", + "zema1 starred REhints/HexRaysCodeXplorer": "https://github.com/REhints/HexRaysCodeXplorer", + "kpcyrd started following riotbib": "https://github.com/riotbib", + "gh0stkey starred zsh-users/zsh-syntax-highlighting": "https://github.com/zsh-users/zsh-syntax-highlighting", + "nightRainy starred mstorsjo/llvm-mingw": "https://github.com/mstorsjo/llvm-mingw", + "zema1 starred sigoden/aichat": "https://github.com/sigoden/aichat", + "mgeeky starred tasooshi/torboost": "https://github.com/tasooshi/torboost", + "zer0yu started following adysec": "https://github.com/adysec", + "zer0yu starred 0x727/ChkApi_0x727": "https://github.com/0x727/ChkApi_0x727", + "h3zh1 pushed to v0.0.4dev in chainreactors/malice-network": "https://github.com/chainreactors/malice-network/compare/30083561aa...9ebee1c061", + "zema1 starred rainers/cv2pdb": "https://github.com/rainers/cv2pdb", + "timwhitez starred jaksi/sshesame": "https://github.com/jaksi/sshesame", + "timwhitez starred droberson/ssh-honeypot": "https://github.com/droberson/ssh-honeypot", + "timwhitez starred magisterquis/sshhipot": "https://github.com/magisterquis/sshhipot" + }, + "安全脉搏": { + "记一次攻防演练中的若依(thymeleaf 模板注入)getshell": "https://www.secpulse.com/archives/205071.html", + "浅谈内联钩取原理与实现": "https://www.secpulse.com/archives/205124.html" + }, + "嘶吼 RoarTalk – 网络安全行业综合服务平台,4hou.com": { + "绿盟科技2024年预计收入高增,亏损大幅收窄": "https://www.4hou.com/posts/8gzr" + }, + "Recent Commits to cve:main": { + "Update Mon Jan 20 20:20:12 UTC 2025": "https://github.com/trickest/cve/commit/aedb363a6106f923d0179fd99792efccf1112259", + "Update Mon Jan 20 12:23:13 UTC 2025": "https://github.com/trickest/cve/commit/9d315db2ba795d0c7604551387c8e81ce6d2ef12", + "Update Mon Jan 20 04:21:50 UTC 2025": "https://github.com/trickest/cve/commit/315f452078d121de79d7ba03d7de4677c9edcea8" + }, + "一个被知识诅咒的人": { + "仅249美元!英伟达推出超强AI开发套件,开启机器人与智能应用新纪元": "https://blog.csdn.net/nokiaguy/article/details/145265736", + "Python性能分析全攻略:从cProfile到line_profiler,全面优化你的代码": "https://blog.csdn.net/nokiaguy/article/details/145260325", + "Python中的内存管理揭秘:全面防止内存泄漏,提升程序稳定性": "https://blog.csdn.net/nokiaguy/article/details/145260311" + }, + "obaby@mars": { + "搬家": "https://h4ck.org.cn/2025/01/19019" + }, + "安全客-有思想的安全新媒体": { + "四个关键词,回眸360发力人才培育这一年": "https://www.anquanke.com/post/id/303648", + "Yubico 解决 pam-u2f 软件包中的身份验证绕过漏洞 CVE-2025-23013": "https://www.anquanke.com/post/id/303645", + "CVE-2024-53691: 针对严重 QNAP RCE 漏洞发布 PoC 漏洞利用程序": "https://www.anquanke.com/post/id/303642", + "微软开始强制升级 Windows 11 22H2、23H3 设备": "https://www.anquanke.com/post/id/303639", + "CVE-2024-49113 检测: 通过公开可用 PoC 利用 Windows LDAP 拒绝服务漏洞又名 LDAPNightmare": "https://www.anquanke.com/post/id/303636", + "微软修复 Windows Server 系统上 Office 365 应用程序崩溃问题": "https://www.anquanke.com/post/id/303633", + "恶意 PyPi 软件包窃取开发人员的 Discord 验证令牌": "https://www.anquanke.com/post/id/303630", + "Otelier 数据泄露事件暴露了数百万人的信息和酒店预订信息": "https://www.anquanke.com/post/id/303627", + "美国联邦贸易委员会命令通用汽车停止收集和出售驾驶员数据": "https://www.anquanke.com/post/id/303624", + "W3 Total Cache 插件中的一个漏洞使数十万个 WordPress 网站受到攻击": "https://www.anquanke.com/post/id/303621" + }, + "MaskRay": { + "Natural loops": "https://maskray.me/blog/2025-01-20-natural-loops" + }, + "Bug Bounty in InfoSec Write-ups on Medium": { + "How I found S3 buckets in Bug bounties": "https://infosecwriteups.com/how-i-found-s3-buckets-in-bug-bounties-501faf76c3f9?source=rss----7b722bfd1b8d--bug_bounty", + "Bypass HackerOne 2FA requirement and reporter blacklist": "https://infosecwriteups.com/bypass-hackerone-2fa-requirement-and-reporter-blacklist-46d7959f1ee5?source=rss----7b722bfd1b8d--bug_bounty" + }, + "Twitter @bytehx": { + "Just scored a reward @intigriti, check my profile: https://app.intigriti.com/profile/bytehx #HackWithIntigriti": "https://x.com/bytehx343/status/1881380986333839502" + }, + "VMRay": { + "Heavily obfuscated batch file loads XWorm hosted on GitHub": "https://www.vmray.com/heavily-obfuscated-batch-file-loads-xworm-hosted-on-github/" + }, + "SentinelOne": { + "2024 macOS Malware Review | Infostealers, Backdoors, and APT Campaigns Targeting the Enterprise": "https://www.sentinelone.com/blog/2024-macos-malware-review-infostealers-backdoors-and-apt-campaigns-targeting-the-enterprise/" + }, + "Reverse Engineering": { + "/r/ReverseEngineering's Weekly Questions Thread": "https://www.reddit.com/r/ReverseEngineering/comments/1i5lbt8/rreverseengineerings_weekly_questions_thread/", + "Malware Analysis of Fake Banking Reward APK Targeting WhatsApp Users": "https://www.reddit.com/r/ReverseEngineering/comments/1i5svi7/malware_analysis_of_fake_banking_reward_apk/", + "Reverse Engineering Bambu Connect": "https://www.reddit.com/r/ReverseEngineering/comments/1i5lw80/reverse_engineering_bambu_connect/" + }, + "Malwarebytes": { + "Your location or browsing habits could lead to price increases when buying online": "https://www.malwarebytes.com/blog/news/2025/01/your-location-or-browsing-habits-could-lead-to-price-increases-when-buying-online", + "A week in security (January 13 – January 19)": "https://www.malwarebytes.com/blog/news/2025/01/a-week-in-security-january-13-january-19" + }, + "Wallarm": { + "Considerations for Selecting the Best API Authentication Option": "https://lab.wallarm.com/considerations-selecting-best-api-authentication-option/" + }, + "安全牛": { + "《后量子密码安全能力构建技术指南(2025年)》报告暨代表性厂商评估调研启动": "https://mp.weixin.qq.com/s?__biz=MjM5Njc3NjM4MA==&mid=2651134771&idx=1&sn=d630c90006781716434e509b97c12856&chksm=bd15abe08a6222f621cc83ed26039da7ba363d15472e1102c14383eecf41b5ee7b6c2ef2e526&scene=58&subscene=0#rd", + "马斯克称X不被允许在华运营情况需改变,外交部回应; 美国联邦调查局担忧AT&T数据泄露可能暴露线人身份 | 牛览": "https://mp.weixin.qq.com/s?__biz=MjM5Njc3NjM4MA==&mid=2651134771&idx=2&sn=bf214740bb2023a8a3edc38463484c25&chksm=bd15abe08a6222f6f04fa76f0a94d12a1e81b2b7326b136daca55a3f0476d7b9a8d5898ed40d&scene=58&subscene=0#rd" + }, + "rtl-sdr.com": { + "A USB-C Mod for RTL-SDR Blog V3/V4 Dongles": "https://www.rtl-sdr.com/a-usb-c-mod-for-rtl-sdr-blog-v3-v4-dongles/", + "Locating an Intermittent Interferer with a KrakenSDR": "https://www.rtl-sdr.com/locating-an-intermittent-interferer-with-a-krakensdr/", + "Using an EFR32 IoT Microcontroller Transceiver as an SDR": "https://www.rtl-sdr.com/using-an-efr32-iot-microcontroller-transceiver-as-an-sdr/" + }, + "奇客Solidot–传递最新科技情报": { + "2024 年大气二氧化碳增幅创纪录": "https://www.solidot.org/story?sid=80382", + "欧盟考虑在消费品中禁止使用 PFAS": "https://www.solidot.org/story?sid=80381", + "Google 搜索服务开始要求启用 JavaScript": "https://www.solidot.org/story?sid=80380", + "Google Android 运行在 2024 年三分之二的新车上": "https://www.solidot.org/story?sid=80379", + "LibreOffice Writer 扩展为字处理软件加入可选的本地生成式 AI 功能": "https://www.solidot.org/story?sid=80378", + "亚马逊强推重返办公室但没有足够办公桌和停车位": "https://www.solidot.org/story?sid=80377", + "小鼠研究显示安眠药会干扰大脑清除废物": "https://www.solidot.org/story?sid=80376", + "摄像机首次捕捉到陨石掉落地面瞬间": "https://www.solidot.org/story?sid=80375", + "Linux 6.13 释出": "https://www.solidot.org/story?sid=80374", + "TikTok 恢复美国服务": "https://www.solidot.org/story?sid=80373" + }, + "HackerNews": { + "欧盟《数字运营弹性法案》正式生效,严至监禁失职管理层": "https://hackernews.cc/archives/56991", + "网络安全领域研究人员遭遇假 PoC 专项攻击": "https://hackernews.cc/archives/56995", + "加拿大一 IT 公司被俄罗斯政府列入“不受欢迎”组织名单": "https://hackernews.cc/archives/56987", + "美国联邦贸易委员会:大数据监控定价导致消费者成本上升": "https://hackernews.cc/archives/56985", + "谷歌推出 OSV-SCALIBR 开源库用于软件成分分析": "https://hackernews.cc/archives/56982", + "恶意 PyPi 软件包窃取 Discord 开发者认证令牌": "https://hackernews.cc/archives/56977", + "俄罗斯黑客组织 Star Blizzard 在新钓鱼攻击活动中瞄准 WhatsApp 账户": "https://hackernews.cc/archives/56975", + "基于 Python 的机器人利用 PHP 服务器推动赌博平台泛滥": "https://hackernews.cc/archives/56973", + "WGS-804HPT 交换机存在严重漏洞将导致远程代码执行和网络利用": "https://hackernews.cc/archives/56971" + }, + "绿盟科技技术博客": { + "【已支持暴露面风险排查】Rsync缓冲区溢出与信息泄露漏洞(CVE-2024-12084/CVE-2024-12085)": "https://blog.nsfocus.net/cve-2024-12084-cve-2024-12085/" + }, + "安全客": { + "转型中的网络安全:拜登政府的警告和美国的未来": "https://mp.weixin.qq.com/s?__biz=MzA5ODA0NDE2MA==&mid=2649787757&idx=1&sn=e5eae9b6df27d7b00015e86ca2284def&chksm=8893bd02bfe43414e51527c12e99fe7dbfabd348bcf33087f7044d95963b1907c7ae795d05e9&scene=58&subscene=0#rd" + }, + "安全分析与研究": { + "UEFI BootKit学习路线与资料分享": "https://mp.weixin.qq.com/s?__biz=MzA4ODEyODA3MQ==&mid=2247490058&idx=1&sn=8c80dfb3d169392af3a7821398c50637&chksm=902fb522a7583c34dbebe5255d0d954d1ac8bc4735bb19bc926e9c32a531e4f88c2c4666cda7&scene=58&subscene=0#rd" + }, + "奇安信 CERT": { + "安全热点周报:Fortinet 警告利用身份验证绕过零日漏洞劫持防火墙": "https://mp.weixin.qq.com/s?__biz=MzU5NDgxODU1MQ==&mid=2247502869&idx=1&sn=53f5cfd343a3cd7a4e8a32a6fe638138&chksm=fe79e88dc90e619b8c2c010457c1e44f3ff06dd47f4a8abd602deff354192c4b2842a3c0dfc3&scene=58&subscene=0#rd" + }, + "Black Hills Information Security": { + "Attack Tactics 9: Shadow Creds for PrivEsc w/ Kent & Jordan": "https://www.blackhillsinfosec.com/attack-tactics-9-shadow-creds-for-privesc-wrapup/" + }, + "吾爱破解论坛": { + "吾爱破解论坛微信红包封面设计预览": "https://mp.weixin.qq.com/s?__biz=MjM5Mjc3MDM2Mw==&mid=2651141587&idx=1&sn=91deda30d33d111b7478c3a764c2c468&chksm=bd50a5878a272c916e5fdba11db955248dd241def35150160f93e385c9782019e9bf0e6b1764&scene=58&subscene=0#rd" + }, + "代码卫士": { + "WGS-804HPT 交换机中存在多个严重漏洞,可导致RCE和网络利用": "https://mp.weixin.qq.com/s?__biz=MzI2NTg4OTc5Nw==&mid=2247522124&idx=1&sn=8b928d650502c3cebc7b2ae0e85282a2&chksm=ea94a626dde32f303236d54cf10c68cbf25ac8104fe9a6280306ddbcce4f3ce7624240d24d9d&scene=58&subscene=0#rd", + "PyPI 恶意包窃取Discord 开发人员的认证令牌": "https://mp.weixin.qq.com/s?__biz=MzI2NTg4OTc5Nw==&mid=2247522124&idx=2&sn=98991414f4675f83bbb4a3935a2f16e1&chksm=ea94a626dde32f3016b9b39f894f63db177129413333eaf003c2ded003a435725967bc152c92&scene=58&subscene=0#rd" + }, + "Dhole Moments": { + "Session Round 2": "https://soatok.blog/2025/01/20/session-round-2/" + }, + "威努特安全网络": { + "2024 CWE TOP25最危险软件弱点深度解析": "https://mp.weixin.qq.com/s?__biz=MzAwNTgyODU3NQ==&mid=2651130546&idx=1&sn=af17cc33bcba30263b1062816452140a&chksm=80e71002b7909914201ecc3158a953b2ce81f616276e5123ebef52b60f922c7ff5b588c7c574&scene=58&subscene=0#rd" + }, + "青衣十三楼飞花堂": { + "凉山叙事": "https://mp.weixin.qq.com/s?__biz=MzUzMjQyMDE3Ng==&mid=2247487923&idx=1&sn=27de2e79a46e08f68e6fd4cadd99c580&chksm=fab2d28ccdc55b9a7a2a150f12ecb0044c667e16fd09c9138fa3ca96b1c40acd0b8aa1cafd6e&scene=58&subscene=0#rd" + }, + "FreeBuf网络安全行业门户": { + "新型Android恶意软件模仿聊天应用窃取敏感数据": "https://www.freebuf.com/news/420346.html", + "B站又爆大瓜!员工“代码投毒”报复网友": "https://www.freebuf.com/news/420334.html", + "验证码对抗之殇:Clickfix最新钓鱼事件分析报告": "https://www.freebuf.com/articles/paper/420320.html", + "解读出国劳务:表面邀请拍戏,实则人口交易,走上小路,却是末路!": "https://www.freebuf.com/news/420316.html", + "FreeBuf早报 | 网信办启动春节网络环境整治行动;美网络攻击我国某研究院细节公布": "https://www.freebuf.com/news/420305.html", + "惠普被黑客入侵,机密数据在暗网出售": "https://www.freebuf.com/news/420293.html", + "无需拆机!Windows 11 BitLocker加密文件被破解": "https://www.freebuf.com/news/420297.html", + "黑客滥用微软VSCode 远程隧道绕过安全工具": "https://www.freebuf.com/news/420277.html", + "《零日风暴》| 正式前导预告 | Netflix": "https://www.freebuf.com/video/420267.html", + "ChatGPT被曝存在爬虫漏洞,OpenAI未公开承认": "https://www.freebuf.com/news/420273.html", + "网络安全领域研究人员遭遇假PoC专项攻击": "https://www.freebuf.com/news/420252.html" + }, + "奇安信威胁情报中心": { + "Operation(Giỗ Tổ Hùng Vương)hurricane:浅谈新海莲花组织在内存中的技战术": "https://mp.weixin.qq.com/s?__biz=MzI2MDc2MDA4OA==&mid=2247513780&idx=1&sn=a2650f77b1b7a4b73b27ec637bef04d1&chksm=ea6641c3dd11c8d58e8cd03792f61e801bc69c868a2c7ccc64826afab019e4e19fa13ab75e3d&scene=58&subscene=0#rd" + }, + "腾讯玄武实验室": { + "每日安全动态推送(25/1/20)": "https://mp.weixin.qq.com/s?__biz=MzA5NDYyNDI0MA==&mid=2651959996&idx=1&sn=39171e942cfb617360a556b8d9fa2dd3&chksm=8baed223bcd95b358ff9bd5dd95c2f60ad07fa4eaf7b8664a5947a32920fa4092f27c9b4e44d&scene=58&subscene=0#rd" + }, + "安全研究GoSSIP": { + "G.O.S.S.I.P 技术笔记 2025-01-15 薛定谔的寄存器?": "https://mp.weixin.qq.com/s?__biz=Mzg5ODUxMzg0Ng==&mid=2247499629&idx=1&sn=2890acf36b4707a5bf91f3c823c4a5db&chksm=c063d1b4f71458a27e12ffc8ec1fe880002d2d92968fadcda511a91279e30d0dacba4fa59f48&scene=58&subscene=0#rd" + }, + "中国信息安全": { + "全球视野 | 国际网安快讯(第46期)": "https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235156&idx=1&sn=0d1b4aa189b788c665f35ccc52b8c79c&chksm=8b58026dbc2f8b7b6d93de308202cb19c8415133a057bc6da6f722dede97d20b258b1d7472a6&scene=58&subscene=0#rd", + "关注 | 中央网信办启动“清朗·2025年春节网络环境整治”专项行动": "https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235156&idx=2&sn=4b39d631ae07312faba443f5436ad10d&chksm=8b58026dbc2f8b7b91ed7170e231bcd136924c647b87e66b0462da74c185560ce2f6cd9e787a&scene=58&subscene=0#rd", + "专家解读 | 蒋艳:促进数据标注能力提升,筑牢工业智能数据基础": "https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235156&idx=3&sn=558d06cf50feba02ada95b443dd3c827&chksm=8b58026dbc2f8b7b9eef3e6af4d43b30950f7189270bf1a2d3bca5bcca2741a0e8e19ea1ba22&scene=58&subscene=0#rd", + "专家观点 | 构建多元化的人工智能训练数据供给体系": "https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235156&idx=4&sn=1dbca4b896271872f13bb321297280ba&chksm=8b58026dbc2f8b7b971cfdb62ca4b48021e6f8ef3b66a561160856f707769288e10ab71e982c&scene=58&subscene=0#rd", + "国际 | 欧盟计划加强医疗保健行业网络安全": "https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235156&idx=5&sn=957baf161a599a455c3db7e971b5e1be&chksm=8b58026dbc2f8b7bbbcad45c446045a33301e9fff28222efaa28c4e2b68cc21f064468af3e20&scene=58&subscene=0#rd", + "国际 | 日本强化“主动网络防御”能力": "https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235156&idx=6&sn=8ccd83bcc4b8e4593e6fdd896fa083e0&chksm=8b58026dbc2f8b7b5e4b966a6f54625e30dc69faafd8a70ef0171ade51902c00712b1acdc8cd&scene=58&subscene=0#rd", + "评论 | 请读懂用“反向驯化”对付算法背后的诉求": "https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235156&idx=7&sn=f84b09b4c82d9bc9efe8c1c5f4c91a4d&chksm=8b58026dbc2f8b7baae14b0518073604a463b27203a7a6c6a7ba5b8c9cb577ae2d49f270693e&scene=58&subscene=0#rd" + }, + "dotNet安全矩阵": { + "举一反三 ,通过 Sharp4SuoPoc 从原理上复现 Visual Studio 投毒事件的来龙去脉": "https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498340&idx=1&sn=f9aecfc3de35b8fac05e7e7d352da9e4&chksm=fa595489cd2edd9f317b3ce1a2e10a23a2a5c3c3fc4a16daa713ac76716cec8ef519e525b37a&scene=58&subscene=0#rd", + "国内最专业、最全面的 [ .NET 代码审计 ] 体系化学习交流社区": "https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498340&idx=2&sn=a8a67dc9e2cd5c4ec82e4a85c1fe2342&chksm=fa595489cd2edd9f25ac05370f0e47f84cb3e8c701746b35f4a0bfb09ae483e152785aeeb67c&scene=58&subscene=0#rd", + ".NET 第 55 期红队武器库和资源汇总": "https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498340&idx=3&sn=7c60cbd1b12469d5e4f5c6db12ca1cb4&chksm=fa595489cd2edd9fd5bb60e9788f1ae5294e1852fb76568985d137f3a1b3dde16d6bcfcd9495&scene=58&subscene=0#rd" + }, + "丁爸 情报分析师的工具箱": { + "【知识点】解密:HUMINT、SIGINT、OSINT、MASINT、GEOINT 、IMINT、SOCMINT、MEDINT等": "https://mp.weixin.qq.com/s?__biz=MzI2MTE0NTE3Mw==&mid=2651148633&idx=1&sn=80a6c18af41984c8aaa601f82ccd7ac8&chksm=f1af2663c6d8af75a845402ef2f96cb2f9a94fd38ebb787c3390cc9a9cda2de4f06e26baa64f&scene=58&subscene=0#rd" + }, + "数世咨询": { + "新西兰跻身云安全漏洞排名前十": "https://mp.weixin.qq.com/s?__biz=MzkxNzA3MTgyNg==&mid=2247534891&idx=1&sn=442f5697287365e019e20cb29c0a8008&chksm=c1443b96f633b280e3859a3441a858dda1412ce36b7957734a73bf3c683102b57bad82ee504a&scene=58&subscene=0#rd" + }, + "微步在线": { + "零差评的NDR,都做对了什么?": "https://mp.weixin.qq.com/s?__biz=MzI5NjA0NjI5MQ==&mid=2650183053&idx=1&sn=92ff24e4a5e517b359ccd30b8274a5f6&chksm=f4486e31c33fe7279d803461244b6437f24fcba89a8c0040cee9fb53be84431992cedcf81281&scene=58&subscene=0#rd" + }, + "极客公园": { + "荣耀开启新一轮无限游戏:换帅、AI 和出海": "https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653072381&idx=1&sn=59b10e027ecd8cf16913597da4808654&chksm=7e57d64b49205f5d6d1a059def189b6fd38bba2e3c0be18dc4bbbd18ed40d8ca4f5a21f028bb&scene=58&subscene=0#rd", + "对话 Mirumi 创造者:CES上爆火的陪伴机器人是怎样炼成的?": "https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653072363&idx=1&sn=feda9287cf8b3068ce7f17923c00d078&chksm=7e57d65d49205f4b15641187aaca3c587e0d4b05aa12dd633c11226bc00b5361d10c22ddf874&scene=58&subscene=0#rd" + }, + "CNVD漏洞平台": { + "CNVD漏洞周报2025年第3期": "https://mp.weixin.qq.com/s?__biz=MzU3ODM2NTg2Mg==&mid=2247495715&idx=1&sn=c02f8d40b18ff20468aa338efd776c5d&chksm=fd74c0eaca0349fcf48893554150aa62b8d148205e3198526c654194241638eafab9530bc6b5&scene=58&subscene=0#rd", + "上周关注度较高的产品安全漏洞(20250113-20250119)": "https://mp.weixin.qq.com/s?__biz=MzU3ODM2NTg2Mg==&mid=2247495715&idx=2&sn=b9b9d870553d36e181ba7d1702fde7da&chksm=fd74c0eaca0349fcd7eabae533b4d6bf7f8a8cf66309cb1e93c0c20500d376dc0ac4c5436fe6&scene=58&subscene=0#rd" + }, + "安全圈": { + "【安全圈】宁波某化工企业被境外势力获取危险源监控视频数据": "https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067503&idx=1&sn=018f26decbcead5c44d6897dcaac4696&chksm=f36e7aefc419f3f998508894e072b07d360f8ce003a7829c7e3e59b6e38963c000cb35563009&scene=58&subscene=0#rd", + "【安全圈】黑客声称惠普企业遭入侵,列出待售数据": "https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067503&idx=2&sn=91d7e9ae298ff62eea78d7143853f356&chksm=f36e7aefc419f3f91633b7a176be4cb6885a0df37a85ddd11366df9baa8f003ef67da3e56566&scene=58&subscene=0#rd", + "【安全圈】黑客滥用 Microsoft VSCode 远程隧道绕过安全工具": "https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067503&idx=3&sn=0b2738a898f48ebbcd35b935ea9b9b9b&chksm=f36e7aefc419f3f9825e2bcdb1346a6a0cfc125b0362317ae276f36f4a15f976800acc71e733&scene=58&subscene=0#rd", + "【安全圈】无需拆卸笔记本电脑即可访问 Windows 11 BitLocker 加密文件": "https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067503&idx=4&sn=17aa39950a2ad339c5c9189715ebc4f2&chksm=f36e7aefc419f3f9cb51bb87bb1f571572cf3b66429795fbd19cc7536069f74aa0232d0c9cc2&scene=58&subscene=0#rd" + }, + "情报分析师": { + "【深度研究】如何用开源情报与验证技术挖掘互联网的隐藏真相": "https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650559107&idx=1&sn=d4395815742a56a0b089bcbdd91c3d70&chksm=87117cc8b066f5de0c1760ba5048934bc55a194aef2689e5a9a8c6c57dfc9c43f8d060375331&scene=58&subscene=0#rd", + "伊俄签订全面战略伙伴条约对我风险研判": "https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650559107&idx=2&sn=a7f4517c1d2dc7c3812ea3cd778b7ae2&chksm=87117cc8b066f5ded35fd6591e36d01e85717c318664ade912a6ceeeb91d6ea5f65538ff104d&scene=58&subscene=0#rd" + }, + "墨菲安全": { + "36氪广东首发 | 以供应链视角推动企业软件安全架构升级,「墨菲安全」获数千万pre-A轮融资": "https://mp.weixin.qq.com/s?__biz=MzkwOTM0MjI5NQ==&mid=2247488047&idx=1&sn=3176a6f993fd1c1d1fe0b03cbac70b6c&chksm=c13d7117f64af801d9153ac2691a2c0a56d0ca540e4ff90ee863c60b206f7e32a07d1f39cde4&scene=58&subscene=0#rd" + }, + "安全内参": { + "因遭勒索软件泄露超近250万人临床信息,这家生物公司赔偿5400万元": "https://mp.weixin.qq.com/s?__biz=MzI4NDY2MDMwMw==&mid=2247513542&idx=1&sn=7dc1d619a87db4ddb927b6fb3ff62ff1&chksm=ebfaf2e6dc8d7bf0a8026fb160bb90c03136633fffceb3237e66198cde12fc14049bcc05e6d0&scene=58&subscene=0#rd", + "美国务院首次实施“网络安全运营需求外国援助计划”": "https://mp.weixin.qq.com/s?__biz=MzI4NDY2MDMwMw==&mid=2247513542&idx=2&sn=a15c26b60bc01c84fa61304952a8e690&chksm=ebfaf2e6dc8d7bf059c60d0b270de70171b873273cffd4aada3f465a8e3dee5abd717cba2a3a&scene=58&subscene=0#rd" + }, + "嘶吼专业版": { + "2024中国网络安全产业势能榜优能企业「医疗行业」典型案例展示": "https://mp.weixin.qq.com/s?__biz=MzI0MDY1MDU4MQ==&mid=2247580903&idx=1&sn=44413743a587bf5c4d3afb17ea77ebfc&chksm=e9146cddde63e5cb900190a36756ef024ec4fd8b30f5a7eb06d8fc0c23649cb50159aa96c397&scene=58&subscene=0#rd", + "安全动态回顾|《信息技术 信息安全事件管理 第4部分:协同》正式发布 黑客利用Google搜索广告窃取Google Ads帐户": "https://mp.weixin.qq.com/s?__biz=MzI0MDY1MDU4MQ==&mid=2247580903&idx=2&sn=9dcd6ddb22e3ee16847f8c8d15241de9&chksm=e9146cddde63e5cb1d7218c1d4585a1f4f7c66c2e3960ea2056660e512ba78b3b4a8c082995b&scene=58&subscene=0#rd" + }, + "看雪学苑": { + "学习PE文件后的第一次实践项目之DLL反射型注入": "https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458588763&idx=1&sn=3f8a5ac4ea9d15820cc2cd6d5692963e&chksm=b18c26d186fbafc70f3e7c1673c15273d3202d1ec5d43301132c3a6e91aee46636b5ff4d87a8&scene=58&subscene=0#rd", + "开源工具 rsync 曝重大漏洞,黑客可越界写入缓冲区远程执行代码": "https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458588763&idx=2&sn=987fea6e7bc8cce2c77f2e2035072ac4&chksm=b18c26d186fbafc74e6a05aa86e92183c63d2d9a959a88738a9e938d04954b0f5f417afec628&scene=58&subscene=0#rd", + "今日更新:第4章2节-模糊测试工具基础使用": "https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458588763&idx=3&sn=094fc7e969bab88e07445fbca7b4b304&chksm=b18c26d186fbafc725a11592c164103b7ebcb3a2f8d879a28251fb5ca867598ddb4028856983&scene=58&subscene=0#rd" + }, + "LuxSci": { + "LuxSci Unveils New Secure Forms Features for Flexible Editing, Integrated Workflows, and Save Histories": "https://luxsci.com/blog/new-secure-forms-features.html" + }, + "威胁棱镜": { + "实战派第二期沙龙(办公终端安全)随笔": "https://mp.weixin.qq.com/s?__biz=MzkyMzE5ODExNQ==&mid=2247487604&idx=1&sn=03667e822fa1aeec7a80ec5277f40f32&chksm=c1e9e7b8f69e6eaef337bb4c0d8c67081221d5e96d5af824eed5bd160b4a99a8b28593dd3238&scene=58&subscene=0#rd" + }, + "Krypt3ia": { + "Threat Brief: Security Issues Surrounding TikTok and Its Potential for Espionage and Misinformation Campaigns": "https://krypt3ia.wordpress.com/2025/01/20/threat-brief-security-issues-surrounding-tiktok-and-its-potential-for-espionage-and-misinformation-campaigns/" + }, + "Over Security - Cybersecurity news aggregator": { + "Microsoft: Exchange 2016 and 2019 reach end of support in October": "https://www.bleepingcomputer.com/news/microsoft/microsoft-exchange-2016-and-2019-reach-end-of-support-in-october/", + "HPE investigates breach as hacker claims to steal source code": "https://www.bleepingcomputer.com/news/security/hewlett-packard-enterprise-investigates-new-breach-claims/", + "Ukraine restores state registers after suspected Russian cyberattack": "https://therecord.media/ukraine-restores-registers-after-cyberattack", + "Microsoft fixes Windows Server 2022 bug breaking device boot": "https://www.bleepingcomputer.com/news/microsoft/microsoft-fixes-windows-server-2022-bug-breaking-device-boot/", + "Philippines arrests Chinese national suspected of spying on critical infrastructure": "https://therecord.media/philippines-arrests-chinese-nationa-spying-critical-infrastructure", + "Fortinet Zero-Day CVE-2024-55591 Exposed: Super-Admin Access Risk": "https://cyble.com/blog/cve-2024-55591-the-fortinet-flaw-putting-critical-systems-at-risk/", + "Cyble Sensors Detect Attacks on Check Point, Ivanti and More": "https://cyble.com/blog/cyble-sensors-detect-attacks-on-check-point-ivanti-and-more/", + "SentinelOne estende Purple AI alle soluzioni di sicurezza di terze parti": "https://www.securityinfo.it/2025/01/20/sentinelone-estende-purple-ai-alle-soluzioni-di-sicurezza-di-terze-parti/", + "Malicious extensions circumvent Google’s remote code ban": "https://palant.info/2025/01/20/malicious-extensions-circumvent-googles-remote-code-ban/", + "Transition from IBM QRadar to Sekoia for a modern & rewarding experience": "https://blog.sekoia.io/transition-from-ibm-qradar-to-sekoia-for-a-modern-rewarding-experience/", + "Microsoft shares temp fix for Outlook crashing when writing emails": "https://www.bleepingcomputer.com/news/microsoft/microsoft-shares-temp-fix-for-outlook-crashing-when-writing-emails/", + "Ancora attacchi ad opera di Vidar: cadenza regolare e vecchie strategie sempre efficaci": "https://cert-agid.gov.it/news/ancora-attacchi-ad-opera-di-vidar-cadenza-regolare-e-vecchie-strategie-sempre-efficaci/", + "FOSDEM 2025": "https://www.certego.net/blog/fosdem-2025-certego-tra-gli-speaker-evento-dedicato-al-mondo-software-open-source/", + "Riflessione sulle Free WiFi": "https://roccosicilia.com/2025/01/20/riflessione-sulle-free-wifi/", + "CERT-AGID 11 – 17 gennaio: una campagna di phishing sul Ministero della Salute e di nuovo Lumma Stealer.": "https://www.securityinfo.it/2025/01/20/cert-agid-11-17-gennaio-una-campagna-di-phishing-sul-ministero-della-salute-e-di-nuovo-lumma-stealer/" + }, + "bellingcat": { + "The Rise of Nitazenes: Chinese Suppliers Behind Ads for Deadly Opioids Targeting Europe": "https://www.bellingcat.com/news/2025/01/20/chinese-link-to-nitazenes-targeting-europe/" + }, + "安全419": { + "重新定义云优先时代的第三方治理和身份": "https://mp.weixin.qq.com/s?__biz=MzUyMDQ4OTkyMg==&mid=2247546726&idx=1&sn=3814386756a35a94f19c0ee42150f30d&chksm=f9ebe9cbce9c60dd07f48ddfa60b488ee7b303a6a8f3f5d7b68cac50988ba9be7d8766abcc1e&scene=58&subscene=0#rd" + }, + "360数字安全": { + "滴!您有一封来自360安全大模型的年度报告待查收": "https://mp.weixin.qq.com/s?__biz=MzA4MTg0MDQ4Nw==&mid=2247579147&idx=1&sn=0643e297c264261888a85bdd3bd4b117&chksm=9f8d2603a8faaf158eecc4ba3bdcf21338f00b6215aa681a645907b23b47fe843a188c825547&scene=58&subscene=0#rd" + }, + "迪哥讲事": { + "从信息泄露到越权再到弱口令": "https://mp.weixin.qq.com/s?__biz=MzIzMTIzNTM0MA==&mid=2247496915&idx=1&sn=ab34ad81c6b8fa8f2d00b9513c025fa4&chksm=e8a5feb0dfd277a6690903a4e8d90d6f98dca468b4aedfd0ef1058382c9c1dd0f2e07a75de5e&scene=58&subscene=0#rd" + }, + "Securityinfo.it": { + "SentinelOne estende Purple AI alle soluzioni di sicurezza di terze parti": "https://www.securityinfo.it/2025/01/20/sentinelone-estende-purple-ai-alle-soluzioni-di-sicurezza-di-terze-parti/?utm_source=rss&utm_medium=rss&utm_campaign=sentinelone-estende-purple-ai-alle-soluzioni-di-sicurezza-di-terze-parti", + "CERT-AGID 11 – 17 gennaio: una campagna di phishing sul Ministero della Salute e di nuovo Lumma Stealer.": "https://www.securityinfo.it/2025/01/20/cert-agid-11-17-gennaio-una-campagna-di-phishing-sul-ministero-della-salute-e-di-nuovo-lumma-stealer/?utm_source=rss&utm_medium=rss&utm_campaign=cert-agid-11-17-gennaio-una-campagna-di-phishing-sul-ministero-della-salute-e-di-nuovo-lumma-stealer" + }, + "ICT Security Magazine": { + "Big Data: Gestione e Analisi dei Dati su Larga Scala": "https://www.ictsecuritymagazine.com/articoli/big-data-cosa-sono/" + }, + "娜璋AI安全之家": { + "[AI安全论文] (36)C&S22 MPSAutodetect:基于自编码器的恶意Powershell脚本检测模型": "https://mp.weixin.qq.com/s?__biz=Mzg5MTM5ODU2Mg==&mid=2247501253&idx=1&sn=7f467401adcf67cc67d7c2d3573e7c2e&chksm=cfcf7508f8b8fc1e5be31d7896f233c533e1591fe41a83de83293ee9930109814a8eadfc435b&scene=58&subscene=0#rd" + }, + "SANS Internet Storm Center, InfoCON: green": { + "Partial ZIP File Downloads, (Mon, Jan 20th)": "https://isc.sans.edu/diary/rss/31608", + "ISC Stormcast For Monday, January 20th, 2025 https://isc.sans.edu/podcastdetail/9286, (Mon, Jan 20th)": "https://isc.sans.edu/diary/rss/31604" + }, + "360威胁情报中心": { + "APT-C-26(Lazarus)组织持续升级攻击武器,利用Electron程序瞄准加密货币行业": "https://mp.weixin.qq.com/s?__biz=MzUyMjk4NzExMA==&mid=2247505519&idx=1&sn=594229f2c0123673d1fa9c6cf729858b&chksm=f9c1e566ceb66c701d875de8481fe02d89654d4b56cfc51088de6e421cb701437cdab52a0851&scene=58&subscene=0#rd" + }, + "FuzzWiki": { + "DeepGo: 预测定向灰盒模糊测试": "https://mp.weixin.qq.com/s?__biz=MzU1NTEzODc3MQ==&mid=2247486916&idx=1&sn=6c5e8170932409049927f3b79468ae99&chksm=fbd9a678ccae2f6e581227dcdcc23e37f5f45c8fddefd134ce6a27c2a5563c29dc7126637abb&scene=58&subscene=0#rd" + }, + "白泽安全实验室": { + "因WordPress新漏洞,全球数百万网站面临被攻击风险": "https://mp.weixin.qq.com/s?__biz=MzI0MTE4ODY3Nw==&mid=2247492526&idx=1&sn=247ea35cbbd8abee04db13ecd2a84025&chksm=e90dc984de7a4092b4afde879c894da6d97959d30ded3154090dba8f222c4e460b1ee2a8519b&scene=58&subscene=0#rd" + }, + "The Hacker News": { + "Unsecured Tunneling Protocols Expose 4.2 Million Hosts, Including VPNs and Routers": "https://thehackernews.com/2025/01/unsecured-tunneling-protocols-expose-42.html", + "DoNot Team Linked to New Tanzeem Android Malware Targeting Intelligence Collection": "https://thehackernews.com/2025/01/donot-team-linked-to-new-tanzeem.html", + "⚡ THN Weekly Recap: Top Cybersecurity Threats, Tools and Tips [20 January]": "https://thehackernews.com/2025/01/thn-weekly-recap-top-cybersecurity_20.html", + "Product Walkthrough: How Satori Secures Sensitive Data From Production to AI": "https://thehackernews.com/2025/01/product-walkthrough-how-satori.html", + "Hackers Deploy Malicious npm Packages to Steal Solana Wallet Keys via Gmail SMTP": "https://thehackernews.com/2025/01/hackers-deploy-malicious-npm-packages.html" + }, + "0x727开源安全团队": { + "什么是ChkApi?(专为金融行业开源的API安全检测工具)": "https://mp.weixin.qq.com/s?__biz=MzkwNTI3MjIyOQ==&mid=2247484132&idx=1&sn=721763ec693c93569325551122bb5e05&chksm=c0fb0c2ef78c85380ed2cb3e14dff253bd82118f740b9ff0c38dd08d365238d19bd7579adb3d&scene=58&subscene=0#rd" + }, + "TorrentFreak": { + "Authors Seek Meta’s Torrent Client Logs and Seeding Data in AI Piracy Probe": "https://torrentfreak.com/authors-seek-metas-torrent-client-logs-and-seeding-data-in-ai-piracy-probe-250120/", + "Man Jailed For Pirate IPTV Used By “Hundreds of Thousands” Had 2,000 Users": "https://torrentfreak.com/man-jailed-for-pirate-iptv-used-by-100s-of-thousands-had-2000-subscribers-250120/" + }, + "The Register - Security": { + "Hackers game out infowar against China with the US Navy": "https://go.theregister.com/feed/www.theregister.com/2025/01/20/china_taiwan_wargames/", + "How to leave the submarine cable cutters all at sea – go Swedish": "https://go.theregister.com/feed/www.theregister.com/2025/01/20/opinion_column_submarine_cables/", + "Ransomware attack forces Brit high school to shut doors": "https://go.theregister.com/feed/www.theregister.com/2025/01/20/blacon_high_school_ransomware/", + "Sage Copilot grounded briefly to fix AI misbehavior": "https://go.theregister.com/feed/www.theregister.com/2025/01/20/sage_copilot_data_issue/", + "Datacus extractus: Harry Potter publisher breached without resorting to magic": "https://go.theregister.com/feed/www.theregister.com/2025/01/20/harry_potter_publisher_breach/", + "When food delivery apps reached Indonesia, everyone put on weight": "https://go.theregister.com/feed/www.theregister.com/2025/01/20/asia_tech_news_roundup/", + "Donald Trump proposes US government acquire half of TikTok, which thanks him and restores service": "https://go.theregister.com/feed/www.theregister.com/2025/01/20/trump_tiktok_nationalization_idea/" + }, + "Security Breached Blog": { + "Purple Teaming: What Not to Do in OT & IoT Testing to Avoid Halting the Factory or Sinking the Oil Rig": "https://blog.securitybreached.org/2025/01/20/purple-teaming-what-not-to-do-in-ot-iot-testing-to-avoid-halting-the-factory-or-sinking-the-oil-rig/" + }, + "Security Affairs": { + "HPE is investigating IntelBroker’s claims of the company hack": "https://securityaffairs.com/173265/data-breach/hpe-is-investigating-intelbrokers-claims-of-hack.html", + "Esperts found new DoNot Team APT group’s Android malware": "https://securityaffairs.com/173257/apt/donot-team-android-malware.html", + "Malicious npm and PyPI target Solana Private keys to steal funds from victims’ wallets": "https://securityaffairs.com/173249/cyber-crime/malicious-npm-and-pypi-target-solana-private-keys.html", + "Planet WGS-804HPT Industrial Switch flaws could be chained to achieve remote code execution": "https://securityaffairs.com/173237/security/wgs-804hpt-flaws.html" + }, + "Hacking Exposed Computer Forensics Blog": { + "Daily Blog #723: Sunday Funday 1/19/25": "https://www.hecfblog.com/2025/01/daily-blog-723-sunday-funday-11925.html" + }, + "Deeplinks": { + "VPNs Are Not a Solution to Age Verification Laws": "https://www.eff.org/deeplinks/2025/01/vpns-are-not-solution-age-verification-laws" + }, + "白帽子章华鹏": { + "直播倒计时1天:AI生成代码会带来更广泛的软件供应链攻击吗?": "https://mp.weixin.qq.com/s?__biz=MzIyOTAxOTYwMw==&mid=2650236946&idx=1&sn=2b4b09bfcc905f6ec14b7d509e1a6ed6&chksm=f04ad2aec73d5bb8e4f014c49705f57df429dafdee65fdf854748b00721ba0d3dbf029444309&scene=58&subscene=0#rd" + }, + "Your Open Hacker Community": { + "How do hackers divert ships? (read description)": "https://www.reddit.com/r/HowToHack/comments/1i5nrch/how_do_hackers_divert_ships_read_description/", + "Looking for simple step pointers using hashcat on windows.": "https://www.reddit.com/r/HowToHack/comments/1i5xd58/looking_for_simple_step_pointers_using_hashcat_on/", + "How Many Rooms Should I Solve Per Day? Or Should I Focus More on Theory?": "https://www.reddit.com/r/HowToHack/comments/1i5nlnp/how_many_rooms_should_i_solve_per_day_or_should_i/", + "Kali home server": "https://www.reddit.com/r/HowToHack/comments/1i5whrp/kali_home_server/", + "My awus036h cannot scan any wireless": "https://www.reddit.com/r/HowToHack/comments/1i5p3nw/my_awus036h_cannot_scan_any_wireless/", + "Running Telegram messages, as Terminal commands, by Esp32 USB": "https://www.reddit.com/r/HowToHack/comments/1i5hibl/running_telegram_messages_as_terminal_commands_by/", + "How to start hacking?": "https://www.reddit.com/r/HowToHack/comments/1i62424/how_to_start_hacking/", + "Need Advice on combining Learning Hacking While Doing a CS Degree": "https://www.reddit.com/r/HowToHack/comments/1i5pop9/need_advice_on_combining_learning_hacking_while/", + "Why do you need wifi adapters": "https://www.reddit.com/r/HowToHack/comments/1i5z8fs/why_do_you_need_wifi_adapters/", + "Hey guys, How can I get Free Internet using HTTP Custom?": "https://www.reddit.com/r/HowToHack/comments/1i612x8/hey_guys_how_can_i_get_free_internet_using_http/", + "CURIOUSITY IS KILLING ME!": "https://www.reddit.com/r/HowToHack/comments/1i60un0/curiousity_is_killing_me/", + "Assist ?": "https://www.reddit.com/r/HowToHack/comments/1i5viek/assist/", + "Whats a good remote acces tool?": "https://www.reddit.com/r/HowToHack/comments/1i5q7s8/whats_a_good_remote_acces_tool/", + "Chess.com config": "https://www.reddit.com/r/HowToHack/comments/1i5nvub/chesscom_config/" + }, + "Technical Information Security Content & Discussion": { + "Malware Analysis of Fake Banking Reward APK Targeting WhatsApp Users": "https://www.reddit.com/r/netsec/comments/1i5su0v/malware_analysis_of_fake_banking_reward_apk/", + "The cost of false positives - how we became a target": "https://www.reddit.com/r/netsec/comments/1i5tioq/the_cost_of_false_positives_how_we_became_a_target/", + "v0.1.0 released - Analyze IoC with OpenCTI, Threat fox and more #FOSS": "https://www.reddit.com/r/netsec/comments/1i5wimk/v010_released_analyze_ioc_with_opencti_threat_fox/", + "Tear Down The Castle - Part 1 | dfir.ch": "https://www.reddit.com/r/netsec/comments/1i5p97a/tear_down_the_castle_part_1_dfirch/" + }, + "Schneier on Security": { + "Biden Signs New Cybersecurity Order": "https://www.schneier.com/blog/archives/2025/01/biden-signs-new-cybersecurity-order.html" + }, + "Computer Forensics": { + "Release v0.1.0 - Give context to IoC with ease - OpenCTI, Threatfox and more": "https://www.reddit.com/r/computerforensics/comments/1i5ugv1/release_v010_give_context_to_ioc_with_ease/", + "How is data acquisition performed for small IoT devices or sensors? What is performed static or live acquisition usually?": "https://www.reddit.com/r/computerforensics/comments/1i636q6/how_is_data_acquisition_performed_for_small_iot/", + "Requesting Assistance - iPhone Photo Data": "https://www.reddit.com/r/computerforensics/comments/1i5qyd3/requesting_assistance_iphone_photo_data/", + "Career pathway advice": "https://www.reddit.com/r/computerforensics/comments/1i5k2ht/career_pathway_advice/" + }, + "Social Engineering": { + "Festival beer run": "https://www.reddit.com/r/SocialEngineering/comments/1i5q01m/festival_beer_run/" + }, + "Security Weekly Podcast Network (Audio)": { + "The Next Era of Data Security: AI, Cloud, & Compliance - Jeff Smith, Dimitri Sirota, Kiran Chinnagangannagari - ESW #390": "http://sites.libsyn.com/18678/the-next-era-of-data-security-ai-cloud-compliance-jeff-smith-dimitri-sirota-kiran-chinnagangannagari-esw-390" + } +} \ No newline at end of file diff --git a/today.md b/today.md index 56a6c5e6db..413564fc0a 100644 --- a/today.md +++ b/today.md @@ -1,275 +1,445 @@ -# 每日安全资讯(2025-01-20) +# 每日安全资讯(2025-01-21) -- Private Feed for M09Ic - - [ ] [mgeeky starred orcasecurity-research/AIGoat](https://github.com/orcasecurity-research/AIGoat) - - [ ] [mgeeky starred ThomasRinsma/pdftris](https://github.com/ThomasRinsma/pdftris) - - [ ] [mgeeky starred osnr/horrifying-pdf-experiments](https://github.com/osnr/horrifying-pdf-experiments) - - [ ] [mgeeky starred ading2210/doompdf](https://github.com/ading2210/doompdf) - - [ ] [lz520520 starred xzh-dx/ZZZ-Balance_Calc](https://github.com/xzh-dx/ZZZ-Balance_Calc) - - [ ] [WafflesExploits started following M09Ic](https://github.com/M09Ic) - - [ ] [zer0yu starred sigoden/aichat](https://github.com/sigoden/aichat) - - [ ] [zer0yu started following leesh3288](https://github.com/leesh3288) - - [ ] [CHYbeta started following leesh3288](https://github.com/leesh3288) - - [ ] [INotGreen starred burpheart/hachimi](https://github.com/burpheart/hachimi) - - [ ] [safedv starred SpecterOps/Nemesis](https://github.com/SpecterOps/Nemesis) -- SecWiki News - - [ ] [SecWiki News 2025-01-19 Review](http://www.sec-wiki.com/?2025-01-19) - Security Boulevard - - [ ] [DEF CON 32 – Exposing The Occultations In Large Off-Grid Solar Systems](https://securityboulevard.com/2025/01/def-con-32-exposing-the-occultations-in-large-off-grid-solar-systems/) - - [ ] [Legends of Music: Celebrating the Greatest Artists Across Generations Compilation](https://securityboulevard.com/2025/01/legends-of-music-celebrating-the-greatest-artists-across-generations-compilation/) - - [ ] [Confident Cybersecurity: Essentials for Every Business](https://securityboulevard.com/2025/01/confident-cybersecurity-essentials-for-every-business/) - - [ ] [Proactively Managing Cloud Identities to Prevent Breaches](https://securityboulevard.com/2025/01/proactively-managing-cloud-identities-to-prevent-breaches/) - - [ ] [How Secure Is Your PAM Strategy?](https://securityboulevard.com/2025/01/how-secure-is-your-pam-strategy/) + - [ ] [U.S. Treasury Sanctions Chinese Individual, Company for Data Breaches](https://securityboulevard.com/2025/01/treasury-sanctions-chinese-individual-company-for-data-breaches/) + - [ ] [The AI Revolution No One Saw Coming Until It Was Too Late](https://securityboulevard.com/2025/01/the-ai-revolution-no-one-saw-coming-until-it-was-too-late/) + - [ ] [Mobile Cybersecurity Trends for 2025: Key Predictions and Preparations](https://securityboulevard.com/2025/01/mobile-cybersecurity-trends-for-2025-key-predictions-and-preparations/) + - [ ] [Executive Order 14144 on Cybersecurity: Building on 2021’s Foundation with Advanced NHI Security](https://securityboulevard.com/2025/01/executive-order-14144-on-cybersecurity-building-on-2021s-foundation-with-advanced-nhi-security/) + - [ ] [Bluesky AT Protocol: Building a Decentralized TikTok](https://securityboulevard.com/2025/01/bluesky-at-protocol-building-a-decentralized-tiktok/) + - [ ] [Privacy Roundup: Week 3 of Year 2025](https://securityboulevard.com/2025/01/privacy-roundup-week-3-of-year-2025/) + - [ ] [Biden Signs New Cybersecurity Order](https://securityboulevard.com/2025/01/biden-signs-new-cybersecurity-order/) + - [ ] [The 2025 Themes on Data GPS](https://securityboulevard.com/2025/01/the-2025-themes-on-data-gps/) + - [ ] [From Dark Web to Jackpot: How Cybercriminals Exploit Stolen Credentials in iGaming](https://securityboulevard.com/2025/01/from-dark-web-to-jackpot-how-cybercriminals-exploit-stolen-credentials-in-igaming/) + - [ ] [Information Security Manual (ISM)](https://securityboulevard.com/2025/01/information-security-manual-ism/) - Doonsec's feed - - [ ] [关键基础设施的安全考虑](https://mp.weixin.qq.com/s?__biz=MzA5MTYyMDQ0OQ==&mid=2247493529&idx=1&sn=4c1cf032bc2b046882889572dc04b067) - - [ ] [tiktok周一大概能重新使用了,特朗普打算签署行政令延长执行tiktok封禁时间](https://mp.weixin.qq.com/s?__biz=MzkzNDIzNDUxOQ==&mid=2247494412&idx=1&sn=253cee4f3c8a0420dcbc3ec02bee9042) - - [ ] [【突发】TikTok活了!周一在美国重新上线!](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485441&idx=1&sn=f2bc12348ab97d3c67b9cf98543807b0) - - [ ] [北七家-未来科学城,3居变4居豪装,理想楼层/户型/朝向](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485441&idx=2&sn=c3a974c73650dc694ab6fcab9c2b19df) - - [ ] [【干货】笑傲职场的独家经验(1)](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485441&idx=3&sn=171db4e77140738cf00fca3ad26dd309) - - [ ] [【干货原创】实网攻防演习常态化,会带来什么变化01](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485441&idx=4&sn=bfc50e69d91c6225e84b24ca06f3db88) - - [ ] [【干货原创】K12教育,鲜为人知的模式秘密](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485441&idx=5&sn=9533a0184971fd9587be72fd4d1d2f43) - - [ ] [原创文章目录](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485441&idx=6&sn=ae2a503c48e99a60e33e130995467a69) - - [ ] [C++ 运算符](https://mp.weixin.qq.com/s?__biz=MzA3NDE0NTY0OQ==&mid=2247484051&idx=1&sn=caca830ad2ccfa12f9438d6dba5b3d00) - - [ ] [每日专业英语4-Clip Art](https://mp.weixin.qq.com/s?__biz=MzA3NDE0NTY0OQ==&mid=2247484051&idx=2&sn=b38e18403f99796e4ac4ad0df813d3c7) - - [ ] [“你的第二大脑:Obsidian让思维飞跃的秘诀”](https://mp.weixin.qq.com/s?__biz=Mzk2NDE5MDgxOQ==&mid=2247484539&idx=1&sn=2422bfc70b1879482a8b50bb52e9ecac) - - [ ] [原创—结合第四维度牛顿物理学谈少吃肉吃肉遭报应,少骂人欺负人害人,迟早遭报应](https://mp.weixin.qq.com/s?__biz=Mzg4NzAwNzA4NA==&mid=2247485078&idx=1&sn=b22b1c50c99887e060c6324d1aaf1e84) - - [ ] [应急响应神器!全面提升Windows系统安全的秘密武器](https://mp.weixin.qq.com/s?__biz=MzU2MTc4NTEyNw==&mid=2247486354&idx=1&sn=7a32c45a376457f19c95a166517157cd) - - [ ] [资料共享 |《银行保险机构数据安全实践指南(2024)》附下载链接](https://mp.weixin.qq.com/s?__biz=MzkzMDY2MDA2Ng==&mid=2247485865&idx=1&sn=849f1ffdbbf4aa62260d54b499344e78) - - [ ] [梦里挖edu src的步骤](https://mp.weixin.qq.com/s?__biz=Mzk0NTg3ODYxNg==&mid=2247485081&idx=1&sn=118dc9ec93b8776d4fd28b1acbb90a5a) - - [ ] [一家安全企业,到底需要多少人?](https://mp.weixin.qq.com/s?__biz=MzAxOTk3NTg5OQ==&mid=2247492199&idx=1&sn=f23ba361ea986537312e24f3de2d9f8a) - - [ ] [推荐一款轻量级且实用的Elasticsearch GUI管理工具elasticvue](https://mp.weixin.qq.com/s?__biz=MzU2MjU1OTE0MA==&mid=2247499652&idx=1&sn=f3d17ffd8145ef57500e071f588dfbc3) - - [ ] [安全圈最被低估的10个神器:一个比一个强大,大佬都在偷偷用!](https://mp.weixin.qq.com/s?__biz=MzI5MjY4MTMyMQ==&mid=2247489723&idx=1&sn=deabf0c25cb271145e18f3909c9cf6c1) - - [ ] [春秋杯WP | 2024春秋杯冬季赛第三天题目部分解析](https://mp.weixin.qq.com/s?__biz=MzkyNDA5NjgyMg==&mid=2247501315&idx=1&sn=d85a30ae678cadbcaa0d69068c18dc6d) - - [ ] [【相关分享】2024春秋杯冬季赛三日Writeup汇总(部分)](https://mp.weixin.qq.com/s?__biz=Mzk0OTUwNTU5Nw==&mid=2247488648&idx=1&sn=dfbb1c72ee4b04ed418652dae9c995d6) - - [ ] [2025 西湖论剑 Writeup](https://mp.weixin.qq.com/s?__biz=Mzg2OTcyODc1OA==&mid=2247488609&idx=1&sn=aa926bf3d6d405d7066fbe28778c457f) - - [ ] [oscp之Kioptrix Level 1靶场](https://mp.weixin.qq.com/s?__biz=Mzk1NzIyODczMA==&mid=2247483766&idx=1&sn=f0beaee5a096f4fb94efc0c4b7b2c7ac) - - [ ] [oscp之Kioptrix Level 2靶场](https://mp.weixin.qq.com/s?__biz=Mzk1NzIyODczMA==&mid=2247483764&idx=1&sn=af510dde395b41a55371c38779e56003) - - [ ] [oscp之Kioptrix Level 3靶场](https://mp.weixin.qq.com/s?__biz=Mzk1NzIyODczMA==&mid=2247483763&idx=1&sn=6ed48b5384dfeb14a4ae2a424ecaa3e9) - - [ ] [新年红包封面派送第一波—6000发,先到先得~](https://mp.weixin.qq.com/s?__biz=Mzg4MTU4NTc2Nw==&mid=2247495119&idx=1&sn=a142f6c2c5b78db448c8e81bdf6959d2) - - [ ] [Spring Boot SpEL表达式注入](https://mp.weixin.qq.com/s?__biz=Mzg4MTU4NTc2Nw==&mid=2247495119&idx=2&sn=37204cbd2cf1d2f0cb8f26b27cbe8757) - - [ ] [x64 调用栈欺骗](https://mp.weixin.qq.com/s?__biz=MzAxODM5ODQzNQ==&mid=2247486407&idx=1&sn=1609112b647f5e4c95d0e5958a985c8c) - - [ ] [俄罗斯关联APT组织UAC-0063利用HATVIBE恶意软件对哈萨克斯坦发起“双击”间谍行动](https://mp.weixin.qq.com/s?__biz=Mzg3OTYxODQxNg==&mid=2247485624&idx=1&sn=63ef0a4493ed5749992be4e4b7e5ffef) - - [ ] [深度调查:图像情报核验缅甸某区域遭轰炸事件](https://mp.weixin.qq.com/s?__biz=Mzg3MDczNjcyNA==&mid=2247488900&idx=1&sn=cec8f81ae56b0b667a205ad766923cd9) - - [ ] [2024 Kali Linux黑客系统定制化魔改](https://mp.weixin.qq.com/s?__biz=MzkzMzg3MzMyOA==&mid=2247486370&idx=1&sn=b8d4e339cb57e68785ffd6573bf86755) - - [ ] [内推|合肥急招驻场渗透测试工程师,要求年前交接,年后正式进场,速投!](https://mp.weixin.qq.com/s?__biz=Mzg5MDA5NzUzNA==&mid=2247489269&idx=1&sn=92888448b0baaf4112e0033ad9d0cd2b) - - [ ] [西湖论剑 2025 Writeup](https://mp.weixin.qq.com/s?__biz=MzU3ODc2NTg1OA==&mid=2247491623&idx=1&sn=6c35eb67c2add8c4817f04ce45bc1faf) - - [ ] [星悦安全公开交流2群已建立,速加!](https://mp.weixin.qq.com/s?__biz=Mzg4MTkwMTI5Mw==&mid=2247488647&idx=1&sn=0b0eea18675e615be66f07438d6d30fa) - - [ ] [$40,000的RCE!](https://mp.weixin.qq.com/s?__biz=MzIzMTIzNTM0MA==&mid=2247496907&idx=1&sn=bf65d0102436150a0dc5482d51b5c998) - - [ ] [加密货币交易所之OKX](https://mp.weixin.qq.com/s?__biz=MzkyNzYzNTQ2Nw==&mid=2247484081&idx=1&sn=f9961b67353a7f332dfef8dd36d8990a) - - [ ] [【资料】拟任美国中央情报局局长的拉特克利夫及其家人](https://mp.weixin.qq.com/s?__biz=MzI2MTE0NTE3Mw==&mid=2651148624&idx=1&sn=576c40259107f8aabc30212443488fee) - - [ ] [2024年度总结 | 网络安全社团的蜕变与前行](https://mp.weixin.qq.com/s?__biz=MzU3MDU5NTA1MQ==&mid=2247499687&idx=1&sn=a30f484f51a78c72dcc13934cab0416e) - - [ ] [工具推荐 Windows应急响应的得力助手-Hawkeye](https://mp.weixin.qq.com/s?__biz=Mzg3OTUxNTU2NQ==&mid=2247490004&idx=1&sn=c71efdc86fe2c3d43d7909ea025b9a49) - - [ ] [SSRF](https://mp.weixin.qq.com/s?__biz=Mzg3OTUxNTU2NQ==&mid=2247490002&idx=1&sn=e641f844e1d2db88d1e130d70cf87c97) - - [ ] [一次通用cnvd案例分享](https://mp.weixin.qq.com/s?__biz=Mzg3OTUxNTU2NQ==&mid=2247490002&idx=2&sn=d5528443216703026dbb5befe50a87c2) - - [ ] [【麦当劳|金拱门双人桶【祝你今年金拱门】【可配送】|多店可用】](https://mp.weixin.qq.com/s?__biz=Mzg3OTUxNTU2NQ==&mid=2247490002&idx=3&sn=06d37b661e8a81b5a804820a09d902eb) - - [ ] [记一次CNNVD通用漏洞证书挖掘](https://mp.weixin.qq.com/s?__biz=MzkyMDY1MDI3OA==&mid=2247483794&idx=1&sn=31e5bf60bafe8e52c06509a0827328b2) - - [ ] [公众号交流三群建立了!快来扫码加入](https://mp.weixin.qq.com/s?__biz=MzkwODI1ODgzOA==&mid=2247506590&idx=1&sn=1ea25d3d719803180b9a2b6d047b799d) - - [ ] [渗透攻防武器库,最后一波了!hacker](https://mp.weixin.qq.com/s?__biz=Mzk0ODM0NDIxNQ==&mid=2247493317&idx=1&sn=f2cdb4363ec6b28c0ca9811ec6899711) - - [ ] [【靶场合集】CTF-2024春秋杯冬季赛:easy_code](https://mp.weixin.qq.com/s?__biz=Mzk0ODM0NDExMg==&mid=2247484553&idx=1&sn=71339b1dc0ce698595ada4e5c686c983) - - [ ] [驾驶舱域控制器虚拟化平台的运行时安全](https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247619796&idx=1&sn=2b4afa38d99946f5b8aa6907c5c8d58e) - - [ ] [GB_T 44778-2024 汽车诊断接口信息安全技术要求及试验方法](https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247619796&idx=2&sn=00be9fb4e3587ff3c7ef45f098acad21) - - [ ] [功能安全和信息安全的挑战:设计功能安全与信息安全之间的流程接口](https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247619796&idx=3&sn=e571a326437e3343d9e100a2d854a8cb) - - [ ] [保姆级教学之sqli-labs(less54-65)](https://mp.weixin.qq.com/s?__biz=Mzk1NzQwNjQ4Ng==&mid=2247484551&idx=1&sn=94fd6238c052ac5fbfcd501a9b205100) - - [ ] [2024年公众号赞赏计划说明](https://mp.weixin.qq.com/s?__biz=MzU1NDkwMzAyMg==&mid=2247502667&idx=1&sn=9e980805fcf6f1fa7a39ce857c57159a) - - [ ] [红包封面](https://mp.weixin.qq.com/s?__biz=MzI3NzI4OTkyNw==&mid=2247489545&idx=1&sn=61afc62a4e4f2bc26d23c139406b90d4) - - [ ] [域渗透系列 - 通过 DNS 进行Kerberos Relay](https://mp.weixin.qq.com/s?__biz=MzkyNzQzNzc3OQ==&mid=2247484366&idx=1&sn=319ac331499931353829a877e7b50aa8) - - [ ] [国家互联网应急中心通报两起美方对我国网络攻击事件](https://mp.weixin.qq.com/s?__biz=MzAxMjE3ODU3MQ==&mid=2650606800&idx=2&sn=f168ef1b7124f595f365e6c984b29b5a) - - [ ] [盲盒=赌具?你以为的“盲盒游戏”实际上是一场网络赌博!](https://mp.weixin.qq.com/s?__biz=MzI0NzE4ODk1Mw==&mid=2652094640&idx=2&sn=fe86741e8142c1c02ff5237d0cfbdb01) - - [ ] [强的飞起!推荐一款国产源码交付,IoT农业灌溉/大田监控项目接单神器,轻松搭建智慧农业物联网平台](https://mp.weixin.qq.com/s?__biz=MjM5OTA4MzA0MA==&mid=2454936646&idx=1&sn=f82de9b38d8d99b32477ffb454c02677) - - [ ] [【安全圈】可能对企业产生严重影响:字节跳动飞书海外版Lark也将在美国市场停止运营](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067480&idx=1&sn=c2d0bb267baf11570d6e3253fa3ff4fe) - - [ ] [【安全圈】微软已经修复Microsoft 365在Windows Server 2016/2019上崩溃的问题](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067480&idx=2&sn=e94b5cb3a624cdca3e6452bf7c79d7a8) - - [ ] [【安全圈】FTC 要求通用汽车停止收集和销售驾驶员数据](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067480&idx=3&sn=220a3c1eb7166bba53400942dfa9cab1) - - [ ] [【安全圈】CL-UNK-0979 利用 Ivanti Connect Secure 中的零日漏洞获取网络访问权限](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067480&idx=4&sn=8dc7094933166fceeb2e467f38e23545) - - [ ] [抽奖啦!](https://mp.weixin.qq.com/s?__biz=MzkwMDQ4MDU2MA==&mid=2247484428&idx=1&sn=4597cfcde4c09ed5ac897164ad30f5e7) - - [ ] [【CobaltStrike】CS4.9.1 特战版 | 自破解+二开+BUG修复+配置优化](https://mp.weixin.qq.com/s?__biz=Mzg5NzUyNTI1Nw==&mid=2247496347&idx=1&sn=80922d559ccaec11588d8ba216b8a118) - - [ ] [AutoSar——28通讯控制](https://mp.weixin.qq.com/s?__biz=MzIzOTc2OTAxMg==&mid=2247549131&idx=1&sn=47986fbf719434864b857903c3f75893) - - [ ] [车载以太网与CAN通信之间的区别](https://mp.weixin.qq.com/s?__biz=MzIzOTc2OTAxMg==&mid=2247549131&idx=2&sn=529ff1a8d6e0e5c362e89a69dfc580b8) - - [ ] [大路:高速中国里的工地纪事](https://mp.weixin.qq.com/s?__biz=MzUzMjQyMDE3Ng==&mid=2247487918&idx=1&sn=62fa743b6f7cd093a352b0917f89a0e8) - - [ ] [知识星球xa0|xa02024网安报告大合集发布;API安全影响、网安战略技术等资源更新](https://mp.weixin.qq.com/s?__biz=MzU5ODgzNTExOQ==&mid=2247634752&idx=1&sn=47de4a43e1fc9566de098c763aa7fd6e) - - [ ] [以太网三大链路类型对比:如何选择Access、Trunk或Hybrid?](https://mp.weixin.qq.com/s?__biz=MzIyMzIwNzAxMQ==&mid=2649464561&idx=1&sn=c2bc71bfe1f649400cf47ed28a2989f6) - - [ ] [揭秘俄罗斯人力情报的全新布局](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650559015&idx=1&sn=37962d35fd4ae69a3f4a81abdff654e7) - - [ ] [渗透测试信息收集指南](https://mp.weixin.qq.com/s?__biz=Mzk0Mjg4MTQxMw==&mid=2247485699&idx=1&sn=4fd6df9190ce90e533d1295d9cf63761) - - [ ] [网络工程师:如何在职场中越老越吃香?掌握这几点,你也能越老越牛!](https://mp.weixin.qq.com/s?__biz=MzUyNTExOTY1Nw==&mid=2247527921&idx=1&sn=63a793fb3dda03d616d12f4df6d2bcfc) - - [ ] [终究是比不过天赋型选手](https://mp.weixin.qq.com/s?__biz=MzIxMTg1ODAwNw==&mid=2247500453&idx=1&sn=1626f0950b23540cba8a39155a446362) - - [ ] [ChatGPT快速审定保险学论文的内部高阶攻略:让论文问题无处藏身!](https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247493244&idx=1&sn=639ee3363c8eaf632543afb9f20f9893) - - [ ] [ChatGPT快速审核比较教育学论文的内部命令指南,1分钟洞察论文问题!](https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247493244&idx=2&sn=643c579b7d7b8267c6a1b523c90ba225) - - [ ] [ChatGPT快速审核法律事务论文的内部秘笈,实用干货全公开!](https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247493244&idx=3&sn=586b5a51d429f8aec48fa0c985f1134c) - - [ ] [ChatGPT快速审核社会法学论文全流程攻略,8分钟找准论文硬伤!](https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247493244&idx=4&sn=81fc0ad275d42828e13ab4954d535d22) - - [ ] [ChatGPT临床检验诊断学论文高效生成:教你快速搞定论文初稿。](https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247493244&idx=5&sn=9be789a4e71f76910c9c45fa8a96a7c6) - - [ ] [微信红包封面免费领取~](https://mp.weixin.qq.com/s?__biz=Mzg3NzkwMTYyOQ==&mid=2247488278&idx=1&sn=dbbadf5a98a72572f4deedfa9ecd5190) - - [ ] [直播倒计时2天:在企业做安全和对外做安全产品有什么差异?](https://mp.weixin.qq.com/s?__biz=MzIyOTAxOTYwMw==&mid=2650236931&idx=1&sn=5b12e1b5c57ec2f8e03facbaa312a866) - - [ ] [干货|常见端口渗透总结](https://mp.weixin.qq.com/s?__biz=MzkxMzMyNzMyMA==&mid=2247569839&idx=1&sn=c5b75f38a7dd5da15b4c7381bde02227) - - [ ] [【珍藏版】渗透测试手册,简直太赞了!](https://mp.weixin.qq.com/s?__biz=MzkxMzMyNzMyMA==&mid=2247569839&idx=2&sn=9749b0b4b3339dac6ee664fbb267dc90) - - [ ] [盘点万亿市值的Palantir在2024年拿下的至少87亿的美军合同都是啥](https://mp.weixin.qq.com/s?__biz=MzI1OTExNDY1NQ==&mid=2651618708&idx=1&sn=8ac9059513377c114628bba994559513) - - [ ] [独家揭秘!美国对华网络攻击已超出传统范围](https://mp.weixin.qq.com/s?__biz=MzkwMTMyMDQ3Mw==&mid=2247597515&idx=2&sn=b9d050cc626f12c62ae6d30eec33fe89) - - [ ] [这家银行因数据管理不到位等而被罚](https://mp.weixin.qq.com/s?__biz=MzIxMDIwODM2MA==&mid=2653931452&idx=1&sn=30dbf45bf12270ee3cd789f4a0e1f7a2) - - [ ] [TikTok在美国停止服务的影响及市场变化分析](https://mp.weixin.qq.com/s?__biz=Mzg4NDY4Mzk3Mw==&mid=2247485502&idx=1&sn=2261338e55f0d49fcd9474dfc082ca85) - - [ ] [公众号交流二群建立了!快来扫码加入](https://mp.weixin.qq.com/s?__biz=MzkwODI1ODgzOA==&mid=2247506582&idx=2&sn=f2c8ea570afdb6c8f7f986373645798b) - - [ ] [KONE-通力电梯管理系统-app_show_log_lines.php-任意文件读取漏洞](https://mp.weixin.qq.com/s?__biz=MzkyOTg3ODc5OA==&mid=2247484259&idx=1&sn=888da6c5443cb2f2ae0c03c3c922dd17) - - [ ] [【工具推荐】一款渗透测试信息收集集成工具--密探 v1.19 版](https://mp.weixin.qq.com/s?__biz=MzkzMDg1MzIwNA==&mid=2247486619&idx=1&sn=a495cb820bd0b97ffd0e75d04cfb8d5a) - - [ ] [【实战案例】记一次通过供应链测试系统拿下靶标的经过](https://mp.weixin.qq.com/s?__biz=MzkyNDYwNTcyNA==&mid=2247487390&idx=1&sn=4615335088b00024e9434956e4255034) - - [ ] [【工具分享】Swagger API Exploit 1.2 - 信息泄露利用工具](https://mp.weixin.qq.com/s?__biz=Mzg4MTkwMTI5Mw==&mid=2247488641&idx=1&sn=af12c4534abac0d07a82bbdb894ba5a7) - - [ ] [吃瓜,培训一哥起诉某公众号索赔50W](https://mp.weixin.qq.com/s?__biz=Mzk0MzY3MDE5Mg==&mid=2247483950&idx=1&sn=ed1b379191fd847a0dbd6880684af211) - - [ ] [救命!!!我真的学会了RMI远程方法调用](https://mp.weixin.qq.com/s?__biz=MzkzNzU5MDMxOA==&mid=2247484226&idx=1&sn=461786564bedfa8b4bcf3ac4724f564c) - - [ ] [HuntBack让黑客无处遁形](https://mp.weixin.qq.com/s?__biz=MzkxMTUwOTY1MA==&mid=2247490031&idx=1&sn=a1f7ad20f610a113f1046bfeee312d78) - - [ ] [K8S集群与应用系统之间关系梳理](https://mp.weixin.qq.com/s?__biz=Mzg3NTUzOTg3NA==&mid=2247515062&idx=1&sn=075664f6f645944dad48e9489a48acbb) - - [ ] [更优雅的nignx内存马后门 | ebpf 内核马](https://mp.weixin.qq.com/s?__biz=Mzk1NzE0ODk3Nw==&mid=2247490404&idx=1&sn=2d6bb4d4aa0b816671fdb5a1c720cf67) - - [ ] [浅谈迪菲赫尔曼密钥交换算法](https://mp.weixin.qq.com/s?__biz=MzAwNTc5MTMyNg==&mid=2247500100&idx=1&sn=b5c374bd03a5274cba5910d9d3a26b89) - - [ ] [饶志宏 | 构筑网络空间安全主动防御体系](https://mp.weixin.qq.com/s?__biz=Mzg4MDU0NTQ4Mw==&mid=2247528735&idx=1&sn=af82df22e9bbc7b90f6a7bff8ac9483f) - - [ ] [专家解读 | 建设可信数据空间,打造新型数据基础设施](https://mp.weixin.qq.com/s?__biz=Mzg4MDU0NTQ4Mw==&mid=2247528735&idx=2&sn=5db52b34f260efee2cbabd9f8161f1f6) - - [ ] [揭秘Android RAT程序:权限滥用与案例分析](https://mp.weixin.qq.com/s?__biz=Mzg2OTU3MzI1OQ==&mid=2247485515&idx=1&sn=af8b4b349e5b0fc56e39fc7442f9d4b9) - - [ ] [中央网信办启动“清朗·2025年春节网络环境整治”专项行动](https://mp.weixin.qq.com/s?__biz=MzUzNjkxODE5MA==&mid=2247488116&idx=1&sn=7d7335dcba54760679a97a688b9494c8) - - [ ] [ISO 14001: 2015 标准详解与实施(17)7.5 文件化信息](https://mp.weixin.qq.com/s?__biz=MzA5OTEyNzc1Nw==&mid=2247485957&idx=1&sn=f314736bad7328324e5dbab086cc6fbc) - - [ ] [ISO 14001: 2015 标准详解与实施(16)7.4 信息交流](https://mp.weixin.qq.com/s?__biz=MzA5OTEyNzc1Nw==&mid=2247485957&idx=2&sn=6476becda88cde2f67f9388df289d55e) - - [ ] [ISO 14001: 2015 标准详解与实施(15)7.3 意识](https://mp.weixin.qq.com/s?__biz=MzA5OTEyNzc1Nw==&mid=2247485957&idx=3&sn=888996499eb4807b9b2aa2f4dc6a9e6b) - - [ ] [ISO 14001: 2015 标准详解与实施(13)7.1 资源](https://mp.weixin.qq.com/s?__biz=MzA5OTEyNzc1Nw==&mid=2247485957&idx=5&sn=0a40ae02d454f03cd52b812d3921490e) - - [ ] [【2025-01-19】每日安全资讯](https://mp.weixin.qq.com/s?__biz=MzIzNDU5NTI4OQ==&mid=2247488320&idx=1&sn=6d342d8bea1a7d4e4d31fa9f9e79bf14) - - [ ] [区块链 智能合约安全 | 回滚攻击](https://mp.weixin.qq.com/s?__biz=MzUyODkwNDIyMg==&mid=2247547396&idx=1&sn=dd36ead706ea97fab71e7281fffcf75c) - - [ ] [tiktok已无法使用😂](https://mp.weixin.qq.com/s?__biz=MzkzNDIzNDUxOQ==&mid=2247494398&idx=1&sn=e64737d718dd422c5356eb94cf751086) - - [ ] [银狐肆虐,小白该如何防范,如何自动化狩猎钓鱼站点---文末附自动化检测程序](https://mp.weixin.qq.com/s?__biz=MzU4NTg4MzIzNA==&mid=2247484329&idx=1&sn=20c31baba359a00aaa54f36bd93f9bcd) - - [ ] [深化网络安全合作,共商情感管理 —— 记1月18日重要电话会谈](https://mp.weixin.qq.com/s?__biz=MzkyMTQzNTM3Ng==&mid=2247483889&idx=1&sn=8ca317a40bb5f24e50d0f00e1c5306ae) - - [ ] [灵蛇献瑞,福满乾坤](https://mp.weixin.qq.com/s?__biz=MzI1ODM1MjUxMQ==&mid=2247494410&idx=1&sn=45fe1b3463f34af5c35aa7b62cfd7cc3) - - [ ] [赛题记录 | 2025西湖论剑两道WEB的一些思考](https://mp.weixin.qq.com/s?__biz=MzkwMzQyMTg5OA==&mid=2247486681&idx=1&sn=3a0fd0f13894f31de83d8dd72d4dd846) - - [ ] [巴塞罗那,何以成为世界间谍软件初创中心?](https://mp.weixin.qq.com/s?__biz=MzkzNjE5NjQ4Mw==&mid=2247543307&idx=1&sn=24802d280d3d002dd86da86d1b78591c) - - [ ] [2025黑客入门教程(非常详细)从零基础入门到精通,看完这一篇就够了](https://mp.weixin.qq.com/s?__biz=Mzk1NzMwNTM5NQ==&mid=2247483844&idx=1&sn=b1a288bed4d824126b3d8719308cc24c) - - [ ] [安天网络行为检测能力升级通告(20250119)](https://mp.weixin.qq.com/s?__biz=MjM5MTA3Nzk4MQ==&mid=2650209598&idx=1&sn=5e5e2d6ece7346b23318db96d9226467) - - [ ] [物联网产业规模和连接数规模测算方法工作座谈会顺利召开](https://mp.weixin.qq.com/s?__biz=MzU1OTUxNTI1NA==&mid=2247592142&idx=1&sn=13b8eae44ec33e417928428f63273aa5) - - [ ] [工业互联网标识解析体系全面建成,奋力构筑信息通信业全面深化改革新图景](https://mp.weixin.qq.com/s?__biz=MzU1OTUxNTI1NA==&mid=2247592142&idx=2&sn=d03d0ae9dc1884dec9666278ea81b04e) - - [ ] [R3 RootKit病毒技术研究入门](https://mp.weixin.qq.com/s?__biz=MzA4ODEyODA3MQ==&mid=2247490049&idx=1&sn=eec060b016a2c2c48b9a5a5a5a6ef745) - - [ ] [攻防技战术动态一周更新 - 20250113](https://mp.weixin.qq.com/s?__biz=MzkzODc4NjE1OQ==&mid=2247483907&idx=1&sn=486fd11536298725e1e9a848a267a9af) - - [ ] [【反面案例】少量生物数据被暴露在公网](https://mp.weixin.qq.com/s?__biz=MzkzNDIzNDUxOQ==&mid=2247494391&idx=1&sn=9a46670c6f765c8770ae558d75f02cb5) - - [ ] [apt 的归因就没看到让人信服的](https://mp.weixin.qq.com/s?__biz=MzkzNDIzNDUxOQ==&mid=2247494391&idx=2&sn=969e7797f3c4f1ced0997799d459d83b) - - [ ] [小某书为新闻采集唯一真神](https://mp.weixin.qq.com/s?__biz=MzkzNDIzNDUxOQ==&mid=2247494391&idx=3&sn=bdccdf154b778c993f48b58ce8b8193b) - - [ ] [哟,搁这玩反差呢。](https://mp.weixin.qq.com/s?__biz=Mzk0MzY3MDE5Mg==&mid=2247483946&idx=1&sn=eef0c77d553e635745a380f04e3a5e3e) - - [ ] [2025年十大最佳漏洞管理工具](https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651312409&idx=1&sn=cb68df3d11a9480a16e2eab801cc662c) - - [ ] [Google Ads用户成恶意广告诈骗新目标,凭据及双因素认证码被盗](https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651312409&idx=3&sn=d3e1c0a64ae860400058cb81618f1fc3) - - [ ] [SuperdEye:一款基于纯Go实现的间接系统调用执行工具](https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651312409&idx=4&sn=a81099ae3c74511c3ebc897f37b2d848) - - [ ] [Spring框架—基础学习](https://mp.weixin.qq.com/s?__biz=Mzk0ODY1NzEwMA==&mid=2247485908&idx=1&sn=0f6a61387171d5f21da91dd84a294e06) - - [ ] [【新年抽奖】一周速成反混淆大师-秒杀变种控制流平坦化(ollvm)](https://mp.weixin.qq.com/s?__biz=MzI1Mjk2MTM1OQ==&mid=2247485300&idx=1&sn=e32bfd9075a39ac821bd3a6ab1424f89) - - [ ] [固件安全分析之符号表恢复技术](https://mp.weixin.qq.com/s?__biz=MjM5MjEyMTcyMQ==&mid=2651037421&idx=1&sn=c4127ac756e63ebc1597aaa82d755d7e) - - [ ] [YD∕T 6032-2024 面向家庭宽带场景的IPv6安全隔离技术要求](https://mp.weixin.qq.com/s?__biz=MjM5OTk4MDE2MA==&mid=2655264115&idx=4&sn=a3b1cfc4b3c623b8d0278793a4e02e3f) - - [ ] [YD∕T 6041-2024 5G移动通信网 核心网网络切片增强技术要求(第二阶段)](https://mp.weixin.qq.com/s?__biz=MjM5OTk4MDE2MA==&mid=2655264115&idx=5&sn=59f216e1b9a569919f11ca3b30bd0b87) - - [ ] [YD∕T 6058-2024 面向车联网应用场景的高精度定位总体技术要求](https://mp.weixin.qq.com/s?__biz=MjM5OTk4MDE2MA==&mid=2655264115&idx=6&sn=31a0921bbb405761eb3588c9c3cabd2e) - - [ ] [YD∕T 6101-2024 深度包检测策略信息库智能管理技术要求](https://mp.weixin.qq.com/s?__biz=MjM5OTk4MDE2MA==&mid=2655264115&idx=7&sn=9b641925ee0f057e6ad96c5721ca2b49) - - [ ] [YD∕T 4565-2023 物联网安全态势感知技术要求](https://mp.weixin.qq.com/s?__biz=MjM5OTk4MDE2MA==&mid=2655264115&idx=8&sn=4a5088a2479b1ea6f5d2fce512b036ad) - - [ ] [既怕兄弟苦又怕兄弟开路虎()o(╥﹏╥)o)](https://mp.weixin.qq.com/s?__biz=Mzk0MzY3MDE5Mg==&mid=2247483938&idx=1&sn=92e645ae20f8705c8b20cd9f91848c84) - - [ ] [西湖论剑WriteUp](https://mp.weixin.qq.com/s?__biz=MzkyMDY5OTg5OA==&mid=2247493338&idx=1&sn=964783a401a2539239644bbccf4ff43e) - - [ ] [解锁企业持续增长的密钥——深入探索企业战略规划方法论(附PPT下载)](https://mp.weixin.qq.com/s?__biz=MzkyODY5ODAyOA==&mid=2247489312&idx=1&sn=4fe2d267861399d0a7097a2920ad121a) - - [ ] [网安原创文章推荐【2025/1/18】](https://mp.weixin.qq.com/s?__biz=MzAxNzg3NzMyNQ==&mid=2247489469&idx=1&sn=b7c1fc722653e74c14d51d4b187836f8) - - [ ] [盘点一下各种奇葩的删库跑路事件](https://mp.weixin.qq.com/s?__biz=MzUzNjkxODE5MA==&mid=2247488110&idx=1&sn=5af4bf3456d5a9f636d31cf2204f7298) - - [ ] [涉案2000万!网警成功侦破一起特大“造谣引流”网络水军案;](https://mp.weixin.qq.com/s?__biz=MzAxMjE3ODU3MQ==&mid=2650606800&idx=1&sn=ec4b2cd3fc2d252b1d3d3b622692d78f) - - [ ] [攻防实战,进入某校内网](https://mp.weixin.qq.com/s?__biz=MzAxMjE3ODU3MQ==&mid=2650606800&idx=3&sn=990d0438b26e59119c79ba0c75cc675d) - - [ ] [一款微信小程序源码包信息收集工具,根据已有项目改编](https://mp.weixin.qq.com/s?__biz=MzAxMjE3ODU3MQ==&mid=2650606800&idx=4&sn=4735e4f51b9fdd9e26d3e719ec291843) - - [ ] [.NET内网实战:通过 findstr 快速获取数据库连接密码](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498317&idx=1&sn=a5fbee0aae201e4dfbe1b11cd8875574) - - [ ] [.NET 安全攻防知识交流社区](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498317&idx=2&sn=d7ca7d91aa1a789626ddce7bc16645ad) - - [ ] [.NET 第55期红队武器库和资源汇总](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498317&idx=3&sn=e32ddb9164eebb4dbe090802a5ff5d22) + - [ ] [【漏洞预警】ZZCMS index.php SQL注入漏洞(CVE-2025-0565)](https://mp.weixin.qq.com/s?__biz=MzI3NzMzNzE5Ng==&mid=2247489485&idx=1&sn=e5ea1e03489d9276fac40db96a823bb7) + - [ ] [TikTok为何起死回生](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485443&idx=1&sn=dd23aa4fd95519d14cc33ef2d54c8810) + - [ ] [【直卖实拍】北七家3居变4居豪装,理想楼层、户型、朝向](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485443&idx=2&sn=b36fdcdc5a0525e1db0a2fa6508f52dc) + - [ ] [【干货】笑傲职场的独家经验(1)](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485443&idx=3&sn=88641f7357a1f75be1dc1d32c6752987) + - [ ] [【干货原创】实网攻防演习常态化,会带来什么变化01](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485443&idx=4&sn=f71b5322469f2fa2ccfe166579caebb1) + - [ ] [【干货原创】K12教育,鲜为人知的模式秘密](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485443&idx=5&sn=6d627d2c0be617514fc89ab29ca4b5e9) + - [ ] [原创文章目录](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485443&idx=6&sn=fad9c90b81fc4f20dcc44dc1f14c9c5f) + - [ ] [SQL注入全知道:网络安全的关键一课](https://mp.weixin.qq.com/s?__biz=Mzk2NDE3NDUwNg==&mid=2247483828&idx=1&sn=8ef20fd531a6dcf1a4e1cda040353abd) + - [ ] [Win11综合渗透系统,第二个”kali“武器库](https://mp.weixin.qq.com/s?__biz=MzU2MTc4NTEyNw==&mid=2247486356&idx=1&sn=a92c101f23fbced3106f21dd7797fe8b) + - [ ] [如何mongodb未授权访问漏洞](https://mp.weixin.qq.com/s?__biz=MzU1NjczNjA0Nw==&mid=2247486273&idx=1&sn=9a0ebba7a700f0ae0410be83b4b1df00) + - [ ] [国家发展改革委 国家数据局印发:《公共数据资源登记管理暂行办法》](https://mp.weixin.qq.com/s?__biz=MzI5NTM4OTQ5Mg==&mid=2247633921&idx=1&sn=18de258173a0a62f2d71cd2ca2582883) + - [ ] [国家发展改革委 国家数据局印发:《公共数据资源授权运营实施规范(试行)》](https://mp.weixin.qq.com/s?__biz=MzI5NTM4OTQ5Mg==&mid=2247633921&idx=2&sn=c418f7c2c0e0d01528c11d8e9353f68c) + - [ ] [国家发展改革委 国家数据局:建立公共数据资源授权运营价格形成机制](https://mp.weixin.qq.com/s?__biz=MzI5NTM4OTQ5Mg==&mid=2247633921&idx=3&sn=6cf19acc3796e33b2cce9a02142745d1) + - [ ] [联播 | 我国首次出台公共数据资源开发利用实施细则](https://mp.weixin.qq.com/s?__biz=MzI5NTM4OTQ5Mg==&mid=2247633921&idx=4&sn=2289a72714579a09896c3c81b515d927) + - [ ] [特朗普发虚拟币,盘中暴涨1250%!](https://mp.weixin.qq.com/s?__biz=MzI5NTM4OTQ5Mg==&mid=2247633921&idx=5&sn=54a5ea5792206d9bae4c05e339bd07d5) + - [ ] [入群交流](https://mp.weixin.qq.com/s?__biz=MzI3NzM5NDA0NA==&mid=2247490304&idx=1&sn=a98b3b79b777c84182792e9c67ffacce) + - [ ] [【知识点】解密:HUMINT、SIGINT、OSINT、MASINT、GEOINT 、IMINT、SOCMINT、MEDINT等](https://mp.weixin.qq.com/s?__biz=MzI2MTE0NTE3Mw==&mid=2651148633&idx=1&sn=80a6c18af41984c8aaa601f82ccd7ac8) + - [ ] [渗透测试人员的 MSSQL:NetExec](https://mp.weixin.qq.com/s?__biz=MzU1NjczNjA0Nw==&mid=2247486268&idx=1&sn=450e1a636c028a9d9e1fe429289a8668) + - [ ] [常见几种网络协议分析](https://mp.weixin.qq.com/s?__biz=MzAxNTg1MDYxNA==&mid=2247489128&idx=1&sn=313dc6f577ec674a9a177d748316db7b) + - [ ] [HGAME 2025 来啦!](https://mp.weixin.qq.com/s?__biz=MzIxNDU2ODg3Mw==&mid=2247485952&idx=1&sn=799660f91d48a13de14372592f792a47) + - [ ] [商务合作](https://mp.weixin.qq.com/s?__biz=MzI3NzM5NDA0NA==&mid=2247490298&idx=1&sn=29a1662bf8226520fd86fc0e9622b590) + - [ ] [游戏数据安全——论各大防封手段](https://mp.weixin.qq.com/s?__biz=MzkyMTQzNTM3Ng==&mid=2247483891&idx=1&sn=2558903c6966574bc94858f004b07211) + - [ ] [由国家医保局集采出现的低价低质药品问题想到网络安全产品采购](https://mp.weixin.qq.com/s?__biz=Mzk0MDI5MTQzMg==&mid=2247483930&idx=1&sn=228a4301c1f6b71dd85754c22ba6beed) + - [ ] [【调研】网络与信息法学研究机构调研问卷](https://mp.weixin.qq.com/s?__biz=MzU1NDY3NDgwMQ==&mid=2247549334&idx=1&sn=82cf21764d504b41a48962823d8ed655) + - [ ] [【资讯】贵州省政府办公厅印发《贵州省公共数据授权运营管理办法(试行)》](https://mp.weixin.qq.com/s?__biz=MzU1NDY3NDgwMQ==&mid=2247549334&idx=2&sn=053caf442ee04b3f5546728815a77d5c) + - [ ] [【资讯】黑龙江省政府办公厅印发《黑龙江省政务数据管理暂行办法》](https://mp.weixin.qq.com/s?__biz=MzU1NDY3NDgwMQ==&mid=2247549334&idx=3&sn=5c8a8470788284305db508aa96bd7c79) + - [ ] [【资讯】重庆市政府办公厅印发《重庆市智慧医疗装备产业创新发展行动计划(2025—2027年)》](https://mp.weixin.qq.com/s?__biz=MzU1NDY3NDgwMQ==&mid=2247549334&idx=4&sn=f2251d4ebfb1aeedfd16c0781ec39e40) + - [ ] [保护开源:软件供应链革命的教训](https://mp.weixin.qq.com/s?__biz=MzA4MzMzOTQ4Mw==&mid=2453672504&idx=1&sn=babb0420709b2e937d08399d4d0253d8) + - [ ] [2024春秋杯冬季赛部分wp](https://mp.weixin.qq.com/s?__biz=MzkzNzg4MTI0NQ==&mid=2247485407&idx=1&sn=1cf860634c2c903157b69595dfaf0367) + - [ ] [梦里挖edu src的步骤](https://mp.weixin.qq.com/s?__biz=Mzg3OTUxNTU2NQ==&mid=2247490011&idx=1&sn=b84ffdb0597e4d6c90da739f541f310c) + - [ ] [渗透测试信息收集指南](https://mp.weixin.qq.com/s?__biz=Mzg3OTUxNTU2NQ==&mid=2247490011&idx=2&sn=493f7191ac6cb9fcfbc24240dc688f1e) + - [ ] [【库迪咖啡|全场饮品任选券|多店可用】现价仅需7.9 低至2.3折](https://mp.weixin.qq.com/s?__biz=Mzg3OTUxNTU2NQ==&mid=2247490011&idx=3&sn=696b18cad8b2a463ec2185c4ac088e12) + - [ ] [告别手动编辑:如何用Python快速创建Ansible hosts文件?](https://mp.weixin.qq.com/s?__biz=MjM5OTc5MjM4Nw==&mid=2457386352&idx=1&sn=8feb8deabf383342740f93b565b22599) + - [ ] [Linux系统沦陷只需1分钟?这些文件权限配置千万别踩坑!](https://mp.weixin.qq.com/s?__biz=MzI5MjY4MTMyMQ==&mid=2247489749&idx=1&sn=7962c59b247991746167fa1a11ae454e) + - [ ] [【云安全】云原生-Docker(一)安全问题概述](https://mp.weixin.qq.com/s?__biz=MzUyNTUyNTA5OQ==&mid=2247484414&idx=1&sn=24240cde29e42a4c1d40be5dc842887c) + - [ ] [三江汇流 共赴未来 | 三未信安2025年全体员工大会暨优秀员工颁奖典礼、迎新年会圆满举办](https://mp.weixin.qq.com/s?__biz=MzA5ODk0ODM5Nw==&mid=2650330729&idx=1&sn=01e972e79a2a22651fe6dc099e789730) + - [ ] [供应链危机四伏:2024年十大供应链安全事件盘点](https://mp.weixin.qq.com/s?__biz=MzkxMzQwNDcxNg==&mid=2247486847&idx=1&sn=d89231f87a5afce0ccd46a4e73f593a8) + - [ ] [下辈子准时点](https://mp.weixin.qq.com/s?__biz=MzAwMjQ2NTQ4Mg==&mid=2247496696&idx=1&sn=3a506bc2e55fccbc563b774c17a54714) + - [ ] [每日情报速递](https://mp.weixin.qq.com/s?__biz=MzkxMzU4ODU2MQ==&mid=2247484008&idx=1&sn=ac715abc887e00dbbfc1436a108e6250) + - [ ] [pikachu靶机-sql注入](https://mp.weixin.qq.com/s?__biz=Mzk1NzI5NzA3NQ==&mid=2247486295&idx=1&sn=62db4342ca546762d7dad726b689a216) + - [ ] [意外发现谷歌Slides越权漏洞,获得赏金$3133.70的故事](https://mp.weixin.qq.com/s?__biz=Mzg2ODYxMzY3OQ==&mid=2247518279&idx=1&sn=7d44805e31cccc886d5a926e01ac7338) + - [ ] [SRC专项知识库](https://mp.weixin.qq.com/s?__biz=Mzg2ODYxMzY3OQ==&mid=2247518279&idx=2&sn=848576913cb502b4079a9268c93b2f96) + - [ ] [新年要到了,地图大师和大家请个假!](https://mp.weixin.qq.com/s?__biz=MzI5MDcyODIzNg==&mid=2247484847&idx=1&sn=ea43296b01431c6d05978d81aca141e9) + - [ ] [金盾信安 | 网络和数据领域资讯第44期(2025.1.14-2025.1.20)](https://mp.weixin.qq.com/s?__biz=MjM5NjA2NzY3NA==&mid=2448682463&idx=1&sn=6b0cf0e4166f632f756e6d7185550a0c) + - [ ] [一图读懂 | 关于完善数据流通安全治理 更好促进数据要素市场化价值化的实施方案](https://mp.weixin.qq.com/s?__biz=MjM5NjA2NzY3NA==&mid=2448682463&idx=2&sn=0b3adf79225cf56eeea212f3b7827b2e) + - [ ] [从信息泄露到越权再到弱口令](https://mp.weixin.qq.com/s?__biz=MzIzMTIzNTM0MA==&mid=2247496915&idx=1&sn=ab34ad81c6b8fa8f2d00b9513c025fa4) + - [ ] [DeepSeek-R1发布:AI模型的新突破与挑战](https://mp.weixin.qq.com/s?__biz=Mzg4NDY4Mzk3Mw==&mid=2247485508&idx=1&sn=24b05cfb5c4bc56938cae5df32894666) + - [ ] [凉山叙事](https://mp.weixin.qq.com/s?__biz=MzUzMjQyMDE3Ng==&mid=2247487923&idx=1&sn=27de2e79a46e08f68e6fd4cadd99c580) + - [ ] [用AI批量画美女,起号快涨粉猛!](https://mp.weixin.qq.com/s?__biz=MzU5MjI1NTY1Mg==&mid=2247484026&idx=1&sn=5fe17628890ac8925d456ec37ddbb401) + - [ ] [什么?超级大黑客挖不到CVE怪别人?](https://mp.weixin.qq.com/s?__biz=Mzg2NDg2MDIxNQ==&mid=2247485337&idx=1&sn=0e18e12e4583d3266cf4cfeef786a4d4) + - [ ] [G.O.S.S.I.P 技术笔记 2025-01-15 薛定谔的寄存器?](https://mp.weixin.qq.com/s?__biz=Mzg5ODUxMzg0Ng==&mid=2247499629&idx=1&sn=2890acf36b4707a5bf91f3c823c4a5db) + - [ ] [重要通知 | 水务行业信息技术应用创新典型案例征集活动正式开启!](https://mp.weixin.qq.com/s?__biz=MjM5NzYwNDU0Mg==&mid=2649249501&idx=1&sn=7fb28777ad09673ab4833b0e29dd508a) + - [ ] [Pycharm接入DeepSeek-Coder](https://mp.weixin.qq.com/s?__biz=MjM5NDcxMDQzNA==&mid=2247489378&idx=1&sn=1aff955a1f6d90eca2719ea543dc1f6e) + - [ ] [区域 EE 架构的网络安全设计原则](https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247619836&idx=1&sn=e0ed060c4fa01b7116987d615eaee244) + - [ ] [汽车行业的4项基本网络安全原则](https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247619836&idx=2&sn=dfcd600112ecc5a305a8575993cad59f) + - [ ] [汽车网络安全原则](https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247619836&idx=3&sn=e130f913bea9bf203e72ceed015b3888) + - [ ] [基于MQTT协议的物联网小基站](https://mp.weixin.qq.com/s?__biz=MzkxMzIwNTY1OA==&mid=2247510807&idx=1&sn=a3f9af8ad8ab86ab84ec3ee023997827) + - [ ] [利用 Windows 常见日志文件系统零日漏洞 (CVE-2024-49138)](https://mp.weixin.qq.com/s?__biz=MzI0NzE4ODk1Mw==&mid=2652094653&idx=1&sn=0a8f46713971d1eae5f9bc98fe0e3049) + - [ ] [严重远程代码执行漏洞(CVE-2024-53691)在QNAP 系统中被发现](https://mp.weixin.qq.com/s?__biz=MzI0NzE4ODk1Mw==&mid=2652094653&idx=2&sn=c69dfb1b57a25f58f75e9a9f5422bd0c) + - [ ] [解读出国劳务:表面邀请拍戏,实则人口交易,走上小路,却是末路!](https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651312480&idx=1&sn=2be5b35dfbdedbfdbcdd3f9202df131a) + - [ ] [惠普被黑客入侵,机密数据在暗网出售](https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651312480&idx=2&sn=a05f6eecc8d3d1f5f003190048e55fcb) + - [ ] [黑客滥用微软VSCode 远程隧道绕过安全工具](https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651312480&idx=3&sn=b0c12a4dddb00af1b5562fe19c9287c8) + - [ ] [Hannibal:一款基于C的x64 Windows代理](https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651312480&idx=4&sn=f4a2e1bfaa023f53f89e41093fef9be4) + - [ ] [豆包实时语音大模型上线即开放!情商智商双高](https://mp.weixin.qq.com/s?__biz=MzI1MzYzMjE0MQ==&mid=2247512895&idx=1&sn=49ed677b655176bbbd6eee6f4ddc18e1) + - [ ] [SQL注入靶场(前22关)保姆级教学](https://mp.weixin.qq.com/s?__biz=MzkzNjg3NzIwOQ==&mid=2247485112&idx=1&sn=80fc51e061a399aa0576b2480a0953a3) + - [ ] [带你解锁编码新世界!--随波逐流CTF编码工具使用教程37 --云影密码](https://mp.weixin.qq.com/s?__biz=MzU2NzIzNzU4Mg==&mid=2247489499&idx=1&sn=56bef61a2ffed756e0bb9b4217c0834e) + - [ ] [第三届N1CTF Junior报名开启](https://mp.weixin.qq.com/s?__biz=MzU4MTg1NzAzMA==&mid=2247490615&idx=1&sn=a3e77db49dc51e0396b2ffd6f5886aee) + - [ ] [【安全圈】宁波某化工企业被境外势力获取危险源监控视频数据](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067503&idx=1&sn=018f26decbcead5c44d6897dcaac4696) + - [ ] [【安全圈】黑客声称惠普企业遭入侵,列出待售数据](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067503&idx=2&sn=91d7e9ae298ff62eea78d7143853f356) + - [ ] [【安全圈】黑客滥用 Microsoft VSCode 远程隧道绕过安全工具](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067503&idx=3&sn=0b2738a898f48ebbcd35b935ea9b9b9b) + - [ ] [【安全圈】无需拆卸笔记本电脑即可访问 Windows 11 BitLocker 加密文件](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067503&idx=4&sn=17aa39950a2ad339c5c9189715ebc4f2) + - [ ] [AI时代-利用Ai赚钱的N中方法](https://mp.weixin.qq.com/s?__biz=Mzg2NDYwMDA1NA==&mid=2247543554&idx=1&sn=6ca82e5051fc54fba128ff1b6bc374ce) + - [ ] [“升官发财”,特朗普虚拟币暴涨41200%!“第一夫人币”两小时近腰斩](https://mp.weixin.qq.com/s?__biz=Mzg2NDYwMDA1NA==&mid=2247543554&idx=2&sn=50d4d9652b497a556e9a9f1a064d6a6e) + - [ ] [多伦多大学年度黑客松“UofTHacks 12” 在DoraHacks正式开启](https://mp.weixin.qq.com/s?__biz=MzU2MTQwMzMxNA==&mid=2247541420&idx=1&sn=7520eaaa0a11fb4924fd960022874b02) + - [ ] [电力安全|2024年新型电力系统安全建设指南报告(附下载)](https://mp.weixin.qq.com/s?__biz=MzI2MDk2NDA0OA==&mid=2247531128&idx=1&sn=7e001d4bfcf9cda041d5c9360cbe2d81) + - [ ] [干货 | 中国市政华北院刘杰:工业信息安全在市政行业的应用(附视频+PPT)](https://mp.weixin.qq.com/s?__biz=MzI2MDk2NDA0OA==&mid=2247531128&idx=2&sn=77375409542f4a968c5c5b2d10088225) + - [ ] [全球视野 | 国际网安快讯(第46期)](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235156&idx=1&sn=0d1b4aa189b788c665f35ccc52b8c79c) + - [ ] [关注 | 中央网信办启动“清朗·2025年春节网络环境整治”专项行动](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235156&idx=2&sn=4b39d631ae07312faba443f5436ad10d) + - [ ] [专家解读 | 蒋艳:促进数据标注能力提升,筑牢工业智能数据基础](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235156&idx=3&sn=558d06cf50feba02ada95b443dd3c827) + - [ ] [专家观点 | 构建多元化的人工智能训练数据供给体系](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235156&idx=4&sn=1dbca4b896271872f13bb321297280ba) + - [ ] [国际 | 欧盟计划加强医疗保健行业网络安全](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235156&idx=5&sn=957baf161a599a455c3db7e971b5e1be) + - [ ] [国际 | 日本强化“主动网络防御”能力](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235156&idx=6&sn=8ccd83bcc4b8e4593e6fdd896fa083e0) + - [ ] [评论 | 请读懂用“反向驯化”对付算法背后的诉求](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235156&idx=7&sn=f84b09b4c82d9bc9efe8c1c5f4c91a4d) + - [ ] [第84期 | GPTSecurity周报](https://mp.weixin.qq.com/s?__biz=MzkzNDUxOTk2Mw==&mid=2247495733&idx=1&sn=b25764a0c1cb74d6cf486000580c406c) + - [ ] [喜报 | 卫达信息董事长兼CEO张长河入选北京信息化协会专家库](https://mp.weixin.qq.com/s?__biz=Mzg5NDY0NTM2Nw==&mid=2247492228&idx=1&sn=9f73182c1bd8a144aa165eee1ff349b8) + - [ ] [保姆级教学之XSS-Labs通关](https://mp.weixin.qq.com/s?__biz=Mzk1NzQwNjQ4Ng==&mid=2247484597&idx=1&sn=48da660e734995c35cec93cddff84fd8) + - [ ] [电科网安*安默科技2024年终总结暨2025年迎新会圆满落幕](https://mp.weixin.qq.com/s?__biz=MzU3ODk0MzE4OA==&mid=2247488051&idx=1&sn=6f19acffa8173f7a20541412fc6576a5) + - [ ] [对话|ESA如何助力企业高效安全开展在线业务?](https://mp.weixin.qq.com/s?__biz=MzU5ODgzNTExOQ==&mid=2247635009&idx=1&sn=69db4caf5105b9b0125c63728b5fecaa) + - [ ] [【黑产大数据】2024年互联网黑灰产趋势年度总结](https://mp.weixin.qq.com/s?__biz=MzU5ODgzNTExOQ==&mid=2247635009&idx=2&sn=3dde0197ea08fcea6abbf1efcc97121e) + - [ ] [T1059.009 命令执行:云API异常调用](https://mp.weixin.qq.com/s?__biz=Mzk0NDcyMjU2OQ==&mid=2247484541&idx=1&sn=c834b9f4ff672abc3b456507acb31eeb) + - [ ] [盘点!美亚柏科电子数据取证技术实现多项关键性突破](https://mp.weixin.qq.com/s?__biz=MjM5NTU4NjgzMg==&mid=2651436426&idx=1&sn=a33191a6dedd3921aaf30e03d59a4725) + - [ ] [国投智能(美亚柏科)2025年首期师资培训班顺利结营](https://mp.weixin.qq.com/s?__biz=MjM5NTU4NjgzMg==&mid=2651436426&idx=2&sn=a927c434d43af1cb6365563dda66f575) + - [ ] [CNVD漏洞周报2025年第3期](https://mp.weixin.qq.com/s?__biz=MzU3ODM2NTg2Mg==&mid=2247495715&idx=1&sn=c02f8d40b18ff20468aa338efd776c5d) + - [ ] [上周关注度较高的产品安全漏洞(20250113-20250119)](https://mp.weixin.qq.com/s?__biz=MzU3ODM2NTg2Mg==&mid=2247495715&idx=2&sn=b9b9d870553d36e181ba7d1702fde7da) + - [ ] [面向脚本小子的360QVM](https://mp.weixin.qq.com/s?__biz=MzU0NDc0NTY3OQ==&mid=2247488404&idx=1&sn=767ba5298bab860a12d1a405c60ff539) + - [ ] [3家公司未履行网络安全保护义务被网信部门约谈](https://mp.weixin.qq.com/s?__biz=MzIxMDIwODM2MA==&mid=2653931455&idx=1&sn=9869843197ad2257ce5e19eceb4cdd5c) + - [ ] [河南农商联合银行1000万扩容大数据平台,服务器中标金额近乎“腰斩”](https://mp.weixin.qq.com/s?__biz=MzIxMDIwODM2MA==&mid=2653931455&idx=2&sn=2b60d33885356d3902384fba93149b07) + - [ ] [滴!您有一封来自360安全大模型的年度报告待查收](https://mp.weixin.qq.com/s?__biz=MzA4MTg0MDQ4Nw==&mid=2247579147&idx=1&sn=0643e297c264261888a85bdd3bd4b117) + - [ ] [国际权威认可!奇安信入选全球外部威胁情报服务代表性提供商](https://mp.weixin.qq.com/s?__biz=MzU0NDk0NTAwMw==&mid=2247624499&idx=1&sn=2bde033592b17124298b7604ce3f2346) + - [ ] [吴云坤总裁荣获CCF计算机博物馆建设年度杰出贡献奖](https://mp.weixin.qq.com/s?__biz=MzU0NDk0NTAwMw==&mid=2247624499&idx=2&sn=1e3dedef1c1a65b4d6d35a1739c53535) + - [ ] [SQL注入的入门指南](https://mp.weixin.qq.com/s?__biz=Mzk0Mjg4MTQxMw==&mid=2247485731&idx=1&sn=001b161a0e206c805ff76545de384fae) + - [ ] [WGS-804HPT 交换机中存在多个严重漏洞,可导致RCE和网络利用](https://mp.weixin.qq.com/s?__biz=MzI2NTg4OTc5Nw==&mid=2247522124&idx=1&sn=8b928d650502c3cebc7b2ae0e85282a2) + - [ ] [PyPI 恶意包窃取Discord 开发人员的认证令牌](https://mp.weixin.qq.com/s?__biz=MzI2NTg4OTc5Nw==&mid=2247522124&idx=2&sn=98991414f4675f83bbb4a3935a2f16e1) + - [ ] [拜登辛苦布局,特朗普一键清零](https://mp.weixin.qq.com/s?__biz=MzkxMTA3MDk3NA==&mid=2247487075&idx=1&sn=76de4b585df35469219561d742159caf) + - [ ] [APT-C-26(Lazarus)组织持续升级攻击武器,利用Electron程序瞄准加密货币行业](https://mp.weixin.qq.com/s?__biz=MzUyMjk4NzExMA==&mid=2247505519&idx=1&sn=594229f2c0123673d1fa9c6cf729858b) + - [ ] [每周网安资讯 (1.7-1.13)|微软补丁日通告:2025年1月版](https://mp.weixin.qq.com/s?__biz=MzI2MzU0NTk3OA==&mid=2247505727&idx=1&sn=05d5f08860d3524fce4b867cf81fddae) + - [ ] [构筑业务系统监测预警体系,中孚信息筑牢国家安全保密新防线](https://mp.weixin.qq.com/s?__biz=MzAxMjE1MDY0NA==&mid=2247508720&idx=1&sn=b1a3fb7b9050e2c9f6897d8018d2fe99) + - [ ] [规划丨2025,对您的未来许下承诺](https://mp.weixin.qq.com/s?__biz=MzUzNTg4NDAyMg==&mid=2247492307&idx=1&sn=3a6a128fe59dd9a6c20465afe53b24a5) + - [ ] [150亿造车新势力,宣布停运破产](https://mp.weixin.qq.com/s?__biz=MzIzOTc2OTAxMg==&mid=2247549173&idx=1&sn=0c7333f70cb52cfe2b8da933eea4de06) + - [ ] [阿维塔确认参展AutoSec 9周年行业年会,亮剑汽车安全防护!](https://mp.weixin.qq.com/s?__biz=MzIzOTc2OTAxMg==&mid=2247549173&idx=2&sn=b66c040ec84ff0496a5cfcad390306df) + - [ ] [智能汽车安全理念的融合发展趋势预测](https://mp.weixin.qq.com/s?__biz=MzIzOTc2OTAxMg==&mid=2247549173&idx=3&sn=294f9fc1441e0a598b1e6efbf7597b66) + - [ ] [拜登再次发布网络安全行政令,全面加强美国国家网络防御创新](https://mp.weixin.qq.com/s?__biz=MzkwMTQyODI4Ng==&mid=2247495621&idx=1&sn=a052c6624c11fc6742d544424b993705) + - [ ] [2025年人工智能带来的五大网络安全趋势及其应对策略](https://mp.weixin.qq.com/s?__biz=MzkwMTQyODI4Ng==&mid=2247495621&idx=2&sn=689ff446f9d50f48c3a51f31d8210332) + - [ ] [Fortinet防火墙配置文件和VPN账户大规模泄露](https://mp.weixin.qq.com/s?__biz=MzkwMTQyODI4Ng==&mid=2247495621&idx=3&sn=9f373b789858198dc0c229e52a1d9911) + - [ ] [测评公告(2025年第1号)](https://mp.weixin.qq.com/s?__biz=MzI0NDg4MTIyNQ==&mid=2247486012&idx=1&sn=3e2ba62d7a8f49614ac4ed43fe5d70c6) + - [ ] [天翁安全 2025年新年粉丝专属红包来啦(第二弹)!](https://mp.weixin.qq.com/s?__biz=MzkwMzUyMjk2MQ==&mid=2247484100&idx=1&sn=c306276e7193d6c54a955c0cc151bb98) + - [ ] [开源前哨 · 热点情报速览(2025.1.14-2025.1.20)](https://mp.weixin.qq.com/s?__biz=Mzg2Nzg0NDkwMw==&mid=2247493204&idx=1&sn=3c970abd0871869c3dee3b7721e01585) + - [ ] [再获认可 |珞安科技自主研发产品入选CCIA第二版《网络安全专用产品指南》](https://mp.weixin.qq.com/s?__biz=MzU2NjI5NzY1OA==&mid=2247512181&idx=1&sn=30d15c8974a91118212031b6ab347066) + - [ ] [学习PE文件后的第一次实践项目之DLL反射型注入](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458588763&idx=1&sn=3f8a5ac4ea9d15820cc2cd6d5692963e) + - [ ] [开源工具 rsync 爆重大漏洞,黑客可越界写入缓冲区执行代码](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458588763&idx=2&sn=987fea6e7bc8cce2c77f2e2035072ac4) + - [ ] [今日更新:第4章2节-模糊测试工具基础使用](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458588763&idx=3&sn=094fc7e969bab88e07445fbca7b4b304) + - [ ] [从国赛到西湖论剑:fenjing进阶通杀jinjia2_SSTI](https://mp.weixin.qq.com/s?__biz=MzkxMDU5MzY0NQ==&mid=2247484461&idx=1&sn=b866a874c1d918dd649f80acfedc093f) + - [ ] [安全赋能丨梆梆安全受邀出席低空智联网专题座谈会暨首发低空安防智库揭牌仪式](https://mp.weixin.qq.com/s?__biz=MjM5NzE0NTIxMg==&mid=2651135123&idx=1&sn=756ef14e26921f7a402507c2c4e138a2) + - [ ] [再获殊荣|梆梆安全荣获中国网络安全产业联盟CCIA“2024年度先进会员单位”](https://mp.weixin.qq.com/s?__biz=MjM5NzE0NTIxMg==&mid=2651135123&idx=2&sn=2f3995fc6ee68b6a2b27acb6df3ba20d) + - [ ] [大寒 | 寒冬岁暮听风雪 静待春来万物生](https://mp.weixin.qq.com/s?__biz=MjM5NzE0NTIxMg==&mid=2651135123&idx=3&sn=0667693e8d3711a95039eee3e967dd29) + - [ ] [扫码下载 | 应急响应实战分析](https://mp.weixin.qq.com/s?__biz=MjM5OTk4MDE2MA==&mid=2655264138&idx=1&sn=76425edffe100ad52ff62ab4daa342e8) + - [ ] [漏洞预警 NetMizer 日志审计 axx.php sql注入漏洞](https://mp.weixin.qq.com/s?__biz=MzkyMTMwNjU1Mg==&mid=2247491972&idx=1&sn=1ca23e5d04a0a77875e0689e1e8c2501) + - [ ] [聚铭网络荣膺“2024年网络安全十大优秀产品”殊荣](https://mp.weixin.qq.com/s?__biz=MzIzMDQwMjg5NA==&mid=2247506558&idx=1&sn=2b88b9ebaf25df77a090a4232cc314e4) + - [ ] [安全服务不打烊 | 聚铭网络2025年春节放假通知](https://mp.weixin.qq.com/s?__biz=MzIzMDQwMjg5NA==&mid=2247506558&idx=2&sn=56a659bd2da7af8f60c01461daab69a2) + - [ ] [重磅!中共中央、国务院印发《教育强国建设规划纲要(2024-2035年)》](https://mp.weixin.qq.com/s?__biz=MzUyMzA1MTM2NA==&mid=2247499058&idx=1&sn=bb88b8e49b482515503e43edbdebdc17) +- Zgao's blog + - [ ] [0889挖矿团伙rootkit后门溯源排查记录](https://zgao.top/0889%e6%8c%96%e7%9f%bf%e5%9b%a2%e4%bc%99rootkit%e5%90%8e%e9%97%a8%e6%ba%af%e6%ba%90%e6%8e%92%e6%9f%a5%e8%ae%b0%e5%bd%95/) +- SecWiki News + - [ ] [SecWiki News 2025-01-20 Review](http://www.sec-wiki.com/?2025-01-20) +- 奇安信攻防社区 + - [ ] [浅谈恶意样本の反沙箱分析](https://forum.butian.net/share/4050) + - [ ] [在 JSP 中优雅的注入 Spring 内存马](https://forum.butian.net/share/4053) +- Private Feed for M09Ic + - [ ] [mgeeky starred jdu2600/Etw-SyscallMonitor](https://github.com/jdu2600/Etw-SyscallMonitor) + - [ ] [mgeeky starred jdu2600/CFG-FindHiddenShellcode](https://github.com/jdu2600/CFG-FindHiddenShellcode) + - [ ] [mgeeky starred jdu2600/EtwTi-FluctuationMonitor](https://github.com/jdu2600/EtwTi-FluctuationMonitor) + - [ ] [mgeeky starred panther-labs/panther-analysis](https://github.com/panther-labs/panther-analysis) + - [ ] [mgeeky starred praetorian-inc/goffloader](https://github.com/praetorian-inc/goffloader) + - [ ] [mgeeky starred hakaioffsec/coffee](https://github.com/hakaioffsec/coffee) + - [ ] [mgeeky starred gabriellandau/EDRSandblast-GodFault](https://github.com/gabriellandau/EDRSandblast-GodFault) + - [ ] [HuYlllc pushed to dev in chainreactors/malice-network](https://github.com/chainreactors/malice-network/compare/40ff4b0d2b...1d104aceb6) + - [ ] [kpcyrd forked kpcyrd/usbd-serial from rust-embedded-community/usbd-serial](https://github.com/kpcyrd/usbd-serial) + - [ ] [mgeeky starred jdu2600/Windows10EtwEvents](https://github.com/jdu2600/Windows10EtwEvents) + - [ ] [mgeeky starred Textualize/rich](https://github.com/Textualize/rich) + - [ ] [mgeeky starred yardenshafir/cet-research](https://github.com/yardenshafir/cet-research) + - [ ] [mgeeky starred gabriellandau/ShadowStackWalk](https://github.com/gabriellandau/ShadowStackWalk) + - [ ] [zema1 starred HACK-THE-WORLD/IDAPluginList](https://github.com/HACK-THE-WORLD/IDAPluginList) + - [ ] [zema1 starred REhints/HexRaysCodeXplorer](https://github.com/REhints/HexRaysCodeXplorer) + - [ ] [kpcyrd started following riotbib](https://github.com/riotbib) + - [ ] [gh0stkey starred zsh-users/zsh-syntax-highlighting](https://github.com/zsh-users/zsh-syntax-highlighting) + - [ ] [nightRainy starred mstorsjo/llvm-mingw](https://github.com/mstorsjo/llvm-mingw) + - [ ] [zema1 starred sigoden/aichat](https://github.com/sigoden/aichat) + - [ ] [mgeeky starred tasooshi/torboost](https://github.com/tasooshi/torboost) + - [ ] [zer0yu started following adysec](https://github.com/adysec) + - [ ] [zer0yu starred 0x727/ChkApi_0x727](https://github.com/0x727/ChkApi_0x727) + - [ ] [h3zh1 pushed to v0.0.4dev in chainreactors/malice-network](https://github.com/chainreactors/malice-network/compare/30083561aa...9ebee1c061) + - [ ] [zema1 starred rainers/cv2pdb](https://github.com/rainers/cv2pdb) + - [ ] [timwhitez starred jaksi/sshesame](https://github.com/jaksi/sshesame) + - [ ] [timwhitez starred droberson/ssh-honeypot](https://github.com/droberson/ssh-honeypot) + - [ ] [timwhitez starred magisterquis/sshhipot](https://github.com/magisterquis/sshhipot) +- 安全脉搏 + - [ ] [记一次攻防演练中的若依(thymeleaf 模板注入)getshell](https://www.secpulse.com/archives/205071.html) + - [ ] [浅谈内联钩取原理与实现](https://www.secpulse.com/archives/205124.html) +- 嘶吼 RoarTalk – 网络安全行业综合服务平台,4hou.com + - [ ] [绿盟科技2024年预计收入高增,亏损大幅收窄](https://www.4hou.com/posts/8gzr) - Recent Commits to cve:main - - [ ] [Update Sun Jan 19 20:27:53 UTC 2025](https://github.com/trickest/cve/commit/7e1f2063923cfa93d78465725760773477e387aa) - - [ ] [Update Sun Jan 19 12:26:12 UTC 2025](https://github.com/trickest/cve/commit/82640a9c27a9871a0f3f4be31b4606aa2dfa2dca) - - [ ] [Update Sun Jan 19 04:16:39 UTC 2025](https://github.com/trickest/cve/commit/dc028ae10989ac4ee92b70cb89ffeb4bd20660b6) + - [ ] [Update Mon Jan 20 20:20:12 UTC 2025](https://github.com/trickest/cve/commit/aedb363a6106f923d0179fd99792efccf1112259) + - [ ] [Update Mon Jan 20 12:23:13 UTC 2025](https://github.com/trickest/cve/commit/9d315db2ba795d0c7604551387c8e81ce6d2ef12) + - [ ] [Update Mon Jan 20 04:21:50 UTC 2025](https://github.com/trickest/cve/commit/315f452078d121de79d7ba03d7de4677c9edcea8) - 一个被知识诅咒的人 - - [ ] [Python中的函数式编程:使用map、filter和reduce提升代码表达力](https://blog.csdn.net/nokiaguy/article/details/145243904) - - [ ] [【Python运维】日志分析与监控:用Python进行日志聚合与异常检测的全面指南](https://blog.csdn.net/nokiaguy/article/details/145243887) -- Twitter @Nicolas Krassas - - [ ] [TikTok Goes Dark in the U.S. as Federal Ban Takes Effect January 19, 2025 https://thehackernews.com/2025/01/tiktok-goes-dark-in-us-as-federal-ban.html](https://x.com/Dinosn/status/1880868881063186864) - - [ ] [FCC to telcos: By law you must secure your networks from foreign spies. Get on it https://go.theregister.com/feed/www.theregister.com/2025/01/17/fcc_t...](https://x.com/Dinosn/status/1880824957879697869) - - [ ] [CVE-2024-55591: Follow up: Authentication Bypass Vulnerability in Fortinet FortiOS and FortiProxy https://arcticwolf.com/resources/blog/cve-2024-55591...](https://x.com/Dinosn/status/1880824876187144375) - - [ ] [FTC cracks down on Genshin Impact gacha loot box practices https://www.bleepingcomputer.com/news/gaming/ftc-cracks-down-on-genshin-impact-gacha-loot-b...](https://x.com/Dinosn/status/1880824780108317066) - - [ ] [MITRE Launches D3FEND 1.0 to Standardize Cybersecurity Techniques for Countering Threats https://cybersecuritynews.com/mitre-launches-d3fend-1-0/](https://x.com/Dinosn/status/1880824684910174639) - - [ ] [TikTok Says It Will ‘Go Dark’ Unless It Gets Clarity From Biden Following Supreme Court Ruling https://www.securityweek.com/tiktok-says-it-will-go-d...](https://x.com/Dinosn/status/1880824616345850324) - - [ ] [Treasury Levels Sanctions Tied to a Massive Hack of Telecom Companies and Breach of Its Own Network https://www.securityweek.com/treasury-levels-sanct...](https://x.com/Dinosn/status/1880824543889281362) - - [ ] [HTB: MonitorsThree https://0xdf.gitlab.io/2025/01/18/htb-monitorsthree.html](https://x.com/Dinosn/status/1880824428923408539) - - [ ] [FTC orders GM to stop collecting and selling driver’s data https://www.bleepingcomputer.com/news/legal/ftc-orders-gm-to-stop-collecting-and-selling-d...](https://x.com/Dinosn/status/1880824364985442688) - - [ ] [Lazarus APT Targets Job Seekers with “Contagious Interview” Campaign Using ClickFix Technique https://securityonline.info/lazarus-apt-targets-job-se...](https://x.com/Dinosn/status/1880824305753468968) - - [ ] [ShellSweep: detect potential webshell files in a specified directory https://meterpreter.org/shellsweep-detect-potential-webshell-files-in-a-specified...](https://x.com/Dinosn/status/1880824176409505795) - - [ ] [Krueger: Proof of Concept (PoC) .NET tool for remotely killing EDR with WDAC https://meterpreter.org/krueger-proof-of-concept-poc-net-tool-for-remotel...](https://x.com/Dinosn/status/1880824040413376783) -- Armin Ronacher's Thoughts and Writings - - [ ] [Automatic Server Reloading in Rust on Change: What is listenfd/systemfd?](http://lucumr.pocoo.org/2025/1/19/what-is-systemfd) -- Twitter @bytehx - - [ ] [Re @RootxRavi @Bugcrowd Congrats 🎉](https://x.com/bytehx343/status/1880802330616168804) -- Blogs dade - - [ ] [Weekly Retro 2025-W03](https://0xda.de/blog/2025/01/weekly-retro-2025-w03/) + - [ ] [仅249美元!英伟达推出超强AI开发套件,开启机器人与智能应用新纪元](https://blog.csdn.net/nokiaguy/article/details/145265736) + - [ ] [Python性能分析全攻略:从cProfile到line_profiler,全面优化你的代码](https://blog.csdn.net/nokiaguy/article/details/145260325) + - [ ] [Python中的内存管理揭秘:全面防止内存泄漏,提升程序稳定性](https://blog.csdn.net/nokiaguy/article/details/145260311) +- obaby@mars + - [ ] [搬家](https://h4ck.org.cn/2025/01/19019) +- 安全客-有思想的安全新媒体 + - [ ] [四个关键词,回眸360发力人才培育这一年](https://www.anquanke.com/post/id/303648) + - [ ] [Yubico 解决 pam-u2f 软件包中的身份验证绕过漏洞 CVE-2025-23013](https://www.anquanke.com/post/id/303645) + - [ ] [CVE-2024-53691: 针对严重 QNAP RCE 漏洞发布 PoC 漏洞利用程序](https://www.anquanke.com/post/id/303642) + - [ ] [微软开始强制升级 Windows 11 22H2、23H3 设备](https://www.anquanke.com/post/id/303639) + - [ ] [CVE-2024-49113 检测: 通过公开可用 PoC 利用 Windows LDAP 拒绝服务漏洞又名 LDAPNightmare](https://www.anquanke.com/post/id/303636) + - [ ] [微软修复 Windows Server 系统上 Office 365 应用程序崩溃问题](https://www.anquanke.com/post/id/303633) + - [ ] [恶意 PyPi 软件包窃取开发人员的 Discord 验证令牌](https://www.anquanke.com/post/id/303630) + - [ ] [Otelier 数据泄露事件暴露了数百万人的信息和酒店预订信息](https://www.anquanke.com/post/id/303627) + - [ ] [美国联邦贸易委员会命令通用汽车停止收集和出售驾驶员数据](https://www.anquanke.com/post/id/303624) + - [ ] [W3 Total Cache 插件中的一个漏洞使数十万个 WordPress 网站受到攻击](https://www.anquanke.com/post/id/303621) +- MaskRay + - [ ] [Natural loops](https://maskray.me/blog/2025-01-20-natural-loops) - Bug Bounty in InfoSec Write-ups on Medium - - [ ] [How I Utilized AI to Discover an Amazon S3 Bucket Takeover Vulnerability in Red Bull’s Bug Bounty…](https://infosecwriteups.com/how-i-utilized-ai-to-discover-an-amazon-s3-bucket-takeover-vulnerability-in-red-bulls-bug-bounty-503d3c4d995f?source=rss----7b722bfd1b8d--bug_bounty) - - [ ] [Finding my First SQL Injection On HackerOne](https://infosecwriteups.com/finding-my-first-sql-injection-on-hackerone-6a031ab5aa1c?source=rss----7b722bfd1b8d--bug_bounty) - - [ ] [Plan Ristriction Bypass for Slack Integration: 500$ Improper Validation Check Bug](https://infosecwriteups.com/plan-ristriction-bypass-for-slack-integration-500-improper-validation-check-bug-0c1acf6f01d3?source=rss----7b722bfd1b8d--bug_bounty) - - [ ] [User Enumeration: From Overlooked to Medium-Impact Bug](https://infosecwriteups.com/user-enumeration-from-overlooked-to-medium-impact-bug-48bbefa2ab3b?source=rss----7b722bfd1b8d--bug_bounty) - - [ ] [Exploiting IDOR in a Support Portal Chatbot](https://infosecwriteups.com/exploiting-idor-in-a-support-portal-chatbot-f1d0617bace1?source=rss----7b722bfd1b8d--bug_bounty) + - [ ] [How I found S3 buckets in Bug bounties](https://infosecwriteups.com/how-i-found-s3-buckets-in-bug-bounties-501faf76c3f9?source=rss----7b722bfd1b8d--bug_bounty) + - [ ] [Bypass HackerOne 2FA requirement and reporter blacklist](https://infosecwriteups.com/bypass-hackerone-2fa-requirement-and-reporter-blacklist-46d7959f1ee5?source=rss----7b722bfd1b8d--bug_bounty) +- Twitter @bytehx + - [ ] [Just scored a reward @intigriti, check my profile: https://app.intigriti.com/profile/bytehx #HackWithIntigriti](https://x.com/bytehx343/status/1881380986333839502) +- VMRay + - [ ] [Heavily obfuscated batch file loads XWorm hosted on GitHub](https://www.vmray.com/heavily-obfuscated-batch-file-loads-xworm-hosted-on-github/) +- SentinelOne + - [ ] [2024 macOS Malware Review | Infostealers, Backdoors, and APT Campaigns Targeting the Enterprise](https://www.sentinelone.com/blog/2024-macos-malware-review-infostealers-backdoors-and-apt-campaigns-targeting-the-enterprise/) - Reverse Engineering - - [ ] [Reverse-engineering a carry-lookahead adder in the Pentium](https://www.reddit.com/r/ReverseEngineering/comments/1i4oek3/reverseengineering_a_carrylookahead_adder_in_the/) + - [ ] [/r/ReverseEngineering's Weekly Questions Thread](https://www.reddit.com/r/ReverseEngineering/comments/1i5lbt8/rreverseengineerings_weekly_questions_thread/) + - [ ] [Malware Analysis of Fake Banking Reward APK Targeting WhatsApp Users](https://www.reddit.com/r/ReverseEngineering/comments/1i5svi7/malware_analysis_of_fake_banking_reward_apk/) + - [ ] [Reverse Engineering Bambu Connect](https://www.reddit.com/r/ReverseEngineering/comments/1i5lw80/reverse_engineering_bambu_connect/) +- Malwarebytes + - [ ] [Your location or browsing habits could lead to price increases when buying online](https://www.malwarebytes.com/blog/news/2025/01/your-location-or-browsing-habits-could-lead-to-price-increases-when-buying-online) + - [ ] [A week in security (January 13 – January 19)](https://www.malwarebytes.com/blog/news/2025/01/a-week-in-security-january-13-january-19) +- Wallarm + - [ ] [Considerations for Selecting the Best API Authentication Option](https://lab.wallarm.com/considerations-selecting-best-api-authentication-option/) +- 安全牛 + - [ ] [《后量子密码安全能力构建技术指南(2025年)》报告暨代表性厂商评估调研启动](https://mp.weixin.qq.com/s?__biz=MjM5Njc3NjM4MA==&mid=2651134771&idx=1&sn=d630c90006781716434e509b97c12856&chksm=bd15abe08a6222f621cc83ed26039da7ba363d15472e1102c14383eecf41b5ee7b6c2ef2e526&scene=58&subscene=0#rd) + - [ ] [马斯克称X不被允许在华运营情况需改变,外交部回应; 美国联邦调查局担忧AT&T数据泄露可能暴露线人身份 | 牛览](https://mp.weixin.qq.com/s?__biz=MjM5Njc3NjM4MA==&mid=2651134771&idx=2&sn=bf214740bb2023a8a3edc38463484c25&chksm=bd15abe08a6222f6f04fa76f0a94d12a1e81b2b7326b136daca55a3f0476d7b9a8d5898ed40d&scene=58&subscene=0#rd) +- rtl-sdr.com + - [ ] [A USB-C Mod for RTL-SDR Blog V3/V4 Dongles](https://www.rtl-sdr.com/a-usb-c-mod-for-rtl-sdr-blog-v3-v4-dongles/) + - [ ] [Locating an Intermittent Interferer with a KrakenSDR](https://www.rtl-sdr.com/locating-an-intermittent-interferer-with-a-krakensdr/) + - [ ] [Using an EFR32 IoT Microcontroller Transceiver as an SDR](https://www.rtl-sdr.com/using-an-efr32-iot-microcontroller-transceiver-as-an-sdr/) - 奇客Solidot–传递最新科技情报 - - [ ] [手游 Marvel Snap 因 TikTok 禁令从应用商店下架](https://www.solidot.org/story?sid=80372) - - [ ] [就业市场上的权力天平倾向了雇主](https://www.solidot.org/story?sid=80371) - - [ ] [对 TikTok 的禁令可能扩散到美国盟国](https://www.solidot.org/story?sid=80370) - - [ ] [TikTok 关闭美国服务](https://www.solidot.org/story?sid=80369) -- 黑海洋 - IT技术知识库 - - [ ] [Emby TV 安卓电视端 使用教程](https://blog.upx8.com/4674) + - [ ] [2024 年大气二氧化碳增幅创纪录](https://www.solidot.org/story?sid=80382) + - [ ] [欧盟考虑在消费品中禁止使用 PFAS](https://www.solidot.org/story?sid=80381) + - [ ] [Google 搜索服务开始要求启用 JavaScript](https://www.solidot.org/story?sid=80380) + - [ ] [Google Android 运行在 2024 年三分之二的新车上](https://www.solidot.org/story?sid=80379) + - [ ] [LibreOffice Writer 扩展为字处理软件加入可选的本地生成式 AI 功能](https://www.solidot.org/story?sid=80378) + - [ ] [亚马逊强推重返办公室但没有足够办公桌和停车位](https://www.solidot.org/story?sid=80377) + - [ ] [小鼠研究显示安眠药会干扰大脑清除废物](https://www.solidot.org/story?sid=80376) + - [ ] [摄像机首次捕捉到陨石掉落地面瞬间](https://www.solidot.org/story?sid=80375) + - [ ] [Linux 6.13 释出](https://www.solidot.org/story?sid=80374) + - [ ] [TikTok 恢复美国服务](https://www.solidot.org/story?sid=80373) +- HackerNews + - [ ] [欧盟《数字运营弹性法案》正式生效,严至监禁失职管理层](https://hackernews.cc/archives/56991) + - [ ] [网络安全领域研究人员遭遇假 PoC 专项攻击](https://hackernews.cc/archives/56995) + - [ ] [加拿大一 IT 公司被俄罗斯政府列入“不受欢迎”组织名单](https://hackernews.cc/archives/56987) + - [ ] [美国联邦贸易委员会:大数据监控定价导致消费者成本上升](https://hackernews.cc/archives/56985) + - [ ] [谷歌推出 OSV-SCALIBR 开源库用于软件成分分析](https://hackernews.cc/archives/56982) + - [ ] [恶意 PyPi 软件包窃取 Discord 开发者认证令牌](https://hackernews.cc/archives/56977) + - [ ] [俄罗斯黑客组织 Star Blizzard 在新钓鱼攻击活动中瞄准 WhatsApp 账户](https://hackernews.cc/archives/56975) + - [ ] [基于 Python 的机器人利用 PHP 服务器推动赌博平台泛滥](https://hackernews.cc/archives/56973) + - [ ] [WGS-804HPT 交换机存在严重漏洞将导致远程代码执行和网络利用](https://hackernews.cc/archives/56971) +- 绿盟科技技术博客 + - [ ] [【已支持暴露面风险排查】Rsync缓冲区溢出与信息泄露漏洞(CVE-2024-12084/CVE-2024-12085)](https://blog.nsfocus.net/cve-2024-12084-cve-2024-12085/) +- 安全客 + - [ ] [转型中的网络安全:拜登政府的警告和美国的未来](https://mp.weixin.qq.com/s?__biz=MzA5ODA0NDE2MA==&mid=2649787757&idx=1&sn=e5eae9b6df27d7b00015e86ca2284def&chksm=8893bd02bfe43414e51527c12e99fe7dbfabd348bcf33087f7044d95963b1907c7ae795d05e9&scene=58&subscene=0#rd) - 安全分析与研究 - - [ ] [R3 RootKit病毒技术研究入门](https://mp.weixin.qq.com/s?__biz=MzA4ODEyODA3MQ==&mid=2247490049&idx=1&sn=eec060b016a2c2c48b9a5a5a5a6ef745&chksm=902fb529a7583c3f0a2b0935cfd9f3df6108088566ca52d5bd9df83588d2b382a01ee1757d28&scene=58&subscene=0#rd) + - [ ] [UEFI BootKit学习路线与资料分享](https://mp.weixin.qq.com/s?__biz=MzA4ODEyODA3MQ==&mid=2247490058&idx=1&sn=8c80dfb3d169392af3a7821398c50637&chksm=902fb522a7583c34dbebe5255d0d954d1ac8bc4735bb19bc926e9c32a531e4f88c2c4666cda7&scene=58&subscene=0#rd) +- 奇安信 CERT + - [ ] [安全热点周报:Fortinet 警告利用身份验证绕过零日漏洞劫持防火墙](https://mp.weixin.qq.com/s?__biz=MzU5NDgxODU1MQ==&mid=2247502869&idx=1&sn=53f5cfd343a3cd7a4e8a32a6fe638138&chksm=fe79e88dc90e619b8c2c010457c1e44f3ff06dd47f4a8abd602deff354192c4b2842a3c0dfc3&scene=58&subscene=0#rd) +- Black Hills Information Security + - [ ] [Attack Tactics 9: Shadow Creds for PrivEsc w/ Kent & Jordan](https://www.blackhillsinfosec.com/attack-tactics-9-shadow-creds-for-privesc-wrapup/) +- 吾爱破解论坛 + - [ ] [吾爱破解论坛微信红包封面设计预览](https://mp.weixin.qq.com/s?__biz=MjM5Mjc3MDM2Mw==&mid=2651141587&idx=1&sn=91deda30d33d111b7478c3a764c2c468&chksm=bd50a5878a272c916e5fdba11db955248dd241def35150160f93e385c9782019e9bf0e6b1764&scene=58&subscene=0#rd) +- 代码卫士 + - [ ] [WGS-804HPT 交换机中存在多个严重漏洞,可导致RCE和网络利用](https://mp.weixin.qq.com/s?__biz=MzI2NTg4OTc5Nw==&mid=2247522124&idx=1&sn=8b928d650502c3cebc7b2ae0e85282a2&chksm=ea94a626dde32f303236d54cf10c68cbf25ac8104fe9a6280306ddbcce4f3ce7624240d24d9d&scene=58&subscene=0#rd) + - [ ] [PyPI 恶意包窃取Discord 开发人员的认证令牌](https://mp.weixin.qq.com/s?__biz=MzI2NTg4OTc5Nw==&mid=2247522124&idx=2&sn=98991414f4675f83bbb4a3935a2f16e1&chksm=ea94a626dde32f3016b9b39f894f63db177129413333eaf003c2ded003a435725967bc152c92&scene=58&subscene=0#rd) +- Dhole Moments + - [ ] [Session Round 2](https://soatok.blog/2025/01/20/session-round-2/) +- 威努特安全网络 + - [ ] [2024 CWE TOP25最危险软件弱点深度解析](https://mp.weixin.qq.com/s?__biz=MzAwNTgyODU3NQ==&mid=2651130546&idx=1&sn=af17cc33bcba30263b1062816452140a&chksm=80e71002b7909914201ecc3158a953b2ce81f616276e5123ebef52b60f922c7ff5b588c7c574&scene=58&subscene=0#rd) - 青衣十三楼飞花堂 - - [ ] [大路:高速中国里的工地纪事](https://mp.weixin.qq.com/s?__biz=MzUzMjQyMDE3Ng==&mid=2247487918&idx=1&sn=62fa743b6f7cd093a352b0917f89a0e8&chksm=fab2d291cdc55b87d7b94cecfbd60540e362d1a5c59f44c62911d214c10d2bce471e9c680efd&scene=58&subscene=0#rd) -- 丁爸 情报分析师的工具箱 - - [ ] [【资料】拟任美国中央情报局局长的拉特克利夫及其家人](https://mp.weixin.qq.com/s?__biz=MzI2MTE0NTE3Mw==&mid=2651148624&idx=1&sn=576c40259107f8aabc30212443488fee&chksm=f1af266ac6d8af7c3bec1081deebb88f2250a0d00614bd70fa3795f753849ec277a9f8463a5b&scene=58&subscene=0#rd) + - [ ] [凉山叙事](https://mp.weixin.qq.com/s?__biz=MzUzMjQyMDE3Ng==&mid=2247487923&idx=1&sn=27de2e79a46e08f68e6fd4cadd99c580&chksm=fab2d28ccdc55b9a7a2a150f12ecb0044c667e16fd09c9138fa3ca96b1c40acd0b8aa1cafd6e&scene=58&subscene=0#rd) +- FreeBuf网络安全行业门户 + - [ ] [新型Android恶意软件模仿聊天应用窃取敏感数据](https://www.freebuf.com/news/420346.html) + - [ ] [B站又爆大瓜!员工“代码投毒”报复网友](https://www.freebuf.com/news/420334.html) + - [ ] [验证码对抗之殇:Clickfix最新钓鱼事件分析报告](https://www.freebuf.com/articles/paper/420320.html) + - [ ] [解读出国劳务:表面邀请拍戏,实则人口交易,走上小路,却是末路!](https://www.freebuf.com/news/420316.html) + - [ ] [FreeBuf早报 | 网信办启动春节网络环境整治行动;美网络攻击我国某研究院细节公布](https://www.freebuf.com/news/420305.html) + - [ ] [惠普被黑客入侵,机密数据在暗网出售](https://www.freebuf.com/news/420293.html) + - [ ] [无需拆机!Windows 11 BitLocker加密文件被破解](https://www.freebuf.com/news/420297.html) + - [ ] [黑客滥用微软VSCode 远程隧道绕过安全工具](https://www.freebuf.com/news/420277.html) + - [ ] [《零日风暴》| 正式前导预告 | Netflix](https://www.freebuf.com/video/420267.html) + - [ ] [ChatGPT被曝存在爬虫漏洞,OpenAI未公开承认](https://www.freebuf.com/news/420273.html) + - [ ] [网络安全领域研究人员遭遇假PoC专项攻击](https://www.freebuf.com/news/420252.html) +- 奇安信威胁情报中心 + - [ ] [Operation(Giỗ Tổ Hùng Vương)hurricane:浅谈新海莲花组织在内存中的技战术](https://mp.weixin.qq.com/s?__biz=MzI2MDc2MDA4OA==&mid=2247513780&idx=1&sn=a2650f77b1b7a4b73b27ec637bef04d1&chksm=ea6641c3dd11c8d58e8cd03792f61e801bc69c868a2c7ccc64826afab019e4e19fa13ab75e3d&scene=58&subscene=0#rd) +- 腾讯玄武实验室 + - [ ] [每日安全动态推送(25/1/20)](https://mp.weixin.qq.com/s?__biz=MzA5NDYyNDI0MA==&mid=2651959996&idx=1&sn=39171e942cfb617360a556b8d9fa2dd3&chksm=8baed223bcd95b358ff9bd5dd95c2f60ad07fa4eaf7b8664a5947a32920fa4092f27c9b4e44d&scene=58&subscene=0#rd) +- 安全研究GoSSIP + - [ ] [G.O.S.S.I.P 技术笔记 2025-01-15 薛定谔的寄存器?](https://mp.weixin.qq.com/s?__biz=Mzg5ODUxMzg0Ng==&mid=2247499629&idx=1&sn=2890acf36b4707a5bf91f3c823c4a5db&chksm=c063d1b4f71458a27e12ffc8ec1fe880002d2d92968fadcda511a91279e30d0dacba4fa59f48&scene=58&subscene=0#rd) +- 中国信息安全 + - [ ] [全球视野 | 国际网安快讯(第46期)](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235156&idx=1&sn=0d1b4aa189b788c665f35ccc52b8c79c&chksm=8b58026dbc2f8b7b6d93de308202cb19c8415133a057bc6da6f722dede97d20b258b1d7472a6&scene=58&subscene=0#rd) + - [ ] [关注 | 中央网信办启动“清朗·2025年春节网络环境整治”专项行动](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235156&idx=2&sn=4b39d631ae07312faba443f5436ad10d&chksm=8b58026dbc2f8b7b91ed7170e231bcd136924c647b87e66b0462da74c185560ce2f6cd9e787a&scene=58&subscene=0#rd) + - [ ] [专家解读 | 蒋艳:促进数据标注能力提升,筑牢工业智能数据基础](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235156&idx=3&sn=558d06cf50feba02ada95b443dd3c827&chksm=8b58026dbc2f8b7b9eef3e6af4d43b30950f7189270bf1a2d3bca5bcca2741a0e8e19ea1ba22&scene=58&subscene=0#rd) + - [ ] [专家观点 | 构建多元化的人工智能训练数据供给体系](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235156&idx=4&sn=1dbca4b896271872f13bb321297280ba&chksm=8b58026dbc2f8b7b971cfdb62ca4b48021e6f8ef3b66a561160856f707769288e10ab71e982c&scene=58&subscene=0#rd) + - [ ] [国际 | 欧盟计划加强医疗保健行业网络安全](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235156&idx=5&sn=957baf161a599a455c3db7e971b5e1be&chksm=8b58026dbc2f8b7bbbcad45c446045a33301e9fff28222efaa28c4e2b68cc21f064468af3e20&scene=58&subscene=0#rd) + - [ ] [国际 | 日本强化“主动网络防御”能力](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235156&idx=6&sn=8ccd83bcc4b8e4593e6fdd896fa083e0&chksm=8b58026dbc2f8b7b5e4b966a6f54625e30dc69faafd8a70ef0171ade51902c00712b1acdc8cd&scene=58&subscene=0#rd) + - [ ] [评论 | 请读懂用“反向驯化”对付算法背后的诉求](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235156&idx=7&sn=f84b09b4c82d9bc9efe8c1c5f4c91a4d&chksm=8b58026dbc2f8b7baae14b0518073604a463b27203a7a6c6a7ba5b8c9cb577ae2d49f270693e&scene=58&subscene=0#rd) - dotNet安全矩阵 - - [ ] [.NET内网实战:通过 findstr 快速获取数据库连接密码](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498317&idx=1&sn=a5fbee0aae201e4dfbe1b11cd8875574&chksm=fa5954a0cd2eddb64b0d918c03c9bcd317a860e08c6e4b8154b1b5af1c4146c88ad78be379c2&scene=58&subscene=0#rd) - - [ ] [.NET 安全攻防知识交流社区](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498317&idx=2&sn=d7ca7d91aa1a789626ddce7bc16645ad&chksm=fa5954a0cd2eddb61fd6d64dce4872114b6810630ff226c508b9b940b8bf43a1c5061b1f1e2e&scene=58&subscene=0#rd) - - [ ] [.NET 第55期红队武器库和资源汇总](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498317&idx=3&sn=e32ddb9164eebb4dbe090802a5ff5d22&chksm=fa5954a0cd2eddb69193b05c5c3ffb37d6bff2b7cf2d0c2bfc9a329b7586a39b74d3010d81c3&scene=58&subscene=0#rd) + - [ ] [举一反三 ,通过 Sharp4SuoPoc 从原理上复现 Visual Studio 投毒事件的来龙去脉](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498340&idx=1&sn=f9aecfc3de35b8fac05e7e7d352da9e4&chksm=fa595489cd2edd9f317b3ce1a2e10a23a2a5c3c3fc4a16daa713ac76716cec8ef519e525b37a&scene=58&subscene=0#rd) + - [ ] [国内最专业、最全面的 [ .NET 代码审计 ] 体系化学习交流社区](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498340&idx=2&sn=a8a67dc9e2cd5c4ec82e4a85c1fe2342&chksm=fa595489cd2edd9f25ac05370f0e47f84cb3e8c701746b35f4a0bfb09ae483e152785aeeb67c&scene=58&subscene=0#rd) + - [ ] [.NET 第 55 期红队武器库和资源汇总](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498340&idx=3&sn=7c60cbd1b12469d5e4f5c6db12ca1cb4&chksm=fa595489cd2edd9fd5bb60e9788f1ae5294e1852fb76568985d137f3a1b3dde16d6bcfcd9495&scene=58&subscene=0#rd) +- 丁爸 情报分析师的工具箱 + - [ ] [【知识点】解密:HUMINT、SIGINT、OSINT、MASINT、GEOINT 、IMINT、SOCMINT、MEDINT等](https://mp.weixin.qq.com/s?__biz=MzI2MTE0NTE3Mw==&mid=2651148633&idx=1&sn=80a6c18af41984c8aaa601f82ccd7ac8&chksm=f1af2663c6d8af75a845402ef2f96cb2f9a94fd38ebb787c3390cc9a9cda2de4f06e26baa64f&scene=58&subscene=0#rd) +- 数世咨询 + - [ ] [新西兰跻身云安全漏洞排名前十](https://mp.weixin.qq.com/s?__biz=MzkxNzA3MTgyNg==&mid=2247534891&idx=1&sn=442f5697287365e019e20cb29c0a8008&chksm=c1443b96f633b280e3859a3441a858dda1412ce36b7957734a73bf3c683102b57bad82ee504a&scene=58&subscene=0#rd) +- 微步在线 + - [ ] [零差评的NDR,都做对了什么?](https://mp.weixin.qq.com/s?__biz=MzI5NjA0NjI5MQ==&mid=2650183053&idx=1&sn=92ff24e4a5e517b359ccd30b8274a5f6&chksm=f4486e31c33fe7279d803461244b6437f24fcba89a8c0040cee9fb53be84431992cedcf81281&scene=58&subscene=0#rd) +- 极客公园 + - [ ] [荣耀开启新一轮无限游戏:换帅、AI 和出海](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653072381&idx=1&sn=59b10e027ecd8cf16913597da4808654&chksm=7e57d64b49205f5d6d1a059def189b6fd38bba2e3c0be18dc4bbbd18ed40d8ca4f5a21f028bb&scene=58&subscene=0#rd) + - [ ] [对话 Mirumi 创造者:CES上爆火的陪伴机器人是怎样炼成的?](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653072363&idx=1&sn=feda9287cf8b3068ce7f17923c00d078&chksm=7e57d65d49205f4b15641187aaca3c587e0d4b05aa12dd633c11226bc00b5361d10c22ddf874&scene=58&subscene=0#rd) +- CNVD漏洞平台 + - [ ] [CNVD漏洞周报2025年第3期](https://mp.weixin.qq.com/s?__biz=MzU3ODM2NTg2Mg==&mid=2247495715&idx=1&sn=c02f8d40b18ff20468aa338efd776c5d&chksm=fd74c0eaca0349fcf48893554150aa62b8d148205e3198526c654194241638eafab9530bc6b5&scene=58&subscene=0#rd) + - [ ] [上周关注度较高的产品安全漏洞(20250113-20250119)](https://mp.weixin.qq.com/s?__biz=MzU3ODM2NTg2Mg==&mid=2247495715&idx=2&sn=b9b9d870553d36e181ba7d1702fde7da&chksm=fd74c0eaca0349fcd7eabae533b4d6bf7f8a8cf66309cb1e93c0c20500d376dc0ac4c5436fe6&scene=58&subscene=0#rd) - 安全圈 - - [ ] [【安全圈】可能对企业产生严重影响:字节跳动飞书海外版Lark也将在美国市场停止运营](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067480&idx=1&sn=c2d0bb267baf11570d6e3253fa3ff4fe&chksm=f36e7ad8c419f3ce38cfc35ec6bd2c637b49c85b101d0b057484bc1ace20d684457a77a7a7eb&scene=58&subscene=0#rd) - - [ ] [【安全圈】微软已经修复Microsoft 365在Windows Server 2016/2019上崩溃的问题](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067480&idx=2&sn=e94b5cb3a624cdca3e6452bf7c79d7a8&chksm=f36e7ad8c419f3cef73c242196a8499de4c2c79ec90ca98bd662ee5575f6ac22d4041dcd89d4&scene=58&subscene=0#rd) - - [ ] [【安全圈】FTC 要求通用汽车停止收集和销售驾驶员数据](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067480&idx=3&sn=220a3c1eb7166bba53400942dfa9cab1&chksm=f36e7ad8c419f3ce7eec3c9934f5c50798a83c044de9ed8607edfb8e503cd95268521f790488&scene=58&subscene=0#rd) - - [ ] [【安全圈】CL-UNK-0979 利用 Ivanti Connect Secure 中的零日漏洞获取网络访问权限](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067480&idx=4&sn=8dc7094933166fceeb2e467f38e23545&chksm=f36e7ad8c419f3ce413fdcd09b7fbf2c3828fe34b5aca8c6a3b0d570a1f213c166b9943c4be8&scene=58&subscene=0#rd) + - [ ] [【安全圈】宁波某化工企业被境外势力获取危险源监控视频数据](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067503&idx=1&sn=018f26decbcead5c44d6897dcaac4696&chksm=f36e7aefc419f3f998508894e072b07d360f8ce003a7829c7e3e59b6e38963c000cb35563009&scene=58&subscene=0#rd) + - [ ] [【安全圈】黑客声称惠普企业遭入侵,列出待售数据](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067503&idx=2&sn=91d7e9ae298ff62eea78d7143853f356&chksm=f36e7aefc419f3f91633b7a176be4cb6885a0df37a85ddd11366df9baa8f003ef67da3e56566&scene=58&subscene=0#rd) + - [ ] [【安全圈】黑客滥用 Microsoft VSCode 远程隧道绕过安全工具](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067503&idx=3&sn=0b2738a898f48ebbcd35b935ea9b9b9b&chksm=f36e7aefc419f3f9825e2bcdb1346a6a0cfc125b0362317ae276f36f4a15f976800acc71e733&scene=58&subscene=0#rd) + - [ ] [【安全圈】无需拆卸笔记本电脑即可访问 Windows 11 BitLocker 加密文件](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067503&idx=4&sn=17aa39950a2ad339c5c9189715ebc4f2&chksm=f36e7aefc419f3f9cb51bb87bb1f571572cf3b66429795fbd19cc7536069f74aa0232d0c9cc2&scene=58&subscene=0#rd) - 情报分析师 - - [ ] [揭秘俄罗斯人力情报的全新布局](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650559015&idx=1&sn=37962d35fd4ae69a3f4a81abdff654e7&chksm=87117c6cb066f57aa21d4ea03c2085ec0beb649116bd42891f430041cf6993324f15a4dcce41&scene=58&subscene=0#rd) -- 极客公园 - - [ ] [时隔 8 年,任天堂 Switch 2 终于来了,你买吗!](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653072331&idx=1&sn=2f8f2f9d50771b9c3f15cac061f8cff5&chksm=7e57d67d49205f6b80e31d9a0db91bdb72aeb161490952954a50f42f6e6407a71de7670d311a&scene=58&subscene=0#rd) - - [ ] [突发丨TikTok 在美停止服务,美区 iOS、安卓已下架](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653072318&idx=1&sn=39714f4d9915dd2b8a13f2ee5e0d1dc4&chksm=7e57d60849205f1e5b367c604a88c280ee2430767ce018c69a868cd6e0a3ace6cd34660af42f&scene=58&subscene=0#rd) - - [ ] [CES2025 结束后,我们发现这 15 个硬件最好玩](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653072318&idx=2&sn=01f4b2ec30208ccde2ff857f379c582f&chksm=7e57d60849205f1e587b175eb8e43d2af4043ce37102178a86e3559f30e72ee5496af3b47244&scene=58&subscene=0#rd) - - [ ] [特朗普称极有可能给 TT 90 天延期;淘宝成蛇年春晚电商互动平台;罗永浩:不是没有为 AIOS 做手机的可能 | 极客早知道](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653072306&idx=1&sn=89adf3a1ce8d4ba450cc7ac7f6979885&chksm=7e57d60449205f1299e2dbb972c999b2f84092c376740374ba2498ce61e97f58d6c8ad726960&scene=58&subscene=0#rd) -- 航行笔记 - - [ ] [直播倒计时2天:在企业做安全和对外做安全产品有什么差异?](https://mp.weixin.qq.com/s?__biz=MzIyOTAxOTYwMw==&mid=2650236931&idx=1&sn=5b12e1b5c57ec2f8e03facbaa312a866&chksm=f04ad2bfc73d5ba9b46c82cf018950f19f81242dba0075d77e4444c272175b419961197759d8&scene=58&subscene=0#rd) + - [ ] [【深度研究】如何用开源情报与验证技术挖掘互联网的隐藏真相](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650559107&idx=1&sn=d4395815742a56a0b089bcbdd91c3d70&chksm=87117cc8b066f5de0c1760ba5048934bc55a194aef2689e5a9a8c6c57dfc9c43f8d060375331&scene=58&subscene=0#rd) + - [ ] [伊俄签订全面战略伙伴条约对我风险研判](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650559107&idx=2&sn=a7f4517c1d2dc7c3812ea3cd778b7ae2&chksm=87117cc8b066f5ded35fd6591e36d01e85717c318664ade912a6ceeeb91d6ea5f65538ff104d&scene=58&subscene=0#rd) - 墨菲安全 - - [ ] [直播倒计时2天:在企业做安全和对外做安全产品有什么差异?](https://mp.weixin.qq.com/s?__biz=MzkwOTM0MjI5NQ==&mid=2247488032&idx=1&sn=4979d3ea51fb5e28ee8336d903a77a65&chksm=c13d7118f64af80eba6460f7d74506ba94e2c442fbff6d2f97dd79f0130fe286619c24a178c3&scene=58&subscene=0#rd) -- 迪哥讲事 - - [ ] [$40,000的RCE!](https://mp.weixin.qq.com/s?__biz=MzIzMTIzNTM0MA==&mid=2247496907&idx=1&sn=bf65d0102436150a0dc5482d51b5c998&chksm=e8a5fea8dfd277be56fc6d30fe19c8d65094b9ea55e1628f0c5742c243d612eee6b973167e6b&scene=58&subscene=0#rd) + - [ ] [36氪广东首发 | 以供应链视角推动企业软件安全架构升级,「墨菲安全」获数千万pre-A轮融资](https://mp.weixin.qq.com/s?__biz=MzkwOTM0MjI5NQ==&mid=2247488047&idx=1&sn=3176a6f993fd1c1d1fe0b03cbac70b6c&chksm=c13d7117f64af801d9153ac2691a2c0a56d0ca540e4ff90ee863c60b206f7e32a07d1f39cde4&scene=58&subscene=0#rd) +- 安全内参 + - [ ] [因遭勒索软件泄露超近250万人临床信息,这家生物公司赔偿5400万元](https://mp.weixin.qq.com/s?__biz=MzI4NDY2MDMwMw==&mid=2247513542&idx=1&sn=7dc1d619a87db4ddb927b6fb3ff62ff1&chksm=ebfaf2e6dc8d7bf0a8026fb160bb90c03136633fffceb3237e66198cde12fc14049bcc05e6d0&scene=58&subscene=0#rd) + - [ ] [美国务院首次实施“网络安全运营需求外国援助计划”](https://mp.weixin.qq.com/s?__biz=MzI4NDY2MDMwMw==&mid=2247513542&idx=2&sn=a15c26b60bc01c84fa61304952a8e690&chksm=ebfaf2e6dc8d7bf059c60d0b270de70171b873273cffd4aada3f465a8e3dee5abd717cba2a3a&scene=58&subscene=0#rd) +- 嘶吼专业版 + - [ ] [2024中国网络安全产业势能榜优能企业「医疗行业」典型案例展示](https://mp.weixin.qq.com/s?__biz=MzI0MDY1MDU4MQ==&mid=2247580903&idx=1&sn=44413743a587bf5c4d3afb17ea77ebfc&chksm=e9146cddde63e5cb900190a36756ef024ec4fd8b30f5a7eb06d8fc0c23649cb50159aa96c397&scene=58&subscene=0#rd) + - [ ] [安全动态回顾|《信息技术 信息安全事件管理 第4部分:协同》正式发布 黑客利用Google搜索广告窃取Google Ads帐户](https://mp.weixin.qq.com/s?__biz=MzI0MDY1MDU4MQ==&mid=2247580903&idx=2&sn=9dcd6ddb22e3ee16847f8c8d15241de9&chksm=e9146cddde63e5cb1d7218c1d4585a1f4f7c66c2e3960ea2056660e512ba78b3b4a8c082995b&scene=58&subscene=0#rd) +- 看雪学苑 + - [ ] [学习PE文件后的第一次实践项目之DLL反射型注入](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458588763&idx=1&sn=3f8a5ac4ea9d15820cc2cd6d5692963e&chksm=b18c26d186fbafc70f3e7c1673c15273d3202d1ec5d43301132c3a6e91aee46636b5ff4d87a8&scene=58&subscene=0#rd) + - [ ] [开源工具 rsync 曝重大漏洞,黑客可越界写入缓冲区远程执行代码](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458588763&idx=2&sn=987fea6e7bc8cce2c77f2e2035072ac4&chksm=b18c26d186fbafc74e6a05aa86e92183c63d2d9a959a88738a9e938d04954b0f5f417afec628&scene=58&subscene=0#rd) + - [ ] [今日更新:第4章2节-模糊测试工具基础使用](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458588763&idx=3&sn=094fc7e969bab88e07445fbca7b4b304&chksm=b18c26d186fbafc725a11592c164103b7ebcb3a2f8d879a28251fb5ca867598ddb4028856983&scene=58&subscene=0#rd) +- LuxSci + - [ ] [LuxSci Unveils New Secure Forms Features for Flexible Editing, Integrated Workflows, and Save Histories](https://luxsci.com/blog/new-secure-forms-features.html) +- 威胁棱镜 + - [ ] [实战派第二期沙龙(办公终端安全)随笔](https://mp.weixin.qq.com/s?__biz=MzkyMzE5ODExNQ==&mid=2247487604&idx=1&sn=03667e822fa1aeec7a80ec5277f40f32&chksm=c1e9e7b8f69e6eaef337bb4c0d8c67081221d5e96d5af824eed5bd160b4a99a8b28593dd3238&scene=58&subscene=0#rd) +- Krypt3ia + - [ ] [Threat Brief: Security Issues Surrounding TikTok and Its Potential for Espionage and Misinformation Campaigns](https://krypt3ia.wordpress.com/2025/01/20/threat-brief-security-issues-surrounding-tiktok-and-its-potential-for-espionage-and-misinformation-campaigns/) - Over Security - Cybersecurity news aggregator - - [ ] [Tear Down The Castle - Part 1](https://dfir.ch/posts/tear_down_castle_part_one/) - - [ ] [Tracking Adversaries: Ghostwriter APT Infrastructure](https://blog.bushidotoken.net/2025/01/tracking-adversaries-ghostwriter-apt.html) - - [ ] [TikTok is back up in the US after Trump says he will extend deadline](https://www.bleepingcomputer.com/news/software/tiktok-is-back-up-in-the-us-after-trump-says-he-will-extend-deadline/) - - [ ] [Star Blizzard hackers abuse WhatsApp to target high-value diplomats](https://www.bleepingcomputer.com/news/security/star-blizzard-hackers-abuse-whatsapp-to-target-high-value-diplomats/) - - [ ] [TikTok shuts down in the US as Trump throws the company a lifeline](https://www.bleepingcomputer.com/news/software/tiktok-shuts-down-in-the-us-as-trump-throws-the-company-a-lifeline/) -- SANS Internet Storm Center, InfoCON: green - - [ ] [Zero Trust and Entra ID Conditional Access, (Sun, Jan 19th)](https://isc.sans.edu/diary/rss/31602) + - [ ] [Microsoft: Exchange 2016 and 2019 reach end of support in October](https://www.bleepingcomputer.com/news/microsoft/microsoft-exchange-2016-and-2019-reach-end-of-support-in-october/) + - [ ] [HPE investigates breach as hacker claims to steal source code](https://www.bleepingcomputer.com/news/security/hewlett-packard-enterprise-investigates-new-breach-claims/) + - [ ] [Ukraine restores state registers after suspected Russian cyberattack](https://therecord.media/ukraine-restores-registers-after-cyberattack) + - [ ] [Microsoft fixes Windows Server 2022 bug breaking device boot](https://www.bleepingcomputer.com/news/microsoft/microsoft-fixes-windows-server-2022-bug-breaking-device-boot/) + - [ ] [Philippines arrests Chinese national suspected of spying on critical infrastructure](https://therecord.media/philippines-arrests-chinese-nationa-spying-critical-infrastructure) + - [ ] [Fortinet Zero-Day CVE-2024-55591 Exposed: Super-Admin Access Risk](https://cyble.com/blog/cve-2024-55591-the-fortinet-flaw-putting-critical-systems-at-risk/) + - [ ] [Cyble Sensors Detect Attacks on Check Point, Ivanti and More](https://cyble.com/blog/cyble-sensors-detect-attacks-on-check-point-ivanti-and-more/) + - [ ] [SentinelOne estende Purple AI alle soluzioni di sicurezza di terze parti](https://www.securityinfo.it/2025/01/20/sentinelone-estende-purple-ai-alle-soluzioni-di-sicurezza-di-terze-parti/) + - [ ] [Malicious extensions circumvent Google’s remote code ban](https://palant.info/2025/01/20/malicious-extensions-circumvent-googles-remote-code-ban/) + - [ ] [Transition from IBM QRadar to Sekoia for a modern & rewarding experience](https://blog.sekoia.io/transition-from-ibm-qradar-to-sekoia-for-a-modern-rewarding-experience/) + - [ ] [Microsoft shares temp fix for Outlook crashing when writing emails](https://www.bleepingcomputer.com/news/microsoft/microsoft-shares-temp-fix-for-outlook-crashing-when-writing-emails/) + - [ ] [Ancora attacchi ad opera di Vidar: cadenza regolare e vecchie strategie sempre efficaci](https://cert-agid.gov.it/news/ancora-attacchi-ad-opera-di-vidar-cadenza-regolare-e-vecchie-strategie-sempre-efficaci/) + - [ ] [FOSDEM 2025](https://www.certego.net/blog/fosdem-2025-certego-tra-gli-speaker-evento-dedicato-al-mondo-software-open-source/) + - [ ] [Riflessione sulle Free WiFi](https://roccosicilia.com/2025/01/20/riflessione-sulle-free-wifi/) + - [ ] [CERT-AGID 11 – 17 gennaio: una campagna di phishing sul Ministero della Salute e di nuovo Lumma Stealer.](https://www.securityinfo.it/2025/01/20/cert-agid-11-17-gennaio-una-campagna-di-phishing-sul-ministero-della-salute-e-di-nuovo-lumma-stealer/) +- bellingcat + - [ ] [The Rise of Nitazenes: Chinese Suppliers Behind Ads for Deadly Opioids Targeting Europe](https://www.bellingcat.com/news/2025/01/20/chinese-link-to-nitazenes-targeting-europe/) +- 安全419 + - [ ] [重新定义云优先时代的第三方治理和身份](https://mp.weixin.qq.com/s?__biz=MzUyMDQ4OTkyMg==&mid=2247546726&idx=1&sn=3814386756a35a94f19c0ee42150f30d&chksm=f9ebe9cbce9c60dd07f48ddfa60b488ee7b303a6a8f3f5d7b68cac50988ba9be7d8766abcc1e&scene=58&subscene=0#rd) +- 360数字安全 + - [ ] [滴!您有一封来自360安全大模型的年度报告待查收](https://mp.weixin.qq.com/s?__biz=MzA4MTg0MDQ4Nw==&mid=2247579147&idx=1&sn=0643e297c264261888a85bdd3bd4b117&chksm=9f8d2603a8faaf158eecc4ba3bdcf21338f00b6215aa681a645907b23b47fe843a188c825547&scene=58&subscene=0#rd) +- 迪哥讲事 + - [ ] [从信息泄露到越权再到弱口令](https://mp.weixin.qq.com/s?__biz=MzIzMTIzNTM0MA==&mid=2247496915&idx=1&sn=ab34ad81c6b8fa8f2d00b9513c025fa4&chksm=e8a5feb0dfd277a6690903a4e8d90d6f98dca468b4aedfd0ef1058382c9c1dd0f2e07a75de5e&scene=58&subscene=0#rd) +- Securityinfo.it + - [ ] [SentinelOne estende Purple AI alle soluzioni di sicurezza di terze parti](https://www.securityinfo.it/2025/01/20/sentinelone-estende-purple-ai-alle-soluzioni-di-sicurezza-di-terze-parti/?utm_source=rss&utm_medium=rss&utm_campaign=sentinelone-estende-purple-ai-alle-soluzioni-di-sicurezza-di-terze-parti) + - [ ] [CERT-AGID 11 – 17 gennaio: una campagna di phishing sul Ministero della Salute e di nuovo Lumma Stealer.](https://www.securityinfo.it/2025/01/20/cert-agid-11-17-gennaio-una-campagna-di-phishing-sul-ministero-della-salute-e-di-nuovo-lumma-stealer/?utm_source=rss&utm_medium=rss&utm_campaign=cert-agid-11-17-gennaio-una-campagna-di-phishing-sul-ministero-della-salute-e-di-nuovo-lumma-stealer) - ICT Security Magazine - - [ ] [Cybercrime 2025: Nuove Sfide per la Sicurezza Digitale](https://www.ictsecuritymagazine.com/notizie/cybercrime-2025/) -- Computer Forensics - - [ ] [Is there a way to recover the original timestamps of a folder or file in Windows?](https://www.reddit.com/r/computerforensics/comments/1i59xff/is_there_a_way_to_recover_the_original_timestamps/) - - [ ] [Hardware recommendations for a Cyber forensics student](https://www.reddit.com/r/computerforensics/comments/1i4po0t/hardware_recommendations_for_a_cyber_forensics/) -- netsecstudents: Subreddit for students studying Network Security and its related subjects - - [ ] [Landed my first internship. What should I do to prepare? How should I set up my homelab?](https://www.reddit.com/r/netsecstudents/comments/1i5aqac/landed_my_first_internship_what_should_i_do_to/) - - [ ] [LFI on DVWA can't open script in /tmp/](https://www.reddit.com/r/netsecstudents/comments/1i51u1q/lfi_on_dvwa_cant_open_script_in_tmp/) -- Social Engineering - - [ ] [Is there a way to see where a phone number is being held or quarantined ?](https://www.reddit.com/r/SocialEngineering/comments/1i53r6k/is_there_a_way_to_see_where_a_phone_number_is/) + - [ ] [Big Data: Gestione e Analisi dei Dati su Larga Scala](https://www.ictsecuritymagazine.com/articoli/big-data-cosa-sono/) +- 娜璋AI安全之家 + - [ ] [[AI安全论文] (36)C&S22 MPSAutodetect:基于自编码器的恶意Powershell脚本检测模型](https://mp.weixin.qq.com/s?__biz=Mzg5MTM5ODU2Mg==&mid=2247501253&idx=1&sn=7f467401adcf67cc67d7c2d3573e7c2e&chksm=cfcf7508f8b8fc1e5be31d7896f233c533e1591fe41a83de83293ee9930109814a8eadfc435b&scene=58&subscene=0#rd) +- SANS Internet Storm Center, InfoCON: green + - [ ] [Partial ZIP File Downloads, (Mon, Jan 20th)](https://isc.sans.edu/diary/rss/31608) + - [ ] [ISC Stormcast For Monday, January 20th, 2025 https://isc.sans.edu/podcastdetail/9286, (Mon, Jan 20th)](https://isc.sans.edu/diary/rss/31604) +- 360威胁情报中心 + - [ ] [APT-C-26(Lazarus)组织持续升级攻击武器,利用Electron程序瞄准加密货币行业](https://mp.weixin.qq.com/s?__biz=MzUyMjk4NzExMA==&mid=2247505519&idx=1&sn=594229f2c0123673d1fa9c6cf729858b&chksm=f9c1e566ceb66c701d875de8481fe02d89654d4b56cfc51088de6e421cb701437cdab52a0851&scene=58&subscene=0#rd) +- FuzzWiki + - [ ] [DeepGo: 预测定向灰盒模糊测试](https://mp.weixin.qq.com/s?__biz=MzU1NTEzODc3MQ==&mid=2247486916&idx=1&sn=6c5e8170932409049927f3b79468ae99&chksm=fbd9a678ccae2f6e581227dcdcc23e37f5f45c8fddefd134ce6a27c2a5563c29dc7126637abb&scene=58&subscene=0#rd) +- 白泽安全实验室 + - [ ] [因WordPress新漏洞,全球数百万网站面临被攻击风险](https://mp.weixin.qq.com/s?__biz=MzI0MTE4ODY3Nw==&mid=2247492526&idx=1&sn=247ea35cbbd8abee04db13ecd2a84025&chksm=e90dc984de7a4092b4afde879c894da6d97959d30ded3154090dba8f222c4e460b1ee2a8519b&scene=58&subscene=0#rd) +- The Hacker News + - [ ] [Unsecured Tunneling Protocols Expose 4.2 Million Hosts, Including VPNs and Routers](https://thehackernews.com/2025/01/unsecured-tunneling-protocols-expose-42.html) + - [ ] [DoNot Team Linked to New Tanzeem Android Malware Targeting Intelligence Collection](https://thehackernews.com/2025/01/donot-team-linked-to-new-tanzeem.html) + - [ ] [⚡ THN Weekly Recap: Top Cybersecurity Threats, Tools and Tips [20 January]](https://thehackernews.com/2025/01/thn-weekly-recap-top-cybersecurity_20.html) + - [ ] [Product Walkthrough: How Satori Secures Sensitive Data From Production to AI](https://thehackernews.com/2025/01/product-walkthrough-how-satori.html) + - [ ] [Hackers Deploy Malicious npm Packages to Steal Solana Wallet Keys via Gmail SMTP](https://thehackernews.com/2025/01/hackers-deploy-malicious-npm-packages.html) +- 0x727开源安全团队 + - [ ] [什么是ChkApi?(专为金融行业开源的API安全检测工具)](https://mp.weixin.qq.com/s?__biz=MzkwNTI3MjIyOQ==&mid=2247484132&idx=1&sn=721763ec693c93569325551122bb5e05&chksm=c0fb0c2ef78c85380ed2cb3e14dff253bd82118f740b9ff0c38dd08d365238d19bd7579adb3d&scene=58&subscene=0#rd) +- TorrentFreak + - [ ] [Authors Seek Meta’s Torrent Client Logs and Seeding Data in AI Piracy Probe](https://torrentfreak.com/authors-seek-metas-torrent-client-logs-and-seeding-data-in-ai-piracy-probe-250120/) + - [ ] [Man Jailed For Pirate IPTV Used By “Hundreds of Thousands” Had 2,000 Users](https://torrentfreak.com/man-jailed-for-pirate-iptv-used-by-100s-of-thousands-had-2000-subscribers-250120/) - The Register - Security - - [ ] [OpenAI's ChatGPT crawler can be tricked into DDoSing sites, answering your queries](https://go.theregister.com/feed/www.theregister.com/2025/01/19/openais_chatgpt_crawler_vulnerability/) + - [ ] [Hackers game out infowar against China with the US Navy](https://go.theregister.com/feed/www.theregister.com/2025/01/20/china_taiwan_wargames/) + - [ ] [How to leave the submarine cable cutters all at sea – go Swedish](https://go.theregister.com/feed/www.theregister.com/2025/01/20/opinion_column_submarine_cables/) + - [ ] [Ransomware attack forces Brit high school to shut doors](https://go.theregister.com/feed/www.theregister.com/2025/01/20/blacon_high_school_ransomware/) + - [ ] [Sage Copilot grounded briefly to fix AI misbehavior](https://go.theregister.com/feed/www.theregister.com/2025/01/20/sage_copilot_data_issue/) + - [ ] [Datacus extractus: Harry Potter publisher breached without resorting to magic](https://go.theregister.com/feed/www.theregister.com/2025/01/20/harry_potter_publisher_breach/) + - [ ] [When food delivery apps reached Indonesia, everyone put on weight](https://go.theregister.com/feed/www.theregister.com/2025/01/20/asia_tech_news_roundup/) + - [ ] [Donald Trump proposes US government acquire half of TikTok, which thanks him and restores service](https://go.theregister.com/feed/www.theregister.com/2025/01/20/trump_tiktok_nationalization_idea/) +- Security Breached Blog + - [ ] [Purple Teaming: What Not to Do in OT & IoT Testing to Avoid Halting the Factory or Sinking the Oil Rig](https://blog.securitybreached.org/2025/01/20/purple-teaming-what-not-to-do-in-ot-iot-testing-to-avoid-halting-the-factory-or-sinking-the-oil-rig/) - Security Affairs - - [ ] [SECURITY AFFAIRS MALWARE NEWSLETTER – ROUND 29](https://securityaffairs.com/173232/malware/security-affairs-malware-newsletter-round-29.html) - - [ ] [Security Affairs newsletter Round 507 by Pierluigi Paganini – INTERNATIONAL EDITION](https://securityaffairs.com/173227/uncategorized/security-affairs-newsletter-round-507-by-pierluigi-paganini-international-edition.html) - - [ ] [A flaw in the W3 Total Cache plugin exposes hundreds of thousands of WordPress sites to attacks](https://securityaffairs.com/173219/security/w3-total-cache-wordpress-plugin-cve-2024-12365.html) + - [ ] [HPE is investigating IntelBroker’s claims of the company hack](https://securityaffairs.com/173265/data-breach/hpe-is-investigating-intelbrokers-claims-of-hack.html) + - [ ] [Esperts found new DoNot Team APT group’s Android malware](https://securityaffairs.com/173257/apt/donot-team-android-malware.html) + - [ ] [Malicious npm and PyPI target Solana Private keys to steal funds from victims’ wallets](https://securityaffairs.com/173249/cyber-crime/malicious-npm-and-pypi-target-solana-private-keys.html) + - [ ] [Planet WGS-804HPT Industrial Switch flaws could be chained to achieve remote code execution](https://securityaffairs.com/173237/security/wgs-804hpt-flaws.html) - Hacking Exposed Computer Forensics Blog - - [ ] [Daily Blog #721: Solution Saturday 1/18/25](https://www.hecfblog.com/2025/01/daily-blog-721-solution-saturday-11825.html) -- The Hacker News - - [ ] [TikTok Goes Dark in the U.S. as Federal Ban Takes Effect January 19, 2025](https://thehackernews.com/2025/01/tiktok-goes-dark-in-us-as-federal-ban.html) -- TorrentFreak - - [ ] [‘Piracy Shield’ Fails to Convert Pirates to Paying Subscribers, Data Suggest](https://torrentfreak.com/piracy-shield-fails-to-convert-pirates-to-paying-subscribers-data-suggest-250119/) + - [ ] [Daily Blog #723: Sunday Funday 1/19/25](https://www.hecfblog.com/2025/01/daily-blog-723-sunday-funday-11925.html) +- Deeplinks + - [ ] [VPNs Are Not a Solution to Age Verification Laws](https://www.eff.org/deeplinks/2025/01/vpns-are-not-solution-age-verification-laws) +- 白帽子章华鹏 + - [ ] [直播倒计时1天:AI生成代码会带来更广泛的软件供应链攻击吗?](https://mp.weixin.qq.com/s?__biz=MzIyOTAxOTYwMw==&mid=2650236946&idx=1&sn=2b4b09bfcc905f6ec14b7d509e1a6ed6&chksm=f04ad2aec73d5bb8e4f014c49705f57df429dafdee65fdf854748b00721ba0d3dbf029444309&scene=58&subscene=0#rd) - Your Open Hacker Community - - [ ] [How to make mail combos](https://www.reddit.com/r/HowToHack/comments/1i5d082/how_to_make_mail_combos/) - - [ ] [USB AutoRun](https://www.reddit.com/r/HowToHack/comments/1i5613w/usb_autorun/) - - [ ] [I found a huge vulnerability in a website which is live from a while, how should I proceed now?](https://www.reddit.com/r/HowToHack/comments/1i524zp/i_found_a_huge_vulnerability_in_a_website_which/) - - [ ] [Confused about the difference between Bash Shell and Bash Shell SESSION](https://www.reddit.com/r/HowToHack/comments/1i4tyqb/confused_about_the_difference_between_bash_shell/) - - [ ] [How do I start?](https://www.reddit.com/r/HowToHack/comments/1i59myg/how_do_i_start/) - - [ ] [Websites like clone a site](https://www.reddit.com/r/HowToHack/comments/1i561mi/websites_like_clone_a_site/) - - [ ] [How to scam I wanna learn for free I done go scammed tryna learn how to scam](https://www.reddit.com/r/HowToHack/comments/1i582el/how_to_scam_i_wanna_learn_for_free_i_done_go/) - - [ ] [My friends dad is a bad guy, how to hack /phish(nothing too crazy) or Rick roll him as a prank](https://www.reddit.com/r/HowToHack/comments/1i5639j/my_friends_dad_is_a_bad_guy_how_to_hack/) + - [ ] [How do hackers divert ships? (read description)](https://www.reddit.com/r/HowToHack/comments/1i5nrch/how_do_hackers_divert_ships_read_description/) + - [ ] [Looking for simple step pointers using hashcat on windows.](https://www.reddit.com/r/HowToHack/comments/1i5xd58/looking_for_simple_step_pointers_using_hashcat_on/) + - [ ] [How Many Rooms Should I Solve Per Day? Or Should I Focus More on Theory?](https://www.reddit.com/r/HowToHack/comments/1i5nlnp/how_many_rooms_should_i_solve_per_day_or_should_i/) + - [ ] [Kali home server](https://www.reddit.com/r/HowToHack/comments/1i5whrp/kali_home_server/) + - [ ] [My awus036h cannot scan any wireless](https://www.reddit.com/r/HowToHack/comments/1i5p3nw/my_awus036h_cannot_scan_any_wireless/) + - [ ] [Running Telegram messages, as Terminal commands, by Esp32 USB](https://www.reddit.com/r/HowToHack/comments/1i5hibl/running_telegram_messages_as_terminal_commands_by/) + - [ ] [How to start hacking?](https://www.reddit.com/r/HowToHack/comments/1i62424/how_to_start_hacking/) + - [ ] [Need Advice on combining Learning Hacking While Doing a CS Degree](https://www.reddit.com/r/HowToHack/comments/1i5pop9/need_advice_on_combining_learning_hacking_while/) + - [ ] [Why do you need wifi adapters](https://www.reddit.com/r/HowToHack/comments/1i5z8fs/why_do_you_need_wifi_adapters/) + - [ ] [Hey guys, How can I get Free Internet using HTTP Custom?](https://www.reddit.com/r/HowToHack/comments/1i612x8/hey_guys_how_can_i_get_free_internet_using_http/) + - [ ] [CURIOUSITY IS KILLING ME!](https://www.reddit.com/r/HowToHack/comments/1i60un0/curiousity_is_killing_me/) + - [ ] [Assist ?](https://www.reddit.com/r/HowToHack/comments/1i5viek/assist/) + - [ ] [Whats a good remote acces tool?](https://www.reddit.com/r/HowToHack/comments/1i5q7s8/whats_a_good_remote_acces_tool/) + - [ ] [Chess.com config](https://www.reddit.com/r/HowToHack/comments/1i5nvub/chesscom_config/) - Technical Information Security Content & Discussion - - [ ] [Windows BitLocker -- Screwed without a Screwdriver](https://www.reddit.com/r/netsec/comments/1i54psl/windows_bitlocker_screwed_without_a_screwdriver/) + - [ ] [Malware Analysis of Fake Banking Reward APK Targeting WhatsApp Users](https://www.reddit.com/r/netsec/comments/1i5su0v/malware_analysis_of_fake_banking_reward_apk/) + - [ ] [The cost of false positives - how we became a target](https://www.reddit.com/r/netsec/comments/1i5tioq/the_cost_of_false_positives_how_we_became_a_target/) + - [ ] [v0.1.0 released - Analyze IoC with OpenCTI, Threat fox and more #FOSS](https://www.reddit.com/r/netsec/comments/1i5wimk/v010_released_analyze_ioc_with_opencti_threat_fox/) + - [ ] [Tear Down The Castle - Part 1 | dfir.ch](https://www.reddit.com/r/netsec/comments/1i5p97a/tear_down_the_castle_part_1_dfirch/) +- Schneier on Security + - [ ] [Biden Signs New Cybersecurity Order](https://www.schneier.com/blog/archives/2025/01/biden-signs-new-cybersecurity-order.html) +- Computer Forensics + - [ ] [Release v0.1.0 - Give context to IoC with ease - OpenCTI, Threatfox and more](https://www.reddit.com/r/computerforensics/comments/1i5ugv1/release_v010_give_context_to_ioc_with_ease/) + - [ ] [How is data acquisition performed for small IoT devices or sensors? What is performed static or live acquisition usually?](https://www.reddit.com/r/computerforensics/comments/1i636q6/how_is_data_acquisition_performed_for_small_iot/) + - [ ] [Requesting Assistance - iPhone Photo Data](https://www.reddit.com/r/computerforensics/comments/1i5qyd3/requesting_assistance_iphone_photo_data/) + - [ ] [Career pathway advice](https://www.reddit.com/r/computerforensics/comments/1i5k2ht/career_pathway_advice/) +- Social Engineering + - [ ] [Festival beer run](https://www.reddit.com/r/SocialEngineering/comments/1i5q01m/festival_beer_run/) +- Security Weekly Podcast Network (Audio) + - [ ] [The Next Era of Data Security: AI, Cloud, & Compliance - Jeff Smith, Dimitri Sirota, Kiran Chinnagangannagari - ESW #390](http://sites.libsyn.com/18678/the-next-era-of-data-security-ai-cloud-compliance-jeff-smith-dimitri-sirota-kiran-chinnagangannagari-esw-390) From 01185c017d77e48aa0fba8c9d3d5445316e6fa03 Mon Sep 17 00:00:00 2001 From: chainreactorbot Date: Wed, 22 Jan 2025 02:47:29 +0000 Subject: [PATCH 16/29] =?UTF-8?q?=E6=AF=8F=E6=97=A5=E5=AE=89=E5=85=A8?= =?UTF-8?q?=E8=B5=84=E8=AE=AF=EF=BC=882025-01-22=EF=BC=89?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- archive/daily/2025/2025-01-22.md | 315 ++++++++++++++ archive/tmp/2025-01-22.json | 396 +++++++++++++++++ today.md | 704 +++++++++++++------------------ 3 files changed, 998 insertions(+), 417 deletions(-) create mode 100644 archive/daily/2025/2025-01-22.md create mode 100644 archive/tmp/2025-01-22.json diff --git a/archive/daily/2025/2025-01-22.md b/archive/daily/2025/2025-01-22.md new file mode 100644 index 0000000000..b814a4476f --- /dev/null +++ b/archive/daily/2025/2025-01-22.md @@ -0,0 +1,315 @@ +# 每日安全资讯(2025-01-22) + +- 奇安信攻防社区 + - [ ] [windows com组件模糊测试入门](https://forum.butian.net/share/4060) + - [ ] [实战 | 微信小程序EDUSRC渗透漏洞复盘](https://forum.butian.net/share/4055) +- SecWiki News + - [ ] [SecWiki News 2025-01-21 Review](http://www.sec-wiki.com/?2025-01-21) +- Security Boulevard + - [ ] [GDPR Compliance in the US: Checklist and Requirements](https://securityboulevard.com/2025/01/gdpr-compliance-in-the-us-checklist-and-requirements/) + - [ ] [AI Code Generation: The Risks and Benefits of AI in Software](https://securityboulevard.com/2025/01/ai-code-generation-the-risks-and-benefits-of-ai-in-software/) + - [ ] [What PCI Attestation of Compliance Is and How to Get It](https://securityboulevard.com/2025/01/what-pci-attestation-of-compliance-is-and-how-to-get-it/) + - [ ] [Understanding the Principle of Least Privilege (PoLP)](https://securityboulevard.com/2025/01/understanding-the-principle-of-least-privilege-polp/) + - [ ] [DEF CON 32 – A (Shallow) Dive Into World Of Aircraft PKI](https://securityboulevard.com/2025/01/def-con-32-a-shallow-dive-into-world-of-aircraft-pki/) + - [ ] [Start the year by protecting your privacy— A stalkerware quick check](https://securityboulevard.com/2025/01/start-the-year-by-protecting-your-privacy-a-stalkerware-quick-check/) + - [ ] [Randall Munroe’s XKCD ‘Uncanceled Units’](https://securityboulevard.com/2025/01/randall-munroes-xkcd-uncanceled-units-2/) + - [ ] [Trump U-Turn: TikTok’s On-Again/Off-Again U.S. Ban](https://securityboulevard.com/2025/01/trump-eo-tik-tok-richixbw/) + - [ ] [Healthcare Cybersecurity: The Chronic Condition We Can’t Ignore](https://securityboulevard.com/2025/01/healthcare-cybersecurity-the-chronic-condition-we-cant-ignore/) + - [ ] [DEF CON 32 – Analyzing the Security of Satellite Based Air Traffic Control](https://securityboulevard.com/2025/01/def-con-32-analyzing-the-security-of-satellite-based-air-traffic-control/) +- CXSECURITY Database RSS Feed - CXSecurity.com + - [ ] [OCLS MSMS-PHP (by: oretnom23 ) v1.0 -Copyright © 2025. All rights reserved. File Upload-FU and Remote Code Execution-RCE Vul](https://cxsecurity.com/issue/WLB-2025010020) + - [ ] [NeoServ Studio - Website Builder Manager Admin SQLi Bypass](https://cxsecurity.com/issue/WLB-2025010018) +- 安全客-有思想的安全新媒体 + - [ ] [360获中国计算机行业协会网络和数据安全专业委员会卓越贡献奖](https://www.anquanke.com/post/id/303696) + - [ ] [CVE-2025-22146 (CVSS 9.1): 关键哨兵漏洞允许账户接管](https://www.anquanke.com/post/id/303693) + - [ ] [TP-Link 漏洞: 针对 CVE-2024-54887 的 PoC 漏洞利用揭示了远程代码执行风险](https://www.anquanke.com/post/id/303690) + - [ ] [CVE-2025-0411:7-Zip 安全漏洞导致代码执行 - 立即更新](https://www.anquanke.com/post/id/303687) + - [ ] [工业交换机漏洞可被远程利用](https://www.anquanke.com/post/id/303684) + - [ ] [物联网僵尸网络助长针对全球组织的大规模 DDoS 攻击](https://www.anquanke.com/post/id/303681) + - [ ] [ChatGPT Crawler漏洞:通过HTTP请求进行DDOS攻击](https://www.anquanke.com/post/id/303678) + - [ ] [甲骨文 2025 年 1 月关键补丁更新:解决 320 个安全漏洞](https://www.anquanke.com/post/id/303675) + - [ ] [黑客利用 AnyDesk 冒充 CERT-UA 发起网络攻击](https://www.anquanke.com/post/id/303670) + - [ ] [黑客声称窃取源代码,HPE 对漏洞进行调查](https://www.anquanke.com/post/id/303667) +- Recent Commits to cve:main + - [ ] [Update Tue Jan 21 20:24:41 UTC 2025](https://github.com/trickest/cve/commit/093beab0c1e8739243099093f563ebb6c97a18ce) + - [ ] [Update Tue Jan 21 12:20:41 UTC 2025](https://github.com/trickest/cve/commit/089836ae7b2b9ed56ef865018b8ed702bf381412) + - [ ] [Update Tue Jan 21 04:24:29 UTC 2025](https://github.com/trickest/cve/commit/5430c3170b21fc90a9a4e98ee3d768521e921e95) +- 嘶吼 RoarTalk – 网络安全行业综合服务平台,4hou.com + - [ ] [2024 年 12 月头号恶意软件:基于 AI 的勒索软件团伙 FunkSec 风头渐起](https://www.4hou.com/posts/6MxN) + - [ ] [新型物联网僵尸网络现身,疯狂劫持设备发动大规模 DDoS 攻击](https://www.4hou.com/posts/0MoN) +- 一个被知识诅咒的人 + - [ ] [【Python运维】Python与网络监控:如何编写网络探测与流量分析工具](https://blog.csdn.net/nokiaguy/article/details/145281157) + - [ ] [【人工智能】Python实战:构建高效的多任务学习模型](https://blog.csdn.net/nokiaguy/article/details/145281118) +- paper - Last paper + - [ ] [盘点 2024 年备受关注的那些高风险漏洞](https://paper.seebug.org/3268/) + - [ ] [Love and hate under war: The GamaCopy organization, which imitates the Russian Gamaredon, uses military - related bait to launch attacks on Russia](https://paper.seebug.org/3270/) +- Twitter @bytehx + - [ ] [RT zhero;: very pleased to announce the release of my new article based on my research that led to CVE-2024-46982 titled: Next.js, cache, and chains: ...](https://x.com/bytehx343/status/1881775443810152497) + - [ ] [Thanks @SynackRedTeam 🥳](https://x.com/bytehx343/status/1881743935749660919) + - [ ] [Re @drak3hft7 @yeswehack](https://x.com/bytehx343/status/1881715373604745365) + - [ ] [Re @RootxRavi @intigriti thank you!](https://x.com/bytehx343/status/1881714645335249267) + - [ ] [Just scored a reward @intigriti, check my profile: https://app.intigriti.com/profile/bytehx #HackWithIntigriti](https://x.com/bytehx343/status/1881713215970955450) + - [ ] [Re @YoyoDavelion @yeswehack Congrats!](https://x.com/bytehx343/status/1881712949141917968) + - [ ] [Re @RootxRavi @intigriti Thank you!🥳](https://x.com/bytehx343/status/1881701312028614748) + - [ ] [Re @_justYnot @intigriti Thank you!🥳](https://x.com/bytehx343/status/1881701300687274145) + - [ ] [Re @ce_automne @intigriti should try it!](https://x.com/bytehx343/status/1881688650129506316) +- SpiderLabs Blog + - [ ] [The New Face of Ransomware: Key Players and Emerging Tactics of 2024](https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/the-new-face-of-ransomware-key-players-and-emerging-tactics-of-2024/) +- Private Feed for M09Ic + - [ ] [mgeeky starred LuemmelSec/APEX](https://github.com/LuemmelSec/APEX) + - [ ] [praetorian-inc made praetorian-inc/noseyparkerexplorer public](https://github.com/praetorian-inc/noseyparkerexplorer) + - [ ] [mgeeky starred zodiacon/youtubecode](https://github.com/zodiacon/youtubecode) + - [ ] [zema1 starred MaorSabag/interactive-execute-shellcode](https://github.com/MaorSabag/interactive-execute-shellcode) + - [ ] [zer0yu started following BlackFan](https://github.com/BlackFan) + - [ ] [zer0yu started following Patrick-DE](https://github.com/Patrick-DE) + - [ ] [zer0yu starred bodo-run/yek](https://github.com/bodo-run/yek) + - [ ] [zer0yu started following reddelexc](https://github.com/reddelexc) + - [ ] [zema1 starred 0xEr3bus/PoolPartyBof](https://github.com/0xEr3bus/PoolPartyBof) + - [ ] [h3zh1 pushed to dev in chainreactors/malice-network](https://github.com/chainreactors/malice-network/compare/5527b594d0...8431efeb36) + - [ ] [huoji120 starred vmcall/nt-mapper](https://github.com/vmcall/nt-mapper) + - [ ] [CHYbeta starred convisolabs/rails_arb_file_write_bootsnap](https://github.com/convisolabs/rails_arb_file_write_bootsnap) + - [ ] [CHYbeta starred polyxss/bxss](https://github.com/polyxss/bxss) + - [ ] [zer0yu starred deepseek-ai/DeepSeek-R1](https://github.com/deepseek-ai/DeepSeek-R1) + - [ ] [safedv starred FalconForceTeam/bof-winrm-client](https://github.com/FalconForceTeam/bof-winrm-client) + - [ ] [CHYbeta starred KTH-LangSec/silent-spring](https://github.com/KTH-LangSec/silent-spring) + - [ ] [safedv starred gtworek/PSBits](https://github.com/gtworek/PSBits) + - [ ] [niudaii starred LandGrey/domainNamePredictor](https://github.com/LandGrey/domainNamePredictor) + - [ ] [niudaii starred AlephNullSK/dnsgen](https://github.com/AlephNullSK/dnsgen) + - [ ] [zema1 starred sonodima/microseh](https://github.com/sonodima/microseh) + - [ ] [0xbug starred temporalio/temporal](https://github.com/temporalio/temporal) + - [ ] [Wh0ale starred wux1an/wxapkg](https://github.com/wux1an/wxapkg) +- Reverse Engineering + - [ ] [Denuvo Analysis](https://www.reddit.com/r/ReverseEngineering/comments/1i6up0s/denuvo_analysis/) + - [ ] [Reverse Engineering Call Of Duty Anti-Cheat](https://www.reddit.com/r/ReverseEngineering/comments/1i68o2q/reverse_engineering_call_of_duty_anticheat/) + - [ ] [HAAA hello guys can someone help me with reverse chal ? like i'm strugleling too much rn pls](https://www.reddit.com/r/ReverseEngineering/comments/1i6uqbq/haaa_hello_guys_can_someone_help_me_with_reverse/) +- blog.avast.com EN + - [ ] [Start the year by protecting your privacy— A stalkerware quick check](https://blog.avast.com/start-the-year-by-protecting-your-privacy-a-stalkerware-quick-check) +- Bug Bounty in InfoSec Write-ups on Medium + - [ ] [WIFI Hacking , user and password hacking [How hackers get Password of any wifi network]](https://infosecwriteups.com/wifi-hacking-user-and-password-hacking-how-hackers-get-password-of-any-wifi-network-015ae6575bed?source=rss----7b722bfd1b8d--bug_bounty) + - [ ] [Found HTML Injection in Emails! Earned HOF](https://infosecwriteups.com/found-html-injection-in-emails-earned-hof-24a8a8223f29?source=rss----7b722bfd1b8d--bug_bounty) +- Malwarebytes + - [ ] [AI tool GeoSpy analyzes images and identifies locations in seconds](https://www.malwarebytes.com/blog/news/2025/01/ai-tool-geospy-analyzes-images-and-identifies-locations-in-seconds) +- Microsoft Security Response Center + - [ ] [Scaling Dynamic Application Security Testing (DAST)](https://msrc.microsoft.com/blog/2025/01/scaling-dynamic-application-security-testing-dast/) +- Webroot Blog + - [ ] [Why MSPs need proactive, 24/7 threat hunting](https://www.webroot.com/blog/2025/01/21/why-msps-need-proactive-24-7-threat-hunting/) +- FreeBuf网络安全行业门户 + - [ ] [新的AI安全在2025年正对CISO及其团队构成挑战](https://www.freebuf.com/news/420445.html) + - [ ] [SUSE发布重要补丁:保护系统免受CVE-2025-21613攻击](https://www.freebuf.com/articles/420421.html) + - [ ] [Shiro CVE-2020-17510 路径绕过](https://www.freebuf.com/vuls/420408.html) + - [ ] [梅赛德斯—奔驰信息娱乐系统漏洞详细信息披露](https://www.freebuf.com/articles/420410.html) + - [ ] [FreeBuf早报 | 中国与多国联合解救7万电诈受害者;德国驻美大使密电遭到泄露](https://www.freebuf.com/news/420399.html) + - [ ] [2024年近2亿人受影响,美国医疗成重点攻击目标](https://www.freebuf.com/news/420391.html) + - [ ] [2025 OWASP十大安全漏洞](https://www.freebuf.com/news/420401.html) + - [ ] [420万主机暴露,含VPN和路由器](https://www.freebuf.com/news/420386.html) + - [ ] [新型僵尸网络正对路由器、摄像头等设备发起大规模DDoS攻击](https://www.freebuf.com/news/420383.html) +- Wallarm + - [ ] [API Security’s Role in Responsible AI Deployment](https://lab.wallarm.com/api-securitys-role-in-responsible-ai-deployment/) +- Dhole Moments + - [ ] [Too Many People Don’t Value the Time of Security Researchers](https://soatok.blog/2025/01/21/too-many-people-dont-value-the-time-of-security-researchers/) +- 奇客Solidot–传递最新科技情报 + - [ ] [北京将举办首届人机马拉松](https://www.solidot.org/story?sid=80390) + - [ ] [干旱愈来愈严重愈来愈频繁](https://www.solidot.org/story?sid=80388) + - [ ] [愈来愈多的美国青少年使用 ChatGPT 完成作业](https://www.solidot.org/story?sid=80387) + - [ ] [Paul Allen 诞辰 72 周年](https://www.solidot.org/story?sid=80386) + - [ ] [孕妇的脑灰质在孕期发生变化](https://www.solidot.org/story?sid=80385) + - [ ] [佳能的直播应用不支持佳能摄像机](https://www.solidot.org/story?sid=80384) + - [ ] [华为 2024 年手机出货量增长 50%](https://www.solidot.org/story?sid=80383) +- 绿盟科技技术博客 + - [ ] [【漏洞通告】MongoDB Mongoose搜索注入漏洞(CVE-2025-23061)](https://blog.nsfocus.net/cve-2025-23061/) +- rtl-sdr.com + - [ ] [CCC Conference Talk: BlinkenCity – Radio-Controlling Street Lamps and Power Plants](https://www.rtl-sdr.com/ccc-conference-talk-blinkencity-radio-controlling-street-lamps-and-power-plants/) +- 奇安信 CERT + - [ ] [年度报告 | 2024年应该知道的漏洞都在这了!](https://mp.weixin.qq.com/s?__biz=MzU5NDgxODU1MQ==&mid=2247502937&idx=1&sn=c80cc1036d35183287d46040fa66d3f2&chksm=fe79e8c1c90e61d7169d6a42f15d0c02941c362881e765d760f9c7317c8bd10f66e565995bb1&scene=58&subscene=0#rd) +- 绿盟科技CERT + - [ ] [【漏洞通告】MongoDB Mongoose搜索注入漏洞(CVE-2025-23061)](https://mp.weixin.qq.com/s?__biz=Mzk0MjE3ODkxNg==&mid=2247488918&idx=1&sn=158d8df04d4080e7902083a76fd24d26&chksm=c2c6429df5b1cb8bc86e5d57a7d589ef30a23ca11cd0bb38269afe2125cd10f152606ce4ea98&scene=58&subscene=0#rd) +- 安全分析与研究 + - [ ] [3CX供应链攻击技术之微软数字签名被滥用技术分析](https://mp.weixin.qq.com/s?__biz=MzA4ODEyODA3MQ==&mid=2247490083&idx=1&sn=ae29cfade8f5828fec4fb779fe5e3c96&chksm=902fb50ba7583c1d446ad0cd9ea3a31505e76942c0c9287c7c7c3d7e34d0a798bdd099c074b4&scene=58&subscene=0#rd) + - [ ] [银狐最新恶意软件进程监控](https://mp.weixin.qq.com/s?__biz=MzA4ODEyODA3MQ==&mid=2247490083&idx=2&sn=c971052a5ec51ffec1e6bfb1c69b14f1&chksm=902fb50ba7583c1d4e3afd61be64e5e3ddea141c398bbbcc30b869212a244246c63a4e11d1d2&scene=58&subscene=0#rd) + - [ ] [D0glun勒索病毒攻击](https://mp.weixin.qq.com/s?__biz=MzA4ODEyODA3MQ==&mid=2247490083&idx=3&sn=fc6500f89b6ce90fdeb832aeeae697db&chksm=902fb50ba7583c1d99359705d89dbc7f7af7e53236a6c19c59716d080ab2d117b07eb1fb23e9&scene=58&subscene=0#rd) +- 威努特安全网络 + - [ ] [连续三年!威努特蝉联中国网络安全产业联盟先进会员单位](https://mp.weixin.qq.com/s?__biz=MzAwNTgyODU3NQ==&mid=2651130566&idx=1&sn=f4bc7206d7fd13bcd1280fca2d9eb1b3&chksm=80e71076b7909960f60ec0b3607c107efc6cec5b40d131a5326a3602ca2f682bf3350ee8e8ed&scene=58&subscene=0#rd) +- 丁爸 情报分析师的工具箱 + - [ ] [【资料】文化情报:美军如何利用国际市场的文化信息来增强情报、监视和侦察(ISR)](https://mp.weixin.qq.com/s?__biz=MzI2MTE0NTE3Mw==&mid=2651148640&idx=1&sn=dc17513401dee2c45789902342664776&chksm=f1af265ac6d8af4c812e62828e8c92434f40dce6e5de5133fecb9e81781ec050209e65fdcfaa&scene=58&subscene=0#rd) +- 梦之光芒的电子梦 + - [ ] [中小企业及创业公司信息安全建设指南](https://mp.weixin.qq.com/s?__biz=MzUyODQ0MTE2MQ==&mid=2247483749&idx=1&sn=762084442aa00a999fea80eed8b17326&chksm=fa710b43cd0682551167008cbc6ab7db1eb041b1a14538e4c7dcb29c786f301a6f39227962f2&scene=58&subscene=0#rd) +- 腾讯玄武实验室 + - [ ] [每日安全动态推送(25/1/21)](https://mp.weixin.qq.com/s?__biz=MzA5NDYyNDI0MA==&mid=2651959999&idx=1&sn=8f2ce3628b9e75bf7e03c60203d88d14&chksm=8baed220bcd95b3648040525b7c86be6aa84e518e42c1e85ed76c7b09ced0d67ea2b5556ece4&scene=58&subscene=0#rd) +- 360漏洞云 + - [ ] [【您有一个礼盒待签收】喜迎2025!开启安全新征程!](https://mp.weixin.qq.com/s?__biz=Mzg5MTc5Mzk2OA==&mid=2247502873&idx=1&sn=ebd51f859ccd1ab589330baec97ab05f&chksm=cfc56b46f8b2e250b48a6df1b45cf1422ffa7dd11cd5aa84dd045c022cac85d538bb7c867c8a&scene=58&subscene=0#rd) + - [ ] [《网信自主创新调研报告》表彰大会召开,360漏洞云获多项荣誉](https://mp.weixin.qq.com/s?__biz=Mzg5MTc5Mzk2OA==&mid=2247502873&idx=2&sn=b244ada36b1a87162f083c5a17af9c04&chksm=cfc56b46f8b2e25026712ae5023c6dc56a4c50092057dd3a58850b41c210c29b5bb60a729b85&scene=58&subscene=0#rd) + - [ ] [蛇年新禧,祥福并济|360漏洞云平台放假公告](https://mp.weixin.qq.com/s?__biz=Mzg5MTc5Mzk2OA==&mid=2247502873&idx=3&sn=ab3d8ccd96f17d0a3040c85d24e35be3&chksm=cfc56b46f8b2e250435ced6a4be9d9a5c5bd4bd692a7fbe65aed030690c7fddd6791331fd27b&scene=58&subscene=0#rd) +- 安全内参 + - [ ] [AI助手泄露客户信息,行业软件龙头暂时停用相关功能](https://mp.weixin.qq.com/s?__biz=MzI4NDY2MDMwMw==&mid=2247513551&idx=1&sn=f0edf2e4791fb19bbc7ceede6817e516&chksm=ebfaf2efdc8d7bf942608609b8655044efbc3d34c990d30ca4c705d3f2ce4ac4fbd9dce87622&scene=58&subscene=0#rd) + - [ ] [B站员工植入恶意代码报复用户,官方:漏洞已修补,员工已处罚](https://mp.weixin.qq.com/s?__biz=MzI4NDY2MDMwMw==&mid=2247513551&idx=2&sn=f50c04a1adb0a92b26906f0e29ecabdb&chksm=ebfaf2efdc8d7bf9ab0f5e0cbcbc04e62cceea6c6ef61ed92d88aeb2fc987c5cabce1bd08cec&scene=58&subscene=0#rd) +- 看雪学苑 + - [ ] [反射式注入技术浅析](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458589041&idx=1&sn=d6ac5ccbfd4e3343e192ddbf90411481&chksm=b18c27fb86fbaeed0df1fbadae1c3870a2409d2fb44d1790ecb33e9e6c15a7bf3cca1c2bdf83&scene=58&subscene=0#rd) + - [ ] [B站员工“代码投毒”!滥用职权,用户账号遭恶意封禁](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458589041&idx=2&sn=6763601f189f2c29f48bb63f7333ac4c&chksm=b18c27fb86fbaeedeb7d604cbb8f96598b43254de6a29e2bcc20f721f1d677ac3d0d3ab6ca8e&scene=58&subscene=0#rd) + - [ ] [报名中!即将开班 | 无人机安全攻防入门:从整体架构到漏洞分析](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458589041&idx=3&sn=f23e141f9f2559ffdfdd86d3d8f3ef1f&chksm=b18c27fb86fbaeede1ae14775b2e06f51d9ff39aea062676c42180f7f320b879996baf3f7ff8&scene=58&subscene=0#rd) +- 奇安信威胁情报中心 + - [ ] [【奇安信情报沙箱】警惕伪装为文档的恶意快捷方式(LNK)文件](https://mp.weixin.qq.com/s?__biz=MzI2MDc2MDA4OA==&mid=2247513822&idx=1&sn=9d52dc150c8ee53e3af6d7ae908c596b&chksm=ea6641a9dd11c8bfb5ef721db9b91c0777ce08c04211ac969b6a5cdc765c24b02f6b576a8c15&scene=58&subscene=0#rd) +- Shostack & Friends Blog + - [ ] [Handling Pandemic-Scale Cyber Threats: Lessons from COVID-19](https://shostack.org/blog/pandemic-scale/) +- 知道创宇404实验室 + - [ ] [盘点 2024 年备受关注的那些高风险漏洞](https://mp.weixin.qq.com/s?__biz=MzAxNDY2MTQ2OQ==&mid=2650990290&idx=1&sn=fb9b947f5ea6ca876af9c2159098d8a4&chksm=8079a4e0b70e2df652368fa2253964cd3b67c0ea64d03589c0a70c3560e6fe23ff6337a69fd1&scene=58&subscene=0#rd) +- 安全圈 + - [ ] [【安全圈】B站2025年第一个大瓜,“代码投毒”报复用户](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067526&idx=1&sn=c7bb681b7008589588039d0669578174&chksm=f36e7a86c419f390b734807d57bdc26cac9c538f395fdccccc649692191fbcd913aaa5acd8d3&scene=58&subscene=0#rd) + - [ ] [【安全圈】梅赛德斯—奔驰信息娱乐系统漏洞详细信息披露](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067526&idx=2&sn=35fd8cf175959d2493340598399f5c01&chksm=f36e7a86c419f390ae47d611d4f4561da13239e89f5e649487a4ddd152221306aa899f53951d&scene=58&subscene=0#rd) + - [ ] [【安全圈】新型Android恶意软件模仿聊天应用窃取敏感数据](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067526&idx=3&sn=78bd7100124b3e45c47f00500c234a7a&chksm=f36e7a86c419f390eb993a9683d9f515b852c6e83fb5352246a18f8c2e22c3eca2ebdab53a18&scene=58&subscene=0#rd) + - [ ] [【安全圈】OWASP 2025 年十大漏洞 – 被利用/发现的最严重漏洞](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067526&idx=4&sn=b3d1ba063b429d95b1315af7a9713b77&chksm=f36e7a86c419f390195cd33fd72a55eb69f0bae4bcd587dd7e23f6258b3c8848d14b5fba092e&scene=58&subscene=0#rd) +- dotNet安全矩阵 + - [ ] [DCOM 技术内网实战,通过 ExcelDDE 和 ShellBrowserWindow 实现横向移动](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498360&idx=1&sn=8ee091f555c386b755c5300547ac08fe&chksm=fa595495cd2edd832583640b60f915e352d7d6d9eb98f85963e41303ca492d2bcb869dfcdb3b&scene=58&subscene=0#rd) + - [ ] [.NET 内网攻防实战电子报刊](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498360&idx=2&sn=27608f525eba71cd10592eaa56917ce1&chksm=fa595495cd2edd83e0d05a1703cc3febd28d701c9fe96fccc2409724b0dc3de47dc16ec91fe9&scene=58&subscene=0#rd) + - [ ] [.NET 实战中批量获取数据库凭据的工具](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498360&idx=3&sn=05bcdc6edb29b6d41f93a3216197eb95&chksm=fa595495cd2edd83c3ccbc19de1860a86e7eb126a22b71819e2f7841c0ab861fb968ef1d8add&scene=58&subscene=0#rd) +- 信息安全国家工程研究中心 + - [ ] [《公共数据资源登记管理暂行办法》公布,3月1日起施行](https://mp.weixin.qq.com/s?__biz=MzU5OTQ0NzY3Ng==&mid=2247498746&idx=1&sn=f526aba50f7d3765f6608b80012a38f1&chksm=feb67ae9c9c1f3fffd632db66d26d7b874760f3607f8a48be8e82be40eeb32a9b87c6e333312&scene=58&subscene=0#rd) + - [ ] [一图读懂 | 关于完善数据流通安全治理 更好促进数据要素市场化价值化的实施方案](https://mp.weixin.qq.com/s?__biz=MzU5OTQ0NzY3Ng==&mid=2247498746&idx=2&sn=32373b47bc9d42a1dd69d7ed017ec22b&chksm=feb67ae9c9c1f3ff9059fdb9b42509895b8e416205f2ef1346f9df76ccb25088b681b790581f&scene=58&subscene=0#rd) +- 中国信息安全 + - [ ] [通知 | 国家发展改革委 国家数据局印发《公共数据资源登记管理暂行办法》(附全文)](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235295&idx=1&sn=8a80edf9113f50434a1bb11f3e5cc79e&chksm=8b5803e6bc2f8af08800b6f9c12fc09d3665078ffd474d5a6f39d70e2c35058c0ae863b47a76&scene=58&subscene=0#rd) + - [ ] [通知 | 国家发展改革委 国家数据局印发《公共数据资源授权运营实施规范(试行)》(附全文)](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235295&idx=2&sn=5f58f62f3bf1f6e916f8470f6f6f55b2&chksm=8b5803e6bc2f8af06dc3a6c03e7d667c8c86a6af82f37c83fb6be1ae229f957ecd7b48c4dbe3&scene=58&subscene=0#rd) + - [ ] [通知 | 国家发展改革委 国家数据局印发《关于建立公共数据资源授权运营价格形成机制的通知》(附全文)](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235295&idx=3&sn=2f7dc83912ff817f2473902a7e6ac995&chksm=8b5803e6bc2f8af0a31dffe028e1b2d1c767d46cf0e64c710eee7bd6bc8b75d4cba0d33cb6cc&scene=58&subscene=0#rd) + - [ ] [​权威解答 | 国家发展改革委、国家数据局有关负责同志就公共数据资源三份政策文件答记者问](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235295&idx=4&sn=0e0fda73e478907a8ffd4ccf7d5b6bf1&chksm=8b5803e6bc2f8af01bb86646ec8574f5de50b90b63a85bc02a92643f056194b89d085ec75f4b&scene=58&subscene=0#rd) + - [ ] [工信部:3000余家网站、APP完成适老化及无障碍改造](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235295&idx=5&sn=b4698d8d66e49269855f4dece70ecc34&chksm=8b5803e6bc2f8af0471e8c6cd4b3ef03d12d7061293ea3063ad64cc1eadbea2eff7883c2486b&scene=58&subscene=0#rd) + - [ ] [专家解读 | “人工智能+”赋能实体经济 描绘“实数融合”新图景](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235295&idx=6&sn=a2794f1a6afeadd3fa7db937baf54f37&chksm=8b5803e6bc2f8af09c87629ba57cad87e96a8eb1cae1c3d848e796e35d3c5d85ef026899e89f&scene=58&subscene=0#rd) + - [ ] [关注 | 2024年全国受理网络违法和不良信息举报2.27亿件](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235295&idx=7&sn=11cd80d44bfaacb422ecd3c07309e5d7&chksm=8b5803e6bc2f8af0ec8bcb550699d37787f2af9dd7c9b50eb3c7b60899f2d3cc3227033730de&scene=58&subscene=0#rd) +- 国家互联网应急中心CNCERT + - [ ] [CNVD漏洞周报2025年第3期](https://mp.weixin.qq.com/s?__biz=MzIwNDk0MDgxMw==&mid=2247499617&idx=1&sn=2c0ace8ad777eef414c8c2a9bd88f67a&chksm=973acc03a04d45150eee133cf3ae4786f50bc20f2a1af53ec7434b10c80e8f59831a23fd48bc&scene=58&subscene=0#rd) + - [ ] [上周关注度较高的产品安全漏洞(20250113-20250119)](https://mp.weixin.qq.com/s?__biz=MzIwNDk0MDgxMw==&mid=2247499617&idx=2&sn=9bc261752d64c6b77c44994df9de434b&chksm=973acc03a04d4515f9832db1f4bf68dd1429f5d2152ca1b0fc12e931442a861b7b4043801e92&scene=58&subscene=0#rd) +- 情报分析师 + - [ ] [格鲁乌的“破坏者大学”:用犯罪分子代替特工,这是什么操作?](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650559125&idx=1&sn=9edc6ab07ea0a57a7163e982117f2677&chksm=87117cdeb066f5c8b70dac3fb97faa41d1147bd128db0c82f53be7fac2091848bf98620a9c95&scene=58&subscene=0#rd) + - [ ] [【深挖】缅甸克伦边防部队(BGF)的利益链条及犯罪业务网络(2万字资料附下载)](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650559125&idx=2&sn=eddfb3d8fd7ac52a2836738721392068&chksm=87117cdeb066f5c81b7f593465a83f37f2c6abfe8541ff72a8ad7dca6272a978bcc7e58f284e&scene=58&subscene=0#rd) + - [ ] [懂王行政令:从TikTok到关税,中美关系走向何方?](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650559125&idx=3&sn=6142b8da04d0f5b114e6620fb2a35459&chksm=87117cdeb066f5c889816af3b32bd96f9836d05a850be9c41b0e909882fc56327754e50c3a70&scene=58&subscene=0#rd) +- 小米安全中心 + - [ ] [MiSRC 蛇年限定红包封面,开启好运~](https://mp.weixin.qq.com/s?__biz=MzI2NzI2OTExNA==&mid=2247517805&idx=1&sn=fcf9b3df71d41e165e5ac7ca9b9d18dd&chksm=ea83a0f8ddf429ee312b0682e14764679d08a35a8787a527b7bcd1976a01b3905aa808133c3d&scene=58&subscene=0#rd) +- 天御攻防实验室 + - [ ] [美国政府网络政策观察(第三期) | 拜登政府制裁我国网络安全企业和个人](https://mp.weixin.qq.com/s?__biz=MzU0MzgyMzM2Nw==&mid=2247486241&idx=1&sn=b188fa0b9fd687297884d03f0af5ef7e&chksm=fb04c849cc73415f296866a480014d449984e4d3fdb57a7918b1d74fc50c661c502526e6496a&scene=58&subscene=0#rd) +- 嘶吼专业版 + - [ ] [2024中国网络安全产业势能榜优能企业「交通行业」典型案例展示](https://mp.weixin.qq.com/s?__biz=MzI0MDY1MDU4MQ==&mid=2247580915&idx=1&sn=2aae7d3064771ae44630975c78b62baa&chksm=e9146cc9de63e5df1b4ab8537a511f1ecdc8f3e2be3717df13d6cd09eae66ff4e3797cd1eaa1&scene=58&subscene=0#rd) + - [ ] [新型物联网僵尸网络现身,疯狂劫持设备发动大规模 DDoS 攻击](https://mp.weixin.qq.com/s?__biz=MzI0MDY1MDU4MQ==&mid=2247580915&idx=2&sn=49c81661b58dadfafc5d8436f0511377&chksm=e9146cc9de63e5dfbdd06a3273f839512dbc6283cb8218a470ff5f749b412c27647cc876904d&scene=58&subscene=0#rd) +- 数世咨询 + - [ ] [澳大利亚公司:相比往年网络保险采购率大幅上升](https://mp.weixin.qq.com/s?__biz=MzkxNzA3MTgyNg==&mid=2247534898&idx=1&sn=41c69a4465600023c0be9cbb2fcd38d5&chksm=c1443b8ff633b299f991e382cc47801ab52ec43e006df5b5a754a47d1d0ad5eb76fa1347f7dc&scene=58&subscene=0#rd) + - [ ] [【行业动态】天空卫士香港峰会,引领AI数据安全新时代!](https://mp.weixin.qq.com/s?__biz=MzkxNzA3MTgyNg==&mid=2247534898&idx=2&sn=6e038251ac4390be46d940acbf6e57bb&chksm=c1443b8ff633b2996bc5adc439db90a54450cedf72cdcc38f9354cbc6a181c2d8528b08112d8&scene=58&subscene=0#rd) +- 极客公园 + - [ ] [一年卖超 500 万副耳机的韶音,杀入「AI 眼镜」赛道](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653072431&idx=1&sn=bbfab5ee5f3cf789e625b0ae8b64ac20&chksm=7e57d1994920588fa97e5ee83920b38db884b645213c226fa5e8d76f9e5b72aedbf1fab15af6&scene=58&subscene=0#rd) + - [ ] [对话生数科技 Vidu 产品负责人:100 天千万用户之后,2025 年视频生成产品会变成怎样?](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653072431&idx=2&sn=659e9b3665f91afb56d99cd9ccc509f0&chksm=7e57d1994920588f7be2b75b6da29e163816667796e5ea2319255256738b7ae06af5096738ef&scene=58&subscene=0#rd) + - [ ] [「夜袭」 OpenAI!DeepSeek 开源最强推理模型 R1,再震欧美同行](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653072415&idx=1&sn=a47a2f0c4272857c4920d18773448430&chksm=7e57d1a9492058bfd25004e5d0e45bf2271e89a218d3a62a75cdf774b90dca0c5eab3ba560cb&scene=58&subscene=0#rd) + - [ ] [小米汽车一月订单超 4 万,远超产能;华为鸿蒙 PC 望今年上市;字节发布 AI 中文开发环境IDE,目标全球开发者|极客早知道](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653072398&idx=1&sn=dec48b32602b49c7b40083d212e5360d&chksm=7e57d1b8492058aee104f875e76eed46378d16c75b283725fe84d8f14492bf7b5f31516923be&scene=58&subscene=0#rd) +- 360数字安全 + - [ ] [年度盘点:AI+安全双重赋能,360解锁企业浏览器新动力](https://mp.weixin.qq.com/s?__biz=MzA4MTg0MDQ4Nw==&mid=2247579167&idx=1&sn=b9d8f3892f6d7cc7cbe9669aae2417a2&chksm=9f8d2617a8faaf01fb724c3472fed4f7d8df12f9251a76800fa93dd3d9a0f7e2c611540e87fd&scene=58&subscene=0#rd) + - [ ] [最高级!360获评工信部CAPPVD“三星技术支撑单位”称号](https://mp.weixin.qq.com/s?__biz=MzA4MTg0MDQ4Nw==&mid=2247579167&idx=2&sn=44ab9727a76e44a6b079e423fdf7b978&chksm=9f8d2617a8faaf014edd5f42949a768c5f781d7b3978e6b740442523c9838fc63b9be969b71a&scene=58&subscene=0#rd) + - [ ] [喜讯!360获评2024软件和信息服务业年度领航企业及创新成果两项大奖](https://mp.weixin.qq.com/s?__biz=MzA4MTg0MDQ4Nw==&mid=2247579167&idx=3&sn=9adcb35ed05747f7530c83f59de0ea37&chksm=9f8d2617a8faaf01e8a3f033a7236cf72d5be4d3abadd0812b203ba96eae2599c8b7f43430f1&scene=58&subscene=0#rd) +- Over Security - Cybersecurity news aggregator + - [ ] [Unique 0-click deanonymization attack targeting Signal, Discord and hundreds of platform](https://gist.github.com/hackermondev/45a3cdfa52246f1d1201c1e8cdef6117) + - [ ] [Government IT contractor Conduent says 'third-party compromise’ caused outages](https://therecord.media/government-contractor-conduent-outage-compromise) + - [ ] [Cloudflare mitigated a record-breaking 5.6 Tbps DDoS attack](https://www.bleepingcomputer.com/news/security/cloudflare-mitigated-a-record-breaking-56-tbps-ddos-attack/) + - [ ] [Disciplinary and special ed records of Toronto students may have leaked in PowerSchool breach](https://therecord.media/disciplinary-special-records-toronto-powerschool) + - [ ] [Fake Homebrew Google ads target Mac users with malware](https://www.bleepingcomputer.com/news/security/fake-homebrew-google-ads-target-mac-users-with-malware/) + - [ ] [TSA chief behind cyber directives for aviation, pipelines and rail ousted by Trump team](https://therecord.media/tsa-chief-behind-cyber-directives-ousted-trump-administration) + - [ ] [Russian telecom giant Rostelecom investigates suspected cyberattack on contractor](https://therecord.media/rostelecom-russia-contractor-data-breach) + - [ ] [Microsoft previews Game Assist in-game browser in Edge Stable](https://www.bleepingcomputer.com/news/microsoft/microsoft-previews-game-assist-in-game-browser-in-edge-stable/) + - [ ] [Bitbucket services “hard down” due to major worldwide outage](https://www.bleepingcomputer.com/news/technology/bitbucket-services-hard-down-due-to-major-worldwide-outage/) + - [ ] [7-Zip fixes bug that bypasses Windows MoTW security warnings, patch now](https://www.bleepingcomputer.com/news/security/7-zip-fixes-bug-that-bypasses-the-windows-motw-security-mechanism-patch-now/) + - [ ] [Criminal IP Teams Up with OnTheHub for Digital Education Cybersecurity](https://www.bleepingcomputer.com/news/security/criminal-ip-teams-up-with-onthehub-for-digital-education-cybersecurity/) + - [ ] [Ransomware gangs pose as IT support in Microsoft Teams phishing attacks](https://www.bleepingcomputer.com/news/security/ransomware-gangs-pose-as-it-support-in-microsoft-teams-phishing-attacks/) + - [ ] [Il 15enne che ha violato …](https://roccosicilia.com/2025/01/21/il-15enne-che-ha-violato/) + - [ ] [Via a SECURE, il progetto per supportare conformità delle PMI al Cyber Resilience Act](https://www.securityinfo.it/2025/01/21/via-a-secure-il-progetto-per-supportare-conformita-delle-pmi-al-cyber-resilience-act/) + - [ ] [Hackers impersonate Ukraine’s CERT to trick people into allowing computer access](https://therecord.media/fake-ukraine-cert-anydesk-requests-hackers) + - [ ] [Russian ransomware hackers increasingly posing as tech support on Microsoft Teams](https://therecord.media/fake-tech-support-russian-hackers-microsoft-teams) + - [ ] [JoCERT Issues Warning on Exploitable Command Injection Flaws in HPE Aruba Products](https://cyble.com/blog/jocert-warns-of-hpe-aruba-command-injection-flaws/) + - [ ] [Report riepilogativo sulle tendenze delle campagne malevole analizzate dal CERT-AGID nel 2024](https://cert-agid.gov.it/news/report-riepilogativo-sulle-tendenze-delle-campagne-malevole-analizzate-dal-cert-agid-nel-2024/) + - [ ] [October 2024 Cyber Attacks Statistics](https://www.hackmageddon.com/2025/01/21/october-2024-cyber-attacks-statistics/) + - [ ] [InvisibleFerret Malware: Technical Analysis](https://any.run/cybersecurity-blog/invisibleferret-malware-analysis/) + - [ ] [Zyxel vulnerability exploited by “Helldown” ransomware group](https://labs.yarix.com/2025/01/zyxel-vulnerability-exploited-by-helldown-ransomware-group/) + - [ ] [Critical Mozilla Vulnerabilities Prompt Urgent Updates for Firefox and Thunderbird Users](https://cyble.com/blog/cert-in-reports-multiple-mozilla-vulnerabilities/) +- Qualys Security Blog + - [ ] [Mass Campaign of Murdoc Botnet Mirai: A New Variant of Corona Mirai](https://blog.qualys.com/category/vulnerabilities-threat-research) +- Krypt3ia + - [ ] [Krypt3ia CTI Daily Digest 1.21.25](https://krypt3ia.wordpress.com/2025/01/21/krypt3ia-cti-daily-digest-1-21-25/) +- JUMPSEC + - [ ] [CREST penetration testing: how to ensure industry-leading standards](https://www.jumpsec.com/guides/crest-penetration-testing-how-to-ensure-industry-leading-standards/) + - [ ] [What is the difference between security and penetration testing](https://www.jumpsec.com/guides/difference-between-security-and-penetration-testing/) +- 迪哥讲事 + - [ ] [从xss的自动化扫描器聊起-xss的基本功](https://mp.weixin.qq.com/s?__biz=MzIzMTIzNTM0MA==&mid=2247496922&idx=1&sn=f8c212b3d3e0fb45af733f56c776a356&chksm=e8a5feb9dfd277af68c2f94335499c7ee8b25a1a135dc168ad072328c4490be4b4e4ea34114d&scene=58&subscene=0#rd) +- Securityinfo.it + - [ ] [Via a SECURE, il progetto per supportare conformità delle PMI al Cyber Resilience Act](https://www.securityinfo.it/2025/01/21/via-a-secure-il-progetto-per-supportare-conformita-delle-pmi-al-cyber-resilience-act/?utm_source=rss&utm_medium=rss&utm_campaign=via-a-secure-il-progetto-per-supportare-conformita-delle-pmi-al-cyber-resilience-act) +- HACKMAGEDDON + - [ ] [October 2024 Cyber Attacks Statistics](https://www.hackmageddon.com/2025/01/21/october-2024-cyber-attacks-statistics/) +- LuxSci + - [ ] [Top 5 Use Cases for High-Volume HIPAA-Compliant Email](https://luxsci.com/blog/use-cases-high-volume-hipaa-compliant-email.html) +- 安全419 + - [ ] [2024年度网络安全政策法规一览](https://mp.weixin.qq.com/s?__biz=MzUyMDQ4OTkyMg==&mid=2247546742&idx=1&sn=986ad65a22c1c630d4eabd6c42289dc4&chksm=f9ebe9dbce9c60cd5be6610f4c43ec81e749cec3dce80ec0cf923666c585928f149fc781baa7&scene=58&subscene=0#rd) +- Instapaper: Unread + - [ ] [The Powerful AI Tool That Cops (or Stalkers) Can Use to Geolocate Photos in Seconds](https://www.404media.co/the-powerful-ai-tool-that-cops-or-stalkers-can-use-to-geolocate-photos-in-seconds/) + - [ ] [Bypassing disk encryption on systems with automatic TPM2 unlock](https://oddlama.org/blog/bypassing-disk-encryption-with-tpm2-unlock/) + - [ ] [Artifacts Jump Lists](http://windowsir.blogspot.com/2025/01/artifacts-jump-lists.html) + - [ ] [Windows 11 BitLocker-Encrypted Files Accessed Without Disassembling Laptops](https://cybersecuritynews.com/windows-11-bitlocker-encrypted-files-accessed/) + - [ ] [Riflessione sulle Free WiFi](https://roccosicilia.com/2025/01/20/riflessione-sulle-free-wifi/) +- Graham Cluley + - [ ] [The AI Fix #34: Fake Brad Pitt and why AI means we will lose our jobs](https://grahamcluley.com/the-ai-fix-34/) + - [ ] [Medusa ransomware: what you need to know](https://www.tripwire.com/state-of-security/medusa-ransomware-what-you-need-know) +- Troy Hunt's Blog + - [ ] [Weekly Update 435](https://www.troyhunt.com/weekly-update-435/) +- The Hacker News + - [ ] [Mirai Variant Murdoc Botnet Exploits AVTECH IP Cameras and Huawei Routers](https://thehackernews.com/2025/01/murdocbotnet-found-exploiting-avtech-ip.html) + - [ ] [13,000 MikroTik Routers Hijacked by Botnet for Malspam and Cyberattacks](https://thehackernews.com/2025/01/13000-mikrotik-routers-hijacked-by.html) + - [ ] [Ex-CIA Analyst Pleads Guilty to Sharing Top-Secret Data with Unauthorized Parties](https://thehackernews.com/2025/01/ex-cia-analyst-pleads-guilty-to-sharing.html) + - [ ] [HackGATE: Setting New Standards for Visibility and Control in Penetration Testing Projects](https://thehackernews.com/2025/01/hackgate-setting-new-standards-for.html) + - [ ] [PNGPlug Loader Delivers ValleyRAT Malware Through Fake Software Installers](https://thehackernews.com/2025/01/pngplug-loader-delivers-valleyrat.html) + - [ ] [CERT-UA Warns of Cyber Scams Using Fake AnyDesk Requests for Fraudulent Security Audits](https://thehackernews.com/2025/01/cert-ua-warns-of-cyber-scams-using-fake.html) +- The Register - Security + - [ ] [Patch procrastination leaves 50,000 Fortinet firewalls vulnerable to zero-day](https://go.theregister.com/feed/www.theregister.com/2025/01/21/fortinet_firewalls_still_vulnerable/) + - [ ] [HPE probes IntelBroker's bold data theft boasts](https://go.theregister.com/feed/www.theregister.com/2025/01/21/hpe_intelbroker_claims/) + - [ ] [Breaking free from reactive security](https://go.theregister.com/feed/www.theregister.com/2025/01/21/breaking_free_from_reactive_security/) + - [ ] [Banks must keep ahead of risks and reap AI rewards](https://go.theregister.com/feed/www.theregister.com/2025/01/21/banks_must_keep_ahead_of/) +- Security Affairs + - [ ] [Former CIA analyst pleaded guilty to leaking top-secret documents](https://securityaffairs.com/173302/intelligence/former-cia-analyst-pleaded-guilty-to-leaking-top-secret-docs.html) + - [ ] [New Mirai botnet variant Murdoc Botnet targets AVTECH IP cameras and Huawei HG532 routers](https://securityaffairs.com/173294/cyber-crime/new-mirai-botnet-variant-murdoc-botnet-targets-avtech-ip-cameras-and-huawei-hg532-routers.html) + - [ ] [CERT-UA warned of scammers impersonating the agency using fake AnyDesk requests](https://securityaffairs.com/173285/hacking/cert-ua-warned-of-scammers-impersonating-the-agency-using-fake-anydesk.html) + - [ ] [Experts found multiple flaws in Mercedes-Benz infotainment system](https://securityaffairs.com/173275/hacking/mercedes-benz-infotainment-system-flaws.html) +- Deeplinks + - [ ] [EFF Sends Transition Memo on Digital Policy Priorities to New Administration and Congress](https://www.eff.org/press/releases/eff-sends-transition-memo-digital-policy-priorities-new-administration-and-congress) +- Posts By SpecterOps Team Members - Medium + - [ ] [Life at SpecterOps Part II: From Dream to Reality](https://posts.specterops.io/life-at-specterops-part-ii-from-dream-to-reality-99e10df0ba73?source=rss----f05f8696e3cc---4) +- Your Open Hacker Community + - [ ] [Learning Cryptography & Math for hacking](https://www.reddit.com/r/HowToHack/comments/1i6ro3j/learning_cryptography_math_for_hacking/) + - [ ] [How to detect Wi-Fi deauth attacks](https://www.reddit.com/r/HowToHack/comments/1i6vi0d/how_to_detect_wifi_deauth_attacks/) + - [ ] [Root directory question](https://www.reddit.com/r/HowToHack/comments/1i6r7bd/root_directory_question/) + - [ ] [Broken Access Control](https://www.reddit.com/r/HowToHack/comments/1i6dllf/broken_access_control/) + - [ ] [O.MG Cable](https://www.reddit.com/r/HowToHack/comments/1i6fkqd/omg_cable/) + - [ ] [How to change a player's UUID in Minecraft?](https://www.reddit.com/r/HowToHack/comments/1i6aj8m/how_to_change_a_players_uuid_in_minecraft/) +- Blackhat Library: Hacking techniques and research + - [ ] [Spammer/scammer sites?](https://www.reddit.com/r/blackhat/comments/1i6k17f/spammerscammer_sites/) + - [ ] [Doxxed on instagram by a random need help](https://www.reddit.com/r/blackhat/comments/1i672l2/doxxed_on_instagram_by_a_random_need_help/) +- ICT Security Magazine + - [ ] [Cybersecurity nel Settore Sanitario: Minacce, Vulnerabilità e Strategie di Difesa per il 2025](https://www.ictsecuritymagazine.com/notizie/settore-sanitario-2025/) +- Silent Signal Techblog + - [ ] [Vulnerability Archeology: Stealing Passwords with IBM i Access Client Solutions](https://blog.silentsignal.eu/2025/01/21/ibm-acs-password-dump/) +- 表图 + - [ ] [网络安全行业的价格战有那么惨烈吗?](https://mp.weixin.qq.com/s?__biz=MzUzOTI4NDQ3NA==&mid=2247484721&idx=1&sn=5e8ea98c7bfa102e656bff0ae06e3a29&chksm=facb83a4cdbc0ab2440ee60f86552a8dac017e794d8629ba15261aad3175e13285e2b12beaae&scene=58&subscene=0#rd) +- netsecstudents: Subreddit for students studying Network Security and its related subjects + - [ ] [Why would a website change the upload destination via an X-Forwarded-Host header and how can I exploit it?](https://www.reddit.com/r/netsecstudents/comments/1i6q0ib/why_would_a_website_change_the_upload_destination/) +- Social Engineering + - [ ] [When making a request from someone , how do you explain it in a way that'd be agreeable?](https://www.reddit.com/r/SocialEngineering/comments/1i6gkun/when_making_a_request_from_someone_how_do_you/) +- Hacking Exposed Computer Forensics Blog + - [ ] [Daily Blog #724: Project Adaz testing part 2](https://www.hecfblog.com/2025/01/daily-blog-724-project-adaz-testing.html) +- SANS Internet Storm Center, InfoCON: green + - [ ] [Geolocation and Starlink, (Tue, Jan 21st)](https://isc.sans.edu/diary/rss/31612) + - [ ] [ISC Stormcast For Tuesday, January 21st, 2025 https://isc.sans.edu/podcastdetail/9288, (Tue, Jan 21st)](https://isc.sans.edu/diary/rss/31610) +- Technical Information Security Content & Discussion + - [ ] [Reverse Engineering Call Of Duty Anti-Cheat](https://www.reddit.com/r/netsec/comments/1i6fcdq/reverse_engineering_call_of_duty_anticheat/) + - [ ] [NaN Of Your Business - My Favorite Unintended CTF Solution](https://www.reddit.com/r/netsec/comments/1i6kx5w/nan_of_your_business_my_favorite_unintended_ctf/) + - [ ] [Vulnerability Archeology: Stealing Passwords with IBM i Access Client Solutions](https://www.reddit.com/r/netsec/comments/1i6h9bg/vulnerability_archeology_stealing_passwords_with/) +- Schneier on Security + - [ ] [AI Mistakes Are Very Different from Human Mistakes](https://www.schneier.com/blog/archives/2025/01/ai-mistakes-are-very-different-from-human-mistakes.html) +- Computer Forensics + - [ ] [Tell me if I’m wrong, but should data carving be done on the non-mounted block device? If mounted, would the deleted file bytes be invisible since the mounted directory is just a "metaphor" of the OS, obscuring the hidden data?](https://www.reddit.com/r/computerforensics/comments/1i6imoz/tell_me_if_im_wrong_but_should_data_carving_be/) + - [ ] [Will someone explain the difference between Magnet Axiom and Cellebrite?](https://www.reddit.com/r/computerforensics/comments/1i6u4pt/will_someone_explain_the_difference_between/) + - [ ] [Created dates not displaying on X ways.](https://www.reddit.com/r/computerforensics/comments/1i6nbvf/created_dates_not_displaying_on_x_ways/) + - [ ] [Printer dithering machine identification code on monochrome printers](https://www.reddit.com/r/computerforensics/comments/1i65uso/printer_dithering_machine_identification_code_on/) +- TorrentFreak + - [ ] [Reddit and Film Companies Clash in Appeals Court Over Sharing Users’ IP Addresses](https://torrentfreak.com/reddit-and-film-companies-clash-in-appeals-court-over-sharing-users-ip-addresses-250121/) +- 网安寻路人 + - [ ] [美商务部AI模型出口管制新规(全文翻译)](https://mp.weixin.qq.com/s?__biz=MzIxODM0NDU4MQ==&mid=2247505939&idx=1&sn=763b43e9649792ff40f1de91e21dab79&chksm=97e965f9a09eeceffb179a7618e568952a1500feb5177140bd912f2bd8ec719211607d2ba064&scene=58&subscene=0#rd) +- Security Weekly Podcast Network (Audio) + - [ ] [Smishing, Microsoft, Star Blizzard, Sneaky Log, VMARE, Josh Marpet, and more... - SWN #444](http://sites.libsyn.com/18678/smishing-microsoft-star-blizzard-sneaky-log-vmare-josh-marpet-and-more-swn-444) + - [ ] [Appsec Predictions for 2025 - Cody Scott - ASW #314](http://sites.libsyn.com/18678/appsec-predictions-for-2025-cody-scott-asw-314) diff --git a/archive/tmp/2025-01-22.json b/archive/tmp/2025-01-22.json new file mode 100644 index 0000000000..b014c12480 --- /dev/null +++ b/archive/tmp/2025-01-22.json @@ -0,0 +1,396 @@ +{ + "奇安信攻防社区": { + "windows com组件模糊测试入门": "https://forum.butian.net/share/4060", + "实战 | 微信小程序EDUSRC渗透漏洞复盘": "https://forum.butian.net/share/4055" + }, + "SecWiki News": { + "SecWiki News 2025-01-21 Review": "http://www.sec-wiki.com/?2025-01-21" + }, + "Security Boulevard": { + "GDPR Compliance in the US: Checklist and Requirements": "https://securityboulevard.com/2025/01/gdpr-compliance-in-the-us-checklist-and-requirements/", + "AI Code Generation: The Risks and Benefits of AI in Software": "https://securityboulevard.com/2025/01/ai-code-generation-the-risks-and-benefits-of-ai-in-software/", + "What PCI Attestation of Compliance Is and How to Get It": "https://securityboulevard.com/2025/01/what-pci-attestation-of-compliance-is-and-how-to-get-it/", + "Understanding the Principle of Least Privilege (PoLP)": "https://securityboulevard.com/2025/01/understanding-the-principle-of-least-privilege-polp/", + "DEF CON 32 – A (Shallow) Dive Into World Of Aircraft PKI": "https://securityboulevard.com/2025/01/def-con-32-a-shallow-dive-into-world-of-aircraft-pki/", + "Start the year by protecting your privacy— A stalkerware quick check": "https://securityboulevard.com/2025/01/start-the-year-by-protecting-your-privacy-a-stalkerware-quick-check/", + "Randall Munroe’s XKCD ‘Uncanceled Units’": "https://securityboulevard.com/2025/01/randall-munroes-xkcd-uncanceled-units-2/", + "Trump U-Turn: TikTok’s On-Again/Off-Again U.S. Ban": "https://securityboulevard.com/2025/01/trump-eo-tik-tok-richixbw/", + "Healthcare Cybersecurity: The Chronic Condition We Can’t Ignore": "https://securityboulevard.com/2025/01/healthcare-cybersecurity-the-chronic-condition-we-cant-ignore/", + "DEF CON 32 – Analyzing the Security of Satellite Based Air Traffic Control": "https://securityboulevard.com/2025/01/def-con-32-analyzing-the-security-of-satellite-based-air-traffic-control/" + }, + "CXSECURITY Database RSS Feed - CXSecurity.com": { + "OCLS MSMS-PHP (by: oretnom23 ) v1.0 -Copyright © 2025. All rights reserved. File Upload-FU and Remote Code Execution-RCE Vul": "https://cxsecurity.com/issue/WLB-2025010020", + "NeoServ Studio - Website Builder Manager Admin SQLi Bypass": "https://cxsecurity.com/issue/WLB-2025010018" + }, + "安全客-有思想的安全新媒体": { + "360获中国计算机行业协会网络和数据安全专业委员会卓越贡献奖": "https://www.anquanke.com/post/id/303696", + "CVE-2025-22146 (CVSS 9.1): 关键哨兵漏洞允许账户接管": "https://www.anquanke.com/post/id/303693", + "TP-Link 漏洞: 针对 CVE-2024-54887 的 PoC 漏洞利用揭示了远程代码执行风险": "https://www.anquanke.com/post/id/303690", + "CVE-2025-0411:7-Zip 安全漏洞导致代码执行 - 立即更新": "https://www.anquanke.com/post/id/303687", + "工业交换机漏洞可被远程利用": "https://www.anquanke.com/post/id/303684", + "物联网僵尸网络助长针对全球组织的大规模 DDoS 攻击": "https://www.anquanke.com/post/id/303681", + "ChatGPT Crawler漏洞:通过HTTP请求进行DDOS攻击": "https://www.anquanke.com/post/id/303678", + "甲骨文 2025 年 1 月关键补丁更新:解决 320 个安全漏洞": "https://www.anquanke.com/post/id/303675", + "黑客利用 AnyDesk 冒充 CERT-UA 发起网络攻击": "https://www.anquanke.com/post/id/303670", + "黑客声称窃取源代码,HPE 对漏洞进行调查": "https://www.anquanke.com/post/id/303667" + }, + "Recent Commits to cve:main": { + "Update Tue Jan 21 20:24:41 UTC 2025": "https://github.com/trickest/cve/commit/093beab0c1e8739243099093f563ebb6c97a18ce", + "Update Tue Jan 21 12:20:41 UTC 2025": "https://github.com/trickest/cve/commit/089836ae7b2b9ed56ef865018b8ed702bf381412", + "Update Tue Jan 21 04:24:29 UTC 2025": "https://github.com/trickest/cve/commit/5430c3170b21fc90a9a4e98ee3d768521e921e95" + }, + "嘶吼 RoarTalk – 网络安全行业综合服务平台,4hou.com": { + "2024 年 12 月头号恶意软件:基于 AI 的勒索软件团伙 FunkSec 风头渐起": "https://www.4hou.com/posts/6MxN", + "新型物联网僵尸网络现身,疯狂劫持设备发动大规模 DDoS 攻击": "https://www.4hou.com/posts/0MoN" + }, + "一个被知识诅咒的人": { + "【Python运维】Python与网络监控:如何编写网络探测与流量分析工具": "https://blog.csdn.net/nokiaguy/article/details/145281157", + "【人工智能】Python实战:构建高效的多任务学习模型": "https://blog.csdn.net/nokiaguy/article/details/145281118" + }, + "paper - Last paper": { + "盘点 2024 年备受关注的那些高风险漏洞": "https://paper.seebug.org/3268/", + "Love and hate under war: The GamaCopy organization, which imitates the Russian Gamaredon, uses military - related bait to launch attacks on Russia": "https://paper.seebug.org/3270/" + }, + "Twitter @bytehx": { + "RT zhero;: very pleased to announce the release of my new article based on my research that led to CVE-2024-46982 titled: Next.js, cache, and chains: ...": "https://x.com/bytehx343/status/1881775443810152497", + "Thanks @SynackRedTeam 🥳": "https://x.com/bytehx343/status/1881743935749660919", + "Re @drak3hft7 @yeswehack": "https://x.com/bytehx343/status/1881715373604745365", + "Re @RootxRavi @intigriti thank you!": "https://x.com/bytehx343/status/1881714645335249267", + "Just scored a reward @intigriti, check my profile: https://app.intigriti.com/profile/bytehx #HackWithIntigriti": "https://x.com/bytehx343/status/1881713215970955450", + "Re @YoyoDavelion @yeswehack Congrats!": "https://x.com/bytehx343/status/1881712949141917968", + "Re @RootxRavi @intigriti Thank you!🥳": "https://x.com/bytehx343/status/1881701312028614748", + "Re @_justYnot @intigriti Thank you!🥳": "https://x.com/bytehx343/status/1881701300687274145", + "Re @ce_automne @intigriti should try it!": "https://x.com/bytehx343/status/1881688650129506316" + }, + "SpiderLabs Blog": { + "The New Face of Ransomware: Key Players and Emerging Tactics of 2024": "https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/the-new-face-of-ransomware-key-players-and-emerging-tactics-of-2024/" + }, + "Private Feed for M09Ic": { + "mgeeky starred LuemmelSec/APEX": "https://github.com/LuemmelSec/APEX", + "praetorian-inc made praetorian-inc/noseyparkerexplorer public": "https://github.com/praetorian-inc/noseyparkerexplorer", + "mgeeky starred zodiacon/youtubecode": "https://github.com/zodiacon/youtubecode", + "zema1 starred MaorSabag/interactive-execute-shellcode": "https://github.com/MaorSabag/interactive-execute-shellcode", + "zer0yu started following BlackFan": "https://github.com/BlackFan", + "zer0yu started following Patrick-DE": "https://github.com/Patrick-DE", + "zer0yu starred bodo-run/yek": "https://github.com/bodo-run/yek", + "zer0yu started following reddelexc": "https://github.com/reddelexc", + "zema1 starred 0xEr3bus/PoolPartyBof": "https://github.com/0xEr3bus/PoolPartyBof", + "h3zh1 pushed to dev in chainreactors/malice-network": "https://github.com/chainreactors/malice-network/compare/5527b594d0...8431efeb36", + "huoji120 starred vmcall/nt-mapper": "https://github.com/vmcall/nt-mapper", + "CHYbeta starred convisolabs/rails_arb_file_write_bootsnap": "https://github.com/convisolabs/rails_arb_file_write_bootsnap", + "CHYbeta starred polyxss/bxss": "https://github.com/polyxss/bxss", + "zer0yu starred deepseek-ai/DeepSeek-R1": "https://github.com/deepseek-ai/DeepSeek-R1", + "safedv starred FalconForceTeam/bof-winrm-client": "https://github.com/FalconForceTeam/bof-winrm-client", + "CHYbeta starred KTH-LangSec/silent-spring": "https://github.com/KTH-LangSec/silent-spring", + "safedv starred gtworek/PSBits": "https://github.com/gtworek/PSBits", + "niudaii starred LandGrey/domainNamePredictor": "https://github.com/LandGrey/domainNamePredictor", + "niudaii starred AlephNullSK/dnsgen": "https://github.com/AlephNullSK/dnsgen", + "zema1 starred sonodima/microseh": "https://github.com/sonodima/microseh", + "0xbug starred temporalio/temporal": "https://github.com/temporalio/temporal", + "Wh0ale starred wux1an/wxapkg": "https://github.com/wux1an/wxapkg" + }, + "Reverse Engineering": { + "Denuvo Analysis": "https://www.reddit.com/r/ReverseEngineering/comments/1i6up0s/denuvo_analysis/", + "Reverse Engineering Call Of Duty Anti-Cheat": "https://www.reddit.com/r/ReverseEngineering/comments/1i68o2q/reverse_engineering_call_of_duty_anticheat/", + "HAAA hello guys can someone help me with reverse chal ? like i'm strugleling too much rn pls": "https://www.reddit.com/r/ReverseEngineering/comments/1i6uqbq/haaa_hello_guys_can_someone_help_me_with_reverse/" + }, + "blog.avast.com EN": { + "Start the year by protecting your privacy— A stalkerware quick check": "https://blog.avast.com/start-the-year-by-protecting-your-privacy-a-stalkerware-quick-check" + }, + "Bug Bounty in InfoSec Write-ups on Medium": { + "WIFI Hacking , user and password hacking [How hackers get Password of any wifi network]": "https://infosecwriteups.com/wifi-hacking-user-and-password-hacking-how-hackers-get-password-of-any-wifi-network-015ae6575bed?source=rss----7b722bfd1b8d--bug_bounty", + "Found HTML Injection in Emails! Earned HOF": "https://infosecwriteups.com/found-html-injection-in-emails-earned-hof-24a8a8223f29?source=rss----7b722bfd1b8d--bug_bounty" + }, + "Malwarebytes": { + "AI tool GeoSpy analyzes images and identifies locations in seconds": "https://www.malwarebytes.com/blog/news/2025/01/ai-tool-geospy-analyzes-images-and-identifies-locations-in-seconds" + }, + "Microsoft Security Response Center": { + "Scaling Dynamic Application Security Testing (DAST)": "https://msrc.microsoft.com/blog/2025/01/scaling-dynamic-application-security-testing-dast/" + }, + "Webroot Blog": { + "Why MSPs need proactive, 24/7 threat hunting": "https://www.webroot.com/blog/2025/01/21/why-msps-need-proactive-24-7-threat-hunting/" + }, + "FreeBuf网络安全行业门户": { + "新的AI安全在2025年正对CISO及其团队构成挑战": "https://www.freebuf.com/news/420445.html", + "SUSE发布重要补丁:保护系统免受CVE-2025-21613攻击": "https://www.freebuf.com/articles/420421.html", + "Shiro CVE-2020-17510 路径绕过": "https://www.freebuf.com/vuls/420408.html", + "梅赛德斯—奔驰信息娱乐系统漏洞详细信息披露": "https://www.freebuf.com/articles/420410.html", + "FreeBuf早报 | 中国与多国联合解救7万电诈受害者;德国驻美大使密电遭到泄露": "https://www.freebuf.com/news/420399.html", + "2024年近2亿人受影响,美国医疗成重点攻击目标": "https://www.freebuf.com/news/420391.html", + "2025 OWASP十大安全漏洞": "https://www.freebuf.com/news/420401.html", + "420万主机暴露,含VPN和路由器": "https://www.freebuf.com/news/420386.html", + "新型僵尸网络正对路由器、摄像头等设备发起大规模DDoS攻击": "https://www.freebuf.com/news/420383.html" + }, + "Wallarm": { + "API Security’s Role in Responsible AI Deployment": "https://lab.wallarm.com/api-securitys-role-in-responsible-ai-deployment/" + }, + "Dhole Moments": { + "Too Many People Don’t Value the Time of Security Researchers": "https://soatok.blog/2025/01/21/too-many-people-dont-value-the-time-of-security-researchers/" + }, + "奇客Solidot–传递最新科技情报": { + "北京将举办首届人机马拉松": "https://www.solidot.org/story?sid=80390", + "干旱愈来愈严重愈来愈频繁": "https://www.solidot.org/story?sid=80388", + "愈来愈多的美国青少年使用 ChatGPT 完成作业": "https://www.solidot.org/story?sid=80387", + "Paul Allen 诞辰 72 周年": "https://www.solidot.org/story?sid=80386", + "孕妇的脑灰质在孕期发生变化": "https://www.solidot.org/story?sid=80385", + "佳能的直播应用不支持佳能摄像机": "https://www.solidot.org/story?sid=80384", + "华为 2024 年手机出货量增长 50%": "https://www.solidot.org/story?sid=80383" + }, + "绿盟科技技术博客": { + "【漏洞通告】MongoDB Mongoose搜索注入漏洞(CVE-2025-23061)": "https://blog.nsfocus.net/cve-2025-23061/" + }, + "rtl-sdr.com": { + "CCC Conference Talk: BlinkenCity – Radio-Controlling Street Lamps and Power Plants": "https://www.rtl-sdr.com/ccc-conference-talk-blinkencity-radio-controlling-street-lamps-and-power-plants/" + }, + "奇安信 CERT": { + "年度报告 | 2024年应该知道的漏洞都在这了!": "https://mp.weixin.qq.com/s?__biz=MzU5NDgxODU1MQ==&mid=2247502937&idx=1&sn=c80cc1036d35183287d46040fa66d3f2&chksm=fe79e8c1c90e61d7169d6a42f15d0c02941c362881e765d760f9c7317c8bd10f66e565995bb1&scene=58&subscene=0#rd" + }, + "绿盟科技CERT": { + "【漏洞通告】MongoDB Mongoose搜索注入漏洞(CVE-2025-23061)": "https://mp.weixin.qq.com/s?__biz=Mzk0MjE3ODkxNg==&mid=2247488918&idx=1&sn=158d8df04d4080e7902083a76fd24d26&chksm=c2c6429df5b1cb8bc86e5d57a7d589ef30a23ca11cd0bb38269afe2125cd10f152606ce4ea98&scene=58&subscene=0#rd" + }, + "安全分析与研究": { + "3CX供应链攻击技术之微软数字签名被滥用技术分析": "https://mp.weixin.qq.com/s?__biz=MzA4ODEyODA3MQ==&mid=2247490083&idx=1&sn=ae29cfade8f5828fec4fb779fe5e3c96&chksm=902fb50ba7583c1d446ad0cd9ea3a31505e76942c0c9287c7c7c3d7e34d0a798bdd099c074b4&scene=58&subscene=0#rd", + "银狐最新恶意软件进程监控": "https://mp.weixin.qq.com/s?__biz=MzA4ODEyODA3MQ==&mid=2247490083&idx=2&sn=c971052a5ec51ffec1e6bfb1c69b14f1&chksm=902fb50ba7583c1d4e3afd61be64e5e3ddea141c398bbbcc30b869212a244246c63a4e11d1d2&scene=58&subscene=0#rd", + "D0glun勒索病毒攻击": "https://mp.weixin.qq.com/s?__biz=MzA4ODEyODA3MQ==&mid=2247490083&idx=3&sn=fc6500f89b6ce90fdeb832aeeae697db&chksm=902fb50ba7583c1d99359705d89dbc7f7af7e53236a6c19c59716d080ab2d117b07eb1fb23e9&scene=58&subscene=0#rd" + }, + "威努特安全网络": { + "连续三年!威努特蝉联中国网络安全产业联盟先进会员单位": "https://mp.weixin.qq.com/s?__biz=MzAwNTgyODU3NQ==&mid=2651130566&idx=1&sn=f4bc7206d7fd13bcd1280fca2d9eb1b3&chksm=80e71076b7909960f60ec0b3607c107efc6cec5b40d131a5326a3602ca2f682bf3350ee8e8ed&scene=58&subscene=0#rd" + }, + "丁爸 情报分析师的工具箱": { + "【资料】文化情报:美军如何利用国际市场的文化信息来增强情报、监视和侦察(ISR)": "https://mp.weixin.qq.com/s?__biz=MzI2MTE0NTE3Mw==&mid=2651148640&idx=1&sn=dc17513401dee2c45789902342664776&chksm=f1af265ac6d8af4c812e62828e8c92434f40dce6e5de5133fecb9e81781ec050209e65fdcfaa&scene=58&subscene=0#rd" + }, + "梦之光芒的电子梦": { + "中小企业及创业公司信息安全建设指南": "https://mp.weixin.qq.com/s?__biz=MzUyODQ0MTE2MQ==&mid=2247483749&idx=1&sn=762084442aa00a999fea80eed8b17326&chksm=fa710b43cd0682551167008cbc6ab7db1eb041b1a14538e4c7dcb29c786f301a6f39227962f2&scene=58&subscene=0#rd" + }, + "腾讯玄武实验室": { + "每日安全动态推送(25/1/21)": "https://mp.weixin.qq.com/s?__biz=MzA5NDYyNDI0MA==&mid=2651959999&idx=1&sn=8f2ce3628b9e75bf7e03c60203d88d14&chksm=8baed220bcd95b3648040525b7c86be6aa84e518e42c1e85ed76c7b09ced0d67ea2b5556ece4&scene=58&subscene=0#rd" + }, + "360漏洞云": { + "【您有一个礼盒待签收】喜迎2025!开启安全新征程!": "https://mp.weixin.qq.com/s?__biz=Mzg5MTc5Mzk2OA==&mid=2247502873&idx=1&sn=ebd51f859ccd1ab589330baec97ab05f&chksm=cfc56b46f8b2e250b48a6df1b45cf1422ffa7dd11cd5aa84dd045c022cac85d538bb7c867c8a&scene=58&subscene=0#rd", + "《网信自主创新调研报告》表彰大会召开,360漏洞云获多项荣誉": "https://mp.weixin.qq.com/s?__biz=Mzg5MTc5Mzk2OA==&mid=2247502873&idx=2&sn=b244ada36b1a87162f083c5a17af9c04&chksm=cfc56b46f8b2e25026712ae5023c6dc56a4c50092057dd3a58850b41c210c29b5bb60a729b85&scene=58&subscene=0#rd", + "蛇年新禧,祥福并济|360漏洞云平台放假公告": "https://mp.weixin.qq.com/s?__biz=Mzg5MTc5Mzk2OA==&mid=2247502873&idx=3&sn=ab3d8ccd96f17d0a3040c85d24e35be3&chksm=cfc56b46f8b2e250435ced6a4be9d9a5c5bd4bd692a7fbe65aed030690c7fddd6791331fd27b&scene=58&subscene=0#rd" + }, + "安全内参": { + "AI助手泄露客户信息,行业软件龙头暂时停用相关功能": "https://mp.weixin.qq.com/s?__biz=MzI4NDY2MDMwMw==&mid=2247513551&idx=1&sn=f0edf2e4791fb19bbc7ceede6817e516&chksm=ebfaf2efdc8d7bf942608609b8655044efbc3d34c990d30ca4c705d3f2ce4ac4fbd9dce87622&scene=58&subscene=0#rd", + "B站员工植入恶意代码报复用户,官方:漏洞已修补,员工已处罚": "https://mp.weixin.qq.com/s?__biz=MzI4NDY2MDMwMw==&mid=2247513551&idx=2&sn=f50c04a1adb0a92b26906f0e29ecabdb&chksm=ebfaf2efdc8d7bf9ab0f5e0cbcbc04e62cceea6c6ef61ed92d88aeb2fc987c5cabce1bd08cec&scene=58&subscene=0#rd" + }, + "看雪学苑": { + "反射式注入技术浅析": "https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458589041&idx=1&sn=d6ac5ccbfd4e3343e192ddbf90411481&chksm=b18c27fb86fbaeed0df1fbadae1c3870a2409d2fb44d1790ecb33e9e6c15a7bf3cca1c2bdf83&scene=58&subscene=0#rd", + "B站员工“代码投毒”!滥用职权,用户账号遭恶意封禁": "https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458589041&idx=2&sn=6763601f189f2c29f48bb63f7333ac4c&chksm=b18c27fb86fbaeedeb7d604cbb8f96598b43254de6a29e2bcc20f721f1d677ac3d0d3ab6ca8e&scene=58&subscene=0#rd", + "报名中!即将开班 | 无人机安全攻防入门:从整体架构到漏洞分析": "https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458589041&idx=3&sn=f23e141f9f2559ffdfdd86d3d8f3ef1f&chksm=b18c27fb86fbaeede1ae14775b2e06f51d9ff39aea062676c42180f7f320b879996baf3f7ff8&scene=58&subscene=0#rd" + }, + "奇安信威胁情报中心": { + "【奇安信情报沙箱】警惕伪装为文档的恶意快捷方式(LNK)文件": "https://mp.weixin.qq.com/s?__biz=MzI2MDc2MDA4OA==&mid=2247513822&idx=1&sn=9d52dc150c8ee53e3af6d7ae908c596b&chksm=ea6641a9dd11c8bfb5ef721db9b91c0777ce08c04211ac969b6a5cdc765c24b02f6b576a8c15&scene=58&subscene=0#rd" + }, + "Shostack & Friends Blog": { + "Handling Pandemic-Scale Cyber Threats: Lessons from COVID-19": "https://shostack.org/blog/pandemic-scale/" + }, + "知道创宇404实验室": { + "盘点 2024 年备受关注的那些高风险漏洞": "https://mp.weixin.qq.com/s?__biz=MzAxNDY2MTQ2OQ==&mid=2650990290&idx=1&sn=fb9b947f5ea6ca876af9c2159098d8a4&chksm=8079a4e0b70e2df652368fa2253964cd3b67c0ea64d03589c0a70c3560e6fe23ff6337a69fd1&scene=58&subscene=0#rd" + }, + "安全圈": { + "【安全圈】B站2025年第一个大瓜,“代码投毒”报复用户": "https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067526&idx=1&sn=c7bb681b7008589588039d0669578174&chksm=f36e7a86c419f390b734807d57bdc26cac9c538f395fdccccc649692191fbcd913aaa5acd8d3&scene=58&subscene=0#rd", + "【安全圈】梅赛德斯—奔驰信息娱乐系统漏洞详细信息披露": "https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067526&idx=2&sn=35fd8cf175959d2493340598399f5c01&chksm=f36e7a86c419f390ae47d611d4f4561da13239e89f5e649487a4ddd152221306aa899f53951d&scene=58&subscene=0#rd", + "【安全圈】新型Android恶意软件模仿聊天应用窃取敏感数据": "https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067526&idx=3&sn=78bd7100124b3e45c47f00500c234a7a&chksm=f36e7a86c419f390eb993a9683d9f515b852c6e83fb5352246a18f8c2e22c3eca2ebdab53a18&scene=58&subscene=0#rd", + "【安全圈】OWASP 2025 年十大漏洞 – 被利用/发现的最严重漏洞": "https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067526&idx=4&sn=b3d1ba063b429d95b1315af7a9713b77&chksm=f36e7a86c419f390195cd33fd72a55eb69f0bae4bcd587dd7e23f6258b3c8848d14b5fba092e&scene=58&subscene=0#rd" + }, + "dotNet安全矩阵": { + "DCOM 技术内网实战,通过 ExcelDDE 和 ShellBrowserWindow 实现横向移动": "https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498360&idx=1&sn=8ee091f555c386b755c5300547ac08fe&chksm=fa595495cd2edd832583640b60f915e352d7d6d9eb98f85963e41303ca492d2bcb869dfcdb3b&scene=58&subscene=0#rd", + ".NET 内网攻防实战电子报刊": "https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498360&idx=2&sn=27608f525eba71cd10592eaa56917ce1&chksm=fa595495cd2edd83e0d05a1703cc3febd28d701c9fe96fccc2409724b0dc3de47dc16ec91fe9&scene=58&subscene=0#rd", + ".NET 实战中批量获取数据库凭据的工具": "https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498360&idx=3&sn=05bcdc6edb29b6d41f93a3216197eb95&chksm=fa595495cd2edd83c3ccbc19de1860a86e7eb126a22b71819e2f7841c0ab861fb968ef1d8add&scene=58&subscene=0#rd" + }, + "信息安全国家工程研究中心": { + "《公共数据资源登记管理暂行办法》公布,3月1日起施行": "https://mp.weixin.qq.com/s?__biz=MzU5OTQ0NzY3Ng==&mid=2247498746&idx=1&sn=f526aba50f7d3765f6608b80012a38f1&chksm=feb67ae9c9c1f3fffd632db66d26d7b874760f3607f8a48be8e82be40eeb32a9b87c6e333312&scene=58&subscene=0#rd", + "一图读懂 | 关于完善数据流通安全治理 更好促进数据要素市场化价值化的实施方案": "https://mp.weixin.qq.com/s?__biz=MzU5OTQ0NzY3Ng==&mid=2247498746&idx=2&sn=32373b47bc9d42a1dd69d7ed017ec22b&chksm=feb67ae9c9c1f3ff9059fdb9b42509895b8e416205f2ef1346f9df76ccb25088b681b790581f&scene=58&subscene=0#rd" + }, + "中国信息安全": { + "通知 | 国家发展改革委 国家数据局印发《公共数据资源登记管理暂行办法》(附全文)": "https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235295&idx=1&sn=8a80edf9113f50434a1bb11f3e5cc79e&chksm=8b5803e6bc2f8af08800b6f9c12fc09d3665078ffd474d5a6f39d70e2c35058c0ae863b47a76&scene=58&subscene=0#rd", + "通知 | 国家发展改革委 国家数据局印发《公共数据资源授权运营实施规范(试行)》(附全文)": "https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235295&idx=2&sn=5f58f62f3bf1f6e916f8470f6f6f55b2&chksm=8b5803e6bc2f8af06dc3a6c03e7d667c8c86a6af82f37c83fb6be1ae229f957ecd7b48c4dbe3&scene=58&subscene=0#rd", + "通知 | 国家发展改革委 国家数据局印发《关于建立公共数据资源授权运营价格形成机制的通知》(附全文)": "https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235295&idx=3&sn=2f7dc83912ff817f2473902a7e6ac995&chksm=8b5803e6bc2f8af0a31dffe028e1b2d1c767d46cf0e64c710eee7bd6bc8b75d4cba0d33cb6cc&scene=58&subscene=0#rd", + "​权威解答 | 国家发展改革委、国家数据局有关负责同志就公共数据资源三份政策文件答记者问": "https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235295&idx=4&sn=0e0fda73e478907a8ffd4ccf7d5b6bf1&chksm=8b5803e6bc2f8af01bb86646ec8574f5de50b90b63a85bc02a92643f056194b89d085ec75f4b&scene=58&subscene=0#rd", + "工信部:3000余家网站、APP完成适老化及无障碍改造": "https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235295&idx=5&sn=b4698d8d66e49269855f4dece70ecc34&chksm=8b5803e6bc2f8af0471e8c6cd4b3ef03d12d7061293ea3063ad64cc1eadbea2eff7883c2486b&scene=58&subscene=0#rd", + "专家解读 | “人工智能+”赋能实体经济 描绘“实数融合”新图景": "https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235295&idx=6&sn=a2794f1a6afeadd3fa7db937baf54f37&chksm=8b5803e6bc2f8af09c87629ba57cad87e96a8eb1cae1c3d848e796e35d3c5d85ef026899e89f&scene=58&subscene=0#rd", + "关注 | 2024年全国受理网络违法和不良信息举报2.27亿件": "https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235295&idx=7&sn=11cd80d44bfaacb422ecd3c07309e5d7&chksm=8b5803e6bc2f8af0ec8bcb550699d37787f2af9dd7c9b50eb3c7b60899f2d3cc3227033730de&scene=58&subscene=0#rd" + }, + "国家互联网应急中心CNCERT": { + "CNVD漏洞周报2025年第3期": "https://mp.weixin.qq.com/s?__biz=MzIwNDk0MDgxMw==&mid=2247499617&idx=1&sn=2c0ace8ad777eef414c8c2a9bd88f67a&chksm=973acc03a04d45150eee133cf3ae4786f50bc20f2a1af53ec7434b10c80e8f59831a23fd48bc&scene=58&subscene=0#rd", + "上周关注度较高的产品安全漏洞(20250113-20250119)": "https://mp.weixin.qq.com/s?__biz=MzIwNDk0MDgxMw==&mid=2247499617&idx=2&sn=9bc261752d64c6b77c44994df9de434b&chksm=973acc03a04d4515f9832db1f4bf68dd1429f5d2152ca1b0fc12e931442a861b7b4043801e92&scene=58&subscene=0#rd" + }, + "情报分析师": { + "格鲁乌的“破坏者大学”:用犯罪分子代替特工,这是什么操作?": "https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650559125&idx=1&sn=9edc6ab07ea0a57a7163e982117f2677&chksm=87117cdeb066f5c8b70dac3fb97faa41d1147bd128db0c82f53be7fac2091848bf98620a9c95&scene=58&subscene=0#rd", + "【深挖】缅甸克伦边防部队(BGF)的利益链条及犯罪业务网络(2万字资料附下载)": "https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650559125&idx=2&sn=eddfb3d8fd7ac52a2836738721392068&chksm=87117cdeb066f5c81b7f593465a83f37f2c6abfe8541ff72a8ad7dca6272a978bcc7e58f284e&scene=58&subscene=0#rd", + "懂王行政令:从TikTok到关税,中美关系走向何方?": "https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650559125&idx=3&sn=6142b8da04d0f5b114e6620fb2a35459&chksm=87117cdeb066f5c889816af3b32bd96f9836d05a850be9c41b0e909882fc56327754e50c3a70&scene=58&subscene=0#rd" + }, + "小米安全中心": { + "MiSRC 蛇年限定红包封面,开启好运~": "https://mp.weixin.qq.com/s?__biz=MzI2NzI2OTExNA==&mid=2247517805&idx=1&sn=fcf9b3df71d41e165e5ac7ca9b9d18dd&chksm=ea83a0f8ddf429ee312b0682e14764679d08a35a8787a527b7bcd1976a01b3905aa808133c3d&scene=58&subscene=0#rd" + }, + "天御攻防实验室": { + "美国政府网络政策观察(第三期) | 拜登政府制裁我国网络安全企业和个人": "https://mp.weixin.qq.com/s?__biz=MzU0MzgyMzM2Nw==&mid=2247486241&idx=1&sn=b188fa0b9fd687297884d03f0af5ef7e&chksm=fb04c849cc73415f296866a480014d449984e4d3fdb57a7918b1d74fc50c661c502526e6496a&scene=58&subscene=0#rd" + }, + "嘶吼专业版": { + "2024中国网络安全产业势能榜优能企业「交通行业」典型案例展示": "https://mp.weixin.qq.com/s?__biz=MzI0MDY1MDU4MQ==&mid=2247580915&idx=1&sn=2aae7d3064771ae44630975c78b62baa&chksm=e9146cc9de63e5df1b4ab8537a511f1ecdc8f3e2be3717df13d6cd09eae66ff4e3797cd1eaa1&scene=58&subscene=0#rd", + "新型物联网僵尸网络现身,疯狂劫持设备发动大规模 DDoS 攻击": "https://mp.weixin.qq.com/s?__biz=MzI0MDY1MDU4MQ==&mid=2247580915&idx=2&sn=49c81661b58dadfafc5d8436f0511377&chksm=e9146cc9de63e5dfbdd06a3273f839512dbc6283cb8218a470ff5f749b412c27647cc876904d&scene=58&subscene=0#rd" + }, + "数世咨询": { + "澳大利亚公司:相比往年网络保险采购率大幅上升": "https://mp.weixin.qq.com/s?__biz=MzkxNzA3MTgyNg==&mid=2247534898&idx=1&sn=41c69a4465600023c0be9cbb2fcd38d5&chksm=c1443b8ff633b299f991e382cc47801ab52ec43e006df5b5a754a47d1d0ad5eb76fa1347f7dc&scene=58&subscene=0#rd", + "【行业动态】天空卫士香港峰会,引领AI数据安全新时代!": "https://mp.weixin.qq.com/s?__biz=MzkxNzA3MTgyNg==&mid=2247534898&idx=2&sn=6e038251ac4390be46d940acbf6e57bb&chksm=c1443b8ff633b2996bc5adc439db90a54450cedf72cdcc38f9354cbc6a181c2d8528b08112d8&scene=58&subscene=0#rd" + }, + "极客公园": { + "一年卖超 500 万副耳机的韶音,杀入「AI 眼镜」赛道": "https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653072431&idx=1&sn=bbfab5ee5f3cf789e625b0ae8b64ac20&chksm=7e57d1994920588fa97e5ee83920b38db884b645213c226fa5e8d76f9e5b72aedbf1fab15af6&scene=58&subscene=0#rd", + "对话生数科技 Vidu 产品负责人:100 天千万用户之后,2025 年视频生成产品会变成怎样?": "https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653072431&idx=2&sn=659e9b3665f91afb56d99cd9ccc509f0&chksm=7e57d1994920588f7be2b75b6da29e163816667796e5ea2319255256738b7ae06af5096738ef&scene=58&subscene=0#rd", + "「夜袭」 OpenAI!DeepSeek 开源最强推理模型 R1,再震欧美同行": "https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653072415&idx=1&sn=a47a2f0c4272857c4920d18773448430&chksm=7e57d1a9492058bfd25004e5d0e45bf2271e89a218d3a62a75cdf774b90dca0c5eab3ba560cb&scene=58&subscene=0#rd", + "小米汽车一月订单超 4 万,远超产能;华为鸿蒙 PC 望今年上市;字节发布 AI 中文开发环境IDE,目标全球开发者|极客早知道": "https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653072398&idx=1&sn=dec48b32602b49c7b40083d212e5360d&chksm=7e57d1b8492058aee104f875e76eed46378d16c75b283725fe84d8f14492bf7b5f31516923be&scene=58&subscene=0#rd" + }, + "360数字安全": { + "年度盘点:AI+安全双重赋能,360解锁企业浏览器新动力": "https://mp.weixin.qq.com/s?__biz=MzA4MTg0MDQ4Nw==&mid=2247579167&idx=1&sn=b9d8f3892f6d7cc7cbe9669aae2417a2&chksm=9f8d2617a8faaf01fb724c3472fed4f7d8df12f9251a76800fa93dd3d9a0f7e2c611540e87fd&scene=58&subscene=0#rd", + "最高级!360获评工信部CAPPVD“三星技术支撑单位”称号": "https://mp.weixin.qq.com/s?__biz=MzA4MTg0MDQ4Nw==&mid=2247579167&idx=2&sn=44ab9727a76e44a6b079e423fdf7b978&chksm=9f8d2617a8faaf014edd5f42949a768c5f781d7b3978e6b740442523c9838fc63b9be969b71a&scene=58&subscene=0#rd", + "喜讯!360获评2024软件和信息服务业年度领航企业及创新成果两项大奖": "https://mp.weixin.qq.com/s?__biz=MzA4MTg0MDQ4Nw==&mid=2247579167&idx=3&sn=9adcb35ed05747f7530c83f59de0ea37&chksm=9f8d2617a8faaf01e8a3f033a7236cf72d5be4d3abadd0812b203ba96eae2599c8b7f43430f1&scene=58&subscene=0#rd" + }, + "Over Security - Cybersecurity news aggregator": { + "Unique 0-click deanonymization attack targeting Signal, Discord and hundreds of platform": "https://gist.github.com/hackermondev/45a3cdfa52246f1d1201c1e8cdef6117", + "Government IT contractor Conduent says 'third-party compromise’ caused outages": "https://therecord.media/government-contractor-conduent-outage-compromise", + "Cloudflare mitigated a record-breaking 5.6 Tbps DDoS attack": "https://www.bleepingcomputer.com/news/security/cloudflare-mitigated-a-record-breaking-56-tbps-ddos-attack/", + "Disciplinary and special ed records of Toronto students may have leaked in PowerSchool breach": "https://therecord.media/disciplinary-special-records-toronto-powerschool", + "Fake Homebrew Google ads target Mac users with malware": "https://www.bleepingcomputer.com/news/security/fake-homebrew-google-ads-target-mac-users-with-malware/", + "TSA chief behind cyber directives for aviation, pipelines and rail ousted by Trump team": "https://therecord.media/tsa-chief-behind-cyber-directives-ousted-trump-administration", + "Russian telecom giant Rostelecom investigates suspected cyberattack on contractor": "https://therecord.media/rostelecom-russia-contractor-data-breach", + "Microsoft previews Game Assist in-game browser in Edge Stable": "https://www.bleepingcomputer.com/news/microsoft/microsoft-previews-game-assist-in-game-browser-in-edge-stable/", + "Bitbucket services “hard down” due to major worldwide outage": "https://www.bleepingcomputer.com/news/technology/bitbucket-services-hard-down-due-to-major-worldwide-outage/", + "7-Zip fixes bug that bypasses Windows MoTW security warnings, patch now": "https://www.bleepingcomputer.com/news/security/7-zip-fixes-bug-that-bypasses-the-windows-motw-security-mechanism-patch-now/", + "Criminal IP Teams Up with OnTheHub for Digital Education Cybersecurity": "https://www.bleepingcomputer.com/news/security/criminal-ip-teams-up-with-onthehub-for-digital-education-cybersecurity/", + "Ransomware gangs pose as IT support in Microsoft Teams phishing attacks": "https://www.bleepingcomputer.com/news/security/ransomware-gangs-pose-as-it-support-in-microsoft-teams-phishing-attacks/", + "Il 15enne che ha violato …": "https://roccosicilia.com/2025/01/21/il-15enne-che-ha-violato/", + "Via a SECURE, il progetto per supportare conformità delle PMI al Cyber Resilience Act": "https://www.securityinfo.it/2025/01/21/via-a-secure-il-progetto-per-supportare-conformita-delle-pmi-al-cyber-resilience-act/", + "Hackers impersonate Ukraine’s CERT to trick people into allowing computer access": "https://therecord.media/fake-ukraine-cert-anydesk-requests-hackers", + "Russian ransomware hackers increasingly posing as tech support on Microsoft Teams": "https://therecord.media/fake-tech-support-russian-hackers-microsoft-teams", + "JoCERT Issues Warning on Exploitable Command Injection Flaws in HPE Aruba Products": "https://cyble.com/blog/jocert-warns-of-hpe-aruba-command-injection-flaws/", + "Report riepilogativo sulle tendenze delle campagne malevole analizzate dal CERT-AGID nel 2024": "https://cert-agid.gov.it/news/report-riepilogativo-sulle-tendenze-delle-campagne-malevole-analizzate-dal-cert-agid-nel-2024/", + "October 2024 Cyber Attacks Statistics": "https://www.hackmageddon.com/2025/01/21/october-2024-cyber-attacks-statistics/", + "InvisibleFerret Malware: Technical Analysis": "https://any.run/cybersecurity-blog/invisibleferret-malware-analysis/", + "Zyxel vulnerability exploited by “Helldown” ransomware group": "https://labs.yarix.com/2025/01/zyxel-vulnerability-exploited-by-helldown-ransomware-group/", + "Critical Mozilla Vulnerabilities Prompt Urgent Updates for Firefox and Thunderbird Users": "https://cyble.com/blog/cert-in-reports-multiple-mozilla-vulnerabilities/" + }, + "Qualys Security Blog": { + "Mass Campaign of Murdoc Botnet Mirai: A New Variant of Corona Mirai": "https://blog.qualys.com/category/vulnerabilities-threat-research" + }, + "Krypt3ia": { + "Krypt3ia CTI Daily Digest 1.21.25": "https://krypt3ia.wordpress.com/2025/01/21/krypt3ia-cti-daily-digest-1-21-25/" + }, + "JUMPSEC": { + "CREST penetration testing: how to ensure industry-leading standards": "https://www.jumpsec.com/guides/crest-penetration-testing-how-to-ensure-industry-leading-standards/", + "What is the difference between security and penetration testing": "https://www.jumpsec.com/guides/difference-between-security-and-penetration-testing/" + }, + "迪哥讲事": { + "从xss的自动化扫描器聊起-xss的基本功": "https://mp.weixin.qq.com/s?__biz=MzIzMTIzNTM0MA==&mid=2247496922&idx=1&sn=f8c212b3d3e0fb45af733f56c776a356&chksm=e8a5feb9dfd277af68c2f94335499c7ee8b25a1a135dc168ad072328c4490be4b4e4ea34114d&scene=58&subscene=0#rd" + }, + "Securityinfo.it": { + "Via a SECURE, il progetto per supportare conformità delle PMI al Cyber Resilience Act": "https://www.securityinfo.it/2025/01/21/via-a-secure-il-progetto-per-supportare-conformita-delle-pmi-al-cyber-resilience-act/?utm_source=rss&utm_medium=rss&utm_campaign=via-a-secure-il-progetto-per-supportare-conformita-delle-pmi-al-cyber-resilience-act" + }, + "HACKMAGEDDON": { + "October 2024 Cyber Attacks Statistics": "https://www.hackmageddon.com/2025/01/21/october-2024-cyber-attacks-statistics/" + }, + "LuxSci": { + "Top 5 Use Cases for High-Volume HIPAA-Compliant Email": "https://luxsci.com/blog/use-cases-high-volume-hipaa-compliant-email.html" + }, + "安全419": { + "2024年度网络安全政策法规一览": "https://mp.weixin.qq.com/s?__biz=MzUyMDQ4OTkyMg==&mid=2247546742&idx=1&sn=986ad65a22c1c630d4eabd6c42289dc4&chksm=f9ebe9dbce9c60cd5be6610f4c43ec81e749cec3dce80ec0cf923666c585928f149fc781baa7&scene=58&subscene=0#rd" + }, + "Instapaper: Unread": { + "The Powerful AI Tool That Cops (or Stalkers) Can Use to Geolocate Photos in Seconds": "https://www.404media.co/the-powerful-ai-tool-that-cops-or-stalkers-can-use-to-geolocate-photos-in-seconds/", + "Bypassing disk encryption on systems with automatic TPM2 unlock": "https://oddlama.org/blog/bypassing-disk-encryption-with-tpm2-unlock/", + "Artifacts Jump Lists": "http://windowsir.blogspot.com/2025/01/artifacts-jump-lists.html", + "Windows 11 BitLocker-Encrypted Files Accessed Without Disassembling Laptops": "https://cybersecuritynews.com/windows-11-bitlocker-encrypted-files-accessed/", + "Riflessione sulle Free WiFi": "https://roccosicilia.com/2025/01/20/riflessione-sulle-free-wifi/" + }, + "Graham Cluley": { + "The AI Fix #34: Fake Brad Pitt and why AI means we will lose our jobs": "https://grahamcluley.com/the-ai-fix-34/", + "Medusa ransomware: what you need to know": "https://www.tripwire.com/state-of-security/medusa-ransomware-what-you-need-know" + }, + "Troy Hunt's Blog": { + "Weekly Update 435": "https://www.troyhunt.com/weekly-update-435/" + }, + "The Hacker News": { + "Mirai Variant Murdoc Botnet Exploits AVTECH IP Cameras and Huawei Routers": "https://thehackernews.com/2025/01/murdocbotnet-found-exploiting-avtech-ip.html", + "13,000 MikroTik Routers Hijacked by Botnet for Malspam and Cyberattacks": "https://thehackernews.com/2025/01/13000-mikrotik-routers-hijacked-by.html", + "Ex-CIA Analyst Pleads Guilty to Sharing Top-Secret Data with Unauthorized Parties": "https://thehackernews.com/2025/01/ex-cia-analyst-pleads-guilty-to-sharing.html", + "HackGATE: Setting New Standards for Visibility and Control in Penetration Testing Projects": "https://thehackernews.com/2025/01/hackgate-setting-new-standards-for.html", + "PNGPlug Loader Delivers ValleyRAT Malware Through Fake Software Installers": "https://thehackernews.com/2025/01/pngplug-loader-delivers-valleyrat.html", + "CERT-UA Warns of Cyber Scams Using Fake AnyDesk Requests for Fraudulent Security Audits": "https://thehackernews.com/2025/01/cert-ua-warns-of-cyber-scams-using-fake.html" + }, + "The Register - Security": { + "Patch procrastination leaves 50,000 Fortinet firewalls vulnerable to zero-day": "https://go.theregister.com/feed/www.theregister.com/2025/01/21/fortinet_firewalls_still_vulnerable/", + "HPE probes IntelBroker's bold data theft boasts": "https://go.theregister.com/feed/www.theregister.com/2025/01/21/hpe_intelbroker_claims/", + "Breaking free from reactive security": "https://go.theregister.com/feed/www.theregister.com/2025/01/21/breaking_free_from_reactive_security/", + "Banks must keep ahead of risks and reap AI rewards": "https://go.theregister.com/feed/www.theregister.com/2025/01/21/banks_must_keep_ahead_of/" + }, + "Security Affairs": { + "Former CIA analyst pleaded guilty to leaking top-secret documents": "https://securityaffairs.com/173302/intelligence/former-cia-analyst-pleaded-guilty-to-leaking-top-secret-docs.html", + "New Mirai botnet variant Murdoc Botnet targets AVTECH IP cameras and Huawei HG532 routers": "https://securityaffairs.com/173294/cyber-crime/new-mirai-botnet-variant-murdoc-botnet-targets-avtech-ip-cameras-and-huawei-hg532-routers.html", + "CERT-UA warned of scammers impersonating the agency using fake AnyDesk requests": "https://securityaffairs.com/173285/hacking/cert-ua-warned-of-scammers-impersonating-the-agency-using-fake-anydesk.html", + "Experts found multiple flaws in Mercedes-Benz infotainment system": "https://securityaffairs.com/173275/hacking/mercedes-benz-infotainment-system-flaws.html" + }, + "Deeplinks": { + "EFF Sends Transition Memo on Digital Policy Priorities to New Administration and Congress": "https://www.eff.org/press/releases/eff-sends-transition-memo-digital-policy-priorities-new-administration-and-congress" + }, + "Posts By SpecterOps Team Members - Medium": { + "Life at SpecterOps Part II: From Dream to Reality": "https://posts.specterops.io/life-at-specterops-part-ii-from-dream-to-reality-99e10df0ba73?source=rss----f05f8696e3cc---4" + }, + "Your Open Hacker Community": { + "Learning Cryptography & Math for hacking": "https://www.reddit.com/r/HowToHack/comments/1i6ro3j/learning_cryptography_math_for_hacking/", + "How to detect Wi-Fi deauth attacks": "https://www.reddit.com/r/HowToHack/comments/1i6vi0d/how_to_detect_wifi_deauth_attacks/", + "Root directory question": "https://www.reddit.com/r/HowToHack/comments/1i6r7bd/root_directory_question/", + "Broken Access Control": "https://www.reddit.com/r/HowToHack/comments/1i6dllf/broken_access_control/", + "O.MG Cable": "https://www.reddit.com/r/HowToHack/comments/1i6fkqd/omg_cable/", + "How to change a player's UUID in Minecraft?": "https://www.reddit.com/r/HowToHack/comments/1i6aj8m/how_to_change_a_players_uuid_in_minecraft/" + }, + "Blackhat Library: Hacking techniques and research": { + "Spammer/scammer sites?": "https://www.reddit.com/r/blackhat/comments/1i6k17f/spammerscammer_sites/", + "Doxxed on instagram by a random need help": "https://www.reddit.com/r/blackhat/comments/1i672l2/doxxed_on_instagram_by_a_random_need_help/" + }, + "ICT Security Magazine": { + "Cybersecurity nel Settore Sanitario: Minacce, Vulnerabilità e Strategie di Difesa per il 2025": "https://www.ictsecuritymagazine.com/notizie/settore-sanitario-2025/" + }, + "Silent Signal Techblog": { + "Vulnerability Archeology: Stealing Passwords with IBM i Access Client Solutions": "https://blog.silentsignal.eu/2025/01/21/ibm-acs-password-dump/" + }, + "表图": { + "网络安全行业的价格战有那么惨烈吗?": "https://mp.weixin.qq.com/s?__biz=MzUzOTI4NDQ3NA==&mid=2247484721&idx=1&sn=5e8ea98c7bfa102e656bff0ae06e3a29&chksm=facb83a4cdbc0ab2440ee60f86552a8dac017e794d8629ba15261aad3175e13285e2b12beaae&scene=58&subscene=0#rd" + }, + "netsecstudents: Subreddit for students studying Network Security and its related subjects": { + "Why would a website change the upload destination via an X-Forwarded-Host header and how can I exploit it?": "https://www.reddit.com/r/netsecstudents/comments/1i6q0ib/why_would_a_website_change_the_upload_destination/" + }, + "Social Engineering": { + "When making a request from someone , how do you explain it in a way that'd be agreeable?": "https://www.reddit.com/r/SocialEngineering/comments/1i6gkun/when_making_a_request_from_someone_how_do_you/" + }, + "Hacking Exposed Computer Forensics Blog": { + "Daily Blog #724: Project Adaz testing part 2": "https://www.hecfblog.com/2025/01/daily-blog-724-project-adaz-testing.html" + }, + "SANS Internet Storm Center, InfoCON: green": { + "Geolocation and Starlink, (Tue, Jan 21st)": "https://isc.sans.edu/diary/rss/31612", + "ISC Stormcast For Tuesday, January 21st, 2025 https://isc.sans.edu/podcastdetail/9288, (Tue, Jan 21st)": "https://isc.sans.edu/diary/rss/31610" + }, + "Technical Information Security Content & Discussion": { + "Reverse Engineering Call Of Duty Anti-Cheat": "https://www.reddit.com/r/netsec/comments/1i6fcdq/reverse_engineering_call_of_duty_anticheat/", + "NaN Of Your Business - My Favorite Unintended CTF Solution": "https://www.reddit.com/r/netsec/comments/1i6kx5w/nan_of_your_business_my_favorite_unintended_ctf/", + "Vulnerability Archeology: Stealing Passwords with IBM i Access Client Solutions": "https://www.reddit.com/r/netsec/comments/1i6h9bg/vulnerability_archeology_stealing_passwords_with/" + }, + "Schneier on Security": { + "AI Mistakes Are Very Different from Human Mistakes": "https://www.schneier.com/blog/archives/2025/01/ai-mistakes-are-very-different-from-human-mistakes.html" + }, + "Computer Forensics": { + "Tell me if I’m wrong, but should data carving be done on the non-mounted block device? If mounted, would the deleted file bytes be invisible since the mounted directory is just a \"metaphor\" of the OS, obscuring the hidden data?": "https://www.reddit.com/r/computerforensics/comments/1i6imoz/tell_me_if_im_wrong_but_should_data_carving_be/", + "Will someone explain the difference between Magnet Axiom and Cellebrite?": "https://www.reddit.com/r/computerforensics/comments/1i6u4pt/will_someone_explain_the_difference_between/", + "Created dates not displaying on X ways.": "https://www.reddit.com/r/computerforensics/comments/1i6nbvf/created_dates_not_displaying_on_x_ways/", + "Printer dithering machine identification code on monochrome printers": "https://www.reddit.com/r/computerforensics/comments/1i65uso/printer_dithering_machine_identification_code_on/" + }, + "TorrentFreak": { + "Reddit and Film Companies Clash in Appeals Court Over Sharing Users’ IP Addresses": "https://torrentfreak.com/reddit-and-film-companies-clash-in-appeals-court-over-sharing-users-ip-addresses-250121/" + }, + "网安寻路人": { + "美商务部AI模型出口管制新规(全文翻译)": "https://mp.weixin.qq.com/s?__biz=MzIxODM0NDU4MQ==&mid=2247505939&idx=1&sn=763b43e9649792ff40f1de91e21dab79&chksm=97e965f9a09eeceffb179a7618e568952a1500feb5177140bd912f2bd8ec719211607d2ba064&scene=58&subscene=0#rd" + }, + "Security Weekly Podcast Network (Audio)": { + "Smishing, Microsoft, Star Blizzard, Sneaky Log, VMARE, Josh Marpet, and more... - SWN #444": "http://sites.libsyn.com/18678/smishing-microsoft-star-blizzard-sneaky-log-vmare-josh-marpet-and-more-swn-444", + "Appsec Predictions for 2025 - Cody Scott - ASW #314": "http://sites.libsyn.com/18678/appsec-predictions-for-2025-cody-scott-asw-314" + } +} \ No newline at end of file diff --git a/today.md b/today.md index 413564fc0a..b814a4476f 100644 --- a/today.md +++ b/today.md @@ -1,445 +1,315 @@ -# 每日安全资讯(2025-01-21) +# 每日安全资讯(2025-01-22) -- Security Boulevard - - [ ] [U.S. Treasury Sanctions Chinese Individual, Company for Data Breaches](https://securityboulevard.com/2025/01/treasury-sanctions-chinese-individual-company-for-data-breaches/) - - [ ] [The AI Revolution No One Saw Coming Until It Was Too Late](https://securityboulevard.com/2025/01/the-ai-revolution-no-one-saw-coming-until-it-was-too-late/) - - [ ] [Mobile Cybersecurity Trends for 2025: Key Predictions and Preparations](https://securityboulevard.com/2025/01/mobile-cybersecurity-trends-for-2025-key-predictions-and-preparations/) - - [ ] [Executive Order 14144 on Cybersecurity: Building on 2021’s Foundation with Advanced NHI Security](https://securityboulevard.com/2025/01/executive-order-14144-on-cybersecurity-building-on-2021s-foundation-with-advanced-nhi-security/) - - [ ] [Bluesky AT Protocol: Building a Decentralized TikTok](https://securityboulevard.com/2025/01/bluesky-at-protocol-building-a-decentralized-tiktok/) - - [ ] [Privacy Roundup: Week 3 of Year 2025](https://securityboulevard.com/2025/01/privacy-roundup-week-3-of-year-2025/) - - [ ] [Biden Signs New Cybersecurity Order](https://securityboulevard.com/2025/01/biden-signs-new-cybersecurity-order/) - - [ ] [The 2025 Themes on Data GPS](https://securityboulevard.com/2025/01/the-2025-themes-on-data-gps/) - - [ ] [From Dark Web to Jackpot: How Cybercriminals Exploit Stolen Credentials in iGaming](https://securityboulevard.com/2025/01/from-dark-web-to-jackpot-how-cybercriminals-exploit-stolen-credentials-in-igaming/) - - [ ] [Information Security Manual (ISM)](https://securityboulevard.com/2025/01/information-security-manual-ism/) -- Doonsec's feed - - [ ] [【漏洞预警】ZZCMS index.php SQL注入漏洞(CVE-2025-0565)](https://mp.weixin.qq.com/s?__biz=MzI3NzMzNzE5Ng==&mid=2247489485&idx=1&sn=e5ea1e03489d9276fac40db96a823bb7) - - [ ] [TikTok为何起死回生](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485443&idx=1&sn=dd23aa4fd95519d14cc33ef2d54c8810) - - [ ] [【直卖实拍】北七家3居变4居豪装,理想楼层、户型、朝向](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485443&idx=2&sn=b36fdcdc5a0525e1db0a2fa6508f52dc) - - [ ] [【干货】笑傲职场的独家经验(1)](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485443&idx=3&sn=88641f7357a1f75be1dc1d32c6752987) - - [ ] [【干货原创】实网攻防演习常态化,会带来什么变化01](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485443&idx=4&sn=f71b5322469f2fa2ccfe166579caebb1) - - [ ] [【干货原创】K12教育,鲜为人知的模式秘密](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485443&idx=5&sn=6d627d2c0be617514fc89ab29ca4b5e9) - - [ ] [原创文章目录](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485443&idx=6&sn=fad9c90b81fc4f20dcc44dc1f14c9c5f) - - [ ] [SQL注入全知道:网络安全的关键一课](https://mp.weixin.qq.com/s?__biz=Mzk2NDE3NDUwNg==&mid=2247483828&idx=1&sn=8ef20fd531a6dcf1a4e1cda040353abd) - - [ ] [Win11综合渗透系统,第二个”kali“武器库](https://mp.weixin.qq.com/s?__biz=MzU2MTc4NTEyNw==&mid=2247486356&idx=1&sn=a92c101f23fbced3106f21dd7797fe8b) - - [ ] [如何mongodb未授权访问漏洞](https://mp.weixin.qq.com/s?__biz=MzU1NjczNjA0Nw==&mid=2247486273&idx=1&sn=9a0ebba7a700f0ae0410be83b4b1df00) - - [ ] [国家发展改革委 国家数据局印发:《公共数据资源登记管理暂行办法》](https://mp.weixin.qq.com/s?__biz=MzI5NTM4OTQ5Mg==&mid=2247633921&idx=1&sn=18de258173a0a62f2d71cd2ca2582883) - - [ ] [国家发展改革委 国家数据局印发:《公共数据资源授权运营实施规范(试行)》](https://mp.weixin.qq.com/s?__biz=MzI5NTM4OTQ5Mg==&mid=2247633921&idx=2&sn=c418f7c2c0e0d01528c11d8e9353f68c) - - [ ] [国家发展改革委 国家数据局:建立公共数据资源授权运营价格形成机制](https://mp.weixin.qq.com/s?__biz=MzI5NTM4OTQ5Mg==&mid=2247633921&idx=3&sn=6cf19acc3796e33b2cce9a02142745d1) - - [ ] [联播 | 我国首次出台公共数据资源开发利用实施细则](https://mp.weixin.qq.com/s?__biz=MzI5NTM4OTQ5Mg==&mid=2247633921&idx=4&sn=2289a72714579a09896c3c81b515d927) - - [ ] [特朗普发虚拟币,盘中暴涨1250%!](https://mp.weixin.qq.com/s?__biz=MzI5NTM4OTQ5Mg==&mid=2247633921&idx=5&sn=54a5ea5792206d9bae4c05e339bd07d5) - - [ ] [入群交流](https://mp.weixin.qq.com/s?__biz=MzI3NzM5NDA0NA==&mid=2247490304&idx=1&sn=a98b3b79b777c84182792e9c67ffacce) - - [ ] [【知识点】解密:HUMINT、SIGINT、OSINT、MASINT、GEOINT 、IMINT、SOCMINT、MEDINT等](https://mp.weixin.qq.com/s?__biz=MzI2MTE0NTE3Mw==&mid=2651148633&idx=1&sn=80a6c18af41984c8aaa601f82ccd7ac8) - - [ ] [渗透测试人员的 MSSQL:NetExec](https://mp.weixin.qq.com/s?__biz=MzU1NjczNjA0Nw==&mid=2247486268&idx=1&sn=450e1a636c028a9d9e1fe429289a8668) - - [ ] [常见几种网络协议分析](https://mp.weixin.qq.com/s?__biz=MzAxNTg1MDYxNA==&mid=2247489128&idx=1&sn=313dc6f577ec674a9a177d748316db7b) - - [ ] [HGAME 2025 来啦!](https://mp.weixin.qq.com/s?__biz=MzIxNDU2ODg3Mw==&mid=2247485952&idx=1&sn=799660f91d48a13de14372592f792a47) - - [ ] [商务合作](https://mp.weixin.qq.com/s?__biz=MzI3NzM5NDA0NA==&mid=2247490298&idx=1&sn=29a1662bf8226520fd86fc0e9622b590) - - [ ] [游戏数据安全——论各大防封手段](https://mp.weixin.qq.com/s?__biz=MzkyMTQzNTM3Ng==&mid=2247483891&idx=1&sn=2558903c6966574bc94858f004b07211) - - [ ] [由国家医保局集采出现的低价低质药品问题想到网络安全产品采购](https://mp.weixin.qq.com/s?__biz=Mzk0MDI5MTQzMg==&mid=2247483930&idx=1&sn=228a4301c1f6b71dd85754c22ba6beed) - - [ ] [【调研】网络与信息法学研究机构调研问卷](https://mp.weixin.qq.com/s?__biz=MzU1NDY3NDgwMQ==&mid=2247549334&idx=1&sn=82cf21764d504b41a48962823d8ed655) - - [ ] [【资讯】贵州省政府办公厅印发《贵州省公共数据授权运营管理办法(试行)》](https://mp.weixin.qq.com/s?__biz=MzU1NDY3NDgwMQ==&mid=2247549334&idx=2&sn=053caf442ee04b3f5546728815a77d5c) - - [ ] [【资讯】黑龙江省政府办公厅印发《黑龙江省政务数据管理暂行办法》](https://mp.weixin.qq.com/s?__biz=MzU1NDY3NDgwMQ==&mid=2247549334&idx=3&sn=5c8a8470788284305db508aa96bd7c79) - - [ ] [【资讯】重庆市政府办公厅印发《重庆市智慧医疗装备产业创新发展行动计划(2025—2027年)》](https://mp.weixin.qq.com/s?__biz=MzU1NDY3NDgwMQ==&mid=2247549334&idx=4&sn=f2251d4ebfb1aeedfd16c0781ec39e40) - - [ ] [保护开源:软件供应链革命的教训](https://mp.weixin.qq.com/s?__biz=MzA4MzMzOTQ4Mw==&mid=2453672504&idx=1&sn=babb0420709b2e937d08399d4d0253d8) - - [ ] [2024春秋杯冬季赛部分wp](https://mp.weixin.qq.com/s?__biz=MzkzNzg4MTI0NQ==&mid=2247485407&idx=1&sn=1cf860634c2c903157b69595dfaf0367) - - [ ] [梦里挖edu src的步骤](https://mp.weixin.qq.com/s?__biz=Mzg3OTUxNTU2NQ==&mid=2247490011&idx=1&sn=b84ffdb0597e4d6c90da739f541f310c) - - [ ] [渗透测试信息收集指南](https://mp.weixin.qq.com/s?__biz=Mzg3OTUxNTU2NQ==&mid=2247490011&idx=2&sn=493f7191ac6cb9fcfbc24240dc688f1e) - - [ ] [【库迪咖啡|全场饮品任选券|多店可用】现价仅需7.9 低至2.3折](https://mp.weixin.qq.com/s?__biz=Mzg3OTUxNTU2NQ==&mid=2247490011&idx=3&sn=696b18cad8b2a463ec2185c4ac088e12) - - [ ] [告别手动编辑:如何用Python快速创建Ansible hosts文件?](https://mp.weixin.qq.com/s?__biz=MjM5OTc5MjM4Nw==&mid=2457386352&idx=1&sn=8feb8deabf383342740f93b565b22599) - - [ ] [Linux系统沦陷只需1分钟?这些文件权限配置千万别踩坑!](https://mp.weixin.qq.com/s?__biz=MzI5MjY4MTMyMQ==&mid=2247489749&idx=1&sn=7962c59b247991746167fa1a11ae454e) - - [ ] [【云安全】云原生-Docker(一)安全问题概述](https://mp.weixin.qq.com/s?__biz=MzUyNTUyNTA5OQ==&mid=2247484414&idx=1&sn=24240cde29e42a4c1d40be5dc842887c) - - [ ] [三江汇流 共赴未来 | 三未信安2025年全体员工大会暨优秀员工颁奖典礼、迎新年会圆满举办](https://mp.weixin.qq.com/s?__biz=MzA5ODk0ODM5Nw==&mid=2650330729&idx=1&sn=01e972e79a2a22651fe6dc099e789730) - - [ ] [供应链危机四伏:2024年十大供应链安全事件盘点](https://mp.weixin.qq.com/s?__biz=MzkxMzQwNDcxNg==&mid=2247486847&idx=1&sn=d89231f87a5afce0ccd46a4e73f593a8) - - [ ] [下辈子准时点](https://mp.weixin.qq.com/s?__biz=MzAwMjQ2NTQ4Mg==&mid=2247496696&idx=1&sn=3a506bc2e55fccbc563b774c17a54714) - - [ ] [每日情报速递](https://mp.weixin.qq.com/s?__biz=MzkxMzU4ODU2MQ==&mid=2247484008&idx=1&sn=ac715abc887e00dbbfc1436a108e6250) - - [ ] [pikachu靶机-sql注入](https://mp.weixin.qq.com/s?__biz=Mzk1NzI5NzA3NQ==&mid=2247486295&idx=1&sn=62db4342ca546762d7dad726b689a216) - - [ ] [意外发现谷歌Slides越权漏洞,获得赏金$3133.70的故事](https://mp.weixin.qq.com/s?__biz=Mzg2ODYxMzY3OQ==&mid=2247518279&idx=1&sn=7d44805e31cccc886d5a926e01ac7338) - - [ ] [SRC专项知识库](https://mp.weixin.qq.com/s?__biz=Mzg2ODYxMzY3OQ==&mid=2247518279&idx=2&sn=848576913cb502b4079a9268c93b2f96) - - [ ] [新年要到了,地图大师和大家请个假!](https://mp.weixin.qq.com/s?__biz=MzI5MDcyODIzNg==&mid=2247484847&idx=1&sn=ea43296b01431c6d05978d81aca141e9) - - [ ] [金盾信安 | 网络和数据领域资讯第44期(2025.1.14-2025.1.20)](https://mp.weixin.qq.com/s?__biz=MjM5NjA2NzY3NA==&mid=2448682463&idx=1&sn=6b0cf0e4166f632f756e6d7185550a0c) - - [ ] [一图读懂 | 关于完善数据流通安全治理 更好促进数据要素市场化价值化的实施方案](https://mp.weixin.qq.com/s?__biz=MjM5NjA2NzY3NA==&mid=2448682463&idx=2&sn=0b3adf79225cf56eeea212f3b7827b2e) - - [ ] [从信息泄露到越权再到弱口令](https://mp.weixin.qq.com/s?__biz=MzIzMTIzNTM0MA==&mid=2247496915&idx=1&sn=ab34ad81c6b8fa8f2d00b9513c025fa4) - - [ ] [DeepSeek-R1发布:AI模型的新突破与挑战](https://mp.weixin.qq.com/s?__biz=Mzg4NDY4Mzk3Mw==&mid=2247485508&idx=1&sn=24b05cfb5c4bc56938cae5df32894666) - - [ ] [凉山叙事](https://mp.weixin.qq.com/s?__biz=MzUzMjQyMDE3Ng==&mid=2247487923&idx=1&sn=27de2e79a46e08f68e6fd4cadd99c580) - - [ ] [用AI批量画美女,起号快涨粉猛!](https://mp.weixin.qq.com/s?__biz=MzU5MjI1NTY1Mg==&mid=2247484026&idx=1&sn=5fe17628890ac8925d456ec37ddbb401) - - [ ] [什么?超级大黑客挖不到CVE怪别人?](https://mp.weixin.qq.com/s?__biz=Mzg2NDg2MDIxNQ==&mid=2247485337&idx=1&sn=0e18e12e4583d3266cf4cfeef786a4d4) - - [ ] [G.O.S.S.I.P 技术笔记 2025-01-15 薛定谔的寄存器?](https://mp.weixin.qq.com/s?__biz=Mzg5ODUxMzg0Ng==&mid=2247499629&idx=1&sn=2890acf36b4707a5bf91f3c823c4a5db) - - [ ] [重要通知 | 水务行业信息技术应用创新典型案例征集活动正式开启!](https://mp.weixin.qq.com/s?__biz=MjM5NzYwNDU0Mg==&mid=2649249501&idx=1&sn=7fb28777ad09673ab4833b0e29dd508a) - - [ ] [Pycharm接入DeepSeek-Coder](https://mp.weixin.qq.com/s?__biz=MjM5NDcxMDQzNA==&mid=2247489378&idx=1&sn=1aff955a1f6d90eca2719ea543dc1f6e) - - [ ] [区域 EE 架构的网络安全设计原则](https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247619836&idx=1&sn=e0ed060c4fa01b7116987d615eaee244) - - [ ] [汽车行业的4项基本网络安全原则](https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247619836&idx=2&sn=dfcd600112ecc5a305a8575993cad59f) - - [ ] [汽车网络安全原则](https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247619836&idx=3&sn=e130f913bea9bf203e72ceed015b3888) - - [ ] [基于MQTT协议的物联网小基站](https://mp.weixin.qq.com/s?__biz=MzkxMzIwNTY1OA==&mid=2247510807&idx=1&sn=a3f9af8ad8ab86ab84ec3ee023997827) - - [ ] [利用 Windows 常见日志文件系统零日漏洞 (CVE-2024-49138)](https://mp.weixin.qq.com/s?__biz=MzI0NzE4ODk1Mw==&mid=2652094653&idx=1&sn=0a8f46713971d1eae5f9bc98fe0e3049) - - [ ] [严重远程代码执行漏洞(CVE-2024-53691)在QNAP 系统中被发现](https://mp.weixin.qq.com/s?__biz=MzI0NzE4ODk1Mw==&mid=2652094653&idx=2&sn=c69dfb1b57a25f58f75e9a9f5422bd0c) - - [ ] [解读出国劳务:表面邀请拍戏,实则人口交易,走上小路,却是末路!](https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651312480&idx=1&sn=2be5b35dfbdedbfdbcdd3f9202df131a) - - [ ] [惠普被黑客入侵,机密数据在暗网出售](https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651312480&idx=2&sn=a05f6eecc8d3d1f5f003190048e55fcb) - - [ ] [黑客滥用微软VSCode 远程隧道绕过安全工具](https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651312480&idx=3&sn=b0c12a4dddb00af1b5562fe19c9287c8) - - [ ] [Hannibal:一款基于C的x64 Windows代理](https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651312480&idx=4&sn=f4a2e1bfaa023f53f89e41093fef9be4) - - [ ] [豆包实时语音大模型上线即开放!情商智商双高](https://mp.weixin.qq.com/s?__biz=MzI1MzYzMjE0MQ==&mid=2247512895&idx=1&sn=49ed677b655176bbbd6eee6f4ddc18e1) - - [ ] [SQL注入靶场(前22关)保姆级教学](https://mp.weixin.qq.com/s?__biz=MzkzNjg3NzIwOQ==&mid=2247485112&idx=1&sn=80fc51e061a399aa0576b2480a0953a3) - - [ ] [带你解锁编码新世界!--随波逐流CTF编码工具使用教程37 --云影密码](https://mp.weixin.qq.com/s?__biz=MzU2NzIzNzU4Mg==&mid=2247489499&idx=1&sn=56bef61a2ffed756e0bb9b4217c0834e) - - [ ] [第三届N1CTF Junior报名开启](https://mp.weixin.qq.com/s?__biz=MzU4MTg1NzAzMA==&mid=2247490615&idx=1&sn=a3e77db49dc51e0396b2ffd6f5886aee) - - [ ] [【安全圈】宁波某化工企业被境外势力获取危险源监控视频数据](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067503&idx=1&sn=018f26decbcead5c44d6897dcaac4696) - - [ ] [【安全圈】黑客声称惠普企业遭入侵,列出待售数据](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067503&idx=2&sn=91d7e9ae298ff62eea78d7143853f356) - - [ ] [【安全圈】黑客滥用 Microsoft VSCode 远程隧道绕过安全工具](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067503&idx=3&sn=0b2738a898f48ebbcd35b935ea9b9b9b) - - [ ] [【安全圈】无需拆卸笔记本电脑即可访问 Windows 11 BitLocker 加密文件](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067503&idx=4&sn=17aa39950a2ad339c5c9189715ebc4f2) - - [ ] [AI时代-利用Ai赚钱的N中方法](https://mp.weixin.qq.com/s?__biz=Mzg2NDYwMDA1NA==&mid=2247543554&idx=1&sn=6ca82e5051fc54fba128ff1b6bc374ce) - - [ ] [“升官发财”,特朗普虚拟币暴涨41200%!“第一夫人币”两小时近腰斩](https://mp.weixin.qq.com/s?__biz=Mzg2NDYwMDA1NA==&mid=2247543554&idx=2&sn=50d4d9652b497a556e9a9f1a064d6a6e) - - [ ] [多伦多大学年度黑客松“UofTHacks 12” 在DoraHacks正式开启](https://mp.weixin.qq.com/s?__biz=MzU2MTQwMzMxNA==&mid=2247541420&idx=1&sn=7520eaaa0a11fb4924fd960022874b02) - - [ ] [电力安全|2024年新型电力系统安全建设指南报告(附下载)](https://mp.weixin.qq.com/s?__biz=MzI2MDk2NDA0OA==&mid=2247531128&idx=1&sn=7e001d4bfcf9cda041d5c9360cbe2d81) - - [ ] [干货 | 中国市政华北院刘杰:工业信息安全在市政行业的应用(附视频+PPT)](https://mp.weixin.qq.com/s?__biz=MzI2MDk2NDA0OA==&mid=2247531128&idx=2&sn=77375409542f4a968c5c5b2d10088225) - - [ ] [全球视野 | 国际网安快讯(第46期)](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235156&idx=1&sn=0d1b4aa189b788c665f35ccc52b8c79c) - - [ ] [关注 | 中央网信办启动“清朗·2025年春节网络环境整治”专项行动](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235156&idx=2&sn=4b39d631ae07312faba443f5436ad10d) - - [ ] [专家解读 | 蒋艳:促进数据标注能力提升,筑牢工业智能数据基础](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235156&idx=3&sn=558d06cf50feba02ada95b443dd3c827) - - [ ] [专家观点 | 构建多元化的人工智能训练数据供给体系](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235156&idx=4&sn=1dbca4b896271872f13bb321297280ba) - - [ ] [国际 | 欧盟计划加强医疗保健行业网络安全](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235156&idx=5&sn=957baf161a599a455c3db7e971b5e1be) - - [ ] [国际 | 日本强化“主动网络防御”能力](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235156&idx=6&sn=8ccd83bcc4b8e4593e6fdd896fa083e0) - - [ ] [评论 | 请读懂用“反向驯化”对付算法背后的诉求](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235156&idx=7&sn=f84b09b4c82d9bc9efe8c1c5f4c91a4d) - - [ ] [第84期 | GPTSecurity周报](https://mp.weixin.qq.com/s?__biz=MzkzNDUxOTk2Mw==&mid=2247495733&idx=1&sn=b25764a0c1cb74d6cf486000580c406c) - - [ ] [喜报 | 卫达信息董事长兼CEO张长河入选北京信息化协会专家库](https://mp.weixin.qq.com/s?__biz=Mzg5NDY0NTM2Nw==&mid=2247492228&idx=1&sn=9f73182c1bd8a144aa165eee1ff349b8) - - [ ] [保姆级教学之XSS-Labs通关](https://mp.weixin.qq.com/s?__biz=Mzk1NzQwNjQ4Ng==&mid=2247484597&idx=1&sn=48da660e734995c35cec93cddff84fd8) - - [ ] [电科网安*安默科技2024年终总结暨2025年迎新会圆满落幕](https://mp.weixin.qq.com/s?__biz=MzU3ODk0MzE4OA==&mid=2247488051&idx=1&sn=6f19acffa8173f7a20541412fc6576a5) - - [ ] [对话|ESA如何助力企业高效安全开展在线业务?](https://mp.weixin.qq.com/s?__biz=MzU5ODgzNTExOQ==&mid=2247635009&idx=1&sn=69db4caf5105b9b0125c63728b5fecaa) - - [ ] [【黑产大数据】2024年互联网黑灰产趋势年度总结](https://mp.weixin.qq.com/s?__biz=MzU5ODgzNTExOQ==&mid=2247635009&idx=2&sn=3dde0197ea08fcea6abbf1efcc97121e) - - [ ] [T1059.009 命令执行:云API异常调用](https://mp.weixin.qq.com/s?__biz=Mzk0NDcyMjU2OQ==&mid=2247484541&idx=1&sn=c834b9f4ff672abc3b456507acb31eeb) - - [ ] [盘点!美亚柏科电子数据取证技术实现多项关键性突破](https://mp.weixin.qq.com/s?__biz=MjM5NTU4NjgzMg==&mid=2651436426&idx=1&sn=a33191a6dedd3921aaf30e03d59a4725) - - [ ] [国投智能(美亚柏科)2025年首期师资培训班顺利结营](https://mp.weixin.qq.com/s?__biz=MjM5NTU4NjgzMg==&mid=2651436426&idx=2&sn=a927c434d43af1cb6365563dda66f575) - - [ ] [CNVD漏洞周报2025年第3期](https://mp.weixin.qq.com/s?__biz=MzU3ODM2NTg2Mg==&mid=2247495715&idx=1&sn=c02f8d40b18ff20468aa338efd776c5d) - - [ ] [上周关注度较高的产品安全漏洞(20250113-20250119)](https://mp.weixin.qq.com/s?__biz=MzU3ODM2NTg2Mg==&mid=2247495715&idx=2&sn=b9b9d870553d36e181ba7d1702fde7da) - - [ ] [面向脚本小子的360QVM](https://mp.weixin.qq.com/s?__biz=MzU0NDc0NTY3OQ==&mid=2247488404&idx=1&sn=767ba5298bab860a12d1a405c60ff539) - - [ ] [3家公司未履行网络安全保护义务被网信部门约谈](https://mp.weixin.qq.com/s?__biz=MzIxMDIwODM2MA==&mid=2653931455&idx=1&sn=9869843197ad2257ce5e19eceb4cdd5c) - - [ ] [河南农商联合银行1000万扩容大数据平台,服务器中标金额近乎“腰斩”](https://mp.weixin.qq.com/s?__biz=MzIxMDIwODM2MA==&mid=2653931455&idx=2&sn=2b60d33885356d3902384fba93149b07) - - [ ] [滴!您有一封来自360安全大模型的年度报告待查收](https://mp.weixin.qq.com/s?__biz=MzA4MTg0MDQ4Nw==&mid=2247579147&idx=1&sn=0643e297c264261888a85bdd3bd4b117) - - [ ] [国际权威认可!奇安信入选全球外部威胁情报服务代表性提供商](https://mp.weixin.qq.com/s?__biz=MzU0NDk0NTAwMw==&mid=2247624499&idx=1&sn=2bde033592b17124298b7604ce3f2346) - - [ ] [吴云坤总裁荣获CCF计算机博物馆建设年度杰出贡献奖](https://mp.weixin.qq.com/s?__biz=MzU0NDk0NTAwMw==&mid=2247624499&idx=2&sn=1e3dedef1c1a65b4d6d35a1739c53535) - - [ ] [SQL注入的入门指南](https://mp.weixin.qq.com/s?__biz=Mzk0Mjg4MTQxMw==&mid=2247485731&idx=1&sn=001b161a0e206c805ff76545de384fae) - - [ ] [WGS-804HPT 交换机中存在多个严重漏洞,可导致RCE和网络利用](https://mp.weixin.qq.com/s?__biz=MzI2NTg4OTc5Nw==&mid=2247522124&idx=1&sn=8b928d650502c3cebc7b2ae0e85282a2) - - [ ] [PyPI 恶意包窃取Discord 开发人员的认证令牌](https://mp.weixin.qq.com/s?__biz=MzI2NTg4OTc5Nw==&mid=2247522124&idx=2&sn=98991414f4675f83bbb4a3935a2f16e1) - - [ ] [拜登辛苦布局,特朗普一键清零](https://mp.weixin.qq.com/s?__biz=MzkxMTA3MDk3NA==&mid=2247487075&idx=1&sn=76de4b585df35469219561d742159caf) - - [ ] [APT-C-26(Lazarus)组织持续升级攻击武器,利用Electron程序瞄准加密货币行业](https://mp.weixin.qq.com/s?__biz=MzUyMjk4NzExMA==&mid=2247505519&idx=1&sn=594229f2c0123673d1fa9c6cf729858b) - - [ ] [每周网安资讯 (1.7-1.13)|微软补丁日通告:2025年1月版](https://mp.weixin.qq.com/s?__biz=MzI2MzU0NTk3OA==&mid=2247505727&idx=1&sn=05d5f08860d3524fce4b867cf81fddae) - - [ ] [构筑业务系统监测预警体系,中孚信息筑牢国家安全保密新防线](https://mp.weixin.qq.com/s?__biz=MzAxMjE1MDY0NA==&mid=2247508720&idx=1&sn=b1a3fb7b9050e2c9f6897d8018d2fe99) - - [ ] [规划丨2025,对您的未来许下承诺](https://mp.weixin.qq.com/s?__biz=MzUzNTg4NDAyMg==&mid=2247492307&idx=1&sn=3a6a128fe59dd9a6c20465afe53b24a5) - - [ ] [150亿造车新势力,宣布停运破产](https://mp.weixin.qq.com/s?__biz=MzIzOTc2OTAxMg==&mid=2247549173&idx=1&sn=0c7333f70cb52cfe2b8da933eea4de06) - - [ ] [阿维塔确认参展AutoSec 9周年行业年会,亮剑汽车安全防护!](https://mp.weixin.qq.com/s?__biz=MzIzOTc2OTAxMg==&mid=2247549173&idx=2&sn=b66c040ec84ff0496a5cfcad390306df) - - [ ] [智能汽车安全理念的融合发展趋势预测](https://mp.weixin.qq.com/s?__biz=MzIzOTc2OTAxMg==&mid=2247549173&idx=3&sn=294f9fc1441e0a598b1e6efbf7597b66) - - [ ] [拜登再次发布网络安全行政令,全面加强美国国家网络防御创新](https://mp.weixin.qq.com/s?__biz=MzkwMTQyODI4Ng==&mid=2247495621&idx=1&sn=a052c6624c11fc6742d544424b993705) - - [ ] [2025年人工智能带来的五大网络安全趋势及其应对策略](https://mp.weixin.qq.com/s?__biz=MzkwMTQyODI4Ng==&mid=2247495621&idx=2&sn=689ff446f9d50f48c3a51f31d8210332) - - [ ] [Fortinet防火墙配置文件和VPN账户大规模泄露](https://mp.weixin.qq.com/s?__biz=MzkwMTQyODI4Ng==&mid=2247495621&idx=3&sn=9f373b789858198dc0c229e52a1d9911) - - [ ] [测评公告(2025年第1号)](https://mp.weixin.qq.com/s?__biz=MzI0NDg4MTIyNQ==&mid=2247486012&idx=1&sn=3e2ba62d7a8f49614ac4ed43fe5d70c6) - - [ ] [天翁安全 2025年新年粉丝专属红包来啦(第二弹)!](https://mp.weixin.qq.com/s?__biz=MzkwMzUyMjk2MQ==&mid=2247484100&idx=1&sn=c306276e7193d6c54a955c0cc151bb98) - - [ ] [开源前哨 · 热点情报速览(2025.1.14-2025.1.20)](https://mp.weixin.qq.com/s?__biz=Mzg2Nzg0NDkwMw==&mid=2247493204&idx=1&sn=3c970abd0871869c3dee3b7721e01585) - - [ ] [再获认可 |珞安科技自主研发产品入选CCIA第二版《网络安全专用产品指南》](https://mp.weixin.qq.com/s?__biz=MzU2NjI5NzY1OA==&mid=2247512181&idx=1&sn=30d15c8974a91118212031b6ab347066) - - [ ] [学习PE文件后的第一次实践项目之DLL反射型注入](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458588763&idx=1&sn=3f8a5ac4ea9d15820cc2cd6d5692963e) - - [ ] [开源工具 rsync 爆重大漏洞,黑客可越界写入缓冲区执行代码](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458588763&idx=2&sn=987fea6e7bc8cce2c77f2e2035072ac4) - - [ ] [今日更新:第4章2节-模糊测试工具基础使用](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458588763&idx=3&sn=094fc7e969bab88e07445fbca7b4b304) - - [ ] [从国赛到西湖论剑:fenjing进阶通杀jinjia2_SSTI](https://mp.weixin.qq.com/s?__biz=MzkxMDU5MzY0NQ==&mid=2247484461&idx=1&sn=b866a874c1d918dd649f80acfedc093f) - - [ ] [安全赋能丨梆梆安全受邀出席低空智联网专题座谈会暨首发低空安防智库揭牌仪式](https://mp.weixin.qq.com/s?__biz=MjM5NzE0NTIxMg==&mid=2651135123&idx=1&sn=756ef14e26921f7a402507c2c4e138a2) - - [ ] [再获殊荣|梆梆安全荣获中国网络安全产业联盟CCIA“2024年度先进会员单位”](https://mp.weixin.qq.com/s?__biz=MjM5NzE0NTIxMg==&mid=2651135123&idx=2&sn=2f3995fc6ee68b6a2b27acb6df3ba20d) - - [ ] [大寒 | 寒冬岁暮听风雪 静待春来万物生](https://mp.weixin.qq.com/s?__biz=MjM5NzE0NTIxMg==&mid=2651135123&idx=3&sn=0667693e8d3711a95039eee3e967dd29) - - [ ] [扫码下载 | 应急响应实战分析](https://mp.weixin.qq.com/s?__biz=MjM5OTk4MDE2MA==&mid=2655264138&idx=1&sn=76425edffe100ad52ff62ab4daa342e8) - - [ ] [漏洞预警 NetMizer 日志审计 axx.php sql注入漏洞](https://mp.weixin.qq.com/s?__biz=MzkyMTMwNjU1Mg==&mid=2247491972&idx=1&sn=1ca23e5d04a0a77875e0689e1e8c2501) - - [ ] [聚铭网络荣膺“2024年网络安全十大优秀产品”殊荣](https://mp.weixin.qq.com/s?__biz=MzIzMDQwMjg5NA==&mid=2247506558&idx=1&sn=2b88b9ebaf25df77a090a4232cc314e4) - - [ ] [安全服务不打烊 | 聚铭网络2025年春节放假通知](https://mp.weixin.qq.com/s?__biz=MzIzMDQwMjg5NA==&mid=2247506558&idx=2&sn=56a659bd2da7af8f60c01461daab69a2) - - [ ] [重磅!中共中央、国务院印发《教育强国建设规划纲要(2024-2035年)》](https://mp.weixin.qq.com/s?__biz=MzUyMzA1MTM2NA==&mid=2247499058&idx=1&sn=bb88b8e49b482515503e43edbdebdc17) -- Zgao's blog - - [ ] [0889挖矿团伙rootkit后门溯源排查记录](https://zgao.top/0889%e6%8c%96%e7%9f%bf%e5%9b%a2%e4%bc%99rootkit%e5%90%8e%e9%97%a8%e6%ba%af%e6%ba%90%e6%8e%92%e6%9f%a5%e8%ae%b0%e5%bd%95/) -- SecWiki News - - [ ] [SecWiki News 2025-01-20 Review](http://www.sec-wiki.com/?2025-01-20) - 奇安信攻防社区 - - [ ] [浅谈恶意样本の反沙箱分析](https://forum.butian.net/share/4050) - - [ ] [在 JSP 中优雅的注入 Spring 内存马](https://forum.butian.net/share/4053) -- Private Feed for M09Ic - - [ ] [mgeeky starred jdu2600/Etw-SyscallMonitor](https://github.com/jdu2600/Etw-SyscallMonitor) - - [ ] [mgeeky starred jdu2600/CFG-FindHiddenShellcode](https://github.com/jdu2600/CFG-FindHiddenShellcode) - - [ ] [mgeeky starred jdu2600/EtwTi-FluctuationMonitor](https://github.com/jdu2600/EtwTi-FluctuationMonitor) - - [ ] [mgeeky starred panther-labs/panther-analysis](https://github.com/panther-labs/panther-analysis) - - [ ] [mgeeky starred praetorian-inc/goffloader](https://github.com/praetorian-inc/goffloader) - - [ ] [mgeeky starred hakaioffsec/coffee](https://github.com/hakaioffsec/coffee) - - [ ] [mgeeky starred gabriellandau/EDRSandblast-GodFault](https://github.com/gabriellandau/EDRSandblast-GodFault) - - [ ] [HuYlllc pushed to dev in chainreactors/malice-network](https://github.com/chainreactors/malice-network/compare/40ff4b0d2b...1d104aceb6) - - [ ] [kpcyrd forked kpcyrd/usbd-serial from rust-embedded-community/usbd-serial](https://github.com/kpcyrd/usbd-serial) - - [ ] [mgeeky starred jdu2600/Windows10EtwEvents](https://github.com/jdu2600/Windows10EtwEvents) - - [ ] [mgeeky starred Textualize/rich](https://github.com/Textualize/rich) - - [ ] [mgeeky starred yardenshafir/cet-research](https://github.com/yardenshafir/cet-research) - - [ ] [mgeeky starred gabriellandau/ShadowStackWalk](https://github.com/gabriellandau/ShadowStackWalk) - - [ ] [zema1 starred HACK-THE-WORLD/IDAPluginList](https://github.com/HACK-THE-WORLD/IDAPluginList) - - [ ] [zema1 starred REhints/HexRaysCodeXplorer](https://github.com/REhints/HexRaysCodeXplorer) - - [ ] [kpcyrd started following riotbib](https://github.com/riotbib) - - [ ] [gh0stkey starred zsh-users/zsh-syntax-highlighting](https://github.com/zsh-users/zsh-syntax-highlighting) - - [ ] [nightRainy starred mstorsjo/llvm-mingw](https://github.com/mstorsjo/llvm-mingw) - - [ ] [zema1 starred sigoden/aichat](https://github.com/sigoden/aichat) - - [ ] [mgeeky starred tasooshi/torboost](https://github.com/tasooshi/torboost) - - [ ] [zer0yu started following adysec](https://github.com/adysec) - - [ ] [zer0yu starred 0x727/ChkApi_0x727](https://github.com/0x727/ChkApi_0x727) - - [ ] [h3zh1 pushed to v0.0.4dev in chainreactors/malice-network](https://github.com/chainreactors/malice-network/compare/30083561aa...9ebee1c061) - - [ ] [zema1 starred rainers/cv2pdb](https://github.com/rainers/cv2pdb) - - [ ] [timwhitez starred jaksi/sshesame](https://github.com/jaksi/sshesame) - - [ ] [timwhitez starred droberson/ssh-honeypot](https://github.com/droberson/ssh-honeypot) - - [ ] [timwhitez starred magisterquis/sshhipot](https://github.com/magisterquis/sshhipot) -- 安全脉搏 - - [ ] [记一次攻防演练中的若依(thymeleaf 模板注入)getshell](https://www.secpulse.com/archives/205071.html) - - [ ] [浅谈内联钩取原理与实现](https://www.secpulse.com/archives/205124.html) -- 嘶吼 RoarTalk – 网络安全行业综合服务平台,4hou.com - - [ ] [绿盟科技2024年预计收入高增,亏损大幅收窄](https://www.4hou.com/posts/8gzr) + - [ ] [windows com组件模糊测试入门](https://forum.butian.net/share/4060) + - [ ] [实战 | 微信小程序EDUSRC渗透漏洞复盘](https://forum.butian.net/share/4055) +- SecWiki News + - [ ] [SecWiki News 2025-01-21 Review](http://www.sec-wiki.com/?2025-01-21) +- Security Boulevard + - [ ] [GDPR Compliance in the US: Checklist and Requirements](https://securityboulevard.com/2025/01/gdpr-compliance-in-the-us-checklist-and-requirements/) + - [ ] [AI Code Generation: The Risks and Benefits of AI in Software](https://securityboulevard.com/2025/01/ai-code-generation-the-risks-and-benefits-of-ai-in-software/) + - [ ] [What PCI Attestation of Compliance Is and How to Get It](https://securityboulevard.com/2025/01/what-pci-attestation-of-compliance-is-and-how-to-get-it/) + - [ ] [Understanding the Principle of Least Privilege (PoLP)](https://securityboulevard.com/2025/01/understanding-the-principle-of-least-privilege-polp/) + - [ ] [DEF CON 32 – A (Shallow) Dive Into World Of Aircraft PKI](https://securityboulevard.com/2025/01/def-con-32-a-shallow-dive-into-world-of-aircraft-pki/) + - [ ] [Start the year by protecting your privacy— A stalkerware quick check](https://securityboulevard.com/2025/01/start-the-year-by-protecting-your-privacy-a-stalkerware-quick-check/) + - [ ] [Randall Munroe’s XKCD ‘Uncanceled Units’](https://securityboulevard.com/2025/01/randall-munroes-xkcd-uncanceled-units-2/) + - [ ] [Trump U-Turn: TikTok’s On-Again/Off-Again U.S. Ban](https://securityboulevard.com/2025/01/trump-eo-tik-tok-richixbw/) + - [ ] [Healthcare Cybersecurity: The Chronic Condition We Can’t Ignore](https://securityboulevard.com/2025/01/healthcare-cybersecurity-the-chronic-condition-we-cant-ignore/) + - [ ] [DEF CON 32 – Analyzing the Security of Satellite Based Air Traffic Control](https://securityboulevard.com/2025/01/def-con-32-analyzing-the-security-of-satellite-based-air-traffic-control/) +- CXSECURITY Database RSS Feed - CXSecurity.com + - [ ] [OCLS MSMS-PHP (by: oretnom23 ) v1.0 -Copyright © 2025. All rights reserved. File Upload-FU and Remote Code Execution-RCE Vul](https://cxsecurity.com/issue/WLB-2025010020) + - [ ] [NeoServ Studio - Website Builder Manager Admin SQLi Bypass](https://cxsecurity.com/issue/WLB-2025010018) +- 安全客-有思想的安全新媒体 + - [ ] [360获中国计算机行业协会网络和数据安全专业委员会卓越贡献奖](https://www.anquanke.com/post/id/303696) + - [ ] [CVE-2025-22146 (CVSS 9.1): 关键哨兵漏洞允许账户接管](https://www.anquanke.com/post/id/303693) + - [ ] [TP-Link 漏洞: 针对 CVE-2024-54887 的 PoC 漏洞利用揭示了远程代码执行风险](https://www.anquanke.com/post/id/303690) + - [ ] [CVE-2025-0411:7-Zip 安全漏洞导致代码执行 - 立即更新](https://www.anquanke.com/post/id/303687) + - [ ] [工业交换机漏洞可被远程利用](https://www.anquanke.com/post/id/303684) + - [ ] [物联网僵尸网络助长针对全球组织的大规模 DDoS 攻击](https://www.anquanke.com/post/id/303681) + - [ ] [ChatGPT Crawler漏洞:通过HTTP请求进行DDOS攻击](https://www.anquanke.com/post/id/303678) + - [ ] [甲骨文 2025 年 1 月关键补丁更新:解决 320 个安全漏洞](https://www.anquanke.com/post/id/303675) + - [ ] [黑客利用 AnyDesk 冒充 CERT-UA 发起网络攻击](https://www.anquanke.com/post/id/303670) + - [ ] [黑客声称窃取源代码,HPE 对漏洞进行调查](https://www.anquanke.com/post/id/303667) - Recent Commits to cve:main - - [ ] [Update Mon Jan 20 20:20:12 UTC 2025](https://github.com/trickest/cve/commit/aedb363a6106f923d0179fd99792efccf1112259) - - [ ] [Update Mon Jan 20 12:23:13 UTC 2025](https://github.com/trickest/cve/commit/9d315db2ba795d0c7604551387c8e81ce6d2ef12) - - [ ] [Update Mon Jan 20 04:21:50 UTC 2025](https://github.com/trickest/cve/commit/315f452078d121de79d7ba03d7de4677c9edcea8) + - [ ] [Update Tue Jan 21 20:24:41 UTC 2025](https://github.com/trickest/cve/commit/093beab0c1e8739243099093f563ebb6c97a18ce) + - [ ] [Update Tue Jan 21 12:20:41 UTC 2025](https://github.com/trickest/cve/commit/089836ae7b2b9ed56ef865018b8ed702bf381412) + - [ ] [Update Tue Jan 21 04:24:29 UTC 2025](https://github.com/trickest/cve/commit/5430c3170b21fc90a9a4e98ee3d768521e921e95) +- 嘶吼 RoarTalk – 网络安全行业综合服务平台,4hou.com + - [ ] [2024 年 12 月头号恶意软件:基于 AI 的勒索软件团伙 FunkSec 风头渐起](https://www.4hou.com/posts/6MxN) + - [ ] [新型物联网僵尸网络现身,疯狂劫持设备发动大规模 DDoS 攻击](https://www.4hou.com/posts/0MoN) - 一个被知识诅咒的人 - - [ ] [仅249美元!英伟达推出超强AI开发套件,开启机器人与智能应用新纪元](https://blog.csdn.net/nokiaguy/article/details/145265736) - - [ ] [Python性能分析全攻略:从cProfile到line_profiler,全面优化你的代码](https://blog.csdn.net/nokiaguy/article/details/145260325) - - [ ] [Python中的内存管理揭秘:全面防止内存泄漏,提升程序稳定性](https://blog.csdn.net/nokiaguy/article/details/145260311) -- obaby@mars - - [ ] [搬家](https://h4ck.org.cn/2025/01/19019) -- 安全客-有思想的安全新媒体 - - [ ] [四个关键词,回眸360发力人才培育这一年](https://www.anquanke.com/post/id/303648) - - [ ] [Yubico 解决 pam-u2f 软件包中的身份验证绕过漏洞 CVE-2025-23013](https://www.anquanke.com/post/id/303645) - - [ ] [CVE-2024-53691: 针对严重 QNAP RCE 漏洞发布 PoC 漏洞利用程序](https://www.anquanke.com/post/id/303642) - - [ ] [微软开始强制升级 Windows 11 22H2、23H3 设备](https://www.anquanke.com/post/id/303639) - - [ ] [CVE-2024-49113 检测: 通过公开可用 PoC 利用 Windows LDAP 拒绝服务漏洞又名 LDAPNightmare](https://www.anquanke.com/post/id/303636) - - [ ] [微软修复 Windows Server 系统上 Office 365 应用程序崩溃问题](https://www.anquanke.com/post/id/303633) - - [ ] [恶意 PyPi 软件包窃取开发人员的 Discord 验证令牌](https://www.anquanke.com/post/id/303630) - - [ ] [Otelier 数据泄露事件暴露了数百万人的信息和酒店预订信息](https://www.anquanke.com/post/id/303627) - - [ ] [美国联邦贸易委员会命令通用汽车停止收集和出售驾驶员数据](https://www.anquanke.com/post/id/303624) - - [ ] [W3 Total Cache 插件中的一个漏洞使数十万个 WordPress 网站受到攻击](https://www.anquanke.com/post/id/303621) -- MaskRay - - [ ] [Natural loops](https://maskray.me/blog/2025-01-20-natural-loops) -- Bug Bounty in InfoSec Write-ups on Medium - - [ ] [How I found S3 buckets in Bug bounties](https://infosecwriteups.com/how-i-found-s3-buckets-in-bug-bounties-501faf76c3f9?source=rss----7b722bfd1b8d--bug_bounty) - - [ ] [Bypass HackerOne 2FA requirement and reporter blacklist](https://infosecwriteups.com/bypass-hackerone-2fa-requirement-and-reporter-blacklist-46d7959f1ee5?source=rss----7b722bfd1b8d--bug_bounty) + - [ ] [【Python运维】Python与网络监控:如何编写网络探测与流量分析工具](https://blog.csdn.net/nokiaguy/article/details/145281157) + - [ ] [【人工智能】Python实战:构建高效的多任务学习模型](https://blog.csdn.net/nokiaguy/article/details/145281118) +- paper - Last paper + - [ ] [盘点 2024 年备受关注的那些高风险漏洞](https://paper.seebug.org/3268/) + - [ ] [Love and hate under war: The GamaCopy organization, which imitates the Russian Gamaredon, uses military - related bait to launch attacks on Russia](https://paper.seebug.org/3270/) - Twitter @bytehx - - [ ] [Just scored a reward @intigriti, check my profile: https://app.intigriti.com/profile/bytehx #HackWithIntigriti](https://x.com/bytehx343/status/1881380986333839502) -- VMRay - - [ ] [Heavily obfuscated batch file loads XWorm hosted on GitHub](https://www.vmray.com/heavily-obfuscated-batch-file-loads-xworm-hosted-on-github/) -- SentinelOne - - [ ] [2024 macOS Malware Review | Infostealers, Backdoors, and APT Campaigns Targeting the Enterprise](https://www.sentinelone.com/blog/2024-macos-malware-review-infostealers-backdoors-and-apt-campaigns-targeting-the-enterprise/) + - [ ] [RT zhero;: very pleased to announce the release of my new article based on my research that led to CVE-2024-46982 titled: Next.js, cache, and chains: ...](https://x.com/bytehx343/status/1881775443810152497) + - [ ] [Thanks @SynackRedTeam 🥳](https://x.com/bytehx343/status/1881743935749660919) + - [ ] [Re @drak3hft7 @yeswehack](https://x.com/bytehx343/status/1881715373604745365) + - [ ] [Re @RootxRavi @intigriti thank you!](https://x.com/bytehx343/status/1881714645335249267) + - [ ] [Just scored a reward @intigriti, check my profile: https://app.intigriti.com/profile/bytehx #HackWithIntigriti](https://x.com/bytehx343/status/1881713215970955450) + - [ ] [Re @YoyoDavelion @yeswehack Congrats!](https://x.com/bytehx343/status/1881712949141917968) + - [ ] [Re @RootxRavi @intigriti Thank you!🥳](https://x.com/bytehx343/status/1881701312028614748) + - [ ] [Re @_justYnot @intigriti Thank you!🥳](https://x.com/bytehx343/status/1881701300687274145) + - [ ] [Re @ce_automne @intigriti should try it!](https://x.com/bytehx343/status/1881688650129506316) +- SpiderLabs Blog + - [ ] [The New Face of Ransomware: Key Players and Emerging Tactics of 2024](https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/the-new-face-of-ransomware-key-players-and-emerging-tactics-of-2024/) +- Private Feed for M09Ic + - [ ] [mgeeky starred LuemmelSec/APEX](https://github.com/LuemmelSec/APEX) + - [ ] [praetorian-inc made praetorian-inc/noseyparkerexplorer public](https://github.com/praetorian-inc/noseyparkerexplorer) + - [ ] [mgeeky starred zodiacon/youtubecode](https://github.com/zodiacon/youtubecode) + - [ ] [zema1 starred MaorSabag/interactive-execute-shellcode](https://github.com/MaorSabag/interactive-execute-shellcode) + - [ ] [zer0yu started following BlackFan](https://github.com/BlackFan) + - [ ] [zer0yu started following Patrick-DE](https://github.com/Patrick-DE) + - [ ] [zer0yu starred bodo-run/yek](https://github.com/bodo-run/yek) + - [ ] [zer0yu started following reddelexc](https://github.com/reddelexc) + - [ ] [zema1 starred 0xEr3bus/PoolPartyBof](https://github.com/0xEr3bus/PoolPartyBof) + - [ ] [h3zh1 pushed to dev in chainreactors/malice-network](https://github.com/chainreactors/malice-network/compare/5527b594d0...8431efeb36) + - [ ] [huoji120 starred vmcall/nt-mapper](https://github.com/vmcall/nt-mapper) + - [ ] [CHYbeta starred convisolabs/rails_arb_file_write_bootsnap](https://github.com/convisolabs/rails_arb_file_write_bootsnap) + - [ ] [CHYbeta starred polyxss/bxss](https://github.com/polyxss/bxss) + - [ ] [zer0yu starred deepseek-ai/DeepSeek-R1](https://github.com/deepseek-ai/DeepSeek-R1) + - [ ] [safedv starred FalconForceTeam/bof-winrm-client](https://github.com/FalconForceTeam/bof-winrm-client) + - [ ] [CHYbeta starred KTH-LangSec/silent-spring](https://github.com/KTH-LangSec/silent-spring) + - [ ] [safedv starred gtworek/PSBits](https://github.com/gtworek/PSBits) + - [ ] [niudaii starred LandGrey/domainNamePredictor](https://github.com/LandGrey/domainNamePredictor) + - [ ] [niudaii starred AlephNullSK/dnsgen](https://github.com/AlephNullSK/dnsgen) + - [ ] [zema1 starred sonodima/microseh](https://github.com/sonodima/microseh) + - [ ] [0xbug starred temporalio/temporal](https://github.com/temporalio/temporal) + - [ ] [Wh0ale starred wux1an/wxapkg](https://github.com/wux1an/wxapkg) - Reverse Engineering - - [ ] [/r/ReverseEngineering's Weekly Questions Thread](https://www.reddit.com/r/ReverseEngineering/comments/1i5lbt8/rreverseengineerings_weekly_questions_thread/) - - [ ] [Malware Analysis of Fake Banking Reward APK Targeting WhatsApp Users](https://www.reddit.com/r/ReverseEngineering/comments/1i5svi7/malware_analysis_of_fake_banking_reward_apk/) - - [ ] [Reverse Engineering Bambu Connect](https://www.reddit.com/r/ReverseEngineering/comments/1i5lw80/reverse_engineering_bambu_connect/) + - [ ] [Denuvo Analysis](https://www.reddit.com/r/ReverseEngineering/comments/1i6up0s/denuvo_analysis/) + - [ ] [Reverse Engineering Call Of Duty Anti-Cheat](https://www.reddit.com/r/ReverseEngineering/comments/1i68o2q/reverse_engineering_call_of_duty_anticheat/) + - [ ] [HAAA hello guys can someone help me with reverse chal ? like i'm strugleling too much rn pls](https://www.reddit.com/r/ReverseEngineering/comments/1i6uqbq/haaa_hello_guys_can_someone_help_me_with_reverse/) +- blog.avast.com EN + - [ ] [Start the year by protecting your privacy— A stalkerware quick check](https://blog.avast.com/start-the-year-by-protecting-your-privacy-a-stalkerware-quick-check) +- Bug Bounty in InfoSec Write-ups on Medium + - [ ] [WIFI Hacking , user and password hacking [How hackers get Password of any wifi network]](https://infosecwriteups.com/wifi-hacking-user-and-password-hacking-how-hackers-get-password-of-any-wifi-network-015ae6575bed?source=rss----7b722bfd1b8d--bug_bounty) + - [ ] [Found HTML Injection in Emails! Earned HOF](https://infosecwriteups.com/found-html-injection-in-emails-earned-hof-24a8a8223f29?source=rss----7b722bfd1b8d--bug_bounty) - Malwarebytes - - [ ] [Your location or browsing habits could lead to price increases when buying online](https://www.malwarebytes.com/blog/news/2025/01/your-location-or-browsing-habits-could-lead-to-price-increases-when-buying-online) - - [ ] [A week in security (January 13 – January 19)](https://www.malwarebytes.com/blog/news/2025/01/a-week-in-security-january-13-january-19) + - [ ] [AI tool GeoSpy analyzes images and identifies locations in seconds](https://www.malwarebytes.com/blog/news/2025/01/ai-tool-geospy-analyzes-images-and-identifies-locations-in-seconds) +- Microsoft Security Response Center + - [ ] [Scaling Dynamic Application Security Testing (DAST)](https://msrc.microsoft.com/blog/2025/01/scaling-dynamic-application-security-testing-dast/) +- Webroot Blog + - [ ] [Why MSPs need proactive, 24/7 threat hunting](https://www.webroot.com/blog/2025/01/21/why-msps-need-proactive-24-7-threat-hunting/) +- FreeBuf网络安全行业门户 + - [ ] [新的AI安全在2025年正对CISO及其团队构成挑战](https://www.freebuf.com/news/420445.html) + - [ ] [SUSE发布重要补丁:保护系统免受CVE-2025-21613攻击](https://www.freebuf.com/articles/420421.html) + - [ ] [Shiro CVE-2020-17510 路径绕过](https://www.freebuf.com/vuls/420408.html) + - [ ] [梅赛德斯—奔驰信息娱乐系统漏洞详细信息披露](https://www.freebuf.com/articles/420410.html) + - [ ] [FreeBuf早报 | 中国与多国联合解救7万电诈受害者;德国驻美大使密电遭到泄露](https://www.freebuf.com/news/420399.html) + - [ ] [2024年近2亿人受影响,美国医疗成重点攻击目标](https://www.freebuf.com/news/420391.html) + - [ ] [2025 OWASP十大安全漏洞](https://www.freebuf.com/news/420401.html) + - [ ] [420万主机暴露,含VPN和路由器](https://www.freebuf.com/news/420386.html) + - [ ] [新型僵尸网络正对路由器、摄像头等设备发起大规模DDoS攻击](https://www.freebuf.com/news/420383.html) - Wallarm - - [ ] [Considerations for Selecting the Best API Authentication Option](https://lab.wallarm.com/considerations-selecting-best-api-authentication-option/) -- 安全牛 - - [ ] [《后量子密码安全能力构建技术指南(2025年)》报告暨代表性厂商评估调研启动](https://mp.weixin.qq.com/s?__biz=MjM5Njc3NjM4MA==&mid=2651134771&idx=1&sn=d630c90006781716434e509b97c12856&chksm=bd15abe08a6222f621cc83ed26039da7ba363d15472e1102c14383eecf41b5ee7b6c2ef2e526&scene=58&subscene=0#rd) - - [ ] [马斯克称X不被允许在华运营情况需改变,外交部回应; 美国联邦调查局担忧AT&T数据泄露可能暴露线人身份 | 牛览](https://mp.weixin.qq.com/s?__biz=MjM5Njc3NjM4MA==&mid=2651134771&idx=2&sn=bf214740bb2023a8a3edc38463484c25&chksm=bd15abe08a6222f6f04fa76f0a94d12a1e81b2b7326b136daca55a3f0476d7b9a8d5898ed40d&scene=58&subscene=0#rd) -- rtl-sdr.com - - [ ] [A USB-C Mod for RTL-SDR Blog V3/V4 Dongles](https://www.rtl-sdr.com/a-usb-c-mod-for-rtl-sdr-blog-v3-v4-dongles/) - - [ ] [Locating an Intermittent Interferer with a KrakenSDR](https://www.rtl-sdr.com/locating-an-intermittent-interferer-with-a-krakensdr/) - - [ ] [Using an EFR32 IoT Microcontroller Transceiver as an SDR](https://www.rtl-sdr.com/using-an-efr32-iot-microcontroller-transceiver-as-an-sdr/) + - [ ] [API Security’s Role in Responsible AI Deployment](https://lab.wallarm.com/api-securitys-role-in-responsible-ai-deployment/) +- Dhole Moments + - [ ] [Too Many People Don’t Value the Time of Security Researchers](https://soatok.blog/2025/01/21/too-many-people-dont-value-the-time-of-security-researchers/) - 奇客Solidot–传递最新科技情报 - - [ ] [2024 年大气二氧化碳增幅创纪录](https://www.solidot.org/story?sid=80382) - - [ ] [欧盟考虑在消费品中禁止使用 PFAS](https://www.solidot.org/story?sid=80381) - - [ ] [Google 搜索服务开始要求启用 JavaScript](https://www.solidot.org/story?sid=80380) - - [ ] [Google Android 运行在 2024 年三分之二的新车上](https://www.solidot.org/story?sid=80379) - - [ ] [LibreOffice Writer 扩展为字处理软件加入可选的本地生成式 AI 功能](https://www.solidot.org/story?sid=80378) - - [ ] [亚马逊强推重返办公室但没有足够办公桌和停车位](https://www.solidot.org/story?sid=80377) - - [ ] [小鼠研究显示安眠药会干扰大脑清除废物](https://www.solidot.org/story?sid=80376) - - [ ] [摄像机首次捕捉到陨石掉落地面瞬间](https://www.solidot.org/story?sid=80375) - - [ ] [Linux 6.13 释出](https://www.solidot.org/story?sid=80374) - - [ ] [TikTok 恢复美国服务](https://www.solidot.org/story?sid=80373) -- HackerNews - - [ ] [欧盟《数字运营弹性法案》正式生效,严至监禁失职管理层](https://hackernews.cc/archives/56991) - - [ ] [网络安全领域研究人员遭遇假 PoC 专项攻击](https://hackernews.cc/archives/56995) - - [ ] [加拿大一 IT 公司被俄罗斯政府列入“不受欢迎”组织名单](https://hackernews.cc/archives/56987) - - [ ] [美国联邦贸易委员会:大数据监控定价导致消费者成本上升](https://hackernews.cc/archives/56985) - - [ ] [谷歌推出 OSV-SCALIBR 开源库用于软件成分分析](https://hackernews.cc/archives/56982) - - [ ] [恶意 PyPi 软件包窃取 Discord 开发者认证令牌](https://hackernews.cc/archives/56977) - - [ ] [俄罗斯黑客组织 Star Blizzard 在新钓鱼攻击活动中瞄准 WhatsApp 账户](https://hackernews.cc/archives/56975) - - [ ] [基于 Python 的机器人利用 PHP 服务器推动赌博平台泛滥](https://hackernews.cc/archives/56973) - - [ ] [WGS-804HPT 交换机存在严重漏洞将导致远程代码执行和网络利用](https://hackernews.cc/archives/56971) + - [ ] [北京将举办首届人机马拉松](https://www.solidot.org/story?sid=80390) + - [ ] [干旱愈来愈严重愈来愈频繁](https://www.solidot.org/story?sid=80388) + - [ ] [愈来愈多的美国青少年使用 ChatGPT 完成作业](https://www.solidot.org/story?sid=80387) + - [ ] [Paul Allen 诞辰 72 周年](https://www.solidot.org/story?sid=80386) + - [ ] [孕妇的脑灰质在孕期发生变化](https://www.solidot.org/story?sid=80385) + - [ ] [佳能的直播应用不支持佳能摄像机](https://www.solidot.org/story?sid=80384) + - [ ] [华为 2024 年手机出货量增长 50%](https://www.solidot.org/story?sid=80383) - 绿盟科技技术博客 - - [ ] [【已支持暴露面风险排查】Rsync缓冲区溢出与信息泄露漏洞(CVE-2024-12084/CVE-2024-12085)](https://blog.nsfocus.net/cve-2024-12084-cve-2024-12085/) -- 安全客 - - [ ] [转型中的网络安全:拜登政府的警告和美国的未来](https://mp.weixin.qq.com/s?__biz=MzA5ODA0NDE2MA==&mid=2649787757&idx=1&sn=e5eae9b6df27d7b00015e86ca2284def&chksm=8893bd02bfe43414e51527c12e99fe7dbfabd348bcf33087f7044d95963b1907c7ae795d05e9&scene=58&subscene=0#rd) -- 安全分析与研究 - - [ ] [UEFI BootKit学习路线与资料分享](https://mp.weixin.qq.com/s?__biz=MzA4ODEyODA3MQ==&mid=2247490058&idx=1&sn=8c80dfb3d169392af3a7821398c50637&chksm=902fb522a7583c34dbebe5255d0d954d1ac8bc4735bb19bc926e9c32a531e4f88c2c4666cda7&scene=58&subscene=0#rd) + - [ ] [【漏洞通告】MongoDB Mongoose搜索注入漏洞(CVE-2025-23061)](https://blog.nsfocus.net/cve-2025-23061/) +- rtl-sdr.com + - [ ] [CCC Conference Talk: BlinkenCity – Radio-Controlling Street Lamps and Power Plants](https://www.rtl-sdr.com/ccc-conference-talk-blinkencity-radio-controlling-street-lamps-and-power-plants/) - 奇安信 CERT - - [ ] [安全热点周报:Fortinet 警告利用身份验证绕过零日漏洞劫持防火墙](https://mp.weixin.qq.com/s?__biz=MzU5NDgxODU1MQ==&mid=2247502869&idx=1&sn=53f5cfd343a3cd7a4e8a32a6fe638138&chksm=fe79e88dc90e619b8c2c010457c1e44f3ff06dd47f4a8abd602deff354192c4b2842a3c0dfc3&scene=58&subscene=0#rd) -- Black Hills Information Security - - [ ] [Attack Tactics 9: Shadow Creds for PrivEsc w/ Kent & Jordan](https://www.blackhillsinfosec.com/attack-tactics-9-shadow-creds-for-privesc-wrapup/) -- 吾爱破解论坛 - - [ ] [吾爱破解论坛微信红包封面设计预览](https://mp.weixin.qq.com/s?__biz=MjM5Mjc3MDM2Mw==&mid=2651141587&idx=1&sn=91deda30d33d111b7478c3a764c2c468&chksm=bd50a5878a272c916e5fdba11db955248dd241def35150160f93e385c9782019e9bf0e6b1764&scene=58&subscene=0#rd) -- 代码卫士 - - [ ] [WGS-804HPT 交换机中存在多个严重漏洞,可导致RCE和网络利用](https://mp.weixin.qq.com/s?__biz=MzI2NTg4OTc5Nw==&mid=2247522124&idx=1&sn=8b928d650502c3cebc7b2ae0e85282a2&chksm=ea94a626dde32f303236d54cf10c68cbf25ac8104fe9a6280306ddbcce4f3ce7624240d24d9d&scene=58&subscene=0#rd) - - [ ] [PyPI 恶意包窃取Discord 开发人员的认证令牌](https://mp.weixin.qq.com/s?__biz=MzI2NTg4OTc5Nw==&mid=2247522124&idx=2&sn=98991414f4675f83bbb4a3935a2f16e1&chksm=ea94a626dde32f3016b9b39f894f63db177129413333eaf003c2ded003a435725967bc152c92&scene=58&subscene=0#rd) -- Dhole Moments - - [ ] [Session Round 2](https://soatok.blog/2025/01/20/session-round-2/) + - [ ] [年度报告 | 2024年应该知道的漏洞都在这了!](https://mp.weixin.qq.com/s?__biz=MzU5NDgxODU1MQ==&mid=2247502937&idx=1&sn=c80cc1036d35183287d46040fa66d3f2&chksm=fe79e8c1c90e61d7169d6a42f15d0c02941c362881e765d760f9c7317c8bd10f66e565995bb1&scene=58&subscene=0#rd) +- 绿盟科技CERT + - [ ] [【漏洞通告】MongoDB Mongoose搜索注入漏洞(CVE-2025-23061)](https://mp.weixin.qq.com/s?__biz=Mzk0MjE3ODkxNg==&mid=2247488918&idx=1&sn=158d8df04d4080e7902083a76fd24d26&chksm=c2c6429df5b1cb8bc86e5d57a7d589ef30a23ca11cd0bb38269afe2125cd10f152606ce4ea98&scene=58&subscene=0#rd) +- 安全分析与研究 + - [ ] [3CX供应链攻击技术之微软数字签名被滥用技术分析](https://mp.weixin.qq.com/s?__biz=MzA4ODEyODA3MQ==&mid=2247490083&idx=1&sn=ae29cfade8f5828fec4fb779fe5e3c96&chksm=902fb50ba7583c1d446ad0cd9ea3a31505e76942c0c9287c7c7c3d7e34d0a798bdd099c074b4&scene=58&subscene=0#rd) + - [ ] [银狐最新恶意软件进程监控](https://mp.weixin.qq.com/s?__biz=MzA4ODEyODA3MQ==&mid=2247490083&idx=2&sn=c971052a5ec51ffec1e6bfb1c69b14f1&chksm=902fb50ba7583c1d4e3afd61be64e5e3ddea141c398bbbcc30b869212a244246c63a4e11d1d2&scene=58&subscene=0#rd) + - [ ] [D0glun勒索病毒攻击](https://mp.weixin.qq.com/s?__biz=MzA4ODEyODA3MQ==&mid=2247490083&idx=3&sn=fc6500f89b6ce90fdeb832aeeae697db&chksm=902fb50ba7583c1d99359705d89dbc7f7af7e53236a6c19c59716d080ab2d117b07eb1fb23e9&scene=58&subscene=0#rd) - 威努特安全网络 - - [ ] [2024 CWE TOP25最危险软件弱点深度解析](https://mp.weixin.qq.com/s?__biz=MzAwNTgyODU3NQ==&mid=2651130546&idx=1&sn=af17cc33bcba30263b1062816452140a&chksm=80e71002b7909914201ecc3158a953b2ce81f616276e5123ebef52b60f922c7ff5b588c7c574&scene=58&subscene=0#rd) -- 青衣十三楼飞花堂 - - [ ] [凉山叙事](https://mp.weixin.qq.com/s?__biz=MzUzMjQyMDE3Ng==&mid=2247487923&idx=1&sn=27de2e79a46e08f68e6fd4cadd99c580&chksm=fab2d28ccdc55b9a7a2a150f12ecb0044c667e16fd09c9138fa3ca96b1c40acd0b8aa1cafd6e&scene=58&subscene=0#rd) -- FreeBuf网络安全行业门户 - - [ ] [新型Android恶意软件模仿聊天应用窃取敏感数据](https://www.freebuf.com/news/420346.html) - - [ ] [B站又爆大瓜!员工“代码投毒”报复网友](https://www.freebuf.com/news/420334.html) - - [ ] [验证码对抗之殇:Clickfix最新钓鱼事件分析报告](https://www.freebuf.com/articles/paper/420320.html) - - [ ] [解读出国劳务:表面邀请拍戏,实则人口交易,走上小路,却是末路!](https://www.freebuf.com/news/420316.html) - - [ ] [FreeBuf早报 | 网信办启动春节网络环境整治行动;美网络攻击我国某研究院细节公布](https://www.freebuf.com/news/420305.html) - - [ ] [惠普被黑客入侵,机密数据在暗网出售](https://www.freebuf.com/news/420293.html) - - [ ] [无需拆机!Windows 11 BitLocker加密文件被破解](https://www.freebuf.com/news/420297.html) - - [ ] [黑客滥用微软VSCode 远程隧道绕过安全工具](https://www.freebuf.com/news/420277.html) - - [ ] [《零日风暴》| 正式前导预告 | Netflix](https://www.freebuf.com/video/420267.html) - - [ ] [ChatGPT被曝存在爬虫漏洞,OpenAI未公开承认](https://www.freebuf.com/news/420273.html) - - [ ] [网络安全领域研究人员遭遇假PoC专项攻击](https://www.freebuf.com/news/420252.html) -- 奇安信威胁情报中心 - - [ ] [Operation(Giỗ Tổ Hùng Vương)hurricane:浅谈新海莲花组织在内存中的技战术](https://mp.weixin.qq.com/s?__biz=MzI2MDc2MDA4OA==&mid=2247513780&idx=1&sn=a2650f77b1b7a4b73b27ec637bef04d1&chksm=ea6641c3dd11c8d58e8cd03792f61e801bc69c868a2c7ccc64826afab019e4e19fa13ab75e3d&scene=58&subscene=0#rd) -- 腾讯玄武实验室 - - [ ] [每日安全动态推送(25/1/20)](https://mp.weixin.qq.com/s?__biz=MzA5NDYyNDI0MA==&mid=2651959996&idx=1&sn=39171e942cfb617360a556b8d9fa2dd3&chksm=8baed223bcd95b358ff9bd5dd95c2f60ad07fa4eaf7b8664a5947a32920fa4092f27c9b4e44d&scene=58&subscene=0#rd) -- 安全研究GoSSIP - - [ ] [G.O.S.S.I.P 技术笔记 2025-01-15 薛定谔的寄存器?](https://mp.weixin.qq.com/s?__biz=Mzg5ODUxMzg0Ng==&mid=2247499629&idx=1&sn=2890acf36b4707a5bf91f3c823c4a5db&chksm=c063d1b4f71458a27e12ffc8ec1fe880002d2d92968fadcda511a91279e30d0dacba4fa59f48&scene=58&subscene=0#rd) -- 中国信息安全 - - [ ] [全球视野 | 国际网安快讯(第46期)](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235156&idx=1&sn=0d1b4aa189b788c665f35ccc52b8c79c&chksm=8b58026dbc2f8b7b6d93de308202cb19c8415133a057bc6da6f722dede97d20b258b1d7472a6&scene=58&subscene=0#rd) - - [ ] [关注 | 中央网信办启动“清朗·2025年春节网络环境整治”专项行动](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235156&idx=2&sn=4b39d631ae07312faba443f5436ad10d&chksm=8b58026dbc2f8b7b91ed7170e231bcd136924c647b87e66b0462da74c185560ce2f6cd9e787a&scene=58&subscene=0#rd) - - [ ] [专家解读 | 蒋艳:促进数据标注能力提升,筑牢工业智能数据基础](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235156&idx=3&sn=558d06cf50feba02ada95b443dd3c827&chksm=8b58026dbc2f8b7b9eef3e6af4d43b30950f7189270bf1a2d3bca5bcca2741a0e8e19ea1ba22&scene=58&subscene=0#rd) - - [ ] [专家观点 | 构建多元化的人工智能训练数据供给体系](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235156&idx=4&sn=1dbca4b896271872f13bb321297280ba&chksm=8b58026dbc2f8b7b971cfdb62ca4b48021e6f8ef3b66a561160856f707769288e10ab71e982c&scene=58&subscene=0#rd) - - [ ] [国际 | 欧盟计划加强医疗保健行业网络安全](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235156&idx=5&sn=957baf161a599a455c3db7e971b5e1be&chksm=8b58026dbc2f8b7bbbcad45c446045a33301e9fff28222efaa28c4e2b68cc21f064468af3e20&scene=58&subscene=0#rd) - - [ ] [国际 | 日本强化“主动网络防御”能力](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235156&idx=6&sn=8ccd83bcc4b8e4593e6fdd896fa083e0&chksm=8b58026dbc2f8b7b5e4b966a6f54625e30dc69faafd8a70ef0171ade51902c00712b1acdc8cd&scene=58&subscene=0#rd) - - [ ] [评论 | 请读懂用“反向驯化”对付算法背后的诉求](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235156&idx=7&sn=f84b09b4c82d9bc9efe8c1c5f4c91a4d&chksm=8b58026dbc2f8b7baae14b0518073604a463b27203a7a6c6a7ba5b8c9cb577ae2d49f270693e&scene=58&subscene=0#rd) -- dotNet安全矩阵 - - [ ] [举一反三 ,通过 Sharp4SuoPoc 从原理上复现 Visual Studio 投毒事件的来龙去脉](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498340&idx=1&sn=f9aecfc3de35b8fac05e7e7d352da9e4&chksm=fa595489cd2edd9f317b3ce1a2e10a23a2a5c3c3fc4a16daa713ac76716cec8ef519e525b37a&scene=58&subscene=0#rd) - - [ ] [国内最专业、最全面的 [ .NET 代码审计 ] 体系化学习交流社区](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498340&idx=2&sn=a8a67dc9e2cd5c4ec82e4a85c1fe2342&chksm=fa595489cd2edd9f25ac05370f0e47f84cb3e8c701746b35f4a0bfb09ae483e152785aeeb67c&scene=58&subscene=0#rd) - - [ ] [.NET 第 55 期红队武器库和资源汇总](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498340&idx=3&sn=7c60cbd1b12469d5e4f5c6db12ca1cb4&chksm=fa595489cd2edd9fd5bb60e9788f1ae5294e1852fb76568985d137f3a1b3dde16d6bcfcd9495&scene=58&subscene=0#rd) + - [ ] [连续三年!威努特蝉联中国网络安全产业联盟先进会员单位](https://mp.weixin.qq.com/s?__biz=MzAwNTgyODU3NQ==&mid=2651130566&idx=1&sn=f4bc7206d7fd13bcd1280fca2d9eb1b3&chksm=80e71076b7909960f60ec0b3607c107efc6cec5b40d131a5326a3602ca2f682bf3350ee8e8ed&scene=58&subscene=0#rd) - 丁爸 情报分析师的工具箱 - - [ ] [【知识点】解密:HUMINT、SIGINT、OSINT、MASINT、GEOINT 、IMINT、SOCMINT、MEDINT等](https://mp.weixin.qq.com/s?__biz=MzI2MTE0NTE3Mw==&mid=2651148633&idx=1&sn=80a6c18af41984c8aaa601f82ccd7ac8&chksm=f1af2663c6d8af75a845402ef2f96cb2f9a94fd38ebb787c3390cc9a9cda2de4f06e26baa64f&scene=58&subscene=0#rd) -- 数世咨询 - - [ ] [新西兰跻身云安全漏洞排名前十](https://mp.weixin.qq.com/s?__biz=MzkxNzA3MTgyNg==&mid=2247534891&idx=1&sn=442f5697287365e019e20cb29c0a8008&chksm=c1443b96f633b280e3859a3441a858dda1412ce36b7957734a73bf3c683102b57bad82ee504a&scene=58&subscene=0#rd) -- 微步在线 - - [ ] [零差评的NDR,都做对了什么?](https://mp.weixin.qq.com/s?__biz=MzI5NjA0NjI5MQ==&mid=2650183053&idx=1&sn=92ff24e4a5e517b359ccd30b8274a5f6&chksm=f4486e31c33fe7279d803461244b6437f24fcba89a8c0040cee9fb53be84431992cedcf81281&scene=58&subscene=0#rd) -- 极客公园 - - [ ] [荣耀开启新一轮无限游戏:换帅、AI 和出海](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653072381&idx=1&sn=59b10e027ecd8cf16913597da4808654&chksm=7e57d64b49205f5d6d1a059def189b6fd38bba2e3c0be18dc4bbbd18ed40d8ca4f5a21f028bb&scene=58&subscene=0#rd) - - [ ] [对话 Mirumi 创造者:CES上爆火的陪伴机器人是怎样炼成的?](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653072363&idx=1&sn=feda9287cf8b3068ce7f17923c00d078&chksm=7e57d65d49205f4b15641187aaca3c587e0d4b05aa12dd633c11226bc00b5361d10c22ddf874&scene=58&subscene=0#rd) -- CNVD漏洞平台 - - [ ] [CNVD漏洞周报2025年第3期](https://mp.weixin.qq.com/s?__biz=MzU3ODM2NTg2Mg==&mid=2247495715&idx=1&sn=c02f8d40b18ff20468aa338efd776c5d&chksm=fd74c0eaca0349fcf48893554150aa62b8d148205e3198526c654194241638eafab9530bc6b5&scene=58&subscene=0#rd) - - [ ] [上周关注度较高的产品安全漏洞(20250113-20250119)](https://mp.weixin.qq.com/s?__biz=MzU3ODM2NTg2Mg==&mid=2247495715&idx=2&sn=b9b9d870553d36e181ba7d1702fde7da&chksm=fd74c0eaca0349fcd7eabae533b4d6bf7f8a8cf66309cb1e93c0c20500d376dc0ac4c5436fe6&scene=58&subscene=0#rd) + - [ ] [【资料】文化情报:美军如何利用国际市场的文化信息来增强情报、监视和侦察(ISR)](https://mp.weixin.qq.com/s?__biz=MzI2MTE0NTE3Mw==&mid=2651148640&idx=1&sn=dc17513401dee2c45789902342664776&chksm=f1af265ac6d8af4c812e62828e8c92434f40dce6e5de5133fecb9e81781ec050209e65fdcfaa&scene=58&subscene=0#rd) +- 梦之光芒的电子梦 + - [ ] [中小企业及创业公司信息安全建设指南](https://mp.weixin.qq.com/s?__biz=MzUyODQ0MTE2MQ==&mid=2247483749&idx=1&sn=762084442aa00a999fea80eed8b17326&chksm=fa710b43cd0682551167008cbc6ab7db1eb041b1a14538e4c7dcb29c786f301a6f39227962f2&scene=58&subscene=0#rd) +- 腾讯玄武实验室 + - [ ] [每日安全动态推送(25/1/21)](https://mp.weixin.qq.com/s?__biz=MzA5NDYyNDI0MA==&mid=2651959999&idx=1&sn=8f2ce3628b9e75bf7e03c60203d88d14&chksm=8baed220bcd95b3648040525b7c86be6aa84e518e42c1e85ed76c7b09ced0d67ea2b5556ece4&scene=58&subscene=0#rd) +- 360漏洞云 + - [ ] [【您有一个礼盒待签收】喜迎2025!开启安全新征程!](https://mp.weixin.qq.com/s?__biz=Mzg5MTc5Mzk2OA==&mid=2247502873&idx=1&sn=ebd51f859ccd1ab589330baec97ab05f&chksm=cfc56b46f8b2e250b48a6df1b45cf1422ffa7dd11cd5aa84dd045c022cac85d538bb7c867c8a&scene=58&subscene=0#rd) + - [ ] [《网信自主创新调研报告》表彰大会召开,360漏洞云获多项荣誉](https://mp.weixin.qq.com/s?__biz=Mzg5MTc5Mzk2OA==&mid=2247502873&idx=2&sn=b244ada36b1a87162f083c5a17af9c04&chksm=cfc56b46f8b2e25026712ae5023c6dc56a4c50092057dd3a58850b41c210c29b5bb60a729b85&scene=58&subscene=0#rd) + - [ ] [蛇年新禧,祥福并济|360漏洞云平台放假公告](https://mp.weixin.qq.com/s?__biz=Mzg5MTc5Mzk2OA==&mid=2247502873&idx=3&sn=ab3d8ccd96f17d0a3040c85d24e35be3&chksm=cfc56b46f8b2e250435ced6a4be9d9a5c5bd4bd692a7fbe65aed030690c7fddd6791331fd27b&scene=58&subscene=0#rd) +- 安全内参 + - [ ] [AI助手泄露客户信息,行业软件龙头暂时停用相关功能](https://mp.weixin.qq.com/s?__biz=MzI4NDY2MDMwMw==&mid=2247513551&idx=1&sn=f0edf2e4791fb19bbc7ceede6817e516&chksm=ebfaf2efdc8d7bf942608609b8655044efbc3d34c990d30ca4c705d3f2ce4ac4fbd9dce87622&scene=58&subscene=0#rd) + - [ ] [B站员工植入恶意代码报复用户,官方:漏洞已修补,员工已处罚](https://mp.weixin.qq.com/s?__biz=MzI4NDY2MDMwMw==&mid=2247513551&idx=2&sn=f50c04a1adb0a92b26906f0e29ecabdb&chksm=ebfaf2efdc8d7bf9ab0f5e0cbcbc04e62cceea6c6ef61ed92d88aeb2fc987c5cabce1bd08cec&scene=58&subscene=0#rd) +- 看雪学苑 + - [ ] [反射式注入技术浅析](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458589041&idx=1&sn=d6ac5ccbfd4e3343e192ddbf90411481&chksm=b18c27fb86fbaeed0df1fbadae1c3870a2409d2fb44d1790ecb33e9e6c15a7bf3cca1c2bdf83&scene=58&subscene=0#rd) + - [ ] [B站员工“代码投毒”!滥用职权,用户账号遭恶意封禁](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458589041&idx=2&sn=6763601f189f2c29f48bb63f7333ac4c&chksm=b18c27fb86fbaeedeb7d604cbb8f96598b43254de6a29e2bcc20f721f1d677ac3d0d3ab6ca8e&scene=58&subscene=0#rd) + - [ ] [报名中!即将开班 | 无人机安全攻防入门:从整体架构到漏洞分析](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458589041&idx=3&sn=f23e141f9f2559ffdfdd86d3d8f3ef1f&chksm=b18c27fb86fbaeede1ae14775b2e06f51d9ff39aea062676c42180f7f320b879996baf3f7ff8&scene=58&subscene=0#rd) +- 奇安信威胁情报中心 + - [ ] [【奇安信情报沙箱】警惕伪装为文档的恶意快捷方式(LNK)文件](https://mp.weixin.qq.com/s?__biz=MzI2MDc2MDA4OA==&mid=2247513822&idx=1&sn=9d52dc150c8ee53e3af6d7ae908c596b&chksm=ea6641a9dd11c8bfb5ef721db9b91c0777ce08c04211ac969b6a5cdc765c24b02f6b576a8c15&scene=58&subscene=0#rd) +- Shostack & Friends Blog + - [ ] [Handling Pandemic-Scale Cyber Threats: Lessons from COVID-19](https://shostack.org/blog/pandemic-scale/) +- 知道创宇404实验室 + - [ ] [盘点 2024 年备受关注的那些高风险漏洞](https://mp.weixin.qq.com/s?__biz=MzAxNDY2MTQ2OQ==&mid=2650990290&idx=1&sn=fb9b947f5ea6ca876af9c2159098d8a4&chksm=8079a4e0b70e2df652368fa2253964cd3b67c0ea64d03589c0a70c3560e6fe23ff6337a69fd1&scene=58&subscene=0#rd) - 安全圈 - - [ ] [【安全圈】宁波某化工企业被境外势力获取危险源监控视频数据](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067503&idx=1&sn=018f26decbcead5c44d6897dcaac4696&chksm=f36e7aefc419f3f998508894e072b07d360f8ce003a7829c7e3e59b6e38963c000cb35563009&scene=58&subscene=0#rd) - - [ ] [【安全圈】黑客声称惠普企业遭入侵,列出待售数据](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067503&idx=2&sn=91d7e9ae298ff62eea78d7143853f356&chksm=f36e7aefc419f3f91633b7a176be4cb6885a0df37a85ddd11366df9baa8f003ef67da3e56566&scene=58&subscene=0#rd) - - [ ] [【安全圈】黑客滥用 Microsoft VSCode 远程隧道绕过安全工具](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067503&idx=3&sn=0b2738a898f48ebbcd35b935ea9b9b9b&chksm=f36e7aefc419f3f9825e2bcdb1346a6a0cfc125b0362317ae276f36f4a15f976800acc71e733&scene=58&subscene=0#rd) - - [ ] [【安全圈】无需拆卸笔记本电脑即可访问 Windows 11 BitLocker 加密文件](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067503&idx=4&sn=17aa39950a2ad339c5c9189715ebc4f2&chksm=f36e7aefc419f3f9cb51bb87bb1f571572cf3b66429795fbd19cc7536069f74aa0232d0c9cc2&scene=58&subscene=0#rd) + - [ ] [【安全圈】B站2025年第一个大瓜,“代码投毒”报复用户](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067526&idx=1&sn=c7bb681b7008589588039d0669578174&chksm=f36e7a86c419f390b734807d57bdc26cac9c538f395fdccccc649692191fbcd913aaa5acd8d3&scene=58&subscene=0#rd) + - [ ] [【安全圈】梅赛德斯—奔驰信息娱乐系统漏洞详细信息披露](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067526&idx=2&sn=35fd8cf175959d2493340598399f5c01&chksm=f36e7a86c419f390ae47d611d4f4561da13239e89f5e649487a4ddd152221306aa899f53951d&scene=58&subscene=0#rd) + - [ ] [【安全圈】新型Android恶意软件模仿聊天应用窃取敏感数据](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067526&idx=3&sn=78bd7100124b3e45c47f00500c234a7a&chksm=f36e7a86c419f390eb993a9683d9f515b852c6e83fb5352246a18f8c2e22c3eca2ebdab53a18&scene=58&subscene=0#rd) + - [ ] [【安全圈】OWASP 2025 年十大漏洞 – 被利用/发现的最严重漏洞](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067526&idx=4&sn=b3d1ba063b429d95b1315af7a9713b77&chksm=f36e7a86c419f390195cd33fd72a55eb69f0bae4bcd587dd7e23f6258b3c8848d14b5fba092e&scene=58&subscene=0#rd) +- dotNet安全矩阵 + - [ ] [DCOM 技术内网实战,通过 ExcelDDE 和 ShellBrowserWindow 实现横向移动](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498360&idx=1&sn=8ee091f555c386b755c5300547ac08fe&chksm=fa595495cd2edd832583640b60f915e352d7d6d9eb98f85963e41303ca492d2bcb869dfcdb3b&scene=58&subscene=0#rd) + - [ ] [.NET 内网攻防实战电子报刊](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498360&idx=2&sn=27608f525eba71cd10592eaa56917ce1&chksm=fa595495cd2edd83e0d05a1703cc3febd28d701c9fe96fccc2409724b0dc3de47dc16ec91fe9&scene=58&subscene=0#rd) + - [ ] [.NET 实战中批量获取数据库凭据的工具](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498360&idx=3&sn=05bcdc6edb29b6d41f93a3216197eb95&chksm=fa595495cd2edd83c3ccbc19de1860a86e7eb126a22b71819e2f7841c0ab861fb968ef1d8add&scene=58&subscene=0#rd) +- 信息安全国家工程研究中心 + - [ ] [《公共数据资源登记管理暂行办法》公布,3月1日起施行](https://mp.weixin.qq.com/s?__biz=MzU5OTQ0NzY3Ng==&mid=2247498746&idx=1&sn=f526aba50f7d3765f6608b80012a38f1&chksm=feb67ae9c9c1f3fffd632db66d26d7b874760f3607f8a48be8e82be40eeb32a9b87c6e333312&scene=58&subscene=0#rd) + - [ ] [一图读懂 | 关于完善数据流通安全治理 更好促进数据要素市场化价值化的实施方案](https://mp.weixin.qq.com/s?__biz=MzU5OTQ0NzY3Ng==&mid=2247498746&idx=2&sn=32373b47bc9d42a1dd69d7ed017ec22b&chksm=feb67ae9c9c1f3ff9059fdb9b42509895b8e416205f2ef1346f9df76ccb25088b681b790581f&scene=58&subscene=0#rd) +- 中国信息安全 + - [ ] [通知 | 国家发展改革委 国家数据局印发《公共数据资源登记管理暂行办法》(附全文)](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235295&idx=1&sn=8a80edf9113f50434a1bb11f3e5cc79e&chksm=8b5803e6bc2f8af08800b6f9c12fc09d3665078ffd474d5a6f39d70e2c35058c0ae863b47a76&scene=58&subscene=0#rd) + - [ ] [通知 | 国家发展改革委 国家数据局印发《公共数据资源授权运营实施规范(试行)》(附全文)](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235295&idx=2&sn=5f58f62f3bf1f6e916f8470f6f6f55b2&chksm=8b5803e6bc2f8af06dc3a6c03e7d667c8c86a6af82f37c83fb6be1ae229f957ecd7b48c4dbe3&scene=58&subscene=0#rd) + - [ ] [通知 | 国家发展改革委 国家数据局印发《关于建立公共数据资源授权运营价格形成机制的通知》(附全文)](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235295&idx=3&sn=2f7dc83912ff817f2473902a7e6ac995&chksm=8b5803e6bc2f8af0a31dffe028e1b2d1c767d46cf0e64c710eee7bd6bc8b75d4cba0d33cb6cc&scene=58&subscene=0#rd) + - [ ] [​权威解答 | 国家发展改革委、国家数据局有关负责同志就公共数据资源三份政策文件答记者问](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235295&idx=4&sn=0e0fda73e478907a8ffd4ccf7d5b6bf1&chksm=8b5803e6bc2f8af01bb86646ec8574f5de50b90b63a85bc02a92643f056194b89d085ec75f4b&scene=58&subscene=0#rd) + - [ ] [工信部:3000余家网站、APP完成适老化及无障碍改造](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235295&idx=5&sn=b4698d8d66e49269855f4dece70ecc34&chksm=8b5803e6bc2f8af0471e8c6cd4b3ef03d12d7061293ea3063ad64cc1eadbea2eff7883c2486b&scene=58&subscene=0#rd) + - [ ] [专家解读 | “人工智能+”赋能实体经济 描绘“实数融合”新图景](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235295&idx=6&sn=a2794f1a6afeadd3fa7db937baf54f37&chksm=8b5803e6bc2f8af09c87629ba57cad87e96a8eb1cae1c3d848e796e35d3c5d85ef026899e89f&scene=58&subscene=0#rd) + - [ ] [关注 | 2024年全国受理网络违法和不良信息举报2.27亿件](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235295&idx=7&sn=11cd80d44bfaacb422ecd3c07309e5d7&chksm=8b5803e6bc2f8af0ec8bcb550699d37787f2af9dd7c9b50eb3c7b60899f2d3cc3227033730de&scene=58&subscene=0#rd) +- 国家互联网应急中心CNCERT + - [ ] [CNVD漏洞周报2025年第3期](https://mp.weixin.qq.com/s?__biz=MzIwNDk0MDgxMw==&mid=2247499617&idx=1&sn=2c0ace8ad777eef414c8c2a9bd88f67a&chksm=973acc03a04d45150eee133cf3ae4786f50bc20f2a1af53ec7434b10c80e8f59831a23fd48bc&scene=58&subscene=0#rd) + - [ ] [上周关注度较高的产品安全漏洞(20250113-20250119)](https://mp.weixin.qq.com/s?__biz=MzIwNDk0MDgxMw==&mid=2247499617&idx=2&sn=9bc261752d64c6b77c44994df9de434b&chksm=973acc03a04d4515f9832db1f4bf68dd1429f5d2152ca1b0fc12e931442a861b7b4043801e92&scene=58&subscene=0#rd) - 情报分析师 - - [ ] [【深度研究】如何用开源情报与验证技术挖掘互联网的隐藏真相](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650559107&idx=1&sn=d4395815742a56a0b089bcbdd91c3d70&chksm=87117cc8b066f5de0c1760ba5048934bc55a194aef2689e5a9a8c6c57dfc9c43f8d060375331&scene=58&subscene=0#rd) - - [ ] [伊俄签订全面战略伙伴条约对我风险研判](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650559107&idx=2&sn=a7f4517c1d2dc7c3812ea3cd778b7ae2&chksm=87117cc8b066f5ded35fd6591e36d01e85717c318664ade912a6ceeeb91d6ea5f65538ff104d&scene=58&subscene=0#rd) -- 墨菲安全 - - [ ] [36氪广东首发 | 以供应链视角推动企业软件安全架构升级,「墨菲安全」获数千万pre-A轮融资](https://mp.weixin.qq.com/s?__biz=MzkwOTM0MjI5NQ==&mid=2247488047&idx=1&sn=3176a6f993fd1c1d1fe0b03cbac70b6c&chksm=c13d7117f64af801d9153ac2691a2c0a56d0ca540e4ff90ee863c60b206f7e32a07d1f39cde4&scene=58&subscene=0#rd) -- 安全内参 - - [ ] [因遭勒索软件泄露超近250万人临床信息,这家生物公司赔偿5400万元](https://mp.weixin.qq.com/s?__biz=MzI4NDY2MDMwMw==&mid=2247513542&idx=1&sn=7dc1d619a87db4ddb927b6fb3ff62ff1&chksm=ebfaf2e6dc8d7bf0a8026fb160bb90c03136633fffceb3237e66198cde12fc14049bcc05e6d0&scene=58&subscene=0#rd) - - [ ] [美国务院首次实施“网络安全运营需求外国援助计划”](https://mp.weixin.qq.com/s?__biz=MzI4NDY2MDMwMw==&mid=2247513542&idx=2&sn=a15c26b60bc01c84fa61304952a8e690&chksm=ebfaf2e6dc8d7bf059c60d0b270de70171b873273cffd4aada3f465a8e3dee5abd717cba2a3a&scene=58&subscene=0#rd) + - [ ] [格鲁乌的“破坏者大学”:用犯罪分子代替特工,这是什么操作?](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650559125&idx=1&sn=9edc6ab07ea0a57a7163e982117f2677&chksm=87117cdeb066f5c8b70dac3fb97faa41d1147bd128db0c82f53be7fac2091848bf98620a9c95&scene=58&subscene=0#rd) + - [ ] [【深挖】缅甸克伦边防部队(BGF)的利益链条及犯罪业务网络(2万字资料附下载)](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650559125&idx=2&sn=eddfb3d8fd7ac52a2836738721392068&chksm=87117cdeb066f5c81b7f593465a83f37f2c6abfe8541ff72a8ad7dca6272a978bcc7e58f284e&scene=58&subscene=0#rd) + - [ ] [懂王行政令:从TikTok到关税,中美关系走向何方?](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650559125&idx=3&sn=6142b8da04d0f5b114e6620fb2a35459&chksm=87117cdeb066f5c889816af3b32bd96f9836d05a850be9c41b0e909882fc56327754e50c3a70&scene=58&subscene=0#rd) +- 小米安全中心 + - [ ] [MiSRC 蛇年限定红包封面,开启好运~](https://mp.weixin.qq.com/s?__biz=MzI2NzI2OTExNA==&mid=2247517805&idx=1&sn=fcf9b3df71d41e165e5ac7ca9b9d18dd&chksm=ea83a0f8ddf429ee312b0682e14764679d08a35a8787a527b7bcd1976a01b3905aa808133c3d&scene=58&subscene=0#rd) +- 天御攻防实验室 + - [ ] [美国政府网络政策观察(第三期) | 拜登政府制裁我国网络安全企业和个人](https://mp.weixin.qq.com/s?__biz=MzU0MzgyMzM2Nw==&mid=2247486241&idx=1&sn=b188fa0b9fd687297884d03f0af5ef7e&chksm=fb04c849cc73415f296866a480014d449984e4d3fdb57a7918b1d74fc50c661c502526e6496a&scene=58&subscene=0#rd) - 嘶吼专业版 - - [ ] [2024中国网络安全产业势能榜优能企业「医疗行业」典型案例展示](https://mp.weixin.qq.com/s?__biz=MzI0MDY1MDU4MQ==&mid=2247580903&idx=1&sn=44413743a587bf5c4d3afb17ea77ebfc&chksm=e9146cddde63e5cb900190a36756ef024ec4fd8b30f5a7eb06d8fc0c23649cb50159aa96c397&scene=58&subscene=0#rd) - - [ ] [安全动态回顾|《信息技术 信息安全事件管理 第4部分:协同》正式发布 黑客利用Google搜索广告窃取Google Ads帐户](https://mp.weixin.qq.com/s?__biz=MzI0MDY1MDU4MQ==&mid=2247580903&idx=2&sn=9dcd6ddb22e3ee16847f8c8d15241de9&chksm=e9146cddde63e5cb1d7218c1d4585a1f4f7c66c2e3960ea2056660e512ba78b3b4a8c082995b&scene=58&subscene=0#rd) -- 看雪学苑 - - [ ] [学习PE文件后的第一次实践项目之DLL反射型注入](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458588763&idx=1&sn=3f8a5ac4ea9d15820cc2cd6d5692963e&chksm=b18c26d186fbafc70f3e7c1673c15273d3202d1ec5d43301132c3a6e91aee46636b5ff4d87a8&scene=58&subscene=0#rd) - - [ ] [开源工具 rsync 曝重大漏洞,黑客可越界写入缓冲区远程执行代码](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458588763&idx=2&sn=987fea6e7bc8cce2c77f2e2035072ac4&chksm=b18c26d186fbafc74e6a05aa86e92183c63d2d9a959a88738a9e938d04954b0f5f417afec628&scene=58&subscene=0#rd) - - [ ] [今日更新:第4章2节-模糊测试工具基础使用](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458588763&idx=3&sn=094fc7e969bab88e07445fbca7b4b304&chksm=b18c26d186fbafc725a11592c164103b7ebcb3a2f8d879a28251fb5ca867598ddb4028856983&scene=58&subscene=0#rd) -- LuxSci - - [ ] [LuxSci Unveils New Secure Forms Features for Flexible Editing, Integrated Workflows, and Save Histories](https://luxsci.com/blog/new-secure-forms-features.html) -- 威胁棱镜 - - [ ] [实战派第二期沙龙(办公终端安全)随笔](https://mp.weixin.qq.com/s?__biz=MzkyMzE5ODExNQ==&mid=2247487604&idx=1&sn=03667e822fa1aeec7a80ec5277f40f32&chksm=c1e9e7b8f69e6eaef337bb4c0d8c67081221d5e96d5af824eed5bd160b4a99a8b28593dd3238&scene=58&subscene=0#rd) -- Krypt3ia - - [ ] [Threat Brief: Security Issues Surrounding TikTok and Its Potential for Espionage and Misinformation Campaigns](https://krypt3ia.wordpress.com/2025/01/20/threat-brief-security-issues-surrounding-tiktok-and-its-potential-for-espionage-and-misinformation-campaigns/) -- Over Security - Cybersecurity news aggregator - - [ ] [Microsoft: Exchange 2016 and 2019 reach end of support in October](https://www.bleepingcomputer.com/news/microsoft/microsoft-exchange-2016-and-2019-reach-end-of-support-in-october/) - - [ ] [HPE investigates breach as hacker claims to steal source code](https://www.bleepingcomputer.com/news/security/hewlett-packard-enterprise-investigates-new-breach-claims/) - - [ ] [Ukraine restores state registers after suspected Russian cyberattack](https://therecord.media/ukraine-restores-registers-after-cyberattack) - - [ ] [Microsoft fixes Windows Server 2022 bug breaking device boot](https://www.bleepingcomputer.com/news/microsoft/microsoft-fixes-windows-server-2022-bug-breaking-device-boot/) - - [ ] [Philippines arrests Chinese national suspected of spying on critical infrastructure](https://therecord.media/philippines-arrests-chinese-nationa-spying-critical-infrastructure) - - [ ] [Fortinet Zero-Day CVE-2024-55591 Exposed: Super-Admin Access Risk](https://cyble.com/blog/cve-2024-55591-the-fortinet-flaw-putting-critical-systems-at-risk/) - - [ ] [Cyble Sensors Detect Attacks on Check Point, Ivanti and More](https://cyble.com/blog/cyble-sensors-detect-attacks-on-check-point-ivanti-and-more/) - - [ ] [SentinelOne estende Purple AI alle soluzioni di sicurezza di terze parti](https://www.securityinfo.it/2025/01/20/sentinelone-estende-purple-ai-alle-soluzioni-di-sicurezza-di-terze-parti/) - - [ ] [Malicious extensions circumvent Google’s remote code ban](https://palant.info/2025/01/20/malicious-extensions-circumvent-googles-remote-code-ban/) - - [ ] [Transition from IBM QRadar to Sekoia for a modern & rewarding experience](https://blog.sekoia.io/transition-from-ibm-qradar-to-sekoia-for-a-modern-rewarding-experience/) - - [ ] [Microsoft shares temp fix for Outlook crashing when writing emails](https://www.bleepingcomputer.com/news/microsoft/microsoft-shares-temp-fix-for-outlook-crashing-when-writing-emails/) - - [ ] [Ancora attacchi ad opera di Vidar: cadenza regolare e vecchie strategie sempre efficaci](https://cert-agid.gov.it/news/ancora-attacchi-ad-opera-di-vidar-cadenza-regolare-e-vecchie-strategie-sempre-efficaci/) - - [ ] [FOSDEM 2025](https://www.certego.net/blog/fosdem-2025-certego-tra-gli-speaker-evento-dedicato-al-mondo-software-open-source/) - - [ ] [Riflessione sulle Free WiFi](https://roccosicilia.com/2025/01/20/riflessione-sulle-free-wifi/) - - [ ] [CERT-AGID 11 – 17 gennaio: una campagna di phishing sul Ministero della Salute e di nuovo Lumma Stealer.](https://www.securityinfo.it/2025/01/20/cert-agid-11-17-gennaio-una-campagna-di-phishing-sul-ministero-della-salute-e-di-nuovo-lumma-stealer/) -- bellingcat - - [ ] [The Rise of Nitazenes: Chinese Suppliers Behind Ads for Deadly Opioids Targeting Europe](https://www.bellingcat.com/news/2025/01/20/chinese-link-to-nitazenes-targeting-europe/) -- 安全419 - - [ ] [重新定义云优先时代的第三方治理和身份](https://mp.weixin.qq.com/s?__biz=MzUyMDQ4OTkyMg==&mid=2247546726&idx=1&sn=3814386756a35a94f19c0ee42150f30d&chksm=f9ebe9cbce9c60dd07f48ddfa60b488ee7b303a6a8f3f5d7b68cac50988ba9be7d8766abcc1e&scene=58&subscene=0#rd) + - [ ] [2024中国网络安全产业势能榜优能企业「交通行业」典型案例展示](https://mp.weixin.qq.com/s?__biz=MzI0MDY1MDU4MQ==&mid=2247580915&idx=1&sn=2aae7d3064771ae44630975c78b62baa&chksm=e9146cc9de63e5df1b4ab8537a511f1ecdc8f3e2be3717df13d6cd09eae66ff4e3797cd1eaa1&scene=58&subscene=0#rd) + - [ ] [新型物联网僵尸网络现身,疯狂劫持设备发动大规模 DDoS 攻击](https://mp.weixin.qq.com/s?__biz=MzI0MDY1MDU4MQ==&mid=2247580915&idx=2&sn=49c81661b58dadfafc5d8436f0511377&chksm=e9146cc9de63e5dfbdd06a3273f839512dbc6283cb8218a470ff5f749b412c27647cc876904d&scene=58&subscene=0#rd) +- 数世咨询 + - [ ] [澳大利亚公司:相比往年网络保险采购率大幅上升](https://mp.weixin.qq.com/s?__biz=MzkxNzA3MTgyNg==&mid=2247534898&idx=1&sn=41c69a4465600023c0be9cbb2fcd38d5&chksm=c1443b8ff633b299f991e382cc47801ab52ec43e006df5b5a754a47d1d0ad5eb76fa1347f7dc&scene=58&subscene=0#rd) + - [ ] [【行业动态】天空卫士香港峰会,引领AI数据安全新时代!](https://mp.weixin.qq.com/s?__biz=MzkxNzA3MTgyNg==&mid=2247534898&idx=2&sn=6e038251ac4390be46d940acbf6e57bb&chksm=c1443b8ff633b2996bc5adc439db90a54450cedf72cdcc38f9354cbc6a181c2d8528b08112d8&scene=58&subscene=0#rd) +- 极客公园 + - [ ] [一年卖超 500 万副耳机的韶音,杀入「AI 眼镜」赛道](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653072431&idx=1&sn=bbfab5ee5f3cf789e625b0ae8b64ac20&chksm=7e57d1994920588fa97e5ee83920b38db884b645213c226fa5e8d76f9e5b72aedbf1fab15af6&scene=58&subscene=0#rd) + - [ ] [对话生数科技 Vidu 产品负责人:100 天千万用户之后,2025 年视频生成产品会变成怎样?](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653072431&idx=2&sn=659e9b3665f91afb56d99cd9ccc509f0&chksm=7e57d1994920588f7be2b75b6da29e163816667796e5ea2319255256738b7ae06af5096738ef&scene=58&subscene=0#rd) + - [ ] [「夜袭」 OpenAI!DeepSeek 开源最强推理模型 R1,再震欧美同行](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653072415&idx=1&sn=a47a2f0c4272857c4920d18773448430&chksm=7e57d1a9492058bfd25004e5d0e45bf2271e89a218d3a62a75cdf774b90dca0c5eab3ba560cb&scene=58&subscene=0#rd) + - [ ] [小米汽车一月订单超 4 万,远超产能;华为鸿蒙 PC 望今年上市;字节发布 AI 中文开发环境IDE,目标全球开发者|极客早知道](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653072398&idx=1&sn=dec48b32602b49c7b40083d212e5360d&chksm=7e57d1b8492058aee104f875e76eed46378d16c75b283725fe84d8f14492bf7b5f31516923be&scene=58&subscene=0#rd) - 360数字安全 - - [ ] [滴!您有一封来自360安全大模型的年度报告待查收](https://mp.weixin.qq.com/s?__biz=MzA4MTg0MDQ4Nw==&mid=2247579147&idx=1&sn=0643e297c264261888a85bdd3bd4b117&chksm=9f8d2603a8faaf158eecc4ba3bdcf21338f00b6215aa681a645907b23b47fe843a188c825547&scene=58&subscene=0#rd) + - [ ] [年度盘点:AI+安全双重赋能,360解锁企业浏览器新动力](https://mp.weixin.qq.com/s?__biz=MzA4MTg0MDQ4Nw==&mid=2247579167&idx=1&sn=b9d8f3892f6d7cc7cbe9669aae2417a2&chksm=9f8d2617a8faaf01fb724c3472fed4f7d8df12f9251a76800fa93dd3d9a0f7e2c611540e87fd&scene=58&subscene=0#rd) + - [ ] [最高级!360获评工信部CAPPVD“三星技术支撑单位”称号](https://mp.weixin.qq.com/s?__biz=MzA4MTg0MDQ4Nw==&mid=2247579167&idx=2&sn=44ab9727a76e44a6b079e423fdf7b978&chksm=9f8d2617a8faaf014edd5f42949a768c5f781d7b3978e6b740442523c9838fc63b9be969b71a&scene=58&subscene=0#rd) + - [ ] [喜讯!360获评2024软件和信息服务业年度领航企业及创新成果两项大奖](https://mp.weixin.qq.com/s?__biz=MzA4MTg0MDQ4Nw==&mid=2247579167&idx=3&sn=9adcb35ed05747f7530c83f59de0ea37&chksm=9f8d2617a8faaf01e8a3f033a7236cf72d5be4d3abadd0812b203ba96eae2599c8b7f43430f1&scene=58&subscene=0#rd) +- Over Security - Cybersecurity news aggregator + - [ ] [Unique 0-click deanonymization attack targeting Signal, Discord and hundreds of platform](https://gist.github.com/hackermondev/45a3cdfa52246f1d1201c1e8cdef6117) + - [ ] [Government IT contractor Conduent says 'third-party compromise’ caused outages](https://therecord.media/government-contractor-conduent-outage-compromise) + - [ ] [Cloudflare mitigated a record-breaking 5.6 Tbps DDoS attack](https://www.bleepingcomputer.com/news/security/cloudflare-mitigated-a-record-breaking-56-tbps-ddos-attack/) + - [ ] [Disciplinary and special ed records of Toronto students may have leaked in PowerSchool breach](https://therecord.media/disciplinary-special-records-toronto-powerschool) + - [ ] [Fake Homebrew Google ads target Mac users with malware](https://www.bleepingcomputer.com/news/security/fake-homebrew-google-ads-target-mac-users-with-malware/) + - [ ] [TSA chief behind cyber directives for aviation, pipelines and rail ousted by Trump team](https://therecord.media/tsa-chief-behind-cyber-directives-ousted-trump-administration) + - [ ] [Russian telecom giant Rostelecom investigates suspected cyberattack on contractor](https://therecord.media/rostelecom-russia-contractor-data-breach) + - [ ] [Microsoft previews Game Assist in-game browser in Edge Stable](https://www.bleepingcomputer.com/news/microsoft/microsoft-previews-game-assist-in-game-browser-in-edge-stable/) + - [ ] [Bitbucket services “hard down” due to major worldwide outage](https://www.bleepingcomputer.com/news/technology/bitbucket-services-hard-down-due-to-major-worldwide-outage/) + - [ ] [7-Zip fixes bug that bypasses Windows MoTW security warnings, patch now](https://www.bleepingcomputer.com/news/security/7-zip-fixes-bug-that-bypasses-the-windows-motw-security-mechanism-patch-now/) + - [ ] [Criminal IP Teams Up with OnTheHub for Digital Education Cybersecurity](https://www.bleepingcomputer.com/news/security/criminal-ip-teams-up-with-onthehub-for-digital-education-cybersecurity/) + - [ ] [Ransomware gangs pose as IT support in Microsoft Teams phishing attacks](https://www.bleepingcomputer.com/news/security/ransomware-gangs-pose-as-it-support-in-microsoft-teams-phishing-attacks/) + - [ ] [Il 15enne che ha violato …](https://roccosicilia.com/2025/01/21/il-15enne-che-ha-violato/) + - [ ] [Via a SECURE, il progetto per supportare conformità delle PMI al Cyber Resilience Act](https://www.securityinfo.it/2025/01/21/via-a-secure-il-progetto-per-supportare-conformita-delle-pmi-al-cyber-resilience-act/) + - [ ] [Hackers impersonate Ukraine’s CERT to trick people into allowing computer access](https://therecord.media/fake-ukraine-cert-anydesk-requests-hackers) + - [ ] [Russian ransomware hackers increasingly posing as tech support on Microsoft Teams](https://therecord.media/fake-tech-support-russian-hackers-microsoft-teams) + - [ ] [JoCERT Issues Warning on Exploitable Command Injection Flaws in HPE Aruba Products](https://cyble.com/blog/jocert-warns-of-hpe-aruba-command-injection-flaws/) + - [ ] [Report riepilogativo sulle tendenze delle campagne malevole analizzate dal CERT-AGID nel 2024](https://cert-agid.gov.it/news/report-riepilogativo-sulle-tendenze-delle-campagne-malevole-analizzate-dal-cert-agid-nel-2024/) + - [ ] [October 2024 Cyber Attacks Statistics](https://www.hackmageddon.com/2025/01/21/october-2024-cyber-attacks-statistics/) + - [ ] [InvisibleFerret Malware: Technical Analysis](https://any.run/cybersecurity-blog/invisibleferret-malware-analysis/) + - [ ] [Zyxel vulnerability exploited by “Helldown” ransomware group](https://labs.yarix.com/2025/01/zyxel-vulnerability-exploited-by-helldown-ransomware-group/) + - [ ] [Critical Mozilla Vulnerabilities Prompt Urgent Updates for Firefox and Thunderbird Users](https://cyble.com/blog/cert-in-reports-multiple-mozilla-vulnerabilities/) +- Qualys Security Blog + - [ ] [Mass Campaign of Murdoc Botnet Mirai: A New Variant of Corona Mirai](https://blog.qualys.com/category/vulnerabilities-threat-research) +- Krypt3ia + - [ ] [Krypt3ia CTI Daily Digest 1.21.25](https://krypt3ia.wordpress.com/2025/01/21/krypt3ia-cti-daily-digest-1-21-25/) +- JUMPSEC + - [ ] [CREST penetration testing: how to ensure industry-leading standards](https://www.jumpsec.com/guides/crest-penetration-testing-how-to-ensure-industry-leading-standards/) + - [ ] [What is the difference between security and penetration testing](https://www.jumpsec.com/guides/difference-between-security-and-penetration-testing/) - 迪哥讲事 - - [ ] [从信息泄露到越权再到弱口令](https://mp.weixin.qq.com/s?__biz=MzIzMTIzNTM0MA==&mid=2247496915&idx=1&sn=ab34ad81c6b8fa8f2d00b9513c025fa4&chksm=e8a5feb0dfd277a6690903a4e8d90d6f98dca468b4aedfd0ef1058382c9c1dd0f2e07a75de5e&scene=58&subscene=0#rd) + - [ ] [从xss的自动化扫描器聊起-xss的基本功](https://mp.weixin.qq.com/s?__biz=MzIzMTIzNTM0MA==&mid=2247496922&idx=1&sn=f8c212b3d3e0fb45af733f56c776a356&chksm=e8a5feb9dfd277af68c2f94335499c7ee8b25a1a135dc168ad072328c4490be4b4e4ea34114d&scene=58&subscene=0#rd) - Securityinfo.it - - [ ] [SentinelOne estende Purple AI alle soluzioni di sicurezza di terze parti](https://www.securityinfo.it/2025/01/20/sentinelone-estende-purple-ai-alle-soluzioni-di-sicurezza-di-terze-parti/?utm_source=rss&utm_medium=rss&utm_campaign=sentinelone-estende-purple-ai-alle-soluzioni-di-sicurezza-di-terze-parti) - - [ ] [CERT-AGID 11 – 17 gennaio: una campagna di phishing sul Ministero della Salute e di nuovo Lumma Stealer.](https://www.securityinfo.it/2025/01/20/cert-agid-11-17-gennaio-una-campagna-di-phishing-sul-ministero-della-salute-e-di-nuovo-lumma-stealer/?utm_source=rss&utm_medium=rss&utm_campaign=cert-agid-11-17-gennaio-una-campagna-di-phishing-sul-ministero-della-salute-e-di-nuovo-lumma-stealer) -- ICT Security Magazine - - [ ] [Big Data: Gestione e Analisi dei Dati su Larga Scala](https://www.ictsecuritymagazine.com/articoli/big-data-cosa-sono/) -- 娜璋AI安全之家 - - [ ] [[AI安全论文] (36)C&S22 MPSAutodetect:基于自编码器的恶意Powershell脚本检测模型](https://mp.weixin.qq.com/s?__biz=Mzg5MTM5ODU2Mg==&mid=2247501253&idx=1&sn=7f467401adcf67cc67d7c2d3573e7c2e&chksm=cfcf7508f8b8fc1e5be31d7896f233c533e1591fe41a83de83293ee9930109814a8eadfc435b&scene=58&subscene=0#rd) -- SANS Internet Storm Center, InfoCON: green - - [ ] [Partial ZIP File Downloads, (Mon, Jan 20th)](https://isc.sans.edu/diary/rss/31608) - - [ ] [ISC Stormcast For Monday, January 20th, 2025 https://isc.sans.edu/podcastdetail/9286, (Mon, Jan 20th)](https://isc.sans.edu/diary/rss/31604) -- 360威胁情报中心 - - [ ] [APT-C-26(Lazarus)组织持续升级攻击武器,利用Electron程序瞄准加密货币行业](https://mp.weixin.qq.com/s?__biz=MzUyMjk4NzExMA==&mid=2247505519&idx=1&sn=594229f2c0123673d1fa9c6cf729858b&chksm=f9c1e566ceb66c701d875de8481fe02d89654d4b56cfc51088de6e421cb701437cdab52a0851&scene=58&subscene=0#rd) -- FuzzWiki - - [ ] [DeepGo: 预测定向灰盒模糊测试](https://mp.weixin.qq.com/s?__biz=MzU1NTEzODc3MQ==&mid=2247486916&idx=1&sn=6c5e8170932409049927f3b79468ae99&chksm=fbd9a678ccae2f6e581227dcdcc23e37f5f45c8fddefd134ce6a27c2a5563c29dc7126637abb&scene=58&subscene=0#rd) -- 白泽安全实验室 - - [ ] [因WordPress新漏洞,全球数百万网站面临被攻击风险](https://mp.weixin.qq.com/s?__biz=MzI0MTE4ODY3Nw==&mid=2247492526&idx=1&sn=247ea35cbbd8abee04db13ecd2a84025&chksm=e90dc984de7a4092b4afde879c894da6d97959d30ded3154090dba8f222c4e460b1ee2a8519b&scene=58&subscene=0#rd) + - [ ] [Via a SECURE, il progetto per supportare conformità delle PMI al Cyber Resilience Act](https://www.securityinfo.it/2025/01/21/via-a-secure-il-progetto-per-supportare-conformita-delle-pmi-al-cyber-resilience-act/?utm_source=rss&utm_medium=rss&utm_campaign=via-a-secure-il-progetto-per-supportare-conformita-delle-pmi-al-cyber-resilience-act) +- HACKMAGEDDON + - [ ] [October 2024 Cyber Attacks Statistics](https://www.hackmageddon.com/2025/01/21/october-2024-cyber-attacks-statistics/) +- LuxSci + - [ ] [Top 5 Use Cases for High-Volume HIPAA-Compliant Email](https://luxsci.com/blog/use-cases-high-volume-hipaa-compliant-email.html) +- 安全419 + - [ ] [2024年度网络安全政策法规一览](https://mp.weixin.qq.com/s?__biz=MzUyMDQ4OTkyMg==&mid=2247546742&idx=1&sn=986ad65a22c1c630d4eabd6c42289dc4&chksm=f9ebe9dbce9c60cd5be6610f4c43ec81e749cec3dce80ec0cf923666c585928f149fc781baa7&scene=58&subscene=0#rd) +- Instapaper: Unread + - [ ] [The Powerful AI Tool That Cops (or Stalkers) Can Use to Geolocate Photos in Seconds](https://www.404media.co/the-powerful-ai-tool-that-cops-or-stalkers-can-use-to-geolocate-photos-in-seconds/) + - [ ] [Bypassing disk encryption on systems with automatic TPM2 unlock](https://oddlama.org/blog/bypassing-disk-encryption-with-tpm2-unlock/) + - [ ] [Artifacts Jump Lists](http://windowsir.blogspot.com/2025/01/artifacts-jump-lists.html) + - [ ] [Windows 11 BitLocker-Encrypted Files Accessed Without Disassembling Laptops](https://cybersecuritynews.com/windows-11-bitlocker-encrypted-files-accessed/) + - [ ] [Riflessione sulle Free WiFi](https://roccosicilia.com/2025/01/20/riflessione-sulle-free-wifi/) +- Graham Cluley + - [ ] [The AI Fix #34: Fake Brad Pitt and why AI means we will lose our jobs](https://grahamcluley.com/the-ai-fix-34/) + - [ ] [Medusa ransomware: what you need to know](https://www.tripwire.com/state-of-security/medusa-ransomware-what-you-need-know) +- Troy Hunt's Blog + - [ ] [Weekly Update 435](https://www.troyhunt.com/weekly-update-435/) - The Hacker News - - [ ] [Unsecured Tunneling Protocols Expose 4.2 Million Hosts, Including VPNs and Routers](https://thehackernews.com/2025/01/unsecured-tunneling-protocols-expose-42.html) - - [ ] [DoNot Team Linked to New Tanzeem Android Malware Targeting Intelligence Collection](https://thehackernews.com/2025/01/donot-team-linked-to-new-tanzeem.html) - - [ ] [⚡ THN Weekly Recap: Top Cybersecurity Threats, Tools and Tips [20 January]](https://thehackernews.com/2025/01/thn-weekly-recap-top-cybersecurity_20.html) - - [ ] [Product Walkthrough: How Satori Secures Sensitive Data From Production to AI](https://thehackernews.com/2025/01/product-walkthrough-how-satori.html) - - [ ] [Hackers Deploy Malicious npm Packages to Steal Solana Wallet Keys via Gmail SMTP](https://thehackernews.com/2025/01/hackers-deploy-malicious-npm-packages.html) -- 0x727开源安全团队 - - [ ] [什么是ChkApi?(专为金融行业开源的API安全检测工具)](https://mp.weixin.qq.com/s?__biz=MzkwNTI3MjIyOQ==&mid=2247484132&idx=1&sn=721763ec693c93569325551122bb5e05&chksm=c0fb0c2ef78c85380ed2cb3e14dff253bd82118f740b9ff0c38dd08d365238d19bd7579adb3d&scene=58&subscene=0#rd) -- TorrentFreak - - [ ] [Authors Seek Meta’s Torrent Client Logs and Seeding Data in AI Piracy Probe](https://torrentfreak.com/authors-seek-metas-torrent-client-logs-and-seeding-data-in-ai-piracy-probe-250120/) - - [ ] [Man Jailed For Pirate IPTV Used By “Hundreds of Thousands” Had 2,000 Users](https://torrentfreak.com/man-jailed-for-pirate-iptv-used-by-100s-of-thousands-had-2000-subscribers-250120/) + - [ ] [Mirai Variant Murdoc Botnet Exploits AVTECH IP Cameras and Huawei Routers](https://thehackernews.com/2025/01/murdocbotnet-found-exploiting-avtech-ip.html) + - [ ] [13,000 MikroTik Routers Hijacked by Botnet for Malspam and Cyberattacks](https://thehackernews.com/2025/01/13000-mikrotik-routers-hijacked-by.html) + - [ ] [Ex-CIA Analyst Pleads Guilty to Sharing Top-Secret Data with Unauthorized Parties](https://thehackernews.com/2025/01/ex-cia-analyst-pleads-guilty-to-sharing.html) + - [ ] [HackGATE: Setting New Standards for Visibility and Control in Penetration Testing Projects](https://thehackernews.com/2025/01/hackgate-setting-new-standards-for.html) + - [ ] [PNGPlug Loader Delivers ValleyRAT Malware Through Fake Software Installers](https://thehackernews.com/2025/01/pngplug-loader-delivers-valleyrat.html) + - [ ] [CERT-UA Warns of Cyber Scams Using Fake AnyDesk Requests for Fraudulent Security Audits](https://thehackernews.com/2025/01/cert-ua-warns-of-cyber-scams-using-fake.html) - The Register - Security - - [ ] [Hackers game out infowar against China with the US Navy](https://go.theregister.com/feed/www.theregister.com/2025/01/20/china_taiwan_wargames/) - - [ ] [How to leave the submarine cable cutters all at sea – go Swedish](https://go.theregister.com/feed/www.theregister.com/2025/01/20/opinion_column_submarine_cables/) - - [ ] [Ransomware attack forces Brit high school to shut doors](https://go.theregister.com/feed/www.theregister.com/2025/01/20/blacon_high_school_ransomware/) - - [ ] [Sage Copilot grounded briefly to fix AI misbehavior](https://go.theregister.com/feed/www.theregister.com/2025/01/20/sage_copilot_data_issue/) - - [ ] [Datacus extractus: Harry Potter publisher breached without resorting to magic](https://go.theregister.com/feed/www.theregister.com/2025/01/20/harry_potter_publisher_breach/) - - [ ] [When food delivery apps reached Indonesia, everyone put on weight](https://go.theregister.com/feed/www.theregister.com/2025/01/20/asia_tech_news_roundup/) - - [ ] [Donald Trump proposes US government acquire half of TikTok, which thanks him and restores service](https://go.theregister.com/feed/www.theregister.com/2025/01/20/trump_tiktok_nationalization_idea/) -- Security Breached Blog - - [ ] [Purple Teaming: What Not to Do in OT & IoT Testing to Avoid Halting the Factory or Sinking the Oil Rig](https://blog.securitybreached.org/2025/01/20/purple-teaming-what-not-to-do-in-ot-iot-testing-to-avoid-halting-the-factory-or-sinking-the-oil-rig/) + - [ ] [Patch procrastination leaves 50,000 Fortinet firewalls vulnerable to zero-day](https://go.theregister.com/feed/www.theregister.com/2025/01/21/fortinet_firewalls_still_vulnerable/) + - [ ] [HPE probes IntelBroker's bold data theft boasts](https://go.theregister.com/feed/www.theregister.com/2025/01/21/hpe_intelbroker_claims/) + - [ ] [Breaking free from reactive security](https://go.theregister.com/feed/www.theregister.com/2025/01/21/breaking_free_from_reactive_security/) + - [ ] [Banks must keep ahead of risks and reap AI rewards](https://go.theregister.com/feed/www.theregister.com/2025/01/21/banks_must_keep_ahead_of/) - Security Affairs - - [ ] [HPE is investigating IntelBroker’s claims of the company hack](https://securityaffairs.com/173265/data-breach/hpe-is-investigating-intelbrokers-claims-of-hack.html) - - [ ] [Esperts found new DoNot Team APT group’s Android malware](https://securityaffairs.com/173257/apt/donot-team-android-malware.html) - - [ ] [Malicious npm and PyPI target Solana Private keys to steal funds from victims’ wallets](https://securityaffairs.com/173249/cyber-crime/malicious-npm-and-pypi-target-solana-private-keys.html) - - [ ] [Planet WGS-804HPT Industrial Switch flaws could be chained to achieve remote code execution](https://securityaffairs.com/173237/security/wgs-804hpt-flaws.html) -- Hacking Exposed Computer Forensics Blog - - [ ] [Daily Blog #723: Sunday Funday 1/19/25](https://www.hecfblog.com/2025/01/daily-blog-723-sunday-funday-11925.html) + - [ ] [Former CIA analyst pleaded guilty to leaking top-secret documents](https://securityaffairs.com/173302/intelligence/former-cia-analyst-pleaded-guilty-to-leaking-top-secret-docs.html) + - [ ] [New Mirai botnet variant Murdoc Botnet targets AVTECH IP cameras and Huawei HG532 routers](https://securityaffairs.com/173294/cyber-crime/new-mirai-botnet-variant-murdoc-botnet-targets-avtech-ip-cameras-and-huawei-hg532-routers.html) + - [ ] [CERT-UA warned of scammers impersonating the agency using fake AnyDesk requests](https://securityaffairs.com/173285/hacking/cert-ua-warned-of-scammers-impersonating-the-agency-using-fake-anydesk.html) + - [ ] [Experts found multiple flaws in Mercedes-Benz infotainment system](https://securityaffairs.com/173275/hacking/mercedes-benz-infotainment-system-flaws.html) - Deeplinks - - [ ] [VPNs Are Not a Solution to Age Verification Laws](https://www.eff.org/deeplinks/2025/01/vpns-are-not-solution-age-verification-laws) -- 白帽子章华鹏 - - [ ] [直播倒计时1天:AI生成代码会带来更广泛的软件供应链攻击吗?](https://mp.weixin.qq.com/s?__biz=MzIyOTAxOTYwMw==&mid=2650236946&idx=1&sn=2b4b09bfcc905f6ec14b7d509e1a6ed6&chksm=f04ad2aec73d5bb8e4f014c49705f57df429dafdee65fdf854748b00721ba0d3dbf029444309&scene=58&subscene=0#rd) + - [ ] [EFF Sends Transition Memo on Digital Policy Priorities to New Administration and Congress](https://www.eff.org/press/releases/eff-sends-transition-memo-digital-policy-priorities-new-administration-and-congress) +- Posts By SpecterOps Team Members - Medium + - [ ] [Life at SpecterOps Part II: From Dream to Reality](https://posts.specterops.io/life-at-specterops-part-ii-from-dream-to-reality-99e10df0ba73?source=rss----f05f8696e3cc---4) - Your Open Hacker Community - - [ ] [How do hackers divert ships? (read description)](https://www.reddit.com/r/HowToHack/comments/1i5nrch/how_do_hackers_divert_ships_read_description/) - - [ ] [Looking for simple step pointers using hashcat on windows.](https://www.reddit.com/r/HowToHack/comments/1i5xd58/looking_for_simple_step_pointers_using_hashcat_on/) - - [ ] [How Many Rooms Should I Solve Per Day? Or Should I Focus More on Theory?](https://www.reddit.com/r/HowToHack/comments/1i5nlnp/how_many_rooms_should_i_solve_per_day_or_should_i/) - - [ ] [Kali home server](https://www.reddit.com/r/HowToHack/comments/1i5whrp/kali_home_server/) - - [ ] [My awus036h cannot scan any wireless](https://www.reddit.com/r/HowToHack/comments/1i5p3nw/my_awus036h_cannot_scan_any_wireless/) - - [ ] [Running Telegram messages, as Terminal commands, by Esp32 USB](https://www.reddit.com/r/HowToHack/comments/1i5hibl/running_telegram_messages_as_terminal_commands_by/) - - [ ] [How to start hacking?](https://www.reddit.com/r/HowToHack/comments/1i62424/how_to_start_hacking/) - - [ ] [Need Advice on combining Learning Hacking While Doing a CS Degree](https://www.reddit.com/r/HowToHack/comments/1i5pop9/need_advice_on_combining_learning_hacking_while/) - - [ ] [Why do you need wifi adapters](https://www.reddit.com/r/HowToHack/comments/1i5z8fs/why_do_you_need_wifi_adapters/) - - [ ] [Hey guys, How can I get Free Internet using HTTP Custom?](https://www.reddit.com/r/HowToHack/comments/1i612x8/hey_guys_how_can_i_get_free_internet_using_http/) - - [ ] [CURIOUSITY IS KILLING ME!](https://www.reddit.com/r/HowToHack/comments/1i60un0/curiousity_is_killing_me/) - - [ ] [Assist ?](https://www.reddit.com/r/HowToHack/comments/1i5viek/assist/) - - [ ] [Whats a good remote acces tool?](https://www.reddit.com/r/HowToHack/comments/1i5q7s8/whats_a_good_remote_acces_tool/) - - [ ] [Chess.com config](https://www.reddit.com/r/HowToHack/comments/1i5nvub/chesscom_config/) + - [ ] [Learning Cryptography & Math for hacking](https://www.reddit.com/r/HowToHack/comments/1i6ro3j/learning_cryptography_math_for_hacking/) + - [ ] [How to detect Wi-Fi deauth attacks](https://www.reddit.com/r/HowToHack/comments/1i6vi0d/how_to_detect_wifi_deauth_attacks/) + - [ ] [Root directory question](https://www.reddit.com/r/HowToHack/comments/1i6r7bd/root_directory_question/) + - [ ] [Broken Access Control](https://www.reddit.com/r/HowToHack/comments/1i6dllf/broken_access_control/) + - [ ] [O.MG Cable](https://www.reddit.com/r/HowToHack/comments/1i6fkqd/omg_cable/) + - [ ] [How to change a player's UUID in Minecraft?](https://www.reddit.com/r/HowToHack/comments/1i6aj8m/how_to_change_a_players_uuid_in_minecraft/) +- Blackhat Library: Hacking techniques and research + - [ ] [Spammer/scammer sites?](https://www.reddit.com/r/blackhat/comments/1i6k17f/spammerscammer_sites/) + - [ ] [Doxxed on instagram by a random need help](https://www.reddit.com/r/blackhat/comments/1i672l2/doxxed_on_instagram_by_a_random_need_help/) +- ICT Security Magazine + - [ ] [Cybersecurity nel Settore Sanitario: Minacce, Vulnerabilità e Strategie di Difesa per il 2025](https://www.ictsecuritymagazine.com/notizie/settore-sanitario-2025/) +- Silent Signal Techblog + - [ ] [Vulnerability Archeology: Stealing Passwords with IBM i Access Client Solutions](https://blog.silentsignal.eu/2025/01/21/ibm-acs-password-dump/) +- 表图 + - [ ] [网络安全行业的价格战有那么惨烈吗?](https://mp.weixin.qq.com/s?__biz=MzUzOTI4NDQ3NA==&mid=2247484721&idx=1&sn=5e8ea98c7bfa102e656bff0ae06e3a29&chksm=facb83a4cdbc0ab2440ee60f86552a8dac017e794d8629ba15261aad3175e13285e2b12beaae&scene=58&subscene=0#rd) +- netsecstudents: Subreddit for students studying Network Security and its related subjects + - [ ] [Why would a website change the upload destination via an X-Forwarded-Host header and how can I exploit it?](https://www.reddit.com/r/netsecstudents/comments/1i6q0ib/why_would_a_website_change_the_upload_destination/) +- Social Engineering + - [ ] [When making a request from someone , how do you explain it in a way that'd be agreeable?](https://www.reddit.com/r/SocialEngineering/comments/1i6gkun/when_making_a_request_from_someone_how_do_you/) +- Hacking Exposed Computer Forensics Blog + - [ ] [Daily Blog #724: Project Adaz testing part 2](https://www.hecfblog.com/2025/01/daily-blog-724-project-adaz-testing.html) +- SANS Internet Storm Center, InfoCON: green + - [ ] [Geolocation and Starlink, (Tue, Jan 21st)](https://isc.sans.edu/diary/rss/31612) + - [ ] [ISC Stormcast For Tuesday, January 21st, 2025 https://isc.sans.edu/podcastdetail/9288, (Tue, Jan 21st)](https://isc.sans.edu/diary/rss/31610) - Technical Information Security Content & Discussion - - [ ] [Malware Analysis of Fake Banking Reward APK Targeting WhatsApp Users](https://www.reddit.com/r/netsec/comments/1i5su0v/malware_analysis_of_fake_banking_reward_apk/) - - [ ] [The cost of false positives - how we became a target](https://www.reddit.com/r/netsec/comments/1i5tioq/the_cost_of_false_positives_how_we_became_a_target/) - - [ ] [v0.1.0 released - Analyze IoC with OpenCTI, Threat fox and more #FOSS](https://www.reddit.com/r/netsec/comments/1i5wimk/v010_released_analyze_ioc_with_opencti_threat_fox/) - - [ ] [Tear Down The Castle - Part 1 | dfir.ch](https://www.reddit.com/r/netsec/comments/1i5p97a/tear_down_the_castle_part_1_dfirch/) + - [ ] [Reverse Engineering Call Of Duty Anti-Cheat](https://www.reddit.com/r/netsec/comments/1i6fcdq/reverse_engineering_call_of_duty_anticheat/) + - [ ] [NaN Of Your Business - My Favorite Unintended CTF Solution](https://www.reddit.com/r/netsec/comments/1i6kx5w/nan_of_your_business_my_favorite_unintended_ctf/) + - [ ] [Vulnerability Archeology: Stealing Passwords with IBM i Access Client Solutions](https://www.reddit.com/r/netsec/comments/1i6h9bg/vulnerability_archeology_stealing_passwords_with/) - Schneier on Security - - [ ] [Biden Signs New Cybersecurity Order](https://www.schneier.com/blog/archives/2025/01/biden-signs-new-cybersecurity-order.html) + - [ ] [AI Mistakes Are Very Different from Human Mistakes](https://www.schneier.com/blog/archives/2025/01/ai-mistakes-are-very-different-from-human-mistakes.html) - Computer Forensics - - [ ] [Release v0.1.0 - Give context to IoC with ease - OpenCTI, Threatfox and more](https://www.reddit.com/r/computerforensics/comments/1i5ugv1/release_v010_give_context_to_ioc_with_ease/) - - [ ] [How is data acquisition performed for small IoT devices or sensors? What is performed static or live acquisition usually?](https://www.reddit.com/r/computerforensics/comments/1i636q6/how_is_data_acquisition_performed_for_small_iot/) - - [ ] [Requesting Assistance - iPhone Photo Data](https://www.reddit.com/r/computerforensics/comments/1i5qyd3/requesting_assistance_iphone_photo_data/) - - [ ] [Career pathway advice](https://www.reddit.com/r/computerforensics/comments/1i5k2ht/career_pathway_advice/) -- Social Engineering - - [ ] [Festival beer run](https://www.reddit.com/r/SocialEngineering/comments/1i5q01m/festival_beer_run/) + - [ ] [Tell me if I’m wrong, but should data carving be done on the non-mounted block device? If mounted, would the deleted file bytes be invisible since the mounted directory is just a "metaphor" of the OS, obscuring the hidden data?](https://www.reddit.com/r/computerforensics/comments/1i6imoz/tell_me_if_im_wrong_but_should_data_carving_be/) + - [ ] [Will someone explain the difference between Magnet Axiom and Cellebrite?](https://www.reddit.com/r/computerforensics/comments/1i6u4pt/will_someone_explain_the_difference_between/) + - [ ] [Created dates not displaying on X ways.](https://www.reddit.com/r/computerforensics/comments/1i6nbvf/created_dates_not_displaying_on_x_ways/) + - [ ] [Printer dithering machine identification code on monochrome printers](https://www.reddit.com/r/computerforensics/comments/1i65uso/printer_dithering_machine_identification_code_on/) +- TorrentFreak + - [ ] [Reddit and Film Companies Clash in Appeals Court Over Sharing Users’ IP Addresses](https://torrentfreak.com/reddit-and-film-companies-clash-in-appeals-court-over-sharing-users-ip-addresses-250121/) +- 网安寻路人 + - [ ] [美商务部AI模型出口管制新规(全文翻译)](https://mp.weixin.qq.com/s?__biz=MzIxODM0NDU4MQ==&mid=2247505939&idx=1&sn=763b43e9649792ff40f1de91e21dab79&chksm=97e965f9a09eeceffb179a7618e568952a1500feb5177140bd912f2bd8ec719211607d2ba064&scene=58&subscene=0#rd) - Security Weekly Podcast Network (Audio) - - [ ] [The Next Era of Data Security: AI, Cloud, & Compliance - Jeff Smith, Dimitri Sirota, Kiran Chinnagangannagari - ESW #390](http://sites.libsyn.com/18678/the-next-era-of-data-security-ai-cloud-compliance-jeff-smith-dimitri-sirota-kiran-chinnagangannagari-esw-390) + - [ ] [Smishing, Microsoft, Star Blizzard, Sneaky Log, VMARE, Josh Marpet, and more... - SWN #444](http://sites.libsyn.com/18678/smishing-microsoft-star-blizzard-sneaky-log-vmare-josh-marpet-and-more-swn-444) + - [ ] [Appsec Predictions for 2025 - Cody Scott - ASW #314](http://sites.libsyn.com/18678/appsec-predictions-for-2025-cody-scott-asw-314) From 51af8bde85b046234a8ed3bee7de8578cb90e044 Mon Sep 17 00:00:00 2001 From: chainreactorbot Date: Thu, 23 Jan 2025 02:46:00 +0000 Subject: [PATCH 17/29] =?UTF-8?q?=E6=AF=8F=E6=97=A5=E5=AE=89=E5=85=A8?= =?UTF-8?q?=E8=B5=84=E8=AE=AF=EF=BC=882025-01-23=EF=BC=89?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- archive/daily/2025/2025-01-23.md | 501 ++++++++++++++++++++ archive/tmp/2025-01-23.json | 583 ++++++++++++++++++++++++ today.md | 756 +++++++++++++++++++------------ 3 files changed, 1555 insertions(+), 285 deletions(-) create mode 100644 archive/daily/2025/2025-01-23.md create mode 100644 archive/tmp/2025-01-23.json diff --git a/archive/daily/2025/2025-01-23.md b/archive/daily/2025/2025-01-23.md new file mode 100644 index 0000000000..44a5ab85e7 --- /dev/null +++ b/archive/daily/2025/2025-01-23.md @@ -0,0 +1,501 @@ +# 每日安全资讯(2025-01-23) + +- 奇安信攻防社区 + - [ ] [2.35版本以下堆沙盒绕过模板总结带例题](https://forum.butian.net/share/4063) + - [ ] [巧用Chrome-CDP远程调用Debug突破JS逆向](https://forum.butian.net/share/4062) +- SecWiki News + - [ ] [SecWiki News 2025-01-22 Review](http://www.sec-wiki.com/?2025-01-22) +- Private Feed for M09Ic + - [ ] [killeven starred xpipe-io/xpipe](https://github.com/xpipe-io/xpipe) + - [ ] [gh0stkey starred deepseek-ai/DeepSeek-R1](https://github.com/deepseek-ai/DeepSeek-R1) + - [ ] [zer0yu starred yamadashy/repomix](https://github.com/yamadashy/repomix) + - [ ] [gh0stkey starred 0x727/ChkApi_0x727](https://github.com/0x727/ChkApi_0x727) + - [ ] [zer0yu starred RooVetGit/Roo-Code](https://github.com/RooVetGit/Roo-Code) + - [ ] [gh0stkey starred TrialMacApp/TrialMacApp](https://github.com/TrialMacApp/TrialMacApp) + - [ ] [gh0stkey starred tyilo/insert_dylib](https://github.com/tyilo/insert_dylib) + - [ ] [timwhitez starred RustScan/RustScan](https://github.com/RustScan/RustScan) + - [ ] [TideSec released v2.7.1 项目数据导出 at TideSec/TscanPlus](https://github.com/TideSec/TscanPlus/releases/tag/v2.7.1) + - [ ] [INotGreen starred passthehashbrowns/Being-A-Good-CLR-Host](https://github.com/passthehashbrowns/Being-A-Good-CLR-Host) + - [ ] [yqcs forked yqcs/bolt.diy from stackblitz-labs/bolt.diy](https://github.com/yqcs/bolt.diy) + - [ ] [Rvn0xsy starred 0x727/ChkApi_0x727](https://github.com/0x727/ChkApi_0x727) + - [ ] [CHYbeta starred nullenc0de/Cognitohunter](https://github.com/nullenc0de/Cognitohunter) + - [ ] [zema1 started following joaoviictorti](https://github.com/joaoviictorti) + - [ ] [zema1 starred joaoviictorti/coffeeldr](https://github.com/joaoviictorti/coffeeldr) + - [ ] [TideSec starred metowolf/qqwry.dat](https://github.com/metowolf/qqwry.dat) + - [ ] [gh0stkey starred wibus-wee/InjectGUI](https://github.com/wibus-wee/InjectGUI) + - [ ] [Y4er started following ph4ntonn](https://github.com/ph4ntonn) + - [ ] [DVKunion starred bin456789/reinstall](https://github.com/bin456789/reinstall) + - [ ] [CHYbeta starred odradev/awesome-zero-knowledge](https://github.com/odradev/awesome-zero-knowledge) + - [ ] [spf13 starred DS4SD/docling](https://github.com/DS4SD/docling) + - [ ] [spf13 starred Bin-Huang/chatbox](https://github.com/Bin-Huang/chatbox) + - [ ] [spf13 starred Wox-launcher/Wox](https://github.com/Wox-launcher/Wox) + - [ ] [spf13 starred danielmiessler/fabric](https://github.com/danielmiessler/fabric) +- 嘶吼 RoarTalk – 网络安全行业综合服务平台,4hou.com + - [ ] [Otelier 数据泄露导致数百万酒店预订信息泄露](https://www.4hou.com/posts/kgjv) + - [ ] [守正创新,持续突破!国投智能数字政务业务年终盘点](https://www.4hou.com/posts/mk03) + - [ ] [Check Point 公司发布《2025 年安全报告》显示,随着网络威胁生态系统日渐成熟,网络攻击次数骤增 44%](https://www.4hou.com/posts/gyDj) +- Recent Commits to cve:main + - [ ] [Update Wed Jan 22 20:24:04 UTC 2025](https://github.com/trickest/cve/commit/7d634b304016aab3bf32893e04ac98344c8a90d0) + - [ ] [Update Wed Jan 22 12:24:00 UTC 2025](https://github.com/trickest/cve/commit/5709cff610e63bf7d61893e46720b8f8ab18d7f3) + - [ ] [Update Wed Jan 22 04:28:36 UTC 2025](https://github.com/trickest/cve/commit/350528609cf8c384d52a5bb8542ffa105cc6b361) +- Doonsec's feed + - [ ] [我实验室2篇论文被WWW 2025接收!](https://mp.weixin.qq.com/s?__biz=MzU4NzUxOTI0OQ==&mid=2247492834&idx=1&sn=36396f6cc39b8c9b87eead00faf8c111) + - [ ] [快速上手渗透测试报告写作:从WP到甲方报告的一站式指南](https://mp.weixin.qq.com/s?__biz=MzA3NDE0NTY0OQ==&mid=2247484103&idx=1&sn=285be13254e14304496c192d45c05002) + - [ ] [美国财政部再对中国一家网络安全公司和一名个人实施制裁](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485452&idx=1&sn=4384fb7ca51f3e1139db829611f6fc43) + - [ ] [【直卖实拍】北七家3居变4居豪装,理想楼层、户型、朝向](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485452&idx=2&sn=c6375b484d936854df5ada100b9ff24e) + - [ ] [【干货】笑傲职场的独家经验(1)](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485452&idx=3&sn=2a8340ae9404ef7ccfe64398b85e2267) + - [ ] [【干货原创】实网攻防演习常态化,会带来什么变化01](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485452&idx=4&sn=fcd594b0e515f7eadff4e4df46c29ba5) + - [ ] [【干货原创】K12教育,鲜为人知的模式秘密](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485452&idx=5&sn=a2cf457c4941e1e16638dd4bddd10903) + - [ ] [原创文章目录](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485452&idx=6&sn=a0bf66a3ff572c1df283577b241ea3cc) + - [ ] [Windows进阶版安全事件应急响应分析](https://mp.weixin.qq.com/s?__biz=MzI1Mjc3NTUwMQ==&mid=2247538503&idx=1&sn=823611c94f399812ab24f75ac97ade94) + - [ ] [云安全(二):对象存储](https://mp.weixin.qq.com/s?__biz=MzkyMjUzNTM1Mw==&mid=2247486992&idx=1&sn=f553fbcdf572da09cdf767e6c39b230f) + - [ ] [国内没人讲,国外电动车测评不惯着新势力新能源汽车](https://mp.weixin.qq.com/s?__biz=MzkwMjQyNjAxMA==&mid=2247484825&idx=1&sn=2fdaa5a56346aac19da121b702f3a1fd) + - [ ] [【漏洞预警】pearProjectApi存在SQL注入漏洞](https://mp.weixin.qq.com/s?__biz=MzI3NzMzNzE5Ng==&mid=2247489507&idx=1&sn=cdbcc7dac604210a7fa351e96c1bbaa9) + - [ ] [【漏洞预警】YesWiki 存在经过身份验证的任意文件删除漏洞(CVE-2025-24019)](https://mp.weixin.qq.com/s?__biz=MzI3NzMzNzE5Ng==&mid=2247489507&idx=2&sn=43309d019012fc2d5146638f21cf4cdb) + - [ ] [link-tools工具箱](https://mp.weixin.qq.com/s?__biz=MzU2MTc4NTEyNw==&mid=2247486391&idx=1&sn=0f8c045e6dfb3362f22fb8d1a7f32da2) + - [ ] [抓包分析FTP协议及原理](https://mp.weixin.qq.com/s?__biz=MzAxNTg1MDYxNA==&mid=2247489174&idx=1&sn=6e16fbcc3137f63cf7a73a438af5e7e4) + - [ ] [浅谈《通信网络安全防护管理办法》](https://mp.weixin.qq.com/s?__biz=MzI4NzA1Nzg5OA==&mid=2247485688&idx=1&sn=2dcf3598a5664123095e9ca1608b8800) + - [ ] [【技巧】开源情报(OSINT):套接字理论(Socket Theory)情报分析师如何更好隐藏自己](https://mp.weixin.qq.com/s?__biz=MzI2MTE0NTE3Mw==&mid=2651148647&idx=1&sn=4df1f367b82341e8c092ea12a7dec4c8) + - [ ] [强烈推荐|超好用的网安大模型](https://mp.weixin.qq.com/s?__biz=Mzg5NTY3NTMxMQ==&mid=2247484536&idx=1&sn=b056b6036c8dc99ff081f004dc23caff) + - [ ] [使用 Evilginx 轻松绕过 MFA](https://mp.weixin.qq.com/s?__biz=MzkwOTE5MDY5NA==&mid=2247504689&idx=1&sn=ebe28721272600d656ad2acd2611a716) + - [ ] [OSINT|值得拥有的TOP5工具](https://mp.weixin.qq.com/s?__biz=MzkxMDIwMTMxMw==&mid=2247494462&idx=1&sn=ed829c96e96e34bcd8db231435dcfe19) + - [ ] [我要学习 | 本公众号第一次公开课:前端爆破加解密、JS调试分析加密爆破](https://mp.weixin.qq.com/s?__biz=Mzk0NzQxNzY2OQ==&mid=2247488005&idx=1&sn=592dae68ea021e9ac446992060cf267c) + - [ ] [信创已经到关键期--人人必须要知道的政策](https://mp.weixin.qq.com/s?__biz=MzkwNDI0MjkzOA==&mid=2247485838&idx=1&sn=dd4be512901b9a931d6d7681f3b1e5b1) + - [ ] [ctftools-all-in-oneV7.5](https://mp.weixin.qq.com/s?__biz=MzI1NzUxOTUzMA==&mid=2247485778&idx=1&sn=3b0ff74d522d161b0a91bd13453019f1) + - [ ] [搞网络安全怎么赚大钱!!!](https://mp.weixin.qq.com/s?__biz=Mzk0MzY3MDE5Mg==&mid=2247483972&idx=1&sn=5f01535fafc100416448c9fb3a7162a6) + - [ ] [红队开发:让自己的Shellcode实现SMC](https://mp.weixin.qq.com/s?__biz=Mzg3OTUxNTU2NQ==&mid=2247490015&idx=1&sn=0cdb71c24b75dcb4bf801925daf80188) + - [ ] [CTF:Phar反序列化漏洞学习笔记](https://mp.weixin.qq.com/s?__biz=Mzg3OTUxNTU2NQ==&mid=2247490015&idx=2&sn=e906ce0834778a54573549a04e207af6) + - [ ] [Ansible fetch模块详解:轻松从远程主机抓取文件](https://mp.weixin.qq.com/s?__biz=Mzg3OTUxNTU2NQ==&mid=2247490015&idx=3&sn=2345a568a480fa2af4f3055b4a20e422) + - [ ] [【工具推荐】URLFinder-x 信息收集工具](https://mp.weixin.qq.com/s?__biz=Mzg3OTUxNTU2NQ==&mid=2247490015&idx=4&sn=e51a2edc4bd80f79155f95e73f56a74e) + - [ ] [【安全圈】特朗普上任首日,被囚 11 年的丝绸之路创始人获释](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067553&idx=1&sn=bad8f735186597a7ef0a02f03be5d6e4) + - [ ] [【安全圈】420万主机暴露,含VPN和路由器](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067553&idx=2&sn=ce83805d756cb11a77b84cb9413465be) + - [ ] [【安全圈】2024年近2亿人受影响,美国医疗成重点攻击目标](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067553&idx=3&sn=126c3fc5cb7d6a7dc18e3e9a213e8170) + - [ ] [【安全圈】7-Zip 漏洞可让远程攻击者绕过保护并执行任意代码](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067553&idx=4&sn=2c06e2c2a5011eb86894033a1e6c41fc) + - [ ] [2025年最新渗透测试虚拟机工具箱汇总](https://mp.weixin.qq.com/s?__biz=MzkyMzg4MTY4Ng==&mid=2247484594&idx=1&sn=585d3369395a3f45ab99f107d28a3463) + - [ ] [特斯拉电动汽车越狱](https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247619987&idx=1&sn=d6821c8b8105f5f77f3461cfbd94e684) + - [ ] [基于 Linux 的汽车计算机的安全隔离与案例研究](https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247619987&idx=2&sn=ee7b65f10a49000391f08bc76432de8a) + - [ ] [远程车辆控制的关键 - 自动驾驶域控制器 百度](https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247619987&idx=3&sn=1387d6e1758c003c565cdbf395dfc69f) + - [ ] [某攻防演练|从404页面到接管阿里云](https://mp.weixin.qq.com/s?__biz=MzIzMTIzNTM0MA==&mid=2247496928&idx=1&sn=871a0d0002a589ed9b98ae6ed97158f9) + - [ ] [关于召开宁夏商用密码应用安全性评估业务培训工作会议的预通知](https://mp.weixin.qq.com/s?__biz=MzI5NTM4OTQ5Mg==&mid=2247633960&idx=1&sn=50eb0fb22088f21b070e66f7d7e9584a) + - [ ] [江苏省数据条例正式发布](https://mp.weixin.qq.com/s?__biz=MzI5NTM4OTQ5Mg==&mid=2247633960&idx=2&sn=bb5de81413dedac432a0b709af22b410) + - [ ] [《Web3.0数字身份密码安全体系研究(2024年)》正式发布](https://mp.weixin.qq.com/s?__biz=MzI5NTM4OTQ5Mg==&mid=2247633960&idx=3&sn=643e1c6917e0dce418857355ad3c1c9b) + - [ ] [专家解读 | 魏亮:统筹布局国家数据基础设施,夯实数据要素价值释放基础](https://mp.weixin.qq.com/s?__biz=MzI5NTM4OTQ5Mg==&mid=2247633960&idx=4&sn=134507671490e2845e85db11c3be566d) + - [ ] [美国IT供应商被黑,导致多地公共服务被迫中断多天](https://mp.weixin.qq.com/s?__biz=MzI5NTM4OTQ5Mg==&mid=2247633960&idx=5&sn=6918146fda0592a974fd01cf1925c11c) + - [ ] [乘风破浪,行稳致远 —— 新潮信息2024年度盛典圆满落幕](https://mp.weixin.qq.com/s?__biz=MzkwNDcyODgwOQ==&mid=2247486769&idx=1&sn=ec8b1275fbd5a504490eef87766c3aa1) + - [ ] [安全专家亲测演示:用这个方法,邻居家的WiFi密码一碰就开](https://mp.weixin.qq.com/s?__biz=MzI5MjY4MTMyMQ==&mid=2247489766&idx=1&sn=605087abaf5c1f6db011dcd9e668e8b0) + - [ ] [人间逢小年,祝大家万事皆如愿](https://mp.weixin.qq.com/s?__biz=Mzg4NzQ4MzA4Ng==&mid=2247485185&idx=1&sn=7fd770df097013d9a338a34a41d0bc8c) + - [ ] [缺乏的不是资源,而是真正的教育](https://mp.weixin.qq.com/s?__biz=MzkwODY2MzMyMA==&mid=2247484531&idx=1&sn=6283dfe0b1f0cd0be19c277bdf2f8076) + - [ ] [汇编语言基础教程](https://mp.weixin.qq.com/s?__biz=MzA4ODEyODA3MQ==&mid=2247490098&idx=1&sn=ed0be305f2c8c9de0fff326bc45f1ce9) + - [ ] [Remcos RAT远控木马分析](https://mp.weixin.qq.com/s?__biz=MzA4ODEyODA3MQ==&mid=2247490098&idx=2&sn=4a0e7ccccb8b29ea9fb45b2e6470e088) + - [ ] [CE了解](https://mp.weixin.qq.com/s?__biz=MzkxMjYyMjA3Mg==&mid=2247485392&idx=1&sn=a3204187202136c21f954c939c9d6a3d) + - [ ] [App对抗系列—Root检测对抗](https://mp.weixin.qq.com/s?__biz=MzU3OTYxNDY1NA==&mid=2247484886&idx=1&sn=dd4e714506b98b4971ca44a8c838c966) + - [ ] [【信科动态】蓄势待发 共创辉煌 — 信科共创2025年会圆满举办](https://mp.weixin.qq.com/s?__biz=MzIyNTIyMTU1Nw==&mid=2247485220&idx=1&sn=9a2dbc483e538d6cfa865f6dd956dbfd) + - [ ] [【权威发布】CNNIC最新《中国互联网络发展状况统计报告》发布](https://mp.weixin.qq.com/s?__biz=MzIyNTIyMTU1Nw==&mid=2247485220&idx=2&sn=0a2a314bc37a8521c1d2716667929149) + - [ ] [【数安天地】2025年我国数据领域明确重点任务](https://mp.weixin.qq.com/s?__biz=MzIyNTIyMTU1Nw==&mid=2247485220&idx=3&sn=32cb839b2a727c01270ea47e1df58290) + - [ ] [【AI安全】2024年度人工智能……](https://mp.weixin.qq.com/s?__biz=MzIyNTIyMTU1Nw==&mid=2247485220&idx=4&sn=abfa6ea3dca53098a88613093bb4449e) + - [ ] [【网安前沿】人数超TikTOK!……](https://mp.weixin.qq.com/s?__biz=MzIyNTIyMTU1Nw==&mid=2247485220&idx=5&sn=5c373b4d772f9ce5160eed1cb8773743) + - [ ] [混沌](https://mp.weixin.qq.com/s?__biz=MzIwODc2NjgxNA==&mid=2247484977&idx=1&sn=bfdeaa70d34c3c8a5d24edb80197bdc6) + - [ ] [带你解锁编码新世界!--随波逐流CTF编码工具使用教程39 --polybius棋盘密码](https://mp.weixin.qq.com/s?__biz=MzU2NzIzNzU4Mg==&mid=2247489560&idx=1&sn=f13a82f3662c6aaff65700a0bb33ad1c) + - [ ] [Coremail邮箱客户端安装与账户配置(macOS x86版)](https://mp.weixin.qq.com/s?__biz=MzkxMjY3MTI4Mg==&mid=2247484607&idx=1&sn=f63e575f4158cdb39e613b1f7c85eb5a) + - [ ] [关于公示2025年工业和信息化部移动互联网APP产品安全漏洞专业库支撑单位的通知](https://mp.weixin.qq.com/s?__biz=MzkyMjM4MzY5Ng==&mid=2247486052&idx=1&sn=672267c39bd61c609b8a70aa6fe4dba4) + - [ ] [支撑单位遴选 | 关于开展2025年工业和信息化部移动互联网APP产品安全漏洞专业库支撑单位遴选工作的通知](https://mp.weixin.qq.com/s?__biz=MzkyMjM4MzY5Ng==&mid=2247486052&idx=2&sn=df504e3f60bd71a5f51f6ddfc79ceac2) + - [ ] [AI快速上手:新手如何用ChatGPT写好医学影像学文献综述的全攻略!](https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247493247&idx=1&sn=e8b8fb7965bdb36fbd8d60043f77110e) + - [ ] [AI驱动教育学论文初稿快速生成:核心流程与实战指北!](https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247493247&idx=2&sn=e818116fd4106e8a0f70c6dc696a890e) + - [ ] [AI驱动下的法语论文文献综述战法:半天高效清空20个刊物的内参秘籍。](https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247493247&idx=3&sn=bd8b3f8df3fabad7af824fd5f9a552ee) + - [ ] [AI时代:教你玩转小学教育论文大纲的落实与完善攻略。](https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247493247&idx=4&sn=aaae4c45ec27234ca0aed2ae90c7dc4c) + - [ ] [AI时代:ChatGPT助你一天搞定法语论文大纲完善内部高阶指南!](https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247493247&idx=5&sn=abd5d43185cc32d17ba024114fd783ad) + - [ ] [安世加实战派沙龙第二期之办公终端安全在北京成功举办(2025.01.11/周六、北京)](https://mp.weixin.qq.com/s?__biz=MzU2MTQwMzMxNA==&mid=2247541441&idx=1&sn=b4996a6803ef5cac9358f5c0abc692c7) + - [ ] [【工具分享】HermeticRansom勒索病毒恢复工具](https://mp.weixin.qq.com/s?__biz=MzkyOTQ0MjE1NQ==&mid=2247496544&idx=1&sn=b0532021322be29222853520f63e6c37) + - [ ] [起床了吗,我要结婚了](https://mp.weixin.qq.com/s?__biz=Mzg4NDg2NTM3NQ==&mid=2247484692&idx=1&sn=c1bd4168ea28a88992c34b9370b2afcc) + - [ ] [下辈子别做网安了](https://mp.weixin.qq.com/s?__biz=MzIxNTIzNTExMQ==&mid=2247490797&idx=1&sn=f884b6f04d1985bae7bb9a55eb1c2706) + - [ ] [区块链学习笔记之初探以太坊](https://mp.weixin.qq.com/s?__biz=MjM5MjEyMTcyMQ==&mid=2651037431&idx=1&sn=33663e3a850d9c8b658bad904c08ce0a) + - [ ] [领导者不变,中国厂商全无|Gartner 访问管理 2024 MQ 发布](https://mp.weixin.qq.com/s?__biz=MzkzNjE5NjQ4Mw==&mid=2247543326&idx=1&sn=8f60ed73ede9f28b5c71d30f94a81e9e) + - [ ] [DeepSeek+OpenAI Swarm,做Agent的绝配](https://mp.weixin.qq.com/s?__biz=Mzg5NTMxMjQ4OA==&mid=2247485586&idx=1&sn=fa8cd22e23818be8a4f85c034b2653e9) + - [ ] [《灵根换途:重铸荣耀》](https://mp.weixin.qq.com/s?__biz=MzI1NDU2MzAzNQ==&mid=2247487775&idx=1&sn=bdeb4114b72038469c576c5cd7ef0abf) + - [ ] [数据经纪商Gravy Analytics遭黑客攻击 数百万用户位置信息泄露](https://mp.weixin.qq.com/s?__biz=MzIwNzAwOTQxMg==&mid=2652251252&idx=1&sn=08c27d24f45df08156ccbb320a916ca7) + - [ ] [关于调整半决赛入围队伍名单公示](https://mp.weixin.qq.com/s?__biz=MzI1NzQ0NTMxMQ==&mid=2247490073&idx=1&sn=1196e582372868c1cdcdc85590fe6ec2) + - [ ] [小年 | 小年辞旧岁,新春序幕开](https://mp.weixin.qq.com/s?__biz=MzU3MDA0MTE2Mg==&mid=2247492489&idx=1&sn=f7ae189fc8a91f74ba5b7ca2cd070e3d) + - [ ] [今日,小年](https://mp.weixin.qq.com/s?__biz=MzkyNDUxNTQ2Mw==&mid=2247485811&idx=1&sn=b6f89d271a02e0fe0ecaa468674cd746) + - [ ] [美商务部《保障ICT供应链:联网汽车》规则(全文翻译)](https://mp.weixin.qq.com/s?__biz=MzIxODM0NDU4MQ==&mid=2247506068&idx=1&sn=c5502bc907a76a432d06dd4e9098d0ad) + - [ ] [小年纳福 喜迎新春](https://mp.weixin.qq.com/s?__biz=MzI2NDYzNjY0Mg==&mid=2247501129&idx=1&sn=78727fa4943031118593e6589cac1f03) + - [ ] [Payloads for LFR/LFD](https://mp.weixin.qq.com/s?__biz=Mzg2NTk4MTE1MQ==&mid=2247486492&idx=1&sn=2a26b6645da3eac6fb5fd1bb53bb5ba9) + - [ ] [秋风AI代码审计工具1.0 上线!](https://mp.weixin.qq.com/s?__biz=MzkzMzczODA0OQ==&mid=2247484087&idx=1&sn=946eec98d2649ebae893bd340fc6f023) + - [ ] [CERT-UA 警告网络诈骗者冒充该机构利用虚假AnyDesk请求控制目标](https://mp.weixin.qq.com/s?__biz=MzI2NzAwOTg4NQ==&mid=2649793938&idx=2&sn=8ef11a28a3fa79bc3bd6ed37a79f3e6a) + - [ ] [《信息安全学报》“智能语音攻防技术”专栏征稿函](https://mp.weixin.qq.com/s?__biz=MzI5ODA1NjE5NQ==&mid=2652014647&idx=1&sn=082ad04011ce661af109ade0f59b2d6f) + - [ ] [税前年薪50-200万,高层次网络安全人才招聘](https://mp.weixin.qq.com/s?__biz=MzU4OTg4Nzc4MQ==&mid=2247505628&idx=1&sn=b6131a18925f1d2c27b52a044ac7c20a) + - [ ] [江西银行2025年社会招聘网络安全岗](https://mp.weixin.qq.com/s?__biz=MzU4OTg4Nzc4MQ==&mid=2247505628&idx=2&sn=48d0b333d0c895679e394c93cb955922) + - [ ] [年薪50-80万!湖南省密码工程技术研究中心招聘信息安全专业](https://mp.weixin.qq.com/s?__biz=MzU4OTg4Nzc4MQ==&mid=2247505628&idx=3&sn=bc981945ca96eb0dd824e4fb8aef48d9) + - [ ] [3000+网安笔记](https://mp.weixin.qq.com/s?__biz=MzU4OTg4Nzc4MQ==&mid=2247505628&idx=4&sn=6bafb661c0c79d06eaea7321bccf9b1d) + - [ ] [期刊征文 | 暗网抑制前沿进展](https://mp.weixin.qq.com/s?__biz=MzU5MTM5MTQ2MA==&mid=2247491610&idx=1&sn=8b6c9caf92435cbd9b76b77686619972) + - [ ] [红包封面第二弹!](https://mp.weixin.qq.com/s?__biz=MzUzMDQ1MTY0MQ==&mid=2247506597&idx=1&sn=e0fb7f14d115e5e6a81cf58be6938690) + - [ ] [工信部等十四部门联合印发《关于加强极端场景应急通信能力建设的意见》](https://mp.weixin.qq.com/s?__biz=Mzg2MDg0ODg1NQ==&mid=2247539969&idx=1&sn=d0b20062f59c4c2627623f4a0110a99a) + - [ ] [【解读】五问+一图,读懂《关于加强极端场景应急通信能力建设的意见》](https://mp.weixin.qq.com/s?__biz=Mzg2MDg0ODg1NQ==&mid=2247539969&idx=2&sn=fc62411ebb093dc6e8ba7a1a293e7968) + - [ ] [祥和小年至,新岁启新程!](https://mp.weixin.qq.com/s?__biz=MzU4NjY4MDAyNQ==&mid=2247497015&idx=1&sn=d54c943e8370d2b504197ce7125a9bd3) + - [ ] [.NET 安全攻防知识交流社区](https://mp.weixin.qq.com/s?__biz=MzkyMDM4NDM5Ng==&mid=2247490330&idx=2&sn=a8b44c92013aa2897bc50f5869a74a94) + - [ ] [梅赛德斯—奔驰信息娱乐系统漏洞详细信息披露](https://mp.weixin.qq.com/s?__biz=MzIzNDIxODkyMg==&mid=2650085835&idx=1&sn=55b9b7d447e31ed5e6a7016fc118aba7) + - [ ] [北方小年|糖瓜祭灶 新年来到](https://mp.weixin.qq.com/s?__biz=MzIzNDIxODkyMg==&mid=2650085835&idx=2&sn=62fa38baa6534b965a3ee784c8c23c5b) + - [ ] [定制红包封面、蛇年手机壁纸,天融信愿您新的一年福气满屏!](https://mp.weixin.qq.com/s?__biz=MzA3OTMxNTcxNA==&mid=2650963107&idx=1&sn=9bbaad123506d1da711ab3643c51c8d5) + - [ ] [小年快乐 | 文末领取励行安全专属红包封面](https://mp.weixin.qq.com/s?__biz=MzkxNTY4NTQwMg==&mid=2247484280&idx=1&sn=2263d238e09a658039a7a2399a3257d9) + - [ ] [Lazarus组织发起“Operation 99”行动,通过虚假LinkedIn资料瞄准Web3开发者](https://mp.weixin.qq.com/s?__biz=MzA4NTY4MjAyMQ==&mid=2447900117&idx=1&sn=147a51e42956ef762d607ad4db560f1b) + - [ ] [红包封面免费领](https://mp.weixin.qq.com/s?__biz=MzA4NTY4MjAyMQ==&mid=2447900116&idx=1&sn=6a902bce7b923dcbb6d636c0bd33e2c7) + - [ ] [福利!免费商用,1500+组件低代码工业数据连接及可视化平台](https://mp.weixin.qq.com/s?__biz=MjM5OTA4MzA0MA==&mid=2454936685&idx=1&sn=c2daf9fcc60bce9090096a88fc9bc122) + - [ ] [转储LSASS内存的强大神器](https://mp.weixin.qq.com/s?__biz=MzkyNzIxMjM3Mg==&mid=2247489037&idx=1&sn=690f85a085d60322cbdef81ea014958a) + - [ ] [小事](https://mp.weixin.qq.com/s?__biz=MzkyNzIxMjM3Mg==&mid=2247489037&idx=2&sn=6baba774e15189c2118e75a96615ba4a) + - [ ] [Wireshark Troubleshooting 系列合集目录](https://mp.weixin.qq.com/s?__biz=MzA5NTUxODA0OA==&mid=2247493128&idx=1&sn=027c2d79a975850f77ba85e1c7325e23) + - [ ] [网安之道](https://mp.weixin.qq.com/s?__biz=MzAwMjQ2NTQ4Mg==&mid=2247496713&idx=1&sn=f99ce8d0ff597b9725371ec789d1627d) + - [ ] [国自然中标真不难!十年评审专家1v1精修你的本子,中标率提升58%](https://mp.weixin.qq.com/s?__biz=MzAwMjQ2NTQ4Mg==&mid=2247496713&idx=2&sn=5123c0c462454c69a097d5c90b01ac29) + - [ ] [云计算与零信任架构的结合:实现更高安全性](https://mp.weixin.qq.com/s?__biz=MzkxNjU2NjY5MQ==&mid=2247509854&idx=1&sn=c873f0835b8ef33b4e64f63598b41c66) + - [ ] [Go shellcode加载器 免杀火绒 360核晶等主流杀软](https://mp.weixin.qq.com/s?__biz=MzU5MjgwMDg1Mg==&mid=2247484753&idx=1&sn=b8aa28771e6ca5e4ac83058d2a8f18cb) + - [ ] [小年至,归期近;有安全,更团圆。](https://mp.weixin.qq.com/s?__biz=MjM5NzA3Nzg2MA==&mid=2649870812&idx=1&sn=422066cfd72bd12d7ff94673d46c0035) + - [ ] [互联网大厂黑话指南(速成版)](https://mp.weixin.qq.com/s?__biz=MzI1NzI5NDM4Mw==&mid=2247498587&idx=1&sn=f7b972440193d95d234bd9e501fad124) + - [ ] [十强!威努特斩获2024年网络安全优秀评选三项大奖](https://mp.weixin.qq.com/s?__biz=MzAwNTgyODU3NQ==&mid=2651130654&idx=1&sn=72ece0485d56a8dbc791b20108f0943c) + - [ ] [MySQL数据误删的恢复分享](https://mp.weixin.qq.com/s?__biz=Mzg3NTU3NTY0Nw==&mid=2247489522&idx=1&sn=b85a0e1b057a832db9ec56399cc6439f) + - [ ] [先向下扎根,再向上生长](https://mp.weixin.qq.com/s?__biz=MzU4NjY3OTAzMg==&mid=2247514862&idx=1&sn=6c93e8560b7d557a43c0f9b7263d6dd0) + - [ ] [全球瞭望|网络安全重大事件精选](https://mp.weixin.qq.com/s?__biz=MzU4NjY3OTAzMg==&mid=2247514862&idx=2&sn=bcdf5e64844202a08a115bfeadb0c886) + - [ ] [JWT原理及利用](https://mp.weixin.qq.com/s?__biz=Mzg5MDgzOTk2Mg==&mid=2247484651&idx=1&sn=9cd5604806e7af154fa2c88241523b12) + - [ ] [一些木马反制技巧](https://mp.weixin.qq.com/s?__biz=MzkwMzMwODg2Mw==&mid=2247510449&idx=1&sn=954231b814fb3c633b2bac2dc12665b3) + - [ ] [漏洞预警 | 叁拾叁OA SQL注入漏洞](https://mp.weixin.qq.com/s?__biz=MzkwMTQ0NDA1NQ==&mid=2247492118&idx=2&sn=0cc8d46b2006a58fe76e0aceeec3f5e3) + - [ ] [工具 | proxypin](https://mp.weixin.qq.com/s?__biz=MzkwMTQ0NDA1NQ==&mid=2247492118&idx=4&sn=6d72cbe7b6abd76539ff4b90c246e621) + - [ ] [载誉前行|天地和兴荣膺CCIA年度先进会员单位](https://mp.weixin.qq.com/s?__biz=MjM5Mzk0MDE2Ng==&mid=2649608840&idx=1&sn=822e24931c6b118b52381dd6a0725082) + - [ ] [2024年度网络安全漏洞威胁态势研究报告](https://mp.weixin.qq.com/s?__biz=MjM5OTk4MDE2MA==&mid=2655264326&idx=2&sn=edd9feb6f1f3d5fb7467e5a4a1bc8ea3) + - [ ] [网络弹性评价流程](https://mp.weixin.qq.com/s?__biz=MjM5OTk4MDE2MA==&mid=2655264326&idx=3&sn=0064271e80a9c395235db44394646be4) + - [ ] [网络与数据安全治理前沿洞察(2025年第1期)](https://mp.weixin.qq.com/s?__biz=MjM5OTk4MDE2MA==&mid=2655264326&idx=4&sn=972c2472a69641e01ab75dec91607976) + - [ ] [2025年低空经济未来发展趋势分析](https://mp.weixin.qq.com/s?__biz=MjM5OTk4MDE2MA==&mid=2655264326&idx=5&sn=c695125ae9234c1bbee0ab30a82644fe) + - [ ] [GB∕T 44778-2024 汽车诊断接口信息安全技术要求及试验方法](https://mp.weixin.qq.com/s?__biz=MjM5OTk4MDE2MA==&mid=2655264326&idx=8&sn=828ad37f9e1fecb482a24e86e66fea7b) + - [ ] [HSQLDB 安全测试指南](https://mp.weixin.qq.com/s?__biz=MzkxNjMwNDUxNg==&mid=2247487207&idx=2&sn=627d12dc6ee86ec6a128d2c4d24e2024) + - [ ] [RPA在电力行业中的应用](https://mp.weixin.qq.com/s?__biz=MjM5NTk5Mjc4Mg==&mid=2655222700&idx=1&sn=135b0046a01810bcbeed431638cb4038) + - [ ] [Any-Reader:把你的VSCode变成摸鱼娱乐中心!](https://mp.weixin.qq.com/s?__biz=MzA4MjkzMTcxMg==&mid=2449046750&idx=1&sn=8520440de7e2c9aa42cf4933b5394a43) + - [ ] [2024年度漏洞态势大揭秘:你的网络安全防线还稳固吗?(附下载)](https://mp.weixin.qq.com/s?__biz=MzkyODY5ODAyOA==&mid=2247489419&idx=1&sn=27d48e4898f7de1f017a5a7bc5bc6a4e) + - [ ] [13,000个MikroTik路由器因恶意垃圾邮件和网络攻击被僵尸网络劫持](https://mp.weixin.qq.com/s?__biz=MzA4MzMzOTQ4Mw==&mid=2453672513&idx=1&sn=955e9169d886553304f98bc40ed4718e) + - [ ] [暗网情报:高价Rust反向Shell-美ISP和网络设备制造商网络访问权限](https://mp.weixin.qq.com/s?__biz=MzkyMjQ5ODk5OA==&mid=2247506983&idx=1&sn=2130ab0ccce5bafd3881b7e250b88caa) + - [ ] [5th域安全微讯早报【20250122】019期](https://mp.weixin.qq.com/s?__biz=MzkyMjQ5ODk5OA==&mid=2247506983&idx=2&sn=0327ca894b9af92ef9b7122f7e70a205) + - [ ] [今日直播课程(ISO/IEC 27001),敬请您关注](https://mp.weixin.qq.com/s?__biz=MzA5OTEyNzc1Nw==&mid=2247486014&idx=1&sn=f9a261134b643ac91d42ec2d51189828) + - [ ] [ISO 14001: 2015 标准详解与实施(20)9.1.1 总则](https://mp.weixin.qq.com/s?__biz=MzA5OTEyNzc1Nw==&mid=2247486014&idx=2&sn=51c00f82998000dfcbb64df3898c9de4) + - [ ] [“间谍”正在潜入你的手机](https://mp.weixin.qq.com/s?__biz=Mzg5OTg5OTI1NQ==&mid=2247489786&idx=1&sn=4b1c4df2d56e34fa521c69996bf42e3f) + - [ ] [黑客团伙IntelBroker声称已窃取HPE内部机密数据 后者表示正在调查](https://mp.weixin.qq.com/s?__biz=MzkxNTI2NTQxOA==&mid=2247496070&idx=1&sn=2336cc68b4e452a35795193173f98854) + - [ ] [一图读懂《关于加强极端场景应急通信能力建设的意见》](https://mp.weixin.qq.com/s?__biz=MzkxNTI2NTQxOA==&mid=2247496070&idx=2&sn=d0fa64e3e92467220eb923a4612e7960) + - [ ] [【神兵利器】JAVA JMX漏洞综合利用工具](https://mp.weixin.qq.com/s?__biz=Mzg4MTU4NTc2Nw==&mid=2247495179&idx=1&sn=0d366655fb6bb139775fc4d4fe333652) + - [ ] [JBoss 4.x JBossMQ JMS反序列化](https://mp.weixin.qq.com/s?__biz=Mzg4MTU4NTc2Nw==&mid=2247495179&idx=2&sn=dce36e9b572732a9fddfa1774bcea24c) + - [ ] [ViewState反序列化漏洞详解](https://mp.weixin.qq.com/s?__biz=Mzg2MzkwNDU1Mw==&mid=2247485410&idx=1&sn=c516da4c5bcf9729e270e70dc0c6e61d) + - [ ] [linux清除了文件没有释放空间](https://mp.weixin.qq.com/s?__biz=Mzg2MzkwNDU1Mw==&mid=2247485410&idx=2&sn=673b6d7c7ff6b3a511f79a660b138423) + - [ ] [什么是零信任:安全性、原则和架构](https://mp.weixin.qq.com/s?__biz=MzA5MzU5MzQzMA==&mid=2652114149&idx=1&sn=e6c11500191f7d8bb8a004604a2c5561) + - [ ] [秦安:新华社喜气洋洋点评,小红书需发挥主体作用,接住泼天富贵](https://mp.weixin.qq.com/s?__biz=MzA5MDg1MDUyMA==&mid=2650476271&idx=1&sn=580c4508bc163041823038ad9e920e68) + - [ ] [喜报!炼石荣获中国计算机行业协会网数专委“卓越贡献奖”](https://mp.weixin.qq.com/s?__biz=MzkyNzE5MDUzMw==&mid=2247568825&idx=1&sn=f8e52c6a4464aec5ef8f1fb39f02e04b) + - [ ] [如何构建混合云环境下的信息安全策略?](https://mp.weixin.qq.com/s?__biz=Mzg4NDc0Njk1MQ==&mid=2247487177&idx=1&sn=809cff24a1b39067a2dbd6d345853a90) + - [ ] [云安全中的共享责任模型:企业与云服务商的界限](https://mp.weixin.qq.com/s?__biz=Mzg4NDc0Njk1MQ==&mid=2247487177&idx=2&sn=7113ff3d04b276d919b4dc008991e0f4) + - [ ] [TangGo:国产化的综合能手](https://mp.weixin.qq.com/s?__biz=MzkzNzg3NzQxMQ==&mid=2247485695&idx=1&sn=2fc7154d71582d71208ba945e123238a) + - [ ] [AWS 云安全面试准备:10 个重要的 DevOps 概念](https://mp.weixin.qq.com/s?__biz=MzkyODYwODkyMA==&mid=2247484996&idx=1&sn=4615303b13ce5abb344738596185350e) + - [ ] [新春福利已就位,海量奖品疯狂来袭!](https://mp.weixin.qq.com/s?__biz=MzAwMDQwNTE5MA==&mid=2650247705&idx=1&sn=36ed81f86ac26ed621bcaeea900677ad) + - [ ] [所有的网站都需要办理ICP备案?](https://mp.weixin.qq.com/s?__biz=MzI4NzA1Nzg5OA==&mid=2247485681&idx=1&sn=fa6e7bd1383473df5734f103139557e7) + - [ ] [分享图片](https://mp.weixin.qq.com/s?__biz=MzI3Njc1MjcxMg==&mid=2247494307&idx=1&sn=47e335541d5c4fa8e74793af9324e019) + - [ ] [全新视频系列《实战源码审计》](https://mp.weixin.qq.com/s?__biz=Mzg4MzkwNzI1OQ==&mid=2247485719&idx=1&sn=4b3339a03f1b67424f469e8d1b72bdcf) + - [ ] [OWASP 2025年十大漏洞–被利用/发现的最严重漏洞](https://mp.weixin.qq.com/s?__biz=MzA5MzU5MzQzMA==&mid=2652114147&idx=1&sn=257856caede83532d8fbbbbaa718c6be) + - [ ] [126个Linux内核漏洞可让攻击者利用78个 Linux子系统](https://mp.weixin.qq.com/s?__biz=MzA5MzU5MzQzMA==&mid=2652114147&idx=2&sn=0ec2b581bd93714c8ff60c69bcc70f8b) + - [ ] [工具推荐 | 内网渗透敏感信息搜索神器](https://mp.weixin.qq.com/s?__biz=MzkwNjczOTQwOA==&mid=2247493961&idx=1&sn=fd35d4a8a05cae420fa700b36125f0d2) + - [ ] [网络空间测绘 -- ScopeSentry(V1.5.4)](https://mp.weixin.qq.com/s?__biz=MzI4MDQ5MjY1Mg==&mid=2247515682&idx=1&sn=7012ed1bd01016412f4a2ac7075c393c) + - [ ] [第6天:基础入门-抓包技术&HTTPS协议&APP&小程序&PC应用&WEB&转发联动](https://mp.weixin.qq.com/s?__biz=MzI4MDQ5MjY1Mg==&mid=2247515682&idx=2&sn=b88c75c1bbebb784ce683d00c4f1c092) + - [ ] [攻防靶场(47):一个dirsearch的坑 Katana](https://mp.weixin.qq.com/s?__biz=MzI0NjA3Mzk2NQ==&mid=2247495899&idx=1&sn=1dba3bd5431bcf4961d53a9827d4d6ef) + - [ ] [安卓逆向2025 -- Frida学习之hook案例(七)](https://mp.weixin.qq.com/s?__biz=MzA4MzgzNTU5MA==&mid=2652037569&idx=1&sn=812d974c4ebdf4db2b99edb6a227a060) + - [ ] [1Scan一键渗透扫描器|漏洞探测](https://mp.weixin.qq.com/s?__biz=Mzg3ODE2MjkxMQ==&mid=2247489961&idx=1&sn=f40f050019a99e6f65fa036bc9a7da16) + - [ ] [春节快到了,来!一起学习春节反诈常识](https://mp.weixin.qq.com/s?__biz=Mzg2NjY2MTI3Mg==&mid=2247498296&idx=1&sn=20ac1bcef2bd187c39d60b04f7d58bff) + - [ ] [泛微e-office 11.0 RCE](https://mp.weixin.qq.com/s?__biz=MzU2NDY2OTU4Nw==&mid=2247518417&idx=1&sn=c64f9f43e83925e92db0882d722b0d76) +- 安全客-有思想的安全新媒体 + - [ ] [最高级!360获评工信部CAPPVD“三星技术支撑单位”称号](https://www.anquanke.com/post/id/303728) + - [ ] [cve-2024-12857: AdForest 主题中的关键漏洞允许完全接管帐户,数千网站面临风险](https://www.anquanke.com/post/id/303725) + - [ ] [新型 Mirai 变种 Murdoc_Botnet 通过物联网漏洞发起 DDoS 攻击](https://www.anquanke.com/post/id/303722) + - [ ] [2024年,Redline、Vidar和Raccoon恶意软件窃取了10亿个密码](https://www.anquanke.com/post/id/303719) + - [ ] [CVE-2025-21298 检测: Microsoft Outlook 中的严重零点击 OLE 漏洞会导致远程代码执行](https://www.anquanke.com/post/id/303716) + - [ ] [Bitbucket 服务因全球大停机而“严重瘫痪”](https://www.anquanke.com/post/id/303713) + - [ ] [假冒的 Homebrew Google 广告以恶意软件为目标的 Mac 用户](https://www.anquanke.com/post/id/303710) + - [ ] [Cloudflare 缓解了破纪录的 5.6 Tbps DDoS 攻击](https://www.anquanke.com/post/id/303707) + - [ ] [”偷偷摸摸的日志“微软欺骗计划避开了双因素安全系统](https://www.anquanke.com/post/id/303704) + - [ ] [前中情局分析员承认泄露绝密文件罪](https://www.anquanke.com/post/id/303701) +- Tenable Blog + - [ ] [Oracle January 2025 Critical Patch Update Addresses 186 CVEs](https://www.tenable.com/blog/oracle-january-2025-critical-patch-update-addresses-186-cves) +- Trustwave Blog + - [ ] [Trustwave SpiderLabs: Ransomware Attacks Against the Energy and Utilities Sector Up 80%](https://www.trustwave.com/en-us/resources/blogs/trustwave-blog/trustwave-spiderlabs-ransomware-attacks-against-the-energy-and-utilities-sector-up-80-percent/) +- obaby@mars + - [ ] [小年 — 这真的就要过年了?](https://h4ck.org.cn/2025/01/19030) +- 安全脉搏 + - [ ] [记一次有点抽象的渗透经历](https://www.secpulse.com/archives/205044.html) + - [ ] [CVE复现之老洞新探(CVE-2021-3156)](https://www.secpulse.com/archives/205000.html) + - [ ] [在一次渗透中学会编写Tamper脚本](https://www.secpulse.com/archives/205058.html) +- CXSECURITY Database RSS Feed - CXSecurity.com + - [ ] [Cleo LexiCom / VLTrader / Harmony 5.8.0.23 Remote Code Execution](https://cxsecurity.com/issue/WLB-2025010023) + - [ ] [Ivanti Buffer Overflow Proof of Concept](https://cxsecurity.com/issue/WLB-2025010022) + - [ ] [LibreNMS Authenticated RCE](https://cxsecurity.com/issue/WLB-2025010021) +- Security Boulevard + - [ ] [UK Mail Check: DMARC Reporting Changes to Know](https://securityboulevard.com/2025/01/uk-mail-check-dmarc-reporting-changes-to-know/) + - [ ] [DEF CON 32 – The Village Peoples’ Panel What Really Goes On In A Village](https://securityboulevard.com/2025/01/def-con-32-the-village-peoples-panel-what-really-goes-on-in-a-village/) + - [ ] [Life in the Swimlane with Marian Fehrenbacher, HR Assistant & Office Manager](https://securityboulevard.com/2025/01/life-in-the-swimlane-with-marian-fehrenbacher-hr-assistant-office-manager/) + - [ ] [Google Cloud Security Threat Horizons Report #11 Is Out!](https://securityboulevard.com/2025/01/google-cloud-security-threat-horizons-report-11-is-out/) + - [ ] [Randall Munroe’s XKCD ‘Human Altitude’](https://securityboulevard.com/2025/01/randall-munroes-xkcd-human-altitude/) + - [ ] [Filtered to Perfection: Votiro’s Two-Layer Approach to Cybersecurity](https://securityboulevard.com/2025/01/filtered-to-perfection-votiros-two-layer-approach-to-cybersecurity/) + - [ ] [Entra Connect Attacker Tradecraft: Part 2](https://securityboulevard.com/2025/01/entra-connect-attacker-tradecraft-part-2/) + - [ ] [Rethinking Credential Security](https://securityboulevard.com/2025/01/rethinking-credential-security/) + - [ ] [DEF CON 32 – UDSonCAN Attacks Discovering Safety Critical Risks By Fuzzing](https://securityboulevard.com/2025/01/def-con-32-udsoncan-attacks-discovering-safety-critical-risks-by-fuzzing/) + - [ ] [How to Handle Secrets at the Command Line [cheat sheet included]](https://securityboulevard.com/2025/01/how-to-handle-secrets-at-the-command-line-cheat-sheet-included/) +- 一个被知识诅咒的人 + - [ ] [【Python运维】Python与Terraform结合:实现云基础设施的自动化部署](https://blog.csdn.net/nokiaguy/article/details/145305290) + - [ ] [Python自动化运维:一键掌控服务器的高效之道](https://blog.csdn.net/nokiaguy/article/details/145305263) +- SpiderLabs Blog + - [ ] [Trustwave SpiderLabs 2025 Trustwave Risk Radar Report: Energy and Utilities Sector](https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/trustwave-spiderlabs-2025-trustwave-risk-radar-report-energy-and-utilities-sector/) +- Horizon3.ai + - [ ] [Identify Cybersecurity Risks at Scale to De-Risk M&A Transactions with Horizon3.ai’s NodeZero® Platform](https://go.horizon3.ai/MandA_UseCase#new_tab) + - [ ] [Horizon3.ai Expands on Disruptive Value of Autonomous Penetration Testing for Security Teams Worldwide](https://www.businesswire.com/news/home/20250122764892/en/Horizon3.ai-Expands-on-Disruptive-Value-of-Autonomous-Penetration-Testing-for-Security-Teams-Worldwide#new_tab) + - [ ] [9 Essential Questions to Ask When Evaluating Pentesting Solutions](https://www.horizon3.ai/intelligence/blogs/9-essential-questions-to-ask-when-evaluating-pentesting-solutions/) +- Malwarebytes + - [ ] [7-Zip bug could allow a bypass of a Windows security feature. Update now](https://www.malwarebytes.com/blog/news/2025/01/7-zip-bug-could-allow-a-bypass-of-a-windows-security-feature-update-now) +- PortSwigger Research + - [ ] [Stealing HttpOnly cookies with the cookie sandwich technique](https://portswigger.net/research/stealing-httponly-cookies-with-the-cookie-sandwich-technique) +- Twitter @bytehx + - [ ] [I earned $$$ for my submission on @bugcrowd https://bugcrowd.com/bytehx #ItTakesACrowd](https://x.com/bytehx343/status/1882032367206060197) + - [ ] [Just got a reward for a vulnerability submitted on @yeswehack -- Acceptance of Extraneous Untrusted Data With Trusted Data - Cache Poisoning (CWE-349)...](https://x.com/bytehx343/status/1882032146376004006) + - [ ] [Re @_justYnot Happy Birthday 🎉🎊🎉](https://x.com/bytehx343/status/1881888985657770380) +- Intigriti + - [ ] [Unwavering support: Your bug bounty journey, our priority](https://www.intigriti.com/blog/business-insights/unwavering-support-your-bug-bounty-journey-our-priority) +- 安全牛 + - [ ] [《Agentic AI安全技术应用报告(2025版)》调研启动](https://mp.weixin.qq.com/s?__biz=MjM5Njc3NjM4MA==&mid=2651134812&idx=1&sn=560db2a85bcb9df872bc7c83e28d37e0&chksm=bd15ab8f8a6222990be11fb64472a9f9dbdfe32284261408fe230c6c72b2425eabc90345f991&scene=58&subscene=0#rd) + - [ ] [特朗普推翻拜登人工智能行政命令;警惕!勒索软件团伙滥用微软Teams发起攻击 | 牛览](https://mp.weixin.qq.com/s?__biz=MjM5Njc3NjM4MA==&mid=2651134812&idx=2&sn=1644fdd615891c190020e26e48734279&chksm=bd15ab8f8a62229945c2a446ad5f94a740189be7bde929cd002d7b0d2cf230da898fbb608135&scene=58&subscene=0#rd) +- 体验盒子 + - [ ] [vscode运行flutter项目ios真机](https://www.uedbox.com/post/119313/) +- HackerNews + - [ ] [7-Zip 修复绕过 Windows MoTW 安全警告的漏洞,应立即升级到24.09版](https://hackernews.cc/archives/57033) + - [ ] [乌克兰计算机应急响应小组警告:假冒 AnyDesk 请求的网络诈骗](https://hackernews.cc/archives/57031) + - [ ] [PNGPlug 加载器通过假冒软件安装程序传播 ValleyRAT 恶意软件](https://hackernews.cc/archives/57029) + - [ ] [13000 台 MikroTik 路由器被僵尸网络劫持,用于恶意软件传播和网络攻击](https://hackernews.cc/archives/57027) + - [ ] [Mirai 变种 Murdoc Botnet 利用 AVTECH IP 摄像头和华为路由器的安全漏洞](https://hackernews.cc/archives/57025) +- 绿盟科技技术博客 + - [ ] [【漏洞通告】Oracle WebLogic Server远程代码执行与拒绝服务漏洞(CVE-2025-21535/CVE-2025-21549)](https://blog.nsfocus.net/cve-20cve-2025-21535-cve-2025-21549/) + - [ ] [绿盟威胁情报周报(2025.01.13-2025.01.19)](https://blog.nsfocus.net/2025-01-13-2025-01-19/) +- bishopfox.com + - [ ] [SonicWall CVE-2024-53704: SSL VPN Session Hijacking](https://bishopfox.com/blog/sonicwall-cve-2024-53704-ssl-vpn-session-hijacking) +- 奇客Solidot–传递最新科技情报 + - [ ] [过去一个世纪男性身高体重增长速度两倍于女性](https://www.solidot.org/story?sid=80399) + - [ ] [杭州深度求索发布能挑战 OpenAI o1 的推理模型 DeepSeek R1](https://www.solidot.org/story?sid=80398) + - [ ] [黑猩猩的撒尿行为具有传染性](https://www.solidot.org/story?sid=80397) + - [ ] [耐药菌在乌克兰扩散](https://www.solidot.org/story?sid=80396) + - [ ] [中国 2024 年可更新能源装机容量再创记录](https://www.solidot.org/story?sid=80395) + - [ ] [Wine 10.0 释出](https://www.solidot.org/story?sid=80394) + - [ ] [TikTok 被指限制反特朗普关键词的搜索](https://www.solidot.org/story?sid=80393) + - [ ] [IMDb 创始人卸任 CEO 一职](https://www.solidot.org/story?sid=80392) + - [ ] [特朗普赦免 Ross Ulbricht](https://www.solidot.org/story?sid=80391) +- 绿盟科技CERT + - [ ] [【漏洞通告】Oracle WebLogic Server远程代码执行与拒绝服务漏洞](https://mp.weixin.qq.com/s?__biz=Mzk0MjE3ODkxNg==&mid=2247488946&idx=1&sn=64c5620996cc0710ef9e2507f0fc0365&chksm=c2c642b9f5b1cbaf3667d5aae3b668b4e34e0cd89d95893a59c258488748706a1a17b3cd727e&scene=58&subscene=0#rd) +- FreeBuf网络安全行业门户 + - [ ] [威胁者利用Microsoft Teams语音通话传播勒索软件](https://www.freebuf.com/news/420574.html) + - [ ] [美国前中央情报局分析师承认泄露国防信息](https://www.freebuf.com/news/420570.html) + - [ ] [FreeBuf早报 | 特朗普赦免暗网丝绸之路创始人;Microsoft Teams被用于传播勒索软件](https://www.freebuf.com/news/420528.html) + - [ ] [特朗普签署文件,特赦暗网“丝绸之路”创始人](https://www.freebuf.com/news/420526.html) + - [ ] [2025 年 AI 网络安全预测](https://www.freebuf.com/news/420517.html) + - [ ] [勒索软件编年史:从特洛伊到AI多重勒索](https://www.freebuf.com/articles/neopoints/420510.html) + - [ ] [7-Zip高危漏洞,攻击者可绕过安全机制远程执行代码](https://www.freebuf.com/news/420514.html) +- 安全客 + - [ ] [2024年度网络安全政策法规一览](https://mp.weixin.qq.com/s?__biz=MzA5ODA0NDE2MA==&mid=2649787787&idx=1&sn=ee8ea4a11f904302c035eb5170b8891e&chksm=8893bde4bfe434f22e9aa593b236330470621bd35552bc2eb979cb1eb05d055b87e7de1f8bde&scene=58&subscene=0#rd) +- 虎符智库 + - [ ] [厚雪翻长坡,平淡不平凡:2024年网安产业发展态势剖析及2025年趋势展望](https://mp.weixin.qq.com/s?__biz=MzIwNjYwMTMyNQ==&mid=2247492937&idx=1&sn=eac85a2e8d53918cee8a65c4ad935830&chksm=971d884ba06a015d1c88f5e338ffa29adba7552fcc1c63dd404cbab21a6a508226f88500bf16&scene=58&subscene=0#rd) +- 青衣十三楼飞花堂 + - [ ] [你们可以调戏飞花堂了](https://mp.weixin.qq.com/s?__biz=MzUzMjQyMDE3Ng==&mid=2247487930&idx=1&sn=061cb565fbd0b5f0a5d754835656e58f&chksm=fab2d285cdc55b93453c5c4517e23599a8527cb0315540799c22c5ada2b5e5ba6d03d7da885e&scene=58&subscene=0#rd) +- 安全内参 + - [ ] [这家IT供应商被黑,导致多地公共服务被迫中断多天](https://mp.weixin.qq.com/s?__biz=MzI4NDY2MDMwMw==&mid=2247513561&idx=1&sn=2796a6ba28137e2416855e83c1d45e5f&chksm=ebfaf2f9dc8d7bef4177fa9314612f542e0997c62ce65bd62a7a54182dfee525e14ce8e1aa10&scene=58&subscene=0#rd) + - [ ] [持续贯彻关基安全!美国运安局延长管道网络安全指令有效期](https://mp.weixin.qq.com/s?__biz=MzI4NDY2MDMwMw==&mid=2247513561&idx=2&sn=815ef59fe9fe66e6e8be342a53433267&chksm=ebfaf2f9dc8d7befc4b6c6c02e08010a0431501f361b43e8f5d4bfc2c386251fdb1bd8623e09&scene=58&subscene=0#rd) +- 丁爸 情报分析师的工具箱 + - [ ] [【技巧】开源情报(OSINT):套接字理论(Socket Theory)情报分析师如何更好隐藏自己](https://mp.weixin.qq.com/s?__biz=MzI2MTE0NTE3Mw==&mid=2651148647&idx=1&sn=4df1f367b82341e8c092ea12a7dec4c8&chksm=f1af265dc6d8af4b44f8d605298e979248080faba260608e5337d953231ea561f4d414f69a65&scene=58&subscene=0#rd) +- 威努特安全网络 + - [ ] [十强!威努特斩获2024年网络安全优秀评选三项大奖](https://mp.weixin.qq.com/s?__biz=MzAwNTgyODU3NQ==&mid=2651130654&idx=1&sn=72ece0485d56a8dbc791b20108f0943c&chksm=80e711aeb79098b8a34f63daf9b2d40b35e548f4fb03e44e4e22727512c1edaf44485a832523&scene=58&subscene=0#rd) +- 信安之路 + - [ ] [即使变卖个人资产,也要给大家把工资补上!](https://mp.weixin.qq.com/s?__biz=MzI5MDQ2NjExOQ==&mid=2247499756&idx=1&sn=18d3cb30c32fc3d1c30f8f3e453e08a4&chksm=ec1dcfc4db6a46d24a59b9f5b73d6883c46b004ca97f3e0a2819a832775f00a0690175e9ef33&scene=58&subscene=0#rd) +- 安全学术圈 + - [ ] [期刊征文 | 暗网抑制前沿进展](https://mp.weixin.qq.com/s?__biz=MzU5MTM5MTQ2MA==&mid=2247491610&idx=1&sn=8b6c9caf92435cbd9b76b77686619972&chksm=fe2d1f91c95a9687a5251b386c368783346127d6aa161b3035246676e5d21f1ba3e728035993&scene=58&subscene=0#rd) +- 奇安信 CERT + - [ ] [【已复现】Rsync 堆缓冲区溢出漏洞(CVE-2024-12084)安全风险通告](https://mp.weixin.qq.com/s?__biz=MzU5NDgxODU1MQ==&mid=2247502951&idx=1&sn=09d5b62b3cc3e71fec3a8595f18318a2&chksm=fe79e8ffc90e61e905225d9918798d40f77be91e0a5961c95f1ab8235b4d42623eb0ecca28ad&scene=58&subscene=0#rd) + - [ ] [Oracle 2025年1月补丁日多产品高危漏洞安全风险通告](https://mp.weixin.qq.com/s?__biz=MzU5NDgxODU1MQ==&mid=2247502951&idx=2&sn=21655dd26fe10def4a6c6546fdf240d4&chksm=fe79e8ffc90e61e9fd1b2697f079954e6002507bd3d9fe45bf9331fc3c21481d0b14887ce263&scene=58&subscene=0#rd) +- 腾讯安全威胁情报中心 + - [ ] [游戏辅助的隐藏威胁|传播于游戏论坛的“Catlavan”后门分析报告](https://mp.weixin.qq.com/s?__biz=MzI5ODk3OTM1Ng==&mid=2247510023&idx=1&sn=190730a6182da1469a76c29ec479ae13&chksm=ec9f7174dbe8f86290b0ced6fb6032de62bf76e90dabb9f7bbcb0f264b0d177e146f5c205169&scene=58&subscene=0#rd) +- 安全圈 + - [ ] [【安全圈】特朗普上任首日,被囚 11 年的丝绸之路创始人获释](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067553&idx=1&sn=bad8f735186597a7ef0a02f03be5d6e4&chksm=f36e7aa1c419f3b781ca98c7976cd5a7773de11683684d499d776e2d152beb4b6d086497c9b5&scene=58&subscene=0#rd) + - [ ] [【安全圈】420万主机暴露,含VPN和路由器](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067553&idx=2&sn=ce83805d756cb11a77b84cb9413465be&chksm=f36e7aa1c419f3b73ed660099b42c7414eb3133abb1020174807cc6d27124906b801371b772d&scene=58&subscene=0#rd) + - [ ] [【安全圈】2024年近2亿人受影响,美国医疗成重点攻击目标](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067553&idx=3&sn=126c3fc5cb7d6a7dc18e3e9a213e8170&chksm=f36e7aa1c419f3b73f5070ef02018ac480c01ce4abcf00f26ead2c9550281e5931adb0e75eec&scene=58&subscene=0#rd) + - [ ] [【安全圈】7-Zip 漏洞可让远程攻击者绕过保护并执行任意代码](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067553&idx=4&sn=2c06e2c2a5011eb86894033a1e6c41fc&chksm=f36e7aa1c419f3b7663e1033a2b71bafbadf19c12ebb839d8cc5c2a954da81be8f83c2a04925&scene=58&subscene=0#rd) +- 信息安全国家工程研究中心 + - [ ] [小年纳福,满载祝愿](https://mp.weixin.qq.com/s?__biz=MzU5OTQ0NzY3Ng==&mid=2247498734&idx=1&sn=2d5de0a8283c56deb2559e0af561e376&chksm=feb67afdc9c1f3eb9c541f85173a09a82542709c15edcc23d9d2c392cfb951aaa72acb7894a7&scene=58&subscene=0#rd) +- 腾讯科恩实验室 + - [ ] [游戏辅助的隐藏威胁|传播于游戏论坛的“Catlavan”后门分析报告](https://mp.weixin.qq.com/s?__biz=MzU1MjgwNzc4Ng==&mid=2247512659&idx=1&sn=ca99588eed415d2fdbdd87c4e666b662&chksm=fbfe8e56cc89074039ffcc9bb0544c3f4285b0fb28a480034307d88019f5b1fa8e610a5e494e&scene=58&subscene=0#rd) +- dotNet安全矩阵 + - [ ] [.NET 通过代码审计发现 ERP 系统中两个任意文件上传漏洞](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498371&idx=1&sn=d7e51b293b5afd36bf501f82d547e678&chksm=fa59546ecd2edd789772877b71ddaf889a171c0baebaed5bc5d84e1dc59ec80a6efff9da250e&scene=58&subscene=0#rd) + - [ ] [.NET 安全攻防知识交流社区](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498371&idx=2&sn=cbf2bdba768768419faf4c4791dd2c1b&chksm=fa59546ecd2edd78ca9bfcbd53bc87340dd852aad612de53fa03fd221f56cf441ed2ed07d75c&scene=58&subscene=0#rd) + - [ ] [通过 Sharp4SuoPoc 从原理上复现 Visual Studio 投毒事件](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498371&idx=3&sn=81f6211052fdbd84bfa5f5b833c14bea&chksm=fa59546ecd2edd78667ab8745d36715a39fb789abb78742e20b611f6645859db72e35cbd719d&scene=58&subscene=0#rd) +- 代码卫士 + - [ ] [7-Zip 修复高危的 Windows MoTW 安全告警绕过漏洞](https://mp.weixin.qq.com/s?__biz=MzI2NTg4OTc5Nw==&mid=2247522153&idx=1&sn=b0d2973a6eb87e554fb62b7ddfa10dfb&chksm=ea94a603dde32f1580de59ef6a2b8fb600c6cbb237024a672b5a02660c7fc1f7184f617fce4c&scene=58&subscene=0#rd) + - [ ] [FTC要求通用停止收集和出售驾驶员数据](https://mp.weixin.qq.com/s?__biz=MzI2NTg4OTc5Nw==&mid=2247522153&idx=2&sn=2d3b81592eb7e14fd1f16c714fa4e016&chksm=ea94a603dde32f154142371d59146a916e8ef1fa49b42310d2eb5bfe8ad83bb64ef5d322ff3e&scene=58&subscene=0#rd) +- 中国信息安全 + - [ ] [专题·人工智能安全治理 | 人工智能安全治理的中国认知与方案](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235367&idx=1&sn=297855efd370925c872f5757635232be&chksm=8b58039ebc2f8a88688e473f6a44b4c239be99a0ba5386a09e21cf1d002e5dcdd7e2325f74a9&scene=58&subscene=0#rd) + - [ ] [专家解读 | 魏亮:统筹布局国家数据基础设施,夯实数据要素价值释放基础](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235367&idx=2&sn=25380b016bd022eb3f12db20a0ccfc4e&chksm=8b58039ebc2f8a8869cac9ab3b937000109e1bc8586b3a96741dec89798acb3e5f9040f94935&scene=58&subscene=0#rd) + - [ ] [专家观点 | 李峥:以合作开启AI“20万亿美元时代”](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235367&idx=3&sn=3d746ccbf7a383c1aedc7863ea48df60&chksm=8b58039ebc2f8a880d7e7215965672500409cf64649cd90b5c34904471aa388bcb73103ba0f7&scene=58&subscene=0#rd) + - [ ] [前沿 | 人工智能赋能网络空间作战](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235367&idx=4&sn=c17951f71c4e1d4580510b7ec0275644&chksm=8b58039ebc2f8a88b47c7a35f7dc8a087f071e32ef0532f12bf4124a44b87ca50bad5d909c41&scene=58&subscene=0#rd) + - [ ] [国际 | 域外国家网络信息治理制度](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235367&idx=5&sn=6ddc0df87190ccc4b866a5a488ce4fb3&chksm=8b58039ebc2f8a8896afda5e765776e17020efd79d33c784f1366c5562fad84ffa2dff0a63cd&scene=58&subscene=0#rd) + - [ ] [观点 | 面对深度伪造视频我们可以做什么](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235367&idx=6&sn=1ed425e7056807c6c44ddd42f4cb1512&chksm=8b58039ebc2f8a884bcb07c456537203d4b50492e19be7158c46536ddef4697201d18a32a6b9&scene=58&subscene=0#rd) + - [ ] [评论 | 打破AI谣言“黑箱”,需要社会共治](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235367&idx=7&sn=2cb7b1348c0399a07373f5b5204e5aff&chksm=8b58039ebc2f8a88d98241c6473a4a5e4f8e0c55edc0ed31581cd87507a5b76f11dd3cadae3c&scene=58&subscene=0#rd) +- 数世咨询 + - [ ] [2024年美国医疗数据泄露:585起事件波及1.8亿用户](https://mp.weixin.qq.com/s?__biz=MzkxNzA3MTgyNg==&mid=2247534927&idx=1&sn=27a17db142bc885941f8e7cdff24512c&chksm=c1443bf2f633b2e463df61b01cdb06d125f74e36e30588da3656a4be570526cab7b66dfe24ae&scene=58&subscene=0#rd) + - [ ] [公安部公布8起打击网络黑客犯罪典型案例](https://mp.weixin.qq.com/s?__biz=MzkxNzA3MTgyNg==&mid=2247534927&idx=2&sn=2b32138cf1f6349d72f172a77aa0dd8e&chksm=c1443bf2f633b2e41762afc5662ff5168a1a405414ad7663b499af40bda5558d801e98db35a9&scene=58&subscene=0#rd) +- 看雪学苑 + - [ ] [XCTF-SUCTF 2025-部分Pwn题解](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458589076&idx=1&sn=a4d861f2130373f4a922c1529d1fba78&chksm=b18c271e86fbae08ca00e3c9447214607f5d2bfc89d8578c33474f3e72602833a386405c44e4&scene=58&subscene=0#rd) + - [ ] [7-Zip高危漏洞曝光!攻击者可绕过安全机制远程执行代码,速升级](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458589076&idx=2&sn=d0f764edebe291ce5b96f036fabe1a56&chksm=b18c271e86fbae08b860c61d822fe9c14f3216204f7890876285cf7d58d7086a9d18b2c2002e&scene=58&subscene=0#rd) + - [ ] [更新5节!系统0day 安全-企业级网络设备固件漏洞挖掘(第7期)](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458589076&idx=3&sn=07bb4636837dcc2fbabded998321ad6e&chksm=b18c271e86fbae086f08a8628ae493c5626bf7b7941dbf05b7856553b1bd2011fe2f5765c6b1&scene=58&subscene=0#rd) +- 国家互联网应急中心CNCERT + - [ ] [网络安全信息与动态周报2025年第3期(1月13日-1月19日)](https://mp.weixin.qq.com/s?__biz=MzIwNDk0MDgxMw==&mid=2247499624&idx=1&sn=8064268553ca5916417015861fb3acd9&chksm=973acc0aa04d451cff471b69b6ae264370dfad346c96825845c4c4e2b621762d5af60277379b&scene=58&subscene=0#rd) +- 补天平台 + - [ ] [辞暮尔尔,烟火年年 | 补天平台春节放假通知](https://mp.weixin.qq.com/s?__biz=MzI2NzY5MDI3NQ==&mid=2247507336&idx=1&sn=8d6c060a3c6485878ea8c3f08e2d93b5&chksm=eaf995c4dd8e1cd240f87a81e954cd8badfa1ee7bc6b8880f5c8f0755698a4140faa0ccf103e&scene=58&subscene=0#rd) +- 情报分析师 + - [ ] [加沙真相被掩盖?BBC报道背后的“信息筛选”](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650559158&idx=1&sn=6312581755ed3402c281e8b588aed0a5&chksm=87117cfdb066f5eb6185844e09e4da7ee5a256338379f42723a5bb295394a5eabd6bd525c664&scene=58&subscene=0#rd) + - [ ] [揭露俄罗斯GRU的秘密行动,被指资助阿塔数千万美元](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650559158&idx=2&sn=04237d391e688d8663478dec1917a891&chksm=87117cfdb066f5eb62c527d68166b9e7581ef040a0bb3f72b651e477165fb4e85671f8d4eb56&scene=58&subscene=0#rd) + - [ ] [TikTok禁令:从事件始末到未来走向的深度剖析](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650559158&idx=3&sn=330b69e1e87d2e662ee62ac84a2df529&chksm=87117cfdb066f5ebcc303b472a145a703011592673d932403cee104f36e1641206f07c3eba87&scene=58&subscene=0#rd) +- 默安科技 + - [ ] [默安科技2025年春节值守安排](https://mp.weixin.qq.com/s?__biz=MzIzODQxMjM2NQ==&mid=2247500248&idx=1&sn=f1957f05b1fb0ede1aed87f4c0603dad&chksm=e93b36fade4cbfec2e3df9f97123506b4d13e096ac812e8ba98db9b2fcbc04073fb7839a847c&scene=58&subscene=0#rd) +- 威胁棱镜 + - [ ] [2024 年 Any.Run 恶意软件趋势报告](https://mp.weixin.qq.com/s?__biz=MzkyMzE5ODExNQ==&mid=2247487612&idx=1&sn=09a327bfbe389a1f868570bafd81d159&chksm=c1e9e7b0f69e6ea6aee11492fcd298ab2ea9cbba8c8dde6f81fa56d6591a6932ed53c6fadcab&scene=58&subscene=0#rd) +- 极客公园 + - [ ] [新总统山寨币疯狂收割 500 亿美元,只是比特币国家战略一部分?](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653072613&idx=1&sn=cb3a3b24855c3b969f4d586c72218f00&chksm=7e57d15349205845d2da4c3b22b0b9fadb97006921d79a96e31455c143851c835443f9164077&scene=58&subscene=0#rd) + - [ ] [OpenAI+软银5000亿美元投资AI基建;新 ModelY、小米 YU7实车曝光;小红书启用「rednote」|极客早知道](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653072586&idx=1&sn=01f46944418d1ed105a097f841268626&chksm=7e57d17c4920586a12299e2a2473709a61c4b7d1d33e4885d4963adcc8b3f020d715bdcf93c8&scene=58&subscene=0#rd) +- Over Security - Cybersecurity news aggregator + - [ ] [Ransomware in Healthcare: A Comprehensive Subsector Analysis](https://catchingphish.com/posts/f/ransomware-in-healthcare-a-comprehensive-subsector-analysis) + - [ ] [Critical zero-days impact premium WordPress real estate plugins](https://www.bleepingcomputer.com/news/security/critical-zero-days-impact-premium-wordpress-real-estate-plugins/) + - [ ] [Cloudflare CDN flaw leaks user location data, even through secure chat apps](https://www.bleepingcomputer.com/news/security/cloudflare-cdn-flaw-leaks-user-location-data-even-through-secure-chat-apps/) + - [ ] [BreachForums admin to be resentenced after appeals court slams supervised release](https://therecord.media/breachforums-resentenced-supervised-release-admin) + - [ ] [Telegram captcha tricks you into running malicious PowerShell scripts](https://www.bleepingcomputer.com/news/security/telegram-captcha-tricks-you-into-running-malicious-powershell-scripts/) + - [ ] [Flashpoint Weekly Vulnerability Insights and Prioritization Report](https://flashpoint.io/blog/flashpoint-weekly-vulnerability-insights-prioritization/) + - [ ] [China-linked hacker group targets victims in East Asia with malicious VPN installers](https://therecord.media/china-hacker-group-vpns-backdoor) + - [ ] [Trump pardons Silk Road founder Ross Ulbricht](https://therecord.media/ross-ulbricht-silk-road-pardoned-trump) + - [ ] [Trump admin tells all Democrats on intelligence oversight board to resign](https://therecord.media/trump-admin-tells-democrats-on-intel-oversight-board-to-resign) + - [ ] [Cisco warns of denial of service flaw with PoC exploit code](https://www.bleepingcomputer.com/news/security/cisco-warns-of-denial-of-service-flaw-with-poc-exploit-code/) + - [ ] [Iran and Russia deepen cyber ties with new agreement](https://therecord.media/russia-iran-cyber-ties-agreement) + - [ ] [PowerSchool hacker claims they stole data of 62 million students](https://www.bleepingcomputer.com/news/security/powerschool-hacker-claims-they-stole-data-of-62-million-students/) + - [ ] [Come tracciare la sicurezza della software supply chain](https://guerredirete.substack.com/p/come-tracciare-la-sicurezza-della) + - [ ] [Trump administration fires members of cybersecurity review board in “horribly shortsighted” decision](https://techcrunch.com/2025/01/22/trump-administration-fires-members-of-cybersecurity-review-board-in-horribly-shortsighted-decision/) + - [ ] [Oh my .. ! - Suspicious network traffic detected including Ransomware](https://dfir.ch/posts/suspicious_network_traffic_ransomware/) + - [ ] [Conduent confirms cybersecurity incident behind recent outage](https://www.bleepingcomputer.com/news/security/conduent-confirms-cybersecurity-incident-behind-recent-outage/) + - [ ] [Windows 11 24H2 now also offered to all eligible Windows 10 PCs](https://www.bleepingcomputer.com/news/microsoft/microsoft-expands-windows-11-24h2-rollout-to-eligible-windows-10-pcs/) + - [ ] [MasterCard DNS Error Went Unnoticed for Years](https://krebsonsecurity.com/2025/01/mastercard-dns-error-went-unnoticed-for-years/) + - [ ] [Use this AI chatbot prompt to create a password-exclusion list](https://www.bleepingcomputer.com/news/security/use-this-ai-chatbot-prompt-to-create-a-password-exclusion-list/) + - [ ] [IPany VPN breached in supply-chain attack to push custom malware](https://www.bleepingcomputer.com/news/security/ipany-vpn-breached-in-supply-chain-attack-to-push-custom-malware/) + - [ ] [Hackers exploit 16 zero-days on first day of Pwn2Own Automotive 2025](https://www.bleepingcomputer.com/news/security/hackers-exploit-16-zero-days-on-first-day-of-pwn2own-automotive-2025/) + - [ ] [Trump administration removes private sector leaders from all DHS panels, including CSRB](https://therecord.media/trump-dhs-removal-private-sector-members-advisory-boards) + - [ ] [Questions grow over whether Baltic Sea cable damage was sabotage or accidental](https://therecord.media/finland-eagle-s-tanker-questions-over-alleged-sabotage) + - [ ] [Targeted supply chain attack against Chrome browser extensions](https://blog.sekoia.io/targeted-supply-chain-attack-against-chrome-browser-extensions/) + - [ ] [How Threat Intelligence Lookup Helps Enterprises](https://any.run/cybersecurity-blog/how-threat-intelligence-lookup-helps-enterprises/) + - [ ] [Australian Cyber Security Centre Targets Bulletproof Hosting Providers to Disrupt Cybercrime Networks](https://cyble.com/blog/acsc-highlights-bulletproof-hosting-providers/) + - [ ] [La battaglia di Lyptsi e l’evoluzione della guerra robotizzata](https://www.guerredirete.it/la-battaglia-di-lyptsi-e-levoluzione-della-guerra-robotizzata/) + - [ ] [Preventing Phishing Attacks, Before They Catch You](https://www.kelacyber.com/blog/preventing-phishing-attacks-before-they-catch-you/) + - [ ] [Welhof - 107,292 breached accounts](https://haveibeenpwned.com/PwnedWebsites#Welhof) + - [ ] [Frame & Optic - 15,678 breached accounts](https://haveibeenpwned.com/PwnedWebsites#FrameAndOptic) + - [ ] [Denuvo Analysis | Connor-Jay's Blog](https://connorjaydunn.github.io/blog/posts/denuvo-analysis/) + - [ ] [Cyble Finds Thousands of Security Vendor Credentials on Dark Web](https://cyble.com/blog/thousands-of-security-vendor-credentials-found-on-dark-web/) +- Krypt3ia + - [ ] [Krypt3ia’s Survival Guide for Safe Communications in Today’s Internet and Social Media Landscape](https://krypt3ia.wordpress.com/2025/01/22/krypt3ias-survival-guide-for-safe-communications-in-todays-internet-and-social-media-landscape/) + - [ ] [Krypt3ia Daily Threat Intel Digest 1.22.25](https://krypt3ia.wordpress.com/2025/01/22/krypt3ia-daily-threat-intel-digest-1-22-25/) +- 迪哥讲事 + - [ ] [某攻防演练|从404页面到接管阿里云](https://mp.weixin.qq.com/s?__biz=MzIzMTIzNTM0MA==&mid=2247496928&idx=1&sn=871a0d0002a589ed9b98ae6ed97158f9&chksm=e8a5fe83dfd27795744d51346215bef2df4e6387a31ad6a46cc7cb07b0d3a71b274a5f895b82&scene=58&subscene=0#rd) +- Have I Been Pwned latest breaches + - [ ] [Frame & Optic - 15,678 breached accounts](https://haveibeenpwned.com/PwnedWebsites#FrameAndOptic) + - [ ] [Welhof - 107,292 breached accounts](https://haveibeenpwned.com/PwnedWebsites#Welhof) +- 360数字安全 + - [ ] [“以模制模”!360大模型安全解决方案获权威机构推荐](https://mp.weixin.qq.com/s?__biz=MzA4MTg0MDQ4Nw==&mid=2247579180&idx=1&sn=9c7924d356a6e97806314b7890ec70d4&chksm=9f8d2624a8faaf320e482da401f346c27512c8d91786d43e0dffb1009c7ebbe4c0274b1fcc5e&scene=58&subscene=0#rd) + - [ ] [六大行业典型案例!360霸榜2024中国网络安全产业势能榜](https://mp.weixin.qq.com/s?__biz=MzA4MTg0MDQ4Nw==&mid=2247579180&idx=2&sn=9620c63a3e0e81ef64b85953dda3a2d7&chksm=9f8d2624a8faaf322a4f0e24696a63b8d7a266a0ec61b3612dc8b22a492bc005b327a0400fd7&scene=58&subscene=0#rd) +- ICT Security Magazine + - [ ] [Eventi Cybersecurity 2025 – Il futuro della sicurezza digitale](https://www.ictsecuritymagazine.com/notizie/eventi-cybersecurity-2025-il-futuro-della-sicurezza-digitale/) + - [ ] [Anomaly Detection tramite Neural Networks: identificazione di pattern anomali e prevenzione dei cyber attacchi](https://www.ictsecuritymagazine.com/articoli/anomaly-detection-sec/) +- SANS Internet Storm Center, InfoCON: green + - [ ] [ISC Stormcast For Thursday, January 23rd, 2025 https://isc.sans.edu/podcastdetail/9292, (Wed, Jan 22nd)](https://isc.sans.edu/diary/rss/31618) + - [ ] [Catching CARP: Fishing for Firewall States in PFSync Traffic, (Wed, Jan 22nd)](https://isc.sans.edu/diary/rss/31616) + - [ ] [ISC Stormcast For Wednesday, January 22nd, 2025 https://isc.sans.edu/podcastdetail/9290, (Wed, Jan 22nd)](https://isc.sans.edu/diary/rss/31614) +- 嘶吼专业版 + - [ ] [2024中国网络安全产业势能榜优能企业「电力行业」典型案例展示](https://mp.weixin.qq.com/s?__biz=MzI0MDY1MDU4MQ==&mid=2247580933&idx=1&sn=200f586bf5e6ebc5b131de6824aa91ce&chksm=e9146d3fde63e429d8233882c021aca40e581dd642e4fb6699b9d5e926f90a92500d920177dd&scene=58&subscene=0#rd) + - [ ] [Otelier 遭遇网络攻击导致数百万酒店预订信息泄露](https://mp.weixin.qq.com/s?__biz=MzI0MDY1MDU4MQ==&mid=2247580933&idx=2&sn=0a59602d0f6ce921931618ecc83d85d6&chksm=e9146d3fde63e4290f78a380c4fe948178ab82a46e7ba25bb0f7b2a8e6881c6c448b52c28a91&scene=58&subscene=0#rd) +- Posts By SpecterOps Team Members - Medium + - [ ] [Entra Connect Attacker Tradecraft: Part 2](https://posts.specterops.io/entra-connect-attacker-tradecraft-part-2-672df0147abc?source=rss----f05f8696e3cc---4) +- 火绒安全 + - [ ] [QQ音乐遭遇“白加黑”利用,网站被劫持推广传奇私服](https://mp.weixin.qq.com/s?__biz=MzI3NjYzMDM1Mg==&mid=2247521743&idx=1&sn=7d0d609cffb045d031bdba1a74baee80&chksm=eb704bf0dc07c2e6f4ce1baf70c50eae31af800684d54c7bb88be8c67e11cdd0d9cef32321a1&scene=58&subscene=0#rd) + - [ ] [诚邀渠道合作伙伴共启新征程](https://mp.weixin.qq.com/s?__biz=MzI3NjYzMDM1Mg==&mid=2247521743&idx=2&sn=c4bb1454856772f63647451003483a12&chksm=eb704bf0dc07c2e6695c9ab8933305dc28c4873fdd7326e88f3d667e611aadc0c77505fa29e3&scene=58&subscene=0#rd) +- Instapaper: Unread + - [ ] [Experts found multiple flaws in Mercedes-Benz infotainment system](https://securityaffairs.com/173275/hacking/mercedes-benz-infotainment-system-flaws.html) + - [ ] [Windows BitLocker Vulnerability(CVE-2025-21210) Exploited in Randomization Attack](https://cybersecuritynews.com/windows-bitlocker-vulnerability-exploited/) + - [ ] [Report riepilogativo sulle tendenze delle campagne malevole analizzate dal CERT-AGID nel 2024](https://cert-agid.gov.it/news/report-riepilogativo-sulle-tendenze-delle-campagne-malevole-analizzate-dal-cert-agid-nel-2024/) + - [ ] [13,000 MikroTik Routers Hijacked by Botnet for Malspam and Cyberattacks](https://thehackernews.com/2025/01/13000-mikrotik-routers-hijacked-by.html) + - [ ] [Il 15enne che ha violato …](https://roccosicilia.com/2025/01/21/il-15enne-che-ha-violato/) + - [ ] [Mirai Botnet Launches Record 5.6 Tbps DDoS Attack with 13,000+ IoT Device](https://thehackernews.com/2025/01/mirai-botnet-launches-record-56-tbps.html) +- Graham Cluley + - [ ] [Half a million hotel guests at risk after hackers accessed sensitive data](https://www.bitdefender.com/en-us/blog/hotforsecurity/half-a-million-hotel-guests-at-risk-after-hackers-accessed-sensitive-data) +- The Grey Corner + - [ ] [Accessing the Kubernetes API using captured credentials and HTTP clients](/2025/01/22/accessing-the-kubernetes-api-using-captured.html) +- Trend Micro Research, News and Perspectives + - [ ] [Invisible Prompt Injection: A Threat to AI Security](https://www.trendmicro.com/en_us/research/25/a/invisible-prompt-injection-secure-ai.html) +- Security Affairs + - [ ] [Pwn2Own Automotive 2025 Day 1: organizers awarded $382,750 for 16 zero-days](https://securityaffairs.com/173344/hacking/pwn2own-automotive-2025-day-1.html) + - [ ] [Two ransomware groups abuse Microsoft’s Office 365 platform to gain access to target organizations](https://securityaffairs.com/173328/cyber-crime/ransomware-groups-abuse-microsofts-office-365-platform.html) + - [ ] [Cloudflare blocked a record-breaking 5.6 Tbps DDoS attack](https://securityaffairs.com/173318/cyber-crime/cloudflare-blocked-record-5-6-tbps-ddos-attack.html) + - [ ] [A 7-Zip bug allows to bypass the Mark of the Web (MotW) feature](https://securityaffairs.com/173310/hacking/7-zip-flaw-bypass-the-mark-of-the-web-motw.html) +- Palo Alto Networks Blog + - [ ] [A New Era of Protection — Multicloud Security](https://www.paloaltonetworks.com/blog/2025/01/multicloud-security/) +- The Register - Security + - [ ] [Trump 'waved a white flag to Chinese hackers' as Homeland Security axed cyber advisory boards](https://go.theregister.com/feed/www.theregister.com/2025/01/22/dhs_axes_cyber_advisory_boards/) + - [ ] [Supply chain attack hits Chrome extensions, could expose millions](https://go.theregister.com/feed/www.theregister.com/2025/01/22/supply_chain_attack_chrome_extension/) + - [ ] [Give users confidence in your digital infrastructure](https://go.theregister.com/feed/www.theregister.com/2025/01/22/give_users_confidence_in_your/) + - [ ] [Microsoft issues out-of-band fix for Windows Server 2022 NUMA glitch](https://go.theregister.com/feed/www.theregister.com/2025/01/22/windows_server_numa_glitch/) + - [ ] [Silk Road's Dread Pirate Roberts walks free as Trump pardons dark web kingpin](https://go.theregister.com/feed/www.theregister.com/2025/01/22/silk_road_founder_freed/) + - [ ] [Infosec was literally the last item in Trump's policy plan, yet major changes are likely on his watch](https://go.theregister.com/feed/www.theregister.com/2025/01/22/trump_cyber_policy/) + - [ ] [Ransomware scum make it personal for Reg readers by impersonating tech support](https://go.theregister.com/feed/www.theregister.com/2025/01/22/ransomware_crews_abuse_microsoft_teams/) + - [ ] [PowerSchool theft latest: Decades of Canadian student records, data from 40-plus US states feared stolen](https://go.theregister.com/feed/www.theregister.com/2025/01/22/powerschool_canada_lawsuits/) +- Krebs on Security + - [ ] [MasterCard DNS Error Went Unnoticed for Years](https://krebsonsecurity.com/2025/01/mastercard-dns-error-went-unnoticed-for-years/) +- Deep Web + - [ ] [Trump pardons Ross Ulbricht, fulfilling campaign promise](https://www.reddit.com/r/deepweb/comments/1i6y6ca/trump_pardons_ross_ulbricht_fulfilling_campaign/) + - [ ] [I just know Ross feels like a million bucks. Just yesterday this man had a whole life sentence, shiiiiit Welcome home tho Ross !](https://www.reddit.com/r/deepweb/comments/1i7eaxs/i_just_know_ross_feels_like_a_million_bucks_just/) +- Your Open Hacker Community + - [ ] [I made a hack for AssaultCube with a menu](https://www.reddit.com/r/HowToHack/comments/1i7mzwg/i_made_a_hack_for_assaultcube_with_a_menu/) + - [ ] [using monitor and managed mode at the same time? (debian trixie, mt7921)](https://www.reddit.com/r/HowToHack/comments/1i7pe1p/using_monitor_and_managed_mode_at_the_same_time/) + - [ ] [Where do you find enjoyment/interest from hacking/cyber sec](https://www.reddit.com/r/HowToHack/comments/1i7fb4c/where_do_you_find_enjoymentinterest_from/) + - [ ] [need help making bad usb](https://www.reddit.com/r/HowToHack/comments/1i7klmu/need_help_making_bad_usb/) + - [ ] [How to solve hcaptcha with solved Token?](https://www.reddit.com/r/HowToHack/comments/1i7h1d0/how_to_solve_hcaptcha_with_solved_token/) + - [ ] [Directional help](https://www.reddit.com/r/HowToHack/comments/1i7esex/directional_help/) + - [ ] [what is the difference between opening a new terminal and using tmux to start a new session?](https://www.reddit.com/r/HowToHack/comments/1i776tk/what_is_the_difference_between_opening_a_new/) + - [ ] [fake email date](https://www.reddit.com/r/HowToHack/comments/1i79d59/fake_email_date/) + - [ ] [Retrieving my website](https://www.reddit.com/r/HowToHack/comments/1i7edfe/retrieving_my_website/) + - [ ] [HELP???](https://www.reddit.com/r/HowToHack/comments/1i7fced/help/) + - [ ] [Notebook capable of brute-forcing 8-10 digit passwords (hashing algorithm doesn’t matter)](https://www.reddit.com/r/HowToHack/comments/1i798i0/notebook_capable_of_bruteforcing_810_digit/) + - [ ] [i need strategies on how to hack something specific. please message me if you want to or can help](https://www.reddit.com/r/HowToHack/comments/1i76fcl/i_need_strategies_on_how_to_hack_something/) + - [ ] [Impossible Bully](https://www.reddit.com/r/HowToHack/comments/1i75rsq/impossible_bully/) +- Hacking Exposed Computer Forensics Blog + - [ ] [Daily Blog #725: Project adaz testing part 3](https://www.hecfblog.com/2025/01/daily-blog-725-project-adaz-testing.html) +- The Hacker News + - [ ] [Trump Terminates DHS Advisory Committee Memberships, Disrupting Cybersecurity Review](https://thehackernews.com/2025/01/trump-terminates-dhs-advisory-committee.html) + - [ ] [Hackers Exploit Zero-Day in cnPilot Routers to Deploy AIRASHI DDoS Botnet](https://thehackernews.com/2025/01/hackers-exploit-zero-day-in-cnpilot.html) + - [ ] [Discover Hidden Browsing Threats: Free Risk Assessment for GenAI, Identity, Web, and SaaS Risks](https://thehackernews.com/2025/01/discover-hidden-browsing-threats-free.html) + - [ ] [President Trump Pardons Silk Road Creator Ross Ulbricht After 11 Years in Prison](https://thehackernews.com/2025/01/president-trump-pardons-silk-road.html) + - [ ] [PlushDaemon APT Targets South Korean VPN Provider in Supply Chain Attack](https://thehackernews.com/2025/01/plushdaemon-apt-targets-south-korean.html) + - [ ] [Oracle Releases January 2025 Patch to Address 318 Flaws Across Major Products](https://thehackernews.com/2025/01/oracle-releases-january-2025-patch-to.html) + - [ ] [Mirai Botnet Launches Record 5.6 Tbps DDoS Attack with 13,000+ IoT Devices](https://thehackernews.com/2025/01/mirai-botnet-launches-record-56-tbps.html) +- Technical Information Security Content & Discussion + - [ ] [Attacks on Maven proxy repositories](https://www.reddit.com/r/netsec/comments/1i7hf2w/attacks_on_maven_proxy_repositories/) + - [ ] [Stealing HttpOnly cookies with the cookie sandwich technique](https://www.reddit.com/r/netsec/comments/1i7i6k7/stealing_httponly_cookies_with_the_cookie/) + - [ ] [Pivot into Azure DevOps using stolen sessions](https://www.reddit.com/r/netsec/comments/1i7chgt/pivot_into_azure_devops_using_stolen_sessions/) + - [ ] [Next.js, cache, and chains: the stale elixir](https://www.reddit.com/r/netsec/comments/1i779q3/nextjs_cache_and_chains_the_stale_elixir/) + - [ ] [Testing Prompt Injection Attacks with promptmap2](https://www.reddit.com/r/netsec/comments/1i7dcs2/testing_prompt_injection_attacks_with_promptmap2/) +- Schneier on Security + - [ ] [AI Will Write Complex Laws](https://www.schneier.com/blog/archives/2025/01/ai-will-write-complex-laws.html) +- Computer Forensics + - [ ] [RSMF samples](https://www.reddit.com/r/computerforensics/comments/1i7iq8q/rsmf_samples/) +- TorrentFreak + - [ ] [Tech Industry Urges EU to Halt Italy’s Overreaching Anti-Piracy Measures](https://torrentfreak.com/tech-industry-urges-eu-to-halt-italys-overreaching-anti-piracy-measures-250122/) + - [ ] [Telegram ‘Suspends RuTracker’s Channel’ For Copyright Infringement](https://torrentfreak.com/telegram-suspends-rutrackers-channel-for-copyright-infringement-250122/) +- Information Security + - [ ] [How to make your own choatic Map function?](https://www.reddit.com/r/Information_Security/comments/1i7lq5h/how_to_make_your_own_choatic_map_function/) +- Deeplinks + - [ ] [Texas Is Enforcing Its State Data Privacy Law. So Should Other States.](https://www.eff.org/deeplinks/2025/01/texas-enforcing-its-state-data-privacy-law-so-should-other-states) + - [ ] [The FTC’s Ban on GM and OnStar Selling Driver Data Is a Good First Step](https://www.eff.org/deeplinks/2025/01/ftcs-ban-gm-and-onstar-selling-driver-behavior-good-first-step) + - [ ] [VICTORY! Federal Court (Finally) Rules Backdoor Searches of 702 Data Unconstitutional](https://www.eff.org/deeplinks/2025/01/victory-federal-court-finally-rules-backdoor-searches-702-data-unconstitutional) + - [ ] [Protecting “Free Speech” Can’t Just Be About Targeting Political Opponents](https://www.eff.org/deeplinks/2025/01/protecting-free-speech-cant-just-be-about-targeting-political-opponents) +- 网安寻路人 + - [ ] [美商务部《保障ICT供应链:联网汽车》规则(全文翻译)](https://mp.weixin.qq.com/s?__biz=MzIxODM0NDU4MQ==&mid=2247506068&idx=1&sn=c5502bc907a76a432d06dd4e9098d0ad&chksm=97e9657ea09eec68b79604df8d37e514ee417e337a622644f90cec47ae5279e4ff5696c56c0d&scene=58&subscene=0#rd) +- Security Weekly Podcast Network (Audio) + - [ ] [The Future Of The CISO - Jeff Pollard, Jess Burn - BSW #379](http://sites.libsyn.com/18678/the-future-of-the-ciso-jeff-pollard-jess-burn-bsw-379) diff --git a/archive/tmp/2025-01-23.json b/archive/tmp/2025-01-23.json new file mode 100644 index 0000000000..e0a5335fa7 --- /dev/null +++ b/archive/tmp/2025-01-23.json @@ -0,0 +1,583 @@ +{ + "奇安信攻防社区": { + "2.35版本以下堆沙盒绕过模板总结带例题": "https://forum.butian.net/share/4063", + "巧用Chrome-CDP远程调用Debug突破JS逆向": "https://forum.butian.net/share/4062" + }, + "SecWiki News": { + "SecWiki News 2025-01-22 Review": "http://www.sec-wiki.com/?2025-01-22" + }, + "Private Feed for M09Ic": { + "killeven starred xpipe-io/xpipe": "https://github.com/xpipe-io/xpipe", + "gh0stkey starred deepseek-ai/DeepSeek-R1": "https://github.com/deepseek-ai/DeepSeek-R1", + "zer0yu starred yamadashy/repomix": "https://github.com/yamadashy/repomix", + "gh0stkey starred 0x727/ChkApi_0x727": "https://github.com/0x727/ChkApi_0x727", + "zer0yu starred RooVetGit/Roo-Code": "https://github.com/RooVetGit/Roo-Code", + "gh0stkey starred TrialMacApp/TrialMacApp": "https://github.com/TrialMacApp/TrialMacApp", + "gh0stkey starred tyilo/insert_dylib": "https://github.com/tyilo/insert_dylib", + "timwhitez starred RustScan/RustScan": "https://github.com/RustScan/RustScan", + "TideSec released v2.7.1 项目数据导出 at TideSec/TscanPlus": "https://github.com/TideSec/TscanPlus/releases/tag/v2.7.1", + "INotGreen starred passthehashbrowns/Being-A-Good-CLR-Host": "https://github.com/passthehashbrowns/Being-A-Good-CLR-Host", + "yqcs forked yqcs/bolt.diy from stackblitz-labs/bolt.diy": "https://github.com/yqcs/bolt.diy", + "Rvn0xsy starred 0x727/ChkApi_0x727": "https://github.com/0x727/ChkApi_0x727", + "CHYbeta starred nullenc0de/Cognitohunter": "https://github.com/nullenc0de/Cognitohunter", + "zema1 started following joaoviictorti": "https://github.com/joaoviictorti", + "zema1 starred joaoviictorti/coffeeldr": "https://github.com/joaoviictorti/coffeeldr", + "TideSec starred metowolf/qqwry.dat": "https://github.com/metowolf/qqwry.dat", + "gh0stkey starred wibus-wee/InjectGUI": "https://github.com/wibus-wee/InjectGUI", + "Y4er started following ph4ntonn": "https://github.com/ph4ntonn", + "DVKunion starred bin456789/reinstall": "https://github.com/bin456789/reinstall", + "CHYbeta starred odradev/awesome-zero-knowledge": "https://github.com/odradev/awesome-zero-knowledge", + "spf13 starred DS4SD/docling": "https://github.com/DS4SD/docling", + "spf13 starred Bin-Huang/chatbox": "https://github.com/Bin-Huang/chatbox", + "spf13 starred Wox-launcher/Wox": "https://github.com/Wox-launcher/Wox", + "spf13 starred danielmiessler/fabric": "https://github.com/danielmiessler/fabric" + }, + "嘶吼 RoarTalk – 网络安全行业综合服务平台,4hou.com": { + "Otelier 数据泄露导致数百万酒店预订信息泄露": "https://www.4hou.com/posts/kgjv", + "守正创新,持续突破!国投智能数字政务业务年终盘点": "https://www.4hou.com/posts/mk03", + "Check Point 公司发布《2025 年安全报告》显示,随着网络威胁生态系统日渐成熟,网络攻击次数骤增 44%": "https://www.4hou.com/posts/gyDj" + }, + "Recent Commits to cve:main": { + "Update Wed Jan 22 20:24:04 UTC 2025": "https://github.com/trickest/cve/commit/7d634b304016aab3bf32893e04ac98344c8a90d0", + "Update Wed Jan 22 12:24:00 UTC 2025": "https://github.com/trickest/cve/commit/5709cff610e63bf7d61893e46720b8f8ab18d7f3", + "Update Wed Jan 22 04:28:36 UTC 2025": "https://github.com/trickest/cve/commit/350528609cf8c384d52a5bb8542ffa105cc6b361" + }, + "Doonsec's feed": { + "我实验室2篇论文被WWW 2025接收!": "https://mp.weixin.qq.com/s?__biz=MzU4NzUxOTI0OQ==&mid=2247492834&idx=1&sn=36396f6cc39b8c9b87eead00faf8c111", + "快速上手渗透测试报告写作:从WP到甲方报告的一站式指南": "https://mp.weixin.qq.com/s?__biz=MzA3NDE0NTY0OQ==&mid=2247484103&idx=1&sn=285be13254e14304496c192d45c05002", + "美国财政部再对中国一家网络安全公司和一名个人实施制裁": "https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485452&idx=1&sn=4384fb7ca51f3e1139db829611f6fc43", + "【直卖实拍】北七家3居变4居豪装,理想楼层、户型、朝向": "https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485452&idx=2&sn=c6375b484d936854df5ada100b9ff24e", + "【干货】笑傲职场的独家经验(1)": "https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485452&idx=3&sn=2a8340ae9404ef7ccfe64398b85e2267", + "【干货原创】实网攻防演习常态化,会带来什么变化01": "https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485452&idx=4&sn=fcd594b0e515f7eadff4e4df46c29ba5", + "【干货原创】K12教育,鲜为人知的模式秘密": "https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485452&idx=5&sn=a2cf457c4941e1e16638dd4bddd10903", + "原创文章目录": "https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485452&idx=6&sn=a0bf66a3ff572c1df283577b241ea3cc", + "Windows进阶版安全事件应急响应分析": "https://mp.weixin.qq.com/s?__biz=MzI1Mjc3NTUwMQ==&mid=2247538503&idx=1&sn=823611c94f399812ab24f75ac97ade94", + "云安全(二):对象存储": "https://mp.weixin.qq.com/s?__biz=MzkyMjUzNTM1Mw==&mid=2247486992&idx=1&sn=f553fbcdf572da09cdf767e6c39b230f", + "国内没人讲,国外电动车测评不惯着新势力新能源汽车": "https://mp.weixin.qq.com/s?__biz=MzkwMjQyNjAxMA==&mid=2247484825&idx=1&sn=2fdaa5a56346aac19da121b702f3a1fd", + "【漏洞预警】pearProjectApi存在SQL注入漏洞": "https://mp.weixin.qq.com/s?__biz=MzI3NzMzNzE5Ng==&mid=2247489507&idx=1&sn=cdbcc7dac604210a7fa351e96c1bbaa9", + "【漏洞预警】YesWiki 存在经过身份验证的任意文件删除漏洞(CVE-2025-24019)": "https://mp.weixin.qq.com/s?__biz=MzI3NzMzNzE5Ng==&mid=2247489507&idx=2&sn=43309d019012fc2d5146638f21cf4cdb", + "link-tools工具箱": "https://mp.weixin.qq.com/s?__biz=MzU2MTc4NTEyNw==&mid=2247486391&idx=1&sn=0f8c045e6dfb3362f22fb8d1a7f32da2", + "抓包分析FTP协议及原理": "https://mp.weixin.qq.com/s?__biz=MzAxNTg1MDYxNA==&mid=2247489174&idx=1&sn=6e16fbcc3137f63cf7a73a438af5e7e4", + "浅谈《通信网络安全防护管理办法》": "https://mp.weixin.qq.com/s?__biz=MzI4NzA1Nzg5OA==&mid=2247485688&idx=1&sn=2dcf3598a5664123095e9ca1608b8800", + "【技巧】开源情报(OSINT):套接字理论(Socket Theory)情报分析师如何更好隐藏自己": "https://mp.weixin.qq.com/s?__biz=MzI2MTE0NTE3Mw==&mid=2651148647&idx=1&sn=4df1f367b82341e8c092ea12a7dec4c8", + "强烈推荐|超好用的网安大模型": "https://mp.weixin.qq.com/s?__biz=Mzg5NTY3NTMxMQ==&mid=2247484536&idx=1&sn=b056b6036c8dc99ff081f004dc23caff", + "使用 Evilginx 轻松绕过 MFA": "https://mp.weixin.qq.com/s?__biz=MzkwOTE5MDY5NA==&mid=2247504689&idx=1&sn=ebe28721272600d656ad2acd2611a716", + "OSINT|值得拥有的TOP5工具": "https://mp.weixin.qq.com/s?__biz=MzkxMDIwMTMxMw==&mid=2247494462&idx=1&sn=ed829c96e96e34bcd8db231435dcfe19", + "我要学习 | 本公众号第一次公开课:前端爆破加解密、JS调试分析加密爆破": "https://mp.weixin.qq.com/s?__biz=Mzk0NzQxNzY2OQ==&mid=2247488005&idx=1&sn=592dae68ea021e9ac446992060cf267c", + "信创已经到关键期--人人必须要知道的政策": "https://mp.weixin.qq.com/s?__biz=MzkwNDI0MjkzOA==&mid=2247485838&idx=1&sn=dd4be512901b9a931d6d7681f3b1e5b1", + "ctftools-all-in-oneV7.5": "https://mp.weixin.qq.com/s?__biz=MzI1NzUxOTUzMA==&mid=2247485778&idx=1&sn=3b0ff74d522d161b0a91bd13453019f1", + "搞网络安全怎么赚大钱!!!": "https://mp.weixin.qq.com/s?__biz=Mzk0MzY3MDE5Mg==&mid=2247483972&idx=1&sn=5f01535fafc100416448c9fb3a7162a6", + "红队开发:让自己的Shellcode实现SMC": "https://mp.weixin.qq.com/s?__biz=Mzg3OTUxNTU2NQ==&mid=2247490015&idx=1&sn=0cdb71c24b75dcb4bf801925daf80188", + "CTF:Phar反序列化漏洞学习笔记": "https://mp.weixin.qq.com/s?__biz=Mzg3OTUxNTU2NQ==&mid=2247490015&idx=2&sn=e906ce0834778a54573549a04e207af6", + "Ansible fetch模块详解:轻松从远程主机抓取文件": "https://mp.weixin.qq.com/s?__biz=Mzg3OTUxNTU2NQ==&mid=2247490015&idx=3&sn=2345a568a480fa2af4f3055b4a20e422", + "【工具推荐】URLFinder-x 信息收集工具": "https://mp.weixin.qq.com/s?__biz=Mzg3OTUxNTU2NQ==&mid=2247490015&idx=4&sn=e51a2edc4bd80f79155f95e73f56a74e", + "【安全圈】特朗普上任首日,被囚 11 年的丝绸之路创始人获释": "https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067553&idx=1&sn=bad8f735186597a7ef0a02f03be5d6e4", + "【安全圈】420万主机暴露,含VPN和路由器": "https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067553&idx=2&sn=ce83805d756cb11a77b84cb9413465be", + "【安全圈】2024年近2亿人受影响,美国医疗成重点攻击目标": "https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067553&idx=3&sn=126c3fc5cb7d6a7dc18e3e9a213e8170", + "【安全圈】7-Zip 漏洞可让远程攻击者绕过保护并执行任意代码": "https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067553&idx=4&sn=2c06e2c2a5011eb86894033a1e6c41fc", + "2025年最新渗透测试虚拟机工具箱汇总": "https://mp.weixin.qq.com/s?__biz=MzkyMzg4MTY4Ng==&mid=2247484594&idx=1&sn=585d3369395a3f45ab99f107d28a3463", + "特斯拉电动汽车越狱": "https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247619987&idx=1&sn=d6821c8b8105f5f77f3461cfbd94e684", + "基于 Linux 的汽车计算机的安全隔离与案例研究": "https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247619987&idx=2&sn=ee7b65f10a49000391f08bc76432de8a", + "远程车辆控制的关键 - 自动驾驶域控制器 百度": "https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247619987&idx=3&sn=1387d6e1758c003c565cdbf395dfc69f", + "某攻防演练|从404页面到接管阿里云": "https://mp.weixin.qq.com/s?__biz=MzIzMTIzNTM0MA==&mid=2247496928&idx=1&sn=871a0d0002a589ed9b98ae6ed97158f9", + "关于召开宁夏商用密码应用安全性评估业务培训工作会议的预通知": "https://mp.weixin.qq.com/s?__biz=MzI5NTM4OTQ5Mg==&mid=2247633960&idx=1&sn=50eb0fb22088f21b070e66f7d7e9584a", + "江苏省数据条例正式发布": "https://mp.weixin.qq.com/s?__biz=MzI5NTM4OTQ5Mg==&mid=2247633960&idx=2&sn=bb5de81413dedac432a0b709af22b410", + "《Web3.0数字身份密码安全体系研究(2024年)》正式发布": "https://mp.weixin.qq.com/s?__biz=MzI5NTM4OTQ5Mg==&mid=2247633960&idx=3&sn=643e1c6917e0dce418857355ad3c1c9b", + "专家解读 | 魏亮:统筹布局国家数据基础设施,夯实数据要素价值释放基础": "https://mp.weixin.qq.com/s?__biz=MzI5NTM4OTQ5Mg==&mid=2247633960&idx=4&sn=134507671490e2845e85db11c3be566d", + "美国IT供应商被黑,导致多地公共服务被迫中断多天": "https://mp.weixin.qq.com/s?__biz=MzI5NTM4OTQ5Mg==&mid=2247633960&idx=5&sn=6918146fda0592a974fd01cf1925c11c", + "乘风破浪,行稳致远 —— 新潮信息2024年度盛典圆满落幕": "https://mp.weixin.qq.com/s?__biz=MzkwNDcyODgwOQ==&mid=2247486769&idx=1&sn=ec8b1275fbd5a504490eef87766c3aa1", + "安全专家亲测演示:用这个方法,邻居家的WiFi密码一碰就开": "https://mp.weixin.qq.com/s?__biz=MzI5MjY4MTMyMQ==&mid=2247489766&idx=1&sn=605087abaf5c1f6db011dcd9e668e8b0", + "人间逢小年,祝大家万事皆如愿": "https://mp.weixin.qq.com/s?__biz=Mzg4NzQ4MzA4Ng==&mid=2247485185&idx=1&sn=7fd770df097013d9a338a34a41d0bc8c", + "缺乏的不是资源,而是真正的教育": "https://mp.weixin.qq.com/s?__biz=MzkwODY2MzMyMA==&mid=2247484531&idx=1&sn=6283dfe0b1f0cd0be19c277bdf2f8076", + "汇编语言基础教程": "https://mp.weixin.qq.com/s?__biz=MzA4ODEyODA3MQ==&mid=2247490098&idx=1&sn=ed0be305f2c8c9de0fff326bc45f1ce9", + "Remcos RAT远控木马分析": "https://mp.weixin.qq.com/s?__biz=MzA4ODEyODA3MQ==&mid=2247490098&idx=2&sn=4a0e7ccccb8b29ea9fb45b2e6470e088", + "CE了解": "https://mp.weixin.qq.com/s?__biz=MzkxMjYyMjA3Mg==&mid=2247485392&idx=1&sn=a3204187202136c21f954c939c9d6a3d", + "App对抗系列—Root检测对抗": "https://mp.weixin.qq.com/s?__biz=MzU3OTYxNDY1NA==&mid=2247484886&idx=1&sn=dd4e714506b98b4971ca44a8c838c966", + "【信科动态】蓄势待发 共创辉煌 — 信科共创2025年会圆满举办": "https://mp.weixin.qq.com/s?__biz=MzIyNTIyMTU1Nw==&mid=2247485220&idx=1&sn=9a2dbc483e538d6cfa865f6dd956dbfd", + "【权威发布】CNNIC最新《中国互联网络发展状况统计报告》发布": "https://mp.weixin.qq.com/s?__biz=MzIyNTIyMTU1Nw==&mid=2247485220&idx=2&sn=0a2a314bc37a8521c1d2716667929149", + "【数安天地】2025年我国数据领域明确重点任务": "https://mp.weixin.qq.com/s?__biz=MzIyNTIyMTU1Nw==&mid=2247485220&idx=3&sn=32cb839b2a727c01270ea47e1df58290", + "【AI安全】2024年度人工智能……": "https://mp.weixin.qq.com/s?__biz=MzIyNTIyMTU1Nw==&mid=2247485220&idx=4&sn=abfa6ea3dca53098a88613093bb4449e", + "【网安前沿】人数超TikTOK!……": "https://mp.weixin.qq.com/s?__biz=MzIyNTIyMTU1Nw==&mid=2247485220&idx=5&sn=5c373b4d772f9ce5160eed1cb8773743", + "混沌": "https://mp.weixin.qq.com/s?__biz=MzIwODc2NjgxNA==&mid=2247484977&idx=1&sn=bfdeaa70d34c3c8a5d24edb80197bdc6", + "带你解锁编码新世界!--随波逐流CTF编码工具使用教程39 --polybius棋盘密码": "https://mp.weixin.qq.com/s?__biz=MzU2NzIzNzU4Mg==&mid=2247489560&idx=1&sn=f13a82f3662c6aaff65700a0bb33ad1c", + "Coremail邮箱客户端安装与账户配置(macOS x86版)": "https://mp.weixin.qq.com/s?__biz=MzkxMjY3MTI4Mg==&mid=2247484607&idx=1&sn=f63e575f4158cdb39e613b1f7c85eb5a", + "关于公示2025年工业和信息化部移动互联网APP产品安全漏洞专业库支撑单位的通知": "https://mp.weixin.qq.com/s?__biz=MzkyMjM4MzY5Ng==&mid=2247486052&idx=1&sn=672267c39bd61c609b8a70aa6fe4dba4", + "支撑单位遴选 | 关于开展2025年工业和信息化部移动互联网APP产品安全漏洞专业库支撑单位遴选工作的通知": "https://mp.weixin.qq.com/s?__biz=MzkyMjM4MzY5Ng==&mid=2247486052&idx=2&sn=df504e3f60bd71a5f51f6ddfc79ceac2", + "AI快速上手:新手如何用ChatGPT写好医学影像学文献综述的全攻略!": "https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247493247&idx=1&sn=e8b8fb7965bdb36fbd8d60043f77110e", + "AI驱动教育学论文初稿快速生成:核心流程与实战指北!": "https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247493247&idx=2&sn=e818116fd4106e8a0f70c6dc696a890e", + "AI驱动下的法语论文文献综述战法:半天高效清空20个刊物的内参秘籍。": "https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247493247&idx=3&sn=bd8b3f8df3fabad7af824fd5f9a552ee", + "AI时代:教你玩转小学教育论文大纲的落实与完善攻略。": "https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247493247&idx=4&sn=aaae4c45ec27234ca0aed2ae90c7dc4c", + "AI时代:ChatGPT助你一天搞定法语论文大纲完善内部高阶指南!": "https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247493247&idx=5&sn=abd5d43185cc32d17ba024114fd783ad", + "安世加实战派沙龙第二期之办公终端安全在北京成功举办(2025.01.11/周六、北京)": "https://mp.weixin.qq.com/s?__biz=MzU2MTQwMzMxNA==&mid=2247541441&idx=1&sn=b4996a6803ef5cac9358f5c0abc692c7", + "【工具分享】HermeticRansom勒索病毒恢复工具": "https://mp.weixin.qq.com/s?__biz=MzkyOTQ0MjE1NQ==&mid=2247496544&idx=1&sn=b0532021322be29222853520f63e6c37", + "起床了吗,我要结婚了": "https://mp.weixin.qq.com/s?__biz=Mzg4NDg2NTM3NQ==&mid=2247484692&idx=1&sn=c1bd4168ea28a88992c34b9370b2afcc", + "下辈子别做网安了": "https://mp.weixin.qq.com/s?__biz=MzIxNTIzNTExMQ==&mid=2247490797&idx=1&sn=f884b6f04d1985bae7bb9a55eb1c2706", + "区块链学习笔记之初探以太坊": "https://mp.weixin.qq.com/s?__biz=MjM5MjEyMTcyMQ==&mid=2651037431&idx=1&sn=33663e3a850d9c8b658bad904c08ce0a", + "领导者不变,中国厂商全无|Gartner 访问管理 2024 MQ 发布": "https://mp.weixin.qq.com/s?__biz=MzkzNjE5NjQ4Mw==&mid=2247543326&idx=1&sn=8f60ed73ede9f28b5c71d30f94a81e9e", + "DeepSeek+OpenAI Swarm,做Agent的绝配": "https://mp.weixin.qq.com/s?__biz=Mzg5NTMxMjQ4OA==&mid=2247485586&idx=1&sn=fa8cd22e23818be8a4f85c034b2653e9", + "《灵根换途:重铸荣耀》": "https://mp.weixin.qq.com/s?__biz=MzI1NDU2MzAzNQ==&mid=2247487775&idx=1&sn=bdeb4114b72038469c576c5cd7ef0abf", + "数据经纪商Gravy Analytics遭黑客攻击 数百万用户位置信息泄露": "https://mp.weixin.qq.com/s?__biz=MzIwNzAwOTQxMg==&mid=2652251252&idx=1&sn=08c27d24f45df08156ccbb320a916ca7", + "关于调整半决赛入围队伍名单公示": "https://mp.weixin.qq.com/s?__biz=MzI1NzQ0NTMxMQ==&mid=2247490073&idx=1&sn=1196e582372868c1cdcdc85590fe6ec2", + "小年 | 小年辞旧岁,新春序幕开": "https://mp.weixin.qq.com/s?__biz=MzU3MDA0MTE2Mg==&mid=2247492489&idx=1&sn=f7ae189fc8a91f74ba5b7ca2cd070e3d", + "今日,小年": "https://mp.weixin.qq.com/s?__biz=MzkyNDUxNTQ2Mw==&mid=2247485811&idx=1&sn=b6f89d271a02e0fe0ecaa468674cd746", + "美商务部《保障ICT供应链:联网汽车》规则(全文翻译)": "https://mp.weixin.qq.com/s?__biz=MzIxODM0NDU4MQ==&mid=2247506068&idx=1&sn=c5502bc907a76a432d06dd4e9098d0ad", + "小年纳福 喜迎新春": "https://mp.weixin.qq.com/s?__biz=MzI2NDYzNjY0Mg==&mid=2247501129&idx=1&sn=78727fa4943031118593e6589cac1f03", + "Payloads for LFR/LFD": "https://mp.weixin.qq.com/s?__biz=Mzg2NTk4MTE1MQ==&mid=2247486492&idx=1&sn=2a26b6645da3eac6fb5fd1bb53bb5ba9", + "秋风AI代码审计工具1.0 上线!": "https://mp.weixin.qq.com/s?__biz=MzkzMzczODA0OQ==&mid=2247484087&idx=1&sn=946eec98d2649ebae893bd340fc6f023", + "CERT-UA 警告网络诈骗者冒充该机构利用虚假AnyDesk请求控制目标": "https://mp.weixin.qq.com/s?__biz=MzI2NzAwOTg4NQ==&mid=2649793938&idx=2&sn=8ef11a28a3fa79bc3bd6ed37a79f3e6a", + "《信息安全学报》“智能语音攻防技术”专栏征稿函": "https://mp.weixin.qq.com/s?__biz=MzI5ODA1NjE5NQ==&mid=2652014647&idx=1&sn=082ad04011ce661af109ade0f59b2d6f", + "税前年薪50-200万,高层次网络安全人才招聘": "https://mp.weixin.qq.com/s?__biz=MzU4OTg4Nzc4MQ==&mid=2247505628&idx=1&sn=b6131a18925f1d2c27b52a044ac7c20a", + "江西银行2025年社会招聘网络安全岗": "https://mp.weixin.qq.com/s?__biz=MzU4OTg4Nzc4MQ==&mid=2247505628&idx=2&sn=48d0b333d0c895679e394c93cb955922", + "年薪50-80万!湖南省密码工程技术研究中心招聘信息安全专业": "https://mp.weixin.qq.com/s?__biz=MzU4OTg4Nzc4MQ==&mid=2247505628&idx=3&sn=bc981945ca96eb0dd824e4fb8aef48d9", + "3000+网安笔记": "https://mp.weixin.qq.com/s?__biz=MzU4OTg4Nzc4MQ==&mid=2247505628&idx=4&sn=6bafb661c0c79d06eaea7321bccf9b1d", + "期刊征文 | 暗网抑制前沿进展": "https://mp.weixin.qq.com/s?__biz=MzU5MTM5MTQ2MA==&mid=2247491610&idx=1&sn=8b6c9caf92435cbd9b76b77686619972", + "红包封面第二弹!": "https://mp.weixin.qq.com/s?__biz=MzUzMDQ1MTY0MQ==&mid=2247506597&idx=1&sn=e0fb7f14d115e5e6a81cf58be6938690", + "工信部等十四部门联合印发《关于加强极端场景应急通信能力建设的意见》": "https://mp.weixin.qq.com/s?__biz=Mzg2MDg0ODg1NQ==&mid=2247539969&idx=1&sn=d0b20062f59c4c2627623f4a0110a99a", + "【解读】五问+一图,读懂《关于加强极端场景应急通信能力建设的意见》": "https://mp.weixin.qq.com/s?__biz=Mzg2MDg0ODg1NQ==&mid=2247539969&idx=2&sn=fc62411ebb093dc6e8ba7a1a293e7968", + "祥和小年至,新岁启新程!": "https://mp.weixin.qq.com/s?__biz=MzU4NjY4MDAyNQ==&mid=2247497015&idx=1&sn=d54c943e8370d2b504197ce7125a9bd3", + ".NET 安全攻防知识交流社区": "https://mp.weixin.qq.com/s?__biz=MzkyMDM4NDM5Ng==&mid=2247490330&idx=2&sn=a8b44c92013aa2897bc50f5869a74a94", + "梅赛德斯—奔驰信息娱乐系统漏洞详细信息披露": "https://mp.weixin.qq.com/s?__biz=MzIzNDIxODkyMg==&mid=2650085835&idx=1&sn=55b9b7d447e31ed5e6a7016fc118aba7", + "北方小年|糖瓜祭灶 新年来到": "https://mp.weixin.qq.com/s?__biz=MzIzNDIxODkyMg==&mid=2650085835&idx=2&sn=62fa38baa6534b965a3ee784c8c23c5b", + "定制红包封面、蛇年手机壁纸,天融信愿您新的一年福气满屏!": "https://mp.weixin.qq.com/s?__biz=MzA3OTMxNTcxNA==&mid=2650963107&idx=1&sn=9bbaad123506d1da711ab3643c51c8d5", + "小年快乐 | 文末领取励行安全专属红包封面": "https://mp.weixin.qq.com/s?__biz=MzkxNTY4NTQwMg==&mid=2247484280&idx=1&sn=2263d238e09a658039a7a2399a3257d9", + "Lazarus组织发起“Operation 99”行动,通过虚假LinkedIn资料瞄准Web3开发者": "https://mp.weixin.qq.com/s?__biz=MzA4NTY4MjAyMQ==&mid=2447900117&idx=1&sn=147a51e42956ef762d607ad4db560f1b", + "红包封面免费领": "https://mp.weixin.qq.com/s?__biz=MzA4NTY4MjAyMQ==&mid=2447900116&idx=1&sn=6a902bce7b923dcbb6d636c0bd33e2c7", + "福利!免费商用,1500+组件低代码工业数据连接及可视化平台": "https://mp.weixin.qq.com/s?__biz=MjM5OTA4MzA0MA==&mid=2454936685&idx=1&sn=c2daf9fcc60bce9090096a88fc9bc122", + "转储LSASS内存的强大神器": "https://mp.weixin.qq.com/s?__biz=MzkyNzIxMjM3Mg==&mid=2247489037&idx=1&sn=690f85a085d60322cbdef81ea014958a", + "小事": "https://mp.weixin.qq.com/s?__biz=MzkyNzIxMjM3Mg==&mid=2247489037&idx=2&sn=6baba774e15189c2118e75a96615ba4a", + "Wireshark Troubleshooting 系列合集目录": "https://mp.weixin.qq.com/s?__biz=MzA5NTUxODA0OA==&mid=2247493128&idx=1&sn=027c2d79a975850f77ba85e1c7325e23", + "网安之道": "https://mp.weixin.qq.com/s?__biz=MzAwMjQ2NTQ4Mg==&mid=2247496713&idx=1&sn=f99ce8d0ff597b9725371ec789d1627d", + "国自然中标真不难!十年评审专家1v1精修你的本子,中标率提升58%": "https://mp.weixin.qq.com/s?__biz=MzAwMjQ2NTQ4Mg==&mid=2247496713&idx=2&sn=5123c0c462454c69a097d5c90b01ac29", + "云计算与零信任架构的结合:实现更高安全性": "https://mp.weixin.qq.com/s?__biz=MzkxNjU2NjY5MQ==&mid=2247509854&idx=1&sn=c873f0835b8ef33b4e64f63598b41c66", + "Go shellcode加载器 免杀火绒 360核晶等主流杀软": "https://mp.weixin.qq.com/s?__biz=MzU5MjgwMDg1Mg==&mid=2247484753&idx=1&sn=b8aa28771e6ca5e4ac83058d2a8f18cb", + "小年至,归期近;有安全,更团圆。": "https://mp.weixin.qq.com/s?__biz=MjM5NzA3Nzg2MA==&mid=2649870812&idx=1&sn=422066cfd72bd12d7ff94673d46c0035", + "互联网大厂黑话指南(速成版)": "https://mp.weixin.qq.com/s?__biz=MzI1NzI5NDM4Mw==&mid=2247498587&idx=1&sn=f7b972440193d95d234bd9e501fad124", + "十强!威努特斩获2024年网络安全优秀评选三项大奖": "https://mp.weixin.qq.com/s?__biz=MzAwNTgyODU3NQ==&mid=2651130654&idx=1&sn=72ece0485d56a8dbc791b20108f0943c", + "MySQL数据误删的恢复分享": "https://mp.weixin.qq.com/s?__biz=Mzg3NTU3NTY0Nw==&mid=2247489522&idx=1&sn=b85a0e1b057a832db9ec56399cc6439f", + "先向下扎根,再向上生长": "https://mp.weixin.qq.com/s?__biz=MzU4NjY3OTAzMg==&mid=2247514862&idx=1&sn=6c93e8560b7d557a43c0f9b7263d6dd0", + "全球瞭望|网络安全重大事件精选": "https://mp.weixin.qq.com/s?__biz=MzU4NjY3OTAzMg==&mid=2247514862&idx=2&sn=bcdf5e64844202a08a115bfeadb0c886", + "JWT原理及利用": "https://mp.weixin.qq.com/s?__biz=Mzg5MDgzOTk2Mg==&mid=2247484651&idx=1&sn=9cd5604806e7af154fa2c88241523b12", + "一些木马反制技巧": "https://mp.weixin.qq.com/s?__biz=MzkwMzMwODg2Mw==&mid=2247510449&idx=1&sn=954231b814fb3c633b2bac2dc12665b3", + "漏洞预警 | 叁拾叁OA SQL注入漏洞": "https://mp.weixin.qq.com/s?__biz=MzkwMTQ0NDA1NQ==&mid=2247492118&idx=2&sn=0cc8d46b2006a58fe76e0aceeec3f5e3", + "工具 | proxypin": "https://mp.weixin.qq.com/s?__biz=MzkwMTQ0NDA1NQ==&mid=2247492118&idx=4&sn=6d72cbe7b6abd76539ff4b90c246e621", + "载誉前行|天地和兴荣膺CCIA年度先进会员单位": "https://mp.weixin.qq.com/s?__biz=MjM5Mzk0MDE2Ng==&mid=2649608840&idx=1&sn=822e24931c6b118b52381dd6a0725082", + "2024年度网络安全漏洞威胁态势研究报告": "https://mp.weixin.qq.com/s?__biz=MjM5OTk4MDE2MA==&mid=2655264326&idx=2&sn=edd9feb6f1f3d5fb7467e5a4a1bc8ea3", + "网络弹性评价流程": "https://mp.weixin.qq.com/s?__biz=MjM5OTk4MDE2MA==&mid=2655264326&idx=3&sn=0064271e80a9c395235db44394646be4", + "网络与数据安全治理前沿洞察(2025年第1期)": "https://mp.weixin.qq.com/s?__biz=MjM5OTk4MDE2MA==&mid=2655264326&idx=4&sn=972c2472a69641e01ab75dec91607976", + "2025年低空经济未来发展趋势分析": "https://mp.weixin.qq.com/s?__biz=MjM5OTk4MDE2MA==&mid=2655264326&idx=5&sn=c695125ae9234c1bbee0ab30a82644fe", + "GB∕T 44778-2024 汽车诊断接口信息安全技术要求及试验方法": "https://mp.weixin.qq.com/s?__biz=MjM5OTk4MDE2MA==&mid=2655264326&idx=8&sn=828ad37f9e1fecb482a24e86e66fea7b", + "HSQLDB 安全测试指南": "https://mp.weixin.qq.com/s?__biz=MzkxNjMwNDUxNg==&mid=2247487207&idx=2&sn=627d12dc6ee86ec6a128d2c4d24e2024", + "RPA在电力行业中的应用": "https://mp.weixin.qq.com/s?__biz=MjM5NTk5Mjc4Mg==&mid=2655222700&idx=1&sn=135b0046a01810bcbeed431638cb4038", + "Any-Reader:把你的VSCode变成摸鱼娱乐中心!": "https://mp.weixin.qq.com/s?__biz=MzA4MjkzMTcxMg==&mid=2449046750&idx=1&sn=8520440de7e2c9aa42cf4933b5394a43", + "2024年度漏洞态势大揭秘:你的网络安全防线还稳固吗?(附下载)": "https://mp.weixin.qq.com/s?__biz=MzkyODY5ODAyOA==&mid=2247489419&idx=1&sn=27d48e4898f7de1f017a5a7bc5bc6a4e", + "13,000个MikroTik路由器因恶意垃圾邮件和网络攻击被僵尸网络劫持": "https://mp.weixin.qq.com/s?__biz=MzA4MzMzOTQ4Mw==&mid=2453672513&idx=1&sn=955e9169d886553304f98bc40ed4718e", + "暗网情报:高价Rust反向Shell-美ISP和网络设备制造商网络访问权限": "https://mp.weixin.qq.com/s?__biz=MzkyMjQ5ODk5OA==&mid=2247506983&idx=1&sn=2130ab0ccce5bafd3881b7e250b88caa", + "5th域安全微讯早报【20250122】019期": "https://mp.weixin.qq.com/s?__biz=MzkyMjQ5ODk5OA==&mid=2247506983&idx=2&sn=0327ca894b9af92ef9b7122f7e70a205", + "今日直播课程(ISO/IEC 27001),敬请您关注": "https://mp.weixin.qq.com/s?__biz=MzA5OTEyNzc1Nw==&mid=2247486014&idx=1&sn=f9a261134b643ac91d42ec2d51189828", + "ISO 14001: 2015 标准详解与实施(20)9.1.1 总则": "https://mp.weixin.qq.com/s?__biz=MzA5OTEyNzc1Nw==&mid=2247486014&idx=2&sn=51c00f82998000dfcbb64df3898c9de4", + "“间谍”正在潜入你的手机": "https://mp.weixin.qq.com/s?__biz=Mzg5OTg5OTI1NQ==&mid=2247489786&idx=1&sn=4b1c4df2d56e34fa521c69996bf42e3f", + "黑客团伙IntelBroker声称已窃取HPE内部机密数据 后者表示正在调查": "https://mp.weixin.qq.com/s?__biz=MzkxNTI2NTQxOA==&mid=2247496070&idx=1&sn=2336cc68b4e452a35795193173f98854", + "一图读懂《关于加强极端场景应急通信能力建设的意见》": "https://mp.weixin.qq.com/s?__biz=MzkxNTI2NTQxOA==&mid=2247496070&idx=2&sn=d0fa64e3e92467220eb923a4612e7960", + "【神兵利器】JAVA JMX漏洞综合利用工具": "https://mp.weixin.qq.com/s?__biz=Mzg4MTU4NTc2Nw==&mid=2247495179&idx=1&sn=0d366655fb6bb139775fc4d4fe333652", + "JBoss 4.x JBossMQ JMS反序列化": "https://mp.weixin.qq.com/s?__biz=Mzg4MTU4NTc2Nw==&mid=2247495179&idx=2&sn=dce36e9b572732a9fddfa1774bcea24c", + "ViewState反序列化漏洞详解": "https://mp.weixin.qq.com/s?__biz=Mzg2MzkwNDU1Mw==&mid=2247485410&idx=1&sn=c516da4c5bcf9729e270e70dc0c6e61d", + "linux清除了文件没有释放空间": "https://mp.weixin.qq.com/s?__biz=Mzg2MzkwNDU1Mw==&mid=2247485410&idx=2&sn=673b6d7c7ff6b3a511f79a660b138423", + "什么是零信任:安全性、原则和架构": "https://mp.weixin.qq.com/s?__biz=MzA5MzU5MzQzMA==&mid=2652114149&idx=1&sn=e6c11500191f7d8bb8a004604a2c5561", + "秦安:新华社喜气洋洋点评,小红书需发挥主体作用,接住泼天富贵": "https://mp.weixin.qq.com/s?__biz=MzA5MDg1MDUyMA==&mid=2650476271&idx=1&sn=580c4508bc163041823038ad9e920e68", + "喜报!炼石荣获中国计算机行业协会网数专委“卓越贡献奖”": "https://mp.weixin.qq.com/s?__biz=MzkyNzE5MDUzMw==&mid=2247568825&idx=1&sn=f8e52c6a4464aec5ef8f1fb39f02e04b", + "如何构建混合云环境下的信息安全策略?": "https://mp.weixin.qq.com/s?__biz=Mzg4NDc0Njk1MQ==&mid=2247487177&idx=1&sn=809cff24a1b39067a2dbd6d345853a90", + "云安全中的共享责任模型:企业与云服务商的界限": "https://mp.weixin.qq.com/s?__biz=Mzg4NDc0Njk1MQ==&mid=2247487177&idx=2&sn=7113ff3d04b276d919b4dc008991e0f4", + "TangGo:国产化的综合能手": "https://mp.weixin.qq.com/s?__biz=MzkzNzg3NzQxMQ==&mid=2247485695&idx=1&sn=2fc7154d71582d71208ba945e123238a", + "AWS 云安全面试准备:10 个重要的 DevOps 概念": "https://mp.weixin.qq.com/s?__biz=MzkyODYwODkyMA==&mid=2247484996&idx=1&sn=4615303b13ce5abb344738596185350e", + "新春福利已就位,海量奖品疯狂来袭!": "https://mp.weixin.qq.com/s?__biz=MzAwMDQwNTE5MA==&mid=2650247705&idx=1&sn=36ed81f86ac26ed621bcaeea900677ad", + "所有的网站都需要办理ICP备案?": "https://mp.weixin.qq.com/s?__biz=MzI4NzA1Nzg5OA==&mid=2247485681&idx=1&sn=fa6e7bd1383473df5734f103139557e7", + "分享图片": "https://mp.weixin.qq.com/s?__biz=MzI3Njc1MjcxMg==&mid=2247494307&idx=1&sn=47e335541d5c4fa8e74793af9324e019", + "全新视频系列《实战源码审计》": "https://mp.weixin.qq.com/s?__biz=Mzg4MzkwNzI1OQ==&mid=2247485719&idx=1&sn=4b3339a03f1b67424f469e8d1b72bdcf", + "OWASP 2025年十大漏洞–被利用/发现的最严重漏洞": "https://mp.weixin.qq.com/s?__biz=MzA5MzU5MzQzMA==&mid=2652114147&idx=1&sn=257856caede83532d8fbbbbaa718c6be", + "126个Linux内核漏洞可让攻击者利用78个 Linux子系统": "https://mp.weixin.qq.com/s?__biz=MzA5MzU5MzQzMA==&mid=2652114147&idx=2&sn=0ec2b581bd93714c8ff60c69bcc70f8b", + "工具推荐 | 内网渗透敏感信息搜索神器": "https://mp.weixin.qq.com/s?__biz=MzkwNjczOTQwOA==&mid=2247493961&idx=1&sn=fd35d4a8a05cae420fa700b36125f0d2", + "网络空间测绘 -- ScopeSentry(V1.5.4)": "https://mp.weixin.qq.com/s?__biz=MzI4MDQ5MjY1Mg==&mid=2247515682&idx=1&sn=7012ed1bd01016412f4a2ac7075c393c", + "第6天:基础入门-抓包技术&HTTPS协议&APP&小程序&PC应用&WEB&转发联动": "https://mp.weixin.qq.com/s?__biz=MzI4MDQ5MjY1Mg==&mid=2247515682&idx=2&sn=b88c75c1bbebb784ce683d00c4f1c092", + "攻防靶场(47):一个dirsearch的坑 Katana": "https://mp.weixin.qq.com/s?__biz=MzI0NjA3Mzk2NQ==&mid=2247495899&idx=1&sn=1dba3bd5431bcf4961d53a9827d4d6ef", + "安卓逆向2025 -- Frida学习之hook案例(七)": "https://mp.weixin.qq.com/s?__biz=MzA4MzgzNTU5MA==&mid=2652037569&idx=1&sn=812d974c4ebdf4db2b99edb6a227a060", + "1Scan一键渗透扫描器|漏洞探测": "https://mp.weixin.qq.com/s?__biz=Mzg3ODE2MjkxMQ==&mid=2247489961&idx=1&sn=f40f050019a99e6f65fa036bc9a7da16", + "春节快到了,来!一起学习春节反诈常识": "https://mp.weixin.qq.com/s?__biz=Mzg2NjY2MTI3Mg==&mid=2247498296&idx=1&sn=20ac1bcef2bd187c39d60b04f7d58bff", + "泛微e-office 11.0 RCE": "https://mp.weixin.qq.com/s?__biz=MzU2NDY2OTU4Nw==&mid=2247518417&idx=1&sn=c64f9f43e83925e92db0882d722b0d76" + }, + "安全客-有思想的安全新媒体": { + "最高级!360获评工信部CAPPVD“三星技术支撑单位”称号": "https://www.anquanke.com/post/id/303728", + "cve-2024-12857: AdForest 主题中的关键漏洞允许完全接管帐户,数千网站面临风险": "https://www.anquanke.com/post/id/303725", + "新型 Mirai 变种 Murdoc_Botnet 通过物联网漏洞发起 DDoS 攻击": "https://www.anquanke.com/post/id/303722", + "2024年,Redline、Vidar和Raccoon恶意软件窃取了10亿个密码": "https://www.anquanke.com/post/id/303719", + "CVE-2025-21298 检测: Microsoft Outlook 中的严重零点击 OLE 漏洞会导致远程代码执行": "https://www.anquanke.com/post/id/303716", + "Bitbucket 服务因全球大停机而“严重瘫痪”": "https://www.anquanke.com/post/id/303713", + "假冒的 Homebrew Google 广告以恶意软件为目标的 Mac 用户": "https://www.anquanke.com/post/id/303710", + "Cloudflare 缓解了破纪录的 5.6 Tbps DDoS 攻击": "https://www.anquanke.com/post/id/303707", + "”偷偷摸摸的日志“微软欺骗计划避开了双因素安全系统": "https://www.anquanke.com/post/id/303704", + "前中情局分析员承认泄露绝密文件罪": "https://www.anquanke.com/post/id/303701" + }, + "Tenable Blog": { + "Oracle January 2025 Critical Patch Update Addresses 186 CVEs": "https://www.tenable.com/blog/oracle-january-2025-critical-patch-update-addresses-186-cves" + }, + "Trustwave Blog": { + "Trustwave SpiderLabs: Ransomware Attacks Against the Energy and Utilities Sector Up 80%": "https://www.trustwave.com/en-us/resources/blogs/trustwave-blog/trustwave-spiderlabs-ransomware-attacks-against-the-energy-and-utilities-sector-up-80-percent/" + }, + "obaby@mars": { + "小年 — 这真的就要过年了?": "https://h4ck.org.cn/2025/01/19030" + }, + "安全脉搏": { + "记一次有点抽象的渗透经历": "https://www.secpulse.com/archives/205044.html", + "CVE复现之老洞新探(CVE-2021-3156)": "https://www.secpulse.com/archives/205000.html", + "在一次渗透中学会编写Tamper脚本": "https://www.secpulse.com/archives/205058.html" + }, + "CXSECURITY Database RSS Feed - CXSecurity.com": { + "Cleo LexiCom / VLTrader / Harmony 5.8.0.23 Remote Code Execution": "https://cxsecurity.com/issue/WLB-2025010023", + "Ivanti Buffer Overflow Proof of Concept": "https://cxsecurity.com/issue/WLB-2025010022", + "LibreNMS Authenticated RCE": "https://cxsecurity.com/issue/WLB-2025010021" + }, + "Security Boulevard": { + "UK Mail Check: DMARC Reporting Changes to Know": "https://securityboulevard.com/2025/01/uk-mail-check-dmarc-reporting-changes-to-know/", + "DEF CON 32 – The Village Peoples’ Panel What Really Goes On In A Village": "https://securityboulevard.com/2025/01/def-con-32-the-village-peoples-panel-what-really-goes-on-in-a-village/", + "Life in the Swimlane with Marian Fehrenbacher, HR Assistant & Office Manager": "https://securityboulevard.com/2025/01/life-in-the-swimlane-with-marian-fehrenbacher-hr-assistant-office-manager/", + "Google Cloud Security Threat Horizons Report #11 Is Out!": "https://securityboulevard.com/2025/01/google-cloud-security-threat-horizons-report-11-is-out/", + "Randall Munroe’s XKCD ‘Human Altitude’": "https://securityboulevard.com/2025/01/randall-munroes-xkcd-human-altitude/", + "Filtered to Perfection: Votiro’s Two-Layer Approach to Cybersecurity": "https://securityboulevard.com/2025/01/filtered-to-perfection-votiros-two-layer-approach-to-cybersecurity/", + "Entra Connect Attacker Tradecraft: Part 2": "https://securityboulevard.com/2025/01/entra-connect-attacker-tradecraft-part-2/", + "Rethinking Credential Security": "https://securityboulevard.com/2025/01/rethinking-credential-security/", + "DEF CON 32 – UDSonCAN Attacks Discovering Safety Critical Risks By Fuzzing": "https://securityboulevard.com/2025/01/def-con-32-udsoncan-attacks-discovering-safety-critical-risks-by-fuzzing/", + "How to Handle Secrets at the Command Line [cheat sheet included]": "https://securityboulevard.com/2025/01/how-to-handle-secrets-at-the-command-line-cheat-sheet-included/" + }, + "一个被知识诅咒的人": { + "【Python运维】Python与Terraform结合:实现云基础设施的自动化部署": "https://blog.csdn.net/nokiaguy/article/details/145305290", + "Python自动化运维:一键掌控服务器的高效之道": "https://blog.csdn.net/nokiaguy/article/details/145305263" + }, + "SpiderLabs Blog": { + "Trustwave SpiderLabs 2025 Trustwave Risk Radar Report: Energy and Utilities Sector": "https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/trustwave-spiderlabs-2025-trustwave-risk-radar-report-energy-and-utilities-sector/" + }, + "Horizon3.ai": { + "Identify Cybersecurity Risks at Scale to De-Risk M&A Transactions with Horizon3.ai’s NodeZero® Platform": "https://go.horizon3.ai/MandA_UseCase#new_tab", + "Horizon3.ai Expands on Disruptive Value of Autonomous Penetration Testing for Security Teams Worldwide": "https://www.businesswire.com/news/home/20250122764892/en/Horizon3.ai-Expands-on-Disruptive-Value-of-Autonomous-Penetration-Testing-for-Security-Teams-Worldwide#new_tab", + "9 Essential Questions to Ask When Evaluating Pentesting Solutions": "https://www.horizon3.ai/intelligence/blogs/9-essential-questions-to-ask-when-evaluating-pentesting-solutions/" + }, + "Malwarebytes": { + "7-Zip bug could allow a bypass of a Windows security feature. Update now": "https://www.malwarebytes.com/blog/news/2025/01/7-zip-bug-could-allow-a-bypass-of-a-windows-security-feature-update-now" + }, + "PortSwigger Research": { + "Stealing HttpOnly cookies with the cookie sandwich technique": "https://portswigger.net/research/stealing-httponly-cookies-with-the-cookie-sandwich-technique" + }, + "Twitter @bytehx": { + "I earned $$$ for my submission on @bugcrowd https://bugcrowd.com/bytehx #ItTakesACrowd": "https://x.com/bytehx343/status/1882032367206060197", + "Just got a reward for a vulnerability submitted on @yeswehack -- Acceptance of Extraneous Untrusted Data With Trusted Data - Cache Poisoning (CWE-349)...": "https://x.com/bytehx343/status/1882032146376004006", + "Re @_justYnot Happy Birthday 🎉🎊🎉": "https://x.com/bytehx343/status/1881888985657770380" + }, + "Intigriti": { + "Unwavering support: Your bug bounty journey, our priority": "https://www.intigriti.com/blog/business-insights/unwavering-support-your-bug-bounty-journey-our-priority" + }, + "安全牛": { + "《Agentic AI安全技术应用报告(2025版)》调研启动": "https://mp.weixin.qq.com/s?__biz=MjM5Njc3NjM4MA==&mid=2651134812&idx=1&sn=560db2a85bcb9df872bc7c83e28d37e0&chksm=bd15ab8f8a6222990be11fb64472a9f9dbdfe32284261408fe230c6c72b2425eabc90345f991&scene=58&subscene=0#rd", + "特朗普推翻拜登人工智能行政命令;警惕!勒索软件团伙滥用微软Teams发起攻击 | 牛览": "https://mp.weixin.qq.com/s?__biz=MjM5Njc3NjM4MA==&mid=2651134812&idx=2&sn=1644fdd615891c190020e26e48734279&chksm=bd15ab8f8a62229945c2a446ad5f94a740189be7bde929cd002d7b0d2cf230da898fbb608135&scene=58&subscene=0#rd" + }, + "体验盒子": { + "vscode运行flutter项目ios真机": "https://www.uedbox.com/post/119313/" + }, + "HackerNews": { + "7-Zip 修复绕过 Windows MoTW 安全警告的漏洞,应立即升级到24.09版": "https://hackernews.cc/archives/57033", + "乌克兰计算机应急响应小组警告:假冒 AnyDesk 请求的网络诈骗": "https://hackernews.cc/archives/57031", + "PNGPlug 加载器通过假冒软件安装程序传播 ValleyRAT 恶意软件": "https://hackernews.cc/archives/57029", + "13000 台 MikroTik 路由器被僵尸网络劫持,用于恶意软件传播和网络攻击": "https://hackernews.cc/archives/57027", + "Mirai 变种 Murdoc Botnet 利用 AVTECH IP 摄像头和华为路由器的安全漏洞": "https://hackernews.cc/archives/57025" + }, + "绿盟科技技术博客": { + "【漏洞通告】Oracle WebLogic Server远程代码执行与拒绝服务漏洞(CVE-2025-21535/CVE-2025-21549)": "https://blog.nsfocus.net/cve-20cve-2025-21535-cve-2025-21549/", + "绿盟威胁情报周报(2025.01.13-2025.01.19)": "https://blog.nsfocus.net/2025-01-13-2025-01-19/" + }, + "bishopfox.com": { + "SonicWall CVE-2024-53704: SSL VPN Session Hijacking": "https://bishopfox.com/blog/sonicwall-cve-2024-53704-ssl-vpn-session-hijacking" + }, + "奇客Solidot–传递最新科技情报": { + "过去一个世纪男性身高体重增长速度两倍于女性": "https://www.solidot.org/story?sid=80399", + "杭州深度求索发布能挑战 OpenAI o1 的推理模型 DeepSeek R1": "https://www.solidot.org/story?sid=80398", + "黑猩猩的撒尿行为具有传染性": "https://www.solidot.org/story?sid=80397", + "耐药菌在乌克兰扩散": "https://www.solidot.org/story?sid=80396", + "中国 2024 年可更新能源装机容量再创记录": "https://www.solidot.org/story?sid=80395", + "Wine 10.0 释出": "https://www.solidot.org/story?sid=80394", + "TikTok 被指限制反特朗普关键词的搜索": "https://www.solidot.org/story?sid=80393", + "IMDb 创始人卸任 CEO 一职": "https://www.solidot.org/story?sid=80392", + "特朗普赦免 Ross Ulbricht": "https://www.solidot.org/story?sid=80391" + }, + "绿盟科技CERT": { + "【漏洞通告】Oracle WebLogic Server远程代码执行与拒绝服务漏洞": "https://mp.weixin.qq.com/s?__biz=Mzk0MjE3ODkxNg==&mid=2247488946&idx=1&sn=64c5620996cc0710ef9e2507f0fc0365&chksm=c2c642b9f5b1cbaf3667d5aae3b668b4e34e0cd89d95893a59c258488748706a1a17b3cd727e&scene=58&subscene=0#rd" + }, + "FreeBuf网络安全行业门户": { + "威胁者利用Microsoft Teams语音通话传播勒索软件": "https://www.freebuf.com/news/420574.html", + "美国前中央情报局分析师承认泄露国防信息": "https://www.freebuf.com/news/420570.html", + "FreeBuf早报 | 特朗普赦免暗网丝绸之路创始人;Microsoft Teams被用于传播勒索软件": "https://www.freebuf.com/news/420528.html", + "特朗普签署文件,特赦暗网“丝绸之路”创始人": "https://www.freebuf.com/news/420526.html", + "2025 年 AI 网络安全预测": "https://www.freebuf.com/news/420517.html", + "勒索软件编年史:从特洛伊到AI多重勒索": "https://www.freebuf.com/articles/neopoints/420510.html", + "7-Zip高危漏洞,攻击者可绕过安全机制远程执行代码": "https://www.freebuf.com/news/420514.html" + }, + "安全客": { + "2024年度网络安全政策法规一览": "https://mp.weixin.qq.com/s?__biz=MzA5ODA0NDE2MA==&mid=2649787787&idx=1&sn=ee8ea4a11f904302c035eb5170b8891e&chksm=8893bde4bfe434f22e9aa593b236330470621bd35552bc2eb979cb1eb05d055b87e7de1f8bde&scene=58&subscene=0#rd" + }, + "虎符智库": { + "厚雪翻长坡,平淡不平凡:2024年网安产业发展态势剖析及2025年趋势展望": "https://mp.weixin.qq.com/s?__biz=MzIwNjYwMTMyNQ==&mid=2247492937&idx=1&sn=eac85a2e8d53918cee8a65c4ad935830&chksm=971d884ba06a015d1c88f5e338ffa29adba7552fcc1c63dd404cbab21a6a508226f88500bf16&scene=58&subscene=0#rd" + }, + "青衣十三楼飞花堂": { + "你们可以调戏飞花堂了": "https://mp.weixin.qq.com/s?__biz=MzUzMjQyMDE3Ng==&mid=2247487930&idx=1&sn=061cb565fbd0b5f0a5d754835656e58f&chksm=fab2d285cdc55b93453c5c4517e23599a8527cb0315540799c22c5ada2b5e5ba6d03d7da885e&scene=58&subscene=0#rd" + }, + "安全内参": { + "这家IT供应商被黑,导致多地公共服务被迫中断多天": "https://mp.weixin.qq.com/s?__biz=MzI4NDY2MDMwMw==&mid=2247513561&idx=1&sn=2796a6ba28137e2416855e83c1d45e5f&chksm=ebfaf2f9dc8d7bef4177fa9314612f542e0997c62ce65bd62a7a54182dfee525e14ce8e1aa10&scene=58&subscene=0#rd", + "持续贯彻关基安全!美国运安局延长管道网络安全指令有效期": "https://mp.weixin.qq.com/s?__biz=MzI4NDY2MDMwMw==&mid=2247513561&idx=2&sn=815ef59fe9fe66e6e8be342a53433267&chksm=ebfaf2f9dc8d7befc4b6c6c02e08010a0431501f361b43e8f5d4bfc2c386251fdb1bd8623e09&scene=58&subscene=0#rd" + }, + "丁爸 情报分析师的工具箱": { + "【技巧】开源情报(OSINT):套接字理论(Socket Theory)情报分析师如何更好隐藏自己": "https://mp.weixin.qq.com/s?__biz=MzI2MTE0NTE3Mw==&mid=2651148647&idx=1&sn=4df1f367b82341e8c092ea12a7dec4c8&chksm=f1af265dc6d8af4b44f8d605298e979248080faba260608e5337d953231ea561f4d414f69a65&scene=58&subscene=0#rd" + }, + "威努特安全网络": { + "十强!威努特斩获2024年网络安全优秀评选三项大奖": "https://mp.weixin.qq.com/s?__biz=MzAwNTgyODU3NQ==&mid=2651130654&idx=1&sn=72ece0485d56a8dbc791b20108f0943c&chksm=80e711aeb79098b8a34f63daf9b2d40b35e548f4fb03e44e4e22727512c1edaf44485a832523&scene=58&subscene=0#rd" + }, + "信安之路": { + "即使变卖个人资产,也要给大家把工资补上!": "https://mp.weixin.qq.com/s?__biz=MzI5MDQ2NjExOQ==&mid=2247499756&idx=1&sn=18d3cb30c32fc3d1c30f8f3e453e08a4&chksm=ec1dcfc4db6a46d24a59b9f5b73d6883c46b004ca97f3e0a2819a832775f00a0690175e9ef33&scene=58&subscene=0#rd" + }, + "安全学术圈": { + "期刊征文 | 暗网抑制前沿进展": "https://mp.weixin.qq.com/s?__biz=MzU5MTM5MTQ2MA==&mid=2247491610&idx=1&sn=8b6c9caf92435cbd9b76b77686619972&chksm=fe2d1f91c95a9687a5251b386c368783346127d6aa161b3035246676e5d21f1ba3e728035993&scene=58&subscene=0#rd" + }, + "奇安信 CERT": { + "【已复现】Rsync 堆缓冲区溢出漏洞(CVE-2024-12084)安全风险通告": "https://mp.weixin.qq.com/s?__biz=MzU5NDgxODU1MQ==&mid=2247502951&idx=1&sn=09d5b62b3cc3e71fec3a8595f18318a2&chksm=fe79e8ffc90e61e905225d9918798d40f77be91e0a5961c95f1ab8235b4d42623eb0ecca28ad&scene=58&subscene=0#rd", + "Oracle 2025年1月补丁日多产品高危漏洞安全风险通告": "https://mp.weixin.qq.com/s?__biz=MzU5NDgxODU1MQ==&mid=2247502951&idx=2&sn=21655dd26fe10def4a6c6546fdf240d4&chksm=fe79e8ffc90e61e9fd1b2697f079954e6002507bd3d9fe45bf9331fc3c21481d0b14887ce263&scene=58&subscene=0#rd" + }, + "腾讯安全威胁情报中心": { + "游戏辅助的隐藏威胁|传播于游戏论坛的“Catlavan”后门分析报告": "https://mp.weixin.qq.com/s?__biz=MzI5ODk3OTM1Ng==&mid=2247510023&idx=1&sn=190730a6182da1469a76c29ec479ae13&chksm=ec9f7174dbe8f86290b0ced6fb6032de62bf76e90dabb9f7bbcb0f264b0d177e146f5c205169&scene=58&subscene=0#rd" + }, + "安全圈": { + "【安全圈】特朗普上任首日,被囚 11 年的丝绸之路创始人获释": "https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067553&idx=1&sn=bad8f735186597a7ef0a02f03be5d6e4&chksm=f36e7aa1c419f3b781ca98c7976cd5a7773de11683684d499d776e2d152beb4b6d086497c9b5&scene=58&subscene=0#rd", + "【安全圈】420万主机暴露,含VPN和路由器": "https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067553&idx=2&sn=ce83805d756cb11a77b84cb9413465be&chksm=f36e7aa1c419f3b73ed660099b42c7414eb3133abb1020174807cc6d27124906b801371b772d&scene=58&subscene=0#rd", + "【安全圈】2024年近2亿人受影响,美国医疗成重点攻击目标": "https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067553&idx=3&sn=126c3fc5cb7d6a7dc18e3e9a213e8170&chksm=f36e7aa1c419f3b73f5070ef02018ac480c01ce4abcf00f26ead2c9550281e5931adb0e75eec&scene=58&subscene=0#rd", + "【安全圈】7-Zip 漏洞可让远程攻击者绕过保护并执行任意代码": "https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067553&idx=4&sn=2c06e2c2a5011eb86894033a1e6c41fc&chksm=f36e7aa1c419f3b7663e1033a2b71bafbadf19c12ebb839d8cc5c2a954da81be8f83c2a04925&scene=58&subscene=0#rd" + }, + "信息安全国家工程研究中心": { + "小年纳福,满载祝愿": "https://mp.weixin.qq.com/s?__biz=MzU5OTQ0NzY3Ng==&mid=2247498734&idx=1&sn=2d5de0a8283c56deb2559e0af561e376&chksm=feb67afdc9c1f3eb9c541f85173a09a82542709c15edcc23d9d2c392cfb951aaa72acb7894a7&scene=58&subscene=0#rd" + }, + "腾讯科恩实验室": { + "游戏辅助的隐藏威胁|传播于游戏论坛的“Catlavan”后门分析报告": "https://mp.weixin.qq.com/s?__biz=MzU1MjgwNzc4Ng==&mid=2247512659&idx=1&sn=ca99588eed415d2fdbdd87c4e666b662&chksm=fbfe8e56cc89074039ffcc9bb0544c3f4285b0fb28a480034307d88019f5b1fa8e610a5e494e&scene=58&subscene=0#rd" + }, + "dotNet安全矩阵": { + ".NET 通过代码审计发现 ERP 系统中两个任意文件上传漏洞": "https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498371&idx=1&sn=d7e51b293b5afd36bf501f82d547e678&chksm=fa59546ecd2edd789772877b71ddaf889a171c0baebaed5bc5d84e1dc59ec80a6efff9da250e&scene=58&subscene=0#rd", + ".NET 安全攻防知识交流社区": "https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498371&idx=2&sn=cbf2bdba768768419faf4c4791dd2c1b&chksm=fa59546ecd2edd78ca9bfcbd53bc87340dd852aad612de53fa03fd221f56cf441ed2ed07d75c&scene=58&subscene=0#rd", + "通过 Sharp4SuoPoc 从原理上复现 Visual Studio 投毒事件": "https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498371&idx=3&sn=81f6211052fdbd84bfa5f5b833c14bea&chksm=fa59546ecd2edd78667ab8745d36715a39fb789abb78742e20b611f6645859db72e35cbd719d&scene=58&subscene=0#rd" + }, + "代码卫士": { + "7-Zip 修复高危的 Windows MoTW 安全告警绕过漏洞": "https://mp.weixin.qq.com/s?__biz=MzI2NTg4OTc5Nw==&mid=2247522153&idx=1&sn=b0d2973a6eb87e554fb62b7ddfa10dfb&chksm=ea94a603dde32f1580de59ef6a2b8fb600c6cbb237024a672b5a02660c7fc1f7184f617fce4c&scene=58&subscene=0#rd", + "FTC要求通用停止收集和出售驾驶员数据": "https://mp.weixin.qq.com/s?__biz=MzI2NTg4OTc5Nw==&mid=2247522153&idx=2&sn=2d3b81592eb7e14fd1f16c714fa4e016&chksm=ea94a603dde32f154142371d59146a916e8ef1fa49b42310d2eb5bfe8ad83bb64ef5d322ff3e&scene=58&subscene=0#rd" + }, + "中国信息安全": { + "专题·人工智能安全治理 | 人工智能安全治理的中国认知与方案": "https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235367&idx=1&sn=297855efd370925c872f5757635232be&chksm=8b58039ebc2f8a88688e473f6a44b4c239be99a0ba5386a09e21cf1d002e5dcdd7e2325f74a9&scene=58&subscene=0#rd", + "专家解读 | 魏亮:统筹布局国家数据基础设施,夯实数据要素价值释放基础": "https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235367&idx=2&sn=25380b016bd022eb3f12db20a0ccfc4e&chksm=8b58039ebc2f8a8869cac9ab3b937000109e1bc8586b3a96741dec89798acb3e5f9040f94935&scene=58&subscene=0#rd", + "专家观点 | 李峥:以合作开启AI“20万亿美元时代”": "https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235367&idx=3&sn=3d746ccbf7a383c1aedc7863ea48df60&chksm=8b58039ebc2f8a880d7e7215965672500409cf64649cd90b5c34904471aa388bcb73103ba0f7&scene=58&subscene=0#rd", + "前沿 | 人工智能赋能网络空间作战": "https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235367&idx=4&sn=c17951f71c4e1d4580510b7ec0275644&chksm=8b58039ebc2f8a88b47c7a35f7dc8a087f071e32ef0532f12bf4124a44b87ca50bad5d909c41&scene=58&subscene=0#rd", + "国际 | 域外国家网络信息治理制度": "https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235367&idx=5&sn=6ddc0df87190ccc4b866a5a488ce4fb3&chksm=8b58039ebc2f8a8896afda5e765776e17020efd79d33c784f1366c5562fad84ffa2dff0a63cd&scene=58&subscene=0#rd", + "观点 | 面对深度伪造视频我们可以做什么": "https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235367&idx=6&sn=1ed425e7056807c6c44ddd42f4cb1512&chksm=8b58039ebc2f8a884bcb07c456537203d4b50492e19be7158c46536ddef4697201d18a32a6b9&scene=58&subscene=0#rd", + "评论 | 打破AI谣言“黑箱”,需要社会共治": "https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235367&idx=7&sn=2cb7b1348c0399a07373f5b5204e5aff&chksm=8b58039ebc2f8a88d98241c6473a4a5e4f8e0c55edc0ed31581cd87507a5b76f11dd3cadae3c&scene=58&subscene=0#rd" + }, + "数世咨询": { + "2024年美国医疗数据泄露:585起事件波及1.8亿用户": "https://mp.weixin.qq.com/s?__biz=MzkxNzA3MTgyNg==&mid=2247534927&idx=1&sn=27a17db142bc885941f8e7cdff24512c&chksm=c1443bf2f633b2e463df61b01cdb06d125f74e36e30588da3656a4be570526cab7b66dfe24ae&scene=58&subscene=0#rd", + "公安部公布8起打击网络黑客犯罪典型案例": "https://mp.weixin.qq.com/s?__biz=MzkxNzA3MTgyNg==&mid=2247534927&idx=2&sn=2b32138cf1f6349d72f172a77aa0dd8e&chksm=c1443bf2f633b2e41762afc5662ff5168a1a405414ad7663b499af40bda5558d801e98db35a9&scene=58&subscene=0#rd" + }, + "看雪学苑": { + "XCTF-SUCTF 2025-部分Pwn题解": "https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458589076&idx=1&sn=a4d861f2130373f4a922c1529d1fba78&chksm=b18c271e86fbae08ca00e3c9447214607f5d2bfc89d8578c33474f3e72602833a386405c44e4&scene=58&subscene=0#rd", + "7-Zip高危漏洞曝光!攻击者可绕过安全机制远程执行代码,速升级": "https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458589076&idx=2&sn=d0f764edebe291ce5b96f036fabe1a56&chksm=b18c271e86fbae08b860c61d822fe9c14f3216204f7890876285cf7d58d7086a9d18b2c2002e&scene=58&subscene=0#rd", + "更新5节!系统0day 安全-企业级网络设备固件漏洞挖掘(第7期)": "https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458589076&idx=3&sn=07bb4636837dcc2fbabded998321ad6e&chksm=b18c271e86fbae086f08a8628ae493c5626bf7b7941dbf05b7856553b1bd2011fe2f5765c6b1&scene=58&subscene=0#rd" + }, + "国家互联网应急中心CNCERT": { + "网络安全信息与动态周报2025年第3期(1月13日-1月19日)": "https://mp.weixin.qq.com/s?__biz=MzIwNDk0MDgxMw==&mid=2247499624&idx=1&sn=8064268553ca5916417015861fb3acd9&chksm=973acc0aa04d451cff471b69b6ae264370dfad346c96825845c4c4e2b621762d5af60277379b&scene=58&subscene=0#rd" + }, + "补天平台": { + "辞暮尔尔,烟火年年 | 补天平台春节放假通知": "https://mp.weixin.qq.com/s?__biz=MzI2NzY5MDI3NQ==&mid=2247507336&idx=1&sn=8d6c060a3c6485878ea8c3f08e2d93b5&chksm=eaf995c4dd8e1cd240f87a81e954cd8badfa1ee7bc6b8880f5c8f0755698a4140faa0ccf103e&scene=58&subscene=0#rd" + }, + "情报分析师": { + "加沙真相被掩盖?BBC报道背后的“信息筛选”": "https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650559158&idx=1&sn=6312581755ed3402c281e8b588aed0a5&chksm=87117cfdb066f5eb6185844e09e4da7ee5a256338379f42723a5bb295394a5eabd6bd525c664&scene=58&subscene=0#rd", + "揭露俄罗斯GRU的秘密行动,被指资助阿塔数千万美元": "https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650559158&idx=2&sn=04237d391e688d8663478dec1917a891&chksm=87117cfdb066f5eb62c527d68166b9e7581ef040a0bb3f72b651e477165fb4e85671f8d4eb56&scene=58&subscene=0#rd", + "TikTok禁令:从事件始末到未来走向的深度剖析": "https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650559158&idx=3&sn=330b69e1e87d2e662ee62ac84a2df529&chksm=87117cfdb066f5ebcc303b472a145a703011592673d932403cee104f36e1641206f07c3eba87&scene=58&subscene=0#rd" + }, + "默安科技": { + "默安科技2025年春节值守安排": "https://mp.weixin.qq.com/s?__biz=MzIzODQxMjM2NQ==&mid=2247500248&idx=1&sn=f1957f05b1fb0ede1aed87f4c0603dad&chksm=e93b36fade4cbfec2e3df9f97123506b4d13e096ac812e8ba98db9b2fcbc04073fb7839a847c&scene=58&subscene=0#rd" + }, + "威胁棱镜": { + "2024 年 Any.Run 恶意软件趋势报告": "https://mp.weixin.qq.com/s?__biz=MzkyMzE5ODExNQ==&mid=2247487612&idx=1&sn=09a327bfbe389a1f868570bafd81d159&chksm=c1e9e7b0f69e6ea6aee11492fcd298ab2ea9cbba8c8dde6f81fa56d6591a6932ed53c6fadcab&scene=58&subscene=0#rd" + }, + "极客公园": { + "新总统山寨币疯狂收割 500 亿美元,只是比特币国家战略一部分?": "https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653072613&idx=1&sn=cb3a3b24855c3b969f4d586c72218f00&chksm=7e57d15349205845d2da4c3b22b0b9fadb97006921d79a96e31455c143851c835443f9164077&scene=58&subscene=0#rd", + "OpenAI+软银5000亿美元投资AI基建;新 ModelY、小米 YU7实车曝光;小红书启用「rednote」|极客早知道": "https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653072586&idx=1&sn=01f46944418d1ed105a097f841268626&chksm=7e57d17c4920586a12299e2a2473709a61c4b7d1d33e4885d4963adcc8b3f020d715bdcf93c8&scene=58&subscene=0#rd" + }, + "Over Security - Cybersecurity news aggregator": { + "Ransomware in Healthcare: A Comprehensive Subsector Analysis": "https://catchingphish.com/posts/f/ransomware-in-healthcare-a-comprehensive-subsector-analysis", + "Critical zero-days impact premium WordPress real estate plugins": "https://www.bleepingcomputer.com/news/security/critical-zero-days-impact-premium-wordpress-real-estate-plugins/", + "Cloudflare CDN flaw leaks user location data, even through secure chat apps": "https://www.bleepingcomputer.com/news/security/cloudflare-cdn-flaw-leaks-user-location-data-even-through-secure-chat-apps/", + "BreachForums admin to be resentenced after appeals court slams supervised release": "https://therecord.media/breachforums-resentenced-supervised-release-admin", + "Telegram captcha tricks you into running malicious PowerShell scripts": "https://www.bleepingcomputer.com/news/security/telegram-captcha-tricks-you-into-running-malicious-powershell-scripts/", + "Flashpoint Weekly Vulnerability Insights and Prioritization Report": "https://flashpoint.io/blog/flashpoint-weekly-vulnerability-insights-prioritization/", + "China-linked hacker group targets victims in East Asia with malicious VPN installers": "https://therecord.media/china-hacker-group-vpns-backdoor", + "Trump pardons Silk Road founder Ross Ulbricht": "https://therecord.media/ross-ulbricht-silk-road-pardoned-trump", + "Trump admin tells all Democrats on intelligence oversight board to resign": "https://therecord.media/trump-admin-tells-democrats-on-intel-oversight-board-to-resign", + "Cisco warns of denial of service flaw with PoC exploit code": "https://www.bleepingcomputer.com/news/security/cisco-warns-of-denial-of-service-flaw-with-poc-exploit-code/", + "Iran and Russia deepen cyber ties with new agreement": "https://therecord.media/russia-iran-cyber-ties-agreement", + "PowerSchool hacker claims they stole data of 62 million students": "https://www.bleepingcomputer.com/news/security/powerschool-hacker-claims-they-stole-data-of-62-million-students/", + "Come tracciare la sicurezza della software supply chain": "https://guerredirete.substack.com/p/come-tracciare-la-sicurezza-della", + "Trump administration fires members of cybersecurity review board in “horribly shortsighted” decision": "https://techcrunch.com/2025/01/22/trump-administration-fires-members-of-cybersecurity-review-board-in-horribly-shortsighted-decision/", + "Oh my .. ! - Suspicious network traffic detected including Ransomware": "https://dfir.ch/posts/suspicious_network_traffic_ransomware/", + "Conduent confirms cybersecurity incident behind recent outage": "https://www.bleepingcomputer.com/news/security/conduent-confirms-cybersecurity-incident-behind-recent-outage/", + "Windows 11 24H2 now also offered to all eligible Windows 10 PCs": "https://www.bleepingcomputer.com/news/microsoft/microsoft-expands-windows-11-24h2-rollout-to-eligible-windows-10-pcs/", + "MasterCard DNS Error Went Unnoticed for Years": "https://krebsonsecurity.com/2025/01/mastercard-dns-error-went-unnoticed-for-years/", + "Use this AI chatbot prompt to create a password-exclusion list": "https://www.bleepingcomputer.com/news/security/use-this-ai-chatbot-prompt-to-create-a-password-exclusion-list/", + "IPany VPN breached in supply-chain attack to push custom malware": "https://www.bleepingcomputer.com/news/security/ipany-vpn-breached-in-supply-chain-attack-to-push-custom-malware/", + "Hackers exploit 16 zero-days on first day of Pwn2Own Automotive 2025": "https://www.bleepingcomputer.com/news/security/hackers-exploit-16-zero-days-on-first-day-of-pwn2own-automotive-2025/", + "Trump administration removes private sector leaders from all DHS panels, including CSRB": "https://therecord.media/trump-dhs-removal-private-sector-members-advisory-boards", + "Questions grow over whether Baltic Sea cable damage was sabotage or accidental": "https://therecord.media/finland-eagle-s-tanker-questions-over-alleged-sabotage", + "Targeted supply chain attack against Chrome browser extensions": "https://blog.sekoia.io/targeted-supply-chain-attack-against-chrome-browser-extensions/", + "How Threat Intelligence Lookup Helps Enterprises": "https://any.run/cybersecurity-blog/how-threat-intelligence-lookup-helps-enterprises/", + "Australian Cyber Security Centre Targets Bulletproof Hosting Providers to Disrupt Cybercrime Networks": "https://cyble.com/blog/acsc-highlights-bulletproof-hosting-providers/", + "La battaglia di Lyptsi e l’evoluzione della guerra robotizzata": "https://www.guerredirete.it/la-battaglia-di-lyptsi-e-levoluzione-della-guerra-robotizzata/", + "Preventing Phishing Attacks, Before They Catch You": "https://www.kelacyber.com/blog/preventing-phishing-attacks-before-they-catch-you/", + "Welhof - 107,292 breached accounts": "https://haveibeenpwned.com/PwnedWebsites#Welhof", + "Frame & Optic - 15,678 breached accounts": "https://haveibeenpwned.com/PwnedWebsites#FrameAndOptic", + "Denuvo Analysis | Connor-Jay's Blog": "https://connorjaydunn.github.io/blog/posts/denuvo-analysis/", + "Cyble Finds Thousands of Security Vendor Credentials on Dark Web": "https://cyble.com/blog/thousands-of-security-vendor-credentials-found-on-dark-web/" + }, + "Krypt3ia": { + "Krypt3ia’s Survival Guide for Safe Communications in Today’s Internet and Social Media Landscape": "https://krypt3ia.wordpress.com/2025/01/22/krypt3ias-survival-guide-for-safe-communications-in-todays-internet-and-social-media-landscape/", + "Krypt3ia Daily Threat Intel Digest 1.22.25": "https://krypt3ia.wordpress.com/2025/01/22/krypt3ia-daily-threat-intel-digest-1-22-25/" + }, + "迪哥讲事": { + "某攻防演练|从404页面到接管阿里云": "https://mp.weixin.qq.com/s?__biz=MzIzMTIzNTM0MA==&mid=2247496928&idx=1&sn=871a0d0002a589ed9b98ae6ed97158f9&chksm=e8a5fe83dfd27795744d51346215bef2df4e6387a31ad6a46cc7cb07b0d3a71b274a5f895b82&scene=58&subscene=0#rd" + }, + "Have I Been Pwned latest breaches": { + "Frame & Optic - 15,678 breached accounts": "https://haveibeenpwned.com/PwnedWebsites#FrameAndOptic", + "Welhof - 107,292 breached accounts": "https://haveibeenpwned.com/PwnedWebsites#Welhof" + }, + "360数字安全": { + "“以模制模”!360大模型安全解决方案获权威机构推荐": "https://mp.weixin.qq.com/s?__biz=MzA4MTg0MDQ4Nw==&mid=2247579180&idx=1&sn=9c7924d356a6e97806314b7890ec70d4&chksm=9f8d2624a8faaf320e482da401f346c27512c8d91786d43e0dffb1009c7ebbe4c0274b1fcc5e&scene=58&subscene=0#rd", + "六大行业典型案例!360霸榜2024中国网络安全产业势能榜": "https://mp.weixin.qq.com/s?__biz=MzA4MTg0MDQ4Nw==&mid=2247579180&idx=2&sn=9620c63a3e0e81ef64b85953dda3a2d7&chksm=9f8d2624a8faaf322a4f0e24696a63b8d7a266a0ec61b3612dc8b22a492bc005b327a0400fd7&scene=58&subscene=0#rd" + }, + "ICT Security Magazine": { + "Eventi Cybersecurity 2025 – Il futuro della sicurezza digitale": "https://www.ictsecuritymagazine.com/notizie/eventi-cybersecurity-2025-il-futuro-della-sicurezza-digitale/", + "Anomaly Detection tramite Neural Networks: identificazione di pattern anomali e prevenzione dei cyber attacchi": "https://www.ictsecuritymagazine.com/articoli/anomaly-detection-sec/" + }, + "SANS Internet Storm Center, InfoCON: green": { + "ISC Stormcast For Thursday, January 23rd, 2025 https://isc.sans.edu/podcastdetail/9292, (Wed, Jan 22nd)": "https://isc.sans.edu/diary/rss/31618", + "Catching CARP: Fishing for Firewall States in PFSync Traffic, (Wed, Jan 22nd)": "https://isc.sans.edu/diary/rss/31616", + "ISC Stormcast For Wednesday, January 22nd, 2025 https://isc.sans.edu/podcastdetail/9290, (Wed, Jan 22nd)": "https://isc.sans.edu/diary/rss/31614" + }, + "嘶吼专业版": { + "2024中国网络安全产业势能榜优能企业「电力行业」典型案例展示": "https://mp.weixin.qq.com/s?__biz=MzI0MDY1MDU4MQ==&mid=2247580933&idx=1&sn=200f586bf5e6ebc5b131de6824aa91ce&chksm=e9146d3fde63e429d8233882c021aca40e581dd642e4fb6699b9d5e926f90a92500d920177dd&scene=58&subscene=0#rd", + "Otelier 遭遇网络攻击导致数百万酒店预订信息泄露": "https://mp.weixin.qq.com/s?__biz=MzI0MDY1MDU4MQ==&mid=2247580933&idx=2&sn=0a59602d0f6ce921931618ecc83d85d6&chksm=e9146d3fde63e4290f78a380c4fe948178ab82a46e7ba25bb0f7b2a8e6881c6c448b52c28a91&scene=58&subscene=0#rd" + }, + "Posts By SpecterOps Team Members - Medium": { + "Entra Connect Attacker Tradecraft: Part 2": "https://posts.specterops.io/entra-connect-attacker-tradecraft-part-2-672df0147abc?source=rss----f05f8696e3cc---4" + }, + "火绒安全": { + "QQ音乐遭遇“白加黑”利用,网站被劫持推广传奇私服": "https://mp.weixin.qq.com/s?__biz=MzI3NjYzMDM1Mg==&mid=2247521743&idx=1&sn=7d0d609cffb045d031bdba1a74baee80&chksm=eb704bf0dc07c2e6f4ce1baf70c50eae31af800684d54c7bb88be8c67e11cdd0d9cef32321a1&scene=58&subscene=0#rd", + "诚邀渠道合作伙伴共启新征程": "https://mp.weixin.qq.com/s?__biz=MzI3NjYzMDM1Mg==&mid=2247521743&idx=2&sn=c4bb1454856772f63647451003483a12&chksm=eb704bf0dc07c2e6695c9ab8933305dc28c4873fdd7326e88f3d667e611aadc0c77505fa29e3&scene=58&subscene=0#rd" + }, + "Instapaper: Unread": { + "Experts found multiple flaws in Mercedes-Benz infotainment system": "https://securityaffairs.com/173275/hacking/mercedes-benz-infotainment-system-flaws.html", + "Windows BitLocker Vulnerability(CVE-2025-21210) Exploited in Randomization Attack": "https://cybersecuritynews.com/windows-bitlocker-vulnerability-exploited/", + "Report riepilogativo sulle tendenze delle campagne malevole analizzate dal CERT-AGID nel 2024": "https://cert-agid.gov.it/news/report-riepilogativo-sulle-tendenze-delle-campagne-malevole-analizzate-dal-cert-agid-nel-2024/", + "13,000 MikroTik Routers Hijacked by Botnet for Malspam and Cyberattacks": "https://thehackernews.com/2025/01/13000-mikrotik-routers-hijacked-by.html", + "Il 15enne che ha violato …": "https://roccosicilia.com/2025/01/21/il-15enne-che-ha-violato/", + "Mirai Botnet Launches Record 5.6 Tbps DDoS Attack with 13,000+ IoT Device": "https://thehackernews.com/2025/01/mirai-botnet-launches-record-56-tbps.html" + }, + "Graham Cluley": { + "Half a million hotel guests at risk after hackers accessed sensitive data": "https://www.bitdefender.com/en-us/blog/hotforsecurity/half-a-million-hotel-guests-at-risk-after-hackers-accessed-sensitive-data" + }, + "The Grey Corner": { + "Accessing the Kubernetes API using captured credentials and HTTP clients": "/2025/01/22/accessing-the-kubernetes-api-using-captured.html" + }, + "Trend Micro Research, News and Perspectives": { + "Invisible Prompt Injection: A Threat to AI Security": "https://www.trendmicro.com/en_us/research/25/a/invisible-prompt-injection-secure-ai.html" + }, + "Security Affairs": { + "Pwn2Own Automotive 2025 Day 1: organizers awarded $382,750 for 16 zero-days": "https://securityaffairs.com/173344/hacking/pwn2own-automotive-2025-day-1.html", + "Two ransomware groups abuse Microsoft’s Office 365 platform to gain access to target organizations": "https://securityaffairs.com/173328/cyber-crime/ransomware-groups-abuse-microsofts-office-365-platform.html", + "Cloudflare blocked a record-breaking 5.6 Tbps DDoS attack": "https://securityaffairs.com/173318/cyber-crime/cloudflare-blocked-record-5-6-tbps-ddos-attack.html", + "A 7-Zip bug allows to bypass the Mark of the Web (MotW) feature": "https://securityaffairs.com/173310/hacking/7-zip-flaw-bypass-the-mark-of-the-web-motw.html" + }, + "Palo Alto Networks Blog": { + "A New Era of Protection — Multicloud Security": "https://www.paloaltonetworks.com/blog/2025/01/multicloud-security/" + }, + "The Register - Security": { + "Trump 'waved a white flag to Chinese hackers' as Homeland Security axed cyber advisory boards": "https://go.theregister.com/feed/www.theregister.com/2025/01/22/dhs_axes_cyber_advisory_boards/", + "Supply chain attack hits Chrome extensions, could expose millions": "https://go.theregister.com/feed/www.theregister.com/2025/01/22/supply_chain_attack_chrome_extension/", + "Give users confidence in your digital infrastructure": "https://go.theregister.com/feed/www.theregister.com/2025/01/22/give_users_confidence_in_your/", + "Microsoft issues out-of-band fix for Windows Server 2022 NUMA glitch": "https://go.theregister.com/feed/www.theregister.com/2025/01/22/windows_server_numa_glitch/", + "Silk Road's Dread Pirate Roberts walks free as Trump pardons dark web kingpin": "https://go.theregister.com/feed/www.theregister.com/2025/01/22/silk_road_founder_freed/", + "Infosec was literally the last item in Trump's policy plan, yet major changes are likely on his watch": "https://go.theregister.com/feed/www.theregister.com/2025/01/22/trump_cyber_policy/", + "Ransomware scum make it personal for Reg readers by impersonating tech support": "https://go.theregister.com/feed/www.theregister.com/2025/01/22/ransomware_crews_abuse_microsoft_teams/", + "PowerSchool theft latest: Decades of Canadian student records, data from 40-plus US states feared stolen": "https://go.theregister.com/feed/www.theregister.com/2025/01/22/powerschool_canada_lawsuits/" + }, + "Krebs on Security": { + "MasterCard DNS Error Went Unnoticed for Years": "https://krebsonsecurity.com/2025/01/mastercard-dns-error-went-unnoticed-for-years/" + }, + "Deep Web": { + "Trump pardons Ross Ulbricht, fulfilling campaign promise": "https://www.reddit.com/r/deepweb/comments/1i6y6ca/trump_pardons_ross_ulbricht_fulfilling_campaign/", + "I just know Ross feels like a million bucks. Just yesterday this man had a whole life sentence, shiiiiit Welcome home tho Ross !": "https://www.reddit.com/r/deepweb/comments/1i7eaxs/i_just_know_ross_feels_like_a_million_bucks_just/" + }, + "Your Open Hacker Community": { + "I made a hack for AssaultCube with a menu": "https://www.reddit.com/r/HowToHack/comments/1i7mzwg/i_made_a_hack_for_assaultcube_with_a_menu/", + "using monitor and managed mode at the same time? (debian trixie, mt7921)": "https://www.reddit.com/r/HowToHack/comments/1i7pe1p/using_monitor_and_managed_mode_at_the_same_time/", + "Where do you find enjoyment/interest from hacking/cyber sec": "https://www.reddit.com/r/HowToHack/comments/1i7fb4c/where_do_you_find_enjoymentinterest_from/", + "need help making bad usb": "https://www.reddit.com/r/HowToHack/comments/1i7klmu/need_help_making_bad_usb/", + "How to solve hcaptcha with solved Token?": "https://www.reddit.com/r/HowToHack/comments/1i7h1d0/how_to_solve_hcaptcha_with_solved_token/", + "Directional help": "https://www.reddit.com/r/HowToHack/comments/1i7esex/directional_help/", + "what is the difference between opening a new terminal and using tmux to start a new session?": "https://www.reddit.com/r/HowToHack/comments/1i776tk/what_is_the_difference_between_opening_a_new/", + "fake email date": "https://www.reddit.com/r/HowToHack/comments/1i79d59/fake_email_date/", + "Retrieving my website": "https://www.reddit.com/r/HowToHack/comments/1i7edfe/retrieving_my_website/", + "HELP???": "https://www.reddit.com/r/HowToHack/comments/1i7fced/help/", + "Notebook capable of brute-forcing 8-10 digit passwords (hashing algorithm doesn’t matter)": "https://www.reddit.com/r/HowToHack/comments/1i798i0/notebook_capable_of_bruteforcing_810_digit/", + "i need strategies on how to hack something specific. please message me if you want to or can help": "https://www.reddit.com/r/HowToHack/comments/1i76fcl/i_need_strategies_on_how_to_hack_something/", + "Impossible Bully": "https://www.reddit.com/r/HowToHack/comments/1i75rsq/impossible_bully/" + }, + "Hacking Exposed Computer Forensics Blog": { + "Daily Blog #725: Project adaz testing part 3": "https://www.hecfblog.com/2025/01/daily-blog-725-project-adaz-testing.html" + }, + "The Hacker News": { + "Trump Terminates DHS Advisory Committee Memberships, Disrupting Cybersecurity Review": "https://thehackernews.com/2025/01/trump-terminates-dhs-advisory-committee.html", + "Hackers Exploit Zero-Day in cnPilot Routers to Deploy AIRASHI DDoS Botnet": "https://thehackernews.com/2025/01/hackers-exploit-zero-day-in-cnpilot.html", + "Discover Hidden Browsing Threats: Free Risk Assessment for GenAI, Identity, Web, and SaaS Risks": "https://thehackernews.com/2025/01/discover-hidden-browsing-threats-free.html", + "President Trump Pardons Silk Road Creator Ross Ulbricht After 11 Years in Prison": "https://thehackernews.com/2025/01/president-trump-pardons-silk-road.html", + "PlushDaemon APT Targets South Korean VPN Provider in Supply Chain Attack": "https://thehackernews.com/2025/01/plushdaemon-apt-targets-south-korean.html", + "Oracle Releases January 2025 Patch to Address 318 Flaws Across Major Products": "https://thehackernews.com/2025/01/oracle-releases-january-2025-patch-to.html", + "Mirai Botnet Launches Record 5.6 Tbps DDoS Attack with 13,000+ IoT Devices": "https://thehackernews.com/2025/01/mirai-botnet-launches-record-56-tbps.html" + }, + "Technical Information Security Content & Discussion": { + "Attacks on Maven proxy repositories": "https://www.reddit.com/r/netsec/comments/1i7hf2w/attacks_on_maven_proxy_repositories/", + "Stealing HttpOnly cookies with the cookie sandwich technique": "https://www.reddit.com/r/netsec/comments/1i7i6k7/stealing_httponly_cookies_with_the_cookie/", + "Pivot into Azure DevOps using stolen sessions": "https://www.reddit.com/r/netsec/comments/1i7chgt/pivot_into_azure_devops_using_stolen_sessions/", + "Next.js, cache, and chains: the stale elixir": "https://www.reddit.com/r/netsec/comments/1i779q3/nextjs_cache_and_chains_the_stale_elixir/", + "Testing Prompt Injection Attacks with promptmap2": "https://www.reddit.com/r/netsec/comments/1i7dcs2/testing_prompt_injection_attacks_with_promptmap2/" + }, + "Schneier on Security": { + "AI Will Write Complex Laws": "https://www.schneier.com/blog/archives/2025/01/ai-will-write-complex-laws.html" + }, + "Computer Forensics": { + "RSMF samples": "https://www.reddit.com/r/computerforensics/comments/1i7iq8q/rsmf_samples/" + }, + "TorrentFreak": { + "Tech Industry Urges EU to Halt Italy’s Overreaching Anti-Piracy Measures": "https://torrentfreak.com/tech-industry-urges-eu-to-halt-italys-overreaching-anti-piracy-measures-250122/", + "Telegram ‘Suspends RuTracker’s Channel’ For Copyright Infringement": "https://torrentfreak.com/telegram-suspends-rutrackers-channel-for-copyright-infringement-250122/" + }, + "Information Security": { + "How to make your own choatic Map function?": "https://www.reddit.com/r/Information_Security/comments/1i7lq5h/how_to_make_your_own_choatic_map_function/" + }, + "Deeplinks": { + "Texas Is Enforcing Its State Data Privacy Law. So Should Other States.": "https://www.eff.org/deeplinks/2025/01/texas-enforcing-its-state-data-privacy-law-so-should-other-states", + "The FTC’s Ban on GM and OnStar Selling Driver Data Is a Good First Step": "https://www.eff.org/deeplinks/2025/01/ftcs-ban-gm-and-onstar-selling-driver-behavior-good-first-step", + "VICTORY! Federal Court (Finally) Rules Backdoor Searches of 702 Data Unconstitutional": "https://www.eff.org/deeplinks/2025/01/victory-federal-court-finally-rules-backdoor-searches-702-data-unconstitutional", + "Protecting “Free Speech” Can’t Just Be About Targeting Political Opponents": "https://www.eff.org/deeplinks/2025/01/protecting-free-speech-cant-just-be-about-targeting-political-opponents" + }, + "网安寻路人": { + "美商务部《保障ICT供应链:联网汽车》规则(全文翻译)": "https://mp.weixin.qq.com/s?__biz=MzIxODM0NDU4MQ==&mid=2247506068&idx=1&sn=c5502bc907a76a432d06dd4e9098d0ad&chksm=97e9657ea09eec68b79604df8d37e514ee417e337a622644f90cec47ae5279e4ff5696c56c0d&scene=58&subscene=0#rd" + }, + "Security Weekly Podcast Network (Audio)": { + "The Future Of The CISO - Jeff Pollard, Jess Burn - BSW #379": "http://sites.libsyn.com/18678/the-future-of-the-ciso-jeff-pollard-jess-burn-bsw-379" + } +} \ No newline at end of file diff --git a/today.md b/today.md index b814a4476f..44a5ab85e7 100644 --- a/today.md +++ b/today.md @@ -1,315 +1,501 @@ -# 每日安全资讯(2025-01-22) +# 每日安全资讯(2025-01-23) - 奇安信攻防社区 - - [ ] [windows com组件模糊测试入门](https://forum.butian.net/share/4060) - - [ ] [实战 | 微信小程序EDUSRC渗透漏洞复盘](https://forum.butian.net/share/4055) + - [ ] [2.35版本以下堆沙盒绕过模板总结带例题](https://forum.butian.net/share/4063) + - [ ] [巧用Chrome-CDP远程调用Debug突破JS逆向](https://forum.butian.net/share/4062) - SecWiki News - - [ ] [SecWiki News 2025-01-21 Review](http://www.sec-wiki.com/?2025-01-21) -- Security Boulevard - - [ ] [GDPR Compliance in the US: Checklist and Requirements](https://securityboulevard.com/2025/01/gdpr-compliance-in-the-us-checklist-and-requirements/) - - [ ] [AI Code Generation: The Risks and Benefits of AI in Software](https://securityboulevard.com/2025/01/ai-code-generation-the-risks-and-benefits-of-ai-in-software/) - - [ ] [What PCI Attestation of Compliance Is and How to Get It](https://securityboulevard.com/2025/01/what-pci-attestation-of-compliance-is-and-how-to-get-it/) - - [ ] [Understanding the Principle of Least Privilege (PoLP)](https://securityboulevard.com/2025/01/understanding-the-principle-of-least-privilege-polp/) - - [ ] [DEF CON 32 – A (Shallow) Dive Into World Of Aircraft PKI](https://securityboulevard.com/2025/01/def-con-32-a-shallow-dive-into-world-of-aircraft-pki/) - - [ ] [Start the year by protecting your privacy— A stalkerware quick check](https://securityboulevard.com/2025/01/start-the-year-by-protecting-your-privacy-a-stalkerware-quick-check/) - - [ ] [Randall Munroe’s XKCD ‘Uncanceled Units’](https://securityboulevard.com/2025/01/randall-munroes-xkcd-uncanceled-units-2/) - - [ ] [Trump U-Turn: TikTok’s On-Again/Off-Again U.S. Ban](https://securityboulevard.com/2025/01/trump-eo-tik-tok-richixbw/) - - [ ] [Healthcare Cybersecurity: The Chronic Condition We Can’t Ignore](https://securityboulevard.com/2025/01/healthcare-cybersecurity-the-chronic-condition-we-cant-ignore/) - - [ ] [DEF CON 32 – Analyzing the Security of Satellite Based Air Traffic Control](https://securityboulevard.com/2025/01/def-con-32-analyzing-the-security-of-satellite-based-air-traffic-control/) -- CXSECURITY Database RSS Feed - CXSecurity.com - - [ ] [OCLS MSMS-PHP (by: oretnom23 ) v1.0 -Copyright © 2025. All rights reserved. File Upload-FU and Remote Code Execution-RCE Vul](https://cxsecurity.com/issue/WLB-2025010020) - - [ ] [NeoServ Studio - Website Builder Manager Admin SQLi Bypass](https://cxsecurity.com/issue/WLB-2025010018) -- 安全客-有思想的安全新媒体 - - [ ] [360获中国计算机行业协会网络和数据安全专业委员会卓越贡献奖](https://www.anquanke.com/post/id/303696) - - [ ] [CVE-2025-22146 (CVSS 9.1): 关键哨兵漏洞允许账户接管](https://www.anquanke.com/post/id/303693) - - [ ] [TP-Link 漏洞: 针对 CVE-2024-54887 的 PoC 漏洞利用揭示了远程代码执行风险](https://www.anquanke.com/post/id/303690) - - [ ] [CVE-2025-0411:7-Zip 安全漏洞导致代码执行 - 立即更新](https://www.anquanke.com/post/id/303687) - - [ ] [工业交换机漏洞可被远程利用](https://www.anquanke.com/post/id/303684) - - [ ] [物联网僵尸网络助长针对全球组织的大规模 DDoS 攻击](https://www.anquanke.com/post/id/303681) - - [ ] [ChatGPT Crawler漏洞:通过HTTP请求进行DDOS攻击](https://www.anquanke.com/post/id/303678) - - [ ] [甲骨文 2025 年 1 月关键补丁更新:解决 320 个安全漏洞](https://www.anquanke.com/post/id/303675) - - [ ] [黑客利用 AnyDesk 冒充 CERT-UA 发起网络攻击](https://www.anquanke.com/post/id/303670) - - [ ] [黑客声称窃取源代码,HPE 对漏洞进行调查](https://www.anquanke.com/post/id/303667) -- Recent Commits to cve:main - - [ ] [Update Tue Jan 21 20:24:41 UTC 2025](https://github.com/trickest/cve/commit/093beab0c1e8739243099093f563ebb6c97a18ce) - - [ ] [Update Tue Jan 21 12:20:41 UTC 2025](https://github.com/trickest/cve/commit/089836ae7b2b9ed56ef865018b8ed702bf381412) - - [ ] [Update Tue Jan 21 04:24:29 UTC 2025](https://github.com/trickest/cve/commit/5430c3170b21fc90a9a4e98ee3d768521e921e95) + - [ ] [SecWiki News 2025-01-22 Review](http://www.sec-wiki.com/?2025-01-22) +- Private Feed for M09Ic + - [ ] [killeven starred xpipe-io/xpipe](https://github.com/xpipe-io/xpipe) + - [ ] [gh0stkey starred deepseek-ai/DeepSeek-R1](https://github.com/deepseek-ai/DeepSeek-R1) + - [ ] [zer0yu starred yamadashy/repomix](https://github.com/yamadashy/repomix) + - [ ] [gh0stkey starred 0x727/ChkApi_0x727](https://github.com/0x727/ChkApi_0x727) + - [ ] [zer0yu starred RooVetGit/Roo-Code](https://github.com/RooVetGit/Roo-Code) + - [ ] [gh0stkey starred TrialMacApp/TrialMacApp](https://github.com/TrialMacApp/TrialMacApp) + - [ ] [gh0stkey starred tyilo/insert_dylib](https://github.com/tyilo/insert_dylib) + - [ ] [timwhitez starred RustScan/RustScan](https://github.com/RustScan/RustScan) + - [ ] [TideSec released v2.7.1 项目数据导出 at TideSec/TscanPlus](https://github.com/TideSec/TscanPlus/releases/tag/v2.7.1) + - [ ] [INotGreen starred passthehashbrowns/Being-A-Good-CLR-Host](https://github.com/passthehashbrowns/Being-A-Good-CLR-Host) + - [ ] [yqcs forked yqcs/bolt.diy from stackblitz-labs/bolt.diy](https://github.com/yqcs/bolt.diy) + - [ ] [Rvn0xsy starred 0x727/ChkApi_0x727](https://github.com/0x727/ChkApi_0x727) + - [ ] [CHYbeta starred nullenc0de/Cognitohunter](https://github.com/nullenc0de/Cognitohunter) + - [ ] [zema1 started following joaoviictorti](https://github.com/joaoviictorti) + - [ ] [zema1 starred joaoviictorti/coffeeldr](https://github.com/joaoviictorti/coffeeldr) + - [ ] [TideSec starred metowolf/qqwry.dat](https://github.com/metowolf/qqwry.dat) + - [ ] [gh0stkey starred wibus-wee/InjectGUI](https://github.com/wibus-wee/InjectGUI) + - [ ] [Y4er started following ph4ntonn](https://github.com/ph4ntonn) + - [ ] [DVKunion starred bin456789/reinstall](https://github.com/bin456789/reinstall) + - [ ] [CHYbeta starred odradev/awesome-zero-knowledge](https://github.com/odradev/awesome-zero-knowledge) + - [ ] [spf13 starred DS4SD/docling](https://github.com/DS4SD/docling) + - [ ] [spf13 starred Bin-Huang/chatbox](https://github.com/Bin-Huang/chatbox) + - [ ] [spf13 starred Wox-launcher/Wox](https://github.com/Wox-launcher/Wox) + - [ ] [spf13 starred danielmiessler/fabric](https://github.com/danielmiessler/fabric) - 嘶吼 RoarTalk – 网络安全行业综合服务平台,4hou.com - - [ ] [2024 年 12 月头号恶意软件:基于 AI 的勒索软件团伙 FunkSec 风头渐起](https://www.4hou.com/posts/6MxN) - - [ ] [新型物联网僵尸网络现身,疯狂劫持设备发动大规模 DDoS 攻击](https://www.4hou.com/posts/0MoN) + - [ ] [Otelier 数据泄露导致数百万酒店预订信息泄露](https://www.4hou.com/posts/kgjv) + - [ ] [守正创新,持续突破!国投智能数字政务业务年终盘点](https://www.4hou.com/posts/mk03) + - [ ] [Check Point 公司发布《2025 年安全报告》显示,随着网络威胁生态系统日渐成熟,网络攻击次数骤增 44%](https://www.4hou.com/posts/gyDj) +- Recent Commits to cve:main + - [ ] [Update Wed Jan 22 20:24:04 UTC 2025](https://github.com/trickest/cve/commit/7d634b304016aab3bf32893e04ac98344c8a90d0) + - [ ] [Update Wed Jan 22 12:24:00 UTC 2025](https://github.com/trickest/cve/commit/5709cff610e63bf7d61893e46720b8f8ab18d7f3) + - [ ] [Update Wed Jan 22 04:28:36 UTC 2025](https://github.com/trickest/cve/commit/350528609cf8c384d52a5bb8542ffa105cc6b361) +- Doonsec's feed + - [ ] [我实验室2篇论文被WWW 2025接收!](https://mp.weixin.qq.com/s?__biz=MzU4NzUxOTI0OQ==&mid=2247492834&idx=1&sn=36396f6cc39b8c9b87eead00faf8c111) + - [ ] [快速上手渗透测试报告写作:从WP到甲方报告的一站式指南](https://mp.weixin.qq.com/s?__biz=MzA3NDE0NTY0OQ==&mid=2247484103&idx=1&sn=285be13254e14304496c192d45c05002) + - [ ] [美国财政部再对中国一家网络安全公司和一名个人实施制裁](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485452&idx=1&sn=4384fb7ca51f3e1139db829611f6fc43) + - [ ] [【直卖实拍】北七家3居变4居豪装,理想楼层、户型、朝向](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485452&idx=2&sn=c6375b484d936854df5ada100b9ff24e) + - [ ] [【干货】笑傲职场的独家经验(1)](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485452&idx=3&sn=2a8340ae9404ef7ccfe64398b85e2267) + - [ ] [【干货原创】实网攻防演习常态化,会带来什么变化01](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485452&idx=4&sn=fcd594b0e515f7eadff4e4df46c29ba5) + - [ ] [【干货原创】K12教育,鲜为人知的模式秘密](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485452&idx=5&sn=a2cf457c4941e1e16638dd4bddd10903) + - [ ] [原创文章目录](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485452&idx=6&sn=a0bf66a3ff572c1df283577b241ea3cc) + - [ ] [Windows进阶版安全事件应急响应分析](https://mp.weixin.qq.com/s?__biz=MzI1Mjc3NTUwMQ==&mid=2247538503&idx=1&sn=823611c94f399812ab24f75ac97ade94) + - [ ] [云安全(二):对象存储](https://mp.weixin.qq.com/s?__biz=MzkyMjUzNTM1Mw==&mid=2247486992&idx=1&sn=f553fbcdf572da09cdf767e6c39b230f) + - [ ] [国内没人讲,国外电动车测评不惯着新势力新能源汽车](https://mp.weixin.qq.com/s?__biz=MzkwMjQyNjAxMA==&mid=2247484825&idx=1&sn=2fdaa5a56346aac19da121b702f3a1fd) + - [ ] [【漏洞预警】pearProjectApi存在SQL注入漏洞](https://mp.weixin.qq.com/s?__biz=MzI3NzMzNzE5Ng==&mid=2247489507&idx=1&sn=cdbcc7dac604210a7fa351e96c1bbaa9) + - [ ] [【漏洞预警】YesWiki 存在经过身份验证的任意文件删除漏洞(CVE-2025-24019)](https://mp.weixin.qq.com/s?__biz=MzI3NzMzNzE5Ng==&mid=2247489507&idx=2&sn=43309d019012fc2d5146638f21cf4cdb) + - [ ] [link-tools工具箱](https://mp.weixin.qq.com/s?__biz=MzU2MTc4NTEyNw==&mid=2247486391&idx=1&sn=0f8c045e6dfb3362f22fb8d1a7f32da2) + - [ ] [抓包分析FTP协议及原理](https://mp.weixin.qq.com/s?__biz=MzAxNTg1MDYxNA==&mid=2247489174&idx=1&sn=6e16fbcc3137f63cf7a73a438af5e7e4) + - [ ] [浅谈《通信网络安全防护管理办法》](https://mp.weixin.qq.com/s?__biz=MzI4NzA1Nzg5OA==&mid=2247485688&idx=1&sn=2dcf3598a5664123095e9ca1608b8800) + - [ ] [【技巧】开源情报(OSINT):套接字理论(Socket Theory)情报分析师如何更好隐藏自己](https://mp.weixin.qq.com/s?__biz=MzI2MTE0NTE3Mw==&mid=2651148647&idx=1&sn=4df1f367b82341e8c092ea12a7dec4c8) + - [ ] [强烈推荐|超好用的网安大模型](https://mp.weixin.qq.com/s?__biz=Mzg5NTY3NTMxMQ==&mid=2247484536&idx=1&sn=b056b6036c8dc99ff081f004dc23caff) + - [ ] [使用 Evilginx 轻松绕过 MFA](https://mp.weixin.qq.com/s?__biz=MzkwOTE5MDY5NA==&mid=2247504689&idx=1&sn=ebe28721272600d656ad2acd2611a716) + - [ ] [OSINT|值得拥有的TOP5工具](https://mp.weixin.qq.com/s?__biz=MzkxMDIwMTMxMw==&mid=2247494462&idx=1&sn=ed829c96e96e34bcd8db231435dcfe19) + - [ ] [我要学习 | 本公众号第一次公开课:前端爆破加解密、JS调试分析加密爆破](https://mp.weixin.qq.com/s?__biz=Mzk0NzQxNzY2OQ==&mid=2247488005&idx=1&sn=592dae68ea021e9ac446992060cf267c) + - [ ] [信创已经到关键期--人人必须要知道的政策](https://mp.weixin.qq.com/s?__biz=MzkwNDI0MjkzOA==&mid=2247485838&idx=1&sn=dd4be512901b9a931d6d7681f3b1e5b1) + - [ ] [ctftools-all-in-oneV7.5](https://mp.weixin.qq.com/s?__biz=MzI1NzUxOTUzMA==&mid=2247485778&idx=1&sn=3b0ff74d522d161b0a91bd13453019f1) + - [ ] [搞网络安全怎么赚大钱!!!](https://mp.weixin.qq.com/s?__biz=Mzk0MzY3MDE5Mg==&mid=2247483972&idx=1&sn=5f01535fafc100416448c9fb3a7162a6) + - [ ] [红队开发:让自己的Shellcode实现SMC](https://mp.weixin.qq.com/s?__biz=Mzg3OTUxNTU2NQ==&mid=2247490015&idx=1&sn=0cdb71c24b75dcb4bf801925daf80188) + - [ ] [CTF:Phar反序列化漏洞学习笔记](https://mp.weixin.qq.com/s?__biz=Mzg3OTUxNTU2NQ==&mid=2247490015&idx=2&sn=e906ce0834778a54573549a04e207af6) + - [ ] [Ansible fetch模块详解:轻松从远程主机抓取文件](https://mp.weixin.qq.com/s?__biz=Mzg3OTUxNTU2NQ==&mid=2247490015&idx=3&sn=2345a568a480fa2af4f3055b4a20e422) + - [ ] [【工具推荐】URLFinder-x 信息收集工具](https://mp.weixin.qq.com/s?__biz=Mzg3OTUxNTU2NQ==&mid=2247490015&idx=4&sn=e51a2edc4bd80f79155f95e73f56a74e) + - [ ] [【安全圈】特朗普上任首日,被囚 11 年的丝绸之路创始人获释](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067553&idx=1&sn=bad8f735186597a7ef0a02f03be5d6e4) + - [ ] [【安全圈】420万主机暴露,含VPN和路由器](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067553&idx=2&sn=ce83805d756cb11a77b84cb9413465be) + - [ ] [【安全圈】2024年近2亿人受影响,美国医疗成重点攻击目标](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067553&idx=3&sn=126c3fc5cb7d6a7dc18e3e9a213e8170) + - [ ] [【安全圈】7-Zip 漏洞可让远程攻击者绕过保护并执行任意代码](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067553&idx=4&sn=2c06e2c2a5011eb86894033a1e6c41fc) + - [ ] [2025年最新渗透测试虚拟机工具箱汇总](https://mp.weixin.qq.com/s?__biz=MzkyMzg4MTY4Ng==&mid=2247484594&idx=1&sn=585d3369395a3f45ab99f107d28a3463) + - [ ] [特斯拉电动汽车越狱](https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247619987&idx=1&sn=d6821c8b8105f5f77f3461cfbd94e684) + - [ ] [基于 Linux 的汽车计算机的安全隔离与案例研究](https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247619987&idx=2&sn=ee7b65f10a49000391f08bc76432de8a) + - [ ] [远程车辆控制的关键 - 自动驾驶域控制器 百度](https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247619987&idx=3&sn=1387d6e1758c003c565cdbf395dfc69f) + - [ ] [某攻防演练|从404页面到接管阿里云](https://mp.weixin.qq.com/s?__biz=MzIzMTIzNTM0MA==&mid=2247496928&idx=1&sn=871a0d0002a589ed9b98ae6ed97158f9) + - [ ] [关于召开宁夏商用密码应用安全性评估业务培训工作会议的预通知](https://mp.weixin.qq.com/s?__biz=MzI5NTM4OTQ5Mg==&mid=2247633960&idx=1&sn=50eb0fb22088f21b070e66f7d7e9584a) + - [ ] [江苏省数据条例正式发布](https://mp.weixin.qq.com/s?__biz=MzI5NTM4OTQ5Mg==&mid=2247633960&idx=2&sn=bb5de81413dedac432a0b709af22b410) + - [ ] [《Web3.0数字身份密码安全体系研究(2024年)》正式发布](https://mp.weixin.qq.com/s?__biz=MzI5NTM4OTQ5Mg==&mid=2247633960&idx=3&sn=643e1c6917e0dce418857355ad3c1c9b) + - [ ] [专家解读 | 魏亮:统筹布局国家数据基础设施,夯实数据要素价值释放基础](https://mp.weixin.qq.com/s?__biz=MzI5NTM4OTQ5Mg==&mid=2247633960&idx=4&sn=134507671490e2845e85db11c3be566d) + - [ ] [美国IT供应商被黑,导致多地公共服务被迫中断多天](https://mp.weixin.qq.com/s?__biz=MzI5NTM4OTQ5Mg==&mid=2247633960&idx=5&sn=6918146fda0592a974fd01cf1925c11c) + - [ ] [乘风破浪,行稳致远 —— 新潮信息2024年度盛典圆满落幕](https://mp.weixin.qq.com/s?__biz=MzkwNDcyODgwOQ==&mid=2247486769&idx=1&sn=ec8b1275fbd5a504490eef87766c3aa1) + - [ ] [安全专家亲测演示:用这个方法,邻居家的WiFi密码一碰就开](https://mp.weixin.qq.com/s?__biz=MzI5MjY4MTMyMQ==&mid=2247489766&idx=1&sn=605087abaf5c1f6db011dcd9e668e8b0) + - [ ] [人间逢小年,祝大家万事皆如愿](https://mp.weixin.qq.com/s?__biz=Mzg4NzQ4MzA4Ng==&mid=2247485185&idx=1&sn=7fd770df097013d9a338a34a41d0bc8c) + - [ ] [缺乏的不是资源,而是真正的教育](https://mp.weixin.qq.com/s?__biz=MzkwODY2MzMyMA==&mid=2247484531&idx=1&sn=6283dfe0b1f0cd0be19c277bdf2f8076) + - [ ] [汇编语言基础教程](https://mp.weixin.qq.com/s?__biz=MzA4ODEyODA3MQ==&mid=2247490098&idx=1&sn=ed0be305f2c8c9de0fff326bc45f1ce9) + - [ ] [Remcos RAT远控木马分析](https://mp.weixin.qq.com/s?__biz=MzA4ODEyODA3MQ==&mid=2247490098&idx=2&sn=4a0e7ccccb8b29ea9fb45b2e6470e088) + - [ ] [CE了解](https://mp.weixin.qq.com/s?__biz=MzkxMjYyMjA3Mg==&mid=2247485392&idx=1&sn=a3204187202136c21f954c939c9d6a3d) + - [ ] [App对抗系列—Root检测对抗](https://mp.weixin.qq.com/s?__biz=MzU3OTYxNDY1NA==&mid=2247484886&idx=1&sn=dd4e714506b98b4971ca44a8c838c966) + - [ ] [【信科动态】蓄势待发 共创辉煌 — 信科共创2025年会圆满举办](https://mp.weixin.qq.com/s?__biz=MzIyNTIyMTU1Nw==&mid=2247485220&idx=1&sn=9a2dbc483e538d6cfa865f6dd956dbfd) + - [ ] [【权威发布】CNNIC最新《中国互联网络发展状况统计报告》发布](https://mp.weixin.qq.com/s?__biz=MzIyNTIyMTU1Nw==&mid=2247485220&idx=2&sn=0a2a314bc37a8521c1d2716667929149) + - [ ] [【数安天地】2025年我国数据领域明确重点任务](https://mp.weixin.qq.com/s?__biz=MzIyNTIyMTU1Nw==&mid=2247485220&idx=3&sn=32cb839b2a727c01270ea47e1df58290) + - [ ] [【AI安全】2024年度人工智能……](https://mp.weixin.qq.com/s?__biz=MzIyNTIyMTU1Nw==&mid=2247485220&idx=4&sn=abfa6ea3dca53098a88613093bb4449e) + - [ ] [【网安前沿】人数超TikTOK!……](https://mp.weixin.qq.com/s?__biz=MzIyNTIyMTU1Nw==&mid=2247485220&idx=5&sn=5c373b4d772f9ce5160eed1cb8773743) + - [ ] [混沌](https://mp.weixin.qq.com/s?__biz=MzIwODc2NjgxNA==&mid=2247484977&idx=1&sn=bfdeaa70d34c3c8a5d24edb80197bdc6) + - [ ] [带你解锁编码新世界!--随波逐流CTF编码工具使用教程39 --polybius棋盘密码](https://mp.weixin.qq.com/s?__biz=MzU2NzIzNzU4Mg==&mid=2247489560&idx=1&sn=f13a82f3662c6aaff65700a0bb33ad1c) + - [ ] [Coremail邮箱客户端安装与账户配置(macOS x86版)](https://mp.weixin.qq.com/s?__biz=MzkxMjY3MTI4Mg==&mid=2247484607&idx=1&sn=f63e575f4158cdb39e613b1f7c85eb5a) + - [ ] [关于公示2025年工业和信息化部移动互联网APP产品安全漏洞专业库支撑单位的通知](https://mp.weixin.qq.com/s?__biz=MzkyMjM4MzY5Ng==&mid=2247486052&idx=1&sn=672267c39bd61c609b8a70aa6fe4dba4) + - [ ] [支撑单位遴选 | 关于开展2025年工业和信息化部移动互联网APP产品安全漏洞专业库支撑单位遴选工作的通知](https://mp.weixin.qq.com/s?__biz=MzkyMjM4MzY5Ng==&mid=2247486052&idx=2&sn=df504e3f60bd71a5f51f6ddfc79ceac2) + - [ ] [AI快速上手:新手如何用ChatGPT写好医学影像学文献综述的全攻略!](https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247493247&idx=1&sn=e8b8fb7965bdb36fbd8d60043f77110e) + - [ ] [AI驱动教育学论文初稿快速生成:核心流程与实战指北!](https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247493247&idx=2&sn=e818116fd4106e8a0f70c6dc696a890e) + - [ ] [AI驱动下的法语论文文献综述战法:半天高效清空20个刊物的内参秘籍。](https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247493247&idx=3&sn=bd8b3f8df3fabad7af824fd5f9a552ee) + - [ ] [AI时代:教你玩转小学教育论文大纲的落实与完善攻略。](https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247493247&idx=4&sn=aaae4c45ec27234ca0aed2ae90c7dc4c) + - [ ] [AI时代:ChatGPT助你一天搞定法语论文大纲完善内部高阶指南!](https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247493247&idx=5&sn=abd5d43185cc32d17ba024114fd783ad) + - [ ] [安世加实战派沙龙第二期之办公终端安全在北京成功举办(2025.01.11/周六、北京)](https://mp.weixin.qq.com/s?__biz=MzU2MTQwMzMxNA==&mid=2247541441&idx=1&sn=b4996a6803ef5cac9358f5c0abc692c7) + - [ ] [【工具分享】HermeticRansom勒索病毒恢复工具](https://mp.weixin.qq.com/s?__biz=MzkyOTQ0MjE1NQ==&mid=2247496544&idx=1&sn=b0532021322be29222853520f63e6c37) + - [ ] [起床了吗,我要结婚了](https://mp.weixin.qq.com/s?__biz=Mzg4NDg2NTM3NQ==&mid=2247484692&idx=1&sn=c1bd4168ea28a88992c34b9370b2afcc) + - [ ] [下辈子别做网安了](https://mp.weixin.qq.com/s?__biz=MzIxNTIzNTExMQ==&mid=2247490797&idx=1&sn=f884b6f04d1985bae7bb9a55eb1c2706) + - [ ] [区块链学习笔记之初探以太坊](https://mp.weixin.qq.com/s?__biz=MjM5MjEyMTcyMQ==&mid=2651037431&idx=1&sn=33663e3a850d9c8b658bad904c08ce0a) + - [ ] [领导者不变,中国厂商全无|Gartner 访问管理 2024 MQ 发布](https://mp.weixin.qq.com/s?__biz=MzkzNjE5NjQ4Mw==&mid=2247543326&idx=1&sn=8f60ed73ede9f28b5c71d30f94a81e9e) + - [ ] [DeepSeek+OpenAI Swarm,做Agent的绝配](https://mp.weixin.qq.com/s?__biz=Mzg5NTMxMjQ4OA==&mid=2247485586&idx=1&sn=fa8cd22e23818be8a4f85c034b2653e9) + - [ ] [《灵根换途:重铸荣耀》](https://mp.weixin.qq.com/s?__biz=MzI1NDU2MzAzNQ==&mid=2247487775&idx=1&sn=bdeb4114b72038469c576c5cd7ef0abf) + - [ ] [数据经纪商Gravy Analytics遭黑客攻击 数百万用户位置信息泄露](https://mp.weixin.qq.com/s?__biz=MzIwNzAwOTQxMg==&mid=2652251252&idx=1&sn=08c27d24f45df08156ccbb320a916ca7) + - [ ] [关于调整半决赛入围队伍名单公示](https://mp.weixin.qq.com/s?__biz=MzI1NzQ0NTMxMQ==&mid=2247490073&idx=1&sn=1196e582372868c1cdcdc85590fe6ec2) + - [ ] [小年 | 小年辞旧岁,新春序幕开](https://mp.weixin.qq.com/s?__biz=MzU3MDA0MTE2Mg==&mid=2247492489&idx=1&sn=f7ae189fc8a91f74ba5b7ca2cd070e3d) + - [ ] [今日,小年](https://mp.weixin.qq.com/s?__biz=MzkyNDUxNTQ2Mw==&mid=2247485811&idx=1&sn=b6f89d271a02e0fe0ecaa468674cd746) + - [ ] [美商务部《保障ICT供应链:联网汽车》规则(全文翻译)](https://mp.weixin.qq.com/s?__biz=MzIxODM0NDU4MQ==&mid=2247506068&idx=1&sn=c5502bc907a76a432d06dd4e9098d0ad) + - [ ] [小年纳福 喜迎新春](https://mp.weixin.qq.com/s?__biz=MzI2NDYzNjY0Mg==&mid=2247501129&idx=1&sn=78727fa4943031118593e6589cac1f03) + - [ ] [Payloads for LFR/LFD](https://mp.weixin.qq.com/s?__biz=Mzg2NTk4MTE1MQ==&mid=2247486492&idx=1&sn=2a26b6645da3eac6fb5fd1bb53bb5ba9) + - [ ] [秋风AI代码审计工具1.0 上线!](https://mp.weixin.qq.com/s?__biz=MzkzMzczODA0OQ==&mid=2247484087&idx=1&sn=946eec98d2649ebae893bd340fc6f023) + - [ ] [CERT-UA 警告网络诈骗者冒充该机构利用虚假AnyDesk请求控制目标](https://mp.weixin.qq.com/s?__biz=MzI2NzAwOTg4NQ==&mid=2649793938&idx=2&sn=8ef11a28a3fa79bc3bd6ed37a79f3e6a) + - [ ] [《信息安全学报》“智能语音攻防技术”专栏征稿函](https://mp.weixin.qq.com/s?__biz=MzI5ODA1NjE5NQ==&mid=2652014647&idx=1&sn=082ad04011ce661af109ade0f59b2d6f) + - [ ] [税前年薪50-200万,高层次网络安全人才招聘](https://mp.weixin.qq.com/s?__biz=MzU4OTg4Nzc4MQ==&mid=2247505628&idx=1&sn=b6131a18925f1d2c27b52a044ac7c20a) + - [ ] [江西银行2025年社会招聘网络安全岗](https://mp.weixin.qq.com/s?__biz=MzU4OTg4Nzc4MQ==&mid=2247505628&idx=2&sn=48d0b333d0c895679e394c93cb955922) + - [ ] [年薪50-80万!湖南省密码工程技术研究中心招聘信息安全专业](https://mp.weixin.qq.com/s?__biz=MzU4OTg4Nzc4MQ==&mid=2247505628&idx=3&sn=bc981945ca96eb0dd824e4fb8aef48d9) + - [ ] [3000+网安笔记](https://mp.weixin.qq.com/s?__biz=MzU4OTg4Nzc4MQ==&mid=2247505628&idx=4&sn=6bafb661c0c79d06eaea7321bccf9b1d) + - [ ] [期刊征文 | 暗网抑制前沿进展](https://mp.weixin.qq.com/s?__biz=MzU5MTM5MTQ2MA==&mid=2247491610&idx=1&sn=8b6c9caf92435cbd9b76b77686619972) + - [ ] [红包封面第二弹!](https://mp.weixin.qq.com/s?__biz=MzUzMDQ1MTY0MQ==&mid=2247506597&idx=1&sn=e0fb7f14d115e5e6a81cf58be6938690) + - [ ] [工信部等十四部门联合印发《关于加强极端场景应急通信能力建设的意见》](https://mp.weixin.qq.com/s?__biz=Mzg2MDg0ODg1NQ==&mid=2247539969&idx=1&sn=d0b20062f59c4c2627623f4a0110a99a) + - [ ] [【解读】五问+一图,读懂《关于加强极端场景应急通信能力建设的意见》](https://mp.weixin.qq.com/s?__biz=Mzg2MDg0ODg1NQ==&mid=2247539969&idx=2&sn=fc62411ebb093dc6e8ba7a1a293e7968) + - [ ] [祥和小年至,新岁启新程!](https://mp.weixin.qq.com/s?__biz=MzU4NjY4MDAyNQ==&mid=2247497015&idx=1&sn=d54c943e8370d2b504197ce7125a9bd3) + - [ ] [.NET 安全攻防知识交流社区](https://mp.weixin.qq.com/s?__biz=MzkyMDM4NDM5Ng==&mid=2247490330&idx=2&sn=a8b44c92013aa2897bc50f5869a74a94) + - [ ] [梅赛德斯—奔驰信息娱乐系统漏洞详细信息披露](https://mp.weixin.qq.com/s?__biz=MzIzNDIxODkyMg==&mid=2650085835&idx=1&sn=55b9b7d447e31ed5e6a7016fc118aba7) + - [ ] [北方小年|糖瓜祭灶 新年来到](https://mp.weixin.qq.com/s?__biz=MzIzNDIxODkyMg==&mid=2650085835&idx=2&sn=62fa38baa6534b965a3ee784c8c23c5b) + - [ ] [定制红包封面、蛇年手机壁纸,天融信愿您新的一年福气满屏!](https://mp.weixin.qq.com/s?__biz=MzA3OTMxNTcxNA==&mid=2650963107&idx=1&sn=9bbaad123506d1da711ab3643c51c8d5) + - [ ] [小年快乐 | 文末领取励行安全专属红包封面](https://mp.weixin.qq.com/s?__biz=MzkxNTY4NTQwMg==&mid=2247484280&idx=1&sn=2263d238e09a658039a7a2399a3257d9) + - [ ] [Lazarus组织发起“Operation 99”行动,通过虚假LinkedIn资料瞄准Web3开发者](https://mp.weixin.qq.com/s?__biz=MzA4NTY4MjAyMQ==&mid=2447900117&idx=1&sn=147a51e42956ef762d607ad4db560f1b) + - [ ] [红包封面免费领](https://mp.weixin.qq.com/s?__biz=MzA4NTY4MjAyMQ==&mid=2447900116&idx=1&sn=6a902bce7b923dcbb6d636c0bd33e2c7) + - [ ] [福利!免费商用,1500+组件低代码工业数据连接及可视化平台](https://mp.weixin.qq.com/s?__biz=MjM5OTA4MzA0MA==&mid=2454936685&idx=1&sn=c2daf9fcc60bce9090096a88fc9bc122) + - [ ] [转储LSASS内存的强大神器](https://mp.weixin.qq.com/s?__biz=MzkyNzIxMjM3Mg==&mid=2247489037&idx=1&sn=690f85a085d60322cbdef81ea014958a) + - [ ] [小事](https://mp.weixin.qq.com/s?__biz=MzkyNzIxMjM3Mg==&mid=2247489037&idx=2&sn=6baba774e15189c2118e75a96615ba4a) + - [ ] [Wireshark Troubleshooting 系列合集目录](https://mp.weixin.qq.com/s?__biz=MzA5NTUxODA0OA==&mid=2247493128&idx=1&sn=027c2d79a975850f77ba85e1c7325e23) + - [ ] [网安之道](https://mp.weixin.qq.com/s?__biz=MzAwMjQ2NTQ4Mg==&mid=2247496713&idx=1&sn=f99ce8d0ff597b9725371ec789d1627d) + - [ ] [国自然中标真不难!十年评审专家1v1精修你的本子,中标率提升58%](https://mp.weixin.qq.com/s?__biz=MzAwMjQ2NTQ4Mg==&mid=2247496713&idx=2&sn=5123c0c462454c69a097d5c90b01ac29) + - [ ] [云计算与零信任架构的结合:实现更高安全性](https://mp.weixin.qq.com/s?__biz=MzkxNjU2NjY5MQ==&mid=2247509854&idx=1&sn=c873f0835b8ef33b4e64f63598b41c66) + - [ ] [Go shellcode加载器 免杀火绒 360核晶等主流杀软](https://mp.weixin.qq.com/s?__biz=MzU5MjgwMDg1Mg==&mid=2247484753&idx=1&sn=b8aa28771e6ca5e4ac83058d2a8f18cb) + - [ ] [小年至,归期近;有安全,更团圆。](https://mp.weixin.qq.com/s?__biz=MjM5NzA3Nzg2MA==&mid=2649870812&idx=1&sn=422066cfd72bd12d7ff94673d46c0035) + - [ ] [互联网大厂黑话指南(速成版)](https://mp.weixin.qq.com/s?__biz=MzI1NzI5NDM4Mw==&mid=2247498587&idx=1&sn=f7b972440193d95d234bd9e501fad124) + - [ ] [十强!威努特斩获2024年网络安全优秀评选三项大奖](https://mp.weixin.qq.com/s?__biz=MzAwNTgyODU3NQ==&mid=2651130654&idx=1&sn=72ece0485d56a8dbc791b20108f0943c) + - [ ] [MySQL数据误删的恢复分享](https://mp.weixin.qq.com/s?__biz=Mzg3NTU3NTY0Nw==&mid=2247489522&idx=1&sn=b85a0e1b057a832db9ec56399cc6439f) + - [ ] [先向下扎根,再向上生长](https://mp.weixin.qq.com/s?__biz=MzU4NjY3OTAzMg==&mid=2247514862&idx=1&sn=6c93e8560b7d557a43c0f9b7263d6dd0) + - [ ] [全球瞭望|网络安全重大事件精选](https://mp.weixin.qq.com/s?__biz=MzU4NjY3OTAzMg==&mid=2247514862&idx=2&sn=bcdf5e64844202a08a115bfeadb0c886) + - [ ] [JWT原理及利用](https://mp.weixin.qq.com/s?__biz=Mzg5MDgzOTk2Mg==&mid=2247484651&idx=1&sn=9cd5604806e7af154fa2c88241523b12) + - [ ] [一些木马反制技巧](https://mp.weixin.qq.com/s?__biz=MzkwMzMwODg2Mw==&mid=2247510449&idx=1&sn=954231b814fb3c633b2bac2dc12665b3) + - [ ] [漏洞预警 | 叁拾叁OA SQL注入漏洞](https://mp.weixin.qq.com/s?__biz=MzkwMTQ0NDA1NQ==&mid=2247492118&idx=2&sn=0cc8d46b2006a58fe76e0aceeec3f5e3) + - [ ] [工具 | proxypin](https://mp.weixin.qq.com/s?__biz=MzkwMTQ0NDA1NQ==&mid=2247492118&idx=4&sn=6d72cbe7b6abd76539ff4b90c246e621) + - [ ] [载誉前行|天地和兴荣膺CCIA年度先进会员单位](https://mp.weixin.qq.com/s?__biz=MjM5Mzk0MDE2Ng==&mid=2649608840&idx=1&sn=822e24931c6b118b52381dd6a0725082) + - [ ] [2024年度网络安全漏洞威胁态势研究报告](https://mp.weixin.qq.com/s?__biz=MjM5OTk4MDE2MA==&mid=2655264326&idx=2&sn=edd9feb6f1f3d5fb7467e5a4a1bc8ea3) + - [ ] [网络弹性评价流程](https://mp.weixin.qq.com/s?__biz=MjM5OTk4MDE2MA==&mid=2655264326&idx=3&sn=0064271e80a9c395235db44394646be4) + - [ ] [网络与数据安全治理前沿洞察(2025年第1期)](https://mp.weixin.qq.com/s?__biz=MjM5OTk4MDE2MA==&mid=2655264326&idx=4&sn=972c2472a69641e01ab75dec91607976) + - [ ] [2025年低空经济未来发展趋势分析](https://mp.weixin.qq.com/s?__biz=MjM5OTk4MDE2MA==&mid=2655264326&idx=5&sn=c695125ae9234c1bbee0ab30a82644fe) + - [ ] [GB∕T 44778-2024 汽车诊断接口信息安全技术要求及试验方法](https://mp.weixin.qq.com/s?__biz=MjM5OTk4MDE2MA==&mid=2655264326&idx=8&sn=828ad37f9e1fecb482a24e86e66fea7b) + - [ ] [HSQLDB 安全测试指南](https://mp.weixin.qq.com/s?__biz=MzkxNjMwNDUxNg==&mid=2247487207&idx=2&sn=627d12dc6ee86ec6a128d2c4d24e2024) + - [ ] [RPA在电力行业中的应用](https://mp.weixin.qq.com/s?__biz=MjM5NTk5Mjc4Mg==&mid=2655222700&idx=1&sn=135b0046a01810bcbeed431638cb4038) + - [ ] [Any-Reader:把你的VSCode变成摸鱼娱乐中心!](https://mp.weixin.qq.com/s?__biz=MzA4MjkzMTcxMg==&mid=2449046750&idx=1&sn=8520440de7e2c9aa42cf4933b5394a43) + - [ ] [2024年度漏洞态势大揭秘:你的网络安全防线还稳固吗?(附下载)](https://mp.weixin.qq.com/s?__biz=MzkyODY5ODAyOA==&mid=2247489419&idx=1&sn=27d48e4898f7de1f017a5a7bc5bc6a4e) + - [ ] [13,000个MikroTik路由器因恶意垃圾邮件和网络攻击被僵尸网络劫持](https://mp.weixin.qq.com/s?__biz=MzA4MzMzOTQ4Mw==&mid=2453672513&idx=1&sn=955e9169d886553304f98bc40ed4718e) + - [ ] [暗网情报:高价Rust反向Shell-美ISP和网络设备制造商网络访问权限](https://mp.weixin.qq.com/s?__biz=MzkyMjQ5ODk5OA==&mid=2247506983&idx=1&sn=2130ab0ccce5bafd3881b7e250b88caa) + - [ ] [5th域安全微讯早报【20250122】019期](https://mp.weixin.qq.com/s?__biz=MzkyMjQ5ODk5OA==&mid=2247506983&idx=2&sn=0327ca894b9af92ef9b7122f7e70a205) + - [ ] [今日直播课程(ISO/IEC 27001),敬请您关注](https://mp.weixin.qq.com/s?__biz=MzA5OTEyNzc1Nw==&mid=2247486014&idx=1&sn=f9a261134b643ac91d42ec2d51189828) + - [ ] [ISO 14001: 2015 标准详解与实施(20)9.1.1 总则](https://mp.weixin.qq.com/s?__biz=MzA5OTEyNzc1Nw==&mid=2247486014&idx=2&sn=51c00f82998000dfcbb64df3898c9de4) + - [ ] [“间谍”正在潜入你的手机](https://mp.weixin.qq.com/s?__biz=Mzg5OTg5OTI1NQ==&mid=2247489786&idx=1&sn=4b1c4df2d56e34fa521c69996bf42e3f) + - [ ] [黑客团伙IntelBroker声称已窃取HPE内部机密数据 后者表示正在调查](https://mp.weixin.qq.com/s?__biz=MzkxNTI2NTQxOA==&mid=2247496070&idx=1&sn=2336cc68b4e452a35795193173f98854) + - [ ] [一图读懂《关于加强极端场景应急通信能力建设的意见》](https://mp.weixin.qq.com/s?__biz=MzkxNTI2NTQxOA==&mid=2247496070&idx=2&sn=d0fa64e3e92467220eb923a4612e7960) + - [ ] [【神兵利器】JAVA JMX漏洞综合利用工具](https://mp.weixin.qq.com/s?__biz=Mzg4MTU4NTc2Nw==&mid=2247495179&idx=1&sn=0d366655fb6bb139775fc4d4fe333652) + - [ ] [JBoss 4.x JBossMQ JMS反序列化](https://mp.weixin.qq.com/s?__biz=Mzg4MTU4NTc2Nw==&mid=2247495179&idx=2&sn=dce36e9b572732a9fddfa1774bcea24c) + - [ ] [ViewState反序列化漏洞详解](https://mp.weixin.qq.com/s?__biz=Mzg2MzkwNDU1Mw==&mid=2247485410&idx=1&sn=c516da4c5bcf9729e270e70dc0c6e61d) + - [ ] [linux清除了文件没有释放空间](https://mp.weixin.qq.com/s?__biz=Mzg2MzkwNDU1Mw==&mid=2247485410&idx=2&sn=673b6d7c7ff6b3a511f79a660b138423) + - [ ] [什么是零信任:安全性、原则和架构](https://mp.weixin.qq.com/s?__biz=MzA5MzU5MzQzMA==&mid=2652114149&idx=1&sn=e6c11500191f7d8bb8a004604a2c5561) + - [ ] [秦安:新华社喜气洋洋点评,小红书需发挥主体作用,接住泼天富贵](https://mp.weixin.qq.com/s?__biz=MzA5MDg1MDUyMA==&mid=2650476271&idx=1&sn=580c4508bc163041823038ad9e920e68) + - [ ] [喜报!炼石荣获中国计算机行业协会网数专委“卓越贡献奖”](https://mp.weixin.qq.com/s?__biz=MzkyNzE5MDUzMw==&mid=2247568825&idx=1&sn=f8e52c6a4464aec5ef8f1fb39f02e04b) + - [ ] [如何构建混合云环境下的信息安全策略?](https://mp.weixin.qq.com/s?__biz=Mzg4NDc0Njk1MQ==&mid=2247487177&idx=1&sn=809cff24a1b39067a2dbd6d345853a90) + - [ ] [云安全中的共享责任模型:企业与云服务商的界限](https://mp.weixin.qq.com/s?__biz=Mzg4NDc0Njk1MQ==&mid=2247487177&idx=2&sn=7113ff3d04b276d919b4dc008991e0f4) + - [ ] [TangGo:国产化的综合能手](https://mp.weixin.qq.com/s?__biz=MzkzNzg3NzQxMQ==&mid=2247485695&idx=1&sn=2fc7154d71582d71208ba945e123238a) + - [ ] [AWS 云安全面试准备:10 个重要的 DevOps 概念](https://mp.weixin.qq.com/s?__biz=MzkyODYwODkyMA==&mid=2247484996&idx=1&sn=4615303b13ce5abb344738596185350e) + - [ ] [新春福利已就位,海量奖品疯狂来袭!](https://mp.weixin.qq.com/s?__biz=MzAwMDQwNTE5MA==&mid=2650247705&idx=1&sn=36ed81f86ac26ed621bcaeea900677ad) + - [ ] [所有的网站都需要办理ICP备案?](https://mp.weixin.qq.com/s?__biz=MzI4NzA1Nzg5OA==&mid=2247485681&idx=1&sn=fa6e7bd1383473df5734f103139557e7) + - [ ] [分享图片](https://mp.weixin.qq.com/s?__biz=MzI3Njc1MjcxMg==&mid=2247494307&idx=1&sn=47e335541d5c4fa8e74793af9324e019) + - [ ] [全新视频系列《实战源码审计》](https://mp.weixin.qq.com/s?__biz=Mzg4MzkwNzI1OQ==&mid=2247485719&idx=1&sn=4b3339a03f1b67424f469e8d1b72bdcf) + - [ ] [OWASP 2025年十大漏洞–被利用/发现的最严重漏洞](https://mp.weixin.qq.com/s?__biz=MzA5MzU5MzQzMA==&mid=2652114147&idx=1&sn=257856caede83532d8fbbbbaa718c6be) + - [ ] [126个Linux内核漏洞可让攻击者利用78个 Linux子系统](https://mp.weixin.qq.com/s?__biz=MzA5MzU5MzQzMA==&mid=2652114147&idx=2&sn=0ec2b581bd93714c8ff60c69bcc70f8b) + - [ ] [工具推荐 | 内网渗透敏感信息搜索神器](https://mp.weixin.qq.com/s?__biz=MzkwNjczOTQwOA==&mid=2247493961&idx=1&sn=fd35d4a8a05cae420fa700b36125f0d2) + - [ ] [网络空间测绘 -- ScopeSentry(V1.5.4)](https://mp.weixin.qq.com/s?__biz=MzI4MDQ5MjY1Mg==&mid=2247515682&idx=1&sn=7012ed1bd01016412f4a2ac7075c393c) + - [ ] [第6天:基础入门-抓包技术&HTTPS协议&APP&小程序&PC应用&WEB&转发联动](https://mp.weixin.qq.com/s?__biz=MzI4MDQ5MjY1Mg==&mid=2247515682&idx=2&sn=b88c75c1bbebb784ce683d00c4f1c092) + - [ ] [攻防靶场(47):一个dirsearch的坑 Katana](https://mp.weixin.qq.com/s?__biz=MzI0NjA3Mzk2NQ==&mid=2247495899&idx=1&sn=1dba3bd5431bcf4961d53a9827d4d6ef) + - [ ] [安卓逆向2025 -- Frida学习之hook案例(七)](https://mp.weixin.qq.com/s?__biz=MzA4MzgzNTU5MA==&mid=2652037569&idx=1&sn=812d974c4ebdf4db2b99edb6a227a060) + - [ ] [1Scan一键渗透扫描器|漏洞探测](https://mp.weixin.qq.com/s?__biz=Mzg3ODE2MjkxMQ==&mid=2247489961&idx=1&sn=f40f050019a99e6f65fa036bc9a7da16) + - [ ] [春节快到了,来!一起学习春节反诈常识](https://mp.weixin.qq.com/s?__biz=Mzg2NjY2MTI3Mg==&mid=2247498296&idx=1&sn=20ac1bcef2bd187c39d60b04f7d58bff) + - [ ] [泛微e-office 11.0 RCE](https://mp.weixin.qq.com/s?__biz=MzU2NDY2OTU4Nw==&mid=2247518417&idx=1&sn=c64f9f43e83925e92db0882d722b0d76) +- 安全客-有思想的安全新媒体 + - [ ] [最高级!360获评工信部CAPPVD“三星技术支撑单位”称号](https://www.anquanke.com/post/id/303728) + - [ ] [cve-2024-12857: AdForest 主题中的关键漏洞允许完全接管帐户,数千网站面临风险](https://www.anquanke.com/post/id/303725) + - [ ] [新型 Mirai 变种 Murdoc_Botnet 通过物联网漏洞发起 DDoS 攻击](https://www.anquanke.com/post/id/303722) + - [ ] [2024年,Redline、Vidar和Raccoon恶意软件窃取了10亿个密码](https://www.anquanke.com/post/id/303719) + - [ ] [CVE-2025-21298 检测: Microsoft Outlook 中的严重零点击 OLE 漏洞会导致远程代码执行](https://www.anquanke.com/post/id/303716) + - [ ] [Bitbucket 服务因全球大停机而“严重瘫痪”](https://www.anquanke.com/post/id/303713) + - [ ] [假冒的 Homebrew Google 广告以恶意软件为目标的 Mac 用户](https://www.anquanke.com/post/id/303710) + - [ ] [Cloudflare 缓解了破纪录的 5.6 Tbps DDoS 攻击](https://www.anquanke.com/post/id/303707) + - [ ] [”偷偷摸摸的日志“微软欺骗计划避开了双因素安全系统](https://www.anquanke.com/post/id/303704) + - [ ] [前中情局分析员承认泄露绝密文件罪](https://www.anquanke.com/post/id/303701) +- Tenable Blog + - [ ] [Oracle January 2025 Critical Patch Update Addresses 186 CVEs](https://www.tenable.com/blog/oracle-january-2025-critical-patch-update-addresses-186-cves) +- Trustwave Blog + - [ ] [Trustwave SpiderLabs: Ransomware Attacks Against the Energy and Utilities Sector Up 80%](https://www.trustwave.com/en-us/resources/blogs/trustwave-blog/trustwave-spiderlabs-ransomware-attacks-against-the-energy-and-utilities-sector-up-80-percent/) +- obaby@mars + - [ ] [小年 — 这真的就要过年了?](https://h4ck.org.cn/2025/01/19030) +- 安全脉搏 + - [ ] [记一次有点抽象的渗透经历](https://www.secpulse.com/archives/205044.html) + - [ ] [CVE复现之老洞新探(CVE-2021-3156)](https://www.secpulse.com/archives/205000.html) + - [ ] [在一次渗透中学会编写Tamper脚本](https://www.secpulse.com/archives/205058.html) +- CXSECURITY Database RSS Feed - CXSecurity.com + - [ ] [Cleo LexiCom / VLTrader / Harmony 5.8.0.23 Remote Code Execution](https://cxsecurity.com/issue/WLB-2025010023) + - [ ] [Ivanti Buffer Overflow Proof of Concept](https://cxsecurity.com/issue/WLB-2025010022) + - [ ] [LibreNMS Authenticated RCE](https://cxsecurity.com/issue/WLB-2025010021) +- Security Boulevard + - [ ] [UK Mail Check: DMARC Reporting Changes to Know](https://securityboulevard.com/2025/01/uk-mail-check-dmarc-reporting-changes-to-know/) + - [ ] [DEF CON 32 – The Village Peoples’ Panel What Really Goes On In A Village](https://securityboulevard.com/2025/01/def-con-32-the-village-peoples-panel-what-really-goes-on-in-a-village/) + - [ ] [Life in the Swimlane with Marian Fehrenbacher, HR Assistant & Office Manager](https://securityboulevard.com/2025/01/life-in-the-swimlane-with-marian-fehrenbacher-hr-assistant-office-manager/) + - [ ] [Google Cloud Security Threat Horizons Report #11 Is Out!](https://securityboulevard.com/2025/01/google-cloud-security-threat-horizons-report-11-is-out/) + - [ ] [Randall Munroe’s XKCD ‘Human Altitude’](https://securityboulevard.com/2025/01/randall-munroes-xkcd-human-altitude/) + - [ ] [Filtered to Perfection: Votiro’s Two-Layer Approach to Cybersecurity](https://securityboulevard.com/2025/01/filtered-to-perfection-votiros-two-layer-approach-to-cybersecurity/) + - [ ] [Entra Connect Attacker Tradecraft: Part 2](https://securityboulevard.com/2025/01/entra-connect-attacker-tradecraft-part-2/) + - [ ] [Rethinking Credential Security](https://securityboulevard.com/2025/01/rethinking-credential-security/) + - [ ] [DEF CON 32 – UDSonCAN Attacks Discovering Safety Critical Risks By Fuzzing](https://securityboulevard.com/2025/01/def-con-32-udsoncan-attacks-discovering-safety-critical-risks-by-fuzzing/) + - [ ] [How to Handle Secrets at the Command Line [cheat sheet included]](https://securityboulevard.com/2025/01/how-to-handle-secrets-at-the-command-line-cheat-sheet-included/) - 一个被知识诅咒的人 - - [ ] [【Python运维】Python与网络监控:如何编写网络探测与流量分析工具](https://blog.csdn.net/nokiaguy/article/details/145281157) - - [ ] [【人工智能】Python实战:构建高效的多任务学习模型](https://blog.csdn.net/nokiaguy/article/details/145281118) -- paper - Last paper - - [ ] [盘点 2024 年备受关注的那些高风险漏洞](https://paper.seebug.org/3268/) - - [ ] [Love and hate under war: The GamaCopy organization, which imitates the Russian Gamaredon, uses military - related bait to launch attacks on Russia](https://paper.seebug.org/3270/) -- Twitter @bytehx - - [ ] [RT zhero;: very pleased to announce the release of my new article based on my research that led to CVE-2024-46982 titled: Next.js, cache, and chains: ...](https://x.com/bytehx343/status/1881775443810152497) - - [ ] [Thanks @SynackRedTeam 🥳](https://x.com/bytehx343/status/1881743935749660919) - - [ ] [Re @drak3hft7 @yeswehack](https://x.com/bytehx343/status/1881715373604745365) - - [ ] [Re @RootxRavi @intigriti thank you!](https://x.com/bytehx343/status/1881714645335249267) - - [ ] [Just scored a reward @intigriti, check my profile: https://app.intigriti.com/profile/bytehx #HackWithIntigriti](https://x.com/bytehx343/status/1881713215970955450) - - [ ] [Re @YoyoDavelion @yeswehack Congrats!](https://x.com/bytehx343/status/1881712949141917968) - - [ ] [Re @RootxRavi @intigriti Thank you!🥳](https://x.com/bytehx343/status/1881701312028614748) - - [ ] [Re @_justYnot @intigriti Thank you!🥳](https://x.com/bytehx343/status/1881701300687274145) - - [ ] [Re @ce_automne @intigriti should try it!](https://x.com/bytehx343/status/1881688650129506316) + - [ ] [【Python运维】Python与Terraform结合:实现云基础设施的自动化部署](https://blog.csdn.net/nokiaguy/article/details/145305290) + - [ ] [Python自动化运维:一键掌控服务器的高效之道](https://blog.csdn.net/nokiaguy/article/details/145305263) - SpiderLabs Blog - - [ ] [The New Face of Ransomware: Key Players and Emerging Tactics of 2024](https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/the-new-face-of-ransomware-key-players-and-emerging-tactics-of-2024/) -- Private Feed for M09Ic - - [ ] [mgeeky starred LuemmelSec/APEX](https://github.com/LuemmelSec/APEX) - - [ ] [praetorian-inc made praetorian-inc/noseyparkerexplorer public](https://github.com/praetorian-inc/noseyparkerexplorer) - - [ ] [mgeeky starred zodiacon/youtubecode](https://github.com/zodiacon/youtubecode) - - [ ] [zema1 starred MaorSabag/interactive-execute-shellcode](https://github.com/MaorSabag/interactive-execute-shellcode) - - [ ] [zer0yu started following BlackFan](https://github.com/BlackFan) - - [ ] [zer0yu started following Patrick-DE](https://github.com/Patrick-DE) - - [ ] [zer0yu starred bodo-run/yek](https://github.com/bodo-run/yek) - - [ ] [zer0yu started following reddelexc](https://github.com/reddelexc) - - [ ] [zema1 starred 0xEr3bus/PoolPartyBof](https://github.com/0xEr3bus/PoolPartyBof) - - [ ] [h3zh1 pushed to dev in chainreactors/malice-network](https://github.com/chainreactors/malice-network/compare/5527b594d0...8431efeb36) - - [ ] [huoji120 starred vmcall/nt-mapper](https://github.com/vmcall/nt-mapper) - - [ ] [CHYbeta starred convisolabs/rails_arb_file_write_bootsnap](https://github.com/convisolabs/rails_arb_file_write_bootsnap) - - [ ] [CHYbeta starred polyxss/bxss](https://github.com/polyxss/bxss) - - [ ] [zer0yu starred deepseek-ai/DeepSeek-R1](https://github.com/deepseek-ai/DeepSeek-R1) - - [ ] [safedv starred FalconForceTeam/bof-winrm-client](https://github.com/FalconForceTeam/bof-winrm-client) - - [ ] [CHYbeta starred KTH-LangSec/silent-spring](https://github.com/KTH-LangSec/silent-spring) - - [ ] [safedv starred gtworek/PSBits](https://github.com/gtworek/PSBits) - - [ ] [niudaii starred LandGrey/domainNamePredictor](https://github.com/LandGrey/domainNamePredictor) - - [ ] [niudaii starred AlephNullSK/dnsgen](https://github.com/AlephNullSK/dnsgen) - - [ ] [zema1 starred sonodima/microseh](https://github.com/sonodima/microseh) - - [ ] [0xbug starred temporalio/temporal](https://github.com/temporalio/temporal) - - [ ] [Wh0ale starred wux1an/wxapkg](https://github.com/wux1an/wxapkg) -- Reverse Engineering - - [ ] [Denuvo Analysis](https://www.reddit.com/r/ReverseEngineering/comments/1i6up0s/denuvo_analysis/) - - [ ] [Reverse Engineering Call Of Duty Anti-Cheat](https://www.reddit.com/r/ReverseEngineering/comments/1i68o2q/reverse_engineering_call_of_duty_anticheat/) - - [ ] [HAAA hello guys can someone help me with reverse chal ? like i'm strugleling too much rn pls](https://www.reddit.com/r/ReverseEngineering/comments/1i6uqbq/haaa_hello_guys_can_someone_help_me_with_reverse/) -- blog.avast.com EN - - [ ] [Start the year by protecting your privacy— A stalkerware quick check](https://blog.avast.com/start-the-year-by-protecting-your-privacy-a-stalkerware-quick-check) -- Bug Bounty in InfoSec Write-ups on Medium - - [ ] [WIFI Hacking , user and password hacking [How hackers get Password of any wifi network]](https://infosecwriteups.com/wifi-hacking-user-and-password-hacking-how-hackers-get-password-of-any-wifi-network-015ae6575bed?source=rss----7b722bfd1b8d--bug_bounty) - - [ ] [Found HTML Injection in Emails! Earned HOF](https://infosecwriteups.com/found-html-injection-in-emails-earned-hof-24a8a8223f29?source=rss----7b722bfd1b8d--bug_bounty) + - [ ] [Trustwave SpiderLabs 2025 Trustwave Risk Radar Report: Energy and Utilities Sector](https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/trustwave-spiderlabs-2025-trustwave-risk-radar-report-energy-and-utilities-sector/) +- Horizon3.ai + - [ ] [Identify Cybersecurity Risks at Scale to De-Risk M&A Transactions with Horizon3.ai’s NodeZero® Platform](https://go.horizon3.ai/MandA_UseCase#new_tab) + - [ ] [Horizon3.ai Expands on Disruptive Value of Autonomous Penetration Testing for Security Teams Worldwide](https://www.businesswire.com/news/home/20250122764892/en/Horizon3.ai-Expands-on-Disruptive-Value-of-Autonomous-Penetration-Testing-for-Security-Teams-Worldwide#new_tab) + - [ ] [9 Essential Questions to Ask When Evaluating Pentesting Solutions](https://www.horizon3.ai/intelligence/blogs/9-essential-questions-to-ask-when-evaluating-pentesting-solutions/) - Malwarebytes - - [ ] [AI tool GeoSpy analyzes images and identifies locations in seconds](https://www.malwarebytes.com/blog/news/2025/01/ai-tool-geospy-analyzes-images-and-identifies-locations-in-seconds) -- Microsoft Security Response Center - - [ ] [Scaling Dynamic Application Security Testing (DAST)](https://msrc.microsoft.com/blog/2025/01/scaling-dynamic-application-security-testing-dast/) -- Webroot Blog - - [ ] [Why MSPs need proactive, 24/7 threat hunting](https://www.webroot.com/blog/2025/01/21/why-msps-need-proactive-24-7-threat-hunting/) -- FreeBuf网络安全行业门户 - - [ ] [新的AI安全在2025年正对CISO及其团队构成挑战](https://www.freebuf.com/news/420445.html) - - [ ] [SUSE发布重要补丁:保护系统免受CVE-2025-21613攻击](https://www.freebuf.com/articles/420421.html) - - [ ] [Shiro CVE-2020-17510 路径绕过](https://www.freebuf.com/vuls/420408.html) - - [ ] [梅赛德斯—奔驰信息娱乐系统漏洞详细信息披露](https://www.freebuf.com/articles/420410.html) - - [ ] [FreeBuf早报 | 中国与多国联合解救7万电诈受害者;德国驻美大使密电遭到泄露](https://www.freebuf.com/news/420399.html) - - [ ] [2024年近2亿人受影响,美国医疗成重点攻击目标](https://www.freebuf.com/news/420391.html) - - [ ] [2025 OWASP十大安全漏洞](https://www.freebuf.com/news/420401.html) - - [ ] [420万主机暴露,含VPN和路由器](https://www.freebuf.com/news/420386.html) - - [ ] [新型僵尸网络正对路由器、摄像头等设备发起大规模DDoS攻击](https://www.freebuf.com/news/420383.html) -- Wallarm - - [ ] [API Security’s Role in Responsible AI Deployment](https://lab.wallarm.com/api-securitys-role-in-responsible-ai-deployment/) -- Dhole Moments - - [ ] [Too Many People Don’t Value the Time of Security Researchers](https://soatok.blog/2025/01/21/too-many-people-dont-value-the-time-of-security-researchers/) -- 奇客Solidot–传递最新科技情报 - - [ ] [北京将举办首届人机马拉松](https://www.solidot.org/story?sid=80390) - - [ ] [干旱愈来愈严重愈来愈频繁](https://www.solidot.org/story?sid=80388) - - [ ] [愈来愈多的美国青少年使用 ChatGPT 完成作业](https://www.solidot.org/story?sid=80387) - - [ ] [Paul Allen 诞辰 72 周年](https://www.solidot.org/story?sid=80386) - - [ ] [孕妇的脑灰质在孕期发生变化](https://www.solidot.org/story?sid=80385) - - [ ] [佳能的直播应用不支持佳能摄像机](https://www.solidot.org/story?sid=80384) - - [ ] [华为 2024 年手机出货量增长 50%](https://www.solidot.org/story?sid=80383) + - [ ] [7-Zip bug could allow a bypass of a Windows security feature. Update now](https://www.malwarebytes.com/blog/news/2025/01/7-zip-bug-could-allow-a-bypass-of-a-windows-security-feature-update-now) +- PortSwigger Research + - [ ] [Stealing HttpOnly cookies with the cookie sandwich technique](https://portswigger.net/research/stealing-httponly-cookies-with-the-cookie-sandwich-technique) +- Twitter @bytehx + - [ ] [I earned $$$ for my submission on @bugcrowd https://bugcrowd.com/bytehx #ItTakesACrowd](https://x.com/bytehx343/status/1882032367206060197) + - [ ] [Just got a reward for a vulnerability submitted on @yeswehack -- Acceptance of Extraneous Untrusted Data With Trusted Data - Cache Poisoning (CWE-349)...](https://x.com/bytehx343/status/1882032146376004006) + - [ ] [Re @_justYnot Happy Birthday 🎉🎊🎉](https://x.com/bytehx343/status/1881888985657770380) +- Intigriti + - [ ] [Unwavering support: Your bug bounty journey, our priority](https://www.intigriti.com/blog/business-insights/unwavering-support-your-bug-bounty-journey-our-priority) +- 安全牛 + - [ ] [《Agentic AI安全技术应用报告(2025版)》调研启动](https://mp.weixin.qq.com/s?__biz=MjM5Njc3NjM4MA==&mid=2651134812&idx=1&sn=560db2a85bcb9df872bc7c83e28d37e0&chksm=bd15ab8f8a6222990be11fb64472a9f9dbdfe32284261408fe230c6c72b2425eabc90345f991&scene=58&subscene=0#rd) + - [ ] [特朗普推翻拜登人工智能行政命令;警惕!勒索软件团伙滥用微软Teams发起攻击 | 牛览](https://mp.weixin.qq.com/s?__biz=MjM5Njc3NjM4MA==&mid=2651134812&idx=2&sn=1644fdd615891c190020e26e48734279&chksm=bd15ab8f8a62229945c2a446ad5f94a740189be7bde929cd002d7b0d2cf230da898fbb608135&scene=58&subscene=0#rd) +- 体验盒子 + - [ ] [vscode运行flutter项目ios真机](https://www.uedbox.com/post/119313/) +- HackerNews + - [ ] [7-Zip 修复绕过 Windows MoTW 安全警告的漏洞,应立即升级到24.09版](https://hackernews.cc/archives/57033) + - [ ] [乌克兰计算机应急响应小组警告:假冒 AnyDesk 请求的网络诈骗](https://hackernews.cc/archives/57031) + - [ ] [PNGPlug 加载器通过假冒软件安装程序传播 ValleyRAT 恶意软件](https://hackernews.cc/archives/57029) + - [ ] [13000 台 MikroTik 路由器被僵尸网络劫持,用于恶意软件传播和网络攻击](https://hackernews.cc/archives/57027) + - [ ] [Mirai 变种 Murdoc Botnet 利用 AVTECH IP 摄像头和华为路由器的安全漏洞](https://hackernews.cc/archives/57025) - 绿盟科技技术博客 - - [ ] [【漏洞通告】MongoDB Mongoose搜索注入漏洞(CVE-2025-23061)](https://blog.nsfocus.net/cve-2025-23061/) -- rtl-sdr.com - - [ ] [CCC Conference Talk: BlinkenCity – Radio-Controlling Street Lamps and Power Plants](https://www.rtl-sdr.com/ccc-conference-talk-blinkencity-radio-controlling-street-lamps-and-power-plants/) -- 奇安信 CERT - - [ ] [年度报告 | 2024年应该知道的漏洞都在这了!](https://mp.weixin.qq.com/s?__biz=MzU5NDgxODU1MQ==&mid=2247502937&idx=1&sn=c80cc1036d35183287d46040fa66d3f2&chksm=fe79e8c1c90e61d7169d6a42f15d0c02941c362881e765d760f9c7317c8bd10f66e565995bb1&scene=58&subscene=0#rd) + - [ ] [【漏洞通告】Oracle WebLogic Server远程代码执行与拒绝服务漏洞(CVE-2025-21535/CVE-2025-21549)](https://blog.nsfocus.net/cve-20cve-2025-21535-cve-2025-21549/) + - [ ] [绿盟威胁情报周报(2025.01.13-2025.01.19)](https://blog.nsfocus.net/2025-01-13-2025-01-19/) +- bishopfox.com + - [ ] [SonicWall CVE-2024-53704: SSL VPN Session Hijacking](https://bishopfox.com/blog/sonicwall-cve-2024-53704-ssl-vpn-session-hijacking) +- 奇客Solidot–传递最新科技情报 + - [ ] [过去一个世纪男性身高体重增长速度两倍于女性](https://www.solidot.org/story?sid=80399) + - [ ] [杭州深度求索发布能挑战 OpenAI o1 的推理模型 DeepSeek R1](https://www.solidot.org/story?sid=80398) + - [ ] [黑猩猩的撒尿行为具有传染性](https://www.solidot.org/story?sid=80397) + - [ ] [耐药菌在乌克兰扩散](https://www.solidot.org/story?sid=80396) + - [ ] [中国 2024 年可更新能源装机容量再创记录](https://www.solidot.org/story?sid=80395) + - [ ] [Wine 10.0 释出](https://www.solidot.org/story?sid=80394) + - [ ] [TikTok 被指限制反特朗普关键词的搜索](https://www.solidot.org/story?sid=80393) + - [ ] [IMDb 创始人卸任 CEO 一职](https://www.solidot.org/story?sid=80392) + - [ ] [特朗普赦免 Ross Ulbricht](https://www.solidot.org/story?sid=80391) - 绿盟科技CERT - - [ ] [【漏洞通告】MongoDB Mongoose搜索注入漏洞(CVE-2025-23061)](https://mp.weixin.qq.com/s?__biz=Mzk0MjE3ODkxNg==&mid=2247488918&idx=1&sn=158d8df04d4080e7902083a76fd24d26&chksm=c2c6429df5b1cb8bc86e5d57a7d589ef30a23ca11cd0bb38269afe2125cd10f152606ce4ea98&scene=58&subscene=0#rd) -- 安全分析与研究 - - [ ] [3CX供应链攻击技术之微软数字签名被滥用技术分析](https://mp.weixin.qq.com/s?__biz=MzA4ODEyODA3MQ==&mid=2247490083&idx=1&sn=ae29cfade8f5828fec4fb779fe5e3c96&chksm=902fb50ba7583c1d446ad0cd9ea3a31505e76942c0c9287c7c7c3d7e34d0a798bdd099c074b4&scene=58&subscene=0#rd) - - [ ] [银狐最新恶意软件进程监控](https://mp.weixin.qq.com/s?__biz=MzA4ODEyODA3MQ==&mid=2247490083&idx=2&sn=c971052a5ec51ffec1e6bfb1c69b14f1&chksm=902fb50ba7583c1d4e3afd61be64e5e3ddea141c398bbbcc30b869212a244246c63a4e11d1d2&scene=58&subscene=0#rd) - - [ ] [D0glun勒索病毒攻击](https://mp.weixin.qq.com/s?__biz=MzA4ODEyODA3MQ==&mid=2247490083&idx=3&sn=fc6500f89b6ce90fdeb832aeeae697db&chksm=902fb50ba7583c1d99359705d89dbc7f7af7e53236a6c19c59716d080ab2d117b07eb1fb23e9&scene=58&subscene=0#rd) -- 威努特安全网络 - - [ ] [连续三年!威努特蝉联中国网络安全产业联盟先进会员单位](https://mp.weixin.qq.com/s?__biz=MzAwNTgyODU3NQ==&mid=2651130566&idx=1&sn=f4bc7206d7fd13bcd1280fca2d9eb1b3&chksm=80e71076b7909960f60ec0b3607c107efc6cec5b40d131a5326a3602ca2f682bf3350ee8e8ed&scene=58&subscene=0#rd) -- 丁爸 情报分析师的工具箱 - - [ ] [【资料】文化情报:美军如何利用国际市场的文化信息来增强情报、监视和侦察(ISR)](https://mp.weixin.qq.com/s?__biz=MzI2MTE0NTE3Mw==&mid=2651148640&idx=1&sn=dc17513401dee2c45789902342664776&chksm=f1af265ac6d8af4c812e62828e8c92434f40dce6e5de5133fecb9e81781ec050209e65fdcfaa&scene=58&subscene=0#rd) -- 梦之光芒的电子梦 - - [ ] [中小企业及创业公司信息安全建设指南](https://mp.weixin.qq.com/s?__biz=MzUyODQ0MTE2MQ==&mid=2247483749&idx=1&sn=762084442aa00a999fea80eed8b17326&chksm=fa710b43cd0682551167008cbc6ab7db1eb041b1a14538e4c7dcb29c786f301a6f39227962f2&scene=58&subscene=0#rd) -- 腾讯玄武实验室 - - [ ] [每日安全动态推送(25/1/21)](https://mp.weixin.qq.com/s?__biz=MzA5NDYyNDI0MA==&mid=2651959999&idx=1&sn=8f2ce3628b9e75bf7e03c60203d88d14&chksm=8baed220bcd95b3648040525b7c86be6aa84e518e42c1e85ed76c7b09ced0d67ea2b5556ece4&scene=58&subscene=0#rd) -- 360漏洞云 - - [ ] [【您有一个礼盒待签收】喜迎2025!开启安全新征程!](https://mp.weixin.qq.com/s?__biz=Mzg5MTc5Mzk2OA==&mid=2247502873&idx=1&sn=ebd51f859ccd1ab589330baec97ab05f&chksm=cfc56b46f8b2e250b48a6df1b45cf1422ffa7dd11cd5aa84dd045c022cac85d538bb7c867c8a&scene=58&subscene=0#rd) - - [ ] [《网信自主创新调研报告》表彰大会召开,360漏洞云获多项荣誉](https://mp.weixin.qq.com/s?__biz=Mzg5MTc5Mzk2OA==&mid=2247502873&idx=2&sn=b244ada36b1a87162f083c5a17af9c04&chksm=cfc56b46f8b2e25026712ae5023c6dc56a4c50092057dd3a58850b41c210c29b5bb60a729b85&scene=58&subscene=0#rd) - - [ ] [蛇年新禧,祥福并济|360漏洞云平台放假公告](https://mp.weixin.qq.com/s?__biz=Mzg5MTc5Mzk2OA==&mid=2247502873&idx=3&sn=ab3d8ccd96f17d0a3040c85d24e35be3&chksm=cfc56b46f8b2e250435ced6a4be9d9a5c5bd4bd692a7fbe65aed030690c7fddd6791331fd27b&scene=58&subscene=0#rd) + - [ ] [【漏洞通告】Oracle WebLogic Server远程代码执行与拒绝服务漏洞](https://mp.weixin.qq.com/s?__biz=Mzk0MjE3ODkxNg==&mid=2247488946&idx=1&sn=64c5620996cc0710ef9e2507f0fc0365&chksm=c2c642b9f5b1cbaf3667d5aae3b668b4e34e0cd89d95893a59c258488748706a1a17b3cd727e&scene=58&subscene=0#rd) +- FreeBuf网络安全行业门户 + - [ ] [威胁者利用Microsoft Teams语音通话传播勒索软件](https://www.freebuf.com/news/420574.html) + - [ ] [美国前中央情报局分析师承认泄露国防信息](https://www.freebuf.com/news/420570.html) + - [ ] [FreeBuf早报 | 特朗普赦免暗网丝绸之路创始人;Microsoft Teams被用于传播勒索软件](https://www.freebuf.com/news/420528.html) + - [ ] [特朗普签署文件,特赦暗网“丝绸之路”创始人](https://www.freebuf.com/news/420526.html) + - [ ] [2025 年 AI 网络安全预测](https://www.freebuf.com/news/420517.html) + - [ ] [勒索软件编年史:从特洛伊到AI多重勒索](https://www.freebuf.com/articles/neopoints/420510.html) + - [ ] [7-Zip高危漏洞,攻击者可绕过安全机制远程执行代码](https://www.freebuf.com/news/420514.html) +- 安全客 + - [ ] [2024年度网络安全政策法规一览](https://mp.weixin.qq.com/s?__biz=MzA5ODA0NDE2MA==&mid=2649787787&idx=1&sn=ee8ea4a11f904302c035eb5170b8891e&chksm=8893bde4bfe434f22e9aa593b236330470621bd35552bc2eb979cb1eb05d055b87e7de1f8bde&scene=58&subscene=0#rd) +- 虎符智库 + - [ ] [厚雪翻长坡,平淡不平凡:2024年网安产业发展态势剖析及2025年趋势展望](https://mp.weixin.qq.com/s?__biz=MzIwNjYwMTMyNQ==&mid=2247492937&idx=1&sn=eac85a2e8d53918cee8a65c4ad935830&chksm=971d884ba06a015d1c88f5e338ffa29adba7552fcc1c63dd404cbab21a6a508226f88500bf16&scene=58&subscene=0#rd) +- 青衣十三楼飞花堂 + - [ ] [你们可以调戏飞花堂了](https://mp.weixin.qq.com/s?__biz=MzUzMjQyMDE3Ng==&mid=2247487930&idx=1&sn=061cb565fbd0b5f0a5d754835656e58f&chksm=fab2d285cdc55b93453c5c4517e23599a8527cb0315540799c22c5ada2b5e5ba6d03d7da885e&scene=58&subscene=0#rd) - 安全内参 - - [ ] [AI助手泄露客户信息,行业软件龙头暂时停用相关功能](https://mp.weixin.qq.com/s?__biz=MzI4NDY2MDMwMw==&mid=2247513551&idx=1&sn=f0edf2e4791fb19bbc7ceede6817e516&chksm=ebfaf2efdc8d7bf942608609b8655044efbc3d34c990d30ca4c705d3f2ce4ac4fbd9dce87622&scene=58&subscene=0#rd) - - [ ] [B站员工植入恶意代码报复用户,官方:漏洞已修补,员工已处罚](https://mp.weixin.qq.com/s?__biz=MzI4NDY2MDMwMw==&mid=2247513551&idx=2&sn=f50c04a1adb0a92b26906f0e29ecabdb&chksm=ebfaf2efdc8d7bf9ab0f5e0cbcbc04e62cceea6c6ef61ed92d88aeb2fc987c5cabce1bd08cec&scene=58&subscene=0#rd) -- 看雪学苑 - - [ ] [反射式注入技术浅析](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458589041&idx=1&sn=d6ac5ccbfd4e3343e192ddbf90411481&chksm=b18c27fb86fbaeed0df1fbadae1c3870a2409d2fb44d1790ecb33e9e6c15a7bf3cca1c2bdf83&scene=58&subscene=0#rd) - - [ ] [B站员工“代码投毒”!滥用职权,用户账号遭恶意封禁](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458589041&idx=2&sn=6763601f189f2c29f48bb63f7333ac4c&chksm=b18c27fb86fbaeedeb7d604cbb8f96598b43254de6a29e2bcc20f721f1d677ac3d0d3ab6ca8e&scene=58&subscene=0#rd) - - [ ] [报名中!即将开班 | 无人机安全攻防入门:从整体架构到漏洞分析](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458589041&idx=3&sn=f23e141f9f2559ffdfdd86d3d8f3ef1f&chksm=b18c27fb86fbaeede1ae14775b2e06f51d9ff39aea062676c42180f7f320b879996baf3f7ff8&scene=58&subscene=0#rd) -- 奇安信威胁情报中心 - - [ ] [【奇安信情报沙箱】警惕伪装为文档的恶意快捷方式(LNK)文件](https://mp.weixin.qq.com/s?__biz=MzI2MDc2MDA4OA==&mid=2247513822&idx=1&sn=9d52dc150c8ee53e3af6d7ae908c596b&chksm=ea6641a9dd11c8bfb5ef721db9b91c0777ce08c04211ac969b6a5cdc765c24b02f6b576a8c15&scene=58&subscene=0#rd) -- Shostack & Friends Blog - - [ ] [Handling Pandemic-Scale Cyber Threats: Lessons from COVID-19](https://shostack.org/blog/pandemic-scale/) -- 知道创宇404实验室 - - [ ] [盘点 2024 年备受关注的那些高风险漏洞](https://mp.weixin.qq.com/s?__biz=MzAxNDY2MTQ2OQ==&mid=2650990290&idx=1&sn=fb9b947f5ea6ca876af9c2159098d8a4&chksm=8079a4e0b70e2df652368fa2253964cd3b67c0ea64d03589c0a70c3560e6fe23ff6337a69fd1&scene=58&subscene=0#rd) + - [ ] [这家IT供应商被黑,导致多地公共服务被迫中断多天](https://mp.weixin.qq.com/s?__biz=MzI4NDY2MDMwMw==&mid=2247513561&idx=1&sn=2796a6ba28137e2416855e83c1d45e5f&chksm=ebfaf2f9dc8d7bef4177fa9314612f542e0997c62ce65bd62a7a54182dfee525e14ce8e1aa10&scene=58&subscene=0#rd) + - [ ] [持续贯彻关基安全!美国运安局延长管道网络安全指令有效期](https://mp.weixin.qq.com/s?__biz=MzI4NDY2MDMwMw==&mid=2247513561&idx=2&sn=815ef59fe9fe66e6e8be342a53433267&chksm=ebfaf2f9dc8d7befc4b6c6c02e08010a0431501f361b43e8f5d4bfc2c386251fdb1bd8623e09&scene=58&subscene=0#rd) +- 丁爸 情报分析师的工具箱 + - [ ] [【技巧】开源情报(OSINT):套接字理论(Socket Theory)情报分析师如何更好隐藏自己](https://mp.weixin.qq.com/s?__biz=MzI2MTE0NTE3Mw==&mid=2651148647&idx=1&sn=4df1f367b82341e8c092ea12a7dec4c8&chksm=f1af265dc6d8af4b44f8d605298e979248080faba260608e5337d953231ea561f4d414f69a65&scene=58&subscene=0#rd) +- 威努特安全网络 + - [ ] [十强!威努特斩获2024年网络安全优秀评选三项大奖](https://mp.weixin.qq.com/s?__biz=MzAwNTgyODU3NQ==&mid=2651130654&idx=1&sn=72ece0485d56a8dbc791b20108f0943c&chksm=80e711aeb79098b8a34f63daf9b2d40b35e548f4fb03e44e4e22727512c1edaf44485a832523&scene=58&subscene=0#rd) +- 信安之路 + - [ ] [即使变卖个人资产,也要给大家把工资补上!](https://mp.weixin.qq.com/s?__biz=MzI5MDQ2NjExOQ==&mid=2247499756&idx=1&sn=18d3cb30c32fc3d1c30f8f3e453e08a4&chksm=ec1dcfc4db6a46d24a59b9f5b73d6883c46b004ca97f3e0a2819a832775f00a0690175e9ef33&scene=58&subscene=0#rd) +- 安全学术圈 + - [ ] [期刊征文 | 暗网抑制前沿进展](https://mp.weixin.qq.com/s?__biz=MzU5MTM5MTQ2MA==&mid=2247491610&idx=1&sn=8b6c9caf92435cbd9b76b77686619972&chksm=fe2d1f91c95a9687a5251b386c368783346127d6aa161b3035246676e5d21f1ba3e728035993&scene=58&subscene=0#rd) +- 奇安信 CERT + - [ ] [【已复现】Rsync 堆缓冲区溢出漏洞(CVE-2024-12084)安全风险通告](https://mp.weixin.qq.com/s?__biz=MzU5NDgxODU1MQ==&mid=2247502951&idx=1&sn=09d5b62b3cc3e71fec3a8595f18318a2&chksm=fe79e8ffc90e61e905225d9918798d40f77be91e0a5961c95f1ab8235b4d42623eb0ecca28ad&scene=58&subscene=0#rd) + - [ ] [Oracle 2025年1月补丁日多产品高危漏洞安全风险通告](https://mp.weixin.qq.com/s?__biz=MzU5NDgxODU1MQ==&mid=2247502951&idx=2&sn=21655dd26fe10def4a6c6546fdf240d4&chksm=fe79e8ffc90e61e9fd1b2697f079954e6002507bd3d9fe45bf9331fc3c21481d0b14887ce263&scene=58&subscene=0#rd) +- 腾讯安全威胁情报中心 + - [ ] [游戏辅助的隐藏威胁|传播于游戏论坛的“Catlavan”后门分析报告](https://mp.weixin.qq.com/s?__biz=MzI5ODk3OTM1Ng==&mid=2247510023&idx=1&sn=190730a6182da1469a76c29ec479ae13&chksm=ec9f7174dbe8f86290b0ced6fb6032de62bf76e90dabb9f7bbcb0f264b0d177e146f5c205169&scene=58&subscene=0#rd) - 安全圈 - - [ ] [【安全圈】B站2025年第一个大瓜,“代码投毒”报复用户](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067526&idx=1&sn=c7bb681b7008589588039d0669578174&chksm=f36e7a86c419f390b734807d57bdc26cac9c538f395fdccccc649692191fbcd913aaa5acd8d3&scene=58&subscene=0#rd) - - [ ] [【安全圈】梅赛德斯—奔驰信息娱乐系统漏洞详细信息披露](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067526&idx=2&sn=35fd8cf175959d2493340598399f5c01&chksm=f36e7a86c419f390ae47d611d4f4561da13239e89f5e649487a4ddd152221306aa899f53951d&scene=58&subscene=0#rd) - - [ ] [【安全圈】新型Android恶意软件模仿聊天应用窃取敏感数据](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067526&idx=3&sn=78bd7100124b3e45c47f00500c234a7a&chksm=f36e7a86c419f390eb993a9683d9f515b852c6e83fb5352246a18f8c2e22c3eca2ebdab53a18&scene=58&subscene=0#rd) - - [ ] [【安全圈】OWASP 2025 年十大漏洞 – 被利用/发现的最严重漏洞](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067526&idx=4&sn=b3d1ba063b429d95b1315af7a9713b77&chksm=f36e7a86c419f390195cd33fd72a55eb69f0bae4bcd587dd7e23f6258b3c8848d14b5fba092e&scene=58&subscene=0#rd) -- dotNet安全矩阵 - - [ ] [DCOM 技术内网实战,通过 ExcelDDE 和 ShellBrowserWindow 实现横向移动](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498360&idx=1&sn=8ee091f555c386b755c5300547ac08fe&chksm=fa595495cd2edd832583640b60f915e352d7d6d9eb98f85963e41303ca492d2bcb869dfcdb3b&scene=58&subscene=0#rd) - - [ ] [.NET 内网攻防实战电子报刊](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498360&idx=2&sn=27608f525eba71cd10592eaa56917ce1&chksm=fa595495cd2edd83e0d05a1703cc3febd28d701c9fe96fccc2409724b0dc3de47dc16ec91fe9&scene=58&subscene=0#rd) - - [ ] [.NET 实战中批量获取数据库凭据的工具](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498360&idx=3&sn=05bcdc6edb29b6d41f93a3216197eb95&chksm=fa595495cd2edd83c3ccbc19de1860a86e7eb126a22b71819e2f7841c0ab861fb968ef1d8add&scene=58&subscene=0#rd) + - [ ] [【安全圈】特朗普上任首日,被囚 11 年的丝绸之路创始人获释](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067553&idx=1&sn=bad8f735186597a7ef0a02f03be5d6e4&chksm=f36e7aa1c419f3b781ca98c7976cd5a7773de11683684d499d776e2d152beb4b6d086497c9b5&scene=58&subscene=0#rd) + - [ ] [【安全圈】420万主机暴露,含VPN和路由器](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067553&idx=2&sn=ce83805d756cb11a77b84cb9413465be&chksm=f36e7aa1c419f3b73ed660099b42c7414eb3133abb1020174807cc6d27124906b801371b772d&scene=58&subscene=0#rd) + - [ ] [【安全圈】2024年近2亿人受影响,美国医疗成重点攻击目标](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067553&idx=3&sn=126c3fc5cb7d6a7dc18e3e9a213e8170&chksm=f36e7aa1c419f3b73f5070ef02018ac480c01ce4abcf00f26ead2c9550281e5931adb0e75eec&scene=58&subscene=0#rd) + - [ ] [【安全圈】7-Zip 漏洞可让远程攻击者绕过保护并执行任意代码](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067553&idx=4&sn=2c06e2c2a5011eb86894033a1e6c41fc&chksm=f36e7aa1c419f3b7663e1033a2b71bafbadf19c12ebb839d8cc5c2a954da81be8f83c2a04925&scene=58&subscene=0#rd) - 信息安全国家工程研究中心 - - [ ] [《公共数据资源登记管理暂行办法》公布,3月1日起施行](https://mp.weixin.qq.com/s?__biz=MzU5OTQ0NzY3Ng==&mid=2247498746&idx=1&sn=f526aba50f7d3765f6608b80012a38f1&chksm=feb67ae9c9c1f3fffd632db66d26d7b874760f3607f8a48be8e82be40eeb32a9b87c6e333312&scene=58&subscene=0#rd) - - [ ] [一图读懂 | 关于完善数据流通安全治理 更好促进数据要素市场化价值化的实施方案](https://mp.weixin.qq.com/s?__biz=MzU5OTQ0NzY3Ng==&mid=2247498746&idx=2&sn=32373b47bc9d42a1dd69d7ed017ec22b&chksm=feb67ae9c9c1f3ff9059fdb9b42509895b8e416205f2ef1346f9df76ccb25088b681b790581f&scene=58&subscene=0#rd) + - [ ] [小年纳福,满载祝愿](https://mp.weixin.qq.com/s?__biz=MzU5OTQ0NzY3Ng==&mid=2247498734&idx=1&sn=2d5de0a8283c56deb2559e0af561e376&chksm=feb67afdc9c1f3eb9c541f85173a09a82542709c15edcc23d9d2c392cfb951aaa72acb7894a7&scene=58&subscene=0#rd) +- 腾讯科恩实验室 + - [ ] [游戏辅助的隐藏威胁|传播于游戏论坛的“Catlavan”后门分析报告](https://mp.weixin.qq.com/s?__biz=MzU1MjgwNzc4Ng==&mid=2247512659&idx=1&sn=ca99588eed415d2fdbdd87c4e666b662&chksm=fbfe8e56cc89074039ffcc9bb0544c3f4285b0fb28a480034307d88019f5b1fa8e610a5e494e&scene=58&subscene=0#rd) +- dotNet安全矩阵 + - [ ] [.NET 通过代码审计发现 ERP 系统中两个任意文件上传漏洞](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498371&idx=1&sn=d7e51b293b5afd36bf501f82d547e678&chksm=fa59546ecd2edd789772877b71ddaf889a171c0baebaed5bc5d84e1dc59ec80a6efff9da250e&scene=58&subscene=0#rd) + - [ ] [.NET 安全攻防知识交流社区](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498371&idx=2&sn=cbf2bdba768768419faf4c4791dd2c1b&chksm=fa59546ecd2edd78ca9bfcbd53bc87340dd852aad612de53fa03fd221f56cf441ed2ed07d75c&scene=58&subscene=0#rd) + - [ ] [通过 Sharp4SuoPoc 从原理上复现 Visual Studio 投毒事件](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498371&idx=3&sn=81f6211052fdbd84bfa5f5b833c14bea&chksm=fa59546ecd2edd78667ab8745d36715a39fb789abb78742e20b611f6645859db72e35cbd719d&scene=58&subscene=0#rd) +- 代码卫士 + - [ ] [7-Zip 修复高危的 Windows MoTW 安全告警绕过漏洞](https://mp.weixin.qq.com/s?__biz=MzI2NTg4OTc5Nw==&mid=2247522153&idx=1&sn=b0d2973a6eb87e554fb62b7ddfa10dfb&chksm=ea94a603dde32f1580de59ef6a2b8fb600c6cbb237024a672b5a02660c7fc1f7184f617fce4c&scene=58&subscene=0#rd) + - [ ] [FTC要求通用停止收集和出售驾驶员数据](https://mp.weixin.qq.com/s?__biz=MzI2NTg4OTc5Nw==&mid=2247522153&idx=2&sn=2d3b81592eb7e14fd1f16c714fa4e016&chksm=ea94a603dde32f154142371d59146a916e8ef1fa49b42310d2eb5bfe8ad83bb64ef5d322ff3e&scene=58&subscene=0#rd) - 中国信息安全 - - [ ] [通知 | 国家发展改革委 国家数据局印发《公共数据资源登记管理暂行办法》(附全文)](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235295&idx=1&sn=8a80edf9113f50434a1bb11f3e5cc79e&chksm=8b5803e6bc2f8af08800b6f9c12fc09d3665078ffd474d5a6f39d70e2c35058c0ae863b47a76&scene=58&subscene=0#rd) - - [ ] [通知 | 国家发展改革委 国家数据局印发《公共数据资源授权运营实施规范(试行)》(附全文)](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235295&idx=2&sn=5f58f62f3bf1f6e916f8470f6f6f55b2&chksm=8b5803e6bc2f8af06dc3a6c03e7d667c8c86a6af82f37c83fb6be1ae229f957ecd7b48c4dbe3&scene=58&subscene=0#rd) - - [ ] [通知 | 国家发展改革委 国家数据局印发《关于建立公共数据资源授权运营价格形成机制的通知》(附全文)](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235295&idx=3&sn=2f7dc83912ff817f2473902a7e6ac995&chksm=8b5803e6bc2f8af0a31dffe028e1b2d1c767d46cf0e64c710eee7bd6bc8b75d4cba0d33cb6cc&scene=58&subscene=0#rd) - - [ ] [​权威解答 | 国家发展改革委、国家数据局有关负责同志就公共数据资源三份政策文件答记者问](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235295&idx=4&sn=0e0fda73e478907a8ffd4ccf7d5b6bf1&chksm=8b5803e6bc2f8af01bb86646ec8574f5de50b90b63a85bc02a92643f056194b89d085ec75f4b&scene=58&subscene=0#rd) - - [ ] [工信部:3000余家网站、APP完成适老化及无障碍改造](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235295&idx=5&sn=b4698d8d66e49269855f4dece70ecc34&chksm=8b5803e6bc2f8af0471e8c6cd4b3ef03d12d7061293ea3063ad64cc1eadbea2eff7883c2486b&scene=58&subscene=0#rd) - - [ ] [专家解读 | “人工智能+”赋能实体经济 描绘“实数融合”新图景](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235295&idx=6&sn=a2794f1a6afeadd3fa7db937baf54f37&chksm=8b5803e6bc2f8af09c87629ba57cad87e96a8eb1cae1c3d848e796e35d3c5d85ef026899e89f&scene=58&subscene=0#rd) - - [ ] [关注 | 2024年全国受理网络违法和不良信息举报2.27亿件](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235295&idx=7&sn=11cd80d44bfaacb422ecd3c07309e5d7&chksm=8b5803e6bc2f8af0ec8bcb550699d37787f2af9dd7c9b50eb3c7b60899f2d3cc3227033730de&scene=58&subscene=0#rd) + - [ ] [专题·人工智能安全治理 | 人工智能安全治理的中国认知与方案](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235367&idx=1&sn=297855efd370925c872f5757635232be&chksm=8b58039ebc2f8a88688e473f6a44b4c239be99a0ba5386a09e21cf1d002e5dcdd7e2325f74a9&scene=58&subscene=0#rd) + - [ ] [专家解读 | 魏亮:统筹布局国家数据基础设施,夯实数据要素价值释放基础](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235367&idx=2&sn=25380b016bd022eb3f12db20a0ccfc4e&chksm=8b58039ebc2f8a8869cac9ab3b937000109e1bc8586b3a96741dec89798acb3e5f9040f94935&scene=58&subscene=0#rd) + - [ ] [专家观点 | 李峥:以合作开启AI“20万亿美元时代”](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235367&idx=3&sn=3d746ccbf7a383c1aedc7863ea48df60&chksm=8b58039ebc2f8a880d7e7215965672500409cf64649cd90b5c34904471aa388bcb73103ba0f7&scene=58&subscene=0#rd) + - [ ] [前沿 | 人工智能赋能网络空间作战](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235367&idx=4&sn=c17951f71c4e1d4580510b7ec0275644&chksm=8b58039ebc2f8a88b47c7a35f7dc8a087f071e32ef0532f12bf4124a44b87ca50bad5d909c41&scene=58&subscene=0#rd) + - [ ] [国际 | 域外国家网络信息治理制度](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235367&idx=5&sn=6ddc0df87190ccc4b866a5a488ce4fb3&chksm=8b58039ebc2f8a8896afda5e765776e17020efd79d33c784f1366c5562fad84ffa2dff0a63cd&scene=58&subscene=0#rd) + - [ ] [观点 | 面对深度伪造视频我们可以做什么](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235367&idx=6&sn=1ed425e7056807c6c44ddd42f4cb1512&chksm=8b58039ebc2f8a884bcb07c456537203d4b50492e19be7158c46536ddef4697201d18a32a6b9&scene=58&subscene=0#rd) + - [ ] [评论 | 打破AI谣言“黑箱”,需要社会共治](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235367&idx=7&sn=2cb7b1348c0399a07373f5b5204e5aff&chksm=8b58039ebc2f8a88d98241c6473a4a5e4f8e0c55edc0ed31581cd87507a5b76f11dd3cadae3c&scene=58&subscene=0#rd) +- 数世咨询 + - [ ] [2024年美国医疗数据泄露:585起事件波及1.8亿用户](https://mp.weixin.qq.com/s?__biz=MzkxNzA3MTgyNg==&mid=2247534927&idx=1&sn=27a17db142bc885941f8e7cdff24512c&chksm=c1443bf2f633b2e463df61b01cdb06d125f74e36e30588da3656a4be570526cab7b66dfe24ae&scene=58&subscene=0#rd) + - [ ] [公安部公布8起打击网络黑客犯罪典型案例](https://mp.weixin.qq.com/s?__biz=MzkxNzA3MTgyNg==&mid=2247534927&idx=2&sn=2b32138cf1f6349d72f172a77aa0dd8e&chksm=c1443bf2f633b2e41762afc5662ff5168a1a405414ad7663b499af40bda5558d801e98db35a9&scene=58&subscene=0#rd) +- 看雪学苑 + - [ ] [XCTF-SUCTF 2025-部分Pwn题解](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458589076&idx=1&sn=a4d861f2130373f4a922c1529d1fba78&chksm=b18c271e86fbae08ca00e3c9447214607f5d2bfc89d8578c33474f3e72602833a386405c44e4&scene=58&subscene=0#rd) + - [ ] [7-Zip高危漏洞曝光!攻击者可绕过安全机制远程执行代码,速升级](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458589076&idx=2&sn=d0f764edebe291ce5b96f036fabe1a56&chksm=b18c271e86fbae08b860c61d822fe9c14f3216204f7890876285cf7d58d7086a9d18b2c2002e&scene=58&subscene=0#rd) + - [ ] [更新5节!系统0day 安全-企业级网络设备固件漏洞挖掘(第7期)](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458589076&idx=3&sn=07bb4636837dcc2fbabded998321ad6e&chksm=b18c271e86fbae086f08a8628ae493c5626bf7b7941dbf05b7856553b1bd2011fe2f5765c6b1&scene=58&subscene=0#rd) - 国家互联网应急中心CNCERT - - [ ] [CNVD漏洞周报2025年第3期](https://mp.weixin.qq.com/s?__biz=MzIwNDk0MDgxMw==&mid=2247499617&idx=1&sn=2c0ace8ad777eef414c8c2a9bd88f67a&chksm=973acc03a04d45150eee133cf3ae4786f50bc20f2a1af53ec7434b10c80e8f59831a23fd48bc&scene=58&subscene=0#rd) - - [ ] [上周关注度较高的产品安全漏洞(20250113-20250119)](https://mp.weixin.qq.com/s?__biz=MzIwNDk0MDgxMw==&mid=2247499617&idx=2&sn=9bc261752d64c6b77c44994df9de434b&chksm=973acc03a04d4515f9832db1f4bf68dd1429f5d2152ca1b0fc12e931442a861b7b4043801e92&scene=58&subscene=0#rd) + - [ ] [网络安全信息与动态周报2025年第3期(1月13日-1月19日)](https://mp.weixin.qq.com/s?__biz=MzIwNDk0MDgxMw==&mid=2247499624&idx=1&sn=8064268553ca5916417015861fb3acd9&chksm=973acc0aa04d451cff471b69b6ae264370dfad346c96825845c4c4e2b621762d5af60277379b&scene=58&subscene=0#rd) +- 补天平台 + - [ ] [辞暮尔尔,烟火年年 | 补天平台春节放假通知](https://mp.weixin.qq.com/s?__biz=MzI2NzY5MDI3NQ==&mid=2247507336&idx=1&sn=8d6c060a3c6485878ea8c3f08e2d93b5&chksm=eaf995c4dd8e1cd240f87a81e954cd8badfa1ee7bc6b8880f5c8f0755698a4140faa0ccf103e&scene=58&subscene=0#rd) - 情报分析师 - - [ ] [格鲁乌的“破坏者大学”:用犯罪分子代替特工,这是什么操作?](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650559125&idx=1&sn=9edc6ab07ea0a57a7163e982117f2677&chksm=87117cdeb066f5c8b70dac3fb97faa41d1147bd128db0c82f53be7fac2091848bf98620a9c95&scene=58&subscene=0#rd) - - [ ] [【深挖】缅甸克伦边防部队(BGF)的利益链条及犯罪业务网络(2万字资料附下载)](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650559125&idx=2&sn=eddfb3d8fd7ac52a2836738721392068&chksm=87117cdeb066f5c81b7f593465a83f37f2c6abfe8541ff72a8ad7dca6272a978bcc7e58f284e&scene=58&subscene=0#rd) - - [ ] [懂王行政令:从TikTok到关税,中美关系走向何方?](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650559125&idx=3&sn=6142b8da04d0f5b114e6620fb2a35459&chksm=87117cdeb066f5c889816af3b32bd96f9836d05a850be9c41b0e909882fc56327754e50c3a70&scene=58&subscene=0#rd) -- 小米安全中心 - - [ ] [MiSRC 蛇年限定红包封面,开启好运~](https://mp.weixin.qq.com/s?__biz=MzI2NzI2OTExNA==&mid=2247517805&idx=1&sn=fcf9b3df71d41e165e5ac7ca9b9d18dd&chksm=ea83a0f8ddf429ee312b0682e14764679d08a35a8787a527b7bcd1976a01b3905aa808133c3d&scene=58&subscene=0#rd) -- 天御攻防实验室 - - [ ] [美国政府网络政策观察(第三期) | 拜登政府制裁我国网络安全企业和个人](https://mp.weixin.qq.com/s?__biz=MzU0MzgyMzM2Nw==&mid=2247486241&idx=1&sn=b188fa0b9fd687297884d03f0af5ef7e&chksm=fb04c849cc73415f296866a480014d449984e4d3fdb57a7918b1d74fc50c661c502526e6496a&scene=58&subscene=0#rd) -- 嘶吼专业版 - - [ ] [2024中国网络安全产业势能榜优能企业「交通行业」典型案例展示](https://mp.weixin.qq.com/s?__biz=MzI0MDY1MDU4MQ==&mid=2247580915&idx=1&sn=2aae7d3064771ae44630975c78b62baa&chksm=e9146cc9de63e5df1b4ab8537a511f1ecdc8f3e2be3717df13d6cd09eae66ff4e3797cd1eaa1&scene=58&subscene=0#rd) - - [ ] [新型物联网僵尸网络现身,疯狂劫持设备发动大规模 DDoS 攻击](https://mp.weixin.qq.com/s?__biz=MzI0MDY1MDU4MQ==&mid=2247580915&idx=2&sn=49c81661b58dadfafc5d8436f0511377&chksm=e9146cc9de63e5dfbdd06a3273f839512dbc6283cb8218a470ff5f749b412c27647cc876904d&scene=58&subscene=0#rd) -- 数世咨询 - - [ ] [澳大利亚公司:相比往年网络保险采购率大幅上升](https://mp.weixin.qq.com/s?__biz=MzkxNzA3MTgyNg==&mid=2247534898&idx=1&sn=41c69a4465600023c0be9cbb2fcd38d5&chksm=c1443b8ff633b299f991e382cc47801ab52ec43e006df5b5a754a47d1d0ad5eb76fa1347f7dc&scene=58&subscene=0#rd) - - [ ] [【行业动态】天空卫士香港峰会,引领AI数据安全新时代!](https://mp.weixin.qq.com/s?__biz=MzkxNzA3MTgyNg==&mid=2247534898&idx=2&sn=6e038251ac4390be46d940acbf6e57bb&chksm=c1443b8ff633b2996bc5adc439db90a54450cedf72cdcc38f9354cbc6a181c2d8528b08112d8&scene=58&subscene=0#rd) + - [ ] [加沙真相被掩盖?BBC报道背后的“信息筛选”](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650559158&idx=1&sn=6312581755ed3402c281e8b588aed0a5&chksm=87117cfdb066f5eb6185844e09e4da7ee5a256338379f42723a5bb295394a5eabd6bd525c664&scene=58&subscene=0#rd) + - [ ] [揭露俄罗斯GRU的秘密行动,被指资助阿塔数千万美元](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650559158&idx=2&sn=04237d391e688d8663478dec1917a891&chksm=87117cfdb066f5eb62c527d68166b9e7581ef040a0bb3f72b651e477165fb4e85671f8d4eb56&scene=58&subscene=0#rd) + - [ ] [TikTok禁令:从事件始末到未来走向的深度剖析](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650559158&idx=3&sn=330b69e1e87d2e662ee62ac84a2df529&chksm=87117cfdb066f5ebcc303b472a145a703011592673d932403cee104f36e1641206f07c3eba87&scene=58&subscene=0#rd) +- 默安科技 + - [ ] [默安科技2025年春节值守安排](https://mp.weixin.qq.com/s?__biz=MzIzODQxMjM2NQ==&mid=2247500248&idx=1&sn=f1957f05b1fb0ede1aed87f4c0603dad&chksm=e93b36fade4cbfec2e3df9f97123506b4d13e096ac812e8ba98db9b2fcbc04073fb7839a847c&scene=58&subscene=0#rd) +- 威胁棱镜 + - [ ] [2024 年 Any.Run 恶意软件趋势报告](https://mp.weixin.qq.com/s?__biz=MzkyMzE5ODExNQ==&mid=2247487612&idx=1&sn=09a327bfbe389a1f868570bafd81d159&chksm=c1e9e7b0f69e6ea6aee11492fcd298ab2ea9cbba8c8dde6f81fa56d6591a6932ed53c6fadcab&scene=58&subscene=0#rd) - 极客公园 - - [ ] [一年卖超 500 万副耳机的韶音,杀入「AI 眼镜」赛道](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653072431&idx=1&sn=bbfab5ee5f3cf789e625b0ae8b64ac20&chksm=7e57d1994920588fa97e5ee83920b38db884b645213c226fa5e8d76f9e5b72aedbf1fab15af6&scene=58&subscene=0#rd) - - [ ] [对话生数科技 Vidu 产品负责人:100 天千万用户之后,2025 年视频生成产品会变成怎样?](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653072431&idx=2&sn=659e9b3665f91afb56d99cd9ccc509f0&chksm=7e57d1994920588f7be2b75b6da29e163816667796e5ea2319255256738b7ae06af5096738ef&scene=58&subscene=0#rd) - - [ ] [「夜袭」 OpenAI!DeepSeek 开源最强推理模型 R1,再震欧美同行](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653072415&idx=1&sn=a47a2f0c4272857c4920d18773448430&chksm=7e57d1a9492058bfd25004e5d0e45bf2271e89a218d3a62a75cdf774b90dca0c5eab3ba560cb&scene=58&subscene=0#rd) - - [ ] [小米汽车一月订单超 4 万,远超产能;华为鸿蒙 PC 望今年上市;字节发布 AI 中文开发环境IDE,目标全球开发者|极客早知道](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653072398&idx=1&sn=dec48b32602b49c7b40083d212e5360d&chksm=7e57d1b8492058aee104f875e76eed46378d16c75b283725fe84d8f14492bf7b5f31516923be&scene=58&subscene=0#rd) -- 360数字安全 - - [ ] [年度盘点:AI+安全双重赋能,360解锁企业浏览器新动力](https://mp.weixin.qq.com/s?__biz=MzA4MTg0MDQ4Nw==&mid=2247579167&idx=1&sn=b9d8f3892f6d7cc7cbe9669aae2417a2&chksm=9f8d2617a8faaf01fb724c3472fed4f7d8df12f9251a76800fa93dd3d9a0f7e2c611540e87fd&scene=58&subscene=0#rd) - - [ ] [最高级!360获评工信部CAPPVD“三星技术支撑单位”称号](https://mp.weixin.qq.com/s?__biz=MzA4MTg0MDQ4Nw==&mid=2247579167&idx=2&sn=44ab9727a76e44a6b079e423fdf7b978&chksm=9f8d2617a8faaf014edd5f42949a768c5f781d7b3978e6b740442523c9838fc63b9be969b71a&scene=58&subscene=0#rd) - - [ ] [喜讯!360获评2024软件和信息服务业年度领航企业及创新成果两项大奖](https://mp.weixin.qq.com/s?__biz=MzA4MTg0MDQ4Nw==&mid=2247579167&idx=3&sn=9adcb35ed05747f7530c83f59de0ea37&chksm=9f8d2617a8faaf01e8a3f033a7236cf72d5be4d3abadd0812b203ba96eae2599c8b7f43430f1&scene=58&subscene=0#rd) + - [ ] [新总统山寨币疯狂收割 500 亿美元,只是比特币国家战略一部分?](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653072613&idx=1&sn=cb3a3b24855c3b969f4d586c72218f00&chksm=7e57d15349205845d2da4c3b22b0b9fadb97006921d79a96e31455c143851c835443f9164077&scene=58&subscene=0#rd) + - [ ] [OpenAI+软银5000亿美元投资AI基建;新 ModelY、小米 YU7实车曝光;小红书启用「rednote」|极客早知道](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653072586&idx=1&sn=01f46944418d1ed105a097f841268626&chksm=7e57d17c4920586a12299e2a2473709a61c4b7d1d33e4885d4963adcc8b3f020d715bdcf93c8&scene=58&subscene=0#rd) - Over Security - Cybersecurity news aggregator - - [ ] [Unique 0-click deanonymization attack targeting Signal, Discord and hundreds of platform](https://gist.github.com/hackermondev/45a3cdfa52246f1d1201c1e8cdef6117) - - [ ] [Government IT contractor Conduent says 'third-party compromise’ caused outages](https://therecord.media/government-contractor-conduent-outage-compromise) - - [ ] [Cloudflare mitigated a record-breaking 5.6 Tbps DDoS attack](https://www.bleepingcomputer.com/news/security/cloudflare-mitigated-a-record-breaking-56-tbps-ddos-attack/) - - [ ] [Disciplinary and special ed records of Toronto students may have leaked in PowerSchool breach](https://therecord.media/disciplinary-special-records-toronto-powerschool) - - [ ] [Fake Homebrew Google ads target Mac users with malware](https://www.bleepingcomputer.com/news/security/fake-homebrew-google-ads-target-mac-users-with-malware/) - - [ ] [TSA chief behind cyber directives for aviation, pipelines and rail ousted by Trump team](https://therecord.media/tsa-chief-behind-cyber-directives-ousted-trump-administration) - - [ ] [Russian telecom giant Rostelecom investigates suspected cyberattack on contractor](https://therecord.media/rostelecom-russia-contractor-data-breach) - - [ ] [Microsoft previews Game Assist in-game browser in Edge Stable](https://www.bleepingcomputer.com/news/microsoft/microsoft-previews-game-assist-in-game-browser-in-edge-stable/) - - [ ] [Bitbucket services “hard down” due to major worldwide outage](https://www.bleepingcomputer.com/news/technology/bitbucket-services-hard-down-due-to-major-worldwide-outage/) - - [ ] [7-Zip fixes bug that bypasses Windows MoTW security warnings, patch now](https://www.bleepingcomputer.com/news/security/7-zip-fixes-bug-that-bypasses-the-windows-motw-security-mechanism-patch-now/) - - [ ] [Criminal IP Teams Up with OnTheHub for Digital Education Cybersecurity](https://www.bleepingcomputer.com/news/security/criminal-ip-teams-up-with-onthehub-for-digital-education-cybersecurity/) - - [ ] [Ransomware gangs pose as IT support in Microsoft Teams phishing attacks](https://www.bleepingcomputer.com/news/security/ransomware-gangs-pose-as-it-support-in-microsoft-teams-phishing-attacks/) - - [ ] [Il 15enne che ha violato …](https://roccosicilia.com/2025/01/21/il-15enne-che-ha-violato/) - - [ ] [Via a SECURE, il progetto per supportare conformità delle PMI al Cyber Resilience Act](https://www.securityinfo.it/2025/01/21/via-a-secure-il-progetto-per-supportare-conformita-delle-pmi-al-cyber-resilience-act/) - - [ ] [Hackers impersonate Ukraine’s CERT to trick people into allowing computer access](https://therecord.media/fake-ukraine-cert-anydesk-requests-hackers) - - [ ] [Russian ransomware hackers increasingly posing as tech support on Microsoft Teams](https://therecord.media/fake-tech-support-russian-hackers-microsoft-teams) - - [ ] [JoCERT Issues Warning on Exploitable Command Injection Flaws in HPE Aruba Products](https://cyble.com/blog/jocert-warns-of-hpe-aruba-command-injection-flaws/) - - [ ] [Report riepilogativo sulle tendenze delle campagne malevole analizzate dal CERT-AGID nel 2024](https://cert-agid.gov.it/news/report-riepilogativo-sulle-tendenze-delle-campagne-malevole-analizzate-dal-cert-agid-nel-2024/) - - [ ] [October 2024 Cyber Attacks Statistics](https://www.hackmageddon.com/2025/01/21/october-2024-cyber-attacks-statistics/) - - [ ] [InvisibleFerret Malware: Technical Analysis](https://any.run/cybersecurity-blog/invisibleferret-malware-analysis/) - - [ ] [Zyxel vulnerability exploited by “Helldown” ransomware group](https://labs.yarix.com/2025/01/zyxel-vulnerability-exploited-by-helldown-ransomware-group/) - - [ ] [Critical Mozilla Vulnerabilities Prompt Urgent Updates for Firefox and Thunderbird Users](https://cyble.com/blog/cert-in-reports-multiple-mozilla-vulnerabilities/) -- Qualys Security Blog - - [ ] [Mass Campaign of Murdoc Botnet Mirai: A New Variant of Corona Mirai](https://blog.qualys.com/category/vulnerabilities-threat-research) + - [ ] [Ransomware in Healthcare: A Comprehensive Subsector Analysis](https://catchingphish.com/posts/f/ransomware-in-healthcare-a-comprehensive-subsector-analysis) + - [ ] [Critical zero-days impact premium WordPress real estate plugins](https://www.bleepingcomputer.com/news/security/critical-zero-days-impact-premium-wordpress-real-estate-plugins/) + - [ ] [Cloudflare CDN flaw leaks user location data, even through secure chat apps](https://www.bleepingcomputer.com/news/security/cloudflare-cdn-flaw-leaks-user-location-data-even-through-secure-chat-apps/) + - [ ] [BreachForums admin to be resentenced after appeals court slams supervised release](https://therecord.media/breachforums-resentenced-supervised-release-admin) + - [ ] [Telegram captcha tricks you into running malicious PowerShell scripts](https://www.bleepingcomputer.com/news/security/telegram-captcha-tricks-you-into-running-malicious-powershell-scripts/) + - [ ] [Flashpoint Weekly Vulnerability Insights and Prioritization Report](https://flashpoint.io/blog/flashpoint-weekly-vulnerability-insights-prioritization/) + - [ ] [China-linked hacker group targets victims in East Asia with malicious VPN installers](https://therecord.media/china-hacker-group-vpns-backdoor) + - [ ] [Trump pardons Silk Road founder Ross Ulbricht](https://therecord.media/ross-ulbricht-silk-road-pardoned-trump) + - [ ] [Trump admin tells all Democrats on intelligence oversight board to resign](https://therecord.media/trump-admin-tells-democrats-on-intel-oversight-board-to-resign) + - [ ] [Cisco warns of denial of service flaw with PoC exploit code](https://www.bleepingcomputer.com/news/security/cisco-warns-of-denial-of-service-flaw-with-poc-exploit-code/) + - [ ] [Iran and Russia deepen cyber ties with new agreement](https://therecord.media/russia-iran-cyber-ties-agreement) + - [ ] [PowerSchool hacker claims they stole data of 62 million students](https://www.bleepingcomputer.com/news/security/powerschool-hacker-claims-they-stole-data-of-62-million-students/) + - [ ] [Come tracciare la sicurezza della software supply chain](https://guerredirete.substack.com/p/come-tracciare-la-sicurezza-della) + - [ ] [Trump administration fires members of cybersecurity review board in “horribly shortsighted” decision](https://techcrunch.com/2025/01/22/trump-administration-fires-members-of-cybersecurity-review-board-in-horribly-shortsighted-decision/) + - [ ] [Oh my .. ! - Suspicious network traffic detected including Ransomware](https://dfir.ch/posts/suspicious_network_traffic_ransomware/) + - [ ] [Conduent confirms cybersecurity incident behind recent outage](https://www.bleepingcomputer.com/news/security/conduent-confirms-cybersecurity-incident-behind-recent-outage/) + - [ ] [Windows 11 24H2 now also offered to all eligible Windows 10 PCs](https://www.bleepingcomputer.com/news/microsoft/microsoft-expands-windows-11-24h2-rollout-to-eligible-windows-10-pcs/) + - [ ] [MasterCard DNS Error Went Unnoticed for Years](https://krebsonsecurity.com/2025/01/mastercard-dns-error-went-unnoticed-for-years/) + - [ ] [Use this AI chatbot prompt to create a password-exclusion list](https://www.bleepingcomputer.com/news/security/use-this-ai-chatbot-prompt-to-create-a-password-exclusion-list/) + - [ ] [IPany VPN breached in supply-chain attack to push custom malware](https://www.bleepingcomputer.com/news/security/ipany-vpn-breached-in-supply-chain-attack-to-push-custom-malware/) + - [ ] [Hackers exploit 16 zero-days on first day of Pwn2Own Automotive 2025](https://www.bleepingcomputer.com/news/security/hackers-exploit-16-zero-days-on-first-day-of-pwn2own-automotive-2025/) + - [ ] [Trump administration removes private sector leaders from all DHS panels, including CSRB](https://therecord.media/trump-dhs-removal-private-sector-members-advisory-boards) + - [ ] [Questions grow over whether Baltic Sea cable damage was sabotage or accidental](https://therecord.media/finland-eagle-s-tanker-questions-over-alleged-sabotage) + - [ ] [Targeted supply chain attack against Chrome browser extensions](https://blog.sekoia.io/targeted-supply-chain-attack-against-chrome-browser-extensions/) + - [ ] [How Threat Intelligence Lookup Helps Enterprises](https://any.run/cybersecurity-blog/how-threat-intelligence-lookup-helps-enterprises/) + - [ ] [Australian Cyber Security Centre Targets Bulletproof Hosting Providers to Disrupt Cybercrime Networks](https://cyble.com/blog/acsc-highlights-bulletproof-hosting-providers/) + - [ ] [La battaglia di Lyptsi e l’evoluzione della guerra robotizzata](https://www.guerredirete.it/la-battaglia-di-lyptsi-e-levoluzione-della-guerra-robotizzata/) + - [ ] [Preventing Phishing Attacks, Before They Catch You](https://www.kelacyber.com/blog/preventing-phishing-attacks-before-they-catch-you/) + - [ ] [Welhof - 107,292 breached accounts](https://haveibeenpwned.com/PwnedWebsites#Welhof) + - [ ] [Frame & Optic - 15,678 breached accounts](https://haveibeenpwned.com/PwnedWebsites#FrameAndOptic) + - [ ] [Denuvo Analysis | Connor-Jay's Blog](https://connorjaydunn.github.io/blog/posts/denuvo-analysis/) + - [ ] [Cyble Finds Thousands of Security Vendor Credentials on Dark Web](https://cyble.com/blog/thousands-of-security-vendor-credentials-found-on-dark-web/) - Krypt3ia - - [ ] [Krypt3ia CTI Daily Digest 1.21.25](https://krypt3ia.wordpress.com/2025/01/21/krypt3ia-cti-daily-digest-1-21-25/) -- JUMPSEC - - [ ] [CREST penetration testing: how to ensure industry-leading standards](https://www.jumpsec.com/guides/crest-penetration-testing-how-to-ensure-industry-leading-standards/) - - [ ] [What is the difference between security and penetration testing](https://www.jumpsec.com/guides/difference-between-security-and-penetration-testing/) + - [ ] [Krypt3ia’s Survival Guide for Safe Communications in Today’s Internet and Social Media Landscape](https://krypt3ia.wordpress.com/2025/01/22/krypt3ias-survival-guide-for-safe-communications-in-todays-internet-and-social-media-landscape/) + - [ ] [Krypt3ia Daily Threat Intel Digest 1.22.25](https://krypt3ia.wordpress.com/2025/01/22/krypt3ia-daily-threat-intel-digest-1-22-25/) - 迪哥讲事 - - [ ] [从xss的自动化扫描器聊起-xss的基本功](https://mp.weixin.qq.com/s?__biz=MzIzMTIzNTM0MA==&mid=2247496922&idx=1&sn=f8c212b3d3e0fb45af733f56c776a356&chksm=e8a5feb9dfd277af68c2f94335499c7ee8b25a1a135dc168ad072328c4490be4b4e4ea34114d&scene=58&subscene=0#rd) -- Securityinfo.it - - [ ] [Via a SECURE, il progetto per supportare conformità delle PMI al Cyber Resilience Act](https://www.securityinfo.it/2025/01/21/via-a-secure-il-progetto-per-supportare-conformita-delle-pmi-al-cyber-resilience-act/?utm_source=rss&utm_medium=rss&utm_campaign=via-a-secure-il-progetto-per-supportare-conformita-delle-pmi-al-cyber-resilience-act) -- HACKMAGEDDON - - [ ] [October 2024 Cyber Attacks Statistics](https://www.hackmageddon.com/2025/01/21/october-2024-cyber-attacks-statistics/) -- LuxSci - - [ ] [Top 5 Use Cases for High-Volume HIPAA-Compliant Email](https://luxsci.com/blog/use-cases-high-volume-hipaa-compliant-email.html) -- 安全419 - - [ ] [2024年度网络安全政策法规一览](https://mp.weixin.qq.com/s?__biz=MzUyMDQ4OTkyMg==&mid=2247546742&idx=1&sn=986ad65a22c1c630d4eabd6c42289dc4&chksm=f9ebe9dbce9c60cd5be6610f4c43ec81e749cec3dce80ec0cf923666c585928f149fc781baa7&scene=58&subscene=0#rd) + - [ ] [某攻防演练|从404页面到接管阿里云](https://mp.weixin.qq.com/s?__biz=MzIzMTIzNTM0MA==&mid=2247496928&idx=1&sn=871a0d0002a589ed9b98ae6ed97158f9&chksm=e8a5fe83dfd27795744d51346215bef2df4e6387a31ad6a46cc7cb07b0d3a71b274a5f895b82&scene=58&subscene=0#rd) +- Have I Been Pwned latest breaches + - [ ] [Frame & Optic - 15,678 breached accounts](https://haveibeenpwned.com/PwnedWebsites#FrameAndOptic) + - [ ] [Welhof - 107,292 breached accounts](https://haveibeenpwned.com/PwnedWebsites#Welhof) +- 360数字安全 + - [ ] [“以模制模”!360大模型安全解决方案获权威机构推荐](https://mp.weixin.qq.com/s?__biz=MzA4MTg0MDQ4Nw==&mid=2247579180&idx=1&sn=9c7924d356a6e97806314b7890ec70d4&chksm=9f8d2624a8faaf320e482da401f346c27512c8d91786d43e0dffb1009c7ebbe4c0274b1fcc5e&scene=58&subscene=0#rd) + - [ ] [六大行业典型案例!360霸榜2024中国网络安全产业势能榜](https://mp.weixin.qq.com/s?__biz=MzA4MTg0MDQ4Nw==&mid=2247579180&idx=2&sn=9620c63a3e0e81ef64b85953dda3a2d7&chksm=9f8d2624a8faaf322a4f0e24696a63b8d7a266a0ec61b3612dc8b22a492bc005b327a0400fd7&scene=58&subscene=0#rd) +- ICT Security Magazine + - [ ] [Eventi Cybersecurity 2025 – Il futuro della sicurezza digitale](https://www.ictsecuritymagazine.com/notizie/eventi-cybersecurity-2025-il-futuro-della-sicurezza-digitale/) + - [ ] [Anomaly Detection tramite Neural Networks: identificazione di pattern anomali e prevenzione dei cyber attacchi](https://www.ictsecuritymagazine.com/articoli/anomaly-detection-sec/) +- SANS Internet Storm Center, InfoCON: green + - [ ] [ISC Stormcast For Thursday, January 23rd, 2025 https://isc.sans.edu/podcastdetail/9292, (Wed, Jan 22nd)](https://isc.sans.edu/diary/rss/31618) + - [ ] [Catching CARP: Fishing for Firewall States in PFSync Traffic, (Wed, Jan 22nd)](https://isc.sans.edu/diary/rss/31616) + - [ ] [ISC Stormcast For Wednesday, January 22nd, 2025 https://isc.sans.edu/podcastdetail/9290, (Wed, Jan 22nd)](https://isc.sans.edu/diary/rss/31614) +- 嘶吼专业版 + - [ ] [2024中国网络安全产业势能榜优能企业「电力行业」典型案例展示](https://mp.weixin.qq.com/s?__biz=MzI0MDY1MDU4MQ==&mid=2247580933&idx=1&sn=200f586bf5e6ebc5b131de6824aa91ce&chksm=e9146d3fde63e429d8233882c021aca40e581dd642e4fb6699b9d5e926f90a92500d920177dd&scene=58&subscene=0#rd) + - [ ] [Otelier 遭遇网络攻击导致数百万酒店预订信息泄露](https://mp.weixin.qq.com/s?__biz=MzI0MDY1MDU4MQ==&mid=2247580933&idx=2&sn=0a59602d0f6ce921931618ecc83d85d6&chksm=e9146d3fde63e4290f78a380c4fe948178ab82a46e7ba25bb0f7b2a8e6881c6c448b52c28a91&scene=58&subscene=0#rd) +- Posts By SpecterOps Team Members - Medium + - [ ] [Entra Connect Attacker Tradecraft: Part 2](https://posts.specterops.io/entra-connect-attacker-tradecraft-part-2-672df0147abc?source=rss----f05f8696e3cc---4) +- 火绒安全 + - [ ] [QQ音乐遭遇“白加黑”利用,网站被劫持推广传奇私服](https://mp.weixin.qq.com/s?__biz=MzI3NjYzMDM1Mg==&mid=2247521743&idx=1&sn=7d0d609cffb045d031bdba1a74baee80&chksm=eb704bf0dc07c2e6f4ce1baf70c50eae31af800684d54c7bb88be8c67e11cdd0d9cef32321a1&scene=58&subscene=0#rd) + - [ ] [诚邀渠道合作伙伴共启新征程](https://mp.weixin.qq.com/s?__biz=MzI3NjYzMDM1Mg==&mid=2247521743&idx=2&sn=c4bb1454856772f63647451003483a12&chksm=eb704bf0dc07c2e6695c9ab8933305dc28c4873fdd7326e88f3d667e611aadc0c77505fa29e3&scene=58&subscene=0#rd) - Instapaper: Unread - - [ ] [The Powerful AI Tool That Cops (or Stalkers) Can Use to Geolocate Photos in Seconds](https://www.404media.co/the-powerful-ai-tool-that-cops-or-stalkers-can-use-to-geolocate-photos-in-seconds/) - - [ ] [Bypassing disk encryption on systems with automatic TPM2 unlock](https://oddlama.org/blog/bypassing-disk-encryption-with-tpm2-unlock/) - - [ ] [Artifacts Jump Lists](http://windowsir.blogspot.com/2025/01/artifacts-jump-lists.html) - - [ ] [Windows 11 BitLocker-Encrypted Files Accessed Without Disassembling Laptops](https://cybersecuritynews.com/windows-11-bitlocker-encrypted-files-accessed/) - - [ ] [Riflessione sulle Free WiFi](https://roccosicilia.com/2025/01/20/riflessione-sulle-free-wifi/) -- Graham Cluley - - [ ] [The AI Fix #34: Fake Brad Pitt and why AI means we will lose our jobs](https://grahamcluley.com/the-ai-fix-34/) - - [ ] [Medusa ransomware: what you need to know](https://www.tripwire.com/state-of-security/medusa-ransomware-what-you-need-know) -- Troy Hunt's Blog - - [ ] [Weekly Update 435](https://www.troyhunt.com/weekly-update-435/) -- The Hacker News - - [ ] [Mirai Variant Murdoc Botnet Exploits AVTECH IP Cameras and Huawei Routers](https://thehackernews.com/2025/01/murdocbotnet-found-exploiting-avtech-ip.html) + - [ ] [Experts found multiple flaws in Mercedes-Benz infotainment system](https://securityaffairs.com/173275/hacking/mercedes-benz-infotainment-system-flaws.html) + - [ ] [Windows BitLocker Vulnerability(CVE-2025-21210) Exploited in Randomization Attack](https://cybersecuritynews.com/windows-bitlocker-vulnerability-exploited/) + - [ ] [Report riepilogativo sulle tendenze delle campagne malevole analizzate dal CERT-AGID nel 2024](https://cert-agid.gov.it/news/report-riepilogativo-sulle-tendenze-delle-campagne-malevole-analizzate-dal-cert-agid-nel-2024/) - [ ] [13,000 MikroTik Routers Hijacked by Botnet for Malspam and Cyberattacks](https://thehackernews.com/2025/01/13000-mikrotik-routers-hijacked-by.html) - - [ ] [Ex-CIA Analyst Pleads Guilty to Sharing Top-Secret Data with Unauthorized Parties](https://thehackernews.com/2025/01/ex-cia-analyst-pleads-guilty-to-sharing.html) - - [ ] [HackGATE: Setting New Standards for Visibility and Control in Penetration Testing Projects](https://thehackernews.com/2025/01/hackgate-setting-new-standards-for.html) - - [ ] [PNGPlug Loader Delivers ValleyRAT Malware Through Fake Software Installers](https://thehackernews.com/2025/01/pngplug-loader-delivers-valleyrat.html) - - [ ] [CERT-UA Warns of Cyber Scams Using Fake AnyDesk Requests for Fraudulent Security Audits](https://thehackernews.com/2025/01/cert-ua-warns-of-cyber-scams-using-fake.html) -- The Register - Security - - [ ] [Patch procrastination leaves 50,000 Fortinet firewalls vulnerable to zero-day](https://go.theregister.com/feed/www.theregister.com/2025/01/21/fortinet_firewalls_still_vulnerable/) - - [ ] [HPE probes IntelBroker's bold data theft boasts](https://go.theregister.com/feed/www.theregister.com/2025/01/21/hpe_intelbroker_claims/) - - [ ] [Breaking free from reactive security](https://go.theregister.com/feed/www.theregister.com/2025/01/21/breaking_free_from_reactive_security/) - - [ ] [Banks must keep ahead of risks and reap AI rewards](https://go.theregister.com/feed/www.theregister.com/2025/01/21/banks_must_keep_ahead_of/) + - [ ] [Il 15enne che ha violato …](https://roccosicilia.com/2025/01/21/il-15enne-che-ha-violato/) + - [ ] [Mirai Botnet Launches Record 5.6 Tbps DDoS Attack with 13,000+ IoT Device](https://thehackernews.com/2025/01/mirai-botnet-launches-record-56-tbps.html) +- Graham Cluley + - [ ] [Half a million hotel guests at risk after hackers accessed sensitive data](https://www.bitdefender.com/en-us/blog/hotforsecurity/half-a-million-hotel-guests-at-risk-after-hackers-accessed-sensitive-data) +- The Grey Corner + - [ ] [Accessing the Kubernetes API using captured credentials and HTTP clients](/2025/01/22/accessing-the-kubernetes-api-using-captured.html) +- Trend Micro Research, News and Perspectives + - [ ] [Invisible Prompt Injection: A Threat to AI Security](https://www.trendmicro.com/en_us/research/25/a/invisible-prompt-injection-secure-ai.html) - Security Affairs - - [ ] [Former CIA analyst pleaded guilty to leaking top-secret documents](https://securityaffairs.com/173302/intelligence/former-cia-analyst-pleaded-guilty-to-leaking-top-secret-docs.html) - - [ ] [New Mirai botnet variant Murdoc Botnet targets AVTECH IP cameras and Huawei HG532 routers](https://securityaffairs.com/173294/cyber-crime/new-mirai-botnet-variant-murdoc-botnet-targets-avtech-ip-cameras-and-huawei-hg532-routers.html) - - [ ] [CERT-UA warned of scammers impersonating the agency using fake AnyDesk requests](https://securityaffairs.com/173285/hacking/cert-ua-warned-of-scammers-impersonating-the-agency-using-fake-anydesk.html) - - [ ] [Experts found multiple flaws in Mercedes-Benz infotainment system](https://securityaffairs.com/173275/hacking/mercedes-benz-infotainment-system-flaws.html) -- Deeplinks - - [ ] [EFF Sends Transition Memo on Digital Policy Priorities to New Administration and Congress](https://www.eff.org/press/releases/eff-sends-transition-memo-digital-policy-priorities-new-administration-and-congress) -- Posts By SpecterOps Team Members - Medium - - [ ] [Life at SpecterOps Part II: From Dream to Reality](https://posts.specterops.io/life-at-specterops-part-ii-from-dream-to-reality-99e10df0ba73?source=rss----f05f8696e3cc---4) + - [ ] [Pwn2Own Automotive 2025 Day 1: organizers awarded $382,750 for 16 zero-days](https://securityaffairs.com/173344/hacking/pwn2own-automotive-2025-day-1.html) + - [ ] [Two ransomware groups abuse Microsoft’s Office 365 platform to gain access to target organizations](https://securityaffairs.com/173328/cyber-crime/ransomware-groups-abuse-microsofts-office-365-platform.html) + - [ ] [Cloudflare blocked a record-breaking 5.6 Tbps DDoS attack](https://securityaffairs.com/173318/cyber-crime/cloudflare-blocked-record-5-6-tbps-ddos-attack.html) + - [ ] [A 7-Zip bug allows to bypass the Mark of the Web (MotW) feature](https://securityaffairs.com/173310/hacking/7-zip-flaw-bypass-the-mark-of-the-web-motw.html) +- Palo Alto Networks Blog + - [ ] [A New Era of Protection — Multicloud Security](https://www.paloaltonetworks.com/blog/2025/01/multicloud-security/) +- The Register - Security + - [ ] [Trump 'waved a white flag to Chinese hackers' as Homeland Security axed cyber advisory boards](https://go.theregister.com/feed/www.theregister.com/2025/01/22/dhs_axes_cyber_advisory_boards/) + - [ ] [Supply chain attack hits Chrome extensions, could expose millions](https://go.theregister.com/feed/www.theregister.com/2025/01/22/supply_chain_attack_chrome_extension/) + - [ ] [Give users confidence in your digital infrastructure](https://go.theregister.com/feed/www.theregister.com/2025/01/22/give_users_confidence_in_your/) + - [ ] [Microsoft issues out-of-band fix for Windows Server 2022 NUMA glitch](https://go.theregister.com/feed/www.theregister.com/2025/01/22/windows_server_numa_glitch/) + - [ ] [Silk Road's Dread Pirate Roberts walks free as Trump pardons dark web kingpin](https://go.theregister.com/feed/www.theregister.com/2025/01/22/silk_road_founder_freed/) + - [ ] [Infosec was literally the last item in Trump's policy plan, yet major changes are likely on his watch](https://go.theregister.com/feed/www.theregister.com/2025/01/22/trump_cyber_policy/) + - [ ] [Ransomware scum make it personal for Reg readers by impersonating tech support](https://go.theregister.com/feed/www.theregister.com/2025/01/22/ransomware_crews_abuse_microsoft_teams/) + - [ ] [PowerSchool theft latest: Decades of Canadian student records, data from 40-plus US states feared stolen](https://go.theregister.com/feed/www.theregister.com/2025/01/22/powerschool_canada_lawsuits/) +- Krebs on Security + - [ ] [MasterCard DNS Error Went Unnoticed for Years](https://krebsonsecurity.com/2025/01/mastercard-dns-error-went-unnoticed-for-years/) +- Deep Web + - [ ] [Trump pardons Ross Ulbricht, fulfilling campaign promise](https://www.reddit.com/r/deepweb/comments/1i6y6ca/trump_pardons_ross_ulbricht_fulfilling_campaign/) + - [ ] [I just know Ross feels like a million bucks. Just yesterday this man had a whole life sentence, shiiiiit Welcome home tho Ross !](https://www.reddit.com/r/deepweb/comments/1i7eaxs/i_just_know_ross_feels_like_a_million_bucks_just/) - Your Open Hacker Community - - [ ] [Learning Cryptography & Math for hacking](https://www.reddit.com/r/HowToHack/comments/1i6ro3j/learning_cryptography_math_for_hacking/) - - [ ] [How to detect Wi-Fi deauth attacks](https://www.reddit.com/r/HowToHack/comments/1i6vi0d/how_to_detect_wifi_deauth_attacks/) - - [ ] [Root directory question](https://www.reddit.com/r/HowToHack/comments/1i6r7bd/root_directory_question/) - - [ ] [Broken Access Control](https://www.reddit.com/r/HowToHack/comments/1i6dllf/broken_access_control/) - - [ ] [O.MG Cable](https://www.reddit.com/r/HowToHack/comments/1i6fkqd/omg_cable/) - - [ ] [How to change a player's UUID in Minecraft?](https://www.reddit.com/r/HowToHack/comments/1i6aj8m/how_to_change_a_players_uuid_in_minecraft/) -- Blackhat Library: Hacking techniques and research - - [ ] [Spammer/scammer sites?](https://www.reddit.com/r/blackhat/comments/1i6k17f/spammerscammer_sites/) - - [ ] [Doxxed on instagram by a random need help](https://www.reddit.com/r/blackhat/comments/1i672l2/doxxed_on_instagram_by_a_random_need_help/) -- ICT Security Magazine - - [ ] [Cybersecurity nel Settore Sanitario: Minacce, Vulnerabilità e Strategie di Difesa per il 2025](https://www.ictsecuritymagazine.com/notizie/settore-sanitario-2025/) -- Silent Signal Techblog - - [ ] [Vulnerability Archeology: Stealing Passwords with IBM i Access Client Solutions](https://blog.silentsignal.eu/2025/01/21/ibm-acs-password-dump/) -- 表图 - - [ ] [网络安全行业的价格战有那么惨烈吗?](https://mp.weixin.qq.com/s?__biz=MzUzOTI4NDQ3NA==&mid=2247484721&idx=1&sn=5e8ea98c7bfa102e656bff0ae06e3a29&chksm=facb83a4cdbc0ab2440ee60f86552a8dac017e794d8629ba15261aad3175e13285e2b12beaae&scene=58&subscene=0#rd) -- netsecstudents: Subreddit for students studying Network Security and its related subjects - - [ ] [Why would a website change the upload destination via an X-Forwarded-Host header and how can I exploit it?](https://www.reddit.com/r/netsecstudents/comments/1i6q0ib/why_would_a_website_change_the_upload_destination/) -- Social Engineering - - [ ] [When making a request from someone , how do you explain it in a way that'd be agreeable?](https://www.reddit.com/r/SocialEngineering/comments/1i6gkun/when_making_a_request_from_someone_how_do_you/) + - [ ] [I made a hack for AssaultCube with a menu](https://www.reddit.com/r/HowToHack/comments/1i7mzwg/i_made_a_hack_for_assaultcube_with_a_menu/) + - [ ] [using monitor and managed mode at the same time? (debian trixie, mt7921)](https://www.reddit.com/r/HowToHack/comments/1i7pe1p/using_monitor_and_managed_mode_at_the_same_time/) + - [ ] [Where do you find enjoyment/interest from hacking/cyber sec](https://www.reddit.com/r/HowToHack/comments/1i7fb4c/where_do_you_find_enjoymentinterest_from/) + - [ ] [need help making bad usb](https://www.reddit.com/r/HowToHack/comments/1i7klmu/need_help_making_bad_usb/) + - [ ] [How to solve hcaptcha with solved Token?](https://www.reddit.com/r/HowToHack/comments/1i7h1d0/how_to_solve_hcaptcha_with_solved_token/) + - [ ] [Directional help](https://www.reddit.com/r/HowToHack/comments/1i7esex/directional_help/) + - [ ] [what is the difference between opening a new terminal and using tmux to start a new session?](https://www.reddit.com/r/HowToHack/comments/1i776tk/what_is_the_difference_between_opening_a_new/) + - [ ] [fake email date](https://www.reddit.com/r/HowToHack/comments/1i79d59/fake_email_date/) + - [ ] [Retrieving my website](https://www.reddit.com/r/HowToHack/comments/1i7edfe/retrieving_my_website/) + - [ ] [HELP???](https://www.reddit.com/r/HowToHack/comments/1i7fced/help/) + - [ ] [Notebook capable of brute-forcing 8-10 digit passwords (hashing algorithm doesn’t matter)](https://www.reddit.com/r/HowToHack/comments/1i798i0/notebook_capable_of_bruteforcing_810_digit/) + - [ ] [i need strategies on how to hack something specific. please message me if you want to or can help](https://www.reddit.com/r/HowToHack/comments/1i76fcl/i_need_strategies_on_how_to_hack_something/) + - [ ] [Impossible Bully](https://www.reddit.com/r/HowToHack/comments/1i75rsq/impossible_bully/) - Hacking Exposed Computer Forensics Blog - - [ ] [Daily Blog #724: Project Adaz testing part 2](https://www.hecfblog.com/2025/01/daily-blog-724-project-adaz-testing.html) -- SANS Internet Storm Center, InfoCON: green - - [ ] [Geolocation and Starlink, (Tue, Jan 21st)](https://isc.sans.edu/diary/rss/31612) - - [ ] [ISC Stormcast For Tuesday, January 21st, 2025 https://isc.sans.edu/podcastdetail/9288, (Tue, Jan 21st)](https://isc.sans.edu/diary/rss/31610) + - [ ] [Daily Blog #725: Project adaz testing part 3](https://www.hecfblog.com/2025/01/daily-blog-725-project-adaz-testing.html) +- The Hacker News + - [ ] [Trump Terminates DHS Advisory Committee Memberships, Disrupting Cybersecurity Review](https://thehackernews.com/2025/01/trump-terminates-dhs-advisory-committee.html) + - [ ] [Hackers Exploit Zero-Day in cnPilot Routers to Deploy AIRASHI DDoS Botnet](https://thehackernews.com/2025/01/hackers-exploit-zero-day-in-cnpilot.html) + - [ ] [Discover Hidden Browsing Threats: Free Risk Assessment for GenAI, Identity, Web, and SaaS Risks](https://thehackernews.com/2025/01/discover-hidden-browsing-threats-free.html) + - [ ] [President Trump Pardons Silk Road Creator Ross Ulbricht After 11 Years in Prison](https://thehackernews.com/2025/01/president-trump-pardons-silk-road.html) + - [ ] [PlushDaemon APT Targets South Korean VPN Provider in Supply Chain Attack](https://thehackernews.com/2025/01/plushdaemon-apt-targets-south-korean.html) + - [ ] [Oracle Releases January 2025 Patch to Address 318 Flaws Across Major Products](https://thehackernews.com/2025/01/oracle-releases-january-2025-patch-to.html) + - [ ] [Mirai Botnet Launches Record 5.6 Tbps DDoS Attack with 13,000+ IoT Devices](https://thehackernews.com/2025/01/mirai-botnet-launches-record-56-tbps.html) - Technical Information Security Content & Discussion - - [ ] [Reverse Engineering Call Of Duty Anti-Cheat](https://www.reddit.com/r/netsec/comments/1i6fcdq/reverse_engineering_call_of_duty_anticheat/) - - [ ] [NaN Of Your Business - My Favorite Unintended CTF Solution](https://www.reddit.com/r/netsec/comments/1i6kx5w/nan_of_your_business_my_favorite_unintended_ctf/) - - [ ] [Vulnerability Archeology: Stealing Passwords with IBM i Access Client Solutions](https://www.reddit.com/r/netsec/comments/1i6h9bg/vulnerability_archeology_stealing_passwords_with/) + - [ ] [Attacks on Maven proxy repositories](https://www.reddit.com/r/netsec/comments/1i7hf2w/attacks_on_maven_proxy_repositories/) + - [ ] [Stealing HttpOnly cookies with the cookie sandwich technique](https://www.reddit.com/r/netsec/comments/1i7i6k7/stealing_httponly_cookies_with_the_cookie/) + - [ ] [Pivot into Azure DevOps using stolen sessions](https://www.reddit.com/r/netsec/comments/1i7chgt/pivot_into_azure_devops_using_stolen_sessions/) + - [ ] [Next.js, cache, and chains: the stale elixir](https://www.reddit.com/r/netsec/comments/1i779q3/nextjs_cache_and_chains_the_stale_elixir/) + - [ ] [Testing Prompt Injection Attacks with promptmap2](https://www.reddit.com/r/netsec/comments/1i7dcs2/testing_prompt_injection_attacks_with_promptmap2/) - Schneier on Security - - [ ] [AI Mistakes Are Very Different from Human Mistakes](https://www.schneier.com/blog/archives/2025/01/ai-mistakes-are-very-different-from-human-mistakes.html) + - [ ] [AI Will Write Complex Laws](https://www.schneier.com/blog/archives/2025/01/ai-will-write-complex-laws.html) - Computer Forensics - - [ ] [Tell me if I’m wrong, but should data carving be done on the non-mounted block device? If mounted, would the deleted file bytes be invisible since the mounted directory is just a "metaphor" of the OS, obscuring the hidden data?](https://www.reddit.com/r/computerforensics/comments/1i6imoz/tell_me_if_im_wrong_but_should_data_carving_be/) - - [ ] [Will someone explain the difference between Magnet Axiom and Cellebrite?](https://www.reddit.com/r/computerforensics/comments/1i6u4pt/will_someone_explain_the_difference_between/) - - [ ] [Created dates not displaying on X ways.](https://www.reddit.com/r/computerforensics/comments/1i6nbvf/created_dates_not_displaying_on_x_ways/) - - [ ] [Printer dithering machine identification code on monochrome printers](https://www.reddit.com/r/computerforensics/comments/1i65uso/printer_dithering_machine_identification_code_on/) + - [ ] [RSMF samples](https://www.reddit.com/r/computerforensics/comments/1i7iq8q/rsmf_samples/) - TorrentFreak - - [ ] [Reddit and Film Companies Clash in Appeals Court Over Sharing Users’ IP Addresses](https://torrentfreak.com/reddit-and-film-companies-clash-in-appeals-court-over-sharing-users-ip-addresses-250121/) + - [ ] [Tech Industry Urges EU to Halt Italy’s Overreaching Anti-Piracy Measures](https://torrentfreak.com/tech-industry-urges-eu-to-halt-italys-overreaching-anti-piracy-measures-250122/) + - [ ] [Telegram ‘Suspends RuTracker’s Channel’ For Copyright Infringement](https://torrentfreak.com/telegram-suspends-rutrackers-channel-for-copyright-infringement-250122/) +- Information Security + - [ ] [How to make your own choatic Map function?](https://www.reddit.com/r/Information_Security/comments/1i7lq5h/how_to_make_your_own_choatic_map_function/) +- Deeplinks + - [ ] [Texas Is Enforcing Its State Data Privacy Law. So Should Other States.](https://www.eff.org/deeplinks/2025/01/texas-enforcing-its-state-data-privacy-law-so-should-other-states) + - [ ] [The FTC’s Ban on GM and OnStar Selling Driver Data Is a Good First Step](https://www.eff.org/deeplinks/2025/01/ftcs-ban-gm-and-onstar-selling-driver-behavior-good-first-step) + - [ ] [VICTORY! Federal Court (Finally) Rules Backdoor Searches of 702 Data Unconstitutional](https://www.eff.org/deeplinks/2025/01/victory-federal-court-finally-rules-backdoor-searches-702-data-unconstitutional) + - [ ] [Protecting “Free Speech” Can’t Just Be About Targeting Political Opponents](https://www.eff.org/deeplinks/2025/01/protecting-free-speech-cant-just-be-about-targeting-political-opponents) - 网安寻路人 - - [ ] [美商务部AI模型出口管制新规(全文翻译)](https://mp.weixin.qq.com/s?__biz=MzIxODM0NDU4MQ==&mid=2247505939&idx=1&sn=763b43e9649792ff40f1de91e21dab79&chksm=97e965f9a09eeceffb179a7618e568952a1500feb5177140bd912f2bd8ec719211607d2ba064&scene=58&subscene=0#rd) + - [ ] [美商务部《保障ICT供应链:联网汽车》规则(全文翻译)](https://mp.weixin.qq.com/s?__biz=MzIxODM0NDU4MQ==&mid=2247506068&idx=1&sn=c5502bc907a76a432d06dd4e9098d0ad&chksm=97e9657ea09eec68b79604df8d37e514ee417e337a622644f90cec47ae5279e4ff5696c56c0d&scene=58&subscene=0#rd) - Security Weekly Podcast Network (Audio) - - [ ] [Smishing, Microsoft, Star Blizzard, Sneaky Log, VMARE, Josh Marpet, and more... - SWN #444](http://sites.libsyn.com/18678/smishing-microsoft-star-blizzard-sneaky-log-vmare-josh-marpet-and-more-swn-444) - - [ ] [Appsec Predictions for 2025 - Cody Scott - ASW #314](http://sites.libsyn.com/18678/appsec-predictions-for-2025-cody-scott-asw-314) + - [ ] [The Future Of The CISO - Jeff Pollard, Jess Burn - BSW #379](http://sites.libsyn.com/18678/the-future-of-the-ciso-jeff-pollard-jess-burn-bsw-379) From 65c93c31258fa2fc9af412708ad69a9873415656 Mon Sep 17 00:00:00 2001 From: chainreactorbot Date: Sat, 25 Jan 2025 02:41:40 +0000 Subject: [PATCH 18/29] =?UTF-8?q?=E6=AF=8F=E6=97=A5=E5=AE=89=E5=85=A8?= =?UTF-8?q?=E8=B5=84=E8=AE=AF=EF=BC=882025-01-25=EF=BC=89?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- archive/daily/2025/2025-01-25.md | 431 +++++++++++++++ archive/tmp/2025-01-25.json | 511 ++++++++++++++++++ today.md | 872 ++++++++++++++----------------- 3 files changed, 1343 insertions(+), 471 deletions(-) create mode 100644 archive/daily/2025/2025-01-25.md create mode 100644 archive/tmp/2025-01-25.json diff --git a/archive/daily/2025/2025-01-25.md b/archive/daily/2025/2025-01-25.md new file mode 100644 index 0000000000..87b53da634 --- /dev/null +++ b/archive/daily/2025/2025-01-25.md @@ -0,0 +1,431 @@ +# 每日安全资讯(2025-01-25) + +- SecWiki News + - [ ] [SecWiki News 2025-01-24 Review](http://www.sec-wiki.com/?2025-01-24) +- paper - Last paper + - [ ] [基于人工智能/机器学习的 IPv6 网络中隐秘通信的检测与分类](https://paper.seebug.org/3271/) +- Armin Ronacher's Thoughts and Writings + - [ ] [Build It Yourself](http://lucumr.pocoo.org/2025/1/24/build-it-yourself) +- 奇安信攻防社区 + - [ ] [借壳上线之Patch PE文件](https://forum.butian.net/share/4085) + - [ ] [间接提示注入攻击全面测评](https://forum.butian.net/share/4074) +- 安全客-有思想的安全新媒体 + - [ ] [年度盘点:AI+安全双重赋能,360解锁企业浏览器新动力](https://www.anquanke.com/post/id/303791) + - [ ] [IntelBroker 的数字足迹: OSINT 分析揭露网络犯罪分子的行动](https://www.anquanke.com/post/id/303788) + - [ ] [7-Zip 修复了可绕过 Windows MoTW 安全警告的错误,立即修补](https://www.anquanke.com/post/id/303776) + - [ ] [Microsoft 在 Edge Stable 中预览 Game Assist 游戏内浏览器](https://www.anquanke.com/post/id/303773) + - [ ] [ModiLoader 恶意软件利用 CAB 标头批处理文件逃避检测](https://www.anquanke.com/post/id/303770) + - [ ] [Meta 的广告系统被俄罗斯宣传网络利用](https://www.anquanke.com/post/id/303767) + - [ ] [13,000 台 MikroTik 路由器被僵尸网络劫持,用于发送垃圾邮件和网络攻击](https://www.anquanke.com/post/id/303785) + - [ ] [DLL 副加载和代理: 向德国目标发送 Sliver 植入程序的新活动](https://www.anquanke.com/post/id/303764) + - [ ] [Consilio Guided AI PrivDetect 缩短了权限审查时间](https://www.anquanke.com/post/id/303782) + - [ ] [勒索软件团伙在 Microsoft Teams 网络钓鱼攻击中冒充 IT 支持](https://www.anquanke.com/post/id/303779) +- Tenable Blog + - [ ] [Cybersecurity Snapshot: WEF Offers AI Security Best Practices, as DORA Regulation Places Strict Cyber Rules on Banks](https://www.tenable.com/blog/ai-security-best-practices-01-24-2025) +- Private Feed for M09Ic + - [ ] [safedv starred sadreck/Codecepticon](https://github.com/sadreck/Codecepticon) + - [ ] [timwhitez starred decoder-it/ChgPass](https://github.com/decoder-it/ChgPass) + - [ ] [evilashz starred decoder-it/ChgPass](https://github.com/decoder-it/ChgPass) + - [ ] [niudaii starred 0x727/ChkApi_0x727](https://github.com/0x727/ChkApi_0x727) + - [ ] [gh0stkey starred seaung/pocsuite-rs](https://github.com/seaung/pocsuite-rs) + - [ ] [nightRainy starred ynwarcs/CVE-2025-21298](https://github.com/ynwarcs/CVE-2025-21298) + - [ ] [0xbug starred google/osv-scanner](https://github.com/google/osv-scanner) + - [ ] [yqcs forked yqcs/bolt.diy from stackblitz-labs/bolt.diy](https://github.com/yqcs/bolt.diy) + - [ ] [niudaii starred leveryd/x-waf](https://github.com/leveryd/x-waf) + - [ ] [spf13 starred theJayTea/WritingTools](https://github.com/theJayTea/WritingTools) +- Doonsec's feed + - [ ] [秦安:拜登走了,完败于芯片,留下两场战争,还有耻辱与灾难](https://mp.weixin.qq.com/s?__biz=MzA5MDg1MDUyMA==&mid=2650476311&idx=1&sn=119884be68a469d54443b401908afe95) + - [ ] [秦安:大消息!人民银行与证监会,座谈“3000+5000”亿资金入市](https://mp.weixin.qq.com/s?__biz=MzA5MDg1MDUyMA==&mid=2650476311&idx=2&sn=be8a2ff973ede5b074e70dc11899c350) + - [ ] [上新日 | 口碑佳作上架!沉浸式翻译:双语对照网页翻译插件](https://mp.weixin.qq.com/s?__biz=MzI2MjcwMTgwOQ==&mid=2247492181&idx=1&sn=dc5a84bd0c1009bdda94f07507392b36) + - [ ] [红队视角:揭秘内网提权的技术迷宫](https://mp.weixin.qq.com/s?__biz=MzkzNzg3NzQxMQ==&mid=2247485714&idx=1&sn=6a7ab0722e0c0f69ce8906539f544066) + - [ ] [pikachu - Cross-Site Scripting(XSS)](https://mp.weixin.qq.com/s?__biz=Mzk1NzI2NDQyMw==&mid=2247484517&idx=1&sn=240276352d671fc67e03d7ccdecf2862) + - [ ] [7-Zip高危漏洞曝光](https://mp.weixin.qq.com/s?__biz=MzU2MTc4NTEyNw==&mid=2247486441&idx=1&sn=4531aade32e795be54933b9d3a690c03) + - [ ] [『漏洞复现』XXL-JOB 默认 accessToken 身份绕过 RCE 漏洞分析及复现](https://mp.weixin.qq.com/s?__biz=Mzg3OTUxNTU2NQ==&mid=2247490019&idx=1&sn=8b0ca8a5667607692018751b2e0db53a) + - [ ] [图形化-Windiows日志分析工具](https://mp.weixin.qq.com/s?__biz=Mzg3OTUxNTU2NQ==&mid=2247490019&idx=2&sn=f204d355574f503af0ff0d6b11878996) + - [ ] [技战法:巧用黑客攻击手法,被动积累技能](https://mp.weixin.qq.com/s?__biz=Mzg3OTUxNTU2NQ==&mid=2247490019&idx=3&sn=d1ade97995d489eec4760ec06058a2e0) + - [ ] [文科应届生转行计算机的一年](https://mp.weixin.qq.com/s?__biz=Mzg4NTg0MjMzNQ==&mid=2247484202&idx=1&sn=91076a3a9a8de9de842344942c19a373) + - [ ] [黑客攻防演练!!揭秘Sync Breeze缓冲溢出漏洞利用全过程!?](https://mp.weixin.qq.com/s?__biz=Mzk2NDE3NDUwNg==&mid=2247483890&idx=1&sn=00d4c726f5ef79a6a64b08e5c3bf5cca) + - [ ] [一文看懂川普最新政策动向](https://mp.weixin.qq.com/s?__biz=MzkxMTA3MDk3NA==&mid=2247487089&idx=1&sn=f20b24974cce9ecc0b92a98268385c76) + - [ ] [专题·人工智能安全治理 | 关于《人工智能安全治理框架》的解读与思考](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485456&idx=1&sn=f12cda55ab644a5227ada312bb79a62f) + - [ ] [【干货原创】实网攻防演习常态化,会带来什么变化01](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485456&idx=4&sn=9936a954d36b83982d8a01b800f5a884) + - [ ] [【干货原创】K12教育,鲜为人知的模式秘密](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485456&idx=5&sn=101312cecc9a495c7856503d86123187) + - [ ] [原创文章目录](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485456&idx=6&sn=416cca1469398aca13072a80a0f5c129) + - [ ] [缓冲区溢出学习及漏洞复现](https://mp.weixin.qq.com/s?__biz=Mzk1NzQwNjQ4Ng==&mid=2247484665&idx=1&sn=55ab331218ce3316953848bc8a134e19) + - [ ] [对抗小技巧:利用阿里云OSS做域前置](https://mp.weixin.qq.com/s?__biz=MzAxNzkyOTgxMw==&mid=2247493833&idx=1&sn=23a0220224aafdc3ab796f3cd5d0ff2b) + - [ ] [一岁一逢,年度献礼 · 一图看懂2024年全球DDoS攻击态势](https://mp.weixin.qq.com/s?__biz=MzAwODU5NzYxOA==&mid=2247505829&idx=1&sn=4d7addf765ddfaf78ec11b722e8f815f) + - [ ] [山石入选车联网产品安全漏洞专业库CAVD支撑单位](https://mp.weixin.qq.com/s?__biz=MzUzMDUxNTE1Mw==&mid=2247510279&idx=1&sn=06f1e42da19ca8f8da9668d9ed2ee6e4) + - [ ] [YongYouNcTool-一款高效利用用友NC系列漏洞检测利用工具](https://mp.weixin.qq.com/s?__biz=MzkzNzg4MTI0NQ==&mid=2247485426&idx=1&sn=4b2b9a4778352c4a0791090d92cff7cc) + - [ ] [春节 | 蛇年大吉,中泊研为您安全护航!](https://mp.weixin.qq.com/s?__biz=Mzg2NDc0MjUxMw==&mid=2247486072&idx=1&sn=2e79f7cd0c0fbc06d900089a529b1663) + - [ ] [通用漏洞挖掘技巧](https://mp.weixin.qq.com/s?__biz=MzIzMTIzNTM0MA==&mid=2247496940&idx=1&sn=a33f04e5fdb7818531eeda42ebf4b6e7) + - [ ] [知名企业遭「偷家」,攻击面管理势在必行](https://mp.weixin.qq.com/s?__biz=Mzg2NTk3NjczNQ==&mid=2247485619&idx=1&sn=378c053caf062e36f6d9c093a1e574dc) + - [ ] [黑客、“内鬼”……2024年近千人涉侵害企业数据安全犯罪被检察机关起诉!](https://mp.weixin.qq.com/s?__biz=MzU2MTQwMzMxNA==&mid=2247541454&idx=1&sn=41f75791ee9265270755e2cede71b671) + - [ ] [共研发展路径,平行切面联盟第一届理事会第三次会议召开](https://mp.weixin.qq.com/s?__biz=MzU5ODgzNTExOQ==&mid=2247635673&idx=1&sn=62b8bf30eb4df9ed99e5952408daf3c7) + - [ ] [诸子云|甲方 :DLP遇到大模型软件,如何看待美国司法部发布的行政命令?](https://mp.weixin.qq.com/s?__biz=MzU5ODgzNTExOQ==&mid=2247635673&idx=2&sn=8efa180e659fee80150075eca38e5f0e) + - [ ] [【智库报告】生物力量:确保美国在生物技术领域的领导地位](https://mp.weixin.qq.com/s?__biz=MzI2MTE0NTE3Mw==&mid=2651148676&idx=1&sn=1f06118ca29bead7275e53e21449c3d5) + - [ ] [默安科技2024:既然选择远方 就会风雨兼程(文末赠好礼)](https://mp.weixin.qq.com/s?__biz=MzIzODQxMjM2NQ==&mid=2247500311&idx=1&sn=71f5bc1eb780b0762b766affc6bd68f6) + - [ ] [一款专为红队恶意软件开发而设计的自动化分析沙箱](https://mp.weixin.qq.com/s?__biz=MzA4ODEyODA3MQ==&mid=2247490149&idx=1&sn=70a813d7a8848bc8648dd1aac1f118eb) + - [ ] [LLM的“万能钥匙”](https://mp.weixin.qq.com/s?__biz=MzkzNjczNzEyMw==&mid=2247484110&idx=1&sn=c5759fe1f71dfc0f9ee76811361e1366) + - [ ] [专题·人工智能安全治理 | 《人工智能安全治理框架》为人工智能安全发展提供重要指引](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235681&idx=1&sn=530f8234ebb092aa1a91e0c76012ae79) + - [ ] [发布 | 国家数据局就《数据领域常用名词解释(第二批)》公开征求意见(附全文)](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235681&idx=2&sn=bf11efc7a9b860fb9b20b141baa90341) + - [ ] [专家解读 | 构建高素质人才队伍,助力数据标注产业发展](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235681&idx=3&sn=a3cb25195824a0af1ff71d0489c3fffc) + - [ ] [关注 | 检察机关依法惩治侵害企业数据安全犯罪 服务保障企业创新发展](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235681&idx=4&sn=42732fbe26b1fac5bc322a9e33b0b28a) + - [ ] [解读 | 市场监管总局发布《网络交易执法协查暂行办法》 建立健全网络交易执法协查机制提升监管效能](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235681&idx=5&sn=5c63e275dc2b4b4f5dc92f28bbbf9bd5) + - [ ] [发布 | 中国信通院联合发布《数据治理研究报告(2024年)》(附下载)](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235681&idx=6&sn=acbcf59882875e4e743a79a6a0213aff) + - [ ] [国际 | 域外个人生物识别信息保护模式考察](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235681&idx=7&sn=a87473518e84e1b51f4fbc4906a29861) + - [ ] [评论 | 让网络交易执法协作更规范有序](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235681&idx=8&sn=2f11ec80a6ee5f872457f929a062a55f) + - [ ] [【2025-01-24】黑客新闻摘要](https://mp.weixin.qq.com/s?__biz=MzIzNDU5NTI4OQ==&mid=2247488355&idx=1&sn=ab928aff89673696e834f4dc18b7de2c) + - [ ] [深度解读:特朗普新签数十项行政命令 将产生哪些影响?](https://mp.weixin.qq.com/s?__biz=Mzg3MDczNjcyNA==&mid=2247488936&idx=1&sn=4d76e5c799b12293df6e886eeba72957) + - [ ] [3.6万亿!特朗普搞史上投资规模最大AI投资 剑指中国](https://mp.weixin.qq.com/s?__biz=Mzg3MDczNjcyNA==&mid=2247488936&idx=2&sn=266b328c867d28358b3ad08d0c0db044) + - [ ] [phpMyAdmin 触发 XSS 攻击的安全漏洞](https://mp.weixin.qq.com/s?__biz=MzI0NzE4ODk1Mw==&mid=2652094694&idx=1&sn=4585dbd6a2385bcc0d9f83cd29f7b622) + - [ ] [勒索病毒攻击 VMware ESXi 主机](https://mp.weixin.qq.com/s?__biz=MzI0NzE4ODk1Mw==&mid=2652094694&idx=2&sn=7325225efeb09b588a9ccc838efc3329) + - [ ] [金蛇献瑞|筑梦前行|思维世纪2024年度总结及表彰大会圆满完成!](https://mp.weixin.qq.com/s?__biz=MjM5ODE4OTYzNw==&mid=2649563787&idx=1&sn=b7874fb0a3bb408ce2437d83d89462bb) + - [ ] [加速安全设计——是时候采用TARA自动化技术来提高车辆安全性了吗?](https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247620079&idx=1&sn=23481c676669368be35dd7a2cddd9eac) + - [ ] [网络安全最佳实践 - 从 TARA 到 PenTest](https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247620079&idx=2&sn=8a4462a7c4c53f946c5e01065135e83a) + - [ ] [预防网络灾难 - 通过 TARA 分析进行深度防御](https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247620079&idx=3&sn=928dd30666e4f0e3e22e6ce103de6c61) + - [ ] [红包封面第三弹!](https://mp.weixin.qq.com/s?__biz=MzUzMDQ1MTY0MQ==&mid=2247506601&idx=1&sn=70f914bcbbb9efc2fb037f6002cd45f6) + - [ ] [《Java代码审计零基础入门到项目实战》2025第一期招生,五十多节课才五百多,手慢无。](https://mp.weixin.qq.com/s?__biz=MzkxNTU5NTI1Ng==&mid=2247487239&idx=1&sn=0202581931c1f46340bdf6f1001bda20) + - [ ] [行业第二!实力藏不住了!](https://mp.weixin.qq.com/s?__biz=MzkxNDY0MjMxNQ==&mid=2247532859&idx=1&sn=da3d0fe94b70093b8c0cbb414e8683e5) + - [ ] [聊热点|IDC: 2025年中国安全和信任市场十大预测、新型僵尸网络正对路由器、摄像头等设备发起大规模DDoS攻击……](https://mp.weixin.qq.com/s?__biz=MzkxNDY0MjMxNQ==&mid=2247532859&idx=2&sn=7af5ed5ca486c7d1ae633fed818088eb) + - [ ] [带你解锁编码新世界!--随波逐流CTF编码工具使用教程41 --DNA密码](https://mp.weixin.qq.com/s?__biz=MzU2NzIzNzU4Mg==&mid=2247489588&idx=1&sn=f7fc3df0757ab001f3b1c34b240fd68e) + - [ ] [学习代码审计除了大量练习,更多的还是代码审计思路,给大家分享分享。](https://mp.weixin.qq.com/s?__biz=Mzg3MDU1MjgwNA==&mid=2247487185&idx=1&sn=d6a035212abd74719d8d7ce79c254117) + - [ ] [【安全圈】斯巴鲁汽车漏洞让黑客利用 Starlink 远程控制数百万辆汽车](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067590&idx=1&sn=32ea96086da2a1f7d7b7c25530ca8d55) + - [ ] [【安全圈】GhostGPT – 黑客用来生成恶意软件和漏洞的新型 AI 黑帽工具](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067590&idx=2&sn=0963e1001cd7415a1987cb9c33807d8c) + - [ ] [【安全圈】思科曝9.9分关键权限提升漏洞](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067590&idx=3&sn=7379d9127186d37af92f08f7a9ced06e) + - [ ] [【安全圈】Chrome用户面临供应链攻击威胁,数百万人或受影响](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067590&idx=4&sn=ab568c073e0bfe554ca07ca03503f2da) + - [ ] [Oracle 2025年1月补丁日多产品高危漏洞安全风险通告](https://mp.weixin.qq.com/s?__biz=MzI2NTg4OTc5Nw==&mid=2247522169&idx=1&sn=fce75986029eae4069d3b0638d1202bd) + - [ ] [守护资产,防范风险 | 2025年Web3.0资产安全指南](https://mp.weixin.qq.com/s?__biz=MzU5OTg4MTIxMw==&mid=2247503926&idx=1&sn=d0bc90fe7f2f544c087615796f4035c5) + - [ ] [企业动态 | 恒安嘉新入选2024全球计算产业案例汇编](https://mp.weixin.qq.com/s?__biz=MzIwMTUzNDY0NA==&mid=2649119281&idx=1&sn=12e90ca98164afb60a7bdf8a6b918bc4) + - [ ] [安全报告 | 2024年12月恒安嘉新网络信息安全综合态势报告](https://mp.weixin.qq.com/s?__biz=MzIwMTUzNDY0NA==&mid=2649119281&idx=2&sn=822885323d0af590dcccbb115350825b) + - [ ] [KwaiCoder-23B-A4B-v1:以 1/30 的成本训练全尺寸 SOTA 代码续写大模型](https://mp.weixin.qq.com/s?__biz=Mzg2NzU4MDM0MQ==&mid=2247495958&idx=1&sn=3383a72355bdb4c1d1bc79d83c1a8569) + - [ ] [斯巴鲁曝关键漏洞,凭车牌号可远程入侵汽车](https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651312790&idx=1&sn=f164fbd58d9d173bbc7eae3626f9ab40) + - [ ] [美国政府公布攻击Ivanti云服务设备的技术细节](https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651312790&idx=2&sn=b9aa66d005e4e639e712a5efed74fa6c) + - [ ] [美国前中央情报局分析师承认泄露国防信息](https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651312790&idx=3&sn=83ffd20b9fd4d5d2da935ff3246e1ce6) + - [ ] [MemProcFS-Analyzer:用于DFIR的Windows内存转储自动取证分析工具](https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651312790&idx=4&sn=d1ca26975b2bf3760969a9ce23192b28) + - [ ] [解读丨《国家数据基础设施建设指引》主要内容+图解,附下载](https://mp.weixin.qq.com/s?__biz=MzI2MDk2NDA0OA==&mid=2247531208&idx=1&sn=fdf554db70e62d70c1452efb1191e994) + - [ ] [干货 | 山信软件吕洪波:工业控制系统安全事件检测与处置(附视频+PPT)](https://mp.weixin.qq.com/s?__biz=MzI2MDk2NDA0OA==&mid=2247531208&idx=2&sn=d6cdc5a8d9df1a49d25016840187a4f1) + - [ ] [24年总结](https://mp.weixin.qq.com/s?__biz=MzIyOTY1NDE5Mg==&mid=2247485100&idx=1&sn=0d1663a53843d7a2bd0c5504c41d1514) + - [ ] [2025 蛇年迎新,盘古石取证暖心献礼:红包封面大放送,更多好礼等您来!](https://mp.weixin.qq.com/s?__biz=MzI2MDA0MTYyMQ==&mid=2654404359&idx=1&sn=cb7965528fedcff57cca3c5cf9847be5) + - [ ] [春节将至,盛邦安全放假安排新鲜出炉!](https://mp.weixin.qq.com/s?__biz=MzAwNTAxMjUwNw==&mid=2650277587&idx=1&sn=28ae9f7e85590a579913877d8effc2a0) + - [ ] [大模型系列之LLaMA Factory微调学习](https://mp.weixin.qq.com/s?__biz=Mzg2MTc1NDAxMA==&mid=2247484342&idx=1&sn=58be391a85f1cab4cdd6b7b0b41b1300) + - [ ] [产品上新!捷普数据库防火墙正式发布!](https://mp.weixin.qq.com/s?__biz=MzI2MzU0NTk3OA==&mid=2247505825&idx=1&sn=6fc746a14da1dd33cecd278754c09e13) + - [ ] [【漏洞预警】Elastic Fleet Server信息泄露漏洞](https://mp.weixin.qq.com/s?__biz=MzI3NzMzNzE5Ng==&mid=2247489518&idx=1&sn=4af05b6c62e451e4665c358a9b06bb24) + - [ ] [烽火狼烟丨暗网数据及攻击威胁情报分析周报(01/20-01/24)](https://mp.weixin.qq.com/s?__biz=Mzk0NjMxNTgyOQ==&mid=2247484528&idx=1&sn=8663e8fd828e564560e8f8ef9b20fe32) + - [ ] [Pwn2Own Automotive 2025结果汇总](https://mp.weixin.qq.com/s?__biz=Mzk0MzQzNzMxOA==&mid=2247487726&idx=1&sn=f8bb5a54e33ff80c2cb8894433b7f41d) + - [ ] [【再发一遍】新春抽奖开启!与奉天安全团队 & 禾信智安共迎新年好运!](https://mp.weixin.qq.com/s?__biz=Mzk0NjQ2NzQ0Ng==&mid=2247484992&idx=1&sn=32c786903ab1ff5e499415b69a5dfc4b) + - [ ] [新春抽奖开启!与奉天安全团队 & 禾信智安共迎新年好运!](https://mp.weixin.qq.com/s?__biz=Mzk0NjQ2NzQ0Ng==&mid=2247484992&idx=2&sn=0114b9f967a3e89fd0ec5627b0be8224) + - [ ] [Jeddak星火计划-开启申报](https://mp.weixin.qq.com/s?__biz=MzI1MzYzMjE0MQ==&mid=2247512933&idx=1&sn=b2602ab68be9a48e636dfae7229f3144) + - [ ] [DSRC 祝大家新年快乐(内含红包封面)](https://mp.weixin.qq.com/s?__biz=MzA3Mzk1MDk1NA==&mid=2651908507&idx=1&sn=090d7d7a925c36caa9bed1158c3df7ce) + - [ ] [备考CISSP丨选择官方培训,查看官方培训课程计划](https://mp.weixin.qq.com/s?__biz=MzUzNTg4NDAyMg==&mid=2247492332&idx=1&sn=369749a7e2782981229c81e46366fbd2) + - [ ] [每周蓝军技术推送(2025.1.18-1.24)](https://mp.weixin.qq.com/s?__biz=MzkyMTI0NjA3OA==&mid=2247494044&idx=1&sn=356681967a014551977e5051389b8f15) + - [ ] [2025网安行业优质播客精选集⑥](https://mp.weixin.qq.com/s?__biz=Mzg2MTAwNzg1Ng==&mid=2247495515&idx=1&sn=2374d21d0f637deaaed6d28977cffa5d) + - [ ] [【极思】安全运营第6年实践总结](https://mp.weixin.qq.com/s?__biz=Mzg2MTAwNzg1Ng==&mid=2247495515&idx=2&sn=32937e97ab2cae2201c2be8c08ed014e) + - [ ] [中小企业及创业公司信息安全建设指南](https://mp.weixin.qq.com/s?__biz=Mzg2MTAwNzg1Ng==&mid=2247495515&idx=3&sn=4f64dbbd5c03c54883719d8d12c61b01) + - [ ] [@网安人,你的2024年度关键词已生成(文末有福利)!](https://mp.weixin.qq.com/s?__biz=Mzg2MTAwNzg1Ng==&mid=2247495515&idx=4&sn=3e056e3e5b0b767c9ab1f787add702a0) + - [ ] [网络安全罗盘2024-2025年度“最佳参与奖”揭晓](https://mp.weixin.qq.com/s?__biz=Mzg3OTg0OTAyOQ==&mid=2247486239&idx=1&sn=3d38cca0595dfc84ca2357ef5a25eb0f) + - [ ] [限量赠送【10个前沿阵地🐍年红包封面】,恭祝大家新年快乐,财源广进。\\n\\n\\nhttps://support.weixin.qq.com/cgi-bin/mmsupport-bin/showredpacket?receiveuri=NU_pFu5bBp1TSI&check_type=2#wechat_redirect](https://mp.weixin.qq.com/s?__biz=MzA3MTM0NTQzNA==&mid=2455780136&idx=1&sn=06e52c12c5a8cfa7f7a57f51e487a05c) + - [ ] [蛇舞新春,安全不打烊!云弈科技放假通知和值班安排](https://mp.weixin.qq.com/s?__biz=MzU2ODY0ODk2Nw==&mid=2247491055&idx=1&sn=420f20f35fa82fd4ec1b7426d38cd1db) + - [ ] [边界无限春节护航,安全不打烊~](https://mp.weixin.qq.com/s?__biz=MzAwNzk0NTkxNw==&mid=2247487095&idx=1&sn=472bbc069d672b5973d5ea86c3073a43) + - [ ] [大众DP BR X8跳转清理 & a5分析](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458589258&idx=1&sn=c1333a825d642b84f6494440d9d8f10c) + - [ ] [职位更新!好工作不等人](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458589258&idx=2&sn=0f3ea01777f154e98bec7ccb0214b51c) + - [ ] [特斯拉汽车被“重点关注”,Pwn2Own Automotive 2024首日曝出24个零日漏洞](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458589258&idx=3&sn=1ee9c0b4428aba7d94dead806b1d1cb1) + - [ ] [学它!Browser Pwn Chrome V8篇](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458589258&idx=4&sn=f3db39003003caac0baa29b1e79f959e) + - [ ] [安全守护,时刻在线丨永信至诚春节放假通知](https://mp.weixin.qq.com/s?__biz=MzAwNDUyMjk4MQ==&mid=2454829223&idx=1&sn=f73e544d3d20c83118c0a09feb410ac7) + - [ ] [扫码下载 | 信息技术 安全技术 事件调查原则和过程](https://mp.weixin.qq.com/s?__biz=MjM5OTk4MDE2MA==&mid=2655264431&idx=1&sn=ed7164fc360d5a060ae12fc8ba35599d) + - [ ] [第一波稳定测试结束|等待第二波](https://mp.weixin.qq.com/s?__biz=MzU5Njg5NzUzMw==&mid=2247490441&idx=1&sn=052ce0c328717954294bdc219233c174) + - [ ] [网安周讯 | 抓捕7万人解救160余人,中国与多国联合打击电诈犯罪(一月第4期)](https://mp.weixin.qq.com/s?__biz=Mzg4MjQ4MjM4OA==&mid=2247523793&idx=1&sn=64147631f2e1dab957579c0acf00e360) + - [ ] [回眸蓄力 逐新前行 | 丈八网安2024年度大事件盘点](https://mp.weixin.qq.com/s?__biz=MzkwNzI1NDk0MQ==&mid=2247492728&idx=1&sn=98ed0b98c1cd60e7c58b5bfc4265a8e7) + - [ ] [梆叔说安全第三季Vol.8 | 梆梆安全2024年度回顾](https://mp.weixin.qq.com/s?__biz=MjM5NzE0NTIxMg==&mid=2651135241&idx=1&sn=afac26f6bfea1d968585123f9aa6e883) + - [ ] [安全过春节 服务不打烊](https://mp.weixin.qq.com/s?__biz=MjM5NzE0NTIxMg==&mid=2651135241&idx=2&sn=2c39dd7159814b2ab9c889bc2a73ee7c) + - [ ] [致谢之声|观安信息收到国家工业信息安全发展研究中心感谢信](https://mp.weixin.qq.com/s?__biz=MzIxNDIzNTcxMg==&mid=2247506747&idx=1&sn=3dad99620fdf85bd42c83b99d2853165) + - [ ] [LinkedIn共享用户数据用于AI训练,面临集体诉讼](https://mp.weixin.qq.com/s?__biz=MzUzODYyMDIzNw==&mid=2247516907&idx=1&sn=32404b5acd0fa1d6c4fd1cef521c1bec) + - [ ] [关于向社会公开征求《数据领域常用名词解释(第二批)》意见的公告](https://mp.weixin.qq.com/s?__biz=MzUzODYyMDIzNw==&mid=2247516907&idx=2&sn=86b6048d34de49f347b9e9df355e1e41) + - [ ] [红队人员必备](https://mp.weixin.qq.com/s?__biz=Mzk1NzIzOTc5MQ==&mid=2247484618&idx=1&sn=028819b6f7389bc9b049f58b64d583b1) + - [ ] [VulnNodeApp:一款包含大量安全漏洞的Node.js安全练习平台](https://mp.weixin.qq.com/s?__biz=MzU2MjY1ODEwMA==&mid=2247492083&idx=1&sn=32de1c271310b330793fd3aa20af2213) + - [ ] [记录一次时序数据库的实战测试](https://mp.weixin.qq.com/s?__biz=MzkxNTIwNTkyNg==&mid=2247553194&idx=1&sn=2e004e579969317d5e92df0ddfcbb172) + - [ ] [【免费领】新手必备!Web安全漏洞实战入门教程](https://mp.weixin.qq.com/s?__biz=MzkxNTIwNTkyNg==&mid=2247553194&idx=2&sn=3f4629f234882e5f46e5adca2331d21e) + - [ ] [冰蝎V4.0流量分析到攻防检测](https://mp.weixin.qq.com/s?__biz=MzkyNTY3Nzc3Mg==&mid=2247489163&idx=1&sn=e175c3041e920dd6f348e5aea1cc803d) + - [ ] [网络安全动态 - 2025.01.24](https://mp.weixin.qq.com/s?__biz=MzU1MzEzMzAxMA==&mid=2247499899&idx=1&sn=9a3d81b57f8642fbbad999c551f7d059) + - [ ] [Oracle发布2025年1月的安全公告](https://mp.weixin.qq.com/s?__biz=MzU3ODM2NTg2Mg==&mid=2247495725&idx=1&sn=dedb6bb0dabaefa9b319ac1b7250d198) + - [ ] [《智能化安全运营中心应用指南(2025年)》报告暨代表性厂商评估调研启动](https://mp.weixin.qq.com/s?__biz=MjM5Njc3NjM4MA==&mid=2651134885&idx=1&sn=1a1ed1ea95fed0e6eb76fe4a39386297) + - [ ] [ChatGPT又全球大面积宕机,AI助手暂时\"失联\";斯巴鲁系统漏洞曝光,数百万车辆面临远程解锁并启动风险 | 牛览](https://mp.weixin.qq.com/s?__biz=MjM5Njc3NjM4MA==&mid=2651134885&idx=2&sn=b2ed8f09df9e5f6c4850178ee4311397) + - [ ] [缓冲区溢出到getshell提权](https://mp.weixin.qq.com/s?__biz=Mzk0Mjg4MTQxMw==&mid=2247485817&idx=1&sn=e70b57b7fc4e92117a0bc5b84f9651a2) + - [ ] [HTTP协议在IP协议之上对吗?](https://mp.weixin.qq.com/s?__biz=MzIxNTM3NDE2Nw==&mid=2247490315&idx=1&sn=8e90a9794db36a878015108ee0efad71) + - [ ] [2025春节不打烊--全天候24小时服务](https://mp.weixin.qq.com/s?__biz=MzUxODY3MDExMA==&mid=2247490097&idx=1&sn=71c606f4b38243b1c7b326afaa7b148e) + - [ ] [Cursor Pro自动化无限续杯方法](https://mp.weixin.qq.com/s?__biz=MzA3MzgwMzYyMA==&mid=2452890271&idx=1&sn=0a39d26afb00141c8df2a46f0ea99376) + - [ ] [轻松使用cloudflare配置域名邮箱](https://mp.weixin.qq.com/s?__biz=MzA3MzgwMzYyMA==&mid=2452890271&idx=2&sn=3274f03a656568f84f84dafb0c6b5699) + - [ ] [18部门印发《困境儿童个人信息保护工作办法》(附全文)](https://mp.weixin.qq.com/s?__biz=MzkwMTMyMDQ3Mw==&mid=2247597597&idx=2&sn=7b0a83cff6feb7012cf96d6ab6beae26) + - [ ] [春节放假通知 | 众安天下:守护网络安全,保障“不打烊”](https://mp.weixin.qq.com/s?__biz=MzIyOTUzODY5Ng==&mid=2247504316&idx=1&sn=d83bd6c7e96fd6c7eafad474e007128d) + - [ ] [国家级创新中心建设经验交流](https://mp.weixin.qq.com/s?__biz=MzAwNTc0ODM3Nw==&mid=2247488623&idx=1&sn=af66ff6a71f033f58448c3683b2f30e5) +- 嘶吼 RoarTalk – 网络安全行业综合服务平台,4hou.com + - [ ] [AI鉴真刻不容缓!别让AI伪造“偷走”我们的善意](https://www.4hou.com/posts/xyzP) + - [ ] [中央发文“推进新型城市基建”,祥云平台助力打造韧性城市](https://www.4hou.com/posts/wxyX) + - [ ] [2024 Q4企业邮箱安全报告揭秘:盗号测试信背后的黑产攻击套路](https://www.4hou.com/posts/rpqL) + - [ ] [新的 UEFI 安全启动漏洞使系统暴露于 bootkit](https://www.4hou.com/posts/7MyB) + - [ ] [针对 Chrome 浏览器扩展程序网络钓鱼活动的新细节被披露](https://www.4hou.com/posts/nlJp) +- Recent Commits to cve:main + - [ ] [Update Fri Jan 24 20:25:39 UTC 2025](https://github.com/trickest/cve/commit/7cc0e3b9bf546832a32096d9ceafcc97c4d93574) + - [ ] [Update Fri Jan 24 12:24:54 UTC 2025](https://github.com/trickest/cve/commit/f8b633c3d8a83678494182ef13bdefe3de45b845) + - [ ] [Update Fri Jan 24 04:11:19 UTC 2025](https://github.com/trickest/cve/commit/2a95822f974d055bd443f22267473caedaf24a5d) +- Sucuri Blog + - [ ] [Malware Redirects WordPress Traffic to Harmful Sites](https://blog.sucuri.net/2025/01/malware-redirects-wordpress-traffic-to-harmful-sites.html) +- CXSECURITY Database RSS Feed - CXSecurity.com + - [ ] [CMS Twig Template Injection RCE via FTP Templates Path](https://cxsecurity.com/issue/WLB-2025010024) +- Trustwave Blog + - [ ] [Ransomware’s Evolution: Key Threat Groups Targeting the Energy and Utilities Sector in 2025](https://www.trustwave.com/en-us/resources/blogs/trustwave-blog/ransomwares-evolution-key-threat-groups-targeting-the-energy-and-utilities-sector-in-2025/) +- Security Boulevard + - [ ] [DEF CON 32 – Anyone Can Hack IoT- Beginner’s Guide To Hacking Your First IoT Device](https://securityboulevard.com/2025/01/def-con-32-anyone-can-hack-iot-beginners-guide-to-hacking-your-first-iot-device/) + - [ ] [Cyber Lingo: What is GRC in cybersecurity?](https://securityboulevard.com/2025/01/cyber-lingo-what-is-grc-in-cybersecurity/) + - [ ] [Randall Munroe’s XKCD ‘Unit Circle’](https://securityboulevard.com/2025/01/randall-munroes-xkcd-unit-circle/) + - [ ] [Continuous Monitoring Guide: FedRAMP Meets Zero Trust](https://securityboulevard.com/2025/01/continuous-monitoring-guide-fedramp-meets-zero-trust/) + - [ ] [How to Choose the Right Cybersecurity Software: A Comprehensive Guide](https://securityboulevard.com/2025/01/how-to-choose-the-right-cybersecurity-software-a-comprehensive-guide/) + - [ ] [How bots and fraudsters exploit video games with credential stuffing](https://securityboulevard.com/2025/01/how-bots-and-fraudsters-exploit-video-games-with-credential-stuffing/) + - [ ] [DEF CON 32 – Building A Secure Resilient Nationwide EV Charging Network](https://securityboulevard.com/2025/01/def-con-32-building-a-secure-resilient-nationwide-ev-charging-network/) + - [ ] [Solving WAFs biggest challenge | Impart Security](https://securityboulevard.com/2025/01/solving-wafs-biggest-challenge-impart-security/) + - [ ] [Unveiling the Dark Web: Myths, Realities, and Risks You Didn’t Know About](https://securityboulevard.com/2025/01/unveiling-the-dark-web-myths-realities-and-risks-you-didnt-know-about/) +- Blogs on STAR Labs + - [ ] [CVE-2024-26230: Windows Telephony Service - It's Got Some Call-ing Issues (Elevation of Privilege)](https://starlabs.sg/blog/2025/cve-2024-26230-windows-telephony-service-its-got-some-call-ing-issues/) +- Twitter @bytehx + - [ ] [Re @roohaa_n @Bugcrowd Because it was on the testing environment.](https://x.com/bytehx343/status/1882793157093679381) + - [ ] [I earned $650 for my submission on @bugcrowd https://bugcrowd.com/bytehx #ItTakesACrowd Bug: Admin Panel Takeover](https://x.com/bytehx343/status/1882791535617650979) +- Bug Bounty in InfoSec Write-ups on Medium + - [ ] [SQL injection in largest Electricity Board of Sri Lanka](https://infosecwriteups.com/sql-injection-in-largest-electricity-board-of-sri-lanka-1a55c12104bd?source=rss----7b722bfd1b8d--bug_bounty) +- Reverse Engineering + - [ ] [Dissecting the NVIDIA Hopper Architecture through Microbenchmarking and Multiple Level Analysis](https://www.reddit.com/r/ReverseEngineering/comments/1i974mg/dissecting_the_nvidia_hopper_architecture_through/) + - [ ] [Hacking Subaru: Tracking and Controlling Cars via the STARLINK Admin Panel](https://www.reddit.com/r/ReverseEngineering/comments/1i8md2d/hacking_subaru_tracking_and_controlling_cars_via/) + - [ ] [A particularly 'sus' sysctl in the XNU Kernel](https://www.reddit.com/r/ReverseEngineering/comments/1i8m9h3/a_particularly_sus_sysctl_in_the_xnu_kernel/) +- SentinelOne + - [ ] [The Good, the Bad and the Ugly in Cybersecurity – Week 4](https://www.sentinelone.com/blog/the-good-the-bad-and-the-ugly-in-cybersecurity-week-4-6/) +- Malwarebytes + - [ ] [Texas scrutinizes four more car manufacturers on privacy issues](https://www.malwarebytes.com/blog/news/2025/01/texas-scrutinizes-four-more-car-manufacturers-on-privacy-issues) +- 安全牛 + - [ ] [2024年度全球邮件威胁报告](https://www.aqniu.com/vendor/108155.html) + - [ ] [多个网络安全巨头的账户凭证泄露,在暗网被售卖;工信部提醒:防范Androxgh0st僵尸网络风险 | 牛览](https://www.aqniu.com/homenews/108150.html) + - [ ] [深度长文 | 面对马斯克在CES2025上的预言,我们该何去何从?](https://www.aqniu.com/homenews/108149.html) +- HackerNews + - [ ] [特斯拉电动汽车充电器在 Pwn2Own 东京大赛次日遭两次黑客攻击](https://hackernews.cc/archives/57086) + - [ ] [QNAP 修复 NAS 备份恢复应用中的六项 Rsync 漏洞](https://hackernews.cc/archives/57078) + - [ ] [近千个假冒 Reddit 网站推广 Lumma Stealer 恶意软件](https://hackernews.cc/archives/57073) + - [ ] [TRIPLESTRENGTH 针对云环境进行加密货币劫持与勒索软件攻击](https://hackernews.cc/archives/57071) + - [ ] [QakBot 相关 BC 恶意软件新增强化远程访问与数据收集功能](https://hackernews.cc/archives/57069) + - [ ] [Juniper 路由器遭利用“魔术包”漏洞的定制后门攻击](https://hackernews.cc/archives/57064) + - [ ] [Palo Alto 防火墙被发现存在安全启动绕过和固件漏洞](https://hackernews.cc/archives/57061) +- 杨龙 + - [ ] [阿里云小内存机器频繁死机可能原因](https://www.yanglong.pro/%e9%98%bf%e9%87%8c%e4%ba%91%e5%b0%8f%e5%86%85%e5%ad%98%e6%9c%ba%e5%99%a8%e9%a2%91%e7%b9%81%e6%ad%bb%e6%9c%ba%e5%8f%af%e8%83%bd%e5%8e%9f%e5%9b%a0/) +- 奇客Solidot–传递最新科技情报 + - [ ] [秘密后门使用“魔法封包”感染企业 VPN](https://www.solidot.org/story?sid=80419) + - [ ] [调查显示八成游戏开发商开发 PC 游戏](https://www.solidot.org/story?sid=80418) + - [ ] [《自然》调查显示七成回应者使用 Bluesky](https://www.solidot.org/story?sid=80417) + - [ ] [乔治 R.R.马丁合作发表了一篇物理学论文](https://www.solidot.org/story?sid=80416) + - [ ] [Google 移动搜索移除网址面包屑导航](https://www.solidot.org/story?sid=80415) + - [ ] [癌细胞利用有缺陷的线粒体毒害攻击免疫细胞](https://www.solidot.org/story?sid=80414) + - [ ] [日本市场中国平板电视首次超过五成](https://www.solidot.org/story?sid=80413) + - [ ] [智人离开非洲后血型可能发生适应性遗传变化](https://www.solidot.org/story?sid=80412) + - [ ] [三菱不打算参与本田日产的合并](https://www.solidot.org/story?sid=80411) + - [ ] [特朗普政府暂停了 NIH 的会议和旅行](https://www.solidot.org/story?sid=80410) + - [ ] [Debian 15 代号 Duke](https://www.solidot.org/story?sid=80409) + - [ ] [研究揭示不同政治光谱对传递虚假信息的偏好](https://www.solidot.org/story?sid=80408) +- 腾讯玄武实验室 + - [ ] [每日安全动态推送(25/1/24)](https://mp.weixin.qq.com/s?__biz=MzA5NDYyNDI0MA==&mid=2651960005&idx=1&sn=def8d5b004e60d0aa2f280d8493dc542&chksm=8baed25abcd95b4c23216c4b136a117918821b1f1ab95f8ce4b0e3c6ab2023bca38d426f0245&scene=58&subscene=0#rd) +- 安全客 + - [ ] [特斯拉充电桩一天被入侵两次,电动汽车基础设施网络安全引发全球关注](https://mp.weixin.qq.com/s?__biz=MzA5ODA0NDE2MA==&mid=2649787811&idx=1&sn=4927212fd9debdf7d94032ffd45aa0a9&chksm=8893bdccbfe434da1ec3c28eee36e47d63292e7a1c711d7f6818ff6f70209bede150d2007572&scene=58&subscene=0#rd) +- 黑海洋 - IT技术知识库 + - [ ] [PixPro图床 – Github存储版](https://blog.upx8.com/4678) +- FreeBuf网络安全行业门户 + - [ ] [Shiro CVE-2020-17523 路径绕过](https://www.freebuf.com/vuls/420772.html) + - [ ] [FreeBuf周报 | 特朗普特赦暗网丝绸之路创始人;B站员工代码投毒报复用户](https://www.freebuf.com/news/420756.html) + - [ ] [Tyrant(暴君) SUID二进制文件权限提升工具](https://www.freebuf.com/sectool/420749.html) + - [ ] [黑客利用Windows RID劫持技术创建隐藏管理员账户](https://www.freebuf.com/articles/system/420811.html) + - [ ] [2025网络暴露危机报告:45%第三方应用越权访问用户数据](https://www.freebuf.com/news/420744.html) + - [ ] [黑客用假恶意软件生成器感染1.8万名“脚本小子”](https://www.freebuf.com/articles/endpoint/420809.html) + - [ ] [斯巴鲁漏洞让黑客可以远程控制数百万辆汽车](https://www.freebuf.com/news/420728.html) + - [ ] [[windows]自动锁屏程序](https://www.freebuf.com/sectool/420727.html) + - [ ] [新型人工智能“黑帽”工具:GhostGPT带来的威胁与挑战](https://www.freebuf.com/news/420724.html) +- 奇安信威胁情报中心 + - [ ] [每周高级威胁情报解读(2025.01.17~01.23)](https://mp.weixin.qq.com/s?__biz=MzI2MDc2MDA4OA==&mid=2247513863&idx=1&sn=9c4a03d780248697f3ef6da46a3760fe&chksm=ea664070dd11c9664b9d2879112628ee373660f60d7f25a7e8d14365524b15307382d82dac01&scene=58&subscene=0#rd) +- 安全内参 + - [ ] [知名车企漏洞:只需车牌号,就能远程监控劫持数百万辆车](https://mp.weixin.qq.com/s?__biz=MzI4NDY2MDMwMw==&mid=2247513589&idx=1&sn=1b70e6f4b48c39927bb2af1c0178da71&chksm=ebfaf2d5dc8d7bc3abdb845b15e34f01c5f9cc9f45c71804e231873a3c9b8be109f58083ea60&scene=58&subscene=0#rd) + - [ ] [人数超TikTok!2024年美国医疗行业泄漏了1.8亿患者数据](https://mp.weixin.qq.com/s?__biz=MzI4NDY2MDMwMw==&mid=2247513589&idx=2&sn=3351a7a65979a78d643300f2a4dadfa5&chksm=ebfaf2d5dc8d7bc3d4cc9463e5f5a1a7ea306214b1c2ff9c9ef273fd5adadc40174c66510720&scene=58&subscene=0#rd) +- 威努特安全网络 + - [ ] [中方回应美对中网络攻击,惠普公司开发文件泄漏 | 一周特辑](https://mp.weixin.qq.com/s?__biz=MzAwNTgyODU3NQ==&mid=2651130852&idx=1&sn=f1f55221d3afc7e74434b9d7e1180e95&chksm=80e71154b7909842dc785813844722ccaa15f8f08962db7fa984f1c156c60c4f4f285e6932e1&scene=58&subscene=0#rd) +- 看雪学苑 + - [ ] [大众DP BR X8跳转清理 & a5分析](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458589258&idx=1&sn=c1333a825d642b84f6494440d9d8f10c&chksm=b18c28c086fba1d62346bd0549dfc0cce7d6a264896bff49ec6fa9c67d09e41b8e76e90d5097&scene=58&subscene=0#rd) + - [ ] [职位更新!好工作不等人](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458589258&idx=2&sn=0f3ea01777f154e98bec7ccb0214b51c&chksm=b18c28c086fba1d624ad70b554e691e9d88be8caa3deb07a854e332421e9924bf50e15a3c4b9&scene=58&subscene=0#rd) + - [ ] [特斯拉汽车被“重点关注”,Pwn2Own Automotive 2024首日曝出24个零日漏洞](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458589258&idx=3&sn=1ee9c0b4428aba7d94dead806b1d1cb1&chksm=b18c28c086fba1d68376c00b114728f746f713fc2982b933066eb6ecbdc12c0081c2b3bb1411&scene=58&subscene=0#rd) + - [ ] [学它!Browser Pwn Chrome V8篇](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458589258&idx=4&sn=f3db39003003caac0baa29b1e79f959e&chksm=b18c28c086fba1d6bd9cfde7e242476b6f95ecc53d490d7adb507edeb3df6e00bbe7c43f3169&scene=58&subscene=0#rd) +- 代码卫士 + - [ ] [Oracle 2025年1月补丁日多产品高危漏洞安全风险通告](https://mp.weixin.qq.com/s?__biz=MzI2NTg4OTc5Nw==&mid=2247522169&idx=1&sn=fce75986029eae4069d3b0638d1202bd&chksm=ea94a613dde32f05ef7826dcffe2b3decd7b00ebdf610c08b0715fb2887545ac34d0f7f964dc&scene=58&subscene=0#rd) +- 丁爸 情报分析师的工具箱 + - [ ] [【智库报告】生物力量:确保美国在生物技术领域的领导地位](https://mp.weixin.qq.com/s?__biz=MzI2MTE0NTE3Mw==&mid=2651148676&idx=1&sn=1f06118ca29bead7275e53e21449c3d5&chksm=f1af26bec6d8afa8acd71cd12d352ac329764f11442e96d516ec4f5d4de731ff287f315664bb&scene=58&subscene=0#rd) +- dotNet安全矩阵 + - [ ] [文件痕迹清理,通过 Sharp4ModifyTime 修改任意文件时间戳](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498414&idx=1&sn=10c139db39735808d38c078682fce180&chksm=fa595443cd2edd55d66fb3d9017e009c5caf2c926f3df17fb94750bb82d71fe7f49bd2e51fa9&scene=58&subscene=0#rd) + - [ ] [国内最专业、最全面的 [ .NET 代码审计 ] 体系化学习交流社区](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498414&idx=2&sn=d3c80ed5d3de19b8387f42bb7cc03601&chksm=fa595443cd2edd558f74d9545543622d73ec3aaf0037dd848378945854655e763a11ac52e1cf&scene=58&subscene=0#rd) + - [ ] [通过 Sharp4Tokenvator 实现本地权限提升](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498414&idx=3&sn=ace80c4aea3efbc86df8b64024f230ba&chksm=fa595443cd2edd55b7f4ec0d4a576bc19c3cefa0a5e9de199379c5f8271cb941e2887b1ddd6d&scene=58&subscene=0#rd) +- 天御攻防实验室 + - [ ] [泄露文件揭示以色列军方与微软之间的深层联系,在加沙战争期间提供技术支持](https://mp.weixin.qq.com/s?__biz=MzU0MzgyMzM2Nw==&mid=2247486245&idx=1&sn=6c3bb1322ccb3edb14168ca734a6242b&chksm=fb04c84dcc73415bcf1d7c2f5ac99a3097bf6e51cee850fadde07cba4dc05c7d75774a1e3f00&scene=58&subscene=0#rd) +- ChaMd5安全团队 + - [ ] [Kaiji恶意样本分析_v2](https://mp.weixin.qq.com/s?__biz=MzIzMTc1MjExOQ==&mid=2247511902&idx=1&sn=5a5087aec514f7b15779c18c089f0108&chksm=e89d8786dfea0e90e92921d5e1165a96c3c07af7d978f5c64f6eb6298ffd10e0112f71c100d4&scene=58&subscene=0#rd) +- 安全圈 + - [ ] [【安全圈】斯巴鲁汽车漏洞让黑客利用 Starlink 远程控制数百万辆汽车](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067590&idx=1&sn=32ea96086da2a1f7d7b7c25530ca8d55&chksm=f36e7b46c419f2508759cde38a0b63b3f4b1442bc7655fa88acfdb556c1fefa5e78211594fc2&scene=58&subscene=0#rd) + - [ ] [【安全圈】GhostGPT – 黑客用来生成恶意软件和漏洞的新型 AI 黑帽工具](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067590&idx=2&sn=0963e1001cd7415a1987cb9c33807d8c&chksm=f36e7b46c419f2503cd6ccf7191847d24b6e5135071daedb82309bbc01b97545402cc0ff010b&scene=58&subscene=0#rd) + - [ ] [【安全圈】思科曝9.9分关键权限提升漏洞](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067590&idx=3&sn=7379d9127186d37af92f08f7a9ced06e&chksm=f36e7b46c419f25055741d6542936063bf1b5787923201949d2998d3f1120257c12deaab9a8f&scene=58&subscene=0#rd) + - [ ] [【安全圈】Chrome用户面临供应链攻击威胁,数百万人或受影响](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067590&idx=4&sn=ab568c073e0bfe554ca07ca03503f2da&chksm=f36e7b46c419f2504e60fb5ecb4e5b4587d40c40ef28fa92ddedef841c052dddeb060feb9d4a&scene=58&subscene=0#rd) +- M01N Team + - [ ] [每周蓝军技术推送(2025.1.18-1.24)](https://mp.weixin.qq.com/s?__biz=MzkyMTI0NjA3OA==&mid=2247494044&idx=1&sn=356681967a014551977e5051389b8f15&chksm=c184298df6f3a09b94ddf8530ba9a609f1a4b3b5f9613ec89ba358c061f0b4d9593c735c2599&scene=58&subscene=0#rd) +- 吾爱破解论坛 + - [ ] [吾爱破解论坛精华集2024](https://mp.weixin.qq.com/s?__biz=MjM5Mjc3MDM2Mw==&mid=2651141621&idx=1&sn=3f4c02af5506cb4440b9bc873071e716&chksm=bd50a5a18a272cb726747cfc86d50e65fcb43108e02ccddb2e78de7a82d173eb3bb2f4c05463&scene=58&subscene=0#rd) +- 嘶吼专业版 + - [ ] [针对 Chrome 浏览器扩展程序网络钓鱼活动的新细节被披露](https://mp.weixin.qq.com/s?__biz=MzI0MDY1MDU4MQ==&mid=2247580965&idx=1&sn=7b271d77d7ae3794e77995267c934acf&chksm=e9146d1fde63e4097053f87e00d408e479510a2c67f11147c47b8735ea28cd8466e12a464d04&scene=58&subscene=0#rd) + - [ ] [新的 UEFI 安全启动漏洞使系统暴露于 bootkit](https://mp.weixin.qq.com/s?__biz=MzI0MDY1MDU4MQ==&mid=2247580965&idx=2&sn=35ac8cf9ec1bfacb175b8622720863e2&chksm=e9146d1fde63e40910e314cac61af17533c328067d6bd015df8402266ba7692efae9a049c79f&scene=58&subscene=0#rd) +- 中国信息安全 + - [ ] [专题·人工智能安全治理 | 《人工智能安全治理框架》为人工智能安全发展提供重要指引](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235681&idx=1&sn=530f8234ebb092aa1a91e0c76012ae79&chksm=8b580058bc2f894ee2eae6f8c70502378a85d1c68c7854fc04a36aa415a806b70c3b95b59a89&scene=58&subscene=0#rd) + - [ ] [发布 | 国家数据局就《数据领域常用名词解释(第二批)》公开征求意见(附全文)](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235681&idx=2&sn=bf11efc7a9b860fb9b20b141baa90341&chksm=8b580058bc2f894e8a78e5460bb45f362eeed694b3371ca573a75b3fd3cc0f08ad6cab57e0ce&scene=58&subscene=0#rd) + - [ ] [专家解读 | 构建高素质人才队伍,助力数据标注产业发展](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235681&idx=3&sn=a3cb25195824a0af1ff71d0489c3fffc&chksm=8b580058bc2f894eb245d36a53ec92e5f687b6e6c66f7f71f0de296890f4298efb378db18fb8&scene=58&subscene=0#rd) + - [ ] [关注 | 检察机关依法惩治侵害企业数据安全犯罪 服务保障企业创新发展](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235681&idx=4&sn=42732fbe26b1fac5bc322a9e33b0b28a&chksm=8b580058bc2f894e0f4cbee4ba19fbc1b27fa5adfa931776ec7cb3fd7561bac3e8b4892b8ccc&scene=58&subscene=0#rd) + - [ ] [解读 | 市场监管总局发布《网络交易执法协查暂行办法》 建立健全网络交易执法协查机制提升监管效能](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235681&idx=5&sn=5c63e275dc2b4b4f5dc92f28bbbf9bd5&chksm=8b580058bc2f894e4ac6bd8b2f2a60ec364d705cfefc7db43b0fc7889dab60803743480b83bc&scene=58&subscene=0#rd) + - [ ] [发布 | 中国信通院联合发布《数据治理研究报告(2024年)》(附下载)](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235681&idx=6&sn=acbcf59882875e4e743a79a6a0213aff&chksm=8b580058bc2f894eb05f0a640a04bc0c13832cf9659cfd9cf586f741342e097e7cb4f2034b14&scene=58&subscene=0#rd) + - [ ] [国际 | 域外个人生物识别信息保护模式考察](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235681&idx=7&sn=a87473518e84e1b51f4fbc4906a29861&chksm=8b580058bc2f894efeb5cc3fd1319d517ad0008fc4cd0f9d85d46eb582042a0de18704a8873c&scene=58&subscene=0#rd) + - [ ] [评论 | 让网络交易执法协作更规范有序](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235681&idx=8&sn=2f11ec80a6ee5f872457f929a062a55f&chksm=8b580058bc2f894e56c7b4df2c980cea63ded34c1a6f34cf676f53b56d42c1167466955df122&scene=58&subscene=0#rd) +- 数世咨询 + - [ ] [2025年必看!人工智能重塑网络安全,超级自动化就在眼前!](https://mp.weixin.qq.com/s?__biz=MzkxNzA3MTgyNg==&mid=2247534964&idx=1&sn=cd109de22eeb6fcac5e7cd1247dd3038&chksm=c1443bc9f633b2dffee47e3c9a18afbcf4f64db84cbb2f3d5cb84383c63142f168c05adae6a9&scene=58&subscene=0#rd) +- 情报分析师 + - [ ] [情报:那些事儿](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650559205&idx=1&sn=6f86b1fec7d1f4306725254f5e6db47b&chksm=87117caeb066f5b815b102a771281eb4e910b4e244ef275aa4415290e48253076ec16ad5c18b&scene=58&subscene=0#rd) + - [ ] [开源情报分析:透视一个人的多面性](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650559205&idx=2&sn=6a56dd9122e1a302bc2384123478737b&chksm=87117caeb066f5b87e14101a13336b9e6be83fbc2884d71296f17c29da9e70a956c4d40941f8&scene=58&subscene=0#rd) + - [ ] [开源情报信息,一网打尽!](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650559205&idx=3&sn=1cca5108e67070471ee51e0e1ea8dcbd&chksm=87117caeb066f5b898030d03c8c46ca801ddfd645b1e85ec75ce59eeb5cb9c54e7da072470bd&scene=58&subscene=0#rd) +- CNVD漏洞平台 + - [ ] [Oracle发布2025年1月的安全公告](https://mp.weixin.qq.com/s?__biz=MzU3ODM2NTg2Mg==&mid=2247495725&idx=1&sn=dedb6bb0dabaefa9b319ac1b7250d198&chksm=fd74c0e4ca0349f283b0e540501af4fa1eeb782340415eff1013718bda5508d4702dbdcfff2a&scene=58&subscene=0#rd) +- 火绒安全 + - [ ] [【火绒安全周报】B站员工滥用权限报复用户被开除/2000多名网红被“开盒”](https://mp.weixin.qq.com/s?__biz=MzI3NjYzMDM1Mg==&mid=2247521828&idx=1&sn=82479a718193afc90904db31f588c5e6&chksm=eb70481bdc07c10d2378d6352727843511736ac4f404c29cf9f77471d0d7f39ce10514d787ea&scene=58&subscene=0#rd) + - [ ] [诚邀渠道合作伙伴共启新征程](https://mp.weixin.qq.com/s?__biz=MzI3NjYzMDM1Mg==&mid=2247521828&idx=2&sn=3f3425eb3c27f9524fb0f2d953ca029a&chksm=eb70481bdc07c10d32197f192e668777077d45aa9eea8faf428e04c535eb84d385aa11a0d679&scene=58&subscene=0#rd) +- 极客公园 + - [ ] [豆包大模型 1.5 不走「捷径」,火山引擎要造「长坡厚雪」](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653072804&idx=1&sn=7fc6c4db1fad547f98df8d00ad106b33&chksm=7e57d0124920590444932c909ec415ffb185143d343e2419ea28f294c9fe2bc069783622d1a0&scene=58&subscene=0#rd) + - [ ] [我们要摆脱『过个 AI 年』这样的初级阶段了](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653072771&idx=1&sn=3149d2565c3589ac38227d8d5878597f&chksm=7e57d0354920592309f96a4d274ad464edd3d0c87637c4b30146afc4041f5f392f17627fb714&scene=58&subscene=0#rd) + - [ ] [OpenAI 推新智能体,能完成复杂任务;雷军、王传福入选全球最佳 CEO;字节游戏《决胜巅峰》开启国内公测 | 极客早知道](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653072732&idx=1&sn=0926a0b689d8e148d5c9fb4b32aa0892&chksm=7e57d0ea492059fc09eb0e9933091e0c43b3b5c2bc1d10a11b6be1acf32bb25d9c4bec737b0c&scene=58&subscene=0#rd) +- 奇安盘古 + - [ ] [2025 蛇年迎新,盘古石取证暖心献礼:红包封面大放送,更多好礼等您来!](https://mp.weixin.qq.com/s?__biz=MzI2MDA0MTYyMQ==&mid=2654404359&idx=1&sn=cb7965528fedcff57cca3c5cf9847be5&chksm=f1ade1fdc6da68eb47796fef146879a2a2b5b5b44aab25764027cf594608aba90b65b0e9004d&scene=58&subscene=0#rd) +- 字节跳动技术团队 + - [ ] [Jeddak星火计划-开启申报](https://mp.weixin.qq.com/s?__biz=MzI1MzYzMjE0MQ==&mid=2247512933&idx=1&sn=b2602ab68be9a48e636dfae7229f3144&chksm=e9d37887dea4f191941d0bb113066bf053408a8bd5796ecfeb49d90c5cf43e1920bf2dafab42&scene=58&subscene=0#rd) +- 百度安全应急响应中心 + - [ ] [限量红包封面 | 好运“嘶”声而来 滑进你的口袋](https://mp.weixin.qq.com/s?__biz=MzA4ODc0MTIwMw==&mid=2652542174&idx=1&sn=5fe0d886b064979793b3cbd19a61b7fe&chksm=8bcbb0e2bcbc39f42a01e0223d846599c26ac7e6e5fdf61cfad2eac81894c6229699bd5284b0&scene=58&subscene=0#rd) +- Tide安全团队 + - [ ] [记一次钓鱼邮件实例分析](https://mp.weixin.qq.com/s?__biz=Mzg2NTA4OTI5NA==&mid=2247519791&idx=1&sn=f8f408c3e7b57b9783fde060aff1708e&chksm=ce5dac4ef92a25583e33450d525507ab9da79d6e5fc9a15b0a7e5c799935ec0614f904647568&scene=58&subscene=0#rd) +- huasec + - [ ] [24年总结](https://mp.weixin.qq.com/s?__biz=MzIyOTY1NDE5Mg==&mid=2247485100&idx=1&sn=0d1663a53843d7a2bd0c5504c41d1514&chksm=e8be2d73dfc9a4658eb6f0680a4e62f1bd800fe5988bfcf1fe194160e0157aa434d882f6d8b8&scene=58&subscene=0#rd) +- 360数字安全 + - [ ] [春节假期,安全大模型帮你“躺赢”!](https://mp.weixin.qq.com/s?__biz=MzA4MTg0MDQ4Nw==&mid=2247579220&idx=1&sn=036d352c4a29bd9863fce78dcd7d5e64&chksm=9f8d265ca8faaf4acfd7a299e3d5b6e9edf55ef80424fc5ae53a59a7be22d2114eb1e9bd5678&scene=58&subscene=0#rd) +- Over Security - Cybersecurity news aggregator + - [ ] [Update: New Details on the Medusa Ransomware Attack on Hospital El Cruce](https://www.suspectfile.com/update-new-details-on-the-medusa-ransomware-attack-on-hospital-el-cruce/) + - [ ] [More than 2,000 SonicWall devices vulnerable to critical zero-day](https://therecord.media/sonicwall-devices-exposed-zero-day) + - [ ] [Politicization of intel oversight board could threaten key US-EU data transfer agreement](https://therecord.media/politicization-of-pclob-could-threaten-key-eu-us-data-transfer-agreement) + - [ ] [Zyxel warns of bad signature update causing firewall boot loops](https://www.bleepingcomputer.com/news/security/zyxel-warns-of-bad-signature-update-causing-firewall-boot-loops/) + - [ ] [Microsoft to deprecate WSUS driver synchronization in 90 days](https://www.bleepingcomputer.com/news/microsoft/microsoft-to-deprecate-wsus-driver-synchronization-in-90-days/) + - [ ] [At least $69 million stolen from crypto platform Phemex in suspected cyberattack](https://therecord.media/69-million-stolen-cyberattack-crypto-platform-phemex) + - [ ] [Subaru Starlink flaw let hackers hijack cars in US and Canada](https://www.bleepingcomputer.com/news/security/subaru-starlink-flaw-let-hackers-hijack-cars-in-us-and-canada/) + - [ ] [Hackers use Windows RID hijacking to create hidden admin account](https://www.bleepingcomputer.com/news/security/hackers-use-windows-rid-hijacking-to-create-hidden-admin-account/) + - [ ] [Hospital El Cruce takes its website offline following a severe cyberattack](https://www.suspectfile.com/hospital-el-cruce-takes-its-website-offline-following-a-severe-cyberattack/) + - [ ] [PayPal penalized $2 million over data breach involving 35K Social Security numbers](https://therecord.media/paypal-penalty-millions-data-breach) + - [ ] [Update #6: blog e argomenti live](https://roccosicilia.com/2025/01/24/update-6-blog-e-argomenti-live/) + - [ ] [Hacker infects 18,000 "script kiddies" with fake malware builder](https://www.bleepingcomputer.com/news/security/hacker-infects-18-000-script-kiddies-with-fake-malware-builder/) + - [ ] [Oltre il 90% dei Microsoft Exchange Server è ancora vulnerabile a ProxyLogon](https://www.securityinfo.it/2025/01/24/oltre-il-90-dei-microsoft-exchange-server-e-ancora-vulnerabile-a-proxylogon/) + - [ ] [Managed Detection and Response – How are you monitoring?](https://www.bleepingcomputer.com/news/security/managed-detection-and-response-how-are-you-monitoring/) + - [ ] [Microsoft: Outdated Exchange servers fail to auto-mitigate security bugs](https://www.bleepingcomputer.com/news/security/microsoft-outdated-exchange-servers-fail-to-auto-mitigate-security-bugs/) + - [ ] [Sintesi riepilogativa delle campagne malevole nella settimana del 18 – 24 gennaio](https://cert-agid.gov.it/news/sintesi-riepilogativa-delle-campagne-malevole-nella-settimana-del-18-24-gennaio/) + - [ ] [Unlocking Vulnrichment: Enhancing CVE Data for Smarter Vulnerability Management](https://cyble.com/blog/cisa-reveals-vulnrichment-management-for-cve-data/) + - [ ] [Anatomy of an Exploit Chain: CISA, FBI Detail Ivanti CSA Attacks](https://cyble.com/blog/ivanti-csa-attacks-cisa-fbi-expose-exploit-chain/) + - [ ] [Seasoning email threats with hidden text salting](https://blog.talosintelligence.com/seasoning-email-threats-with-hidden-text-salting/) + - [ ] [UK to examine undersea cable vulnerability as Russian spy ship spotted in British waters](https://therecord.media/britain-undersea-cables-russian-spy-ship) + - [ ] [Hackers get $886,250 for 49 zero-days at Pwn2Own Automotive 2025](https://www.bleepingcomputer.com/news/security/hackers-get-886-250-for-49-zero-days-at-pwn2own-automotive-2025/) + - [ ] [USB Army Knife: The Ultimate Close Access Penetest Tool](https://www.mobile-hacker.com/2025/01/24/usb-army-knife-the-ultimate-close-access-penetest-tool/) + - [ ] [Malware Redirects WordPress Traffic to Harmful Sites](https://blog.sucuri.net/2025/01/malware-redirects-wordpress-traffic-to-harmful-sites.html) +- Krypt3ia + - [ ] [Krypt3ia Daily Cyber Threat Intelligence (CTI) Digest](https://krypt3ia.wordpress.com/2025/01/24/krypt3ia-daily-cyber-threat-intelligence-cti-digest-2/) +- ICT Security Magazine + - [ ] [Cybersecurity e infrastrutture critiche sottomarine: Analisi delle vulnerabilità e strategie di resilienza nella backbone globale](https://www.ictsecuritymagazine.com/articoli/infrastrutture-critiche-sottomarine/) +- Securityinfo.it + - [ ] [Oltre il 90% dei Microsoft Exchange Server è ancora vulnerabile a ProxyLogon](https://www.securityinfo.it/2025/01/24/oltre-il-90-dei-microsoft-exchange-server-e-ancora-vulnerabile-a-proxylogon/?utm_source=rss&utm_medium=rss&utm_campaign=oltre-il-90-dei-microsoft-exchange-server-e-ancora-vulnerabile-a-proxylogon) +- 希潭实验室 + - [ ] [第114篇:美国NSA量子DNS注入攻击技术,揭秘网络战的隐蔽手段QUANTUMDNS](https://mp.weixin.qq.com/s?__biz=MzkzMjI1NjI3Ng==&mid=2247487346&idx=1&sn=8c754ccbec08542992cce032cf7abcbf&chksm=c25fc009f528491fd031a9b145f7cf7f95dfda1164b98ab9fd5412b66f551cb85004a6eb533b&scene=58&subscene=0#rd) +- 迪哥讲事 + - [ ] [通用漏洞挖掘技巧](https://mp.weixin.qq.com/s?__biz=MzIzMTIzNTM0MA==&mid=2247496940&idx=1&sn=a33f04e5fdb7818531eeda42ebf4b6e7&chksm=e8a5fe8fdfd277997c45b33df7177e2c0c39f4bb4e23b55308bf8a8ad59a087cb0ab7dace1d4&scene=58&subscene=0#rd) +- 网络安全回收站 + - [ ] [大模型系列之LLaMA Factory微调学习](https://mp.weixin.qq.com/s?__biz=Mzg2MTc1NDAxMA==&mid=2247484342&idx=1&sn=58be391a85f1cab4cdd6b7b0b41b1300&chksm=ce130443f9648d55205cc7a98a9fe40d7f0727f8daa16072fa35b7a71c3bd4150fe9e98a5e97&scene=58&subscene=0#rd) +- 滴滴安全应急响应中心 + - [ ] [DSRC 祝大家新年快乐(内含红包封面)](https://mp.weixin.qq.com/s?__biz=MzA3Mzk1MDk1NA==&mid=2651908507&idx=1&sn=090d7d7a925c36caa9bed1158c3df7ce&chksm=84e37a1eb394f30889713a4a086f93c4d2b0954159a8cc113501e5116bd0d79c3b47bd7b1818&scene=58&subscene=0#rd) +- 赛博回忆录 + - [ ] [36岁,本命年,再学一次安全](https://mp.weixin.qq.com/s?__biz=MzIxNDAyNjQwNg==&mid=2456099378&idx=1&sn=6c4312c836d50eb123463580236e3747&chksm=803c6bfbb74be2ed0ec59125bedcc4fd901ee5570ff68d872f74921ed684c13dcaf999cda2c5&scene=58&subscene=0#rd) +- Schneier on Security + - [ ] [Friday Squid Blogging: Beaked Whales Feed on Squid](https://www.schneier.com/blog/archives/2025/01/friday-squid-blogging-beaked-whales-feed-on-squid.html) +- Instapaper: Unread + - [ ] [iOS Stolen Device Protection](https://cellebrite.com/en/ios-stolen-device-protection/) + - [ ] [The Internet is (once again) awash with IoT botnets delivering record DDoSes](https://arstechnica.com/security/2025/01/the-internet-is-once-again-awash-with-iot-botnets-delivering-record-ddoses/) + - [ ] [What Is Jump List Cache](https://www.cybertriage.com/blog/what-is-jump-list-cache/) + - [ ] [Subaru Car Vulnerability Lets Hackers Control Millions of Cars Remotely Using Starlink](https://cybersecuritynews.com/subaru-car-vulnerability-lets-hackers-control-the-millions-of-cars-remotely/) + - [ ] [Torna Itasec 2025, il più grande evento dedicato alla cybersecurity in Italia](https://www.wired.it/article/itasec-2025-conferenza-cybersecurity-italia/) +- Graham Cluley + - [ ] [Be careful what you say about data leaks in Turkey, new law could mean prison for reporting hacks](https://www.tripwire.com/state-of-security/new-law-could-mean-prison-reporting-data-leaks) +- TorrentFreak + - [ ] [PIPCU Uses UK IPO’s ‘Surplus Millions’ to Wage War on IPTV Pirates](https://torrentfreak.com/pipcu-utilizes-uk-ipos-surplus-millions-to-wage-war-on-iptv-pirates-250124/) +- SANS Internet Storm Center, InfoCON: green + - [ ] [[Guest Diary] How Access Brokers Maintain Persistence, (Fri, Jan 24th)](https://isc.sans.edu/diary/rss/31600) + - [ ] [ISC Stormcast For Friday, January 24th, 2025 https://isc.sans.edu/podcastdetail/9294, (Fri, Jan 24th)](https://isc.sans.edu/diary/rss/31622) +- The Hacker News + - [ ] [RANsacked: Over 100 Security Flaws Found in LTE and 5G Network Implementations](https://thehackernews.com/2025/01/ransacked-over-100-security-flaws-found.html) + - [ ] [2025 State of SaaS Backup and Recovery Report](https://thehackernews.com/2025/01/insights-from-2025-saas-backup-and-recovery-report.html) + - [ ] [DoJ Indicts 5 Individuals for $866K North Korean IT Worker Scheme Violations](https://thehackernews.com/2025/01/doj-indicts-5-individuals-for-866k.html) + - [ ] [Android's New Identity Check Feature Locks Device Settings Outside Trusted Locations](https://thehackernews.com/2025/01/androids-new-identity-check-feature.html) + - [ ] [CISA Adds Five-Year-Old jQuery XSS Flaw to Exploited Vulnerabilities List](https://thehackernews.com/2025/01/cisa-adds-five-year-old-jquery-xss-flaw.html) +- Technical Information Security Content & Discussion + - [ ] [Someone wrote an Anti-Crawler/Scraper Trap](https://www.reddit.com/r/netsec/comments/1i93pzl/someone_wrote_an_anticrawlerscraper_trap/) + - [ ] [USB Army Knife: Close Access Pentest Tool with VNC, Marauder, network adapter etc.](https://www.reddit.com/r/netsec/comments/1i8rdf5/usb_army_knife_close_access_pentest_tool_with_vnc/) + - [ ] [WinVisor: A proof-of-concept hypervisor-based emulator for Windows x64 binaries](https://www.reddit.com/r/netsec/comments/1i8nnii/winvisor_a_proofofconcept_hypervisorbased/) + - [ ] [Static Source Code Security Scanning Tools Evaluation Benchmark](https://www.reddit.com/r/netsec/comments/1i8q5mc/static_source_code_security_scanning_tools/) +- Blackhat Library: Hacking techniques and research + - [ ] [URGENT : File transfers](https://www.reddit.com/r/blackhat/comments/1i8ryzg/urgent_file_transfers/) +- The Register - Security + - [ ] [AI chatbot startup founder, lawyer wife accused of ripping off investors in $60M fraud](https://go.theregister.com/feed/www.theregister.com/2025/01/24/ai_startup_founder_wife_indicted/) + - [ ] [Don't want your Kubernetes Windows nodes hijacked? Patch this hole now](https://go.theregister.com/feed/www.theregister.com/2025/01/24/kubernetes_windows_nodes_bug/) + - [ ] [North Korean dev who renamed himself 'Bane' accused of IT worker fraud caper](https://go.theregister.com/feed/www.theregister.com/2025/01/24/north_korean_devs_and_their/) + - [ ] [China and friends claim success in push to stamp out tech support cyber-scam slave camps](https://go.theregister.com/feed/www.theregister.com/2025/01/24/lancang_mekong_anti_cyberscam_cooperation/) + - [ ] [Court rules FISA Section 702 surveillance of US resident was unconstitutional](https://go.theregister.com/feed/www.theregister.com/2025/01/24/section_702_court/) +- Deep Web + - [ ] [What do you do when you find something you aren’t suppose to find?](https://www.reddit.com/r/deepweb/comments/1i8tie9/what_do_you_do_when_you_find_something_you_arent/) +- Computer Forensics + - [ ] [Which Digital Forensic proprietary Tool is better for processing and Analysis?](https://www.reddit.com/r/computerforensics/comments/1i8qcho/which_digital_forensic_proprietary_tool_is_better/) + - [ ] [Magnet Axiom Questions](https://www.reddit.com/r/computerforensics/comments/1i90lqz/magnet_axiom_questions/) + - [ ] [Memory Forensics](https://www.reddit.com/r/computerforensics/comments/1i8rssu/memory_forensics/) + - [ ] [Metadata and iMessage - Is key information stripped?](https://www.reddit.com/r/computerforensics/comments/1i8y0rn/metadata_and_imessage_is_key_information_stripped/) + - [ ] [Preferred Methodology for ediscovery extraction for forensic images?](https://www.reddit.com/r/computerforensics/comments/1i8x4s0/preferred_methodology_for_ediscovery_extraction/) +- Your Open Hacker Community + - [ ] [Study suggestion request (Reverse engineering)](https://www.reddit.com/r/HowToHack/comments/1i8wvf2/study_suggestion_request_reverse_engineering/) + - [ ] [BadUSB Pico](https://www.reddit.com/r/HowToHack/comments/1i97jaf/badusb_pico/) + - [ ] [Bypassing simple anti-debug feature of a CTF with LD_PRELOAD flag](https://www.reddit.com/r/HowToHack/comments/1i94qfm/bypassing_simple_antidebug_feature_of_a_ctf_with/) + - [ ] [Linux and grey hacking](https://www.reddit.com/r/HowToHack/comments/1i93ulo/linux_and_grey_hacking/) + - [ ] [Please read if you are new to hacking with limited skills](https://www.reddit.com/r/HowToHack/comments/1i93c0c/please_read_if_you_are_new_to_hacking_with/) + - [ ] [Outlook hacked and I cannot disable the messages forwarding to hackers](https://www.reddit.com/r/HowToHack/comments/1i97cos/outlook_hacked_and_i_cannot_disable_the_messages/) + - [ ] [People say that Linux needs no Antivirus... really? Can Linux really detect ZIP Bombs?](https://www.reddit.com/r/HowToHack/comments/1i99foc/people_say_that_linux_needs_no_antivirus_really/) + - [ ] [Hidden profiles on Apple devices, weird 3rd party licenses etc. Brand new out of box Pixel Phone was already compromised on start up.](https://www.reddit.com/r/HowToHack/comments/1i97wfi/hidden_profiles_on_apple_devices_weird_3rd_party/) + - [ ] [Finding the identity of scammers](https://www.reddit.com/r/HowToHack/comments/1i92om6/finding_the_identity_of_scammers/) + - [ ] [Hash cat](https://www.reddit.com/r/HowToHack/comments/1i935ub/hash_cat/) + - [ ] [Google reviews delete](https://www.reddit.com/r/HowToHack/comments/1i8wear/google_reviews_delete/) + - [ ] [I suspect an ex-friend is creating sock puppet accounts on fb to harass my friend. Is there a way to track these accounts back to him?](https://www.reddit.com/r/HowToHack/comments/1i8v5or/i_suspect_an_exfriend_is_creating_sock_puppet/) + - [ ] [help !!](https://www.reddit.com/r/HowToHack/comments/1i8llcl/help/) + - [ ] [Don't know if it's possible but any guidance would help immensely](https://www.reddit.com/r/HowToHack/comments/1i8lfjf/dont_know_if_its_possible_but_any_guidance_would/) + - [ ] [Help to delete google reviews](https://www.reddit.com/r/HowToHack/comments/1i8wgdx/help_to_delete_google_reviews/) + - [ ] [got deauther made up on esp8266 but having deauth issues](https://www.reddit.com/r/HowToHack/comments/1i8izpb/got_deauther_made_up_on_esp8266_but_having_deauth/) + - [ ] [Hacking Forums](https://www.reddit.com/r/HowToHack/comments/1i8q7zl/hacking_forums/) + - [ ] [Best way to learn?](https://www.reddit.com/r/HowToHack/comments/1i8k7f9/best_way_to_learn/) + - [ ] [Some help plz](https://www.reddit.com/r/HowToHack/comments/1i8p2hw/some_help_plz/) +- netsecstudents: Subreddit for students studying Network Security and its related subjects + - [ ] [Any starting guide to learn Sigma Rules ?](https://www.reddit.com/r/netsecstudents/comments/1i8yf9h/any_starting_guide_to_learn_sigma_rules/) +- 白泽安全实验室 + - [ ] [伊朗支持的APT42组织针对以色列和美国的网络钓鱼活动加剧——每周威胁情报动态第210期 (01.17-01.23)](https://mp.weixin.qq.com/s?__biz=MzI0MTE4ODY3Nw==&mid=2247492529&idx=1&sn=e2697dd686fd55f34d2f6f17950d1ddc&chksm=e90dc99bde7a408dbde9bc281a602d9c44b3177611a589528c967540a171a0bdae4fb13ef0c8&scene=58&subscene=0#rd) +- Security Affairs + - [ ] [U.S. CISA adds SonicWall SMA1000 flaw to its Known Exploited Vulnerabilities catalog](https://securityaffairs.com/173417/security/u-s-cisa-adds-sonicwall-sma1000-flaw-known-exploited-vulnerabilities-catalog.html) + - [ ] [J-magic malware campaign targets Juniper routers](https://securityaffairs.com/173408/security/j-magic-malware-campaign-targets-juniper-routers.html) + - [ ] [SonicWall warns of a critical CVE-2025-23006 zero-day likely exploited in the wild](https://securityaffairs.com/173387/security/sonicwall-warns-zero-day-sma-1000-series.html) +- Null Byte + - [ ] [iOS 18.3 Is Coming Soon — Here's What to Expect on Your iPhone](https://ios.gadgethacks.com/news/ios-18.3-features/) + - [ ] [Freeform on iOS 18: All the Features You've Been Missing Out On](https://ios.gadgethacks.com/how-to/freeform-ios-18-features/) +- Hacking Exposed Computer Forensics Blog + - [ ] [Daily Blog #727: Experimenting with Deepseek v3](https://www.hecfblog.com/2025/01/daily-blog-727-experimenting-with.html) +- Security Weekly Podcast Network (Audio) + - [ ] [Cursive Funk, Microsoft, Ivanti, Sonic Wall, Exchange, PowerSchool, Aaran Leyland... - SWN #445](http://sites.libsyn.com/18678/cursive-funk-microsoft-ivanti-sonic-wall-exchange-powerschool-aaran-leyland-swn-445) diff --git a/archive/tmp/2025-01-25.json b/archive/tmp/2025-01-25.json new file mode 100644 index 0000000000..6d3cebb0d7 --- /dev/null +++ b/archive/tmp/2025-01-25.json @@ -0,0 +1,511 @@ +{ + "SecWiki News": { + "SecWiki News 2025-01-24 Review": "http://www.sec-wiki.com/?2025-01-24" + }, + "paper - Last paper": { + "基于人工智能/机器学习的 IPv6 网络中隐秘通信的检测与分类": "https://paper.seebug.org/3271/" + }, + "Armin Ronacher's Thoughts and Writings": { + "Build It Yourself": "http://lucumr.pocoo.org/2025/1/24/build-it-yourself" + }, + "奇安信攻防社区": { + "借壳上线之Patch PE文件": "https://forum.butian.net/share/4085", + "间接提示注入攻击全面测评": "https://forum.butian.net/share/4074" + }, + "安全客-有思想的安全新媒体": { + "年度盘点:AI+安全双重赋能,360解锁企业浏览器新动力": "https://www.anquanke.com/post/id/303791", + "IntelBroker 的数字足迹: OSINT 分析揭露网络犯罪分子的行动": "https://www.anquanke.com/post/id/303788", + "7-Zip 修复了可绕过 Windows MoTW 安全警告的错误,立即修补": "https://www.anquanke.com/post/id/303776", + "Microsoft 在 Edge Stable 中预览 Game Assist 游戏内浏览器": "https://www.anquanke.com/post/id/303773", + "ModiLoader 恶意软件利用 CAB 标头批处理文件逃避检测": "https://www.anquanke.com/post/id/303770", + "Meta 的广告系统被俄罗斯宣传网络利用": "https://www.anquanke.com/post/id/303767", + "13,000 台 MikroTik 路由器被僵尸网络劫持,用于发送垃圾邮件和网络攻击": "https://www.anquanke.com/post/id/303785", + "DLL 副加载和代理: 向德国目标发送 Sliver 植入程序的新活动": "https://www.anquanke.com/post/id/303764", + "Consilio Guided AI PrivDetect 缩短了权限审查时间": "https://www.anquanke.com/post/id/303782", + "勒索软件团伙在 Microsoft Teams 网络钓鱼攻击中冒充 IT 支持": "https://www.anquanke.com/post/id/303779" + }, + "Tenable Blog": { + "Cybersecurity Snapshot: WEF Offers AI Security Best Practices, as DORA Regulation Places Strict Cyber Rules on Banks": "https://www.tenable.com/blog/ai-security-best-practices-01-24-2025" + }, + "Private Feed for M09Ic": { + "safedv starred sadreck/Codecepticon": "https://github.com/sadreck/Codecepticon", + "timwhitez starred decoder-it/ChgPass": "https://github.com/decoder-it/ChgPass", + "evilashz starred decoder-it/ChgPass": "https://github.com/decoder-it/ChgPass", + "niudaii starred 0x727/ChkApi_0x727": "https://github.com/0x727/ChkApi_0x727", + "gh0stkey starred seaung/pocsuite-rs": "https://github.com/seaung/pocsuite-rs", + "nightRainy starred ynwarcs/CVE-2025-21298": "https://github.com/ynwarcs/CVE-2025-21298", + "0xbug starred google/osv-scanner": "https://github.com/google/osv-scanner", + "yqcs forked yqcs/bolt.diy from stackblitz-labs/bolt.diy": "https://github.com/yqcs/bolt.diy", + "niudaii starred leveryd/x-waf": "https://github.com/leveryd/x-waf", + "spf13 starred theJayTea/WritingTools": "https://github.com/theJayTea/WritingTools" + }, + "Doonsec's feed": { + "秦安:拜登走了,完败于芯片,留下两场战争,还有耻辱与灾难": "https://mp.weixin.qq.com/s?__biz=MzA5MDg1MDUyMA==&mid=2650476311&idx=1&sn=119884be68a469d54443b401908afe95", + "秦安:大消息!人民银行与证监会,座谈“3000+5000”亿资金入市": "https://mp.weixin.qq.com/s?__biz=MzA5MDg1MDUyMA==&mid=2650476311&idx=2&sn=be8a2ff973ede5b074e70dc11899c350", + "上新日 | 口碑佳作上架!沉浸式翻译:双语对照网页翻译插件": "https://mp.weixin.qq.com/s?__biz=MzI2MjcwMTgwOQ==&mid=2247492181&idx=1&sn=dc5a84bd0c1009bdda94f07507392b36", + "红队视角:揭秘内网提权的技术迷宫": "https://mp.weixin.qq.com/s?__biz=MzkzNzg3NzQxMQ==&mid=2247485714&idx=1&sn=6a7ab0722e0c0f69ce8906539f544066", + "pikachu - Cross-Site Scripting(XSS)": "https://mp.weixin.qq.com/s?__biz=Mzk1NzI2NDQyMw==&mid=2247484517&idx=1&sn=240276352d671fc67e03d7ccdecf2862", + "7-Zip高危漏洞曝光": "https://mp.weixin.qq.com/s?__biz=MzU2MTc4NTEyNw==&mid=2247486441&idx=1&sn=4531aade32e795be54933b9d3a690c03", + "『漏洞复现』XXL-JOB 默认 accessToken 身份绕过 RCE 漏洞分析及复现": "https://mp.weixin.qq.com/s?__biz=Mzg3OTUxNTU2NQ==&mid=2247490019&idx=1&sn=8b0ca8a5667607692018751b2e0db53a", + "图形化-Windiows日志分析工具": "https://mp.weixin.qq.com/s?__biz=Mzg3OTUxNTU2NQ==&mid=2247490019&idx=2&sn=f204d355574f503af0ff0d6b11878996", + "技战法:巧用黑客攻击手法,被动积累技能": "https://mp.weixin.qq.com/s?__biz=Mzg3OTUxNTU2NQ==&mid=2247490019&idx=3&sn=d1ade97995d489eec4760ec06058a2e0", + "文科应届生转行计算机的一年": "https://mp.weixin.qq.com/s?__biz=Mzg4NTg0MjMzNQ==&mid=2247484202&idx=1&sn=91076a3a9a8de9de842344942c19a373", + "黑客攻防演练!!揭秘Sync Breeze缓冲溢出漏洞利用全过程!?": "https://mp.weixin.qq.com/s?__biz=Mzk2NDE3NDUwNg==&mid=2247483890&idx=1&sn=00d4c726f5ef79a6a64b08e5c3bf5cca", + "一文看懂川普最新政策动向": "https://mp.weixin.qq.com/s?__biz=MzkxMTA3MDk3NA==&mid=2247487089&idx=1&sn=f20b24974cce9ecc0b92a98268385c76", + "专题·人工智能安全治理 | 关于《人工智能安全治理框架》的解读与思考": "https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485456&idx=1&sn=f12cda55ab644a5227ada312bb79a62f", + "【干货原创】实网攻防演习常态化,会带来什么变化01": "https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485456&idx=4&sn=9936a954d36b83982d8a01b800f5a884", + "【干货原创】K12教育,鲜为人知的模式秘密": "https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485456&idx=5&sn=101312cecc9a495c7856503d86123187", + "原创文章目录": "https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485456&idx=6&sn=416cca1469398aca13072a80a0f5c129", + "缓冲区溢出学习及漏洞复现": "https://mp.weixin.qq.com/s?__biz=Mzk1NzQwNjQ4Ng==&mid=2247484665&idx=1&sn=55ab331218ce3316953848bc8a134e19", + "对抗小技巧:利用阿里云OSS做域前置": "https://mp.weixin.qq.com/s?__biz=MzAxNzkyOTgxMw==&mid=2247493833&idx=1&sn=23a0220224aafdc3ab796f3cd5d0ff2b", + "一岁一逢,年度献礼 · 一图看懂2024年全球DDoS攻击态势": "https://mp.weixin.qq.com/s?__biz=MzAwODU5NzYxOA==&mid=2247505829&idx=1&sn=4d7addf765ddfaf78ec11b722e8f815f", + "山石入选车联网产品安全漏洞专业库CAVD支撑单位": "https://mp.weixin.qq.com/s?__biz=MzUzMDUxNTE1Mw==&mid=2247510279&idx=1&sn=06f1e42da19ca8f8da9668d9ed2ee6e4", + "YongYouNcTool-一款高效利用用友NC系列漏洞检测利用工具": "https://mp.weixin.qq.com/s?__biz=MzkzNzg4MTI0NQ==&mid=2247485426&idx=1&sn=4b2b9a4778352c4a0791090d92cff7cc", + "春节 | 蛇年大吉,中泊研为您安全护航!": "https://mp.weixin.qq.com/s?__biz=Mzg2NDc0MjUxMw==&mid=2247486072&idx=1&sn=2e79f7cd0c0fbc06d900089a529b1663", + "通用漏洞挖掘技巧": "https://mp.weixin.qq.com/s?__biz=MzIzMTIzNTM0MA==&mid=2247496940&idx=1&sn=a33f04e5fdb7818531eeda42ebf4b6e7", + "知名企业遭「偷家」,攻击面管理势在必行": "https://mp.weixin.qq.com/s?__biz=Mzg2NTk3NjczNQ==&mid=2247485619&idx=1&sn=378c053caf062e36f6d9c093a1e574dc", + "黑客、“内鬼”……2024年近千人涉侵害企业数据安全犯罪被检察机关起诉!": "https://mp.weixin.qq.com/s?__biz=MzU2MTQwMzMxNA==&mid=2247541454&idx=1&sn=41f75791ee9265270755e2cede71b671", + "共研发展路径,平行切面联盟第一届理事会第三次会议召开": "https://mp.weixin.qq.com/s?__biz=MzU5ODgzNTExOQ==&mid=2247635673&idx=1&sn=62b8bf30eb4df9ed99e5952408daf3c7", + "诸子云|甲方 :DLP遇到大模型软件,如何看待美国司法部发布的行政命令?": "https://mp.weixin.qq.com/s?__biz=MzU5ODgzNTExOQ==&mid=2247635673&idx=2&sn=8efa180e659fee80150075eca38e5f0e", + "【智库报告】生物力量:确保美国在生物技术领域的领导地位": "https://mp.weixin.qq.com/s?__biz=MzI2MTE0NTE3Mw==&mid=2651148676&idx=1&sn=1f06118ca29bead7275e53e21449c3d5", + "默安科技2024:既然选择远方 就会风雨兼程(文末赠好礼)": "https://mp.weixin.qq.com/s?__biz=MzIzODQxMjM2NQ==&mid=2247500311&idx=1&sn=71f5bc1eb780b0762b766affc6bd68f6", + "一款专为红队恶意软件开发而设计的自动化分析沙箱": "https://mp.weixin.qq.com/s?__biz=MzA4ODEyODA3MQ==&mid=2247490149&idx=1&sn=70a813d7a8848bc8648dd1aac1f118eb", + "LLM的“万能钥匙”": "https://mp.weixin.qq.com/s?__biz=MzkzNjczNzEyMw==&mid=2247484110&idx=1&sn=c5759fe1f71dfc0f9ee76811361e1366", + "专题·人工智能安全治理 | 《人工智能安全治理框架》为人工智能安全发展提供重要指引": "https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235681&idx=1&sn=530f8234ebb092aa1a91e0c76012ae79", + "发布 | 国家数据局就《数据领域常用名词解释(第二批)》公开征求意见(附全文)": "https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235681&idx=2&sn=bf11efc7a9b860fb9b20b141baa90341", + "专家解读 | 构建高素质人才队伍,助力数据标注产业发展": "https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235681&idx=3&sn=a3cb25195824a0af1ff71d0489c3fffc", + "关注 | 检察机关依法惩治侵害企业数据安全犯罪 服务保障企业创新发展": "https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235681&idx=4&sn=42732fbe26b1fac5bc322a9e33b0b28a", + "解读 | 市场监管总局发布《网络交易执法协查暂行办法》 建立健全网络交易执法协查机制提升监管效能": "https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235681&idx=5&sn=5c63e275dc2b4b4f5dc92f28bbbf9bd5", + "发布 | 中国信通院联合发布《数据治理研究报告(2024年)》(附下载)": "https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235681&idx=6&sn=acbcf59882875e4e743a79a6a0213aff", + "国际 | 域外个人生物识别信息保护模式考察": "https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235681&idx=7&sn=a87473518e84e1b51f4fbc4906a29861", + "评论 | 让网络交易执法协作更规范有序": "https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235681&idx=8&sn=2f11ec80a6ee5f872457f929a062a55f", + "【2025-01-24】黑客新闻摘要": "https://mp.weixin.qq.com/s?__biz=MzIzNDU5NTI4OQ==&mid=2247488355&idx=1&sn=ab928aff89673696e834f4dc18b7de2c", + "深度解读:特朗普新签数十项行政命令 将产生哪些影响?": "https://mp.weixin.qq.com/s?__biz=Mzg3MDczNjcyNA==&mid=2247488936&idx=1&sn=4d76e5c799b12293df6e886eeba72957", + "3.6万亿!特朗普搞史上投资规模最大AI投资 剑指中国": "https://mp.weixin.qq.com/s?__biz=Mzg3MDczNjcyNA==&mid=2247488936&idx=2&sn=266b328c867d28358b3ad08d0c0db044", + "phpMyAdmin 触发 XSS 攻击的安全漏洞": "https://mp.weixin.qq.com/s?__biz=MzI0NzE4ODk1Mw==&mid=2652094694&idx=1&sn=4585dbd6a2385bcc0d9f83cd29f7b622", + "勒索病毒攻击 VMware ESXi 主机": "https://mp.weixin.qq.com/s?__biz=MzI0NzE4ODk1Mw==&mid=2652094694&idx=2&sn=7325225efeb09b588a9ccc838efc3329", + "金蛇献瑞|筑梦前行|思维世纪2024年度总结及表彰大会圆满完成!": "https://mp.weixin.qq.com/s?__biz=MjM5ODE4OTYzNw==&mid=2649563787&idx=1&sn=b7874fb0a3bb408ce2437d83d89462bb", + "加速安全设计——是时候采用TARA自动化技术来提高车辆安全性了吗?": "https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247620079&idx=1&sn=23481c676669368be35dd7a2cddd9eac", + "网络安全最佳实践 - 从 TARA 到 PenTest": "https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247620079&idx=2&sn=8a4462a7c4c53f946c5e01065135e83a", + "预防网络灾难 - 通过 TARA 分析进行深度防御": "https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247620079&idx=3&sn=928dd30666e4f0e3e22e6ce103de6c61", + "红包封面第三弹!": "https://mp.weixin.qq.com/s?__biz=MzUzMDQ1MTY0MQ==&mid=2247506601&idx=1&sn=70f914bcbbb9efc2fb037f6002cd45f6", + "《Java代码审计零基础入门到项目实战》2025第一期招生,五十多节课才五百多,手慢无。": "https://mp.weixin.qq.com/s?__biz=MzkxNTU5NTI1Ng==&mid=2247487239&idx=1&sn=0202581931c1f46340bdf6f1001bda20", + "行业第二!实力藏不住了!": "https://mp.weixin.qq.com/s?__biz=MzkxNDY0MjMxNQ==&mid=2247532859&idx=1&sn=da3d0fe94b70093b8c0cbb414e8683e5", + "聊热点|IDC: 2025年中国安全和信任市场十大预测、新型僵尸网络正对路由器、摄像头等设备发起大规模DDoS攻击……": "https://mp.weixin.qq.com/s?__biz=MzkxNDY0MjMxNQ==&mid=2247532859&idx=2&sn=7af5ed5ca486c7d1ae633fed818088eb", + "带你解锁编码新世界!--随波逐流CTF编码工具使用教程41 --DNA密码": "https://mp.weixin.qq.com/s?__biz=MzU2NzIzNzU4Mg==&mid=2247489588&idx=1&sn=f7fc3df0757ab001f3b1c34b240fd68e", + "学习代码审计除了大量练习,更多的还是代码审计思路,给大家分享分享。": "https://mp.weixin.qq.com/s?__biz=Mzg3MDU1MjgwNA==&mid=2247487185&idx=1&sn=d6a035212abd74719d8d7ce79c254117", + "【安全圈】斯巴鲁汽车漏洞让黑客利用 Starlink 远程控制数百万辆汽车": "https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067590&idx=1&sn=32ea96086da2a1f7d7b7c25530ca8d55", + "【安全圈】GhostGPT – 黑客用来生成恶意软件和漏洞的新型 AI 黑帽工具": "https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067590&idx=2&sn=0963e1001cd7415a1987cb9c33807d8c", + "【安全圈】思科曝9.9分关键权限提升漏洞": "https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067590&idx=3&sn=7379d9127186d37af92f08f7a9ced06e", + "【安全圈】Chrome用户面临供应链攻击威胁,数百万人或受影响": "https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067590&idx=4&sn=ab568c073e0bfe554ca07ca03503f2da", + "Oracle 2025年1月补丁日多产品高危漏洞安全风险通告": "https://mp.weixin.qq.com/s?__biz=MzI2NTg4OTc5Nw==&mid=2247522169&idx=1&sn=fce75986029eae4069d3b0638d1202bd", + "守护资产,防范风险 | 2025年Web3.0资产安全指南": "https://mp.weixin.qq.com/s?__biz=MzU5OTg4MTIxMw==&mid=2247503926&idx=1&sn=d0bc90fe7f2f544c087615796f4035c5", + "企业动态 | 恒安嘉新入选2024全球计算产业案例汇编": "https://mp.weixin.qq.com/s?__biz=MzIwMTUzNDY0NA==&mid=2649119281&idx=1&sn=12e90ca98164afb60a7bdf8a6b918bc4", + "安全报告 | 2024年12月恒安嘉新网络信息安全综合态势报告": "https://mp.weixin.qq.com/s?__biz=MzIwMTUzNDY0NA==&mid=2649119281&idx=2&sn=822885323d0af590dcccbb115350825b", + "KwaiCoder-23B-A4B-v1:以 1/30 的成本训练全尺寸 SOTA 代码续写大模型": "https://mp.weixin.qq.com/s?__biz=Mzg2NzU4MDM0MQ==&mid=2247495958&idx=1&sn=3383a72355bdb4c1d1bc79d83c1a8569", + "斯巴鲁曝关键漏洞,凭车牌号可远程入侵汽车": "https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651312790&idx=1&sn=f164fbd58d9d173bbc7eae3626f9ab40", + "美国政府公布攻击Ivanti云服务设备的技术细节": "https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651312790&idx=2&sn=b9aa66d005e4e639e712a5efed74fa6c", + "美国前中央情报局分析师承认泄露国防信息": "https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651312790&idx=3&sn=83ffd20b9fd4d5d2da935ff3246e1ce6", + "MemProcFS-Analyzer:用于DFIR的Windows内存转储自动取证分析工具": "https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651312790&idx=4&sn=d1ca26975b2bf3760969a9ce23192b28", + "解读丨《国家数据基础设施建设指引》主要内容+图解,附下载": "https://mp.weixin.qq.com/s?__biz=MzI2MDk2NDA0OA==&mid=2247531208&idx=1&sn=fdf554db70e62d70c1452efb1191e994", + "干货 | 山信软件吕洪波:工业控制系统安全事件检测与处置(附视频+PPT)": "https://mp.weixin.qq.com/s?__biz=MzI2MDk2NDA0OA==&mid=2247531208&idx=2&sn=d6cdc5a8d9df1a49d25016840187a4f1", + "24年总结": "https://mp.weixin.qq.com/s?__biz=MzIyOTY1NDE5Mg==&mid=2247485100&idx=1&sn=0d1663a53843d7a2bd0c5504c41d1514", + "2025 蛇年迎新,盘古石取证暖心献礼:红包封面大放送,更多好礼等您来!": "https://mp.weixin.qq.com/s?__biz=MzI2MDA0MTYyMQ==&mid=2654404359&idx=1&sn=cb7965528fedcff57cca3c5cf9847be5", + "春节将至,盛邦安全放假安排新鲜出炉!": "https://mp.weixin.qq.com/s?__biz=MzAwNTAxMjUwNw==&mid=2650277587&idx=1&sn=28ae9f7e85590a579913877d8effc2a0", + "大模型系列之LLaMA Factory微调学习": "https://mp.weixin.qq.com/s?__biz=Mzg2MTc1NDAxMA==&mid=2247484342&idx=1&sn=58be391a85f1cab4cdd6b7b0b41b1300", + "产品上新!捷普数据库防火墙正式发布!": "https://mp.weixin.qq.com/s?__biz=MzI2MzU0NTk3OA==&mid=2247505825&idx=1&sn=6fc746a14da1dd33cecd278754c09e13", + "【漏洞预警】Elastic Fleet Server信息泄露漏洞": "https://mp.weixin.qq.com/s?__biz=MzI3NzMzNzE5Ng==&mid=2247489518&idx=1&sn=4af05b6c62e451e4665c358a9b06bb24", + "烽火狼烟丨暗网数据及攻击威胁情报分析周报(01/20-01/24)": "https://mp.weixin.qq.com/s?__biz=Mzk0NjMxNTgyOQ==&mid=2247484528&idx=1&sn=8663e8fd828e564560e8f8ef9b20fe32", + "Pwn2Own Automotive 2025结果汇总": "https://mp.weixin.qq.com/s?__biz=Mzk0MzQzNzMxOA==&mid=2247487726&idx=1&sn=f8bb5a54e33ff80c2cb8894433b7f41d", + "【再发一遍】新春抽奖开启!与奉天安全团队 & 禾信智安共迎新年好运!": "https://mp.weixin.qq.com/s?__biz=Mzk0NjQ2NzQ0Ng==&mid=2247484992&idx=1&sn=32c786903ab1ff5e499415b69a5dfc4b", + "新春抽奖开启!与奉天安全团队 & 禾信智安共迎新年好运!": "https://mp.weixin.qq.com/s?__biz=Mzk0NjQ2NzQ0Ng==&mid=2247484992&idx=2&sn=0114b9f967a3e89fd0ec5627b0be8224", + "Jeddak星火计划-开启申报": "https://mp.weixin.qq.com/s?__biz=MzI1MzYzMjE0MQ==&mid=2247512933&idx=1&sn=b2602ab68be9a48e636dfae7229f3144", + "DSRC 祝大家新年快乐(内含红包封面)": "https://mp.weixin.qq.com/s?__biz=MzA3Mzk1MDk1NA==&mid=2651908507&idx=1&sn=090d7d7a925c36caa9bed1158c3df7ce", + "备考CISSP丨选择官方培训,查看官方培训课程计划": "https://mp.weixin.qq.com/s?__biz=MzUzNTg4NDAyMg==&mid=2247492332&idx=1&sn=369749a7e2782981229c81e46366fbd2", + "每周蓝军技术推送(2025.1.18-1.24)": "https://mp.weixin.qq.com/s?__biz=MzkyMTI0NjA3OA==&mid=2247494044&idx=1&sn=356681967a014551977e5051389b8f15", + "2025网安行业优质播客精选集⑥": "https://mp.weixin.qq.com/s?__biz=Mzg2MTAwNzg1Ng==&mid=2247495515&idx=1&sn=2374d21d0f637deaaed6d28977cffa5d", + "【极思】安全运营第6年实践总结": "https://mp.weixin.qq.com/s?__biz=Mzg2MTAwNzg1Ng==&mid=2247495515&idx=2&sn=32937e97ab2cae2201c2be8c08ed014e", + "中小企业及创业公司信息安全建设指南": "https://mp.weixin.qq.com/s?__biz=Mzg2MTAwNzg1Ng==&mid=2247495515&idx=3&sn=4f64dbbd5c03c54883719d8d12c61b01", + "@网安人,你的2024年度关键词已生成(文末有福利)!": "https://mp.weixin.qq.com/s?__biz=Mzg2MTAwNzg1Ng==&mid=2247495515&idx=4&sn=3e056e3e5b0b767c9ab1f787add702a0", + "网络安全罗盘2024-2025年度“最佳参与奖”揭晓": "https://mp.weixin.qq.com/s?__biz=Mzg3OTg0OTAyOQ==&mid=2247486239&idx=1&sn=3d38cca0595dfc84ca2357ef5a25eb0f", + "限量赠送【10个前沿阵地🐍年红包封面】,恭祝大家新年快乐,财源广进。\\\\n\\\\n\\\\nhttps://support.weixin.qq.com/cgi-bin/mmsupport-bin/showredpacket?receiveuri=NU_pFu5bBp1TSI&check_type=2#wechat_redirect": "https://mp.weixin.qq.com/s?__biz=MzA3MTM0NTQzNA==&mid=2455780136&idx=1&sn=06e52c12c5a8cfa7f7a57f51e487a05c", + "蛇舞新春,安全不打烊!云弈科技放假通知和值班安排": "https://mp.weixin.qq.com/s?__biz=MzU2ODY0ODk2Nw==&mid=2247491055&idx=1&sn=420f20f35fa82fd4ec1b7426d38cd1db", + "边界无限春节护航,安全不打烊~": "https://mp.weixin.qq.com/s?__biz=MzAwNzk0NTkxNw==&mid=2247487095&idx=1&sn=472bbc069d672b5973d5ea86c3073a43", + "大众DP BR X8跳转清理 & a5分析": "https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458589258&idx=1&sn=c1333a825d642b84f6494440d9d8f10c", + "职位更新!好工作不等人": "https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458589258&idx=2&sn=0f3ea01777f154e98bec7ccb0214b51c", + "特斯拉汽车被“重点关注”,Pwn2Own Automotive 2024首日曝出24个零日漏洞": "https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458589258&idx=3&sn=1ee9c0b4428aba7d94dead806b1d1cb1", + "学它!Browser Pwn Chrome V8篇": "https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458589258&idx=4&sn=f3db39003003caac0baa29b1e79f959e", + "安全守护,时刻在线丨永信至诚春节放假通知": "https://mp.weixin.qq.com/s?__biz=MzAwNDUyMjk4MQ==&mid=2454829223&idx=1&sn=f73e544d3d20c83118c0a09feb410ac7", + "扫码下载 | 信息技术 安全技术 事件调查原则和过程": "https://mp.weixin.qq.com/s?__biz=MjM5OTk4MDE2MA==&mid=2655264431&idx=1&sn=ed7164fc360d5a060ae12fc8ba35599d", + "第一波稳定测试结束|等待第二波": "https://mp.weixin.qq.com/s?__biz=MzU5Njg5NzUzMw==&mid=2247490441&idx=1&sn=052ce0c328717954294bdc219233c174", + "网安周讯 | 抓捕7万人解救160余人,中国与多国联合打击电诈犯罪(一月第4期)": "https://mp.weixin.qq.com/s?__biz=Mzg4MjQ4MjM4OA==&mid=2247523793&idx=1&sn=64147631f2e1dab957579c0acf00e360", + "回眸蓄力 逐新前行 | 丈八网安2024年度大事件盘点": "https://mp.weixin.qq.com/s?__biz=MzkwNzI1NDk0MQ==&mid=2247492728&idx=1&sn=98ed0b98c1cd60e7c58b5bfc4265a8e7", + "梆叔说安全第三季Vol.8 | 梆梆安全2024年度回顾": "https://mp.weixin.qq.com/s?__biz=MjM5NzE0NTIxMg==&mid=2651135241&idx=1&sn=afac26f6bfea1d968585123f9aa6e883", + "安全过春节 服务不打烊": "https://mp.weixin.qq.com/s?__biz=MjM5NzE0NTIxMg==&mid=2651135241&idx=2&sn=2c39dd7159814b2ab9c889bc2a73ee7c", + "致谢之声|观安信息收到国家工业信息安全发展研究中心感谢信": "https://mp.weixin.qq.com/s?__biz=MzIxNDIzNTcxMg==&mid=2247506747&idx=1&sn=3dad99620fdf85bd42c83b99d2853165", + "LinkedIn共享用户数据用于AI训练,面临集体诉讼": "https://mp.weixin.qq.com/s?__biz=MzUzODYyMDIzNw==&mid=2247516907&idx=1&sn=32404b5acd0fa1d6c4fd1cef521c1bec", + "关于向社会公开征求《数据领域常用名词解释(第二批)》意见的公告": "https://mp.weixin.qq.com/s?__biz=MzUzODYyMDIzNw==&mid=2247516907&idx=2&sn=86b6048d34de49f347b9e9df355e1e41", + "红队人员必备": "https://mp.weixin.qq.com/s?__biz=Mzk1NzIzOTc5MQ==&mid=2247484618&idx=1&sn=028819b6f7389bc9b049f58b64d583b1", + "VulnNodeApp:一款包含大量安全漏洞的Node.js安全练习平台": "https://mp.weixin.qq.com/s?__biz=MzU2MjY1ODEwMA==&mid=2247492083&idx=1&sn=32de1c271310b330793fd3aa20af2213", + "记录一次时序数据库的实战测试": "https://mp.weixin.qq.com/s?__biz=MzkxNTIwNTkyNg==&mid=2247553194&idx=1&sn=2e004e579969317d5e92df0ddfcbb172", + "【免费领】新手必备!Web安全漏洞实战入门教程": "https://mp.weixin.qq.com/s?__biz=MzkxNTIwNTkyNg==&mid=2247553194&idx=2&sn=3f4629f234882e5f46e5adca2331d21e", + "冰蝎V4.0流量分析到攻防检测": "https://mp.weixin.qq.com/s?__biz=MzkyNTY3Nzc3Mg==&mid=2247489163&idx=1&sn=e175c3041e920dd6f348e5aea1cc803d", + "网络安全动态 - 2025.01.24": "https://mp.weixin.qq.com/s?__biz=MzU1MzEzMzAxMA==&mid=2247499899&idx=1&sn=9a3d81b57f8642fbbad999c551f7d059", + "Oracle发布2025年1月的安全公告": "https://mp.weixin.qq.com/s?__biz=MzU3ODM2NTg2Mg==&mid=2247495725&idx=1&sn=dedb6bb0dabaefa9b319ac1b7250d198", + "《智能化安全运营中心应用指南(2025年)》报告暨代表性厂商评估调研启动": "https://mp.weixin.qq.com/s?__biz=MjM5Njc3NjM4MA==&mid=2651134885&idx=1&sn=1a1ed1ea95fed0e6eb76fe4a39386297", + "ChatGPT又全球大面积宕机,AI助手暂时\\\"失联\\\";斯巴鲁系统漏洞曝光,数百万车辆面临远程解锁并启动风险 | 牛览": "https://mp.weixin.qq.com/s?__biz=MjM5Njc3NjM4MA==&mid=2651134885&idx=2&sn=b2ed8f09df9e5f6c4850178ee4311397", + "缓冲区溢出到getshell提权": "https://mp.weixin.qq.com/s?__biz=Mzk0Mjg4MTQxMw==&mid=2247485817&idx=1&sn=e70b57b7fc4e92117a0bc5b84f9651a2", + "HTTP协议在IP协议之上对吗?": "https://mp.weixin.qq.com/s?__biz=MzIxNTM3NDE2Nw==&mid=2247490315&idx=1&sn=8e90a9794db36a878015108ee0efad71", + "2025春节不打烊--全天候24小时服务": "https://mp.weixin.qq.com/s?__biz=MzUxODY3MDExMA==&mid=2247490097&idx=1&sn=71c606f4b38243b1c7b326afaa7b148e", + "Cursor Pro自动化无限续杯方法": "https://mp.weixin.qq.com/s?__biz=MzA3MzgwMzYyMA==&mid=2452890271&idx=1&sn=0a39d26afb00141c8df2a46f0ea99376", + "轻松使用cloudflare配置域名邮箱": "https://mp.weixin.qq.com/s?__biz=MzA3MzgwMzYyMA==&mid=2452890271&idx=2&sn=3274f03a656568f84f84dafb0c6b5699", + "18部门印发《困境儿童个人信息保护工作办法》(附全文)": "https://mp.weixin.qq.com/s?__biz=MzkwMTMyMDQ3Mw==&mid=2247597597&idx=2&sn=7b0a83cff6feb7012cf96d6ab6beae26", + "春节放假通知 | 众安天下:守护网络安全,保障“不打烊”": "https://mp.weixin.qq.com/s?__biz=MzIyOTUzODY5Ng==&mid=2247504316&idx=1&sn=d83bd6c7e96fd6c7eafad474e007128d", + "国家级创新中心建设经验交流": "https://mp.weixin.qq.com/s?__biz=MzAwNTc0ODM3Nw==&mid=2247488623&idx=1&sn=af66ff6a71f033f58448c3683b2f30e5" + }, + "嘶吼 RoarTalk – 网络安全行业综合服务平台,4hou.com": { + "AI鉴真刻不容缓!别让AI伪造“偷走”我们的善意": "https://www.4hou.com/posts/xyzP", + "中央发文“推进新型城市基建”,祥云平台助力打造韧性城市": "https://www.4hou.com/posts/wxyX", + "2024 Q4企业邮箱安全报告揭秘:盗号测试信背后的黑产攻击套路": "https://www.4hou.com/posts/rpqL", + "新的 UEFI 安全启动漏洞使系统暴露于 bootkit": "https://www.4hou.com/posts/7MyB", + "针对 Chrome 浏览器扩展程序网络钓鱼活动的新细节被披露": "https://www.4hou.com/posts/nlJp" + }, + "Recent Commits to cve:main": { + "Update Fri Jan 24 20:25:39 UTC 2025": "https://github.com/trickest/cve/commit/7cc0e3b9bf546832a32096d9ceafcc97c4d93574", + "Update Fri Jan 24 12:24:54 UTC 2025": "https://github.com/trickest/cve/commit/f8b633c3d8a83678494182ef13bdefe3de45b845", + "Update Fri Jan 24 04:11:19 UTC 2025": "https://github.com/trickest/cve/commit/2a95822f974d055bd443f22267473caedaf24a5d" + }, + "Sucuri Blog": { + "Malware Redirects WordPress Traffic to Harmful Sites": "https://blog.sucuri.net/2025/01/malware-redirects-wordpress-traffic-to-harmful-sites.html" + }, + "CXSECURITY Database RSS Feed - CXSecurity.com": { + "CMS Twig Template Injection RCE via FTP Templates Path": "https://cxsecurity.com/issue/WLB-2025010024" + }, + "Trustwave Blog": { + "Ransomware’s Evolution: Key Threat Groups Targeting the Energy and Utilities Sector in 2025": "https://www.trustwave.com/en-us/resources/blogs/trustwave-blog/ransomwares-evolution-key-threat-groups-targeting-the-energy-and-utilities-sector-in-2025/" + }, + "Security Boulevard": { + "DEF CON 32 – Anyone Can Hack IoT- Beginner’s Guide To Hacking Your First IoT Device": "https://securityboulevard.com/2025/01/def-con-32-anyone-can-hack-iot-beginners-guide-to-hacking-your-first-iot-device/", + "Cyber Lingo: What is GRC in cybersecurity?": "https://securityboulevard.com/2025/01/cyber-lingo-what-is-grc-in-cybersecurity/", + "Randall Munroe’s XKCD ‘Unit Circle’": "https://securityboulevard.com/2025/01/randall-munroes-xkcd-unit-circle/", + "Continuous Monitoring Guide: FedRAMP Meets Zero Trust": "https://securityboulevard.com/2025/01/continuous-monitoring-guide-fedramp-meets-zero-trust/", + "How to Choose the Right Cybersecurity Software: A Comprehensive Guide": "https://securityboulevard.com/2025/01/how-to-choose-the-right-cybersecurity-software-a-comprehensive-guide/", + "How bots and fraudsters exploit video games with credential stuffing": "https://securityboulevard.com/2025/01/how-bots-and-fraudsters-exploit-video-games-with-credential-stuffing/", + "DEF CON 32 – Building A Secure Resilient Nationwide EV Charging Network": "https://securityboulevard.com/2025/01/def-con-32-building-a-secure-resilient-nationwide-ev-charging-network/", + "Solving WAFs biggest challenge | Impart Security": "https://securityboulevard.com/2025/01/solving-wafs-biggest-challenge-impart-security/", + "Unveiling the Dark Web: Myths, Realities, and Risks You Didn’t Know About": "https://securityboulevard.com/2025/01/unveiling-the-dark-web-myths-realities-and-risks-you-didnt-know-about/" + }, + "Blogs on STAR Labs": { + "CVE-2024-26230: Windows Telephony Service - It's Got Some Call-ing Issues (Elevation of Privilege)": "https://starlabs.sg/blog/2025/cve-2024-26230-windows-telephony-service-its-got-some-call-ing-issues/" + }, + "Twitter @bytehx": { + "Re @roohaa_n @Bugcrowd Because it was on the testing environment.": "https://x.com/bytehx343/status/1882793157093679381", + "I earned $650 for my submission on @bugcrowd https://bugcrowd.com/bytehx #ItTakesACrowd Bug: Admin Panel Takeover": "https://x.com/bytehx343/status/1882791535617650979" + }, + "Bug Bounty in InfoSec Write-ups on Medium": { + "SQL injection in largest Electricity Board of Sri Lanka": "https://infosecwriteups.com/sql-injection-in-largest-electricity-board-of-sri-lanka-1a55c12104bd?source=rss----7b722bfd1b8d--bug_bounty" + }, + "Reverse Engineering": { + "Dissecting the NVIDIA Hopper Architecture through Microbenchmarking and Multiple Level Analysis": "https://www.reddit.com/r/ReverseEngineering/comments/1i974mg/dissecting_the_nvidia_hopper_architecture_through/", + "Hacking Subaru: Tracking and Controlling Cars via the STARLINK Admin Panel": "https://www.reddit.com/r/ReverseEngineering/comments/1i8md2d/hacking_subaru_tracking_and_controlling_cars_via/", + "A particularly 'sus' sysctl in the XNU Kernel": "https://www.reddit.com/r/ReverseEngineering/comments/1i8m9h3/a_particularly_sus_sysctl_in_the_xnu_kernel/" + }, + "SentinelOne": { + "The Good, the Bad and the Ugly in Cybersecurity – Week 4": "https://www.sentinelone.com/blog/the-good-the-bad-and-the-ugly-in-cybersecurity-week-4-6/" + }, + "Malwarebytes": { + "Texas scrutinizes four more car manufacturers on privacy issues": "https://www.malwarebytes.com/blog/news/2025/01/texas-scrutinizes-four-more-car-manufacturers-on-privacy-issues" + }, + "安全牛": { + "2024年度全球邮件威胁报告": "https://www.aqniu.com/vendor/108155.html", + "多个网络安全巨头的账户凭证泄露,在暗网被售卖;工信部提醒:防范Androxgh0st僵尸网络风险 | 牛览": "https://www.aqniu.com/homenews/108150.html", + "深度长文 | 面对马斯克在CES2025上的预言,我们该何去何从?": "https://www.aqniu.com/homenews/108149.html" + }, + "HackerNews": { + "特斯拉电动汽车充电器在 Pwn2Own 东京大赛次日遭两次黑客攻击": "https://hackernews.cc/archives/57086", + "QNAP 修复 NAS 备份恢复应用中的六项 Rsync 漏洞": "https://hackernews.cc/archives/57078", + "近千个假冒 Reddit 网站推广 Lumma Stealer 恶意软件": "https://hackernews.cc/archives/57073", + "TRIPLESTRENGTH 针对云环境进行加密货币劫持与勒索软件攻击": "https://hackernews.cc/archives/57071", + "QakBot 相关 BC 恶意软件新增强化远程访问与数据收集功能": "https://hackernews.cc/archives/57069", + "Juniper 路由器遭利用“魔术包”漏洞的定制后门攻击": "https://hackernews.cc/archives/57064", + "Palo Alto 防火墙被发现存在安全启动绕过和固件漏洞": "https://hackernews.cc/archives/57061" + }, + "杨龙": { + "阿里云小内存机器频繁死机可能原因": "https://www.yanglong.pro/%e9%98%bf%e9%87%8c%e4%ba%91%e5%b0%8f%e5%86%85%e5%ad%98%e6%9c%ba%e5%99%a8%e9%a2%91%e7%b9%81%e6%ad%bb%e6%9c%ba%e5%8f%af%e8%83%bd%e5%8e%9f%e5%9b%a0/" + }, + "奇客Solidot–传递最新科技情报": { + "秘密后门使用“魔法封包”感染企业 VPN": "https://www.solidot.org/story?sid=80419", + "调查显示八成游戏开发商开发 PC 游戏": "https://www.solidot.org/story?sid=80418", + "《自然》调查显示七成回应者使用 Bluesky": "https://www.solidot.org/story?sid=80417", + "乔治 R.R.马丁合作发表了一篇物理学论文": "https://www.solidot.org/story?sid=80416", + "Google 移动搜索移除网址面包屑导航": "https://www.solidot.org/story?sid=80415", + "癌细胞利用有缺陷的线粒体毒害攻击免疫细胞": "https://www.solidot.org/story?sid=80414", + "日本市场中国平板电视首次超过五成": "https://www.solidot.org/story?sid=80413", + "智人离开非洲后血型可能发生适应性遗传变化": "https://www.solidot.org/story?sid=80412", + "三菱不打算参与本田日产的合并": "https://www.solidot.org/story?sid=80411", + "特朗普政府暂停了 NIH 的会议和旅行": "https://www.solidot.org/story?sid=80410", + "Debian 15 代号 Duke": "https://www.solidot.org/story?sid=80409", + "研究揭示不同政治光谱对传递虚假信息的偏好": "https://www.solidot.org/story?sid=80408" + }, + "腾讯玄武实验室": { + "每日安全动态推送(25/1/24)": "https://mp.weixin.qq.com/s?__biz=MzA5NDYyNDI0MA==&mid=2651960005&idx=1&sn=def8d5b004e60d0aa2f280d8493dc542&chksm=8baed25abcd95b4c23216c4b136a117918821b1f1ab95f8ce4b0e3c6ab2023bca38d426f0245&scene=58&subscene=0#rd" + }, + "安全客": { + "特斯拉充电桩一天被入侵两次,电动汽车基础设施网络安全引发全球关注": "https://mp.weixin.qq.com/s?__biz=MzA5ODA0NDE2MA==&mid=2649787811&idx=1&sn=4927212fd9debdf7d94032ffd45aa0a9&chksm=8893bdccbfe434da1ec3c28eee36e47d63292e7a1c711d7f6818ff6f70209bede150d2007572&scene=58&subscene=0#rd" + }, + "黑海洋 - IT技术知识库": { + "PixPro图床 – Github存储版": "https://blog.upx8.com/4678" + }, + "FreeBuf网络安全行业门户": { + "Shiro CVE-2020-17523 路径绕过": "https://www.freebuf.com/vuls/420772.html", + "FreeBuf周报 | 特朗普特赦暗网丝绸之路创始人;B站员工代码投毒报复用户": "https://www.freebuf.com/news/420756.html", + "Tyrant(暴君) SUID二进制文件权限提升工具": "https://www.freebuf.com/sectool/420749.html", + "黑客利用Windows RID劫持技术创建隐藏管理员账户": "https://www.freebuf.com/articles/system/420811.html", + "2025网络暴露危机报告:45%第三方应用越权访问用户数据": "https://www.freebuf.com/news/420744.html", + "黑客用假恶意软件生成器感染1.8万名“脚本小子”": "https://www.freebuf.com/articles/endpoint/420809.html", + "斯巴鲁漏洞让黑客可以远程控制数百万辆汽车": "https://www.freebuf.com/news/420728.html", + "[windows]自动锁屏程序": "https://www.freebuf.com/sectool/420727.html", + "新型人工智能“黑帽”工具:GhostGPT带来的威胁与挑战": "https://www.freebuf.com/news/420724.html" + }, + "奇安信威胁情报中心": { + "每周高级威胁情报解读(2025.01.17~01.23)": "https://mp.weixin.qq.com/s?__biz=MzI2MDc2MDA4OA==&mid=2247513863&idx=1&sn=9c4a03d780248697f3ef6da46a3760fe&chksm=ea664070dd11c9664b9d2879112628ee373660f60d7f25a7e8d14365524b15307382d82dac01&scene=58&subscene=0#rd" + }, + "安全内参": { + "知名车企漏洞:只需车牌号,就能远程监控劫持数百万辆车": "https://mp.weixin.qq.com/s?__biz=MzI4NDY2MDMwMw==&mid=2247513589&idx=1&sn=1b70e6f4b48c39927bb2af1c0178da71&chksm=ebfaf2d5dc8d7bc3abdb845b15e34f01c5f9cc9f45c71804e231873a3c9b8be109f58083ea60&scene=58&subscene=0#rd", + "人数超TikTok!2024年美国医疗行业泄漏了1.8亿患者数据": "https://mp.weixin.qq.com/s?__biz=MzI4NDY2MDMwMw==&mid=2247513589&idx=2&sn=3351a7a65979a78d643300f2a4dadfa5&chksm=ebfaf2d5dc8d7bc3d4cc9463e5f5a1a7ea306214b1c2ff9c9ef273fd5adadc40174c66510720&scene=58&subscene=0#rd" + }, + "威努特安全网络": { + "中方回应美对中网络攻击,惠普公司开发文件泄漏 | 一周特辑": "https://mp.weixin.qq.com/s?__biz=MzAwNTgyODU3NQ==&mid=2651130852&idx=1&sn=f1f55221d3afc7e74434b9d7e1180e95&chksm=80e71154b7909842dc785813844722ccaa15f8f08962db7fa984f1c156c60c4f4f285e6932e1&scene=58&subscene=0#rd" + }, + "看雪学苑": { + "大众DP BR X8跳转清理 & a5分析": "https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458589258&idx=1&sn=c1333a825d642b84f6494440d9d8f10c&chksm=b18c28c086fba1d62346bd0549dfc0cce7d6a264896bff49ec6fa9c67d09e41b8e76e90d5097&scene=58&subscene=0#rd", + "职位更新!好工作不等人": "https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458589258&idx=2&sn=0f3ea01777f154e98bec7ccb0214b51c&chksm=b18c28c086fba1d624ad70b554e691e9d88be8caa3deb07a854e332421e9924bf50e15a3c4b9&scene=58&subscene=0#rd", + "特斯拉汽车被“重点关注”,Pwn2Own Automotive 2024首日曝出24个零日漏洞": "https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458589258&idx=3&sn=1ee9c0b4428aba7d94dead806b1d1cb1&chksm=b18c28c086fba1d68376c00b114728f746f713fc2982b933066eb6ecbdc12c0081c2b3bb1411&scene=58&subscene=0#rd", + "学它!Browser Pwn Chrome V8篇": "https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458589258&idx=4&sn=f3db39003003caac0baa29b1e79f959e&chksm=b18c28c086fba1d6bd9cfde7e242476b6f95ecc53d490d7adb507edeb3df6e00bbe7c43f3169&scene=58&subscene=0#rd" + }, + "代码卫士": { + "Oracle 2025年1月补丁日多产品高危漏洞安全风险通告": "https://mp.weixin.qq.com/s?__biz=MzI2NTg4OTc5Nw==&mid=2247522169&idx=1&sn=fce75986029eae4069d3b0638d1202bd&chksm=ea94a613dde32f05ef7826dcffe2b3decd7b00ebdf610c08b0715fb2887545ac34d0f7f964dc&scene=58&subscene=0#rd" + }, + "丁爸 情报分析师的工具箱": { + "【智库报告】生物力量:确保美国在生物技术领域的领导地位": "https://mp.weixin.qq.com/s?__biz=MzI2MTE0NTE3Mw==&mid=2651148676&idx=1&sn=1f06118ca29bead7275e53e21449c3d5&chksm=f1af26bec6d8afa8acd71cd12d352ac329764f11442e96d516ec4f5d4de731ff287f315664bb&scene=58&subscene=0#rd" + }, + "dotNet安全矩阵": { + "文件痕迹清理,通过 Sharp4ModifyTime 修改任意文件时间戳": "https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498414&idx=1&sn=10c139db39735808d38c078682fce180&chksm=fa595443cd2edd55d66fb3d9017e009c5caf2c926f3df17fb94750bb82d71fe7f49bd2e51fa9&scene=58&subscene=0#rd", + "国内最专业、最全面的 [ .NET 代码审计 ] 体系化学习交流社区": "https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498414&idx=2&sn=d3c80ed5d3de19b8387f42bb7cc03601&chksm=fa595443cd2edd558f74d9545543622d73ec3aaf0037dd848378945854655e763a11ac52e1cf&scene=58&subscene=0#rd", + "通过 Sharp4Tokenvator 实现本地权限提升": "https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498414&idx=3&sn=ace80c4aea3efbc86df8b64024f230ba&chksm=fa595443cd2edd55b7f4ec0d4a576bc19c3cefa0a5e9de199379c5f8271cb941e2887b1ddd6d&scene=58&subscene=0#rd" + }, + "天御攻防实验室": { + "泄露文件揭示以色列军方与微软之间的深层联系,在加沙战争期间提供技术支持": "https://mp.weixin.qq.com/s?__biz=MzU0MzgyMzM2Nw==&mid=2247486245&idx=1&sn=6c3bb1322ccb3edb14168ca734a6242b&chksm=fb04c84dcc73415bcf1d7c2f5ac99a3097bf6e51cee850fadde07cba4dc05c7d75774a1e3f00&scene=58&subscene=0#rd" + }, + "ChaMd5安全团队": { + "Kaiji恶意样本分析_v2": "https://mp.weixin.qq.com/s?__biz=MzIzMTc1MjExOQ==&mid=2247511902&idx=1&sn=5a5087aec514f7b15779c18c089f0108&chksm=e89d8786dfea0e90e92921d5e1165a96c3c07af7d978f5c64f6eb6298ffd10e0112f71c100d4&scene=58&subscene=0#rd" + }, + "安全圈": { + "【安全圈】斯巴鲁汽车漏洞让黑客利用 Starlink 远程控制数百万辆汽车": "https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067590&idx=1&sn=32ea96086da2a1f7d7b7c25530ca8d55&chksm=f36e7b46c419f2508759cde38a0b63b3f4b1442bc7655fa88acfdb556c1fefa5e78211594fc2&scene=58&subscene=0#rd", + "【安全圈】GhostGPT – 黑客用来生成恶意软件和漏洞的新型 AI 黑帽工具": "https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067590&idx=2&sn=0963e1001cd7415a1987cb9c33807d8c&chksm=f36e7b46c419f2503cd6ccf7191847d24b6e5135071daedb82309bbc01b97545402cc0ff010b&scene=58&subscene=0#rd", + "【安全圈】思科曝9.9分关键权限提升漏洞": "https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067590&idx=3&sn=7379d9127186d37af92f08f7a9ced06e&chksm=f36e7b46c419f25055741d6542936063bf1b5787923201949d2998d3f1120257c12deaab9a8f&scene=58&subscene=0#rd", + "【安全圈】Chrome用户面临供应链攻击威胁,数百万人或受影响": "https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067590&idx=4&sn=ab568c073e0bfe554ca07ca03503f2da&chksm=f36e7b46c419f2504e60fb5ecb4e5b4587d40c40ef28fa92ddedef841c052dddeb060feb9d4a&scene=58&subscene=0#rd" + }, + "M01N Team": { + "每周蓝军技术推送(2025.1.18-1.24)": "https://mp.weixin.qq.com/s?__biz=MzkyMTI0NjA3OA==&mid=2247494044&idx=1&sn=356681967a014551977e5051389b8f15&chksm=c184298df6f3a09b94ddf8530ba9a609f1a4b3b5f9613ec89ba358c061f0b4d9593c735c2599&scene=58&subscene=0#rd" + }, + "吾爱破解论坛": { + "吾爱破解论坛精华集2024": "https://mp.weixin.qq.com/s?__biz=MjM5Mjc3MDM2Mw==&mid=2651141621&idx=1&sn=3f4c02af5506cb4440b9bc873071e716&chksm=bd50a5a18a272cb726747cfc86d50e65fcb43108e02ccddb2e78de7a82d173eb3bb2f4c05463&scene=58&subscene=0#rd" + }, + "嘶吼专业版": { + "针对 Chrome 浏览器扩展程序网络钓鱼活动的新细节被披露": "https://mp.weixin.qq.com/s?__biz=MzI0MDY1MDU4MQ==&mid=2247580965&idx=1&sn=7b271d77d7ae3794e77995267c934acf&chksm=e9146d1fde63e4097053f87e00d408e479510a2c67f11147c47b8735ea28cd8466e12a464d04&scene=58&subscene=0#rd", + "新的 UEFI 安全启动漏洞使系统暴露于 bootkit": "https://mp.weixin.qq.com/s?__biz=MzI0MDY1MDU4MQ==&mid=2247580965&idx=2&sn=35ac8cf9ec1bfacb175b8622720863e2&chksm=e9146d1fde63e40910e314cac61af17533c328067d6bd015df8402266ba7692efae9a049c79f&scene=58&subscene=0#rd" + }, + "中国信息安全": { + "专题·人工智能安全治理 | 《人工智能安全治理框架》为人工智能安全发展提供重要指引": "https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235681&idx=1&sn=530f8234ebb092aa1a91e0c76012ae79&chksm=8b580058bc2f894ee2eae6f8c70502378a85d1c68c7854fc04a36aa415a806b70c3b95b59a89&scene=58&subscene=0#rd", + "发布 | 国家数据局就《数据领域常用名词解释(第二批)》公开征求意见(附全文)": "https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235681&idx=2&sn=bf11efc7a9b860fb9b20b141baa90341&chksm=8b580058bc2f894e8a78e5460bb45f362eeed694b3371ca573a75b3fd3cc0f08ad6cab57e0ce&scene=58&subscene=0#rd", + "专家解读 | 构建高素质人才队伍,助力数据标注产业发展": "https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235681&idx=3&sn=a3cb25195824a0af1ff71d0489c3fffc&chksm=8b580058bc2f894eb245d36a53ec92e5f687b6e6c66f7f71f0de296890f4298efb378db18fb8&scene=58&subscene=0#rd", + "关注 | 检察机关依法惩治侵害企业数据安全犯罪 服务保障企业创新发展": "https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235681&idx=4&sn=42732fbe26b1fac5bc322a9e33b0b28a&chksm=8b580058bc2f894e0f4cbee4ba19fbc1b27fa5adfa931776ec7cb3fd7561bac3e8b4892b8ccc&scene=58&subscene=0#rd", + "解读 | 市场监管总局发布《网络交易执法协查暂行办法》 建立健全网络交易执法协查机制提升监管效能": "https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235681&idx=5&sn=5c63e275dc2b4b4f5dc92f28bbbf9bd5&chksm=8b580058bc2f894e4ac6bd8b2f2a60ec364d705cfefc7db43b0fc7889dab60803743480b83bc&scene=58&subscene=0#rd", + "发布 | 中国信通院联合发布《数据治理研究报告(2024年)》(附下载)": "https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235681&idx=6&sn=acbcf59882875e4e743a79a6a0213aff&chksm=8b580058bc2f894eb05f0a640a04bc0c13832cf9659cfd9cf586f741342e097e7cb4f2034b14&scene=58&subscene=0#rd", + "国际 | 域外个人生物识别信息保护模式考察": "https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235681&idx=7&sn=a87473518e84e1b51f4fbc4906a29861&chksm=8b580058bc2f894efeb5cc3fd1319d517ad0008fc4cd0f9d85d46eb582042a0de18704a8873c&scene=58&subscene=0#rd", + "评论 | 让网络交易执法协作更规范有序": "https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235681&idx=8&sn=2f11ec80a6ee5f872457f929a062a55f&chksm=8b580058bc2f894e56c7b4df2c980cea63ded34c1a6f34cf676f53b56d42c1167466955df122&scene=58&subscene=0#rd" + }, + "数世咨询": { + "2025年必看!人工智能重塑网络安全,超级自动化就在眼前!": "https://mp.weixin.qq.com/s?__biz=MzkxNzA3MTgyNg==&mid=2247534964&idx=1&sn=cd109de22eeb6fcac5e7cd1247dd3038&chksm=c1443bc9f633b2dffee47e3c9a18afbcf4f64db84cbb2f3d5cb84383c63142f168c05adae6a9&scene=58&subscene=0#rd" + }, + "情报分析师": { + "情报:那些事儿": "https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650559205&idx=1&sn=6f86b1fec7d1f4306725254f5e6db47b&chksm=87117caeb066f5b815b102a771281eb4e910b4e244ef275aa4415290e48253076ec16ad5c18b&scene=58&subscene=0#rd", + "开源情报分析:透视一个人的多面性": "https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650559205&idx=2&sn=6a56dd9122e1a302bc2384123478737b&chksm=87117caeb066f5b87e14101a13336b9e6be83fbc2884d71296f17c29da9e70a956c4d40941f8&scene=58&subscene=0#rd", + "开源情报信息,一网打尽!": "https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650559205&idx=3&sn=1cca5108e67070471ee51e0e1ea8dcbd&chksm=87117caeb066f5b898030d03c8c46ca801ddfd645b1e85ec75ce59eeb5cb9c54e7da072470bd&scene=58&subscene=0#rd" + }, + "CNVD漏洞平台": { + "Oracle发布2025年1月的安全公告": "https://mp.weixin.qq.com/s?__biz=MzU3ODM2NTg2Mg==&mid=2247495725&idx=1&sn=dedb6bb0dabaefa9b319ac1b7250d198&chksm=fd74c0e4ca0349f283b0e540501af4fa1eeb782340415eff1013718bda5508d4702dbdcfff2a&scene=58&subscene=0#rd" + }, + "火绒安全": { + "【火绒安全周报】B站员工滥用权限报复用户被开除/2000多名网红被“开盒”": "https://mp.weixin.qq.com/s?__biz=MzI3NjYzMDM1Mg==&mid=2247521828&idx=1&sn=82479a718193afc90904db31f588c5e6&chksm=eb70481bdc07c10d2378d6352727843511736ac4f404c29cf9f77471d0d7f39ce10514d787ea&scene=58&subscene=0#rd", + "诚邀渠道合作伙伴共启新征程": "https://mp.weixin.qq.com/s?__biz=MzI3NjYzMDM1Mg==&mid=2247521828&idx=2&sn=3f3425eb3c27f9524fb0f2d953ca029a&chksm=eb70481bdc07c10d32197f192e668777077d45aa9eea8faf428e04c535eb84d385aa11a0d679&scene=58&subscene=0#rd" + }, + "极客公园": { + "豆包大模型 1.5 不走「捷径」,火山引擎要造「长坡厚雪」": "https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653072804&idx=1&sn=7fc6c4db1fad547f98df8d00ad106b33&chksm=7e57d0124920590444932c909ec415ffb185143d343e2419ea28f294c9fe2bc069783622d1a0&scene=58&subscene=0#rd", + "我们要摆脱『过个 AI 年』这样的初级阶段了": "https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653072771&idx=1&sn=3149d2565c3589ac38227d8d5878597f&chksm=7e57d0354920592309f96a4d274ad464edd3d0c87637c4b30146afc4041f5f392f17627fb714&scene=58&subscene=0#rd", + "OpenAI 推新智能体,能完成复杂任务;雷军、王传福入选全球最佳 CEO;字节游戏《决胜巅峰》开启国内公测 | 极客早知道": "https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653072732&idx=1&sn=0926a0b689d8e148d5c9fb4b32aa0892&chksm=7e57d0ea492059fc09eb0e9933091e0c43b3b5c2bc1d10a11b6be1acf32bb25d9c4bec737b0c&scene=58&subscene=0#rd" + }, + "奇安盘古": { + "2025 蛇年迎新,盘古石取证暖心献礼:红包封面大放送,更多好礼等您来!": "https://mp.weixin.qq.com/s?__biz=MzI2MDA0MTYyMQ==&mid=2654404359&idx=1&sn=cb7965528fedcff57cca3c5cf9847be5&chksm=f1ade1fdc6da68eb47796fef146879a2a2b5b5b44aab25764027cf594608aba90b65b0e9004d&scene=58&subscene=0#rd" + }, + "字节跳动技术团队": { + "Jeddak星火计划-开启申报": "https://mp.weixin.qq.com/s?__biz=MzI1MzYzMjE0MQ==&mid=2247512933&idx=1&sn=b2602ab68be9a48e636dfae7229f3144&chksm=e9d37887dea4f191941d0bb113066bf053408a8bd5796ecfeb49d90c5cf43e1920bf2dafab42&scene=58&subscene=0#rd" + }, + "百度安全应急响应中心": { + "限量红包封面 | 好运“嘶”声而来 滑进你的口袋": "https://mp.weixin.qq.com/s?__biz=MzA4ODc0MTIwMw==&mid=2652542174&idx=1&sn=5fe0d886b064979793b3cbd19a61b7fe&chksm=8bcbb0e2bcbc39f42a01e0223d846599c26ac7e6e5fdf61cfad2eac81894c6229699bd5284b0&scene=58&subscene=0#rd" + }, + "Tide安全团队": { + "记一次钓鱼邮件实例分析": "https://mp.weixin.qq.com/s?__biz=Mzg2NTA4OTI5NA==&mid=2247519791&idx=1&sn=f8f408c3e7b57b9783fde060aff1708e&chksm=ce5dac4ef92a25583e33450d525507ab9da79d6e5fc9a15b0a7e5c799935ec0614f904647568&scene=58&subscene=0#rd" + }, + "huasec": { + "24年总结": "https://mp.weixin.qq.com/s?__biz=MzIyOTY1NDE5Mg==&mid=2247485100&idx=1&sn=0d1663a53843d7a2bd0c5504c41d1514&chksm=e8be2d73dfc9a4658eb6f0680a4e62f1bd800fe5988bfcf1fe194160e0157aa434d882f6d8b8&scene=58&subscene=0#rd" + }, + "360数字安全": { + "春节假期,安全大模型帮你“躺赢”!": "https://mp.weixin.qq.com/s?__biz=MzA4MTg0MDQ4Nw==&mid=2247579220&idx=1&sn=036d352c4a29bd9863fce78dcd7d5e64&chksm=9f8d265ca8faaf4acfd7a299e3d5b6e9edf55ef80424fc5ae53a59a7be22d2114eb1e9bd5678&scene=58&subscene=0#rd" + }, + "Over Security - Cybersecurity news aggregator": { + "Update: New Details on the Medusa Ransomware Attack on Hospital El Cruce": "https://www.suspectfile.com/update-new-details-on-the-medusa-ransomware-attack-on-hospital-el-cruce/", + "More than 2,000 SonicWall devices vulnerable to critical zero-day": "https://therecord.media/sonicwall-devices-exposed-zero-day", + "Politicization of intel oversight board could threaten key US-EU data transfer agreement": "https://therecord.media/politicization-of-pclob-could-threaten-key-eu-us-data-transfer-agreement", + "Zyxel warns of bad signature update causing firewall boot loops": "https://www.bleepingcomputer.com/news/security/zyxel-warns-of-bad-signature-update-causing-firewall-boot-loops/", + "Microsoft to deprecate WSUS driver synchronization in 90 days": "https://www.bleepingcomputer.com/news/microsoft/microsoft-to-deprecate-wsus-driver-synchronization-in-90-days/", + "At least $69 million stolen from crypto platform Phemex in suspected cyberattack": "https://therecord.media/69-million-stolen-cyberattack-crypto-platform-phemex", + "Subaru Starlink flaw let hackers hijack cars in US and Canada": "https://www.bleepingcomputer.com/news/security/subaru-starlink-flaw-let-hackers-hijack-cars-in-us-and-canada/", + "Hackers use Windows RID hijacking to create hidden admin account": "https://www.bleepingcomputer.com/news/security/hackers-use-windows-rid-hijacking-to-create-hidden-admin-account/", + "Hospital El Cruce takes its website offline following a severe cyberattack": "https://www.suspectfile.com/hospital-el-cruce-takes-its-website-offline-following-a-severe-cyberattack/", + "PayPal penalized $2 million over data breach involving 35K Social Security numbers": "https://therecord.media/paypal-penalty-millions-data-breach", + "Update #6: blog e argomenti live": "https://roccosicilia.com/2025/01/24/update-6-blog-e-argomenti-live/", + "Hacker infects 18,000 \"script kiddies\" with fake malware builder": "https://www.bleepingcomputer.com/news/security/hacker-infects-18-000-script-kiddies-with-fake-malware-builder/", + "Oltre il 90% dei Microsoft Exchange Server è ancora vulnerabile a ProxyLogon": "https://www.securityinfo.it/2025/01/24/oltre-il-90-dei-microsoft-exchange-server-e-ancora-vulnerabile-a-proxylogon/", + "Managed Detection and Response – How are you monitoring?": "https://www.bleepingcomputer.com/news/security/managed-detection-and-response-how-are-you-monitoring/", + "Microsoft: Outdated Exchange servers fail to auto-mitigate security bugs": "https://www.bleepingcomputer.com/news/security/microsoft-outdated-exchange-servers-fail-to-auto-mitigate-security-bugs/", + "Sintesi riepilogativa delle campagne malevole nella settimana del 18 – 24 gennaio": "https://cert-agid.gov.it/news/sintesi-riepilogativa-delle-campagne-malevole-nella-settimana-del-18-24-gennaio/", + "Unlocking Vulnrichment: Enhancing CVE Data for Smarter Vulnerability Management": "https://cyble.com/blog/cisa-reveals-vulnrichment-management-for-cve-data/", + "Anatomy of an Exploit Chain: CISA, FBI Detail Ivanti CSA Attacks": "https://cyble.com/blog/ivanti-csa-attacks-cisa-fbi-expose-exploit-chain/", + "Seasoning email threats with hidden text salting": "https://blog.talosintelligence.com/seasoning-email-threats-with-hidden-text-salting/", + "UK to examine undersea cable vulnerability as Russian spy ship spotted in British waters": "https://therecord.media/britain-undersea-cables-russian-spy-ship", + "Hackers get $886,250 for 49 zero-days at Pwn2Own Automotive 2025": "https://www.bleepingcomputer.com/news/security/hackers-get-886-250-for-49-zero-days-at-pwn2own-automotive-2025/", + "USB Army Knife: The Ultimate Close Access Penetest Tool": "https://www.mobile-hacker.com/2025/01/24/usb-army-knife-the-ultimate-close-access-penetest-tool/", + "Malware Redirects WordPress Traffic to Harmful Sites": "https://blog.sucuri.net/2025/01/malware-redirects-wordpress-traffic-to-harmful-sites.html" + }, + "Krypt3ia": { + "Krypt3ia Daily Cyber Threat Intelligence (CTI) Digest": "https://krypt3ia.wordpress.com/2025/01/24/krypt3ia-daily-cyber-threat-intelligence-cti-digest-2/" + }, + "ICT Security Magazine": { + "Cybersecurity e infrastrutture critiche sottomarine: Analisi delle vulnerabilità e strategie di resilienza nella backbone globale": "https://www.ictsecuritymagazine.com/articoli/infrastrutture-critiche-sottomarine/" + }, + "Securityinfo.it": { + "Oltre il 90% dei Microsoft Exchange Server è ancora vulnerabile a ProxyLogon": "https://www.securityinfo.it/2025/01/24/oltre-il-90-dei-microsoft-exchange-server-e-ancora-vulnerabile-a-proxylogon/?utm_source=rss&utm_medium=rss&utm_campaign=oltre-il-90-dei-microsoft-exchange-server-e-ancora-vulnerabile-a-proxylogon" + }, + "希潭实验室": { + "第114篇:美国NSA量子DNS注入攻击技术,揭秘网络战的隐蔽手段QUANTUMDNS": "https://mp.weixin.qq.com/s?__biz=MzkzMjI1NjI3Ng==&mid=2247487346&idx=1&sn=8c754ccbec08542992cce032cf7abcbf&chksm=c25fc009f528491fd031a9b145f7cf7f95dfda1164b98ab9fd5412b66f551cb85004a6eb533b&scene=58&subscene=0#rd" + }, + "迪哥讲事": { + "通用漏洞挖掘技巧": "https://mp.weixin.qq.com/s?__biz=MzIzMTIzNTM0MA==&mid=2247496940&idx=1&sn=a33f04e5fdb7818531eeda42ebf4b6e7&chksm=e8a5fe8fdfd277997c45b33df7177e2c0c39f4bb4e23b55308bf8a8ad59a087cb0ab7dace1d4&scene=58&subscene=0#rd" + }, + "网络安全回收站": { + "大模型系列之LLaMA Factory微调学习": "https://mp.weixin.qq.com/s?__biz=Mzg2MTc1NDAxMA==&mid=2247484342&idx=1&sn=58be391a85f1cab4cdd6b7b0b41b1300&chksm=ce130443f9648d55205cc7a98a9fe40d7f0727f8daa16072fa35b7a71c3bd4150fe9e98a5e97&scene=58&subscene=0#rd" + }, + "滴滴安全应急响应中心": { + "DSRC 祝大家新年快乐(内含红包封面)": "https://mp.weixin.qq.com/s?__biz=MzA3Mzk1MDk1NA==&mid=2651908507&idx=1&sn=090d7d7a925c36caa9bed1158c3df7ce&chksm=84e37a1eb394f30889713a4a086f93c4d2b0954159a8cc113501e5116bd0d79c3b47bd7b1818&scene=58&subscene=0#rd" + }, + "赛博回忆录": { + "36岁,本命年,再学一次安全": "https://mp.weixin.qq.com/s?__biz=MzIxNDAyNjQwNg==&mid=2456099378&idx=1&sn=6c4312c836d50eb123463580236e3747&chksm=803c6bfbb74be2ed0ec59125bedcc4fd901ee5570ff68d872f74921ed684c13dcaf999cda2c5&scene=58&subscene=0#rd" + }, + "Schneier on Security": { + "Friday Squid Blogging: Beaked Whales Feed on Squid": "https://www.schneier.com/blog/archives/2025/01/friday-squid-blogging-beaked-whales-feed-on-squid.html" + }, + "Instapaper: Unread": { + "iOS Stolen Device Protection": "https://cellebrite.com/en/ios-stolen-device-protection/", + "The Internet is (once again) awash with IoT botnets delivering record DDoSes": "https://arstechnica.com/security/2025/01/the-internet-is-once-again-awash-with-iot-botnets-delivering-record-ddoses/", + "What Is Jump List Cache": "https://www.cybertriage.com/blog/what-is-jump-list-cache/", + "Subaru Car Vulnerability Lets Hackers Control Millions of Cars Remotely Using Starlink": "https://cybersecuritynews.com/subaru-car-vulnerability-lets-hackers-control-the-millions-of-cars-remotely/", + "Torna Itasec 2025, il più grande evento dedicato alla cybersecurity in Italia": "https://www.wired.it/article/itasec-2025-conferenza-cybersecurity-italia/" + }, + "Graham Cluley": { + "Be careful what you say about data leaks in Turkey, new law could mean prison for reporting hacks": "https://www.tripwire.com/state-of-security/new-law-could-mean-prison-reporting-data-leaks" + }, + "TorrentFreak": { + "PIPCU Uses UK IPO’s ‘Surplus Millions’ to Wage War on IPTV Pirates": "https://torrentfreak.com/pipcu-utilizes-uk-ipos-surplus-millions-to-wage-war-on-iptv-pirates-250124/" + }, + "SANS Internet Storm Center, InfoCON: green": { + "[Guest Diary] How Access Brokers Maintain Persistence, (Fri, Jan 24th)": "https://isc.sans.edu/diary/rss/31600", + "ISC Stormcast For Friday, January 24th, 2025 https://isc.sans.edu/podcastdetail/9294, (Fri, Jan 24th)": "https://isc.sans.edu/diary/rss/31622" + }, + "The Hacker News": { + "RANsacked: Over 100 Security Flaws Found in LTE and 5G Network Implementations": "https://thehackernews.com/2025/01/ransacked-over-100-security-flaws-found.html", + "2025 State of SaaS Backup and Recovery Report": "https://thehackernews.com/2025/01/insights-from-2025-saas-backup-and-recovery-report.html", + "DoJ Indicts 5 Individuals for $866K North Korean IT Worker Scheme Violations": "https://thehackernews.com/2025/01/doj-indicts-5-individuals-for-866k.html", + "Android's New Identity Check Feature Locks Device Settings Outside Trusted Locations": "https://thehackernews.com/2025/01/androids-new-identity-check-feature.html", + "CISA Adds Five-Year-Old jQuery XSS Flaw to Exploited Vulnerabilities List": "https://thehackernews.com/2025/01/cisa-adds-five-year-old-jquery-xss-flaw.html" + }, + "Technical Information Security Content & Discussion": { + "Someone wrote an Anti-Crawler/Scraper Trap": "https://www.reddit.com/r/netsec/comments/1i93pzl/someone_wrote_an_anticrawlerscraper_trap/", + "USB Army Knife: Close Access Pentest Tool with VNC, Marauder, network adapter etc.": "https://www.reddit.com/r/netsec/comments/1i8rdf5/usb_army_knife_close_access_pentest_tool_with_vnc/", + "WinVisor: A proof-of-concept hypervisor-based emulator for Windows x64 binaries": "https://www.reddit.com/r/netsec/comments/1i8nnii/winvisor_a_proofofconcept_hypervisorbased/", + "Static Source Code Security Scanning Tools Evaluation Benchmark": "https://www.reddit.com/r/netsec/comments/1i8q5mc/static_source_code_security_scanning_tools/" + }, + "Blackhat Library: Hacking techniques and research": { + "URGENT : File transfers": "https://www.reddit.com/r/blackhat/comments/1i8ryzg/urgent_file_transfers/" + }, + "The Register - Security": { + "AI chatbot startup founder, lawyer wife accused of ripping off investors in $60M fraud": "https://go.theregister.com/feed/www.theregister.com/2025/01/24/ai_startup_founder_wife_indicted/", + "Don't want your Kubernetes Windows nodes hijacked? Patch this hole now": "https://go.theregister.com/feed/www.theregister.com/2025/01/24/kubernetes_windows_nodes_bug/", + "North Korean dev who renamed himself 'Bane' accused of IT worker fraud caper": "https://go.theregister.com/feed/www.theregister.com/2025/01/24/north_korean_devs_and_their/", + "China and friends claim success in push to stamp out tech support cyber-scam slave camps": "https://go.theregister.com/feed/www.theregister.com/2025/01/24/lancang_mekong_anti_cyberscam_cooperation/", + "Court rules FISA Section 702 surveillance of US resident was unconstitutional": "https://go.theregister.com/feed/www.theregister.com/2025/01/24/section_702_court/" + }, + "Deep Web": { + "What do you do when you find something you aren’t suppose to find?": "https://www.reddit.com/r/deepweb/comments/1i8tie9/what_do_you_do_when_you_find_something_you_arent/" + }, + "Computer Forensics": { + "Which Digital Forensic proprietary Tool is better for processing and Analysis?": "https://www.reddit.com/r/computerforensics/comments/1i8qcho/which_digital_forensic_proprietary_tool_is_better/", + "Magnet Axiom Questions": "https://www.reddit.com/r/computerforensics/comments/1i90lqz/magnet_axiom_questions/", + "Memory Forensics": "https://www.reddit.com/r/computerforensics/comments/1i8rssu/memory_forensics/", + "Metadata and iMessage - Is key information stripped?": "https://www.reddit.com/r/computerforensics/comments/1i8y0rn/metadata_and_imessage_is_key_information_stripped/", + "Preferred Methodology for ediscovery extraction for forensic images?": "https://www.reddit.com/r/computerforensics/comments/1i8x4s0/preferred_methodology_for_ediscovery_extraction/" + }, + "Your Open Hacker Community": { + "Study suggestion request (Reverse engineering)": "https://www.reddit.com/r/HowToHack/comments/1i8wvf2/study_suggestion_request_reverse_engineering/", + "BadUSB Pico": "https://www.reddit.com/r/HowToHack/comments/1i97jaf/badusb_pico/", + "Bypassing simple anti-debug feature of a CTF with LD_PRELOAD flag": "https://www.reddit.com/r/HowToHack/comments/1i94qfm/bypassing_simple_antidebug_feature_of_a_ctf_with/", + "Linux and grey hacking": "https://www.reddit.com/r/HowToHack/comments/1i93ulo/linux_and_grey_hacking/", + "Please read if you are new to hacking with limited skills": "https://www.reddit.com/r/HowToHack/comments/1i93c0c/please_read_if_you_are_new_to_hacking_with/", + "Outlook hacked and I cannot disable the messages forwarding to hackers": "https://www.reddit.com/r/HowToHack/comments/1i97cos/outlook_hacked_and_i_cannot_disable_the_messages/", + "People say that Linux needs no Antivirus... really? Can Linux really detect ZIP Bombs?": "https://www.reddit.com/r/HowToHack/comments/1i99foc/people_say_that_linux_needs_no_antivirus_really/", + "Hidden profiles on Apple devices, weird 3rd party licenses etc. Brand new out of box Pixel Phone was already compromised on start up.": "https://www.reddit.com/r/HowToHack/comments/1i97wfi/hidden_profiles_on_apple_devices_weird_3rd_party/", + "Finding the identity of scammers": "https://www.reddit.com/r/HowToHack/comments/1i92om6/finding_the_identity_of_scammers/", + "Hash cat": "https://www.reddit.com/r/HowToHack/comments/1i935ub/hash_cat/", + "Google reviews delete": "https://www.reddit.com/r/HowToHack/comments/1i8wear/google_reviews_delete/", + "I suspect an ex-friend is creating sock puppet accounts on fb to harass my friend. Is there a way to track these accounts back to him?": "https://www.reddit.com/r/HowToHack/comments/1i8v5or/i_suspect_an_exfriend_is_creating_sock_puppet/", + "help !!": "https://www.reddit.com/r/HowToHack/comments/1i8llcl/help/", + "Don't know if it's possible but any guidance would help immensely": "https://www.reddit.com/r/HowToHack/comments/1i8lfjf/dont_know_if_its_possible_but_any_guidance_would/", + "Help to delete google reviews": "https://www.reddit.com/r/HowToHack/comments/1i8wgdx/help_to_delete_google_reviews/", + "got deauther made up on esp8266 but having deauth issues": "https://www.reddit.com/r/HowToHack/comments/1i8izpb/got_deauther_made_up_on_esp8266_but_having_deauth/", + "Hacking Forums": "https://www.reddit.com/r/HowToHack/comments/1i8q7zl/hacking_forums/", + "Best way to learn?": "https://www.reddit.com/r/HowToHack/comments/1i8k7f9/best_way_to_learn/", + "Some help plz": "https://www.reddit.com/r/HowToHack/comments/1i8p2hw/some_help_plz/" + }, + "netsecstudents: Subreddit for students studying Network Security and its related subjects": { + "Any starting guide to learn Sigma Rules ?": "https://www.reddit.com/r/netsecstudents/comments/1i8yf9h/any_starting_guide_to_learn_sigma_rules/" + }, + "白泽安全实验室": { + "伊朗支持的APT42组织针对以色列和美国的网络钓鱼活动加剧——每周威胁情报动态第210期 (01.17-01.23)": "https://mp.weixin.qq.com/s?__biz=MzI0MTE4ODY3Nw==&mid=2247492529&idx=1&sn=e2697dd686fd55f34d2f6f17950d1ddc&chksm=e90dc99bde7a408dbde9bc281a602d9c44b3177611a589528c967540a171a0bdae4fb13ef0c8&scene=58&subscene=0#rd" + }, + "Security Affairs": { + "U.S. CISA adds SonicWall SMA1000 flaw to its Known Exploited Vulnerabilities catalog": "https://securityaffairs.com/173417/security/u-s-cisa-adds-sonicwall-sma1000-flaw-known-exploited-vulnerabilities-catalog.html", + "J-magic malware campaign targets Juniper routers": "https://securityaffairs.com/173408/security/j-magic-malware-campaign-targets-juniper-routers.html", + "SonicWall warns of a critical CVE-2025-23006 zero-day likely exploited in the wild": "https://securityaffairs.com/173387/security/sonicwall-warns-zero-day-sma-1000-series.html" + }, + "Null Byte": { + "iOS 18.3 Is Coming Soon — Here's What to Expect on Your iPhone": "https://ios.gadgethacks.com/news/ios-18.3-features/", + "Freeform on iOS 18: All the Features You've Been Missing Out On": "https://ios.gadgethacks.com/how-to/freeform-ios-18-features/" + }, + "Hacking Exposed Computer Forensics Blog": { + "Daily Blog #727: Experimenting with Deepseek v3": "https://www.hecfblog.com/2025/01/daily-blog-727-experimenting-with.html" + }, + "Security Weekly Podcast Network (Audio)": { + "Cursive Funk, Microsoft, Ivanti, Sonic Wall, Exchange, PowerSchool, Aaran Leyland... - SWN #445": "http://sites.libsyn.com/18678/cursive-funk-microsoft-ivanti-sonic-wall-exchange-powerschool-aaran-leyland-swn-445" + } +} \ No newline at end of file diff --git a/today.md b/today.md index 44a5ab85e7..87b53da634 100644 --- a/today.md +++ b/today.md @@ -1,501 +1,431 @@ -# 每日安全资讯(2025-01-23) +# 每日安全资讯(2025-01-25) -- 奇安信攻防社区 - - [ ] [2.35版本以下堆沙盒绕过模板总结带例题](https://forum.butian.net/share/4063) - - [ ] [巧用Chrome-CDP远程调用Debug突破JS逆向](https://forum.butian.net/share/4062) - SecWiki News - - [ ] [SecWiki News 2025-01-22 Review](http://www.sec-wiki.com/?2025-01-22) + - [ ] [SecWiki News 2025-01-24 Review](http://www.sec-wiki.com/?2025-01-24) +- paper - Last paper + - [ ] [基于人工智能/机器学习的 IPv6 网络中隐秘通信的检测与分类](https://paper.seebug.org/3271/) +- Armin Ronacher's Thoughts and Writings + - [ ] [Build It Yourself](http://lucumr.pocoo.org/2025/1/24/build-it-yourself) +- 奇安信攻防社区 + - [ ] [借壳上线之Patch PE文件](https://forum.butian.net/share/4085) + - [ ] [间接提示注入攻击全面测评](https://forum.butian.net/share/4074) +- 安全客-有思想的安全新媒体 + - [ ] [年度盘点:AI+安全双重赋能,360解锁企业浏览器新动力](https://www.anquanke.com/post/id/303791) + - [ ] [IntelBroker 的数字足迹: OSINT 分析揭露网络犯罪分子的行动](https://www.anquanke.com/post/id/303788) + - [ ] [7-Zip 修复了可绕过 Windows MoTW 安全警告的错误,立即修补](https://www.anquanke.com/post/id/303776) + - [ ] [Microsoft 在 Edge Stable 中预览 Game Assist 游戏内浏览器](https://www.anquanke.com/post/id/303773) + - [ ] [ModiLoader 恶意软件利用 CAB 标头批处理文件逃避检测](https://www.anquanke.com/post/id/303770) + - [ ] [Meta 的广告系统被俄罗斯宣传网络利用](https://www.anquanke.com/post/id/303767) + - [ ] [13,000 台 MikroTik 路由器被僵尸网络劫持,用于发送垃圾邮件和网络攻击](https://www.anquanke.com/post/id/303785) + - [ ] [DLL 副加载和代理: 向德国目标发送 Sliver 植入程序的新活动](https://www.anquanke.com/post/id/303764) + - [ ] [Consilio Guided AI PrivDetect 缩短了权限审查时间](https://www.anquanke.com/post/id/303782) + - [ ] [勒索软件团伙在 Microsoft Teams 网络钓鱼攻击中冒充 IT 支持](https://www.anquanke.com/post/id/303779) +- Tenable Blog + - [ ] [Cybersecurity Snapshot: WEF Offers AI Security Best Practices, as DORA Regulation Places Strict Cyber Rules on Banks](https://www.tenable.com/blog/ai-security-best-practices-01-24-2025) - Private Feed for M09Ic - - [ ] [killeven starred xpipe-io/xpipe](https://github.com/xpipe-io/xpipe) - - [ ] [gh0stkey starred deepseek-ai/DeepSeek-R1](https://github.com/deepseek-ai/DeepSeek-R1) - - [ ] [zer0yu starred yamadashy/repomix](https://github.com/yamadashy/repomix) - - [ ] [gh0stkey starred 0x727/ChkApi_0x727](https://github.com/0x727/ChkApi_0x727) - - [ ] [zer0yu starred RooVetGit/Roo-Code](https://github.com/RooVetGit/Roo-Code) - - [ ] [gh0stkey starred TrialMacApp/TrialMacApp](https://github.com/TrialMacApp/TrialMacApp) - - [ ] [gh0stkey starred tyilo/insert_dylib](https://github.com/tyilo/insert_dylib) - - [ ] [timwhitez starred RustScan/RustScan](https://github.com/RustScan/RustScan) - - [ ] [TideSec released v2.7.1 项目数据导出 at TideSec/TscanPlus](https://github.com/TideSec/TscanPlus/releases/tag/v2.7.1) - - [ ] [INotGreen starred passthehashbrowns/Being-A-Good-CLR-Host](https://github.com/passthehashbrowns/Being-A-Good-CLR-Host) + - [ ] [safedv starred sadreck/Codecepticon](https://github.com/sadreck/Codecepticon) + - [ ] [timwhitez starred decoder-it/ChgPass](https://github.com/decoder-it/ChgPass) + - [ ] [evilashz starred decoder-it/ChgPass](https://github.com/decoder-it/ChgPass) + - [ ] [niudaii starred 0x727/ChkApi_0x727](https://github.com/0x727/ChkApi_0x727) + - [ ] [gh0stkey starred seaung/pocsuite-rs](https://github.com/seaung/pocsuite-rs) + - [ ] [nightRainy starred ynwarcs/CVE-2025-21298](https://github.com/ynwarcs/CVE-2025-21298) + - [ ] [0xbug starred google/osv-scanner](https://github.com/google/osv-scanner) - [ ] [yqcs forked yqcs/bolt.diy from stackblitz-labs/bolt.diy](https://github.com/yqcs/bolt.diy) - - [ ] [Rvn0xsy starred 0x727/ChkApi_0x727](https://github.com/0x727/ChkApi_0x727) - - [ ] [CHYbeta starred nullenc0de/Cognitohunter](https://github.com/nullenc0de/Cognitohunter) - - [ ] [zema1 started following joaoviictorti](https://github.com/joaoviictorti) - - [ ] [zema1 starred joaoviictorti/coffeeldr](https://github.com/joaoviictorti/coffeeldr) - - [ ] [TideSec starred metowolf/qqwry.dat](https://github.com/metowolf/qqwry.dat) - - [ ] [gh0stkey starred wibus-wee/InjectGUI](https://github.com/wibus-wee/InjectGUI) - - [ ] [Y4er started following ph4ntonn](https://github.com/ph4ntonn) - - [ ] [DVKunion starred bin456789/reinstall](https://github.com/bin456789/reinstall) - - [ ] [CHYbeta starred odradev/awesome-zero-knowledge](https://github.com/odradev/awesome-zero-knowledge) - - [ ] [spf13 starred DS4SD/docling](https://github.com/DS4SD/docling) - - [ ] [spf13 starred Bin-Huang/chatbox](https://github.com/Bin-Huang/chatbox) - - [ ] [spf13 starred Wox-launcher/Wox](https://github.com/Wox-launcher/Wox) - - [ ] [spf13 starred danielmiessler/fabric](https://github.com/danielmiessler/fabric) + - [ ] [niudaii starred leveryd/x-waf](https://github.com/leveryd/x-waf) + - [ ] [spf13 starred theJayTea/WritingTools](https://github.com/theJayTea/WritingTools) +- Doonsec's feed + - [ ] [秦安:拜登走了,完败于芯片,留下两场战争,还有耻辱与灾难](https://mp.weixin.qq.com/s?__biz=MzA5MDg1MDUyMA==&mid=2650476311&idx=1&sn=119884be68a469d54443b401908afe95) + - [ ] [秦安:大消息!人民银行与证监会,座谈“3000+5000”亿资金入市](https://mp.weixin.qq.com/s?__biz=MzA5MDg1MDUyMA==&mid=2650476311&idx=2&sn=be8a2ff973ede5b074e70dc11899c350) + - [ ] [上新日 | 口碑佳作上架!沉浸式翻译:双语对照网页翻译插件](https://mp.weixin.qq.com/s?__biz=MzI2MjcwMTgwOQ==&mid=2247492181&idx=1&sn=dc5a84bd0c1009bdda94f07507392b36) + - [ ] [红队视角:揭秘内网提权的技术迷宫](https://mp.weixin.qq.com/s?__biz=MzkzNzg3NzQxMQ==&mid=2247485714&idx=1&sn=6a7ab0722e0c0f69ce8906539f544066) + - [ ] [pikachu - Cross-Site Scripting(XSS)](https://mp.weixin.qq.com/s?__biz=Mzk1NzI2NDQyMw==&mid=2247484517&idx=1&sn=240276352d671fc67e03d7ccdecf2862) + - [ ] [7-Zip高危漏洞曝光](https://mp.weixin.qq.com/s?__biz=MzU2MTc4NTEyNw==&mid=2247486441&idx=1&sn=4531aade32e795be54933b9d3a690c03) + - [ ] [『漏洞复现』XXL-JOB 默认 accessToken 身份绕过 RCE 漏洞分析及复现](https://mp.weixin.qq.com/s?__biz=Mzg3OTUxNTU2NQ==&mid=2247490019&idx=1&sn=8b0ca8a5667607692018751b2e0db53a) + - [ ] [图形化-Windiows日志分析工具](https://mp.weixin.qq.com/s?__biz=Mzg3OTUxNTU2NQ==&mid=2247490019&idx=2&sn=f204d355574f503af0ff0d6b11878996) + - [ ] [技战法:巧用黑客攻击手法,被动积累技能](https://mp.weixin.qq.com/s?__biz=Mzg3OTUxNTU2NQ==&mid=2247490019&idx=3&sn=d1ade97995d489eec4760ec06058a2e0) + - [ ] [文科应届生转行计算机的一年](https://mp.weixin.qq.com/s?__biz=Mzg4NTg0MjMzNQ==&mid=2247484202&idx=1&sn=91076a3a9a8de9de842344942c19a373) + - [ ] [黑客攻防演练!!揭秘Sync Breeze缓冲溢出漏洞利用全过程!?](https://mp.weixin.qq.com/s?__biz=Mzk2NDE3NDUwNg==&mid=2247483890&idx=1&sn=00d4c726f5ef79a6a64b08e5c3bf5cca) + - [ ] [一文看懂川普最新政策动向](https://mp.weixin.qq.com/s?__biz=MzkxMTA3MDk3NA==&mid=2247487089&idx=1&sn=f20b24974cce9ecc0b92a98268385c76) + - [ ] [专题·人工智能安全治理 | 关于《人工智能安全治理框架》的解读与思考](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485456&idx=1&sn=f12cda55ab644a5227ada312bb79a62f) + - [ ] [【干货原创】实网攻防演习常态化,会带来什么变化01](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485456&idx=4&sn=9936a954d36b83982d8a01b800f5a884) + - [ ] [【干货原创】K12教育,鲜为人知的模式秘密](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485456&idx=5&sn=101312cecc9a495c7856503d86123187) + - [ ] [原创文章目录](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485456&idx=6&sn=416cca1469398aca13072a80a0f5c129) + - [ ] [缓冲区溢出学习及漏洞复现](https://mp.weixin.qq.com/s?__biz=Mzk1NzQwNjQ4Ng==&mid=2247484665&idx=1&sn=55ab331218ce3316953848bc8a134e19) + - [ ] [对抗小技巧:利用阿里云OSS做域前置](https://mp.weixin.qq.com/s?__biz=MzAxNzkyOTgxMw==&mid=2247493833&idx=1&sn=23a0220224aafdc3ab796f3cd5d0ff2b) + - [ ] [一岁一逢,年度献礼 · 一图看懂2024年全球DDoS攻击态势](https://mp.weixin.qq.com/s?__biz=MzAwODU5NzYxOA==&mid=2247505829&idx=1&sn=4d7addf765ddfaf78ec11b722e8f815f) + - [ ] [山石入选车联网产品安全漏洞专业库CAVD支撑单位](https://mp.weixin.qq.com/s?__biz=MzUzMDUxNTE1Mw==&mid=2247510279&idx=1&sn=06f1e42da19ca8f8da9668d9ed2ee6e4) + - [ ] [YongYouNcTool-一款高效利用用友NC系列漏洞检测利用工具](https://mp.weixin.qq.com/s?__biz=MzkzNzg4MTI0NQ==&mid=2247485426&idx=1&sn=4b2b9a4778352c4a0791090d92cff7cc) + - [ ] [春节 | 蛇年大吉,中泊研为您安全护航!](https://mp.weixin.qq.com/s?__biz=Mzg2NDc0MjUxMw==&mid=2247486072&idx=1&sn=2e79f7cd0c0fbc06d900089a529b1663) + - [ ] [通用漏洞挖掘技巧](https://mp.weixin.qq.com/s?__biz=MzIzMTIzNTM0MA==&mid=2247496940&idx=1&sn=a33f04e5fdb7818531eeda42ebf4b6e7) + - [ ] [知名企业遭「偷家」,攻击面管理势在必行](https://mp.weixin.qq.com/s?__biz=Mzg2NTk3NjczNQ==&mid=2247485619&idx=1&sn=378c053caf062e36f6d9c093a1e574dc) + - [ ] [黑客、“内鬼”……2024年近千人涉侵害企业数据安全犯罪被检察机关起诉!](https://mp.weixin.qq.com/s?__biz=MzU2MTQwMzMxNA==&mid=2247541454&idx=1&sn=41f75791ee9265270755e2cede71b671) + - [ ] [共研发展路径,平行切面联盟第一届理事会第三次会议召开](https://mp.weixin.qq.com/s?__biz=MzU5ODgzNTExOQ==&mid=2247635673&idx=1&sn=62b8bf30eb4df9ed99e5952408daf3c7) + - [ ] [诸子云|甲方 :DLP遇到大模型软件,如何看待美国司法部发布的行政命令?](https://mp.weixin.qq.com/s?__biz=MzU5ODgzNTExOQ==&mid=2247635673&idx=2&sn=8efa180e659fee80150075eca38e5f0e) + - [ ] [【智库报告】生物力量:确保美国在生物技术领域的领导地位](https://mp.weixin.qq.com/s?__biz=MzI2MTE0NTE3Mw==&mid=2651148676&idx=1&sn=1f06118ca29bead7275e53e21449c3d5) + - [ ] [默安科技2024:既然选择远方 就会风雨兼程(文末赠好礼)](https://mp.weixin.qq.com/s?__biz=MzIzODQxMjM2NQ==&mid=2247500311&idx=1&sn=71f5bc1eb780b0762b766affc6bd68f6) + - [ ] [一款专为红队恶意软件开发而设计的自动化分析沙箱](https://mp.weixin.qq.com/s?__biz=MzA4ODEyODA3MQ==&mid=2247490149&idx=1&sn=70a813d7a8848bc8648dd1aac1f118eb) + - [ ] [LLM的“万能钥匙”](https://mp.weixin.qq.com/s?__biz=MzkzNjczNzEyMw==&mid=2247484110&idx=1&sn=c5759fe1f71dfc0f9ee76811361e1366) + - [ ] [专题·人工智能安全治理 | 《人工智能安全治理框架》为人工智能安全发展提供重要指引](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235681&idx=1&sn=530f8234ebb092aa1a91e0c76012ae79) + - [ ] [发布 | 国家数据局就《数据领域常用名词解释(第二批)》公开征求意见(附全文)](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235681&idx=2&sn=bf11efc7a9b860fb9b20b141baa90341) + - [ ] [专家解读 | 构建高素质人才队伍,助力数据标注产业发展](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235681&idx=3&sn=a3cb25195824a0af1ff71d0489c3fffc) + - [ ] [关注 | 检察机关依法惩治侵害企业数据安全犯罪 服务保障企业创新发展](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235681&idx=4&sn=42732fbe26b1fac5bc322a9e33b0b28a) + - [ ] [解读 | 市场监管总局发布《网络交易执法协查暂行办法》 建立健全网络交易执法协查机制提升监管效能](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235681&idx=5&sn=5c63e275dc2b4b4f5dc92f28bbbf9bd5) + - [ ] [发布 | 中国信通院联合发布《数据治理研究报告(2024年)》(附下载)](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235681&idx=6&sn=acbcf59882875e4e743a79a6a0213aff) + - [ ] [国际 | 域外个人生物识别信息保护模式考察](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235681&idx=7&sn=a87473518e84e1b51f4fbc4906a29861) + - [ ] [评论 | 让网络交易执法协作更规范有序](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235681&idx=8&sn=2f11ec80a6ee5f872457f929a062a55f) + - [ ] [【2025-01-24】黑客新闻摘要](https://mp.weixin.qq.com/s?__biz=MzIzNDU5NTI4OQ==&mid=2247488355&idx=1&sn=ab928aff89673696e834f4dc18b7de2c) + - [ ] [深度解读:特朗普新签数十项行政命令 将产生哪些影响?](https://mp.weixin.qq.com/s?__biz=Mzg3MDczNjcyNA==&mid=2247488936&idx=1&sn=4d76e5c799b12293df6e886eeba72957) + - [ ] [3.6万亿!特朗普搞史上投资规模最大AI投资 剑指中国](https://mp.weixin.qq.com/s?__biz=Mzg3MDczNjcyNA==&mid=2247488936&idx=2&sn=266b328c867d28358b3ad08d0c0db044) + - [ ] [phpMyAdmin 触发 XSS 攻击的安全漏洞](https://mp.weixin.qq.com/s?__biz=MzI0NzE4ODk1Mw==&mid=2652094694&idx=1&sn=4585dbd6a2385bcc0d9f83cd29f7b622) + - [ ] [勒索病毒攻击 VMware ESXi 主机](https://mp.weixin.qq.com/s?__biz=MzI0NzE4ODk1Mw==&mid=2652094694&idx=2&sn=7325225efeb09b588a9ccc838efc3329) + - [ ] [金蛇献瑞|筑梦前行|思维世纪2024年度总结及表彰大会圆满完成!](https://mp.weixin.qq.com/s?__biz=MjM5ODE4OTYzNw==&mid=2649563787&idx=1&sn=b7874fb0a3bb408ce2437d83d89462bb) + - [ ] [加速安全设计——是时候采用TARA自动化技术来提高车辆安全性了吗?](https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247620079&idx=1&sn=23481c676669368be35dd7a2cddd9eac) + - [ ] [网络安全最佳实践 - 从 TARA 到 PenTest](https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247620079&idx=2&sn=8a4462a7c4c53f946c5e01065135e83a) + - [ ] [预防网络灾难 - 通过 TARA 分析进行深度防御](https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247620079&idx=3&sn=928dd30666e4f0e3e22e6ce103de6c61) + - [ ] [红包封面第三弹!](https://mp.weixin.qq.com/s?__biz=MzUzMDQ1MTY0MQ==&mid=2247506601&idx=1&sn=70f914bcbbb9efc2fb037f6002cd45f6) + - [ ] [《Java代码审计零基础入门到项目实战》2025第一期招生,五十多节课才五百多,手慢无。](https://mp.weixin.qq.com/s?__biz=MzkxNTU5NTI1Ng==&mid=2247487239&idx=1&sn=0202581931c1f46340bdf6f1001bda20) + - [ ] [行业第二!实力藏不住了!](https://mp.weixin.qq.com/s?__biz=MzkxNDY0MjMxNQ==&mid=2247532859&idx=1&sn=da3d0fe94b70093b8c0cbb414e8683e5) + - [ ] [聊热点|IDC: 2025年中国安全和信任市场十大预测、新型僵尸网络正对路由器、摄像头等设备发起大规模DDoS攻击……](https://mp.weixin.qq.com/s?__biz=MzkxNDY0MjMxNQ==&mid=2247532859&idx=2&sn=7af5ed5ca486c7d1ae633fed818088eb) + - [ ] [带你解锁编码新世界!--随波逐流CTF编码工具使用教程41 --DNA密码](https://mp.weixin.qq.com/s?__biz=MzU2NzIzNzU4Mg==&mid=2247489588&idx=1&sn=f7fc3df0757ab001f3b1c34b240fd68e) + - [ ] [学习代码审计除了大量练习,更多的还是代码审计思路,给大家分享分享。](https://mp.weixin.qq.com/s?__biz=Mzg3MDU1MjgwNA==&mid=2247487185&idx=1&sn=d6a035212abd74719d8d7ce79c254117) + - [ ] [【安全圈】斯巴鲁汽车漏洞让黑客利用 Starlink 远程控制数百万辆汽车](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067590&idx=1&sn=32ea96086da2a1f7d7b7c25530ca8d55) + - [ ] [【安全圈】GhostGPT – 黑客用来生成恶意软件和漏洞的新型 AI 黑帽工具](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067590&idx=2&sn=0963e1001cd7415a1987cb9c33807d8c) + - [ ] [【安全圈】思科曝9.9分关键权限提升漏洞](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067590&idx=3&sn=7379d9127186d37af92f08f7a9ced06e) + - [ ] [【安全圈】Chrome用户面临供应链攻击威胁,数百万人或受影响](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067590&idx=4&sn=ab568c073e0bfe554ca07ca03503f2da) + - [ ] [Oracle 2025年1月补丁日多产品高危漏洞安全风险通告](https://mp.weixin.qq.com/s?__biz=MzI2NTg4OTc5Nw==&mid=2247522169&idx=1&sn=fce75986029eae4069d3b0638d1202bd) + - [ ] [守护资产,防范风险 | 2025年Web3.0资产安全指南](https://mp.weixin.qq.com/s?__biz=MzU5OTg4MTIxMw==&mid=2247503926&idx=1&sn=d0bc90fe7f2f544c087615796f4035c5) + - [ ] [企业动态 | 恒安嘉新入选2024全球计算产业案例汇编](https://mp.weixin.qq.com/s?__biz=MzIwMTUzNDY0NA==&mid=2649119281&idx=1&sn=12e90ca98164afb60a7bdf8a6b918bc4) + - [ ] [安全报告 | 2024年12月恒安嘉新网络信息安全综合态势报告](https://mp.weixin.qq.com/s?__biz=MzIwMTUzNDY0NA==&mid=2649119281&idx=2&sn=822885323d0af590dcccbb115350825b) + - [ ] [KwaiCoder-23B-A4B-v1:以 1/30 的成本训练全尺寸 SOTA 代码续写大模型](https://mp.weixin.qq.com/s?__biz=Mzg2NzU4MDM0MQ==&mid=2247495958&idx=1&sn=3383a72355bdb4c1d1bc79d83c1a8569) + - [ ] [斯巴鲁曝关键漏洞,凭车牌号可远程入侵汽车](https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651312790&idx=1&sn=f164fbd58d9d173bbc7eae3626f9ab40) + - [ ] [美国政府公布攻击Ivanti云服务设备的技术细节](https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651312790&idx=2&sn=b9aa66d005e4e639e712a5efed74fa6c) + - [ ] [美国前中央情报局分析师承认泄露国防信息](https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651312790&idx=3&sn=83ffd20b9fd4d5d2da935ff3246e1ce6) + - [ ] [MemProcFS-Analyzer:用于DFIR的Windows内存转储自动取证分析工具](https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651312790&idx=4&sn=d1ca26975b2bf3760969a9ce23192b28) + - [ ] [解读丨《国家数据基础设施建设指引》主要内容+图解,附下载](https://mp.weixin.qq.com/s?__biz=MzI2MDk2NDA0OA==&mid=2247531208&idx=1&sn=fdf554db70e62d70c1452efb1191e994) + - [ ] [干货 | 山信软件吕洪波:工业控制系统安全事件检测与处置(附视频+PPT)](https://mp.weixin.qq.com/s?__biz=MzI2MDk2NDA0OA==&mid=2247531208&idx=2&sn=d6cdc5a8d9df1a49d25016840187a4f1) + - [ ] [24年总结](https://mp.weixin.qq.com/s?__biz=MzIyOTY1NDE5Mg==&mid=2247485100&idx=1&sn=0d1663a53843d7a2bd0c5504c41d1514) + - [ ] [2025 蛇年迎新,盘古石取证暖心献礼:红包封面大放送,更多好礼等您来!](https://mp.weixin.qq.com/s?__biz=MzI2MDA0MTYyMQ==&mid=2654404359&idx=1&sn=cb7965528fedcff57cca3c5cf9847be5) + - [ ] [春节将至,盛邦安全放假安排新鲜出炉!](https://mp.weixin.qq.com/s?__biz=MzAwNTAxMjUwNw==&mid=2650277587&idx=1&sn=28ae9f7e85590a579913877d8effc2a0) + - [ ] [大模型系列之LLaMA Factory微调学习](https://mp.weixin.qq.com/s?__biz=Mzg2MTc1NDAxMA==&mid=2247484342&idx=1&sn=58be391a85f1cab4cdd6b7b0b41b1300) + - [ ] [产品上新!捷普数据库防火墙正式发布!](https://mp.weixin.qq.com/s?__biz=MzI2MzU0NTk3OA==&mid=2247505825&idx=1&sn=6fc746a14da1dd33cecd278754c09e13) + - [ ] [【漏洞预警】Elastic Fleet Server信息泄露漏洞](https://mp.weixin.qq.com/s?__biz=MzI3NzMzNzE5Ng==&mid=2247489518&idx=1&sn=4af05b6c62e451e4665c358a9b06bb24) + - [ ] [烽火狼烟丨暗网数据及攻击威胁情报分析周报(01/20-01/24)](https://mp.weixin.qq.com/s?__biz=Mzk0NjMxNTgyOQ==&mid=2247484528&idx=1&sn=8663e8fd828e564560e8f8ef9b20fe32) + - [ ] [Pwn2Own Automotive 2025结果汇总](https://mp.weixin.qq.com/s?__biz=Mzk0MzQzNzMxOA==&mid=2247487726&idx=1&sn=f8bb5a54e33ff80c2cb8894433b7f41d) + - [ ] [【再发一遍】新春抽奖开启!与奉天安全团队 & 禾信智安共迎新年好运!](https://mp.weixin.qq.com/s?__biz=Mzk0NjQ2NzQ0Ng==&mid=2247484992&idx=1&sn=32c786903ab1ff5e499415b69a5dfc4b) + - [ ] [新春抽奖开启!与奉天安全团队 & 禾信智安共迎新年好运!](https://mp.weixin.qq.com/s?__biz=Mzk0NjQ2NzQ0Ng==&mid=2247484992&idx=2&sn=0114b9f967a3e89fd0ec5627b0be8224) + - [ ] [Jeddak星火计划-开启申报](https://mp.weixin.qq.com/s?__biz=MzI1MzYzMjE0MQ==&mid=2247512933&idx=1&sn=b2602ab68be9a48e636dfae7229f3144) + - [ ] [DSRC 祝大家新年快乐(内含红包封面)](https://mp.weixin.qq.com/s?__biz=MzA3Mzk1MDk1NA==&mid=2651908507&idx=1&sn=090d7d7a925c36caa9bed1158c3df7ce) + - [ ] [备考CISSP丨选择官方培训,查看官方培训课程计划](https://mp.weixin.qq.com/s?__biz=MzUzNTg4NDAyMg==&mid=2247492332&idx=1&sn=369749a7e2782981229c81e46366fbd2) + - [ ] [每周蓝军技术推送(2025.1.18-1.24)](https://mp.weixin.qq.com/s?__biz=MzkyMTI0NjA3OA==&mid=2247494044&idx=1&sn=356681967a014551977e5051389b8f15) + - [ ] [2025网安行业优质播客精选集⑥](https://mp.weixin.qq.com/s?__biz=Mzg2MTAwNzg1Ng==&mid=2247495515&idx=1&sn=2374d21d0f637deaaed6d28977cffa5d) + - [ ] [【极思】安全运营第6年实践总结](https://mp.weixin.qq.com/s?__biz=Mzg2MTAwNzg1Ng==&mid=2247495515&idx=2&sn=32937e97ab2cae2201c2be8c08ed014e) + - [ ] [中小企业及创业公司信息安全建设指南](https://mp.weixin.qq.com/s?__biz=Mzg2MTAwNzg1Ng==&mid=2247495515&idx=3&sn=4f64dbbd5c03c54883719d8d12c61b01) + - [ ] [@网安人,你的2024年度关键词已生成(文末有福利)!](https://mp.weixin.qq.com/s?__biz=Mzg2MTAwNzg1Ng==&mid=2247495515&idx=4&sn=3e056e3e5b0b767c9ab1f787add702a0) + - [ ] [网络安全罗盘2024-2025年度“最佳参与奖”揭晓](https://mp.weixin.qq.com/s?__biz=Mzg3OTg0OTAyOQ==&mid=2247486239&idx=1&sn=3d38cca0595dfc84ca2357ef5a25eb0f) + - [ ] [限量赠送【10个前沿阵地🐍年红包封面】,恭祝大家新年快乐,财源广进。\\n\\n\\nhttps://support.weixin.qq.com/cgi-bin/mmsupport-bin/showredpacket?receiveuri=NU_pFu5bBp1TSI&check_type=2#wechat_redirect](https://mp.weixin.qq.com/s?__biz=MzA3MTM0NTQzNA==&mid=2455780136&idx=1&sn=06e52c12c5a8cfa7f7a57f51e487a05c) + - [ ] [蛇舞新春,安全不打烊!云弈科技放假通知和值班安排](https://mp.weixin.qq.com/s?__biz=MzU2ODY0ODk2Nw==&mid=2247491055&idx=1&sn=420f20f35fa82fd4ec1b7426d38cd1db) + - [ ] [边界无限春节护航,安全不打烊~](https://mp.weixin.qq.com/s?__biz=MzAwNzk0NTkxNw==&mid=2247487095&idx=1&sn=472bbc069d672b5973d5ea86c3073a43) + - [ ] [大众DP BR X8跳转清理 & a5分析](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458589258&idx=1&sn=c1333a825d642b84f6494440d9d8f10c) + - [ ] [职位更新!好工作不等人](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458589258&idx=2&sn=0f3ea01777f154e98bec7ccb0214b51c) + - [ ] [特斯拉汽车被“重点关注”,Pwn2Own Automotive 2024首日曝出24个零日漏洞](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458589258&idx=3&sn=1ee9c0b4428aba7d94dead806b1d1cb1) + - [ ] [学它!Browser Pwn Chrome V8篇](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458589258&idx=4&sn=f3db39003003caac0baa29b1e79f959e) + - [ ] [安全守护,时刻在线丨永信至诚春节放假通知](https://mp.weixin.qq.com/s?__biz=MzAwNDUyMjk4MQ==&mid=2454829223&idx=1&sn=f73e544d3d20c83118c0a09feb410ac7) + - [ ] [扫码下载 | 信息技术 安全技术 事件调查原则和过程](https://mp.weixin.qq.com/s?__biz=MjM5OTk4MDE2MA==&mid=2655264431&idx=1&sn=ed7164fc360d5a060ae12fc8ba35599d) + - [ ] [第一波稳定测试结束|等待第二波](https://mp.weixin.qq.com/s?__biz=MzU5Njg5NzUzMw==&mid=2247490441&idx=1&sn=052ce0c328717954294bdc219233c174) + - [ ] [网安周讯 | 抓捕7万人解救160余人,中国与多国联合打击电诈犯罪(一月第4期)](https://mp.weixin.qq.com/s?__biz=Mzg4MjQ4MjM4OA==&mid=2247523793&idx=1&sn=64147631f2e1dab957579c0acf00e360) + - [ ] [回眸蓄力 逐新前行 | 丈八网安2024年度大事件盘点](https://mp.weixin.qq.com/s?__biz=MzkwNzI1NDk0MQ==&mid=2247492728&idx=1&sn=98ed0b98c1cd60e7c58b5bfc4265a8e7) + - [ ] [梆叔说安全第三季Vol.8 | 梆梆安全2024年度回顾](https://mp.weixin.qq.com/s?__biz=MjM5NzE0NTIxMg==&mid=2651135241&idx=1&sn=afac26f6bfea1d968585123f9aa6e883) + - [ ] [安全过春节 服务不打烊](https://mp.weixin.qq.com/s?__biz=MjM5NzE0NTIxMg==&mid=2651135241&idx=2&sn=2c39dd7159814b2ab9c889bc2a73ee7c) + - [ ] [致谢之声|观安信息收到国家工业信息安全发展研究中心感谢信](https://mp.weixin.qq.com/s?__biz=MzIxNDIzNTcxMg==&mid=2247506747&idx=1&sn=3dad99620fdf85bd42c83b99d2853165) + - [ ] [LinkedIn共享用户数据用于AI训练,面临集体诉讼](https://mp.weixin.qq.com/s?__biz=MzUzODYyMDIzNw==&mid=2247516907&idx=1&sn=32404b5acd0fa1d6c4fd1cef521c1bec) + - [ ] [关于向社会公开征求《数据领域常用名词解释(第二批)》意见的公告](https://mp.weixin.qq.com/s?__biz=MzUzODYyMDIzNw==&mid=2247516907&idx=2&sn=86b6048d34de49f347b9e9df355e1e41) + - [ ] [红队人员必备](https://mp.weixin.qq.com/s?__biz=Mzk1NzIzOTc5MQ==&mid=2247484618&idx=1&sn=028819b6f7389bc9b049f58b64d583b1) + - [ ] [VulnNodeApp:一款包含大量安全漏洞的Node.js安全练习平台](https://mp.weixin.qq.com/s?__biz=MzU2MjY1ODEwMA==&mid=2247492083&idx=1&sn=32de1c271310b330793fd3aa20af2213) + - [ ] [记录一次时序数据库的实战测试](https://mp.weixin.qq.com/s?__biz=MzkxNTIwNTkyNg==&mid=2247553194&idx=1&sn=2e004e579969317d5e92df0ddfcbb172) + - [ ] [【免费领】新手必备!Web安全漏洞实战入门教程](https://mp.weixin.qq.com/s?__biz=MzkxNTIwNTkyNg==&mid=2247553194&idx=2&sn=3f4629f234882e5f46e5adca2331d21e) + - [ ] [冰蝎V4.0流量分析到攻防检测](https://mp.weixin.qq.com/s?__biz=MzkyNTY3Nzc3Mg==&mid=2247489163&idx=1&sn=e175c3041e920dd6f348e5aea1cc803d) + - [ ] [网络安全动态 - 2025.01.24](https://mp.weixin.qq.com/s?__biz=MzU1MzEzMzAxMA==&mid=2247499899&idx=1&sn=9a3d81b57f8642fbbad999c551f7d059) + - [ ] [Oracle发布2025年1月的安全公告](https://mp.weixin.qq.com/s?__biz=MzU3ODM2NTg2Mg==&mid=2247495725&idx=1&sn=dedb6bb0dabaefa9b319ac1b7250d198) + - [ ] [《智能化安全运营中心应用指南(2025年)》报告暨代表性厂商评估调研启动](https://mp.weixin.qq.com/s?__biz=MjM5Njc3NjM4MA==&mid=2651134885&idx=1&sn=1a1ed1ea95fed0e6eb76fe4a39386297) + - [ ] [ChatGPT又全球大面积宕机,AI助手暂时\"失联\";斯巴鲁系统漏洞曝光,数百万车辆面临远程解锁并启动风险 | 牛览](https://mp.weixin.qq.com/s?__biz=MjM5Njc3NjM4MA==&mid=2651134885&idx=2&sn=b2ed8f09df9e5f6c4850178ee4311397) + - [ ] [缓冲区溢出到getshell提权](https://mp.weixin.qq.com/s?__biz=Mzk0Mjg4MTQxMw==&mid=2247485817&idx=1&sn=e70b57b7fc4e92117a0bc5b84f9651a2) + - [ ] [HTTP协议在IP协议之上对吗?](https://mp.weixin.qq.com/s?__biz=MzIxNTM3NDE2Nw==&mid=2247490315&idx=1&sn=8e90a9794db36a878015108ee0efad71) + - [ ] [2025春节不打烊--全天候24小时服务](https://mp.weixin.qq.com/s?__biz=MzUxODY3MDExMA==&mid=2247490097&idx=1&sn=71c606f4b38243b1c7b326afaa7b148e) + - [ ] [Cursor Pro自动化无限续杯方法](https://mp.weixin.qq.com/s?__biz=MzA3MzgwMzYyMA==&mid=2452890271&idx=1&sn=0a39d26afb00141c8df2a46f0ea99376) + - [ ] [轻松使用cloudflare配置域名邮箱](https://mp.weixin.qq.com/s?__biz=MzA3MzgwMzYyMA==&mid=2452890271&idx=2&sn=3274f03a656568f84f84dafb0c6b5699) + - [ ] [18部门印发《困境儿童个人信息保护工作办法》(附全文)](https://mp.weixin.qq.com/s?__biz=MzkwMTMyMDQ3Mw==&mid=2247597597&idx=2&sn=7b0a83cff6feb7012cf96d6ab6beae26) + - [ ] [春节放假通知 | 众安天下:守护网络安全,保障“不打烊”](https://mp.weixin.qq.com/s?__biz=MzIyOTUzODY5Ng==&mid=2247504316&idx=1&sn=d83bd6c7e96fd6c7eafad474e007128d) + - [ ] [国家级创新中心建设经验交流](https://mp.weixin.qq.com/s?__biz=MzAwNTc0ODM3Nw==&mid=2247488623&idx=1&sn=af66ff6a71f033f58448c3683b2f30e5) - 嘶吼 RoarTalk – 网络安全行业综合服务平台,4hou.com - - [ ] [Otelier 数据泄露导致数百万酒店预订信息泄露](https://www.4hou.com/posts/kgjv) - - [ ] [守正创新,持续突破!国投智能数字政务业务年终盘点](https://www.4hou.com/posts/mk03) - - [ ] [Check Point 公司发布《2025 年安全报告》显示,随着网络威胁生态系统日渐成熟,网络攻击次数骤增 44%](https://www.4hou.com/posts/gyDj) + - [ ] [AI鉴真刻不容缓!别让AI伪造“偷走”我们的善意](https://www.4hou.com/posts/xyzP) + - [ ] [中央发文“推进新型城市基建”,祥云平台助力打造韧性城市](https://www.4hou.com/posts/wxyX) + - [ ] [2024 Q4企业邮箱安全报告揭秘:盗号测试信背后的黑产攻击套路](https://www.4hou.com/posts/rpqL) + - [ ] [新的 UEFI 安全启动漏洞使系统暴露于 bootkit](https://www.4hou.com/posts/7MyB) + - [ ] [针对 Chrome 浏览器扩展程序网络钓鱼活动的新细节被披露](https://www.4hou.com/posts/nlJp) - Recent Commits to cve:main - - [ ] [Update Wed Jan 22 20:24:04 UTC 2025](https://github.com/trickest/cve/commit/7d634b304016aab3bf32893e04ac98344c8a90d0) - - [ ] [Update Wed Jan 22 12:24:00 UTC 2025](https://github.com/trickest/cve/commit/5709cff610e63bf7d61893e46720b8f8ab18d7f3) - - [ ] [Update Wed Jan 22 04:28:36 UTC 2025](https://github.com/trickest/cve/commit/350528609cf8c384d52a5bb8542ffa105cc6b361) -- Doonsec's feed - - [ ] [我实验室2篇论文被WWW 2025接收!](https://mp.weixin.qq.com/s?__biz=MzU4NzUxOTI0OQ==&mid=2247492834&idx=1&sn=36396f6cc39b8c9b87eead00faf8c111) - - [ ] [快速上手渗透测试报告写作:从WP到甲方报告的一站式指南](https://mp.weixin.qq.com/s?__biz=MzA3NDE0NTY0OQ==&mid=2247484103&idx=1&sn=285be13254e14304496c192d45c05002) - - [ ] [美国财政部再对中国一家网络安全公司和一名个人实施制裁](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485452&idx=1&sn=4384fb7ca51f3e1139db829611f6fc43) - - [ ] [【直卖实拍】北七家3居变4居豪装,理想楼层、户型、朝向](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485452&idx=2&sn=c6375b484d936854df5ada100b9ff24e) - - [ ] [【干货】笑傲职场的独家经验(1)](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485452&idx=3&sn=2a8340ae9404ef7ccfe64398b85e2267) - - [ ] [【干货原创】实网攻防演习常态化,会带来什么变化01](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485452&idx=4&sn=fcd594b0e515f7eadff4e4df46c29ba5) - - [ ] [【干货原创】K12教育,鲜为人知的模式秘密](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485452&idx=5&sn=a2cf457c4941e1e16638dd4bddd10903) - - [ ] [原创文章目录](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485452&idx=6&sn=a0bf66a3ff572c1df283577b241ea3cc) - - [ ] [Windows进阶版安全事件应急响应分析](https://mp.weixin.qq.com/s?__biz=MzI1Mjc3NTUwMQ==&mid=2247538503&idx=1&sn=823611c94f399812ab24f75ac97ade94) - - [ ] [云安全(二):对象存储](https://mp.weixin.qq.com/s?__biz=MzkyMjUzNTM1Mw==&mid=2247486992&idx=1&sn=f553fbcdf572da09cdf767e6c39b230f) - - [ ] [国内没人讲,国外电动车测评不惯着新势力新能源汽车](https://mp.weixin.qq.com/s?__biz=MzkwMjQyNjAxMA==&mid=2247484825&idx=1&sn=2fdaa5a56346aac19da121b702f3a1fd) - - [ ] [【漏洞预警】pearProjectApi存在SQL注入漏洞](https://mp.weixin.qq.com/s?__biz=MzI3NzMzNzE5Ng==&mid=2247489507&idx=1&sn=cdbcc7dac604210a7fa351e96c1bbaa9) - - [ ] [【漏洞预警】YesWiki 存在经过身份验证的任意文件删除漏洞(CVE-2025-24019)](https://mp.weixin.qq.com/s?__biz=MzI3NzMzNzE5Ng==&mid=2247489507&idx=2&sn=43309d019012fc2d5146638f21cf4cdb) - - [ ] [link-tools工具箱](https://mp.weixin.qq.com/s?__biz=MzU2MTc4NTEyNw==&mid=2247486391&idx=1&sn=0f8c045e6dfb3362f22fb8d1a7f32da2) - - [ ] [抓包分析FTP协议及原理](https://mp.weixin.qq.com/s?__biz=MzAxNTg1MDYxNA==&mid=2247489174&idx=1&sn=6e16fbcc3137f63cf7a73a438af5e7e4) - - [ ] [浅谈《通信网络安全防护管理办法》](https://mp.weixin.qq.com/s?__biz=MzI4NzA1Nzg5OA==&mid=2247485688&idx=1&sn=2dcf3598a5664123095e9ca1608b8800) - - [ ] [【技巧】开源情报(OSINT):套接字理论(Socket Theory)情报分析师如何更好隐藏自己](https://mp.weixin.qq.com/s?__biz=MzI2MTE0NTE3Mw==&mid=2651148647&idx=1&sn=4df1f367b82341e8c092ea12a7dec4c8) - - [ ] [强烈推荐|超好用的网安大模型](https://mp.weixin.qq.com/s?__biz=Mzg5NTY3NTMxMQ==&mid=2247484536&idx=1&sn=b056b6036c8dc99ff081f004dc23caff) - - [ ] [使用 Evilginx 轻松绕过 MFA](https://mp.weixin.qq.com/s?__biz=MzkwOTE5MDY5NA==&mid=2247504689&idx=1&sn=ebe28721272600d656ad2acd2611a716) - - [ ] [OSINT|值得拥有的TOP5工具](https://mp.weixin.qq.com/s?__biz=MzkxMDIwMTMxMw==&mid=2247494462&idx=1&sn=ed829c96e96e34bcd8db231435dcfe19) - - [ ] [我要学习 | 本公众号第一次公开课:前端爆破加解密、JS调试分析加密爆破](https://mp.weixin.qq.com/s?__biz=Mzk0NzQxNzY2OQ==&mid=2247488005&idx=1&sn=592dae68ea021e9ac446992060cf267c) - - [ ] [信创已经到关键期--人人必须要知道的政策](https://mp.weixin.qq.com/s?__biz=MzkwNDI0MjkzOA==&mid=2247485838&idx=1&sn=dd4be512901b9a931d6d7681f3b1e5b1) - - [ ] [ctftools-all-in-oneV7.5](https://mp.weixin.qq.com/s?__biz=MzI1NzUxOTUzMA==&mid=2247485778&idx=1&sn=3b0ff74d522d161b0a91bd13453019f1) - - [ ] [搞网络安全怎么赚大钱!!!](https://mp.weixin.qq.com/s?__biz=Mzk0MzY3MDE5Mg==&mid=2247483972&idx=1&sn=5f01535fafc100416448c9fb3a7162a6) - - [ ] [红队开发:让自己的Shellcode实现SMC](https://mp.weixin.qq.com/s?__biz=Mzg3OTUxNTU2NQ==&mid=2247490015&idx=1&sn=0cdb71c24b75dcb4bf801925daf80188) - - [ ] [CTF:Phar反序列化漏洞学习笔记](https://mp.weixin.qq.com/s?__biz=Mzg3OTUxNTU2NQ==&mid=2247490015&idx=2&sn=e906ce0834778a54573549a04e207af6) - - [ ] [Ansible fetch模块详解:轻松从远程主机抓取文件](https://mp.weixin.qq.com/s?__biz=Mzg3OTUxNTU2NQ==&mid=2247490015&idx=3&sn=2345a568a480fa2af4f3055b4a20e422) - - [ ] [【工具推荐】URLFinder-x 信息收集工具](https://mp.weixin.qq.com/s?__biz=Mzg3OTUxNTU2NQ==&mid=2247490015&idx=4&sn=e51a2edc4bd80f79155f95e73f56a74e) - - [ ] [【安全圈】特朗普上任首日,被囚 11 年的丝绸之路创始人获释](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067553&idx=1&sn=bad8f735186597a7ef0a02f03be5d6e4) - - [ ] [【安全圈】420万主机暴露,含VPN和路由器](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067553&idx=2&sn=ce83805d756cb11a77b84cb9413465be) - - [ ] [【安全圈】2024年近2亿人受影响,美国医疗成重点攻击目标](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067553&idx=3&sn=126c3fc5cb7d6a7dc18e3e9a213e8170) - - [ ] [【安全圈】7-Zip 漏洞可让远程攻击者绕过保护并执行任意代码](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067553&idx=4&sn=2c06e2c2a5011eb86894033a1e6c41fc) - - [ ] [2025年最新渗透测试虚拟机工具箱汇总](https://mp.weixin.qq.com/s?__biz=MzkyMzg4MTY4Ng==&mid=2247484594&idx=1&sn=585d3369395a3f45ab99f107d28a3463) - - [ ] [特斯拉电动汽车越狱](https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247619987&idx=1&sn=d6821c8b8105f5f77f3461cfbd94e684) - - [ ] [基于 Linux 的汽车计算机的安全隔离与案例研究](https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247619987&idx=2&sn=ee7b65f10a49000391f08bc76432de8a) - - [ ] [远程车辆控制的关键 - 自动驾驶域控制器 百度](https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247619987&idx=3&sn=1387d6e1758c003c565cdbf395dfc69f) - - [ ] [某攻防演练|从404页面到接管阿里云](https://mp.weixin.qq.com/s?__biz=MzIzMTIzNTM0MA==&mid=2247496928&idx=1&sn=871a0d0002a589ed9b98ae6ed97158f9) - - [ ] [关于召开宁夏商用密码应用安全性评估业务培训工作会议的预通知](https://mp.weixin.qq.com/s?__biz=MzI5NTM4OTQ5Mg==&mid=2247633960&idx=1&sn=50eb0fb22088f21b070e66f7d7e9584a) - - [ ] [江苏省数据条例正式发布](https://mp.weixin.qq.com/s?__biz=MzI5NTM4OTQ5Mg==&mid=2247633960&idx=2&sn=bb5de81413dedac432a0b709af22b410) - - [ ] [《Web3.0数字身份密码安全体系研究(2024年)》正式发布](https://mp.weixin.qq.com/s?__biz=MzI5NTM4OTQ5Mg==&mid=2247633960&idx=3&sn=643e1c6917e0dce418857355ad3c1c9b) - - [ ] [专家解读 | 魏亮:统筹布局国家数据基础设施,夯实数据要素价值释放基础](https://mp.weixin.qq.com/s?__biz=MzI5NTM4OTQ5Mg==&mid=2247633960&idx=4&sn=134507671490e2845e85db11c3be566d) - - [ ] [美国IT供应商被黑,导致多地公共服务被迫中断多天](https://mp.weixin.qq.com/s?__biz=MzI5NTM4OTQ5Mg==&mid=2247633960&idx=5&sn=6918146fda0592a974fd01cf1925c11c) - - [ ] [乘风破浪,行稳致远 —— 新潮信息2024年度盛典圆满落幕](https://mp.weixin.qq.com/s?__biz=MzkwNDcyODgwOQ==&mid=2247486769&idx=1&sn=ec8b1275fbd5a504490eef87766c3aa1) - - [ ] [安全专家亲测演示:用这个方法,邻居家的WiFi密码一碰就开](https://mp.weixin.qq.com/s?__biz=MzI5MjY4MTMyMQ==&mid=2247489766&idx=1&sn=605087abaf5c1f6db011dcd9e668e8b0) - - [ ] [人间逢小年,祝大家万事皆如愿](https://mp.weixin.qq.com/s?__biz=Mzg4NzQ4MzA4Ng==&mid=2247485185&idx=1&sn=7fd770df097013d9a338a34a41d0bc8c) - - [ ] [缺乏的不是资源,而是真正的教育](https://mp.weixin.qq.com/s?__biz=MzkwODY2MzMyMA==&mid=2247484531&idx=1&sn=6283dfe0b1f0cd0be19c277bdf2f8076) - - [ ] [汇编语言基础教程](https://mp.weixin.qq.com/s?__biz=MzA4ODEyODA3MQ==&mid=2247490098&idx=1&sn=ed0be305f2c8c9de0fff326bc45f1ce9) - - [ ] [Remcos RAT远控木马分析](https://mp.weixin.qq.com/s?__biz=MzA4ODEyODA3MQ==&mid=2247490098&idx=2&sn=4a0e7ccccb8b29ea9fb45b2e6470e088) - - [ ] [CE了解](https://mp.weixin.qq.com/s?__biz=MzkxMjYyMjA3Mg==&mid=2247485392&idx=1&sn=a3204187202136c21f954c939c9d6a3d) - - [ ] [App对抗系列—Root检测对抗](https://mp.weixin.qq.com/s?__biz=MzU3OTYxNDY1NA==&mid=2247484886&idx=1&sn=dd4e714506b98b4971ca44a8c838c966) - - [ ] [【信科动态】蓄势待发 共创辉煌 — 信科共创2025年会圆满举办](https://mp.weixin.qq.com/s?__biz=MzIyNTIyMTU1Nw==&mid=2247485220&idx=1&sn=9a2dbc483e538d6cfa865f6dd956dbfd) - - [ ] [【权威发布】CNNIC最新《中国互联网络发展状况统计报告》发布](https://mp.weixin.qq.com/s?__biz=MzIyNTIyMTU1Nw==&mid=2247485220&idx=2&sn=0a2a314bc37a8521c1d2716667929149) - - [ ] [【数安天地】2025年我国数据领域明确重点任务](https://mp.weixin.qq.com/s?__biz=MzIyNTIyMTU1Nw==&mid=2247485220&idx=3&sn=32cb839b2a727c01270ea47e1df58290) - - [ ] [【AI安全】2024年度人工智能……](https://mp.weixin.qq.com/s?__biz=MzIyNTIyMTU1Nw==&mid=2247485220&idx=4&sn=abfa6ea3dca53098a88613093bb4449e) - - [ ] [【网安前沿】人数超TikTOK!……](https://mp.weixin.qq.com/s?__biz=MzIyNTIyMTU1Nw==&mid=2247485220&idx=5&sn=5c373b4d772f9ce5160eed1cb8773743) - - [ ] [混沌](https://mp.weixin.qq.com/s?__biz=MzIwODc2NjgxNA==&mid=2247484977&idx=1&sn=bfdeaa70d34c3c8a5d24edb80197bdc6) - - [ ] [带你解锁编码新世界!--随波逐流CTF编码工具使用教程39 --polybius棋盘密码](https://mp.weixin.qq.com/s?__biz=MzU2NzIzNzU4Mg==&mid=2247489560&idx=1&sn=f13a82f3662c6aaff65700a0bb33ad1c) - - [ ] [Coremail邮箱客户端安装与账户配置(macOS x86版)](https://mp.weixin.qq.com/s?__biz=MzkxMjY3MTI4Mg==&mid=2247484607&idx=1&sn=f63e575f4158cdb39e613b1f7c85eb5a) - - [ ] [关于公示2025年工业和信息化部移动互联网APP产品安全漏洞专业库支撑单位的通知](https://mp.weixin.qq.com/s?__biz=MzkyMjM4MzY5Ng==&mid=2247486052&idx=1&sn=672267c39bd61c609b8a70aa6fe4dba4) - - [ ] [支撑单位遴选 | 关于开展2025年工业和信息化部移动互联网APP产品安全漏洞专业库支撑单位遴选工作的通知](https://mp.weixin.qq.com/s?__biz=MzkyMjM4MzY5Ng==&mid=2247486052&idx=2&sn=df504e3f60bd71a5f51f6ddfc79ceac2) - - [ ] [AI快速上手:新手如何用ChatGPT写好医学影像学文献综述的全攻略!](https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247493247&idx=1&sn=e8b8fb7965bdb36fbd8d60043f77110e) - - [ ] [AI驱动教育学论文初稿快速生成:核心流程与实战指北!](https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247493247&idx=2&sn=e818116fd4106e8a0f70c6dc696a890e) - - [ ] [AI驱动下的法语论文文献综述战法:半天高效清空20个刊物的内参秘籍。](https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247493247&idx=3&sn=bd8b3f8df3fabad7af824fd5f9a552ee) - - [ ] [AI时代:教你玩转小学教育论文大纲的落实与完善攻略。](https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247493247&idx=4&sn=aaae4c45ec27234ca0aed2ae90c7dc4c) - - [ ] [AI时代:ChatGPT助你一天搞定法语论文大纲完善内部高阶指南!](https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247493247&idx=5&sn=abd5d43185cc32d17ba024114fd783ad) - - [ ] [安世加实战派沙龙第二期之办公终端安全在北京成功举办(2025.01.11/周六、北京)](https://mp.weixin.qq.com/s?__biz=MzU2MTQwMzMxNA==&mid=2247541441&idx=1&sn=b4996a6803ef5cac9358f5c0abc692c7) - - [ ] [【工具分享】HermeticRansom勒索病毒恢复工具](https://mp.weixin.qq.com/s?__biz=MzkyOTQ0MjE1NQ==&mid=2247496544&idx=1&sn=b0532021322be29222853520f63e6c37) - - [ ] [起床了吗,我要结婚了](https://mp.weixin.qq.com/s?__biz=Mzg4NDg2NTM3NQ==&mid=2247484692&idx=1&sn=c1bd4168ea28a88992c34b9370b2afcc) - - [ ] [下辈子别做网安了](https://mp.weixin.qq.com/s?__biz=MzIxNTIzNTExMQ==&mid=2247490797&idx=1&sn=f884b6f04d1985bae7bb9a55eb1c2706) - - [ ] [区块链学习笔记之初探以太坊](https://mp.weixin.qq.com/s?__biz=MjM5MjEyMTcyMQ==&mid=2651037431&idx=1&sn=33663e3a850d9c8b658bad904c08ce0a) - - [ ] [领导者不变,中国厂商全无|Gartner 访问管理 2024 MQ 发布](https://mp.weixin.qq.com/s?__biz=MzkzNjE5NjQ4Mw==&mid=2247543326&idx=1&sn=8f60ed73ede9f28b5c71d30f94a81e9e) - - [ ] [DeepSeek+OpenAI Swarm,做Agent的绝配](https://mp.weixin.qq.com/s?__biz=Mzg5NTMxMjQ4OA==&mid=2247485586&idx=1&sn=fa8cd22e23818be8a4f85c034b2653e9) - - [ ] [《灵根换途:重铸荣耀》](https://mp.weixin.qq.com/s?__biz=MzI1NDU2MzAzNQ==&mid=2247487775&idx=1&sn=bdeb4114b72038469c576c5cd7ef0abf) - - [ ] [数据经纪商Gravy Analytics遭黑客攻击 数百万用户位置信息泄露](https://mp.weixin.qq.com/s?__biz=MzIwNzAwOTQxMg==&mid=2652251252&idx=1&sn=08c27d24f45df08156ccbb320a916ca7) - - [ ] [关于调整半决赛入围队伍名单公示](https://mp.weixin.qq.com/s?__biz=MzI1NzQ0NTMxMQ==&mid=2247490073&idx=1&sn=1196e582372868c1cdcdc85590fe6ec2) - - [ ] [小年 | 小年辞旧岁,新春序幕开](https://mp.weixin.qq.com/s?__biz=MzU3MDA0MTE2Mg==&mid=2247492489&idx=1&sn=f7ae189fc8a91f74ba5b7ca2cd070e3d) - - [ ] [今日,小年](https://mp.weixin.qq.com/s?__biz=MzkyNDUxNTQ2Mw==&mid=2247485811&idx=1&sn=b6f89d271a02e0fe0ecaa468674cd746) - - [ ] [美商务部《保障ICT供应链:联网汽车》规则(全文翻译)](https://mp.weixin.qq.com/s?__biz=MzIxODM0NDU4MQ==&mid=2247506068&idx=1&sn=c5502bc907a76a432d06dd4e9098d0ad) - - [ ] [小年纳福 喜迎新春](https://mp.weixin.qq.com/s?__biz=MzI2NDYzNjY0Mg==&mid=2247501129&idx=1&sn=78727fa4943031118593e6589cac1f03) - - [ ] [Payloads for LFR/LFD](https://mp.weixin.qq.com/s?__biz=Mzg2NTk4MTE1MQ==&mid=2247486492&idx=1&sn=2a26b6645da3eac6fb5fd1bb53bb5ba9) - - [ ] [秋风AI代码审计工具1.0 上线!](https://mp.weixin.qq.com/s?__biz=MzkzMzczODA0OQ==&mid=2247484087&idx=1&sn=946eec98d2649ebae893bd340fc6f023) - - [ ] [CERT-UA 警告网络诈骗者冒充该机构利用虚假AnyDesk请求控制目标](https://mp.weixin.qq.com/s?__biz=MzI2NzAwOTg4NQ==&mid=2649793938&idx=2&sn=8ef11a28a3fa79bc3bd6ed37a79f3e6a) - - [ ] [《信息安全学报》“智能语音攻防技术”专栏征稿函](https://mp.weixin.qq.com/s?__biz=MzI5ODA1NjE5NQ==&mid=2652014647&idx=1&sn=082ad04011ce661af109ade0f59b2d6f) - - [ ] [税前年薪50-200万,高层次网络安全人才招聘](https://mp.weixin.qq.com/s?__biz=MzU4OTg4Nzc4MQ==&mid=2247505628&idx=1&sn=b6131a18925f1d2c27b52a044ac7c20a) - - [ ] [江西银行2025年社会招聘网络安全岗](https://mp.weixin.qq.com/s?__biz=MzU4OTg4Nzc4MQ==&mid=2247505628&idx=2&sn=48d0b333d0c895679e394c93cb955922) - - [ ] [年薪50-80万!湖南省密码工程技术研究中心招聘信息安全专业](https://mp.weixin.qq.com/s?__biz=MzU4OTg4Nzc4MQ==&mid=2247505628&idx=3&sn=bc981945ca96eb0dd824e4fb8aef48d9) - - [ ] [3000+网安笔记](https://mp.weixin.qq.com/s?__biz=MzU4OTg4Nzc4MQ==&mid=2247505628&idx=4&sn=6bafb661c0c79d06eaea7321bccf9b1d) - - [ ] [期刊征文 | 暗网抑制前沿进展](https://mp.weixin.qq.com/s?__biz=MzU5MTM5MTQ2MA==&mid=2247491610&idx=1&sn=8b6c9caf92435cbd9b76b77686619972) - - [ ] [红包封面第二弹!](https://mp.weixin.qq.com/s?__biz=MzUzMDQ1MTY0MQ==&mid=2247506597&idx=1&sn=e0fb7f14d115e5e6a81cf58be6938690) - - [ ] [工信部等十四部门联合印发《关于加强极端场景应急通信能力建设的意见》](https://mp.weixin.qq.com/s?__biz=Mzg2MDg0ODg1NQ==&mid=2247539969&idx=1&sn=d0b20062f59c4c2627623f4a0110a99a) - - [ ] [【解读】五问+一图,读懂《关于加强极端场景应急通信能力建设的意见》](https://mp.weixin.qq.com/s?__biz=Mzg2MDg0ODg1NQ==&mid=2247539969&idx=2&sn=fc62411ebb093dc6e8ba7a1a293e7968) - - [ ] [祥和小年至,新岁启新程!](https://mp.weixin.qq.com/s?__biz=MzU4NjY4MDAyNQ==&mid=2247497015&idx=1&sn=d54c943e8370d2b504197ce7125a9bd3) - - [ ] [.NET 安全攻防知识交流社区](https://mp.weixin.qq.com/s?__biz=MzkyMDM4NDM5Ng==&mid=2247490330&idx=2&sn=a8b44c92013aa2897bc50f5869a74a94) - - [ ] [梅赛德斯—奔驰信息娱乐系统漏洞详细信息披露](https://mp.weixin.qq.com/s?__biz=MzIzNDIxODkyMg==&mid=2650085835&idx=1&sn=55b9b7d447e31ed5e6a7016fc118aba7) - - [ ] [北方小年|糖瓜祭灶 新年来到](https://mp.weixin.qq.com/s?__biz=MzIzNDIxODkyMg==&mid=2650085835&idx=2&sn=62fa38baa6534b965a3ee784c8c23c5b) - - [ ] [定制红包封面、蛇年手机壁纸,天融信愿您新的一年福气满屏!](https://mp.weixin.qq.com/s?__biz=MzA3OTMxNTcxNA==&mid=2650963107&idx=1&sn=9bbaad123506d1da711ab3643c51c8d5) - - [ ] [小年快乐 | 文末领取励行安全专属红包封面](https://mp.weixin.qq.com/s?__biz=MzkxNTY4NTQwMg==&mid=2247484280&idx=1&sn=2263d238e09a658039a7a2399a3257d9) - - [ ] [Lazarus组织发起“Operation 99”行动,通过虚假LinkedIn资料瞄准Web3开发者](https://mp.weixin.qq.com/s?__biz=MzA4NTY4MjAyMQ==&mid=2447900117&idx=1&sn=147a51e42956ef762d607ad4db560f1b) - - [ ] [红包封面免费领](https://mp.weixin.qq.com/s?__biz=MzA4NTY4MjAyMQ==&mid=2447900116&idx=1&sn=6a902bce7b923dcbb6d636c0bd33e2c7) - - [ ] [福利!免费商用,1500+组件低代码工业数据连接及可视化平台](https://mp.weixin.qq.com/s?__biz=MjM5OTA4MzA0MA==&mid=2454936685&idx=1&sn=c2daf9fcc60bce9090096a88fc9bc122) - - [ ] [转储LSASS内存的强大神器](https://mp.weixin.qq.com/s?__biz=MzkyNzIxMjM3Mg==&mid=2247489037&idx=1&sn=690f85a085d60322cbdef81ea014958a) - - [ ] [小事](https://mp.weixin.qq.com/s?__biz=MzkyNzIxMjM3Mg==&mid=2247489037&idx=2&sn=6baba774e15189c2118e75a96615ba4a) - - [ ] [Wireshark Troubleshooting 系列合集目录](https://mp.weixin.qq.com/s?__biz=MzA5NTUxODA0OA==&mid=2247493128&idx=1&sn=027c2d79a975850f77ba85e1c7325e23) - - [ ] [网安之道](https://mp.weixin.qq.com/s?__biz=MzAwMjQ2NTQ4Mg==&mid=2247496713&idx=1&sn=f99ce8d0ff597b9725371ec789d1627d) - - [ ] [国自然中标真不难!十年评审专家1v1精修你的本子,中标率提升58%](https://mp.weixin.qq.com/s?__biz=MzAwMjQ2NTQ4Mg==&mid=2247496713&idx=2&sn=5123c0c462454c69a097d5c90b01ac29) - - [ ] [云计算与零信任架构的结合:实现更高安全性](https://mp.weixin.qq.com/s?__biz=MzkxNjU2NjY5MQ==&mid=2247509854&idx=1&sn=c873f0835b8ef33b4e64f63598b41c66) - - [ ] [Go shellcode加载器 免杀火绒 360核晶等主流杀软](https://mp.weixin.qq.com/s?__biz=MzU5MjgwMDg1Mg==&mid=2247484753&idx=1&sn=b8aa28771e6ca5e4ac83058d2a8f18cb) - - [ ] [小年至,归期近;有安全,更团圆。](https://mp.weixin.qq.com/s?__biz=MjM5NzA3Nzg2MA==&mid=2649870812&idx=1&sn=422066cfd72bd12d7ff94673d46c0035) - - [ ] [互联网大厂黑话指南(速成版)](https://mp.weixin.qq.com/s?__biz=MzI1NzI5NDM4Mw==&mid=2247498587&idx=1&sn=f7b972440193d95d234bd9e501fad124) - - [ ] [十强!威努特斩获2024年网络安全优秀评选三项大奖](https://mp.weixin.qq.com/s?__biz=MzAwNTgyODU3NQ==&mid=2651130654&idx=1&sn=72ece0485d56a8dbc791b20108f0943c) - - [ ] [MySQL数据误删的恢复分享](https://mp.weixin.qq.com/s?__biz=Mzg3NTU3NTY0Nw==&mid=2247489522&idx=1&sn=b85a0e1b057a832db9ec56399cc6439f) - - [ ] [先向下扎根,再向上生长](https://mp.weixin.qq.com/s?__biz=MzU4NjY3OTAzMg==&mid=2247514862&idx=1&sn=6c93e8560b7d557a43c0f9b7263d6dd0) - - [ ] [全球瞭望|网络安全重大事件精选](https://mp.weixin.qq.com/s?__biz=MzU4NjY3OTAzMg==&mid=2247514862&idx=2&sn=bcdf5e64844202a08a115bfeadb0c886) - - [ ] [JWT原理及利用](https://mp.weixin.qq.com/s?__biz=Mzg5MDgzOTk2Mg==&mid=2247484651&idx=1&sn=9cd5604806e7af154fa2c88241523b12) - - [ ] [一些木马反制技巧](https://mp.weixin.qq.com/s?__biz=MzkwMzMwODg2Mw==&mid=2247510449&idx=1&sn=954231b814fb3c633b2bac2dc12665b3) - - [ ] [漏洞预警 | 叁拾叁OA SQL注入漏洞](https://mp.weixin.qq.com/s?__biz=MzkwMTQ0NDA1NQ==&mid=2247492118&idx=2&sn=0cc8d46b2006a58fe76e0aceeec3f5e3) - - [ ] [工具 | proxypin](https://mp.weixin.qq.com/s?__biz=MzkwMTQ0NDA1NQ==&mid=2247492118&idx=4&sn=6d72cbe7b6abd76539ff4b90c246e621) - - [ ] [载誉前行|天地和兴荣膺CCIA年度先进会员单位](https://mp.weixin.qq.com/s?__biz=MjM5Mzk0MDE2Ng==&mid=2649608840&idx=1&sn=822e24931c6b118b52381dd6a0725082) - - [ ] [2024年度网络安全漏洞威胁态势研究报告](https://mp.weixin.qq.com/s?__biz=MjM5OTk4MDE2MA==&mid=2655264326&idx=2&sn=edd9feb6f1f3d5fb7467e5a4a1bc8ea3) - - [ ] [网络弹性评价流程](https://mp.weixin.qq.com/s?__biz=MjM5OTk4MDE2MA==&mid=2655264326&idx=3&sn=0064271e80a9c395235db44394646be4) - - [ ] [网络与数据安全治理前沿洞察(2025年第1期)](https://mp.weixin.qq.com/s?__biz=MjM5OTk4MDE2MA==&mid=2655264326&idx=4&sn=972c2472a69641e01ab75dec91607976) - - [ ] [2025年低空经济未来发展趋势分析](https://mp.weixin.qq.com/s?__biz=MjM5OTk4MDE2MA==&mid=2655264326&idx=5&sn=c695125ae9234c1bbee0ab30a82644fe) - - [ ] [GB∕T 44778-2024 汽车诊断接口信息安全技术要求及试验方法](https://mp.weixin.qq.com/s?__biz=MjM5OTk4MDE2MA==&mid=2655264326&idx=8&sn=828ad37f9e1fecb482a24e86e66fea7b) - - [ ] [HSQLDB 安全测试指南](https://mp.weixin.qq.com/s?__biz=MzkxNjMwNDUxNg==&mid=2247487207&idx=2&sn=627d12dc6ee86ec6a128d2c4d24e2024) - - [ ] [RPA在电力行业中的应用](https://mp.weixin.qq.com/s?__biz=MjM5NTk5Mjc4Mg==&mid=2655222700&idx=1&sn=135b0046a01810bcbeed431638cb4038) - - [ ] [Any-Reader:把你的VSCode变成摸鱼娱乐中心!](https://mp.weixin.qq.com/s?__biz=MzA4MjkzMTcxMg==&mid=2449046750&idx=1&sn=8520440de7e2c9aa42cf4933b5394a43) - - [ ] [2024年度漏洞态势大揭秘:你的网络安全防线还稳固吗?(附下载)](https://mp.weixin.qq.com/s?__biz=MzkyODY5ODAyOA==&mid=2247489419&idx=1&sn=27d48e4898f7de1f017a5a7bc5bc6a4e) - - [ ] [13,000个MikroTik路由器因恶意垃圾邮件和网络攻击被僵尸网络劫持](https://mp.weixin.qq.com/s?__biz=MzA4MzMzOTQ4Mw==&mid=2453672513&idx=1&sn=955e9169d886553304f98bc40ed4718e) - - [ ] [暗网情报:高价Rust反向Shell-美ISP和网络设备制造商网络访问权限](https://mp.weixin.qq.com/s?__biz=MzkyMjQ5ODk5OA==&mid=2247506983&idx=1&sn=2130ab0ccce5bafd3881b7e250b88caa) - - [ ] [5th域安全微讯早报【20250122】019期](https://mp.weixin.qq.com/s?__biz=MzkyMjQ5ODk5OA==&mid=2247506983&idx=2&sn=0327ca894b9af92ef9b7122f7e70a205) - - [ ] [今日直播课程(ISO/IEC 27001),敬请您关注](https://mp.weixin.qq.com/s?__biz=MzA5OTEyNzc1Nw==&mid=2247486014&idx=1&sn=f9a261134b643ac91d42ec2d51189828) - - [ ] [ISO 14001: 2015 标准详解与实施(20)9.1.1 总则](https://mp.weixin.qq.com/s?__biz=MzA5OTEyNzc1Nw==&mid=2247486014&idx=2&sn=51c00f82998000dfcbb64df3898c9de4) - - [ ] [“间谍”正在潜入你的手机](https://mp.weixin.qq.com/s?__biz=Mzg5OTg5OTI1NQ==&mid=2247489786&idx=1&sn=4b1c4df2d56e34fa521c69996bf42e3f) - - [ ] [黑客团伙IntelBroker声称已窃取HPE内部机密数据 后者表示正在调查](https://mp.weixin.qq.com/s?__biz=MzkxNTI2NTQxOA==&mid=2247496070&idx=1&sn=2336cc68b4e452a35795193173f98854) - - [ ] [一图读懂《关于加强极端场景应急通信能力建设的意见》](https://mp.weixin.qq.com/s?__biz=MzkxNTI2NTQxOA==&mid=2247496070&idx=2&sn=d0fa64e3e92467220eb923a4612e7960) - - [ ] [【神兵利器】JAVA JMX漏洞综合利用工具](https://mp.weixin.qq.com/s?__biz=Mzg4MTU4NTc2Nw==&mid=2247495179&idx=1&sn=0d366655fb6bb139775fc4d4fe333652) - - [ ] [JBoss 4.x JBossMQ JMS反序列化](https://mp.weixin.qq.com/s?__biz=Mzg4MTU4NTc2Nw==&mid=2247495179&idx=2&sn=dce36e9b572732a9fddfa1774bcea24c) - - [ ] [ViewState反序列化漏洞详解](https://mp.weixin.qq.com/s?__biz=Mzg2MzkwNDU1Mw==&mid=2247485410&idx=1&sn=c516da4c5bcf9729e270e70dc0c6e61d) - - [ ] [linux清除了文件没有释放空间](https://mp.weixin.qq.com/s?__biz=Mzg2MzkwNDU1Mw==&mid=2247485410&idx=2&sn=673b6d7c7ff6b3a511f79a660b138423) - - [ ] [什么是零信任:安全性、原则和架构](https://mp.weixin.qq.com/s?__biz=MzA5MzU5MzQzMA==&mid=2652114149&idx=1&sn=e6c11500191f7d8bb8a004604a2c5561) - - [ ] [秦安:新华社喜气洋洋点评,小红书需发挥主体作用,接住泼天富贵](https://mp.weixin.qq.com/s?__biz=MzA5MDg1MDUyMA==&mid=2650476271&idx=1&sn=580c4508bc163041823038ad9e920e68) - - [ ] [喜报!炼石荣获中国计算机行业协会网数专委“卓越贡献奖”](https://mp.weixin.qq.com/s?__biz=MzkyNzE5MDUzMw==&mid=2247568825&idx=1&sn=f8e52c6a4464aec5ef8f1fb39f02e04b) - - [ ] [如何构建混合云环境下的信息安全策略?](https://mp.weixin.qq.com/s?__biz=Mzg4NDc0Njk1MQ==&mid=2247487177&idx=1&sn=809cff24a1b39067a2dbd6d345853a90) - - [ ] [云安全中的共享责任模型:企业与云服务商的界限](https://mp.weixin.qq.com/s?__biz=Mzg4NDc0Njk1MQ==&mid=2247487177&idx=2&sn=7113ff3d04b276d919b4dc008991e0f4) - - [ ] [TangGo:国产化的综合能手](https://mp.weixin.qq.com/s?__biz=MzkzNzg3NzQxMQ==&mid=2247485695&idx=1&sn=2fc7154d71582d71208ba945e123238a) - - [ ] [AWS 云安全面试准备:10 个重要的 DevOps 概念](https://mp.weixin.qq.com/s?__biz=MzkyODYwODkyMA==&mid=2247484996&idx=1&sn=4615303b13ce5abb344738596185350e) - - [ ] [新春福利已就位,海量奖品疯狂来袭!](https://mp.weixin.qq.com/s?__biz=MzAwMDQwNTE5MA==&mid=2650247705&idx=1&sn=36ed81f86ac26ed621bcaeea900677ad) - - [ ] [所有的网站都需要办理ICP备案?](https://mp.weixin.qq.com/s?__biz=MzI4NzA1Nzg5OA==&mid=2247485681&idx=1&sn=fa6e7bd1383473df5734f103139557e7) - - [ ] [分享图片](https://mp.weixin.qq.com/s?__biz=MzI3Njc1MjcxMg==&mid=2247494307&idx=1&sn=47e335541d5c4fa8e74793af9324e019) - - [ ] [全新视频系列《实战源码审计》](https://mp.weixin.qq.com/s?__biz=Mzg4MzkwNzI1OQ==&mid=2247485719&idx=1&sn=4b3339a03f1b67424f469e8d1b72bdcf) - - [ ] [OWASP 2025年十大漏洞–被利用/发现的最严重漏洞](https://mp.weixin.qq.com/s?__biz=MzA5MzU5MzQzMA==&mid=2652114147&idx=1&sn=257856caede83532d8fbbbbaa718c6be) - - [ ] [126个Linux内核漏洞可让攻击者利用78个 Linux子系统](https://mp.weixin.qq.com/s?__biz=MzA5MzU5MzQzMA==&mid=2652114147&idx=2&sn=0ec2b581bd93714c8ff60c69bcc70f8b) - - [ ] [工具推荐 | 内网渗透敏感信息搜索神器](https://mp.weixin.qq.com/s?__biz=MzkwNjczOTQwOA==&mid=2247493961&idx=1&sn=fd35d4a8a05cae420fa700b36125f0d2) - - [ ] [网络空间测绘 -- ScopeSentry(V1.5.4)](https://mp.weixin.qq.com/s?__biz=MzI4MDQ5MjY1Mg==&mid=2247515682&idx=1&sn=7012ed1bd01016412f4a2ac7075c393c) - - [ ] [第6天:基础入门-抓包技术&HTTPS协议&APP&小程序&PC应用&WEB&转发联动](https://mp.weixin.qq.com/s?__biz=MzI4MDQ5MjY1Mg==&mid=2247515682&idx=2&sn=b88c75c1bbebb784ce683d00c4f1c092) - - [ ] [攻防靶场(47):一个dirsearch的坑 Katana](https://mp.weixin.qq.com/s?__biz=MzI0NjA3Mzk2NQ==&mid=2247495899&idx=1&sn=1dba3bd5431bcf4961d53a9827d4d6ef) - - [ ] [安卓逆向2025 -- Frida学习之hook案例(七)](https://mp.weixin.qq.com/s?__biz=MzA4MzgzNTU5MA==&mid=2652037569&idx=1&sn=812d974c4ebdf4db2b99edb6a227a060) - - [ ] [1Scan一键渗透扫描器|漏洞探测](https://mp.weixin.qq.com/s?__biz=Mzg3ODE2MjkxMQ==&mid=2247489961&idx=1&sn=f40f050019a99e6f65fa036bc9a7da16) - - [ ] [春节快到了,来!一起学习春节反诈常识](https://mp.weixin.qq.com/s?__biz=Mzg2NjY2MTI3Mg==&mid=2247498296&idx=1&sn=20ac1bcef2bd187c39d60b04f7d58bff) - - [ ] [泛微e-office 11.0 RCE](https://mp.weixin.qq.com/s?__biz=MzU2NDY2OTU4Nw==&mid=2247518417&idx=1&sn=c64f9f43e83925e92db0882d722b0d76) -- 安全客-有思想的安全新媒体 - - [ ] [最高级!360获评工信部CAPPVD“三星技术支撑单位”称号](https://www.anquanke.com/post/id/303728) - - [ ] [cve-2024-12857: AdForest 主题中的关键漏洞允许完全接管帐户,数千网站面临风险](https://www.anquanke.com/post/id/303725) - - [ ] [新型 Mirai 变种 Murdoc_Botnet 通过物联网漏洞发起 DDoS 攻击](https://www.anquanke.com/post/id/303722) - - [ ] [2024年,Redline、Vidar和Raccoon恶意软件窃取了10亿个密码](https://www.anquanke.com/post/id/303719) - - [ ] [CVE-2025-21298 检测: Microsoft Outlook 中的严重零点击 OLE 漏洞会导致远程代码执行](https://www.anquanke.com/post/id/303716) - - [ ] [Bitbucket 服务因全球大停机而“严重瘫痪”](https://www.anquanke.com/post/id/303713) - - [ ] [假冒的 Homebrew Google 广告以恶意软件为目标的 Mac 用户](https://www.anquanke.com/post/id/303710) - - [ ] [Cloudflare 缓解了破纪录的 5.6 Tbps DDoS 攻击](https://www.anquanke.com/post/id/303707) - - [ ] [”偷偷摸摸的日志“微软欺骗计划避开了双因素安全系统](https://www.anquanke.com/post/id/303704) - - [ ] [前中情局分析员承认泄露绝密文件罪](https://www.anquanke.com/post/id/303701) -- Tenable Blog - - [ ] [Oracle January 2025 Critical Patch Update Addresses 186 CVEs](https://www.tenable.com/blog/oracle-january-2025-critical-patch-update-addresses-186-cves) -- Trustwave Blog - - [ ] [Trustwave SpiderLabs: Ransomware Attacks Against the Energy and Utilities Sector Up 80%](https://www.trustwave.com/en-us/resources/blogs/trustwave-blog/trustwave-spiderlabs-ransomware-attacks-against-the-energy-and-utilities-sector-up-80-percent/) -- obaby@mars - - [ ] [小年 — 这真的就要过年了?](https://h4ck.org.cn/2025/01/19030) -- 安全脉搏 - - [ ] [记一次有点抽象的渗透经历](https://www.secpulse.com/archives/205044.html) - - [ ] [CVE复现之老洞新探(CVE-2021-3156)](https://www.secpulse.com/archives/205000.html) - - [ ] [在一次渗透中学会编写Tamper脚本](https://www.secpulse.com/archives/205058.html) + - [ ] [Update Fri Jan 24 20:25:39 UTC 2025](https://github.com/trickest/cve/commit/7cc0e3b9bf546832a32096d9ceafcc97c4d93574) + - [ ] [Update Fri Jan 24 12:24:54 UTC 2025](https://github.com/trickest/cve/commit/f8b633c3d8a83678494182ef13bdefe3de45b845) + - [ ] [Update Fri Jan 24 04:11:19 UTC 2025](https://github.com/trickest/cve/commit/2a95822f974d055bd443f22267473caedaf24a5d) +- Sucuri Blog + - [ ] [Malware Redirects WordPress Traffic to Harmful Sites](https://blog.sucuri.net/2025/01/malware-redirects-wordpress-traffic-to-harmful-sites.html) - CXSECURITY Database RSS Feed - CXSecurity.com - - [ ] [Cleo LexiCom / VLTrader / Harmony 5.8.0.23 Remote Code Execution](https://cxsecurity.com/issue/WLB-2025010023) - - [ ] [Ivanti Buffer Overflow Proof of Concept](https://cxsecurity.com/issue/WLB-2025010022) - - [ ] [LibreNMS Authenticated RCE](https://cxsecurity.com/issue/WLB-2025010021) + - [ ] [CMS Twig Template Injection RCE via FTP Templates Path](https://cxsecurity.com/issue/WLB-2025010024) +- Trustwave Blog + - [ ] [Ransomware’s Evolution: Key Threat Groups Targeting the Energy and Utilities Sector in 2025](https://www.trustwave.com/en-us/resources/blogs/trustwave-blog/ransomwares-evolution-key-threat-groups-targeting-the-energy-and-utilities-sector-in-2025/) - Security Boulevard - - [ ] [UK Mail Check: DMARC Reporting Changes to Know](https://securityboulevard.com/2025/01/uk-mail-check-dmarc-reporting-changes-to-know/) - - [ ] [DEF CON 32 – The Village Peoples’ Panel What Really Goes On In A Village](https://securityboulevard.com/2025/01/def-con-32-the-village-peoples-panel-what-really-goes-on-in-a-village/) - - [ ] [Life in the Swimlane with Marian Fehrenbacher, HR Assistant & Office Manager](https://securityboulevard.com/2025/01/life-in-the-swimlane-with-marian-fehrenbacher-hr-assistant-office-manager/) - - [ ] [Google Cloud Security Threat Horizons Report #11 Is Out!](https://securityboulevard.com/2025/01/google-cloud-security-threat-horizons-report-11-is-out/) - - [ ] [Randall Munroe’s XKCD ‘Human Altitude’](https://securityboulevard.com/2025/01/randall-munroes-xkcd-human-altitude/) - - [ ] [Filtered to Perfection: Votiro’s Two-Layer Approach to Cybersecurity](https://securityboulevard.com/2025/01/filtered-to-perfection-votiros-two-layer-approach-to-cybersecurity/) - - [ ] [Entra Connect Attacker Tradecraft: Part 2](https://securityboulevard.com/2025/01/entra-connect-attacker-tradecraft-part-2/) - - [ ] [Rethinking Credential Security](https://securityboulevard.com/2025/01/rethinking-credential-security/) - - [ ] [DEF CON 32 – UDSonCAN Attacks Discovering Safety Critical Risks By Fuzzing](https://securityboulevard.com/2025/01/def-con-32-udsoncan-attacks-discovering-safety-critical-risks-by-fuzzing/) - - [ ] [How to Handle Secrets at the Command Line [cheat sheet included]](https://securityboulevard.com/2025/01/how-to-handle-secrets-at-the-command-line-cheat-sheet-included/) -- 一个被知识诅咒的人 - - [ ] [【Python运维】Python与Terraform结合:实现云基础设施的自动化部署](https://blog.csdn.net/nokiaguy/article/details/145305290) - - [ ] [Python自动化运维:一键掌控服务器的高效之道](https://blog.csdn.net/nokiaguy/article/details/145305263) -- SpiderLabs Blog - - [ ] [Trustwave SpiderLabs 2025 Trustwave Risk Radar Report: Energy and Utilities Sector](https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/trustwave-spiderlabs-2025-trustwave-risk-radar-report-energy-and-utilities-sector/) -- Horizon3.ai - - [ ] [Identify Cybersecurity Risks at Scale to De-Risk M&A Transactions with Horizon3.ai’s NodeZero® Platform](https://go.horizon3.ai/MandA_UseCase#new_tab) - - [ ] [Horizon3.ai Expands on Disruptive Value of Autonomous Penetration Testing for Security Teams Worldwide](https://www.businesswire.com/news/home/20250122764892/en/Horizon3.ai-Expands-on-Disruptive-Value-of-Autonomous-Penetration-Testing-for-Security-Teams-Worldwide#new_tab) - - [ ] [9 Essential Questions to Ask When Evaluating Pentesting Solutions](https://www.horizon3.ai/intelligence/blogs/9-essential-questions-to-ask-when-evaluating-pentesting-solutions/) -- Malwarebytes - - [ ] [7-Zip bug could allow a bypass of a Windows security feature. Update now](https://www.malwarebytes.com/blog/news/2025/01/7-zip-bug-could-allow-a-bypass-of-a-windows-security-feature-update-now) -- PortSwigger Research - - [ ] [Stealing HttpOnly cookies with the cookie sandwich technique](https://portswigger.net/research/stealing-httponly-cookies-with-the-cookie-sandwich-technique) + - [ ] [DEF CON 32 – Anyone Can Hack IoT- Beginner’s Guide To Hacking Your First IoT Device](https://securityboulevard.com/2025/01/def-con-32-anyone-can-hack-iot-beginners-guide-to-hacking-your-first-iot-device/) + - [ ] [Cyber Lingo: What is GRC in cybersecurity?](https://securityboulevard.com/2025/01/cyber-lingo-what-is-grc-in-cybersecurity/) + - [ ] [Randall Munroe’s XKCD ‘Unit Circle’](https://securityboulevard.com/2025/01/randall-munroes-xkcd-unit-circle/) + - [ ] [Continuous Monitoring Guide: FedRAMP Meets Zero Trust](https://securityboulevard.com/2025/01/continuous-monitoring-guide-fedramp-meets-zero-trust/) + - [ ] [How to Choose the Right Cybersecurity Software: A Comprehensive Guide](https://securityboulevard.com/2025/01/how-to-choose-the-right-cybersecurity-software-a-comprehensive-guide/) + - [ ] [How bots and fraudsters exploit video games with credential stuffing](https://securityboulevard.com/2025/01/how-bots-and-fraudsters-exploit-video-games-with-credential-stuffing/) + - [ ] [DEF CON 32 – Building A Secure Resilient Nationwide EV Charging Network](https://securityboulevard.com/2025/01/def-con-32-building-a-secure-resilient-nationwide-ev-charging-network/) + - [ ] [Solving WAFs biggest challenge | Impart Security](https://securityboulevard.com/2025/01/solving-wafs-biggest-challenge-impart-security/) + - [ ] [Unveiling the Dark Web: Myths, Realities, and Risks You Didn’t Know About](https://securityboulevard.com/2025/01/unveiling-the-dark-web-myths-realities-and-risks-you-didnt-know-about/) +- Blogs on STAR Labs + - [ ] [CVE-2024-26230: Windows Telephony Service - It's Got Some Call-ing Issues (Elevation of Privilege)](https://starlabs.sg/blog/2025/cve-2024-26230-windows-telephony-service-its-got-some-call-ing-issues/) - Twitter @bytehx - - [ ] [I earned $$$ for my submission on @bugcrowd https://bugcrowd.com/bytehx #ItTakesACrowd](https://x.com/bytehx343/status/1882032367206060197) - - [ ] [Just got a reward for a vulnerability submitted on @yeswehack -- Acceptance of Extraneous Untrusted Data With Trusted Data - Cache Poisoning (CWE-349)...](https://x.com/bytehx343/status/1882032146376004006) - - [ ] [Re @_justYnot Happy Birthday 🎉🎊🎉](https://x.com/bytehx343/status/1881888985657770380) -- Intigriti - - [ ] [Unwavering support: Your bug bounty journey, our priority](https://www.intigriti.com/blog/business-insights/unwavering-support-your-bug-bounty-journey-our-priority) + - [ ] [Re @roohaa_n @Bugcrowd Because it was on the testing environment.](https://x.com/bytehx343/status/1882793157093679381) + - [ ] [I earned $650 for my submission on @bugcrowd https://bugcrowd.com/bytehx #ItTakesACrowd Bug: Admin Panel Takeover](https://x.com/bytehx343/status/1882791535617650979) +- Bug Bounty in InfoSec Write-ups on Medium + - [ ] [SQL injection in largest Electricity Board of Sri Lanka](https://infosecwriteups.com/sql-injection-in-largest-electricity-board-of-sri-lanka-1a55c12104bd?source=rss----7b722bfd1b8d--bug_bounty) +- Reverse Engineering + - [ ] [Dissecting the NVIDIA Hopper Architecture through Microbenchmarking and Multiple Level Analysis](https://www.reddit.com/r/ReverseEngineering/comments/1i974mg/dissecting_the_nvidia_hopper_architecture_through/) + - [ ] [Hacking Subaru: Tracking and Controlling Cars via the STARLINK Admin Panel](https://www.reddit.com/r/ReverseEngineering/comments/1i8md2d/hacking_subaru_tracking_and_controlling_cars_via/) + - [ ] [A particularly 'sus' sysctl in the XNU Kernel](https://www.reddit.com/r/ReverseEngineering/comments/1i8m9h3/a_particularly_sus_sysctl_in_the_xnu_kernel/) +- SentinelOne + - [ ] [The Good, the Bad and the Ugly in Cybersecurity – Week 4](https://www.sentinelone.com/blog/the-good-the-bad-and-the-ugly-in-cybersecurity-week-4-6/) +- Malwarebytes + - [ ] [Texas scrutinizes four more car manufacturers on privacy issues](https://www.malwarebytes.com/blog/news/2025/01/texas-scrutinizes-four-more-car-manufacturers-on-privacy-issues) - 安全牛 - - [ ] [《Agentic AI安全技术应用报告(2025版)》调研启动](https://mp.weixin.qq.com/s?__biz=MjM5Njc3NjM4MA==&mid=2651134812&idx=1&sn=560db2a85bcb9df872bc7c83e28d37e0&chksm=bd15ab8f8a6222990be11fb64472a9f9dbdfe32284261408fe230c6c72b2425eabc90345f991&scene=58&subscene=0#rd) - - [ ] [特朗普推翻拜登人工智能行政命令;警惕!勒索软件团伙滥用微软Teams发起攻击 | 牛览](https://mp.weixin.qq.com/s?__biz=MjM5Njc3NjM4MA==&mid=2651134812&idx=2&sn=1644fdd615891c190020e26e48734279&chksm=bd15ab8f8a62229945c2a446ad5f94a740189be7bde929cd002d7b0d2cf230da898fbb608135&scene=58&subscene=0#rd) -- 体验盒子 - - [ ] [vscode运行flutter项目ios真机](https://www.uedbox.com/post/119313/) + - [ ] [2024年度全球邮件威胁报告](https://www.aqniu.com/vendor/108155.html) + - [ ] [多个网络安全巨头的账户凭证泄露,在暗网被售卖;工信部提醒:防范Androxgh0st僵尸网络风险 | 牛览](https://www.aqniu.com/homenews/108150.html) + - [ ] [深度长文 | 面对马斯克在CES2025上的预言,我们该何去何从?](https://www.aqniu.com/homenews/108149.html) - HackerNews - - [ ] [7-Zip 修复绕过 Windows MoTW 安全警告的漏洞,应立即升级到24.09版](https://hackernews.cc/archives/57033) - - [ ] [乌克兰计算机应急响应小组警告:假冒 AnyDesk 请求的网络诈骗](https://hackernews.cc/archives/57031) - - [ ] [PNGPlug 加载器通过假冒软件安装程序传播 ValleyRAT 恶意软件](https://hackernews.cc/archives/57029) - - [ ] [13000 台 MikroTik 路由器被僵尸网络劫持,用于恶意软件传播和网络攻击](https://hackernews.cc/archives/57027) - - [ ] [Mirai 变种 Murdoc Botnet 利用 AVTECH IP 摄像头和华为路由器的安全漏洞](https://hackernews.cc/archives/57025) -- 绿盟科技技术博客 - - [ ] [【漏洞通告】Oracle WebLogic Server远程代码执行与拒绝服务漏洞(CVE-2025-21535/CVE-2025-21549)](https://blog.nsfocus.net/cve-20cve-2025-21535-cve-2025-21549/) - - [ ] [绿盟威胁情报周报(2025.01.13-2025.01.19)](https://blog.nsfocus.net/2025-01-13-2025-01-19/) -- bishopfox.com - - [ ] [SonicWall CVE-2024-53704: SSL VPN Session Hijacking](https://bishopfox.com/blog/sonicwall-cve-2024-53704-ssl-vpn-session-hijacking) + - [ ] [特斯拉电动汽车充电器在 Pwn2Own 东京大赛次日遭两次黑客攻击](https://hackernews.cc/archives/57086) + - [ ] [QNAP 修复 NAS 备份恢复应用中的六项 Rsync 漏洞](https://hackernews.cc/archives/57078) + - [ ] [近千个假冒 Reddit 网站推广 Lumma Stealer 恶意软件](https://hackernews.cc/archives/57073) + - [ ] [TRIPLESTRENGTH 针对云环境进行加密货币劫持与勒索软件攻击](https://hackernews.cc/archives/57071) + - [ ] [QakBot 相关 BC 恶意软件新增强化远程访问与数据收集功能](https://hackernews.cc/archives/57069) + - [ ] [Juniper 路由器遭利用“魔术包”漏洞的定制后门攻击](https://hackernews.cc/archives/57064) + - [ ] [Palo Alto 防火墙被发现存在安全启动绕过和固件漏洞](https://hackernews.cc/archives/57061) +- 杨龙 + - [ ] [阿里云小内存机器频繁死机可能原因](https://www.yanglong.pro/%e9%98%bf%e9%87%8c%e4%ba%91%e5%b0%8f%e5%86%85%e5%ad%98%e6%9c%ba%e5%99%a8%e9%a2%91%e7%b9%81%e6%ad%bb%e6%9c%ba%e5%8f%af%e8%83%bd%e5%8e%9f%e5%9b%a0/) - 奇客Solidot–传递最新科技情报 - - [ ] [过去一个世纪男性身高体重增长速度两倍于女性](https://www.solidot.org/story?sid=80399) - - [ ] [杭州深度求索发布能挑战 OpenAI o1 的推理模型 DeepSeek R1](https://www.solidot.org/story?sid=80398) - - [ ] [黑猩猩的撒尿行为具有传染性](https://www.solidot.org/story?sid=80397) - - [ ] [耐药菌在乌克兰扩散](https://www.solidot.org/story?sid=80396) - - [ ] [中国 2024 年可更新能源装机容量再创记录](https://www.solidot.org/story?sid=80395) - - [ ] [Wine 10.0 释出](https://www.solidot.org/story?sid=80394) - - [ ] [TikTok 被指限制反特朗普关键词的搜索](https://www.solidot.org/story?sid=80393) - - [ ] [IMDb 创始人卸任 CEO 一职](https://www.solidot.org/story?sid=80392) - - [ ] [特朗普赦免 Ross Ulbricht](https://www.solidot.org/story?sid=80391) -- 绿盟科技CERT - - [ ] [【漏洞通告】Oracle WebLogic Server远程代码执行与拒绝服务漏洞](https://mp.weixin.qq.com/s?__biz=Mzk0MjE3ODkxNg==&mid=2247488946&idx=1&sn=64c5620996cc0710ef9e2507f0fc0365&chksm=c2c642b9f5b1cbaf3667d5aae3b668b4e34e0cd89d95893a59c258488748706a1a17b3cd727e&scene=58&subscene=0#rd) -- FreeBuf网络安全行业门户 - - [ ] [威胁者利用Microsoft Teams语音通话传播勒索软件](https://www.freebuf.com/news/420574.html) - - [ ] [美国前中央情报局分析师承认泄露国防信息](https://www.freebuf.com/news/420570.html) - - [ ] [FreeBuf早报 | 特朗普赦免暗网丝绸之路创始人;Microsoft Teams被用于传播勒索软件](https://www.freebuf.com/news/420528.html) - - [ ] [特朗普签署文件,特赦暗网“丝绸之路”创始人](https://www.freebuf.com/news/420526.html) - - [ ] [2025 年 AI 网络安全预测](https://www.freebuf.com/news/420517.html) - - [ ] [勒索软件编年史:从特洛伊到AI多重勒索](https://www.freebuf.com/articles/neopoints/420510.html) - - [ ] [7-Zip高危漏洞,攻击者可绕过安全机制远程执行代码](https://www.freebuf.com/news/420514.html) + - [ ] [秘密后门使用“魔法封包”感染企业 VPN](https://www.solidot.org/story?sid=80419) + - [ ] [调查显示八成游戏开发商开发 PC 游戏](https://www.solidot.org/story?sid=80418) + - [ ] [《自然》调查显示七成回应者使用 Bluesky](https://www.solidot.org/story?sid=80417) + - [ ] [乔治 R.R.马丁合作发表了一篇物理学论文](https://www.solidot.org/story?sid=80416) + - [ ] [Google 移动搜索移除网址面包屑导航](https://www.solidot.org/story?sid=80415) + - [ ] [癌细胞利用有缺陷的线粒体毒害攻击免疫细胞](https://www.solidot.org/story?sid=80414) + - [ ] [日本市场中国平板电视首次超过五成](https://www.solidot.org/story?sid=80413) + - [ ] [智人离开非洲后血型可能发生适应性遗传变化](https://www.solidot.org/story?sid=80412) + - [ ] [三菱不打算参与本田日产的合并](https://www.solidot.org/story?sid=80411) + - [ ] [特朗普政府暂停了 NIH 的会议和旅行](https://www.solidot.org/story?sid=80410) + - [ ] [Debian 15 代号 Duke](https://www.solidot.org/story?sid=80409) + - [ ] [研究揭示不同政治光谱对传递虚假信息的偏好](https://www.solidot.org/story?sid=80408) +- 腾讯玄武实验室 + - [ ] [每日安全动态推送(25/1/24)](https://mp.weixin.qq.com/s?__biz=MzA5NDYyNDI0MA==&mid=2651960005&idx=1&sn=def8d5b004e60d0aa2f280d8493dc542&chksm=8baed25abcd95b4c23216c4b136a117918821b1f1ab95f8ce4b0e3c6ab2023bca38d426f0245&scene=58&subscene=0#rd) - 安全客 - - [ ] [2024年度网络安全政策法规一览](https://mp.weixin.qq.com/s?__biz=MzA5ODA0NDE2MA==&mid=2649787787&idx=1&sn=ee8ea4a11f904302c035eb5170b8891e&chksm=8893bde4bfe434f22e9aa593b236330470621bd35552bc2eb979cb1eb05d055b87e7de1f8bde&scene=58&subscene=0#rd) -- 虎符智库 - - [ ] [厚雪翻长坡,平淡不平凡:2024年网安产业发展态势剖析及2025年趋势展望](https://mp.weixin.qq.com/s?__biz=MzIwNjYwMTMyNQ==&mid=2247492937&idx=1&sn=eac85a2e8d53918cee8a65c4ad935830&chksm=971d884ba06a015d1c88f5e338ffa29adba7552fcc1c63dd404cbab21a6a508226f88500bf16&scene=58&subscene=0#rd) -- 青衣十三楼飞花堂 - - [ ] [你们可以调戏飞花堂了](https://mp.weixin.qq.com/s?__biz=MzUzMjQyMDE3Ng==&mid=2247487930&idx=1&sn=061cb565fbd0b5f0a5d754835656e58f&chksm=fab2d285cdc55b93453c5c4517e23599a8527cb0315540799c22c5ada2b5e5ba6d03d7da885e&scene=58&subscene=0#rd) + - [ ] [特斯拉充电桩一天被入侵两次,电动汽车基础设施网络安全引发全球关注](https://mp.weixin.qq.com/s?__biz=MzA5ODA0NDE2MA==&mid=2649787811&idx=1&sn=4927212fd9debdf7d94032ffd45aa0a9&chksm=8893bdccbfe434da1ec3c28eee36e47d63292e7a1c711d7f6818ff6f70209bede150d2007572&scene=58&subscene=0#rd) +- 黑海洋 - IT技术知识库 + - [ ] [PixPro图床 – Github存储版](https://blog.upx8.com/4678) +- FreeBuf网络安全行业门户 + - [ ] [Shiro CVE-2020-17523 路径绕过](https://www.freebuf.com/vuls/420772.html) + - [ ] [FreeBuf周报 | 特朗普特赦暗网丝绸之路创始人;B站员工代码投毒报复用户](https://www.freebuf.com/news/420756.html) + - [ ] [Tyrant(暴君) SUID二进制文件权限提升工具](https://www.freebuf.com/sectool/420749.html) + - [ ] [黑客利用Windows RID劫持技术创建隐藏管理员账户](https://www.freebuf.com/articles/system/420811.html) + - [ ] [2025网络暴露危机报告:45%第三方应用越权访问用户数据](https://www.freebuf.com/news/420744.html) + - [ ] [黑客用假恶意软件生成器感染1.8万名“脚本小子”](https://www.freebuf.com/articles/endpoint/420809.html) + - [ ] [斯巴鲁漏洞让黑客可以远程控制数百万辆汽车](https://www.freebuf.com/news/420728.html) + - [ ] [[windows]自动锁屏程序](https://www.freebuf.com/sectool/420727.html) + - [ ] [新型人工智能“黑帽”工具:GhostGPT带来的威胁与挑战](https://www.freebuf.com/news/420724.html) +- 奇安信威胁情报中心 + - [ ] [每周高级威胁情报解读(2025.01.17~01.23)](https://mp.weixin.qq.com/s?__biz=MzI2MDc2MDA4OA==&mid=2247513863&idx=1&sn=9c4a03d780248697f3ef6da46a3760fe&chksm=ea664070dd11c9664b9d2879112628ee373660f60d7f25a7e8d14365524b15307382d82dac01&scene=58&subscene=0#rd) - 安全内参 - - [ ] [这家IT供应商被黑,导致多地公共服务被迫中断多天](https://mp.weixin.qq.com/s?__biz=MzI4NDY2MDMwMw==&mid=2247513561&idx=1&sn=2796a6ba28137e2416855e83c1d45e5f&chksm=ebfaf2f9dc8d7bef4177fa9314612f542e0997c62ce65bd62a7a54182dfee525e14ce8e1aa10&scene=58&subscene=0#rd) - - [ ] [持续贯彻关基安全!美国运安局延长管道网络安全指令有效期](https://mp.weixin.qq.com/s?__biz=MzI4NDY2MDMwMw==&mid=2247513561&idx=2&sn=815ef59fe9fe66e6e8be342a53433267&chksm=ebfaf2f9dc8d7befc4b6c6c02e08010a0431501f361b43e8f5d4bfc2c386251fdb1bd8623e09&scene=58&subscene=0#rd) -- 丁爸 情报分析师的工具箱 - - [ ] [【技巧】开源情报(OSINT):套接字理论(Socket Theory)情报分析师如何更好隐藏自己](https://mp.weixin.qq.com/s?__biz=MzI2MTE0NTE3Mw==&mid=2651148647&idx=1&sn=4df1f367b82341e8c092ea12a7dec4c8&chksm=f1af265dc6d8af4b44f8d605298e979248080faba260608e5337d953231ea561f4d414f69a65&scene=58&subscene=0#rd) + - [ ] [知名车企漏洞:只需车牌号,就能远程监控劫持数百万辆车](https://mp.weixin.qq.com/s?__biz=MzI4NDY2MDMwMw==&mid=2247513589&idx=1&sn=1b70e6f4b48c39927bb2af1c0178da71&chksm=ebfaf2d5dc8d7bc3abdb845b15e34f01c5f9cc9f45c71804e231873a3c9b8be109f58083ea60&scene=58&subscene=0#rd) + - [ ] [人数超TikTok!2024年美国医疗行业泄漏了1.8亿患者数据](https://mp.weixin.qq.com/s?__biz=MzI4NDY2MDMwMw==&mid=2247513589&idx=2&sn=3351a7a65979a78d643300f2a4dadfa5&chksm=ebfaf2d5dc8d7bc3d4cc9463e5f5a1a7ea306214b1c2ff9c9ef273fd5adadc40174c66510720&scene=58&subscene=0#rd) - 威努特安全网络 - - [ ] [十强!威努特斩获2024年网络安全优秀评选三项大奖](https://mp.weixin.qq.com/s?__biz=MzAwNTgyODU3NQ==&mid=2651130654&idx=1&sn=72ece0485d56a8dbc791b20108f0943c&chksm=80e711aeb79098b8a34f63daf9b2d40b35e548f4fb03e44e4e22727512c1edaf44485a832523&scene=58&subscene=0#rd) -- 信安之路 - - [ ] [即使变卖个人资产,也要给大家把工资补上!](https://mp.weixin.qq.com/s?__biz=MzI5MDQ2NjExOQ==&mid=2247499756&idx=1&sn=18d3cb30c32fc3d1c30f8f3e453e08a4&chksm=ec1dcfc4db6a46d24a59b9f5b73d6883c46b004ca97f3e0a2819a832775f00a0690175e9ef33&scene=58&subscene=0#rd) -- 安全学术圈 - - [ ] [期刊征文 | 暗网抑制前沿进展](https://mp.weixin.qq.com/s?__biz=MzU5MTM5MTQ2MA==&mid=2247491610&idx=1&sn=8b6c9caf92435cbd9b76b77686619972&chksm=fe2d1f91c95a9687a5251b386c368783346127d6aa161b3035246676e5d21f1ba3e728035993&scene=58&subscene=0#rd) -- 奇安信 CERT - - [ ] [【已复现】Rsync 堆缓冲区溢出漏洞(CVE-2024-12084)安全风险通告](https://mp.weixin.qq.com/s?__biz=MzU5NDgxODU1MQ==&mid=2247502951&idx=1&sn=09d5b62b3cc3e71fec3a8595f18318a2&chksm=fe79e8ffc90e61e905225d9918798d40f77be91e0a5961c95f1ab8235b4d42623eb0ecca28ad&scene=58&subscene=0#rd) - - [ ] [Oracle 2025年1月补丁日多产品高危漏洞安全风险通告](https://mp.weixin.qq.com/s?__biz=MzU5NDgxODU1MQ==&mid=2247502951&idx=2&sn=21655dd26fe10def4a6c6546fdf240d4&chksm=fe79e8ffc90e61e9fd1b2697f079954e6002507bd3d9fe45bf9331fc3c21481d0b14887ce263&scene=58&subscene=0#rd) -- 腾讯安全威胁情报中心 - - [ ] [游戏辅助的隐藏威胁|传播于游戏论坛的“Catlavan”后门分析报告](https://mp.weixin.qq.com/s?__biz=MzI5ODk3OTM1Ng==&mid=2247510023&idx=1&sn=190730a6182da1469a76c29ec479ae13&chksm=ec9f7174dbe8f86290b0ced6fb6032de62bf76e90dabb9f7bbcb0f264b0d177e146f5c205169&scene=58&subscene=0#rd) -- 安全圈 - - [ ] [【安全圈】特朗普上任首日,被囚 11 年的丝绸之路创始人获释](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067553&idx=1&sn=bad8f735186597a7ef0a02f03be5d6e4&chksm=f36e7aa1c419f3b781ca98c7976cd5a7773de11683684d499d776e2d152beb4b6d086497c9b5&scene=58&subscene=0#rd) - - [ ] [【安全圈】420万主机暴露,含VPN和路由器](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067553&idx=2&sn=ce83805d756cb11a77b84cb9413465be&chksm=f36e7aa1c419f3b73ed660099b42c7414eb3133abb1020174807cc6d27124906b801371b772d&scene=58&subscene=0#rd) - - [ ] [【安全圈】2024年近2亿人受影响,美国医疗成重点攻击目标](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067553&idx=3&sn=126c3fc5cb7d6a7dc18e3e9a213e8170&chksm=f36e7aa1c419f3b73f5070ef02018ac480c01ce4abcf00f26ead2c9550281e5931adb0e75eec&scene=58&subscene=0#rd) - - [ ] [【安全圈】7-Zip 漏洞可让远程攻击者绕过保护并执行任意代码](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067553&idx=4&sn=2c06e2c2a5011eb86894033a1e6c41fc&chksm=f36e7aa1c419f3b7663e1033a2b71bafbadf19c12ebb839d8cc5c2a954da81be8f83c2a04925&scene=58&subscene=0#rd) -- 信息安全国家工程研究中心 - - [ ] [小年纳福,满载祝愿](https://mp.weixin.qq.com/s?__biz=MzU5OTQ0NzY3Ng==&mid=2247498734&idx=1&sn=2d5de0a8283c56deb2559e0af561e376&chksm=feb67afdc9c1f3eb9c541f85173a09a82542709c15edcc23d9d2c392cfb951aaa72acb7894a7&scene=58&subscene=0#rd) -- 腾讯科恩实验室 - - [ ] [游戏辅助的隐藏威胁|传播于游戏论坛的“Catlavan”后门分析报告](https://mp.weixin.qq.com/s?__biz=MzU1MjgwNzc4Ng==&mid=2247512659&idx=1&sn=ca99588eed415d2fdbdd87c4e666b662&chksm=fbfe8e56cc89074039ffcc9bb0544c3f4285b0fb28a480034307d88019f5b1fa8e610a5e494e&scene=58&subscene=0#rd) -- dotNet安全矩阵 - - [ ] [.NET 通过代码审计发现 ERP 系统中两个任意文件上传漏洞](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498371&idx=1&sn=d7e51b293b5afd36bf501f82d547e678&chksm=fa59546ecd2edd789772877b71ddaf889a171c0baebaed5bc5d84e1dc59ec80a6efff9da250e&scene=58&subscene=0#rd) - - [ ] [.NET 安全攻防知识交流社区](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498371&idx=2&sn=cbf2bdba768768419faf4c4791dd2c1b&chksm=fa59546ecd2edd78ca9bfcbd53bc87340dd852aad612de53fa03fd221f56cf441ed2ed07d75c&scene=58&subscene=0#rd) - - [ ] [通过 Sharp4SuoPoc 从原理上复现 Visual Studio 投毒事件](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498371&idx=3&sn=81f6211052fdbd84bfa5f5b833c14bea&chksm=fa59546ecd2edd78667ab8745d36715a39fb789abb78742e20b611f6645859db72e35cbd719d&scene=58&subscene=0#rd) + - [ ] [中方回应美对中网络攻击,惠普公司开发文件泄漏 | 一周特辑](https://mp.weixin.qq.com/s?__biz=MzAwNTgyODU3NQ==&mid=2651130852&idx=1&sn=f1f55221d3afc7e74434b9d7e1180e95&chksm=80e71154b7909842dc785813844722ccaa15f8f08962db7fa984f1c156c60c4f4f285e6932e1&scene=58&subscene=0#rd) +- 看雪学苑 + - [ ] [大众DP BR X8跳转清理 & a5分析](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458589258&idx=1&sn=c1333a825d642b84f6494440d9d8f10c&chksm=b18c28c086fba1d62346bd0549dfc0cce7d6a264896bff49ec6fa9c67d09e41b8e76e90d5097&scene=58&subscene=0#rd) + - [ ] [职位更新!好工作不等人](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458589258&idx=2&sn=0f3ea01777f154e98bec7ccb0214b51c&chksm=b18c28c086fba1d624ad70b554e691e9d88be8caa3deb07a854e332421e9924bf50e15a3c4b9&scene=58&subscene=0#rd) + - [ ] [特斯拉汽车被“重点关注”,Pwn2Own Automotive 2024首日曝出24个零日漏洞](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458589258&idx=3&sn=1ee9c0b4428aba7d94dead806b1d1cb1&chksm=b18c28c086fba1d68376c00b114728f746f713fc2982b933066eb6ecbdc12c0081c2b3bb1411&scene=58&subscene=0#rd) + - [ ] [学它!Browser Pwn Chrome V8篇](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458589258&idx=4&sn=f3db39003003caac0baa29b1e79f959e&chksm=b18c28c086fba1d6bd9cfde7e242476b6f95ecc53d490d7adb507edeb3df6e00bbe7c43f3169&scene=58&subscene=0#rd) - 代码卫士 - - [ ] [7-Zip 修复高危的 Windows MoTW 安全告警绕过漏洞](https://mp.weixin.qq.com/s?__biz=MzI2NTg4OTc5Nw==&mid=2247522153&idx=1&sn=b0d2973a6eb87e554fb62b7ddfa10dfb&chksm=ea94a603dde32f1580de59ef6a2b8fb600c6cbb237024a672b5a02660c7fc1f7184f617fce4c&scene=58&subscene=0#rd) - - [ ] [FTC要求通用停止收集和出售驾驶员数据](https://mp.weixin.qq.com/s?__biz=MzI2NTg4OTc5Nw==&mid=2247522153&idx=2&sn=2d3b81592eb7e14fd1f16c714fa4e016&chksm=ea94a603dde32f154142371d59146a916e8ef1fa49b42310d2eb5bfe8ad83bb64ef5d322ff3e&scene=58&subscene=0#rd) + - [ ] [Oracle 2025年1月补丁日多产品高危漏洞安全风险通告](https://mp.weixin.qq.com/s?__biz=MzI2NTg4OTc5Nw==&mid=2247522169&idx=1&sn=fce75986029eae4069d3b0638d1202bd&chksm=ea94a613dde32f05ef7826dcffe2b3decd7b00ebdf610c08b0715fb2887545ac34d0f7f964dc&scene=58&subscene=0#rd) +- 丁爸 情报分析师的工具箱 + - [ ] [【智库报告】生物力量:确保美国在生物技术领域的领导地位](https://mp.weixin.qq.com/s?__biz=MzI2MTE0NTE3Mw==&mid=2651148676&idx=1&sn=1f06118ca29bead7275e53e21449c3d5&chksm=f1af26bec6d8afa8acd71cd12d352ac329764f11442e96d516ec4f5d4de731ff287f315664bb&scene=58&subscene=0#rd) +- dotNet安全矩阵 + - [ ] [文件痕迹清理,通过 Sharp4ModifyTime 修改任意文件时间戳](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498414&idx=1&sn=10c139db39735808d38c078682fce180&chksm=fa595443cd2edd55d66fb3d9017e009c5caf2c926f3df17fb94750bb82d71fe7f49bd2e51fa9&scene=58&subscene=0#rd) + - [ ] [国内最专业、最全面的 [ .NET 代码审计 ] 体系化学习交流社区](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498414&idx=2&sn=d3c80ed5d3de19b8387f42bb7cc03601&chksm=fa595443cd2edd558f74d9545543622d73ec3aaf0037dd848378945854655e763a11ac52e1cf&scene=58&subscene=0#rd) + - [ ] [通过 Sharp4Tokenvator 实现本地权限提升](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498414&idx=3&sn=ace80c4aea3efbc86df8b64024f230ba&chksm=fa595443cd2edd55b7f4ec0d4a576bc19c3cefa0a5e9de199379c5f8271cb941e2887b1ddd6d&scene=58&subscene=0#rd) +- 天御攻防实验室 + - [ ] [泄露文件揭示以色列军方与微软之间的深层联系,在加沙战争期间提供技术支持](https://mp.weixin.qq.com/s?__biz=MzU0MzgyMzM2Nw==&mid=2247486245&idx=1&sn=6c3bb1322ccb3edb14168ca734a6242b&chksm=fb04c84dcc73415bcf1d7c2f5ac99a3097bf6e51cee850fadde07cba4dc05c7d75774a1e3f00&scene=58&subscene=0#rd) +- ChaMd5安全团队 + - [ ] [Kaiji恶意样本分析_v2](https://mp.weixin.qq.com/s?__biz=MzIzMTc1MjExOQ==&mid=2247511902&idx=1&sn=5a5087aec514f7b15779c18c089f0108&chksm=e89d8786dfea0e90e92921d5e1165a96c3c07af7d978f5c64f6eb6298ffd10e0112f71c100d4&scene=58&subscene=0#rd) +- 安全圈 + - [ ] [【安全圈】斯巴鲁汽车漏洞让黑客利用 Starlink 远程控制数百万辆汽车](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067590&idx=1&sn=32ea96086da2a1f7d7b7c25530ca8d55&chksm=f36e7b46c419f2508759cde38a0b63b3f4b1442bc7655fa88acfdb556c1fefa5e78211594fc2&scene=58&subscene=0#rd) + - [ ] [【安全圈】GhostGPT – 黑客用来生成恶意软件和漏洞的新型 AI 黑帽工具](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067590&idx=2&sn=0963e1001cd7415a1987cb9c33807d8c&chksm=f36e7b46c419f2503cd6ccf7191847d24b6e5135071daedb82309bbc01b97545402cc0ff010b&scene=58&subscene=0#rd) + - [ ] [【安全圈】思科曝9.9分关键权限提升漏洞](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067590&idx=3&sn=7379d9127186d37af92f08f7a9ced06e&chksm=f36e7b46c419f25055741d6542936063bf1b5787923201949d2998d3f1120257c12deaab9a8f&scene=58&subscene=0#rd) + - [ ] [【安全圈】Chrome用户面临供应链攻击威胁,数百万人或受影响](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067590&idx=4&sn=ab568c073e0bfe554ca07ca03503f2da&chksm=f36e7b46c419f2504e60fb5ecb4e5b4587d40c40ef28fa92ddedef841c052dddeb060feb9d4a&scene=58&subscene=0#rd) +- M01N Team + - [ ] [每周蓝军技术推送(2025.1.18-1.24)](https://mp.weixin.qq.com/s?__biz=MzkyMTI0NjA3OA==&mid=2247494044&idx=1&sn=356681967a014551977e5051389b8f15&chksm=c184298df6f3a09b94ddf8530ba9a609f1a4b3b5f9613ec89ba358c061f0b4d9593c735c2599&scene=58&subscene=0#rd) +- 吾爱破解论坛 + - [ ] [吾爱破解论坛精华集2024](https://mp.weixin.qq.com/s?__biz=MjM5Mjc3MDM2Mw==&mid=2651141621&idx=1&sn=3f4c02af5506cb4440b9bc873071e716&chksm=bd50a5a18a272cb726747cfc86d50e65fcb43108e02ccddb2e78de7a82d173eb3bb2f4c05463&scene=58&subscene=0#rd) +- 嘶吼专业版 + - [ ] [针对 Chrome 浏览器扩展程序网络钓鱼活动的新细节被披露](https://mp.weixin.qq.com/s?__biz=MzI0MDY1MDU4MQ==&mid=2247580965&idx=1&sn=7b271d77d7ae3794e77995267c934acf&chksm=e9146d1fde63e4097053f87e00d408e479510a2c67f11147c47b8735ea28cd8466e12a464d04&scene=58&subscene=0#rd) + - [ ] [新的 UEFI 安全启动漏洞使系统暴露于 bootkit](https://mp.weixin.qq.com/s?__biz=MzI0MDY1MDU4MQ==&mid=2247580965&idx=2&sn=35ac8cf9ec1bfacb175b8622720863e2&chksm=e9146d1fde63e40910e314cac61af17533c328067d6bd015df8402266ba7692efae9a049c79f&scene=58&subscene=0#rd) - 中国信息安全 - - [ ] [专题·人工智能安全治理 | 人工智能安全治理的中国认知与方案](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235367&idx=1&sn=297855efd370925c872f5757635232be&chksm=8b58039ebc2f8a88688e473f6a44b4c239be99a0ba5386a09e21cf1d002e5dcdd7e2325f74a9&scene=58&subscene=0#rd) - - [ ] [专家解读 | 魏亮:统筹布局国家数据基础设施,夯实数据要素价值释放基础](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235367&idx=2&sn=25380b016bd022eb3f12db20a0ccfc4e&chksm=8b58039ebc2f8a8869cac9ab3b937000109e1bc8586b3a96741dec89798acb3e5f9040f94935&scene=58&subscene=0#rd) - - [ ] [专家观点 | 李峥:以合作开启AI“20万亿美元时代”](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235367&idx=3&sn=3d746ccbf7a383c1aedc7863ea48df60&chksm=8b58039ebc2f8a880d7e7215965672500409cf64649cd90b5c34904471aa388bcb73103ba0f7&scene=58&subscene=0#rd) - - [ ] [前沿 | 人工智能赋能网络空间作战](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235367&idx=4&sn=c17951f71c4e1d4580510b7ec0275644&chksm=8b58039ebc2f8a88b47c7a35f7dc8a087f071e32ef0532f12bf4124a44b87ca50bad5d909c41&scene=58&subscene=0#rd) - - [ ] [国际 | 域外国家网络信息治理制度](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235367&idx=5&sn=6ddc0df87190ccc4b866a5a488ce4fb3&chksm=8b58039ebc2f8a8896afda5e765776e17020efd79d33c784f1366c5562fad84ffa2dff0a63cd&scene=58&subscene=0#rd) - - [ ] [观点 | 面对深度伪造视频我们可以做什么](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235367&idx=6&sn=1ed425e7056807c6c44ddd42f4cb1512&chksm=8b58039ebc2f8a884bcb07c456537203d4b50492e19be7158c46536ddef4697201d18a32a6b9&scene=58&subscene=0#rd) - - [ ] [评论 | 打破AI谣言“黑箱”,需要社会共治](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235367&idx=7&sn=2cb7b1348c0399a07373f5b5204e5aff&chksm=8b58039ebc2f8a88d98241c6473a4a5e4f8e0c55edc0ed31581cd87507a5b76f11dd3cadae3c&scene=58&subscene=0#rd) + - [ ] [专题·人工智能安全治理 | 《人工智能安全治理框架》为人工智能安全发展提供重要指引](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235681&idx=1&sn=530f8234ebb092aa1a91e0c76012ae79&chksm=8b580058bc2f894ee2eae6f8c70502378a85d1c68c7854fc04a36aa415a806b70c3b95b59a89&scene=58&subscene=0#rd) + - [ ] [发布 | 国家数据局就《数据领域常用名词解释(第二批)》公开征求意见(附全文)](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235681&idx=2&sn=bf11efc7a9b860fb9b20b141baa90341&chksm=8b580058bc2f894e8a78e5460bb45f362eeed694b3371ca573a75b3fd3cc0f08ad6cab57e0ce&scene=58&subscene=0#rd) + - [ ] [专家解读 | 构建高素质人才队伍,助力数据标注产业发展](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235681&idx=3&sn=a3cb25195824a0af1ff71d0489c3fffc&chksm=8b580058bc2f894eb245d36a53ec92e5f687b6e6c66f7f71f0de296890f4298efb378db18fb8&scene=58&subscene=0#rd) + - [ ] [关注 | 检察机关依法惩治侵害企业数据安全犯罪 服务保障企业创新发展](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235681&idx=4&sn=42732fbe26b1fac5bc322a9e33b0b28a&chksm=8b580058bc2f894e0f4cbee4ba19fbc1b27fa5adfa931776ec7cb3fd7561bac3e8b4892b8ccc&scene=58&subscene=0#rd) + - [ ] [解读 | 市场监管总局发布《网络交易执法协查暂行办法》 建立健全网络交易执法协查机制提升监管效能](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235681&idx=5&sn=5c63e275dc2b4b4f5dc92f28bbbf9bd5&chksm=8b580058bc2f894e4ac6bd8b2f2a60ec364d705cfefc7db43b0fc7889dab60803743480b83bc&scene=58&subscene=0#rd) + - [ ] [发布 | 中国信通院联合发布《数据治理研究报告(2024年)》(附下载)](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235681&idx=6&sn=acbcf59882875e4e743a79a6a0213aff&chksm=8b580058bc2f894eb05f0a640a04bc0c13832cf9659cfd9cf586f741342e097e7cb4f2034b14&scene=58&subscene=0#rd) + - [ ] [国际 | 域外个人生物识别信息保护模式考察](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235681&idx=7&sn=a87473518e84e1b51f4fbc4906a29861&chksm=8b580058bc2f894efeb5cc3fd1319d517ad0008fc4cd0f9d85d46eb582042a0de18704a8873c&scene=58&subscene=0#rd) + - [ ] [评论 | 让网络交易执法协作更规范有序](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235681&idx=8&sn=2f11ec80a6ee5f872457f929a062a55f&chksm=8b580058bc2f894e56c7b4df2c980cea63ded34c1a6f34cf676f53b56d42c1167466955df122&scene=58&subscene=0#rd) - 数世咨询 - - [ ] [2024年美国医疗数据泄露:585起事件波及1.8亿用户](https://mp.weixin.qq.com/s?__biz=MzkxNzA3MTgyNg==&mid=2247534927&idx=1&sn=27a17db142bc885941f8e7cdff24512c&chksm=c1443bf2f633b2e463df61b01cdb06d125f74e36e30588da3656a4be570526cab7b66dfe24ae&scene=58&subscene=0#rd) - - [ ] [公安部公布8起打击网络黑客犯罪典型案例](https://mp.weixin.qq.com/s?__biz=MzkxNzA3MTgyNg==&mid=2247534927&idx=2&sn=2b32138cf1f6349d72f172a77aa0dd8e&chksm=c1443bf2f633b2e41762afc5662ff5168a1a405414ad7663b499af40bda5558d801e98db35a9&scene=58&subscene=0#rd) -- 看雪学苑 - - [ ] [XCTF-SUCTF 2025-部分Pwn题解](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458589076&idx=1&sn=a4d861f2130373f4a922c1529d1fba78&chksm=b18c271e86fbae08ca00e3c9447214607f5d2bfc89d8578c33474f3e72602833a386405c44e4&scene=58&subscene=0#rd) - - [ ] [7-Zip高危漏洞曝光!攻击者可绕过安全机制远程执行代码,速升级](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458589076&idx=2&sn=d0f764edebe291ce5b96f036fabe1a56&chksm=b18c271e86fbae08b860c61d822fe9c14f3216204f7890876285cf7d58d7086a9d18b2c2002e&scene=58&subscene=0#rd) - - [ ] [更新5节!系统0day 安全-企业级网络设备固件漏洞挖掘(第7期)](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458589076&idx=3&sn=07bb4636837dcc2fbabded998321ad6e&chksm=b18c271e86fbae086f08a8628ae493c5626bf7b7941dbf05b7856553b1bd2011fe2f5765c6b1&scene=58&subscene=0#rd) -- 国家互联网应急中心CNCERT - - [ ] [网络安全信息与动态周报2025年第3期(1月13日-1月19日)](https://mp.weixin.qq.com/s?__biz=MzIwNDk0MDgxMw==&mid=2247499624&idx=1&sn=8064268553ca5916417015861fb3acd9&chksm=973acc0aa04d451cff471b69b6ae264370dfad346c96825845c4c4e2b621762d5af60277379b&scene=58&subscene=0#rd) -- 补天平台 - - [ ] [辞暮尔尔,烟火年年 | 补天平台春节放假通知](https://mp.weixin.qq.com/s?__biz=MzI2NzY5MDI3NQ==&mid=2247507336&idx=1&sn=8d6c060a3c6485878ea8c3f08e2d93b5&chksm=eaf995c4dd8e1cd240f87a81e954cd8badfa1ee7bc6b8880f5c8f0755698a4140faa0ccf103e&scene=58&subscene=0#rd) + - [ ] [2025年必看!人工智能重塑网络安全,超级自动化就在眼前!](https://mp.weixin.qq.com/s?__biz=MzkxNzA3MTgyNg==&mid=2247534964&idx=1&sn=cd109de22eeb6fcac5e7cd1247dd3038&chksm=c1443bc9f633b2dffee47e3c9a18afbcf4f64db84cbb2f3d5cb84383c63142f168c05adae6a9&scene=58&subscene=0#rd) - 情报分析师 - - [ ] [加沙真相被掩盖?BBC报道背后的“信息筛选”](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650559158&idx=1&sn=6312581755ed3402c281e8b588aed0a5&chksm=87117cfdb066f5eb6185844e09e4da7ee5a256338379f42723a5bb295394a5eabd6bd525c664&scene=58&subscene=0#rd) - - [ ] [揭露俄罗斯GRU的秘密行动,被指资助阿塔数千万美元](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650559158&idx=2&sn=04237d391e688d8663478dec1917a891&chksm=87117cfdb066f5eb62c527d68166b9e7581ef040a0bb3f72b651e477165fb4e85671f8d4eb56&scene=58&subscene=0#rd) - - [ ] [TikTok禁令:从事件始末到未来走向的深度剖析](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650559158&idx=3&sn=330b69e1e87d2e662ee62ac84a2df529&chksm=87117cfdb066f5ebcc303b472a145a703011592673d932403cee104f36e1641206f07c3eba87&scene=58&subscene=0#rd) -- 默安科技 - - [ ] [默安科技2025年春节值守安排](https://mp.weixin.qq.com/s?__biz=MzIzODQxMjM2NQ==&mid=2247500248&idx=1&sn=f1957f05b1fb0ede1aed87f4c0603dad&chksm=e93b36fade4cbfec2e3df9f97123506b4d13e096ac812e8ba98db9b2fcbc04073fb7839a847c&scene=58&subscene=0#rd) -- 威胁棱镜 - - [ ] [2024 年 Any.Run 恶意软件趋势报告](https://mp.weixin.qq.com/s?__biz=MzkyMzE5ODExNQ==&mid=2247487612&idx=1&sn=09a327bfbe389a1f868570bafd81d159&chksm=c1e9e7b0f69e6ea6aee11492fcd298ab2ea9cbba8c8dde6f81fa56d6591a6932ed53c6fadcab&scene=58&subscene=0#rd) + - [ ] [情报:那些事儿](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650559205&idx=1&sn=6f86b1fec7d1f4306725254f5e6db47b&chksm=87117caeb066f5b815b102a771281eb4e910b4e244ef275aa4415290e48253076ec16ad5c18b&scene=58&subscene=0#rd) + - [ ] [开源情报分析:透视一个人的多面性](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650559205&idx=2&sn=6a56dd9122e1a302bc2384123478737b&chksm=87117caeb066f5b87e14101a13336b9e6be83fbc2884d71296f17c29da9e70a956c4d40941f8&scene=58&subscene=0#rd) + - [ ] [开源情报信息,一网打尽!](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650559205&idx=3&sn=1cca5108e67070471ee51e0e1ea8dcbd&chksm=87117caeb066f5b898030d03c8c46ca801ddfd645b1e85ec75ce59eeb5cb9c54e7da072470bd&scene=58&subscene=0#rd) +- CNVD漏洞平台 + - [ ] [Oracle发布2025年1月的安全公告](https://mp.weixin.qq.com/s?__biz=MzU3ODM2NTg2Mg==&mid=2247495725&idx=1&sn=dedb6bb0dabaefa9b319ac1b7250d198&chksm=fd74c0e4ca0349f283b0e540501af4fa1eeb782340415eff1013718bda5508d4702dbdcfff2a&scene=58&subscene=0#rd) +- 火绒安全 + - [ ] [【火绒安全周报】B站员工滥用权限报复用户被开除/2000多名网红被“开盒”](https://mp.weixin.qq.com/s?__biz=MzI3NjYzMDM1Mg==&mid=2247521828&idx=1&sn=82479a718193afc90904db31f588c5e6&chksm=eb70481bdc07c10d2378d6352727843511736ac4f404c29cf9f77471d0d7f39ce10514d787ea&scene=58&subscene=0#rd) + - [ ] [诚邀渠道合作伙伴共启新征程](https://mp.weixin.qq.com/s?__biz=MzI3NjYzMDM1Mg==&mid=2247521828&idx=2&sn=3f3425eb3c27f9524fb0f2d953ca029a&chksm=eb70481bdc07c10d32197f192e668777077d45aa9eea8faf428e04c535eb84d385aa11a0d679&scene=58&subscene=0#rd) - 极客公园 - - [ ] [新总统山寨币疯狂收割 500 亿美元,只是比特币国家战略一部分?](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653072613&idx=1&sn=cb3a3b24855c3b969f4d586c72218f00&chksm=7e57d15349205845d2da4c3b22b0b9fadb97006921d79a96e31455c143851c835443f9164077&scene=58&subscene=0#rd) - - [ ] [OpenAI+软银5000亿美元投资AI基建;新 ModelY、小米 YU7实车曝光;小红书启用「rednote」|极客早知道](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653072586&idx=1&sn=01f46944418d1ed105a097f841268626&chksm=7e57d17c4920586a12299e2a2473709a61c4b7d1d33e4885d4963adcc8b3f020d715bdcf93c8&scene=58&subscene=0#rd) + - [ ] [豆包大模型 1.5 不走「捷径」,火山引擎要造「长坡厚雪」](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653072804&idx=1&sn=7fc6c4db1fad547f98df8d00ad106b33&chksm=7e57d0124920590444932c909ec415ffb185143d343e2419ea28f294c9fe2bc069783622d1a0&scene=58&subscene=0#rd) + - [ ] [我们要摆脱『过个 AI 年』这样的初级阶段了](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653072771&idx=1&sn=3149d2565c3589ac38227d8d5878597f&chksm=7e57d0354920592309f96a4d274ad464edd3d0c87637c4b30146afc4041f5f392f17627fb714&scene=58&subscene=0#rd) + - [ ] [OpenAI 推新智能体,能完成复杂任务;雷军、王传福入选全球最佳 CEO;字节游戏《决胜巅峰》开启国内公测 | 极客早知道](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653072732&idx=1&sn=0926a0b689d8e148d5c9fb4b32aa0892&chksm=7e57d0ea492059fc09eb0e9933091e0c43b3b5c2bc1d10a11b6be1acf32bb25d9c4bec737b0c&scene=58&subscene=0#rd) +- 奇安盘古 + - [ ] [2025 蛇年迎新,盘古石取证暖心献礼:红包封面大放送,更多好礼等您来!](https://mp.weixin.qq.com/s?__biz=MzI2MDA0MTYyMQ==&mid=2654404359&idx=1&sn=cb7965528fedcff57cca3c5cf9847be5&chksm=f1ade1fdc6da68eb47796fef146879a2a2b5b5b44aab25764027cf594608aba90b65b0e9004d&scene=58&subscene=0#rd) +- 字节跳动技术团队 + - [ ] [Jeddak星火计划-开启申报](https://mp.weixin.qq.com/s?__biz=MzI1MzYzMjE0MQ==&mid=2247512933&idx=1&sn=b2602ab68be9a48e636dfae7229f3144&chksm=e9d37887dea4f191941d0bb113066bf053408a8bd5796ecfeb49d90c5cf43e1920bf2dafab42&scene=58&subscene=0#rd) +- 百度安全应急响应中心 + - [ ] [限量红包封面 | 好运“嘶”声而来 滑进你的口袋](https://mp.weixin.qq.com/s?__biz=MzA4ODc0MTIwMw==&mid=2652542174&idx=1&sn=5fe0d886b064979793b3cbd19a61b7fe&chksm=8bcbb0e2bcbc39f42a01e0223d846599c26ac7e6e5fdf61cfad2eac81894c6229699bd5284b0&scene=58&subscene=0#rd) +- Tide安全团队 + - [ ] [记一次钓鱼邮件实例分析](https://mp.weixin.qq.com/s?__biz=Mzg2NTA4OTI5NA==&mid=2247519791&idx=1&sn=f8f408c3e7b57b9783fde060aff1708e&chksm=ce5dac4ef92a25583e33450d525507ab9da79d6e5fc9a15b0a7e5c799935ec0614f904647568&scene=58&subscene=0#rd) +- huasec + - [ ] [24年总结](https://mp.weixin.qq.com/s?__biz=MzIyOTY1NDE5Mg==&mid=2247485100&idx=1&sn=0d1663a53843d7a2bd0c5504c41d1514&chksm=e8be2d73dfc9a4658eb6f0680a4e62f1bd800fe5988bfcf1fe194160e0157aa434d882f6d8b8&scene=58&subscene=0#rd) +- 360数字安全 + - [ ] [春节假期,安全大模型帮你“躺赢”!](https://mp.weixin.qq.com/s?__biz=MzA4MTg0MDQ4Nw==&mid=2247579220&idx=1&sn=036d352c4a29bd9863fce78dcd7d5e64&chksm=9f8d265ca8faaf4acfd7a299e3d5b6e9edf55ef80424fc5ae53a59a7be22d2114eb1e9bd5678&scene=58&subscene=0#rd) - Over Security - Cybersecurity news aggregator - - [ ] [Ransomware in Healthcare: A Comprehensive Subsector Analysis](https://catchingphish.com/posts/f/ransomware-in-healthcare-a-comprehensive-subsector-analysis) - - [ ] [Critical zero-days impact premium WordPress real estate plugins](https://www.bleepingcomputer.com/news/security/critical-zero-days-impact-premium-wordpress-real-estate-plugins/) - - [ ] [Cloudflare CDN flaw leaks user location data, even through secure chat apps](https://www.bleepingcomputer.com/news/security/cloudflare-cdn-flaw-leaks-user-location-data-even-through-secure-chat-apps/) - - [ ] [BreachForums admin to be resentenced after appeals court slams supervised release](https://therecord.media/breachforums-resentenced-supervised-release-admin) - - [ ] [Telegram captcha tricks you into running malicious PowerShell scripts](https://www.bleepingcomputer.com/news/security/telegram-captcha-tricks-you-into-running-malicious-powershell-scripts/) - - [ ] [Flashpoint Weekly Vulnerability Insights and Prioritization Report](https://flashpoint.io/blog/flashpoint-weekly-vulnerability-insights-prioritization/) - - [ ] [China-linked hacker group targets victims in East Asia with malicious VPN installers](https://therecord.media/china-hacker-group-vpns-backdoor) - - [ ] [Trump pardons Silk Road founder Ross Ulbricht](https://therecord.media/ross-ulbricht-silk-road-pardoned-trump) - - [ ] [Trump admin tells all Democrats on intelligence oversight board to resign](https://therecord.media/trump-admin-tells-democrats-on-intel-oversight-board-to-resign) - - [ ] [Cisco warns of denial of service flaw with PoC exploit code](https://www.bleepingcomputer.com/news/security/cisco-warns-of-denial-of-service-flaw-with-poc-exploit-code/) - - [ ] [Iran and Russia deepen cyber ties with new agreement](https://therecord.media/russia-iran-cyber-ties-agreement) - - [ ] [PowerSchool hacker claims they stole data of 62 million students](https://www.bleepingcomputer.com/news/security/powerschool-hacker-claims-they-stole-data-of-62-million-students/) - - [ ] [Come tracciare la sicurezza della software supply chain](https://guerredirete.substack.com/p/come-tracciare-la-sicurezza-della) - - [ ] [Trump administration fires members of cybersecurity review board in “horribly shortsighted” decision](https://techcrunch.com/2025/01/22/trump-administration-fires-members-of-cybersecurity-review-board-in-horribly-shortsighted-decision/) - - [ ] [Oh my .. ! - Suspicious network traffic detected including Ransomware](https://dfir.ch/posts/suspicious_network_traffic_ransomware/) - - [ ] [Conduent confirms cybersecurity incident behind recent outage](https://www.bleepingcomputer.com/news/security/conduent-confirms-cybersecurity-incident-behind-recent-outage/) - - [ ] [Windows 11 24H2 now also offered to all eligible Windows 10 PCs](https://www.bleepingcomputer.com/news/microsoft/microsoft-expands-windows-11-24h2-rollout-to-eligible-windows-10-pcs/) - - [ ] [MasterCard DNS Error Went Unnoticed for Years](https://krebsonsecurity.com/2025/01/mastercard-dns-error-went-unnoticed-for-years/) - - [ ] [Use this AI chatbot prompt to create a password-exclusion list](https://www.bleepingcomputer.com/news/security/use-this-ai-chatbot-prompt-to-create-a-password-exclusion-list/) - - [ ] [IPany VPN breached in supply-chain attack to push custom malware](https://www.bleepingcomputer.com/news/security/ipany-vpn-breached-in-supply-chain-attack-to-push-custom-malware/) - - [ ] [Hackers exploit 16 zero-days on first day of Pwn2Own Automotive 2025](https://www.bleepingcomputer.com/news/security/hackers-exploit-16-zero-days-on-first-day-of-pwn2own-automotive-2025/) - - [ ] [Trump administration removes private sector leaders from all DHS panels, including CSRB](https://therecord.media/trump-dhs-removal-private-sector-members-advisory-boards) - - [ ] [Questions grow over whether Baltic Sea cable damage was sabotage or accidental](https://therecord.media/finland-eagle-s-tanker-questions-over-alleged-sabotage) - - [ ] [Targeted supply chain attack against Chrome browser extensions](https://blog.sekoia.io/targeted-supply-chain-attack-against-chrome-browser-extensions/) - - [ ] [How Threat Intelligence Lookup Helps Enterprises](https://any.run/cybersecurity-blog/how-threat-intelligence-lookup-helps-enterprises/) - - [ ] [Australian Cyber Security Centre Targets Bulletproof Hosting Providers to Disrupt Cybercrime Networks](https://cyble.com/blog/acsc-highlights-bulletproof-hosting-providers/) - - [ ] [La battaglia di Lyptsi e l’evoluzione della guerra robotizzata](https://www.guerredirete.it/la-battaglia-di-lyptsi-e-levoluzione-della-guerra-robotizzata/) - - [ ] [Preventing Phishing Attacks, Before They Catch You](https://www.kelacyber.com/blog/preventing-phishing-attacks-before-they-catch-you/) - - [ ] [Welhof - 107,292 breached accounts](https://haveibeenpwned.com/PwnedWebsites#Welhof) - - [ ] [Frame & Optic - 15,678 breached accounts](https://haveibeenpwned.com/PwnedWebsites#FrameAndOptic) - - [ ] [Denuvo Analysis | Connor-Jay's Blog](https://connorjaydunn.github.io/blog/posts/denuvo-analysis/) - - [ ] [Cyble Finds Thousands of Security Vendor Credentials on Dark Web](https://cyble.com/blog/thousands-of-security-vendor-credentials-found-on-dark-web/) + - [ ] [Update: New Details on the Medusa Ransomware Attack on Hospital El Cruce](https://www.suspectfile.com/update-new-details-on-the-medusa-ransomware-attack-on-hospital-el-cruce/) + - [ ] [More than 2,000 SonicWall devices vulnerable to critical zero-day](https://therecord.media/sonicwall-devices-exposed-zero-day) + - [ ] [Politicization of intel oversight board could threaten key US-EU data transfer agreement](https://therecord.media/politicization-of-pclob-could-threaten-key-eu-us-data-transfer-agreement) + - [ ] [Zyxel warns of bad signature update causing firewall boot loops](https://www.bleepingcomputer.com/news/security/zyxel-warns-of-bad-signature-update-causing-firewall-boot-loops/) + - [ ] [Microsoft to deprecate WSUS driver synchronization in 90 days](https://www.bleepingcomputer.com/news/microsoft/microsoft-to-deprecate-wsus-driver-synchronization-in-90-days/) + - [ ] [At least $69 million stolen from crypto platform Phemex in suspected cyberattack](https://therecord.media/69-million-stolen-cyberattack-crypto-platform-phemex) + - [ ] [Subaru Starlink flaw let hackers hijack cars in US and Canada](https://www.bleepingcomputer.com/news/security/subaru-starlink-flaw-let-hackers-hijack-cars-in-us-and-canada/) + - [ ] [Hackers use Windows RID hijacking to create hidden admin account](https://www.bleepingcomputer.com/news/security/hackers-use-windows-rid-hijacking-to-create-hidden-admin-account/) + - [ ] [Hospital El Cruce takes its website offline following a severe cyberattack](https://www.suspectfile.com/hospital-el-cruce-takes-its-website-offline-following-a-severe-cyberattack/) + - [ ] [PayPal penalized $2 million over data breach involving 35K Social Security numbers](https://therecord.media/paypal-penalty-millions-data-breach) + - [ ] [Update #6: blog e argomenti live](https://roccosicilia.com/2025/01/24/update-6-blog-e-argomenti-live/) + - [ ] [Hacker infects 18,000 "script kiddies" with fake malware builder](https://www.bleepingcomputer.com/news/security/hacker-infects-18-000-script-kiddies-with-fake-malware-builder/) + - [ ] [Oltre il 90% dei Microsoft Exchange Server è ancora vulnerabile a ProxyLogon](https://www.securityinfo.it/2025/01/24/oltre-il-90-dei-microsoft-exchange-server-e-ancora-vulnerabile-a-proxylogon/) + - [ ] [Managed Detection and Response – How are you monitoring?](https://www.bleepingcomputer.com/news/security/managed-detection-and-response-how-are-you-monitoring/) + - [ ] [Microsoft: Outdated Exchange servers fail to auto-mitigate security bugs](https://www.bleepingcomputer.com/news/security/microsoft-outdated-exchange-servers-fail-to-auto-mitigate-security-bugs/) + - [ ] [Sintesi riepilogativa delle campagne malevole nella settimana del 18 – 24 gennaio](https://cert-agid.gov.it/news/sintesi-riepilogativa-delle-campagne-malevole-nella-settimana-del-18-24-gennaio/) + - [ ] [Unlocking Vulnrichment: Enhancing CVE Data for Smarter Vulnerability Management](https://cyble.com/blog/cisa-reveals-vulnrichment-management-for-cve-data/) + - [ ] [Anatomy of an Exploit Chain: CISA, FBI Detail Ivanti CSA Attacks](https://cyble.com/blog/ivanti-csa-attacks-cisa-fbi-expose-exploit-chain/) + - [ ] [Seasoning email threats with hidden text salting](https://blog.talosintelligence.com/seasoning-email-threats-with-hidden-text-salting/) + - [ ] [UK to examine undersea cable vulnerability as Russian spy ship spotted in British waters](https://therecord.media/britain-undersea-cables-russian-spy-ship) + - [ ] [Hackers get $886,250 for 49 zero-days at Pwn2Own Automotive 2025](https://www.bleepingcomputer.com/news/security/hackers-get-886-250-for-49-zero-days-at-pwn2own-automotive-2025/) + - [ ] [USB Army Knife: The Ultimate Close Access Penetest Tool](https://www.mobile-hacker.com/2025/01/24/usb-army-knife-the-ultimate-close-access-penetest-tool/) + - [ ] [Malware Redirects WordPress Traffic to Harmful Sites](https://blog.sucuri.net/2025/01/malware-redirects-wordpress-traffic-to-harmful-sites.html) - Krypt3ia - - [ ] [Krypt3ia’s Survival Guide for Safe Communications in Today’s Internet and Social Media Landscape](https://krypt3ia.wordpress.com/2025/01/22/krypt3ias-survival-guide-for-safe-communications-in-todays-internet-and-social-media-landscape/) - - [ ] [Krypt3ia Daily Threat Intel Digest 1.22.25](https://krypt3ia.wordpress.com/2025/01/22/krypt3ia-daily-threat-intel-digest-1-22-25/) -- 迪哥讲事 - - [ ] [某攻防演练|从404页面到接管阿里云](https://mp.weixin.qq.com/s?__biz=MzIzMTIzNTM0MA==&mid=2247496928&idx=1&sn=871a0d0002a589ed9b98ae6ed97158f9&chksm=e8a5fe83dfd27795744d51346215bef2df4e6387a31ad6a46cc7cb07b0d3a71b274a5f895b82&scene=58&subscene=0#rd) -- Have I Been Pwned latest breaches - - [ ] [Frame & Optic - 15,678 breached accounts](https://haveibeenpwned.com/PwnedWebsites#FrameAndOptic) - - [ ] [Welhof - 107,292 breached accounts](https://haveibeenpwned.com/PwnedWebsites#Welhof) -- 360数字安全 - - [ ] [“以模制模”!360大模型安全解决方案获权威机构推荐](https://mp.weixin.qq.com/s?__biz=MzA4MTg0MDQ4Nw==&mid=2247579180&idx=1&sn=9c7924d356a6e97806314b7890ec70d4&chksm=9f8d2624a8faaf320e482da401f346c27512c8d91786d43e0dffb1009c7ebbe4c0274b1fcc5e&scene=58&subscene=0#rd) - - [ ] [六大行业典型案例!360霸榜2024中国网络安全产业势能榜](https://mp.weixin.qq.com/s?__biz=MzA4MTg0MDQ4Nw==&mid=2247579180&idx=2&sn=9620c63a3e0e81ef64b85953dda3a2d7&chksm=9f8d2624a8faaf322a4f0e24696a63b8d7a266a0ec61b3612dc8b22a492bc005b327a0400fd7&scene=58&subscene=0#rd) + - [ ] [Krypt3ia Daily Cyber Threat Intelligence (CTI) Digest](https://krypt3ia.wordpress.com/2025/01/24/krypt3ia-daily-cyber-threat-intelligence-cti-digest-2/) - ICT Security Magazine - - [ ] [Eventi Cybersecurity 2025 – Il futuro della sicurezza digitale](https://www.ictsecuritymagazine.com/notizie/eventi-cybersecurity-2025-il-futuro-della-sicurezza-digitale/) - - [ ] [Anomaly Detection tramite Neural Networks: identificazione di pattern anomali e prevenzione dei cyber attacchi](https://www.ictsecuritymagazine.com/articoli/anomaly-detection-sec/) -- SANS Internet Storm Center, InfoCON: green - - [ ] [ISC Stormcast For Thursday, January 23rd, 2025 https://isc.sans.edu/podcastdetail/9292, (Wed, Jan 22nd)](https://isc.sans.edu/diary/rss/31618) - - [ ] [Catching CARP: Fishing for Firewall States in PFSync Traffic, (Wed, Jan 22nd)](https://isc.sans.edu/diary/rss/31616) - - [ ] [ISC Stormcast For Wednesday, January 22nd, 2025 https://isc.sans.edu/podcastdetail/9290, (Wed, Jan 22nd)](https://isc.sans.edu/diary/rss/31614) -- 嘶吼专业版 - - [ ] [2024中国网络安全产业势能榜优能企业「电力行业」典型案例展示](https://mp.weixin.qq.com/s?__biz=MzI0MDY1MDU4MQ==&mid=2247580933&idx=1&sn=200f586bf5e6ebc5b131de6824aa91ce&chksm=e9146d3fde63e429d8233882c021aca40e581dd642e4fb6699b9d5e926f90a92500d920177dd&scene=58&subscene=0#rd) - - [ ] [Otelier 遭遇网络攻击导致数百万酒店预订信息泄露](https://mp.weixin.qq.com/s?__biz=MzI0MDY1MDU4MQ==&mid=2247580933&idx=2&sn=0a59602d0f6ce921931618ecc83d85d6&chksm=e9146d3fde63e4290f78a380c4fe948178ab82a46e7ba25bb0f7b2a8e6881c6c448b52c28a91&scene=58&subscene=0#rd) -- Posts By SpecterOps Team Members - Medium - - [ ] [Entra Connect Attacker Tradecraft: Part 2](https://posts.specterops.io/entra-connect-attacker-tradecraft-part-2-672df0147abc?source=rss----f05f8696e3cc---4) -- 火绒安全 - - [ ] [QQ音乐遭遇“白加黑”利用,网站被劫持推广传奇私服](https://mp.weixin.qq.com/s?__biz=MzI3NjYzMDM1Mg==&mid=2247521743&idx=1&sn=7d0d609cffb045d031bdba1a74baee80&chksm=eb704bf0dc07c2e6f4ce1baf70c50eae31af800684d54c7bb88be8c67e11cdd0d9cef32321a1&scene=58&subscene=0#rd) - - [ ] [诚邀渠道合作伙伴共启新征程](https://mp.weixin.qq.com/s?__biz=MzI3NjYzMDM1Mg==&mid=2247521743&idx=2&sn=c4bb1454856772f63647451003483a12&chksm=eb704bf0dc07c2e6695c9ab8933305dc28c4873fdd7326e88f3d667e611aadc0c77505fa29e3&scene=58&subscene=0#rd) + - [ ] [Cybersecurity e infrastrutture critiche sottomarine: Analisi delle vulnerabilità e strategie di resilienza nella backbone globale](https://www.ictsecuritymagazine.com/articoli/infrastrutture-critiche-sottomarine/) +- Securityinfo.it + - [ ] [Oltre il 90% dei Microsoft Exchange Server è ancora vulnerabile a ProxyLogon](https://www.securityinfo.it/2025/01/24/oltre-il-90-dei-microsoft-exchange-server-e-ancora-vulnerabile-a-proxylogon/?utm_source=rss&utm_medium=rss&utm_campaign=oltre-il-90-dei-microsoft-exchange-server-e-ancora-vulnerabile-a-proxylogon) +- 希潭实验室 + - [ ] [第114篇:美国NSA量子DNS注入攻击技术,揭秘网络战的隐蔽手段QUANTUMDNS](https://mp.weixin.qq.com/s?__biz=MzkzMjI1NjI3Ng==&mid=2247487346&idx=1&sn=8c754ccbec08542992cce032cf7abcbf&chksm=c25fc009f528491fd031a9b145f7cf7f95dfda1164b98ab9fd5412b66f551cb85004a6eb533b&scene=58&subscene=0#rd) +- 迪哥讲事 + - [ ] [通用漏洞挖掘技巧](https://mp.weixin.qq.com/s?__biz=MzIzMTIzNTM0MA==&mid=2247496940&idx=1&sn=a33f04e5fdb7818531eeda42ebf4b6e7&chksm=e8a5fe8fdfd277997c45b33df7177e2c0c39f4bb4e23b55308bf8a8ad59a087cb0ab7dace1d4&scene=58&subscene=0#rd) +- 网络安全回收站 + - [ ] [大模型系列之LLaMA Factory微调学习](https://mp.weixin.qq.com/s?__biz=Mzg2MTc1NDAxMA==&mid=2247484342&idx=1&sn=58be391a85f1cab4cdd6b7b0b41b1300&chksm=ce130443f9648d55205cc7a98a9fe40d7f0727f8daa16072fa35b7a71c3bd4150fe9e98a5e97&scene=58&subscene=0#rd) +- 滴滴安全应急响应中心 + - [ ] [DSRC 祝大家新年快乐(内含红包封面)](https://mp.weixin.qq.com/s?__biz=MzA3Mzk1MDk1NA==&mid=2651908507&idx=1&sn=090d7d7a925c36caa9bed1158c3df7ce&chksm=84e37a1eb394f30889713a4a086f93c4d2b0954159a8cc113501e5116bd0d79c3b47bd7b1818&scene=58&subscene=0#rd) +- 赛博回忆录 + - [ ] [36岁,本命年,再学一次安全](https://mp.weixin.qq.com/s?__biz=MzIxNDAyNjQwNg==&mid=2456099378&idx=1&sn=6c4312c836d50eb123463580236e3747&chksm=803c6bfbb74be2ed0ec59125bedcc4fd901ee5570ff68d872f74921ed684c13dcaf999cda2c5&scene=58&subscene=0#rd) +- Schneier on Security + - [ ] [Friday Squid Blogging: Beaked Whales Feed on Squid](https://www.schneier.com/blog/archives/2025/01/friday-squid-blogging-beaked-whales-feed-on-squid.html) - Instapaper: Unread - - [ ] [Experts found multiple flaws in Mercedes-Benz infotainment system](https://securityaffairs.com/173275/hacking/mercedes-benz-infotainment-system-flaws.html) - - [ ] [Windows BitLocker Vulnerability(CVE-2025-21210) Exploited in Randomization Attack](https://cybersecuritynews.com/windows-bitlocker-vulnerability-exploited/) - - [ ] [Report riepilogativo sulle tendenze delle campagne malevole analizzate dal CERT-AGID nel 2024](https://cert-agid.gov.it/news/report-riepilogativo-sulle-tendenze-delle-campagne-malevole-analizzate-dal-cert-agid-nel-2024/) - - [ ] [13,000 MikroTik Routers Hijacked by Botnet for Malspam and Cyberattacks](https://thehackernews.com/2025/01/13000-mikrotik-routers-hijacked-by.html) - - [ ] [Il 15enne che ha violato …](https://roccosicilia.com/2025/01/21/il-15enne-che-ha-violato/) - - [ ] [Mirai Botnet Launches Record 5.6 Tbps DDoS Attack with 13,000+ IoT Device](https://thehackernews.com/2025/01/mirai-botnet-launches-record-56-tbps.html) + - [ ] [iOS Stolen Device Protection](https://cellebrite.com/en/ios-stolen-device-protection/) + - [ ] [The Internet is (once again) awash with IoT botnets delivering record DDoSes](https://arstechnica.com/security/2025/01/the-internet-is-once-again-awash-with-iot-botnets-delivering-record-ddoses/) + - [ ] [What Is Jump List Cache](https://www.cybertriage.com/blog/what-is-jump-list-cache/) + - [ ] [Subaru Car Vulnerability Lets Hackers Control Millions of Cars Remotely Using Starlink](https://cybersecuritynews.com/subaru-car-vulnerability-lets-hackers-control-the-millions-of-cars-remotely/) + - [ ] [Torna Itasec 2025, il più grande evento dedicato alla cybersecurity in Italia](https://www.wired.it/article/itasec-2025-conferenza-cybersecurity-italia/) - Graham Cluley - - [ ] [Half a million hotel guests at risk after hackers accessed sensitive data](https://www.bitdefender.com/en-us/blog/hotforsecurity/half-a-million-hotel-guests-at-risk-after-hackers-accessed-sensitive-data) -- The Grey Corner - - [ ] [Accessing the Kubernetes API using captured credentials and HTTP clients](/2025/01/22/accessing-the-kubernetes-api-using-captured.html) -- Trend Micro Research, News and Perspectives - - [ ] [Invisible Prompt Injection: A Threat to AI Security](https://www.trendmicro.com/en_us/research/25/a/invisible-prompt-injection-secure-ai.html) -- Security Affairs - - [ ] [Pwn2Own Automotive 2025 Day 1: organizers awarded $382,750 for 16 zero-days](https://securityaffairs.com/173344/hacking/pwn2own-automotive-2025-day-1.html) - - [ ] [Two ransomware groups abuse Microsoft’s Office 365 platform to gain access to target organizations](https://securityaffairs.com/173328/cyber-crime/ransomware-groups-abuse-microsofts-office-365-platform.html) - - [ ] [Cloudflare blocked a record-breaking 5.6 Tbps DDoS attack](https://securityaffairs.com/173318/cyber-crime/cloudflare-blocked-record-5-6-tbps-ddos-attack.html) - - [ ] [A 7-Zip bug allows to bypass the Mark of the Web (MotW) feature](https://securityaffairs.com/173310/hacking/7-zip-flaw-bypass-the-mark-of-the-web-motw.html) -- Palo Alto Networks Blog - - [ ] [A New Era of Protection — Multicloud Security](https://www.paloaltonetworks.com/blog/2025/01/multicloud-security/) + - [ ] [Be careful what you say about data leaks in Turkey, new law could mean prison for reporting hacks](https://www.tripwire.com/state-of-security/new-law-could-mean-prison-reporting-data-leaks) +- TorrentFreak + - [ ] [PIPCU Uses UK IPO’s ‘Surplus Millions’ to Wage War on IPTV Pirates](https://torrentfreak.com/pipcu-utilizes-uk-ipos-surplus-millions-to-wage-war-on-iptv-pirates-250124/) +- SANS Internet Storm Center, InfoCON: green + - [ ] [[Guest Diary] How Access Brokers Maintain Persistence, (Fri, Jan 24th)](https://isc.sans.edu/diary/rss/31600) + - [ ] [ISC Stormcast For Friday, January 24th, 2025 https://isc.sans.edu/podcastdetail/9294, (Fri, Jan 24th)](https://isc.sans.edu/diary/rss/31622) +- The Hacker News + - [ ] [RANsacked: Over 100 Security Flaws Found in LTE and 5G Network Implementations](https://thehackernews.com/2025/01/ransacked-over-100-security-flaws-found.html) + - [ ] [2025 State of SaaS Backup and Recovery Report](https://thehackernews.com/2025/01/insights-from-2025-saas-backup-and-recovery-report.html) + - [ ] [DoJ Indicts 5 Individuals for $866K North Korean IT Worker Scheme Violations](https://thehackernews.com/2025/01/doj-indicts-5-individuals-for-866k.html) + - [ ] [Android's New Identity Check Feature Locks Device Settings Outside Trusted Locations](https://thehackernews.com/2025/01/androids-new-identity-check-feature.html) + - [ ] [CISA Adds Five-Year-Old jQuery XSS Flaw to Exploited Vulnerabilities List](https://thehackernews.com/2025/01/cisa-adds-five-year-old-jquery-xss-flaw.html) +- Technical Information Security Content & Discussion + - [ ] [Someone wrote an Anti-Crawler/Scraper Trap](https://www.reddit.com/r/netsec/comments/1i93pzl/someone_wrote_an_anticrawlerscraper_trap/) + - [ ] [USB Army Knife: Close Access Pentest Tool with VNC, Marauder, network adapter etc.](https://www.reddit.com/r/netsec/comments/1i8rdf5/usb_army_knife_close_access_pentest_tool_with_vnc/) + - [ ] [WinVisor: A proof-of-concept hypervisor-based emulator for Windows x64 binaries](https://www.reddit.com/r/netsec/comments/1i8nnii/winvisor_a_proofofconcept_hypervisorbased/) + - [ ] [Static Source Code Security Scanning Tools Evaluation Benchmark](https://www.reddit.com/r/netsec/comments/1i8q5mc/static_source_code_security_scanning_tools/) +- Blackhat Library: Hacking techniques and research + - [ ] [URGENT : File transfers](https://www.reddit.com/r/blackhat/comments/1i8ryzg/urgent_file_transfers/) - The Register - Security - - [ ] [Trump 'waved a white flag to Chinese hackers' as Homeland Security axed cyber advisory boards](https://go.theregister.com/feed/www.theregister.com/2025/01/22/dhs_axes_cyber_advisory_boards/) - - [ ] [Supply chain attack hits Chrome extensions, could expose millions](https://go.theregister.com/feed/www.theregister.com/2025/01/22/supply_chain_attack_chrome_extension/) - - [ ] [Give users confidence in your digital infrastructure](https://go.theregister.com/feed/www.theregister.com/2025/01/22/give_users_confidence_in_your/) - - [ ] [Microsoft issues out-of-band fix for Windows Server 2022 NUMA glitch](https://go.theregister.com/feed/www.theregister.com/2025/01/22/windows_server_numa_glitch/) - - [ ] [Silk Road's Dread Pirate Roberts walks free as Trump pardons dark web kingpin](https://go.theregister.com/feed/www.theregister.com/2025/01/22/silk_road_founder_freed/) - - [ ] [Infosec was literally the last item in Trump's policy plan, yet major changes are likely on his watch](https://go.theregister.com/feed/www.theregister.com/2025/01/22/trump_cyber_policy/) - - [ ] [Ransomware scum make it personal for Reg readers by impersonating tech support](https://go.theregister.com/feed/www.theregister.com/2025/01/22/ransomware_crews_abuse_microsoft_teams/) - - [ ] [PowerSchool theft latest: Decades of Canadian student records, data from 40-plus US states feared stolen](https://go.theregister.com/feed/www.theregister.com/2025/01/22/powerschool_canada_lawsuits/) -- Krebs on Security - - [ ] [MasterCard DNS Error Went Unnoticed for Years](https://krebsonsecurity.com/2025/01/mastercard-dns-error-went-unnoticed-for-years/) + - [ ] [AI chatbot startup founder, lawyer wife accused of ripping off investors in $60M fraud](https://go.theregister.com/feed/www.theregister.com/2025/01/24/ai_startup_founder_wife_indicted/) + - [ ] [Don't want your Kubernetes Windows nodes hijacked? Patch this hole now](https://go.theregister.com/feed/www.theregister.com/2025/01/24/kubernetes_windows_nodes_bug/) + - [ ] [North Korean dev who renamed himself 'Bane' accused of IT worker fraud caper](https://go.theregister.com/feed/www.theregister.com/2025/01/24/north_korean_devs_and_their/) + - [ ] [China and friends claim success in push to stamp out tech support cyber-scam slave camps](https://go.theregister.com/feed/www.theregister.com/2025/01/24/lancang_mekong_anti_cyberscam_cooperation/) + - [ ] [Court rules FISA Section 702 surveillance of US resident was unconstitutional](https://go.theregister.com/feed/www.theregister.com/2025/01/24/section_702_court/) - Deep Web - - [ ] [Trump pardons Ross Ulbricht, fulfilling campaign promise](https://www.reddit.com/r/deepweb/comments/1i6y6ca/trump_pardons_ross_ulbricht_fulfilling_campaign/) - - [ ] [I just know Ross feels like a million bucks. Just yesterday this man had a whole life sentence, shiiiiit Welcome home tho Ross !](https://www.reddit.com/r/deepweb/comments/1i7eaxs/i_just_know_ross_feels_like_a_million_bucks_just/) + - [ ] [What do you do when you find something you aren’t suppose to find?](https://www.reddit.com/r/deepweb/comments/1i8tie9/what_do_you_do_when_you_find_something_you_arent/) +- Computer Forensics + - [ ] [Which Digital Forensic proprietary Tool is better for processing and Analysis?](https://www.reddit.com/r/computerforensics/comments/1i8qcho/which_digital_forensic_proprietary_tool_is_better/) + - [ ] [Magnet Axiom Questions](https://www.reddit.com/r/computerforensics/comments/1i90lqz/magnet_axiom_questions/) + - [ ] [Memory Forensics](https://www.reddit.com/r/computerforensics/comments/1i8rssu/memory_forensics/) + - [ ] [Metadata and iMessage - Is key information stripped?](https://www.reddit.com/r/computerforensics/comments/1i8y0rn/metadata_and_imessage_is_key_information_stripped/) + - [ ] [Preferred Methodology for ediscovery extraction for forensic images?](https://www.reddit.com/r/computerforensics/comments/1i8x4s0/preferred_methodology_for_ediscovery_extraction/) - Your Open Hacker Community - - [ ] [I made a hack for AssaultCube with a menu](https://www.reddit.com/r/HowToHack/comments/1i7mzwg/i_made_a_hack_for_assaultcube_with_a_menu/) - - [ ] [using monitor and managed mode at the same time? (debian trixie, mt7921)](https://www.reddit.com/r/HowToHack/comments/1i7pe1p/using_monitor_and_managed_mode_at_the_same_time/) - - [ ] [Where do you find enjoyment/interest from hacking/cyber sec](https://www.reddit.com/r/HowToHack/comments/1i7fb4c/where_do_you_find_enjoymentinterest_from/) - - [ ] [need help making bad usb](https://www.reddit.com/r/HowToHack/comments/1i7klmu/need_help_making_bad_usb/) - - [ ] [How to solve hcaptcha with solved Token?](https://www.reddit.com/r/HowToHack/comments/1i7h1d0/how_to_solve_hcaptcha_with_solved_token/) - - [ ] [Directional help](https://www.reddit.com/r/HowToHack/comments/1i7esex/directional_help/) - - [ ] [what is the difference between opening a new terminal and using tmux to start a new session?](https://www.reddit.com/r/HowToHack/comments/1i776tk/what_is_the_difference_between_opening_a_new/) - - [ ] [fake email date](https://www.reddit.com/r/HowToHack/comments/1i79d59/fake_email_date/) - - [ ] [Retrieving my website](https://www.reddit.com/r/HowToHack/comments/1i7edfe/retrieving_my_website/) - - [ ] [HELP???](https://www.reddit.com/r/HowToHack/comments/1i7fced/help/) - - [ ] [Notebook capable of brute-forcing 8-10 digit passwords (hashing algorithm doesn’t matter)](https://www.reddit.com/r/HowToHack/comments/1i798i0/notebook_capable_of_bruteforcing_810_digit/) - - [ ] [i need strategies on how to hack something specific. please message me if you want to or can help](https://www.reddit.com/r/HowToHack/comments/1i76fcl/i_need_strategies_on_how_to_hack_something/) - - [ ] [Impossible Bully](https://www.reddit.com/r/HowToHack/comments/1i75rsq/impossible_bully/) + - [ ] [Study suggestion request (Reverse engineering)](https://www.reddit.com/r/HowToHack/comments/1i8wvf2/study_suggestion_request_reverse_engineering/) + - [ ] [BadUSB Pico](https://www.reddit.com/r/HowToHack/comments/1i97jaf/badusb_pico/) + - [ ] [Bypassing simple anti-debug feature of a CTF with LD_PRELOAD flag](https://www.reddit.com/r/HowToHack/comments/1i94qfm/bypassing_simple_antidebug_feature_of_a_ctf_with/) + - [ ] [Linux and grey hacking](https://www.reddit.com/r/HowToHack/comments/1i93ulo/linux_and_grey_hacking/) + - [ ] [Please read if you are new to hacking with limited skills](https://www.reddit.com/r/HowToHack/comments/1i93c0c/please_read_if_you_are_new_to_hacking_with/) + - [ ] [Outlook hacked and I cannot disable the messages forwarding to hackers](https://www.reddit.com/r/HowToHack/comments/1i97cos/outlook_hacked_and_i_cannot_disable_the_messages/) + - [ ] [People say that Linux needs no Antivirus... really? Can Linux really detect ZIP Bombs?](https://www.reddit.com/r/HowToHack/comments/1i99foc/people_say_that_linux_needs_no_antivirus_really/) + - [ ] [Hidden profiles on Apple devices, weird 3rd party licenses etc. Brand new out of box Pixel Phone was already compromised on start up.](https://www.reddit.com/r/HowToHack/comments/1i97wfi/hidden_profiles_on_apple_devices_weird_3rd_party/) + - [ ] [Finding the identity of scammers](https://www.reddit.com/r/HowToHack/comments/1i92om6/finding_the_identity_of_scammers/) + - [ ] [Hash cat](https://www.reddit.com/r/HowToHack/comments/1i935ub/hash_cat/) + - [ ] [Google reviews delete](https://www.reddit.com/r/HowToHack/comments/1i8wear/google_reviews_delete/) + - [ ] [I suspect an ex-friend is creating sock puppet accounts on fb to harass my friend. Is there a way to track these accounts back to him?](https://www.reddit.com/r/HowToHack/comments/1i8v5or/i_suspect_an_exfriend_is_creating_sock_puppet/) + - [ ] [help !!](https://www.reddit.com/r/HowToHack/comments/1i8llcl/help/) + - [ ] [Don't know if it's possible but any guidance would help immensely](https://www.reddit.com/r/HowToHack/comments/1i8lfjf/dont_know_if_its_possible_but_any_guidance_would/) + - [ ] [Help to delete google reviews](https://www.reddit.com/r/HowToHack/comments/1i8wgdx/help_to_delete_google_reviews/) + - [ ] [got deauther made up on esp8266 but having deauth issues](https://www.reddit.com/r/HowToHack/comments/1i8izpb/got_deauther_made_up_on_esp8266_but_having_deauth/) + - [ ] [Hacking Forums](https://www.reddit.com/r/HowToHack/comments/1i8q7zl/hacking_forums/) + - [ ] [Best way to learn?](https://www.reddit.com/r/HowToHack/comments/1i8k7f9/best_way_to_learn/) + - [ ] [Some help plz](https://www.reddit.com/r/HowToHack/comments/1i8p2hw/some_help_plz/) +- netsecstudents: Subreddit for students studying Network Security and its related subjects + - [ ] [Any starting guide to learn Sigma Rules ?](https://www.reddit.com/r/netsecstudents/comments/1i8yf9h/any_starting_guide_to_learn_sigma_rules/) +- 白泽安全实验室 + - [ ] [伊朗支持的APT42组织针对以色列和美国的网络钓鱼活动加剧——每周威胁情报动态第210期 (01.17-01.23)](https://mp.weixin.qq.com/s?__biz=MzI0MTE4ODY3Nw==&mid=2247492529&idx=1&sn=e2697dd686fd55f34d2f6f17950d1ddc&chksm=e90dc99bde7a408dbde9bc281a602d9c44b3177611a589528c967540a171a0bdae4fb13ef0c8&scene=58&subscene=0#rd) +- Security Affairs + - [ ] [U.S. CISA adds SonicWall SMA1000 flaw to its Known Exploited Vulnerabilities catalog](https://securityaffairs.com/173417/security/u-s-cisa-adds-sonicwall-sma1000-flaw-known-exploited-vulnerabilities-catalog.html) + - [ ] [J-magic malware campaign targets Juniper routers](https://securityaffairs.com/173408/security/j-magic-malware-campaign-targets-juniper-routers.html) + - [ ] [SonicWall warns of a critical CVE-2025-23006 zero-day likely exploited in the wild](https://securityaffairs.com/173387/security/sonicwall-warns-zero-day-sma-1000-series.html) +- Null Byte + - [ ] [iOS 18.3 Is Coming Soon — Here's What to Expect on Your iPhone](https://ios.gadgethacks.com/news/ios-18.3-features/) + - [ ] [Freeform on iOS 18: All the Features You've Been Missing Out On](https://ios.gadgethacks.com/how-to/freeform-ios-18-features/) - Hacking Exposed Computer Forensics Blog - - [ ] [Daily Blog #725: Project adaz testing part 3](https://www.hecfblog.com/2025/01/daily-blog-725-project-adaz-testing.html) -- The Hacker News - - [ ] [Trump Terminates DHS Advisory Committee Memberships, Disrupting Cybersecurity Review](https://thehackernews.com/2025/01/trump-terminates-dhs-advisory-committee.html) - - [ ] [Hackers Exploit Zero-Day in cnPilot Routers to Deploy AIRASHI DDoS Botnet](https://thehackernews.com/2025/01/hackers-exploit-zero-day-in-cnpilot.html) - - [ ] [Discover Hidden Browsing Threats: Free Risk Assessment for GenAI, Identity, Web, and SaaS Risks](https://thehackernews.com/2025/01/discover-hidden-browsing-threats-free.html) - - [ ] [President Trump Pardons Silk Road Creator Ross Ulbricht After 11 Years in Prison](https://thehackernews.com/2025/01/president-trump-pardons-silk-road.html) - - [ ] [PlushDaemon APT Targets South Korean VPN Provider in Supply Chain Attack](https://thehackernews.com/2025/01/plushdaemon-apt-targets-south-korean.html) - - [ ] [Oracle Releases January 2025 Patch to Address 318 Flaws Across Major Products](https://thehackernews.com/2025/01/oracle-releases-january-2025-patch-to.html) - - [ ] [Mirai Botnet Launches Record 5.6 Tbps DDoS Attack with 13,000+ IoT Devices](https://thehackernews.com/2025/01/mirai-botnet-launches-record-56-tbps.html) -- Technical Information Security Content & Discussion - - [ ] [Attacks on Maven proxy repositories](https://www.reddit.com/r/netsec/comments/1i7hf2w/attacks_on_maven_proxy_repositories/) - - [ ] [Stealing HttpOnly cookies with the cookie sandwich technique](https://www.reddit.com/r/netsec/comments/1i7i6k7/stealing_httponly_cookies_with_the_cookie/) - - [ ] [Pivot into Azure DevOps using stolen sessions](https://www.reddit.com/r/netsec/comments/1i7chgt/pivot_into_azure_devops_using_stolen_sessions/) - - [ ] [Next.js, cache, and chains: the stale elixir](https://www.reddit.com/r/netsec/comments/1i779q3/nextjs_cache_and_chains_the_stale_elixir/) - - [ ] [Testing Prompt Injection Attacks with promptmap2](https://www.reddit.com/r/netsec/comments/1i7dcs2/testing_prompt_injection_attacks_with_promptmap2/) -- Schneier on Security - - [ ] [AI Will Write Complex Laws](https://www.schneier.com/blog/archives/2025/01/ai-will-write-complex-laws.html) -- Computer Forensics - - [ ] [RSMF samples](https://www.reddit.com/r/computerforensics/comments/1i7iq8q/rsmf_samples/) -- TorrentFreak - - [ ] [Tech Industry Urges EU to Halt Italy’s Overreaching Anti-Piracy Measures](https://torrentfreak.com/tech-industry-urges-eu-to-halt-italys-overreaching-anti-piracy-measures-250122/) - - [ ] [Telegram ‘Suspends RuTracker’s Channel’ For Copyright Infringement](https://torrentfreak.com/telegram-suspends-rutrackers-channel-for-copyright-infringement-250122/) -- Information Security - - [ ] [How to make your own choatic Map function?](https://www.reddit.com/r/Information_Security/comments/1i7lq5h/how_to_make_your_own_choatic_map_function/) -- Deeplinks - - [ ] [Texas Is Enforcing Its State Data Privacy Law. So Should Other States.](https://www.eff.org/deeplinks/2025/01/texas-enforcing-its-state-data-privacy-law-so-should-other-states) - - [ ] [The FTC’s Ban on GM and OnStar Selling Driver Data Is a Good First Step](https://www.eff.org/deeplinks/2025/01/ftcs-ban-gm-and-onstar-selling-driver-behavior-good-first-step) - - [ ] [VICTORY! Federal Court (Finally) Rules Backdoor Searches of 702 Data Unconstitutional](https://www.eff.org/deeplinks/2025/01/victory-federal-court-finally-rules-backdoor-searches-702-data-unconstitutional) - - [ ] [Protecting “Free Speech” Can’t Just Be About Targeting Political Opponents](https://www.eff.org/deeplinks/2025/01/protecting-free-speech-cant-just-be-about-targeting-political-opponents) -- 网安寻路人 - - [ ] [美商务部《保障ICT供应链:联网汽车》规则(全文翻译)](https://mp.weixin.qq.com/s?__biz=MzIxODM0NDU4MQ==&mid=2247506068&idx=1&sn=c5502bc907a76a432d06dd4e9098d0ad&chksm=97e9657ea09eec68b79604df8d37e514ee417e337a622644f90cec47ae5279e4ff5696c56c0d&scene=58&subscene=0#rd) + - [ ] [Daily Blog #727: Experimenting with Deepseek v3](https://www.hecfblog.com/2025/01/daily-blog-727-experimenting-with.html) - Security Weekly Podcast Network (Audio) - - [ ] [The Future Of The CISO - Jeff Pollard, Jess Burn - BSW #379](http://sites.libsyn.com/18678/the-future-of-the-ciso-jeff-pollard-jess-burn-bsw-379) + - [ ] [Cursive Funk, Microsoft, Ivanti, Sonic Wall, Exchange, PowerSchool, Aaran Leyland... - SWN #445](http://sites.libsyn.com/18678/cursive-funk-microsoft-ivanti-sonic-wall-exchange-powerschool-aaran-leyland-swn-445) From 1e9a9cf4ad314462e9537debec5c34a087e0ed5e Mon Sep 17 00:00:00 2001 From: chainreactorbot Date: Sun, 26 Jan 2025 02:46:54 +0000 Subject: [PATCH 19/29] =?UTF-8?q?=E6=AF=8F=E6=97=A5=E5=AE=89=E5=85=A8?= =?UTF-8?q?=E8=B5=84=E8=AE=AF=EF=BC=882025-01-26=EF=BC=89?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- archive/daily/2025/2025-01-26.md | 293 +++++++++++++ archive/tmp/2025-01-26.json | 333 +++++++++++++++ today.md | 686 ++++++++++++------------------- 3 files changed, 900 insertions(+), 412 deletions(-) create mode 100644 archive/daily/2025/2025-01-26.md create mode 100644 archive/tmp/2025-01-26.json diff --git a/archive/daily/2025/2025-01-26.md b/archive/daily/2025/2025-01-26.md new file mode 100644 index 0000000000..ab559dbbf3 --- /dev/null +++ b/archive/daily/2025/2025-01-26.md @@ -0,0 +1,293 @@ +# 每日安全资讯(2025-01-26) + +- Doonsec's feed + - [ ] [警惕|售前入狱指南:这位售前你距离坐牢不远了!](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485458&idx=1&sn=9c60eaa180e3edb21006f196ba6c6518) + - [ ] [北七家-未来科学城,3居变4居豪装,理想楼层/户型/朝向](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485458&idx=2&sn=19fb3438286fd12eb54126cd7136650d) + - [ ] [【干货】笑傲职场的独家经验(1)](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485458&idx=3&sn=ad9e291ae7c68eaafb4b70da0eef178b) + - [ ] [【干货原创】实网攻防演习常态化,会带来什么变化01](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485458&idx=4&sn=8567b1848a15aab3cee265d3e05a46fd) + - [ ] [【干货原创】K12教育,鲜为人知的模式秘密](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485458&idx=5&sn=92aa960ab33f52675d9b6b79b5ed7ea4) + - [ ] [原创文章目录](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485458&idx=6&sn=b77d297edf19d3464057813560074b7e) + - [ ] [揭秘渗透测试:网络安全的“攻防演练”](https://mp.weixin.qq.com/s?__biz=MzkzNzg3NzQxMQ==&mid=2247485725&idx=1&sn=8d1e5ccb6b7c188932d3595352f0f8a0) + - [ ] [缓冲区溢出学习及漏洞复现](https://mp.weixin.qq.com/s?__biz=Mzg3OTUxNTU2NQ==&mid=2247490021&idx=1&sn=028614c59fd8634bc196652737ddd7a3) + - [ ] [渗透技巧 | 小白都能会的通用漏洞挖掘技巧](https://mp.weixin.qq.com/s?__biz=Mzg3OTUxNTU2NQ==&mid=2247490021&idx=2&sn=78ca373b771055bfce301e58e2d94839) + - [ ] [红队视角:揭秘内网提权的技术迷宫](https://mp.weixin.qq.com/s?__biz=Mzg3OTUxNTU2NQ==&mid=2247490021&idx=3&sn=632b1f8c8140edb7f8e1988a027d8c9b) + - [ ] [FTP匿名登录](https://mp.weixin.qq.com/s?__biz=MzU2MTc4NTEyNw==&mid=2247486443&idx=1&sn=52541552cd1d17a0619cb76a02adaca0) + - [ ] [【重要通知】春节福利来啦!](https://mp.weixin.qq.com/s?__biz=Mzk0OTUwNTU5Nw==&mid=2247489028&idx=1&sn=57cc2f38012be369cda3b8eb27af4955) + - [ ] [【资讯】特朗普签署行政命令取消拜登人工智能政策:美国政策的“朝令夕改”](https://mp.weixin.qq.com/s?__biz=MzI2MTE0NTE3Mw==&mid=2651148689&idx=1&sn=0707627dd1c290fd861d390ad8100390) + - [ ] [14【邮件安全】如何防护窃密类攻击](https://mp.weixin.qq.com/s?__biz=MzI1OTUyMTI2MQ==&mid=2247484819&idx=1&sn=969fd46dcff0cbeb1f0ca33b50c1d3f8) + - [ ] [梦想启航,共赴新征程 | 神州希望年度盛典活动圆满落幕](https://mp.weixin.qq.com/s?__biz=MzA4Mzg1ODMwMg==&mid=2650725002&idx=1&sn=469a2e3a5e9cd84f5ec595e1bfa74f1a) + - [ ] [人民银行拟明确,泄露1000万条敏感个人信息为特别重大网络安全事件](https://mp.weixin.qq.com/s?__biz=Mzg4NzQ4MzA4Ng==&mid=2247485190&idx=1&sn=3cdb10b152e37983478b1501ddae2549) + - [ ] [记一次细得不行的账户权限提升](https://mp.weixin.qq.com/s?__biz=MzIzMTIzNTM0MA==&mid=2247496946&idx=1&sn=fd344274014da8f4d5f0705d21c1080a) + - [ ] [GBT43766-2024智能网联汽车运行安全测试技术要求](https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247620095&idx=1&sn=c2a4526918174ccfc0842f3acd11e526) + - [ ] [GB T 44774-2024 汽车信息安全应急响应管理规范-市场监督总局、国标委](https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247620095&idx=2&sn=f195194edfff51e852f90ffb8c5cec5a) + - [ ] [GB_T 44778-2024 汽车诊断接口信息安全技术要求及试验方法](https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247620095&idx=3&sn=2776df80864788f31772fc62bf486e70) + - [ ] [【云安全】云原生-Docker(五)容器逃逸之漏洞利用](https://mp.weixin.qq.com/s?__biz=MzUyNTUyNTA5OQ==&mid=2247484704&idx=1&sn=410d5b5fae6bf9431286297a0a2c6170) + - [ ] [攻防技战术动态一周更新 - 20240120](https://mp.weixin.qq.com/s?__biz=MzkzODc4NjE1OQ==&mid=2247483911&idx=1&sn=c5a229f591045a08ac05482732c1d08a) + - [ ] [带你解锁编码新世界!--随波逐流CTF编码工具使用教程42 --Decabit密码](https://mp.weixin.qq.com/s?__biz=MzU2NzIzNzU4Mg==&mid=2247489624&idx=1&sn=ea44aafbf7384a7687c319f17c02fa2d) + - [ ] [【安全圈】2000余名网红遭信息“开盒” 嫌疑人获利几十万元](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067606&idx=1&sn=06c7d132a1649380a5b7629742f5d3f7) + - [ ] [【安全圈】微软 Win10 / Win11 新威胁:RID 劫持可提权至管理员控制你的 PC](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067606&idx=2&sn=efa053f9e1755bb17193b5a5868fb8ce) + - [ ] [【安全圈】新的 Cleo 零日 RCE 漏洞在数据盗窃攻击中被利用](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067606&idx=3&sn=6473d53d9a207bfac9888ca3a543bbf8) + - [ ] [【安全圈】新的 UEFI 安全启动漏洞使系统暴露于 bootkit](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067606&idx=4&sn=e8ae1a9dfb9fb649575b0d8a5414a82d) + - [ ] [LockBit4.0勒索病毒攻击](https://mp.weixin.qq.com/s?__biz=MzA4ODEyODA3MQ==&mid=2247490159&idx=1&sn=3e0c4cafcaf49897fc3ae2b21c46ba3c) + - [ ] [Lynx勒索病毒攻击](https://mp.weixin.qq.com/s?__biz=MzA4ODEyODA3MQ==&mid=2247490159&idx=2&sn=407c03ec89b98548a00d3dcdb55d47ef) + - [ ] [【InForSec 2025年会青年学者论坛回顾】冀晓宇:从传感器安全到“传感器 +X”安全](https://mp.weixin.qq.com/s?__biz=MzA4ODYzMjU0NQ==&mid=2652317459&idx=1&sn=4c4bfe832913a3872ec09ee631b9274b) + - [ ] [【InForSec 2025年会青年学者论坛回顾】白家驹:操作系统的自动化缺陷检测](https://mp.weixin.qq.com/s?__biz=MzA4ODYzMjU0NQ==&mid=2652317459&idx=2&sn=d42e0048046537509a0b9169907c9801) + - [ ] [【InForSec 2025年会青年学者论坛回顾】闫琛:传感器电磁安全与隐私问题研究](https://mp.weixin.qq.com/s?__biz=MzA4ODYzMjU0NQ==&mid=2652317459&idx=3&sn=619b1c123e6a6165f24ed57ff9fd391a) + - [ ] [【InForSec 2025年会青年学者论坛回顾】刁文瑞:移动生态安全探索:从系统漏洞到大规模测量](https://mp.weixin.qq.com/s?__biz=MzA4ODYzMjU0NQ==&mid=2652317459&idx=4&sn=0d016310221e528e230f05da6f3b14de) + - [ ] [【InForSec 2025年会青年学者论坛回顾】南雨宏:程序分析视角下的敏感数据管控:从移动应用到智能合约](https://mp.weixin.qq.com/s?__biz=MzA4ODYzMjU0NQ==&mid=2652317459&idx=5&sn=c5a7798acca47b172a583897d568c7ef) + - [ ] [【InForSec 2025年会青年学者论坛回顾】范铭:移动应用个人信息保护场景下的合规验证探索与思考](https://mp.weixin.qq.com/s?__biz=MzA4ODYzMjU0NQ==&mid=2652317459&idx=6&sn=7be8c4556e1d37b0d94079969cbb7958) + - [ ] [【InForSec 2025年会青年学者论坛回顾】申文博:从AI框架到xPU硬件:智能系统安全研究](https://mp.weixin.qq.com/s?__biz=MzA4ODYzMjU0NQ==&mid=2652317459&idx=7&sn=044afe640aa525a285b3dcc87f2a146d) + - [ ] [【全网首发】SpiderX—JS前端加密绕过攻防神器](https://mp.weixin.qq.com/s?__biz=MzkxOTU3MDY4MQ==&mid=2247484523&idx=1&sn=1c96baa85e02951ab6e157f8318b63fb) + - [ ] [新春红包封面快来领取!](https://mp.weixin.qq.com/s?__biz=MzI5MTIwOTQ5MA==&mid=2247487645&idx=1&sn=f24d76bc9fff29975309ff6ee71836c9) + - [ ] [友数聚 CPAS审计管理系统V4 getCurserIfAllowLogin SQL注入漏洞](https://mp.weixin.qq.com/s?__biz=MzkzMTcwMTg1Mg==&mid=2247490331&idx=1&sn=d0bc2a23252891fc43749fa31443df71) + - [ ] [CVE-2024-43451 Windows NTLM 漏洞,允许攻击者使用恶意快捷方式强制身份验证并捕获 NTLM 哈希](https://mp.weixin.qq.com/s?__biz=MzAxMjYyMzkwOA==&mid=2247527185&idx=1&sn=e316e52a9c3df272305888245af343f8) + - [ ] [CVE-2024-43468 :通过 PoC 代码揭示 Microsoft Configuration Manager 漏洞](https://mp.weixin.qq.com/s?__biz=MzAxMjYyMzkwOA==&mid=2247527185&idx=2&sn=67cbf97affd8106486d5097a7d773cf7) + - [ ] [交大捷普春节保障通知请查收~](https://mp.weixin.qq.com/s?__biz=MzI2MzU0NTk3OA==&mid=2247506078&idx=1&sn=51b1726bf07b4140dd5c7c740c641c5f) + - [ ] [汽车功能安全](https://mp.weixin.qq.com/s?__biz=MzIzOTc2OTAxMg==&mid=2247549597&idx=1&sn=56e746b1a81acc0ff1f756fb0a6919bd) + - [ ] [车载电子控制系统解析:ECU、VCU、MCU、HCU的区别与功能](https://mp.weixin.qq.com/s?__biz=MzIzOTc2OTAxMg==&mid=2247549597&idx=2&sn=8782ebbf1f96b57a350bccdc3cb71cbc) + - [ ] [赛迪院长张立:强化数据标注基地引领作用 带动数据标注产业高质量发展](https://mp.weixin.qq.com/s?__biz=MjM5NzYwNDU0Mg==&mid=2649249639&idx=1&sn=b20e52f1c5bf58132694f64459558d08) + - [ ] [送走挖煤人,引进AI人——京西新年第一会聚焦“人工智能+”](https://mp.weixin.qq.com/s?__biz=MjM5NzYwNDU0Mg==&mid=2649249639&idx=2&sn=5b2eef5ca2602417c0513893881a5286) + - [ ] [京西“人工智能+”行动启动,加速赋能千行百业](https://mp.weixin.qq.com/s?__biz=MjM5NzYwNDU0Mg==&mid=2649249639&idx=3&sn=09d82edb1cb80aa30dd4e524b454846f) + - [ ] [国源天顺集团召开2025年盛大年会](https://mp.weixin.qq.com/s?__biz=Mzg3MTU1MTIzMQ==&mid=2247495900&idx=1&sn=05f3cb3068c5e19ffbae70d4a628e501) + - [ ] [【2025-01-25】黑客新闻摘要](https://mp.weixin.qq.com/s?__biz=MzIzNDU5NTI4OQ==&mid=2247488361&idx=1&sn=5e93ab8055df35d3ef08f9ecd2ab11f3) + - [ ] [中国科技期刊参与科技伦理治理的责任与边界](https://mp.weixin.qq.com/s?__biz=MzI1OTExNDY1NQ==&mid=2651618886&idx=1&sn=212dbd45b8656d38f43d2206b2613569) + - [ ] [DEC/RPC协议与Windows服务创建浅析(银狐原始进程隐匿方式之一)](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458589259&idx=1&sn=2076280e4c58e4cd0d718047946ebe83) + - [ ] [别错过!“系统0day安全”课程,带你精通漏洞挖掘技巧](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458589259&idx=2&sn=4356dec55931f1257ae44561ca3f0d3e) + - [ ] [金融大模型落地路线图研究报告(2024年)](https://mp.weixin.qq.com/s?__biz=MjM5OTk4MDE2MA==&mid=2655264523&idx=1&sn=59aaf90744fb30c1ac16698f52a91acb) + - [ ] [友数聚 CPAS审计管理系统V4 downPlugs 任意文件读取漏洞](https://mp.weixin.qq.com/s?__biz=MzkzMTcwMTg1Mg==&mid=2247490322&idx=1&sn=25c1352e1b349a1302486f7e519f7d5d) + - [ ] [特色专题 | Polar-BBCRSsig:一个基于极化码的数字签名算法](https://mp.weixin.qq.com/s?__biz=MzkwMTMyMDQ3Mw==&mid=2247597612&idx=1&sn=331a63888f0e237790f4b786ff41b4b5) + - [ ] [提升数据流通安全治理能力 促进数据流通开发利用](https://mp.weixin.qq.com/s?__biz=MzkwMTMyMDQ3Mw==&mid=2247597612&idx=2&sn=0cfbb614ace6bcfc8fba3986e85d7996) + - [ ] [CTF 流量分析秘籍](https://mp.weixin.qq.com/s?__biz=MzkyOTUxMzk2NQ==&mid=2247486072&idx=1&sn=2d8abc608068a31ba72346ffe1fbb89a) + - [ ] [【JS逆向渗透系列02】BurpSuite结合mitmproxy+JSRPC秒杀js加密的方案](https://mp.weixin.qq.com/s?__biz=MzkyOTUxMzk2NQ==&mid=2247486072&idx=2&sn=a41b8e46903c71b16c9afd325f1f0f1f) + - [ ] [【js逆向渗透系列01】利用JSRPC秒杀JS加密](https://mp.weixin.qq.com/s?__biz=MzkyOTUxMzk2NQ==&mid=2247486072&idx=3&sn=f4d030c3179188237c61992ea979ce39) + - [ ] [放假啦!](https://mp.weixin.qq.com/s?__biz=MzkxNTIwNTkyNg==&mid=2247553203&idx=1&sn=9a05203b3253d08d80b3b0b05696977d) + - [ ] [【免费领】全网最权威的大数据安全实践指南(含100例最佳实操)](https://mp.weixin.qq.com/s?__biz=MzkxNTIwNTkyNg==&mid=2247553203&idx=2&sn=a27be898f2ed0a1029b6cc567fd3e3dd) + - [ ] [xray图形化工具-Super Xray,支持自定义导入poc库](https://mp.weixin.qq.com/s?__biz=MzkzNzg4MTI0NQ==&mid=2247485448&idx=1&sn=5888106f1aed20b020b5c7cf2e2d7d53) + - [ ] [博斯外贸管理软件V6.0 log/logined.jsp SQL注入漏洞](https://mp.weixin.qq.com/s?__biz=MzkzMTcwMTg1Mg==&mid=2247490313&idx=1&sn=74c67202db6cc3e463b34c9f381ceebf) + - [ ] [祝大家新春快乐!](https://mp.weixin.qq.com/s?__biz=MzkyNTY3Nzc3Mg==&mid=2247489177&idx=1&sn=72c3b8a8302a13d9cc452781aa143d41) + - [ ] [新春抽奖开启!与奉天安全团队 & 禾信智安共迎新年好运!](https://mp.weixin.qq.com/s?__biz=Mzk0NjQ2NzQ0Ng==&mid=2247485001&idx=1&sn=6e9760b516808b96be5fe01325dabde2) + - [ ] [专项培训,学生必看!](https://mp.weixin.qq.com/s?__biz=Mzk0NjQ2NzQ0Ng==&mid=2247485001&idx=2&sn=14fae2eb52cb8f3067159cbda8857411) + - [ ] [无糖信息春节放假通知,内含2025蛇年限定红包封面限时放送!](https://mp.weixin.qq.com/s?__biz=MzAxMzkzNDA1Mg==&mid=2247513938&idx=1&sn=9d7986c230f45bb4faac2f33a765ccab) + - [ ] [黑客如何攻破一个网站?长文图解全流程](https://mp.weixin.qq.com/s?__biz=MzkxMzMyNzMyMA==&mid=2247570688&idx=1&sn=ec49ed5cec5fce5c31f4af871087a5df) + - [ ] [诸子云 | 2024评优:「十佳会员」候选人风采展示与投票](https://mp.weixin.qq.com/s?__biz=MzU5ODgzNTExOQ==&mid=2247635766&idx=1&sn=8a269692df43494fa4405040d7d5f044) + - [ ] [在看 | 周报:B站员工“代码投毒”报复用户;宁波某化工企业被境外势力获取危险源监控视频数据](https://mp.weixin.qq.com/s?__biz=MzU5ODgzNTExOQ==&mid=2247635766&idx=2&sn=8e5ca5ae820e4aa7a72644000bc4e641) + - [ ] [在看 | 厂商:本周热门网络安全产业动态](https://mp.weixin.qq.com/s?__biz=MzU5ODgzNTExOQ==&mid=2247635766&idx=3&sn=3ac33612ef10098240b1eaa09bd422a2) + - [ ] [谈谈最近](https://mp.weixin.qq.com/s?__biz=Mzg5OTkwMjEwMg==&mid=2247483889&idx=1&sn=6cf7b46c3236d2e505d7cfbba97835d2) + - [ ] [一图读懂《网络安全技术 网络安全产品互联互通 第1部分:框架》](https://mp.weixin.qq.com/s?__biz=MjM5MzMwMDU5NQ==&mid=2649170504&idx=1&sn=86ae46294ca2f8187bedbc85e99f1c64) + - [ ] [实施“持证亮牌”u3000整治违规行为——国家网信办加强互联网新闻信息服务许可管理](https://mp.weixin.qq.com/s?__biz=MjM5MzMwMDU5NQ==&mid=2649170504&idx=2&sn=9d129cd03cc85a4a2de8cc9b3a034490) + - [ ] [涉嫌非法获取公民个人信息 8家MCN机构被查处](https://mp.weixin.qq.com/s?__biz=MjM5MzMwMDU5NQ==&mid=2649170504&idx=3&sn=62aac421ce4481cd2a9e72a6bf6e2f3d) + - [ ] [AI领航安全新征程!星河安全2024年度盘点](https://mp.weixin.qq.com/s?__biz=Mzk0MTYyNTg3Mg==&mid=2247492360&idx=1&sn=bad1dda2fae75298e0870d957e44336f) + - [ ] [安全不打烊丨云天安全春节期间服务保障通知](https://mp.weixin.qq.com/s?__biz=MzI2NDYzNjY0Mg==&mid=2247501197&idx=1&sn=e573ebcd07279615fe21c417e222f7a2) + - [ ] [揭秘服务器世界三大巨头:机架式、塔式与刀片式的真正区别!](https://mp.weixin.qq.com/s?__biz=MzUyNTExOTY1Nw==&mid=2247528007&idx=1&sn=7a2b2de8e2eb075aecfd0d928c2e05b6) + - [ ] [请查收~来自盛邦安全的致谢回信](https://mp.weixin.qq.com/s?__biz=MzAwNTAxMjUwNw==&mid=2650277635&idx=1&sn=fba61f10dfea6a44afeef10a1bca780f) + - [ ] [四叶草安全春节公告](https://mp.weixin.qq.com/s?__biz=MjM5MTI2NDQzNg==&mid=2654552288&idx=1&sn=96a0015a0fd5500a90ae8527883b410c) + - [ ] [【证书和报告信息】中国移动通信集团有限公司-网络安全大模型系统](https://mp.weixin.qq.com/s?__biz=Mzg5MzQ5NjQyNw==&mid=2247486184&idx=1&sn=1c59eb46d046850475159b39f42ee3a6) + - [ ] [【灵蛇贺新岁】平航科技2025年春节假期放假通知](https://mp.weixin.qq.com/s?__biz=MzI0OTEyMTk5OQ==&mid=2247494113&idx=1&sn=ce6e94d556fc3aff1a62646f32aa492c) + - [ ] [告别SecureCRT!这些SSH工具更强大、更好用,网络工程师必备!](https://mp.weixin.qq.com/s?__biz=MzIyMzIwNzAxMQ==&mid=2649464706&idx=1&sn=2f28514a24bcc488d05ac8b16894f3a1) + - [ ] [开发|渗透报告生成系统+框架反序列化分析+防护建议](https://mp.weixin.qq.com/s?__biz=MzIzNDU5Mzk2OQ==&mid=2247486379&idx=1&sn=f2d6bb9d94a484a4ddaf43a851625d65) + - [ ] [一图读懂中央经济工作会议→](https://mp.weixin.qq.com/s?__biz=MzA5MzU5MzQzMA==&mid=2652114248&idx=1&sn=3110c71638dad598cdd5a97b9819d8dc) + - [ ] [事关Stargate项目,说点你不知道的内幕!](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650559242&idx=1&sn=65609027c9fddad943535044bcb06811) + - [ ] [“懂王”重出江湖:前100日计划剖析(2万字资料附下载)](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650559242&idx=2&sn=812122521348cdc4a1414ee0000a67b8) + - [ ] [src实战 | CE工具的妙用-绕过签名](https://mp.weixin.qq.com/s?__biz=Mzk0NzM4NzI1MA==&mid=2247486229&idx=1&sn=59f7a5d451e4f06ec7e5710355a16705) + - [ ] [对 404 站点的漏洞挖掘](https://mp.weixin.qq.com/s?__biz=MzU5NjYwNDIyOQ==&mid=2247484826&idx=1&sn=5f81afa2c8c6ec0ad22c685de58a12d2) + - [ ] [暗网:CAI 的非常规来源](https://mp.weixin.qq.com/s?__biz=MzkwOTE5MDY5NA==&mid=2247504700&idx=1&sn=8a70db6ed5d20c468504787680ea612c) + - [ ] [从 404 到未授权](https://mp.weixin.qq.com/s?__biz=MzU5NjYwNDIyOQ==&mid=2247484823&idx=1&sn=4a5b521198ea04ffdba91a69f4efa10e) + - [ ] [美国国防部官方社交媒体集体进入“静默期”](https://mp.weixin.qq.com/s?__biz=MzkzNDIzNDUxOQ==&mid=2247494513&idx=1&sn=bc5c4c56b49b937818cbaf41ea395f3b) + - [ ] [安全值守 | 众智维科技春节假期应急保障服务不打烊](https://mp.weixin.qq.com/s?__biz=MzU5Mjg0NzA5Mw==&mid=2247493910&idx=1&sn=de7d9c74b0ba445a83102b5027b37773) + - [ ] [好险差点被他赚到了](https://mp.weixin.qq.com/s?__biz=Mzk0MzY3MDE5Mg==&mid=2247483995&idx=1&sn=345fa8d0bf969a4ac8f5b9a4f3b1d09c) + - [ ] [【吃瓜】无需三倍](https://mp.weixin.qq.com/s?__biz=MzIxNTIzNTExMQ==&mid=2247490849&idx=1&sn=c8a921eac811f6f2a83cba435599a30a) + - [ ] [天才](https://mp.weixin.qq.com/s?__biz=MzIxNTIzNTExMQ==&mid=2247490847&idx=1&sn=84840a0e8ecb596122fdf56a541247b5) + - [ ] [分享图片](https://mp.weixin.qq.com/s?__biz=MzI3Njc1MjcxMg==&mid=2247494345&idx=1&sn=ec9ef6a77576df47945933c5408a8861) + - [ ] [在受限的 Rails 应用程序中通过任意文件写入实现 RCE](https://mp.weixin.qq.com/s?__biz=MzAxMjYyMzkwOA==&mid=2247527156&idx=1&sn=ce41716d54949eb8045c2dec96ee44a6) + - [ ] [【威胁分析】针对韩国国内某知名律师事务所的APT攻击](https://mp.weixin.qq.com/s?__biz=MzAxMjYyMzkwOA==&mid=2247527156&idx=2&sn=d815a0b641f861682118ebb4b2e25335) + - [ ] [JADXecute:用于动态反编译器操作的 JADX-gui 脚本插件](https://mp.weixin.qq.com/s?__biz=MzAxMjYyMzkwOA==&mid=2247527156&idx=3&sn=bdacefab7871ac08e043ac3166998058) + - [ ] [从Pegasus到Predator:iOS商业间谍软件的演进](https://mp.weixin.qq.com/s?__biz=MzU0MzgyMzM2Nw==&mid=2247486250&idx=1&sn=daa031ff26b9773e0177492de181ba56) + - [ ] [国外警务前沿科技汇编](https://mp.weixin.qq.com/s?__biz=MzkwMTQyODI4Ng==&mid=2247495745&idx=1&sn=5df2228249f174df3b21b5ad777b6253) + - [ ] [2024年全球邮件威胁报告](https://mp.weixin.qq.com/s?__biz=MzkwMTQyODI4Ng==&mid=2247495745&idx=2&sn=80c37d4771e7c654aa7609d6fe590b24) + - [ ] [知名车企漏洞:只需车牌号,就能远程监控劫持数百万辆车](https://mp.weixin.qq.com/s?__biz=MzkwMTQyODI4Ng==&mid=2247495745&idx=3&sn=d62bd25906c870e0c8433a02109f5b5a) + - [ ] [ip2domain - 批量查询ip对应域名、备案信息、百度等引擎权重](https://mp.weixin.qq.com/s?__biz=MzkyNTYzMTg3OQ==&mid=2247485770&idx=1&sn=302f7c091ef90f0df97ed162bfb265c5) + - [ ] [网络安全的红利还能吃几年?](https://mp.weixin.qq.com/s?__biz=Mzg4Nzk3MTg3MA==&mid=2247487709&idx=1&sn=cbd8920e80714a50eed133a0b2ee35d3) + - [ ] [ISO 14001: 2015 标准详解与实施(26)10.3 持续改进](https://mp.weixin.qq.com/s?__biz=MzA5OTEyNzc1Nw==&mid=2247486030&idx=1&sn=d1459a0a8bca440750d5ade3b58f0f0e) + - [ ] [ISO 14001: 2015 标准详解与实施(25)10.2 不符合和纠正措施](https://mp.weixin.qq.com/s?__biz=MzA5OTEyNzc1Nw==&mid=2247486030&idx=2&sn=dae87bd98e4387cf93f0a87aa96eed81) + - [ ] [ISO 14001: 2015 标准详解与实施(24)10.1 总则](https://mp.weixin.qq.com/s?__biz=MzA5OTEyNzc1Nw==&mid=2247486030&idx=3&sn=c318bf65327a033e932d389b8a90ea16) + - [ ] [ISO 14001: 2015 标准详解与实施(23)9.3 管理评审](https://mp.weixin.qq.com/s?__biz=MzA5OTEyNzc1Nw==&mid=2247486030&idx=4&sn=a85135f37d7c333ef6c878c315f88c41) + - [ ] [ISO 14001: 2015 标准详解与实施(22)9.2 内部审核](https://mp.weixin.qq.com/s?__biz=MzA5OTEyNzc1Nw==&mid=2247486030&idx=5&sn=1f187b414d8a14d47c9649240b678ac0) + - [ ] [锦岳智慧:2025年春节安全保障,守护同行!](https://mp.weixin.qq.com/s?__biz=MzkxMzQwNDcxNg==&mid=2247486852&idx=1&sn=d3ddf1a54d505e65a457ae3c2b896aa1) + - [ ] [DIDCTF-2021第三届长安杯-检材一](https://mp.weixin.qq.com/s?__biz=MzkxMTcyMDczOQ==&mid=2247489692&idx=1&sn=4146be09a799bbf76d261eab4bc980d1) + - [ ] [数字安全:智·盾·鉴,CSA开启2025](https://mp.weixin.qq.com/s?__biz=MzkwMTM5MDUxMA==&mid=2247503000&idx=1&sn=20276e85c2972647250674828c0b5a5f) + - [ ] [impacket解读(三. smbclient、secretsdump)](https://mp.weixin.qq.com/s?__biz=Mzg5NTkxNzg4MA==&mid=2247489975&idx=1&sn=7faa781ae4e91430c6f32732213c32c2) + - [ ] [[网络安全]新春红包封面](https://mp.weixin.qq.com/s?__biz=MzkyMDY1MDI3OA==&mid=2247483803&idx=1&sn=4dff124cc0784638e204ea08b191b63f) + - [ ] [【吃瓜】某手机厂商被泰国个人数据保护委员会 (PDPC) 发出警示令](https://mp.weixin.qq.com/s?__biz=MzkzNDIzNDUxOQ==&mid=2247494502&idx=1&sn=7c132f29048506b59cb9ff3abec22f38) + - [ ] [黑客利用 XWorm RAT 攻击“脚本小子”,感染了18,000 台设备](https://mp.weixin.qq.com/s?__biz=MzkzNDIzNDUxOQ==&mid=2247494502&idx=2&sn=8d47c257885509ce00eef4bcb4c09ba4) + - [ ] [K8S 日志查询中的命令注入](https://mp.weixin.qq.com/s?__biz=MzkzNDIzNDUxOQ==&mid=2247494502&idx=3&sn=6a7f85ec2112691b2dbf7b7c1dcdfd47) + - [ ] [加密货币平台 Phemex 疑似遭遇网络攻击,至少 6900 万美元被盗](https://mp.weixin.qq.com/s?__biz=MzkzNDIzNDUxOQ==&mid=2247494502&idx=4&sn=08e9029e44c6d29a1ca03c2a18580d55) + - [ ] [如何使用 Visual Studio 制作 Windows x86-64 Shellcode](https://mp.weixin.qq.com/s?__biz=MzAxODM5ODQzNQ==&mid=2247486555&idx=1&sn=5047769a6043ea5a95f457da525b736d) + - [ ] [《Java代码审计零基础入门到项目实战》强势来袭,手把手带你学会学好学明白!](https://mp.weixin.qq.com/s?__biz=MzkwMzMwODg2Mw==&mid=2247510468&idx=1&sn=2ae06cf6770737f7e101b3a16bf48cd9) + - [ ] [吾爱破解论坛微信红包封面(60000份)](https://mp.weixin.qq.com/s?__biz=MjM5Mjc3MDM2Mw==&mid=2651141639&idx=1&sn=7306868d4e210299a761b09dfab68bec) + - [ ] [工业网络安全周报-2025年第4期](https://mp.weixin.qq.com/s?__biz=MzU3ODQ4NjA3Mg==&mid=2247564979&idx=1&sn=ac7d1cc6527b4ab6cfe838bd72ec338f) + - [ ] [2024 年工控互联网态势](https://mp.weixin.qq.com/s?__biz=MzkyMzE5ODExNQ==&mid=2247487629&idx=1&sn=f51d253054a3fe4b1f53af328973c7d9) + - [ ] [2024-CISCN-长城杯-威胁检测与网络流量分析WP](https://mp.weixin.qq.com/s?__biz=Mzg4NDg3NjE5MQ==&mid=2247485366&idx=1&sn=3ba5e8dbd1076a28202b5c13eb17f8a1) + - [ ] [日本《人工智能业务指南》全文翻译](https://mp.weixin.qq.com/s?__biz=MzIxODM0NDU4MQ==&mid=2247506124&idx=1&sn=a0d99658c9689597ec9d1e77f02a0b48) + - [ ] [特朗普的“豪言壮语”与中亚的“夹缝求生”](https://mp.weixin.qq.com/s?__biz=MzkwNzM0NzA5MA==&mid=2247504827&idx=1&sn=8fc0764ae8df89d1410d2698742021c2) + - [ ] [英美强力支持HTS:一场地缘政治的“暗棋”](https://mp.weixin.qq.com/s?__biz=MzkwNzM0NzA5MA==&mid=2247504827&idx=2&sn=163ae646fa6f29298070240c3434b308) + - [ ] [印度的全球战略布局:多边关系的“棋局”与隐忧](https://mp.weixin.qq.com/s?__biz=MzkwNzM0NzA5MA==&mid=2247504827&idx=3&sn=129948fb74cb521900993d4e8e40d403) + - [ ] [安天AVL SDK反病毒引擎升级通告(20250125)](https://mp.weixin.qq.com/s?__biz=MjM5MTA3Nzk4MQ==&mid=2650209879&idx=1&sn=f064cfa0b128912c0afa12a79319a1e7) + - [ ] [邬贺铨院士展望未来10年:AI重塑互联网](https://mp.weixin.qq.com/s?__biz=Mzg4MDU0NTQ4Mw==&mid=2247528860&idx=1&sn=97b5e988dbeead145081b25e2b41e3d8) + - [ ] [2025 年将是统一网络安全的一年](https://mp.weixin.qq.com/s?__biz=Mzg4MDU0NTQ4Mw==&mid=2247528860&idx=2&sn=9b9e1062d3000976628bbf98e78b2a2d) + - [ ] [【一周安全资讯0125】工信部等十四部门联合印发《关于加强极端场景应急通信能力建设的意见》;TikTok在美暂时恢复运营](https://mp.weixin.qq.com/s?__biz=MzIzMDQwMjg5NA==&mid=2247506579&idx=1&sn=fcac61536a135611032057e715235d00) + - [ ] [2024春秋杯冬季赛PWN---WriteUp](https://mp.weixin.qq.com/s?__biz=MzkxNTc1MzQyNw==&mid=2247488757&idx=1&sn=15ce2c806f874774fadc25d433fe73d8) + - [ ] [中国人民银行业务领域网络安全事件报告管理办法(征求意见稿)](https://mp.weixin.qq.com/s?__biz=MzA5MzU5MzQzMA==&mid=2652114228&idx=1&sn=837561c72e2392e4f82cb1518786750d) + - [ ] [CCRC丨蛇年行大运,返现288!](https://mp.weixin.qq.com/s?__biz=MzU4MjUxNjQ1Ng==&mid=2247521420&idx=1&sn=b826c081b9757b44d13604d6b1564f02) + - [ ] [黑客高手暗中传播木马化的XWorm RAT,新手黑客应声沦陷](https://mp.weixin.qq.com/s?__biz=MzkyMjQ5ODk5OA==&mid=2247507094&idx=1&sn=2ea5fcd0855066b82055aaf0687123d6) + - [ ] [年度盘点丨2024年迪普科技科护航科教文卫行业数字化](https://mp.weixin.qq.com/s?__biz=MzA4NzE5MzkzNA==&mid=2650370699&idx=1&sn=027d5ffb380e0c85b361ff87b89105d5) + - [ ] [.NET 第 56 期红队武器库和资源汇总](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498450&idx=1&sn=0e544713a937f0cc0f8fe5662ece86f9) + - [ ] [.NET 内网攻防实战电子报刊](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498450&idx=2&sn=a00f3f8ae2f091ade34fc645636c1188) + - [ ] [文件痕迹清理,通过 Sharp4ModifyTime 修改任意文件时间戳](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498450&idx=3&sn=01dad887be82ec26ebc80e1de617c700) +- Private Feed for M09Ic + - [ ] [b1nhack forked b1nhack/rustaceanvim from mrcjkb/rustaceanvim](https://github.com/b1nhack/rustaceanvim) + - [ ] [phith0n starred maybe-finance/maybe](https://github.com/maybe-finance/maybe) + - [ ] [4ra1n released 4.3 at jar-analyzer/jar-analyzer](https://github.com/jar-analyzer/jar-analyzer/releases/tag/4.3) + - [ ] [safedv starred LOTTunnels/LOTTunnels.github.io](https://github.com/LOTTunnels/LOTTunnels.github.io) + - [ ] [spf13 starred zellij-org/zellij](https://github.com/zellij-org/zellij) + - [ ] [4ra1n released temurin-23.0.2 at jar-analyzer/workflow_jre](https://github.com/jar-analyzer/workflow_jre/releases/tag/temurin-23.0.2) + - [ ] [4ra1n released temurin-8u442 at jar-analyzer/workflow_jre](https://github.com/jar-analyzer/workflow_jre/releases/tag/temurin-8u442) + - [ ] [spf13 starred ryanoasis/nerd-fonts](https://github.com/ryanoasis/nerd-fonts) + - [ ] [zer0yu started following Kobzol](https://github.com/Kobzol) + - [ ] [zer0yu starred lightpanda-io/browser](https://github.com/lightpanda-io/browser) + - [ ] [zer0yu starred johnthagen/min-sized-rust](https://github.com/johnthagen/min-sized-rust) + - [ ] [zer0yu starred Automattic/harper](https://github.com/Automattic/harper) + - [ ] [zer0yu starred mtshiba/pylyzer](https://github.com/mtshiba/pylyzer) + - [ ] [safedv starred 0xNinjaCyclone/EarlyCascade](https://github.com/0xNinjaCyclone/EarlyCascade) + - [ ] [zer0yu starred Clouditera/SecGPT](https://github.com/Clouditera/SecGPT) + - [ ] [zer0yu starred DLLXW/baby-llama2-chinese](https://github.com/DLLXW/baby-llama2-chinese) + - [ ] [zer0yu started following jiayuqi7813](https://github.com/jiayuqi7813) + - [ ] [zer0yu starred opengrep/opengrep](https://github.com/opengrep/opengrep) + - [ ] [zer0yu starred jiayuqi7813/Stegsolve-rs](https://github.com/jiayuqi7813/Stegsolve-rs) + - [ ] [h3zh1 pushed to dev in chainreactors/malice-network](https://github.com/chainreactors/malice-network/compare/93f5d17f61...8482799871) +- Security Boulevard + - [ ] [Ensuring Data Safety with Comprehensive NHIDR](https://securityboulevard.com/2025/01/ensuring-data-safety-with-comprehensive-nhidr/) + - [ ] [Building Trust with Effective IAM Solutions](https://securityboulevard.com/2025/01/building-trust-with-effective-iam-solutions/) + - [ ] [Empower Your DevOps with Robust Secrets Security](https://securityboulevard.com/2025/01/empower-your-devops-with-robust-secrets-security/) + - [ ] [DEF CON 32 – Access Control Done Right The First Time](https://securityboulevard.com/2025/01/def-con-32-access-control-done-right-the-first-time/) + - [ ] [The Cybersecurity Vault Podcast 2024 Recap](https://securityboulevard.com/2025/01/the-cybersecurity-vault-podcast-2024-recap/) +- CXSECURITY Database RSS Feed - CXSecurity.com + - [ ] [Iranian Cyber Police "FATA.GOV.IR" has an SQL Injection vulnerability](https://cxsecurity.com/issue/WLB-2025010025) +- 一个被知识诅咒的人 + - [ ] [【人工智能】深入探讨Python在语义角色标注(SRL)中的应用](https://blog.csdn.net/nokiaguy/article/details/145356157) + - [ ] [【人工智能】Python中的知识图谱构建与应用](https://blog.csdn.net/nokiaguy/article/details/145356145) +- Recent Commits to cve:main + - [ ] [Update Sat Jan 25 20:23:12 UTC 2025](https://github.com/trickest/cve/commit/2fe8c0886616ef6cb2eb518d616cf2e8a8275463) + - [ ] [Update Sat Jan 25 12:20:50 UTC 2025](https://github.com/trickest/cve/commit/8a400a4ed71036fc7a505dd4115318f6a3d6ce52) + - [ ] [Update Sat Jan 25 04:28:24 UTC 2025](https://github.com/trickest/cve/commit/e50b33f96c53094e433d46411195d0a8d0241a40) +- SecWiki News + - [ ] [SecWiki News 2025-01-25 Review](http://www.sec-wiki.com/?2025-01-25) +- Hacking Dream + - [ ] [Android APK Penetration Testing Cheatsheet & Guide](https://www.hackingdream.net/2025/01/android-apk-penetration-testing-cheatsheet-guide.html) +- Twitter @bytehx + - [ ] [RT Mikhail Shcherbakov: Re @gregxsunday If you want to hear cool BB stories about how I used these gadgets, check out the #DEFCON talk https://youtu.b...](https://x.com/bytehx343/status/1883229123541454988) + - [ ] [Re @princechaddha @bryan_johnson Let me know how was it. I have been thinking about trying his protocol.](https://x.com/bytehx343/status/1883188435189703088) + - [ ] [Re @roohaa_n @Bugcrowd Congrats 🎉🎉🎉](https://x.com/bytehx343/status/1883179123394453658) + - [ ] [Hey Folks! 🚀🔥 Jsleak new version is out! If you're using #jsleak, make sure to update to the latest release, and we now support regex patterns f...](https://x.com/bytehx343/status/1883070558415589847) + - [ ] [Re @theabrahack Looks interesting. Thank you for sharing!](https://x.com/bytehx343/status/1883057186068476010) +- Hexacorn + - [ ] [Being a tool while using a tool](https://www.hexacorn.com/blog/2025/01/25/being-a-tool-while-using-a-tool/) +- Reverse Engineering + - [ ] [The invalid 68030 instruction that accidentally allowed the Mac Classic II to successfully boot up](https://www.reddit.com/r/ReverseEngineering/comments/1i9uurg/the_invalid_68030_instruction_that_accidentally/) + - [ ] [From arbitrary pointer dereference to arbitrary read/write in latest Windows 11](https://www.reddit.com/r/ReverseEngineering/comments/1i9vikr/from_arbitrary_pointer_dereference_to_arbitrary/) + - [ ] [Writing a NES emulator](https://www.reddit.com/r/ReverseEngineering/comments/1i9jont/writing_a_nes_emulator/) +- 安全牛 + - [ ] [ChatGPT又全球大面积宕机,AI助手暂时”失联”;斯巴鲁系统漏洞曝光,数百万车辆面临远程解锁并启动风险 | 牛览](https://www.aqniu.com/homenews/108166.html) + - [ ] [《智能化安全运营中心应用指南(2025年)》报告暨代表性厂商评估调研启动](https://www.aqniu.com/homenews/108165.html) +- 黑海洋 - IT技术知识库 + - [ ] [免费照片转视频 AI 生成器:PhotoToVideo](https://blog.upx8.com/4679) +- 奇客Solidot–传递最新科技情报 + - [ ] [大英博物馆遭前 IT 雇员攻击而部分关闭](https://www.solidot.org/story?sid=80424) + - [ ] [巴基斯坦议会通过法案全面控制社交媒体](https://www.solidot.org/story?sid=80423) + - [ ] [AI 犯的错误和人类不同](https://www.solidot.org/story?sid=80422) + - [ ] [数百超级富豪呼吁对其征收更高的税](https://www.solidot.org/story?sid=80421) + - [ ] [Linux 6.14 加入对微软 Copilot 按键的支持](https://www.solidot.org/story?sid=80420) +- 安全内参 + - [ ] [厚雪翻长坡,平淡不平凡:2024年网安产业发展态势剖析及2025年趋势展望](https://mp.weixin.qq.com/s?__biz=MzI4NDY2MDMwMw==&mid=2247513601&idx=1&sn=2c2baa4754e797d7e551214681e8f8c1&chksm=ebfaf121dc8d7837a7b63f349fe6d024b4c21ab2af52b9a47e85120eaef5193e6dc7a1a6fc1c&scene=58&subscene=0#rd) +- 天御攻防实验室 + - [ ] [从Pegasus到Predator:iOS商业间谍软件的演进](https://mp.weixin.qq.com/s?__biz=MzU0MzgyMzM2Nw==&mid=2247486250&idx=1&sn=daa031ff26b9773e0177492de181ba56&chksm=fb04c842cc7341547e24e5d3ef245e093b4f4fd5e1a07df102c384f7ea5aa4c1bee9213ba60f&scene=58&subscene=0#rd) +- 丁爸 情报分析师的工具箱 + - [ ] [【资讯】特朗普签署行政命令取消拜登人工智能政策:美国政策的“朝令夕改”](https://mp.weixin.qq.com/s?__biz=MzI2MTE0NTE3Mw==&mid=2651148689&idx=1&sn=0707627dd1c290fd861d390ad8100390&chksm=f1af26abc6d8afbd7427e0c3da7a4c6d21a3130ad8f4d9de782945434e589c4b81ab5df3776e&scene=58&subscene=0#rd) +- dotNet安全矩阵 + - [ ] [.NET 第 56 期红队武器库和资源汇总](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498450&idx=1&sn=0e544713a937f0cc0f8fe5662ece86f9&chksm=fa59543fcd2edd2963e30663b8bbe96e77d53d5e2c4f7031b50fe952aba8d1f577cada65c675&scene=58&subscene=0#rd) + - [ ] [.NET 内网攻防实战电子报刊](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498450&idx=2&sn=a00f3f8ae2f091ade34fc645636c1188&chksm=fa59543fcd2edd296a6821e4424d0c5605ae82829d456ecb55237c603906088a99f4d65bb1ae&scene=58&subscene=0#rd) + - [ ] [文件痕迹清理,通过 Sharp4ModifyTime 修改任意文件时间戳](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498450&idx=3&sn=01dad887be82ec26ebc80e1de617c700&chksm=fa59543fcd2edd29d00dc462ff4f7e26830de7ead97b9becc8fa24cd995af578294d491b48ed&scene=58&subscene=0#rd) +- 吾爱破解论坛 + - [ ] [吾爱破解论坛微信红包封面(60000份)](https://mp.weixin.qq.com/s?__biz=MjM5Mjc3MDM2Mw==&mid=2651141639&idx=1&sn=7306868d4e210299a761b09dfab68bec&chksm=bd50a6538a272f45be2fde65658c162491d6a14b55e06c11bfc97ec7b9ccb3165d8cb4084ee3&scene=58&subscene=0#rd) +- 威胁棱镜 + - [ ] [2024 年工控互联网态势](https://mp.weixin.qq.com/s?__biz=MzkyMzE5ODExNQ==&mid=2247487629&idx=1&sn=f51d253054a3fe4b1f53af328973c7d9&chksm=c1e9e741f69e6e57778dac4aa1429e2857f7d211469e5f5239be9ab8b07cd327bfa6217e1bd2&scene=58&subscene=0#rd) +- 看雪学苑 + - [ ] [DEC/RPC协议与Windows服务创建浅析(银狐原始进程隐匿方式之一)](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458589259&idx=1&sn=2076280e4c58e4cd0d718047946ebe83&chksm=b18c28c186fba1d72857bb2f9ecd1cf60756243ffde6306a22d046402d7ef801dfff28547af8&scene=58&subscene=0#rd) + - [ ] [别错过!“系统0day安全”课程,带你精通漏洞挖掘技巧](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458589259&idx=2&sn=4356dec55931f1257ae44561ca3f0d3e&chksm=b18c28c186fba1d7bf12649f11f2f5078f554a99f2e3c5db93d10a68151651e9d90c81e7753d&scene=58&subscene=0#rd) +- 安全圈 + - [ ] [【安全圈】2000余名网红遭信息“开盒” 嫌疑人获利几十万元](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067606&idx=1&sn=06c7d132a1649380a5b7629742f5d3f7&chksm=f36e7b56c419f240368726c211c69ba2369aa718ee5183ec43c60390b8e84702917b3a31a610&scene=58&subscene=0#rd) + - [ ] [【安全圈】微软 Win10 / Win11 新威胁:RID 劫持可提权至管理员控制你的 PC](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067606&idx=2&sn=efa053f9e1755bb17193b5a5868fb8ce&chksm=f36e7b56c419f24014b67943f6766ea3ab7b908882f20b4e0af01106172c63290014f9c24682&scene=58&subscene=0#rd) + - [ ] [【安全圈】新的 Cleo 零日 RCE 漏洞在数据盗窃攻击中被利用](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067606&idx=3&sn=6473d53d9a207bfac9888ca3a543bbf8&chksm=f36e7b56c419f2407633ba9229c8cb14a4e4458baf67e78d79310f03423449e922b703042bec&scene=58&subscene=0#rd) + - [ ] [【安全圈】新的 UEFI 安全启动漏洞使系统暴露于 bootkit](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067606&idx=4&sn=e8ae1a9dfb9fb649575b0d8a5414a82d&chksm=f36e7b56c419f24087b4c41685f0be88aab339021ceb93dffd537c9df34d2812ec3232317caa&scene=58&subscene=0#rd) +- 情报分析师 + - [ ] [事关Stargate项目,说点你不知道的内幕!](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650559242&idx=1&sn=65609027c9fddad943535044bcb06811&chksm=87117d41b066f4575f3b8fc3d3971f7eef784642475a4d33595a6dde9f13f7df0b0f8eda197d&scene=58&subscene=0#rd) + - [ ] [“懂王”重出江湖:前100日计划剖析(2万字资料附下载)](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650559242&idx=2&sn=812122521348cdc4a1414ee0000a67b8&chksm=87117d41b066f45792e59919c059261ad0157fb18bbb2f1dcbd0685ff898acd35c6c3bce395a&scene=58&subscene=0#rd) +- 极客公园 + - [ ] [智能泊车事故公开,小米汽车召回 3 万台 SU7;字节 2026 年停发春节红包;《权游》作者发表物理学论文 | 极客早知道](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653072822&idx=1&sn=7c6ca6a38c34759561d422054250e57c&chksm=7e57d00049205916e8025fe1d9be04063c7ebe7460a277127ae61e7b3bc947b7c86c8213b39b&scene=58&subscene=0#rd) +- 谛听ditecting + - [ ] [谛听|“谛听”团队参加2021年国家重点研发计划“智能网联场景工业控制系统深度防御与安全处置技术”项目 课题综合绩效评价会议](https://mp.weixin.qq.com/s?__biz=MzU3MzQyOTU0Nw==&mid=2247492392&idx=1&sn=4457e5fc8b2fcca5ba76cd80c2dc9145&chksm=fcc3616ccbb4e87a6a1a1e47120e8d944a7ec9e8fc569022e103b6ea15590c421f76df8c4efe&scene=58&subscene=0#rd) +- 字节跳动技术团队 + - [ ] [揭秘字节跳动内部流量调度与容灾实践【上】](https://mp.weixin.qq.com/s?__biz=MzI1MzYzMjE0MQ==&mid=2247512958&idx=1&sn=82401f525cc5fdd2b7eb9cf210f60c24&chksm=e9d3789cdea4f18a5d9a1aa5141e78c28fbccd9c7a52068f7bf17d53a3d814b9c86346822bc4&scene=58&subscene=0#rd) +- 网安国际 + - [ ] [【InForSec 2025年会青年学者论坛回顾】冀晓宇:从传感器安全到“传感器 +X”安全](https://mp.weixin.qq.com/s?__biz=MzA4ODYzMjU0NQ==&mid=2652317459&idx=1&sn=4c4bfe832913a3872ec09ee631b9274b&chksm=8bc4ba9dbcb3338b2ba37bf54bb919e54ede95f3031151621def31622b349399445cd80439ba&scene=58&subscene=0#rd) + - [ ] [【InForSec 2025年会青年学者论坛回顾】白家驹:操作系统的自动化缺陷检测](https://mp.weixin.qq.com/s?__biz=MzA4ODYzMjU0NQ==&mid=2652317459&idx=2&sn=d42e0048046537509a0b9169907c9801&chksm=8bc4ba9dbcb3338bb5fe7bf9d6330213b86264fd3eb919b2106dc45e7b8604701d521d420b2c&scene=58&subscene=0#rd) + - [ ] [【InForSec 2025年会青年学者论坛回顾】闫琛:传感器电磁安全与隐私问题研究](https://mp.weixin.qq.com/s?__biz=MzA4ODYzMjU0NQ==&mid=2652317459&idx=3&sn=619b1c123e6a6165f24ed57ff9fd391a&chksm=8bc4ba9dbcb3338be3560720a31ce43398b3a8d91b3ec3a5799d4b4bb554133d8311c80ece9b&scene=58&subscene=0#rd) + - [ ] [【InForSec 2025年会青年学者论坛回顾】刁文瑞:移动生态安全探索:从系统漏洞到大规模测量](https://mp.weixin.qq.com/s?__biz=MzA4ODYzMjU0NQ==&mid=2652317459&idx=4&sn=0d016310221e528e230f05da6f3b14de&chksm=8bc4ba9dbcb3338bf92e55b964a1f76fb01b91c88ad08ce7333778b972524fd5800ec0f17f97&scene=58&subscene=0#rd) + - [ ] [【InForSec 2025年会青年学者论坛回顾】南雨宏:程序分析视角下的敏感数据管控:从移动应用到智能合约](https://mp.weixin.qq.com/s?__biz=MzA4ODYzMjU0NQ==&mid=2652317459&idx=5&sn=c5a7798acca47b172a583897d568c7ef&chksm=8bc4ba9dbcb3338b4d1e431047955603c86d16b56379b9128a3bd4e7e51ffa80abd0a2267c1a&scene=58&subscene=0#rd) + - [ ] [【InForSec 2025年会青年学者论坛回顾】范铭:移动应用个人信息保护场景下的合规验证探索与思考](https://mp.weixin.qq.com/s?__biz=MzA4ODYzMjU0NQ==&mid=2652317459&idx=6&sn=7be8c4556e1d37b0d94079969cbb7958&chksm=8bc4ba9dbcb3338b183ae58f4c267e03ed34bc27f99c79eed93410d6912f0ba4263a1ff60705&scene=58&subscene=0#rd) + - [ ] [【InForSec 2025年会青年学者论坛回顾】申文博:从AI框架到xPU硬件:智能系统安全研究](https://mp.weixin.qq.com/s?__biz=MzA4ODYzMjU0NQ==&mid=2652317459&idx=7&sn=044afe640aa525a285b3dcc87f2a146d&chksm=8bc4ba9dbcb3338bf773348e0df5e157b01dbc90732f0b032ca10812f22f1e407bcc1daf7d01&scene=58&subscene=0#rd) +- 迪哥讲事 + - [ ] [记一次细得不行的账户权限提升](https://mp.weixin.qq.com/s?__biz=MzIzMTIzNTM0MA==&mid=2247496946&idx=1&sn=fd344274014da8f4d5f0705d21c1080a&chksm=e8a5fe91dfd2778741884d78e29eb70766ca43d4b3f53f3f268483de8e8639bd61ed87b93e03&scene=58&subscene=0#rd) +- Over Security - Cybersecurity news aggregator + - [ ] [TalkTalk investigates breach after data for sale on hacking forum](https://www.bleepingcomputer.com/news/security/talktalk-investigates-breach-after-data-for-sale-on-hacking-forum/) + - [ ] [January 2025 Zero-Day Threat Intelligence](https://pixmsecurity.com/blog/blog/january-2025-zero-day-threat-intelligence/) + - [ ] [PayPal to pay $2 million settlement over 2022 data breach](https://www.bleepingcomputer.com/news/security/paypal-to-pay-2-million-settlement-over-2022-data-breach/) + - [ ] [Cyber diplomacy funding halted as US issues broad freeze on foreign aid](https://therecord.media/cyber-diplomacy-funding-halted-freeze-on-foreign-aid) + - [ ] [Come utilizzo Patreon](https://roccosicilia.com/2025/01/25/come-utilizzo-patreon/) + - [ ] [Guerre di Rete - Ulbricht, come si è arrivati alla liberazione del fondatore di Silk Road](https://guerredirete.substack.com/p/guerre-di-rete-ulbricht-come-si-e) + - [ ] [UnitedHealth updates number of data breach victims to 190 million](https://therecord.media/unitedhealth-updates-change-healthcare-data-breach-190-million) +- TorrentFreak + - [ ] [Manga Publishers Maintain Pressure Despite Pirate Countermeasures](https://torrentfreak.com/manga-publishers-maintain-pressure-despite-pirate-countermeasures-250125/) +- 洞源实验室 + - [ ] [网络安全的红利还能吃几年?](https://mp.weixin.qq.com/s?__biz=Mzg4Nzk3MTg3MA==&mid=2247487709&idx=1&sn=cbd8920e80714a50eed133a0b2ee35d3&chksm=cf8319acf8f490badfb3044c077c80d304fb30e2a194e21a3e35d10d71716ab36c5fef0593f7&scene=58&subscene=0#rd) +- The Register - Security + - [ ] [Someone is slipping a hidden backdoor into Juniper routers across the globe, activated by a magic packet](https://go.theregister.com/feed/www.theregister.com/2025/01/25/mysterious_backdoor_juniper_routers/) + - [ ] [UK telco TalkTalk confirms probe into alleged data grab underway](https://go.theregister.com/feed/www.theregister.com/2025/01/25/uk_telco_talktalk_confirms_investigation/) +- Troy Hunt's Blog + - [ ] [Weekly Update 436](https://www.troyhunt.com/weekly-update-436/) +- Security Affairs + - [ ] [Subaru Starlink flaw allowed experts to remotely hack cars](https://securityaffairs.com/173434/security/subaru-starlink-vulnerability-remote-attacks.html) + - [ ] [Participants in the Pwn2Own Automotive 2025 earned $886,250](https://securityaffairs.com/173426/breaking-news/pwn2own-automotive-2025-final-results.html) +- Your Open Hacker Community + - [ ] [Recommendation for video where someone does a beginner level box/ctf blind?](https://www.reddit.com/r/HowToHack/comments/1i9t80h/recommendation_for_video_where_someone_does_a/) + - [ ] [What's the most interesting exploit you've ever read about or seen?](https://www.reddit.com/r/HowToHack/comments/1i9zodo/whats_the_most_interesting_exploit_youve_ever/) + - [ ] [Some good python book for hacking?](https://www.reddit.com/r/HowToHack/comments/1i9g9l4/some_good_python_book_for_hacking/) + - [ ] [Nice book to learn how find 0day vuln in systems](https://www.reddit.com/r/HowToHack/comments/1i9xyel/nice_book_to_learn_how_find_0day_vuln_in_systems/) + - [ ] [I need help asap.](https://www.reddit.com/r/HowToHack/comments/1ia01zc/i_need_help_asap/) + - [ ] [Need help with HashCat and salted hashes](https://www.reddit.com/r/HowToHack/comments/1i9hk2y/need_help_with_hashcat_and_salted_hashes/) + - [ ] [How to extract readable data from .y3k files?](https://www.reddit.com/r/HowToHack/comments/1i9ge7v/how_to_extract_readable_data_from_y3k_files/) + - [ ] [How to overcome angular framework?](https://www.reddit.com/r/HowToHack/comments/1i9g6w5/how_to_overcome_angular_framework/) + - [ ] [Should I use TryHackMe to learn](https://www.reddit.com/r/HowToHack/comments/1i9a783/should_i_use_tryhackme_to_learn/) + - [ ] [How to handle ngrok dynamic tcp tunnels for android/meterpreter/reverse_tcp apk ?](https://www.reddit.com/r/HowToHack/comments/1i9dr3s/how_to_handle_ngrok_dynamic_tcp_tunnels_for/) + - [ ] [I dont trust at all my gf](https://www.reddit.com/r/HowToHack/comments/1i9os7f/i_dont_trust_at_all_my_gf/) + - [ ] [Need basic knowledge](https://www.reddit.com/r/HowToHack/comments/1i9fbje/need_basic_knowledge/) +- Computer Forensics + - [ ] [Digital ForensicsQuestions](https://www.reddit.com/r/computerforensics/comments/1i9icjv/digital_forensicsquestions/) + - [ ] [Cyber Forensics / Investigation](https://www.reddit.com/r/computerforensics/comments/1i9dljz/cyber_forensics_investigation/) +- Social Engineering + - [ ] [Learn more about someone before doing business](https://www.reddit.com/r/SocialEngineering/comments/1i9j9i5/learn_more_about_someone_before_doing_business/) +- Deeplinks + - [ ] [EFF to Michigan Supreme Court: Cell Phone Search Warrants Must Strictly Follow The Fourth Amendment’s Particularity and Probable Cause Requirements](https://www.eff.org/deeplinks/2025/01/eff-michigan-supreme-court-cell-phone-search-warrants-must-strictly-follow-fourth) +- Hacking Exposed Computer Forensics Blog + - [ ] [Daily Blog #728: Test Kitchen with Cursor](https://www.hecfblog.com/2025/01/daily-blog-728-test-kitchen-with-cursor.html) +- 网安寻路人 + - [ ] [日本《人工智能业务指南》全文翻译](https://mp.weixin.qq.com/s?__biz=MzIxODM0NDU4MQ==&mid=2247506124&idx=1&sn=a0d99658c9689597ec9d1e77f02a0b48&chksm=97e96526a09eec30af4b40c753f3202737f20aee9db771f6a3b490a2e7655945b7efc6cec77f&scene=58&subscene=0#rd) diff --git a/archive/tmp/2025-01-26.json b/archive/tmp/2025-01-26.json new file mode 100644 index 0000000000..8fbc359046 --- /dev/null +++ b/archive/tmp/2025-01-26.json @@ -0,0 +1,333 @@ +{ + "Doonsec's feed": { + "警惕|售前入狱指南:这位售前你距离坐牢不远了!": "https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485458&idx=1&sn=9c60eaa180e3edb21006f196ba6c6518", + "北七家-未来科学城,3居变4居豪装,理想楼层/户型/朝向": "https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485458&idx=2&sn=19fb3438286fd12eb54126cd7136650d", + "【干货】笑傲职场的独家经验(1)": "https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485458&idx=3&sn=ad9e291ae7c68eaafb4b70da0eef178b", + "【干货原创】实网攻防演习常态化,会带来什么变化01": "https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485458&idx=4&sn=8567b1848a15aab3cee265d3e05a46fd", + "【干货原创】K12教育,鲜为人知的模式秘密": "https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485458&idx=5&sn=92aa960ab33f52675d9b6b79b5ed7ea4", + "原创文章目录": "https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485458&idx=6&sn=b77d297edf19d3464057813560074b7e", + "揭秘渗透测试:网络安全的“攻防演练”": "https://mp.weixin.qq.com/s?__biz=MzkzNzg3NzQxMQ==&mid=2247485725&idx=1&sn=8d1e5ccb6b7c188932d3595352f0f8a0", + "缓冲区溢出学习及漏洞复现": "https://mp.weixin.qq.com/s?__biz=Mzg3OTUxNTU2NQ==&mid=2247490021&idx=1&sn=028614c59fd8634bc196652737ddd7a3", + "渗透技巧 | 小白都能会的通用漏洞挖掘技巧": "https://mp.weixin.qq.com/s?__biz=Mzg3OTUxNTU2NQ==&mid=2247490021&idx=2&sn=78ca373b771055bfce301e58e2d94839", + "红队视角:揭秘内网提权的技术迷宫": "https://mp.weixin.qq.com/s?__biz=Mzg3OTUxNTU2NQ==&mid=2247490021&idx=3&sn=632b1f8c8140edb7f8e1988a027d8c9b", + "FTP匿名登录": "https://mp.weixin.qq.com/s?__biz=MzU2MTc4NTEyNw==&mid=2247486443&idx=1&sn=52541552cd1d17a0619cb76a02adaca0", + "【重要通知】春节福利来啦!": "https://mp.weixin.qq.com/s?__biz=Mzk0OTUwNTU5Nw==&mid=2247489028&idx=1&sn=57cc2f38012be369cda3b8eb27af4955", + "【资讯】特朗普签署行政命令取消拜登人工智能政策:美国政策的“朝令夕改”": "https://mp.weixin.qq.com/s?__biz=MzI2MTE0NTE3Mw==&mid=2651148689&idx=1&sn=0707627dd1c290fd861d390ad8100390", + "14【邮件安全】如何防护窃密类攻击": "https://mp.weixin.qq.com/s?__biz=MzI1OTUyMTI2MQ==&mid=2247484819&idx=1&sn=969fd46dcff0cbeb1f0ca33b50c1d3f8", + "梦想启航,共赴新征程 | 神州希望年度盛典活动圆满落幕": "https://mp.weixin.qq.com/s?__biz=MzA4Mzg1ODMwMg==&mid=2650725002&idx=1&sn=469a2e3a5e9cd84f5ec595e1bfa74f1a", + "人民银行拟明确,泄露1000万条敏感个人信息为特别重大网络安全事件": "https://mp.weixin.qq.com/s?__biz=Mzg4NzQ4MzA4Ng==&mid=2247485190&idx=1&sn=3cdb10b152e37983478b1501ddae2549", + "记一次细得不行的账户权限提升": "https://mp.weixin.qq.com/s?__biz=MzIzMTIzNTM0MA==&mid=2247496946&idx=1&sn=fd344274014da8f4d5f0705d21c1080a", + "GBT43766-2024智能网联汽车运行安全测试技术要求": "https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247620095&idx=1&sn=c2a4526918174ccfc0842f3acd11e526", + "GB T 44774-2024 汽车信息安全应急响应管理规范-市场监督总局、国标委": "https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247620095&idx=2&sn=f195194edfff51e852f90ffb8c5cec5a", + "GB_T 44778-2024 汽车诊断接口信息安全技术要求及试验方法": "https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247620095&idx=3&sn=2776df80864788f31772fc62bf486e70", + "【云安全】云原生-Docker(五)容器逃逸之漏洞利用": "https://mp.weixin.qq.com/s?__biz=MzUyNTUyNTA5OQ==&mid=2247484704&idx=1&sn=410d5b5fae6bf9431286297a0a2c6170", + "攻防技战术动态一周更新 - 20240120": "https://mp.weixin.qq.com/s?__biz=MzkzODc4NjE1OQ==&mid=2247483911&idx=1&sn=c5a229f591045a08ac05482732c1d08a", + "带你解锁编码新世界!--随波逐流CTF编码工具使用教程42 --Decabit密码": "https://mp.weixin.qq.com/s?__biz=MzU2NzIzNzU4Mg==&mid=2247489624&idx=1&sn=ea44aafbf7384a7687c319f17c02fa2d", + "【安全圈】2000余名网红遭信息“开盒” 嫌疑人获利几十万元": "https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067606&idx=1&sn=06c7d132a1649380a5b7629742f5d3f7", + "【安全圈】微软 Win10 / Win11 新威胁:RID 劫持可提权至管理员控制你的 PC": "https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067606&idx=2&sn=efa053f9e1755bb17193b5a5868fb8ce", + "【安全圈】新的 Cleo 零日 RCE 漏洞在数据盗窃攻击中被利用": "https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067606&idx=3&sn=6473d53d9a207bfac9888ca3a543bbf8", + "【安全圈】新的 UEFI 安全启动漏洞使系统暴露于 bootkit": "https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067606&idx=4&sn=e8ae1a9dfb9fb649575b0d8a5414a82d", + "LockBit4.0勒索病毒攻击": "https://mp.weixin.qq.com/s?__biz=MzA4ODEyODA3MQ==&mid=2247490159&idx=1&sn=3e0c4cafcaf49897fc3ae2b21c46ba3c", + "Lynx勒索病毒攻击": "https://mp.weixin.qq.com/s?__biz=MzA4ODEyODA3MQ==&mid=2247490159&idx=2&sn=407c03ec89b98548a00d3dcdb55d47ef", + "【InForSec 2025年会青年学者论坛回顾】冀晓宇:从传感器安全到“传感器 +X”安全": "https://mp.weixin.qq.com/s?__biz=MzA4ODYzMjU0NQ==&mid=2652317459&idx=1&sn=4c4bfe832913a3872ec09ee631b9274b", + "【InForSec 2025年会青年学者论坛回顾】白家驹:操作系统的自动化缺陷检测": "https://mp.weixin.qq.com/s?__biz=MzA4ODYzMjU0NQ==&mid=2652317459&idx=2&sn=d42e0048046537509a0b9169907c9801", + "【InForSec 2025年会青年学者论坛回顾】闫琛:传感器电磁安全与隐私问题研究": "https://mp.weixin.qq.com/s?__biz=MzA4ODYzMjU0NQ==&mid=2652317459&idx=3&sn=619b1c123e6a6165f24ed57ff9fd391a", + "【InForSec 2025年会青年学者论坛回顾】刁文瑞:移动生态安全探索:从系统漏洞到大规模测量": "https://mp.weixin.qq.com/s?__biz=MzA4ODYzMjU0NQ==&mid=2652317459&idx=4&sn=0d016310221e528e230f05da6f3b14de", + "【InForSec 2025年会青年学者论坛回顾】南雨宏:程序分析视角下的敏感数据管控:从移动应用到智能合约": "https://mp.weixin.qq.com/s?__biz=MzA4ODYzMjU0NQ==&mid=2652317459&idx=5&sn=c5a7798acca47b172a583897d568c7ef", + "【InForSec 2025年会青年学者论坛回顾】范铭:移动应用个人信息保护场景下的合规验证探索与思考": "https://mp.weixin.qq.com/s?__biz=MzA4ODYzMjU0NQ==&mid=2652317459&idx=6&sn=7be8c4556e1d37b0d94079969cbb7958", + "【InForSec 2025年会青年学者论坛回顾】申文博:从AI框架到xPU硬件:智能系统安全研究": "https://mp.weixin.qq.com/s?__biz=MzA4ODYzMjU0NQ==&mid=2652317459&idx=7&sn=044afe640aa525a285b3dcc87f2a146d", + "【全网首发】SpiderX—JS前端加密绕过攻防神器": "https://mp.weixin.qq.com/s?__biz=MzkxOTU3MDY4MQ==&mid=2247484523&idx=1&sn=1c96baa85e02951ab6e157f8318b63fb", + "新春红包封面快来领取!": "https://mp.weixin.qq.com/s?__biz=MzI5MTIwOTQ5MA==&mid=2247487645&idx=1&sn=f24d76bc9fff29975309ff6ee71836c9", + "友数聚 CPAS审计管理系统V4 getCurserIfAllowLogin SQL注入漏洞": "https://mp.weixin.qq.com/s?__biz=MzkzMTcwMTg1Mg==&mid=2247490331&idx=1&sn=d0bc2a23252891fc43749fa31443df71", + "CVE-2024-43451 Windows NTLM 漏洞,允许攻击者使用恶意快捷方式强制身份验证并捕获 NTLM 哈希": "https://mp.weixin.qq.com/s?__biz=MzAxMjYyMzkwOA==&mid=2247527185&idx=1&sn=e316e52a9c3df272305888245af343f8", + "CVE-2024-43468 :通过 PoC 代码揭示 Microsoft Configuration Manager 漏洞": "https://mp.weixin.qq.com/s?__biz=MzAxMjYyMzkwOA==&mid=2247527185&idx=2&sn=67cbf97affd8106486d5097a7d773cf7", + "交大捷普春节保障通知请查收~": "https://mp.weixin.qq.com/s?__biz=MzI2MzU0NTk3OA==&mid=2247506078&idx=1&sn=51b1726bf07b4140dd5c7c740c641c5f", + "汽车功能安全": "https://mp.weixin.qq.com/s?__biz=MzIzOTc2OTAxMg==&mid=2247549597&idx=1&sn=56e746b1a81acc0ff1f756fb0a6919bd", + "车载电子控制系统解析:ECU、VCU、MCU、HCU的区别与功能": "https://mp.weixin.qq.com/s?__biz=MzIzOTc2OTAxMg==&mid=2247549597&idx=2&sn=8782ebbf1f96b57a350bccdc3cb71cbc", + "赛迪院长张立:强化数据标注基地引领作用 带动数据标注产业高质量发展": "https://mp.weixin.qq.com/s?__biz=MjM5NzYwNDU0Mg==&mid=2649249639&idx=1&sn=b20e52f1c5bf58132694f64459558d08", + "送走挖煤人,引进AI人——京西新年第一会聚焦“人工智能+”": "https://mp.weixin.qq.com/s?__biz=MjM5NzYwNDU0Mg==&mid=2649249639&idx=2&sn=5b2eef5ca2602417c0513893881a5286", + "京西“人工智能+”行动启动,加速赋能千行百业": "https://mp.weixin.qq.com/s?__biz=MjM5NzYwNDU0Mg==&mid=2649249639&idx=3&sn=09d82edb1cb80aa30dd4e524b454846f", + "国源天顺集团召开2025年盛大年会": "https://mp.weixin.qq.com/s?__biz=Mzg3MTU1MTIzMQ==&mid=2247495900&idx=1&sn=05f3cb3068c5e19ffbae70d4a628e501", + "【2025-01-25】黑客新闻摘要": "https://mp.weixin.qq.com/s?__biz=MzIzNDU5NTI4OQ==&mid=2247488361&idx=1&sn=5e93ab8055df35d3ef08f9ecd2ab11f3", + "中国科技期刊参与科技伦理治理的责任与边界": "https://mp.weixin.qq.com/s?__biz=MzI1OTExNDY1NQ==&mid=2651618886&idx=1&sn=212dbd45b8656d38f43d2206b2613569", + "DEC/RPC协议与Windows服务创建浅析(银狐原始进程隐匿方式之一)": "https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458589259&idx=1&sn=2076280e4c58e4cd0d718047946ebe83", + "别错过!“系统0day安全”课程,带你精通漏洞挖掘技巧": "https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458589259&idx=2&sn=4356dec55931f1257ae44561ca3f0d3e", + "金融大模型落地路线图研究报告(2024年)": "https://mp.weixin.qq.com/s?__biz=MjM5OTk4MDE2MA==&mid=2655264523&idx=1&sn=59aaf90744fb30c1ac16698f52a91acb", + "友数聚 CPAS审计管理系统V4 downPlugs 任意文件读取漏洞": "https://mp.weixin.qq.com/s?__biz=MzkzMTcwMTg1Mg==&mid=2247490322&idx=1&sn=25c1352e1b349a1302486f7e519f7d5d", + "特色专题 | Polar-BBCRSsig:一个基于极化码的数字签名算法": "https://mp.weixin.qq.com/s?__biz=MzkwMTMyMDQ3Mw==&mid=2247597612&idx=1&sn=331a63888f0e237790f4b786ff41b4b5", + "提升数据流通安全治理能力 促进数据流通开发利用": "https://mp.weixin.qq.com/s?__biz=MzkwMTMyMDQ3Mw==&mid=2247597612&idx=2&sn=0cfbb614ace6bcfc8fba3986e85d7996", + "CTF 流量分析秘籍": "https://mp.weixin.qq.com/s?__biz=MzkyOTUxMzk2NQ==&mid=2247486072&idx=1&sn=2d8abc608068a31ba72346ffe1fbb89a", + "【JS逆向渗透系列02】BurpSuite结合mitmproxy+JSRPC秒杀js加密的方案": "https://mp.weixin.qq.com/s?__biz=MzkyOTUxMzk2NQ==&mid=2247486072&idx=2&sn=a41b8e46903c71b16c9afd325f1f0f1f", + "【js逆向渗透系列01】利用JSRPC秒杀JS加密": "https://mp.weixin.qq.com/s?__biz=MzkyOTUxMzk2NQ==&mid=2247486072&idx=3&sn=f4d030c3179188237c61992ea979ce39", + "放假啦!": "https://mp.weixin.qq.com/s?__biz=MzkxNTIwNTkyNg==&mid=2247553203&idx=1&sn=9a05203b3253d08d80b3b0b05696977d", + "【免费领】全网最权威的大数据安全实践指南(含100例最佳实操)": "https://mp.weixin.qq.com/s?__biz=MzkxNTIwNTkyNg==&mid=2247553203&idx=2&sn=a27be898f2ed0a1029b6cc567fd3e3dd", + "xray图形化工具-Super Xray,支持自定义导入poc库": "https://mp.weixin.qq.com/s?__biz=MzkzNzg4MTI0NQ==&mid=2247485448&idx=1&sn=5888106f1aed20b020b5c7cf2e2d7d53", + "博斯外贸管理软件V6.0 log/logined.jsp SQL注入漏洞": "https://mp.weixin.qq.com/s?__biz=MzkzMTcwMTg1Mg==&mid=2247490313&idx=1&sn=74c67202db6cc3e463b34c9f381ceebf", + "祝大家新春快乐!": "https://mp.weixin.qq.com/s?__biz=MzkyNTY3Nzc3Mg==&mid=2247489177&idx=1&sn=72c3b8a8302a13d9cc452781aa143d41", + "新春抽奖开启!与奉天安全团队 & 禾信智安共迎新年好运!": "https://mp.weixin.qq.com/s?__biz=Mzk0NjQ2NzQ0Ng==&mid=2247485001&idx=1&sn=6e9760b516808b96be5fe01325dabde2", + "专项培训,学生必看!": "https://mp.weixin.qq.com/s?__biz=Mzk0NjQ2NzQ0Ng==&mid=2247485001&idx=2&sn=14fae2eb52cb8f3067159cbda8857411", + "无糖信息春节放假通知,内含2025蛇年限定红包封面限时放送!": "https://mp.weixin.qq.com/s?__biz=MzAxMzkzNDA1Mg==&mid=2247513938&idx=1&sn=9d7986c230f45bb4faac2f33a765ccab", + "黑客如何攻破一个网站?长文图解全流程": "https://mp.weixin.qq.com/s?__biz=MzkxMzMyNzMyMA==&mid=2247570688&idx=1&sn=ec49ed5cec5fce5c31f4af871087a5df", + "诸子云 | 2024评优:「十佳会员」候选人风采展示与投票": "https://mp.weixin.qq.com/s?__biz=MzU5ODgzNTExOQ==&mid=2247635766&idx=1&sn=8a269692df43494fa4405040d7d5f044", + "在看 | 周报:B站员工“代码投毒”报复用户;宁波某化工企业被境外势力获取危险源监控视频数据": "https://mp.weixin.qq.com/s?__biz=MzU5ODgzNTExOQ==&mid=2247635766&idx=2&sn=8e5ca5ae820e4aa7a72644000bc4e641", + "在看 | 厂商:本周热门网络安全产业动态": "https://mp.weixin.qq.com/s?__biz=MzU5ODgzNTExOQ==&mid=2247635766&idx=3&sn=3ac33612ef10098240b1eaa09bd422a2", + "谈谈最近": "https://mp.weixin.qq.com/s?__biz=Mzg5OTkwMjEwMg==&mid=2247483889&idx=1&sn=6cf7b46c3236d2e505d7cfbba97835d2", + "一图读懂《网络安全技术 网络安全产品互联互通 第1部分:框架》": "https://mp.weixin.qq.com/s?__biz=MjM5MzMwMDU5NQ==&mid=2649170504&idx=1&sn=86ae46294ca2f8187bedbc85e99f1c64", + "实施“持证亮牌”u3000整治违规行为——国家网信办加强互联网新闻信息服务许可管理": "https://mp.weixin.qq.com/s?__biz=MjM5MzMwMDU5NQ==&mid=2649170504&idx=2&sn=9d129cd03cc85a4a2de8cc9b3a034490", + "涉嫌非法获取公民个人信息 8家MCN机构被查处": "https://mp.weixin.qq.com/s?__biz=MjM5MzMwMDU5NQ==&mid=2649170504&idx=3&sn=62aac421ce4481cd2a9e72a6bf6e2f3d", + "AI领航安全新征程!星河安全2024年度盘点": "https://mp.weixin.qq.com/s?__biz=Mzk0MTYyNTg3Mg==&mid=2247492360&idx=1&sn=bad1dda2fae75298e0870d957e44336f", + "安全不打烊丨云天安全春节期间服务保障通知": "https://mp.weixin.qq.com/s?__biz=MzI2NDYzNjY0Mg==&mid=2247501197&idx=1&sn=e573ebcd07279615fe21c417e222f7a2", + "揭秘服务器世界三大巨头:机架式、塔式与刀片式的真正区别!": "https://mp.weixin.qq.com/s?__biz=MzUyNTExOTY1Nw==&mid=2247528007&idx=1&sn=7a2b2de8e2eb075aecfd0d928c2e05b6", + "请查收~来自盛邦安全的致谢回信": "https://mp.weixin.qq.com/s?__biz=MzAwNTAxMjUwNw==&mid=2650277635&idx=1&sn=fba61f10dfea6a44afeef10a1bca780f", + "四叶草安全春节公告": "https://mp.weixin.qq.com/s?__biz=MjM5MTI2NDQzNg==&mid=2654552288&idx=1&sn=96a0015a0fd5500a90ae8527883b410c", + "【证书和报告信息】中国移动通信集团有限公司-网络安全大模型系统": "https://mp.weixin.qq.com/s?__biz=Mzg5MzQ5NjQyNw==&mid=2247486184&idx=1&sn=1c59eb46d046850475159b39f42ee3a6", + "【灵蛇贺新岁】平航科技2025年春节假期放假通知": "https://mp.weixin.qq.com/s?__biz=MzI0OTEyMTk5OQ==&mid=2247494113&idx=1&sn=ce6e94d556fc3aff1a62646f32aa492c", + "告别SecureCRT!这些SSH工具更强大、更好用,网络工程师必备!": "https://mp.weixin.qq.com/s?__biz=MzIyMzIwNzAxMQ==&mid=2649464706&idx=1&sn=2f28514a24bcc488d05ac8b16894f3a1", + "开发|渗透报告生成系统+框架反序列化分析+防护建议": "https://mp.weixin.qq.com/s?__biz=MzIzNDU5Mzk2OQ==&mid=2247486379&idx=1&sn=f2d6bb9d94a484a4ddaf43a851625d65", + "一图读懂中央经济工作会议→": "https://mp.weixin.qq.com/s?__biz=MzA5MzU5MzQzMA==&mid=2652114248&idx=1&sn=3110c71638dad598cdd5a97b9819d8dc", + "事关Stargate项目,说点你不知道的内幕!": "https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650559242&idx=1&sn=65609027c9fddad943535044bcb06811", + "“懂王”重出江湖:前100日计划剖析(2万字资料附下载)": "https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650559242&idx=2&sn=812122521348cdc4a1414ee0000a67b8", + "src实战 | CE工具的妙用-绕过签名": "https://mp.weixin.qq.com/s?__biz=Mzk0NzM4NzI1MA==&mid=2247486229&idx=1&sn=59f7a5d451e4f06ec7e5710355a16705", + "对 404 站点的漏洞挖掘": "https://mp.weixin.qq.com/s?__biz=MzU5NjYwNDIyOQ==&mid=2247484826&idx=1&sn=5f81afa2c8c6ec0ad22c685de58a12d2", + "暗网:CAI 的非常规来源": "https://mp.weixin.qq.com/s?__biz=MzkwOTE5MDY5NA==&mid=2247504700&idx=1&sn=8a70db6ed5d20c468504787680ea612c", + "从 404 到未授权": "https://mp.weixin.qq.com/s?__biz=MzU5NjYwNDIyOQ==&mid=2247484823&idx=1&sn=4a5b521198ea04ffdba91a69f4efa10e", + "美国国防部官方社交媒体集体进入“静默期”": "https://mp.weixin.qq.com/s?__biz=MzkzNDIzNDUxOQ==&mid=2247494513&idx=1&sn=bc5c4c56b49b937818cbaf41ea395f3b", + "安全值守 | 众智维科技春节假期应急保障服务不打烊": "https://mp.weixin.qq.com/s?__biz=MzU5Mjg0NzA5Mw==&mid=2247493910&idx=1&sn=de7d9c74b0ba445a83102b5027b37773", + "好险差点被他赚到了": "https://mp.weixin.qq.com/s?__biz=Mzk0MzY3MDE5Mg==&mid=2247483995&idx=1&sn=345fa8d0bf969a4ac8f5b9a4f3b1d09c", + "【吃瓜】无需三倍": "https://mp.weixin.qq.com/s?__biz=MzIxNTIzNTExMQ==&mid=2247490849&idx=1&sn=c8a921eac811f6f2a83cba435599a30a", + "天才": "https://mp.weixin.qq.com/s?__biz=MzIxNTIzNTExMQ==&mid=2247490847&idx=1&sn=84840a0e8ecb596122fdf56a541247b5", + "分享图片": "https://mp.weixin.qq.com/s?__biz=MzI3Njc1MjcxMg==&mid=2247494345&idx=1&sn=ec9ef6a77576df47945933c5408a8861", + "在受限的 Rails 应用程序中通过任意文件写入实现 RCE": "https://mp.weixin.qq.com/s?__biz=MzAxMjYyMzkwOA==&mid=2247527156&idx=1&sn=ce41716d54949eb8045c2dec96ee44a6", + "【威胁分析】针对韩国国内某知名律师事务所的APT攻击": "https://mp.weixin.qq.com/s?__biz=MzAxMjYyMzkwOA==&mid=2247527156&idx=2&sn=d815a0b641f861682118ebb4b2e25335", + "JADXecute:用于动态反编译器操作的 JADX-gui 脚本插件": "https://mp.weixin.qq.com/s?__biz=MzAxMjYyMzkwOA==&mid=2247527156&idx=3&sn=bdacefab7871ac08e043ac3166998058", + "从Pegasus到Predator:iOS商业间谍软件的演进": "https://mp.weixin.qq.com/s?__biz=MzU0MzgyMzM2Nw==&mid=2247486250&idx=1&sn=daa031ff26b9773e0177492de181ba56", + "国外警务前沿科技汇编": "https://mp.weixin.qq.com/s?__biz=MzkwMTQyODI4Ng==&mid=2247495745&idx=1&sn=5df2228249f174df3b21b5ad777b6253", + "2024年全球邮件威胁报告": "https://mp.weixin.qq.com/s?__biz=MzkwMTQyODI4Ng==&mid=2247495745&idx=2&sn=80c37d4771e7c654aa7609d6fe590b24", + "知名车企漏洞:只需车牌号,就能远程监控劫持数百万辆车": "https://mp.weixin.qq.com/s?__biz=MzkwMTQyODI4Ng==&mid=2247495745&idx=3&sn=d62bd25906c870e0c8433a02109f5b5a", + "ip2domain - 批量查询ip对应域名、备案信息、百度等引擎权重": "https://mp.weixin.qq.com/s?__biz=MzkyNTYzMTg3OQ==&mid=2247485770&idx=1&sn=302f7c091ef90f0df97ed162bfb265c5", + "网络安全的红利还能吃几年?": "https://mp.weixin.qq.com/s?__biz=Mzg4Nzk3MTg3MA==&mid=2247487709&idx=1&sn=cbd8920e80714a50eed133a0b2ee35d3", + "ISO 14001: 2015 标准详解与实施(26)10.3 持续改进": "https://mp.weixin.qq.com/s?__biz=MzA5OTEyNzc1Nw==&mid=2247486030&idx=1&sn=d1459a0a8bca440750d5ade3b58f0f0e", + "ISO 14001: 2015 标准详解与实施(25)10.2 不符合和纠正措施": "https://mp.weixin.qq.com/s?__biz=MzA5OTEyNzc1Nw==&mid=2247486030&idx=2&sn=dae87bd98e4387cf93f0a87aa96eed81", + "ISO 14001: 2015 标准详解与实施(24)10.1 总则": "https://mp.weixin.qq.com/s?__biz=MzA5OTEyNzc1Nw==&mid=2247486030&idx=3&sn=c318bf65327a033e932d389b8a90ea16", + "ISO 14001: 2015 标准详解与实施(23)9.3 管理评审": "https://mp.weixin.qq.com/s?__biz=MzA5OTEyNzc1Nw==&mid=2247486030&idx=4&sn=a85135f37d7c333ef6c878c315f88c41", + "ISO 14001: 2015 标准详解与实施(22)9.2 内部审核": "https://mp.weixin.qq.com/s?__biz=MzA5OTEyNzc1Nw==&mid=2247486030&idx=5&sn=1f187b414d8a14d47c9649240b678ac0", + "锦岳智慧:2025年春节安全保障,守护同行!": "https://mp.weixin.qq.com/s?__biz=MzkxMzQwNDcxNg==&mid=2247486852&idx=1&sn=d3ddf1a54d505e65a457ae3c2b896aa1", + "DIDCTF-2021第三届长安杯-检材一": "https://mp.weixin.qq.com/s?__biz=MzkxMTcyMDczOQ==&mid=2247489692&idx=1&sn=4146be09a799bbf76d261eab4bc980d1", + "数字安全:智·盾·鉴,CSA开启2025": "https://mp.weixin.qq.com/s?__biz=MzkwMTM5MDUxMA==&mid=2247503000&idx=1&sn=20276e85c2972647250674828c0b5a5f", + "impacket解读(三. smbclient、secretsdump)": "https://mp.weixin.qq.com/s?__biz=Mzg5NTkxNzg4MA==&mid=2247489975&idx=1&sn=7faa781ae4e91430c6f32732213c32c2", + "[网络安全]新春红包封面": "https://mp.weixin.qq.com/s?__biz=MzkyMDY1MDI3OA==&mid=2247483803&idx=1&sn=4dff124cc0784638e204ea08b191b63f", + "【吃瓜】某手机厂商被泰国个人数据保护委员会 (PDPC) 发出警示令": "https://mp.weixin.qq.com/s?__biz=MzkzNDIzNDUxOQ==&mid=2247494502&idx=1&sn=7c132f29048506b59cb9ff3abec22f38", + "黑客利用 XWorm RAT 攻击“脚本小子”,感染了18,000 台设备": "https://mp.weixin.qq.com/s?__biz=MzkzNDIzNDUxOQ==&mid=2247494502&idx=2&sn=8d47c257885509ce00eef4bcb4c09ba4", + "K8S 日志查询中的命令注入": "https://mp.weixin.qq.com/s?__biz=MzkzNDIzNDUxOQ==&mid=2247494502&idx=3&sn=6a7f85ec2112691b2dbf7b7c1dcdfd47", + "加密货币平台 Phemex 疑似遭遇网络攻击,至少 6900 万美元被盗": "https://mp.weixin.qq.com/s?__biz=MzkzNDIzNDUxOQ==&mid=2247494502&idx=4&sn=08e9029e44c6d29a1ca03c2a18580d55", + "如何使用 Visual Studio 制作 Windows x86-64 Shellcode": "https://mp.weixin.qq.com/s?__biz=MzAxODM5ODQzNQ==&mid=2247486555&idx=1&sn=5047769a6043ea5a95f457da525b736d", + "《Java代码审计零基础入门到项目实战》强势来袭,手把手带你学会学好学明白!": "https://mp.weixin.qq.com/s?__biz=MzkwMzMwODg2Mw==&mid=2247510468&idx=1&sn=2ae06cf6770737f7e101b3a16bf48cd9", + "吾爱破解论坛微信红包封面(60000份)": "https://mp.weixin.qq.com/s?__biz=MjM5Mjc3MDM2Mw==&mid=2651141639&idx=1&sn=7306868d4e210299a761b09dfab68bec", + "工业网络安全周报-2025年第4期": "https://mp.weixin.qq.com/s?__biz=MzU3ODQ4NjA3Mg==&mid=2247564979&idx=1&sn=ac7d1cc6527b4ab6cfe838bd72ec338f", + "2024 年工控互联网态势": "https://mp.weixin.qq.com/s?__biz=MzkyMzE5ODExNQ==&mid=2247487629&idx=1&sn=f51d253054a3fe4b1f53af328973c7d9", + "2024-CISCN-长城杯-威胁检测与网络流量分析WP": "https://mp.weixin.qq.com/s?__biz=Mzg4NDg3NjE5MQ==&mid=2247485366&idx=1&sn=3ba5e8dbd1076a28202b5c13eb17f8a1", + "日本《人工智能业务指南》全文翻译": "https://mp.weixin.qq.com/s?__biz=MzIxODM0NDU4MQ==&mid=2247506124&idx=1&sn=a0d99658c9689597ec9d1e77f02a0b48", + "特朗普的“豪言壮语”与中亚的“夹缝求生”": "https://mp.weixin.qq.com/s?__biz=MzkwNzM0NzA5MA==&mid=2247504827&idx=1&sn=8fc0764ae8df89d1410d2698742021c2", + "英美强力支持HTS:一场地缘政治的“暗棋”": "https://mp.weixin.qq.com/s?__biz=MzkwNzM0NzA5MA==&mid=2247504827&idx=2&sn=163ae646fa6f29298070240c3434b308", + "印度的全球战略布局:多边关系的“棋局”与隐忧": "https://mp.weixin.qq.com/s?__biz=MzkwNzM0NzA5MA==&mid=2247504827&idx=3&sn=129948fb74cb521900993d4e8e40d403", + "安天AVL SDK反病毒引擎升级通告(20250125)": "https://mp.weixin.qq.com/s?__biz=MjM5MTA3Nzk4MQ==&mid=2650209879&idx=1&sn=f064cfa0b128912c0afa12a79319a1e7", + "邬贺铨院士展望未来10年:AI重塑互联网": "https://mp.weixin.qq.com/s?__biz=Mzg4MDU0NTQ4Mw==&mid=2247528860&idx=1&sn=97b5e988dbeead145081b25e2b41e3d8", + "2025 年将是统一网络安全的一年": "https://mp.weixin.qq.com/s?__biz=Mzg4MDU0NTQ4Mw==&mid=2247528860&idx=2&sn=9b9e1062d3000976628bbf98e78b2a2d", + "【一周安全资讯0125】工信部等十四部门联合印发《关于加强极端场景应急通信能力建设的意见》;TikTok在美暂时恢复运营": "https://mp.weixin.qq.com/s?__biz=MzIzMDQwMjg5NA==&mid=2247506579&idx=1&sn=fcac61536a135611032057e715235d00", + "2024春秋杯冬季赛PWN---WriteUp": "https://mp.weixin.qq.com/s?__biz=MzkxNTc1MzQyNw==&mid=2247488757&idx=1&sn=15ce2c806f874774fadc25d433fe73d8", + "中国人民银行业务领域网络安全事件报告管理办法(征求意见稿)": "https://mp.weixin.qq.com/s?__biz=MzA5MzU5MzQzMA==&mid=2652114228&idx=1&sn=837561c72e2392e4f82cb1518786750d", + "CCRC丨蛇年行大运,返现288!": "https://mp.weixin.qq.com/s?__biz=MzU4MjUxNjQ1Ng==&mid=2247521420&idx=1&sn=b826c081b9757b44d13604d6b1564f02", + "黑客高手暗中传播木马化的XWorm RAT,新手黑客应声沦陷": "https://mp.weixin.qq.com/s?__biz=MzkyMjQ5ODk5OA==&mid=2247507094&idx=1&sn=2ea5fcd0855066b82055aaf0687123d6", + "年度盘点丨2024年迪普科技科护航科教文卫行业数字化": "https://mp.weixin.qq.com/s?__biz=MzA4NzE5MzkzNA==&mid=2650370699&idx=1&sn=027d5ffb380e0c85b361ff87b89105d5", + ".NET 第 56 期红队武器库和资源汇总": "https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498450&idx=1&sn=0e544713a937f0cc0f8fe5662ece86f9", + ".NET 内网攻防实战电子报刊": "https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498450&idx=2&sn=a00f3f8ae2f091ade34fc645636c1188", + "文件痕迹清理,通过 Sharp4ModifyTime 修改任意文件时间戳": "https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498450&idx=3&sn=01dad887be82ec26ebc80e1de617c700" + }, + "Private Feed for M09Ic": { + "b1nhack forked b1nhack/rustaceanvim from mrcjkb/rustaceanvim": "https://github.com/b1nhack/rustaceanvim", + "phith0n starred maybe-finance/maybe": "https://github.com/maybe-finance/maybe", + "4ra1n released 4.3 at jar-analyzer/jar-analyzer": "https://github.com/jar-analyzer/jar-analyzer/releases/tag/4.3", + "safedv starred LOTTunnels/LOTTunnels.github.io": "https://github.com/LOTTunnels/LOTTunnels.github.io", + "spf13 starred zellij-org/zellij": "https://github.com/zellij-org/zellij", + "4ra1n released temurin-23.0.2 at jar-analyzer/workflow_jre": "https://github.com/jar-analyzer/workflow_jre/releases/tag/temurin-23.0.2", + "4ra1n released temurin-8u442 at jar-analyzer/workflow_jre": "https://github.com/jar-analyzer/workflow_jre/releases/tag/temurin-8u442", + "spf13 starred ryanoasis/nerd-fonts": "https://github.com/ryanoasis/nerd-fonts", + "zer0yu started following Kobzol": "https://github.com/Kobzol", + "zer0yu starred lightpanda-io/browser": "https://github.com/lightpanda-io/browser", + "zer0yu starred johnthagen/min-sized-rust": "https://github.com/johnthagen/min-sized-rust", + "zer0yu starred Automattic/harper": "https://github.com/Automattic/harper", + "zer0yu starred mtshiba/pylyzer": "https://github.com/mtshiba/pylyzer", + "safedv starred 0xNinjaCyclone/EarlyCascade": "https://github.com/0xNinjaCyclone/EarlyCascade", + "zer0yu starred Clouditera/SecGPT": "https://github.com/Clouditera/SecGPT", + "zer0yu starred DLLXW/baby-llama2-chinese": "https://github.com/DLLXW/baby-llama2-chinese", + "zer0yu started following jiayuqi7813": "https://github.com/jiayuqi7813", + "zer0yu starred opengrep/opengrep": "https://github.com/opengrep/opengrep", + "zer0yu starred jiayuqi7813/Stegsolve-rs": "https://github.com/jiayuqi7813/Stegsolve-rs", + "h3zh1 pushed to dev in chainreactors/malice-network": "https://github.com/chainreactors/malice-network/compare/93f5d17f61...8482799871" + }, + "Security Boulevard": { + "Ensuring Data Safety with Comprehensive NHIDR": "https://securityboulevard.com/2025/01/ensuring-data-safety-with-comprehensive-nhidr/", + "Building Trust with Effective IAM Solutions": "https://securityboulevard.com/2025/01/building-trust-with-effective-iam-solutions/", + "Empower Your DevOps with Robust Secrets Security": "https://securityboulevard.com/2025/01/empower-your-devops-with-robust-secrets-security/", + "DEF CON 32 – Access Control Done Right The First Time": "https://securityboulevard.com/2025/01/def-con-32-access-control-done-right-the-first-time/", + "The Cybersecurity Vault Podcast 2024 Recap": "https://securityboulevard.com/2025/01/the-cybersecurity-vault-podcast-2024-recap/" + }, + "CXSECURITY Database RSS Feed - CXSecurity.com": { + "Iranian Cyber Police \"FATA.GOV.IR\" has an SQL Injection vulnerability": "https://cxsecurity.com/issue/WLB-2025010025" + }, + "一个被知识诅咒的人": { + "【人工智能】深入探讨Python在语义角色标注(SRL)中的应用": "https://blog.csdn.net/nokiaguy/article/details/145356157", + "【人工智能】Python中的知识图谱构建与应用": "https://blog.csdn.net/nokiaguy/article/details/145356145" + }, + "Recent Commits to cve:main": { + "Update Sat Jan 25 20:23:12 UTC 2025": "https://github.com/trickest/cve/commit/2fe8c0886616ef6cb2eb518d616cf2e8a8275463", + "Update Sat Jan 25 12:20:50 UTC 2025": "https://github.com/trickest/cve/commit/8a400a4ed71036fc7a505dd4115318f6a3d6ce52", + "Update Sat Jan 25 04:28:24 UTC 2025": "https://github.com/trickest/cve/commit/e50b33f96c53094e433d46411195d0a8d0241a40" + }, + "SecWiki News": { + "SecWiki News 2025-01-25 Review": "http://www.sec-wiki.com/?2025-01-25" + }, + "Hacking Dream": { + "Android APK Penetration Testing Cheatsheet & Guide": "https://www.hackingdream.net/2025/01/android-apk-penetration-testing-cheatsheet-guide.html" + }, + "Twitter @bytehx": { + "RT Mikhail Shcherbakov: Re @gregxsunday If you want to hear cool BB stories about how I used these gadgets, check out the #DEFCON talk https://youtu.b...": "https://x.com/bytehx343/status/1883229123541454988", + "Re @princechaddha @bryan_johnson Let me know how was it. I have been thinking about trying his protocol.": "https://x.com/bytehx343/status/1883188435189703088", + "Re @roohaa_n @Bugcrowd Congrats 🎉🎉🎉": "https://x.com/bytehx343/status/1883179123394453658", + "Hey Folks! 🚀🔥 Jsleak new version is out! If you're using #jsleak, make sure to update to the latest release, and we now support regex patterns f...": "https://x.com/bytehx343/status/1883070558415589847", + "Re @theabrahack Looks interesting. Thank you for sharing!": "https://x.com/bytehx343/status/1883057186068476010" + }, + "Hexacorn": { + "Being a tool while using a tool": "https://www.hexacorn.com/blog/2025/01/25/being-a-tool-while-using-a-tool/" + }, + "Reverse Engineering": { + "The invalid 68030 instruction that accidentally allowed the Mac Classic II to successfully boot up": "https://www.reddit.com/r/ReverseEngineering/comments/1i9uurg/the_invalid_68030_instruction_that_accidentally/", + "From arbitrary pointer dereference to arbitrary read/write in latest Windows 11": "https://www.reddit.com/r/ReverseEngineering/comments/1i9vikr/from_arbitrary_pointer_dereference_to_arbitrary/", + "Writing a NES emulator": "https://www.reddit.com/r/ReverseEngineering/comments/1i9jont/writing_a_nes_emulator/" + }, + "安全牛": { + "ChatGPT又全球大面积宕机,AI助手暂时”失联”;斯巴鲁系统漏洞曝光,数百万车辆面临远程解锁并启动风险 | 牛览": "https://www.aqniu.com/homenews/108166.html", + "《智能化安全运营中心应用指南(2025年)》报告暨代表性厂商评估调研启动": "https://www.aqniu.com/homenews/108165.html" + }, + "黑海洋 - IT技术知识库": { + "免费照片转视频 AI 生成器:PhotoToVideo": "https://blog.upx8.com/4679" + }, + "奇客Solidot–传递最新科技情报": { + "大英博物馆遭前 IT 雇员攻击而部分关闭": "https://www.solidot.org/story?sid=80424", + "巴基斯坦议会通过法案全面控制社交媒体": "https://www.solidot.org/story?sid=80423", + "AI 犯的错误和人类不同": "https://www.solidot.org/story?sid=80422", + "数百超级富豪呼吁对其征收更高的税": "https://www.solidot.org/story?sid=80421", + "Linux 6.14 加入对微软 Copilot 按键的支持": "https://www.solidot.org/story?sid=80420" + }, + "安全内参": { + "厚雪翻长坡,平淡不平凡:2024年网安产业发展态势剖析及2025年趋势展望": "https://mp.weixin.qq.com/s?__biz=MzI4NDY2MDMwMw==&mid=2247513601&idx=1&sn=2c2baa4754e797d7e551214681e8f8c1&chksm=ebfaf121dc8d7837a7b63f349fe6d024b4c21ab2af52b9a47e85120eaef5193e6dc7a1a6fc1c&scene=58&subscene=0#rd" + }, + "天御攻防实验室": { + "从Pegasus到Predator:iOS商业间谍软件的演进": "https://mp.weixin.qq.com/s?__biz=MzU0MzgyMzM2Nw==&mid=2247486250&idx=1&sn=daa031ff26b9773e0177492de181ba56&chksm=fb04c842cc7341547e24e5d3ef245e093b4f4fd5e1a07df102c384f7ea5aa4c1bee9213ba60f&scene=58&subscene=0#rd" + }, + "丁爸 情报分析师的工具箱": { + "【资讯】特朗普签署行政命令取消拜登人工智能政策:美国政策的“朝令夕改”": "https://mp.weixin.qq.com/s?__biz=MzI2MTE0NTE3Mw==&mid=2651148689&idx=1&sn=0707627dd1c290fd861d390ad8100390&chksm=f1af26abc6d8afbd7427e0c3da7a4c6d21a3130ad8f4d9de782945434e589c4b81ab5df3776e&scene=58&subscene=0#rd" + }, + "dotNet安全矩阵": { + ".NET 第 56 期红队武器库和资源汇总": "https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498450&idx=1&sn=0e544713a937f0cc0f8fe5662ece86f9&chksm=fa59543fcd2edd2963e30663b8bbe96e77d53d5e2c4f7031b50fe952aba8d1f577cada65c675&scene=58&subscene=0#rd", + ".NET 内网攻防实战电子报刊": "https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498450&idx=2&sn=a00f3f8ae2f091ade34fc645636c1188&chksm=fa59543fcd2edd296a6821e4424d0c5605ae82829d456ecb55237c603906088a99f4d65bb1ae&scene=58&subscene=0#rd", + "文件痕迹清理,通过 Sharp4ModifyTime 修改任意文件时间戳": "https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498450&idx=3&sn=01dad887be82ec26ebc80e1de617c700&chksm=fa59543fcd2edd29d00dc462ff4f7e26830de7ead97b9becc8fa24cd995af578294d491b48ed&scene=58&subscene=0#rd" + }, + "吾爱破解论坛": { + "吾爱破解论坛微信红包封面(60000份)": "https://mp.weixin.qq.com/s?__biz=MjM5Mjc3MDM2Mw==&mid=2651141639&idx=1&sn=7306868d4e210299a761b09dfab68bec&chksm=bd50a6538a272f45be2fde65658c162491d6a14b55e06c11bfc97ec7b9ccb3165d8cb4084ee3&scene=58&subscene=0#rd" + }, + "威胁棱镜": { + "2024 年工控互联网态势": "https://mp.weixin.qq.com/s?__biz=MzkyMzE5ODExNQ==&mid=2247487629&idx=1&sn=f51d253054a3fe4b1f53af328973c7d9&chksm=c1e9e741f69e6e57778dac4aa1429e2857f7d211469e5f5239be9ab8b07cd327bfa6217e1bd2&scene=58&subscene=0#rd" + }, + "看雪学苑": { + "DEC/RPC协议与Windows服务创建浅析(银狐原始进程隐匿方式之一)": "https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458589259&idx=1&sn=2076280e4c58e4cd0d718047946ebe83&chksm=b18c28c186fba1d72857bb2f9ecd1cf60756243ffde6306a22d046402d7ef801dfff28547af8&scene=58&subscene=0#rd", + "别错过!“系统0day安全”课程,带你精通漏洞挖掘技巧": "https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458589259&idx=2&sn=4356dec55931f1257ae44561ca3f0d3e&chksm=b18c28c186fba1d7bf12649f11f2f5078f554a99f2e3c5db93d10a68151651e9d90c81e7753d&scene=58&subscene=0#rd" + }, + "安全圈": { + "【安全圈】2000余名网红遭信息“开盒” 嫌疑人获利几十万元": "https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067606&idx=1&sn=06c7d132a1649380a5b7629742f5d3f7&chksm=f36e7b56c419f240368726c211c69ba2369aa718ee5183ec43c60390b8e84702917b3a31a610&scene=58&subscene=0#rd", + "【安全圈】微软 Win10 / Win11 新威胁:RID 劫持可提权至管理员控制你的 PC": "https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067606&idx=2&sn=efa053f9e1755bb17193b5a5868fb8ce&chksm=f36e7b56c419f24014b67943f6766ea3ab7b908882f20b4e0af01106172c63290014f9c24682&scene=58&subscene=0#rd", + "【安全圈】新的 Cleo 零日 RCE 漏洞在数据盗窃攻击中被利用": "https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067606&idx=3&sn=6473d53d9a207bfac9888ca3a543bbf8&chksm=f36e7b56c419f2407633ba9229c8cb14a4e4458baf67e78d79310f03423449e922b703042bec&scene=58&subscene=0#rd", + "【安全圈】新的 UEFI 安全启动漏洞使系统暴露于 bootkit": "https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067606&idx=4&sn=e8ae1a9dfb9fb649575b0d8a5414a82d&chksm=f36e7b56c419f24087b4c41685f0be88aab339021ceb93dffd537c9df34d2812ec3232317caa&scene=58&subscene=0#rd" + }, + "情报分析师": { + "事关Stargate项目,说点你不知道的内幕!": "https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650559242&idx=1&sn=65609027c9fddad943535044bcb06811&chksm=87117d41b066f4575f3b8fc3d3971f7eef784642475a4d33595a6dde9f13f7df0b0f8eda197d&scene=58&subscene=0#rd", + "“懂王”重出江湖:前100日计划剖析(2万字资料附下载)": "https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650559242&idx=2&sn=812122521348cdc4a1414ee0000a67b8&chksm=87117d41b066f45792e59919c059261ad0157fb18bbb2f1dcbd0685ff898acd35c6c3bce395a&scene=58&subscene=0#rd" + }, + "极客公园": { + "智能泊车事故公开,小米汽车召回 3 万台 SU7;字节 2026 年停发春节红包;《权游》作者发表物理学论文 | 极客早知道": "https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653072822&idx=1&sn=7c6ca6a38c34759561d422054250e57c&chksm=7e57d00049205916e8025fe1d9be04063c7ebe7460a277127ae61e7b3bc947b7c86c8213b39b&scene=58&subscene=0#rd" + }, + "谛听ditecting": { + "谛听|“谛听”团队参加2021年国家重点研发计划“智能网联场景工业控制系统深度防御与安全处置技术”项目 课题综合绩效评价会议": "https://mp.weixin.qq.com/s?__biz=MzU3MzQyOTU0Nw==&mid=2247492392&idx=1&sn=4457e5fc8b2fcca5ba76cd80c2dc9145&chksm=fcc3616ccbb4e87a6a1a1e47120e8d944a7ec9e8fc569022e103b6ea15590c421f76df8c4efe&scene=58&subscene=0#rd" + }, + "字节跳动技术团队": { + "揭秘字节跳动内部流量调度与容灾实践【上】": "https://mp.weixin.qq.com/s?__biz=MzI1MzYzMjE0MQ==&mid=2247512958&idx=1&sn=82401f525cc5fdd2b7eb9cf210f60c24&chksm=e9d3789cdea4f18a5d9a1aa5141e78c28fbccd9c7a52068f7bf17d53a3d814b9c86346822bc4&scene=58&subscene=0#rd" + }, + "网安国际": { + "【InForSec 2025年会青年学者论坛回顾】冀晓宇:从传感器安全到“传感器 +X”安全": "https://mp.weixin.qq.com/s?__biz=MzA4ODYzMjU0NQ==&mid=2652317459&idx=1&sn=4c4bfe832913a3872ec09ee631b9274b&chksm=8bc4ba9dbcb3338b2ba37bf54bb919e54ede95f3031151621def31622b349399445cd80439ba&scene=58&subscene=0#rd", + "【InForSec 2025年会青年学者论坛回顾】白家驹:操作系统的自动化缺陷检测": "https://mp.weixin.qq.com/s?__biz=MzA4ODYzMjU0NQ==&mid=2652317459&idx=2&sn=d42e0048046537509a0b9169907c9801&chksm=8bc4ba9dbcb3338bb5fe7bf9d6330213b86264fd3eb919b2106dc45e7b8604701d521d420b2c&scene=58&subscene=0#rd", + "【InForSec 2025年会青年学者论坛回顾】闫琛:传感器电磁安全与隐私问题研究": "https://mp.weixin.qq.com/s?__biz=MzA4ODYzMjU0NQ==&mid=2652317459&idx=3&sn=619b1c123e6a6165f24ed57ff9fd391a&chksm=8bc4ba9dbcb3338be3560720a31ce43398b3a8d91b3ec3a5799d4b4bb554133d8311c80ece9b&scene=58&subscene=0#rd", + "【InForSec 2025年会青年学者论坛回顾】刁文瑞:移动生态安全探索:从系统漏洞到大规模测量": "https://mp.weixin.qq.com/s?__biz=MzA4ODYzMjU0NQ==&mid=2652317459&idx=4&sn=0d016310221e528e230f05da6f3b14de&chksm=8bc4ba9dbcb3338bf92e55b964a1f76fb01b91c88ad08ce7333778b972524fd5800ec0f17f97&scene=58&subscene=0#rd", + "【InForSec 2025年会青年学者论坛回顾】南雨宏:程序分析视角下的敏感数据管控:从移动应用到智能合约": "https://mp.weixin.qq.com/s?__biz=MzA4ODYzMjU0NQ==&mid=2652317459&idx=5&sn=c5a7798acca47b172a583897d568c7ef&chksm=8bc4ba9dbcb3338b4d1e431047955603c86d16b56379b9128a3bd4e7e51ffa80abd0a2267c1a&scene=58&subscene=0#rd", + "【InForSec 2025年会青年学者论坛回顾】范铭:移动应用个人信息保护场景下的合规验证探索与思考": "https://mp.weixin.qq.com/s?__biz=MzA4ODYzMjU0NQ==&mid=2652317459&idx=6&sn=7be8c4556e1d37b0d94079969cbb7958&chksm=8bc4ba9dbcb3338b183ae58f4c267e03ed34bc27f99c79eed93410d6912f0ba4263a1ff60705&scene=58&subscene=0#rd", + "【InForSec 2025年会青年学者论坛回顾】申文博:从AI框架到xPU硬件:智能系统安全研究": "https://mp.weixin.qq.com/s?__biz=MzA4ODYzMjU0NQ==&mid=2652317459&idx=7&sn=044afe640aa525a285b3dcc87f2a146d&chksm=8bc4ba9dbcb3338bf773348e0df5e157b01dbc90732f0b032ca10812f22f1e407bcc1daf7d01&scene=58&subscene=0#rd" + }, + "迪哥讲事": { + "记一次细得不行的账户权限提升": "https://mp.weixin.qq.com/s?__biz=MzIzMTIzNTM0MA==&mid=2247496946&idx=1&sn=fd344274014da8f4d5f0705d21c1080a&chksm=e8a5fe91dfd2778741884d78e29eb70766ca43d4b3f53f3f268483de8e8639bd61ed87b93e03&scene=58&subscene=0#rd" + }, + "Over Security - Cybersecurity news aggregator": { + "TalkTalk investigates breach after data for sale on hacking forum": "https://www.bleepingcomputer.com/news/security/talktalk-investigates-breach-after-data-for-sale-on-hacking-forum/", + "January 2025 Zero-Day Threat Intelligence": "https://pixmsecurity.com/blog/blog/january-2025-zero-day-threat-intelligence/", + "PayPal to pay $2 million settlement over 2022 data breach": "https://www.bleepingcomputer.com/news/security/paypal-to-pay-2-million-settlement-over-2022-data-breach/", + "Cyber diplomacy funding halted as US issues broad freeze on foreign aid": "https://therecord.media/cyber-diplomacy-funding-halted-freeze-on-foreign-aid", + "Come utilizzo Patreon": "https://roccosicilia.com/2025/01/25/come-utilizzo-patreon/", + "Guerre di Rete - Ulbricht, come si è arrivati alla liberazione del fondatore di Silk Road": "https://guerredirete.substack.com/p/guerre-di-rete-ulbricht-come-si-e", + "UnitedHealth updates number of data breach victims to 190 million": "https://therecord.media/unitedhealth-updates-change-healthcare-data-breach-190-million" + }, + "TorrentFreak": { + "Manga Publishers Maintain Pressure Despite Pirate Countermeasures": "https://torrentfreak.com/manga-publishers-maintain-pressure-despite-pirate-countermeasures-250125/" + }, + "洞源实验室": { + "网络安全的红利还能吃几年?": "https://mp.weixin.qq.com/s?__biz=Mzg4Nzk3MTg3MA==&mid=2247487709&idx=1&sn=cbd8920e80714a50eed133a0b2ee35d3&chksm=cf8319acf8f490badfb3044c077c80d304fb30e2a194e21a3e35d10d71716ab36c5fef0593f7&scene=58&subscene=0#rd" + }, + "The Register - Security": { + "Someone is slipping a hidden backdoor into Juniper routers across the globe, activated by a magic packet": "https://go.theregister.com/feed/www.theregister.com/2025/01/25/mysterious_backdoor_juniper_routers/", + "UK telco TalkTalk confirms probe into alleged data grab underway": "https://go.theregister.com/feed/www.theregister.com/2025/01/25/uk_telco_talktalk_confirms_investigation/" + }, + "Troy Hunt's Blog": { + "Weekly Update 436": "https://www.troyhunt.com/weekly-update-436/" + }, + "Security Affairs": { + "Subaru Starlink flaw allowed experts to remotely hack cars": "https://securityaffairs.com/173434/security/subaru-starlink-vulnerability-remote-attacks.html", + "Participants in the Pwn2Own Automotive 2025 earned $886,250": "https://securityaffairs.com/173426/breaking-news/pwn2own-automotive-2025-final-results.html" + }, + "Your Open Hacker Community": { + "Recommendation for video where someone does a beginner level box/ctf blind?": "https://www.reddit.com/r/HowToHack/comments/1i9t80h/recommendation_for_video_where_someone_does_a/", + "What's the most interesting exploit you've ever read about or seen?": "https://www.reddit.com/r/HowToHack/comments/1i9zodo/whats_the_most_interesting_exploit_youve_ever/", + "Some good python book for hacking?": "https://www.reddit.com/r/HowToHack/comments/1i9g9l4/some_good_python_book_for_hacking/", + "Nice book to learn how find 0day vuln in systems": "https://www.reddit.com/r/HowToHack/comments/1i9xyel/nice_book_to_learn_how_find_0day_vuln_in_systems/", + "I need help asap.": "https://www.reddit.com/r/HowToHack/comments/1ia01zc/i_need_help_asap/", + "Need help with HashCat and salted hashes": "https://www.reddit.com/r/HowToHack/comments/1i9hk2y/need_help_with_hashcat_and_salted_hashes/", + "How to extract readable data from .y3k files?": "https://www.reddit.com/r/HowToHack/comments/1i9ge7v/how_to_extract_readable_data_from_y3k_files/", + "How to overcome angular framework?": "https://www.reddit.com/r/HowToHack/comments/1i9g6w5/how_to_overcome_angular_framework/", + "Should I use TryHackMe to learn": "https://www.reddit.com/r/HowToHack/comments/1i9a783/should_i_use_tryhackme_to_learn/", + "How to handle ngrok dynamic tcp tunnels for android/meterpreter/reverse_tcp apk ?": "https://www.reddit.com/r/HowToHack/comments/1i9dr3s/how_to_handle_ngrok_dynamic_tcp_tunnels_for/", + "I dont trust at all my gf": "https://www.reddit.com/r/HowToHack/comments/1i9os7f/i_dont_trust_at_all_my_gf/", + "Need basic knowledge": "https://www.reddit.com/r/HowToHack/comments/1i9fbje/need_basic_knowledge/" + }, + "Computer Forensics": { + "Digital ForensicsQuestions": "https://www.reddit.com/r/computerforensics/comments/1i9icjv/digital_forensicsquestions/", + "Cyber Forensics / Investigation": "https://www.reddit.com/r/computerforensics/comments/1i9dljz/cyber_forensics_investigation/" + }, + "Social Engineering": { + "Learn more about someone before doing business": "https://www.reddit.com/r/SocialEngineering/comments/1i9j9i5/learn_more_about_someone_before_doing_business/" + }, + "Deeplinks": { + "EFF to Michigan Supreme Court: Cell Phone Search Warrants Must Strictly Follow The Fourth Amendment’s Particularity and Probable Cause Requirements": "https://www.eff.org/deeplinks/2025/01/eff-michigan-supreme-court-cell-phone-search-warrants-must-strictly-follow-fourth" + }, + "Hacking Exposed Computer Forensics Blog": { + "Daily Blog #728: Test Kitchen with Cursor": "https://www.hecfblog.com/2025/01/daily-blog-728-test-kitchen-with-cursor.html" + }, + "网安寻路人": { + "日本《人工智能业务指南》全文翻译": "https://mp.weixin.qq.com/s?__biz=MzIxODM0NDU4MQ==&mid=2247506124&idx=1&sn=a0d99658c9689597ec9d1e77f02a0b48&chksm=97e96526a09eec30af4b40c753f3202737f20aee9db771f6a3b490a2e7655945b7efc6cec77f&scene=58&subscene=0#rd" + } +} \ No newline at end of file diff --git a/today.md b/today.md index 87b53da634..ab559dbbf3 100644 --- a/today.md +++ b/today.md @@ -1,431 +1,293 @@ -# 每日安全资讯(2025-01-25) +# 每日安全资讯(2025-01-26) -- SecWiki News - - [ ] [SecWiki News 2025-01-24 Review](http://www.sec-wiki.com/?2025-01-24) -- paper - Last paper - - [ ] [基于人工智能/机器学习的 IPv6 网络中隐秘通信的检测与分类](https://paper.seebug.org/3271/) -- Armin Ronacher's Thoughts and Writings - - [ ] [Build It Yourself](http://lucumr.pocoo.org/2025/1/24/build-it-yourself) -- 奇安信攻防社区 - - [ ] [借壳上线之Patch PE文件](https://forum.butian.net/share/4085) - - [ ] [间接提示注入攻击全面测评](https://forum.butian.net/share/4074) -- 安全客-有思想的安全新媒体 - - [ ] [年度盘点:AI+安全双重赋能,360解锁企业浏览器新动力](https://www.anquanke.com/post/id/303791) - - [ ] [IntelBroker 的数字足迹: OSINT 分析揭露网络犯罪分子的行动](https://www.anquanke.com/post/id/303788) - - [ ] [7-Zip 修复了可绕过 Windows MoTW 安全警告的错误,立即修补](https://www.anquanke.com/post/id/303776) - - [ ] [Microsoft 在 Edge Stable 中预览 Game Assist 游戏内浏览器](https://www.anquanke.com/post/id/303773) - - [ ] [ModiLoader 恶意软件利用 CAB 标头批处理文件逃避检测](https://www.anquanke.com/post/id/303770) - - [ ] [Meta 的广告系统被俄罗斯宣传网络利用](https://www.anquanke.com/post/id/303767) - - [ ] [13,000 台 MikroTik 路由器被僵尸网络劫持,用于发送垃圾邮件和网络攻击](https://www.anquanke.com/post/id/303785) - - [ ] [DLL 副加载和代理: 向德国目标发送 Sliver 植入程序的新活动](https://www.anquanke.com/post/id/303764) - - [ ] [Consilio Guided AI PrivDetect 缩短了权限审查时间](https://www.anquanke.com/post/id/303782) - - [ ] [勒索软件团伙在 Microsoft Teams 网络钓鱼攻击中冒充 IT 支持](https://www.anquanke.com/post/id/303779) -- Tenable Blog - - [ ] [Cybersecurity Snapshot: WEF Offers AI Security Best Practices, as DORA Regulation Places Strict Cyber Rules on Banks](https://www.tenable.com/blog/ai-security-best-practices-01-24-2025) -- Private Feed for M09Ic - - [ ] [safedv starred sadreck/Codecepticon](https://github.com/sadreck/Codecepticon) - - [ ] [timwhitez starred decoder-it/ChgPass](https://github.com/decoder-it/ChgPass) - - [ ] [evilashz starred decoder-it/ChgPass](https://github.com/decoder-it/ChgPass) - - [ ] [niudaii starred 0x727/ChkApi_0x727](https://github.com/0x727/ChkApi_0x727) - - [ ] [gh0stkey starred seaung/pocsuite-rs](https://github.com/seaung/pocsuite-rs) - - [ ] [nightRainy starred ynwarcs/CVE-2025-21298](https://github.com/ynwarcs/CVE-2025-21298) - - [ ] [0xbug starred google/osv-scanner](https://github.com/google/osv-scanner) - - [ ] [yqcs forked yqcs/bolt.diy from stackblitz-labs/bolt.diy](https://github.com/yqcs/bolt.diy) - - [ ] [niudaii starred leveryd/x-waf](https://github.com/leveryd/x-waf) - - [ ] [spf13 starred theJayTea/WritingTools](https://github.com/theJayTea/WritingTools) - Doonsec's feed - - [ ] [秦安:拜登走了,完败于芯片,留下两场战争,还有耻辱与灾难](https://mp.weixin.qq.com/s?__biz=MzA5MDg1MDUyMA==&mid=2650476311&idx=1&sn=119884be68a469d54443b401908afe95) - - [ ] [秦安:大消息!人民银行与证监会,座谈“3000+5000”亿资金入市](https://mp.weixin.qq.com/s?__biz=MzA5MDg1MDUyMA==&mid=2650476311&idx=2&sn=be8a2ff973ede5b074e70dc11899c350) - - [ ] [上新日 | 口碑佳作上架!沉浸式翻译:双语对照网页翻译插件](https://mp.weixin.qq.com/s?__biz=MzI2MjcwMTgwOQ==&mid=2247492181&idx=1&sn=dc5a84bd0c1009bdda94f07507392b36) - - [ ] [红队视角:揭秘内网提权的技术迷宫](https://mp.weixin.qq.com/s?__biz=MzkzNzg3NzQxMQ==&mid=2247485714&idx=1&sn=6a7ab0722e0c0f69ce8906539f544066) - - [ ] [pikachu - Cross-Site Scripting(XSS)](https://mp.weixin.qq.com/s?__biz=Mzk1NzI2NDQyMw==&mid=2247484517&idx=1&sn=240276352d671fc67e03d7ccdecf2862) - - [ ] [7-Zip高危漏洞曝光](https://mp.weixin.qq.com/s?__biz=MzU2MTc4NTEyNw==&mid=2247486441&idx=1&sn=4531aade32e795be54933b9d3a690c03) - - [ ] [『漏洞复现』XXL-JOB 默认 accessToken 身份绕过 RCE 漏洞分析及复现](https://mp.weixin.qq.com/s?__biz=Mzg3OTUxNTU2NQ==&mid=2247490019&idx=1&sn=8b0ca8a5667607692018751b2e0db53a) - - [ ] [图形化-Windiows日志分析工具](https://mp.weixin.qq.com/s?__biz=Mzg3OTUxNTU2NQ==&mid=2247490019&idx=2&sn=f204d355574f503af0ff0d6b11878996) - - [ ] [技战法:巧用黑客攻击手法,被动积累技能](https://mp.weixin.qq.com/s?__biz=Mzg3OTUxNTU2NQ==&mid=2247490019&idx=3&sn=d1ade97995d489eec4760ec06058a2e0) - - [ ] [文科应届生转行计算机的一年](https://mp.weixin.qq.com/s?__biz=Mzg4NTg0MjMzNQ==&mid=2247484202&idx=1&sn=91076a3a9a8de9de842344942c19a373) - - [ ] [黑客攻防演练!!揭秘Sync Breeze缓冲溢出漏洞利用全过程!?](https://mp.weixin.qq.com/s?__biz=Mzk2NDE3NDUwNg==&mid=2247483890&idx=1&sn=00d4c726f5ef79a6a64b08e5c3bf5cca) - - [ ] [一文看懂川普最新政策动向](https://mp.weixin.qq.com/s?__biz=MzkxMTA3MDk3NA==&mid=2247487089&idx=1&sn=f20b24974cce9ecc0b92a98268385c76) - - [ ] [专题·人工智能安全治理 | 关于《人工智能安全治理框架》的解读与思考](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485456&idx=1&sn=f12cda55ab644a5227ada312bb79a62f) - - [ ] [【干货原创】实网攻防演习常态化,会带来什么变化01](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485456&idx=4&sn=9936a954d36b83982d8a01b800f5a884) - - [ ] [【干货原创】K12教育,鲜为人知的模式秘密](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485456&idx=5&sn=101312cecc9a495c7856503d86123187) - - [ ] [原创文章目录](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485456&idx=6&sn=416cca1469398aca13072a80a0f5c129) - - [ ] [缓冲区溢出学习及漏洞复现](https://mp.weixin.qq.com/s?__biz=Mzk1NzQwNjQ4Ng==&mid=2247484665&idx=1&sn=55ab331218ce3316953848bc8a134e19) - - [ ] [对抗小技巧:利用阿里云OSS做域前置](https://mp.weixin.qq.com/s?__biz=MzAxNzkyOTgxMw==&mid=2247493833&idx=1&sn=23a0220224aafdc3ab796f3cd5d0ff2b) - - [ ] [一岁一逢,年度献礼 · 一图看懂2024年全球DDoS攻击态势](https://mp.weixin.qq.com/s?__biz=MzAwODU5NzYxOA==&mid=2247505829&idx=1&sn=4d7addf765ddfaf78ec11b722e8f815f) - - [ ] [山石入选车联网产品安全漏洞专业库CAVD支撑单位](https://mp.weixin.qq.com/s?__biz=MzUzMDUxNTE1Mw==&mid=2247510279&idx=1&sn=06f1e42da19ca8f8da9668d9ed2ee6e4) - - [ ] [YongYouNcTool-一款高效利用用友NC系列漏洞检测利用工具](https://mp.weixin.qq.com/s?__biz=MzkzNzg4MTI0NQ==&mid=2247485426&idx=1&sn=4b2b9a4778352c4a0791090d92cff7cc) - - [ ] [春节 | 蛇年大吉,中泊研为您安全护航!](https://mp.weixin.qq.com/s?__biz=Mzg2NDc0MjUxMw==&mid=2247486072&idx=1&sn=2e79f7cd0c0fbc06d900089a529b1663) - - [ ] [通用漏洞挖掘技巧](https://mp.weixin.qq.com/s?__biz=MzIzMTIzNTM0MA==&mid=2247496940&idx=1&sn=a33f04e5fdb7818531eeda42ebf4b6e7) - - [ ] [知名企业遭「偷家」,攻击面管理势在必行](https://mp.weixin.qq.com/s?__biz=Mzg2NTk3NjczNQ==&mid=2247485619&idx=1&sn=378c053caf062e36f6d9c093a1e574dc) - - [ ] [黑客、“内鬼”……2024年近千人涉侵害企业数据安全犯罪被检察机关起诉!](https://mp.weixin.qq.com/s?__biz=MzU2MTQwMzMxNA==&mid=2247541454&idx=1&sn=41f75791ee9265270755e2cede71b671) - - [ ] [共研发展路径,平行切面联盟第一届理事会第三次会议召开](https://mp.weixin.qq.com/s?__biz=MzU5ODgzNTExOQ==&mid=2247635673&idx=1&sn=62b8bf30eb4df9ed99e5952408daf3c7) - - [ ] [诸子云|甲方 :DLP遇到大模型软件,如何看待美国司法部发布的行政命令?](https://mp.weixin.qq.com/s?__biz=MzU5ODgzNTExOQ==&mid=2247635673&idx=2&sn=8efa180e659fee80150075eca38e5f0e) - - [ ] [【智库报告】生物力量:确保美国在生物技术领域的领导地位](https://mp.weixin.qq.com/s?__biz=MzI2MTE0NTE3Mw==&mid=2651148676&idx=1&sn=1f06118ca29bead7275e53e21449c3d5) - - [ ] [默安科技2024:既然选择远方 就会风雨兼程(文末赠好礼)](https://mp.weixin.qq.com/s?__biz=MzIzODQxMjM2NQ==&mid=2247500311&idx=1&sn=71f5bc1eb780b0762b766affc6bd68f6) - - [ ] [一款专为红队恶意软件开发而设计的自动化分析沙箱](https://mp.weixin.qq.com/s?__biz=MzA4ODEyODA3MQ==&mid=2247490149&idx=1&sn=70a813d7a8848bc8648dd1aac1f118eb) - - [ ] [LLM的“万能钥匙”](https://mp.weixin.qq.com/s?__biz=MzkzNjczNzEyMw==&mid=2247484110&idx=1&sn=c5759fe1f71dfc0f9ee76811361e1366) - - [ ] [专题·人工智能安全治理 | 《人工智能安全治理框架》为人工智能安全发展提供重要指引](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235681&idx=1&sn=530f8234ebb092aa1a91e0c76012ae79) - - [ ] [发布 | 国家数据局就《数据领域常用名词解释(第二批)》公开征求意见(附全文)](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235681&idx=2&sn=bf11efc7a9b860fb9b20b141baa90341) - - [ ] [专家解读 | 构建高素质人才队伍,助力数据标注产业发展](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235681&idx=3&sn=a3cb25195824a0af1ff71d0489c3fffc) - - [ ] [关注 | 检察机关依法惩治侵害企业数据安全犯罪 服务保障企业创新发展](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235681&idx=4&sn=42732fbe26b1fac5bc322a9e33b0b28a) - - [ ] [解读 | 市场监管总局发布《网络交易执法协查暂行办法》 建立健全网络交易执法协查机制提升监管效能](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235681&idx=5&sn=5c63e275dc2b4b4f5dc92f28bbbf9bd5) - - [ ] [发布 | 中国信通院联合发布《数据治理研究报告(2024年)》(附下载)](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235681&idx=6&sn=acbcf59882875e4e743a79a6a0213aff) - - [ ] [国际 | 域外个人生物识别信息保护模式考察](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235681&idx=7&sn=a87473518e84e1b51f4fbc4906a29861) - - [ ] [评论 | 让网络交易执法协作更规范有序](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235681&idx=8&sn=2f11ec80a6ee5f872457f929a062a55f) - - [ ] [【2025-01-24】黑客新闻摘要](https://mp.weixin.qq.com/s?__biz=MzIzNDU5NTI4OQ==&mid=2247488355&idx=1&sn=ab928aff89673696e834f4dc18b7de2c) - - [ ] [深度解读:特朗普新签数十项行政命令 将产生哪些影响?](https://mp.weixin.qq.com/s?__biz=Mzg3MDczNjcyNA==&mid=2247488936&idx=1&sn=4d76e5c799b12293df6e886eeba72957) - - [ ] [3.6万亿!特朗普搞史上投资规模最大AI投资 剑指中国](https://mp.weixin.qq.com/s?__biz=Mzg3MDczNjcyNA==&mid=2247488936&idx=2&sn=266b328c867d28358b3ad08d0c0db044) - - [ ] [phpMyAdmin 触发 XSS 攻击的安全漏洞](https://mp.weixin.qq.com/s?__biz=MzI0NzE4ODk1Mw==&mid=2652094694&idx=1&sn=4585dbd6a2385bcc0d9f83cd29f7b622) - - [ ] [勒索病毒攻击 VMware ESXi 主机](https://mp.weixin.qq.com/s?__biz=MzI0NzE4ODk1Mw==&mid=2652094694&idx=2&sn=7325225efeb09b588a9ccc838efc3329) - - [ ] [金蛇献瑞|筑梦前行|思维世纪2024年度总结及表彰大会圆满完成!](https://mp.weixin.qq.com/s?__biz=MjM5ODE4OTYzNw==&mid=2649563787&idx=1&sn=b7874fb0a3bb408ce2437d83d89462bb) - - [ ] [加速安全设计——是时候采用TARA自动化技术来提高车辆安全性了吗?](https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247620079&idx=1&sn=23481c676669368be35dd7a2cddd9eac) - - [ ] [网络安全最佳实践 - 从 TARA 到 PenTest](https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247620079&idx=2&sn=8a4462a7c4c53f946c5e01065135e83a) - - [ ] [预防网络灾难 - 通过 TARA 分析进行深度防御](https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247620079&idx=3&sn=928dd30666e4f0e3e22e6ce103de6c61) - - [ ] [红包封面第三弹!](https://mp.weixin.qq.com/s?__biz=MzUzMDQ1MTY0MQ==&mid=2247506601&idx=1&sn=70f914bcbbb9efc2fb037f6002cd45f6) - - [ ] [《Java代码审计零基础入门到项目实战》2025第一期招生,五十多节课才五百多,手慢无。](https://mp.weixin.qq.com/s?__biz=MzkxNTU5NTI1Ng==&mid=2247487239&idx=1&sn=0202581931c1f46340bdf6f1001bda20) - - [ ] [行业第二!实力藏不住了!](https://mp.weixin.qq.com/s?__biz=MzkxNDY0MjMxNQ==&mid=2247532859&idx=1&sn=da3d0fe94b70093b8c0cbb414e8683e5) - - [ ] [聊热点|IDC: 2025年中国安全和信任市场十大预测、新型僵尸网络正对路由器、摄像头等设备发起大规模DDoS攻击……](https://mp.weixin.qq.com/s?__biz=MzkxNDY0MjMxNQ==&mid=2247532859&idx=2&sn=7af5ed5ca486c7d1ae633fed818088eb) - - [ ] [带你解锁编码新世界!--随波逐流CTF编码工具使用教程41 --DNA密码](https://mp.weixin.qq.com/s?__biz=MzU2NzIzNzU4Mg==&mid=2247489588&idx=1&sn=f7fc3df0757ab001f3b1c34b240fd68e) - - [ ] [学习代码审计除了大量练习,更多的还是代码审计思路,给大家分享分享。](https://mp.weixin.qq.com/s?__biz=Mzg3MDU1MjgwNA==&mid=2247487185&idx=1&sn=d6a035212abd74719d8d7ce79c254117) - - [ ] [【安全圈】斯巴鲁汽车漏洞让黑客利用 Starlink 远程控制数百万辆汽车](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067590&idx=1&sn=32ea96086da2a1f7d7b7c25530ca8d55) - - [ ] [【安全圈】GhostGPT – 黑客用来生成恶意软件和漏洞的新型 AI 黑帽工具](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067590&idx=2&sn=0963e1001cd7415a1987cb9c33807d8c) - - [ ] [【安全圈】思科曝9.9分关键权限提升漏洞](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067590&idx=3&sn=7379d9127186d37af92f08f7a9ced06e) - - [ ] [【安全圈】Chrome用户面临供应链攻击威胁,数百万人或受影响](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067590&idx=4&sn=ab568c073e0bfe554ca07ca03503f2da) - - [ ] [Oracle 2025年1月补丁日多产品高危漏洞安全风险通告](https://mp.weixin.qq.com/s?__biz=MzI2NTg4OTc5Nw==&mid=2247522169&idx=1&sn=fce75986029eae4069d3b0638d1202bd) - - [ ] [守护资产,防范风险 | 2025年Web3.0资产安全指南](https://mp.weixin.qq.com/s?__biz=MzU5OTg4MTIxMw==&mid=2247503926&idx=1&sn=d0bc90fe7f2f544c087615796f4035c5) - - [ ] [企业动态 | 恒安嘉新入选2024全球计算产业案例汇编](https://mp.weixin.qq.com/s?__biz=MzIwMTUzNDY0NA==&mid=2649119281&idx=1&sn=12e90ca98164afb60a7bdf8a6b918bc4) - - [ ] [安全报告 | 2024年12月恒安嘉新网络信息安全综合态势报告](https://mp.weixin.qq.com/s?__biz=MzIwMTUzNDY0NA==&mid=2649119281&idx=2&sn=822885323d0af590dcccbb115350825b) - - [ ] [KwaiCoder-23B-A4B-v1:以 1/30 的成本训练全尺寸 SOTA 代码续写大模型](https://mp.weixin.qq.com/s?__biz=Mzg2NzU4MDM0MQ==&mid=2247495958&idx=1&sn=3383a72355bdb4c1d1bc79d83c1a8569) - - [ ] [斯巴鲁曝关键漏洞,凭车牌号可远程入侵汽车](https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651312790&idx=1&sn=f164fbd58d9d173bbc7eae3626f9ab40) - - [ ] [美国政府公布攻击Ivanti云服务设备的技术细节](https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651312790&idx=2&sn=b9aa66d005e4e639e712a5efed74fa6c) - - [ ] [美国前中央情报局分析师承认泄露国防信息](https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651312790&idx=3&sn=83ffd20b9fd4d5d2da935ff3246e1ce6) - - [ ] [MemProcFS-Analyzer:用于DFIR的Windows内存转储自动取证分析工具](https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651312790&idx=4&sn=d1ca26975b2bf3760969a9ce23192b28) - - [ ] [解读丨《国家数据基础设施建设指引》主要内容+图解,附下载](https://mp.weixin.qq.com/s?__biz=MzI2MDk2NDA0OA==&mid=2247531208&idx=1&sn=fdf554db70e62d70c1452efb1191e994) - - [ ] [干货 | 山信软件吕洪波:工业控制系统安全事件检测与处置(附视频+PPT)](https://mp.weixin.qq.com/s?__biz=MzI2MDk2NDA0OA==&mid=2247531208&idx=2&sn=d6cdc5a8d9df1a49d25016840187a4f1) - - [ ] [24年总结](https://mp.weixin.qq.com/s?__biz=MzIyOTY1NDE5Mg==&mid=2247485100&idx=1&sn=0d1663a53843d7a2bd0c5504c41d1514) - - [ ] [2025 蛇年迎新,盘古石取证暖心献礼:红包封面大放送,更多好礼等您来!](https://mp.weixin.qq.com/s?__biz=MzI2MDA0MTYyMQ==&mid=2654404359&idx=1&sn=cb7965528fedcff57cca3c5cf9847be5) - - [ ] [春节将至,盛邦安全放假安排新鲜出炉!](https://mp.weixin.qq.com/s?__biz=MzAwNTAxMjUwNw==&mid=2650277587&idx=1&sn=28ae9f7e85590a579913877d8effc2a0) - - [ ] [大模型系列之LLaMA Factory微调学习](https://mp.weixin.qq.com/s?__biz=Mzg2MTc1NDAxMA==&mid=2247484342&idx=1&sn=58be391a85f1cab4cdd6b7b0b41b1300) - - [ ] [产品上新!捷普数据库防火墙正式发布!](https://mp.weixin.qq.com/s?__biz=MzI2MzU0NTk3OA==&mid=2247505825&idx=1&sn=6fc746a14da1dd33cecd278754c09e13) - - [ ] [【漏洞预警】Elastic Fleet Server信息泄露漏洞](https://mp.weixin.qq.com/s?__biz=MzI3NzMzNzE5Ng==&mid=2247489518&idx=1&sn=4af05b6c62e451e4665c358a9b06bb24) - - [ ] [烽火狼烟丨暗网数据及攻击威胁情报分析周报(01/20-01/24)](https://mp.weixin.qq.com/s?__biz=Mzk0NjMxNTgyOQ==&mid=2247484528&idx=1&sn=8663e8fd828e564560e8f8ef9b20fe32) - - [ ] [Pwn2Own Automotive 2025结果汇总](https://mp.weixin.qq.com/s?__biz=Mzk0MzQzNzMxOA==&mid=2247487726&idx=1&sn=f8bb5a54e33ff80c2cb8894433b7f41d) - - [ ] [【再发一遍】新春抽奖开启!与奉天安全团队 & 禾信智安共迎新年好运!](https://mp.weixin.qq.com/s?__biz=Mzk0NjQ2NzQ0Ng==&mid=2247484992&idx=1&sn=32c786903ab1ff5e499415b69a5dfc4b) - - [ ] [新春抽奖开启!与奉天安全团队 & 禾信智安共迎新年好运!](https://mp.weixin.qq.com/s?__biz=Mzk0NjQ2NzQ0Ng==&mid=2247484992&idx=2&sn=0114b9f967a3e89fd0ec5627b0be8224) - - [ ] [Jeddak星火计划-开启申报](https://mp.weixin.qq.com/s?__biz=MzI1MzYzMjE0MQ==&mid=2247512933&idx=1&sn=b2602ab68be9a48e636dfae7229f3144) - - [ ] [DSRC 祝大家新年快乐(内含红包封面)](https://mp.weixin.qq.com/s?__biz=MzA3Mzk1MDk1NA==&mid=2651908507&idx=1&sn=090d7d7a925c36caa9bed1158c3df7ce) - - [ ] [备考CISSP丨选择官方培训,查看官方培训课程计划](https://mp.weixin.qq.com/s?__biz=MzUzNTg4NDAyMg==&mid=2247492332&idx=1&sn=369749a7e2782981229c81e46366fbd2) - - [ ] [每周蓝军技术推送(2025.1.18-1.24)](https://mp.weixin.qq.com/s?__biz=MzkyMTI0NjA3OA==&mid=2247494044&idx=1&sn=356681967a014551977e5051389b8f15) - - [ ] [2025网安行业优质播客精选集⑥](https://mp.weixin.qq.com/s?__biz=Mzg2MTAwNzg1Ng==&mid=2247495515&idx=1&sn=2374d21d0f637deaaed6d28977cffa5d) - - [ ] [【极思】安全运营第6年实践总结](https://mp.weixin.qq.com/s?__biz=Mzg2MTAwNzg1Ng==&mid=2247495515&idx=2&sn=32937e97ab2cae2201c2be8c08ed014e) - - [ ] [中小企业及创业公司信息安全建设指南](https://mp.weixin.qq.com/s?__biz=Mzg2MTAwNzg1Ng==&mid=2247495515&idx=3&sn=4f64dbbd5c03c54883719d8d12c61b01) - - [ ] [@网安人,你的2024年度关键词已生成(文末有福利)!](https://mp.weixin.qq.com/s?__biz=Mzg2MTAwNzg1Ng==&mid=2247495515&idx=4&sn=3e056e3e5b0b767c9ab1f787add702a0) - - [ ] [网络安全罗盘2024-2025年度“最佳参与奖”揭晓](https://mp.weixin.qq.com/s?__biz=Mzg3OTg0OTAyOQ==&mid=2247486239&idx=1&sn=3d38cca0595dfc84ca2357ef5a25eb0f) - - [ ] [限量赠送【10个前沿阵地🐍年红包封面】,恭祝大家新年快乐,财源广进。\\n\\n\\nhttps://support.weixin.qq.com/cgi-bin/mmsupport-bin/showredpacket?receiveuri=NU_pFu5bBp1TSI&check_type=2#wechat_redirect](https://mp.weixin.qq.com/s?__biz=MzA3MTM0NTQzNA==&mid=2455780136&idx=1&sn=06e52c12c5a8cfa7f7a57f51e487a05c) - - [ ] [蛇舞新春,安全不打烊!云弈科技放假通知和值班安排](https://mp.weixin.qq.com/s?__biz=MzU2ODY0ODk2Nw==&mid=2247491055&idx=1&sn=420f20f35fa82fd4ec1b7426d38cd1db) - - [ ] [边界无限春节护航,安全不打烊~](https://mp.weixin.qq.com/s?__biz=MzAwNzk0NTkxNw==&mid=2247487095&idx=1&sn=472bbc069d672b5973d5ea86c3073a43) - - [ ] [大众DP BR X8跳转清理 & a5分析](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458589258&idx=1&sn=c1333a825d642b84f6494440d9d8f10c) - - [ ] [职位更新!好工作不等人](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458589258&idx=2&sn=0f3ea01777f154e98bec7ccb0214b51c) - - [ ] [特斯拉汽车被“重点关注”,Pwn2Own Automotive 2024首日曝出24个零日漏洞](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458589258&idx=3&sn=1ee9c0b4428aba7d94dead806b1d1cb1) - - [ ] [学它!Browser Pwn Chrome V8篇](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458589258&idx=4&sn=f3db39003003caac0baa29b1e79f959e) - - [ ] [安全守护,时刻在线丨永信至诚春节放假通知](https://mp.weixin.qq.com/s?__biz=MzAwNDUyMjk4MQ==&mid=2454829223&idx=1&sn=f73e544d3d20c83118c0a09feb410ac7) - - [ ] [扫码下载 | 信息技术 安全技术 事件调查原则和过程](https://mp.weixin.qq.com/s?__biz=MjM5OTk4MDE2MA==&mid=2655264431&idx=1&sn=ed7164fc360d5a060ae12fc8ba35599d) - - [ ] [第一波稳定测试结束|等待第二波](https://mp.weixin.qq.com/s?__biz=MzU5Njg5NzUzMw==&mid=2247490441&idx=1&sn=052ce0c328717954294bdc219233c174) - - [ ] [网安周讯 | 抓捕7万人解救160余人,中国与多国联合打击电诈犯罪(一月第4期)](https://mp.weixin.qq.com/s?__biz=Mzg4MjQ4MjM4OA==&mid=2247523793&idx=1&sn=64147631f2e1dab957579c0acf00e360) - - [ ] [回眸蓄力 逐新前行 | 丈八网安2024年度大事件盘点](https://mp.weixin.qq.com/s?__biz=MzkwNzI1NDk0MQ==&mid=2247492728&idx=1&sn=98ed0b98c1cd60e7c58b5bfc4265a8e7) - - [ ] [梆叔说安全第三季Vol.8 | 梆梆安全2024年度回顾](https://mp.weixin.qq.com/s?__biz=MjM5NzE0NTIxMg==&mid=2651135241&idx=1&sn=afac26f6bfea1d968585123f9aa6e883) - - [ ] [安全过春节 服务不打烊](https://mp.weixin.qq.com/s?__biz=MjM5NzE0NTIxMg==&mid=2651135241&idx=2&sn=2c39dd7159814b2ab9c889bc2a73ee7c) - - [ ] [致谢之声|观安信息收到国家工业信息安全发展研究中心感谢信](https://mp.weixin.qq.com/s?__biz=MzIxNDIzNTcxMg==&mid=2247506747&idx=1&sn=3dad99620fdf85bd42c83b99d2853165) - - [ ] [LinkedIn共享用户数据用于AI训练,面临集体诉讼](https://mp.weixin.qq.com/s?__biz=MzUzODYyMDIzNw==&mid=2247516907&idx=1&sn=32404b5acd0fa1d6c4fd1cef521c1bec) - - [ ] [关于向社会公开征求《数据领域常用名词解释(第二批)》意见的公告](https://mp.weixin.qq.com/s?__biz=MzUzODYyMDIzNw==&mid=2247516907&idx=2&sn=86b6048d34de49f347b9e9df355e1e41) - - [ ] [红队人员必备](https://mp.weixin.qq.com/s?__biz=Mzk1NzIzOTc5MQ==&mid=2247484618&idx=1&sn=028819b6f7389bc9b049f58b64d583b1) - - [ ] [VulnNodeApp:一款包含大量安全漏洞的Node.js安全练习平台](https://mp.weixin.qq.com/s?__biz=MzU2MjY1ODEwMA==&mid=2247492083&idx=1&sn=32de1c271310b330793fd3aa20af2213) - - [ ] [记录一次时序数据库的实战测试](https://mp.weixin.qq.com/s?__biz=MzkxNTIwNTkyNg==&mid=2247553194&idx=1&sn=2e004e579969317d5e92df0ddfcbb172) - - [ ] [【免费领】新手必备!Web安全漏洞实战入门教程](https://mp.weixin.qq.com/s?__biz=MzkxNTIwNTkyNg==&mid=2247553194&idx=2&sn=3f4629f234882e5f46e5adca2331d21e) - - [ ] [冰蝎V4.0流量分析到攻防检测](https://mp.weixin.qq.com/s?__biz=MzkyNTY3Nzc3Mg==&mid=2247489163&idx=1&sn=e175c3041e920dd6f348e5aea1cc803d) - - [ ] [网络安全动态 - 2025.01.24](https://mp.weixin.qq.com/s?__biz=MzU1MzEzMzAxMA==&mid=2247499899&idx=1&sn=9a3d81b57f8642fbbad999c551f7d059) - - [ ] [Oracle发布2025年1月的安全公告](https://mp.weixin.qq.com/s?__biz=MzU3ODM2NTg2Mg==&mid=2247495725&idx=1&sn=dedb6bb0dabaefa9b319ac1b7250d198) - - [ ] [《智能化安全运营中心应用指南(2025年)》报告暨代表性厂商评估调研启动](https://mp.weixin.qq.com/s?__biz=MjM5Njc3NjM4MA==&mid=2651134885&idx=1&sn=1a1ed1ea95fed0e6eb76fe4a39386297) - - [ ] [ChatGPT又全球大面积宕机,AI助手暂时\"失联\";斯巴鲁系统漏洞曝光,数百万车辆面临远程解锁并启动风险 | 牛览](https://mp.weixin.qq.com/s?__biz=MjM5Njc3NjM4MA==&mid=2651134885&idx=2&sn=b2ed8f09df9e5f6c4850178ee4311397) - - [ ] [缓冲区溢出到getshell提权](https://mp.weixin.qq.com/s?__biz=Mzk0Mjg4MTQxMw==&mid=2247485817&idx=1&sn=e70b57b7fc4e92117a0bc5b84f9651a2) - - [ ] [HTTP协议在IP协议之上对吗?](https://mp.weixin.qq.com/s?__biz=MzIxNTM3NDE2Nw==&mid=2247490315&idx=1&sn=8e90a9794db36a878015108ee0efad71) - - [ ] [2025春节不打烊--全天候24小时服务](https://mp.weixin.qq.com/s?__biz=MzUxODY3MDExMA==&mid=2247490097&idx=1&sn=71c606f4b38243b1c7b326afaa7b148e) - - [ ] [Cursor Pro自动化无限续杯方法](https://mp.weixin.qq.com/s?__biz=MzA3MzgwMzYyMA==&mid=2452890271&idx=1&sn=0a39d26afb00141c8df2a46f0ea99376) - - [ ] [轻松使用cloudflare配置域名邮箱](https://mp.weixin.qq.com/s?__biz=MzA3MzgwMzYyMA==&mid=2452890271&idx=2&sn=3274f03a656568f84f84dafb0c6b5699) - - [ ] [18部门印发《困境儿童个人信息保护工作办法》(附全文)](https://mp.weixin.qq.com/s?__biz=MzkwMTMyMDQ3Mw==&mid=2247597597&idx=2&sn=7b0a83cff6feb7012cf96d6ab6beae26) - - [ ] [春节放假通知 | 众安天下:守护网络安全,保障“不打烊”](https://mp.weixin.qq.com/s?__biz=MzIyOTUzODY5Ng==&mid=2247504316&idx=1&sn=d83bd6c7e96fd6c7eafad474e007128d) - - [ ] [国家级创新中心建设经验交流](https://mp.weixin.qq.com/s?__biz=MzAwNTc0ODM3Nw==&mid=2247488623&idx=1&sn=af66ff6a71f033f58448c3683b2f30e5) -- 嘶吼 RoarTalk – 网络安全行业综合服务平台,4hou.com - - [ ] [AI鉴真刻不容缓!别让AI伪造“偷走”我们的善意](https://www.4hou.com/posts/xyzP) - - [ ] [中央发文“推进新型城市基建”,祥云平台助力打造韧性城市](https://www.4hou.com/posts/wxyX) - - [ ] [2024 Q4企业邮箱安全报告揭秘:盗号测试信背后的黑产攻击套路](https://www.4hou.com/posts/rpqL) - - [ ] [新的 UEFI 安全启动漏洞使系统暴露于 bootkit](https://www.4hou.com/posts/7MyB) - - [ ] [针对 Chrome 浏览器扩展程序网络钓鱼活动的新细节被披露](https://www.4hou.com/posts/nlJp) -- Recent Commits to cve:main - - [ ] [Update Fri Jan 24 20:25:39 UTC 2025](https://github.com/trickest/cve/commit/7cc0e3b9bf546832a32096d9ceafcc97c4d93574) - - [ ] [Update Fri Jan 24 12:24:54 UTC 2025](https://github.com/trickest/cve/commit/f8b633c3d8a83678494182ef13bdefe3de45b845) - - [ ] [Update Fri Jan 24 04:11:19 UTC 2025](https://github.com/trickest/cve/commit/2a95822f974d055bd443f22267473caedaf24a5d) -- Sucuri Blog - - [ ] [Malware Redirects WordPress Traffic to Harmful Sites](https://blog.sucuri.net/2025/01/malware-redirects-wordpress-traffic-to-harmful-sites.html) -- CXSECURITY Database RSS Feed - CXSecurity.com - - [ ] [CMS Twig Template Injection RCE via FTP Templates Path](https://cxsecurity.com/issue/WLB-2025010024) -- Trustwave Blog - - [ ] [Ransomware’s Evolution: Key Threat Groups Targeting the Energy and Utilities Sector in 2025](https://www.trustwave.com/en-us/resources/blogs/trustwave-blog/ransomwares-evolution-key-threat-groups-targeting-the-energy-and-utilities-sector-in-2025/) + - [ ] [警惕|售前入狱指南:这位售前你距离坐牢不远了!](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485458&idx=1&sn=9c60eaa180e3edb21006f196ba6c6518) + - [ ] [北七家-未来科学城,3居变4居豪装,理想楼层/户型/朝向](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485458&idx=2&sn=19fb3438286fd12eb54126cd7136650d) + - [ ] [【干货】笑傲职场的独家经验(1)](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485458&idx=3&sn=ad9e291ae7c68eaafb4b70da0eef178b) + - [ ] [【干货原创】实网攻防演习常态化,会带来什么变化01](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485458&idx=4&sn=8567b1848a15aab3cee265d3e05a46fd) + - [ ] [【干货原创】K12教育,鲜为人知的模式秘密](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485458&idx=5&sn=92aa960ab33f52675d9b6b79b5ed7ea4) + - [ ] [原创文章目录](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485458&idx=6&sn=b77d297edf19d3464057813560074b7e) + - [ ] [揭秘渗透测试:网络安全的“攻防演练”](https://mp.weixin.qq.com/s?__biz=MzkzNzg3NzQxMQ==&mid=2247485725&idx=1&sn=8d1e5ccb6b7c188932d3595352f0f8a0) + - [ ] [缓冲区溢出学习及漏洞复现](https://mp.weixin.qq.com/s?__biz=Mzg3OTUxNTU2NQ==&mid=2247490021&idx=1&sn=028614c59fd8634bc196652737ddd7a3) + - [ ] [渗透技巧 | 小白都能会的通用漏洞挖掘技巧](https://mp.weixin.qq.com/s?__biz=Mzg3OTUxNTU2NQ==&mid=2247490021&idx=2&sn=78ca373b771055bfce301e58e2d94839) + - [ ] [红队视角:揭秘内网提权的技术迷宫](https://mp.weixin.qq.com/s?__biz=Mzg3OTUxNTU2NQ==&mid=2247490021&idx=3&sn=632b1f8c8140edb7f8e1988a027d8c9b) + - [ ] [FTP匿名登录](https://mp.weixin.qq.com/s?__biz=MzU2MTc4NTEyNw==&mid=2247486443&idx=1&sn=52541552cd1d17a0619cb76a02adaca0) + - [ ] [【重要通知】春节福利来啦!](https://mp.weixin.qq.com/s?__biz=Mzk0OTUwNTU5Nw==&mid=2247489028&idx=1&sn=57cc2f38012be369cda3b8eb27af4955) + - [ ] [【资讯】特朗普签署行政命令取消拜登人工智能政策:美国政策的“朝令夕改”](https://mp.weixin.qq.com/s?__biz=MzI2MTE0NTE3Mw==&mid=2651148689&idx=1&sn=0707627dd1c290fd861d390ad8100390) + - [ ] [14【邮件安全】如何防护窃密类攻击](https://mp.weixin.qq.com/s?__biz=MzI1OTUyMTI2MQ==&mid=2247484819&idx=1&sn=969fd46dcff0cbeb1f0ca33b50c1d3f8) + - [ ] [梦想启航,共赴新征程 | 神州希望年度盛典活动圆满落幕](https://mp.weixin.qq.com/s?__biz=MzA4Mzg1ODMwMg==&mid=2650725002&idx=1&sn=469a2e3a5e9cd84f5ec595e1bfa74f1a) + - [ ] [人民银行拟明确,泄露1000万条敏感个人信息为特别重大网络安全事件](https://mp.weixin.qq.com/s?__biz=Mzg4NzQ4MzA4Ng==&mid=2247485190&idx=1&sn=3cdb10b152e37983478b1501ddae2549) + - [ ] [记一次细得不行的账户权限提升](https://mp.weixin.qq.com/s?__biz=MzIzMTIzNTM0MA==&mid=2247496946&idx=1&sn=fd344274014da8f4d5f0705d21c1080a) + - [ ] [GBT43766-2024智能网联汽车运行安全测试技术要求](https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247620095&idx=1&sn=c2a4526918174ccfc0842f3acd11e526) + - [ ] [GB T 44774-2024 汽车信息安全应急响应管理规范-市场监督总局、国标委](https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247620095&idx=2&sn=f195194edfff51e852f90ffb8c5cec5a) + - [ ] [GB_T 44778-2024 汽车诊断接口信息安全技术要求及试验方法](https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247620095&idx=3&sn=2776df80864788f31772fc62bf486e70) + - [ ] [【云安全】云原生-Docker(五)容器逃逸之漏洞利用](https://mp.weixin.qq.com/s?__biz=MzUyNTUyNTA5OQ==&mid=2247484704&idx=1&sn=410d5b5fae6bf9431286297a0a2c6170) + - [ ] [攻防技战术动态一周更新 - 20240120](https://mp.weixin.qq.com/s?__biz=MzkzODc4NjE1OQ==&mid=2247483911&idx=1&sn=c5a229f591045a08ac05482732c1d08a) + - [ ] [带你解锁编码新世界!--随波逐流CTF编码工具使用教程42 --Decabit密码](https://mp.weixin.qq.com/s?__biz=MzU2NzIzNzU4Mg==&mid=2247489624&idx=1&sn=ea44aafbf7384a7687c319f17c02fa2d) + - [ ] [【安全圈】2000余名网红遭信息“开盒” 嫌疑人获利几十万元](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067606&idx=1&sn=06c7d132a1649380a5b7629742f5d3f7) + - [ ] [【安全圈】微软 Win10 / Win11 新威胁:RID 劫持可提权至管理员控制你的 PC](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067606&idx=2&sn=efa053f9e1755bb17193b5a5868fb8ce) + - [ ] [【安全圈】新的 Cleo 零日 RCE 漏洞在数据盗窃攻击中被利用](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067606&idx=3&sn=6473d53d9a207bfac9888ca3a543bbf8) + - [ ] [【安全圈】新的 UEFI 安全启动漏洞使系统暴露于 bootkit](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067606&idx=4&sn=e8ae1a9dfb9fb649575b0d8a5414a82d) + - [ ] [LockBit4.0勒索病毒攻击](https://mp.weixin.qq.com/s?__biz=MzA4ODEyODA3MQ==&mid=2247490159&idx=1&sn=3e0c4cafcaf49897fc3ae2b21c46ba3c) + - [ ] [Lynx勒索病毒攻击](https://mp.weixin.qq.com/s?__biz=MzA4ODEyODA3MQ==&mid=2247490159&idx=2&sn=407c03ec89b98548a00d3dcdb55d47ef) + - [ ] [【InForSec 2025年会青年学者论坛回顾】冀晓宇:从传感器安全到“传感器 +X”安全](https://mp.weixin.qq.com/s?__biz=MzA4ODYzMjU0NQ==&mid=2652317459&idx=1&sn=4c4bfe832913a3872ec09ee631b9274b) + - [ ] [【InForSec 2025年会青年学者论坛回顾】白家驹:操作系统的自动化缺陷检测](https://mp.weixin.qq.com/s?__biz=MzA4ODYzMjU0NQ==&mid=2652317459&idx=2&sn=d42e0048046537509a0b9169907c9801) + - [ ] [【InForSec 2025年会青年学者论坛回顾】闫琛:传感器电磁安全与隐私问题研究](https://mp.weixin.qq.com/s?__biz=MzA4ODYzMjU0NQ==&mid=2652317459&idx=3&sn=619b1c123e6a6165f24ed57ff9fd391a) + - [ ] [【InForSec 2025年会青年学者论坛回顾】刁文瑞:移动生态安全探索:从系统漏洞到大规模测量](https://mp.weixin.qq.com/s?__biz=MzA4ODYzMjU0NQ==&mid=2652317459&idx=4&sn=0d016310221e528e230f05da6f3b14de) + - [ ] [【InForSec 2025年会青年学者论坛回顾】南雨宏:程序分析视角下的敏感数据管控:从移动应用到智能合约](https://mp.weixin.qq.com/s?__biz=MzA4ODYzMjU0NQ==&mid=2652317459&idx=5&sn=c5a7798acca47b172a583897d568c7ef) + - [ ] [【InForSec 2025年会青年学者论坛回顾】范铭:移动应用个人信息保护场景下的合规验证探索与思考](https://mp.weixin.qq.com/s?__biz=MzA4ODYzMjU0NQ==&mid=2652317459&idx=6&sn=7be8c4556e1d37b0d94079969cbb7958) + - [ ] [【InForSec 2025年会青年学者论坛回顾】申文博:从AI框架到xPU硬件:智能系统安全研究](https://mp.weixin.qq.com/s?__biz=MzA4ODYzMjU0NQ==&mid=2652317459&idx=7&sn=044afe640aa525a285b3dcc87f2a146d) + - [ ] [【全网首发】SpiderX—JS前端加密绕过攻防神器](https://mp.weixin.qq.com/s?__biz=MzkxOTU3MDY4MQ==&mid=2247484523&idx=1&sn=1c96baa85e02951ab6e157f8318b63fb) + - [ ] [新春红包封面快来领取!](https://mp.weixin.qq.com/s?__biz=MzI5MTIwOTQ5MA==&mid=2247487645&idx=1&sn=f24d76bc9fff29975309ff6ee71836c9) + - [ ] [友数聚 CPAS审计管理系统V4 getCurserIfAllowLogin SQL注入漏洞](https://mp.weixin.qq.com/s?__biz=MzkzMTcwMTg1Mg==&mid=2247490331&idx=1&sn=d0bc2a23252891fc43749fa31443df71) + - [ ] [CVE-2024-43451 Windows NTLM 漏洞,允许攻击者使用恶意快捷方式强制身份验证并捕获 NTLM 哈希](https://mp.weixin.qq.com/s?__biz=MzAxMjYyMzkwOA==&mid=2247527185&idx=1&sn=e316e52a9c3df272305888245af343f8) + - [ ] [CVE-2024-43468 :通过 PoC 代码揭示 Microsoft Configuration Manager 漏洞](https://mp.weixin.qq.com/s?__biz=MzAxMjYyMzkwOA==&mid=2247527185&idx=2&sn=67cbf97affd8106486d5097a7d773cf7) + - [ ] [交大捷普春节保障通知请查收~](https://mp.weixin.qq.com/s?__biz=MzI2MzU0NTk3OA==&mid=2247506078&idx=1&sn=51b1726bf07b4140dd5c7c740c641c5f) + - [ ] [汽车功能安全](https://mp.weixin.qq.com/s?__biz=MzIzOTc2OTAxMg==&mid=2247549597&idx=1&sn=56e746b1a81acc0ff1f756fb0a6919bd) + - [ ] [车载电子控制系统解析:ECU、VCU、MCU、HCU的区别与功能](https://mp.weixin.qq.com/s?__biz=MzIzOTc2OTAxMg==&mid=2247549597&idx=2&sn=8782ebbf1f96b57a350bccdc3cb71cbc) + - [ ] [赛迪院长张立:强化数据标注基地引领作用 带动数据标注产业高质量发展](https://mp.weixin.qq.com/s?__biz=MjM5NzYwNDU0Mg==&mid=2649249639&idx=1&sn=b20e52f1c5bf58132694f64459558d08) + - [ ] [送走挖煤人,引进AI人——京西新年第一会聚焦“人工智能+”](https://mp.weixin.qq.com/s?__biz=MjM5NzYwNDU0Mg==&mid=2649249639&idx=2&sn=5b2eef5ca2602417c0513893881a5286) + - [ ] [京西“人工智能+”行动启动,加速赋能千行百业](https://mp.weixin.qq.com/s?__biz=MjM5NzYwNDU0Mg==&mid=2649249639&idx=3&sn=09d82edb1cb80aa30dd4e524b454846f) + - [ ] [国源天顺集团召开2025年盛大年会](https://mp.weixin.qq.com/s?__biz=Mzg3MTU1MTIzMQ==&mid=2247495900&idx=1&sn=05f3cb3068c5e19ffbae70d4a628e501) + - [ ] [【2025-01-25】黑客新闻摘要](https://mp.weixin.qq.com/s?__biz=MzIzNDU5NTI4OQ==&mid=2247488361&idx=1&sn=5e93ab8055df35d3ef08f9ecd2ab11f3) + - [ ] [中国科技期刊参与科技伦理治理的责任与边界](https://mp.weixin.qq.com/s?__biz=MzI1OTExNDY1NQ==&mid=2651618886&idx=1&sn=212dbd45b8656d38f43d2206b2613569) + - [ ] [DEC/RPC协议与Windows服务创建浅析(银狐原始进程隐匿方式之一)](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458589259&idx=1&sn=2076280e4c58e4cd0d718047946ebe83) + - [ ] [别错过!“系统0day安全”课程,带你精通漏洞挖掘技巧](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458589259&idx=2&sn=4356dec55931f1257ae44561ca3f0d3e) + - [ ] [金融大模型落地路线图研究报告(2024年)](https://mp.weixin.qq.com/s?__biz=MjM5OTk4MDE2MA==&mid=2655264523&idx=1&sn=59aaf90744fb30c1ac16698f52a91acb) + - [ ] [友数聚 CPAS审计管理系统V4 downPlugs 任意文件读取漏洞](https://mp.weixin.qq.com/s?__biz=MzkzMTcwMTg1Mg==&mid=2247490322&idx=1&sn=25c1352e1b349a1302486f7e519f7d5d) + - [ ] [特色专题 | Polar-BBCRSsig:一个基于极化码的数字签名算法](https://mp.weixin.qq.com/s?__biz=MzkwMTMyMDQ3Mw==&mid=2247597612&idx=1&sn=331a63888f0e237790f4b786ff41b4b5) + - [ ] [提升数据流通安全治理能力 促进数据流通开发利用](https://mp.weixin.qq.com/s?__biz=MzkwMTMyMDQ3Mw==&mid=2247597612&idx=2&sn=0cfbb614ace6bcfc8fba3986e85d7996) + - [ ] [CTF 流量分析秘籍](https://mp.weixin.qq.com/s?__biz=MzkyOTUxMzk2NQ==&mid=2247486072&idx=1&sn=2d8abc608068a31ba72346ffe1fbb89a) + - [ ] [【JS逆向渗透系列02】BurpSuite结合mitmproxy+JSRPC秒杀js加密的方案](https://mp.weixin.qq.com/s?__biz=MzkyOTUxMzk2NQ==&mid=2247486072&idx=2&sn=a41b8e46903c71b16c9afd325f1f0f1f) + - [ ] [【js逆向渗透系列01】利用JSRPC秒杀JS加密](https://mp.weixin.qq.com/s?__biz=MzkyOTUxMzk2NQ==&mid=2247486072&idx=3&sn=f4d030c3179188237c61992ea979ce39) + - [ ] [放假啦!](https://mp.weixin.qq.com/s?__biz=MzkxNTIwNTkyNg==&mid=2247553203&idx=1&sn=9a05203b3253d08d80b3b0b05696977d) + - [ ] [【免费领】全网最权威的大数据安全实践指南(含100例最佳实操)](https://mp.weixin.qq.com/s?__biz=MzkxNTIwNTkyNg==&mid=2247553203&idx=2&sn=a27be898f2ed0a1029b6cc567fd3e3dd) + - [ ] [xray图形化工具-Super Xray,支持自定义导入poc库](https://mp.weixin.qq.com/s?__biz=MzkzNzg4MTI0NQ==&mid=2247485448&idx=1&sn=5888106f1aed20b020b5c7cf2e2d7d53) + - [ ] [博斯外贸管理软件V6.0 log/logined.jsp SQL注入漏洞](https://mp.weixin.qq.com/s?__biz=MzkzMTcwMTg1Mg==&mid=2247490313&idx=1&sn=74c67202db6cc3e463b34c9f381ceebf) + - [ ] [祝大家新春快乐!](https://mp.weixin.qq.com/s?__biz=MzkyNTY3Nzc3Mg==&mid=2247489177&idx=1&sn=72c3b8a8302a13d9cc452781aa143d41) + - [ ] [新春抽奖开启!与奉天安全团队 & 禾信智安共迎新年好运!](https://mp.weixin.qq.com/s?__biz=Mzk0NjQ2NzQ0Ng==&mid=2247485001&idx=1&sn=6e9760b516808b96be5fe01325dabde2) + - [ ] [专项培训,学生必看!](https://mp.weixin.qq.com/s?__biz=Mzk0NjQ2NzQ0Ng==&mid=2247485001&idx=2&sn=14fae2eb52cb8f3067159cbda8857411) + - [ ] [无糖信息春节放假通知,内含2025蛇年限定红包封面限时放送!](https://mp.weixin.qq.com/s?__biz=MzAxMzkzNDA1Mg==&mid=2247513938&idx=1&sn=9d7986c230f45bb4faac2f33a765ccab) + - [ ] [黑客如何攻破一个网站?长文图解全流程](https://mp.weixin.qq.com/s?__biz=MzkxMzMyNzMyMA==&mid=2247570688&idx=1&sn=ec49ed5cec5fce5c31f4af871087a5df) + - [ ] [诸子云 | 2024评优:「十佳会员」候选人风采展示与投票](https://mp.weixin.qq.com/s?__biz=MzU5ODgzNTExOQ==&mid=2247635766&idx=1&sn=8a269692df43494fa4405040d7d5f044) + - [ ] [在看 | 周报:B站员工“代码投毒”报复用户;宁波某化工企业被境外势力获取危险源监控视频数据](https://mp.weixin.qq.com/s?__biz=MzU5ODgzNTExOQ==&mid=2247635766&idx=2&sn=8e5ca5ae820e4aa7a72644000bc4e641) + - [ ] [在看 | 厂商:本周热门网络安全产业动态](https://mp.weixin.qq.com/s?__biz=MzU5ODgzNTExOQ==&mid=2247635766&idx=3&sn=3ac33612ef10098240b1eaa09bd422a2) + - [ ] [谈谈最近](https://mp.weixin.qq.com/s?__biz=Mzg5OTkwMjEwMg==&mid=2247483889&idx=1&sn=6cf7b46c3236d2e505d7cfbba97835d2) + - [ ] [一图读懂《网络安全技术 网络安全产品互联互通 第1部分:框架》](https://mp.weixin.qq.com/s?__biz=MjM5MzMwMDU5NQ==&mid=2649170504&idx=1&sn=86ae46294ca2f8187bedbc85e99f1c64) + - [ ] [实施“持证亮牌”u3000整治违规行为——国家网信办加强互联网新闻信息服务许可管理](https://mp.weixin.qq.com/s?__biz=MjM5MzMwMDU5NQ==&mid=2649170504&idx=2&sn=9d129cd03cc85a4a2de8cc9b3a034490) + - [ ] [涉嫌非法获取公民个人信息 8家MCN机构被查处](https://mp.weixin.qq.com/s?__biz=MjM5MzMwMDU5NQ==&mid=2649170504&idx=3&sn=62aac421ce4481cd2a9e72a6bf6e2f3d) + - [ ] [AI领航安全新征程!星河安全2024年度盘点](https://mp.weixin.qq.com/s?__biz=Mzk0MTYyNTg3Mg==&mid=2247492360&idx=1&sn=bad1dda2fae75298e0870d957e44336f) + - [ ] [安全不打烊丨云天安全春节期间服务保障通知](https://mp.weixin.qq.com/s?__biz=MzI2NDYzNjY0Mg==&mid=2247501197&idx=1&sn=e573ebcd07279615fe21c417e222f7a2) + - [ ] [揭秘服务器世界三大巨头:机架式、塔式与刀片式的真正区别!](https://mp.weixin.qq.com/s?__biz=MzUyNTExOTY1Nw==&mid=2247528007&idx=1&sn=7a2b2de8e2eb075aecfd0d928c2e05b6) + - [ ] [请查收~来自盛邦安全的致谢回信](https://mp.weixin.qq.com/s?__biz=MzAwNTAxMjUwNw==&mid=2650277635&idx=1&sn=fba61f10dfea6a44afeef10a1bca780f) + - [ ] [四叶草安全春节公告](https://mp.weixin.qq.com/s?__biz=MjM5MTI2NDQzNg==&mid=2654552288&idx=1&sn=96a0015a0fd5500a90ae8527883b410c) + - [ ] [【证书和报告信息】中国移动通信集团有限公司-网络安全大模型系统](https://mp.weixin.qq.com/s?__biz=Mzg5MzQ5NjQyNw==&mid=2247486184&idx=1&sn=1c59eb46d046850475159b39f42ee3a6) + - [ ] [【灵蛇贺新岁】平航科技2025年春节假期放假通知](https://mp.weixin.qq.com/s?__biz=MzI0OTEyMTk5OQ==&mid=2247494113&idx=1&sn=ce6e94d556fc3aff1a62646f32aa492c) + - [ ] [告别SecureCRT!这些SSH工具更强大、更好用,网络工程师必备!](https://mp.weixin.qq.com/s?__biz=MzIyMzIwNzAxMQ==&mid=2649464706&idx=1&sn=2f28514a24bcc488d05ac8b16894f3a1) + - [ ] [开发|渗透报告生成系统+框架反序列化分析+防护建议](https://mp.weixin.qq.com/s?__biz=MzIzNDU5Mzk2OQ==&mid=2247486379&idx=1&sn=f2d6bb9d94a484a4ddaf43a851625d65) + - [ ] [一图读懂中央经济工作会议→](https://mp.weixin.qq.com/s?__biz=MzA5MzU5MzQzMA==&mid=2652114248&idx=1&sn=3110c71638dad598cdd5a97b9819d8dc) + - [ ] [事关Stargate项目,说点你不知道的内幕!](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650559242&idx=1&sn=65609027c9fddad943535044bcb06811) + - [ ] [“懂王”重出江湖:前100日计划剖析(2万字资料附下载)](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650559242&idx=2&sn=812122521348cdc4a1414ee0000a67b8) + - [ ] [src实战 | CE工具的妙用-绕过签名](https://mp.weixin.qq.com/s?__biz=Mzk0NzM4NzI1MA==&mid=2247486229&idx=1&sn=59f7a5d451e4f06ec7e5710355a16705) + - [ ] [对 404 站点的漏洞挖掘](https://mp.weixin.qq.com/s?__biz=MzU5NjYwNDIyOQ==&mid=2247484826&idx=1&sn=5f81afa2c8c6ec0ad22c685de58a12d2) + - [ ] [暗网:CAI 的非常规来源](https://mp.weixin.qq.com/s?__biz=MzkwOTE5MDY5NA==&mid=2247504700&idx=1&sn=8a70db6ed5d20c468504787680ea612c) + - [ ] [从 404 到未授权](https://mp.weixin.qq.com/s?__biz=MzU5NjYwNDIyOQ==&mid=2247484823&idx=1&sn=4a5b521198ea04ffdba91a69f4efa10e) + - [ ] [美国国防部官方社交媒体集体进入“静默期”](https://mp.weixin.qq.com/s?__biz=MzkzNDIzNDUxOQ==&mid=2247494513&idx=1&sn=bc5c4c56b49b937818cbaf41ea395f3b) + - [ ] [安全值守 | 众智维科技春节假期应急保障服务不打烊](https://mp.weixin.qq.com/s?__biz=MzU5Mjg0NzA5Mw==&mid=2247493910&idx=1&sn=de7d9c74b0ba445a83102b5027b37773) + - [ ] [好险差点被他赚到了](https://mp.weixin.qq.com/s?__biz=Mzk0MzY3MDE5Mg==&mid=2247483995&idx=1&sn=345fa8d0bf969a4ac8f5b9a4f3b1d09c) + - [ ] [【吃瓜】无需三倍](https://mp.weixin.qq.com/s?__biz=MzIxNTIzNTExMQ==&mid=2247490849&idx=1&sn=c8a921eac811f6f2a83cba435599a30a) + - [ ] [天才](https://mp.weixin.qq.com/s?__biz=MzIxNTIzNTExMQ==&mid=2247490847&idx=1&sn=84840a0e8ecb596122fdf56a541247b5) + - [ ] [分享图片](https://mp.weixin.qq.com/s?__biz=MzI3Njc1MjcxMg==&mid=2247494345&idx=1&sn=ec9ef6a77576df47945933c5408a8861) + - [ ] [在受限的 Rails 应用程序中通过任意文件写入实现 RCE](https://mp.weixin.qq.com/s?__biz=MzAxMjYyMzkwOA==&mid=2247527156&idx=1&sn=ce41716d54949eb8045c2dec96ee44a6) + - [ ] [【威胁分析】针对韩国国内某知名律师事务所的APT攻击](https://mp.weixin.qq.com/s?__biz=MzAxMjYyMzkwOA==&mid=2247527156&idx=2&sn=d815a0b641f861682118ebb4b2e25335) + - [ ] [JADXecute:用于动态反编译器操作的 JADX-gui 脚本插件](https://mp.weixin.qq.com/s?__biz=MzAxMjYyMzkwOA==&mid=2247527156&idx=3&sn=bdacefab7871ac08e043ac3166998058) + - [ ] [从Pegasus到Predator:iOS商业间谍软件的演进](https://mp.weixin.qq.com/s?__biz=MzU0MzgyMzM2Nw==&mid=2247486250&idx=1&sn=daa031ff26b9773e0177492de181ba56) + - [ ] [国外警务前沿科技汇编](https://mp.weixin.qq.com/s?__biz=MzkwMTQyODI4Ng==&mid=2247495745&idx=1&sn=5df2228249f174df3b21b5ad777b6253) + - [ ] [2024年全球邮件威胁报告](https://mp.weixin.qq.com/s?__biz=MzkwMTQyODI4Ng==&mid=2247495745&idx=2&sn=80c37d4771e7c654aa7609d6fe590b24) + - [ ] [知名车企漏洞:只需车牌号,就能远程监控劫持数百万辆车](https://mp.weixin.qq.com/s?__biz=MzkwMTQyODI4Ng==&mid=2247495745&idx=3&sn=d62bd25906c870e0c8433a02109f5b5a) + - [ ] [ip2domain - 批量查询ip对应域名、备案信息、百度等引擎权重](https://mp.weixin.qq.com/s?__biz=MzkyNTYzMTg3OQ==&mid=2247485770&idx=1&sn=302f7c091ef90f0df97ed162bfb265c5) + - [ ] [网络安全的红利还能吃几年?](https://mp.weixin.qq.com/s?__biz=Mzg4Nzk3MTg3MA==&mid=2247487709&idx=1&sn=cbd8920e80714a50eed133a0b2ee35d3) + - [ ] [ISO 14001: 2015 标准详解与实施(26)10.3 持续改进](https://mp.weixin.qq.com/s?__biz=MzA5OTEyNzc1Nw==&mid=2247486030&idx=1&sn=d1459a0a8bca440750d5ade3b58f0f0e) + - [ ] [ISO 14001: 2015 标准详解与实施(25)10.2 不符合和纠正措施](https://mp.weixin.qq.com/s?__biz=MzA5OTEyNzc1Nw==&mid=2247486030&idx=2&sn=dae87bd98e4387cf93f0a87aa96eed81) + - [ ] [ISO 14001: 2015 标准详解与实施(24)10.1 总则](https://mp.weixin.qq.com/s?__biz=MzA5OTEyNzc1Nw==&mid=2247486030&idx=3&sn=c318bf65327a033e932d389b8a90ea16) + - [ ] [ISO 14001: 2015 标准详解与实施(23)9.3 管理评审](https://mp.weixin.qq.com/s?__biz=MzA5OTEyNzc1Nw==&mid=2247486030&idx=4&sn=a85135f37d7c333ef6c878c315f88c41) + - [ ] [ISO 14001: 2015 标准详解与实施(22)9.2 内部审核](https://mp.weixin.qq.com/s?__biz=MzA5OTEyNzc1Nw==&mid=2247486030&idx=5&sn=1f187b414d8a14d47c9649240b678ac0) + - [ ] [锦岳智慧:2025年春节安全保障,守护同行!](https://mp.weixin.qq.com/s?__biz=MzkxMzQwNDcxNg==&mid=2247486852&idx=1&sn=d3ddf1a54d505e65a457ae3c2b896aa1) + - [ ] [DIDCTF-2021第三届长安杯-检材一](https://mp.weixin.qq.com/s?__biz=MzkxMTcyMDczOQ==&mid=2247489692&idx=1&sn=4146be09a799bbf76d261eab4bc980d1) + - [ ] [数字安全:智·盾·鉴,CSA开启2025](https://mp.weixin.qq.com/s?__biz=MzkwMTM5MDUxMA==&mid=2247503000&idx=1&sn=20276e85c2972647250674828c0b5a5f) + - [ ] [impacket解读(三. smbclient、secretsdump)](https://mp.weixin.qq.com/s?__biz=Mzg5NTkxNzg4MA==&mid=2247489975&idx=1&sn=7faa781ae4e91430c6f32732213c32c2) + - [ ] [[网络安全]新春红包封面](https://mp.weixin.qq.com/s?__biz=MzkyMDY1MDI3OA==&mid=2247483803&idx=1&sn=4dff124cc0784638e204ea08b191b63f) + - [ ] [【吃瓜】某手机厂商被泰国个人数据保护委员会 (PDPC) 发出警示令](https://mp.weixin.qq.com/s?__biz=MzkzNDIzNDUxOQ==&mid=2247494502&idx=1&sn=7c132f29048506b59cb9ff3abec22f38) + - [ ] [黑客利用 XWorm RAT 攻击“脚本小子”,感染了18,000 台设备](https://mp.weixin.qq.com/s?__biz=MzkzNDIzNDUxOQ==&mid=2247494502&idx=2&sn=8d47c257885509ce00eef4bcb4c09ba4) + - [ ] [K8S 日志查询中的命令注入](https://mp.weixin.qq.com/s?__biz=MzkzNDIzNDUxOQ==&mid=2247494502&idx=3&sn=6a7f85ec2112691b2dbf7b7c1dcdfd47) + - [ ] [加密货币平台 Phemex 疑似遭遇网络攻击,至少 6900 万美元被盗](https://mp.weixin.qq.com/s?__biz=MzkzNDIzNDUxOQ==&mid=2247494502&idx=4&sn=08e9029e44c6d29a1ca03c2a18580d55) + - [ ] [如何使用 Visual Studio 制作 Windows x86-64 Shellcode](https://mp.weixin.qq.com/s?__biz=MzAxODM5ODQzNQ==&mid=2247486555&idx=1&sn=5047769a6043ea5a95f457da525b736d) + - [ ] [《Java代码审计零基础入门到项目实战》强势来袭,手把手带你学会学好学明白!](https://mp.weixin.qq.com/s?__biz=MzkwMzMwODg2Mw==&mid=2247510468&idx=1&sn=2ae06cf6770737f7e101b3a16bf48cd9) + - [ ] [吾爱破解论坛微信红包封面(60000份)](https://mp.weixin.qq.com/s?__biz=MjM5Mjc3MDM2Mw==&mid=2651141639&idx=1&sn=7306868d4e210299a761b09dfab68bec) + - [ ] [工业网络安全周报-2025年第4期](https://mp.weixin.qq.com/s?__biz=MzU3ODQ4NjA3Mg==&mid=2247564979&idx=1&sn=ac7d1cc6527b4ab6cfe838bd72ec338f) + - [ ] [2024 年工控互联网态势](https://mp.weixin.qq.com/s?__biz=MzkyMzE5ODExNQ==&mid=2247487629&idx=1&sn=f51d253054a3fe4b1f53af328973c7d9) + - [ ] [2024-CISCN-长城杯-威胁检测与网络流量分析WP](https://mp.weixin.qq.com/s?__biz=Mzg4NDg3NjE5MQ==&mid=2247485366&idx=1&sn=3ba5e8dbd1076a28202b5c13eb17f8a1) + - [ ] [日本《人工智能业务指南》全文翻译](https://mp.weixin.qq.com/s?__biz=MzIxODM0NDU4MQ==&mid=2247506124&idx=1&sn=a0d99658c9689597ec9d1e77f02a0b48) + - [ ] [特朗普的“豪言壮语”与中亚的“夹缝求生”](https://mp.weixin.qq.com/s?__biz=MzkwNzM0NzA5MA==&mid=2247504827&idx=1&sn=8fc0764ae8df89d1410d2698742021c2) + - [ ] [英美强力支持HTS:一场地缘政治的“暗棋”](https://mp.weixin.qq.com/s?__biz=MzkwNzM0NzA5MA==&mid=2247504827&idx=2&sn=163ae646fa6f29298070240c3434b308) + - [ ] [印度的全球战略布局:多边关系的“棋局”与隐忧](https://mp.weixin.qq.com/s?__biz=MzkwNzM0NzA5MA==&mid=2247504827&idx=3&sn=129948fb74cb521900993d4e8e40d403) + - [ ] [安天AVL SDK反病毒引擎升级通告(20250125)](https://mp.weixin.qq.com/s?__biz=MjM5MTA3Nzk4MQ==&mid=2650209879&idx=1&sn=f064cfa0b128912c0afa12a79319a1e7) + - [ ] [邬贺铨院士展望未来10年:AI重塑互联网](https://mp.weixin.qq.com/s?__biz=Mzg4MDU0NTQ4Mw==&mid=2247528860&idx=1&sn=97b5e988dbeead145081b25e2b41e3d8) + - [ ] [2025 年将是统一网络安全的一年](https://mp.weixin.qq.com/s?__biz=Mzg4MDU0NTQ4Mw==&mid=2247528860&idx=2&sn=9b9e1062d3000976628bbf98e78b2a2d) + - [ ] [【一周安全资讯0125】工信部等十四部门联合印发《关于加强极端场景应急通信能力建设的意见》;TikTok在美暂时恢复运营](https://mp.weixin.qq.com/s?__biz=MzIzMDQwMjg5NA==&mid=2247506579&idx=1&sn=fcac61536a135611032057e715235d00) + - [ ] [2024春秋杯冬季赛PWN---WriteUp](https://mp.weixin.qq.com/s?__biz=MzkxNTc1MzQyNw==&mid=2247488757&idx=1&sn=15ce2c806f874774fadc25d433fe73d8) + - [ ] [中国人民银行业务领域网络安全事件报告管理办法(征求意见稿)](https://mp.weixin.qq.com/s?__biz=MzA5MzU5MzQzMA==&mid=2652114228&idx=1&sn=837561c72e2392e4f82cb1518786750d) + - [ ] [CCRC丨蛇年行大运,返现288!](https://mp.weixin.qq.com/s?__biz=MzU4MjUxNjQ1Ng==&mid=2247521420&idx=1&sn=b826c081b9757b44d13604d6b1564f02) + - [ ] [黑客高手暗中传播木马化的XWorm RAT,新手黑客应声沦陷](https://mp.weixin.qq.com/s?__biz=MzkyMjQ5ODk5OA==&mid=2247507094&idx=1&sn=2ea5fcd0855066b82055aaf0687123d6) + - [ ] [年度盘点丨2024年迪普科技科护航科教文卫行业数字化](https://mp.weixin.qq.com/s?__biz=MzA4NzE5MzkzNA==&mid=2650370699&idx=1&sn=027d5ffb380e0c85b361ff87b89105d5) + - [ ] [.NET 第 56 期红队武器库和资源汇总](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498450&idx=1&sn=0e544713a937f0cc0f8fe5662ece86f9) + - [ ] [.NET 内网攻防实战电子报刊](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498450&idx=2&sn=a00f3f8ae2f091ade34fc645636c1188) + - [ ] [文件痕迹清理,通过 Sharp4ModifyTime 修改任意文件时间戳](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498450&idx=3&sn=01dad887be82ec26ebc80e1de617c700) +- Private Feed for M09Ic + - [ ] [b1nhack forked b1nhack/rustaceanvim from mrcjkb/rustaceanvim](https://github.com/b1nhack/rustaceanvim) + - [ ] [phith0n starred maybe-finance/maybe](https://github.com/maybe-finance/maybe) + - [ ] [4ra1n released 4.3 at jar-analyzer/jar-analyzer](https://github.com/jar-analyzer/jar-analyzer/releases/tag/4.3) + - [ ] [safedv starred LOTTunnels/LOTTunnels.github.io](https://github.com/LOTTunnels/LOTTunnels.github.io) + - [ ] [spf13 starred zellij-org/zellij](https://github.com/zellij-org/zellij) + - [ ] [4ra1n released temurin-23.0.2 at jar-analyzer/workflow_jre](https://github.com/jar-analyzer/workflow_jre/releases/tag/temurin-23.0.2) + - [ ] [4ra1n released temurin-8u442 at jar-analyzer/workflow_jre](https://github.com/jar-analyzer/workflow_jre/releases/tag/temurin-8u442) + - [ ] [spf13 starred ryanoasis/nerd-fonts](https://github.com/ryanoasis/nerd-fonts) + - [ ] [zer0yu started following Kobzol](https://github.com/Kobzol) + - [ ] [zer0yu starred lightpanda-io/browser](https://github.com/lightpanda-io/browser) + - [ ] [zer0yu starred johnthagen/min-sized-rust](https://github.com/johnthagen/min-sized-rust) + - [ ] [zer0yu starred Automattic/harper](https://github.com/Automattic/harper) + - [ ] [zer0yu starred mtshiba/pylyzer](https://github.com/mtshiba/pylyzer) + - [ ] [safedv starred 0xNinjaCyclone/EarlyCascade](https://github.com/0xNinjaCyclone/EarlyCascade) + - [ ] [zer0yu starred Clouditera/SecGPT](https://github.com/Clouditera/SecGPT) + - [ ] [zer0yu starred DLLXW/baby-llama2-chinese](https://github.com/DLLXW/baby-llama2-chinese) + - [ ] [zer0yu started following jiayuqi7813](https://github.com/jiayuqi7813) + - [ ] [zer0yu starred opengrep/opengrep](https://github.com/opengrep/opengrep) + - [ ] [zer0yu starred jiayuqi7813/Stegsolve-rs](https://github.com/jiayuqi7813/Stegsolve-rs) + - [ ] [h3zh1 pushed to dev in chainreactors/malice-network](https://github.com/chainreactors/malice-network/compare/93f5d17f61...8482799871) - Security Boulevard - - [ ] [DEF CON 32 – Anyone Can Hack IoT- Beginner’s Guide To Hacking Your First IoT Device](https://securityboulevard.com/2025/01/def-con-32-anyone-can-hack-iot-beginners-guide-to-hacking-your-first-iot-device/) - - [ ] [Cyber Lingo: What is GRC in cybersecurity?](https://securityboulevard.com/2025/01/cyber-lingo-what-is-grc-in-cybersecurity/) - - [ ] [Randall Munroe’s XKCD ‘Unit Circle’](https://securityboulevard.com/2025/01/randall-munroes-xkcd-unit-circle/) - - [ ] [Continuous Monitoring Guide: FedRAMP Meets Zero Trust](https://securityboulevard.com/2025/01/continuous-monitoring-guide-fedramp-meets-zero-trust/) - - [ ] [How to Choose the Right Cybersecurity Software: A Comprehensive Guide](https://securityboulevard.com/2025/01/how-to-choose-the-right-cybersecurity-software-a-comprehensive-guide/) - - [ ] [How bots and fraudsters exploit video games with credential stuffing](https://securityboulevard.com/2025/01/how-bots-and-fraudsters-exploit-video-games-with-credential-stuffing/) - - [ ] [DEF CON 32 – Building A Secure Resilient Nationwide EV Charging Network](https://securityboulevard.com/2025/01/def-con-32-building-a-secure-resilient-nationwide-ev-charging-network/) - - [ ] [Solving WAFs biggest challenge | Impart Security](https://securityboulevard.com/2025/01/solving-wafs-biggest-challenge-impart-security/) - - [ ] [Unveiling the Dark Web: Myths, Realities, and Risks You Didn’t Know About](https://securityboulevard.com/2025/01/unveiling-the-dark-web-myths-realities-and-risks-you-didnt-know-about/) -- Blogs on STAR Labs - - [ ] [CVE-2024-26230: Windows Telephony Service - It's Got Some Call-ing Issues (Elevation of Privilege)](https://starlabs.sg/blog/2025/cve-2024-26230-windows-telephony-service-its-got-some-call-ing-issues/) + - [ ] [Ensuring Data Safety with Comprehensive NHIDR](https://securityboulevard.com/2025/01/ensuring-data-safety-with-comprehensive-nhidr/) + - [ ] [Building Trust with Effective IAM Solutions](https://securityboulevard.com/2025/01/building-trust-with-effective-iam-solutions/) + - [ ] [Empower Your DevOps with Robust Secrets Security](https://securityboulevard.com/2025/01/empower-your-devops-with-robust-secrets-security/) + - [ ] [DEF CON 32 – Access Control Done Right The First Time](https://securityboulevard.com/2025/01/def-con-32-access-control-done-right-the-first-time/) + - [ ] [The Cybersecurity Vault Podcast 2024 Recap](https://securityboulevard.com/2025/01/the-cybersecurity-vault-podcast-2024-recap/) +- CXSECURITY Database RSS Feed - CXSecurity.com + - [ ] [Iranian Cyber Police "FATA.GOV.IR" has an SQL Injection vulnerability](https://cxsecurity.com/issue/WLB-2025010025) +- 一个被知识诅咒的人 + - [ ] [【人工智能】深入探讨Python在语义角色标注(SRL)中的应用](https://blog.csdn.net/nokiaguy/article/details/145356157) + - [ ] [【人工智能】Python中的知识图谱构建与应用](https://blog.csdn.net/nokiaguy/article/details/145356145) +- Recent Commits to cve:main + - [ ] [Update Sat Jan 25 20:23:12 UTC 2025](https://github.com/trickest/cve/commit/2fe8c0886616ef6cb2eb518d616cf2e8a8275463) + - [ ] [Update Sat Jan 25 12:20:50 UTC 2025](https://github.com/trickest/cve/commit/8a400a4ed71036fc7a505dd4115318f6a3d6ce52) + - [ ] [Update Sat Jan 25 04:28:24 UTC 2025](https://github.com/trickest/cve/commit/e50b33f96c53094e433d46411195d0a8d0241a40) +- SecWiki News + - [ ] [SecWiki News 2025-01-25 Review](http://www.sec-wiki.com/?2025-01-25) +- Hacking Dream + - [ ] [Android APK Penetration Testing Cheatsheet & Guide](https://www.hackingdream.net/2025/01/android-apk-penetration-testing-cheatsheet-guide.html) - Twitter @bytehx - - [ ] [Re @roohaa_n @Bugcrowd Because it was on the testing environment.](https://x.com/bytehx343/status/1882793157093679381) - - [ ] [I earned $650 for my submission on @bugcrowd https://bugcrowd.com/bytehx #ItTakesACrowd Bug: Admin Panel Takeover](https://x.com/bytehx343/status/1882791535617650979) -- Bug Bounty in InfoSec Write-ups on Medium - - [ ] [SQL injection in largest Electricity Board of Sri Lanka](https://infosecwriteups.com/sql-injection-in-largest-electricity-board-of-sri-lanka-1a55c12104bd?source=rss----7b722bfd1b8d--bug_bounty) + - [ ] [RT Mikhail Shcherbakov: Re @gregxsunday If you want to hear cool BB stories about how I used these gadgets, check out the #DEFCON talk https://youtu.b...](https://x.com/bytehx343/status/1883229123541454988) + - [ ] [Re @princechaddha @bryan_johnson Let me know how was it. I have been thinking about trying his protocol.](https://x.com/bytehx343/status/1883188435189703088) + - [ ] [Re @roohaa_n @Bugcrowd Congrats 🎉🎉🎉](https://x.com/bytehx343/status/1883179123394453658) + - [ ] [Hey Folks! 🚀🔥 Jsleak new version is out! If you're using #jsleak, make sure to update to the latest release, and we now support regex patterns f...](https://x.com/bytehx343/status/1883070558415589847) + - [ ] [Re @theabrahack Looks interesting. Thank you for sharing!](https://x.com/bytehx343/status/1883057186068476010) +- Hexacorn + - [ ] [Being a tool while using a tool](https://www.hexacorn.com/blog/2025/01/25/being-a-tool-while-using-a-tool/) - Reverse Engineering - - [ ] [Dissecting the NVIDIA Hopper Architecture through Microbenchmarking and Multiple Level Analysis](https://www.reddit.com/r/ReverseEngineering/comments/1i974mg/dissecting_the_nvidia_hopper_architecture_through/) - - [ ] [Hacking Subaru: Tracking and Controlling Cars via the STARLINK Admin Panel](https://www.reddit.com/r/ReverseEngineering/comments/1i8md2d/hacking_subaru_tracking_and_controlling_cars_via/) - - [ ] [A particularly 'sus' sysctl in the XNU Kernel](https://www.reddit.com/r/ReverseEngineering/comments/1i8m9h3/a_particularly_sus_sysctl_in_the_xnu_kernel/) -- SentinelOne - - [ ] [The Good, the Bad and the Ugly in Cybersecurity – Week 4](https://www.sentinelone.com/blog/the-good-the-bad-and-the-ugly-in-cybersecurity-week-4-6/) -- Malwarebytes - - [ ] [Texas scrutinizes four more car manufacturers on privacy issues](https://www.malwarebytes.com/blog/news/2025/01/texas-scrutinizes-four-more-car-manufacturers-on-privacy-issues) + - [ ] [The invalid 68030 instruction that accidentally allowed the Mac Classic II to successfully boot up](https://www.reddit.com/r/ReverseEngineering/comments/1i9uurg/the_invalid_68030_instruction_that_accidentally/) + - [ ] [From arbitrary pointer dereference to arbitrary read/write in latest Windows 11](https://www.reddit.com/r/ReverseEngineering/comments/1i9vikr/from_arbitrary_pointer_dereference_to_arbitrary/) + - [ ] [Writing a NES emulator](https://www.reddit.com/r/ReverseEngineering/comments/1i9jont/writing_a_nes_emulator/) - 安全牛 - - [ ] [2024年度全球邮件威胁报告](https://www.aqniu.com/vendor/108155.html) - - [ ] [多个网络安全巨头的账户凭证泄露,在暗网被售卖;工信部提醒:防范Androxgh0st僵尸网络风险 | 牛览](https://www.aqniu.com/homenews/108150.html) - - [ ] [深度长文 | 面对马斯克在CES2025上的预言,我们该何去何从?](https://www.aqniu.com/homenews/108149.html) -- HackerNews - - [ ] [特斯拉电动汽车充电器在 Pwn2Own 东京大赛次日遭两次黑客攻击](https://hackernews.cc/archives/57086) - - [ ] [QNAP 修复 NAS 备份恢复应用中的六项 Rsync 漏洞](https://hackernews.cc/archives/57078) - - [ ] [近千个假冒 Reddit 网站推广 Lumma Stealer 恶意软件](https://hackernews.cc/archives/57073) - - [ ] [TRIPLESTRENGTH 针对云环境进行加密货币劫持与勒索软件攻击](https://hackernews.cc/archives/57071) - - [ ] [QakBot 相关 BC 恶意软件新增强化远程访问与数据收集功能](https://hackernews.cc/archives/57069) - - [ ] [Juniper 路由器遭利用“魔术包”漏洞的定制后门攻击](https://hackernews.cc/archives/57064) - - [ ] [Palo Alto 防火墙被发现存在安全启动绕过和固件漏洞](https://hackernews.cc/archives/57061) -- 杨龙 - - [ ] [阿里云小内存机器频繁死机可能原因](https://www.yanglong.pro/%e9%98%bf%e9%87%8c%e4%ba%91%e5%b0%8f%e5%86%85%e5%ad%98%e6%9c%ba%e5%99%a8%e9%a2%91%e7%b9%81%e6%ad%bb%e6%9c%ba%e5%8f%af%e8%83%bd%e5%8e%9f%e5%9b%a0/) -- 奇客Solidot–传递最新科技情报 - - [ ] [秘密后门使用“魔法封包”感染企业 VPN](https://www.solidot.org/story?sid=80419) - - [ ] [调查显示八成游戏开发商开发 PC 游戏](https://www.solidot.org/story?sid=80418) - - [ ] [《自然》调查显示七成回应者使用 Bluesky](https://www.solidot.org/story?sid=80417) - - [ ] [乔治 R.R.马丁合作发表了一篇物理学论文](https://www.solidot.org/story?sid=80416) - - [ ] [Google 移动搜索移除网址面包屑导航](https://www.solidot.org/story?sid=80415) - - [ ] [癌细胞利用有缺陷的线粒体毒害攻击免疫细胞](https://www.solidot.org/story?sid=80414) - - [ ] [日本市场中国平板电视首次超过五成](https://www.solidot.org/story?sid=80413) - - [ ] [智人离开非洲后血型可能发生适应性遗传变化](https://www.solidot.org/story?sid=80412) - - [ ] [三菱不打算参与本田日产的合并](https://www.solidot.org/story?sid=80411) - - [ ] [特朗普政府暂停了 NIH 的会议和旅行](https://www.solidot.org/story?sid=80410) - - [ ] [Debian 15 代号 Duke](https://www.solidot.org/story?sid=80409) - - [ ] [研究揭示不同政治光谱对传递虚假信息的偏好](https://www.solidot.org/story?sid=80408) -- 腾讯玄武实验室 - - [ ] [每日安全动态推送(25/1/24)](https://mp.weixin.qq.com/s?__biz=MzA5NDYyNDI0MA==&mid=2651960005&idx=1&sn=def8d5b004e60d0aa2f280d8493dc542&chksm=8baed25abcd95b4c23216c4b136a117918821b1f1ab95f8ce4b0e3c6ab2023bca38d426f0245&scene=58&subscene=0#rd) -- 安全客 - - [ ] [特斯拉充电桩一天被入侵两次,电动汽车基础设施网络安全引发全球关注](https://mp.weixin.qq.com/s?__biz=MzA5ODA0NDE2MA==&mid=2649787811&idx=1&sn=4927212fd9debdf7d94032ffd45aa0a9&chksm=8893bdccbfe434da1ec3c28eee36e47d63292e7a1c711d7f6818ff6f70209bede150d2007572&scene=58&subscene=0#rd) + - [ ] [ChatGPT又全球大面积宕机,AI助手暂时”失联”;斯巴鲁系统漏洞曝光,数百万车辆面临远程解锁并启动风险 | 牛览](https://www.aqniu.com/homenews/108166.html) + - [ ] [《智能化安全运营中心应用指南(2025年)》报告暨代表性厂商评估调研启动](https://www.aqniu.com/homenews/108165.html) - 黑海洋 - IT技术知识库 - - [ ] [PixPro图床 – Github存储版](https://blog.upx8.com/4678) -- FreeBuf网络安全行业门户 - - [ ] [Shiro CVE-2020-17523 路径绕过](https://www.freebuf.com/vuls/420772.html) - - [ ] [FreeBuf周报 | 特朗普特赦暗网丝绸之路创始人;B站员工代码投毒报复用户](https://www.freebuf.com/news/420756.html) - - [ ] [Tyrant(暴君) SUID二进制文件权限提升工具](https://www.freebuf.com/sectool/420749.html) - - [ ] [黑客利用Windows RID劫持技术创建隐藏管理员账户](https://www.freebuf.com/articles/system/420811.html) - - [ ] [2025网络暴露危机报告:45%第三方应用越权访问用户数据](https://www.freebuf.com/news/420744.html) - - [ ] [黑客用假恶意软件生成器感染1.8万名“脚本小子”](https://www.freebuf.com/articles/endpoint/420809.html) - - [ ] [斯巴鲁漏洞让黑客可以远程控制数百万辆汽车](https://www.freebuf.com/news/420728.html) - - [ ] [[windows]自动锁屏程序](https://www.freebuf.com/sectool/420727.html) - - [ ] [新型人工智能“黑帽”工具:GhostGPT带来的威胁与挑战](https://www.freebuf.com/news/420724.html) -- 奇安信威胁情报中心 - - [ ] [每周高级威胁情报解读(2025.01.17~01.23)](https://mp.weixin.qq.com/s?__biz=MzI2MDc2MDA4OA==&mid=2247513863&idx=1&sn=9c4a03d780248697f3ef6da46a3760fe&chksm=ea664070dd11c9664b9d2879112628ee373660f60d7f25a7e8d14365524b15307382d82dac01&scene=58&subscene=0#rd) + - [ ] [免费照片转视频 AI 生成器:PhotoToVideo](https://blog.upx8.com/4679) +- 奇客Solidot–传递最新科技情报 + - [ ] [大英博物馆遭前 IT 雇员攻击而部分关闭](https://www.solidot.org/story?sid=80424) + - [ ] [巴基斯坦议会通过法案全面控制社交媒体](https://www.solidot.org/story?sid=80423) + - [ ] [AI 犯的错误和人类不同](https://www.solidot.org/story?sid=80422) + - [ ] [数百超级富豪呼吁对其征收更高的税](https://www.solidot.org/story?sid=80421) + - [ ] [Linux 6.14 加入对微软 Copilot 按键的支持](https://www.solidot.org/story?sid=80420) - 安全内参 - - [ ] [知名车企漏洞:只需车牌号,就能远程监控劫持数百万辆车](https://mp.weixin.qq.com/s?__biz=MzI4NDY2MDMwMw==&mid=2247513589&idx=1&sn=1b70e6f4b48c39927bb2af1c0178da71&chksm=ebfaf2d5dc8d7bc3abdb845b15e34f01c5f9cc9f45c71804e231873a3c9b8be109f58083ea60&scene=58&subscene=0#rd) - - [ ] [人数超TikTok!2024年美国医疗行业泄漏了1.8亿患者数据](https://mp.weixin.qq.com/s?__biz=MzI4NDY2MDMwMw==&mid=2247513589&idx=2&sn=3351a7a65979a78d643300f2a4dadfa5&chksm=ebfaf2d5dc8d7bc3d4cc9463e5f5a1a7ea306214b1c2ff9c9ef273fd5adadc40174c66510720&scene=58&subscene=0#rd) -- 威努特安全网络 - - [ ] [中方回应美对中网络攻击,惠普公司开发文件泄漏 | 一周特辑](https://mp.weixin.qq.com/s?__biz=MzAwNTgyODU3NQ==&mid=2651130852&idx=1&sn=f1f55221d3afc7e74434b9d7e1180e95&chksm=80e71154b7909842dc785813844722ccaa15f8f08962db7fa984f1c156c60c4f4f285e6932e1&scene=58&subscene=0#rd) -- 看雪学苑 - - [ ] [大众DP BR X8跳转清理 & a5分析](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458589258&idx=1&sn=c1333a825d642b84f6494440d9d8f10c&chksm=b18c28c086fba1d62346bd0549dfc0cce7d6a264896bff49ec6fa9c67d09e41b8e76e90d5097&scene=58&subscene=0#rd) - - [ ] [职位更新!好工作不等人](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458589258&idx=2&sn=0f3ea01777f154e98bec7ccb0214b51c&chksm=b18c28c086fba1d624ad70b554e691e9d88be8caa3deb07a854e332421e9924bf50e15a3c4b9&scene=58&subscene=0#rd) - - [ ] [特斯拉汽车被“重点关注”,Pwn2Own Automotive 2024首日曝出24个零日漏洞](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458589258&idx=3&sn=1ee9c0b4428aba7d94dead806b1d1cb1&chksm=b18c28c086fba1d68376c00b114728f746f713fc2982b933066eb6ecbdc12c0081c2b3bb1411&scene=58&subscene=0#rd) - - [ ] [学它!Browser Pwn Chrome V8篇](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458589258&idx=4&sn=f3db39003003caac0baa29b1e79f959e&chksm=b18c28c086fba1d6bd9cfde7e242476b6f95ecc53d490d7adb507edeb3df6e00bbe7c43f3169&scene=58&subscene=0#rd) -- 代码卫士 - - [ ] [Oracle 2025年1月补丁日多产品高危漏洞安全风险通告](https://mp.weixin.qq.com/s?__biz=MzI2NTg4OTc5Nw==&mid=2247522169&idx=1&sn=fce75986029eae4069d3b0638d1202bd&chksm=ea94a613dde32f05ef7826dcffe2b3decd7b00ebdf610c08b0715fb2887545ac34d0f7f964dc&scene=58&subscene=0#rd) + - [ ] [厚雪翻长坡,平淡不平凡:2024年网安产业发展态势剖析及2025年趋势展望](https://mp.weixin.qq.com/s?__biz=MzI4NDY2MDMwMw==&mid=2247513601&idx=1&sn=2c2baa4754e797d7e551214681e8f8c1&chksm=ebfaf121dc8d7837a7b63f349fe6d024b4c21ab2af52b9a47e85120eaef5193e6dc7a1a6fc1c&scene=58&subscene=0#rd) +- 天御攻防实验室 + - [ ] [从Pegasus到Predator:iOS商业间谍软件的演进](https://mp.weixin.qq.com/s?__biz=MzU0MzgyMzM2Nw==&mid=2247486250&idx=1&sn=daa031ff26b9773e0177492de181ba56&chksm=fb04c842cc7341547e24e5d3ef245e093b4f4fd5e1a07df102c384f7ea5aa4c1bee9213ba60f&scene=58&subscene=0#rd) - 丁爸 情报分析师的工具箱 - - [ ] [【智库报告】生物力量:确保美国在生物技术领域的领导地位](https://mp.weixin.qq.com/s?__biz=MzI2MTE0NTE3Mw==&mid=2651148676&idx=1&sn=1f06118ca29bead7275e53e21449c3d5&chksm=f1af26bec6d8afa8acd71cd12d352ac329764f11442e96d516ec4f5d4de731ff287f315664bb&scene=58&subscene=0#rd) + - [ ] [【资讯】特朗普签署行政命令取消拜登人工智能政策:美国政策的“朝令夕改”](https://mp.weixin.qq.com/s?__biz=MzI2MTE0NTE3Mw==&mid=2651148689&idx=1&sn=0707627dd1c290fd861d390ad8100390&chksm=f1af26abc6d8afbd7427e0c3da7a4c6d21a3130ad8f4d9de782945434e589c4b81ab5df3776e&scene=58&subscene=0#rd) - dotNet安全矩阵 - - [ ] [文件痕迹清理,通过 Sharp4ModifyTime 修改任意文件时间戳](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498414&idx=1&sn=10c139db39735808d38c078682fce180&chksm=fa595443cd2edd55d66fb3d9017e009c5caf2c926f3df17fb94750bb82d71fe7f49bd2e51fa9&scene=58&subscene=0#rd) - - [ ] [国内最专业、最全面的 [ .NET 代码审计 ] 体系化学习交流社区](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498414&idx=2&sn=d3c80ed5d3de19b8387f42bb7cc03601&chksm=fa595443cd2edd558f74d9545543622d73ec3aaf0037dd848378945854655e763a11ac52e1cf&scene=58&subscene=0#rd) - - [ ] [通过 Sharp4Tokenvator 实现本地权限提升](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498414&idx=3&sn=ace80c4aea3efbc86df8b64024f230ba&chksm=fa595443cd2edd55b7f4ec0d4a576bc19c3cefa0a5e9de199379c5f8271cb941e2887b1ddd6d&scene=58&subscene=0#rd) -- 天御攻防实验室 - - [ ] [泄露文件揭示以色列军方与微软之间的深层联系,在加沙战争期间提供技术支持](https://mp.weixin.qq.com/s?__biz=MzU0MzgyMzM2Nw==&mid=2247486245&idx=1&sn=6c3bb1322ccb3edb14168ca734a6242b&chksm=fb04c84dcc73415bcf1d7c2f5ac99a3097bf6e51cee850fadde07cba4dc05c7d75774a1e3f00&scene=58&subscene=0#rd) -- ChaMd5安全团队 - - [ ] [Kaiji恶意样本分析_v2](https://mp.weixin.qq.com/s?__biz=MzIzMTc1MjExOQ==&mid=2247511902&idx=1&sn=5a5087aec514f7b15779c18c089f0108&chksm=e89d8786dfea0e90e92921d5e1165a96c3c07af7d978f5c64f6eb6298ffd10e0112f71c100d4&scene=58&subscene=0#rd) -- 安全圈 - - [ ] [【安全圈】斯巴鲁汽车漏洞让黑客利用 Starlink 远程控制数百万辆汽车](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067590&idx=1&sn=32ea96086da2a1f7d7b7c25530ca8d55&chksm=f36e7b46c419f2508759cde38a0b63b3f4b1442bc7655fa88acfdb556c1fefa5e78211594fc2&scene=58&subscene=0#rd) - - [ ] [【安全圈】GhostGPT – 黑客用来生成恶意软件和漏洞的新型 AI 黑帽工具](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067590&idx=2&sn=0963e1001cd7415a1987cb9c33807d8c&chksm=f36e7b46c419f2503cd6ccf7191847d24b6e5135071daedb82309bbc01b97545402cc0ff010b&scene=58&subscene=0#rd) - - [ ] [【安全圈】思科曝9.9分关键权限提升漏洞](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067590&idx=3&sn=7379d9127186d37af92f08f7a9ced06e&chksm=f36e7b46c419f25055741d6542936063bf1b5787923201949d2998d3f1120257c12deaab9a8f&scene=58&subscene=0#rd) - - [ ] [【安全圈】Chrome用户面临供应链攻击威胁,数百万人或受影响](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067590&idx=4&sn=ab568c073e0bfe554ca07ca03503f2da&chksm=f36e7b46c419f2504e60fb5ecb4e5b4587d40c40ef28fa92ddedef841c052dddeb060feb9d4a&scene=58&subscene=0#rd) -- M01N Team - - [ ] [每周蓝军技术推送(2025.1.18-1.24)](https://mp.weixin.qq.com/s?__biz=MzkyMTI0NjA3OA==&mid=2247494044&idx=1&sn=356681967a014551977e5051389b8f15&chksm=c184298df6f3a09b94ddf8530ba9a609f1a4b3b5f9613ec89ba358c061f0b4d9593c735c2599&scene=58&subscene=0#rd) + - [ ] [.NET 第 56 期红队武器库和资源汇总](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498450&idx=1&sn=0e544713a937f0cc0f8fe5662ece86f9&chksm=fa59543fcd2edd2963e30663b8bbe96e77d53d5e2c4f7031b50fe952aba8d1f577cada65c675&scene=58&subscene=0#rd) + - [ ] [.NET 内网攻防实战电子报刊](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498450&idx=2&sn=a00f3f8ae2f091ade34fc645636c1188&chksm=fa59543fcd2edd296a6821e4424d0c5605ae82829d456ecb55237c603906088a99f4d65bb1ae&scene=58&subscene=0#rd) + - [ ] [文件痕迹清理,通过 Sharp4ModifyTime 修改任意文件时间戳](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498450&idx=3&sn=01dad887be82ec26ebc80e1de617c700&chksm=fa59543fcd2edd29d00dc462ff4f7e26830de7ead97b9becc8fa24cd995af578294d491b48ed&scene=58&subscene=0#rd) - 吾爱破解论坛 - - [ ] [吾爱破解论坛精华集2024](https://mp.weixin.qq.com/s?__biz=MjM5Mjc3MDM2Mw==&mid=2651141621&idx=1&sn=3f4c02af5506cb4440b9bc873071e716&chksm=bd50a5a18a272cb726747cfc86d50e65fcb43108e02ccddb2e78de7a82d173eb3bb2f4c05463&scene=58&subscene=0#rd) -- 嘶吼专业版 - - [ ] [针对 Chrome 浏览器扩展程序网络钓鱼活动的新细节被披露](https://mp.weixin.qq.com/s?__biz=MzI0MDY1MDU4MQ==&mid=2247580965&idx=1&sn=7b271d77d7ae3794e77995267c934acf&chksm=e9146d1fde63e4097053f87e00d408e479510a2c67f11147c47b8735ea28cd8466e12a464d04&scene=58&subscene=0#rd) - - [ ] [新的 UEFI 安全启动漏洞使系统暴露于 bootkit](https://mp.weixin.qq.com/s?__biz=MzI0MDY1MDU4MQ==&mid=2247580965&idx=2&sn=35ac8cf9ec1bfacb175b8622720863e2&chksm=e9146d1fde63e40910e314cac61af17533c328067d6bd015df8402266ba7692efae9a049c79f&scene=58&subscene=0#rd) -- 中国信息安全 - - [ ] [专题·人工智能安全治理 | 《人工智能安全治理框架》为人工智能安全发展提供重要指引](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235681&idx=1&sn=530f8234ebb092aa1a91e0c76012ae79&chksm=8b580058bc2f894ee2eae6f8c70502378a85d1c68c7854fc04a36aa415a806b70c3b95b59a89&scene=58&subscene=0#rd) - - [ ] [发布 | 国家数据局就《数据领域常用名词解释(第二批)》公开征求意见(附全文)](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235681&idx=2&sn=bf11efc7a9b860fb9b20b141baa90341&chksm=8b580058bc2f894e8a78e5460bb45f362eeed694b3371ca573a75b3fd3cc0f08ad6cab57e0ce&scene=58&subscene=0#rd) - - [ ] [专家解读 | 构建高素质人才队伍,助力数据标注产业发展](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235681&idx=3&sn=a3cb25195824a0af1ff71d0489c3fffc&chksm=8b580058bc2f894eb245d36a53ec92e5f687b6e6c66f7f71f0de296890f4298efb378db18fb8&scene=58&subscene=0#rd) - - [ ] [关注 | 检察机关依法惩治侵害企业数据安全犯罪 服务保障企业创新发展](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235681&idx=4&sn=42732fbe26b1fac5bc322a9e33b0b28a&chksm=8b580058bc2f894e0f4cbee4ba19fbc1b27fa5adfa931776ec7cb3fd7561bac3e8b4892b8ccc&scene=58&subscene=0#rd) - - [ ] [解读 | 市场监管总局发布《网络交易执法协查暂行办法》 建立健全网络交易执法协查机制提升监管效能](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235681&idx=5&sn=5c63e275dc2b4b4f5dc92f28bbbf9bd5&chksm=8b580058bc2f894e4ac6bd8b2f2a60ec364d705cfefc7db43b0fc7889dab60803743480b83bc&scene=58&subscene=0#rd) - - [ ] [发布 | 中国信通院联合发布《数据治理研究报告(2024年)》(附下载)](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235681&idx=6&sn=acbcf59882875e4e743a79a6a0213aff&chksm=8b580058bc2f894eb05f0a640a04bc0c13832cf9659cfd9cf586f741342e097e7cb4f2034b14&scene=58&subscene=0#rd) - - [ ] [国际 | 域外个人生物识别信息保护模式考察](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235681&idx=7&sn=a87473518e84e1b51f4fbc4906a29861&chksm=8b580058bc2f894efeb5cc3fd1319d517ad0008fc4cd0f9d85d46eb582042a0de18704a8873c&scene=58&subscene=0#rd) - - [ ] [评论 | 让网络交易执法协作更规范有序](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235681&idx=8&sn=2f11ec80a6ee5f872457f929a062a55f&chksm=8b580058bc2f894e56c7b4df2c980cea63ded34c1a6f34cf676f53b56d42c1167466955df122&scene=58&subscene=0#rd) -- 数世咨询 - - [ ] [2025年必看!人工智能重塑网络安全,超级自动化就在眼前!](https://mp.weixin.qq.com/s?__biz=MzkxNzA3MTgyNg==&mid=2247534964&idx=1&sn=cd109de22eeb6fcac5e7cd1247dd3038&chksm=c1443bc9f633b2dffee47e3c9a18afbcf4f64db84cbb2f3d5cb84383c63142f168c05adae6a9&scene=58&subscene=0#rd) + - [ ] [吾爱破解论坛微信红包封面(60000份)](https://mp.weixin.qq.com/s?__biz=MjM5Mjc3MDM2Mw==&mid=2651141639&idx=1&sn=7306868d4e210299a761b09dfab68bec&chksm=bd50a6538a272f45be2fde65658c162491d6a14b55e06c11bfc97ec7b9ccb3165d8cb4084ee3&scene=58&subscene=0#rd) +- 威胁棱镜 + - [ ] [2024 年工控互联网态势](https://mp.weixin.qq.com/s?__biz=MzkyMzE5ODExNQ==&mid=2247487629&idx=1&sn=f51d253054a3fe4b1f53af328973c7d9&chksm=c1e9e741f69e6e57778dac4aa1429e2857f7d211469e5f5239be9ab8b07cd327bfa6217e1bd2&scene=58&subscene=0#rd) +- 看雪学苑 + - [ ] [DEC/RPC协议与Windows服务创建浅析(银狐原始进程隐匿方式之一)](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458589259&idx=1&sn=2076280e4c58e4cd0d718047946ebe83&chksm=b18c28c186fba1d72857bb2f9ecd1cf60756243ffde6306a22d046402d7ef801dfff28547af8&scene=58&subscene=0#rd) + - [ ] [别错过!“系统0day安全”课程,带你精通漏洞挖掘技巧](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458589259&idx=2&sn=4356dec55931f1257ae44561ca3f0d3e&chksm=b18c28c186fba1d7bf12649f11f2f5078f554a99f2e3c5db93d10a68151651e9d90c81e7753d&scene=58&subscene=0#rd) +- 安全圈 + - [ ] [【安全圈】2000余名网红遭信息“开盒” 嫌疑人获利几十万元](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067606&idx=1&sn=06c7d132a1649380a5b7629742f5d3f7&chksm=f36e7b56c419f240368726c211c69ba2369aa718ee5183ec43c60390b8e84702917b3a31a610&scene=58&subscene=0#rd) + - [ ] [【安全圈】微软 Win10 / Win11 新威胁:RID 劫持可提权至管理员控制你的 PC](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067606&idx=2&sn=efa053f9e1755bb17193b5a5868fb8ce&chksm=f36e7b56c419f24014b67943f6766ea3ab7b908882f20b4e0af01106172c63290014f9c24682&scene=58&subscene=0#rd) + - [ ] [【安全圈】新的 Cleo 零日 RCE 漏洞在数据盗窃攻击中被利用](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067606&idx=3&sn=6473d53d9a207bfac9888ca3a543bbf8&chksm=f36e7b56c419f2407633ba9229c8cb14a4e4458baf67e78d79310f03423449e922b703042bec&scene=58&subscene=0#rd) + - [ ] [【安全圈】新的 UEFI 安全启动漏洞使系统暴露于 bootkit](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067606&idx=4&sn=e8ae1a9dfb9fb649575b0d8a5414a82d&chksm=f36e7b56c419f24087b4c41685f0be88aab339021ceb93dffd537c9df34d2812ec3232317caa&scene=58&subscene=0#rd) - 情报分析师 - - [ ] [情报:那些事儿](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650559205&idx=1&sn=6f86b1fec7d1f4306725254f5e6db47b&chksm=87117caeb066f5b815b102a771281eb4e910b4e244ef275aa4415290e48253076ec16ad5c18b&scene=58&subscene=0#rd) - - [ ] [开源情报分析:透视一个人的多面性](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650559205&idx=2&sn=6a56dd9122e1a302bc2384123478737b&chksm=87117caeb066f5b87e14101a13336b9e6be83fbc2884d71296f17c29da9e70a956c4d40941f8&scene=58&subscene=0#rd) - - [ ] [开源情报信息,一网打尽!](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650559205&idx=3&sn=1cca5108e67070471ee51e0e1ea8dcbd&chksm=87117caeb066f5b898030d03c8c46ca801ddfd645b1e85ec75ce59eeb5cb9c54e7da072470bd&scene=58&subscene=0#rd) -- CNVD漏洞平台 - - [ ] [Oracle发布2025年1月的安全公告](https://mp.weixin.qq.com/s?__biz=MzU3ODM2NTg2Mg==&mid=2247495725&idx=1&sn=dedb6bb0dabaefa9b319ac1b7250d198&chksm=fd74c0e4ca0349f283b0e540501af4fa1eeb782340415eff1013718bda5508d4702dbdcfff2a&scene=58&subscene=0#rd) -- 火绒安全 - - [ ] [【火绒安全周报】B站员工滥用权限报复用户被开除/2000多名网红被“开盒”](https://mp.weixin.qq.com/s?__biz=MzI3NjYzMDM1Mg==&mid=2247521828&idx=1&sn=82479a718193afc90904db31f588c5e6&chksm=eb70481bdc07c10d2378d6352727843511736ac4f404c29cf9f77471d0d7f39ce10514d787ea&scene=58&subscene=0#rd) - - [ ] [诚邀渠道合作伙伴共启新征程](https://mp.weixin.qq.com/s?__biz=MzI3NjYzMDM1Mg==&mid=2247521828&idx=2&sn=3f3425eb3c27f9524fb0f2d953ca029a&chksm=eb70481bdc07c10d32197f192e668777077d45aa9eea8faf428e04c535eb84d385aa11a0d679&scene=58&subscene=0#rd) + - [ ] [事关Stargate项目,说点你不知道的内幕!](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650559242&idx=1&sn=65609027c9fddad943535044bcb06811&chksm=87117d41b066f4575f3b8fc3d3971f7eef784642475a4d33595a6dde9f13f7df0b0f8eda197d&scene=58&subscene=0#rd) + - [ ] [“懂王”重出江湖:前100日计划剖析(2万字资料附下载)](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650559242&idx=2&sn=812122521348cdc4a1414ee0000a67b8&chksm=87117d41b066f45792e59919c059261ad0157fb18bbb2f1dcbd0685ff898acd35c6c3bce395a&scene=58&subscene=0#rd) - 极客公园 - - [ ] [豆包大模型 1.5 不走「捷径」,火山引擎要造「长坡厚雪」](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653072804&idx=1&sn=7fc6c4db1fad547f98df8d00ad106b33&chksm=7e57d0124920590444932c909ec415ffb185143d343e2419ea28f294c9fe2bc069783622d1a0&scene=58&subscene=0#rd) - - [ ] [我们要摆脱『过个 AI 年』这样的初级阶段了](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653072771&idx=1&sn=3149d2565c3589ac38227d8d5878597f&chksm=7e57d0354920592309f96a4d274ad464edd3d0c87637c4b30146afc4041f5f392f17627fb714&scene=58&subscene=0#rd) - - [ ] [OpenAI 推新智能体,能完成复杂任务;雷军、王传福入选全球最佳 CEO;字节游戏《决胜巅峰》开启国内公测 | 极客早知道](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653072732&idx=1&sn=0926a0b689d8e148d5c9fb4b32aa0892&chksm=7e57d0ea492059fc09eb0e9933091e0c43b3b5c2bc1d10a11b6be1acf32bb25d9c4bec737b0c&scene=58&subscene=0#rd) -- 奇安盘古 - - [ ] [2025 蛇年迎新,盘古石取证暖心献礼:红包封面大放送,更多好礼等您来!](https://mp.weixin.qq.com/s?__biz=MzI2MDA0MTYyMQ==&mid=2654404359&idx=1&sn=cb7965528fedcff57cca3c5cf9847be5&chksm=f1ade1fdc6da68eb47796fef146879a2a2b5b5b44aab25764027cf594608aba90b65b0e9004d&scene=58&subscene=0#rd) + - [ ] [智能泊车事故公开,小米汽车召回 3 万台 SU7;字节 2026 年停发春节红包;《权游》作者发表物理学论文 | 极客早知道](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653072822&idx=1&sn=7c6ca6a38c34759561d422054250e57c&chksm=7e57d00049205916e8025fe1d9be04063c7ebe7460a277127ae61e7b3bc947b7c86c8213b39b&scene=58&subscene=0#rd) +- 谛听ditecting + - [ ] [谛听|“谛听”团队参加2021年国家重点研发计划“智能网联场景工业控制系统深度防御与安全处置技术”项目 课题综合绩效评价会议](https://mp.weixin.qq.com/s?__biz=MzU3MzQyOTU0Nw==&mid=2247492392&idx=1&sn=4457e5fc8b2fcca5ba76cd80c2dc9145&chksm=fcc3616ccbb4e87a6a1a1e47120e8d944a7ec9e8fc569022e103b6ea15590c421f76df8c4efe&scene=58&subscene=0#rd) - 字节跳动技术团队 - - [ ] [Jeddak星火计划-开启申报](https://mp.weixin.qq.com/s?__biz=MzI1MzYzMjE0MQ==&mid=2247512933&idx=1&sn=b2602ab68be9a48e636dfae7229f3144&chksm=e9d37887dea4f191941d0bb113066bf053408a8bd5796ecfeb49d90c5cf43e1920bf2dafab42&scene=58&subscene=0#rd) -- 百度安全应急响应中心 - - [ ] [限量红包封面 | 好运“嘶”声而来 滑进你的口袋](https://mp.weixin.qq.com/s?__biz=MzA4ODc0MTIwMw==&mid=2652542174&idx=1&sn=5fe0d886b064979793b3cbd19a61b7fe&chksm=8bcbb0e2bcbc39f42a01e0223d846599c26ac7e6e5fdf61cfad2eac81894c6229699bd5284b0&scene=58&subscene=0#rd) -- Tide安全团队 - - [ ] [记一次钓鱼邮件实例分析](https://mp.weixin.qq.com/s?__biz=Mzg2NTA4OTI5NA==&mid=2247519791&idx=1&sn=f8f408c3e7b57b9783fde060aff1708e&chksm=ce5dac4ef92a25583e33450d525507ab9da79d6e5fc9a15b0a7e5c799935ec0614f904647568&scene=58&subscene=0#rd) -- huasec - - [ ] [24年总结](https://mp.weixin.qq.com/s?__biz=MzIyOTY1NDE5Mg==&mid=2247485100&idx=1&sn=0d1663a53843d7a2bd0c5504c41d1514&chksm=e8be2d73dfc9a4658eb6f0680a4e62f1bd800fe5988bfcf1fe194160e0157aa434d882f6d8b8&scene=58&subscene=0#rd) -- 360数字安全 - - [ ] [春节假期,安全大模型帮你“躺赢”!](https://mp.weixin.qq.com/s?__biz=MzA4MTg0MDQ4Nw==&mid=2247579220&idx=1&sn=036d352c4a29bd9863fce78dcd7d5e64&chksm=9f8d265ca8faaf4acfd7a299e3d5b6e9edf55ef80424fc5ae53a59a7be22d2114eb1e9bd5678&scene=58&subscene=0#rd) -- Over Security - Cybersecurity news aggregator - - [ ] [Update: New Details on the Medusa Ransomware Attack on Hospital El Cruce](https://www.suspectfile.com/update-new-details-on-the-medusa-ransomware-attack-on-hospital-el-cruce/) - - [ ] [More than 2,000 SonicWall devices vulnerable to critical zero-day](https://therecord.media/sonicwall-devices-exposed-zero-day) - - [ ] [Politicization of intel oversight board could threaten key US-EU data transfer agreement](https://therecord.media/politicization-of-pclob-could-threaten-key-eu-us-data-transfer-agreement) - - [ ] [Zyxel warns of bad signature update causing firewall boot loops](https://www.bleepingcomputer.com/news/security/zyxel-warns-of-bad-signature-update-causing-firewall-boot-loops/) - - [ ] [Microsoft to deprecate WSUS driver synchronization in 90 days](https://www.bleepingcomputer.com/news/microsoft/microsoft-to-deprecate-wsus-driver-synchronization-in-90-days/) - - [ ] [At least $69 million stolen from crypto platform Phemex in suspected cyberattack](https://therecord.media/69-million-stolen-cyberattack-crypto-platform-phemex) - - [ ] [Subaru Starlink flaw let hackers hijack cars in US and Canada](https://www.bleepingcomputer.com/news/security/subaru-starlink-flaw-let-hackers-hijack-cars-in-us-and-canada/) - - [ ] [Hackers use Windows RID hijacking to create hidden admin account](https://www.bleepingcomputer.com/news/security/hackers-use-windows-rid-hijacking-to-create-hidden-admin-account/) - - [ ] [Hospital El Cruce takes its website offline following a severe cyberattack](https://www.suspectfile.com/hospital-el-cruce-takes-its-website-offline-following-a-severe-cyberattack/) - - [ ] [PayPal penalized $2 million over data breach involving 35K Social Security numbers](https://therecord.media/paypal-penalty-millions-data-breach) - - [ ] [Update #6: blog e argomenti live](https://roccosicilia.com/2025/01/24/update-6-blog-e-argomenti-live/) - - [ ] [Hacker infects 18,000 "script kiddies" with fake malware builder](https://www.bleepingcomputer.com/news/security/hacker-infects-18-000-script-kiddies-with-fake-malware-builder/) - - [ ] [Oltre il 90% dei Microsoft Exchange Server è ancora vulnerabile a ProxyLogon](https://www.securityinfo.it/2025/01/24/oltre-il-90-dei-microsoft-exchange-server-e-ancora-vulnerabile-a-proxylogon/) - - [ ] [Managed Detection and Response – How are you monitoring?](https://www.bleepingcomputer.com/news/security/managed-detection-and-response-how-are-you-monitoring/) - - [ ] [Microsoft: Outdated Exchange servers fail to auto-mitigate security bugs](https://www.bleepingcomputer.com/news/security/microsoft-outdated-exchange-servers-fail-to-auto-mitigate-security-bugs/) - - [ ] [Sintesi riepilogativa delle campagne malevole nella settimana del 18 – 24 gennaio](https://cert-agid.gov.it/news/sintesi-riepilogativa-delle-campagne-malevole-nella-settimana-del-18-24-gennaio/) - - [ ] [Unlocking Vulnrichment: Enhancing CVE Data for Smarter Vulnerability Management](https://cyble.com/blog/cisa-reveals-vulnrichment-management-for-cve-data/) - - [ ] [Anatomy of an Exploit Chain: CISA, FBI Detail Ivanti CSA Attacks](https://cyble.com/blog/ivanti-csa-attacks-cisa-fbi-expose-exploit-chain/) - - [ ] [Seasoning email threats with hidden text salting](https://blog.talosintelligence.com/seasoning-email-threats-with-hidden-text-salting/) - - [ ] [UK to examine undersea cable vulnerability as Russian spy ship spotted in British waters](https://therecord.media/britain-undersea-cables-russian-spy-ship) - - [ ] [Hackers get $886,250 for 49 zero-days at Pwn2Own Automotive 2025](https://www.bleepingcomputer.com/news/security/hackers-get-886-250-for-49-zero-days-at-pwn2own-automotive-2025/) - - [ ] [USB Army Knife: The Ultimate Close Access Penetest Tool](https://www.mobile-hacker.com/2025/01/24/usb-army-knife-the-ultimate-close-access-penetest-tool/) - - [ ] [Malware Redirects WordPress Traffic to Harmful Sites](https://blog.sucuri.net/2025/01/malware-redirects-wordpress-traffic-to-harmful-sites.html) -- Krypt3ia - - [ ] [Krypt3ia Daily Cyber Threat Intelligence (CTI) Digest](https://krypt3ia.wordpress.com/2025/01/24/krypt3ia-daily-cyber-threat-intelligence-cti-digest-2/) -- ICT Security Magazine - - [ ] [Cybersecurity e infrastrutture critiche sottomarine: Analisi delle vulnerabilità e strategie di resilienza nella backbone globale](https://www.ictsecuritymagazine.com/articoli/infrastrutture-critiche-sottomarine/) -- Securityinfo.it - - [ ] [Oltre il 90% dei Microsoft Exchange Server è ancora vulnerabile a ProxyLogon](https://www.securityinfo.it/2025/01/24/oltre-il-90-dei-microsoft-exchange-server-e-ancora-vulnerabile-a-proxylogon/?utm_source=rss&utm_medium=rss&utm_campaign=oltre-il-90-dei-microsoft-exchange-server-e-ancora-vulnerabile-a-proxylogon) -- 希潭实验室 - - [ ] [第114篇:美国NSA量子DNS注入攻击技术,揭秘网络战的隐蔽手段QUANTUMDNS](https://mp.weixin.qq.com/s?__biz=MzkzMjI1NjI3Ng==&mid=2247487346&idx=1&sn=8c754ccbec08542992cce032cf7abcbf&chksm=c25fc009f528491fd031a9b145f7cf7f95dfda1164b98ab9fd5412b66f551cb85004a6eb533b&scene=58&subscene=0#rd) + - [ ] [揭秘字节跳动内部流量调度与容灾实践【上】](https://mp.weixin.qq.com/s?__biz=MzI1MzYzMjE0MQ==&mid=2247512958&idx=1&sn=82401f525cc5fdd2b7eb9cf210f60c24&chksm=e9d3789cdea4f18a5d9a1aa5141e78c28fbccd9c7a52068f7bf17d53a3d814b9c86346822bc4&scene=58&subscene=0#rd) +- 网安国际 + - [ ] [【InForSec 2025年会青年学者论坛回顾】冀晓宇:从传感器安全到“传感器 +X”安全](https://mp.weixin.qq.com/s?__biz=MzA4ODYzMjU0NQ==&mid=2652317459&idx=1&sn=4c4bfe832913a3872ec09ee631b9274b&chksm=8bc4ba9dbcb3338b2ba37bf54bb919e54ede95f3031151621def31622b349399445cd80439ba&scene=58&subscene=0#rd) + - [ ] [【InForSec 2025年会青年学者论坛回顾】白家驹:操作系统的自动化缺陷检测](https://mp.weixin.qq.com/s?__biz=MzA4ODYzMjU0NQ==&mid=2652317459&idx=2&sn=d42e0048046537509a0b9169907c9801&chksm=8bc4ba9dbcb3338bb5fe7bf9d6330213b86264fd3eb919b2106dc45e7b8604701d521d420b2c&scene=58&subscene=0#rd) + - [ ] [【InForSec 2025年会青年学者论坛回顾】闫琛:传感器电磁安全与隐私问题研究](https://mp.weixin.qq.com/s?__biz=MzA4ODYzMjU0NQ==&mid=2652317459&idx=3&sn=619b1c123e6a6165f24ed57ff9fd391a&chksm=8bc4ba9dbcb3338be3560720a31ce43398b3a8d91b3ec3a5799d4b4bb554133d8311c80ece9b&scene=58&subscene=0#rd) + - [ ] [【InForSec 2025年会青年学者论坛回顾】刁文瑞:移动生态安全探索:从系统漏洞到大规模测量](https://mp.weixin.qq.com/s?__biz=MzA4ODYzMjU0NQ==&mid=2652317459&idx=4&sn=0d016310221e528e230f05da6f3b14de&chksm=8bc4ba9dbcb3338bf92e55b964a1f76fb01b91c88ad08ce7333778b972524fd5800ec0f17f97&scene=58&subscene=0#rd) + - [ ] [【InForSec 2025年会青年学者论坛回顾】南雨宏:程序分析视角下的敏感数据管控:从移动应用到智能合约](https://mp.weixin.qq.com/s?__biz=MzA4ODYzMjU0NQ==&mid=2652317459&idx=5&sn=c5a7798acca47b172a583897d568c7ef&chksm=8bc4ba9dbcb3338b4d1e431047955603c86d16b56379b9128a3bd4e7e51ffa80abd0a2267c1a&scene=58&subscene=0#rd) + - [ ] [【InForSec 2025年会青年学者论坛回顾】范铭:移动应用个人信息保护场景下的合规验证探索与思考](https://mp.weixin.qq.com/s?__biz=MzA4ODYzMjU0NQ==&mid=2652317459&idx=6&sn=7be8c4556e1d37b0d94079969cbb7958&chksm=8bc4ba9dbcb3338b183ae58f4c267e03ed34bc27f99c79eed93410d6912f0ba4263a1ff60705&scene=58&subscene=0#rd) + - [ ] [【InForSec 2025年会青年学者论坛回顾】申文博:从AI框架到xPU硬件:智能系统安全研究](https://mp.weixin.qq.com/s?__biz=MzA4ODYzMjU0NQ==&mid=2652317459&idx=7&sn=044afe640aa525a285b3dcc87f2a146d&chksm=8bc4ba9dbcb3338bf773348e0df5e157b01dbc90732f0b032ca10812f22f1e407bcc1daf7d01&scene=58&subscene=0#rd) - 迪哥讲事 - - [ ] [通用漏洞挖掘技巧](https://mp.weixin.qq.com/s?__biz=MzIzMTIzNTM0MA==&mid=2247496940&idx=1&sn=a33f04e5fdb7818531eeda42ebf4b6e7&chksm=e8a5fe8fdfd277997c45b33df7177e2c0c39f4bb4e23b55308bf8a8ad59a087cb0ab7dace1d4&scene=58&subscene=0#rd) -- 网络安全回收站 - - [ ] [大模型系列之LLaMA Factory微调学习](https://mp.weixin.qq.com/s?__biz=Mzg2MTc1NDAxMA==&mid=2247484342&idx=1&sn=58be391a85f1cab4cdd6b7b0b41b1300&chksm=ce130443f9648d55205cc7a98a9fe40d7f0727f8daa16072fa35b7a71c3bd4150fe9e98a5e97&scene=58&subscene=0#rd) -- 滴滴安全应急响应中心 - - [ ] [DSRC 祝大家新年快乐(内含红包封面)](https://mp.weixin.qq.com/s?__biz=MzA3Mzk1MDk1NA==&mid=2651908507&idx=1&sn=090d7d7a925c36caa9bed1158c3df7ce&chksm=84e37a1eb394f30889713a4a086f93c4d2b0954159a8cc113501e5116bd0d79c3b47bd7b1818&scene=58&subscene=0#rd) -- 赛博回忆录 - - [ ] [36岁,本命年,再学一次安全](https://mp.weixin.qq.com/s?__biz=MzIxNDAyNjQwNg==&mid=2456099378&idx=1&sn=6c4312c836d50eb123463580236e3747&chksm=803c6bfbb74be2ed0ec59125bedcc4fd901ee5570ff68d872f74921ed684c13dcaf999cda2c5&scene=58&subscene=0#rd) -- Schneier on Security - - [ ] [Friday Squid Blogging: Beaked Whales Feed on Squid](https://www.schneier.com/blog/archives/2025/01/friday-squid-blogging-beaked-whales-feed-on-squid.html) -- Instapaper: Unread - - [ ] [iOS Stolen Device Protection](https://cellebrite.com/en/ios-stolen-device-protection/) - - [ ] [The Internet is (once again) awash with IoT botnets delivering record DDoSes](https://arstechnica.com/security/2025/01/the-internet-is-once-again-awash-with-iot-botnets-delivering-record-ddoses/) - - [ ] [What Is Jump List Cache](https://www.cybertriage.com/blog/what-is-jump-list-cache/) - - [ ] [Subaru Car Vulnerability Lets Hackers Control Millions of Cars Remotely Using Starlink](https://cybersecuritynews.com/subaru-car-vulnerability-lets-hackers-control-the-millions-of-cars-remotely/) - - [ ] [Torna Itasec 2025, il più grande evento dedicato alla cybersecurity in Italia](https://www.wired.it/article/itasec-2025-conferenza-cybersecurity-italia/) -- Graham Cluley - - [ ] [Be careful what you say about data leaks in Turkey, new law could mean prison for reporting hacks](https://www.tripwire.com/state-of-security/new-law-could-mean-prison-reporting-data-leaks) + - [ ] [记一次细得不行的账户权限提升](https://mp.weixin.qq.com/s?__biz=MzIzMTIzNTM0MA==&mid=2247496946&idx=1&sn=fd344274014da8f4d5f0705d21c1080a&chksm=e8a5fe91dfd2778741884d78e29eb70766ca43d4b3f53f3f268483de8e8639bd61ed87b93e03&scene=58&subscene=0#rd) +- Over Security - Cybersecurity news aggregator + - [ ] [TalkTalk investigates breach after data for sale on hacking forum](https://www.bleepingcomputer.com/news/security/talktalk-investigates-breach-after-data-for-sale-on-hacking-forum/) + - [ ] [January 2025 Zero-Day Threat Intelligence](https://pixmsecurity.com/blog/blog/january-2025-zero-day-threat-intelligence/) + - [ ] [PayPal to pay $2 million settlement over 2022 data breach](https://www.bleepingcomputer.com/news/security/paypal-to-pay-2-million-settlement-over-2022-data-breach/) + - [ ] [Cyber diplomacy funding halted as US issues broad freeze on foreign aid](https://therecord.media/cyber-diplomacy-funding-halted-freeze-on-foreign-aid) + - [ ] [Come utilizzo Patreon](https://roccosicilia.com/2025/01/25/come-utilizzo-patreon/) + - [ ] [Guerre di Rete - Ulbricht, come si è arrivati alla liberazione del fondatore di Silk Road](https://guerredirete.substack.com/p/guerre-di-rete-ulbricht-come-si-e) + - [ ] [UnitedHealth updates number of data breach victims to 190 million](https://therecord.media/unitedhealth-updates-change-healthcare-data-breach-190-million) - TorrentFreak - - [ ] [PIPCU Uses UK IPO’s ‘Surplus Millions’ to Wage War on IPTV Pirates](https://torrentfreak.com/pipcu-utilizes-uk-ipos-surplus-millions-to-wage-war-on-iptv-pirates-250124/) -- SANS Internet Storm Center, InfoCON: green - - [ ] [[Guest Diary] How Access Brokers Maintain Persistence, (Fri, Jan 24th)](https://isc.sans.edu/diary/rss/31600) - - [ ] [ISC Stormcast For Friday, January 24th, 2025 https://isc.sans.edu/podcastdetail/9294, (Fri, Jan 24th)](https://isc.sans.edu/diary/rss/31622) -- The Hacker News - - [ ] [RANsacked: Over 100 Security Flaws Found in LTE and 5G Network Implementations](https://thehackernews.com/2025/01/ransacked-over-100-security-flaws-found.html) - - [ ] [2025 State of SaaS Backup and Recovery Report](https://thehackernews.com/2025/01/insights-from-2025-saas-backup-and-recovery-report.html) - - [ ] [DoJ Indicts 5 Individuals for $866K North Korean IT Worker Scheme Violations](https://thehackernews.com/2025/01/doj-indicts-5-individuals-for-866k.html) - - [ ] [Android's New Identity Check Feature Locks Device Settings Outside Trusted Locations](https://thehackernews.com/2025/01/androids-new-identity-check-feature.html) - - [ ] [CISA Adds Five-Year-Old jQuery XSS Flaw to Exploited Vulnerabilities List](https://thehackernews.com/2025/01/cisa-adds-five-year-old-jquery-xss-flaw.html) -- Technical Information Security Content & Discussion - - [ ] [Someone wrote an Anti-Crawler/Scraper Trap](https://www.reddit.com/r/netsec/comments/1i93pzl/someone_wrote_an_anticrawlerscraper_trap/) - - [ ] [USB Army Knife: Close Access Pentest Tool with VNC, Marauder, network adapter etc.](https://www.reddit.com/r/netsec/comments/1i8rdf5/usb_army_knife_close_access_pentest_tool_with_vnc/) - - [ ] [WinVisor: A proof-of-concept hypervisor-based emulator for Windows x64 binaries](https://www.reddit.com/r/netsec/comments/1i8nnii/winvisor_a_proofofconcept_hypervisorbased/) - - [ ] [Static Source Code Security Scanning Tools Evaluation Benchmark](https://www.reddit.com/r/netsec/comments/1i8q5mc/static_source_code_security_scanning_tools/) -- Blackhat Library: Hacking techniques and research - - [ ] [URGENT : File transfers](https://www.reddit.com/r/blackhat/comments/1i8ryzg/urgent_file_transfers/) + - [ ] [Manga Publishers Maintain Pressure Despite Pirate Countermeasures](https://torrentfreak.com/manga-publishers-maintain-pressure-despite-pirate-countermeasures-250125/) +- 洞源实验室 + - [ ] [网络安全的红利还能吃几年?](https://mp.weixin.qq.com/s?__biz=Mzg4Nzk3MTg3MA==&mid=2247487709&idx=1&sn=cbd8920e80714a50eed133a0b2ee35d3&chksm=cf8319acf8f490badfb3044c077c80d304fb30e2a194e21a3e35d10d71716ab36c5fef0593f7&scene=58&subscene=0#rd) - The Register - Security - - [ ] [AI chatbot startup founder, lawyer wife accused of ripping off investors in $60M fraud](https://go.theregister.com/feed/www.theregister.com/2025/01/24/ai_startup_founder_wife_indicted/) - - [ ] [Don't want your Kubernetes Windows nodes hijacked? Patch this hole now](https://go.theregister.com/feed/www.theregister.com/2025/01/24/kubernetes_windows_nodes_bug/) - - [ ] [North Korean dev who renamed himself 'Bane' accused of IT worker fraud caper](https://go.theregister.com/feed/www.theregister.com/2025/01/24/north_korean_devs_and_their/) - - [ ] [China and friends claim success in push to stamp out tech support cyber-scam slave camps](https://go.theregister.com/feed/www.theregister.com/2025/01/24/lancang_mekong_anti_cyberscam_cooperation/) - - [ ] [Court rules FISA Section 702 surveillance of US resident was unconstitutional](https://go.theregister.com/feed/www.theregister.com/2025/01/24/section_702_court/) -- Deep Web - - [ ] [What do you do when you find something you aren’t suppose to find?](https://www.reddit.com/r/deepweb/comments/1i8tie9/what_do_you_do_when_you_find_something_you_arent/) -- Computer Forensics - - [ ] [Which Digital Forensic proprietary Tool is better for processing and Analysis?](https://www.reddit.com/r/computerforensics/comments/1i8qcho/which_digital_forensic_proprietary_tool_is_better/) - - [ ] [Magnet Axiom Questions](https://www.reddit.com/r/computerforensics/comments/1i90lqz/magnet_axiom_questions/) - - [ ] [Memory Forensics](https://www.reddit.com/r/computerforensics/comments/1i8rssu/memory_forensics/) - - [ ] [Metadata and iMessage - Is key information stripped?](https://www.reddit.com/r/computerforensics/comments/1i8y0rn/metadata_and_imessage_is_key_information_stripped/) - - [ ] [Preferred Methodology for ediscovery extraction for forensic images?](https://www.reddit.com/r/computerforensics/comments/1i8x4s0/preferred_methodology_for_ediscovery_extraction/) -- Your Open Hacker Community - - [ ] [Study suggestion request (Reverse engineering)](https://www.reddit.com/r/HowToHack/comments/1i8wvf2/study_suggestion_request_reverse_engineering/) - - [ ] [BadUSB Pico](https://www.reddit.com/r/HowToHack/comments/1i97jaf/badusb_pico/) - - [ ] [Bypassing simple anti-debug feature of a CTF with LD_PRELOAD flag](https://www.reddit.com/r/HowToHack/comments/1i94qfm/bypassing_simple_antidebug_feature_of_a_ctf_with/) - - [ ] [Linux and grey hacking](https://www.reddit.com/r/HowToHack/comments/1i93ulo/linux_and_grey_hacking/) - - [ ] [Please read if you are new to hacking with limited skills](https://www.reddit.com/r/HowToHack/comments/1i93c0c/please_read_if_you_are_new_to_hacking_with/) - - [ ] [Outlook hacked and I cannot disable the messages forwarding to hackers](https://www.reddit.com/r/HowToHack/comments/1i97cos/outlook_hacked_and_i_cannot_disable_the_messages/) - - [ ] [People say that Linux needs no Antivirus... really? Can Linux really detect ZIP Bombs?](https://www.reddit.com/r/HowToHack/comments/1i99foc/people_say_that_linux_needs_no_antivirus_really/) - - [ ] [Hidden profiles on Apple devices, weird 3rd party licenses etc. Brand new out of box Pixel Phone was already compromised on start up.](https://www.reddit.com/r/HowToHack/comments/1i97wfi/hidden_profiles_on_apple_devices_weird_3rd_party/) - - [ ] [Finding the identity of scammers](https://www.reddit.com/r/HowToHack/comments/1i92om6/finding_the_identity_of_scammers/) - - [ ] [Hash cat](https://www.reddit.com/r/HowToHack/comments/1i935ub/hash_cat/) - - [ ] [Google reviews delete](https://www.reddit.com/r/HowToHack/comments/1i8wear/google_reviews_delete/) - - [ ] [I suspect an ex-friend is creating sock puppet accounts on fb to harass my friend. Is there a way to track these accounts back to him?](https://www.reddit.com/r/HowToHack/comments/1i8v5or/i_suspect_an_exfriend_is_creating_sock_puppet/) - - [ ] [help !!](https://www.reddit.com/r/HowToHack/comments/1i8llcl/help/) - - [ ] [Don't know if it's possible but any guidance would help immensely](https://www.reddit.com/r/HowToHack/comments/1i8lfjf/dont_know_if_its_possible_but_any_guidance_would/) - - [ ] [Help to delete google reviews](https://www.reddit.com/r/HowToHack/comments/1i8wgdx/help_to_delete_google_reviews/) - - [ ] [got deauther made up on esp8266 but having deauth issues](https://www.reddit.com/r/HowToHack/comments/1i8izpb/got_deauther_made_up_on_esp8266_but_having_deauth/) - - [ ] [Hacking Forums](https://www.reddit.com/r/HowToHack/comments/1i8q7zl/hacking_forums/) - - [ ] [Best way to learn?](https://www.reddit.com/r/HowToHack/comments/1i8k7f9/best_way_to_learn/) - - [ ] [Some help plz](https://www.reddit.com/r/HowToHack/comments/1i8p2hw/some_help_plz/) -- netsecstudents: Subreddit for students studying Network Security and its related subjects - - [ ] [Any starting guide to learn Sigma Rules ?](https://www.reddit.com/r/netsecstudents/comments/1i8yf9h/any_starting_guide_to_learn_sigma_rules/) -- 白泽安全实验室 - - [ ] [伊朗支持的APT42组织针对以色列和美国的网络钓鱼活动加剧——每周威胁情报动态第210期 (01.17-01.23)](https://mp.weixin.qq.com/s?__biz=MzI0MTE4ODY3Nw==&mid=2247492529&idx=1&sn=e2697dd686fd55f34d2f6f17950d1ddc&chksm=e90dc99bde7a408dbde9bc281a602d9c44b3177611a589528c967540a171a0bdae4fb13ef0c8&scene=58&subscene=0#rd) + - [ ] [Someone is slipping a hidden backdoor into Juniper routers across the globe, activated by a magic packet](https://go.theregister.com/feed/www.theregister.com/2025/01/25/mysterious_backdoor_juniper_routers/) + - [ ] [UK telco TalkTalk confirms probe into alleged data grab underway](https://go.theregister.com/feed/www.theregister.com/2025/01/25/uk_telco_talktalk_confirms_investigation/) +- Troy Hunt's Blog + - [ ] [Weekly Update 436](https://www.troyhunt.com/weekly-update-436/) - Security Affairs - - [ ] [U.S. CISA adds SonicWall SMA1000 flaw to its Known Exploited Vulnerabilities catalog](https://securityaffairs.com/173417/security/u-s-cisa-adds-sonicwall-sma1000-flaw-known-exploited-vulnerabilities-catalog.html) - - [ ] [J-magic malware campaign targets Juniper routers](https://securityaffairs.com/173408/security/j-magic-malware-campaign-targets-juniper-routers.html) - - [ ] [SonicWall warns of a critical CVE-2025-23006 zero-day likely exploited in the wild](https://securityaffairs.com/173387/security/sonicwall-warns-zero-day-sma-1000-series.html) -- Null Byte - - [ ] [iOS 18.3 Is Coming Soon — Here's What to Expect on Your iPhone](https://ios.gadgethacks.com/news/ios-18.3-features/) - - [ ] [Freeform on iOS 18: All the Features You've Been Missing Out On](https://ios.gadgethacks.com/how-to/freeform-ios-18-features/) + - [ ] [Subaru Starlink flaw allowed experts to remotely hack cars](https://securityaffairs.com/173434/security/subaru-starlink-vulnerability-remote-attacks.html) + - [ ] [Participants in the Pwn2Own Automotive 2025 earned $886,250](https://securityaffairs.com/173426/breaking-news/pwn2own-automotive-2025-final-results.html) +- Your Open Hacker Community + - [ ] [Recommendation for video where someone does a beginner level box/ctf blind?](https://www.reddit.com/r/HowToHack/comments/1i9t80h/recommendation_for_video_where_someone_does_a/) + - [ ] [What's the most interesting exploit you've ever read about or seen?](https://www.reddit.com/r/HowToHack/comments/1i9zodo/whats_the_most_interesting_exploit_youve_ever/) + - [ ] [Some good python book for hacking?](https://www.reddit.com/r/HowToHack/comments/1i9g9l4/some_good_python_book_for_hacking/) + - [ ] [Nice book to learn how find 0day vuln in systems](https://www.reddit.com/r/HowToHack/comments/1i9xyel/nice_book_to_learn_how_find_0day_vuln_in_systems/) + - [ ] [I need help asap.](https://www.reddit.com/r/HowToHack/comments/1ia01zc/i_need_help_asap/) + - [ ] [Need help with HashCat and salted hashes](https://www.reddit.com/r/HowToHack/comments/1i9hk2y/need_help_with_hashcat_and_salted_hashes/) + - [ ] [How to extract readable data from .y3k files?](https://www.reddit.com/r/HowToHack/comments/1i9ge7v/how_to_extract_readable_data_from_y3k_files/) + - [ ] [How to overcome angular framework?](https://www.reddit.com/r/HowToHack/comments/1i9g6w5/how_to_overcome_angular_framework/) + - [ ] [Should I use TryHackMe to learn](https://www.reddit.com/r/HowToHack/comments/1i9a783/should_i_use_tryhackme_to_learn/) + - [ ] [How to handle ngrok dynamic tcp tunnels for android/meterpreter/reverse_tcp apk ?](https://www.reddit.com/r/HowToHack/comments/1i9dr3s/how_to_handle_ngrok_dynamic_tcp_tunnels_for/) + - [ ] [I dont trust at all my gf](https://www.reddit.com/r/HowToHack/comments/1i9os7f/i_dont_trust_at_all_my_gf/) + - [ ] [Need basic knowledge](https://www.reddit.com/r/HowToHack/comments/1i9fbje/need_basic_knowledge/) +- Computer Forensics + - [ ] [Digital ForensicsQuestions](https://www.reddit.com/r/computerforensics/comments/1i9icjv/digital_forensicsquestions/) + - [ ] [Cyber Forensics / Investigation](https://www.reddit.com/r/computerforensics/comments/1i9dljz/cyber_forensics_investigation/) +- Social Engineering + - [ ] [Learn more about someone before doing business](https://www.reddit.com/r/SocialEngineering/comments/1i9j9i5/learn_more_about_someone_before_doing_business/) +- Deeplinks + - [ ] [EFF to Michigan Supreme Court: Cell Phone Search Warrants Must Strictly Follow The Fourth Amendment’s Particularity and Probable Cause Requirements](https://www.eff.org/deeplinks/2025/01/eff-michigan-supreme-court-cell-phone-search-warrants-must-strictly-follow-fourth) - Hacking Exposed Computer Forensics Blog - - [ ] [Daily Blog #727: Experimenting with Deepseek v3](https://www.hecfblog.com/2025/01/daily-blog-727-experimenting-with.html) -- Security Weekly Podcast Network (Audio) - - [ ] [Cursive Funk, Microsoft, Ivanti, Sonic Wall, Exchange, PowerSchool, Aaran Leyland... - SWN #445](http://sites.libsyn.com/18678/cursive-funk-microsoft-ivanti-sonic-wall-exchange-powerschool-aaran-leyland-swn-445) + - [ ] [Daily Blog #728: Test Kitchen with Cursor](https://www.hecfblog.com/2025/01/daily-blog-728-test-kitchen-with-cursor.html) +- 网安寻路人 + - [ ] [日本《人工智能业务指南》全文翻译](https://mp.weixin.qq.com/s?__biz=MzIxODM0NDU4MQ==&mid=2247506124&idx=1&sn=a0d99658c9689597ec9d1e77f02a0b48&chksm=97e96526a09eec30af4b40c753f3202737f20aee9db771f6a3b490a2e7655945b7efc6cec77f&scene=58&subscene=0#rd) From d8e88d9dd44632ff01cfa2e5c7413570b9164814 Mon Sep 17 00:00:00 2001 From: chainreactorbot Date: Mon, 27 Jan 2025 02:46:41 +0000 Subject: [PATCH 20/29] =?UTF-8?q?=E6=AF=8F=E6=97=A5=E5=AE=89=E5=85=A8?= =?UTF-8?q?=E8=B5=84=E8=AE=AF=EF=BC=882025-01-27=EF=BC=89?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- archive/daily/2025/2025-01-27.md | 303 +++++++++++++++++ archive/tmp/2025-01-27.json | 347 +++++++++++++++++++ today.md | 566 ++++++++++++++++--------------- 3 files changed, 938 insertions(+), 278 deletions(-) create mode 100644 archive/daily/2025/2025-01-27.md create mode 100644 archive/tmp/2025-01-27.json diff --git a/archive/daily/2025/2025-01-27.md b/archive/daily/2025/2025-01-27.md new file mode 100644 index 0000000000..c896d9c7fd --- /dev/null +++ b/archive/daily/2025/2025-01-27.md @@ -0,0 +1,303 @@ +# 每日安全资讯(2025-01-27) + +- SecWiki News + - [ ] [SecWiki News 2025-01-26 Review](http://www.sec-wiki.com/?2025-01-26) +- Private Feed for M09Ic + - [ ] [safedv starred ambionics/cnext-exploits](https://github.com/ambionics/cnext-exploits) + - [ ] [liamg starred getcursor/cursor](https://github.com/getcursor/cursor) + - [ ] [mgeeky starred x86matthew/WinVisor](https://github.com/x86matthew/WinVisor) + - [ ] [mgeeky starred ionescu007/Simpleator](https://github.com/ionescu007/Simpleator) + - [ ] [mgeeky starred moudey/Shell](https://github.com/moudey/Shell) + - [ ] [safedv started following NtDallas](https://github.com/NtDallas) + - [ ] [safedv starred NtDallas/OdinLdr](https://github.com/NtDallas/OdinLdr) + - [ ] [safedv started following emdnaia](https://github.com/emdnaia) + - [ ] [kpcyrd released 20250126 at archlinux/archlinux-repro](https://github.com/archlinux/archlinux-repro/releases/tag/20250126) + - [ ] [safedv starred anderspitman/awesome-tunneling](https://github.com/anderspitman/awesome-tunneling) + - [ ] [safedv starred lolc2/lolc2.github.io](https://github.com/lolc2/lolc2.github.io) + - [ ] [safedv starred rust-lang/rust](https://github.com/rust-lang/rust) + - [ ] [mozhu1024 starred glauth/glauth](https://github.com/glauth/glauth) + - [ ] [zer0yu starred huggingface/open-r1](https://github.com/huggingface/open-r1) + - [ ] [mozhu1024 starred P3TERX/GeoLite.mmdb](https://github.com/P3TERX/GeoLite.mmdb) + - [ ] [wabzsy starred apache/answer](https://github.com/apache/answer) + - [ ] [kyxiaxiang starred klezVirus/RpcProxyInvoke](https://github.com/klezVirus/RpcProxyInvoke) + - [ ] [FunnyWolf starred AmruthPillai/Reactive-Resume](https://github.com/AmruthPillai/Reactive-Resume) +- CXSECURITY Database RSS Feed - CXSecurity.com + - [ ] [DNN CMS remote File Upload](https://cxsecurity.com/issue/WLB-2025010026) +- Security Boulevard + - [ ] [Empowering Cloud Compliance with Seamless Security](https://securityboulevard.com/2025/01/empowering-cloud-compliance-with-seamless-security/) + - [ ] [Scaling Security with Automated Identity Management](https://securityboulevard.com/2025/01/scaling-security-with-automated-identity-management/) + - [ ] [Innovative Approaches to Secrets Scanning](https://securityboulevard.com/2025/01/innovative-approaches-to-secrets-scanning/) + - [ ] [The Small Business Guide to Everyday Access Management and Secure Off-boarding](https://securityboulevard.com/2025/01/the-small-business-guide-to-everyday-access-management-and-secure-off-boarding/) + - [ ] [DEF CON 32 – Attacks On GenAI Data & Using Vector Encryption To Stop Them](https://securityboulevard.com/2025/01/def-con-32-attacks-on-genai-data-using-vector-encryption-to-stop-them/) + - [ ] [INE Security Alert: Expediting CMMC 2.0 Compliance](https://securityboulevard.com/2025/01/ine-security-alert-expediting-cmmc-2-0-compliance/) +- Doonsec's feed + - [ ] [Vlunstack ATT&CK---红日靶场(三)](https://mp.weixin.qq.com/s?__biz=MzkxNTc1MzQyNw==&mid=2247488809&idx=1&sn=b496a3e45eeae3831a0bea34e53fa254) + - [ ] [探秘网络安全神器:蜜罐工具](https://mp.weixin.qq.com/s?__biz=MzkzNzg3NzQxMQ==&mid=2247485731&idx=1&sn=f855b4678f6428cb1cda14a26cc651f2) + - [ ] [白帽必知!Kunlun-Mirror源代码安全审计工具全解析](https://mp.weixin.qq.com/s?__biz=Mzk2NDE3NDUwNg==&mid=2247483897&idx=1&sn=050c8f872083541fe1c136e416528513) + - [ ] [深入某CMS渗透测试:从弱口令到接管webshell](https://mp.weixin.qq.com/s?__biz=MzU2MTc4NTEyNw==&mid=2247486445&idx=1&sn=071008d1b39bf3757ff2279a6581fe71) + - [ ] [紧急告警!Meta Llama框架漏洞,AI系统面临远程代码执行风险](https://mp.weixin.qq.com/s?__biz=MzA4MzMzOTQ4Mw==&mid=2453672529&idx=1&sn=cdc7f3d0c6553b9b1c05425ba64820b9) + - [ ] [安全行业到底是技术密集型企业,还是劳动力密集型企业?这里不只有答案!](https://mp.weixin.qq.com/s?__biz=MzAxOTk3NTg5OQ==&mid=2247492241&idx=1&sn=f1d5ff7631506292b224073985727b34) + - [ ] [揭秘电信诈骗经典套路,掌数助你安全过年!](https://mp.weixin.qq.com/s?__biz=MzAxOTk3NTg5OQ==&mid=2247492241&idx=2&sn=694d6f191fd17874f357e1e23a8f2484) + - [ ] [特斯拉电动汽车越狱](https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247620109&idx=1&sn=c06d5d123d722aaffb574cb0be9e239c) + - [ ] [汽车行业的4项基本网络安全原则](https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247620109&idx=2&sn=18d34e13e4ba4bc5e34fb0e0ef2ca9e5) + - [ ] [2024年智能网联汽车网络安全年度报告](https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247620109&idx=3&sn=0ced06cdd407328f94166f55dbdb9d95) + - [ ] [每日情报速递20250126](https://mp.weixin.qq.com/s?__biz=MzkxMzU4ODU2MQ==&mid=2247484059&idx=1&sn=572b8430a8e9a8fc9a2befc5ec6bfae8) + - [ ] [GLM-PC初测](https://mp.weixin.qq.com/s?__biz=MzkxMzU4ODU2MQ==&mid=2247484059&idx=2&sn=649c7ce34373e5a447ece9529998b884) + - [ ] [【云安全】云原生-K8S-简介](https://mp.weixin.qq.com/s?__biz=MzUyNTUyNTA5OQ==&mid=2247484722&idx=1&sn=ba4e1e01878dddae81fa21ad3e96a91e) + - [ ] [人工智能安全标准体系](https://mp.weixin.qq.com/s?__biz=MjM5OTk4MDE2MA==&mid=2655264717&idx=1&sn=c8b71d3dcbc5b20f23de67fee056205a) + - [ ] [秦安:特朗普上台,中美首场博弈,马斯克出战,比拼网络谁懂谁?](https://mp.weixin.qq.com/s?__biz=MzA5MDg1MDUyMA==&mid=2650476326&idx=1&sn=cfd5c4c650875cd31f9fae8bf6b3c1e7) + - [ ] [秦安:到底让谁伟大?特朗普要不断扩大领土,怒发冲冠为TikTok狂](https://mp.weixin.qq.com/s?__biz=MzA5MDg1MDUyMA==&mid=2650476326&idx=2&sn=e8546aeb10f5f9b28979d07929f87d67) + - [ ] [The Great Fry 抢劫案:Noha 如何抓住网络罪魁祸首](https://mp.weixin.qq.com/s?__biz=MzkwOTE5MDY5NA==&mid=2247504774&idx=1&sn=f570ff10a65093e52cb37f13dee8da37) + - [ ] [WordPress CF Link Shortcode 插件存在前台SQL注入漏洞(CVE-2024-12404)](https://mp.weixin.qq.com/s?__biz=Mzg4MTkwMTI5Mw==&mid=2247488723&idx=1&sn=b6dcde79af26f7316bf47c73990a2c54) + - [ ] [警惕!手机这个功能,慎用](https://mp.weixin.qq.com/s?__biz=MzkyNDcwMTAwNw==&mid=2247533707&idx=1&sn=3c4a7b2a599063486ac3ecd99597e55c) + - [ ] [警惕!朝鲜黑客组织利用“OtterCookie”后门锁定软件开发者](https://mp.weixin.qq.com/s?__biz=Mzg3OTYxODQxNg==&mid=2247485633&idx=1&sn=835b492b5b7b522cd0420cc6ffee782e) + - [ ] [从 LFI 到 RCE 的旅程!!!](https://mp.weixin.qq.com/s?__biz=Mzg2ODYxMzY3OQ==&mid=2247518315&idx=1&sn=5664abc72c27c8258f88adcb7ac37b50) + - [ ] [SRC专项知识库](https://mp.weixin.qq.com/s?__biz=Mzg2ODYxMzY3OQ==&mid=2247518315&idx=2&sn=3324aecef9cf1f80d5d24f889ac44323) + - [ ] [羡慕](https://mp.weixin.qq.com/s?__biz=MzAwMjQ2NTQ4Mg==&mid=2247496794&idx=1&sn=d5ec64d14996f316e911423bb3e8c66a) + - [ ] [实战中的WebService利⽤⽅法](https://mp.weixin.qq.com/s?__biz=MzIzMTIzNTM0MA==&mid=2247496952&idx=1&sn=fdb338f5ff8cf421424cfcc5c01bfbb7) + - [ ] [揭露网络欺骗:针对多个品牌的通用网络钓鱼页面的兴起](https://mp.weixin.qq.com/s?__biz=MzkxMjYyMDYyNA==&mid=2247484046&idx=1&sn=f1fd3fb24ab9330fe70b01423b65ac66) + - [ ] [《绝命毒师》主演 Dean Norris 推特账号再次遭黑客攻击并发布假冒代币](https://mp.weixin.qq.com/s?__biz=MzU2MTQwMzMxNA==&mid=2247541459&idx=1&sn=5516ad53cd1053c10ba980fffef521a4) + - [ ] [VPC访问控制之网络安全组](https://mp.weixin.qq.com/s?__biz=Mzg3NTUzOTg3NA==&mid=2247515076&idx=1&sn=659fd2d6a7593fe3646e3eaf130214ca) + - [ ] [文末抽奖 | VNCTF2025 报名开启](https://mp.weixin.qq.com/s?__biz=MzIxMDYyNTk3Nw==&mid=2247515152&idx=1&sn=a0e8b286a2f198209df2ff60791ee27c) + - [ ] [安全工程师的好帮手,Windows应急响应工具HawkEye更新!](https://mp.weixin.qq.com/s?__biz=MzU4NTg4MzIzNA==&mid=2247484356&idx=1&sn=6e62ed5d3095fff522186a185f8e68b3) + - [ ] [华为携手东莞市政务和数据局荣膺工信部2024年网络安全典型案例榜首](https://mp.weixin.qq.com/s?__biz=MzAwODU5NzYxOA==&mid=2247505839&idx=1&sn=375a0c8d6d2f25122068a1e62bc65310) + - [ ] [【资讯】网安标委就《人工智能安全标准体系(V1.0)(征求意见稿)》公开征求意见](https://mp.weixin.qq.com/s?__biz=MzU1NDY3NDgwMQ==&mid=2247549492&idx=1&sn=520753349c0cf7619b9c6af2a28fd72c) + - [ ] [过年红包别随便抢!这些“春节福利”都是诈骗陷阱→](https://mp.weixin.qq.com/s?__biz=MzI0NzE4ODk1Mw==&mid=2652094707&idx=1&sn=3d4881e29e1474077d4b06d4200f8e37) + - [ ] [涉嫌非法获取公民个人信息 8家MCN机构被查处](https://mp.weixin.qq.com/s?__biz=MzI0NzE4ODk1Mw==&mid=2652094707&idx=2&sn=eb3dc8e50a1cb201c16ee8903d8cae79) + - [ ] [【云安全】云原生-Docker(五)容器逃逸之漏洞利用](https://mp.weixin.qq.com/s?__biz=Mzg3OTUxNTU2NQ==&mid=2247490023&idx=1&sn=846a609d96c5cc54f73d7ed7607539ec) + - [ ] [IDA背后的原理入门(一): 简介&函数识别](https://mp.weixin.qq.com/s?__biz=Mzg3OTUxNTU2NQ==&mid=2247490023&idx=2&sn=703e83e51126605e67867df619bc4f75) + - [ ] [对 404 站点的漏洞挖掘](https://mp.weixin.qq.com/s?__biz=Mzg3OTUxNTU2NQ==&mid=2247490023&idx=3&sn=254de260da45916c1b80cf6eee6c4ed4) + - [ ] [江苏国骏春节放假安排通知](https://mp.weixin.qq.com/s?__biz=MzkzNjIzMjM5Ng==&mid=2247490211&idx=1&sn=79d453111e91e3708bed78897a153667) + - [ ] [电信安全春节服务保障公告](https://mp.weixin.qq.com/s?__biz=MzkxNDY0MjMxNQ==&mid=2247532881&idx=1&sn=f7ce31d9deae7d9f09369b2fbd7efdd6) + - [ ] [Go-Zero框架代码审计](https://mp.weixin.qq.com/s?__biz=MzkyODY3NjkyNQ==&mid=2247484782&idx=1&sn=ef633f25050192661512a78ef8de4078) + - [ ] [带你解锁编码新世界!--随波逐流CTF编码工具使用教程43 --Cetacean鲸目密码](https://mp.weixin.qq.com/s?__biz=MzU2NzIzNzU4Mg==&mid=2247489632&idx=1&sn=3ff1d1c39c3f0e25f34bef3ac8c183b5) + - [ ] [警惕!渗透测试需知的法律红线](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485460&idx=1&sn=2696efeb84408d3c65e9b5c18cfce0f2) + - [ ] [北七家-未来科学城,3居变4居豪装,理想楼层/户型/朝向](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485460&idx=2&sn=b9459522f7bd728b53c0aaa765d47bd1) + - [ ] [【干货】笑傲职场的独家经验(1)](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485460&idx=3&sn=8eb6cc5ed3d8eceebfc8cf7f19aad28f) + - [ ] [【干货原创】实网攻防演习常态化,会带来什么变化01](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485460&idx=4&sn=a4c662d181fe6a1bfb6df099e93788eb) + - [ ] [【干货原创】K12教育,鲜为人知的模式秘密](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485460&idx=5&sn=6c4b73da1084e10ae6b5cb4f14acb575) + - [ ] [原创文章目录](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485460&idx=6&sn=3b28bb66cf3c732334138a3142a1a55d) + - [ ] [进来,送你一打“滴滴技术年货”](https://mp.weixin.qq.com/s?__biz=MzU1ODEzNjI2NA==&mid=2247573416&idx=1&sn=cfff8a100e658aa48bc033b966273863) + - [ ] [【安全圈】安全圈恭祝大家:新年快乐~](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067622&idx=1&sn=b905decd9f92c3687f021950a11cf89f) + - [ ] [【安全圈】Microsoft Entra ID允许普通用户更新自己的UPN](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067622&idx=2&sn=a56656b05bfd9f42f777c577cffe85e3) + - [ ] [【安全圈】黑客利用Windows RID劫持技术创建隐藏管理员账户](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067622&idx=3&sn=ad95819ae6f36cb189f9da9618fff556) + - [ ] [新型人工智能“黑帽”工具:GhostGPT带来的威胁与挑战](https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651313204&idx=1&sn=2b87bf3242ba7820712b8f47a8f4b29e) + - [ ] [一周网安优质PDF资源推荐丨FreeBuf知识大陆](https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651313204&idx=2&sn=2a945410ba4cf21397e0cd355c22e796) + - [ ] [Pwn2Own Automotive 2025落幕,累计成功利用49个零日漏洞](https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651313204&idx=3&sn=af9e7adb9e7886cc3ec234d15e060a0d) + - [ ] [DroneXtract:一款针对无人机的网络安全数字取证工具](https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651313204&idx=4&sn=4a74a6b66c46012d19f2c26e036b95c6) + - [ ] [【InForSec 2025年会顶会论文回顾】陈熠豪: 语义驱动的互联网路由异常检测系统](https://mp.weixin.qq.com/s?__biz=MzA4ODYzMjU0NQ==&mid=2652317461&idx=1&sn=777cc0e34a153ddeb9a61aeeb97cb500) + - [ ] [【InForSec 2025年会顶会论文回顾】张允义:权威服务之殇:你的权威服务器配置真的安全么?](https://mp.weixin.qq.com/s?__biz=MzA4ODYzMjU0NQ==&mid=2652317461&idx=2&sn=54da24564ffa3c07f1e7add2df9eb838) + - [ ] [【InForSec 2025年会顶会论文回顾】刘超:面向安全的无线感知技术](https://mp.weixin.qq.com/s?__biz=MzA4ODYzMjU0NQ==&mid=2652317461&idx=3&sn=f3f0dbe8a32fb4a3eb373ef17242552f) + - [ ] [【InForSec 2025年会顶会论文回顾】林云: 基于参照的钓鱼欺诈检测技术的自动化知识赋能](https://mp.weixin.qq.com/s?__biz=MzA4ODYzMjU0NQ==&mid=2652317461&idx=4&sn=1eb9c732f3567dab37b7614d41b959ef) + - [ ] [【InForSec 2025年会顶会论文回顾】刘沛宇:探究 ChatGPT 在漏洞管理任务中的能力](https://mp.weixin.qq.com/s?__biz=MzA4ODYzMjU0NQ==&mid=2652317461&idx=5&sn=7becd6dc617d0acb19f79e2562a68616) + - [ ] [守正创新!渊亭2024年度技术专利盘点](https://mp.weixin.qq.com/s?__biz=MzIzNjE1ODE2OA==&mid=2660190386&idx=1&sn=174b704039498ea52de981c225c6a114) + - [ ] [感恩客户信任!这些“走心”的感谢信,华青融天收下了](https://mp.weixin.qq.com/s?__biz=MzA4Mzg1ODIzMw==&mid=2653545687&idx=1&sn=344c659736bc5350601f81b774fb5e7b) + - [ ] [2015.01.26 BTC回调风险](https://mp.weixin.qq.com/s?__biz=MzI3NTcwNTQ2Mg==&mid=2247487611&idx=1&sn=18fd52d6491638adaa14e295cbc736a9) + - [ ] [【oscp】PWNLAB: INIT靶场,文件包含+源码审计,文件包含+文件上传,环境变量劫持提权,管道符绕过提权](https://mp.weixin.qq.com/s?__biz=Mzk1NzE0ODk3Nw==&mid=2247490881&idx=1&sn=bc5d5232c3b9eab714027feb8b303dea) + - [ ] [汽车通信--EE架构演变](https://mp.weixin.qq.com/s?__biz=MzIzOTc2OTAxMg==&mid=2247549667&idx=1&sn=279f461a3ed455bdd2ae0903dabb3c92) + - [ ] [从车端BLE浅谈CCC数字钥匙协议](https://mp.weixin.qq.com/s?__biz=MzIzOTc2OTAxMg==&mid=2247549667&idx=2&sn=0811546318e3ca7bdc0316b45ea571ac) + - [ ] [“信”任满载 | 珞安科技喜获工业信息安全产业发展联盟感谢信](https://mp.weixin.qq.com/s?__biz=MzU2NjI5NzY1OA==&mid=2247512289&idx=1&sn=908ffe6082a9a6fec195854453b2950f) + - [ ] [微信红包封面](https://mp.weixin.qq.com/s?__biz=Mzg4Njk2NTEyMg==&mid=2247483831&idx=1&sn=8d6c33fbdd5791fb8300379fd98e91b9) + - [ ] [恶意样本分析环境搭建以及工具介绍](https://mp.weixin.qq.com/s?__biz=MzA4ODEyODA3MQ==&mid=2247490186&idx=1&sn=dbccef63b6ad18308eec7ebf88455def) + - [ ] [政策解读 |《关于促进企业数据资源开发利用的意见》](https://mp.weixin.qq.com/s?__biz=MzUzODYyMDIzNw==&mid=2247516967&idx=1&sn=4874ebe75bed1db300d89dce5834f9c5) + - [ ] [通知 | 《中国人民银行业务领域网络安全事件报告管理办法(征求意见稿)》公开征求意见](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235817&idx=1&sn=fc21c6dca1cb7fc755540bf1a276b4b8) + - [ ] [通知 | 市场监管总局就《网络交易合规数据报送管理暂行办法(征求意见稿)》公开征求意见(附全文)](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235817&idx=2&sn=06ab12bffe83179be743b7574a46733f) + - [ ] [王小洪:以更大的决心和力度 推动打击治理电信网络诈骗工作向纵深发展](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235817&idx=3&sn=a50ca75a1c03205901b7729871f25d56) + - [ ] [专家解读 | 构建以统一底座为支撑的数据流通利用设施](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235817&idx=4&sn=5076068c4750dd6b85b48aa9607d94b1) + - [ ] [通知 | 网安标委发布《网络安全标准实践指南——人脸识别支付场景个人信息安全保护要求》(附全文)](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235817&idx=5&sn=be29f8aa62961fd03e70b0971dd8282d) + - [ ] [通知 | 网安标委就《人工智能安全标准体系(V1.0)(征求意见稿)》公开征求意见(附下载)](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235817&idx=6&sn=70f1d6b8d5331b791b6625561bb8d084) + - [ ] [一图读懂 | 国家标准 GB/T 44886.1-2024《网络安全技术 网络安全产品互联互通 第1部分:框架》](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235817&idx=7&sn=d60847ac4d75129f5c475ff4f947f02b) + - [ ] [墨菲安全融合切面技术带来软件供应链安全新解法](https://mp.weixin.qq.com/s?__biz=MzU5ODgzNTExOQ==&mid=2247635813&idx=1&sn=5640a600b06ae38a11f171de3444efc6) + - [ ] [知识星球 | 2024网安报告大合集发布;全球数安法规、工网安全典型案例等资源更新](https://mp.weixin.qq.com/s?__biz=MzU5ODgzNTExOQ==&mid=2247635813&idx=2&sn=0629c6aa019db83da76bfe8bf1b7f3a9) + - [ ] [一文读懂 HTTP:Web 数据交换的基石](https://mp.weixin.qq.com/s?__biz=MzkxODc5OTg5MQ==&mid=2247484262&idx=1&sn=8881c58e7a44ccde6976fffec5b24688) + - [ ] [安全不停歇!海云安春节假期服务保障通知](https://mp.weixin.qq.com/s?__biz=MzI2MjY2NTM0MA==&mid=2247492309&idx=1&sn=3b4fae2570ee9149c849ac4fbf66e432) + - [ ] [ISC2证书:拓展您的技能,获取CPE学分,以及数字徽章](https://mp.weixin.qq.com/s?__biz=MzUzNTg4NDAyMg==&mid=2247492342&idx=1&sn=74105fe0b31c8cf47b727c8d6ab6e7e3) + - [ ] [简单的反调试技术实现](https://mp.weixin.qq.com/s?__biz=MzkzODc4NjE1OQ==&mid=2247483918&idx=1&sn=54c42da49fd35bed728491560deb1a6c) + - [ ] [星火力量丨科森云获授工业互联网标识注册服务许可证](https://mp.weixin.qq.com/s?__biz=MzU1OTUxNTI1NA==&mid=2247592220&idx=1&sn=0629157c259bc4ad53ffe1b1c1e6dc1e) + - [ ] [年度回顾 | 2024年,云起无垠稳健增长](https://mp.weixin.qq.com/s?__biz=Mzg3Mjg4NTcyNg==&mid=2247490188&idx=1&sn=db1ea3aef1e5b81176ca16742f1b0fe3) + - [ ] [《网络安全标准实践指南——人脸识别支付场景个人信息安全保护要求》发布](https://mp.weixin.qq.com/s?__biz=MjM5MzMwMDU5NQ==&mid=2649170530&idx=1&sn=eb56e7c28f15d7f726ba271e7ece33ac) + - [ ] [《人工智能安全标准体系(V1.0)》(征求意见稿)公开征求意见](https://mp.weixin.qq.com/s?__biz=MjM5MzMwMDU5NQ==&mid=2649170530&idx=2&sn=6ab0b1bf27577d10040c9a4772e327e9) + - [ ] [Spring WebFlux 授权绕过:CVE-2024-38821 详解](https://mp.weixin.qq.com/s?__biz=MzAxMjYyMzkwOA==&mid=2247527239&idx=1&sn=9121f5406d8c67b5a55ce5549891886d) + - [ ] [Andariel Attack Group使用的RIF劫持技术](https://mp.weixin.qq.com/s?__biz=MzAxMjYyMzkwOA==&mid=2247527239&idx=2&sn=7363d490c03bd1ffd6e40f947b167453) + - [ ] [黑客利用 Windows RID 劫持创建隐藏的管理员帐户](https://mp.weixin.qq.com/s?__biz=MzAxMjYyMzkwOA==&mid=2247527239&idx=3&sn=d04fb09196530f60fada44127faf8bee) + - [ ] [揭秘美国新提名国家情报总监图尔西·加巴德](https://mp.weixin.qq.com/s?__biz=MzI1OTExNDY1NQ==&mid=2651618892&idx=1&sn=a06c2c81a8b6943fd0fc827a52523cf6) + - [ ] [德国发布“2030 年技术主权研究与创新 ”计划](https://mp.weixin.qq.com/s?__biz=MzI1OTExNDY1NQ==&mid=2651618892&idx=2&sn=bc9d004e65e216d60d826a080ef8559a) + - [ ] [新技术分享——页面双生(文末福利)](https://mp.weixin.qq.com/s?__biz=MzI3OTM3OTAyNw==&mid=2247485959&idx=1&sn=6f67d3804f85e0c834d78ff6bf2b85b7) + - [ ] [120个防火墙术语大全,搞安全的可以了解一下](https://mp.weixin.qq.com/s?__biz=MzkxMzMyNzMyMA==&mid=2247570689&idx=1&sn=b710cc906a98e3d62fcb8bfad9c8fdbe) + - [ ] [2024年被通报的银行App达17款,违规/超范围收集个人信息问题突出](https://mp.weixin.qq.com/s?__biz=MzIxMDIwODM2MA==&mid=2653931477&idx=1&sn=fbe7b915ec61832d6fb46bf53fccc146) + - [ ] [2025年了,还不考虑给自己一个证书吗?(内含CISP系列证书优惠报考渠道)](https://mp.weixin.qq.com/s?__biz=MzkxNTY4NTQwMg==&mid=2247484291&idx=1&sn=29bde95e2dca3b19a0610b347f3178c3) + - [ ] [自动化压缩新姿势!教你用Ansible Archive模块高效管理文件](https://mp.weixin.qq.com/s?__biz=MjM5OTc5MjM4Nw==&mid=2457386719&idx=1&sn=57db81e4a63f769c26856d9d41432b44) + - [ ] [这是年终报告,更是斗象的十年宏图](https://mp.weixin.qq.com/s?__biz=MzU0MDI1MjUxMg==&mid=2247532639&idx=1&sn=d936ae6fee2e86aaeb9c3dae3e857b76) + - [ ] [斗象科技专属「红包封面」送达,快来领取!](https://mp.weixin.qq.com/s?__biz=MzU0MDI1MjUxMg==&mid=2247532639&idx=2&sn=f907330b308163f6f2db01cb2b2f909e) + - [ ] [【重要通知】春节福利来啦!](https://mp.weixin.qq.com/s?__biz=Mzg4NDg2NTM3NQ==&mid=2247484699&idx=1&sn=9148cb6531c19549baf07753855433f5) + - [ ] [大家不要再吹DeepSeek了,大厂不屑玩的,Hugging face多如牛毛的东西呢。](https://mp.weixin.qq.com/s?__biz=MzU4NDY3MTk2NQ==&mid=2247491046&idx=1&sn=a94d8f532ec30bf304516cee668f2cde) + - [ ] [春节期间火绒将持续为您护航](https://mp.weixin.qq.com/s?__biz=MzI3NjYzMDM1Mg==&mid=2247521917&idx=1&sn=e7a05b4ef346358b0fdb75511aab4db3) + - [ ] [诚邀渠道合作伙伴共启新征程](https://mp.weixin.qq.com/s?__biz=MzI3NjYzMDM1Mg==&mid=2247521917&idx=2&sn=742c0d32b70556b96dfa343540c46342) + - [ ] [2025网络安全人员必考的11个证书清单](https://mp.weixin.qq.com/s?__biz=Mzg4MTg0MjQ5OA==&mid=2247487874&idx=1&sn=c1698a66dae492094d2e61dfcc0d242a) + - [ ] [中国网络空间安全协会关于征集2025年拟制修订团体标准项目的通知](https://mp.weixin.qq.com/s?__biz=MzA3ODE0NDA4MA==&mid=2649401264&idx=1&sn=65f9e9b8d48797c3493e0d4e4302b11d) + - [ ] [春节假期我在岗!网络安全不打烊,中孚信息全国护航](https://mp.weixin.qq.com/s?__biz=MzAxMjE1MDY0NA==&mid=2247508822&idx=1&sn=980a02957ab1a453dc84d48ee3167555) + - [ ] [邑安科技安全团队祝您蛇年大吉!](https://mp.weixin.qq.com/s?__biz=MzUyMzczNzUyNQ==&mid=2247523220&idx=1&sn=a3bd507ae7170032f9093f5e09f3d681) + - [ ] [中国人民银行:《中国人民银行业务领域网络安全事件报告管理办法》公开征求意见](https://mp.weixin.qq.com/s?__biz=MzI5NTM4OTQ5Mg==&mid=2247634072&idx=1&sn=69a00968cfe394216ecf8cd744996f7b) + - [ ] [《网络安全标准实践指南——人脸识别支付场景个人信息安全保护要求》正式发布](https://mp.weixin.qq.com/s?__biz=MzI5NTM4OTQ5Mg==&mid=2247634072&idx=2&sn=5ee8a3225fede1acaf296efe42f8a8d6) + - [ ] [2024年我国通信业统计公报](https://mp.weixin.qq.com/s?__biz=MzI5NTM4OTQ5Mg==&mid=2247634072&idx=3&sn=79fecc58a4fae1035ff2df72ebe37fba) + - [ ] [美国前中央情报局分析师承认泄露国防信息](https://mp.weixin.qq.com/s?__biz=MzI5NTM4OTQ5Mg==&mid=2247634072&idx=4&sn=b18d5edeae882104e1ed6c06fece7d90) + - [ ] [一款好用的笔记软件-Obsidian](https://mp.weixin.qq.com/s?__biz=Mzk0Mjg4MTQxMw==&mid=2247485843&idx=1&sn=0477c6dc6378a308253374a86ec7fed2) + - [ ] [春节不打烊 | 爱加密春节保障通知](https://mp.weixin.qq.com/s?__biz=MjM5NzU4NjkyMw==&mid=2650747923&idx=1&sn=f6d6bc57958228bc3e9de651112c11d6) + - [ ] [水一篇,分析一下为什么网安现在价格逐渐降低](https://mp.weixin.qq.com/s?__biz=MzkxMTUwOTY1MA==&mid=2247490108&idx=1&sn=585516240547410007b55abdaab0523c) + - [ ] [WPS国际汉化版](https://mp.weixin.qq.com/s?__biz=MzkyOTQyOTk3Mg==&mid=2247485043&idx=1&sn=dd1561926214336ac75c0f0a094e5c1e) + - [ ] [学生=牛马](https://mp.weixin.qq.com/s?__biz=MzkyMDUzMzY1MA==&mid=2247499523&idx=1&sn=885a7333acadc606843bffe9cfc47910) + - [ ] [UDE使用教程](https://mp.weixin.qq.com/s?__biz=Mzg2NTYxOTcxMw==&mid=2247493292&idx=1&sn=8658baebe1444b03f65468cf6eb53003) + - [ ] [AUTOSAR项目实战(4)-MCU模块配置实践](https://mp.weixin.qq.com/s?__biz=Mzg2NTYxOTcxMw==&mid=2247493292&idx=2&sn=0f46ac9d9c3e9cdc5cfcf7b33dc11802) + - [ ] [江西神舟信息安全评估中心祝大家新春快乐!](https://mp.weixin.qq.com/s?__biz=MzUzNTk2NTIyNw==&mid=2247490668&idx=1&sn=cbfb448733921eaa5c169e399be8d870) + - [ ] [《Java代码审计零基础入门到项目实战》线上课程开始招生啦!五十多节课,低至499,多重福利来袭!](https://mp.weixin.qq.com/s?__biz=Mzg3MDU1MjgwNA==&mid=2247487187&idx=1&sn=a5b4e03338f048be762f36b8de56b629) + - [ ] [【吃瓜】中介真的能狠到这种程度?](https://mp.weixin.qq.com/s?__biz=MzU3MjU4MjM3MQ==&mid=2247489709&idx=1&sn=3a3fbbf54d93e98aee7977852cd8b2f2) + - [ ] [如何用 Wireshark 高效过滤 IP 地址](https://mp.weixin.qq.com/s?__biz=MzA5NTUxODA0OA==&mid=2247493136&idx=1&sn=1aa73818f07a20e1a148440f0888e6b9) + - [ ] [信息安全专业毕业三年的总结](https://mp.weixin.qq.com/s?__biz=MzU5OTU3NDEzOQ==&mid=2247492794&idx=1&sn=a7850c2ef60b49fd8e4e47e4d7151678) + - [ ] [黑客利用伪造的恶意软件构建器感染了18000个“script kiddies”](https://mp.weixin.qq.com/s?__biz=MzI0MDY1MDU4MQ==&mid=2247580992&idx=1&sn=d64510306e9db3532091d13213d4b0ef) + - [ ] [信任满满|观安信息收到中国工业互联网研究院感谢信](https://mp.weixin.qq.com/s?__biz=MzIxNDIzNTcxMg==&mid=2247506755&idx=1&sn=0b72b1a348c2865aac5d1e417963c65c) + - [ ] [ES::Portscan 超高速端口扫描器](https://mp.weixin.qq.com/s?__biz=Mzg3NzUyMTM0NA==&mid=2247487931&idx=1&sn=c656471a589fd9c5f1a469c527a9fb2b) + - [ ] [在解释型语言内部运行:进攻性 Python 编程](https://mp.weixin.qq.com/s?__biz=MzAxODM5ODQzNQ==&mid=2247486780&idx=1&sn=b3562931f45a8b072576a85f503b920a) + - [ ] [开源情报|国际动态|美军推进NGC2计划](https://mp.weixin.qq.com/s?__biz=Mzg2NTcyNjU4Nw==&mid=2247485884&idx=1&sn=8ccd9e4abf845a08af7a6494a0486132) + - [ ] [“金蛇”耀目来袭!蜚语科技(动态)红包封面U0001f9e7惊喜上线,超炫速领!](https://mp.weixin.qq.com/s?__biz=MzI5NzI5NzY1MA==&mid=2247491098&idx=1&sn=1f711bf469ddfc3b88973b84b4d78fa6) + - [ ] [思科曝9.9分关键权限提升漏洞;|知名车企漏洞:只需车牌号,就能远程监控劫持数百万辆车](https://mp.weixin.qq.com/s?__biz=MzAxMjE3ODU3MQ==&mid=2650607310&idx=1&sn=fd7cbe9d4363d477ead1d88c79cddbc6) + - [ ] [万事达卡爆出致命DNS错误配置](https://mp.weixin.qq.com/s?__biz=MzAxMjE3ODU3MQ==&mid=2650607310&idx=2&sn=f5d78211039982a7bb244623c11975f5) + - [ ] [探寻Bottle框架内存马](https://mp.weixin.qq.com/s?__biz=MzAxMjE3ODU3MQ==&mid=2650607310&idx=3&sn=8b5bb34f48ddd5f55a4253e2974d1323) + - [ ] [10个神一般的Windows一键取证神器](https://mp.weixin.qq.com/s?__biz=MzAxMjE3ODU3MQ==&mid=2650607310&idx=4&sn=c437cef9321ee7b3f502dee21be73d80) + - [ ] [携程SRC漏洞贡献值排行榜奖励揭晓](https://mp.weixin.qq.com/s?__biz=MzAwOTczODMxMw==&mid=2651017526&idx=1&sn=e452849723ece70271aac0e8c9bba31e) + - [ ] [特色专题 | 密态计算技术发展研究](https://mp.weixin.qq.com/s?__biz=MzkwMTMyMDQ3Mw==&mid=2247597665&idx=1&sn=9cf8233b83e6648293c3f0026199d53b) + - [ ] [2025春节放假通知!](https://mp.weixin.qq.com/s?__biz=MzkwMTMyMDQ3Mw==&mid=2247597665&idx=2&sn=62e92b9613bdd6576ffd24ded8d94b48) + - [ ] [智启创信变革,共谱网安华章——创信华通2025新春年会圆满落幕](https://mp.weixin.qq.com/s?__biz=MzUxNTQxMzUxMw==&mid=2247524967&idx=1&sn=99ddad0ce4e858ff9ed36863785fff4c) + - [ ] [网安项目价格:600->550->150->快tm给我五百](https://mp.weixin.qq.com/s?__biz=MzkyOTQzNjIwNw==&mid=2247491510&idx=1&sn=8e5798a963cc4b685595435d49a96d24) + - [ ] [今晚一起聊聊提升认知和最近的思考](https://mp.weixin.qq.com/s?__biz=MzIyOTAxOTYwMw==&mid=2650236955&idx=1&sn=8727f67fded4278c8abd5fd3b2476443) +- 嘶吼 RoarTalk – 网络安全行业综合服务平台,4hou.com + - [ ] [黑客利用伪造的恶意软件构建器感染了18,000个“script kiddies”](https://www.4hou.com/posts/yzAR) + - [ ] [新的 DoubleClickjacking 攻击利用双击来劫持帐户](https://www.4hou.com/posts/vwJn) +- Recent Commits to cve:main + - [ ] [Update Sun Jan 26 20:11:42 UTC 2025](https://github.com/trickest/cve/commit/f22674c92d9c9d36dc7fccc765ad1a5cd605dddd) + - [ ] [Update Sun Jan 26 12:25:12 UTC 2025](https://github.com/trickest/cve/commit/d08b1078577025607e08eeed5db925268172e62f) + - [ ] [Update Sun Jan 26 04:23:53 UTC 2025](https://github.com/trickest/cve/commit/4054876b4ba4a47e7bcfa06db4f05bdb490c72b7) +- Blogs dade + - [ ] [Weekly Retro 2025-W04](https://0xda.de/blog/2025/01/weekly-retro-2025-w04/) +- Bug Bounty in InfoSec Write-ups on Medium + - [ ] [Unlock the Full Potential of the Wayback Machine for Bug Bounty](https://infosecwriteups.com/unlock-the-full-potential-of-the-wayback-machine-for-bug-bounty-8b6f57e2637d?source=rss----7b722bfd1b8d--bug_bounty) +- hasherezade's 1001 nights + - [ ] [Process Hollowing on Windows 11 24H2](https://hshrzd.wordpress.com/2025/01/27/process-hollowing-on-windows-11-24h2/) +- Twitter @bytehx + - [ ] [Re @0xdef1ant Congrats 🎉🎉🎉](https://x.com/bytehx343/status/1883378858269020361) +- FreeBuf网络安全行业门户 + - [ ] [[Meachines] [Easy] Academy Laravel-RCE+TRP00F权限提升+audit服务日志权限提升+composer权限提升](https://www.freebuf.com/articles/web/420868.html) + - [ ] [Bombon 方法论:我将如何测试Web缓存漏洞](https://www.freebuf.com/articles/web/420867.html) + - [ ] [[Meachines] [Easy] Bank balance-transfer目录泄露+etcpasswd权限提升+SUID emergency权限提升](https://www.freebuf.com/articles/web/420863.html) + - [ ] [Pwn2Own Automotive2025落幕,累计成功利用49个零日漏洞](https://www.freebuf.com/news/420848.html) + - [ ] [[Meachines] [Easy] Bashed PHP Bash+Python计划任务权限提升](https://www.freebuf.com/articles/web/420843.html) + - [ ] [Meta的Llama框架漏洞使AI系统面临远程代码执行风险](https://www.freebuf.com/vuls/420864.html) + - [ ] [FreeBuf早报 | 这些“春节福利”都是诈骗陷阱;思科警告ClamAV漏洞出现PoC利用代码](https://www.freebuf.com/news/420840.html) + - [ ] [Microsoft Entra ID允许普通用户更新自己的UPN](https://www.freebuf.com/news/420832.html) +- 奇客Solidot–传递最新科技情报 + - [ ] [GLP-1RA 的益处和风险](https://www.solidot.org/story?sid=80431) + - [ ] [研究人员发现中欧电网用非加密无线信号控制](https://www.solidot.org/story?sid=80430) + - [ ] [甲骨文等正在谈判接手 TikTok 美国业务](https://www.solidot.org/story?sid=80428) + - [ ] [小鼠研究发现微塑料会堵塞大脑血液流动](https://www.solidot.org/story?sid=80427) + - [ ] [ADHD 患者有更短的预期寿命](https://www.solidot.org/story?sid=80426) + - [ ] [研究称电动汽车的寿命与燃油汽车相差无几](https://www.solidot.org/story?sid=80425) +- 威努特安全网络 + - [ ] [威努特春节假期业务保障通知](https://mp.weixin.qq.com/s?__biz=MzAwNTgyODU3NQ==&mid=2651130894&idx=1&sn=a739a4aa1a6a2ba1ed852c001b054cac&chksm=80e716beb7909fa8843b696e0efcf422e23be1815fd7fbc7f4daca4d26fd047631f3160f831e&scene=58&subscene=0#rd) + - [ ] [蛇年限定!特特祝您蛇跃新程,专属红包封面大派送](https://mp.weixin.qq.com/s?__biz=MzAwNTgyODU3NQ==&mid=2651130893&idx=1&sn=93968e179aca1422e0b570785a21350a&chksm=80e716bdb7909fabc3fa203233b7fe9dea90e57a1941fca61e177b66b0e669412cb233f32eac&scene=58&subscene=0#rd) +- 吾爱破解论坛 + - [ ] [【活动】感动吾爱2024优秀会员评选活动(总方案)](https://mp.weixin.qq.com/s?__biz=MjM5Mjc3MDM2Mw==&mid=2651141640&idx=1&sn=c7380d0293c9463bb911500de75e6466&chksm=bd50a65c8a272f4a8312beef94ff17af41e1da141c344f6e9a4f5297c2be895e52abecf53ef3&scene=58&subscene=0#rd) +- 丁爸 情报分析师的工具箱 + - [ ] [【资料】数学大杀器](https://mp.weixin.qq.com/s?__biz=MzI2MTE0NTE3Mw==&mid=2651148696&idx=1&sn=898da3a09a42c00a39a6f4178656ff59&chksm=f1af26a2c6d8afb4fb5ba4db233123601088c22139ec75c8e7c53136ed50505603f230c105ae&scene=58&subscene=0#rd) +- 安全圈 + - [ ] [【安全圈】安全圈恭祝大家:新年快乐~](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067622&idx=1&sn=b905decd9f92c3687f021950a11cf89f&chksm=f36e7b66c419f2704293e2da9dd1732a0ac8785b07a9defa259a712df9c0b64a24b38e366bb1&scene=58&subscene=0#rd) + - [ ] [【安全圈】Microsoft Entra ID允许普通用户更新自己的UPN](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067622&idx=2&sn=a56656b05bfd9f42f777c577cffe85e3&chksm=f36e7b66c419f2708526e2e4cf320f327b2b10e54589e7f1f7332c0aaab95c830b6fe1e99286&scene=58&subscene=0#rd) + - [ ] [【安全圈】黑客利用Windows RID劫持技术创建隐藏管理员账户](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067622&idx=3&sn=ad95819ae6f36cb189f9da9618fff556&chksm=f36e7b66c419f270b763f53a6b467d57fb473ad42b2f070ef2b5ef85e28fe5a6a216883110c8&scene=58&subscene=0#rd) +- dotNet安全矩阵 + - [ ] [感恩回馈!dot.Net安全矩阵与 NOP Team 安全团队共庆 SoapShell 项目新突破](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498461&idx=1&sn=c89203d98fd373a5323694401d4eee08&chksm=fa595430cd2edd26502b5d69a1747efcd9ce1cb574936412319dc22ee9b8eeae7e24972e0751&scene=58&subscene=0#rd) + - [ ] [.NET 第 56 期红队武器库和资源汇总](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498461&idx=2&sn=60a67fa4d6b0ab13ce54974a473dfcab&chksm=fa595430cd2edd265f6d792bb13109ecef4975bbf86b6cbe3d23e6cefc38191e742bc24dd549&scene=58&subscene=0#rd) + - [ ] [内网痕迹清理,通过 Sharp4ModifyTime 伪造文件时间戳](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498461&idx=3&sn=2626f54c3fe728d0e72c4b26794f1458&chksm=fa595430cd2edd26a574fe2967cd3ed4ca807ba91f50806c2e0a4b1a9f6ac27d109181aadb58&scene=58&subscene=0#rd) +- 电子物证 + - [ ] [【域外个人生物识别信息保护模式考察】](https://mp.weixin.qq.com/s?__biz=MzAwNDcwMDgzMA==&mid=2651048266&idx=1&sn=8334dbe01a95b5daf8e63ee699ada254&chksm=80d086bbb7a70fade14c6a8d0dce906ad10af5799f8393fe9a43ab628cbbb1d034b401020b9a&scene=58&subscene=0#rd) + - [ ] [【侵犯公民个人信息罪审判实践中的若干问题】](https://mp.weixin.qq.com/s?__biz=MzAwNDcwMDgzMA==&mid=2651048266&idx=2&sn=1f9c690e7d098eef6acaf5815921e9b7&chksm=80d086bbb7a70fad571ce986ba0d665958fea2b1e596aa19575f34d88c816db0c9339a374a52&scene=58&subscene=0#rd) +- 火绒安全 + - [ ] [春节期间火绒将持续为您护航](https://mp.weixin.qq.com/s?__biz=MzI3NjYzMDM1Mg==&mid=2247521917&idx=1&sn=e7a05b4ef346358b0fdb75511aab4db3&chksm=eb704842dc07c154240b11635ca9b61eecbb8c5b6156e882e68f819af8d39f6377d5bc72b5af&scene=58&subscene=0#rd) + - [ ] [诚邀渠道合作伙伴共启新征程](https://mp.weixin.qq.com/s?__biz=MzI3NjYzMDM1Mg==&mid=2247521917&idx=2&sn=742c0d32b70556b96dfa343540c46342&chksm=eb704842dc07c154ffccdb4837b259ec39c35268890217c2498250f931a95febe081d7cebe18&scene=58&subscene=0#rd) +- 威胁棱镜 + - [ ] [2024 年云威胁报告](https://mp.weixin.qq.com/s?__biz=MzkyMzE5ODExNQ==&mid=2247487641&idx=1&sn=a8898a47e93d5fab2dcffdfc8e8f4d37&chksm=c1e9e755f69e6e439ce0173ca28cc38881d507533e17d3e4e34bdf6bf25b87d406b04f9ea080&scene=58&subscene=0#rd) +- 慢雾科技 + - [ ] [喜迎七周年|守正出奇,安全出彩](https://mp.weixin.qq.com/s?__biz=MzU4ODQ3NTM2OA==&mid=2247501022&idx=1&sn=9b1b6cacc81fcfd8cbe9cc1b220e1832&chksm=fddeba59caa9334f36aab17997af5899a4932950b03dd231b9d922dd6d8c0944f18b1e8729c3&scene=58&subscene=0#rd) +- 网安国际 + - [ ] [【InForSec 2025年会顶会论文回顾】陈熠豪: 语义驱动的互联网路由异常检测系统](https://mp.weixin.qq.com/s?__biz=MzA4ODYzMjU0NQ==&mid=2652317461&idx=1&sn=777cc0e34a153ddeb9a61aeeb97cb500&chksm=8bc4ba9bbcb3338d0e6d08f4448934f0ea1f378886cef1f7bbb083452f4197a84e9b5673bbd8&scene=58&subscene=0#rd) + - [ ] [【InForSec 2025年会顶会论文回顾】张允义:权威服务之殇:你的权威服务器配置真的安全么?](https://mp.weixin.qq.com/s?__biz=MzA4ODYzMjU0NQ==&mid=2652317461&idx=2&sn=54da24564ffa3c07f1e7add2df9eb838&chksm=8bc4ba9bbcb3338d35bcb7d908867c9c8c15fd285e4b56fa6f28b69429bf1ccb45557acdfa39&scene=58&subscene=0#rd) + - [ ] [【InForSec 2025年会顶会论文回顾】刘超:面向安全的无线感知技术](https://mp.weixin.qq.com/s?__biz=MzA4ODYzMjU0NQ==&mid=2652317461&idx=3&sn=f3f0dbe8a32fb4a3eb373ef17242552f&chksm=8bc4ba9bbcb3338d5b8f49b10b3fb3b5368b7f82ef18529e5924ccf52dd64b8d1c96657c6f35&scene=58&subscene=0#rd) + - [ ] [【InForSec 2025年会顶会论文回顾】林云: 基于参照的钓鱼欺诈检测技术的自动化知识赋能](https://mp.weixin.qq.com/s?__biz=MzA4ODYzMjU0NQ==&mid=2652317461&idx=4&sn=1eb9c732f3567dab37b7614d41b959ef&chksm=8bc4ba9bbcb3338dec2da9d7a1ab5e37aa5af271e4b69a949d6a87d521b4a5e856e7269e02c3&scene=58&subscene=0#rd) + - [ ] [【InForSec 2025年会顶会论文回顾】刘沛宇:探究 ChatGPT 在漏洞管理任务中的能力](https://mp.weixin.qq.com/s?__biz=MzA4ODYzMjU0NQ==&mid=2652317461&idx=5&sn=7becd6dc617d0acb19f79e2562a68616&chksm=8bc4ba9bbcb3338d471b5f27bb2983f32ebb8b14c928d3ddbf68b363b2b7a2700e9ca475d8bc&scene=58&subscene=0#rd) +- 安全牛 + - [ ] [看不见的AI安全威胁,揭秘隐形提示注入风险](https://mp.weixin.qq.com/s?__biz=MjM5Njc3NjM4MA==&mid=2651134990&idx=1&sn=701c1c672e4859e10d8a989e92cfb9b5&chksm=bd15acdd8a6225cb5ec58575e05024b4512f90cf414c4929ea5550ca0ce63abe76610f3c4bcb&scene=58&subscene=0#rd) + - [ ] [航空防务公司Stark被曝遭遇勒索攻击,4TB机密数据疑被窃取;华硕意外泄露AMD处理器漏洞,补丁被提前公开 | 牛览](https://mp.weixin.qq.com/s?__biz=MjM5Njc3NjM4MA==&mid=2651134990&idx=2&sn=58403bc9b1f187d4eeb8a0040555e426&chksm=bd15acdd8a6225cb148a4aac712178ac0f5b93c6a31929a25b66f04ad2541cae3e31269ab937&scene=58&subscene=0#rd) +- 嘶吼专业版 + - [ ] [黑客利用伪造的恶意软件构建器感染了18000个“script kiddies”](https://mp.weixin.qq.com/s?__biz=MzI0MDY1MDU4MQ==&mid=2247580992&idx=1&sn=d64510306e9db3532091d13213d4b0ef&chksm=e9146d7ade63e46c7077b4b663c858f41dc3369b4ed1d4dadd5718249441857a6a2dbd2bc693&scene=58&subscene=0#rd) +- 极客公园 + - [ ] [AI 2025 的硅谷答案:60 条关键洞察](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653072853&idx=1&sn=264541a441694d5b98b8c1fd4c2e741c&chksm=7e57d063492059755041e560b50e916fa65df25e081a78c7cf689a694849dbbbf5147f212ab2&scene=58&subscene=0#rd) + - [ ] [雷军龙年压轴直播被平台封禁;阅文短剧上线 7 天流水超 5000 万;苹 CEO 库克客串美剧《人生切割术》曝光 | 极客早知道](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653072840&idx=1&sn=1d72852808d7e99c644154b8b17f3396&chksm=7e57d07e492059689f222cd36fafa7a4b981548e2406a4907f7649f29414d437aba543b35147&scene=58&subscene=0#rd) +- 吴鲁加 + - [ ] [喜欢,简单,长期](https://mp.weixin.qq.com/s?__biz=Mzg5NDY4ODM1MA==&mid=2247485159&idx=1&sn=f380bfe92c8a34de1efd46f61388b182&chksm=c01a8bd6f76d02c0279595a65a06ccf64607ece8164156c06c9f84a8931e3c69827cc002ef19&scene=58&subscene=0#rd) +- 中国信息安全 + - [ ] [通知 | 《中国人民银行业务领域网络安全事件报告管理办法(征求意见稿)》公开征求意见](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235817&idx=1&sn=fc21c6dca1cb7fc755540bf1a276b4b8&chksm=8b5801d0bc2f88c64b2b33a32ff1a4843f115dc87b187875b035e581478bac28fa6bbd2edce9&scene=58&subscene=0#rd) + - [ ] [通知 | 市场监管总局就《网络交易合规数据报送管理暂行办法(征求意见稿)》公开征求意见(附全文)](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235817&idx=2&sn=06ab12bffe83179be743b7574a46733f&chksm=8b5801d0bc2f88c60c136de3cf22a57e9bf3c67399afa6460b98658f345884af8af9f9530e65&scene=58&subscene=0#rd) + - [ ] [王小洪:以更大的决心和力度 推动打击治理电信网络诈骗工作向纵深发展](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235817&idx=3&sn=a50ca75a1c03205901b7729871f25d56&chksm=8b5801d0bc2f88c61f7af6b54d6e354c22a2a5efd4fde9f1e076a1e06c36c2d5c59c916711ad&scene=58&subscene=0#rd) + - [ ] [专家解读 | 构建以统一底座为支撑的数据流通利用设施](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235817&idx=4&sn=5076068c4750dd6b85b48aa9607d94b1&chksm=8b5801d0bc2f88c6579c93f85b9547010ec4fef616426845f7307a2f90ba0776caf33093fc32&scene=58&subscene=0#rd) + - [ ] [通知 | 网安标委发布《网络安全标准实践指南——人脸识别支付场景个人信息安全保护要求》(附全文)](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235817&idx=5&sn=be29f8aa62961fd03e70b0971dd8282d&chksm=8b5801d0bc2f88c6f066bb15865a68ae0fcd446f4e1d5e2d09e8e7280ec917f3de8e84e77638&scene=58&subscene=0#rd) + - [ ] [通知 | 网安标委就《人工智能安全标准体系(V1.0)(征求意见稿)》公开征求意见(附下载)](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235817&idx=6&sn=70f1d6b8d5331b791b6625561bb8d084&chksm=8b5801d0bc2f88c6f5531c9b3013de16ecdbd285242b3a7d9b224e56752ab1c7ef4b1bd671f8&scene=58&subscene=0#rd) + - [ ] [一图读懂 | 国家标准 GB/T 44886.1-2024《网络安全技术 网络安全产品互联互通 第1部分:框架》](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235817&idx=7&sn=d60847ac4d75129f5c475ff4f947f02b&chksm=8b5801d0bc2f88c64b2abdb1d1f4dcf8620e389597584c19fc47849b0b65a88f77183078abde&scene=58&subscene=0#rd) +- 白帽子章华鹏 + - [ ] [今晚一起聊聊提升认知和最近的思考](https://mp.weixin.qq.com/s?__biz=MzIyOTAxOTYwMw==&mid=2650236955&idx=1&sn=8727f67fded4278c8abd5fd3b2476443&chksm=f04ad2a7c73d5bb1a4a24843828005600ab641a02488e6c7920e86b55341f92ee103dbfade7e&scene=58&subscene=0#rd) +- IT Service Management News + - [ ] [Aggiornamento legislativo 2025](http://blog.cesaregallotti.it/2025/01/aggiornamento-legislativo-2025.html) +- 希潭实验室 + - [ ] [第115篇:俄乌网络战之二,乌克兰第2次大停电事件复盘](https://mp.weixin.qq.com/s?__biz=MzkzMjI1NjI3Ng==&mid=2247487377&idx=1&sn=f529c0ec1eb1c2822155f2a03f0c7fbd&chksm=c25fc0eaf52849fc0d9633208b5bad2676a3b64410c0fe687f919721bb83b607980f9a97c200&scene=58&subscene=0#rd) +- Over Security - Cybersecurity news aggregator + - [ ] [Ransomware gang uses SSH tunnels for stealthy VMware ESXi access](https://www.bleepingcomputer.com/news/security/ransomware-gang-uses-ssh-tunnels-for-stealthy-vmware-esxi-access/) + - [ ] [UnitedHealth now says 190 million impacted by 2024 data breach](https://www.bleepingcomputer.com/news/security/unitedhealth-now-says-190-million-impacted-by-2024-data-breach/) +- 迪哥讲事 + - [ ] [实战中的WebService利⽤⽅法](https://mp.weixin.qq.com/s?__biz=MzIzMTIzNTM0MA==&mid=2247496952&idx=1&sn=fdb338f5ff8cf421424cfcc5c01bfbb7&chksm=e8a5fe9bdfd2778d4c2584e6f5e6b3ce81120dca35669befee62af7d00ae7ada9b06c0dc02fe&scene=58&subscene=0#rd) +- 洞源实验室 + - [ ] [安全产品应该如何有效落地?](https://mp.weixin.qq.com/s?__biz=Mzg4Nzk3MTg3MA==&mid=2247487714&idx=1&sn=7dd60003f789bb02de5697f066178557&chksm=cf831993f8f49085ac4f83bcdee9d23f74fbdb0297c9e38cf9fdc4b9788ecaac632088714056&scene=58&subscene=0#rd) +- Computer Forensics + - [ ] [SOPs -standard operating procedures in DFIR?](https://www.reddit.com/r/computerforensics/comments/1iap5m1/sops_standard_operating_procedures_in_dfir/) + - [ ] [Advice for Someone Interested in Digital Forensics](https://www.reddit.com/r/computerforensics/comments/1ia9pmk/advice_for_someone_interested_in_digital_forensics/) + - [ ] [DF on the side as a LEO](https://www.reddit.com/r/computerforensics/comments/1ia5vc7/df_on_the_side_as_a_leo/) +- TorrentFreak + - [ ] [Appeals Court Affirms U.S. Navy Should Pay $154k in Piracy Damages, not $155m](https://torrentfreak.com/appeals-court-affirms-that-u-s-navy-should-pay-154k-in-piracy-damages-not-155m-250126/) +- Security Affairs + - [ ] [Change Healthcare data breach exposed the private data of over half the U.S.](https://securityaffairs.com/173467/data-breach/change-healthcare-data-breach-190m-people.html) + - [ ] [SECURITY AFFAIRS MALWARE NEWSLETTER – ROUND 30](https://securityaffairs.com/173461/malware/security-affairs-malware-newsletter-round-30.html) + - [ ] [Security Affairs newsletter Round 508 by Pierluigi Paganini – INTERNATIONAL EDITION](https://securityaffairs.com/173454/breaking-news/security-affairs-newsletter-round-508-by-pierluigi-paganini-international-edition.html) + - [ ] [Cisco warns of a ClamAV bug with PoC exploit](https://securityaffairs.com/173446/uncategorized/cisco-fixed-clamav-dos-flaw.html) +- Hacking Exposed Computer Forensics Blog + - [ ] [Daily Blog #729: Solution Saturday 1/25/25](https://www.hecfblog.com/2025/01/daily-bloh-729-solution-saturday-12525.html) +- Technical Information Security Content & Discussion + - [ ] [Clone2Leak: Your Git Credentials Belong To Us](https://www.reddit.com/r/netsec/comments/1iagp0v/clone2leak_your_git_credentials_belong_to_us/) + - [ ] [WorstFit: Unveiling Hidden Transformers in Windows ANSI](https://www.reddit.com/r/netsec/comments/1iarjw6/worstfit_unveiling_hidden_transformers_in_windows/) +- Information Security + - [ ] [Question regarding wireless interefence](https://www.reddit.com/r/Information_Security/comments/1iakb4j/question_regarding_wireless_interefence/) + - [ ] [Do you know of somebody who got hacked for using an older/unsupported phone?](https://www.reddit.com/r/Information_Security/comments/1iasbmc/do_you_know_of_somebody_who_got_hacked_for_using/) +- Jack Hacks + - [ ] [So You Want To Work in Cyber Security?](https://jhalon.github.io/breaking-into-cyber-security/) +- Your Open Hacker Community + - [ ] [good hacking movies/series like mr robot?](https://www.reddit.com/r/HowToHack/comments/1iahrnk/good_hacking_moviesseries_like_mr_robot/) + - [ ] [Huge collection of hacking related learning material and books for free.(Found it on darkweb ,looks legit)](https://www.reddit.com/r/HowToHack/comments/1ias0x4/huge_collection_of_hacking_related_learning/) + - [ ] [Best place to find mentees?](https://www.reddit.com/r/HowToHack/comments/1iadjac/best_place_to_find_mentees/) + - [ ] [how can I get maltego to add data sources when it was offline activated?](https://www.reddit.com/r/HowToHack/comments/1iat8pa/how_can_i_get_maltego_to_add_data_sources_when_it/) + - [ ] [I need help with a generator bot](https://www.reddit.com/r/HowToHack/comments/1iaseq6/i_need_help_with_a_generator_bot/) + - [ ] [What are some good cybersecurity project ideas?](https://www.reddit.com/r/HowToHack/comments/1iar1c2/what_are_some_good_cybersecurity_project_ideas/) + - [ ] [Can someone somehow see what other people are typing on a whatsapp group or private chat?](https://www.reddit.com/r/HowToHack/comments/1iaqkds/can_someone_somehow_see_what_other_people_are/) + - [ ] [Restore exe file code written in Python.](https://www.reddit.com/r/HowToHack/comments/1iaje21/restore_exe_file_code_written_in_python/) + - [ ] [Passware password recovery](https://www.reddit.com/r/HowToHack/comments/1ia4c8z/passware_password_recovery/) + - [ ] [I got a roblox account user and password i want change email](https://www.reddit.com/r/HowToHack/comments/1iarpig/i_got_a_roblox_account_user_and_password_i_want/) + - [ ] [Help with arduino bad usb I’m making](https://www.reddit.com/r/HowToHack/comments/1ia6d1w/help_with_arduino_bad_usb_im_making/) + - [ ] [how do people inject a certain code to a device using a usb?](https://www.reddit.com/r/HowToHack/comments/1ia3sls/how_do_people_inject_a_certain_code_to_a_device/) + - [ ] [Im genuinely curious, how do people hack](https://www.reddit.com/r/HowToHack/comments/1ia3j94/im_genuinely_curious_how_do_people_hack/) +- Social Engineering + - [ ] [Social constructs](https://www.reddit.com/r/SocialEngineering/comments/1ianqbu/social_constructs/) +- The Hacker News + - [ ] [Meta's Llama Framework Flaw Exposes AI Systems to Remote Code Execution Risks](https://thehackernews.com/2025/01/metas-llama-framework-flaw-exposes-ai.html) diff --git a/archive/tmp/2025-01-27.json b/archive/tmp/2025-01-27.json new file mode 100644 index 0000000000..143bd2f090 --- /dev/null +++ b/archive/tmp/2025-01-27.json @@ -0,0 +1,347 @@ +{ + "SecWiki News": { + "SecWiki News 2025-01-26 Review": "http://www.sec-wiki.com/?2025-01-26" + }, + "Private Feed for M09Ic": { + "safedv starred ambionics/cnext-exploits": "https://github.com/ambionics/cnext-exploits", + "liamg starred getcursor/cursor": "https://github.com/getcursor/cursor", + "mgeeky starred x86matthew/WinVisor": "https://github.com/x86matthew/WinVisor", + "mgeeky starred ionescu007/Simpleator": "https://github.com/ionescu007/Simpleator", + "mgeeky starred moudey/Shell": "https://github.com/moudey/Shell", + "safedv started following NtDallas": "https://github.com/NtDallas", + "safedv starred NtDallas/OdinLdr": "https://github.com/NtDallas/OdinLdr", + "safedv started following emdnaia": "https://github.com/emdnaia", + "kpcyrd released 20250126 at archlinux/archlinux-repro": "https://github.com/archlinux/archlinux-repro/releases/tag/20250126", + "safedv starred anderspitman/awesome-tunneling": "https://github.com/anderspitman/awesome-tunneling", + "safedv starred lolc2/lolc2.github.io": "https://github.com/lolc2/lolc2.github.io", + "safedv starred rust-lang/rust": "https://github.com/rust-lang/rust", + "mozhu1024 starred glauth/glauth": "https://github.com/glauth/glauth", + "zer0yu starred huggingface/open-r1": "https://github.com/huggingface/open-r1", + "mozhu1024 starred P3TERX/GeoLite.mmdb": "https://github.com/P3TERX/GeoLite.mmdb", + "wabzsy starred apache/answer": "https://github.com/apache/answer", + "kyxiaxiang starred klezVirus/RpcProxyInvoke": "https://github.com/klezVirus/RpcProxyInvoke", + "FunnyWolf starred AmruthPillai/Reactive-Resume": "https://github.com/AmruthPillai/Reactive-Resume" + }, + "CXSECURITY Database RSS Feed - CXSecurity.com": { + "DNN CMS remote File Upload": "https://cxsecurity.com/issue/WLB-2025010026" + }, + "Security Boulevard": { + "Empowering Cloud Compliance with Seamless Security": "https://securityboulevard.com/2025/01/empowering-cloud-compliance-with-seamless-security/", + "Scaling Security with Automated Identity Management": "https://securityboulevard.com/2025/01/scaling-security-with-automated-identity-management/", + "Innovative Approaches to Secrets Scanning": "https://securityboulevard.com/2025/01/innovative-approaches-to-secrets-scanning/", + "The Small Business Guide to Everyday Access Management and Secure Off-boarding": "https://securityboulevard.com/2025/01/the-small-business-guide-to-everyday-access-management-and-secure-off-boarding/", + "DEF CON 32 – Attacks On GenAI Data & Using Vector Encryption To Stop Them": "https://securityboulevard.com/2025/01/def-con-32-attacks-on-genai-data-using-vector-encryption-to-stop-them/", + "INE Security Alert: Expediting CMMC 2.0 Compliance": "https://securityboulevard.com/2025/01/ine-security-alert-expediting-cmmc-2-0-compliance/" + }, + "Doonsec's feed": { + "Vlunstack ATT&CK---红日靶场(三)": "https://mp.weixin.qq.com/s?__biz=MzkxNTc1MzQyNw==&mid=2247488809&idx=1&sn=b496a3e45eeae3831a0bea34e53fa254", + "探秘网络安全神器:蜜罐工具": "https://mp.weixin.qq.com/s?__biz=MzkzNzg3NzQxMQ==&mid=2247485731&idx=1&sn=f855b4678f6428cb1cda14a26cc651f2", + "白帽必知!Kunlun-Mirror源代码安全审计工具全解析": "https://mp.weixin.qq.com/s?__biz=Mzk2NDE3NDUwNg==&mid=2247483897&idx=1&sn=050c8f872083541fe1c136e416528513", + "深入某CMS渗透测试:从弱口令到接管webshell": "https://mp.weixin.qq.com/s?__biz=MzU2MTc4NTEyNw==&mid=2247486445&idx=1&sn=071008d1b39bf3757ff2279a6581fe71", + "紧急告警!Meta Llama框架漏洞,AI系统面临远程代码执行风险": "https://mp.weixin.qq.com/s?__biz=MzA4MzMzOTQ4Mw==&mid=2453672529&idx=1&sn=cdc7f3d0c6553b9b1c05425ba64820b9", + "安全行业到底是技术密集型企业,还是劳动力密集型企业?这里不只有答案!": "https://mp.weixin.qq.com/s?__biz=MzAxOTk3NTg5OQ==&mid=2247492241&idx=1&sn=f1d5ff7631506292b224073985727b34", + "揭秘电信诈骗经典套路,掌数助你安全过年!": "https://mp.weixin.qq.com/s?__biz=MzAxOTk3NTg5OQ==&mid=2247492241&idx=2&sn=694d6f191fd17874f357e1e23a8f2484", + "特斯拉电动汽车越狱": "https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247620109&idx=1&sn=c06d5d123d722aaffb574cb0be9e239c", + "汽车行业的4项基本网络安全原则": "https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247620109&idx=2&sn=18d34e13e4ba4bc5e34fb0e0ef2ca9e5", + "2024年智能网联汽车网络安全年度报告": "https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247620109&idx=3&sn=0ced06cdd407328f94166f55dbdb9d95", + "每日情报速递20250126": "https://mp.weixin.qq.com/s?__biz=MzkxMzU4ODU2MQ==&mid=2247484059&idx=1&sn=572b8430a8e9a8fc9a2befc5ec6bfae8", + "GLM-PC初测": "https://mp.weixin.qq.com/s?__biz=MzkxMzU4ODU2MQ==&mid=2247484059&idx=2&sn=649c7ce34373e5a447ece9529998b884", + "【云安全】云原生-K8S-简介": "https://mp.weixin.qq.com/s?__biz=MzUyNTUyNTA5OQ==&mid=2247484722&idx=1&sn=ba4e1e01878dddae81fa21ad3e96a91e", + "人工智能安全标准体系": "https://mp.weixin.qq.com/s?__biz=MjM5OTk4MDE2MA==&mid=2655264717&idx=1&sn=c8b71d3dcbc5b20f23de67fee056205a", + "秦安:特朗普上台,中美首场博弈,马斯克出战,比拼网络谁懂谁?": "https://mp.weixin.qq.com/s?__biz=MzA5MDg1MDUyMA==&mid=2650476326&idx=1&sn=cfd5c4c650875cd31f9fae8bf6b3c1e7", + "秦安:到底让谁伟大?特朗普要不断扩大领土,怒发冲冠为TikTok狂": "https://mp.weixin.qq.com/s?__biz=MzA5MDg1MDUyMA==&mid=2650476326&idx=2&sn=e8546aeb10f5f9b28979d07929f87d67", + "The Great Fry 抢劫案:Noha 如何抓住网络罪魁祸首": "https://mp.weixin.qq.com/s?__biz=MzkwOTE5MDY5NA==&mid=2247504774&idx=1&sn=f570ff10a65093e52cb37f13dee8da37", + "WordPress CF Link Shortcode 插件存在前台SQL注入漏洞(CVE-2024-12404)": "https://mp.weixin.qq.com/s?__biz=Mzg4MTkwMTI5Mw==&mid=2247488723&idx=1&sn=b6dcde79af26f7316bf47c73990a2c54", + "警惕!手机这个功能,慎用": "https://mp.weixin.qq.com/s?__biz=MzkyNDcwMTAwNw==&mid=2247533707&idx=1&sn=3c4a7b2a599063486ac3ecd99597e55c", + "警惕!朝鲜黑客组织利用“OtterCookie”后门锁定软件开发者": "https://mp.weixin.qq.com/s?__biz=Mzg3OTYxODQxNg==&mid=2247485633&idx=1&sn=835b492b5b7b522cd0420cc6ffee782e", + "从 LFI 到 RCE 的旅程!!!": "https://mp.weixin.qq.com/s?__biz=Mzg2ODYxMzY3OQ==&mid=2247518315&idx=1&sn=5664abc72c27c8258f88adcb7ac37b50", + "SRC专项知识库": "https://mp.weixin.qq.com/s?__biz=Mzg2ODYxMzY3OQ==&mid=2247518315&idx=2&sn=3324aecef9cf1f80d5d24f889ac44323", + "羡慕": "https://mp.weixin.qq.com/s?__biz=MzAwMjQ2NTQ4Mg==&mid=2247496794&idx=1&sn=d5ec64d14996f316e911423bb3e8c66a", + "实战中的WebService利⽤⽅法": "https://mp.weixin.qq.com/s?__biz=MzIzMTIzNTM0MA==&mid=2247496952&idx=1&sn=fdb338f5ff8cf421424cfcc5c01bfbb7", + "揭露网络欺骗:针对多个品牌的通用网络钓鱼页面的兴起": "https://mp.weixin.qq.com/s?__biz=MzkxMjYyMDYyNA==&mid=2247484046&idx=1&sn=f1fd3fb24ab9330fe70b01423b65ac66", + "《绝命毒师》主演 Dean Norris 推特账号再次遭黑客攻击并发布假冒代币": "https://mp.weixin.qq.com/s?__biz=MzU2MTQwMzMxNA==&mid=2247541459&idx=1&sn=5516ad53cd1053c10ba980fffef521a4", + "VPC访问控制之网络安全组": "https://mp.weixin.qq.com/s?__biz=Mzg3NTUzOTg3NA==&mid=2247515076&idx=1&sn=659fd2d6a7593fe3646e3eaf130214ca", + "文末抽奖 | VNCTF2025 报名开启": "https://mp.weixin.qq.com/s?__biz=MzIxMDYyNTk3Nw==&mid=2247515152&idx=1&sn=a0e8b286a2f198209df2ff60791ee27c", + "安全工程师的好帮手,Windows应急响应工具HawkEye更新!": "https://mp.weixin.qq.com/s?__biz=MzU4NTg4MzIzNA==&mid=2247484356&idx=1&sn=6e62ed5d3095fff522186a185f8e68b3", + "华为携手东莞市政务和数据局荣膺工信部2024年网络安全典型案例榜首": "https://mp.weixin.qq.com/s?__biz=MzAwODU5NzYxOA==&mid=2247505839&idx=1&sn=375a0c8d6d2f25122068a1e62bc65310", + "【资讯】网安标委就《人工智能安全标准体系(V1.0)(征求意见稿)》公开征求意见": "https://mp.weixin.qq.com/s?__biz=MzU1NDY3NDgwMQ==&mid=2247549492&idx=1&sn=520753349c0cf7619b9c6af2a28fd72c", + "过年红包别随便抢!这些“春节福利”都是诈骗陷阱→": "https://mp.weixin.qq.com/s?__biz=MzI0NzE4ODk1Mw==&mid=2652094707&idx=1&sn=3d4881e29e1474077d4b06d4200f8e37", + "涉嫌非法获取公民个人信息 8家MCN机构被查处": "https://mp.weixin.qq.com/s?__biz=MzI0NzE4ODk1Mw==&mid=2652094707&idx=2&sn=eb3dc8e50a1cb201c16ee8903d8cae79", + "【云安全】云原生-Docker(五)容器逃逸之漏洞利用": "https://mp.weixin.qq.com/s?__biz=Mzg3OTUxNTU2NQ==&mid=2247490023&idx=1&sn=846a609d96c5cc54f73d7ed7607539ec", + "IDA背后的原理入门(一): 简介&函数识别": "https://mp.weixin.qq.com/s?__biz=Mzg3OTUxNTU2NQ==&mid=2247490023&idx=2&sn=703e83e51126605e67867df619bc4f75", + "对 404 站点的漏洞挖掘": "https://mp.weixin.qq.com/s?__biz=Mzg3OTUxNTU2NQ==&mid=2247490023&idx=3&sn=254de260da45916c1b80cf6eee6c4ed4", + "江苏国骏春节放假安排通知": "https://mp.weixin.qq.com/s?__biz=MzkzNjIzMjM5Ng==&mid=2247490211&idx=1&sn=79d453111e91e3708bed78897a153667", + "电信安全春节服务保障公告": "https://mp.weixin.qq.com/s?__biz=MzkxNDY0MjMxNQ==&mid=2247532881&idx=1&sn=f7ce31d9deae7d9f09369b2fbd7efdd6", + "Go-Zero框架代码审计": "https://mp.weixin.qq.com/s?__biz=MzkyODY3NjkyNQ==&mid=2247484782&idx=1&sn=ef633f25050192661512a78ef8de4078", + "带你解锁编码新世界!--随波逐流CTF编码工具使用教程43 --Cetacean鲸目密码": "https://mp.weixin.qq.com/s?__biz=MzU2NzIzNzU4Mg==&mid=2247489632&idx=1&sn=3ff1d1c39c3f0e25f34bef3ac8c183b5", + "警惕!渗透测试需知的法律红线": "https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485460&idx=1&sn=2696efeb84408d3c65e9b5c18cfce0f2", + "北七家-未来科学城,3居变4居豪装,理想楼层/户型/朝向": "https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485460&idx=2&sn=b9459522f7bd728b53c0aaa765d47bd1", + "【干货】笑傲职场的独家经验(1)": "https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485460&idx=3&sn=8eb6cc5ed3d8eceebfc8cf7f19aad28f", + "【干货原创】实网攻防演习常态化,会带来什么变化01": "https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485460&idx=4&sn=a4c662d181fe6a1bfb6df099e93788eb", + "【干货原创】K12教育,鲜为人知的模式秘密": "https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485460&idx=5&sn=6c4b73da1084e10ae6b5cb4f14acb575", + "原创文章目录": "https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485460&idx=6&sn=3b28bb66cf3c732334138a3142a1a55d", + "进来,送你一打“滴滴技术年货”": "https://mp.weixin.qq.com/s?__biz=MzU1ODEzNjI2NA==&mid=2247573416&idx=1&sn=cfff8a100e658aa48bc033b966273863", + "【安全圈】安全圈恭祝大家:新年快乐~": "https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067622&idx=1&sn=b905decd9f92c3687f021950a11cf89f", + "【安全圈】Microsoft Entra ID允许普通用户更新自己的UPN": "https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067622&idx=2&sn=a56656b05bfd9f42f777c577cffe85e3", + "【安全圈】黑客利用Windows RID劫持技术创建隐藏管理员账户": "https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067622&idx=3&sn=ad95819ae6f36cb189f9da9618fff556", + "新型人工智能“黑帽”工具:GhostGPT带来的威胁与挑战": "https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651313204&idx=1&sn=2b87bf3242ba7820712b8f47a8f4b29e", + "一周网安优质PDF资源推荐丨FreeBuf知识大陆": "https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651313204&idx=2&sn=2a945410ba4cf21397e0cd355c22e796", + "Pwn2Own Automotive 2025落幕,累计成功利用49个零日漏洞": "https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651313204&idx=3&sn=af9e7adb9e7886cc3ec234d15e060a0d", + "DroneXtract:一款针对无人机的网络安全数字取证工具": "https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651313204&idx=4&sn=4a74a6b66c46012d19f2c26e036b95c6", + "【InForSec 2025年会顶会论文回顾】陈熠豪: 语义驱动的互联网路由异常检测系统": "https://mp.weixin.qq.com/s?__biz=MzA4ODYzMjU0NQ==&mid=2652317461&idx=1&sn=777cc0e34a153ddeb9a61aeeb97cb500", + "【InForSec 2025年会顶会论文回顾】张允义:权威服务之殇:你的权威服务器配置真的安全么?": "https://mp.weixin.qq.com/s?__biz=MzA4ODYzMjU0NQ==&mid=2652317461&idx=2&sn=54da24564ffa3c07f1e7add2df9eb838", + "【InForSec 2025年会顶会论文回顾】刘超:面向安全的无线感知技术": "https://mp.weixin.qq.com/s?__biz=MzA4ODYzMjU0NQ==&mid=2652317461&idx=3&sn=f3f0dbe8a32fb4a3eb373ef17242552f", + "【InForSec 2025年会顶会论文回顾】林云: 基于参照的钓鱼欺诈检测技术的自动化知识赋能": "https://mp.weixin.qq.com/s?__biz=MzA4ODYzMjU0NQ==&mid=2652317461&idx=4&sn=1eb9c732f3567dab37b7614d41b959ef", + "【InForSec 2025年会顶会论文回顾】刘沛宇:探究 ChatGPT 在漏洞管理任务中的能力": "https://mp.weixin.qq.com/s?__biz=MzA4ODYzMjU0NQ==&mid=2652317461&idx=5&sn=7becd6dc617d0acb19f79e2562a68616", + "守正创新!渊亭2024年度技术专利盘点": "https://mp.weixin.qq.com/s?__biz=MzIzNjE1ODE2OA==&mid=2660190386&idx=1&sn=174b704039498ea52de981c225c6a114", + "感恩客户信任!这些“走心”的感谢信,华青融天收下了": "https://mp.weixin.qq.com/s?__biz=MzA4Mzg1ODIzMw==&mid=2653545687&idx=1&sn=344c659736bc5350601f81b774fb5e7b", + "2015.01.26 BTC回调风险": "https://mp.weixin.qq.com/s?__biz=MzI3NTcwNTQ2Mg==&mid=2247487611&idx=1&sn=18fd52d6491638adaa14e295cbc736a9", + "【oscp】PWNLAB: INIT靶场,文件包含+源码审计,文件包含+文件上传,环境变量劫持提权,管道符绕过提权": "https://mp.weixin.qq.com/s?__biz=Mzk1NzE0ODk3Nw==&mid=2247490881&idx=1&sn=bc5d5232c3b9eab714027feb8b303dea", + "汽车通信--EE架构演变": "https://mp.weixin.qq.com/s?__biz=MzIzOTc2OTAxMg==&mid=2247549667&idx=1&sn=279f461a3ed455bdd2ae0903dabb3c92", + "从车端BLE浅谈CCC数字钥匙协议": "https://mp.weixin.qq.com/s?__biz=MzIzOTc2OTAxMg==&mid=2247549667&idx=2&sn=0811546318e3ca7bdc0316b45ea571ac", + "“信”任满载 | 珞安科技喜获工业信息安全产业发展联盟感谢信": "https://mp.weixin.qq.com/s?__biz=MzU2NjI5NzY1OA==&mid=2247512289&idx=1&sn=908ffe6082a9a6fec195854453b2950f", + "微信红包封面": "https://mp.weixin.qq.com/s?__biz=Mzg4Njk2NTEyMg==&mid=2247483831&idx=1&sn=8d6c33fbdd5791fb8300379fd98e91b9", + "恶意样本分析环境搭建以及工具介绍": "https://mp.weixin.qq.com/s?__biz=MzA4ODEyODA3MQ==&mid=2247490186&idx=1&sn=dbccef63b6ad18308eec7ebf88455def", + "政策解读 |《关于促进企业数据资源开发利用的意见》": "https://mp.weixin.qq.com/s?__biz=MzUzODYyMDIzNw==&mid=2247516967&idx=1&sn=4874ebe75bed1db300d89dce5834f9c5", + "通知 | 《中国人民银行业务领域网络安全事件报告管理办法(征求意见稿)》公开征求意见": "https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235817&idx=1&sn=fc21c6dca1cb7fc755540bf1a276b4b8", + "通知 | 市场监管总局就《网络交易合规数据报送管理暂行办法(征求意见稿)》公开征求意见(附全文)": "https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235817&idx=2&sn=06ab12bffe83179be743b7574a46733f", + "王小洪:以更大的决心和力度 推动打击治理电信网络诈骗工作向纵深发展": "https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235817&idx=3&sn=a50ca75a1c03205901b7729871f25d56", + "专家解读 | 构建以统一底座为支撑的数据流通利用设施": "https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235817&idx=4&sn=5076068c4750dd6b85b48aa9607d94b1", + "通知 | 网安标委发布《网络安全标准实践指南——人脸识别支付场景个人信息安全保护要求》(附全文)": "https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235817&idx=5&sn=be29f8aa62961fd03e70b0971dd8282d", + "通知 | 网安标委就《人工智能安全标准体系(V1.0)(征求意见稿)》公开征求意见(附下载)": "https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235817&idx=6&sn=70f1d6b8d5331b791b6625561bb8d084", + "一图读懂 | 国家标准 GB/T 44886.1-2024《网络安全技术 网络安全产品互联互通 第1部分:框架》": "https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235817&idx=7&sn=d60847ac4d75129f5c475ff4f947f02b", + "墨菲安全融合切面技术带来软件供应链安全新解法": "https://mp.weixin.qq.com/s?__biz=MzU5ODgzNTExOQ==&mid=2247635813&idx=1&sn=5640a600b06ae38a11f171de3444efc6", + "知识星球 | 2024网安报告大合集发布;全球数安法规、工网安全典型案例等资源更新": "https://mp.weixin.qq.com/s?__biz=MzU5ODgzNTExOQ==&mid=2247635813&idx=2&sn=0629c6aa019db83da76bfe8bf1b7f3a9", + "一文读懂 HTTP:Web 数据交换的基石": "https://mp.weixin.qq.com/s?__biz=MzkxODc5OTg5MQ==&mid=2247484262&idx=1&sn=8881c58e7a44ccde6976fffec5b24688", + "安全不停歇!海云安春节假期服务保障通知": "https://mp.weixin.qq.com/s?__biz=MzI2MjY2NTM0MA==&mid=2247492309&idx=1&sn=3b4fae2570ee9149c849ac4fbf66e432", + "ISC2证书:拓展您的技能,获取CPE学分,以及数字徽章": "https://mp.weixin.qq.com/s?__biz=MzUzNTg4NDAyMg==&mid=2247492342&idx=1&sn=74105fe0b31c8cf47b727c8d6ab6e7e3", + "简单的反调试技术实现": "https://mp.weixin.qq.com/s?__biz=MzkzODc4NjE1OQ==&mid=2247483918&idx=1&sn=54c42da49fd35bed728491560deb1a6c", + "星火力量丨科森云获授工业互联网标识注册服务许可证": "https://mp.weixin.qq.com/s?__biz=MzU1OTUxNTI1NA==&mid=2247592220&idx=1&sn=0629157c259bc4ad53ffe1b1c1e6dc1e", + "年度回顾 | 2024年,云起无垠稳健增长": "https://mp.weixin.qq.com/s?__biz=Mzg3Mjg4NTcyNg==&mid=2247490188&idx=1&sn=db1ea3aef1e5b81176ca16742f1b0fe3", + "《网络安全标准实践指南——人脸识别支付场景个人信息安全保护要求》发布": "https://mp.weixin.qq.com/s?__biz=MjM5MzMwMDU5NQ==&mid=2649170530&idx=1&sn=eb56e7c28f15d7f726ba271e7ece33ac", + "《人工智能安全标准体系(V1.0)》(征求意见稿)公开征求意见": "https://mp.weixin.qq.com/s?__biz=MjM5MzMwMDU5NQ==&mid=2649170530&idx=2&sn=6ab0b1bf27577d10040c9a4772e327e9", + "Spring WebFlux 授权绕过:CVE-2024-38821 详解": "https://mp.weixin.qq.com/s?__biz=MzAxMjYyMzkwOA==&mid=2247527239&idx=1&sn=9121f5406d8c67b5a55ce5549891886d", + "Andariel Attack Group使用的RIF劫持技术": "https://mp.weixin.qq.com/s?__biz=MzAxMjYyMzkwOA==&mid=2247527239&idx=2&sn=7363d490c03bd1ffd6e40f947b167453", + "黑客利用 Windows RID 劫持创建隐藏的管理员帐户": "https://mp.weixin.qq.com/s?__biz=MzAxMjYyMzkwOA==&mid=2247527239&idx=3&sn=d04fb09196530f60fada44127faf8bee", + "揭秘美国新提名国家情报总监图尔西·加巴德": "https://mp.weixin.qq.com/s?__biz=MzI1OTExNDY1NQ==&mid=2651618892&idx=1&sn=a06c2c81a8b6943fd0fc827a52523cf6", + "德国发布“2030 年技术主权研究与创新 ”计划": "https://mp.weixin.qq.com/s?__biz=MzI1OTExNDY1NQ==&mid=2651618892&idx=2&sn=bc9d004e65e216d60d826a080ef8559a", + "新技术分享——页面双生(文末福利)": "https://mp.weixin.qq.com/s?__biz=MzI3OTM3OTAyNw==&mid=2247485959&idx=1&sn=6f67d3804f85e0c834d78ff6bf2b85b7", + "120个防火墙术语大全,搞安全的可以了解一下": "https://mp.weixin.qq.com/s?__biz=MzkxMzMyNzMyMA==&mid=2247570689&idx=1&sn=b710cc906a98e3d62fcb8bfad9c8fdbe", + "2024年被通报的银行App达17款,违规/超范围收集个人信息问题突出": "https://mp.weixin.qq.com/s?__biz=MzIxMDIwODM2MA==&mid=2653931477&idx=1&sn=fbe7b915ec61832d6fb46bf53fccc146", + "2025年了,还不考虑给自己一个证书吗?(内含CISP系列证书优惠报考渠道)": "https://mp.weixin.qq.com/s?__biz=MzkxNTY4NTQwMg==&mid=2247484291&idx=1&sn=29bde95e2dca3b19a0610b347f3178c3", + "自动化压缩新姿势!教你用Ansible Archive模块高效管理文件": "https://mp.weixin.qq.com/s?__biz=MjM5OTc5MjM4Nw==&mid=2457386719&idx=1&sn=57db81e4a63f769c26856d9d41432b44", + "这是年终报告,更是斗象的十年宏图": "https://mp.weixin.qq.com/s?__biz=MzU0MDI1MjUxMg==&mid=2247532639&idx=1&sn=d936ae6fee2e86aaeb9c3dae3e857b76", + "斗象科技专属「红包封面」送达,快来领取!": "https://mp.weixin.qq.com/s?__biz=MzU0MDI1MjUxMg==&mid=2247532639&idx=2&sn=f907330b308163f6f2db01cb2b2f909e", + "【重要通知】春节福利来啦!": "https://mp.weixin.qq.com/s?__biz=Mzg4NDg2NTM3NQ==&mid=2247484699&idx=1&sn=9148cb6531c19549baf07753855433f5", + "大家不要再吹DeepSeek了,大厂不屑玩的,Hugging face多如牛毛的东西呢。": "https://mp.weixin.qq.com/s?__biz=MzU4NDY3MTk2NQ==&mid=2247491046&idx=1&sn=a94d8f532ec30bf304516cee668f2cde", + "春节期间火绒将持续为您护航": "https://mp.weixin.qq.com/s?__biz=MzI3NjYzMDM1Mg==&mid=2247521917&idx=1&sn=e7a05b4ef346358b0fdb75511aab4db3", + "诚邀渠道合作伙伴共启新征程": "https://mp.weixin.qq.com/s?__biz=MzI3NjYzMDM1Mg==&mid=2247521917&idx=2&sn=742c0d32b70556b96dfa343540c46342", + "2025网络安全人员必考的11个证书清单": "https://mp.weixin.qq.com/s?__biz=Mzg4MTg0MjQ5OA==&mid=2247487874&idx=1&sn=c1698a66dae492094d2e61dfcc0d242a", + "中国网络空间安全协会关于征集2025年拟制修订团体标准项目的通知": "https://mp.weixin.qq.com/s?__biz=MzA3ODE0NDA4MA==&mid=2649401264&idx=1&sn=65f9e9b8d48797c3493e0d4e4302b11d", + "春节假期我在岗!网络安全不打烊,中孚信息全国护航": "https://mp.weixin.qq.com/s?__biz=MzAxMjE1MDY0NA==&mid=2247508822&idx=1&sn=980a02957ab1a453dc84d48ee3167555", + "邑安科技安全团队祝您蛇年大吉!": "https://mp.weixin.qq.com/s?__biz=MzUyMzczNzUyNQ==&mid=2247523220&idx=1&sn=a3bd507ae7170032f9093f5e09f3d681", + "中国人民银行:《中国人民银行业务领域网络安全事件报告管理办法》公开征求意见": "https://mp.weixin.qq.com/s?__biz=MzI5NTM4OTQ5Mg==&mid=2247634072&idx=1&sn=69a00968cfe394216ecf8cd744996f7b", + "《网络安全标准实践指南——人脸识别支付场景个人信息安全保护要求》正式发布": "https://mp.weixin.qq.com/s?__biz=MzI5NTM4OTQ5Mg==&mid=2247634072&idx=2&sn=5ee8a3225fede1acaf296efe42f8a8d6", + "2024年我国通信业统计公报": "https://mp.weixin.qq.com/s?__biz=MzI5NTM4OTQ5Mg==&mid=2247634072&idx=3&sn=79fecc58a4fae1035ff2df72ebe37fba", + "美国前中央情报局分析师承认泄露国防信息": "https://mp.weixin.qq.com/s?__biz=MzI5NTM4OTQ5Mg==&mid=2247634072&idx=4&sn=b18d5edeae882104e1ed6c06fece7d90", + "一款好用的笔记软件-Obsidian": "https://mp.weixin.qq.com/s?__biz=Mzk0Mjg4MTQxMw==&mid=2247485843&idx=1&sn=0477c6dc6378a308253374a86ec7fed2", + "春节不打烊 | 爱加密春节保障通知": "https://mp.weixin.qq.com/s?__biz=MjM5NzU4NjkyMw==&mid=2650747923&idx=1&sn=f6d6bc57958228bc3e9de651112c11d6", + "水一篇,分析一下为什么网安现在价格逐渐降低": "https://mp.weixin.qq.com/s?__biz=MzkxMTUwOTY1MA==&mid=2247490108&idx=1&sn=585516240547410007b55abdaab0523c", + "WPS国际汉化版": "https://mp.weixin.qq.com/s?__biz=MzkyOTQyOTk3Mg==&mid=2247485043&idx=1&sn=dd1561926214336ac75c0f0a094e5c1e", + "学生=牛马": "https://mp.weixin.qq.com/s?__biz=MzkyMDUzMzY1MA==&mid=2247499523&idx=1&sn=885a7333acadc606843bffe9cfc47910", + "UDE使用教程": "https://mp.weixin.qq.com/s?__biz=Mzg2NTYxOTcxMw==&mid=2247493292&idx=1&sn=8658baebe1444b03f65468cf6eb53003", + "AUTOSAR项目实战(4)-MCU模块配置实践": "https://mp.weixin.qq.com/s?__biz=Mzg2NTYxOTcxMw==&mid=2247493292&idx=2&sn=0f46ac9d9c3e9cdc5cfcf7b33dc11802", + "江西神舟信息安全评估中心祝大家新春快乐!": "https://mp.weixin.qq.com/s?__biz=MzUzNTk2NTIyNw==&mid=2247490668&idx=1&sn=cbfb448733921eaa5c169e399be8d870", + "《Java代码审计零基础入门到项目实战》线上课程开始招生啦!五十多节课,低至499,多重福利来袭!": "https://mp.weixin.qq.com/s?__biz=Mzg3MDU1MjgwNA==&mid=2247487187&idx=1&sn=a5b4e03338f048be762f36b8de56b629", + "【吃瓜】中介真的能狠到这种程度?": "https://mp.weixin.qq.com/s?__biz=MzU3MjU4MjM3MQ==&mid=2247489709&idx=1&sn=3a3fbbf54d93e98aee7977852cd8b2f2", + "如何用 Wireshark 高效过滤 IP 地址": "https://mp.weixin.qq.com/s?__biz=MzA5NTUxODA0OA==&mid=2247493136&idx=1&sn=1aa73818f07a20e1a148440f0888e6b9", + "信息安全专业毕业三年的总结": "https://mp.weixin.qq.com/s?__biz=MzU5OTU3NDEzOQ==&mid=2247492794&idx=1&sn=a7850c2ef60b49fd8e4e47e4d7151678", + "黑客利用伪造的恶意软件构建器感染了18000个“script kiddies”": "https://mp.weixin.qq.com/s?__biz=MzI0MDY1MDU4MQ==&mid=2247580992&idx=1&sn=d64510306e9db3532091d13213d4b0ef", + "信任满满|观安信息收到中国工业互联网研究院感谢信": "https://mp.weixin.qq.com/s?__biz=MzIxNDIzNTcxMg==&mid=2247506755&idx=1&sn=0b72b1a348c2865aac5d1e417963c65c", + "ES::Portscan 超高速端口扫描器": "https://mp.weixin.qq.com/s?__biz=Mzg3NzUyMTM0NA==&mid=2247487931&idx=1&sn=c656471a589fd9c5f1a469c527a9fb2b", + "在解释型语言内部运行:进攻性 Python 编程": "https://mp.weixin.qq.com/s?__biz=MzAxODM5ODQzNQ==&mid=2247486780&idx=1&sn=b3562931f45a8b072576a85f503b920a", + "开源情报|国际动态|美军推进NGC2计划": "https://mp.weixin.qq.com/s?__biz=Mzg2NTcyNjU4Nw==&mid=2247485884&idx=1&sn=8ccd9e4abf845a08af7a6494a0486132", + "“金蛇”耀目来袭!蜚语科技(动态)红包封面U0001f9e7惊喜上线,超炫速领!": "https://mp.weixin.qq.com/s?__biz=MzI5NzI5NzY1MA==&mid=2247491098&idx=1&sn=1f711bf469ddfc3b88973b84b4d78fa6", + "思科曝9.9分关键权限提升漏洞;|知名车企漏洞:只需车牌号,就能远程监控劫持数百万辆车": "https://mp.weixin.qq.com/s?__biz=MzAxMjE3ODU3MQ==&mid=2650607310&idx=1&sn=fd7cbe9d4363d477ead1d88c79cddbc6", + "万事达卡爆出致命DNS错误配置": "https://mp.weixin.qq.com/s?__biz=MzAxMjE3ODU3MQ==&mid=2650607310&idx=2&sn=f5d78211039982a7bb244623c11975f5", + "探寻Bottle框架内存马": "https://mp.weixin.qq.com/s?__biz=MzAxMjE3ODU3MQ==&mid=2650607310&idx=3&sn=8b5bb34f48ddd5f55a4253e2974d1323", + "10个神一般的Windows一键取证神器": "https://mp.weixin.qq.com/s?__biz=MzAxMjE3ODU3MQ==&mid=2650607310&idx=4&sn=c437cef9321ee7b3f502dee21be73d80", + "携程SRC漏洞贡献值排行榜奖励揭晓": "https://mp.weixin.qq.com/s?__biz=MzAwOTczODMxMw==&mid=2651017526&idx=1&sn=e452849723ece70271aac0e8c9bba31e", + "特色专题 | 密态计算技术发展研究": "https://mp.weixin.qq.com/s?__biz=MzkwMTMyMDQ3Mw==&mid=2247597665&idx=1&sn=9cf8233b83e6648293c3f0026199d53b", + "2025春节放假通知!": "https://mp.weixin.qq.com/s?__biz=MzkwMTMyMDQ3Mw==&mid=2247597665&idx=2&sn=62e92b9613bdd6576ffd24ded8d94b48", + "智启创信变革,共谱网安华章——创信华通2025新春年会圆满落幕": "https://mp.weixin.qq.com/s?__biz=MzUxNTQxMzUxMw==&mid=2247524967&idx=1&sn=99ddad0ce4e858ff9ed36863785fff4c", + "网安项目价格:600->550->150->快tm给我五百": "https://mp.weixin.qq.com/s?__biz=MzkyOTQzNjIwNw==&mid=2247491510&idx=1&sn=8e5798a963cc4b685595435d49a96d24", + "今晚一起聊聊提升认知和最近的思考": "https://mp.weixin.qq.com/s?__biz=MzIyOTAxOTYwMw==&mid=2650236955&idx=1&sn=8727f67fded4278c8abd5fd3b2476443" + }, + "嘶吼 RoarTalk – 网络安全行业综合服务平台,4hou.com": { + "黑客利用伪造的恶意软件构建器感染了18,000个“script kiddies”": "https://www.4hou.com/posts/yzAR", + "新的 DoubleClickjacking 攻击利用双击来劫持帐户": "https://www.4hou.com/posts/vwJn" + }, + "Recent Commits to cve:main": { + "Update Sun Jan 26 20:11:42 UTC 2025": "https://github.com/trickest/cve/commit/f22674c92d9c9d36dc7fccc765ad1a5cd605dddd", + "Update Sun Jan 26 12:25:12 UTC 2025": "https://github.com/trickest/cve/commit/d08b1078577025607e08eeed5db925268172e62f", + "Update Sun Jan 26 04:23:53 UTC 2025": "https://github.com/trickest/cve/commit/4054876b4ba4a47e7bcfa06db4f05bdb490c72b7" + }, + "Blogs dade": { + "Weekly Retro 2025-W04": "https://0xda.de/blog/2025/01/weekly-retro-2025-w04/" + }, + "Bug Bounty in InfoSec Write-ups on Medium": { + "Unlock the Full Potential of the Wayback Machine for Bug Bounty": "https://infosecwriteups.com/unlock-the-full-potential-of-the-wayback-machine-for-bug-bounty-8b6f57e2637d?source=rss----7b722bfd1b8d--bug_bounty" + }, + "hasherezade's 1001 nights": { + "Process Hollowing on Windows 11 24H2": "https://hshrzd.wordpress.com/2025/01/27/process-hollowing-on-windows-11-24h2/" + }, + "Twitter @bytehx": { + "Re @0xdef1ant Congrats 🎉🎉🎉": "https://x.com/bytehx343/status/1883378858269020361" + }, + "FreeBuf网络安全行业门户": { + "[Meachines] [Easy] Academy Laravel-RCE+TRP00F权限提升+audit服务日志权限提升+composer权限提升": "https://www.freebuf.com/articles/web/420868.html", + "Bombon 方法论:我将如何测试Web缓存漏洞": "https://www.freebuf.com/articles/web/420867.html", + "[Meachines] [Easy] Bank balance-transfer目录泄露+etcpasswd权限提升+SUID emergency权限提升": "https://www.freebuf.com/articles/web/420863.html", + "Pwn2Own Automotive2025落幕,累计成功利用49个零日漏洞": "https://www.freebuf.com/news/420848.html", + "[Meachines] [Easy] Bashed PHP Bash+Python计划任务权限提升": "https://www.freebuf.com/articles/web/420843.html", + "Meta的Llama框架漏洞使AI系统面临远程代码执行风险": "https://www.freebuf.com/vuls/420864.html", + "FreeBuf早报 | 这些“春节福利”都是诈骗陷阱;思科警告ClamAV漏洞出现PoC利用代码": "https://www.freebuf.com/news/420840.html", + "Microsoft Entra ID允许普通用户更新自己的UPN": "https://www.freebuf.com/news/420832.html" + }, + "奇客Solidot–传递最新科技情报": { + "GLP-1RA 的益处和风险": "https://www.solidot.org/story?sid=80431", + "研究人员发现中欧电网用非加密无线信号控制": "https://www.solidot.org/story?sid=80430", + "甲骨文等正在谈判接手 TikTok 美国业务": "https://www.solidot.org/story?sid=80428", + "小鼠研究发现微塑料会堵塞大脑血液流动": "https://www.solidot.org/story?sid=80427", + "ADHD 患者有更短的预期寿命": "https://www.solidot.org/story?sid=80426", + "研究称电动汽车的寿命与燃油汽车相差无几": "https://www.solidot.org/story?sid=80425" + }, + "威努特安全网络": { + "威努特春节假期业务保障通知": "https://mp.weixin.qq.com/s?__biz=MzAwNTgyODU3NQ==&mid=2651130894&idx=1&sn=a739a4aa1a6a2ba1ed852c001b054cac&chksm=80e716beb7909fa8843b696e0efcf422e23be1815fd7fbc7f4daca4d26fd047631f3160f831e&scene=58&subscene=0#rd", + "蛇年限定!特特祝您蛇跃新程,专属红包封面大派送": "https://mp.weixin.qq.com/s?__biz=MzAwNTgyODU3NQ==&mid=2651130893&idx=1&sn=93968e179aca1422e0b570785a21350a&chksm=80e716bdb7909fabc3fa203233b7fe9dea90e57a1941fca61e177b66b0e669412cb233f32eac&scene=58&subscene=0#rd" + }, + "吾爱破解论坛": { + "【活动】感动吾爱2024优秀会员评选活动(总方案)": "https://mp.weixin.qq.com/s?__biz=MjM5Mjc3MDM2Mw==&mid=2651141640&idx=1&sn=c7380d0293c9463bb911500de75e6466&chksm=bd50a65c8a272f4a8312beef94ff17af41e1da141c344f6e9a4f5297c2be895e52abecf53ef3&scene=58&subscene=0#rd" + }, + "丁爸 情报分析师的工具箱": { + "【资料】数学大杀器": "https://mp.weixin.qq.com/s?__biz=MzI2MTE0NTE3Mw==&mid=2651148696&idx=1&sn=898da3a09a42c00a39a6f4178656ff59&chksm=f1af26a2c6d8afb4fb5ba4db233123601088c22139ec75c8e7c53136ed50505603f230c105ae&scene=58&subscene=0#rd" + }, + "安全圈": { + "【安全圈】安全圈恭祝大家:新年快乐~": "https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067622&idx=1&sn=b905decd9f92c3687f021950a11cf89f&chksm=f36e7b66c419f2704293e2da9dd1732a0ac8785b07a9defa259a712df9c0b64a24b38e366bb1&scene=58&subscene=0#rd", + "【安全圈】Microsoft Entra ID允许普通用户更新自己的UPN": "https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067622&idx=2&sn=a56656b05bfd9f42f777c577cffe85e3&chksm=f36e7b66c419f2708526e2e4cf320f327b2b10e54589e7f1f7332c0aaab95c830b6fe1e99286&scene=58&subscene=0#rd", + "【安全圈】黑客利用Windows RID劫持技术创建隐藏管理员账户": "https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067622&idx=3&sn=ad95819ae6f36cb189f9da9618fff556&chksm=f36e7b66c419f270b763f53a6b467d57fb473ad42b2f070ef2b5ef85e28fe5a6a216883110c8&scene=58&subscene=0#rd" + }, + "dotNet安全矩阵": { + "感恩回馈!dot.Net安全矩阵与 NOP Team 安全团队共庆 SoapShell 项目新突破": "https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498461&idx=1&sn=c89203d98fd373a5323694401d4eee08&chksm=fa595430cd2edd26502b5d69a1747efcd9ce1cb574936412319dc22ee9b8eeae7e24972e0751&scene=58&subscene=0#rd", + ".NET 第 56 期红队武器库和资源汇总": "https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498461&idx=2&sn=60a67fa4d6b0ab13ce54974a473dfcab&chksm=fa595430cd2edd265f6d792bb13109ecef4975bbf86b6cbe3d23e6cefc38191e742bc24dd549&scene=58&subscene=0#rd", + "内网痕迹清理,通过 Sharp4ModifyTime 伪造文件时间戳": "https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498461&idx=3&sn=2626f54c3fe728d0e72c4b26794f1458&chksm=fa595430cd2edd26a574fe2967cd3ed4ca807ba91f50806c2e0a4b1a9f6ac27d109181aadb58&scene=58&subscene=0#rd" + }, + "电子物证": { + "【域外个人生物识别信息保护模式考察】": "https://mp.weixin.qq.com/s?__biz=MzAwNDcwMDgzMA==&mid=2651048266&idx=1&sn=8334dbe01a95b5daf8e63ee699ada254&chksm=80d086bbb7a70fade14c6a8d0dce906ad10af5799f8393fe9a43ab628cbbb1d034b401020b9a&scene=58&subscene=0#rd", + "【侵犯公民个人信息罪审判实践中的若干问题】": "https://mp.weixin.qq.com/s?__biz=MzAwNDcwMDgzMA==&mid=2651048266&idx=2&sn=1f9c690e7d098eef6acaf5815921e9b7&chksm=80d086bbb7a70fad571ce986ba0d665958fea2b1e596aa19575f34d88c816db0c9339a374a52&scene=58&subscene=0#rd" + }, + "火绒安全": { + "春节期间火绒将持续为您护航": "https://mp.weixin.qq.com/s?__biz=MzI3NjYzMDM1Mg==&mid=2247521917&idx=1&sn=e7a05b4ef346358b0fdb75511aab4db3&chksm=eb704842dc07c154240b11635ca9b61eecbb8c5b6156e882e68f819af8d39f6377d5bc72b5af&scene=58&subscene=0#rd", + "诚邀渠道合作伙伴共启新征程": "https://mp.weixin.qq.com/s?__biz=MzI3NjYzMDM1Mg==&mid=2247521917&idx=2&sn=742c0d32b70556b96dfa343540c46342&chksm=eb704842dc07c154ffccdb4837b259ec39c35268890217c2498250f931a95febe081d7cebe18&scene=58&subscene=0#rd" + }, + "威胁棱镜": { + "2024 年云威胁报告": "https://mp.weixin.qq.com/s?__biz=MzkyMzE5ODExNQ==&mid=2247487641&idx=1&sn=a8898a47e93d5fab2dcffdfc8e8f4d37&chksm=c1e9e755f69e6e439ce0173ca28cc38881d507533e17d3e4e34bdf6bf25b87d406b04f9ea080&scene=58&subscene=0#rd" + }, + "慢雾科技": { + "喜迎七周年|守正出奇,安全出彩": "https://mp.weixin.qq.com/s?__biz=MzU4ODQ3NTM2OA==&mid=2247501022&idx=1&sn=9b1b6cacc81fcfd8cbe9cc1b220e1832&chksm=fddeba59caa9334f36aab17997af5899a4932950b03dd231b9d922dd6d8c0944f18b1e8729c3&scene=58&subscene=0#rd" + }, + "网安国际": { + "【InForSec 2025年会顶会论文回顾】陈熠豪: 语义驱动的互联网路由异常检测系统": "https://mp.weixin.qq.com/s?__biz=MzA4ODYzMjU0NQ==&mid=2652317461&idx=1&sn=777cc0e34a153ddeb9a61aeeb97cb500&chksm=8bc4ba9bbcb3338d0e6d08f4448934f0ea1f378886cef1f7bbb083452f4197a84e9b5673bbd8&scene=58&subscene=0#rd", + "【InForSec 2025年会顶会论文回顾】张允义:权威服务之殇:你的权威服务器配置真的安全么?": "https://mp.weixin.qq.com/s?__biz=MzA4ODYzMjU0NQ==&mid=2652317461&idx=2&sn=54da24564ffa3c07f1e7add2df9eb838&chksm=8bc4ba9bbcb3338d35bcb7d908867c9c8c15fd285e4b56fa6f28b69429bf1ccb45557acdfa39&scene=58&subscene=0#rd", + "【InForSec 2025年会顶会论文回顾】刘超:面向安全的无线感知技术": "https://mp.weixin.qq.com/s?__biz=MzA4ODYzMjU0NQ==&mid=2652317461&idx=3&sn=f3f0dbe8a32fb4a3eb373ef17242552f&chksm=8bc4ba9bbcb3338d5b8f49b10b3fb3b5368b7f82ef18529e5924ccf52dd64b8d1c96657c6f35&scene=58&subscene=0#rd", + "【InForSec 2025年会顶会论文回顾】林云: 基于参照的钓鱼欺诈检测技术的自动化知识赋能": "https://mp.weixin.qq.com/s?__biz=MzA4ODYzMjU0NQ==&mid=2652317461&idx=4&sn=1eb9c732f3567dab37b7614d41b959ef&chksm=8bc4ba9bbcb3338dec2da9d7a1ab5e37aa5af271e4b69a949d6a87d521b4a5e856e7269e02c3&scene=58&subscene=0#rd", + "【InForSec 2025年会顶会论文回顾】刘沛宇:探究 ChatGPT 在漏洞管理任务中的能力": "https://mp.weixin.qq.com/s?__biz=MzA4ODYzMjU0NQ==&mid=2652317461&idx=5&sn=7becd6dc617d0acb19f79e2562a68616&chksm=8bc4ba9bbcb3338d471b5f27bb2983f32ebb8b14c928d3ddbf68b363b2b7a2700e9ca475d8bc&scene=58&subscene=0#rd" + }, + "安全牛": { + "看不见的AI安全威胁,揭秘隐形提示注入风险": "https://mp.weixin.qq.com/s?__biz=MjM5Njc3NjM4MA==&mid=2651134990&idx=1&sn=701c1c672e4859e10d8a989e92cfb9b5&chksm=bd15acdd8a6225cb5ec58575e05024b4512f90cf414c4929ea5550ca0ce63abe76610f3c4bcb&scene=58&subscene=0#rd", + "航空防务公司Stark被曝遭遇勒索攻击,4TB机密数据疑被窃取;华硕意外泄露AMD处理器漏洞,补丁被提前公开 | 牛览": "https://mp.weixin.qq.com/s?__biz=MjM5Njc3NjM4MA==&mid=2651134990&idx=2&sn=58403bc9b1f187d4eeb8a0040555e426&chksm=bd15acdd8a6225cb148a4aac712178ac0f5b93c6a31929a25b66f04ad2541cae3e31269ab937&scene=58&subscene=0#rd" + }, + "嘶吼专业版": { + "黑客利用伪造的恶意软件构建器感染了18000个“script kiddies”": "https://mp.weixin.qq.com/s?__biz=MzI0MDY1MDU4MQ==&mid=2247580992&idx=1&sn=d64510306e9db3532091d13213d4b0ef&chksm=e9146d7ade63e46c7077b4b663c858f41dc3369b4ed1d4dadd5718249441857a6a2dbd2bc693&scene=58&subscene=0#rd" + }, + "极客公园": { + "AI 2025 的硅谷答案:60 条关键洞察": "https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653072853&idx=1&sn=264541a441694d5b98b8c1fd4c2e741c&chksm=7e57d063492059755041e560b50e916fa65df25e081a78c7cf689a694849dbbbf5147f212ab2&scene=58&subscene=0#rd", + "雷军龙年压轴直播被平台封禁;阅文短剧上线 7 天流水超 5000 万;苹 CEO 库克客串美剧《人生切割术》曝光 | 极客早知道": "https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653072840&idx=1&sn=1d72852808d7e99c644154b8b17f3396&chksm=7e57d07e492059689f222cd36fafa7a4b981548e2406a4907f7649f29414d437aba543b35147&scene=58&subscene=0#rd" + }, + "吴鲁加": { + "喜欢,简单,长期": "https://mp.weixin.qq.com/s?__biz=Mzg5NDY4ODM1MA==&mid=2247485159&idx=1&sn=f380bfe92c8a34de1efd46f61388b182&chksm=c01a8bd6f76d02c0279595a65a06ccf64607ece8164156c06c9f84a8931e3c69827cc002ef19&scene=58&subscene=0#rd" + }, + "中国信息安全": { + "通知 | 《中国人民银行业务领域网络安全事件报告管理办法(征求意见稿)》公开征求意见": "https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235817&idx=1&sn=fc21c6dca1cb7fc755540bf1a276b4b8&chksm=8b5801d0bc2f88c64b2b33a32ff1a4843f115dc87b187875b035e581478bac28fa6bbd2edce9&scene=58&subscene=0#rd", + "通知 | 市场监管总局就《网络交易合规数据报送管理暂行办法(征求意见稿)》公开征求意见(附全文)": "https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235817&idx=2&sn=06ab12bffe83179be743b7574a46733f&chksm=8b5801d0bc2f88c60c136de3cf22a57e9bf3c67399afa6460b98658f345884af8af9f9530e65&scene=58&subscene=0#rd", + "王小洪:以更大的决心和力度 推动打击治理电信网络诈骗工作向纵深发展": "https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235817&idx=3&sn=a50ca75a1c03205901b7729871f25d56&chksm=8b5801d0bc2f88c61f7af6b54d6e354c22a2a5efd4fde9f1e076a1e06c36c2d5c59c916711ad&scene=58&subscene=0#rd", + "专家解读 | 构建以统一底座为支撑的数据流通利用设施": "https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235817&idx=4&sn=5076068c4750dd6b85b48aa9607d94b1&chksm=8b5801d0bc2f88c6579c93f85b9547010ec4fef616426845f7307a2f90ba0776caf33093fc32&scene=58&subscene=0#rd", + "通知 | 网安标委发布《网络安全标准实践指南——人脸识别支付场景个人信息安全保护要求》(附全文)": "https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235817&idx=5&sn=be29f8aa62961fd03e70b0971dd8282d&chksm=8b5801d0bc2f88c6f066bb15865a68ae0fcd446f4e1d5e2d09e8e7280ec917f3de8e84e77638&scene=58&subscene=0#rd", + "通知 | 网安标委就《人工智能安全标准体系(V1.0)(征求意见稿)》公开征求意见(附下载)": "https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235817&idx=6&sn=70f1d6b8d5331b791b6625561bb8d084&chksm=8b5801d0bc2f88c6f5531c9b3013de16ecdbd285242b3a7d9b224e56752ab1c7ef4b1bd671f8&scene=58&subscene=0#rd", + "一图读懂 | 国家标准 GB/T 44886.1-2024《网络安全技术 网络安全产品互联互通 第1部分:框架》": "https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235817&idx=7&sn=d60847ac4d75129f5c475ff4f947f02b&chksm=8b5801d0bc2f88c64b2abdb1d1f4dcf8620e389597584c19fc47849b0b65a88f77183078abde&scene=58&subscene=0#rd" + }, + "白帽子章华鹏": { + "今晚一起聊聊提升认知和最近的思考": "https://mp.weixin.qq.com/s?__biz=MzIyOTAxOTYwMw==&mid=2650236955&idx=1&sn=8727f67fded4278c8abd5fd3b2476443&chksm=f04ad2a7c73d5bb1a4a24843828005600ab641a02488e6c7920e86b55341f92ee103dbfade7e&scene=58&subscene=0#rd" + }, + "IT Service Management News": { + "Aggiornamento legislativo 2025": "http://blog.cesaregallotti.it/2025/01/aggiornamento-legislativo-2025.html" + }, + "希潭实验室": { + "第115篇:俄乌网络战之二,乌克兰第2次大停电事件复盘": "https://mp.weixin.qq.com/s?__biz=MzkzMjI1NjI3Ng==&mid=2247487377&idx=1&sn=f529c0ec1eb1c2822155f2a03f0c7fbd&chksm=c25fc0eaf52849fc0d9633208b5bad2676a3b64410c0fe687f919721bb83b607980f9a97c200&scene=58&subscene=0#rd" + }, + "Over Security - Cybersecurity news aggregator": { + "Ransomware gang uses SSH tunnels for stealthy VMware ESXi access": "https://www.bleepingcomputer.com/news/security/ransomware-gang-uses-ssh-tunnels-for-stealthy-vmware-esxi-access/", + "UnitedHealth now says 190 million impacted by 2024 data breach": "https://www.bleepingcomputer.com/news/security/unitedhealth-now-says-190-million-impacted-by-2024-data-breach/" + }, + "迪哥讲事": { + "实战中的WebService利⽤⽅法": "https://mp.weixin.qq.com/s?__biz=MzIzMTIzNTM0MA==&mid=2247496952&idx=1&sn=fdb338f5ff8cf421424cfcc5c01bfbb7&chksm=e8a5fe9bdfd2778d4c2584e6f5e6b3ce81120dca35669befee62af7d00ae7ada9b06c0dc02fe&scene=58&subscene=0#rd" + }, + "洞源实验室": { + "安全产品应该如何有效落地?": "https://mp.weixin.qq.com/s?__biz=Mzg4Nzk3MTg3MA==&mid=2247487714&idx=1&sn=7dd60003f789bb02de5697f066178557&chksm=cf831993f8f49085ac4f83bcdee9d23f74fbdb0297c9e38cf9fdc4b9788ecaac632088714056&scene=58&subscene=0#rd" + }, + "Computer Forensics": { + "SOPs -standard operating procedures in DFIR?": "https://www.reddit.com/r/computerforensics/comments/1iap5m1/sops_standard_operating_procedures_in_dfir/", + "Advice for Someone Interested in Digital Forensics": "https://www.reddit.com/r/computerforensics/comments/1ia9pmk/advice_for_someone_interested_in_digital_forensics/", + "DF on the side as a LEO": "https://www.reddit.com/r/computerforensics/comments/1ia5vc7/df_on_the_side_as_a_leo/" + }, + "TorrentFreak": { + "Appeals Court Affirms U.S. Navy Should Pay $154k in Piracy Damages, not $155m": "https://torrentfreak.com/appeals-court-affirms-that-u-s-navy-should-pay-154k-in-piracy-damages-not-155m-250126/" + }, + "Security Affairs": { + "Change Healthcare data breach exposed the private data of over half the U.S.": "https://securityaffairs.com/173467/data-breach/change-healthcare-data-breach-190m-people.html", + "SECURITY AFFAIRS MALWARE NEWSLETTER – ROUND 30": "https://securityaffairs.com/173461/malware/security-affairs-malware-newsletter-round-30.html", + "Security Affairs newsletter Round 508 by Pierluigi Paganini – INTERNATIONAL EDITION": "https://securityaffairs.com/173454/breaking-news/security-affairs-newsletter-round-508-by-pierluigi-paganini-international-edition.html", + "Cisco warns of a ClamAV bug with PoC exploit": "https://securityaffairs.com/173446/uncategorized/cisco-fixed-clamav-dos-flaw.html" + }, + "Hacking Exposed Computer Forensics Blog": { + "Daily Blog #729: Solution Saturday 1/25/25": "https://www.hecfblog.com/2025/01/daily-bloh-729-solution-saturday-12525.html" + }, + "Technical Information Security Content & Discussion": { + "Clone2Leak: Your Git Credentials Belong To Us": "https://www.reddit.com/r/netsec/comments/1iagp0v/clone2leak_your_git_credentials_belong_to_us/", + "WorstFit: Unveiling Hidden Transformers in Windows ANSI": "https://www.reddit.com/r/netsec/comments/1iarjw6/worstfit_unveiling_hidden_transformers_in_windows/" + }, + "Information Security": { + "Question regarding wireless interefence": "https://www.reddit.com/r/Information_Security/comments/1iakb4j/question_regarding_wireless_interefence/", + "Do you know of somebody who got hacked for using an older/unsupported phone?": "https://www.reddit.com/r/Information_Security/comments/1iasbmc/do_you_know_of_somebody_who_got_hacked_for_using/" + }, + "Jack Hacks": { + "So You Want To Work in Cyber Security?": "https://jhalon.github.io/breaking-into-cyber-security/" + }, + "Your Open Hacker Community": { + "good hacking movies/series like mr robot?": "https://www.reddit.com/r/HowToHack/comments/1iahrnk/good_hacking_moviesseries_like_mr_robot/", + "Huge collection of hacking related learning material and books for free.(Found it on darkweb ,looks legit)": "https://www.reddit.com/r/HowToHack/comments/1ias0x4/huge_collection_of_hacking_related_learning/", + "Best place to find mentees?": "https://www.reddit.com/r/HowToHack/comments/1iadjac/best_place_to_find_mentees/", + "how can I get maltego to add data sources when it was offline activated?": "https://www.reddit.com/r/HowToHack/comments/1iat8pa/how_can_i_get_maltego_to_add_data_sources_when_it/", + "I need help with a generator bot": "https://www.reddit.com/r/HowToHack/comments/1iaseq6/i_need_help_with_a_generator_bot/", + "What are some good cybersecurity project ideas?": "https://www.reddit.com/r/HowToHack/comments/1iar1c2/what_are_some_good_cybersecurity_project_ideas/", + "Can someone somehow see what other people are typing on a whatsapp group or private chat?": "https://www.reddit.com/r/HowToHack/comments/1iaqkds/can_someone_somehow_see_what_other_people_are/", + "Restore exe file code written in Python.": "https://www.reddit.com/r/HowToHack/comments/1iaje21/restore_exe_file_code_written_in_python/", + "Passware password recovery": "https://www.reddit.com/r/HowToHack/comments/1ia4c8z/passware_password_recovery/", + "I got a roblox account user and password i want change email": "https://www.reddit.com/r/HowToHack/comments/1iarpig/i_got_a_roblox_account_user_and_password_i_want/", + "Help with arduino bad usb I’m making": "https://www.reddit.com/r/HowToHack/comments/1ia6d1w/help_with_arduino_bad_usb_im_making/", + "how do people inject a certain code to a device using a usb?": "https://www.reddit.com/r/HowToHack/comments/1ia3sls/how_do_people_inject_a_certain_code_to_a_device/", + "Im genuinely curious, how do people hack": "https://www.reddit.com/r/HowToHack/comments/1ia3j94/im_genuinely_curious_how_do_people_hack/" + }, + "Social Engineering": { + "Social constructs": "https://www.reddit.com/r/SocialEngineering/comments/1ianqbu/social_constructs/" + }, + "The Hacker News": { + "Meta's Llama Framework Flaw Exposes AI Systems to Remote Code Execution Risks": "https://thehackernews.com/2025/01/metas-llama-framework-flaw-exposes-ai.html" + } +} \ No newline at end of file diff --git a/today.md b/today.md index ab559dbbf3..c896d9c7fd 100644 --- a/today.md +++ b/today.md @@ -1,293 +1,303 @@ -# 每日安全资讯(2025-01-26) +# 每日安全资讯(2025-01-27) -- Doonsec's feed - - [ ] [警惕|售前入狱指南:这位售前你距离坐牢不远了!](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485458&idx=1&sn=9c60eaa180e3edb21006f196ba6c6518) - - [ ] [北七家-未来科学城,3居变4居豪装,理想楼层/户型/朝向](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485458&idx=2&sn=19fb3438286fd12eb54126cd7136650d) - - [ ] [【干货】笑傲职场的独家经验(1)](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485458&idx=3&sn=ad9e291ae7c68eaafb4b70da0eef178b) - - [ ] [【干货原创】实网攻防演习常态化,会带来什么变化01](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485458&idx=4&sn=8567b1848a15aab3cee265d3e05a46fd) - - [ ] [【干货原创】K12教育,鲜为人知的模式秘密](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485458&idx=5&sn=92aa960ab33f52675d9b6b79b5ed7ea4) - - [ ] [原创文章目录](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485458&idx=6&sn=b77d297edf19d3464057813560074b7e) - - [ ] [揭秘渗透测试:网络安全的“攻防演练”](https://mp.weixin.qq.com/s?__biz=MzkzNzg3NzQxMQ==&mid=2247485725&idx=1&sn=8d1e5ccb6b7c188932d3595352f0f8a0) - - [ ] [缓冲区溢出学习及漏洞复现](https://mp.weixin.qq.com/s?__biz=Mzg3OTUxNTU2NQ==&mid=2247490021&idx=1&sn=028614c59fd8634bc196652737ddd7a3) - - [ ] [渗透技巧 | 小白都能会的通用漏洞挖掘技巧](https://mp.weixin.qq.com/s?__biz=Mzg3OTUxNTU2NQ==&mid=2247490021&idx=2&sn=78ca373b771055bfce301e58e2d94839) - - [ ] [红队视角:揭秘内网提权的技术迷宫](https://mp.weixin.qq.com/s?__biz=Mzg3OTUxNTU2NQ==&mid=2247490021&idx=3&sn=632b1f8c8140edb7f8e1988a027d8c9b) - - [ ] [FTP匿名登录](https://mp.weixin.qq.com/s?__biz=MzU2MTc4NTEyNw==&mid=2247486443&idx=1&sn=52541552cd1d17a0619cb76a02adaca0) - - [ ] [【重要通知】春节福利来啦!](https://mp.weixin.qq.com/s?__biz=Mzk0OTUwNTU5Nw==&mid=2247489028&idx=1&sn=57cc2f38012be369cda3b8eb27af4955) - - [ ] [【资讯】特朗普签署行政命令取消拜登人工智能政策:美国政策的“朝令夕改”](https://mp.weixin.qq.com/s?__biz=MzI2MTE0NTE3Mw==&mid=2651148689&idx=1&sn=0707627dd1c290fd861d390ad8100390) - - [ ] [14【邮件安全】如何防护窃密类攻击](https://mp.weixin.qq.com/s?__biz=MzI1OTUyMTI2MQ==&mid=2247484819&idx=1&sn=969fd46dcff0cbeb1f0ca33b50c1d3f8) - - [ ] [梦想启航,共赴新征程 | 神州希望年度盛典活动圆满落幕](https://mp.weixin.qq.com/s?__biz=MzA4Mzg1ODMwMg==&mid=2650725002&idx=1&sn=469a2e3a5e9cd84f5ec595e1bfa74f1a) - - [ ] [人民银行拟明确,泄露1000万条敏感个人信息为特别重大网络安全事件](https://mp.weixin.qq.com/s?__biz=Mzg4NzQ4MzA4Ng==&mid=2247485190&idx=1&sn=3cdb10b152e37983478b1501ddae2549) - - [ ] [记一次细得不行的账户权限提升](https://mp.weixin.qq.com/s?__biz=MzIzMTIzNTM0MA==&mid=2247496946&idx=1&sn=fd344274014da8f4d5f0705d21c1080a) - - [ ] [GBT43766-2024智能网联汽车运行安全测试技术要求](https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247620095&idx=1&sn=c2a4526918174ccfc0842f3acd11e526) - - [ ] [GB T 44774-2024 汽车信息安全应急响应管理规范-市场监督总局、国标委](https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247620095&idx=2&sn=f195194edfff51e852f90ffb8c5cec5a) - - [ ] [GB_T 44778-2024 汽车诊断接口信息安全技术要求及试验方法](https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247620095&idx=3&sn=2776df80864788f31772fc62bf486e70) - - [ ] [【云安全】云原生-Docker(五)容器逃逸之漏洞利用](https://mp.weixin.qq.com/s?__biz=MzUyNTUyNTA5OQ==&mid=2247484704&idx=1&sn=410d5b5fae6bf9431286297a0a2c6170) - - [ ] [攻防技战术动态一周更新 - 20240120](https://mp.weixin.qq.com/s?__biz=MzkzODc4NjE1OQ==&mid=2247483911&idx=1&sn=c5a229f591045a08ac05482732c1d08a) - - [ ] [带你解锁编码新世界!--随波逐流CTF编码工具使用教程42 --Decabit密码](https://mp.weixin.qq.com/s?__biz=MzU2NzIzNzU4Mg==&mid=2247489624&idx=1&sn=ea44aafbf7384a7687c319f17c02fa2d) - - [ ] [【安全圈】2000余名网红遭信息“开盒” 嫌疑人获利几十万元](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067606&idx=1&sn=06c7d132a1649380a5b7629742f5d3f7) - - [ ] [【安全圈】微软 Win10 / Win11 新威胁:RID 劫持可提权至管理员控制你的 PC](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067606&idx=2&sn=efa053f9e1755bb17193b5a5868fb8ce) - - [ ] [【安全圈】新的 Cleo 零日 RCE 漏洞在数据盗窃攻击中被利用](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067606&idx=3&sn=6473d53d9a207bfac9888ca3a543bbf8) - - [ ] [【安全圈】新的 UEFI 安全启动漏洞使系统暴露于 bootkit](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067606&idx=4&sn=e8ae1a9dfb9fb649575b0d8a5414a82d) - - [ ] [LockBit4.0勒索病毒攻击](https://mp.weixin.qq.com/s?__biz=MzA4ODEyODA3MQ==&mid=2247490159&idx=1&sn=3e0c4cafcaf49897fc3ae2b21c46ba3c) - - [ ] [Lynx勒索病毒攻击](https://mp.weixin.qq.com/s?__biz=MzA4ODEyODA3MQ==&mid=2247490159&idx=2&sn=407c03ec89b98548a00d3dcdb55d47ef) - - [ ] [【InForSec 2025年会青年学者论坛回顾】冀晓宇:从传感器安全到“传感器 +X”安全](https://mp.weixin.qq.com/s?__biz=MzA4ODYzMjU0NQ==&mid=2652317459&idx=1&sn=4c4bfe832913a3872ec09ee631b9274b) - - [ ] [【InForSec 2025年会青年学者论坛回顾】白家驹:操作系统的自动化缺陷检测](https://mp.weixin.qq.com/s?__biz=MzA4ODYzMjU0NQ==&mid=2652317459&idx=2&sn=d42e0048046537509a0b9169907c9801) - - [ ] [【InForSec 2025年会青年学者论坛回顾】闫琛:传感器电磁安全与隐私问题研究](https://mp.weixin.qq.com/s?__biz=MzA4ODYzMjU0NQ==&mid=2652317459&idx=3&sn=619b1c123e6a6165f24ed57ff9fd391a) - - [ ] [【InForSec 2025年会青年学者论坛回顾】刁文瑞:移动生态安全探索:从系统漏洞到大规模测量](https://mp.weixin.qq.com/s?__biz=MzA4ODYzMjU0NQ==&mid=2652317459&idx=4&sn=0d016310221e528e230f05da6f3b14de) - - [ ] [【InForSec 2025年会青年学者论坛回顾】南雨宏:程序分析视角下的敏感数据管控:从移动应用到智能合约](https://mp.weixin.qq.com/s?__biz=MzA4ODYzMjU0NQ==&mid=2652317459&idx=5&sn=c5a7798acca47b172a583897d568c7ef) - - [ ] [【InForSec 2025年会青年学者论坛回顾】范铭:移动应用个人信息保护场景下的合规验证探索与思考](https://mp.weixin.qq.com/s?__biz=MzA4ODYzMjU0NQ==&mid=2652317459&idx=6&sn=7be8c4556e1d37b0d94079969cbb7958) - - [ ] [【InForSec 2025年会青年学者论坛回顾】申文博:从AI框架到xPU硬件:智能系统安全研究](https://mp.weixin.qq.com/s?__biz=MzA4ODYzMjU0NQ==&mid=2652317459&idx=7&sn=044afe640aa525a285b3dcc87f2a146d) - - [ ] [【全网首发】SpiderX—JS前端加密绕过攻防神器](https://mp.weixin.qq.com/s?__biz=MzkxOTU3MDY4MQ==&mid=2247484523&idx=1&sn=1c96baa85e02951ab6e157f8318b63fb) - - [ ] [新春红包封面快来领取!](https://mp.weixin.qq.com/s?__biz=MzI5MTIwOTQ5MA==&mid=2247487645&idx=1&sn=f24d76bc9fff29975309ff6ee71836c9) - - [ ] [友数聚 CPAS审计管理系统V4 getCurserIfAllowLogin SQL注入漏洞](https://mp.weixin.qq.com/s?__biz=MzkzMTcwMTg1Mg==&mid=2247490331&idx=1&sn=d0bc2a23252891fc43749fa31443df71) - - [ ] [CVE-2024-43451 Windows NTLM 漏洞,允许攻击者使用恶意快捷方式强制身份验证并捕获 NTLM 哈希](https://mp.weixin.qq.com/s?__biz=MzAxMjYyMzkwOA==&mid=2247527185&idx=1&sn=e316e52a9c3df272305888245af343f8) - - [ ] [CVE-2024-43468 :通过 PoC 代码揭示 Microsoft Configuration Manager 漏洞](https://mp.weixin.qq.com/s?__biz=MzAxMjYyMzkwOA==&mid=2247527185&idx=2&sn=67cbf97affd8106486d5097a7d773cf7) - - [ ] [交大捷普春节保障通知请查收~](https://mp.weixin.qq.com/s?__biz=MzI2MzU0NTk3OA==&mid=2247506078&idx=1&sn=51b1726bf07b4140dd5c7c740c641c5f) - - [ ] [汽车功能安全](https://mp.weixin.qq.com/s?__biz=MzIzOTc2OTAxMg==&mid=2247549597&idx=1&sn=56e746b1a81acc0ff1f756fb0a6919bd) - - [ ] [车载电子控制系统解析:ECU、VCU、MCU、HCU的区别与功能](https://mp.weixin.qq.com/s?__biz=MzIzOTc2OTAxMg==&mid=2247549597&idx=2&sn=8782ebbf1f96b57a350bccdc3cb71cbc) - - [ ] [赛迪院长张立:强化数据标注基地引领作用 带动数据标注产业高质量发展](https://mp.weixin.qq.com/s?__biz=MjM5NzYwNDU0Mg==&mid=2649249639&idx=1&sn=b20e52f1c5bf58132694f64459558d08) - - [ ] [送走挖煤人,引进AI人——京西新年第一会聚焦“人工智能+”](https://mp.weixin.qq.com/s?__biz=MjM5NzYwNDU0Mg==&mid=2649249639&idx=2&sn=5b2eef5ca2602417c0513893881a5286) - - [ ] [京西“人工智能+”行动启动,加速赋能千行百业](https://mp.weixin.qq.com/s?__biz=MjM5NzYwNDU0Mg==&mid=2649249639&idx=3&sn=09d82edb1cb80aa30dd4e524b454846f) - - [ ] [国源天顺集团召开2025年盛大年会](https://mp.weixin.qq.com/s?__biz=Mzg3MTU1MTIzMQ==&mid=2247495900&idx=1&sn=05f3cb3068c5e19ffbae70d4a628e501) - - [ ] [【2025-01-25】黑客新闻摘要](https://mp.weixin.qq.com/s?__biz=MzIzNDU5NTI4OQ==&mid=2247488361&idx=1&sn=5e93ab8055df35d3ef08f9ecd2ab11f3) - - [ ] [中国科技期刊参与科技伦理治理的责任与边界](https://mp.weixin.qq.com/s?__biz=MzI1OTExNDY1NQ==&mid=2651618886&idx=1&sn=212dbd45b8656d38f43d2206b2613569) - - [ ] [DEC/RPC协议与Windows服务创建浅析(银狐原始进程隐匿方式之一)](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458589259&idx=1&sn=2076280e4c58e4cd0d718047946ebe83) - - [ ] [别错过!“系统0day安全”课程,带你精通漏洞挖掘技巧](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458589259&idx=2&sn=4356dec55931f1257ae44561ca3f0d3e) - - [ ] [金融大模型落地路线图研究报告(2024年)](https://mp.weixin.qq.com/s?__biz=MjM5OTk4MDE2MA==&mid=2655264523&idx=1&sn=59aaf90744fb30c1ac16698f52a91acb) - - [ ] [友数聚 CPAS审计管理系统V4 downPlugs 任意文件读取漏洞](https://mp.weixin.qq.com/s?__biz=MzkzMTcwMTg1Mg==&mid=2247490322&idx=1&sn=25c1352e1b349a1302486f7e519f7d5d) - - [ ] [特色专题 | Polar-BBCRSsig:一个基于极化码的数字签名算法](https://mp.weixin.qq.com/s?__biz=MzkwMTMyMDQ3Mw==&mid=2247597612&idx=1&sn=331a63888f0e237790f4b786ff41b4b5) - - [ ] [提升数据流通安全治理能力 促进数据流通开发利用](https://mp.weixin.qq.com/s?__biz=MzkwMTMyMDQ3Mw==&mid=2247597612&idx=2&sn=0cfbb614ace6bcfc8fba3986e85d7996) - - [ ] [CTF 流量分析秘籍](https://mp.weixin.qq.com/s?__biz=MzkyOTUxMzk2NQ==&mid=2247486072&idx=1&sn=2d8abc608068a31ba72346ffe1fbb89a) - - [ ] [【JS逆向渗透系列02】BurpSuite结合mitmproxy+JSRPC秒杀js加密的方案](https://mp.weixin.qq.com/s?__biz=MzkyOTUxMzk2NQ==&mid=2247486072&idx=2&sn=a41b8e46903c71b16c9afd325f1f0f1f) - - [ ] [【js逆向渗透系列01】利用JSRPC秒杀JS加密](https://mp.weixin.qq.com/s?__biz=MzkyOTUxMzk2NQ==&mid=2247486072&idx=3&sn=f4d030c3179188237c61992ea979ce39) - - [ ] [放假啦!](https://mp.weixin.qq.com/s?__biz=MzkxNTIwNTkyNg==&mid=2247553203&idx=1&sn=9a05203b3253d08d80b3b0b05696977d) - - [ ] [【免费领】全网最权威的大数据安全实践指南(含100例最佳实操)](https://mp.weixin.qq.com/s?__biz=MzkxNTIwNTkyNg==&mid=2247553203&idx=2&sn=a27be898f2ed0a1029b6cc567fd3e3dd) - - [ ] [xray图形化工具-Super Xray,支持自定义导入poc库](https://mp.weixin.qq.com/s?__biz=MzkzNzg4MTI0NQ==&mid=2247485448&idx=1&sn=5888106f1aed20b020b5c7cf2e2d7d53) - - [ ] [博斯外贸管理软件V6.0 log/logined.jsp SQL注入漏洞](https://mp.weixin.qq.com/s?__biz=MzkzMTcwMTg1Mg==&mid=2247490313&idx=1&sn=74c67202db6cc3e463b34c9f381ceebf) - - [ ] [祝大家新春快乐!](https://mp.weixin.qq.com/s?__biz=MzkyNTY3Nzc3Mg==&mid=2247489177&idx=1&sn=72c3b8a8302a13d9cc452781aa143d41) - - [ ] [新春抽奖开启!与奉天安全团队 & 禾信智安共迎新年好运!](https://mp.weixin.qq.com/s?__biz=Mzk0NjQ2NzQ0Ng==&mid=2247485001&idx=1&sn=6e9760b516808b96be5fe01325dabde2) - - [ ] [专项培训,学生必看!](https://mp.weixin.qq.com/s?__biz=Mzk0NjQ2NzQ0Ng==&mid=2247485001&idx=2&sn=14fae2eb52cb8f3067159cbda8857411) - - [ ] [无糖信息春节放假通知,内含2025蛇年限定红包封面限时放送!](https://mp.weixin.qq.com/s?__biz=MzAxMzkzNDA1Mg==&mid=2247513938&idx=1&sn=9d7986c230f45bb4faac2f33a765ccab) - - [ ] [黑客如何攻破一个网站?长文图解全流程](https://mp.weixin.qq.com/s?__biz=MzkxMzMyNzMyMA==&mid=2247570688&idx=1&sn=ec49ed5cec5fce5c31f4af871087a5df) - - [ ] [诸子云 | 2024评优:「十佳会员」候选人风采展示与投票](https://mp.weixin.qq.com/s?__biz=MzU5ODgzNTExOQ==&mid=2247635766&idx=1&sn=8a269692df43494fa4405040d7d5f044) - - [ ] [在看 | 周报:B站员工“代码投毒”报复用户;宁波某化工企业被境外势力获取危险源监控视频数据](https://mp.weixin.qq.com/s?__biz=MzU5ODgzNTExOQ==&mid=2247635766&idx=2&sn=8e5ca5ae820e4aa7a72644000bc4e641) - - [ ] [在看 | 厂商:本周热门网络安全产业动态](https://mp.weixin.qq.com/s?__biz=MzU5ODgzNTExOQ==&mid=2247635766&idx=3&sn=3ac33612ef10098240b1eaa09bd422a2) - - [ ] [谈谈最近](https://mp.weixin.qq.com/s?__biz=Mzg5OTkwMjEwMg==&mid=2247483889&idx=1&sn=6cf7b46c3236d2e505d7cfbba97835d2) - - [ ] [一图读懂《网络安全技术 网络安全产品互联互通 第1部分:框架》](https://mp.weixin.qq.com/s?__biz=MjM5MzMwMDU5NQ==&mid=2649170504&idx=1&sn=86ae46294ca2f8187bedbc85e99f1c64) - - [ ] [实施“持证亮牌”u3000整治违规行为——国家网信办加强互联网新闻信息服务许可管理](https://mp.weixin.qq.com/s?__biz=MjM5MzMwMDU5NQ==&mid=2649170504&idx=2&sn=9d129cd03cc85a4a2de8cc9b3a034490) - - [ ] [涉嫌非法获取公民个人信息 8家MCN机构被查处](https://mp.weixin.qq.com/s?__biz=MjM5MzMwMDU5NQ==&mid=2649170504&idx=3&sn=62aac421ce4481cd2a9e72a6bf6e2f3d) - - [ ] [AI领航安全新征程!星河安全2024年度盘点](https://mp.weixin.qq.com/s?__biz=Mzk0MTYyNTg3Mg==&mid=2247492360&idx=1&sn=bad1dda2fae75298e0870d957e44336f) - - [ ] [安全不打烊丨云天安全春节期间服务保障通知](https://mp.weixin.qq.com/s?__biz=MzI2NDYzNjY0Mg==&mid=2247501197&idx=1&sn=e573ebcd07279615fe21c417e222f7a2) - - [ ] [揭秘服务器世界三大巨头:机架式、塔式与刀片式的真正区别!](https://mp.weixin.qq.com/s?__biz=MzUyNTExOTY1Nw==&mid=2247528007&idx=1&sn=7a2b2de8e2eb075aecfd0d928c2e05b6) - - [ ] [请查收~来自盛邦安全的致谢回信](https://mp.weixin.qq.com/s?__biz=MzAwNTAxMjUwNw==&mid=2650277635&idx=1&sn=fba61f10dfea6a44afeef10a1bca780f) - - [ ] [四叶草安全春节公告](https://mp.weixin.qq.com/s?__biz=MjM5MTI2NDQzNg==&mid=2654552288&idx=1&sn=96a0015a0fd5500a90ae8527883b410c) - - [ ] [【证书和报告信息】中国移动通信集团有限公司-网络安全大模型系统](https://mp.weixin.qq.com/s?__biz=Mzg5MzQ5NjQyNw==&mid=2247486184&idx=1&sn=1c59eb46d046850475159b39f42ee3a6) - - [ ] [【灵蛇贺新岁】平航科技2025年春节假期放假通知](https://mp.weixin.qq.com/s?__biz=MzI0OTEyMTk5OQ==&mid=2247494113&idx=1&sn=ce6e94d556fc3aff1a62646f32aa492c) - - [ ] [告别SecureCRT!这些SSH工具更强大、更好用,网络工程师必备!](https://mp.weixin.qq.com/s?__biz=MzIyMzIwNzAxMQ==&mid=2649464706&idx=1&sn=2f28514a24bcc488d05ac8b16894f3a1) - - [ ] [开发|渗透报告生成系统+框架反序列化分析+防护建议](https://mp.weixin.qq.com/s?__biz=MzIzNDU5Mzk2OQ==&mid=2247486379&idx=1&sn=f2d6bb9d94a484a4ddaf43a851625d65) - - [ ] [一图读懂中央经济工作会议→](https://mp.weixin.qq.com/s?__biz=MzA5MzU5MzQzMA==&mid=2652114248&idx=1&sn=3110c71638dad598cdd5a97b9819d8dc) - - [ ] [事关Stargate项目,说点你不知道的内幕!](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650559242&idx=1&sn=65609027c9fddad943535044bcb06811) - - [ ] [“懂王”重出江湖:前100日计划剖析(2万字资料附下载)](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650559242&idx=2&sn=812122521348cdc4a1414ee0000a67b8) - - [ ] [src实战 | CE工具的妙用-绕过签名](https://mp.weixin.qq.com/s?__biz=Mzk0NzM4NzI1MA==&mid=2247486229&idx=1&sn=59f7a5d451e4f06ec7e5710355a16705) - - [ ] [对 404 站点的漏洞挖掘](https://mp.weixin.qq.com/s?__biz=MzU5NjYwNDIyOQ==&mid=2247484826&idx=1&sn=5f81afa2c8c6ec0ad22c685de58a12d2) - - [ ] [暗网:CAI 的非常规来源](https://mp.weixin.qq.com/s?__biz=MzkwOTE5MDY5NA==&mid=2247504700&idx=1&sn=8a70db6ed5d20c468504787680ea612c) - - [ ] [从 404 到未授权](https://mp.weixin.qq.com/s?__biz=MzU5NjYwNDIyOQ==&mid=2247484823&idx=1&sn=4a5b521198ea04ffdba91a69f4efa10e) - - [ ] [美国国防部官方社交媒体集体进入“静默期”](https://mp.weixin.qq.com/s?__biz=MzkzNDIzNDUxOQ==&mid=2247494513&idx=1&sn=bc5c4c56b49b937818cbaf41ea395f3b) - - [ ] [安全值守 | 众智维科技春节假期应急保障服务不打烊](https://mp.weixin.qq.com/s?__biz=MzU5Mjg0NzA5Mw==&mid=2247493910&idx=1&sn=de7d9c74b0ba445a83102b5027b37773) - - [ ] [好险差点被他赚到了](https://mp.weixin.qq.com/s?__biz=Mzk0MzY3MDE5Mg==&mid=2247483995&idx=1&sn=345fa8d0bf969a4ac8f5b9a4f3b1d09c) - - [ ] [【吃瓜】无需三倍](https://mp.weixin.qq.com/s?__biz=MzIxNTIzNTExMQ==&mid=2247490849&idx=1&sn=c8a921eac811f6f2a83cba435599a30a) - - [ ] [天才](https://mp.weixin.qq.com/s?__biz=MzIxNTIzNTExMQ==&mid=2247490847&idx=1&sn=84840a0e8ecb596122fdf56a541247b5) - - [ ] [分享图片](https://mp.weixin.qq.com/s?__biz=MzI3Njc1MjcxMg==&mid=2247494345&idx=1&sn=ec9ef6a77576df47945933c5408a8861) - - [ ] [在受限的 Rails 应用程序中通过任意文件写入实现 RCE](https://mp.weixin.qq.com/s?__biz=MzAxMjYyMzkwOA==&mid=2247527156&idx=1&sn=ce41716d54949eb8045c2dec96ee44a6) - - [ ] [【威胁分析】针对韩国国内某知名律师事务所的APT攻击](https://mp.weixin.qq.com/s?__biz=MzAxMjYyMzkwOA==&mid=2247527156&idx=2&sn=d815a0b641f861682118ebb4b2e25335) - - [ ] [JADXecute:用于动态反编译器操作的 JADX-gui 脚本插件](https://mp.weixin.qq.com/s?__biz=MzAxMjYyMzkwOA==&mid=2247527156&idx=3&sn=bdacefab7871ac08e043ac3166998058) - - [ ] [从Pegasus到Predator:iOS商业间谍软件的演进](https://mp.weixin.qq.com/s?__biz=MzU0MzgyMzM2Nw==&mid=2247486250&idx=1&sn=daa031ff26b9773e0177492de181ba56) - - [ ] [国外警务前沿科技汇编](https://mp.weixin.qq.com/s?__biz=MzkwMTQyODI4Ng==&mid=2247495745&idx=1&sn=5df2228249f174df3b21b5ad777b6253) - - [ ] [2024年全球邮件威胁报告](https://mp.weixin.qq.com/s?__biz=MzkwMTQyODI4Ng==&mid=2247495745&idx=2&sn=80c37d4771e7c654aa7609d6fe590b24) - - [ ] [知名车企漏洞:只需车牌号,就能远程监控劫持数百万辆车](https://mp.weixin.qq.com/s?__biz=MzkwMTQyODI4Ng==&mid=2247495745&idx=3&sn=d62bd25906c870e0c8433a02109f5b5a) - - [ ] [ip2domain - 批量查询ip对应域名、备案信息、百度等引擎权重](https://mp.weixin.qq.com/s?__biz=MzkyNTYzMTg3OQ==&mid=2247485770&idx=1&sn=302f7c091ef90f0df97ed162bfb265c5) - - [ ] [网络安全的红利还能吃几年?](https://mp.weixin.qq.com/s?__biz=Mzg4Nzk3MTg3MA==&mid=2247487709&idx=1&sn=cbd8920e80714a50eed133a0b2ee35d3) - - [ ] [ISO 14001: 2015 标准详解与实施(26)10.3 持续改进](https://mp.weixin.qq.com/s?__biz=MzA5OTEyNzc1Nw==&mid=2247486030&idx=1&sn=d1459a0a8bca440750d5ade3b58f0f0e) - - [ ] [ISO 14001: 2015 标准详解与实施(25)10.2 不符合和纠正措施](https://mp.weixin.qq.com/s?__biz=MzA5OTEyNzc1Nw==&mid=2247486030&idx=2&sn=dae87bd98e4387cf93f0a87aa96eed81) - - [ ] [ISO 14001: 2015 标准详解与实施(24)10.1 总则](https://mp.weixin.qq.com/s?__biz=MzA5OTEyNzc1Nw==&mid=2247486030&idx=3&sn=c318bf65327a033e932d389b8a90ea16) - - [ ] [ISO 14001: 2015 标准详解与实施(23)9.3 管理评审](https://mp.weixin.qq.com/s?__biz=MzA5OTEyNzc1Nw==&mid=2247486030&idx=4&sn=a85135f37d7c333ef6c878c315f88c41) - - [ ] [ISO 14001: 2015 标准详解与实施(22)9.2 内部审核](https://mp.weixin.qq.com/s?__biz=MzA5OTEyNzc1Nw==&mid=2247486030&idx=5&sn=1f187b414d8a14d47c9649240b678ac0) - - [ ] [锦岳智慧:2025年春节安全保障,守护同行!](https://mp.weixin.qq.com/s?__biz=MzkxMzQwNDcxNg==&mid=2247486852&idx=1&sn=d3ddf1a54d505e65a457ae3c2b896aa1) - - [ ] [DIDCTF-2021第三届长安杯-检材一](https://mp.weixin.qq.com/s?__biz=MzkxMTcyMDczOQ==&mid=2247489692&idx=1&sn=4146be09a799bbf76d261eab4bc980d1) - - [ ] [数字安全:智·盾·鉴,CSA开启2025](https://mp.weixin.qq.com/s?__biz=MzkwMTM5MDUxMA==&mid=2247503000&idx=1&sn=20276e85c2972647250674828c0b5a5f) - - [ ] [impacket解读(三. smbclient、secretsdump)](https://mp.weixin.qq.com/s?__biz=Mzg5NTkxNzg4MA==&mid=2247489975&idx=1&sn=7faa781ae4e91430c6f32732213c32c2) - - [ ] [[网络安全]新春红包封面](https://mp.weixin.qq.com/s?__biz=MzkyMDY1MDI3OA==&mid=2247483803&idx=1&sn=4dff124cc0784638e204ea08b191b63f) - - [ ] [【吃瓜】某手机厂商被泰国个人数据保护委员会 (PDPC) 发出警示令](https://mp.weixin.qq.com/s?__biz=MzkzNDIzNDUxOQ==&mid=2247494502&idx=1&sn=7c132f29048506b59cb9ff3abec22f38) - - [ ] [黑客利用 XWorm RAT 攻击“脚本小子”,感染了18,000 台设备](https://mp.weixin.qq.com/s?__biz=MzkzNDIzNDUxOQ==&mid=2247494502&idx=2&sn=8d47c257885509ce00eef4bcb4c09ba4) - - [ ] [K8S 日志查询中的命令注入](https://mp.weixin.qq.com/s?__biz=MzkzNDIzNDUxOQ==&mid=2247494502&idx=3&sn=6a7f85ec2112691b2dbf7b7c1dcdfd47) - - [ ] [加密货币平台 Phemex 疑似遭遇网络攻击,至少 6900 万美元被盗](https://mp.weixin.qq.com/s?__biz=MzkzNDIzNDUxOQ==&mid=2247494502&idx=4&sn=08e9029e44c6d29a1ca03c2a18580d55) - - [ ] [如何使用 Visual Studio 制作 Windows x86-64 Shellcode](https://mp.weixin.qq.com/s?__biz=MzAxODM5ODQzNQ==&mid=2247486555&idx=1&sn=5047769a6043ea5a95f457da525b736d) - - [ ] [《Java代码审计零基础入门到项目实战》强势来袭,手把手带你学会学好学明白!](https://mp.weixin.qq.com/s?__biz=MzkwMzMwODg2Mw==&mid=2247510468&idx=1&sn=2ae06cf6770737f7e101b3a16bf48cd9) - - [ ] [吾爱破解论坛微信红包封面(60000份)](https://mp.weixin.qq.com/s?__biz=MjM5Mjc3MDM2Mw==&mid=2651141639&idx=1&sn=7306868d4e210299a761b09dfab68bec) - - [ ] [工业网络安全周报-2025年第4期](https://mp.weixin.qq.com/s?__biz=MzU3ODQ4NjA3Mg==&mid=2247564979&idx=1&sn=ac7d1cc6527b4ab6cfe838bd72ec338f) - - [ ] [2024 年工控互联网态势](https://mp.weixin.qq.com/s?__biz=MzkyMzE5ODExNQ==&mid=2247487629&idx=1&sn=f51d253054a3fe4b1f53af328973c7d9) - - [ ] [2024-CISCN-长城杯-威胁检测与网络流量分析WP](https://mp.weixin.qq.com/s?__biz=Mzg4NDg3NjE5MQ==&mid=2247485366&idx=1&sn=3ba5e8dbd1076a28202b5c13eb17f8a1) - - [ ] [日本《人工智能业务指南》全文翻译](https://mp.weixin.qq.com/s?__biz=MzIxODM0NDU4MQ==&mid=2247506124&idx=1&sn=a0d99658c9689597ec9d1e77f02a0b48) - - [ ] [特朗普的“豪言壮语”与中亚的“夹缝求生”](https://mp.weixin.qq.com/s?__biz=MzkwNzM0NzA5MA==&mid=2247504827&idx=1&sn=8fc0764ae8df89d1410d2698742021c2) - - [ ] [英美强力支持HTS:一场地缘政治的“暗棋”](https://mp.weixin.qq.com/s?__biz=MzkwNzM0NzA5MA==&mid=2247504827&idx=2&sn=163ae646fa6f29298070240c3434b308) - - [ ] [印度的全球战略布局:多边关系的“棋局”与隐忧](https://mp.weixin.qq.com/s?__biz=MzkwNzM0NzA5MA==&mid=2247504827&idx=3&sn=129948fb74cb521900993d4e8e40d403) - - [ ] [安天AVL SDK反病毒引擎升级通告(20250125)](https://mp.weixin.qq.com/s?__biz=MjM5MTA3Nzk4MQ==&mid=2650209879&idx=1&sn=f064cfa0b128912c0afa12a79319a1e7) - - [ ] [邬贺铨院士展望未来10年:AI重塑互联网](https://mp.weixin.qq.com/s?__biz=Mzg4MDU0NTQ4Mw==&mid=2247528860&idx=1&sn=97b5e988dbeead145081b25e2b41e3d8) - - [ ] [2025 年将是统一网络安全的一年](https://mp.weixin.qq.com/s?__biz=Mzg4MDU0NTQ4Mw==&mid=2247528860&idx=2&sn=9b9e1062d3000976628bbf98e78b2a2d) - - [ ] [【一周安全资讯0125】工信部等十四部门联合印发《关于加强极端场景应急通信能力建设的意见》;TikTok在美暂时恢复运营](https://mp.weixin.qq.com/s?__biz=MzIzMDQwMjg5NA==&mid=2247506579&idx=1&sn=fcac61536a135611032057e715235d00) - - [ ] [2024春秋杯冬季赛PWN---WriteUp](https://mp.weixin.qq.com/s?__biz=MzkxNTc1MzQyNw==&mid=2247488757&idx=1&sn=15ce2c806f874774fadc25d433fe73d8) - - [ ] [中国人民银行业务领域网络安全事件报告管理办法(征求意见稿)](https://mp.weixin.qq.com/s?__biz=MzA5MzU5MzQzMA==&mid=2652114228&idx=1&sn=837561c72e2392e4f82cb1518786750d) - - [ ] [CCRC丨蛇年行大运,返现288!](https://mp.weixin.qq.com/s?__biz=MzU4MjUxNjQ1Ng==&mid=2247521420&idx=1&sn=b826c081b9757b44d13604d6b1564f02) - - [ ] [黑客高手暗中传播木马化的XWorm RAT,新手黑客应声沦陷](https://mp.weixin.qq.com/s?__biz=MzkyMjQ5ODk5OA==&mid=2247507094&idx=1&sn=2ea5fcd0855066b82055aaf0687123d6) - - [ ] [年度盘点丨2024年迪普科技科护航科教文卫行业数字化](https://mp.weixin.qq.com/s?__biz=MzA4NzE5MzkzNA==&mid=2650370699&idx=1&sn=027d5ffb380e0c85b361ff87b89105d5) - - [ ] [.NET 第 56 期红队武器库和资源汇总](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498450&idx=1&sn=0e544713a937f0cc0f8fe5662ece86f9) - - [ ] [.NET 内网攻防实战电子报刊](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498450&idx=2&sn=a00f3f8ae2f091ade34fc645636c1188) - - [ ] [文件痕迹清理,通过 Sharp4ModifyTime 修改任意文件时间戳](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498450&idx=3&sn=01dad887be82ec26ebc80e1de617c700) +- SecWiki News + - [ ] [SecWiki News 2025-01-26 Review](http://www.sec-wiki.com/?2025-01-26) - Private Feed for M09Ic - - [ ] [b1nhack forked b1nhack/rustaceanvim from mrcjkb/rustaceanvim](https://github.com/b1nhack/rustaceanvim) - - [ ] [phith0n starred maybe-finance/maybe](https://github.com/maybe-finance/maybe) - - [ ] [4ra1n released 4.3 at jar-analyzer/jar-analyzer](https://github.com/jar-analyzer/jar-analyzer/releases/tag/4.3) - - [ ] [safedv starred LOTTunnels/LOTTunnels.github.io](https://github.com/LOTTunnels/LOTTunnels.github.io) - - [ ] [spf13 starred zellij-org/zellij](https://github.com/zellij-org/zellij) - - [ ] [4ra1n released temurin-23.0.2 at jar-analyzer/workflow_jre](https://github.com/jar-analyzer/workflow_jre/releases/tag/temurin-23.0.2) - - [ ] [4ra1n released temurin-8u442 at jar-analyzer/workflow_jre](https://github.com/jar-analyzer/workflow_jre/releases/tag/temurin-8u442) - - [ ] [spf13 starred ryanoasis/nerd-fonts](https://github.com/ryanoasis/nerd-fonts) - - [ ] [zer0yu started following Kobzol](https://github.com/Kobzol) - - [ ] [zer0yu starred lightpanda-io/browser](https://github.com/lightpanda-io/browser) - - [ ] [zer0yu starred johnthagen/min-sized-rust](https://github.com/johnthagen/min-sized-rust) - - [ ] [zer0yu starred Automattic/harper](https://github.com/Automattic/harper) - - [ ] [zer0yu starred mtshiba/pylyzer](https://github.com/mtshiba/pylyzer) - - [ ] [safedv starred 0xNinjaCyclone/EarlyCascade](https://github.com/0xNinjaCyclone/EarlyCascade) - - [ ] [zer0yu starred Clouditera/SecGPT](https://github.com/Clouditera/SecGPT) - - [ ] [zer0yu starred DLLXW/baby-llama2-chinese](https://github.com/DLLXW/baby-llama2-chinese) - - [ ] [zer0yu started following jiayuqi7813](https://github.com/jiayuqi7813) - - [ ] [zer0yu starred opengrep/opengrep](https://github.com/opengrep/opengrep) - - [ ] [zer0yu starred jiayuqi7813/Stegsolve-rs](https://github.com/jiayuqi7813/Stegsolve-rs) - - [ ] [h3zh1 pushed to dev in chainreactors/malice-network](https://github.com/chainreactors/malice-network/compare/93f5d17f61...8482799871) -- Security Boulevard - - [ ] [Ensuring Data Safety with Comprehensive NHIDR](https://securityboulevard.com/2025/01/ensuring-data-safety-with-comprehensive-nhidr/) - - [ ] [Building Trust with Effective IAM Solutions](https://securityboulevard.com/2025/01/building-trust-with-effective-iam-solutions/) - - [ ] [Empower Your DevOps with Robust Secrets Security](https://securityboulevard.com/2025/01/empower-your-devops-with-robust-secrets-security/) - - [ ] [DEF CON 32 – Access Control Done Right The First Time](https://securityboulevard.com/2025/01/def-con-32-access-control-done-right-the-first-time/) - - [ ] [The Cybersecurity Vault Podcast 2024 Recap](https://securityboulevard.com/2025/01/the-cybersecurity-vault-podcast-2024-recap/) + - [ ] [safedv starred ambionics/cnext-exploits](https://github.com/ambionics/cnext-exploits) + - [ ] [liamg starred getcursor/cursor](https://github.com/getcursor/cursor) + - [ ] [mgeeky starred x86matthew/WinVisor](https://github.com/x86matthew/WinVisor) + - [ ] [mgeeky starred ionescu007/Simpleator](https://github.com/ionescu007/Simpleator) + - [ ] [mgeeky starred moudey/Shell](https://github.com/moudey/Shell) + - [ ] [safedv started following NtDallas](https://github.com/NtDallas) + - [ ] [safedv starred NtDallas/OdinLdr](https://github.com/NtDallas/OdinLdr) + - [ ] [safedv started following emdnaia](https://github.com/emdnaia) + - [ ] [kpcyrd released 20250126 at archlinux/archlinux-repro](https://github.com/archlinux/archlinux-repro/releases/tag/20250126) + - [ ] [safedv starred anderspitman/awesome-tunneling](https://github.com/anderspitman/awesome-tunneling) + - [ ] [safedv starred lolc2/lolc2.github.io](https://github.com/lolc2/lolc2.github.io) + - [ ] [safedv starred rust-lang/rust](https://github.com/rust-lang/rust) + - [ ] [mozhu1024 starred glauth/glauth](https://github.com/glauth/glauth) + - [ ] [zer0yu starred huggingface/open-r1](https://github.com/huggingface/open-r1) + - [ ] [mozhu1024 starred P3TERX/GeoLite.mmdb](https://github.com/P3TERX/GeoLite.mmdb) + - [ ] [wabzsy starred apache/answer](https://github.com/apache/answer) + - [ ] [kyxiaxiang starred klezVirus/RpcProxyInvoke](https://github.com/klezVirus/RpcProxyInvoke) + - [ ] [FunnyWolf starred AmruthPillai/Reactive-Resume](https://github.com/AmruthPillai/Reactive-Resume) - CXSECURITY Database RSS Feed - CXSecurity.com - - [ ] [Iranian Cyber Police "FATA.GOV.IR" has an SQL Injection vulnerability](https://cxsecurity.com/issue/WLB-2025010025) -- 一个被知识诅咒的人 - - [ ] [【人工智能】深入探讨Python在语义角色标注(SRL)中的应用](https://blog.csdn.net/nokiaguy/article/details/145356157) - - [ ] [【人工智能】Python中的知识图谱构建与应用](https://blog.csdn.net/nokiaguy/article/details/145356145) + - [ ] [DNN CMS remote File Upload](https://cxsecurity.com/issue/WLB-2025010026) +- Security Boulevard + - [ ] [Empowering Cloud Compliance with Seamless Security](https://securityboulevard.com/2025/01/empowering-cloud-compliance-with-seamless-security/) + - [ ] [Scaling Security with Automated Identity Management](https://securityboulevard.com/2025/01/scaling-security-with-automated-identity-management/) + - [ ] [Innovative Approaches to Secrets Scanning](https://securityboulevard.com/2025/01/innovative-approaches-to-secrets-scanning/) + - [ ] [The Small Business Guide to Everyday Access Management and Secure Off-boarding](https://securityboulevard.com/2025/01/the-small-business-guide-to-everyday-access-management-and-secure-off-boarding/) + - [ ] [DEF CON 32 – Attacks On GenAI Data & Using Vector Encryption To Stop Them](https://securityboulevard.com/2025/01/def-con-32-attacks-on-genai-data-using-vector-encryption-to-stop-them/) + - [ ] [INE Security Alert: Expediting CMMC 2.0 Compliance](https://securityboulevard.com/2025/01/ine-security-alert-expediting-cmmc-2-0-compliance/) +- Doonsec's feed + - [ ] [Vlunstack ATT&CK---红日靶场(三)](https://mp.weixin.qq.com/s?__biz=MzkxNTc1MzQyNw==&mid=2247488809&idx=1&sn=b496a3e45eeae3831a0bea34e53fa254) + - [ ] [探秘网络安全神器:蜜罐工具](https://mp.weixin.qq.com/s?__biz=MzkzNzg3NzQxMQ==&mid=2247485731&idx=1&sn=f855b4678f6428cb1cda14a26cc651f2) + - [ ] [白帽必知!Kunlun-Mirror源代码安全审计工具全解析](https://mp.weixin.qq.com/s?__biz=Mzk2NDE3NDUwNg==&mid=2247483897&idx=1&sn=050c8f872083541fe1c136e416528513) + - [ ] [深入某CMS渗透测试:从弱口令到接管webshell](https://mp.weixin.qq.com/s?__biz=MzU2MTc4NTEyNw==&mid=2247486445&idx=1&sn=071008d1b39bf3757ff2279a6581fe71) + - [ ] [紧急告警!Meta Llama框架漏洞,AI系统面临远程代码执行风险](https://mp.weixin.qq.com/s?__biz=MzA4MzMzOTQ4Mw==&mid=2453672529&idx=1&sn=cdc7f3d0c6553b9b1c05425ba64820b9) + - [ ] [安全行业到底是技术密集型企业,还是劳动力密集型企业?这里不只有答案!](https://mp.weixin.qq.com/s?__biz=MzAxOTk3NTg5OQ==&mid=2247492241&idx=1&sn=f1d5ff7631506292b224073985727b34) + - [ ] [揭秘电信诈骗经典套路,掌数助你安全过年!](https://mp.weixin.qq.com/s?__biz=MzAxOTk3NTg5OQ==&mid=2247492241&idx=2&sn=694d6f191fd17874f357e1e23a8f2484) + - [ ] [特斯拉电动汽车越狱](https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247620109&idx=1&sn=c06d5d123d722aaffb574cb0be9e239c) + - [ ] [汽车行业的4项基本网络安全原则](https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247620109&idx=2&sn=18d34e13e4ba4bc5e34fb0e0ef2ca9e5) + - [ ] [2024年智能网联汽车网络安全年度报告](https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247620109&idx=3&sn=0ced06cdd407328f94166f55dbdb9d95) + - [ ] [每日情报速递20250126](https://mp.weixin.qq.com/s?__biz=MzkxMzU4ODU2MQ==&mid=2247484059&idx=1&sn=572b8430a8e9a8fc9a2befc5ec6bfae8) + - [ ] [GLM-PC初测](https://mp.weixin.qq.com/s?__biz=MzkxMzU4ODU2MQ==&mid=2247484059&idx=2&sn=649c7ce34373e5a447ece9529998b884) + - [ ] [【云安全】云原生-K8S-简介](https://mp.weixin.qq.com/s?__biz=MzUyNTUyNTA5OQ==&mid=2247484722&idx=1&sn=ba4e1e01878dddae81fa21ad3e96a91e) + - [ ] [人工智能安全标准体系](https://mp.weixin.qq.com/s?__biz=MjM5OTk4MDE2MA==&mid=2655264717&idx=1&sn=c8b71d3dcbc5b20f23de67fee056205a) + - [ ] [秦安:特朗普上台,中美首场博弈,马斯克出战,比拼网络谁懂谁?](https://mp.weixin.qq.com/s?__biz=MzA5MDg1MDUyMA==&mid=2650476326&idx=1&sn=cfd5c4c650875cd31f9fae8bf6b3c1e7) + - [ ] [秦安:到底让谁伟大?特朗普要不断扩大领土,怒发冲冠为TikTok狂](https://mp.weixin.qq.com/s?__biz=MzA5MDg1MDUyMA==&mid=2650476326&idx=2&sn=e8546aeb10f5f9b28979d07929f87d67) + - [ ] [The Great Fry 抢劫案:Noha 如何抓住网络罪魁祸首](https://mp.weixin.qq.com/s?__biz=MzkwOTE5MDY5NA==&mid=2247504774&idx=1&sn=f570ff10a65093e52cb37f13dee8da37) + - [ ] [WordPress CF Link Shortcode 插件存在前台SQL注入漏洞(CVE-2024-12404)](https://mp.weixin.qq.com/s?__biz=Mzg4MTkwMTI5Mw==&mid=2247488723&idx=1&sn=b6dcde79af26f7316bf47c73990a2c54) + - [ ] [警惕!手机这个功能,慎用](https://mp.weixin.qq.com/s?__biz=MzkyNDcwMTAwNw==&mid=2247533707&idx=1&sn=3c4a7b2a599063486ac3ecd99597e55c) + - [ ] [警惕!朝鲜黑客组织利用“OtterCookie”后门锁定软件开发者](https://mp.weixin.qq.com/s?__biz=Mzg3OTYxODQxNg==&mid=2247485633&idx=1&sn=835b492b5b7b522cd0420cc6ffee782e) + - [ ] [从 LFI 到 RCE 的旅程!!!](https://mp.weixin.qq.com/s?__biz=Mzg2ODYxMzY3OQ==&mid=2247518315&idx=1&sn=5664abc72c27c8258f88adcb7ac37b50) + - [ ] [SRC专项知识库](https://mp.weixin.qq.com/s?__biz=Mzg2ODYxMzY3OQ==&mid=2247518315&idx=2&sn=3324aecef9cf1f80d5d24f889ac44323) + - [ ] [羡慕](https://mp.weixin.qq.com/s?__biz=MzAwMjQ2NTQ4Mg==&mid=2247496794&idx=1&sn=d5ec64d14996f316e911423bb3e8c66a) + - [ ] [实战中的WebService利⽤⽅法](https://mp.weixin.qq.com/s?__biz=MzIzMTIzNTM0MA==&mid=2247496952&idx=1&sn=fdb338f5ff8cf421424cfcc5c01bfbb7) + - [ ] [揭露网络欺骗:针对多个品牌的通用网络钓鱼页面的兴起](https://mp.weixin.qq.com/s?__biz=MzkxMjYyMDYyNA==&mid=2247484046&idx=1&sn=f1fd3fb24ab9330fe70b01423b65ac66) + - [ ] [《绝命毒师》主演 Dean Norris 推特账号再次遭黑客攻击并发布假冒代币](https://mp.weixin.qq.com/s?__biz=MzU2MTQwMzMxNA==&mid=2247541459&idx=1&sn=5516ad53cd1053c10ba980fffef521a4) + - [ ] [VPC访问控制之网络安全组](https://mp.weixin.qq.com/s?__biz=Mzg3NTUzOTg3NA==&mid=2247515076&idx=1&sn=659fd2d6a7593fe3646e3eaf130214ca) + - [ ] [文末抽奖 | VNCTF2025 报名开启](https://mp.weixin.qq.com/s?__biz=MzIxMDYyNTk3Nw==&mid=2247515152&idx=1&sn=a0e8b286a2f198209df2ff60791ee27c) + - [ ] [安全工程师的好帮手,Windows应急响应工具HawkEye更新!](https://mp.weixin.qq.com/s?__biz=MzU4NTg4MzIzNA==&mid=2247484356&idx=1&sn=6e62ed5d3095fff522186a185f8e68b3) + - [ ] [华为携手东莞市政务和数据局荣膺工信部2024年网络安全典型案例榜首](https://mp.weixin.qq.com/s?__biz=MzAwODU5NzYxOA==&mid=2247505839&idx=1&sn=375a0c8d6d2f25122068a1e62bc65310) + - [ ] [【资讯】网安标委就《人工智能安全标准体系(V1.0)(征求意见稿)》公开征求意见](https://mp.weixin.qq.com/s?__biz=MzU1NDY3NDgwMQ==&mid=2247549492&idx=1&sn=520753349c0cf7619b9c6af2a28fd72c) + - [ ] [过年红包别随便抢!这些“春节福利”都是诈骗陷阱→](https://mp.weixin.qq.com/s?__biz=MzI0NzE4ODk1Mw==&mid=2652094707&idx=1&sn=3d4881e29e1474077d4b06d4200f8e37) + - [ ] [涉嫌非法获取公民个人信息 8家MCN机构被查处](https://mp.weixin.qq.com/s?__biz=MzI0NzE4ODk1Mw==&mid=2652094707&idx=2&sn=eb3dc8e50a1cb201c16ee8903d8cae79) + - [ ] [【云安全】云原生-Docker(五)容器逃逸之漏洞利用](https://mp.weixin.qq.com/s?__biz=Mzg3OTUxNTU2NQ==&mid=2247490023&idx=1&sn=846a609d96c5cc54f73d7ed7607539ec) + - [ ] [IDA背后的原理入门(一): 简介&函数识别](https://mp.weixin.qq.com/s?__biz=Mzg3OTUxNTU2NQ==&mid=2247490023&idx=2&sn=703e83e51126605e67867df619bc4f75) + - [ ] [对 404 站点的漏洞挖掘](https://mp.weixin.qq.com/s?__biz=Mzg3OTUxNTU2NQ==&mid=2247490023&idx=3&sn=254de260da45916c1b80cf6eee6c4ed4) + - [ ] [江苏国骏春节放假安排通知](https://mp.weixin.qq.com/s?__biz=MzkzNjIzMjM5Ng==&mid=2247490211&idx=1&sn=79d453111e91e3708bed78897a153667) + - [ ] [电信安全春节服务保障公告](https://mp.weixin.qq.com/s?__biz=MzkxNDY0MjMxNQ==&mid=2247532881&idx=1&sn=f7ce31d9deae7d9f09369b2fbd7efdd6) + - [ ] [Go-Zero框架代码审计](https://mp.weixin.qq.com/s?__biz=MzkyODY3NjkyNQ==&mid=2247484782&idx=1&sn=ef633f25050192661512a78ef8de4078) + - [ ] [带你解锁编码新世界!--随波逐流CTF编码工具使用教程43 --Cetacean鲸目密码](https://mp.weixin.qq.com/s?__biz=MzU2NzIzNzU4Mg==&mid=2247489632&idx=1&sn=3ff1d1c39c3f0e25f34bef3ac8c183b5) + - [ ] [警惕!渗透测试需知的法律红线](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485460&idx=1&sn=2696efeb84408d3c65e9b5c18cfce0f2) + - [ ] [北七家-未来科学城,3居变4居豪装,理想楼层/户型/朝向](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485460&idx=2&sn=b9459522f7bd728b53c0aaa765d47bd1) + - [ ] [【干货】笑傲职场的独家经验(1)](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485460&idx=3&sn=8eb6cc5ed3d8eceebfc8cf7f19aad28f) + - [ ] [【干货原创】实网攻防演习常态化,会带来什么变化01](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485460&idx=4&sn=a4c662d181fe6a1bfb6df099e93788eb) + - [ ] [【干货原创】K12教育,鲜为人知的模式秘密](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485460&idx=5&sn=6c4b73da1084e10ae6b5cb4f14acb575) + - [ ] [原创文章目录](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485460&idx=6&sn=3b28bb66cf3c732334138a3142a1a55d) + - [ ] [进来,送你一打“滴滴技术年货”](https://mp.weixin.qq.com/s?__biz=MzU1ODEzNjI2NA==&mid=2247573416&idx=1&sn=cfff8a100e658aa48bc033b966273863) + - [ ] [【安全圈】安全圈恭祝大家:新年快乐~](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067622&idx=1&sn=b905decd9f92c3687f021950a11cf89f) + - [ ] [【安全圈】Microsoft Entra ID允许普通用户更新自己的UPN](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067622&idx=2&sn=a56656b05bfd9f42f777c577cffe85e3) + - [ ] [【安全圈】黑客利用Windows RID劫持技术创建隐藏管理员账户](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067622&idx=3&sn=ad95819ae6f36cb189f9da9618fff556) + - [ ] [新型人工智能“黑帽”工具:GhostGPT带来的威胁与挑战](https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651313204&idx=1&sn=2b87bf3242ba7820712b8f47a8f4b29e) + - [ ] [一周网安优质PDF资源推荐丨FreeBuf知识大陆](https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651313204&idx=2&sn=2a945410ba4cf21397e0cd355c22e796) + - [ ] [Pwn2Own Automotive 2025落幕,累计成功利用49个零日漏洞](https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651313204&idx=3&sn=af9e7adb9e7886cc3ec234d15e060a0d) + - [ ] [DroneXtract:一款针对无人机的网络安全数字取证工具](https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651313204&idx=4&sn=4a74a6b66c46012d19f2c26e036b95c6) + - [ ] [【InForSec 2025年会顶会论文回顾】陈熠豪: 语义驱动的互联网路由异常检测系统](https://mp.weixin.qq.com/s?__biz=MzA4ODYzMjU0NQ==&mid=2652317461&idx=1&sn=777cc0e34a153ddeb9a61aeeb97cb500) + - [ ] [【InForSec 2025年会顶会论文回顾】张允义:权威服务之殇:你的权威服务器配置真的安全么?](https://mp.weixin.qq.com/s?__biz=MzA4ODYzMjU0NQ==&mid=2652317461&idx=2&sn=54da24564ffa3c07f1e7add2df9eb838) + - [ ] [【InForSec 2025年会顶会论文回顾】刘超:面向安全的无线感知技术](https://mp.weixin.qq.com/s?__biz=MzA4ODYzMjU0NQ==&mid=2652317461&idx=3&sn=f3f0dbe8a32fb4a3eb373ef17242552f) + - [ ] [【InForSec 2025年会顶会论文回顾】林云: 基于参照的钓鱼欺诈检测技术的自动化知识赋能](https://mp.weixin.qq.com/s?__biz=MzA4ODYzMjU0NQ==&mid=2652317461&idx=4&sn=1eb9c732f3567dab37b7614d41b959ef) + - [ ] [【InForSec 2025年会顶会论文回顾】刘沛宇:探究 ChatGPT 在漏洞管理任务中的能力](https://mp.weixin.qq.com/s?__biz=MzA4ODYzMjU0NQ==&mid=2652317461&idx=5&sn=7becd6dc617d0acb19f79e2562a68616) + - [ ] [守正创新!渊亭2024年度技术专利盘点](https://mp.weixin.qq.com/s?__biz=MzIzNjE1ODE2OA==&mid=2660190386&idx=1&sn=174b704039498ea52de981c225c6a114) + - [ ] [感恩客户信任!这些“走心”的感谢信,华青融天收下了](https://mp.weixin.qq.com/s?__biz=MzA4Mzg1ODIzMw==&mid=2653545687&idx=1&sn=344c659736bc5350601f81b774fb5e7b) + - [ ] [2015.01.26 BTC回调风险](https://mp.weixin.qq.com/s?__biz=MzI3NTcwNTQ2Mg==&mid=2247487611&idx=1&sn=18fd52d6491638adaa14e295cbc736a9) + - [ ] [【oscp】PWNLAB: INIT靶场,文件包含+源码审计,文件包含+文件上传,环境变量劫持提权,管道符绕过提权](https://mp.weixin.qq.com/s?__biz=Mzk1NzE0ODk3Nw==&mid=2247490881&idx=1&sn=bc5d5232c3b9eab714027feb8b303dea) + - [ ] [汽车通信--EE架构演变](https://mp.weixin.qq.com/s?__biz=MzIzOTc2OTAxMg==&mid=2247549667&idx=1&sn=279f461a3ed455bdd2ae0903dabb3c92) + - [ ] [从车端BLE浅谈CCC数字钥匙协议](https://mp.weixin.qq.com/s?__biz=MzIzOTc2OTAxMg==&mid=2247549667&idx=2&sn=0811546318e3ca7bdc0316b45ea571ac) + - [ ] [“信”任满载 | 珞安科技喜获工业信息安全产业发展联盟感谢信](https://mp.weixin.qq.com/s?__biz=MzU2NjI5NzY1OA==&mid=2247512289&idx=1&sn=908ffe6082a9a6fec195854453b2950f) + - [ ] [微信红包封面](https://mp.weixin.qq.com/s?__biz=Mzg4Njk2NTEyMg==&mid=2247483831&idx=1&sn=8d6c33fbdd5791fb8300379fd98e91b9) + - [ ] [恶意样本分析环境搭建以及工具介绍](https://mp.weixin.qq.com/s?__biz=MzA4ODEyODA3MQ==&mid=2247490186&idx=1&sn=dbccef63b6ad18308eec7ebf88455def) + - [ ] [政策解读 |《关于促进企业数据资源开发利用的意见》](https://mp.weixin.qq.com/s?__biz=MzUzODYyMDIzNw==&mid=2247516967&idx=1&sn=4874ebe75bed1db300d89dce5834f9c5) + - [ ] [通知 | 《中国人民银行业务领域网络安全事件报告管理办法(征求意见稿)》公开征求意见](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235817&idx=1&sn=fc21c6dca1cb7fc755540bf1a276b4b8) + - [ ] [通知 | 市场监管总局就《网络交易合规数据报送管理暂行办法(征求意见稿)》公开征求意见(附全文)](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235817&idx=2&sn=06ab12bffe83179be743b7574a46733f) + - [ ] [王小洪:以更大的决心和力度 推动打击治理电信网络诈骗工作向纵深发展](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235817&idx=3&sn=a50ca75a1c03205901b7729871f25d56) + - [ ] [专家解读 | 构建以统一底座为支撑的数据流通利用设施](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235817&idx=4&sn=5076068c4750dd6b85b48aa9607d94b1) + - [ ] [通知 | 网安标委发布《网络安全标准实践指南——人脸识别支付场景个人信息安全保护要求》(附全文)](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235817&idx=5&sn=be29f8aa62961fd03e70b0971dd8282d) + - [ ] [通知 | 网安标委就《人工智能安全标准体系(V1.0)(征求意见稿)》公开征求意见(附下载)](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235817&idx=6&sn=70f1d6b8d5331b791b6625561bb8d084) + - [ ] [一图读懂 | 国家标准 GB/T 44886.1-2024《网络安全技术 网络安全产品互联互通 第1部分:框架》](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235817&idx=7&sn=d60847ac4d75129f5c475ff4f947f02b) + - [ ] [墨菲安全融合切面技术带来软件供应链安全新解法](https://mp.weixin.qq.com/s?__biz=MzU5ODgzNTExOQ==&mid=2247635813&idx=1&sn=5640a600b06ae38a11f171de3444efc6) + - [ ] [知识星球 | 2024网安报告大合集发布;全球数安法规、工网安全典型案例等资源更新](https://mp.weixin.qq.com/s?__biz=MzU5ODgzNTExOQ==&mid=2247635813&idx=2&sn=0629c6aa019db83da76bfe8bf1b7f3a9) + - [ ] [一文读懂 HTTP:Web 数据交换的基石](https://mp.weixin.qq.com/s?__biz=MzkxODc5OTg5MQ==&mid=2247484262&idx=1&sn=8881c58e7a44ccde6976fffec5b24688) + - [ ] [安全不停歇!海云安春节假期服务保障通知](https://mp.weixin.qq.com/s?__biz=MzI2MjY2NTM0MA==&mid=2247492309&idx=1&sn=3b4fae2570ee9149c849ac4fbf66e432) + - [ ] [ISC2证书:拓展您的技能,获取CPE学分,以及数字徽章](https://mp.weixin.qq.com/s?__biz=MzUzNTg4NDAyMg==&mid=2247492342&idx=1&sn=74105fe0b31c8cf47b727c8d6ab6e7e3) + - [ ] [简单的反调试技术实现](https://mp.weixin.qq.com/s?__biz=MzkzODc4NjE1OQ==&mid=2247483918&idx=1&sn=54c42da49fd35bed728491560deb1a6c) + - [ ] [星火力量丨科森云获授工业互联网标识注册服务许可证](https://mp.weixin.qq.com/s?__biz=MzU1OTUxNTI1NA==&mid=2247592220&idx=1&sn=0629157c259bc4ad53ffe1b1c1e6dc1e) + - [ ] [年度回顾 | 2024年,云起无垠稳健增长](https://mp.weixin.qq.com/s?__biz=Mzg3Mjg4NTcyNg==&mid=2247490188&idx=1&sn=db1ea3aef1e5b81176ca16742f1b0fe3) + - [ ] [《网络安全标准实践指南——人脸识别支付场景个人信息安全保护要求》发布](https://mp.weixin.qq.com/s?__biz=MjM5MzMwMDU5NQ==&mid=2649170530&idx=1&sn=eb56e7c28f15d7f726ba271e7ece33ac) + - [ ] [《人工智能安全标准体系(V1.0)》(征求意见稿)公开征求意见](https://mp.weixin.qq.com/s?__biz=MjM5MzMwMDU5NQ==&mid=2649170530&idx=2&sn=6ab0b1bf27577d10040c9a4772e327e9) + - [ ] [Spring WebFlux 授权绕过:CVE-2024-38821 详解](https://mp.weixin.qq.com/s?__biz=MzAxMjYyMzkwOA==&mid=2247527239&idx=1&sn=9121f5406d8c67b5a55ce5549891886d) + - [ ] [Andariel Attack Group使用的RIF劫持技术](https://mp.weixin.qq.com/s?__biz=MzAxMjYyMzkwOA==&mid=2247527239&idx=2&sn=7363d490c03bd1ffd6e40f947b167453) + - [ ] [黑客利用 Windows RID 劫持创建隐藏的管理员帐户](https://mp.weixin.qq.com/s?__biz=MzAxMjYyMzkwOA==&mid=2247527239&idx=3&sn=d04fb09196530f60fada44127faf8bee) + - [ ] [揭秘美国新提名国家情报总监图尔西·加巴德](https://mp.weixin.qq.com/s?__biz=MzI1OTExNDY1NQ==&mid=2651618892&idx=1&sn=a06c2c81a8b6943fd0fc827a52523cf6) + - [ ] [德国发布“2030 年技术主权研究与创新 ”计划](https://mp.weixin.qq.com/s?__biz=MzI1OTExNDY1NQ==&mid=2651618892&idx=2&sn=bc9d004e65e216d60d826a080ef8559a) + - [ ] [新技术分享——页面双生(文末福利)](https://mp.weixin.qq.com/s?__biz=MzI3OTM3OTAyNw==&mid=2247485959&idx=1&sn=6f67d3804f85e0c834d78ff6bf2b85b7) + - [ ] [120个防火墙术语大全,搞安全的可以了解一下](https://mp.weixin.qq.com/s?__biz=MzkxMzMyNzMyMA==&mid=2247570689&idx=1&sn=b710cc906a98e3d62fcb8bfad9c8fdbe) + - [ ] [2024年被通报的银行App达17款,违规/超范围收集个人信息问题突出](https://mp.weixin.qq.com/s?__biz=MzIxMDIwODM2MA==&mid=2653931477&idx=1&sn=fbe7b915ec61832d6fb46bf53fccc146) + - [ ] [2025年了,还不考虑给自己一个证书吗?(内含CISP系列证书优惠报考渠道)](https://mp.weixin.qq.com/s?__biz=MzkxNTY4NTQwMg==&mid=2247484291&idx=1&sn=29bde95e2dca3b19a0610b347f3178c3) + - [ ] [自动化压缩新姿势!教你用Ansible Archive模块高效管理文件](https://mp.weixin.qq.com/s?__biz=MjM5OTc5MjM4Nw==&mid=2457386719&idx=1&sn=57db81e4a63f769c26856d9d41432b44) + - [ ] [这是年终报告,更是斗象的十年宏图](https://mp.weixin.qq.com/s?__biz=MzU0MDI1MjUxMg==&mid=2247532639&idx=1&sn=d936ae6fee2e86aaeb9c3dae3e857b76) + - [ ] [斗象科技专属「红包封面」送达,快来领取!](https://mp.weixin.qq.com/s?__biz=MzU0MDI1MjUxMg==&mid=2247532639&idx=2&sn=f907330b308163f6f2db01cb2b2f909e) + - [ ] [【重要通知】春节福利来啦!](https://mp.weixin.qq.com/s?__biz=Mzg4NDg2NTM3NQ==&mid=2247484699&idx=1&sn=9148cb6531c19549baf07753855433f5) + - [ ] [大家不要再吹DeepSeek了,大厂不屑玩的,Hugging face多如牛毛的东西呢。](https://mp.weixin.qq.com/s?__biz=MzU4NDY3MTk2NQ==&mid=2247491046&idx=1&sn=a94d8f532ec30bf304516cee668f2cde) + - [ ] [春节期间火绒将持续为您护航](https://mp.weixin.qq.com/s?__biz=MzI3NjYzMDM1Mg==&mid=2247521917&idx=1&sn=e7a05b4ef346358b0fdb75511aab4db3) + - [ ] [诚邀渠道合作伙伴共启新征程](https://mp.weixin.qq.com/s?__biz=MzI3NjYzMDM1Mg==&mid=2247521917&idx=2&sn=742c0d32b70556b96dfa343540c46342) + - [ ] [2025网络安全人员必考的11个证书清单](https://mp.weixin.qq.com/s?__biz=Mzg4MTg0MjQ5OA==&mid=2247487874&idx=1&sn=c1698a66dae492094d2e61dfcc0d242a) + - [ ] [中国网络空间安全协会关于征集2025年拟制修订团体标准项目的通知](https://mp.weixin.qq.com/s?__biz=MzA3ODE0NDA4MA==&mid=2649401264&idx=1&sn=65f9e9b8d48797c3493e0d4e4302b11d) + - [ ] [春节假期我在岗!网络安全不打烊,中孚信息全国护航](https://mp.weixin.qq.com/s?__biz=MzAxMjE1MDY0NA==&mid=2247508822&idx=1&sn=980a02957ab1a453dc84d48ee3167555) + - [ ] [邑安科技安全团队祝您蛇年大吉!](https://mp.weixin.qq.com/s?__biz=MzUyMzczNzUyNQ==&mid=2247523220&idx=1&sn=a3bd507ae7170032f9093f5e09f3d681) + - [ ] [中国人民银行:《中国人民银行业务领域网络安全事件报告管理办法》公开征求意见](https://mp.weixin.qq.com/s?__biz=MzI5NTM4OTQ5Mg==&mid=2247634072&idx=1&sn=69a00968cfe394216ecf8cd744996f7b) + - [ ] [《网络安全标准实践指南——人脸识别支付场景个人信息安全保护要求》正式发布](https://mp.weixin.qq.com/s?__biz=MzI5NTM4OTQ5Mg==&mid=2247634072&idx=2&sn=5ee8a3225fede1acaf296efe42f8a8d6) + - [ ] [2024年我国通信业统计公报](https://mp.weixin.qq.com/s?__biz=MzI5NTM4OTQ5Mg==&mid=2247634072&idx=3&sn=79fecc58a4fae1035ff2df72ebe37fba) + - [ ] [美国前中央情报局分析师承认泄露国防信息](https://mp.weixin.qq.com/s?__biz=MzI5NTM4OTQ5Mg==&mid=2247634072&idx=4&sn=b18d5edeae882104e1ed6c06fece7d90) + - [ ] [一款好用的笔记软件-Obsidian](https://mp.weixin.qq.com/s?__biz=Mzk0Mjg4MTQxMw==&mid=2247485843&idx=1&sn=0477c6dc6378a308253374a86ec7fed2) + - [ ] [春节不打烊 | 爱加密春节保障通知](https://mp.weixin.qq.com/s?__biz=MjM5NzU4NjkyMw==&mid=2650747923&idx=1&sn=f6d6bc57958228bc3e9de651112c11d6) + - [ ] [水一篇,分析一下为什么网安现在价格逐渐降低](https://mp.weixin.qq.com/s?__biz=MzkxMTUwOTY1MA==&mid=2247490108&idx=1&sn=585516240547410007b55abdaab0523c) + - [ ] [WPS国际汉化版](https://mp.weixin.qq.com/s?__biz=MzkyOTQyOTk3Mg==&mid=2247485043&idx=1&sn=dd1561926214336ac75c0f0a094e5c1e) + - [ ] [学生=牛马](https://mp.weixin.qq.com/s?__biz=MzkyMDUzMzY1MA==&mid=2247499523&idx=1&sn=885a7333acadc606843bffe9cfc47910) + - [ ] [UDE使用教程](https://mp.weixin.qq.com/s?__biz=Mzg2NTYxOTcxMw==&mid=2247493292&idx=1&sn=8658baebe1444b03f65468cf6eb53003) + - [ ] [AUTOSAR项目实战(4)-MCU模块配置实践](https://mp.weixin.qq.com/s?__biz=Mzg2NTYxOTcxMw==&mid=2247493292&idx=2&sn=0f46ac9d9c3e9cdc5cfcf7b33dc11802) + - [ ] [江西神舟信息安全评估中心祝大家新春快乐!](https://mp.weixin.qq.com/s?__biz=MzUzNTk2NTIyNw==&mid=2247490668&idx=1&sn=cbfb448733921eaa5c169e399be8d870) + - [ ] [《Java代码审计零基础入门到项目实战》线上课程开始招生啦!五十多节课,低至499,多重福利来袭!](https://mp.weixin.qq.com/s?__biz=Mzg3MDU1MjgwNA==&mid=2247487187&idx=1&sn=a5b4e03338f048be762f36b8de56b629) + - [ ] [【吃瓜】中介真的能狠到这种程度?](https://mp.weixin.qq.com/s?__biz=MzU3MjU4MjM3MQ==&mid=2247489709&idx=1&sn=3a3fbbf54d93e98aee7977852cd8b2f2) + - [ ] [如何用 Wireshark 高效过滤 IP 地址](https://mp.weixin.qq.com/s?__biz=MzA5NTUxODA0OA==&mid=2247493136&idx=1&sn=1aa73818f07a20e1a148440f0888e6b9) + - [ ] [信息安全专业毕业三年的总结](https://mp.weixin.qq.com/s?__biz=MzU5OTU3NDEzOQ==&mid=2247492794&idx=1&sn=a7850c2ef60b49fd8e4e47e4d7151678) + - [ ] [黑客利用伪造的恶意软件构建器感染了18000个“script kiddies”](https://mp.weixin.qq.com/s?__biz=MzI0MDY1MDU4MQ==&mid=2247580992&idx=1&sn=d64510306e9db3532091d13213d4b0ef) + - [ ] [信任满满|观安信息收到中国工业互联网研究院感谢信](https://mp.weixin.qq.com/s?__biz=MzIxNDIzNTcxMg==&mid=2247506755&idx=1&sn=0b72b1a348c2865aac5d1e417963c65c) + - [ ] [ES::Portscan 超高速端口扫描器](https://mp.weixin.qq.com/s?__biz=Mzg3NzUyMTM0NA==&mid=2247487931&idx=1&sn=c656471a589fd9c5f1a469c527a9fb2b) + - [ ] [在解释型语言内部运行:进攻性 Python 编程](https://mp.weixin.qq.com/s?__biz=MzAxODM5ODQzNQ==&mid=2247486780&idx=1&sn=b3562931f45a8b072576a85f503b920a) + - [ ] [开源情报|国际动态|美军推进NGC2计划](https://mp.weixin.qq.com/s?__biz=Mzg2NTcyNjU4Nw==&mid=2247485884&idx=1&sn=8ccd9e4abf845a08af7a6494a0486132) + - [ ] [“金蛇”耀目来袭!蜚语科技(动态)红包封面U0001f9e7惊喜上线,超炫速领!](https://mp.weixin.qq.com/s?__biz=MzI5NzI5NzY1MA==&mid=2247491098&idx=1&sn=1f711bf469ddfc3b88973b84b4d78fa6) + - [ ] [思科曝9.9分关键权限提升漏洞;|知名车企漏洞:只需车牌号,就能远程监控劫持数百万辆车](https://mp.weixin.qq.com/s?__biz=MzAxMjE3ODU3MQ==&mid=2650607310&idx=1&sn=fd7cbe9d4363d477ead1d88c79cddbc6) + - [ ] [万事达卡爆出致命DNS错误配置](https://mp.weixin.qq.com/s?__biz=MzAxMjE3ODU3MQ==&mid=2650607310&idx=2&sn=f5d78211039982a7bb244623c11975f5) + - [ ] [探寻Bottle框架内存马](https://mp.weixin.qq.com/s?__biz=MzAxMjE3ODU3MQ==&mid=2650607310&idx=3&sn=8b5bb34f48ddd5f55a4253e2974d1323) + - [ ] [10个神一般的Windows一键取证神器](https://mp.weixin.qq.com/s?__biz=MzAxMjE3ODU3MQ==&mid=2650607310&idx=4&sn=c437cef9321ee7b3f502dee21be73d80) + - [ ] [携程SRC漏洞贡献值排行榜奖励揭晓](https://mp.weixin.qq.com/s?__biz=MzAwOTczODMxMw==&mid=2651017526&idx=1&sn=e452849723ece70271aac0e8c9bba31e) + - [ ] [特色专题 | 密态计算技术发展研究](https://mp.weixin.qq.com/s?__biz=MzkwMTMyMDQ3Mw==&mid=2247597665&idx=1&sn=9cf8233b83e6648293c3f0026199d53b) + - [ ] [2025春节放假通知!](https://mp.weixin.qq.com/s?__biz=MzkwMTMyMDQ3Mw==&mid=2247597665&idx=2&sn=62e92b9613bdd6576ffd24ded8d94b48) + - [ ] [智启创信变革,共谱网安华章——创信华通2025新春年会圆满落幕](https://mp.weixin.qq.com/s?__biz=MzUxNTQxMzUxMw==&mid=2247524967&idx=1&sn=99ddad0ce4e858ff9ed36863785fff4c) + - [ ] [网安项目价格:600->550->150->快tm给我五百](https://mp.weixin.qq.com/s?__biz=MzkyOTQzNjIwNw==&mid=2247491510&idx=1&sn=8e5798a963cc4b685595435d49a96d24) + - [ ] [今晚一起聊聊提升认知和最近的思考](https://mp.weixin.qq.com/s?__biz=MzIyOTAxOTYwMw==&mid=2650236955&idx=1&sn=8727f67fded4278c8abd5fd3b2476443) +- 嘶吼 RoarTalk – 网络安全行业综合服务平台,4hou.com + - [ ] [黑客利用伪造的恶意软件构建器感染了18,000个“script kiddies”](https://www.4hou.com/posts/yzAR) + - [ ] [新的 DoubleClickjacking 攻击利用双击来劫持帐户](https://www.4hou.com/posts/vwJn) - Recent Commits to cve:main - - [ ] [Update Sat Jan 25 20:23:12 UTC 2025](https://github.com/trickest/cve/commit/2fe8c0886616ef6cb2eb518d616cf2e8a8275463) - - [ ] [Update Sat Jan 25 12:20:50 UTC 2025](https://github.com/trickest/cve/commit/8a400a4ed71036fc7a505dd4115318f6a3d6ce52) - - [ ] [Update Sat Jan 25 04:28:24 UTC 2025](https://github.com/trickest/cve/commit/e50b33f96c53094e433d46411195d0a8d0241a40) -- SecWiki News - - [ ] [SecWiki News 2025-01-25 Review](http://www.sec-wiki.com/?2025-01-25) -- Hacking Dream - - [ ] [Android APK Penetration Testing Cheatsheet & Guide](https://www.hackingdream.net/2025/01/android-apk-penetration-testing-cheatsheet-guide.html) + - [ ] [Update Sun Jan 26 20:11:42 UTC 2025](https://github.com/trickest/cve/commit/f22674c92d9c9d36dc7fccc765ad1a5cd605dddd) + - [ ] [Update Sun Jan 26 12:25:12 UTC 2025](https://github.com/trickest/cve/commit/d08b1078577025607e08eeed5db925268172e62f) + - [ ] [Update Sun Jan 26 04:23:53 UTC 2025](https://github.com/trickest/cve/commit/4054876b4ba4a47e7bcfa06db4f05bdb490c72b7) +- Blogs dade + - [ ] [Weekly Retro 2025-W04](https://0xda.de/blog/2025/01/weekly-retro-2025-w04/) +- Bug Bounty in InfoSec Write-ups on Medium + - [ ] [Unlock the Full Potential of the Wayback Machine for Bug Bounty](https://infosecwriteups.com/unlock-the-full-potential-of-the-wayback-machine-for-bug-bounty-8b6f57e2637d?source=rss----7b722bfd1b8d--bug_bounty) +- hasherezade's 1001 nights + - [ ] [Process Hollowing on Windows 11 24H2](https://hshrzd.wordpress.com/2025/01/27/process-hollowing-on-windows-11-24h2/) - Twitter @bytehx - - [ ] [RT Mikhail Shcherbakov: Re @gregxsunday If you want to hear cool BB stories about how I used these gadgets, check out the #DEFCON talk https://youtu.b...](https://x.com/bytehx343/status/1883229123541454988) - - [ ] [Re @princechaddha @bryan_johnson Let me know how was it. I have been thinking about trying his protocol.](https://x.com/bytehx343/status/1883188435189703088) - - [ ] [Re @roohaa_n @Bugcrowd Congrats 🎉🎉🎉](https://x.com/bytehx343/status/1883179123394453658) - - [ ] [Hey Folks! 🚀🔥 Jsleak new version is out! If you're using #jsleak, make sure to update to the latest release, and we now support regex patterns f...](https://x.com/bytehx343/status/1883070558415589847) - - [ ] [Re @theabrahack Looks interesting. Thank you for sharing!](https://x.com/bytehx343/status/1883057186068476010) -- Hexacorn - - [ ] [Being a tool while using a tool](https://www.hexacorn.com/blog/2025/01/25/being-a-tool-while-using-a-tool/) -- Reverse Engineering - - [ ] [The invalid 68030 instruction that accidentally allowed the Mac Classic II to successfully boot up](https://www.reddit.com/r/ReverseEngineering/comments/1i9uurg/the_invalid_68030_instruction_that_accidentally/) - - [ ] [From arbitrary pointer dereference to arbitrary read/write in latest Windows 11](https://www.reddit.com/r/ReverseEngineering/comments/1i9vikr/from_arbitrary_pointer_dereference_to_arbitrary/) - - [ ] [Writing a NES emulator](https://www.reddit.com/r/ReverseEngineering/comments/1i9jont/writing_a_nes_emulator/) -- 安全牛 - - [ ] [ChatGPT又全球大面积宕机,AI助手暂时”失联”;斯巴鲁系统漏洞曝光,数百万车辆面临远程解锁并启动风险 | 牛览](https://www.aqniu.com/homenews/108166.html) - - [ ] [《智能化安全运营中心应用指南(2025年)》报告暨代表性厂商评估调研启动](https://www.aqniu.com/homenews/108165.html) -- 黑海洋 - IT技术知识库 - - [ ] [免费照片转视频 AI 生成器:PhotoToVideo](https://blog.upx8.com/4679) + - [ ] [Re @0xdef1ant Congrats 🎉🎉🎉](https://x.com/bytehx343/status/1883378858269020361) +- FreeBuf网络安全行业门户 + - [ ] [[Meachines] [Easy] Academy Laravel-RCE+TRP00F权限提升+audit服务日志权限提升+composer权限提升](https://www.freebuf.com/articles/web/420868.html) + - [ ] [Bombon 方法论:我将如何测试Web缓存漏洞](https://www.freebuf.com/articles/web/420867.html) + - [ ] [[Meachines] [Easy] Bank balance-transfer目录泄露+etcpasswd权限提升+SUID emergency权限提升](https://www.freebuf.com/articles/web/420863.html) + - [ ] [Pwn2Own Automotive2025落幕,累计成功利用49个零日漏洞](https://www.freebuf.com/news/420848.html) + - [ ] [[Meachines] [Easy] Bashed PHP Bash+Python计划任务权限提升](https://www.freebuf.com/articles/web/420843.html) + - [ ] [Meta的Llama框架漏洞使AI系统面临远程代码执行风险](https://www.freebuf.com/vuls/420864.html) + - [ ] [FreeBuf早报 | 这些“春节福利”都是诈骗陷阱;思科警告ClamAV漏洞出现PoC利用代码](https://www.freebuf.com/news/420840.html) + - [ ] [Microsoft Entra ID允许普通用户更新自己的UPN](https://www.freebuf.com/news/420832.html) - 奇客Solidot–传递最新科技情报 - - [ ] [大英博物馆遭前 IT 雇员攻击而部分关闭](https://www.solidot.org/story?sid=80424) - - [ ] [巴基斯坦议会通过法案全面控制社交媒体](https://www.solidot.org/story?sid=80423) - - [ ] [AI 犯的错误和人类不同](https://www.solidot.org/story?sid=80422) - - [ ] [数百超级富豪呼吁对其征收更高的税](https://www.solidot.org/story?sid=80421) - - [ ] [Linux 6.14 加入对微软 Copilot 按键的支持](https://www.solidot.org/story?sid=80420) -- 安全内参 - - [ ] [厚雪翻长坡,平淡不平凡:2024年网安产业发展态势剖析及2025年趋势展望](https://mp.weixin.qq.com/s?__biz=MzI4NDY2MDMwMw==&mid=2247513601&idx=1&sn=2c2baa4754e797d7e551214681e8f8c1&chksm=ebfaf121dc8d7837a7b63f349fe6d024b4c21ab2af52b9a47e85120eaef5193e6dc7a1a6fc1c&scene=58&subscene=0#rd) -- 天御攻防实验室 - - [ ] [从Pegasus到Predator:iOS商业间谍软件的演进](https://mp.weixin.qq.com/s?__biz=MzU0MzgyMzM2Nw==&mid=2247486250&idx=1&sn=daa031ff26b9773e0177492de181ba56&chksm=fb04c842cc7341547e24e5d3ef245e093b4f4fd5e1a07df102c384f7ea5aa4c1bee9213ba60f&scene=58&subscene=0#rd) + - [ ] [GLP-1RA 的益处和风险](https://www.solidot.org/story?sid=80431) + - [ ] [研究人员发现中欧电网用非加密无线信号控制](https://www.solidot.org/story?sid=80430) + - [ ] [甲骨文等正在谈判接手 TikTok 美国业务](https://www.solidot.org/story?sid=80428) + - [ ] [小鼠研究发现微塑料会堵塞大脑血液流动](https://www.solidot.org/story?sid=80427) + - [ ] [ADHD 患者有更短的预期寿命](https://www.solidot.org/story?sid=80426) + - [ ] [研究称电动汽车的寿命与燃油汽车相差无几](https://www.solidot.org/story?sid=80425) +- 威努特安全网络 + - [ ] [威努特春节假期业务保障通知](https://mp.weixin.qq.com/s?__biz=MzAwNTgyODU3NQ==&mid=2651130894&idx=1&sn=a739a4aa1a6a2ba1ed852c001b054cac&chksm=80e716beb7909fa8843b696e0efcf422e23be1815fd7fbc7f4daca4d26fd047631f3160f831e&scene=58&subscene=0#rd) + - [ ] [蛇年限定!特特祝您蛇跃新程,专属红包封面大派送](https://mp.weixin.qq.com/s?__biz=MzAwNTgyODU3NQ==&mid=2651130893&idx=1&sn=93968e179aca1422e0b570785a21350a&chksm=80e716bdb7909fabc3fa203233b7fe9dea90e57a1941fca61e177b66b0e669412cb233f32eac&scene=58&subscene=0#rd) +- 吾爱破解论坛 + - [ ] [【活动】感动吾爱2024优秀会员评选活动(总方案)](https://mp.weixin.qq.com/s?__biz=MjM5Mjc3MDM2Mw==&mid=2651141640&idx=1&sn=c7380d0293c9463bb911500de75e6466&chksm=bd50a65c8a272f4a8312beef94ff17af41e1da141c344f6e9a4f5297c2be895e52abecf53ef3&scene=58&subscene=0#rd) - 丁爸 情报分析师的工具箱 - - [ ] [【资讯】特朗普签署行政命令取消拜登人工智能政策:美国政策的“朝令夕改”](https://mp.weixin.qq.com/s?__biz=MzI2MTE0NTE3Mw==&mid=2651148689&idx=1&sn=0707627dd1c290fd861d390ad8100390&chksm=f1af26abc6d8afbd7427e0c3da7a4c6d21a3130ad8f4d9de782945434e589c4b81ab5df3776e&scene=58&subscene=0#rd) + - [ ] [【资料】数学大杀器](https://mp.weixin.qq.com/s?__biz=MzI2MTE0NTE3Mw==&mid=2651148696&idx=1&sn=898da3a09a42c00a39a6f4178656ff59&chksm=f1af26a2c6d8afb4fb5ba4db233123601088c22139ec75c8e7c53136ed50505603f230c105ae&scene=58&subscene=0#rd) +- 安全圈 + - [ ] [【安全圈】安全圈恭祝大家:新年快乐~](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067622&idx=1&sn=b905decd9f92c3687f021950a11cf89f&chksm=f36e7b66c419f2704293e2da9dd1732a0ac8785b07a9defa259a712df9c0b64a24b38e366bb1&scene=58&subscene=0#rd) + - [ ] [【安全圈】Microsoft Entra ID允许普通用户更新自己的UPN](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067622&idx=2&sn=a56656b05bfd9f42f777c577cffe85e3&chksm=f36e7b66c419f2708526e2e4cf320f327b2b10e54589e7f1f7332c0aaab95c830b6fe1e99286&scene=58&subscene=0#rd) + - [ ] [【安全圈】黑客利用Windows RID劫持技术创建隐藏管理员账户](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067622&idx=3&sn=ad95819ae6f36cb189f9da9618fff556&chksm=f36e7b66c419f270b763f53a6b467d57fb473ad42b2f070ef2b5ef85e28fe5a6a216883110c8&scene=58&subscene=0#rd) - dotNet安全矩阵 - - [ ] [.NET 第 56 期红队武器库和资源汇总](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498450&idx=1&sn=0e544713a937f0cc0f8fe5662ece86f9&chksm=fa59543fcd2edd2963e30663b8bbe96e77d53d5e2c4f7031b50fe952aba8d1f577cada65c675&scene=58&subscene=0#rd) - - [ ] [.NET 内网攻防实战电子报刊](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498450&idx=2&sn=a00f3f8ae2f091ade34fc645636c1188&chksm=fa59543fcd2edd296a6821e4424d0c5605ae82829d456ecb55237c603906088a99f4d65bb1ae&scene=58&subscene=0#rd) - - [ ] [文件痕迹清理,通过 Sharp4ModifyTime 修改任意文件时间戳](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498450&idx=3&sn=01dad887be82ec26ebc80e1de617c700&chksm=fa59543fcd2edd29d00dc462ff4f7e26830de7ead97b9becc8fa24cd995af578294d491b48ed&scene=58&subscene=0#rd) -- 吾爱破解论坛 - - [ ] [吾爱破解论坛微信红包封面(60000份)](https://mp.weixin.qq.com/s?__biz=MjM5Mjc3MDM2Mw==&mid=2651141639&idx=1&sn=7306868d4e210299a761b09dfab68bec&chksm=bd50a6538a272f45be2fde65658c162491d6a14b55e06c11bfc97ec7b9ccb3165d8cb4084ee3&scene=58&subscene=0#rd) + - [ ] [感恩回馈!dot.Net安全矩阵与 NOP Team 安全团队共庆 SoapShell 项目新突破](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498461&idx=1&sn=c89203d98fd373a5323694401d4eee08&chksm=fa595430cd2edd26502b5d69a1747efcd9ce1cb574936412319dc22ee9b8eeae7e24972e0751&scene=58&subscene=0#rd) + - [ ] [.NET 第 56 期红队武器库和资源汇总](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498461&idx=2&sn=60a67fa4d6b0ab13ce54974a473dfcab&chksm=fa595430cd2edd265f6d792bb13109ecef4975bbf86b6cbe3d23e6cefc38191e742bc24dd549&scene=58&subscene=0#rd) + - [ ] [内网痕迹清理,通过 Sharp4ModifyTime 伪造文件时间戳](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498461&idx=3&sn=2626f54c3fe728d0e72c4b26794f1458&chksm=fa595430cd2edd26a574fe2967cd3ed4ca807ba91f50806c2e0a4b1a9f6ac27d109181aadb58&scene=58&subscene=0#rd) +- 电子物证 + - [ ] [【域外个人生物识别信息保护模式考察】](https://mp.weixin.qq.com/s?__biz=MzAwNDcwMDgzMA==&mid=2651048266&idx=1&sn=8334dbe01a95b5daf8e63ee699ada254&chksm=80d086bbb7a70fade14c6a8d0dce906ad10af5799f8393fe9a43ab628cbbb1d034b401020b9a&scene=58&subscene=0#rd) + - [ ] [【侵犯公民个人信息罪审判实践中的若干问题】](https://mp.weixin.qq.com/s?__biz=MzAwNDcwMDgzMA==&mid=2651048266&idx=2&sn=1f9c690e7d098eef6acaf5815921e9b7&chksm=80d086bbb7a70fad571ce986ba0d665958fea2b1e596aa19575f34d88c816db0c9339a374a52&scene=58&subscene=0#rd) +- 火绒安全 + - [ ] [春节期间火绒将持续为您护航](https://mp.weixin.qq.com/s?__biz=MzI3NjYzMDM1Mg==&mid=2247521917&idx=1&sn=e7a05b4ef346358b0fdb75511aab4db3&chksm=eb704842dc07c154240b11635ca9b61eecbb8c5b6156e882e68f819af8d39f6377d5bc72b5af&scene=58&subscene=0#rd) + - [ ] [诚邀渠道合作伙伴共启新征程](https://mp.weixin.qq.com/s?__biz=MzI3NjYzMDM1Mg==&mid=2247521917&idx=2&sn=742c0d32b70556b96dfa343540c46342&chksm=eb704842dc07c154ffccdb4837b259ec39c35268890217c2498250f931a95febe081d7cebe18&scene=58&subscene=0#rd) - 威胁棱镜 - - [ ] [2024 年工控互联网态势](https://mp.weixin.qq.com/s?__biz=MzkyMzE5ODExNQ==&mid=2247487629&idx=1&sn=f51d253054a3fe4b1f53af328973c7d9&chksm=c1e9e741f69e6e57778dac4aa1429e2857f7d211469e5f5239be9ab8b07cd327bfa6217e1bd2&scene=58&subscene=0#rd) -- 看雪学苑 - - [ ] [DEC/RPC协议与Windows服务创建浅析(银狐原始进程隐匿方式之一)](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458589259&idx=1&sn=2076280e4c58e4cd0d718047946ebe83&chksm=b18c28c186fba1d72857bb2f9ecd1cf60756243ffde6306a22d046402d7ef801dfff28547af8&scene=58&subscene=0#rd) - - [ ] [别错过!“系统0day安全”课程,带你精通漏洞挖掘技巧](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458589259&idx=2&sn=4356dec55931f1257ae44561ca3f0d3e&chksm=b18c28c186fba1d7bf12649f11f2f5078f554a99f2e3c5db93d10a68151651e9d90c81e7753d&scene=58&subscene=0#rd) -- 安全圈 - - [ ] [【安全圈】2000余名网红遭信息“开盒” 嫌疑人获利几十万元](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067606&idx=1&sn=06c7d132a1649380a5b7629742f5d3f7&chksm=f36e7b56c419f240368726c211c69ba2369aa718ee5183ec43c60390b8e84702917b3a31a610&scene=58&subscene=0#rd) - - [ ] [【安全圈】微软 Win10 / Win11 新威胁:RID 劫持可提权至管理员控制你的 PC](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067606&idx=2&sn=efa053f9e1755bb17193b5a5868fb8ce&chksm=f36e7b56c419f24014b67943f6766ea3ab7b908882f20b4e0af01106172c63290014f9c24682&scene=58&subscene=0#rd) - - [ ] [【安全圈】新的 Cleo 零日 RCE 漏洞在数据盗窃攻击中被利用](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067606&idx=3&sn=6473d53d9a207bfac9888ca3a543bbf8&chksm=f36e7b56c419f2407633ba9229c8cb14a4e4458baf67e78d79310f03423449e922b703042bec&scene=58&subscene=0#rd) - - [ ] [【安全圈】新的 UEFI 安全启动漏洞使系统暴露于 bootkit](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067606&idx=4&sn=e8ae1a9dfb9fb649575b0d8a5414a82d&chksm=f36e7b56c419f24087b4c41685f0be88aab339021ceb93dffd537c9df34d2812ec3232317caa&scene=58&subscene=0#rd) -- 情报分析师 - - [ ] [事关Stargate项目,说点你不知道的内幕!](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650559242&idx=1&sn=65609027c9fddad943535044bcb06811&chksm=87117d41b066f4575f3b8fc3d3971f7eef784642475a4d33595a6dde9f13f7df0b0f8eda197d&scene=58&subscene=0#rd) - - [ ] [“懂王”重出江湖:前100日计划剖析(2万字资料附下载)](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650559242&idx=2&sn=812122521348cdc4a1414ee0000a67b8&chksm=87117d41b066f45792e59919c059261ad0157fb18bbb2f1dcbd0685ff898acd35c6c3bce395a&scene=58&subscene=0#rd) -- 极客公园 - - [ ] [智能泊车事故公开,小米汽车召回 3 万台 SU7;字节 2026 年停发春节红包;《权游》作者发表物理学论文 | 极客早知道](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653072822&idx=1&sn=7c6ca6a38c34759561d422054250e57c&chksm=7e57d00049205916e8025fe1d9be04063c7ebe7460a277127ae61e7b3bc947b7c86c8213b39b&scene=58&subscene=0#rd) -- 谛听ditecting - - [ ] [谛听|“谛听”团队参加2021年国家重点研发计划“智能网联场景工业控制系统深度防御与安全处置技术”项目 课题综合绩效评价会议](https://mp.weixin.qq.com/s?__biz=MzU3MzQyOTU0Nw==&mid=2247492392&idx=1&sn=4457e5fc8b2fcca5ba76cd80c2dc9145&chksm=fcc3616ccbb4e87a6a1a1e47120e8d944a7ec9e8fc569022e103b6ea15590c421f76df8c4efe&scene=58&subscene=0#rd) -- 字节跳动技术团队 - - [ ] [揭秘字节跳动内部流量调度与容灾实践【上】](https://mp.weixin.qq.com/s?__biz=MzI1MzYzMjE0MQ==&mid=2247512958&idx=1&sn=82401f525cc5fdd2b7eb9cf210f60c24&chksm=e9d3789cdea4f18a5d9a1aa5141e78c28fbccd9c7a52068f7bf17d53a3d814b9c86346822bc4&scene=58&subscene=0#rd) + - [ ] [2024 年云威胁报告](https://mp.weixin.qq.com/s?__biz=MzkyMzE5ODExNQ==&mid=2247487641&idx=1&sn=a8898a47e93d5fab2dcffdfc8e8f4d37&chksm=c1e9e755f69e6e439ce0173ca28cc38881d507533e17d3e4e34bdf6bf25b87d406b04f9ea080&scene=58&subscene=0#rd) +- 慢雾科技 + - [ ] [喜迎七周年|守正出奇,安全出彩](https://mp.weixin.qq.com/s?__biz=MzU4ODQ3NTM2OA==&mid=2247501022&idx=1&sn=9b1b6cacc81fcfd8cbe9cc1b220e1832&chksm=fddeba59caa9334f36aab17997af5899a4932950b03dd231b9d922dd6d8c0944f18b1e8729c3&scene=58&subscene=0#rd) - 网安国际 - - [ ] [【InForSec 2025年会青年学者论坛回顾】冀晓宇:从传感器安全到“传感器 +X”安全](https://mp.weixin.qq.com/s?__biz=MzA4ODYzMjU0NQ==&mid=2652317459&idx=1&sn=4c4bfe832913a3872ec09ee631b9274b&chksm=8bc4ba9dbcb3338b2ba37bf54bb919e54ede95f3031151621def31622b349399445cd80439ba&scene=58&subscene=0#rd) - - [ ] [【InForSec 2025年会青年学者论坛回顾】白家驹:操作系统的自动化缺陷检测](https://mp.weixin.qq.com/s?__biz=MzA4ODYzMjU0NQ==&mid=2652317459&idx=2&sn=d42e0048046537509a0b9169907c9801&chksm=8bc4ba9dbcb3338bb5fe7bf9d6330213b86264fd3eb919b2106dc45e7b8604701d521d420b2c&scene=58&subscene=0#rd) - - [ ] [【InForSec 2025年会青年学者论坛回顾】闫琛:传感器电磁安全与隐私问题研究](https://mp.weixin.qq.com/s?__biz=MzA4ODYzMjU0NQ==&mid=2652317459&idx=3&sn=619b1c123e6a6165f24ed57ff9fd391a&chksm=8bc4ba9dbcb3338be3560720a31ce43398b3a8d91b3ec3a5799d4b4bb554133d8311c80ece9b&scene=58&subscene=0#rd) - - [ ] [【InForSec 2025年会青年学者论坛回顾】刁文瑞:移动生态安全探索:从系统漏洞到大规模测量](https://mp.weixin.qq.com/s?__biz=MzA4ODYzMjU0NQ==&mid=2652317459&idx=4&sn=0d016310221e528e230f05da6f3b14de&chksm=8bc4ba9dbcb3338bf92e55b964a1f76fb01b91c88ad08ce7333778b972524fd5800ec0f17f97&scene=58&subscene=0#rd) - - [ ] [【InForSec 2025年会青年学者论坛回顾】南雨宏:程序分析视角下的敏感数据管控:从移动应用到智能合约](https://mp.weixin.qq.com/s?__biz=MzA4ODYzMjU0NQ==&mid=2652317459&idx=5&sn=c5a7798acca47b172a583897d568c7ef&chksm=8bc4ba9dbcb3338b4d1e431047955603c86d16b56379b9128a3bd4e7e51ffa80abd0a2267c1a&scene=58&subscene=0#rd) - - [ ] [【InForSec 2025年会青年学者论坛回顾】范铭:移动应用个人信息保护场景下的合规验证探索与思考](https://mp.weixin.qq.com/s?__biz=MzA4ODYzMjU0NQ==&mid=2652317459&idx=6&sn=7be8c4556e1d37b0d94079969cbb7958&chksm=8bc4ba9dbcb3338b183ae58f4c267e03ed34bc27f99c79eed93410d6912f0ba4263a1ff60705&scene=58&subscene=0#rd) - - [ ] [【InForSec 2025年会青年学者论坛回顾】申文博:从AI框架到xPU硬件:智能系统安全研究](https://mp.weixin.qq.com/s?__biz=MzA4ODYzMjU0NQ==&mid=2652317459&idx=7&sn=044afe640aa525a285b3dcc87f2a146d&chksm=8bc4ba9dbcb3338bf773348e0df5e157b01dbc90732f0b032ca10812f22f1e407bcc1daf7d01&scene=58&subscene=0#rd) -- 迪哥讲事 - - [ ] [记一次细得不行的账户权限提升](https://mp.weixin.qq.com/s?__biz=MzIzMTIzNTM0MA==&mid=2247496946&idx=1&sn=fd344274014da8f4d5f0705d21c1080a&chksm=e8a5fe91dfd2778741884d78e29eb70766ca43d4b3f53f3f268483de8e8639bd61ed87b93e03&scene=58&subscene=0#rd) + - [ ] [【InForSec 2025年会顶会论文回顾】陈熠豪: 语义驱动的互联网路由异常检测系统](https://mp.weixin.qq.com/s?__biz=MzA4ODYzMjU0NQ==&mid=2652317461&idx=1&sn=777cc0e34a153ddeb9a61aeeb97cb500&chksm=8bc4ba9bbcb3338d0e6d08f4448934f0ea1f378886cef1f7bbb083452f4197a84e9b5673bbd8&scene=58&subscene=0#rd) + - [ ] [【InForSec 2025年会顶会论文回顾】张允义:权威服务之殇:你的权威服务器配置真的安全么?](https://mp.weixin.qq.com/s?__biz=MzA4ODYzMjU0NQ==&mid=2652317461&idx=2&sn=54da24564ffa3c07f1e7add2df9eb838&chksm=8bc4ba9bbcb3338d35bcb7d908867c9c8c15fd285e4b56fa6f28b69429bf1ccb45557acdfa39&scene=58&subscene=0#rd) + - [ ] [【InForSec 2025年会顶会论文回顾】刘超:面向安全的无线感知技术](https://mp.weixin.qq.com/s?__biz=MzA4ODYzMjU0NQ==&mid=2652317461&idx=3&sn=f3f0dbe8a32fb4a3eb373ef17242552f&chksm=8bc4ba9bbcb3338d5b8f49b10b3fb3b5368b7f82ef18529e5924ccf52dd64b8d1c96657c6f35&scene=58&subscene=0#rd) + - [ ] [【InForSec 2025年会顶会论文回顾】林云: 基于参照的钓鱼欺诈检测技术的自动化知识赋能](https://mp.weixin.qq.com/s?__biz=MzA4ODYzMjU0NQ==&mid=2652317461&idx=4&sn=1eb9c732f3567dab37b7614d41b959ef&chksm=8bc4ba9bbcb3338dec2da9d7a1ab5e37aa5af271e4b69a949d6a87d521b4a5e856e7269e02c3&scene=58&subscene=0#rd) + - [ ] [【InForSec 2025年会顶会论文回顾】刘沛宇:探究 ChatGPT 在漏洞管理任务中的能力](https://mp.weixin.qq.com/s?__biz=MzA4ODYzMjU0NQ==&mid=2652317461&idx=5&sn=7becd6dc617d0acb19f79e2562a68616&chksm=8bc4ba9bbcb3338d471b5f27bb2983f32ebb8b14c928d3ddbf68b363b2b7a2700e9ca475d8bc&scene=58&subscene=0#rd) +- 安全牛 + - [ ] [看不见的AI安全威胁,揭秘隐形提示注入风险](https://mp.weixin.qq.com/s?__biz=MjM5Njc3NjM4MA==&mid=2651134990&idx=1&sn=701c1c672e4859e10d8a989e92cfb9b5&chksm=bd15acdd8a6225cb5ec58575e05024b4512f90cf414c4929ea5550ca0ce63abe76610f3c4bcb&scene=58&subscene=0#rd) + - [ ] [航空防务公司Stark被曝遭遇勒索攻击,4TB机密数据疑被窃取;华硕意外泄露AMD处理器漏洞,补丁被提前公开 | 牛览](https://mp.weixin.qq.com/s?__biz=MjM5Njc3NjM4MA==&mid=2651134990&idx=2&sn=58403bc9b1f187d4eeb8a0040555e426&chksm=bd15acdd8a6225cb148a4aac712178ac0f5b93c6a31929a25b66f04ad2541cae3e31269ab937&scene=58&subscene=0#rd) +- 嘶吼专业版 + - [ ] [黑客利用伪造的恶意软件构建器感染了18000个“script kiddies”](https://mp.weixin.qq.com/s?__biz=MzI0MDY1MDU4MQ==&mid=2247580992&idx=1&sn=d64510306e9db3532091d13213d4b0ef&chksm=e9146d7ade63e46c7077b4b663c858f41dc3369b4ed1d4dadd5718249441857a6a2dbd2bc693&scene=58&subscene=0#rd) +- 极客公园 + - [ ] [AI 2025 的硅谷答案:60 条关键洞察](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653072853&idx=1&sn=264541a441694d5b98b8c1fd4c2e741c&chksm=7e57d063492059755041e560b50e916fa65df25e081a78c7cf689a694849dbbbf5147f212ab2&scene=58&subscene=0#rd) + - [ ] [雷军龙年压轴直播被平台封禁;阅文短剧上线 7 天流水超 5000 万;苹 CEO 库克客串美剧《人生切割术》曝光 | 极客早知道](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653072840&idx=1&sn=1d72852808d7e99c644154b8b17f3396&chksm=7e57d07e492059689f222cd36fafa7a4b981548e2406a4907f7649f29414d437aba543b35147&scene=58&subscene=0#rd) +- 吴鲁加 + - [ ] [喜欢,简单,长期](https://mp.weixin.qq.com/s?__biz=Mzg5NDY4ODM1MA==&mid=2247485159&idx=1&sn=f380bfe92c8a34de1efd46f61388b182&chksm=c01a8bd6f76d02c0279595a65a06ccf64607ece8164156c06c9f84a8931e3c69827cc002ef19&scene=58&subscene=0#rd) +- 中国信息安全 + - [ ] [通知 | 《中国人民银行业务领域网络安全事件报告管理办法(征求意见稿)》公开征求意见](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235817&idx=1&sn=fc21c6dca1cb7fc755540bf1a276b4b8&chksm=8b5801d0bc2f88c64b2b33a32ff1a4843f115dc87b187875b035e581478bac28fa6bbd2edce9&scene=58&subscene=0#rd) + - [ ] [通知 | 市场监管总局就《网络交易合规数据报送管理暂行办法(征求意见稿)》公开征求意见(附全文)](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235817&idx=2&sn=06ab12bffe83179be743b7574a46733f&chksm=8b5801d0bc2f88c60c136de3cf22a57e9bf3c67399afa6460b98658f345884af8af9f9530e65&scene=58&subscene=0#rd) + - [ ] [王小洪:以更大的决心和力度 推动打击治理电信网络诈骗工作向纵深发展](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235817&idx=3&sn=a50ca75a1c03205901b7729871f25d56&chksm=8b5801d0bc2f88c61f7af6b54d6e354c22a2a5efd4fde9f1e076a1e06c36c2d5c59c916711ad&scene=58&subscene=0#rd) + - [ ] [专家解读 | 构建以统一底座为支撑的数据流通利用设施](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235817&idx=4&sn=5076068c4750dd6b85b48aa9607d94b1&chksm=8b5801d0bc2f88c6579c93f85b9547010ec4fef616426845f7307a2f90ba0776caf33093fc32&scene=58&subscene=0#rd) + - [ ] [通知 | 网安标委发布《网络安全标准实践指南——人脸识别支付场景个人信息安全保护要求》(附全文)](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235817&idx=5&sn=be29f8aa62961fd03e70b0971dd8282d&chksm=8b5801d0bc2f88c6f066bb15865a68ae0fcd446f4e1d5e2d09e8e7280ec917f3de8e84e77638&scene=58&subscene=0#rd) + - [ ] [通知 | 网安标委就《人工智能安全标准体系(V1.0)(征求意见稿)》公开征求意见(附下载)](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235817&idx=6&sn=70f1d6b8d5331b791b6625561bb8d084&chksm=8b5801d0bc2f88c6f5531c9b3013de16ecdbd285242b3a7d9b224e56752ab1c7ef4b1bd671f8&scene=58&subscene=0#rd) + - [ ] [一图读懂 | 国家标准 GB/T 44886.1-2024《网络安全技术 网络安全产品互联互通 第1部分:框架》](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235817&idx=7&sn=d60847ac4d75129f5c475ff4f947f02b&chksm=8b5801d0bc2f88c64b2abdb1d1f4dcf8620e389597584c19fc47849b0b65a88f77183078abde&scene=58&subscene=0#rd) +- 白帽子章华鹏 + - [ ] [今晚一起聊聊提升认知和最近的思考](https://mp.weixin.qq.com/s?__biz=MzIyOTAxOTYwMw==&mid=2650236955&idx=1&sn=8727f67fded4278c8abd5fd3b2476443&chksm=f04ad2a7c73d5bb1a4a24843828005600ab641a02488e6c7920e86b55341f92ee103dbfade7e&scene=58&subscene=0#rd) +- IT Service Management News + - [ ] [Aggiornamento legislativo 2025](http://blog.cesaregallotti.it/2025/01/aggiornamento-legislativo-2025.html) +- 希潭实验室 + - [ ] [第115篇:俄乌网络战之二,乌克兰第2次大停电事件复盘](https://mp.weixin.qq.com/s?__biz=MzkzMjI1NjI3Ng==&mid=2247487377&idx=1&sn=f529c0ec1eb1c2822155f2a03f0c7fbd&chksm=c25fc0eaf52849fc0d9633208b5bad2676a3b64410c0fe687f919721bb83b607980f9a97c200&scene=58&subscene=0#rd) - Over Security - Cybersecurity news aggregator - - [ ] [TalkTalk investigates breach after data for sale on hacking forum](https://www.bleepingcomputer.com/news/security/talktalk-investigates-breach-after-data-for-sale-on-hacking-forum/) - - [ ] [January 2025 Zero-Day Threat Intelligence](https://pixmsecurity.com/blog/blog/january-2025-zero-day-threat-intelligence/) - - [ ] [PayPal to pay $2 million settlement over 2022 data breach](https://www.bleepingcomputer.com/news/security/paypal-to-pay-2-million-settlement-over-2022-data-breach/) - - [ ] [Cyber diplomacy funding halted as US issues broad freeze on foreign aid](https://therecord.media/cyber-diplomacy-funding-halted-freeze-on-foreign-aid) - - [ ] [Come utilizzo Patreon](https://roccosicilia.com/2025/01/25/come-utilizzo-patreon/) - - [ ] [Guerre di Rete - Ulbricht, come si è arrivati alla liberazione del fondatore di Silk Road](https://guerredirete.substack.com/p/guerre-di-rete-ulbricht-come-si-e) - - [ ] [UnitedHealth updates number of data breach victims to 190 million](https://therecord.media/unitedhealth-updates-change-healthcare-data-breach-190-million) -- TorrentFreak - - [ ] [Manga Publishers Maintain Pressure Despite Pirate Countermeasures](https://torrentfreak.com/manga-publishers-maintain-pressure-despite-pirate-countermeasures-250125/) + - [ ] [Ransomware gang uses SSH tunnels for stealthy VMware ESXi access](https://www.bleepingcomputer.com/news/security/ransomware-gang-uses-ssh-tunnels-for-stealthy-vmware-esxi-access/) + - [ ] [UnitedHealth now says 190 million impacted by 2024 data breach](https://www.bleepingcomputer.com/news/security/unitedhealth-now-says-190-million-impacted-by-2024-data-breach/) +- 迪哥讲事 + - [ ] [实战中的WebService利⽤⽅法](https://mp.weixin.qq.com/s?__biz=MzIzMTIzNTM0MA==&mid=2247496952&idx=1&sn=fdb338f5ff8cf421424cfcc5c01bfbb7&chksm=e8a5fe9bdfd2778d4c2584e6f5e6b3ce81120dca35669befee62af7d00ae7ada9b06c0dc02fe&scene=58&subscene=0#rd) - 洞源实验室 - - [ ] [网络安全的红利还能吃几年?](https://mp.weixin.qq.com/s?__biz=Mzg4Nzk3MTg3MA==&mid=2247487709&idx=1&sn=cbd8920e80714a50eed133a0b2ee35d3&chksm=cf8319acf8f490badfb3044c077c80d304fb30e2a194e21a3e35d10d71716ab36c5fef0593f7&scene=58&subscene=0#rd) -- The Register - Security - - [ ] [Someone is slipping a hidden backdoor into Juniper routers across the globe, activated by a magic packet](https://go.theregister.com/feed/www.theregister.com/2025/01/25/mysterious_backdoor_juniper_routers/) - - [ ] [UK telco TalkTalk confirms probe into alleged data grab underway](https://go.theregister.com/feed/www.theregister.com/2025/01/25/uk_telco_talktalk_confirms_investigation/) -- Troy Hunt's Blog - - [ ] [Weekly Update 436](https://www.troyhunt.com/weekly-update-436/) + - [ ] [安全产品应该如何有效落地?](https://mp.weixin.qq.com/s?__biz=Mzg4Nzk3MTg3MA==&mid=2247487714&idx=1&sn=7dd60003f789bb02de5697f066178557&chksm=cf831993f8f49085ac4f83bcdee9d23f74fbdb0297c9e38cf9fdc4b9788ecaac632088714056&scene=58&subscene=0#rd) +- Computer Forensics + - [ ] [SOPs -standard operating procedures in DFIR?](https://www.reddit.com/r/computerforensics/comments/1iap5m1/sops_standard_operating_procedures_in_dfir/) + - [ ] [Advice for Someone Interested in Digital Forensics](https://www.reddit.com/r/computerforensics/comments/1ia9pmk/advice_for_someone_interested_in_digital_forensics/) + - [ ] [DF on the side as a LEO](https://www.reddit.com/r/computerforensics/comments/1ia5vc7/df_on_the_side_as_a_leo/) +- TorrentFreak + - [ ] [Appeals Court Affirms U.S. Navy Should Pay $154k in Piracy Damages, not $155m](https://torrentfreak.com/appeals-court-affirms-that-u-s-navy-should-pay-154k-in-piracy-damages-not-155m-250126/) - Security Affairs - - [ ] [Subaru Starlink flaw allowed experts to remotely hack cars](https://securityaffairs.com/173434/security/subaru-starlink-vulnerability-remote-attacks.html) - - [ ] [Participants in the Pwn2Own Automotive 2025 earned $886,250](https://securityaffairs.com/173426/breaking-news/pwn2own-automotive-2025-final-results.html) + - [ ] [Change Healthcare data breach exposed the private data of over half the U.S.](https://securityaffairs.com/173467/data-breach/change-healthcare-data-breach-190m-people.html) + - [ ] [SECURITY AFFAIRS MALWARE NEWSLETTER – ROUND 30](https://securityaffairs.com/173461/malware/security-affairs-malware-newsletter-round-30.html) + - [ ] [Security Affairs newsletter Round 508 by Pierluigi Paganini – INTERNATIONAL EDITION](https://securityaffairs.com/173454/breaking-news/security-affairs-newsletter-round-508-by-pierluigi-paganini-international-edition.html) + - [ ] [Cisco warns of a ClamAV bug with PoC exploit](https://securityaffairs.com/173446/uncategorized/cisco-fixed-clamav-dos-flaw.html) +- Hacking Exposed Computer Forensics Blog + - [ ] [Daily Blog #729: Solution Saturday 1/25/25](https://www.hecfblog.com/2025/01/daily-bloh-729-solution-saturday-12525.html) +- Technical Information Security Content & Discussion + - [ ] [Clone2Leak: Your Git Credentials Belong To Us](https://www.reddit.com/r/netsec/comments/1iagp0v/clone2leak_your_git_credentials_belong_to_us/) + - [ ] [WorstFit: Unveiling Hidden Transformers in Windows ANSI](https://www.reddit.com/r/netsec/comments/1iarjw6/worstfit_unveiling_hidden_transformers_in_windows/) +- Information Security + - [ ] [Question regarding wireless interefence](https://www.reddit.com/r/Information_Security/comments/1iakb4j/question_regarding_wireless_interefence/) + - [ ] [Do you know of somebody who got hacked for using an older/unsupported phone?](https://www.reddit.com/r/Information_Security/comments/1iasbmc/do_you_know_of_somebody_who_got_hacked_for_using/) +- Jack Hacks + - [ ] [So You Want To Work in Cyber Security?](https://jhalon.github.io/breaking-into-cyber-security/) - Your Open Hacker Community - - [ ] [Recommendation for video where someone does a beginner level box/ctf blind?](https://www.reddit.com/r/HowToHack/comments/1i9t80h/recommendation_for_video_where_someone_does_a/) - - [ ] [What's the most interesting exploit you've ever read about or seen?](https://www.reddit.com/r/HowToHack/comments/1i9zodo/whats_the_most_interesting_exploit_youve_ever/) - - [ ] [Some good python book for hacking?](https://www.reddit.com/r/HowToHack/comments/1i9g9l4/some_good_python_book_for_hacking/) - - [ ] [Nice book to learn how find 0day vuln in systems](https://www.reddit.com/r/HowToHack/comments/1i9xyel/nice_book_to_learn_how_find_0day_vuln_in_systems/) - - [ ] [I need help asap.](https://www.reddit.com/r/HowToHack/comments/1ia01zc/i_need_help_asap/) - - [ ] [Need help with HashCat and salted hashes](https://www.reddit.com/r/HowToHack/comments/1i9hk2y/need_help_with_hashcat_and_salted_hashes/) - - [ ] [How to extract readable data from .y3k files?](https://www.reddit.com/r/HowToHack/comments/1i9ge7v/how_to_extract_readable_data_from_y3k_files/) - - [ ] [How to overcome angular framework?](https://www.reddit.com/r/HowToHack/comments/1i9g6w5/how_to_overcome_angular_framework/) - - [ ] [Should I use TryHackMe to learn](https://www.reddit.com/r/HowToHack/comments/1i9a783/should_i_use_tryhackme_to_learn/) - - [ ] [How to handle ngrok dynamic tcp tunnels for android/meterpreter/reverse_tcp apk ?](https://www.reddit.com/r/HowToHack/comments/1i9dr3s/how_to_handle_ngrok_dynamic_tcp_tunnels_for/) - - [ ] [I dont trust at all my gf](https://www.reddit.com/r/HowToHack/comments/1i9os7f/i_dont_trust_at_all_my_gf/) - - [ ] [Need basic knowledge](https://www.reddit.com/r/HowToHack/comments/1i9fbje/need_basic_knowledge/) -- Computer Forensics - - [ ] [Digital ForensicsQuestions](https://www.reddit.com/r/computerforensics/comments/1i9icjv/digital_forensicsquestions/) - - [ ] [Cyber Forensics / Investigation](https://www.reddit.com/r/computerforensics/comments/1i9dljz/cyber_forensics_investigation/) + - [ ] [good hacking movies/series like mr robot?](https://www.reddit.com/r/HowToHack/comments/1iahrnk/good_hacking_moviesseries_like_mr_robot/) + - [ ] [Huge collection of hacking related learning material and books for free.(Found it on darkweb ,looks legit)](https://www.reddit.com/r/HowToHack/comments/1ias0x4/huge_collection_of_hacking_related_learning/) + - [ ] [Best place to find mentees?](https://www.reddit.com/r/HowToHack/comments/1iadjac/best_place_to_find_mentees/) + - [ ] [how can I get maltego to add data sources when it was offline activated?](https://www.reddit.com/r/HowToHack/comments/1iat8pa/how_can_i_get_maltego_to_add_data_sources_when_it/) + - [ ] [I need help with a generator bot](https://www.reddit.com/r/HowToHack/comments/1iaseq6/i_need_help_with_a_generator_bot/) + - [ ] [What are some good cybersecurity project ideas?](https://www.reddit.com/r/HowToHack/comments/1iar1c2/what_are_some_good_cybersecurity_project_ideas/) + - [ ] [Can someone somehow see what other people are typing on a whatsapp group or private chat?](https://www.reddit.com/r/HowToHack/comments/1iaqkds/can_someone_somehow_see_what_other_people_are/) + - [ ] [Restore exe file code written in Python.](https://www.reddit.com/r/HowToHack/comments/1iaje21/restore_exe_file_code_written_in_python/) + - [ ] [Passware password recovery](https://www.reddit.com/r/HowToHack/comments/1ia4c8z/passware_password_recovery/) + - [ ] [I got a roblox account user and password i want change email](https://www.reddit.com/r/HowToHack/comments/1iarpig/i_got_a_roblox_account_user_and_password_i_want/) + - [ ] [Help with arduino bad usb I’m making](https://www.reddit.com/r/HowToHack/comments/1ia6d1w/help_with_arduino_bad_usb_im_making/) + - [ ] [how do people inject a certain code to a device using a usb?](https://www.reddit.com/r/HowToHack/comments/1ia3sls/how_do_people_inject_a_certain_code_to_a_device/) + - [ ] [Im genuinely curious, how do people hack](https://www.reddit.com/r/HowToHack/comments/1ia3j94/im_genuinely_curious_how_do_people_hack/) - Social Engineering - - [ ] [Learn more about someone before doing business](https://www.reddit.com/r/SocialEngineering/comments/1i9j9i5/learn_more_about_someone_before_doing_business/) -- Deeplinks - - [ ] [EFF to Michigan Supreme Court: Cell Phone Search Warrants Must Strictly Follow The Fourth Amendment’s Particularity and Probable Cause Requirements](https://www.eff.org/deeplinks/2025/01/eff-michigan-supreme-court-cell-phone-search-warrants-must-strictly-follow-fourth) -- Hacking Exposed Computer Forensics Blog - - [ ] [Daily Blog #728: Test Kitchen with Cursor](https://www.hecfblog.com/2025/01/daily-blog-728-test-kitchen-with-cursor.html) -- 网安寻路人 - - [ ] [日本《人工智能业务指南》全文翻译](https://mp.weixin.qq.com/s?__biz=MzIxODM0NDU4MQ==&mid=2247506124&idx=1&sn=a0d99658c9689597ec9d1e77f02a0b48&chksm=97e96526a09eec30af4b40c753f3202737f20aee9db771f6a3b490a2e7655945b7efc6cec77f&scene=58&subscene=0#rd) + - [ ] [Social constructs](https://www.reddit.com/r/SocialEngineering/comments/1ianqbu/social_constructs/) +- The Hacker News + - [ ] [Meta's Llama Framework Flaw Exposes AI Systems to Remote Code Execution Risks](https://thehackernews.com/2025/01/metas-llama-framework-flaw-exposes-ai.html) From c13d21112645b27826bacf86eca827c88bf9a2e6 Mon Sep 17 00:00:00 2001 From: chainreactorbot Date: Tue, 28 Jan 2025 02:44:52 +0000 Subject: [PATCH 21/29] =?UTF-8?q?=E6=AF=8F=E6=97=A5=E5=AE=89=E5=85=A8?= =?UTF-8?q?=E8=B5=84=E8=AE=AF=EF=BC=882025-01-28=EF=BC=89?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- archive/daily/2025/2025-01-28.md | 346 +++++++++++++++++ archive/tmp/2025-01-28.json | 411 +++++++++++++++++++++ today.md | 615 +++++++++++++++++-------------- 3 files changed, 1086 insertions(+), 286 deletions(-) create mode 100644 archive/daily/2025/2025-01-28.md create mode 100644 archive/tmp/2025-01-28.json diff --git a/archive/daily/2025/2025-01-28.md b/archive/daily/2025/2025-01-28.md new file mode 100644 index 0000000000..adb2298743 --- /dev/null +++ b/archive/daily/2025/2025-01-28.md @@ -0,0 +1,346 @@ +# 每日安全资讯(2025-01-28) + +- SecWiki News + - [ ] [SecWiki News 2025-01-27 Review](http://www.sec-wiki.com/?2025-01-27) +- Hacking Articles + - [ ] [Diamond Ticket Attack: Abusing kerberos Trust](https://www.hackingarticles.in/diamond-ticket-attack-abusing-kerberos-trust/) +- Tenable Blog + - [ ] [How To Clean Up Your Cloud Environment Using Tenable Cloud Security](https://www.tenable.com/blog/how-to-clean-up-your-cloud-environment-using-tenable-cloud-security) +- Security Boulevard + - [ ] [U.S. Shuts Down Another N. Korean IT Worker Scam, Indicting 5](https://securityboulevard.com/2025/01/u-s-shuts-down-another-n-korean-it-worker-scam-indicting-5/) + - [ ] [BTS #44 – Network Appliances: A Growing Concern](https://securityboulevard.com/2025/01/bts-44-network-appliances-a-growing-concern/) + - [ ] [DEF CON 32 – Simulating Attacks Against Hydroelectric Power Plants](https://securityboulevard.com/2025/01/def-con-32-simulating-attacks-against-hydroelectric-power-plants/) + - [ ] [Hackers Use Malicious PDFs, pose as USPS in Mobile Phishing Scam](https://securityboulevard.com/2025/01/hackers-use-malicious-pdfs-pose-as-usps-in-mobile-phishing-scam/) + - [ ] [How to Prepare for EU AI Act Compliance by February 2nd](https://securityboulevard.com/2025/01/how-to-prepare-for-eu-ai-act-compliance-by-february-2nd/) + - [ ] [Why The Rise of AI Agents Demands a New Approach to Fraud Prevention](https://securityboulevard.com/2025/01/why-the-rise-of-ai-agents-demands-a-new-approach-to-fraud-prevention/) + - [ ] [Randall Munroe’s XKCD ‘T. Rex Evolution’](https://securityboulevard.com/2025/01/randall-munroes-xkcd-t-rex-evolution/) + - [ ] [News alert: INE Security announces new initiative to help companies accelerate CMMC 2.0 compliance](https://securityboulevard.com/2025/01/news-alert-ine-security-announces-new-initiative-to-help-companies-accelerate-cmmc-2-0-compliance/) + - [ ] [Finding the Right Partner for PCI DSS 4.0.1 Compliance: Requirements 6.4.3 and 11.6.1](https://securityboulevard.com/2025/01/finding-the-right-partner-for-pci-dss-4-0-1-compliance-requirements-6-4-3-and-11-6-1/) + - [ ] [DEF CON 32 – 3DU Homo ex Machina](https://securityboulevard.com/2025/01/def-con-32-3du-homo-ex-machina/) +- Doonsec's feed + - [ ] [浏览器扩展程序:供应链攻击新风险](https://mp.weixin.qq.com/s?__biz=Mzk0NDcyMjU2OQ==&mid=2247484550&idx=1&sn=c02bc9dd56662cdb263f88d6cb3972f6) + - [ ] [快过年了,陪家人重温经典故事 《水浒传》中林冲角色](https://mp.weixin.qq.com/s?__biz=MzU4NDY3MTk2NQ==&mid=2247491051&idx=1&sn=ecb10b17fd7bb1929d83f9fc91d15868) + - [ ] [面试官:什么是终端复用技术(tmux)?](https://mp.weixin.qq.com/s?__biz=MzU2MTc4NTEyNw==&mid=2247486447&idx=1&sn=5b98b68ea23131f812c676e1e28a865c) + - [ ] [精通爬虫技术:从入门到入狱——网络数据爬虫的合法性与法律边界](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485462&idx=1&sn=7bd57b19a187b5cc4e681ccabdb62554) + - [ ] [北七家-未来科学城,3居变4居豪装,理想楼层/户型/朝向](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485462&idx=2&sn=aa38fdb9484890ff28fa33eb956db87f) + - [ ] [【干货】笑傲职场的独家经验(1)](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485462&idx=3&sn=73db7dec67642837621580378b52187a) + - [ ] [【干货原创】实网攻防演习常态化,会带来什么变化01](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485462&idx=4&sn=32c45e39b7aa406c34c63723157e5820) + - [ ] [【干货原创】K12教育,鲜为人知的模式秘密](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485462&idx=5&sn=904ed64e3a0a8b04604e39501642c306) + - [ ] [原创文章目录](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485462&idx=6&sn=061a6d50789795a5bd4c3f6a00716e34) + - [ ] [秦安:特朗普“三板斧”遭遇滑铁卢,本质暴露,下一步中国是关键](https://mp.weixin.qq.com/s?__biz=MzA5MDg1MDUyMA==&mid=2650476339&idx=1&sn=e1ce666a0ab9712c2886d83bd1877adb) + - [ ] [秦安:解救台退将高安国!台湾当局构陷为间谍并重判10年,不可忍](https://mp.weixin.qq.com/s?__biz=MzA5MDg1MDUyMA==&mid=2650476339&idx=2&sn=a56cf6d1f85a6c83b8e5beeb6ab78876) + - [ ] [学历赋](https://mp.weixin.qq.com/s?__biz=MzU0MzgzNTU0Mw==&mid=2247485935&idx=1&sn=c9ad7ddf99eb58464e3f86507a44ea7a) + - [ ] [企业网络安全文化建设必备(2):Gartner PIPE(实践|影响|平台|使能)框架](https://mp.weixin.qq.com/s?__biz=MzU0MDc5ODM0Mg==&mid=2247484778&idx=1&sn=9669504997ac29232f840c90dc143100) + - [ ] [带上五款实用软件,让春节假期更精彩](https://mp.weixin.qq.com/s?__biz=MzI2MjcwMTgwOQ==&mid=2247492187&idx=1&sn=839b938abafa27550d165054c071714a) + - [ ] [DeepSeek为何脱颖而出?](https://mp.weixin.qq.com/s?__biz=MzI3MDY0Nzg1Nw==&mid=2247489471&idx=1&sn=aea4a4c9a6a387edcca10e50438e05be) + - [ ] [锐安全红包发放:2025,让我们以攻防之道,破增长之局!](https://mp.weixin.qq.com/s?__biz=MzAxOTk3NTg5OQ==&mid=2247492258&idx=1&sn=0107053c5d16b67f3439376c04cef01f) + - [ ] [掌握数字主权:保障数据安全与自主控制](https://mp.weixin.qq.com/s?__biz=MzkyMzU2NjQyNA==&mid=2247483933&idx=1&sn=8f6302b17e64641dad3a59116b078096) + - [ ] [Xray图形化工具 | Super Xray介绍+使用](https://mp.weixin.qq.com/s?__biz=MzkzNzg3NzQxMQ==&mid=2247485733&idx=1&sn=c428e8ac5075c08b11d6f0bb80204e23) + - [ ] [信长星看望慰问院士专家](https://mp.weixin.qq.com/s?__biz=MzU4NDc2MzcwNw==&mid=2247498579&idx=1&sn=90378659a5745a0dccd8ea5617989cfe) + - [ ] [Claude Sonnet 3.5 模型预部署评估报告](https://mp.weixin.qq.com/s?__biz=MjM5OTk4MDE2MA==&mid=2655264780&idx=1&sn=434329d6b30b82e84d41fe6d628e0aa8) + - [ ] [DeepSeek R1本地部署](https://mp.weixin.qq.com/s?__biz=Mzg2ODc0Mjc0Mw==&mid=2247484166&idx=1&sn=e4b72373f7c77f9ca9a8484254d3cc16) + - [ ] [车载协议网络安全测试与验证技术](https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247620209&idx=1&sn=62fb4f6d697fbc3aeae44911bc309fa8) + - [ ] [模糊测试 ISO 15118 协议栈](https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247620209&idx=2&sn=a7b93becb562444a99c67be0138e6bbb) + - [ ] [汽车诊断协议的自动威胁评估](https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247620209&idx=3&sn=181db85f0a1d7867b71d8f31018ad6a3) + - [ ] [AI安全 | AI红队体系思考](https://mp.weixin.qq.com/s?__biz=MzU2NDc2NDYwMA==&mid=2247485980&idx=1&sn=960d573d2e6fe947559893913922555b) + - [ ] [快来领取你的超级牛红包封面!](https://mp.weixin.qq.com/s?__biz=Mzk0MTM4NzIxMQ==&mid=2247527516&idx=1&sn=052a43ea22441bf83cccc86ea56461a3) + - [ ] [通过js进行模糊测试所拿到的一次五千漏洞赏金记录](https://mp.weixin.qq.com/s?__biz=MzIzMTIzNTM0MA==&mid=2247496957&idx=1&sn=5ef897f46f3bf16bce1a83b45b0611c3) + - [ ] [猴子回花果山了](https://mp.weixin.qq.com/s?__biz=Mzk0MzY3MDE5Mg==&mid=2247484000&idx=1&sn=bcb60f30530141fb1333e0bb179fd365) + - [ ] [Timeline Sec团队2024年度奖项盘点!](https://mp.weixin.qq.com/s?__biz=MzA4NzUwMzc3NQ==&mid=2247497125&idx=1&sn=1beda84fef5f56cc2ca6aca3453311f9) + - [ ] [【年终总结2024】拥抱变化,书写属于你的崭新篇章](https://mp.weixin.qq.com/s?__biz=MzUwOTc3MTQyNg==&mid=2247491368&idx=1&sn=ed2c5b70af95f81f32a0eb1015945656) + - [ ] [《忍者龙剑传2:黑之章》PC版未加密,发售首日即遭黑客破解](https://mp.weixin.qq.com/s?__biz=MzU2MTQwMzMxNA==&mid=2247541464&idx=1&sn=cc83ce1fb7205f3da825a11d64b5a1a1) + - [ ] [共赴新程|江南信安2024年大事记回顾](https://mp.weixin.qq.com/s?__biz=MzA4MTE0MTEwNQ==&mid=2668670046&idx=1&sn=3d90d226b0ccfc788e9c3d55a906a392) + - [ ] [网安两位大佬脏话对喷?网安春节联欢晚会?](https://mp.weixin.qq.com/s?__biz=Mzg4NDk4MTk5OA==&mid=2247485518&idx=1&sn=081012fa0f7c697122122eb1b53b1f60) + - [ ] [带你解锁编码新世界!--随波逐流CTF编码工具使用教程44 --键盘按键键码keyCode密码](https://mp.weixin.qq.com/s?__biz=MzU2NzIzNzU4Mg==&mid=2247489639&idx=1&sn=321666dc868c113dcd28f6bfdc082c4d) + - [ ] [必看!国产超强AI推理,DeepSeek真正实现了AI自由!!!](https://mp.weixin.qq.com/s?__biz=MzkxMTUwOTY1MA==&mid=2247490125&idx=1&sn=d5a623704b071c5ccfd9c9e6108237eb) + - [ ] [ICSISIAP伴着蛇年的钟声,愿您好运开场!](https://mp.weixin.qq.com/s?__biz=MzI2MDk2NDA0OA==&mid=2247531219&idx=1&sn=f2ef95a05d3afd23d49b6f3b284874f7) + - [ ] [勒索软件编年史:从特洛伊到AI多重勒索](https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651313205&idx=1&sn=87bd9d4b0f4cf0110a428c760a32e247) + - [ ] [Microsoft Entra ID允许普通用户更新自己的UPN](https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651313205&idx=2&sn=076056f3b3febe8c53a042effe79ab62) + - [ ] [Chrome用户面临供应链攻击威胁,数百万人或受影响](https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651313205&idx=3&sn=ede56e2405d624e8159192b3bc6dabb4) + - [ ] [pwndbg:一款专为安全漏洞分析设计的GDB插件](https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651313205&idx=4&sn=fd39b2e5339a4dbd516501e208e06b3e) + - [ ] [DIDCTF-应急响应](https://mp.weixin.qq.com/s?__biz=MzkxMTcyMDczOQ==&mid=2247489787&idx=1&sn=478bd3b1a45b2189e78835e7464fad7a) + - [ ] [【InForSec 2025年会顶会论文回顾】雷重庆 :以友为鉴:基于 MCU 外设驱动分析的外设模型生成](https://mp.weixin.qq.com/s?__biz=MzA4ODYzMjU0NQ==&mid=2652317462&idx=1&sn=f826132e0f6fa3183c04badd0fa5dae0) + - [ ] [【InForSec 2025年会顶会论文回顾】姜嘉仪:增强基于二进制分析的协议逆向工程中字段推断能力的研究](https://mp.weixin.qq.com/s?__biz=MzA4ODYzMjU0NQ==&mid=2652317462&idx=2&sn=136962e4a93d95b67fdc6518671af5e4) + - [ ] [【InForSec 2025年会顶会论文回顾】李勇钢:基于虚拟化的未知驱动隔离与保护方法](https://mp.weixin.qq.com/s?__biz=MzA4ODYzMjU0NQ==&mid=2652317462&idx=3&sn=f21f4c9bf0cef097103e6505e6964774) + - [ ] [【InForSec 2025年会顶会论文回顾】马昊玉:镜中窥视:利用缓存侧信道攻破 Android 应用沙盒完整性](https://mp.weixin.qq.com/s?__biz=MzA4ODYzMjU0NQ==&mid=2652317462&idx=4&sn=af78d0a1dc313ed16e1ce158f5556a0e) + - [ ] [【InForSec 2025年会顶会论文回顾】向昊: 基于完全域敏感和源点意识的控制流完整性方法](https://mp.weixin.qq.com/s?__biz=MzA4ODYzMjU0NQ==&mid=2652317462&idx=5&sn=4f9bf219ac43637893b96266671c7f9b) + - [ ] [2024年我国软件业务收入137276亿元 同比增长10%](https://mp.weixin.qq.com/s?__biz=MzI5NTM4OTQ5Mg==&mid=2247634091&idx=1&sn=09d97d63363872444886eca26d42bd1b) + - [ ] [多家企业不履行网络安全保护义务被依法处罚](https://mp.weixin.qq.com/s?__biz=MzIxMDIwODM2MA==&mid=2653931479&idx=1&sn=c7eb966e702167a103aa8237a401daa5) + - [ ] [新华财经 | 强化治理机制与安全技术融合 完善数据流通安全治理](https://mp.weixin.qq.com/s?__biz=MzI5NTM4OTQ5Mg==&mid=2247634091&idx=3&sn=ae1890d9fc43a28242614b77158bdb47) + - [ ] [新型人工智能“黑帽”工具:GhostGPT带来的威胁与挑战](https://mp.weixin.qq.com/s?__biz=MzI5NTM4OTQ5Mg==&mid=2247634091&idx=4&sn=b35ba1306942e49e81d7c0916dc10b82) + - [ ] [2024洞见微信年终总结](https://mp.weixin.qq.com/s?__biz=MzAxNzg3NzMyNQ==&mid=2247489515&idx=1&sn=c7ea742f54ea0d6e7f84c40a2f619721) + - [ ] [请君入瓮:蜜罐工具如何“钓鱼”黑客](https://mp.weixin.qq.com/s?__biz=MzkxODc5OTg5MQ==&mid=2247484274&idx=1&sn=08c7763a964ad3e0fdf8c700034ca314) + - [ ] [ISO 26262,太重要了](https://mp.weixin.qq.com/s?__biz=MzIzOTc2OTAxMg==&mid=2247549656&idx=1&sn=3b1404c45c6ac9e89a7f1effbc240319) + - [ ] [以太网知识:什么是MAC,什么是PHY,什么是MII](https://mp.weixin.qq.com/s?__biz=MzIzOTc2OTAxMg==&mid=2247549656&idx=2&sn=e9d2211ea044442665269f98c6ba7fc7) + - [ ] [【资讯】民政部等十七部门印发《困境儿童个人信息保护工作办法》](https://mp.weixin.qq.com/s?__biz=MzU1NDY3NDgwMQ==&mid=2247549514&idx=1&sn=305ef8a47012da8184703835c1e1ed93) + - [ ] [【资讯】网安标委发布《网络安全标准实践指南——人脸识别支付场景个人信息安全保护要求》](https://mp.weixin.qq.com/s?__biz=MzU1NDY3NDgwMQ==&mid=2247549514&idx=2&sn=6fb98a5fec924d8cd7a67dccd7424d5b) + - [ ] [【资讯】江苏省数据局等六部门印发《江苏省推进可信数据空间发展工作方案》](https://mp.weixin.qq.com/s?__biz=MzU1NDY3NDgwMQ==&mid=2247549514&idx=3&sn=badae398c24ad154b783f9f5a629d0d0) + - [ ] [[SUCTF2025] SU_APP、SU_Harmony 出题小记](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458589294&idx=1&sn=9843c5f997dc4268b2cceefeef11c2d9) + - [ ] [主打提高实战能力:CTF训练营-Web篇](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458589294&idx=2&sn=b3ce8734cd9334e9dd50ed637685ef01) + - [ ] [紧盯风险,防治漏洞:七步闭环](https://mp.weixin.qq.com/s?__biz=Mzk0OTQzMDI4Mg==&mid=2247484429&idx=1&sn=d365c76773989b993a162b0224f21e0f) + - [ ] [喜迎新春 欢度新年——银天科技恭祝您蛇年大吉!!!](https://mp.weixin.qq.com/s?__biz=MzA4MDk4NTIwMg==&mid=2454063862&idx=1&sn=12471c57f888c3ef8b3cf8fef358aa16) + - [ ] [网络工程师要学习什么技术?](https://mp.weixin.qq.com/s?__biz=MzIxNTM3NDE2Nw==&mid=2247490321&idx=1&sn=9b182f0c5ea87de6732432f15ac1fd88) + - [ ] [网安春晚:TSRC年榜第一小火炬怒喷老牌团队day1创始人王老师](https://mp.weixin.qq.com/s?__biz=MzkyOTQzNjIwNw==&mid=2247491530&idx=1&sn=b8652982f233b0eb67c95941afd97b2e) + - [ ] [05x数组42-49](https://mp.weixin.qq.com/s?__biz=MzA3NDE0NTY0OQ==&mid=2247484219&idx=1&sn=a44902a546dd3f19251633c65a184998) + - [ ] [科技传播中的科技伦理价值传递与治理原则](https://mp.weixin.qq.com/s?__biz=MzI1OTExNDY1NQ==&mid=2651618898&idx=1&sn=5f61d50057d512db5a228d8da59d4daf) + - [ ] [美国总统特朗普命令加密货币工作组起草新法规,探索建立国家加密货币储备](https://mp.weixin.qq.com/s?__biz=MzI1OTExNDY1NQ==&mid=2651618898&idx=2&sn=4abfd689dec96aeea8848eef12529590) + - [ ] [一图看懂2024年全球DDoS攻击态势](https://mp.weixin.qq.com/s?__biz=MjM5MTAwNzUzNQ==&mid=2650511143&idx=1&sn=3a15f876d02eabbf5ae003822f591ece) + - [ ] [缔盟云祝您有蛇有得,多财多亿,巳巳如意!](https://mp.weixin.qq.com/s?__biz=MzU3NzAyODU4OQ==&mid=2247485633&idx=1&sn=c6f88c734c41cd5e16eaa606fedd7a98) + - [ ] [一文带你理清前置机、跳板机与堡垒机的区别](https://mp.weixin.qq.com/s?__biz=MzkxMzMyNzMyMA==&mid=2247570690&idx=1&sn=b01cfbe28310df8b4522cf9025bcb0a2) + - [ ] [工商银行软件开发中心建设企业级风险决策服务能力,助推风控数字化转型](https://mp.weixin.qq.com/s?__biz=MzIxMDIwODM2MA==&mid=2653931479&idx=2&sn=8262daf2f36f04e547fa7e3e63027a00) + - [ ] [国产AI DeepSeek下载排行第一,AI界拼多多要逆袭chatgpt](https://mp.weixin.qq.com/s?__biz=Mzg2NDYwMDA1NA==&mid=2247543628&idx=1&sn=17c35fbc61a2b9c9a4b46fdc37f523b6) + - [ ] [《中国人民银行业务领域网络安全事件报告管理办法(征求意见稿)》公开征求意见](https://mp.weixin.qq.com/s?__biz=MjM5MzMwMDU5NQ==&mid=2649170564&idx=1&sn=624aa0fc6e97964bc6c24943e541c062) + - [ ] [小心“红包陷阱” !春节期间当心“喜中有诈”](https://mp.weixin.qq.com/s?__biz=MjM5MzMwMDU5NQ==&mid=2649170564&idx=2&sn=20add29e69926154f23dfc690f8794be) + - [ ] [完善数据流通安全治理机制 破解数据流通安全堵点](https://mp.weixin.qq.com/s?__biz=MjM5MzMwMDU5NQ==&mid=2649170564&idx=3&sn=acebdb407dbd799284061eb5c0b6457e) + - [ ] [恭贺新春 巳巳如意 | 金盾信安2025年春节假期值守安排](https://mp.weixin.qq.com/s?__biz=MjM5NjA2NzY3NA==&mid=2448682670&idx=1&sn=a638c4cebbf8f3edd837178cbd57c8df) + - [ ] [金盾信安 | 网络和数据领域资讯第45期(2025.1.21-2025.1.27)](https://mp.weixin.qq.com/s?__biz=MjM5NjA2NzY3NA==&mid=2448682670&idx=2&sn=8db6eebf8bd6c8c3f402b5be39471f90) + - [ ] [红队基础设施建设与改造(四)——深入解析Cobaltstrike(二开环境、认证过程分析、Beacon分析)](https://mp.weixin.qq.com/s?__biz=MzkwOTE3MzAxOA==&mid=2247485386&idx=1&sn=58bd4e0ea233075a6901ca1c18e458dc) + - [ ] [【假期别闲着】2025年需要学习的顶级安(黑)全(客)工具和技能](https://mp.weixin.qq.com/s?__biz=Mzg4NzgyODEzNQ==&mid=2247488631&idx=1&sn=3b6dad961c06f0d42f10b0e26644bd75) + - [ ] [《天堂之门》技术](https://mp.weixin.qq.com/s?__biz=MjM5NDcxMDQzNA==&mid=2247489387&idx=1&sn=ac98464c37defc7ff7572ef6c18dcb65) + - [ ] [山海关安全团队2024年终总结](https://mp.weixin.qq.com/s?__biz=Mzg4MjcxMTAwMQ==&mid=2247488669&idx=1&sn=b56b57ad952c790150d5244dffdf653d) + - [ ] [丸啦~真·缉拿归案啦](https://mp.weixin.qq.com/s?__biz=Mzk0MDY2NTY5Mw==&mid=2247485643&idx=1&sn=4d8692480bd89aa76f65366edcc86000) + - [ ] [运维风险管控、数据安全规范普及与漏洞情报处置:技术与管理并重的综合策略探讨。|总第278周](https://mp.weixin.qq.com/s?__biz=MzI2MjQ1NTA4MA==&mid=2247491776&idx=1&sn=4e17c660387c6776b88e397c64e7ed57) + - [ ] [CNVD漏洞周报2025年第4期](https://mp.weixin.qq.com/s?__biz=MzU3ODM2NTg2Mg==&mid=2247495739&idx=1&sn=70bff0dcfddcafcf645feed59f012888) + - [ ] [上周关注度较高的产品安全漏洞(20250120-20250126)](https://mp.weixin.qq.com/s?__biz=MzU3ODM2NTg2Mg==&mid=2247495739&idx=2&sn=c1eb11a7df482ea02fe0bb114eaa29bc) + - [ ] [deepseek 崩了](https://mp.weixin.qq.com/s?__biz=Mzk0MTI4NTIzNQ==&mid=2247492212&idx=1&sn=056eea3aeb7bbefa596ded5c9183de5c) + - [ ] [黑客使用RID劫持技术创建秘密的Windows管理帐户](https://mp.weixin.qq.com/s?__biz=MzUyMzczNzUyNQ==&mid=2247523229&idx=1&sn=02f3c873352590457db43f6d314f2ed3) + - [ ] [GitHub漏洞允许恶意仓库泄露用户凭据](https://mp.weixin.qq.com/s?__biz=MzUyMzczNzUyNQ==&mid=2247523229&idx=2&sn=596a96b2b96c941baeb9a5420fc9bbc2) + - [ ] [Kubernetes 集群远程代码执行漏洞致攻击者可接管所有 Windows 节点](https://mp.weixin.qq.com/s?__biz=MzUyMzczNzUyNQ==&mid=2247523229&idx=3&sn=741cf9ea3ae359cfcb2e7cafb292b025) + - [ ] [LTE和5G基础设施中的100多个漏洞导致远程核心泄露](https://mp.weixin.qq.com/s?__biz=MzUyMzczNzUyNQ==&mid=2247523229&idx=4&sn=fae6c9befec51a70547603cfc08bdd67) + - [ ] [Brute Ratel C4 载荷深度分析](https://mp.weixin.qq.com/s?__biz=MzAxODM5ODQzNQ==&mid=2247486782&idx=1&sn=eed60be751abe1186862fcb42ad81c69) + - [ ] [Brute Ratel C4 载荷深度分析 - 第二部分](https://mp.weixin.qq.com/s?__biz=MzAxODM5ODQzNQ==&mid=2247486782&idx=2&sn=92bb05ee43a6f780e534f0a7b25658de) + - [ ] [人物专题丨台湾地区海军副司令马群超](https://mp.weixin.qq.com/s?__biz=Mzg2NTYyODgyNg==&mid=2247504625&idx=1&sn=8ead3d113a164b57f2b73fd0414288eb) + - [ ] [《=虚假的网安春晚真实的网安春晚=》[旺柴]](https://mp.weixin.qq.com/s?__biz=MzkxNTczMjA1Ng==&mid=2247483975&idx=1&sn=ba13236ad54bd6d25c2e187d71724f50) +- Private Feed for M09Ic + - [ ] [safedv starred getAsterisk/deepclaude](https://github.com/getAsterisk/deepclaude) + - [ ] [mgeeky starred NtDallas/OdinLdr](https://github.com/NtDallas/OdinLdr) + - [ ] [4ra1n released 1.4.0 at jar-analyzer/class-obf](https://github.com/jar-analyzer/class-obf/releases/tag/1.4.0) + - [ ] [ZeddYu released v0.1.9 at ZeddYu/hugo-theme-stack](https://github.com/ZeddYu/hugo-theme-stack/releases/tag/v0.1.9) + - [ ] [safedv starred vxunderground/OCRMe](https://github.com/vxunderground/OCRMe) + - [ ] [paranoidninja created a repository paranoidninja/BRC4-BOF-Artillery](https://github.com/paranoidninja/BRC4-BOF-Artillery//) + - [ ] [INotGreen starred Adaptix-Framework/AdaptixC2](https://github.com/Adaptix-Framework/AdaptixC2) + - [ ] [yzddmr6 started following jbHu67](https://github.com/jbHu67) + - [ ] [phith0n starred sezanzeb/input-remapper](https://github.com/sezanzeb/input-remapper) + - [ ] [mgeeky starred trailofbits/cfg-showcase](https://github.com/trailofbits/cfg-showcase) + - [ ] [0e0w created a repository HackJava/snakeyaml](https://github.com/HackJava/Hacksnakeyaml//) + - [ ] [vxunderground created a repository vxunderground/OCRMe](https://github.com/vxunderground/OCRMe//) + - [ ] [mgeeky starred ElliotKillick/Mido](https://github.com/ElliotKillick/Mido) + - [ ] [mgeeky starred ElliotKillick/windows-vs-linux-loader-architecture](https://github.com/ElliotKillick/windows-vs-linux-loader-architecture) +- Trustwave Blog + - [ ] [Trustwave SpiderLabs December 2024: Phishing and Email Security Insights](https://www.trustwave.com/en-us/resources/blogs/trustwave-blog/trustwave-spiderlabs-december-2024-phishing-and-email-security-insights/) +- The DFIR Report + - [ ] [Cobalt Strike and a Pair of SOCKS Lead to LockBit Ransomware](https://thedfirreport.com/2025/01/27/cobalt-strike-and-a-pair-of-socks-lead-to-lockbit-ransomware/) +- Recent Commits to cve:main + - [ ] [Update Mon Jan 27 20:21:33 UTC 2025](https://github.com/trickest/cve/commit/b903cf9055faa0f09065ced5de7f9194a3b1a063) + - [ ] [Update Mon Jan 27 12:26:08 UTC 2025](https://github.com/trickest/cve/commit/c02fdccf98aca92096b385e95013782e5a87f8d6) + - [ ] [Update Mon Jan 27 04:22:47 UTC 2025](https://github.com/trickest/cve/commit/863bfc48e5dd52b0ac34eca3b6ccfca2ae091c10) +- Insinuator.net + - [ ] [Part I: Bluetooth Auracast from a Security Researcher’s Perspective](https://insinuator.net/2025/01/auracast-part1/) +- Sandfly Security Blog RSS Feed + - [ ] [Sandfly 5.3 - Detailed Host Forensics and Microsoft Sentinel Integration](https://sandflysecurity.com/about-us/news/sandfly-5-3-detailed-host-forensics-and-microsoft-sentinel-integration/) +- SpiderLabs Blog + - [ ] [Cracking the Giant: How ODAT Challenges Oracle, the King of Databases](https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/cracking-the-giant-how-odat-challenges-oracle-the-king-of-databases/) +- Bug Bounty in InfoSec Write-ups on Medium + - [ ] [Full GitHub Dorking guide: for OSINT and BugBounty (Reconnaissance)](https://infosecwriteups.com/full-github-dorking-guide-for-osint-and-bugbounty-reconnaissance-27557fb67ee0?source=rss----7b722bfd1b8d--bug_bounty) +- SentinelOne + - [ ] [Cloud Ransomware Developments | The Risks of Customer-Managed Keys](https://www.sentinelone.com/blog/cloud-ransomware-developments-the-risks-of-customer-managed-keys/) +- Reverse Engineering + - [ ] [/r/ReverseEngineering's Weekly Questions Thread](https://www.reddit.com/r/ReverseEngineering/comments/1ib336t/rreverseengineerings_weekly_questions_thread/) + - [ ] [Video: Binary Refinery URL extractor for LummaStealer loader](https://www.reddit.com/r/ReverseEngineering/comments/1iazq8n/video_binary_refinery_url_extractor_for/) +- Webroot Blog + - [ ] [6 ways to get the most from Data Privacy Week](https://www.webroot.com/blog/2025/01/27/6-ways-to-get-the-most-from-data-privacy-week/) + - [ ] [Managed Detection and Response: Key trends MSPs can’t afford to ignore](https://www.webroot.com/blog/2025/01/27/managed-detection-and-response-key-trends-msps-cant-afford-to-ignore/) +- FreeBuf网络安全行业门户 + - [ ] [THN 每周回顾:顶级网络安全威胁、工具与技巧 [1月27日]](https://www.freebuf.com/vuls/420917.html) + - [ ] [GamaCopy模仿Gamaredon战术,针对俄罗斯实体展开网络间谍活动](https://www.freebuf.com/articles/network/420909.html) + - [ ] [新威胁组织GamaCopy模仿俄罗斯Gamaredon APT,针对俄语目标发起攻击](https://www.freebuf.com/articles/endpoint/420915.html) + - [ ] [恶意文件携带驱动人生数字签名,混淆视听执行后门](https://www.freebuf.com/news/420885.html) + - [ ] [ESXi勒索软件攻击利用SSH隧道逃避检测](https://www.freebuf.com/articles/es/420911.html) +- Malwarebytes + - [ ] [UnitedHealth almost doubles victim numbers from massive Change Healthcare data breach](https://www.malwarebytes.com/blog/news/2025/01/unitedhealth-almost-doubles-victim-numbers-from-massive-change-healthcare-data-breach) + - [ ] [A week in security (January 20 – January 26)](https://www.malwarebytes.com/blog/news/2025/01/a-week-in-security-january-20-january-26) + - [ ] [Three privacy rules for 2025 (Lock and Code S06E02)](https://www.malwarebytes.com/blog/podcast/2025/01/three-privacy-rules-for-2025-lock-and-code-s06e02) +- Shostack & Friends Blog + - [ ] [Spatial Reasoning and Threat Modeling](https://shostack.org/blog/spatial-reasoning-and-threat-modeing/) +- 奇客Solidot–传递最新科技情报 + - [ ] [Onlyfans 成功背后的心理学](https://www.solidot.org/story?sid=80440) + - [ ] [科学家通过黑洞合并事件验证宇宙镜像对称性](https://www.solidot.org/story?sid=80439) + - [ ] [研究揭示 PM2.5 毒理学机制](https://www.solidot.org/story?sid=80438) + - [ ] [DeepSeek 登顶苹果应用商店免费应用排行榜](https://www.solidot.org/story?sid=80437) + - [ ] [天文学家呼吁禁止太空广告](https://www.solidot.org/story?sid=80436) + - [ ] [研究发现对 AI 了解越少的人越愿意使用 AI](https://www.solidot.org/story?sid=80435) + - [ ] [特斯拉拒绝将 FSD 软件转移到新车](https://www.solidot.org/story?sid=80434) + - [ ] [Bitmanagement 与美国海军的反盗版诉讼再次受挫](https://www.solidot.org/story?sid=80433) +- 安全分析与研究 + - [ ] [利用合法服务逃避检测的C2框架集合](https://mp.weixin.qq.com/s?__biz=MzA4ODEyODA3MQ==&mid=2247490200&idx=1&sn=7ded05c5e8fcfb1f9411a02872d16b97&chksm=902fb5b0a7583ca6b9d070be9f189689dd4947d6b3cd745aa9f60a0f8b4753a861b6fb648957&scene=58&subscene=0#rd) + - [ ] [NetSupport恶意软件实战分析](https://mp.weixin.qq.com/s?__biz=MzA4ODEyODA3MQ==&mid=2247490200&idx=2&sn=6314bb9f1aaf1b510571b88dba47f6c6&chksm=902fb5b0a7583ca6e350050607a7974c961c89efe6bebff6360180ccda873aeec6cac61a7981&scene=58&subscene=0#rd) +- 沉隐杂谈录 + - [ ] [春节快乐-D2发布-新的开始](https://mp.weixin.qq.com/s?__biz=MzIxMDI0MzQzNQ==&mid=2650416407&idx=1&sn=9b8c96ba91a0e21e291d6afc156427ae&chksm=8f691f13b81e9605d0c04246123189c15bd8df8a98c759c24ab9f3b029b4c1e33968ae3bf07a&scene=58&subscene=0#rd) +- 吾爱破解论坛 + - [ ] [吾爱破解论坛微信红包封面(105000份)](https://mp.weixin.qq.com/s?__biz=MjM5Mjc3MDM2Mw==&mid=2651141642&idx=1&sn=dbc86b6bb93f87ff6b37ff25887ea8ab&chksm=bd50a65e8a272f487fe50c942a392975c1b2f40c830799f082a541fb014f24452a88f9b03c18&scene=58&subscene=0#rd) +- Black Hills Information Security + - [ ] [GRC for Security Managers: From Checklists to Influence](https://www.blackhillsinfosec.com/grc-for-security-managers-wrapup/) +- 看雪学苑 + - [ ] [[SUCTF2025] SU_APP、SU_Harmony 出题小记](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458589294&idx=1&sn=9843c5f997dc4268b2cceefeef11c2d9&chksm=b18c28e486fba1f2def30ae2ad36fb881a2d6b3ae21e83fb24cd04f74d14f7fbfae69daac012&scene=58&subscene=0#rd) + - [ ] [主打提高实战能力:CTF训练营-Web篇](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458589294&idx=2&sn=b3ce8734cd9334e9dd50ed637685ef01&chksm=b18c28e486fba1f26a5b9b0ff4c245f804d7b5bf346992a0ddef298cd610ea4c06ec61e36f24&scene=58&subscene=0#rd) +- 丁爸 情报分析师的工具箱 + - [ ] [【实操】大语言模型能否按照特定要求撰写情报简报](https://mp.weixin.qq.com/s?__biz=MzI2MTE0NTE3Mw==&mid=2651148703&idx=1&sn=c924baf97ad0b03dd7fb0f48ff913106&chksm=f1af26a5c6d8afb3022277d9121d65514f7d642109b5cc100fd1264fd42ddb72d63aae8c2e43&scene=58&subscene=0#rd) +- 君哥的体历 + - [ ] [运维风险管控、数据安全规范普及与漏洞情报处置:技术与管理并重的综合策略探讨。|总第278周](https://mp.weixin.qq.com/s?__biz=MzI2MjQ1NTA4MA==&mid=2247491776&idx=1&sn=4e17c660387c6776b88e397c64e7ed57&chksm=ea484a87dd3fc3919e9026124b6bc0ba8b63b525d5d9b381260922106e0c8fca0d924c4c1bc5&scene=58&subscene=0#rd) +- dotNet安全矩阵 + - [ ] [收藏 | dotNet 安全矩阵团队2024年度内网横向移动阶段文章和工具汇总](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498493&idx=1&sn=0d58ecc98d8333a349c3712d4c129203&chksm=fa595410cd2edd062276b3223d5124040f319e19ba6ea3217db7d2e4d66add50a2c28fe6313a&scene=58&subscene=0#rd) + - [ ] [国内最专业、最全面的 [ .NET 代码审计 ] 体系化学习交流社区](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498493&idx=2&sn=42328f97d2cb9e8a7299d8948372c706&chksm=fa595410cd2edd060e5fd0741bf0e131d3cd04fafec5389c16758b57d4443a69e9583caee479&scene=58&subscene=0#rd) + - [ ] [通过 Sharp4Tokenvator 实现本地权限提升](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498493&idx=3&sn=d4029c2b542db791a7c4a70127b369fc&chksm=fa595410cd2edd069e4d76454b7789a94293ccb94a2ca643ad9f8b6bb7689ce4f47c1adf7a35&scene=58&subscene=0#rd) +- 安全牛 + - [ ] [春节放假通知](https://mp.weixin.qq.com/s?__biz=MjM5Njc3NjM4MA==&mid=2651134996&idx=1&sn=1c7920ea6f4ee8c218f4ff5dfcc4b28c&chksm=bd15acc78a6225d1f846166029b745338e146775f7f660efefe8493f1aa89f4e08347b6475c7&scene=58&subscene=0#rd) + - [ ] [LTE和5G网络实现中存在119个安全漏洞,可导致大规模通信中断;调查显示:仅7%受害者在支付勒索软件赎金后成功恢复数据 |牛览](https://mp.weixin.qq.com/s?__biz=MjM5Njc3NjM4MA==&mid=2651134996&idx=2&sn=82356d56bcca2787f9016513ed4f3cbf&chksm=bd15acc78a6225d149fe16de3316f0735ac8eb52adf8cea1638c72eb92dc9122d6eb960a5ce0&scene=58&subscene=0#rd) +- 中国信息安全 + - [ ] [聚焦 | 国家网络威胁信息汇聚共享技术平台试运行总结表彰会成功举办](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235892&idx=1&sn=7fbcbb0883b6c65f4e3ba90ca09cccb7&chksm=8b58018dbc2f889be69ce98bffbb8700788264b4674a06edae6f3bf279bbde06a7fb39fc0778&scene=58&subscene=0#rd) + - [ ] [全球视野 | 国际网安快讯(第47期)](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235892&idx=2&sn=08a60783ca81347f55ac588740b70769&chksm=8b58018dbc2f889b07208718f2d827850ae2e964d65cfa90e842cdf6a10017f45ca80902cce0&scene=58&subscene=0#rd) + - [ ] [专家解读 | 扎实推进数据标准化工作 保障国家数据基础设施建设行稳致远](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235892&idx=3&sn=60fe07f5134c5dcdf56d12ae7a8a6f6f&chksm=8b58018dbc2f889b91b925e9e99f943eb4e141139265dd2619cbcb7539ff4d1feb896ec1b3b5&scene=58&subscene=0#rd) + - [ ] [四部门提示:防范“云养经济”欺诈!](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235892&idx=4&sn=e08fb24557851d99e80e4c6209a72e03&chksm=8b58018dbc2f889bf575dd94acf5c653e8345717700f5a66d66444326c0e8254fa40351c4c22&scene=58&subscene=0#rd) + - [ ] [专家解读 | 规范互联网平台企业报送信息 加强税源监管](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235892&idx=5&sn=9a656024279a6e896c92ce522318f0f9&chksm=8b58018dbc2f889b133dcd409bdae5218c53a73c4bb07029a09b2ad2c68aefeb13bcf03e65ea&scene=58&subscene=0#rd) + - [ ] [发布 | 中国信通院发布《车联网蓝皮书(数据赋能)(2024年)》(附下载)](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235892&idx=6&sn=4f29a9e415b95ec39af7c39c827ca8c6&chksm=8b58018dbc2f889b275a166290ba46af1f9486655da918e0239a1c03e50ba180c0e23d550e1a&scene=58&subscene=0#rd) + - [ ] [专家观点 | 数据治理助推中国生成式人工智能高质量发展](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235892&idx=7&sn=20d279dc28a3b944e6b08da8d0389648&chksm=8b58018dbc2f889b9b6c89092f8cba2bb490d27fc2b4b445f543c8ee998827a6e62a888bef51&scene=58&subscene=0#rd) + - [ ] [评论 | 严打黑客犯罪筑牢网安防线](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235892&idx=8&sn=a3453b1c835acec8834fbd5ff7af2441&chksm=8b58018dbc2f889b114f424c5cbc8fe72002e287bd824755f2bf4fe876eb53a3990490582cb1&scene=58&subscene=0#rd) +- 极客公园 + - [ ] [超音速民航「全球竞赛」,这家中国公司要「换道赛车」](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653072943&idx=1&sn=ffb269408b68f9e0288deb4a716e35a5&chksm=7e57d39949205a8fcb59175315452b11b6aa0621056de0de1b1c687d1a376823a493833406ad&scene=58&subscene=0#rd) + - [ ] [变天!——由一个惊艳例子引发对 DeepSeek 的 10 条思考](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653072943&idx=2&sn=42192769f13fb530fa9d3e23e0ad898c&chksm=7e57d39949205a8f43d40b81d6f0eeb1f919cf2f591666e28604cf8442613d9c9b06c3d6520e&scene=58&subscene=0#rd) + - [ ] [2025 年,多模态会诞生下一个 Super App 吗?](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653072869&idx=1&sn=12adc42065f8f5e00bc46673e247f39b&chksm=7e57d05349205945bf789818c879903e56ec41dee196f11a2c2eb03e570dbb7d37f5276ddf06&scene=58&subscene=0#rd) + - [ ] [DeepSeek升至美区苹果应用榜第一;Switch 2发售时间疑似泄露;苹果iPhone SE4或3月发布|极客早知道](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653072885&idx=1&sn=7e5a3b9e6ca75e1cde3533d9d9979269&chksm=7e57d0434920595525c153f6692cab3f51588c07e99b811fa04650161507b68ef8826215554a&scene=58&subscene=0#rd) +- 嘶吼专业版 + - [ ] [新的 DoubleClickjacking 攻击利用双击来劫持帐户](https://mp.weixin.qq.com/s?__biz=MzI0MDY1MDU4MQ==&mid=2247580993&idx=1&sn=9cef8f9e885411deefa3dd1718756bec&chksm=e9146d7bde63e46d6f0696852e5e5dc1ea9b2c6006db56346d548914ef0d50494db9f8fafe58&scene=58&subscene=0#rd) + - [ ] [安全动态回顾|工信部发布关于防范Androxgh0st僵尸网络的风险提示 Tesla EV充电器在PWN2OWN遭黑客多次入侵](https://mp.weixin.qq.com/s?__biz=MzI0MDY1MDU4MQ==&mid=2247580993&idx=2&sn=790649df6d58dba77660759df720c892&chksm=e9146d7bde63e46d5df8acb5d88a467ae8534a921ea900181bdacf12e66a11088693b337bd86&scene=58&subscene=0#rd) +- 情报分析师 + - [ ] [深挖“颜十六”:影视圈的“毒瘤”与跨国诈骗的“操盘手”](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650559276&idx=1&sn=031b0b5216b2db6c8a00f413e26ddcb0&chksm=87117d67b066f4718e1e8c4668285b5b2e2f1516a4c29ae581a945f427b952a45f7b90bb7cb3&scene=58&subscene=0#rd) + - [ ] [中情局携手乌克兰:从针锋相对到深度绑定,背后暗藏的全球隐患](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650559276&idx=2&sn=43bf564f5b1729bfe0286075d2cbc790&chksm=87117d67b066f471cc064ed852c6dfb97f82886b78a1b56aa647781834ebf0d1af0fec3e978a&scene=58&subscene=0#rd) +- 网安国际 + - [ ] [【InForSec 2025年会顶会论文回顾】雷重庆 :以友为鉴:基于 MCU 外设驱动分析的外设模型生成](https://mp.weixin.qq.com/s?__biz=MzA4ODYzMjU0NQ==&mid=2652317462&idx=1&sn=f826132e0f6fa3183c04badd0fa5dae0&chksm=8bc4ba98bcb3338ebd4c95535b024fb2d0951f24bd5c6220286b8f0e82cf6e3ed30fe77a6690&scene=58&subscene=0#rd) + - [ ] [【InForSec 2025年会顶会论文回顾】姜嘉仪:增强基于二进制分析的协议逆向工程中字段推断能力的研究](https://mp.weixin.qq.com/s?__biz=MzA4ODYzMjU0NQ==&mid=2652317462&idx=2&sn=136962e4a93d95b67fdc6518671af5e4&chksm=8bc4ba98bcb3338e45009a0994535a27c07c8a156be33fa8f7baf2d45b20e61c5bb48fa202d8&scene=58&subscene=0#rd) + - [ ] [【InForSec 2025年会顶会论文回顾】李勇钢:基于虚拟化的未知驱动隔离与保护方法](https://mp.weixin.qq.com/s?__biz=MzA4ODYzMjU0NQ==&mid=2652317462&idx=3&sn=f21f4c9bf0cef097103e6505e6964774&chksm=8bc4ba98bcb3338ede7044a70a7f51fa822aed833fe94983e8164af7b05be3eda9dc94bbfdb9&scene=58&subscene=0#rd) + - [ ] [【InForSec 2025年会顶会论文回顾】马昊玉:镜中窥视:利用缓存侧信道攻破 Android 应用沙盒完整性](https://mp.weixin.qq.com/s?__biz=MzA4ODYzMjU0NQ==&mid=2652317462&idx=4&sn=af78d0a1dc313ed16e1ce158f5556a0e&chksm=8bc4ba98bcb3338e8fbc65c1337d3af8ce4cdc1b60706c6dcbd92114dec43b23f09411cd3af7&scene=58&subscene=0#rd) + - [ ] [【InForSec 2025年会顶会论文回顾】向昊: 基于完全域敏感和源点意识的控制流完整性方法](https://mp.weixin.qq.com/s?__biz=MzA4ODYzMjU0NQ==&mid=2652317462&idx=5&sn=4f9bf219ac43637893b96266671c7f9b&chksm=8bc4ba98bcb3338eaa76ba29a15693a8cd7fdce579502c0ca5f68c46e4d44b1bee8ae278dc8b&scene=58&subscene=0#rd) +- 迪哥讲事 + - [ ] [通过js进行模糊测试所拿到的一次五千漏洞赏金记录](https://mp.weixin.qq.com/s?__biz=MzIzMTIzNTM0MA==&mid=2247496957&idx=1&sn=5ef897f46f3bf16bce1a83b45b0611c3&chksm=e8a5fe9edfd27788ba026eddd3fbb4541a0037c8be19dcb77460d206bd14339fb2c1bd0ebf83&scene=58&subscene=0#rd) +- 字节跳动技术团队 + - [ ] [Doubao-1.5-pro 发布 | 豆包大模型 LLM 团队热招中](https://mp.weixin.qq.com/s?__biz=MzI1MzYzMjE0MQ==&mid=2247512992&idx=1&sn=a2ed4bf409a9abb86118650e264e8c27&chksm=e9d37842dea4f1548fa971b2742cd34f4920526a6f0b47f86d0fb2a21fc099e27b42ad9f311f&scene=58&subscene=0#rd) +- 360数字安全 + - [ ] [春节假期|安全服务保障通知](https://mp.weixin.qq.com/s?__biz=MzA4MTg0MDQ4Nw==&mid=2247579262&idx=1&sn=e7e448b49217ce28a44f40bf153ac506&chksm=9f8d2676a8faaf60074a2e9aa0130c961d6ddf5f7f8fd7f9ab0fdafe915fd4058dff6dc59310&scene=58&subscene=0#rd) +- CNVD漏洞平台 + - [ ] [CNVD漏洞周报2025年第4期](https://mp.weixin.qq.com/s?__biz=MzU3ODM2NTg2Mg==&mid=2247495739&idx=1&sn=70bff0dcfddcafcf645feed59f012888&chksm=fd74c0f2ca0349e471d5a0cede4e3ed7bdd0d788c211c68cc80dfd224e519f19650dbc8d8c70&scene=58&subscene=0#rd) + - [ ] [上周关注度较高的产品安全漏洞(20250120-20250126)](https://mp.weixin.qq.com/s?__biz=MzU3ODM2NTg2Mg==&mid=2247495739&idx=2&sn=c1eb11a7df482ea02fe0bb114eaa29bc&chksm=fd74c0f2ca0349e47edcfe201c0666f5f1252b026ececf6de03bbe19fda17ce7ae900d728649&scene=58&subscene=0#rd) +- Krypt3ia + - [ ] [Krypt3ia Daily Cyber Threat Intelligence (CTI) Digest](https://krypt3ia.wordpress.com/2025/01/27/krypt3ia-daily-cyber-threat-intelligence-cti-digest-3/) +- 火绒安全 + - [ ] [恶意文件携带驱动人生数字签名,混淆视听执行后门](https://mp.weixin.qq.com/s?__biz=MzI3NjYzMDM1Mg==&mid=2247522002&idx=1&sn=873e1bfdf5c988f9b559733786cfa7ce&chksm=eb7048eddc07c1fb7225e466c76efcdf6e6a1c2632bf3cd10068ebec8ac9c6675090f5f94a2b&scene=58&subscene=0#rd) + - [ ] [诚邀渠道合作伙伴共启新征程](https://mp.weixin.qq.com/s?__biz=MzI3NjYzMDM1Mg==&mid=2247522002&idx=2&sn=c4d71fab7b6251cbfc896cacdff28134&chksm=eb7048eddc07c1fb82edefd16f8fb8288c55cb69ce8473939c2d858863e391e6d043a3bb7f89&scene=58&subscene=0#rd) +- Over Security - Cybersecurity news aggregator + - [ ] [How to switch off Apple Intelligence on your iPhone, iPad and Mac](https://techcrunch.com/2025/01/27/how-to-switch-off-apple-intelligence-on-your-iphone-ipad-and-mac/) + - [ ] [DeepSeek halts new signups amid "large-scale" cyberattack](https://www.bleepingcomputer.com/news/security/deepseek-halts-new-signups-amid-large-scale-cyberattack/) + - [ ] [Bitwarden makes it harder to hack password vaults without MFA](https://www.bleepingcomputer.com/news/security/bitwarden-makes-it-harder-to-hack-password-vaults-without-mfa/) + - [ ] [Microsoft: January Windows security updates break audio playback](https://www.bleepingcomputer.com/news/microsoft/microsoft-january-windows-security-updates-break-audio-playback/) + - [ ] [DeepSeek R1 Exposed: Security Flaws in China’s AI Model](https://www.kelacyber.com/blog/deepseek-r1-security-flaws/) + - [ ] [Hackers hijack emergency sirens in kindergartens across Israel](https://therecord.media/hackers-hijack-sirens-iran-israel) + - [ ] [Democrat members of US surveillance watchdog defy White House resignation request](https://therecord.media/democrat-pclob-members-defy-white-house-call-for-resignation) + - [ ] [Texas county issues disaster declaration following cyberattack](https://therecord.media/texas-county-disaster-declaration-cyberattack) + - [ ] [Apple fixes this year’s first actively exploited zero-day bug](https://www.bleepingcomputer.com/news/security/apple-fixes-this-years-first-actively-exploited-zero-day-bug/) + - [ ] [OpenAI rival DeepSeek limits registration after ‘large-scale malicious attacks’](https://therecord.media/deepseek-limits-registration-blames-malicious-attacks) + - [ ] [EU sanctions Russian GRU hackers for cyberattacks against Estonia](https://www.bleepingcomputer.com/news/security/eu-sanctions-russian-gru-hackers-for-cyberattacks-against-estonia/) + - [ ] [Brazil bans iris scan company co-founded by Sam Altman from paying citizens for biometric data](https://therecord.media/brazil-iris-scan-data-privacy-tools-for-humanity) + - [ ] [Windows 11 24H2 preview brings new taskbar features](https://www.bleepingcomputer.com/news/microsoft/windows-11-24h2-preview-brings-new-taskbar-features/) + - [ ] [Hackers steal $85 million worth of cryptocurrency from Phemex](https://www.bleepingcomputer.com/news/security/hackers-steal-85-million-worth-of-cryptocurrency-from-phemex/) + - [ ] [Microsoft Teams phishing attack alerts coming to everyone next month](https://www.bleepingcomputer.com/news/security/microsoft-teams-phishing-attack-alerts-coming-to-everyone-next-month/) + - [ ] [Ukraine denies involvement in cyberattack against Slovakia](https://therecord.media/ukraine-denies-cyberattack-involvement-slovakia) + - [ ] [Clone2Leak attacks exploit Git flaws to steal credentials](https://www.bleepingcomputer.com/news/security/clone2leak-attacks-exploit-git-flaws-to-steal-credentials/) + - [ ] [Is GDLockerSec Really Targeting AWS?](https://www.kelacyber.com/blog/is-gdlockersec-really-targeting-aws/) + - [ ] [Preventing Phishing Attacks, Before They Catch You Copy](https://www.kelacyber.com/blog/preventing-phishing-attacks-before-they-catch-you-copy/) + - [ ] [CISO 2025](https://www.certego.net/blog/ciso-2025-innovare-per-fronteggiare-le-nuove-minacce-alla-cybersecurity/) + - [ ] [IT Vulnerability Report: 7-Zip, Windows and Fortinet Fixes Urged by Cyble](https://cyble.com/blog/it-vulnerability-report-7-zip-windows-and-fortinet-fixes-urged-by-cyble/) + - [ ] [Info Sec Unplugged [12]: Datacenter Network](https://roccosicilia.com/2025/01/27/info-sec-unplugged-12-datacenter-network/) + - [ ] [Sweden seizes ship suspected of Baltic Sea cable sabotage](https://therecord.media/sweden-seizes-ship-suspected-cable-sabotage) + - [ ] [United Against Cybercrime: ASEAN Ministers Forge New Security Pathways](https://cyble.com/blog/united-against-cybercrime-asean-ministers-forge-new-security-pathways/) + - [ ] [Le implementazioni LTE e 5G soffrono di centinaia di vulnerabilità](https://www.securityinfo.it/2025/01/27/le-implementazioni-lte-e-5g-soffrono-di-centinaia-di-vulnerabilita/) + - [ ] [CERT-AGID 18 – 24 gennaio: una nuova campagna a tema INPS (e ancora Vidar)](https://www.securityinfo.it/2025/01/27/cert-agid-18-24-gennaio-una-nuova-campagna-a-tema-inps-e-ancora-vidar/) + - [ ] [Cobalt Strike and a Pair of SOCKS Lead to Lockbit Ransomware](https://thedfirreport.com/2025/01/27/cobalt-strike-and-a-pair-of-socks-lead-to-lockbit-ransomware/) +- 悬镜安全 + - [ ] [人物丨悬镜安全张弛:解密悬镜二进制SCA技术背后的黑客大佬](https://mp.weixin.qq.com/s?__biz=MzA3NzE2ODk1Mg==&mid=2647795566&idx=1&sn=359d23f656b50d3a85c021b1e616165b&chksm=8770af39b007262f20e4aa761d196adc461e89aca8fb0246ad44ed56d7d16a2574f73a5eecde&scene=58&subscene=0#rd) +- Securityinfo.it + - [ ] [Le implementazioni LTE e 5G soffrono di centinaia di vulnerabilità](https://www.securityinfo.it/2025/01/27/le-implementazioni-lte-e-5g-soffrono-di-centinaia-di-vulnerabilita/?utm_source=rss&utm_medium=rss&utm_campaign=le-implementazioni-lte-e-5g-soffrono-di-centinaia-di-vulnerabilita) + - [ ] [CERT-AGID 18 – 24 gennaio: una nuova campagna a tema INPS (e ancora Vidar)](https://www.securityinfo.it/2025/01/27/cert-agid-18-24-gennaio-una-nuova-campagna-a-tema-inps-e-ancora-vidar/?utm_source=rss&utm_medium=rss&utm_campaign=cert-agid-18-24-gennaio-una-nuova-campagna-a-tema-inps-e-ancora-vidar) +- Qualys Security Blog + - [ ] [Unlock the Boardroom with Cyber Risk: How the Qualys Enterprise TruRisk™ Platform Empowers CISOs](https://blog.qualys.com/category/product-tech) +- 漏洞战争 + - [ ] [学历赋](https://mp.weixin.qq.com/s?__biz=MzU0MzgzNTU0Mw==&mid=2247485935&idx=1&sn=c9ad7ddf99eb58464e3f86507a44ea7a&chksm=fb041d17cc73940154677fad437801a70ad48959c1dd49fdcb52af2495a7018c01c509eb433a&scene=58&subscene=0#rd) +- IT Service Management News + - [ ] [Linee guida (in bozza!) EDPB sulla pseudonimizzazione](http://blog.cesaregallotti.it/2025/01/linee-guida-in-bozza-edpb-sulla.html) + - [ ] [Regolamento sullo spazio europeo dei dati sanitari (EHDS)](http://blog.cesaregallotti.it/2025/01/regolamento-sullo-spazio-europeo-dei.html) +- NETRESEC Network Security Blog + - [ ] [Blocking Malicious sites with a TLS Firewall](https://www.netresec.com/?page=Blog&month=2025-01&post=Blocking-Malicious-sites-with-a-TLS-Firewall) +- Hacking Exposed Computer Forensics Blog + - [ ] [Daily Blog #730: Sunday Funday 1/26/25](https://www.hecfblog.com/2025/01/daily-blog-730-sunday-funday-12625.html) +- Schneier on Security + - [ ] [New VPN Backdoor](https://www.schneier.com/blog/archives/2025/01/new-vpn-backdoor.html) +- T00ls安全 + - [ ] [T00ls“喜庆2025”网络安全文章征集活动投票结果公告](https://mp.weixin.qq.com/s?__biz=Mzg3NzYzODU5NQ==&mid=2247484906&idx=1&sn=572ea62012da59778ab11cdb9083e223&chksm=cf1ea346f8692a502f73bd6de98d79b44e488978e6c92e828f5eec688593ee767b4a5adeb8ee&scene=58&subscene=0#rd) +- SANS Internet Storm Center, InfoCON: green + - [ ] [An unusual "shy z-wasp" phishing, (Mon, Jan 27th)](https://isc.sans.edu/diary/rss/31626) + - [ ] [ISC Stormcast For Monday, January 27th, 2025 https://isc.sans.edu/podcastdetail/9296, (Mon, Jan 27th)](https://isc.sans.edu/diary/rss/31624) +- Deeplinks + - [ ] [It's Copyright Week 2025: Join Us in the Fight for Better Copyright Law and Policy](https://www.eff.org/deeplinks/2025/01/its-copyright-week-2025-join-us-fight-better-copyright-law-and-policy) +- The Register - Security + - [ ] [US freezes foreign aid, halting cybersecurity defense and policy funds for allies](https://go.theregister.com/feed/www.theregister.com/2025/01/27/us_state_department_freezes_cyber_aid/) + - [ ] [DeepSeek limits new accounts amid cyberattack](https://go.theregister.com/feed/www.theregister.com/2025/01/27/deepseek_suspends_new_registrations_amid/) + - [ ] [Google takes action after coder reports 'most sophisticated attack I've ever seen'](https://go.theregister.com/feed/www.theregister.com/2025/01/27/google_confirms_action_taken_to/) + - [ ] [Sweden seizes cargo ship after another undersea cable hit in suspected sabotage](https://go.theregister.com/feed/www.theregister.com/2025/01/27/sweden_seizes_ship/) + - [ ] [CDNs: Great for speeding up the internet, bad for location privacy](https://go.theregister.com/feed/www.theregister.com/2025/01/27/cloudflare_cdn_location_data/) + - [ ] [British Museum says ex-contractor 'shut down' IT systems, wreaked havoc](https://go.theregister.com/feed/www.theregister.com/2025/01/27/contractor_trespass_british_museum/) +- TorrentFreak + - [ ] [U.S. Anti-Piracy Symposium Emphazises Need for Site Blocking](https://torrentfreak.com/u-s-anti-piracy-symposium-emphazises-site-blocking-250127/) + - [ ] [Pirates Surprise as Oscar-Nominated Movie Screeners Leak Online Again](https://torrentfreak.com/piracy-surprise-as-oscar-nominated-movie-screeners-leak-online-again-250127/) +- Instapaper: Unread + - [ ] [Guerre di Rete - Ulbricht, come si è arrivati alla liberazione del fondatore di Silk Road](https://guerredirete.substack.com/p/guerre-di-rete-ulbricht-come-si-e) +- Your Open Hacker Community + - [ ] [Help.](https://www.reddit.com/r/HowToHack/comments/1ibkihi/help/) + - [ ] [BUILD FOR HACKING](https://www.reddit.com/r/HowToHack/comments/1ibgyos/build_for_hacking/) + - [ ] [I need the backend code of a site that's shutting down](https://www.reddit.com/r/HowToHack/comments/1ibkvnv/i_need_the_backend_code_of_a_site_thats_shutting/) + - [ ] [Your experience learning programming for hacking purposes?](https://www.reddit.com/r/HowToHack/comments/1ib9mau/your_experience_learning_programming_for_hacking/) + - [ ] [Help!](https://www.reddit.com/r/HowToHack/comments/1ibi4xi/help/) + - [ ] [Stupid questions about functions hooking](https://www.reddit.com/r/HowToHack/comments/1ibeaa3/stupid_questions_about_functions_hooking/) + - [ ] [Find Person Behind Instagram Fake Account](https://www.reddit.com/r/HowToHack/comments/1ibjf8w/find_person_behind_instagram_fake_account/) + - [ ] [Tips on beating the first to register](https://www.reddit.com/r/HowToHack/comments/1ibbnr4/tips_on_beating_the_first_to_register/) + - [ ] [Plz help](https://www.reddit.com/r/HowToHack/comments/1ibe8th/plz_help/) + - [ ] [Getting started](https://www.reddit.com/r/HowToHack/comments/1ib1gys/getting_started/) + - [ ] [I'm being spied through my personal phone](https://www.reddit.com/r/HowToHack/comments/1ib7ovq/im_being_spied_through_my_personal_phone/) + - [ ] [Help](https://www.reddit.com/r/HowToHack/comments/1ib724a/help/) + - [ ] [Vladimir and George hacking](https://www.reddit.com/r/HowToHack/comments/1ib1gpv/vladimir_and_george_hacking/) + - [ ] [How do you hack the YouTube algorithm. I’m looking for a step by step guide because I’ve never hacked anything or even tried in my life.](https://www.reddit.com/r/HowToHack/comments/1ib0sq7/how_do_you_hack_the_youtube_algorithm_im_looking/) + - [ ] [What dark web website are good for hacking](https://www.reddit.com/r/HowToHack/comments/1ib0kaq/what_dark_web_website_are_good_for_hacking/) +- Information Security + - [ ] [Infosec analysis on software installation request](https://www.reddit.com/r/Information_Security/comments/1ib5xhx/infosec_analysis_on_software_installation_request/) +- The Hacker News + - [ ] [GitHub Desktop Vulnerability Risks Credential Leaks via Malicious Remote URLs](https://thehackernews.com/2025/01/github-desktop-vulnerability-risks.html) + - [ ] [⚡ THN Weekly Recap: Top Cybersecurity Threats, Tools and Tips [27 January]](https://thehackernews.com/2025/01/thn-weekly-recap-top-cybersecurity_27.html) + - [ ] [Do We Really Need The OWASP NHI Top 10?](https://thehackernews.com/2025/01/do-we-really-need-owasp-nhi-top-10.html) + - [ ] [GamaCopy Mimics Gamaredon Tactics in Cyber Espionage Targeting Russian Entities](https://thehackernews.com/2025/01/gamacopy-mimics-gamaredon-tactics-in.html) + - [ ] [MintsLoader Delivers StealC Malware and BOINC in Targeted Cyber Attacks](https://thehackernews.com/2025/01/mintsloader-delivers-stealc-malware-and.html) +- Deep Web + - [ ] [Ever heard of spiritual manipulation?](https://www.reddit.com/r/deepweb/comments/1ibo2jo/ever_heard_of_spiritual_manipulation/) +- Graham Cluley + - [ ] [Hacked buses blare out patriotic pro-European anthems in Tbilisi, attack government](https://www.bitdefender.com/en-us/blog/hotforsecurity/hacked-buses-blare-out-patriotic-pro-european-anthems-in-tbilisi-attack-government) +- Social Engineering + - [ ] [Conspiracy Theories are for Opportunists](https://www.reddit.com/r/SocialEngineering/comments/1ibboak/conspiracy_theories_are_for_opportunists/) +- Security Affairs + - [ ] [Apple fixed the first actively exploited zero-day of 2025](https://securityaffairs.com/173536/hacking/apple-fixed-the-first-zero-day-vulnerability-of-2025.html) + - [ ] [TalkTalk confirms data breach involving a third-party platform](https://securityaffairs.com/173526/cyber-crime/talktalk-confirms-data-breach.html) + - [ ] [Multiple Git flaws led to credentials compromise](https://securityaffairs.com/173520/security/multiple-git-flaws-led-to-credentials-compromise.html) + - [ ] [GamaCopy targets Russia mimicking Russia-linked Gamaredon APT](https://securityaffairs.com/173501/apt/gamacopy-mimics-russia-linked-gamaredon-apt.html) + - [ ] [ESXi ransomware attacks use SSH tunnels to avoid detection](https://securityaffairs.com/173487/cyber-crime/esxi-ransomware-attacks-use-ssh-tunnels-to-avoid-detection.html) + - [ ] [Attackers allegedly stole $69 million from cryptocurrency platform Phemex](https://securityaffairs.com/173478/digital-id/cryptocurrency-platform-phemex-cyber-heist.html) +- Computer Forensics + - [ ] [eCDFP 30 days plan](https://www.reddit.com/r/computerforensics/comments/1ibb6ij/ecdfp_30_days_plan/) + - [ ] [Top digital forensics conferences in 2025](https://www.reddit.com/r/computerforensics/comments/1ib179q/top_digital_forensics_conferences_in_2025/) +- Technical Information Security Content & Discussion + - [ ] [Get FortiRekt, I am the Super_Admin Now - FortiOS Authentication Bypass CVE-2024-55591 - watchTowr Labs](https://www.reddit.com/r/netsec/comments/1ibfmeo/get_fortirekt_i_am_the_super_admin_now_fortios/) + - [ ] [New way to exploit BYOVD exploits with symbolic links.](https://www.reddit.com/r/netsec/comments/1ib3nnm/new_way_to_exploit_byovd_exploits_with_symbolic/) +- Security Weekly Podcast Network (Audio) + - [ ] [AI Red Teaming Comes to Bug Bounties - Francis Dinha, Michiel Prins - ESW #391](http://sites.libsyn.com/18678/ai-red-teaming-comes-to-bug-bounties-francis-dinha-michiel-prins-esw-391) diff --git a/archive/tmp/2025-01-28.json b/archive/tmp/2025-01-28.json new file mode 100644 index 0000000000..1971478d99 --- /dev/null +++ b/archive/tmp/2025-01-28.json @@ -0,0 +1,411 @@ +{ + "SecWiki News": { + "SecWiki News 2025-01-27 Review": "http://www.sec-wiki.com/?2025-01-27" + }, + "Hacking Articles": { + "Diamond Ticket Attack: Abusing kerberos Trust": "https://www.hackingarticles.in/diamond-ticket-attack-abusing-kerberos-trust/" + }, + "Tenable Blog": { + "How To Clean Up Your Cloud Environment Using Tenable Cloud Security": "https://www.tenable.com/blog/how-to-clean-up-your-cloud-environment-using-tenable-cloud-security" + }, + "Security Boulevard": { + "U.S. Shuts Down Another N. Korean IT Worker Scam, Indicting 5": "https://securityboulevard.com/2025/01/u-s-shuts-down-another-n-korean-it-worker-scam-indicting-5/", + "BTS #44 – Network Appliances: A Growing Concern": "https://securityboulevard.com/2025/01/bts-44-network-appliances-a-growing-concern/", + "DEF CON 32 – Simulating Attacks Against Hydroelectric Power Plants": "https://securityboulevard.com/2025/01/def-con-32-simulating-attacks-against-hydroelectric-power-plants/", + "Hackers Use Malicious PDFs, pose as USPS in Mobile Phishing Scam": "https://securityboulevard.com/2025/01/hackers-use-malicious-pdfs-pose-as-usps-in-mobile-phishing-scam/", + "How to Prepare for EU AI Act Compliance by February 2nd": "https://securityboulevard.com/2025/01/how-to-prepare-for-eu-ai-act-compliance-by-february-2nd/", + "Why The Rise of AI Agents Demands a New Approach to Fraud Prevention": "https://securityboulevard.com/2025/01/why-the-rise-of-ai-agents-demands-a-new-approach-to-fraud-prevention/", + "Randall Munroe’s XKCD ‘T. Rex Evolution’": "https://securityboulevard.com/2025/01/randall-munroes-xkcd-t-rex-evolution/", + "News alert: INE Security announces new initiative to help companies accelerate CMMC 2.0 compliance": "https://securityboulevard.com/2025/01/news-alert-ine-security-announces-new-initiative-to-help-companies-accelerate-cmmc-2-0-compliance/", + "Finding the Right Partner for PCI DSS 4.0.1 Compliance: Requirements 6.4.3 and 11.6.1": "https://securityboulevard.com/2025/01/finding-the-right-partner-for-pci-dss-4-0-1-compliance-requirements-6-4-3-and-11-6-1/", + "DEF CON 32 – 3DU Homo ex Machina": "https://securityboulevard.com/2025/01/def-con-32-3du-homo-ex-machina/" + }, + "Doonsec's feed": { + "浏览器扩展程序:供应链攻击新风险": "https://mp.weixin.qq.com/s?__biz=Mzk0NDcyMjU2OQ==&mid=2247484550&idx=1&sn=c02bc9dd56662cdb263f88d6cb3972f6", + "快过年了,陪家人重温经典故事 《水浒传》中林冲角色": "https://mp.weixin.qq.com/s?__biz=MzU4NDY3MTk2NQ==&mid=2247491051&idx=1&sn=ecb10b17fd7bb1929d83f9fc91d15868", + "面试官:什么是终端复用技术(tmux)?": "https://mp.weixin.qq.com/s?__biz=MzU2MTc4NTEyNw==&mid=2247486447&idx=1&sn=5b98b68ea23131f812c676e1e28a865c", + "精通爬虫技术:从入门到入狱——网络数据爬虫的合法性与法律边界": "https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485462&idx=1&sn=7bd57b19a187b5cc4e681ccabdb62554", + "北七家-未来科学城,3居变4居豪装,理想楼层/户型/朝向": "https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485462&idx=2&sn=aa38fdb9484890ff28fa33eb956db87f", + "【干货】笑傲职场的独家经验(1)": "https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485462&idx=3&sn=73db7dec67642837621580378b52187a", + "【干货原创】实网攻防演习常态化,会带来什么变化01": "https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485462&idx=4&sn=32c45e39b7aa406c34c63723157e5820", + "【干货原创】K12教育,鲜为人知的模式秘密": "https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485462&idx=5&sn=904ed64e3a0a8b04604e39501642c306", + "原创文章目录": "https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485462&idx=6&sn=061a6d50789795a5bd4c3f6a00716e34", + "秦安:特朗普“三板斧”遭遇滑铁卢,本质暴露,下一步中国是关键": "https://mp.weixin.qq.com/s?__biz=MzA5MDg1MDUyMA==&mid=2650476339&idx=1&sn=e1ce666a0ab9712c2886d83bd1877adb", + "秦安:解救台退将高安国!台湾当局构陷为间谍并重判10年,不可忍": "https://mp.weixin.qq.com/s?__biz=MzA5MDg1MDUyMA==&mid=2650476339&idx=2&sn=a56cf6d1f85a6c83b8e5beeb6ab78876", + "学历赋": "https://mp.weixin.qq.com/s?__biz=MzU0MzgzNTU0Mw==&mid=2247485935&idx=1&sn=c9ad7ddf99eb58464e3f86507a44ea7a", + "企业网络安全文化建设必备(2):Gartner PIPE(实践|影响|平台|使能)框架": "https://mp.weixin.qq.com/s?__biz=MzU0MDc5ODM0Mg==&mid=2247484778&idx=1&sn=9669504997ac29232f840c90dc143100", + "带上五款实用软件,让春节假期更精彩": "https://mp.weixin.qq.com/s?__biz=MzI2MjcwMTgwOQ==&mid=2247492187&idx=1&sn=839b938abafa27550d165054c071714a", + "DeepSeek为何脱颖而出?": "https://mp.weixin.qq.com/s?__biz=MzI3MDY0Nzg1Nw==&mid=2247489471&idx=1&sn=aea4a4c9a6a387edcca10e50438e05be", + "锐安全红包发放:2025,让我们以攻防之道,破增长之局!": "https://mp.weixin.qq.com/s?__biz=MzAxOTk3NTg5OQ==&mid=2247492258&idx=1&sn=0107053c5d16b67f3439376c04cef01f", + "掌握数字主权:保障数据安全与自主控制": "https://mp.weixin.qq.com/s?__biz=MzkyMzU2NjQyNA==&mid=2247483933&idx=1&sn=8f6302b17e64641dad3a59116b078096", + "Xray图形化工具 | Super Xray介绍+使用": "https://mp.weixin.qq.com/s?__biz=MzkzNzg3NzQxMQ==&mid=2247485733&idx=1&sn=c428e8ac5075c08b11d6f0bb80204e23", + "信长星看望慰问院士专家": "https://mp.weixin.qq.com/s?__biz=MzU4NDc2MzcwNw==&mid=2247498579&idx=1&sn=90378659a5745a0dccd8ea5617989cfe", + "Claude Sonnet 3.5 模型预部署评估报告": "https://mp.weixin.qq.com/s?__biz=MjM5OTk4MDE2MA==&mid=2655264780&idx=1&sn=434329d6b30b82e84d41fe6d628e0aa8", + "DeepSeek R1本地部署": "https://mp.weixin.qq.com/s?__biz=Mzg2ODc0Mjc0Mw==&mid=2247484166&idx=1&sn=e4b72373f7c77f9ca9a8484254d3cc16", + "车载协议网络安全测试与验证技术": "https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247620209&idx=1&sn=62fb4f6d697fbc3aeae44911bc309fa8", + "模糊测试 ISO 15118 协议栈": "https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247620209&idx=2&sn=a7b93becb562444a99c67be0138e6bbb", + "汽车诊断协议的自动威胁评估": "https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247620209&idx=3&sn=181db85f0a1d7867b71d8f31018ad6a3", + "AI安全 | AI红队体系思考": "https://mp.weixin.qq.com/s?__biz=MzU2NDc2NDYwMA==&mid=2247485980&idx=1&sn=960d573d2e6fe947559893913922555b", + "快来领取你的超级牛红包封面!": "https://mp.weixin.qq.com/s?__biz=Mzk0MTM4NzIxMQ==&mid=2247527516&idx=1&sn=052a43ea22441bf83cccc86ea56461a3", + "通过js进行模糊测试所拿到的一次五千漏洞赏金记录": "https://mp.weixin.qq.com/s?__biz=MzIzMTIzNTM0MA==&mid=2247496957&idx=1&sn=5ef897f46f3bf16bce1a83b45b0611c3", + "猴子回花果山了": "https://mp.weixin.qq.com/s?__biz=Mzk0MzY3MDE5Mg==&mid=2247484000&idx=1&sn=bcb60f30530141fb1333e0bb179fd365", + "Timeline Sec团队2024年度奖项盘点!": "https://mp.weixin.qq.com/s?__biz=MzA4NzUwMzc3NQ==&mid=2247497125&idx=1&sn=1beda84fef5f56cc2ca6aca3453311f9", + "【年终总结2024】拥抱变化,书写属于你的崭新篇章": "https://mp.weixin.qq.com/s?__biz=MzUwOTc3MTQyNg==&mid=2247491368&idx=1&sn=ed2c5b70af95f81f32a0eb1015945656", + "《忍者龙剑传2:黑之章》PC版未加密,发售首日即遭黑客破解": "https://mp.weixin.qq.com/s?__biz=MzU2MTQwMzMxNA==&mid=2247541464&idx=1&sn=cc83ce1fb7205f3da825a11d64b5a1a1", + "共赴新程|江南信安2024年大事记回顾": "https://mp.weixin.qq.com/s?__biz=MzA4MTE0MTEwNQ==&mid=2668670046&idx=1&sn=3d90d226b0ccfc788e9c3d55a906a392", + "网安两位大佬脏话对喷?网安春节联欢晚会?": "https://mp.weixin.qq.com/s?__biz=Mzg4NDk4MTk5OA==&mid=2247485518&idx=1&sn=081012fa0f7c697122122eb1b53b1f60", + "带你解锁编码新世界!--随波逐流CTF编码工具使用教程44 --键盘按键键码keyCode密码": "https://mp.weixin.qq.com/s?__biz=MzU2NzIzNzU4Mg==&mid=2247489639&idx=1&sn=321666dc868c113dcd28f6bfdc082c4d", + "必看!国产超强AI推理,DeepSeek真正实现了AI自由!!!": "https://mp.weixin.qq.com/s?__biz=MzkxMTUwOTY1MA==&mid=2247490125&idx=1&sn=d5a623704b071c5ccfd9c9e6108237eb", + "ICSISIAP伴着蛇年的钟声,愿您好运开场!": "https://mp.weixin.qq.com/s?__biz=MzI2MDk2NDA0OA==&mid=2247531219&idx=1&sn=f2ef95a05d3afd23d49b6f3b284874f7", + "勒索软件编年史:从特洛伊到AI多重勒索": "https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651313205&idx=1&sn=87bd9d4b0f4cf0110a428c760a32e247", + "Microsoft Entra ID允许普通用户更新自己的UPN": "https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651313205&idx=2&sn=076056f3b3febe8c53a042effe79ab62", + "Chrome用户面临供应链攻击威胁,数百万人或受影响": "https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651313205&idx=3&sn=ede56e2405d624e8159192b3bc6dabb4", + "pwndbg:一款专为安全漏洞分析设计的GDB插件": "https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651313205&idx=4&sn=fd39b2e5339a4dbd516501e208e06b3e", + "DIDCTF-应急响应": "https://mp.weixin.qq.com/s?__biz=MzkxMTcyMDczOQ==&mid=2247489787&idx=1&sn=478bd3b1a45b2189e78835e7464fad7a", + "【InForSec 2025年会顶会论文回顾】雷重庆 :以友为鉴:基于 MCU 外设驱动分析的外设模型生成": "https://mp.weixin.qq.com/s?__biz=MzA4ODYzMjU0NQ==&mid=2652317462&idx=1&sn=f826132e0f6fa3183c04badd0fa5dae0", + "【InForSec 2025年会顶会论文回顾】姜嘉仪:增强基于二进制分析的协议逆向工程中字段推断能力的研究": "https://mp.weixin.qq.com/s?__biz=MzA4ODYzMjU0NQ==&mid=2652317462&idx=2&sn=136962e4a93d95b67fdc6518671af5e4", + "【InForSec 2025年会顶会论文回顾】李勇钢:基于虚拟化的未知驱动隔离与保护方法": "https://mp.weixin.qq.com/s?__biz=MzA4ODYzMjU0NQ==&mid=2652317462&idx=3&sn=f21f4c9bf0cef097103e6505e6964774", + "【InForSec 2025年会顶会论文回顾】马昊玉:镜中窥视:利用缓存侧信道攻破 Android 应用沙盒完整性": "https://mp.weixin.qq.com/s?__biz=MzA4ODYzMjU0NQ==&mid=2652317462&idx=4&sn=af78d0a1dc313ed16e1ce158f5556a0e", + "【InForSec 2025年会顶会论文回顾】向昊: 基于完全域敏感和源点意识的控制流完整性方法": "https://mp.weixin.qq.com/s?__biz=MzA4ODYzMjU0NQ==&mid=2652317462&idx=5&sn=4f9bf219ac43637893b96266671c7f9b", + "2024年我国软件业务收入137276亿元 同比增长10%": "https://mp.weixin.qq.com/s?__biz=MzI5NTM4OTQ5Mg==&mid=2247634091&idx=1&sn=09d97d63363872444886eca26d42bd1b", + "多家企业不履行网络安全保护义务被依法处罚": "https://mp.weixin.qq.com/s?__biz=MzIxMDIwODM2MA==&mid=2653931479&idx=1&sn=c7eb966e702167a103aa8237a401daa5", + "新华财经 | 强化治理机制与安全技术融合 完善数据流通安全治理": "https://mp.weixin.qq.com/s?__biz=MzI5NTM4OTQ5Mg==&mid=2247634091&idx=3&sn=ae1890d9fc43a28242614b77158bdb47", + "新型人工智能“黑帽”工具:GhostGPT带来的威胁与挑战": "https://mp.weixin.qq.com/s?__biz=MzI5NTM4OTQ5Mg==&mid=2247634091&idx=4&sn=b35ba1306942e49e81d7c0916dc10b82", + "2024洞见微信年终总结": "https://mp.weixin.qq.com/s?__biz=MzAxNzg3NzMyNQ==&mid=2247489515&idx=1&sn=c7ea742f54ea0d6e7f84c40a2f619721", + "请君入瓮:蜜罐工具如何“钓鱼”黑客": "https://mp.weixin.qq.com/s?__biz=MzkxODc5OTg5MQ==&mid=2247484274&idx=1&sn=08c7763a964ad3e0fdf8c700034ca314", + "ISO 26262,太重要了": "https://mp.weixin.qq.com/s?__biz=MzIzOTc2OTAxMg==&mid=2247549656&idx=1&sn=3b1404c45c6ac9e89a7f1effbc240319", + "以太网知识:什么是MAC,什么是PHY,什么是MII": "https://mp.weixin.qq.com/s?__biz=MzIzOTc2OTAxMg==&mid=2247549656&idx=2&sn=e9d2211ea044442665269f98c6ba7fc7", + "【资讯】民政部等十七部门印发《困境儿童个人信息保护工作办法》": "https://mp.weixin.qq.com/s?__biz=MzU1NDY3NDgwMQ==&mid=2247549514&idx=1&sn=305ef8a47012da8184703835c1e1ed93", + "【资讯】网安标委发布《网络安全标准实践指南——人脸识别支付场景个人信息安全保护要求》": "https://mp.weixin.qq.com/s?__biz=MzU1NDY3NDgwMQ==&mid=2247549514&idx=2&sn=6fb98a5fec924d8cd7a67dccd7424d5b", + "【资讯】江苏省数据局等六部门印发《江苏省推进可信数据空间发展工作方案》": "https://mp.weixin.qq.com/s?__biz=MzU1NDY3NDgwMQ==&mid=2247549514&idx=3&sn=badae398c24ad154b783f9f5a629d0d0", + "[SUCTF2025] SU_APP、SU_Harmony 出题小记": "https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458589294&idx=1&sn=9843c5f997dc4268b2cceefeef11c2d9", + "主打提高实战能力:CTF训练营-Web篇": "https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458589294&idx=2&sn=b3ce8734cd9334e9dd50ed637685ef01", + "紧盯风险,防治漏洞:七步闭环": "https://mp.weixin.qq.com/s?__biz=Mzk0OTQzMDI4Mg==&mid=2247484429&idx=1&sn=d365c76773989b993a162b0224f21e0f", + "喜迎新春 欢度新年——银天科技恭祝您蛇年大吉!!!": "https://mp.weixin.qq.com/s?__biz=MzA4MDk4NTIwMg==&mid=2454063862&idx=1&sn=12471c57f888c3ef8b3cf8fef358aa16", + "网络工程师要学习什么技术?": "https://mp.weixin.qq.com/s?__biz=MzIxNTM3NDE2Nw==&mid=2247490321&idx=1&sn=9b182f0c5ea87de6732432f15ac1fd88", + "网安春晚:TSRC年榜第一小火炬怒喷老牌团队day1创始人王老师": "https://mp.weixin.qq.com/s?__biz=MzkyOTQzNjIwNw==&mid=2247491530&idx=1&sn=b8652982f233b0eb67c95941afd97b2e", + "05x数组42-49": "https://mp.weixin.qq.com/s?__biz=MzA3NDE0NTY0OQ==&mid=2247484219&idx=1&sn=a44902a546dd3f19251633c65a184998", + "科技传播中的科技伦理价值传递与治理原则": "https://mp.weixin.qq.com/s?__biz=MzI1OTExNDY1NQ==&mid=2651618898&idx=1&sn=5f61d50057d512db5a228d8da59d4daf", + "美国总统特朗普命令加密货币工作组起草新法规,探索建立国家加密货币储备": "https://mp.weixin.qq.com/s?__biz=MzI1OTExNDY1NQ==&mid=2651618898&idx=2&sn=4abfd689dec96aeea8848eef12529590", + "一图看懂2024年全球DDoS攻击态势": "https://mp.weixin.qq.com/s?__biz=MjM5MTAwNzUzNQ==&mid=2650511143&idx=1&sn=3a15f876d02eabbf5ae003822f591ece", + "缔盟云祝您有蛇有得,多财多亿,巳巳如意!": "https://mp.weixin.qq.com/s?__biz=MzU3NzAyODU4OQ==&mid=2247485633&idx=1&sn=c6f88c734c41cd5e16eaa606fedd7a98", + "一文带你理清前置机、跳板机与堡垒机的区别": "https://mp.weixin.qq.com/s?__biz=MzkxMzMyNzMyMA==&mid=2247570690&idx=1&sn=b01cfbe28310df8b4522cf9025bcb0a2", + "工商银行软件开发中心建设企业级风险决策服务能力,助推风控数字化转型": "https://mp.weixin.qq.com/s?__biz=MzIxMDIwODM2MA==&mid=2653931479&idx=2&sn=8262daf2f36f04e547fa7e3e63027a00", + "国产AI DeepSeek下载排行第一,AI界拼多多要逆袭chatgpt": "https://mp.weixin.qq.com/s?__biz=Mzg2NDYwMDA1NA==&mid=2247543628&idx=1&sn=17c35fbc61a2b9c9a4b46fdc37f523b6", + "《中国人民银行业务领域网络安全事件报告管理办法(征求意见稿)》公开征求意见": "https://mp.weixin.qq.com/s?__biz=MjM5MzMwMDU5NQ==&mid=2649170564&idx=1&sn=624aa0fc6e97964bc6c24943e541c062", + "小心“红包陷阱” !春节期间当心“喜中有诈”": "https://mp.weixin.qq.com/s?__biz=MjM5MzMwMDU5NQ==&mid=2649170564&idx=2&sn=20add29e69926154f23dfc690f8794be", + "完善数据流通安全治理机制 破解数据流通安全堵点": "https://mp.weixin.qq.com/s?__biz=MjM5MzMwMDU5NQ==&mid=2649170564&idx=3&sn=acebdb407dbd799284061eb5c0b6457e", + "恭贺新春 巳巳如意 | 金盾信安2025年春节假期值守安排": "https://mp.weixin.qq.com/s?__biz=MjM5NjA2NzY3NA==&mid=2448682670&idx=1&sn=a638c4cebbf8f3edd837178cbd57c8df", + "金盾信安 | 网络和数据领域资讯第45期(2025.1.21-2025.1.27)": "https://mp.weixin.qq.com/s?__biz=MjM5NjA2NzY3NA==&mid=2448682670&idx=2&sn=8db6eebf8bd6c8c3f402b5be39471f90", + "红队基础设施建设与改造(四)——深入解析Cobaltstrike(二开环境、认证过程分析、Beacon分析)": "https://mp.weixin.qq.com/s?__biz=MzkwOTE3MzAxOA==&mid=2247485386&idx=1&sn=58bd4e0ea233075a6901ca1c18e458dc", + "【假期别闲着】2025年需要学习的顶级安(黑)全(客)工具和技能": "https://mp.weixin.qq.com/s?__biz=Mzg4NzgyODEzNQ==&mid=2247488631&idx=1&sn=3b6dad961c06f0d42f10b0e26644bd75", + "《天堂之门》技术": "https://mp.weixin.qq.com/s?__biz=MjM5NDcxMDQzNA==&mid=2247489387&idx=1&sn=ac98464c37defc7ff7572ef6c18dcb65", + "山海关安全团队2024年终总结": "https://mp.weixin.qq.com/s?__biz=Mzg4MjcxMTAwMQ==&mid=2247488669&idx=1&sn=b56b57ad952c790150d5244dffdf653d", + "丸啦~真·缉拿归案啦": "https://mp.weixin.qq.com/s?__biz=Mzk0MDY2NTY5Mw==&mid=2247485643&idx=1&sn=4d8692480bd89aa76f65366edcc86000", + "运维风险管控、数据安全规范普及与漏洞情报处置:技术与管理并重的综合策略探讨。|总第278周": "https://mp.weixin.qq.com/s?__biz=MzI2MjQ1NTA4MA==&mid=2247491776&idx=1&sn=4e17c660387c6776b88e397c64e7ed57", + "CNVD漏洞周报2025年第4期": "https://mp.weixin.qq.com/s?__biz=MzU3ODM2NTg2Mg==&mid=2247495739&idx=1&sn=70bff0dcfddcafcf645feed59f012888", + "上周关注度较高的产品安全漏洞(20250120-20250126)": "https://mp.weixin.qq.com/s?__biz=MzU3ODM2NTg2Mg==&mid=2247495739&idx=2&sn=c1eb11a7df482ea02fe0bb114eaa29bc", + "deepseek 崩了": "https://mp.weixin.qq.com/s?__biz=Mzk0MTI4NTIzNQ==&mid=2247492212&idx=1&sn=056eea3aeb7bbefa596ded5c9183de5c", + "黑客使用RID劫持技术创建秘密的Windows管理帐户": "https://mp.weixin.qq.com/s?__biz=MzUyMzczNzUyNQ==&mid=2247523229&idx=1&sn=02f3c873352590457db43f6d314f2ed3", + "GitHub漏洞允许恶意仓库泄露用户凭据": "https://mp.weixin.qq.com/s?__biz=MzUyMzczNzUyNQ==&mid=2247523229&idx=2&sn=596a96b2b96c941baeb9a5420fc9bbc2", + "Kubernetes 集群远程代码执行漏洞致攻击者可接管所有 Windows 节点": "https://mp.weixin.qq.com/s?__biz=MzUyMzczNzUyNQ==&mid=2247523229&idx=3&sn=741cf9ea3ae359cfcb2e7cafb292b025", + "LTE和5G基础设施中的100多个漏洞导致远程核心泄露": "https://mp.weixin.qq.com/s?__biz=MzUyMzczNzUyNQ==&mid=2247523229&idx=4&sn=fae6c9befec51a70547603cfc08bdd67", + "Brute Ratel C4 载荷深度分析": "https://mp.weixin.qq.com/s?__biz=MzAxODM5ODQzNQ==&mid=2247486782&idx=1&sn=eed60be751abe1186862fcb42ad81c69", + "Brute Ratel C4 载荷深度分析 - 第二部分": "https://mp.weixin.qq.com/s?__biz=MzAxODM5ODQzNQ==&mid=2247486782&idx=2&sn=92bb05ee43a6f780e534f0a7b25658de", + "人物专题丨台湾地区海军副司令马群超": "https://mp.weixin.qq.com/s?__biz=Mzg2NTYyODgyNg==&mid=2247504625&idx=1&sn=8ead3d113a164b57f2b73fd0414288eb", + "《=虚假的网安春晚真实的网安春晚=》[旺柴]": "https://mp.weixin.qq.com/s?__biz=MzkxNTczMjA1Ng==&mid=2247483975&idx=1&sn=ba13236ad54bd6d25c2e187d71724f50" + }, + "Private Feed for M09Ic": { + "safedv starred getAsterisk/deepclaude": "https://github.com/getAsterisk/deepclaude", + "mgeeky starred NtDallas/OdinLdr": "https://github.com/NtDallas/OdinLdr", + "4ra1n released 1.4.0 at jar-analyzer/class-obf": "https://github.com/jar-analyzer/class-obf/releases/tag/1.4.0", + "ZeddYu released v0.1.9 at ZeddYu/hugo-theme-stack": "https://github.com/ZeddYu/hugo-theme-stack/releases/tag/v0.1.9", + "safedv starred vxunderground/OCRMe": "https://github.com/vxunderground/OCRMe", + "paranoidninja created a repository paranoidninja/BRC4-BOF-Artillery": "https://github.com/paranoidninja/BRC4-BOF-Artillery//", + "INotGreen starred Adaptix-Framework/AdaptixC2": "https://github.com/Adaptix-Framework/AdaptixC2", + "yzddmr6 started following jbHu67": "https://github.com/jbHu67", + "phith0n starred sezanzeb/input-remapper": "https://github.com/sezanzeb/input-remapper", + "mgeeky starred trailofbits/cfg-showcase": "https://github.com/trailofbits/cfg-showcase", + "0e0w created a repository HackJava/snakeyaml": "https://github.com/HackJava/Hacksnakeyaml//", + "vxunderground created a repository vxunderground/OCRMe": "https://github.com/vxunderground/OCRMe//", + "mgeeky starred ElliotKillick/Mido": "https://github.com/ElliotKillick/Mido", + "mgeeky starred ElliotKillick/windows-vs-linux-loader-architecture": "https://github.com/ElliotKillick/windows-vs-linux-loader-architecture" + }, + "Trustwave Blog": { + "Trustwave SpiderLabs December 2024: Phishing and Email Security Insights": "https://www.trustwave.com/en-us/resources/blogs/trustwave-blog/trustwave-spiderlabs-december-2024-phishing-and-email-security-insights/" + }, + "The DFIR Report": { + "Cobalt Strike and a Pair of SOCKS Lead to LockBit Ransomware": "https://thedfirreport.com/2025/01/27/cobalt-strike-and-a-pair-of-socks-lead-to-lockbit-ransomware/" + }, + "Recent Commits to cve:main": { + "Update Mon Jan 27 20:21:33 UTC 2025": "https://github.com/trickest/cve/commit/b903cf9055faa0f09065ced5de7f9194a3b1a063", + "Update Mon Jan 27 12:26:08 UTC 2025": "https://github.com/trickest/cve/commit/c02fdccf98aca92096b385e95013782e5a87f8d6", + "Update Mon Jan 27 04:22:47 UTC 2025": "https://github.com/trickest/cve/commit/863bfc48e5dd52b0ac34eca3b6ccfca2ae091c10" + }, + "Insinuator.net": { + "Part I: Bluetooth Auracast from a Security Researcher’s Perspective": "https://insinuator.net/2025/01/auracast-part1/" + }, + "Sandfly Security Blog RSS Feed": { + "Sandfly 5.3 - Detailed Host Forensics and Microsoft Sentinel Integration": "https://sandflysecurity.com/about-us/news/sandfly-5-3-detailed-host-forensics-and-microsoft-sentinel-integration/" + }, + "SpiderLabs Blog": { + "Cracking the Giant: How ODAT Challenges Oracle, the King of Databases": "https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/cracking-the-giant-how-odat-challenges-oracle-the-king-of-databases/" + }, + "Bug Bounty in InfoSec Write-ups on Medium": { + "Full GitHub Dorking guide: for OSINT and BugBounty (Reconnaissance)": "https://infosecwriteups.com/full-github-dorking-guide-for-osint-and-bugbounty-reconnaissance-27557fb67ee0?source=rss----7b722bfd1b8d--bug_bounty" + }, + "SentinelOne": { + "Cloud Ransomware Developments | The Risks of Customer-Managed Keys": "https://www.sentinelone.com/blog/cloud-ransomware-developments-the-risks-of-customer-managed-keys/" + }, + "Reverse Engineering": { + "/r/ReverseEngineering's Weekly Questions Thread": "https://www.reddit.com/r/ReverseEngineering/comments/1ib336t/rreverseengineerings_weekly_questions_thread/", + "Video: Binary Refinery URL extractor for LummaStealer loader": "https://www.reddit.com/r/ReverseEngineering/comments/1iazq8n/video_binary_refinery_url_extractor_for/" + }, + "Webroot Blog": { + "6 ways to get the most from Data Privacy Week": "https://www.webroot.com/blog/2025/01/27/6-ways-to-get-the-most-from-data-privacy-week/", + "Managed Detection and Response: Key trends MSPs can’t afford to ignore": "https://www.webroot.com/blog/2025/01/27/managed-detection-and-response-key-trends-msps-cant-afford-to-ignore/" + }, + "FreeBuf网络安全行业门户": { + "THN 每周回顾:顶级网络安全威胁、工具与技巧 [1月27日]": "https://www.freebuf.com/vuls/420917.html", + "GamaCopy模仿Gamaredon战术,针对俄罗斯实体展开网络间谍活动": "https://www.freebuf.com/articles/network/420909.html", + "新威胁组织GamaCopy模仿俄罗斯Gamaredon APT,针对俄语目标发起攻击": "https://www.freebuf.com/articles/endpoint/420915.html", + "恶意文件携带驱动人生数字签名,混淆视听执行后门": "https://www.freebuf.com/news/420885.html", + "ESXi勒索软件攻击利用SSH隧道逃避检测": "https://www.freebuf.com/articles/es/420911.html" + }, + "Malwarebytes": { + "UnitedHealth almost doubles victim numbers from massive Change Healthcare data breach": "https://www.malwarebytes.com/blog/news/2025/01/unitedhealth-almost-doubles-victim-numbers-from-massive-change-healthcare-data-breach", + "A week in security (January 20 – January 26)": "https://www.malwarebytes.com/blog/news/2025/01/a-week-in-security-january-20-january-26", + "Three privacy rules for 2025 (Lock and Code S06E02)": "https://www.malwarebytes.com/blog/podcast/2025/01/three-privacy-rules-for-2025-lock-and-code-s06e02" + }, + "Shostack & Friends Blog": { + "Spatial Reasoning and Threat Modeling": "https://shostack.org/blog/spatial-reasoning-and-threat-modeing/" + }, + "奇客Solidot–传递最新科技情报": { + "Onlyfans 成功背后的心理学": "https://www.solidot.org/story?sid=80440", + "科学家通过黑洞合并事件验证宇宙镜像对称性": "https://www.solidot.org/story?sid=80439", + "研究揭示 PM2.5 毒理学机制": "https://www.solidot.org/story?sid=80438", + "DeepSeek 登顶苹果应用商店免费应用排行榜": "https://www.solidot.org/story?sid=80437", + "天文学家呼吁禁止太空广告": "https://www.solidot.org/story?sid=80436", + "研究发现对 AI 了解越少的人越愿意使用 AI": "https://www.solidot.org/story?sid=80435", + "特斯拉拒绝将 FSD 软件转移到新车": "https://www.solidot.org/story?sid=80434", + "Bitmanagement 与美国海军的反盗版诉讼再次受挫": "https://www.solidot.org/story?sid=80433" + }, + "安全分析与研究": { + "利用合法服务逃避检测的C2框架集合": "https://mp.weixin.qq.com/s?__biz=MzA4ODEyODA3MQ==&mid=2247490200&idx=1&sn=7ded05c5e8fcfb1f9411a02872d16b97&chksm=902fb5b0a7583ca6b9d070be9f189689dd4947d6b3cd745aa9f60a0f8b4753a861b6fb648957&scene=58&subscene=0#rd", + "NetSupport恶意软件实战分析": "https://mp.weixin.qq.com/s?__biz=MzA4ODEyODA3MQ==&mid=2247490200&idx=2&sn=6314bb9f1aaf1b510571b88dba47f6c6&chksm=902fb5b0a7583ca6e350050607a7974c961c89efe6bebff6360180ccda873aeec6cac61a7981&scene=58&subscene=0#rd" + }, + "沉隐杂谈录": { + "春节快乐-D2发布-新的开始": "https://mp.weixin.qq.com/s?__biz=MzIxMDI0MzQzNQ==&mid=2650416407&idx=1&sn=9b8c96ba91a0e21e291d6afc156427ae&chksm=8f691f13b81e9605d0c04246123189c15bd8df8a98c759c24ab9f3b029b4c1e33968ae3bf07a&scene=58&subscene=0#rd" + }, + "吾爱破解论坛": { + "吾爱破解论坛微信红包封面(105000份)": "https://mp.weixin.qq.com/s?__biz=MjM5Mjc3MDM2Mw==&mid=2651141642&idx=1&sn=dbc86b6bb93f87ff6b37ff25887ea8ab&chksm=bd50a65e8a272f487fe50c942a392975c1b2f40c830799f082a541fb014f24452a88f9b03c18&scene=58&subscene=0#rd" + }, + "Black Hills Information Security": { + "GRC for Security Managers: From Checklists to Influence": "https://www.blackhillsinfosec.com/grc-for-security-managers-wrapup/" + }, + "看雪学苑": { + "[SUCTF2025] SU_APP、SU_Harmony 出题小记": "https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458589294&idx=1&sn=9843c5f997dc4268b2cceefeef11c2d9&chksm=b18c28e486fba1f2def30ae2ad36fb881a2d6b3ae21e83fb24cd04f74d14f7fbfae69daac012&scene=58&subscene=0#rd", + "主打提高实战能力:CTF训练营-Web篇": "https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458589294&idx=2&sn=b3ce8734cd9334e9dd50ed637685ef01&chksm=b18c28e486fba1f26a5b9b0ff4c245f804d7b5bf346992a0ddef298cd610ea4c06ec61e36f24&scene=58&subscene=0#rd" + }, + "丁爸 情报分析师的工具箱": { + "【实操】大语言模型能否按照特定要求撰写情报简报": "https://mp.weixin.qq.com/s?__biz=MzI2MTE0NTE3Mw==&mid=2651148703&idx=1&sn=c924baf97ad0b03dd7fb0f48ff913106&chksm=f1af26a5c6d8afb3022277d9121d65514f7d642109b5cc100fd1264fd42ddb72d63aae8c2e43&scene=58&subscene=0#rd" + }, + "君哥的体历": { + "运维风险管控、数据安全规范普及与漏洞情报处置:技术与管理并重的综合策略探讨。|总第278周": "https://mp.weixin.qq.com/s?__biz=MzI2MjQ1NTA4MA==&mid=2247491776&idx=1&sn=4e17c660387c6776b88e397c64e7ed57&chksm=ea484a87dd3fc3919e9026124b6bc0ba8b63b525d5d9b381260922106e0c8fca0d924c4c1bc5&scene=58&subscene=0#rd" + }, + "dotNet安全矩阵": { + "收藏 | dotNet 安全矩阵团队2024年度内网横向移动阶段文章和工具汇总": "https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498493&idx=1&sn=0d58ecc98d8333a349c3712d4c129203&chksm=fa595410cd2edd062276b3223d5124040f319e19ba6ea3217db7d2e4d66add50a2c28fe6313a&scene=58&subscene=0#rd", + "国内最专业、最全面的 [ .NET 代码审计 ] 体系化学习交流社区": "https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498493&idx=2&sn=42328f97d2cb9e8a7299d8948372c706&chksm=fa595410cd2edd060e5fd0741bf0e131d3cd04fafec5389c16758b57d4443a69e9583caee479&scene=58&subscene=0#rd", + "通过 Sharp4Tokenvator 实现本地权限提升": "https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498493&idx=3&sn=d4029c2b542db791a7c4a70127b369fc&chksm=fa595410cd2edd069e4d76454b7789a94293ccb94a2ca643ad9f8b6bb7689ce4f47c1adf7a35&scene=58&subscene=0#rd" + }, + "安全牛": { + "春节放假通知": "https://mp.weixin.qq.com/s?__biz=MjM5Njc3NjM4MA==&mid=2651134996&idx=1&sn=1c7920ea6f4ee8c218f4ff5dfcc4b28c&chksm=bd15acc78a6225d1f846166029b745338e146775f7f660efefe8493f1aa89f4e08347b6475c7&scene=58&subscene=0#rd", + "LTE和5G网络实现中存在119个安全漏洞,可导致大规模通信中断;调查显示:仅7%受害者在支付勒索软件赎金后成功恢复数据 |牛览": "https://mp.weixin.qq.com/s?__biz=MjM5Njc3NjM4MA==&mid=2651134996&idx=2&sn=82356d56bcca2787f9016513ed4f3cbf&chksm=bd15acc78a6225d149fe16de3316f0735ac8eb52adf8cea1638c72eb92dc9122d6eb960a5ce0&scene=58&subscene=0#rd" + }, + "中国信息安全": { + "聚焦 | 国家网络威胁信息汇聚共享技术平台试运行总结表彰会成功举办": "https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235892&idx=1&sn=7fbcbb0883b6c65f4e3ba90ca09cccb7&chksm=8b58018dbc2f889be69ce98bffbb8700788264b4674a06edae6f3bf279bbde06a7fb39fc0778&scene=58&subscene=0#rd", + "全球视野 | 国际网安快讯(第47期)": "https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235892&idx=2&sn=08a60783ca81347f55ac588740b70769&chksm=8b58018dbc2f889b07208718f2d827850ae2e964d65cfa90e842cdf6a10017f45ca80902cce0&scene=58&subscene=0#rd", + "专家解读 | 扎实推进数据标准化工作 保障国家数据基础设施建设行稳致远": "https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235892&idx=3&sn=60fe07f5134c5dcdf56d12ae7a8a6f6f&chksm=8b58018dbc2f889b91b925e9e99f943eb4e141139265dd2619cbcb7539ff4d1feb896ec1b3b5&scene=58&subscene=0#rd", + "四部门提示:防范“云养经济”欺诈!": "https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235892&idx=4&sn=e08fb24557851d99e80e4c6209a72e03&chksm=8b58018dbc2f889bf575dd94acf5c653e8345717700f5a66d66444326c0e8254fa40351c4c22&scene=58&subscene=0#rd", + "专家解读 | 规范互联网平台企业报送信息 加强税源监管": "https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235892&idx=5&sn=9a656024279a6e896c92ce522318f0f9&chksm=8b58018dbc2f889b133dcd409bdae5218c53a73c4bb07029a09b2ad2c68aefeb13bcf03e65ea&scene=58&subscene=0#rd", + "发布 | 中国信通院发布《车联网蓝皮书(数据赋能)(2024年)》(附下载)": "https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235892&idx=6&sn=4f29a9e415b95ec39af7c39c827ca8c6&chksm=8b58018dbc2f889b275a166290ba46af1f9486655da918e0239a1c03e50ba180c0e23d550e1a&scene=58&subscene=0#rd", + "专家观点 | 数据治理助推中国生成式人工智能高质量发展": "https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235892&idx=7&sn=20d279dc28a3b944e6b08da8d0389648&chksm=8b58018dbc2f889b9b6c89092f8cba2bb490d27fc2b4b445f543c8ee998827a6e62a888bef51&scene=58&subscene=0#rd", + "评论 | 严打黑客犯罪筑牢网安防线": "https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235892&idx=8&sn=a3453b1c835acec8834fbd5ff7af2441&chksm=8b58018dbc2f889b114f424c5cbc8fe72002e287bd824755f2bf4fe876eb53a3990490582cb1&scene=58&subscene=0#rd" + }, + "极客公园": { + "超音速民航「全球竞赛」,这家中国公司要「换道赛车」": "https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653072943&idx=1&sn=ffb269408b68f9e0288deb4a716e35a5&chksm=7e57d39949205a8fcb59175315452b11b6aa0621056de0de1b1c687d1a376823a493833406ad&scene=58&subscene=0#rd", + "变天!——由一个惊艳例子引发对 DeepSeek 的 10 条思考": "https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653072943&idx=2&sn=42192769f13fb530fa9d3e23e0ad898c&chksm=7e57d39949205a8f43d40b81d6f0eeb1f919cf2f591666e28604cf8442613d9c9b06c3d6520e&scene=58&subscene=0#rd", + "2025 年,多模态会诞生下一个 Super App 吗?": "https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653072869&idx=1&sn=12adc42065f8f5e00bc46673e247f39b&chksm=7e57d05349205945bf789818c879903e56ec41dee196f11a2c2eb03e570dbb7d37f5276ddf06&scene=58&subscene=0#rd", + "DeepSeek升至美区苹果应用榜第一;Switch 2发售时间疑似泄露;苹果iPhone SE4或3月发布|极客早知道": "https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653072885&idx=1&sn=7e5a3b9e6ca75e1cde3533d9d9979269&chksm=7e57d0434920595525c153f6692cab3f51588c07e99b811fa04650161507b68ef8826215554a&scene=58&subscene=0#rd" + }, + "嘶吼专业版": { + "新的 DoubleClickjacking 攻击利用双击来劫持帐户": "https://mp.weixin.qq.com/s?__biz=MzI0MDY1MDU4MQ==&mid=2247580993&idx=1&sn=9cef8f9e885411deefa3dd1718756bec&chksm=e9146d7bde63e46d6f0696852e5e5dc1ea9b2c6006db56346d548914ef0d50494db9f8fafe58&scene=58&subscene=0#rd", + "安全动态回顾|工信部发布关于防范Androxgh0st僵尸网络的风险提示 Tesla EV充电器在PWN2OWN遭黑客多次入侵": "https://mp.weixin.qq.com/s?__biz=MzI0MDY1MDU4MQ==&mid=2247580993&idx=2&sn=790649df6d58dba77660759df720c892&chksm=e9146d7bde63e46d5df8acb5d88a467ae8534a921ea900181bdacf12e66a11088693b337bd86&scene=58&subscene=0#rd" + }, + "情报分析师": { + "深挖“颜十六”:影视圈的“毒瘤”与跨国诈骗的“操盘手”": "https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650559276&idx=1&sn=031b0b5216b2db6c8a00f413e26ddcb0&chksm=87117d67b066f4718e1e8c4668285b5b2e2f1516a4c29ae581a945f427b952a45f7b90bb7cb3&scene=58&subscene=0#rd", + "中情局携手乌克兰:从针锋相对到深度绑定,背后暗藏的全球隐患": "https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650559276&idx=2&sn=43bf564f5b1729bfe0286075d2cbc790&chksm=87117d67b066f471cc064ed852c6dfb97f82886b78a1b56aa647781834ebf0d1af0fec3e978a&scene=58&subscene=0#rd" + }, + "网安国际": { + "【InForSec 2025年会顶会论文回顾】雷重庆 :以友为鉴:基于 MCU 外设驱动分析的外设模型生成": "https://mp.weixin.qq.com/s?__biz=MzA4ODYzMjU0NQ==&mid=2652317462&idx=1&sn=f826132e0f6fa3183c04badd0fa5dae0&chksm=8bc4ba98bcb3338ebd4c95535b024fb2d0951f24bd5c6220286b8f0e82cf6e3ed30fe77a6690&scene=58&subscene=0#rd", + "【InForSec 2025年会顶会论文回顾】姜嘉仪:增强基于二进制分析的协议逆向工程中字段推断能力的研究": "https://mp.weixin.qq.com/s?__biz=MzA4ODYzMjU0NQ==&mid=2652317462&idx=2&sn=136962e4a93d95b67fdc6518671af5e4&chksm=8bc4ba98bcb3338e45009a0994535a27c07c8a156be33fa8f7baf2d45b20e61c5bb48fa202d8&scene=58&subscene=0#rd", + "【InForSec 2025年会顶会论文回顾】李勇钢:基于虚拟化的未知驱动隔离与保护方法": "https://mp.weixin.qq.com/s?__biz=MzA4ODYzMjU0NQ==&mid=2652317462&idx=3&sn=f21f4c9bf0cef097103e6505e6964774&chksm=8bc4ba98bcb3338ede7044a70a7f51fa822aed833fe94983e8164af7b05be3eda9dc94bbfdb9&scene=58&subscene=0#rd", + "【InForSec 2025年会顶会论文回顾】马昊玉:镜中窥视:利用缓存侧信道攻破 Android 应用沙盒完整性": "https://mp.weixin.qq.com/s?__biz=MzA4ODYzMjU0NQ==&mid=2652317462&idx=4&sn=af78d0a1dc313ed16e1ce158f5556a0e&chksm=8bc4ba98bcb3338e8fbc65c1337d3af8ce4cdc1b60706c6dcbd92114dec43b23f09411cd3af7&scene=58&subscene=0#rd", + "【InForSec 2025年会顶会论文回顾】向昊: 基于完全域敏感和源点意识的控制流完整性方法": "https://mp.weixin.qq.com/s?__biz=MzA4ODYzMjU0NQ==&mid=2652317462&idx=5&sn=4f9bf219ac43637893b96266671c7f9b&chksm=8bc4ba98bcb3338eaa76ba29a15693a8cd7fdce579502c0ca5f68c46e4d44b1bee8ae278dc8b&scene=58&subscene=0#rd" + }, + "迪哥讲事": { + "通过js进行模糊测试所拿到的一次五千漏洞赏金记录": "https://mp.weixin.qq.com/s?__biz=MzIzMTIzNTM0MA==&mid=2247496957&idx=1&sn=5ef897f46f3bf16bce1a83b45b0611c3&chksm=e8a5fe9edfd27788ba026eddd3fbb4541a0037c8be19dcb77460d206bd14339fb2c1bd0ebf83&scene=58&subscene=0#rd" + }, + "字节跳动技术团队": { + "Doubao-1.5-pro 发布 | 豆包大模型 LLM 团队热招中": "https://mp.weixin.qq.com/s?__biz=MzI1MzYzMjE0MQ==&mid=2247512992&idx=1&sn=a2ed4bf409a9abb86118650e264e8c27&chksm=e9d37842dea4f1548fa971b2742cd34f4920526a6f0b47f86d0fb2a21fc099e27b42ad9f311f&scene=58&subscene=0#rd" + }, + "360数字安全": { + "春节假期|安全服务保障通知": "https://mp.weixin.qq.com/s?__biz=MzA4MTg0MDQ4Nw==&mid=2247579262&idx=1&sn=e7e448b49217ce28a44f40bf153ac506&chksm=9f8d2676a8faaf60074a2e9aa0130c961d6ddf5f7f8fd7f9ab0fdafe915fd4058dff6dc59310&scene=58&subscene=0#rd" + }, + "CNVD漏洞平台": { + "CNVD漏洞周报2025年第4期": "https://mp.weixin.qq.com/s?__biz=MzU3ODM2NTg2Mg==&mid=2247495739&idx=1&sn=70bff0dcfddcafcf645feed59f012888&chksm=fd74c0f2ca0349e471d5a0cede4e3ed7bdd0d788c211c68cc80dfd224e519f19650dbc8d8c70&scene=58&subscene=0#rd", + "上周关注度较高的产品安全漏洞(20250120-20250126)": "https://mp.weixin.qq.com/s?__biz=MzU3ODM2NTg2Mg==&mid=2247495739&idx=2&sn=c1eb11a7df482ea02fe0bb114eaa29bc&chksm=fd74c0f2ca0349e47edcfe201c0666f5f1252b026ececf6de03bbe19fda17ce7ae900d728649&scene=58&subscene=0#rd" + }, + "Krypt3ia": { + "Krypt3ia Daily Cyber Threat Intelligence (CTI) Digest": "https://krypt3ia.wordpress.com/2025/01/27/krypt3ia-daily-cyber-threat-intelligence-cti-digest-3/" + }, + "火绒安全": { + "恶意文件携带驱动人生数字签名,混淆视听执行后门": "https://mp.weixin.qq.com/s?__biz=MzI3NjYzMDM1Mg==&mid=2247522002&idx=1&sn=873e1bfdf5c988f9b559733786cfa7ce&chksm=eb7048eddc07c1fb7225e466c76efcdf6e6a1c2632bf3cd10068ebec8ac9c6675090f5f94a2b&scene=58&subscene=0#rd", + "诚邀渠道合作伙伴共启新征程": "https://mp.weixin.qq.com/s?__biz=MzI3NjYzMDM1Mg==&mid=2247522002&idx=2&sn=c4d71fab7b6251cbfc896cacdff28134&chksm=eb7048eddc07c1fb82edefd16f8fb8288c55cb69ce8473939c2d858863e391e6d043a3bb7f89&scene=58&subscene=0#rd" + }, + "Over Security - Cybersecurity news aggregator": { + "How to switch off Apple Intelligence on your iPhone, iPad and Mac": "https://techcrunch.com/2025/01/27/how-to-switch-off-apple-intelligence-on-your-iphone-ipad-and-mac/", + "DeepSeek halts new signups amid \"large-scale\" cyberattack": "https://www.bleepingcomputer.com/news/security/deepseek-halts-new-signups-amid-large-scale-cyberattack/", + "Bitwarden makes it harder to hack password vaults without MFA": "https://www.bleepingcomputer.com/news/security/bitwarden-makes-it-harder-to-hack-password-vaults-without-mfa/", + "Microsoft: January Windows security updates break audio playback": "https://www.bleepingcomputer.com/news/microsoft/microsoft-january-windows-security-updates-break-audio-playback/", + "DeepSeek R1 Exposed: Security Flaws in China’s AI Model": "https://www.kelacyber.com/blog/deepseek-r1-security-flaws/", + "Hackers hijack emergency sirens in kindergartens across Israel": "https://therecord.media/hackers-hijack-sirens-iran-israel", + "Democrat members of US surveillance watchdog defy White House resignation request": "https://therecord.media/democrat-pclob-members-defy-white-house-call-for-resignation", + "Texas county issues disaster declaration following cyberattack": "https://therecord.media/texas-county-disaster-declaration-cyberattack", + "Apple fixes this year’s first actively exploited zero-day bug": "https://www.bleepingcomputer.com/news/security/apple-fixes-this-years-first-actively-exploited-zero-day-bug/", + "OpenAI rival DeepSeek limits registration after ‘large-scale malicious attacks’": "https://therecord.media/deepseek-limits-registration-blames-malicious-attacks", + "EU sanctions Russian GRU hackers for cyberattacks against Estonia": "https://www.bleepingcomputer.com/news/security/eu-sanctions-russian-gru-hackers-for-cyberattacks-against-estonia/", + "Brazil bans iris scan company co-founded by Sam Altman from paying citizens for biometric data": "https://therecord.media/brazil-iris-scan-data-privacy-tools-for-humanity", + "Windows 11 24H2 preview brings new taskbar features": "https://www.bleepingcomputer.com/news/microsoft/windows-11-24h2-preview-brings-new-taskbar-features/", + "Hackers steal $85 million worth of cryptocurrency from Phemex": "https://www.bleepingcomputer.com/news/security/hackers-steal-85-million-worth-of-cryptocurrency-from-phemex/", + "Microsoft Teams phishing attack alerts coming to everyone next month": "https://www.bleepingcomputer.com/news/security/microsoft-teams-phishing-attack-alerts-coming-to-everyone-next-month/", + "Ukraine denies involvement in cyberattack against Slovakia": "https://therecord.media/ukraine-denies-cyberattack-involvement-slovakia", + "Clone2Leak attacks exploit Git flaws to steal credentials": "https://www.bleepingcomputer.com/news/security/clone2leak-attacks-exploit-git-flaws-to-steal-credentials/", + "Is GDLockerSec Really Targeting AWS?": "https://www.kelacyber.com/blog/is-gdlockersec-really-targeting-aws/", + "Preventing Phishing Attacks, Before They Catch You Copy": "https://www.kelacyber.com/blog/preventing-phishing-attacks-before-they-catch-you-copy/", + "CISO 2025": "https://www.certego.net/blog/ciso-2025-innovare-per-fronteggiare-le-nuove-minacce-alla-cybersecurity/", + "IT Vulnerability Report: 7-Zip, Windows and Fortinet Fixes Urged by Cyble": "https://cyble.com/blog/it-vulnerability-report-7-zip-windows-and-fortinet-fixes-urged-by-cyble/", + "Info Sec Unplugged [12]: Datacenter Network": "https://roccosicilia.com/2025/01/27/info-sec-unplugged-12-datacenter-network/", + "Sweden seizes ship suspected of Baltic Sea cable sabotage": "https://therecord.media/sweden-seizes-ship-suspected-cable-sabotage", + "United Against Cybercrime: ASEAN Ministers Forge New Security Pathways": "https://cyble.com/blog/united-against-cybercrime-asean-ministers-forge-new-security-pathways/", + "Le implementazioni LTE e 5G soffrono di centinaia di vulnerabilità": "https://www.securityinfo.it/2025/01/27/le-implementazioni-lte-e-5g-soffrono-di-centinaia-di-vulnerabilita/", + "CERT-AGID 18 – 24 gennaio: una nuova campagna a tema INPS (e ancora Vidar)": "https://www.securityinfo.it/2025/01/27/cert-agid-18-24-gennaio-una-nuova-campagna-a-tema-inps-e-ancora-vidar/", + "Cobalt Strike and a Pair of SOCKS Lead to Lockbit Ransomware": "https://thedfirreport.com/2025/01/27/cobalt-strike-and-a-pair-of-socks-lead-to-lockbit-ransomware/" + }, + "悬镜安全": { + "人物丨悬镜安全张弛:解密悬镜二进制SCA技术背后的黑客大佬": "https://mp.weixin.qq.com/s?__biz=MzA3NzE2ODk1Mg==&mid=2647795566&idx=1&sn=359d23f656b50d3a85c021b1e616165b&chksm=8770af39b007262f20e4aa761d196adc461e89aca8fb0246ad44ed56d7d16a2574f73a5eecde&scene=58&subscene=0#rd" + }, + "Securityinfo.it": { + "Le implementazioni LTE e 5G soffrono di centinaia di vulnerabilità": "https://www.securityinfo.it/2025/01/27/le-implementazioni-lte-e-5g-soffrono-di-centinaia-di-vulnerabilita/?utm_source=rss&utm_medium=rss&utm_campaign=le-implementazioni-lte-e-5g-soffrono-di-centinaia-di-vulnerabilita", + "CERT-AGID 18 – 24 gennaio: una nuova campagna a tema INPS (e ancora Vidar)": "https://www.securityinfo.it/2025/01/27/cert-agid-18-24-gennaio-una-nuova-campagna-a-tema-inps-e-ancora-vidar/?utm_source=rss&utm_medium=rss&utm_campaign=cert-agid-18-24-gennaio-una-nuova-campagna-a-tema-inps-e-ancora-vidar" + }, + "Qualys Security Blog": { + "Unlock the Boardroom with Cyber Risk: How the Qualys Enterprise TruRisk™ Platform Empowers CISOs": "https://blog.qualys.com/category/product-tech" + }, + "漏洞战争": { + "学历赋": "https://mp.weixin.qq.com/s?__biz=MzU0MzgzNTU0Mw==&mid=2247485935&idx=1&sn=c9ad7ddf99eb58464e3f86507a44ea7a&chksm=fb041d17cc73940154677fad437801a70ad48959c1dd49fdcb52af2495a7018c01c509eb433a&scene=58&subscene=0#rd" + }, + "IT Service Management News": { + "Linee guida (in bozza!) EDPB sulla pseudonimizzazione": "http://blog.cesaregallotti.it/2025/01/linee-guida-in-bozza-edpb-sulla.html", + "Regolamento sullo spazio europeo dei dati sanitari (EHDS)": "http://blog.cesaregallotti.it/2025/01/regolamento-sullo-spazio-europeo-dei.html" + }, + "NETRESEC Network Security Blog": { + "Blocking Malicious sites with a TLS Firewall": "https://www.netresec.com/?page=Blog&month=2025-01&post=Blocking-Malicious-sites-with-a-TLS-Firewall" + }, + "Hacking Exposed Computer Forensics Blog": { + "Daily Blog #730: Sunday Funday 1/26/25": "https://www.hecfblog.com/2025/01/daily-blog-730-sunday-funday-12625.html" + }, + "Schneier on Security": { + "New VPN Backdoor": "https://www.schneier.com/blog/archives/2025/01/new-vpn-backdoor.html" + }, + "T00ls安全": { + "T00ls“喜庆2025”网络安全文章征集活动投票结果公告": "https://mp.weixin.qq.com/s?__biz=Mzg3NzYzODU5NQ==&mid=2247484906&idx=1&sn=572ea62012da59778ab11cdb9083e223&chksm=cf1ea346f8692a502f73bd6de98d79b44e488978e6c92e828f5eec688593ee767b4a5adeb8ee&scene=58&subscene=0#rd" + }, + "SANS Internet Storm Center, InfoCON: green": { + "An unusual \"shy z-wasp\" phishing, (Mon, Jan 27th)": "https://isc.sans.edu/diary/rss/31626", + "ISC Stormcast For Monday, January 27th, 2025 https://isc.sans.edu/podcastdetail/9296, (Mon, Jan 27th)": "https://isc.sans.edu/diary/rss/31624" + }, + "Deeplinks": { + "It's Copyright Week 2025: Join Us in the Fight for Better Copyright Law and Policy": "https://www.eff.org/deeplinks/2025/01/its-copyright-week-2025-join-us-fight-better-copyright-law-and-policy" + }, + "The Register - Security": { + "US freezes foreign aid, halting cybersecurity defense and policy funds for allies": "https://go.theregister.com/feed/www.theregister.com/2025/01/27/us_state_department_freezes_cyber_aid/", + "DeepSeek limits new accounts amid cyberattack": "https://go.theregister.com/feed/www.theregister.com/2025/01/27/deepseek_suspends_new_registrations_amid/", + "Google takes action after coder reports 'most sophisticated attack I've ever seen'": "https://go.theregister.com/feed/www.theregister.com/2025/01/27/google_confirms_action_taken_to/", + "Sweden seizes cargo ship after another undersea cable hit in suspected sabotage": "https://go.theregister.com/feed/www.theregister.com/2025/01/27/sweden_seizes_ship/", + "CDNs: Great for speeding up the internet, bad for location privacy": "https://go.theregister.com/feed/www.theregister.com/2025/01/27/cloudflare_cdn_location_data/", + "British Museum says ex-contractor 'shut down' IT systems, wreaked havoc": "https://go.theregister.com/feed/www.theregister.com/2025/01/27/contractor_trespass_british_museum/" + }, + "TorrentFreak": { + "U.S. Anti-Piracy Symposium Emphazises Need for Site Blocking": "https://torrentfreak.com/u-s-anti-piracy-symposium-emphazises-site-blocking-250127/", + "Pirates Surprise as Oscar-Nominated Movie Screeners Leak Online Again": "https://torrentfreak.com/piracy-surprise-as-oscar-nominated-movie-screeners-leak-online-again-250127/" + }, + "Instapaper: Unread": { + "Guerre di Rete - Ulbricht, come si è arrivati alla liberazione del fondatore di Silk Road": "https://guerredirete.substack.com/p/guerre-di-rete-ulbricht-come-si-e" + }, + "Your Open Hacker Community": { + "Help.": "https://www.reddit.com/r/HowToHack/comments/1ibkihi/help/", + "BUILD FOR HACKING": "https://www.reddit.com/r/HowToHack/comments/1ibgyos/build_for_hacking/", + "I need the backend code of a site that's shutting down": "https://www.reddit.com/r/HowToHack/comments/1ibkvnv/i_need_the_backend_code_of_a_site_thats_shutting/", + "Your experience learning programming for hacking purposes?": "https://www.reddit.com/r/HowToHack/comments/1ib9mau/your_experience_learning_programming_for_hacking/", + "Help!": "https://www.reddit.com/r/HowToHack/comments/1ibi4xi/help/", + "Stupid questions about functions hooking": "https://www.reddit.com/r/HowToHack/comments/1ibeaa3/stupid_questions_about_functions_hooking/", + "Find Person Behind Instagram Fake Account": "https://www.reddit.com/r/HowToHack/comments/1ibjf8w/find_person_behind_instagram_fake_account/", + "Tips on beating the first to register": "https://www.reddit.com/r/HowToHack/comments/1ibbnr4/tips_on_beating_the_first_to_register/", + "Plz help": "https://www.reddit.com/r/HowToHack/comments/1ibe8th/plz_help/", + "Getting started": "https://www.reddit.com/r/HowToHack/comments/1ib1gys/getting_started/", + "I'm being spied through my personal phone": "https://www.reddit.com/r/HowToHack/comments/1ib7ovq/im_being_spied_through_my_personal_phone/", + "Help": "https://www.reddit.com/r/HowToHack/comments/1ib724a/help/", + "Vladimir and George hacking": "https://www.reddit.com/r/HowToHack/comments/1ib1gpv/vladimir_and_george_hacking/", + "How do you hack the YouTube algorithm. I’m looking for a step by step guide because I’ve never hacked anything or even tried in my life.": "https://www.reddit.com/r/HowToHack/comments/1ib0sq7/how_do_you_hack_the_youtube_algorithm_im_looking/", + "What dark web website are good for hacking": "https://www.reddit.com/r/HowToHack/comments/1ib0kaq/what_dark_web_website_are_good_for_hacking/" + }, + "Information Security": { + "Infosec analysis on software installation request": "https://www.reddit.com/r/Information_Security/comments/1ib5xhx/infosec_analysis_on_software_installation_request/" + }, + "The Hacker News": { + "GitHub Desktop Vulnerability Risks Credential Leaks via Malicious Remote URLs": "https://thehackernews.com/2025/01/github-desktop-vulnerability-risks.html", + "⚡ THN Weekly Recap: Top Cybersecurity Threats, Tools and Tips [27 January]": "https://thehackernews.com/2025/01/thn-weekly-recap-top-cybersecurity_27.html", + "Do We Really Need The OWASP NHI Top 10?": "https://thehackernews.com/2025/01/do-we-really-need-owasp-nhi-top-10.html", + "GamaCopy Mimics Gamaredon Tactics in Cyber Espionage Targeting Russian Entities": "https://thehackernews.com/2025/01/gamacopy-mimics-gamaredon-tactics-in.html", + "MintsLoader Delivers StealC Malware and BOINC in Targeted Cyber Attacks": "https://thehackernews.com/2025/01/mintsloader-delivers-stealc-malware-and.html" + }, + "Deep Web": { + "Ever heard of spiritual manipulation?": "https://www.reddit.com/r/deepweb/comments/1ibo2jo/ever_heard_of_spiritual_manipulation/" + }, + "Graham Cluley": { + "Hacked buses blare out patriotic pro-European anthems in Tbilisi, attack government": "https://www.bitdefender.com/en-us/blog/hotforsecurity/hacked-buses-blare-out-patriotic-pro-european-anthems-in-tbilisi-attack-government" + }, + "Social Engineering": { + "Conspiracy Theories are for Opportunists": "https://www.reddit.com/r/SocialEngineering/comments/1ibboak/conspiracy_theories_are_for_opportunists/" + }, + "Security Affairs": { + "Apple fixed the first actively exploited zero-day of 2025": "https://securityaffairs.com/173536/hacking/apple-fixed-the-first-zero-day-vulnerability-of-2025.html", + "TalkTalk confirms data breach involving a third-party platform": "https://securityaffairs.com/173526/cyber-crime/talktalk-confirms-data-breach.html", + "Multiple Git flaws led to credentials compromise": "https://securityaffairs.com/173520/security/multiple-git-flaws-led-to-credentials-compromise.html", + "GamaCopy targets Russia mimicking Russia-linked Gamaredon APT": "https://securityaffairs.com/173501/apt/gamacopy-mimics-russia-linked-gamaredon-apt.html", + "ESXi ransomware attacks use SSH tunnels to avoid detection": "https://securityaffairs.com/173487/cyber-crime/esxi-ransomware-attacks-use-ssh-tunnels-to-avoid-detection.html", + "Attackers allegedly stole $69 million from cryptocurrency platform Phemex": "https://securityaffairs.com/173478/digital-id/cryptocurrency-platform-phemex-cyber-heist.html" + }, + "Computer Forensics": { + "eCDFP 30 days plan": "https://www.reddit.com/r/computerforensics/comments/1ibb6ij/ecdfp_30_days_plan/", + "Top digital forensics conferences in 2025": "https://www.reddit.com/r/computerforensics/comments/1ib179q/top_digital_forensics_conferences_in_2025/" + }, + "Technical Information Security Content & Discussion": { + "Get FortiRekt, I am the Super_Admin Now - FortiOS Authentication Bypass CVE-2024-55591 - watchTowr Labs": "https://www.reddit.com/r/netsec/comments/1ibfmeo/get_fortirekt_i_am_the_super_admin_now_fortios/", + "New way to exploit BYOVD exploits with symbolic links.": "https://www.reddit.com/r/netsec/comments/1ib3nnm/new_way_to_exploit_byovd_exploits_with_symbolic/" + }, + "Security Weekly Podcast Network (Audio)": { + "AI Red Teaming Comes to Bug Bounties - Francis Dinha, Michiel Prins - ESW #391": "http://sites.libsyn.com/18678/ai-red-teaming-comes-to-bug-bounties-francis-dinha-michiel-prins-esw-391" + } +} \ No newline at end of file diff --git a/today.md b/today.md index c896d9c7fd..adb2298743 100644 --- a/today.md +++ b/today.md @@ -1,303 +1,346 @@ -# 每日安全资讯(2025-01-27) +# 每日安全资讯(2025-01-28) - SecWiki News - - [ ] [SecWiki News 2025-01-26 Review](http://www.sec-wiki.com/?2025-01-26) -- Private Feed for M09Ic - - [ ] [safedv starred ambionics/cnext-exploits](https://github.com/ambionics/cnext-exploits) - - [ ] [liamg starred getcursor/cursor](https://github.com/getcursor/cursor) - - [ ] [mgeeky starred x86matthew/WinVisor](https://github.com/x86matthew/WinVisor) - - [ ] [mgeeky starred ionescu007/Simpleator](https://github.com/ionescu007/Simpleator) - - [ ] [mgeeky starred moudey/Shell](https://github.com/moudey/Shell) - - [ ] [safedv started following NtDallas](https://github.com/NtDallas) - - [ ] [safedv starred NtDallas/OdinLdr](https://github.com/NtDallas/OdinLdr) - - [ ] [safedv started following emdnaia](https://github.com/emdnaia) - - [ ] [kpcyrd released 20250126 at archlinux/archlinux-repro](https://github.com/archlinux/archlinux-repro/releases/tag/20250126) - - [ ] [safedv starred anderspitman/awesome-tunneling](https://github.com/anderspitman/awesome-tunneling) - - [ ] [safedv starred lolc2/lolc2.github.io](https://github.com/lolc2/lolc2.github.io) - - [ ] [safedv starred rust-lang/rust](https://github.com/rust-lang/rust) - - [ ] [mozhu1024 starred glauth/glauth](https://github.com/glauth/glauth) - - [ ] [zer0yu starred huggingface/open-r1](https://github.com/huggingface/open-r1) - - [ ] [mozhu1024 starred P3TERX/GeoLite.mmdb](https://github.com/P3TERX/GeoLite.mmdb) - - [ ] [wabzsy starred apache/answer](https://github.com/apache/answer) - - [ ] [kyxiaxiang starred klezVirus/RpcProxyInvoke](https://github.com/klezVirus/RpcProxyInvoke) - - [ ] [FunnyWolf starred AmruthPillai/Reactive-Resume](https://github.com/AmruthPillai/Reactive-Resume) -- CXSECURITY Database RSS Feed - CXSecurity.com - - [ ] [DNN CMS remote File Upload](https://cxsecurity.com/issue/WLB-2025010026) + - [ ] [SecWiki News 2025-01-27 Review](http://www.sec-wiki.com/?2025-01-27) +- Hacking Articles + - [ ] [Diamond Ticket Attack: Abusing kerberos Trust](https://www.hackingarticles.in/diamond-ticket-attack-abusing-kerberos-trust/) +- Tenable Blog + - [ ] [How To Clean Up Your Cloud Environment Using Tenable Cloud Security](https://www.tenable.com/blog/how-to-clean-up-your-cloud-environment-using-tenable-cloud-security) - Security Boulevard - - [ ] [Empowering Cloud Compliance with Seamless Security](https://securityboulevard.com/2025/01/empowering-cloud-compliance-with-seamless-security/) - - [ ] [Scaling Security with Automated Identity Management](https://securityboulevard.com/2025/01/scaling-security-with-automated-identity-management/) - - [ ] [Innovative Approaches to Secrets Scanning](https://securityboulevard.com/2025/01/innovative-approaches-to-secrets-scanning/) - - [ ] [The Small Business Guide to Everyday Access Management and Secure Off-boarding](https://securityboulevard.com/2025/01/the-small-business-guide-to-everyday-access-management-and-secure-off-boarding/) - - [ ] [DEF CON 32 – Attacks On GenAI Data & Using Vector Encryption To Stop Them](https://securityboulevard.com/2025/01/def-con-32-attacks-on-genai-data-using-vector-encryption-to-stop-them/) - - [ ] [INE Security Alert: Expediting CMMC 2.0 Compliance](https://securityboulevard.com/2025/01/ine-security-alert-expediting-cmmc-2-0-compliance/) + - [ ] [U.S. Shuts Down Another N. Korean IT Worker Scam, Indicting 5](https://securityboulevard.com/2025/01/u-s-shuts-down-another-n-korean-it-worker-scam-indicting-5/) + - [ ] [BTS #44 – Network Appliances: A Growing Concern](https://securityboulevard.com/2025/01/bts-44-network-appliances-a-growing-concern/) + - [ ] [DEF CON 32 – Simulating Attacks Against Hydroelectric Power Plants](https://securityboulevard.com/2025/01/def-con-32-simulating-attacks-against-hydroelectric-power-plants/) + - [ ] [Hackers Use Malicious PDFs, pose as USPS in Mobile Phishing Scam](https://securityboulevard.com/2025/01/hackers-use-malicious-pdfs-pose-as-usps-in-mobile-phishing-scam/) + - [ ] [How to Prepare for EU AI Act Compliance by February 2nd](https://securityboulevard.com/2025/01/how-to-prepare-for-eu-ai-act-compliance-by-february-2nd/) + - [ ] [Why The Rise of AI Agents Demands a New Approach to Fraud Prevention](https://securityboulevard.com/2025/01/why-the-rise-of-ai-agents-demands-a-new-approach-to-fraud-prevention/) + - [ ] [Randall Munroe’s XKCD ‘T. Rex Evolution’](https://securityboulevard.com/2025/01/randall-munroes-xkcd-t-rex-evolution/) + - [ ] [News alert: INE Security announces new initiative to help companies accelerate CMMC 2.0 compliance](https://securityboulevard.com/2025/01/news-alert-ine-security-announces-new-initiative-to-help-companies-accelerate-cmmc-2-0-compliance/) + - [ ] [Finding the Right Partner for PCI DSS 4.0.1 Compliance: Requirements 6.4.3 and 11.6.1](https://securityboulevard.com/2025/01/finding-the-right-partner-for-pci-dss-4-0-1-compliance-requirements-6-4-3-and-11-6-1/) + - [ ] [DEF CON 32 – 3DU Homo ex Machina](https://securityboulevard.com/2025/01/def-con-32-3du-homo-ex-machina/) - Doonsec's feed - - [ ] [Vlunstack ATT&CK---红日靶场(三)](https://mp.weixin.qq.com/s?__biz=MzkxNTc1MzQyNw==&mid=2247488809&idx=1&sn=b496a3e45eeae3831a0bea34e53fa254) - - [ ] [探秘网络安全神器:蜜罐工具](https://mp.weixin.qq.com/s?__biz=MzkzNzg3NzQxMQ==&mid=2247485731&idx=1&sn=f855b4678f6428cb1cda14a26cc651f2) - - [ ] [白帽必知!Kunlun-Mirror源代码安全审计工具全解析](https://mp.weixin.qq.com/s?__biz=Mzk2NDE3NDUwNg==&mid=2247483897&idx=1&sn=050c8f872083541fe1c136e416528513) - - [ ] [深入某CMS渗透测试:从弱口令到接管webshell](https://mp.weixin.qq.com/s?__biz=MzU2MTc4NTEyNw==&mid=2247486445&idx=1&sn=071008d1b39bf3757ff2279a6581fe71) - - [ ] [紧急告警!Meta Llama框架漏洞,AI系统面临远程代码执行风险](https://mp.weixin.qq.com/s?__biz=MzA4MzMzOTQ4Mw==&mid=2453672529&idx=1&sn=cdc7f3d0c6553b9b1c05425ba64820b9) - - [ ] [安全行业到底是技术密集型企业,还是劳动力密集型企业?这里不只有答案!](https://mp.weixin.qq.com/s?__biz=MzAxOTk3NTg5OQ==&mid=2247492241&idx=1&sn=f1d5ff7631506292b224073985727b34) - - [ ] [揭秘电信诈骗经典套路,掌数助你安全过年!](https://mp.weixin.qq.com/s?__biz=MzAxOTk3NTg5OQ==&mid=2247492241&idx=2&sn=694d6f191fd17874f357e1e23a8f2484) - - [ ] [特斯拉电动汽车越狱](https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247620109&idx=1&sn=c06d5d123d722aaffb574cb0be9e239c) - - [ ] [汽车行业的4项基本网络安全原则](https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247620109&idx=2&sn=18d34e13e4ba4bc5e34fb0e0ef2ca9e5) - - [ ] [2024年智能网联汽车网络安全年度报告](https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247620109&idx=3&sn=0ced06cdd407328f94166f55dbdb9d95) - - [ ] [每日情报速递20250126](https://mp.weixin.qq.com/s?__biz=MzkxMzU4ODU2MQ==&mid=2247484059&idx=1&sn=572b8430a8e9a8fc9a2befc5ec6bfae8) - - [ ] [GLM-PC初测](https://mp.weixin.qq.com/s?__biz=MzkxMzU4ODU2MQ==&mid=2247484059&idx=2&sn=649c7ce34373e5a447ece9529998b884) - - [ ] [【云安全】云原生-K8S-简介](https://mp.weixin.qq.com/s?__biz=MzUyNTUyNTA5OQ==&mid=2247484722&idx=1&sn=ba4e1e01878dddae81fa21ad3e96a91e) - - [ ] [人工智能安全标准体系](https://mp.weixin.qq.com/s?__biz=MjM5OTk4MDE2MA==&mid=2655264717&idx=1&sn=c8b71d3dcbc5b20f23de67fee056205a) - - [ ] [秦安:特朗普上台,中美首场博弈,马斯克出战,比拼网络谁懂谁?](https://mp.weixin.qq.com/s?__biz=MzA5MDg1MDUyMA==&mid=2650476326&idx=1&sn=cfd5c4c650875cd31f9fae8bf6b3c1e7) - - [ ] [秦安:到底让谁伟大?特朗普要不断扩大领土,怒发冲冠为TikTok狂](https://mp.weixin.qq.com/s?__biz=MzA5MDg1MDUyMA==&mid=2650476326&idx=2&sn=e8546aeb10f5f9b28979d07929f87d67) - - [ ] [The Great Fry 抢劫案:Noha 如何抓住网络罪魁祸首](https://mp.weixin.qq.com/s?__biz=MzkwOTE5MDY5NA==&mid=2247504774&idx=1&sn=f570ff10a65093e52cb37f13dee8da37) - - [ ] [WordPress CF Link Shortcode 插件存在前台SQL注入漏洞(CVE-2024-12404)](https://mp.weixin.qq.com/s?__biz=Mzg4MTkwMTI5Mw==&mid=2247488723&idx=1&sn=b6dcde79af26f7316bf47c73990a2c54) - - [ ] [警惕!手机这个功能,慎用](https://mp.weixin.qq.com/s?__biz=MzkyNDcwMTAwNw==&mid=2247533707&idx=1&sn=3c4a7b2a599063486ac3ecd99597e55c) - - [ ] [警惕!朝鲜黑客组织利用“OtterCookie”后门锁定软件开发者](https://mp.weixin.qq.com/s?__biz=Mzg3OTYxODQxNg==&mid=2247485633&idx=1&sn=835b492b5b7b522cd0420cc6ffee782e) - - [ ] [从 LFI 到 RCE 的旅程!!!](https://mp.weixin.qq.com/s?__biz=Mzg2ODYxMzY3OQ==&mid=2247518315&idx=1&sn=5664abc72c27c8258f88adcb7ac37b50) - - [ ] [SRC专项知识库](https://mp.weixin.qq.com/s?__biz=Mzg2ODYxMzY3OQ==&mid=2247518315&idx=2&sn=3324aecef9cf1f80d5d24f889ac44323) - - [ ] [羡慕](https://mp.weixin.qq.com/s?__biz=MzAwMjQ2NTQ4Mg==&mid=2247496794&idx=1&sn=d5ec64d14996f316e911423bb3e8c66a) - - [ ] [实战中的WebService利⽤⽅法](https://mp.weixin.qq.com/s?__biz=MzIzMTIzNTM0MA==&mid=2247496952&idx=1&sn=fdb338f5ff8cf421424cfcc5c01bfbb7) - - [ ] [揭露网络欺骗:针对多个品牌的通用网络钓鱼页面的兴起](https://mp.weixin.qq.com/s?__biz=MzkxMjYyMDYyNA==&mid=2247484046&idx=1&sn=f1fd3fb24ab9330fe70b01423b65ac66) - - [ ] [《绝命毒师》主演 Dean Norris 推特账号再次遭黑客攻击并发布假冒代币](https://mp.weixin.qq.com/s?__biz=MzU2MTQwMzMxNA==&mid=2247541459&idx=1&sn=5516ad53cd1053c10ba980fffef521a4) - - [ ] [VPC访问控制之网络安全组](https://mp.weixin.qq.com/s?__biz=Mzg3NTUzOTg3NA==&mid=2247515076&idx=1&sn=659fd2d6a7593fe3646e3eaf130214ca) - - [ ] [文末抽奖 | VNCTF2025 报名开启](https://mp.weixin.qq.com/s?__biz=MzIxMDYyNTk3Nw==&mid=2247515152&idx=1&sn=a0e8b286a2f198209df2ff60791ee27c) - - [ ] [安全工程师的好帮手,Windows应急响应工具HawkEye更新!](https://mp.weixin.qq.com/s?__biz=MzU4NTg4MzIzNA==&mid=2247484356&idx=1&sn=6e62ed5d3095fff522186a185f8e68b3) - - [ ] [华为携手东莞市政务和数据局荣膺工信部2024年网络安全典型案例榜首](https://mp.weixin.qq.com/s?__biz=MzAwODU5NzYxOA==&mid=2247505839&idx=1&sn=375a0c8d6d2f25122068a1e62bc65310) - - [ ] [【资讯】网安标委就《人工智能安全标准体系(V1.0)(征求意见稿)》公开征求意见](https://mp.weixin.qq.com/s?__biz=MzU1NDY3NDgwMQ==&mid=2247549492&idx=1&sn=520753349c0cf7619b9c6af2a28fd72c) - - [ ] [过年红包别随便抢!这些“春节福利”都是诈骗陷阱→](https://mp.weixin.qq.com/s?__biz=MzI0NzE4ODk1Mw==&mid=2652094707&idx=1&sn=3d4881e29e1474077d4b06d4200f8e37) - - [ ] [涉嫌非法获取公民个人信息 8家MCN机构被查处](https://mp.weixin.qq.com/s?__biz=MzI0NzE4ODk1Mw==&mid=2652094707&idx=2&sn=eb3dc8e50a1cb201c16ee8903d8cae79) - - [ ] [【云安全】云原生-Docker(五)容器逃逸之漏洞利用](https://mp.weixin.qq.com/s?__biz=Mzg3OTUxNTU2NQ==&mid=2247490023&idx=1&sn=846a609d96c5cc54f73d7ed7607539ec) - - [ ] [IDA背后的原理入门(一): 简介&函数识别](https://mp.weixin.qq.com/s?__biz=Mzg3OTUxNTU2NQ==&mid=2247490023&idx=2&sn=703e83e51126605e67867df619bc4f75) - - [ ] [对 404 站点的漏洞挖掘](https://mp.weixin.qq.com/s?__biz=Mzg3OTUxNTU2NQ==&mid=2247490023&idx=3&sn=254de260da45916c1b80cf6eee6c4ed4) - - [ ] [江苏国骏春节放假安排通知](https://mp.weixin.qq.com/s?__biz=MzkzNjIzMjM5Ng==&mid=2247490211&idx=1&sn=79d453111e91e3708bed78897a153667) - - [ ] [电信安全春节服务保障公告](https://mp.weixin.qq.com/s?__biz=MzkxNDY0MjMxNQ==&mid=2247532881&idx=1&sn=f7ce31d9deae7d9f09369b2fbd7efdd6) - - [ ] [Go-Zero框架代码审计](https://mp.weixin.qq.com/s?__biz=MzkyODY3NjkyNQ==&mid=2247484782&idx=1&sn=ef633f25050192661512a78ef8de4078) - - [ ] [带你解锁编码新世界!--随波逐流CTF编码工具使用教程43 --Cetacean鲸目密码](https://mp.weixin.qq.com/s?__biz=MzU2NzIzNzU4Mg==&mid=2247489632&idx=1&sn=3ff1d1c39c3f0e25f34bef3ac8c183b5) - - [ ] [警惕!渗透测试需知的法律红线](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485460&idx=1&sn=2696efeb84408d3c65e9b5c18cfce0f2) - - [ ] [北七家-未来科学城,3居变4居豪装,理想楼层/户型/朝向](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485460&idx=2&sn=b9459522f7bd728b53c0aaa765d47bd1) - - [ ] [【干货】笑傲职场的独家经验(1)](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485460&idx=3&sn=8eb6cc5ed3d8eceebfc8cf7f19aad28f) - - [ ] [【干货原创】实网攻防演习常态化,会带来什么变化01](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485460&idx=4&sn=a4c662d181fe6a1bfb6df099e93788eb) - - [ ] [【干货原创】K12教育,鲜为人知的模式秘密](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485460&idx=5&sn=6c4b73da1084e10ae6b5cb4f14acb575) - - [ ] [原创文章目录](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485460&idx=6&sn=3b28bb66cf3c732334138a3142a1a55d) - - [ ] [进来,送你一打“滴滴技术年货”](https://mp.weixin.qq.com/s?__biz=MzU1ODEzNjI2NA==&mid=2247573416&idx=1&sn=cfff8a100e658aa48bc033b966273863) - - [ ] [【安全圈】安全圈恭祝大家:新年快乐~](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067622&idx=1&sn=b905decd9f92c3687f021950a11cf89f) - - [ ] [【安全圈】Microsoft Entra ID允许普通用户更新自己的UPN](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067622&idx=2&sn=a56656b05bfd9f42f777c577cffe85e3) - - [ ] [【安全圈】黑客利用Windows RID劫持技术创建隐藏管理员账户](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067622&idx=3&sn=ad95819ae6f36cb189f9da9618fff556) - - [ ] [新型人工智能“黑帽”工具:GhostGPT带来的威胁与挑战](https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651313204&idx=1&sn=2b87bf3242ba7820712b8f47a8f4b29e) - - [ ] [一周网安优质PDF资源推荐丨FreeBuf知识大陆](https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651313204&idx=2&sn=2a945410ba4cf21397e0cd355c22e796) - - [ ] [Pwn2Own Automotive 2025落幕,累计成功利用49个零日漏洞](https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651313204&idx=3&sn=af9e7adb9e7886cc3ec234d15e060a0d) - - [ ] [DroneXtract:一款针对无人机的网络安全数字取证工具](https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651313204&idx=4&sn=4a74a6b66c46012d19f2c26e036b95c6) - - [ ] [【InForSec 2025年会顶会论文回顾】陈熠豪: 语义驱动的互联网路由异常检测系统](https://mp.weixin.qq.com/s?__biz=MzA4ODYzMjU0NQ==&mid=2652317461&idx=1&sn=777cc0e34a153ddeb9a61aeeb97cb500) - - [ ] [【InForSec 2025年会顶会论文回顾】张允义:权威服务之殇:你的权威服务器配置真的安全么?](https://mp.weixin.qq.com/s?__biz=MzA4ODYzMjU0NQ==&mid=2652317461&idx=2&sn=54da24564ffa3c07f1e7add2df9eb838) - - [ ] [【InForSec 2025年会顶会论文回顾】刘超:面向安全的无线感知技术](https://mp.weixin.qq.com/s?__biz=MzA4ODYzMjU0NQ==&mid=2652317461&idx=3&sn=f3f0dbe8a32fb4a3eb373ef17242552f) - - [ ] [【InForSec 2025年会顶会论文回顾】林云: 基于参照的钓鱼欺诈检测技术的自动化知识赋能](https://mp.weixin.qq.com/s?__biz=MzA4ODYzMjU0NQ==&mid=2652317461&idx=4&sn=1eb9c732f3567dab37b7614d41b959ef) - - [ ] [【InForSec 2025年会顶会论文回顾】刘沛宇:探究 ChatGPT 在漏洞管理任务中的能力](https://mp.weixin.qq.com/s?__biz=MzA4ODYzMjU0NQ==&mid=2652317461&idx=5&sn=7becd6dc617d0acb19f79e2562a68616) - - [ ] [守正创新!渊亭2024年度技术专利盘点](https://mp.weixin.qq.com/s?__biz=MzIzNjE1ODE2OA==&mid=2660190386&idx=1&sn=174b704039498ea52de981c225c6a114) - - [ ] [感恩客户信任!这些“走心”的感谢信,华青融天收下了](https://mp.weixin.qq.com/s?__biz=MzA4Mzg1ODIzMw==&mid=2653545687&idx=1&sn=344c659736bc5350601f81b774fb5e7b) - - [ ] [2015.01.26 BTC回调风险](https://mp.weixin.qq.com/s?__biz=MzI3NTcwNTQ2Mg==&mid=2247487611&idx=1&sn=18fd52d6491638adaa14e295cbc736a9) - - [ ] [【oscp】PWNLAB: INIT靶场,文件包含+源码审计,文件包含+文件上传,环境变量劫持提权,管道符绕过提权](https://mp.weixin.qq.com/s?__biz=Mzk1NzE0ODk3Nw==&mid=2247490881&idx=1&sn=bc5d5232c3b9eab714027feb8b303dea) - - [ ] [汽车通信--EE架构演变](https://mp.weixin.qq.com/s?__biz=MzIzOTc2OTAxMg==&mid=2247549667&idx=1&sn=279f461a3ed455bdd2ae0903dabb3c92) - - [ ] [从车端BLE浅谈CCC数字钥匙协议](https://mp.weixin.qq.com/s?__biz=MzIzOTc2OTAxMg==&mid=2247549667&idx=2&sn=0811546318e3ca7bdc0316b45ea571ac) - - [ ] [“信”任满载 | 珞安科技喜获工业信息安全产业发展联盟感谢信](https://mp.weixin.qq.com/s?__biz=MzU2NjI5NzY1OA==&mid=2247512289&idx=1&sn=908ffe6082a9a6fec195854453b2950f) - - [ ] [微信红包封面](https://mp.weixin.qq.com/s?__biz=Mzg4Njk2NTEyMg==&mid=2247483831&idx=1&sn=8d6c33fbdd5791fb8300379fd98e91b9) - - [ ] [恶意样本分析环境搭建以及工具介绍](https://mp.weixin.qq.com/s?__biz=MzA4ODEyODA3MQ==&mid=2247490186&idx=1&sn=dbccef63b6ad18308eec7ebf88455def) - - [ ] [政策解读 |《关于促进企业数据资源开发利用的意见》](https://mp.weixin.qq.com/s?__biz=MzUzODYyMDIzNw==&mid=2247516967&idx=1&sn=4874ebe75bed1db300d89dce5834f9c5) - - [ ] [通知 | 《中国人民银行业务领域网络安全事件报告管理办法(征求意见稿)》公开征求意见](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235817&idx=1&sn=fc21c6dca1cb7fc755540bf1a276b4b8) - - [ ] [通知 | 市场监管总局就《网络交易合规数据报送管理暂行办法(征求意见稿)》公开征求意见(附全文)](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235817&idx=2&sn=06ab12bffe83179be743b7574a46733f) - - [ ] [王小洪:以更大的决心和力度 推动打击治理电信网络诈骗工作向纵深发展](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235817&idx=3&sn=a50ca75a1c03205901b7729871f25d56) - - [ ] [专家解读 | 构建以统一底座为支撑的数据流通利用设施](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235817&idx=4&sn=5076068c4750dd6b85b48aa9607d94b1) - - [ ] [通知 | 网安标委发布《网络安全标准实践指南——人脸识别支付场景个人信息安全保护要求》(附全文)](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235817&idx=5&sn=be29f8aa62961fd03e70b0971dd8282d) - - [ ] [通知 | 网安标委就《人工智能安全标准体系(V1.0)(征求意见稿)》公开征求意见(附下载)](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235817&idx=6&sn=70f1d6b8d5331b791b6625561bb8d084) - - [ ] [一图读懂 | 国家标准 GB/T 44886.1-2024《网络安全技术 网络安全产品互联互通 第1部分:框架》](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235817&idx=7&sn=d60847ac4d75129f5c475ff4f947f02b) - - [ ] [墨菲安全融合切面技术带来软件供应链安全新解法](https://mp.weixin.qq.com/s?__biz=MzU5ODgzNTExOQ==&mid=2247635813&idx=1&sn=5640a600b06ae38a11f171de3444efc6) - - [ ] [知识星球 | 2024网安报告大合集发布;全球数安法规、工网安全典型案例等资源更新](https://mp.weixin.qq.com/s?__biz=MzU5ODgzNTExOQ==&mid=2247635813&idx=2&sn=0629c6aa019db83da76bfe8bf1b7f3a9) - - [ ] [一文读懂 HTTP:Web 数据交换的基石](https://mp.weixin.qq.com/s?__biz=MzkxODc5OTg5MQ==&mid=2247484262&idx=1&sn=8881c58e7a44ccde6976fffec5b24688) - - [ ] [安全不停歇!海云安春节假期服务保障通知](https://mp.weixin.qq.com/s?__biz=MzI2MjY2NTM0MA==&mid=2247492309&idx=1&sn=3b4fae2570ee9149c849ac4fbf66e432) - - [ ] [ISC2证书:拓展您的技能,获取CPE学分,以及数字徽章](https://mp.weixin.qq.com/s?__biz=MzUzNTg4NDAyMg==&mid=2247492342&idx=1&sn=74105fe0b31c8cf47b727c8d6ab6e7e3) - - [ ] [简单的反调试技术实现](https://mp.weixin.qq.com/s?__biz=MzkzODc4NjE1OQ==&mid=2247483918&idx=1&sn=54c42da49fd35bed728491560deb1a6c) - - [ ] [星火力量丨科森云获授工业互联网标识注册服务许可证](https://mp.weixin.qq.com/s?__biz=MzU1OTUxNTI1NA==&mid=2247592220&idx=1&sn=0629157c259bc4ad53ffe1b1c1e6dc1e) - - [ ] [年度回顾 | 2024年,云起无垠稳健增长](https://mp.weixin.qq.com/s?__biz=Mzg3Mjg4NTcyNg==&mid=2247490188&idx=1&sn=db1ea3aef1e5b81176ca16742f1b0fe3) - - [ ] [《网络安全标准实践指南——人脸识别支付场景个人信息安全保护要求》发布](https://mp.weixin.qq.com/s?__biz=MjM5MzMwMDU5NQ==&mid=2649170530&idx=1&sn=eb56e7c28f15d7f726ba271e7ece33ac) - - [ ] [《人工智能安全标准体系(V1.0)》(征求意见稿)公开征求意见](https://mp.weixin.qq.com/s?__biz=MjM5MzMwMDU5NQ==&mid=2649170530&idx=2&sn=6ab0b1bf27577d10040c9a4772e327e9) - - [ ] [Spring WebFlux 授权绕过:CVE-2024-38821 详解](https://mp.weixin.qq.com/s?__biz=MzAxMjYyMzkwOA==&mid=2247527239&idx=1&sn=9121f5406d8c67b5a55ce5549891886d) - - [ ] [Andariel Attack Group使用的RIF劫持技术](https://mp.weixin.qq.com/s?__biz=MzAxMjYyMzkwOA==&mid=2247527239&idx=2&sn=7363d490c03bd1ffd6e40f947b167453) - - [ ] [黑客利用 Windows RID 劫持创建隐藏的管理员帐户](https://mp.weixin.qq.com/s?__biz=MzAxMjYyMzkwOA==&mid=2247527239&idx=3&sn=d04fb09196530f60fada44127faf8bee) - - [ ] [揭秘美国新提名国家情报总监图尔西·加巴德](https://mp.weixin.qq.com/s?__biz=MzI1OTExNDY1NQ==&mid=2651618892&idx=1&sn=a06c2c81a8b6943fd0fc827a52523cf6) - - [ ] [德国发布“2030 年技术主权研究与创新 ”计划](https://mp.weixin.qq.com/s?__biz=MzI1OTExNDY1NQ==&mid=2651618892&idx=2&sn=bc9d004e65e216d60d826a080ef8559a) - - [ ] [新技术分享——页面双生(文末福利)](https://mp.weixin.qq.com/s?__biz=MzI3OTM3OTAyNw==&mid=2247485959&idx=1&sn=6f67d3804f85e0c834d78ff6bf2b85b7) - - [ ] [120个防火墙术语大全,搞安全的可以了解一下](https://mp.weixin.qq.com/s?__biz=MzkxMzMyNzMyMA==&mid=2247570689&idx=1&sn=b710cc906a98e3d62fcb8bfad9c8fdbe) - - [ ] [2024年被通报的银行App达17款,违规/超范围收集个人信息问题突出](https://mp.weixin.qq.com/s?__biz=MzIxMDIwODM2MA==&mid=2653931477&idx=1&sn=fbe7b915ec61832d6fb46bf53fccc146) - - [ ] [2025年了,还不考虑给自己一个证书吗?(内含CISP系列证书优惠报考渠道)](https://mp.weixin.qq.com/s?__biz=MzkxNTY4NTQwMg==&mid=2247484291&idx=1&sn=29bde95e2dca3b19a0610b347f3178c3) - - [ ] [自动化压缩新姿势!教你用Ansible Archive模块高效管理文件](https://mp.weixin.qq.com/s?__biz=MjM5OTc5MjM4Nw==&mid=2457386719&idx=1&sn=57db81e4a63f769c26856d9d41432b44) - - [ ] [这是年终报告,更是斗象的十年宏图](https://mp.weixin.qq.com/s?__biz=MzU0MDI1MjUxMg==&mid=2247532639&idx=1&sn=d936ae6fee2e86aaeb9c3dae3e857b76) - - [ ] [斗象科技专属「红包封面」送达,快来领取!](https://mp.weixin.qq.com/s?__biz=MzU0MDI1MjUxMg==&mid=2247532639&idx=2&sn=f907330b308163f6f2db01cb2b2f909e) - - [ ] [【重要通知】春节福利来啦!](https://mp.weixin.qq.com/s?__biz=Mzg4NDg2NTM3NQ==&mid=2247484699&idx=1&sn=9148cb6531c19549baf07753855433f5) - - [ ] [大家不要再吹DeepSeek了,大厂不屑玩的,Hugging face多如牛毛的东西呢。](https://mp.weixin.qq.com/s?__biz=MzU4NDY3MTk2NQ==&mid=2247491046&idx=1&sn=a94d8f532ec30bf304516cee668f2cde) - - [ ] [春节期间火绒将持续为您护航](https://mp.weixin.qq.com/s?__biz=MzI3NjYzMDM1Mg==&mid=2247521917&idx=1&sn=e7a05b4ef346358b0fdb75511aab4db3) - - [ ] [诚邀渠道合作伙伴共启新征程](https://mp.weixin.qq.com/s?__biz=MzI3NjYzMDM1Mg==&mid=2247521917&idx=2&sn=742c0d32b70556b96dfa343540c46342) - - [ ] [2025网络安全人员必考的11个证书清单](https://mp.weixin.qq.com/s?__biz=Mzg4MTg0MjQ5OA==&mid=2247487874&idx=1&sn=c1698a66dae492094d2e61dfcc0d242a) - - [ ] [中国网络空间安全协会关于征集2025年拟制修订团体标准项目的通知](https://mp.weixin.qq.com/s?__biz=MzA3ODE0NDA4MA==&mid=2649401264&idx=1&sn=65f9e9b8d48797c3493e0d4e4302b11d) - - [ ] [春节假期我在岗!网络安全不打烊,中孚信息全国护航](https://mp.weixin.qq.com/s?__biz=MzAxMjE1MDY0NA==&mid=2247508822&idx=1&sn=980a02957ab1a453dc84d48ee3167555) - - [ ] [邑安科技安全团队祝您蛇年大吉!](https://mp.weixin.qq.com/s?__biz=MzUyMzczNzUyNQ==&mid=2247523220&idx=1&sn=a3bd507ae7170032f9093f5e09f3d681) - - [ ] [中国人民银行:《中国人民银行业务领域网络安全事件报告管理办法》公开征求意见](https://mp.weixin.qq.com/s?__biz=MzI5NTM4OTQ5Mg==&mid=2247634072&idx=1&sn=69a00968cfe394216ecf8cd744996f7b) - - [ ] [《网络安全标准实践指南——人脸识别支付场景个人信息安全保护要求》正式发布](https://mp.weixin.qq.com/s?__biz=MzI5NTM4OTQ5Mg==&mid=2247634072&idx=2&sn=5ee8a3225fede1acaf296efe42f8a8d6) - - [ ] [2024年我国通信业统计公报](https://mp.weixin.qq.com/s?__biz=MzI5NTM4OTQ5Mg==&mid=2247634072&idx=3&sn=79fecc58a4fae1035ff2df72ebe37fba) - - [ ] [美国前中央情报局分析师承认泄露国防信息](https://mp.weixin.qq.com/s?__biz=MzI5NTM4OTQ5Mg==&mid=2247634072&idx=4&sn=b18d5edeae882104e1ed6c06fece7d90) - - [ ] [一款好用的笔记软件-Obsidian](https://mp.weixin.qq.com/s?__biz=Mzk0Mjg4MTQxMw==&mid=2247485843&idx=1&sn=0477c6dc6378a308253374a86ec7fed2) - - [ ] [春节不打烊 | 爱加密春节保障通知](https://mp.weixin.qq.com/s?__biz=MjM5NzU4NjkyMw==&mid=2650747923&idx=1&sn=f6d6bc57958228bc3e9de651112c11d6) - - [ ] [水一篇,分析一下为什么网安现在价格逐渐降低](https://mp.weixin.qq.com/s?__biz=MzkxMTUwOTY1MA==&mid=2247490108&idx=1&sn=585516240547410007b55abdaab0523c) - - [ ] [WPS国际汉化版](https://mp.weixin.qq.com/s?__biz=MzkyOTQyOTk3Mg==&mid=2247485043&idx=1&sn=dd1561926214336ac75c0f0a094e5c1e) - - [ ] [学生=牛马](https://mp.weixin.qq.com/s?__biz=MzkyMDUzMzY1MA==&mid=2247499523&idx=1&sn=885a7333acadc606843bffe9cfc47910) - - [ ] [UDE使用教程](https://mp.weixin.qq.com/s?__biz=Mzg2NTYxOTcxMw==&mid=2247493292&idx=1&sn=8658baebe1444b03f65468cf6eb53003) - - [ ] [AUTOSAR项目实战(4)-MCU模块配置实践](https://mp.weixin.qq.com/s?__biz=Mzg2NTYxOTcxMw==&mid=2247493292&idx=2&sn=0f46ac9d9c3e9cdc5cfcf7b33dc11802) - - [ ] [江西神舟信息安全评估中心祝大家新春快乐!](https://mp.weixin.qq.com/s?__biz=MzUzNTk2NTIyNw==&mid=2247490668&idx=1&sn=cbfb448733921eaa5c169e399be8d870) - - [ ] [《Java代码审计零基础入门到项目实战》线上课程开始招生啦!五十多节课,低至499,多重福利来袭!](https://mp.weixin.qq.com/s?__biz=Mzg3MDU1MjgwNA==&mid=2247487187&idx=1&sn=a5b4e03338f048be762f36b8de56b629) - - [ ] [【吃瓜】中介真的能狠到这种程度?](https://mp.weixin.qq.com/s?__biz=MzU3MjU4MjM3MQ==&mid=2247489709&idx=1&sn=3a3fbbf54d93e98aee7977852cd8b2f2) - - [ ] [如何用 Wireshark 高效过滤 IP 地址](https://mp.weixin.qq.com/s?__biz=MzA5NTUxODA0OA==&mid=2247493136&idx=1&sn=1aa73818f07a20e1a148440f0888e6b9) - - [ ] [信息安全专业毕业三年的总结](https://mp.weixin.qq.com/s?__biz=MzU5OTU3NDEzOQ==&mid=2247492794&idx=1&sn=a7850c2ef60b49fd8e4e47e4d7151678) - - [ ] [黑客利用伪造的恶意软件构建器感染了18000个“script kiddies”](https://mp.weixin.qq.com/s?__biz=MzI0MDY1MDU4MQ==&mid=2247580992&idx=1&sn=d64510306e9db3532091d13213d4b0ef) - - [ ] [信任满满|观安信息收到中国工业互联网研究院感谢信](https://mp.weixin.qq.com/s?__biz=MzIxNDIzNTcxMg==&mid=2247506755&idx=1&sn=0b72b1a348c2865aac5d1e417963c65c) - - [ ] [ES::Portscan 超高速端口扫描器](https://mp.weixin.qq.com/s?__biz=Mzg3NzUyMTM0NA==&mid=2247487931&idx=1&sn=c656471a589fd9c5f1a469c527a9fb2b) - - [ ] [在解释型语言内部运行:进攻性 Python 编程](https://mp.weixin.qq.com/s?__biz=MzAxODM5ODQzNQ==&mid=2247486780&idx=1&sn=b3562931f45a8b072576a85f503b920a) - - [ ] [开源情报|国际动态|美军推进NGC2计划](https://mp.weixin.qq.com/s?__biz=Mzg2NTcyNjU4Nw==&mid=2247485884&idx=1&sn=8ccd9e4abf845a08af7a6494a0486132) - - [ ] [“金蛇”耀目来袭!蜚语科技(动态)红包封面U0001f9e7惊喜上线,超炫速领!](https://mp.weixin.qq.com/s?__biz=MzI5NzI5NzY1MA==&mid=2247491098&idx=1&sn=1f711bf469ddfc3b88973b84b4d78fa6) - - [ ] [思科曝9.9分关键权限提升漏洞;|知名车企漏洞:只需车牌号,就能远程监控劫持数百万辆车](https://mp.weixin.qq.com/s?__biz=MzAxMjE3ODU3MQ==&mid=2650607310&idx=1&sn=fd7cbe9d4363d477ead1d88c79cddbc6) - - [ ] [万事达卡爆出致命DNS错误配置](https://mp.weixin.qq.com/s?__biz=MzAxMjE3ODU3MQ==&mid=2650607310&idx=2&sn=f5d78211039982a7bb244623c11975f5) - - [ ] [探寻Bottle框架内存马](https://mp.weixin.qq.com/s?__biz=MzAxMjE3ODU3MQ==&mid=2650607310&idx=3&sn=8b5bb34f48ddd5f55a4253e2974d1323) - - [ ] [10个神一般的Windows一键取证神器](https://mp.weixin.qq.com/s?__biz=MzAxMjE3ODU3MQ==&mid=2650607310&idx=4&sn=c437cef9321ee7b3f502dee21be73d80) - - [ ] [携程SRC漏洞贡献值排行榜奖励揭晓](https://mp.weixin.qq.com/s?__biz=MzAwOTczODMxMw==&mid=2651017526&idx=1&sn=e452849723ece70271aac0e8c9bba31e) - - [ ] [特色专题 | 密态计算技术发展研究](https://mp.weixin.qq.com/s?__biz=MzkwMTMyMDQ3Mw==&mid=2247597665&idx=1&sn=9cf8233b83e6648293c3f0026199d53b) - - [ ] [2025春节放假通知!](https://mp.weixin.qq.com/s?__biz=MzkwMTMyMDQ3Mw==&mid=2247597665&idx=2&sn=62e92b9613bdd6576ffd24ded8d94b48) - - [ ] [智启创信变革,共谱网安华章——创信华通2025新春年会圆满落幕](https://mp.weixin.qq.com/s?__biz=MzUxNTQxMzUxMw==&mid=2247524967&idx=1&sn=99ddad0ce4e858ff9ed36863785fff4c) - - [ ] [网安项目价格:600->550->150->快tm给我五百](https://mp.weixin.qq.com/s?__biz=MzkyOTQzNjIwNw==&mid=2247491510&idx=1&sn=8e5798a963cc4b685595435d49a96d24) - - [ ] [今晚一起聊聊提升认知和最近的思考](https://mp.weixin.qq.com/s?__biz=MzIyOTAxOTYwMw==&mid=2650236955&idx=1&sn=8727f67fded4278c8abd5fd3b2476443) -- 嘶吼 RoarTalk – 网络安全行业综合服务平台,4hou.com - - [ ] [黑客利用伪造的恶意软件构建器感染了18,000个“script kiddies”](https://www.4hou.com/posts/yzAR) - - [ ] [新的 DoubleClickjacking 攻击利用双击来劫持帐户](https://www.4hou.com/posts/vwJn) + - [ ] [浏览器扩展程序:供应链攻击新风险](https://mp.weixin.qq.com/s?__biz=Mzk0NDcyMjU2OQ==&mid=2247484550&idx=1&sn=c02bc9dd56662cdb263f88d6cb3972f6) + - [ ] [快过年了,陪家人重温经典故事 《水浒传》中林冲角色](https://mp.weixin.qq.com/s?__biz=MzU4NDY3MTk2NQ==&mid=2247491051&idx=1&sn=ecb10b17fd7bb1929d83f9fc91d15868) + - [ ] [面试官:什么是终端复用技术(tmux)?](https://mp.weixin.qq.com/s?__biz=MzU2MTc4NTEyNw==&mid=2247486447&idx=1&sn=5b98b68ea23131f812c676e1e28a865c) + - [ ] [精通爬虫技术:从入门到入狱——网络数据爬虫的合法性与法律边界](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485462&idx=1&sn=7bd57b19a187b5cc4e681ccabdb62554) + - [ ] [北七家-未来科学城,3居变4居豪装,理想楼层/户型/朝向](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485462&idx=2&sn=aa38fdb9484890ff28fa33eb956db87f) + - [ ] [【干货】笑傲职场的独家经验(1)](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485462&idx=3&sn=73db7dec67642837621580378b52187a) + - [ ] [【干货原创】实网攻防演习常态化,会带来什么变化01](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485462&idx=4&sn=32c45e39b7aa406c34c63723157e5820) + - [ ] [【干货原创】K12教育,鲜为人知的模式秘密](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485462&idx=5&sn=904ed64e3a0a8b04604e39501642c306) + - [ ] [原创文章目录](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485462&idx=6&sn=061a6d50789795a5bd4c3f6a00716e34) + - [ ] [秦安:特朗普“三板斧”遭遇滑铁卢,本质暴露,下一步中国是关键](https://mp.weixin.qq.com/s?__biz=MzA5MDg1MDUyMA==&mid=2650476339&idx=1&sn=e1ce666a0ab9712c2886d83bd1877adb) + - [ ] [秦安:解救台退将高安国!台湾当局构陷为间谍并重判10年,不可忍](https://mp.weixin.qq.com/s?__biz=MzA5MDg1MDUyMA==&mid=2650476339&idx=2&sn=a56cf6d1f85a6c83b8e5beeb6ab78876) + - [ ] [学历赋](https://mp.weixin.qq.com/s?__biz=MzU0MzgzNTU0Mw==&mid=2247485935&idx=1&sn=c9ad7ddf99eb58464e3f86507a44ea7a) + - [ ] [企业网络安全文化建设必备(2):Gartner PIPE(实践|影响|平台|使能)框架](https://mp.weixin.qq.com/s?__biz=MzU0MDc5ODM0Mg==&mid=2247484778&idx=1&sn=9669504997ac29232f840c90dc143100) + - [ ] [带上五款实用软件,让春节假期更精彩](https://mp.weixin.qq.com/s?__biz=MzI2MjcwMTgwOQ==&mid=2247492187&idx=1&sn=839b938abafa27550d165054c071714a) + - [ ] [DeepSeek为何脱颖而出?](https://mp.weixin.qq.com/s?__biz=MzI3MDY0Nzg1Nw==&mid=2247489471&idx=1&sn=aea4a4c9a6a387edcca10e50438e05be) + - [ ] [锐安全红包发放:2025,让我们以攻防之道,破增长之局!](https://mp.weixin.qq.com/s?__biz=MzAxOTk3NTg5OQ==&mid=2247492258&idx=1&sn=0107053c5d16b67f3439376c04cef01f) + - [ ] [掌握数字主权:保障数据安全与自主控制](https://mp.weixin.qq.com/s?__biz=MzkyMzU2NjQyNA==&mid=2247483933&idx=1&sn=8f6302b17e64641dad3a59116b078096) + - [ ] [Xray图形化工具 | Super Xray介绍+使用](https://mp.weixin.qq.com/s?__biz=MzkzNzg3NzQxMQ==&mid=2247485733&idx=1&sn=c428e8ac5075c08b11d6f0bb80204e23) + - [ ] [信长星看望慰问院士专家](https://mp.weixin.qq.com/s?__biz=MzU4NDc2MzcwNw==&mid=2247498579&idx=1&sn=90378659a5745a0dccd8ea5617989cfe) + - [ ] [Claude Sonnet 3.5 模型预部署评估报告](https://mp.weixin.qq.com/s?__biz=MjM5OTk4MDE2MA==&mid=2655264780&idx=1&sn=434329d6b30b82e84d41fe6d628e0aa8) + - [ ] [DeepSeek R1本地部署](https://mp.weixin.qq.com/s?__biz=Mzg2ODc0Mjc0Mw==&mid=2247484166&idx=1&sn=e4b72373f7c77f9ca9a8484254d3cc16) + - [ ] [车载协议网络安全测试与验证技术](https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247620209&idx=1&sn=62fb4f6d697fbc3aeae44911bc309fa8) + - [ ] [模糊测试 ISO 15118 协议栈](https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247620209&idx=2&sn=a7b93becb562444a99c67be0138e6bbb) + - [ ] [汽车诊断协议的自动威胁评估](https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247620209&idx=3&sn=181db85f0a1d7867b71d8f31018ad6a3) + - [ ] [AI安全 | AI红队体系思考](https://mp.weixin.qq.com/s?__biz=MzU2NDc2NDYwMA==&mid=2247485980&idx=1&sn=960d573d2e6fe947559893913922555b) + - [ ] [快来领取你的超级牛红包封面!](https://mp.weixin.qq.com/s?__biz=Mzk0MTM4NzIxMQ==&mid=2247527516&idx=1&sn=052a43ea22441bf83cccc86ea56461a3) + - [ ] [通过js进行模糊测试所拿到的一次五千漏洞赏金记录](https://mp.weixin.qq.com/s?__biz=MzIzMTIzNTM0MA==&mid=2247496957&idx=1&sn=5ef897f46f3bf16bce1a83b45b0611c3) + - [ ] [猴子回花果山了](https://mp.weixin.qq.com/s?__biz=Mzk0MzY3MDE5Mg==&mid=2247484000&idx=1&sn=bcb60f30530141fb1333e0bb179fd365) + - [ ] [Timeline Sec团队2024年度奖项盘点!](https://mp.weixin.qq.com/s?__biz=MzA4NzUwMzc3NQ==&mid=2247497125&idx=1&sn=1beda84fef5f56cc2ca6aca3453311f9) + - [ ] [【年终总结2024】拥抱变化,书写属于你的崭新篇章](https://mp.weixin.qq.com/s?__biz=MzUwOTc3MTQyNg==&mid=2247491368&idx=1&sn=ed2c5b70af95f81f32a0eb1015945656) + - [ ] [《忍者龙剑传2:黑之章》PC版未加密,发售首日即遭黑客破解](https://mp.weixin.qq.com/s?__biz=MzU2MTQwMzMxNA==&mid=2247541464&idx=1&sn=cc83ce1fb7205f3da825a11d64b5a1a1) + - [ ] [共赴新程|江南信安2024年大事记回顾](https://mp.weixin.qq.com/s?__biz=MzA4MTE0MTEwNQ==&mid=2668670046&idx=1&sn=3d90d226b0ccfc788e9c3d55a906a392) + - [ ] [网安两位大佬脏话对喷?网安春节联欢晚会?](https://mp.weixin.qq.com/s?__biz=Mzg4NDk4MTk5OA==&mid=2247485518&idx=1&sn=081012fa0f7c697122122eb1b53b1f60) + - [ ] [带你解锁编码新世界!--随波逐流CTF编码工具使用教程44 --键盘按键键码keyCode密码](https://mp.weixin.qq.com/s?__biz=MzU2NzIzNzU4Mg==&mid=2247489639&idx=1&sn=321666dc868c113dcd28f6bfdc082c4d) + - [ ] [必看!国产超强AI推理,DeepSeek真正实现了AI自由!!!](https://mp.weixin.qq.com/s?__biz=MzkxMTUwOTY1MA==&mid=2247490125&idx=1&sn=d5a623704b071c5ccfd9c9e6108237eb) + - [ ] [ICSISIAP伴着蛇年的钟声,愿您好运开场!](https://mp.weixin.qq.com/s?__biz=MzI2MDk2NDA0OA==&mid=2247531219&idx=1&sn=f2ef95a05d3afd23d49b6f3b284874f7) + - [ ] [勒索软件编年史:从特洛伊到AI多重勒索](https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651313205&idx=1&sn=87bd9d4b0f4cf0110a428c760a32e247) + - [ ] [Microsoft Entra ID允许普通用户更新自己的UPN](https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651313205&idx=2&sn=076056f3b3febe8c53a042effe79ab62) + - [ ] [Chrome用户面临供应链攻击威胁,数百万人或受影响](https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651313205&idx=3&sn=ede56e2405d624e8159192b3bc6dabb4) + - [ ] [pwndbg:一款专为安全漏洞分析设计的GDB插件](https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651313205&idx=4&sn=fd39b2e5339a4dbd516501e208e06b3e) + - [ ] [DIDCTF-应急响应](https://mp.weixin.qq.com/s?__biz=MzkxMTcyMDczOQ==&mid=2247489787&idx=1&sn=478bd3b1a45b2189e78835e7464fad7a) + - [ ] [【InForSec 2025年会顶会论文回顾】雷重庆 :以友为鉴:基于 MCU 外设驱动分析的外设模型生成](https://mp.weixin.qq.com/s?__biz=MzA4ODYzMjU0NQ==&mid=2652317462&idx=1&sn=f826132e0f6fa3183c04badd0fa5dae0) + - [ ] [【InForSec 2025年会顶会论文回顾】姜嘉仪:增强基于二进制分析的协议逆向工程中字段推断能力的研究](https://mp.weixin.qq.com/s?__biz=MzA4ODYzMjU0NQ==&mid=2652317462&idx=2&sn=136962e4a93d95b67fdc6518671af5e4) + - [ ] [【InForSec 2025年会顶会论文回顾】李勇钢:基于虚拟化的未知驱动隔离与保护方法](https://mp.weixin.qq.com/s?__biz=MzA4ODYzMjU0NQ==&mid=2652317462&idx=3&sn=f21f4c9bf0cef097103e6505e6964774) + - [ ] [【InForSec 2025年会顶会论文回顾】马昊玉:镜中窥视:利用缓存侧信道攻破 Android 应用沙盒完整性](https://mp.weixin.qq.com/s?__biz=MzA4ODYzMjU0NQ==&mid=2652317462&idx=4&sn=af78d0a1dc313ed16e1ce158f5556a0e) + - [ ] [【InForSec 2025年会顶会论文回顾】向昊: 基于完全域敏感和源点意识的控制流完整性方法](https://mp.weixin.qq.com/s?__biz=MzA4ODYzMjU0NQ==&mid=2652317462&idx=5&sn=4f9bf219ac43637893b96266671c7f9b) + - [ ] [2024年我国软件业务收入137276亿元 同比增长10%](https://mp.weixin.qq.com/s?__biz=MzI5NTM4OTQ5Mg==&mid=2247634091&idx=1&sn=09d97d63363872444886eca26d42bd1b) + - [ ] [多家企业不履行网络安全保护义务被依法处罚](https://mp.weixin.qq.com/s?__biz=MzIxMDIwODM2MA==&mid=2653931479&idx=1&sn=c7eb966e702167a103aa8237a401daa5) + - [ ] [新华财经 | 强化治理机制与安全技术融合 完善数据流通安全治理](https://mp.weixin.qq.com/s?__biz=MzI5NTM4OTQ5Mg==&mid=2247634091&idx=3&sn=ae1890d9fc43a28242614b77158bdb47) + - [ ] [新型人工智能“黑帽”工具:GhostGPT带来的威胁与挑战](https://mp.weixin.qq.com/s?__biz=MzI5NTM4OTQ5Mg==&mid=2247634091&idx=4&sn=b35ba1306942e49e81d7c0916dc10b82) + - [ ] [2024洞见微信年终总结](https://mp.weixin.qq.com/s?__biz=MzAxNzg3NzMyNQ==&mid=2247489515&idx=1&sn=c7ea742f54ea0d6e7f84c40a2f619721) + - [ ] [请君入瓮:蜜罐工具如何“钓鱼”黑客](https://mp.weixin.qq.com/s?__biz=MzkxODc5OTg5MQ==&mid=2247484274&idx=1&sn=08c7763a964ad3e0fdf8c700034ca314) + - [ ] [ISO 26262,太重要了](https://mp.weixin.qq.com/s?__biz=MzIzOTc2OTAxMg==&mid=2247549656&idx=1&sn=3b1404c45c6ac9e89a7f1effbc240319) + - [ ] [以太网知识:什么是MAC,什么是PHY,什么是MII](https://mp.weixin.qq.com/s?__biz=MzIzOTc2OTAxMg==&mid=2247549656&idx=2&sn=e9d2211ea044442665269f98c6ba7fc7) + - [ ] [【资讯】民政部等十七部门印发《困境儿童个人信息保护工作办法》](https://mp.weixin.qq.com/s?__biz=MzU1NDY3NDgwMQ==&mid=2247549514&idx=1&sn=305ef8a47012da8184703835c1e1ed93) + - [ ] [【资讯】网安标委发布《网络安全标准实践指南——人脸识别支付场景个人信息安全保护要求》](https://mp.weixin.qq.com/s?__biz=MzU1NDY3NDgwMQ==&mid=2247549514&idx=2&sn=6fb98a5fec924d8cd7a67dccd7424d5b) + - [ ] [【资讯】江苏省数据局等六部门印发《江苏省推进可信数据空间发展工作方案》](https://mp.weixin.qq.com/s?__biz=MzU1NDY3NDgwMQ==&mid=2247549514&idx=3&sn=badae398c24ad154b783f9f5a629d0d0) + - [ ] [[SUCTF2025] SU_APP、SU_Harmony 出题小记](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458589294&idx=1&sn=9843c5f997dc4268b2cceefeef11c2d9) + - [ ] [主打提高实战能力:CTF训练营-Web篇](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458589294&idx=2&sn=b3ce8734cd9334e9dd50ed637685ef01) + - [ ] [紧盯风险,防治漏洞:七步闭环](https://mp.weixin.qq.com/s?__biz=Mzk0OTQzMDI4Mg==&mid=2247484429&idx=1&sn=d365c76773989b993a162b0224f21e0f) + - [ ] [喜迎新春 欢度新年——银天科技恭祝您蛇年大吉!!!](https://mp.weixin.qq.com/s?__biz=MzA4MDk4NTIwMg==&mid=2454063862&idx=1&sn=12471c57f888c3ef8b3cf8fef358aa16) + - [ ] [网络工程师要学习什么技术?](https://mp.weixin.qq.com/s?__biz=MzIxNTM3NDE2Nw==&mid=2247490321&idx=1&sn=9b182f0c5ea87de6732432f15ac1fd88) + - [ ] [网安春晚:TSRC年榜第一小火炬怒喷老牌团队day1创始人王老师](https://mp.weixin.qq.com/s?__biz=MzkyOTQzNjIwNw==&mid=2247491530&idx=1&sn=b8652982f233b0eb67c95941afd97b2e) + - [ ] [05x数组42-49](https://mp.weixin.qq.com/s?__biz=MzA3NDE0NTY0OQ==&mid=2247484219&idx=1&sn=a44902a546dd3f19251633c65a184998) + - [ ] [科技传播中的科技伦理价值传递与治理原则](https://mp.weixin.qq.com/s?__biz=MzI1OTExNDY1NQ==&mid=2651618898&idx=1&sn=5f61d50057d512db5a228d8da59d4daf) + - [ ] [美国总统特朗普命令加密货币工作组起草新法规,探索建立国家加密货币储备](https://mp.weixin.qq.com/s?__biz=MzI1OTExNDY1NQ==&mid=2651618898&idx=2&sn=4abfd689dec96aeea8848eef12529590) + - [ ] [一图看懂2024年全球DDoS攻击态势](https://mp.weixin.qq.com/s?__biz=MjM5MTAwNzUzNQ==&mid=2650511143&idx=1&sn=3a15f876d02eabbf5ae003822f591ece) + - [ ] [缔盟云祝您有蛇有得,多财多亿,巳巳如意!](https://mp.weixin.qq.com/s?__biz=MzU3NzAyODU4OQ==&mid=2247485633&idx=1&sn=c6f88c734c41cd5e16eaa606fedd7a98) + - [ ] [一文带你理清前置机、跳板机与堡垒机的区别](https://mp.weixin.qq.com/s?__biz=MzkxMzMyNzMyMA==&mid=2247570690&idx=1&sn=b01cfbe28310df8b4522cf9025bcb0a2) + - [ ] [工商银行软件开发中心建设企业级风险决策服务能力,助推风控数字化转型](https://mp.weixin.qq.com/s?__biz=MzIxMDIwODM2MA==&mid=2653931479&idx=2&sn=8262daf2f36f04e547fa7e3e63027a00) + - [ ] [国产AI DeepSeek下载排行第一,AI界拼多多要逆袭chatgpt](https://mp.weixin.qq.com/s?__biz=Mzg2NDYwMDA1NA==&mid=2247543628&idx=1&sn=17c35fbc61a2b9c9a4b46fdc37f523b6) + - [ ] [《中国人民银行业务领域网络安全事件报告管理办法(征求意见稿)》公开征求意见](https://mp.weixin.qq.com/s?__biz=MjM5MzMwMDU5NQ==&mid=2649170564&idx=1&sn=624aa0fc6e97964bc6c24943e541c062) + - [ ] [小心“红包陷阱” !春节期间当心“喜中有诈”](https://mp.weixin.qq.com/s?__biz=MjM5MzMwMDU5NQ==&mid=2649170564&idx=2&sn=20add29e69926154f23dfc690f8794be) + - [ ] [完善数据流通安全治理机制 破解数据流通安全堵点](https://mp.weixin.qq.com/s?__biz=MjM5MzMwMDU5NQ==&mid=2649170564&idx=3&sn=acebdb407dbd799284061eb5c0b6457e) + - [ ] [恭贺新春 巳巳如意 | 金盾信安2025年春节假期值守安排](https://mp.weixin.qq.com/s?__biz=MjM5NjA2NzY3NA==&mid=2448682670&idx=1&sn=a638c4cebbf8f3edd837178cbd57c8df) + - [ ] [金盾信安 | 网络和数据领域资讯第45期(2025.1.21-2025.1.27)](https://mp.weixin.qq.com/s?__biz=MjM5NjA2NzY3NA==&mid=2448682670&idx=2&sn=8db6eebf8bd6c8c3f402b5be39471f90) + - [ ] [红队基础设施建设与改造(四)——深入解析Cobaltstrike(二开环境、认证过程分析、Beacon分析)](https://mp.weixin.qq.com/s?__biz=MzkwOTE3MzAxOA==&mid=2247485386&idx=1&sn=58bd4e0ea233075a6901ca1c18e458dc) + - [ ] [【假期别闲着】2025年需要学习的顶级安(黑)全(客)工具和技能](https://mp.weixin.qq.com/s?__biz=Mzg4NzgyODEzNQ==&mid=2247488631&idx=1&sn=3b6dad961c06f0d42f10b0e26644bd75) + - [ ] [《天堂之门》技术](https://mp.weixin.qq.com/s?__biz=MjM5NDcxMDQzNA==&mid=2247489387&idx=1&sn=ac98464c37defc7ff7572ef6c18dcb65) + - [ ] [山海关安全团队2024年终总结](https://mp.weixin.qq.com/s?__biz=Mzg4MjcxMTAwMQ==&mid=2247488669&idx=1&sn=b56b57ad952c790150d5244dffdf653d) + - [ ] [丸啦~真·缉拿归案啦](https://mp.weixin.qq.com/s?__biz=Mzk0MDY2NTY5Mw==&mid=2247485643&idx=1&sn=4d8692480bd89aa76f65366edcc86000) + - [ ] [运维风险管控、数据安全规范普及与漏洞情报处置:技术与管理并重的综合策略探讨。|总第278周](https://mp.weixin.qq.com/s?__biz=MzI2MjQ1NTA4MA==&mid=2247491776&idx=1&sn=4e17c660387c6776b88e397c64e7ed57) + - [ ] [CNVD漏洞周报2025年第4期](https://mp.weixin.qq.com/s?__biz=MzU3ODM2NTg2Mg==&mid=2247495739&idx=1&sn=70bff0dcfddcafcf645feed59f012888) + - [ ] [上周关注度较高的产品安全漏洞(20250120-20250126)](https://mp.weixin.qq.com/s?__biz=MzU3ODM2NTg2Mg==&mid=2247495739&idx=2&sn=c1eb11a7df482ea02fe0bb114eaa29bc) + - [ ] [deepseek 崩了](https://mp.weixin.qq.com/s?__biz=Mzk0MTI4NTIzNQ==&mid=2247492212&idx=1&sn=056eea3aeb7bbefa596ded5c9183de5c) + - [ ] [黑客使用RID劫持技术创建秘密的Windows管理帐户](https://mp.weixin.qq.com/s?__biz=MzUyMzczNzUyNQ==&mid=2247523229&idx=1&sn=02f3c873352590457db43f6d314f2ed3) + - [ ] [GitHub漏洞允许恶意仓库泄露用户凭据](https://mp.weixin.qq.com/s?__biz=MzUyMzczNzUyNQ==&mid=2247523229&idx=2&sn=596a96b2b96c941baeb9a5420fc9bbc2) + - [ ] [Kubernetes 集群远程代码执行漏洞致攻击者可接管所有 Windows 节点](https://mp.weixin.qq.com/s?__biz=MzUyMzczNzUyNQ==&mid=2247523229&idx=3&sn=741cf9ea3ae359cfcb2e7cafb292b025) + - [ ] [LTE和5G基础设施中的100多个漏洞导致远程核心泄露](https://mp.weixin.qq.com/s?__biz=MzUyMzczNzUyNQ==&mid=2247523229&idx=4&sn=fae6c9befec51a70547603cfc08bdd67) + - [ ] [Brute Ratel C4 载荷深度分析](https://mp.weixin.qq.com/s?__biz=MzAxODM5ODQzNQ==&mid=2247486782&idx=1&sn=eed60be751abe1186862fcb42ad81c69) + - [ ] [Brute Ratel C4 载荷深度分析 - 第二部分](https://mp.weixin.qq.com/s?__biz=MzAxODM5ODQzNQ==&mid=2247486782&idx=2&sn=92bb05ee43a6f780e534f0a7b25658de) + - [ ] [人物专题丨台湾地区海军副司令马群超](https://mp.weixin.qq.com/s?__biz=Mzg2NTYyODgyNg==&mid=2247504625&idx=1&sn=8ead3d113a164b57f2b73fd0414288eb) + - [ ] [《=虚假的网安春晚真实的网安春晚=》[旺柴]](https://mp.weixin.qq.com/s?__biz=MzkxNTczMjA1Ng==&mid=2247483975&idx=1&sn=ba13236ad54bd6d25c2e187d71724f50) +- Private Feed for M09Ic + - [ ] [safedv starred getAsterisk/deepclaude](https://github.com/getAsterisk/deepclaude) + - [ ] [mgeeky starred NtDallas/OdinLdr](https://github.com/NtDallas/OdinLdr) + - [ ] [4ra1n released 1.4.0 at jar-analyzer/class-obf](https://github.com/jar-analyzer/class-obf/releases/tag/1.4.0) + - [ ] [ZeddYu released v0.1.9 at ZeddYu/hugo-theme-stack](https://github.com/ZeddYu/hugo-theme-stack/releases/tag/v0.1.9) + - [ ] [safedv starred vxunderground/OCRMe](https://github.com/vxunderground/OCRMe) + - [ ] [paranoidninja created a repository paranoidninja/BRC4-BOF-Artillery](https://github.com/paranoidninja/BRC4-BOF-Artillery//) + - [ ] [INotGreen starred Adaptix-Framework/AdaptixC2](https://github.com/Adaptix-Framework/AdaptixC2) + - [ ] [yzddmr6 started following jbHu67](https://github.com/jbHu67) + - [ ] [phith0n starred sezanzeb/input-remapper](https://github.com/sezanzeb/input-remapper) + - [ ] [mgeeky starred trailofbits/cfg-showcase](https://github.com/trailofbits/cfg-showcase) + - [ ] [0e0w created a repository HackJava/snakeyaml](https://github.com/HackJava/Hacksnakeyaml//) + - [ ] [vxunderground created a repository vxunderground/OCRMe](https://github.com/vxunderground/OCRMe//) + - [ ] [mgeeky starred ElliotKillick/Mido](https://github.com/ElliotKillick/Mido) + - [ ] [mgeeky starred ElliotKillick/windows-vs-linux-loader-architecture](https://github.com/ElliotKillick/windows-vs-linux-loader-architecture) +- Trustwave Blog + - [ ] [Trustwave SpiderLabs December 2024: Phishing and Email Security Insights](https://www.trustwave.com/en-us/resources/blogs/trustwave-blog/trustwave-spiderlabs-december-2024-phishing-and-email-security-insights/) +- The DFIR Report + - [ ] [Cobalt Strike and a Pair of SOCKS Lead to LockBit Ransomware](https://thedfirreport.com/2025/01/27/cobalt-strike-and-a-pair-of-socks-lead-to-lockbit-ransomware/) - Recent Commits to cve:main - - [ ] [Update Sun Jan 26 20:11:42 UTC 2025](https://github.com/trickest/cve/commit/f22674c92d9c9d36dc7fccc765ad1a5cd605dddd) - - [ ] [Update Sun Jan 26 12:25:12 UTC 2025](https://github.com/trickest/cve/commit/d08b1078577025607e08eeed5db925268172e62f) - - [ ] [Update Sun Jan 26 04:23:53 UTC 2025](https://github.com/trickest/cve/commit/4054876b4ba4a47e7bcfa06db4f05bdb490c72b7) -- Blogs dade - - [ ] [Weekly Retro 2025-W04](https://0xda.de/blog/2025/01/weekly-retro-2025-w04/) + - [ ] [Update Mon Jan 27 20:21:33 UTC 2025](https://github.com/trickest/cve/commit/b903cf9055faa0f09065ced5de7f9194a3b1a063) + - [ ] [Update Mon Jan 27 12:26:08 UTC 2025](https://github.com/trickest/cve/commit/c02fdccf98aca92096b385e95013782e5a87f8d6) + - [ ] [Update Mon Jan 27 04:22:47 UTC 2025](https://github.com/trickest/cve/commit/863bfc48e5dd52b0ac34eca3b6ccfca2ae091c10) +- Insinuator.net + - [ ] [Part I: Bluetooth Auracast from a Security Researcher’s Perspective](https://insinuator.net/2025/01/auracast-part1/) +- Sandfly Security Blog RSS Feed + - [ ] [Sandfly 5.3 - Detailed Host Forensics and Microsoft Sentinel Integration](https://sandflysecurity.com/about-us/news/sandfly-5-3-detailed-host-forensics-and-microsoft-sentinel-integration/) +- SpiderLabs Blog + - [ ] [Cracking the Giant: How ODAT Challenges Oracle, the King of Databases](https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/cracking-the-giant-how-odat-challenges-oracle-the-king-of-databases/) - Bug Bounty in InfoSec Write-ups on Medium - - [ ] [Unlock the Full Potential of the Wayback Machine for Bug Bounty](https://infosecwriteups.com/unlock-the-full-potential-of-the-wayback-machine-for-bug-bounty-8b6f57e2637d?source=rss----7b722bfd1b8d--bug_bounty) -- hasherezade's 1001 nights - - [ ] [Process Hollowing on Windows 11 24H2](https://hshrzd.wordpress.com/2025/01/27/process-hollowing-on-windows-11-24h2/) -- Twitter @bytehx - - [ ] [Re @0xdef1ant Congrats 🎉🎉🎉](https://x.com/bytehx343/status/1883378858269020361) + - [ ] [Full GitHub Dorking guide: for OSINT and BugBounty (Reconnaissance)](https://infosecwriteups.com/full-github-dorking-guide-for-osint-and-bugbounty-reconnaissance-27557fb67ee0?source=rss----7b722bfd1b8d--bug_bounty) +- SentinelOne + - [ ] [Cloud Ransomware Developments | The Risks of Customer-Managed Keys](https://www.sentinelone.com/blog/cloud-ransomware-developments-the-risks-of-customer-managed-keys/) +- Reverse Engineering + - [ ] [/r/ReverseEngineering's Weekly Questions Thread](https://www.reddit.com/r/ReverseEngineering/comments/1ib336t/rreverseengineerings_weekly_questions_thread/) + - [ ] [Video: Binary Refinery URL extractor for LummaStealer loader](https://www.reddit.com/r/ReverseEngineering/comments/1iazq8n/video_binary_refinery_url_extractor_for/) +- Webroot Blog + - [ ] [6 ways to get the most from Data Privacy Week](https://www.webroot.com/blog/2025/01/27/6-ways-to-get-the-most-from-data-privacy-week/) + - [ ] [Managed Detection and Response: Key trends MSPs can’t afford to ignore](https://www.webroot.com/blog/2025/01/27/managed-detection-and-response-key-trends-msps-cant-afford-to-ignore/) - FreeBuf网络安全行业门户 - - [ ] [[Meachines] [Easy] Academy Laravel-RCE+TRP00F权限提升+audit服务日志权限提升+composer权限提升](https://www.freebuf.com/articles/web/420868.html) - - [ ] [Bombon 方法论:我将如何测试Web缓存漏洞](https://www.freebuf.com/articles/web/420867.html) - - [ ] [[Meachines] [Easy] Bank balance-transfer目录泄露+etcpasswd权限提升+SUID emergency权限提升](https://www.freebuf.com/articles/web/420863.html) - - [ ] [Pwn2Own Automotive2025落幕,累计成功利用49个零日漏洞](https://www.freebuf.com/news/420848.html) - - [ ] [[Meachines] [Easy] Bashed PHP Bash+Python计划任务权限提升](https://www.freebuf.com/articles/web/420843.html) - - [ ] [Meta的Llama框架漏洞使AI系统面临远程代码执行风险](https://www.freebuf.com/vuls/420864.html) - - [ ] [FreeBuf早报 | 这些“春节福利”都是诈骗陷阱;思科警告ClamAV漏洞出现PoC利用代码](https://www.freebuf.com/news/420840.html) - - [ ] [Microsoft Entra ID允许普通用户更新自己的UPN](https://www.freebuf.com/news/420832.html) + - [ ] [THN 每周回顾:顶级网络安全威胁、工具与技巧 [1月27日]](https://www.freebuf.com/vuls/420917.html) + - [ ] [GamaCopy模仿Gamaredon战术,针对俄罗斯实体展开网络间谍活动](https://www.freebuf.com/articles/network/420909.html) + - [ ] [新威胁组织GamaCopy模仿俄罗斯Gamaredon APT,针对俄语目标发起攻击](https://www.freebuf.com/articles/endpoint/420915.html) + - [ ] [恶意文件携带驱动人生数字签名,混淆视听执行后门](https://www.freebuf.com/news/420885.html) + - [ ] [ESXi勒索软件攻击利用SSH隧道逃避检测](https://www.freebuf.com/articles/es/420911.html) +- Malwarebytes + - [ ] [UnitedHealth almost doubles victim numbers from massive Change Healthcare data breach](https://www.malwarebytes.com/blog/news/2025/01/unitedhealth-almost-doubles-victim-numbers-from-massive-change-healthcare-data-breach) + - [ ] [A week in security (January 20 – January 26)](https://www.malwarebytes.com/blog/news/2025/01/a-week-in-security-january-20-january-26) + - [ ] [Three privacy rules for 2025 (Lock and Code S06E02)](https://www.malwarebytes.com/blog/podcast/2025/01/three-privacy-rules-for-2025-lock-and-code-s06e02) +- Shostack & Friends Blog + - [ ] [Spatial Reasoning and Threat Modeling](https://shostack.org/blog/spatial-reasoning-and-threat-modeing/) - 奇客Solidot–传递最新科技情报 - - [ ] [GLP-1RA 的益处和风险](https://www.solidot.org/story?sid=80431) - - [ ] [研究人员发现中欧电网用非加密无线信号控制](https://www.solidot.org/story?sid=80430) - - [ ] [甲骨文等正在谈判接手 TikTok 美国业务](https://www.solidot.org/story?sid=80428) - - [ ] [小鼠研究发现微塑料会堵塞大脑血液流动](https://www.solidot.org/story?sid=80427) - - [ ] [ADHD 患者有更短的预期寿命](https://www.solidot.org/story?sid=80426) - - [ ] [研究称电动汽车的寿命与燃油汽车相差无几](https://www.solidot.org/story?sid=80425) -- 威努特安全网络 - - [ ] [威努特春节假期业务保障通知](https://mp.weixin.qq.com/s?__biz=MzAwNTgyODU3NQ==&mid=2651130894&idx=1&sn=a739a4aa1a6a2ba1ed852c001b054cac&chksm=80e716beb7909fa8843b696e0efcf422e23be1815fd7fbc7f4daca4d26fd047631f3160f831e&scene=58&subscene=0#rd) - - [ ] [蛇年限定!特特祝您蛇跃新程,专属红包封面大派送](https://mp.weixin.qq.com/s?__biz=MzAwNTgyODU3NQ==&mid=2651130893&idx=1&sn=93968e179aca1422e0b570785a21350a&chksm=80e716bdb7909fabc3fa203233b7fe9dea90e57a1941fca61e177b66b0e669412cb233f32eac&scene=58&subscene=0#rd) + - [ ] [Onlyfans 成功背后的心理学](https://www.solidot.org/story?sid=80440) + - [ ] [科学家通过黑洞合并事件验证宇宙镜像对称性](https://www.solidot.org/story?sid=80439) + - [ ] [研究揭示 PM2.5 毒理学机制](https://www.solidot.org/story?sid=80438) + - [ ] [DeepSeek 登顶苹果应用商店免费应用排行榜](https://www.solidot.org/story?sid=80437) + - [ ] [天文学家呼吁禁止太空广告](https://www.solidot.org/story?sid=80436) + - [ ] [研究发现对 AI 了解越少的人越愿意使用 AI](https://www.solidot.org/story?sid=80435) + - [ ] [特斯拉拒绝将 FSD 软件转移到新车](https://www.solidot.org/story?sid=80434) + - [ ] [Bitmanagement 与美国海军的反盗版诉讼再次受挫](https://www.solidot.org/story?sid=80433) +- 安全分析与研究 + - [ ] [利用合法服务逃避检测的C2框架集合](https://mp.weixin.qq.com/s?__biz=MzA4ODEyODA3MQ==&mid=2247490200&idx=1&sn=7ded05c5e8fcfb1f9411a02872d16b97&chksm=902fb5b0a7583ca6b9d070be9f189689dd4947d6b3cd745aa9f60a0f8b4753a861b6fb648957&scene=58&subscene=0#rd) + - [ ] [NetSupport恶意软件实战分析](https://mp.weixin.qq.com/s?__biz=MzA4ODEyODA3MQ==&mid=2247490200&idx=2&sn=6314bb9f1aaf1b510571b88dba47f6c6&chksm=902fb5b0a7583ca6e350050607a7974c961c89efe6bebff6360180ccda873aeec6cac61a7981&scene=58&subscene=0#rd) +- 沉隐杂谈录 + - [ ] [春节快乐-D2发布-新的开始](https://mp.weixin.qq.com/s?__biz=MzIxMDI0MzQzNQ==&mid=2650416407&idx=1&sn=9b8c96ba91a0e21e291d6afc156427ae&chksm=8f691f13b81e9605d0c04246123189c15bd8df8a98c759c24ab9f3b029b4c1e33968ae3bf07a&scene=58&subscene=0#rd) - 吾爱破解论坛 - - [ ] [【活动】感动吾爱2024优秀会员评选活动(总方案)](https://mp.weixin.qq.com/s?__biz=MjM5Mjc3MDM2Mw==&mid=2651141640&idx=1&sn=c7380d0293c9463bb911500de75e6466&chksm=bd50a65c8a272f4a8312beef94ff17af41e1da141c344f6e9a4f5297c2be895e52abecf53ef3&scene=58&subscene=0#rd) + - [ ] [吾爱破解论坛微信红包封面(105000份)](https://mp.weixin.qq.com/s?__biz=MjM5Mjc3MDM2Mw==&mid=2651141642&idx=1&sn=dbc86b6bb93f87ff6b37ff25887ea8ab&chksm=bd50a65e8a272f487fe50c942a392975c1b2f40c830799f082a541fb014f24452a88f9b03c18&scene=58&subscene=0#rd) +- Black Hills Information Security + - [ ] [GRC for Security Managers: From Checklists to Influence](https://www.blackhillsinfosec.com/grc-for-security-managers-wrapup/) +- 看雪学苑 + - [ ] [[SUCTF2025] SU_APP、SU_Harmony 出题小记](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458589294&idx=1&sn=9843c5f997dc4268b2cceefeef11c2d9&chksm=b18c28e486fba1f2def30ae2ad36fb881a2d6b3ae21e83fb24cd04f74d14f7fbfae69daac012&scene=58&subscene=0#rd) + - [ ] [主打提高实战能力:CTF训练营-Web篇](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458589294&idx=2&sn=b3ce8734cd9334e9dd50ed637685ef01&chksm=b18c28e486fba1f26a5b9b0ff4c245f804d7b5bf346992a0ddef298cd610ea4c06ec61e36f24&scene=58&subscene=0#rd) - 丁爸 情报分析师的工具箱 - - [ ] [【资料】数学大杀器](https://mp.weixin.qq.com/s?__biz=MzI2MTE0NTE3Mw==&mid=2651148696&idx=1&sn=898da3a09a42c00a39a6f4178656ff59&chksm=f1af26a2c6d8afb4fb5ba4db233123601088c22139ec75c8e7c53136ed50505603f230c105ae&scene=58&subscene=0#rd) -- 安全圈 - - [ ] [【安全圈】安全圈恭祝大家:新年快乐~](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067622&idx=1&sn=b905decd9f92c3687f021950a11cf89f&chksm=f36e7b66c419f2704293e2da9dd1732a0ac8785b07a9defa259a712df9c0b64a24b38e366bb1&scene=58&subscene=0#rd) - - [ ] [【安全圈】Microsoft Entra ID允许普通用户更新自己的UPN](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067622&idx=2&sn=a56656b05bfd9f42f777c577cffe85e3&chksm=f36e7b66c419f2708526e2e4cf320f327b2b10e54589e7f1f7332c0aaab95c830b6fe1e99286&scene=58&subscene=0#rd) - - [ ] [【安全圈】黑客利用Windows RID劫持技术创建隐藏管理员账户](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067622&idx=3&sn=ad95819ae6f36cb189f9da9618fff556&chksm=f36e7b66c419f270b763f53a6b467d57fb473ad42b2f070ef2b5ef85e28fe5a6a216883110c8&scene=58&subscene=0#rd) + - [ ] [【实操】大语言模型能否按照特定要求撰写情报简报](https://mp.weixin.qq.com/s?__biz=MzI2MTE0NTE3Mw==&mid=2651148703&idx=1&sn=c924baf97ad0b03dd7fb0f48ff913106&chksm=f1af26a5c6d8afb3022277d9121d65514f7d642109b5cc100fd1264fd42ddb72d63aae8c2e43&scene=58&subscene=0#rd) +- 君哥的体历 + - [ ] [运维风险管控、数据安全规范普及与漏洞情报处置:技术与管理并重的综合策略探讨。|总第278周](https://mp.weixin.qq.com/s?__biz=MzI2MjQ1NTA4MA==&mid=2247491776&idx=1&sn=4e17c660387c6776b88e397c64e7ed57&chksm=ea484a87dd3fc3919e9026124b6bc0ba8b63b525d5d9b381260922106e0c8fca0d924c4c1bc5&scene=58&subscene=0#rd) - dotNet安全矩阵 - - [ ] [感恩回馈!dot.Net安全矩阵与 NOP Team 安全团队共庆 SoapShell 项目新突破](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498461&idx=1&sn=c89203d98fd373a5323694401d4eee08&chksm=fa595430cd2edd26502b5d69a1747efcd9ce1cb574936412319dc22ee9b8eeae7e24972e0751&scene=58&subscene=0#rd) - - [ ] [.NET 第 56 期红队武器库和资源汇总](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498461&idx=2&sn=60a67fa4d6b0ab13ce54974a473dfcab&chksm=fa595430cd2edd265f6d792bb13109ecef4975bbf86b6cbe3d23e6cefc38191e742bc24dd549&scene=58&subscene=0#rd) - - [ ] [内网痕迹清理,通过 Sharp4ModifyTime 伪造文件时间戳](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498461&idx=3&sn=2626f54c3fe728d0e72c4b26794f1458&chksm=fa595430cd2edd26a574fe2967cd3ed4ca807ba91f50806c2e0a4b1a9f6ac27d109181aadb58&scene=58&subscene=0#rd) -- 电子物证 - - [ ] [【域外个人生物识别信息保护模式考察】](https://mp.weixin.qq.com/s?__biz=MzAwNDcwMDgzMA==&mid=2651048266&idx=1&sn=8334dbe01a95b5daf8e63ee699ada254&chksm=80d086bbb7a70fade14c6a8d0dce906ad10af5799f8393fe9a43ab628cbbb1d034b401020b9a&scene=58&subscene=0#rd) - - [ ] [【侵犯公民个人信息罪审判实践中的若干问题】](https://mp.weixin.qq.com/s?__biz=MzAwNDcwMDgzMA==&mid=2651048266&idx=2&sn=1f9c690e7d098eef6acaf5815921e9b7&chksm=80d086bbb7a70fad571ce986ba0d665958fea2b1e596aa19575f34d88c816db0c9339a374a52&scene=58&subscene=0#rd) -- 火绒安全 - - [ ] [春节期间火绒将持续为您护航](https://mp.weixin.qq.com/s?__biz=MzI3NjYzMDM1Mg==&mid=2247521917&idx=1&sn=e7a05b4ef346358b0fdb75511aab4db3&chksm=eb704842dc07c154240b11635ca9b61eecbb8c5b6156e882e68f819af8d39f6377d5bc72b5af&scene=58&subscene=0#rd) - - [ ] [诚邀渠道合作伙伴共启新征程](https://mp.weixin.qq.com/s?__biz=MzI3NjYzMDM1Mg==&mid=2247521917&idx=2&sn=742c0d32b70556b96dfa343540c46342&chksm=eb704842dc07c154ffccdb4837b259ec39c35268890217c2498250f931a95febe081d7cebe18&scene=58&subscene=0#rd) -- 威胁棱镜 - - [ ] [2024 年云威胁报告](https://mp.weixin.qq.com/s?__biz=MzkyMzE5ODExNQ==&mid=2247487641&idx=1&sn=a8898a47e93d5fab2dcffdfc8e8f4d37&chksm=c1e9e755f69e6e439ce0173ca28cc38881d507533e17d3e4e34bdf6bf25b87d406b04f9ea080&scene=58&subscene=0#rd) -- 慢雾科技 - - [ ] [喜迎七周年|守正出奇,安全出彩](https://mp.weixin.qq.com/s?__biz=MzU4ODQ3NTM2OA==&mid=2247501022&idx=1&sn=9b1b6cacc81fcfd8cbe9cc1b220e1832&chksm=fddeba59caa9334f36aab17997af5899a4932950b03dd231b9d922dd6d8c0944f18b1e8729c3&scene=58&subscene=0#rd) -- 网安国际 - - [ ] [【InForSec 2025年会顶会论文回顾】陈熠豪: 语义驱动的互联网路由异常检测系统](https://mp.weixin.qq.com/s?__biz=MzA4ODYzMjU0NQ==&mid=2652317461&idx=1&sn=777cc0e34a153ddeb9a61aeeb97cb500&chksm=8bc4ba9bbcb3338d0e6d08f4448934f0ea1f378886cef1f7bbb083452f4197a84e9b5673bbd8&scene=58&subscene=0#rd) - - [ ] [【InForSec 2025年会顶会论文回顾】张允义:权威服务之殇:你的权威服务器配置真的安全么?](https://mp.weixin.qq.com/s?__biz=MzA4ODYzMjU0NQ==&mid=2652317461&idx=2&sn=54da24564ffa3c07f1e7add2df9eb838&chksm=8bc4ba9bbcb3338d35bcb7d908867c9c8c15fd285e4b56fa6f28b69429bf1ccb45557acdfa39&scene=58&subscene=0#rd) - - [ ] [【InForSec 2025年会顶会论文回顾】刘超:面向安全的无线感知技术](https://mp.weixin.qq.com/s?__biz=MzA4ODYzMjU0NQ==&mid=2652317461&idx=3&sn=f3f0dbe8a32fb4a3eb373ef17242552f&chksm=8bc4ba9bbcb3338d5b8f49b10b3fb3b5368b7f82ef18529e5924ccf52dd64b8d1c96657c6f35&scene=58&subscene=0#rd) - - [ ] [【InForSec 2025年会顶会论文回顾】林云: 基于参照的钓鱼欺诈检测技术的自动化知识赋能](https://mp.weixin.qq.com/s?__biz=MzA4ODYzMjU0NQ==&mid=2652317461&idx=4&sn=1eb9c732f3567dab37b7614d41b959ef&chksm=8bc4ba9bbcb3338dec2da9d7a1ab5e37aa5af271e4b69a949d6a87d521b4a5e856e7269e02c3&scene=58&subscene=0#rd) - - [ ] [【InForSec 2025年会顶会论文回顾】刘沛宇:探究 ChatGPT 在漏洞管理任务中的能力](https://mp.weixin.qq.com/s?__biz=MzA4ODYzMjU0NQ==&mid=2652317461&idx=5&sn=7becd6dc617d0acb19f79e2562a68616&chksm=8bc4ba9bbcb3338d471b5f27bb2983f32ebb8b14c928d3ddbf68b363b2b7a2700e9ca475d8bc&scene=58&subscene=0#rd) + - [ ] [收藏 | dotNet 安全矩阵团队2024年度内网横向移动阶段文章和工具汇总](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498493&idx=1&sn=0d58ecc98d8333a349c3712d4c129203&chksm=fa595410cd2edd062276b3223d5124040f319e19ba6ea3217db7d2e4d66add50a2c28fe6313a&scene=58&subscene=0#rd) + - [ ] [国内最专业、最全面的 [ .NET 代码审计 ] 体系化学习交流社区](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498493&idx=2&sn=42328f97d2cb9e8a7299d8948372c706&chksm=fa595410cd2edd060e5fd0741bf0e131d3cd04fafec5389c16758b57d4443a69e9583caee479&scene=58&subscene=0#rd) + - [ ] [通过 Sharp4Tokenvator 实现本地权限提升](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498493&idx=3&sn=d4029c2b542db791a7c4a70127b369fc&chksm=fa595410cd2edd069e4d76454b7789a94293ccb94a2ca643ad9f8b6bb7689ce4f47c1adf7a35&scene=58&subscene=0#rd) - 安全牛 - - [ ] [看不见的AI安全威胁,揭秘隐形提示注入风险](https://mp.weixin.qq.com/s?__biz=MjM5Njc3NjM4MA==&mid=2651134990&idx=1&sn=701c1c672e4859e10d8a989e92cfb9b5&chksm=bd15acdd8a6225cb5ec58575e05024b4512f90cf414c4929ea5550ca0ce63abe76610f3c4bcb&scene=58&subscene=0#rd) - - [ ] [航空防务公司Stark被曝遭遇勒索攻击,4TB机密数据疑被窃取;华硕意外泄露AMD处理器漏洞,补丁被提前公开 | 牛览](https://mp.weixin.qq.com/s?__biz=MjM5Njc3NjM4MA==&mid=2651134990&idx=2&sn=58403bc9b1f187d4eeb8a0040555e426&chksm=bd15acdd8a6225cb148a4aac712178ac0f5b93c6a31929a25b66f04ad2541cae3e31269ab937&scene=58&subscene=0#rd) -- 嘶吼专业版 - - [ ] [黑客利用伪造的恶意软件构建器感染了18000个“script kiddies”](https://mp.weixin.qq.com/s?__biz=MzI0MDY1MDU4MQ==&mid=2247580992&idx=1&sn=d64510306e9db3532091d13213d4b0ef&chksm=e9146d7ade63e46c7077b4b663c858f41dc3369b4ed1d4dadd5718249441857a6a2dbd2bc693&scene=58&subscene=0#rd) -- 极客公园 - - [ ] [AI 2025 的硅谷答案:60 条关键洞察](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653072853&idx=1&sn=264541a441694d5b98b8c1fd4c2e741c&chksm=7e57d063492059755041e560b50e916fa65df25e081a78c7cf689a694849dbbbf5147f212ab2&scene=58&subscene=0#rd) - - [ ] [雷军龙年压轴直播被平台封禁;阅文短剧上线 7 天流水超 5000 万;苹 CEO 库克客串美剧《人生切割术》曝光 | 极客早知道](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653072840&idx=1&sn=1d72852808d7e99c644154b8b17f3396&chksm=7e57d07e492059689f222cd36fafa7a4b981548e2406a4907f7649f29414d437aba543b35147&scene=58&subscene=0#rd) -- 吴鲁加 - - [ ] [喜欢,简单,长期](https://mp.weixin.qq.com/s?__biz=Mzg5NDY4ODM1MA==&mid=2247485159&idx=1&sn=f380bfe92c8a34de1efd46f61388b182&chksm=c01a8bd6f76d02c0279595a65a06ccf64607ece8164156c06c9f84a8931e3c69827cc002ef19&scene=58&subscene=0#rd) + - [ ] [春节放假通知](https://mp.weixin.qq.com/s?__biz=MjM5Njc3NjM4MA==&mid=2651134996&idx=1&sn=1c7920ea6f4ee8c218f4ff5dfcc4b28c&chksm=bd15acc78a6225d1f846166029b745338e146775f7f660efefe8493f1aa89f4e08347b6475c7&scene=58&subscene=0#rd) + - [ ] [LTE和5G网络实现中存在119个安全漏洞,可导致大规模通信中断;调查显示:仅7%受害者在支付勒索软件赎金后成功恢复数据 |牛览](https://mp.weixin.qq.com/s?__biz=MjM5Njc3NjM4MA==&mid=2651134996&idx=2&sn=82356d56bcca2787f9016513ed4f3cbf&chksm=bd15acc78a6225d149fe16de3316f0735ac8eb52adf8cea1638c72eb92dc9122d6eb960a5ce0&scene=58&subscene=0#rd) - 中国信息安全 - - [ ] [通知 | 《中国人民银行业务领域网络安全事件报告管理办法(征求意见稿)》公开征求意见](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235817&idx=1&sn=fc21c6dca1cb7fc755540bf1a276b4b8&chksm=8b5801d0bc2f88c64b2b33a32ff1a4843f115dc87b187875b035e581478bac28fa6bbd2edce9&scene=58&subscene=0#rd) - - [ ] [通知 | 市场监管总局就《网络交易合规数据报送管理暂行办法(征求意见稿)》公开征求意见(附全文)](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235817&idx=2&sn=06ab12bffe83179be743b7574a46733f&chksm=8b5801d0bc2f88c60c136de3cf22a57e9bf3c67399afa6460b98658f345884af8af9f9530e65&scene=58&subscene=0#rd) - - [ ] [王小洪:以更大的决心和力度 推动打击治理电信网络诈骗工作向纵深发展](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235817&idx=3&sn=a50ca75a1c03205901b7729871f25d56&chksm=8b5801d0bc2f88c61f7af6b54d6e354c22a2a5efd4fde9f1e076a1e06c36c2d5c59c916711ad&scene=58&subscene=0#rd) - - [ ] [专家解读 | 构建以统一底座为支撑的数据流通利用设施](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235817&idx=4&sn=5076068c4750dd6b85b48aa9607d94b1&chksm=8b5801d0bc2f88c6579c93f85b9547010ec4fef616426845f7307a2f90ba0776caf33093fc32&scene=58&subscene=0#rd) - - [ ] [通知 | 网安标委发布《网络安全标准实践指南——人脸识别支付场景个人信息安全保护要求》(附全文)](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235817&idx=5&sn=be29f8aa62961fd03e70b0971dd8282d&chksm=8b5801d0bc2f88c6f066bb15865a68ae0fcd446f4e1d5e2d09e8e7280ec917f3de8e84e77638&scene=58&subscene=0#rd) - - [ ] [通知 | 网安标委就《人工智能安全标准体系(V1.0)(征求意见稿)》公开征求意见(附下载)](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235817&idx=6&sn=70f1d6b8d5331b791b6625561bb8d084&chksm=8b5801d0bc2f88c6f5531c9b3013de16ecdbd285242b3a7d9b224e56752ab1c7ef4b1bd671f8&scene=58&subscene=0#rd) - - [ ] [一图读懂 | 国家标准 GB/T 44886.1-2024《网络安全技术 网络安全产品互联互通 第1部分:框架》](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235817&idx=7&sn=d60847ac4d75129f5c475ff4f947f02b&chksm=8b5801d0bc2f88c64b2abdb1d1f4dcf8620e389597584c19fc47849b0b65a88f77183078abde&scene=58&subscene=0#rd) -- 白帽子章华鹏 - - [ ] [今晚一起聊聊提升认知和最近的思考](https://mp.weixin.qq.com/s?__biz=MzIyOTAxOTYwMw==&mid=2650236955&idx=1&sn=8727f67fded4278c8abd5fd3b2476443&chksm=f04ad2a7c73d5bb1a4a24843828005600ab641a02488e6c7920e86b55341f92ee103dbfade7e&scene=58&subscene=0#rd) -- IT Service Management News - - [ ] [Aggiornamento legislativo 2025](http://blog.cesaregallotti.it/2025/01/aggiornamento-legislativo-2025.html) -- 希潭实验室 - - [ ] [第115篇:俄乌网络战之二,乌克兰第2次大停电事件复盘](https://mp.weixin.qq.com/s?__biz=MzkzMjI1NjI3Ng==&mid=2247487377&idx=1&sn=f529c0ec1eb1c2822155f2a03f0c7fbd&chksm=c25fc0eaf52849fc0d9633208b5bad2676a3b64410c0fe687f919721bb83b607980f9a97c200&scene=58&subscene=0#rd) -- Over Security - Cybersecurity news aggregator - - [ ] [Ransomware gang uses SSH tunnels for stealthy VMware ESXi access](https://www.bleepingcomputer.com/news/security/ransomware-gang-uses-ssh-tunnels-for-stealthy-vmware-esxi-access/) - - [ ] [UnitedHealth now says 190 million impacted by 2024 data breach](https://www.bleepingcomputer.com/news/security/unitedhealth-now-says-190-million-impacted-by-2024-data-breach/) + - [ ] [聚焦 | 国家网络威胁信息汇聚共享技术平台试运行总结表彰会成功举办](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235892&idx=1&sn=7fbcbb0883b6c65f4e3ba90ca09cccb7&chksm=8b58018dbc2f889be69ce98bffbb8700788264b4674a06edae6f3bf279bbde06a7fb39fc0778&scene=58&subscene=0#rd) + - [ ] [全球视野 | 国际网安快讯(第47期)](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235892&idx=2&sn=08a60783ca81347f55ac588740b70769&chksm=8b58018dbc2f889b07208718f2d827850ae2e964d65cfa90e842cdf6a10017f45ca80902cce0&scene=58&subscene=0#rd) + - [ ] [专家解读 | 扎实推进数据标准化工作 保障国家数据基础设施建设行稳致远](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235892&idx=3&sn=60fe07f5134c5dcdf56d12ae7a8a6f6f&chksm=8b58018dbc2f889b91b925e9e99f943eb4e141139265dd2619cbcb7539ff4d1feb896ec1b3b5&scene=58&subscene=0#rd) + - [ ] [四部门提示:防范“云养经济”欺诈!](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235892&idx=4&sn=e08fb24557851d99e80e4c6209a72e03&chksm=8b58018dbc2f889bf575dd94acf5c653e8345717700f5a66d66444326c0e8254fa40351c4c22&scene=58&subscene=0#rd) + - [ ] [专家解读 | 规范互联网平台企业报送信息 加强税源监管](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235892&idx=5&sn=9a656024279a6e896c92ce522318f0f9&chksm=8b58018dbc2f889b133dcd409bdae5218c53a73c4bb07029a09b2ad2c68aefeb13bcf03e65ea&scene=58&subscene=0#rd) + - [ ] [发布 | 中国信通院发布《车联网蓝皮书(数据赋能)(2024年)》(附下载)](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235892&idx=6&sn=4f29a9e415b95ec39af7c39c827ca8c6&chksm=8b58018dbc2f889b275a166290ba46af1f9486655da918e0239a1c03e50ba180c0e23d550e1a&scene=58&subscene=0#rd) + - [ ] [专家观点 | 数据治理助推中国生成式人工智能高质量发展](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235892&idx=7&sn=20d279dc28a3b944e6b08da8d0389648&chksm=8b58018dbc2f889b9b6c89092f8cba2bb490d27fc2b4b445f543c8ee998827a6e62a888bef51&scene=58&subscene=0#rd) + - [ ] [评论 | 严打黑客犯罪筑牢网安防线](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235892&idx=8&sn=a3453b1c835acec8834fbd5ff7af2441&chksm=8b58018dbc2f889b114f424c5cbc8fe72002e287bd824755f2bf4fe876eb53a3990490582cb1&scene=58&subscene=0#rd) +- 极客公园 + - [ ] [超音速民航「全球竞赛」,这家中国公司要「换道赛车」](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653072943&idx=1&sn=ffb269408b68f9e0288deb4a716e35a5&chksm=7e57d39949205a8fcb59175315452b11b6aa0621056de0de1b1c687d1a376823a493833406ad&scene=58&subscene=0#rd) + - [ ] [变天!——由一个惊艳例子引发对 DeepSeek 的 10 条思考](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653072943&idx=2&sn=42192769f13fb530fa9d3e23e0ad898c&chksm=7e57d39949205a8f43d40b81d6f0eeb1f919cf2f591666e28604cf8442613d9c9b06c3d6520e&scene=58&subscene=0#rd) + - [ ] [2025 年,多模态会诞生下一个 Super App 吗?](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653072869&idx=1&sn=12adc42065f8f5e00bc46673e247f39b&chksm=7e57d05349205945bf789818c879903e56ec41dee196f11a2c2eb03e570dbb7d37f5276ddf06&scene=58&subscene=0#rd) + - [ ] [DeepSeek升至美区苹果应用榜第一;Switch 2发售时间疑似泄露;苹果iPhone SE4或3月发布|极客早知道](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653072885&idx=1&sn=7e5a3b9e6ca75e1cde3533d9d9979269&chksm=7e57d0434920595525c153f6692cab3f51588c07e99b811fa04650161507b68ef8826215554a&scene=58&subscene=0#rd) +- 嘶吼专业版 + - [ ] [新的 DoubleClickjacking 攻击利用双击来劫持帐户](https://mp.weixin.qq.com/s?__biz=MzI0MDY1MDU4MQ==&mid=2247580993&idx=1&sn=9cef8f9e885411deefa3dd1718756bec&chksm=e9146d7bde63e46d6f0696852e5e5dc1ea9b2c6006db56346d548914ef0d50494db9f8fafe58&scene=58&subscene=0#rd) + - [ ] [安全动态回顾|工信部发布关于防范Androxgh0st僵尸网络的风险提示 Tesla EV充电器在PWN2OWN遭黑客多次入侵](https://mp.weixin.qq.com/s?__biz=MzI0MDY1MDU4MQ==&mid=2247580993&idx=2&sn=790649df6d58dba77660759df720c892&chksm=e9146d7bde63e46d5df8acb5d88a467ae8534a921ea900181bdacf12e66a11088693b337bd86&scene=58&subscene=0#rd) +- 情报分析师 + - [ ] [深挖“颜十六”:影视圈的“毒瘤”与跨国诈骗的“操盘手”](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650559276&idx=1&sn=031b0b5216b2db6c8a00f413e26ddcb0&chksm=87117d67b066f4718e1e8c4668285b5b2e2f1516a4c29ae581a945f427b952a45f7b90bb7cb3&scene=58&subscene=0#rd) + - [ ] [中情局携手乌克兰:从针锋相对到深度绑定,背后暗藏的全球隐患](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650559276&idx=2&sn=43bf564f5b1729bfe0286075d2cbc790&chksm=87117d67b066f471cc064ed852c6dfb97f82886b78a1b56aa647781834ebf0d1af0fec3e978a&scene=58&subscene=0#rd) +- 网安国际 + - [ ] [【InForSec 2025年会顶会论文回顾】雷重庆 :以友为鉴:基于 MCU 外设驱动分析的外设模型生成](https://mp.weixin.qq.com/s?__biz=MzA4ODYzMjU0NQ==&mid=2652317462&idx=1&sn=f826132e0f6fa3183c04badd0fa5dae0&chksm=8bc4ba98bcb3338ebd4c95535b024fb2d0951f24bd5c6220286b8f0e82cf6e3ed30fe77a6690&scene=58&subscene=0#rd) + - [ ] [【InForSec 2025年会顶会论文回顾】姜嘉仪:增强基于二进制分析的协议逆向工程中字段推断能力的研究](https://mp.weixin.qq.com/s?__biz=MzA4ODYzMjU0NQ==&mid=2652317462&idx=2&sn=136962e4a93d95b67fdc6518671af5e4&chksm=8bc4ba98bcb3338e45009a0994535a27c07c8a156be33fa8f7baf2d45b20e61c5bb48fa202d8&scene=58&subscene=0#rd) + - [ ] [【InForSec 2025年会顶会论文回顾】李勇钢:基于虚拟化的未知驱动隔离与保护方法](https://mp.weixin.qq.com/s?__biz=MzA4ODYzMjU0NQ==&mid=2652317462&idx=3&sn=f21f4c9bf0cef097103e6505e6964774&chksm=8bc4ba98bcb3338ede7044a70a7f51fa822aed833fe94983e8164af7b05be3eda9dc94bbfdb9&scene=58&subscene=0#rd) + - [ ] [【InForSec 2025年会顶会论文回顾】马昊玉:镜中窥视:利用缓存侧信道攻破 Android 应用沙盒完整性](https://mp.weixin.qq.com/s?__biz=MzA4ODYzMjU0NQ==&mid=2652317462&idx=4&sn=af78d0a1dc313ed16e1ce158f5556a0e&chksm=8bc4ba98bcb3338e8fbc65c1337d3af8ce4cdc1b60706c6dcbd92114dec43b23f09411cd3af7&scene=58&subscene=0#rd) + - [ ] [【InForSec 2025年会顶会论文回顾】向昊: 基于完全域敏感和源点意识的控制流完整性方法](https://mp.weixin.qq.com/s?__biz=MzA4ODYzMjU0NQ==&mid=2652317462&idx=5&sn=4f9bf219ac43637893b96266671c7f9b&chksm=8bc4ba98bcb3338eaa76ba29a15693a8cd7fdce579502c0ca5f68c46e4d44b1bee8ae278dc8b&scene=58&subscene=0#rd) - 迪哥讲事 - - [ ] [实战中的WebService利⽤⽅法](https://mp.weixin.qq.com/s?__biz=MzIzMTIzNTM0MA==&mid=2247496952&idx=1&sn=fdb338f5ff8cf421424cfcc5c01bfbb7&chksm=e8a5fe9bdfd2778d4c2584e6f5e6b3ce81120dca35669befee62af7d00ae7ada9b06c0dc02fe&scene=58&subscene=0#rd) -- 洞源实验室 - - [ ] [安全产品应该如何有效落地?](https://mp.weixin.qq.com/s?__biz=Mzg4Nzk3MTg3MA==&mid=2247487714&idx=1&sn=7dd60003f789bb02de5697f066178557&chksm=cf831993f8f49085ac4f83bcdee9d23f74fbdb0297c9e38cf9fdc4b9788ecaac632088714056&scene=58&subscene=0#rd) -- Computer Forensics - - [ ] [SOPs -standard operating procedures in DFIR?](https://www.reddit.com/r/computerforensics/comments/1iap5m1/sops_standard_operating_procedures_in_dfir/) - - [ ] [Advice for Someone Interested in Digital Forensics](https://www.reddit.com/r/computerforensics/comments/1ia9pmk/advice_for_someone_interested_in_digital_forensics/) - - [ ] [DF on the side as a LEO](https://www.reddit.com/r/computerforensics/comments/1ia5vc7/df_on_the_side_as_a_leo/) -- TorrentFreak - - [ ] [Appeals Court Affirms U.S. Navy Should Pay $154k in Piracy Damages, not $155m](https://torrentfreak.com/appeals-court-affirms-that-u-s-navy-should-pay-154k-in-piracy-damages-not-155m-250126/) -- Security Affairs - - [ ] [Change Healthcare data breach exposed the private data of over half the U.S.](https://securityaffairs.com/173467/data-breach/change-healthcare-data-breach-190m-people.html) - - [ ] [SECURITY AFFAIRS MALWARE NEWSLETTER – ROUND 30](https://securityaffairs.com/173461/malware/security-affairs-malware-newsletter-round-30.html) - - [ ] [Security Affairs newsletter Round 508 by Pierluigi Paganini – INTERNATIONAL EDITION](https://securityaffairs.com/173454/breaking-news/security-affairs-newsletter-round-508-by-pierluigi-paganini-international-edition.html) - - [ ] [Cisco warns of a ClamAV bug with PoC exploit](https://securityaffairs.com/173446/uncategorized/cisco-fixed-clamav-dos-flaw.html) + - [ ] [通过js进行模糊测试所拿到的一次五千漏洞赏金记录](https://mp.weixin.qq.com/s?__biz=MzIzMTIzNTM0MA==&mid=2247496957&idx=1&sn=5ef897f46f3bf16bce1a83b45b0611c3&chksm=e8a5fe9edfd27788ba026eddd3fbb4541a0037c8be19dcb77460d206bd14339fb2c1bd0ebf83&scene=58&subscene=0#rd) +- 字节跳动技术团队 + - [ ] [Doubao-1.5-pro 发布 | 豆包大模型 LLM 团队热招中](https://mp.weixin.qq.com/s?__biz=MzI1MzYzMjE0MQ==&mid=2247512992&idx=1&sn=a2ed4bf409a9abb86118650e264e8c27&chksm=e9d37842dea4f1548fa971b2742cd34f4920526a6f0b47f86d0fb2a21fc099e27b42ad9f311f&scene=58&subscene=0#rd) +- 360数字安全 + - [ ] [春节假期|安全服务保障通知](https://mp.weixin.qq.com/s?__biz=MzA4MTg0MDQ4Nw==&mid=2247579262&idx=1&sn=e7e448b49217ce28a44f40bf153ac506&chksm=9f8d2676a8faaf60074a2e9aa0130c961d6ddf5f7f8fd7f9ab0fdafe915fd4058dff6dc59310&scene=58&subscene=0#rd) +- CNVD漏洞平台 + - [ ] [CNVD漏洞周报2025年第4期](https://mp.weixin.qq.com/s?__biz=MzU3ODM2NTg2Mg==&mid=2247495739&idx=1&sn=70bff0dcfddcafcf645feed59f012888&chksm=fd74c0f2ca0349e471d5a0cede4e3ed7bdd0d788c211c68cc80dfd224e519f19650dbc8d8c70&scene=58&subscene=0#rd) + - [ ] [上周关注度较高的产品安全漏洞(20250120-20250126)](https://mp.weixin.qq.com/s?__biz=MzU3ODM2NTg2Mg==&mid=2247495739&idx=2&sn=c1eb11a7df482ea02fe0bb114eaa29bc&chksm=fd74c0f2ca0349e47edcfe201c0666f5f1252b026ececf6de03bbe19fda17ce7ae900d728649&scene=58&subscene=0#rd) +- Krypt3ia + - [ ] [Krypt3ia Daily Cyber Threat Intelligence (CTI) Digest](https://krypt3ia.wordpress.com/2025/01/27/krypt3ia-daily-cyber-threat-intelligence-cti-digest-3/) +- 火绒安全 + - [ ] [恶意文件携带驱动人生数字签名,混淆视听执行后门](https://mp.weixin.qq.com/s?__biz=MzI3NjYzMDM1Mg==&mid=2247522002&idx=1&sn=873e1bfdf5c988f9b559733786cfa7ce&chksm=eb7048eddc07c1fb7225e466c76efcdf6e6a1c2632bf3cd10068ebec8ac9c6675090f5f94a2b&scene=58&subscene=0#rd) + - [ ] [诚邀渠道合作伙伴共启新征程](https://mp.weixin.qq.com/s?__biz=MzI3NjYzMDM1Mg==&mid=2247522002&idx=2&sn=c4d71fab7b6251cbfc896cacdff28134&chksm=eb7048eddc07c1fb82edefd16f8fb8288c55cb69ce8473939c2d858863e391e6d043a3bb7f89&scene=58&subscene=0#rd) +- Over Security - Cybersecurity news aggregator + - [ ] [How to switch off Apple Intelligence on your iPhone, iPad and Mac](https://techcrunch.com/2025/01/27/how-to-switch-off-apple-intelligence-on-your-iphone-ipad-and-mac/) + - [ ] [DeepSeek halts new signups amid "large-scale" cyberattack](https://www.bleepingcomputer.com/news/security/deepseek-halts-new-signups-amid-large-scale-cyberattack/) + - [ ] [Bitwarden makes it harder to hack password vaults without MFA](https://www.bleepingcomputer.com/news/security/bitwarden-makes-it-harder-to-hack-password-vaults-without-mfa/) + - [ ] [Microsoft: January Windows security updates break audio playback](https://www.bleepingcomputer.com/news/microsoft/microsoft-january-windows-security-updates-break-audio-playback/) + - [ ] [DeepSeek R1 Exposed: Security Flaws in China’s AI Model](https://www.kelacyber.com/blog/deepseek-r1-security-flaws/) + - [ ] [Hackers hijack emergency sirens in kindergartens across Israel](https://therecord.media/hackers-hijack-sirens-iran-israel) + - [ ] [Democrat members of US surveillance watchdog defy White House resignation request](https://therecord.media/democrat-pclob-members-defy-white-house-call-for-resignation) + - [ ] [Texas county issues disaster declaration following cyberattack](https://therecord.media/texas-county-disaster-declaration-cyberattack) + - [ ] [Apple fixes this year’s first actively exploited zero-day bug](https://www.bleepingcomputer.com/news/security/apple-fixes-this-years-first-actively-exploited-zero-day-bug/) + - [ ] [OpenAI rival DeepSeek limits registration after ‘large-scale malicious attacks’](https://therecord.media/deepseek-limits-registration-blames-malicious-attacks) + - [ ] [EU sanctions Russian GRU hackers for cyberattacks against Estonia](https://www.bleepingcomputer.com/news/security/eu-sanctions-russian-gru-hackers-for-cyberattacks-against-estonia/) + - [ ] [Brazil bans iris scan company co-founded by Sam Altman from paying citizens for biometric data](https://therecord.media/brazil-iris-scan-data-privacy-tools-for-humanity) + - [ ] [Windows 11 24H2 preview brings new taskbar features](https://www.bleepingcomputer.com/news/microsoft/windows-11-24h2-preview-brings-new-taskbar-features/) + - [ ] [Hackers steal $85 million worth of cryptocurrency from Phemex](https://www.bleepingcomputer.com/news/security/hackers-steal-85-million-worth-of-cryptocurrency-from-phemex/) + - [ ] [Microsoft Teams phishing attack alerts coming to everyone next month](https://www.bleepingcomputer.com/news/security/microsoft-teams-phishing-attack-alerts-coming-to-everyone-next-month/) + - [ ] [Ukraine denies involvement in cyberattack against Slovakia](https://therecord.media/ukraine-denies-cyberattack-involvement-slovakia) + - [ ] [Clone2Leak attacks exploit Git flaws to steal credentials](https://www.bleepingcomputer.com/news/security/clone2leak-attacks-exploit-git-flaws-to-steal-credentials/) + - [ ] [Is GDLockerSec Really Targeting AWS?](https://www.kelacyber.com/blog/is-gdlockersec-really-targeting-aws/) + - [ ] [Preventing Phishing Attacks, Before They Catch You Copy](https://www.kelacyber.com/blog/preventing-phishing-attacks-before-they-catch-you-copy/) + - [ ] [CISO 2025](https://www.certego.net/blog/ciso-2025-innovare-per-fronteggiare-le-nuove-minacce-alla-cybersecurity/) + - [ ] [IT Vulnerability Report: 7-Zip, Windows and Fortinet Fixes Urged by Cyble](https://cyble.com/blog/it-vulnerability-report-7-zip-windows-and-fortinet-fixes-urged-by-cyble/) + - [ ] [Info Sec Unplugged [12]: Datacenter Network](https://roccosicilia.com/2025/01/27/info-sec-unplugged-12-datacenter-network/) + - [ ] [Sweden seizes ship suspected of Baltic Sea cable sabotage](https://therecord.media/sweden-seizes-ship-suspected-cable-sabotage) + - [ ] [United Against Cybercrime: ASEAN Ministers Forge New Security Pathways](https://cyble.com/blog/united-against-cybercrime-asean-ministers-forge-new-security-pathways/) + - [ ] [Le implementazioni LTE e 5G soffrono di centinaia di vulnerabilità](https://www.securityinfo.it/2025/01/27/le-implementazioni-lte-e-5g-soffrono-di-centinaia-di-vulnerabilita/) + - [ ] [CERT-AGID 18 – 24 gennaio: una nuova campagna a tema INPS (e ancora Vidar)](https://www.securityinfo.it/2025/01/27/cert-agid-18-24-gennaio-una-nuova-campagna-a-tema-inps-e-ancora-vidar/) + - [ ] [Cobalt Strike and a Pair of SOCKS Lead to Lockbit Ransomware](https://thedfirreport.com/2025/01/27/cobalt-strike-and-a-pair-of-socks-lead-to-lockbit-ransomware/) +- 悬镜安全 + - [ ] [人物丨悬镜安全张弛:解密悬镜二进制SCA技术背后的黑客大佬](https://mp.weixin.qq.com/s?__biz=MzA3NzE2ODk1Mg==&mid=2647795566&idx=1&sn=359d23f656b50d3a85c021b1e616165b&chksm=8770af39b007262f20e4aa761d196adc461e89aca8fb0246ad44ed56d7d16a2574f73a5eecde&scene=58&subscene=0#rd) +- Securityinfo.it + - [ ] [Le implementazioni LTE e 5G soffrono di centinaia di vulnerabilità](https://www.securityinfo.it/2025/01/27/le-implementazioni-lte-e-5g-soffrono-di-centinaia-di-vulnerabilita/?utm_source=rss&utm_medium=rss&utm_campaign=le-implementazioni-lte-e-5g-soffrono-di-centinaia-di-vulnerabilita) + - [ ] [CERT-AGID 18 – 24 gennaio: una nuova campagna a tema INPS (e ancora Vidar)](https://www.securityinfo.it/2025/01/27/cert-agid-18-24-gennaio-una-nuova-campagna-a-tema-inps-e-ancora-vidar/?utm_source=rss&utm_medium=rss&utm_campaign=cert-agid-18-24-gennaio-una-nuova-campagna-a-tema-inps-e-ancora-vidar) +- Qualys Security Blog + - [ ] [Unlock the Boardroom with Cyber Risk: How the Qualys Enterprise TruRisk™ Platform Empowers CISOs](https://blog.qualys.com/category/product-tech) +- 漏洞战争 + - [ ] [学历赋](https://mp.weixin.qq.com/s?__biz=MzU0MzgzNTU0Mw==&mid=2247485935&idx=1&sn=c9ad7ddf99eb58464e3f86507a44ea7a&chksm=fb041d17cc73940154677fad437801a70ad48959c1dd49fdcb52af2495a7018c01c509eb433a&scene=58&subscene=0#rd) +- IT Service Management News + - [ ] [Linee guida (in bozza!) EDPB sulla pseudonimizzazione](http://blog.cesaregallotti.it/2025/01/linee-guida-in-bozza-edpb-sulla.html) + - [ ] [Regolamento sullo spazio europeo dei dati sanitari (EHDS)](http://blog.cesaregallotti.it/2025/01/regolamento-sullo-spazio-europeo-dei.html) +- NETRESEC Network Security Blog + - [ ] [Blocking Malicious sites with a TLS Firewall](https://www.netresec.com/?page=Blog&month=2025-01&post=Blocking-Malicious-sites-with-a-TLS-Firewall) - Hacking Exposed Computer Forensics Blog - - [ ] [Daily Blog #729: Solution Saturday 1/25/25](https://www.hecfblog.com/2025/01/daily-bloh-729-solution-saturday-12525.html) -- Technical Information Security Content & Discussion - - [ ] [Clone2Leak: Your Git Credentials Belong To Us](https://www.reddit.com/r/netsec/comments/1iagp0v/clone2leak_your_git_credentials_belong_to_us/) - - [ ] [WorstFit: Unveiling Hidden Transformers in Windows ANSI](https://www.reddit.com/r/netsec/comments/1iarjw6/worstfit_unveiling_hidden_transformers_in_windows/) -- Information Security - - [ ] [Question regarding wireless interefence](https://www.reddit.com/r/Information_Security/comments/1iakb4j/question_regarding_wireless_interefence/) - - [ ] [Do you know of somebody who got hacked for using an older/unsupported phone?](https://www.reddit.com/r/Information_Security/comments/1iasbmc/do_you_know_of_somebody_who_got_hacked_for_using/) -- Jack Hacks - - [ ] [So You Want To Work in Cyber Security?](https://jhalon.github.io/breaking-into-cyber-security/) + - [ ] [Daily Blog #730: Sunday Funday 1/26/25](https://www.hecfblog.com/2025/01/daily-blog-730-sunday-funday-12625.html) +- Schneier on Security + - [ ] [New VPN Backdoor](https://www.schneier.com/blog/archives/2025/01/new-vpn-backdoor.html) +- T00ls安全 + - [ ] [T00ls“喜庆2025”网络安全文章征集活动投票结果公告](https://mp.weixin.qq.com/s?__biz=Mzg3NzYzODU5NQ==&mid=2247484906&idx=1&sn=572ea62012da59778ab11cdb9083e223&chksm=cf1ea346f8692a502f73bd6de98d79b44e488978e6c92e828f5eec688593ee767b4a5adeb8ee&scene=58&subscene=0#rd) +- SANS Internet Storm Center, InfoCON: green + - [ ] [An unusual "shy z-wasp" phishing, (Mon, Jan 27th)](https://isc.sans.edu/diary/rss/31626) + - [ ] [ISC Stormcast For Monday, January 27th, 2025 https://isc.sans.edu/podcastdetail/9296, (Mon, Jan 27th)](https://isc.sans.edu/diary/rss/31624) +- Deeplinks + - [ ] [It's Copyright Week 2025: Join Us in the Fight for Better Copyright Law and Policy](https://www.eff.org/deeplinks/2025/01/its-copyright-week-2025-join-us-fight-better-copyright-law-and-policy) +- The Register - Security + - [ ] [US freezes foreign aid, halting cybersecurity defense and policy funds for allies](https://go.theregister.com/feed/www.theregister.com/2025/01/27/us_state_department_freezes_cyber_aid/) + - [ ] [DeepSeek limits new accounts amid cyberattack](https://go.theregister.com/feed/www.theregister.com/2025/01/27/deepseek_suspends_new_registrations_amid/) + - [ ] [Google takes action after coder reports 'most sophisticated attack I've ever seen'](https://go.theregister.com/feed/www.theregister.com/2025/01/27/google_confirms_action_taken_to/) + - [ ] [Sweden seizes cargo ship after another undersea cable hit in suspected sabotage](https://go.theregister.com/feed/www.theregister.com/2025/01/27/sweden_seizes_ship/) + - [ ] [CDNs: Great for speeding up the internet, bad for location privacy](https://go.theregister.com/feed/www.theregister.com/2025/01/27/cloudflare_cdn_location_data/) + - [ ] [British Museum says ex-contractor 'shut down' IT systems, wreaked havoc](https://go.theregister.com/feed/www.theregister.com/2025/01/27/contractor_trespass_british_museum/) +- TorrentFreak + - [ ] [U.S. Anti-Piracy Symposium Emphazises Need for Site Blocking](https://torrentfreak.com/u-s-anti-piracy-symposium-emphazises-site-blocking-250127/) + - [ ] [Pirates Surprise as Oscar-Nominated Movie Screeners Leak Online Again](https://torrentfreak.com/piracy-surprise-as-oscar-nominated-movie-screeners-leak-online-again-250127/) +- Instapaper: Unread + - [ ] [Guerre di Rete - Ulbricht, come si è arrivati alla liberazione del fondatore di Silk Road](https://guerredirete.substack.com/p/guerre-di-rete-ulbricht-come-si-e) - Your Open Hacker Community - - [ ] [good hacking movies/series like mr robot?](https://www.reddit.com/r/HowToHack/comments/1iahrnk/good_hacking_moviesseries_like_mr_robot/) - - [ ] [Huge collection of hacking related learning material and books for free.(Found it on darkweb ,looks legit)](https://www.reddit.com/r/HowToHack/comments/1ias0x4/huge_collection_of_hacking_related_learning/) - - [ ] [Best place to find mentees?](https://www.reddit.com/r/HowToHack/comments/1iadjac/best_place_to_find_mentees/) - - [ ] [how can I get maltego to add data sources when it was offline activated?](https://www.reddit.com/r/HowToHack/comments/1iat8pa/how_can_i_get_maltego_to_add_data_sources_when_it/) - - [ ] [I need help with a generator bot](https://www.reddit.com/r/HowToHack/comments/1iaseq6/i_need_help_with_a_generator_bot/) - - [ ] [What are some good cybersecurity project ideas?](https://www.reddit.com/r/HowToHack/comments/1iar1c2/what_are_some_good_cybersecurity_project_ideas/) - - [ ] [Can someone somehow see what other people are typing on a whatsapp group or private chat?](https://www.reddit.com/r/HowToHack/comments/1iaqkds/can_someone_somehow_see_what_other_people_are/) - - [ ] [Restore exe file code written in Python.](https://www.reddit.com/r/HowToHack/comments/1iaje21/restore_exe_file_code_written_in_python/) - - [ ] [Passware password recovery](https://www.reddit.com/r/HowToHack/comments/1ia4c8z/passware_password_recovery/) - - [ ] [I got a roblox account user and password i want change email](https://www.reddit.com/r/HowToHack/comments/1iarpig/i_got_a_roblox_account_user_and_password_i_want/) - - [ ] [Help with arduino bad usb I’m making](https://www.reddit.com/r/HowToHack/comments/1ia6d1w/help_with_arduino_bad_usb_im_making/) - - [ ] [how do people inject a certain code to a device using a usb?](https://www.reddit.com/r/HowToHack/comments/1ia3sls/how_do_people_inject_a_certain_code_to_a_device/) - - [ ] [Im genuinely curious, how do people hack](https://www.reddit.com/r/HowToHack/comments/1ia3j94/im_genuinely_curious_how_do_people_hack/) -- Social Engineering - - [ ] [Social constructs](https://www.reddit.com/r/SocialEngineering/comments/1ianqbu/social_constructs/) + - [ ] [Help.](https://www.reddit.com/r/HowToHack/comments/1ibkihi/help/) + - [ ] [BUILD FOR HACKING](https://www.reddit.com/r/HowToHack/comments/1ibgyos/build_for_hacking/) + - [ ] [I need the backend code of a site that's shutting down](https://www.reddit.com/r/HowToHack/comments/1ibkvnv/i_need_the_backend_code_of_a_site_thats_shutting/) + - [ ] [Your experience learning programming for hacking purposes?](https://www.reddit.com/r/HowToHack/comments/1ib9mau/your_experience_learning_programming_for_hacking/) + - [ ] [Help!](https://www.reddit.com/r/HowToHack/comments/1ibi4xi/help/) + - [ ] [Stupid questions about functions hooking](https://www.reddit.com/r/HowToHack/comments/1ibeaa3/stupid_questions_about_functions_hooking/) + - [ ] [Find Person Behind Instagram Fake Account](https://www.reddit.com/r/HowToHack/comments/1ibjf8w/find_person_behind_instagram_fake_account/) + - [ ] [Tips on beating the first to register](https://www.reddit.com/r/HowToHack/comments/1ibbnr4/tips_on_beating_the_first_to_register/) + - [ ] [Plz help](https://www.reddit.com/r/HowToHack/comments/1ibe8th/plz_help/) + - [ ] [Getting started](https://www.reddit.com/r/HowToHack/comments/1ib1gys/getting_started/) + - [ ] [I'm being spied through my personal phone](https://www.reddit.com/r/HowToHack/comments/1ib7ovq/im_being_spied_through_my_personal_phone/) + - [ ] [Help](https://www.reddit.com/r/HowToHack/comments/1ib724a/help/) + - [ ] [Vladimir and George hacking](https://www.reddit.com/r/HowToHack/comments/1ib1gpv/vladimir_and_george_hacking/) + - [ ] [How do you hack the YouTube algorithm. I’m looking for a step by step guide because I’ve never hacked anything or even tried in my life.](https://www.reddit.com/r/HowToHack/comments/1ib0sq7/how_do_you_hack_the_youtube_algorithm_im_looking/) + - [ ] [What dark web website are good for hacking](https://www.reddit.com/r/HowToHack/comments/1ib0kaq/what_dark_web_website_are_good_for_hacking/) +- Information Security + - [ ] [Infosec analysis on software installation request](https://www.reddit.com/r/Information_Security/comments/1ib5xhx/infosec_analysis_on_software_installation_request/) - The Hacker News - - [ ] [Meta's Llama Framework Flaw Exposes AI Systems to Remote Code Execution Risks](https://thehackernews.com/2025/01/metas-llama-framework-flaw-exposes-ai.html) + - [ ] [GitHub Desktop Vulnerability Risks Credential Leaks via Malicious Remote URLs](https://thehackernews.com/2025/01/github-desktop-vulnerability-risks.html) + - [ ] [⚡ THN Weekly Recap: Top Cybersecurity Threats, Tools and Tips [27 January]](https://thehackernews.com/2025/01/thn-weekly-recap-top-cybersecurity_27.html) + - [ ] [Do We Really Need The OWASP NHI Top 10?](https://thehackernews.com/2025/01/do-we-really-need-owasp-nhi-top-10.html) + - [ ] [GamaCopy Mimics Gamaredon Tactics in Cyber Espionage Targeting Russian Entities](https://thehackernews.com/2025/01/gamacopy-mimics-gamaredon-tactics-in.html) + - [ ] [MintsLoader Delivers StealC Malware and BOINC in Targeted Cyber Attacks](https://thehackernews.com/2025/01/mintsloader-delivers-stealc-malware-and.html) +- Deep Web + - [ ] [Ever heard of spiritual manipulation?](https://www.reddit.com/r/deepweb/comments/1ibo2jo/ever_heard_of_spiritual_manipulation/) +- Graham Cluley + - [ ] [Hacked buses blare out patriotic pro-European anthems in Tbilisi, attack government](https://www.bitdefender.com/en-us/blog/hotforsecurity/hacked-buses-blare-out-patriotic-pro-european-anthems-in-tbilisi-attack-government) +- Social Engineering + - [ ] [Conspiracy Theories are for Opportunists](https://www.reddit.com/r/SocialEngineering/comments/1ibboak/conspiracy_theories_are_for_opportunists/) +- Security Affairs + - [ ] [Apple fixed the first actively exploited zero-day of 2025](https://securityaffairs.com/173536/hacking/apple-fixed-the-first-zero-day-vulnerability-of-2025.html) + - [ ] [TalkTalk confirms data breach involving a third-party platform](https://securityaffairs.com/173526/cyber-crime/talktalk-confirms-data-breach.html) + - [ ] [Multiple Git flaws led to credentials compromise](https://securityaffairs.com/173520/security/multiple-git-flaws-led-to-credentials-compromise.html) + - [ ] [GamaCopy targets Russia mimicking Russia-linked Gamaredon APT](https://securityaffairs.com/173501/apt/gamacopy-mimics-russia-linked-gamaredon-apt.html) + - [ ] [ESXi ransomware attacks use SSH tunnels to avoid detection](https://securityaffairs.com/173487/cyber-crime/esxi-ransomware-attacks-use-ssh-tunnels-to-avoid-detection.html) + - [ ] [Attackers allegedly stole $69 million from cryptocurrency platform Phemex](https://securityaffairs.com/173478/digital-id/cryptocurrency-platform-phemex-cyber-heist.html) +- Computer Forensics + - [ ] [eCDFP 30 days plan](https://www.reddit.com/r/computerforensics/comments/1ibb6ij/ecdfp_30_days_plan/) + - [ ] [Top digital forensics conferences in 2025](https://www.reddit.com/r/computerforensics/comments/1ib179q/top_digital_forensics_conferences_in_2025/) +- Technical Information Security Content & Discussion + - [ ] [Get FortiRekt, I am the Super_Admin Now - FortiOS Authentication Bypass CVE-2024-55591 - watchTowr Labs](https://www.reddit.com/r/netsec/comments/1ibfmeo/get_fortirekt_i_am_the_super_admin_now_fortios/) + - [ ] [New way to exploit BYOVD exploits with symbolic links.](https://www.reddit.com/r/netsec/comments/1ib3nnm/new_way_to_exploit_byovd_exploits_with_symbolic/) +- Security Weekly Podcast Network (Audio) + - [ ] [AI Red Teaming Comes to Bug Bounties - Francis Dinha, Michiel Prins - ESW #391](http://sites.libsyn.com/18678/ai-red-teaming-comes-to-bug-bounties-francis-dinha-michiel-prins-esw-391) From c1b39c700734d4cc19eba5387c461332f53725c2 Mon Sep 17 00:00:00 2001 From: chainreactorbot Date: Wed, 29 Jan 2025 02:44:31 +0000 Subject: [PATCH 22/29] =?UTF-8?q?=E6=AF=8F=E6=97=A5=E5=AE=89=E5=85=A8?= =?UTF-8?q?=E8=B5=84=E8=AE=AF=EF=BC=882025-01-29=EF=BC=89?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- archive/daily/2025/2025-01-29.md | 330 ++++++++++++++++ archive/tmp/2025-01-29.json | 403 ++++++++++++++++++++ today.md | 626 +++++++++++++++---------------- 3 files changed, 1038 insertions(+), 321 deletions(-) create mode 100644 archive/daily/2025/2025-01-29.md create mode 100644 archive/tmp/2025-01-29.json diff --git a/archive/daily/2025/2025-01-29.md b/archive/daily/2025/2025-01-29.md new file mode 100644 index 0000000000..15943411c4 --- /dev/null +++ b/archive/daily/2025/2025-01-29.md @@ -0,0 +1,330 @@ +# 每日安全资讯(2025-01-29) + +- SecWiki News + - [ ] [SecWiki News 2025-01-28 Review](http://www.sec-wiki.com/?2025-01-28) +- CXSECURITY Database RSS Feed - CXSecurity.com + - [ ] [SpagoBI 3.5.1 Cross Site Scripting](https://cxsecurity.com/issue/WLB-2025010031) + - [ ] [SpagoBI 3.5.1 Cross Site Request Forgery](https://cxsecurity.com/issue/WLB-2025010030) + - [ ] [AutoLib Software Systems OPAC 20.10 Secret Disclosure](https://cxsecurity.com/issue/WLB-2025010029) + - [ ] [Wind River Software VxWorks 6.9 Weak Password Hashing Algorithms](https://cxsecurity.com/issue/WLB-2025010028) + - [ ] [Netman 204 - Broken Access Control Remote command](https://cxsecurity.com/issue/WLB-2025010027) +- Doonsec's feed + - [ ] [恭贺新春](https://mp.weixin.qq.com/s?__biz=MzAwMTU3NTcwMg==&mid=2650274703&idx=1&sn=44bc7fedf574abdef2667a6705174f16) + - [ ] [贺新春](https://mp.weixin.qq.com/s?__biz=MzAwNTc0ODM3Nw==&mid=2247489469&idx=1&sn=8036df60009b8f327efe91e9cc6ed5db) + - [ ] [工联众测平台祝大家新春快乐!](https://mp.weixin.qq.com/s?__biz=MzkyMDMwNTkwNg==&mid=2247487233&idx=1&sn=6a23f67adae9f6cb2d9b51b3365fb957) + - [ ] [DataCon祝您新春快乐,蛇年顺福!](https://mp.weixin.qq.com/s?__biz=MzU5Njg1NzMyNw==&mid=2247489129&idx=1&sn=6b731efe82b4bfd863b8f70732c57433) + - [ ] [S1uM4i 2024 年终总结](https://mp.weixin.qq.com/s?__biz=MzkwMDY2ODc0MA==&mid=2247485321&idx=1&sn=424b19ecebbb4251cc46503a2e6bdd5e) + - [ ] [无糖信息祝您2025新春快乐,蛇年大吉,巳巳如意!](https://mp.weixin.qq.com/s?__biz=MzAxMzkzNDA1Mg==&mid=2247513943&idx=1&sn=8653479e8a4a87d52d06cad7e12a1a0f) + - [ ] [宁盾祝您春节快乐!](https://mp.weixin.qq.com/s?__biz=Mzk0MjI4MzA5MQ==&mid=2247485168&idx=1&sn=7609f006f7083b7c031ae358074fbce7) + - [ ] [春节 | 鱼影信息祝您新年快乐!](https://mp.weixin.qq.com/s?__biz=MzkyOTI4NTY4MQ==&mid=2247491120&idx=1&sn=2fe2e381833ac8c3b3cc1adacfd54608) + - [ ] [烟花璀璨,辞旧迎新!](https://mp.weixin.qq.com/s?__biz=MzIzODQxMjM2NQ==&mid=2247500314&idx=1&sn=55fd4ab5604ca218c5d6bae45dd143cc) + - [ ] [情报分析大家庭拜年啦!新的一年一起加油!](https://mp.weixin.qq.com/s?__biz=MzkwNzM0NzA5MA==&mid=2247504929&idx=1&sn=08582222431ff4fe86e1edb119fa1bd4) + - [ ] [听说看过的25年都赚了一个小目标哦!](https://mp.weixin.qq.com/s?__biz=MzU2MDE2MjU1Mw==&mid=2247486166&idx=1&sn=be18f3e264adac14e0c9c2892bb78337) + - [ ] [蛇年快乐!](https://mp.weixin.qq.com/s?__biz=MzI1Mjc3NTUwMQ==&mid=2247538520&idx=1&sn=ae2d81fefede57572c13d682b4a5c957) + - [ ] [【OSCP】 Kioptrix 提权靶机(1-5)全系列教程,Try Harder!绝对干货!](https://mp.weixin.qq.com/s?__biz=MzU2MTc4NTEyNw==&mid=2247486449&idx=1&sn=6fd14445024d20e037e1a6c2ea688cf5) + - [ ] [巳巳如意,新春大吉|“工业互联网标识智库”给您拜年啦!](https://mp.weixin.qq.com/s?__biz=MzU1OTUxNTI1NA==&mid=2247592331&idx=1&sn=da66b7b09b73ca014e2dbfbe08f98956) + - [ ] [告别本地算力焦虑:使用腾讯云免费GPU部署DeepSeek-R1](https://mp.weixin.qq.com/s?__biz=MzkzMTY0MDgzNg==&mid=2247484059&idx=1&sn=fe1155e27ce44740d6c694158f218e2d) + - [ ] [零基础:从搭建DeepSeek开始](https://mp.weixin.qq.com/s?__biz=Mzk0Mzc2MDQyMg==&mid=2247486458&idx=1&sn=69916ef3b03a1efb0dac87b22c9504cc) + - [ ] [(吃瓜)神人tv之内网肉鸡](https://mp.weixin.qq.com/s?__biz=MzkzNjczNzEyMw==&mid=2247484130&idx=1&sn=cd4d51927aca6de101fc20fc3d87f5f6) + - [ ] [领红包啦!信息安全的兄弟们凭手速抢66个新春红包!!](https://mp.weixin.qq.com/s?__biz=MzkxMDY3MzQyNQ==&mid=2247484803&idx=1&sn=67040f6a098a560ac76ad463e03849d7) + - [ ] [DeepSeek崛起背后的暗流:全球AI技术博弈下的DDoS攻击](https://mp.weixin.qq.com/s?__biz=Mzg2Nzg0NDkwMw==&mid=2247493212&idx=1&sn=d5ff49e83b16adba13a2b353720f5f6b) + - [ ] [除夕夜快乐](https://mp.weixin.qq.com/s?__biz=MzU5MTIxNzg0Ng==&mid=2247488146&idx=1&sn=cab1d455370b4497865a4ea139ed1072) + - [ ] [VPC访问控制网络ACL和安全组的基本差异](https://mp.weixin.qq.com/s?__biz=Mzg3NTUzOTg3NA==&mid=2247515079&idx=1&sn=fd21e42d301bf2176eac4331c9cdf478) + - [ ] [分享图片](https://mp.weixin.qq.com/s?__biz=Mzk0MDQzNzY5NQ==&mid=2247493210&idx=1&sn=611fcff00c148212c63d4d8c0b116ef7) + - [ ] [叮咚,您有一份2024年的家书请签收](https://mp.weixin.qq.com/s?__biz=MzUxODY3MDExMA==&mid=2247490113&idx=1&sn=f588627c92bc5fc34c5a5020b6e6f27f) + - [ ] [Nil聊安全祝大家新年快乐!](https://mp.weixin.qq.com/s?__biz=MzkyMDY4MTc2Ng==&mid=2247483970&idx=1&sn=3ff66f6fb393638fbf077038ca8af503) + - [ ] [世界需要一个能谋善断的AI(一)序章:被低估的“决策”革命!](https://mp.weixin.qq.com/s?__biz=MzAxOTk3NTg5OQ==&mid=2247492270&idx=1&sn=1f2c860bb229ccdddaa36e1798ee31b2) + - [ ] [【CS单兵后渗透插件v1.0】| OpSec 标准下的红队武器化](https://mp.weixin.qq.com/s?__biz=Mzk1NzM5MTI2Mg==&mid=2247484412&idx=1&sn=f7e81d418014efc190a265ea5b403424) + - [ ] [祝大家蛇年快乐](https://mp.weixin.qq.com/s?__biz=MzU4NDY3MTk2NQ==&mid=2247491063&idx=1&sn=1a207ea9a1bf6793f778b14c866699e3) + - [ ] [蛇年吉祥 | EasyTools工具箱v1.0.2新春更新](https://mp.weixin.qq.com/s?__biz=MzkxNDYxMTc0Mg==&mid=2247484211&idx=1&sn=867b0a122b938721b7056648bed208b6) + - [ ] [网安人如何向相亲对象介绍自己的职业](https://mp.weixin.qq.com/s?__biz=MzIxMTg1ODAwNw==&mid=2247500533&idx=1&sn=f881bd74fcc4daf798426ead967a262c) + - [ ] [OpenAI o1 模型预部署评估报告](https://mp.weixin.qq.com/s?__biz=MjM5OTk4MDE2MA==&mid=2655264819&idx=1&sn=9bcbf9176ffca6c01ab6af00e300c1bd) + - [ ] [【2025-01-28】黑客新闻摘要](https://mp.weixin.qq.com/s?__biz=MzIzNDU5NTI4OQ==&mid=2247488369&idx=1&sn=6bb8a56600deaec9050fa3fa2af8c1d4) + - [ ] [新春献词:网络安全守护数字文明的星河](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485474&idx=1&sn=8985a87527422d08033ec138eb8aff86) + - [ ] [【干货原创】实网攻防演习常态化,会带来什么变化01](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485474&idx=4&sn=39cc23fe07830e4d7472358278971dd2) + - [ ] [【干货原创】K12教育,鲜为人知的模式秘密](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485474&idx=5&sn=6ece66b859b3c838d887e890ab1347d3) + - [ ] [原创文章目录](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485474&idx=6&sn=ddf654295edecd57791b7ff56275a624) + - [ ] [T00ls给您拜年了,祝福大家2025新春快乐,蛇行智敏,万事皆成](https://mp.weixin.qq.com/s?__biz=Mzg3NzYzODU5NQ==&mid=2247484913&idx=1&sn=c0718fb9edf9d2d38143583821a8a591) + - [ ] [【云安全】云原生-K8S-搭建/安装/部署](https://mp.weixin.qq.com/s?__biz=MzUyNTUyNTA5OQ==&mid=2247484782&idx=1&sn=e915e38783585176822fe7d83b1fac60) + - [ ] [祝您新春吉祥](https://mp.weixin.qq.com/s?__biz=Mzg4NzQ4MzA4Ng==&mid=2247485197&idx=1&sn=74ff9efe9a5ed4a7fbed4390af5b1a1d) + - [ ] [蛇年新春喜气扬,家家户户乐洋洋!](https://mp.weixin.qq.com/s?__biz=MzkzNTQzNTQzMQ==&mid=2247485353&idx=1&sn=c301e027660b56065be82c4eefcac09e) + - [ ] [新年快乐!](https://mp.weixin.qq.com/s?__biz=MzkyNTYxNDAwNQ==&mid=2247484502&idx=1&sn=fd6b131b1b080ae8e1c09f3983db4ad6) + - [ ] [新春快乐,红包和限时半价都来啦](https://mp.weixin.qq.com/s?__biz=Mzg2ODYxMzY3OQ==&mid=2247518332&idx=1&sn=a99dc2d16ee867d81dc1fb6d6d585fd5) + - [ ] [0day 挖到手软,403 到 getshell](https://mp.weixin.qq.com/s?__biz=MzIzMTIzNTM0MA==&mid=2247496966&idx=1&sn=c49dbe1213cb5a1afa836901e2c13038) + - [ ] [新年快乐,蛇年大吉!!!](https://mp.weixin.qq.com/s?__biz=MzUxNzg5MzM2Mg==&mid=2247487122&idx=1&sn=c744712cc396636e805c16c6d2c21f7b) + - [ ] [新年抽奖-大凉山草莓三份](https://mp.weixin.qq.com/s?__biz=Mzg2NDcwNjkzNw==&mid=2247487188&idx=1&sn=732db3a8ebd2e623d7d32c09dde7ce79) + - [ ] [入选T00ls第十二届年度(2024)人物风云榜!感谢各位支持与鼓励!](https://mp.weixin.qq.com/s?__biz=MzI5MzkwMzU1Nw==&mid=2247485230&idx=1&sn=b380678520b0ffa5a3c4fadac7defb4b) + - [ ] [【2025】除夕快乐](https://mp.weixin.qq.com/s?__biz=MzUwOTc3MTQyNg==&mid=2247491380&idx=1&sn=e4ad3b1ba59ba53e292ebe50ded8ff0f) + - [ ] [灵蛇纳福,恭贺新春!](https://mp.weixin.qq.com/s?__biz=MzIwMzI1MDg2Mg==&mid=2649945158&idx=1&sn=fecbe5d3b883ca7ec2240ef098769058) + - [ ] [后渗透:文件传输指南](https://mp.weixin.qq.com/s?__biz=MzkzNTYwMTk4Mw==&mid=2247488230&idx=1&sn=1c55c9eec57e987f73284321529d275c) + - [ ] [AI-小肥羊新年贺词!](https://mp.weixin.qq.com/s?__biz=Mzg5NjY4NDg1Nw==&mid=2247483918&idx=1&sn=3f545e8664083850f43da076087b61cc) + - [ ] [【独眼情报2024绝密快报】](https://mp.weixin.qq.com/s?__biz=MzkzNDIzNDUxOQ==&mid=2247494555&idx=1&sn=969df31b7b7f94e3e460d87d9d8d341b) + - [ ] [美国政府称朝鲜去年窃取了价值超过 6.59 亿美元的加密货币](https://mp.weixin.qq.com/s?__biz=Mzg3ODY0NTczMA==&mid=2247492125&idx=1&sn=7831811d7848487a4532874c5c321c95) + - [ ] [r3kapig祝大家蛇年大吉](https://mp.weixin.qq.com/s?__biz=MzI2MDE4MzkzMQ==&mid=2247484582&idx=1&sn=2edb58b7afc32298d84146c8a8590832) + - [ ] [蛇年大吉 | 记得看到最后,你想不到的,边搞居然还能领福利,爽到跳起来](https://mp.weixin.qq.com/s?__biz=Mzk0NzQxNzY2OQ==&mid=2247488117&idx=1&sn=7c87ec70661c577345d5f2cfc07ba224) + - [ ] [整车测试:网络安全认证的灵丹妙药?](https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247620223&idx=1&sn=4468d3513fec7d2ef881a5dd49cd3e04) + - [ ] [引入新汽车产品设计的隐私要求和设计规范,以及对当前汽车隐私标准化的影响](https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247620223&idx=2&sn=934de7b41be8cbb1d5dd42e833f1e0ec) + - [ ] [在产品开发阶段使用公共弱点仿真的弱点分析方法](https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247620223&idx=3&sn=ad2fb08375329c47e67f7ce86ed26cc0) + - [ ] [【年末总结&抽奖】技术是上天送给穷孩子最好的礼物!](https://mp.weixin.qq.com/s?__biz=MzkxNjQyODY5MA==&mid=2247487024&idx=1&sn=a62224588a6e2dd62693f3862794a78d) + - [ ] [我不允许有人不用这么牛掰的AI](https://mp.weixin.qq.com/s?__biz=MzkyOTQ4NTc3Nw==&mid=2247485473&idx=1&sn=9e94b35fd3ca3b6b77f33b632f82d312) + - [ ] [祝福各位网安人除夕快乐!](https://mp.weixin.qq.com/s?__biz=MzU2NDY2OTU4Nw==&mid=2247518500&idx=1&sn=77a990ec3405490f248537f3bb52f457) + - [ ] [新年快乐🎉](https://mp.weixin.qq.com/s?__biz=MzIwOTMzMzY0Ng==&mid=2247487850&idx=1&sn=e60c50cf6c14e46300498d583f660e12) + - [ ] [2025年最全除夕祝福语 欢欢喜喜过除夕,和和美美又一年!](https://mp.weixin.qq.com/s?__biz=MzIwNDYzNTYxNQ==&mid=2247502590&idx=1&sn=077b679c799ba964711d4d006052ba58) + - [ ] [²⁰²⁵/₀₁.₂₈除夕夜朋友圈文案配图,高级感绝了,总有一款适合你!](https://mp.weixin.qq.com/s?__biz=MzIwNDYzNTYxNQ==&mid=2247502590&idx=2&sn=73466049a019cbaa3238bafce30ec360) + - [ ] [龙腾蛇舞迎新春,福运连连贺新年!](https://mp.weixin.qq.com/s?__biz=MzA4NTY4MjAyMQ==&mid=2447900161&idx=1&sn=76bd5fe5be0b14e0a14eed056c1f31b1) + - [ ] [2025 新年大吉!!!](https://mp.weixin.qq.com/s?__biz=MzU1NTYxMjA5MA==&mid=2247505231&idx=1&sn=fc04df3a3e6f0360f375c5eb8edf9620) + - [ ] [恭祝大家福绕蛇年,多財多亿!](https://mp.weixin.qq.com/s?__biz=MzkyODYwODkyMA==&mid=2247485022&idx=1&sn=d3c1484e603f14b371fde5d6ac39a9df) + - [ ] [IDA技巧(105)自定义基址的偏移量](https://mp.weixin.qq.com/s?__biz=MzI1Mjk2MTM1OQ==&mid=2247485302&idx=1&sn=1a2fc3df35199bb3a2496fa7a2f7e386) + - [ ] [收藏 | dotNet安全矩阵 2024 年度外网入口打点阶段文章和工具汇总](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498517&idx=1&sn=ca095104967396843e7a5274e01b8e1e) + - [ ] [国内最专业、最全面的 [ .NET 代码审计 ] 体系化学习交流社区](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498517&idx=2&sn=b0fb228f6cafa443177863062d84f824) + - [ ] [收藏 | dotNet 安全矩阵团队2024年度内网横向移动阶段文章和工具汇总](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498517&idx=3&sn=522289e0fc1f8349b7367d905bba86b9) + - [ ] [朱厌安全在这里祝大家新年快乐啦!](https://mp.weixin.qq.com/s?__biz=Mzg4Njg3MDk5Ng==&mid=2247486849&idx=1&sn=fb5c009168582de268af009c587dc846) + - [ ] [奇安信给您拜年了!](https://mp.weixin.qq.com/s?__biz=MzU0NDk0NTAwMw==&mid=2247624759&idx=1&sn=325c1eab223d2d0fc8135016385d6ebc) +- Tenable Blog + - [ ] [What Makes This “Data Privacy Day” Different?](https://www.tenable.com/blog/what-makes-this-data-privacy-day-different) +- Security Boulevard + - [ ] [Reverse engineering your test data: It’s not as safe as you think it is](https://securityboulevard.com/2025/01/reverse-engineering-your-test-data-its-not-as-safe-as-you-think-it-is/) + - [ ] [What is the role of data synthesis in my CI/CD pipeline, anyway?](https://securityboulevard.com/2025/01/what-is-the-role-of-data-synthesis-in-my-ci-cd-pipeline-anyway/) + - [ ] [DeepSeek: The Silent AI Takeover That Could Cripple Markets and Fuel China’s Cyberwarfare](https://securityboulevard.com/2025/01/deepseek-the-silent-ai-takeover-that-could-cripple-markets-and-fuel-chinas-cyberwarfare/) + - [ ] [DEF CON 32 – Top War Stories From A TryHard Bug Bounty Hunter](https://securityboulevard.com/2025/01/def-con-32-top-war-stories-from-a-tryhard-bug-bounty-hunter/) + - [ ] [AI is a double-edged sword: Why you need new controls to manage risk](https://securityboulevard.com/2025/01/ai-is-a-double-edged-sword-why-you-need-new-controls-to-manage-risk/) + - [ ] [Prioritizing Cybersecurity Findings Exception and Issues in Risk Management](https://securityboulevard.com/2025/01/prioritizing-cybersecurity-findings-exception-and-issues-in-risk-management/) + - [ ] [Comic Agilé – Luxshan Ratnaravi, Mikkel Noe-Nygaard – #321 – Use Jira](https://securityboulevard.com/2025/01/comic-agile-luxshan-ratnaravi-mikkel-noe-nygaard-321-use-jira/) + - [ ] [The Halliburton Cyberattack: A $35M Wake-Up Call](https://securityboulevard.com/2025/01/the-halliburton-cyberattack-a-35m-wake-up-call/) + - [ ] [Complete Guide to AI Tokens: Understanding, Optimization, and Cost Management](https://securityboulevard.com/2025/01/complete-guide-to-ai-tokens-understanding-optimization-and-cost-management/) + - [ ] [DEF CON 32 – Travel Better Expedient Digital Defense](https://securityboulevard.com/2025/01/def-con-32-travel-better-expedient-digital-defense/) +- Private Feed for M09Ic + - [ ] [mgeeky starred mcmilk/7-Zip-zstd](https://github.com/mcmilk/7-Zip-zstd) + - [ ] [xpn starred dreadnode/cli](https://github.com/dreadnode/cli) + - [ ] [killeven starred deepseek-ai/DeepSeek-V3](https://github.com/deepseek-ai/DeepSeek-V3) + - [ ] [mgeeky starred LLVMParty/LLVMCMakeTemplate](https://github.com/LLVMParty/LLVMCMakeTemplate) + - [ ] [mgeeky starred Adaptix-Framework/AdaptixC2](https://github.com/Adaptix-Framework/AdaptixC2) + - [ ] [CHYbeta starred deepseek-ai/awesome-deepseek-integration](https://github.com/deepseek-ai/awesome-deepseek-integration) + - [ ] [safedv starred racoten/BetterNetLoader](https://github.com/racoten/BetterNetLoader) + - [ ] [safedv starred NoahKirchner/speedloader](https://github.com/NoahKirchner/speedloader) +- Sucuri Blog + - [ ] [Sucuri WAF Now Supports HTTP/3: A Faster and More Secure Web Experience](https://blog.sucuri.net/2025/01/sucuri-waf-now-supports-http-3-a-faster-and-more-secure-web-experience.html) +- 一个被知识诅咒的人 + - [ ] [Python中的asyncio:高效的异步编程模型](https://blog.csdn.net/nokiaguy/article/details/145386296) + - [ ] [【人工智能】基于Python的机器翻译系统,从RNN到Transformer的演进与实现](https://blog.csdn.net/nokiaguy/article/details/145386286) +- obaby@mars + - [ ] [祝大家新年快乐](https://h4ck.org.cn/2025/01/19056) +- Swing'Blog 浮生若梦 + - [ ] [CVE-2025-0282 Ivanti Connect Secure VPN 栈溢出漏洞分析](https://bestwing.me/CVE-2025-0282-Ivanti-Connect-Secure-VPN-stack-overflow.html) +- Recent Commits to cve:main + - [ ] [Update Tue Jan 28 20:20:38 UTC 2025](https://github.com/trickest/cve/commit/84532ae2b8e9faef03daab62637fea93055c5f46) + - [ ] [Update Tue Jan 28 12:25:27 UTC 2025](https://github.com/trickest/cve/commit/046dff1f309416991e0350c5de230e05922e6962) + - [ ] [Update Tue Jan 28 04:25:42 UTC 2025](https://github.com/trickest/cve/commit/1973cb584ac5acc9fa6a12b9f74e3c5ab7bf2429) +- GuidePoint Security + - [ ] [GRIT 2025 Report: Post-Compromise Detection Strategies](https://www.guidepointsecurity.com/blog/grit-2025-report-post-compromise-detection-strategies/) +- Hacking Dream + - [ ] [Running DeepSeek AI Locally on your PC/Laptop](https://www.hackingdream.net/2025/01/running-deepseek-ai-locally-on-your-pc-laptop.html) +- Horizon3.ai + - [ ] [Top 150 Cybersecurity Vendors 2025](https://cyber150.com/#new_tab) + - [ ] [Building Cyber Resilience Across a Distributed Network](https://www.horizon3.ai/customer-story/building-cyber-resilience-across-a-distributed-network/) +- Malware-Traffic-Analysis.net - Blog Entries + - [ ] [2025-01-23: Fake installer leads to Koi Loader/Koi Stealer](https://www.malware-traffic-analysis.net/2025/01/23/index.html) +- Trail of Bits Blog + - [ ] [Best practices for key derivation](https://blog.trailofbits.com/2025/01/28/best-practices-for-key-derivation/) +- VMRay + - [ ] [From analysis to action: Enhancing government threat models with malware insights](https://www.vmray.com/from-analysis-to-action-enhancing-government-threat-models-with-malware-insights/) +- PortSwigger Research + - [ ] [Bypassing character blocklists with unicode overflows](https://portswigger.net/research/bypassing-character-blocklists-with-unicode-overflows) +- PortSwigger Blog + - [ ] [The complexities of scaling AppSec teams and how to address them in 2025](https://portswigger.net/blog/the-complexities-of-scaling-appsec-teams-and-how-to-address-them-in-2025) +- Reverse Engineering + - [ ] [Malimite is an iOS and macOS decompiler](https://www.reddit.com/r/ReverseEngineering/comments/1icg0we/malimite_is_an_ios_and_macos_decompiler/) + - [ ] [Data Speculation Attacks on Apple Silicon](https://www.reddit.com/r/ReverseEngineering/comments/1icfpij/data_speculation_attacks_on_apple_silicon/) +- Malwarebytes + - [ ] [Apple users: Update your devices now to patch zero-day vulnerability](https://www.malwarebytes.com/blog/news/2025/01/apple-users-update-your-devices-now-to-patch-zero-day-vulnerability) +- FreeBuf网络安全行业门户 + - [ ] [勒索软件利用隐秘SSH隧道攻击ESXi系统,实现C2通信](https://www.freebuf.com/articles/system/420939.html) +- 奇客Solidot–传递最新科技情报 + - [ ] [研究估计到 2100 年欧洲高温死亡人数增加五成](https://www.solidot.org/story?sid=80443) + - [ ] [Google 开源 Pebble 智能手表操作系统](https://www.solidot.org/story?sid=80442) + - [ ] [用开源方法复现 DeepSeek-R1](https://www.solidot.org/story?sid=80441) +- Shostack & Friends Blog + - [ ] [National Cyber Incident Response Plan comments](https://shostack.org/blog/national-cyber-incident-response-plan/) +- 安全分析与研究 + - [ ] [安全分析与研究新年优惠活动](https://mp.weixin.qq.com/s?__biz=MzA4ODEyODA3MQ==&mid=2247490214&idx=1&sn=238b595f99800c4991ac3e031a617c7f&chksm=902fb58ea7583c98e9ddb14df7809c329edb32cc5712822a43578e6f6d1d7144cf1fecb0f797&scene=58&subscene=0#rd) +- 锦行科技 + - [ ] [除夕 | 团圆守岁](https://mp.weixin.qq.com/s?__biz=MzIxNTQxMjQyNg==&mid=2247493739&idx=1&sn=c40ba2e100570ac69b06d868d4c023f6&chksm=979a13cea0ed9ad88be1125eaf8a6b2f2cc605dcebf820f7bf4e02f16087b4630e41bd06eee1&scene=58&subscene=0#rd) +- 白帽100安全攻防实验室 + - [ ] [白帽一百祝大家除夕快乐 | 文末抽奖](https://mp.weixin.qq.com/s?__biz=MzIxMDYyNTk3Nw==&mid=2247515161&idx=1&sn=3f2f882686de333d655eeacd52bf2dbc&chksm=976348cfa014c1d9acaa8e7c59f8871624f6a60fec4938f95bbdc95a0b04832cd0194bcbd553&scene=58&subscene=0#rd) +- 吾爱破解论坛 + - [ ] [分享图片](https://mp.weixin.qq.com/s?__biz=MjM5Mjc3MDM2Mw==&mid=2651141650&idx=1&sn=e3110752e4ffe937f324f685970f7f7d&chksm=bd50a6468a272f5024154f18471dea1e90fd56dcda584cb19983130a4ae5445176d483274784&scene=58&subscene=0#rd) +- 红日安全 + - [ ] [除夕夜,合家团圆,红日安全携手共迎新春!🎆🌟 新的一年,愿与您一起守护数字世界,开启更加稳固的商业未来!💼🔐](https://mp.weixin.qq.com/s?__biz=MzI4NjEyMDk0MA==&mid=2649851758&idx=1&sn=9e7fdd47524e28eb38189eecd4f8e494&chksm=f3e4e9edc49360fb9800add526de22a3005efd022ab9b8ffc02527465e0b464ca3fe928a508f&scene=58&subscene=0#rd) +- 安全内参 + - [ ] [突发!DeepSeek遭大规模恶意攻击](https://mp.weixin.qq.com/s?__biz=MzI4NDY2MDMwMw==&mid=2247513606&idx=1&sn=c00cf1c71328532ab314b816e276ebd8&chksm=ebfaf126dc8d783046da2e5424c76d7fb9ec3cd85676d2e93c5db7a7af817293fe531ec3a044&scene=58&subscene=0#rd) +- 信息安全国家工程研究中心 + - [ ] [恭贺新禧 | 瑞彩盈春盛景长,工程中心祝您新春快乐!](https://mp.weixin.qq.com/s?__biz=MzU5OTQ0NzY3Ng==&mid=2247498792&idx=1&sn=f277f20331e69c40ad775f29da0c8ede&chksm=feb67d3bc9c1f42d897ea4e78ac53000b52ae91a3fd33eb8f1b0e68b43ff243b3cff482f57b3&scene=58&subscene=0#rd) +- 网络空间安全科学学报 + - [ ] [《网络空间安全科学学报》恭祝大家新春快乐!](https://mp.weixin.qq.com/s?__biz=MzI0NjU2NDMwNQ==&mid=2247504687&idx=1&sn=e024501dcdf71e762898408c4b021501&chksm=e9bfc791dec84e879b034e32ac4b8585ab5f79c72506da72eaff60ed33de62c7fd3d5be74c8a&scene=58&subscene=0#rd) +- 中国信息安全 + - [ ] [金蛇纳福 | 除夕大年夜,网安贺新春!](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235910&idx=1&sn=b0672a4323005a47b990decd5489b9b5&chksm=8b58017fbc2f8869dc12d3eae6576f3996fab46384314e421819881ab158af09ec2c9ea1ee11&scene=58&subscene=0#rd) + - [ ] [辞旧迎新 喜迎蛇年](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235910&idx=2&sn=04f7502a3c21d8e0ff68a1afbaa3d271&chksm=8b58017fbc2f8869535c224bbbdf7616c84b7648d3af144e7f8839482f4da6c7a4abe07532e1&scene=58&subscene=0#rd) +- 微步在线 + - [ ] [祝大家新春快乐!](https://mp.weixin.qq.com/s?__biz=MzI5NjA0NjI5MQ==&mid=2650183108&idx=1&sn=6beef11e4a6096c49c2cbe62b5fc19f6&chksm=f4486e78c33fe76e204f182d703c408d91c0b83853b30f7fe82e9a7bdc9957c63234d0ac5360&scene=58&subscene=0#rd) +- 极客公园 + - [ ] [Deepseek又出连招:刚发布了超越DALL-E3的多模态模型](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653072968&idx=1&sn=11cc8c1298740ae6a406e012a43af24b&chksm=7e57d3fe49205ae8324716001201a49174026b129e73e59beac316ff24b099213446e9c145a7&scene=58&subscene=0#rd) + - [ ] [DeepSeek 深夜再放大招;迅雷将以 5 亿元人民币收购虎扑;华尔街押注特斯拉销量不达预期 | 极客早知道](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653072955&idx=1&sn=9914ed1021f98e7210793dde585b5219&chksm=7e57d38d49205a9bcb04929242ff2f15dc88cabd8e2a5bd653c4c6d4acf7be07b1ac43ed3df5&scene=58&subscene=0#rd) +- 渊龙Sec安全团队 + - [ ] [红包来袭~渊龙Sec安全团队给您拜年啦!](https://mp.weixin.qq.com/s?__biz=Mzg4NTY0MDg1Mg==&mid=2247485646&idx=1&sn=3d22f63d3e8153286e1ae1195bcac411&chksm=cfa49335f8d31a236cd0fa26b68b4def16aa1290c8b9518cab594a009d47ad6b8de4d578409e&scene=58&subscene=0#rd) +- 纽创信安 + - [ ] [岁序更新 金蛇献瑞 | 纽创信安恭祝大家新春快乐!](https://mp.weixin.qq.com/s?__biz=MzAwNTczMjAzMg==&mid=2650239321&idx=1&sn=8ad3d5a84549a685cce1bf2131792ab5&chksm=831bf2f6b46c7be0a039fddda0d494b7ada4f31312f5439d5db0d7f12999b266967c88677bc4&scene=58&subscene=0#rd) +- 360数字安全 + - [ ] [除夕团圆 蛇年大吉](https://mp.weixin.qq.com/s?__biz=MzA4MTg0MDQ4Nw==&mid=2247579255&idx=1&sn=0a04f442f719d80d0c02c0c756e5d97d&chksm=9f8d267fa8faaf6924f7c8ad2770d1096f234af45121b44e32d356c4927307496d4b4d06fb01&scene=58&subscene=0#rd) +- Over Security - Cybersecurity news aggregator + - [ ] [Sucuri WAF Now Supports HTTP/3: A Faster and More Secure Web Experience](https://blog.sucuri.net/2025/01/sucuri-waf-now-supports-http-3-a-faster-and-more-secure-web-experience.html) + - [ ] [Unmasking FleshStealer: A New Infostealer Threat in 2025](https://flashpoint.io/blog/fleshstealer-infostealer-threat-2025/) + - [ ] [Hackers exploiting flaws in SimpleHelp RMM to breach networks](https://www.bleepingcomputer.com/news/security/hackers-exploiting-flaws-in-simplehelp-rmm-to-breach-networks/) + - [ ] [Google to kill Chrome Sync on older Chrome browser versions](https://www.bleepingcomputer.com/news/google/google-to-kill-chrome-sync-on-older-chrome-browser-versions/) + - [ ] [Prosecutors say they can’t obtain murder conviction after judge throws out evidence from facial recognition match](https://therecord.media/prosecutors-cant-obtain-murder-conviction-after-judge-throws-out-facial-recognition-evidence) + - [ ] [Kali Linux On The New Modern WSL](https://www.kali.org/blog/kali-linux-modern-wsl/) + - [ ] [Ransomware attack kept major energy industry contractor out of some systems for 6 weeks](https://therecord.media/englobal-ransomware-attack-six-weeks-disruption) + - [ ] [Garmin GPS watches crashing, stuck in triangle 'reboot loop'](https://www.bleepingcomputer.com/news/technology/garmin-gps-watches-crashing-stuck-in-triangle-reboot-loop/) + - [ ] [New Apple CPU side-channel attacks steals data from browsers](https://www.bleepingcomputer.com/news/security/new-apple-cpu-side-channel-attack-steals-data-from-browsers/) + - [ ] [Engineering giant Smiths Group discloses security breach](https://www.bleepingcomputer.com/news/security/engineering-giant-smiths-group-discloses-security-breach/) + - [ ] [Apple fixes zero-day flaw affecting all devices](https://techcrunch.com/2025/01/28/apple-fixes-zero-day-flaw-affecting-all-devices/) + - [ ] [Signal will let you sync old messages when linking new devices](https://www.bleepingcomputer.com/news/security/signal-will-let-you-sync-old-messages-when-linking-new-devices/) + - [ ] [EU sanctions Russian intelligence personnel for cyberattacks against Estonia](https://therecord.media/eu-sanctions-gru-personnel-cyberattack-estonia) + - [ ] [What's Yours is Mine: Is Your Business Ready for Cryptojacking Attacks?](https://www.bleepingcomputer.com/news/security/whats-yours-is-mine-is-your-business-ready-for-cryptojacking-attacks/) + - [ ] [PowerSchool starts notifying victims of massive data breach](https://www.bleepingcomputer.com/news/security/powerschool-starts-notifying-victims-of-massive-data-breach/) + - [ ] [Texas utility firm investigating potential leak of customer data tied to 2023 MOVEit breach](https://therecord.media/texas-utility-firm-investigating-potential-data-leak-moveit-breach) + - [ ] [Microsoft tests Edge Scareware Blocker to block tech support scams](https://www.bleepingcomputer.com/news/microsoft/microsoft-tests-edge-scareware-blocker-to-block-tech-support-scams/) + - [ ] [I ransomware contro le appliance ESXi sfruttano il tunneling SSH per la persistenza](https://www.securityinfo.it/2025/01/28/i-ransomware-contro-le-appliance-esxi-sfruttano-il-tunneling-ssh-per-la-persistenza/) + - [ ] [BloodHound Community Edition Custom Queries](https://blog.compass-security.com/2025/01/bloodhound-community-edition-custom-queries/) + - [ ] [Critical Vulnerabilities in Node.js Expose Systems to Remote Attacks](https://cyble.com/blog/critical-vulnerabilities-in-node-js-expose-systems/) + - [ ] [How ANY.RUN Helps Healthcare Organizations Against Ransomware: Interlock Case Study](https://any.run/cybersecurity-blog/interlock-ransomware-attack-analysis/) + - [ ] [New TorNet backdoor seen in widespread campaign](https://blog.talosintelligence.com/new-tornet-backdoor-campaign/) + - [ ] [HeatGames - 647,896 breached accounts](https://haveibeenpwned.com/PwnedWebsites#HeatGames) + - [ ] [phpMyAdmin 5.2.2 Addresses Critical XSS and Library Vulnerabilities](https://cyble.com/blog/phpmyadmin-5-2-2-addresses-critical-xss-and-library/) + - [ ] [Doxbin Scrape - 435,784 breached accounts](https://haveibeenpwned.com/PwnedWebsites#DoxbinScrape) + - [ ] [A Tumultuous Week for Federal Cybersecurity Efforts](https://krebsonsecurity.com/2025/01/a-tumultuous-week-for-federal-cybersecurity-efforts/) +- 山石网科安全技术研究院 + - [ ] [除夕到,喜气绕,家家团圆乐逍遥!](https://mp.weixin.qq.com/s?__biz=MzUzMDUxNTE1Mw==&mid=2247510299&idx=1&sn=e07f4498e637187f6603f941448a5e71&chksm=fa527ca5cd25f5b36ae7505447b8bda768e86084936228fe43918ce274acfa3d23c2fb7f0a1c&scene=58&subscene=0#rd) +- Qualys Security Blog + - [ ] [Securing AI Innovation: Enterprise Strategies for LLM and Generative AI Security](https://blog.qualys.com/category/product-tech) +- Krypt3ia + - [ ] [Krypt3ia Daily Cyber Threat Intelligence (CTI) Digest](https://krypt3ia.wordpress.com/2025/01/28/krypt3ia-daily-cyber-threat-intelligence-cti-digest-4/) +- bellingcat + - [ ] [Faking It: Deepfake Porn Site’s Link to Tech Companies](https://www.bellingcat.com/news/uk-and-europe/2025/01/28/deepfake-porn-sites-link-to-tech-companies/) +- 娜璋AI安全之家 + - [ ] [[AI安全论文] (37)CCS21 DeepAID:基于深度学习的异常检测(解释)](https://mp.weixin.qq.com/s?__biz=Mzg5MTM5ODU2Mg==&mid=2247501274&idx=1&sn=66f331dcd21faf0af18d06e3f0efd75a&chksm=cfcf7517f8b8fc01a40567b8eba774d42edbb3f9fbac3a602848850fc7388186c7e1d3e5aefe&scene=58&subscene=0#rd) +- T00ls安全 + - [ ] [T00ls给您拜年了,祝福大家2025新春快乐,蛇行智敏,万事皆成](https://mp.weixin.qq.com/s?__biz=Mzg3NzYzODU5NQ==&mid=2247484913&idx=1&sn=c0718fb9edf9d2d38143583821a8a591&chksm=cf1ea35df8692a4b0e85b1e99543e79ce895ddc90e98811c9da8eb822d6256dfe62c7c83fb6d&scene=58&subscene=0#rd) +- Securityinfo.it + - [ ] [I ransomware contro le appliance ESXi sfruttano il tunneling SSH per la persistenza](https://www.securityinfo.it/2025/01/28/i-ransomware-contro-le-appliance-esxi-sfruttano-il-tunneling-ssh-per-la-persistenza/?utm_source=rss&utm_medium=rss&utm_campaign=i-ransomware-contro-le-appliance-esxi-sfruttano-il-tunneling-ssh-per-la-persistenza) +- SANS Internet Storm Center, InfoCON: green + - [ ] [Fileless Python InfoStealer Targeting Exodus, (Tue, Jan 28th)](https://isc.sans.edu/diary/rss/31630) + - [ ] [ISC Stormcast For Tuesday, January 28th, 2025 https://isc.sans.edu/podcastdetail/9298, (Tue, Jan 28th)](https://isc.sans.edu/diary/rss/31628) +- Hacking Exposed Computer Forensics Blog + - [ ] [Daily Blog #731: Accessing multiple shadow copies at once with AIM](https://www.hecfblog.com/2025/01/daily-blog-731-accessing-multiple.html) +- Have I Been Pwned latest breaches + - [ ] [HeatGames - 647,896 breached accounts](https://haveibeenpwned.com/PwnedWebsites#HeatGames) + - [ ] [Doxbin Scrape - 435,784 breached accounts](https://haveibeenpwned.com/PwnedWebsites#DoxbinScrape) +- 迪哥讲事 + - [ ] [0day 挖到手软,403 到 getshell](https://mp.weixin.qq.com/s?__biz=MzIzMTIzNTM0MA==&mid=2247496966&idx=1&sn=c49dbe1213cb5a1afa836901e2c13038&chksm=e8a5ff65dfd27673a9c0d7fdd99094847b291a7b8434f16f408af60943322f7ba539d1f82082&scene=58&subscene=0#rd) +- Schneier on Security + - [ ] [CISA Under Trump](https://www.schneier.com/blog/archives/2025/01/cisa-under-trump.html) +- Kali Linux + - [ ] [Kali Linux On The New Modern WSL](https://www.kali.org/blog/kali-linux-modern-wsl/) +- ICT Security Magazine + - [ ] [Generative Artificial Intelligence (GenAI): Analisi completa di rischi, sicurezza e governance dei sistemi AI](https://www.ictsecuritymagazine.com/articoli/genai/) + - [ ] [Fast Data: l’evoluzione dei Big Data verso l’Analisi in Tempo Reale](https://www.ictsecuritymagazine.com/articoli/fast-data-big-data/) +- The Register - Security + - [ ] [Baguette bandits strike again with ransomware and a side of mockery](https://go.theregister.com/feed/www.theregister.com/2025/01/28/baguettes_bandits_strike_again/) + - [ ] [Protecting AWS environments from cyberthreats](https://go.theregister.com/feed/www.theregister.com/2025/01/28/protecting_aws_environments_from_cyberthreats/) + - [ ] [Security pros more confident about fending off ransomware, despite being battered by attacks](https://go.theregister.com/feed/www.theregister.com/2025/01/28/research_security_pros_gain_ransomware/) + - [ ] [Apple plugs security hole in its iThings that's already been exploited in iOS](https://go.theregister.com/feed/www.theregister.com/2025/01/28/apple_cve_2025_24085/) +- Graham Cluley + - [ ] [The AI Fix #35: Project Stargate, the AI emergency, and batsh*t AI cryonics](https://grahamcluley.com/the-ai-fix-35/) +- TorrentFreak + - [ ] [Nintendo Piracy Lawsuit Defendant Makes Dire Situation Even Worse](https://torrentfreak.com/nintendo-piracy-lawsuit-defendant-makes-dire-situation-even-worse-250128/) + - [ ] [LLM Taken Down Following Legal Pressure from Anti-Piracy Group](https://torrentfreak.com/llm-taken-down-following-legal-pressure-from-anti-piracy-group-250128/) +- Deeplinks + - [ ] [EFF to State AGs: Time to Investigate Crisis Pregnancy Centers](https://www.eff.org/deeplinks/2025/01/eff-state-ags-time-investigate-crisis-pregnancy-centers) + - [ ] [What Proponents of Digital Replica Laws Can Learn from the Digital Millennium Copyright Act](https://www.eff.org/deeplinks/2025/01/what-proponents-digital-replica-laws-can-learn-digital-millennium-copyright-act) + - [ ] [California Law Enforcement Misused State Databases More Than 7,000 Times in 2023](https://www.eff.org/deeplinks/2025/01/california-police-misused-state-databases-more-7000-times-2023) + - [ ] [Don't Make Copyright Law in Smoke-Filled Rooms](https://www.eff.org/deeplinks/2025/01/dont-make-copyright-law-smoke-filled-rooms) +- Deep Web + - [ ] [How common was this?](https://www.reddit.com/r/deepweb/comments/1ic3t3w/how_common_was_this/) +- Krebs on Security + - [ ] [A Tumultuous Week for Federal Cybersecurity Efforts](https://krebsonsecurity.com/2025/01/a-tumultuous-week-for-federal-cybersecurity-efforts/) +- Social Engineering + - [ ] [How to avoid telling people my age.](https://www.reddit.com/r/SocialEngineering/comments/1ibtmw0/how_to_avoid_telling_people_my_age/) + - [ ] [Conspiracy Theories are for Opportunists](https://www.reddit.com/r/SocialEngineering/comments/1ic9i2a/conspiracy_theories_are_for_opportunists/) + - [ ] [How this can be dealt with social engineering](https://www.reddit.com/r/SocialEngineering/comments/1ibxr83/how_this_can_be_dealt_with_social_engineering/) +- The Hacker News + - [ ] [PureCrypter Deploys Agent Tesla and New TorNet Backdoor in Ongoing Cyberattacks](https://thehackernews.com/2025/01/purecrypter-deploys-agent-tesla-and-new.html) + - [ ] [OAuth Redirect Flaw in Airline Travel Integration Exposes Millions to Account Hijacking](https://thehackernews.com/2025/01/oauth-redirect-flaw-in-airline-travel.html) + - [ ] [AI SOC Analysts: Propelling SecOps into the future](https://thehackernews.com/2025/01/ai-soc-analysts-propelling-secops-into.html) + - [ ] [Ransomware Targets ESXi Systems via Stealthy SSH Tunnels for C2 Operations](https://thehackernews.com/2025/01/ransomware-targets-esxi-systems-via.html) + - [ ] [How Long Does It Take Hackers to Crack Modern Hashing Algorithms?](https://thehackernews.com/2025/01/how-long-does-it-take-hackers-to-crack.html) + - [ ] [Top-Rated Chinese AI App DeepSeek Limits Registrations Amid Cyberattacks](https://thehackernews.com/2025/01/top-rated-chinese-ai-app-deepseek.html) + - [ ] [E.U. Sanctions 3 Russian Nationals for Cyber Attacks Targeting Estonia’s Key Ministries](https://thehackernews.com/2025/01/eu-sanctions-3-russian-nationals-for.html) + - [ ] [Apple Patches Actively Exploited Zero-Day Affecting iPhones, Macs, and More](https://thehackernews.com/2025/01/apple-patches-actively-exploited-zero.html) +- Security Affairs + - [ ] [VMware fixed a flaw in Avi Load Balancer](https://securityaffairs.com/173569/security/vmware-fixed-avi-load-balancer-flaw.html) + - [ ] [Ransomware attack on ENGlobal compromised personal information](https://securityaffairs.com/173566/cyber-crime/englobal-disclosed-a-ransomware-attack.html) + - [ ] [EU announced sanctions on three members of Russia’s GRU Unit 29155](https://securityaffairs.com/173555/security/eu-sanctions-russias-gru-unit-29155.html) + - [ ] [Chinese AI platform DeepSeek faced a “large-scale” cyberattack](https://securityaffairs.com/173546/security/chinese-ai-platform-deepseek-faced-a-large-scale-cyberattack.html) +- Palo Alto Networks Blog + - [ ] [C-Suite Leaders Embrace Platformization for Security Success](https://www.paloaltonetworks.com/blog/2025/01/growing-need-cybersecurity-platformization/) +- Technical Information Security Content & Discussion + - [ ] [Single QR Code, Two Different URLs](https://www.reddit.com/r/netsec/comments/1ic8mmx/single_qr_code_two_different_urls/) + - [ ] [A Missed Opportunity: Weak Password Hashing in VxWorks 6.9 and 7](https://www.reddit.com/r/netsec/comments/1ibxbp1/a_missed_opportunity_weak_password_hashing_in/) + - [ ] [Using AiTM to phish for access- and refreshtokens](https://www.reddit.com/r/netsec/comments/1ic2mc4/using_aitm_to_phish_for_access_and_refreshtokens/) +- Instapaper: Unread + - [ ] [Exterro Launches INFORM A Ground-Breaking Global Webinar Series To Advance Digital Forensics](https://www.forensicfocus.com/news/exterro-launches-inform-a-ground-breaking-global-webinar-series-to-advance-digital-forensics/) + - [ ] [Being a tool while using a tool](https://www.hexacorn.com/blog/2025/01/25/being-a-tool-while-using-a-tool/) + - [ ] [Android's New Identity Check Feature Locks Device Settings Outside Trusted Locations](https://thehackernews.com/2025/01/androids-new-identity-check-feature.html) + - [ ] [USB Army Knife The Ultimate Close Access Penetest Tool](https://www.mobile-hacker.com/2025/01/24/usb-army-knife-the-ultimate-close-access-penetest-tool/) +- Full Disclosure + - [ ] [APPLE-SA-01-27-2025-9 Safari 18.3](https://seclists.org/fulldisclosure/2025/Jan/20) + - [ ] [APPLE-SA-01-27-2025-8 tvOS 18.3](https://seclists.org/fulldisclosure/2025/Jan/19) + - [ ] [APPLE-SA-01-27-2025-7 watchOS 11.3](https://seclists.org/fulldisclosure/2025/Jan/18) + - [ ] [APPLE-SA-01-27-2025-6 macOS Ventura 13.7.3](https://seclists.org/fulldisclosure/2025/Jan/17) + - [ ] [APPLE-SA-01-27-2025-5 macOS Sonoma 14.7.3](https://seclists.org/fulldisclosure/2025/Jan/16) + - [ ] [APPLE-SA-01-27-2025-4 macOS Sequoia 15.3](https://seclists.org/fulldisclosure/2025/Jan/15) + - [ ] [APPLE-SA-01-27-2025-3 iPadOS 17.7.4](https://seclists.org/fulldisclosure/2025/Jan/14) + - [ ] [APPLE-SA-01-27-2025-2 iOS 18.3 and iPadOS 18.3](https://seclists.org/fulldisclosure/2025/Jan/13) + - [ ] [APPLE-SA-01-27-2025-1 visionOS 2.3](https://seclists.org/fulldisclosure/2025/Jan/12) + - [ ] [AutoLib Software Systems OPAC Version.20.10 | Exposure of Sensitive Information | CVE-2024-48310](https://seclists.org/fulldisclosure/2025/Jan/11) + - [ ] [SEC Consult SA-20250127-0 :: Weak Password Hashing Algorithms in Wind River Software VxWorks RTOS](https://seclists.org/fulldisclosure/2025/Jan/10) + - [ ] [Host Header Injection - atutorv2.2.4](https://seclists.org/fulldisclosure/2025/Jan/9) + - [ ] [Reflected XSS - atutorv2.2.4](https://seclists.org/fulldisclosure/2025/Jan/8) +- Information Security + - [ ] [Alert: A recruiter tried to hack me!!](https://www.reddit.com/r/Information_Security/comments/1icazu3/alert_a_recruiter_tried_to_hack_me/) +- netsecstudents: Subreddit for students studying Network Security and its related subjects + - [ ] [WGU vs KU vs Certs, Advice](https://www.reddit.com/r/netsecstudents/comments/1ibpt0b/wgu_vs_ku_vs_certs_advice/) +- Blackhat Library: Hacking techniques and research + - [ ] [Tails/Encrypted Coms](https://www.reddit.com/r/blackhat/comments/1icc3nu/tailsencrypted_coms/) +- Computer Forensics + - [ ] [Forensic sofwtare licensing question - key fobs - sanderson sqlite, elcomsoft forensic toolkit](https://www.reddit.com/r/computerforensics/comments/1icapio/forensic_sofwtare_licensing_question_key_fobs/) + - [ ] [Where does Autopsy store my own keywords?](https://www.reddit.com/r/computerforensics/comments/1icfrt8/where_does_autopsy_store_my_own_keywords/) + - [ ] [Is this how digital forensic recovery of deleted instant messages works?](https://www.reddit.com/r/computerforensics/comments/1ibw3bh/is_this_how_digital_forensic_recovery_of_deleted/) + - [ ] [Recovering deleted messages with an FFS and unallocated space](https://www.reddit.com/r/computerforensics/comments/1ibwhuu/recovering_deleted_messages_with_an_ffs_and/) + - [ ] [MacOS hardware encrypted volume](https://www.reddit.com/r/computerforensics/comments/1ic16ij/macos_hardware_encrypted_volume/) +- Your Open Hacker Community + - [ ] [Reverse engineering Xbox One Controller USB communication protocol.](https://www.reddit.com/r/HowToHack/comments/1icc6sw/reverse_engineering_xbox_one_controller_usb/) + - [ ] [best wordlist/rules attacks for pkmid+eapol](https://www.reddit.com/r/HowToHack/comments/1iccsq1/best_wordlistrules_attacks_for_pkmideapol/) + - [ ] [Can finding /etc/passwd file of a site be counted as a vulnerability?](https://www.reddit.com/r/HowToHack/comments/1ic5gm0/can_finding_etcpasswd_file_of_a_site_be_counted/) + - [ ] [Decrypt PPPoE password from config](https://www.reddit.com/r/HowToHack/comments/1icczi6/decrypt_pppoe_password_from_config/) + - [ ] [Huawei EG8145V5 GPON router password](https://www.reddit.com/r/HowToHack/comments/1ic9c76/huawei_eg8145v5_gpon_router_password/) + - [ ] [Advanced learning](https://www.reddit.com/r/HowToHack/comments/1ibxexn/advanced_learning/) + - [ ] [Is little but consistent study enough?](https://www.reddit.com/r/HowToHack/comments/1ibq381/is_little_but_consistent_study_enough/) + - [ ] [How to get the first job?](https://www.reddit.com/r/HowToHack/comments/1ibu8nd/how_to_get_the_first_job/) + - [ ] [some questions from someone interested](https://www.reddit.com/r/HowToHack/comments/1ibtrxe/some_questions_from_someone_interested/) + - [ ] [noob questions 1:](https://www.reddit.com/r/HowToHack/comments/1ibq10e/noob_questions_1/) + - [ ] [VMWARE OR VIRTUALBOX?](https://www.reddit.com/r/HowToHack/comments/1ic2h2w/vmware_or_virtualbox/) + - [ ] [my ig account was hacked and i need to hack back into it 😭 can someone help](https://www.reddit.com/r/HowToHack/comments/1ic1izl/my_ig_account_was_hacked_and_i_need_to_hack_back/) + - [ ] [how to find people on other websites?](https://www.reddit.com/r/HowToHack/comments/1ibziyg/how_to_find_people_on_other_websites/) + - [ ] [Is there a way to recover hacked facebook account, basically I don't have any acces to that account](https://www.reddit.com/r/HowToHack/comments/1ibqxfs/is_there_a_way_to_recover_hacked_facebook_account/) + - [ ] [My parents block me from the internet](https://www.reddit.com/r/HowToHack/comments/1ibqk2x/my_parents_block_me_from_the_internet/) +- Security Weekly Podcast Network (Audio) + - [ ] [DeepSeek, AIDs, Sex Crime, Microsoft, PayPal, GetHub, Joshua Marpet and More - SWN #446](http://sites.libsyn.com/18678/deepseek-aids-sex-crime-microsoft-paypal-gethub-joshua-marpet-and-more-swn-446) + - [ ] [Security the AI SDLC - Niv Braun - ASW #315](http://sites.libsyn.com/18678/security-the-ai-sdlc-niv-braun-asw-315) +- Daniel Miessler + - [ ] [AI's Total Addressable Market](https://danielmiessler.com/blog/ai-tam) diff --git a/archive/tmp/2025-01-29.json b/archive/tmp/2025-01-29.json new file mode 100644 index 0000000000..7a52bf57fc --- /dev/null +++ b/archive/tmp/2025-01-29.json @@ -0,0 +1,403 @@ +{ + "SecWiki News": { + "SecWiki News 2025-01-28 Review": "http://www.sec-wiki.com/?2025-01-28" + }, + "CXSECURITY Database RSS Feed - CXSecurity.com": { + "SpagoBI 3.5.1 Cross Site Scripting": "https://cxsecurity.com/issue/WLB-2025010031", + "SpagoBI 3.5.1 Cross Site Request Forgery": "https://cxsecurity.com/issue/WLB-2025010030", + "AutoLib Software Systems OPAC 20.10 Secret Disclosure": "https://cxsecurity.com/issue/WLB-2025010029", + "Wind River Software VxWorks 6.9 Weak Password Hashing Algorithms": "https://cxsecurity.com/issue/WLB-2025010028", + "Netman 204 - Broken Access Control Remote command": "https://cxsecurity.com/issue/WLB-2025010027" + }, + "Doonsec's feed": { + "恭贺新春": "https://mp.weixin.qq.com/s?__biz=MzAwMTU3NTcwMg==&mid=2650274703&idx=1&sn=44bc7fedf574abdef2667a6705174f16", + "贺新春": "https://mp.weixin.qq.com/s?__biz=MzAwNTc0ODM3Nw==&mid=2247489469&idx=1&sn=8036df60009b8f327efe91e9cc6ed5db", + "工联众测平台祝大家新春快乐!": "https://mp.weixin.qq.com/s?__biz=MzkyMDMwNTkwNg==&mid=2247487233&idx=1&sn=6a23f67adae9f6cb2d9b51b3365fb957", + "DataCon祝您新春快乐,蛇年顺福!": "https://mp.weixin.qq.com/s?__biz=MzU5Njg1NzMyNw==&mid=2247489129&idx=1&sn=6b731efe82b4bfd863b8f70732c57433", + "S1uM4i 2024 年终总结": "https://mp.weixin.qq.com/s?__biz=MzkwMDY2ODc0MA==&mid=2247485321&idx=1&sn=424b19ecebbb4251cc46503a2e6bdd5e", + "无糖信息祝您2025新春快乐,蛇年大吉,巳巳如意!": "https://mp.weixin.qq.com/s?__biz=MzAxMzkzNDA1Mg==&mid=2247513943&idx=1&sn=8653479e8a4a87d52d06cad7e12a1a0f", + "宁盾祝您春节快乐!": "https://mp.weixin.qq.com/s?__biz=Mzk0MjI4MzA5MQ==&mid=2247485168&idx=1&sn=7609f006f7083b7c031ae358074fbce7", + "春节 | 鱼影信息祝您新年快乐!": "https://mp.weixin.qq.com/s?__biz=MzkyOTI4NTY4MQ==&mid=2247491120&idx=1&sn=2fe2e381833ac8c3b3cc1adacfd54608", + "烟花璀璨,辞旧迎新!": "https://mp.weixin.qq.com/s?__biz=MzIzODQxMjM2NQ==&mid=2247500314&idx=1&sn=55fd4ab5604ca218c5d6bae45dd143cc", + "情报分析大家庭拜年啦!新的一年一起加油!": "https://mp.weixin.qq.com/s?__biz=MzkwNzM0NzA5MA==&mid=2247504929&idx=1&sn=08582222431ff4fe86e1edb119fa1bd4", + "听说看过的25年都赚了一个小目标哦!": "https://mp.weixin.qq.com/s?__biz=MzU2MDE2MjU1Mw==&mid=2247486166&idx=1&sn=be18f3e264adac14e0c9c2892bb78337", + "蛇年快乐!": "https://mp.weixin.qq.com/s?__biz=MzI1Mjc3NTUwMQ==&mid=2247538520&idx=1&sn=ae2d81fefede57572c13d682b4a5c957", + "【OSCP】 Kioptrix 提权靶机(1-5)全系列教程,Try Harder!绝对干货!": "https://mp.weixin.qq.com/s?__biz=MzU2MTc4NTEyNw==&mid=2247486449&idx=1&sn=6fd14445024d20e037e1a6c2ea688cf5", + "巳巳如意,新春大吉|“工业互联网标识智库”给您拜年啦!": "https://mp.weixin.qq.com/s?__biz=MzU1OTUxNTI1NA==&mid=2247592331&idx=1&sn=da66b7b09b73ca014e2dbfbe08f98956", + "告别本地算力焦虑:使用腾讯云免费GPU部署DeepSeek-R1": "https://mp.weixin.qq.com/s?__biz=MzkzMTY0MDgzNg==&mid=2247484059&idx=1&sn=fe1155e27ce44740d6c694158f218e2d", + "零基础:从搭建DeepSeek开始": "https://mp.weixin.qq.com/s?__biz=Mzk0Mzc2MDQyMg==&mid=2247486458&idx=1&sn=69916ef3b03a1efb0dac87b22c9504cc", + "(吃瓜)神人tv之内网肉鸡": "https://mp.weixin.qq.com/s?__biz=MzkzNjczNzEyMw==&mid=2247484130&idx=1&sn=cd4d51927aca6de101fc20fc3d87f5f6", + "领红包啦!信息安全的兄弟们凭手速抢66个新春红包!!": "https://mp.weixin.qq.com/s?__biz=MzkxMDY3MzQyNQ==&mid=2247484803&idx=1&sn=67040f6a098a560ac76ad463e03849d7", + "DeepSeek崛起背后的暗流:全球AI技术博弈下的DDoS攻击": "https://mp.weixin.qq.com/s?__biz=Mzg2Nzg0NDkwMw==&mid=2247493212&idx=1&sn=d5ff49e83b16adba13a2b353720f5f6b", + "除夕夜快乐": "https://mp.weixin.qq.com/s?__biz=MzU5MTIxNzg0Ng==&mid=2247488146&idx=1&sn=cab1d455370b4497865a4ea139ed1072", + "VPC访问控制网络ACL和安全组的基本差异": "https://mp.weixin.qq.com/s?__biz=Mzg3NTUzOTg3NA==&mid=2247515079&idx=1&sn=fd21e42d301bf2176eac4331c9cdf478", + "分享图片": "https://mp.weixin.qq.com/s?__biz=Mzk0MDQzNzY5NQ==&mid=2247493210&idx=1&sn=611fcff00c148212c63d4d8c0b116ef7", + "叮咚,您有一份2024年的家书请签收": "https://mp.weixin.qq.com/s?__biz=MzUxODY3MDExMA==&mid=2247490113&idx=1&sn=f588627c92bc5fc34c5a5020b6e6f27f", + "Nil聊安全祝大家新年快乐!": "https://mp.weixin.qq.com/s?__biz=MzkyMDY4MTc2Ng==&mid=2247483970&idx=1&sn=3ff66f6fb393638fbf077038ca8af503", + "世界需要一个能谋善断的AI(一)序章:被低估的“决策”革命!": "https://mp.weixin.qq.com/s?__biz=MzAxOTk3NTg5OQ==&mid=2247492270&idx=1&sn=1f2c860bb229ccdddaa36e1798ee31b2", + "【CS单兵后渗透插件v1.0】| OpSec 标准下的红队武器化": "https://mp.weixin.qq.com/s?__biz=Mzk1NzM5MTI2Mg==&mid=2247484412&idx=1&sn=f7e81d418014efc190a265ea5b403424", + "祝大家蛇年快乐": "https://mp.weixin.qq.com/s?__biz=MzU4NDY3MTk2NQ==&mid=2247491063&idx=1&sn=1a207ea9a1bf6793f778b14c866699e3", + "蛇年吉祥 | EasyTools工具箱v1.0.2新春更新": "https://mp.weixin.qq.com/s?__biz=MzkxNDYxMTc0Mg==&mid=2247484211&idx=1&sn=867b0a122b938721b7056648bed208b6", + "网安人如何向相亲对象介绍自己的职业": "https://mp.weixin.qq.com/s?__biz=MzIxMTg1ODAwNw==&mid=2247500533&idx=1&sn=f881bd74fcc4daf798426ead967a262c", + "OpenAI o1 模型预部署评估报告": "https://mp.weixin.qq.com/s?__biz=MjM5OTk4MDE2MA==&mid=2655264819&idx=1&sn=9bcbf9176ffca6c01ab6af00e300c1bd", + "【2025-01-28】黑客新闻摘要": "https://mp.weixin.qq.com/s?__biz=MzIzNDU5NTI4OQ==&mid=2247488369&idx=1&sn=6bb8a56600deaec9050fa3fa2af8c1d4", + "新春献词:网络安全守护数字文明的星河": "https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485474&idx=1&sn=8985a87527422d08033ec138eb8aff86", + "【干货原创】实网攻防演习常态化,会带来什么变化01": "https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485474&idx=4&sn=39cc23fe07830e4d7472358278971dd2", + "【干货原创】K12教育,鲜为人知的模式秘密": "https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485474&idx=5&sn=6ece66b859b3c838d887e890ab1347d3", + "原创文章目录": "https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485474&idx=6&sn=ddf654295edecd57791b7ff56275a624", + "T00ls给您拜年了,祝福大家2025新春快乐,蛇行智敏,万事皆成": "https://mp.weixin.qq.com/s?__biz=Mzg3NzYzODU5NQ==&mid=2247484913&idx=1&sn=c0718fb9edf9d2d38143583821a8a591", + "【云安全】云原生-K8S-搭建/安装/部署": "https://mp.weixin.qq.com/s?__biz=MzUyNTUyNTA5OQ==&mid=2247484782&idx=1&sn=e915e38783585176822fe7d83b1fac60", + "祝您新春吉祥": "https://mp.weixin.qq.com/s?__biz=Mzg4NzQ4MzA4Ng==&mid=2247485197&idx=1&sn=74ff9efe9a5ed4a7fbed4390af5b1a1d", + "蛇年新春喜气扬,家家户户乐洋洋!": "https://mp.weixin.qq.com/s?__biz=MzkzNTQzNTQzMQ==&mid=2247485353&idx=1&sn=c301e027660b56065be82c4eefcac09e", + "新年快乐!": "https://mp.weixin.qq.com/s?__biz=MzkyNTYxNDAwNQ==&mid=2247484502&idx=1&sn=fd6b131b1b080ae8e1c09f3983db4ad6", + "新春快乐,红包和限时半价都来啦": "https://mp.weixin.qq.com/s?__biz=Mzg2ODYxMzY3OQ==&mid=2247518332&idx=1&sn=a99dc2d16ee867d81dc1fb6d6d585fd5", + "0day 挖到手软,403 到 getshell": "https://mp.weixin.qq.com/s?__biz=MzIzMTIzNTM0MA==&mid=2247496966&idx=1&sn=c49dbe1213cb5a1afa836901e2c13038", + "新年快乐,蛇年大吉!!!": "https://mp.weixin.qq.com/s?__biz=MzUxNzg5MzM2Mg==&mid=2247487122&idx=1&sn=c744712cc396636e805c16c6d2c21f7b", + "新年抽奖-大凉山草莓三份": "https://mp.weixin.qq.com/s?__biz=Mzg2NDcwNjkzNw==&mid=2247487188&idx=1&sn=732db3a8ebd2e623d7d32c09dde7ce79", + "入选T00ls第十二届年度(2024)人物风云榜!感谢各位支持与鼓励!": "https://mp.weixin.qq.com/s?__biz=MzI5MzkwMzU1Nw==&mid=2247485230&idx=1&sn=b380678520b0ffa5a3c4fadac7defb4b", + "【2025】除夕快乐": "https://mp.weixin.qq.com/s?__biz=MzUwOTc3MTQyNg==&mid=2247491380&idx=1&sn=e4ad3b1ba59ba53e292ebe50ded8ff0f", + "灵蛇纳福,恭贺新春!": "https://mp.weixin.qq.com/s?__biz=MzIwMzI1MDg2Mg==&mid=2649945158&idx=1&sn=fecbe5d3b883ca7ec2240ef098769058", + "后渗透:文件传输指南": "https://mp.weixin.qq.com/s?__biz=MzkzNTYwMTk4Mw==&mid=2247488230&idx=1&sn=1c55c9eec57e987f73284321529d275c", + "AI-小肥羊新年贺词!": "https://mp.weixin.qq.com/s?__biz=Mzg5NjY4NDg1Nw==&mid=2247483918&idx=1&sn=3f545e8664083850f43da076087b61cc", + "【独眼情报2024绝密快报】": "https://mp.weixin.qq.com/s?__biz=MzkzNDIzNDUxOQ==&mid=2247494555&idx=1&sn=969df31b7b7f94e3e460d87d9d8d341b", + "美国政府称朝鲜去年窃取了价值超过 6.59 亿美元的加密货币": "https://mp.weixin.qq.com/s?__biz=Mzg3ODY0NTczMA==&mid=2247492125&idx=1&sn=7831811d7848487a4532874c5c321c95", + "r3kapig祝大家蛇年大吉": "https://mp.weixin.qq.com/s?__biz=MzI2MDE4MzkzMQ==&mid=2247484582&idx=1&sn=2edb58b7afc32298d84146c8a8590832", + "蛇年大吉 | 记得看到最后,你想不到的,边搞居然还能领福利,爽到跳起来": "https://mp.weixin.qq.com/s?__biz=Mzk0NzQxNzY2OQ==&mid=2247488117&idx=1&sn=7c87ec70661c577345d5f2cfc07ba224", + "整车测试:网络安全认证的灵丹妙药?": "https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247620223&idx=1&sn=4468d3513fec7d2ef881a5dd49cd3e04", + "引入新汽车产品设计的隐私要求和设计规范,以及对当前汽车隐私标准化的影响": "https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247620223&idx=2&sn=934de7b41be8cbb1d5dd42e833f1e0ec", + "在产品开发阶段使用公共弱点仿真的弱点分析方法": "https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247620223&idx=3&sn=ad2fb08375329c47e67f7ce86ed26cc0", + "【年末总结&抽奖】技术是上天送给穷孩子最好的礼物!": "https://mp.weixin.qq.com/s?__biz=MzkxNjQyODY5MA==&mid=2247487024&idx=1&sn=a62224588a6e2dd62693f3862794a78d", + "我不允许有人不用这么牛掰的AI": "https://mp.weixin.qq.com/s?__biz=MzkyOTQ4NTc3Nw==&mid=2247485473&idx=1&sn=9e94b35fd3ca3b6b77f33b632f82d312", + "祝福各位网安人除夕快乐!": "https://mp.weixin.qq.com/s?__biz=MzU2NDY2OTU4Nw==&mid=2247518500&idx=1&sn=77a990ec3405490f248537f3bb52f457", + "新年快乐🎉": "https://mp.weixin.qq.com/s?__biz=MzIwOTMzMzY0Ng==&mid=2247487850&idx=1&sn=e60c50cf6c14e46300498d583f660e12", + "2025年最全除夕祝福语 欢欢喜喜过除夕,和和美美又一年!": "https://mp.weixin.qq.com/s?__biz=MzIwNDYzNTYxNQ==&mid=2247502590&idx=1&sn=077b679c799ba964711d4d006052ba58", + "²⁰²⁵/₀₁.₂₈除夕夜朋友圈文案配图,高级感绝了,总有一款适合你!": "https://mp.weixin.qq.com/s?__biz=MzIwNDYzNTYxNQ==&mid=2247502590&idx=2&sn=73466049a019cbaa3238bafce30ec360", + "龙腾蛇舞迎新春,福运连连贺新年!": "https://mp.weixin.qq.com/s?__biz=MzA4NTY4MjAyMQ==&mid=2447900161&idx=1&sn=76bd5fe5be0b14e0a14eed056c1f31b1", + "2025 新年大吉!!!": "https://mp.weixin.qq.com/s?__biz=MzU1NTYxMjA5MA==&mid=2247505231&idx=1&sn=fc04df3a3e6f0360f375c5eb8edf9620", + "恭祝大家福绕蛇年,多財多亿!": "https://mp.weixin.qq.com/s?__biz=MzkyODYwODkyMA==&mid=2247485022&idx=1&sn=d3c1484e603f14b371fde5d6ac39a9df", + "IDA技巧(105)自定义基址的偏移量": "https://mp.weixin.qq.com/s?__biz=MzI1Mjk2MTM1OQ==&mid=2247485302&idx=1&sn=1a2fc3df35199bb3a2496fa7a2f7e386", + "收藏 | dotNet安全矩阵 2024 年度外网入口打点阶段文章和工具汇总": "https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498517&idx=1&sn=ca095104967396843e7a5274e01b8e1e", + "国内最专业、最全面的 [ .NET 代码审计 ] 体系化学习交流社区": "https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498517&idx=2&sn=b0fb228f6cafa443177863062d84f824", + "收藏 | dotNet 安全矩阵团队2024年度内网横向移动阶段文章和工具汇总": "https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498517&idx=3&sn=522289e0fc1f8349b7367d905bba86b9", + "朱厌安全在这里祝大家新年快乐啦!": "https://mp.weixin.qq.com/s?__biz=Mzg4Njg3MDk5Ng==&mid=2247486849&idx=1&sn=fb5c009168582de268af009c587dc846", + "奇安信给您拜年了!": "https://mp.weixin.qq.com/s?__biz=MzU0NDk0NTAwMw==&mid=2247624759&idx=1&sn=325c1eab223d2d0fc8135016385d6ebc" + }, + "Tenable Blog": { + "What Makes This “Data Privacy Day” Different?": "https://www.tenable.com/blog/what-makes-this-data-privacy-day-different" + }, + "Security Boulevard": { + "Reverse engineering your test data: It’s not as safe as you think it is": "https://securityboulevard.com/2025/01/reverse-engineering-your-test-data-its-not-as-safe-as-you-think-it-is/", + "What is the role of data synthesis in my CI/CD pipeline, anyway?": "https://securityboulevard.com/2025/01/what-is-the-role-of-data-synthesis-in-my-ci-cd-pipeline-anyway/", + "DeepSeek: The Silent AI Takeover That Could Cripple Markets and Fuel China’s Cyberwarfare": "https://securityboulevard.com/2025/01/deepseek-the-silent-ai-takeover-that-could-cripple-markets-and-fuel-chinas-cyberwarfare/", + "DEF CON 32 – Top War Stories From A TryHard Bug Bounty Hunter": "https://securityboulevard.com/2025/01/def-con-32-top-war-stories-from-a-tryhard-bug-bounty-hunter/", + "AI is a double-edged sword: Why you need new controls to manage risk": "https://securityboulevard.com/2025/01/ai-is-a-double-edged-sword-why-you-need-new-controls-to-manage-risk/", + "Prioritizing Cybersecurity Findings Exception and Issues in Risk Management": "https://securityboulevard.com/2025/01/prioritizing-cybersecurity-findings-exception-and-issues-in-risk-management/", + "Comic Agilé – Luxshan Ratnaravi, Mikkel Noe-Nygaard – #321 – Use Jira": "https://securityboulevard.com/2025/01/comic-agile-luxshan-ratnaravi-mikkel-noe-nygaard-321-use-jira/", + "The Halliburton Cyberattack: A $35M Wake-Up Call": "https://securityboulevard.com/2025/01/the-halliburton-cyberattack-a-35m-wake-up-call/", + "Complete Guide to AI Tokens: Understanding, Optimization, and Cost Management": "https://securityboulevard.com/2025/01/complete-guide-to-ai-tokens-understanding-optimization-and-cost-management/", + "DEF CON 32 – Travel Better Expedient Digital Defense": "https://securityboulevard.com/2025/01/def-con-32-travel-better-expedient-digital-defense/" + }, + "Private Feed for M09Ic": { + "mgeeky starred mcmilk/7-Zip-zstd": "https://github.com/mcmilk/7-Zip-zstd", + "xpn starred dreadnode/cli": "https://github.com/dreadnode/cli", + "killeven starred deepseek-ai/DeepSeek-V3": "https://github.com/deepseek-ai/DeepSeek-V3", + "mgeeky starred LLVMParty/LLVMCMakeTemplate": "https://github.com/LLVMParty/LLVMCMakeTemplate", + "mgeeky starred Adaptix-Framework/AdaptixC2": "https://github.com/Adaptix-Framework/AdaptixC2", + "CHYbeta starred deepseek-ai/awesome-deepseek-integration": "https://github.com/deepseek-ai/awesome-deepseek-integration", + "safedv starred racoten/BetterNetLoader": "https://github.com/racoten/BetterNetLoader", + "safedv starred NoahKirchner/speedloader": "https://github.com/NoahKirchner/speedloader" + }, + "Sucuri Blog": { + "Sucuri WAF Now Supports HTTP/3: A Faster and More Secure Web Experience": "https://blog.sucuri.net/2025/01/sucuri-waf-now-supports-http-3-a-faster-and-more-secure-web-experience.html" + }, + "一个被知识诅咒的人": { + "Python中的asyncio:高效的异步编程模型": "https://blog.csdn.net/nokiaguy/article/details/145386296", + "【人工智能】基于Python的机器翻译系统,从RNN到Transformer的演进与实现": "https://blog.csdn.net/nokiaguy/article/details/145386286" + }, + "obaby@mars": { + "祝大家新年快乐": "https://h4ck.org.cn/2025/01/19056" + }, + "Swing'Blog 浮生若梦": { + "CVE-2025-0282 Ivanti Connect Secure VPN 栈溢出漏洞分析": "https://bestwing.me/CVE-2025-0282-Ivanti-Connect-Secure-VPN-stack-overflow.html" + }, + "Recent Commits to cve:main": { + "Update Tue Jan 28 20:20:38 UTC 2025": "https://github.com/trickest/cve/commit/84532ae2b8e9faef03daab62637fea93055c5f46", + "Update Tue Jan 28 12:25:27 UTC 2025": "https://github.com/trickest/cve/commit/046dff1f309416991e0350c5de230e05922e6962", + "Update Tue Jan 28 04:25:42 UTC 2025": "https://github.com/trickest/cve/commit/1973cb584ac5acc9fa6a12b9f74e3c5ab7bf2429" + }, + "GuidePoint Security": { + "GRIT 2025 Report: Post-Compromise Detection Strategies": "https://www.guidepointsecurity.com/blog/grit-2025-report-post-compromise-detection-strategies/" + }, + "Hacking Dream": { + "Running DeepSeek AI Locally on your PC/Laptop": "https://www.hackingdream.net/2025/01/running-deepseek-ai-locally-on-your-pc-laptop.html" + }, + "Horizon3.ai": { + "Top 150 Cybersecurity Vendors 2025": "https://cyber150.com/#new_tab", + "Building Cyber Resilience Across a Distributed Network": "https://www.horizon3.ai/customer-story/building-cyber-resilience-across-a-distributed-network/" + }, + "Malware-Traffic-Analysis.net - Blog Entries": { + "2025-01-23: Fake installer leads to Koi Loader/Koi Stealer": "https://www.malware-traffic-analysis.net/2025/01/23/index.html" + }, + "Trail of Bits Blog": { + "Best practices for key derivation": "https://blog.trailofbits.com/2025/01/28/best-practices-for-key-derivation/" + }, + "VMRay": { + "From analysis to action: Enhancing government threat models with malware insights": "https://www.vmray.com/from-analysis-to-action-enhancing-government-threat-models-with-malware-insights/" + }, + "PortSwigger Research": { + "Bypassing character blocklists with unicode overflows": "https://portswigger.net/research/bypassing-character-blocklists-with-unicode-overflows" + }, + "PortSwigger Blog": { + "The complexities of scaling AppSec teams and how to address them in 2025": "https://portswigger.net/blog/the-complexities-of-scaling-appsec-teams-and-how-to-address-them-in-2025" + }, + "Reverse Engineering": { + "Malimite is an iOS and macOS decompiler": "https://www.reddit.com/r/ReverseEngineering/comments/1icg0we/malimite_is_an_ios_and_macos_decompiler/", + "Data Speculation Attacks on Apple Silicon": "https://www.reddit.com/r/ReverseEngineering/comments/1icfpij/data_speculation_attacks_on_apple_silicon/" + }, + "Malwarebytes": { + "Apple users: Update your devices now to patch zero-day vulnerability": "https://www.malwarebytes.com/blog/news/2025/01/apple-users-update-your-devices-now-to-patch-zero-day-vulnerability" + }, + "FreeBuf网络安全行业门户": { + "勒索软件利用隐秘SSH隧道攻击ESXi系统,实现C2通信": "https://www.freebuf.com/articles/system/420939.html" + }, + "奇客Solidot–传递最新科技情报": { + "研究估计到 2100 年欧洲高温死亡人数增加五成": "https://www.solidot.org/story?sid=80443", + "Google 开源 Pebble 智能手表操作系统": "https://www.solidot.org/story?sid=80442", + "用开源方法复现 DeepSeek-R1": "https://www.solidot.org/story?sid=80441" + }, + "Shostack & Friends Blog": { + "National Cyber Incident Response Plan comments": "https://shostack.org/blog/national-cyber-incident-response-plan/" + }, + "安全分析与研究": { + "安全分析与研究新年优惠活动": "https://mp.weixin.qq.com/s?__biz=MzA4ODEyODA3MQ==&mid=2247490214&idx=1&sn=238b595f99800c4991ac3e031a617c7f&chksm=902fb58ea7583c98e9ddb14df7809c329edb32cc5712822a43578e6f6d1d7144cf1fecb0f797&scene=58&subscene=0#rd" + }, + "锦行科技": { + "除夕 | 团圆守岁": "https://mp.weixin.qq.com/s?__biz=MzIxNTQxMjQyNg==&mid=2247493739&idx=1&sn=c40ba2e100570ac69b06d868d4c023f6&chksm=979a13cea0ed9ad88be1125eaf8a6b2f2cc605dcebf820f7bf4e02f16087b4630e41bd06eee1&scene=58&subscene=0#rd" + }, + "白帽100安全攻防实验室": { + "白帽一百祝大家除夕快乐 | 文末抽奖": "https://mp.weixin.qq.com/s?__biz=MzIxMDYyNTk3Nw==&mid=2247515161&idx=1&sn=3f2f882686de333d655eeacd52bf2dbc&chksm=976348cfa014c1d9acaa8e7c59f8871624f6a60fec4938f95bbdc95a0b04832cd0194bcbd553&scene=58&subscene=0#rd" + }, + "吾爱破解论坛": { + "分享图片": "https://mp.weixin.qq.com/s?__biz=MjM5Mjc3MDM2Mw==&mid=2651141650&idx=1&sn=e3110752e4ffe937f324f685970f7f7d&chksm=bd50a6468a272f5024154f18471dea1e90fd56dcda584cb19983130a4ae5445176d483274784&scene=58&subscene=0#rd" + }, + "红日安全": { + "除夕夜,合家团圆,红日安全携手共迎新春!🎆🌟 新的一年,愿与您一起守护数字世界,开启更加稳固的商业未来!💼🔐": "https://mp.weixin.qq.com/s?__biz=MzI4NjEyMDk0MA==&mid=2649851758&idx=1&sn=9e7fdd47524e28eb38189eecd4f8e494&chksm=f3e4e9edc49360fb9800add526de22a3005efd022ab9b8ffc02527465e0b464ca3fe928a508f&scene=58&subscene=0#rd" + }, + "安全内参": { + "突发!DeepSeek遭大规模恶意攻击": "https://mp.weixin.qq.com/s?__biz=MzI4NDY2MDMwMw==&mid=2247513606&idx=1&sn=c00cf1c71328532ab314b816e276ebd8&chksm=ebfaf126dc8d783046da2e5424c76d7fb9ec3cd85676d2e93c5db7a7af817293fe531ec3a044&scene=58&subscene=0#rd" + }, + "信息安全国家工程研究中心": { + "恭贺新禧 | 瑞彩盈春盛景长,工程中心祝您新春快乐!": "https://mp.weixin.qq.com/s?__biz=MzU5OTQ0NzY3Ng==&mid=2247498792&idx=1&sn=f277f20331e69c40ad775f29da0c8ede&chksm=feb67d3bc9c1f42d897ea4e78ac53000b52ae91a3fd33eb8f1b0e68b43ff243b3cff482f57b3&scene=58&subscene=0#rd" + }, + "网络空间安全科学学报": { + "《网络空间安全科学学报》恭祝大家新春快乐!": "https://mp.weixin.qq.com/s?__biz=MzI0NjU2NDMwNQ==&mid=2247504687&idx=1&sn=e024501dcdf71e762898408c4b021501&chksm=e9bfc791dec84e879b034e32ac4b8585ab5f79c72506da72eaff60ed33de62c7fd3d5be74c8a&scene=58&subscene=0#rd" + }, + "中国信息安全": { + "金蛇纳福 | 除夕大年夜,网安贺新春!": "https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235910&idx=1&sn=b0672a4323005a47b990decd5489b9b5&chksm=8b58017fbc2f8869dc12d3eae6576f3996fab46384314e421819881ab158af09ec2c9ea1ee11&scene=58&subscene=0#rd", + "辞旧迎新 喜迎蛇年": "https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235910&idx=2&sn=04f7502a3c21d8e0ff68a1afbaa3d271&chksm=8b58017fbc2f8869535c224bbbdf7616c84b7648d3af144e7f8839482f4da6c7a4abe07532e1&scene=58&subscene=0#rd" + }, + "微步在线": { + "祝大家新春快乐!": "https://mp.weixin.qq.com/s?__biz=MzI5NjA0NjI5MQ==&mid=2650183108&idx=1&sn=6beef11e4a6096c49c2cbe62b5fc19f6&chksm=f4486e78c33fe76e204f182d703c408d91c0b83853b30f7fe82e9a7bdc9957c63234d0ac5360&scene=58&subscene=0#rd" + }, + "极客公园": { + "Deepseek又出连招:刚发布了超越DALL-E3的多模态模型": "https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653072968&idx=1&sn=11cc8c1298740ae6a406e012a43af24b&chksm=7e57d3fe49205ae8324716001201a49174026b129e73e59beac316ff24b099213446e9c145a7&scene=58&subscene=0#rd", + "DeepSeek 深夜再放大招;迅雷将以 5 亿元人民币收购虎扑;华尔街押注特斯拉销量不达预期 | 极客早知道": "https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653072955&idx=1&sn=9914ed1021f98e7210793dde585b5219&chksm=7e57d38d49205a9bcb04929242ff2f15dc88cabd8e2a5bd653c4c6d4acf7be07b1ac43ed3df5&scene=58&subscene=0#rd" + }, + "渊龙Sec安全团队": { + "红包来袭~渊龙Sec安全团队给您拜年啦!": "https://mp.weixin.qq.com/s?__biz=Mzg4NTY0MDg1Mg==&mid=2247485646&idx=1&sn=3d22f63d3e8153286e1ae1195bcac411&chksm=cfa49335f8d31a236cd0fa26b68b4def16aa1290c8b9518cab594a009d47ad6b8de4d578409e&scene=58&subscene=0#rd" + }, + "纽创信安": { + "岁序更新 金蛇献瑞 | 纽创信安恭祝大家新春快乐!": "https://mp.weixin.qq.com/s?__biz=MzAwNTczMjAzMg==&mid=2650239321&idx=1&sn=8ad3d5a84549a685cce1bf2131792ab5&chksm=831bf2f6b46c7be0a039fddda0d494b7ada4f31312f5439d5db0d7f12999b266967c88677bc4&scene=58&subscene=0#rd" + }, + "360数字安全": { + "除夕团圆 蛇年大吉": "https://mp.weixin.qq.com/s?__biz=MzA4MTg0MDQ4Nw==&mid=2247579255&idx=1&sn=0a04f442f719d80d0c02c0c756e5d97d&chksm=9f8d267fa8faaf6924f7c8ad2770d1096f234af45121b44e32d356c4927307496d4b4d06fb01&scene=58&subscene=0#rd" + }, + "Over Security - Cybersecurity news aggregator": { + "Sucuri WAF Now Supports HTTP/3: A Faster and More Secure Web Experience": "https://blog.sucuri.net/2025/01/sucuri-waf-now-supports-http-3-a-faster-and-more-secure-web-experience.html", + "Unmasking FleshStealer: A New Infostealer Threat in 2025": "https://flashpoint.io/blog/fleshstealer-infostealer-threat-2025/", + "Hackers exploiting flaws in SimpleHelp RMM to breach networks": "https://www.bleepingcomputer.com/news/security/hackers-exploiting-flaws-in-simplehelp-rmm-to-breach-networks/", + "Google to kill Chrome Sync on older Chrome browser versions": "https://www.bleepingcomputer.com/news/google/google-to-kill-chrome-sync-on-older-chrome-browser-versions/", + "Prosecutors say they can’t obtain murder conviction after judge throws out evidence from facial recognition match": "https://therecord.media/prosecutors-cant-obtain-murder-conviction-after-judge-throws-out-facial-recognition-evidence", + "Kali Linux On The New Modern WSL": "https://www.kali.org/blog/kali-linux-modern-wsl/", + "Ransomware attack kept major energy industry contractor out of some systems for 6 weeks": "https://therecord.media/englobal-ransomware-attack-six-weeks-disruption", + "Garmin GPS watches crashing, stuck in triangle 'reboot loop'": "https://www.bleepingcomputer.com/news/technology/garmin-gps-watches-crashing-stuck-in-triangle-reboot-loop/", + "New Apple CPU side-channel attacks steals data from browsers": "https://www.bleepingcomputer.com/news/security/new-apple-cpu-side-channel-attack-steals-data-from-browsers/", + "Engineering giant Smiths Group discloses security breach": "https://www.bleepingcomputer.com/news/security/engineering-giant-smiths-group-discloses-security-breach/", + "Apple fixes zero-day flaw affecting all devices": "https://techcrunch.com/2025/01/28/apple-fixes-zero-day-flaw-affecting-all-devices/", + "Signal will let you sync old messages when linking new devices": "https://www.bleepingcomputer.com/news/security/signal-will-let-you-sync-old-messages-when-linking-new-devices/", + "EU sanctions Russian intelligence personnel for cyberattacks against Estonia": "https://therecord.media/eu-sanctions-gru-personnel-cyberattack-estonia", + "What's Yours is Mine: Is Your Business Ready for Cryptojacking Attacks?": "https://www.bleepingcomputer.com/news/security/whats-yours-is-mine-is-your-business-ready-for-cryptojacking-attacks/", + "PowerSchool starts notifying victims of massive data breach": "https://www.bleepingcomputer.com/news/security/powerschool-starts-notifying-victims-of-massive-data-breach/", + "Texas utility firm investigating potential leak of customer data tied to 2023 MOVEit breach": "https://therecord.media/texas-utility-firm-investigating-potential-data-leak-moveit-breach", + "Microsoft tests Edge Scareware Blocker to block tech support scams": "https://www.bleepingcomputer.com/news/microsoft/microsoft-tests-edge-scareware-blocker-to-block-tech-support-scams/", + "I ransomware contro le appliance ESXi sfruttano il tunneling SSH per la persistenza": "https://www.securityinfo.it/2025/01/28/i-ransomware-contro-le-appliance-esxi-sfruttano-il-tunneling-ssh-per-la-persistenza/", + "BloodHound Community Edition Custom Queries": "https://blog.compass-security.com/2025/01/bloodhound-community-edition-custom-queries/", + "Critical Vulnerabilities in Node.js Expose Systems to Remote Attacks": "https://cyble.com/blog/critical-vulnerabilities-in-node-js-expose-systems/", + "How ANY.RUN Helps Healthcare Organizations Against Ransomware: Interlock Case Study": "https://any.run/cybersecurity-blog/interlock-ransomware-attack-analysis/", + "New TorNet backdoor seen in widespread campaign": "https://blog.talosintelligence.com/new-tornet-backdoor-campaign/", + "HeatGames - 647,896 breached accounts": "https://haveibeenpwned.com/PwnedWebsites#HeatGames", + "phpMyAdmin 5.2.2 Addresses Critical XSS and Library Vulnerabilities": "https://cyble.com/blog/phpmyadmin-5-2-2-addresses-critical-xss-and-library/", + "Doxbin Scrape - 435,784 breached accounts": "https://haveibeenpwned.com/PwnedWebsites#DoxbinScrape", + "A Tumultuous Week for Federal Cybersecurity Efforts": "https://krebsonsecurity.com/2025/01/a-tumultuous-week-for-federal-cybersecurity-efforts/" + }, + "山石网科安全技术研究院": { + "除夕到,喜气绕,家家团圆乐逍遥!": "https://mp.weixin.qq.com/s?__biz=MzUzMDUxNTE1Mw==&mid=2247510299&idx=1&sn=e07f4498e637187f6603f941448a5e71&chksm=fa527ca5cd25f5b36ae7505447b8bda768e86084936228fe43918ce274acfa3d23c2fb7f0a1c&scene=58&subscene=0#rd" + }, + "Qualys Security Blog": { + "Securing AI Innovation: Enterprise Strategies for LLM and Generative AI Security": "https://blog.qualys.com/category/product-tech" + }, + "Krypt3ia": { + "Krypt3ia Daily Cyber Threat Intelligence (CTI) Digest": "https://krypt3ia.wordpress.com/2025/01/28/krypt3ia-daily-cyber-threat-intelligence-cti-digest-4/" + }, + "bellingcat": { + "Faking It: Deepfake Porn Site’s Link to Tech Companies": "https://www.bellingcat.com/news/uk-and-europe/2025/01/28/deepfake-porn-sites-link-to-tech-companies/" + }, + "娜璋AI安全之家": { + "[AI安全论文] (37)CCS21 DeepAID:基于深度学习的异常检测(解释)": "https://mp.weixin.qq.com/s?__biz=Mzg5MTM5ODU2Mg==&mid=2247501274&idx=1&sn=66f331dcd21faf0af18d06e3f0efd75a&chksm=cfcf7517f8b8fc01a40567b8eba774d42edbb3f9fbac3a602848850fc7388186c7e1d3e5aefe&scene=58&subscene=0#rd" + }, + "T00ls安全": { + "T00ls给您拜年了,祝福大家2025新春快乐,蛇行智敏,万事皆成": "https://mp.weixin.qq.com/s?__biz=Mzg3NzYzODU5NQ==&mid=2247484913&idx=1&sn=c0718fb9edf9d2d38143583821a8a591&chksm=cf1ea35df8692a4b0e85b1e99543e79ce895ddc90e98811c9da8eb822d6256dfe62c7c83fb6d&scene=58&subscene=0#rd" + }, + "Securityinfo.it": { + "I ransomware contro le appliance ESXi sfruttano il tunneling SSH per la persistenza": "https://www.securityinfo.it/2025/01/28/i-ransomware-contro-le-appliance-esxi-sfruttano-il-tunneling-ssh-per-la-persistenza/?utm_source=rss&utm_medium=rss&utm_campaign=i-ransomware-contro-le-appliance-esxi-sfruttano-il-tunneling-ssh-per-la-persistenza" + }, + "SANS Internet Storm Center, InfoCON: green": { + "Fileless Python InfoStealer Targeting Exodus, (Tue, Jan 28th)": "https://isc.sans.edu/diary/rss/31630", + "ISC Stormcast For Tuesday, January 28th, 2025 https://isc.sans.edu/podcastdetail/9298, (Tue, Jan 28th)": "https://isc.sans.edu/diary/rss/31628" + }, + "Hacking Exposed Computer Forensics Blog": { + "Daily Blog #731: Accessing multiple shadow copies at once with AIM": "https://www.hecfblog.com/2025/01/daily-blog-731-accessing-multiple.html" + }, + "Have I Been Pwned latest breaches": { + "HeatGames - 647,896 breached accounts": "https://haveibeenpwned.com/PwnedWebsites#HeatGames", + "Doxbin Scrape - 435,784 breached accounts": "https://haveibeenpwned.com/PwnedWebsites#DoxbinScrape" + }, + "迪哥讲事": { + "0day 挖到手软,403 到 getshell": "https://mp.weixin.qq.com/s?__biz=MzIzMTIzNTM0MA==&mid=2247496966&idx=1&sn=c49dbe1213cb5a1afa836901e2c13038&chksm=e8a5ff65dfd27673a9c0d7fdd99094847b291a7b8434f16f408af60943322f7ba539d1f82082&scene=58&subscene=0#rd" + }, + "Schneier on Security": { + "CISA Under Trump": "https://www.schneier.com/blog/archives/2025/01/cisa-under-trump.html" + }, + "Kali Linux": { + "Kali Linux On The New Modern WSL": "https://www.kali.org/blog/kali-linux-modern-wsl/" + }, + "ICT Security Magazine": { + "Generative Artificial Intelligence (GenAI): Analisi completa di rischi, sicurezza e governance dei sistemi AI": "https://www.ictsecuritymagazine.com/articoli/genai/", + "Fast Data: l’evoluzione dei Big Data verso l’Analisi in Tempo Reale": "https://www.ictsecuritymagazine.com/articoli/fast-data-big-data/" + }, + "The Register - Security": { + "Baguette bandits strike again with ransomware and a side of mockery": "https://go.theregister.com/feed/www.theregister.com/2025/01/28/baguettes_bandits_strike_again/", + "Protecting AWS environments from cyberthreats": "https://go.theregister.com/feed/www.theregister.com/2025/01/28/protecting_aws_environments_from_cyberthreats/", + "Security pros more confident about fending off ransomware, despite being battered by attacks": "https://go.theregister.com/feed/www.theregister.com/2025/01/28/research_security_pros_gain_ransomware/", + "Apple plugs security hole in its iThings that's already been exploited in iOS": "https://go.theregister.com/feed/www.theregister.com/2025/01/28/apple_cve_2025_24085/" + }, + "Graham Cluley": { + "The AI Fix #35: Project Stargate, the AI emergency, and batsh*t AI cryonics": "https://grahamcluley.com/the-ai-fix-35/" + }, + "TorrentFreak": { + "Nintendo Piracy Lawsuit Defendant Makes Dire Situation Even Worse": "https://torrentfreak.com/nintendo-piracy-lawsuit-defendant-makes-dire-situation-even-worse-250128/", + "LLM Taken Down Following Legal Pressure from Anti-Piracy Group": "https://torrentfreak.com/llm-taken-down-following-legal-pressure-from-anti-piracy-group-250128/" + }, + "Deeplinks": { + "EFF to State AGs: Time to Investigate Crisis Pregnancy Centers": "https://www.eff.org/deeplinks/2025/01/eff-state-ags-time-investigate-crisis-pregnancy-centers", + "What Proponents of Digital Replica Laws Can Learn from the Digital Millennium Copyright Act": "https://www.eff.org/deeplinks/2025/01/what-proponents-digital-replica-laws-can-learn-digital-millennium-copyright-act", + "California Law Enforcement Misused State Databases More Than 7,000 Times in 2023": "https://www.eff.org/deeplinks/2025/01/california-police-misused-state-databases-more-7000-times-2023", + "Don't Make Copyright Law in Smoke-Filled Rooms": "https://www.eff.org/deeplinks/2025/01/dont-make-copyright-law-smoke-filled-rooms" + }, + "Deep Web": { + "How common was this?": "https://www.reddit.com/r/deepweb/comments/1ic3t3w/how_common_was_this/" + }, + "Krebs on Security": { + "A Tumultuous Week for Federal Cybersecurity Efforts": "https://krebsonsecurity.com/2025/01/a-tumultuous-week-for-federal-cybersecurity-efforts/" + }, + "Social Engineering": { + "How to avoid telling people my age.": "https://www.reddit.com/r/SocialEngineering/comments/1ibtmw0/how_to_avoid_telling_people_my_age/", + "Conspiracy Theories are for Opportunists": "https://www.reddit.com/r/SocialEngineering/comments/1ic9i2a/conspiracy_theories_are_for_opportunists/", + "How this can be dealt with social engineering": "https://www.reddit.com/r/SocialEngineering/comments/1ibxr83/how_this_can_be_dealt_with_social_engineering/" + }, + "The Hacker News": { + "PureCrypter Deploys Agent Tesla and New TorNet Backdoor in Ongoing Cyberattacks": "https://thehackernews.com/2025/01/purecrypter-deploys-agent-tesla-and-new.html", + "OAuth Redirect Flaw in Airline Travel Integration Exposes Millions to Account Hijacking": "https://thehackernews.com/2025/01/oauth-redirect-flaw-in-airline-travel.html", + "AI SOC Analysts: Propelling SecOps into the future": "https://thehackernews.com/2025/01/ai-soc-analysts-propelling-secops-into.html", + "Ransomware Targets ESXi Systems via Stealthy SSH Tunnels for C2 Operations": "https://thehackernews.com/2025/01/ransomware-targets-esxi-systems-via.html", + "How Long Does It Take Hackers to Crack Modern Hashing Algorithms?": "https://thehackernews.com/2025/01/how-long-does-it-take-hackers-to-crack.html", + "Top-Rated Chinese AI App DeepSeek Limits Registrations Amid Cyberattacks": "https://thehackernews.com/2025/01/top-rated-chinese-ai-app-deepseek.html", + "E.U. Sanctions 3 Russian Nationals for Cyber Attacks Targeting Estonia’s Key Ministries": "https://thehackernews.com/2025/01/eu-sanctions-3-russian-nationals-for.html", + "Apple Patches Actively Exploited Zero-Day Affecting iPhones, Macs, and More": "https://thehackernews.com/2025/01/apple-patches-actively-exploited-zero.html" + }, + "Security Affairs": { + "VMware fixed a flaw in Avi Load Balancer": "https://securityaffairs.com/173569/security/vmware-fixed-avi-load-balancer-flaw.html", + "Ransomware attack on ENGlobal compromised personal information": "https://securityaffairs.com/173566/cyber-crime/englobal-disclosed-a-ransomware-attack.html", + "EU announced sanctions on three members of Russia’s GRU Unit 29155": "https://securityaffairs.com/173555/security/eu-sanctions-russias-gru-unit-29155.html", + "Chinese AI platform DeepSeek faced a “large-scale” cyberattack": "https://securityaffairs.com/173546/security/chinese-ai-platform-deepseek-faced-a-large-scale-cyberattack.html" + }, + "Palo Alto Networks Blog": { + "C-Suite Leaders Embrace Platformization for Security Success": "https://www.paloaltonetworks.com/blog/2025/01/growing-need-cybersecurity-platformization/" + }, + "Technical Information Security Content & Discussion": { + "Single QR Code, Two Different URLs": "https://www.reddit.com/r/netsec/comments/1ic8mmx/single_qr_code_two_different_urls/", + "A Missed Opportunity: Weak Password Hashing in VxWorks 6.9 and 7": "https://www.reddit.com/r/netsec/comments/1ibxbp1/a_missed_opportunity_weak_password_hashing_in/", + "Using AiTM to phish for access- and refreshtokens": "https://www.reddit.com/r/netsec/comments/1ic2mc4/using_aitm_to_phish_for_access_and_refreshtokens/" + }, + "Instapaper: Unread": { + "Exterro Launches INFORM A Ground-Breaking Global Webinar Series To Advance Digital Forensics": "https://www.forensicfocus.com/news/exterro-launches-inform-a-ground-breaking-global-webinar-series-to-advance-digital-forensics/", + "Being a tool while using a tool": "https://www.hexacorn.com/blog/2025/01/25/being-a-tool-while-using-a-tool/", + "Android's New Identity Check Feature Locks Device Settings Outside Trusted Locations": "https://thehackernews.com/2025/01/androids-new-identity-check-feature.html", + "USB Army Knife The Ultimate Close Access Penetest Tool": "https://www.mobile-hacker.com/2025/01/24/usb-army-knife-the-ultimate-close-access-penetest-tool/" + }, + "Full Disclosure": { + "APPLE-SA-01-27-2025-9 Safari 18.3": "https://seclists.org/fulldisclosure/2025/Jan/20", + "APPLE-SA-01-27-2025-8 tvOS 18.3": "https://seclists.org/fulldisclosure/2025/Jan/19", + "APPLE-SA-01-27-2025-7 watchOS 11.3": "https://seclists.org/fulldisclosure/2025/Jan/18", + "APPLE-SA-01-27-2025-6 macOS Ventura 13.7.3": "https://seclists.org/fulldisclosure/2025/Jan/17", + "APPLE-SA-01-27-2025-5 macOS Sonoma 14.7.3": "https://seclists.org/fulldisclosure/2025/Jan/16", + "APPLE-SA-01-27-2025-4 macOS Sequoia 15.3": "https://seclists.org/fulldisclosure/2025/Jan/15", + "APPLE-SA-01-27-2025-3 iPadOS 17.7.4": "https://seclists.org/fulldisclosure/2025/Jan/14", + "APPLE-SA-01-27-2025-2 iOS 18.3 and iPadOS 18.3": "https://seclists.org/fulldisclosure/2025/Jan/13", + "APPLE-SA-01-27-2025-1 visionOS 2.3": "https://seclists.org/fulldisclosure/2025/Jan/12", + "AutoLib Software Systems OPAC Version.20.10 | Exposure of Sensitive Information | CVE-2024-48310": "https://seclists.org/fulldisclosure/2025/Jan/11", + "SEC Consult SA-20250127-0 :: Weak Password Hashing Algorithms in Wind River Software VxWorks RTOS": "https://seclists.org/fulldisclosure/2025/Jan/10", + "Host Header Injection - atutorv2.2.4": "https://seclists.org/fulldisclosure/2025/Jan/9", + "Reflected XSS - atutorv2.2.4": "https://seclists.org/fulldisclosure/2025/Jan/8" + }, + "Information Security": { + "Alert: A recruiter tried to hack me!!": "https://www.reddit.com/r/Information_Security/comments/1icazu3/alert_a_recruiter_tried_to_hack_me/" + }, + "netsecstudents: Subreddit for students studying Network Security and its related subjects": { + "WGU vs KU vs Certs, Advice": "https://www.reddit.com/r/netsecstudents/comments/1ibpt0b/wgu_vs_ku_vs_certs_advice/" + }, + "Blackhat Library: Hacking techniques and research": { + "Tails/Encrypted Coms": "https://www.reddit.com/r/blackhat/comments/1icc3nu/tailsencrypted_coms/" + }, + "Computer Forensics": { + "Forensic sofwtare licensing question - key fobs - sanderson sqlite, elcomsoft forensic toolkit": "https://www.reddit.com/r/computerforensics/comments/1icapio/forensic_sofwtare_licensing_question_key_fobs/", + "Where does Autopsy store my own keywords?": "https://www.reddit.com/r/computerforensics/comments/1icfrt8/where_does_autopsy_store_my_own_keywords/", + "Is this how digital forensic recovery of deleted instant messages works?": "https://www.reddit.com/r/computerforensics/comments/1ibw3bh/is_this_how_digital_forensic_recovery_of_deleted/", + "Recovering deleted messages with an FFS and unallocated space": "https://www.reddit.com/r/computerforensics/comments/1ibwhuu/recovering_deleted_messages_with_an_ffs_and/", + "MacOS hardware encrypted volume": "https://www.reddit.com/r/computerforensics/comments/1ic16ij/macos_hardware_encrypted_volume/" + }, + "Your Open Hacker Community": { + "Reverse engineering Xbox One Controller USB communication protocol.": "https://www.reddit.com/r/HowToHack/comments/1icc6sw/reverse_engineering_xbox_one_controller_usb/", + "best wordlist/rules attacks for pkmid+eapol": "https://www.reddit.com/r/HowToHack/comments/1iccsq1/best_wordlistrules_attacks_for_pkmideapol/", + "Can finding /etc/passwd file of a site be counted as a vulnerability?": "https://www.reddit.com/r/HowToHack/comments/1ic5gm0/can_finding_etcpasswd_file_of_a_site_be_counted/", + "Decrypt PPPoE password from config": "https://www.reddit.com/r/HowToHack/comments/1icczi6/decrypt_pppoe_password_from_config/", + "Huawei EG8145V5 GPON router password": "https://www.reddit.com/r/HowToHack/comments/1ic9c76/huawei_eg8145v5_gpon_router_password/", + "Advanced learning": "https://www.reddit.com/r/HowToHack/comments/1ibxexn/advanced_learning/", + "Is little but consistent study enough?": "https://www.reddit.com/r/HowToHack/comments/1ibq381/is_little_but_consistent_study_enough/", + "How to get the first job?": "https://www.reddit.com/r/HowToHack/comments/1ibu8nd/how_to_get_the_first_job/", + "some questions from someone interested": "https://www.reddit.com/r/HowToHack/comments/1ibtrxe/some_questions_from_someone_interested/", + "noob questions 1:": "https://www.reddit.com/r/HowToHack/comments/1ibq10e/noob_questions_1/", + "VMWARE OR VIRTUALBOX?": "https://www.reddit.com/r/HowToHack/comments/1ic2h2w/vmware_or_virtualbox/", + "my ig account was hacked and i need to hack back into it 😭 can someone help": "https://www.reddit.com/r/HowToHack/comments/1ic1izl/my_ig_account_was_hacked_and_i_need_to_hack_back/", + "how to find people on other websites?": "https://www.reddit.com/r/HowToHack/comments/1ibziyg/how_to_find_people_on_other_websites/", + "Is there a way to recover hacked facebook account, basically I don't have any acces to that account": "https://www.reddit.com/r/HowToHack/comments/1ibqxfs/is_there_a_way_to_recover_hacked_facebook_account/", + "My parents block me from the internet": "https://www.reddit.com/r/HowToHack/comments/1ibqk2x/my_parents_block_me_from_the_internet/" + }, + "Security Weekly Podcast Network (Audio)": { + "DeepSeek, AIDs, Sex Crime, Microsoft, PayPal, GetHub, Joshua Marpet and More - SWN #446": "http://sites.libsyn.com/18678/deepseek-aids-sex-crime-microsoft-paypal-gethub-joshua-marpet-and-more-swn-446", + "Security the AI SDLC - Niv Braun - ASW #315": "http://sites.libsyn.com/18678/security-the-ai-sdlc-niv-braun-asw-315" + }, + "Daniel Miessler": { + "AI's Total Addressable Market": "https://danielmiessler.com/blog/ai-tam" + } +} \ No newline at end of file diff --git a/today.md b/today.md index adb2298743..15943411c4 100644 --- a/today.md +++ b/today.md @@ -1,346 +1,330 @@ -# 每日安全资讯(2025-01-28) +# 每日安全资讯(2025-01-29) - SecWiki News - - [ ] [SecWiki News 2025-01-27 Review](http://www.sec-wiki.com/?2025-01-27) -- Hacking Articles - - [ ] [Diamond Ticket Attack: Abusing kerberos Trust](https://www.hackingarticles.in/diamond-ticket-attack-abusing-kerberos-trust/) + - [ ] [SecWiki News 2025-01-28 Review](http://www.sec-wiki.com/?2025-01-28) +- CXSECURITY Database RSS Feed - CXSecurity.com + - [ ] [SpagoBI 3.5.1 Cross Site Scripting](https://cxsecurity.com/issue/WLB-2025010031) + - [ ] [SpagoBI 3.5.1 Cross Site Request Forgery](https://cxsecurity.com/issue/WLB-2025010030) + - [ ] [AutoLib Software Systems OPAC 20.10 Secret Disclosure](https://cxsecurity.com/issue/WLB-2025010029) + - [ ] [Wind River Software VxWorks 6.9 Weak Password Hashing Algorithms](https://cxsecurity.com/issue/WLB-2025010028) + - [ ] [Netman 204 - Broken Access Control Remote command](https://cxsecurity.com/issue/WLB-2025010027) +- Doonsec's feed + - [ ] [恭贺新春](https://mp.weixin.qq.com/s?__biz=MzAwMTU3NTcwMg==&mid=2650274703&idx=1&sn=44bc7fedf574abdef2667a6705174f16) + - [ ] [贺新春](https://mp.weixin.qq.com/s?__biz=MzAwNTc0ODM3Nw==&mid=2247489469&idx=1&sn=8036df60009b8f327efe91e9cc6ed5db) + - [ ] [工联众测平台祝大家新春快乐!](https://mp.weixin.qq.com/s?__biz=MzkyMDMwNTkwNg==&mid=2247487233&idx=1&sn=6a23f67adae9f6cb2d9b51b3365fb957) + - [ ] [DataCon祝您新春快乐,蛇年顺福!](https://mp.weixin.qq.com/s?__biz=MzU5Njg1NzMyNw==&mid=2247489129&idx=1&sn=6b731efe82b4bfd863b8f70732c57433) + - [ ] [S1uM4i 2024 年终总结](https://mp.weixin.qq.com/s?__biz=MzkwMDY2ODc0MA==&mid=2247485321&idx=1&sn=424b19ecebbb4251cc46503a2e6bdd5e) + - [ ] [无糖信息祝您2025新春快乐,蛇年大吉,巳巳如意!](https://mp.weixin.qq.com/s?__biz=MzAxMzkzNDA1Mg==&mid=2247513943&idx=1&sn=8653479e8a4a87d52d06cad7e12a1a0f) + - [ ] [宁盾祝您春节快乐!](https://mp.weixin.qq.com/s?__biz=Mzk0MjI4MzA5MQ==&mid=2247485168&idx=1&sn=7609f006f7083b7c031ae358074fbce7) + - [ ] [春节 | 鱼影信息祝您新年快乐!](https://mp.weixin.qq.com/s?__biz=MzkyOTI4NTY4MQ==&mid=2247491120&idx=1&sn=2fe2e381833ac8c3b3cc1adacfd54608) + - [ ] [烟花璀璨,辞旧迎新!](https://mp.weixin.qq.com/s?__biz=MzIzODQxMjM2NQ==&mid=2247500314&idx=1&sn=55fd4ab5604ca218c5d6bae45dd143cc) + - [ ] [情报分析大家庭拜年啦!新的一年一起加油!](https://mp.weixin.qq.com/s?__biz=MzkwNzM0NzA5MA==&mid=2247504929&idx=1&sn=08582222431ff4fe86e1edb119fa1bd4) + - [ ] [听说看过的25年都赚了一个小目标哦!](https://mp.weixin.qq.com/s?__biz=MzU2MDE2MjU1Mw==&mid=2247486166&idx=1&sn=be18f3e264adac14e0c9c2892bb78337) + - [ ] [蛇年快乐!](https://mp.weixin.qq.com/s?__biz=MzI1Mjc3NTUwMQ==&mid=2247538520&idx=1&sn=ae2d81fefede57572c13d682b4a5c957) + - [ ] [【OSCP】 Kioptrix 提权靶机(1-5)全系列教程,Try Harder!绝对干货!](https://mp.weixin.qq.com/s?__biz=MzU2MTc4NTEyNw==&mid=2247486449&idx=1&sn=6fd14445024d20e037e1a6c2ea688cf5) + - [ ] [巳巳如意,新春大吉|“工业互联网标识智库”给您拜年啦!](https://mp.weixin.qq.com/s?__biz=MzU1OTUxNTI1NA==&mid=2247592331&idx=1&sn=da66b7b09b73ca014e2dbfbe08f98956) + - [ ] [告别本地算力焦虑:使用腾讯云免费GPU部署DeepSeek-R1](https://mp.weixin.qq.com/s?__biz=MzkzMTY0MDgzNg==&mid=2247484059&idx=1&sn=fe1155e27ce44740d6c694158f218e2d) + - [ ] [零基础:从搭建DeepSeek开始](https://mp.weixin.qq.com/s?__biz=Mzk0Mzc2MDQyMg==&mid=2247486458&idx=1&sn=69916ef3b03a1efb0dac87b22c9504cc) + - [ ] [(吃瓜)神人tv之内网肉鸡](https://mp.weixin.qq.com/s?__biz=MzkzNjczNzEyMw==&mid=2247484130&idx=1&sn=cd4d51927aca6de101fc20fc3d87f5f6) + - [ ] [领红包啦!信息安全的兄弟们凭手速抢66个新春红包!!](https://mp.weixin.qq.com/s?__biz=MzkxMDY3MzQyNQ==&mid=2247484803&idx=1&sn=67040f6a098a560ac76ad463e03849d7) + - [ ] [DeepSeek崛起背后的暗流:全球AI技术博弈下的DDoS攻击](https://mp.weixin.qq.com/s?__biz=Mzg2Nzg0NDkwMw==&mid=2247493212&idx=1&sn=d5ff49e83b16adba13a2b353720f5f6b) + - [ ] [除夕夜快乐](https://mp.weixin.qq.com/s?__biz=MzU5MTIxNzg0Ng==&mid=2247488146&idx=1&sn=cab1d455370b4497865a4ea139ed1072) + - [ ] [VPC访问控制网络ACL和安全组的基本差异](https://mp.weixin.qq.com/s?__biz=Mzg3NTUzOTg3NA==&mid=2247515079&idx=1&sn=fd21e42d301bf2176eac4331c9cdf478) + - [ ] [分享图片](https://mp.weixin.qq.com/s?__biz=Mzk0MDQzNzY5NQ==&mid=2247493210&idx=1&sn=611fcff00c148212c63d4d8c0b116ef7) + - [ ] [叮咚,您有一份2024年的家书请签收](https://mp.weixin.qq.com/s?__biz=MzUxODY3MDExMA==&mid=2247490113&idx=1&sn=f588627c92bc5fc34c5a5020b6e6f27f) + - [ ] [Nil聊安全祝大家新年快乐!](https://mp.weixin.qq.com/s?__biz=MzkyMDY4MTc2Ng==&mid=2247483970&idx=1&sn=3ff66f6fb393638fbf077038ca8af503) + - [ ] [世界需要一个能谋善断的AI(一)序章:被低估的“决策”革命!](https://mp.weixin.qq.com/s?__biz=MzAxOTk3NTg5OQ==&mid=2247492270&idx=1&sn=1f2c860bb229ccdddaa36e1798ee31b2) + - [ ] [【CS单兵后渗透插件v1.0】| OpSec 标准下的红队武器化](https://mp.weixin.qq.com/s?__biz=Mzk1NzM5MTI2Mg==&mid=2247484412&idx=1&sn=f7e81d418014efc190a265ea5b403424) + - [ ] [祝大家蛇年快乐](https://mp.weixin.qq.com/s?__biz=MzU4NDY3MTk2NQ==&mid=2247491063&idx=1&sn=1a207ea9a1bf6793f778b14c866699e3) + - [ ] [蛇年吉祥 | EasyTools工具箱v1.0.2新春更新](https://mp.weixin.qq.com/s?__biz=MzkxNDYxMTc0Mg==&mid=2247484211&idx=1&sn=867b0a122b938721b7056648bed208b6) + - [ ] [网安人如何向相亲对象介绍自己的职业](https://mp.weixin.qq.com/s?__biz=MzIxMTg1ODAwNw==&mid=2247500533&idx=1&sn=f881bd74fcc4daf798426ead967a262c) + - [ ] [OpenAI o1 模型预部署评估报告](https://mp.weixin.qq.com/s?__biz=MjM5OTk4MDE2MA==&mid=2655264819&idx=1&sn=9bcbf9176ffca6c01ab6af00e300c1bd) + - [ ] [【2025-01-28】黑客新闻摘要](https://mp.weixin.qq.com/s?__biz=MzIzNDU5NTI4OQ==&mid=2247488369&idx=1&sn=6bb8a56600deaec9050fa3fa2af8c1d4) + - [ ] [新春献词:网络安全守护数字文明的星河](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485474&idx=1&sn=8985a87527422d08033ec138eb8aff86) + - [ ] [【干货原创】实网攻防演习常态化,会带来什么变化01](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485474&idx=4&sn=39cc23fe07830e4d7472358278971dd2) + - [ ] [【干货原创】K12教育,鲜为人知的模式秘密](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485474&idx=5&sn=6ece66b859b3c838d887e890ab1347d3) + - [ ] [原创文章目录](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485474&idx=6&sn=ddf654295edecd57791b7ff56275a624) + - [ ] [T00ls给您拜年了,祝福大家2025新春快乐,蛇行智敏,万事皆成](https://mp.weixin.qq.com/s?__biz=Mzg3NzYzODU5NQ==&mid=2247484913&idx=1&sn=c0718fb9edf9d2d38143583821a8a591) + - [ ] [【云安全】云原生-K8S-搭建/安装/部署](https://mp.weixin.qq.com/s?__biz=MzUyNTUyNTA5OQ==&mid=2247484782&idx=1&sn=e915e38783585176822fe7d83b1fac60) + - [ ] [祝您新春吉祥](https://mp.weixin.qq.com/s?__biz=Mzg4NzQ4MzA4Ng==&mid=2247485197&idx=1&sn=74ff9efe9a5ed4a7fbed4390af5b1a1d) + - [ ] [蛇年新春喜气扬,家家户户乐洋洋!](https://mp.weixin.qq.com/s?__biz=MzkzNTQzNTQzMQ==&mid=2247485353&idx=1&sn=c301e027660b56065be82c4eefcac09e) + - [ ] [新年快乐!](https://mp.weixin.qq.com/s?__biz=MzkyNTYxNDAwNQ==&mid=2247484502&idx=1&sn=fd6b131b1b080ae8e1c09f3983db4ad6) + - [ ] [新春快乐,红包和限时半价都来啦](https://mp.weixin.qq.com/s?__biz=Mzg2ODYxMzY3OQ==&mid=2247518332&idx=1&sn=a99dc2d16ee867d81dc1fb6d6d585fd5) + - [ ] [0day 挖到手软,403 到 getshell](https://mp.weixin.qq.com/s?__biz=MzIzMTIzNTM0MA==&mid=2247496966&idx=1&sn=c49dbe1213cb5a1afa836901e2c13038) + - [ ] [新年快乐,蛇年大吉!!!](https://mp.weixin.qq.com/s?__biz=MzUxNzg5MzM2Mg==&mid=2247487122&idx=1&sn=c744712cc396636e805c16c6d2c21f7b) + - [ ] [新年抽奖-大凉山草莓三份](https://mp.weixin.qq.com/s?__biz=Mzg2NDcwNjkzNw==&mid=2247487188&idx=1&sn=732db3a8ebd2e623d7d32c09dde7ce79) + - [ ] [入选T00ls第十二届年度(2024)人物风云榜!感谢各位支持与鼓励!](https://mp.weixin.qq.com/s?__biz=MzI5MzkwMzU1Nw==&mid=2247485230&idx=1&sn=b380678520b0ffa5a3c4fadac7defb4b) + - [ ] [【2025】除夕快乐](https://mp.weixin.qq.com/s?__biz=MzUwOTc3MTQyNg==&mid=2247491380&idx=1&sn=e4ad3b1ba59ba53e292ebe50ded8ff0f) + - [ ] [灵蛇纳福,恭贺新春!](https://mp.weixin.qq.com/s?__biz=MzIwMzI1MDg2Mg==&mid=2649945158&idx=1&sn=fecbe5d3b883ca7ec2240ef098769058) + - [ ] [后渗透:文件传输指南](https://mp.weixin.qq.com/s?__biz=MzkzNTYwMTk4Mw==&mid=2247488230&idx=1&sn=1c55c9eec57e987f73284321529d275c) + - [ ] [AI-小肥羊新年贺词!](https://mp.weixin.qq.com/s?__biz=Mzg5NjY4NDg1Nw==&mid=2247483918&idx=1&sn=3f545e8664083850f43da076087b61cc) + - [ ] [【独眼情报2024绝密快报】](https://mp.weixin.qq.com/s?__biz=MzkzNDIzNDUxOQ==&mid=2247494555&idx=1&sn=969df31b7b7f94e3e460d87d9d8d341b) + - [ ] [美国政府称朝鲜去年窃取了价值超过 6.59 亿美元的加密货币](https://mp.weixin.qq.com/s?__biz=Mzg3ODY0NTczMA==&mid=2247492125&idx=1&sn=7831811d7848487a4532874c5c321c95) + - [ ] [r3kapig祝大家蛇年大吉](https://mp.weixin.qq.com/s?__biz=MzI2MDE4MzkzMQ==&mid=2247484582&idx=1&sn=2edb58b7afc32298d84146c8a8590832) + - [ ] [蛇年大吉 | 记得看到最后,你想不到的,边搞居然还能领福利,爽到跳起来](https://mp.weixin.qq.com/s?__biz=Mzk0NzQxNzY2OQ==&mid=2247488117&idx=1&sn=7c87ec70661c577345d5f2cfc07ba224) + - [ ] [整车测试:网络安全认证的灵丹妙药?](https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247620223&idx=1&sn=4468d3513fec7d2ef881a5dd49cd3e04) + - [ ] [引入新汽车产品设计的隐私要求和设计规范,以及对当前汽车隐私标准化的影响](https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247620223&idx=2&sn=934de7b41be8cbb1d5dd42e833f1e0ec) + - [ ] [在产品开发阶段使用公共弱点仿真的弱点分析方法](https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247620223&idx=3&sn=ad2fb08375329c47e67f7ce86ed26cc0) + - [ ] [【年末总结&抽奖】技术是上天送给穷孩子最好的礼物!](https://mp.weixin.qq.com/s?__biz=MzkxNjQyODY5MA==&mid=2247487024&idx=1&sn=a62224588a6e2dd62693f3862794a78d) + - [ ] [我不允许有人不用这么牛掰的AI](https://mp.weixin.qq.com/s?__biz=MzkyOTQ4NTc3Nw==&mid=2247485473&idx=1&sn=9e94b35fd3ca3b6b77f33b632f82d312) + - [ ] [祝福各位网安人除夕快乐!](https://mp.weixin.qq.com/s?__biz=MzU2NDY2OTU4Nw==&mid=2247518500&idx=1&sn=77a990ec3405490f248537f3bb52f457) + - [ ] [新年快乐🎉](https://mp.weixin.qq.com/s?__biz=MzIwOTMzMzY0Ng==&mid=2247487850&idx=1&sn=e60c50cf6c14e46300498d583f660e12) + - [ ] [2025年最全除夕祝福语 欢欢喜喜过除夕,和和美美又一年!](https://mp.weixin.qq.com/s?__biz=MzIwNDYzNTYxNQ==&mid=2247502590&idx=1&sn=077b679c799ba964711d4d006052ba58) + - [ ] [²⁰²⁵/₀₁.₂₈除夕夜朋友圈文案配图,高级感绝了,总有一款适合你!](https://mp.weixin.qq.com/s?__biz=MzIwNDYzNTYxNQ==&mid=2247502590&idx=2&sn=73466049a019cbaa3238bafce30ec360) + - [ ] [龙腾蛇舞迎新春,福运连连贺新年!](https://mp.weixin.qq.com/s?__biz=MzA4NTY4MjAyMQ==&mid=2447900161&idx=1&sn=76bd5fe5be0b14e0a14eed056c1f31b1) + - [ ] [2025 新年大吉!!!](https://mp.weixin.qq.com/s?__biz=MzU1NTYxMjA5MA==&mid=2247505231&idx=1&sn=fc04df3a3e6f0360f375c5eb8edf9620) + - [ ] [恭祝大家福绕蛇年,多財多亿!](https://mp.weixin.qq.com/s?__biz=MzkyODYwODkyMA==&mid=2247485022&idx=1&sn=d3c1484e603f14b371fde5d6ac39a9df) + - [ ] [IDA技巧(105)自定义基址的偏移量](https://mp.weixin.qq.com/s?__biz=MzI1Mjk2MTM1OQ==&mid=2247485302&idx=1&sn=1a2fc3df35199bb3a2496fa7a2f7e386) + - [ ] [收藏 | dotNet安全矩阵 2024 年度外网入口打点阶段文章和工具汇总](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498517&idx=1&sn=ca095104967396843e7a5274e01b8e1e) + - [ ] [国内最专业、最全面的 [ .NET 代码审计 ] 体系化学习交流社区](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498517&idx=2&sn=b0fb228f6cafa443177863062d84f824) + - [ ] [收藏 | dotNet 安全矩阵团队2024年度内网横向移动阶段文章和工具汇总](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498517&idx=3&sn=522289e0fc1f8349b7367d905bba86b9) + - [ ] [朱厌安全在这里祝大家新年快乐啦!](https://mp.weixin.qq.com/s?__biz=Mzg4Njg3MDk5Ng==&mid=2247486849&idx=1&sn=fb5c009168582de268af009c587dc846) + - [ ] [奇安信给您拜年了!](https://mp.weixin.qq.com/s?__biz=MzU0NDk0NTAwMw==&mid=2247624759&idx=1&sn=325c1eab223d2d0fc8135016385d6ebc) - Tenable Blog - - [ ] [How To Clean Up Your Cloud Environment Using Tenable Cloud Security](https://www.tenable.com/blog/how-to-clean-up-your-cloud-environment-using-tenable-cloud-security) + - [ ] [What Makes This “Data Privacy Day” Different?](https://www.tenable.com/blog/what-makes-this-data-privacy-day-different) - Security Boulevard - - [ ] [U.S. Shuts Down Another N. Korean IT Worker Scam, Indicting 5](https://securityboulevard.com/2025/01/u-s-shuts-down-another-n-korean-it-worker-scam-indicting-5/) - - [ ] [BTS #44 – Network Appliances: A Growing Concern](https://securityboulevard.com/2025/01/bts-44-network-appliances-a-growing-concern/) - - [ ] [DEF CON 32 – Simulating Attacks Against Hydroelectric Power Plants](https://securityboulevard.com/2025/01/def-con-32-simulating-attacks-against-hydroelectric-power-plants/) - - [ ] [Hackers Use Malicious PDFs, pose as USPS in Mobile Phishing Scam](https://securityboulevard.com/2025/01/hackers-use-malicious-pdfs-pose-as-usps-in-mobile-phishing-scam/) - - [ ] [How to Prepare for EU AI Act Compliance by February 2nd](https://securityboulevard.com/2025/01/how-to-prepare-for-eu-ai-act-compliance-by-february-2nd/) - - [ ] [Why The Rise of AI Agents Demands a New Approach to Fraud Prevention](https://securityboulevard.com/2025/01/why-the-rise-of-ai-agents-demands-a-new-approach-to-fraud-prevention/) - - [ ] [Randall Munroe’s XKCD ‘T. Rex Evolution’](https://securityboulevard.com/2025/01/randall-munroes-xkcd-t-rex-evolution/) - - [ ] [News alert: INE Security announces new initiative to help companies accelerate CMMC 2.0 compliance](https://securityboulevard.com/2025/01/news-alert-ine-security-announces-new-initiative-to-help-companies-accelerate-cmmc-2-0-compliance/) - - [ ] [Finding the Right Partner for PCI DSS 4.0.1 Compliance: Requirements 6.4.3 and 11.6.1](https://securityboulevard.com/2025/01/finding-the-right-partner-for-pci-dss-4-0-1-compliance-requirements-6-4-3-and-11-6-1/) - - [ ] [DEF CON 32 – 3DU Homo ex Machina](https://securityboulevard.com/2025/01/def-con-32-3du-homo-ex-machina/) -- Doonsec's feed - - [ ] [浏览器扩展程序:供应链攻击新风险](https://mp.weixin.qq.com/s?__biz=Mzk0NDcyMjU2OQ==&mid=2247484550&idx=1&sn=c02bc9dd56662cdb263f88d6cb3972f6) - - [ ] [快过年了,陪家人重温经典故事 《水浒传》中林冲角色](https://mp.weixin.qq.com/s?__biz=MzU4NDY3MTk2NQ==&mid=2247491051&idx=1&sn=ecb10b17fd7bb1929d83f9fc91d15868) - - [ ] [面试官:什么是终端复用技术(tmux)?](https://mp.weixin.qq.com/s?__biz=MzU2MTc4NTEyNw==&mid=2247486447&idx=1&sn=5b98b68ea23131f812c676e1e28a865c) - - [ ] [精通爬虫技术:从入门到入狱——网络数据爬虫的合法性与法律边界](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485462&idx=1&sn=7bd57b19a187b5cc4e681ccabdb62554) - - [ ] [北七家-未来科学城,3居变4居豪装,理想楼层/户型/朝向](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485462&idx=2&sn=aa38fdb9484890ff28fa33eb956db87f) - - [ ] [【干货】笑傲职场的独家经验(1)](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485462&idx=3&sn=73db7dec67642837621580378b52187a) - - [ ] [【干货原创】实网攻防演习常态化,会带来什么变化01](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485462&idx=4&sn=32c45e39b7aa406c34c63723157e5820) - - [ ] [【干货原创】K12教育,鲜为人知的模式秘密](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485462&idx=5&sn=904ed64e3a0a8b04604e39501642c306) - - [ ] [原创文章目录](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485462&idx=6&sn=061a6d50789795a5bd4c3f6a00716e34) - - [ ] [秦安:特朗普“三板斧”遭遇滑铁卢,本质暴露,下一步中国是关键](https://mp.weixin.qq.com/s?__biz=MzA5MDg1MDUyMA==&mid=2650476339&idx=1&sn=e1ce666a0ab9712c2886d83bd1877adb) - - [ ] [秦安:解救台退将高安国!台湾当局构陷为间谍并重判10年,不可忍](https://mp.weixin.qq.com/s?__biz=MzA5MDg1MDUyMA==&mid=2650476339&idx=2&sn=a56cf6d1f85a6c83b8e5beeb6ab78876) - - [ ] [学历赋](https://mp.weixin.qq.com/s?__biz=MzU0MzgzNTU0Mw==&mid=2247485935&idx=1&sn=c9ad7ddf99eb58464e3f86507a44ea7a) - - [ ] [企业网络安全文化建设必备(2):Gartner PIPE(实践|影响|平台|使能)框架](https://mp.weixin.qq.com/s?__biz=MzU0MDc5ODM0Mg==&mid=2247484778&idx=1&sn=9669504997ac29232f840c90dc143100) - - [ ] [带上五款实用软件,让春节假期更精彩](https://mp.weixin.qq.com/s?__biz=MzI2MjcwMTgwOQ==&mid=2247492187&idx=1&sn=839b938abafa27550d165054c071714a) - - [ ] [DeepSeek为何脱颖而出?](https://mp.weixin.qq.com/s?__biz=MzI3MDY0Nzg1Nw==&mid=2247489471&idx=1&sn=aea4a4c9a6a387edcca10e50438e05be) - - [ ] [锐安全红包发放:2025,让我们以攻防之道,破增长之局!](https://mp.weixin.qq.com/s?__biz=MzAxOTk3NTg5OQ==&mid=2247492258&idx=1&sn=0107053c5d16b67f3439376c04cef01f) - - [ ] [掌握数字主权:保障数据安全与自主控制](https://mp.weixin.qq.com/s?__biz=MzkyMzU2NjQyNA==&mid=2247483933&idx=1&sn=8f6302b17e64641dad3a59116b078096) - - [ ] [Xray图形化工具 | Super Xray介绍+使用](https://mp.weixin.qq.com/s?__biz=MzkzNzg3NzQxMQ==&mid=2247485733&idx=1&sn=c428e8ac5075c08b11d6f0bb80204e23) - - [ ] [信长星看望慰问院士专家](https://mp.weixin.qq.com/s?__biz=MzU4NDc2MzcwNw==&mid=2247498579&idx=1&sn=90378659a5745a0dccd8ea5617989cfe) - - [ ] [Claude Sonnet 3.5 模型预部署评估报告](https://mp.weixin.qq.com/s?__biz=MjM5OTk4MDE2MA==&mid=2655264780&idx=1&sn=434329d6b30b82e84d41fe6d628e0aa8) - - [ ] [DeepSeek R1本地部署](https://mp.weixin.qq.com/s?__biz=Mzg2ODc0Mjc0Mw==&mid=2247484166&idx=1&sn=e4b72373f7c77f9ca9a8484254d3cc16) - - [ ] [车载协议网络安全测试与验证技术](https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247620209&idx=1&sn=62fb4f6d697fbc3aeae44911bc309fa8) - - [ ] [模糊测试 ISO 15118 协议栈](https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247620209&idx=2&sn=a7b93becb562444a99c67be0138e6bbb) - - [ ] [汽车诊断协议的自动威胁评估](https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247620209&idx=3&sn=181db85f0a1d7867b71d8f31018ad6a3) - - [ ] [AI安全 | AI红队体系思考](https://mp.weixin.qq.com/s?__biz=MzU2NDc2NDYwMA==&mid=2247485980&idx=1&sn=960d573d2e6fe947559893913922555b) - - [ ] [快来领取你的超级牛红包封面!](https://mp.weixin.qq.com/s?__biz=Mzk0MTM4NzIxMQ==&mid=2247527516&idx=1&sn=052a43ea22441bf83cccc86ea56461a3) - - [ ] [通过js进行模糊测试所拿到的一次五千漏洞赏金记录](https://mp.weixin.qq.com/s?__biz=MzIzMTIzNTM0MA==&mid=2247496957&idx=1&sn=5ef897f46f3bf16bce1a83b45b0611c3) - - [ ] [猴子回花果山了](https://mp.weixin.qq.com/s?__biz=Mzk0MzY3MDE5Mg==&mid=2247484000&idx=1&sn=bcb60f30530141fb1333e0bb179fd365) - - [ ] [Timeline Sec团队2024年度奖项盘点!](https://mp.weixin.qq.com/s?__biz=MzA4NzUwMzc3NQ==&mid=2247497125&idx=1&sn=1beda84fef5f56cc2ca6aca3453311f9) - - [ ] [【年终总结2024】拥抱变化,书写属于你的崭新篇章](https://mp.weixin.qq.com/s?__biz=MzUwOTc3MTQyNg==&mid=2247491368&idx=1&sn=ed2c5b70af95f81f32a0eb1015945656) - - [ ] [《忍者龙剑传2:黑之章》PC版未加密,发售首日即遭黑客破解](https://mp.weixin.qq.com/s?__biz=MzU2MTQwMzMxNA==&mid=2247541464&idx=1&sn=cc83ce1fb7205f3da825a11d64b5a1a1) - - [ ] [共赴新程|江南信安2024年大事记回顾](https://mp.weixin.qq.com/s?__biz=MzA4MTE0MTEwNQ==&mid=2668670046&idx=1&sn=3d90d226b0ccfc788e9c3d55a906a392) - - [ ] [网安两位大佬脏话对喷?网安春节联欢晚会?](https://mp.weixin.qq.com/s?__biz=Mzg4NDk4MTk5OA==&mid=2247485518&idx=1&sn=081012fa0f7c697122122eb1b53b1f60) - - [ ] [带你解锁编码新世界!--随波逐流CTF编码工具使用教程44 --键盘按键键码keyCode密码](https://mp.weixin.qq.com/s?__biz=MzU2NzIzNzU4Mg==&mid=2247489639&idx=1&sn=321666dc868c113dcd28f6bfdc082c4d) - - [ ] [必看!国产超强AI推理,DeepSeek真正实现了AI自由!!!](https://mp.weixin.qq.com/s?__biz=MzkxMTUwOTY1MA==&mid=2247490125&idx=1&sn=d5a623704b071c5ccfd9c9e6108237eb) - - [ ] [ICSISIAP伴着蛇年的钟声,愿您好运开场!](https://mp.weixin.qq.com/s?__biz=MzI2MDk2NDA0OA==&mid=2247531219&idx=1&sn=f2ef95a05d3afd23d49b6f3b284874f7) - - [ ] [勒索软件编年史:从特洛伊到AI多重勒索](https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651313205&idx=1&sn=87bd9d4b0f4cf0110a428c760a32e247) - - [ ] [Microsoft Entra ID允许普通用户更新自己的UPN](https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651313205&idx=2&sn=076056f3b3febe8c53a042effe79ab62) - - [ ] [Chrome用户面临供应链攻击威胁,数百万人或受影响](https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651313205&idx=3&sn=ede56e2405d624e8159192b3bc6dabb4) - - [ ] [pwndbg:一款专为安全漏洞分析设计的GDB插件](https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651313205&idx=4&sn=fd39b2e5339a4dbd516501e208e06b3e) - - [ ] [DIDCTF-应急响应](https://mp.weixin.qq.com/s?__biz=MzkxMTcyMDczOQ==&mid=2247489787&idx=1&sn=478bd3b1a45b2189e78835e7464fad7a) - - [ ] [【InForSec 2025年会顶会论文回顾】雷重庆 :以友为鉴:基于 MCU 外设驱动分析的外设模型生成](https://mp.weixin.qq.com/s?__biz=MzA4ODYzMjU0NQ==&mid=2652317462&idx=1&sn=f826132e0f6fa3183c04badd0fa5dae0) - - [ ] [【InForSec 2025年会顶会论文回顾】姜嘉仪:增强基于二进制分析的协议逆向工程中字段推断能力的研究](https://mp.weixin.qq.com/s?__biz=MzA4ODYzMjU0NQ==&mid=2652317462&idx=2&sn=136962e4a93d95b67fdc6518671af5e4) - - [ ] [【InForSec 2025年会顶会论文回顾】李勇钢:基于虚拟化的未知驱动隔离与保护方法](https://mp.weixin.qq.com/s?__biz=MzA4ODYzMjU0NQ==&mid=2652317462&idx=3&sn=f21f4c9bf0cef097103e6505e6964774) - - [ ] [【InForSec 2025年会顶会论文回顾】马昊玉:镜中窥视:利用缓存侧信道攻破 Android 应用沙盒完整性](https://mp.weixin.qq.com/s?__biz=MzA4ODYzMjU0NQ==&mid=2652317462&idx=4&sn=af78d0a1dc313ed16e1ce158f5556a0e) - - [ ] [【InForSec 2025年会顶会论文回顾】向昊: 基于完全域敏感和源点意识的控制流完整性方法](https://mp.weixin.qq.com/s?__biz=MzA4ODYzMjU0NQ==&mid=2652317462&idx=5&sn=4f9bf219ac43637893b96266671c7f9b) - - [ ] [2024年我国软件业务收入137276亿元 同比增长10%](https://mp.weixin.qq.com/s?__biz=MzI5NTM4OTQ5Mg==&mid=2247634091&idx=1&sn=09d97d63363872444886eca26d42bd1b) - - [ ] [多家企业不履行网络安全保护义务被依法处罚](https://mp.weixin.qq.com/s?__biz=MzIxMDIwODM2MA==&mid=2653931479&idx=1&sn=c7eb966e702167a103aa8237a401daa5) - - [ ] [新华财经 | 强化治理机制与安全技术融合 完善数据流通安全治理](https://mp.weixin.qq.com/s?__biz=MzI5NTM4OTQ5Mg==&mid=2247634091&idx=3&sn=ae1890d9fc43a28242614b77158bdb47) - - [ ] [新型人工智能“黑帽”工具:GhostGPT带来的威胁与挑战](https://mp.weixin.qq.com/s?__biz=MzI5NTM4OTQ5Mg==&mid=2247634091&idx=4&sn=b35ba1306942e49e81d7c0916dc10b82) - - [ ] [2024洞见微信年终总结](https://mp.weixin.qq.com/s?__biz=MzAxNzg3NzMyNQ==&mid=2247489515&idx=1&sn=c7ea742f54ea0d6e7f84c40a2f619721) - - [ ] [请君入瓮:蜜罐工具如何“钓鱼”黑客](https://mp.weixin.qq.com/s?__biz=MzkxODc5OTg5MQ==&mid=2247484274&idx=1&sn=08c7763a964ad3e0fdf8c700034ca314) - - [ ] [ISO 26262,太重要了](https://mp.weixin.qq.com/s?__biz=MzIzOTc2OTAxMg==&mid=2247549656&idx=1&sn=3b1404c45c6ac9e89a7f1effbc240319) - - [ ] [以太网知识:什么是MAC,什么是PHY,什么是MII](https://mp.weixin.qq.com/s?__biz=MzIzOTc2OTAxMg==&mid=2247549656&idx=2&sn=e9d2211ea044442665269f98c6ba7fc7) - - [ ] [【资讯】民政部等十七部门印发《困境儿童个人信息保护工作办法》](https://mp.weixin.qq.com/s?__biz=MzU1NDY3NDgwMQ==&mid=2247549514&idx=1&sn=305ef8a47012da8184703835c1e1ed93) - - [ ] [【资讯】网安标委发布《网络安全标准实践指南——人脸识别支付场景个人信息安全保护要求》](https://mp.weixin.qq.com/s?__biz=MzU1NDY3NDgwMQ==&mid=2247549514&idx=2&sn=6fb98a5fec924d8cd7a67dccd7424d5b) - - [ ] [【资讯】江苏省数据局等六部门印发《江苏省推进可信数据空间发展工作方案》](https://mp.weixin.qq.com/s?__biz=MzU1NDY3NDgwMQ==&mid=2247549514&idx=3&sn=badae398c24ad154b783f9f5a629d0d0) - - [ ] [[SUCTF2025] SU_APP、SU_Harmony 出题小记](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458589294&idx=1&sn=9843c5f997dc4268b2cceefeef11c2d9) - - [ ] [主打提高实战能力:CTF训练营-Web篇](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458589294&idx=2&sn=b3ce8734cd9334e9dd50ed637685ef01) - - [ ] [紧盯风险,防治漏洞:七步闭环](https://mp.weixin.qq.com/s?__biz=Mzk0OTQzMDI4Mg==&mid=2247484429&idx=1&sn=d365c76773989b993a162b0224f21e0f) - - [ ] [喜迎新春 欢度新年——银天科技恭祝您蛇年大吉!!!](https://mp.weixin.qq.com/s?__biz=MzA4MDk4NTIwMg==&mid=2454063862&idx=1&sn=12471c57f888c3ef8b3cf8fef358aa16) - - [ ] [网络工程师要学习什么技术?](https://mp.weixin.qq.com/s?__biz=MzIxNTM3NDE2Nw==&mid=2247490321&idx=1&sn=9b182f0c5ea87de6732432f15ac1fd88) - - [ ] [网安春晚:TSRC年榜第一小火炬怒喷老牌团队day1创始人王老师](https://mp.weixin.qq.com/s?__biz=MzkyOTQzNjIwNw==&mid=2247491530&idx=1&sn=b8652982f233b0eb67c95941afd97b2e) - - [ ] [05x数组42-49](https://mp.weixin.qq.com/s?__biz=MzA3NDE0NTY0OQ==&mid=2247484219&idx=1&sn=a44902a546dd3f19251633c65a184998) - - [ ] [科技传播中的科技伦理价值传递与治理原则](https://mp.weixin.qq.com/s?__biz=MzI1OTExNDY1NQ==&mid=2651618898&idx=1&sn=5f61d50057d512db5a228d8da59d4daf) - - [ ] [美国总统特朗普命令加密货币工作组起草新法规,探索建立国家加密货币储备](https://mp.weixin.qq.com/s?__biz=MzI1OTExNDY1NQ==&mid=2651618898&idx=2&sn=4abfd689dec96aeea8848eef12529590) - - [ ] [一图看懂2024年全球DDoS攻击态势](https://mp.weixin.qq.com/s?__biz=MjM5MTAwNzUzNQ==&mid=2650511143&idx=1&sn=3a15f876d02eabbf5ae003822f591ece) - - [ ] [缔盟云祝您有蛇有得,多财多亿,巳巳如意!](https://mp.weixin.qq.com/s?__biz=MzU3NzAyODU4OQ==&mid=2247485633&idx=1&sn=c6f88c734c41cd5e16eaa606fedd7a98) - - [ ] [一文带你理清前置机、跳板机与堡垒机的区别](https://mp.weixin.qq.com/s?__biz=MzkxMzMyNzMyMA==&mid=2247570690&idx=1&sn=b01cfbe28310df8b4522cf9025bcb0a2) - - [ ] [工商银行软件开发中心建设企业级风险决策服务能力,助推风控数字化转型](https://mp.weixin.qq.com/s?__biz=MzIxMDIwODM2MA==&mid=2653931479&idx=2&sn=8262daf2f36f04e547fa7e3e63027a00) - - [ ] [国产AI DeepSeek下载排行第一,AI界拼多多要逆袭chatgpt](https://mp.weixin.qq.com/s?__biz=Mzg2NDYwMDA1NA==&mid=2247543628&idx=1&sn=17c35fbc61a2b9c9a4b46fdc37f523b6) - - [ ] [《中国人民银行业务领域网络安全事件报告管理办法(征求意见稿)》公开征求意见](https://mp.weixin.qq.com/s?__biz=MjM5MzMwMDU5NQ==&mid=2649170564&idx=1&sn=624aa0fc6e97964bc6c24943e541c062) - - [ ] [小心“红包陷阱” !春节期间当心“喜中有诈”](https://mp.weixin.qq.com/s?__biz=MjM5MzMwMDU5NQ==&mid=2649170564&idx=2&sn=20add29e69926154f23dfc690f8794be) - - [ ] [完善数据流通安全治理机制 破解数据流通安全堵点](https://mp.weixin.qq.com/s?__biz=MjM5MzMwMDU5NQ==&mid=2649170564&idx=3&sn=acebdb407dbd799284061eb5c0b6457e) - - [ ] [恭贺新春 巳巳如意 | 金盾信安2025年春节假期值守安排](https://mp.weixin.qq.com/s?__biz=MjM5NjA2NzY3NA==&mid=2448682670&idx=1&sn=a638c4cebbf8f3edd837178cbd57c8df) - - [ ] [金盾信安 | 网络和数据领域资讯第45期(2025.1.21-2025.1.27)](https://mp.weixin.qq.com/s?__biz=MjM5NjA2NzY3NA==&mid=2448682670&idx=2&sn=8db6eebf8bd6c8c3f402b5be39471f90) - - [ ] [红队基础设施建设与改造(四)——深入解析Cobaltstrike(二开环境、认证过程分析、Beacon分析)](https://mp.weixin.qq.com/s?__biz=MzkwOTE3MzAxOA==&mid=2247485386&idx=1&sn=58bd4e0ea233075a6901ca1c18e458dc) - - [ ] [【假期别闲着】2025年需要学习的顶级安(黑)全(客)工具和技能](https://mp.weixin.qq.com/s?__biz=Mzg4NzgyODEzNQ==&mid=2247488631&idx=1&sn=3b6dad961c06f0d42f10b0e26644bd75) - - [ ] [《天堂之门》技术](https://mp.weixin.qq.com/s?__biz=MjM5NDcxMDQzNA==&mid=2247489387&idx=1&sn=ac98464c37defc7ff7572ef6c18dcb65) - - [ ] [山海关安全团队2024年终总结](https://mp.weixin.qq.com/s?__biz=Mzg4MjcxMTAwMQ==&mid=2247488669&idx=1&sn=b56b57ad952c790150d5244dffdf653d) - - [ ] [丸啦~真·缉拿归案啦](https://mp.weixin.qq.com/s?__biz=Mzk0MDY2NTY5Mw==&mid=2247485643&idx=1&sn=4d8692480bd89aa76f65366edcc86000) - - [ ] [运维风险管控、数据安全规范普及与漏洞情报处置:技术与管理并重的综合策略探讨。|总第278周](https://mp.weixin.qq.com/s?__biz=MzI2MjQ1NTA4MA==&mid=2247491776&idx=1&sn=4e17c660387c6776b88e397c64e7ed57) - - [ ] [CNVD漏洞周报2025年第4期](https://mp.weixin.qq.com/s?__biz=MzU3ODM2NTg2Mg==&mid=2247495739&idx=1&sn=70bff0dcfddcafcf645feed59f012888) - - [ ] [上周关注度较高的产品安全漏洞(20250120-20250126)](https://mp.weixin.qq.com/s?__biz=MzU3ODM2NTg2Mg==&mid=2247495739&idx=2&sn=c1eb11a7df482ea02fe0bb114eaa29bc) - - [ ] [deepseek 崩了](https://mp.weixin.qq.com/s?__biz=Mzk0MTI4NTIzNQ==&mid=2247492212&idx=1&sn=056eea3aeb7bbefa596ded5c9183de5c) - - [ ] [黑客使用RID劫持技术创建秘密的Windows管理帐户](https://mp.weixin.qq.com/s?__biz=MzUyMzczNzUyNQ==&mid=2247523229&idx=1&sn=02f3c873352590457db43f6d314f2ed3) - - [ ] [GitHub漏洞允许恶意仓库泄露用户凭据](https://mp.weixin.qq.com/s?__biz=MzUyMzczNzUyNQ==&mid=2247523229&idx=2&sn=596a96b2b96c941baeb9a5420fc9bbc2) - - [ ] [Kubernetes 集群远程代码执行漏洞致攻击者可接管所有 Windows 节点](https://mp.weixin.qq.com/s?__biz=MzUyMzczNzUyNQ==&mid=2247523229&idx=3&sn=741cf9ea3ae359cfcb2e7cafb292b025) - - [ ] [LTE和5G基础设施中的100多个漏洞导致远程核心泄露](https://mp.weixin.qq.com/s?__biz=MzUyMzczNzUyNQ==&mid=2247523229&idx=4&sn=fae6c9befec51a70547603cfc08bdd67) - - [ ] [Brute Ratel C4 载荷深度分析](https://mp.weixin.qq.com/s?__biz=MzAxODM5ODQzNQ==&mid=2247486782&idx=1&sn=eed60be751abe1186862fcb42ad81c69) - - [ ] [Brute Ratel C4 载荷深度分析 - 第二部分](https://mp.weixin.qq.com/s?__biz=MzAxODM5ODQzNQ==&mid=2247486782&idx=2&sn=92bb05ee43a6f780e534f0a7b25658de) - - [ ] [人物专题丨台湾地区海军副司令马群超](https://mp.weixin.qq.com/s?__biz=Mzg2NTYyODgyNg==&mid=2247504625&idx=1&sn=8ead3d113a164b57f2b73fd0414288eb) - - [ ] [《=虚假的网安春晚真实的网安春晚=》[旺柴]](https://mp.weixin.qq.com/s?__biz=MzkxNTczMjA1Ng==&mid=2247483975&idx=1&sn=ba13236ad54bd6d25c2e187d71724f50) + - [ ] [Reverse engineering your test data: It’s not as safe as you think it is](https://securityboulevard.com/2025/01/reverse-engineering-your-test-data-its-not-as-safe-as-you-think-it-is/) + - [ ] [What is the role of data synthesis in my CI/CD pipeline, anyway?](https://securityboulevard.com/2025/01/what-is-the-role-of-data-synthesis-in-my-ci-cd-pipeline-anyway/) + - [ ] [DeepSeek: The Silent AI Takeover That Could Cripple Markets and Fuel China’s Cyberwarfare](https://securityboulevard.com/2025/01/deepseek-the-silent-ai-takeover-that-could-cripple-markets-and-fuel-chinas-cyberwarfare/) + - [ ] [DEF CON 32 – Top War Stories From A TryHard Bug Bounty Hunter](https://securityboulevard.com/2025/01/def-con-32-top-war-stories-from-a-tryhard-bug-bounty-hunter/) + - [ ] [AI is a double-edged sword: Why you need new controls to manage risk](https://securityboulevard.com/2025/01/ai-is-a-double-edged-sword-why-you-need-new-controls-to-manage-risk/) + - [ ] [Prioritizing Cybersecurity Findings Exception and Issues in Risk Management](https://securityboulevard.com/2025/01/prioritizing-cybersecurity-findings-exception-and-issues-in-risk-management/) + - [ ] [Comic Agilé – Luxshan Ratnaravi, Mikkel Noe-Nygaard – #321 – Use Jira](https://securityboulevard.com/2025/01/comic-agile-luxshan-ratnaravi-mikkel-noe-nygaard-321-use-jira/) + - [ ] [The Halliburton Cyberattack: A $35M Wake-Up Call](https://securityboulevard.com/2025/01/the-halliburton-cyberattack-a-35m-wake-up-call/) + - [ ] [Complete Guide to AI Tokens: Understanding, Optimization, and Cost Management](https://securityboulevard.com/2025/01/complete-guide-to-ai-tokens-understanding-optimization-and-cost-management/) + - [ ] [DEF CON 32 – Travel Better Expedient Digital Defense](https://securityboulevard.com/2025/01/def-con-32-travel-better-expedient-digital-defense/) - Private Feed for M09Ic - - [ ] [safedv starred getAsterisk/deepclaude](https://github.com/getAsterisk/deepclaude) - - [ ] [mgeeky starred NtDallas/OdinLdr](https://github.com/NtDallas/OdinLdr) - - [ ] [4ra1n released 1.4.0 at jar-analyzer/class-obf](https://github.com/jar-analyzer/class-obf/releases/tag/1.4.0) - - [ ] [ZeddYu released v0.1.9 at ZeddYu/hugo-theme-stack](https://github.com/ZeddYu/hugo-theme-stack/releases/tag/v0.1.9) - - [ ] [safedv starred vxunderground/OCRMe](https://github.com/vxunderground/OCRMe) - - [ ] [paranoidninja created a repository paranoidninja/BRC4-BOF-Artillery](https://github.com/paranoidninja/BRC4-BOF-Artillery//) - - [ ] [INotGreen starred Adaptix-Framework/AdaptixC2](https://github.com/Adaptix-Framework/AdaptixC2) - - [ ] [yzddmr6 started following jbHu67](https://github.com/jbHu67) - - [ ] [phith0n starred sezanzeb/input-remapper](https://github.com/sezanzeb/input-remapper) - - [ ] [mgeeky starred trailofbits/cfg-showcase](https://github.com/trailofbits/cfg-showcase) - - [ ] [0e0w created a repository HackJava/snakeyaml](https://github.com/HackJava/Hacksnakeyaml//) - - [ ] [vxunderground created a repository vxunderground/OCRMe](https://github.com/vxunderground/OCRMe//) - - [ ] [mgeeky starred ElliotKillick/Mido](https://github.com/ElliotKillick/Mido) - - [ ] [mgeeky starred ElliotKillick/windows-vs-linux-loader-architecture](https://github.com/ElliotKillick/windows-vs-linux-loader-architecture) -- Trustwave Blog - - [ ] [Trustwave SpiderLabs December 2024: Phishing and Email Security Insights](https://www.trustwave.com/en-us/resources/blogs/trustwave-blog/trustwave-spiderlabs-december-2024-phishing-and-email-security-insights/) -- The DFIR Report - - [ ] [Cobalt Strike and a Pair of SOCKS Lead to LockBit Ransomware](https://thedfirreport.com/2025/01/27/cobalt-strike-and-a-pair-of-socks-lead-to-lockbit-ransomware/) + - [ ] [mgeeky starred mcmilk/7-Zip-zstd](https://github.com/mcmilk/7-Zip-zstd) + - [ ] [xpn starred dreadnode/cli](https://github.com/dreadnode/cli) + - [ ] [killeven starred deepseek-ai/DeepSeek-V3](https://github.com/deepseek-ai/DeepSeek-V3) + - [ ] [mgeeky starred LLVMParty/LLVMCMakeTemplate](https://github.com/LLVMParty/LLVMCMakeTemplate) + - [ ] [mgeeky starred Adaptix-Framework/AdaptixC2](https://github.com/Adaptix-Framework/AdaptixC2) + - [ ] [CHYbeta starred deepseek-ai/awesome-deepseek-integration](https://github.com/deepseek-ai/awesome-deepseek-integration) + - [ ] [safedv starred racoten/BetterNetLoader](https://github.com/racoten/BetterNetLoader) + - [ ] [safedv starred NoahKirchner/speedloader](https://github.com/NoahKirchner/speedloader) +- Sucuri Blog + - [ ] [Sucuri WAF Now Supports HTTP/3: A Faster and More Secure Web Experience](https://blog.sucuri.net/2025/01/sucuri-waf-now-supports-http-3-a-faster-and-more-secure-web-experience.html) +- 一个被知识诅咒的人 + - [ ] [Python中的asyncio:高效的异步编程模型](https://blog.csdn.net/nokiaguy/article/details/145386296) + - [ ] [【人工智能】基于Python的机器翻译系统,从RNN到Transformer的演进与实现](https://blog.csdn.net/nokiaguy/article/details/145386286) +- obaby@mars + - [ ] [祝大家新年快乐](https://h4ck.org.cn/2025/01/19056) +- Swing'Blog 浮生若梦 + - [ ] [CVE-2025-0282 Ivanti Connect Secure VPN 栈溢出漏洞分析](https://bestwing.me/CVE-2025-0282-Ivanti-Connect-Secure-VPN-stack-overflow.html) - Recent Commits to cve:main - - [ ] [Update Mon Jan 27 20:21:33 UTC 2025](https://github.com/trickest/cve/commit/b903cf9055faa0f09065ced5de7f9194a3b1a063) - - [ ] [Update Mon Jan 27 12:26:08 UTC 2025](https://github.com/trickest/cve/commit/c02fdccf98aca92096b385e95013782e5a87f8d6) - - [ ] [Update Mon Jan 27 04:22:47 UTC 2025](https://github.com/trickest/cve/commit/863bfc48e5dd52b0ac34eca3b6ccfca2ae091c10) -- Insinuator.net - - [ ] [Part I: Bluetooth Auracast from a Security Researcher’s Perspective](https://insinuator.net/2025/01/auracast-part1/) -- Sandfly Security Blog RSS Feed - - [ ] [Sandfly 5.3 - Detailed Host Forensics and Microsoft Sentinel Integration](https://sandflysecurity.com/about-us/news/sandfly-5-3-detailed-host-forensics-and-microsoft-sentinel-integration/) -- SpiderLabs Blog - - [ ] [Cracking the Giant: How ODAT Challenges Oracle, the King of Databases](https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/cracking-the-giant-how-odat-challenges-oracle-the-king-of-databases/) -- Bug Bounty in InfoSec Write-ups on Medium - - [ ] [Full GitHub Dorking guide: for OSINT and BugBounty (Reconnaissance)](https://infosecwriteups.com/full-github-dorking-guide-for-osint-and-bugbounty-reconnaissance-27557fb67ee0?source=rss----7b722bfd1b8d--bug_bounty) -- SentinelOne - - [ ] [Cloud Ransomware Developments | The Risks of Customer-Managed Keys](https://www.sentinelone.com/blog/cloud-ransomware-developments-the-risks-of-customer-managed-keys/) + - [ ] [Update Tue Jan 28 20:20:38 UTC 2025](https://github.com/trickest/cve/commit/84532ae2b8e9faef03daab62637fea93055c5f46) + - [ ] [Update Tue Jan 28 12:25:27 UTC 2025](https://github.com/trickest/cve/commit/046dff1f309416991e0350c5de230e05922e6962) + - [ ] [Update Tue Jan 28 04:25:42 UTC 2025](https://github.com/trickest/cve/commit/1973cb584ac5acc9fa6a12b9f74e3c5ab7bf2429) +- GuidePoint Security + - [ ] [GRIT 2025 Report: Post-Compromise Detection Strategies](https://www.guidepointsecurity.com/blog/grit-2025-report-post-compromise-detection-strategies/) +- Hacking Dream + - [ ] [Running DeepSeek AI Locally on your PC/Laptop](https://www.hackingdream.net/2025/01/running-deepseek-ai-locally-on-your-pc-laptop.html) +- Horizon3.ai + - [ ] [Top 150 Cybersecurity Vendors 2025](https://cyber150.com/#new_tab) + - [ ] [Building Cyber Resilience Across a Distributed Network](https://www.horizon3.ai/customer-story/building-cyber-resilience-across-a-distributed-network/) +- Malware-Traffic-Analysis.net - Blog Entries + - [ ] [2025-01-23: Fake installer leads to Koi Loader/Koi Stealer](https://www.malware-traffic-analysis.net/2025/01/23/index.html) +- Trail of Bits Blog + - [ ] [Best practices for key derivation](https://blog.trailofbits.com/2025/01/28/best-practices-for-key-derivation/) +- VMRay + - [ ] [From analysis to action: Enhancing government threat models with malware insights](https://www.vmray.com/from-analysis-to-action-enhancing-government-threat-models-with-malware-insights/) +- PortSwigger Research + - [ ] [Bypassing character blocklists with unicode overflows](https://portswigger.net/research/bypassing-character-blocklists-with-unicode-overflows) +- PortSwigger Blog + - [ ] [The complexities of scaling AppSec teams and how to address them in 2025](https://portswigger.net/blog/the-complexities-of-scaling-appsec-teams-and-how-to-address-them-in-2025) - Reverse Engineering - - [ ] [/r/ReverseEngineering's Weekly Questions Thread](https://www.reddit.com/r/ReverseEngineering/comments/1ib336t/rreverseengineerings_weekly_questions_thread/) - - [ ] [Video: Binary Refinery URL extractor for LummaStealer loader](https://www.reddit.com/r/ReverseEngineering/comments/1iazq8n/video_binary_refinery_url_extractor_for/) -- Webroot Blog - - [ ] [6 ways to get the most from Data Privacy Week](https://www.webroot.com/blog/2025/01/27/6-ways-to-get-the-most-from-data-privacy-week/) - - [ ] [Managed Detection and Response: Key trends MSPs can’t afford to ignore](https://www.webroot.com/blog/2025/01/27/managed-detection-and-response-key-trends-msps-cant-afford-to-ignore/) -- FreeBuf网络安全行业门户 - - [ ] [THN 每周回顾:顶级网络安全威胁、工具与技巧 [1月27日]](https://www.freebuf.com/vuls/420917.html) - - [ ] [GamaCopy模仿Gamaredon战术,针对俄罗斯实体展开网络间谍活动](https://www.freebuf.com/articles/network/420909.html) - - [ ] [新威胁组织GamaCopy模仿俄罗斯Gamaredon APT,针对俄语目标发起攻击](https://www.freebuf.com/articles/endpoint/420915.html) - - [ ] [恶意文件携带驱动人生数字签名,混淆视听执行后门](https://www.freebuf.com/news/420885.html) - - [ ] [ESXi勒索软件攻击利用SSH隧道逃避检测](https://www.freebuf.com/articles/es/420911.html) + - [ ] [Malimite is an iOS and macOS decompiler](https://www.reddit.com/r/ReverseEngineering/comments/1icg0we/malimite_is_an_ios_and_macos_decompiler/) + - [ ] [Data Speculation Attacks on Apple Silicon](https://www.reddit.com/r/ReverseEngineering/comments/1icfpij/data_speculation_attacks_on_apple_silicon/) - Malwarebytes - - [ ] [UnitedHealth almost doubles victim numbers from massive Change Healthcare data breach](https://www.malwarebytes.com/blog/news/2025/01/unitedhealth-almost-doubles-victim-numbers-from-massive-change-healthcare-data-breach) - - [ ] [A week in security (January 20 – January 26)](https://www.malwarebytes.com/blog/news/2025/01/a-week-in-security-january-20-january-26) - - [ ] [Three privacy rules for 2025 (Lock and Code S06E02)](https://www.malwarebytes.com/blog/podcast/2025/01/three-privacy-rules-for-2025-lock-and-code-s06e02) -- Shostack & Friends Blog - - [ ] [Spatial Reasoning and Threat Modeling](https://shostack.org/blog/spatial-reasoning-and-threat-modeing/) + - [ ] [Apple users: Update your devices now to patch zero-day vulnerability](https://www.malwarebytes.com/blog/news/2025/01/apple-users-update-your-devices-now-to-patch-zero-day-vulnerability) +- FreeBuf网络安全行业门户 + - [ ] [勒索软件利用隐秘SSH隧道攻击ESXi系统,实现C2通信](https://www.freebuf.com/articles/system/420939.html) - 奇客Solidot–传递最新科技情报 - - [ ] [Onlyfans 成功背后的心理学](https://www.solidot.org/story?sid=80440) - - [ ] [科学家通过黑洞合并事件验证宇宙镜像对称性](https://www.solidot.org/story?sid=80439) - - [ ] [研究揭示 PM2.5 毒理学机制](https://www.solidot.org/story?sid=80438) - - [ ] [DeepSeek 登顶苹果应用商店免费应用排行榜](https://www.solidot.org/story?sid=80437) - - [ ] [天文学家呼吁禁止太空广告](https://www.solidot.org/story?sid=80436) - - [ ] [研究发现对 AI 了解越少的人越愿意使用 AI](https://www.solidot.org/story?sid=80435) - - [ ] [特斯拉拒绝将 FSD 软件转移到新车](https://www.solidot.org/story?sid=80434) - - [ ] [Bitmanagement 与美国海军的反盗版诉讼再次受挫](https://www.solidot.org/story?sid=80433) + - [ ] [研究估计到 2100 年欧洲高温死亡人数增加五成](https://www.solidot.org/story?sid=80443) + - [ ] [Google 开源 Pebble 智能手表操作系统](https://www.solidot.org/story?sid=80442) + - [ ] [用开源方法复现 DeepSeek-R1](https://www.solidot.org/story?sid=80441) +- Shostack & Friends Blog + - [ ] [National Cyber Incident Response Plan comments](https://shostack.org/blog/national-cyber-incident-response-plan/) - 安全分析与研究 - - [ ] [利用合法服务逃避检测的C2框架集合](https://mp.weixin.qq.com/s?__biz=MzA4ODEyODA3MQ==&mid=2247490200&idx=1&sn=7ded05c5e8fcfb1f9411a02872d16b97&chksm=902fb5b0a7583ca6b9d070be9f189689dd4947d6b3cd745aa9f60a0f8b4753a861b6fb648957&scene=58&subscene=0#rd) - - [ ] [NetSupport恶意软件实战分析](https://mp.weixin.qq.com/s?__biz=MzA4ODEyODA3MQ==&mid=2247490200&idx=2&sn=6314bb9f1aaf1b510571b88dba47f6c6&chksm=902fb5b0a7583ca6e350050607a7974c961c89efe6bebff6360180ccda873aeec6cac61a7981&scene=58&subscene=0#rd) -- 沉隐杂谈录 - - [ ] [春节快乐-D2发布-新的开始](https://mp.weixin.qq.com/s?__biz=MzIxMDI0MzQzNQ==&mid=2650416407&idx=1&sn=9b8c96ba91a0e21e291d6afc156427ae&chksm=8f691f13b81e9605d0c04246123189c15bd8df8a98c759c24ab9f3b029b4c1e33968ae3bf07a&scene=58&subscene=0#rd) + - [ ] [安全分析与研究新年优惠活动](https://mp.weixin.qq.com/s?__biz=MzA4ODEyODA3MQ==&mid=2247490214&idx=1&sn=238b595f99800c4991ac3e031a617c7f&chksm=902fb58ea7583c98e9ddb14df7809c329edb32cc5712822a43578e6f6d1d7144cf1fecb0f797&scene=58&subscene=0#rd) +- 锦行科技 + - [ ] [除夕 | 团圆守岁](https://mp.weixin.qq.com/s?__biz=MzIxNTQxMjQyNg==&mid=2247493739&idx=1&sn=c40ba2e100570ac69b06d868d4c023f6&chksm=979a13cea0ed9ad88be1125eaf8a6b2f2cc605dcebf820f7bf4e02f16087b4630e41bd06eee1&scene=58&subscene=0#rd) +- 白帽100安全攻防实验室 + - [ ] [白帽一百祝大家除夕快乐 | 文末抽奖](https://mp.weixin.qq.com/s?__biz=MzIxMDYyNTk3Nw==&mid=2247515161&idx=1&sn=3f2f882686de333d655eeacd52bf2dbc&chksm=976348cfa014c1d9acaa8e7c59f8871624f6a60fec4938f95bbdc95a0b04832cd0194bcbd553&scene=58&subscene=0#rd) - 吾爱破解论坛 - - [ ] [吾爱破解论坛微信红包封面(105000份)](https://mp.weixin.qq.com/s?__biz=MjM5Mjc3MDM2Mw==&mid=2651141642&idx=1&sn=dbc86b6bb93f87ff6b37ff25887ea8ab&chksm=bd50a65e8a272f487fe50c942a392975c1b2f40c830799f082a541fb014f24452a88f9b03c18&scene=58&subscene=0#rd) -- Black Hills Information Security - - [ ] [GRC for Security Managers: From Checklists to Influence](https://www.blackhillsinfosec.com/grc-for-security-managers-wrapup/) -- 看雪学苑 - - [ ] [[SUCTF2025] SU_APP、SU_Harmony 出题小记](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458589294&idx=1&sn=9843c5f997dc4268b2cceefeef11c2d9&chksm=b18c28e486fba1f2def30ae2ad36fb881a2d6b3ae21e83fb24cd04f74d14f7fbfae69daac012&scene=58&subscene=0#rd) - - [ ] [主打提高实战能力:CTF训练营-Web篇](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458589294&idx=2&sn=b3ce8734cd9334e9dd50ed637685ef01&chksm=b18c28e486fba1f26a5b9b0ff4c245f804d7b5bf346992a0ddef298cd610ea4c06ec61e36f24&scene=58&subscene=0#rd) -- 丁爸 情报分析师的工具箱 - - [ ] [【实操】大语言模型能否按照特定要求撰写情报简报](https://mp.weixin.qq.com/s?__biz=MzI2MTE0NTE3Mw==&mid=2651148703&idx=1&sn=c924baf97ad0b03dd7fb0f48ff913106&chksm=f1af26a5c6d8afb3022277d9121d65514f7d642109b5cc100fd1264fd42ddb72d63aae8c2e43&scene=58&subscene=0#rd) -- 君哥的体历 - - [ ] [运维风险管控、数据安全规范普及与漏洞情报处置:技术与管理并重的综合策略探讨。|总第278周](https://mp.weixin.qq.com/s?__biz=MzI2MjQ1NTA4MA==&mid=2247491776&idx=1&sn=4e17c660387c6776b88e397c64e7ed57&chksm=ea484a87dd3fc3919e9026124b6bc0ba8b63b525d5d9b381260922106e0c8fca0d924c4c1bc5&scene=58&subscene=0#rd) -- dotNet安全矩阵 - - [ ] [收藏 | dotNet 安全矩阵团队2024年度内网横向移动阶段文章和工具汇总](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498493&idx=1&sn=0d58ecc98d8333a349c3712d4c129203&chksm=fa595410cd2edd062276b3223d5124040f319e19ba6ea3217db7d2e4d66add50a2c28fe6313a&scene=58&subscene=0#rd) - - [ ] [国内最专业、最全面的 [ .NET 代码审计 ] 体系化学习交流社区](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498493&idx=2&sn=42328f97d2cb9e8a7299d8948372c706&chksm=fa595410cd2edd060e5fd0741bf0e131d3cd04fafec5389c16758b57d4443a69e9583caee479&scene=58&subscene=0#rd) - - [ ] [通过 Sharp4Tokenvator 实现本地权限提升](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498493&idx=3&sn=d4029c2b542db791a7c4a70127b369fc&chksm=fa595410cd2edd069e4d76454b7789a94293ccb94a2ca643ad9f8b6bb7689ce4f47c1adf7a35&scene=58&subscene=0#rd) -- 安全牛 - - [ ] [春节放假通知](https://mp.weixin.qq.com/s?__biz=MjM5Njc3NjM4MA==&mid=2651134996&idx=1&sn=1c7920ea6f4ee8c218f4ff5dfcc4b28c&chksm=bd15acc78a6225d1f846166029b745338e146775f7f660efefe8493f1aa89f4e08347b6475c7&scene=58&subscene=0#rd) - - [ ] [LTE和5G网络实现中存在119个安全漏洞,可导致大规模通信中断;调查显示:仅7%受害者在支付勒索软件赎金后成功恢复数据 |牛览](https://mp.weixin.qq.com/s?__biz=MjM5Njc3NjM4MA==&mid=2651134996&idx=2&sn=82356d56bcca2787f9016513ed4f3cbf&chksm=bd15acc78a6225d149fe16de3316f0735ac8eb52adf8cea1638c72eb92dc9122d6eb960a5ce0&scene=58&subscene=0#rd) + - [ ] [分享图片](https://mp.weixin.qq.com/s?__biz=MjM5Mjc3MDM2Mw==&mid=2651141650&idx=1&sn=e3110752e4ffe937f324f685970f7f7d&chksm=bd50a6468a272f5024154f18471dea1e90fd56dcda584cb19983130a4ae5445176d483274784&scene=58&subscene=0#rd) +- 红日安全 + - [ ] [除夕夜,合家团圆,红日安全携手共迎新春!🎆🌟 新的一年,愿与您一起守护数字世界,开启更加稳固的商业未来!💼🔐](https://mp.weixin.qq.com/s?__biz=MzI4NjEyMDk0MA==&mid=2649851758&idx=1&sn=9e7fdd47524e28eb38189eecd4f8e494&chksm=f3e4e9edc49360fb9800add526de22a3005efd022ab9b8ffc02527465e0b464ca3fe928a508f&scene=58&subscene=0#rd) +- 安全内参 + - [ ] [突发!DeepSeek遭大规模恶意攻击](https://mp.weixin.qq.com/s?__biz=MzI4NDY2MDMwMw==&mid=2247513606&idx=1&sn=c00cf1c71328532ab314b816e276ebd8&chksm=ebfaf126dc8d783046da2e5424c76d7fb9ec3cd85676d2e93c5db7a7af817293fe531ec3a044&scene=58&subscene=0#rd) +- 信息安全国家工程研究中心 + - [ ] [恭贺新禧 | 瑞彩盈春盛景长,工程中心祝您新春快乐!](https://mp.weixin.qq.com/s?__biz=MzU5OTQ0NzY3Ng==&mid=2247498792&idx=1&sn=f277f20331e69c40ad775f29da0c8ede&chksm=feb67d3bc9c1f42d897ea4e78ac53000b52ae91a3fd33eb8f1b0e68b43ff243b3cff482f57b3&scene=58&subscene=0#rd) +- 网络空间安全科学学报 + - [ ] [《网络空间安全科学学报》恭祝大家新春快乐!](https://mp.weixin.qq.com/s?__biz=MzI0NjU2NDMwNQ==&mid=2247504687&idx=1&sn=e024501dcdf71e762898408c4b021501&chksm=e9bfc791dec84e879b034e32ac4b8585ab5f79c72506da72eaff60ed33de62c7fd3d5be74c8a&scene=58&subscene=0#rd) - 中国信息安全 - - [ ] [聚焦 | 国家网络威胁信息汇聚共享技术平台试运行总结表彰会成功举办](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235892&idx=1&sn=7fbcbb0883b6c65f4e3ba90ca09cccb7&chksm=8b58018dbc2f889be69ce98bffbb8700788264b4674a06edae6f3bf279bbde06a7fb39fc0778&scene=58&subscene=0#rd) - - [ ] [全球视野 | 国际网安快讯(第47期)](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235892&idx=2&sn=08a60783ca81347f55ac588740b70769&chksm=8b58018dbc2f889b07208718f2d827850ae2e964d65cfa90e842cdf6a10017f45ca80902cce0&scene=58&subscene=0#rd) - - [ ] [专家解读 | 扎实推进数据标准化工作 保障国家数据基础设施建设行稳致远](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235892&idx=3&sn=60fe07f5134c5dcdf56d12ae7a8a6f6f&chksm=8b58018dbc2f889b91b925e9e99f943eb4e141139265dd2619cbcb7539ff4d1feb896ec1b3b5&scene=58&subscene=0#rd) - - [ ] [四部门提示:防范“云养经济”欺诈!](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235892&idx=4&sn=e08fb24557851d99e80e4c6209a72e03&chksm=8b58018dbc2f889bf575dd94acf5c653e8345717700f5a66d66444326c0e8254fa40351c4c22&scene=58&subscene=0#rd) - - [ ] [专家解读 | 规范互联网平台企业报送信息 加强税源监管](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235892&idx=5&sn=9a656024279a6e896c92ce522318f0f9&chksm=8b58018dbc2f889b133dcd409bdae5218c53a73c4bb07029a09b2ad2c68aefeb13bcf03e65ea&scene=58&subscene=0#rd) - - [ ] [发布 | 中国信通院发布《车联网蓝皮书(数据赋能)(2024年)》(附下载)](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235892&idx=6&sn=4f29a9e415b95ec39af7c39c827ca8c6&chksm=8b58018dbc2f889b275a166290ba46af1f9486655da918e0239a1c03e50ba180c0e23d550e1a&scene=58&subscene=0#rd) - - [ ] [专家观点 | 数据治理助推中国生成式人工智能高质量发展](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235892&idx=7&sn=20d279dc28a3b944e6b08da8d0389648&chksm=8b58018dbc2f889b9b6c89092f8cba2bb490d27fc2b4b445f543c8ee998827a6e62a888bef51&scene=58&subscene=0#rd) - - [ ] [评论 | 严打黑客犯罪筑牢网安防线](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235892&idx=8&sn=a3453b1c835acec8834fbd5ff7af2441&chksm=8b58018dbc2f889b114f424c5cbc8fe72002e287bd824755f2bf4fe876eb53a3990490582cb1&scene=58&subscene=0#rd) + - [ ] [金蛇纳福 | 除夕大年夜,网安贺新春!](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235910&idx=1&sn=b0672a4323005a47b990decd5489b9b5&chksm=8b58017fbc2f8869dc12d3eae6576f3996fab46384314e421819881ab158af09ec2c9ea1ee11&scene=58&subscene=0#rd) + - [ ] [辞旧迎新 喜迎蛇年](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235910&idx=2&sn=04f7502a3c21d8e0ff68a1afbaa3d271&chksm=8b58017fbc2f8869535c224bbbdf7616c84b7648d3af144e7f8839482f4da6c7a4abe07532e1&scene=58&subscene=0#rd) +- 微步在线 + - [ ] [祝大家新春快乐!](https://mp.weixin.qq.com/s?__biz=MzI5NjA0NjI5MQ==&mid=2650183108&idx=1&sn=6beef11e4a6096c49c2cbe62b5fc19f6&chksm=f4486e78c33fe76e204f182d703c408d91c0b83853b30f7fe82e9a7bdc9957c63234d0ac5360&scene=58&subscene=0#rd) - 极客公园 - - [ ] [超音速民航「全球竞赛」,这家中国公司要「换道赛车」](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653072943&idx=1&sn=ffb269408b68f9e0288deb4a716e35a5&chksm=7e57d39949205a8fcb59175315452b11b6aa0621056de0de1b1c687d1a376823a493833406ad&scene=58&subscene=0#rd) - - [ ] [变天!——由一个惊艳例子引发对 DeepSeek 的 10 条思考](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653072943&idx=2&sn=42192769f13fb530fa9d3e23e0ad898c&chksm=7e57d39949205a8f43d40b81d6f0eeb1f919cf2f591666e28604cf8442613d9c9b06c3d6520e&scene=58&subscene=0#rd) - - [ ] [2025 年,多模态会诞生下一个 Super App 吗?](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653072869&idx=1&sn=12adc42065f8f5e00bc46673e247f39b&chksm=7e57d05349205945bf789818c879903e56ec41dee196f11a2c2eb03e570dbb7d37f5276ddf06&scene=58&subscene=0#rd) - - [ ] [DeepSeek升至美区苹果应用榜第一;Switch 2发售时间疑似泄露;苹果iPhone SE4或3月发布|极客早知道](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653072885&idx=1&sn=7e5a3b9e6ca75e1cde3533d9d9979269&chksm=7e57d0434920595525c153f6692cab3f51588c07e99b811fa04650161507b68ef8826215554a&scene=58&subscene=0#rd) -- 嘶吼专业版 - - [ ] [新的 DoubleClickjacking 攻击利用双击来劫持帐户](https://mp.weixin.qq.com/s?__biz=MzI0MDY1MDU4MQ==&mid=2247580993&idx=1&sn=9cef8f9e885411deefa3dd1718756bec&chksm=e9146d7bde63e46d6f0696852e5e5dc1ea9b2c6006db56346d548914ef0d50494db9f8fafe58&scene=58&subscene=0#rd) - - [ ] [安全动态回顾|工信部发布关于防范Androxgh0st僵尸网络的风险提示 Tesla EV充电器在PWN2OWN遭黑客多次入侵](https://mp.weixin.qq.com/s?__biz=MzI0MDY1MDU4MQ==&mid=2247580993&idx=2&sn=790649df6d58dba77660759df720c892&chksm=e9146d7bde63e46d5df8acb5d88a467ae8534a921ea900181bdacf12e66a11088693b337bd86&scene=58&subscene=0#rd) -- 情报分析师 - - [ ] [深挖“颜十六”:影视圈的“毒瘤”与跨国诈骗的“操盘手”](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650559276&idx=1&sn=031b0b5216b2db6c8a00f413e26ddcb0&chksm=87117d67b066f4718e1e8c4668285b5b2e2f1516a4c29ae581a945f427b952a45f7b90bb7cb3&scene=58&subscene=0#rd) - - [ ] [中情局携手乌克兰:从针锋相对到深度绑定,背后暗藏的全球隐患](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650559276&idx=2&sn=43bf564f5b1729bfe0286075d2cbc790&chksm=87117d67b066f471cc064ed852c6dfb97f82886b78a1b56aa647781834ebf0d1af0fec3e978a&scene=58&subscene=0#rd) -- 网安国际 - - [ ] [【InForSec 2025年会顶会论文回顾】雷重庆 :以友为鉴:基于 MCU 外设驱动分析的外设模型生成](https://mp.weixin.qq.com/s?__biz=MzA4ODYzMjU0NQ==&mid=2652317462&idx=1&sn=f826132e0f6fa3183c04badd0fa5dae0&chksm=8bc4ba98bcb3338ebd4c95535b024fb2d0951f24bd5c6220286b8f0e82cf6e3ed30fe77a6690&scene=58&subscene=0#rd) - - [ ] [【InForSec 2025年会顶会论文回顾】姜嘉仪:增强基于二进制分析的协议逆向工程中字段推断能力的研究](https://mp.weixin.qq.com/s?__biz=MzA4ODYzMjU0NQ==&mid=2652317462&idx=2&sn=136962e4a93d95b67fdc6518671af5e4&chksm=8bc4ba98bcb3338e45009a0994535a27c07c8a156be33fa8f7baf2d45b20e61c5bb48fa202d8&scene=58&subscene=0#rd) - - [ ] [【InForSec 2025年会顶会论文回顾】李勇钢:基于虚拟化的未知驱动隔离与保护方法](https://mp.weixin.qq.com/s?__biz=MzA4ODYzMjU0NQ==&mid=2652317462&idx=3&sn=f21f4c9bf0cef097103e6505e6964774&chksm=8bc4ba98bcb3338ede7044a70a7f51fa822aed833fe94983e8164af7b05be3eda9dc94bbfdb9&scene=58&subscene=0#rd) - - [ ] [【InForSec 2025年会顶会论文回顾】马昊玉:镜中窥视:利用缓存侧信道攻破 Android 应用沙盒完整性](https://mp.weixin.qq.com/s?__biz=MzA4ODYzMjU0NQ==&mid=2652317462&idx=4&sn=af78d0a1dc313ed16e1ce158f5556a0e&chksm=8bc4ba98bcb3338e8fbc65c1337d3af8ce4cdc1b60706c6dcbd92114dec43b23f09411cd3af7&scene=58&subscene=0#rd) - - [ ] [【InForSec 2025年会顶会论文回顾】向昊: 基于完全域敏感和源点意识的控制流完整性方法](https://mp.weixin.qq.com/s?__biz=MzA4ODYzMjU0NQ==&mid=2652317462&idx=5&sn=4f9bf219ac43637893b96266671c7f9b&chksm=8bc4ba98bcb3338eaa76ba29a15693a8cd7fdce579502c0ca5f68c46e4d44b1bee8ae278dc8b&scene=58&subscene=0#rd) -- 迪哥讲事 - - [ ] [通过js进行模糊测试所拿到的一次五千漏洞赏金记录](https://mp.weixin.qq.com/s?__biz=MzIzMTIzNTM0MA==&mid=2247496957&idx=1&sn=5ef897f46f3bf16bce1a83b45b0611c3&chksm=e8a5fe9edfd27788ba026eddd3fbb4541a0037c8be19dcb77460d206bd14339fb2c1bd0ebf83&scene=58&subscene=0#rd) -- 字节跳动技术团队 - - [ ] [Doubao-1.5-pro 发布 | 豆包大模型 LLM 团队热招中](https://mp.weixin.qq.com/s?__biz=MzI1MzYzMjE0MQ==&mid=2247512992&idx=1&sn=a2ed4bf409a9abb86118650e264e8c27&chksm=e9d37842dea4f1548fa971b2742cd34f4920526a6f0b47f86d0fb2a21fc099e27b42ad9f311f&scene=58&subscene=0#rd) + - [ ] [Deepseek又出连招:刚发布了超越DALL-E3的多模态模型](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653072968&idx=1&sn=11cc8c1298740ae6a406e012a43af24b&chksm=7e57d3fe49205ae8324716001201a49174026b129e73e59beac316ff24b099213446e9c145a7&scene=58&subscene=0#rd) + - [ ] [DeepSeek 深夜再放大招;迅雷将以 5 亿元人民币收购虎扑;华尔街押注特斯拉销量不达预期 | 极客早知道](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653072955&idx=1&sn=9914ed1021f98e7210793dde585b5219&chksm=7e57d38d49205a9bcb04929242ff2f15dc88cabd8e2a5bd653c4c6d4acf7be07b1ac43ed3df5&scene=58&subscene=0#rd) +- 渊龙Sec安全团队 + - [ ] [红包来袭~渊龙Sec安全团队给您拜年啦!](https://mp.weixin.qq.com/s?__biz=Mzg4NTY0MDg1Mg==&mid=2247485646&idx=1&sn=3d22f63d3e8153286e1ae1195bcac411&chksm=cfa49335f8d31a236cd0fa26b68b4def16aa1290c8b9518cab594a009d47ad6b8de4d578409e&scene=58&subscene=0#rd) +- 纽创信安 + - [ ] [岁序更新 金蛇献瑞 | 纽创信安恭祝大家新春快乐!](https://mp.weixin.qq.com/s?__biz=MzAwNTczMjAzMg==&mid=2650239321&idx=1&sn=8ad3d5a84549a685cce1bf2131792ab5&chksm=831bf2f6b46c7be0a039fddda0d494b7ada4f31312f5439d5db0d7f12999b266967c88677bc4&scene=58&subscene=0#rd) - 360数字安全 - - [ ] [春节假期|安全服务保障通知](https://mp.weixin.qq.com/s?__biz=MzA4MTg0MDQ4Nw==&mid=2247579262&idx=1&sn=e7e448b49217ce28a44f40bf153ac506&chksm=9f8d2676a8faaf60074a2e9aa0130c961d6ddf5f7f8fd7f9ab0fdafe915fd4058dff6dc59310&scene=58&subscene=0#rd) -- CNVD漏洞平台 - - [ ] [CNVD漏洞周报2025年第4期](https://mp.weixin.qq.com/s?__biz=MzU3ODM2NTg2Mg==&mid=2247495739&idx=1&sn=70bff0dcfddcafcf645feed59f012888&chksm=fd74c0f2ca0349e471d5a0cede4e3ed7bdd0d788c211c68cc80dfd224e519f19650dbc8d8c70&scene=58&subscene=0#rd) - - [ ] [上周关注度较高的产品安全漏洞(20250120-20250126)](https://mp.weixin.qq.com/s?__biz=MzU3ODM2NTg2Mg==&mid=2247495739&idx=2&sn=c1eb11a7df482ea02fe0bb114eaa29bc&chksm=fd74c0f2ca0349e47edcfe201c0666f5f1252b026ececf6de03bbe19fda17ce7ae900d728649&scene=58&subscene=0#rd) -- Krypt3ia - - [ ] [Krypt3ia Daily Cyber Threat Intelligence (CTI) Digest](https://krypt3ia.wordpress.com/2025/01/27/krypt3ia-daily-cyber-threat-intelligence-cti-digest-3/) -- 火绒安全 - - [ ] [恶意文件携带驱动人生数字签名,混淆视听执行后门](https://mp.weixin.qq.com/s?__biz=MzI3NjYzMDM1Mg==&mid=2247522002&idx=1&sn=873e1bfdf5c988f9b559733786cfa7ce&chksm=eb7048eddc07c1fb7225e466c76efcdf6e6a1c2632bf3cd10068ebec8ac9c6675090f5f94a2b&scene=58&subscene=0#rd) - - [ ] [诚邀渠道合作伙伴共启新征程](https://mp.weixin.qq.com/s?__biz=MzI3NjYzMDM1Mg==&mid=2247522002&idx=2&sn=c4d71fab7b6251cbfc896cacdff28134&chksm=eb7048eddc07c1fb82edefd16f8fb8288c55cb69ce8473939c2d858863e391e6d043a3bb7f89&scene=58&subscene=0#rd) + - [ ] [除夕团圆 蛇年大吉](https://mp.weixin.qq.com/s?__biz=MzA4MTg0MDQ4Nw==&mid=2247579255&idx=1&sn=0a04f442f719d80d0c02c0c756e5d97d&chksm=9f8d267fa8faaf6924f7c8ad2770d1096f234af45121b44e32d356c4927307496d4b4d06fb01&scene=58&subscene=0#rd) - Over Security - Cybersecurity news aggregator - - [ ] [How to switch off Apple Intelligence on your iPhone, iPad and Mac](https://techcrunch.com/2025/01/27/how-to-switch-off-apple-intelligence-on-your-iphone-ipad-and-mac/) - - [ ] [DeepSeek halts new signups amid "large-scale" cyberattack](https://www.bleepingcomputer.com/news/security/deepseek-halts-new-signups-amid-large-scale-cyberattack/) - - [ ] [Bitwarden makes it harder to hack password vaults without MFA](https://www.bleepingcomputer.com/news/security/bitwarden-makes-it-harder-to-hack-password-vaults-without-mfa/) - - [ ] [Microsoft: January Windows security updates break audio playback](https://www.bleepingcomputer.com/news/microsoft/microsoft-january-windows-security-updates-break-audio-playback/) - - [ ] [DeepSeek R1 Exposed: Security Flaws in China’s AI Model](https://www.kelacyber.com/blog/deepseek-r1-security-flaws/) - - [ ] [Hackers hijack emergency sirens in kindergartens across Israel](https://therecord.media/hackers-hijack-sirens-iran-israel) - - [ ] [Democrat members of US surveillance watchdog defy White House resignation request](https://therecord.media/democrat-pclob-members-defy-white-house-call-for-resignation) - - [ ] [Texas county issues disaster declaration following cyberattack](https://therecord.media/texas-county-disaster-declaration-cyberattack) - - [ ] [Apple fixes this year’s first actively exploited zero-day bug](https://www.bleepingcomputer.com/news/security/apple-fixes-this-years-first-actively-exploited-zero-day-bug/) - - [ ] [OpenAI rival DeepSeek limits registration after ‘large-scale malicious attacks’](https://therecord.media/deepseek-limits-registration-blames-malicious-attacks) - - [ ] [EU sanctions Russian GRU hackers for cyberattacks against Estonia](https://www.bleepingcomputer.com/news/security/eu-sanctions-russian-gru-hackers-for-cyberattacks-against-estonia/) - - [ ] [Brazil bans iris scan company co-founded by Sam Altman from paying citizens for biometric data](https://therecord.media/brazil-iris-scan-data-privacy-tools-for-humanity) - - [ ] [Windows 11 24H2 preview brings new taskbar features](https://www.bleepingcomputer.com/news/microsoft/windows-11-24h2-preview-brings-new-taskbar-features/) - - [ ] [Hackers steal $85 million worth of cryptocurrency from Phemex](https://www.bleepingcomputer.com/news/security/hackers-steal-85-million-worth-of-cryptocurrency-from-phemex/) - - [ ] [Microsoft Teams phishing attack alerts coming to everyone next month](https://www.bleepingcomputer.com/news/security/microsoft-teams-phishing-attack-alerts-coming-to-everyone-next-month/) - - [ ] [Ukraine denies involvement in cyberattack against Slovakia](https://therecord.media/ukraine-denies-cyberattack-involvement-slovakia) - - [ ] [Clone2Leak attacks exploit Git flaws to steal credentials](https://www.bleepingcomputer.com/news/security/clone2leak-attacks-exploit-git-flaws-to-steal-credentials/) - - [ ] [Is GDLockerSec Really Targeting AWS?](https://www.kelacyber.com/blog/is-gdlockersec-really-targeting-aws/) - - [ ] [Preventing Phishing Attacks, Before They Catch You Copy](https://www.kelacyber.com/blog/preventing-phishing-attacks-before-they-catch-you-copy/) - - [ ] [CISO 2025](https://www.certego.net/blog/ciso-2025-innovare-per-fronteggiare-le-nuove-minacce-alla-cybersecurity/) - - [ ] [IT Vulnerability Report: 7-Zip, Windows and Fortinet Fixes Urged by Cyble](https://cyble.com/blog/it-vulnerability-report-7-zip-windows-and-fortinet-fixes-urged-by-cyble/) - - [ ] [Info Sec Unplugged [12]: Datacenter Network](https://roccosicilia.com/2025/01/27/info-sec-unplugged-12-datacenter-network/) - - [ ] [Sweden seizes ship suspected of Baltic Sea cable sabotage](https://therecord.media/sweden-seizes-ship-suspected-cable-sabotage) - - [ ] [United Against Cybercrime: ASEAN Ministers Forge New Security Pathways](https://cyble.com/blog/united-against-cybercrime-asean-ministers-forge-new-security-pathways/) - - [ ] [Le implementazioni LTE e 5G soffrono di centinaia di vulnerabilità](https://www.securityinfo.it/2025/01/27/le-implementazioni-lte-e-5g-soffrono-di-centinaia-di-vulnerabilita/) - - [ ] [CERT-AGID 18 – 24 gennaio: una nuova campagna a tema INPS (e ancora Vidar)](https://www.securityinfo.it/2025/01/27/cert-agid-18-24-gennaio-una-nuova-campagna-a-tema-inps-e-ancora-vidar/) - - [ ] [Cobalt Strike and a Pair of SOCKS Lead to Lockbit Ransomware](https://thedfirreport.com/2025/01/27/cobalt-strike-and-a-pair-of-socks-lead-to-lockbit-ransomware/) -- 悬镜安全 - - [ ] [人物丨悬镜安全张弛:解密悬镜二进制SCA技术背后的黑客大佬](https://mp.weixin.qq.com/s?__biz=MzA3NzE2ODk1Mg==&mid=2647795566&idx=1&sn=359d23f656b50d3a85c021b1e616165b&chksm=8770af39b007262f20e4aa761d196adc461e89aca8fb0246ad44ed56d7d16a2574f73a5eecde&scene=58&subscene=0#rd) -- Securityinfo.it - - [ ] [Le implementazioni LTE e 5G soffrono di centinaia di vulnerabilità](https://www.securityinfo.it/2025/01/27/le-implementazioni-lte-e-5g-soffrono-di-centinaia-di-vulnerabilita/?utm_source=rss&utm_medium=rss&utm_campaign=le-implementazioni-lte-e-5g-soffrono-di-centinaia-di-vulnerabilita) - - [ ] [CERT-AGID 18 – 24 gennaio: una nuova campagna a tema INPS (e ancora Vidar)](https://www.securityinfo.it/2025/01/27/cert-agid-18-24-gennaio-una-nuova-campagna-a-tema-inps-e-ancora-vidar/?utm_source=rss&utm_medium=rss&utm_campaign=cert-agid-18-24-gennaio-una-nuova-campagna-a-tema-inps-e-ancora-vidar) + - [ ] [Sucuri WAF Now Supports HTTP/3: A Faster and More Secure Web Experience](https://blog.sucuri.net/2025/01/sucuri-waf-now-supports-http-3-a-faster-and-more-secure-web-experience.html) + - [ ] [Unmasking FleshStealer: A New Infostealer Threat in 2025](https://flashpoint.io/blog/fleshstealer-infostealer-threat-2025/) + - [ ] [Hackers exploiting flaws in SimpleHelp RMM to breach networks](https://www.bleepingcomputer.com/news/security/hackers-exploiting-flaws-in-simplehelp-rmm-to-breach-networks/) + - [ ] [Google to kill Chrome Sync on older Chrome browser versions](https://www.bleepingcomputer.com/news/google/google-to-kill-chrome-sync-on-older-chrome-browser-versions/) + - [ ] [Prosecutors say they can’t obtain murder conviction after judge throws out evidence from facial recognition match](https://therecord.media/prosecutors-cant-obtain-murder-conviction-after-judge-throws-out-facial-recognition-evidence) + - [ ] [Kali Linux On The New Modern WSL](https://www.kali.org/blog/kali-linux-modern-wsl/) + - [ ] [Ransomware attack kept major energy industry contractor out of some systems for 6 weeks](https://therecord.media/englobal-ransomware-attack-six-weeks-disruption) + - [ ] [Garmin GPS watches crashing, stuck in triangle 'reboot loop'](https://www.bleepingcomputer.com/news/technology/garmin-gps-watches-crashing-stuck-in-triangle-reboot-loop/) + - [ ] [New Apple CPU side-channel attacks steals data from browsers](https://www.bleepingcomputer.com/news/security/new-apple-cpu-side-channel-attack-steals-data-from-browsers/) + - [ ] [Engineering giant Smiths Group discloses security breach](https://www.bleepingcomputer.com/news/security/engineering-giant-smiths-group-discloses-security-breach/) + - [ ] [Apple fixes zero-day flaw affecting all devices](https://techcrunch.com/2025/01/28/apple-fixes-zero-day-flaw-affecting-all-devices/) + - [ ] [Signal will let you sync old messages when linking new devices](https://www.bleepingcomputer.com/news/security/signal-will-let-you-sync-old-messages-when-linking-new-devices/) + - [ ] [EU sanctions Russian intelligence personnel for cyberattacks against Estonia](https://therecord.media/eu-sanctions-gru-personnel-cyberattack-estonia) + - [ ] [What's Yours is Mine: Is Your Business Ready for Cryptojacking Attacks?](https://www.bleepingcomputer.com/news/security/whats-yours-is-mine-is-your-business-ready-for-cryptojacking-attacks/) + - [ ] [PowerSchool starts notifying victims of massive data breach](https://www.bleepingcomputer.com/news/security/powerschool-starts-notifying-victims-of-massive-data-breach/) + - [ ] [Texas utility firm investigating potential leak of customer data tied to 2023 MOVEit breach](https://therecord.media/texas-utility-firm-investigating-potential-data-leak-moveit-breach) + - [ ] [Microsoft tests Edge Scareware Blocker to block tech support scams](https://www.bleepingcomputer.com/news/microsoft/microsoft-tests-edge-scareware-blocker-to-block-tech-support-scams/) + - [ ] [I ransomware contro le appliance ESXi sfruttano il tunneling SSH per la persistenza](https://www.securityinfo.it/2025/01/28/i-ransomware-contro-le-appliance-esxi-sfruttano-il-tunneling-ssh-per-la-persistenza/) + - [ ] [BloodHound Community Edition Custom Queries](https://blog.compass-security.com/2025/01/bloodhound-community-edition-custom-queries/) + - [ ] [Critical Vulnerabilities in Node.js Expose Systems to Remote Attacks](https://cyble.com/blog/critical-vulnerabilities-in-node-js-expose-systems/) + - [ ] [How ANY.RUN Helps Healthcare Organizations Against Ransomware: Interlock Case Study](https://any.run/cybersecurity-blog/interlock-ransomware-attack-analysis/) + - [ ] [New TorNet backdoor seen in widespread campaign](https://blog.talosintelligence.com/new-tornet-backdoor-campaign/) + - [ ] [HeatGames - 647,896 breached accounts](https://haveibeenpwned.com/PwnedWebsites#HeatGames) + - [ ] [phpMyAdmin 5.2.2 Addresses Critical XSS and Library Vulnerabilities](https://cyble.com/blog/phpmyadmin-5-2-2-addresses-critical-xss-and-library/) + - [ ] [Doxbin Scrape - 435,784 breached accounts](https://haveibeenpwned.com/PwnedWebsites#DoxbinScrape) + - [ ] [A Tumultuous Week for Federal Cybersecurity Efforts](https://krebsonsecurity.com/2025/01/a-tumultuous-week-for-federal-cybersecurity-efforts/) +- 山石网科安全技术研究院 + - [ ] [除夕到,喜气绕,家家团圆乐逍遥!](https://mp.weixin.qq.com/s?__biz=MzUzMDUxNTE1Mw==&mid=2247510299&idx=1&sn=e07f4498e637187f6603f941448a5e71&chksm=fa527ca5cd25f5b36ae7505447b8bda768e86084936228fe43918ce274acfa3d23c2fb7f0a1c&scene=58&subscene=0#rd) - Qualys Security Blog - - [ ] [Unlock the Boardroom with Cyber Risk: How the Qualys Enterprise TruRisk™ Platform Empowers CISOs](https://blog.qualys.com/category/product-tech) -- 漏洞战争 - - [ ] [学历赋](https://mp.weixin.qq.com/s?__biz=MzU0MzgzNTU0Mw==&mid=2247485935&idx=1&sn=c9ad7ddf99eb58464e3f86507a44ea7a&chksm=fb041d17cc73940154677fad437801a70ad48959c1dd49fdcb52af2495a7018c01c509eb433a&scene=58&subscene=0#rd) -- IT Service Management News - - [ ] [Linee guida (in bozza!) EDPB sulla pseudonimizzazione](http://blog.cesaregallotti.it/2025/01/linee-guida-in-bozza-edpb-sulla.html) - - [ ] [Regolamento sullo spazio europeo dei dati sanitari (EHDS)](http://blog.cesaregallotti.it/2025/01/regolamento-sullo-spazio-europeo-dei.html) -- NETRESEC Network Security Blog - - [ ] [Blocking Malicious sites with a TLS Firewall](https://www.netresec.com/?page=Blog&month=2025-01&post=Blocking-Malicious-sites-with-a-TLS-Firewall) -- Hacking Exposed Computer Forensics Blog - - [ ] [Daily Blog #730: Sunday Funday 1/26/25](https://www.hecfblog.com/2025/01/daily-blog-730-sunday-funday-12625.html) -- Schneier on Security - - [ ] [New VPN Backdoor](https://www.schneier.com/blog/archives/2025/01/new-vpn-backdoor.html) + - [ ] [Securing AI Innovation: Enterprise Strategies for LLM and Generative AI Security](https://blog.qualys.com/category/product-tech) +- Krypt3ia + - [ ] [Krypt3ia Daily Cyber Threat Intelligence (CTI) Digest](https://krypt3ia.wordpress.com/2025/01/28/krypt3ia-daily-cyber-threat-intelligence-cti-digest-4/) +- bellingcat + - [ ] [Faking It: Deepfake Porn Site’s Link to Tech Companies](https://www.bellingcat.com/news/uk-and-europe/2025/01/28/deepfake-porn-sites-link-to-tech-companies/) +- 娜璋AI安全之家 + - [ ] [[AI安全论文] (37)CCS21 DeepAID:基于深度学习的异常检测(解释)](https://mp.weixin.qq.com/s?__biz=Mzg5MTM5ODU2Mg==&mid=2247501274&idx=1&sn=66f331dcd21faf0af18d06e3f0efd75a&chksm=cfcf7517f8b8fc01a40567b8eba774d42edbb3f9fbac3a602848850fc7388186c7e1d3e5aefe&scene=58&subscene=0#rd) - T00ls安全 - - [ ] [T00ls“喜庆2025”网络安全文章征集活动投票结果公告](https://mp.weixin.qq.com/s?__biz=Mzg3NzYzODU5NQ==&mid=2247484906&idx=1&sn=572ea62012da59778ab11cdb9083e223&chksm=cf1ea346f8692a502f73bd6de98d79b44e488978e6c92e828f5eec688593ee767b4a5adeb8ee&scene=58&subscene=0#rd) + - [ ] [T00ls给您拜年了,祝福大家2025新春快乐,蛇行智敏,万事皆成](https://mp.weixin.qq.com/s?__biz=Mzg3NzYzODU5NQ==&mid=2247484913&idx=1&sn=c0718fb9edf9d2d38143583821a8a591&chksm=cf1ea35df8692a4b0e85b1e99543e79ce895ddc90e98811c9da8eb822d6256dfe62c7c83fb6d&scene=58&subscene=0#rd) +- Securityinfo.it + - [ ] [I ransomware contro le appliance ESXi sfruttano il tunneling SSH per la persistenza](https://www.securityinfo.it/2025/01/28/i-ransomware-contro-le-appliance-esxi-sfruttano-il-tunneling-ssh-per-la-persistenza/?utm_source=rss&utm_medium=rss&utm_campaign=i-ransomware-contro-le-appliance-esxi-sfruttano-il-tunneling-ssh-per-la-persistenza) - SANS Internet Storm Center, InfoCON: green - - [ ] [An unusual "shy z-wasp" phishing, (Mon, Jan 27th)](https://isc.sans.edu/diary/rss/31626) - - [ ] [ISC Stormcast For Monday, January 27th, 2025 https://isc.sans.edu/podcastdetail/9296, (Mon, Jan 27th)](https://isc.sans.edu/diary/rss/31624) -- Deeplinks - - [ ] [It's Copyright Week 2025: Join Us in the Fight for Better Copyright Law and Policy](https://www.eff.org/deeplinks/2025/01/its-copyright-week-2025-join-us-fight-better-copyright-law-and-policy) + - [ ] [Fileless Python InfoStealer Targeting Exodus, (Tue, Jan 28th)](https://isc.sans.edu/diary/rss/31630) + - [ ] [ISC Stormcast For Tuesday, January 28th, 2025 https://isc.sans.edu/podcastdetail/9298, (Tue, Jan 28th)](https://isc.sans.edu/diary/rss/31628) +- Hacking Exposed Computer Forensics Blog + - [ ] [Daily Blog #731: Accessing multiple shadow copies at once with AIM](https://www.hecfblog.com/2025/01/daily-blog-731-accessing-multiple.html) +- Have I Been Pwned latest breaches + - [ ] [HeatGames - 647,896 breached accounts](https://haveibeenpwned.com/PwnedWebsites#HeatGames) + - [ ] [Doxbin Scrape - 435,784 breached accounts](https://haveibeenpwned.com/PwnedWebsites#DoxbinScrape) +- 迪哥讲事 + - [ ] [0day 挖到手软,403 到 getshell](https://mp.weixin.qq.com/s?__biz=MzIzMTIzNTM0MA==&mid=2247496966&idx=1&sn=c49dbe1213cb5a1afa836901e2c13038&chksm=e8a5ff65dfd27673a9c0d7fdd99094847b291a7b8434f16f408af60943322f7ba539d1f82082&scene=58&subscene=0#rd) +- Schneier on Security + - [ ] [CISA Under Trump](https://www.schneier.com/blog/archives/2025/01/cisa-under-trump.html) +- Kali Linux + - [ ] [Kali Linux On The New Modern WSL](https://www.kali.org/blog/kali-linux-modern-wsl/) +- ICT Security Magazine + - [ ] [Generative Artificial Intelligence (GenAI): Analisi completa di rischi, sicurezza e governance dei sistemi AI](https://www.ictsecuritymagazine.com/articoli/genai/) + - [ ] [Fast Data: l’evoluzione dei Big Data verso l’Analisi in Tempo Reale](https://www.ictsecuritymagazine.com/articoli/fast-data-big-data/) - The Register - Security - - [ ] [US freezes foreign aid, halting cybersecurity defense and policy funds for allies](https://go.theregister.com/feed/www.theregister.com/2025/01/27/us_state_department_freezes_cyber_aid/) - - [ ] [DeepSeek limits new accounts amid cyberattack](https://go.theregister.com/feed/www.theregister.com/2025/01/27/deepseek_suspends_new_registrations_amid/) - - [ ] [Google takes action after coder reports 'most sophisticated attack I've ever seen'](https://go.theregister.com/feed/www.theregister.com/2025/01/27/google_confirms_action_taken_to/) - - [ ] [Sweden seizes cargo ship after another undersea cable hit in suspected sabotage](https://go.theregister.com/feed/www.theregister.com/2025/01/27/sweden_seizes_ship/) - - [ ] [CDNs: Great for speeding up the internet, bad for location privacy](https://go.theregister.com/feed/www.theregister.com/2025/01/27/cloudflare_cdn_location_data/) - - [ ] [British Museum says ex-contractor 'shut down' IT systems, wreaked havoc](https://go.theregister.com/feed/www.theregister.com/2025/01/27/contractor_trespass_british_museum/) + - [ ] [Baguette bandits strike again with ransomware and a side of mockery](https://go.theregister.com/feed/www.theregister.com/2025/01/28/baguettes_bandits_strike_again/) + - [ ] [Protecting AWS environments from cyberthreats](https://go.theregister.com/feed/www.theregister.com/2025/01/28/protecting_aws_environments_from_cyberthreats/) + - [ ] [Security pros more confident about fending off ransomware, despite being battered by attacks](https://go.theregister.com/feed/www.theregister.com/2025/01/28/research_security_pros_gain_ransomware/) + - [ ] [Apple plugs security hole in its iThings that's already been exploited in iOS](https://go.theregister.com/feed/www.theregister.com/2025/01/28/apple_cve_2025_24085/) +- Graham Cluley + - [ ] [The AI Fix #35: Project Stargate, the AI emergency, and batsh*t AI cryonics](https://grahamcluley.com/the-ai-fix-35/) - TorrentFreak - - [ ] [U.S. Anti-Piracy Symposium Emphazises Need for Site Blocking](https://torrentfreak.com/u-s-anti-piracy-symposium-emphazises-site-blocking-250127/) - - [ ] [Pirates Surprise as Oscar-Nominated Movie Screeners Leak Online Again](https://torrentfreak.com/piracy-surprise-as-oscar-nominated-movie-screeners-leak-online-again-250127/) -- Instapaper: Unread - - [ ] [Guerre di Rete - Ulbricht, come si è arrivati alla liberazione del fondatore di Silk Road](https://guerredirete.substack.com/p/guerre-di-rete-ulbricht-come-si-e) -- Your Open Hacker Community - - [ ] [Help.](https://www.reddit.com/r/HowToHack/comments/1ibkihi/help/) - - [ ] [BUILD FOR HACKING](https://www.reddit.com/r/HowToHack/comments/1ibgyos/build_for_hacking/) - - [ ] [I need the backend code of a site that's shutting down](https://www.reddit.com/r/HowToHack/comments/1ibkvnv/i_need_the_backend_code_of_a_site_thats_shutting/) - - [ ] [Your experience learning programming for hacking purposes?](https://www.reddit.com/r/HowToHack/comments/1ib9mau/your_experience_learning_programming_for_hacking/) - - [ ] [Help!](https://www.reddit.com/r/HowToHack/comments/1ibi4xi/help/) - - [ ] [Stupid questions about functions hooking](https://www.reddit.com/r/HowToHack/comments/1ibeaa3/stupid_questions_about_functions_hooking/) - - [ ] [Find Person Behind Instagram Fake Account](https://www.reddit.com/r/HowToHack/comments/1ibjf8w/find_person_behind_instagram_fake_account/) - - [ ] [Tips on beating the first to register](https://www.reddit.com/r/HowToHack/comments/1ibbnr4/tips_on_beating_the_first_to_register/) - - [ ] [Plz help](https://www.reddit.com/r/HowToHack/comments/1ibe8th/plz_help/) - - [ ] [Getting started](https://www.reddit.com/r/HowToHack/comments/1ib1gys/getting_started/) - - [ ] [I'm being spied through my personal phone](https://www.reddit.com/r/HowToHack/comments/1ib7ovq/im_being_spied_through_my_personal_phone/) - - [ ] [Help](https://www.reddit.com/r/HowToHack/comments/1ib724a/help/) - - [ ] [Vladimir and George hacking](https://www.reddit.com/r/HowToHack/comments/1ib1gpv/vladimir_and_george_hacking/) - - [ ] [How do you hack the YouTube algorithm. I’m looking for a step by step guide because I’ve never hacked anything or even tried in my life.](https://www.reddit.com/r/HowToHack/comments/1ib0sq7/how_do_you_hack_the_youtube_algorithm_im_looking/) - - [ ] [What dark web website are good for hacking](https://www.reddit.com/r/HowToHack/comments/1ib0kaq/what_dark_web_website_are_good_for_hacking/) -- Information Security - - [ ] [Infosec analysis on software installation request](https://www.reddit.com/r/Information_Security/comments/1ib5xhx/infosec_analysis_on_software_installation_request/) -- The Hacker News - - [ ] [GitHub Desktop Vulnerability Risks Credential Leaks via Malicious Remote URLs](https://thehackernews.com/2025/01/github-desktop-vulnerability-risks.html) - - [ ] [⚡ THN Weekly Recap: Top Cybersecurity Threats, Tools and Tips [27 January]](https://thehackernews.com/2025/01/thn-weekly-recap-top-cybersecurity_27.html) - - [ ] [Do We Really Need The OWASP NHI Top 10?](https://thehackernews.com/2025/01/do-we-really-need-owasp-nhi-top-10.html) - - [ ] [GamaCopy Mimics Gamaredon Tactics in Cyber Espionage Targeting Russian Entities](https://thehackernews.com/2025/01/gamacopy-mimics-gamaredon-tactics-in.html) - - [ ] [MintsLoader Delivers StealC Malware and BOINC in Targeted Cyber Attacks](https://thehackernews.com/2025/01/mintsloader-delivers-stealc-malware-and.html) + - [ ] [Nintendo Piracy Lawsuit Defendant Makes Dire Situation Even Worse](https://torrentfreak.com/nintendo-piracy-lawsuit-defendant-makes-dire-situation-even-worse-250128/) + - [ ] [LLM Taken Down Following Legal Pressure from Anti-Piracy Group](https://torrentfreak.com/llm-taken-down-following-legal-pressure-from-anti-piracy-group-250128/) +- Deeplinks + - [ ] [EFF to State AGs: Time to Investigate Crisis Pregnancy Centers](https://www.eff.org/deeplinks/2025/01/eff-state-ags-time-investigate-crisis-pregnancy-centers) + - [ ] [What Proponents of Digital Replica Laws Can Learn from the Digital Millennium Copyright Act](https://www.eff.org/deeplinks/2025/01/what-proponents-digital-replica-laws-can-learn-digital-millennium-copyright-act) + - [ ] [California Law Enforcement Misused State Databases More Than 7,000 Times in 2023](https://www.eff.org/deeplinks/2025/01/california-police-misused-state-databases-more-7000-times-2023) + - [ ] [Don't Make Copyright Law in Smoke-Filled Rooms](https://www.eff.org/deeplinks/2025/01/dont-make-copyright-law-smoke-filled-rooms) - Deep Web - - [ ] [Ever heard of spiritual manipulation?](https://www.reddit.com/r/deepweb/comments/1ibo2jo/ever_heard_of_spiritual_manipulation/) -- Graham Cluley - - [ ] [Hacked buses blare out patriotic pro-European anthems in Tbilisi, attack government](https://www.bitdefender.com/en-us/blog/hotforsecurity/hacked-buses-blare-out-patriotic-pro-european-anthems-in-tbilisi-attack-government) + - [ ] [How common was this?](https://www.reddit.com/r/deepweb/comments/1ic3t3w/how_common_was_this/) +- Krebs on Security + - [ ] [A Tumultuous Week for Federal Cybersecurity Efforts](https://krebsonsecurity.com/2025/01/a-tumultuous-week-for-federal-cybersecurity-efforts/) - Social Engineering - - [ ] [Conspiracy Theories are for Opportunists](https://www.reddit.com/r/SocialEngineering/comments/1ibboak/conspiracy_theories_are_for_opportunists/) + - [ ] [How to avoid telling people my age.](https://www.reddit.com/r/SocialEngineering/comments/1ibtmw0/how_to_avoid_telling_people_my_age/) + - [ ] [Conspiracy Theories are for Opportunists](https://www.reddit.com/r/SocialEngineering/comments/1ic9i2a/conspiracy_theories_are_for_opportunists/) + - [ ] [How this can be dealt with social engineering](https://www.reddit.com/r/SocialEngineering/comments/1ibxr83/how_this_can_be_dealt_with_social_engineering/) +- The Hacker News + - [ ] [PureCrypter Deploys Agent Tesla and New TorNet Backdoor in Ongoing Cyberattacks](https://thehackernews.com/2025/01/purecrypter-deploys-agent-tesla-and-new.html) + - [ ] [OAuth Redirect Flaw in Airline Travel Integration Exposes Millions to Account Hijacking](https://thehackernews.com/2025/01/oauth-redirect-flaw-in-airline-travel.html) + - [ ] [AI SOC Analysts: Propelling SecOps into the future](https://thehackernews.com/2025/01/ai-soc-analysts-propelling-secops-into.html) + - [ ] [Ransomware Targets ESXi Systems via Stealthy SSH Tunnels for C2 Operations](https://thehackernews.com/2025/01/ransomware-targets-esxi-systems-via.html) + - [ ] [How Long Does It Take Hackers to Crack Modern Hashing Algorithms?](https://thehackernews.com/2025/01/how-long-does-it-take-hackers-to-crack.html) + - [ ] [Top-Rated Chinese AI App DeepSeek Limits Registrations Amid Cyberattacks](https://thehackernews.com/2025/01/top-rated-chinese-ai-app-deepseek.html) + - [ ] [E.U. Sanctions 3 Russian Nationals for Cyber Attacks Targeting Estonia’s Key Ministries](https://thehackernews.com/2025/01/eu-sanctions-3-russian-nationals-for.html) + - [ ] [Apple Patches Actively Exploited Zero-Day Affecting iPhones, Macs, and More](https://thehackernews.com/2025/01/apple-patches-actively-exploited-zero.html) - Security Affairs - - [ ] [Apple fixed the first actively exploited zero-day of 2025](https://securityaffairs.com/173536/hacking/apple-fixed-the-first-zero-day-vulnerability-of-2025.html) - - [ ] [TalkTalk confirms data breach involving a third-party platform](https://securityaffairs.com/173526/cyber-crime/talktalk-confirms-data-breach.html) - - [ ] [Multiple Git flaws led to credentials compromise](https://securityaffairs.com/173520/security/multiple-git-flaws-led-to-credentials-compromise.html) - - [ ] [GamaCopy targets Russia mimicking Russia-linked Gamaredon APT](https://securityaffairs.com/173501/apt/gamacopy-mimics-russia-linked-gamaredon-apt.html) - - [ ] [ESXi ransomware attacks use SSH tunnels to avoid detection](https://securityaffairs.com/173487/cyber-crime/esxi-ransomware-attacks-use-ssh-tunnels-to-avoid-detection.html) - - [ ] [Attackers allegedly stole $69 million from cryptocurrency platform Phemex](https://securityaffairs.com/173478/digital-id/cryptocurrency-platform-phemex-cyber-heist.html) -- Computer Forensics - - [ ] [eCDFP 30 days plan](https://www.reddit.com/r/computerforensics/comments/1ibb6ij/ecdfp_30_days_plan/) - - [ ] [Top digital forensics conferences in 2025](https://www.reddit.com/r/computerforensics/comments/1ib179q/top_digital_forensics_conferences_in_2025/) + - [ ] [VMware fixed a flaw in Avi Load Balancer](https://securityaffairs.com/173569/security/vmware-fixed-avi-load-balancer-flaw.html) + - [ ] [Ransomware attack on ENGlobal compromised personal information](https://securityaffairs.com/173566/cyber-crime/englobal-disclosed-a-ransomware-attack.html) + - [ ] [EU announced sanctions on three members of Russia’s GRU Unit 29155](https://securityaffairs.com/173555/security/eu-sanctions-russias-gru-unit-29155.html) + - [ ] [Chinese AI platform DeepSeek faced a “large-scale” cyberattack](https://securityaffairs.com/173546/security/chinese-ai-platform-deepseek-faced-a-large-scale-cyberattack.html) +- Palo Alto Networks Blog + - [ ] [C-Suite Leaders Embrace Platformization for Security Success](https://www.paloaltonetworks.com/blog/2025/01/growing-need-cybersecurity-platformization/) - Technical Information Security Content & Discussion - - [ ] [Get FortiRekt, I am the Super_Admin Now - FortiOS Authentication Bypass CVE-2024-55591 - watchTowr Labs](https://www.reddit.com/r/netsec/comments/1ibfmeo/get_fortirekt_i_am_the_super_admin_now_fortios/) - - [ ] [New way to exploit BYOVD exploits with symbolic links.](https://www.reddit.com/r/netsec/comments/1ib3nnm/new_way_to_exploit_byovd_exploits_with_symbolic/) + - [ ] [Single QR Code, Two Different URLs](https://www.reddit.com/r/netsec/comments/1ic8mmx/single_qr_code_two_different_urls/) + - [ ] [A Missed Opportunity: Weak Password Hashing in VxWorks 6.9 and 7](https://www.reddit.com/r/netsec/comments/1ibxbp1/a_missed_opportunity_weak_password_hashing_in/) + - [ ] [Using AiTM to phish for access- and refreshtokens](https://www.reddit.com/r/netsec/comments/1ic2mc4/using_aitm_to_phish_for_access_and_refreshtokens/) +- Instapaper: Unread + - [ ] [Exterro Launches INFORM A Ground-Breaking Global Webinar Series To Advance Digital Forensics](https://www.forensicfocus.com/news/exterro-launches-inform-a-ground-breaking-global-webinar-series-to-advance-digital-forensics/) + - [ ] [Being a tool while using a tool](https://www.hexacorn.com/blog/2025/01/25/being-a-tool-while-using-a-tool/) + - [ ] [Android's New Identity Check Feature Locks Device Settings Outside Trusted Locations](https://thehackernews.com/2025/01/androids-new-identity-check-feature.html) + - [ ] [USB Army Knife The Ultimate Close Access Penetest Tool](https://www.mobile-hacker.com/2025/01/24/usb-army-knife-the-ultimate-close-access-penetest-tool/) +- Full Disclosure + - [ ] [APPLE-SA-01-27-2025-9 Safari 18.3](https://seclists.org/fulldisclosure/2025/Jan/20) + - [ ] [APPLE-SA-01-27-2025-8 tvOS 18.3](https://seclists.org/fulldisclosure/2025/Jan/19) + - [ ] [APPLE-SA-01-27-2025-7 watchOS 11.3](https://seclists.org/fulldisclosure/2025/Jan/18) + - [ ] [APPLE-SA-01-27-2025-6 macOS Ventura 13.7.3](https://seclists.org/fulldisclosure/2025/Jan/17) + - [ ] [APPLE-SA-01-27-2025-5 macOS Sonoma 14.7.3](https://seclists.org/fulldisclosure/2025/Jan/16) + - [ ] [APPLE-SA-01-27-2025-4 macOS Sequoia 15.3](https://seclists.org/fulldisclosure/2025/Jan/15) + - [ ] [APPLE-SA-01-27-2025-3 iPadOS 17.7.4](https://seclists.org/fulldisclosure/2025/Jan/14) + - [ ] [APPLE-SA-01-27-2025-2 iOS 18.3 and iPadOS 18.3](https://seclists.org/fulldisclosure/2025/Jan/13) + - [ ] [APPLE-SA-01-27-2025-1 visionOS 2.3](https://seclists.org/fulldisclosure/2025/Jan/12) + - [ ] [AutoLib Software Systems OPAC Version.20.10 | Exposure of Sensitive Information | CVE-2024-48310](https://seclists.org/fulldisclosure/2025/Jan/11) + - [ ] [SEC Consult SA-20250127-0 :: Weak Password Hashing Algorithms in Wind River Software VxWorks RTOS](https://seclists.org/fulldisclosure/2025/Jan/10) + - [ ] [Host Header Injection - atutorv2.2.4](https://seclists.org/fulldisclosure/2025/Jan/9) + - [ ] [Reflected XSS - atutorv2.2.4](https://seclists.org/fulldisclosure/2025/Jan/8) +- Information Security + - [ ] [Alert: A recruiter tried to hack me!!](https://www.reddit.com/r/Information_Security/comments/1icazu3/alert_a_recruiter_tried_to_hack_me/) +- netsecstudents: Subreddit for students studying Network Security and its related subjects + - [ ] [WGU vs KU vs Certs, Advice](https://www.reddit.com/r/netsecstudents/comments/1ibpt0b/wgu_vs_ku_vs_certs_advice/) +- Blackhat Library: Hacking techniques and research + - [ ] [Tails/Encrypted Coms](https://www.reddit.com/r/blackhat/comments/1icc3nu/tailsencrypted_coms/) +- Computer Forensics + - [ ] [Forensic sofwtare licensing question - key fobs - sanderson sqlite, elcomsoft forensic toolkit](https://www.reddit.com/r/computerforensics/comments/1icapio/forensic_sofwtare_licensing_question_key_fobs/) + - [ ] [Where does Autopsy store my own keywords?](https://www.reddit.com/r/computerforensics/comments/1icfrt8/where_does_autopsy_store_my_own_keywords/) + - [ ] [Is this how digital forensic recovery of deleted instant messages works?](https://www.reddit.com/r/computerforensics/comments/1ibw3bh/is_this_how_digital_forensic_recovery_of_deleted/) + - [ ] [Recovering deleted messages with an FFS and unallocated space](https://www.reddit.com/r/computerforensics/comments/1ibwhuu/recovering_deleted_messages_with_an_ffs_and/) + - [ ] [MacOS hardware encrypted volume](https://www.reddit.com/r/computerforensics/comments/1ic16ij/macos_hardware_encrypted_volume/) +- Your Open Hacker Community + - [ ] [Reverse engineering Xbox One Controller USB communication protocol.](https://www.reddit.com/r/HowToHack/comments/1icc6sw/reverse_engineering_xbox_one_controller_usb/) + - [ ] [best wordlist/rules attacks for pkmid+eapol](https://www.reddit.com/r/HowToHack/comments/1iccsq1/best_wordlistrules_attacks_for_pkmideapol/) + - [ ] [Can finding /etc/passwd file of a site be counted as a vulnerability?](https://www.reddit.com/r/HowToHack/comments/1ic5gm0/can_finding_etcpasswd_file_of_a_site_be_counted/) + - [ ] [Decrypt PPPoE password from config](https://www.reddit.com/r/HowToHack/comments/1icczi6/decrypt_pppoe_password_from_config/) + - [ ] [Huawei EG8145V5 GPON router password](https://www.reddit.com/r/HowToHack/comments/1ic9c76/huawei_eg8145v5_gpon_router_password/) + - [ ] [Advanced learning](https://www.reddit.com/r/HowToHack/comments/1ibxexn/advanced_learning/) + - [ ] [Is little but consistent study enough?](https://www.reddit.com/r/HowToHack/comments/1ibq381/is_little_but_consistent_study_enough/) + - [ ] [How to get the first job?](https://www.reddit.com/r/HowToHack/comments/1ibu8nd/how_to_get_the_first_job/) + - [ ] [some questions from someone interested](https://www.reddit.com/r/HowToHack/comments/1ibtrxe/some_questions_from_someone_interested/) + - [ ] [noob questions 1:](https://www.reddit.com/r/HowToHack/comments/1ibq10e/noob_questions_1/) + - [ ] [VMWARE OR VIRTUALBOX?](https://www.reddit.com/r/HowToHack/comments/1ic2h2w/vmware_or_virtualbox/) + - [ ] [my ig account was hacked and i need to hack back into it 😭 can someone help](https://www.reddit.com/r/HowToHack/comments/1ic1izl/my_ig_account_was_hacked_and_i_need_to_hack_back/) + - [ ] [how to find people on other websites?](https://www.reddit.com/r/HowToHack/comments/1ibziyg/how_to_find_people_on_other_websites/) + - [ ] [Is there a way to recover hacked facebook account, basically I don't have any acces to that account](https://www.reddit.com/r/HowToHack/comments/1ibqxfs/is_there_a_way_to_recover_hacked_facebook_account/) + - [ ] [My parents block me from the internet](https://www.reddit.com/r/HowToHack/comments/1ibqk2x/my_parents_block_me_from_the_internet/) - Security Weekly Podcast Network (Audio) - - [ ] [AI Red Teaming Comes to Bug Bounties - Francis Dinha, Michiel Prins - ESW #391](http://sites.libsyn.com/18678/ai-red-teaming-comes-to-bug-bounties-francis-dinha-michiel-prins-esw-391) + - [ ] [DeepSeek, AIDs, Sex Crime, Microsoft, PayPal, GetHub, Joshua Marpet and More - SWN #446](http://sites.libsyn.com/18678/deepseek-aids-sex-crime-microsoft-paypal-gethub-joshua-marpet-and-more-swn-446) + - [ ] [Security the AI SDLC - Niv Braun - ASW #315](http://sites.libsyn.com/18678/security-the-ai-sdlc-niv-braun-asw-315) +- Daniel Miessler + - [ ] [AI's Total Addressable Market](https://danielmiessler.com/blog/ai-tam) From f928ba0aa18c9006619a0ee5c8970c23afad9ead Mon Sep 17 00:00:00 2001 From: chainreactorbot Date: Thu, 30 Jan 2025 02:43:49 +0000 Subject: [PATCH 23/29] =?UTF-8?q?=E6=AF=8F=E6=97=A5=E5=AE=89=E5=85=A8?= =?UTF-8?q?=E8=B5=84=E8=AE=AF=EF=BC=882025-01-30=EF=BC=89?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- archive/daily/2025/2025-01-30.md | 417 ++++++++++++++++++ archive/tmp/2025-01-30.json | 482 +++++++++++++++++++++ today.md | 699 +++++++++++++++++-------------- 3 files changed, 1292 insertions(+), 306 deletions(-) create mode 100644 archive/daily/2025/2025-01-30.md create mode 100644 archive/tmp/2025-01-30.json diff --git a/archive/daily/2025/2025-01-30.md b/archive/daily/2025/2025-01-30.md new file mode 100644 index 0000000000..7a275ab1ad --- /dev/null +++ b/archive/daily/2025/2025-01-30.md @@ -0,0 +1,417 @@ +# 每日安全资讯(2025-01-30) + +- SecWiki News + - [ ] [SecWiki News 2025-01-29 Review](http://www.sec-wiki.com/?2025-01-29) +- CXSECURITY Database RSS Feed - CXSecurity.com + - [ ] [OpenPanel 0.3.4 Command Injection](https://cxsecurity.com/issue/WLB-2025010034) + - [ ] [MySchool System - Multiple Vulnerabilities](https://cxsecurity.com/issue/WLB-2025010033) + - [ ] [NEXT-EMP v1.0-Copyright © 2024. All rights reserved. File Upload-FU and Remote Code Execution-RCE](https://cxsecurity.com/issue/WLB-2025010032) +- Security Boulevard + - [ ] [Alibaba’s Qwen 2.5-Max: The AI Marathoner Outpacing DeepSeek and Catching OpenAI’s Shadow](https://securityboulevard.com/2025/01/alibabas-qwen-2-5-max-the-ai-marathoner-outpacing-deepseek-and-catching-openais-shadow/) + - [ ] [Introducing WAF Rule Tester: Test with Confidence, Deploy without Fear | Impart Security](https://securityboulevard.com/2025/01/introducing-waf-rule-tester-test-with-confidence-deploy-without-fear-impart-security/) + - [ ] [DEF CON 32 – Tough Adversary Don’t Blame Sun Tzu](https://securityboulevard.com/2025/01/def-con-32-tough-adversary-dont-blame-sun-tzu/) + - [ ] [The OWASP NHI Top 10 and AI risk: What you need to know](https://securityboulevard.com/2025/01/the-owasp-nhi-top-10-and-ai-risk-what-you-need-to-know/) + - [ ] [API Security Is At the Center of OpenAI vs. DeepSeek Allegations](https://securityboulevard.com/2025/01/api-security-is-at-the-center-of-openai-vs-deepseek-allegations/) + - [ ] [Randall Munroe’s XKCD ‘Muons’](https://securityboulevard.com/2025/01/randall-munroes-xkcd-muons/) + - [ ] [SLAP/FLOP: Apple Silicon’s ‘Son of Spectre’ Critical Flaws](https://securityboulevard.com/2025/01/slap-flop-apple-silicon-richixbw/) + - [ ] [Our Digital Footprints are Breadcrumbs for Mapping our Personal Behavior](https://securityboulevard.com/2025/01/our-digital-footprints-are-breadcrumbs-for-mapping-our-personal-behavior/) + - [ ] [How to Find Old Accounts for Deletion](https://securityboulevard.com/2025/01/how-to-find-old-accounts-for-deletion/) + - [ ] [Codefinger Ransomware: Detection and Mitigation Using MixMode](https://securityboulevard.com/2025/01/codefinger-ransomware-detection-and-mitigation-using-mixmode/) +- Doonsec's feed + - [ ] [青萍安全祝大家新年快乐!!!](https://mp.weixin.qq.com/s?__biz=MzkxMzY0MzAxMw==&mid=2247487278&idx=1&sn=78ec559025c718883b9f1b1f674ba5f5) + - [ ] [仅此一次,春节七折嗷!](https://mp.weixin.qq.com/s?__biz=MzkyNTUyNTE5OA==&mid=2247486501&idx=1&sn=51fe604005374bcbfff2b9f235d97286) + - [ ] [[收费公开课] 前后端分离渗透和三个突破口](https://mp.weixin.qq.com/s?__biz=MzkyNTUyNTE5OA==&mid=2247486501&idx=2&sn=303abdda447ab10baa18016a0ae9460a) + - [ ] [原创工具|Venom-JWT渗透工具 - 针对JWT漏洞和密钥爆破服务渗透测试](https://mp.weixin.qq.com/s?__biz=Mzk0ODc1MjYyNA==&mid=2247483866&idx=1&sn=b4a7b1a90b8624e68c8e4106eccd2de9) + - [ ] [大年初一,巳巳如意!](https://mp.weixin.qq.com/s?__biz=MzkzMjQ4NTQwNw==&mid=2247483835&idx=1&sn=b593aa19e5825e5a2c3f5e1fd7546734) + - [ ] [[注意保密] 新年红包雨:领取 1888$ 年度极致福利](https://mp.weixin.qq.com/s?__biz=MzkwODI1ODgzOA==&mid=2247506610&idx=1&sn=891e78f2c8c413caa518b343114d9503) + - [ ] [黑客组织Handala宣称攻破以色列国安系统 4TB机密数据遭泄露](https://mp.weixin.qq.com/s?__biz=MzkzNDIzNDUxOQ==&mid=2247494609&idx=1&sn=10c34cea93492cfefbb71eea5f87901a) + - [ ] [Urkc安全红包封面上线啦!](https://mp.weixin.qq.com/s?__biz=MzkxNTU5NTI1Ng==&mid=2247487269&idx=1&sn=0d4c70352cf47f5360f202a395b166b6) + - [ ] [【实操】利用Deepseek传承和弘扬传统文化](https://mp.weixin.qq.com/s?__biz=MzI2MTE0NTE3Mw==&mid=2651148736&idx=1&sn=39a0df253f09d26a6151599d1e8bfb20) + - [ ] [【培训】Osint开源情报练习 #002](https://mp.weixin.qq.com/s?__biz=MzI2MTE0NTE3Mw==&mid=2651148736&idx=2&sn=ebee4c79a769e10968179969c634d83a) + - [ ] [AISS大模型安全社区-2025 Roadmap](https://mp.weixin.qq.com/s?__biz=MzkyMTI0NjA3OA==&mid=2247494053&idx=1&sn=6449e25c9c3754c833fdd7ba5435ad70) + - [ ] [2025新春致谢 | 金蛇纳福启新程](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458589299&idx=1&sn=5e38768a37484f2f38cd5b8da65a095b) + - [ ] [Windows 11 24H2 上的进程镂空技术](https://mp.weixin.qq.com/s?__biz=MzAxODM5ODQzNQ==&mid=2247486790&idx=1&sn=c0d73c1ebaa8ed6fd5ec7a87a43b25eb) + - [ ] [德国数据保护机构《标准数据保护模式》中译文](https://mp.weixin.qq.com/s?__biz=MzIxODM0NDU4MQ==&mid=2247506191&idx=1&sn=5c306df3d480ebc5a37d4e207d432f24) + - [ ] [新年零食大礼包抽奖开奖](https://mp.weixin.qq.com/s?__biz=Mzg4NDg2NTM3NQ==&mid=2247484712&idx=1&sn=fd70a0465dbf9e30c615379a6bdda89d) + - [ ] [【卫星图像】金正恩考察朝鲜核物质生产基地和核武器研究所](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650559318&idx=1&sn=f93bc65cb4cf2587b134129cbdca5205) + - [ ] [美日韩“抱团”:三国首次会谈聚焦朝鲜核威胁](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650559318&idx=2&sn=eef1bccee4db52de82349056e07e8aca) + - [ ] [致情报分析师公众号全体粉丝](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650559318&idx=3&sn=be997ee6361433a289ec6c156aca06a7) + - [ ] [Ghosten Player:全平台视频播放器,云盘/本地/IPTV资源一网打尽,支持TV和刮削!](https://mp.weixin.qq.com/s?__biz=MzA4MjkzMTcxMg==&mid=2449046775&idx=1&sn=403d11271cef923ea84dfc9005eed22e) + - [ ] [“巳巳”如意|蛇年大吉u200b](https://mp.weixin.qq.com/s?__biz=MzU4MTg1NzAzMA==&mid=2247490620&idx=1&sn=48ea11f22a243fbf8b403f5347af6b4b) + - [ ] [收藏 | dotNet安全矩阵 2024 年度安全防御绕过阶段文章和工具汇总](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498553&idx=1&sn=1d8935d674697bc89a84b1b07dd7573a) + - [ ] [.NET 内网攻防实战电子报刊](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498553&idx=2&sn=2eabd584fcc38d4a3de34cbc21b247b8) + - [ ] [收藏 | dotNet安全矩阵 2024 年度外网入口打点阶段文章和工具汇总](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498553&idx=3&sn=11f8acaa352ccc07f18420479c442a8b) + - [ ] [【新春福利免费开放】【20250129更新】GrayLog开源日志管理平台技术文章合集【共80篇】](https://mp.weixin.qq.com/s?__biz=MzU2MjU1OTE0MA==&mid=2247499654&idx=1&sn=1717caf72330209a0d7860dac066d9aa) + - [ ] [ISO 45001: 2018 标准详解与实施(10)6.1.2 危险源辨识及风险和机遇的评价](https://mp.weixin.qq.com/s?__biz=MzA5OTEyNzc1Nw==&mid=2247486046&idx=1&sn=e0752fe57f13f49404b464a8a5d23bf8) + - [ ] [中亚新位置:美国到底是“机遇”还是“陷阱”?](https://mp.weixin.qq.com/s?__biz=MzkwNzM0NzA5MA==&mid=2247505009&idx=1&sn=a675523c007664b3ded75ff213872283) + - [ ] [曼德海峡危机:胡塞武装如何搅动全球贸易与地缘政治的“一池春水”?](https://mp.weixin.qq.com/s?__biz=MzkwNzM0NzA5MA==&mid=2247505009&idx=2&sn=30bc5ffc5afc9a5458d174a81224a804) + - [ ] [DeepSeek遭受美国大规模黑客DDOS攻击!该如何应对?](https://mp.weixin.qq.com/s?__biz=Mzk1NzMwNTM5NQ==&mid=2247483894&idx=1&sn=a0a2746ea96e1c4da9caa325f9851abd) + - [ ] [蛇年快乐!](https://mp.weixin.qq.com/s?__biz=MzI1Mjc3NTUwMQ==&mid=2247538527&idx=1&sn=a6a982145ee51f2707a9b7d2914c057c) + - [ ] [花指令——新春快乐版](https://mp.weixin.qq.com/s?__biz=MzkyNTYwOTMyNA==&mid=2247485009&idx=1&sn=71e8f9c7d9658e891eb9aa14140fac0c) + - [ ] [我让DeepSeek锐评下网络安全行业现状,它的回答......](https://mp.weixin.qq.com/s?__biz=MzkzMjIxNjExNg==&mid=2247486228&idx=1&sn=710163f3aca52010a4b552bf987a7b69) + - [ ] [复旦白泽给大家拜年啦!祝大家蛇年大吉,巳巳如意,Paper如潮成果丰!](https://mp.weixin.qq.com/s?__biz=MzU4NzUxOTI0OQ==&mid=2247492844&idx=1&sn=a8d82e9664fd92535652abde94911226) + - [ ] [记一次SRC利用github搜索拿下中危漏洞](https://mp.weixin.qq.com/s?__biz=MzUyODkwNDIyMg==&mid=2247547532&idx=1&sn=a25d3179451f39184a2c2306e222d2f5) + - [ ] [新年快乐 | 渊亭科技祝您巳巳如意,蛇年大吉!](https://mp.weixin.qq.com/s?__biz=MzIzNjE1ODE2OA==&mid=2660190405&idx=1&sn=b33a770adf5ed142dc3ac8c2afba90ef) + - [ ] [揭露俄罗斯APT新手段:Gamaredon首次使用安卓间谍软件骨骼间谍(BoneSpy)和伪装侦察(PlainGnome)](https://mp.weixin.qq.com/s?__biz=Mzg3OTYxODQxNg==&mid=2247485657&idx=1&sn=1c6e5658064e3bb16435047e39a9f311) + - [ ] [中医学论文大纲完善与落实指南:让你的论文架构更清晰!](https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247493256&idx=1&sn=592a8a23a41a09fc0c7f61488411d5d8) + - [ ] [中医学论文搜集文献攻略:10分钟搞定一个月找不全的经典文献库!](https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247493256&idx=2&sn=9e44f435954053a0a3863c6ca466f2c8) + - [ ] [终于搞懂了!新手如何玩转新闻学论文的文献综述写作攻略,快速上手!](https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247493256&idx=3&sn=86c1867c8e4f63023a0328e127fc79fb) + - [ ] [终于掌握水产养殖学论文搜集文献秘诀!完整指南公开!](https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247493256&idx=4&sn=050db58f55d66a155a674ae62fbc198d) + - [ ] [终于知道日语论文搜集文献这门道,超实用版硬核干货!](https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247493256&idx=5&sn=1dd216f434bb52375a8b6847836147b5) + - [ ] [重磅揭秘:内行人才懂的林业技术论文文献综述写作高阶指南!](https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247493256&idx=6&sn=d4792364daac44d36e9ee0fe60f8a44a) + - [ ] [专家带路:农业工程论文选题高分技巧,快速锁定黄金选题!](https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247493256&idx=7&sn=f8f67fececd526ee35399b356da849e1) + - [ ] [专家级企业管理论文搜集文献内部秘籍:外企高级经理人都在偷学的全流程技巧。](https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247493256&idx=8&sn=5ff567d0085a3894e4c0033cd8301bb9) + - [ ] [红队和 Web 黑盒审计的侦察脚本](https://mp.weixin.qq.com/s?__biz=MzAxMjYyMzkwOA==&mid=2247527357&idx=1&sn=c83b93750bea91d42a144b5a5739a263) + - [ ] [滥用 Windows fork API 和 OneDrive.exe 进程来注入恶意 shellcode](https://mp.weixin.qq.com/s?__biz=MzAxMjYyMzkwOA==&mid=2247527357&idx=2&sn=cb567e9fa5f939b386410eaa2208192b) + - [ ] [零日漏洞正在推动 Fortinet 防火墙攻击(CVE-2024-55591 已确认)](https://mp.weixin.qq.com/s?__biz=MzAxMjYyMzkwOA==&mid=2247527357&idx=3&sn=a9547ba6b29ff579585ca08ae6e20652) + - [ ] [好的伴侣可以减少一半人间疾苦,合适的工作更是这样](https://mp.weixin.qq.com/s?__biz=MzUzNjkxODE5MA==&mid=2247488193&idx=1&sn=98fb524ba32bd4acb817ce28aedc8a4d) + - [ ] [夜鹰(NightHawk)C2工具被泄露了?](https://mp.weixin.qq.com/s?__biz=MzA4ODEyODA3MQ==&mid=2247490232&idx=1&sn=71a4e338358972fe51261cbc15ddcc02) + - [ ] [万象更新 共启新程|四叶草安全祝您鸿运当头](https://mp.weixin.qq.com/s?__biz=MjM5MTI2NDQzNg==&mid=2654552292&idx=1&sn=94bfca6ee6e6469f09475331d9ec1dff) + - [ ] [新春伊始,红日安全启航!愿与您共同筑牢数字防线,共同迈向更安全的明天!🔒🌱](https://mp.weixin.qq.com/s?__biz=MzI4NjEyMDk0MA==&mid=2649851765&idx=1&sn=568da818c7d56ee694372f7ca3d04ddc) + - [ ] [暗网情报5则:VPN权限出售-CNN马来西亚遭勒索](https://mp.weixin.qq.com/s?__biz=MzkyMjQ5ODk5OA==&mid=2247507140&idx=1&sn=39e2cd4ca4a8b2405576bcc343bea2c6) + - [ ] [5th域安全微讯早报【20250129】025期](https://mp.weixin.qq.com/s?__biz=MzkyMjQ5ODk5OA==&mid=2247507140&idx=2&sn=e324fe0e8dc2c445cc103295d565424b) + - [ ] [有人急了。。。DeepSeek。。。线上服务受到大规模恶意攻击。。。](https://mp.weixin.qq.com/s?__biz=MzU2NzY5MzI5Ng==&mid=2247504835&idx=1&sn=145feae85263084b1b6d5bd7b36c7877) + - [ ] [新型“Sneaky 2FA”钓鱼工具包瞄准微软365账户,绕过双重认证(2FA)窃取凭证](https://mp.weixin.qq.com/s?__biz=MzA4NTY4MjAyMQ==&mid=2447900162&idx=1&sn=f1cd9351fa6107901ed7fa81fb279643) + - [ ] [大年初一 | 开源网安祝福大家事业蒸蒸日上,生活阖家美满](https://mp.weixin.qq.com/s?__biz=MzI0NzY1MDgyMw==&mid=2247514013&idx=1&sn=5833bcc742d0d3e15ef6b74df78cc868) + - [ ] [碳泽信息祝您新春快乐,巳巳如意!](https://mp.weixin.qq.com/s?__biz=Mzk0ODI4MDI4Nw==&mid=2247494627&idx=1&sn=ffc67d2a6efe5b59293eda6175d3226f) + - [ ] [【2025春节】解题领红包活动开始喽,解出就送论坛币!](https://mp.weixin.qq.com/s?__biz=MjM5Mjc3MDM2Mw==&mid=2651141655&idx=1&sn=d21717226e40032625a74a2d00255e23) + - [ ] [巳巳如意 | 蛇年大吉](https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651313207&idx=1&sn=6fbe79faad8cf2aedae18f3523b11c63) + - [ ] [《信息安全研究》恭祝大家新春快乐!](https://mp.weixin.qq.com/s?__biz=MzA3NzgzNDM0OQ==&mid=2664992974&idx=1&sn=9cd2cb9e2b233b74a40604ea67942fa7) + - [ ] [大年初一丨安天智甲给您拜年了](https://mp.weixin.qq.com/s?__biz=MjM5MTA3Nzk4MQ==&mid=2650209897&idx=1&sn=6bfd5ddbc7574bf32992f11997f69d3d) + - [ ] [大年初一,拜大年](https://mp.weixin.qq.com/s?__biz=MjM5ODYyMTM4MA==&mid=2650464736&idx=1&sn=bc114265d19b16cd3c45f4cc8b871012) + - [ ] [联想全球安全实验室恭祝大家新春快乐!](https://mp.weixin.qq.com/s?__biz=MzU1ODk1MzI1NQ==&mid=2247491548&idx=1&sn=73c8dbc0a4131745e3e798eaa6404d16) + - [ ] [大年初一 蛇来运转](https://mp.weixin.qq.com/s?__biz=Mzg2MTU5ODQ2Mg==&mid=2247507173&idx=1&sn=3b4749529f6bca97d5553cb65fdec622) + - [ ] [数字取证之证据识别u200c](https://mp.weixin.qq.com/s?__biz=MjM5OTk4MDE2MA==&mid=2655264820&idx=1&sn=c47fa7a58ac994934f15782210c4718b) + - [ ] [网安原创文章推荐【2025/1/28】](https://mp.weixin.qq.com/s?__biz=MzAxNzg3NzMyNQ==&mid=2247489519&idx=1&sn=b63ac6606b1606adc9ec3fbf28433922) + - [ ] [大年初一到,财来福星照!新的一年,祝大家巳巳如意,蛇年行大运。](https://mp.weixin.qq.com/s?__biz=MzkyNDUxNTQ2Mw==&mid=2247485819&idx=1&sn=a9119ee1b24d286f56cda649c53d5870) + - [ ] [大年初一 | 祥蛇纳福,“巳巳”如意](https://mp.weixin.qq.com/s?__biz=MzA4MTg0MDQ4Nw==&mid=2247579267&idx=1&sn=b6b08865f0534077a40f3e336e85bd3f) + - [ ] [SQLite数据库注入攻击技术研究](https://mp.weixin.qq.com/s?__biz=MjM5MjEyMTcyMQ==&mid=2651037456&idx=1&sn=26b186946b56da6148be861444022c93) + - [ ] [春节](https://mp.weixin.qq.com/s?__biz=MzUyMjAyODU1NA==&mid=2247491946&idx=1&sn=960238aa34a57daeb943121fa63418f3) + - [ ] [新年好运签 | 统一云防御:统一防护管理,筑牢网络边界](https://mp.weixin.qq.com/s?__biz=MjM5NzA3Nzg2MA==&mid=2649870831&idx=1&sn=f2dffa473f8078bccfce2ac7f3814c1d) + - [ ] [春节|安赛祝大家新年快乐!](https://mp.weixin.qq.com/s?__biz=MzI3MzA2MTk3Mw==&mid=2657788240&idx=1&sn=8d0ec3ec282dc8d43159d7636218278b) + - [ ] [新春快乐|安势信息祝大家蛇年大吉!](https://mp.weixin.qq.com/s?__biz=Mzg3MDgyMzkwOA==&mid=2247491507&idx=1&sn=51f24fc4ce62cb89254184ab41c5d934) + - [ ] [初一|身体健康,万事如意!](https://mp.weixin.qq.com/s?__biz=MzU1MzE3Njg2Mw==&mid=2247510392&idx=1&sn=23b6d35cb71d82c23d562ba42b1e0694) + - [ ] [2024年公众号优质文章汇总](https://mp.weixin.qq.com/s?__biz=Mzg4NDg3NjE5MQ==&mid=2247485613&idx=1&sn=2ea4aed4c2413869c00fb53f76d1fae5) + - [ ] [正月初一 | 一帆风顺 元启新程](https://mp.weixin.qq.com/s?__biz=MzI2MzU0NTk3OA==&mid=2247506080&idx=1&sn=de989f72a1c24a6013bc32834fd66539) + - [ ] [捷普焕新领先产品全系列](https://mp.weixin.qq.com/s?__biz=MzI2MzU0NTk3OA==&mid=2247506080&idx=2&sn=ddbcbdccb66e8f94303cf95a7dd9420e) + - [ ] [【焕新领先】 捷普态势感知系统](https://mp.weixin.qq.com/s?__biz=MzI2MzU0NTk3OA==&mid=2247506080&idx=3&sn=5e87f69e3e89d5d4d0e72e5e973c9f0a) + - [ ] [粤港澳大湾区网络安全协会祝您新年快乐!](https://mp.weixin.qq.com/s?__biz=MzkwOTUyODE5Mg==&mid=2247485770&idx=1&sn=8c67f414c1d5363770af6d0c2d909922) + - [ ] [关于网络安全指标的思考](https://mp.weixin.qq.com/s?__biz=MzkwOTUyODE5Mg==&mid=2247485770&idx=2&sn=83e45c1783b1612d8163d9544c9f6b47) + - [ ] [众安天下祝您新春快乐、蛇年大吉!](https://mp.weixin.qq.com/s?__biz=MzIyOTUzODY5Ng==&mid=2247504322&idx=1&sn=5e6878918dcc0b4c304704e423a7a2c3) + - [ ] [天工实验室祝大家蛇年大吉,万事如意!](https://mp.weixin.qq.com/s?__biz=Mzk0OTU2ODQ4Mw==&mid=2247486754&idx=1&sn=62aa67a56b66db75099aae8ea64ceef9) + - [ ] [渗透测试 | 某学校授权渗透测试评估](https://mp.weixin.qq.com/s?__biz=Mzk0Mzc1MTI2Nw==&mid=2247487347&idx=1&sn=ecfde99bcc6735f0141a9b575a90c556) + - [ ] [有度安全给大家拜年啦!灵蛇启新元,初一福泽绵](https://mp.weixin.qq.com/s?__biz=Mzg3NTEyMzU4OA==&mid=2247513467&idx=1&sn=c5f15ab42712064a3075e44a9bc4d911) + - [ ] [元春始风华,万象启新朝。深圳市网安计算机网络安全培训中心恭祝您福启新岁,万事顺遂。](https://mp.weixin.qq.com/s?__biz=Mzg3MDYzMjAyNA==&mid=2247486206&idx=1&sn=c7d7d28fb1d2de4e50c094c384bd700e) + - [ ] [大年初一:福满新岁](https://mp.weixin.qq.com/s?__biz=MzU0NDk0NTAwMw==&mid=2247624760&idx=1&sn=7d6fdaf5776b133489f8cbfd0cf87135) + - [ ] [新春快乐,万事如意](https://mp.weixin.qq.com/s?__biz=MzI3NDY3NDUxNg==&mid=2247498914&idx=1&sn=9db465eba52da2dd54e90fb40b843bf6) + - [ ] [拜年啦:恭贺新禧,蛇年大吉!](https://mp.weixin.qq.com/s?__biz=Mzg2MDg0ODg1NQ==&mid=2247540150&idx=1&sn=c11b523ae88eb1cdd1b00c2e2e1e7f4b) + - [ ] [安领可信给您拜年啦!](https://mp.weixin.qq.com/s?__biz=MzUxNjUwNDU4OQ==&mid=2247483953&idx=1&sn=661f7bc51d8046599be7e71f46852275) + - [ ] [大年初一 汉华信安给您拜年了](https://mp.weixin.qq.com/s?__biz=Mzg5ODYyMTI2NA==&mid=2247484582&idx=1&sn=e4a8c83e259a25f4a962bab36d0c0afd) + - [ ] [正月初一拜大年!亚信安全祝大家蛇年顺遂,蛇蛇如意](https://mp.weixin.qq.com/s?__biz=MjM5NjY2MTIzMw==&mid=2650620958&idx=1&sn=1a539d599c8fa0167941d6bccc946ec9) + - [ ] [大年初一 一帆风顺](https://mp.weixin.qq.com/s?__biz=MjM5NzE0NTIxMg==&mid=2651135288&idx=1&sn=c8bf1121cab73be169ecaa119f5d9d5b) + - [ ] [慢雾科技祝大家新春快乐,“巳巳”如意!](https://mp.weixin.qq.com/s?__biz=MzU4ODQ3NTM2OA==&mid=2247501035&idx=1&sn=59e84e7659d99a54b6501ec2191845d8) + - [ ] [新年快乐 | 渊亭防务祝您巳巳如意,蛇年大吉!](https://mp.weixin.qq.com/s?__biz=Mzg2NTYyODgyNg==&mid=2247504626&idx=1&sn=947b971cf92a530af5d4af7a9f40378b) + - [ ] [初一 | 鞭炮声声辞旧岁,新衣新貌贺新年!](https://mp.weixin.qq.com/s?__biz=MzU4NjY4MDAyNQ==&mid=2247497078&idx=1&sn=93f0e2203558c5d2186205dae47e4ab0) + - [ ] [墨云科技 | 金蛇献瑞,谨贺新年](https://mp.weixin.qq.com/s?__biz=MzU5ODE2NDA3NA==&mid=2247496753&idx=1&sn=101bd162fb27a6b210c95d36ff4756c7) + - [ ] [磐石安科技|恭贺蛇年大吉!](https://mp.weixin.qq.com/s?__biz=MzkwNDI0MjkzOA==&mid=2247485840&idx=1&sn=e5045c1d16e658ef82f838d19add009a) + - [ ] [正月初一 | 安泰如意](https://mp.weixin.qq.com/s?__biz=Mzg2NDU3Mzc5OA==&mid=2247489779&idx=1&sn=76fc6dae86e231c41efea62f0565ac21) + - [ ] [大年初一 | 金蛇献瑞迎新春,岁月悠悠送吉祥](https://mp.weixin.qq.com/s?__biz=Mzk0MDQ5MTQ4NA==&mid=2247487427&idx=1&sn=eeef20b9473215312b0e39159d148a5b) + - [ ] [拜年啦](https://mp.weixin.qq.com/s?__biz=MzkxNTIwNTkyNg==&mid=2247553215&idx=1&sn=9e310bac7fb47a94b16a9da14e538d01) + - [ ] [大年初一丨新春启航,万事如意](https://mp.weixin.qq.com/s?__biz=MzAwNTAxMjUwNw==&mid=2650277649&idx=1&sn=f1b0ac4ba8a25aeb6f61b973093d555f) + - [ ] [春节|瑞蛇迎春,共赴新程](https://mp.weixin.qq.com/s?__biz=MzkxODczNjA4NQ==&mid=2247494021&idx=1&sn=55cd58add868195168feda1b08a0a2f1) + - [ ] [初一 | 大年初一 万事胜意](https://mp.weixin.qq.com/s?__biz=MzU1OTc2MzE2Mg==&mid=2247489329&idx=1&sn=d001254620cb5ccdcf51cb5a9a73670e) + - [ ] [祝大家新年蛇年大吉,健康喜乐](https://mp.weixin.qq.com/s?__biz=MzkzNDIzNDUxOQ==&mid=2247494577&idx=1&sn=4d5a9964a63a52fe6cdd3febc7abd292) + - [ ] [苹果修补了 2025 年首个被利用的 iOS 0day(CVE-2025-24085)](https://mp.weixin.qq.com/s?__biz=MzkzNDIzNDUxOQ==&mid=2247494577&idx=2&sn=2a3b9a9481760f2c54d584ed72cf307c) + - [ ] [春节 | 灵蛇迎春,福运满屋](https://mp.weixin.qq.com/s?__biz=MzU3MDA0MTE2Mg==&mid=2247492564&idx=1&sn=44253e74476868913d0de1065716dfad) + - [ ] [梅苑安全携带小猫祝大家蛇年快乐](https://mp.weixin.qq.com/s?__biz=MzkwMTU2NzMwOQ==&mid=2247484530&idx=1&sn=8610d601d8d5bd24528dc1545e83c1a5) + - [ ] [红队移动端评估测试工具](https://mp.weixin.qq.com/s?__biz=MzkyNzIxMjM3Mg==&mid=2247489192&idx=1&sn=f92f78566f73bdbcee373ac7834d1396) + - [ ] [不足挂齿](https://mp.weixin.qq.com/s?__biz=MzkyNzIxMjM3Mg==&mid=2247489192&idx=2&sn=4597cbd9bbf1d814a4d86c26bfb77eed) + - [ ] [范渊新年献词:以韧性回应时代,以AI引领未来](https://mp.weixin.qq.com/s?__biz=MjM5NTE0MjQyMg==&mid=2650624573&idx=1&sn=bde5fc48268dbc7566e0b36ca5ea68e8) + - [ ] [【初一】新岁启封,同赴新程](https://mp.weixin.qq.com/s?__biz=MjM5NTE0MjQyMg==&mid=2650624573&idx=2&sn=c4581b248078cb6ff6f9d465754da975) + - [ ] [像 C2 一样使用 VSCode - 红队风格](https://mp.weixin.qq.com/s?__biz=MzkwOTE5MDY5NA==&mid=2247504777&idx=1&sn=6a7bb7db4890f89678a69854ecbce461) + - [ ] [InForSec祝网络安全华人学者春节愉快!](https://mp.weixin.qq.com/s?__biz=MzA4ODYzMjU0NQ==&mid=2652317463&idx=1&sn=3b304079c535abddffd4968cd9d1c718) + - [ ] [蛇年大吉](https://mp.weixin.qq.com/s?__biz=MzI2Mzc4ODc1NQ==&mid=2247489583&idx=1&sn=e98d28ca40b57b5b32aac53edfeb1946) + - [ ] [【贺蛇年】初一纳福 网安启途](https://mp.weixin.qq.com/s?__biz=MzAxMjE1MDY0NA==&mid=2247508841&idx=1&sn=8c7d1aeb8c2b6827bcde2b323e04027e) + - [ ] [别搞](https://mp.weixin.qq.com/s?__biz=MzAwMjQ2NTQ4Mg==&mid=2247496843&idx=1&sn=12979bae2be8a2d90496e7c79e8bb831) + - [ ] [国自然中标真不难!十年评审专家1v1精修本子,中标率提升58%](https://mp.weixin.qq.com/s?__biz=MzAwMjQ2NTQ4Mg==&mid=2247496843&idx=2&sn=d9858f7695b5db1be02e2d9887ab97d1) + - [ ] [【大年初一】喜迎蛇年 瑞气呈祥](https://mp.weixin.qq.com/s?__biz=MjM5NzYwNDU0Mg==&mid=2649249641&idx=1&sn=7a41d8aceeeb227acfb93b534968da9c) + - [ ] [迎新年,启新篇|任子行祝您新春快乐、蛇年行大运](https://mp.weixin.qq.com/s?__biz=MzI0NjAyMjU4MA==&mid=2649595765&idx=1&sn=fd65317a7df2cda280b10b05734a7e1d) + - [ ] [新年伊始,华为星河AI融合SASE解决方案祝您“SASE”过群雄,一鸣惊人!](https://mp.weixin.qq.com/s?__biz=MzAwODU5NzYxOA==&mid=2247505875&idx=1&sn=d3e7db45fae8f8b023d025df3a110d88) + - [ ] [初一 | 新春纳福](https://mp.weixin.qq.com/s?__biz=MzIxNTQxMjQyNg==&mid=2247493740&idx=1&sn=3a548b5f7979b125fbee60be48b4bfe1) + - [ ] [【2025】新年快乐](https://mp.weixin.qq.com/s?__biz=MzUwOTc3MTQyNg==&mid=2247491386&idx=1&sn=81b68fc009fb3bb698df452f0490aebb) + - [ ] [分享图片](https://mp.weixin.qq.com/s?__biz=MzI3Njc1MjcxMg==&mid=2247494394&idx=1&sn=46b470b30f34d28b91b7446c0432ba7f) + - [ ] [巳巳如意 生生不息丨云天安全祝您新春快乐](https://mp.weixin.qq.com/s?__biz=MzI2NDYzNjY0Mg==&mid=2247501216&idx=1&sn=1bb93c2c50c51f4ba008c8c002e163e1) + - [ ] [Mac下破解激活JetBrains产品](https://mp.weixin.qq.com/s?__biz=Mzg5OTgzMzA1OA==&mid=2247483872&idx=1&sn=8fa59f27c9706af7c69ee722c4016785) + - [ ] [正月初一|金蛇迎春 巳巳如意](https://mp.weixin.qq.com/s?__biz=MzIxNDIzNTcxMg==&mid=2247506758&idx=1&sn=b9e384ec8963ccca8fe2773ebbb9023c) + - [ ] [魔方安全祝你蛇来运转,前程螣螣](https://mp.weixin.qq.com/s?__biz=MzI3NzA5NDc0MA==&mid=2649292206&idx=1&sn=3f87066febd3b789c0e7db2baf1fd1f9) + - [ ] [灵蛇启新元 初一福泽绵](https://mp.weixin.qq.com/s?__biz=MzU0MjEwNTM5Ng==&mid=2247520421&idx=1&sn=9d1cb6d9e4d36868892fdffebe8001f7) + - [ ] [瑞蛇迎春,共筑网安新未来!](https://mp.weixin.qq.com/s?__biz=MzU5ODgzNTExOQ==&mid=2247635828&idx=1&sn=dc1ea39348bc6420d3d24e3cbd1814d2) + - [ ] [大年初一|蛇年顺遂,事事如意!](https://mp.weixin.qq.com/s?__biz=MzU2NzUxMTM0Nw==&mid=2247513467&idx=1&sn=976f6d8db01ae07c788cd029211a3ee6) + - [ ] [山石网科·AI汇东方|正月初一,蛇年大吉](https://mp.weixin.qq.com/s?__biz=MzAxMDE4MTAzMQ==&mid=2661298278&idx=1&sn=48cdce5c730da12f4ee90406ada0f6f5) + - [ ] [拜大年|蛇跃新程 云科同行!](https://mp.weixin.qq.com/s?__biz=Mzg2NTk3NjczNQ==&mid=2247485633&idx=1&sn=8b101c6e5ac782199e1104c0e13efbc4) + - [ ] [恭贺新春 | 金盾信安祝您新春快乐,蛇年大吉!](https://mp.weixin.qq.com/s?__biz=MjM5NjA2NzY3NA==&mid=2448682671&idx=1&sn=5bdff851e304d4dbeff7833d0318a678) + - [ ] [迎新春 过新年 御盾安全给大家拜年啦!](https://mp.weixin.qq.com/s?__biz=MzU4ODgxMjE0Mw==&mid=2247486347&idx=1&sn=858139f172118c4bb834d05bf953cc4f) + - [ ] [蛇年到,福气绕,元支点给您拜年啦!](https://mp.weixin.qq.com/s?__biz=MzI4MDE2MzA4Mw==&mid=2667651078&idx=1&sn=747dc83ae36cc0ea5c1b93eb4bdbaf25) + - [ ] [极验给大家拜年了!](https://mp.weixin.qq.com/s?__biz=MzI2MDE5MTQxNg==&mid=2649723247&idx=1&sn=589cd5ffbdc64554e70c473143cb5c8e) + - [ ] [一元复始 万象更新,能信安祝您及家人新春大吉 万事如意!](https://mp.weixin.qq.com/s?__biz=MzI1MTYzMjY1OQ==&mid=2247490788&idx=1&sn=4ecf028f6de13d48505acb287263846e) + - [ ] [初一 | 恭贺新春,蛇年大吉!](https://mp.weixin.qq.com/s?__biz=Mzg4MjQ4MjM4OA==&mid=2247523802&idx=1&sn=6d75fb5fa444f7b8b4309bb64caadaf9) + - [ ] [金蛇纳福 | 大年初一,网安拜大年!](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235919&idx=1&sn=a091ebd91146a52049677eef87b7cfa1) + - [ ] [蛇年大吉 恭贺新春](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235919&idx=2&sn=1b8c628b25f0a25746c47876084b1c61) + - [ ] [祥蛇贺岁!2025,祝您蛇年顺遂、巳巳如意](https://mp.weixin.qq.com/s?__biz=MzkyNDcwMTAwNw==&mid=2247533748&idx=1&sn=2d4e5d8e231d87a0691bbaaf7bf882f2) + - [ ] [祥蛇献瑞,国泰家康丨永信至诚祝您新春快乐!](https://mp.weixin.qq.com/s?__biz=MzAwNDUyMjk4MQ==&mid=2454829244&idx=1&sn=15d13b997ed8a1d2b6de05f8f19815f0) + - [ ] [洞察2025年网络安全产业趋势](https://mp.weixin.qq.com/s?__biz=Mzg5OTg5OTI1NQ==&mid=2247489844&idx=1&sn=36f1c90e8bd6d4b656b0d844e9d34e9f) + - [ ] [新年快乐,巳巳如意!](https://mp.weixin.qq.com/s?__biz=Mzk0NTU0ODc0Nw==&mid=2247491864&idx=1&sn=bdd69466a0fca637b7efccc408def11e) + - [ ] [蛇跃新程,矢安科技祝您新的一年“巳巳如意”!](https://mp.weixin.qq.com/s?__biz=Mzg2Mjc3NTMxOA==&mid=2247516821&idx=1&sn=b60521f8bd702c0158be36308c378c7f) + - [ ] [拜大年,心向暖阳,愿邮件安全顺遂无忧](https://mp.weixin.qq.com/s?__biz=MzA5NjMyMDEwNg==&mid=2649286360&idx=1&sn=010f5320070eb627541f94e272efd09b) + - [ ] [初一 | 拜大年](https://mp.weixin.qq.com/s?__biz=MzI5NjA4NjA3OA==&mid=2652102063&idx=1&sn=3c51fdc8f0addd6ae0cfb25d2b458ea3) + - [ ] [新春快乐,蛇年吉祥,祝公众号的朋友们身体健康,工作顺利!](https://mp.weixin.qq.com/s?__biz=Mzg3NTUzOTg3NA==&mid=2247515082&idx=1&sn=47788096ca6fa4a1ecb947344b4af31a) + - [ ] [恭贺新春](https://mp.weixin.qq.com/s?__biz=MzU3NTQwNDYyNA==&mid=2247488573&idx=1&sn=0d50fb0a6590fdc5c74cdc1b072da0d9) + - [ ] [医疗行业数据安全风险评估实践指南(一)](https://mp.weixin.qq.com/s?__biz=MzA5MTYyMDQ0OQ==&mid=2247493571&idx=1&sn=5bb28d26963d363a5d4590d66a8df87b) + - [ ] [乙巳春节|新岁启封 万象更新](https://mp.weixin.qq.com/s?__biz=MjM5NjU0NDQ1Ng==&mid=2671019617&idx=1&sn=629fac95808c3f7da16dfa3856f5403c) + - [ ] [蛇年至,万象新,安易科技祝您新年快乐!](https://mp.weixin.qq.com/s?__biz=MzkwMTI3ODUxOQ==&mid=2247485207&idx=1&sn=b324e11004c245d1addc71c420ae24b2) + - [ ] [拜大年 | 竹爆声声辞旧岁,烟花朵朵迎新春。知白学院给您拜年啦~](https://mp.weixin.qq.com/s?__biz=MzUzNDg0NTc1NA==&mid=2247510555&idx=1&sn=adf528e69e77da7e1ade94a1037f657a) + - [ ] [贺新春!](https://mp.weixin.qq.com/s?__biz=MzUxODY3MDExMA==&mid=2247490118&idx=1&sn=41ce7f2bb938c7cb6e68ae48ea0bed1b) + - [ ] [新年祝福](https://mp.weixin.qq.com/s?__biz=Mzg4Nzk3MTg3MA==&mid=2247487719&idx=1&sn=cdab963d88b8a7a93f57e02822946c95) + - [ ] [船山信安给各位师傅们拜年啦!](https://mp.weixin.qq.com/s?__biz=MzU2NDY2OTU4Nw==&mid=2247518508&idx=1&sn=0bcd7cdfb692d548afb9fc3e4e0aabd8) + - [ ] [新年记](https://mp.weixin.qq.com/s?__biz=MzU0NDI5NTY4OQ==&mid=2247486261&idx=1&sn=a99fd42137a2c3a4e337746ba8d1c4d7) + - [ ] [安全客祝您蛇来运转,福满乾坤!](https://mp.weixin.qq.com/s?__biz=MzA5ODA0NDE2MA==&mid=2649787812&idx=1&sn=db21fb03c585e8434fd2aa509fe447b4) + - [ ] [【新年快乐】菜狗安全祝师傅们新年快乐(内含抽奖)](https://mp.weixin.qq.com/s?__biz=Mzg4MzkwNzI1OQ==&mid=2247485729&idx=1&sn=a0b793b557e83bc2f4e8ab3baff70b5b) + - [ ] [HackingClub祝您巳巳如意,前程螣螣!](https://mp.weixin.qq.com/s?__biz=MzkxMzE4MTc5Ng==&mid=2247499518&idx=1&sn=d9ce9cfedb17f3e247b95cd20c211551) + - [ ] [内生安全联盟恭祝大家新春快乐,万事大吉!](https://mp.weixin.qq.com/s?__biz=Mzg4MDU0NTQ4Mw==&mid=2247528904&idx=1&sn=4e192436cfabe37848d9c0a532aeaba5) + - [ ] [🐱网安招财喵喵新春祝福~](https://mp.weixin.qq.com/s?__biz=MzkzNjE5NjQ4Mw==&mid=2247543340&idx=1&sn=ee9b97e42573764b723f01e86b6ece2b) + - [ ] [大学生网络安全尖锋训练营给您拜年](https://mp.weixin.qq.com/s?__biz=MzUzODkwMDMxNA==&mid=2247574850&idx=1&sn=88a610b92fc3393da2255798f8ed2153) + - [ ] [《网信自主创新调研报告》编委会给您拜年](https://mp.weixin.qq.com/s?__biz=MzkxMzI3MzMwMQ==&mid=2247530977&idx=1&sn=d05ad11631bf7f2d2c27a0398c17cfe2) + - [ ] [暗魂攻防实验室祝各位蛇年大吉](https://mp.weixin.qq.com/s?__biz=MzkyMjE1NzQ2MA==&mid=2247489711&idx=1&sn=0ebcd1f0d28d56eff0d0744371744710) + - [ ] [惊喜放送丨辞旧迎新除烦恼,万巳如意好运来,火绒祝您新春大吉!](https://mp.weixin.qq.com/s?__biz=MzI3NjYzMDM1Mg==&mid=2247522008&idx=1&sn=72eb4a612f06bf7c8a597e0f7dc088e1) + - [ ] [诚邀渠道合作伙伴共启新征程](https://mp.weixin.qq.com/s?__biz=MzI3NjYzMDM1Mg==&mid=2247522008&idx=2&sn=9adee9b586588ae9a54e6a2b1cba98ec) + - [ ] [灵蛇迎春 瑞气盈门|美创科技祝您新岁安康,蛇来运转](https://mp.weixin.qq.com/s?__biz=MzA3NDE0NDUyNA==&mid=2650805046&idx=1&sn=744a4d22945a4c2a5c8ccfa9f48e6457) + - [ ] [迪普科技祝您新年快乐丨金蛇献瑞展宏图 续写网安新篇章](https://mp.weixin.qq.com/s?__biz=MzA4NzE5MzkzNA==&mid=2650370747&idx=1&sn=4d579b58e19a18bfbdb857b1fc747993) + - [ ] [骇极安全](https://mp.weixin.qq.com/s?__biz=MzIwNTU1NjYwNA==&mid=2247488014&idx=1&sn=d62058ec064d318cd051237797748ebf) + - [ ] [网安守夜人祝大家新年快乐](https://mp.weixin.qq.com/s?__biz=MzU0MzgyMzM2Nw==&mid=2247486255&idx=1&sn=cbfd1798a20828ea6d7687536ae8f243) + - [ ] [杂感四则](https://mp.weixin.qq.com/s?__biz=MzA5MzU5MzQzMA==&mid=2652114260&idx=1&sn=e7c060b972419b42cb2ed3ff9bd69084) + - [ ] [春节 | 密织数据安全网,祥启蛇年好运章](https://mp.weixin.qq.com/s?__biz=MzkyNzE5MDUzMw==&mid=2247569445&idx=1&sn=81d7230341be2c2bc815d4771fe32884) + - [ ] [攻防靶场(54):从LFI到RCE](https://mp.weixin.qq.com/s?__biz=MzI0NjA3Mzk2NQ==&mid=2247496095&idx=1&sn=4bba7300e436e3e9e1eb11a361c42c25) +- Der Flounder + - [ ] [Managing Apple Intelligence features on macOS Sequoia 15.3](https://derflounder.wordpress.com/2025/01/29/managing-apple-intelligence-features-on-macos-sequoia-15-3/) +- Hacking Articles + - [ ] [Credential Dumping: AD User Comment](https://www.hackingarticles.in/credential-dumping-ad-user-comment/) +- Google Online Security Blog + - [ ] [How we kept the Google Play & Android app ecosystems safe in 2024](http://security.googleblog.com/2025/01/how-we-kept-google-play-android-app-ecosystem-safe-2024.html) + - [ ] [How we estimate the risk from prompt injection attacks on AI systems](http://security.googleblog.com/2025/01/how-we-estimate-risk-from-prompt.html) +- Private Feed for M09Ic + - [ ] [CHYbeta starred sannykim/solsec](https://github.com/sannykim/solsec) + - [ ] [INotGreen starred 0xrawsec/whids](https://github.com/0xrawsec/whids) + - [ ] [safedv starred S3cur3Th1sSh1t/gui-pwn](https://github.com/S3cur3Th1sSh1t/gui-pwn) +- Recent Commits to cve:main + - [ ] [Update Wed Jan 29 20:28:19 UTC 2025](https://github.com/trickest/cve/commit/2a9a6c5e8dfdef652b3351b8c7c20cddc3b7958c) + - [ ] [Update Wed Jan 29 12:26:44 UTC 2025](https://github.com/trickest/cve/commit/023d47466c3dfcf89301b51bd1f75e5ac6af45d2) + - [ ] [Update Wed Jan 29 04:20:44 UTC 2025](https://github.com/trickest/cve/commit/9bbcd187c35f8f8562d789c9c6a09501e13902b6) +- Trustwave Blog + - [ ] [Inside APT34 (OilRig): Tools, Techniques, and Global Cyber Threats](https://www.trustwave.com/en-us/resources/blogs/trustwave-blog/inside-apt34-oilrig-tools-techniques-and-global-cyber-threats/) +- Bug Bounty in InfoSec Write-ups on Medium + - [ ] [5 Things You Should Understand Before Jumping into Bug Bounty](https://infosecwriteups.com/5-things-you-should-understand-before-jumping-into-bug-bounty-813cd960c6bc?source=rss----7b722bfd1b8d--bug_bounty) + - [ ] [Exploiting XSS To Steal Cookies](https://infosecwriteups.com/exploiting-xss-to-steal-cookies-f0aebdcd815b?source=rss----7b722bfd1b8d--bug_bounty) + - [ ] [How I Found a Ticket Booking Bug That Allowed Me to Travel Almost for Free in TNSTC](https://infosecwriteups.com/how-i-found-a-ticket-booking-bug-that-allowed-me-to-travel-almost-for-free-in-tnstc-2c7aa23aebf6?source=rss----7b722bfd1b8d--bug_bounty) +- Horizon3.ai + - [ ] [Fireside Chat: Horizon3.ai and North Carolina’s Electric Cooperatives](https://www.horizon3.ai/intelligence/webinars/fireside-chat-horizon3-ai-and-north-carolinas-electric-cooperatives/) +- Blogs dade + - [ ] [Lessons in Everything](https://0xda.de/blog/2025/01/lessons-in-everything/) +- Twitter @bytehx + - [ ] [Re @yeswehack Thanks !](https://x.com/bytehx343/status/1884630328339472481) + - [ ] [Re @CristiVlad25 @yeswehack :-)](https://x.com/bytehx343/status/1884599250329411751) + - [ ] [Re @_justYnot @Hacker0x01 Thanks!](https://x.com/bytehx343/status/1884599038978515142) + - [ ] [Re @A_Atef200 @yeswehack No. This is private and I am sure that it won’t be duped:)](https://x.com/bytehx343/status/1884597418005860707) + - [ ] [Yay, I was awarded a $$$ bounty on @Hacker0x01! https://hackerone.com/bytehx #TogetherWeHitHarder](https://x.com/bytehx343/status/1884583738790793420) + - [ ] [Just got a reward for a high vulnerability submitted on @yeswehack -- Information Disclosure (CWE-200). https://yeswehack.com/hunters/bytehx #YesWeRHa...](https://x.com/bytehx343/status/1884583581504491599) + - [ ] [Just got a reward for a vulnerability submitted on @yeswehack -- Acceptance of Extraneous Untrusted Data With Trusted Data - Cache Poisoning (CWE-349)...](https://x.com/bytehx343/status/1884583503851114555) +- Securelist + - [ ] [Threat predictions for industrial enterprises 2025](https://securelist.com/industrial-threat-predictions-2025/115327/) +- Malwarebytes + - [ ] [These are the 10 worst PIN codes](https://www.malwarebytes.com/blog/news/2025/01/these-are-the-10-worst-pin-codes) +- NVISO Labs + - [ ] [Backups & DRP in the ransomware era](https://blog.nviso.eu/2025/01/29/backups-drp-in-the-ransomware-era/) +- Insinuator.net + - [ ] [Jigsaw RDPuzzle: Piecing Attacker Actions Together](https://insinuator.net/2025/01/jigsaw-rdpuzzle/) +- GuidePoint Security + - [ ] [Ongoing report: Babuk2 (Babuk-Bjorka)](https://www.guidepointsecurity.com/blog/ongoing-report-babuk2-babuk-bjorka/) +- Malware-Traffic-Analysis.net - Blog Entries + - [ ] [2025-01-28: Malwre infection from web inject activity](https://www.malware-traffic-analysis.net/2025/01/28/index.html) +- Reverse Engineering + - [ ] [How To Avoid Malware Rabbitholes](https://www.reddit.com/r/ReverseEngineering/comments/1id52rn/how_to_avoid_malware_rabbitholes/) + - [ ] [Got bored, reversed the WMI. Made a novel virus that never touches the filesystem](https://www.reddit.com/r/ReverseEngineering/comments/1icgfua/got_bored_reversed_the_wmi_made_a_novel_virus/) + - [ ] [ScatterBrain: Unmasking the Shadow of PoisonPlug's Obfuscator](https://www.reddit.com/r/ReverseEngineering/comments/1id0io4/scatterbrain_unmasking_the_shadow_of_poisonplugs/) + - [ ] [CVE-2024-49138 Windows CLFS heap-based buffer overflow analysis](https://www.reddit.com/r/ReverseEngineering/comments/1icpgh4/cve202449138_windows_clfs_heapbased_buffer/) + - [ ] [Bypass login on app. Company went out of business meaning no new users can access the underwater drone as the servers are offline. Can somebody figure out a bypass hack?](https://www.reddit.com/r/ReverseEngineering/comments/1ich60h/bypass_login_on_app_company_went_out_of_business/) +- hn security + - [ ] [CVE-2024-49138 Windows CLFS heap-based buffer overflow analysis – Part 2](https://security.humanativaspa.it/cve-2024-49138-windows-clfs-heap-based-buffer-overflow-analysis-part-2/) + - [ ] [CVE-2024-49138 Windows CLFS heap-based buffer overflow analysis – Part 1](https://security.humanativaspa.it/cve-2024-49138-windows-clfs-heap-based-buffer-overflow-analysis-part-1/) +- Wallarm + - [ ] [API Security Is At the Center of OpenAI vs. DeepSeek Allegations](https://lab.wallarm.com/api-security-is-at-the-center-of-openai-vs-deepseek-allegations/) +- daniel.haxx.se + - [ ] [A 1337 curl author](https://daniel.haxx.se/blog/2025/01/29/a-1337-curl-author/) +- Security Blog | Praetorian + - [ ] [Introducing Nosey Parker Explorer](https://www.praetorian.com/blog/announcing-nosey-parker-explorer/) +- 安全分析与研究 + - [ ] [夜鹰(NightHawk)C2工具被泄露了?](https://mp.weixin.qq.com/s?__biz=MzA4ODEyODA3MQ==&mid=2247490232&idx=1&sn=71a4e338358972fe51261cbc15ddcc02&chksm=902fb590a7583c8670bf284d9d8eb2fb2c3d7608c5cccf3c64a743f4b24808388990b8b5fde4&scene=58&subscene=0#rd) +- 奇客Solidot–传递最新科技情报 + - [ ] [Meta 短暂禁止用户发表任何涉及 Linux 的帖子](https://www.solidot.org/story?sid=80447) + - [ ] [腾讯游戏《三角洲行动》被发现会修改用户 CPU 调度和性能释放策略](https://www.solidot.org/story?sid=80446) + - [ ] [心脏病是美国的第一死因](https://www.solidot.org/story?sid=80445) + - [ ] [公共图书馆能给人们的生活带来积极影响](https://www.solidot.org/story?sid=80444) +- 红日安全 + - [ ] [新春伊始,红日安全启航!愿与您共同筑牢数字防线,共同迈向更安全的明天!🔒🌱](https://mp.weixin.qq.com/s?__biz=MzI4NjEyMDk0MA==&mid=2649851765&idx=1&sn=568da818c7d56ee694372f7ca3d04ddc&chksm=f3e4e9f6c49360e020e5c1183896432b1d52e3c9e96fa7577bb40590a7280b1b5987a521a472&scene=58&subscene=0#rd) +- 吾爱破解论坛 + - [ ] [【2025春节】解题领红包活动开始喽,解出就送论坛币!](https://mp.weixin.qq.com/s?__biz=MjM5Mjc3MDM2Mw==&mid=2651141655&idx=1&sn=d21717226e40032625a74a2d00255e23&chksm=bd50a6438a272f55f2e9c7890cabd2ec30b2ec5b946b2dcb7f37c96667f152909cb765fc17fe&scene=58&subscene=0#rd) +- 丁爸 情报分析师的工具箱 + - [ ] [【实操】利用Deepseek传承和弘扬传统文化](https://mp.weixin.qq.com/s?__biz=MzI2MTE0NTE3Mw==&mid=2651148736&idx=1&sn=39a0df253f09d26a6151599d1e8bfb20&chksm=f1af26fac6d8afec1e52db48f994cfe77da1b04b5a1e5aeba491a41f83b5e2b01795b8074105&scene=58&subscene=0#rd) + - [ ] [【培训】Osint开源情报练习 #002](https://mp.weixin.qq.com/s?__biz=MzI2MTE0NTE3Mw==&mid=2651148736&idx=2&sn=ebee4c79a769e10968179969c634d83a&chksm=f1af26fac6d8afec43791f1e2d2945b5e030bab5b7a6d0c003eff48d2af4aa4bbae72ead9e03&scene=58&subscene=0#rd) +- 锦行科技 + - [ ] [初一 | 新春纳福](https://mp.weixin.qq.com/s?__biz=MzIxNTQxMjQyNg==&mid=2247493740&idx=1&sn=3a548b5f7979b125fbee60be48b4bfe1&chksm=979a13c9a0ed9adf401fe111940f754c8f3d4bbb1467acb1bb58f95ea4f559e1018fe247674a&scene=58&subscene=0#rd) +- 慢雾科技 + - [ ] [慢雾科技祝大家新春快乐,“巳巳”如意!](https://mp.weixin.qq.com/s?__biz=MzU4ODQ3NTM2OA==&mid=2247501035&idx=1&sn=59e84e7659d99a54b6501ec2191845d8&chksm=fddeba6ccaa9337aee73dbfd92a4188959c61acfe765c21c5ddde16c0ddbf61b542525b2bbc8&scene=58&subscene=0#rd) +- M01N Team + - [ ] [AISS大模型安全社区-2025 Roadmap](https://mp.weixin.qq.com/s?__biz=MzkyMTI0NjA3OA==&mid=2247494053&idx=1&sn=6449e25c9c3754c833fdd7ba5435ad70&chksm=c18429b4f6f3a0a25365b3e0d1423573d757fa269aad736ed5aca48ff4b82b278fd73ac03340&scene=58&subscene=0#rd) +- 看雪学苑 + - [ ] [2025新春致谢 | 金蛇纳福启新程](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458589299&idx=1&sn=5e38768a37484f2f38cd5b8da65a095b&chksm=b18c28f986fba1effd30be735d8e492f5a4fe38d1f279119a9b59d2195d68332dff4b59e864c&scene=58&subscene=0#rd) +- 网安国际 + - [ ] [InForSec祝网络安全华人学者春节愉快!](https://mp.weixin.qq.com/s?__biz=MzA4ODYzMjU0NQ==&mid=2652317463&idx=1&sn=3b304079c535abddffd4968cd9d1c718&chksm=8bc4ba99bcb3338f81946371b05c0e130ac7d9cc318f370bedd27002d8321e4fea3c011ad947&scene=58&subscene=0#rd) +- 威胁猎人Threat Hunter + - [ ] [新春快乐,万事如意](https://mp.weixin.qq.com/s?__biz=MzI3NDY3NDUxNg==&mid=2247498914&idx=1&sn=9db465eba52da2dd54e90fb40b843bf6&chksm=eb12da99dc65538f376b96cbd2513fdc29cf6fe94ebdbc01455265051e5acf045c037033aa2e&scene=58&subscene=0#rd) +- 极客公园 + - [ ] [DeepSeek 的爆红,指出了当下 AI 最大困境](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653073010&idx=1&sn=0abd27208a3082b3453f5cb1aa2a1ab7&chksm=7e57d3c449205ad2fcb7960a04020f5000e8f59242b70aada742aaba7fa36482c27141e654d4&scene=58&subscene=0#rd) + - [ ] [宇树领衔,众多黑科技登台蛇年春晚;奥特曼回应 DeepSeek 爆火;抖音李亮评论雷军、余承东直播被封 | 极客早知道](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653072999&idx=1&sn=525ce0f5f5685483f05d575f2d13d51a&chksm=7e57d3d149205ac723fd927a03f590113df2731c5a2fb9d3feff18b23c03ac35ce5defcab466&scene=58&subscene=0#rd) +- 情报分析师 + - [ ] [【卫星图像】金正恩考察朝鲜核物质生产基地和核武器研究所](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650559318&idx=1&sn=f93bc65cb4cf2587b134129cbdca5205&chksm=87117d1db066f40b7f81de93f98091616065d1f49efc6490b8269d09dd1a64ad7d16306602e7&scene=58&subscene=0#rd) + - [ ] [美日韩“抱团”:三国首次会谈聚焦朝鲜核威胁](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650559318&idx=2&sn=eef1bccee4db52de82349056e07e8aca&chksm=87117d1db066f40baf7629cdca97055daa3255b4dc91b397b5d2faef1aef45223fe2f07d2f2c&scene=58&subscene=0#rd) + - [ ] [致情报分析师公众号全体粉丝](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650559318&idx=3&sn=be997ee6361433a289ec6c156aca06a7&chksm=87117d1db066f40ba93fbe99241b3d494eac47afa160be5539c9518622515394ac57f674c92c&scene=58&subscene=0#rd) +- 迪哥讲事 + - [ ] [寻找隐藏参数的利器](https://mp.weixin.qq.com/s?__biz=MzIzMTIzNTM0MA==&mid=2247496975&idx=1&sn=41875f4fcd79a42421188feb25e23889&chksm=e8a5ff6cdfd2767a4c19aa1cb2ccd7bc363b29d6b2c7cc49beb5a3dcf261222c0dec0d6efac2&scene=58&subscene=0#rd) +- Over Security - Cybersecurity news aggregator + - [ ] [Hackers are hijacking WordPress sites to push Windows and Mac malware](https://techcrunch.com/2025/01/29/hackers-are-hijacking-wordpress-sites-to-push-windows-and-mac-malware/) + - [ ] [South Africa’s government-run weather service knocked offline by cyberattack](https://therecord.media/south-african-weather-service-cyberattack) + - [ ] [FBI seizes Cracked.io, Nulled.to hacking forums in Operation Talent](https://www.bleepingcomputer.com/news/security/fbi-seizes-crackedio-nulledto-hacking-forums-in-operation-talent/) + - [ ] [Laravel admin package Voyager vulnerable to one-click RCE flaw](https://www.bleepingcomputer.com/news/security/laravel-admin-package-voyager-vulnerable-to-one-click-rce-flaw/) + - [ ] [Italian regulator asks DeepSeek for information about data collection](https://therecord.media/italian-regulator-deepseek-info-collection) + - [ ] [Microsoft investigates Microsoft 365 outage affecting users, admins](https://www.bleepingcomputer.com/news/microsoft/microsoft-investigates-microsoft-365-outage-affecting-users-admins/) + - [ ] [L’IA generativa unifica le interfacce di gestione e migliora la cybersecurity](https://www.securityinfo.it/2025/01/29/lia-generativa-unifica-le-interfacce-di-gestione-e-migliora-la-cybersecurity/) + - [ ] [Industry groups call on Congress to enact federal data privacy law](https://therecord.media/industry-groups-congress-data-privacy) + - [ ] [Poland accuses Russia of recruiting Polish citizens online for election meddling](https://therecord.media/poland-accuses-russia-of-recruiting-citizens-online-for-election-meddling) + - [ ] [FBI seizes domains for Cracked.io, Nulled.to hacking forums](https://www.bleepingcomputer.com/news/security/fbi-seizes-domains-for-crackedio-nulledto-hacking-forums/) + - [ ] [Whatsup Gold, Observium and Offis vulnerabilities](https://blog.talosintelligence.com/whatsup-gold-and-offis-vulnerabilities-2/) + - [ ] [Windows 11's Start menu is getting iPhone and Android integration](https://www.bleepingcomputer.com/news/microsoft/windows-11s-start-menu-is-getting-iphone-and-android-integration/) + - [ ] [UK engineering giant Smiths Group investigating 'unauthorised access' to network](https://therecord.media/smiths-group-uk-cybersecurity-incident) + - [ ] [Maryland healthcare network forced to shut down IT systems after ransomware attack](https://therecord.media/maryland-healthcare-ransomware-frederick-health) + - [ ] [Uncover Hidden Browsing Threats: Get a Free Risk Assessment for GenAI, Identity, Web, and SaaS Risks](https://www.bleepingcomputer.com/news/security/uncover-hidden-browsing-threats-get-a-free-risk-assessment-for-genai-identity-web-and-saas-risks/) + - [ ] [Texas AG warns Kia about sharing driver information with data brokers](https://therecord.media/texas-warns-kia-about-sharing-driver-info-to-data-brokers) + - [ ] [Hackers exploit critical unpatched flaw in Zyxel CPE devices](https://www.bleepingcomputer.com/news/security/hackers-exploit-critical-unpatched-flaw-in-zyxel-cpe-devices/) + - [ ] [January Windows 10 preview update force installs new Outlook](https://www.bleepingcomputer.com/news/microsoft/january-windows-10-preview-update-force-installs-new-outlook/) + - [ ] [Sweden’s elite armed police used helicopter to board suspected sabotage ship](https://therecord.media/sweden-vezhen-ship-armed-police-boarded-helicopter) + - [ ] [New ICS Vulnerabilities Discovered in Schneider Electric and B&R Automation Systems](https://cyble.com/blog/cisa-release-advisories-for-new-ics-vulnerabilities/) + - [ ] [Windows 11 KB5050094 update fixes bugs causing audio issues](https://www.bleepingcomputer.com/news/microsoft/windows-11-kb5050094-update-fixes-bugs-causing-audio-issues/) + - [ ] [Australia’s Health Sector Receives $6.4 Million Cybersecurity Boost with New Threat Information-Sharing Network](https://cyble.com/blog/australia-health-cyber-sharing-network/) + - [ ] [Threat predictions for industrial enterprises 2025](https://securelist.com/industrial-threat-predictions-2025/115327/) + - [ ] [3 Major Cyber Attacks in January 2025](https://any.run/cybersecurity-blog/cyber-attacks-january-2025/) + - [ ] [PlushDaemon: un nuovo gruppo APT cinese colpisce la Corea del Sud. Il report di ESET](https://www.securityinfo.it/2025/01/29/plushdaemon-un-nuovo-gruppo-apt-cinese-colpisce-la-corea-del-sud-il-report-di-eset/) + - [ ] [CVE-2024-49138 Windows CLFS heap-based buffer overflow analysis – Part 1](https://security.humanativaspa.it/cve-2024-49138-windows-clfs-heap-based-buffer-overflow-analysis-part-1/) + - [ ] [CVE-2024-49138 Windows CLFS heap-based buffer overflow analysis – Part 2](https://security.humanativaspa.it/cve-2024-49138-windows-clfs-heap-based-buffer-overflow-analysis-part-2/) + - [ ] [Report: Almost half of state consumer privacy laws fail to protect individuals’ data](https://therecord.media/state-consumer-privacy-laws-failing-to-protect-data) + - [ ] [MGM agrees to pay $45 million to victims of 2019 data breach and 2023 ransomware attack](https://therecord.media/mgm-agrees-45-million-payment-data-breach-ransomware-victims) +- Krypt3ia + - [ ] [Krypt3ia Daily Cyber Threat Intelligence (CTI) Digest](https://krypt3ia.wordpress.com/2025/01/29/krypt3ia-daily-cyber-threat-intelligence-cti-digest-5/) +- 360数字安全 + - [ ] [大年初一 | 祥蛇纳福,“巳巳”如意](https://mp.weixin.qq.com/s?__biz=MzA4MTg0MDQ4Nw==&mid=2247579267&idx=1&sn=b6b08865f0534077a40f3e336e85bd3f&chksm=9f8d268ba8faaf9d3bdee0d2df3318bb871d372d6f84665b079f0fbac45e747586f5fad7522e&scene=58&subscene=0#rd) +- Securityinfo.it + - [ ] [L’IA generativa unifica le interfacce di gestione e migliora la cybersecurity](https://www.securityinfo.it/2025/01/29/lia-generativa-unifica-le-interfacce-di-gestione-e-migliora-la-cybersecurity/?utm_source=rss&utm_medium=rss&utm_campaign=lia-generativa-unifica-le-interfacce-di-gestione-e-migliora-la-cybersecurity) + - [ ] [PlushDaemon: un nuovo gruppo APT cinese colpisce la Corea del Sud. Il report di ESET](https://www.securityinfo.it/2025/01/29/plushdaemon-un-nuovo-gruppo-apt-cinese-colpisce-la-corea-del-sud-il-report-di-eset/?utm_source=rss&utm_medium=rss&utm_campaign=plushdaemon-un-nuovo-gruppo-apt-cinese-colpisce-la-corea-del-sud-il-report-di-eset) +- Schneier on Security + - [ ] [ExxonMobil Lobbyist Caught Hacking Climate Activists](https://www.schneier.com/blog/archives/2025/01/exxonmobil-lobbyist-caught-hacking-climate-activists.html) +- Hacking Exposed Computer Forensics Blog + - [ ] [Daily Blog #732: Multiple Identity Provider Disorder](https://www.hecfblog.com/2025/01/daily-blog-732-multiple-identity.html) +- 复旦白泽战队 + - [ ] [复旦白泽给大家拜年啦!祝大家蛇年大吉,巳巳如意,Paper如潮成果丰!](https://mp.weixin.qq.com/s?__biz=MzU4NzUxOTI0OQ==&mid=2247492844&idx=1&sn=a8d82e9664fd92535652abde94911226&chksm=fde86092ca9fe9849b18549438906f871544b38d9a54c8b9d40cfb6fc03b23c01305a77b6ea7&scene=58&subscene=0#rd) +- Graham Cluley + - [ ] [Ex-worker arrested after ‘shutdown’ of British Museum computer systems](https://www.bitdefender.com/en-us/blog/hotforsecurity/ex-worker-arrested-after-shutdown-of-british-museum-computer-systems) +- TorrentFreak + - [ ] [New Bill Aims to Block Foreign Pirate Sites in the U.S.](https://torrentfreak.com/new-bill-aims-to-block-foreign-pirate-sites-in-the-u-s-250129/) + - [ ] [TorrentGalaxy Pleads Financial Difficulties, Asks Users to Chip In](https://torrentfreak.com/torrentgalaxy-pleads-financial-difficulties-asks-users-to-chip-in-250129/) +- The Register - Security + - [ ] [North Koreans clone open source projects to plant backdoors, steal credentials](https://go.theregister.com/feed/www.theregister.com/2025/01/29/lazarus_groups_supply_chain_attack/) + - [ ] [Why is my Mitel phone DDoSing strangers? Oh, it was roped into a new Mirai botnet](https://go.theregister.com/feed/www.theregister.com/2025/01/29/ddos_attacks_aquabot_mitel/) + - [ ] [Transform your approach to data security](https://go.theregister.com/feed/www.theregister.com/2025/01/29/transform_your_approach_to_data/) + - [ ] ['Bro delete the chat': Feel the panic shortly before cops bust major online fraud ring](https://go.theregister.com/feed/www.theregister.com/2025/01/29/otp_agency_convicted/) + - [ ] [Spending watchdog blasts UK govt over sloth-like progress to shore up IT defenses](https://go.theregister.com/feed/www.theregister.com/2025/01/29/nao_blasts_uk_gov_cyber/) + - [ ] [The curious story of Uncle Sam's HR dept, a hastily set up email server, and fears of another cyber disaster](https://go.theregister.com/feed/www.theregister.com/2025/01/29/opm_email_lawsuit/) + - [ ] [SLAP, Apple, and FLOP: Safari, Chrome at risk of data theft on iPhone, Mac, iPad Silicon](https://go.theregister.com/feed/www.theregister.com/2025/01/29/flop_and_slap_attacks_apple_silicon/) +- Security Affairs + - [ ] [U.S. CISA adds Apple products’ flaw to its Known Exploited Vulnerabilities catalog](https://securityaffairs.com/173622/hacking/us-cisa-adds-apple-products-flaw-known-exploited-vulnerabilities-catalog.html) + - [ ] [Aquabot variant v3 targets Mitel SIP phones](https://securityaffairs.com/173607/breaking-news/aquabot-variant-v3-targets-mitel-sip-phones.html) + - [ ] [Critical remote code execution bug found in Cacti framework](https://securityaffairs.com/173597/security/critical-rce-cacti-framework.html) + - [ ] [Attackers actively exploit a critical zero-day in Zyxel CPE Series devices](https://securityaffairs.com/173589/hacking/zyxel-cpe-series-devices-cve-2024-40891-exploited.html) + - [ ] [Attackers exploit SimpleHelp RMM Software flaws for initial access](https://securityaffairs.com/173578/security/attackers-exploit-simplehelp-rmm-software-flaws.html) +- bellingcat + - [ ] [M23 Rebels Consolidate Control over Key City in DR Congo](https://www.bellingcat.com/news/2025/01/29/m23-rebels-goma-congo-fighting-clashes-drc-kivu-control/) +- Instapaper: Unread + - [ ] [FBI seizes domains for Cracked.io, Nulled.to hacking forums](https://www.bleepingcomputer.com/news/security/fbi-seizes-domains-for-crackedio-nulledto-hacking-forums/) + - [ ] [WhatsApp’s Image “View Once” Feature Flaw Allowing Unlimited Views](https://cybersecuritynews.com/whatsapp-view-once-flaw/) + - [ ] [State-sponsored Actors Abusing Gemini to Fuel Cyber Attacks](https://cybersecuritynews.com/state-sponsored-actors-abusing-gemini/) + - [ ] [DeepSeek R1 Jailbroken to Generate Ransomware Development Scripts](https://cybersecuritynews.com/deepseek-r1-jailbroken-ransomware/) + - [ ] [Stratoshark – Wireshark Has Got a Friend for Cloud](https://cybersecuritynews.com/stratoshark/) + - [ ] [How Long Does It Take Hackers to Crack Modern Hashing Algorithms](https://thehackernews.com/2025/01/how-long-does-it-take-hackers-to-crack.html) + - [ ] [This new Android feature protects your phone, even if someone has your PIN](https://www.zdnet.com/article/this-new-android-feature-protects-your-phone-even-if-someone-has-your-pin/) +- Your Open Hacker Community + - [ ] [So You Want To Work in Cyber Security?](https://www.reddit.com/r/HowToHack/comments/1id21do/so_you_want_to_work_in_cyber_security/) + - [ ] [Im (almost) 16 and want to learn ethical hacking, any advice?](https://www.reddit.com/r/HowToHack/comments/1icxorh/im_almost_16_and_want_to_learn_ethical_hacking/) + - [ ] [Is there any way I can get a list of hashes?](https://www.reddit.com/r/HowToHack/comments/1id61ki/is_there_any_way_i_can_get_a_list_of_hashes/) + - [ ] [Any advice to start?](https://www.reddit.com/r/HowToHack/comments/1iczrw1/any_advice_to_start/) + - [ ] [Trap phone](https://www.reddit.com/r/HowToHack/comments/1id7boc/trap_phone/) + - [ ] [What is a fraud?](https://www.reddit.com/r/HowToHack/comments/1id20l8/what_is_a_fraud/) + - [ ] [What should I move onto?](https://www.reddit.com/r/HowToHack/comments/1icpms1/what_should_i_move_onto/) + - [ ] [How to find dark web site links](https://www.reddit.com/r/HowToHack/comments/1id0bl8/how_to_find_dark_web_site_links/) + - [ ] [Im turning 17 this year, and i have already started learning ethical hacking since 2020, and i have taken some paid courses and completed those and currently im just training in ctf and htb, i need to learn more in hacking, any recommendations?](https://www.reddit.com/r/HowToHack/comments/1icov3b/im_turning_17_this_year_and_i_have_already/) + - [ ] [So basically I want to learn how to hack into my old social media where do I start](https://www.reddit.com/r/HowToHack/comments/1icvut2/so_basically_i_want_to_learn_how_to_hack_into_my/) + - [ ] [noob questions 2: from nmap to metasploit](https://www.reddit.com/r/HowToHack/comments/1icju15/noob_questions_2_from_nmap_to_metasploit/) + - [ ] [How to crack a phone pass](https://www.reddit.com/r/HowToHack/comments/1icqs7v/how_to_crack_a_phone_pass/) + - [ ] [Where do i get flipper zero here in india?](https://www.reddit.com/r/HowToHack/comments/1icooi1/where_do_i_get_flipper_zero_here_in_india/) + - [ ] [Hi I'm 14 and wanna be a ethical hacker and I'm wondering where to start?](https://www.reddit.com/r/HowToHack/comments/1iclkz2/hi_im_14_and_wanna_be_a_ethical_hacker_and_im/) + - [ ] [Help](https://www.reddit.com/r/HowToHack/comments/1icjzs0/help/) + - [ ] [What is the best hacking software to send attacks (2025)](https://www.reddit.com/r/HowToHack/comments/1ick00s/what_is_the_best_hacking_software_to_send_attacks/) +- Computer Forensics + - [ ] [Richard Green's Updated Report for Karen Read Trial 2:27 Hos long to die](https://www.reddit.com/r/computerforensics/comments/1iczkut/richard_greens_updated_report_for_karen_read/) + - [ ] [ASHATA Mini Body Camera](https://www.reddit.com/r/computerforensics/comments/1id7w7p/ashata_mini_body_camera/) + - [ ] [BCFE / Digital Forensics Career Entry Question](https://www.reddit.com/r/computerforensics/comments/1icw0q0/bcfe_digital_forensics_career_entry_question/) + - [ ] [BREW Help](https://www.reddit.com/r/computerforensics/comments/1iclcjn/brew_help/) + - [ ] [FBI didn’t need to crack Tor or Bitcoin to catch Ulbricht—his old forum posts did the job. If you want to see how small OPSEC mistakes can be fatal, we broke it all down](https://www.reddit.com/r/computerforensics/comments/1icpd7d/fbi_didnt_need_to_crack_tor_or_bitcoin_to_catch/) +- netsecstudents: Subreddit for students studying Network Security and its related subjects + - [ ] [So You Want To Work in Cyber Security?](https://www.reddit.com/r/netsecstudents/comments/1iczqhp/so_you_want_to_work_in_cyber_security/) + - [ ] [How to get into Soc](https://www.reddit.com/r/netsecstudents/comments/1icxb62/how_to_get_into_soc/) +- Blackhat Library: Hacking techniques and research + - [ ] [my midjourney api didn't make it, but it still works](https://www.reddit.com/r/blackhat/comments/1id406q/my_midjourney_api_didnt_make_it_but_it_still_works/) + - [ ] [LinkedIn Accounts provider?](https://www.reddit.com/r/blackhat/comments/1icha04/linkedin_accounts_provider/) +- The Hacker News + - [ ] [Lazarus Group Uses React-Based Admin Panel to Control Global Cyber Attacks](https://thehackernews.com/2025/01/lazarus-group-uses-react-based-admin.html) + - [ ] [AI in Cybersecurity: What's Effective and What’s Not – Insights from 200 Experts](https://thehackernews.com/2025/01/ai-in-cybersecurity-whats-effective-and.html) + - [ ] [New SLAP & FLOP Attacks Expose Apple M-Series Chips to Speculative Execution Exploits](https://thehackernews.com/2025/01/new-slap-flop-attacks-expose-apple-m.html) + - [ ] [How Interlock Ransomware Infects Healthcare Organizations](https://thehackernews.com/2025/01/how-interlock-ransomware-infects.html) + - [ ] [Critical Cacti Security Flaw (CVE-2025-22604) Enables Remote Code Execution](https://thehackernews.com/2025/01/critical-cacti-security-flaw-cve-2025.html) + - [ ] [UAC-0063 Expands Cyber Attacks to European Embassies Using Stolen Documents](https://thehackernews.com/2025/01/uac-0063-expands-cyber-attacks-to.html) + - [ ] [Broadcom Warns of High-Severity SQL Injection Flaw in VMware Avi Load Balancer](https://thehackernews.com/2025/01/broadcom-warns-of-high-severity-sql.html) + - [ ] [Zyxel CPE Devices Face Active Exploitation Due to Unpatched CVE-2024-40891 Vulnerability](https://thehackernews.com/2025/01/zyxel-cpe-devices-face-active.html) +- Social Engineering + - [ ] [When someone tells a story, what kind of questions can you ask which shows your engaged?](https://www.reddit.com/r/SocialEngineering/comments/1id7wix/when_someone_tells_a_story_what_kind_of_questions/) +- Technical Information Security Content & Discussion + - [ ] [CVE-2024-46507: Yeti Platform Server-Side Template Injection (SSTI)](https://www.reddit.com/r/netsec/comments/1id0ccq/cve202446507_yeti_platform_serverside_template/) + - [ ] [CVE-2024-49138 Windows CLFS heap-based buffer overflow analysis](https://www.reddit.com/r/netsec/comments/1icpgd8/cve202449138_windows_clfs_heapbased_buffer/) +- Trend Micro Research, News and Perspectives + - [ ] [ASRM: A New Pillar for Cyber Insurance Underwriting](https://www.trendmicro.com/en_us/research/25/a/asrm-cyber-insurance-underwriting.html) +- Palo Alto Networks Blog + - [ ] [IoMT Security Is Critical as Patients Take Control of Own Healthcare](https://www.paloaltonetworks.com/blog/2025/01/iomt-security-is-critical/) +- Deep Web + - [ ] [Onion link lisk shutdown](https://www.reddit.com/r/deepweb/comments/1icjy0g/onion_link_lisk_shutdown/) + - [ ] [experienced/long-term deep web users, what kind of life do y’all live?](https://www.reddit.com/r/deepweb/comments/1icqrs3/experiencedlongterm_deep_web_users_what_kind_of/) + - [ ] [Hackers](https://www.reddit.com/r/deepweb/comments/1icl028/hackers/) +- Dark Space Blogspot + - [ ] [Storie Di Collassi Di Fondi, Banche e Società (Trading e Investimenti)](http://darkwhite666.blogspot.com/2025/01/storie-di-collassi-di-fondi-banche-e.html) +- Security Weekly Podcast Network (Audio) + - [ ] [AI in 2025: The Shifting Regulatory Landscape For Artificial Intelligence - BSW #380](http://sites.libsyn.com/18678/ai-in-2025-the-shifting-regulatory-landscape-for-artificial-intelligence-bsw-380) +- Daniel Miessler + - [ ] [AI Novels Are Coming](https://danielmiessler.com/blog/ai-novels) diff --git a/archive/tmp/2025-01-30.json b/archive/tmp/2025-01-30.json new file mode 100644 index 0000000000..b455143c85 --- /dev/null +++ b/archive/tmp/2025-01-30.json @@ -0,0 +1,482 @@ +{ + "SecWiki News": { + "SecWiki News 2025-01-29 Review": "http://www.sec-wiki.com/?2025-01-29" + }, + "CXSECURITY Database RSS Feed - CXSecurity.com": { + "OpenPanel 0.3.4 Command Injection": "https://cxsecurity.com/issue/WLB-2025010034", + "MySchool System - Multiple Vulnerabilities": "https://cxsecurity.com/issue/WLB-2025010033", + "NEXT-EMP v1.0-Copyright © 2024. All rights reserved. File Upload-FU and Remote Code Execution-RCE": "https://cxsecurity.com/issue/WLB-2025010032" + }, + "Security Boulevard": { + "Alibaba’s Qwen 2.5-Max: The AI Marathoner Outpacing DeepSeek and Catching OpenAI’s Shadow": "https://securityboulevard.com/2025/01/alibabas-qwen-2-5-max-the-ai-marathoner-outpacing-deepseek-and-catching-openais-shadow/", + "Introducing WAF Rule Tester: Test with Confidence, Deploy without Fear | Impart Security": "https://securityboulevard.com/2025/01/introducing-waf-rule-tester-test-with-confidence-deploy-without-fear-impart-security/", + "DEF CON 32 – Tough Adversary Don’t Blame Sun Tzu": "https://securityboulevard.com/2025/01/def-con-32-tough-adversary-dont-blame-sun-tzu/", + "The OWASP NHI Top 10 and AI risk: What you need to know": "https://securityboulevard.com/2025/01/the-owasp-nhi-top-10-and-ai-risk-what-you-need-to-know/", + "API Security Is At the Center of OpenAI vs. DeepSeek Allegations": "https://securityboulevard.com/2025/01/api-security-is-at-the-center-of-openai-vs-deepseek-allegations/", + "Randall Munroe’s XKCD ‘Muons’": "https://securityboulevard.com/2025/01/randall-munroes-xkcd-muons/", + "SLAP/FLOP: Apple Silicon’s ‘Son of Spectre’ Critical Flaws": "https://securityboulevard.com/2025/01/slap-flop-apple-silicon-richixbw/", + "Our Digital Footprints are Breadcrumbs for Mapping our Personal Behavior": "https://securityboulevard.com/2025/01/our-digital-footprints-are-breadcrumbs-for-mapping-our-personal-behavior/", + "How to Find Old Accounts for Deletion": "https://securityboulevard.com/2025/01/how-to-find-old-accounts-for-deletion/", + "Codefinger Ransomware: Detection and Mitigation Using MixMode": "https://securityboulevard.com/2025/01/codefinger-ransomware-detection-and-mitigation-using-mixmode/" + }, + "Doonsec's feed": { + "青萍安全祝大家新年快乐!!!": "https://mp.weixin.qq.com/s?__biz=MzkxMzY0MzAxMw==&mid=2247487278&idx=1&sn=78ec559025c718883b9f1b1f674ba5f5", + "仅此一次,春节七折嗷!": "https://mp.weixin.qq.com/s?__biz=MzkyNTUyNTE5OA==&mid=2247486501&idx=1&sn=51fe604005374bcbfff2b9f235d97286", + "[收费公开课] 前后端分离渗透和三个突破口": "https://mp.weixin.qq.com/s?__biz=MzkyNTUyNTE5OA==&mid=2247486501&idx=2&sn=303abdda447ab10baa18016a0ae9460a", + "原创工具|Venom-JWT渗透工具 - 针对JWT漏洞和密钥爆破服务渗透测试": "https://mp.weixin.qq.com/s?__biz=Mzk0ODc1MjYyNA==&mid=2247483866&idx=1&sn=b4a7b1a90b8624e68c8e4106eccd2de9", + "大年初一,巳巳如意!": "https://mp.weixin.qq.com/s?__biz=MzkzMjQ4NTQwNw==&mid=2247483835&idx=1&sn=b593aa19e5825e5a2c3f5e1fd7546734", + "[注意保密] 新年红包雨:领取 1888$ 年度极致福利": "https://mp.weixin.qq.com/s?__biz=MzkwODI1ODgzOA==&mid=2247506610&idx=1&sn=891e78f2c8c413caa518b343114d9503", + "黑客组织Handala宣称攻破以色列国安系统 4TB机密数据遭泄露": "https://mp.weixin.qq.com/s?__biz=MzkzNDIzNDUxOQ==&mid=2247494609&idx=1&sn=10c34cea93492cfefbb71eea5f87901a", + "Urkc安全红包封面上线啦!": "https://mp.weixin.qq.com/s?__biz=MzkxNTU5NTI1Ng==&mid=2247487269&idx=1&sn=0d4c70352cf47f5360f202a395b166b6", + "【实操】利用Deepseek传承和弘扬传统文化": "https://mp.weixin.qq.com/s?__biz=MzI2MTE0NTE3Mw==&mid=2651148736&idx=1&sn=39a0df253f09d26a6151599d1e8bfb20", + "【培训】Osint开源情报练习 #002": "https://mp.weixin.qq.com/s?__biz=MzI2MTE0NTE3Mw==&mid=2651148736&idx=2&sn=ebee4c79a769e10968179969c634d83a", + "AISS大模型安全社区-2025 Roadmap": "https://mp.weixin.qq.com/s?__biz=MzkyMTI0NjA3OA==&mid=2247494053&idx=1&sn=6449e25c9c3754c833fdd7ba5435ad70", + "2025新春致谢 | 金蛇纳福启新程": "https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458589299&idx=1&sn=5e38768a37484f2f38cd5b8da65a095b", + "Windows 11 24H2 上的进程镂空技术": "https://mp.weixin.qq.com/s?__biz=MzAxODM5ODQzNQ==&mid=2247486790&idx=1&sn=c0d73c1ebaa8ed6fd5ec7a87a43b25eb", + "德国数据保护机构《标准数据保护模式》中译文": "https://mp.weixin.qq.com/s?__biz=MzIxODM0NDU4MQ==&mid=2247506191&idx=1&sn=5c306df3d480ebc5a37d4e207d432f24", + "新年零食大礼包抽奖开奖": "https://mp.weixin.qq.com/s?__biz=Mzg4NDg2NTM3NQ==&mid=2247484712&idx=1&sn=fd70a0465dbf9e30c615379a6bdda89d", + "【卫星图像】金正恩考察朝鲜核物质生产基地和核武器研究所": "https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650559318&idx=1&sn=f93bc65cb4cf2587b134129cbdca5205", + "美日韩“抱团”:三国首次会谈聚焦朝鲜核威胁": "https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650559318&idx=2&sn=eef1bccee4db52de82349056e07e8aca", + "致情报分析师公众号全体粉丝": "https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650559318&idx=3&sn=be997ee6361433a289ec6c156aca06a7", + "Ghosten Player:全平台视频播放器,云盘/本地/IPTV资源一网打尽,支持TV和刮削!": "https://mp.weixin.qq.com/s?__biz=MzA4MjkzMTcxMg==&mid=2449046775&idx=1&sn=403d11271cef923ea84dfc9005eed22e", + "“巳巳”如意|蛇年大吉u200b": "https://mp.weixin.qq.com/s?__biz=MzU4MTg1NzAzMA==&mid=2247490620&idx=1&sn=48ea11f22a243fbf8b403f5347af6b4b", + "收藏 | dotNet安全矩阵 2024 年度安全防御绕过阶段文章和工具汇总": "https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498553&idx=1&sn=1d8935d674697bc89a84b1b07dd7573a", + ".NET 内网攻防实战电子报刊": "https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498553&idx=2&sn=2eabd584fcc38d4a3de34cbc21b247b8", + "收藏 | dotNet安全矩阵 2024 年度外网入口打点阶段文章和工具汇总": "https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498553&idx=3&sn=11f8acaa352ccc07f18420479c442a8b", + "【新春福利免费开放】【20250129更新】GrayLog开源日志管理平台技术文章合集【共80篇】": "https://mp.weixin.qq.com/s?__biz=MzU2MjU1OTE0MA==&mid=2247499654&idx=1&sn=1717caf72330209a0d7860dac066d9aa", + "ISO 45001: 2018 标准详解与实施(10)6.1.2 危险源辨识及风险和机遇的评价": "https://mp.weixin.qq.com/s?__biz=MzA5OTEyNzc1Nw==&mid=2247486046&idx=1&sn=e0752fe57f13f49404b464a8a5d23bf8", + "中亚新位置:美国到底是“机遇”还是“陷阱”?": "https://mp.weixin.qq.com/s?__biz=MzkwNzM0NzA5MA==&mid=2247505009&idx=1&sn=a675523c007664b3ded75ff213872283", + "曼德海峡危机:胡塞武装如何搅动全球贸易与地缘政治的“一池春水”?": "https://mp.weixin.qq.com/s?__biz=MzkwNzM0NzA5MA==&mid=2247505009&idx=2&sn=30bc5ffc5afc9a5458d174a81224a804", + "DeepSeek遭受美国大规模黑客DDOS攻击!该如何应对?": "https://mp.weixin.qq.com/s?__biz=Mzk1NzMwNTM5NQ==&mid=2247483894&idx=1&sn=a0a2746ea96e1c4da9caa325f9851abd", + "蛇年快乐!": "https://mp.weixin.qq.com/s?__biz=MzI1Mjc3NTUwMQ==&mid=2247538527&idx=1&sn=a6a982145ee51f2707a9b7d2914c057c", + "花指令——新春快乐版": "https://mp.weixin.qq.com/s?__biz=MzkyNTYwOTMyNA==&mid=2247485009&idx=1&sn=71e8f9c7d9658e891eb9aa14140fac0c", + "我让DeepSeek锐评下网络安全行业现状,它的回答......": "https://mp.weixin.qq.com/s?__biz=MzkzMjIxNjExNg==&mid=2247486228&idx=1&sn=710163f3aca52010a4b552bf987a7b69", + "复旦白泽给大家拜年啦!祝大家蛇年大吉,巳巳如意,Paper如潮成果丰!": "https://mp.weixin.qq.com/s?__biz=MzU4NzUxOTI0OQ==&mid=2247492844&idx=1&sn=a8d82e9664fd92535652abde94911226", + "记一次SRC利用github搜索拿下中危漏洞": "https://mp.weixin.qq.com/s?__biz=MzUyODkwNDIyMg==&mid=2247547532&idx=1&sn=a25d3179451f39184a2c2306e222d2f5", + "新年快乐 | 渊亭科技祝您巳巳如意,蛇年大吉!": "https://mp.weixin.qq.com/s?__biz=MzIzNjE1ODE2OA==&mid=2660190405&idx=1&sn=b33a770adf5ed142dc3ac8c2afba90ef", + "揭露俄罗斯APT新手段:Gamaredon首次使用安卓间谍软件骨骼间谍(BoneSpy)和伪装侦察(PlainGnome)": "https://mp.weixin.qq.com/s?__biz=Mzg3OTYxODQxNg==&mid=2247485657&idx=1&sn=1c6e5658064e3bb16435047e39a9f311", + "中医学论文大纲完善与落实指南:让你的论文架构更清晰!": "https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247493256&idx=1&sn=592a8a23a41a09fc0c7f61488411d5d8", + "中医学论文搜集文献攻略:10分钟搞定一个月找不全的经典文献库!": "https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247493256&idx=2&sn=9e44f435954053a0a3863c6ca466f2c8", + "终于搞懂了!新手如何玩转新闻学论文的文献综述写作攻略,快速上手!": "https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247493256&idx=3&sn=86c1867c8e4f63023a0328e127fc79fb", + "终于掌握水产养殖学论文搜集文献秘诀!完整指南公开!": "https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247493256&idx=4&sn=050db58f55d66a155a674ae62fbc198d", + "终于知道日语论文搜集文献这门道,超实用版硬核干货!": "https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247493256&idx=5&sn=1dd216f434bb52375a8b6847836147b5", + "重磅揭秘:内行人才懂的林业技术论文文献综述写作高阶指南!": "https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247493256&idx=6&sn=d4792364daac44d36e9ee0fe60f8a44a", + "专家带路:农业工程论文选题高分技巧,快速锁定黄金选题!": "https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247493256&idx=7&sn=f8f67fececd526ee35399b356da849e1", + "专家级企业管理论文搜集文献内部秘籍:外企高级经理人都在偷学的全流程技巧。": "https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247493256&idx=8&sn=5ff567d0085a3894e4c0033cd8301bb9", + "红队和 Web 黑盒审计的侦察脚本": "https://mp.weixin.qq.com/s?__biz=MzAxMjYyMzkwOA==&mid=2247527357&idx=1&sn=c83b93750bea91d42a144b5a5739a263", + "滥用 Windows fork API 和 OneDrive.exe 进程来注入恶意 shellcode": "https://mp.weixin.qq.com/s?__biz=MzAxMjYyMzkwOA==&mid=2247527357&idx=2&sn=cb567e9fa5f939b386410eaa2208192b", + "零日漏洞正在推动 Fortinet 防火墙攻击(CVE-2024-55591 已确认)": "https://mp.weixin.qq.com/s?__biz=MzAxMjYyMzkwOA==&mid=2247527357&idx=3&sn=a9547ba6b29ff579585ca08ae6e20652", + "好的伴侣可以减少一半人间疾苦,合适的工作更是这样": "https://mp.weixin.qq.com/s?__biz=MzUzNjkxODE5MA==&mid=2247488193&idx=1&sn=98fb524ba32bd4acb817ce28aedc8a4d", + "夜鹰(NightHawk)C2工具被泄露了?": "https://mp.weixin.qq.com/s?__biz=MzA4ODEyODA3MQ==&mid=2247490232&idx=1&sn=71a4e338358972fe51261cbc15ddcc02", + "万象更新 共启新程|四叶草安全祝您鸿运当头": "https://mp.weixin.qq.com/s?__biz=MjM5MTI2NDQzNg==&mid=2654552292&idx=1&sn=94bfca6ee6e6469f09475331d9ec1dff", + "新春伊始,红日安全启航!愿与您共同筑牢数字防线,共同迈向更安全的明天!🔒🌱": "https://mp.weixin.qq.com/s?__biz=MzI4NjEyMDk0MA==&mid=2649851765&idx=1&sn=568da818c7d56ee694372f7ca3d04ddc", + "暗网情报5则:VPN权限出售-CNN马来西亚遭勒索": "https://mp.weixin.qq.com/s?__biz=MzkyMjQ5ODk5OA==&mid=2247507140&idx=1&sn=39e2cd4ca4a8b2405576bcc343bea2c6", + "5th域安全微讯早报【20250129】025期": "https://mp.weixin.qq.com/s?__biz=MzkyMjQ5ODk5OA==&mid=2247507140&idx=2&sn=e324fe0e8dc2c445cc103295d565424b", + "有人急了。。。DeepSeek。。。线上服务受到大规模恶意攻击。。。": "https://mp.weixin.qq.com/s?__biz=MzU2NzY5MzI5Ng==&mid=2247504835&idx=1&sn=145feae85263084b1b6d5bd7b36c7877", + "新型“Sneaky 2FA”钓鱼工具包瞄准微软365账户,绕过双重认证(2FA)窃取凭证": "https://mp.weixin.qq.com/s?__biz=MzA4NTY4MjAyMQ==&mid=2447900162&idx=1&sn=f1cd9351fa6107901ed7fa81fb279643", + "大年初一 | 开源网安祝福大家事业蒸蒸日上,生活阖家美满": "https://mp.weixin.qq.com/s?__biz=MzI0NzY1MDgyMw==&mid=2247514013&idx=1&sn=5833bcc742d0d3e15ef6b74df78cc868", + "碳泽信息祝您新春快乐,巳巳如意!": "https://mp.weixin.qq.com/s?__biz=Mzk0ODI4MDI4Nw==&mid=2247494627&idx=1&sn=ffc67d2a6efe5b59293eda6175d3226f", + "【2025春节】解题领红包活动开始喽,解出就送论坛币!": "https://mp.weixin.qq.com/s?__biz=MjM5Mjc3MDM2Mw==&mid=2651141655&idx=1&sn=d21717226e40032625a74a2d00255e23", + "巳巳如意 | 蛇年大吉": "https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651313207&idx=1&sn=6fbe79faad8cf2aedae18f3523b11c63", + "《信息安全研究》恭祝大家新春快乐!": "https://mp.weixin.qq.com/s?__biz=MzA3NzgzNDM0OQ==&mid=2664992974&idx=1&sn=9cd2cb9e2b233b74a40604ea67942fa7", + "大年初一丨安天智甲给您拜年了": "https://mp.weixin.qq.com/s?__biz=MjM5MTA3Nzk4MQ==&mid=2650209897&idx=1&sn=6bfd5ddbc7574bf32992f11997f69d3d", + "大年初一,拜大年": "https://mp.weixin.qq.com/s?__biz=MjM5ODYyMTM4MA==&mid=2650464736&idx=1&sn=bc114265d19b16cd3c45f4cc8b871012", + "联想全球安全实验室恭祝大家新春快乐!": "https://mp.weixin.qq.com/s?__biz=MzU1ODk1MzI1NQ==&mid=2247491548&idx=1&sn=73c8dbc0a4131745e3e798eaa6404d16", + "大年初一 蛇来运转": "https://mp.weixin.qq.com/s?__biz=Mzg2MTU5ODQ2Mg==&mid=2247507173&idx=1&sn=3b4749529f6bca97d5553cb65fdec622", + "数字取证之证据识别u200c": "https://mp.weixin.qq.com/s?__biz=MjM5OTk4MDE2MA==&mid=2655264820&idx=1&sn=c47fa7a58ac994934f15782210c4718b", + "网安原创文章推荐【2025/1/28】": "https://mp.weixin.qq.com/s?__biz=MzAxNzg3NzMyNQ==&mid=2247489519&idx=1&sn=b63ac6606b1606adc9ec3fbf28433922", + "大年初一到,财来福星照!新的一年,祝大家巳巳如意,蛇年行大运。": "https://mp.weixin.qq.com/s?__biz=MzkyNDUxNTQ2Mw==&mid=2247485819&idx=1&sn=a9119ee1b24d286f56cda649c53d5870", + "大年初一 | 祥蛇纳福,“巳巳”如意": "https://mp.weixin.qq.com/s?__biz=MzA4MTg0MDQ4Nw==&mid=2247579267&idx=1&sn=b6b08865f0534077a40f3e336e85bd3f", + "SQLite数据库注入攻击技术研究": "https://mp.weixin.qq.com/s?__biz=MjM5MjEyMTcyMQ==&mid=2651037456&idx=1&sn=26b186946b56da6148be861444022c93", + "春节": "https://mp.weixin.qq.com/s?__biz=MzUyMjAyODU1NA==&mid=2247491946&idx=1&sn=960238aa34a57daeb943121fa63418f3", + "新年好运签 | 统一云防御:统一防护管理,筑牢网络边界": "https://mp.weixin.qq.com/s?__biz=MjM5NzA3Nzg2MA==&mid=2649870831&idx=1&sn=f2dffa473f8078bccfce2ac7f3814c1d", + "春节|安赛祝大家新年快乐!": "https://mp.weixin.qq.com/s?__biz=MzI3MzA2MTk3Mw==&mid=2657788240&idx=1&sn=8d0ec3ec282dc8d43159d7636218278b", + "新春快乐|安势信息祝大家蛇年大吉!": "https://mp.weixin.qq.com/s?__biz=Mzg3MDgyMzkwOA==&mid=2247491507&idx=1&sn=51f24fc4ce62cb89254184ab41c5d934", + "初一|身体健康,万事如意!": "https://mp.weixin.qq.com/s?__biz=MzU1MzE3Njg2Mw==&mid=2247510392&idx=1&sn=23b6d35cb71d82c23d562ba42b1e0694", + "2024年公众号优质文章汇总": "https://mp.weixin.qq.com/s?__biz=Mzg4NDg3NjE5MQ==&mid=2247485613&idx=1&sn=2ea4aed4c2413869c00fb53f76d1fae5", + "正月初一 | 一帆风顺 元启新程": "https://mp.weixin.qq.com/s?__biz=MzI2MzU0NTk3OA==&mid=2247506080&idx=1&sn=de989f72a1c24a6013bc32834fd66539", + "捷普焕新领先产品全系列": "https://mp.weixin.qq.com/s?__biz=MzI2MzU0NTk3OA==&mid=2247506080&idx=2&sn=ddbcbdccb66e8f94303cf95a7dd9420e", + "【焕新领先】 捷普态势感知系统": "https://mp.weixin.qq.com/s?__biz=MzI2MzU0NTk3OA==&mid=2247506080&idx=3&sn=5e87f69e3e89d5d4d0e72e5e973c9f0a", + "粤港澳大湾区网络安全协会祝您新年快乐!": "https://mp.weixin.qq.com/s?__biz=MzkwOTUyODE5Mg==&mid=2247485770&idx=1&sn=8c67f414c1d5363770af6d0c2d909922", + "关于网络安全指标的思考": "https://mp.weixin.qq.com/s?__biz=MzkwOTUyODE5Mg==&mid=2247485770&idx=2&sn=83e45c1783b1612d8163d9544c9f6b47", + "众安天下祝您新春快乐、蛇年大吉!": "https://mp.weixin.qq.com/s?__biz=MzIyOTUzODY5Ng==&mid=2247504322&idx=1&sn=5e6878918dcc0b4c304704e423a7a2c3", + "天工实验室祝大家蛇年大吉,万事如意!": "https://mp.weixin.qq.com/s?__biz=Mzk0OTU2ODQ4Mw==&mid=2247486754&idx=1&sn=62aa67a56b66db75099aae8ea64ceef9", + "渗透测试 | 某学校授权渗透测试评估": "https://mp.weixin.qq.com/s?__biz=Mzk0Mzc1MTI2Nw==&mid=2247487347&idx=1&sn=ecfde99bcc6735f0141a9b575a90c556", + "有度安全给大家拜年啦!灵蛇启新元,初一福泽绵": "https://mp.weixin.qq.com/s?__biz=Mzg3NTEyMzU4OA==&mid=2247513467&idx=1&sn=c5f15ab42712064a3075e44a9bc4d911", + "元春始风华,万象启新朝。深圳市网安计算机网络安全培训中心恭祝您福启新岁,万事顺遂。": "https://mp.weixin.qq.com/s?__biz=Mzg3MDYzMjAyNA==&mid=2247486206&idx=1&sn=c7d7d28fb1d2de4e50c094c384bd700e", + "大年初一:福满新岁": "https://mp.weixin.qq.com/s?__biz=MzU0NDk0NTAwMw==&mid=2247624760&idx=1&sn=7d6fdaf5776b133489f8cbfd0cf87135", + "新春快乐,万事如意": "https://mp.weixin.qq.com/s?__biz=MzI3NDY3NDUxNg==&mid=2247498914&idx=1&sn=9db465eba52da2dd54e90fb40b843bf6", + "拜年啦:恭贺新禧,蛇年大吉!": "https://mp.weixin.qq.com/s?__biz=Mzg2MDg0ODg1NQ==&mid=2247540150&idx=1&sn=c11b523ae88eb1cdd1b00c2e2e1e7f4b", + "安领可信给您拜年啦!": "https://mp.weixin.qq.com/s?__biz=MzUxNjUwNDU4OQ==&mid=2247483953&idx=1&sn=661f7bc51d8046599be7e71f46852275", + "大年初一 汉华信安给您拜年了": "https://mp.weixin.qq.com/s?__biz=Mzg5ODYyMTI2NA==&mid=2247484582&idx=1&sn=e4a8c83e259a25f4a962bab36d0c0afd", + "正月初一拜大年!亚信安全祝大家蛇年顺遂,蛇蛇如意": "https://mp.weixin.qq.com/s?__biz=MjM5NjY2MTIzMw==&mid=2650620958&idx=1&sn=1a539d599c8fa0167941d6bccc946ec9", + "大年初一 一帆风顺": "https://mp.weixin.qq.com/s?__biz=MjM5NzE0NTIxMg==&mid=2651135288&idx=1&sn=c8bf1121cab73be169ecaa119f5d9d5b", + "慢雾科技祝大家新春快乐,“巳巳”如意!": "https://mp.weixin.qq.com/s?__biz=MzU4ODQ3NTM2OA==&mid=2247501035&idx=1&sn=59e84e7659d99a54b6501ec2191845d8", + "新年快乐 | 渊亭防务祝您巳巳如意,蛇年大吉!": "https://mp.weixin.qq.com/s?__biz=Mzg2NTYyODgyNg==&mid=2247504626&idx=1&sn=947b971cf92a530af5d4af7a9f40378b", + "初一 | 鞭炮声声辞旧岁,新衣新貌贺新年!": "https://mp.weixin.qq.com/s?__biz=MzU4NjY4MDAyNQ==&mid=2247497078&idx=1&sn=93f0e2203558c5d2186205dae47e4ab0", + "墨云科技 | 金蛇献瑞,谨贺新年": "https://mp.weixin.qq.com/s?__biz=MzU5ODE2NDA3NA==&mid=2247496753&idx=1&sn=101bd162fb27a6b210c95d36ff4756c7", + "磐石安科技|恭贺蛇年大吉!": "https://mp.weixin.qq.com/s?__biz=MzkwNDI0MjkzOA==&mid=2247485840&idx=1&sn=e5045c1d16e658ef82f838d19add009a", + "正月初一 | 安泰如意": "https://mp.weixin.qq.com/s?__biz=Mzg2NDU3Mzc5OA==&mid=2247489779&idx=1&sn=76fc6dae86e231c41efea62f0565ac21", + "大年初一 | 金蛇献瑞迎新春,岁月悠悠送吉祥": "https://mp.weixin.qq.com/s?__biz=Mzk0MDQ5MTQ4NA==&mid=2247487427&idx=1&sn=eeef20b9473215312b0e39159d148a5b", + "拜年啦": "https://mp.weixin.qq.com/s?__biz=MzkxNTIwNTkyNg==&mid=2247553215&idx=1&sn=9e310bac7fb47a94b16a9da14e538d01", + "大年初一丨新春启航,万事如意": "https://mp.weixin.qq.com/s?__biz=MzAwNTAxMjUwNw==&mid=2650277649&idx=1&sn=f1b0ac4ba8a25aeb6f61b973093d555f", + "春节|瑞蛇迎春,共赴新程": "https://mp.weixin.qq.com/s?__biz=MzkxODczNjA4NQ==&mid=2247494021&idx=1&sn=55cd58add868195168feda1b08a0a2f1", + "初一 | 大年初一 万事胜意": "https://mp.weixin.qq.com/s?__biz=MzU1OTc2MzE2Mg==&mid=2247489329&idx=1&sn=d001254620cb5ccdcf51cb5a9a73670e", + "祝大家新年蛇年大吉,健康喜乐": "https://mp.weixin.qq.com/s?__biz=MzkzNDIzNDUxOQ==&mid=2247494577&idx=1&sn=4d5a9964a63a52fe6cdd3febc7abd292", + "苹果修补了 2025 年首个被利用的 iOS 0day(CVE-2025-24085)": "https://mp.weixin.qq.com/s?__biz=MzkzNDIzNDUxOQ==&mid=2247494577&idx=2&sn=2a3b9a9481760f2c54d584ed72cf307c", + "春节 | 灵蛇迎春,福运满屋": "https://mp.weixin.qq.com/s?__biz=MzU3MDA0MTE2Mg==&mid=2247492564&idx=1&sn=44253e74476868913d0de1065716dfad", + "梅苑安全携带小猫祝大家蛇年快乐": "https://mp.weixin.qq.com/s?__biz=MzkwMTU2NzMwOQ==&mid=2247484530&idx=1&sn=8610d601d8d5bd24528dc1545e83c1a5", + "红队移动端评估测试工具": "https://mp.weixin.qq.com/s?__biz=MzkyNzIxMjM3Mg==&mid=2247489192&idx=1&sn=f92f78566f73bdbcee373ac7834d1396", + "不足挂齿": "https://mp.weixin.qq.com/s?__biz=MzkyNzIxMjM3Mg==&mid=2247489192&idx=2&sn=4597cbd9bbf1d814a4d86c26bfb77eed", + "范渊新年献词:以韧性回应时代,以AI引领未来": "https://mp.weixin.qq.com/s?__biz=MjM5NTE0MjQyMg==&mid=2650624573&idx=1&sn=bde5fc48268dbc7566e0b36ca5ea68e8", + "【初一】新岁启封,同赴新程": "https://mp.weixin.qq.com/s?__biz=MjM5NTE0MjQyMg==&mid=2650624573&idx=2&sn=c4581b248078cb6ff6f9d465754da975", + "像 C2 一样使用 VSCode - 红队风格": "https://mp.weixin.qq.com/s?__biz=MzkwOTE5MDY5NA==&mid=2247504777&idx=1&sn=6a7bb7db4890f89678a69854ecbce461", + "InForSec祝网络安全华人学者春节愉快!": "https://mp.weixin.qq.com/s?__biz=MzA4ODYzMjU0NQ==&mid=2652317463&idx=1&sn=3b304079c535abddffd4968cd9d1c718", + "蛇年大吉": "https://mp.weixin.qq.com/s?__biz=MzI2Mzc4ODc1NQ==&mid=2247489583&idx=1&sn=e98d28ca40b57b5b32aac53edfeb1946", + "【贺蛇年】初一纳福 网安启途": "https://mp.weixin.qq.com/s?__biz=MzAxMjE1MDY0NA==&mid=2247508841&idx=1&sn=8c7d1aeb8c2b6827bcde2b323e04027e", + "别搞": "https://mp.weixin.qq.com/s?__biz=MzAwMjQ2NTQ4Mg==&mid=2247496843&idx=1&sn=12979bae2be8a2d90496e7c79e8bb831", + "国自然中标真不难!十年评审专家1v1精修本子,中标率提升58%": "https://mp.weixin.qq.com/s?__biz=MzAwMjQ2NTQ4Mg==&mid=2247496843&idx=2&sn=d9858f7695b5db1be02e2d9887ab97d1", + "【大年初一】喜迎蛇年 瑞气呈祥": "https://mp.weixin.qq.com/s?__biz=MjM5NzYwNDU0Mg==&mid=2649249641&idx=1&sn=7a41d8aceeeb227acfb93b534968da9c", + "迎新年,启新篇|任子行祝您新春快乐、蛇年行大运": "https://mp.weixin.qq.com/s?__biz=MzI0NjAyMjU4MA==&mid=2649595765&idx=1&sn=fd65317a7df2cda280b10b05734a7e1d", + "新年伊始,华为星河AI融合SASE解决方案祝您“SASE”过群雄,一鸣惊人!": "https://mp.weixin.qq.com/s?__biz=MzAwODU5NzYxOA==&mid=2247505875&idx=1&sn=d3e7db45fae8f8b023d025df3a110d88", + "初一 | 新春纳福": "https://mp.weixin.qq.com/s?__biz=MzIxNTQxMjQyNg==&mid=2247493740&idx=1&sn=3a548b5f7979b125fbee60be48b4bfe1", + "【2025】新年快乐": "https://mp.weixin.qq.com/s?__biz=MzUwOTc3MTQyNg==&mid=2247491386&idx=1&sn=81b68fc009fb3bb698df452f0490aebb", + "分享图片": "https://mp.weixin.qq.com/s?__biz=MzI3Njc1MjcxMg==&mid=2247494394&idx=1&sn=46b470b30f34d28b91b7446c0432ba7f", + "巳巳如意 生生不息丨云天安全祝您新春快乐": "https://mp.weixin.qq.com/s?__biz=MzI2NDYzNjY0Mg==&mid=2247501216&idx=1&sn=1bb93c2c50c51f4ba008c8c002e163e1", + "Mac下破解激活JetBrains产品": "https://mp.weixin.qq.com/s?__biz=Mzg5OTgzMzA1OA==&mid=2247483872&idx=1&sn=8fa59f27c9706af7c69ee722c4016785", + "正月初一|金蛇迎春 巳巳如意": "https://mp.weixin.qq.com/s?__biz=MzIxNDIzNTcxMg==&mid=2247506758&idx=1&sn=b9e384ec8963ccca8fe2773ebbb9023c", + "魔方安全祝你蛇来运转,前程螣螣": "https://mp.weixin.qq.com/s?__biz=MzI3NzA5NDc0MA==&mid=2649292206&idx=1&sn=3f87066febd3b789c0e7db2baf1fd1f9", + "灵蛇启新元 初一福泽绵": "https://mp.weixin.qq.com/s?__biz=MzU0MjEwNTM5Ng==&mid=2247520421&idx=1&sn=9d1cb6d9e4d36868892fdffebe8001f7", + "瑞蛇迎春,共筑网安新未来!": "https://mp.weixin.qq.com/s?__biz=MzU5ODgzNTExOQ==&mid=2247635828&idx=1&sn=dc1ea39348bc6420d3d24e3cbd1814d2", + "大年初一|蛇年顺遂,事事如意!": "https://mp.weixin.qq.com/s?__biz=MzU2NzUxMTM0Nw==&mid=2247513467&idx=1&sn=976f6d8db01ae07c788cd029211a3ee6", + "山石网科·AI汇东方|正月初一,蛇年大吉": "https://mp.weixin.qq.com/s?__biz=MzAxMDE4MTAzMQ==&mid=2661298278&idx=1&sn=48cdce5c730da12f4ee90406ada0f6f5", + "拜大年|蛇跃新程 云科同行!": "https://mp.weixin.qq.com/s?__biz=Mzg2NTk3NjczNQ==&mid=2247485633&idx=1&sn=8b101c6e5ac782199e1104c0e13efbc4", + "恭贺新春 | 金盾信安祝您新春快乐,蛇年大吉!": "https://mp.weixin.qq.com/s?__biz=MjM5NjA2NzY3NA==&mid=2448682671&idx=1&sn=5bdff851e304d4dbeff7833d0318a678", + "迎新春 过新年 御盾安全给大家拜年啦!": "https://mp.weixin.qq.com/s?__biz=MzU4ODgxMjE0Mw==&mid=2247486347&idx=1&sn=858139f172118c4bb834d05bf953cc4f", + "蛇年到,福气绕,元支点给您拜年啦!": "https://mp.weixin.qq.com/s?__biz=MzI4MDE2MzA4Mw==&mid=2667651078&idx=1&sn=747dc83ae36cc0ea5c1b93eb4bdbaf25", + "极验给大家拜年了!": "https://mp.weixin.qq.com/s?__biz=MzI2MDE5MTQxNg==&mid=2649723247&idx=1&sn=589cd5ffbdc64554e70c473143cb5c8e", + "一元复始 万象更新,能信安祝您及家人新春大吉 万事如意!": "https://mp.weixin.qq.com/s?__biz=MzI1MTYzMjY1OQ==&mid=2247490788&idx=1&sn=4ecf028f6de13d48505acb287263846e", + "初一 | 恭贺新春,蛇年大吉!": "https://mp.weixin.qq.com/s?__biz=Mzg4MjQ4MjM4OA==&mid=2247523802&idx=1&sn=6d75fb5fa444f7b8b4309bb64caadaf9", + "金蛇纳福 | 大年初一,网安拜大年!": "https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235919&idx=1&sn=a091ebd91146a52049677eef87b7cfa1", + "蛇年大吉 恭贺新春": "https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235919&idx=2&sn=1b8c628b25f0a25746c47876084b1c61", + "祥蛇贺岁!2025,祝您蛇年顺遂、巳巳如意": "https://mp.weixin.qq.com/s?__biz=MzkyNDcwMTAwNw==&mid=2247533748&idx=1&sn=2d4e5d8e231d87a0691bbaaf7bf882f2", + "祥蛇献瑞,国泰家康丨永信至诚祝您新春快乐!": "https://mp.weixin.qq.com/s?__biz=MzAwNDUyMjk4MQ==&mid=2454829244&idx=1&sn=15d13b997ed8a1d2b6de05f8f19815f0", + "洞察2025年网络安全产业趋势": "https://mp.weixin.qq.com/s?__biz=Mzg5OTg5OTI1NQ==&mid=2247489844&idx=1&sn=36f1c90e8bd6d4b656b0d844e9d34e9f", + "新年快乐,巳巳如意!": "https://mp.weixin.qq.com/s?__biz=Mzk0NTU0ODc0Nw==&mid=2247491864&idx=1&sn=bdd69466a0fca637b7efccc408def11e", + "蛇跃新程,矢安科技祝您新的一年“巳巳如意”!": "https://mp.weixin.qq.com/s?__biz=Mzg2Mjc3NTMxOA==&mid=2247516821&idx=1&sn=b60521f8bd702c0158be36308c378c7f", + "拜大年,心向暖阳,愿邮件安全顺遂无忧": "https://mp.weixin.qq.com/s?__biz=MzA5NjMyMDEwNg==&mid=2649286360&idx=1&sn=010f5320070eb627541f94e272efd09b", + "初一 | 拜大年": "https://mp.weixin.qq.com/s?__biz=MzI5NjA4NjA3OA==&mid=2652102063&idx=1&sn=3c51fdc8f0addd6ae0cfb25d2b458ea3", + "新春快乐,蛇年吉祥,祝公众号的朋友们身体健康,工作顺利!": "https://mp.weixin.qq.com/s?__biz=Mzg3NTUzOTg3NA==&mid=2247515082&idx=1&sn=47788096ca6fa4a1ecb947344b4af31a", + "恭贺新春": "https://mp.weixin.qq.com/s?__biz=MzU3NTQwNDYyNA==&mid=2247488573&idx=1&sn=0d50fb0a6590fdc5c74cdc1b072da0d9", + "医疗行业数据安全风险评估实践指南(一)": "https://mp.weixin.qq.com/s?__biz=MzA5MTYyMDQ0OQ==&mid=2247493571&idx=1&sn=5bb28d26963d363a5d4590d66a8df87b", + "乙巳春节|新岁启封 万象更新": "https://mp.weixin.qq.com/s?__biz=MjM5NjU0NDQ1Ng==&mid=2671019617&idx=1&sn=629fac95808c3f7da16dfa3856f5403c", + "蛇年至,万象新,安易科技祝您新年快乐!": "https://mp.weixin.qq.com/s?__biz=MzkwMTI3ODUxOQ==&mid=2247485207&idx=1&sn=b324e11004c245d1addc71c420ae24b2", + "拜大年 | 竹爆声声辞旧岁,烟花朵朵迎新春。知白学院给您拜年啦~": "https://mp.weixin.qq.com/s?__biz=MzUzNDg0NTc1NA==&mid=2247510555&idx=1&sn=adf528e69e77da7e1ade94a1037f657a", + "贺新春!": "https://mp.weixin.qq.com/s?__biz=MzUxODY3MDExMA==&mid=2247490118&idx=1&sn=41ce7f2bb938c7cb6e68ae48ea0bed1b", + "新年祝福": "https://mp.weixin.qq.com/s?__biz=Mzg4Nzk3MTg3MA==&mid=2247487719&idx=1&sn=cdab963d88b8a7a93f57e02822946c95", + "船山信安给各位师傅们拜年啦!": "https://mp.weixin.qq.com/s?__biz=MzU2NDY2OTU4Nw==&mid=2247518508&idx=1&sn=0bcd7cdfb692d548afb9fc3e4e0aabd8", + "新年记": "https://mp.weixin.qq.com/s?__biz=MzU0NDI5NTY4OQ==&mid=2247486261&idx=1&sn=a99fd42137a2c3a4e337746ba8d1c4d7", + "安全客祝您蛇来运转,福满乾坤!": "https://mp.weixin.qq.com/s?__biz=MzA5ODA0NDE2MA==&mid=2649787812&idx=1&sn=db21fb03c585e8434fd2aa509fe447b4", + "【新年快乐】菜狗安全祝师傅们新年快乐(内含抽奖)": "https://mp.weixin.qq.com/s?__biz=Mzg4MzkwNzI1OQ==&mid=2247485729&idx=1&sn=a0b793b557e83bc2f4e8ab3baff70b5b", + "HackingClub祝您巳巳如意,前程螣螣!": "https://mp.weixin.qq.com/s?__biz=MzkxMzE4MTc5Ng==&mid=2247499518&idx=1&sn=d9ce9cfedb17f3e247b95cd20c211551", + "内生安全联盟恭祝大家新春快乐,万事大吉!": "https://mp.weixin.qq.com/s?__biz=Mzg4MDU0NTQ4Mw==&mid=2247528904&idx=1&sn=4e192436cfabe37848d9c0a532aeaba5", + "🐱网安招财喵喵新春祝福~": "https://mp.weixin.qq.com/s?__biz=MzkzNjE5NjQ4Mw==&mid=2247543340&idx=1&sn=ee9b97e42573764b723f01e86b6ece2b", + "大学生网络安全尖锋训练营给您拜年": "https://mp.weixin.qq.com/s?__biz=MzUzODkwMDMxNA==&mid=2247574850&idx=1&sn=88a610b92fc3393da2255798f8ed2153", + "《网信自主创新调研报告》编委会给您拜年": "https://mp.weixin.qq.com/s?__biz=MzkxMzI3MzMwMQ==&mid=2247530977&idx=1&sn=d05ad11631bf7f2d2c27a0398c17cfe2", + "暗魂攻防实验室祝各位蛇年大吉": "https://mp.weixin.qq.com/s?__biz=MzkyMjE1NzQ2MA==&mid=2247489711&idx=1&sn=0ebcd1f0d28d56eff0d0744371744710", + "惊喜放送丨辞旧迎新除烦恼,万巳如意好运来,火绒祝您新春大吉!": "https://mp.weixin.qq.com/s?__biz=MzI3NjYzMDM1Mg==&mid=2247522008&idx=1&sn=72eb4a612f06bf7c8a597e0f7dc088e1", + "诚邀渠道合作伙伴共启新征程": "https://mp.weixin.qq.com/s?__biz=MzI3NjYzMDM1Mg==&mid=2247522008&idx=2&sn=9adee9b586588ae9a54e6a2b1cba98ec", + "灵蛇迎春 瑞气盈门|美创科技祝您新岁安康,蛇来运转": "https://mp.weixin.qq.com/s?__biz=MzA3NDE0NDUyNA==&mid=2650805046&idx=1&sn=744a4d22945a4c2a5c8ccfa9f48e6457", + "迪普科技祝您新年快乐丨金蛇献瑞展宏图 续写网安新篇章": "https://mp.weixin.qq.com/s?__biz=MzA4NzE5MzkzNA==&mid=2650370747&idx=1&sn=4d579b58e19a18bfbdb857b1fc747993", + "骇极安全": "https://mp.weixin.qq.com/s?__biz=MzIwNTU1NjYwNA==&mid=2247488014&idx=1&sn=d62058ec064d318cd051237797748ebf", + "网安守夜人祝大家新年快乐": "https://mp.weixin.qq.com/s?__biz=MzU0MzgyMzM2Nw==&mid=2247486255&idx=1&sn=cbfd1798a20828ea6d7687536ae8f243", + "杂感四则": "https://mp.weixin.qq.com/s?__biz=MzA5MzU5MzQzMA==&mid=2652114260&idx=1&sn=e7c060b972419b42cb2ed3ff9bd69084", + "春节 | 密织数据安全网,祥启蛇年好运章": "https://mp.weixin.qq.com/s?__biz=MzkyNzE5MDUzMw==&mid=2247569445&idx=1&sn=81d7230341be2c2bc815d4771fe32884", + "攻防靶场(54):从LFI到RCE": "https://mp.weixin.qq.com/s?__biz=MzI0NjA3Mzk2NQ==&mid=2247496095&idx=1&sn=4bba7300e436e3e9e1eb11a361c42c25" + }, + "Der Flounder": { + "Managing Apple Intelligence features on macOS Sequoia 15.3": "https://derflounder.wordpress.com/2025/01/29/managing-apple-intelligence-features-on-macos-sequoia-15-3/" + }, + "Hacking Articles": { + "Credential Dumping: AD User Comment": "https://www.hackingarticles.in/credential-dumping-ad-user-comment/" + }, + "Google Online Security Blog": { + "How we kept the Google Play & Android app ecosystems safe in 2024": "http://security.googleblog.com/2025/01/how-we-kept-google-play-android-app-ecosystem-safe-2024.html", + "How we estimate the risk from prompt injection attacks on AI systems": "http://security.googleblog.com/2025/01/how-we-estimate-risk-from-prompt.html" + }, + "Private Feed for M09Ic": { + "CHYbeta starred sannykim/solsec": "https://github.com/sannykim/solsec", + "INotGreen starred 0xrawsec/whids": "https://github.com/0xrawsec/whids", + "safedv starred S3cur3Th1sSh1t/gui-pwn": "https://github.com/S3cur3Th1sSh1t/gui-pwn" + }, + "Recent Commits to cve:main": { + "Update Wed Jan 29 20:28:19 UTC 2025": "https://github.com/trickest/cve/commit/2a9a6c5e8dfdef652b3351b8c7c20cddc3b7958c", + "Update Wed Jan 29 12:26:44 UTC 2025": "https://github.com/trickest/cve/commit/023d47466c3dfcf89301b51bd1f75e5ac6af45d2", + "Update Wed Jan 29 04:20:44 UTC 2025": "https://github.com/trickest/cve/commit/9bbcd187c35f8f8562d789c9c6a09501e13902b6" + }, + "Trustwave Blog": { + "Inside APT34 (OilRig): Tools, Techniques, and Global Cyber Threats": "https://www.trustwave.com/en-us/resources/blogs/trustwave-blog/inside-apt34-oilrig-tools-techniques-and-global-cyber-threats/" + }, + "Bug Bounty in InfoSec Write-ups on Medium": { + "5 Things You Should Understand Before Jumping into Bug Bounty": "https://infosecwriteups.com/5-things-you-should-understand-before-jumping-into-bug-bounty-813cd960c6bc?source=rss----7b722bfd1b8d--bug_bounty", + "Exploiting XSS To Steal Cookies": "https://infosecwriteups.com/exploiting-xss-to-steal-cookies-f0aebdcd815b?source=rss----7b722bfd1b8d--bug_bounty", + "How I Found a Ticket Booking Bug That Allowed Me to Travel Almost for Free in TNSTC": "https://infosecwriteups.com/how-i-found-a-ticket-booking-bug-that-allowed-me-to-travel-almost-for-free-in-tnstc-2c7aa23aebf6?source=rss----7b722bfd1b8d--bug_bounty" + }, + "Horizon3.ai": { + "Fireside Chat: Horizon3.ai and North Carolina’s Electric Cooperatives": "https://www.horizon3.ai/intelligence/webinars/fireside-chat-horizon3-ai-and-north-carolinas-electric-cooperatives/" + }, + "Blogs dade": { + "Lessons in Everything": "https://0xda.de/blog/2025/01/lessons-in-everything/" + }, + "Twitter @bytehx": { + "Re @yeswehack Thanks !": "https://x.com/bytehx343/status/1884630328339472481", + "Re @CristiVlad25 @yeswehack :-)": "https://x.com/bytehx343/status/1884599250329411751", + "Re @_justYnot @Hacker0x01 Thanks!": "https://x.com/bytehx343/status/1884599038978515142", + "Re @A_Atef200 @yeswehack No. This is private and I am sure that it won’t be duped:)": "https://x.com/bytehx343/status/1884597418005860707", + "Yay, I was awarded a $$$ bounty on @Hacker0x01! https://hackerone.com/bytehx #TogetherWeHitHarder": "https://x.com/bytehx343/status/1884583738790793420", + "Just got a reward for a high vulnerability submitted on @yeswehack -- Information Disclosure (CWE-200). https://yeswehack.com/hunters/bytehx #YesWeRHa...": "https://x.com/bytehx343/status/1884583581504491599", + "Just got a reward for a vulnerability submitted on @yeswehack -- Acceptance of Extraneous Untrusted Data With Trusted Data - Cache Poisoning (CWE-349)...": "https://x.com/bytehx343/status/1884583503851114555" + }, + "Securelist": { + "Threat predictions for industrial enterprises 2025": "https://securelist.com/industrial-threat-predictions-2025/115327/" + }, + "Malwarebytes": { + "These are the 10 worst PIN codes": "https://www.malwarebytes.com/blog/news/2025/01/these-are-the-10-worst-pin-codes" + }, + "NVISO Labs": { + "Backups & DRP in the ransomware era": "https://blog.nviso.eu/2025/01/29/backups-drp-in-the-ransomware-era/" + }, + "Insinuator.net": { + "Jigsaw RDPuzzle: Piecing Attacker Actions Together": "https://insinuator.net/2025/01/jigsaw-rdpuzzle/" + }, + "GuidePoint Security": { + "Ongoing report: Babuk2 (Babuk-Bjorka)": "https://www.guidepointsecurity.com/blog/ongoing-report-babuk2-babuk-bjorka/" + }, + "Malware-Traffic-Analysis.net - Blog Entries": { + "2025-01-28: Malwre infection from web inject activity": "https://www.malware-traffic-analysis.net/2025/01/28/index.html" + }, + "Reverse Engineering": { + "How To Avoid Malware Rabbitholes": "https://www.reddit.com/r/ReverseEngineering/comments/1id52rn/how_to_avoid_malware_rabbitholes/", + "Got bored, reversed the WMI. Made a novel virus that never touches the filesystem": "https://www.reddit.com/r/ReverseEngineering/comments/1icgfua/got_bored_reversed_the_wmi_made_a_novel_virus/", + "ScatterBrain: Unmasking the Shadow of PoisonPlug's Obfuscator": "https://www.reddit.com/r/ReverseEngineering/comments/1id0io4/scatterbrain_unmasking_the_shadow_of_poisonplugs/", + "CVE-2024-49138 Windows CLFS heap-based buffer overflow analysis": "https://www.reddit.com/r/ReverseEngineering/comments/1icpgh4/cve202449138_windows_clfs_heapbased_buffer/", + "Bypass login on app. Company went out of business meaning no new users can access the underwater drone as the servers are offline. Can somebody figure out a bypass hack?": "https://www.reddit.com/r/ReverseEngineering/comments/1ich60h/bypass_login_on_app_company_went_out_of_business/" + }, + "hn security": { + "CVE-2024-49138 Windows CLFS heap-based buffer overflow analysis – Part 2": "https://security.humanativaspa.it/cve-2024-49138-windows-clfs-heap-based-buffer-overflow-analysis-part-2/", + "CVE-2024-49138 Windows CLFS heap-based buffer overflow analysis – Part 1": "https://security.humanativaspa.it/cve-2024-49138-windows-clfs-heap-based-buffer-overflow-analysis-part-1/" + }, + "Wallarm": { + "API Security Is At the Center of OpenAI vs. DeepSeek Allegations": "https://lab.wallarm.com/api-security-is-at-the-center-of-openai-vs-deepseek-allegations/" + }, + "daniel.haxx.se": { + "A 1337 curl author": "https://daniel.haxx.se/blog/2025/01/29/a-1337-curl-author/" + }, + "Security Blog | Praetorian": { + "Introducing Nosey Parker Explorer": "https://www.praetorian.com/blog/announcing-nosey-parker-explorer/" + }, + "安全分析与研究": { + "夜鹰(NightHawk)C2工具被泄露了?": "https://mp.weixin.qq.com/s?__biz=MzA4ODEyODA3MQ==&mid=2247490232&idx=1&sn=71a4e338358972fe51261cbc15ddcc02&chksm=902fb590a7583c8670bf284d9d8eb2fb2c3d7608c5cccf3c64a743f4b24808388990b8b5fde4&scene=58&subscene=0#rd" + }, + "奇客Solidot–传递最新科技情报": { + "Meta 短暂禁止用户发表任何涉及 Linux 的帖子": "https://www.solidot.org/story?sid=80447", + "腾讯游戏《三角洲行动》被发现会修改用户 CPU 调度和性能释放策略": "https://www.solidot.org/story?sid=80446", + "心脏病是美国的第一死因": "https://www.solidot.org/story?sid=80445", + "公共图书馆能给人们的生活带来积极影响": "https://www.solidot.org/story?sid=80444" + }, + "红日安全": { + "新春伊始,红日安全启航!愿与您共同筑牢数字防线,共同迈向更安全的明天!🔒🌱": "https://mp.weixin.qq.com/s?__biz=MzI4NjEyMDk0MA==&mid=2649851765&idx=1&sn=568da818c7d56ee694372f7ca3d04ddc&chksm=f3e4e9f6c49360e020e5c1183896432b1d52e3c9e96fa7577bb40590a7280b1b5987a521a472&scene=58&subscene=0#rd" + }, + "吾爱破解论坛": { + "【2025春节】解题领红包活动开始喽,解出就送论坛币!": "https://mp.weixin.qq.com/s?__biz=MjM5Mjc3MDM2Mw==&mid=2651141655&idx=1&sn=d21717226e40032625a74a2d00255e23&chksm=bd50a6438a272f55f2e9c7890cabd2ec30b2ec5b946b2dcb7f37c96667f152909cb765fc17fe&scene=58&subscene=0#rd" + }, + "丁爸 情报分析师的工具箱": { + "【实操】利用Deepseek传承和弘扬传统文化": "https://mp.weixin.qq.com/s?__biz=MzI2MTE0NTE3Mw==&mid=2651148736&idx=1&sn=39a0df253f09d26a6151599d1e8bfb20&chksm=f1af26fac6d8afec1e52db48f994cfe77da1b04b5a1e5aeba491a41f83b5e2b01795b8074105&scene=58&subscene=0#rd", + "【培训】Osint开源情报练习 #002": "https://mp.weixin.qq.com/s?__biz=MzI2MTE0NTE3Mw==&mid=2651148736&idx=2&sn=ebee4c79a769e10968179969c634d83a&chksm=f1af26fac6d8afec43791f1e2d2945b5e030bab5b7a6d0c003eff48d2af4aa4bbae72ead9e03&scene=58&subscene=0#rd" + }, + "锦行科技": { + "初一 | 新春纳福": "https://mp.weixin.qq.com/s?__biz=MzIxNTQxMjQyNg==&mid=2247493740&idx=1&sn=3a548b5f7979b125fbee60be48b4bfe1&chksm=979a13c9a0ed9adf401fe111940f754c8f3d4bbb1467acb1bb58f95ea4f559e1018fe247674a&scene=58&subscene=0#rd" + }, + "慢雾科技": { + "慢雾科技祝大家新春快乐,“巳巳”如意!": "https://mp.weixin.qq.com/s?__biz=MzU4ODQ3NTM2OA==&mid=2247501035&idx=1&sn=59e84e7659d99a54b6501ec2191845d8&chksm=fddeba6ccaa9337aee73dbfd92a4188959c61acfe765c21c5ddde16c0ddbf61b542525b2bbc8&scene=58&subscene=0#rd" + }, + "M01N Team": { + "AISS大模型安全社区-2025 Roadmap": "https://mp.weixin.qq.com/s?__biz=MzkyMTI0NjA3OA==&mid=2247494053&idx=1&sn=6449e25c9c3754c833fdd7ba5435ad70&chksm=c18429b4f6f3a0a25365b3e0d1423573d757fa269aad736ed5aca48ff4b82b278fd73ac03340&scene=58&subscene=0#rd" + }, + "看雪学苑": { + "2025新春致谢 | 金蛇纳福启新程": "https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458589299&idx=1&sn=5e38768a37484f2f38cd5b8da65a095b&chksm=b18c28f986fba1effd30be735d8e492f5a4fe38d1f279119a9b59d2195d68332dff4b59e864c&scene=58&subscene=0#rd" + }, + "网安国际": { + "InForSec祝网络安全华人学者春节愉快!": "https://mp.weixin.qq.com/s?__biz=MzA4ODYzMjU0NQ==&mid=2652317463&idx=1&sn=3b304079c535abddffd4968cd9d1c718&chksm=8bc4ba99bcb3338f81946371b05c0e130ac7d9cc318f370bedd27002d8321e4fea3c011ad947&scene=58&subscene=0#rd" + }, + "威胁猎人Threat Hunter": { + "新春快乐,万事如意": "https://mp.weixin.qq.com/s?__biz=MzI3NDY3NDUxNg==&mid=2247498914&idx=1&sn=9db465eba52da2dd54e90fb40b843bf6&chksm=eb12da99dc65538f376b96cbd2513fdc29cf6fe94ebdbc01455265051e5acf045c037033aa2e&scene=58&subscene=0#rd" + }, + "极客公园": { + "DeepSeek 的爆红,指出了当下 AI 最大困境": "https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653073010&idx=1&sn=0abd27208a3082b3453f5cb1aa2a1ab7&chksm=7e57d3c449205ad2fcb7960a04020f5000e8f59242b70aada742aaba7fa36482c27141e654d4&scene=58&subscene=0#rd", + "宇树领衔,众多黑科技登台蛇年春晚;奥特曼回应 DeepSeek 爆火;抖音李亮评论雷军、余承东直播被封 | 极客早知道": "https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653072999&idx=1&sn=525ce0f5f5685483f05d575f2d13d51a&chksm=7e57d3d149205ac723fd927a03f590113df2731c5a2fb9d3feff18b23c03ac35ce5defcab466&scene=58&subscene=0#rd" + }, + "情报分析师": { + "【卫星图像】金正恩考察朝鲜核物质生产基地和核武器研究所": "https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650559318&idx=1&sn=f93bc65cb4cf2587b134129cbdca5205&chksm=87117d1db066f40b7f81de93f98091616065d1f49efc6490b8269d09dd1a64ad7d16306602e7&scene=58&subscene=0#rd", + "美日韩“抱团”:三国首次会谈聚焦朝鲜核威胁": "https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650559318&idx=2&sn=eef1bccee4db52de82349056e07e8aca&chksm=87117d1db066f40baf7629cdca97055daa3255b4dc91b397b5d2faef1aef45223fe2f07d2f2c&scene=58&subscene=0#rd", + "致情报分析师公众号全体粉丝": "https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650559318&idx=3&sn=be997ee6361433a289ec6c156aca06a7&chksm=87117d1db066f40ba93fbe99241b3d494eac47afa160be5539c9518622515394ac57f674c92c&scene=58&subscene=0#rd" + }, + "迪哥讲事": { + "寻找隐藏参数的利器": "https://mp.weixin.qq.com/s?__biz=MzIzMTIzNTM0MA==&mid=2247496975&idx=1&sn=41875f4fcd79a42421188feb25e23889&chksm=e8a5ff6cdfd2767a4c19aa1cb2ccd7bc363b29d6b2c7cc49beb5a3dcf261222c0dec0d6efac2&scene=58&subscene=0#rd" + }, + "Over Security - Cybersecurity news aggregator": { + "Hackers are hijacking WordPress sites to push Windows and Mac malware": "https://techcrunch.com/2025/01/29/hackers-are-hijacking-wordpress-sites-to-push-windows-and-mac-malware/", + "South Africa’s government-run weather service knocked offline by cyberattack": "https://therecord.media/south-african-weather-service-cyberattack", + "FBI seizes Cracked.io, Nulled.to hacking forums in Operation Talent": "https://www.bleepingcomputer.com/news/security/fbi-seizes-crackedio-nulledto-hacking-forums-in-operation-talent/", + "Laravel admin package Voyager vulnerable to one-click RCE flaw": "https://www.bleepingcomputer.com/news/security/laravel-admin-package-voyager-vulnerable-to-one-click-rce-flaw/", + "Italian regulator asks DeepSeek for information about data collection": "https://therecord.media/italian-regulator-deepseek-info-collection", + "Microsoft investigates Microsoft 365 outage affecting users, admins": "https://www.bleepingcomputer.com/news/microsoft/microsoft-investigates-microsoft-365-outage-affecting-users-admins/", + "L’IA generativa unifica le interfacce di gestione e migliora la cybersecurity": "https://www.securityinfo.it/2025/01/29/lia-generativa-unifica-le-interfacce-di-gestione-e-migliora-la-cybersecurity/", + "Industry groups call on Congress to enact federal data privacy law": "https://therecord.media/industry-groups-congress-data-privacy", + "Poland accuses Russia of recruiting Polish citizens online for election meddling": "https://therecord.media/poland-accuses-russia-of-recruiting-citizens-online-for-election-meddling", + "FBI seizes domains for Cracked.io, Nulled.to hacking forums": "https://www.bleepingcomputer.com/news/security/fbi-seizes-domains-for-crackedio-nulledto-hacking-forums/", + "Whatsup Gold, Observium and Offis vulnerabilities": "https://blog.talosintelligence.com/whatsup-gold-and-offis-vulnerabilities-2/", + "Windows 11's Start menu is getting iPhone and Android integration": "https://www.bleepingcomputer.com/news/microsoft/windows-11s-start-menu-is-getting-iphone-and-android-integration/", + "UK engineering giant Smiths Group investigating 'unauthorised access' to network": "https://therecord.media/smiths-group-uk-cybersecurity-incident", + "Maryland healthcare network forced to shut down IT systems after ransomware attack": "https://therecord.media/maryland-healthcare-ransomware-frederick-health", + "Uncover Hidden Browsing Threats: Get a Free Risk Assessment for GenAI, Identity, Web, and SaaS Risks": "https://www.bleepingcomputer.com/news/security/uncover-hidden-browsing-threats-get-a-free-risk-assessment-for-genai-identity-web-and-saas-risks/", + "Texas AG warns Kia about sharing driver information with data brokers": "https://therecord.media/texas-warns-kia-about-sharing-driver-info-to-data-brokers", + "Hackers exploit critical unpatched flaw in Zyxel CPE devices": "https://www.bleepingcomputer.com/news/security/hackers-exploit-critical-unpatched-flaw-in-zyxel-cpe-devices/", + "January Windows 10 preview update force installs new Outlook": "https://www.bleepingcomputer.com/news/microsoft/january-windows-10-preview-update-force-installs-new-outlook/", + "Sweden’s elite armed police used helicopter to board suspected sabotage ship": "https://therecord.media/sweden-vezhen-ship-armed-police-boarded-helicopter", + "New ICS Vulnerabilities Discovered in Schneider Electric and B&R Automation Systems": "https://cyble.com/blog/cisa-release-advisories-for-new-ics-vulnerabilities/", + "Windows 11 KB5050094 update fixes bugs causing audio issues": "https://www.bleepingcomputer.com/news/microsoft/windows-11-kb5050094-update-fixes-bugs-causing-audio-issues/", + "Australia’s Health Sector Receives $6.4 Million Cybersecurity Boost with New Threat Information-Sharing Network": "https://cyble.com/blog/australia-health-cyber-sharing-network/", + "Threat predictions for industrial enterprises 2025": "https://securelist.com/industrial-threat-predictions-2025/115327/", + "3 Major Cyber Attacks in January 2025": "https://any.run/cybersecurity-blog/cyber-attacks-january-2025/", + "PlushDaemon: un nuovo gruppo APT cinese colpisce la Corea del Sud. Il report di ESET": "https://www.securityinfo.it/2025/01/29/plushdaemon-un-nuovo-gruppo-apt-cinese-colpisce-la-corea-del-sud-il-report-di-eset/", + "CVE-2024-49138 Windows CLFS heap-based buffer overflow analysis – Part 1": "https://security.humanativaspa.it/cve-2024-49138-windows-clfs-heap-based-buffer-overflow-analysis-part-1/", + "CVE-2024-49138 Windows CLFS heap-based buffer overflow analysis – Part 2": "https://security.humanativaspa.it/cve-2024-49138-windows-clfs-heap-based-buffer-overflow-analysis-part-2/", + "Report: Almost half of state consumer privacy laws fail to protect individuals’ data": "https://therecord.media/state-consumer-privacy-laws-failing-to-protect-data", + "MGM agrees to pay $45 million to victims of 2019 data breach and 2023 ransomware attack": "https://therecord.media/mgm-agrees-45-million-payment-data-breach-ransomware-victims" + }, + "Krypt3ia": { + "Krypt3ia Daily Cyber Threat Intelligence (CTI) Digest": "https://krypt3ia.wordpress.com/2025/01/29/krypt3ia-daily-cyber-threat-intelligence-cti-digest-5/" + }, + "360数字安全": { + "大年初一 | 祥蛇纳福,“巳巳”如意": "https://mp.weixin.qq.com/s?__biz=MzA4MTg0MDQ4Nw==&mid=2247579267&idx=1&sn=b6b08865f0534077a40f3e336e85bd3f&chksm=9f8d268ba8faaf9d3bdee0d2df3318bb871d372d6f84665b079f0fbac45e747586f5fad7522e&scene=58&subscene=0#rd" + }, + "Securityinfo.it": { + "L’IA generativa unifica le interfacce di gestione e migliora la cybersecurity": "https://www.securityinfo.it/2025/01/29/lia-generativa-unifica-le-interfacce-di-gestione-e-migliora-la-cybersecurity/?utm_source=rss&utm_medium=rss&utm_campaign=lia-generativa-unifica-le-interfacce-di-gestione-e-migliora-la-cybersecurity", + "PlushDaemon: un nuovo gruppo APT cinese colpisce la Corea del Sud. Il report di ESET": "https://www.securityinfo.it/2025/01/29/plushdaemon-un-nuovo-gruppo-apt-cinese-colpisce-la-corea-del-sud-il-report-di-eset/?utm_source=rss&utm_medium=rss&utm_campaign=plushdaemon-un-nuovo-gruppo-apt-cinese-colpisce-la-corea-del-sud-il-report-di-eset" + }, + "Schneier on Security": { + "ExxonMobil Lobbyist Caught Hacking Climate Activists": "https://www.schneier.com/blog/archives/2025/01/exxonmobil-lobbyist-caught-hacking-climate-activists.html" + }, + "Hacking Exposed Computer Forensics Blog": { + "Daily Blog #732: Multiple Identity Provider Disorder": "https://www.hecfblog.com/2025/01/daily-blog-732-multiple-identity.html" + }, + "复旦白泽战队": { + "复旦白泽给大家拜年啦!祝大家蛇年大吉,巳巳如意,Paper如潮成果丰!": "https://mp.weixin.qq.com/s?__biz=MzU4NzUxOTI0OQ==&mid=2247492844&idx=1&sn=a8d82e9664fd92535652abde94911226&chksm=fde86092ca9fe9849b18549438906f871544b38d9a54c8b9d40cfb6fc03b23c01305a77b6ea7&scene=58&subscene=0#rd" + }, + "Graham Cluley": { + "Ex-worker arrested after ‘shutdown’ of British Museum computer systems": "https://www.bitdefender.com/en-us/blog/hotforsecurity/ex-worker-arrested-after-shutdown-of-british-museum-computer-systems" + }, + "TorrentFreak": { + "New Bill Aims to Block Foreign Pirate Sites in the U.S.": "https://torrentfreak.com/new-bill-aims-to-block-foreign-pirate-sites-in-the-u-s-250129/", + "TorrentGalaxy Pleads Financial Difficulties, Asks Users to Chip In": "https://torrentfreak.com/torrentgalaxy-pleads-financial-difficulties-asks-users-to-chip-in-250129/" + }, + "The Register - Security": { + "North Koreans clone open source projects to plant backdoors, steal credentials": "https://go.theregister.com/feed/www.theregister.com/2025/01/29/lazarus_groups_supply_chain_attack/", + "Why is my Mitel phone DDoSing strangers? Oh, it was roped into a new Mirai botnet": "https://go.theregister.com/feed/www.theregister.com/2025/01/29/ddos_attacks_aquabot_mitel/", + "Transform your approach to data security": "https://go.theregister.com/feed/www.theregister.com/2025/01/29/transform_your_approach_to_data/", + "'Bro delete the chat': Feel the panic shortly before cops bust major online fraud ring": "https://go.theregister.com/feed/www.theregister.com/2025/01/29/otp_agency_convicted/", + "Spending watchdog blasts UK govt over sloth-like progress to shore up IT defenses": "https://go.theregister.com/feed/www.theregister.com/2025/01/29/nao_blasts_uk_gov_cyber/", + "The curious story of Uncle Sam's HR dept, a hastily set up email server, and fears of another cyber disaster": "https://go.theregister.com/feed/www.theregister.com/2025/01/29/opm_email_lawsuit/", + "SLAP, Apple, and FLOP: Safari, Chrome at risk of data theft on iPhone, Mac, iPad Silicon": "https://go.theregister.com/feed/www.theregister.com/2025/01/29/flop_and_slap_attacks_apple_silicon/" + }, + "Security Affairs": { + "U.S. CISA adds Apple products’ flaw to its Known Exploited Vulnerabilities catalog": "https://securityaffairs.com/173622/hacking/us-cisa-adds-apple-products-flaw-known-exploited-vulnerabilities-catalog.html", + "Aquabot variant v3 targets Mitel SIP phones": "https://securityaffairs.com/173607/breaking-news/aquabot-variant-v3-targets-mitel-sip-phones.html", + "Critical remote code execution bug found in Cacti framework": "https://securityaffairs.com/173597/security/critical-rce-cacti-framework.html", + "Attackers actively exploit a critical zero-day in Zyxel CPE Series devices": "https://securityaffairs.com/173589/hacking/zyxel-cpe-series-devices-cve-2024-40891-exploited.html", + "Attackers exploit SimpleHelp RMM Software flaws for initial access": "https://securityaffairs.com/173578/security/attackers-exploit-simplehelp-rmm-software-flaws.html" + }, + "bellingcat": { + "M23 Rebels Consolidate Control over Key City in DR Congo": "https://www.bellingcat.com/news/2025/01/29/m23-rebels-goma-congo-fighting-clashes-drc-kivu-control/" + }, + "Instapaper: Unread": { + "FBI seizes domains for Cracked.io, Nulled.to hacking forums": "https://www.bleepingcomputer.com/news/security/fbi-seizes-domains-for-crackedio-nulledto-hacking-forums/", + "WhatsApp’s Image “View Once” Feature Flaw Allowing Unlimited Views": "https://cybersecuritynews.com/whatsapp-view-once-flaw/", + "State-sponsored Actors Abusing Gemini to Fuel Cyber Attacks": "https://cybersecuritynews.com/state-sponsored-actors-abusing-gemini/", + "DeepSeek R1 Jailbroken to Generate Ransomware Development Scripts": "https://cybersecuritynews.com/deepseek-r1-jailbroken-ransomware/", + "Stratoshark – Wireshark Has Got a Friend for Cloud": "https://cybersecuritynews.com/stratoshark/", + "How Long Does It Take Hackers to Crack Modern Hashing Algorithms": "https://thehackernews.com/2025/01/how-long-does-it-take-hackers-to-crack.html", + "This new Android feature protects your phone, even if someone has your PIN": "https://www.zdnet.com/article/this-new-android-feature-protects-your-phone-even-if-someone-has-your-pin/" + }, + "Your Open Hacker Community": { + "So You Want To Work in Cyber Security?": "https://www.reddit.com/r/HowToHack/comments/1id21do/so_you_want_to_work_in_cyber_security/", + "Im (almost) 16 and want to learn ethical hacking, any advice?": "https://www.reddit.com/r/HowToHack/comments/1icxorh/im_almost_16_and_want_to_learn_ethical_hacking/", + "Is there any way I can get a list of hashes?": "https://www.reddit.com/r/HowToHack/comments/1id61ki/is_there_any_way_i_can_get_a_list_of_hashes/", + "Any advice to start?": "https://www.reddit.com/r/HowToHack/comments/1iczrw1/any_advice_to_start/", + "Trap phone": "https://www.reddit.com/r/HowToHack/comments/1id7boc/trap_phone/", + "What is a fraud?": "https://www.reddit.com/r/HowToHack/comments/1id20l8/what_is_a_fraud/", + "What should I move onto?": "https://www.reddit.com/r/HowToHack/comments/1icpms1/what_should_i_move_onto/", + "How to find dark web site links": "https://www.reddit.com/r/HowToHack/comments/1id0bl8/how_to_find_dark_web_site_links/", + "Im turning 17 this year, and i have already started learning ethical hacking since 2020, and i have taken some paid courses and completed those and currently im just training in ctf and htb, i need to learn more in hacking, any recommendations?": "https://www.reddit.com/r/HowToHack/comments/1icov3b/im_turning_17_this_year_and_i_have_already/", + "So basically I want to learn how to hack into my old social media where do I start": "https://www.reddit.com/r/HowToHack/comments/1icvut2/so_basically_i_want_to_learn_how_to_hack_into_my/", + "noob questions 2: from nmap to metasploit": "https://www.reddit.com/r/HowToHack/comments/1icju15/noob_questions_2_from_nmap_to_metasploit/", + "How to crack a phone pass": "https://www.reddit.com/r/HowToHack/comments/1icqs7v/how_to_crack_a_phone_pass/", + "Where do i get flipper zero here in india?": "https://www.reddit.com/r/HowToHack/comments/1icooi1/where_do_i_get_flipper_zero_here_in_india/", + "Hi I'm 14 and wanna be a ethical hacker and I'm wondering where to start?": "https://www.reddit.com/r/HowToHack/comments/1iclkz2/hi_im_14_and_wanna_be_a_ethical_hacker_and_im/", + "Help": "https://www.reddit.com/r/HowToHack/comments/1icjzs0/help/", + "What is the best hacking software to send attacks (2025)": "https://www.reddit.com/r/HowToHack/comments/1ick00s/what_is_the_best_hacking_software_to_send_attacks/" + }, + "Computer Forensics": { + "Richard Green's Updated Report for Karen Read Trial 2:27 Hos long to die": "https://www.reddit.com/r/computerforensics/comments/1iczkut/richard_greens_updated_report_for_karen_read/", + "ASHATA Mini Body Camera": "https://www.reddit.com/r/computerforensics/comments/1id7w7p/ashata_mini_body_camera/", + "BCFE / Digital Forensics Career Entry Question": "https://www.reddit.com/r/computerforensics/comments/1icw0q0/bcfe_digital_forensics_career_entry_question/", + "BREW Help": "https://www.reddit.com/r/computerforensics/comments/1iclcjn/brew_help/", + "FBI didn’t need to crack Tor or Bitcoin to catch Ulbricht—his old forum posts did the job. If you want to see how small OPSEC mistakes can be fatal, we broke it all down": "https://www.reddit.com/r/computerforensics/comments/1icpd7d/fbi_didnt_need_to_crack_tor_or_bitcoin_to_catch/" + }, + "netsecstudents: Subreddit for students studying Network Security and its related subjects": { + "So You Want To Work in Cyber Security?": "https://www.reddit.com/r/netsecstudents/comments/1iczqhp/so_you_want_to_work_in_cyber_security/", + "How to get into Soc": "https://www.reddit.com/r/netsecstudents/comments/1icxb62/how_to_get_into_soc/" + }, + "Blackhat Library: Hacking techniques and research": { + "my midjourney api didn't make it, but it still works": "https://www.reddit.com/r/blackhat/comments/1id406q/my_midjourney_api_didnt_make_it_but_it_still_works/", + "LinkedIn Accounts provider?": "https://www.reddit.com/r/blackhat/comments/1icha04/linkedin_accounts_provider/" + }, + "The Hacker News": { + "Lazarus Group Uses React-Based Admin Panel to Control Global Cyber Attacks": "https://thehackernews.com/2025/01/lazarus-group-uses-react-based-admin.html", + "AI in Cybersecurity: What's Effective and What’s Not – Insights from 200 Experts": "https://thehackernews.com/2025/01/ai-in-cybersecurity-whats-effective-and.html", + "New SLAP & FLOP Attacks Expose Apple M-Series Chips to Speculative Execution Exploits": "https://thehackernews.com/2025/01/new-slap-flop-attacks-expose-apple-m.html", + "How Interlock Ransomware Infects Healthcare Organizations": "https://thehackernews.com/2025/01/how-interlock-ransomware-infects.html", + "Critical Cacti Security Flaw (CVE-2025-22604) Enables Remote Code Execution": "https://thehackernews.com/2025/01/critical-cacti-security-flaw-cve-2025.html", + "UAC-0063 Expands Cyber Attacks to European Embassies Using Stolen Documents": "https://thehackernews.com/2025/01/uac-0063-expands-cyber-attacks-to.html", + "Broadcom Warns of High-Severity SQL Injection Flaw in VMware Avi Load Balancer": "https://thehackernews.com/2025/01/broadcom-warns-of-high-severity-sql.html", + "Zyxel CPE Devices Face Active Exploitation Due to Unpatched CVE-2024-40891 Vulnerability": "https://thehackernews.com/2025/01/zyxel-cpe-devices-face-active.html" + }, + "Social Engineering": { + "When someone tells a story, what kind of questions can you ask which shows your engaged?": "https://www.reddit.com/r/SocialEngineering/comments/1id7wix/when_someone_tells_a_story_what_kind_of_questions/" + }, + "Technical Information Security Content & Discussion": { + "CVE-2024-46507: Yeti Platform Server-Side Template Injection (SSTI)": "https://www.reddit.com/r/netsec/comments/1id0ccq/cve202446507_yeti_platform_serverside_template/", + "CVE-2024-49138 Windows CLFS heap-based buffer overflow analysis": "https://www.reddit.com/r/netsec/comments/1icpgd8/cve202449138_windows_clfs_heapbased_buffer/" + }, + "Trend Micro Research, News and Perspectives": { + "ASRM: A New Pillar for Cyber Insurance Underwriting": "https://www.trendmicro.com/en_us/research/25/a/asrm-cyber-insurance-underwriting.html" + }, + "Palo Alto Networks Blog": { + "IoMT Security Is Critical as Patients Take Control of Own Healthcare": "https://www.paloaltonetworks.com/blog/2025/01/iomt-security-is-critical/" + }, + "Deep Web": { + "Onion link lisk shutdown": "https://www.reddit.com/r/deepweb/comments/1icjy0g/onion_link_lisk_shutdown/", + "experienced/long-term deep web users, what kind of life do y’all live?": "https://www.reddit.com/r/deepweb/comments/1icqrs3/experiencedlongterm_deep_web_users_what_kind_of/", + "Hackers": "https://www.reddit.com/r/deepweb/comments/1icl028/hackers/" + }, + "Dark Space Blogspot": { + "Storie Di Collassi Di Fondi, Banche e Società (Trading e Investimenti)": "http://darkwhite666.blogspot.com/2025/01/storie-di-collassi-di-fondi-banche-e.html" + }, + "Security Weekly Podcast Network (Audio)": { + "AI in 2025: The Shifting Regulatory Landscape For Artificial Intelligence - BSW #380": "http://sites.libsyn.com/18678/ai-in-2025-the-shifting-regulatory-landscape-for-artificial-intelligence-bsw-380" + }, + "Daniel Miessler": { + "AI Novels Are Coming": "https://danielmiessler.com/blog/ai-novels" + } +} \ No newline at end of file diff --git a/today.md b/today.md index 15943411c4..7a275ab1ad 100644 --- a/today.md +++ b/today.md @@ -1,330 +1,417 @@ -# 每日安全资讯(2025-01-29) +# 每日安全资讯(2025-01-30) - SecWiki News - - [ ] [SecWiki News 2025-01-28 Review](http://www.sec-wiki.com/?2025-01-28) + - [ ] [SecWiki News 2025-01-29 Review](http://www.sec-wiki.com/?2025-01-29) - CXSECURITY Database RSS Feed - CXSecurity.com - - [ ] [SpagoBI 3.5.1 Cross Site Scripting](https://cxsecurity.com/issue/WLB-2025010031) - - [ ] [SpagoBI 3.5.1 Cross Site Request Forgery](https://cxsecurity.com/issue/WLB-2025010030) - - [ ] [AutoLib Software Systems OPAC 20.10 Secret Disclosure](https://cxsecurity.com/issue/WLB-2025010029) - - [ ] [Wind River Software VxWorks 6.9 Weak Password Hashing Algorithms](https://cxsecurity.com/issue/WLB-2025010028) - - [ ] [Netman 204 - Broken Access Control Remote command](https://cxsecurity.com/issue/WLB-2025010027) -- Doonsec's feed - - [ ] [恭贺新春](https://mp.weixin.qq.com/s?__biz=MzAwMTU3NTcwMg==&mid=2650274703&idx=1&sn=44bc7fedf574abdef2667a6705174f16) - - [ ] [贺新春](https://mp.weixin.qq.com/s?__biz=MzAwNTc0ODM3Nw==&mid=2247489469&idx=1&sn=8036df60009b8f327efe91e9cc6ed5db) - - [ ] [工联众测平台祝大家新春快乐!](https://mp.weixin.qq.com/s?__biz=MzkyMDMwNTkwNg==&mid=2247487233&idx=1&sn=6a23f67adae9f6cb2d9b51b3365fb957) - - [ ] [DataCon祝您新春快乐,蛇年顺福!](https://mp.weixin.qq.com/s?__biz=MzU5Njg1NzMyNw==&mid=2247489129&idx=1&sn=6b731efe82b4bfd863b8f70732c57433) - - [ ] [S1uM4i 2024 年终总结](https://mp.weixin.qq.com/s?__biz=MzkwMDY2ODc0MA==&mid=2247485321&idx=1&sn=424b19ecebbb4251cc46503a2e6bdd5e) - - [ ] [无糖信息祝您2025新春快乐,蛇年大吉,巳巳如意!](https://mp.weixin.qq.com/s?__biz=MzAxMzkzNDA1Mg==&mid=2247513943&idx=1&sn=8653479e8a4a87d52d06cad7e12a1a0f) - - [ ] [宁盾祝您春节快乐!](https://mp.weixin.qq.com/s?__biz=Mzk0MjI4MzA5MQ==&mid=2247485168&idx=1&sn=7609f006f7083b7c031ae358074fbce7) - - [ ] [春节 | 鱼影信息祝您新年快乐!](https://mp.weixin.qq.com/s?__biz=MzkyOTI4NTY4MQ==&mid=2247491120&idx=1&sn=2fe2e381833ac8c3b3cc1adacfd54608) - - [ ] [烟花璀璨,辞旧迎新!](https://mp.weixin.qq.com/s?__biz=MzIzODQxMjM2NQ==&mid=2247500314&idx=1&sn=55fd4ab5604ca218c5d6bae45dd143cc) - - [ ] [情报分析大家庭拜年啦!新的一年一起加油!](https://mp.weixin.qq.com/s?__biz=MzkwNzM0NzA5MA==&mid=2247504929&idx=1&sn=08582222431ff4fe86e1edb119fa1bd4) - - [ ] [听说看过的25年都赚了一个小目标哦!](https://mp.weixin.qq.com/s?__biz=MzU2MDE2MjU1Mw==&mid=2247486166&idx=1&sn=be18f3e264adac14e0c9c2892bb78337) - - [ ] [蛇年快乐!](https://mp.weixin.qq.com/s?__biz=MzI1Mjc3NTUwMQ==&mid=2247538520&idx=1&sn=ae2d81fefede57572c13d682b4a5c957) - - [ ] [【OSCP】 Kioptrix 提权靶机(1-5)全系列教程,Try Harder!绝对干货!](https://mp.weixin.qq.com/s?__biz=MzU2MTc4NTEyNw==&mid=2247486449&idx=1&sn=6fd14445024d20e037e1a6c2ea688cf5) - - [ ] [巳巳如意,新春大吉|“工业互联网标识智库”给您拜年啦!](https://mp.weixin.qq.com/s?__biz=MzU1OTUxNTI1NA==&mid=2247592331&idx=1&sn=da66b7b09b73ca014e2dbfbe08f98956) - - [ ] [告别本地算力焦虑:使用腾讯云免费GPU部署DeepSeek-R1](https://mp.weixin.qq.com/s?__biz=MzkzMTY0MDgzNg==&mid=2247484059&idx=1&sn=fe1155e27ce44740d6c694158f218e2d) - - [ ] [零基础:从搭建DeepSeek开始](https://mp.weixin.qq.com/s?__biz=Mzk0Mzc2MDQyMg==&mid=2247486458&idx=1&sn=69916ef3b03a1efb0dac87b22c9504cc) - - [ ] [(吃瓜)神人tv之内网肉鸡](https://mp.weixin.qq.com/s?__biz=MzkzNjczNzEyMw==&mid=2247484130&idx=1&sn=cd4d51927aca6de101fc20fc3d87f5f6) - - [ ] [领红包啦!信息安全的兄弟们凭手速抢66个新春红包!!](https://mp.weixin.qq.com/s?__biz=MzkxMDY3MzQyNQ==&mid=2247484803&idx=1&sn=67040f6a098a560ac76ad463e03849d7) - - [ ] [DeepSeek崛起背后的暗流:全球AI技术博弈下的DDoS攻击](https://mp.weixin.qq.com/s?__biz=Mzg2Nzg0NDkwMw==&mid=2247493212&idx=1&sn=d5ff49e83b16adba13a2b353720f5f6b) - - [ ] [除夕夜快乐](https://mp.weixin.qq.com/s?__biz=MzU5MTIxNzg0Ng==&mid=2247488146&idx=1&sn=cab1d455370b4497865a4ea139ed1072) - - [ ] [VPC访问控制网络ACL和安全组的基本差异](https://mp.weixin.qq.com/s?__biz=Mzg3NTUzOTg3NA==&mid=2247515079&idx=1&sn=fd21e42d301bf2176eac4331c9cdf478) - - [ ] [分享图片](https://mp.weixin.qq.com/s?__biz=Mzk0MDQzNzY5NQ==&mid=2247493210&idx=1&sn=611fcff00c148212c63d4d8c0b116ef7) - - [ ] [叮咚,您有一份2024年的家书请签收](https://mp.weixin.qq.com/s?__biz=MzUxODY3MDExMA==&mid=2247490113&idx=1&sn=f588627c92bc5fc34c5a5020b6e6f27f) - - [ ] [Nil聊安全祝大家新年快乐!](https://mp.weixin.qq.com/s?__biz=MzkyMDY4MTc2Ng==&mid=2247483970&idx=1&sn=3ff66f6fb393638fbf077038ca8af503) - - [ ] [世界需要一个能谋善断的AI(一)序章:被低估的“决策”革命!](https://mp.weixin.qq.com/s?__biz=MzAxOTk3NTg5OQ==&mid=2247492270&idx=1&sn=1f2c860bb229ccdddaa36e1798ee31b2) - - [ ] [【CS单兵后渗透插件v1.0】| OpSec 标准下的红队武器化](https://mp.weixin.qq.com/s?__biz=Mzk1NzM5MTI2Mg==&mid=2247484412&idx=1&sn=f7e81d418014efc190a265ea5b403424) - - [ ] [祝大家蛇年快乐](https://mp.weixin.qq.com/s?__biz=MzU4NDY3MTk2NQ==&mid=2247491063&idx=1&sn=1a207ea9a1bf6793f778b14c866699e3) - - [ ] [蛇年吉祥 | EasyTools工具箱v1.0.2新春更新](https://mp.weixin.qq.com/s?__biz=MzkxNDYxMTc0Mg==&mid=2247484211&idx=1&sn=867b0a122b938721b7056648bed208b6) - - [ ] [网安人如何向相亲对象介绍自己的职业](https://mp.weixin.qq.com/s?__biz=MzIxMTg1ODAwNw==&mid=2247500533&idx=1&sn=f881bd74fcc4daf798426ead967a262c) - - [ ] [OpenAI o1 模型预部署评估报告](https://mp.weixin.qq.com/s?__biz=MjM5OTk4MDE2MA==&mid=2655264819&idx=1&sn=9bcbf9176ffca6c01ab6af00e300c1bd) - - [ ] [【2025-01-28】黑客新闻摘要](https://mp.weixin.qq.com/s?__biz=MzIzNDU5NTI4OQ==&mid=2247488369&idx=1&sn=6bb8a56600deaec9050fa3fa2af8c1d4) - - [ ] [新春献词:网络安全守护数字文明的星河](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485474&idx=1&sn=8985a87527422d08033ec138eb8aff86) - - [ ] [【干货原创】实网攻防演习常态化,会带来什么变化01](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485474&idx=4&sn=39cc23fe07830e4d7472358278971dd2) - - [ ] [【干货原创】K12教育,鲜为人知的模式秘密](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485474&idx=5&sn=6ece66b859b3c838d887e890ab1347d3) - - [ ] [原创文章目录](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485474&idx=6&sn=ddf654295edecd57791b7ff56275a624) - - [ ] [T00ls给您拜年了,祝福大家2025新春快乐,蛇行智敏,万事皆成](https://mp.weixin.qq.com/s?__biz=Mzg3NzYzODU5NQ==&mid=2247484913&idx=1&sn=c0718fb9edf9d2d38143583821a8a591) - - [ ] [【云安全】云原生-K8S-搭建/安装/部署](https://mp.weixin.qq.com/s?__biz=MzUyNTUyNTA5OQ==&mid=2247484782&idx=1&sn=e915e38783585176822fe7d83b1fac60) - - [ ] [祝您新春吉祥](https://mp.weixin.qq.com/s?__biz=Mzg4NzQ4MzA4Ng==&mid=2247485197&idx=1&sn=74ff9efe9a5ed4a7fbed4390af5b1a1d) - - [ ] [蛇年新春喜气扬,家家户户乐洋洋!](https://mp.weixin.qq.com/s?__biz=MzkzNTQzNTQzMQ==&mid=2247485353&idx=1&sn=c301e027660b56065be82c4eefcac09e) - - [ ] [新年快乐!](https://mp.weixin.qq.com/s?__biz=MzkyNTYxNDAwNQ==&mid=2247484502&idx=1&sn=fd6b131b1b080ae8e1c09f3983db4ad6) - - [ ] [新春快乐,红包和限时半价都来啦](https://mp.weixin.qq.com/s?__biz=Mzg2ODYxMzY3OQ==&mid=2247518332&idx=1&sn=a99dc2d16ee867d81dc1fb6d6d585fd5) - - [ ] [0day 挖到手软,403 到 getshell](https://mp.weixin.qq.com/s?__biz=MzIzMTIzNTM0MA==&mid=2247496966&idx=1&sn=c49dbe1213cb5a1afa836901e2c13038) - - [ ] [新年快乐,蛇年大吉!!!](https://mp.weixin.qq.com/s?__biz=MzUxNzg5MzM2Mg==&mid=2247487122&idx=1&sn=c744712cc396636e805c16c6d2c21f7b) - - [ ] [新年抽奖-大凉山草莓三份](https://mp.weixin.qq.com/s?__biz=Mzg2NDcwNjkzNw==&mid=2247487188&idx=1&sn=732db3a8ebd2e623d7d32c09dde7ce79) - - [ ] [入选T00ls第十二届年度(2024)人物风云榜!感谢各位支持与鼓励!](https://mp.weixin.qq.com/s?__biz=MzI5MzkwMzU1Nw==&mid=2247485230&idx=1&sn=b380678520b0ffa5a3c4fadac7defb4b) - - [ ] [【2025】除夕快乐](https://mp.weixin.qq.com/s?__biz=MzUwOTc3MTQyNg==&mid=2247491380&idx=1&sn=e4ad3b1ba59ba53e292ebe50ded8ff0f) - - [ ] [灵蛇纳福,恭贺新春!](https://mp.weixin.qq.com/s?__biz=MzIwMzI1MDg2Mg==&mid=2649945158&idx=1&sn=fecbe5d3b883ca7ec2240ef098769058) - - [ ] [后渗透:文件传输指南](https://mp.weixin.qq.com/s?__biz=MzkzNTYwMTk4Mw==&mid=2247488230&idx=1&sn=1c55c9eec57e987f73284321529d275c) - - [ ] [AI-小肥羊新年贺词!](https://mp.weixin.qq.com/s?__biz=Mzg5NjY4NDg1Nw==&mid=2247483918&idx=1&sn=3f545e8664083850f43da076087b61cc) - - [ ] [【独眼情报2024绝密快报】](https://mp.weixin.qq.com/s?__biz=MzkzNDIzNDUxOQ==&mid=2247494555&idx=1&sn=969df31b7b7f94e3e460d87d9d8d341b) - - [ ] [美国政府称朝鲜去年窃取了价值超过 6.59 亿美元的加密货币](https://mp.weixin.qq.com/s?__biz=Mzg3ODY0NTczMA==&mid=2247492125&idx=1&sn=7831811d7848487a4532874c5c321c95) - - [ ] [r3kapig祝大家蛇年大吉](https://mp.weixin.qq.com/s?__biz=MzI2MDE4MzkzMQ==&mid=2247484582&idx=1&sn=2edb58b7afc32298d84146c8a8590832) - - [ ] [蛇年大吉 | 记得看到最后,你想不到的,边搞居然还能领福利,爽到跳起来](https://mp.weixin.qq.com/s?__biz=Mzk0NzQxNzY2OQ==&mid=2247488117&idx=1&sn=7c87ec70661c577345d5f2cfc07ba224) - - [ ] [整车测试:网络安全认证的灵丹妙药?](https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247620223&idx=1&sn=4468d3513fec7d2ef881a5dd49cd3e04) - - [ ] [引入新汽车产品设计的隐私要求和设计规范,以及对当前汽车隐私标准化的影响](https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247620223&idx=2&sn=934de7b41be8cbb1d5dd42e833f1e0ec) - - [ ] [在产品开发阶段使用公共弱点仿真的弱点分析方法](https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247620223&idx=3&sn=ad2fb08375329c47e67f7ce86ed26cc0) - - [ ] [【年末总结&抽奖】技术是上天送给穷孩子最好的礼物!](https://mp.weixin.qq.com/s?__biz=MzkxNjQyODY5MA==&mid=2247487024&idx=1&sn=a62224588a6e2dd62693f3862794a78d) - - [ ] [我不允许有人不用这么牛掰的AI](https://mp.weixin.qq.com/s?__biz=MzkyOTQ4NTc3Nw==&mid=2247485473&idx=1&sn=9e94b35fd3ca3b6b77f33b632f82d312) - - [ ] [祝福各位网安人除夕快乐!](https://mp.weixin.qq.com/s?__biz=MzU2NDY2OTU4Nw==&mid=2247518500&idx=1&sn=77a990ec3405490f248537f3bb52f457) - - [ ] [新年快乐🎉](https://mp.weixin.qq.com/s?__biz=MzIwOTMzMzY0Ng==&mid=2247487850&idx=1&sn=e60c50cf6c14e46300498d583f660e12) - - [ ] [2025年最全除夕祝福语 欢欢喜喜过除夕,和和美美又一年!](https://mp.weixin.qq.com/s?__biz=MzIwNDYzNTYxNQ==&mid=2247502590&idx=1&sn=077b679c799ba964711d4d006052ba58) - - [ ] [²⁰²⁵/₀₁.₂₈除夕夜朋友圈文案配图,高级感绝了,总有一款适合你!](https://mp.weixin.qq.com/s?__biz=MzIwNDYzNTYxNQ==&mid=2247502590&idx=2&sn=73466049a019cbaa3238bafce30ec360) - - [ ] [龙腾蛇舞迎新春,福运连连贺新年!](https://mp.weixin.qq.com/s?__biz=MzA4NTY4MjAyMQ==&mid=2447900161&idx=1&sn=76bd5fe5be0b14e0a14eed056c1f31b1) - - [ ] [2025 新年大吉!!!](https://mp.weixin.qq.com/s?__biz=MzU1NTYxMjA5MA==&mid=2247505231&idx=1&sn=fc04df3a3e6f0360f375c5eb8edf9620) - - [ ] [恭祝大家福绕蛇年,多財多亿!](https://mp.weixin.qq.com/s?__biz=MzkyODYwODkyMA==&mid=2247485022&idx=1&sn=d3c1484e603f14b371fde5d6ac39a9df) - - [ ] [IDA技巧(105)自定义基址的偏移量](https://mp.weixin.qq.com/s?__biz=MzI1Mjk2MTM1OQ==&mid=2247485302&idx=1&sn=1a2fc3df35199bb3a2496fa7a2f7e386) - - [ ] [收藏 | dotNet安全矩阵 2024 年度外网入口打点阶段文章和工具汇总](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498517&idx=1&sn=ca095104967396843e7a5274e01b8e1e) - - [ ] [国内最专业、最全面的 [ .NET 代码审计 ] 体系化学习交流社区](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498517&idx=2&sn=b0fb228f6cafa443177863062d84f824) - - [ ] [收藏 | dotNet 安全矩阵团队2024年度内网横向移动阶段文章和工具汇总](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498517&idx=3&sn=522289e0fc1f8349b7367d905bba86b9) - - [ ] [朱厌安全在这里祝大家新年快乐啦!](https://mp.weixin.qq.com/s?__biz=Mzg4Njg3MDk5Ng==&mid=2247486849&idx=1&sn=fb5c009168582de268af009c587dc846) - - [ ] [奇安信给您拜年了!](https://mp.weixin.qq.com/s?__biz=MzU0NDk0NTAwMw==&mid=2247624759&idx=1&sn=325c1eab223d2d0fc8135016385d6ebc) -- Tenable Blog - - [ ] [What Makes This “Data Privacy Day” Different?](https://www.tenable.com/blog/what-makes-this-data-privacy-day-different) + - [ ] [OpenPanel 0.3.4 Command Injection](https://cxsecurity.com/issue/WLB-2025010034) + - [ ] [MySchool System - Multiple Vulnerabilities](https://cxsecurity.com/issue/WLB-2025010033) + - [ ] [NEXT-EMP v1.0-Copyright © 2024. All rights reserved. File Upload-FU and Remote Code Execution-RCE](https://cxsecurity.com/issue/WLB-2025010032) - Security Boulevard - - [ ] [Reverse engineering your test data: It’s not as safe as you think it is](https://securityboulevard.com/2025/01/reverse-engineering-your-test-data-its-not-as-safe-as-you-think-it-is/) - - [ ] [What is the role of data synthesis in my CI/CD pipeline, anyway?](https://securityboulevard.com/2025/01/what-is-the-role-of-data-synthesis-in-my-ci-cd-pipeline-anyway/) - - [ ] [DeepSeek: The Silent AI Takeover That Could Cripple Markets and Fuel China’s Cyberwarfare](https://securityboulevard.com/2025/01/deepseek-the-silent-ai-takeover-that-could-cripple-markets-and-fuel-chinas-cyberwarfare/) - - [ ] [DEF CON 32 – Top War Stories From A TryHard Bug Bounty Hunter](https://securityboulevard.com/2025/01/def-con-32-top-war-stories-from-a-tryhard-bug-bounty-hunter/) - - [ ] [AI is a double-edged sword: Why you need new controls to manage risk](https://securityboulevard.com/2025/01/ai-is-a-double-edged-sword-why-you-need-new-controls-to-manage-risk/) - - [ ] [Prioritizing Cybersecurity Findings Exception and Issues in Risk Management](https://securityboulevard.com/2025/01/prioritizing-cybersecurity-findings-exception-and-issues-in-risk-management/) - - [ ] [Comic Agilé – Luxshan Ratnaravi, Mikkel Noe-Nygaard – #321 – Use Jira](https://securityboulevard.com/2025/01/comic-agile-luxshan-ratnaravi-mikkel-noe-nygaard-321-use-jira/) - - [ ] [The Halliburton Cyberattack: A $35M Wake-Up Call](https://securityboulevard.com/2025/01/the-halliburton-cyberattack-a-35m-wake-up-call/) - - [ ] [Complete Guide to AI Tokens: Understanding, Optimization, and Cost Management](https://securityboulevard.com/2025/01/complete-guide-to-ai-tokens-understanding-optimization-and-cost-management/) - - [ ] [DEF CON 32 – Travel Better Expedient Digital Defense](https://securityboulevard.com/2025/01/def-con-32-travel-better-expedient-digital-defense/) + - [ ] [Alibaba’s Qwen 2.5-Max: The AI Marathoner Outpacing DeepSeek and Catching OpenAI’s Shadow](https://securityboulevard.com/2025/01/alibabas-qwen-2-5-max-the-ai-marathoner-outpacing-deepseek-and-catching-openais-shadow/) + - [ ] [Introducing WAF Rule Tester: Test with Confidence, Deploy without Fear | Impart Security](https://securityboulevard.com/2025/01/introducing-waf-rule-tester-test-with-confidence-deploy-without-fear-impart-security/) + - [ ] [DEF CON 32 – Tough Adversary Don’t Blame Sun Tzu](https://securityboulevard.com/2025/01/def-con-32-tough-adversary-dont-blame-sun-tzu/) + - [ ] [The OWASP NHI Top 10 and AI risk: What you need to know](https://securityboulevard.com/2025/01/the-owasp-nhi-top-10-and-ai-risk-what-you-need-to-know/) + - [ ] [API Security Is At the Center of OpenAI vs. DeepSeek Allegations](https://securityboulevard.com/2025/01/api-security-is-at-the-center-of-openai-vs-deepseek-allegations/) + - [ ] [Randall Munroe’s XKCD ‘Muons’](https://securityboulevard.com/2025/01/randall-munroes-xkcd-muons/) + - [ ] [SLAP/FLOP: Apple Silicon’s ‘Son of Spectre’ Critical Flaws](https://securityboulevard.com/2025/01/slap-flop-apple-silicon-richixbw/) + - [ ] [Our Digital Footprints are Breadcrumbs for Mapping our Personal Behavior](https://securityboulevard.com/2025/01/our-digital-footprints-are-breadcrumbs-for-mapping-our-personal-behavior/) + - [ ] [How to Find Old Accounts for Deletion](https://securityboulevard.com/2025/01/how-to-find-old-accounts-for-deletion/) + - [ ] [Codefinger Ransomware: Detection and Mitigation Using MixMode](https://securityboulevard.com/2025/01/codefinger-ransomware-detection-and-mitigation-using-mixmode/) +- Doonsec's feed + - [ ] [青萍安全祝大家新年快乐!!!](https://mp.weixin.qq.com/s?__biz=MzkxMzY0MzAxMw==&mid=2247487278&idx=1&sn=78ec559025c718883b9f1b1f674ba5f5) + - [ ] [仅此一次,春节七折嗷!](https://mp.weixin.qq.com/s?__biz=MzkyNTUyNTE5OA==&mid=2247486501&idx=1&sn=51fe604005374bcbfff2b9f235d97286) + - [ ] [[收费公开课] 前后端分离渗透和三个突破口](https://mp.weixin.qq.com/s?__biz=MzkyNTUyNTE5OA==&mid=2247486501&idx=2&sn=303abdda447ab10baa18016a0ae9460a) + - [ ] [原创工具|Venom-JWT渗透工具 - 针对JWT漏洞和密钥爆破服务渗透测试](https://mp.weixin.qq.com/s?__biz=Mzk0ODc1MjYyNA==&mid=2247483866&idx=1&sn=b4a7b1a90b8624e68c8e4106eccd2de9) + - [ ] [大年初一,巳巳如意!](https://mp.weixin.qq.com/s?__biz=MzkzMjQ4NTQwNw==&mid=2247483835&idx=1&sn=b593aa19e5825e5a2c3f5e1fd7546734) + - [ ] [[注意保密] 新年红包雨:领取 1888$ 年度极致福利](https://mp.weixin.qq.com/s?__biz=MzkwODI1ODgzOA==&mid=2247506610&idx=1&sn=891e78f2c8c413caa518b343114d9503) + - [ ] [黑客组织Handala宣称攻破以色列国安系统 4TB机密数据遭泄露](https://mp.weixin.qq.com/s?__biz=MzkzNDIzNDUxOQ==&mid=2247494609&idx=1&sn=10c34cea93492cfefbb71eea5f87901a) + - [ ] [Urkc安全红包封面上线啦!](https://mp.weixin.qq.com/s?__biz=MzkxNTU5NTI1Ng==&mid=2247487269&idx=1&sn=0d4c70352cf47f5360f202a395b166b6) + - [ ] [【实操】利用Deepseek传承和弘扬传统文化](https://mp.weixin.qq.com/s?__biz=MzI2MTE0NTE3Mw==&mid=2651148736&idx=1&sn=39a0df253f09d26a6151599d1e8bfb20) + - [ ] [【培训】Osint开源情报练习 #002](https://mp.weixin.qq.com/s?__biz=MzI2MTE0NTE3Mw==&mid=2651148736&idx=2&sn=ebee4c79a769e10968179969c634d83a) + - [ ] [AISS大模型安全社区-2025 Roadmap](https://mp.weixin.qq.com/s?__biz=MzkyMTI0NjA3OA==&mid=2247494053&idx=1&sn=6449e25c9c3754c833fdd7ba5435ad70) + - [ ] [2025新春致谢 | 金蛇纳福启新程](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458589299&idx=1&sn=5e38768a37484f2f38cd5b8da65a095b) + - [ ] [Windows 11 24H2 上的进程镂空技术](https://mp.weixin.qq.com/s?__biz=MzAxODM5ODQzNQ==&mid=2247486790&idx=1&sn=c0d73c1ebaa8ed6fd5ec7a87a43b25eb) + - [ ] [德国数据保护机构《标准数据保护模式》中译文](https://mp.weixin.qq.com/s?__biz=MzIxODM0NDU4MQ==&mid=2247506191&idx=1&sn=5c306df3d480ebc5a37d4e207d432f24) + - [ ] [新年零食大礼包抽奖开奖](https://mp.weixin.qq.com/s?__biz=Mzg4NDg2NTM3NQ==&mid=2247484712&idx=1&sn=fd70a0465dbf9e30c615379a6bdda89d) + - [ ] [【卫星图像】金正恩考察朝鲜核物质生产基地和核武器研究所](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650559318&idx=1&sn=f93bc65cb4cf2587b134129cbdca5205) + - [ ] [美日韩“抱团”:三国首次会谈聚焦朝鲜核威胁](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650559318&idx=2&sn=eef1bccee4db52de82349056e07e8aca) + - [ ] [致情报分析师公众号全体粉丝](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650559318&idx=3&sn=be997ee6361433a289ec6c156aca06a7) + - [ ] [Ghosten Player:全平台视频播放器,云盘/本地/IPTV资源一网打尽,支持TV和刮削!](https://mp.weixin.qq.com/s?__biz=MzA4MjkzMTcxMg==&mid=2449046775&idx=1&sn=403d11271cef923ea84dfc9005eed22e) + - [ ] [“巳巳”如意|蛇年大吉u200b](https://mp.weixin.qq.com/s?__biz=MzU4MTg1NzAzMA==&mid=2247490620&idx=1&sn=48ea11f22a243fbf8b403f5347af6b4b) + - [ ] [收藏 | dotNet安全矩阵 2024 年度安全防御绕过阶段文章和工具汇总](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498553&idx=1&sn=1d8935d674697bc89a84b1b07dd7573a) + - [ ] [.NET 内网攻防实战电子报刊](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498553&idx=2&sn=2eabd584fcc38d4a3de34cbc21b247b8) + - [ ] [收藏 | dotNet安全矩阵 2024 年度外网入口打点阶段文章和工具汇总](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498553&idx=3&sn=11f8acaa352ccc07f18420479c442a8b) + - [ ] [【新春福利免费开放】【20250129更新】GrayLog开源日志管理平台技术文章合集【共80篇】](https://mp.weixin.qq.com/s?__biz=MzU2MjU1OTE0MA==&mid=2247499654&idx=1&sn=1717caf72330209a0d7860dac066d9aa) + - [ ] [ISO 45001: 2018 标准详解与实施(10)6.1.2 危险源辨识及风险和机遇的评价](https://mp.weixin.qq.com/s?__biz=MzA5OTEyNzc1Nw==&mid=2247486046&idx=1&sn=e0752fe57f13f49404b464a8a5d23bf8) + - [ ] [中亚新位置:美国到底是“机遇”还是“陷阱”?](https://mp.weixin.qq.com/s?__biz=MzkwNzM0NzA5MA==&mid=2247505009&idx=1&sn=a675523c007664b3ded75ff213872283) + - [ ] [曼德海峡危机:胡塞武装如何搅动全球贸易与地缘政治的“一池春水”?](https://mp.weixin.qq.com/s?__biz=MzkwNzM0NzA5MA==&mid=2247505009&idx=2&sn=30bc5ffc5afc9a5458d174a81224a804) + - [ ] [DeepSeek遭受美国大规模黑客DDOS攻击!该如何应对?](https://mp.weixin.qq.com/s?__biz=Mzk1NzMwNTM5NQ==&mid=2247483894&idx=1&sn=a0a2746ea96e1c4da9caa325f9851abd) + - [ ] [蛇年快乐!](https://mp.weixin.qq.com/s?__biz=MzI1Mjc3NTUwMQ==&mid=2247538527&idx=1&sn=a6a982145ee51f2707a9b7d2914c057c) + - [ ] [花指令——新春快乐版](https://mp.weixin.qq.com/s?__biz=MzkyNTYwOTMyNA==&mid=2247485009&idx=1&sn=71e8f9c7d9658e891eb9aa14140fac0c) + - [ ] [我让DeepSeek锐评下网络安全行业现状,它的回答......](https://mp.weixin.qq.com/s?__biz=MzkzMjIxNjExNg==&mid=2247486228&idx=1&sn=710163f3aca52010a4b552bf987a7b69) + - [ ] [复旦白泽给大家拜年啦!祝大家蛇年大吉,巳巳如意,Paper如潮成果丰!](https://mp.weixin.qq.com/s?__biz=MzU4NzUxOTI0OQ==&mid=2247492844&idx=1&sn=a8d82e9664fd92535652abde94911226) + - [ ] [记一次SRC利用github搜索拿下中危漏洞](https://mp.weixin.qq.com/s?__biz=MzUyODkwNDIyMg==&mid=2247547532&idx=1&sn=a25d3179451f39184a2c2306e222d2f5) + - [ ] [新年快乐 | 渊亭科技祝您巳巳如意,蛇年大吉!](https://mp.weixin.qq.com/s?__biz=MzIzNjE1ODE2OA==&mid=2660190405&idx=1&sn=b33a770adf5ed142dc3ac8c2afba90ef) + - [ ] [揭露俄罗斯APT新手段:Gamaredon首次使用安卓间谍软件骨骼间谍(BoneSpy)和伪装侦察(PlainGnome)](https://mp.weixin.qq.com/s?__biz=Mzg3OTYxODQxNg==&mid=2247485657&idx=1&sn=1c6e5658064e3bb16435047e39a9f311) + - [ ] [中医学论文大纲完善与落实指南:让你的论文架构更清晰!](https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247493256&idx=1&sn=592a8a23a41a09fc0c7f61488411d5d8) + - [ ] [中医学论文搜集文献攻略:10分钟搞定一个月找不全的经典文献库!](https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247493256&idx=2&sn=9e44f435954053a0a3863c6ca466f2c8) + - [ ] [终于搞懂了!新手如何玩转新闻学论文的文献综述写作攻略,快速上手!](https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247493256&idx=3&sn=86c1867c8e4f63023a0328e127fc79fb) + - [ ] [终于掌握水产养殖学论文搜集文献秘诀!完整指南公开!](https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247493256&idx=4&sn=050db58f55d66a155a674ae62fbc198d) + - [ ] [终于知道日语论文搜集文献这门道,超实用版硬核干货!](https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247493256&idx=5&sn=1dd216f434bb52375a8b6847836147b5) + - [ ] [重磅揭秘:内行人才懂的林业技术论文文献综述写作高阶指南!](https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247493256&idx=6&sn=d4792364daac44d36e9ee0fe60f8a44a) + - [ ] [专家带路:农业工程论文选题高分技巧,快速锁定黄金选题!](https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247493256&idx=7&sn=f8f67fececd526ee35399b356da849e1) + - [ ] [专家级企业管理论文搜集文献内部秘籍:外企高级经理人都在偷学的全流程技巧。](https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247493256&idx=8&sn=5ff567d0085a3894e4c0033cd8301bb9) + - [ ] [红队和 Web 黑盒审计的侦察脚本](https://mp.weixin.qq.com/s?__biz=MzAxMjYyMzkwOA==&mid=2247527357&idx=1&sn=c83b93750bea91d42a144b5a5739a263) + - [ ] [滥用 Windows fork API 和 OneDrive.exe 进程来注入恶意 shellcode](https://mp.weixin.qq.com/s?__biz=MzAxMjYyMzkwOA==&mid=2247527357&idx=2&sn=cb567e9fa5f939b386410eaa2208192b) + - [ ] [零日漏洞正在推动 Fortinet 防火墙攻击(CVE-2024-55591 已确认)](https://mp.weixin.qq.com/s?__biz=MzAxMjYyMzkwOA==&mid=2247527357&idx=3&sn=a9547ba6b29ff579585ca08ae6e20652) + - [ ] [好的伴侣可以减少一半人间疾苦,合适的工作更是这样](https://mp.weixin.qq.com/s?__biz=MzUzNjkxODE5MA==&mid=2247488193&idx=1&sn=98fb524ba32bd4acb817ce28aedc8a4d) + - [ ] [夜鹰(NightHawk)C2工具被泄露了?](https://mp.weixin.qq.com/s?__biz=MzA4ODEyODA3MQ==&mid=2247490232&idx=1&sn=71a4e338358972fe51261cbc15ddcc02) + - [ ] [万象更新 共启新程|四叶草安全祝您鸿运当头](https://mp.weixin.qq.com/s?__biz=MjM5MTI2NDQzNg==&mid=2654552292&idx=1&sn=94bfca6ee6e6469f09475331d9ec1dff) + - [ ] [新春伊始,红日安全启航!愿与您共同筑牢数字防线,共同迈向更安全的明天!🔒🌱](https://mp.weixin.qq.com/s?__biz=MzI4NjEyMDk0MA==&mid=2649851765&idx=1&sn=568da818c7d56ee694372f7ca3d04ddc) + - [ ] [暗网情报5则:VPN权限出售-CNN马来西亚遭勒索](https://mp.weixin.qq.com/s?__biz=MzkyMjQ5ODk5OA==&mid=2247507140&idx=1&sn=39e2cd4ca4a8b2405576bcc343bea2c6) + - [ ] [5th域安全微讯早报【20250129】025期](https://mp.weixin.qq.com/s?__biz=MzkyMjQ5ODk5OA==&mid=2247507140&idx=2&sn=e324fe0e8dc2c445cc103295d565424b) + - [ ] [有人急了。。。DeepSeek。。。线上服务受到大规模恶意攻击。。。](https://mp.weixin.qq.com/s?__biz=MzU2NzY5MzI5Ng==&mid=2247504835&idx=1&sn=145feae85263084b1b6d5bd7b36c7877) + - [ ] [新型“Sneaky 2FA”钓鱼工具包瞄准微软365账户,绕过双重认证(2FA)窃取凭证](https://mp.weixin.qq.com/s?__biz=MzA4NTY4MjAyMQ==&mid=2447900162&idx=1&sn=f1cd9351fa6107901ed7fa81fb279643) + - [ ] [大年初一 | 开源网安祝福大家事业蒸蒸日上,生活阖家美满](https://mp.weixin.qq.com/s?__biz=MzI0NzY1MDgyMw==&mid=2247514013&idx=1&sn=5833bcc742d0d3e15ef6b74df78cc868) + - [ ] [碳泽信息祝您新春快乐,巳巳如意!](https://mp.weixin.qq.com/s?__biz=Mzk0ODI4MDI4Nw==&mid=2247494627&idx=1&sn=ffc67d2a6efe5b59293eda6175d3226f) + - [ ] [【2025春节】解题领红包活动开始喽,解出就送论坛币!](https://mp.weixin.qq.com/s?__biz=MjM5Mjc3MDM2Mw==&mid=2651141655&idx=1&sn=d21717226e40032625a74a2d00255e23) + - [ ] [巳巳如意 | 蛇年大吉](https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651313207&idx=1&sn=6fbe79faad8cf2aedae18f3523b11c63) + - [ ] [《信息安全研究》恭祝大家新春快乐!](https://mp.weixin.qq.com/s?__biz=MzA3NzgzNDM0OQ==&mid=2664992974&idx=1&sn=9cd2cb9e2b233b74a40604ea67942fa7) + - [ ] [大年初一丨安天智甲给您拜年了](https://mp.weixin.qq.com/s?__biz=MjM5MTA3Nzk4MQ==&mid=2650209897&idx=1&sn=6bfd5ddbc7574bf32992f11997f69d3d) + - [ ] [大年初一,拜大年](https://mp.weixin.qq.com/s?__biz=MjM5ODYyMTM4MA==&mid=2650464736&idx=1&sn=bc114265d19b16cd3c45f4cc8b871012) + - [ ] [联想全球安全实验室恭祝大家新春快乐!](https://mp.weixin.qq.com/s?__biz=MzU1ODk1MzI1NQ==&mid=2247491548&idx=1&sn=73c8dbc0a4131745e3e798eaa6404d16) + - [ ] [大年初一 蛇来运转](https://mp.weixin.qq.com/s?__biz=Mzg2MTU5ODQ2Mg==&mid=2247507173&idx=1&sn=3b4749529f6bca97d5553cb65fdec622) + - [ ] [数字取证之证据识别u200c](https://mp.weixin.qq.com/s?__biz=MjM5OTk4MDE2MA==&mid=2655264820&idx=1&sn=c47fa7a58ac994934f15782210c4718b) + - [ ] [网安原创文章推荐【2025/1/28】](https://mp.weixin.qq.com/s?__biz=MzAxNzg3NzMyNQ==&mid=2247489519&idx=1&sn=b63ac6606b1606adc9ec3fbf28433922) + - [ ] [大年初一到,财来福星照!新的一年,祝大家巳巳如意,蛇年行大运。](https://mp.weixin.qq.com/s?__biz=MzkyNDUxNTQ2Mw==&mid=2247485819&idx=1&sn=a9119ee1b24d286f56cda649c53d5870) + - [ ] [大年初一 | 祥蛇纳福,“巳巳”如意](https://mp.weixin.qq.com/s?__biz=MzA4MTg0MDQ4Nw==&mid=2247579267&idx=1&sn=b6b08865f0534077a40f3e336e85bd3f) + - [ ] [SQLite数据库注入攻击技术研究](https://mp.weixin.qq.com/s?__biz=MjM5MjEyMTcyMQ==&mid=2651037456&idx=1&sn=26b186946b56da6148be861444022c93) + - [ ] [春节](https://mp.weixin.qq.com/s?__biz=MzUyMjAyODU1NA==&mid=2247491946&idx=1&sn=960238aa34a57daeb943121fa63418f3) + - [ ] [新年好运签 | 统一云防御:统一防护管理,筑牢网络边界](https://mp.weixin.qq.com/s?__biz=MjM5NzA3Nzg2MA==&mid=2649870831&idx=1&sn=f2dffa473f8078bccfce2ac7f3814c1d) + - [ ] [春节|安赛祝大家新年快乐!](https://mp.weixin.qq.com/s?__biz=MzI3MzA2MTk3Mw==&mid=2657788240&idx=1&sn=8d0ec3ec282dc8d43159d7636218278b) + - [ ] [新春快乐|安势信息祝大家蛇年大吉!](https://mp.weixin.qq.com/s?__biz=Mzg3MDgyMzkwOA==&mid=2247491507&idx=1&sn=51f24fc4ce62cb89254184ab41c5d934) + - [ ] [初一|身体健康,万事如意!](https://mp.weixin.qq.com/s?__biz=MzU1MzE3Njg2Mw==&mid=2247510392&idx=1&sn=23b6d35cb71d82c23d562ba42b1e0694) + - [ ] [2024年公众号优质文章汇总](https://mp.weixin.qq.com/s?__biz=Mzg4NDg3NjE5MQ==&mid=2247485613&idx=1&sn=2ea4aed4c2413869c00fb53f76d1fae5) + - [ ] [正月初一 | 一帆风顺 元启新程](https://mp.weixin.qq.com/s?__biz=MzI2MzU0NTk3OA==&mid=2247506080&idx=1&sn=de989f72a1c24a6013bc32834fd66539) + - [ ] [捷普焕新领先产品全系列](https://mp.weixin.qq.com/s?__biz=MzI2MzU0NTk3OA==&mid=2247506080&idx=2&sn=ddbcbdccb66e8f94303cf95a7dd9420e) + - [ ] [【焕新领先】 捷普态势感知系统](https://mp.weixin.qq.com/s?__biz=MzI2MzU0NTk3OA==&mid=2247506080&idx=3&sn=5e87f69e3e89d5d4d0e72e5e973c9f0a) + - [ ] [粤港澳大湾区网络安全协会祝您新年快乐!](https://mp.weixin.qq.com/s?__biz=MzkwOTUyODE5Mg==&mid=2247485770&idx=1&sn=8c67f414c1d5363770af6d0c2d909922) + - [ ] [关于网络安全指标的思考](https://mp.weixin.qq.com/s?__biz=MzkwOTUyODE5Mg==&mid=2247485770&idx=2&sn=83e45c1783b1612d8163d9544c9f6b47) + - [ ] [众安天下祝您新春快乐、蛇年大吉!](https://mp.weixin.qq.com/s?__biz=MzIyOTUzODY5Ng==&mid=2247504322&idx=1&sn=5e6878918dcc0b4c304704e423a7a2c3) + - [ ] [天工实验室祝大家蛇年大吉,万事如意!](https://mp.weixin.qq.com/s?__biz=Mzk0OTU2ODQ4Mw==&mid=2247486754&idx=1&sn=62aa67a56b66db75099aae8ea64ceef9) + - [ ] [渗透测试 | 某学校授权渗透测试评估](https://mp.weixin.qq.com/s?__biz=Mzk0Mzc1MTI2Nw==&mid=2247487347&idx=1&sn=ecfde99bcc6735f0141a9b575a90c556) + - [ ] [有度安全给大家拜年啦!灵蛇启新元,初一福泽绵](https://mp.weixin.qq.com/s?__biz=Mzg3NTEyMzU4OA==&mid=2247513467&idx=1&sn=c5f15ab42712064a3075e44a9bc4d911) + - [ ] [元春始风华,万象启新朝。深圳市网安计算机网络安全培训中心恭祝您福启新岁,万事顺遂。](https://mp.weixin.qq.com/s?__biz=Mzg3MDYzMjAyNA==&mid=2247486206&idx=1&sn=c7d7d28fb1d2de4e50c094c384bd700e) + - [ ] [大年初一:福满新岁](https://mp.weixin.qq.com/s?__biz=MzU0NDk0NTAwMw==&mid=2247624760&idx=1&sn=7d6fdaf5776b133489f8cbfd0cf87135) + - [ ] [新春快乐,万事如意](https://mp.weixin.qq.com/s?__biz=MzI3NDY3NDUxNg==&mid=2247498914&idx=1&sn=9db465eba52da2dd54e90fb40b843bf6) + - [ ] [拜年啦:恭贺新禧,蛇年大吉!](https://mp.weixin.qq.com/s?__biz=Mzg2MDg0ODg1NQ==&mid=2247540150&idx=1&sn=c11b523ae88eb1cdd1b00c2e2e1e7f4b) + - [ ] [安领可信给您拜年啦!](https://mp.weixin.qq.com/s?__biz=MzUxNjUwNDU4OQ==&mid=2247483953&idx=1&sn=661f7bc51d8046599be7e71f46852275) + - [ ] [大年初一 汉华信安给您拜年了](https://mp.weixin.qq.com/s?__biz=Mzg5ODYyMTI2NA==&mid=2247484582&idx=1&sn=e4a8c83e259a25f4a962bab36d0c0afd) + - [ ] [正月初一拜大年!亚信安全祝大家蛇年顺遂,蛇蛇如意](https://mp.weixin.qq.com/s?__biz=MjM5NjY2MTIzMw==&mid=2650620958&idx=1&sn=1a539d599c8fa0167941d6bccc946ec9) + - [ ] [大年初一 一帆风顺](https://mp.weixin.qq.com/s?__biz=MjM5NzE0NTIxMg==&mid=2651135288&idx=1&sn=c8bf1121cab73be169ecaa119f5d9d5b) + - [ ] [慢雾科技祝大家新春快乐,“巳巳”如意!](https://mp.weixin.qq.com/s?__biz=MzU4ODQ3NTM2OA==&mid=2247501035&idx=1&sn=59e84e7659d99a54b6501ec2191845d8) + - [ ] [新年快乐 | 渊亭防务祝您巳巳如意,蛇年大吉!](https://mp.weixin.qq.com/s?__biz=Mzg2NTYyODgyNg==&mid=2247504626&idx=1&sn=947b971cf92a530af5d4af7a9f40378b) + - [ ] [初一 | 鞭炮声声辞旧岁,新衣新貌贺新年!](https://mp.weixin.qq.com/s?__biz=MzU4NjY4MDAyNQ==&mid=2247497078&idx=1&sn=93f0e2203558c5d2186205dae47e4ab0) + - [ ] [墨云科技 | 金蛇献瑞,谨贺新年](https://mp.weixin.qq.com/s?__biz=MzU5ODE2NDA3NA==&mid=2247496753&idx=1&sn=101bd162fb27a6b210c95d36ff4756c7) + - [ ] [磐石安科技|恭贺蛇年大吉!](https://mp.weixin.qq.com/s?__biz=MzkwNDI0MjkzOA==&mid=2247485840&idx=1&sn=e5045c1d16e658ef82f838d19add009a) + - [ ] [正月初一 | 安泰如意](https://mp.weixin.qq.com/s?__biz=Mzg2NDU3Mzc5OA==&mid=2247489779&idx=1&sn=76fc6dae86e231c41efea62f0565ac21) + - [ ] [大年初一 | 金蛇献瑞迎新春,岁月悠悠送吉祥](https://mp.weixin.qq.com/s?__biz=Mzk0MDQ5MTQ4NA==&mid=2247487427&idx=1&sn=eeef20b9473215312b0e39159d148a5b) + - [ ] [拜年啦](https://mp.weixin.qq.com/s?__biz=MzkxNTIwNTkyNg==&mid=2247553215&idx=1&sn=9e310bac7fb47a94b16a9da14e538d01) + - [ ] [大年初一丨新春启航,万事如意](https://mp.weixin.qq.com/s?__biz=MzAwNTAxMjUwNw==&mid=2650277649&idx=1&sn=f1b0ac4ba8a25aeb6f61b973093d555f) + - [ ] [春节|瑞蛇迎春,共赴新程](https://mp.weixin.qq.com/s?__biz=MzkxODczNjA4NQ==&mid=2247494021&idx=1&sn=55cd58add868195168feda1b08a0a2f1) + - [ ] [初一 | 大年初一 万事胜意](https://mp.weixin.qq.com/s?__biz=MzU1OTc2MzE2Mg==&mid=2247489329&idx=1&sn=d001254620cb5ccdcf51cb5a9a73670e) + - [ ] [祝大家新年蛇年大吉,健康喜乐](https://mp.weixin.qq.com/s?__biz=MzkzNDIzNDUxOQ==&mid=2247494577&idx=1&sn=4d5a9964a63a52fe6cdd3febc7abd292) + - [ ] [苹果修补了 2025 年首个被利用的 iOS 0day(CVE-2025-24085)](https://mp.weixin.qq.com/s?__biz=MzkzNDIzNDUxOQ==&mid=2247494577&idx=2&sn=2a3b9a9481760f2c54d584ed72cf307c) + - [ ] [春节 | 灵蛇迎春,福运满屋](https://mp.weixin.qq.com/s?__biz=MzU3MDA0MTE2Mg==&mid=2247492564&idx=1&sn=44253e74476868913d0de1065716dfad) + - [ ] [梅苑安全携带小猫祝大家蛇年快乐](https://mp.weixin.qq.com/s?__biz=MzkwMTU2NzMwOQ==&mid=2247484530&idx=1&sn=8610d601d8d5bd24528dc1545e83c1a5) + - [ ] [红队移动端评估测试工具](https://mp.weixin.qq.com/s?__biz=MzkyNzIxMjM3Mg==&mid=2247489192&idx=1&sn=f92f78566f73bdbcee373ac7834d1396) + - [ ] [不足挂齿](https://mp.weixin.qq.com/s?__biz=MzkyNzIxMjM3Mg==&mid=2247489192&idx=2&sn=4597cbd9bbf1d814a4d86c26bfb77eed) + - [ ] [范渊新年献词:以韧性回应时代,以AI引领未来](https://mp.weixin.qq.com/s?__biz=MjM5NTE0MjQyMg==&mid=2650624573&idx=1&sn=bde5fc48268dbc7566e0b36ca5ea68e8) + - [ ] [【初一】新岁启封,同赴新程](https://mp.weixin.qq.com/s?__biz=MjM5NTE0MjQyMg==&mid=2650624573&idx=2&sn=c4581b248078cb6ff6f9d465754da975) + - [ ] [像 C2 一样使用 VSCode - 红队风格](https://mp.weixin.qq.com/s?__biz=MzkwOTE5MDY5NA==&mid=2247504777&idx=1&sn=6a7bb7db4890f89678a69854ecbce461) + - [ ] [InForSec祝网络安全华人学者春节愉快!](https://mp.weixin.qq.com/s?__biz=MzA4ODYzMjU0NQ==&mid=2652317463&idx=1&sn=3b304079c535abddffd4968cd9d1c718) + - [ ] [蛇年大吉](https://mp.weixin.qq.com/s?__biz=MzI2Mzc4ODc1NQ==&mid=2247489583&idx=1&sn=e98d28ca40b57b5b32aac53edfeb1946) + - [ ] [【贺蛇年】初一纳福 网安启途](https://mp.weixin.qq.com/s?__biz=MzAxMjE1MDY0NA==&mid=2247508841&idx=1&sn=8c7d1aeb8c2b6827bcde2b323e04027e) + - [ ] [别搞](https://mp.weixin.qq.com/s?__biz=MzAwMjQ2NTQ4Mg==&mid=2247496843&idx=1&sn=12979bae2be8a2d90496e7c79e8bb831) + - [ ] [国自然中标真不难!十年评审专家1v1精修本子,中标率提升58%](https://mp.weixin.qq.com/s?__biz=MzAwMjQ2NTQ4Mg==&mid=2247496843&idx=2&sn=d9858f7695b5db1be02e2d9887ab97d1) + - [ ] [【大年初一】喜迎蛇年 瑞气呈祥](https://mp.weixin.qq.com/s?__biz=MjM5NzYwNDU0Mg==&mid=2649249641&idx=1&sn=7a41d8aceeeb227acfb93b534968da9c) + - [ ] [迎新年,启新篇|任子行祝您新春快乐、蛇年行大运](https://mp.weixin.qq.com/s?__biz=MzI0NjAyMjU4MA==&mid=2649595765&idx=1&sn=fd65317a7df2cda280b10b05734a7e1d) + - [ ] [新年伊始,华为星河AI融合SASE解决方案祝您“SASE”过群雄,一鸣惊人!](https://mp.weixin.qq.com/s?__biz=MzAwODU5NzYxOA==&mid=2247505875&idx=1&sn=d3e7db45fae8f8b023d025df3a110d88) + - [ ] [初一 | 新春纳福](https://mp.weixin.qq.com/s?__biz=MzIxNTQxMjQyNg==&mid=2247493740&idx=1&sn=3a548b5f7979b125fbee60be48b4bfe1) + - [ ] [【2025】新年快乐](https://mp.weixin.qq.com/s?__biz=MzUwOTc3MTQyNg==&mid=2247491386&idx=1&sn=81b68fc009fb3bb698df452f0490aebb) + - [ ] [分享图片](https://mp.weixin.qq.com/s?__biz=MzI3Njc1MjcxMg==&mid=2247494394&idx=1&sn=46b470b30f34d28b91b7446c0432ba7f) + - [ ] [巳巳如意 生生不息丨云天安全祝您新春快乐](https://mp.weixin.qq.com/s?__biz=MzI2NDYzNjY0Mg==&mid=2247501216&idx=1&sn=1bb93c2c50c51f4ba008c8c002e163e1) + - [ ] [Mac下破解激活JetBrains产品](https://mp.weixin.qq.com/s?__biz=Mzg5OTgzMzA1OA==&mid=2247483872&idx=1&sn=8fa59f27c9706af7c69ee722c4016785) + - [ ] [正月初一|金蛇迎春 巳巳如意](https://mp.weixin.qq.com/s?__biz=MzIxNDIzNTcxMg==&mid=2247506758&idx=1&sn=b9e384ec8963ccca8fe2773ebbb9023c) + - [ ] [魔方安全祝你蛇来运转,前程螣螣](https://mp.weixin.qq.com/s?__biz=MzI3NzA5NDc0MA==&mid=2649292206&idx=1&sn=3f87066febd3b789c0e7db2baf1fd1f9) + - [ ] [灵蛇启新元 初一福泽绵](https://mp.weixin.qq.com/s?__biz=MzU0MjEwNTM5Ng==&mid=2247520421&idx=1&sn=9d1cb6d9e4d36868892fdffebe8001f7) + - [ ] [瑞蛇迎春,共筑网安新未来!](https://mp.weixin.qq.com/s?__biz=MzU5ODgzNTExOQ==&mid=2247635828&idx=1&sn=dc1ea39348bc6420d3d24e3cbd1814d2) + - [ ] [大年初一|蛇年顺遂,事事如意!](https://mp.weixin.qq.com/s?__biz=MzU2NzUxMTM0Nw==&mid=2247513467&idx=1&sn=976f6d8db01ae07c788cd029211a3ee6) + - [ ] [山石网科·AI汇东方|正月初一,蛇年大吉](https://mp.weixin.qq.com/s?__biz=MzAxMDE4MTAzMQ==&mid=2661298278&idx=1&sn=48cdce5c730da12f4ee90406ada0f6f5) + - [ ] [拜大年|蛇跃新程 云科同行!](https://mp.weixin.qq.com/s?__biz=Mzg2NTk3NjczNQ==&mid=2247485633&idx=1&sn=8b101c6e5ac782199e1104c0e13efbc4) + - [ ] [恭贺新春 | 金盾信安祝您新春快乐,蛇年大吉!](https://mp.weixin.qq.com/s?__biz=MjM5NjA2NzY3NA==&mid=2448682671&idx=1&sn=5bdff851e304d4dbeff7833d0318a678) + - [ ] [迎新春 过新年 御盾安全给大家拜年啦!](https://mp.weixin.qq.com/s?__biz=MzU4ODgxMjE0Mw==&mid=2247486347&idx=1&sn=858139f172118c4bb834d05bf953cc4f) + - [ ] [蛇年到,福气绕,元支点给您拜年啦!](https://mp.weixin.qq.com/s?__biz=MzI4MDE2MzA4Mw==&mid=2667651078&idx=1&sn=747dc83ae36cc0ea5c1b93eb4bdbaf25) + - [ ] [极验给大家拜年了!](https://mp.weixin.qq.com/s?__biz=MzI2MDE5MTQxNg==&mid=2649723247&idx=1&sn=589cd5ffbdc64554e70c473143cb5c8e) + - [ ] [一元复始 万象更新,能信安祝您及家人新春大吉 万事如意!](https://mp.weixin.qq.com/s?__biz=MzI1MTYzMjY1OQ==&mid=2247490788&idx=1&sn=4ecf028f6de13d48505acb287263846e) + - [ ] [初一 | 恭贺新春,蛇年大吉!](https://mp.weixin.qq.com/s?__biz=Mzg4MjQ4MjM4OA==&mid=2247523802&idx=1&sn=6d75fb5fa444f7b8b4309bb64caadaf9) + - [ ] [金蛇纳福 | 大年初一,网安拜大年!](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235919&idx=1&sn=a091ebd91146a52049677eef87b7cfa1) + - [ ] [蛇年大吉 恭贺新春](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235919&idx=2&sn=1b8c628b25f0a25746c47876084b1c61) + - [ ] [祥蛇贺岁!2025,祝您蛇年顺遂、巳巳如意](https://mp.weixin.qq.com/s?__biz=MzkyNDcwMTAwNw==&mid=2247533748&idx=1&sn=2d4e5d8e231d87a0691bbaaf7bf882f2) + - [ ] [祥蛇献瑞,国泰家康丨永信至诚祝您新春快乐!](https://mp.weixin.qq.com/s?__biz=MzAwNDUyMjk4MQ==&mid=2454829244&idx=1&sn=15d13b997ed8a1d2b6de05f8f19815f0) + - [ ] [洞察2025年网络安全产业趋势](https://mp.weixin.qq.com/s?__biz=Mzg5OTg5OTI1NQ==&mid=2247489844&idx=1&sn=36f1c90e8bd6d4b656b0d844e9d34e9f) + - [ ] [新年快乐,巳巳如意!](https://mp.weixin.qq.com/s?__biz=Mzk0NTU0ODc0Nw==&mid=2247491864&idx=1&sn=bdd69466a0fca637b7efccc408def11e) + - [ ] [蛇跃新程,矢安科技祝您新的一年“巳巳如意”!](https://mp.weixin.qq.com/s?__biz=Mzg2Mjc3NTMxOA==&mid=2247516821&idx=1&sn=b60521f8bd702c0158be36308c378c7f) + - [ ] [拜大年,心向暖阳,愿邮件安全顺遂无忧](https://mp.weixin.qq.com/s?__biz=MzA5NjMyMDEwNg==&mid=2649286360&idx=1&sn=010f5320070eb627541f94e272efd09b) + - [ ] [初一 | 拜大年](https://mp.weixin.qq.com/s?__biz=MzI5NjA4NjA3OA==&mid=2652102063&idx=1&sn=3c51fdc8f0addd6ae0cfb25d2b458ea3) + - [ ] [新春快乐,蛇年吉祥,祝公众号的朋友们身体健康,工作顺利!](https://mp.weixin.qq.com/s?__biz=Mzg3NTUzOTg3NA==&mid=2247515082&idx=1&sn=47788096ca6fa4a1ecb947344b4af31a) + - [ ] [恭贺新春](https://mp.weixin.qq.com/s?__biz=MzU3NTQwNDYyNA==&mid=2247488573&idx=1&sn=0d50fb0a6590fdc5c74cdc1b072da0d9) + - [ ] [医疗行业数据安全风险评估实践指南(一)](https://mp.weixin.qq.com/s?__biz=MzA5MTYyMDQ0OQ==&mid=2247493571&idx=1&sn=5bb28d26963d363a5d4590d66a8df87b) + - [ ] [乙巳春节|新岁启封 万象更新](https://mp.weixin.qq.com/s?__biz=MjM5NjU0NDQ1Ng==&mid=2671019617&idx=1&sn=629fac95808c3f7da16dfa3856f5403c) + - [ ] [蛇年至,万象新,安易科技祝您新年快乐!](https://mp.weixin.qq.com/s?__biz=MzkwMTI3ODUxOQ==&mid=2247485207&idx=1&sn=b324e11004c245d1addc71c420ae24b2) + - [ ] [拜大年 | 竹爆声声辞旧岁,烟花朵朵迎新春。知白学院给您拜年啦~](https://mp.weixin.qq.com/s?__biz=MzUzNDg0NTc1NA==&mid=2247510555&idx=1&sn=adf528e69e77da7e1ade94a1037f657a) + - [ ] [贺新春!](https://mp.weixin.qq.com/s?__biz=MzUxODY3MDExMA==&mid=2247490118&idx=1&sn=41ce7f2bb938c7cb6e68ae48ea0bed1b) + - [ ] [新年祝福](https://mp.weixin.qq.com/s?__biz=Mzg4Nzk3MTg3MA==&mid=2247487719&idx=1&sn=cdab963d88b8a7a93f57e02822946c95) + - [ ] [船山信安给各位师傅们拜年啦!](https://mp.weixin.qq.com/s?__biz=MzU2NDY2OTU4Nw==&mid=2247518508&idx=1&sn=0bcd7cdfb692d548afb9fc3e4e0aabd8) + - [ ] [新年记](https://mp.weixin.qq.com/s?__biz=MzU0NDI5NTY4OQ==&mid=2247486261&idx=1&sn=a99fd42137a2c3a4e337746ba8d1c4d7) + - [ ] [安全客祝您蛇来运转,福满乾坤!](https://mp.weixin.qq.com/s?__biz=MzA5ODA0NDE2MA==&mid=2649787812&idx=1&sn=db21fb03c585e8434fd2aa509fe447b4) + - [ ] [【新年快乐】菜狗安全祝师傅们新年快乐(内含抽奖)](https://mp.weixin.qq.com/s?__biz=Mzg4MzkwNzI1OQ==&mid=2247485729&idx=1&sn=a0b793b557e83bc2f4e8ab3baff70b5b) + - [ ] [HackingClub祝您巳巳如意,前程螣螣!](https://mp.weixin.qq.com/s?__biz=MzkxMzE4MTc5Ng==&mid=2247499518&idx=1&sn=d9ce9cfedb17f3e247b95cd20c211551) + - [ ] [内生安全联盟恭祝大家新春快乐,万事大吉!](https://mp.weixin.qq.com/s?__biz=Mzg4MDU0NTQ4Mw==&mid=2247528904&idx=1&sn=4e192436cfabe37848d9c0a532aeaba5) + - [ ] [🐱网安招财喵喵新春祝福~](https://mp.weixin.qq.com/s?__biz=MzkzNjE5NjQ4Mw==&mid=2247543340&idx=1&sn=ee9b97e42573764b723f01e86b6ece2b) + - [ ] [大学生网络安全尖锋训练营给您拜年](https://mp.weixin.qq.com/s?__biz=MzUzODkwMDMxNA==&mid=2247574850&idx=1&sn=88a610b92fc3393da2255798f8ed2153) + - [ ] [《网信自主创新调研报告》编委会给您拜年](https://mp.weixin.qq.com/s?__biz=MzkxMzI3MzMwMQ==&mid=2247530977&idx=1&sn=d05ad11631bf7f2d2c27a0398c17cfe2) + - [ ] [暗魂攻防实验室祝各位蛇年大吉](https://mp.weixin.qq.com/s?__biz=MzkyMjE1NzQ2MA==&mid=2247489711&idx=1&sn=0ebcd1f0d28d56eff0d0744371744710) + - [ ] [惊喜放送丨辞旧迎新除烦恼,万巳如意好运来,火绒祝您新春大吉!](https://mp.weixin.qq.com/s?__biz=MzI3NjYzMDM1Mg==&mid=2247522008&idx=1&sn=72eb4a612f06bf7c8a597e0f7dc088e1) + - [ ] [诚邀渠道合作伙伴共启新征程](https://mp.weixin.qq.com/s?__biz=MzI3NjYzMDM1Mg==&mid=2247522008&idx=2&sn=9adee9b586588ae9a54e6a2b1cba98ec) + - [ ] [灵蛇迎春 瑞气盈门|美创科技祝您新岁安康,蛇来运转](https://mp.weixin.qq.com/s?__biz=MzA3NDE0NDUyNA==&mid=2650805046&idx=1&sn=744a4d22945a4c2a5c8ccfa9f48e6457) + - [ ] [迪普科技祝您新年快乐丨金蛇献瑞展宏图 续写网安新篇章](https://mp.weixin.qq.com/s?__biz=MzA4NzE5MzkzNA==&mid=2650370747&idx=1&sn=4d579b58e19a18bfbdb857b1fc747993) + - [ ] [骇极安全](https://mp.weixin.qq.com/s?__biz=MzIwNTU1NjYwNA==&mid=2247488014&idx=1&sn=d62058ec064d318cd051237797748ebf) + - [ ] [网安守夜人祝大家新年快乐](https://mp.weixin.qq.com/s?__biz=MzU0MzgyMzM2Nw==&mid=2247486255&idx=1&sn=cbfd1798a20828ea6d7687536ae8f243) + - [ ] [杂感四则](https://mp.weixin.qq.com/s?__biz=MzA5MzU5MzQzMA==&mid=2652114260&idx=1&sn=e7c060b972419b42cb2ed3ff9bd69084) + - [ ] [春节 | 密织数据安全网,祥启蛇年好运章](https://mp.weixin.qq.com/s?__biz=MzkyNzE5MDUzMw==&mid=2247569445&idx=1&sn=81d7230341be2c2bc815d4771fe32884) + - [ ] [攻防靶场(54):从LFI到RCE](https://mp.weixin.qq.com/s?__biz=MzI0NjA3Mzk2NQ==&mid=2247496095&idx=1&sn=4bba7300e436e3e9e1eb11a361c42c25) +- Der Flounder + - [ ] [Managing Apple Intelligence features on macOS Sequoia 15.3](https://derflounder.wordpress.com/2025/01/29/managing-apple-intelligence-features-on-macos-sequoia-15-3/) +- Hacking Articles + - [ ] [Credential Dumping: AD User Comment](https://www.hackingarticles.in/credential-dumping-ad-user-comment/) +- Google Online Security Blog + - [ ] [How we kept the Google Play & Android app ecosystems safe in 2024](http://security.googleblog.com/2025/01/how-we-kept-google-play-android-app-ecosystem-safe-2024.html) + - [ ] [How we estimate the risk from prompt injection attacks on AI systems](http://security.googleblog.com/2025/01/how-we-estimate-risk-from-prompt.html) - Private Feed for M09Ic - - [ ] [mgeeky starred mcmilk/7-Zip-zstd](https://github.com/mcmilk/7-Zip-zstd) - - [ ] [xpn starred dreadnode/cli](https://github.com/dreadnode/cli) - - [ ] [killeven starred deepseek-ai/DeepSeek-V3](https://github.com/deepseek-ai/DeepSeek-V3) - - [ ] [mgeeky starred LLVMParty/LLVMCMakeTemplate](https://github.com/LLVMParty/LLVMCMakeTemplate) - - [ ] [mgeeky starred Adaptix-Framework/AdaptixC2](https://github.com/Adaptix-Framework/AdaptixC2) - - [ ] [CHYbeta starred deepseek-ai/awesome-deepseek-integration](https://github.com/deepseek-ai/awesome-deepseek-integration) - - [ ] [safedv starred racoten/BetterNetLoader](https://github.com/racoten/BetterNetLoader) - - [ ] [safedv starred NoahKirchner/speedloader](https://github.com/NoahKirchner/speedloader) -- Sucuri Blog - - [ ] [Sucuri WAF Now Supports HTTP/3: A Faster and More Secure Web Experience](https://blog.sucuri.net/2025/01/sucuri-waf-now-supports-http-3-a-faster-and-more-secure-web-experience.html) -- 一个被知识诅咒的人 - - [ ] [Python中的asyncio:高效的异步编程模型](https://blog.csdn.net/nokiaguy/article/details/145386296) - - [ ] [【人工智能】基于Python的机器翻译系统,从RNN到Transformer的演进与实现](https://blog.csdn.net/nokiaguy/article/details/145386286) -- obaby@mars - - [ ] [祝大家新年快乐](https://h4ck.org.cn/2025/01/19056) -- Swing'Blog 浮生若梦 - - [ ] [CVE-2025-0282 Ivanti Connect Secure VPN 栈溢出漏洞分析](https://bestwing.me/CVE-2025-0282-Ivanti-Connect-Secure-VPN-stack-overflow.html) + - [ ] [CHYbeta starred sannykim/solsec](https://github.com/sannykim/solsec) + - [ ] [INotGreen starred 0xrawsec/whids](https://github.com/0xrawsec/whids) + - [ ] [safedv starred S3cur3Th1sSh1t/gui-pwn](https://github.com/S3cur3Th1sSh1t/gui-pwn) - Recent Commits to cve:main - - [ ] [Update Tue Jan 28 20:20:38 UTC 2025](https://github.com/trickest/cve/commit/84532ae2b8e9faef03daab62637fea93055c5f46) - - [ ] [Update Tue Jan 28 12:25:27 UTC 2025](https://github.com/trickest/cve/commit/046dff1f309416991e0350c5de230e05922e6962) - - [ ] [Update Tue Jan 28 04:25:42 UTC 2025](https://github.com/trickest/cve/commit/1973cb584ac5acc9fa6a12b9f74e3c5ab7bf2429) -- GuidePoint Security - - [ ] [GRIT 2025 Report: Post-Compromise Detection Strategies](https://www.guidepointsecurity.com/blog/grit-2025-report-post-compromise-detection-strategies/) -- Hacking Dream - - [ ] [Running DeepSeek AI Locally on your PC/Laptop](https://www.hackingdream.net/2025/01/running-deepseek-ai-locally-on-your-pc-laptop.html) + - [ ] [Update Wed Jan 29 20:28:19 UTC 2025](https://github.com/trickest/cve/commit/2a9a6c5e8dfdef652b3351b8c7c20cddc3b7958c) + - [ ] [Update Wed Jan 29 12:26:44 UTC 2025](https://github.com/trickest/cve/commit/023d47466c3dfcf89301b51bd1f75e5ac6af45d2) + - [ ] [Update Wed Jan 29 04:20:44 UTC 2025](https://github.com/trickest/cve/commit/9bbcd187c35f8f8562d789c9c6a09501e13902b6) +- Trustwave Blog + - [ ] [Inside APT34 (OilRig): Tools, Techniques, and Global Cyber Threats](https://www.trustwave.com/en-us/resources/blogs/trustwave-blog/inside-apt34-oilrig-tools-techniques-and-global-cyber-threats/) +- Bug Bounty in InfoSec Write-ups on Medium + - [ ] [5 Things You Should Understand Before Jumping into Bug Bounty](https://infosecwriteups.com/5-things-you-should-understand-before-jumping-into-bug-bounty-813cd960c6bc?source=rss----7b722bfd1b8d--bug_bounty) + - [ ] [Exploiting XSS To Steal Cookies](https://infosecwriteups.com/exploiting-xss-to-steal-cookies-f0aebdcd815b?source=rss----7b722bfd1b8d--bug_bounty) + - [ ] [How I Found a Ticket Booking Bug That Allowed Me to Travel Almost for Free in TNSTC](https://infosecwriteups.com/how-i-found-a-ticket-booking-bug-that-allowed-me-to-travel-almost-for-free-in-tnstc-2c7aa23aebf6?source=rss----7b722bfd1b8d--bug_bounty) - Horizon3.ai - - [ ] [Top 150 Cybersecurity Vendors 2025](https://cyber150.com/#new_tab) - - [ ] [Building Cyber Resilience Across a Distributed Network](https://www.horizon3.ai/customer-story/building-cyber-resilience-across-a-distributed-network/) + - [ ] [Fireside Chat: Horizon3.ai and North Carolina’s Electric Cooperatives](https://www.horizon3.ai/intelligence/webinars/fireside-chat-horizon3-ai-and-north-carolinas-electric-cooperatives/) +- Blogs dade + - [ ] [Lessons in Everything](https://0xda.de/blog/2025/01/lessons-in-everything/) +- Twitter @bytehx + - [ ] [Re @yeswehack Thanks !](https://x.com/bytehx343/status/1884630328339472481) + - [ ] [Re @CristiVlad25 @yeswehack :-)](https://x.com/bytehx343/status/1884599250329411751) + - [ ] [Re @_justYnot @Hacker0x01 Thanks!](https://x.com/bytehx343/status/1884599038978515142) + - [ ] [Re @A_Atef200 @yeswehack No. This is private and I am sure that it won’t be duped:)](https://x.com/bytehx343/status/1884597418005860707) + - [ ] [Yay, I was awarded a $$$ bounty on @Hacker0x01! https://hackerone.com/bytehx #TogetherWeHitHarder](https://x.com/bytehx343/status/1884583738790793420) + - [ ] [Just got a reward for a high vulnerability submitted on @yeswehack -- Information Disclosure (CWE-200). https://yeswehack.com/hunters/bytehx #YesWeRHa...](https://x.com/bytehx343/status/1884583581504491599) + - [ ] [Just got a reward for a vulnerability submitted on @yeswehack -- Acceptance of Extraneous Untrusted Data With Trusted Data - Cache Poisoning (CWE-349)...](https://x.com/bytehx343/status/1884583503851114555) +- Securelist + - [ ] [Threat predictions for industrial enterprises 2025](https://securelist.com/industrial-threat-predictions-2025/115327/) +- Malwarebytes + - [ ] [These are the 10 worst PIN codes](https://www.malwarebytes.com/blog/news/2025/01/these-are-the-10-worst-pin-codes) +- NVISO Labs + - [ ] [Backups & DRP in the ransomware era](https://blog.nviso.eu/2025/01/29/backups-drp-in-the-ransomware-era/) +- Insinuator.net + - [ ] [Jigsaw RDPuzzle: Piecing Attacker Actions Together](https://insinuator.net/2025/01/jigsaw-rdpuzzle/) +- GuidePoint Security + - [ ] [Ongoing report: Babuk2 (Babuk-Bjorka)](https://www.guidepointsecurity.com/blog/ongoing-report-babuk2-babuk-bjorka/) - Malware-Traffic-Analysis.net - Blog Entries - - [ ] [2025-01-23: Fake installer leads to Koi Loader/Koi Stealer](https://www.malware-traffic-analysis.net/2025/01/23/index.html) -- Trail of Bits Blog - - [ ] [Best practices for key derivation](https://blog.trailofbits.com/2025/01/28/best-practices-for-key-derivation/) -- VMRay - - [ ] [From analysis to action: Enhancing government threat models with malware insights](https://www.vmray.com/from-analysis-to-action-enhancing-government-threat-models-with-malware-insights/) -- PortSwigger Research - - [ ] [Bypassing character blocklists with unicode overflows](https://portswigger.net/research/bypassing-character-blocklists-with-unicode-overflows) -- PortSwigger Blog - - [ ] [The complexities of scaling AppSec teams and how to address them in 2025](https://portswigger.net/blog/the-complexities-of-scaling-appsec-teams-and-how-to-address-them-in-2025) + - [ ] [2025-01-28: Malwre infection from web inject activity](https://www.malware-traffic-analysis.net/2025/01/28/index.html) - Reverse Engineering - - [ ] [Malimite is an iOS and macOS decompiler](https://www.reddit.com/r/ReverseEngineering/comments/1icg0we/malimite_is_an_ios_and_macos_decompiler/) - - [ ] [Data Speculation Attacks on Apple Silicon](https://www.reddit.com/r/ReverseEngineering/comments/1icfpij/data_speculation_attacks_on_apple_silicon/) -- Malwarebytes - - [ ] [Apple users: Update your devices now to patch zero-day vulnerability](https://www.malwarebytes.com/blog/news/2025/01/apple-users-update-your-devices-now-to-patch-zero-day-vulnerability) -- FreeBuf网络安全行业门户 - - [ ] [勒索软件利用隐秘SSH隧道攻击ESXi系统,实现C2通信](https://www.freebuf.com/articles/system/420939.html) -- 奇客Solidot–传递最新科技情报 - - [ ] [研究估计到 2100 年欧洲高温死亡人数增加五成](https://www.solidot.org/story?sid=80443) - - [ ] [Google 开源 Pebble 智能手表操作系统](https://www.solidot.org/story?sid=80442) - - [ ] [用开源方法复现 DeepSeek-R1](https://www.solidot.org/story?sid=80441) -- Shostack & Friends Blog - - [ ] [National Cyber Incident Response Plan comments](https://shostack.org/blog/national-cyber-incident-response-plan/) + - [ ] [How To Avoid Malware Rabbitholes](https://www.reddit.com/r/ReverseEngineering/comments/1id52rn/how_to_avoid_malware_rabbitholes/) + - [ ] [Got bored, reversed the WMI. Made a novel virus that never touches the filesystem](https://www.reddit.com/r/ReverseEngineering/comments/1icgfua/got_bored_reversed_the_wmi_made_a_novel_virus/) + - [ ] [ScatterBrain: Unmasking the Shadow of PoisonPlug's Obfuscator](https://www.reddit.com/r/ReverseEngineering/comments/1id0io4/scatterbrain_unmasking_the_shadow_of_poisonplugs/) + - [ ] [CVE-2024-49138 Windows CLFS heap-based buffer overflow analysis](https://www.reddit.com/r/ReverseEngineering/comments/1icpgh4/cve202449138_windows_clfs_heapbased_buffer/) + - [ ] [Bypass login on app. Company went out of business meaning no new users can access the underwater drone as the servers are offline. Can somebody figure out a bypass hack?](https://www.reddit.com/r/ReverseEngineering/comments/1ich60h/bypass_login_on_app_company_went_out_of_business/) +- hn security + - [ ] [CVE-2024-49138 Windows CLFS heap-based buffer overflow analysis – Part 2](https://security.humanativaspa.it/cve-2024-49138-windows-clfs-heap-based-buffer-overflow-analysis-part-2/) + - [ ] [CVE-2024-49138 Windows CLFS heap-based buffer overflow analysis – Part 1](https://security.humanativaspa.it/cve-2024-49138-windows-clfs-heap-based-buffer-overflow-analysis-part-1/) +- Wallarm + - [ ] [API Security Is At the Center of OpenAI vs. DeepSeek Allegations](https://lab.wallarm.com/api-security-is-at-the-center-of-openai-vs-deepseek-allegations/) +- daniel.haxx.se + - [ ] [A 1337 curl author](https://daniel.haxx.se/blog/2025/01/29/a-1337-curl-author/) +- Security Blog | Praetorian + - [ ] [Introducing Nosey Parker Explorer](https://www.praetorian.com/blog/announcing-nosey-parker-explorer/) - 安全分析与研究 - - [ ] [安全分析与研究新年优惠活动](https://mp.weixin.qq.com/s?__biz=MzA4ODEyODA3MQ==&mid=2247490214&idx=1&sn=238b595f99800c4991ac3e031a617c7f&chksm=902fb58ea7583c98e9ddb14df7809c329edb32cc5712822a43578e6f6d1d7144cf1fecb0f797&scene=58&subscene=0#rd) -- 锦行科技 - - [ ] [除夕 | 团圆守岁](https://mp.weixin.qq.com/s?__biz=MzIxNTQxMjQyNg==&mid=2247493739&idx=1&sn=c40ba2e100570ac69b06d868d4c023f6&chksm=979a13cea0ed9ad88be1125eaf8a6b2f2cc605dcebf820f7bf4e02f16087b4630e41bd06eee1&scene=58&subscene=0#rd) -- 白帽100安全攻防实验室 - - [ ] [白帽一百祝大家除夕快乐 | 文末抽奖](https://mp.weixin.qq.com/s?__biz=MzIxMDYyNTk3Nw==&mid=2247515161&idx=1&sn=3f2f882686de333d655eeacd52bf2dbc&chksm=976348cfa014c1d9acaa8e7c59f8871624f6a60fec4938f95bbdc95a0b04832cd0194bcbd553&scene=58&subscene=0#rd) -- 吾爱破解论坛 - - [ ] [分享图片](https://mp.weixin.qq.com/s?__biz=MjM5Mjc3MDM2Mw==&mid=2651141650&idx=1&sn=e3110752e4ffe937f324f685970f7f7d&chksm=bd50a6468a272f5024154f18471dea1e90fd56dcda584cb19983130a4ae5445176d483274784&scene=58&subscene=0#rd) + - [ ] [夜鹰(NightHawk)C2工具被泄露了?](https://mp.weixin.qq.com/s?__biz=MzA4ODEyODA3MQ==&mid=2247490232&idx=1&sn=71a4e338358972fe51261cbc15ddcc02&chksm=902fb590a7583c8670bf284d9d8eb2fb2c3d7608c5cccf3c64a743f4b24808388990b8b5fde4&scene=58&subscene=0#rd) +- 奇客Solidot–传递最新科技情报 + - [ ] [Meta 短暂禁止用户发表任何涉及 Linux 的帖子](https://www.solidot.org/story?sid=80447) + - [ ] [腾讯游戏《三角洲行动》被发现会修改用户 CPU 调度和性能释放策略](https://www.solidot.org/story?sid=80446) + - [ ] [心脏病是美国的第一死因](https://www.solidot.org/story?sid=80445) + - [ ] [公共图书馆能给人们的生活带来积极影响](https://www.solidot.org/story?sid=80444) - 红日安全 - - [ ] [除夕夜,合家团圆,红日安全携手共迎新春!🎆🌟 新的一年,愿与您一起守护数字世界,开启更加稳固的商业未来!💼🔐](https://mp.weixin.qq.com/s?__biz=MzI4NjEyMDk0MA==&mid=2649851758&idx=1&sn=9e7fdd47524e28eb38189eecd4f8e494&chksm=f3e4e9edc49360fb9800add526de22a3005efd022ab9b8ffc02527465e0b464ca3fe928a508f&scene=58&subscene=0#rd) -- 安全内参 - - [ ] [突发!DeepSeek遭大规模恶意攻击](https://mp.weixin.qq.com/s?__biz=MzI4NDY2MDMwMw==&mid=2247513606&idx=1&sn=c00cf1c71328532ab314b816e276ebd8&chksm=ebfaf126dc8d783046da2e5424c76d7fb9ec3cd85676d2e93c5db7a7af817293fe531ec3a044&scene=58&subscene=0#rd) -- 信息安全国家工程研究中心 - - [ ] [恭贺新禧 | 瑞彩盈春盛景长,工程中心祝您新春快乐!](https://mp.weixin.qq.com/s?__biz=MzU5OTQ0NzY3Ng==&mid=2247498792&idx=1&sn=f277f20331e69c40ad775f29da0c8ede&chksm=feb67d3bc9c1f42d897ea4e78ac53000b52ae91a3fd33eb8f1b0e68b43ff243b3cff482f57b3&scene=58&subscene=0#rd) -- 网络空间安全科学学报 - - [ ] [《网络空间安全科学学报》恭祝大家新春快乐!](https://mp.weixin.qq.com/s?__biz=MzI0NjU2NDMwNQ==&mid=2247504687&idx=1&sn=e024501dcdf71e762898408c4b021501&chksm=e9bfc791dec84e879b034e32ac4b8585ab5f79c72506da72eaff60ed33de62c7fd3d5be74c8a&scene=58&subscene=0#rd) -- 中国信息安全 - - [ ] [金蛇纳福 | 除夕大年夜,网安贺新春!](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235910&idx=1&sn=b0672a4323005a47b990decd5489b9b5&chksm=8b58017fbc2f8869dc12d3eae6576f3996fab46384314e421819881ab158af09ec2c9ea1ee11&scene=58&subscene=0#rd) - - [ ] [辞旧迎新 喜迎蛇年](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235910&idx=2&sn=04f7502a3c21d8e0ff68a1afbaa3d271&chksm=8b58017fbc2f8869535c224bbbdf7616c84b7648d3af144e7f8839482f4da6c7a4abe07532e1&scene=58&subscene=0#rd) -- 微步在线 - - [ ] [祝大家新春快乐!](https://mp.weixin.qq.com/s?__biz=MzI5NjA0NjI5MQ==&mid=2650183108&idx=1&sn=6beef11e4a6096c49c2cbe62b5fc19f6&chksm=f4486e78c33fe76e204f182d703c408d91c0b83853b30f7fe82e9a7bdc9957c63234d0ac5360&scene=58&subscene=0#rd) + - [ ] [新春伊始,红日安全启航!愿与您共同筑牢数字防线,共同迈向更安全的明天!🔒🌱](https://mp.weixin.qq.com/s?__biz=MzI4NjEyMDk0MA==&mid=2649851765&idx=1&sn=568da818c7d56ee694372f7ca3d04ddc&chksm=f3e4e9f6c49360e020e5c1183896432b1d52e3c9e96fa7577bb40590a7280b1b5987a521a472&scene=58&subscene=0#rd) +- 吾爱破解论坛 + - [ ] [【2025春节】解题领红包活动开始喽,解出就送论坛币!](https://mp.weixin.qq.com/s?__biz=MjM5Mjc3MDM2Mw==&mid=2651141655&idx=1&sn=d21717226e40032625a74a2d00255e23&chksm=bd50a6438a272f55f2e9c7890cabd2ec30b2ec5b946b2dcb7f37c96667f152909cb765fc17fe&scene=58&subscene=0#rd) +- 丁爸 情报分析师的工具箱 + - [ ] [【实操】利用Deepseek传承和弘扬传统文化](https://mp.weixin.qq.com/s?__biz=MzI2MTE0NTE3Mw==&mid=2651148736&idx=1&sn=39a0df253f09d26a6151599d1e8bfb20&chksm=f1af26fac6d8afec1e52db48f994cfe77da1b04b5a1e5aeba491a41f83b5e2b01795b8074105&scene=58&subscene=0#rd) + - [ ] [【培训】Osint开源情报练习 #002](https://mp.weixin.qq.com/s?__biz=MzI2MTE0NTE3Mw==&mid=2651148736&idx=2&sn=ebee4c79a769e10968179969c634d83a&chksm=f1af26fac6d8afec43791f1e2d2945b5e030bab5b7a6d0c003eff48d2af4aa4bbae72ead9e03&scene=58&subscene=0#rd) +- 锦行科技 + - [ ] [初一 | 新春纳福](https://mp.weixin.qq.com/s?__biz=MzIxNTQxMjQyNg==&mid=2247493740&idx=1&sn=3a548b5f7979b125fbee60be48b4bfe1&chksm=979a13c9a0ed9adf401fe111940f754c8f3d4bbb1467acb1bb58f95ea4f559e1018fe247674a&scene=58&subscene=0#rd) +- 慢雾科技 + - [ ] [慢雾科技祝大家新春快乐,“巳巳”如意!](https://mp.weixin.qq.com/s?__biz=MzU4ODQ3NTM2OA==&mid=2247501035&idx=1&sn=59e84e7659d99a54b6501ec2191845d8&chksm=fddeba6ccaa9337aee73dbfd92a4188959c61acfe765c21c5ddde16c0ddbf61b542525b2bbc8&scene=58&subscene=0#rd) +- M01N Team + - [ ] [AISS大模型安全社区-2025 Roadmap](https://mp.weixin.qq.com/s?__biz=MzkyMTI0NjA3OA==&mid=2247494053&idx=1&sn=6449e25c9c3754c833fdd7ba5435ad70&chksm=c18429b4f6f3a0a25365b3e0d1423573d757fa269aad736ed5aca48ff4b82b278fd73ac03340&scene=58&subscene=0#rd) +- 看雪学苑 + - [ ] [2025新春致谢 | 金蛇纳福启新程](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458589299&idx=1&sn=5e38768a37484f2f38cd5b8da65a095b&chksm=b18c28f986fba1effd30be735d8e492f5a4fe38d1f279119a9b59d2195d68332dff4b59e864c&scene=58&subscene=0#rd) +- 网安国际 + - [ ] [InForSec祝网络安全华人学者春节愉快!](https://mp.weixin.qq.com/s?__biz=MzA4ODYzMjU0NQ==&mid=2652317463&idx=1&sn=3b304079c535abddffd4968cd9d1c718&chksm=8bc4ba99bcb3338f81946371b05c0e130ac7d9cc318f370bedd27002d8321e4fea3c011ad947&scene=58&subscene=0#rd) +- 威胁猎人Threat Hunter + - [ ] [新春快乐,万事如意](https://mp.weixin.qq.com/s?__biz=MzI3NDY3NDUxNg==&mid=2247498914&idx=1&sn=9db465eba52da2dd54e90fb40b843bf6&chksm=eb12da99dc65538f376b96cbd2513fdc29cf6fe94ebdbc01455265051e5acf045c037033aa2e&scene=58&subscene=0#rd) - 极客公园 - - [ ] [Deepseek又出连招:刚发布了超越DALL-E3的多模态模型](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653072968&idx=1&sn=11cc8c1298740ae6a406e012a43af24b&chksm=7e57d3fe49205ae8324716001201a49174026b129e73e59beac316ff24b099213446e9c145a7&scene=58&subscene=0#rd) - - [ ] [DeepSeek 深夜再放大招;迅雷将以 5 亿元人民币收购虎扑;华尔街押注特斯拉销量不达预期 | 极客早知道](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653072955&idx=1&sn=9914ed1021f98e7210793dde585b5219&chksm=7e57d38d49205a9bcb04929242ff2f15dc88cabd8e2a5bd653c4c6d4acf7be07b1ac43ed3df5&scene=58&subscene=0#rd) -- 渊龙Sec安全团队 - - [ ] [红包来袭~渊龙Sec安全团队给您拜年啦!](https://mp.weixin.qq.com/s?__biz=Mzg4NTY0MDg1Mg==&mid=2247485646&idx=1&sn=3d22f63d3e8153286e1ae1195bcac411&chksm=cfa49335f8d31a236cd0fa26b68b4def16aa1290c8b9518cab594a009d47ad6b8de4d578409e&scene=58&subscene=0#rd) -- 纽创信安 - - [ ] [岁序更新 金蛇献瑞 | 纽创信安恭祝大家新春快乐!](https://mp.weixin.qq.com/s?__biz=MzAwNTczMjAzMg==&mid=2650239321&idx=1&sn=8ad3d5a84549a685cce1bf2131792ab5&chksm=831bf2f6b46c7be0a039fddda0d494b7ada4f31312f5439d5db0d7f12999b266967c88677bc4&scene=58&subscene=0#rd) -- 360数字安全 - - [ ] [除夕团圆 蛇年大吉](https://mp.weixin.qq.com/s?__biz=MzA4MTg0MDQ4Nw==&mid=2247579255&idx=1&sn=0a04f442f719d80d0c02c0c756e5d97d&chksm=9f8d267fa8faaf6924f7c8ad2770d1096f234af45121b44e32d356c4927307496d4b4d06fb01&scene=58&subscene=0#rd) + - [ ] [DeepSeek 的爆红,指出了当下 AI 最大困境](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653073010&idx=1&sn=0abd27208a3082b3453f5cb1aa2a1ab7&chksm=7e57d3c449205ad2fcb7960a04020f5000e8f59242b70aada742aaba7fa36482c27141e654d4&scene=58&subscene=0#rd) + - [ ] [宇树领衔,众多黑科技登台蛇年春晚;奥特曼回应 DeepSeek 爆火;抖音李亮评论雷军、余承东直播被封 | 极客早知道](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653072999&idx=1&sn=525ce0f5f5685483f05d575f2d13d51a&chksm=7e57d3d149205ac723fd927a03f590113df2731c5a2fb9d3feff18b23c03ac35ce5defcab466&scene=58&subscene=0#rd) +- 情报分析师 + - [ ] [【卫星图像】金正恩考察朝鲜核物质生产基地和核武器研究所](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650559318&idx=1&sn=f93bc65cb4cf2587b134129cbdca5205&chksm=87117d1db066f40b7f81de93f98091616065d1f49efc6490b8269d09dd1a64ad7d16306602e7&scene=58&subscene=0#rd) + - [ ] [美日韩“抱团”:三国首次会谈聚焦朝鲜核威胁](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650559318&idx=2&sn=eef1bccee4db52de82349056e07e8aca&chksm=87117d1db066f40baf7629cdca97055daa3255b4dc91b397b5d2faef1aef45223fe2f07d2f2c&scene=58&subscene=0#rd) + - [ ] [致情报分析师公众号全体粉丝](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650559318&idx=3&sn=be997ee6361433a289ec6c156aca06a7&chksm=87117d1db066f40ba93fbe99241b3d494eac47afa160be5539c9518622515394ac57f674c92c&scene=58&subscene=0#rd) +- 迪哥讲事 + - [ ] [寻找隐藏参数的利器](https://mp.weixin.qq.com/s?__biz=MzIzMTIzNTM0MA==&mid=2247496975&idx=1&sn=41875f4fcd79a42421188feb25e23889&chksm=e8a5ff6cdfd2767a4c19aa1cb2ccd7bc363b29d6b2c7cc49beb5a3dcf261222c0dec0d6efac2&scene=58&subscene=0#rd) - Over Security - Cybersecurity news aggregator - - [ ] [Sucuri WAF Now Supports HTTP/3: A Faster and More Secure Web Experience](https://blog.sucuri.net/2025/01/sucuri-waf-now-supports-http-3-a-faster-and-more-secure-web-experience.html) - - [ ] [Unmasking FleshStealer: A New Infostealer Threat in 2025](https://flashpoint.io/blog/fleshstealer-infostealer-threat-2025/) - - [ ] [Hackers exploiting flaws in SimpleHelp RMM to breach networks](https://www.bleepingcomputer.com/news/security/hackers-exploiting-flaws-in-simplehelp-rmm-to-breach-networks/) - - [ ] [Google to kill Chrome Sync on older Chrome browser versions](https://www.bleepingcomputer.com/news/google/google-to-kill-chrome-sync-on-older-chrome-browser-versions/) - - [ ] [Prosecutors say they can’t obtain murder conviction after judge throws out evidence from facial recognition match](https://therecord.media/prosecutors-cant-obtain-murder-conviction-after-judge-throws-out-facial-recognition-evidence) - - [ ] [Kali Linux On The New Modern WSL](https://www.kali.org/blog/kali-linux-modern-wsl/) - - [ ] [Ransomware attack kept major energy industry contractor out of some systems for 6 weeks](https://therecord.media/englobal-ransomware-attack-six-weeks-disruption) - - [ ] [Garmin GPS watches crashing, stuck in triangle 'reboot loop'](https://www.bleepingcomputer.com/news/technology/garmin-gps-watches-crashing-stuck-in-triangle-reboot-loop/) - - [ ] [New Apple CPU side-channel attacks steals data from browsers](https://www.bleepingcomputer.com/news/security/new-apple-cpu-side-channel-attack-steals-data-from-browsers/) - - [ ] [Engineering giant Smiths Group discloses security breach](https://www.bleepingcomputer.com/news/security/engineering-giant-smiths-group-discloses-security-breach/) - - [ ] [Apple fixes zero-day flaw affecting all devices](https://techcrunch.com/2025/01/28/apple-fixes-zero-day-flaw-affecting-all-devices/) - - [ ] [Signal will let you sync old messages when linking new devices](https://www.bleepingcomputer.com/news/security/signal-will-let-you-sync-old-messages-when-linking-new-devices/) - - [ ] [EU sanctions Russian intelligence personnel for cyberattacks against Estonia](https://therecord.media/eu-sanctions-gru-personnel-cyberattack-estonia) - - [ ] [What's Yours is Mine: Is Your Business Ready for Cryptojacking Attacks?](https://www.bleepingcomputer.com/news/security/whats-yours-is-mine-is-your-business-ready-for-cryptojacking-attacks/) - - [ ] [PowerSchool starts notifying victims of massive data breach](https://www.bleepingcomputer.com/news/security/powerschool-starts-notifying-victims-of-massive-data-breach/) - - [ ] [Texas utility firm investigating potential leak of customer data tied to 2023 MOVEit breach](https://therecord.media/texas-utility-firm-investigating-potential-data-leak-moveit-breach) - - [ ] [Microsoft tests Edge Scareware Blocker to block tech support scams](https://www.bleepingcomputer.com/news/microsoft/microsoft-tests-edge-scareware-blocker-to-block-tech-support-scams/) - - [ ] [I ransomware contro le appliance ESXi sfruttano il tunneling SSH per la persistenza](https://www.securityinfo.it/2025/01/28/i-ransomware-contro-le-appliance-esxi-sfruttano-il-tunneling-ssh-per-la-persistenza/) - - [ ] [BloodHound Community Edition Custom Queries](https://blog.compass-security.com/2025/01/bloodhound-community-edition-custom-queries/) - - [ ] [Critical Vulnerabilities in Node.js Expose Systems to Remote Attacks](https://cyble.com/blog/critical-vulnerabilities-in-node-js-expose-systems/) - - [ ] [How ANY.RUN Helps Healthcare Organizations Against Ransomware: Interlock Case Study](https://any.run/cybersecurity-blog/interlock-ransomware-attack-analysis/) - - [ ] [New TorNet backdoor seen in widespread campaign](https://blog.talosintelligence.com/new-tornet-backdoor-campaign/) - - [ ] [HeatGames - 647,896 breached accounts](https://haveibeenpwned.com/PwnedWebsites#HeatGames) - - [ ] [phpMyAdmin 5.2.2 Addresses Critical XSS and Library Vulnerabilities](https://cyble.com/blog/phpmyadmin-5-2-2-addresses-critical-xss-and-library/) - - [ ] [Doxbin Scrape - 435,784 breached accounts](https://haveibeenpwned.com/PwnedWebsites#DoxbinScrape) - - [ ] [A Tumultuous Week for Federal Cybersecurity Efforts](https://krebsonsecurity.com/2025/01/a-tumultuous-week-for-federal-cybersecurity-efforts/) -- 山石网科安全技术研究院 - - [ ] [除夕到,喜气绕,家家团圆乐逍遥!](https://mp.weixin.qq.com/s?__biz=MzUzMDUxNTE1Mw==&mid=2247510299&idx=1&sn=e07f4498e637187f6603f941448a5e71&chksm=fa527ca5cd25f5b36ae7505447b8bda768e86084936228fe43918ce274acfa3d23c2fb7f0a1c&scene=58&subscene=0#rd) -- Qualys Security Blog - - [ ] [Securing AI Innovation: Enterprise Strategies for LLM and Generative AI Security](https://blog.qualys.com/category/product-tech) + - [ ] [Hackers are hijacking WordPress sites to push Windows and Mac malware](https://techcrunch.com/2025/01/29/hackers-are-hijacking-wordpress-sites-to-push-windows-and-mac-malware/) + - [ ] [South Africa’s government-run weather service knocked offline by cyberattack](https://therecord.media/south-african-weather-service-cyberattack) + - [ ] [FBI seizes Cracked.io, Nulled.to hacking forums in Operation Talent](https://www.bleepingcomputer.com/news/security/fbi-seizes-crackedio-nulledto-hacking-forums-in-operation-talent/) + - [ ] [Laravel admin package Voyager vulnerable to one-click RCE flaw](https://www.bleepingcomputer.com/news/security/laravel-admin-package-voyager-vulnerable-to-one-click-rce-flaw/) + - [ ] [Italian regulator asks DeepSeek for information about data collection](https://therecord.media/italian-regulator-deepseek-info-collection) + - [ ] [Microsoft investigates Microsoft 365 outage affecting users, admins](https://www.bleepingcomputer.com/news/microsoft/microsoft-investigates-microsoft-365-outage-affecting-users-admins/) + - [ ] [L’IA generativa unifica le interfacce di gestione e migliora la cybersecurity](https://www.securityinfo.it/2025/01/29/lia-generativa-unifica-le-interfacce-di-gestione-e-migliora-la-cybersecurity/) + - [ ] [Industry groups call on Congress to enact federal data privacy law](https://therecord.media/industry-groups-congress-data-privacy) + - [ ] [Poland accuses Russia of recruiting Polish citizens online for election meddling](https://therecord.media/poland-accuses-russia-of-recruiting-citizens-online-for-election-meddling) + - [ ] [FBI seizes domains for Cracked.io, Nulled.to hacking forums](https://www.bleepingcomputer.com/news/security/fbi-seizes-domains-for-crackedio-nulledto-hacking-forums/) + - [ ] [Whatsup Gold, Observium and Offis vulnerabilities](https://blog.talosintelligence.com/whatsup-gold-and-offis-vulnerabilities-2/) + - [ ] [Windows 11's Start menu is getting iPhone and Android integration](https://www.bleepingcomputer.com/news/microsoft/windows-11s-start-menu-is-getting-iphone-and-android-integration/) + - [ ] [UK engineering giant Smiths Group investigating 'unauthorised access' to network](https://therecord.media/smiths-group-uk-cybersecurity-incident) + - [ ] [Maryland healthcare network forced to shut down IT systems after ransomware attack](https://therecord.media/maryland-healthcare-ransomware-frederick-health) + - [ ] [Uncover Hidden Browsing Threats: Get a Free Risk Assessment for GenAI, Identity, Web, and SaaS Risks](https://www.bleepingcomputer.com/news/security/uncover-hidden-browsing-threats-get-a-free-risk-assessment-for-genai-identity-web-and-saas-risks/) + - [ ] [Texas AG warns Kia about sharing driver information with data brokers](https://therecord.media/texas-warns-kia-about-sharing-driver-info-to-data-brokers) + - [ ] [Hackers exploit critical unpatched flaw in Zyxel CPE devices](https://www.bleepingcomputer.com/news/security/hackers-exploit-critical-unpatched-flaw-in-zyxel-cpe-devices/) + - [ ] [January Windows 10 preview update force installs new Outlook](https://www.bleepingcomputer.com/news/microsoft/january-windows-10-preview-update-force-installs-new-outlook/) + - [ ] [Sweden’s elite armed police used helicopter to board suspected sabotage ship](https://therecord.media/sweden-vezhen-ship-armed-police-boarded-helicopter) + - [ ] [New ICS Vulnerabilities Discovered in Schneider Electric and B&R Automation Systems](https://cyble.com/blog/cisa-release-advisories-for-new-ics-vulnerabilities/) + - [ ] [Windows 11 KB5050094 update fixes bugs causing audio issues](https://www.bleepingcomputer.com/news/microsoft/windows-11-kb5050094-update-fixes-bugs-causing-audio-issues/) + - [ ] [Australia’s Health Sector Receives $6.4 Million Cybersecurity Boost with New Threat Information-Sharing Network](https://cyble.com/blog/australia-health-cyber-sharing-network/) + - [ ] [Threat predictions for industrial enterprises 2025](https://securelist.com/industrial-threat-predictions-2025/115327/) + - [ ] [3 Major Cyber Attacks in January 2025](https://any.run/cybersecurity-blog/cyber-attacks-january-2025/) + - [ ] [PlushDaemon: un nuovo gruppo APT cinese colpisce la Corea del Sud. Il report di ESET](https://www.securityinfo.it/2025/01/29/plushdaemon-un-nuovo-gruppo-apt-cinese-colpisce-la-corea-del-sud-il-report-di-eset/) + - [ ] [CVE-2024-49138 Windows CLFS heap-based buffer overflow analysis – Part 1](https://security.humanativaspa.it/cve-2024-49138-windows-clfs-heap-based-buffer-overflow-analysis-part-1/) + - [ ] [CVE-2024-49138 Windows CLFS heap-based buffer overflow analysis – Part 2](https://security.humanativaspa.it/cve-2024-49138-windows-clfs-heap-based-buffer-overflow-analysis-part-2/) + - [ ] [Report: Almost half of state consumer privacy laws fail to protect individuals’ data](https://therecord.media/state-consumer-privacy-laws-failing-to-protect-data) + - [ ] [MGM agrees to pay $45 million to victims of 2019 data breach and 2023 ransomware attack](https://therecord.media/mgm-agrees-45-million-payment-data-breach-ransomware-victims) - Krypt3ia - - [ ] [Krypt3ia Daily Cyber Threat Intelligence (CTI) Digest](https://krypt3ia.wordpress.com/2025/01/28/krypt3ia-daily-cyber-threat-intelligence-cti-digest-4/) -- bellingcat - - [ ] [Faking It: Deepfake Porn Site’s Link to Tech Companies](https://www.bellingcat.com/news/uk-and-europe/2025/01/28/deepfake-porn-sites-link-to-tech-companies/) -- 娜璋AI安全之家 - - [ ] [[AI安全论文] (37)CCS21 DeepAID:基于深度学习的异常检测(解释)](https://mp.weixin.qq.com/s?__biz=Mzg5MTM5ODU2Mg==&mid=2247501274&idx=1&sn=66f331dcd21faf0af18d06e3f0efd75a&chksm=cfcf7517f8b8fc01a40567b8eba774d42edbb3f9fbac3a602848850fc7388186c7e1d3e5aefe&scene=58&subscene=0#rd) -- T00ls安全 - - [ ] [T00ls给您拜年了,祝福大家2025新春快乐,蛇行智敏,万事皆成](https://mp.weixin.qq.com/s?__biz=Mzg3NzYzODU5NQ==&mid=2247484913&idx=1&sn=c0718fb9edf9d2d38143583821a8a591&chksm=cf1ea35df8692a4b0e85b1e99543e79ce895ddc90e98811c9da8eb822d6256dfe62c7c83fb6d&scene=58&subscene=0#rd) + - [ ] [Krypt3ia Daily Cyber Threat Intelligence (CTI) Digest](https://krypt3ia.wordpress.com/2025/01/29/krypt3ia-daily-cyber-threat-intelligence-cti-digest-5/) +- 360数字安全 + - [ ] [大年初一 | 祥蛇纳福,“巳巳”如意](https://mp.weixin.qq.com/s?__biz=MzA4MTg0MDQ4Nw==&mid=2247579267&idx=1&sn=b6b08865f0534077a40f3e336e85bd3f&chksm=9f8d268ba8faaf9d3bdee0d2df3318bb871d372d6f84665b079f0fbac45e747586f5fad7522e&scene=58&subscene=0#rd) - Securityinfo.it - - [ ] [I ransomware contro le appliance ESXi sfruttano il tunneling SSH per la persistenza](https://www.securityinfo.it/2025/01/28/i-ransomware-contro-le-appliance-esxi-sfruttano-il-tunneling-ssh-per-la-persistenza/?utm_source=rss&utm_medium=rss&utm_campaign=i-ransomware-contro-le-appliance-esxi-sfruttano-il-tunneling-ssh-per-la-persistenza) -- SANS Internet Storm Center, InfoCON: green - - [ ] [Fileless Python InfoStealer Targeting Exodus, (Tue, Jan 28th)](https://isc.sans.edu/diary/rss/31630) - - [ ] [ISC Stormcast For Tuesday, January 28th, 2025 https://isc.sans.edu/podcastdetail/9298, (Tue, Jan 28th)](https://isc.sans.edu/diary/rss/31628) -- Hacking Exposed Computer Forensics Blog - - [ ] [Daily Blog #731: Accessing multiple shadow copies at once with AIM](https://www.hecfblog.com/2025/01/daily-blog-731-accessing-multiple.html) -- Have I Been Pwned latest breaches - - [ ] [HeatGames - 647,896 breached accounts](https://haveibeenpwned.com/PwnedWebsites#HeatGames) - - [ ] [Doxbin Scrape - 435,784 breached accounts](https://haveibeenpwned.com/PwnedWebsites#DoxbinScrape) -- 迪哥讲事 - - [ ] [0day 挖到手软,403 到 getshell](https://mp.weixin.qq.com/s?__biz=MzIzMTIzNTM0MA==&mid=2247496966&idx=1&sn=c49dbe1213cb5a1afa836901e2c13038&chksm=e8a5ff65dfd27673a9c0d7fdd99094847b291a7b8434f16f408af60943322f7ba539d1f82082&scene=58&subscene=0#rd) + - [ ] [L’IA generativa unifica le interfacce di gestione e migliora la cybersecurity](https://www.securityinfo.it/2025/01/29/lia-generativa-unifica-le-interfacce-di-gestione-e-migliora-la-cybersecurity/?utm_source=rss&utm_medium=rss&utm_campaign=lia-generativa-unifica-le-interfacce-di-gestione-e-migliora-la-cybersecurity) + - [ ] [PlushDaemon: un nuovo gruppo APT cinese colpisce la Corea del Sud. Il report di ESET](https://www.securityinfo.it/2025/01/29/plushdaemon-un-nuovo-gruppo-apt-cinese-colpisce-la-corea-del-sud-il-report-di-eset/?utm_source=rss&utm_medium=rss&utm_campaign=plushdaemon-un-nuovo-gruppo-apt-cinese-colpisce-la-corea-del-sud-il-report-di-eset) - Schneier on Security - - [ ] [CISA Under Trump](https://www.schneier.com/blog/archives/2025/01/cisa-under-trump.html) -- Kali Linux - - [ ] [Kali Linux On The New Modern WSL](https://www.kali.org/blog/kali-linux-modern-wsl/) -- ICT Security Magazine - - [ ] [Generative Artificial Intelligence (GenAI): Analisi completa di rischi, sicurezza e governance dei sistemi AI](https://www.ictsecuritymagazine.com/articoli/genai/) - - [ ] [Fast Data: l’evoluzione dei Big Data verso l’Analisi in Tempo Reale](https://www.ictsecuritymagazine.com/articoli/fast-data-big-data/) -- The Register - Security - - [ ] [Baguette bandits strike again with ransomware and a side of mockery](https://go.theregister.com/feed/www.theregister.com/2025/01/28/baguettes_bandits_strike_again/) - - [ ] [Protecting AWS environments from cyberthreats](https://go.theregister.com/feed/www.theregister.com/2025/01/28/protecting_aws_environments_from_cyberthreats/) - - [ ] [Security pros more confident about fending off ransomware, despite being battered by attacks](https://go.theregister.com/feed/www.theregister.com/2025/01/28/research_security_pros_gain_ransomware/) - - [ ] [Apple plugs security hole in its iThings that's already been exploited in iOS](https://go.theregister.com/feed/www.theregister.com/2025/01/28/apple_cve_2025_24085/) + - [ ] [ExxonMobil Lobbyist Caught Hacking Climate Activists](https://www.schneier.com/blog/archives/2025/01/exxonmobil-lobbyist-caught-hacking-climate-activists.html) +- Hacking Exposed Computer Forensics Blog + - [ ] [Daily Blog #732: Multiple Identity Provider Disorder](https://www.hecfblog.com/2025/01/daily-blog-732-multiple-identity.html) +- 复旦白泽战队 + - [ ] [复旦白泽给大家拜年啦!祝大家蛇年大吉,巳巳如意,Paper如潮成果丰!](https://mp.weixin.qq.com/s?__biz=MzU4NzUxOTI0OQ==&mid=2247492844&idx=1&sn=a8d82e9664fd92535652abde94911226&chksm=fde86092ca9fe9849b18549438906f871544b38d9a54c8b9d40cfb6fc03b23c01305a77b6ea7&scene=58&subscene=0#rd) - Graham Cluley - - [ ] [The AI Fix #35: Project Stargate, the AI emergency, and batsh*t AI cryonics](https://grahamcluley.com/the-ai-fix-35/) + - [ ] [Ex-worker arrested after ‘shutdown’ of British Museum computer systems](https://www.bitdefender.com/en-us/blog/hotforsecurity/ex-worker-arrested-after-shutdown-of-british-museum-computer-systems) - TorrentFreak - - [ ] [Nintendo Piracy Lawsuit Defendant Makes Dire Situation Even Worse](https://torrentfreak.com/nintendo-piracy-lawsuit-defendant-makes-dire-situation-even-worse-250128/) - - [ ] [LLM Taken Down Following Legal Pressure from Anti-Piracy Group](https://torrentfreak.com/llm-taken-down-following-legal-pressure-from-anti-piracy-group-250128/) -- Deeplinks - - [ ] [EFF to State AGs: Time to Investigate Crisis Pregnancy Centers](https://www.eff.org/deeplinks/2025/01/eff-state-ags-time-investigate-crisis-pregnancy-centers) - - [ ] [What Proponents of Digital Replica Laws Can Learn from the Digital Millennium Copyright Act](https://www.eff.org/deeplinks/2025/01/what-proponents-digital-replica-laws-can-learn-digital-millennium-copyright-act) - - [ ] [California Law Enforcement Misused State Databases More Than 7,000 Times in 2023](https://www.eff.org/deeplinks/2025/01/california-police-misused-state-databases-more-7000-times-2023) - - [ ] [Don't Make Copyright Law in Smoke-Filled Rooms](https://www.eff.org/deeplinks/2025/01/dont-make-copyright-law-smoke-filled-rooms) -- Deep Web - - [ ] [How common was this?](https://www.reddit.com/r/deepweb/comments/1ic3t3w/how_common_was_this/) -- Krebs on Security - - [ ] [A Tumultuous Week for Federal Cybersecurity Efforts](https://krebsonsecurity.com/2025/01/a-tumultuous-week-for-federal-cybersecurity-efforts/) -- Social Engineering - - [ ] [How to avoid telling people my age.](https://www.reddit.com/r/SocialEngineering/comments/1ibtmw0/how_to_avoid_telling_people_my_age/) - - [ ] [Conspiracy Theories are for Opportunists](https://www.reddit.com/r/SocialEngineering/comments/1ic9i2a/conspiracy_theories_are_for_opportunists/) - - [ ] [How this can be dealt with social engineering](https://www.reddit.com/r/SocialEngineering/comments/1ibxr83/how_this_can_be_dealt_with_social_engineering/) -- The Hacker News - - [ ] [PureCrypter Deploys Agent Tesla and New TorNet Backdoor in Ongoing Cyberattacks](https://thehackernews.com/2025/01/purecrypter-deploys-agent-tesla-and-new.html) - - [ ] [OAuth Redirect Flaw in Airline Travel Integration Exposes Millions to Account Hijacking](https://thehackernews.com/2025/01/oauth-redirect-flaw-in-airline-travel.html) - - [ ] [AI SOC Analysts: Propelling SecOps into the future](https://thehackernews.com/2025/01/ai-soc-analysts-propelling-secops-into.html) - - [ ] [Ransomware Targets ESXi Systems via Stealthy SSH Tunnels for C2 Operations](https://thehackernews.com/2025/01/ransomware-targets-esxi-systems-via.html) - - [ ] [How Long Does It Take Hackers to Crack Modern Hashing Algorithms?](https://thehackernews.com/2025/01/how-long-does-it-take-hackers-to-crack.html) - - [ ] [Top-Rated Chinese AI App DeepSeek Limits Registrations Amid Cyberattacks](https://thehackernews.com/2025/01/top-rated-chinese-ai-app-deepseek.html) - - [ ] [E.U. Sanctions 3 Russian Nationals for Cyber Attacks Targeting Estonia’s Key Ministries](https://thehackernews.com/2025/01/eu-sanctions-3-russian-nationals-for.html) - - [ ] [Apple Patches Actively Exploited Zero-Day Affecting iPhones, Macs, and More](https://thehackernews.com/2025/01/apple-patches-actively-exploited-zero.html) + - [ ] [New Bill Aims to Block Foreign Pirate Sites in the U.S.](https://torrentfreak.com/new-bill-aims-to-block-foreign-pirate-sites-in-the-u-s-250129/) + - [ ] [TorrentGalaxy Pleads Financial Difficulties, Asks Users to Chip In](https://torrentfreak.com/torrentgalaxy-pleads-financial-difficulties-asks-users-to-chip-in-250129/) +- The Register - Security + - [ ] [North Koreans clone open source projects to plant backdoors, steal credentials](https://go.theregister.com/feed/www.theregister.com/2025/01/29/lazarus_groups_supply_chain_attack/) + - [ ] [Why is my Mitel phone DDoSing strangers? Oh, it was roped into a new Mirai botnet](https://go.theregister.com/feed/www.theregister.com/2025/01/29/ddos_attacks_aquabot_mitel/) + - [ ] [Transform your approach to data security](https://go.theregister.com/feed/www.theregister.com/2025/01/29/transform_your_approach_to_data/) + - [ ] ['Bro delete the chat': Feel the panic shortly before cops bust major online fraud ring](https://go.theregister.com/feed/www.theregister.com/2025/01/29/otp_agency_convicted/) + - [ ] [Spending watchdog blasts UK govt over sloth-like progress to shore up IT defenses](https://go.theregister.com/feed/www.theregister.com/2025/01/29/nao_blasts_uk_gov_cyber/) + - [ ] [The curious story of Uncle Sam's HR dept, a hastily set up email server, and fears of another cyber disaster](https://go.theregister.com/feed/www.theregister.com/2025/01/29/opm_email_lawsuit/) + - [ ] [SLAP, Apple, and FLOP: Safari, Chrome at risk of data theft on iPhone, Mac, iPad Silicon](https://go.theregister.com/feed/www.theregister.com/2025/01/29/flop_and_slap_attacks_apple_silicon/) - Security Affairs - - [ ] [VMware fixed a flaw in Avi Load Balancer](https://securityaffairs.com/173569/security/vmware-fixed-avi-load-balancer-flaw.html) - - [ ] [Ransomware attack on ENGlobal compromised personal information](https://securityaffairs.com/173566/cyber-crime/englobal-disclosed-a-ransomware-attack.html) - - [ ] [EU announced sanctions on three members of Russia’s GRU Unit 29155](https://securityaffairs.com/173555/security/eu-sanctions-russias-gru-unit-29155.html) - - [ ] [Chinese AI platform DeepSeek faced a “large-scale” cyberattack](https://securityaffairs.com/173546/security/chinese-ai-platform-deepseek-faced-a-large-scale-cyberattack.html) -- Palo Alto Networks Blog - - [ ] [C-Suite Leaders Embrace Platformization for Security Success](https://www.paloaltonetworks.com/blog/2025/01/growing-need-cybersecurity-platformization/) -- Technical Information Security Content & Discussion - - [ ] [Single QR Code, Two Different URLs](https://www.reddit.com/r/netsec/comments/1ic8mmx/single_qr_code_two_different_urls/) - - [ ] [A Missed Opportunity: Weak Password Hashing in VxWorks 6.9 and 7](https://www.reddit.com/r/netsec/comments/1ibxbp1/a_missed_opportunity_weak_password_hashing_in/) - - [ ] [Using AiTM to phish for access- and refreshtokens](https://www.reddit.com/r/netsec/comments/1ic2mc4/using_aitm_to_phish_for_access_and_refreshtokens/) + - [ ] [U.S. CISA adds Apple products’ flaw to its Known Exploited Vulnerabilities catalog](https://securityaffairs.com/173622/hacking/us-cisa-adds-apple-products-flaw-known-exploited-vulnerabilities-catalog.html) + - [ ] [Aquabot variant v3 targets Mitel SIP phones](https://securityaffairs.com/173607/breaking-news/aquabot-variant-v3-targets-mitel-sip-phones.html) + - [ ] [Critical remote code execution bug found in Cacti framework](https://securityaffairs.com/173597/security/critical-rce-cacti-framework.html) + - [ ] [Attackers actively exploit a critical zero-day in Zyxel CPE Series devices](https://securityaffairs.com/173589/hacking/zyxel-cpe-series-devices-cve-2024-40891-exploited.html) + - [ ] [Attackers exploit SimpleHelp RMM Software flaws for initial access](https://securityaffairs.com/173578/security/attackers-exploit-simplehelp-rmm-software-flaws.html) +- bellingcat + - [ ] [M23 Rebels Consolidate Control over Key City in DR Congo](https://www.bellingcat.com/news/2025/01/29/m23-rebels-goma-congo-fighting-clashes-drc-kivu-control/) - Instapaper: Unread - - [ ] [Exterro Launches INFORM A Ground-Breaking Global Webinar Series To Advance Digital Forensics](https://www.forensicfocus.com/news/exterro-launches-inform-a-ground-breaking-global-webinar-series-to-advance-digital-forensics/) - - [ ] [Being a tool while using a tool](https://www.hexacorn.com/blog/2025/01/25/being-a-tool-while-using-a-tool/) - - [ ] [Android's New Identity Check Feature Locks Device Settings Outside Trusted Locations](https://thehackernews.com/2025/01/androids-new-identity-check-feature.html) - - [ ] [USB Army Knife The Ultimate Close Access Penetest Tool](https://www.mobile-hacker.com/2025/01/24/usb-army-knife-the-ultimate-close-access-penetest-tool/) -- Full Disclosure - - [ ] [APPLE-SA-01-27-2025-9 Safari 18.3](https://seclists.org/fulldisclosure/2025/Jan/20) - - [ ] [APPLE-SA-01-27-2025-8 tvOS 18.3](https://seclists.org/fulldisclosure/2025/Jan/19) - - [ ] [APPLE-SA-01-27-2025-7 watchOS 11.3](https://seclists.org/fulldisclosure/2025/Jan/18) - - [ ] [APPLE-SA-01-27-2025-6 macOS Ventura 13.7.3](https://seclists.org/fulldisclosure/2025/Jan/17) - - [ ] [APPLE-SA-01-27-2025-5 macOS Sonoma 14.7.3](https://seclists.org/fulldisclosure/2025/Jan/16) - - [ ] [APPLE-SA-01-27-2025-4 macOS Sequoia 15.3](https://seclists.org/fulldisclosure/2025/Jan/15) - - [ ] [APPLE-SA-01-27-2025-3 iPadOS 17.7.4](https://seclists.org/fulldisclosure/2025/Jan/14) - - [ ] [APPLE-SA-01-27-2025-2 iOS 18.3 and iPadOS 18.3](https://seclists.org/fulldisclosure/2025/Jan/13) - - [ ] [APPLE-SA-01-27-2025-1 visionOS 2.3](https://seclists.org/fulldisclosure/2025/Jan/12) - - [ ] [AutoLib Software Systems OPAC Version.20.10 | Exposure of Sensitive Information | CVE-2024-48310](https://seclists.org/fulldisclosure/2025/Jan/11) - - [ ] [SEC Consult SA-20250127-0 :: Weak Password Hashing Algorithms in Wind River Software VxWorks RTOS](https://seclists.org/fulldisclosure/2025/Jan/10) - - [ ] [Host Header Injection - atutorv2.2.4](https://seclists.org/fulldisclosure/2025/Jan/9) - - [ ] [Reflected XSS - atutorv2.2.4](https://seclists.org/fulldisclosure/2025/Jan/8) -- Information Security - - [ ] [Alert: A recruiter tried to hack me!!](https://www.reddit.com/r/Information_Security/comments/1icazu3/alert_a_recruiter_tried_to_hack_me/) + - [ ] [FBI seizes domains for Cracked.io, Nulled.to hacking forums](https://www.bleepingcomputer.com/news/security/fbi-seizes-domains-for-crackedio-nulledto-hacking-forums/) + - [ ] [WhatsApp’s Image “View Once” Feature Flaw Allowing Unlimited Views](https://cybersecuritynews.com/whatsapp-view-once-flaw/) + - [ ] [State-sponsored Actors Abusing Gemini to Fuel Cyber Attacks](https://cybersecuritynews.com/state-sponsored-actors-abusing-gemini/) + - [ ] [DeepSeek R1 Jailbroken to Generate Ransomware Development Scripts](https://cybersecuritynews.com/deepseek-r1-jailbroken-ransomware/) + - [ ] [Stratoshark – Wireshark Has Got a Friend for Cloud](https://cybersecuritynews.com/stratoshark/) + - [ ] [How Long Does It Take Hackers to Crack Modern Hashing Algorithms](https://thehackernews.com/2025/01/how-long-does-it-take-hackers-to-crack.html) + - [ ] [This new Android feature protects your phone, even if someone has your PIN](https://www.zdnet.com/article/this-new-android-feature-protects-your-phone-even-if-someone-has-your-pin/) +- Your Open Hacker Community + - [ ] [So You Want To Work in Cyber Security?](https://www.reddit.com/r/HowToHack/comments/1id21do/so_you_want_to_work_in_cyber_security/) + - [ ] [Im (almost) 16 and want to learn ethical hacking, any advice?](https://www.reddit.com/r/HowToHack/comments/1icxorh/im_almost_16_and_want_to_learn_ethical_hacking/) + - [ ] [Is there any way I can get a list of hashes?](https://www.reddit.com/r/HowToHack/comments/1id61ki/is_there_any_way_i_can_get_a_list_of_hashes/) + - [ ] [Any advice to start?](https://www.reddit.com/r/HowToHack/comments/1iczrw1/any_advice_to_start/) + - [ ] [Trap phone](https://www.reddit.com/r/HowToHack/comments/1id7boc/trap_phone/) + - [ ] [What is a fraud?](https://www.reddit.com/r/HowToHack/comments/1id20l8/what_is_a_fraud/) + - [ ] [What should I move onto?](https://www.reddit.com/r/HowToHack/comments/1icpms1/what_should_i_move_onto/) + - [ ] [How to find dark web site links](https://www.reddit.com/r/HowToHack/comments/1id0bl8/how_to_find_dark_web_site_links/) + - [ ] [Im turning 17 this year, and i have already started learning ethical hacking since 2020, and i have taken some paid courses and completed those and currently im just training in ctf and htb, i need to learn more in hacking, any recommendations?](https://www.reddit.com/r/HowToHack/comments/1icov3b/im_turning_17_this_year_and_i_have_already/) + - [ ] [So basically I want to learn how to hack into my old social media where do I start](https://www.reddit.com/r/HowToHack/comments/1icvut2/so_basically_i_want_to_learn_how_to_hack_into_my/) + - [ ] [noob questions 2: from nmap to metasploit](https://www.reddit.com/r/HowToHack/comments/1icju15/noob_questions_2_from_nmap_to_metasploit/) + - [ ] [How to crack a phone pass](https://www.reddit.com/r/HowToHack/comments/1icqs7v/how_to_crack_a_phone_pass/) + - [ ] [Where do i get flipper zero here in india?](https://www.reddit.com/r/HowToHack/comments/1icooi1/where_do_i_get_flipper_zero_here_in_india/) + - [ ] [Hi I'm 14 and wanna be a ethical hacker and I'm wondering where to start?](https://www.reddit.com/r/HowToHack/comments/1iclkz2/hi_im_14_and_wanna_be_a_ethical_hacker_and_im/) + - [ ] [Help](https://www.reddit.com/r/HowToHack/comments/1icjzs0/help/) + - [ ] [What is the best hacking software to send attacks (2025)](https://www.reddit.com/r/HowToHack/comments/1ick00s/what_is_the_best_hacking_software_to_send_attacks/) +- Computer Forensics + - [ ] [Richard Green's Updated Report for Karen Read Trial 2:27 Hos long to die](https://www.reddit.com/r/computerforensics/comments/1iczkut/richard_greens_updated_report_for_karen_read/) + - [ ] [ASHATA Mini Body Camera](https://www.reddit.com/r/computerforensics/comments/1id7w7p/ashata_mini_body_camera/) + - [ ] [BCFE / Digital Forensics Career Entry Question](https://www.reddit.com/r/computerforensics/comments/1icw0q0/bcfe_digital_forensics_career_entry_question/) + - [ ] [BREW Help](https://www.reddit.com/r/computerforensics/comments/1iclcjn/brew_help/) + - [ ] [FBI didn’t need to crack Tor or Bitcoin to catch Ulbricht—his old forum posts did the job. If you want to see how small OPSEC mistakes can be fatal, we broke it all down](https://www.reddit.com/r/computerforensics/comments/1icpd7d/fbi_didnt_need_to_crack_tor_or_bitcoin_to_catch/) - netsecstudents: Subreddit for students studying Network Security and its related subjects - - [ ] [WGU vs KU vs Certs, Advice](https://www.reddit.com/r/netsecstudents/comments/1ibpt0b/wgu_vs_ku_vs_certs_advice/) + - [ ] [So You Want To Work in Cyber Security?](https://www.reddit.com/r/netsecstudents/comments/1iczqhp/so_you_want_to_work_in_cyber_security/) + - [ ] [How to get into Soc](https://www.reddit.com/r/netsecstudents/comments/1icxb62/how_to_get_into_soc/) - Blackhat Library: Hacking techniques and research - - [ ] [Tails/Encrypted Coms](https://www.reddit.com/r/blackhat/comments/1icc3nu/tailsencrypted_coms/) -- Computer Forensics - - [ ] [Forensic sofwtare licensing question - key fobs - sanderson sqlite, elcomsoft forensic toolkit](https://www.reddit.com/r/computerforensics/comments/1icapio/forensic_sofwtare_licensing_question_key_fobs/) - - [ ] [Where does Autopsy store my own keywords?](https://www.reddit.com/r/computerforensics/comments/1icfrt8/where_does_autopsy_store_my_own_keywords/) - - [ ] [Is this how digital forensic recovery of deleted instant messages works?](https://www.reddit.com/r/computerforensics/comments/1ibw3bh/is_this_how_digital_forensic_recovery_of_deleted/) - - [ ] [Recovering deleted messages with an FFS and unallocated space](https://www.reddit.com/r/computerforensics/comments/1ibwhuu/recovering_deleted_messages_with_an_ffs_and/) - - [ ] [MacOS hardware encrypted volume](https://www.reddit.com/r/computerforensics/comments/1ic16ij/macos_hardware_encrypted_volume/) -- Your Open Hacker Community - - [ ] [Reverse engineering Xbox One Controller USB communication protocol.](https://www.reddit.com/r/HowToHack/comments/1icc6sw/reverse_engineering_xbox_one_controller_usb/) - - [ ] [best wordlist/rules attacks for pkmid+eapol](https://www.reddit.com/r/HowToHack/comments/1iccsq1/best_wordlistrules_attacks_for_pkmideapol/) - - [ ] [Can finding /etc/passwd file of a site be counted as a vulnerability?](https://www.reddit.com/r/HowToHack/comments/1ic5gm0/can_finding_etcpasswd_file_of_a_site_be_counted/) - - [ ] [Decrypt PPPoE password from config](https://www.reddit.com/r/HowToHack/comments/1icczi6/decrypt_pppoe_password_from_config/) - - [ ] [Huawei EG8145V5 GPON router password](https://www.reddit.com/r/HowToHack/comments/1ic9c76/huawei_eg8145v5_gpon_router_password/) - - [ ] [Advanced learning](https://www.reddit.com/r/HowToHack/comments/1ibxexn/advanced_learning/) - - [ ] [Is little but consistent study enough?](https://www.reddit.com/r/HowToHack/comments/1ibq381/is_little_but_consistent_study_enough/) - - [ ] [How to get the first job?](https://www.reddit.com/r/HowToHack/comments/1ibu8nd/how_to_get_the_first_job/) - - [ ] [some questions from someone interested](https://www.reddit.com/r/HowToHack/comments/1ibtrxe/some_questions_from_someone_interested/) - - [ ] [noob questions 1:](https://www.reddit.com/r/HowToHack/comments/1ibq10e/noob_questions_1/) - - [ ] [VMWARE OR VIRTUALBOX?](https://www.reddit.com/r/HowToHack/comments/1ic2h2w/vmware_or_virtualbox/) - - [ ] [my ig account was hacked and i need to hack back into it 😭 can someone help](https://www.reddit.com/r/HowToHack/comments/1ic1izl/my_ig_account_was_hacked_and_i_need_to_hack_back/) - - [ ] [how to find people on other websites?](https://www.reddit.com/r/HowToHack/comments/1ibziyg/how_to_find_people_on_other_websites/) - - [ ] [Is there a way to recover hacked facebook account, basically I don't have any acces to that account](https://www.reddit.com/r/HowToHack/comments/1ibqxfs/is_there_a_way_to_recover_hacked_facebook_account/) - - [ ] [My parents block me from the internet](https://www.reddit.com/r/HowToHack/comments/1ibqk2x/my_parents_block_me_from_the_internet/) + - [ ] [my midjourney api didn't make it, but it still works](https://www.reddit.com/r/blackhat/comments/1id406q/my_midjourney_api_didnt_make_it_but_it_still_works/) + - [ ] [LinkedIn Accounts provider?](https://www.reddit.com/r/blackhat/comments/1icha04/linkedin_accounts_provider/) +- The Hacker News + - [ ] [Lazarus Group Uses React-Based Admin Panel to Control Global Cyber Attacks](https://thehackernews.com/2025/01/lazarus-group-uses-react-based-admin.html) + - [ ] [AI in Cybersecurity: What's Effective and What’s Not – Insights from 200 Experts](https://thehackernews.com/2025/01/ai-in-cybersecurity-whats-effective-and.html) + - [ ] [New SLAP & FLOP Attacks Expose Apple M-Series Chips to Speculative Execution Exploits](https://thehackernews.com/2025/01/new-slap-flop-attacks-expose-apple-m.html) + - [ ] [How Interlock Ransomware Infects Healthcare Organizations](https://thehackernews.com/2025/01/how-interlock-ransomware-infects.html) + - [ ] [Critical Cacti Security Flaw (CVE-2025-22604) Enables Remote Code Execution](https://thehackernews.com/2025/01/critical-cacti-security-flaw-cve-2025.html) + - [ ] [UAC-0063 Expands Cyber Attacks to European Embassies Using Stolen Documents](https://thehackernews.com/2025/01/uac-0063-expands-cyber-attacks-to.html) + - [ ] [Broadcom Warns of High-Severity SQL Injection Flaw in VMware Avi Load Balancer](https://thehackernews.com/2025/01/broadcom-warns-of-high-severity-sql.html) + - [ ] [Zyxel CPE Devices Face Active Exploitation Due to Unpatched CVE-2024-40891 Vulnerability](https://thehackernews.com/2025/01/zyxel-cpe-devices-face-active.html) +- Social Engineering + - [ ] [When someone tells a story, what kind of questions can you ask which shows your engaged?](https://www.reddit.com/r/SocialEngineering/comments/1id7wix/when_someone_tells_a_story_what_kind_of_questions/) +- Technical Information Security Content & Discussion + - [ ] [CVE-2024-46507: Yeti Platform Server-Side Template Injection (SSTI)](https://www.reddit.com/r/netsec/comments/1id0ccq/cve202446507_yeti_platform_serverside_template/) + - [ ] [CVE-2024-49138 Windows CLFS heap-based buffer overflow analysis](https://www.reddit.com/r/netsec/comments/1icpgd8/cve202449138_windows_clfs_heapbased_buffer/) +- Trend Micro Research, News and Perspectives + - [ ] [ASRM: A New Pillar for Cyber Insurance Underwriting](https://www.trendmicro.com/en_us/research/25/a/asrm-cyber-insurance-underwriting.html) +- Palo Alto Networks Blog + - [ ] [IoMT Security Is Critical as Patients Take Control of Own Healthcare](https://www.paloaltonetworks.com/blog/2025/01/iomt-security-is-critical/) +- Deep Web + - [ ] [Onion link lisk shutdown](https://www.reddit.com/r/deepweb/comments/1icjy0g/onion_link_lisk_shutdown/) + - [ ] [experienced/long-term deep web users, what kind of life do y’all live?](https://www.reddit.com/r/deepweb/comments/1icqrs3/experiencedlongterm_deep_web_users_what_kind_of/) + - [ ] [Hackers](https://www.reddit.com/r/deepweb/comments/1icl028/hackers/) +- Dark Space Blogspot + - [ ] [Storie Di Collassi Di Fondi, Banche e Società (Trading e Investimenti)](http://darkwhite666.blogspot.com/2025/01/storie-di-collassi-di-fondi-banche-e.html) - Security Weekly Podcast Network (Audio) - - [ ] [DeepSeek, AIDs, Sex Crime, Microsoft, PayPal, GetHub, Joshua Marpet and More - SWN #446](http://sites.libsyn.com/18678/deepseek-aids-sex-crime-microsoft-paypal-gethub-joshua-marpet-and-more-swn-446) - - [ ] [Security the AI SDLC - Niv Braun - ASW #315](http://sites.libsyn.com/18678/security-the-ai-sdlc-niv-braun-asw-315) + - [ ] [AI in 2025: The Shifting Regulatory Landscape For Artificial Intelligence - BSW #380](http://sites.libsyn.com/18678/ai-in-2025-the-shifting-regulatory-landscape-for-artificial-intelligence-bsw-380) - Daniel Miessler - - [ ] [AI's Total Addressable Market](https://danielmiessler.com/blog/ai-tam) + - [ ] [AI Novels Are Coming](https://danielmiessler.com/blog/ai-novels) From 52dfc6a4ad00776c192255990c4b971e16d96774 Mon Sep 17 00:00:00 2001 From: chainreactorbot Date: Fri, 31 Jan 2025 02:45:13 +0000 Subject: [PATCH 24/29] =?UTF-8?q?=E6=AF=8F=E6=97=A5=E5=AE=89=E5=85=A8?= =?UTF-8?q?=E8=B5=84=E8=AE=AF=EF=BC=882025-01-31=EF=BC=89?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- archive/daily/2025/2025-01-31.md | 383 ++++++++++++++++ archive/tmp/2025-01-31.json | 443 ++++++++++++++++++ today.md | 756 +++++++++++++++---------------- 3 files changed, 1187 insertions(+), 395 deletions(-) create mode 100644 archive/daily/2025/2025-01-31.md create mode 100644 archive/tmp/2025-01-31.json diff --git a/archive/daily/2025/2025-01-31.md b/archive/daily/2025/2025-01-31.md new file mode 100644 index 0000000000..97a033cc41 --- /dev/null +++ b/archive/daily/2025/2025-01-31.md @@ -0,0 +1,383 @@ +# 每日安全资讯(2025-01-31) + +- SecWiki News + - [ ] [SecWiki News 2025-01-30 Review](http://www.sec-wiki.com/?2025-01-30) +- bunnie's blog + - [ ] [Name that Ware, January 2025](https://www.bunniestudios.com/blog/2025/name-that-ware-january-2025/) + - [ ] [Winner, Name that Ware December 2024](https://www.bunniestudios.com/blog/2025/winner-name-that-ware-december-2024/) +- Security Boulevard + - [ ] [2025 predictions: Security industry](https://securityboulevard.com/2025/01/2025-predictions-security-industry/) + - [ ] [Preparing for PCI DSS 4.0: How Sonatype SBOM Manager can streamline and accelerate your transition](https://securityboulevard.com/2025/01/preparing-for-pci-dss-4-0-how-sonatype-sbom-manager-can-streamline-and-accelerate-your-transition/) + - [ ] [Trust in Cloud Security with Effective Secrets Rotation](https://securityboulevard.com/2025/01/trust-in-cloud-security-with-effective-secrets-rotation/) + - [ ] [Innovative PAM Strategies for Modern Enterprises](https://securityboulevard.com/2025/01/innovative-pam-strategies-for-modern-enterprises/) + - [ ] [Advancing Cloud Compliance with Proactive Measures](https://securityboulevard.com/2025/01/advancing-cloud-compliance-with-proactive-measures/) + - [ ] [Hiya AI Phone App Protects Against Deepfakes, Other Scams](https://securityboulevard.com/2025/01/hiya-ai-phone-app-protects-against-deepfakes-other-scams/) + - [ ] [DEF CON 32 – Color Blasted Badge Making: How Hard Could It Be](https://securityboulevard.com/2025/01/def-con-32-color-blasted-badge-making-how-hard-could-it-be/) + - [ ] [2025’s Top Five Trends in Identity Verification](https://securityboulevard.com/2025/01/2025s-top-five-trends-in-identity-verification/) + - [ ] [Next Steps from the PCI Council’s SAQ-A Update: Critical Responsibilities and Opportunities for PSPs](https://securityboulevard.com/2025/01/next-steps-from-the-pci-councils-saq-a-update-critical-responsibilities-and-opportunities-for-psps/) + - [ ] [Assessing the New SAQ-A Changes: Insights for QSAs](https://securityboulevard.com/2025/01/assessing-the-new-saq-a-changes-insights-for-qsas/) +- Hacking Articles + - [ ] [AD Recon: Kerberos Username Bruteforce](https://www.hackingarticles.in/ad-recon-kerberos-username-bruteforce/) +- Sukka's Blog + - [ ] [2024:浏览器从 A 到 Z](https://blog.skk.moe/post/2024-browser-from-a-to-z/) +- Doonsec's feed + - [ ] [秦安:特朗普“半夜清洗”,解雇17名检察长,成三位一体反腐布局](https://mp.weixin.qq.com/s?__biz=MzA5MDg1MDUyMA==&mid=2650476392&idx=1&sn=11cf99bd5faf07695e3ac89ec70c72aa) + - [ ] [张志坤:巴拿马运河争夺战,真正目标是中国](https://mp.weixin.qq.com/s?__biz=MzA5MDg1MDUyMA==&mid=2650476392&idx=2&sn=4135a1c0538e4e13d4e225ad3de60ac2) + - [ ] [牟林:关于无人武器作战的战略思考](https://mp.weixin.qq.com/s?__biz=MzA5MDg1MDUyMA==&mid=2650476392&idx=3&sn=c0854894545a61159ff4423409fe77fe) + - [ ] [牟林:靠征关税致富做得到吗?](https://mp.weixin.qq.com/s?__biz=MzA5MDg1MDUyMA==&mid=2650476392&idx=4&sn=a54df395e2fe825567a13f177b2f1ed2) + - [ ] [Loggy - Introduce to reverseing golang binary](https://mp.weixin.qq.com/s?__biz=Mzg4NzU4MDE5NQ==&mid=2247484272&idx=1&sn=b38cb2dd664786c222e314a789b7da40) + - [ ] [byd红客](https://mp.weixin.qq.com/s?__biz=MzkyNTQ0OTYxOQ==&mid=2247483988&idx=1&sn=5b25e95ccbd765424198f50243e7edf7) + - [ ] [【速报】github 挂了?(世界就是一个巨大的草台班子)](https://mp.weixin.qq.com/s?__biz=Mzg4NzgzMjUzOA==&mid=2247485449&idx=1&sn=2e621cb2afe5e511ac88f055da981272) + - [ ] [Kali下安装与使用BeEF:反射型与存储型XSS攻击、Cookie会话劫持、键盘监听及浏览器操控技巧](https://mp.weixin.qq.com/s?__biz=MzU2MTc4NTEyNw==&mid=2247486453&idx=1&sn=cd3057994dfa4e6a29c9d70b342f9e8a) + - [ ] [起](https://mp.weixin.qq.com/s?__biz=MzAwMjQ2NTQ4Mg==&mid=2247496866&idx=1&sn=50672ddfb00ba89a961f457c1121f0f1) + - [ ] [(吃瓜)Github疑似遭受ddos攻击](https://mp.weixin.qq.com/s?__biz=MzkzNjczNzEyMw==&mid=2247484164&idx=1&sn=0e0f18f1790d8e9a2fd97d76ed9ff8eb) + - [ ] [特朗普“午夜清洗”:17名监察长“下马”,法律争议“炸锅](https://mp.weixin.qq.com/s?__biz=MzkwNzM0NzA5MA==&mid=2247505045&idx=1&sn=d3b57f2d70f4497ba9e6bd0d3792b39b) + - [ ] [印度卫星对接成功:技术存在局限性](https://mp.weixin.qq.com/s?__biz=MzkwNzM0NzA5MA==&mid=2247505045&idx=2&sn=1f9e6ca2b9e492d72bd16233e83dcf9c) + - [ ] [大家一起ddos白宫](https://mp.weixin.qq.com/s?__biz=MzkyOTQzNjIwNw==&mid=2247491639&idx=1&sn=ea6a2bb14d619f5834396d7fe8ebf609) + - [ ] [研究完威胁分类,才发现我们平时谈的“以威胁为中心”都是假的!](https://mp.weixin.qq.com/s?__biz=MzAxOTk3NTg5OQ==&mid=2247492288&idx=1&sn=4a85f9ccfbc35e9f52f817bc25f4ce10) + - [ ] [世界需要一个能谋善断的AI(三)决策的厚重:人类世界是如何被“选择”塑造的?](https://mp.weixin.qq.com/s?__biz=MzAxOTk3NTg5OQ==&mid=2247492288&idx=2&sn=416787d4505f6a7bf562f91bcf9f37cd) + - [ ] [DeepSeek-R1:通过强化学习激励LLM的推理能力](https://mp.weixin.qq.com/s?__biz=MjM5OTk4MDE2MA==&mid=2655264879&idx=1&sn=74c7f7b47fbb79364c8dc55264481f92) + - [ ] [分享图片](https://mp.weixin.qq.com/s?__biz=MzI3Njc1MjcxMg==&mid=2247494399&idx=1&sn=21a59287adb50dc4b945b2325e795fe4) + - [ ] [SpiderX-V2.0发布 解锁JS加密新姿势攻防武器](https://mp.weixin.qq.com/s?__biz=MzkxOTU3MDY4MQ==&mid=2247484842&idx=1&sn=29eca64227216346731e46e212de2a92) + - [ ] [量子计算机时代的汽车系统的嵌入式安全](https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247620255&idx=1&sn=610c3bff71970b4fbc041a0177ee93fd) + - [ ] [揭开人工智能在交通网络安全中的神秘面纱](https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247620255&idx=2&sn=c361a268b2ef526cf5e44433248d1d13) + - [ ] [车辆网络处理器上的后量子安全启动](https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247620255&idx=3&sn=ee30d942f28072654d6b335624aea228) + - [ ] [新年开工啦](https://mp.weixin.qq.com/s?__biz=MzIzODMyMzQxNQ==&mid=2247484490&idx=1&sn=379870838aa89954061ce91a8fe22392) + - [ ] [揭秘土耳其“红皮书”:真相还是阴谋?](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650559341&idx=1&sn=517465083ba598dcfc9d243a3f11d1c9) + - [ ] [中亚新位置:美国到底是“机遇”还是“陷阱”?](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650559341&idx=2&sn=58f2aa6cb8bf4e2d52982ba4dc461e34) + - [ ] [深入浅出API测试|搜集分析与漏洞挖掘实战](https://mp.weixin.qq.com/s?__biz=MzIzMTIzNTM0MA==&mid=2247496981&idx=1&sn=1b88708a474086d96cf22a9428c93835) + - [ ] [网络运维工程师如何高效运维数据中心,记住这6条定律!](https://mp.weixin.qq.com/s?__biz=MzUyNTExOTY1Nw==&mid=2247528027&idx=1&sn=bb96422660e09519af965fecc213d4cf) + - [ ] [春节假期7个基本网络安全提示](https://mp.weixin.qq.com/s?__biz=MzA5MzU5MzQzMA==&mid=2652114269&idx=1&sn=731f251283d6f584e16dd15c5f0f1b4f) + - [ ] [为什么DDoS攻击如此致命?](https://mp.weixin.qq.com/s?__biz=MzIyMzIwNzAxMQ==&mid=2649464754&idx=1&sn=df89b63da565ca06f6419c818442ef13) + - [ ] [利用DeepSeek进行java代码审计,好用!](https://mp.weixin.qq.com/s?__biz=MzkxNjQyODY5MA==&mid=2247487042&idx=1&sn=256d32002fcf342d7770b39c1d41f695) + - [ ] [收藏 | dotNet安全矩阵 2024 年度目标权限维持阶段文章和工具汇总](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498569&idx=1&sn=a273094850e815c5dccaf5c9fbb7956f) + - [ ] [国内最专业、最全面的 [ .NET 代码审计 ] 体系化学习交流社区](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498569&idx=2&sn=efe5abab1b53aa0c37945f18fbfb5043) + - [ ] [收藏 | dotNet安全矩阵 2024 年度外网入口打点阶段文章和工具汇总](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498569&idx=3&sn=b5363f2569c8b2f819bc9d52cc71cc79) + - [ ] [2024年,安全厂商为什么这么惨?](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485482&idx=1&sn=ccf61766565e0badd0172f57ee1728f1) + - [ ] [【干货原创】实网攻防演习常态化,会带来什么变化01](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485482&idx=4&sn=919cc9d33961ed8e6a35eede596478de) + - [ ] [【干货原创】K12教育,鲜为人知的模式秘密](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485482&idx=5&sn=bf335b4022071ba93823b812090acee6) + - [ ] [原创文章目录](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485482&idx=6&sn=3ff7227d97237b358e80b064be4215f2) + - [ ] [四川大学网安少年班](https://mp.weixin.qq.com/s?__biz=Mzg4NDg3NjE5MQ==&mid=2247485616&idx=1&sn=5255daa9a5e28be2c73d156eeb167ad5) + - [ ] [世界经济论坛《2025年全球网络安全展望》报告一览](https://mp.weixin.qq.com/s?__biz=MzU0MDc5ODM0Mg==&mid=2247484780&idx=1&sn=5c29954e85b159e98b2db3467a6f4281) + - [ ] [【恭贺新春】企业级内网仿真「Thunder」免费开战!通关赢千元现金](https://mp.weixin.qq.com/s?__biz=Mzg5MDc1MjY5Ng==&mid=2247493011&idx=1&sn=324fff14046b3d7b31e4f2827bccacfb) + - [ ] [AI风险分析 | Grok提示词泄露前后暗藏玄机](https://mp.weixin.qq.com/s?__biz=MzkyMTI0NjA3OA==&mid=2247494054&idx=1&sn=9122e0562bcad42ee707e0879b945aa1) + - [ ] [针对DeepSeek的网络攻击再升级:僵尸网络进场 攻击指令激增上百倍u200b](https://mp.weixin.qq.com/s?__biz=MzI4NDY2MDMwMw==&mid=2247513623&idx=1&sn=d0d49c0d4b6e85b4dd8aacd8623ca272) + - [ ] [Offsec PG靶场-Pelican(OSCP考试)](https://mp.weixin.qq.com/s?__biz=MzU5MjIzMDMzNg==&mid=2247484347&idx=1&sn=0c628f8609fa4badb4f81f1f90b3d305) + - [ ] [六部门印发|关于完善数据流通安全治理 更好促进数据要素市场化价值化的实施方案](https://mp.weixin.qq.com/s?__biz=MzIxNDIzNTcxMg==&mid=2247506759&idx=1&sn=851aa85a7e994c201ed3fa8c930ebe05) + - [ ] [UbuntuServer24.04上使用NVIDIA GeForce RTX 4060Ti部署并训练DeepSeek R1大模型](https://mp.weixin.qq.com/s?__biz=Mzg2MjYxODQ4Mw==&mid=2247484982&idx=1&sn=226d2daae237f9ead22b087b2611e457) + - [ ] [干货 | 渗透测试以及checklist模板,附PDF免费下载!](https://mp.weixin.qq.com/s?__biz=MzkxMzMyNzMyMA==&mid=2247570691&idx=1&sn=74eca2607d62024085a1edf27565aeef) + - [ ] [DeepSeek遭暴力破解 攻击IP均来自美国](https://mp.weixin.qq.com/s?__biz=MjM5MzMwMDU5NQ==&mid=2649170578&idx=1&sn=c79c88154ac6083c4d178ed4a123665b) + - [ ] [奇安信:针对DeepSeek的网络攻击再升级! 僵尸网络进场,指令激增上百倍](https://mp.weixin.qq.com/s?__biz=MjM5MzMwMDU5NQ==&mid=2649170578&idx=2&sn=19ad0e0ac08770adde15936cbc245f61) + - [ ] [从创新环境看新质生产力发展](https://mp.weixin.qq.com/s?__biz=MzI1OTExNDY1NQ==&mid=2651618932&idx=1&sn=829c061c8fe0ac244f869355102c255f) + - [ ] [僵尸网络进场,针对 DeepSeek 网络攻击再升级](https://mp.weixin.qq.com/s?__biz=MzU0NDk0NTAwMw==&mid=2247624774&idx=1&sn=5c438a523258d18082e4918e22ff51c9) + - [ ] [惊魂72小时:一场席卷Linux世界的巨大威胁是如何被阻止的](https://mp.weixin.qq.com/s?__biz=MzI5MjY4MTMyMQ==&mid=2247489858&idx=1&sn=01a4503fd428692055c9a137cd9bb0a8) + - [ ] [比特币链上大周期投资指导方案](https://mp.weixin.qq.com/s?__biz=MzI3NTcwNTQ2Mg==&mid=2247487630&idx=1&sn=532f51f67ceab5e41324cbf9a80d0432) + - [ ] [秒达工具箱:各种开发者必备的工具集合,支持Docker部署](https://mp.weixin.qq.com/s?__biz=MzA4MjkzMTcxMg==&mid=2449046776&idx=1&sn=c7985da37fee0d92ef3585fa526b3ba5) + - [ ] [DeepSeek 数据库被攻击,国外团队已公开披露漏洞](https://mp.weixin.qq.com/s?__biz=Mzg4MTkwMTI5Mw==&mid=2247488775&idx=1&sn=2b8f2e1154eb0de5e1422589ee7b4f95) + - [ ] [旧知新话说“标识”之心意篇:标识助力物流信息可追溯](https://mp.weixin.qq.com/s?__biz=MzU1OTUxNTI1NA==&mid=2247592366&idx=1&sn=28ab8739af2ccfaae353c286890cde3f) + - [ ] [DeepSeek 开源免费,大洋彼岸直接急了](https://mp.weixin.qq.com/s?__biz=MzIzNjU5NDE2MA==&mid=2247490177&idx=1&sn=8c3da180f37e24bb83cc20d6168c694a) + - [ ] [可能这就是你deepseek无法访问的原因——deepseek 漏洞(已修复)](https://mp.weixin.qq.com/s?__biz=Mzk0MDY2NTY5Mw==&mid=2247485665&idx=1&sn=ce7d065feabad43d7bd144eb57ba1115) + - [ ] [小日子已经被deepseek折服——日媒:DeepSeek模型以简单方法实现高性能](https://mp.weixin.qq.com/s?__biz=Mzk0MDY2NTY5Mw==&mid=2247485665&idx=2&sn=3648dc775f70e3d481072e9e72b21a84) + - [ ] [FtC4Wraiths CTF战队招募令:成为幽灵,掌控战场!](https://mp.weixin.qq.com/s?__biz=Mzk0NjQ2NzQ0Ng==&mid=2247485011&idx=1&sn=eab2c10d8fcd6cc7e3fbdff694b4cd7a) + - [ ] [【2025-01-30】黑客新闻摘要](https://mp.weixin.qq.com/s?__biz=MzIzNDU5NTI4OQ==&mid=2247488390&idx=1&sn=3e958dfb1428d5b530c24db97201ea53) + - [ ] [DeepSeek因软件供应链安全问题导致严重聊天记录数据泄漏](https://mp.weixin.qq.com/s?__biz=MzkwOTM0MjI5NQ==&mid=2247488049&idx=1&sn=377ab6f02bf6685c6ecd606923242cc3) + - [ ] [(吃瓜)刘农TV之渗透中遇到的神人运维](https://mp.weixin.qq.com/s?__biz=MzkzNjczNzEyMw==&mid=2247484157&idx=1&sn=597aa22f30bf086e39d157e7ba9082ad) + - [ ] [DeepSeek 大模型数据泄露被国外安全团队发现](https://mp.weixin.qq.com/s?__biz=MzU4NDY3MTk2NQ==&mid=2247491067&idx=1&sn=53535c35ef941d31f4d587b0cbd426e6) + - [ ] [利用 Unicode 溢出绕过字符阻止列表](https://mp.weixin.qq.com/s?__biz=MzAxMjYyMzkwOA==&mid=2247527393&idx=1&sn=c9213875c652ac0318560b3966348226) + - [ ] [幻影行动:朝鲜的全球数据渗透运动](https://mp.weixin.qq.com/s?__biz=MzAxMjYyMzkwOA==&mid=2247527393&idx=2&sn=9923de4ef6d306281ce4fb13f253af1d) + - [ ] [Operation Talent:FBI 查获 Nulled.to、Cracked.to、Sellix.io 等](https://mp.weixin.qq.com/s?__biz=MzAxMjYyMzkwOA==&mid=2247527393&idx=3&sn=2949b5b96b17ce834ae88fc78313dbb7) + - [ ] [nt-load-order 第二部分 - 你想知道的更多内容](https://mp.weixin.qq.com/s?__biz=MzAxODM5ODQzNQ==&mid=2247486806&idx=1&sn=cb4a4fbf16cf2ff7c0a99333cf155ca8) + - [ ] [资讯 | DeepSeek被曝数据泄漏](https://mp.weixin.qq.com/s?__biz=Mzg4MDkyMTE4OQ==&mid=2247489001&idx=1&sn=e965d2b7151b3b51e0b48dc264cc7cd2) + - [ ] [DeepSeek被海外曝出严重聊天记录数据泄漏问题](https://mp.weixin.qq.com/s?__biz=MzIyOTAxOTYwMw==&mid=2650236959&idx=1&sn=0024f87794598ce60e345aa728e8a771) + - [ ] [真假](https://mp.weixin.qq.com/s?__biz=MzAwMjQ2NTQ4Mg==&mid=2247496860&idx=1&sn=dac3717d63b7496fc260f3d91e4d5ec0) + - [ ] [越权漏洞实战漏洞报告](https://mp.weixin.qq.com/s?__biz=Mzk0NTg3ODYxNg==&mid=2247485094&idx=1&sn=300233e404ea534282f994bd51e38594) + - [ ] [功能强大的XSS自动化扫描器](https://mp.weixin.qq.com/s?__biz=MzkyNzIxMjM3Mg==&mid=2247489193&idx=1&sn=08b43c401df76f44cf749c44eb4af9c6) + - [ ] [有网安需求记得找我](https://mp.weixin.qq.com/s?__biz=MzkyNzIxMjM3Mg==&mid=2247489193&idx=2&sn=6c2c55bb757aa67cc9f21a6b40c6df40) + - [ ] [30 - 使用DInvoke和Sliver规避OpenEDR并提升权限](https://mp.weixin.qq.com/s?__biz=MzI4NTcxMjQ1MA==&mid=2247615412&idx=1&sn=3c8990ffa72d3496df8110af3260a080) + - [ ] [代码审计 | 如何获取CVE漏洞编号](https://mp.weixin.qq.com/s?__biz=MzUyODkwNDIyMg==&mid=2247547534&idx=1&sn=89f840ad1397911a18d5776cb54ed32c) + - [ ] [俄罗斯APT组织 RomCom 再次出击,针对乌克兰政府和波兰实体的网络攻击升级!](https://mp.weixin.qq.com/s?__biz=Mzg3OTYxODQxNg==&mid=2247485658&idx=1&sn=1811ccb336bf5596bc0376a10ebe3cbe) + - [ ] [deepseek写的对联,总感觉有点不对劲🐶](https://mp.weixin.qq.com/s?__biz=MzkzNDIzNDUxOQ==&mid=2247494633&idx=1&sn=644193027ce66213cffde32a42bad868) + - [ ] [【已修复】DeepSeek数据库暴露,泄露包括聊天记录在内的敏感信息](https://mp.weixin.qq.com/s?__biz=MzkzNDIzNDUxOQ==&mid=2247494633&idx=2&sn=62ef49860992fd84fbebc9fbae2d8839) + - [ ] [Wiz研究发现暴露的DeepSeek数据库泄露敏感信息,包括聊天记录](https://mp.weixin.qq.com/s?__biz=MzkxNjMwNDUxNg==&mid=2247487248&idx=1&sn=24a5ae9036da7d03afb83c9dd679255b) + - [ ] [🐍年好~~嘶嘶嘶](https://mp.weixin.qq.com/s?__biz=MzU4Mzc4MDQyOQ==&mid=2247484414&idx=1&sn=0caae77933f7012d33420541deab9019) + - [ ] [【2025春节】解题领红包活动开始喽,解出就送论坛币!\\n\\n第一题送分题有手就行(不需有脑,已有 1376 位会员完成此任务)。\\n\\n第二题 Windows 初级题 14点整 上线,题目很简单,如果你对逆向分析感兴趣,不妨借此机会自学尝试,让这次活动真正成为你技能提升的阶梯。](https://mp.weixin.qq.com/s?__biz=MjM5Mjc3MDM2Mw==&mid=2651141658&idx=1&sn=11067b00a771b8ee9bd4c4d0da1e8908) + - [ ] [当DDoS成为DeepSeek的进化催化剂](https://mp.weixin.qq.com/s?__biz=MzUzNjkxODE5MA==&mid=2247488198&idx=1&sn=294befdcf4fe9033a98c6148815a0ec1) + - [ ] [初二娘家暖 祥蛇护亲安](https://mp.weixin.qq.com/s?__biz=MzU0MjEwNTM5Ng==&mid=2247520422&idx=1&sn=ca4a601872c8ca514160ea4117463939) + - [ ] [本地部署 deepseek-r1 模型](https://mp.weixin.qq.com/s?__biz=Mzk0MzY3MDE5Mg==&mid=2247484010&idx=1&sn=d298326b0ef79202e6e0093216ebaa82) + - [ ] [美军对DeepSeek“出手”了!DeepSeek遭恶意攻击,攻击IP均来自美国!](https://mp.weixin.qq.com/s?__biz=MzAwMjA5OTY5Ng==&mid=2247525698&idx=1&sn=131f65bb9cab76e179f85720d4c77212) + - [ ] [大年初二 | 金蛇迎春,福“巳”绵延](https://mp.weixin.qq.com/s?__biz=MzA4MTg0MDQ4Nw==&mid=2247579270&idx=1&sn=07b4d333a5b2f57048e51d6aa8cc4224) + - [ ] [太丢人了](https://mp.weixin.qq.com/s?__biz=Mzg5NjY4NDg1Nw==&mid=2247483948&idx=1&sn=c78c4f6b64f4e732bb3fcbe3684d3819) + - [ ] [DeepSeek与其他大模型网络安全领域测评](https://mp.weixin.qq.com/s?__biz=Mzg4NDg3NjE5MQ==&mid=2247485615&idx=1&sn=2faa9a9f50deaf18f69117424391d9a5) + - [ ] [多次加密攻击](https://mp.weixin.qq.com/s?__biz=MzI1NzUxOTUzMA==&mid=2247485786&idx=1&sn=ef2f09bcc5eb7ecad5b545295bf5be21) + - [ ] [2025网络暴露危机报告:45%第三方应用越权访问用户数据](https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651313208&idx=1&sn=21db4a4d88530fd63cdb722001dad229) + - [ ] [Banshee Stealer新变种正借Apple XProtect加密技术躲避杀毒软件](https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651313208&idx=2&sn=428f13d4f84f8d084d6730cfab69b9cb) + - [ ] [上千个恶意域名正在仿冒Reddit和WeTransfer](https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651313208&idx=3&sn=e2d553ae7f7a6dab81dc2d0f81f9d42f) + - [ ] [如何使用LDAPX动态检查和转换LDAP数据包](https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651313208&idx=4&sn=d1471190e17067ad31fd0a762ad813d1) + - [ ] [Redis数据库主从复制RCE影响分析](https://mp.weixin.qq.com/s?__biz=MjM5MjEyMTcyMQ==&mid=2651037457&idx=1&sn=32e47044585804b9f31934fb3a7a3f5c) + - [ ] [大年初二 画蛇添福](https://mp.weixin.qq.com/s?__biz=Mzg2MTU5ODQ2Mg==&mid=2247507174&idx=1&sn=af46b8c1bdd9e12e5913225f518e1e09) + - [ ] [新年新挑战,红日安全不打烊!携手同行,保障数字世界,迎接无限机遇!💻💼](https://mp.weixin.qq.com/s?__biz=MzI4NjEyMDk0MA==&mid=2649851771&idx=1&sn=e32da143725cb1281d784159a2d92a85) + - [ ] [数字取证之数据收集u200c](https://mp.weixin.qq.com/s?__biz=MjM5OTk4MDE2MA==&mid=2655264859&idx=1&sn=5157da074859752737fca3e1377e830b) + - [ ] [公众号爆款突破10万+是种什么体验?](https://mp.weixin.qq.com/s?__biz=Mzk0MTI4NTIzNQ==&mid=2247492229&idx=1&sn=fb6516c2c50768440203194bf072ef8f) + - [ ] [网安原创文章推荐【2025/1/29】](https://mp.weixin.qq.com/s?__biz=MzAxNzg3NzMyNQ==&mid=2247489523&idx=1&sn=b774285745567a078a25412d369d42e3) + - [ ] [Qwen 2.5横空出世:阿里大模型超越DeepSeek-V3](https://mp.weixin.qq.com/s?__biz=Mzk0ODY1NzEwMA==&mid=2247486600&idx=1&sn=8759e5cb59a7ae3a10f4e360ae1343c8) + - [ ] [DeepSeek已遭美西方全面围剿:各种放大后的问题及恶意舆论接踵而至](https://mp.weixin.qq.com/s?__biz=MzkyMjQ5ODk5OA==&mid=2247507157&idx=1&sn=705ed2698837c80532fbdcaa33a20411) + - [ ] [暗网情报6则:阿根廷电信公司数据泄露-260G登录凭证兜售-以色列国家安全部遭黑](https://mp.weixin.qq.com/s?__biz=MzkyMjQ5ODk5OA==&mid=2247507157&idx=2&sn=32183d1acca665f6055c418febf0b72a) + - [ ] [5th域安全微讯早报【20250130】026期](https://mp.weixin.qq.com/s?__biz=MzkyMjQ5ODk5OA==&mid=2247507157&idx=3&sn=678b70aba584829d92026c69f41dad6a) + - [ ] [DeepSeek与ChatGPT代码审计能力对比与分析](https://mp.weixin.qq.com/s?__biz=MzU5OTMxNjkxMA==&mid=2247488582&idx=1&sn=48f04da2ac9254f4e9bcaba0a14431a5) + - [ ] [ScanV、ScanA:监测违规防患,事件安全无虞](https://mp.weixin.qq.com/s?__biz=MjM5NzA3Nzg2MA==&mid=2649870840&idx=1&sn=eb6c30950bf84dd86835312726abf657) + - [ ] [阿里巴巴发布Qwen 2.5系列新模型,宣称超越 DeepSeek-V3](https://mp.weixin.qq.com/s?__biz=Mzg4Njc1MTIzMw==&mid=2247485776&idx=1&sn=73a8b2ee13adf483ccc862bea60a6657) + - [ ] [知识星球持续更新](https://mp.weixin.qq.com/s?__biz=Mzg4Njc1MTIzMw==&mid=2247485776&idx=2&sn=6cab966e4a4f99fd7f1a7f60f7177a88) + - [ ] [大年初二丨安天睿甲给您拜年了](https://mp.weixin.qq.com/s?__biz=MjM5MTA3Nzk4MQ==&mid=2650209904&idx=1&sn=2d3424335c5408deda2ab07b51876c54) + - [ ] [初二 | 愿家人和和美美,吉祥安康!](https://mp.weixin.qq.com/s?__biz=MzU4NjY4MDAyNQ==&mid=2247497079&idx=1&sn=081d5bd8e78c90a7d1bcba0e251b48ea) + - [ ] [记一次绕过阿里云waf与某不知名waf的双waf上传getshell](https://mp.weixin.qq.com/s?__biz=Mzk0Mzc1MTI2Nw==&mid=2247487348&idx=1&sn=2c7a4d59b64392a92053475c8096f285) + - [ ] [正月初二| 有蛇有得 团团圆圆](https://mp.weixin.qq.com/s?__biz=MzI2MzU0NTk3OA==&mid=2247506081&idx=1&sn=c7bc814576e63a573c12fae1a2f9aefe) + - [ ] [捷普基础产品线,守护基础设施安全](https://mp.weixin.qq.com/s?__biz=MzI2MzU0NTk3OA==&mid=2247506081&idx=2&sn=95cf7a673991ce095ee9525401f5f855) + - [ ] [【焕新领先】捷普下一代防火墙](https://mp.weixin.qq.com/s?__biz=MzI2MzU0NTk3OA==&mid=2247506081&idx=3&sn=0776637513dd08e8549e6e036951db3e) + - [ ] [ISO 45001: 2018 标准详解与实施(11)6.1.3 法律法规要求和其他要求的确定](https://mp.weixin.qq.com/s?__biz=MzA5OTEyNzc1Nw==&mid=2247486050&idx=1&sn=2750be0dbb0d7015b92061bb993add86) + - [ ] [初二](https://mp.weixin.qq.com/s?__biz=MzUyMjAyODU1NA==&mid=2247491947&idx=1&sn=1d01beee8ad4061189c478e349ef78d7) + - [ ] [DeepSeek的强大,一句话让AI帮我写了个程序-流量安全分析研判工具](https://mp.weixin.qq.com/s?__biz=MzkxMTUwOTY1MA==&mid=2247490145&idx=1&sn=a932062265ad24982beeee1706d70d4d) + - [ ] [大年初二 | 金蛇纳福,好事成双](https://mp.weixin.qq.com/s?__biz=MzA3OTMxNTcxNA==&mid=2650963505&idx=1&sn=b6d789ba930e09c363ebc1f9444849d6) + - [ ] [正月初二归家暖!亚信安全祝大家蛇全蛇美,蛇行大运](https://mp.weixin.qq.com/s?__biz=MjM5NjY2MTIzMw==&mid=2650620959&idx=1&sn=7d3ca2f816e618a8e9e764ebd74f3644) + - [ ] [大年初二 二龙腾飞](https://mp.weixin.qq.com/s?__biz=MjM5NzE0NTIxMg==&mid=2651135289&idx=1&sn=ccfa447f9bf7ccfdf2f578f6b4f71e1d) + - [ ] [大年初二 | 眉开眼笑回娘家](https://mp.weixin.qq.com/s?__biz=Mzk0MDQ5MTQ4NA==&mid=2247487428&idx=1&sn=7f6bc2eb6c48e2d05a319a51de44f0c3) + - [ ] [CIO启示录:技术管理如何突破效率天花板](https://mp.weixin.qq.com/s?__biz=Mzg4Nzk3MTg3MA==&mid=2247487724&idx=1&sn=992966ac782bfff5f58a78669566cd34) + - [ ] [2025常见的网络安全服务大全(汇总详解)](https://mp.weixin.qq.com/s?__biz=MzIwMzIyMjYzNA==&mid=2247517988&idx=1&sn=71db8ddc34dbb5bd2e9fce7b232edaaf) + - [ ] [初二:好运连连](https://mp.weixin.qq.com/s?__biz=MzU0NDk0NTAwMw==&mid=2247624762&idx=1&sn=47241d7f7296e0089b5da756046322f0) + - [ ] [初二|燃炮迎春盼福至 网站弹窗鉴虚实](https://mp.weixin.qq.com/s?__biz=MzkxNDY0MjMxNQ==&mid=2247532957&idx=1&sn=9932467d97cae7cd76bdb1790358e7cc) + - [ ] [【初二】安全一路相随 团聚近在眼前](https://mp.weixin.qq.com/s?__biz=MjM5NTE0MjQyMg==&mid=2650624574&idx=1&sn=d10e6d1823438874c6e7929eb90b1e97) + - [ ] [2025年最可能的五种网络攻击,你的企业准备好了吗?](https://mp.weixin.qq.com/s?__biz=Mzg4NDc0Njk1MQ==&mid=2247487182&idx=1&sn=3c76f4710e63ed2414babafceda9eec1) + - [ ] [诸葛亮教你如何应对APT攻击](https://mp.weixin.qq.com/s?__biz=MzAwMjQ2NTQ4Mg==&mid=2247496849&idx=1&sn=d3276fd13b7a991e2e1c5cbbb41a3b4c) + - [ ] [国自然中标真不难!十年评审专家1v1精修你的本子,中标率提升58%](https://mp.weixin.qq.com/s?__biz=MzAwMjQ2NTQ4Mg==&mid=2247496849&idx=2&sn=41d0f5a68ff64924994dc39112bf9672) + - [ ] [初二 | 姻缘美满](https://mp.weixin.qq.com/s?__biz=MzIxNTQxMjQyNg==&mid=2247493741&idx=1&sn=e36485b394ed47daf3a04225998efbe1) +- Recent Commits to cve:main + - [ ] [Update Thu Jan 30 20:25:02 UTC 2025](https://github.com/trickest/cve/commit/630b95e7243b0245cde3df59fe484976ce30e2ee) + - [ ] [Update Thu Jan 30 12:18:33 UTC 2025](https://github.com/trickest/cve/commit/6d2f59a5338e9b0f9fda557d99080a0f50fd20af) + - [ ] [Update Thu Jan 30 04:17:50 UTC 2025](https://github.com/trickest/cve/commit/9cf77fc7fab952fdfcbf1e41b07c41bd3ecd8cd6) +- Armin Ronacher's Thoughts and Writings + - [ ] [How I Use AI: Meet My Promptly Hired Model Intern](http://lucumr.pocoo.org/2025/1/30/how-i-ai) +- Trustwave Blog + - [ ] [How Trustwave’s Fusion Platform Analyzes Ransomware Tactics in the Energy Sector: A Comprehensive Overview](https://www.trustwave.com/en-us/resources/blogs/trustwave-blog/how-trustwaves-fusion-platform-analyzes-ransomware-tactics-in-the-energy-sector-a-comprehensive-overview/) +- 一个被知识诅咒的人 + - [ ] [【Python】深入探索Python元类:动态生成类与对象的艺术](https://blog.csdn.net/nokiaguy/article/details/145397730) + - [ ] [【Python】深入理解Python中的装饰器链:创建组合装饰器的技巧与实践](https://blog.csdn.net/nokiaguy/article/details/145397710) +- gynvael.coldwind//vx.log (en) + - [ ] [On hackers, hackers, and hilarious misunderstandings](https://gynvael.coldwind.pl/?id=799) +- Flexera Blog - Feed + - [ ] [Cyber-Resilience regulations are here—is your organization ready?](https://www.flexera.com/blog/security/cyber-resilience-regulations-are-here-is-your-organization-ready/) +- Private Feed for M09Ic + - [ ] [safedv starred DebugPrivilege/InsightEngineering](https://github.com/DebugPrivilege/InsightEngineering) + - [ ] [LinuxJS started following M09Ic](https://github.com/M09Ic) +- Twitter @bytehx + - [ ] [Re @CristiVlad25 @SynackRedTeam Yes!](https://x.com/bytehx343/status/1884928882094268475) + - [ ] [Thanks @SynackRedTeam](https://x.com/bytehx343/status/1884926738385580064) +- Trail of Bits Blog + - [ ] [PyPI now supports archiving projects](https://blog.trailofbits.com/2025/01/30/pypi-now-supports-archiving-projects/) +- Reverse Engineering + - [ ] [ReSym: Harnessing LLMs to Recover Variable and Data Structure Symbols from Stripped Binaries [PDF]](https://www.reddit.com/r/ReverseEngineering/comments/1idxr88/resym_harnessing_llms_to_recover_variable_and/) + - [ ] [Decompiling 2024: A Year of Resurgance in Decompilation Research](https://www.reddit.com/r/ReverseEngineering/comments/1idb0wg/decompiling_2024_a_year_of_resurgance_in/) + - [ ] [arm64 PC-relative addressing fun](https://www.reddit.com/r/ReverseEngineering/comments/1idmknl/arm64_pcrelative_addressing_fun/) + - [ ] [College Survey on AI-Enhanced Phishing and Cybersecurity Training Effectiveness](https://www.reddit.com/r/ReverseEngineering/comments/1idq68v/college_survey_on_aienhanced_phishing_and/) +- Malware-Traffic-Analysis.net - Blog Entries + - [ ] [2025-01-30: XLoader infection](https://www.malware-traffic-analysis.net/2025/01/30/index.html) +- Malwarebytes + - [ ] [Microsoft advertisers phished via malicious Google ads](https://www.malwarebytes.com/blog/cybercrime/2025/01/microsoft-advertisers-phished-via-malicious-google-ads) + - [ ] [The DeepSeek controversy: Authorities ask where does the data come from and how safe is it?](https://www.malwarebytes.com/blog/news/2025/01/the-deepseek-controversy-authorities-ask-where-the-data-comes-from-and-where-it-goes) +- Intigriti + - [ ] [Power of the collective: Investing in the security researcher community for shared success](https://www.intigriti.com/blog/business-insights/power-of-the-collective-investing-in-the-security-researcher-community-for-shared) +- Securelist + - [ ] [No need to RSVP: a closer look at the Tria stealer campaign](https://securelist.com/tria-stealer-collects-sms-data-from-android-devices/115295/) +- Project Zero + - [ ] [Windows Bug Class: Accessing Trapped COM Objects with IDispatch](https://googleprojectzero.blogspot.com/2025/01/windows-bug-class-accessing-trapped-com.html) + - [ ] [Windows Exploitation Tricks: Trapping Virtual Memory Access (2025 Update)](https://googleprojectzero.blogspot.com/2025/01/windows-exploitation-tricks-trapping.html) +- rtl-sdr.com + - [ ] [Jeff Geerling Explores the CaribouLite Raspberry Pi Hat](https://www.rtl-sdr.com/jeff-geerling-explores-the-cariboulite-raspberry-pi-hat/) + - [ ] [The Taylorator: Flooding the Broadcast FM Band with Taylor Swift Songs using a LimeSDR](https://www.rtl-sdr.com/the-taylorator-flooding-the-broadcast-fm-band-with-taylor-swift-songs-using-a-limesdr/) + - [ ] [Video on the Basics of SDR for Hackers](https://www.rtl-sdr.com/video-on-the-basics-of-sdr-for-hackers/) +- 奇客Solidot–传递最新科技情报 + - [ ] [美国版权局称 AI 辅助作品如果包含足够的人类创意可获得版权保护](https://www.solidot.org/story?sid=80451) + - [ ] [LibreOffice 下载量突破 4 亿](https://www.solidot.org/story?sid=80450) + - [ ] [Debian 项目停止在 X 上发推](https://www.solidot.org/story?sid=80449) + - [ ] [Douglas Engelbart 诞辰 100 周年](https://www.solidot.org/story?sid=80448) +- FreeBuf网络安全行业门户 + - [ ] [DeepSeek AI数据库泄露:超百万条日志和密钥曝光](https://www.freebuf.com/articles/420968.html) +- Shostack & Friends Blog + - [ ] [The Birth of the CVE System, on Hackers To Founders](https://shostack.org/blog/hackers-to-founders/) + - [ ] [Hoarding, Debt and Threat Modeling](https://shostack.org/blog/hoarding-debt-and-threat-modeling/) +- 锦行科技 + - [ ] [初二 | 姻缘美满](https://mp.weixin.qq.com/s?__biz=MzIxNTQxMjQyNg==&mid=2247493741&idx=1&sn=e36485b394ed47daf3a04225998efbe1&chksm=979a13c8a0ed9ade19f74ca917b1703c7b395367c03069fe1b164a21f581251495a707ffdfa8&scene=58&subscene=0#rd) +- 吾爱破解论坛 + - [ ] [【2025春节】解题领红包活动开始喽,解出就送论坛币! + +第一题送分题有手就行(不需有脑,已有 1376 位会员完成此任务)。 + +第二题 Windows 初级题 14点整 上线,题目很简单,如果你对逆向分析感兴趣,不妨借此机会自学尝试,让这次活动真正成为你技能提升的阶梯。](https://mp.weixin.qq.com/s?__biz=MjM5Mjc3MDM2Mw==&mid=2651141658&idx=1&sn=11067b00a771b8ee9bd4c4d0da1e8908&chksm=bd50a64e8a272f589319d04410866e550b8792cd73b49c0eecc8abb4df9996d504f306e3b43c&scene=58&subscene=0#rd) +- 安全分析与研究 + - [ ] [Fake CAPTCHA攻击技术](https://mp.weixin.qq.com/s?__biz=MzA4ODEyODA3MQ==&mid=2247490238&idx=1&sn=f7929631aed8f88ecb74b428362ec4eb&chksm=902fb596a7583c80a17cb1f35f04930cd0fa4f66251be8f81b04a1801ee9d2f8725ffb4bda0c&scene=58&subscene=0#rd) +- 安全内参 + - [ ] [针对DeepSeek的网络攻击再升级:僵尸网络进场 攻击指令激增上百倍​](https://mp.weixin.qq.com/s?__biz=MzI4NDY2MDMwMw==&mid=2247513623&idx=1&sn=d0d49c0d4b6e85b4dd8aacd8623ca272&chksm=ebfaf137dc8d782175c2209f64fe50b91bf2c7ff519b1be99b56d7f5f4f3171fe8cb575f539a&scene=58&subscene=0#rd) +- Black Hills Information Security + - [ ] [Questions From a Beginner Threat Hunter](https://www.blackhillsinfosec.com/questions-from-a-beginner-threat-hunter/) +- 红日安全 + - [ ] [新年新挑战,红日安全不打烊!携手同行,保障数字世界,迎接无限机遇!💻💼](https://mp.weixin.qq.com/s?__biz=MzI4NjEyMDk0MA==&mid=2649851771&idx=1&sn=e32da143725cb1281d784159a2d92a85&chksm=f3e4e9f8c49360ee9f066a43959bd3732de37e27ca245ce7717817dc356c25315b6e3cd90820&scene=58&subscene=0#rd) +- M01N Team + - [ ] [AI风险分析 | Grok提示词泄露前后暗藏玄机](https://mp.weixin.qq.com/s?__biz=MzkyMTI0NjA3OA==&mid=2247494054&idx=1&sn=9122e0562bcad42ee707e0879b945aa1&chksm=c18429b7f6f3a0a16b65fc9b18ee5c979853c462ea1f43800abab53c6e5bc3e5d73dc9c1c540&scene=58&subscene=0#rd) +- 墨菲安全 + - [ ] [DeepSeek因软件供应链安全问题导致严重聊天记录数据泄漏](https://mp.weixin.qq.com/s?__biz=MzkwOTM0MjI5NQ==&mid=2247488049&idx=1&sn=377ab6f02bf6685c6ecd606923242cc3&chksm=c13d7109f64af81f818a52b31171cec774bb86a531f1405b24c020869c281e0865f573e9c6a6&scene=58&subscene=0#rd) +- 360数字安全 + - [ ] [大年初二 | 金蛇迎春,福“巳”绵延](https://mp.weixin.qq.com/s?__biz=MzA4MTg0MDQ4Nw==&mid=2247579270&idx=1&sn=07b4d333a5b2f57048e51d6aa8cc4224&chksm=9f8d268ea8faaf982879ec311f767c0e01c96d6b31f504cb5edd372b41e9ddedf3659c61e603&scene=58&subscene=0#rd) +- 白帽子章华鹏 + - [ ] [DeepSeek被海外曝出严重聊天记录数据泄漏问题](https://mp.weixin.qq.com/s?__biz=MzIyOTAxOTYwMw==&mid=2650236959&idx=1&sn=0024f87794598ce60e345aa728e8a771&chksm=f04ad2a3c73d5bb52eb2a39504865a355749cee5228d9bcaa1078cab5387d5509791a0eafeb4&scene=58&subscene=0#rd) +- 迪哥讲事 + - [ ] [深入浅出API测试|搜集分析与漏洞挖掘实战](https://mp.weixin.qq.com/s?__biz=MzIzMTIzNTM0MA==&mid=2247496981&idx=1&sn=1b88708a474086d96cf22a9428c93835&chksm=e8a5ff76dfd276605ae35037c735c6cb3cb39f0962d2b476be2284664584944a6e21d112112a&scene=58&subscene=0#rd) +- Over Security - Cybersecurity news aggregator + - [ ] [Backdoor found in two healthcare patient monitors, linked to IP in China](https://www.bleepingcomputer.com/news/security/backdoor-found-in-two-healthcare-patient-monitors-linked-to-ip-in-china/) + - [ ] [Lawmakers push for guardrails, deadline on cyber military study](https://therecord.media/lawmakers-push-for-guardrails-deadline-cyber-force-study) + - [ ] [Google blocked 2.36 million risky Android apps from Play Store in 2024](https://www.bleepingcomputer.com/news/security/google-blocked-236-million-risky-android-apps-from-play-store-in-2024/) + - [ ] [States with laws requiring data brokers to register are ramping up enforcement](https://therecord.media/state-data-broker-registry-laws-fines-warnings) + - [ ] [Gabbard grilled over Snowden comments during Senate confirmation hearing](https://therecord.media/gabbard-grilled-over-snowden-comments-senate-confirmation-hearing) + - [ ] [US Justice Department says cybercrime forum allegedly affected 17 million Americans](https://techcrunch.com/2025/01/30/us-justice-department-says-cybercrime-forum-allegedly-affected-17-million-americans/) + - [ ] [Defeating Future Threats Starts Today](https://blog.talosintelligence.com/defeating-future-threats-starts-today/) + - [ ] [Ransomware attack disrupts New York blood donation giant](https://www.bleepingcomputer.com/news/security/ransomware-attack-disrupts-new-york-blood-donation-giant/) + - [ ] [Infrastructure Laundering: Blending in with the Cloud](https://krebsonsecurity.com/2025/01/infrastructure-laundering-blending-in-with-the-cloud/) + - [ ] [Ransomware attack on New York Blood Center forces workarounds, drive cancellations](https://therecord.media/ransomware-attack-new-york-blood-center-forces-workarounds) + - [ ] [DeepSeek exposes database with over 1 million chat records](https://www.bleepingcomputer.com/news/security/deepseek-exposes-database-with-over-1-million-chat-records/) + - [ ] [International police coalition takes down two prolific cybercrime and hacking forums](https://techcrunch.com/2025/01/30/international-police-coalition-takes-down-two-prolific-cybercrime-and-hacking-forums/) + - [ ] [Police take down two large cybercrime forums, arrest suspects](https://therecord.media/cybercrime-forums-cracked-nulled-takedowns-arrests) + - [ ] [Major GitHub outage affects pull requests and other services](https://www.bleepingcomputer.com/news/technology/major-github-outage-affects-pull-requests-and-other-services/) + - [ ] [The Advantages of Cloud-Based Remote Desktop versus RDP over VPN](https://www.bleepingcomputer.com/news/security/the-advantages-of-cloud-based-remote-desktop-versus-rdp-over-vpn/) + - [ ] [(Un)Happy Trails](https://bfore.ai/unhappy-trails-travel-related-scams-and-what-travel-vendors-can-do-to-protect-their-customers/) + - [ ] [New Syncjacking attack hijacks devices using Chrome extensions](https://www.bleepingcomputer.com/news/security/new-syncjacking-attack-hijacks-devices-using-chrome-extensions/) + - [ ] [bedevil: Dynamic Linker Patching](http://localhost:1313/posts/bedevil_dynamic_linker_patching/) + - [ ] [Hack.lu: In-Depth Study of Linux Rootkits: Evolution, Detection, and Defense](http://localhost:1313/talks/hack.lu_rootkits_2024/) + - [ ] [Hack.lu: The Gist of Hundreds of Incident Response Cases](http://localhost:1313/talks/hack.lu_gist_2024/) + - [ ] [Reptile's Custom Kernel-Module Launcher](http://localhost:1313/posts/reptile_launcher/) + - [ ] [BSides Munich: /proc for Security Analysts](http://localhost:1313/talks/bsides_munich_2024/) + - [ ] [DeepSec: RAT Builders - How to catch them all](http://localhost:1313/talks/deepsec_2024/) + - [ ] [Shell Script Compiler (shc)](http://localhost:1313/posts/shell_script_compiler/) + - [ ] [Today I Learned - setfacl](http://localhost:1313/posts/today_i_learned_setfacl/) + - [ ] [Analysis of Python's .pth files as a persistence mechanism](http://localhost:1313/posts/publish_python_pth_extension/) + - [ ] [Tear Down The Castle - Part 1](http://localhost:1313/posts/tear_down_castle_part_one/) + - [ ] [Oh my .. ! - Suspicious network traffic detected including Ransomware](http://localhost:1313/posts/suspicious_network_traffic_ransomware/) + - [ ] [Tear Down The Castle - Part 2](http://localhost:1313/posts/tear_down_castle_part_two/) + - [ ] [Follow-Up: Alibaba’s Qwen2.5-VL Model is Also Vulnerable to Prompt Attacks](https://www.kelacyber.com/blog/follow-up-alibabas-qwen2-5-vl-model-is-also-vulnerable-to-prompt-attacks/) + - [ ] [Police seizes Cracked and Nulled hacking forum servers, arrests suspects](https://www.bleepingcomputer.com/news/security/police-seizes-cracked-and-nulled-hacking-forum-servers-arrests-suspects/) + - [ ] [Microsoft lifts Windows 11 update block for PCs with gaming issues](https://www.bleepingcomputer.com/news/microsoft/microsoft-lifts-windows-11-update-block-for-pcs-with-gaming-issues/) + - [ ] [Common OAuth Vulnerabilities](https://blog.doyensec.com/2025/01/30/oauth-common-vulnerabilities.html) + - [ ] [DeepSeek’s Growing Influence Sparks a Surge in Frauds and Phishing Attacks](https://cyble.com/blog/deepseeks-growing-influence-sparks-a-surge-in-frauds-and-phishing-attacks/) + - [ ] [Time Bandit ChatGPT jailbreak bypasses safeguards on sensitive topics](https://www.bleepingcomputer.com/news/security/time-bandit-chatgpt-jailbreak-bypasses-safeguards-on-sensitive-topics/) + - [ ] [Comunicare per proteggere: strategie e strumenti per implementare i requisiti ISO 27001](https://www.cybersecurity360.it/legal/comunicare-per-proteggere-strategie-e-strumenti-per-implementare-i-requisiti-iso-27001/) + - [ ] [Bilanciare i rischi di security beneficiando di tecnologie di AI: fra opportunità e rischi](https://www.cybersecurity360.it/news/bilanciare-i-rischi-di-security-beneficiando-di-tecnologie-di-ai-fra-opportunita-e-rischi/) + - [ ] [DeepSeek: i timori per la privacy e la cyber security](https://www.cybersecurity360.it/cultura-cyber/deepseek-i-timori-per-la-privacy-e-la-cyber-security/) + - [ ] [DeepSeek, serve cautela: ci sono pericoli per la sicurezza](https://www.cybersecurity360.it/news/deepseek-usarlo-con-cautela-ci-sono-pericoli-per-la-sicurezza/) + - [ ] [Smishing a tema Poste Italiane: i dettagli e come difendersi](https://www.cybersecurity360.it/news/smishing-a-tema-poste-italiane-i-dettagli-e-come-difendersi/) + - [ ] [Più cyber attacchi nel 2024. E nel 2025 il trend non si fermerà](https://www.cybersecurity360.it/outlook/piu-cyber-attacchi-nel-2024-e-nel-2025-il-trend-non-si-fermera/) + - [ ] [I cyber rischi in azienda che (anche) gli italiani non comprendono](https://www.cybersecurity360.it/news/i-cyber-rischi-in-azienda-che-anche-gli-italiani-non-comprendono/) + - [ ] [Le chat WhatsApp sono corrispondenza da tutelare: i paletti privacy della Cassazione](https://www.cybersecurity360.it/news/le-chat-whatsapp-sono-corrispondenza-da-tutelare-i-paletti-privacy-della-cassazione/) + - [ ] [Decentraleyes potenzia la privacy online: vantaggi e limiti](https://www.cybersecurity360.it/soluzioni-aziendali/decentraleyes-potenzia-la-privacy-online-vantaggi-e-limiti/) + - [ ] [Il controllo del dipendente da parte del datore di lavoro: le sfide per la privacy](https://www.cybersecurity360.it/legal/privacy-dati-personali/il-controllo-del-dipendente-da-parte-del-datore-di-lavoro-le-sfide-per-la-privacy/) + - [ ] [Talos IR trends Q4 2024: Web shell usage and exploitation of public-facing applications spike](https://blog.talosintelligence.com/talos-ir-trends-q4-2024/) + - [ ] [UK, US Introduce “Content Credentials” Labeling to Counter Deepfakes, Misinformation in the Age of AI](https://cyble.com/blog/uk-us-introduce-content-credentials-labeling/) + - [ ] [Speedio (unverified) - 27,501,041 breached accounts](https://haveibeenpwned.com/PwnedWebsites#Speedio) + - [ ] [ICS Vulnerability Report: Cyble Urges Critical mySCADA Fixes](https://cyble.com/blog/ics-vulnerability-report-cyble-urges-critical-myscada-fixes/) +- Krypt3ia + - [ ] [Threat Report: Risks and Considerations of Storing Corporate Security Telemetry in EDR Vendor Cloud Instances](https://krypt3ia.wordpress.com/2025/01/30/threat-report-risks-and-considerations-of-storing-corporate-security-telemetry-in-edr-vendor-cloud-instances/) + - [ ] [Krypt3ia Daily Cyber Threat Intelligence (CTI) Digest](https://krypt3ia.wordpress.com/2025/01/30/krypt3ia-daily-cyber-threat-intelligence-cti-digest-6/) +- 洞源实验室 + - [ ] [CIO启示录:技术管理如何突破效率天花板](https://mp.weixin.qq.com/s?__biz=Mzg4Nzk3MTg3MA==&mid=2247487724&idx=1&sn=992966ac782bfff5f58a78669566cd34&chksm=cf83199df8f4908b26ff76302cb8d746bfff09b567b7b3a5c847ccdd3c9489f00186af2c2959&scene=58&subscene=0#rd) +- bellingcat + - [ ] [Neo-Nazis Linked to “Terrorist Activities” to Host Budapest Concert](https://www.bellingcat.com/news/2025/01/30/neo-nazis-linked-to-terrorist-activities-to-host-budapest-concert/) +- 极客公园 + - [ ] [我合理怀疑,春晚节目组混进了 B 站的人](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653073042&idx=1&sn=e5673315f8ee79ebe9dd7e1d2616c261&chksm=7e57d32449205a32ea25640d2639fcc099fe5048fbdbbc484c363f514ec6a87a0fa0321f07d2&scene=58&subscene=0#rd) + - [ ] [美国对 DeepSeek 开展国家安全调查;传 DS 训练模型绕过英伟达 CUDA;春节档刷新初一票房纪录 | 极客早知道](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653073041&idx=1&sn=f9ec93124dfcfa3b5d40259ab4c2c990&chksm=7e57d32749205a310d8f135837f52b88af79c3c4cfa6f0101b33a99b48b746b953b3373c0e88&scene=58&subscene=0#rd) +- Securityinfo.it + - [ ] [Privacy dei dati: la maggior parte degli utenti teme una violazione](https://www.securityinfo.it/2025/01/30/privacy-dei-dati-la-maggior-parte-degli-utenti-teme-una-violazione/?utm_source=rss&utm_medium=rss&utm_campaign=privacy-dei-dati-la-maggior-parte-degli-utenti-teme-una-violazione) +- Have I Been Pwned latest breaches + - [ ] [Speedio (unverified) - 27,501,041 breached accounts](https://haveibeenpwned.com/PwnedWebsites#Speedio) +- Hacking Exposed Computer Forensics Blog + - [ ] [Daily Blog #733: Test Kitchen building cloud tools with cursor](https://www.hecfblog.com/2025/01/daily-blog-733-test-kitchen-building.html) +- SANS Internet Storm Center, InfoCON: green + - [ ] [PCAPs or It Didn't Happen: Exposing an Old Netgear Vulnerability Still Active in 2025 [Guest Diary], (Thu, Jan 30th)](https://isc.sans.edu/diary/rss/31638) + - [ ] [ISC Stormcast For Thursday, January 30th, 2025 https://isc.sans.edu/podcastdetail/9302, (Thu, Jan 30th)](https://isc.sans.edu/diary/rss/31636) +- Schneier on Security + - [ ] [Fake Reddit and WeTransfer Sites are Pushing Malware](https://www.schneier.com/blog/archives/2025/01/fake-reddit-and-wetransfer-sites-are-pushing-malware.html) +- Instapaper: Unread + - [ ] [Nulled, Other Cybercrime Websites Seized by Law Enforcement](https://www.securityweek.com/nulled-other-cybercrime-websites-seized-by-law-enforcement/) + - [ ] [Le chat WhatsApp sono corrispondenza da tutelare i paletti privacy della Cassazione](https://www.cybersecurity360.it/news/le-chat-whatsapp-sono-corrispondenza-da-tutelare-i-paletti-privacy-della-cassazione/) + - [ ] [Il controllo del dipendente da parte del datore di lavoro le sfide per la privacy](https://www.cybersecurity360.it/legal/privacy-dati-personali/il-controllo-del-dipendente-da-parte-del-datore-di-lavoro-le-sfide-per-la-privacy/) + - [ ] [These are the 10 worst PIN codes](https://www.malwarebytes.com/blog/news/2025/01/these-are-the-10-worst-pin-codes) + - [ ] [What Is a Jump List Complete Guide for Users and Investigators](https://www.cybertriage.com/blog/what-is-a-jump-list/) +- The Hacker News + - [ ] [Google: Over 57 Nation-State Threat Groups Using AI for Cyber Operations](https://thehackernews.com/2025/01/google-over-57-nation-state-threat.html) + - [ ] [Authorities Seize Domains of Popular Hacking Forums in Major Cybercrime Crackdown](https://thehackernews.com/2025/01/authorities-seize-domains-of-popular.html) + - [ ] [Lightning AI Studio Vulnerability Allowed RCE via Hidden URL Parameter](https://thehackernews.com/2025/01/lightning-ai-studio-vulnerability.html) + - [ ] [SOC Analysts - Reimagining Their Role Using AI](https://thehackernews.com/2025/01/soc-analysts-reimagining-their-role.html) + - [ ] [DeepSeek AI Database Exposed: Over 1 Million Log Lines, Secret Keys Leaked](https://thehackernews.com/2025/01/deepseek-ai-database-exposed-over-1.html) + - [ ] [Unpatched PHP Voyager Flaws Leave Servers Open to One-Click RCE Exploits](https://thehackernews.com/2025/01/unpatched-php-voyager-flaws-leave.html) + - [ ] [New Aquabot Botnet Exploits CVE-2024-41710 in Mitel Phones for DDoS Attacks](https://thehackernews.com/2025/01/new-aquabot-botnet-exploits-cve-2024.html) +- Graham Cluley + - [ ] [Smashing Security podcast #402: Hackers get hacked, the British Museum IT shutdown, and social media kidnaps](https://grahamcluley.com/smashing-security-podcast-402-hackers-get-hacked-the-british-museum-it-shutdown-and-social-media-kidnaps/) +- Trend Micro Research, News and Perspectives + - [ ] [Lumma Stealer’s GitHub-Based Delivery Explored via Managed Detection and Response](https://www.trendmicro.com/en_us/research/25/a/lumma-stealers-github-based-delivery-via-mdr.html) + - [ ] [NDR: Not Just a "Nice to Have" Anymore](https://www.trendmicro.com/en_us/research/25/a/network-detection-response-ndr.html) +- Deeplinks + - [ ] [Executive Order to the State Department Sideswipes Freedom Tools, Threatens Censorship Resistance, Privacy, and Anonymity of Millions](https://www.eff.org/deeplinks/2025/01/executive-order-state-department-sideswipes-freedom-tools-threatens-censorship) + - [ ] [The Internet Never Forgets: Fighting the Memory Hole](https://www.eff.org/deeplinks/2025/01/internet-never-forgets-fighting-memory-hole) + - [ ] [Protect Your Privacy on Bumble](https://www.eff.org/deeplinks/2025/01/protect-your-privacy-bumble) +- The Register - Security + - [ ] [Data resilience and data portability](https://go.theregister.com/feed/www.theregister.com/2025/01/30/data_resilience_and_data_portability/) + - [ ] [VMware plugs steal-my-credentials holes in Cloud Foundation](https://go.theregister.com/feed/www.theregister.com/2025/01/30/vmware_infomration_disclosure_flaws/) + - [ ] [Trump admin's purge of US cyber advisory boards was 'foolish,' says ex-Navy admiral](https://go.theregister.com/feed/www.theregister.com/2025/01/30/gutting_us_cyber_advisory_boards/) + - [ ] [Ransomware attack at New York blood services provider – donors turned away during shortage crisis](https://go.theregister.com/feed/www.theregister.com/2025/01/30/ransomware_attack_at_new_york/) + - [ ] [Canvassing apps used by UK political parties riddled with privacy, security issues](https://go.theregister.com/feed/www.theregister.com/2025/01/30/uk_canvassing_app_issues/) + - [ ] [WFH with privacy? 85% of Brit bosses snoop on staff](https://go.theregister.com/feed/www.theregister.com/2025/01/30/forget_the_idea_of_wfh/) + - [ ] [Wacom says crooks probably swiped customer credit cards from its online checkout](https://go.theregister.com/feed/www.theregister.com/2025/01/30/wacom_data_loss/) + - [ ] [Guess who left a database wide open, exposing chat logs, API keys, and more? Yup, DeepSeek](https://go.theregister.com/feed/www.theregister.com/2025/01/30/deepseek_database_left_open/) +- Palo Alto Networks Blog + - [ ] [Cortex Is the First SOC Platform to Achieve FedRAMP High Authorization](https://www.paloaltonetworks.com/blog/2025/01/cortex-achieve-fedramp-high-authorization/) +- Social Engineering + - [ ] ["Humans Aren’t the Weakest Link, They’re the Strongest Layer in Cybersecurity"](https://www.reddit.com/r/SocialEngineering/comments/1idqop9/humans_arent_the_weakest_link_theyre_the/) + - [ ] [How to better at socialising?](https://www.reddit.com/r/SocialEngineering/comments/1idam33/how_to_better_at_socialising/) +- Information Security + - [ ] [Change Healthcare data breach – how to protect yourself](https://www.reddit.com/r/Information_Security/comments/1idnbgn/change_healthcare_data_breach_how_to_protect/) + - [ ] [College Survey on AI-Enhanced Phishing and Cybersecurity Training Effectiveness](https://www.reddit.com/r/Information_Security/comments/1idq592/college_survey_on_aienhanced_phishing_and/) + - [ ] [CIS standards for CyberArk](https://www.reddit.com/r/Information_Security/comments/1idn856/cis_standards_for_cyberark/) + - [ ] [What is SHEIN doing to our data?](https://www.reddit.com/r/Information_Security/comments/1idgkn6/what_is_shein_doing_to_our_data/) +- Your Open Hacker Community + - [ ] [Everything is hacked 😊](https://www.reddit.com/r/HowToHack/comments/1ie17ff/everything_is_hacked/) + - [ ] [Phones that are open to connecting via Bluetooth](https://www.reddit.com/r/HowToHack/comments/1idms17/phones_that_are_open_to_connecting_via_bluetooth/) + - [ ] [Most Effective learning path to Reverse engineer network server of old games?](https://www.reddit.com/r/HowToHack/comments/1ids89n/most_effective_learning_path_to_reverse_engineer/) + - [ ] [Is there any website I can use to convert a large amount of passwords into Hashes (in batch)?](https://www.reddit.com/r/HowToHack/comments/1idu982/is_there_any_website_i_can_use_to_convert_a_large/) + - [ ] [Finding an array of class instances using Cheat Engine?](https://www.reddit.com/r/HowToHack/comments/1idh9ob/finding_an_array_of_class_instances_using_cheat/) + - [ ] [Free course](https://www.reddit.com/r/HowToHack/comments/1idm5ny/free_course/) + - [ ] [Cheat engine?](https://www.reddit.com/r/HowToHack/comments/1idu18m/cheat_engine/) + - [ ] [Who has dark web AI?](https://www.reddit.com/r/HowToHack/comments/1idtmsb/who_has_dark_web_ai/) + - [ ] [Question](https://www.reddit.com/r/HowToHack/comments/1ide7pg/question/) + - [ ] [I want to hack like elliot from mister robot](https://www.reddit.com/r/HowToHack/comments/1idwvv2/i_want_to_hack_like_elliot_from_mister_robot/) + - [ ] [Tips for Copying and Pasting from Apps That Restrict It](https://www.reddit.com/r/HowToHack/comments/1idg62q/tips_for_copying_and_pasting_from_apps_that/) + - [ ] [Can I duplicate a SIM card?](https://www.reddit.com/r/HowToHack/comments/1idihtl/can_i_duplicate_a_sim_card/) +- Krebs on Security + - [ ] [Infrastructure Laundering: Blending in with the Cloud](https://krebsonsecurity.com/2025/01/infrastructure-laundering-blending-in-with-the-cloud/) +- TorrentFreak + - [ ] [Pirate IPTV: Sweden Mulls ‘Viewing Ban’ as Illegal Subscriptions Soar 25%](https://torrentfreak.com/pirate-iptv-sweden-mulls-viewing-ban-as-illegal-subscriptions-soar-25-250130/) +- Full Disclosure + - [ ] [Quorum onQ OS - 6.0.0.5.2064 | Reflected Cross Site Scripting (XSS) | CVE-2024-44449](https://seclists.org/fulldisclosure/2025/Jan/23) + - [ ] [Deepseek writes textbook insecure code in 2025-01-28](https://seclists.org/fulldisclosure/2025/Jan/22) + - [ ] [Text injection on https://www.google.com/sorry/index via ?q parameter (no XSS)](https://seclists.org/fulldisclosure/2025/Jan/21) +- Technical Information Security Content & Discussion + - [ ] [The Slow Death of OCSP](https://www.reddit.com/r/netsec/comments/1idvdv5/the_slow_death_of_ocsp/) + - [ ] [Practising Heap Exploitation: Using House Of Force Technique with Practicals](https://www.reddit.com/r/netsec/comments/1idm8tr/practising_heap_exploitation_using_house_of_force/) + - [ ] [WebAssembly and security: a review](https://www.reddit.com/r/netsec/comments/1idnsqk/webassembly_and_security_a_review/) + - [ ] [A short Introduction to BloodHound Custom Queries](https://www.reddit.com/r/netsec/comments/1idlm4q/a_short_introduction_to_bloodhound_custom_queries/) + - [ ] [CVE-2024-46506: Unauthenticated RCE in NetAlertx](https://www.reddit.com/r/netsec/comments/1idsuzx/cve202446506_unauthenticated_rce_in_netalertx/) +- netsecstudents: Subreddit for students studying Network Security and its related subjects + - [ ] [GCP Red Teaming / Pentesting Certifications](https://www.reddit.com/r/netsecstudents/comments/1idjlk4/gcp_red_teaming_pentesting_certifications/) +- Security Affairs + - [ ] [DeepSeek database exposed highly sensitive information](https://securityaffairs.com/173666/data-breach/deepseek-db-exposed-highly-sensitive-information.html) + - [ ] [TeamViewer fixed a vulnerability in Windows client and host applications](https://securityaffairs.com/173658/security/teamviewer-windows-client-flaw.html) + - [ ] [Operation Talent: An international law enforcement operation seized Cracked, Nulled and other cybercrime websites](https://securityaffairs.com/173651/cyber-crime/operation-talent-seized-cracked-nulled-cybercrime-websites.html) + - [ ] [PHP package Voyager flaws expose to one-click RCE exploits](https://securityaffairs.com/173646/hacking/php-package-voyager-flaws.html) + - [ ] [Italy’s Data Protection Authority Garante requested information from Deepseek](https://securityaffairs.com/173637/digital-id/italys-garante-requested-information-from-deepseek.html) +- Deep Web + - [ ] [My friend stumbled upon these while gliding at dark web.](https://www.reddit.com/r/deepweb/comments/1idlmuj/my_friend_stumbled_upon_these_while_gliding_at/) +- Security Weekly Podcast Network (Audio) + - [ ] [Cred Vaults, Cheap AI, and Hacking Devices - Matt Bishop - PSW #859](http://sites.libsyn.com/18678/cred-vaults-cheap-ai-and-hacking-devices-matt-bishop-psw-859) diff --git a/archive/tmp/2025-01-31.json b/archive/tmp/2025-01-31.json new file mode 100644 index 0000000000..ea7e1cd14c --- /dev/null +++ b/archive/tmp/2025-01-31.json @@ -0,0 +1,443 @@ +{ + "SecWiki News": { + "SecWiki News 2025-01-30 Review": "http://www.sec-wiki.com/?2025-01-30" + }, + "bunnie's blog": { + "Name that Ware, January 2025": "https://www.bunniestudios.com/blog/2025/name-that-ware-january-2025/", + "Winner, Name that Ware December 2024": "https://www.bunniestudios.com/blog/2025/winner-name-that-ware-december-2024/" + }, + "Security Boulevard": { + "2025 predictions: Security industry": "https://securityboulevard.com/2025/01/2025-predictions-security-industry/", + "Preparing for PCI DSS 4.0: How Sonatype SBOM Manager can streamline and accelerate your transition": "https://securityboulevard.com/2025/01/preparing-for-pci-dss-4-0-how-sonatype-sbom-manager-can-streamline-and-accelerate-your-transition/", + "Trust in Cloud Security with Effective Secrets Rotation": "https://securityboulevard.com/2025/01/trust-in-cloud-security-with-effective-secrets-rotation/", + "Innovative PAM Strategies for Modern Enterprises": "https://securityboulevard.com/2025/01/innovative-pam-strategies-for-modern-enterprises/", + "Advancing Cloud Compliance with Proactive Measures": "https://securityboulevard.com/2025/01/advancing-cloud-compliance-with-proactive-measures/", + "Hiya AI Phone App Protects Against Deepfakes, Other Scams": "https://securityboulevard.com/2025/01/hiya-ai-phone-app-protects-against-deepfakes-other-scams/", + "DEF CON 32 – Color Blasted Badge Making: How Hard Could It Be": "https://securityboulevard.com/2025/01/def-con-32-color-blasted-badge-making-how-hard-could-it-be/", + "2025’s Top Five Trends in Identity Verification": "https://securityboulevard.com/2025/01/2025s-top-five-trends-in-identity-verification/", + "Next Steps from the PCI Council’s SAQ-A Update: Critical Responsibilities and Opportunities for PSPs": "https://securityboulevard.com/2025/01/next-steps-from-the-pci-councils-saq-a-update-critical-responsibilities-and-opportunities-for-psps/", + "Assessing the New SAQ-A Changes: Insights for QSAs": "https://securityboulevard.com/2025/01/assessing-the-new-saq-a-changes-insights-for-qsas/" + }, + "Hacking Articles": { + "AD Recon: Kerberos Username Bruteforce": "https://www.hackingarticles.in/ad-recon-kerberos-username-bruteforce/" + }, + "Sukka's Blog": { + "2024:浏览器从 A 到 Z": "https://blog.skk.moe/post/2024-browser-from-a-to-z/" + }, + "Doonsec's feed": { + "秦安:特朗普“半夜清洗”,解雇17名检察长,成三位一体反腐布局": "https://mp.weixin.qq.com/s?__biz=MzA5MDg1MDUyMA==&mid=2650476392&idx=1&sn=11cf99bd5faf07695e3ac89ec70c72aa", + "张志坤:巴拿马运河争夺战,真正目标是中国": "https://mp.weixin.qq.com/s?__biz=MzA5MDg1MDUyMA==&mid=2650476392&idx=2&sn=4135a1c0538e4e13d4e225ad3de60ac2", + "牟林:关于无人武器作战的战略思考": "https://mp.weixin.qq.com/s?__biz=MzA5MDg1MDUyMA==&mid=2650476392&idx=3&sn=c0854894545a61159ff4423409fe77fe", + "牟林:靠征关税致富做得到吗?": "https://mp.weixin.qq.com/s?__biz=MzA5MDg1MDUyMA==&mid=2650476392&idx=4&sn=a54df395e2fe825567a13f177b2f1ed2", + "Loggy - Introduce to reverseing golang binary": "https://mp.weixin.qq.com/s?__biz=Mzg4NzU4MDE5NQ==&mid=2247484272&idx=1&sn=b38cb2dd664786c222e314a789b7da40", + "byd红客": "https://mp.weixin.qq.com/s?__biz=MzkyNTQ0OTYxOQ==&mid=2247483988&idx=1&sn=5b25e95ccbd765424198f50243e7edf7", + "【速报】github 挂了?(世界就是一个巨大的草台班子)": "https://mp.weixin.qq.com/s?__biz=Mzg4NzgzMjUzOA==&mid=2247485449&idx=1&sn=2e621cb2afe5e511ac88f055da981272", + "Kali下安装与使用BeEF:反射型与存储型XSS攻击、Cookie会话劫持、键盘监听及浏览器操控技巧": "https://mp.weixin.qq.com/s?__biz=MzU2MTc4NTEyNw==&mid=2247486453&idx=1&sn=cd3057994dfa4e6a29c9d70b342f9e8a", + "起": "https://mp.weixin.qq.com/s?__biz=MzAwMjQ2NTQ4Mg==&mid=2247496866&idx=1&sn=50672ddfb00ba89a961f457c1121f0f1", + "(吃瓜)Github疑似遭受ddos攻击": "https://mp.weixin.qq.com/s?__biz=MzkzNjczNzEyMw==&mid=2247484164&idx=1&sn=0e0f18f1790d8e9a2fd97d76ed9ff8eb", + "特朗普“午夜清洗”:17名监察长“下马”,法律争议“炸锅": "https://mp.weixin.qq.com/s?__biz=MzkwNzM0NzA5MA==&mid=2247505045&idx=1&sn=d3b57f2d70f4497ba9e6bd0d3792b39b", + "印度卫星对接成功:技术存在局限性": "https://mp.weixin.qq.com/s?__biz=MzkwNzM0NzA5MA==&mid=2247505045&idx=2&sn=1f9e6ca2b9e492d72bd16233e83dcf9c", + "大家一起ddos白宫": "https://mp.weixin.qq.com/s?__biz=MzkyOTQzNjIwNw==&mid=2247491639&idx=1&sn=ea6a2bb14d619f5834396d7fe8ebf609", + "研究完威胁分类,才发现我们平时谈的“以威胁为中心”都是假的!": "https://mp.weixin.qq.com/s?__biz=MzAxOTk3NTg5OQ==&mid=2247492288&idx=1&sn=4a85f9ccfbc35e9f52f817bc25f4ce10", + "世界需要一个能谋善断的AI(三)决策的厚重:人类世界是如何被“选择”塑造的?": "https://mp.weixin.qq.com/s?__biz=MzAxOTk3NTg5OQ==&mid=2247492288&idx=2&sn=416787d4505f6a7bf562f91bcf9f37cd", + "DeepSeek-R1:通过强化学习激励LLM的推理能力": "https://mp.weixin.qq.com/s?__biz=MjM5OTk4MDE2MA==&mid=2655264879&idx=1&sn=74c7f7b47fbb79364c8dc55264481f92", + "分享图片": "https://mp.weixin.qq.com/s?__biz=MzI3Njc1MjcxMg==&mid=2247494399&idx=1&sn=21a59287adb50dc4b945b2325e795fe4", + "SpiderX-V2.0发布 解锁JS加密新姿势攻防武器": "https://mp.weixin.qq.com/s?__biz=MzkxOTU3MDY4MQ==&mid=2247484842&idx=1&sn=29eca64227216346731e46e212de2a92", + "量子计算机时代的汽车系统的嵌入式安全": "https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247620255&idx=1&sn=610c3bff71970b4fbc041a0177ee93fd", + "揭开人工智能在交通网络安全中的神秘面纱": "https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247620255&idx=2&sn=c361a268b2ef526cf5e44433248d1d13", + "车辆网络处理器上的后量子安全启动": "https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247620255&idx=3&sn=ee30d942f28072654d6b335624aea228", + "新年开工啦": "https://mp.weixin.qq.com/s?__biz=MzIzODMyMzQxNQ==&mid=2247484490&idx=1&sn=379870838aa89954061ce91a8fe22392", + "揭秘土耳其“红皮书”:真相还是阴谋?": "https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650559341&idx=1&sn=517465083ba598dcfc9d243a3f11d1c9", + "中亚新位置:美国到底是“机遇”还是“陷阱”?": "https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650559341&idx=2&sn=58f2aa6cb8bf4e2d52982ba4dc461e34", + "深入浅出API测试|搜集分析与漏洞挖掘实战": "https://mp.weixin.qq.com/s?__biz=MzIzMTIzNTM0MA==&mid=2247496981&idx=1&sn=1b88708a474086d96cf22a9428c93835", + "网络运维工程师如何高效运维数据中心,记住这6条定律!": "https://mp.weixin.qq.com/s?__biz=MzUyNTExOTY1Nw==&mid=2247528027&idx=1&sn=bb96422660e09519af965fecc213d4cf", + "春节假期7个基本网络安全提示": "https://mp.weixin.qq.com/s?__biz=MzA5MzU5MzQzMA==&mid=2652114269&idx=1&sn=731f251283d6f584e16dd15c5f0f1b4f", + "为什么DDoS攻击如此致命?": "https://mp.weixin.qq.com/s?__biz=MzIyMzIwNzAxMQ==&mid=2649464754&idx=1&sn=df89b63da565ca06f6419c818442ef13", + "利用DeepSeek进行java代码审计,好用!": "https://mp.weixin.qq.com/s?__biz=MzkxNjQyODY5MA==&mid=2247487042&idx=1&sn=256d32002fcf342d7770b39c1d41f695", + "收藏 | dotNet安全矩阵 2024 年度目标权限维持阶段文章和工具汇总": "https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498569&idx=1&sn=a273094850e815c5dccaf5c9fbb7956f", + "国内最专业、最全面的 [ .NET 代码审计 ] 体系化学习交流社区": "https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498569&idx=2&sn=efe5abab1b53aa0c37945f18fbfb5043", + "收藏 | dotNet安全矩阵 2024 年度外网入口打点阶段文章和工具汇总": "https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498569&idx=3&sn=b5363f2569c8b2f819bc9d52cc71cc79", + "2024年,安全厂商为什么这么惨?": "https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485482&idx=1&sn=ccf61766565e0badd0172f57ee1728f1", + "【干货原创】实网攻防演习常态化,会带来什么变化01": "https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485482&idx=4&sn=919cc9d33961ed8e6a35eede596478de", + "【干货原创】K12教育,鲜为人知的模式秘密": "https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485482&idx=5&sn=bf335b4022071ba93823b812090acee6", + "原创文章目录": "https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485482&idx=6&sn=3ff7227d97237b358e80b064be4215f2", + "四川大学网安少年班": "https://mp.weixin.qq.com/s?__biz=Mzg4NDg3NjE5MQ==&mid=2247485616&idx=1&sn=5255daa9a5e28be2c73d156eeb167ad5", + "世界经济论坛《2025年全球网络安全展望》报告一览": "https://mp.weixin.qq.com/s?__biz=MzU0MDc5ODM0Mg==&mid=2247484780&idx=1&sn=5c29954e85b159e98b2db3467a6f4281", + "【恭贺新春】企业级内网仿真「Thunder」免费开战!通关赢千元现金": "https://mp.weixin.qq.com/s?__biz=Mzg5MDc1MjY5Ng==&mid=2247493011&idx=1&sn=324fff14046b3d7b31e4f2827bccacfb", + "AI风险分析 | Grok提示词泄露前后暗藏玄机": "https://mp.weixin.qq.com/s?__biz=MzkyMTI0NjA3OA==&mid=2247494054&idx=1&sn=9122e0562bcad42ee707e0879b945aa1", + "针对DeepSeek的网络攻击再升级:僵尸网络进场 攻击指令激增上百倍u200b": "https://mp.weixin.qq.com/s?__biz=MzI4NDY2MDMwMw==&mid=2247513623&idx=1&sn=d0d49c0d4b6e85b4dd8aacd8623ca272", + "Offsec PG靶场-Pelican(OSCP考试)": "https://mp.weixin.qq.com/s?__biz=MzU5MjIzMDMzNg==&mid=2247484347&idx=1&sn=0c628f8609fa4badb4f81f1f90b3d305", + "六部门印发|关于完善数据流通安全治理 更好促进数据要素市场化价值化的实施方案": "https://mp.weixin.qq.com/s?__biz=MzIxNDIzNTcxMg==&mid=2247506759&idx=1&sn=851aa85a7e994c201ed3fa8c930ebe05", + "UbuntuServer24.04上使用NVIDIA GeForce RTX 4060Ti部署并训练DeepSeek R1大模型": "https://mp.weixin.qq.com/s?__biz=Mzg2MjYxODQ4Mw==&mid=2247484982&idx=1&sn=226d2daae237f9ead22b087b2611e457", + "干货 | 渗透测试以及checklist模板,附PDF免费下载!": "https://mp.weixin.qq.com/s?__biz=MzkxMzMyNzMyMA==&mid=2247570691&idx=1&sn=74eca2607d62024085a1edf27565aeef", + "DeepSeek遭暴力破解 攻击IP均来自美国": "https://mp.weixin.qq.com/s?__biz=MjM5MzMwMDU5NQ==&mid=2649170578&idx=1&sn=c79c88154ac6083c4d178ed4a123665b", + "奇安信:针对DeepSeek的网络攻击再升级! 僵尸网络进场,指令激增上百倍": "https://mp.weixin.qq.com/s?__biz=MjM5MzMwMDU5NQ==&mid=2649170578&idx=2&sn=19ad0e0ac08770adde15936cbc245f61", + "从创新环境看新质生产力发展": "https://mp.weixin.qq.com/s?__biz=MzI1OTExNDY1NQ==&mid=2651618932&idx=1&sn=829c061c8fe0ac244f869355102c255f", + "僵尸网络进场,针对 DeepSeek 网络攻击再升级": "https://mp.weixin.qq.com/s?__biz=MzU0NDk0NTAwMw==&mid=2247624774&idx=1&sn=5c438a523258d18082e4918e22ff51c9", + "惊魂72小时:一场席卷Linux世界的巨大威胁是如何被阻止的": "https://mp.weixin.qq.com/s?__biz=MzI5MjY4MTMyMQ==&mid=2247489858&idx=1&sn=01a4503fd428692055c9a137cd9bb0a8", + "比特币链上大周期投资指导方案": "https://mp.weixin.qq.com/s?__biz=MzI3NTcwNTQ2Mg==&mid=2247487630&idx=1&sn=532f51f67ceab5e41324cbf9a80d0432", + "秒达工具箱:各种开发者必备的工具集合,支持Docker部署": "https://mp.weixin.qq.com/s?__biz=MzA4MjkzMTcxMg==&mid=2449046776&idx=1&sn=c7985da37fee0d92ef3585fa526b3ba5", + "DeepSeek 数据库被攻击,国外团队已公开披露漏洞": "https://mp.weixin.qq.com/s?__biz=Mzg4MTkwMTI5Mw==&mid=2247488775&idx=1&sn=2b8f2e1154eb0de5e1422589ee7b4f95", + "旧知新话说“标识”之心意篇:标识助力物流信息可追溯": "https://mp.weixin.qq.com/s?__biz=MzU1OTUxNTI1NA==&mid=2247592366&idx=1&sn=28ab8739af2ccfaae353c286890cde3f", + "DeepSeek 开源免费,大洋彼岸直接急了": "https://mp.weixin.qq.com/s?__biz=MzIzNjU5NDE2MA==&mid=2247490177&idx=1&sn=8c3da180f37e24bb83cc20d6168c694a", + "可能这就是你deepseek无法访问的原因——deepseek 漏洞(已修复)": "https://mp.weixin.qq.com/s?__biz=Mzk0MDY2NTY5Mw==&mid=2247485665&idx=1&sn=ce7d065feabad43d7bd144eb57ba1115", + "小日子已经被deepseek折服——日媒:DeepSeek模型以简单方法实现高性能": "https://mp.weixin.qq.com/s?__biz=Mzk0MDY2NTY5Mw==&mid=2247485665&idx=2&sn=3648dc775f70e3d481072e9e72b21a84", + "FtC4Wraiths CTF战队招募令:成为幽灵,掌控战场!": "https://mp.weixin.qq.com/s?__biz=Mzk0NjQ2NzQ0Ng==&mid=2247485011&idx=1&sn=eab2c10d8fcd6cc7e3fbdff694b4cd7a", + "【2025-01-30】黑客新闻摘要": "https://mp.weixin.qq.com/s?__biz=MzIzNDU5NTI4OQ==&mid=2247488390&idx=1&sn=3e958dfb1428d5b530c24db97201ea53", + "DeepSeek因软件供应链安全问题导致严重聊天记录数据泄漏": "https://mp.weixin.qq.com/s?__biz=MzkwOTM0MjI5NQ==&mid=2247488049&idx=1&sn=377ab6f02bf6685c6ecd606923242cc3", + "(吃瓜)刘农TV之渗透中遇到的神人运维": "https://mp.weixin.qq.com/s?__biz=MzkzNjczNzEyMw==&mid=2247484157&idx=1&sn=597aa22f30bf086e39d157e7ba9082ad", + "DeepSeek 大模型数据泄露被国外安全团队发现": "https://mp.weixin.qq.com/s?__biz=MzU4NDY3MTk2NQ==&mid=2247491067&idx=1&sn=53535c35ef941d31f4d587b0cbd426e6", + "利用 Unicode 溢出绕过字符阻止列表": "https://mp.weixin.qq.com/s?__biz=MzAxMjYyMzkwOA==&mid=2247527393&idx=1&sn=c9213875c652ac0318560b3966348226", + "幻影行动:朝鲜的全球数据渗透运动": "https://mp.weixin.qq.com/s?__biz=MzAxMjYyMzkwOA==&mid=2247527393&idx=2&sn=9923de4ef6d306281ce4fb13f253af1d", + "Operation Talent:FBI 查获 Nulled.to、Cracked.to、Sellix.io 等": "https://mp.weixin.qq.com/s?__biz=MzAxMjYyMzkwOA==&mid=2247527393&idx=3&sn=2949b5b96b17ce834ae88fc78313dbb7", + "nt-load-order 第二部分 - 你想知道的更多内容": "https://mp.weixin.qq.com/s?__biz=MzAxODM5ODQzNQ==&mid=2247486806&idx=1&sn=cb4a4fbf16cf2ff7c0a99333cf155ca8", + "资讯 | DeepSeek被曝数据泄漏": "https://mp.weixin.qq.com/s?__biz=Mzg4MDkyMTE4OQ==&mid=2247489001&idx=1&sn=e965d2b7151b3b51e0b48dc264cc7cd2", + "DeepSeek被海外曝出严重聊天记录数据泄漏问题": "https://mp.weixin.qq.com/s?__biz=MzIyOTAxOTYwMw==&mid=2650236959&idx=1&sn=0024f87794598ce60e345aa728e8a771", + "真假": "https://mp.weixin.qq.com/s?__biz=MzAwMjQ2NTQ4Mg==&mid=2247496860&idx=1&sn=dac3717d63b7496fc260f3d91e4d5ec0", + "越权漏洞实战漏洞报告": "https://mp.weixin.qq.com/s?__biz=Mzk0NTg3ODYxNg==&mid=2247485094&idx=1&sn=300233e404ea534282f994bd51e38594", + "功能强大的XSS自动化扫描器": "https://mp.weixin.qq.com/s?__biz=MzkyNzIxMjM3Mg==&mid=2247489193&idx=1&sn=08b43c401df76f44cf749c44eb4af9c6", + "有网安需求记得找我": "https://mp.weixin.qq.com/s?__biz=MzkyNzIxMjM3Mg==&mid=2247489193&idx=2&sn=6c2c55bb757aa67cc9f21a6b40c6df40", + "30 - 使用DInvoke和Sliver规避OpenEDR并提升权限": "https://mp.weixin.qq.com/s?__biz=MzI4NTcxMjQ1MA==&mid=2247615412&idx=1&sn=3c8990ffa72d3496df8110af3260a080", + "代码审计 | 如何获取CVE漏洞编号": "https://mp.weixin.qq.com/s?__biz=MzUyODkwNDIyMg==&mid=2247547534&idx=1&sn=89f840ad1397911a18d5776cb54ed32c", + "俄罗斯APT组织 RomCom 再次出击,针对乌克兰政府和波兰实体的网络攻击升级!": "https://mp.weixin.qq.com/s?__biz=Mzg3OTYxODQxNg==&mid=2247485658&idx=1&sn=1811ccb336bf5596bc0376a10ebe3cbe", + "deepseek写的对联,总感觉有点不对劲🐶": "https://mp.weixin.qq.com/s?__biz=MzkzNDIzNDUxOQ==&mid=2247494633&idx=1&sn=644193027ce66213cffde32a42bad868", + "【已修复】DeepSeek数据库暴露,泄露包括聊天记录在内的敏感信息": "https://mp.weixin.qq.com/s?__biz=MzkzNDIzNDUxOQ==&mid=2247494633&idx=2&sn=62ef49860992fd84fbebc9fbae2d8839", + "Wiz研究发现暴露的DeepSeek数据库泄露敏感信息,包括聊天记录": "https://mp.weixin.qq.com/s?__biz=MzkxNjMwNDUxNg==&mid=2247487248&idx=1&sn=24a5ae9036da7d03afb83c9dd679255b", + "🐍年好~~嘶嘶嘶": "https://mp.weixin.qq.com/s?__biz=MzU4Mzc4MDQyOQ==&mid=2247484414&idx=1&sn=0caae77933f7012d33420541deab9019", + "【2025春节】解题领红包活动开始喽,解出就送论坛币!\\\\n\\\\n第一题送分题有手就行(不需有脑,已有 1376 位会员完成此任务)。\\\\n\\\\n第二题 Windows 初级题 14点整 上线,题目很简单,如果你对逆向分析感兴趣,不妨借此机会自学尝试,让这次活动真正成为你技能提升的阶梯。": "https://mp.weixin.qq.com/s?__biz=MjM5Mjc3MDM2Mw==&mid=2651141658&idx=1&sn=11067b00a771b8ee9bd4c4d0da1e8908", + "当DDoS成为DeepSeek的进化催化剂": "https://mp.weixin.qq.com/s?__biz=MzUzNjkxODE5MA==&mid=2247488198&idx=1&sn=294befdcf4fe9033a98c6148815a0ec1", + "初二娘家暖 祥蛇护亲安": "https://mp.weixin.qq.com/s?__biz=MzU0MjEwNTM5Ng==&mid=2247520422&idx=1&sn=ca4a601872c8ca514160ea4117463939", + "本地部署 deepseek-r1 模型": "https://mp.weixin.qq.com/s?__biz=Mzk0MzY3MDE5Mg==&mid=2247484010&idx=1&sn=d298326b0ef79202e6e0093216ebaa82", + "美军对DeepSeek“出手”了!DeepSeek遭恶意攻击,攻击IP均来自美国!": "https://mp.weixin.qq.com/s?__biz=MzAwMjA5OTY5Ng==&mid=2247525698&idx=1&sn=131f65bb9cab76e179f85720d4c77212", + "大年初二 | 金蛇迎春,福“巳”绵延": "https://mp.weixin.qq.com/s?__biz=MzA4MTg0MDQ4Nw==&mid=2247579270&idx=1&sn=07b4d333a5b2f57048e51d6aa8cc4224", + "太丢人了": "https://mp.weixin.qq.com/s?__biz=Mzg5NjY4NDg1Nw==&mid=2247483948&idx=1&sn=c78c4f6b64f4e732bb3fcbe3684d3819", + "DeepSeek与其他大模型网络安全领域测评": "https://mp.weixin.qq.com/s?__biz=Mzg4NDg3NjE5MQ==&mid=2247485615&idx=1&sn=2faa9a9f50deaf18f69117424391d9a5", + "多次加密攻击": "https://mp.weixin.qq.com/s?__biz=MzI1NzUxOTUzMA==&mid=2247485786&idx=1&sn=ef2f09bcc5eb7ecad5b545295bf5be21", + "2025网络暴露危机报告:45%第三方应用越权访问用户数据": "https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651313208&idx=1&sn=21db4a4d88530fd63cdb722001dad229", + "Banshee Stealer新变种正借Apple XProtect加密技术躲避杀毒软件": "https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651313208&idx=2&sn=428f13d4f84f8d084d6730cfab69b9cb", + "上千个恶意域名正在仿冒Reddit和WeTransfer": "https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651313208&idx=3&sn=e2d553ae7f7a6dab81dc2d0f81f9d42f", + "如何使用LDAPX动态检查和转换LDAP数据包": "https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651313208&idx=4&sn=d1471190e17067ad31fd0a762ad813d1", + "Redis数据库主从复制RCE影响分析": "https://mp.weixin.qq.com/s?__biz=MjM5MjEyMTcyMQ==&mid=2651037457&idx=1&sn=32e47044585804b9f31934fb3a7a3f5c", + "大年初二 画蛇添福": "https://mp.weixin.qq.com/s?__biz=Mzg2MTU5ODQ2Mg==&mid=2247507174&idx=1&sn=af46b8c1bdd9e12e5913225f518e1e09", + "新年新挑战,红日安全不打烊!携手同行,保障数字世界,迎接无限机遇!💻💼": "https://mp.weixin.qq.com/s?__biz=MzI4NjEyMDk0MA==&mid=2649851771&idx=1&sn=e32da143725cb1281d784159a2d92a85", + "数字取证之数据收集u200c": "https://mp.weixin.qq.com/s?__biz=MjM5OTk4MDE2MA==&mid=2655264859&idx=1&sn=5157da074859752737fca3e1377e830b", + "公众号爆款突破10万+是种什么体验?": "https://mp.weixin.qq.com/s?__biz=Mzk0MTI4NTIzNQ==&mid=2247492229&idx=1&sn=fb6516c2c50768440203194bf072ef8f", + "网安原创文章推荐【2025/1/29】": "https://mp.weixin.qq.com/s?__biz=MzAxNzg3NzMyNQ==&mid=2247489523&idx=1&sn=b774285745567a078a25412d369d42e3", + "Qwen 2.5横空出世:阿里大模型超越DeepSeek-V3": "https://mp.weixin.qq.com/s?__biz=Mzk0ODY1NzEwMA==&mid=2247486600&idx=1&sn=8759e5cb59a7ae3a10f4e360ae1343c8", + "DeepSeek已遭美西方全面围剿:各种放大后的问题及恶意舆论接踵而至": "https://mp.weixin.qq.com/s?__biz=MzkyMjQ5ODk5OA==&mid=2247507157&idx=1&sn=705ed2698837c80532fbdcaa33a20411", + "暗网情报6则:阿根廷电信公司数据泄露-260G登录凭证兜售-以色列国家安全部遭黑": "https://mp.weixin.qq.com/s?__biz=MzkyMjQ5ODk5OA==&mid=2247507157&idx=2&sn=32183d1acca665f6055c418febf0b72a", + "5th域安全微讯早报【20250130】026期": "https://mp.weixin.qq.com/s?__biz=MzkyMjQ5ODk5OA==&mid=2247507157&idx=3&sn=678b70aba584829d92026c69f41dad6a", + "DeepSeek与ChatGPT代码审计能力对比与分析": "https://mp.weixin.qq.com/s?__biz=MzU5OTMxNjkxMA==&mid=2247488582&idx=1&sn=48f04da2ac9254f4e9bcaba0a14431a5", + "ScanV、ScanA:监测违规防患,事件安全无虞": "https://mp.weixin.qq.com/s?__biz=MjM5NzA3Nzg2MA==&mid=2649870840&idx=1&sn=eb6c30950bf84dd86835312726abf657", + "阿里巴巴发布Qwen 2.5系列新模型,宣称超越 DeepSeek-V3": "https://mp.weixin.qq.com/s?__biz=Mzg4Njc1MTIzMw==&mid=2247485776&idx=1&sn=73a8b2ee13adf483ccc862bea60a6657", + "知识星球持续更新": "https://mp.weixin.qq.com/s?__biz=Mzg4Njc1MTIzMw==&mid=2247485776&idx=2&sn=6cab966e4a4f99fd7f1a7f60f7177a88", + "大年初二丨安天睿甲给您拜年了": "https://mp.weixin.qq.com/s?__biz=MjM5MTA3Nzk4MQ==&mid=2650209904&idx=1&sn=2d3424335c5408deda2ab07b51876c54", + "初二 | 愿家人和和美美,吉祥安康!": "https://mp.weixin.qq.com/s?__biz=MzU4NjY4MDAyNQ==&mid=2247497079&idx=1&sn=081d5bd8e78c90a7d1bcba0e251b48ea", + "记一次绕过阿里云waf与某不知名waf的双waf上传getshell": "https://mp.weixin.qq.com/s?__biz=Mzk0Mzc1MTI2Nw==&mid=2247487348&idx=1&sn=2c7a4d59b64392a92053475c8096f285", + "正月初二| 有蛇有得 团团圆圆": "https://mp.weixin.qq.com/s?__biz=MzI2MzU0NTk3OA==&mid=2247506081&idx=1&sn=c7bc814576e63a573c12fae1a2f9aefe", + "捷普基础产品线,守护基础设施安全": "https://mp.weixin.qq.com/s?__biz=MzI2MzU0NTk3OA==&mid=2247506081&idx=2&sn=95cf7a673991ce095ee9525401f5f855", + "【焕新领先】捷普下一代防火墙": "https://mp.weixin.qq.com/s?__biz=MzI2MzU0NTk3OA==&mid=2247506081&idx=3&sn=0776637513dd08e8549e6e036951db3e", + "ISO 45001: 2018 标准详解与实施(11)6.1.3 法律法规要求和其他要求的确定": "https://mp.weixin.qq.com/s?__biz=MzA5OTEyNzc1Nw==&mid=2247486050&idx=1&sn=2750be0dbb0d7015b92061bb993add86", + "初二": "https://mp.weixin.qq.com/s?__biz=MzUyMjAyODU1NA==&mid=2247491947&idx=1&sn=1d01beee8ad4061189c478e349ef78d7", + "DeepSeek的强大,一句话让AI帮我写了个程序-流量安全分析研判工具": "https://mp.weixin.qq.com/s?__biz=MzkxMTUwOTY1MA==&mid=2247490145&idx=1&sn=a932062265ad24982beeee1706d70d4d", + "大年初二 | 金蛇纳福,好事成双": "https://mp.weixin.qq.com/s?__biz=MzA3OTMxNTcxNA==&mid=2650963505&idx=1&sn=b6d789ba930e09c363ebc1f9444849d6", + "正月初二归家暖!亚信安全祝大家蛇全蛇美,蛇行大运": "https://mp.weixin.qq.com/s?__biz=MjM5NjY2MTIzMw==&mid=2650620959&idx=1&sn=7d3ca2f816e618a8e9e764ebd74f3644", + "大年初二 二龙腾飞": "https://mp.weixin.qq.com/s?__biz=MjM5NzE0NTIxMg==&mid=2651135289&idx=1&sn=ccfa447f9bf7ccfdf2f578f6b4f71e1d", + "大年初二 | 眉开眼笑回娘家": "https://mp.weixin.qq.com/s?__biz=Mzk0MDQ5MTQ4NA==&mid=2247487428&idx=1&sn=7f6bc2eb6c48e2d05a319a51de44f0c3", + "CIO启示录:技术管理如何突破效率天花板": "https://mp.weixin.qq.com/s?__biz=Mzg4Nzk3MTg3MA==&mid=2247487724&idx=1&sn=992966ac782bfff5f58a78669566cd34", + "2025常见的网络安全服务大全(汇总详解)": "https://mp.weixin.qq.com/s?__biz=MzIwMzIyMjYzNA==&mid=2247517988&idx=1&sn=71db8ddc34dbb5bd2e9fce7b232edaaf", + "初二:好运连连": "https://mp.weixin.qq.com/s?__biz=MzU0NDk0NTAwMw==&mid=2247624762&idx=1&sn=47241d7f7296e0089b5da756046322f0", + "初二|燃炮迎春盼福至 网站弹窗鉴虚实": "https://mp.weixin.qq.com/s?__biz=MzkxNDY0MjMxNQ==&mid=2247532957&idx=1&sn=9932467d97cae7cd76bdb1790358e7cc", + "【初二】安全一路相随 团聚近在眼前": "https://mp.weixin.qq.com/s?__biz=MjM5NTE0MjQyMg==&mid=2650624574&idx=1&sn=d10e6d1823438874c6e7929eb90b1e97", + "2025年最可能的五种网络攻击,你的企业准备好了吗?": "https://mp.weixin.qq.com/s?__biz=Mzg4NDc0Njk1MQ==&mid=2247487182&idx=1&sn=3c76f4710e63ed2414babafceda9eec1", + "诸葛亮教你如何应对APT攻击": "https://mp.weixin.qq.com/s?__biz=MzAwMjQ2NTQ4Mg==&mid=2247496849&idx=1&sn=d3276fd13b7a991e2e1c5cbbb41a3b4c", + "国自然中标真不难!十年评审专家1v1精修你的本子,中标率提升58%": "https://mp.weixin.qq.com/s?__biz=MzAwMjQ2NTQ4Mg==&mid=2247496849&idx=2&sn=41d0f5a68ff64924994dc39112bf9672", + "初二 | 姻缘美满": "https://mp.weixin.qq.com/s?__biz=MzIxNTQxMjQyNg==&mid=2247493741&idx=1&sn=e36485b394ed47daf3a04225998efbe1" + }, + "Recent Commits to cve:main": { + "Update Thu Jan 30 20:25:02 UTC 2025": "https://github.com/trickest/cve/commit/630b95e7243b0245cde3df59fe484976ce30e2ee", + "Update Thu Jan 30 12:18:33 UTC 2025": "https://github.com/trickest/cve/commit/6d2f59a5338e9b0f9fda557d99080a0f50fd20af", + "Update Thu Jan 30 04:17:50 UTC 2025": "https://github.com/trickest/cve/commit/9cf77fc7fab952fdfcbf1e41b07c41bd3ecd8cd6" + }, + "Armin Ronacher's Thoughts and Writings": { + "How I Use AI: Meet My Promptly Hired Model Intern": "http://lucumr.pocoo.org/2025/1/30/how-i-ai" + }, + "Trustwave Blog": { + "How Trustwave’s Fusion Platform Analyzes Ransomware Tactics in the Energy Sector: A Comprehensive Overview": "https://www.trustwave.com/en-us/resources/blogs/trustwave-blog/how-trustwaves-fusion-platform-analyzes-ransomware-tactics-in-the-energy-sector-a-comprehensive-overview/" + }, + "一个被知识诅咒的人": { + "【Python】深入探索Python元类:动态生成类与对象的艺术": "https://blog.csdn.net/nokiaguy/article/details/145397730", + "【Python】深入理解Python中的装饰器链:创建组合装饰器的技巧与实践": "https://blog.csdn.net/nokiaguy/article/details/145397710" + }, + "gynvael.coldwind//vx.log (en)": { + "On hackers, hackers, and hilarious misunderstandings": "https://gynvael.coldwind.pl/?id=799" + }, + "Flexera Blog - Feed": { + "Cyber-Resilience regulations are here—is your organization ready?": "https://www.flexera.com/blog/security/cyber-resilience-regulations-are-here-is-your-organization-ready/" + }, + "Private Feed for M09Ic": { + "safedv starred DebugPrivilege/InsightEngineering": "https://github.com/DebugPrivilege/InsightEngineering", + "LinuxJS started following M09Ic": "https://github.com/M09Ic" + }, + "Twitter @bytehx": { + "Re @CristiVlad25 @SynackRedTeam Yes!": "https://x.com/bytehx343/status/1884928882094268475", + "Thanks @SynackRedTeam": "https://x.com/bytehx343/status/1884926738385580064" + }, + "Trail of Bits Blog": { + "PyPI now supports archiving projects": "https://blog.trailofbits.com/2025/01/30/pypi-now-supports-archiving-projects/" + }, + "Reverse Engineering": { + "ReSym: Harnessing LLMs to Recover Variable and Data Structure Symbols from Stripped Binaries [PDF]": "https://www.reddit.com/r/ReverseEngineering/comments/1idxr88/resym_harnessing_llms_to_recover_variable_and/", + "Decompiling 2024: A Year of Resurgance in Decompilation Research": "https://www.reddit.com/r/ReverseEngineering/comments/1idb0wg/decompiling_2024_a_year_of_resurgance_in/", + "arm64 PC-relative addressing fun": "https://www.reddit.com/r/ReverseEngineering/comments/1idmknl/arm64_pcrelative_addressing_fun/", + "College Survey on AI-Enhanced Phishing and Cybersecurity Training Effectiveness": "https://www.reddit.com/r/ReverseEngineering/comments/1idq68v/college_survey_on_aienhanced_phishing_and/" + }, + "Malware-Traffic-Analysis.net - Blog Entries": { + "2025-01-30: XLoader infection": "https://www.malware-traffic-analysis.net/2025/01/30/index.html" + }, + "Malwarebytes": { + "Microsoft advertisers phished via malicious Google ads": "https://www.malwarebytes.com/blog/cybercrime/2025/01/microsoft-advertisers-phished-via-malicious-google-ads", + "The DeepSeek controversy: Authorities ask where does the data come from and how safe is it?": "https://www.malwarebytes.com/blog/news/2025/01/the-deepseek-controversy-authorities-ask-where-the-data-comes-from-and-where-it-goes" + }, + "Intigriti": { + "Power of the collective: Investing in the security researcher community for shared success": "https://www.intigriti.com/blog/business-insights/power-of-the-collective-investing-in-the-security-researcher-community-for-shared" + }, + "Securelist": { + "No need to RSVP: a closer look at the Tria stealer campaign": "https://securelist.com/tria-stealer-collects-sms-data-from-android-devices/115295/" + }, + "Project Zero": { + "Windows Bug Class: Accessing Trapped COM Objects with IDispatch": "https://googleprojectzero.blogspot.com/2025/01/windows-bug-class-accessing-trapped-com.html", + "Windows Exploitation Tricks: Trapping Virtual Memory Access (2025 Update)": "https://googleprojectzero.blogspot.com/2025/01/windows-exploitation-tricks-trapping.html" + }, + "rtl-sdr.com": { + "Jeff Geerling Explores the CaribouLite Raspberry Pi Hat": "https://www.rtl-sdr.com/jeff-geerling-explores-the-cariboulite-raspberry-pi-hat/", + "The Taylorator: Flooding the Broadcast FM Band with Taylor Swift Songs using a LimeSDR": "https://www.rtl-sdr.com/the-taylorator-flooding-the-broadcast-fm-band-with-taylor-swift-songs-using-a-limesdr/", + "Video on the Basics of SDR for Hackers": "https://www.rtl-sdr.com/video-on-the-basics-of-sdr-for-hackers/" + }, + "奇客Solidot–传递最新科技情报": { + "美国版权局称 AI 辅助作品如果包含足够的人类创意可获得版权保护": "https://www.solidot.org/story?sid=80451", + "LibreOffice 下载量突破 4 亿": "https://www.solidot.org/story?sid=80450", + "Debian 项目停止在 X 上发推": "https://www.solidot.org/story?sid=80449", + "Douglas Engelbart 诞辰 100 周年": "https://www.solidot.org/story?sid=80448" + }, + "FreeBuf网络安全行业门户": { + "DeepSeek AI数据库泄露:超百万条日志和密钥曝光": "https://www.freebuf.com/articles/420968.html" + }, + "Shostack & Friends Blog": { + "The Birth of the CVE System, on Hackers To Founders": "https://shostack.org/blog/hackers-to-founders/", + "Hoarding, Debt and Threat Modeling": "https://shostack.org/blog/hoarding-debt-and-threat-modeling/" + }, + "锦行科技": { + "初二 | 姻缘美满": "https://mp.weixin.qq.com/s?__biz=MzIxNTQxMjQyNg==&mid=2247493741&idx=1&sn=e36485b394ed47daf3a04225998efbe1&chksm=979a13c8a0ed9ade19f74ca917b1703c7b395367c03069fe1b164a21f581251495a707ffdfa8&scene=58&subscene=0#rd" + }, + "吾爱破解论坛": { + "【2025春节】解题领红包活动开始喽,解出就送论坛币!\n\n第一题送分题有手就行(不需有脑,已有 1376 位会员完成此任务)。\n\n第二题 Windows 初级题 14点整 上线,题目很简单,如果你对逆向分析感兴趣,不妨借此机会自学尝试,让这次活动真正成为你技能提升的阶梯。": "https://mp.weixin.qq.com/s?__biz=MjM5Mjc3MDM2Mw==&mid=2651141658&idx=1&sn=11067b00a771b8ee9bd4c4d0da1e8908&chksm=bd50a64e8a272f589319d04410866e550b8792cd73b49c0eecc8abb4df9996d504f306e3b43c&scene=58&subscene=0#rd" + }, + "安全分析与研究": { + "Fake CAPTCHA攻击技术": "https://mp.weixin.qq.com/s?__biz=MzA4ODEyODA3MQ==&mid=2247490238&idx=1&sn=f7929631aed8f88ecb74b428362ec4eb&chksm=902fb596a7583c80a17cb1f35f04930cd0fa4f66251be8f81b04a1801ee9d2f8725ffb4bda0c&scene=58&subscene=0#rd" + }, + "安全内参": { + "针对DeepSeek的网络攻击再升级:僵尸网络进场 攻击指令激增上百倍​": "https://mp.weixin.qq.com/s?__biz=MzI4NDY2MDMwMw==&mid=2247513623&idx=1&sn=d0d49c0d4b6e85b4dd8aacd8623ca272&chksm=ebfaf137dc8d782175c2209f64fe50b91bf2c7ff519b1be99b56d7f5f4f3171fe8cb575f539a&scene=58&subscene=0#rd" + }, + "Black Hills Information Security": { + "Questions From a Beginner Threat Hunter": "https://www.blackhillsinfosec.com/questions-from-a-beginner-threat-hunter/" + }, + "红日安全": { + "新年新挑战,红日安全不打烊!携手同行,保障数字世界,迎接无限机遇!💻💼": "https://mp.weixin.qq.com/s?__biz=MzI4NjEyMDk0MA==&mid=2649851771&idx=1&sn=e32da143725cb1281d784159a2d92a85&chksm=f3e4e9f8c49360ee9f066a43959bd3732de37e27ca245ce7717817dc356c25315b6e3cd90820&scene=58&subscene=0#rd" + }, + "M01N Team": { + "AI风险分析 | Grok提示词泄露前后暗藏玄机": "https://mp.weixin.qq.com/s?__biz=MzkyMTI0NjA3OA==&mid=2247494054&idx=1&sn=9122e0562bcad42ee707e0879b945aa1&chksm=c18429b7f6f3a0a16b65fc9b18ee5c979853c462ea1f43800abab53c6e5bc3e5d73dc9c1c540&scene=58&subscene=0#rd" + }, + "墨菲安全": { + "DeepSeek因软件供应链安全问题导致严重聊天记录数据泄漏": "https://mp.weixin.qq.com/s?__biz=MzkwOTM0MjI5NQ==&mid=2247488049&idx=1&sn=377ab6f02bf6685c6ecd606923242cc3&chksm=c13d7109f64af81f818a52b31171cec774bb86a531f1405b24c020869c281e0865f573e9c6a6&scene=58&subscene=0#rd" + }, + "360数字安全": { + "大年初二 | 金蛇迎春,福“巳”绵延": "https://mp.weixin.qq.com/s?__biz=MzA4MTg0MDQ4Nw==&mid=2247579270&idx=1&sn=07b4d333a5b2f57048e51d6aa8cc4224&chksm=9f8d268ea8faaf982879ec311f767c0e01c96d6b31f504cb5edd372b41e9ddedf3659c61e603&scene=58&subscene=0#rd" + }, + "白帽子章华鹏": { + "DeepSeek被海外曝出严重聊天记录数据泄漏问题": "https://mp.weixin.qq.com/s?__biz=MzIyOTAxOTYwMw==&mid=2650236959&idx=1&sn=0024f87794598ce60e345aa728e8a771&chksm=f04ad2a3c73d5bb52eb2a39504865a355749cee5228d9bcaa1078cab5387d5509791a0eafeb4&scene=58&subscene=0#rd" + }, + "迪哥讲事": { + "深入浅出API测试|搜集分析与漏洞挖掘实战": "https://mp.weixin.qq.com/s?__biz=MzIzMTIzNTM0MA==&mid=2247496981&idx=1&sn=1b88708a474086d96cf22a9428c93835&chksm=e8a5ff76dfd276605ae35037c735c6cb3cb39f0962d2b476be2284664584944a6e21d112112a&scene=58&subscene=0#rd" + }, + "Over Security - Cybersecurity news aggregator": { + "Backdoor found in two healthcare patient monitors, linked to IP in China": "https://www.bleepingcomputer.com/news/security/backdoor-found-in-two-healthcare-patient-monitors-linked-to-ip-in-china/", + "Lawmakers push for guardrails, deadline on cyber military study": "https://therecord.media/lawmakers-push-for-guardrails-deadline-cyber-force-study", + "Google blocked 2.36 million risky Android apps from Play Store in 2024": "https://www.bleepingcomputer.com/news/security/google-blocked-236-million-risky-android-apps-from-play-store-in-2024/", + "States with laws requiring data brokers to register are ramping up enforcement": "https://therecord.media/state-data-broker-registry-laws-fines-warnings", + "Gabbard grilled over Snowden comments during Senate confirmation hearing": "https://therecord.media/gabbard-grilled-over-snowden-comments-senate-confirmation-hearing", + "US Justice Department says cybercrime forum allegedly affected 17 million Americans": "https://techcrunch.com/2025/01/30/us-justice-department-says-cybercrime-forum-allegedly-affected-17-million-americans/", + "Defeating Future Threats Starts Today": "https://blog.talosintelligence.com/defeating-future-threats-starts-today/", + "Ransomware attack disrupts New York blood donation giant": "https://www.bleepingcomputer.com/news/security/ransomware-attack-disrupts-new-york-blood-donation-giant/", + "Infrastructure Laundering: Blending in with the Cloud": "https://krebsonsecurity.com/2025/01/infrastructure-laundering-blending-in-with-the-cloud/", + "Ransomware attack on New York Blood Center forces workarounds, drive cancellations": "https://therecord.media/ransomware-attack-new-york-blood-center-forces-workarounds", + "DeepSeek exposes database with over 1 million chat records": "https://www.bleepingcomputer.com/news/security/deepseek-exposes-database-with-over-1-million-chat-records/", + "International police coalition takes down two prolific cybercrime and hacking forums": "https://techcrunch.com/2025/01/30/international-police-coalition-takes-down-two-prolific-cybercrime-and-hacking-forums/", + "Police take down two large cybercrime forums, arrest suspects": "https://therecord.media/cybercrime-forums-cracked-nulled-takedowns-arrests", + "Major GitHub outage affects pull requests and other services": "https://www.bleepingcomputer.com/news/technology/major-github-outage-affects-pull-requests-and-other-services/", + "The Advantages of Cloud-Based Remote Desktop versus RDP over VPN": "https://www.bleepingcomputer.com/news/security/the-advantages-of-cloud-based-remote-desktop-versus-rdp-over-vpn/", + "(Un)Happy Trails": "https://bfore.ai/unhappy-trails-travel-related-scams-and-what-travel-vendors-can-do-to-protect-their-customers/", + "New Syncjacking attack hijacks devices using Chrome extensions": "https://www.bleepingcomputer.com/news/security/new-syncjacking-attack-hijacks-devices-using-chrome-extensions/", + "bedevil: Dynamic Linker Patching": "http://localhost:1313/posts/bedevil_dynamic_linker_patching/", + "Hack.lu: In-Depth Study of Linux Rootkits: Evolution, Detection, and Defense": "http://localhost:1313/talks/hack.lu_rootkits_2024/", + "Hack.lu: The Gist of Hundreds of Incident Response Cases": "http://localhost:1313/talks/hack.lu_gist_2024/", + "Reptile's Custom Kernel-Module Launcher": "http://localhost:1313/posts/reptile_launcher/", + "BSides Munich: /proc for Security Analysts": "http://localhost:1313/talks/bsides_munich_2024/", + "DeepSec: RAT Builders - How to catch them all": "http://localhost:1313/talks/deepsec_2024/", + "Shell Script Compiler (shc)": "http://localhost:1313/posts/shell_script_compiler/", + "Today I Learned - setfacl": "http://localhost:1313/posts/today_i_learned_setfacl/", + "Analysis of Python's .pth files as a persistence mechanism": "http://localhost:1313/posts/publish_python_pth_extension/", + "Tear Down The Castle - Part 1": "http://localhost:1313/posts/tear_down_castle_part_one/", + "Oh my .. ! - Suspicious network traffic detected including Ransomware": "http://localhost:1313/posts/suspicious_network_traffic_ransomware/", + "Tear Down The Castle - Part 2": "http://localhost:1313/posts/tear_down_castle_part_two/", + "Follow-Up: Alibaba’s Qwen2.5-VL Model is Also Vulnerable to Prompt Attacks": "https://www.kelacyber.com/blog/follow-up-alibabas-qwen2-5-vl-model-is-also-vulnerable-to-prompt-attacks/", + "Police seizes Cracked and Nulled hacking forum servers, arrests suspects": "https://www.bleepingcomputer.com/news/security/police-seizes-cracked-and-nulled-hacking-forum-servers-arrests-suspects/", + "Microsoft lifts Windows 11 update block for PCs with gaming issues": "https://www.bleepingcomputer.com/news/microsoft/microsoft-lifts-windows-11-update-block-for-pcs-with-gaming-issues/", + "Common OAuth Vulnerabilities": "https://blog.doyensec.com/2025/01/30/oauth-common-vulnerabilities.html", + "DeepSeek’s Growing Influence Sparks a Surge in Frauds and Phishing Attacks": "https://cyble.com/blog/deepseeks-growing-influence-sparks-a-surge-in-frauds-and-phishing-attacks/", + "Time Bandit ChatGPT jailbreak bypasses safeguards on sensitive topics": "https://www.bleepingcomputer.com/news/security/time-bandit-chatgpt-jailbreak-bypasses-safeguards-on-sensitive-topics/", + "Comunicare per proteggere: strategie e strumenti per implementare i requisiti ISO 27001": "https://www.cybersecurity360.it/legal/comunicare-per-proteggere-strategie-e-strumenti-per-implementare-i-requisiti-iso-27001/", + "Bilanciare i rischi di security beneficiando di tecnologie di AI: fra opportunità e rischi": "https://www.cybersecurity360.it/news/bilanciare-i-rischi-di-security-beneficiando-di-tecnologie-di-ai-fra-opportunita-e-rischi/", + "DeepSeek: i timori per la privacy e la cyber security": "https://www.cybersecurity360.it/cultura-cyber/deepseek-i-timori-per-la-privacy-e-la-cyber-security/", + "DeepSeek, serve cautela: ci sono pericoli per la sicurezza": "https://www.cybersecurity360.it/news/deepseek-usarlo-con-cautela-ci-sono-pericoli-per-la-sicurezza/", + "Smishing a tema Poste Italiane: i dettagli e come difendersi": "https://www.cybersecurity360.it/news/smishing-a-tema-poste-italiane-i-dettagli-e-come-difendersi/", + "Più cyber attacchi nel 2024. E nel 2025 il trend non si fermerà": "https://www.cybersecurity360.it/outlook/piu-cyber-attacchi-nel-2024-e-nel-2025-il-trend-non-si-fermera/", + "I cyber rischi in azienda che (anche) gli italiani non comprendono": "https://www.cybersecurity360.it/news/i-cyber-rischi-in-azienda-che-anche-gli-italiani-non-comprendono/", + "Le chat WhatsApp sono corrispondenza da tutelare: i paletti privacy della Cassazione": "https://www.cybersecurity360.it/news/le-chat-whatsapp-sono-corrispondenza-da-tutelare-i-paletti-privacy-della-cassazione/", + "Decentraleyes potenzia la privacy online: vantaggi e limiti": "https://www.cybersecurity360.it/soluzioni-aziendali/decentraleyes-potenzia-la-privacy-online-vantaggi-e-limiti/", + "Il controllo del dipendente da parte del datore di lavoro: le sfide per la privacy": "https://www.cybersecurity360.it/legal/privacy-dati-personali/il-controllo-del-dipendente-da-parte-del-datore-di-lavoro-le-sfide-per-la-privacy/", + "Talos IR trends Q4 2024: Web shell usage and exploitation of public-facing applications spike": "https://blog.talosintelligence.com/talos-ir-trends-q4-2024/", + "UK, US Introduce “Content Credentials” Labeling to Counter Deepfakes, Misinformation in the Age of AI": "https://cyble.com/blog/uk-us-introduce-content-credentials-labeling/", + "Speedio (unverified) - 27,501,041 breached accounts": "https://haveibeenpwned.com/PwnedWebsites#Speedio", + "ICS Vulnerability Report: Cyble Urges Critical mySCADA Fixes": "https://cyble.com/blog/ics-vulnerability-report-cyble-urges-critical-myscada-fixes/" + }, + "Krypt3ia": { + "Threat Report: Risks and Considerations of Storing Corporate Security Telemetry in EDR Vendor Cloud Instances": "https://krypt3ia.wordpress.com/2025/01/30/threat-report-risks-and-considerations-of-storing-corporate-security-telemetry-in-edr-vendor-cloud-instances/", + "Krypt3ia Daily Cyber Threat Intelligence (CTI) Digest": "https://krypt3ia.wordpress.com/2025/01/30/krypt3ia-daily-cyber-threat-intelligence-cti-digest-6/" + }, + "洞源实验室": { + "CIO启示录:技术管理如何突破效率天花板": "https://mp.weixin.qq.com/s?__biz=Mzg4Nzk3MTg3MA==&mid=2247487724&idx=1&sn=992966ac782bfff5f58a78669566cd34&chksm=cf83199df8f4908b26ff76302cb8d746bfff09b567b7b3a5c847ccdd3c9489f00186af2c2959&scene=58&subscene=0#rd" + }, + "bellingcat": { + "Neo-Nazis Linked to “Terrorist Activities” to Host Budapest Concert": "https://www.bellingcat.com/news/2025/01/30/neo-nazis-linked-to-terrorist-activities-to-host-budapest-concert/" + }, + "极客公园": { + "我合理怀疑,春晚节目组混进了 B 站的人": "https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653073042&idx=1&sn=e5673315f8ee79ebe9dd7e1d2616c261&chksm=7e57d32449205a32ea25640d2639fcc099fe5048fbdbbc484c363f514ec6a87a0fa0321f07d2&scene=58&subscene=0#rd", + "美国对 DeepSeek 开展国家安全调查;传 DS 训练模型绕过英伟达 CUDA;春节档刷新初一票房纪录 | 极客早知道": "https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653073041&idx=1&sn=f9ec93124dfcfa3b5d40259ab4c2c990&chksm=7e57d32749205a310d8f135837f52b88af79c3c4cfa6f0101b33a99b48b746b953b3373c0e88&scene=58&subscene=0#rd" + }, + "Securityinfo.it": { + "Privacy dei dati: la maggior parte degli utenti teme una violazione": "https://www.securityinfo.it/2025/01/30/privacy-dei-dati-la-maggior-parte-degli-utenti-teme-una-violazione/?utm_source=rss&utm_medium=rss&utm_campaign=privacy-dei-dati-la-maggior-parte-degli-utenti-teme-una-violazione" + }, + "Have I Been Pwned latest breaches": { + "Speedio (unverified) - 27,501,041 breached accounts": "https://haveibeenpwned.com/PwnedWebsites#Speedio" + }, + "Hacking Exposed Computer Forensics Blog": { + "Daily Blog #733: Test Kitchen building cloud tools with cursor": "https://www.hecfblog.com/2025/01/daily-blog-733-test-kitchen-building.html" + }, + "SANS Internet Storm Center, InfoCON: green": { + "PCAPs or It Didn't Happen: Exposing an Old Netgear Vulnerability Still Active in 2025 [Guest Diary], (Thu, Jan 30th)": "https://isc.sans.edu/diary/rss/31638", + "ISC Stormcast For Thursday, January 30th, 2025 https://isc.sans.edu/podcastdetail/9302, (Thu, Jan 30th)": "https://isc.sans.edu/diary/rss/31636" + }, + "Schneier on Security": { + "Fake Reddit and WeTransfer Sites are Pushing Malware": "https://www.schneier.com/blog/archives/2025/01/fake-reddit-and-wetransfer-sites-are-pushing-malware.html" + }, + "Instapaper: Unread": { + "Nulled, Other Cybercrime Websites Seized by Law Enforcement": "https://www.securityweek.com/nulled-other-cybercrime-websites-seized-by-law-enforcement/", + "Le chat WhatsApp sono corrispondenza da tutelare i paletti privacy della Cassazione": "https://www.cybersecurity360.it/news/le-chat-whatsapp-sono-corrispondenza-da-tutelare-i-paletti-privacy-della-cassazione/", + "Il controllo del dipendente da parte del datore di lavoro le sfide per la privacy": "https://www.cybersecurity360.it/legal/privacy-dati-personali/il-controllo-del-dipendente-da-parte-del-datore-di-lavoro-le-sfide-per-la-privacy/", + "These are the 10 worst PIN codes": "https://www.malwarebytes.com/blog/news/2025/01/these-are-the-10-worst-pin-codes", + "What Is a Jump List Complete Guide for Users and Investigators": "https://www.cybertriage.com/blog/what-is-a-jump-list/" + }, + "The Hacker News": { + "Google: Over 57 Nation-State Threat Groups Using AI for Cyber Operations": "https://thehackernews.com/2025/01/google-over-57-nation-state-threat.html", + "Authorities Seize Domains of Popular Hacking Forums in Major Cybercrime Crackdown": "https://thehackernews.com/2025/01/authorities-seize-domains-of-popular.html", + "Lightning AI Studio Vulnerability Allowed RCE via Hidden URL Parameter": "https://thehackernews.com/2025/01/lightning-ai-studio-vulnerability.html", + "SOC Analysts - Reimagining Their Role Using AI": "https://thehackernews.com/2025/01/soc-analysts-reimagining-their-role.html", + "DeepSeek AI Database Exposed: Over 1 Million Log Lines, Secret Keys Leaked": "https://thehackernews.com/2025/01/deepseek-ai-database-exposed-over-1.html", + "Unpatched PHP Voyager Flaws Leave Servers Open to One-Click RCE Exploits": "https://thehackernews.com/2025/01/unpatched-php-voyager-flaws-leave.html", + "New Aquabot Botnet Exploits CVE-2024-41710 in Mitel Phones for DDoS Attacks": "https://thehackernews.com/2025/01/new-aquabot-botnet-exploits-cve-2024.html" + }, + "Graham Cluley": { + "Smashing Security podcast #402: Hackers get hacked, the British Museum IT shutdown, and social media kidnaps": "https://grahamcluley.com/smashing-security-podcast-402-hackers-get-hacked-the-british-museum-it-shutdown-and-social-media-kidnaps/" + }, + "Trend Micro Research, News and Perspectives": { + "Lumma Stealer’s GitHub-Based Delivery Explored via Managed Detection and Response": "https://www.trendmicro.com/en_us/research/25/a/lumma-stealers-github-based-delivery-via-mdr.html", + "NDR: Not Just a \"Nice to Have\" Anymore": "https://www.trendmicro.com/en_us/research/25/a/network-detection-response-ndr.html" + }, + "Deeplinks": { + "Executive Order to the State Department Sideswipes Freedom Tools, Threatens Censorship Resistance, Privacy, and Anonymity of Millions": "https://www.eff.org/deeplinks/2025/01/executive-order-state-department-sideswipes-freedom-tools-threatens-censorship", + "The Internet Never Forgets: Fighting the Memory Hole": "https://www.eff.org/deeplinks/2025/01/internet-never-forgets-fighting-memory-hole", + "Protect Your Privacy on Bumble": "https://www.eff.org/deeplinks/2025/01/protect-your-privacy-bumble" + }, + "The Register - Security": { + "Data resilience and data portability": "https://go.theregister.com/feed/www.theregister.com/2025/01/30/data_resilience_and_data_portability/", + "VMware plugs steal-my-credentials holes in Cloud Foundation": "https://go.theregister.com/feed/www.theregister.com/2025/01/30/vmware_infomration_disclosure_flaws/", + "Trump admin's purge of US cyber advisory boards was 'foolish,' says ex-Navy admiral": "https://go.theregister.com/feed/www.theregister.com/2025/01/30/gutting_us_cyber_advisory_boards/", + "Ransomware attack at New York blood services provider – donors turned away during shortage crisis": "https://go.theregister.com/feed/www.theregister.com/2025/01/30/ransomware_attack_at_new_york/", + "Canvassing apps used by UK political parties riddled with privacy, security issues": "https://go.theregister.com/feed/www.theregister.com/2025/01/30/uk_canvassing_app_issues/", + "WFH with privacy? 85% of Brit bosses snoop on staff": "https://go.theregister.com/feed/www.theregister.com/2025/01/30/forget_the_idea_of_wfh/", + "Wacom says crooks probably swiped customer credit cards from its online checkout": "https://go.theregister.com/feed/www.theregister.com/2025/01/30/wacom_data_loss/", + "Guess who left a database wide open, exposing chat logs, API keys, and more? Yup, DeepSeek": "https://go.theregister.com/feed/www.theregister.com/2025/01/30/deepseek_database_left_open/" + }, + "Palo Alto Networks Blog": { + "Cortex Is the First SOC Platform to Achieve FedRAMP High Authorization": "https://www.paloaltonetworks.com/blog/2025/01/cortex-achieve-fedramp-high-authorization/" + }, + "Social Engineering": { + "\"Humans Aren’t the Weakest Link, They’re the Strongest Layer in Cybersecurity\"": "https://www.reddit.com/r/SocialEngineering/comments/1idqop9/humans_arent_the_weakest_link_theyre_the/", + "How to better at socialising?": "https://www.reddit.com/r/SocialEngineering/comments/1idam33/how_to_better_at_socialising/" + }, + "Information Security": { + "Change Healthcare data breach – how to protect yourself": "https://www.reddit.com/r/Information_Security/comments/1idnbgn/change_healthcare_data_breach_how_to_protect/", + "College Survey on AI-Enhanced Phishing and Cybersecurity Training Effectiveness": "https://www.reddit.com/r/Information_Security/comments/1idq592/college_survey_on_aienhanced_phishing_and/", + "CIS standards for CyberArk": "https://www.reddit.com/r/Information_Security/comments/1idn856/cis_standards_for_cyberark/", + "What is SHEIN doing to our data?": "https://www.reddit.com/r/Information_Security/comments/1idgkn6/what_is_shein_doing_to_our_data/" + }, + "Your Open Hacker Community": { + "Everything is hacked 😊": "https://www.reddit.com/r/HowToHack/comments/1ie17ff/everything_is_hacked/", + "Phones that are open to connecting via Bluetooth": "https://www.reddit.com/r/HowToHack/comments/1idms17/phones_that_are_open_to_connecting_via_bluetooth/", + "Most Effective learning path to Reverse engineer network server of old games?": "https://www.reddit.com/r/HowToHack/comments/1ids89n/most_effective_learning_path_to_reverse_engineer/", + "Is there any website I can use to convert a large amount of passwords into Hashes (in batch)?": "https://www.reddit.com/r/HowToHack/comments/1idu982/is_there_any_website_i_can_use_to_convert_a_large/", + "Finding an array of class instances using Cheat Engine?": "https://www.reddit.com/r/HowToHack/comments/1idh9ob/finding_an_array_of_class_instances_using_cheat/", + "Free course": "https://www.reddit.com/r/HowToHack/comments/1idm5ny/free_course/", + "Cheat engine?": "https://www.reddit.com/r/HowToHack/comments/1idu18m/cheat_engine/", + "Who has dark web AI?": "https://www.reddit.com/r/HowToHack/comments/1idtmsb/who_has_dark_web_ai/", + "Question": "https://www.reddit.com/r/HowToHack/comments/1ide7pg/question/", + "I want to hack like elliot from mister robot": "https://www.reddit.com/r/HowToHack/comments/1idwvv2/i_want_to_hack_like_elliot_from_mister_robot/", + "Tips for Copying and Pasting from Apps That Restrict It": "https://www.reddit.com/r/HowToHack/comments/1idg62q/tips_for_copying_and_pasting_from_apps_that/", + "Can I duplicate a SIM card?": "https://www.reddit.com/r/HowToHack/comments/1idihtl/can_i_duplicate_a_sim_card/" + }, + "Krebs on Security": { + "Infrastructure Laundering: Blending in with the Cloud": "https://krebsonsecurity.com/2025/01/infrastructure-laundering-blending-in-with-the-cloud/" + }, + "TorrentFreak": { + "Pirate IPTV: Sweden Mulls ‘Viewing Ban’ as Illegal Subscriptions Soar 25%": "https://torrentfreak.com/pirate-iptv-sweden-mulls-viewing-ban-as-illegal-subscriptions-soar-25-250130/" + }, + "Full Disclosure": { + "Quorum onQ OS - 6.0.0.5.2064 | Reflected Cross Site Scripting\t(XSS) | CVE-2024-44449": "https://seclists.org/fulldisclosure/2025/Jan/23", + "Deepseek writes textbook insecure code in 2025-01-28": "https://seclists.org/fulldisclosure/2025/Jan/22", + "Text injection on https://www.google.com/sorry/index via ?q parameter (no XSS)": "https://seclists.org/fulldisclosure/2025/Jan/21" + }, + "Technical Information Security Content & Discussion": { + "The Slow Death of OCSP": "https://www.reddit.com/r/netsec/comments/1idvdv5/the_slow_death_of_ocsp/", + "Practising Heap Exploitation: Using House Of Force Technique with Practicals": "https://www.reddit.com/r/netsec/comments/1idm8tr/practising_heap_exploitation_using_house_of_force/", + "WebAssembly and security: a review": "https://www.reddit.com/r/netsec/comments/1idnsqk/webassembly_and_security_a_review/", + "A short Introduction to BloodHound Custom Queries": "https://www.reddit.com/r/netsec/comments/1idlm4q/a_short_introduction_to_bloodhound_custom_queries/", + "CVE-2024-46506: Unauthenticated RCE in NetAlertx": "https://www.reddit.com/r/netsec/comments/1idsuzx/cve202446506_unauthenticated_rce_in_netalertx/" + }, + "netsecstudents: Subreddit for students studying Network Security and its related subjects": { + "GCP Red Teaming / Pentesting Certifications": "https://www.reddit.com/r/netsecstudents/comments/1idjlk4/gcp_red_teaming_pentesting_certifications/" + }, + "Security Affairs": { + "DeepSeek database exposed highly sensitive information": "https://securityaffairs.com/173666/data-breach/deepseek-db-exposed-highly-sensitive-information.html", + "TeamViewer fixed a vulnerability in Windows client and host applications": "https://securityaffairs.com/173658/security/teamviewer-windows-client-flaw.html", + "Operation Talent: An international law enforcement operation seized Cracked, Nulled and other cybercrime websites": "https://securityaffairs.com/173651/cyber-crime/operation-talent-seized-cracked-nulled-cybercrime-websites.html", + "PHP package Voyager flaws expose to one-click RCE exploits": "https://securityaffairs.com/173646/hacking/php-package-voyager-flaws.html", + "Italy’s Data Protection Authority Garante requested information from Deepseek": "https://securityaffairs.com/173637/digital-id/italys-garante-requested-information-from-deepseek.html" + }, + "Deep Web": { + "My friend stumbled upon these while gliding at dark web.": "https://www.reddit.com/r/deepweb/comments/1idlmuj/my_friend_stumbled_upon_these_while_gliding_at/" + }, + "Security Weekly Podcast Network (Audio)": { + "Cred Vaults, Cheap AI, and Hacking Devices - Matt Bishop - PSW #859": "http://sites.libsyn.com/18678/cred-vaults-cheap-ai-and-hacking-devices-matt-bishop-psw-859" + } +} \ No newline at end of file diff --git a/today.md b/today.md index 7a275ab1ad..97a033cc41 100644 --- a/today.md +++ b/today.md @@ -1,417 +1,383 @@ -# 每日安全资讯(2025-01-30) +# 每日安全资讯(2025-01-31) - SecWiki News - - [ ] [SecWiki News 2025-01-29 Review](http://www.sec-wiki.com/?2025-01-29) -- CXSECURITY Database RSS Feed - CXSecurity.com - - [ ] [OpenPanel 0.3.4 Command Injection](https://cxsecurity.com/issue/WLB-2025010034) - - [ ] [MySchool System - Multiple Vulnerabilities](https://cxsecurity.com/issue/WLB-2025010033) - - [ ] [NEXT-EMP v1.0-Copyright © 2024. All rights reserved. File Upload-FU and Remote Code Execution-RCE](https://cxsecurity.com/issue/WLB-2025010032) + - [ ] [SecWiki News 2025-01-30 Review](http://www.sec-wiki.com/?2025-01-30) +- bunnie's blog + - [ ] [Name that Ware, January 2025](https://www.bunniestudios.com/blog/2025/name-that-ware-january-2025/) + - [ ] [Winner, Name that Ware December 2024](https://www.bunniestudios.com/blog/2025/winner-name-that-ware-december-2024/) - Security Boulevard - - [ ] [Alibaba’s Qwen 2.5-Max: The AI Marathoner Outpacing DeepSeek and Catching OpenAI’s Shadow](https://securityboulevard.com/2025/01/alibabas-qwen-2-5-max-the-ai-marathoner-outpacing-deepseek-and-catching-openais-shadow/) - - [ ] [Introducing WAF Rule Tester: Test with Confidence, Deploy without Fear | Impart Security](https://securityboulevard.com/2025/01/introducing-waf-rule-tester-test-with-confidence-deploy-without-fear-impart-security/) - - [ ] [DEF CON 32 – Tough Adversary Don’t Blame Sun Tzu](https://securityboulevard.com/2025/01/def-con-32-tough-adversary-dont-blame-sun-tzu/) - - [ ] [The OWASP NHI Top 10 and AI risk: What you need to know](https://securityboulevard.com/2025/01/the-owasp-nhi-top-10-and-ai-risk-what-you-need-to-know/) - - [ ] [API Security Is At the Center of OpenAI vs. DeepSeek Allegations](https://securityboulevard.com/2025/01/api-security-is-at-the-center-of-openai-vs-deepseek-allegations/) - - [ ] [Randall Munroe’s XKCD ‘Muons’](https://securityboulevard.com/2025/01/randall-munroes-xkcd-muons/) - - [ ] [SLAP/FLOP: Apple Silicon’s ‘Son of Spectre’ Critical Flaws](https://securityboulevard.com/2025/01/slap-flop-apple-silicon-richixbw/) - - [ ] [Our Digital Footprints are Breadcrumbs for Mapping our Personal Behavior](https://securityboulevard.com/2025/01/our-digital-footprints-are-breadcrumbs-for-mapping-our-personal-behavior/) - - [ ] [How to Find Old Accounts for Deletion](https://securityboulevard.com/2025/01/how-to-find-old-accounts-for-deletion/) - - [ ] [Codefinger Ransomware: Detection and Mitigation Using MixMode](https://securityboulevard.com/2025/01/codefinger-ransomware-detection-and-mitigation-using-mixmode/) -- Doonsec's feed - - [ ] [青萍安全祝大家新年快乐!!!](https://mp.weixin.qq.com/s?__biz=MzkxMzY0MzAxMw==&mid=2247487278&idx=1&sn=78ec559025c718883b9f1b1f674ba5f5) - - [ ] [仅此一次,春节七折嗷!](https://mp.weixin.qq.com/s?__biz=MzkyNTUyNTE5OA==&mid=2247486501&idx=1&sn=51fe604005374bcbfff2b9f235d97286) - - [ ] [[收费公开课] 前后端分离渗透和三个突破口](https://mp.weixin.qq.com/s?__biz=MzkyNTUyNTE5OA==&mid=2247486501&idx=2&sn=303abdda447ab10baa18016a0ae9460a) - - [ ] [原创工具|Venom-JWT渗透工具 - 针对JWT漏洞和密钥爆破服务渗透测试](https://mp.weixin.qq.com/s?__biz=Mzk0ODc1MjYyNA==&mid=2247483866&idx=1&sn=b4a7b1a90b8624e68c8e4106eccd2de9) - - [ ] [大年初一,巳巳如意!](https://mp.weixin.qq.com/s?__biz=MzkzMjQ4NTQwNw==&mid=2247483835&idx=1&sn=b593aa19e5825e5a2c3f5e1fd7546734) - - [ ] [[注意保密] 新年红包雨:领取 1888$ 年度极致福利](https://mp.weixin.qq.com/s?__biz=MzkwODI1ODgzOA==&mid=2247506610&idx=1&sn=891e78f2c8c413caa518b343114d9503) - - [ ] [黑客组织Handala宣称攻破以色列国安系统 4TB机密数据遭泄露](https://mp.weixin.qq.com/s?__biz=MzkzNDIzNDUxOQ==&mid=2247494609&idx=1&sn=10c34cea93492cfefbb71eea5f87901a) - - [ ] [Urkc安全红包封面上线啦!](https://mp.weixin.qq.com/s?__biz=MzkxNTU5NTI1Ng==&mid=2247487269&idx=1&sn=0d4c70352cf47f5360f202a395b166b6) - - [ ] [【实操】利用Deepseek传承和弘扬传统文化](https://mp.weixin.qq.com/s?__biz=MzI2MTE0NTE3Mw==&mid=2651148736&idx=1&sn=39a0df253f09d26a6151599d1e8bfb20) - - [ ] [【培训】Osint开源情报练习 #002](https://mp.weixin.qq.com/s?__biz=MzI2MTE0NTE3Mw==&mid=2651148736&idx=2&sn=ebee4c79a769e10968179969c634d83a) - - [ ] [AISS大模型安全社区-2025 Roadmap](https://mp.weixin.qq.com/s?__biz=MzkyMTI0NjA3OA==&mid=2247494053&idx=1&sn=6449e25c9c3754c833fdd7ba5435ad70) - - [ ] [2025新春致谢 | 金蛇纳福启新程](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458589299&idx=1&sn=5e38768a37484f2f38cd5b8da65a095b) - - [ ] [Windows 11 24H2 上的进程镂空技术](https://mp.weixin.qq.com/s?__biz=MzAxODM5ODQzNQ==&mid=2247486790&idx=1&sn=c0d73c1ebaa8ed6fd5ec7a87a43b25eb) - - [ ] [德国数据保护机构《标准数据保护模式》中译文](https://mp.weixin.qq.com/s?__biz=MzIxODM0NDU4MQ==&mid=2247506191&idx=1&sn=5c306df3d480ebc5a37d4e207d432f24) - - [ ] [新年零食大礼包抽奖开奖](https://mp.weixin.qq.com/s?__biz=Mzg4NDg2NTM3NQ==&mid=2247484712&idx=1&sn=fd70a0465dbf9e30c615379a6bdda89d) - - [ ] [【卫星图像】金正恩考察朝鲜核物质生产基地和核武器研究所](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650559318&idx=1&sn=f93bc65cb4cf2587b134129cbdca5205) - - [ ] [美日韩“抱团”:三国首次会谈聚焦朝鲜核威胁](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650559318&idx=2&sn=eef1bccee4db52de82349056e07e8aca) - - [ ] [致情报分析师公众号全体粉丝](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650559318&idx=3&sn=be997ee6361433a289ec6c156aca06a7) - - [ ] [Ghosten Player:全平台视频播放器,云盘/本地/IPTV资源一网打尽,支持TV和刮削!](https://mp.weixin.qq.com/s?__biz=MzA4MjkzMTcxMg==&mid=2449046775&idx=1&sn=403d11271cef923ea84dfc9005eed22e) - - [ ] [“巳巳”如意|蛇年大吉u200b](https://mp.weixin.qq.com/s?__biz=MzU4MTg1NzAzMA==&mid=2247490620&idx=1&sn=48ea11f22a243fbf8b403f5347af6b4b) - - [ ] [收藏 | dotNet安全矩阵 2024 年度安全防御绕过阶段文章和工具汇总](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498553&idx=1&sn=1d8935d674697bc89a84b1b07dd7573a) - - [ ] [.NET 内网攻防实战电子报刊](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498553&idx=2&sn=2eabd584fcc38d4a3de34cbc21b247b8) - - [ ] [收藏 | dotNet安全矩阵 2024 年度外网入口打点阶段文章和工具汇总](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498553&idx=3&sn=11f8acaa352ccc07f18420479c442a8b) - - [ ] [【新春福利免费开放】【20250129更新】GrayLog开源日志管理平台技术文章合集【共80篇】](https://mp.weixin.qq.com/s?__biz=MzU2MjU1OTE0MA==&mid=2247499654&idx=1&sn=1717caf72330209a0d7860dac066d9aa) - - [ ] [ISO 45001: 2018 标准详解与实施(10)6.1.2 危险源辨识及风险和机遇的评价](https://mp.weixin.qq.com/s?__biz=MzA5OTEyNzc1Nw==&mid=2247486046&idx=1&sn=e0752fe57f13f49404b464a8a5d23bf8) - - [ ] [中亚新位置:美国到底是“机遇”还是“陷阱”?](https://mp.weixin.qq.com/s?__biz=MzkwNzM0NzA5MA==&mid=2247505009&idx=1&sn=a675523c007664b3ded75ff213872283) - - [ ] [曼德海峡危机:胡塞武装如何搅动全球贸易与地缘政治的“一池春水”?](https://mp.weixin.qq.com/s?__biz=MzkwNzM0NzA5MA==&mid=2247505009&idx=2&sn=30bc5ffc5afc9a5458d174a81224a804) - - [ ] [DeepSeek遭受美国大规模黑客DDOS攻击!该如何应对?](https://mp.weixin.qq.com/s?__biz=Mzk1NzMwNTM5NQ==&mid=2247483894&idx=1&sn=a0a2746ea96e1c4da9caa325f9851abd) - - [ ] [蛇年快乐!](https://mp.weixin.qq.com/s?__biz=MzI1Mjc3NTUwMQ==&mid=2247538527&idx=1&sn=a6a982145ee51f2707a9b7d2914c057c) - - [ ] [花指令——新春快乐版](https://mp.weixin.qq.com/s?__biz=MzkyNTYwOTMyNA==&mid=2247485009&idx=1&sn=71e8f9c7d9658e891eb9aa14140fac0c) - - [ ] [我让DeepSeek锐评下网络安全行业现状,它的回答......](https://mp.weixin.qq.com/s?__biz=MzkzMjIxNjExNg==&mid=2247486228&idx=1&sn=710163f3aca52010a4b552bf987a7b69) - - [ ] [复旦白泽给大家拜年啦!祝大家蛇年大吉,巳巳如意,Paper如潮成果丰!](https://mp.weixin.qq.com/s?__biz=MzU4NzUxOTI0OQ==&mid=2247492844&idx=1&sn=a8d82e9664fd92535652abde94911226) - - [ ] [记一次SRC利用github搜索拿下中危漏洞](https://mp.weixin.qq.com/s?__biz=MzUyODkwNDIyMg==&mid=2247547532&idx=1&sn=a25d3179451f39184a2c2306e222d2f5) - - [ ] [新年快乐 | 渊亭科技祝您巳巳如意,蛇年大吉!](https://mp.weixin.qq.com/s?__biz=MzIzNjE1ODE2OA==&mid=2660190405&idx=1&sn=b33a770adf5ed142dc3ac8c2afba90ef) - - [ ] [揭露俄罗斯APT新手段:Gamaredon首次使用安卓间谍软件骨骼间谍(BoneSpy)和伪装侦察(PlainGnome)](https://mp.weixin.qq.com/s?__biz=Mzg3OTYxODQxNg==&mid=2247485657&idx=1&sn=1c6e5658064e3bb16435047e39a9f311) - - [ ] [中医学论文大纲完善与落实指南:让你的论文架构更清晰!](https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247493256&idx=1&sn=592a8a23a41a09fc0c7f61488411d5d8) - - [ ] [中医学论文搜集文献攻略:10分钟搞定一个月找不全的经典文献库!](https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247493256&idx=2&sn=9e44f435954053a0a3863c6ca466f2c8) - - [ ] [终于搞懂了!新手如何玩转新闻学论文的文献综述写作攻略,快速上手!](https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247493256&idx=3&sn=86c1867c8e4f63023a0328e127fc79fb) - - [ ] [终于掌握水产养殖学论文搜集文献秘诀!完整指南公开!](https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247493256&idx=4&sn=050db58f55d66a155a674ae62fbc198d) - - [ ] [终于知道日语论文搜集文献这门道,超实用版硬核干货!](https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247493256&idx=5&sn=1dd216f434bb52375a8b6847836147b5) - - [ ] [重磅揭秘:内行人才懂的林业技术论文文献综述写作高阶指南!](https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247493256&idx=6&sn=d4792364daac44d36e9ee0fe60f8a44a) - - [ ] [专家带路:农业工程论文选题高分技巧,快速锁定黄金选题!](https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247493256&idx=7&sn=f8f67fececd526ee35399b356da849e1) - - [ ] [专家级企业管理论文搜集文献内部秘籍:外企高级经理人都在偷学的全流程技巧。](https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247493256&idx=8&sn=5ff567d0085a3894e4c0033cd8301bb9) - - [ ] [红队和 Web 黑盒审计的侦察脚本](https://mp.weixin.qq.com/s?__biz=MzAxMjYyMzkwOA==&mid=2247527357&idx=1&sn=c83b93750bea91d42a144b5a5739a263) - - [ ] [滥用 Windows fork API 和 OneDrive.exe 进程来注入恶意 shellcode](https://mp.weixin.qq.com/s?__biz=MzAxMjYyMzkwOA==&mid=2247527357&idx=2&sn=cb567e9fa5f939b386410eaa2208192b) - - [ ] [零日漏洞正在推动 Fortinet 防火墙攻击(CVE-2024-55591 已确认)](https://mp.weixin.qq.com/s?__biz=MzAxMjYyMzkwOA==&mid=2247527357&idx=3&sn=a9547ba6b29ff579585ca08ae6e20652) - - [ ] [好的伴侣可以减少一半人间疾苦,合适的工作更是这样](https://mp.weixin.qq.com/s?__biz=MzUzNjkxODE5MA==&mid=2247488193&idx=1&sn=98fb524ba32bd4acb817ce28aedc8a4d) - - [ ] [夜鹰(NightHawk)C2工具被泄露了?](https://mp.weixin.qq.com/s?__biz=MzA4ODEyODA3MQ==&mid=2247490232&idx=1&sn=71a4e338358972fe51261cbc15ddcc02) - - [ ] [万象更新 共启新程|四叶草安全祝您鸿运当头](https://mp.weixin.qq.com/s?__biz=MjM5MTI2NDQzNg==&mid=2654552292&idx=1&sn=94bfca6ee6e6469f09475331d9ec1dff) - - [ ] [新春伊始,红日安全启航!愿与您共同筑牢数字防线,共同迈向更安全的明天!🔒🌱](https://mp.weixin.qq.com/s?__biz=MzI4NjEyMDk0MA==&mid=2649851765&idx=1&sn=568da818c7d56ee694372f7ca3d04ddc) - - [ ] [暗网情报5则:VPN权限出售-CNN马来西亚遭勒索](https://mp.weixin.qq.com/s?__biz=MzkyMjQ5ODk5OA==&mid=2247507140&idx=1&sn=39e2cd4ca4a8b2405576bcc343bea2c6) - - [ ] [5th域安全微讯早报【20250129】025期](https://mp.weixin.qq.com/s?__biz=MzkyMjQ5ODk5OA==&mid=2247507140&idx=2&sn=e324fe0e8dc2c445cc103295d565424b) - - [ ] [有人急了。。。DeepSeek。。。线上服务受到大规模恶意攻击。。。](https://mp.weixin.qq.com/s?__biz=MzU2NzY5MzI5Ng==&mid=2247504835&idx=1&sn=145feae85263084b1b6d5bd7b36c7877) - - [ ] [新型“Sneaky 2FA”钓鱼工具包瞄准微软365账户,绕过双重认证(2FA)窃取凭证](https://mp.weixin.qq.com/s?__biz=MzA4NTY4MjAyMQ==&mid=2447900162&idx=1&sn=f1cd9351fa6107901ed7fa81fb279643) - - [ ] [大年初一 | 开源网安祝福大家事业蒸蒸日上,生活阖家美满](https://mp.weixin.qq.com/s?__biz=MzI0NzY1MDgyMw==&mid=2247514013&idx=1&sn=5833bcc742d0d3e15ef6b74df78cc868) - - [ ] [碳泽信息祝您新春快乐,巳巳如意!](https://mp.weixin.qq.com/s?__biz=Mzk0ODI4MDI4Nw==&mid=2247494627&idx=1&sn=ffc67d2a6efe5b59293eda6175d3226f) - - [ ] [【2025春节】解题领红包活动开始喽,解出就送论坛币!](https://mp.weixin.qq.com/s?__biz=MjM5Mjc3MDM2Mw==&mid=2651141655&idx=1&sn=d21717226e40032625a74a2d00255e23) - - [ ] [巳巳如意 | 蛇年大吉](https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651313207&idx=1&sn=6fbe79faad8cf2aedae18f3523b11c63) - - [ ] [《信息安全研究》恭祝大家新春快乐!](https://mp.weixin.qq.com/s?__biz=MzA3NzgzNDM0OQ==&mid=2664992974&idx=1&sn=9cd2cb9e2b233b74a40604ea67942fa7) - - [ ] [大年初一丨安天智甲给您拜年了](https://mp.weixin.qq.com/s?__biz=MjM5MTA3Nzk4MQ==&mid=2650209897&idx=1&sn=6bfd5ddbc7574bf32992f11997f69d3d) - - [ ] [大年初一,拜大年](https://mp.weixin.qq.com/s?__biz=MjM5ODYyMTM4MA==&mid=2650464736&idx=1&sn=bc114265d19b16cd3c45f4cc8b871012) - - [ ] [联想全球安全实验室恭祝大家新春快乐!](https://mp.weixin.qq.com/s?__biz=MzU1ODk1MzI1NQ==&mid=2247491548&idx=1&sn=73c8dbc0a4131745e3e798eaa6404d16) - - [ ] [大年初一 蛇来运转](https://mp.weixin.qq.com/s?__biz=Mzg2MTU5ODQ2Mg==&mid=2247507173&idx=1&sn=3b4749529f6bca97d5553cb65fdec622) - - [ ] [数字取证之证据识别u200c](https://mp.weixin.qq.com/s?__biz=MjM5OTk4MDE2MA==&mid=2655264820&idx=1&sn=c47fa7a58ac994934f15782210c4718b) - - [ ] [网安原创文章推荐【2025/1/28】](https://mp.weixin.qq.com/s?__biz=MzAxNzg3NzMyNQ==&mid=2247489519&idx=1&sn=b63ac6606b1606adc9ec3fbf28433922) - - [ ] [大年初一到,财来福星照!新的一年,祝大家巳巳如意,蛇年行大运。](https://mp.weixin.qq.com/s?__biz=MzkyNDUxNTQ2Mw==&mid=2247485819&idx=1&sn=a9119ee1b24d286f56cda649c53d5870) - - [ ] [大年初一 | 祥蛇纳福,“巳巳”如意](https://mp.weixin.qq.com/s?__biz=MzA4MTg0MDQ4Nw==&mid=2247579267&idx=1&sn=b6b08865f0534077a40f3e336e85bd3f) - - [ ] [SQLite数据库注入攻击技术研究](https://mp.weixin.qq.com/s?__biz=MjM5MjEyMTcyMQ==&mid=2651037456&idx=1&sn=26b186946b56da6148be861444022c93) - - [ ] [春节](https://mp.weixin.qq.com/s?__biz=MzUyMjAyODU1NA==&mid=2247491946&idx=1&sn=960238aa34a57daeb943121fa63418f3) - - [ ] [新年好运签 | 统一云防御:统一防护管理,筑牢网络边界](https://mp.weixin.qq.com/s?__biz=MjM5NzA3Nzg2MA==&mid=2649870831&idx=1&sn=f2dffa473f8078bccfce2ac7f3814c1d) - - [ ] [春节|安赛祝大家新年快乐!](https://mp.weixin.qq.com/s?__biz=MzI3MzA2MTk3Mw==&mid=2657788240&idx=1&sn=8d0ec3ec282dc8d43159d7636218278b) - - [ ] [新春快乐|安势信息祝大家蛇年大吉!](https://mp.weixin.qq.com/s?__biz=Mzg3MDgyMzkwOA==&mid=2247491507&idx=1&sn=51f24fc4ce62cb89254184ab41c5d934) - - [ ] [初一|身体健康,万事如意!](https://mp.weixin.qq.com/s?__biz=MzU1MzE3Njg2Mw==&mid=2247510392&idx=1&sn=23b6d35cb71d82c23d562ba42b1e0694) - - [ ] [2024年公众号优质文章汇总](https://mp.weixin.qq.com/s?__biz=Mzg4NDg3NjE5MQ==&mid=2247485613&idx=1&sn=2ea4aed4c2413869c00fb53f76d1fae5) - - [ ] [正月初一 | 一帆风顺 元启新程](https://mp.weixin.qq.com/s?__biz=MzI2MzU0NTk3OA==&mid=2247506080&idx=1&sn=de989f72a1c24a6013bc32834fd66539) - - [ ] [捷普焕新领先产品全系列](https://mp.weixin.qq.com/s?__biz=MzI2MzU0NTk3OA==&mid=2247506080&idx=2&sn=ddbcbdccb66e8f94303cf95a7dd9420e) - - [ ] [【焕新领先】 捷普态势感知系统](https://mp.weixin.qq.com/s?__biz=MzI2MzU0NTk3OA==&mid=2247506080&idx=3&sn=5e87f69e3e89d5d4d0e72e5e973c9f0a) - - [ ] [粤港澳大湾区网络安全协会祝您新年快乐!](https://mp.weixin.qq.com/s?__biz=MzkwOTUyODE5Mg==&mid=2247485770&idx=1&sn=8c67f414c1d5363770af6d0c2d909922) - - [ ] [关于网络安全指标的思考](https://mp.weixin.qq.com/s?__biz=MzkwOTUyODE5Mg==&mid=2247485770&idx=2&sn=83e45c1783b1612d8163d9544c9f6b47) - - [ ] [众安天下祝您新春快乐、蛇年大吉!](https://mp.weixin.qq.com/s?__biz=MzIyOTUzODY5Ng==&mid=2247504322&idx=1&sn=5e6878918dcc0b4c304704e423a7a2c3) - - [ ] [天工实验室祝大家蛇年大吉,万事如意!](https://mp.weixin.qq.com/s?__biz=Mzk0OTU2ODQ4Mw==&mid=2247486754&idx=1&sn=62aa67a56b66db75099aae8ea64ceef9) - - [ ] [渗透测试 | 某学校授权渗透测试评估](https://mp.weixin.qq.com/s?__biz=Mzk0Mzc1MTI2Nw==&mid=2247487347&idx=1&sn=ecfde99bcc6735f0141a9b575a90c556) - - [ ] [有度安全给大家拜年啦!灵蛇启新元,初一福泽绵](https://mp.weixin.qq.com/s?__biz=Mzg3NTEyMzU4OA==&mid=2247513467&idx=1&sn=c5f15ab42712064a3075e44a9bc4d911) - - [ ] [元春始风华,万象启新朝。深圳市网安计算机网络安全培训中心恭祝您福启新岁,万事顺遂。](https://mp.weixin.qq.com/s?__biz=Mzg3MDYzMjAyNA==&mid=2247486206&idx=1&sn=c7d7d28fb1d2de4e50c094c384bd700e) - - [ ] [大年初一:福满新岁](https://mp.weixin.qq.com/s?__biz=MzU0NDk0NTAwMw==&mid=2247624760&idx=1&sn=7d6fdaf5776b133489f8cbfd0cf87135) - - [ ] [新春快乐,万事如意](https://mp.weixin.qq.com/s?__biz=MzI3NDY3NDUxNg==&mid=2247498914&idx=1&sn=9db465eba52da2dd54e90fb40b843bf6) - - [ ] [拜年啦:恭贺新禧,蛇年大吉!](https://mp.weixin.qq.com/s?__biz=Mzg2MDg0ODg1NQ==&mid=2247540150&idx=1&sn=c11b523ae88eb1cdd1b00c2e2e1e7f4b) - - [ ] [安领可信给您拜年啦!](https://mp.weixin.qq.com/s?__biz=MzUxNjUwNDU4OQ==&mid=2247483953&idx=1&sn=661f7bc51d8046599be7e71f46852275) - - [ ] [大年初一 汉华信安给您拜年了](https://mp.weixin.qq.com/s?__biz=Mzg5ODYyMTI2NA==&mid=2247484582&idx=1&sn=e4a8c83e259a25f4a962bab36d0c0afd) - - [ ] [正月初一拜大年!亚信安全祝大家蛇年顺遂,蛇蛇如意](https://mp.weixin.qq.com/s?__biz=MjM5NjY2MTIzMw==&mid=2650620958&idx=1&sn=1a539d599c8fa0167941d6bccc946ec9) - - [ ] [大年初一 一帆风顺](https://mp.weixin.qq.com/s?__biz=MjM5NzE0NTIxMg==&mid=2651135288&idx=1&sn=c8bf1121cab73be169ecaa119f5d9d5b) - - [ ] [慢雾科技祝大家新春快乐,“巳巳”如意!](https://mp.weixin.qq.com/s?__biz=MzU4ODQ3NTM2OA==&mid=2247501035&idx=1&sn=59e84e7659d99a54b6501ec2191845d8) - - [ ] [新年快乐 | 渊亭防务祝您巳巳如意,蛇年大吉!](https://mp.weixin.qq.com/s?__biz=Mzg2NTYyODgyNg==&mid=2247504626&idx=1&sn=947b971cf92a530af5d4af7a9f40378b) - - [ ] [初一 | 鞭炮声声辞旧岁,新衣新貌贺新年!](https://mp.weixin.qq.com/s?__biz=MzU4NjY4MDAyNQ==&mid=2247497078&idx=1&sn=93f0e2203558c5d2186205dae47e4ab0) - - [ ] [墨云科技 | 金蛇献瑞,谨贺新年](https://mp.weixin.qq.com/s?__biz=MzU5ODE2NDA3NA==&mid=2247496753&idx=1&sn=101bd162fb27a6b210c95d36ff4756c7) - - [ ] [磐石安科技|恭贺蛇年大吉!](https://mp.weixin.qq.com/s?__biz=MzkwNDI0MjkzOA==&mid=2247485840&idx=1&sn=e5045c1d16e658ef82f838d19add009a) - - [ ] [正月初一 | 安泰如意](https://mp.weixin.qq.com/s?__biz=Mzg2NDU3Mzc5OA==&mid=2247489779&idx=1&sn=76fc6dae86e231c41efea62f0565ac21) - - [ ] [大年初一 | 金蛇献瑞迎新春,岁月悠悠送吉祥](https://mp.weixin.qq.com/s?__biz=Mzk0MDQ5MTQ4NA==&mid=2247487427&idx=1&sn=eeef20b9473215312b0e39159d148a5b) - - [ ] [拜年啦](https://mp.weixin.qq.com/s?__biz=MzkxNTIwNTkyNg==&mid=2247553215&idx=1&sn=9e310bac7fb47a94b16a9da14e538d01) - - [ ] [大年初一丨新春启航,万事如意](https://mp.weixin.qq.com/s?__biz=MzAwNTAxMjUwNw==&mid=2650277649&idx=1&sn=f1b0ac4ba8a25aeb6f61b973093d555f) - - [ ] [春节|瑞蛇迎春,共赴新程](https://mp.weixin.qq.com/s?__biz=MzkxODczNjA4NQ==&mid=2247494021&idx=1&sn=55cd58add868195168feda1b08a0a2f1) - - [ ] [初一 | 大年初一 万事胜意](https://mp.weixin.qq.com/s?__biz=MzU1OTc2MzE2Mg==&mid=2247489329&idx=1&sn=d001254620cb5ccdcf51cb5a9a73670e) - - [ ] [祝大家新年蛇年大吉,健康喜乐](https://mp.weixin.qq.com/s?__biz=MzkzNDIzNDUxOQ==&mid=2247494577&idx=1&sn=4d5a9964a63a52fe6cdd3febc7abd292) - - [ ] [苹果修补了 2025 年首个被利用的 iOS 0day(CVE-2025-24085)](https://mp.weixin.qq.com/s?__biz=MzkzNDIzNDUxOQ==&mid=2247494577&idx=2&sn=2a3b9a9481760f2c54d584ed72cf307c) - - [ ] [春节 | 灵蛇迎春,福运满屋](https://mp.weixin.qq.com/s?__biz=MzU3MDA0MTE2Mg==&mid=2247492564&idx=1&sn=44253e74476868913d0de1065716dfad) - - [ ] [梅苑安全携带小猫祝大家蛇年快乐](https://mp.weixin.qq.com/s?__biz=MzkwMTU2NzMwOQ==&mid=2247484530&idx=1&sn=8610d601d8d5bd24528dc1545e83c1a5) - - [ ] [红队移动端评估测试工具](https://mp.weixin.qq.com/s?__biz=MzkyNzIxMjM3Mg==&mid=2247489192&idx=1&sn=f92f78566f73bdbcee373ac7834d1396) - - [ ] [不足挂齿](https://mp.weixin.qq.com/s?__biz=MzkyNzIxMjM3Mg==&mid=2247489192&idx=2&sn=4597cbd9bbf1d814a4d86c26bfb77eed) - - [ ] [范渊新年献词:以韧性回应时代,以AI引领未来](https://mp.weixin.qq.com/s?__biz=MjM5NTE0MjQyMg==&mid=2650624573&idx=1&sn=bde5fc48268dbc7566e0b36ca5ea68e8) - - [ ] [【初一】新岁启封,同赴新程](https://mp.weixin.qq.com/s?__biz=MjM5NTE0MjQyMg==&mid=2650624573&idx=2&sn=c4581b248078cb6ff6f9d465754da975) - - [ ] [像 C2 一样使用 VSCode - 红队风格](https://mp.weixin.qq.com/s?__biz=MzkwOTE5MDY5NA==&mid=2247504777&idx=1&sn=6a7bb7db4890f89678a69854ecbce461) - - [ ] [InForSec祝网络安全华人学者春节愉快!](https://mp.weixin.qq.com/s?__biz=MzA4ODYzMjU0NQ==&mid=2652317463&idx=1&sn=3b304079c535abddffd4968cd9d1c718) - - [ ] [蛇年大吉](https://mp.weixin.qq.com/s?__biz=MzI2Mzc4ODc1NQ==&mid=2247489583&idx=1&sn=e98d28ca40b57b5b32aac53edfeb1946) - - [ ] [【贺蛇年】初一纳福 网安启途](https://mp.weixin.qq.com/s?__biz=MzAxMjE1MDY0NA==&mid=2247508841&idx=1&sn=8c7d1aeb8c2b6827bcde2b323e04027e) - - [ ] [别搞](https://mp.weixin.qq.com/s?__biz=MzAwMjQ2NTQ4Mg==&mid=2247496843&idx=1&sn=12979bae2be8a2d90496e7c79e8bb831) - - [ ] [国自然中标真不难!十年评审专家1v1精修本子,中标率提升58%](https://mp.weixin.qq.com/s?__biz=MzAwMjQ2NTQ4Mg==&mid=2247496843&idx=2&sn=d9858f7695b5db1be02e2d9887ab97d1) - - [ ] [【大年初一】喜迎蛇年 瑞气呈祥](https://mp.weixin.qq.com/s?__biz=MjM5NzYwNDU0Mg==&mid=2649249641&idx=1&sn=7a41d8aceeeb227acfb93b534968da9c) - - [ ] [迎新年,启新篇|任子行祝您新春快乐、蛇年行大运](https://mp.weixin.qq.com/s?__biz=MzI0NjAyMjU4MA==&mid=2649595765&idx=1&sn=fd65317a7df2cda280b10b05734a7e1d) - - [ ] [新年伊始,华为星河AI融合SASE解决方案祝您“SASE”过群雄,一鸣惊人!](https://mp.weixin.qq.com/s?__biz=MzAwODU5NzYxOA==&mid=2247505875&idx=1&sn=d3e7db45fae8f8b023d025df3a110d88) - - [ ] [初一 | 新春纳福](https://mp.weixin.qq.com/s?__biz=MzIxNTQxMjQyNg==&mid=2247493740&idx=1&sn=3a548b5f7979b125fbee60be48b4bfe1) - - [ ] [【2025】新年快乐](https://mp.weixin.qq.com/s?__biz=MzUwOTc3MTQyNg==&mid=2247491386&idx=1&sn=81b68fc009fb3bb698df452f0490aebb) - - [ ] [分享图片](https://mp.weixin.qq.com/s?__biz=MzI3Njc1MjcxMg==&mid=2247494394&idx=1&sn=46b470b30f34d28b91b7446c0432ba7f) - - [ ] [巳巳如意 生生不息丨云天安全祝您新春快乐](https://mp.weixin.qq.com/s?__biz=MzI2NDYzNjY0Mg==&mid=2247501216&idx=1&sn=1bb93c2c50c51f4ba008c8c002e163e1) - - [ ] [Mac下破解激活JetBrains产品](https://mp.weixin.qq.com/s?__biz=Mzg5OTgzMzA1OA==&mid=2247483872&idx=1&sn=8fa59f27c9706af7c69ee722c4016785) - - [ ] [正月初一|金蛇迎春 巳巳如意](https://mp.weixin.qq.com/s?__biz=MzIxNDIzNTcxMg==&mid=2247506758&idx=1&sn=b9e384ec8963ccca8fe2773ebbb9023c) - - [ ] [魔方安全祝你蛇来运转,前程螣螣](https://mp.weixin.qq.com/s?__biz=MzI3NzA5NDc0MA==&mid=2649292206&idx=1&sn=3f87066febd3b789c0e7db2baf1fd1f9) - - [ ] [灵蛇启新元 初一福泽绵](https://mp.weixin.qq.com/s?__biz=MzU0MjEwNTM5Ng==&mid=2247520421&idx=1&sn=9d1cb6d9e4d36868892fdffebe8001f7) - - [ ] [瑞蛇迎春,共筑网安新未来!](https://mp.weixin.qq.com/s?__biz=MzU5ODgzNTExOQ==&mid=2247635828&idx=1&sn=dc1ea39348bc6420d3d24e3cbd1814d2) - - [ ] [大年初一|蛇年顺遂,事事如意!](https://mp.weixin.qq.com/s?__biz=MzU2NzUxMTM0Nw==&mid=2247513467&idx=1&sn=976f6d8db01ae07c788cd029211a3ee6) - - [ ] [山石网科·AI汇东方|正月初一,蛇年大吉](https://mp.weixin.qq.com/s?__biz=MzAxMDE4MTAzMQ==&mid=2661298278&idx=1&sn=48cdce5c730da12f4ee90406ada0f6f5) - - [ ] [拜大年|蛇跃新程 云科同行!](https://mp.weixin.qq.com/s?__biz=Mzg2NTk3NjczNQ==&mid=2247485633&idx=1&sn=8b101c6e5ac782199e1104c0e13efbc4) - - [ ] [恭贺新春 | 金盾信安祝您新春快乐,蛇年大吉!](https://mp.weixin.qq.com/s?__biz=MjM5NjA2NzY3NA==&mid=2448682671&idx=1&sn=5bdff851e304d4dbeff7833d0318a678) - - [ ] [迎新春 过新年 御盾安全给大家拜年啦!](https://mp.weixin.qq.com/s?__biz=MzU4ODgxMjE0Mw==&mid=2247486347&idx=1&sn=858139f172118c4bb834d05bf953cc4f) - - [ ] [蛇年到,福气绕,元支点给您拜年啦!](https://mp.weixin.qq.com/s?__biz=MzI4MDE2MzA4Mw==&mid=2667651078&idx=1&sn=747dc83ae36cc0ea5c1b93eb4bdbaf25) - - [ ] [极验给大家拜年了!](https://mp.weixin.qq.com/s?__biz=MzI2MDE5MTQxNg==&mid=2649723247&idx=1&sn=589cd5ffbdc64554e70c473143cb5c8e) - - [ ] [一元复始 万象更新,能信安祝您及家人新春大吉 万事如意!](https://mp.weixin.qq.com/s?__biz=MzI1MTYzMjY1OQ==&mid=2247490788&idx=1&sn=4ecf028f6de13d48505acb287263846e) - - [ ] [初一 | 恭贺新春,蛇年大吉!](https://mp.weixin.qq.com/s?__biz=Mzg4MjQ4MjM4OA==&mid=2247523802&idx=1&sn=6d75fb5fa444f7b8b4309bb64caadaf9) - - [ ] [金蛇纳福 | 大年初一,网安拜大年!](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235919&idx=1&sn=a091ebd91146a52049677eef87b7cfa1) - - [ ] [蛇年大吉 恭贺新春](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235919&idx=2&sn=1b8c628b25f0a25746c47876084b1c61) - - [ ] [祥蛇贺岁!2025,祝您蛇年顺遂、巳巳如意](https://mp.weixin.qq.com/s?__biz=MzkyNDcwMTAwNw==&mid=2247533748&idx=1&sn=2d4e5d8e231d87a0691bbaaf7bf882f2) - - [ ] [祥蛇献瑞,国泰家康丨永信至诚祝您新春快乐!](https://mp.weixin.qq.com/s?__biz=MzAwNDUyMjk4MQ==&mid=2454829244&idx=1&sn=15d13b997ed8a1d2b6de05f8f19815f0) - - [ ] [洞察2025年网络安全产业趋势](https://mp.weixin.qq.com/s?__biz=Mzg5OTg5OTI1NQ==&mid=2247489844&idx=1&sn=36f1c90e8bd6d4b656b0d844e9d34e9f) - - [ ] [新年快乐,巳巳如意!](https://mp.weixin.qq.com/s?__biz=Mzk0NTU0ODc0Nw==&mid=2247491864&idx=1&sn=bdd69466a0fca637b7efccc408def11e) - - [ ] [蛇跃新程,矢安科技祝您新的一年“巳巳如意”!](https://mp.weixin.qq.com/s?__biz=Mzg2Mjc3NTMxOA==&mid=2247516821&idx=1&sn=b60521f8bd702c0158be36308c378c7f) - - [ ] [拜大年,心向暖阳,愿邮件安全顺遂无忧](https://mp.weixin.qq.com/s?__biz=MzA5NjMyMDEwNg==&mid=2649286360&idx=1&sn=010f5320070eb627541f94e272efd09b) - - [ ] [初一 | 拜大年](https://mp.weixin.qq.com/s?__biz=MzI5NjA4NjA3OA==&mid=2652102063&idx=1&sn=3c51fdc8f0addd6ae0cfb25d2b458ea3) - - [ ] [新春快乐,蛇年吉祥,祝公众号的朋友们身体健康,工作顺利!](https://mp.weixin.qq.com/s?__biz=Mzg3NTUzOTg3NA==&mid=2247515082&idx=1&sn=47788096ca6fa4a1ecb947344b4af31a) - - [ ] [恭贺新春](https://mp.weixin.qq.com/s?__biz=MzU3NTQwNDYyNA==&mid=2247488573&idx=1&sn=0d50fb0a6590fdc5c74cdc1b072da0d9) - - [ ] [医疗行业数据安全风险评估实践指南(一)](https://mp.weixin.qq.com/s?__biz=MzA5MTYyMDQ0OQ==&mid=2247493571&idx=1&sn=5bb28d26963d363a5d4590d66a8df87b) - - [ ] [乙巳春节|新岁启封 万象更新](https://mp.weixin.qq.com/s?__biz=MjM5NjU0NDQ1Ng==&mid=2671019617&idx=1&sn=629fac95808c3f7da16dfa3856f5403c) - - [ ] [蛇年至,万象新,安易科技祝您新年快乐!](https://mp.weixin.qq.com/s?__biz=MzkwMTI3ODUxOQ==&mid=2247485207&idx=1&sn=b324e11004c245d1addc71c420ae24b2) - - [ ] [拜大年 | 竹爆声声辞旧岁,烟花朵朵迎新春。知白学院给您拜年啦~](https://mp.weixin.qq.com/s?__biz=MzUzNDg0NTc1NA==&mid=2247510555&idx=1&sn=adf528e69e77da7e1ade94a1037f657a) - - [ ] [贺新春!](https://mp.weixin.qq.com/s?__biz=MzUxODY3MDExMA==&mid=2247490118&idx=1&sn=41ce7f2bb938c7cb6e68ae48ea0bed1b) - - [ ] [新年祝福](https://mp.weixin.qq.com/s?__biz=Mzg4Nzk3MTg3MA==&mid=2247487719&idx=1&sn=cdab963d88b8a7a93f57e02822946c95) - - [ ] [船山信安给各位师傅们拜年啦!](https://mp.weixin.qq.com/s?__biz=MzU2NDY2OTU4Nw==&mid=2247518508&idx=1&sn=0bcd7cdfb692d548afb9fc3e4e0aabd8) - - [ ] [新年记](https://mp.weixin.qq.com/s?__biz=MzU0NDI5NTY4OQ==&mid=2247486261&idx=1&sn=a99fd42137a2c3a4e337746ba8d1c4d7) - - [ ] [安全客祝您蛇来运转,福满乾坤!](https://mp.weixin.qq.com/s?__biz=MzA5ODA0NDE2MA==&mid=2649787812&idx=1&sn=db21fb03c585e8434fd2aa509fe447b4) - - [ ] [【新年快乐】菜狗安全祝师傅们新年快乐(内含抽奖)](https://mp.weixin.qq.com/s?__biz=Mzg4MzkwNzI1OQ==&mid=2247485729&idx=1&sn=a0b793b557e83bc2f4e8ab3baff70b5b) - - [ ] [HackingClub祝您巳巳如意,前程螣螣!](https://mp.weixin.qq.com/s?__biz=MzkxMzE4MTc5Ng==&mid=2247499518&idx=1&sn=d9ce9cfedb17f3e247b95cd20c211551) - - [ ] [内生安全联盟恭祝大家新春快乐,万事大吉!](https://mp.weixin.qq.com/s?__biz=Mzg4MDU0NTQ4Mw==&mid=2247528904&idx=1&sn=4e192436cfabe37848d9c0a532aeaba5) - - [ ] [🐱网安招财喵喵新春祝福~](https://mp.weixin.qq.com/s?__biz=MzkzNjE5NjQ4Mw==&mid=2247543340&idx=1&sn=ee9b97e42573764b723f01e86b6ece2b) - - [ ] [大学生网络安全尖锋训练营给您拜年](https://mp.weixin.qq.com/s?__biz=MzUzODkwMDMxNA==&mid=2247574850&idx=1&sn=88a610b92fc3393da2255798f8ed2153) - - [ ] [《网信自主创新调研报告》编委会给您拜年](https://mp.weixin.qq.com/s?__biz=MzkxMzI3MzMwMQ==&mid=2247530977&idx=1&sn=d05ad11631bf7f2d2c27a0398c17cfe2) - - [ ] [暗魂攻防实验室祝各位蛇年大吉](https://mp.weixin.qq.com/s?__biz=MzkyMjE1NzQ2MA==&mid=2247489711&idx=1&sn=0ebcd1f0d28d56eff0d0744371744710) - - [ ] [惊喜放送丨辞旧迎新除烦恼,万巳如意好运来,火绒祝您新春大吉!](https://mp.weixin.qq.com/s?__biz=MzI3NjYzMDM1Mg==&mid=2247522008&idx=1&sn=72eb4a612f06bf7c8a597e0f7dc088e1) - - [ ] [诚邀渠道合作伙伴共启新征程](https://mp.weixin.qq.com/s?__biz=MzI3NjYzMDM1Mg==&mid=2247522008&idx=2&sn=9adee9b586588ae9a54e6a2b1cba98ec) - - [ ] [灵蛇迎春 瑞气盈门|美创科技祝您新岁安康,蛇来运转](https://mp.weixin.qq.com/s?__biz=MzA3NDE0NDUyNA==&mid=2650805046&idx=1&sn=744a4d22945a4c2a5c8ccfa9f48e6457) - - [ ] [迪普科技祝您新年快乐丨金蛇献瑞展宏图 续写网安新篇章](https://mp.weixin.qq.com/s?__biz=MzA4NzE5MzkzNA==&mid=2650370747&idx=1&sn=4d579b58e19a18bfbdb857b1fc747993) - - [ ] [骇极安全](https://mp.weixin.qq.com/s?__biz=MzIwNTU1NjYwNA==&mid=2247488014&idx=1&sn=d62058ec064d318cd051237797748ebf) - - [ ] [网安守夜人祝大家新年快乐](https://mp.weixin.qq.com/s?__biz=MzU0MzgyMzM2Nw==&mid=2247486255&idx=1&sn=cbfd1798a20828ea6d7687536ae8f243) - - [ ] [杂感四则](https://mp.weixin.qq.com/s?__biz=MzA5MzU5MzQzMA==&mid=2652114260&idx=1&sn=e7c060b972419b42cb2ed3ff9bd69084) - - [ ] [春节 | 密织数据安全网,祥启蛇年好运章](https://mp.weixin.qq.com/s?__biz=MzkyNzE5MDUzMw==&mid=2247569445&idx=1&sn=81d7230341be2c2bc815d4771fe32884) - - [ ] [攻防靶场(54):从LFI到RCE](https://mp.weixin.qq.com/s?__biz=MzI0NjA3Mzk2NQ==&mid=2247496095&idx=1&sn=4bba7300e436e3e9e1eb11a361c42c25) -- Der Flounder - - [ ] [Managing Apple Intelligence features on macOS Sequoia 15.3](https://derflounder.wordpress.com/2025/01/29/managing-apple-intelligence-features-on-macos-sequoia-15-3/) + - [ ] [2025 predictions: Security industry](https://securityboulevard.com/2025/01/2025-predictions-security-industry/) + - [ ] [Preparing for PCI DSS 4.0: How Sonatype SBOM Manager can streamline and accelerate your transition](https://securityboulevard.com/2025/01/preparing-for-pci-dss-4-0-how-sonatype-sbom-manager-can-streamline-and-accelerate-your-transition/) + - [ ] [Trust in Cloud Security with Effective Secrets Rotation](https://securityboulevard.com/2025/01/trust-in-cloud-security-with-effective-secrets-rotation/) + - [ ] [Innovative PAM Strategies for Modern Enterprises](https://securityboulevard.com/2025/01/innovative-pam-strategies-for-modern-enterprises/) + - [ ] [Advancing Cloud Compliance with Proactive Measures](https://securityboulevard.com/2025/01/advancing-cloud-compliance-with-proactive-measures/) + - [ ] [Hiya AI Phone App Protects Against Deepfakes, Other Scams](https://securityboulevard.com/2025/01/hiya-ai-phone-app-protects-against-deepfakes-other-scams/) + - [ ] [DEF CON 32 – Color Blasted Badge Making: How Hard Could It Be](https://securityboulevard.com/2025/01/def-con-32-color-blasted-badge-making-how-hard-could-it-be/) + - [ ] [2025’s Top Five Trends in Identity Verification](https://securityboulevard.com/2025/01/2025s-top-five-trends-in-identity-verification/) + - [ ] [Next Steps from the PCI Council’s SAQ-A Update: Critical Responsibilities and Opportunities for PSPs](https://securityboulevard.com/2025/01/next-steps-from-the-pci-councils-saq-a-update-critical-responsibilities-and-opportunities-for-psps/) + - [ ] [Assessing the New SAQ-A Changes: Insights for QSAs](https://securityboulevard.com/2025/01/assessing-the-new-saq-a-changes-insights-for-qsas/) - Hacking Articles - - [ ] [Credential Dumping: AD User Comment](https://www.hackingarticles.in/credential-dumping-ad-user-comment/) -- Google Online Security Blog - - [ ] [How we kept the Google Play & Android app ecosystems safe in 2024](http://security.googleblog.com/2025/01/how-we-kept-google-play-android-app-ecosystem-safe-2024.html) - - [ ] [How we estimate the risk from prompt injection attacks on AI systems](http://security.googleblog.com/2025/01/how-we-estimate-risk-from-prompt.html) -- Private Feed for M09Ic - - [ ] [CHYbeta starred sannykim/solsec](https://github.com/sannykim/solsec) - - [ ] [INotGreen starred 0xrawsec/whids](https://github.com/0xrawsec/whids) - - [ ] [safedv starred S3cur3Th1sSh1t/gui-pwn](https://github.com/S3cur3Th1sSh1t/gui-pwn) + - [ ] [AD Recon: Kerberos Username Bruteforce](https://www.hackingarticles.in/ad-recon-kerberos-username-bruteforce/) +- Sukka's Blog + - [ ] [2024:浏览器从 A 到 Z](https://blog.skk.moe/post/2024-browser-from-a-to-z/) +- Doonsec's feed + - [ ] [秦安:特朗普“半夜清洗”,解雇17名检察长,成三位一体反腐布局](https://mp.weixin.qq.com/s?__biz=MzA5MDg1MDUyMA==&mid=2650476392&idx=1&sn=11cf99bd5faf07695e3ac89ec70c72aa) + - [ ] [张志坤:巴拿马运河争夺战,真正目标是中国](https://mp.weixin.qq.com/s?__biz=MzA5MDg1MDUyMA==&mid=2650476392&idx=2&sn=4135a1c0538e4e13d4e225ad3de60ac2) + - [ ] [牟林:关于无人武器作战的战略思考](https://mp.weixin.qq.com/s?__biz=MzA5MDg1MDUyMA==&mid=2650476392&idx=3&sn=c0854894545a61159ff4423409fe77fe) + - [ ] [牟林:靠征关税致富做得到吗?](https://mp.weixin.qq.com/s?__biz=MzA5MDg1MDUyMA==&mid=2650476392&idx=4&sn=a54df395e2fe825567a13f177b2f1ed2) + - [ ] [Loggy - Introduce to reverseing golang binary](https://mp.weixin.qq.com/s?__biz=Mzg4NzU4MDE5NQ==&mid=2247484272&idx=1&sn=b38cb2dd664786c222e314a789b7da40) + - [ ] [byd红客](https://mp.weixin.qq.com/s?__biz=MzkyNTQ0OTYxOQ==&mid=2247483988&idx=1&sn=5b25e95ccbd765424198f50243e7edf7) + - [ ] [【速报】github 挂了?(世界就是一个巨大的草台班子)](https://mp.weixin.qq.com/s?__biz=Mzg4NzgzMjUzOA==&mid=2247485449&idx=1&sn=2e621cb2afe5e511ac88f055da981272) + - [ ] [Kali下安装与使用BeEF:反射型与存储型XSS攻击、Cookie会话劫持、键盘监听及浏览器操控技巧](https://mp.weixin.qq.com/s?__biz=MzU2MTc4NTEyNw==&mid=2247486453&idx=1&sn=cd3057994dfa4e6a29c9d70b342f9e8a) + - [ ] [起](https://mp.weixin.qq.com/s?__biz=MzAwMjQ2NTQ4Mg==&mid=2247496866&idx=1&sn=50672ddfb00ba89a961f457c1121f0f1) + - [ ] [(吃瓜)Github疑似遭受ddos攻击](https://mp.weixin.qq.com/s?__biz=MzkzNjczNzEyMw==&mid=2247484164&idx=1&sn=0e0f18f1790d8e9a2fd97d76ed9ff8eb) + - [ ] [特朗普“午夜清洗”:17名监察长“下马”,法律争议“炸锅](https://mp.weixin.qq.com/s?__biz=MzkwNzM0NzA5MA==&mid=2247505045&idx=1&sn=d3b57f2d70f4497ba9e6bd0d3792b39b) + - [ ] [印度卫星对接成功:技术存在局限性](https://mp.weixin.qq.com/s?__biz=MzkwNzM0NzA5MA==&mid=2247505045&idx=2&sn=1f9e6ca2b9e492d72bd16233e83dcf9c) + - [ ] [大家一起ddos白宫](https://mp.weixin.qq.com/s?__biz=MzkyOTQzNjIwNw==&mid=2247491639&idx=1&sn=ea6a2bb14d619f5834396d7fe8ebf609) + - [ ] [研究完威胁分类,才发现我们平时谈的“以威胁为中心”都是假的!](https://mp.weixin.qq.com/s?__biz=MzAxOTk3NTg5OQ==&mid=2247492288&idx=1&sn=4a85f9ccfbc35e9f52f817bc25f4ce10) + - [ ] [世界需要一个能谋善断的AI(三)决策的厚重:人类世界是如何被“选择”塑造的?](https://mp.weixin.qq.com/s?__biz=MzAxOTk3NTg5OQ==&mid=2247492288&idx=2&sn=416787d4505f6a7bf562f91bcf9f37cd) + - [ ] [DeepSeek-R1:通过强化学习激励LLM的推理能力](https://mp.weixin.qq.com/s?__biz=MjM5OTk4MDE2MA==&mid=2655264879&idx=1&sn=74c7f7b47fbb79364c8dc55264481f92) + - [ ] [分享图片](https://mp.weixin.qq.com/s?__biz=MzI3Njc1MjcxMg==&mid=2247494399&idx=1&sn=21a59287adb50dc4b945b2325e795fe4) + - [ ] [SpiderX-V2.0发布 解锁JS加密新姿势攻防武器](https://mp.weixin.qq.com/s?__biz=MzkxOTU3MDY4MQ==&mid=2247484842&idx=1&sn=29eca64227216346731e46e212de2a92) + - [ ] [量子计算机时代的汽车系统的嵌入式安全](https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247620255&idx=1&sn=610c3bff71970b4fbc041a0177ee93fd) + - [ ] [揭开人工智能在交通网络安全中的神秘面纱](https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247620255&idx=2&sn=c361a268b2ef526cf5e44433248d1d13) + - [ ] [车辆网络处理器上的后量子安全启动](https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247620255&idx=3&sn=ee30d942f28072654d6b335624aea228) + - [ ] [新年开工啦](https://mp.weixin.qq.com/s?__biz=MzIzODMyMzQxNQ==&mid=2247484490&idx=1&sn=379870838aa89954061ce91a8fe22392) + - [ ] [揭秘土耳其“红皮书”:真相还是阴谋?](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650559341&idx=1&sn=517465083ba598dcfc9d243a3f11d1c9) + - [ ] [中亚新位置:美国到底是“机遇”还是“陷阱”?](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650559341&idx=2&sn=58f2aa6cb8bf4e2d52982ba4dc461e34) + - [ ] [深入浅出API测试|搜集分析与漏洞挖掘实战](https://mp.weixin.qq.com/s?__biz=MzIzMTIzNTM0MA==&mid=2247496981&idx=1&sn=1b88708a474086d96cf22a9428c93835) + - [ ] [网络运维工程师如何高效运维数据中心,记住这6条定律!](https://mp.weixin.qq.com/s?__biz=MzUyNTExOTY1Nw==&mid=2247528027&idx=1&sn=bb96422660e09519af965fecc213d4cf) + - [ ] [春节假期7个基本网络安全提示](https://mp.weixin.qq.com/s?__biz=MzA5MzU5MzQzMA==&mid=2652114269&idx=1&sn=731f251283d6f584e16dd15c5f0f1b4f) + - [ ] [为什么DDoS攻击如此致命?](https://mp.weixin.qq.com/s?__biz=MzIyMzIwNzAxMQ==&mid=2649464754&idx=1&sn=df89b63da565ca06f6419c818442ef13) + - [ ] [利用DeepSeek进行java代码审计,好用!](https://mp.weixin.qq.com/s?__biz=MzkxNjQyODY5MA==&mid=2247487042&idx=1&sn=256d32002fcf342d7770b39c1d41f695) + - [ ] [收藏 | dotNet安全矩阵 2024 年度目标权限维持阶段文章和工具汇总](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498569&idx=1&sn=a273094850e815c5dccaf5c9fbb7956f) + - [ ] [国内最专业、最全面的 [ .NET 代码审计 ] 体系化学习交流社区](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498569&idx=2&sn=efe5abab1b53aa0c37945f18fbfb5043) + - [ ] [收藏 | dotNet安全矩阵 2024 年度外网入口打点阶段文章和工具汇总](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498569&idx=3&sn=b5363f2569c8b2f819bc9d52cc71cc79) + - [ ] [2024年,安全厂商为什么这么惨?](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485482&idx=1&sn=ccf61766565e0badd0172f57ee1728f1) + - [ ] [【干货原创】实网攻防演习常态化,会带来什么变化01](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485482&idx=4&sn=919cc9d33961ed8e6a35eede596478de) + - [ ] [【干货原创】K12教育,鲜为人知的模式秘密](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485482&idx=5&sn=bf335b4022071ba93823b812090acee6) + - [ ] [原创文章目录](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485482&idx=6&sn=3ff7227d97237b358e80b064be4215f2) + - [ ] [四川大学网安少年班](https://mp.weixin.qq.com/s?__biz=Mzg4NDg3NjE5MQ==&mid=2247485616&idx=1&sn=5255daa9a5e28be2c73d156eeb167ad5) + - [ ] [世界经济论坛《2025年全球网络安全展望》报告一览](https://mp.weixin.qq.com/s?__biz=MzU0MDc5ODM0Mg==&mid=2247484780&idx=1&sn=5c29954e85b159e98b2db3467a6f4281) + - [ ] [【恭贺新春】企业级内网仿真「Thunder」免费开战!通关赢千元现金](https://mp.weixin.qq.com/s?__biz=Mzg5MDc1MjY5Ng==&mid=2247493011&idx=1&sn=324fff14046b3d7b31e4f2827bccacfb) + - [ ] [AI风险分析 | Grok提示词泄露前后暗藏玄机](https://mp.weixin.qq.com/s?__biz=MzkyMTI0NjA3OA==&mid=2247494054&idx=1&sn=9122e0562bcad42ee707e0879b945aa1) + - [ ] [针对DeepSeek的网络攻击再升级:僵尸网络进场 攻击指令激增上百倍u200b](https://mp.weixin.qq.com/s?__biz=MzI4NDY2MDMwMw==&mid=2247513623&idx=1&sn=d0d49c0d4b6e85b4dd8aacd8623ca272) + - [ ] [Offsec PG靶场-Pelican(OSCP考试)](https://mp.weixin.qq.com/s?__biz=MzU5MjIzMDMzNg==&mid=2247484347&idx=1&sn=0c628f8609fa4badb4f81f1f90b3d305) + - [ ] [六部门印发|关于完善数据流通安全治理 更好促进数据要素市场化价值化的实施方案](https://mp.weixin.qq.com/s?__biz=MzIxNDIzNTcxMg==&mid=2247506759&idx=1&sn=851aa85a7e994c201ed3fa8c930ebe05) + - [ ] [UbuntuServer24.04上使用NVIDIA GeForce RTX 4060Ti部署并训练DeepSeek R1大模型](https://mp.weixin.qq.com/s?__biz=Mzg2MjYxODQ4Mw==&mid=2247484982&idx=1&sn=226d2daae237f9ead22b087b2611e457) + - [ ] [干货 | 渗透测试以及checklist模板,附PDF免费下载!](https://mp.weixin.qq.com/s?__biz=MzkxMzMyNzMyMA==&mid=2247570691&idx=1&sn=74eca2607d62024085a1edf27565aeef) + - [ ] [DeepSeek遭暴力破解 攻击IP均来自美国](https://mp.weixin.qq.com/s?__biz=MjM5MzMwMDU5NQ==&mid=2649170578&idx=1&sn=c79c88154ac6083c4d178ed4a123665b) + - [ ] [奇安信:针对DeepSeek的网络攻击再升级! 僵尸网络进场,指令激增上百倍](https://mp.weixin.qq.com/s?__biz=MjM5MzMwMDU5NQ==&mid=2649170578&idx=2&sn=19ad0e0ac08770adde15936cbc245f61) + - [ ] [从创新环境看新质生产力发展](https://mp.weixin.qq.com/s?__biz=MzI1OTExNDY1NQ==&mid=2651618932&idx=1&sn=829c061c8fe0ac244f869355102c255f) + - [ ] [僵尸网络进场,针对 DeepSeek 网络攻击再升级](https://mp.weixin.qq.com/s?__biz=MzU0NDk0NTAwMw==&mid=2247624774&idx=1&sn=5c438a523258d18082e4918e22ff51c9) + - [ ] [惊魂72小时:一场席卷Linux世界的巨大威胁是如何被阻止的](https://mp.weixin.qq.com/s?__biz=MzI5MjY4MTMyMQ==&mid=2247489858&idx=1&sn=01a4503fd428692055c9a137cd9bb0a8) + - [ ] [比特币链上大周期投资指导方案](https://mp.weixin.qq.com/s?__biz=MzI3NTcwNTQ2Mg==&mid=2247487630&idx=1&sn=532f51f67ceab5e41324cbf9a80d0432) + - [ ] [秒达工具箱:各种开发者必备的工具集合,支持Docker部署](https://mp.weixin.qq.com/s?__biz=MzA4MjkzMTcxMg==&mid=2449046776&idx=1&sn=c7985da37fee0d92ef3585fa526b3ba5) + - [ ] [DeepSeek 数据库被攻击,国外团队已公开披露漏洞](https://mp.weixin.qq.com/s?__biz=Mzg4MTkwMTI5Mw==&mid=2247488775&idx=1&sn=2b8f2e1154eb0de5e1422589ee7b4f95) + - [ ] [旧知新话说“标识”之心意篇:标识助力物流信息可追溯](https://mp.weixin.qq.com/s?__biz=MzU1OTUxNTI1NA==&mid=2247592366&idx=1&sn=28ab8739af2ccfaae353c286890cde3f) + - [ ] [DeepSeek 开源免费,大洋彼岸直接急了](https://mp.weixin.qq.com/s?__biz=MzIzNjU5NDE2MA==&mid=2247490177&idx=1&sn=8c3da180f37e24bb83cc20d6168c694a) + - [ ] [可能这就是你deepseek无法访问的原因——deepseek 漏洞(已修复)](https://mp.weixin.qq.com/s?__biz=Mzk0MDY2NTY5Mw==&mid=2247485665&idx=1&sn=ce7d065feabad43d7bd144eb57ba1115) + - [ ] [小日子已经被deepseek折服——日媒:DeepSeek模型以简单方法实现高性能](https://mp.weixin.qq.com/s?__biz=Mzk0MDY2NTY5Mw==&mid=2247485665&idx=2&sn=3648dc775f70e3d481072e9e72b21a84) + - [ ] [FtC4Wraiths CTF战队招募令:成为幽灵,掌控战场!](https://mp.weixin.qq.com/s?__biz=Mzk0NjQ2NzQ0Ng==&mid=2247485011&idx=1&sn=eab2c10d8fcd6cc7e3fbdff694b4cd7a) + - [ ] [【2025-01-30】黑客新闻摘要](https://mp.weixin.qq.com/s?__biz=MzIzNDU5NTI4OQ==&mid=2247488390&idx=1&sn=3e958dfb1428d5b530c24db97201ea53) + - [ ] [DeepSeek因软件供应链安全问题导致严重聊天记录数据泄漏](https://mp.weixin.qq.com/s?__biz=MzkwOTM0MjI5NQ==&mid=2247488049&idx=1&sn=377ab6f02bf6685c6ecd606923242cc3) + - [ ] [(吃瓜)刘农TV之渗透中遇到的神人运维](https://mp.weixin.qq.com/s?__biz=MzkzNjczNzEyMw==&mid=2247484157&idx=1&sn=597aa22f30bf086e39d157e7ba9082ad) + - [ ] [DeepSeek 大模型数据泄露被国外安全团队发现](https://mp.weixin.qq.com/s?__biz=MzU4NDY3MTk2NQ==&mid=2247491067&idx=1&sn=53535c35ef941d31f4d587b0cbd426e6) + - [ ] [利用 Unicode 溢出绕过字符阻止列表](https://mp.weixin.qq.com/s?__biz=MzAxMjYyMzkwOA==&mid=2247527393&idx=1&sn=c9213875c652ac0318560b3966348226) + - [ ] [幻影行动:朝鲜的全球数据渗透运动](https://mp.weixin.qq.com/s?__biz=MzAxMjYyMzkwOA==&mid=2247527393&idx=2&sn=9923de4ef6d306281ce4fb13f253af1d) + - [ ] [Operation Talent:FBI 查获 Nulled.to、Cracked.to、Sellix.io 等](https://mp.weixin.qq.com/s?__biz=MzAxMjYyMzkwOA==&mid=2247527393&idx=3&sn=2949b5b96b17ce834ae88fc78313dbb7) + - [ ] [nt-load-order 第二部分 - 你想知道的更多内容](https://mp.weixin.qq.com/s?__biz=MzAxODM5ODQzNQ==&mid=2247486806&idx=1&sn=cb4a4fbf16cf2ff7c0a99333cf155ca8) + - [ ] [资讯 | DeepSeek被曝数据泄漏](https://mp.weixin.qq.com/s?__biz=Mzg4MDkyMTE4OQ==&mid=2247489001&idx=1&sn=e965d2b7151b3b51e0b48dc264cc7cd2) + - [ ] [DeepSeek被海外曝出严重聊天记录数据泄漏问题](https://mp.weixin.qq.com/s?__biz=MzIyOTAxOTYwMw==&mid=2650236959&idx=1&sn=0024f87794598ce60e345aa728e8a771) + - [ ] [真假](https://mp.weixin.qq.com/s?__biz=MzAwMjQ2NTQ4Mg==&mid=2247496860&idx=1&sn=dac3717d63b7496fc260f3d91e4d5ec0) + - [ ] [越权漏洞实战漏洞报告](https://mp.weixin.qq.com/s?__biz=Mzk0NTg3ODYxNg==&mid=2247485094&idx=1&sn=300233e404ea534282f994bd51e38594) + - [ ] [功能强大的XSS自动化扫描器](https://mp.weixin.qq.com/s?__biz=MzkyNzIxMjM3Mg==&mid=2247489193&idx=1&sn=08b43c401df76f44cf749c44eb4af9c6) + - [ ] [有网安需求记得找我](https://mp.weixin.qq.com/s?__biz=MzkyNzIxMjM3Mg==&mid=2247489193&idx=2&sn=6c2c55bb757aa67cc9f21a6b40c6df40) + - [ ] [30 - 使用DInvoke和Sliver规避OpenEDR并提升权限](https://mp.weixin.qq.com/s?__biz=MzI4NTcxMjQ1MA==&mid=2247615412&idx=1&sn=3c8990ffa72d3496df8110af3260a080) + - [ ] [代码审计 | 如何获取CVE漏洞编号](https://mp.weixin.qq.com/s?__biz=MzUyODkwNDIyMg==&mid=2247547534&idx=1&sn=89f840ad1397911a18d5776cb54ed32c) + - [ ] [俄罗斯APT组织 RomCom 再次出击,针对乌克兰政府和波兰实体的网络攻击升级!](https://mp.weixin.qq.com/s?__biz=Mzg3OTYxODQxNg==&mid=2247485658&idx=1&sn=1811ccb336bf5596bc0376a10ebe3cbe) + - [ ] [deepseek写的对联,总感觉有点不对劲🐶](https://mp.weixin.qq.com/s?__biz=MzkzNDIzNDUxOQ==&mid=2247494633&idx=1&sn=644193027ce66213cffde32a42bad868) + - [ ] [【已修复】DeepSeek数据库暴露,泄露包括聊天记录在内的敏感信息](https://mp.weixin.qq.com/s?__biz=MzkzNDIzNDUxOQ==&mid=2247494633&idx=2&sn=62ef49860992fd84fbebc9fbae2d8839) + - [ ] [Wiz研究发现暴露的DeepSeek数据库泄露敏感信息,包括聊天记录](https://mp.weixin.qq.com/s?__biz=MzkxNjMwNDUxNg==&mid=2247487248&idx=1&sn=24a5ae9036da7d03afb83c9dd679255b) + - [ ] [🐍年好~~嘶嘶嘶](https://mp.weixin.qq.com/s?__biz=MzU4Mzc4MDQyOQ==&mid=2247484414&idx=1&sn=0caae77933f7012d33420541deab9019) + - [ ] [【2025春节】解题领红包活动开始喽,解出就送论坛币!\\n\\n第一题送分题有手就行(不需有脑,已有 1376 位会员完成此任务)。\\n\\n第二题 Windows 初级题 14点整 上线,题目很简单,如果你对逆向分析感兴趣,不妨借此机会自学尝试,让这次活动真正成为你技能提升的阶梯。](https://mp.weixin.qq.com/s?__biz=MjM5Mjc3MDM2Mw==&mid=2651141658&idx=1&sn=11067b00a771b8ee9bd4c4d0da1e8908) + - [ ] [当DDoS成为DeepSeek的进化催化剂](https://mp.weixin.qq.com/s?__biz=MzUzNjkxODE5MA==&mid=2247488198&idx=1&sn=294befdcf4fe9033a98c6148815a0ec1) + - [ ] [初二娘家暖 祥蛇护亲安](https://mp.weixin.qq.com/s?__biz=MzU0MjEwNTM5Ng==&mid=2247520422&idx=1&sn=ca4a601872c8ca514160ea4117463939) + - [ ] [本地部署 deepseek-r1 模型](https://mp.weixin.qq.com/s?__biz=Mzk0MzY3MDE5Mg==&mid=2247484010&idx=1&sn=d298326b0ef79202e6e0093216ebaa82) + - [ ] [美军对DeepSeek“出手”了!DeepSeek遭恶意攻击,攻击IP均来自美国!](https://mp.weixin.qq.com/s?__biz=MzAwMjA5OTY5Ng==&mid=2247525698&idx=1&sn=131f65bb9cab76e179f85720d4c77212) + - [ ] [大年初二 | 金蛇迎春,福“巳”绵延](https://mp.weixin.qq.com/s?__biz=MzA4MTg0MDQ4Nw==&mid=2247579270&idx=1&sn=07b4d333a5b2f57048e51d6aa8cc4224) + - [ ] [太丢人了](https://mp.weixin.qq.com/s?__biz=Mzg5NjY4NDg1Nw==&mid=2247483948&idx=1&sn=c78c4f6b64f4e732bb3fcbe3684d3819) + - [ ] [DeepSeek与其他大模型网络安全领域测评](https://mp.weixin.qq.com/s?__biz=Mzg4NDg3NjE5MQ==&mid=2247485615&idx=1&sn=2faa9a9f50deaf18f69117424391d9a5) + - [ ] [多次加密攻击](https://mp.weixin.qq.com/s?__biz=MzI1NzUxOTUzMA==&mid=2247485786&idx=1&sn=ef2f09bcc5eb7ecad5b545295bf5be21) + - [ ] [2025网络暴露危机报告:45%第三方应用越权访问用户数据](https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651313208&idx=1&sn=21db4a4d88530fd63cdb722001dad229) + - [ ] [Banshee Stealer新变种正借Apple XProtect加密技术躲避杀毒软件](https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651313208&idx=2&sn=428f13d4f84f8d084d6730cfab69b9cb) + - [ ] [上千个恶意域名正在仿冒Reddit和WeTransfer](https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651313208&idx=3&sn=e2d553ae7f7a6dab81dc2d0f81f9d42f) + - [ ] [如何使用LDAPX动态检查和转换LDAP数据包](https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651313208&idx=4&sn=d1471190e17067ad31fd0a762ad813d1) + - [ ] [Redis数据库主从复制RCE影响分析](https://mp.weixin.qq.com/s?__biz=MjM5MjEyMTcyMQ==&mid=2651037457&idx=1&sn=32e47044585804b9f31934fb3a7a3f5c) + - [ ] [大年初二 画蛇添福](https://mp.weixin.qq.com/s?__biz=Mzg2MTU5ODQ2Mg==&mid=2247507174&idx=1&sn=af46b8c1bdd9e12e5913225f518e1e09) + - [ ] [新年新挑战,红日安全不打烊!携手同行,保障数字世界,迎接无限机遇!💻💼](https://mp.weixin.qq.com/s?__biz=MzI4NjEyMDk0MA==&mid=2649851771&idx=1&sn=e32da143725cb1281d784159a2d92a85) + - [ ] [数字取证之数据收集u200c](https://mp.weixin.qq.com/s?__biz=MjM5OTk4MDE2MA==&mid=2655264859&idx=1&sn=5157da074859752737fca3e1377e830b) + - [ ] [公众号爆款突破10万+是种什么体验?](https://mp.weixin.qq.com/s?__biz=Mzk0MTI4NTIzNQ==&mid=2247492229&idx=1&sn=fb6516c2c50768440203194bf072ef8f) + - [ ] [网安原创文章推荐【2025/1/29】](https://mp.weixin.qq.com/s?__biz=MzAxNzg3NzMyNQ==&mid=2247489523&idx=1&sn=b774285745567a078a25412d369d42e3) + - [ ] [Qwen 2.5横空出世:阿里大模型超越DeepSeek-V3](https://mp.weixin.qq.com/s?__biz=Mzk0ODY1NzEwMA==&mid=2247486600&idx=1&sn=8759e5cb59a7ae3a10f4e360ae1343c8) + - [ ] [DeepSeek已遭美西方全面围剿:各种放大后的问题及恶意舆论接踵而至](https://mp.weixin.qq.com/s?__biz=MzkyMjQ5ODk5OA==&mid=2247507157&idx=1&sn=705ed2698837c80532fbdcaa33a20411) + - [ ] [暗网情报6则:阿根廷电信公司数据泄露-260G登录凭证兜售-以色列国家安全部遭黑](https://mp.weixin.qq.com/s?__biz=MzkyMjQ5ODk5OA==&mid=2247507157&idx=2&sn=32183d1acca665f6055c418febf0b72a) + - [ ] [5th域安全微讯早报【20250130】026期](https://mp.weixin.qq.com/s?__biz=MzkyMjQ5ODk5OA==&mid=2247507157&idx=3&sn=678b70aba584829d92026c69f41dad6a) + - [ ] [DeepSeek与ChatGPT代码审计能力对比与分析](https://mp.weixin.qq.com/s?__biz=MzU5OTMxNjkxMA==&mid=2247488582&idx=1&sn=48f04da2ac9254f4e9bcaba0a14431a5) + - [ ] [ScanV、ScanA:监测违规防患,事件安全无虞](https://mp.weixin.qq.com/s?__biz=MjM5NzA3Nzg2MA==&mid=2649870840&idx=1&sn=eb6c30950bf84dd86835312726abf657) + - [ ] [阿里巴巴发布Qwen 2.5系列新模型,宣称超越 DeepSeek-V3](https://mp.weixin.qq.com/s?__biz=Mzg4Njc1MTIzMw==&mid=2247485776&idx=1&sn=73a8b2ee13adf483ccc862bea60a6657) + - [ ] [知识星球持续更新](https://mp.weixin.qq.com/s?__biz=Mzg4Njc1MTIzMw==&mid=2247485776&idx=2&sn=6cab966e4a4f99fd7f1a7f60f7177a88) + - [ ] [大年初二丨安天睿甲给您拜年了](https://mp.weixin.qq.com/s?__biz=MjM5MTA3Nzk4MQ==&mid=2650209904&idx=1&sn=2d3424335c5408deda2ab07b51876c54) + - [ ] [初二 | 愿家人和和美美,吉祥安康!](https://mp.weixin.qq.com/s?__biz=MzU4NjY4MDAyNQ==&mid=2247497079&idx=1&sn=081d5bd8e78c90a7d1bcba0e251b48ea) + - [ ] [记一次绕过阿里云waf与某不知名waf的双waf上传getshell](https://mp.weixin.qq.com/s?__biz=Mzk0Mzc1MTI2Nw==&mid=2247487348&idx=1&sn=2c7a4d59b64392a92053475c8096f285) + - [ ] [正月初二| 有蛇有得 团团圆圆](https://mp.weixin.qq.com/s?__biz=MzI2MzU0NTk3OA==&mid=2247506081&idx=1&sn=c7bc814576e63a573c12fae1a2f9aefe) + - [ ] [捷普基础产品线,守护基础设施安全](https://mp.weixin.qq.com/s?__biz=MzI2MzU0NTk3OA==&mid=2247506081&idx=2&sn=95cf7a673991ce095ee9525401f5f855) + - [ ] [【焕新领先】捷普下一代防火墙](https://mp.weixin.qq.com/s?__biz=MzI2MzU0NTk3OA==&mid=2247506081&idx=3&sn=0776637513dd08e8549e6e036951db3e) + - [ ] [ISO 45001: 2018 标准详解与实施(11)6.1.3 法律法规要求和其他要求的确定](https://mp.weixin.qq.com/s?__biz=MzA5OTEyNzc1Nw==&mid=2247486050&idx=1&sn=2750be0dbb0d7015b92061bb993add86) + - [ ] [初二](https://mp.weixin.qq.com/s?__biz=MzUyMjAyODU1NA==&mid=2247491947&idx=1&sn=1d01beee8ad4061189c478e349ef78d7) + - [ ] [DeepSeek的强大,一句话让AI帮我写了个程序-流量安全分析研判工具](https://mp.weixin.qq.com/s?__biz=MzkxMTUwOTY1MA==&mid=2247490145&idx=1&sn=a932062265ad24982beeee1706d70d4d) + - [ ] [大年初二 | 金蛇纳福,好事成双](https://mp.weixin.qq.com/s?__biz=MzA3OTMxNTcxNA==&mid=2650963505&idx=1&sn=b6d789ba930e09c363ebc1f9444849d6) + - [ ] [正月初二归家暖!亚信安全祝大家蛇全蛇美,蛇行大运](https://mp.weixin.qq.com/s?__biz=MjM5NjY2MTIzMw==&mid=2650620959&idx=1&sn=7d3ca2f816e618a8e9e764ebd74f3644) + - [ ] [大年初二 二龙腾飞](https://mp.weixin.qq.com/s?__biz=MjM5NzE0NTIxMg==&mid=2651135289&idx=1&sn=ccfa447f9bf7ccfdf2f578f6b4f71e1d) + - [ ] [大年初二 | 眉开眼笑回娘家](https://mp.weixin.qq.com/s?__biz=Mzk0MDQ5MTQ4NA==&mid=2247487428&idx=1&sn=7f6bc2eb6c48e2d05a319a51de44f0c3) + - [ ] [CIO启示录:技术管理如何突破效率天花板](https://mp.weixin.qq.com/s?__biz=Mzg4Nzk3MTg3MA==&mid=2247487724&idx=1&sn=992966ac782bfff5f58a78669566cd34) + - [ ] [2025常见的网络安全服务大全(汇总详解)](https://mp.weixin.qq.com/s?__biz=MzIwMzIyMjYzNA==&mid=2247517988&idx=1&sn=71db8ddc34dbb5bd2e9fce7b232edaaf) + - [ ] [初二:好运连连](https://mp.weixin.qq.com/s?__biz=MzU0NDk0NTAwMw==&mid=2247624762&idx=1&sn=47241d7f7296e0089b5da756046322f0) + - [ ] [初二|燃炮迎春盼福至 网站弹窗鉴虚实](https://mp.weixin.qq.com/s?__biz=MzkxNDY0MjMxNQ==&mid=2247532957&idx=1&sn=9932467d97cae7cd76bdb1790358e7cc) + - [ ] [【初二】安全一路相随 团聚近在眼前](https://mp.weixin.qq.com/s?__biz=MjM5NTE0MjQyMg==&mid=2650624574&idx=1&sn=d10e6d1823438874c6e7929eb90b1e97) + - [ ] [2025年最可能的五种网络攻击,你的企业准备好了吗?](https://mp.weixin.qq.com/s?__biz=Mzg4NDc0Njk1MQ==&mid=2247487182&idx=1&sn=3c76f4710e63ed2414babafceda9eec1) + - [ ] [诸葛亮教你如何应对APT攻击](https://mp.weixin.qq.com/s?__biz=MzAwMjQ2NTQ4Mg==&mid=2247496849&idx=1&sn=d3276fd13b7a991e2e1c5cbbb41a3b4c) + - [ ] [国自然中标真不难!十年评审专家1v1精修你的本子,中标率提升58%](https://mp.weixin.qq.com/s?__biz=MzAwMjQ2NTQ4Mg==&mid=2247496849&idx=2&sn=41d0f5a68ff64924994dc39112bf9672) + - [ ] [初二 | 姻缘美满](https://mp.weixin.qq.com/s?__biz=MzIxNTQxMjQyNg==&mid=2247493741&idx=1&sn=e36485b394ed47daf3a04225998efbe1) - Recent Commits to cve:main - - [ ] [Update Wed Jan 29 20:28:19 UTC 2025](https://github.com/trickest/cve/commit/2a9a6c5e8dfdef652b3351b8c7c20cddc3b7958c) - - [ ] [Update Wed Jan 29 12:26:44 UTC 2025](https://github.com/trickest/cve/commit/023d47466c3dfcf89301b51bd1f75e5ac6af45d2) - - [ ] [Update Wed Jan 29 04:20:44 UTC 2025](https://github.com/trickest/cve/commit/9bbcd187c35f8f8562d789c9c6a09501e13902b6) + - [ ] [Update Thu Jan 30 20:25:02 UTC 2025](https://github.com/trickest/cve/commit/630b95e7243b0245cde3df59fe484976ce30e2ee) + - [ ] [Update Thu Jan 30 12:18:33 UTC 2025](https://github.com/trickest/cve/commit/6d2f59a5338e9b0f9fda557d99080a0f50fd20af) + - [ ] [Update Thu Jan 30 04:17:50 UTC 2025](https://github.com/trickest/cve/commit/9cf77fc7fab952fdfcbf1e41b07c41bd3ecd8cd6) +- Armin Ronacher's Thoughts and Writings + - [ ] [How I Use AI: Meet My Promptly Hired Model Intern](http://lucumr.pocoo.org/2025/1/30/how-i-ai) - Trustwave Blog - - [ ] [Inside APT34 (OilRig): Tools, Techniques, and Global Cyber Threats](https://www.trustwave.com/en-us/resources/blogs/trustwave-blog/inside-apt34-oilrig-tools-techniques-and-global-cyber-threats/) -- Bug Bounty in InfoSec Write-ups on Medium - - [ ] [5 Things You Should Understand Before Jumping into Bug Bounty](https://infosecwriteups.com/5-things-you-should-understand-before-jumping-into-bug-bounty-813cd960c6bc?source=rss----7b722bfd1b8d--bug_bounty) - - [ ] [Exploiting XSS To Steal Cookies](https://infosecwriteups.com/exploiting-xss-to-steal-cookies-f0aebdcd815b?source=rss----7b722bfd1b8d--bug_bounty) - - [ ] [How I Found a Ticket Booking Bug That Allowed Me to Travel Almost for Free in TNSTC](https://infosecwriteups.com/how-i-found-a-ticket-booking-bug-that-allowed-me-to-travel-almost-for-free-in-tnstc-2c7aa23aebf6?source=rss----7b722bfd1b8d--bug_bounty) -- Horizon3.ai - - [ ] [Fireside Chat: Horizon3.ai and North Carolina’s Electric Cooperatives](https://www.horizon3.ai/intelligence/webinars/fireside-chat-horizon3-ai-and-north-carolinas-electric-cooperatives/) -- Blogs dade - - [ ] [Lessons in Everything](https://0xda.de/blog/2025/01/lessons-in-everything/) + - [ ] [How Trustwave’s Fusion Platform Analyzes Ransomware Tactics in the Energy Sector: A Comprehensive Overview](https://www.trustwave.com/en-us/resources/blogs/trustwave-blog/how-trustwaves-fusion-platform-analyzes-ransomware-tactics-in-the-energy-sector-a-comprehensive-overview/) +- 一个被知识诅咒的人 + - [ ] [【Python】深入探索Python元类:动态生成类与对象的艺术](https://blog.csdn.net/nokiaguy/article/details/145397730) + - [ ] [【Python】深入理解Python中的装饰器链:创建组合装饰器的技巧与实践](https://blog.csdn.net/nokiaguy/article/details/145397710) +- gynvael.coldwind//vx.log (en) + - [ ] [On hackers, hackers, and hilarious misunderstandings](https://gynvael.coldwind.pl/?id=799) +- Flexera Blog - Feed + - [ ] [Cyber-Resilience regulations are here—is your organization ready?](https://www.flexera.com/blog/security/cyber-resilience-regulations-are-here-is-your-organization-ready/) +- Private Feed for M09Ic + - [ ] [safedv starred DebugPrivilege/InsightEngineering](https://github.com/DebugPrivilege/InsightEngineering) + - [ ] [LinuxJS started following M09Ic](https://github.com/M09Ic) - Twitter @bytehx - - [ ] [Re @yeswehack Thanks !](https://x.com/bytehx343/status/1884630328339472481) - - [ ] [Re @CristiVlad25 @yeswehack :-)](https://x.com/bytehx343/status/1884599250329411751) - - [ ] [Re @_justYnot @Hacker0x01 Thanks!](https://x.com/bytehx343/status/1884599038978515142) - - [ ] [Re @A_Atef200 @yeswehack No. This is private and I am sure that it won’t be duped:)](https://x.com/bytehx343/status/1884597418005860707) - - [ ] [Yay, I was awarded a $$$ bounty on @Hacker0x01! https://hackerone.com/bytehx #TogetherWeHitHarder](https://x.com/bytehx343/status/1884583738790793420) - - [ ] [Just got a reward for a high vulnerability submitted on @yeswehack -- Information Disclosure (CWE-200). https://yeswehack.com/hunters/bytehx #YesWeRHa...](https://x.com/bytehx343/status/1884583581504491599) - - [ ] [Just got a reward for a vulnerability submitted on @yeswehack -- Acceptance of Extraneous Untrusted Data With Trusted Data - Cache Poisoning (CWE-349)...](https://x.com/bytehx343/status/1884583503851114555) -- Securelist - - [ ] [Threat predictions for industrial enterprises 2025](https://securelist.com/industrial-threat-predictions-2025/115327/) -- Malwarebytes - - [ ] [These are the 10 worst PIN codes](https://www.malwarebytes.com/blog/news/2025/01/these-are-the-10-worst-pin-codes) -- NVISO Labs - - [ ] [Backups & DRP in the ransomware era](https://blog.nviso.eu/2025/01/29/backups-drp-in-the-ransomware-era/) -- Insinuator.net - - [ ] [Jigsaw RDPuzzle: Piecing Attacker Actions Together](https://insinuator.net/2025/01/jigsaw-rdpuzzle/) -- GuidePoint Security - - [ ] [Ongoing report: Babuk2 (Babuk-Bjorka)](https://www.guidepointsecurity.com/blog/ongoing-report-babuk2-babuk-bjorka/) -- Malware-Traffic-Analysis.net - Blog Entries - - [ ] [2025-01-28: Malwre infection from web inject activity](https://www.malware-traffic-analysis.net/2025/01/28/index.html) + - [ ] [Re @CristiVlad25 @SynackRedTeam Yes!](https://x.com/bytehx343/status/1884928882094268475) + - [ ] [Thanks @SynackRedTeam](https://x.com/bytehx343/status/1884926738385580064) +- Trail of Bits Blog + - [ ] [PyPI now supports archiving projects](https://blog.trailofbits.com/2025/01/30/pypi-now-supports-archiving-projects/) - Reverse Engineering - - [ ] [How To Avoid Malware Rabbitholes](https://www.reddit.com/r/ReverseEngineering/comments/1id52rn/how_to_avoid_malware_rabbitholes/) - - [ ] [Got bored, reversed the WMI. Made a novel virus that never touches the filesystem](https://www.reddit.com/r/ReverseEngineering/comments/1icgfua/got_bored_reversed_the_wmi_made_a_novel_virus/) - - [ ] [ScatterBrain: Unmasking the Shadow of PoisonPlug's Obfuscator](https://www.reddit.com/r/ReverseEngineering/comments/1id0io4/scatterbrain_unmasking_the_shadow_of_poisonplugs/) - - [ ] [CVE-2024-49138 Windows CLFS heap-based buffer overflow analysis](https://www.reddit.com/r/ReverseEngineering/comments/1icpgh4/cve202449138_windows_clfs_heapbased_buffer/) - - [ ] [Bypass login on app. Company went out of business meaning no new users can access the underwater drone as the servers are offline. Can somebody figure out a bypass hack?](https://www.reddit.com/r/ReverseEngineering/comments/1ich60h/bypass_login_on_app_company_went_out_of_business/) -- hn security - - [ ] [CVE-2024-49138 Windows CLFS heap-based buffer overflow analysis – Part 2](https://security.humanativaspa.it/cve-2024-49138-windows-clfs-heap-based-buffer-overflow-analysis-part-2/) - - [ ] [CVE-2024-49138 Windows CLFS heap-based buffer overflow analysis – Part 1](https://security.humanativaspa.it/cve-2024-49138-windows-clfs-heap-based-buffer-overflow-analysis-part-1/) -- Wallarm - - [ ] [API Security Is At the Center of OpenAI vs. DeepSeek Allegations](https://lab.wallarm.com/api-security-is-at-the-center-of-openai-vs-deepseek-allegations/) -- daniel.haxx.se - - [ ] [A 1337 curl author](https://daniel.haxx.se/blog/2025/01/29/a-1337-curl-author/) -- Security Blog | Praetorian - - [ ] [Introducing Nosey Parker Explorer](https://www.praetorian.com/blog/announcing-nosey-parker-explorer/) -- 安全分析与研究 - - [ ] [夜鹰(NightHawk)C2工具被泄露了?](https://mp.weixin.qq.com/s?__biz=MzA4ODEyODA3MQ==&mid=2247490232&idx=1&sn=71a4e338358972fe51261cbc15ddcc02&chksm=902fb590a7583c8670bf284d9d8eb2fb2c3d7608c5cccf3c64a743f4b24808388990b8b5fde4&scene=58&subscene=0#rd) + - [ ] [ReSym: Harnessing LLMs to Recover Variable and Data Structure Symbols from Stripped Binaries [PDF]](https://www.reddit.com/r/ReverseEngineering/comments/1idxr88/resym_harnessing_llms_to_recover_variable_and/) + - [ ] [Decompiling 2024: A Year of Resurgance in Decompilation Research](https://www.reddit.com/r/ReverseEngineering/comments/1idb0wg/decompiling_2024_a_year_of_resurgance_in/) + - [ ] [arm64 PC-relative addressing fun](https://www.reddit.com/r/ReverseEngineering/comments/1idmknl/arm64_pcrelative_addressing_fun/) + - [ ] [College Survey on AI-Enhanced Phishing and Cybersecurity Training Effectiveness](https://www.reddit.com/r/ReverseEngineering/comments/1idq68v/college_survey_on_aienhanced_phishing_and/) +- Malware-Traffic-Analysis.net - Blog Entries + - [ ] [2025-01-30: XLoader infection](https://www.malware-traffic-analysis.net/2025/01/30/index.html) +- Malwarebytes + - [ ] [Microsoft advertisers phished via malicious Google ads](https://www.malwarebytes.com/blog/cybercrime/2025/01/microsoft-advertisers-phished-via-malicious-google-ads) + - [ ] [The DeepSeek controversy: Authorities ask where does the data come from and how safe is it?](https://www.malwarebytes.com/blog/news/2025/01/the-deepseek-controversy-authorities-ask-where-the-data-comes-from-and-where-it-goes) +- Intigriti + - [ ] [Power of the collective: Investing in the security researcher community for shared success](https://www.intigriti.com/blog/business-insights/power-of-the-collective-investing-in-the-security-researcher-community-for-shared) +- Securelist + - [ ] [No need to RSVP: a closer look at the Tria stealer campaign](https://securelist.com/tria-stealer-collects-sms-data-from-android-devices/115295/) +- Project Zero + - [ ] [Windows Bug Class: Accessing Trapped COM Objects with IDispatch](https://googleprojectzero.blogspot.com/2025/01/windows-bug-class-accessing-trapped-com.html) + - [ ] [Windows Exploitation Tricks: Trapping Virtual Memory Access (2025 Update)](https://googleprojectzero.blogspot.com/2025/01/windows-exploitation-tricks-trapping.html) +- rtl-sdr.com + - [ ] [Jeff Geerling Explores the CaribouLite Raspberry Pi Hat](https://www.rtl-sdr.com/jeff-geerling-explores-the-cariboulite-raspberry-pi-hat/) + - [ ] [The Taylorator: Flooding the Broadcast FM Band with Taylor Swift Songs using a LimeSDR](https://www.rtl-sdr.com/the-taylorator-flooding-the-broadcast-fm-band-with-taylor-swift-songs-using-a-limesdr/) + - [ ] [Video on the Basics of SDR for Hackers](https://www.rtl-sdr.com/video-on-the-basics-of-sdr-for-hackers/) - 奇客Solidot–传递最新科技情报 - - [ ] [Meta 短暂禁止用户发表任何涉及 Linux 的帖子](https://www.solidot.org/story?sid=80447) - - [ ] [腾讯游戏《三角洲行动》被发现会修改用户 CPU 调度和性能释放策略](https://www.solidot.org/story?sid=80446) - - [ ] [心脏病是美国的第一死因](https://www.solidot.org/story?sid=80445) - - [ ] [公共图书馆能给人们的生活带来积极影响](https://www.solidot.org/story?sid=80444) -- 红日安全 - - [ ] [新春伊始,红日安全启航!愿与您共同筑牢数字防线,共同迈向更安全的明天!🔒🌱](https://mp.weixin.qq.com/s?__biz=MzI4NjEyMDk0MA==&mid=2649851765&idx=1&sn=568da818c7d56ee694372f7ca3d04ddc&chksm=f3e4e9f6c49360e020e5c1183896432b1d52e3c9e96fa7577bb40590a7280b1b5987a521a472&scene=58&subscene=0#rd) -- 吾爱破解论坛 - - [ ] [【2025春节】解题领红包活动开始喽,解出就送论坛币!](https://mp.weixin.qq.com/s?__biz=MjM5Mjc3MDM2Mw==&mid=2651141655&idx=1&sn=d21717226e40032625a74a2d00255e23&chksm=bd50a6438a272f55f2e9c7890cabd2ec30b2ec5b946b2dcb7f37c96667f152909cb765fc17fe&scene=58&subscene=0#rd) -- 丁爸 情报分析师的工具箱 - - [ ] [【实操】利用Deepseek传承和弘扬传统文化](https://mp.weixin.qq.com/s?__biz=MzI2MTE0NTE3Mw==&mid=2651148736&idx=1&sn=39a0df253f09d26a6151599d1e8bfb20&chksm=f1af26fac6d8afec1e52db48f994cfe77da1b04b5a1e5aeba491a41f83b5e2b01795b8074105&scene=58&subscene=0#rd) - - [ ] [【培训】Osint开源情报练习 #002](https://mp.weixin.qq.com/s?__biz=MzI2MTE0NTE3Mw==&mid=2651148736&idx=2&sn=ebee4c79a769e10968179969c634d83a&chksm=f1af26fac6d8afec43791f1e2d2945b5e030bab5b7a6d0c003eff48d2af4aa4bbae72ead9e03&scene=58&subscene=0#rd) + - [ ] [美国版权局称 AI 辅助作品如果包含足够的人类创意可获得版权保护](https://www.solidot.org/story?sid=80451) + - [ ] [LibreOffice 下载量突破 4 亿](https://www.solidot.org/story?sid=80450) + - [ ] [Debian 项目停止在 X 上发推](https://www.solidot.org/story?sid=80449) + - [ ] [Douglas Engelbart 诞辰 100 周年](https://www.solidot.org/story?sid=80448) +- FreeBuf网络安全行业门户 + - [ ] [DeepSeek AI数据库泄露:超百万条日志和密钥曝光](https://www.freebuf.com/articles/420968.html) +- Shostack & Friends Blog + - [ ] [The Birth of the CVE System, on Hackers To Founders](https://shostack.org/blog/hackers-to-founders/) + - [ ] [Hoarding, Debt and Threat Modeling](https://shostack.org/blog/hoarding-debt-and-threat-modeling/) - 锦行科技 - - [ ] [初一 | 新春纳福](https://mp.weixin.qq.com/s?__biz=MzIxNTQxMjQyNg==&mid=2247493740&idx=1&sn=3a548b5f7979b125fbee60be48b4bfe1&chksm=979a13c9a0ed9adf401fe111940f754c8f3d4bbb1467acb1bb58f95ea4f559e1018fe247674a&scene=58&subscene=0#rd) -- 慢雾科技 - - [ ] [慢雾科技祝大家新春快乐,“巳巳”如意!](https://mp.weixin.qq.com/s?__biz=MzU4ODQ3NTM2OA==&mid=2247501035&idx=1&sn=59e84e7659d99a54b6501ec2191845d8&chksm=fddeba6ccaa9337aee73dbfd92a4188959c61acfe765c21c5ddde16c0ddbf61b542525b2bbc8&scene=58&subscene=0#rd) + - [ ] [初二 | 姻缘美满](https://mp.weixin.qq.com/s?__biz=MzIxNTQxMjQyNg==&mid=2247493741&idx=1&sn=e36485b394ed47daf3a04225998efbe1&chksm=979a13c8a0ed9ade19f74ca917b1703c7b395367c03069fe1b164a21f581251495a707ffdfa8&scene=58&subscene=0#rd) +- 吾爱破解论坛 + - [ ] [【2025春节】解题领红包活动开始喽,解出就送论坛币! + +第一题送分题有手就行(不需有脑,已有 1376 位会员完成此任务)。 + +第二题 Windows 初级题 14点整 上线,题目很简单,如果你对逆向分析感兴趣,不妨借此机会自学尝试,让这次活动真正成为你技能提升的阶梯。](https://mp.weixin.qq.com/s?__biz=MjM5Mjc3MDM2Mw==&mid=2651141658&idx=1&sn=11067b00a771b8ee9bd4c4d0da1e8908&chksm=bd50a64e8a272f589319d04410866e550b8792cd73b49c0eecc8abb4df9996d504f306e3b43c&scene=58&subscene=0#rd) +- 安全分析与研究 + - [ ] [Fake CAPTCHA攻击技术](https://mp.weixin.qq.com/s?__biz=MzA4ODEyODA3MQ==&mid=2247490238&idx=1&sn=f7929631aed8f88ecb74b428362ec4eb&chksm=902fb596a7583c80a17cb1f35f04930cd0fa4f66251be8f81b04a1801ee9d2f8725ffb4bda0c&scene=58&subscene=0#rd) +- 安全内参 + - [ ] [针对DeepSeek的网络攻击再升级:僵尸网络进场 攻击指令激增上百倍​](https://mp.weixin.qq.com/s?__biz=MzI4NDY2MDMwMw==&mid=2247513623&idx=1&sn=d0d49c0d4b6e85b4dd8aacd8623ca272&chksm=ebfaf137dc8d782175c2209f64fe50b91bf2c7ff519b1be99b56d7f5f4f3171fe8cb575f539a&scene=58&subscene=0#rd) +- Black Hills Information Security + - [ ] [Questions From a Beginner Threat Hunter](https://www.blackhillsinfosec.com/questions-from-a-beginner-threat-hunter/) +- 红日安全 + - [ ] [新年新挑战,红日安全不打烊!携手同行,保障数字世界,迎接无限机遇!💻💼](https://mp.weixin.qq.com/s?__biz=MzI4NjEyMDk0MA==&mid=2649851771&idx=1&sn=e32da143725cb1281d784159a2d92a85&chksm=f3e4e9f8c49360ee9f066a43959bd3732de37e27ca245ce7717817dc356c25315b6e3cd90820&scene=58&subscene=0#rd) - M01N Team - - [ ] [AISS大模型安全社区-2025 Roadmap](https://mp.weixin.qq.com/s?__biz=MzkyMTI0NjA3OA==&mid=2247494053&idx=1&sn=6449e25c9c3754c833fdd7ba5435ad70&chksm=c18429b4f6f3a0a25365b3e0d1423573d757fa269aad736ed5aca48ff4b82b278fd73ac03340&scene=58&subscene=0#rd) -- 看雪学苑 - - [ ] [2025新春致谢 | 金蛇纳福启新程](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458589299&idx=1&sn=5e38768a37484f2f38cd5b8da65a095b&chksm=b18c28f986fba1effd30be735d8e492f5a4fe38d1f279119a9b59d2195d68332dff4b59e864c&scene=58&subscene=0#rd) -- 网安国际 - - [ ] [InForSec祝网络安全华人学者春节愉快!](https://mp.weixin.qq.com/s?__biz=MzA4ODYzMjU0NQ==&mid=2652317463&idx=1&sn=3b304079c535abddffd4968cd9d1c718&chksm=8bc4ba99bcb3338f81946371b05c0e130ac7d9cc318f370bedd27002d8321e4fea3c011ad947&scene=58&subscene=0#rd) -- 威胁猎人Threat Hunter - - [ ] [新春快乐,万事如意](https://mp.weixin.qq.com/s?__biz=MzI3NDY3NDUxNg==&mid=2247498914&idx=1&sn=9db465eba52da2dd54e90fb40b843bf6&chksm=eb12da99dc65538f376b96cbd2513fdc29cf6fe94ebdbc01455265051e5acf045c037033aa2e&scene=58&subscene=0#rd) -- 极客公园 - - [ ] [DeepSeek 的爆红,指出了当下 AI 最大困境](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653073010&idx=1&sn=0abd27208a3082b3453f5cb1aa2a1ab7&chksm=7e57d3c449205ad2fcb7960a04020f5000e8f59242b70aada742aaba7fa36482c27141e654d4&scene=58&subscene=0#rd) - - [ ] [宇树领衔,众多黑科技登台蛇年春晚;奥特曼回应 DeepSeek 爆火;抖音李亮评论雷军、余承东直播被封 | 极客早知道](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653072999&idx=1&sn=525ce0f5f5685483f05d575f2d13d51a&chksm=7e57d3d149205ac723fd927a03f590113df2731c5a2fb9d3feff18b23c03ac35ce5defcab466&scene=58&subscene=0#rd) -- 情报分析师 - - [ ] [【卫星图像】金正恩考察朝鲜核物质生产基地和核武器研究所](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650559318&idx=1&sn=f93bc65cb4cf2587b134129cbdca5205&chksm=87117d1db066f40b7f81de93f98091616065d1f49efc6490b8269d09dd1a64ad7d16306602e7&scene=58&subscene=0#rd) - - [ ] [美日韩“抱团”:三国首次会谈聚焦朝鲜核威胁](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650559318&idx=2&sn=eef1bccee4db52de82349056e07e8aca&chksm=87117d1db066f40baf7629cdca97055daa3255b4dc91b397b5d2faef1aef45223fe2f07d2f2c&scene=58&subscene=0#rd) - - [ ] [致情报分析师公众号全体粉丝](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650559318&idx=3&sn=be997ee6361433a289ec6c156aca06a7&chksm=87117d1db066f40ba93fbe99241b3d494eac47afa160be5539c9518622515394ac57f674c92c&scene=58&subscene=0#rd) + - [ ] [AI风险分析 | Grok提示词泄露前后暗藏玄机](https://mp.weixin.qq.com/s?__biz=MzkyMTI0NjA3OA==&mid=2247494054&idx=1&sn=9122e0562bcad42ee707e0879b945aa1&chksm=c18429b7f6f3a0a16b65fc9b18ee5c979853c462ea1f43800abab53c6e5bc3e5d73dc9c1c540&scene=58&subscene=0#rd) +- 墨菲安全 + - [ ] [DeepSeek因软件供应链安全问题导致严重聊天记录数据泄漏](https://mp.weixin.qq.com/s?__biz=MzkwOTM0MjI5NQ==&mid=2247488049&idx=1&sn=377ab6f02bf6685c6ecd606923242cc3&chksm=c13d7109f64af81f818a52b31171cec774bb86a531f1405b24c020869c281e0865f573e9c6a6&scene=58&subscene=0#rd) +- 360数字安全 + - [ ] [大年初二 | 金蛇迎春,福“巳”绵延](https://mp.weixin.qq.com/s?__biz=MzA4MTg0MDQ4Nw==&mid=2247579270&idx=1&sn=07b4d333a5b2f57048e51d6aa8cc4224&chksm=9f8d268ea8faaf982879ec311f767c0e01c96d6b31f504cb5edd372b41e9ddedf3659c61e603&scene=58&subscene=0#rd) +- 白帽子章华鹏 + - [ ] [DeepSeek被海外曝出严重聊天记录数据泄漏问题](https://mp.weixin.qq.com/s?__biz=MzIyOTAxOTYwMw==&mid=2650236959&idx=1&sn=0024f87794598ce60e345aa728e8a771&chksm=f04ad2a3c73d5bb52eb2a39504865a355749cee5228d9bcaa1078cab5387d5509791a0eafeb4&scene=58&subscene=0#rd) - 迪哥讲事 - - [ ] [寻找隐藏参数的利器](https://mp.weixin.qq.com/s?__biz=MzIzMTIzNTM0MA==&mid=2247496975&idx=1&sn=41875f4fcd79a42421188feb25e23889&chksm=e8a5ff6cdfd2767a4c19aa1cb2ccd7bc363b29d6b2c7cc49beb5a3dcf261222c0dec0d6efac2&scene=58&subscene=0#rd) + - [ ] [深入浅出API测试|搜集分析与漏洞挖掘实战](https://mp.weixin.qq.com/s?__biz=MzIzMTIzNTM0MA==&mid=2247496981&idx=1&sn=1b88708a474086d96cf22a9428c93835&chksm=e8a5ff76dfd276605ae35037c735c6cb3cb39f0962d2b476be2284664584944a6e21d112112a&scene=58&subscene=0#rd) - Over Security - Cybersecurity news aggregator - - [ ] [Hackers are hijacking WordPress sites to push Windows and Mac malware](https://techcrunch.com/2025/01/29/hackers-are-hijacking-wordpress-sites-to-push-windows-and-mac-malware/) - - [ ] [South Africa’s government-run weather service knocked offline by cyberattack](https://therecord.media/south-african-weather-service-cyberattack) - - [ ] [FBI seizes Cracked.io, Nulled.to hacking forums in Operation Talent](https://www.bleepingcomputer.com/news/security/fbi-seizes-crackedio-nulledto-hacking-forums-in-operation-talent/) - - [ ] [Laravel admin package Voyager vulnerable to one-click RCE flaw](https://www.bleepingcomputer.com/news/security/laravel-admin-package-voyager-vulnerable-to-one-click-rce-flaw/) - - [ ] [Italian regulator asks DeepSeek for information about data collection](https://therecord.media/italian-regulator-deepseek-info-collection) - - [ ] [Microsoft investigates Microsoft 365 outage affecting users, admins](https://www.bleepingcomputer.com/news/microsoft/microsoft-investigates-microsoft-365-outage-affecting-users-admins/) - - [ ] [L’IA generativa unifica le interfacce di gestione e migliora la cybersecurity](https://www.securityinfo.it/2025/01/29/lia-generativa-unifica-le-interfacce-di-gestione-e-migliora-la-cybersecurity/) - - [ ] [Industry groups call on Congress to enact federal data privacy law](https://therecord.media/industry-groups-congress-data-privacy) - - [ ] [Poland accuses Russia of recruiting Polish citizens online for election meddling](https://therecord.media/poland-accuses-russia-of-recruiting-citizens-online-for-election-meddling) - - [ ] [FBI seizes domains for Cracked.io, Nulled.to hacking forums](https://www.bleepingcomputer.com/news/security/fbi-seizes-domains-for-crackedio-nulledto-hacking-forums/) - - [ ] [Whatsup Gold, Observium and Offis vulnerabilities](https://blog.talosintelligence.com/whatsup-gold-and-offis-vulnerabilities-2/) - - [ ] [Windows 11's Start menu is getting iPhone and Android integration](https://www.bleepingcomputer.com/news/microsoft/windows-11s-start-menu-is-getting-iphone-and-android-integration/) - - [ ] [UK engineering giant Smiths Group investigating 'unauthorised access' to network](https://therecord.media/smiths-group-uk-cybersecurity-incident) - - [ ] [Maryland healthcare network forced to shut down IT systems after ransomware attack](https://therecord.media/maryland-healthcare-ransomware-frederick-health) - - [ ] [Uncover Hidden Browsing Threats: Get a Free Risk Assessment for GenAI, Identity, Web, and SaaS Risks](https://www.bleepingcomputer.com/news/security/uncover-hidden-browsing-threats-get-a-free-risk-assessment-for-genai-identity-web-and-saas-risks/) - - [ ] [Texas AG warns Kia about sharing driver information with data brokers](https://therecord.media/texas-warns-kia-about-sharing-driver-info-to-data-brokers) - - [ ] [Hackers exploit critical unpatched flaw in Zyxel CPE devices](https://www.bleepingcomputer.com/news/security/hackers-exploit-critical-unpatched-flaw-in-zyxel-cpe-devices/) - - [ ] [January Windows 10 preview update force installs new Outlook](https://www.bleepingcomputer.com/news/microsoft/january-windows-10-preview-update-force-installs-new-outlook/) - - [ ] [Sweden’s elite armed police used helicopter to board suspected sabotage ship](https://therecord.media/sweden-vezhen-ship-armed-police-boarded-helicopter) - - [ ] [New ICS Vulnerabilities Discovered in Schneider Electric and B&R Automation Systems](https://cyble.com/blog/cisa-release-advisories-for-new-ics-vulnerabilities/) - - [ ] [Windows 11 KB5050094 update fixes bugs causing audio issues](https://www.bleepingcomputer.com/news/microsoft/windows-11-kb5050094-update-fixes-bugs-causing-audio-issues/) - - [ ] [Australia’s Health Sector Receives $6.4 Million Cybersecurity Boost with New Threat Information-Sharing Network](https://cyble.com/blog/australia-health-cyber-sharing-network/) - - [ ] [Threat predictions for industrial enterprises 2025](https://securelist.com/industrial-threat-predictions-2025/115327/) - - [ ] [3 Major Cyber Attacks in January 2025](https://any.run/cybersecurity-blog/cyber-attacks-january-2025/) - - [ ] [PlushDaemon: un nuovo gruppo APT cinese colpisce la Corea del Sud. Il report di ESET](https://www.securityinfo.it/2025/01/29/plushdaemon-un-nuovo-gruppo-apt-cinese-colpisce-la-corea-del-sud-il-report-di-eset/) - - [ ] [CVE-2024-49138 Windows CLFS heap-based buffer overflow analysis – Part 1](https://security.humanativaspa.it/cve-2024-49138-windows-clfs-heap-based-buffer-overflow-analysis-part-1/) - - [ ] [CVE-2024-49138 Windows CLFS heap-based buffer overflow analysis – Part 2](https://security.humanativaspa.it/cve-2024-49138-windows-clfs-heap-based-buffer-overflow-analysis-part-2/) - - [ ] [Report: Almost half of state consumer privacy laws fail to protect individuals’ data](https://therecord.media/state-consumer-privacy-laws-failing-to-protect-data) - - [ ] [MGM agrees to pay $45 million to victims of 2019 data breach and 2023 ransomware attack](https://therecord.media/mgm-agrees-45-million-payment-data-breach-ransomware-victims) + - [ ] [Backdoor found in two healthcare patient monitors, linked to IP in China](https://www.bleepingcomputer.com/news/security/backdoor-found-in-two-healthcare-patient-monitors-linked-to-ip-in-china/) + - [ ] [Lawmakers push for guardrails, deadline on cyber military study](https://therecord.media/lawmakers-push-for-guardrails-deadline-cyber-force-study) + - [ ] [Google blocked 2.36 million risky Android apps from Play Store in 2024](https://www.bleepingcomputer.com/news/security/google-blocked-236-million-risky-android-apps-from-play-store-in-2024/) + - [ ] [States with laws requiring data brokers to register are ramping up enforcement](https://therecord.media/state-data-broker-registry-laws-fines-warnings) + - [ ] [Gabbard grilled over Snowden comments during Senate confirmation hearing](https://therecord.media/gabbard-grilled-over-snowden-comments-senate-confirmation-hearing) + - [ ] [US Justice Department says cybercrime forum allegedly affected 17 million Americans](https://techcrunch.com/2025/01/30/us-justice-department-says-cybercrime-forum-allegedly-affected-17-million-americans/) + - [ ] [Defeating Future Threats Starts Today](https://blog.talosintelligence.com/defeating-future-threats-starts-today/) + - [ ] [Ransomware attack disrupts New York blood donation giant](https://www.bleepingcomputer.com/news/security/ransomware-attack-disrupts-new-york-blood-donation-giant/) + - [ ] [Infrastructure Laundering: Blending in with the Cloud](https://krebsonsecurity.com/2025/01/infrastructure-laundering-blending-in-with-the-cloud/) + - [ ] [Ransomware attack on New York Blood Center forces workarounds, drive cancellations](https://therecord.media/ransomware-attack-new-york-blood-center-forces-workarounds) + - [ ] [DeepSeek exposes database with over 1 million chat records](https://www.bleepingcomputer.com/news/security/deepseek-exposes-database-with-over-1-million-chat-records/) + - [ ] [International police coalition takes down two prolific cybercrime and hacking forums](https://techcrunch.com/2025/01/30/international-police-coalition-takes-down-two-prolific-cybercrime-and-hacking-forums/) + - [ ] [Police take down two large cybercrime forums, arrest suspects](https://therecord.media/cybercrime-forums-cracked-nulled-takedowns-arrests) + - [ ] [Major GitHub outage affects pull requests and other services](https://www.bleepingcomputer.com/news/technology/major-github-outage-affects-pull-requests-and-other-services/) + - [ ] [The Advantages of Cloud-Based Remote Desktop versus RDP over VPN](https://www.bleepingcomputer.com/news/security/the-advantages-of-cloud-based-remote-desktop-versus-rdp-over-vpn/) + - [ ] [(Un)Happy Trails](https://bfore.ai/unhappy-trails-travel-related-scams-and-what-travel-vendors-can-do-to-protect-their-customers/) + - [ ] [New Syncjacking attack hijacks devices using Chrome extensions](https://www.bleepingcomputer.com/news/security/new-syncjacking-attack-hijacks-devices-using-chrome-extensions/) + - [ ] [bedevil: Dynamic Linker Patching](http://localhost:1313/posts/bedevil_dynamic_linker_patching/) + - [ ] [Hack.lu: In-Depth Study of Linux Rootkits: Evolution, Detection, and Defense](http://localhost:1313/talks/hack.lu_rootkits_2024/) + - [ ] [Hack.lu: The Gist of Hundreds of Incident Response Cases](http://localhost:1313/talks/hack.lu_gist_2024/) + - [ ] [Reptile's Custom Kernel-Module Launcher](http://localhost:1313/posts/reptile_launcher/) + - [ ] [BSides Munich: /proc for Security Analysts](http://localhost:1313/talks/bsides_munich_2024/) + - [ ] [DeepSec: RAT Builders - How to catch them all](http://localhost:1313/talks/deepsec_2024/) + - [ ] [Shell Script Compiler (shc)](http://localhost:1313/posts/shell_script_compiler/) + - [ ] [Today I Learned - setfacl](http://localhost:1313/posts/today_i_learned_setfacl/) + - [ ] [Analysis of Python's .pth files as a persistence mechanism](http://localhost:1313/posts/publish_python_pth_extension/) + - [ ] [Tear Down The Castle - Part 1](http://localhost:1313/posts/tear_down_castle_part_one/) + - [ ] [Oh my .. ! - Suspicious network traffic detected including Ransomware](http://localhost:1313/posts/suspicious_network_traffic_ransomware/) + - [ ] [Tear Down The Castle - Part 2](http://localhost:1313/posts/tear_down_castle_part_two/) + - [ ] [Follow-Up: Alibaba’s Qwen2.5-VL Model is Also Vulnerable to Prompt Attacks](https://www.kelacyber.com/blog/follow-up-alibabas-qwen2-5-vl-model-is-also-vulnerable-to-prompt-attacks/) + - [ ] [Police seizes Cracked and Nulled hacking forum servers, arrests suspects](https://www.bleepingcomputer.com/news/security/police-seizes-cracked-and-nulled-hacking-forum-servers-arrests-suspects/) + - [ ] [Microsoft lifts Windows 11 update block for PCs with gaming issues](https://www.bleepingcomputer.com/news/microsoft/microsoft-lifts-windows-11-update-block-for-pcs-with-gaming-issues/) + - [ ] [Common OAuth Vulnerabilities](https://blog.doyensec.com/2025/01/30/oauth-common-vulnerabilities.html) + - [ ] [DeepSeek’s Growing Influence Sparks a Surge in Frauds and Phishing Attacks](https://cyble.com/blog/deepseeks-growing-influence-sparks-a-surge-in-frauds-and-phishing-attacks/) + - [ ] [Time Bandit ChatGPT jailbreak bypasses safeguards on sensitive topics](https://www.bleepingcomputer.com/news/security/time-bandit-chatgpt-jailbreak-bypasses-safeguards-on-sensitive-topics/) + - [ ] [Comunicare per proteggere: strategie e strumenti per implementare i requisiti ISO 27001](https://www.cybersecurity360.it/legal/comunicare-per-proteggere-strategie-e-strumenti-per-implementare-i-requisiti-iso-27001/) + - [ ] [Bilanciare i rischi di security beneficiando di tecnologie di AI: fra opportunità e rischi](https://www.cybersecurity360.it/news/bilanciare-i-rischi-di-security-beneficiando-di-tecnologie-di-ai-fra-opportunita-e-rischi/) + - [ ] [DeepSeek: i timori per la privacy e la cyber security](https://www.cybersecurity360.it/cultura-cyber/deepseek-i-timori-per-la-privacy-e-la-cyber-security/) + - [ ] [DeepSeek, serve cautela: ci sono pericoli per la sicurezza](https://www.cybersecurity360.it/news/deepseek-usarlo-con-cautela-ci-sono-pericoli-per-la-sicurezza/) + - [ ] [Smishing a tema Poste Italiane: i dettagli e come difendersi](https://www.cybersecurity360.it/news/smishing-a-tema-poste-italiane-i-dettagli-e-come-difendersi/) + - [ ] [Più cyber attacchi nel 2024. E nel 2025 il trend non si fermerà](https://www.cybersecurity360.it/outlook/piu-cyber-attacchi-nel-2024-e-nel-2025-il-trend-non-si-fermera/) + - [ ] [I cyber rischi in azienda che (anche) gli italiani non comprendono](https://www.cybersecurity360.it/news/i-cyber-rischi-in-azienda-che-anche-gli-italiani-non-comprendono/) + - [ ] [Le chat WhatsApp sono corrispondenza da tutelare: i paletti privacy della Cassazione](https://www.cybersecurity360.it/news/le-chat-whatsapp-sono-corrispondenza-da-tutelare-i-paletti-privacy-della-cassazione/) + - [ ] [Decentraleyes potenzia la privacy online: vantaggi e limiti](https://www.cybersecurity360.it/soluzioni-aziendali/decentraleyes-potenzia-la-privacy-online-vantaggi-e-limiti/) + - [ ] [Il controllo del dipendente da parte del datore di lavoro: le sfide per la privacy](https://www.cybersecurity360.it/legal/privacy-dati-personali/il-controllo-del-dipendente-da-parte-del-datore-di-lavoro-le-sfide-per-la-privacy/) + - [ ] [Talos IR trends Q4 2024: Web shell usage and exploitation of public-facing applications spike](https://blog.talosintelligence.com/talos-ir-trends-q4-2024/) + - [ ] [UK, US Introduce “Content Credentials” Labeling to Counter Deepfakes, Misinformation in the Age of AI](https://cyble.com/blog/uk-us-introduce-content-credentials-labeling/) + - [ ] [Speedio (unverified) - 27,501,041 breached accounts](https://haveibeenpwned.com/PwnedWebsites#Speedio) + - [ ] [ICS Vulnerability Report: Cyble Urges Critical mySCADA Fixes](https://cyble.com/blog/ics-vulnerability-report-cyble-urges-critical-myscada-fixes/) - Krypt3ia - - [ ] [Krypt3ia Daily Cyber Threat Intelligence (CTI) Digest](https://krypt3ia.wordpress.com/2025/01/29/krypt3ia-daily-cyber-threat-intelligence-cti-digest-5/) -- 360数字安全 - - [ ] [大年初一 | 祥蛇纳福,“巳巳”如意](https://mp.weixin.qq.com/s?__biz=MzA4MTg0MDQ4Nw==&mid=2247579267&idx=1&sn=b6b08865f0534077a40f3e336e85bd3f&chksm=9f8d268ba8faaf9d3bdee0d2df3318bb871d372d6f84665b079f0fbac45e747586f5fad7522e&scene=58&subscene=0#rd) + - [ ] [Threat Report: Risks and Considerations of Storing Corporate Security Telemetry in EDR Vendor Cloud Instances](https://krypt3ia.wordpress.com/2025/01/30/threat-report-risks-and-considerations-of-storing-corporate-security-telemetry-in-edr-vendor-cloud-instances/) + - [ ] [Krypt3ia Daily Cyber Threat Intelligence (CTI) Digest](https://krypt3ia.wordpress.com/2025/01/30/krypt3ia-daily-cyber-threat-intelligence-cti-digest-6/) +- 洞源实验室 + - [ ] [CIO启示录:技术管理如何突破效率天花板](https://mp.weixin.qq.com/s?__biz=Mzg4Nzk3MTg3MA==&mid=2247487724&idx=1&sn=992966ac782bfff5f58a78669566cd34&chksm=cf83199df8f4908b26ff76302cb8d746bfff09b567b7b3a5c847ccdd3c9489f00186af2c2959&scene=58&subscene=0#rd) +- bellingcat + - [ ] [Neo-Nazis Linked to “Terrorist Activities” to Host Budapest Concert](https://www.bellingcat.com/news/2025/01/30/neo-nazis-linked-to-terrorist-activities-to-host-budapest-concert/) +- 极客公园 + - [ ] [我合理怀疑,春晚节目组混进了 B 站的人](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653073042&idx=1&sn=e5673315f8ee79ebe9dd7e1d2616c261&chksm=7e57d32449205a32ea25640d2639fcc099fe5048fbdbbc484c363f514ec6a87a0fa0321f07d2&scene=58&subscene=0#rd) + - [ ] [美国对 DeepSeek 开展国家安全调查;传 DS 训练模型绕过英伟达 CUDA;春节档刷新初一票房纪录 | 极客早知道](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653073041&idx=1&sn=f9ec93124dfcfa3b5d40259ab4c2c990&chksm=7e57d32749205a310d8f135837f52b88af79c3c4cfa6f0101b33a99b48b746b953b3373c0e88&scene=58&subscene=0#rd) - Securityinfo.it - - [ ] [L’IA generativa unifica le interfacce di gestione e migliora la cybersecurity](https://www.securityinfo.it/2025/01/29/lia-generativa-unifica-le-interfacce-di-gestione-e-migliora-la-cybersecurity/?utm_source=rss&utm_medium=rss&utm_campaign=lia-generativa-unifica-le-interfacce-di-gestione-e-migliora-la-cybersecurity) - - [ ] [PlushDaemon: un nuovo gruppo APT cinese colpisce la Corea del Sud. Il report di ESET](https://www.securityinfo.it/2025/01/29/plushdaemon-un-nuovo-gruppo-apt-cinese-colpisce-la-corea-del-sud-il-report-di-eset/?utm_source=rss&utm_medium=rss&utm_campaign=plushdaemon-un-nuovo-gruppo-apt-cinese-colpisce-la-corea-del-sud-il-report-di-eset) -- Schneier on Security - - [ ] [ExxonMobil Lobbyist Caught Hacking Climate Activists](https://www.schneier.com/blog/archives/2025/01/exxonmobil-lobbyist-caught-hacking-climate-activists.html) + - [ ] [Privacy dei dati: la maggior parte degli utenti teme una violazione](https://www.securityinfo.it/2025/01/30/privacy-dei-dati-la-maggior-parte-degli-utenti-teme-una-violazione/?utm_source=rss&utm_medium=rss&utm_campaign=privacy-dei-dati-la-maggior-parte-degli-utenti-teme-una-violazione) +- Have I Been Pwned latest breaches + - [ ] [Speedio (unverified) - 27,501,041 breached accounts](https://haveibeenpwned.com/PwnedWebsites#Speedio) - Hacking Exposed Computer Forensics Blog - - [ ] [Daily Blog #732: Multiple Identity Provider Disorder](https://www.hecfblog.com/2025/01/daily-blog-732-multiple-identity.html) -- 复旦白泽战队 - - [ ] [复旦白泽给大家拜年啦!祝大家蛇年大吉,巳巳如意,Paper如潮成果丰!](https://mp.weixin.qq.com/s?__biz=MzU4NzUxOTI0OQ==&mid=2247492844&idx=1&sn=a8d82e9664fd92535652abde94911226&chksm=fde86092ca9fe9849b18549438906f871544b38d9a54c8b9d40cfb6fc03b23c01305a77b6ea7&scene=58&subscene=0#rd) -- Graham Cluley - - [ ] [Ex-worker arrested after ‘shutdown’ of British Museum computer systems](https://www.bitdefender.com/en-us/blog/hotforsecurity/ex-worker-arrested-after-shutdown-of-british-museum-computer-systems) -- TorrentFreak - - [ ] [New Bill Aims to Block Foreign Pirate Sites in the U.S.](https://torrentfreak.com/new-bill-aims-to-block-foreign-pirate-sites-in-the-u-s-250129/) - - [ ] [TorrentGalaxy Pleads Financial Difficulties, Asks Users to Chip In](https://torrentfreak.com/torrentgalaxy-pleads-financial-difficulties-asks-users-to-chip-in-250129/) -- The Register - Security - - [ ] [North Koreans clone open source projects to plant backdoors, steal credentials](https://go.theregister.com/feed/www.theregister.com/2025/01/29/lazarus_groups_supply_chain_attack/) - - [ ] [Why is my Mitel phone DDoSing strangers? Oh, it was roped into a new Mirai botnet](https://go.theregister.com/feed/www.theregister.com/2025/01/29/ddos_attacks_aquabot_mitel/) - - [ ] [Transform your approach to data security](https://go.theregister.com/feed/www.theregister.com/2025/01/29/transform_your_approach_to_data/) - - [ ] ['Bro delete the chat': Feel the panic shortly before cops bust major online fraud ring](https://go.theregister.com/feed/www.theregister.com/2025/01/29/otp_agency_convicted/) - - [ ] [Spending watchdog blasts UK govt over sloth-like progress to shore up IT defenses](https://go.theregister.com/feed/www.theregister.com/2025/01/29/nao_blasts_uk_gov_cyber/) - - [ ] [The curious story of Uncle Sam's HR dept, a hastily set up email server, and fears of another cyber disaster](https://go.theregister.com/feed/www.theregister.com/2025/01/29/opm_email_lawsuit/) - - [ ] [SLAP, Apple, and FLOP: Safari, Chrome at risk of data theft on iPhone, Mac, iPad Silicon](https://go.theregister.com/feed/www.theregister.com/2025/01/29/flop_and_slap_attacks_apple_silicon/) -- Security Affairs - - [ ] [U.S. CISA adds Apple products’ flaw to its Known Exploited Vulnerabilities catalog](https://securityaffairs.com/173622/hacking/us-cisa-adds-apple-products-flaw-known-exploited-vulnerabilities-catalog.html) - - [ ] [Aquabot variant v3 targets Mitel SIP phones](https://securityaffairs.com/173607/breaking-news/aquabot-variant-v3-targets-mitel-sip-phones.html) - - [ ] [Critical remote code execution bug found in Cacti framework](https://securityaffairs.com/173597/security/critical-rce-cacti-framework.html) - - [ ] [Attackers actively exploit a critical zero-day in Zyxel CPE Series devices](https://securityaffairs.com/173589/hacking/zyxel-cpe-series-devices-cve-2024-40891-exploited.html) - - [ ] [Attackers exploit SimpleHelp RMM Software flaws for initial access](https://securityaffairs.com/173578/security/attackers-exploit-simplehelp-rmm-software-flaws.html) -- bellingcat - - [ ] [M23 Rebels Consolidate Control over Key City in DR Congo](https://www.bellingcat.com/news/2025/01/29/m23-rebels-goma-congo-fighting-clashes-drc-kivu-control/) + - [ ] [Daily Blog #733: Test Kitchen building cloud tools with cursor](https://www.hecfblog.com/2025/01/daily-blog-733-test-kitchen-building.html) +- SANS Internet Storm Center, InfoCON: green + - [ ] [PCAPs or It Didn't Happen: Exposing an Old Netgear Vulnerability Still Active in 2025 [Guest Diary], (Thu, Jan 30th)](https://isc.sans.edu/diary/rss/31638) + - [ ] [ISC Stormcast For Thursday, January 30th, 2025 https://isc.sans.edu/podcastdetail/9302, (Thu, Jan 30th)](https://isc.sans.edu/diary/rss/31636) +- Schneier on Security + - [ ] [Fake Reddit and WeTransfer Sites are Pushing Malware](https://www.schneier.com/blog/archives/2025/01/fake-reddit-and-wetransfer-sites-are-pushing-malware.html) - Instapaper: Unread - - [ ] [FBI seizes domains for Cracked.io, Nulled.to hacking forums](https://www.bleepingcomputer.com/news/security/fbi-seizes-domains-for-crackedio-nulledto-hacking-forums/) - - [ ] [WhatsApp’s Image “View Once” Feature Flaw Allowing Unlimited Views](https://cybersecuritynews.com/whatsapp-view-once-flaw/) - - [ ] [State-sponsored Actors Abusing Gemini to Fuel Cyber Attacks](https://cybersecuritynews.com/state-sponsored-actors-abusing-gemini/) - - [ ] [DeepSeek R1 Jailbroken to Generate Ransomware Development Scripts](https://cybersecuritynews.com/deepseek-r1-jailbroken-ransomware/) - - [ ] [Stratoshark – Wireshark Has Got a Friend for Cloud](https://cybersecuritynews.com/stratoshark/) - - [ ] [How Long Does It Take Hackers to Crack Modern Hashing Algorithms](https://thehackernews.com/2025/01/how-long-does-it-take-hackers-to-crack.html) - - [ ] [This new Android feature protects your phone, even if someone has your PIN](https://www.zdnet.com/article/this-new-android-feature-protects-your-phone-even-if-someone-has-your-pin/) -- Your Open Hacker Community - - [ ] [So You Want To Work in Cyber Security?](https://www.reddit.com/r/HowToHack/comments/1id21do/so_you_want_to_work_in_cyber_security/) - - [ ] [Im (almost) 16 and want to learn ethical hacking, any advice?](https://www.reddit.com/r/HowToHack/comments/1icxorh/im_almost_16_and_want_to_learn_ethical_hacking/) - - [ ] [Is there any way I can get a list of hashes?](https://www.reddit.com/r/HowToHack/comments/1id61ki/is_there_any_way_i_can_get_a_list_of_hashes/) - - [ ] [Any advice to start?](https://www.reddit.com/r/HowToHack/comments/1iczrw1/any_advice_to_start/) - - [ ] [Trap phone](https://www.reddit.com/r/HowToHack/comments/1id7boc/trap_phone/) - - [ ] [What is a fraud?](https://www.reddit.com/r/HowToHack/comments/1id20l8/what_is_a_fraud/) - - [ ] [What should I move onto?](https://www.reddit.com/r/HowToHack/comments/1icpms1/what_should_i_move_onto/) - - [ ] [How to find dark web site links](https://www.reddit.com/r/HowToHack/comments/1id0bl8/how_to_find_dark_web_site_links/) - - [ ] [Im turning 17 this year, and i have already started learning ethical hacking since 2020, and i have taken some paid courses and completed those and currently im just training in ctf and htb, i need to learn more in hacking, any recommendations?](https://www.reddit.com/r/HowToHack/comments/1icov3b/im_turning_17_this_year_and_i_have_already/) - - [ ] [So basically I want to learn how to hack into my old social media where do I start](https://www.reddit.com/r/HowToHack/comments/1icvut2/so_basically_i_want_to_learn_how_to_hack_into_my/) - - [ ] [noob questions 2: from nmap to metasploit](https://www.reddit.com/r/HowToHack/comments/1icju15/noob_questions_2_from_nmap_to_metasploit/) - - [ ] [How to crack a phone pass](https://www.reddit.com/r/HowToHack/comments/1icqs7v/how_to_crack_a_phone_pass/) - - [ ] [Where do i get flipper zero here in india?](https://www.reddit.com/r/HowToHack/comments/1icooi1/where_do_i_get_flipper_zero_here_in_india/) - - [ ] [Hi I'm 14 and wanna be a ethical hacker and I'm wondering where to start?](https://www.reddit.com/r/HowToHack/comments/1iclkz2/hi_im_14_and_wanna_be_a_ethical_hacker_and_im/) - - [ ] [Help](https://www.reddit.com/r/HowToHack/comments/1icjzs0/help/) - - [ ] [What is the best hacking software to send attacks (2025)](https://www.reddit.com/r/HowToHack/comments/1ick00s/what_is_the_best_hacking_software_to_send_attacks/) -- Computer Forensics - - [ ] [Richard Green's Updated Report for Karen Read Trial 2:27 Hos long to die](https://www.reddit.com/r/computerforensics/comments/1iczkut/richard_greens_updated_report_for_karen_read/) - - [ ] [ASHATA Mini Body Camera](https://www.reddit.com/r/computerforensics/comments/1id7w7p/ashata_mini_body_camera/) - - [ ] [BCFE / Digital Forensics Career Entry Question](https://www.reddit.com/r/computerforensics/comments/1icw0q0/bcfe_digital_forensics_career_entry_question/) - - [ ] [BREW Help](https://www.reddit.com/r/computerforensics/comments/1iclcjn/brew_help/) - - [ ] [FBI didn’t need to crack Tor or Bitcoin to catch Ulbricht—his old forum posts did the job. If you want to see how small OPSEC mistakes can be fatal, we broke it all down](https://www.reddit.com/r/computerforensics/comments/1icpd7d/fbi_didnt_need_to_crack_tor_or_bitcoin_to_catch/) -- netsecstudents: Subreddit for students studying Network Security and its related subjects - - [ ] [So You Want To Work in Cyber Security?](https://www.reddit.com/r/netsecstudents/comments/1iczqhp/so_you_want_to_work_in_cyber_security/) - - [ ] [How to get into Soc](https://www.reddit.com/r/netsecstudents/comments/1icxb62/how_to_get_into_soc/) -- Blackhat Library: Hacking techniques and research - - [ ] [my midjourney api didn't make it, but it still works](https://www.reddit.com/r/blackhat/comments/1id406q/my_midjourney_api_didnt_make_it_but_it_still_works/) - - [ ] [LinkedIn Accounts provider?](https://www.reddit.com/r/blackhat/comments/1icha04/linkedin_accounts_provider/) + - [ ] [Nulled, Other Cybercrime Websites Seized by Law Enforcement](https://www.securityweek.com/nulled-other-cybercrime-websites-seized-by-law-enforcement/) + - [ ] [Le chat WhatsApp sono corrispondenza da tutelare i paletti privacy della Cassazione](https://www.cybersecurity360.it/news/le-chat-whatsapp-sono-corrispondenza-da-tutelare-i-paletti-privacy-della-cassazione/) + - [ ] [Il controllo del dipendente da parte del datore di lavoro le sfide per la privacy](https://www.cybersecurity360.it/legal/privacy-dati-personali/il-controllo-del-dipendente-da-parte-del-datore-di-lavoro-le-sfide-per-la-privacy/) + - [ ] [These are the 10 worst PIN codes](https://www.malwarebytes.com/blog/news/2025/01/these-are-the-10-worst-pin-codes) + - [ ] [What Is a Jump List Complete Guide for Users and Investigators](https://www.cybertriage.com/blog/what-is-a-jump-list/) - The Hacker News - - [ ] [Lazarus Group Uses React-Based Admin Panel to Control Global Cyber Attacks](https://thehackernews.com/2025/01/lazarus-group-uses-react-based-admin.html) - - [ ] [AI in Cybersecurity: What's Effective and What’s Not – Insights from 200 Experts](https://thehackernews.com/2025/01/ai-in-cybersecurity-whats-effective-and.html) - - [ ] [New SLAP & FLOP Attacks Expose Apple M-Series Chips to Speculative Execution Exploits](https://thehackernews.com/2025/01/new-slap-flop-attacks-expose-apple-m.html) - - [ ] [How Interlock Ransomware Infects Healthcare Organizations](https://thehackernews.com/2025/01/how-interlock-ransomware-infects.html) - - [ ] [Critical Cacti Security Flaw (CVE-2025-22604) Enables Remote Code Execution](https://thehackernews.com/2025/01/critical-cacti-security-flaw-cve-2025.html) - - [ ] [UAC-0063 Expands Cyber Attacks to European Embassies Using Stolen Documents](https://thehackernews.com/2025/01/uac-0063-expands-cyber-attacks-to.html) - - [ ] [Broadcom Warns of High-Severity SQL Injection Flaw in VMware Avi Load Balancer](https://thehackernews.com/2025/01/broadcom-warns-of-high-severity-sql.html) - - [ ] [Zyxel CPE Devices Face Active Exploitation Due to Unpatched CVE-2024-40891 Vulnerability](https://thehackernews.com/2025/01/zyxel-cpe-devices-face-active.html) -- Social Engineering - - [ ] [When someone tells a story, what kind of questions can you ask which shows your engaged?](https://www.reddit.com/r/SocialEngineering/comments/1id7wix/when_someone_tells_a_story_what_kind_of_questions/) -- Technical Information Security Content & Discussion - - [ ] [CVE-2024-46507: Yeti Platform Server-Side Template Injection (SSTI)](https://www.reddit.com/r/netsec/comments/1id0ccq/cve202446507_yeti_platform_serverside_template/) - - [ ] [CVE-2024-49138 Windows CLFS heap-based buffer overflow analysis](https://www.reddit.com/r/netsec/comments/1icpgd8/cve202449138_windows_clfs_heapbased_buffer/) + - [ ] [Google: Over 57 Nation-State Threat Groups Using AI for Cyber Operations](https://thehackernews.com/2025/01/google-over-57-nation-state-threat.html) + - [ ] [Authorities Seize Domains of Popular Hacking Forums in Major Cybercrime Crackdown](https://thehackernews.com/2025/01/authorities-seize-domains-of-popular.html) + - [ ] [Lightning AI Studio Vulnerability Allowed RCE via Hidden URL Parameter](https://thehackernews.com/2025/01/lightning-ai-studio-vulnerability.html) + - [ ] [SOC Analysts - Reimagining Their Role Using AI](https://thehackernews.com/2025/01/soc-analysts-reimagining-their-role.html) + - [ ] [DeepSeek AI Database Exposed: Over 1 Million Log Lines, Secret Keys Leaked](https://thehackernews.com/2025/01/deepseek-ai-database-exposed-over-1.html) + - [ ] [Unpatched PHP Voyager Flaws Leave Servers Open to One-Click RCE Exploits](https://thehackernews.com/2025/01/unpatched-php-voyager-flaws-leave.html) + - [ ] [New Aquabot Botnet Exploits CVE-2024-41710 in Mitel Phones for DDoS Attacks](https://thehackernews.com/2025/01/new-aquabot-botnet-exploits-cve-2024.html) +- Graham Cluley + - [ ] [Smashing Security podcast #402: Hackers get hacked, the British Museum IT shutdown, and social media kidnaps](https://grahamcluley.com/smashing-security-podcast-402-hackers-get-hacked-the-british-museum-it-shutdown-and-social-media-kidnaps/) - Trend Micro Research, News and Perspectives - - [ ] [ASRM: A New Pillar for Cyber Insurance Underwriting](https://www.trendmicro.com/en_us/research/25/a/asrm-cyber-insurance-underwriting.html) + - [ ] [Lumma Stealer’s GitHub-Based Delivery Explored via Managed Detection and Response](https://www.trendmicro.com/en_us/research/25/a/lumma-stealers-github-based-delivery-via-mdr.html) + - [ ] [NDR: Not Just a "Nice to Have" Anymore](https://www.trendmicro.com/en_us/research/25/a/network-detection-response-ndr.html) +- Deeplinks + - [ ] [Executive Order to the State Department Sideswipes Freedom Tools, Threatens Censorship Resistance, Privacy, and Anonymity of Millions](https://www.eff.org/deeplinks/2025/01/executive-order-state-department-sideswipes-freedom-tools-threatens-censorship) + - [ ] [The Internet Never Forgets: Fighting the Memory Hole](https://www.eff.org/deeplinks/2025/01/internet-never-forgets-fighting-memory-hole) + - [ ] [Protect Your Privacy on Bumble](https://www.eff.org/deeplinks/2025/01/protect-your-privacy-bumble) +- The Register - Security + - [ ] [Data resilience and data portability](https://go.theregister.com/feed/www.theregister.com/2025/01/30/data_resilience_and_data_portability/) + - [ ] [VMware plugs steal-my-credentials holes in Cloud Foundation](https://go.theregister.com/feed/www.theregister.com/2025/01/30/vmware_infomration_disclosure_flaws/) + - [ ] [Trump admin's purge of US cyber advisory boards was 'foolish,' says ex-Navy admiral](https://go.theregister.com/feed/www.theregister.com/2025/01/30/gutting_us_cyber_advisory_boards/) + - [ ] [Ransomware attack at New York blood services provider – donors turned away during shortage crisis](https://go.theregister.com/feed/www.theregister.com/2025/01/30/ransomware_attack_at_new_york/) + - [ ] [Canvassing apps used by UK political parties riddled with privacy, security issues](https://go.theregister.com/feed/www.theregister.com/2025/01/30/uk_canvassing_app_issues/) + - [ ] [WFH with privacy? 85% of Brit bosses snoop on staff](https://go.theregister.com/feed/www.theregister.com/2025/01/30/forget_the_idea_of_wfh/) + - [ ] [Wacom says crooks probably swiped customer credit cards from its online checkout](https://go.theregister.com/feed/www.theregister.com/2025/01/30/wacom_data_loss/) + - [ ] [Guess who left a database wide open, exposing chat logs, API keys, and more? Yup, DeepSeek](https://go.theregister.com/feed/www.theregister.com/2025/01/30/deepseek_database_left_open/) - Palo Alto Networks Blog - - [ ] [IoMT Security Is Critical as Patients Take Control of Own Healthcare](https://www.paloaltonetworks.com/blog/2025/01/iomt-security-is-critical/) + - [ ] [Cortex Is the First SOC Platform to Achieve FedRAMP High Authorization](https://www.paloaltonetworks.com/blog/2025/01/cortex-achieve-fedramp-high-authorization/) +- Social Engineering + - [ ] ["Humans Aren’t the Weakest Link, They’re the Strongest Layer in Cybersecurity"](https://www.reddit.com/r/SocialEngineering/comments/1idqop9/humans_arent_the_weakest_link_theyre_the/) + - [ ] [How to better at socialising?](https://www.reddit.com/r/SocialEngineering/comments/1idam33/how_to_better_at_socialising/) +- Information Security + - [ ] [Change Healthcare data breach – how to protect yourself](https://www.reddit.com/r/Information_Security/comments/1idnbgn/change_healthcare_data_breach_how_to_protect/) + - [ ] [College Survey on AI-Enhanced Phishing and Cybersecurity Training Effectiveness](https://www.reddit.com/r/Information_Security/comments/1idq592/college_survey_on_aienhanced_phishing_and/) + - [ ] [CIS standards for CyberArk](https://www.reddit.com/r/Information_Security/comments/1idn856/cis_standards_for_cyberark/) + - [ ] [What is SHEIN doing to our data?](https://www.reddit.com/r/Information_Security/comments/1idgkn6/what_is_shein_doing_to_our_data/) +- Your Open Hacker Community + - [ ] [Everything is hacked 😊](https://www.reddit.com/r/HowToHack/comments/1ie17ff/everything_is_hacked/) + - [ ] [Phones that are open to connecting via Bluetooth](https://www.reddit.com/r/HowToHack/comments/1idms17/phones_that_are_open_to_connecting_via_bluetooth/) + - [ ] [Most Effective learning path to Reverse engineer network server of old games?](https://www.reddit.com/r/HowToHack/comments/1ids89n/most_effective_learning_path_to_reverse_engineer/) + - [ ] [Is there any website I can use to convert a large amount of passwords into Hashes (in batch)?](https://www.reddit.com/r/HowToHack/comments/1idu982/is_there_any_website_i_can_use_to_convert_a_large/) + - [ ] [Finding an array of class instances using Cheat Engine?](https://www.reddit.com/r/HowToHack/comments/1idh9ob/finding_an_array_of_class_instances_using_cheat/) + - [ ] [Free course](https://www.reddit.com/r/HowToHack/comments/1idm5ny/free_course/) + - [ ] [Cheat engine?](https://www.reddit.com/r/HowToHack/comments/1idu18m/cheat_engine/) + - [ ] [Who has dark web AI?](https://www.reddit.com/r/HowToHack/comments/1idtmsb/who_has_dark_web_ai/) + - [ ] [Question](https://www.reddit.com/r/HowToHack/comments/1ide7pg/question/) + - [ ] [I want to hack like elliot from mister robot](https://www.reddit.com/r/HowToHack/comments/1idwvv2/i_want_to_hack_like_elliot_from_mister_robot/) + - [ ] [Tips for Copying and Pasting from Apps That Restrict It](https://www.reddit.com/r/HowToHack/comments/1idg62q/tips_for_copying_and_pasting_from_apps_that/) + - [ ] [Can I duplicate a SIM card?](https://www.reddit.com/r/HowToHack/comments/1idihtl/can_i_duplicate_a_sim_card/) +- Krebs on Security + - [ ] [Infrastructure Laundering: Blending in with the Cloud](https://krebsonsecurity.com/2025/01/infrastructure-laundering-blending-in-with-the-cloud/) +- TorrentFreak + - [ ] [Pirate IPTV: Sweden Mulls ‘Viewing Ban’ as Illegal Subscriptions Soar 25%](https://torrentfreak.com/pirate-iptv-sweden-mulls-viewing-ban-as-illegal-subscriptions-soar-25-250130/) +- Full Disclosure + - [ ] [Quorum onQ OS - 6.0.0.5.2064 | Reflected Cross Site Scripting (XSS) | CVE-2024-44449](https://seclists.org/fulldisclosure/2025/Jan/23) + - [ ] [Deepseek writes textbook insecure code in 2025-01-28](https://seclists.org/fulldisclosure/2025/Jan/22) + - [ ] [Text injection on https://www.google.com/sorry/index via ?q parameter (no XSS)](https://seclists.org/fulldisclosure/2025/Jan/21) +- Technical Information Security Content & Discussion + - [ ] [The Slow Death of OCSP](https://www.reddit.com/r/netsec/comments/1idvdv5/the_slow_death_of_ocsp/) + - [ ] [Practising Heap Exploitation: Using House Of Force Technique with Practicals](https://www.reddit.com/r/netsec/comments/1idm8tr/practising_heap_exploitation_using_house_of_force/) + - [ ] [WebAssembly and security: a review](https://www.reddit.com/r/netsec/comments/1idnsqk/webassembly_and_security_a_review/) + - [ ] [A short Introduction to BloodHound Custom Queries](https://www.reddit.com/r/netsec/comments/1idlm4q/a_short_introduction_to_bloodhound_custom_queries/) + - [ ] [CVE-2024-46506: Unauthenticated RCE in NetAlertx](https://www.reddit.com/r/netsec/comments/1idsuzx/cve202446506_unauthenticated_rce_in_netalertx/) +- netsecstudents: Subreddit for students studying Network Security and its related subjects + - [ ] [GCP Red Teaming / Pentesting Certifications](https://www.reddit.com/r/netsecstudents/comments/1idjlk4/gcp_red_teaming_pentesting_certifications/) +- Security Affairs + - [ ] [DeepSeek database exposed highly sensitive information](https://securityaffairs.com/173666/data-breach/deepseek-db-exposed-highly-sensitive-information.html) + - [ ] [TeamViewer fixed a vulnerability in Windows client and host applications](https://securityaffairs.com/173658/security/teamviewer-windows-client-flaw.html) + - [ ] [Operation Talent: An international law enforcement operation seized Cracked, Nulled and other cybercrime websites](https://securityaffairs.com/173651/cyber-crime/operation-talent-seized-cracked-nulled-cybercrime-websites.html) + - [ ] [PHP package Voyager flaws expose to one-click RCE exploits](https://securityaffairs.com/173646/hacking/php-package-voyager-flaws.html) + - [ ] [Italy’s Data Protection Authority Garante requested information from Deepseek](https://securityaffairs.com/173637/digital-id/italys-garante-requested-information-from-deepseek.html) - Deep Web - - [ ] [Onion link lisk shutdown](https://www.reddit.com/r/deepweb/comments/1icjy0g/onion_link_lisk_shutdown/) - - [ ] [experienced/long-term deep web users, what kind of life do y’all live?](https://www.reddit.com/r/deepweb/comments/1icqrs3/experiencedlongterm_deep_web_users_what_kind_of/) - - [ ] [Hackers](https://www.reddit.com/r/deepweb/comments/1icl028/hackers/) -- Dark Space Blogspot - - [ ] [Storie Di Collassi Di Fondi, Banche e Società (Trading e Investimenti)](http://darkwhite666.blogspot.com/2025/01/storie-di-collassi-di-fondi-banche-e.html) + - [ ] [My friend stumbled upon these while gliding at dark web.](https://www.reddit.com/r/deepweb/comments/1idlmuj/my_friend_stumbled_upon_these_while_gliding_at/) - Security Weekly Podcast Network (Audio) - - [ ] [AI in 2025: The Shifting Regulatory Landscape For Artificial Intelligence - BSW #380](http://sites.libsyn.com/18678/ai-in-2025-the-shifting-regulatory-landscape-for-artificial-intelligence-bsw-380) -- Daniel Miessler - - [ ] [AI Novels Are Coming](https://danielmiessler.com/blog/ai-novels) + - [ ] [Cred Vaults, Cheap AI, and Hacking Devices - Matt Bishop - PSW #859](http://sites.libsyn.com/18678/cred-vaults-cheap-ai-and-hacking-devices-matt-bishop-psw-859) From 608eb3dda14cfa9fd56f8277205b7d3cde966f30 Mon Sep 17 00:00:00 2001 From: chainreactorbot Date: Sat, 1 Feb 2025 02:47:51 +0000 Subject: [PATCH 25/29] =?UTF-8?q?=E6=AF=8F=E6=97=A5=E5=AE=89=E5=85=A8?= =?UTF-8?q?=E8=B5=84=E8=AE=AF=EF=BC=882025-02-01=EF=BC=89?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- archive/daily/2025/2025-02-01.md | 339 ++++++++++++++++ archive/tmp/2025-02-01.json | 396 ++++++++++++++++++ today.md | 674 +++++++++++++++---------------- 3 files changed, 1050 insertions(+), 359 deletions(-) create mode 100644 archive/daily/2025/2025-02-01.md create mode 100644 archive/tmp/2025-02-01.json diff --git a/archive/daily/2025/2025-02-01.md b/archive/daily/2025/2025-02-01.md new file mode 100644 index 0000000000..4cedd0662e --- /dev/null +++ b/archive/daily/2025/2025-02-01.md @@ -0,0 +1,339 @@ +# 每日安全资讯(2025-02-01) + +- Recent Commits to cve:main + - [ ] [Update Fri Jan 31 20:21:24 UTC 2025](https://github.com/trickest/cve/commit/80a2dc60ca64c34a5211d8cf4b786686cc537efd) + - [ ] [Update Fri Jan 31 12:25:11 UTC 2025](https://github.com/trickest/cve/commit/add66039334dc9d7f2519acac27d7db61f9a2fe2) + - [ ] [Update Fri Jan 31 04:24:16 UTC 2025](https://github.com/trickest/cve/commit/a7d947e6c2b962b8d95547864478207be1c85ffd) +- SecWiki News + - [ ] [SecWiki News 2025-01-31 Review](http://www.sec-wiki.com/?2025-01-31) +- Trustwave Blog + - [ ] [Accelerate Your Journey with the Microsoft End Customer Investment Funds (ECIF) Program](https://www.trustwave.com/en-us/resources/blogs/trustwave-blog/accelerate-your-journey-with-the-microsoft-end-customer-investment-funds-ecif-program/) +- Security Boulevard + - [ ] [The Transformative Role of AI in Cybersecurity](https://securityboulevard.com/2025/01/the-transformative-role-of-ai-in-cybersecurity/) + - [ ] [DEF CON 32 – An Adversarial Approach To Airline Revenue Management Proving Ground](https://securityboulevard.com/2025/01/def-con-32-an-adversarial-approach-to-airline-revenue-management-proving-ground/) + - [ ] [Julianna Lamb on Choosing Authentication Platforms Over DIY](https://securityboulevard.com/2025/01/julianna-lamb-on-choosing-authentication-platforms-over-diy/) + - [ ] [Eric Brüggemann on Code Intelligence Launching Spark](https://securityboulevard.com/2025/01/eric-bruggemann-on-code-intelligence-launching-spark/) + - [ ] [Creating realistic, secure test data for Databricks](https://securityboulevard.com/2025/01/creating-realistic-secure-test-data-for-databricks/) + - [ ] [Ransomware Scum — Out For Blood: NYBCe is Latest Victim](https://securityboulevard.com/2025/01/nybc-blood-ransomware-richixbw/) + - [ ] [Zimperium’s Protection Against Tria Stealer’s SMS Data Theft](https://securityboulevard.com/2025/01/zimperiums-protection-against-tria-stealers-sms-data-theft/) + - [ ] [DEF CON 32 – Famous and Not So Famous Unsolved Codes](https://securityboulevard.com/2025/01/def-con-32-famous-and-not-so-famous-unsolved-codes/) + - [ ] [SlackPirate Set Sails Again! Or: How to Send the Entire “Bee Movie” Script to Your Friends in Slack](https://securityboulevard.com/2025/01/slackpirate-set-sails-again-or-how-to-send-the-entire-bee-movie-script-to-your-friends-in-slack/) + - [ ] [Analyzing DeepSeek’s System Prompt: Jailbreaking Generative AI](https://securityboulevard.com/2025/01/analyzing-deepseeks-system-prompt-jailbreaking-generative-ai/) +- ElcomSoft blog + - [ ] [The Evolution of iOS Passcode Security](https://blog.elcomsoft.com/2025/01/the-evolution-of-ios-passcode-security/) +- Sucuri Blog + - [ ] [Vulnerability & Patch Roundup — January 2025](https://blog.sucuri.net/2025/01/vulnerability-patch-roundup-january-2025.html) +- Doonsec's feed + - [ ] [秦安:这是中国股市成立以来,最值得乐观的春节前最后一个交易日](https://mp.weixin.qq.com/s?__biz=MzA5MDg1MDUyMA==&mid=2650476426&idx=1&sn=50f4e5bfae2cddbed3033316cd279398) + - [ ] [秦安:这么多利好,股市为何还跌?看清“五个事关”,踏实过好年](https://mp.weixin.qq.com/s?__biz=MzA5MDg1MDUyMA==&mid=2650476426&idx=2&sn=a4c95c840c04ceeaca228ced725ace44) + - [ ] [秦安:感恩冰天雪地慰问,发红包回馈员工,警惕倒行逆施制造事端](https://mp.weixin.qq.com/s?__biz=MzA5MDg1MDUyMA==&mid=2650476426&idx=3&sn=a812a2b943cdec6f328ebfa5bffe5fe2) + - [ ] [牟林:特朗普夺取格陵兰岛的可能性有多大?](https://mp.weixin.qq.com/s?__biz=MzA5MDg1MDUyMA==&mid=2650476426&idx=4&sn=e7892f7b8a98ef98eb2a0c2193de7450) + - [ ] [牟林:特朗普到底是要美国伟大还是自己伟大?](https://mp.weixin.qq.com/s?__biz=MzA5MDg1MDUyMA==&mid=2650476426&idx=5&sn=9429ab8ea944af973f22f0c683becd06) + - [ ] [放开双手 !SQL注入Fuzzing字典 (270个)](https://mp.weixin.qq.com/s?__biz=MzU2MTc4NTEyNw==&mid=2247486455&idx=1&sn=a774a64f04eac6941ef46359daa39ac2) + - [ ] [VLAN划分的三种方法,网络工程师收藏!](https://mp.weixin.qq.com/s?__biz=MzUyNTExOTY1Nw==&mid=2247528053&idx=1&sn=6c0a07662b4584eb394bb215e6a13f2e) + - [ ] [DeepSeek:AI时代的新探索者,开启智能革命的新篇章](https://mp.weixin.qq.com/s?__biz=Mzk2NDE5MDgxOQ==&mid=2247484823&idx=1&sn=368f5bbf4e0a91a06214f934a1a4f054) + - [ ] [【AI】DeepSeek 概念/影响/使用/部署](https://mp.weixin.qq.com/s?__biz=MzUyNTUyNTA5OQ==&mid=2247484873&idx=1&sn=b8520d6aae393acbc9010a4553c5b460) + - [ ] [2025年最新推荐的5款堡垒机,打造安全网络防线,秒收藏!](https://mp.weixin.qq.com/s?__biz=MzIyMzIwNzAxMQ==&mid=2649464771&idx=1&sn=56ced5ebaeea813e0f0bd666f3499426) + - [ ] [1.8s修复+反制,希望我的那些甲方和运维好好学一学](https://mp.weixin.qq.com/s?__biz=MzkyNTQ0OTYxOQ==&mid=2247483993&idx=1&sn=e4c7eb082905f0e214c28eeaba4624ea) + - [ ] [Deepseek是如何被黑掉的](https://mp.weixin.qq.com/s?__biz=MzIzMTIzNTM0MA==&mid=2247496994&idx=1&sn=d77c2e01b0dd8e2cb783fe7214e688c4) + - [ ] [世界需要一个能谋善断的AI(四)共生法则:当“谋士”遇见“统帅”](https://mp.weixin.qq.com/s?__biz=MzAxOTk3NTg5OQ==&mid=2247492290&idx=1&sn=4537403e0c9e2e62764f5869e078451a) + - [ ] [【原创】Ubuntu Server 18.04上,使用一张4060Ti显卡本地部署DeepSeek V3大模型训练](https://mp.weixin.qq.com/s?__biz=Mzg2MjYxODQ4Mw==&mid=2247484986&idx=1&sn=b99ed54ac81f3de4bd9b0b75d6692e4d) + - [ ] [分享的图片、视频、链接](https://mp.weixin.qq.com/s?__biz=Mzk2NDIwNzE5Ng==&mid=2247487394&idx=1&sn=8bfce153c1344cd33503da56dc6c7fd0) + - [ ] [DeepSeek-V2:一个强大、经济和高效的专家混合语言模型](https://mp.weixin.qq.com/s?__biz=MjM5OTk4MDE2MA==&mid=2655264904&idx=1&sn=b57987cc358dc5471b3c849b27669270) + - [ ] [《零零六》应急神器:月落中间件日志分析工具,全中间件日志均可分享,百万行日志如同切菜](https://mp.weixin.qq.com/s?__biz=Mzg4NDk4MTk5OA==&mid=2247485532&idx=1&sn=b8f7ae238b162c298e29f192d577ab87) + - [ ] [警惕|售前入狱指南:从面向监狱编程到面向监狱投标](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485484&idx=1&sn=4c7b3d7e39d2150ff68c604547f17ab9) + - [ ] [北七家-未来科学城,3居变4居豪装,理想楼层/户型/朝向](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485484&idx=2&sn=6e24ad74f8b9aa1cfc7cdb80e8c4af32) + - [ ] [【干货】笑傲职场的独家经验(1)](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485484&idx=3&sn=176e2b4dabd62cf6133ccd18cebc238a) + - [ ] [【干货原创】实网攻防演习常态化,会带来什么变化01](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485484&idx=4&sn=83a9db7a7edfea3c082777c7e1e385b3) + - [ ] [【干货原创】K12教育,鲜为人知的模式秘密](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485484&idx=5&sn=f7e9bbdfdb9b130753e700ceb13a0e9c) + - [ ] [原创文章目录](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485484&idx=6&sn=ba36a6cc5cac726e99a8383b23b04fbe) + - [ ] [Dark101勒索病毒实战分析](https://mp.weixin.qq.com/s?__biz=MzA4ODEyODA3MQ==&mid=2247490247&idx=1&sn=1fa03f99607f5e0c716d503466fdb9d6) + - [ ] [破解大脑防火墙:黑客式自控力提升指南(春节特别版)](https://mp.weixin.qq.com/s?__biz=MzU0NDc0NTY3OQ==&mid=2247488425&idx=1&sn=5f38984f963693eee431f1edacbc928e) + - [ ] [Ollama+DeepSeek+AnythingLLM搭建个人AI知识库](https://mp.weixin.qq.com/s?__biz=Mzg2ODc0Mjc0Mw==&mid=2247484177&idx=1&sn=6e2fc13cf7e00b48395558c104b0773d) + - [ ] [告别命令行!DeepSeek本地运行可视化指南:从安装到交互界面实战](https://mp.weixin.qq.com/s?__biz=MzU3Mjk2NDU2Nw==&mid=2247492552&idx=1&sn=402d5fb57f89d62a333008877fafe951) + - [ ] [三个小技巧(二)](https://mp.weixin.qq.com/s?__biz=MjM5NDcxMDQzNA==&mid=2247489395&idx=1&sn=befd90cc96a0a37eb3aff5412bf52dde) + - [ ] [安全圈瓜田理下集合【2025/1/31】](https://mp.weixin.qq.com/s?__biz=MzAxNzg3NzMyNQ==&mid=2247489534&idx=1&sn=17b382547ab13aa20e5bb705d28c4e5d) + - [ ] [web应急之各中间件日志保存位置](https://mp.weixin.qq.com/s?__biz=MzU4NTg4MzIzNA==&mid=2247484358&idx=1&sn=d537fdb218cc12823147e284dbb35d76) + - [ ] [网络安全入门必知的攻击方法](https://mp.weixin.qq.com/s?__biz=MzI3NzM5NDA0NA==&mid=2247490339&idx=1&sn=8d98eac3f1e2cf716da9844f415f3d39) + - [ ] [仅80元,用ESP32 开发板 DIY一个AI大模型瓦力机器人,可接入DeepSeek、OpenAI](https://mp.weixin.qq.com/s?__biz=MjM5OTA4MzA0MA==&mid=2454936748&idx=1&sn=910a43dcda1073b8061c817da504189c) + - [ ] [【谨防诈骗】DeepSeek 的大流量引发的假冒诈骗](https://mp.weixin.qq.com/s?__biz=Mzk0NDU1NTA5MA==&mid=2247484408&idx=1&sn=7381fe4211cc20dbd84a27f5a2207a62) + - [ ] [大年初三 | 新春万福 聚财纳福!](https://mp.weixin.qq.com/s?__biz=MzkzMjE5MTY5NQ==&mid=2247503442&idx=1&sn=af8273c40dcc9f97ebf68761a3d37a9a) + - [ ] [(吃瓜)神人TV之网安姜萍——CTF圈PY之神,民办“清华”哥](https://mp.weixin.qq.com/s?__biz=MzkzNjczNzEyMw==&mid=2247484186&idx=1&sn=dcd2d7bab9054490e1826758361cc7aa) + - [ ] [如何快速的在本地搭建 deepseek (小白一学就会)](https://mp.weixin.qq.com/s?__biz=Mzg4NzgzMjUzOA==&mid=2247485474&idx=1&sn=954535d81510437ec8f706144bc91b74) + - [ ] [AI风险分析 | 从Freysa转账案例看智能体应用的潜在风险](https://mp.weixin.qq.com/s?__biz=MzkyMTI0NjA3OA==&mid=2247494055&idx=1&sn=1a0b66065e3db8d26597a12328032d82) + - [ ] [在汽车行业实现卓越的网络安全和合规性 - 一个真实的案例研究](https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247620273&idx=1&sn=89354977edba60af567bd946514124cd) + - [ ] [推进汽车网络安全:弥合鸿沟,拥抱机遇](https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247620273&idx=2&sn=8020625a5bfbe49f838a4783b82b9587) + - [ ] [掌握模糊测试-如何在法规遵从中克服网络安全挑战](https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247620273&idx=3&sn=81d8a8e66ef322e532fdb9b8d7b1021a) + - [ ] [每周高级威胁情报解读(2025.01.24~01.31)](https://mp.weixin.qq.com/s?__biz=MzI2MDc2MDA4OA==&mid=2247513888&idx=1&sn=2a5b30e99a3f23b7dbe60666c3d81cca) + - [ ] [攻击再次升级,DeepSeek被网络攻击的真凶?](https://mp.weixin.qq.com/s?__biz=Mzg2NDYwMDA1NA==&mid=2247543659&idx=1&sn=156fe9160529ef9165dd4a443b781c7c) + - [ ] [Deepseek核心成员学历及薪资,最高110K](https://mp.weixin.qq.com/s?__biz=Mzg2NDYwMDA1NA==&mid=2247543659&idx=2&sn=f80909372d13c0dba56d7282eb1ef9bf) + - [ ] [【实操】美国客机与黑鹰直升机相撞的视频、音频、轨迹回放及遇难机组和乘客](https://mp.weixin.qq.com/s?__biz=MzI2MTE0NTE3Mw==&mid=2651148793&idx=1&sn=03180450dc0a7ac7bb10d75ce4ca6d3c) + - [ ] [水洞扫描工具 -- PenSafe](https://mp.weixin.qq.com/s?__biz=MzkxMzMyNzMyMA==&mid=2247570692&idx=1&sn=ef1d45f4f6f3b1eb949acb33510daaa9) + - [ ] [高级 DNS 攻击:投毒与利用](https://mp.weixin.qq.com/s?__biz=MzAxMjYyMzkwOA==&mid=2247527421&idx=1&sn=96068eceb823d6761b0f08fc7dd9ae35) + - [ ] [破解 Active Directory — CrackMapExec 传递哈希值:探索 AD 攻击技术](https://mp.weixin.qq.com/s?__biz=MzAxMjYyMzkwOA==&mid=2247527421&idx=2&sn=100eff74c2040603d8c90616e868cb7d) + - [ ] [DeepSeek暴露出的典型网络安全问题](https://mp.weixin.qq.com/s?__biz=MzA4MzMzOTQ4Mw==&mid=2453672535&idx=1&sn=ad93fe6c0a53d44203ada57225a5b660) + - [ ] [DeepSeek黑科技:当AI化身网络世界的\"超级保镖\",黑客慌了!](https://mp.weixin.qq.com/s?__biz=MzIyODU4MzcyMQ==&mid=2247485427&idx=1&sn=292e05b010cda839b87aa17699b84f1e) + - [ ] [DeepSeek的强大,一句话让AI帮我写了个程序-流量安全分析研判工具](https://mp.weixin.qq.com/s?__biz=Mzg2NTk4MTE1MQ==&mid=2247486497&idx=1&sn=5ec5098395786fd3ea02d05786a5558d) + - [ ] [仿生人deepseek会梦见电子cnvd吗](https://mp.weixin.qq.com/s?__biz=MzIxOTQ1OTY4OQ==&mid=2247486313&idx=1&sn=d6bb43d09876844acfba07a896c6ee15) + - [ ] [从deepseek看ddos攻击](https://mp.weixin.qq.com/s?__biz=MzkxNTY4NTQwMg==&mid=2247484298&idx=1&sn=2a90ffda25b5a3c5142512fb51d9ad86) + - [ ] [这真是大沙笔](https://mp.weixin.qq.com/s?__biz=MzkzMjQ0MTk1OQ==&mid=2247484076&idx=1&sn=0c9c05e859a43886a8c34b7cd5667f73) + - [ ] [伪造cookie进入后台](https://mp.weixin.qq.com/s?__biz=MzkxNzY2MjU2Mg==&mid=2247483807&idx=1&sn=9a1c99c32c84640da7f966692a981b71) + - [ ] [旧知新话说“标识”之生意篇:基于标识的智能仓储保障年货供应](https://mp.weixin.qq.com/s?__biz=MzU1OTUxNTI1NA==&mid=2247592383&idx=1&sn=46b4e9e8667a84be60382140e6d8e931) + - [ ] [州弟的靶场练习 - HEYBBS 2.1 审计](https://mp.weixin.qq.com/s?__biz=Mzg4MTkwMTI5Mw==&mid=2247488820&idx=1&sn=d24fff0083c62bbb08de7522ddcfb191) + - [ ] [哥斯拉二开从0到1-2(免杀)](https://mp.weixin.qq.com/s?__biz=MzAxNzkyOTgxMw==&mid=2247493840&idx=1&sn=3482149c0823f566085f61a99735ad9e) + - [ ] [deepseek本地部署+web图形化页面配置+对比其他ai模型](https://mp.weixin.qq.com/s?__biz=Mzk1NzE0ODk3Nw==&mid=2247491155&idx=1&sn=c4f6531eef133548b6676af5a9a5c1bf) + - [ ] [夜鹰(NightHawk)C2工具-泄露部分](https://mp.weixin.qq.com/s?__biz=MzkwOTE5MDY5NA==&mid=2247504834&idx=1&sn=9111b67c602d807277dacf1aa967d974) + - [ ] [2025年1月 一批网络安全相关新规开始施行!](https://mp.weixin.qq.com/s?__biz=MzIxNDIzNTcxMg==&mid=2247506760&idx=1&sn=19e9444d7721854b8c39f29f151fa0f9) + - [ ] [收藏 | dotNet安全矩阵 2024 年度逆向调试分析阶段文章和工具汇总](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498584&idx=1&sn=d85935a8bccaf28b5e5203c9cd937ea9) + - [ ] [.NET 内网攻防实战电子报刊](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498584&idx=2&sn=3d15023570e640313e68870e0ee24904) + - [ ] [收藏 | dotNet安全矩阵 2024 年度外网入口打点阶段文章和工具汇总](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498584&idx=3&sn=8e71ffa26350c09847ab769b9dbedcc2) + - [ ] [收藏 | dotNet安全矩阵 2024 年度目标权限维持阶段文章和工具汇总](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498584&idx=4&sn=d14acdfea6504a47d1e46e7c8f38cf54) + - [ ] [Linux基础命令(二)](https://mp.weixin.qq.com/s?__biz=Mzk1Nzc0MzY3NA==&mid=2247483753&idx=1&sn=49384ed01ecedc2565a44a132b272d09) + - [ ] [滥用多播投毒实现预认证 Kerberos 中继](https://mp.weixin.qq.com/s?__biz=MzAxODM5ODQzNQ==&mid=2247486893&idx=1&sn=2c0a70c6f644cacbabbec21d304946a6) + - [ ] [DeepSeek爆火快来搭建私有ChatGPT_deepseek成为你私有化](https://mp.weixin.qq.com/s?__biz=MzI2OTk4MTA3Ng==&mid=2247496962&idx=1&sn=ad190b15e766558d2b057e80e5eb864d) + - [ ] [手把手教大家学习DeepSeek新手必看!全功能详解与实操指南,带你逆袭成AI大神](https://mp.weixin.qq.com/s?__biz=MzI2OTk4MTA3Ng==&mid=2247496962&idx=2&sn=464bca3a03a1e209a0aff4cedb8341ad) + - [ ] [年已过半,该收拾收拾,准备打工去了......](https://mp.weixin.qq.com/s?__biz=MzUzNjkxODE5MA==&mid=2247488209&idx=1&sn=24d45d27215ad6616e7ad11724e25609) + - [ ] [这个世界这么抽象的嘛](https://mp.weixin.qq.com/s?__biz=Mzk0MzY3MDE5Mg==&mid=2247484024&idx=1&sn=164631b9aaa65c09dca95bc893f744ee) + - [ ] [我毕生玩抽象,也玩不过这些真正的大沙币](https://mp.weixin.qq.com/s?__biz=MzkyOTQzNjIwNw==&mid=2247491645&idx=1&sn=8b35f7286af6ab00b755190330bb4c79) + - [ ] [【2025春节】解题领红包活动排行榜(初三 1/31)](https://mp.weixin.qq.com/s?__biz=MjM5Mjc3MDM2Mw==&mid=2651141663&idx=1&sn=63c355a201f947c905a68b07647ab32a) + - [ ] [惊天一撞,华盛顿客机与直升机空难背后的真相!](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650559372&idx=1&sn=0410ce8851f28ddbc609457ae73483de) + - [ ] [美国为何对 DeepSeek 如此“上心”?一场科技博弈的真相](https://mp.weixin.qq.com/s?__biz=MzkwNzM0NzA5MA==&mid=2247505068&idx=1&sn=4bf2334b280b144d562ac07095958acd) + - [ ] [俄罗斯APT威胁英国及其盟友,英政府高官发出警告](https://mp.weixin.qq.com/s?__biz=Mzg3OTYxODQxNg==&mid=2247485659&idx=1&sn=9a1f88742398761691e3da98dddfddcb) + - [ ] [2024 年渗透测试路线图:从初学者到受聘的 8 个步骤](https://mp.weixin.qq.com/s?__biz=Mzg4NzgyODEzNQ==&mid=2247488640&idx=1&sn=6823a2045bf297fd8f81e176be33a15f) + - [ ] [WVP-GB28181摄像头管理平台user信息泄露漏洞](https://mp.weixin.qq.com/s?__biz=MzkyOTg3ODc5OA==&mid=2247484326&idx=1&sn=ec20d154a16e5fff47cb40da8080cff7) + - [ ] [这才是DeepSeek的正确使用方式!你还在用GPT那套就废了,春节前最后预警](https://mp.weixin.qq.com/s?__biz=MzkxNjMwNDUxNg==&mid=2247487250&idx=1&sn=8515efa2ae03b73faf0154fcac23f1ac) + - [ ] [如何找到更多漏洞赏金的子域?深入了解 Recon](https://mp.weixin.qq.com/s?__biz=MzkwOTE5MDY5NA==&mid=2247504783&idx=1&sn=0b286a996a793e420114b78a4ab28260) + - [ ] [太专业了 | 看完直呼学到了](https://mp.weixin.qq.com/s?__biz=Mzk0NzQxNzY2OQ==&mid=2247488121&idx=1&sn=5b995263cc37edcb4b5b49b0c9e04fbd) + - [ ] [三大暗网论坛被FBI查封:Nulled.to、Cracked.to、Sellix.io](https://mp.weixin.qq.com/s?__biz=MzkzNDIzNDUxOQ==&mid=2247494660&idx=1&sn=78a7e764b99312cacb05bbc152126f47) + - [ ] [Claude的CEO表示:AI可能改变一切,AI监管迫在眉睫](https://mp.weixin.qq.com/s?__biz=MzkzNDIzNDUxOQ==&mid=2247494660&idx=2&sn=1fec4b47ea7ed7cf1ffa7a383a2c1720) + - [ ] [[0131] 一周重点威胁情报|天际友盟情报站](https://mp.weixin.qq.com/s?__biz=MzIwNjQ4OTU3NA==&mid=2247510031&idx=1&sn=96238f2c438e027f989dc96653204673) + - [ ] [【JAVA代码审计】bootplus 管理系统审计](https://mp.weixin.qq.com/s?__biz=Mzg4MTkwMTI5Mw==&mid=2247488801&idx=1&sn=23d3e5f6c01320523c5495ca12df4bf2) + - [ ] [DeepSeek 数据库未授权访问漏洞,导致大量数据泄露](https://mp.weixin.qq.com/s?__biz=MzIxMTg1ODAwNw==&mid=2247500544&idx=1&sn=ebf9f3fcb46a7bcadad135da1b6e8fd8) + - [ ] [美国对DeepSeek“出手”了!AI大模型如何迎战网络恶意攻击?](https://mp.weixin.qq.com/s?__biz=MjM5NzA3Nzg2MA==&mid=2649870870&idx=1&sn=7685e470c401fdb0831d90ac129b068f) + - [ ] [创宇猎幽NDR流量监测系统:向前防御,威胁检测](https://mp.weixin.qq.com/s?__biz=MjM5NzA3Nzg2MA==&mid=2649870870&idx=2&sn=72942469d7ee4ea63b7171dd6e606c62) + - [ ] [医疗行业数据安全风险评估实践指南(二)](https://mp.weixin.qq.com/s?__biz=Mzg2NjY2MTI3Mg==&mid=2247498376&idx=1&sn=8f7f3f907a84a2b5a13e4e552247526a) + - [ ] [无参数读文件和RCE的利用研究](https://mp.weixin.qq.com/s?__biz=MjM5MjEyMTcyMQ==&mid=2651037458&idx=1&sn=0ee75174afec20a34c3f3243329d42e4) + - [ ] [AI抢不走的工作,微软力挺红队测试仍需人类“掌舵”](https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651313290&idx=1&sn=a6d328c9fd6e44ceb96698a3205f5786) + - [ ] [新的“双击劫持”漏洞绕过主要网站上的点击劫持保护](https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651313290&idx=2&sn=44a6a38890bbe1cf23af0cb8162a8362) + - [ ] [虚假PoC漏洞利用正用来攻击研究人员](https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651313290&idx=3&sn=c9beec9c5ce5078f2a7e260af8dc140f) + - [ ] [IAMActionHunter:一款AWS IAM策略声明解析和查询工具](https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651313290&idx=4&sn=c46a99c55e12a98fb61cc4819e385d68) + - [ ] [大年初三 蛇全蛇美](https://mp.weixin.qq.com/s?__biz=Mzg2MTU5ODQ2Mg==&mid=2247507175&idx=1&sn=0d04c34fa4f1ea8c975d2765b3fcdde8) + - [ ] [数字取证之数据保护u200c](https://mp.weixin.qq.com/s?__biz=MjM5OTk4MDE2MA==&mid=2655264880&idx=1&sn=7424698e3f088be94f084851bee8adde) + - [ ] [祥蛇嬉初三 福运伴身畔](https://mp.weixin.qq.com/s?__biz=MzU0MjEwNTM5Ng==&mid=2247520423&idx=1&sn=435bb09e1f0125a3af0ccfdbbe203099) + - [ ] [大年初三 | 金福盈门,万象更新](https://mp.weixin.qq.com/s?__biz=Mzk0MDQ5MTQ4NA==&mid=2247487429&idx=1&sn=5756ef7cab4f6ff1ce0a1364151444a5) + - [ ] [网安原创文章推荐【2025/1/30】](https://mp.weixin.qq.com/s?__biz=MzAxNzg3NzMyNQ==&mid=2247489527&idx=1&sn=410e2304fe7538839c5cb1c2467bb056) + - [ ] [初三](https://mp.weixin.qq.com/s?__biz=MzUyMjAyODU1NA==&mid=2247491948&idx=1&sn=4852c2eb3611785194c330002093797a) + - [ ] [大年初三 | 福绕蛇年,万“巳”胜意](https://mp.weixin.qq.com/s?__biz=MzA4MTg0MDQ4Nw==&mid=2247579271&idx=1&sn=bfb185d569ae97db908675e7f2419714) + - [ ] [rsync进阶指南:14个提升效率的黑科技用法](https://mp.weixin.qq.com/s?__biz=MzI5MjY4MTMyMQ==&mid=2247489889&idx=1&sn=ed213d71fa01c3309c93e853d4e8c1ed) + - [ ] [DeepSeek 数据库裸奔 百万敏感数据任人取!](https://mp.weixin.qq.com/s?__biz=MzAwMjA5OTY5Ng==&mid=2247525706&idx=1&sn=976ec18c7118e288efff987289130d14) + - [ ] [欧盟《网络复原力法》全文翻译](https://mp.weixin.qq.com/s?__biz=MzIxODM0NDU4MQ==&mid=2247506421&idx=1&sn=f3b2c847cf7748ef86bc68daa496de01) + - [ ] [飞书文档快速转化本地makedown文件](https://mp.weixin.qq.com/s?__biz=Mzk0ODY1NzEwMA==&mid=2247486602&idx=1&sn=faff49b1d51d07088cac426018d9ddef) + - [ ] [Java反序列化漏洞 | Fastjson反序列化漏洞原理+漏洞复现](https://mp.weixin.qq.com/s?__biz=Mzk0Mzc1MTI2Nw==&mid=2247487416&idx=1&sn=3071e9e82d12510b732a50c8e22cd596) + - [ ] [美国DARPA的宏伟Red-C计划:通过“自我修复固件”实现网络攻击的实时检测与修复](https://mp.weixin.qq.com/s?__biz=MzkyMjQ5ODk5OA==&mid=2247507167&idx=1&sn=26840502c819f510d39d577dccb84196) + - [ ] [5th域安全微讯早报【20250131】027期](https://mp.weixin.qq.com/s?__biz=MzkyMjQ5ODk5OA==&mid=2247507167&idx=2&sn=5e964e3fa5c3c44a17a1eade47f8ea71) + - [ ] [CVE-2024-49138 poc windows CLFS.sys提权漏洞](https://mp.weixin.qq.com/s?__biz=MzU1NzczNTM1MQ==&mid=2247485185&idx=1&sn=b8349c313ac09f29240c61f055433ddd) + - [ ] [Cadiclus – 使用PowerShell辅助Linux 系统提权](https://mp.weixin.qq.com/s?__biz=MzU1NzczNTM1MQ==&mid=2247485185&idx=2&sn=c8f3a8d2d11a3eaf2491baeb50be5792) + - [ ] [正月初三| 三阳开泰 日富一日](https://mp.weixin.qq.com/s?__biz=MzI2MzU0NTk3OA==&mid=2247506082&idx=1&sn=f2db30e5f0ea2346966522e0549b57d3) + - [ ] [捷普信创安全产品线,助力信创产业发展](https://mp.weixin.qq.com/s?__biz=MzI2MzU0NTk3OA==&mid=2247506082&idx=2&sn=20cc3516e0158067694fa5fd3a3ce1a9) + - [ ] [【焕新领先】捷普IPS/IDS系统](https://mp.weixin.qq.com/s?__biz=MzI2MzU0NTk3OA==&mid=2247506082&idx=3&sn=93dde62780cb716dcdb350ec05102794) + - [ ] [使用豆包获取抖音文案](https://mp.weixin.qq.com/s?__biz=Mzk0MTI4NTIzNQ==&mid=2247492239&idx=1&sn=f547e48b7cb815b2cde4361dd852d1e9) + - [ ] [ECShop 4.x collection_list SQL注入](https://mp.weixin.qq.com/s?__biz=Mzg4NDg3NjE5MQ==&mid=2247485617&idx=1&sn=cbea289e260befd038d87e4741df7ca9) + - [ ] [正月初三贴赤口!亚信安全祝大家抬头见禧,蛇运亨通](https://mp.weixin.qq.com/s?__biz=MjM5NjY2MTIzMw==&mid=2650620967&idx=1&sn=d6e3efc6033a4781fd8740b2499a17fb) + - [ ] [大年初三 三阳开泰](https://mp.weixin.qq.com/s?__biz=MjM5NzE0NTIxMg==&mid=2651135290&idx=1&sn=dbeba374802d07fb246a2c9630ba2375) + - [ ] [初三 | 四季皆如意,万事尽亨通,新岁多欢颜,康泰常相伴!](https://mp.weixin.qq.com/s?__biz=MzU4NjY4MDAyNQ==&mid=2247497080&idx=1&sn=4a5edfd2575e50bfbd568743f9f9a172) + - [ ] [2025年全球风险报告:冲突、环境和虚假信息是主要威胁](https://mp.weixin.qq.com/s?__biz=MzUzODYyMDIzNw==&mid=2247516970&idx=1&sn=06109ad8fa78d90f969ee430577ef590) + - [ ] [针对DeepSeek的网络攻击再升级:僵尸网络进场 攻击指令激增上百倍u200b](https://mp.weixin.qq.com/s?__biz=MzAxMjE3ODU3MQ==&mid=2650607360&idx=1&sn=c48a0548576e4ce9ae4ed53e751d671c) + - [ ] [2025网络暴露危机报告:45%第三方应用越权访问用户数据](https://mp.weixin.qq.com/s?__biz=MzAxMjE3ODU3MQ==&mid=2650607360&idx=2&sn=d60da4ef519827d85981b8d02d848e2f) + - [ ] [经典华为路由器漏洞复现详细分析(包括整个漏洞链)](https://mp.weixin.qq.com/s?__biz=MzAxMjE3ODU3MQ==&mid=2650607360&idx=3&sn=cac10cb8e85c07f523764294668f4fec) + - [ ] [AutoPen - 自动化渗透测试工具](https://mp.weixin.qq.com/s?__biz=MzAxMjE3ODU3MQ==&mid=2650607360&idx=4&sn=e33cdb19a4aabc1350cfd4c407aa7076) + - [ ] [初三:喜报春来](https://mp.weixin.qq.com/s?__biz=MzU0NDk0NTAwMw==&mid=2247624777&idx=1&sn=4af85ac3e0ff1b3aa079b4aea709111c) + - [ ] [自动化代码审计工具](https://mp.weixin.qq.com/s?__biz=MzkyNzIxMjM3Mg==&mid=2247489194&idx=1&sn=c3c275b655d3817e6f75a800f10a0e01) + - [ ] [夺回失去的一切](https://mp.weixin.qq.com/s?__biz=MzkyNzIxMjM3Mg==&mid=2247489194&idx=2&sn=c7ce655667ccb528720b4da5ed8ded7f) + - [ ] [【初三】畅享惬意假期 尽享无忧时光](https://mp.weixin.qq.com/s?__biz=MjM5NTE0MjQyMg==&mid=2650624575&idx=1&sn=a1c5ed5f4b0b0de27bba620517b40099) + - [ ] [【贺蛇年】初三送福 信安保吉](https://mp.weixin.qq.com/s?__biz=MzAxMjE1MDY0NA==&mid=2247508844&idx=1&sn=08446e6ae4fd80b63e788f60f6df0ec1) + - [ ] [一分钟搭建本地大模型DeepSeek!永久免费!无需联网!一条命令即可搭建!!!!](https://mp.weixin.qq.com/s?__biz=Mzg2Nzk0NjA4Mg==&mid=2247498557&idx=1&sn=4be63db2842575769a912e8c3332c989) + - [ ] [山石网科·AI汇东方|正月初三,张贴赤口](https://mp.weixin.qq.com/s?__biz=MzAxMDE4MTAzMQ==&mid=2661298290&idx=1&sn=b4f906505b483a77b737f218f4ee339e) +- Tenable Blog + - [ ] [Cybersecurity Snapshot: CSA Offers Tips for Deploying AI Securely, While Deloitte Says Cyber Teams’ GenAI Use Yields Top ROI](https://www.tenable.com/blog/cybersecurity-snapshot-ai-security-tips-generative-ai-roi-01-31-2025) +- Blog – Red Siege Information Security + - [ ] [Security Posture Review and Penetration Testing](https://redsiege.com/blog/2025/01/security-posture-review-and-penetration-testing/) +- Bug Bounty in InfoSec Write-ups on Medium + - [ ] [My Bug Bounty Journey: A Middle-Class Kid’s Quest for Free and Beyond](https://infosecwriteups.com/my-bug-bounty-journey-a-middle-class-kids-quest-for-free-and-beyond-1cd6b65240d6?source=rss----7b722bfd1b8d--bug_bounty) + - [ ] [How I Earned $200 Using GitHub Dorking: A Manual and Automated Guide to Finding Sensitive…](https://infosecwriteups.com/how-i-earned-200-using-github-dorking-a-manual-and-automated-guide-to-finding-sensitive-ebbbfcad7296?source=rss----7b722bfd1b8d--bug_bounty) +- Hexacorn + - [ ] [Files of interest](https://www.hexacorn.com/blog/2025/01/31/9839/) +- SentinelOne + - [ ] [The Good, the Bad and the Ugly in Cybersecurity – Week 5](https://www.sentinelone.com/blog/the-good-the-bad-and-the-ugly-in-cybersecurity-week-5-6/) +- Malware-Traffic-Analysis.net - Blog Entries + - [ ] [2025-01-31: Two pcaps of AgentTesla-style data exfil, one using FTP and one using SMTP](https://www.malware-traffic-analysis.net/2025/01/31/index.html) +- HAHWUL + - [ ] [Enhancing OWASP Noir with AI](https://www.hahwul.com/2025/01/31/owasp-noir-x-llm/) +- Securelist + - [ ] [One policy to rule them all](https://securelist.com/group-policies-in-cyberattacks/115331/) +- Binary Ninja + - [ ] [RE//thinking Conferences](https://binary.ninja/2025/01/31/re-thinking-conferences.html) +- Reverse Engineering + - [ ] [Game Reverse Engineering for Dummies](https://www.reddit.com/r/ReverseEngineering/comments/1ief03g/game_reverse_engineering_for_dummies/) +- Malwarebytes + - [ ] [ClickFix vs. traditional download in new DarkGate campaign](https://www.malwarebytes.com/blog/cybercrime/2025/01/clickfix-vs-traditional-download-in-new-darkgate-campaign) + - [ ] [Cybercrime gets a few punches on the nose](https://www.malwarebytes.com/blog/news/2025/01/cybercrime-gets-a-few-punches-on-the-nose) +- Wallarm + - [ ] [Analyzing DeepSeek’s System Prompt: Jailbreaking Generative AI](https://lab.wallarm.com/jailbreaking-generative-ai/) +- FreeBuf网络安全行业门户 + - [ ] [意大利数据保护局封禁DeepSeek AI平台,用户数据透明度不足成焦点](https://www.freebuf.com/articles/database/420991.html) +- 奇客Solidot–传递最新科技情报 + - [ ] [朱诺号在木卫一上记录到至今最强的火山活动](https://www.solidot.org/story?sid=80455) + - [ ] [新发现小行星有 1/83 的概率在 2032 年撞击地球](https://www.solidot.org/story?sid=80454) + - [ ] [库克告诉张忠谋英特尔不知道如何代工芯片](https://www.solidot.org/story?sid=80453) + - [ ] [巴塞尔税务机关因域名错误不得不购买巴哈马域名](https://www.solidot.org/story?sid=80452) +- 黑海洋 - IT技术知识库 + - [ ] [DeepSeek 多模态大模型 Janus-Pro-7B 本地部署教程!支持图像生成](https://blog.upx8.com/4681) +- 吾爱破解论坛 + - [ ] [【2025春节】解题领红包活动排行榜(初三 1/31)](https://mp.weixin.qq.com/s?__biz=MjM5Mjc3MDM2Mw==&mid=2651141663&idx=1&sn=63c355a201f947c905a68b07647ab32a&chksm=bd50a64b8a272f5d946a584369ed1e63aa1e848c064f9913f5d0b8b726d9d660a7d66a00e91c&scene=58&subscene=0#rd) +- dotNet安全矩阵 + - [ ] [收藏 | dotNet安全矩阵 2024 年度逆向调试分析阶段文章和工具汇总](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498584&idx=1&sn=d85935a8bccaf28b5e5203c9cd937ea9&chksm=fa5955b5cd2edca34577829765f94d7f8f8ba90adf5b6e399ec3c452c66f86875c7bf5bf1fe9&scene=58&subscene=0#rd) + - [ ] [.NET 内网攻防实战电子报刊](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498584&idx=2&sn=3d15023570e640313e68870e0ee24904&chksm=fa5955b5cd2edca3ab75eec14cdb7db823d32a7563590a024fd77a432760513df551302e0537&scene=58&subscene=0#rd) + - [ ] [收藏 | dotNet安全矩阵 2024 年度外网入口打点阶段文章和工具汇总](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498584&idx=3&sn=8e71ffa26350c09847ab769b9dbedcc2&chksm=fa5955b5cd2edca3ff4e40e9c3fbd087950be3490983ed47fb037e3bed4a8ec43f8f4ff18cc2&scene=58&subscene=0#rd) + - [ ] [收藏 | dotNet安全矩阵 2024 年度目标权限维持阶段文章和工具汇总](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498584&idx=4&sn=d14acdfea6504a47d1e46e7c8f38cf54&chksm=fa5955b5cd2edca3e25bcab2043d40960b8493619cf515dd830c9a69f2f552048d360d1723d5&scene=58&subscene=0#rd) +- 丁爸 情报分析师的工具箱 + - [ ] [【实操】美国客机与黑鹰直升机相撞的视频、音频、轨迹回放及遇难机组和乘客](https://mp.weixin.qq.com/s?__biz=MzI2MTE0NTE3Mw==&mid=2651148793&idx=1&sn=03180450dc0a7ac7bb10d75ce4ca6d3c&chksm=f1af26c3c6d8afd574a2952fe360477386f6c4b3918f013832c9caf99dedafd4d4838e3aa576&scene=58&subscene=0#rd) +- 情报分析师 + - [ ] [惊天一撞,华盛顿客机与直升机空难背后的真相!](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650559372&idx=1&sn=0410ce8851f28ddbc609457ae73483de&chksm=87117dc7b066f4d1ad44ee89f45d8490695f007aa2b56cf7f6d72328537333ddcdfc9c7337b7&scene=58&subscene=0#rd) + - [ ] [美国为何对 DeepSeek 如此“上心”?一场科技博弈的真相](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650559372&idx=2&sn=369c0d3168fb3469fb3aefa3fb9cafd0&chksm=87117dc7b066f4d1185de6f282e7121df9671775c92c0f4fb83ca20be6f20fe42e7a73261f00&scene=58&subscene=0#rd) +- 极客公园 + - [ ] [对 Deepseek 从赞叹到压制,硅谷为何一周内变脸](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653073065&idx=1&sn=a7e25c9de7abe6fdf8234a898f67c3ca&chksm=7e57d31f49205a09b4245af36dad8e7b2b6ae8ed98f621dae59d0665e632d55f834f35024074&scene=58&subscene=0#rd) + - [ ] [针对 DeepSeek 网络攻击暴增上百倍;苹果在华销售额下降 11%;《鱿鱼游戏》第三季公布 | 极客早知道](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653073064&idx=1&sn=56daa14e6f49dd3d526aa22a9ca2de8a&chksm=7e57d31e49205a089760b83fce00f837009c8dc1e6bcc9969dc9819cc32f9df30f57631463a7&scene=58&subscene=0#rd) +- M01N Team + - [ ] [AI风险分析 | 从Freysa转账案例看智能体应用的潜在风险](https://mp.weixin.qq.com/s?__biz=MzkyMTI0NjA3OA==&mid=2247494055&idx=1&sn=1a0b66065e3db8d26597a12328032d82&chksm=c18429b6f6f3a0a0f87c56e68eb79be4df5d7a78ecb73f1a39c54ea3e74374f0d2671ba3d073&scene=58&subscene=0#rd) +- 吴鲁加 + - [ ] [YC 的 AI 创业创意](https://mp.weixin.qq.com/s?__biz=Mzg5NDY4ODM1MA==&mid=2247485169&idx=1&sn=59224d6daf6f30591f7da17a13031fd7&chksm=c01a8bc0f76d02d648546ccc4303533b8e1ba5c3a69a2d84ba7809e30f397b269423fd3847f6&scene=58&subscene=0#rd) +- 360数字安全 + - [ ] [大年初三 | 福绕蛇年,万“巳”胜意](https://mp.weixin.qq.com/s?__biz=MzA4MTg0MDQ4Nw==&mid=2247579271&idx=1&sn=bfb185d569ae97db908675e7f2419714&chksm=9f8d268fa8faaf9939e8fef41d497b2f71db4645149724c942c4674b04c19548141fda1cbdd9&scene=58&subscene=0#rd) +- 迪哥讲事 + - [ ] [Deepseek是如何被黑掉的](https://mp.weixin.qq.com/s?__biz=MzIzMTIzNTM0MA==&mid=2247496994&idx=1&sn=d77c2e01b0dd8e2cb783fe7214e688c4&chksm=e8a5ff41dfd27657214d811c7635b0229bfd4e0dd9f949d59f1702d65efee83dd64fe76d58cb&scene=58&subscene=0#rd) +- Krypt3ia + - [ ] [Krypt3ia Daily Cyber Threat Intelligence (CTI) Digest](https://krypt3ia.wordpress.com/2025/01/31/krypt3ia-daily-cyber-threat-intelligence-cti-digest-7/) +- Hacking Exposed Computer Forensics Blog + - [ ] [Daily Blog #734: My favorite interview question](https://www.hecfblog.com/2025/01/daily-blog-734-my-favorite-interview.html) +- Securityinfo.it + - [ ] [DeepSeek: il top della tecnologia cinese dimentica di chiudere il database esposto](https://www.securityinfo.it/2025/01/31/deepseek-il-top-della-tecnologia-cinese-dimentica-di-chiudere-il-database-esposto/?utm_source=rss&utm_medium=rss&utm_campaign=deepseek-il-top-della-tecnologia-cinese-dimentica-di-chiudere-il-database-esposto) + - [ ] [Trovata una backdoor in due dispositivi cinesi per il monitoraggio dei pazienti](https://www.securityinfo.it/2025/01/31/trovata-una-backdoor-in-due-dispositivi-cinesi-per-il-monitoraggio-dei-pazienti/?utm_source=rss&utm_medium=rss&utm_campaign=trovata-una-backdoor-in-due-dispositivi-cinesi-per-il-monitoraggio-dei-pazienti) +- Over Security - Cybersecurity news aggregator + - [ ] [Former Polish justice minister arrested in sprawling spyware probe](https://therecord.media/poland-spyware-former-justice-minister-arrested) + - [ ] [Regional healthcare systems report data breaches affecting more than 1.5 million](https://therecord.media/connecticut-california-healthcare-networks-data-breaches) + - [ ] [WhatsApp accuses Paragon of targeting about 90 users with spyware](https://therecord.media/whatsapp-paragon-spyware-targeting-users) + - [ ] [FBI, Dutch Police Disrupt ‘Manipulaters’ Phishing Gang](https://krebsonsecurity.com/2025/01/fbi-dutch-police-disrupt-manipulaters-phishing-gang/) + - [ ] [Insurance firm Globe Life to warn 850,000 of potential data theft following extortion attempt](https://therecord.media/globe-life-updated-sec-filing-hackers-extortion-data-breach) + - [ ] [Cracked and Nulled Marketplaces Disrupted in International Cyber Operation](https://flashpoint.io/blog/cracked-and-nulled-marketplaces-disrupted-in-cyber-operation/) + - [ ] [DeepSeek: il top della tecnologia cinese dimentica di chiudere il database esposto](https://www.securityinfo.it/2025/01/31/deepseek-il-top-della-tecnologia-cinese-dimentica-di-chiudere-il-database-esposto/) + - [ ] [CISA employees told they are exempt from federal worker resignation program](https://therecord.media/cisa-employees-told-they-are-exempt-deferred-resignation) + - [ ] [Hackers use fake wedding invitations to spread Android malware in Southeast Asia](https://therecord.media/hackers-wedding-invitations-southeast-asia) + - [ ] [Microsoft improves text contrast for all Windows Chromium browsers](https://www.bleepingcomputer.com/news/microsoft/microsoft-improves-text-contrast-for-all-windows-chromium-browsers/) + - [ ] [Come DeepSeek ha riconfigurato la corsa all’intelligenza artificiale](https://www.guerredirete.it/come-deepseek-ha-riconfigurato-la-corsa-allintelligenza-artificiale/) + - [ ] [Italy blocks Chinese AI tool DeepSeek over privacy concerns](https://therecord.media/italy-blocks-chinese-ai-tool-deepseek-over-privacy-concerns) + - [ ] [FDA, CISA warn of backdoor in popular patient monitor used by US hospitals](https://therecord.media/contec-cms8000-firmware-backdoor-fda-cisa-warning) + - [ ] [Tata Technologies reports ransomware attack to Indian stock exchange](https://therecord.media/tata-ransomware-attack-report-incident) + - [ ] [DeepSeek a rischio blocco in Italia? Il Garante privacy chiede conto sul trattamento dei dati](https://www.cybersecurity360.it/news/deepseek-a-rischio-blocco-in-italia-il-garante-privacy-chiede-conto-sul-trattamento-dei-dati/) + - [ ] [Trovato un database di DeepSeek esposto online, senza protezioni: quali rischi](https://www.cybersecurity360.it/news/trovato-un-database-di-deepseek-esposto-online-senza-protezioni-quali-rischi/) + - [ ] [Attacchi cyber contro la Pa: come funziona la difesa del Polo Strategico Nazionale](https://www.cybersecurity360.it/cybersecurity-nazionale/polo-strategico-nazionale-a-difesa-cloud-pa/) + - [ ] [La nomina del DPO: competenze, indipendenza e incompatibilità](https://www.cybersecurity360.it/legal/privacy-dati-personali/la-nomina-del-dpo-competenze-indipendenza-e-incompatibilita/) + - [ ] [DeepSeek, ecco il lato oscuro dell’AI cinese](https://www.cybersecurity360.it/cultura-cyber/la-startup-cinese-deepseek-sfida-chatgpt-il-modello-ai-che-supera-le-restrizioni-usa/) + - [ ] [TorNet: la nuova backdoor che sfrutta la rete TOR per evadere le difese](https://www.cybersecurity360.it/news/tornet-la-nuova-backdoor-che-sfrutta-la-rete-tor-per-evadere-le-difese/) + - [ ] [Il Browser Syncjacking dirotta i nostri dispositivi sfruttando le estensioni di Chrome](https://www.cybersecurity360.it/news/il-browser-syncjacking-dirotta-i-nostri-dispositivi-sfruttando-le-estensioni-di-chrome/) + - [ ] [DeepSeek: i perché del blocco del Garante privacy e le sfide per l’UE](https://www.cybersecurity360.it/legal/blocco-deepseek-garante-privacy-le-sfide-ue/) + - [ ] [Indian tech giant Tata Technologies hit by ransomware attack](https://www.bleepingcomputer.com/news/security/indian-tech-giant-tata-technologies-hit-by-ransomware-attack/) + - [ ] [US healthcare provider data breach impacts 1 million patients](https://www.bleepingcomputer.com/news/security/us-healthcare-provider-data-breach-impacts-1-million-patients/) + - [ ] [Globe Life data breach may impact an additional 850,000 clients](https://www.bleepingcomputer.com/news/security/globe-life-data-breach-may-impact-an-additional-850-000-clients/) + - [ ] [WhatsApp says it disrupted a hacking campaign targeting journalists with Paragon spyware](https://techcrunch.com/2025/01/31/whatsapp-says-it-disrupted-a-hacking-campaign-targeting-journalists-with-spyware/) + - [ ] [Pakistan-based cybercrime network dismantled by US, Dutch authorities](https://therecord.media/pakistan-cybercrime-busted-dutch-doj) + - [ ] [Mizuno USA says hackers stayed in its network for two months](https://www.bleepingcomputer.com/news/security/mizuno-usa-says-hackers-stayed-in-its-network-for-two-months/) + - [ ] [The TechCrunch Cyber Glossary](https://techcrunch.com/2025/01/31/techcrunch-reference-guide-to-security-terminology/) + - [ ] [Sintesi riepilogativa delle campagne malevole nella settimana del 25 – 31 gennaio](https://cert-agid.gov.it/news/sintesi-riepilogativa-delle-campagne-malevole-nella-settimana-del-25-31-gennaio/) + - [ ] [Vulnerabilità Subaru: il vero problema sono le politiche di gestione dei dati](https://www.securityinfo.it/2025/01/30/vulnerabilita-subaru-il-vero-problema-sono-le-politiche-di-gestione-dei-dati/) + - [ ] [Norway seizes ship suspected of sabotage, says crew are Russian nationals](https://therecord.media/norway-seizes-ship-suspected-sabotage) + - [ ] [Police dismantles HeartSender cybercrime marketplace network](https://www.bleepingcomputer.com/news/security/police-dismantles-heartsender-cybercrime-marketplace-network/) + - [ ] [Exclusive: Heart Centre Cyberattack in Australia, DragonForce Claims Responsibility for Sensitive Data Theft](https://www.suspectfile.com/exclusive-heart-centre-cyberattack-in-australia-dragonforce-claims-responsibility-for-sensitive-data-theft/) + - [ ] [Trovata una backdoor in due dispositivi cinesi per il monitoraggio dei pazienti](https://www.securityinfo.it/2025/01/31/trovata-una-backdoor-in-due-dispositivi-cinesi-per-il-monitoraggio-dei-pazienti/) + - [ ] [One policy to rule them all](https://securelist.com/group-policies-in-cyberattacks/115331/) + - [ ] [Cyble’s Weekly Vulnerability Update: Critical SonicWall Zero-Day and Exploited Flaws Discovered](https://cyble.com/blog/cybles-weekly-vulnerability-update-critical/) + - [ ] [Dark Web Activity January 2025: A New Hacktivist Group Emerges](https://cyble.com/blog/dark-web-activity-new-hacktivist-group-emerges/) + - [ ] [KuCoin to pay nearly $300 million in penalties after guilty plea](https://www.bleepingcomputer.com/news/cryptocurrency/kucoin-to-pay-nearly-300-million-in-penalties-after-guilty-plea/) +- SANS Internet Storm Center, InfoCON: green + - [ ] [To Simulate or Replicate: Crafting Cyber Ranges, (Fri, Jan 31st)](https://isc.sans.edu/diary/rss/31642) + - [ ] [ISC Stormcast For Friday, January 31st, 2025 https://isc.sans.edu/podcastdetail/9304, (Fri, Jan 31st)](https://isc.sans.edu/diary/rss/31640) +- Posts By SpecterOps Team Members - Medium + - [ ] [SlackPirate Set Sails Again! Or: How to Send the Entire “Bee Movie” Script to Your Friends in Slack](https://posts.specterops.io/slackpirate-set-sails-again-or-how-to-send-the-entire-bee-movie-script-to-your-friends-in-slack-d9c691ae33f5?source=rss----f05f8696e3cc---4) +- Instapaper: Unread + - [ ] [DeepSeek, serve cautela ci sono pericoli per la sicurezza](https://www.cybersecurity360.it/news/deepseek-usarlo-con-cautela-ci-sono-pericoli-per-la-sicurezza/) + - [ ] [Backdoor found in two healthcare patient monitors, linked to IP in China](https://www.bleepingcomputer.com/news/security/backdoor-found-in-two-healthcare-patient-monitors-linked-to-ip-in-china/) +- Trend Micro Research, News and Perspectives + - [ ] [Future of Cybersecurity: Will XDR Absorb SIEM & SOAR?](https://www.trendmicro.com/en_us/research/25/a/xdr-siem-soar.html) +- Deeplinks + - [ ] [Copyright is a Civil Liberties Nightmare](https://www.eff.org/deeplinks/2025/01/copyright-civil-liberties-nightmare) +- Schneier on Security + - [ ] [Friday Squid Blogging: On Squid Brains](https://www.schneier.com/blog/archives/2025/01/friday-squid-blogging-on-squid-brains-2.html) +- Computer Forensics + - [ ] [Baloney Detection Kit](https://www.reddit.com/r/computerforensics/comments/1iegsc1/baloney_detection_kit/) + - [ ] [Is this normal with iphone digital forensics?](https://www.reddit.com/r/computerforensics/comments/1iegbx6/is_this_normal_with_iphone_digital_forensics/) + - [ ] [Audi transcription](https://www.reddit.com/r/computerforensics/comments/1ief751/audi_transcription/) +- Blackhat Library: Hacking techniques and research + - [ ] [New Business Opportunity](https://www.reddit.com/r/blackhat/comments/1iek6i3/new_business_opportunity/) +- Krebs on Security + - [ ] [FBI, Dutch Police Disrupt ‘Manipulaters’ Phishing Gang](https://krebsonsecurity.com/2025/01/fbi-dutch-police-disrupt-manipulaters-phishing-gang/) +- Deep Web + - [ ] [Anyone who can provide invitational links?](https://www.reddit.com/r/deepweb/comments/1iepero/anyone_who_can_provide_invitational_links/) + - [ ] [Is there a reliable list of links?](https://www.reddit.com/r/deepweb/comments/1iebzm9/is_there_a_reliable_list_of_links/) +- Your Open Hacker Community + - [ ] [Is Hacking: The Art of Exploitation still a good book for beginners in 2025?](https://www.reddit.com/r/HowToHack/comments/1ieayzm/is_hacking_the_art_of_exploitation_still_a_good/) + - [ ] [I’m stuck in my hacking learning](https://www.reddit.com/r/HowToHack/comments/1iefdhx/im_stuck_in_my_hacking_learning/) + - [ ] [Cybersecurity Roadmap After Learning Networking, Linux & Python? Need Guidance!](https://www.reddit.com/r/HowToHack/comments/1iemc6e/cybersecurity_roadmap_after_learning_networking/) + - [ ] [How to have a career in cyber security and ethical hacking?](https://www.reddit.com/r/HowToHack/comments/1iek4vz/how_to_have_a_career_in_cyber_security_and/) + - [ ] [Javascript: trying to grab a class from runtime script](https://www.reddit.com/r/HowToHack/comments/1ierdsb/javascript_trying_to_grab_a_class_from_runtime/) + - [ ] [Using embedded RTTI to reverse engineer classes.](https://www.reddit.com/r/HowToHack/comments/1ief4dz/using_embedded_rtti_to_reverse_engineer_classes/) + - [ ] [Can anyone help me find this guy he got in my mates pc and then provided a email or something](https://www.reddit.com/r/HowToHack/comments/1ieouov/can_anyone_help_me_find_this_guy_he_got_in_my/) + - [ ] [Phone hacked](https://www.reddit.com/r/HowToHack/comments/1iembsn/phone_hacked/) + - [ ] [Can we catch someone using VPN or TOR for hoax calls?](https://www.reddit.com/r/HowToHack/comments/1ie9efv/can_we_catch_someone_using_vpn_or_tor_for_hoax/) + - [ ] [I need a friend fr](https://www.reddit.com/r/HowToHack/comments/1ies4at/i_need_a_friend_fr/) + - [ ] [Can someone send me a phishing link and then say my password etc.](https://www.reddit.com/r/HowToHack/comments/1ieriwo/can_someone_send_me_a_phishing_link_and_then_say/) + - [ ] [hi if anyone is available I need a little help](https://www.reddit.com/r/HowToHack/comments/1iesp85/hi_if_anyone_is_available_i_need_a_little_help/) + - [ ] [What's I need to learn?](https://www.reddit.com/r/HowToHack/comments/1ie6pza/whats_i_need_to_learn/) + - [ ] [Trying to find a way to expose a racist, can you help?](https://www.reddit.com/r/HowToHack/comments/1iep6ol/trying_to_find_a_way_to_expose_a_racist_can_you/) + - [ ] [Phishing links](https://www.reddit.com/r/HowToHack/comments/1ie49f5/phishing_links/) + - [ ] [Android Rat](https://www.reddit.com/r/HowToHack/comments/1iejeu5/android_rat/) + - [ ] [Has anyone “created” their own WHID Cactus?](https://www.reddit.com/r/HowToHack/comments/1ie23b8/has_anyone_created_their_own_whid_cactus/) + - [ ] [Hello guys, I wanted to ddos attack on my college website, how can I do?](https://www.reddit.com/r/HowToHack/comments/1ieiva8/hello_guys_i_wanted_to_ddos_attack_on_my_college/) + - [ ] [Best way to get started in ethical hacking and pentesting?](https://www.reddit.com/r/HowToHack/comments/1iedc7i/best_way_to_get_started_in_ethical_hacking_and/) +- netsecstudents: Subreddit for students studying Network Security and its related subjects + - [ ] [🔥 Evolution of Wi-Fi Security: From WEP to WPA3 🔥](https://www.reddit.com/r/netsecstudents/comments/1ie274v/evolution_of_wifi_security_from_wep_to_wpa3/) +- The Register - Security + - [ ] [The Big Short on Cybersecurity](https://go.theregister.com/feed/www.theregister.com/2025/01/31/the_big_short_on_cybersecurity/) + - [ ] [Another banner year for ransomware gangs despite takedowns by the cops](https://go.theregister.com/feed/www.theregister.com/2025/01/31/banner_year_for_ransomware_gangs/) + - [ ] [Google to Iran: Yes, we see you using Gemini for phishing and scripting. We're onto you](https://go.theregister.com/feed/www.theregister.com/2025/01/31/state_spies_google_gemini/) +- Palo Alto Networks Blog + - [ ] [DeepSeek’s Rise Shows AI Security Remains a Moving Target](https://www.paloaltonetworks.com/blog/2025/01/deepseek-rise-shows-ai-security-remains-moving-target/) +- Social Engineering + - [ ] [How We Used Psychology To Increase Positive Reviews](https://www.reddit.com/r/SocialEngineering/comments/1iecatk/how_we_used_psychology_to_increase_positive/) +- Information Security + - [ ] [3 Cyber Attacks in January 2025](https://www.reddit.com/r/Information_Security/comments/1ieeo5l/3_cyber_attacks_in_january_2025/) +- The Hacker News + - [ ] [CISA and FDA Warn of Critical Backdoor in Contec CMS8000 Patient Monitors](https://thehackernews.com/2025/01/cisa-and-fda-warn-of-critical-backdoor.html) + - [ ] [Top 5 AI-Powered Social Engineering Attacks](https://thehackernews.com/2025/01/top-5-ai-powered-social-engineering.html) + - [ ] [Italy Bans Chinese DeepSeek AI Over Data Privacy and Ethical Concerns](https://thehackernews.com/2025/01/italy-bans-chinese-deepseek-ai-over.html) + - [ ] [Google Bans 158,000 Malicious Android App Developer Accounts in 2024](https://thehackernews.com/2025/01/google-bans-158000-malicious-android.html) + - [ ] [Broadcom Patches VMware Aria Flaws – Exploits May Lead to Credential Theft](https://thehackernews.com/2025/01/broadcom-patches-vmware-aria-flaws.html) +- TorrentFreak + - [ ] [Pirate Libraries Are Forbidden Fruit for AI Companies. But at What Cost?](https://torrentfreak.com/pirate-libraries-are-forbidden-fruit-for-ai-companies-but-at-what-cost-250131/) + - [ ] [Court Rejects Musi’s Bid to Force Apple to Reinstate its Music App](https://torrentfreak.com/court-rejects-musis-bid-to-force-apple-to-reinstate-its-music-app-250131/) +- Security Affairs + - [ ] [Community Health Center data breach impacted over 1 million patients](https://securityaffairs.com/173687/data-breach/community-health-center-data-breach.html) + - [ ] [Italy’s data protection authority Garante blocked the DeepSeek AI platform](https://securityaffairs.com/173680/security/italys-data-protection-authority-garante-blocked-deepseek.html) + - [ ] [Broadcom fixed information disclosure flaws in VMware Aria Operations](https://securityaffairs.com/173677/security/vmware-aria-operations-flaws.html) +- Technical Information Security Content & Discussion + - [ ] [SlackPirate Set Sails Again! Or: How to Send the Entire “Bee Movie” Script to Your Friends in Slack](https://www.reddit.com/r/netsec/comments/1iejrzh/slackpirate_set_sails_again_or_how_to_send_the/) + - [ ] [Cisco Webex Connect - Unauthenticated access to all chats](https://www.reddit.com/r/netsec/comments/1iebyye/cisco_webex_connect_unauthenticated_access_to_all/) + - [ ] [RCE (LAN) in Marvel Rivals](https://www.reddit.com/r/netsec/comments/1iecdx2/rce_lan_in_marvel_rivals/) + - [ ] [CRLF injection via TryAddWithoutValidation in .NET](https://www.reddit.com/r/netsec/comments/1iean5l/crlf_injection_via_tryaddwithoutvalidation_in_net/) +- 网安寻路人 + - [ ] [欧盟《网络复原力法》全文翻译](https://mp.weixin.qq.com/s?__biz=MzIxODM0NDU4MQ==&mid=2247506421&idx=1&sn=f3b2c847cf7748ef86bc68daa496de01&chksm=97e9641fa09eed095158a4f84b80d0b52ad9fe6ab463c8869e956608d218c6715d95e0a3ce92&scene=58&subscene=0#rd) +- Security Weekly Podcast Network (Audio) + - [ ] [.ASS, Deepseek, AI Time Travel, Google, HeartBlocker, TikTok, Aaran Leyland, and More - SWN #447](http://sites.libsyn.com/18678/ass-deepseek-ai-time-travel-google-heartblocker-tiktok-aaran-leyland-and-more-swn-447) diff --git a/archive/tmp/2025-02-01.json b/archive/tmp/2025-02-01.json new file mode 100644 index 0000000000..a9531297f3 --- /dev/null +++ b/archive/tmp/2025-02-01.json @@ -0,0 +1,396 @@ +{ + "Recent Commits to cve:main": { + "Update Fri Jan 31 20:21:24 UTC 2025": "https://github.com/trickest/cve/commit/80a2dc60ca64c34a5211d8cf4b786686cc537efd", + "Update Fri Jan 31 12:25:11 UTC 2025": "https://github.com/trickest/cve/commit/add66039334dc9d7f2519acac27d7db61f9a2fe2", + "Update Fri Jan 31 04:24:16 UTC 2025": "https://github.com/trickest/cve/commit/a7d947e6c2b962b8d95547864478207be1c85ffd" + }, + "SecWiki News": { + "SecWiki News 2025-01-31 Review": "http://www.sec-wiki.com/?2025-01-31" + }, + "Trustwave Blog": { + "Accelerate Your Journey with the Microsoft End Customer Investment Funds (ECIF) Program": "https://www.trustwave.com/en-us/resources/blogs/trustwave-blog/accelerate-your-journey-with-the-microsoft-end-customer-investment-funds-ecif-program/" + }, + "Security Boulevard": { + "The Transformative Role of AI in Cybersecurity": "https://securityboulevard.com/2025/01/the-transformative-role-of-ai-in-cybersecurity/", + "DEF CON 32 – An Adversarial Approach To Airline Revenue Management Proving Ground": "https://securityboulevard.com/2025/01/def-con-32-an-adversarial-approach-to-airline-revenue-management-proving-ground/", + "Julianna Lamb on Choosing Authentication Platforms Over DIY": "https://securityboulevard.com/2025/01/julianna-lamb-on-choosing-authentication-platforms-over-diy/", + "Eric Brüggemann on Code Intelligence Launching Spark": "https://securityboulevard.com/2025/01/eric-bruggemann-on-code-intelligence-launching-spark/", + "Creating realistic, secure test data for Databricks": "https://securityboulevard.com/2025/01/creating-realistic-secure-test-data-for-databricks/", + "Ransomware Scum — Out For Blood: NYBCe is Latest Victim": "https://securityboulevard.com/2025/01/nybc-blood-ransomware-richixbw/", + "Zimperium’s Protection Against Tria Stealer’s SMS Data Theft": "https://securityboulevard.com/2025/01/zimperiums-protection-against-tria-stealers-sms-data-theft/", + "DEF CON 32 – Famous and Not So Famous Unsolved Codes": "https://securityboulevard.com/2025/01/def-con-32-famous-and-not-so-famous-unsolved-codes/", + "SlackPirate Set Sails Again! Or: How to Send the Entire “Bee Movie” Script to Your Friends in Slack": "https://securityboulevard.com/2025/01/slackpirate-set-sails-again-or-how-to-send-the-entire-bee-movie-script-to-your-friends-in-slack/", + "Analyzing DeepSeek’s System Prompt: Jailbreaking Generative AI": "https://securityboulevard.com/2025/01/analyzing-deepseeks-system-prompt-jailbreaking-generative-ai/" + }, + "ElcomSoft blog": { + "The Evolution of iOS Passcode Security": "https://blog.elcomsoft.com/2025/01/the-evolution-of-ios-passcode-security/" + }, + "Sucuri Blog": { + "Vulnerability & Patch Roundup — January 2025": "https://blog.sucuri.net/2025/01/vulnerability-patch-roundup-january-2025.html" + }, + "Doonsec's feed": { + "秦安:这是中国股市成立以来,最值得乐观的春节前最后一个交易日": "https://mp.weixin.qq.com/s?__biz=MzA5MDg1MDUyMA==&mid=2650476426&idx=1&sn=50f4e5bfae2cddbed3033316cd279398", + "秦安:这么多利好,股市为何还跌?看清“五个事关”,踏实过好年": "https://mp.weixin.qq.com/s?__biz=MzA5MDg1MDUyMA==&mid=2650476426&idx=2&sn=a4c95c840c04ceeaca228ced725ace44", + "秦安:感恩冰天雪地慰问,发红包回馈员工,警惕倒行逆施制造事端": "https://mp.weixin.qq.com/s?__biz=MzA5MDg1MDUyMA==&mid=2650476426&idx=3&sn=a812a2b943cdec6f328ebfa5bffe5fe2", + "牟林:特朗普夺取格陵兰岛的可能性有多大?": "https://mp.weixin.qq.com/s?__biz=MzA5MDg1MDUyMA==&mid=2650476426&idx=4&sn=e7892f7b8a98ef98eb2a0c2193de7450", + "牟林:特朗普到底是要美国伟大还是自己伟大?": "https://mp.weixin.qq.com/s?__biz=MzA5MDg1MDUyMA==&mid=2650476426&idx=5&sn=9429ab8ea944af973f22f0c683becd06", + "放开双手 !SQL注入Fuzzing字典 (270个)": "https://mp.weixin.qq.com/s?__biz=MzU2MTc4NTEyNw==&mid=2247486455&idx=1&sn=a774a64f04eac6941ef46359daa39ac2", + "VLAN划分的三种方法,网络工程师收藏!": "https://mp.weixin.qq.com/s?__biz=MzUyNTExOTY1Nw==&mid=2247528053&idx=1&sn=6c0a07662b4584eb394bb215e6a13f2e", + "DeepSeek:AI时代的新探索者,开启智能革命的新篇章": "https://mp.weixin.qq.com/s?__biz=Mzk2NDE5MDgxOQ==&mid=2247484823&idx=1&sn=368f5bbf4e0a91a06214f934a1a4f054", + "【AI】DeepSeek 概念/影响/使用/部署": "https://mp.weixin.qq.com/s?__biz=MzUyNTUyNTA5OQ==&mid=2247484873&idx=1&sn=b8520d6aae393acbc9010a4553c5b460", + "2025年最新推荐的5款堡垒机,打造安全网络防线,秒收藏!": "https://mp.weixin.qq.com/s?__biz=MzIyMzIwNzAxMQ==&mid=2649464771&idx=1&sn=56ced5ebaeea813e0f0bd666f3499426", + "1.8s修复+反制,希望我的那些甲方和运维好好学一学": "https://mp.weixin.qq.com/s?__biz=MzkyNTQ0OTYxOQ==&mid=2247483993&idx=1&sn=e4c7eb082905f0e214c28eeaba4624ea", + "Deepseek是如何被黑掉的": "https://mp.weixin.qq.com/s?__biz=MzIzMTIzNTM0MA==&mid=2247496994&idx=1&sn=d77c2e01b0dd8e2cb783fe7214e688c4", + "世界需要一个能谋善断的AI(四)共生法则:当“谋士”遇见“统帅”": "https://mp.weixin.qq.com/s?__biz=MzAxOTk3NTg5OQ==&mid=2247492290&idx=1&sn=4537403e0c9e2e62764f5869e078451a", + "【原创】Ubuntu Server 18.04上,使用一张4060Ti显卡本地部署DeepSeek V3大模型训练": "https://mp.weixin.qq.com/s?__biz=Mzg2MjYxODQ4Mw==&mid=2247484986&idx=1&sn=b99ed54ac81f3de4bd9b0b75d6692e4d", + "分享的图片、视频、链接": "https://mp.weixin.qq.com/s?__biz=Mzk2NDIwNzE5Ng==&mid=2247487394&idx=1&sn=8bfce153c1344cd33503da56dc6c7fd0", + "DeepSeek-V2:一个强大、经济和高效的专家混合语言模型": "https://mp.weixin.qq.com/s?__biz=MjM5OTk4MDE2MA==&mid=2655264904&idx=1&sn=b57987cc358dc5471b3c849b27669270", + "《零零六》应急神器:月落中间件日志分析工具,全中间件日志均可分享,百万行日志如同切菜": "https://mp.weixin.qq.com/s?__biz=Mzg4NDk4MTk5OA==&mid=2247485532&idx=1&sn=b8f7ae238b162c298e29f192d577ab87", + "警惕|售前入狱指南:从面向监狱编程到面向监狱投标": "https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485484&idx=1&sn=4c7b3d7e39d2150ff68c604547f17ab9", + "北七家-未来科学城,3居变4居豪装,理想楼层/户型/朝向": "https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485484&idx=2&sn=6e24ad74f8b9aa1cfc7cdb80e8c4af32", + "【干货】笑傲职场的独家经验(1)": "https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485484&idx=3&sn=176e2b4dabd62cf6133ccd18cebc238a", + "【干货原创】实网攻防演习常态化,会带来什么变化01": "https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485484&idx=4&sn=83a9db7a7edfea3c082777c7e1e385b3", + "【干货原创】K12教育,鲜为人知的模式秘密": "https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485484&idx=5&sn=f7e9bbdfdb9b130753e700ceb13a0e9c", + "原创文章目录": "https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485484&idx=6&sn=ba36a6cc5cac726e99a8383b23b04fbe", + "Dark101勒索病毒实战分析": "https://mp.weixin.qq.com/s?__biz=MzA4ODEyODA3MQ==&mid=2247490247&idx=1&sn=1fa03f99607f5e0c716d503466fdb9d6", + "破解大脑防火墙:黑客式自控力提升指南(春节特别版)": "https://mp.weixin.qq.com/s?__biz=MzU0NDc0NTY3OQ==&mid=2247488425&idx=1&sn=5f38984f963693eee431f1edacbc928e", + "Ollama+DeepSeek+AnythingLLM搭建个人AI知识库": "https://mp.weixin.qq.com/s?__biz=Mzg2ODc0Mjc0Mw==&mid=2247484177&idx=1&sn=6e2fc13cf7e00b48395558c104b0773d", + "告别命令行!DeepSeek本地运行可视化指南:从安装到交互界面实战": "https://mp.weixin.qq.com/s?__biz=MzU3Mjk2NDU2Nw==&mid=2247492552&idx=1&sn=402d5fb57f89d62a333008877fafe951", + "三个小技巧(二)": "https://mp.weixin.qq.com/s?__biz=MjM5NDcxMDQzNA==&mid=2247489395&idx=1&sn=befd90cc96a0a37eb3aff5412bf52dde", + "安全圈瓜田理下集合【2025/1/31】": "https://mp.weixin.qq.com/s?__biz=MzAxNzg3NzMyNQ==&mid=2247489534&idx=1&sn=17b382547ab13aa20e5bb705d28c4e5d", + "web应急之各中间件日志保存位置": "https://mp.weixin.qq.com/s?__biz=MzU4NTg4MzIzNA==&mid=2247484358&idx=1&sn=d537fdb218cc12823147e284dbb35d76", + "网络安全入门必知的攻击方法": "https://mp.weixin.qq.com/s?__biz=MzI3NzM5NDA0NA==&mid=2247490339&idx=1&sn=8d98eac3f1e2cf716da9844f415f3d39", + "仅80元,用ESP32 开发板 DIY一个AI大模型瓦力机器人,可接入DeepSeek、OpenAI": "https://mp.weixin.qq.com/s?__biz=MjM5OTA4MzA0MA==&mid=2454936748&idx=1&sn=910a43dcda1073b8061c817da504189c", + "【谨防诈骗】DeepSeek 的大流量引发的假冒诈骗": "https://mp.weixin.qq.com/s?__biz=Mzk0NDU1NTA5MA==&mid=2247484408&idx=1&sn=7381fe4211cc20dbd84a27f5a2207a62", + "大年初三 | 新春万福 聚财纳福!": "https://mp.weixin.qq.com/s?__biz=MzkzMjE5MTY5NQ==&mid=2247503442&idx=1&sn=af8273c40dcc9f97ebf68761a3d37a9a", + "(吃瓜)神人TV之网安姜萍——CTF圈PY之神,民办“清华”哥": "https://mp.weixin.qq.com/s?__biz=MzkzNjczNzEyMw==&mid=2247484186&idx=1&sn=dcd2d7bab9054490e1826758361cc7aa", + "如何快速的在本地搭建 deepseek (小白一学就会)": "https://mp.weixin.qq.com/s?__biz=Mzg4NzgzMjUzOA==&mid=2247485474&idx=1&sn=954535d81510437ec8f706144bc91b74", + "AI风险分析 | 从Freysa转账案例看智能体应用的潜在风险": "https://mp.weixin.qq.com/s?__biz=MzkyMTI0NjA3OA==&mid=2247494055&idx=1&sn=1a0b66065e3db8d26597a12328032d82", + "在汽车行业实现卓越的网络安全和合规性 - 一个真实的案例研究": "https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247620273&idx=1&sn=89354977edba60af567bd946514124cd", + "推进汽车网络安全:弥合鸿沟,拥抱机遇": "https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247620273&idx=2&sn=8020625a5bfbe49f838a4783b82b9587", + "掌握模糊测试-如何在法规遵从中克服网络安全挑战": "https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247620273&idx=3&sn=81d8a8e66ef322e532fdb9b8d7b1021a", + "每周高级威胁情报解读(2025.01.24~01.31)": "https://mp.weixin.qq.com/s?__biz=MzI2MDc2MDA4OA==&mid=2247513888&idx=1&sn=2a5b30e99a3f23b7dbe60666c3d81cca", + "攻击再次升级,DeepSeek被网络攻击的真凶?": "https://mp.weixin.qq.com/s?__biz=Mzg2NDYwMDA1NA==&mid=2247543659&idx=1&sn=156fe9160529ef9165dd4a443b781c7c", + "Deepseek核心成员学历及薪资,最高110K": "https://mp.weixin.qq.com/s?__biz=Mzg2NDYwMDA1NA==&mid=2247543659&idx=2&sn=f80909372d13c0dba56d7282eb1ef9bf", + "【实操】美国客机与黑鹰直升机相撞的视频、音频、轨迹回放及遇难机组和乘客": "https://mp.weixin.qq.com/s?__biz=MzI2MTE0NTE3Mw==&mid=2651148793&idx=1&sn=03180450dc0a7ac7bb10d75ce4ca6d3c", + "水洞扫描工具 -- PenSafe": "https://mp.weixin.qq.com/s?__biz=MzkxMzMyNzMyMA==&mid=2247570692&idx=1&sn=ef1d45f4f6f3b1eb949acb33510daaa9", + "高级 DNS 攻击:投毒与利用": "https://mp.weixin.qq.com/s?__biz=MzAxMjYyMzkwOA==&mid=2247527421&idx=1&sn=96068eceb823d6761b0f08fc7dd9ae35", + "破解 Active Directory — CrackMapExec 传递哈希值:探索 AD 攻击技术": "https://mp.weixin.qq.com/s?__biz=MzAxMjYyMzkwOA==&mid=2247527421&idx=2&sn=100eff74c2040603d8c90616e868cb7d", + "DeepSeek暴露出的典型网络安全问题": "https://mp.weixin.qq.com/s?__biz=MzA4MzMzOTQ4Mw==&mid=2453672535&idx=1&sn=ad93fe6c0a53d44203ada57225a5b660", + "DeepSeek黑科技:当AI化身网络世界的\\\"超级保镖\\\",黑客慌了!": "https://mp.weixin.qq.com/s?__biz=MzIyODU4MzcyMQ==&mid=2247485427&idx=1&sn=292e05b010cda839b87aa17699b84f1e", + "DeepSeek的强大,一句话让AI帮我写了个程序-流量安全分析研判工具": "https://mp.weixin.qq.com/s?__biz=Mzg2NTk4MTE1MQ==&mid=2247486497&idx=1&sn=5ec5098395786fd3ea02d05786a5558d", + "仿生人deepseek会梦见电子cnvd吗": "https://mp.weixin.qq.com/s?__biz=MzIxOTQ1OTY4OQ==&mid=2247486313&idx=1&sn=d6bb43d09876844acfba07a896c6ee15", + "从deepseek看ddos攻击": "https://mp.weixin.qq.com/s?__biz=MzkxNTY4NTQwMg==&mid=2247484298&idx=1&sn=2a90ffda25b5a3c5142512fb51d9ad86", + "这真是大沙笔": "https://mp.weixin.qq.com/s?__biz=MzkzMjQ0MTk1OQ==&mid=2247484076&idx=1&sn=0c9c05e859a43886a8c34b7cd5667f73", + "伪造cookie进入后台": "https://mp.weixin.qq.com/s?__biz=MzkxNzY2MjU2Mg==&mid=2247483807&idx=1&sn=9a1c99c32c84640da7f966692a981b71", + "旧知新话说“标识”之生意篇:基于标识的智能仓储保障年货供应": "https://mp.weixin.qq.com/s?__biz=MzU1OTUxNTI1NA==&mid=2247592383&idx=1&sn=46b4e9e8667a84be60382140e6d8e931", + "州弟的靶场练习 - HEYBBS 2.1 审计": "https://mp.weixin.qq.com/s?__biz=Mzg4MTkwMTI5Mw==&mid=2247488820&idx=1&sn=d24fff0083c62bbb08de7522ddcfb191", + "哥斯拉二开从0到1-2(免杀)": "https://mp.weixin.qq.com/s?__biz=MzAxNzkyOTgxMw==&mid=2247493840&idx=1&sn=3482149c0823f566085f61a99735ad9e", + "deepseek本地部署+web图形化页面配置+对比其他ai模型": "https://mp.weixin.qq.com/s?__biz=Mzk1NzE0ODk3Nw==&mid=2247491155&idx=1&sn=c4f6531eef133548b6676af5a9a5c1bf", + "夜鹰(NightHawk)C2工具-泄露部分": "https://mp.weixin.qq.com/s?__biz=MzkwOTE5MDY5NA==&mid=2247504834&idx=1&sn=9111b67c602d807277dacf1aa967d974", + "2025年1月 一批网络安全相关新规开始施行!": "https://mp.weixin.qq.com/s?__biz=MzIxNDIzNTcxMg==&mid=2247506760&idx=1&sn=19e9444d7721854b8c39f29f151fa0f9", + "收藏 | dotNet安全矩阵 2024 年度逆向调试分析阶段文章和工具汇总": "https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498584&idx=1&sn=d85935a8bccaf28b5e5203c9cd937ea9", + ".NET 内网攻防实战电子报刊": "https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498584&idx=2&sn=3d15023570e640313e68870e0ee24904", + "收藏 | dotNet安全矩阵 2024 年度外网入口打点阶段文章和工具汇总": "https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498584&idx=3&sn=8e71ffa26350c09847ab769b9dbedcc2", + "收藏 | dotNet安全矩阵 2024 年度目标权限维持阶段文章和工具汇总": "https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498584&idx=4&sn=d14acdfea6504a47d1e46e7c8f38cf54", + "Linux基础命令(二)": "https://mp.weixin.qq.com/s?__biz=Mzk1Nzc0MzY3NA==&mid=2247483753&idx=1&sn=49384ed01ecedc2565a44a132b272d09", + "滥用多播投毒实现预认证 Kerberos 中继": "https://mp.weixin.qq.com/s?__biz=MzAxODM5ODQzNQ==&mid=2247486893&idx=1&sn=2c0a70c6f644cacbabbec21d304946a6", + "DeepSeek爆火快来搭建私有ChatGPT_deepseek成为你私有化": "https://mp.weixin.qq.com/s?__biz=MzI2OTk4MTA3Ng==&mid=2247496962&idx=1&sn=ad190b15e766558d2b057e80e5eb864d", + "手把手教大家学习DeepSeek新手必看!全功能详解与实操指南,带你逆袭成AI大神": "https://mp.weixin.qq.com/s?__biz=MzI2OTk4MTA3Ng==&mid=2247496962&idx=2&sn=464bca3a03a1e209a0aff4cedb8341ad", + "年已过半,该收拾收拾,准备打工去了......": "https://mp.weixin.qq.com/s?__biz=MzUzNjkxODE5MA==&mid=2247488209&idx=1&sn=24d45d27215ad6616e7ad11724e25609", + "这个世界这么抽象的嘛": "https://mp.weixin.qq.com/s?__biz=Mzk0MzY3MDE5Mg==&mid=2247484024&idx=1&sn=164631b9aaa65c09dca95bc893f744ee", + "我毕生玩抽象,也玩不过这些真正的大沙币": "https://mp.weixin.qq.com/s?__biz=MzkyOTQzNjIwNw==&mid=2247491645&idx=1&sn=8b35f7286af6ab00b755190330bb4c79", + "【2025春节】解题领红包活动排行榜(初三 1/31)": "https://mp.weixin.qq.com/s?__biz=MjM5Mjc3MDM2Mw==&mid=2651141663&idx=1&sn=63c355a201f947c905a68b07647ab32a", + "惊天一撞,华盛顿客机与直升机空难背后的真相!": "https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650559372&idx=1&sn=0410ce8851f28ddbc609457ae73483de", + "美国为何对 DeepSeek 如此“上心”?一场科技博弈的真相": "https://mp.weixin.qq.com/s?__biz=MzkwNzM0NzA5MA==&mid=2247505068&idx=1&sn=4bf2334b280b144d562ac07095958acd", + "俄罗斯APT威胁英国及其盟友,英政府高官发出警告": "https://mp.weixin.qq.com/s?__biz=Mzg3OTYxODQxNg==&mid=2247485659&idx=1&sn=9a1f88742398761691e3da98dddfddcb", + "2024 年渗透测试路线图:从初学者到受聘的 8 个步骤": "https://mp.weixin.qq.com/s?__biz=Mzg4NzgyODEzNQ==&mid=2247488640&idx=1&sn=6823a2045bf297fd8f81e176be33a15f", + "WVP-GB28181摄像头管理平台user信息泄露漏洞": "https://mp.weixin.qq.com/s?__biz=MzkyOTg3ODc5OA==&mid=2247484326&idx=1&sn=ec20d154a16e5fff47cb40da8080cff7", + "这才是DeepSeek的正确使用方式!你还在用GPT那套就废了,春节前最后预警": "https://mp.weixin.qq.com/s?__biz=MzkxNjMwNDUxNg==&mid=2247487250&idx=1&sn=8515efa2ae03b73faf0154fcac23f1ac", + "如何找到更多漏洞赏金的子域?深入了解 Recon": "https://mp.weixin.qq.com/s?__biz=MzkwOTE5MDY5NA==&mid=2247504783&idx=1&sn=0b286a996a793e420114b78a4ab28260", + "太专业了 | 看完直呼学到了": "https://mp.weixin.qq.com/s?__biz=Mzk0NzQxNzY2OQ==&mid=2247488121&idx=1&sn=5b995263cc37edcb4b5b49b0c9e04fbd", + "三大暗网论坛被FBI查封:Nulled.to、Cracked.to、Sellix.io": "https://mp.weixin.qq.com/s?__biz=MzkzNDIzNDUxOQ==&mid=2247494660&idx=1&sn=78a7e764b99312cacb05bbc152126f47", + "Claude的CEO表示:AI可能改变一切,AI监管迫在眉睫": "https://mp.weixin.qq.com/s?__biz=MzkzNDIzNDUxOQ==&mid=2247494660&idx=2&sn=1fec4b47ea7ed7cf1ffa7a383a2c1720", + "[0131] 一周重点威胁情报|天际友盟情报站": "https://mp.weixin.qq.com/s?__biz=MzIwNjQ4OTU3NA==&mid=2247510031&idx=1&sn=96238f2c438e027f989dc96653204673", + "【JAVA代码审计】bootplus 管理系统审计": "https://mp.weixin.qq.com/s?__biz=Mzg4MTkwMTI5Mw==&mid=2247488801&idx=1&sn=23d3e5f6c01320523c5495ca12df4bf2", + "DeepSeek 数据库未授权访问漏洞,导致大量数据泄露": "https://mp.weixin.qq.com/s?__biz=MzIxMTg1ODAwNw==&mid=2247500544&idx=1&sn=ebf9f3fcb46a7bcadad135da1b6e8fd8", + "美国对DeepSeek“出手”了!AI大模型如何迎战网络恶意攻击?": "https://mp.weixin.qq.com/s?__biz=MjM5NzA3Nzg2MA==&mid=2649870870&idx=1&sn=7685e470c401fdb0831d90ac129b068f", + "创宇猎幽NDR流量监测系统:向前防御,威胁检测": "https://mp.weixin.qq.com/s?__biz=MjM5NzA3Nzg2MA==&mid=2649870870&idx=2&sn=72942469d7ee4ea63b7171dd6e606c62", + "医疗行业数据安全风险评估实践指南(二)": "https://mp.weixin.qq.com/s?__biz=Mzg2NjY2MTI3Mg==&mid=2247498376&idx=1&sn=8f7f3f907a84a2b5a13e4e552247526a", + "无参数读文件和RCE的利用研究": "https://mp.weixin.qq.com/s?__biz=MjM5MjEyMTcyMQ==&mid=2651037458&idx=1&sn=0ee75174afec20a34c3f3243329d42e4", + "AI抢不走的工作,微软力挺红队测试仍需人类“掌舵”": "https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651313290&idx=1&sn=a6d328c9fd6e44ceb96698a3205f5786", + "新的“双击劫持”漏洞绕过主要网站上的点击劫持保护": "https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651313290&idx=2&sn=44a6a38890bbe1cf23af0cb8162a8362", + "虚假PoC漏洞利用正用来攻击研究人员": "https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651313290&idx=3&sn=c9beec9c5ce5078f2a7e260af8dc140f", + "IAMActionHunter:一款AWS IAM策略声明解析和查询工具": "https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651313290&idx=4&sn=c46a99c55e12a98fb61cc4819e385d68", + "大年初三 蛇全蛇美": "https://mp.weixin.qq.com/s?__biz=Mzg2MTU5ODQ2Mg==&mid=2247507175&idx=1&sn=0d04c34fa4f1ea8c975d2765b3fcdde8", + "数字取证之数据保护u200c": "https://mp.weixin.qq.com/s?__biz=MjM5OTk4MDE2MA==&mid=2655264880&idx=1&sn=7424698e3f088be94f084851bee8adde", + "祥蛇嬉初三 福运伴身畔": "https://mp.weixin.qq.com/s?__biz=MzU0MjEwNTM5Ng==&mid=2247520423&idx=1&sn=435bb09e1f0125a3af0ccfdbbe203099", + "大年初三 | 金福盈门,万象更新": "https://mp.weixin.qq.com/s?__biz=Mzk0MDQ5MTQ4NA==&mid=2247487429&idx=1&sn=5756ef7cab4f6ff1ce0a1364151444a5", + "网安原创文章推荐【2025/1/30】": "https://mp.weixin.qq.com/s?__biz=MzAxNzg3NzMyNQ==&mid=2247489527&idx=1&sn=410e2304fe7538839c5cb1c2467bb056", + "初三": "https://mp.weixin.qq.com/s?__biz=MzUyMjAyODU1NA==&mid=2247491948&idx=1&sn=4852c2eb3611785194c330002093797a", + "大年初三 | 福绕蛇年,万“巳”胜意": "https://mp.weixin.qq.com/s?__biz=MzA4MTg0MDQ4Nw==&mid=2247579271&idx=1&sn=bfb185d569ae97db908675e7f2419714", + "rsync进阶指南:14个提升效率的黑科技用法": "https://mp.weixin.qq.com/s?__biz=MzI5MjY4MTMyMQ==&mid=2247489889&idx=1&sn=ed213d71fa01c3309c93e853d4e8c1ed", + "DeepSeek 数据库裸奔 百万敏感数据任人取!": "https://mp.weixin.qq.com/s?__biz=MzAwMjA5OTY5Ng==&mid=2247525706&idx=1&sn=976ec18c7118e288efff987289130d14", + "欧盟《网络复原力法》全文翻译": "https://mp.weixin.qq.com/s?__biz=MzIxODM0NDU4MQ==&mid=2247506421&idx=1&sn=f3b2c847cf7748ef86bc68daa496de01", + "飞书文档快速转化本地makedown文件": "https://mp.weixin.qq.com/s?__biz=Mzk0ODY1NzEwMA==&mid=2247486602&idx=1&sn=faff49b1d51d07088cac426018d9ddef", + "Java反序列化漏洞 | Fastjson反序列化漏洞原理+漏洞复现": "https://mp.weixin.qq.com/s?__biz=Mzk0Mzc1MTI2Nw==&mid=2247487416&idx=1&sn=3071e9e82d12510b732a50c8e22cd596", + "美国DARPA的宏伟Red-C计划:通过“自我修复固件”实现网络攻击的实时检测与修复": "https://mp.weixin.qq.com/s?__biz=MzkyMjQ5ODk5OA==&mid=2247507167&idx=1&sn=26840502c819f510d39d577dccb84196", + "5th域安全微讯早报【20250131】027期": "https://mp.weixin.qq.com/s?__biz=MzkyMjQ5ODk5OA==&mid=2247507167&idx=2&sn=5e964e3fa5c3c44a17a1eade47f8ea71", + "CVE-2024-49138 poc windows CLFS.sys提权漏洞": "https://mp.weixin.qq.com/s?__biz=MzU1NzczNTM1MQ==&mid=2247485185&idx=1&sn=b8349c313ac09f29240c61f055433ddd", + "Cadiclus – 使用PowerShell辅助Linux 系统提权": "https://mp.weixin.qq.com/s?__biz=MzU1NzczNTM1MQ==&mid=2247485185&idx=2&sn=c8f3a8d2d11a3eaf2491baeb50be5792", + "正月初三| 三阳开泰 日富一日": "https://mp.weixin.qq.com/s?__biz=MzI2MzU0NTk3OA==&mid=2247506082&idx=1&sn=f2db30e5f0ea2346966522e0549b57d3", + "捷普信创安全产品线,助力信创产业发展": "https://mp.weixin.qq.com/s?__biz=MzI2MzU0NTk3OA==&mid=2247506082&idx=2&sn=20cc3516e0158067694fa5fd3a3ce1a9", + "【焕新领先】捷普IPS/IDS系统": "https://mp.weixin.qq.com/s?__biz=MzI2MzU0NTk3OA==&mid=2247506082&idx=3&sn=93dde62780cb716dcdb350ec05102794", + "使用豆包获取抖音文案": "https://mp.weixin.qq.com/s?__biz=Mzk0MTI4NTIzNQ==&mid=2247492239&idx=1&sn=f547e48b7cb815b2cde4361dd852d1e9", + "ECShop 4.x collection_list SQL注入": "https://mp.weixin.qq.com/s?__biz=Mzg4NDg3NjE5MQ==&mid=2247485617&idx=1&sn=cbea289e260befd038d87e4741df7ca9", + "正月初三贴赤口!亚信安全祝大家抬头见禧,蛇运亨通": "https://mp.weixin.qq.com/s?__biz=MjM5NjY2MTIzMw==&mid=2650620967&idx=1&sn=d6e3efc6033a4781fd8740b2499a17fb", + "大年初三 三阳开泰": "https://mp.weixin.qq.com/s?__biz=MjM5NzE0NTIxMg==&mid=2651135290&idx=1&sn=dbeba374802d07fb246a2c9630ba2375", + "初三 | 四季皆如意,万事尽亨通,新岁多欢颜,康泰常相伴!": "https://mp.weixin.qq.com/s?__biz=MzU4NjY4MDAyNQ==&mid=2247497080&idx=1&sn=4a5edfd2575e50bfbd568743f9f9a172", + "2025年全球风险报告:冲突、环境和虚假信息是主要威胁": "https://mp.weixin.qq.com/s?__biz=MzUzODYyMDIzNw==&mid=2247516970&idx=1&sn=06109ad8fa78d90f969ee430577ef590", + "针对DeepSeek的网络攻击再升级:僵尸网络进场 攻击指令激增上百倍u200b": "https://mp.weixin.qq.com/s?__biz=MzAxMjE3ODU3MQ==&mid=2650607360&idx=1&sn=c48a0548576e4ce9ae4ed53e751d671c", + "2025网络暴露危机报告:45%第三方应用越权访问用户数据": "https://mp.weixin.qq.com/s?__biz=MzAxMjE3ODU3MQ==&mid=2650607360&idx=2&sn=d60da4ef519827d85981b8d02d848e2f", + "经典华为路由器漏洞复现详细分析(包括整个漏洞链)": "https://mp.weixin.qq.com/s?__biz=MzAxMjE3ODU3MQ==&mid=2650607360&idx=3&sn=cac10cb8e85c07f523764294668f4fec", + "AutoPen - 自动化渗透测试工具": "https://mp.weixin.qq.com/s?__biz=MzAxMjE3ODU3MQ==&mid=2650607360&idx=4&sn=e33cdb19a4aabc1350cfd4c407aa7076", + "初三:喜报春来": "https://mp.weixin.qq.com/s?__biz=MzU0NDk0NTAwMw==&mid=2247624777&idx=1&sn=4af85ac3e0ff1b3aa079b4aea709111c", + "自动化代码审计工具": "https://mp.weixin.qq.com/s?__biz=MzkyNzIxMjM3Mg==&mid=2247489194&idx=1&sn=c3c275b655d3817e6f75a800f10a0e01", + "夺回失去的一切": "https://mp.weixin.qq.com/s?__biz=MzkyNzIxMjM3Mg==&mid=2247489194&idx=2&sn=c7ce655667ccb528720b4da5ed8ded7f", + "【初三】畅享惬意假期 尽享无忧时光": "https://mp.weixin.qq.com/s?__biz=MjM5NTE0MjQyMg==&mid=2650624575&idx=1&sn=a1c5ed5f4b0b0de27bba620517b40099", + "【贺蛇年】初三送福 信安保吉": "https://mp.weixin.qq.com/s?__biz=MzAxMjE1MDY0NA==&mid=2247508844&idx=1&sn=08446e6ae4fd80b63e788f60f6df0ec1", + "一分钟搭建本地大模型DeepSeek!永久免费!无需联网!一条命令即可搭建!!!!": "https://mp.weixin.qq.com/s?__biz=Mzg2Nzk0NjA4Mg==&mid=2247498557&idx=1&sn=4be63db2842575769a912e8c3332c989", + "山石网科·AI汇东方|正月初三,张贴赤口": "https://mp.weixin.qq.com/s?__biz=MzAxMDE4MTAzMQ==&mid=2661298290&idx=1&sn=b4f906505b483a77b737f218f4ee339e" + }, + "Tenable Blog": { + "Cybersecurity Snapshot: CSA Offers Tips for Deploying AI Securely, While Deloitte Says Cyber Teams’ GenAI Use Yields Top ROI": "https://www.tenable.com/blog/cybersecurity-snapshot-ai-security-tips-generative-ai-roi-01-31-2025" + }, + "Blog – Red Siege Information Security": { + "Security Posture Review and Penetration Testing": "https://redsiege.com/blog/2025/01/security-posture-review-and-penetration-testing/" + }, + "Bug Bounty in InfoSec Write-ups on Medium": { + "My Bug Bounty Journey: A Middle-Class Kid’s Quest for Free and Beyond": "https://infosecwriteups.com/my-bug-bounty-journey-a-middle-class-kids-quest-for-free-and-beyond-1cd6b65240d6?source=rss----7b722bfd1b8d--bug_bounty", + "How I Earned $200 Using GitHub Dorking: A Manual and Automated Guide to Finding Sensitive…": "https://infosecwriteups.com/how-i-earned-200-using-github-dorking-a-manual-and-automated-guide-to-finding-sensitive-ebbbfcad7296?source=rss----7b722bfd1b8d--bug_bounty" + }, + "Hexacorn": { + "Files of interest": "https://www.hexacorn.com/blog/2025/01/31/9839/" + }, + "SentinelOne": { + "The Good, the Bad and the Ugly in Cybersecurity – Week 5": "https://www.sentinelone.com/blog/the-good-the-bad-and-the-ugly-in-cybersecurity-week-5-6/" + }, + "Malware-Traffic-Analysis.net - Blog Entries": { + "2025-01-31: Two pcaps of AgentTesla-style data exfil, one using FTP and one using SMTP": "https://www.malware-traffic-analysis.net/2025/01/31/index.html" + }, + "HAHWUL": { + "Enhancing OWASP Noir with AI": "https://www.hahwul.com/2025/01/31/owasp-noir-x-llm/" + }, + "Securelist": { + "One policy to rule them all": "https://securelist.com/group-policies-in-cyberattacks/115331/" + }, + "Binary Ninja": { + "RE//thinking Conferences": "https://binary.ninja/2025/01/31/re-thinking-conferences.html" + }, + "Reverse Engineering": { + "Game Reverse Engineering for Dummies": "https://www.reddit.com/r/ReverseEngineering/comments/1ief03g/game_reverse_engineering_for_dummies/" + }, + "Malwarebytes": { + "ClickFix vs. traditional download in new DarkGate campaign": "https://www.malwarebytes.com/blog/cybercrime/2025/01/clickfix-vs-traditional-download-in-new-darkgate-campaign", + "Cybercrime gets a few punches on the nose": "https://www.malwarebytes.com/blog/news/2025/01/cybercrime-gets-a-few-punches-on-the-nose" + }, + "Wallarm": { + "Analyzing DeepSeek’s System Prompt: Jailbreaking Generative AI": "https://lab.wallarm.com/jailbreaking-generative-ai/" + }, + "FreeBuf网络安全行业门户": { + "意大利数据保护局封禁DeepSeek AI平台,用户数据透明度不足成焦点": "https://www.freebuf.com/articles/database/420991.html" + }, + "奇客Solidot–传递最新科技情报": { + "朱诺号在木卫一上记录到至今最强的火山活动": "https://www.solidot.org/story?sid=80455", + "新发现小行星有 1/83 的概率在 2032 年撞击地球": "https://www.solidot.org/story?sid=80454", + "库克告诉张忠谋英特尔不知道如何代工芯片": "https://www.solidot.org/story?sid=80453", + "巴塞尔税务机关因域名错误不得不购买巴哈马域名": "https://www.solidot.org/story?sid=80452" + }, + "黑海洋 - IT技术知识库": { + "DeepSeek 多模态大模型 Janus-Pro-7B 本地部署教程!支持图像生成": "https://blog.upx8.com/4681" + }, + "吾爱破解论坛": { + "【2025春节】解题领红包活动排行榜(初三 1/31)": "https://mp.weixin.qq.com/s?__biz=MjM5Mjc3MDM2Mw==&mid=2651141663&idx=1&sn=63c355a201f947c905a68b07647ab32a&chksm=bd50a64b8a272f5d946a584369ed1e63aa1e848c064f9913f5d0b8b726d9d660a7d66a00e91c&scene=58&subscene=0#rd" + }, + "dotNet安全矩阵": { + "收藏 | dotNet安全矩阵 2024 年度逆向调试分析阶段文章和工具汇总": "https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498584&idx=1&sn=d85935a8bccaf28b5e5203c9cd937ea9&chksm=fa5955b5cd2edca34577829765f94d7f8f8ba90adf5b6e399ec3c452c66f86875c7bf5bf1fe9&scene=58&subscene=0#rd", + ".NET 内网攻防实战电子报刊": "https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498584&idx=2&sn=3d15023570e640313e68870e0ee24904&chksm=fa5955b5cd2edca3ab75eec14cdb7db823d32a7563590a024fd77a432760513df551302e0537&scene=58&subscene=0#rd", + "收藏 | dotNet安全矩阵 2024 年度外网入口打点阶段文章和工具汇总": "https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498584&idx=3&sn=8e71ffa26350c09847ab769b9dbedcc2&chksm=fa5955b5cd2edca3ff4e40e9c3fbd087950be3490983ed47fb037e3bed4a8ec43f8f4ff18cc2&scene=58&subscene=0#rd", + "收藏 | dotNet安全矩阵 2024 年度目标权限维持阶段文章和工具汇总": "https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498584&idx=4&sn=d14acdfea6504a47d1e46e7c8f38cf54&chksm=fa5955b5cd2edca3e25bcab2043d40960b8493619cf515dd830c9a69f2f552048d360d1723d5&scene=58&subscene=0#rd" + }, + "丁爸 情报分析师的工具箱": { + "【实操】美国客机与黑鹰直升机相撞的视频、音频、轨迹回放及遇难机组和乘客": "https://mp.weixin.qq.com/s?__biz=MzI2MTE0NTE3Mw==&mid=2651148793&idx=1&sn=03180450dc0a7ac7bb10d75ce4ca6d3c&chksm=f1af26c3c6d8afd574a2952fe360477386f6c4b3918f013832c9caf99dedafd4d4838e3aa576&scene=58&subscene=0#rd" + }, + "情报分析师": { + "惊天一撞,华盛顿客机与直升机空难背后的真相!": "https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650559372&idx=1&sn=0410ce8851f28ddbc609457ae73483de&chksm=87117dc7b066f4d1ad44ee89f45d8490695f007aa2b56cf7f6d72328537333ddcdfc9c7337b7&scene=58&subscene=0#rd", + "美国为何对 DeepSeek 如此“上心”?一场科技博弈的真相": "https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650559372&idx=2&sn=369c0d3168fb3469fb3aefa3fb9cafd0&chksm=87117dc7b066f4d1185de6f282e7121df9671775c92c0f4fb83ca20be6f20fe42e7a73261f00&scene=58&subscene=0#rd" + }, + "极客公园": { + "对 Deepseek 从赞叹到压制,硅谷为何一周内变脸": "https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653073065&idx=1&sn=a7e25c9de7abe6fdf8234a898f67c3ca&chksm=7e57d31f49205a09b4245af36dad8e7b2b6ae8ed98f621dae59d0665e632d55f834f35024074&scene=58&subscene=0#rd", + "针对 DeepSeek 网络攻击暴增上百倍;苹果在华销售额下降 11%;《鱿鱼游戏》第三季公布 | 极客早知道": "https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653073064&idx=1&sn=56daa14e6f49dd3d526aa22a9ca2de8a&chksm=7e57d31e49205a089760b83fce00f837009c8dc1e6bcc9969dc9819cc32f9df30f57631463a7&scene=58&subscene=0#rd" + }, + "M01N Team": { + "AI风险分析 | 从Freysa转账案例看智能体应用的潜在风险": "https://mp.weixin.qq.com/s?__biz=MzkyMTI0NjA3OA==&mid=2247494055&idx=1&sn=1a0b66065e3db8d26597a12328032d82&chksm=c18429b6f6f3a0a0f87c56e68eb79be4df5d7a78ecb73f1a39c54ea3e74374f0d2671ba3d073&scene=58&subscene=0#rd" + }, + "吴鲁加": { + "YC 的 AI 创业创意": "https://mp.weixin.qq.com/s?__biz=Mzg5NDY4ODM1MA==&mid=2247485169&idx=1&sn=59224d6daf6f30591f7da17a13031fd7&chksm=c01a8bc0f76d02d648546ccc4303533b8e1ba5c3a69a2d84ba7809e30f397b269423fd3847f6&scene=58&subscene=0#rd" + }, + "360数字安全": { + "大年初三 | 福绕蛇年,万“巳”胜意": "https://mp.weixin.qq.com/s?__biz=MzA4MTg0MDQ4Nw==&mid=2247579271&idx=1&sn=bfb185d569ae97db908675e7f2419714&chksm=9f8d268fa8faaf9939e8fef41d497b2f71db4645149724c942c4674b04c19548141fda1cbdd9&scene=58&subscene=0#rd" + }, + "迪哥讲事": { + "Deepseek是如何被黑掉的": "https://mp.weixin.qq.com/s?__biz=MzIzMTIzNTM0MA==&mid=2247496994&idx=1&sn=d77c2e01b0dd8e2cb783fe7214e688c4&chksm=e8a5ff41dfd27657214d811c7635b0229bfd4e0dd9f949d59f1702d65efee83dd64fe76d58cb&scene=58&subscene=0#rd" + }, + "Krypt3ia": { + "Krypt3ia Daily Cyber Threat Intelligence (CTI) Digest": "https://krypt3ia.wordpress.com/2025/01/31/krypt3ia-daily-cyber-threat-intelligence-cti-digest-7/" + }, + "Hacking Exposed Computer Forensics Blog": { + "Daily Blog #734: My favorite interview question": "https://www.hecfblog.com/2025/01/daily-blog-734-my-favorite-interview.html" + }, + "Securityinfo.it": { + "DeepSeek: il top della tecnologia cinese dimentica di chiudere il database esposto": "https://www.securityinfo.it/2025/01/31/deepseek-il-top-della-tecnologia-cinese-dimentica-di-chiudere-il-database-esposto/?utm_source=rss&utm_medium=rss&utm_campaign=deepseek-il-top-della-tecnologia-cinese-dimentica-di-chiudere-il-database-esposto", + "Trovata una backdoor in due dispositivi cinesi per il monitoraggio dei pazienti": "https://www.securityinfo.it/2025/01/31/trovata-una-backdoor-in-due-dispositivi-cinesi-per-il-monitoraggio-dei-pazienti/?utm_source=rss&utm_medium=rss&utm_campaign=trovata-una-backdoor-in-due-dispositivi-cinesi-per-il-monitoraggio-dei-pazienti" + }, + "Over Security - Cybersecurity news aggregator": { + "Former Polish justice minister arrested in sprawling spyware probe": "https://therecord.media/poland-spyware-former-justice-minister-arrested", + "Regional healthcare systems report data breaches affecting more than 1.5 million": "https://therecord.media/connecticut-california-healthcare-networks-data-breaches", + "WhatsApp accuses Paragon of targeting about 90 users with spyware": "https://therecord.media/whatsapp-paragon-spyware-targeting-users", + "FBI, Dutch Police Disrupt ‘Manipulaters’ Phishing Gang": "https://krebsonsecurity.com/2025/01/fbi-dutch-police-disrupt-manipulaters-phishing-gang/", + "Insurance firm Globe Life to warn 850,000 of potential data theft following extortion attempt": "https://therecord.media/globe-life-updated-sec-filing-hackers-extortion-data-breach", + "Cracked and Nulled Marketplaces Disrupted in International Cyber Operation": "https://flashpoint.io/blog/cracked-and-nulled-marketplaces-disrupted-in-cyber-operation/", + "DeepSeek: il top della tecnologia cinese dimentica di chiudere il database esposto": "https://www.securityinfo.it/2025/01/31/deepseek-il-top-della-tecnologia-cinese-dimentica-di-chiudere-il-database-esposto/", + "CISA employees told they are exempt from federal worker resignation program": "https://therecord.media/cisa-employees-told-they-are-exempt-deferred-resignation", + "Hackers use fake wedding invitations to spread Android malware in Southeast Asia": "https://therecord.media/hackers-wedding-invitations-southeast-asia", + "Microsoft improves text contrast for all Windows Chromium browsers": "https://www.bleepingcomputer.com/news/microsoft/microsoft-improves-text-contrast-for-all-windows-chromium-browsers/", + "Come DeepSeek ha riconfigurato la corsa all’intelligenza artificiale": "https://www.guerredirete.it/come-deepseek-ha-riconfigurato-la-corsa-allintelligenza-artificiale/", + "Italy blocks Chinese AI tool DeepSeek over privacy concerns": "https://therecord.media/italy-blocks-chinese-ai-tool-deepseek-over-privacy-concerns", + "FDA, CISA warn of backdoor in popular patient monitor used by US hospitals": "https://therecord.media/contec-cms8000-firmware-backdoor-fda-cisa-warning", + "Tata Technologies reports ransomware attack to Indian stock exchange": "https://therecord.media/tata-ransomware-attack-report-incident", + "DeepSeek a rischio blocco in Italia? Il Garante privacy chiede conto sul trattamento dei dati": "https://www.cybersecurity360.it/news/deepseek-a-rischio-blocco-in-italia-il-garante-privacy-chiede-conto-sul-trattamento-dei-dati/", + "Trovato un database di DeepSeek esposto online, senza protezioni: quali rischi": "https://www.cybersecurity360.it/news/trovato-un-database-di-deepseek-esposto-online-senza-protezioni-quali-rischi/", + "Attacchi cyber contro la Pa: come funziona la difesa del Polo Strategico Nazionale": "https://www.cybersecurity360.it/cybersecurity-nazionale/polo-strategico-nazionale-a-difesa-cloud-pa/", + "La nomina del DPO: competenze, indipendenza e incompatibilità": "https://www.cybersecurity360.it/legal/privacy-dati-personali/la-nomina-del-dpo-competenze-indipendenza-e-incompatibilita/", + "DeepSeek, ecco il lato oscuro dell’AI cinese": "https://www.cybersecurity360.it/cultura-cyber/la-startup-cinese-deepseek-sfida-chatgpt-il-modello-ai-che-supera-le-restrizioni-usa/", + "TorNet: la nuova backdoor che sfrutta la rete TOR per evadere le difese": "https://www.cybersecurity360.it/news/tornet-la-nuova-backdoor-che-sfrutta-la-rete-tor-per-evadere-le-difese/", + "Il Browser Syncjacking dirotta i nostri dispositivi sfruttando le estensioni di Chrome": "https://www.cybersecurity360.it/news/il-browser-syncjacking-dirotta-i-nostri-dispositivi-sfruttando-le-estensioni-di-chrome/", + "DeepSeek: i perché del blocco del Garante privacy e le sfide per l’UE": "https://www.cybersecurity360.it/legal/blocco-deepseek-garante-privacy-le-sfide-ue/", + "Indian tech giant Tata Technologies hit by ransomware attack": "https://www.bleepingcomputer.com/news/security/indian-tech-giant-tata-technologies-hit-by-ransomware-attack/", + "US healthcare provider data breach impacts 1 million patients": "https://www.bleepingcomputer.com/news/security/us-healthcare-provider-data-breach-impacts-1-million-patients/", + "Globe Life data breach may impact an additional 850,000 clients": "https://www.bleepingcomputer.com/news/security/globe-life-data-breach-may-impact-an-additional-850-000-clients/", + "WhatsApp says it disrupted a hacking campaign targeting journalists with Paragon spyware": "https://techcrunch.com/2025/01/31/whatsapp-says-it-disrupted-a-hacking-campaign-targeting-journalists-with-spyware/", + "Pakistan-based cybercrime network dismantled by US, Dutch authorities": "https://therecord.media/pakistan-cybercrime-busted-dutch-doj", + "Mizuno USA says hackers stayed in its network for two months": "https://www.bleepingcomputer.com/news/security/mizuno-usa-says-hackers-stayed-in-its-network-for-two-months/", + "The TechCrunch Cyber Glossary": "https://techcrunch.com/2025/01/31/techcrunch-reference-guide-to-security-terminology/", + "Sintesi riepilogativa delle campagne malevole nella settimana del 25 – 31 gennaio": "https://cert-agid.gov.it/news/sintesi-riepilogativa-delle-campagne-malevole-nella-settimana-del-25-31-gennaio/", + "Vulnerabilità Subaru: il vero problema sono le politiche di gestione dei dati": "https://www.securityinfo.it/2025/01/30/vulnerabilita-subaru-il-vero-problema-sono-le-politiche-di-gestione-dei-dati/", + "Norway seizes ship suspected of sabotage, says crew are Russian nationals": "https://therecord.media/norway-seizes-ship-suspected-sabotage", + "Police dismantles HeartSender cybercrime marketplace network": "https://www.bleepingcomputer.com/news/security/police-dismantles-heartsender-cybercrime-marketplace-network/", + "Exclusive: Heart Centre Cyberattack in Australia, DragonForce Claims Responsibility for Sensitive Data Theft": "https://www.suspectfile.com/exclusive-heart-centre-cyberattack-in-australia-dragonforce-claims-responsibility-for-sensitive-data-theft/", + "Trovata una backdoor in due dispositivi cinesi per il monitoraggio dei pazienti": "https://www.securityinfo.it/2025/01/31/trovata-una-backdoor-in-due-dispositivi-cinesi-per-il-monitoraggio-dei-pazienti/", + "One policy to rule them all": "https://securelist.com/group-policies-in-cyberattacks/115331/", + "Cyble’s Weekly Vulnerability Update: Critical SonicWall Zero-Day and Exploited Flaws Discovered": "https://cyble.com/blog/cybles-weekly-vulnerability-update-critical/", + "Dark Web Activity January 2025: A New Hacktivist Group Emerges": "https://cyble.com/blog/dark-web-activity-new-hacktivist-group-emerges/", + "KuCoin to pay nearly $300 million in penalties after guilty plea": "https://www.bleepingcomputer.com/news/cryptocurrency/kucoin-to-pay-nearly-300-million-in-penalties-after-guilty-plea/" + }, + "SANS Internet Storm Center, InfoCON: green": { + "To Simulate or Replicate: Crafting Cyber Ranges, (Fri, Jan 31st)": "https://isc.sans.edu/diary/rss/31642", + "ISC Stormcast For Friday, January 31st, 2025 https://isc.sans.edu/podcastdetail/9304, (Fri, Jan 31st)": "https://isc.sans.edu/diary/rss/31640" + }, + "Posts By SpecterOps Team Members - Medium": { + "SlackPirate Set Sails Again! Or: How to Send the Entire “Bee Movie” Script to Your Friends in Slack": "https://posts.specterops.io/slackpirate-set-sails-again-or-how-to-send-the-entire-bee-movie-script-to-your-friends-in-slack-d9c691ae33f5?source=rss----f05f8696e3cc---4" + }, + "Instapaper: Unread": { + "DeepSeek, serve cautela ci sono pericoli per la sicurezza": "https://www.cybersecurity360.it/news/deepseek-usarlo-con-cautela-ci-sono-pericoli-per-la-sicurezza/", + "Backdoor found in two healthcare patient monitors, linked to IP in China": "https://www.bleepingcomputer.com/news/security/backdoor-found-in-two-healthcare-patient-monitors-linked-to-ip-in-china/" + }, + "Trend Micro Research, News and Perspectives": { + "Future of Cybersecurity: Will XDR Absorb SIEM & SOAR?": "https://www.trendmicro.com/en_us/research/25/a/xdr-siem-soar.html" + }, + "Deeplinks": { + "Copyright is a Civil Liberties Nightmare": "https://www.eff.org/deeplinks/2025/01/copyright-civil-liberties-nightmare" + }, + "Schneier on Security": { + "Friday Squid Blogging: On Squid Brains": "https://www.schneier.com/blog/archives/2025/01/friday-squid-blogging-on-squid-brains-2.html" + }, + "Computer Forensics": { + "Baloney Detection Kit": "https://www.reddit.com/r/computerforensics/comments/1iegsc1/baloney_detection_kit/", + "Is this normal with iphone digital forensics?": "https://www.reddit.com/r/computerforensics/comments/1iegbx6/is_this_normal_with_iphone_digital_forensics/", + "Audi transcription": "https://www.reddit.com/r/computerforensics/comments/1ief751/audi_transcription/" + }, + "Blackhat Library: Hacking techniques and research": { + "New Business Opportunity": "https://www.reddit.com/r/blackhat/comments/1iek6i3/new_business_opportunity/" + }, + "Krebs on Security": { + "FBI, Dutch Police Disrupt ‘Manipulaters’ Phishing Gang": "https://krebsonsecurity.com/2025/01/fbi-dutch-police-disrupt-manipulaters-phishing-gang/" + }, + "Deep Web": { + "Anyone who can provide invitational links?": "https://www.reddit.com/r/deepweb/comments/1iepero/anyone_who_can_provide_invitational_links/", + "Is there a reliable list of links?": "https://www.reddit.com/r/deepweb/comments/1iebzm9/is_there_a_reliable_list_of_links/" + }, + "Your Open Hacker Community": { + "Is Hacking: The Art of Exploitation still a good book for beginners in 2025?": "https://www.reddit.com/r/HowToHack/comments/1ieayzm/is_hacking_the_art_of_exploitation_still_a_good/", + "I’m stuck in my hacking learning": "https://www.reddit.com/r/HowToHack/comments/1iefdhx/im_stuck_in_my_hacking_learning/", + "Cybersecurity Roadmap After Learning Networking, Linux & Python? Need Guidance!": "https://www.reddit.com/r/HowToHack/comments/1iemc6e/cybersecurity_roadmap_after_learning_networking/", + "How to have a career in cyber security and ethical hacking?": "https://www.reddit.com/r/HowToHack/comments/1iek4vz/how_to_have_a_career_in_cyber_security_and/", + "Javascript: trying to grab a class from runtime script": "https://www.reddit.com/r/HowToHack/comments/1ierdsb/javascript_trying_to_grab_a_class_from_runtime/", + "Using embedded RTTI to reverse engineer classes.": "https://www.reddit.com/r/HowToHack/comments/1ief4dz/using_embedded_rtti_to_reverse_engineer_classes/", + "Can anyone help me find this guy he got in my mates pc and then provided a email or something": "https://www.reddit.com/r/HowToHack/comments/1ieouov/can_anyone_help_me_find_this_guy_he_got_in_my/", + "Phone hacked": "https://www.reddit.com/r/HowToHack/comments/1iembsn/phone_hacked/", + "Can we catch someone using VPN or TOR for hoax calls?": "https://www.reddit.com/r/HowToHack/comments/1ie9efv/can_we_catch_someone_using_vpn_or_tor_for_hoax/", + "I need a friend fr": "https://www.reddit.com/r/HowToHack/comments/1ies4at/i_need_a_friend_fr/", + "Can someone send me a phishing link and then say my password etc.": "https://www.reddit.com/r/HowToHack/comments/1ieriwo/can_someone_send_me_a_phishing_link_and_then_say/", + "hi if anyone is available I need a little help": "https://www.reddit.com/r/HowToHack/comments/1iesp85/hi_if_anyone_is_available_i_need_a_little_help/", + "What's I need to learn?": "https://www.reddit.com/r/HowToHack/comments/1ie6pza/whats_i_need_to_learn/", + "Trying to find a way to expose a racist, can you help?": "https://www.reddit.com/r/HowToHack/comments/1iep6ol/trying_to_find_a_way_to_expose_a_racist_can_you/", + "Phishing links": "https://www.reddit.com/r/HowToHack/comments/1ie49f5/phishing_links/", + "Android Rat": "https://www.reddit.com/r/HowToHack/comments/1iejeu5/android_rat/", + "Has anyone “created” their own WHID Cactus?": "https://www.reddit.com/r/HowToHack/comments/1ie23b8/has_anyone_created_their_own_whid_cactus/", + "Hello guys, I wanted to ddos attack on my college website, how can I do?": "https://www.reddit.com/r/HowToHack/comments/1ieiva8/hello_guys_i_wanted_to_ddos_attack_on_my_college/", + "Best way to get started in ethical hacking and pentesting?": "https://www.reddit.com/r/HowToHack/comments/1iedc7i/best_way_to_get_started_in_ethical_hacking_and/" + }, + "netsecstudents: Subreddit for students studying Network Security and its related subjects": { + "🔥 Evolution of Wi-Fi Security: From WEP to WPA3 🔥": "https://www.reddit.com/r/netsecstudents/comments/1ie274v/evolution_of_wifi_security_from_wep_to_wpa3/" + }, + "The Register - Security": { + "The Big Short on Cybersecurity": "https://go.theregister.com/feed/www.theregister.com/2025/01/31/the_big_short_on_cybersecurity/", + "Another banner year for ransomware gangs despite takedowns by the cops": "https://go.theregister.com/feed/www.theregister.com/2025/01/31/banner_year_for_ransomware_gangs/", + "Google to Iran: Yes, we see you using Gemini for phishing and scripting. We're onto you": "https://go.theregister.com/feed/www.theregister.com/2025/01/31/state_spies_google_gemini/" + }, + "Palo Alto Networks Blog": { + "DeepSeek’s Rise Shows AI Security Remains a Moving Target": "https://www.paloaltonetworks.com/blog/2025/01/deepseek-rise-shows-ai-security-remains-moving-target/" + }, + "Social Engineering": { + "How We Used Psychology To Increase Positive Reviews": "https://www.reddit.com/r/SocialEngineering/comments/1iecatk/how_we_used_psychology_to_increase_positive/" + }, + "Information Security": { + "3 Cyber Attacks in January 2025": "https://www.reddit.com/r/Information_Security/comments/1ieeo5l/3_cyber_attacks_in_january_2025/" + }, + "The Hacker News": { + "CISA and FDA Warn of Critical Backdoor in Contec CMS8000 Patient Monitors": "https://thehackernews.com/2025/01/cisa-and-fda-warn-of-critical-backdoor.html", + "Top 5 AI-Powered Social Engineering Attacks": "https://thehackernews.com/2025/01/top-5-ai-powered-social-engineering.html", + "Italy Bans Chinese DeepSeek AI Over Data Privacy and Ethical Concerns": "https://thehackernews.com/2025/01/italy-bans-chinese-deepseek-ai-over.html", + "Google Bans 158,000 Malicious Android App Developer Accounts in 2024": "https://thehackernews.com/2025/01/google-bans-158000-malicious-android.html", + "Broadcom Patches VMware Aria Flaws – Exploits May Lead to Credential Theft": "https://thehackernews.com/2025/01/broadcom-patches-vmware-aria-flaws.html" + }, + "TorrentFreak": { + "Pirate Libraries Are Forbidden Fruit for AI Companies. But at What Cost?": "https://torrentfreak.com/pirate-libraries-are-forbidden-fruit-for-ai-companies-but-at-what-cost-250131/", + "Court Rejects Musi’s Bid to Force Apple to Reinstate its Music App": "https://torrentfreak.com/court-rejects-musis-bid-to-force-apple-to-reinstate-its-music-app-250131/" + }, + "Security Affairs": { + "Community Health Center data breach impacted over 1 million patients": "https://securityaffairs.com/173687/data-breach/community-health-center-data-breach.html", + "Italy’s data protection authority Garante blocked the DeepSeek AI platform": "https://securityaffairs.com/173680/security/italys-data-protection-authority-garante-blocked-deepseek.html", + "Broadcom fixed information disclosure flaws in VMware Aria Operations": "https://securityaffairs.com/173677/security/vmware-aria-operations-flaws.html" + }, + "Technical Information Security Content & Discussion": { + "SlackPirate Set Sails Again! Or: How to Send the Entire “Bee Movie” Script to Your Friends in Slack": "https://www.reddit.com/r/netsec/comments/1iejrzh/slackpirate_set_sails_again_or_how_to_send_the/", + "Cisco Webex Connect - Unauthenticated access to all chats": "https://www.reddit.com/r/netsec/comments/1iebyye/cisco_webex_connect_unauthenticated_access_to_all/", + "RCE (LAN) in Marvel Rivals": "https://www.reddit.com/r/netsec/comments/1iecdx2/rce_lan_in_marvel_rivals/", + "CRLF injection via TryAddWithoutValidation in .NET": "https://www.reddit.com/r/netsec/comments/1iean5l/crlf_injection_via_tryaddwithoutvalidation_in_net/" + }, + "网安寻路人": { + "欧盟《网络复原力法》全文翻译": "https://mp.weixin.qq.com/s?__biz=MzIxODM0NDU4MQ==&mid=2247506421&idx=1&sn=f3b2c847cf7748ef86bc68daa496de01&chksm=97e9641fa09eed095158a4f84b80d0b52ad9fe6ab463c8869e956608d218c6715d95e0a3ce92&scene=58&subscene=0#rd" + }, + "Security Weekly Podcast Network (Audio)": { + ".ASS, Deepseek, AI Time Travel, Google, HeartBlocker, TikTok, Aaran Leyland, and More - SWN #447": "http://sites.libsyn.com/18678/ass-deepseek-ai-time-travel-google-heartblocker-tiktok-aaran-leyland-and-more-swn-447" + } +} \ No newline at end of file diff --git a/today.md b/today.md index 97a033cc41..4cedd0662e 100644 --- a/today.md +++ b/today.md @@ -1,383 +1,339 @@ -# 每日安全资讯(2025-01-31) +# 每日安全资讯(2025-02-01) +- Recent Commits to cve:main + - [ ] [Update Fri Jan 31 20:21:24 UTC 2025](https://github.com/trickest/cve/commit/80a2dc60ca64c34a5211d8cf4b786686cc537efd) + - [ ] [Update Fri Jan 31 12:25:11 UTC 2025](https://github.com/trickest/cve/commit/add66039334dc9d7f2519acac27d7db61f9a2fe2) + - [ ] [Update Fri Jan 31 04:24:16 UTC 2025](https://github.com/trickest/cve/commit/a7d947e6c2b962b8d95547864478207be1c85ffd) - SecWiki News - - [ ] [SecWiki News 2025-01-30 Review](http://www.sec-wiki.com/?2025-01-30) -- bunnie's blog - - [ ] [Name that Ware, January 2025](https://www.bunniestudios.com/blog/2025/name-that-ware-january-2025/) - - [ ] [Winner, Name that Ware December 2024](https://www.bunniestudios.com/blog/2025/winner-name-that-ware-december-2024/) + - [ ] [SecWiki News 2025-01-31 Review](http://www.sec-wiki.com/?2025-01-31) +- Trustwave Blog + - [ ] [Accelerate Your Journey with the Microsoft End Customer Investment Funds (ECIF) Program](https://www.trustwave.com/en-us/resources/blogs/trustwave-blog/accelerate-your-journey-with-the-microsoft-end-customer-investment-funds-ecif-program/) - Security Boulevard - - [ ] [2025 predictions: Security industry](https://securityboulevard.com/2025/01/2025-predictions-security-industry/) - - [ ] [Preparing for PCI DSS 4.0: How Sonatype SBOM Manager can streamline and accelerate your transition](https://securityboulevard.com/2025/01/preparing-for-pci-dss-4-0-how-sonatype-sbom-manager-can-streamline-and-accelerate-your-transition/) - - [ ] [Trust in Cloud Security with Effective Secrets Rotation](https://securityboulevard.com/2025/01/trust-in-cloud-security-with-effective-secrets-rotation/) - - [ ] [Innovative PAM Strategies for Modern Enterprises](https://securityboulevard.com/2025/01/innovative-pam-strategies-for-modern-enterprises/) - - [ ] [Advancing Cloud Compliance with Proactive Measures](https://securityboulevard.com/2025/01/advancing-cloud-compliance-with-proactive-measures/) - - [ ] [Hiya AI Phone App Protects Against Deepfakes, Other Scams](https://securityboulevard.com/2025/01/hiya-ai-phone-app-protects-against-deepfakes-other-scams/) - - [ ] [DEF CON 32 – Color Blasted Badge Making: How Hard Could It Be](https://securityboulevard.com/2025/01/def-con-32-color-blasted-badge-making-how-hard-could-it-be/) - - [ ] [2025’s Top Five Trends in Identity Verification](https://securityboulevard.com/2025/01/2025s-top-five-trends-in-identity-verification/) - - [ ] [Next Steps from the PCI Council’s SAQ-A Update: Critical Responsibilities and Opportunities for PSPs](https://securityboulevard.com/2025/01/next-steps-from-the-pci-councils-saq-a-update-critical-responsibilities-and-opportunities-for-psps/) - - [ ] [Assessing the New SAQ-A Changes: Insights for QSAs](https://securityboulevard.com/2025/01/assessing-the-new-saq-a-changes-insights-for-qsas/) -- Hacking Articles - - [ ] [AD Recon: Kerberos Username Bruteforce](https://www.hackingarticles.in/ad-recon-kerberos-username-bruteforce/) -- Sukka's Blog - - [ ] [2024:浏览器从 A 到 Z](https://blog.skk.moe/post/2024-browser-from-a-to-z/) + - [ ] [The Transformative Role of AI in Cybersecurity](https://securityboulevard.com/2025/01/the-transformative-role-of-ai-in-cybersecurity/) + - [ ] [DEF CON 32 – An Adversarial Approach To Airline Revenue Management Proving Ground](https://securityboulevard.com/2025/01/def-con-32-an-adversarial-approach-to-airline-revenue-management-proving-ground/) + - [ ] [Julianna Lamb on Choosing Authentication Platforms Over DIY](https://securityboulevard.com/2025/01/julianna-lamb-on-choosing-authentication-platforms-over-diy/) + - [ ] [Eric Brüggemann on Code Intelligence Launching Spark](https://securityboulevard.com/2025/01/eric-bruggemann-on-code-intelligence-launching-spark/) + - [ ] [Creating realistic, secure test data for Databricks](https://securityboulevard.com/2025/01/creating-realistic-secure-test-data-for-databricks/) + - [ ] [Ransomware Scum — Out For Blood: NYBCe is Latest Victim](https://securityboulevard.com/2025/01/nybc-blood-ransomware-richixbw/) + - [ ] [Zimperium’s Protection Against Tria Stealer’s SMS Data Theft](https://securityboulevard.com/2025/01/zimperiums-protection-against-tria-stealers-sms-data-theft/) + - [ ] [DEF CON 32 – Famous and Not So Famous Unsolved Codes](https://securityboulevard.com/2025/01/def-con-32-famous-and-not-so-famous-unsolved-codes/) + - [ ] [SlackPirate Set Sails Again! Or: How to Send the Entire “Bee Movie” Script to Your Friends in Slack](https://securityboulevard.com/2025/01/slackpirate-set-sails-again-or-how-to-send-the-entire-bee-movie-script-to-your-friends-in-slack/) + - [ ] [Analyzing DeepSeek’s System Prompt: Jailbreaking Generative AI](https://securityboulevard.com/2025/01/analyzing-deepseeks-system-prompt-jailbreaking-generative-ai/) +- ElcomSoft blog + - [ ] [The Evolution of iOS Passcode Security](https://blog.elcomsoft.com/2025/01/the-evolution-of-ios-passcode-security/) +- Sucuri Blog + - [ ] [Vulnerability & Patch Roundup — January 2025](https://blog.sucuri.net/2025/01/vulnerability-patch-roundup-january-2025.html) - Doonsec's feed - - [ ] [秦安:特朗普“半夜清洗”,解雇17名检察长,成三位一体反腐布局](https://mp.weixin.qq.com/s?__biz=MzA5MDg1MDUyMA==&mid=2650476392&idx=1&sn=11cf99bd5faf07695e3ac89ec70c72aa) - - [ ] [张志坤:巴拿马运河争夺战,真正目标是中国](https://mp.weixin.qq.com/s?__biz=MzA5MDg1MDUyMA==&mid=2650476392&idx=2&sn=4135a1c0538e4e13d4e225ad3de60ac2) - - [ ] [牟林:关于无人武器作战的战略思考](https://mp.weixin.qq.com/s?__biz=MzA5MDg1MDUyMA==&mid=2650476392&idx=3&sn=c0854894545a61159ff4423409fe77fe) - - [ ] [牟林:靠征关税致富做得到吗?](https://mp.weixin.qq.com/s?__biz=MzA5MDg1MDUyMA==&mid=2650476392&idx=4&sn=a54df395e2fe825567a13f177b2f1ed2) - - [ ] [Loggy - Introduce to reverseing golang binary](https://mp.weixin.qq.com/s?__biz=Mzg4NzU4MDE5NQ==&mid=2247484272&idx=1&sn=b38cb2dd664786c222e314a789b7da40) - - [ ] [byd红客](https://mp.weixin.qq.com/s?__biz=MzkyNTQ0OTYxOQ==&mid=2247483988&idx=1&sn=5b25e95ccbd765424198f50243e7edf7) - - [ ] [【速报】github 挂了?(世界就是一个巨大的草台班子)](https://mp.weixin.qq.com/s?__biz=Mzg4NzgzMjUzOA==&mid=2247485449&idx=1&sn=2e621cb2afe5e511ac88f055da981272) - - [ ] [Kali下安装与使用BeEF:反射型与存储型XSS攻击、Cookie会话劫持、键盘监听及浏览器操控技巧](https://mp.weixin.qq.com/s?__biz=MzU2MTc4NTEyNw==&mid=2247486453&idx=1&sn=cd3057994dfa4e6a29c9d70b342f9e8a) - - [ ] [起](https://mp.weixin.qq.com/s?__biz=MzAwMjQ2NTQ4Mg==&mid=2247496866&idx=1&sn=50672ddfb00ba89a961f457c1121f0f1) - - [ ] [(吃瓜)Github疑似遭受ddos攻击](https://mp.weixin.qq.com/s?__biz=MzkzNjczNzEyMw==&mid=2247484164&idx=1&sn=0e0f18f1790d8e9a2fd97d76ed9ff8eb) - - [ ] [特朗普“午夜清洗”:17名监察长“下马”,法律争议“炸锅](https://mp.weixin.qq.com/s?__biz=MzkwNzM0NzA5MA==&mid=2247505045&idx=1&sn=d3b57f2d70f4497ba9e6bd0d3792b39b) - - [ ] [印度卫星对接成功:技术存在局限性](https://mp.weixin.qq.com/s?__biz=MzkwNzM0NzA5MA==&mid=2247505045&idx=2&sn=1f9e6ca2b9e492d72bd16233e83dcf9c) - - [ ] [大家一起ddos白宫](https://mp.weixin.qq.com/s?__biz=MzkyOTQzNjIwNw==&mid=2247491639&idx=1&sn=ea6a2bb14d619f5834396d7fe8ebf609) - - [ ] [研究完威胁分类,才发现我们平时谈的“以威胁为中心”都是假的!](https://mp.weixin.qq.com/s?__biz=MzAxOTk3NTg5OQ==&mid=2247492288&idx=1&sn=4a85f9ccfbc35e9f52f817bc25f4ce10) - - [ ] [世界需要一个能谋善断的AI(三)决策的厚重:人类世界是如何被“选择”塑造的?](https://mp.weixin.qq.com/s?__biz=MzAxOTk3NTg5OQ==&mid=2247492288&idx=2&sn=416787d4505f6a7bf562f91bcf9f37cd) - - [ ] [DeepSeek-R1:通过强化学习激励LLM的推理能力](https://mp.weixin.qq.com/s?__biz=MjM5OTk4MDE2MA==&mid=2655264879&idx=1&sn=74c7f7b47fbb79364c8dc55264481f92) - - [ ] [分享图片](https://mp.weixin.qq.com/s?__biz=MzI3Njc1MjcxMg==&mid=2247494399&idx=1&sn=21a59287adb50dc4b945b2325e795fe4) - - [ ] [SpiderX-V2.0发布 解锁JS加密新姿势攻防武器](https://mp.weixin.qq.com/s?__biz=MzkxOTU3MDY4MQ==&mid=2247484842&idx=1&sn=29eca64227216346731e46e212de2a92) - - [ ] [量子计算机时代的汽车系统的嵌入式安全](https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247620255&idx=1&sn=610c3bff71970b4fbc041a0177ee93fd) - - [ ] [揭开人工智能在交通网络安全中的神秘面纱](https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247620255&idx=2&sn=c361a268b2ef526cf5e44433248d1d13) - - [ ] [车辆网络处理器上的后量子安全启动](https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247620255&idx=3&sn=ee30d942f28072654d6b335624aea228) - - [ ] [新年开工啦](https://mp.weixin.qq.com/s?__biz=MzIzODMyMzQxNQ==&mid=2247484490&idx=1&sn=379870838aa89954061ce91a8fe22392) - - [ ] [揭秘土耳其“红皮书”:真相还是阴谋?](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650559341&idx=1&sn=517465083ba598dcfc9d243a3f11d1c9) - - [ ] [中亚新位置:美国到底是“机遇”还是“陷阱”?](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650559341&idx=2&sn=58f2aa6cb8bf4e2d52982ba4dc461e34) - - [ ] [深入浅出API测试|搜集分析与漏洞挖掘实战](https://mp.weixin.qq.com/s?__biz=MzIzMTIzNTM0MA==&mid=2247496981&idx=1&sn=1b88708a474086d96cf22a9428c93835) - - [ ] [网络运维工程师如何高效运维数据中心,记住这6条定律!](https://mp.weixin.qq.com/s?__biz=MzUyNTExOTY1Nw==&mid=2247528027&idx=1&sn=bb96422660e09519af965fecc213d4cf) - - [ ] [春节假期7个基本网络安全提示](https://mp.weixin.qq.com/s?__biz=MzA5MzU5MzQzMA==&mid=2652114269&idx=1&sn=731f251283d6f584e16dd15c5f0f1b4f) - - [ ] [为什么DDoS攻击如此致命?](https://mp.weixin.qq.com/s?__biz=MzIyMzIwNzAxMQ==&mid=2649464754&idx=1&sn=df89b63da565ca06f6419c818442ef13) - - [ ] [利用DeepSeek进行java代码审计,好用!](https://mp.weixin.qq.com/s?__biz=MzkxNjQyODY5MA==&mid=2247487042&idx=1&sn=256d32002fcf342d7770b39c1d41f695) - - [ ] [收藏 | dotNet安全矩阵 2024 年度目标权限维持阶段文章和工具汇总](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498569&idx=1&sn=a273094850e815c5dccaf5c9fbb7956f) - - [ ] [国内最专业、最全面的 [ .NET 代码审计 ] 体系化学习交流社区](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498569&idx=2&sn=efe5abab1b53aa0c37945f18fbfb5043) - - [ ] [收藏 | dotNet安全矩阵 2024 年度外网入口打点阶段文章和工具汇总](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498569&idx=3&sn=b5363f2569c8b2f819bc9d52cc71cc79) - - [ ] [2024年,安全厂商为什么这么惨?](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485482&idx=1&sn=ccf61766565e0badd0172f57ee1728f1) - - [ ] [【干货原创】实网攻防演习常态化,会带来什么变化01](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485482&idx=4&sn=919cc9d33961ed8e6a35eede596478de) - - [ ] [【干货原创】K12教育,鲜为人知的模式秘密](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485482&idx=5&sn=bf335b4022071ba93823b812090acee6) - - [ ] [原创文章目录](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485482&idx=6&sn=3ff7227d97237b358e80b064be4215f2) - - [ ] [四川大学网安少年班](https://mp.weixin.qq.com/s?__biz=Mzg4NDg3NjE5MQ==&mid=2247485616&idx=1&sn=5255daa9a5e28be2c73d156eeb167ad5) - - [ ] [世界经济论坛《2025年全球网络安全展望》报告一览](https://mp.weixin.qq.com/s?__biz=MzU0MDc5ODM0Mg==&mid=2247484780&idx=1&sn=5c29954e85b159e98b2db3467a6f4281) - - [ ] [【恭贺新春】企业级内网仿真「Thunder」免费开战!通关赢千元现金](https://mp.weixin.qq.com/s?__biz=Mzg5MDc1MjY5Ng==&mid=2247493011&idx=1&sn=324fff14046b3d7b31e4f2827bccacfb) - - [ ] [AI风险分析 | Grok提示词泄露前后暗藏玄机](https://mp.weixin.qq.com/s?__biz=MzkyMTI0NjA3OA==&mid=2247494054&idx=1&sn=9122e0562bcad42ee707e0879b945aa1) - - [ ] [针对DeepSeek的网络攻击再升级:僵尸网络进场 攻击指令激增上百倍u200b](https://mp.weixin.qq.com/s?__biz=MzI4NDY2MDMwMw==&mid=2247513623&idx=1&sn=d0d49c0d4b6e85b4dd8aacd8623ca272) - - [ ] [Offsec PG靶场-Pelican(OSCP考试)](https://mp.weixin.qq.com/s?__biz=MzU5MjIzMDMzNg==&mid=2247484347&idx=1&sn=0c628f8609fa4badb4f81f1f90b3d305) - - [ ] [六部门印发|关于完善数据流通安全治理 更好促进数据要素市场化价值化的实施方案](https://mp.weixin.qq.com/s?__biz=MzIxNDIzNTcxMg==&mid=2247506759&idx=1&sn=851aa85a7e994c201ed3fa8c930ebe05) - - [ ] [UbuntuServer24.04上使用NVIDIA GeForce RTX 4060Ti部署并训练DeepSeek R1大模型](https://mp.weixin.qq.com/s?__biz=Mzg2MjYxODQ4Mw==&mid=2247484982&idx=1&sn=226d2daae237f9ead22b087b2611e457) - - [ ] [干货 | 渗透测试以及checklist模板,附PDF免费下载!](https://mp.weixin.qq.com/s?__biz=MzkxMzMyNzMyMA==&mid=2247570691&idx=1&sn=74eca2607d62024085a1edf27565aeef) - - [ ] [DeepSeek遭暴力破解 攻击IP均来自美国](https://mp.weixin.qq.com/s?__biz=MjM5MzMwMDU5NQ==&mid=2649170578&idx=1&sn=c79c88154ac6083c4d178ed4a123665b) - - [ ] [奇安信:针对DeepSeek的网络攻击再升级! 僵尸网络进场,指令激增上百倍](https://mp.weixin.qq.com/s?__biz=MjM5MzMwMDU5NQ==&mid=2649170578&idx=2&sn=19ad0e0ac08770adde15936cbc245f61) - - [ ] [从创新环境看新质生产力发展](https://mp.weixin.qq.com/s?__biz=MzI1OTExNDY1NQ==&mid=2651618932&idx=1&sn=829c061c8fe0ac244f869355102c255f) - - [ ] [僵尸网络进场,针对 DeepSeek 网络攻击再升级](https://mp.weixin.qq.com/s?__biz=MzU0NDk0NTAwMw==&mid=2247624774&idx=1&sn=5c438a523258d18082e4918e22ff51c9) - - [ ] [惊魂72小时:一场席卷Linux世界的巨大威胁是如何被阻止的](https://mp.weixin.qq.com/s?__biz=MzI5MjY4MTMyMQ==&mid=2247489858&idx=1&sn=01a4503fd428692055c9a137cd9bb0a8) - - [ ] [比特币链上大周期投资指导方案](https://mp.weixin.qq.com/s?__biz=MzI3NTcwNTQ2Mg==&mid=2247487630&idx=1&sn=532f51f67ceab5e41324cbf9a80d0432) - - [ ] [秒达工具箱:各种开发者必备的工具集合,支持Docker部署](https://mp.weixin.qq.com/s?__biz=MzA4MjkzMTcxMg==&mid=2449046776&idx=1&sn=c7985da37fee0d92ef3585fa526b3ba5) - - [ ] [DeepSeek 数据库被攻击,国外团队已公开披露漏洞](https://mp.weixin.qq.com/s?__biz=Mzg4MTkwMTI5Mw==&mid=2247488775&idx=1&sn=2b8f2e1154eb0de5e1422589ee7b4f95) - - [ ] [旧知新话说“标识”之心意篇:标识助力物流信息可追溯](https://mp.weixin.qq.com/s?__biz=MzU1OTUxNTI1NA==&mid=2247592366&idx=1&sn=28ab8739af2ccfaae353c286890cde3f) - - [ ] [DeepSeek 开源免费,大洋彼岸直接急了](https://mp.weixin.qq.com/s?__biz=MzIzNjU5NDE2MA==&mid=2247490177&idx=1&sn=8c3da180f37e24bb83cc20d6168c694a) - - [ ] [可能这就是你deepseek无法访问的原因——deepseek 漏洞(已修复)](https://mp.weixin.qq.com/s?__biz=Mzk0MDY2NTY5Mw==&mid=2247485665&idx=1&sn=ce7d065feabad43d7bd144eb57ba1115) - - [ ] [小日子已经被deepseek折服——日媒:DeepSeek模型以简单方法实现高性能](https://mp.weixin.qq.com/s?__biz=Mzk0MDY2NTY5Mw==&mid=2247485665&idx=2&sn=3648dc775f70e3d481072e9e72b21a84) - - [ ] [FtC4Wraiths CTF战队招募令:成为幽灵,掌控战场!](https://mp.weixin.qq.com/s?__biz=Mzk0NjQ2NzQ0Ng==&mid=2247485011&idx=1&sn=eab2c10d8fcd6cc7e3fbdff694b4cd7a) - - [ ] [【2025-01-30】黑客新闻摘要](https://mp.weixin.qq.com/s?__biz=MzIzNDU5NTI4OQ==&mid=2247488390&idx=1&sn=3e958dfb1428d5b530c24db97201ea53) - - [ ] [DeepSeek因软件供应链安全问题导致严重聊天记录数据泄漏](https://mp.weixin.qq.com/s?__biz=MzkwOTM0MjI5NQ==&mid=2247488049&idx=1&sn=377ab6f02bf6685c6ecd606923242cc3) - - [ ] [(吃瓜)刘农TV之渗透中遇到的神人运维](https://mp.weixin.qq.com/s?__biz=MzkzNjczNzEyMw==&mid=2247484157&idx=1&sn=597aa22f30bf086e39d157e7ba9082ad) - - [ ] [DeepSeek 大模型数据泄露被国外安全团队发现](https://mp.weixin.qq.com/s?__biz=MzU4NDY3MTk2NQ==&mid=2247491067&idx=1&sn=53535c35ef941d31f4d587b0cbd426e6) - - [ ] [利用 Unicode 溢出绕过字符阻止列表](https://mp.weixin.qq.com/s?__biz=MzAxMjYyMzkwOA==&mid=2247527393&idx=1&sn=c9213875c652ac0318560b3966348226) - - [ ] [幻影行动:朝鲜的全球数据渗透运动](https://mp.weixin.qq.com/s?__biz=MzAxMjYyMzkwOA==&mid=2247527393&idx=2&sn=9923de4ef6d306281ce4fb13f253af1d) - - [ ] [Operation Talent:FBI 查获 Nulled.to、Cracked.to、Sellix.io 等](https://mp.weixin.qq.com/s?__biz=MzAxMjYyMzkwOA==&mid=2247527393&idx=3&sn=2949b5b96b17ce834ae88fc78313dbb7) - - [ ] [nt-load-order 第二部分 - 你想知道的更多内容](https://mp.weixin.qq.com/s?__biz=MzAxODM5ODQzNQ==&mid=2247486806&idx=1&sn=cb4a4fbf16cf2ff7c0a99333cf155ca8) - - [ ] [资讯 | DeepSeek被曝数据泄漏](https://mp.weixin.qq.com/s?__biz=Mzg4MDkyMTE4OQ==&mid=2247489001&idx=1&sn=e965d2b7151b3b51e0b48dc264cc7cd2) - - [ ] [DeepSeek被海外曝出严重聊天记录数据泄漏问题](https://mp.weixin.qq.com/s?__biz=MzIyOTAxOTYwMw==&mid=2650236959&idx=1&sn=0024f87794598ce60e345aa728e8a771) - - [ ] [真假](https://mp.weixin.qq.com/s?__biz=MzAwMjQ2NTQ4Mg==&mid=2247496860&idx=1&sn=dac3717d63b7496fc260f3d91e4d5ec0) - - [ ] [越权漏洞实战漏洞报告](https://mp.weixin.qq.com/s?__biz=Mzk0NTg3ODYxNg==&mid=2247485094&idx=1&sn=300233e404ea534282f994bd51e38594) - - [ ] [功能强大的XSS自动化扫描器](https://mp.weixin.qq.com/s?__biz=MzkyNzIxMjM3Mg==&mid=2247489193&idx=1&sn=08b43c401df76f44cf749c44eb4af9c6) - - [ ] [有网安需求记得找我](https://mp.weixin.qq.com/s?__biz=MzkyNzIxMjM3Mg==&mid=2247489193&idx=2&sn=6c2c55bb757aa67cc9f21a6b40c6df40) - - [ ] [30 - 使用DInvoke和Sliver规避OpenEDR并提升权限](https://mp.weixin.qq.com/s?__biz=MzI4NTcxMjQ1MA==&mid=2247615412&idx=1&sn=3c8990ffa72d3496df8110af3260a080) - - [ ] [代码审计 | 如何获取CVE漏洞编号](https://mp.weixin.qq.com/s?__biz=MzUyODkwNDIyMg==&mid=2247547534&idx=1&sn=89f840ad1397911a18d5776cb54ed32c) - - [ ] [俄罗斯APT组织 RomCom 再次出击,针对乌克兰政府和波兰实体的网络攻击升级!](https://mp.weixin.qq.com/s?__biz=Mzg3OTYxODQxNg==&mid=2247485658&idx=1&sn=1811ccb336bf5596bc0376a10ebe3cbe) - - [ ] [deepseek写的对联,总感觉有点不对劲🐶](https://mp.weixin.qq.com/s?__biz=MzkzNDIzNDUxOQ==&mid=2247494633&idx=1&sn=644193027ce66213cffde32a42bad868) - - [ ] [【已修复】DeepSeek数据库暴露,泄露包括聊天记录在内的敏感信息](https://mp.weixin.qq.com/s?__biz=MzkzNDIzNDUxOQ==&mid=2247494633&idx=2&sn=62ef49860992fd84fbebc9fbae2d8839) - - [ ] [Wiz研究发现暴露的DeepSeek数据库泄露敏感信息,包括聊天记录](https://mp.weixin.qq.com/s?__biz=MzkxNjMwNDUxNg==&mid=2247487248&idx=1&sn=24a5ae9036da7d03afb83c9dd679255b) - - [ ] [🐍年好~~嘶嘶嘶](https://mp.weixin.qq.com/s?__biz=MzU4Mzc4MDQyOQ==&mid=2247484414&idx=1&sn=0caae77933f7012d33420541deab9019) - - [ ] [【2025春节】解题领红包活动开始喽,解出就送论坛币!\\n\\n第一题送分题有手就行(不需有脑,已有 1376 位会员完成此任务)。\\n\\n第二题 Windows 初级题 14点整 上线,题目很简单,如果你对逆向分析感兴趣,不妨借此机会自学尝试,让这次活动真正成为你技能提升的阶梯。](https://mp.weixin.qq.com/s?__biz=MjM5Mjc3MDM2Mw==&mid=2651141658&idx=1&sn=11067b00a771b8ee9bd4c4d0da1e8908) - - [ ] [当DDoS成为DeepSeek的进化催化剂](https://mp.weixin.qq.com/s?__biz=MzUzNjkxODE5MA==&mid=2247488198&idx=1&sn=294befdcf4fe9033a98c6148815a0ec1) - - [ ] [初二娘家暖 祥蛇护亲安](https://mp.weixin.qq.com/s?__biz=MzU0MjEwNTM5Ng==&mid=2247520422&idx=1&sn=ca4a601872c8ca514160ea4117463939) - - [ ] [本地部署 deepseek-r1 模型](https://mp.weixin.qq.com/s?__biz=Mzk0MzY3MDE5Mg==&mid=2247484010&idx=1&sn=d298326b0ef79202e6e0093216ebaa82) - - [ ] [美军对DeepSeek“出手”了!DeepSeek遭恶意攻击,攻击IP均来自美国!](https://mp.weixin.qq.com/s?__biz=MzAwMjA5OTY5Ng==&mid=2247525698&idx=1&sn=131f65bb9cab76e179f85720d4c77212) - - [ ] [大年初二 | 金蛇迎春,福“巳”绵延](https://mp.weixin.qq.com/s?__biz=MzA4MTg0MDQ4Nw==&mid=2247579270&idx=1&sn=07b4d333a5b2f57048e51d6aa8cc4224) - - [ ] [太丢人了](https://mp.weixin.qq.com/s?__biz=Mzg5NjY4NDg1Nw==&mid=2247483948&idx=1&sn=c78c4f6b64f4e732bb3fcbe3684d3819) - - [ ] [DeepSeek与其他大模型网络安全领域测评](https://mp.weixin.qq.com/s?__biz=Mzg4NDg3NjE5MQ==&mid=2247485615&idx=1&sn=2faa9a9f50deaf18f69117424391d9a5) - - [ ] [多次加密攻击](https://mp.weixin.qq.com/s?__biz=MzI1NzUxOTUzMA==&mid=2247485786&idx=1&sn=ef2f09bcc5eb7ecad5b545295bf5be21) - - [ ] [2025网络暴露危机报告:45%第三方应用越权访问用户数据](https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651313208&idx=1&sn=21db4a4d88530fd63cdb722001dad229) - - [ ] [Banshee Stealer新变种正借Apple XProtect加密技术躲避杀毒软件](https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651313208&idx=2&sn=428f13d4f84f8d084d6730cfab69b9cb) - - [ ] [上千个恶意域名正在仿冒Reddit和WeTransfer](https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651313208&idx=3&sn=e2d553ae7f7a6dab81dc2d0f81f9d42f) - - [ ] [如何使用LDAPX动态检查和转换LDAP数据包](https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651313208&idx=4&sn=d1471190e17067ad31fd0a762ad813d1) - - [ ] [Redis数据库主从复制RCE影响分析](https://mp.weixin.qq.com/s?__biz=MjM5MjEyMTcyMQ==&mid=2651037457&idx=1&sn=32e47044585804b9f31934fb3a7a3f5c) - - [ ] [大年初二 画蛇添福](https://mp.weixin.qq.com/s?__biz=Mzg2MTU5ODQ2Mg==&mid=2247507174&idx=1&sn=af46b8c1bdd9e12e5913225f518e1e09) - - [ ] [新年新挑战,红日安全不打烊!携手同行,保障数字世界,迎接无限机遇!💻💼](https://mp.weixin.qq.com/s?__biz=MzI4NjEyMDk0MA==&mid=2649851771&idx=1&sn=e32da143725cb1281d784159a2d92a85) - - [ ] [数字取证之数据收集u200c](https://mp.weixin.qq.com/s?__biz=MjM5OTk4MDE2MA==&mid=2655264859&idx=1&sn=5157da074859752737fca3e1377e830b) - - [ ] [公众号爆款突破10万+是种什么体验?](https://mp.weixin.qq.com/s?__biz=Mzk0MTI4NTIzNQ==&mid=2247492229&idx=1&sn=fb6516c2c50768440203194bf072ef8f) - - [ ] [网安原创文章推荐【2025/1/29】](https://mp.weixin.qq.com/s?__biz=MzAxNzg3NzMyNQ==&mid=2247489523&idx=1&sn=b774285745567a078a25412d369d42e3) - - [ ] [Qwen 2.5横空出世:阿里大模型超越DeepSeek-V3](https://mp.weixin.qq.com/s?__biz=Mzk0ODY1NzEwMA==&mid=2247486600&idx=1&sn=8759e5cb59a7ae3a10f4e360ae1343c8) - - [ ] [DeepSeek已遭美西方全面围剿:各种放大后的问题及恶意舆论接踵而至](https://mp.weixin.qq.com/s?__biz=MzkyMjQ5ODk5OA==&mid=2247507157&idx=1&sn=705ed2698837c80532fbdcaa33a20411) - - [ ] [暗网情报6则:阿根廷电信公司数据泄露-260G登录凭证兜售-以色列国家安全部遭黑](https://mp.weixin.qq.com/s?__biz=MzkyMjQ5ODk5OA==&mid=2247507157&idx=2&sn=32183d1acca665f6055c418febf0b72a) - - [ ] [5th域安全微讯早报【20250130】026期](https://mp.weixin.qq.com/s?__biz=MzkyMjQ5ODk5OA==&mid=2247507157&idx=3&sn=678b70aba584829d92026c69f41dad6a) - - [ ] [DeepSeek与ChatGPT代码审计能力对比与分析](https://mp.weixin.qq.com/s?__biz=MzU5OTMxNjkxMA==&mid=2247488582&idx=1&sn=48f04da2ac9254f4e9bcaba0a14431a5) - - [ ] [ScanV、ScanA:监测违规防患,事件安全无虞](https://mp.weixin.qq.com/s?__biz=MjM5NzA3Nzg2MA==&mid=2649870840&idx=1&sn=eb6c30950bf84dd86835312726abf657) - - [ ] [阿里巴巴发布Qwen 2.5系列新模型,宣称超越 DeepSeek-V3](https://mp.weixin.qq.com/s?__biz=Mzg4Njc1MTIzMw==&mid=2247485776&idx=1&sn=73a8b2ee13adf483ccc862bea60a6657) - - [ ] [知识星球持续更新](https://mp.weixin.qq.com/s?__biz=Mzg4Njc1MTIzMw==&mid=2247485776&idx=2&sn=6cab966e4a4f99fd7f1a7f60f7177a88) - - [ ] [大年初二丨安天睿甲给您拜年了](https://mp.weixin.qq.com/s?__biz=MjM5MTA3Nzk4MQ==&mid=2650209904&idx=1&sn=2d3424335c5408deda2ab07b51876c54) - - [ ] [初二 | 愿家人和和美美,吉祥安康!](https://mp.weixin.qq.com/s?__biz=MzU4NjY4MDAyNQ==&mid=2247497079&idx=1&sn=081d5bd8e78c90a7d1bcba0e251b48ea) - - [ ] [记一次绕过阿里云waf与某不知名waf的双waf上传getshell](https://mp.weixin.qq.com/s?__biz=Mzk0Mzc1MTI2Nw==&mid=2247487348&idx=1&sn=2c7a4d59b64392a92053475c8096f285) - - [ ] [正月初二| 有蛇有得 团团圆圆](https://mp.weixin.qq.com/s?__biz=MzI2MzU0NTk3OA==&mid=2247506081&idx=1&sn=c7bc814576e63a573c12fae1a2f9aefe) - - [ ] [捷普基础产品线,守护基础设施安全](https://mp.weixin.qq.com/s?__biz=MzI2MzU0NTk3OA==&mid=2247506081&idx=2&sn=95cf7a673991ce095ee9525401f5f855) - - [ ] [【焕新领先】捷普下一代防火墙](https://mp.weixin.qq.com/s?__biz=MzI2MzU0NTk3OA==&mid=2247506081&idx=3&sn=0776637513dd08e8549e6e036951db3e) - - [ ] [ISO 45001: 2018 标准详解与实施(11)6.1.3 法律法规要求和其他要求的确定](https://mp.weixin.qq.com/s?__biz=MzA5OTEyNzc1Nw==&mid=2247486050&idx=1&sn=2750be0dbb0d7015b92061bb993add86) - - [ ] [初二](https://mp.weixin.qq.com/s?__biz=MzUyMjAyODU1NA==&mid=2247491947&idx=1&sn=1d01beee8ad4061189c478e349ef78d7) - - [ ] [DeepSeek的强大,一句话让AI帮我写了个程序-流量安全分析研判工具](https://mp.weixin.qq.com/s?__biz=MzkxMTUwOTY1MA==&mid=2247490145&idx=1&sn=a932062265ad24982beeee1706d70d4d) - - [ ] [大年初二 | 金蛇纳福,好事成双](https://mp.weixin.qq.com/s?__biz=MzA3OTMxNTcxNA==&mid=2650963505&idx=1&sn=b6d789ba930e09c363ebc1f9444849d6) - - [ ] [正月初二归家暖!亚信安全祝大家蛇全蛇美,蛇行大运](https://mp.weixin.qq.com/s?__biz=MjM5NjY2MTIzMw==&mid=2650620959&idx=1&sn=7d3ca2f816e618a8e9e764ebd74f3644) - - [ ] [大年初二 二龙腾飞](https://mp.weixin.qq.com/s?__biz=MjM5NzE0NTIxMg==&mid=2651135289&idx=1&sn=ccfa447f9bf7ccfdf2f578f6b4f71e1d) - - [ ] [大年初二 | 眉开眼笑回娘家](https://mp.weixin.qq.com/s?__biz=Mzk0MDQ5MTQ4NA==&mid=2247487428&idx=1&sn=7f6bc2eb6c48e2d05a319a51de44f0c3) - - [ ] [CIO启示录:技术管理如何突破效率天花板](https://mp.weixin.qq.com/s?__biz=Mzg4Nzk3MTg3MA==&mid=2247487724&idx=1&sn=992966ac782bfff5f58a78669566cd34) - - [ ] [2025常见的网络安全服务大全(汇总详解)](https://mp.weixin.qq.com/s?__biz=MzIwMzIyMjYzNA==&mid=2247517988&idx=1&sn=71db8ddc34dbb5bd2e9fce7b232edaaf) - - [ ] [初二:好运连连](https://mp.weixin.qq.com/s?__biz=MzU0NDk0NTAwMw==&mid=2247624762&idx=1&sn=47241d7f7296e0089b5da756046322f0) - - [ ] [初二|燃炮迎春盼福至 网站弹窗鉴虚实](https://mp.weixin.qq.com/s?__biz=MzkxNDY0MjMxNQ==&mid=2247532957&idx=1&sn=9932467d97cae7cd76bdb1790358e7cc) - - [ ] [【初二】安全一路相随 团聚近在眼前](https://mp.weixin.qq.com/s?__biz=MjM5NTE0MjQyMg==&mid=2650624574&idx=1&sn=d10e6d1823438874c6e7929eb90b1e97) - - [ ] [2025年最可能的五种网络攻击,你的企业准备好了吗?](https://mp.weixin.qq.com/s?__biz=Mzg4NDc0Njk1MQ==&mid=2247487182&idx=1&sn=3c76f4710e63ed2414babafceda9eec1) - - [ ] [诸葛亮教你如何应对APT攻击](https://mp.weixin.qq.com/s?__biz=MzAwMjQ2NTQ4Mg==&mid=2247496849&idx=1&sn=d3276fd13b7a991e2e1c5cbbb41a3b4c) - - [ ] [国自然中标真不难!十年评审专家1v1精修你的本子,中标率提升58%](https://mp.weixin.qq.com/s?__biz=MzAwMjQ2NTQ4Mg==&mid=2247496849&idx=2&sn=41d0f5a68ff64924994dc39112bf9672) - - [ ] [初二 | 姻缘美满](https://mp.weixin.qq.com/s?__biz=MzIxNTQxMjQyNg==&mid=2247493741&idx=1&sn=e36485b394ed47daf3a04225998efbe1) -- Recent Commits to cve:main - - [ ] [Update Thu Jan 30 20:25:02 UTC 2025](https://github.com/trickest/cve/commit/630b95e7243b0245cde3df59fe484976ce30e2ee) - - [ ] [Update Thu Jan 30 12:18:33 UTC 2025](https://github.com/trickest/cve/commit/6d2f59a5338e9b0f9fda557d99080a0f50fd20af) - - [ ] [Update Thu Jan 30 04:17:50 UTC 2025](https://github.com/trickest/cve/commit/9cf77fc7fab952fdfcbf1e41b07c41bd3ecd8cd6) -- Armin Ronacher's Thoughts and Writings - - [ ] [How I Use AI: Meet My Promptly Hired Model Intern](http://lucumr.pocoo.org/2025/1/30/how-i-ai) -- Trustwave Blog - - [ ] [How Trustwave’s Fusion Platform Analyzes Ransomware Tactics in the Energy Sector: A Comprehensive Overview](https://www.trustwave.com/en-us/resources/blogs/trustwave-blog/how-trustwaves-fusion-platform-analyzes-ransomware-tactics-in-the-energy-sector-a-comprehensive-overview/) -- 一个被知识诅咒的人 - - [ ] [【Python】深入探索Python元类:动态生成类与对象的艺术](https://blog.csdn.net/nokiaguy/article/details/145397730) - - [ ] [【Python】深入理解Python中的装饰器链:创建组合装饰器的技巧与实践](https://blog.csdn.net/nokiaguy/article/details/145397710) -- gynvael.coldwind//vx.log (en) - - [ ] [On hackers, hackers, and hilarious misunderstandings](https://gynvael.coldwind.pl/?id=799) -- Flexera Blog - Feed - - [ ] [Cyber-Resilience regulations are here—is your organization ready?](https://www.flexera.com/blog/security/cyber-resilience-regulations-are-here-is-your-organization-ready/) -- Private Feed for M09Ic - - [ ] [safedv starred DebugPrivilege/InsightEngineering](https://github.com/DebugPrivilege/InsightEngineering) - - [ ] [LinuxJS started following M09Ic](https://github.com/M09Ic) -- Twitter @bytehx - - [ ] [Re @CristiVlad25 @SynackRedTeam Yes!](https://x.com/bytehx343/status/1884928882094268475) - - [ ] [Thanks @SynackRedTeam](https://x.com/bytehx343/status/1884926738385580064) -- Trail of Bits Blog - - [ ] [PyPI now supports archiving projects](https://blog.trailofbits.com/2025/01/30/pypi-now-supports-archiving-projects/) -- Reverse Engineering - - [ ] [ReSym: Harnessing LLMs to Recover Variable and Data Structure Symbols from Stripped Binaries [PDF]](https://www.reddit.com/r/ReverseEngineering/comments/1idxr88/resym_harnessing_llms_to_recover_variable_and/) - - [ ] [Decompiling 2024: A Year of Resurgance in Decompilation Research](https://www.reddit.com/r/ReverseEngineering/comments/1idb0wg/decompiling_2024_a_year_of_resurgance_in/) - - [ ] [arm64 PC-relative addressing fun](https://www.reddit.com/r/ReverseEngineering/comments/1idmknl/arm64_pcrelative_addressing_fun/) - - [ ] [College Survey on AI-Enhanced Phishing and Cybersecurity Training Effectiveness](https://www.reddit.com/r/ReverseEngineering/comments/1idq68v/college_survey_on_aienhanced_phishing_and/) + - [ ] [秦安:这是中国股市成立以来,最值得乐观的春节前最后一个交易日](https://mp.weixin.qq.com/s?__biz=MzA5MDg1MDUyMA==&mid=2650476426&idx=1&sn=50f4e5bfae2cddbed3033316cd279398) + - [ ] [秦安:这么多利好,股市为何还跌?看清“五个事关”,踏实过好年](https://mp.weixin.qq.com/s?__biz=MzA5MDg1MDUyMA==&mid=2650476426&idx=2&sn=a4c95c840c04ceeaca228ced725ace44) + - [ ] [秦安:感恩冰天雪地慰问,发红包回馈员工,警惕倒行逆施制造事端](https://mp.weixin.qq.com/s?__biz=MzA5MDg1MDUyMA==&mid=2650476426&idx=3&sn=a812a2b943cdec6f328ebfa5bffe5fe2) + - [ ] [牟林:特朗普夺取格陵兰岛的可能性有多大?](https://mp.weixin.qq.com/s?__biz=MzA5MDg1MDUyMA==&mid=2650476426&idx=4&sn=e7892f7b8a98ef98eb2a0c2193de7450) + - [ ] [牟林:特朗普到底是要美国伟大还是自己伟大?](https://mp.weixin.qq.com/s?__biz=MzA5MDg1MDUyMA==&mid=2650476426&idx=5&sn=9429ab8ea944af973f22f0c683becd06) + - [ ] [放开双手 !SQL注入Fuzzing字典 (270个)](https://mp.weixin.qq.com/s?__biz=MzU2MTc4NTEyNw==&mid=2247486455&idx=1&sn=a774a64f04eac6941ef46359daa39ac2) + - [ ] [VLAN划分的三种方法,网络工程师收藏!](https://mp.weixin.qq.com/s?__biz=MzUyNTExOTY1Nw==&mid=2247528053&idx=1&sn=6c0a07662b4584eb394bb215e6a13f2e) + - [ ] [DeepSeek:AI时代的新探索者,开启智能革命的新篇章](https://mp.weixin.qq.com/s?__biz=Mzk2NDE5MDgxOQ==&mid=2247484823&idx=1&sn=368f5bbf4e0a91a06214f934a1a4f054) + - [ ] [【AI】DeepSeek 概念/影响/使用/部署](https://mp.weixin.qq.com/s?__biz=MzUyNTUyNTA5OQ==&mid=2247484873&idx=1&sn=b8520d6aae393acbc9010a4553c5b460) + - [ ] [2025年最新推荐的5款堡垒机,打造安全网络防线,秒收藏!](https://mp.weixin.qq.com/s?__biz=MzIyMzIwNzAxMQ==&mid=2649464771&idx=1&sn=56ced5ebaeea813e0f0bd666f3499426) + - [ ] [1.8s修复+反制,希望我的那些甲方和运维好好学一学](https://mp.weixin.qq.com/s?__biz=MzkyNTQ0OTYxOQ==&mid=2247483993&idx=1&sn=e4c7eb082905f0e214c28eeaba4624ea) + - [ ] [Deepseek是如何被黑掉的](https://mp.weixin.qq.com/s?__biz=MzIzMTIzNTM0MA==&mid=2247496994&idx=1&sn=d77c2e01b0dd8e2cb783fe7214e688c4) + - [ ] [世界需要一个能谋善断的AI(四)共生法则:当“谋士”遇见“统帅”](https://mp.weixin.qq.com/s?__biz=MzAxOTk3NTg5OQ==&mid=2247492290&idx=1&sn=4537403e0c9e2e62764f5869e078451a) + - [ ] [【原创】Ubuntu Server 18.04上,使用一张4060Ti显卡本地部署DeepSeek V3大模型训练](https://mp.weixin.qq.com/s?__biz=Mzg2MjYxODQ4Mw==&mid=2247484986&idx=1&sn=b99ed54ac81f3de4bd9b0b75d6692e4d) + - [ ] [分享的图片、视频、链接](https://mp.weixin.qq.com/s?__biz=Mzk2NDIwNzE5Ng==&mid=2247487394&idx=1&sn=8bfce153c1344cd33503da56dc6c7fd0) + - [ ] [DeepSeek-V2:一个强大、经济和高效的专家混合语言模型](https://mp.weixin.qq.com/s?__biz=MjM5OTk4MDE2MA==&mid=2655264904&idx=1&sn=b57987cc358dc5471b3c849b27669270) + - [ ] [《零零六》应急神器:月落中间件日志分析工具,全中间件日志均可分享,百万行日志如同切菜](https://mp.weixin.qq.com/s?__biz=Mzg4NDk4MTk5OA==&mid=2247485532&idx=1&sn=b8f7ae238b162c298e29f192d577ab87) + - [ ] [警惕|售前入狱指南:从面向监狱编程到面向监狱投标](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485484&idx=1&sn=4c7b3d7e39d2150ff68c604547f17ab9) + - [ ] [北七家-未来科学城,3居变4居豪装,理想楼层/户型/朝向](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485484&idx=2&sn=6e24ad74f8b9aa1cfc7cdb80e8c4af32) + - [ ] [【干货】笑傲职场的独家经验(1)](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485484&idx=3&sn=176e2b4dabd62cf6133ccd18cebc238a) + - [ ] [【干货原创】实网攻防演习常态化,会带来什么变化01](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485484&idx=4&sn=83a9db7a7edfea3c082777c7e1e385b3) + - [ ] [【干货原创】K12教育,鲜为人知的模式秘密](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485484&idx=5&sn=f7e9bbdfdb9b130753e700ceb13a0e9c) + - [ ] [原创文章目录](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485484&idx=6&sn=ba36a6cc5cac726e99a8383b23b04fbe) + - [ ] [Dark101勒索病毒实战分析](https://mp.weixin.qq.com/s?__biz=MzA4ODEyODA3MQ==&mid=2247490247&idx=1&sn=1fa03f99607f5e0c716d503466fdb9d6) + - [ ] [破解大脑防火墙:黑客式自控力提升指南(春节特别版)](https://mp.weixin.qq.com/s?__biz=MzU0NDc0NTY3OQ==&mid=2247488425&idx=1&sn=5f38984f963693eee431f1edacbc928e) + - [ ] [Ollama+DeepSeek+AnythingLLM搭建个人AI知识库](https://mp.weixin.qq.com/s?__biz=Mzg2ODc0Mjc0Mw==&mid=2247484177&idx=1&sn=6e2fc13cf7e00b48395558c104b0773d) + - [ ] [告别命令行!DeepSeek本地运行可视化指南:从安装到交互界面实战](https://mp.weixin.qq.com/s?__biz=MzU3Mjk2NDU2Nw==&mid=2247492552&idx=1&sn=402d5fb57f89d62a333008877fafe951) + - [ ] [三个小技巧(二)](https://mp.weixin.qq.com/s?__biz=MjM5NDcxMDQzNA==&mid=2247489395&idx=1&sn=befd90cc96a0a37eb3aff5412bf52dde) + - [ ] [安全圈瓜田理下集合【2025/1/31】](https://mp.weixin.qq.com/s?__biz=MzAxNzg3NzMyNQ==&mid=2247489534&idx=1&sn=17b382547ab13aa20e5bb705d28c4e5d) + - [ ] [web应急之各中间件日志保存位置](https://mp.weixin.qq.com/s?__biz=MzU4NTg4MzIzNA==&mid=2247484358&idx=1&sn=d537fdb218cc12823147e284dbb35d76) + - [ ] [网络安全入门必知的攻击方法](https://mp.weixin.qq.com/s?__biz=MzI3NzM5NDA0NA==&mid=2247490339&idx=1&sn=8d98eac3f1e2cf716da9844f415f3d39) + - [ ] [仅80元,用ESP32 开发板 DIY一个AI大模型瓦力机器人,可接入DeepSeek、OpenAI](https://mp.weixin.qq.com/s?__biz=MjM5OTA4MzA0MA==&mid=2454936748&idx=1&sn=910a43dcda1073b8061c817da504189c) + - [ ] [【谨防诈骗】DeepSeek 的大流量引发的假冒诈骗](https://mp.weixin.qq.com/s?__biz=Mzk0NDU1NTA5MA==&mid=2247484408&idx=1&sn=7381fe4211cc20dbd84a27f5a2207a62) + - [ ] [大年初三 | 新春万福 聚财纳福!](https://mp.weixin.qq.com/s?__biz=MzkzMjE5MTY5NQ==&mid=2247503442&idx=1&sn=af8273c40dcc9f97ebf68761a3d37a9a) + - [ ] [(吃瓜)神人TV之网安姜萍——CTF圈PY之神,民办“清华”哥](https://mp.weixin.qq.com/s?__biz=MzkzNjczNzEyMw==&mid=2247484186&idx=1&sn=dcd2d7bab9054490e1826758361cc7aa) + - [ ] [如何快速的在本地搭建 deepseek (小白一学就会)](https://mp.weixin.qq.com/s?__biz=Mzg4NzgzMjUzOA==&mid=2247485474&idx=1&sn=954535d81510437ec8f706144bc91b74) + - [ ] [AI风险分析 | 从Freysa转账案例看智能体应用的潜在风险](https://mp.weixin.qq.com/s?__biz=MzkyMTI0NjA3OA==&mid=2247494055&idx=1&sn=1a0b66065e3db8d26597a12328032d82) + - [ ] [在汽车行业实现卓越的网络安全和合规性 - 一个真实的案例研究](https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247620273&idx=1&sn=89354977edba60af567bd946514124cd) + - [ ] [推进汽车网络安全:弥合鸿沟,拥抱机遇](https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247620273&idx=2&sn=8020625a5bfbe49f838a4783b82b9587) + - [ ] [掌握模糊测试-如何在法规遵从中克服网络安全挑战](https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247620273&idx=3&sn=81d8a8e66ef322e532fdb9b8d7b1021a) + - [ ] [每周高级威胁情报解读(2025.01.24~01.31)](https://mp.weixin.qq.com/s?__biz=MzI2MDc2MDA4OA==&mid=2247513888&idx=1&sn=2a5b30e99a3f23b7dbe60666c3d81cca) + - [ ] [攻击再次升级,DeepSeek被网络攻击的真凶?](https://mp.weixin.qq.com/s?__biz=Mzg2NDYwMDA1NA==&mid=2247543659&idx=1&sn=156fe9160529ef9165dd4a443b781c7c) + - [ ] [Deepseek核心成员学历及薪资,最高110K](https://mp.weixin.qq.com/s?__biz=Mzg2NDYwMDA1NA==&mid=2247543659&idx=2&sn=f80909372d13c0dba56d7282eb1ef9bf) + - [ ] [【实操】美国客机与黑鹰直升机相撞的视频、音频、轨迹回放及遇难机组和乘客](https://mp.weixin.qq.com/s?__biz=MzI2MTE0NTE3Mw==&mid=2651148793&idx=1&sn=03180450dc0a7ac7bb10d75ce4ca6d3c) + - [ ] [水洞扫描工具 -- PenSafe](https://mp.weixin.qq.com/s?__biz=MzkxMzMyNzMyMA==&mid=2247570692&idx=1&sn=ef1d45f4f6f3b1eb949acb33510daaa9) + - [ ] [高级 DNS 攻击:投毒与利用](https://mp.weixin.qq.com/s?__biz=MzAxMjYyMzkwOA==&mid=2247527421&idx=1&sn=96068eceb823d6761b0f08fc7dd9ae35) + - [ ] [破解 Active Directory — CrackMapExec 传递哈希值:探索 AD 攻击技术](https://mp.weixin.qq.com/s?__biz=MzAxMjYyMzkwOA==&mid=2247527421&idx=2&sn=100eff74c2040603d8c90616e868cb7d) + - [ ] [DeepSeek暴露出的典型网络安全问题](https://mp.weixin.qq.com/s?__biz=MzA4MzMzOTQ4Mw==&mid=2453672535&idx=1&sn=ad93fe6c0a53d44203ada57225a5b660) + - [ ] [DeepSeek黑科技:当AI化身网络世界的\"超级保镖\",黑客慌了!](https://mp.weixin.qq.com/s?__biz=MzIyODU4MzcyMQ==&mid=2247485427&idx=1&sn=292e05b010cda839b87aa17699b84f1e) + - [ ] [DeepSeek的强大,一句话让AI帮我写了个程序-流量安全分析研判工具](https://mp.weixin.qq.com/s?__biz=Mzg2NTk4MTE1MQ==&mid=2247486497&idx=1&sn=5ec5098395786fd3ea02d05786a5558d) + - [ ] [仿生人deepseek会梦见电子cnvd吗](https://mp.weixin.qq.com/s?__biz=MzIxOTQ1OTY4OQ==&mid=2247486313&idx=1&sn=d6bb43d09876844acfba07a896c6ee15) + - [ ] [从deepseek看ddos攻击](https://mp.weixin.qq.com/s?__biz=MzkxNTY4NTQwMg==&mid=2247484298&idx=1&sn=2a90ffda25b5a3c5142512fb51d9ad86) + - [ ] [这真是大沙笔](https://mp.weixin.qq.com/s?__biz=MzkzMjQ0MTk1OQ==&mid=2247484076&idx=1&sn=0c9c05e859a43886a8c34b7cd5667f73) + - [ ] [伪造cookie进入后台](https://mp.weixin.qq.com/s?__biz=MzkxNzY2MjU2Mg==&mid=2247483807&idx=1&sn=9a1c99c32c84640da7f966692a981b71) + - [ ] [旧知新话说“标识”之生意篇:基于标识的智能仓储保障年货供应](https://mp.weixin.qq.com/s?__biz=MzU1OTUxNTI1NA==&mid=2247592383&idx=1&sn=46b4e9e8667a84be60382140e6d8e931) + - [ ] [州弟的靶场练习 - HEYBBS 2.1 审计](https://mp.weixin.qq.com/s?__biz=Mzg4MTkwMTI5Mw==&mid=2247488820&idx=1&sn=d24fff0083c62bbb08de7522ddcfb191) + - [ ] [哥斯拉二开从0到1-2(免杀)](https://mp.weixin.qq.com/s?__biz=MzAxNzkyOTgxMw==&mid=2247493840&idx=1&sn=3482149c0823f566085f61a99735ad9e) + - [ ] [deepseek本地部署+web图形化页面配置+对比其他ai模型](https://mp.weixin.qq.com/s?__biz=Mzk1NzE0ODk3Nw==&mid=2247491155&idx=1&sn=c4f6531eef133548b6676af5a9a5c1bf) + - [ ] [夜鹰(NightHawk)C2工具-泄露部分](https://mp.weixin.qq.com/s?__biz=MzkwOTE5MDY5NA==&mid=2247504834&idx=1&sn=9111b67c602d807277dacf1aa967d974) + - [ ] [2025年1月 一批网络安全相关新规开始施行!](https://mp.weixin.qq.com/s?__biz=MzIxNDIzNTcxMg==&mid=2247506760&idx=1&sn=19e9444d7721854b8c39f29f151fa0f9) + - [ ] [收藏 | dotNet安全矩阵 2024 年度逆向调试分析阶段文章和工具汇总](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498584&idx=1&sn=d85935a8bccaf28b5e5203c9cd937ea9) + - [ ] [.NET 内网攻防实战电子报刊](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498584&idx=2&sn=3d15023570e640313e68870e0ee24904) + - [ ] [收藏 | dotNet安全矩阵 2024 年度外网入口打点阶段文章和工具汇总](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498584&idx=3&sn=8e71ffa26350c09847ab769b9dbedcc2) + - [ ] [收藏 | dotNet安全矩阵 2024 年度目标权限维持阶段文章和工具汇总](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498584&idx=4&sn=d14acdfea6504a47d1e46e7c8f38cf54) + - [ ] [Linux基础命令(二)](https://mp.weixin.qq.com/s?__biz=Mzk1Nzc0MzY3NA==&mid=2247483753&idx=1&sn=49384ed01ecedc2565a44a132b272d09) + - [ ] [滥用多播投毒实现预认证 Kerberos 中继](https://mp.weixin.qq.com/s?__biz=MzAxODM5ODQzNQ==&mid=2247486893&idx=1&sn=2c0a70c6f644cacbabbec21d304946a6) + - [ ] [DeepSeek爆火快来搭建私有ChatGPT_deepseek成为你私有化](https://mp.weixin.qq.com/s?__biz=MzI2OTk4MTA3Ng==&mid=2247496962&idx=1&sn=ad190b15e766558d2b057e80e5eb864d) + - [ ] [手把手教大家学习DeepSeek新手必看!全功能详解与实操指南,带你逆袭成AI大神](https://mp.weixin.qq.com/s?__biz=MzI2OTk4MTA3Ng==&mid=2247496962&idx=2&sn=464bca3a03a1e209a0aff4cedb8341ad) + - [ ] [年已过半,该收拾收拾,准备打工去了......](https://mp.weixin.qq.com/s?__biz=MzUzNjkxODE5MA==&mid=2247488209&idx=1&sn=24d45d27215ad6616e7ad11724e25609) + - [ ] [这个世界这么抽象的嘛](https://mp.weixin.qq.com/s?__biz=Mzk0MzY3MDE5Mg==&mid=2247484024&idx=1&sn=164631b9aaa65c09dca95bc893f744ee) + - [ ] [我毕生玩抽象,也玩不过这些真正的大沙币](https://mp.weixin.qq.com/s?__biz=MzkyOTQzNjIwNw==&mid=2247491645&idx=1&sn=8b35f7286af6ab00b755190330bb4c79) + - [ ] [【2025春节】解题领红包活动排行榜(初三 1/31)](https://mp.weixin.qq.com/s?__biz=MjM5Mjc3MDM2Mw==&mid=2651141663&idx=1&sn=63c355a201f947c905a68b07647ab32a) + - [ ] [惊天一撞,华盛顿客机与直升机空难背后的真相!](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650559372&idx=1&sn=0410ce8851f28ddbc609457ae73483de) + - [ ] [美国为何对 DeepSeek 如此“上心”?一场科技博弈的真相](https://mp.weixin.qq.com/s?__biz=MzkwNzM0NzA5MA==&mid=2247505068&idx=1&sn=4bf2334b280b144d562ac07095958acd) + - [ ] [俄罗斯APT威胁英国及其盟友,英政府高官发出警告](https://mp.weixin.qq.com/s?__biz=Mzg3OTYxODQxNg==&mid=2247485659&idx=1&sn=9a1f88742398761691e3da98dddfddcb) + - [ ] [2024 年渗透测试路线图:从初学者到受聘的 8 个步骤](https://mp.weixin.qq.com/s?__biz=Mzg4NzgyODEzNQ==&mid=2247488640&idx=1&sn=6823a2045bf297fd8f81e176be33a15f) + - [ ] [WVP-GB28181摄像头管理平台user信息泄露漏洞](https://mp.weixin.qq.com/s?__biz=MzkyOTg3ODc5OA==&mid=2247484326&idx=1&sn=ec20d154a16e5fff47cb40da8080cff7) + - [ ] [这才是DeepSeek的正确使用方式!你还在用GPT那套就废了,春节前最后预警](https://mp.weixin.qq.com/s?__biz=MzkxNjMwNDUxNg==&mid=2247487250&idx=1&sn=8515efa2ae03b73faf0154fcac23f1ac) + - [ ] [如何找到更多漏洞赏金的子域?深入了解 Recon](https://mp.weixin.qq.com/s?__biz=MzkwOTE5MDY5NA==&mid=2247504783&idx=1&sn=0b286a996a793e420114b78a4ab28260) + - [ ] [太专业了 | 看完直呼学到了](https://mp.weixin.qq.com/s?__biz=Mzk0NzQxNzY2OQ==&mid=2247488121&idx=1&sn=5b995263cc37edcb4b5b49b0c9e04fbd) + - [ ] [三大暗网论坛被FBI查封:Nulled.to、Cracked.to、Sellix.io](https://mp.weixin.qq.com/s?__biz=MzkzNDIzNDUxOQ==&mid=2247494660&idx=1&sn=78a7e764b99312cacb05bbc152126f47) + - [ ] [Claude的CEO表示:AI可能改变一切,AI监管迫在眉睫](https://mp.weixin.qq.com/s?__biz=MzkzNDIzNDUxOQ==&mid=2247494660&idx=2&sn=1fec4b47ea7ed7cf1ffa7a383a2c1720) + - [ ] [[0131] 一周重点威胁情报|天际友盟情报站](https://mp.weixin.qq.com/s?__biz=MzIwNjQ4OTU3NA==&mid=2247510031&idx=1&sn=96238f2c438e027f989dc96653204673) + - [ ] [【JAVA代码审计】bootplus 管理系统审计](https://mp.weixin.qq.com/s?__biz=Mzg4MTkwMTI5Mw==&mid=2247488801&idx=1&sn=23d3e5f6c01320523c5495ca12df4bf2) + - [ ] [DeepSeek 数据库未授权访问漏洞,导致大量数据泄露](https://mp.weixin.qq.com/s?__biz=MzIxMTg1ODAwNw==&mid=2247500544&idx=1&sn=ebf9f3fcb46a7bcadad135da1b6e8fd8) + - [ ] [美国对DeepSeek“出手”了!AI大模型如何迎战网络恶意攻击?](https://mp.weixin.qq.com/s?__biz=MjM5NzA3Nzg2MA==&mid=2649870870&idx=1&sn=7685e470c401fdb0831d90ac129b068f) + - [ ] [创宇猎幽NDR流量监测系统:向前防御,威胁检测](https://mp.weixin.qq.com/s?__biz=MjM5NzA3Nzg2MA==&mid=2649870870&idx=2&sn=72942469d7ee4ea63b7171dd6e606c62) + - [ ] [医疗行业数据安全风险评估实践指南(二)](https://mp.weixin.qq.com/s?__biz=Mzg2NjY2MTI3Mg==&mid=2247498376&idx=1&sn=8f7f3f907a84a2b5a13e4e552247526a) + - [ ] [无参数读文件和RCE的利用研究](https://mp.weixin.qq.com/s?__biz=MjM5MjEyMTcyMQ==&mid=2651037458&idx=1&sn=0ee75174afec20a34c3f3243329d42e4) + - [ ] [AI抢不走的工作,微软力挺红队测试仍需人类“掌舵”](https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651313290&idx=1&sn=a6d328c9fd6e44ceb96698a3205f5786) + - [ ] [新的“双击劫持”漏洞绕过主要网站上的点击劫持保护](https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651313290&idx=2&sn=44a6a38890bbe1cf23af0cb8162a8362) + - [ ] [虚假PoC漏洞利用正用来攻击研究人员](https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651313290&idx=3&sn=c9beec9c5ce5078f2a7e260af8dc140f) + - [ ] [IAMActionHunter:一款AWS IAM策略声明解析和查询工具](https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651313290&idx=4&sn=c46a99c55e12a98fb61cc4819e385d68) + - [ ] [大年初三 蛇全蛇美](https://mp.weixin.qq.com/s?__biz=Mzg2MTU5ODQ2Mg==&mid=2247507175&idx=1&sn=0d04c34fa4f1ea8c975d2765b3fcdde8) + - [ ] [数字取证之数据保护u200c](https://mp.weixin.qq.com/s?__biz=MjM5OTk4MDE2MA==&mid=2655264880&idx=1&sn=7424698e3f088be94f084851bee8adde) + - [ ] [祥蛇嬉初三 福运伴身畔](https://mp.weixin.qq.com/s?__biz=MzU0MjEwNTM5Ng==&mid=2247520423&idx=1&sn=435bb09e1f0125a3af0ccfdbbe203099) + - [ ] [大年初三 | 金福盈门,万象更新](https://mp.weixin.qq.com/s?__biz=Mzk0MDQ5MTQ4NA==&mid=2247487429&idx=1&sn=5756ef7cab4f6ff1ce0a1364151444a5) + - [ ] [网安原创文章推荐【2025/1/30】](https://mp.weixin.qq.com/s?__biz=MzAxNzg3NzMyNQ==&mid=2247489527&idx=1&sn=410e2304fe7538839c5cb1c2467bb056) + - [ ] [初三](https://mp.weixin.qq.com/s?__biz=MzUyMjAyODU1NA==&mid=2247491948&idx=1&sn=4852c2eb3611785194c330002093797a) + - [ ] [大年初三 | 福绕蛇年,万“巳”胜意](https://mp.weixin.qq.com/s?__biz=MzA4MTg0MDQ4Nw==&mid=2247579271&idx=1&sn=bfb185d569ae97db908675e7f2419714) + - [ ] [rsync进阶指南:14个提升效率的黑科技用法](https://mp.weixin.qq.com/s?__biz=MzI5MjY4MTMyMQ==&mid=2247489889&idx=1&sn=ed213d71fa01c3309c93e853d4e8c1ed) + - [ ] [DeepSeek 数据库裸奔 百万敏感数据任人取!](https://mp.weixin.qq.com/s?__biz=MzAwMjA5OTY5Ng==&mid=2247525706&idx=1&sn=976ec18c7118e288efff987289130d14) + - [ ] [欧盟《网络复原力法》全文翻译](https://mp.weixin.qq.com/s?__biz=MzIxODM0NDU4MQ==&mid=2247506421&idx=1&sn=f3b2c847cf7748ef86bc68daa496de01) + - [ ] [飞书文档快速转化本地makedown文件](https://mp.weixin.qq.com/s?__biz=Mzk0ODY1NzEwMA==&mid=2247486602&idx=1&sn=faff49b1d51d07088cac426018d9ddef) + - [ ] [Java反序列化漏洞 | Fastjson反序列化漏洞原理+漏洞复现](https://mp.weixin.qq.com/s?__biz=Mzk0Mzc1MTI2Nw==&mid=2247487416&idx=1&sn=3071e9e82d12510b732a50c8e22cd596) + - [ ] [美国DARPA的宏伟Red-C计划:通过“自我修复固件”实现网络攻击的实时检测与修复](https://mp.weixin.qq.com/s?__biz=MzkyMjQ5ODk5OA==&mid=2247507167&idx=1&sn=26840502c819f510d39d577dccb84196) + - [ ] [5th域安全微讯早报【20250131】027期](https://mp.weixin.qq.com/s?__biz=MzkyMjQ5ODk5OA==&mid=2247507167&idx=2&sn=5e964e3fa5c3c44a17a1eade47f8ea71) + - [ ] [CVE-2024-49138 poc windows CLFS.sys提权漏洞](https://mp.weixin.qq.com/s?__biz=MzU1NzczNTM1MQ==&mid=2247485185&idx=1&sn=b8349c313ac09f29240c61f055433ddd) + - [ ] [Cadiclus – 使用PowerShell辅助Linux 系统提权](https://mp.weixin.qq.com/s?__biz=MzU1NzczNTM1MQ==&mid=2247485185&idx=2&sn=c8f3a8d2d11a3eaf2491baeb50be5792) + - [ ] [正月初三| 三阳开泰 日富一日](https://mp.weixin.qq.com/s?__biz=MzI2MzU0NTk3OA==&mid=2247506082&idx=1&sn=f2db30e5f0ea2346966522e0549b57d3) + - [ ] [捷普信创安全产品线,助力信创产业发展](https://mp.weixin.qq.com/s?__biz=MzI2MzU0NTk3OA==&mid=2247506082&idx=2&sn=20cc3516e0158067694fa5fd3a3ce1a9) + - [ ] [【焕新领先】捷普IPS/IDS系统](https://mp.weixin.qq.com/s?__biz=MzI2MzU0NTk3OA==&mid=2247506082&idx=3&sn=93dde62780cb716dcdb350ec05102794) + - [ ] [使用豆包获取抖音文案](https://mp.weixin.qq.com/s?__biz=Mzk0MTI4NTIzNQ==&mid=2247492239&idx=1&sn=f547e48b7cb815b2cde4361dd852d1e9) + - [ ] [ECShop 4.x collection_list SQL注入](https://mp.weixin.qq.com/s?__biz=Mzg4NDg3NjE5MQ==&mid=2247485617&idx=1&sn=cbea289e260befd038d87e4741df7ca9) + - [ ] [正月初三贴赤口!亚信安全祝大家抬头见禧,蛇运亨通](https://mp.weixin.qq.com/s?__biz=MjM5NjY2MTIzMw==&mid=2650620967&idx=1&sn=d6e3efc6033a4781fd8740b2499a17fb) + - [ ] [大年初三 三阳开泰](https://mp.weixin.qq.com/s?__biz=MjM5NzE0NTIxMg==&mid=2651135290&idx=1&sn=dbeba374802d07fb246a2c9630ba2375) + - [ ] [初三 | 四季皆如意,万事尽亨通,新岁多欢颜,康泰常相伴!](https://mp.weixin.qq.com/s?__biz=MzU4NjY4MDAyNQ==&mid=2247497080&idx=1&sn=4a5edfd2575e50bfbd568743f9f9a172) + - [ ] [2025年全球风险报告:冲突、环境和虚假信息是主要威胁](https://mp.weixin.qq.com/s?__biz=MzUzODYyMDIzNw==&mid=2247516970&idx=1&sn=06109ad8fa78d90f969ee430577ef590) + - [ ] [针对DeepSeek的网络攻击再升级:僵尸网络进场 攻击指令激增上百倍u200b](https://mp.weixin.qq.com/s?__biz=MzAxMjE3ODU3MQ==&mid=2650607360&idx=1&sn=c48a0548576e4ce9ae4ed53e751d671c) + - [ ] [2025网络暴露危机报告:45%第三方应用越权访问用户数据](https://mp.weixin.qq.com/s?__biz=MzAxMjE3ODU3MQ==&mid=2650607360&idx=2&sn=d60da4ef519827d85981b8d02d848e2f) + - [ ] [经典华为路由器漏洞复现详细分析(包括整个漏洞链)](https://mp.weixin.qq.com/s?__biz=MzAxMjE3ODU3MQ==&mid=2650607360&idx=3&sn=cac10cb8e85c07f523764294668f4fec) + - [ ] [AutoPen - 自动化渗透测试工具](https://mp.weixin.qq.com/s?__biz=MzAxMjE3ODU3MQ==&mid=2650607360&idx=4&sn=e33cdb19a4aabc1350cfd4c407aa7076) + - [ ] [初三:喜报春来](https://mp.weixin.qq.com/s?__biz=MzU0NDk0NTAwMw==&mid=2247624777&idx=1&sn=4af85ac3e0ff1b3aa079b4aea709111c) + - [ ] [自动化代码审计工具](https://mp.weixin.qq.com/s?__biz=MzkyNzIxMjM3Mg==&mid=2247489194&idx=1&sn=c3c275b655d3817e6f75a800f10a0e01) + - [ ] [夺回失去的一切](https://mp.weixin.qq.com/s?__biz=MzkyNzIxMjM3Mg==&mid=2247489194&idx=2&sn=c7ce655667ccb528720b4da5ed8ded7f) + - [ ] [【初三】畅享惬意假期 尽享无忧时光](https://mp.weixin.qq.com/s?__biz=MjM5NTE0MjQyMg==&mid=2650624575&idx=1&sn=a1c5ed5f4b0b0de27bba620517b40099) + - [ ] [【贺蛇年】初三送福 信安保吉](https://mp.weixin.qq.com/s?__biz=MzAxMjE1MDY0NA==&mid=2247508844&idx=1&sn=08446e6ae4fd80b63e788f60f6df0ec1) + - [ ] [一分钟搭建本地大模型DeepSeek!永久免费!无需联网!一条命令即可搭建!!!!](https://mp.weixin.qq.com/s?__biz=Mzg2Nzk0NjA4Mg==&mid=2247498557&idx=1&sn=4be63db2842575769a912e8c3332c989) + - [ ] [山石网科·AI汇东方|正月初三,张贴赤口](https://mp.weixin.qq.com/s?__biz=MzAxMDE4MTAzMQ==&mid=2661298290&idx=1&sn=b4f906505b483a77b737f218f4ee339e) +- Tenable Blog + - [ ] [Cybersecurity Snapshot: CSA Offers Tips for Deploying AI Securely, While Deloitte Says Cyber Teams’ GenAI Use Yields Top ROI](https://www.tenable.com/blog/cybersecurity-snapshot-ai-security-tips-generative-ai-roi-01-31-2025) +- Blog – Red Siege Information Security + - [ ] [Security Posture Review and Penetration Testing](https://redsiege.com/blog/2025/01/security-posture-review-and-penetration-testing/) +- Bug Bounty in InfoSec Write-ups on Medium + - [ ] [My Bug Bounty Journey: A Middle-Class Kid’s Quest for Free and Beyond](https://infosecwriteups.com/my-bug-bounty-journey-a-middle-class-kids-quest-for-free-and-beyond-1cd6b65240d6?source=rss----7b722bfd1b8d--bug_bounty) + - [ ] [How I Earned $200 Using GitHub Dorking: A Manual and Automated Guide to Finding Sensitive…](https://infosecwriteups.com/how-i-earned-200-using-github-dorking-a-manual-and-automated-guide-to-finding-sensitive-ebbbfcad7296?source=rss----7b722bfd1b8d--bug_bounty) +- Hexacorn + - [ ] [Files of interest](https://www.hexacorn.com/blog/2025/01/31/9839/) +- SentinelOne + - [ ] [The Good, the Bad and the Ugly in Cybersecurity – Week 5](https://www.sentinelone.com/blog/the-good-the-bad-and-the-ugly-in-cybersecurity-week-5-6/) - Malware-Traffic-Analysis.net - Blog Entries - - [ ] [2025-01-30: XLoader infection](https://www.malware-traffic-analysis.net/2025/01/30/index.html) -- Malwarebytes - - [ ] [Microsoft advertisers phished via malicious Google ads](https://www.malwarebytes.com/blog/cybercrime/2025/01/microsoft-advertisers-phished-via-malicious-google-ads) - - [ ] [The DeepSeek controversy: Authorities ask where does the data come from and how safe is it?](https://www.malwarebytes.com/blog/news/2025/01/the-deepseek-controversy-authorities-ask-where-the-data-comes-from-and-where-it-goes) -- Intigriti - - [ ] [Power of the collective: Investing in the security researcher community for shared success](https://www.intigriti.com/blog/business-insights/power-of-the-collective-investing-in-the-security-researcher-community-for-shared) + - [ ] [2025-01-31: Two pcaps of AgentTesla-style data exfil, one using FTP and one using SMTP](https://www.malware-traffic-analysis.net/2025/01/31/index.html) +- HAHWUL + - [ ] [Enhancing OWASP Noir with AI](https://www.hahwul.com/2025/01/31/owasp-noir-x-llm/) - Securelist - - [ ] [No need to RSVP: a closer look at the Tria stealer campaign](https://securelist.com/tria-stealer-collects-sms-data-from-android-devices/115295/) -- Project Zero - - [ ] [Windows Bug Class: Accessing Trapped COM Objects with IDispatch](https://googleprojectzero.blogspot.com/2025/01/windows-bug-class-accessing-trapped-com.html) - - [ ] [Windows Exploitation Tricks: Trapping Virtual Memory Access (2025 Update)](https://googleprojectzero.blogspot.com/2025/01/windows-exploitation-tricks-trapping.html) -- rtl-sdr.com - - [ ] [Jeff Geerling Explores the CaribouLite Raspberry Pi Hat](https://www.rtl-sdr.com/jeff-geerling-explores-the-cariboulite-raspberry-pi-hat/) - - [ ] [The Taylorator: Flooding the Broadcast FM Band with Taylor Swift Songs using a LimeSDR](https://www.rtl-sdr.com/the-taylorator-flooding-the-broadcast-fm-band-with-taylor-swift-songs-using-a-limesdr/) - - [ ] [Video on the Basics of SDR for Hackers](https://www.rtl-sdr.com/video-on-the-basics-of-sdr-for-hackers/) -- 奇客Solidot–传递最新科技情报 - - [ ] [美国版权局称 AI 辅助作品如果包含足够的人类创意可获得版权保护](https://www.solidot.org/story?sid=80451) - - [ ] [LibreOffice 下载量突破 4 亿](https://www.solidot.org/story?sid=80450) - - [ ] [Debian 项目停止在 X 上发推](https://www.solidot.org/story?sid=80449) - - [ ] [Douglas Engelbart 诞辰 100 周年](https://www.solidot.org/story?sid=80448) + - [ ] [One policy to rule them all](https://securelist.com/group-policies-in-cyberattacks/115331/) +- Binary Ninja + - [ ] [RE//thinking Conferences](https://binary.ninja/2025/01/31/re-thinking-conferences.html) +- Reverse Engineering + - [ ] [Game Reverse Engineering for Dummies](https://www.reddit.com/r/ReverseEngineering/comments/1ief03g/game_reverse_engineering_for_dummies/) +- Malwarebytes + - [ ] [ClickFix vs. traditional download in new DarkGate campaign](https://www.malwarebytes.com/blog/cybercrime/2025/01/clickfix-vs-traditional-download-in-new-darkgate-campaign) + - [ ] [Cybercrime gets a few punches on the nose](https://www.malwarebytes.com/blog/news/2025/01/cybercrime-gets-a-few-punches-on-the-nose) +- Wallarm + - [ ] [Analyzing DeepSeek’s System Prompt: Jailbreaking Generative AI](https://lab.wallarm.com/jailbreaking-generative-ai/) - FreeBuf网络安全行业门户 - - [ ] [DeepSeek AI数据库泄露:超百万条日志和密钥曝光](https://www.freebuf.com/articles/420968.html) -- Shostack & Friends Blog - - [ ] [The Birth of the CVE System, on Hackers To Founders](https://shostack.org/blog/hackers-to-founders/) - - [ ] [Hoarding, Debt and Threat Modeling](https://shostack.org/blog/hoarding-debt-and-threat-modeling/) -- 锦行科技 - - [ ] [初二 | 姻缘美满](https://mp.weixin.qq.com/s?__biz=MzIxNTQxMjQyNg==&mid=2247493741&idx=1&sn=e36485b394ed47daf3a04225998efbe1&chksm=979a13c8a0ed9ade19f74ca917b1703c7b395367c03069fe1b164a21f581251495a707ffdfa8&scene=58&subscene=0#rd) + - [ ] [意大利数据保护局封禁DeepSeek AI平台,用户数据透明度不足成焦点](https://www.freebuf.com/articles/database/420991.html) +- 奇客Solidot–传递最新科技情报 + - [ ] [朱诺号在木卫一上记录到至今最强的火山活动](https://www.solidot.org/story?sid=80455) + - [ ] [新发现小行星有 1/83 的概率在 2032 年撞击地球](https://www.solidot.org/story?sid=80454) + - [ ] [库克告诉张忠谋英特尔不知道如何代工芯片](https://www.solidot.org/story?sid=80453) + - [ ] [巴塞尔税务机关因域名错误不得不购买巴哈马域名](https://www.solidot.org/story?sid=80452) +- 黑海洋 - IT技术知识库 + - [ ] [DeepSeek 多模态大模型 Janus-Pro-7B 本地部署教程!支持图像生成](https://blog.upx8.com/4681) - 吾爱破解论坛 - - [ ] [【2025春节】解题领红包活动开始喽,解出就送论坛币! - -第一题送分题有手就行(不需有脑,已有 1376 位会员完成此任务)。 - -第二题 Windows 初级题 14点整 上线,题目很简单,如果你对逆向分析感兴趣,不妨借此机会自学尝试,让这次活动真正成为你技能提升的阶梯。](https://mp.weixin.qq.com/s?__biz=MjM5Mjc3MDM2Mw==&mid=2651141658&idx=1&sn=11067b00a771b8ee9bd4c4d0da1e8908&chksm=bd50a64e8a272f589319d04410866e550b8792cd73b49c0eecc8abb4df9996d504f306e3b43c&scene=58&subscene=0#rd) -- 安全分析与研究 - - [ ] [Fake CAPTCHA攻击技术](https://mp.weixin.qq.com/s?__biz=MzA4ODEyODA3MQ==&mid=2247490238&idx=1&sn=f7929631aed8f88ecb74b428362ec4eb&chksm=902fb596a7583c80a17cb1f35f04930cd0fa4f66251be8f81b04a1801ee9d2f8725ffb4bda0c&scene=58&subscene=0#rd) -- 安全内参 - - [ ] [针对DeepSeek的网络攻击再升级:僵尸网络进场 攻击指令激增上百倍​](https://mp.weixin.qq.com/s?__biz=MzI4NDY2MDMwMw==&mid=2247513623&idx=1&sn=d0d49c0d4b6e85b4dd8aacd8623ca272&chksm=ebfaf137dc8d782175c2209f64fe50b91bf2c7ff519b1be99b56d7f5f4f3171fe8cb575f539a&scene=58&subscene=0#rd) -- Black Hills Information Security - - [ ] [Questions From a Beginner Threat Hunter](https://www.blackhillsinfosec.com/questions-from-a-beginner-threat-hunter/) -- 红日安全 - - [ ] [新年新挑战,红日安全不打烊!携手同行,保障数字世界,迎接无限机遇!💻💼](https://mp.weixin.qq.com/s?__biz=MzI4NjEyMDk0MA==&mid=2649851771&idx=1&sn=e32da143725cb1281d784159a2d92a85&chksm=f3e4e9f8c49360ee9f066a43959bd3732de37e27ca245ce7717817dc356c25315b6e3cd90820&scene=58&subscene=0#rd) + - [ ] [【2025春节】解题领红包活动排行榜(初三 1/31)](https://mp.weixin.qq.com/s?__biz=MjM5Mjc3MDM2Mw==&mid=2651141663&idx=1&sn=63c355a201f947c905a68b07647ab32a&chksm=bd50a64b8a272f5d946a584369ed1e63aa1e848c064f9913f5d0b8b726d9d660a7d66a00e91c&scene=58&subscene=0#rd) +- dotNet安全矩阵 + - [ ] [收藏 | dotNet安全矩阵 2024 年度逆向调试分析阶段文章和工具汇总](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498584&idx=1&sn=d85935a8bccaf28b5e5203c9cd937ea9&chksm=fa5955b5cd2edca34577829765f94d7f8f8ba90adf5b6e399ec3c452c66f86875c7bf5bf1fe9&scene=58&subscene=0#rd) + - [ ] [.NET 内网攻防实战电子报刊](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498584&idx=2&sn=3d15023570e640313e68870e0ee24904&chksm=fa5955b5cd2edca3ab75eec14cdb7db823d32a7563590a024fd77a432760513df551302e0537&scene=58&subscene=0#rd) + - [ ] [收藏 | dotNet安全矩阵 2024 年度外网入口打点阶段文章和工具汇总](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498584&idx=3&sn=8e71ffa26350c09847ab769b9dbedcc2&chksm=fa5955b5cd2edca3ff4e40e9c3fbd087950be3490983ed47fb037e3bed4a8ec43f8f4ff18cc2&scene=58&subscene=0#rd) + - [ ] [收藏 | dotNet安全矩阵 2024 年度目标权限维持阶段文章和工具汇总](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498584&idx=4&sn=d14acdfea6504a47d1e46e7c8f38cf54&chksm=fa5955b5cd2edca3e25bcab2043d40960b8493619cf515dd830c9a69f2f552048d360d1723d5&scene=58&subscene=0#rd) +- 丁爸 情报分析师的工具箱 + - [ ] [【实操】美国客机与黑鹰直升机相撞的视频、音频、轨迹回放及遇难机组和乘客](https://mp.weixin.qq.com/s?__biz=MzI2MTE0NTE3Mw==&mid=2651148793&idx=1&sn=03180450dc0a7ac7bb10d75ce4ca6d3c&chksm=f1af26c3c6d8afd574a2952fe360477386f6c4b3918f013832c9caf99dedafd4d4838e3aa576&scene=58&subscene=0#rd) +- 情报分析师 + - [ ] [惊天一撞,华盛顿客机与直升机空难背后的真相!](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650559372&idx=1&sn=0410ce8851f28ddbc609457ae73483de&chksm=87117dc7b066f4d1ad44ee89f45d8490695f007aa2b56cf7f6d72328537333ddcdfc9c7337b7&scene=58&subscene=0#rd) + - [ ] [美国为何对 DeepSeek 如此“上心”?一场科技博弈的真相](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650559372&idx=2&sn=369c0d3168fb3469fb3aefa3fb9cafd0&chksm=87117dc7b066f4d1185de6f282e7121df9671775c92c0f4fb83ca20be6f20fe42e7a73261f00&scene=58&subscene=0#rd) +- 极客公园 + - [ ] [对 Deepseek 从赞叹到压制,硅谷为何一周内变脸](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653073065&idx=1&sn=a7e25c9de7abe6fdf8234a898f67c3ca&chksm=7e57d31f49205a09b4245af36dad8e7b2b6ae8ed98f621dae59d0665e632d55f834f35024074&scene=58&subscene=0#rd) + - [ ] [针对 DeepSeek 网络攻击暴增上百倍;苹果在华销售额下降 11%;《鱿鱼游戏》第三季公布 | 极客早知道](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653073064&idx=1&sn=56daa14e6f49dd3d526aa22a9ca2de8a&chksm=7e57d31e49205a089760b83fce00f837009c8dc1e6bcc9969dc9819cc32f9df30f57631463a7&scene=58&subscene=0#rd) - M01N Team - - [ ] [AI风险分析 | Grok提示词泄露前后暗藏玄机](https://mp.weixin.qq.com/s?__biz=MzkyMTI0NjA3OA==&mid=2247494054&idx=1&sn=9122e0562bcad42ee707e0879b945aa1&chksm=c18429b7f6f3a0a16b65fc9b18ee5c979853c462ea1f43800abab53c6e5bc3e5d73dc9c1c540&scene=58&subscene=0#rd) -- 墨菲安全 - - [ ] [DeepSeek因软件供应链安全问题导致严重聊天记录数据泄漏](https://mp.weixin.qq.com/s?__biz=MzkwOTM0MjI5NQ==&mid=2247488049&idx=1&sn=377ab6f02bf6685c6ecd606923242cc3&chksm=c13d7109f64af81f818a52b31171cec774bb86a531f1405b24c020869c281e0865f573e9c6a6&scene=58&subscene=0#rd) + - [ ] [AI风险分析 | 从Freysa转账案例看智能体应用的潜在风险](https://mp.weixin.qq.com/s?__biz=MzkyMTI0NjA3OA==&mid=2247494055&idx=1&sn=1a0b66065e3db8d26597a12328032d82&chksm=c18429b6f6f3a0a0f87c56e68eb79be4df5d7a78ecb73f1a39c54ea3e74374f0d2671ba3d073&scene=58&subscene=0#rd) +- 吴鲁加 + - [ ] [YC 的 AI 创业创意](https://mp.weixin.qq.com/s?__biz=Mzg5NDY4ODM1MA==&mid=2247485169&idx=1&sn=59224d6daf6f30591f7da17a13031fd7&chksm=c01a8bc0f76d02d648546ccc4303533b8e1ba5c3a69a2d84ba7809e30f397b269423fd3847f6&scene=58&subscene=0#rd) - 360数字安全 - - [ ] [大年初二 | 金蛇迎春,福“巳”绵延](https://mp.weixin.qq.com/s?__biz=MzA4MTg0MDQ4Nw==&mid=2247579270&idx=1&sn=07b4d333a5b2f57048e51d6aa8cc4224&chksm=9f8d268ea8faaf982879ec311f767c0e01c96d6b31f504cb5edd372b41e9ddedf3659c61e603&scene=58&subscene=0#rd) -- 白帽子章华鹏 - - [ ] [DeepSeek被海外曝出严重聊天记录数据泄漏问题](https://mp.weixin.qq.com/s?__biz=MzIyOTAxOTYwMw==&mid=2650236959&idx=1&sn=0024f87794598ce60e345aa728e8a771&chksm=f04ad2a3c73d5bb52eb2a39504865a355749cee5228d9bcaa1078cab5387d5509791a0eafeb4&scene=58&subscene=0#rd) + - [ ] [大年初三 | 福绕蛇年,万“巳”胜意](https://mp.weixin.qq.com/s?__biz=MzA4MTg0MDQ4Nw==&mid=2247579271&idx=1&sn=bfb185d569ae97db908675e7f2419714&chksm=9f8d268fa8faaf9939e8fef41d497b2f71db4645149724c942c4674b04c19548141fda1cbdd9&scene=58&subscene=0#rd) - 迪哥讲事 - - [ ] [深入浅出API测试|搜集分析与漏洞挖掘实战](https://mp.weixin.qq.com/s?__biz=MzIzMTIzNTM0MA==&mid=2247496981&idx=1&sn=1b88708a474086d96cf22a9428c93835&chksm=e8a5ff76dfd276605ae35037c735c6cb3cb39f0962d2b476be2284664584944a6e21d112112a&scene=58&subscene=0#rd) -- Over Security - Cybersecurity news aggregator - - [ ] [Backdoor found in two healthcare patient monitors, linked to IP in China](https://www.bleepingcomputer.com/news/security/backdoor-found-in-two-healthcare-patient-monitors-linked-to-ip-in-china/) - - [ ] [Lawmakers push for guardrails, deadline on cyber military study](https://therecord.media/lawmakers-push-for-guardrails-deadline-cyber-force-study) - - [ ] [Google blocked 2.36 million risky Android apps from Play Store in 2024](https://www.bleepingcomputer.com/news/security/google-blocked-236-million-risky-android-apps-from-play-store-in-2024/) - - [ ] [States with laws requiring data brokers to register are ramping up enforcement](https://therecord.media/state-data-broker-registry-laws-fines-warnings) - - [ ] [Gabbard grilled over Snowden comments during Senate confirmation hearing](https://therecord.media/gabbard-grilled-over-snowden-comments-senate-confirmation-hearing) - - [ ] [US Justice Department says cybercrime forum allegedly affected 17 million Americans](https://techcrunch.com/2025/01/30/us-justice-department-says-cybercrime-forum-allegedly-affected-17-million-americans/) - - [ ] [Defeating Future Threats Starts Today](https://blog.talosintelligence.com/defeating-future-threats-starts-today/) - - [ ] [Ransomware attack disrupts New York blood donation giant](https://www.bleepingcomputer.com/news/security/ransomware-attack-disrupts-new-york-blood-donation-giant/) - - [ ] [Infrastructure Laundering: Blending in with the Cloud](https://krebsonsecurity.com/2025/01/infrastructure-laundering-blending-in-with-the-cloud/) - - [ ] [Ransomware attack on New York Blood Center forces workarounds, drive cancellations](https://therecord.media/ransomware-attack-new-york-blood-center-forces-workarounds) - - [ ] [DeepSeek exposes database with over 1 million chat records](https://www.bleepingcomputer.com/news/security/deepseek-exposes-database-with-over-1-million-chat-records/) - - [ ] [International police coalition takes down two prolific cybercrime and hacking forums](https://techcrunch.com/2025/01/30/international-police-coalition-takes-down-two-prolific-cybercrime-and-hacking-forums/) - - [ ] [Police take down two large cybercrime forums, arrest suspects](https://therecord.media/cybercrime-forums-cracked-nulled-takedowns-arrests) - - [ ] [Major GitHub outage affects pull requests and other services](https://www.bleepingcomputer.com/news/technology/major-github-outage-affects-pull-requests-and-other-services/) - - [ ] [The Advantages of Cloud-Based Remote Desktop versus RDP over VPN](https://www.bleepingcomputer.com/news/security/the-advantages-of-cloud-based-remote-desktop-versus-rdp-over-vpn/) - - [ ] [(Un)Happy Trails](https://bfore.ai/unhappy-trails-travel-related-scams-and-what-travel-vendors-can-do-to-protect-their-customers/) - - [ ] [New Syncjacking attack hijacks devices using Chrome extensions](https://www.bleepingcomputer.com/news/security/new-syncjacking-attack-hijacks-devices-using-chrome-extensions/) - - [ ] [bedevil: Dynamic Linker Patching](http://localhost:1313/posts/bedevil_dynamic_linker_patching/) - - [ ] [Hack.lu: In-Depth Study of Linux Rootkits: Evolution, Detection, and Defense](http://localhost:1313/talks/hack.lu_rootkits_2024/) - - [ ] [Hack.lu: The Gist of Hundreds of Incident Response Cases](http://localhost:1313/talks/hack.lu_gist_2024/) - - [ ] [Reptile's Custom Kernel-Module Launcher](http://localhost:1313/posts/reptile_launcher/) - - [ ] [BSides Munich: /proc for Security Analysts](http://localhost:1313/talks/bsides_munich_2024/) - - [ ] [DeepSec: RAT Builders - How to catch them all](http://localhost:1313/talks/deepsec_2024/) - - [ ] [Shell Script Compiler (shc)](http://localhost:1313/posts/shell_script_compiler/) - - [ ] [Today I Learned - setfacl](http://localhost:1313/posts/today_i_learned_setfacl/) - - [ ] [Analysis of Python's .pth files as a persistence mechanism](http://localhost:1313/posts/publish_python_pth_extension/) - - [ ] [Tear Down The Castle - Part 1](http://localhost:1313/posts/tear_down_castle_part_one/) - - [ ] [Oh my .. ! - Suspicious network traffic detected including Ransomware](http://localhost:1313/posts/suspicious_network_traffic_ransomware/) - - [ ] [Tear Down The Castle - Part 2](http://localhost:1313/posts/tear_down_castle_part_two/) - - [ ] [Follow-Up: Alibaba’s Qwen2.5-VL Model is Also Vulnerable to Prompt Attacks](https://www.kelacyber.com/blog/follow-up-alibabas-qwen2-5-vl-model-is-also-vulnerable-to-prompt-attacks/) - - [ ] [Police seizes Cracked and Nulled hacking forum servers, arrests suspects](https://www.bleepingcomputer.com/news/security/police-seizes-cracked-and-nulled-hacking-forum-servers-arrests-suspects/) - - [ ] [Microsoft lifts Windows 11 update block for PCs with gaming issues](https://www.bleepingcomputer.com/news/microsoft/microsoft-lifts-windows-11-update-block-for-pcs-with-gaming-issues/) - - [ ] [Common OAuth Vulnerabilities](https://blog.doyensec.com/2025/01/30/oauth-common-vulnerabilities.html) - - [ ] [DeepSeek’s Growing Influence Sparks a Surge in Frauds and Phishing Attacks](https://cyble.com/blog/deepseeks-growing-influence-sparks-a-surge-in-frauds-and-phishing-attacks/) - - [ ] [Time Bandit ChatGPT jailbreak bypasses safeguards on sensitive topics](https://www.bleepingcomputer.com/news/security/time-bandit-chatgpt-jailbreak-bypasses-safeguards-on-sensitive-topics/) - - [ ] [Comunicare per proteggere: strategie e strumenti per implementare i requisiti ISO 27001](https://www.cybersecurity360.it/legal/comunicare-per-proteggere-strategie-e-strumenti-per-implementare-i-requisiti-iso-27001/) - - [ ] [Bilanciare i rischi di security beneficiando di tecnologie di AI: fra opportunità e rischi](https://www.cybersecurity360.it/news/bilanciare-i-rischi-di-security-beneficiando-di-tecnologie-di-ai-fra-opportunita-e-rischi/) - - [ ] [DeepSeek: i timori per la privacy e la cyber security](https://www.cybersecurity360.it/cultura-cyber/deepseek-i-timori-per-la-privacy-e-la-cyber-security/) - - [ ] [DeepSeek, serve cautela: ci sono pericoli per la sicurezza](https://www.cybersecurity360.it/news/deepseek-usarlo-con-cautela-ci-sono-pericoli-per-la-sicurezza/) - - [ ] [Smishing a tema Poste Italiane: i dettagli e come difendersi](https://www.cybersecurity360.it/news/smishing-a-tema-poste-italiane-i-dettagli-e-come-difendersi/) - - [ ] [Più cyber attacchi nel 2024. E nel 2025 il trend non si fermerà](https://www.cybersecurity360.it/outlook/piu-cyber-attacchi-nel-2024-e-nel-2025-il-trend-non-si-fermera/) - - [ ] [I cyber rischi in azienda che (anche) gli italiani non comprendono](https://www.cybersecurity360.it/news/i-cyber-rischi-in-azienda-che-anche-gli-italiani-non-comprendono/) - - [ ] [Le chat WhatsApp sono corrispondenza da tutelare: i paletti privacy della Cassazione](https://www.cybersecurity360.it/news/le-chat-whatsapp-sono-corrispondenza-da-tutelare-i-paletti-privacy-della-cassazione/) - - [ ] [Decentraleyes potenzia la privacy online: vantaggi e limiti](https://www.cybersecurity360.it/soluzioni-aziendali/decentraleyes-potenzia-la-privacy-online-vantaggi-e-limiti/) - - [ ] [Il controllo del dipendente da parte del datore di lavoro: le sfide per la privacy](https://www.cybersecurity360.it/legal/privacy-dati-personali/il-controllo-del-dipendente-da-parte-del-datore-di-lavoro-le-sfide-per-la-privacy/) - - [ ] [Talos IR trends Q4 2024: Web shell usage and exploitation of public-facing applications spike](https://blog.talosintelligence.com/talos-ir-trends-q4-2024/) - - [ ] [UK, US Introduce “Content Credentials” Labeling to Counter Deepfakes, Misinformation in the Age of AI](https://cyble.com/blog/uk-us-introduce-content-credentials-labeling/) - - [ ] [Speedio (unverified) - 27,501,041 breached accounts](https://haveibeenpwned.com/PwnedWebsites#Speedio) - - [ ] [ICS Vulnerability Report: Cyble Urges Critical mySCADA Fixes](https://cyble.com/blog/ics-vulnerability-report-cyble-urges-critical-myscada-fixes/) + - [ ] [Deepseek是如何被黑掉的](https://mp.weixin.qq.com/s?__biz=MzIzMTIzNTM0MA==&mid=2247496994&idx=1&sn=d77c2e01b0dd8e2cb783fe7214e688c4&chksm=e8a5ff41dfd27657214d811c7635b0229bfd4e0dd9f949d59f1702d65efee83dd64fe76d58cb&scene=58&subscene=0#rd) - Krypt3ia - - [ ] [Threat Report: Risks and Considerations of Storing Corporate Security Telemetry in EDR Vendor Cloud Instances](https://krypt3ia.wordpress.com/2025/01/30/threat-report-risks-and-considerations-of-storing-corporate-security-telemetry-in-edr-vendor-cloud-instances/) - - [ ] [Krypt3ia Daily Cyber Threat Intelligence (CTI) Digest](https://krypt3ia.wordpress.com/2025/01/30/krypt3ia-daily-cyber-threat-intelligence-cti-digest-6/) -- 洞源实验室 - - [ ] [CIO启示录:技术管理如何突破效率天花板](https://mp.weixin.qq.com/s?__biz=Mzg4Nzk3MTg3MA==&mid=2247487724&idx=1&sn=992966ac782bfff5f58a78669566cd34&chksm=cf83199df8f4908b26ff76302cb8d746bfff09b567b7b3a5c847ccdd3c9489f00186af2c2959&scene=58&subscene=0#rd) -- bellingcat - - [ ] [Neo-Nazis Linked to “Terrorist Activities” to Host Budapest Concert](https://www.bellingcat.com/news/2025/01/30/neo-nazis-linked-to-terrorist-activities-to-host-budapest-concert/) -- 极客公园 - - [ ] [我合理怀疑,春晚节目组混进了 B 站的人](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653073042&idx=1&sn=e5673315f8ee79ebe9dd7e1d2616c261&chksm=7e57d32449205a32ea25640d2639fcc099fe5048fbdbbc484c363f514ec6a87a0fa0321f07d2&scene=58&subscene=0#rd) - - [ ] [美国对 DeepSeek 开展国家安全调查;传 DS 训练模型绕过英伟达 CUDA;春节档刷新初一票房纪录 | 极客早知道](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653073041&idx=1&sn=f9ec93124dfcfa3b5d40259ab4c2c990&chksm=7e57d32749205a310d8f135837f52b88af79c3c4cfa6f0101b33a99b48b746b953b3373c0e88&scene=58&subscene=0#rd) -- Securityinfo.it - - [ ] [Privacy dei dati: la maggior parte degli utenti teme una violazione](https://www.securityinfo.it/2025/01/30/privacy-dei-dati-la-maggior-parte-degli-utenti-teme-una-violazione/?utm_source=rss&utm_medium=rss&utm_campaign=privacy-dei-dati-la-maggior-parte-degli-utenti-teme-una-violazione) -- Have I Been Pwned latest breaches - - [ ] [Speedio (unverified) - 27,501,041 breached accounts](https://haveibeenpwned.com/PwnedWebsites#Speedio) + - [ ] [Krypt3ia Daily Cyber Threat Intelligence (CTI) Digest](https://krypt3ia.wordpress.com/2025/01/31/krypt3ia-daily-cyber-threat-intelligence-cti-digest-7/) - Hacking Exposed Computer Forensics Blog - - [ ] [Daily Blog #733: Test Kitchen building cloud tools with cursor](https://www.hecfblog.com/2025/01/daily-blog-733-test-kitchen-building.html) + - [ ] [Daily Blog #734: My favorite interview question](https://www.hecfblog.com/2025/01/daily-blog-734-my-favorite-interview.html) +- Securityinfo.it + - [ ] [DeepSeek: il top della tecnologia cinese dimentica di chiudere il database esposto](https://www.securityinfo.it/2025/01/31/deepseek-il-top-della-tecnologia-cinese-dimentica-di-chiudere-il-database-esposto/?utm_source=rss&utm_medium=rss&utm_campaign=deepseek-il-top-della-tecnologia-cinese-dimentica-di-chiudere-il-database-esposto) + - [ ] [Trovata una backdoor in due dispositivi cinesi per il monitoraggio dei pazienti](https://www.securityinfo.it/2025/01/31/trovata-una-backdoor-in-due-dispositivi-cinesi-per-il-monitoraggio-dei-pazienti/?utm_source=rss&utm_medium=rss&utm_campaign=trovata-una-backdoor-in-due-dispositivi-cinesi-per-il-monitoraggio-dei-pazienti) +- Over Security - Cybersecurity news aggregator + - [ ] [Former Polish justice minister arrested in sprawling spyware probe](https://therecord.media/poland-spyware-former-justice-minister-arrested) + - [ ] [Regional healthcare systems report data breaches affecting more than 1.5 million](https://therecord.media/connecticut-california-healthcare-networks-data-breaches) + - [ ] [WhatsApp accuses Paragon of targeting about 90 users with spyware](https://therecord.media/whatsapp-paragon-spyware-targeting-users) + - [ ] [FBI, Dutch Police Disrupt ‘Manipulaters’ Phishing Gang](https://krebsonsecurity.com/2025/01/fbi-dutch-police-disrupt-manipulaters-phishing-gang/) + - [ ] [Insurance firm Globe Life to warn 850,000 of potential data theft following extortion attempt](https://therecord.media/globe-life-updated-sec-filing-hackers-extortion-data-breach) + - [ ] [Cracked and Nulled Marketplaces Disrupted in International Cyber Operation](https://flashpoint.io/blog/cracked-and-nulled-marketplaces-disrupted-in-cyber-operation/) + - [ ] [DeepSeek: il top della tecnologia cinese dimentica di chiudere il database esposto](https://www.securityinfo.it/2025/01/31/deepseek-il-top-della-tecnologia-cinese-dimentica-di-chiudere-il-database-esposto/) + - [ ] [CISA employees told they are exempt from federal worker resignation program](https://therecord.media/cisa-employees-told-they-are-exempt-deferred-resignation) + - [ ] [Hackers use fake wedding invitations to spread Android malware in Southeast Asia](https://therecord.media/hackers-wedding-invitations-southeast-asia) + - [ ] [Microsoft improves text contrast for all Windows Chromium browsers](https://www.bleepingcomputer.com/news/microsoft/microsoft-improves-text-contrast-for-all-windows-chromium-browsers/) + - [ ] [Come DeepSeek ha riconfigurato la corsa all’intelligenza artificiale](https://www.guerredirete.it/come-deepseek-ha-riconfigurato-la-corsa-allintelligenza-artificiale/) + - [ ] [Italy blocks Chinese AI tool DeepSeek over privacy concerns](https://therecord.media/italy-blocks-chinese-ai-tool-deepseek-over-privacy-concerns) + - [ ] [FDA, CISA warn of backdoor in popular patient monitor used by US hospitals](https://therecord.media/contec-cms8000-firmware-backdoor-fda-cisa-warning) + - [ ] [Tata Technologies reports ransomware attack to Indian stock exchange](https://therecord.media/tata-ransomware-attack-report-incident) + - [ ] [DeepSeek a rischio blocco in Italia? Il Garante privacy chiede conto sul trattamento dei dati](https://www.cybersecurity360.it/news/deepseek-a-rischio-blocco-in-italia-il-garante-privacy-chiede-conto-sul-trattamento-dei-dati/) + - [ ] [Trovato un database di DeepSeek esposto online, senza protezioni: quali rischi](https://www.cybersecurity360.it/news/trovato-un-database-di-deepseek-esposto-online-senza-protezioni-quali-rischi/) + - [ ] [Attacchi cyber contro la Pa: come funziona la difesa del Polo Strategico Nazionale](https://www.cybersecurity360.it/cybersecurity-nazionale/polo-strategico-nazionale-a-difesa-cloud-pa/) + - [ ] [La nomina del DPO: competenze, indipendenza e incompatibilità](https://www.cybersecurity360.it/legal/privacy-dati-personali/la-nomina-del-dpo-competenze-indipendenza-e-incompatibilita/) + - [ ] [DeepSeek, ecco il lato oscuro dell’AI cinese](https://www.cybersecurity360.it/cultura-cyber/la-startup-cinese-deepseek-sfida-chatgpt-il-modello-ai-che-supera-le-restrizioni-usa/) + - [ ] [TorNet: la nuova backdoor che sfrutta la rete TOR per evadere le difese](https://www.cybersecurity360.it/news/tornet-la-nuova-backdoor-che-sfrutta-la-rete-tor-per-evadere-le-difese/) + - [ ] [Il Browser Syncjacking dirotta i nostri dispositivi sfruttando le estensioni di Chrome](https://www.cybersecurity360.it/news/il-browser-syncjacking-dirotta-i-nostri-dispositivi-sfruttando-le-estensioni-di-chrome/) + - [ ] [DeepSeek: i perché del blocco del Garante privacy e le sfide per l’UE](https://www.cybersecurity360.it/legal/blocco-deepseek-garante-privacy-le-sfide-ue/) + - [ ] [Indian tech giant Tata Technologies hit by ransomware attack](https://www.bleepingcomputer.com/news/security/indian-tech-giant-tata-technologies-hit-by-ransomware-attack/) + - [ ] [US healthcare provider data breach impacts 1 million patients](https://www.bleepingcomputer.com/news/security/us-healthcare-provider-data-breach-impacts-1-million-patients/) + - [ ] [Globe Life data breach may impact an additional 850,000 clients](https://www.bleepingcomputer.com/news/security/globe-life-data-breach-may-impact-an-additional-850-000-clients/) + - [ ] [WhatsApp says it disrupted a hacking campaign targeting journalists with Paragon spyware](https://techcrunch.com/2025/01/31/whatsapp-says-it-disrupted-a-hacking-campaign-targeting-journalists-with-spyware/) + - [ ] [Pakistan-based cybercrime network dismantled by US, Dutch authorities](https://therecord.media/pakistan-cybercrime-busted-dutch-doj) + - [ ] [Mizuno USA says hackers stayed in its network for two months](https://www.bleepingcomputer.com/news/security/mizuno-usa-says-hackers-stayed-in-its-network-for-two-months/) + - [ ] [The TechCrunch Cyber Glossary](https://techcrunch.com/2025/01/31/techcrunch-reference-guide-to-security-terminology/) + - [ ] [Sintesi riepilogativa delle campagne malevole nella settimana del 25 – 31 gennaio](https://cert-agid.gov.it/news/sintesi-riepilogativa-delle-campagne-malevole-nella-settimana-del-25-31-gennaio/) + - [ ] [Vulnerabilità Subaru: il vero problema sono le politiche di gestione dei dati](https://www.securityinfo.it/2025/01/30/vulnerabilita-subaru-il-vero-problema-sono-le-politiche-di-gestione-dei-dati/) + - [ ] [Norway seizes ship suspected of sabotage, says crew are Russian nationals](https://therecord.media/norway-seizes-ship-suspected-sabotage) + - [ ] [Police dismantles HeartSender cybercrime marketplace network](https://www.bleepingcomputer.com/news/security/police-dismantles-heartsender-cybercrime-marketplace-network/) + - [ ] [Exclusive: Heart Centre Cyberattack in Australia, DragonForce Claims Responsibility for Sensitive Data Theft](https://www.suspectfile.com/exclusive-heart-centre-cyberattack-in-australia-dragonforce-claims-responsibility-for-sensitive-data-theft/) + - [ ] [Trovata una backdoor in due dispositivi cinesi per il monitoraggio dei pazienti](https://www.securityinfo.it/2025/01/31/trovata-una-backdoor-in-due-dispositivi-cinesi-per-il-monitoraggio-dei-pazienti/) + - [ ] [One policy to rule them all](https://securelist.com/group-policies-in-cyberattacks/115331/) + - [ ] [Cyble’s Weekly Vulnerability Update: Critical SonicWall Zero-Day and Exploited Flaws Discovered](https://cyble.com/blog/cybles-weekly-vulnerability-update-critical/) + - [ ] [Dark Web Activity January 2025: A New Hacktivist Group Emerges](https://cyble.com/blog/dark-web-activity-new-hacktivist-group-emerges/) + - [ ] [KuCoin to pay nearly $300 million in penalties after guilty plea](https://www.bleepingcomputer.com/news/cryptocurrency/kucoin-to-pay-nearly-300-million-in-penalties-after-guilty-plea/) - SANS Internet Storm Center, InfoCON: green - - [ ] [PCAPs or It Didn't Happen: Exposing an Old Netgear Vulnerability Still Active in 2025 [Guest Diary], (Thu, Jan 30th)](https://isc.sans.edu/diary/rss/31638) - - [ ] [ISC Stormcast For Thursday, January 30th, 2025 https://isc.sans.edu/podcastdetail/9302, (Thu, Jan 30th)](https://isc.sans.edu/diary/rss/31636) -- Schneier on Security - - [ ] [Fake Reddit and WeTransfer Sites are Pushing Malware](https://www.schneier.com/blog/archives/2025/01/fake-reddit-and-wetransfer-sites-are-pushing-malware.html) + - [ ] [To Simulate or Replicate: Crafting Cyber Ranges, (Fri, Jan 31st)](https://isc.sans.edu/diary/rss/31642) + - [ ] [ISC Stormcast For Friday, January 31st, 2025 https://isc.sans.edu/podcastdetail/9304, (Fri, Jan 31st)](https://isc.sans.edu/diary/rss/31640) +- Posts By SpecterOps Team Members - Medium + - [ ] [SlackPirate Set Sails Again! Or: How to Send the Entire “Bee Movie” Script to Your Friends in Slack](https://posts.specterops.io/slackpirate-set-sails-again-or-how-to-send-the-entire-bee-movie-script-to-your-friends-in-slack-d9c691ae33f5?source=rss----f05f8696e3cc---4) - Instapaper: Unread - - [ ] [Nulled, Other Cybercrime Websites Seized by Law Enforcement](https://www.securityweek.com/nulled-other-cybercrime-websites-seized-by-law-enforcement/) - - [ ] [Le chat WhatsApp sono corrispondenza da tutelare i paletti privacy della Cassazione](https://www.cybersecurity360.it/news/le-chat-whatsapp-sono-corrispondenza-da-tutelare-i-paletti-privacy-della-cassazione/) - - [ ] [Il controllo del dipendente da parte del datore di lavoro le sfide per la privacy](https://www.cybersecurity360.it/legal/privacy-dati-personali/il-controllo-del-dipendente-da-parte-del-datore-di-lavoro-le-sfide-per-la-privacy/) - - [ ] [These are the 10 worst PIN codes](https://www.malwarebytes.com/blog/news/2025/01/these-are-the-10-worst-pin-codes) - - [ ] [What Is a Jump List Complete Guide for Users and Investigators](https://www.cybertriage.com/blog/what-is-a-jump-list/) -- The Hacker News - - [ ] [Google: Over 57 Nation-State Threat Groups Using AI for Cyber Operations](https://thehackernews.com/2025/01/google-over-57-nation-state-threat.html) - - [ ] [Authorities Seize Domains of Popular Hacking Forums in Major Cybercrime Crackdown](https://thehackernews.com/2025/01/authorities-seize-domains-of-popular.html) - - [ ] [Lightning AI Studio Vulnerability Allowed RCE via Hidden URL Parameter](https://thehackernews.com/2025/01/lightning-ai-studio-vulnerability.html) - - [ ] [SOC Analysts - Reimagining Their Role Using AI](https://thehackernews.com/2025/01/soc-analysts-reimagining-their-role.html) - - [ ] [DeepSeek AI Database Exposed: Over 1 Million Log Lines, Secret Keys Leaked](https://thehackernews.com/2025/01/deepseek-ai-database-exposed-over-1.html) - - [ ] [Unpatched PHP Voyager Flaws Leave Servers Open to One-Click RCE Exploits](https://thehackernews.com/2025/01/unpatched-php-voyager-flaws-leave.html) - - [ ] [New Aquabot Botnet Exploits CVE-2024-41710 in Mitel Phones for DDoS Attacks](https://thehackernews.com/2025/01/new-aquabot-botnet-exploits-cve-2024.html) -- Graham Cluley - - [ ] [Smashing Security podcast #402: Hackers get hacked, the British Museum IT shutdown, and social media kidnaps](https://grahamcluley.com/smashing-security-podcast-402-hackers-get-hacked-the-british-museum-it-shutdown-and-social-media-kidnaps/) + - [ ] [DeepSeek, serve cautela ci sono pericoli per la sicurezza](https://www.cybersecurity360.it/news/deepseek-usarlo-con-cautela-ci-sono-pericoli-per-la-sicurezza/) + - [ ] [Backdoor found in two healthcare patient monitors, linked to IP in China](https://www.bleepingcomputer.com/news/security/backdoor-found-in-two-healthcare-patient-monitors-linked-to-ip-in-china/) - Trend Micro Research, News and Perspectives - - [ ] [Lumma Stealer’s GitHub-Based Delivery Explored via Managed Detection and Response](https://www.trendmicro.com/en_us/research/25/a/lumma-stealers-github-based-delivery-via-mdr.html) - - [ ] [NDR: Not Just a "Nice to Have" Anymore](https://www.trendmicro.com/en_us/research/25/a/network-detection-response-ndr.html) + - [ ] [Future of Cybersecurity: Will XDR Absorb SIEM & SOAR?](https://www.trendmicro.com/en_us/research/25/a/xdr-siem-soar.html) - Deeplinks - - [ ] [Executive Order to the State Department Sideswipes Freedom Tools, Threatens Censorship Resistance, Privacy, and Anonymity of Millions](https://www.eff.org/deeplinks/2025/01/executive-order-state-department-sideswipes-freedom-tools-threatens-censorship) - - [ ] [The Internet Never Forgets: Fighting the Memory Hole](https://www.eff.org/deeplinks/2025/01/internet-never-forgets-fighting-memory-hole) - - [ ] [Protect Your Privacy on Bumble](https://www.eff.org/deeplinks/2025/01/protect-your-privacy-bumble) + - [ ] [Copyright is a Civil Liberties Nightmare](https://www.eff.org/deeplinks/2025/01/copyright-civil-liberties-nightmare) +- Schneier on Security + - [ ] [Friday Squid Blogging: On Squid Brains](https://www.schneier.com/blog/archives/2025/01/friday-squid-blogging-on-squid-brains-2.html) +- Computer Forensics + - [ ] [Baloney Detection Kit](https://www.reddit.com/r/computerforensics/comments/1iegsc1/baloney_detection_kit/) + - [ ] [Is this normal with iphone digital forensics?](https://www.reddit.com/r/computerforensics/comments/1iegbx6/is_this_normal_with_iphone_digital_forensics/) + - [ ] [Audi transcription](https://www.reddit.com/r/computerforensics/comments/1ief751/audi_transcription/) +- Blackhat Library: Hacking techniques and research + - [ ] [New Business Opportunity](https://www.reddit.com/r/blackhat/comments/1iek6i3/new_business_opportunity/) +- Krebs on Security + - [ ] [FBI, Dutch Police Disrupt ‘Manipulaters’ Phishing Gang](https://krebsonsecurity.com/2025/01/fbi-dutch-police-disrupt-manipulaters-phishing-gang/) +- Deep Web + - [ ] [Anyone who can provide invitational links?](https://www.reddit.com/r/deepweb/comments/1iepero/anyone_who_can_provide_invitational_links/) + - [ ] [Is there a reliable list of links?](https://www.reddit.com/r/deepweb/comments/1iebzm9/is_there_a_reliable_list_of_links/) +- Your Open Hacker Community + - [ ] [Is Hacking: The Art of Exploitation still a good book for beginners in 2025?](https://www.reddit.com/r/HowToHack/comments/1ieayzm/is_hacking_the_art_of_exploitation_still_a_good/) + - [ ] [I’m stuck in my hacking learning](https://www.reddit.com/r/HowToHack/comments/1iefdhx/im_stuck_in_my_hacking_learning/) + - [ ] [Cybersecurity Roadmap After Learning Networking, Linux & Python? Need Guidance!](https://www.reddit.com/r/HowToHack/comments/1iemc6e/cybersecurity_roadmap_after_learning_networking/) + - [ ] [How to have a career in cyber security and ethical hacking?](https://www.reddit.com/r/HowToHack/comments/1iek4vz/how_to_have_a_career_in_cyber_security_and/) + - [ ] [Javascript: trying to grab a class from runtime script](https://www.reddit.com/r/HowToHack/comments/1ierdsb/javascript_trying_to_grab_a_class_from_runtime/) + - [ ] [Using embedded RTTI to reverse engineer classes.](https://www.reddit.com/r/HowToHack/comments/1ief4dz/using_embedded_rtti_to_reverse_engineer_classes/) + - [ ] [Can anyone help me find this guy he got in my mates pc and then provided a email or something](https://www.reddit.com/r/HowToHack/comments/1ieouov/can_anyone_help_me_find_this_guy_he_got_in_my/) + - [ ] [Phone hacked](https://www.reddit.com/r/HowToHack/comments/1iembsn/phone_hacked/) + - [ ] [Can we catch someone using VPN or TOR for hoax calls?](https://www.reddit.com/r/HowToHack/comments/1ie9efv/can_we_catch_someone_using_vpn_or_tor_for_hoax/) + - [ ] [I need a friend fr](https://www.reddit.com/r/HowToHack/comments/1ies4at/i_need_a_friend_fr/) + - [ ] [Can someone send me a phishing link and then say my password etc.](https://www.reddit.com/r/HowToHack/comments/1ieriwo/can_someone_send_me_a_phishing_link_and_then_say/) + - [ ] [hi if anyone is available I need a little help](https://www.reddit.com/r/HowToHack/comments/1iesp85/hi_if_anyone_is_available_i_need_a_little_help/) + - [ ] [What's I need to learn?](https://www.reddit.com/r/HowToHack/comments/1ie6pza/whats_i_need_to_learn/) + - [ ] [Trying to find a way to expose a racist, can you help?](https://www.reddit.com/r/HowToHack/comments/1iep6ol/trying_to_find_a_way_to_expose_a_racist_can_you/) + - [ ] [Phishing links](https://www.reddit.com/r/HowToHack/comments/1ie49f5/phishing_links/) + - [ ] [Android Rat](https://www.reddit.com/r/HowToHack/comments/1iejeu5/android_rat/) + - [ ] [Has anyone “created” their own WHID Cactus?](https://www.reddit.com/r/HowToHack/comments/1ie23b8/has_anyone_created_their_own_whid_cactus/) + - [ ] [Hello guys, I wanted to ddos attack on my college website, how can I do?](https://www.reddit.com/r/HowToHack/comments/1ieiva8/hello_guys_i_wanted_to_ddos_attack_on_my_college/) + - [ ] [Best way to get started in ethical hacking and pentesting?](https://www.reddit.com/r/HowToHack/comments/1iedc7i/best_way_to_get_started_in_ethical_hacking_and/) +- netsecstudents: Subreddit for students studying Network Security and its related subjects + - [ ] [🔥 Evolution of Wi-Fi Security: From WEP to WPA3 🔥](https://www.reddit.com/r/netsecstudents/comments/1ie274v/evolution_of_wifi_security_from_wep_to_wpa3/) - The Register - Security - - [ ] [Data resilience and data portability](https://go.theregister.com/feed/www.theregister.com/2025/01/30/data_resilience_and_data_portability/) - - [ ] [VMware plugs steal-my-credentials holes in Cloud Foundation](https://go.theregister.com/feed/www.theregister.com/2025/01/30/vmware_infomration_disclosure_flaws/) - - [ ] [Trump admin's purge of US cyber advisory boards was 'foolish,' says ex-Navy admiral](https://go.theregister.com/feed/www.theregister.com/2025/01/30/gutting_us_cyber_advisory_boards/) - - [ ] [Ransomware attack at New York blood services provider – donors turned away during shortage crisis](https://go.theregister.com/feed/www.theregister.com/2025/01/30/ransomware_attack_at_new_york/) - - [ ] [Canvassing apps used by UK political parties riddled with privacy, security issues](https://go.theregister.com/feed/www.theregister.com/2025/01/30/uk_canvassing_app_issues/) - - [ ] [WFH with privacy? 85% of Brit bosses snoop on staff](https://go.theregister.com/feed/www.theregister.com/2025/01/30/forget_the_idea_of_wfh/) - - [ ] [Wacom says crooks probably swiped customer credit cards from its online checkout](https://go.theregister.com/feed/www.theregister.com/2025/01/30/wacom_data_loss/) - - [ ] [Guess who left a database wide open, exposing chat logs, API keys, and more? Yup, DeepSeek](https://go.theregister.com/feed/www.theregister.com/2025/01/30/deepseek_database_left_open/) + - [ ] [The Big Short on Cybersecurity](https://go.theregister.com/feed/www.theregister.com/2025/01/31/the_big_short_on_cybersecurity/) + - [ ] [Another banner year for ransomware gangs despite takedowns by the cops](https://go.theregister.com/feed/www.theregister.com/2025/01/31/banner_year_for_ransomware_gangs/) + - [ ] [Google to Iran: Yes, we see you using Gemini for phishing and scripting. We're onto you](https://go.theregister.com/feed/www.theregister.com/2025/01/31/state_spies_google_gemini/) - Palo Alto Networks Blog - - [ ] [Cortex Is the First SOC Platform to Achieve FedRAMP High Authorization](https://www.paloaltonetworks.com/blog/2025/01/cortex-achieve-fedramp-high-authorization/) + - [ ] [DeepSeek’s Rise Shows AI Security Remains a Moving Target](https://www.paloaltonetworks.com/blog/2025/01/deepseek-rise-shows-ai-security-remains-moving-target/) - Social Engineering - - [ ] ["Humans Aren’t the Weakest Link, They’re the Strongest Layer in Cybersecurity"](https://www.reddit.com/r/SocialEngineering/comments/1idqop9/humans_arent_the_weakest_link_theyre_the/) - - [ ] [How to better at socialising?](https://www.reddit.com/r/SocialEngineering/comments/1idam33/how_to_better_at_socialising/) + - [ ] [How We Used Psychology To Increase Positive Reviews](https://www.reddit.com/r/SocialEngineering/comments/1iecatk/how_we_used_psychology_to_increase_positive/) - Information Security - - [ ] [Change Healthcare data breach – how to protect yourself](https://www.reddit.com/r/Information_Security/comments/1idnbgn/change_healthcare_data_breach_how_to_protect/) - - [ ] [College Survey on AI-Enhanced Phishing and Cybersecurity Training Effectiveness](https://www.reddit.com/r/Information_Security/comments/1idq592/college_survey_on_aienhanced_phishing_and/) - - [ ] [CIS standards for CyberArk](https://www.reddit.com/r/Information_Security/comments/1idn856/cis_standards_for_cyberark/) - - [ ] [What is SHEIN doing to our data?](https://www.reddit.com/r/Information_Security/comments/1idgkn6/what_is_shein_doing_to_our_data/) -- Your Open Hacker Community - - [ ] [Everything is hacked 😊](https://www.reddit.com/r/HowToHack/comments/1ie17ff/everything_is_hacked/) - - [ ] [Phones that are open to connecting via Bluetooth](https://www.reddit.com/r/HowToHack/comments/1idms17/phones_that_are_open_to_connecting_via_bluetooth/) - - [ ] [Most Effective learning path to Reverse engineer network server of old games?](https://www.reddit.com/r/HowToHack/comments/1ids89n/most_effective_learning_path_to_reverse_engineer/) - - [ ] [Is there any website I can use to convert a large amount of passwords into Hashes (in batch)?](https://www.reddit.com/r/HowToHack/comments/1idu982/is_there_any_website_i_can_use_to_convert_a_large/) - - [ ] [Finding an array of class instances using Cheat Engine?](https://www.reddit.com/r/HowToHack/comments/1idh9ob/finding_an_array_of_class_instances_using_cheat/) - - [ ] [Free course](https://www.reddit.com/r/HowToHack/comments/1idm5ny/free_course/) - - [ ] [Cheat engine?](https://www.reddit.com/r/HowToHack/comments/1idu18m/cheat_engine/) - - [ ] [Who has dark web AI?](https://www.reddit.com/r/HowToHack/comments/1idtmsb/who_has_dark_web_ai/) - - [ ] [Question](https://www.reddit.com/r/HowToHack/comments/1ide7pg/question/) - - [ ] [I want to hack like elliot from mister robot](https://www.reddit.com/r/HowToHack/comments/1idwvv2/i_want_to_hack_like_elliot_from_mister_robot/) - - [ ] [Tips for Copying and Pasting from Apps That Restrict It](https://www.reddit.com/r/HowToHack/comments/1idg62q/tips_for_copying_and_pasting_from_apps_that/) - - [ ] [Can I duplicate a SIM card?](https://www.reddit.com/r/HowToHack/comments/1idihtl/can_i_duplicate_a_sim_card/) -- Krebs on Security - - [ ] [Infrastructure Laundering: Blending in with the Cloud](https://krebsonsecurity.com/2025/01/infrastructure-laundering-blending-in-with-the-cloud/) + - [ ] [3 Cyber Attacks in January 2025](https://www.reddit.com/r/Information_Security/comments/1ieeo5l/3_cyber_attacks_in_january_2025/) +- The Hacker News + - [ ] [CISA and FDA Warn of Critical Backdoor in Contec CMS8000 Patient Monitors](https://thehackernews.com/2025/01/cisa-and-fda-warn-of-critical-backdoor.html) + - [ ] [Top 5 AI-Powered Social Engineering Attacks](https://thehackernews.com/2025/01/top-5-ai-powered-social-engineering.html) + - [ ] [Italy Bans Chinese DeepSeek AI Over Data Privacy and Ethical Concerns](https://thehackernews.com/2025/01/italy-bans-chinese-deepseek-ai-over.html) + - [ ] [Google Bans 158,000 Malicious Android App Developer Accounts in 2024](https://thehackernews.com/2025/01/google-bans-158000-malicious-android.html) + - [ ] [Broadcom Patches VMware Aria Flaws – Exploits May Lead to Credential Theft](https://thehackernews.com/2025/01/broadcom-patches-vmware-aria-flaws.html) - TorrentFreak - - [ ] [Pirate IPTV: Sweden Mulls ‘Viewing Ban’ as Illegal Subscriptions Soar 25%](https://torrentfreak.com/pirate-iptv-sweden-mulls-viewing-ban-as-illegal-subscriptions-soar-25-250130/) -- Full Disclosure - - [ ] [Quorum onQ OS - 6.0.0.5.2064 | Reflected Cross Site Scripting (XSS) | CVE-2024-44449](https://seclists.org/fulldisclosure/2025/Jan/23) - - [ ] [Deepseek writes textbook insecure code in 2025-01-28](https://seclists.org/fulldisclosure/2025/Jan/22) - - [ ] [Text injection on https://www.google.com/sorry/index via ?q parameter (no XSS)](https://seclists.org/fulldisclosure/2025/Jan/21) -- Technical Information Security Content & Discussion - - [ ] [The Slow Death of OCSP](https://www.reddit.com/r/netsec/comments/1idvdv5/the_slow_death_of_ocsp/) - - [ ] [Practising Heap Exploitation: Using House Of Force Technique with Practicals](https://www.reddit.com/r/netsec/comments/1idm8tr/practising_heap_exploitation_using_house_of_force/) - - [ ] [WebAssembly and security: a review](https://www.reddit.com/r/netsec/comments/1idnsqk/webassembly_and_security_a_review/) - - [ ] [A short Introduction to BloodHound Custom Queries](https://www.reddit.com/r/netsec/comments/1idlm4q/a_short_introduction_to_bloodhound_custom_queries/) - - [ ] [CVE-2024-46506: Unauthenticated RCE in NetAlertx](https://www.reddit.com/r/netsec/comments/1idsuzx/cve202446506_unauthenticated_rce_in_netalertx/) -- netsecstudents: Subreddit for students studying Network Security and its related subjects - - [ ] [GCP Red Teaming / Pentesting Certifications](https://www.reddit.com/r/netsecstudents/comments/1idjlk4/gcp_red_teaming_pentesting_certifications/) + - [ ] [Pirate Libraries Are Forbidden Fruit for AI Companies. But at What Cost?](https://torrentfreak.com/pirate-libraries-are-forbidden-fruit-for-ai-companies-but-at-what-cost-250131/) + - [ ] [Court Rejects Musi’s Bid to Force Apple to Reinstate its Music App](https://torrentfreak.com/court-rejects-musis-bid-to-force-apple-to-reinstate-its-music-app-250131/) - Security Affairs - - [ ] [DeepSeek database exposed highly sensitive information](https://securityaffairs.com/173666/data-breach/deepseek-db-exposed-highly-sensitive-information.html) - - [ ] [TeamViewer fixed a vulnerability in Windows client and host applications](https://securityaffairs.com/173658/security/teamviewer-windows-client-flaw.html) - - [ ] [Operation Talent: An international law enforcement operation seized Cracked, Nulled and other cybercrime websites](https://securityaffairs.com/173651/cyber-crime/operation-talent-seized-cracked-nulled-cybercrime-websites.html) - - [ ] [PHP package Voyager flaws expose to one-click RCE exploits](https://securityaffairs.com/173646/hacking/php-package-voyager-flaws.html) - - [ ] [Italy’s Data Protection Authority Garante requested information from Deepseek](https://securityaffairs.com/173637/digital-id/italys-garante-requested-information-from-deepseek.html) -- Deep Web - - [ ] [My friend stumbled upon these while gliding at dark web.](https://www.reddit.com/r/deepweb/comments/1idlmuj/my_friend_stumbled_upon_these_while_gliding_at/) + - [ ] [Community Health Center data breach impacted over 1 million patients](https://securityaffairs.com/173687/data-breach/community-health-center-data-breach.html) + - [ ] [Italy’s data protection authority Garante blocked the DeepSeek AI platform](https://securityaffairs.com/173680/security/italys-data-protection-authority-garante-blocked-deepseek.html) + - [ ] [Broadcom fixed information disclosure flaws in VMware Aria Operations](https://securityaffairs.com/173677/security/vmware-aria-operations-flaws.html) +- Technical Information Security Content & Discussion + - [ ] [SlackPirate Set Sails Again! Or: How to Send the Entire “Bee Movie” Script to Your Friends in Slack](https://www.reddit.com/r/netsec/comments/1iejrzh/slackpirate_set_sails_again_or_how_to_send_the/) + - [ ] [Cisco Webex Connect - Unauthenticated access to all chats](https://www.reddit.com/r/netsec/comments/1iebyye/cisco_webex_connect_unauthenticated_access_to_all/) + - [ ] [RCE (LAN) in Marvel Rivals](https://www.reddit.com/r/netsec/comments/1iecdx2/rce_lan_in_marvel_rivals/) + - [ ] [CRLF injection via TryAddWithoutValidation in .NET](https://www.reddit.com/r/netsec/comments/1iean5l/crlf_injection_via_tryaddwithoutvalidation_in_net/) +- 网安寻路人 + - [ ] [欧盟《网络复原力法》全文翻译](https://mp.weixin.qq.com/s?__biz=MzIxODM0NDU4MQ==&mid=2247506421&idx=1&sn=f3b2c847cf7748ef86bc68daa496de01&chksm=97e9641fa09eed095158a4f84b80d0b52ad9fe6ab463c8869e956608d218c6715d95e0a3ce92&scene=58&subscene=0#rd) - Security Weekly Podcast Network (Audio) - - [ ] [Cred Vaults, Cheap AI, and Hacking Devices - Matt Bishop - PSW #859](http://sites.libsyn.com/18678/cred-vaults-cheap-ai-and-hacking-devices-matt-bishop-psw-859) + - [ ] [.ASS, Deepseek, AI Time Travel, Google, HeartBlocker, TikTok, Aaran Leyland, and More - SWN #447](http://sites.libsyn.com/18678/ass-deepseek-ai-time-travel-google-heartblocker-tiktok-aaran-leyland-and-more-swn-447) From b849c78d1ede2e9209cceda6b1e4681c066b81ca Mon Sep 17 00:00:00 2001 From: chainreactorbot Date: Sun, 2 Feb 2025 02:46:38 +0000 Subject: [PATCH 26/29] =?UTF-8?q?=E6=AF=8F=E6=97=A5=E5=AE=89=E5=85=A8?= =?UTF-8?q?=E8=B5=84=E8=AE=AF=EF=BC=882025-02-02=EF=BC=89?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- archive/daily/2025/2025-02-02.md | 281 +++++++++++++++ archive/tmp/2025-02-02.json | 316 +++++++++++++++++ today.md | 590 ++++++++++++++----------------- 3 files changed, 863 insertions(+), 324 deletions(-) create mode 100644 archive/daily/2025/2025-02-02.md create mode 100644 archive/tmp/2025-02-02.json diff --git a/archive/daily/2025/2025-02-02.md b/archive/daily/2025/2025-02-02.md new file mode 100644 index 0000000000..26b3bbe66a --- /dev/null +++ b/archive/daily/2025/2025-02-02.md @@ -0,0 +1,281 @@ +# 每日安全资讯(2025-02-02) + +- Security Boulevard + - [ ] [Mastering SEO for Cybersecurity Entrepreneurs: A Strategic Guide to Dominating Search Rankings](https://securityboulevard.com/2025/02/mastering-seo-for-cybersecurity-entrepreneurs-a-strategic-guide-to-dominating-search-rankings/) + - [ ] [Critical ‘Backdoor’ Discovered in Widely Used Healthcare Patient Monitors](https://securityboulevard.com/2025/02/critical-backdoor-discovered-in-widely-used-healthcare-patient-monitors/) + - [ ] [DEF CON 32 – Navigating the Turbulent Skies of Aviation Cyber Regulation](https://securityboulevard.com/2025/02/def-con-32-navigating-the-turbulent-skies-of-aviation-cyber-regulation/) + - [ ] [The Network Security Business System of Low-altitude Economy](https://securityboulevard.com/2025/02/the-network-security-business-system-of-low-altitude-economy/) + - [ ] [5 Encrypted Attack Predictions for 2025](https://securityboulevard.com/2025/02/5-encrypted-attack-predictions-for-2025/) +- CXSECURITY Database RSS Feed - CXSecurity.com + - [ ] [MySchool 1.0 SQL Injection / Code Injection / XSS / CSRF](https://cxsecurity.com/issue/WLB-2025020003) + - [ ] [Quorum onQ OS 6.0.0.5.2064 Cross Site Scripting](https://cxsecurity.com/issue/WLB-2025020002) + - [ ] [Xinet Elegant 6 Asset Lib Web UI 6.1.655 / SQL Injection / Exploit Update](https://cxsecurity.com/issue/WLB-2025020001) +- SecWiki News + - [ ] [SecWiki News 2025-02-01 Review](http://www.sec-wiki.com/?2025-02-01) +- Doonsec's feed + - [ ] [DIDCTF-2023陇剑杯](https://mp.weixin.qq.com/s?__biz=MzkxMTcyMDczOQ==&mid=2247489928&idx=1&sn=6d7c3e6bdc2ebf1e295e8267c5d8bdde) + - [ ] [使用ollama+chatboxai本地部署DeepSeek-R1](https://mp.weixin.qq.com/s?__biz=MzkzMjIxNjExNg==&mid=2247486252&idx=1&sn=61ab0d9e1d997b8d7b472c1053ae329f) + - [ ] [登录页面渗透的骚操作](https://mp.weixin.qq.com/s?__biz=MzIzMTIzNTM0MA==&mid=2247497000&idx=1&sn=75f5108d220ca6e274950e535e153016) + - [ ] [云安全(三):弹性计算](https://mp.weixin.qq.com/s?__biz=MzkyMjUzNTM1Mw==&mid=2247487015&idx=1&sn=e89a2fcd6f86808d6620ba1ceadcd11d) + - [ ] [一张图带你精通 OSPF 8种邻居状态机!](https://mp.weixin.qq.com/s?__biz=MzIyMzIwNzAxMQ==&mid=2649464773&idx=1&sn=acb575af881525a3e2cd0186d455397c) + - [ ] [山石网科安全技术研究院2024年度重点工作回顾](https://mp.weixin.qq.com/s?__biz=MzUzMDUxNTE1Mw==&mid=2247510303&idx=1&sn=645d8cdc8b8ff9655f7539e399beee77) + - [ ] [揭开人工智能在交通网络安全中的神秘面纱](https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247620287&idx=1&sn=6f9d6cb2c027a272fd9f3071ee1c6d98) + - [ ] [华为: Al系统的网络安全治理实践](https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247620287&idx=2&sn=0cdae5eb3d4907028fd0f96852ad3668) + - [ ] [自动驾驶汽车面临的新兴人工智能安全威胁——案例研究](https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247620287&idx=3&sn=47cf0400cb3ddb350259918836a8c068) + - [ ] [请立即拿下软考证书(政策风口)](https://mp.weixin.qq.com/s?__biz=MzkxMzIwNTY1OA==&mid=2247510853&idx=1&sn=9815e46599f8b6ca3afbebaed5b3bc14) + - [ ] [红盟只会蹭!](https://mp.weixin.qq.com/s?__biz=MjM5MDA3MzI0MA==&mid=2650091305&idx=1&sn=46fdbe456aa28cd1adac446738c5485a) + - [ ] [80元,国产开源小智AI机器人,ESP32开发板接入大模型DeepSeek、OpenAI、通义千问Qwen 2.5-Max](https://mp.weixin.qq.com/s?__biz=MjM5OTA4MzA0MA==&mid=2454936768&idx=1&sn=6f29da51c0c66d3b3071ecb6a687758f) + - [ ] [基于Linux的僵尸网络构建器,构建高级隐秘僵尸网络负载](https://mp.weixin.qq.com/s?__biz=MzA4ODEyODA3MQ==&mid=2247490259&idx=1&sn=c08c2bd9abcefc046bac145ca7cbfe50) + - [ ] [从小白开发渗透工具视角入手,探究普通的DeepSeek和深度思考DeepSeek!](https://mp.weixin.qq.com/s?__biz=MzkxNjQyODY5MA==&mid=2247487061&idx=1&sn=72f827cadc8c26260ee3070fc1b7efd2) + - [ ] [爆火后,春节期间DeepSeek遭受持续网络攻击](https://mp.weixin.qq.com/s?__biz=Mzg4NzQ4MzA4Ng==&mid=2247485208&idx=1&sn=4fcdd68a9ed97a7a5ce93ad85d49bfa7) + - [ ] [美国出手!DeepSeek面临国家安全审查,背后真相竟是?](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485498&idx=1&sn=84a02aeabc93094170e1c0d52c326621) + - [ ] [【干货原创】实网攻防演习常态化,会带来什么变化01](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485498&idx=4&sn=c60736a2da5c4b3aee5754d81a719daf) + - [ ] [【干货原创】K12教育,鲜为人知的模式秘密](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485498&idx=5&sn=a7411432d09e6c934f287ea4aa143914) + - [ ] [原创文章目录](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485498&idx=6&sn=b4b5521d819b8caacf8445038a197b3e) + - [ ] [攻防技战术动态一周更新 - 20250127](https://mp.weixin.qq.com/s?__biz=MzkzODc4NjE1OQ==&mid=2247483926&idx=1&sn=1cf9efa9275745a63e8321ce0f5b52e0) + - [ ] [啊不行了 | 州弟的完全仿真代码审计环境](https://mp.weixin.qq.com/s?__biz=Mzk0NzQxNzY2OQ==&mid=2247488177&idx=1&sn=5a13360627fa6f17845ed7f5ecb49401) + - [ ] [如何快速入门TARA分析](https://mp.weixin.qq.com/s?__biz=MzIzOTc2OTAxMg==&mid=2247549669&idx=1&sn=d9810c4fd500ea3b02c460bb4d3a834a) + - [ ] [65页PPT,彻底看懂车联网!](https://mp.weixin.qq.com/s?__biz=MzIzOTc2OTAxMg==&mid=2247549669&idx=2&sn=955034255c03e02fe1ee9b3369ad005a) + - [ ] [6大免费观影神器,速收藏!另外在送两个建议大家收藏哦](https://mp.weixin.qq.com/s?__biz=MzI2OTk4MTA3Ng==&mid=2247496979&idx=1&sn=65d0260847cf75b6e233e2e5cc89ac13) + - [ ] [ctftools-all-in-oneV7.5研发进度](https://mp.weixin.qq.com/s?__biz=MzI1NzUxOTUzMA==&mid=2247485804&idx=1&sn=d28981ead96f5082104db24877042d3f) + - [ ] [AI风险分析 | 攻击组织在多个AWS租户环境劫持LLM模型](https://mp.weixin.qq.com/s?__biz=MzkyMTI0NjA3OA==&mid=2247494056&idx=1&sn=4e236c890b1530189931881acd81dc9b) + - [ ] [成为看雪讲师,开启技术分享的高光时刻](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458589300&idx=1&sn=5bc3ab9031d8c5a62d14e0fc0189cf4f) + - [ ] [关于PAN-OS DoS(CVE-2024-3393)的研究](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458589300&idx=2&sn=e9f874ab1024ce5d7a8a2a424b891a7f) + - [ ] [新年新气象!想换工作看这里](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458589300&idx=3&sn=9f27f3668d0461ba4776901f8b44fc8d) + - [ ] [DeepSeek-R1展示了小模型也能成为推理专家](https://mp.weixin.qq.com/s?__biz=MzIxODM0NDU4MQ==&mid=2247506426&idx=1&sn=b8eae0703ee904b21809cbae29edd137) + - [ ] [Cobalt Strike 和一对 SOCKS 代理引发 LockBit 勒索软件事件](https://mp.weixin.qq.com/s?__biz=MzAxODM5ODQzNQ==&mid=2247486923&idx=1&sn=d11a4c7e9e5411ca2c7631f9f4706dbe) + - [ ] [营销号别再传了!deepseek的安全攻防不是武侠修仙!](https://mp.weixin.qq.com/s?__biz=MzIxNDAyNjQwNg==&mid=2456099384&idx=1&sn=1878da953490a6aa39caed770ad1406f) + - [ ] [21.4k star,开源安全漏洞扫描神器,可集成CI/CD](https://mp.weixin.qq.com/s?__biz=MzkxMzMyNzMyMA==&mid=2247570693&idx=1&sn=91430db87cc7d4fe301b95d1c68fda36) + - [ ] [19岁、利用黑客技术盗取4万余网络账号,获利7万:被判](https://mp.weixin.qq.com/s?__biz=MzIxMDIwODM2MA==&mid=2653931481&idx=1&sn=6f6dfc4a0f5a36ad5886ae1d975ca3d5) + - [ ] [荣耀终端申请热点控制相关专利,提高Wi-Fi网络安全性](https://mp.weixin.qq.com/s?__biz=MzIxMDIwODM2MA==&mid=2653931481&idx=2&sn=9bd4ad59f5cb2457c1b33a0d0febc77f) + - [ ] [Android 检测:高级 Root 检测绕过 - Smali 代码篡改](https://mp.weixin.qq.com/s?__biz=MzAxMjYyMzkwOA==&mid=2247527447&idx=1&sn=a371987781d51e0e776920a85741fe0c) + - [ ] [CVE-2025-0065:TeamViewer 修补 Windows 客户端中的权限提升漏洞](https://mp.weixin.qq.com/s?__biz=MzAxMjYyMzkwOA==&mid=2247527447&idx=2&sn=0ab2f693c54ddb608b553da95edaa698) + - [ ] [【预警】Deepseek钓鱼页面预警](https://mp.weixin.qq.com/s?__biz=MzkzNDIzNDUxOQ==&mid=2247494693&idx=1&sn=2d26a1d29cf92409af1b5826a779c05c) + - [ ] [\'史上最精密\'的钓鱼攻击](https://mp.weixin.qq.com/s?__biz=MzkzNDIzNDUxOQ==&mid=2247494693&idx=2&sn=e209774c65a6c7a9279e12103a2853a2) + - [ ] [DeepSeek 容易受到各种越狱策略的攻击](https://mp.weixin.qq.com/s?__biz=MzkzNDIzNDUxOQ==&mid=2247494693&idx=3&sn=d3bf7966fb506b6c0d12d7178b05975f) + - [ ] [deepseek被攻击,让一篇AI科幻爽文全网一起“造假”.....爱国饭是真容易吃啊](https://mp.weixin.qq.com/s?__biz=MzkyOTQzNjIwNw==&mid=2247491672&idx=1&sn=b7360aefe54f86dd75c59761ea4505e6) + - [ ] [学员免费课-新课:rust语言全栈开发视频教程更新到91节啦](https://mp.weixin.qq.com/s?__biz=MzkwOTE5MDY5NA==&mid=2247504843&idx=1&sn=889ae64c0adba860a43bdf303b1e8c55) + - [ ] [再看《哪吒之魔童降世》,照见了每个孤独灵魂的镜像](https://mp.weixin.qq.com/s?__biz=MzUzNjkxODE5MA==&mid=2247488225&idx=1&sn=db0f673d48ff5d473ec98bbbc1fb985d) + - [ ] [当心!你访问的DeepSeek可能是假的(附鉴别攻略)](https://mp.weixin.qq.com/s?__biz=MzkxOTUyOTc0NQ==&mid=2247492979&idx=1&sn=4359b2068a9e33a73390c8d5c3b09cd6) + - [ ] [[狗头]既然你们不装了 我也不装了](https://mp.weixin.qq.com/s?__biz=MzkxNTczMjA1Ng==&mid=2247483979&idx=1&sn=84d324835c297123830f204b2c017ca3) + - [ ] [小学生也能把DeepSeek AI大模型部署到本地电脑](https://mp.weixin.qq.com/s?__biz=Mzg3MDYyNzY0MA==&mid=2247491061&idx=1&sn=3c2a793788ec33b5e7deab60be9d861f) + - [ ] [分享的图片、视频、链接](https://mp.weixin.qq.com/s?__biz=Mzk1NzI0NDYyNA==&mid=2247483681&idx=1&sn=2f48ada9475d73f797f2610b931ad951) + - [ ] [【紧急通知】重要声明!!!你们别搞抽象](https://mp.weixin.qq.com/s?__biz=Mzk0NDU1NTA5MA==&mid=2247484419&idx=1&sn=771b1853e3d266165af8d6fc34bf59d8) + - [ ] [To B大模型应用的落地实践与思考](https://mp.weixin.qq.com/s?__biz=MzIzNjAyODE0NQ==&mid=2247483940&idx=1&sn=6c82ca97527b253a09315b3787c555cd) + - [ ] [星火年鉴· 顶级篇|从建设热潮转向深化应用 工业互联网国家顶级节点(上海)“申”势赫奕](https://mp.weixin.qq.com/s?__biz=MzU1OTUxNTI1NA==&mid=2247592384&idx=1&sn=0a29d3a3786c033ddb4ddcf3cb7b5c39) + - [ ] [人工智能/机器学习在美国太空域感知方面的应用](https://mp.weixin.qq.com/s?__biz=Mzg2NTYyODgyNg==&mid=2247504627&idx=1&sn=e66481ed12da4238df098da5ec1adcf8) + - [ ] [超燃!民间流传的DeepSeek安全反击战,堪比大片!](https://mp.weixin.qq.com/s?__biz=MzkzMzcxNTQyNw==&mid=2247485589&idx=1&sn=87b3c484760a254daeba89499a24251a) + - [ ] [信息泄露到任意用户重置密码](https://mp.weixin.qq.com/s?__biz=MzkzNTQwNjQ4OA==&mid=2247484067&idx=1&sn=455e369cd15c1b958e17f3221ad96a51) + - [ ] [6](https://mp.weixin.qq.com/s?__biz=MzAwMjQ2NTQ4Mg==&mid=2247496913&idx=1&sn=b90c2f8c33e0648cc1e9d560c5982fcb) + - [ ] [[耻辱] DeepSeek 遭受新轮“攻击”的幕后黑手竟来自国人内部?](https://mp.weixin.qq.com/s?__biz=MzkwODI1ODgzOA==&mid=2247506632&idx=1&sn=2bd540c33d1be58d380037ae2d1cd7c5) + - [ ] [不使用基于SUPI的寻呼:应用5G网络安全和隐私功能](https://mp.weixin.qq.com/s?__biz=MzA5MTYyMDQ0OQ==&mid=2247493605&idx=1&sn=423f73cc546dcfedf633d523d57b0a42) + - [ ] [(吃瓜)神人TV之糯米团子的清华学姐(续)](https://mp.weixin.qq.com/s?__biz=MzkzNjczNzEyMw==&mid=2247484243&idx=1&sn=0b7ae7f6bc8ebcd56064d456e227f82c) + - [ ] [创建和黑客攻击 Slack 机器人:深入探讨 Slack Jack](https://mp.weixin.qq.com/s?__biz=MzkwOTE5MDY5NA==&mid=2247504835&idx=1&sn=75a977e90904e15849abe75679e5bdc4) + - [ ] [Deepseek引发的流量之战,关于乌鸦的祛魅与重构](https://mp.weixin.qq.com/s?__biz=MzUzNjkxODE5MA==&mid=2247488214&idx=1&sn=af0b3a477109f155a16506461391656e) + - [ ] [VLAN和VXLAN的区别?网络工程师必知](https://mp.weixin.qq.com/s?__biz=MzUyNTExOTY1Nw==&mid=2247528063&idx=1&sn=fd1340771f653bfa6373c8dff5296ca4) + - [ ] [索尼盖了一座「Sony Park」,我在里面发现了 Sony 的「精神内核」](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653073083&idx=1&sn=d126353a3135b021c1f8fd8c0e66f61a) + - [ ] [【2025春节】解题领红包活动排行榜(初四 2/1)](https://mp.weixin.qq.com/s?__biz=MjM5Mjc3MDM2Mw==&mid=2651141665&idx=1&sn=cf29ecaf3b5e2954cc5cb4b91fcef39f) + - [ ] [Pwnkit:CVE-2021-4034](https://mp.weixin.qq.com/s?__biz=MzkyMDY5OTg5OA==&mid=2247493360&idx=1&sn=ac3879690699a5af38b6a86f1cf232a2) + - [ ] [静态代码分析工具推荐:保障你的应用安全](https://mp.weixin.qq.com/s?__biz=MzkxNTU5NTI1Ng==&mid=2247487270&idx=1&sn=bc240b5098e27842d109a426e8eb92a3) + - [ ] [时间强盗漏洞:ChatGPT绕过敏感话题安全防护](https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651313321&idx=1&sn=0d6cfa7efe94cdf992cd2dcb49139048) + - [ ] [DeepSeek AI数据库泄露:超百万条日志和密钥曝光](https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651313321&idx=2&sn=c838d48d01493b39dad417919a053be4) + - [ ] [OWASP发布2025十大智能合约安全漏洞](https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651313321&idx=3&sn=2d401e6e743d4029238b04acea892e1b) + - [ ] [卡巴斯基公布奔驰汽车十几个漏洞](https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651313321&idx=4&sn=87670a1665432dda01a0ca651d6f847a) + - [ ] [这份书法论文快速生成指南,让你和图书馆说拜拜!](https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247493258&idx=1&sn=0ffef35899a9b653fee3225ef51b12eb) + - [ ] [这是官方内部同行鲜有知道的工商管理论文大纲落实与完善实操秘籍!](https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247493258&idx=2&sn=bf003ad605fea1e133a894e93f22b29b) + - [ ] [真实案例解密:新手公共管理论文初稿快速生成高阶攻略。](https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247493258&idx=3&sn=98ef31c04f8b932a7e8923248b3734eb) + - [ ] [震惊!电气工程论文大纲落实完善6大高阶攻略(被导师狂赞)。](https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247493258&idx=4&sn=7a1dad8668c13b926bc5e0610c36c877) + - [ ] [震惊!老社工博士的社会工作论文文献搜集内部高阶指南。](https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247493258&idx=5&sn=43192e01e90bfbbedacaf1c381833a86) + - [ ] [震惊!这个审稿神器竟助电商工程学术论文一键查漏补缺的实用攻略。](https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247493258&idx=6&sn=51d6cd0475f631f8e919625aa386b995) + - [ ] [震惊!ChatGPT如何一天发现诉讼法学论文全部问题的内部指南!](https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247493258&idx=7&sn=09ee2cb7b26c763785df00a162d27a7b) + - [ ] [震惊内部圈!我是如何用ChatGPT玩转林业工程论文方向的文献搜集!](https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247493258&idx=8&sn=527bb9ac25138f9b2e6cd7654c165a39) + - [ ] [GamaCopy 现身!模仿 Gamaredon 组织,对俄发动新一轮攻击](https://mp.weixin.qq.com/s?__biz=Mzg3OTYxODQxNg==&mid=2247485683&idx=1&sn=5c06bb2b3ba34ca9a23534534837c8a9) + - [ ] [一张屋顶照片,开源情报如何锁定它的秘密坐标](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650559421&idx=1&sn=553b9a49e14e867a2da952e98f64e056) + - [ ] [曼德海峡危机:胡塞武装如何搅动全球贸易与地缘政治的“一池春水”?](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650559421&idx=2&sn=da3d637f045dd6b7a31208d6a3090c6e) + - [ ] [你好 2025,世界会继续越来越快](https://mp.weixin.qq.com/s?__biz=MzA3NTEzMTUwNA==&mid=2651081669&idx=1&sn=aa0b77b261c5fe6e6c4784263302e03f) + - [ ] [正月初四最搞笑的笑话](https://mp.weixin.qq.com/s?__biz=MzU1NTkzMTYxOQ==&mid=2247485751&idx=1&sn=7463c252806b7e8e8da0ecf06eea866f) + - [ ] [AI 本地部署中的 ollama 是什么?](https://mp.weixin.qq.com/s?__biz=Mzk0MTI4NTIzNQ==&mid=2247492261&idx=1&sn=c7178360ac6dba4741717fd3c56a1146) + - [ ] [DeepSeek最出色的能力应该是代骂而不是代码😀](https://mp.weixin.qq.com/s?__biz=MzA3NDE0NTY0OQ==&mid=2247484242&idx=1&sn=a9166a36c2c2bb21ecd7637b5a84f422) + - [ ] [Microsoft 365 copilot 新功能202501](https://mp.weixin.qq.com/s?__biz=MzkxNzY0Mzg2OQ==&mid=2247486274&idx=1&sn=59caf18e3b9bf034c72478234c8590ad) + - [ ] [创新终端主动防护-多种通用0day漏洞检测方案](https://mp.weixin.qq.com/s?__biz=Mzg3Mzk2MzA3Nw==&mid=2247483863&idx=1&sn=3bad3dd3b64d3812fb4640e91bdf52ea) + - [ ] [【burpsuite靶场-服务端3】目录遍历漏洞](https://mp.weixin.qq.com/s?__biz=MzkzMDg1MzIwNA==&mid=2247487295&idx=1&sn=1d68a219fec3a01ea84c598bf48811fe) + - [ ] [【一周安全资讯0201】国家密码管理局废止、宣布失效部分行政规范性文件;突发!DeepSeek遭大规模恶意攻击](https://mp.weixin.qq.com/s?__biz=MzIzMDQwMjg5NA==&mid=2247506589&idx=1&sn=1c1b2e3e5c338dff993f141284e0f906) + - [ ] [安天AVL SDK反病毒引擎升级通告(20250201)](https://mp.weixin.qq.com/s?__biz=MjM5MTA3Nzk4MQ==&mid=2650209919&idx=1&sn=a0b5d397ab81a0e73c55800ff09b01a0) + - [ ] [大年初四丨安天融川给您拜年了](https://mp.weixin.qq.com/s?__biz=MjM5MTA3Nzk4MQ==&mid=2650209919&idx=2&sn=a9efdf07b227af4acbdb20e6717bc1d7) + - [ ] [DeepSeek与ChatGPT针对CTF解题对比|附在线环境](https://mp.weixin.qq.com/s?__biz=MzU5OTMxNjkxMA==&mid=2247488632&idx=1&sn=1806092dd0584dbfa5a5c8e4012dd747) + - [ ] [进京证如何办理?10分钟解决问题。](https://mp.weixin.qq.com/s?__biz=MzU4NDY3MTk2NQ==&mid=2247491071&idx=1&sn=6966854f010f06f257f245e7bc657400) + - [ ] [【2025-02-01】黑客新闻摘要](https://mp.weixin.qq.com/s?__biz=MzIzNDU5NTI4OQ==&mid=2247488405&idx=1&sn=f62872b286736d06109777492b8d9fba) + - [ ] [“黑鹰”军用直升机在华盛顿坠毁,美国防部长赫格塞斯证实与执行秘密任务有关](https://mp.weixin.qq.com/s?__biz=MzkwNzM0NzA5MA==&mid=2247505160&idx=1&sn=05f376010583e168e07d9c78e504193e) + - [ ] [刚果(金)戈马越狱风暴:4400囚犯“出逃”,局势失控?](https://mp.weixin.qq.com/s?__biz=MzkwNzM0NzA5MA==&mid=2247505160&idx=2&sn=a4a7f865889145d36a8dd860df1690cb) + - [ ] [FOFA API 驱动的图形化资产发现工具 - fofaEX](https://mp.weixin.qq.com/s?__biz=MzU2NzY5MzI5Ng==&mid=2247504982&idx=1&sn=2d93981ebe365bcb4c2964035dea3702) + - [ ] [Android Intent 重定向漏洞分析总结](https://mp.weixin.qq.com/s?__biz=MjM5MjEyMTcyMQ==&mid=2651037464&idx=1&sn=439f05b2a2f5523c148d07a794aff60a) + - [ ] [大年初四 灵蛇献瑞](https://mp.weixin.qq.com/s?__biz=Mzg2MTU5ODQ2Mg==&mid=2247507176&idx=1&sn=8819e47701a5cf51b812fd021a3bf950) + - [ ] [DeepSeek爆火后,黑产已闻风而动!](https://mp.weixin.qq.com/s?__biz=MzkyMjQ5ODk5OA==&mid=2247507181&idx=1&sn=976efdc26cefd2a37c525fb26e8ab646) + - [ ] [5th域安全微讯早报【20250201】028期](https://mp.weixin.qq.com/s?__biz=MzkyMjQ5ODk5OA==&mid=2247507181&idx=2&sn=854ed0a16f73598c2b27a762c4a53ffd) + - [ ] [数字取证之数据分析u200c](https://mp.weixin.qq.com/s?__biz=MjM5OTk4MDE2MA==&mid=2655264930&idx=1&sn=0a275a5bf702dc56d6a9f833e7aeacdf) + - [ ] [byd营销号](https://mp.weixin.qq.com/s?__biz=MzkyNTQ0OTYxOQ==&mid=2247484015&idx=1&sn=1a1073f8587d098c6dc51f8b87a766c5) + - [ ] [分享图片](https://mp.weixin.qq.com/s?__biz=MzI3Njc1MjcxMg==&mid=2247494440&idx=1&sn=1b8af18b3a22c5f39fd97ad2dfb2ae32) + - [ ] [总结 | 2024 年度内网实战攻防电子报刊 34 篇文章内容汇总](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498632&idx=1&sn=681e983fa35bb19e0904831b335d7e0f) + - [ ] [.NET 安全攻防知识交流社区](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498632&idx=2&sn=6855593bf81f6d589c2562c3edaa601f) + - [ ] [收藏 | dotNet安全矩阵 2024 年度外网入口打点阶段文章和工具汇总](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498632&idx=3&sn=66a759fa72b074482a993bee88e6bd92) + - [ ] [手机成“间谍”,亚马逊因秘密收集数据遭消费者起诉](https://mp.weixin.qq.com/s?__biz=MzAxMjE3ODU3MQ==&mid=2650607379&idx=1&sn=f423643d84fa60f7c80da858f7743731) + - [ ] [新的“双击劫持”漏洞绕过主要网站上的点击劫持保护](https://mp.weixin.qq.com/s?__biz=MzAxMjE3ODU3MQ==&mid=2650607379&idx=2&sn=1a33bc4a7ac127d883ebe4a69affe12b) + - [ ] [一次窃取程序的恶意样本分析](https://mp.weixin.qq.com/s?__biz=MzAxMjE3ODU3MQ==&mid=2650607379&idx=3&sn=28d0ae38a96ecf4446ef6bd8046c038e) + - [ ] [link-tools为一款Windows GUI界面的渗透测试工具箱](https://mp.weixin.qq.com/s?__biz=MzAxMjE3ODU3MQ==&mid=2650607379&idx=4&sn=0447ff461c0fe2afa30f94745b30c72e) + - [ ] [初四](https://mp.weixin.qq.com/s?__biz=MzUyMjAyODU1NA==&mid=2247491949&idx=1&sn=db34e5b2b978d140668f25745ca4f3ac) + - [ ] [深度解析:如何用Deepseek打造你的专属网安知识宝库?](https://mp.weixin.qq.com/s?__biz=MzkyNTQ0OTYxOQ==&mid=2247484011&idx=1&sn=6b25491f38e5b7e274cc5bc7bdeec18e) + - [ ] [OpenAI 推出 o3-mini;传苹果接近敲定折叠显示屏供应商;唐探系列票房逼近百亿元 | 极客早知道](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653073082&idx=1&sn=260c62fbf5a7f5143c5f9484f5f7f354) + - [ ] [首个由DeepSeek独立开发的AI网络安全工具箱!引起热议!](https://mp.weixin.qq.com/s?__biz=MzkxMTUwOTY1MA==&mid=2247490185&idx=1&sn=4a59c7132dfa0c66a3ee2d9273d44c79) + - [ ] [大年初三丨安天探海给您拜年了](https://mp.weixin.qq.com/s?__biz=MjM5MTA3Nzk4MQ==&mid=2650209911&idx=1&sn=e6d55300bbc6128f171aa8922b309af2) + - [ ] [正月初四| 四季平安 万物生春](https://mp.weixin.qq.com/s?__biz=MzI2MzU0NTk3OA==&mid=2247506083&idx=1&sn=4c32b2ddc46b9644a0f80c254e40075f) + - [ ] [捷普工业互联网安全产品线,驱动新型工业化发展](https://mp.weixin.qq.com/s?__biz=MzI2MzU0NTk3OA==&mid=2247506083&idx=2&sn=509abbaebad90f4e7b41a052a1b37506) + - [ ] [【焕新领先】捷普工业安全隔离与信息交换系统](https://mp.weixin.qq.com/s?__biz=MzI2MzU0NTk3OA==&mid=2247506083&idx=3&sn=bba933d63e82cfcce8411557476b0720) + - [ ] [神农安全给师傅们拜年了!内部小圈子限时半价优惠(春节专属30立减卷)](https://mp.weixin.qq.com/s?__biz=Mzk0Mzc1MTI2Nw==&mid=2247487446&idx=1&sn=81200c041d8e12afcccf366c12367022) + - [ ] [创宇盾:创宇护网安,铸盾迎春暖](https://mp.weixin.qq.com/s?__biz=MjM5NzA3Nzg2MA==&mid=2649870879&idx=1&sn=0835d1a397055e042f0ffebc0fb0b256) + - [ ] [ISO 45001: 2018 标准详解与实施(12)6.1.4 措施的策划](https://mp.weixin.qq.com/s?__biz=MzA5OTEyNzc1Nw==&mid=2247486054&idx=1&sn=8056a235d36ed43fc2ef8916630fa792) + - [ ] [2025春节网络安全警报](https://mp.weixin.qq.com/s?__biz=Mzg5OTg5OTI1NQ==&mid=2247489862&idx=1&sn=f0e4f34adcfd5b93927c5793af524fd2) + - [ ] [正月初四迎灶神!亚信安全祝大家丰衣足蛇,富贵吉祥](https://mp.weixin.qq.com/s?__biz=MjM5NjY2MTIzMw==&mid=2650620968&idx=1&sn=a03995a1122619732c382c5319d9f728) + - [ ] [大年初四 | 恭迎灶神,五谷丰登](https://mp.weixin.qq.com/s?__biz=Mzk0MDQ5MTQ4NA==&mid=2247487430&idx=1&sn=bb82f751709e49cc5ef44148ed512432) + - [ ] [大年初四 四季平安](https://mp.weixin.qq.com/s?__biz=MjM5NzE0NTIxMg==&mid=2651135291&idx=1&sn=6b54de7df7454cca49ce477a120d86fb) + - [ ] [Log4j CVE-2017-5645反序列化漏洞](https://mp.weixin.qq.com/s?__biz=Mzg4NDg3NjE5MQ==&mid=2247485618&idx=1&sn=83cfbd2aab32a9e8073abb2cd983f27d) + - [ ] [初四 | 祥蛇蜿蜒,好运满仓,锦绣山河,吉运长长!](https://mp.weixin.qq.com/s?__biz=MzU4NjY4MDAyNQ==&mid=2247497081&idx=1&sn=96484e2122edceda10e3de161b86484c) + - [ ] [大年初四 | 银蛇吐瑞,万事胜意](https://mp.weixin.qq.com/s?__biz=MzA3OTMxNTcxNA==&mid=2650963506&idx=1&sn=b2661ebf223823e387ec7d46637c3ac2) + - [ ] [零基础本地部署DeepSeek!手把手教你搭建国产最强AI大脑](https://mp.weixin.qq.com/s?__biz=Mzk0ODY1NzEwMA==&mid=2247486675&idx=1&sn=ff46b4b4ce2fb3ededd885f2398bafb9) + - [ ] [Ai战狼](https://mp.weixin.qq.com/s?__biz=MzAwMjQ2NTQ4Mg==&mid=2247496907&idx=1&sn=36a478dc796d527b7c1195a0afb86c11) + - [ ] [论文一直投不中?保姆级SCI全程投稿发表服务来了!润色、选刊、投稿、返修,直至中刊!](https://mp.weixin.qq.com/s?__biz=MzAwMjQ2NTQ4Mg==&mid=2247496907&idx=2&sn=9eeba04206e60a80699f287ad3c825bb) + - [ ] [初四:福星高照](https://mp.weixin.qq.com/s?__biz=MzU0NDk0NTAwMw==&mid=2247624778&idx=1&sn=de687f302a706e482c124823f899808b) + - [ ] [傻瓜式一键代理池,v0.3又变强了!](https://mp.weixin.qq.com/s?__biz=MzkyNzIxMjM3Mg==&mid=2247489195&idx=1&sn=3b904fbc768821fac403d8a4bca8c875) + - [ ] [闭环](https://mp.weixin.qq.com/s?__biz=MzkyNzIxMjM3Mg==&mid=2247489195&idx=2&sn=867087cc30ea38e636ef9f895828c934) + - [ ] [【初四】福气源自持续追求 幸福来自成功守护](https://mp.weixin.qq.com/s?__biz=MjM5NTE0MjQyMg==&mid=2650624576&idx=1&sn=d59a4adc412c2ff7d3e3da35639973d7) + - [ ] [【实操】美国这家公司为什么要招聘懂中文的开源情报分析师](https://mp.weixin.qq.com/s?__biz=MzI2MTE0NTE3Mw==&mid=2651148805&idx=1&sn=9e063d3b00f1b8244a1f93112561b52f) + - [ ] [山石网科·AI汇东方|正月初四,迎接灶神](https://mp.weixin.qq.com/s?__biz=MzAxMDE4MTAzMQ==&mid=2661298301&idx=1&sn=020ccfa41ee840b9ed073e4bc4aafed0) + - [ ] [初四|云端祈福许新愿 安全托管保资产](https://mp.weixin.qq.com/s?__biz=MzkxNDY0MjMxNQ==&mid=2247532973&idx=1&sn=859678b1d31898c68b30c23d9b2d7953) + - [ ] [祥蛇舞初四 瑞霭罩华枝](https://mp.weixin.qq.com/s?__biz=MzU0MjEwNTM5Ng==&mid=2247520424&idx=1&sn=bd286f553451028add056c52c23fb577) + - [ ] [初四 | 迎灶神](https://mp.weixin.qq.com/s?__biz=MzI5NjA4NjA3OA==&mid=2652102066&idx=1&sn=65d25d6bc65a19c522aa1b765683f1a6) + - [ ] [一文读懂Wi-Fi技术演进与防护方案,避开90%的安全陷阱](https://mp.weixin.qq.com/s?__biz=MzI5MjY4MTMyMQ==&mid=2247489894&idx=1&sn=0a9a3e007b347310e07aef45595554b7) + - [ ] [2025.03截稿的密码学与信息安全会议](https://mp.weixin.qq.com/s?__biz=MzI2NTUyODMwNA==&mid=2247494156&idx=1&sn=f5973b71bbd93c4e75ef0f89fe91d46e) + - [ ] [【SOUPS 2025】Feb. 13@Seattle, USA](https://mp.weixin.qq.com/s?__biz=MzI2NTUyODMwNA==&mid=2247494156&idx=2&sn=5660ed37ffa1a10ea505c80f6adce6c7) + - [ ] [【AFRICACRYPT 2025】Mar. 1@Rabat, Morocco](https://mp.weixin.qq.com/s?__biz=MzI2NTUyODMwNA==&mid=2247494156&idx=3&sn=b9caafe019d0d392cfb0c431ef040690) + - [ ] [【ACNS-SCI 2025】Mar. 15@Munich, Germany](https://mp.weixin.qq.com/s?__biz=MzI2NTUyODMwNA==&mid=2247494156&idx=4&sn=b05df3a35a52275464e34574e47e9a5e) + - [ ] [大年初四 | 大吉大利、四季平安](https://mp.weixin.qq.com/s?__biz=MzU3MzU4NjI4OQ==&mid=2247516491&idx=1&sn=fa5d0dc624abd329a7afce42b26fdb11) + - [ ] [我国密码国家标准、行业标准一览表](https://mp.weixin.qq.com/s?__biz=Mzg2NjY2MTI3Mg==&mid=2247498377&idx=1&sn=0524062d04dd563b349c3ace821721db) + - [ ] [大年初四 | 迎灶神,五谷丰登,食来运转!](https://mp.weixin.qq.com/s?__biz=MzkzMjE5MTY5NQ==&mid=2247503443&idx=1&sn=007f1bb9970631e0c19d5c2e6e40420f) + - [ ] [守护中国AI历史时刻,360为DeepSeek免费提供安全保障](https://mp.weixin.qq.com/s?__biz=MzA4MTg0MDQ4Nw==&mid=2247579285&idx=1&sn=cebadf7010ad5ea332fbd969f42808ad) + - [ ] [大年初四 | 瑞蛇赐褔,心想“巳”成](https://mp.weixin.qq.com/s?__biz=MzA4MTg0MDQ4Nw==&mid=2247579285&idx=2&sn=85f4b5408e99f96e5dd2291611fbf2f5) + - [ ] [渗透测试工具箱 -- link-tools](https://mp.weixin.qq.com/s?__biz=MzI4MDQ5MjY1Mg==&mid=2247515803&idx=1&sn=7dc9c78a24095c70a213f3029d651300) + - [ ] [APP渗透测试 -- 支付逻辑漏洞](https://mp.weixin.qq.com/s?__biz=MzI4MDQ5MjY1Mg==&mid=2247515803&idx=2&sn=0e8d3509ce68e9d3c751586e26ea08c5) + - [ ] [新的 UEFI 安全启动严重漏洞,请立即修补](https://mp.weixin.qq.com/s?__biz=Mzg3ODY0NTczMA==&mid=2247492129&idx=1&sn=a7625b1a910086ee3bbde9544f055382) + - [ ] [攻防靶场(57):十分钟拿下 Shakabrah](https://mp.weixin.qq.com/s?__biz=MzI0NjA3Mzk2NQ==&mid=2247496159&idx=1&sn=80e1dae96ac4c1f2a060607f47acebdc) + - [ ] [“职业打手”下场!DeepSeek遭攻击烈度暴增百倍](https://mp.weixin.qq.com/s?__biz=MzU2NDY2OTU4Nw==&mid=2247518527&idx=1&sn=9576e3c027418393cc4343bd599fc4dd) + - [ ] [勒索软件的现状:利用披露规则等手段](https://mp.weixin.qq.com/s?__biz=MzA5MzU5MzQzMA==&mid=2652114271&idx=1&sn=538db909410af0e5d9a565398ee71bcc) + - [ ] [网络安全等级保护核查工具 -- Golin](https://mp.weixin.qq.com/s?__biz=MzU3NzY3MzYzMw==&mid=2247499299&idx=1&sn=aad06652b663cbd055c268507cb72e35) + - [ ] [APP渗透测试 -- APK反编译](https://mp.weixin.qq.com/s?__biz=MzU3NzY3MzYzMw==&mid=2247499299&idx=2&sn=a2f442e5f21ee513a8bbd035db266679) +- Recent Commits to cve:main + - [ ] [Update Sat Feb 1 20:26:39 UTC 2025](https://github.com/trickest/cve/commit/8762f3f58de4551c97168dde18c7e266ced38a8e) + - [ ] [Update Sat Feb 1 12:22:34 UTC 2025](https://github.com/trickest/cve/commit/2eae26b3af16158a5777acd6222b88b72a623860) + - [ ] [Update Sat Feb 1 04:24:34 UTC 2025](https://github.com/trickest/cve/commit/7de9e18e5f8ae22f5eb7a3004c105a16620b2176) +- Private Feed for M09Ic + - [ ] [lz520520 starred sfackler/rust-native-tls](https://github.com/sfackler/rust-native-tls) + - [ ] [spf13 starred bitfield/script](https://github.com/bitfield/script) + - [ ] [ourren starred google/osv-scalibr](https://github.com/google/osv-scalibr) + - [ ] [ourren starred BlackSnufkin/LitterBox](https://github.com/BlackSnufkin/LitterBox) + - [ ] [zer0yu starred browser-use/browser-use](https://github.com/browser-use/browser-use) + - [ ] [glzjin starred ading2210/linuxpdf](https://github.com/ading2210/linuxpdf) + - [ ] [wuhan005 starred qiufengqijun/mini_qwen](https://github.com/qiufengqijun/mini_qwen) + - [ ] [wuhan005 starred zhanshijinwat/Steel-LLM](https://github.com/zhanshijinwat/Steel-LLM) + - [ ] [zer0yu starred datawhalechina/llms-from-scratch-cn](https://github.com/datawhalechina/llms-from-scratch-cn) + - [ ] [zer0yu starred Hiram-Wong/ZyPlayer](https://github.com/Hiram-Wong/ZyPlayer) + - [ ] [zer0yu starred fullstorydev/grpcurl](https://github.com/fullstorydev/grpcurl) + - [ ] [zer0yu starred Jiayi-Pan/TinyZero](https://github.com/Jiayi-Pan/TinyZero) + - [ ] [zer0yu started following rasbt](https://github.com/rasbt) + - [ ] [mitre forked mitre/chef-workstation from chef/chef-workstation](https://github.com/mitre/chef-workstation) +- 一个被知识诅咒的人 + - [ ] [【Python】理解Python中的协程和生成器:从yield到async](https://blog.csdn.net/nokiaguy/article/details/145412058) + - [ ] [Python中的数据类(dataclass):简化类的定义与数据管理](https://blog.csdn.net/nokiaguy/article/details/145412051) +- Twitter @bytehx + - [ ] [Re @_godiego__ Thanks for sharing good stuff. You inspired me a lot dude.](https://x.com/bytehx343/status/1885732198948765886) + - [ ] [Re @kongwenbin @Hacker0x01 Congrats man 🎉🎉🎉](https://x.com/bytehx343/status/1885732031868637343) + - [ ] [Re @stealthcopter Thank you for sharing and congrats for the bounty my friend!](https://x.com/bytehx343/status/1885622934997467535) + - [ ] [RT Mat Rollings: Chained two 'meh' WordPress vulnerabilities into a high-impact exploit on JupiterX Core 👾. From low-privilege SVG upload to full R...](https://x.com/bytehx343/status/1885622856140369997) +- Reverse Engineering + - [ ] [Formally Verified Binary-level Pointer Analysis](https://www.reddit.com/r/ReverseEngineering/comments/1ifeeay/formally_verified_binarylevel_pointer_analysis/) + - [ ] [PE basics: A windows executable walkthrough - File formats hexplorations 16](https://www.reddit.com/r/ReverseEngineering/comments/1ifjwuw/pe_basics_a_windows_executable_walkthrough_file/) + - [ ] [Reverse Engineering and Cataloging Vidar (Info stealer/Loader)](https://www.reddit.com/r/ReverseEngineering/comments/1ifair6/reverse_engineering_and_cataloging_vidar_info/) +- glzjin + - [ ] [懒猫微服外挂虚拟机管理器启动方法说明](https://www.zhaoj.in/read-9046.html) +- FreeBuf网络安全行业门户 + - [ ] [90名记者和活动家遭WhatsApp零点击间谍软件攻击,Meta确认事件](https://www.freebuf.com/news/421009.html) + - [ ] [虚假谷歌广告瞄准微软广告账户,恶意软件攻击再升级](https://www.freebuf.com/articles/web/421008.html) +- 奇客Solidot–传递最新科技情报 + - [ ] [OpenAI 考虑开源旧模型](https://www.solidot.org/story?sid=80459) + - [ ] [Bennu 小行星样本发现构成生命的基本成分](https://www.solidot.org/story?sid=80458) + - [ ] [WhatsApp 称记者等成为以色列间谍软件的目标](https://www.solidot.org/story?sid=80457) +- Dhole Moments + - [ ] [Hell Is Overconfident Developers Writing Encryption Code](https://soatok.blog/2025/01/31/hell-is-overconfident-developers-writing-encryption-code/) +- 懒人在思考 + - [ ] [你好 2025,世界会继续越来越快](https://mp.weixin.qq.com/s?__biz=MzA3NTEzMTUwNA==&mid=2651081669&idx=1&sn=aa0b77b261c5fe6e6c4784263302e03f&chksm=8485d4dab3f25dcc6c72bc871f2c82bb91346cc258daa86cf4d931e657135ec686fead183589&scene=58&subscene=0#rd) +- 杨龙 + - [ ] [Could not find rpcgen / rockylinux 8 / mysql 5.7 编译](https://www.yanglong.pro/could-not-find-rpcgen-rockylinux-8/) +- dotNet安全矩阵 + - [ ] [总结 | 2024 年度内网实战攻防电子报刊 34 篇文章内容汇总](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498632&idx=1&sn=681e983fa35bb19e0904831b335d7e0f&chksm=fa595565cd2edc73d886f41d9397e163f030a12a60338c2df1d0c1a99313c34cdcf453aa5fea&scene=58&subscene=0#rd) + - [ ] [.NET 安全攻防知识交流社区](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498632&idx=2&sn=6855593bf81f6d589c2562c3edaa601f&chksm=fa595565cd2edc735c22d1d43d28bf31a8043c2ff0206e4a1fad46e91c47f503b969c34ad67c&scene=58&subscene=0#rd) + - [ ] [收藏 | dotNet安全矩阵 2024 年度外网入口打点阶段文章和工具汇总](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498632&idx=3&sn=66a759fa72b074482a993bee88e6bd92&chksm=fa595565cd2edc732b090dd7e2e465cab66aa723f707fa97061db95641beb2e9080ebe414db5&scene=58&subscene=0#rd) +- 吾爱破解论坛 + - [ ] [【2025春节】解题领红包活动排行榜(初四 2/1)](https://mp.weixin.qq.com/s?__biz=MjM5Mjc3MDM2Mw==&mid=2651141665&idx=1&sn=cf29ecaf3b5e2954cc5cb4b91fcef39f&chksm=bd50a6758a272f63660c32ba0c3ecc6a4c6d0036e2c3311ac5a9642e041e64846a8b2d665c2a&scene=58&subscene=0#rd) +- 看雪学苑 + - [ ] [成为看雪讲师,开启技术分享的高光时刻](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458589300&idx=1&sn=5bc3ab9031d8c5a62d14e0fc0189cf4f&chksm=b18c28fe86fba1e830bdfaaa3dad1ea3f45cb278603db9b29f7f82a13061c29d3fad34ffb90a&scene=58&subscene=0#rd) + - [ ] [关于PAN-OS DoS(CVE-2024-3393)的研究](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458589300&idx=2&sn=e9f874ab1024ce5d7a8a2a424b891a7f&chksm=b18c28fe86fba1e8336887843dd4ab08afa58ca810f485f7a4efd1b50cb9fd256fc84de3faef&scene=58&subscene=0#rd) + - [ ] [新年新气象!想换工作看这里](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458589300&idx=3&sn=9f27f3668d0461ba4776901f8b44fc8d&chksm=b18c28fe86fba1e8dd2d842e7865bb85275949ce91d8343b184e67d31116e265167a799346d9&scene=58&subscene=0#rd) +- 丁爸 情报分析师的工具箱 + - [ ] [【实操】美国这家公司为什么要招聘懂中文的开源情报分析师](https://mp.weixin.qq.com/s?__biz=MzI2MTE0NTE3Mw==&mid=2651148805&idx=1&sn=9e063d3b00f1b8244a1f93112561b52f&chksm=f1af253fc6d8ac290fc8dca96c30d62e60d07618c84cb14ae5438deb25c2cf1d94b912bfdefc&scene=58&subscene=0#rd) +- M01N Team + - [ ] [AI风险分析 | 攻击组织在多个AWS租户环境劫持LLM模型](https://mp.weixin.qq.com/s?__biz=MzkyMTI0NjA3OA==&mid=2247494056&idx=1&sn=4e236c890b1530189931881acd81dc9b&chksm=c18429b9f6f3a0af3f80e1754671e55d82a71e47ec29f9272b4b4a098b2589be1f97125f789e&scene=58&subscene=0#rd) +- 情报分析师 + - [ ] [一张屋顶照片,开源情报如何锁定它的秘密坐标](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650559421&idx=1&sn=553b9a49e14e867a2da952e98f64e056&chksm=87117df6b066f4e02b4a6876e54d720ee170450d1c395ffe0105d0706fe5d6ab74379e4b352c&scene=58&subscene=0#rd) + - [ ] [曼德海峡危机:胡塞武装如何搅动全球贸易与地缘政治的“一池春水”?](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650559421&idx=2&sn=da3d637f045dd6b7a31208d6a3090c6e&chksm=87117df6b066f4e0fb09af9b07d9ca4bba5438966830e0fa0eefe10d061d66df93c7333cd85f&scene=58&subscene=0#rd) +- 极客公园 + - [ ] [索尼盖了一座「Sony Park」,我在里面发现了 Sony 的「精神内核」](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653073083&idx=1&sn=d126353a3135b021c1f8fd8c0e66f61a&chksm=7e57d30d49205a1b3b0befa1b468d85f278e27b8b85d28714b4d63e42c6985ec0391686a33a3&scene=58&subscene=0#rd) + - [ ] [OpenAI 推出 o3-mini;传苹果接近敲定折叠显示屏供应商;唐探系列票房逼近百亿元 | 极客早知道](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653073082&idx=1&sn=260c62fbf5a7f5143c5f9484f5f7f354&chksm=7e57d30c49205a1a5ee41aba5d469ec4863035eca62673386b175198c0eea17bbbf6e73b3c3b&scene=58&subscene=0#rd) +- 赛博回忆录 + - [ ] [营销号别再传了!deepseek的安全攻防不是武侠修仙!](https://mp.weixin.qq.com/s?__biz=MzIxNDAyNjQwNg==&mid=2456099384&idx=1&sn=1878da953490a6aa39caed770ad1406f&chksm=803c6bf1b74be2e79fd3f7765e200a46d7360ef282b340a87ee2f73c4d2519b92edab928cbc9&scene=58&subscene=0#rd) +- 白日放歌须纵9 + - [ ] [To B大模型应用的落地实践与思考](https://mp.weixin.qq.com/s?__biz=MzIzNjAyODE0NQ==&mid=2247483940&idx=1&sn=6c82ca97527b253a09315b3787c555cd&chksm=e8df6bbadfa8e2ac5f5a8238794a3b3afbde91740bcb757a8b7741b6e1f5bbe26d34de694639&scene=58&subscene=0#rd) +- 迪哥讲事 + - [ ] [登录页面渗透的骚操作](https://mp.weixin.qq.com/s?__biz=MzIzMTIzNTM0MA==&mid=2247497000&idx=1&sn=75f5108d220ca6e274950e535e153016&chksm=e8a5ff4bdfd2765d6726120c344006dbddab0e8a7885d8c2dc52909cf0cef093765cbf0161e2&scene=58&subscene=0#rd) +- Qualys Security Blog + - [ ] [DeepSeek Failed Over Half of the Jailbreak Tests by Qualys TotalAI](https://blog.qualys.com/category/vulnerabilities-threat-research) +- Over Security - Cybersecurity news aggregator + - [ ] [Google says hackers abuse Gemini AI to empower their attacks](https://www.bleepingcomputer.com/news/security/google-says-hackers-abuse-gemini-ai-to-empower-their-attacks/) + - [ ] [Vulnerability & Patch Roundup — January 2025](https://blog.sucuri.net/2025/01/vulnerability-patch-roundup-january-2025.html) +- Hacking Exposed Computer Forensics Blog + - [ ] [Daily Blog #735: Zeltser Challenge Spotlight on Argelius Labs](https://www.hecfblog.com/2025/01/daily-blog-735-zeltser-challenge.html) +- The Hacker News + - [ ] [U.S. and Dutch Authorities Dismantle 39 Domains Linked to BEC Fraud Network](https://thehackernews.com/2025/02/us-and-dutch-authorities-dismantle-39.html) + - [ ] [BeyondTrust Zero-Day Breach Exposed 17 SaaS Customers via Compromised API Key](https://thehackernews.com/2025/02/beyondtrust-zero-day-breach-exposes-17.html) + - [ ] [Meta Confirms Zero-Click WhatsApp Spyware Attack Targeting 90 Journalists, Activists](https://thehackernews.com/2025/02/meta-confirms-zero-click-whatsapp.html) + - [ ] [Malvertising Scam Uses Fake Google Ads to Hijack Microsoft Advertising Accounts](https://thehackernews.com/2025/02/malvertising-scam-uses-fake-google-ads.html) +- TorrentFreak + - [ ] [Anna’s Archive Urges AI Copyright Overhaul to Protect National Security](https://torrentfreak.com/annas-archive-urges-ai-copyright-overhaul-to-protect-national-security-250201/) + - [ ] [FADPA: MPA’s Export-Only Site-Blocking Primed For Full Strength U.S. Launch](https://torrentfreak.com/fadpa-mpa-export-only-site-blocking-primed-for-full-strength-u-s-launch-250201/) +- Technical Information Security Content & Discussion + - [ ] [Everyone knows your location: tracking myself down through in-app ads](https://www.reddit.com/r/netsec/comments/1if344u/everyone_knows_your_location_tracking_myself_down/) +- Computer Forensics + - [ ] [Pointers for how-to file craving courses](https://www.reddit.com/r/computerforensics/comments/1ifj53x/pointers_for_howto_file_craving_courses/) + - [ ] [Looking for complete guidance and roadmap to become an expert in digital forensics.](https://www.reddit.com/r/computerforensics/comments/1ifitvw/looking_for_complete_guidance_and_roadmap_to/) + - [ ] [Finding a Digital Forensics job?](https://www.reddit.com/r/computerforensics/comments/1if2p5r/finding_a_digital_forensics_job/) + - [ ] [iPhone daily backup BFU](https://www.reddit.com/r/computerforensics/comments/1iewy9p/iphone_daily_backup_bfu/) +- Security Affairs + - [ ] [A ransomware attack forced New York Blood Center to reschedule appointments](https://securityaffairs.com/173702/cyber-crime/new-york-blood-center-faced-ransomware-attack.html) + - [ ] [Contec CMS8000 patient monitors contain a hidden backdoor](https://securityaffairs.com/173694/security/cisa-fda-warned-hidden-backdoor-in-contec-cms8000.html) +- Social Engineering + - [ ] [Social Engineering Con - Layer 8?](https://www.reddit.com/r/SocialEngineering/comments/1if8m7n/social_engineering_con_layer_8/) +- Your Open Hacker Community + - [ ] [Using windows as a beginner](https://www.reddit.com/r/HowToHack/comments/1ifjgf3/using_windows_as_a_beginner/) + - [ ] [In search for friends](https://www.reddit.com/r/HowToHack/comments/1iewofv/in_search_for_friends/) + - [ ] [Need help with an AI security challenge](https://www.reddit.com/r/HowToHack/comments/1if4g8x/need_help_with_an_ai_security_challenge/) + - [ ] [[Repost] Magnetic Card Reader for Linux Devices](https://www.reddit.com/r/HowToHack/comments/1ifgf3x/repost_magnetic_card_reader_for_linux_devices/) + - [ ] [Need help getting my microsoft account back](https://www.reddit.com/r/HowToHack/comments/1if68fl/need_help_getting_my_microsoft_account_back/) + - [ ] [Please can someone help me!](https://www.reddit.com/r/HowToHack/comments/1if6zdm/please_can_someone_help_me/) + - [ ] [Career opportunities](https://www.reddit.com/r/HowToHack/comments/1iex9k8/career_opportunities/) + - [ ] [Bash](https://www.reddit.com/r/HowToHack/comments/1ievtjc/bash/) + - [ ] [I need help](https://www.reddit.com/r/HowToHack/comments/1ieuef3/i_need_help/) diff --git a/archive/tmp/2025-02-02.json b/archive/tmp/2025-02-02.json new file mode 100644 index 0000000000..fe0bbc09fb --- /dev/null +++ b/archive/tmp/2025-02-02.json @@ -0,0 +1,316 @@ +{ + "Security Boulevard": { + "Mastering SEO for Cybersecurity Entrepreneurs: A Strategic Guide to Dominating Search Rankings": "https://securityboulevard.com/2025/02/mastering-seo-for-cybersecurity-entrepreneurs-a-strategic-guide-to-dominating-search-rankings/", + "Critical ‘Backdoor’ Discovered in Widely Used Healthcare Patient Monitors": "https://securityboulevard.com/2025/02/critical-backdoor-discovered-in-widely-used-healthcare-patient-monitors/", + "DEF CON 32 – Navigating the Turbulent Skies of Aviation Cyber Regulation": "https://securityboulevard.com/2025/02/def-con-32-navigating-the-turbulent-skies-of-aviation-cyber-regulation/", + "The Network Security Business System of Low-altitude Economy": "https://securityboulevard.com/2025/02/the-network-security-business-system-of-low-altitude-economy/", + "5 Encrypted Attack Predictions for 2025": "https://securityboulevard.com/2025/02/5-encrypted-attack-predictions-for-2025/" + }, + "CXSECURITY Database RSS Feed - CXSecurity.com": { + "MySchool 1.0 SQL Injection / Code Injection / XSS / CSRF": "https://cxsecurity.com/issue/WLB-2025020003", + "Quorum onQ OS 6.0.0.5.2064 Cross Site Scripting": "https://cxsecurity.com/issue/WLB-2025020002", + "Xinet Elegant 6 Asset Lib Web UI 6.1.655 / SQL Injection / Exploit Update": "https://cxsecurity.com/issue/WLB-2025020001" + }, + "SecWiki News": { + "SecWiki News 2025-02-01 Review": "http://www.sec-wiki.com/?2025-02-01" + }, + "Doonsec's feed": { + "DIDCTF-2023陇剑杯": "https://mp.weixin.qq.com/s?__biz=MzkxMTcyMDczOQ==&mid=2247489928&idx=1&sn=6d7c3e6bdc2ebf1e295e8267c5d8bdde", + "使用ollama+chatboxai本地部署DeepSeek-R1": "https://mp.weixin.qq.com/s?__biz=MzkzMjIxNjExNg==&mid=2247486252&idx=1&sn=61ab0d9e1d997b8d7b472c1053ae329f", + "登录页面渗透的骚操作": "https://mp.weixin.qq.com/s?__biz=MzIzMTIzNTM0MA==&mid=2247497000&idx=1&sn=75f5108d220ca6e274950e535e153016", + "云安全(三):弹性计算": "https://mp.weixin.qq.com/s?__biz=MzkyMjUzNTM1Mw==&mid=2247487015&idx=1&sn=e89a2fcd6f86808d6620ba1ceadcd11d", + "一张图带你精通 OSPF 8种邻居状态机!": "https://mp.weixin.qq.com/s?__biz=MzIyMzIwNzAxMQ==&mid=2649464773&idx=1&sn=acb575af881525a3e2cd0186d455397c", + "山石网科安全技术研究院2024年度重点工作回顾": "https://mp.weixin.qq.com/s?__biz=MzUzMDUxNTE1Mw==&mid=2247510303&idx=1&sn=645d8cdc8b8ff9655f7539e399beee77", + "揭开人工智能在交通网络安全中的神秘面纱": "https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247620287&idx=1&sn=6f9d6cb2c027a272fd9f3071ee1c6d98", + "华为: Al系统的网络安全治理实践": "https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247620287&idx=2&sn=0cdae5eb3d4907028fd0f96852ad3668", + "自动驾驶汽车面临的新兴人工智能安全威胁——案例研究": "https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247620287&idx=3&sn=47cf0400cb3ddb350259918836a8c068", + "请立即拿下软考证书(政策风口)": "https://mp.weixin.qq.com/s?__biz=MzkxMzIwNTY1OA==&mid=2247510853&idx=1&sn=9815e46599f8b6ca3afbebaed5b3bc14", + "红盟只会蹭!": "https://mp.weixin.qq.com/s?__biz=MjM5MDA3MzI0MA==&mid=2650091305&idx=1&sn=46fdbe456aa28cd1adac446738c5485a", + "80元,国产开源小智AI机器人,ESP32开发板接入大模型DeepSeek、OpenAI、通义千问Qwen 2.5-Max": "https://mp.weixin.qq.com/s?__biz=MjM5OTA4MzA0MA==&mid=2454936768&idx=1&sn=6f29da51c0c66d3b3071ecb6a687758f", + "基于Linux的僵尸网络构建器,构建高级隐秘僵尸网络负载": "https://mp.weixin.qq.com/s?__biz=MzA4ODEyODA3MQ==&mid=2247490259&idx=1&sn=c08c2bd9abcefc046bac145ca7cbfe50", + "从小白开发渗透工具视角入手,探究普通的DeepSeek和深度思考DeepSeek!": "https://mp.weixin.qq.com/s?__biz=MzkxNjQyODY5MA==&mid=2247487061&idx=1&sn=72f827cadc8c26260ee3070fc1b7efd2", + "爆火后,春节期间DeepSeek遭受持续网络攻击": "https://mp.weixin.qq.com/s?__biz=Mzg4NzQ4MzA4Ng==&mid=2247485208&idx=1&sn=4fcdd68a9ed97a7a5ce93ad85d49bfa7", + "美国出手!DeepSeek面临国家安全审查,背后真相竟是?": "https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485498&idx=1&sn=84a02aeabc93094170e1c0d52c326621", + "【干货原创】实网攻防演习常态化,会带来什么变化01": "https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485498&idx=4&sn=c60736a2da5c4b3aee5754d81a719daf", + "【干货原创】K12教育,鲜为人知的模式秘密": "https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485498&idx=5&sn=a7411432d09e6c934f287ea4aa143914", + "原创文章目录": "https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485498&idx=6&sn=b4b5521d819b8caacf8445038a197b3e", + "攻防技战术动态一周更新 - 20250127": "https://mp.weixin.qq.com/s?__biz=MzkzODc4NjE1OQ==&mid=2247483926&idx=1&sn=1cf9efa9275745a63e8321ce0f5b52e0", + "啊不行了 | 州弟的完全仿真代码审计环境": "https://mp.weixin.qq.com/s?__biz=Mzk0NzQxNzY2OQ==&mid=2247488177&idx=1&sn=5a13360627fa6f17845ed7f5ecb49401", + "如何快速入门TARA分析": "https://mp.weixin.qq.com/s?__biz=MzIzOTc2OTAxMg==&mid=2247549669&idx=1&sn=d9810c4fd500ea3b02c460bb4d3a834a", + "65页PPT,彻底看懂车联网!": "https://mp.weixin.qq.com/s?__biz=MzIzOTc2OTAxMg==&mid=2247549669&idx=2&sn=955034255c03e02fe1ee9b3369ad005a", + "6大免费观影神器,速收藏!另外在送两个建议大家收藏哦": "https://mp.weixin.qq.com/s?__biz=MzI2OTk4MTA3Ng==&mid=2247496979&idx=1&sn=65d0260847cf75b6e233e2e5cc89ac13", + "ctftools-all-in-oneV7.5研发进度": "https://mp.weixin.qq.com/s?__biz=MzI1NzUxOTUzMA==&mid=2247485804&idx=1&sn=d28981ead96f5082104db24877042d3f", + "AI风险分析 | 攻击组织在多个AWS租户环境劫持LLM模型": "https://mp.weixin.qq.com/s?__biz=MzkyMTI0NjA3OA==&mid=2247494056&idx=1&sn=4e236c890b1530189931881acd81dc9b", + "成为看雪讲师,开启技术分享的高光时刻": "https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458589300&idx=1&sn=5bc3ab9031d8c5a62d14e0fc0189cf4f", + "关于PAN-OS DoS(CVE-2024-3393)的研究": "https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458589300&idx=2&sn=e9f874ab1024ce5d7a8a2a424b891a7f", + "新年新气象!想换工作看这里": "https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458589300&idx=3&sn=9f27f3668d0461ba4776901f8b44fc8d", + "DeepSeek-R1展示了小模型也能成为推理专家": "https://mp.weixin.qq.com/s?__biz=MzIxODM0NDU4MQ==&mid=2247506426&idx=1&sn=b8eae0703ee904b21809cbae29edd137", + "Cobalt Strike 和一对 SOCKS 代理引发 LockBit 勒索软件事件": "https://mp.weixin.qq.com/s?__biz=MzAxODM5ODQzNQ==&mid=2247486923&idx=1&sn=d11a4c7e9e5411ca2c7631f9f4706dbe", + "营销号别再传了!deepseek的安全攻防不是武侠修仙!": "https://mp.weixin.qq.com/s?__biz=MzIxNDAyNjQwNg==&mid=2456099384&idx=1&sn=1878da953490a6aa39caed770ad1406f", + "21.4k star,开源安全漏洞扫描神器,可集成CI/CD": "https://mp.weixin.qq.com/s?__biz=MzkxMzMyNzMyMA==&mid=2247570693&idx=1&sn=91430db87cc7d4fe301b95d1c68fda36", + "19岁、利用黑客技术盗取4万余网络账号,获利7万:被判": "https://mp.weixin.qq.com/s?__biz=MzIxMDIwODM2MA==&mid=2653931481&idx=1&sn=6f6dfc4a0f5a36ad5886ae1d975ca3d5", + "荣耀终端申请热点控制相关专利,提高Wi-Fi网络安全性": "https://mp.weixin.qq.com/s?__biz=MzIxMDIwODM2MA==&mid=2653931481&idx=2&sn=9bd4ad59f5cb2457c1b33a0d0febc77f", + "Android 检测:高级 Root 检测绕过 - Smali 代码篡改": "https://mp.weixin.qq.com/s?__biz=MzAxMjYyMzkwOA==&mid=2247527447&idx=1&sn=a371987781d51e0e776920a85741fe0c", + "CVE-2025-0065:TeamViewer 修补 Windows 客户端中的权限提升漏洞": "https://mp.weixin.qq.com/s?__biz=MzAxMjYyMzkwOA==&mid=2247527447&idx=2&sn=0ab2f693c54ddb608b553da95edaa698", + "【预警】Deepseek钓鱼页面预警": "https://mp.weixin.qq.com/s?__biz=MzkzNDIzNDUxOQ==&mid=2247494693&idx=1&sn=2d26a1d29cf92409af1b5826a779c05c", + "\\'史上最精密\\'的钓鱼攻击": "https://mp.weixin.qq.com/s?__biz=MzkzNDIzNDUxOQ==&mid=2247494693&idx=2&sn=e209774c65a6c7a9279e12103a2853a2", + "DeepSeek 容易受到各种越狱策略的攻击": "https://mp.weixin.qq.com/s?__biz=MzkzNDIzNDUxOQ==&mid=2247494693&idx=3&sn=d3bf7966fb506b6c0d12d7178b05975f", + "deepseek被攻击,让一篇AI科幻爽文全网一起“造假”.....爱国饭是真容易吃啊": "https://mp.weixin.qq.com/s?__biz=MzkyOTQzNjIwNw==&mid=2247491672&idx=1&sn=b7360aefe54f86dd75c59761ea4505e6", + "学员免费课-新课:rust语言全栈开发视频教程更新到91节啦": "https://mp.weixin.qq.com/s?__biz=MzkwOTE5MDY5NA==&mid=2247504843&idx=1&sn=889ae64c0adba860a43bdf303b1e8c55", + "再看《哪吒之魔童降世》,照见了每个孤独灵魂的镜像": "https://mp.weixin.qq.com/s?__biz=MzUzNjkxODE5MA==&mid=2247488225&idx=1&sn=db0f673d48ff5d473ec98bbbc1fb985d", + "当心!你访问的DeepSeek可能是假的(附鉴别攻略)": "https://mp.weixin.qq.com/s?__biz=MzkxOTUyOTc0NQ==&mid=2247492979&idx=1&sn=4359b2068a9e33a73390c8d5c3b09cd6", + "[狗头]既然你们不装了 我也不装了": "https://mp.weixin.qq.com/s?__biz=MzkxNTczMjA1Ng==&mid=2247483979&idx=1&sn=84d324835c297123830f204b2c017ca3", + "小学生也能把DeepSeek AI大模型部署到本地电脑": "https://mp.weixin.qq.com/s?__biz=Mzg3MDYyNzY0MA==&mid=2247491061&idx=1&sn=3c2a793788ec33b5e7deab60be9d861f", + "分享的图片、视频、链接": "https://mp.weixin.qq.com/s?__biz=Mzk1NzI0NDYyNA==&mid=2247483681&idx=1&sn=2f48ada9475d73f797f2610b931ad951", + "【紧急通知】重要声明!!!你们别搞抽象": "https://mp.weixin.qq.com/s?__biz=Mzk0NDU1NTA5MA==&mid=2247484419&idx=1&sn=771b1853e3d266165af8d6fc34bf59d8", + "To B大模型应用的落地实践与思考": "https://mp.weixin.qq.com/s?__biz=MzIzNjAyODE0NQ==&mid=2247483940&idx=1&sn=6c82ca97527b253a09315b3787c555cd", + "星火年鉴· 顶级篇|从建设热潮转向深化应用 工业互联网国家顶级节点(上海)“申”势赫奕": "https://mp.weixin.qq.com/s?__biz=MzU1OTUxNTI1NA==&mid=2247592384&idx=1&sn=0a29d3a3786c033ddb4ddcf3cb7b5c39", + "人工智能/机器学习在美国太空域感知方面的应用": "https://mp.weixin.qq.com/s?__biz=Mzg2NTYyODgyNg==&mid=2247504627&idx=1&sn=e66481ed12da4238df098da5ec1adcf8", + "超燃!民间流传的DeepSeek安全反击战,堪比大片!": "https://mp.weixin.qq.com/s?__biz=MzkzMzcxNTQyNw==&mid=2247485589&idx=1&sn=87b3c484760a254daeba89499a24251a", + "信息泄露到任意用户重置密码": "https://mp.weixin.qq.com/s?__biz=MzkzNTQwNjQ4OA==&mid=2247484067&idx=1&sn=455e369cd15c1b958e17f3221ad96a51", + "6": "https://mp.weixin.qq.com/s?__biz=MzAwMjQ2NTQ4Mg==&mid=2247496913&idx=1&sn=b90c2f8c33e0648cc1e9d560c5982fcb", + "[耻辱] DeepSeek 遭受新轮“攻击”的幕后黑手竟来自国人内部?": "https://mp.weixin.qq.com/s?__biz=MzkwODI1ODgzOA==&mid=2247506632&idx=1&sn=2bd540c33d1be58d380037ae2d1cd7c5", + "不使用基于SUPI的寻呼:应用5G网络安全和隐私功能": "https://mp.weixin.qq.com/s?__biz=MzA5MTYyMDQ0OQ==&mid=2247493605&idx=1&sn=423f73cc546dcfedf633d523d57b0a42", + "(吃瓜)神人TV之糯米团子的清华学姐(续)": "https://mp.weixin.qq.com/s?__biz=MzkzNjczNzEyMw==&mid=2247484243&idx=1&sn=0b7ae7f6bc8ebcd56064d456e227f82c", + "创建和黑客攻击 Slack 机器人:深入探讨 Slack Jack": "https://mp.weixin.qq.com/s?__biz=MzkwOTE5MDY5NA==&mid=2247504835&idx=1&sn=75a977e90904e15849abe75679e5bdc4", + "Deepseek引发的流量之战,关于乌鸦的祛魅与重构": "https://mp.weixin.qq.com/s?__biz=MzUzNjkxODE5MA==&mid=2247488214&idx=1&sn=af0b3a477109f155a16506461391656e", + "VLAN和VXLAN的区别?网络工程师必知": "https://mp.weixin.qq.com/s?__biz=MzUyNTExOTY1Nw==&mid=2247528063&idx=1&sn=fd1340771f653bfa6373c8dff5296ca4", + "索尼盖了一座「Sony Park」,我在里面发现了 Sony 的「精神内核」": "https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653073083&idx=1&sn=d126353a3135b021c1f8fd8c0e66f61a", + "【2025春节】解题领红包活动排行榜(初四 2/1)": "https://mp.weixin.qq.com/s?__biz=MjM5Mjc3MDM2Mw==&mid=2651141665&idx=1&sn=cf29ecaf3b5e2954cc5cb4b91fcef39f", + "Pwnkit:CVE-2021-4034": "https://mp.weixin.qq.com/s?__biz=MzkyMDY5OTg5OA==&mid=2247493360&idx=1&sn=ac3879690699a5af38b6a86f1cf232a2", + "静态代码分析工具推荐:保障你的应用安全": "https://mp.weixin.qq.com/s?__biz=MzkxNTU5NTI1Ng==&mid=2247487270&idx=1&sn=bc240b5098e27842d109a426e8eb92a3", + "时间强盗漏洞:ChatGPT绕过敏感话题安全防护": "https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651313321&idx=1&sn=0d6cfa7efe94cdf992cd2dcb49139048", + "DeepSeek AI数据库泄露:超百万条日志和密钥曝光": "https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651313321&idx=2&sn=c838d48d01493b39dad417919a053be4", + "OWASP发布2025十大智能合约安全漏洞": "https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651313321&idx=3&sn=2d401e6e743d4029238b04acea892e1b", + "卡巴斯基公布奔驰汽车十几个漏洞": "https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651313321&idx=4&sn=87670a1665432dda01a0ca651d6f847a", + "这份书法论文快速生成指南,让你和图书馆说拜拜!": "https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247493258&idx=1&sn=0ffef35899a9b653fee3225ef51b12eb", + "这是官方内部同行鲜有知道的工商管理论文大纲落实与完善实操秘籍!": "https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247493258&idx=2&sn=bf003ad605fea1e133a894e93f22b29b", + "真实案例解密:新手公共管理论文初稿快速生成高阶攻略。": "https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247493258&idx=3&sn=98ef31c04f8b932a7e8923248b3734eb", + "震惊!电气工程论文大纲落实完善6大高阶攻略(被导师狂赞)。": "https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247493258&idx=4&sn=7a1dad8668c13b926bc5e0610c36c877", + "震惊!老社工博士的社会工作论文文献搜集内部高阶指南。": "https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247493258&idx=5&sn=43192e01e90bfbbedacaf1c381833a86", + "震惊!这个审稿神器竟助电商工程学术论文一键查漏补缺的实用攻略。": "https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247493258&idx=6&sn=51d6cd0475f631f8e919625aa386b995", + "震惊!ChatGPT如何一天发现诉讼法学论文全部问题的内部指南!": "https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247493258&idx=7&sn=09ee2cb7b26c763785df00a162d27a7b", + "震惊内部圈!我是如何用ChatGPT玩转林业工程论文方向的文献搜集!": "https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247493258&idx=8&sn=527bb9ac25138f9b2e6cd7654c165a39", + "GamaCopy 现身!模仿 Gamaredon 组织,对俄发动新一轮攻击": "https://mp.weixin.qq.com/s?__biz=Mzg3OTYxODQxNg==&mid=2247485683&idx=1&sn=5c06bb2b3ba34ca9a23534534837c8a9", + "一张屋顶照片,开源情报如何锁定它的秘密坐标": "https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650559421&idx=1&sn=553b9a49e14e867a2da952e98f64e056", + "曼德海峡危机:胡塞武装如何搅动全球贸易与地缘政治的“一池春水”?": "https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650559421&idx=2&sn=da3d637f045dd6b7a31208d6a3090c6e", + "你好 2025,世界会继续越来越快": "https://mp.weixin.qq.com/s?__biz=MzA3NTEzMTUwNA==&mid=2651081669&idx=1&sn=aa0b77b261c5fe6e6c4784263302e03f", + "正月初四最搞笑的笑话": "https://mp.weixin.qq.com/s?__biz=MzU1NTkzMTYxOQ==&mid=2247485751&idx=1&sn=7463c252806b7e8e8da0ecf06eea866f", + "AI 本地部署中的 ollama 是什么?": "https://mp.weixin.qq.com/s?__biz=Mzk0MTI4NTIzNQ==&mid=2247492261&idx=1&sn=c7178360ac6dba4741717fd3c56a1146", + "DeepSeek最出色的能力应该是代骂而不是代码😀": "https://mp.weixin.qq.com/s?__biz=MzA3NDE0NTY0OQ==&mid=2247484242&idx=1&sn=a9166a36c2c2bb21ecd7637b5a84f422", + "Microsoft 365 copilot 新功能202501": "https://mp.weixin.qq.com/s?__biz=MzkxNzY0Mzg2OQ==&mid=2247486274&idx=1&sn=59caf18e3b9bf034c72478234c8590ad", + "创新终端主动防护-多种通用0day漏洞检测方案": "https://mp.weixin.qq.com/s?__biz=Mzg3Mzk2MzA3Nw==&mid=2247483863&idx=1&sn=3bad3dd3b64d3812fb4640e91bdf52ea", + "【burpsuite靶场-服务端3】目录遍历漏洞": "https://mp.weixin.qq.com/s?__biz=MzkzMDg1MzIwNA==&mid=2247487295&idx=1&sn=1d68a219fec3a01ea84c598bf48811fe", + "【一周安全资讯0201】国家密码管理局废止、宣布失效部分行政规范性文件;突发!DeepSeek遭大规模恶意攻击": "https://mp.weixin.qq.com/s?__biz=MzIzMDQwMjg5NA==&mid=2247506589&idx=1&sn=1c1b2e3e5c338dff993f141284e0f906", + "安天AVL SDK反病毒引擎升级通告(20250201)": "https://mp.weixin.qq.com/s?__biz=MjM5MTA3Nzk4MQ==&mid=2650209919&idx=1&sn=a0b5d397ab81a0e73c55800ff09b01a0", + "大年初四丨安天融川给您拜年了": "https://mp.weixin.qq.com/s?__biz=MjM5MTA3Nzk4MQ==&mid=2650209919&idx=2&sn=a9efdf07b227af4acbdb20e6717bc1d7", + "DeepSeek与ChatGPT针对CTF解题对比|附在线环境": "https://mp.weixin.qq.com/s?__biz=MzU5OTMxNjkxMA==&mid=2247488632&idx=1&sn=1806092dd0584dbfa5a5c8e4012dd747", + "进京证如何办理?10分钟解决问题。": "https://mp.weixin.qq.com/s?__biz=MzU4NDY3MTk2NQ==&mid=2247491071&idx=1&sn=6966854f010f06f257f245e7bc657400", + "【2025-02-01】黑客新闻摘要": "https://mp.weixin.qq.com/s?__biz=MzIzNDU5NTI4OQ==&mid=2247488405&idx=1&sn=f62872b286736d06109777492b8d9fba", + "“黑鹰”军用直升机在华盛顿坠毁,美国防部长赫格塞斯证实与执行秘密任务有关": "https://mp.weixin.qq.com/s?__biz=MzkwNzM0NzA5MA==&mid=2247505160&idx=1&sn=05f376010583e168e07d9c78e504193e", + "刚果(金)戈马越狱风暴:4400囚犯“出逃”,局势失控?": "https://mp.weixin.qq.com/s?__biz=MzkwNzM0NzA5MA==&mid=2247505160&idx=2&sn=a4a7f865889145d36a8dd860df1690cb", + "FOFA API 驱动的图形化资产发现工具 - fofaEX": "https://mp.weixin.qq.com/s?__biz=MzU2NzY5MzI5Ng==&mid=2247504982&idx=1&sn=2d93981ebe365bcb4c2964035dea3702", + "Android Intent 重定向漏洞分析总结": "https://mp.weixin.qq.com/s?__biz=MjM5MjEyMTcyMQ==&mid=2651037464&idx=1&sn=439f05b2a2f5523c148d07a794aff60a", + "大年初四 灵蛇献瑞": "https://mp.weixin.qq.com/s?__biz=Mzg2MTU5ODQ2Mg==&mid=2247507176&idx=1&sn=8819e47701a5cf51b812fd021a3bf950", + "DeepSeek爆火后,黑产已闻风而动!": "https://mp.weixin.qq.com/s?__biz=MzkyMjQ5ODk5OA==&mid=2247507181&idx=1&sn=976efdc26cefd2a37c525fb26e8ab646", + "5th域安全微讯早报【20250201】028期": "https://mp.weixin.qq.com/s?__biz=MzkyMjQ5ODk5OA==&mid=2247507181&idx=2&sn=854ed0a16f73598c2b27a762c4a53ffd", + "数字取证之数据分析u200c": "https://mp.weixin.qq.com/s?__biz=MjM5OTk4MDE2MA==&mid=2655264930&idx=1&sn=0a275a5bf702dc56d6a9f833e7aeacdf", + "byd营销号": "https://mp.weixin.qq.com/s?__biz=MzkyNTQ0OTYxOQ==&mid=2247484015&idx=1&sn=1a1073f8587d098c6dc51f8b87a766c5", + "分享图片": "https://mp.weixin.qq.com/s?__biz=MzI3Njc1MjcxMg==&mid=2247494440&idx=1&sn=1b8af18b3a22c5f39fd97ad2dfb2ae32", + "总结 | 2024 年度内网实战攻防电子报刊 34 篇文章内容汇总": "https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498632&idx=1&sn=681e983fa35bb19e0904831b335d7e0f", + ".NET 安全攻防知识交流社区": "https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498632&idx=2&sn=6855593bf81f6d589c2562c3edaa601f", + "收藏 | dotNet安全矩阵 2024 年度外网入口打点阶段文章和工具汇总": "https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498632&idx=3&sn=66a759fa72b074482a993bee88e6bd92", + "手机成“间谍”,亚马逊因秘密收集数据遭消费者起诉": "https://mp.weixin.qq.com/s?__biz=MzAxMjE3ODU3MQ==&mid=2650607379&idx=1&sn=f423643d84fa60f7c80da858f7743731", + "新的“双击劫持”漏洞绕过主要网站上的点击劫持保护": "https://mp.weixin.qq.com/s?__biz=MzAxMjE3ODU3MQ==&mid=2650607379&idx=2&sn=1a33bc4a7ac127d883ebe4a69affe12b", + "一次窃取程序的恶意样本分析": "https://mp.weixin.qq.com/s?__biz=MzAxMjE3ODU3MQ==&mid=2650607379&idx=3&sn=28d0ae38a96ecf4446ef6bd8046c038e", + "link-tools为一款Windows GUI界面的渗透测试工具箱": "https://mp.weixin.qq.com/s?__biz=MzAxMjE3ODU3MQ==&mid=2650607379&idx=4&sn=0447ff461c0fe2afa30f94745b30c72e", + "初四": "https://mp.weixin.qq.com/s?__biz=MzUyMjAyODU1NA==&mid=2247491949&idx=1&sn=db34e5b2b978d140668f25745ca4f3ac", + "深度解析:如何用Deepseek打造你的专属网安知识宝库?": "https://mp.weixin.qq.com/s?__biz=MzkyNTQ0OTYxOQ==&mid=2247484011&idx=1&sn=6b25491f38e5b7e274cc5bc7bdeec18e", + "OpenAI 推出 o3-mini;传苹果接近敲定折叠显示屏供应商;唐探系列票房逼近百亿元 | 极客早知道": "https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653073082&idx=1&sn=260c62fbf5a7f5143c5f9484f5f7f354", + "首个由DeepSeek独立开发的AI网络安全工具箱!引起热议!": "https://mp.weixin.qq.com/s?__biz=MzkxMTUwOTY1MA==&mid=2247490185&idx=1&sn=4a59c7132dfa0c66a3ee2d9273d44c79", + "大年初三丨安天探海给您拜年了": "https://mp.weixin.qq.com/s?__biz=MjM5MTA3Nzk4MQ==&mid=2650209911&idx=1&sn=e6d55300bbc6128f171aa8922b309af2", + "正月初四| 四季平安 万物生春": "https://mp.weixin.qq.com/s?__biz=MzI2MzU0NTk3OA==&mid=2247506083&idx=1&sn=4c32b2ddc46b9644a0f80c254e40075f", + "捷普工业互联网安全产品线,驱动新型工业化发展": "https://mp.weixin.qq.com/s?__biz=MzI2MzU0NTk3OA==&mid=2247506083&idx=2&sn=509abbaebad90f4e7b41a052a1b37506", + "【焕新领先】捷普工业安全隔离与信息交换系统": "https://mp.weixin.qq.com/s?__biz=MzI2MzU0NTk3OA==&mid=2247506083&idx=3&sn=bba933d63e82cfcce8411557476b0720", + "神农安全给师傅们拜年了!内部小圈子限时半价优惠(春节专属30立减卷)": "https://mp.weixin.qq.com/s?__biz=Mzk0Mzc1MTI2Nw==&mid=2247487446&idx=1&sn=81200c041d8e12afcccf366c12367022", + "创宇盾:创宇护网安,铸盾迎春暖": "https://mp.weixin.qq.com/s?__biz=MjM5NzA3Nzg2MA==&mid=2649870879&idx=1&sn=0835d1a397055e042f0ffebc0fb0b256", + "ISO 45001: 2018 标准详解与实施(12)6.1.4 措施的策划": "https://mp.weixin.qq.com/s?__biz=MzA5OTEyNzc1Nw==&mid=2247486054&idx=1&sn=8056a235d36ed43fc2ef8916630fa792", + "2025春节网络安全警报": "https://mp.weixin.qq.com/s?__biz=Mzg5OTg5OTI1NQ==&mid=2247489862&idx=1&sn=f0e4f34adcfd5b93927c5793af524fd2", + "正月初四迎灶神!亚信安全祝大家丰衣足蛇,富贵吉祥": "https://mp.weixin.qq.com/s?__biz=MjM5NjY2MTIzMw==&mid=2650620968&idx=1&sn=a03995a1122619732c382c5319d9f728", + "大年初四 | 恭迎灶神,五谷丰登": "https://mp.weixin.qq.com/s?__biz=Mzk0MDQ5MTQ4NA==&mid=2247487430&idx=1&sn=bb82f751709e49cc5ef44148ed512432", + "大年初四 四季平安": "https://mp.weixin.qq.com/s?__biz=MjM5NzE0NTIxMg==&mid=2651135291&idx=1&sn=6b54de7df7454cca49ce477a120d86fb", + "Log4j CVE-2017-5645反序列化漏洞": "https://mp.weixin.qq.com/s?__biz=Mzg4NDg3NjE5MQ==&mid=2247485618&idx=1&sn=83cfbd2aab32a9e8073abb2cd983f27d", + "初四 | 祥蛇蜿蜒,好运满仓,锦绣山河,吉运长长!": "https://mp.weixin.qq.com/s?__biz=MzU4NjY4MDAyNQ==&mid=2247497081&idx=1&sn=96484e2122edceda10e3de161b86484c", + "大年初四 | 银蛇吐瑞,万事胜意": "https://mp.weixin.qq.com/s?__biz=MzA3OTMxNTcxNA==&mid=2650963506&idx=1&sn=b2661ebf223823e387ec7d46637c3ac2", + "零基础本地部署DeepSeek!手把手教你搭建国产最强AI大脑": "https://mp.weixin.qq.com/s?__biz=Mzk0ODY1NzEwMA==&mid=2247486675&idx=1&sn=ff46b4b4ce2fb3ededd885f2398bafb9", + "Ai战狼": "https://mp.weixin.qq.com/s?__biz=MzAwMjQ2NTQ4Mg==&mid=2247496907&idx=1&sn=36a478dc796d527b7c1195a0afb86c11", + "论文一直投不中?保姆级SCI全程投稿发表服务来了!润色、选刊、投稿、返修,直至中刊!": "https://mp.weixin.qq.com/s?__biz=MzAwMjQ2NTQ4Mg==&mid=2247496907&idx=2&sn=9eeba04206e60a80699f287ad3c825bb", + "初四:福星高照": "https://mp.weixin.qq.com/s?__biz=MzU0NDk0NTAwMw==&mid=2247624778&idx=1&sn=de687f302a706e482c124823f899808b", + "傻瓜式一键代理池,v0.3又变强了!": "https://mp.weixin.qq.com/s?__biz=MzkyNzIxMjM3Mg==&mid=2247489195&idx=1&sn=3b904fbc768821fac403d8a4bca8c875", + "闭环": "https://mp.weixin.qq.com/s?__biz=MzkyNzIxMjM3Mg==&mid=2247489195&idx=2&sn=867087cc30ea38e636ef9f895828c934", + "【初四】福气源自持续追求 幸福来自成功守护": "https://mp.weixin.qq.com/s?__biz=MjM5NTE0MjQyMg==&mid=2650624576&idx=1&sn=d59a4adc412c2ff7d3e3da35639973d7", + "【实操】美国这家公司为什么要招聘懂中文的开源情报分析师": "https://mp.weixin.qq.com/s?__biz=MzI2MTE0NTE3Mw==&mid=2651148805&idx=1&sn=9e063d3b00f1b8244a1f93112561b52f", + "山石网科·AI汇东方|正月初四,迎接灶神": "https://mp.weixin.qq.com/s?__biz=MzAxMDE4MTAzMQ==&mid=2661298301&idx=1&sn=020ccfa41ee840b9ed073e4bc4aafed0", + "初四|云端祈福许新愿 安全托管保资产": "https://mp.weixin.qq.com/s?__biz=MzkxNDY0MjMxNQ==&mid=2247532973&idx=1&sn=859678b1d31898c68b30c23d9b2d7953", + "祥蛇舞初四 瑞霭罩华枝": "https://mp.weixin.qq.com/s?__biz=MzU0MjEwNTM5Ng==&mid=2247520424&idx=1&sn=bd286f553451028add056c52c23fb577", + "初四 | 迎灶神": "https://mp.weixin.qq.com/s?__biz=MzI5NjA4NjA3OA==&mid=2652102066&idx=1&sn=65d25d6bc65a19c522aa1b765683f1a6", + "一文读懂Wi-Fi技术演进与防护方案,避开90%的安全陷阱": "https://mp.weixin.qq.com/s?__biz=MzI5MjY4MTMyMQ==&mid=2247489894&idx=1&sn=0a9a3e007b347310e07aef45595554b7", + "2025.03截稿的密码学与信息安全会议": "https://mp.weixin.qq.com/s?__biz=MzI2NTUyODMwNA==&mid=2247494156&idx=1&sn=f5973b71bbd93c4e75ef0f89fe91d46e", + "【SOUPS 2025】Feb. 13@Seattle, USA": "https://mp.weixin.qq.com/s?__biz=MzI2NTUyODMwNA==&mid=2247494156&idx=2&sn=5660ed37ffa1a10ea505c80f6adce6c7", + "【AFRICACRYPT 2025】Mar. 1@Rabat, Morocco": "https://mp.weixin.qq.com/s?__biz=MzI2NTUyODMwNA==&mid=2247494156&idx=3&sn=b9caafe019d0d392cfb0c431ef040690", + "【ACNS-SCI 2025】Mar. 15@Munich, Germany": "https://mp.weixin.qq.com/s?__biz=MzI2NTUyODMwNA==&mid=2247494156&idx=4&sn=b05df3a35a52275464e34574e47e9a5e", + "大年初四 | 大吉大利、四季平安": "https://mp.weixin.qq.com/s?__biz=MzU3MzU4NjI4OQ==&mid=2247516491&idx=1&sn=fa5d0dc624abd329a7afce42b26fdb11", + "我国密码国家标准、行业标准一览表": "https://mp.weixin.qq.com/s?__biz=Mzg2NjY2MTI3Mg==&mid=2247498377&idx=1&sn=0524062d04dd563b349c3ace821721db", + "大年初四 | 迎灶神,五谷丰登,食来运转!": "https://mp.weixin.qq.com/s?__biz=MzkzMjE5MTY5NQ==&mid=2247503443&idx=1&sn=007f1bb9970631e0c19d5c2e6e40420f", + "守护中国AI历史时刻,360为DeepSeek免费提供安全保障": "https://mp.weixin.qq.com/s?__biz=MzA4MTg0MDQ4Nw==&mid=2247579285&idx=1&sn=cebadf7010ad5ea332fbd969f42808ad", + "大年初四 | 瑞蛇赐褔,心想“巳”成": "https://mp.weixin.qq.com/s?__biz=MzA4MTg0MDQ4Nw==&mid=2247579285&idx=2&sn=85f4b5408e99f96e5dd2291611fbf2f5", + "渗透测试工具箱 -- link-tools": "https://mp.weixin.qq.com/s?__biz=MzI4MDQ5MjY1Mg==&mid=2247515803&idx=1&sn=7dc9c78a24095c70a213f3029d651300", + "APP渗透测试 -- 支付逻辑漏洞": "https://mp.weixin.qq.com/s?__biz=MzI4MDQ5MjY1Mg==&mid=2247515803&idx=2&sn=0e8d3509ce68e9d3c751586e26ea08c5", + "新的 UEFI 安全启动严重漏洞,请立即修补": "https://mp.weixin.qq.com/s?__biz=Mzg3ODY0NTczMA==&mid=2247492129&idx=1&sn=a7625b1a910086ee3bbde9544f055382", + "攻防靶场(57):十分钟拿下 Shakabrah": "https://mp.weixin.qq.com/s?__biz=MzI0NjA3Mzk2NQ==&mid=2247496159&idx=1&sn=80e1dae96ac4c1f2a060607f47acebdc", + "“职业打手”下场!DeepSeek遭攻击烈度暴增百倍": "https://mp.weixin.qq.com/s?__biz=MzU2NDY2OTU4Nw==&mid=2247518527&idx=1&sn=9576e3c027418393cc4343bd599fc4dd", + "勒索软件的现状:利用披露规则等手段": "https://mp.weixin.qq.com/s?__biz=MzA5MzU5MzQzMA==&mid=2652114271&idx=1&sn=538db909410af0e5d9a565398ee71bcc", + "网络安全等级保护核查工具 -- Golin": "https://mp.weixin.qq.com/s?__biz=MzU3NzY3MzYzMw==&mid=2247499299&idx=1&sn=aad06652b663cbd055c268507cb72e35", + "APP渗透测试 -- APK反编译": "https://mp.weixin.qq.com/s?__biz=MzU3NzY3MzYzMw==&mid=2247499299&idx=2&sn=a2f442e5f21ee513a8bbd035db266679" + }, + "Recent Commits to cve:main": { + "Update Sat Feb 1 20:26:39 UTC 2025": "https://github.com/trickest/cve/commit/8762f3f58de4551c97168dde18c7e266ced38a8e", + "Update Sat Feb 1 12:22:34 UTC 2025": "https://github.com/trickest/cve/commit/2eae26b3af16158a5777acd6222b88b72a623860", + "Update Sat Feb 1 04:24:34 UTC 2025": "https://github.com/trickest/cve/commit/7de9e18e5f8ae22f5eb7a3004c105a16620b2176" + }, + "Private Feed for M09Ic": { + "lz520520 starred sfackler/rust-native-tls": "https://github.com/sfackler/rust-native-tls", + "spf13 starred bitfield/script": "https://github.com/bitfield/script", + "ourren starred google/osv-scalibr": "https://github.com/google/osv-scalibr", + "ourren starred BlackSnufkin/LitterBox": "https://github.com/BlackSnufkin/LitterBox", + "zer0yu starred browser-use/browser-use": "https://github.com/browser-use/browser-use", + "glzjin starred ading2210/linuxpdf": "https://github.com/ading2210/linuxpdf", + "wuhan005 starred qiufengqijun/mini_qwen": "https://github.com/qiufengqijun/mini_qwen", + "wuhan005 starred zhanshijinwat/Steel-LLM": "https://github.com/zhanshijinwat/Steel-LLM", + "zer0yu starred datawhalechina/llms-from-scratch-cn": "https://github.com/datawhalechina/llms-from-scratch-cn", + "zer0yu starred Hiram-Wong/ZyPlayer": "https://github.com/Hiram-Wong/ZyPlayer", + "zer0yu starred fullstorydev/grpcurl": "https://github.com/fullstorydev/grpcurl", + "zer0yu starred Jiayi-Pan/TinyZero": "https://github.com/Jiayi-Pan/TinyZero", + "zer0yu started following rasbt": "https://github.com/rasbt", + "mitre forked mitre/chef-workstation from chef/chef-workstation": "https://github.com/mitre/chef-workstation" + }, + "一个被知识诅咒的人": { + "【Python】理解Python中的协程和生成器:从yield到async": "https://blog.csdn.net/nokiaguy/article/details/145412058", + "Python中的数据类(dataclass):简化类的定义与数据管理": "https://blog.csdn.net/nokiaguy/article/details/145412051" + }, + "Twitter @bytehx": { + "Re @_godiego__ Thanks for sharing good stuff. You inspired me a lot dude.": "https://x.com/bytehx343/status/1885732198948765886", + "Re @kongwenbin @Hacker0x01 Congrats man 🎉🎉🎉": "https://x.com/bytehx343/status/1885732031868637343", + "Re @stealthcopter Thank you for sharing and congrats for the bounty my friend!": "https://x.com/bytehx343/status/1885622934997467535", + "RT Mat Rollings: Chained two 'meh' WordPress vulnerabilities into a high-impact exploit on JupiterX Core 👾. From low-privilege SVG upload to full R...": "https://x.com/bytehx343/status/1885622856140369997" + }, + "Reverse Engineering": { + "Formally Verified Binary-level Pointer Analysis": "https://www.reddit.com/r/ReverseEngineering/comments/1ifeeay/formally_verified_binarylevel_pointer_analysis/", + "PE basics: A windows executable walkthrough - File formats hexplorations 16": "https://www.reddit.com/r/ReverseEngineering/comments/1ifjwuw/pe_basics_a_windows_executable_walkthrough_file/", + "Reverse Engineering and Cataloging Vidar (Info stealer/Loader)": "https://www.reddit.com/r/ReverseEngineering/comments/1ifair6/reverse_engineering_and_cataloging_vidar_info/" + }, + "glzjin": { + "懒猫微服外挂虚拟机管理器启动方法说明": "https://www.zhaoj.in/read-9046.html" + }, + "FreeBuf网络安全行业门户": { + "90名记者和活动家遭WhatsApp零点击间谍软件攻击,Meta确认事件": "https://www.freebuf.com/news/421009.html", + "虚假谷歌广告瞄准微软广告账户,恶意软件攻击再升级": "https://www.freebuf.com/articles/web/421008.html" + }, + "奇客Solidot–传递最新科技情报": { + "OpenAI 考虑开源旧模型": "https://www.solidot.org/story?sid=80459", + "Bennu 小行星样本发现构成生命的基本成分": "https://www.solidot.org/story?sid=80458", + "WhatsApp 称记者等成为以色列间谍软件的目标": "https://www.solidot.org/story?sid=80457" + }, + "Dhole Moments": { + "Hell Is Overconfident Developers Writing Encryption Code": "https://soatok.blog/2025/01/31/hell-is-overconfident-developers-writing-encryption-code/" + }, + "懒人在思考": { + "你好 2025,世界会继续越来越快": "https://mp.weixin.qq.com/s?__biz=MzA3NTEzMTUwNA==&mid=2651081669&idx=1&sn=aa0b77b261c5fe6e6c4784263302e03f&chksm=8485d4dab3f25dcc6c72bc871f2c82bb91346cc258daa86cf4d931e657135ec686fead183589&scene=58&subscene=0#rd" + }, + "杨龙": { + "Could not find rpcgen / rockylinux 8 / mysql 5.7 编译": "https://www.yanglong.pro/could-not-find-rpcgen-rockylinux-8/" + }, + "dotNet安全矩阵": { + "总结 | 2024 年度内网实战攻防电子报刊 34 篇文章内容汇总": "https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498632&idx=1&sn=681e983fa35bb19e0904831b335d7e0f&chksm=fa595565cd2edc73d886f41d9397e163f030a12a60338c2df1d0c1a99313c34cdcf453aa5fea&scene=58&subscene=0#rd", + ".NET 安全攻防知识交流社区": "https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498632&idx=2&sn=6855593bf81f6d589c2562c3edaa601f&chksm=fa595565cd2edc735c22d1d43d28bf31a8043c2ff0206e4a1fad46e91c47f503b969c34ad67c&scene=58&subscene=0#rd", + "收藏 | dotNet安全矩阵 2024 年度外网入口打点阶段文章和工具汇总": "https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498632&idx=3&sn=66a759fa72b074482a993bee88e6bd92&chksm=fa595565cd2edc732b090dd7e2e465cab66aa723f707fa97061db95641beb2e9080ebe414db5&scene=58&subscene=0#rd" + }, + "吾爱破解论坛": { + "【2025春节】解题领红包活动排行榜(初四 2/1)": "https://mp.weixin.qq.com/s?__biz=MjM5Mjc3MDM2Mw==&mid=2651141665&idx=1&sn=cf29ecaf3b5e2954cc5cb4b91fcef39f&chksm=bd50a6758a272f63660c32ba0c3ecc6a4c6d0036e2c3311ac5a9642e041e64846a8b2d665c2a&scene=58&subscene=0#rd" + }, + "看雪学苑": { + "成为看雪讲师,开启技术分享的高光时刻": "https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458589300&idx=1&sn=5bc3ab9031d8c5a62d14e0fc0189cf4f&chksm=b18c28fe86fba1e830bdfaaa3dad1ea3f45cb278603db9b29f7f82a13061c29d3fad34ffb90a&scene=58&subscene=0#rd", + "关于PAN-OS DoS(CVE-2024-3393)的研究": "https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458589300&idx=2&sn=e9f874ab1024ce5d7a8a2a424b891a7f&chksm=b18c28fe86fba1e8336887843dd4ab08afa58ca810f485f7a4efd1b50cb9fd256fc84de3faef&scene=58&subscene=0#rd", + "新年新气象!想换工作看这里": "https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458589300&idx=3&sn=9f27f3668d0461ba4776901f8b44fc8d&chksm=b18c28fe86fba1e8dd2d842e7865bb85275949ce91d8343b184e67d31116e265167a799346d9&scene=58&subscene=0#rd" + }, + "丁爸 情报分析师的工具箱": { + "【实操】美国这家公司为什么要招聘懂中文的开源情报分析师": "https://mp.weixin.qq.com/s?__biz=MzI2MTE0NTE3Mw==&mid=2651148805&idx=1&sn=9e063d3b00f1b8244a1f93112561b52f&chksm=f1af253fc6d8ac290fc8dca96c30d62e60d07618c84cb14ae5438deb25c2cf1d94b912bfdefc&scene=58&subscene=0#rd" + }, + "M01N Team": { + "AI风险分析 | 攻击组织在多个AWS租户环境劫持LLM模型": "https://mp.weixin.qq.com/s?__biz=MzkyMTI0NjA3OA==&mid=2247494056&idx=1&sn=4e236c890b1530189931881acd81dc9b&chksm=c18429b9f6f3a0af3f80e1754671e55d82a71e47ec29f9272b4b4a098b2589be1f97125f789e&scene=58&subscene=0#rd" + }, + "情报分析师": { + "一张屋顶照片,开源情报如何锁定它的秘密坐标": "https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650559421&idx=1&sn=553b9a49e14e867a2da952e98f64e056&chksm=87117df6b066f4e02b4a6876e54d720ee170450d1c395ffe0105d0706fe5d6ab74379e4b352c&scene=58&subscene=0#rd", + "曼德海峡危机:胡塞武装如何搅动全球贸易与地缘政治的“一池春水”?": "https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650559421&idx=2&sn=da3d637f045dd6b7a31208d6a3090c6e&chksm=87117df6b066f4e0fb09af9b07d9ca4bba5438966830e0fa0eefe10d061d66df93c7333cd85f&scene=58&subscene=0#rd" + }, + "极客公园": { + "索尼盖了一座「Sony Park」,我在里面发现了 Sony 的「精神内核」": "https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653073083&idx=1&sn=d126353a3135b021c1f8fd8c0e66f61a&chksm=7e57d30d49205a1b3b0befa1b468d85f278e27b8b85d28714b4d63e42c6985ec0391686a33a3&scene=58&subscene=0#rd", + "OpenAI 推出 o3-mini;传苹果接近敲定折叠显示屏供应商;唐探系列票房逼近百亿元 | 极客早知道": "https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653073082&idx=1&sn=260c62fbf5a7f5143c5f9484f5f7f354&chksm=7e57d30c49205a1a5ee41aba5d469ec4863035eca62673386b175198c0eea17bbbf6e73b3c3b&scene=58&subscene=0#rd" + }, + "赛博回忆录": { + "营销号别再传了!deepseek的安全攻防不是武侠修仙!": "https://mp.weixin.qq.com/s?__biz=MzIxNDAyNjQwNg==&mid=2456099384&idx=1&sn=1878da953490a6aa39caed770ad1406f&chksm=803c6bf1b74be2e79fd3f7765e200a46d7360ef282b340a87ee2f73c4d2519b92edab928cbc9&scene=58&subscene=0#rd" + }, + "白日放歌须纵9": { + "To B大模型应用的落地实践与思考": "https://mp.weixin.qq.com/s?__biz=MzIzNjAyODE0NQ==&mid=2247483940&idx=1&sn=6c82ca97527b253a09315b3787c555cd&chksm=e8df6bbadfa8e2ac5f5a8238794a3b3afbde91740bcb757a8b7741b6e1f5bbe26d34de694639&scene=58&subscene=0#rd" + }, + "迪哥讲事": { + "登录页面渗透的骚操作": "https://mp.weixin.qq.com/s?__biz=MzIzMTIzNTM0MA==&mid=2247497000&idx=1&sn=75f5108d220ca6e274950e535e153016&chksm=e8a5ff4bdfd2765d6726120c344006dbddab0e8a7885d8c2dc52909cf0cef093765cbf0161e2&scene=58&subscene=0#rd" + }, + "Qualys Security Blog": { + "DeepSeek Failed Over Half of the Jailbreak Tests by Qualys TotalAI": "https://blog.qualys.com/category/vulnerabilities-threat-research" + }, + "Over Security - Cybersecurity news aggregator": { + "Google says hackers abuse Gemini AI to empower their attacks": "https://www.bleepingcomputer.com/news/security/google-says-hackers-abuse-gemini-ai-to-empower-their-attacks/", + "Vulnerability & Patch Roundup — January 2025": "https://blog.sucuri.net/2025/01/vulnerability-patch-roundup-january-2025.html" + }, + "Hacking Exposed Computer Forensics Blog": { + "Daily Blog #735: Zeltser Challenge Spotlight on Argelius Labs": "https://www.hecfblog.com/2025/01/daily-blog-735-zeltser-challenge.html" + }, + "The Hacker News": { + "U.S. and Dutch Authorities Dismantle 39 Domains Linked to BEC Fraud Network": "https://thehackernews.com/2025/02/us-and-dutch-authorities-dismantle-39.html", + "BeyondTrust Zero-Day Breach Exposed 17 SaaS Customers via Compromised API Key": "https://thehackernews.com/2025/02/beyondtrust-zero-day-breach-exposes-17.html", + "Meta Confirms Zero-Click WhatsApp Spyware Attack Targeting 90 Journalists, Activists": "https://thehackernews.com/2025/02/meta-confirms-zero-click-whatsapp.html", + "Malvertising Scam Uses Fake Google Ads to Hijack Microsoft Advertising Accounts": "https://thehackernews.com/2025/02/malvertising-scam-uses-fake-google-ads.html" + }, + "TorrentFreak": { + "Anna’s Archive Urges AI Copyright Overhaul to Protect National Security": "https://torrentfreak.com/annas-archive-urges-ai-copyright-overhaul-to-protect-national-security-250201/", + "FADPA: MPA’s Export-Only Site-Blocking Primed For Full Strength U.S. Launch": "https://torrentfreak.com/fadpa-mpa-export-only-site-blocking-primed-for-full-strength-u-s-launch-250201/" + }, + "Technical Information Security Content & Discussion": { + "Everyone knows your location: tracking myself down through in-app ads": "https://www.reddit.com/r/netsec/comments/1if344u/everyone_knows_your_location_tracking_myself_down/" + }, + "Computer Forensics": { + "Pointers for how-to file craving courses": "https://www.reddit.com/r/computerforensics/comments/1ifj53x/pointers_for_howto_file_craving_courses/", + "Looking for complete guidance and roadmap to become an expert in digital forensics.": "https://www.reddit.com/r/computerforensics/comments/1ifitvw/looking_for_complete_guidance_and_roadmap_to/", + "Finding a Digital Forensics job?": "https://www.reddit.com/r/computerforensics/comments/1if2p5r/finding_a_digital_forensics_job/", + "iPhone daily backup BFU": "https://www.reddit.com/r/computerforensics/comments/1iewy9p/iphone_daily_backup_bfu/" + }, + "Security Affairs": { + "A ransomware attack forced New York Blood Center to reschedule appointments": "https://securityaffairs.com/173702/cyber-crime/new-york-blood-center-faced-ransomware-attack.html", + "Contec CMS8000 patient monitors contain a hidden backdoor": "https://securityaffairs.com/173694/security/cisa-fda-warned-hidden-backdoor-in-contec-cms8000.html" + }, + "Social Engineering": { + "Social Engineering Con - Layer 8?": "https://www.reddit.com/r/SocialEngineering/comments/1if8m7n/social_engineering_con_layer_8/" + }, + "Your Open Hacker Community": { + "Using windows as a beginner": "https://www.reddit.com/r/HowToHack/comments/1ifjgf3/using_windows_as_a_beginner/", + "In search for friends": "https://www.reddit.com/r/HowToHack/comments/1iewofv/in_search_for_friends/", + "Need help with an AI security challenge": "https://www.reddit.com/r/HowToHack/comments/1if4g8x/need_help_with_an_ai_security_challenge/", + "[Repost] Magnetic Card Reader for Linux Devices": "https://www.reddit.com/r/HowToHack/comments/1ifgf3x/repost_magnetic_card_reader_for_linux_devices/", + "Need help getting my microsoft account back": "https://www.reddit.com/r/HowToHack/comments/1if68fl/need_help_getting_my_microsoft_account_back/", + "Please can someone help me!": "https://www.reddit.com/r/HowToHack/comments/1if6zdm/please_can_someone_help_me/", + "Career opportunities": "https://www.reddit.com/r/HowToHack/comments/1iex9k8/career_opportunities/", + "Bash": "https://www.reddit.com/r/HowToHack/comments/1ievtjc/bash/", + "I need help": "https://www.reddit.com/r/HowToHack/comments/1ieuef3/i_need_help/" + } +} \ No newline at end of file diff --git a/today.md b/today.md index 4cedd0662e..26b3bbe66a 100644 --- a/today.md +++ b/today.md @@ -1,339 +1,281 @@ -# 每日安全资讯(2025-02-01) +# 每日安全资讯(2025-02-02) -- Recent Commits to cve:main - - [ ] [Update Fri Jan 31 20:21:24 UTC 2025](https://github.com/trickest/cve/commit/80a2dc60ca64c34a5211d8cf4b786686cc537efd) - - [ ] [Update Fri Jan 31 12:25:11 UTC 2025](https://github.com/trickest/cve/commit/add66039334dc9d7f2519acac27d7db61f9a2fe2) - - [ ] [Update Fri Jan 31 04:24:16 UTC 2025](https://github.com/trickest/cve/commit/a7d947e6c2b962b8d95547864478207be1c85ffd) -- SecWiki News - - [ ] [SecWiki News 2025-01-31 Review](http://www.sec-wiki.com/?2025-01-31) -- Trustwave Blog - - [ ] [Accelerate Your Journey with the Microsoft End Customer Investment Funds (ECIF) Program](https://www.trustwave.com/en-us/resources/blogs/trustwave-blog/accelerate-your-journey-with-the-microsoft-end-customer-investment-funds-ecif-program/) - Security Boulevard - - [ ] [The Transformative Role of AI in Cybersecurity](https://securityboulevard.com/2025/01/the-transformative-role-of-ai-in-cybersecurity/) - - [ ] [DEF CON 32 – An Adversarial Approach To Airline Revenue Management Proving Ground](https://securityboulevard.com/2025/01/def-con-32-an-adversarial-approach-to-airline-revenue-management-proving-ground/) - - [ ] [Julianna Lamb on Choosing Authentication Platforms Over DIY](https://securityboulevard.com/2025/01/julianna-lamb-on-choosing-authentication-platforms-over-diy/) - - [ ] [Eric Brüggemann on Code Intelligence Launching Spark](https://securityboulevard.com/2025/01/eric-bruggemann-on-code-intelligence-launching-spark/) - - [ ] [Creating realistic, secure test data for Databricks](https://securityboulevard.com/2025/01/creating-realistic-secure-test-data-for-databricks/) - - [ ] [Ransomware Scum — Out For Blood: NYBCe is Latest Victim](https://securityboulevard.com/2025/01/nybc-blood-ransomware-richixbw/) - - [ ] [Zimperium’s Protection Against Tria Stealer’s SMS Data Theft](https://securityboulevard.com/2025/01/zimperiums-protection-against-tria-stealers-sms-data-theft/) - - [ ] [DEF CON 32 – Famous and Not So Famous Unsolved Codes](https://securityboulevard.com/2025/01/def-con-32-famous-and-not-so-famous-unsolved-codes/) - - [ ] [SlackPirate Set Sails Again! Or: How to Send the Entire “Bee Movie” Script to Your Friends in Slack](https://securityboulevard.com/2025/01/slackpirate-set-sails-again-or-how-to-send-the-entire-bee-movie-script-to-your-friends-in-slack/) - - [ ] [Analyzing DeepSeek’s System Prompt: Jailbreaking Generative AI](https://securityboulevard.com/2025/01/analyzing-deepseeks-system-prompt-jailbreaking-generative-ai/) -- ElcomSoft blog - - [ ] [The Evolution of iOS Passcode Security](https://blog.elcomsoft.com/2025/01/the-evolution-of-ios-passcode-security/) -- Sucuri Blog - - [ ] [Vulnerability & Patch Roundup — January 2025](https://blog.sucuri.net/2025/01/vulnerability-patch-roundup-january-2025.html) + - [ ] [Mastering SEO for Cybersecurity Entrepreneurs: A Strategic Guide to Dominating Search Rankings](https://securityboulevard.com/2025/02/mastering-seo-for-cybersecurity-entrepreneurs-a-strategic-guide-to-dominating-search-rankings/) + - [ ] [Critical ‘Backdoor’ Discovered in Widely Used Healthcare Patient Monitors](https://securityboulevard.com/2025/02/critical-backdoor-discovered-in-widely-used-healthcare-patient-monitors/) + - [ ] [DEF CON 32 – Navigating the Turbulent Skies of Aviation Cyber Regulation](https://securityboulevard.com/2025/02/def-con-32-navigating-the-turbulent-skies-of-aviation-cyber-regulation/) + - [ ] [The Network Security Business System of Low-altitude Economy](https://securityboulevard.com/2025/02/the-network-security-business-system-of-low-altitude-economy/) + - [ ] [5 Encrypted Attack Predictions for 2025](https://securityboulevard.com/2025/02/5-encrypted-attack-predictions-for-2025/) +- CXSECURITY Database RSS Feed - CXSecurity.com + - [ ] [MySchool 1.0 SQL Injection / Code Injection / XSS / CSRF](https://cxsecurity.com/issue/WLB-2025020003) + - [ ] [Quorum onQ OS 6.0.0.5.2064 Cross Site Scripting](https://cxsecurity.com/issue/WLB-2025020002) + - [ ] [Xinet Elegant 6 Asset Lib Web UI 6.1.655 / SQL Injection / Exploit Update](https://cxsecurity.com/issue/WLB-2025020001) +- SecWiki News + - [ ] [SecWiki News 2025-02-01 Review](http://www.sec-wiki.com/?2025-02-01) - Doonsec's feed - - [ ] [秦安:这是中国股市成立以来,最值得乐观的春节前最后一个交易日](https://mp.weixin.qq.com/s?__biz=MzA5MDg1MDUyMA==&mid=2650476426&idx=1&sn=50f4e5bfae2cddbed3033316cd279398) - - [ ] [秦安:这么多利好,股市为何还跌?看清“五个事关”,踏实过好年](https://mp.weixin.qq.com/s?__biz=MzA5MDg1MDUyMA==&mid=2650476426&idx=2&sn=a4c95c840c04ceeaca228ced725ace44) - - [ ] [秦安:感恩冰天雪地慰问,发红包回馈员工,警惕倒行逆施制造事端](https://mp.weixin.qq.com/s?__biz=MzA5MDg1MDUyMA==&mid=2650476426&idx=3&sn=a812a2b943cdec6f328ebfa5bffe5fe2) - - [ ] [牟林:特朗普夺取格陵兰岛的可能性有多大?](https://mp.weixin.qq.com/s?__biz=MzA5MDg1MDUyMA==&mid=2650476426&idx=4&sn=e7892f7b8a98ef98eb2a0c2193de7450) - - [ ] [牟林:特朗普到底是要美国伟大还是自己伟大?](https://mp.weixin.qq.com/s?__biz=MzA5MDg1MDUyMA==&mid=2650476426&idx=5&sn=9429ab8ea944af973f22f0c683becd06) - - [ ] [放开双手 !SQL注入Fuzzing字典 (270个)](https://mp.weixin.qq.com/s?__biz=MzU2MTc4NTEyNw==&mid=2247486455&idx=1&sn=a774a64f04eac6941ef46359daa39ac2) - - [ ] [VLAN划分的三种方法,网络工程师收藏!](https://mp.weixin.qq.com/s?__biz=MzUyNTExOTY1Nw==&mid=2247528053&idx=1&sn=6c0a07662b4584eb394bb215e6a13f2e) - - [ ] [DeepSeek:AI时代的新探索者,开启智能革命的新篇章](https://mp.weixin.qq.com/s?__biz=Mzk2NDE5MDgxOQ==&mid=2247484823&idx=1&sn=368f5bbf4e0a91a06214f934a1a4f054) - - [ ] [【AI】DeepSeek 概念/影响/使用/部署](https://mp.weixin.qq.com/s?__biz=MzUyNTUyNTA5OQ==&mid=2247484873&idx=1&sn=b8520d6aae393acbc9010a4553c5b460) - - [ ] [2025年最新推荐的5款堡垒机,打造安全网络防线,秒收藏!](https://mp.weixin.qq.com/s?__biz=MzIyMzIwNzAxMQ==&mid=2649464771&idx=1&sn=56ced5ebaeea813e0f0bd666f3499426) - - [ ] [1.8s修复+反制,希望我的那些甲方和运维好好学一学](https://mp.weixin.qq.com/s?__biz=MzkyNTQ0OTYxOQ==&mid=2247483993&idx=1&sn=e4c7eb082905f0e214c28eeaba4624ea) - - [ ] [Deepseek是如何被黑掉的](https://mp.weixin.qq.com/s?__biz=MzIzMTIzNTM0MA==&mid=2247496994&idx=1&sn=d77c2e01b0dd8e2cb783fe7214e688c4) - - [ ] [世界需要一个能谋善断的AI(四)共生法则:当“谋士”遇见“统帅”](https://mp.weixin.qq.com/s?__biz=MzAxOTk3NTg5OQ==&mid=2247492290&idx=1&sn=4537403e0c9e2e62764f5869e078451a) - - [ ] [【原创】Ubuntu Server 18.04上,使用一张4060Ti显卡本地部署DeepSeek V3大模型训练](https://mp.weixin.qq.com/s?__biz=Mzg2MjYxODQ4Mw==&mid=2247484986&idx=1&sn=b99ed54ac81f3de4bd9b0b75d6692e4d) - - [ ] [分享的图片、视频、链接](https://mp.weixin.qq.com/s?__biz=Mzk2NDIwNzE5Ng==&mid=2247487394&idx=1&sn=8bfce153c1344cd33503da56dc6c7fd0) - - [ ] [DeepSeek-V2:一个强大、经济和高效的专家混合语言模型](https://mp.weixin.qq.com/s?__biz=MjM5OTk4MDE2MA==&mid=2655264904&idx=1&sn=b57987cc358dc5471b3c849b27669270) - - [ ] [《零零六》应急神器:月落中间件日志分析工具,全中间件日志均可分享,百万行日志如同切菜](https://mp.weixin.qq.com/s?__biz=Mzg4NDk4MTk5OA==&mid=2247485532&idx=1&sn=b8f7ae238b162c298e29f192d577ab87) - - [ ] [警惕|售前入狱指南:从面向监狱编程到面向监狱投标](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485484&idx=1&sn=4c7b3d7e39d2150ff68c604547f17ab9) - - [ ] [北七家-未来科学城,3居变4居豪装,理想楼层/户型/朝向](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485484&idx=2&sn=6e24ad74f8b9aa1cfc7cdb80e8c4af32) - - [ ] [【干货】笑傲职场的独家经验(1)](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485484&idx=3&sn=176e2b4dabd62cf6133ccd18cebc238a) - - [ ] [【干货原创】实网攻防演习常态化,会带来什么变化01](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485484&idx=4&sn=83a9db7a7edfea3c082777c7e1e385b3) - - [ ] [【干货原创】K12教育,鲜为人知的模式秘密](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485484&idx=5&sn=f7e9bbdfdb9b130753e700ceb13a0e9c) - - [ ] [原创文章目录](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485484&idx=6&sn=ba36a6cc5cac726e99a8383b23b04fbe) - - [ ] [Dark101勒索病毒实战分析](https://mp.weixin.qq.com/s?__biz=MzA4ODEyODA3MQ==&mid=2247490247&idx=1&sn=1fa03f99607f5e0c716d503466fdb9d6) - - [ ] [破解大脑防火墙:黑客式自控力提升指南(春节特别版)](https://mp.weixin.qq.com/s?__biz=MzU0NDc0NTY3OQ==&mid=2247488425&idx=1&sn=5f38984f963693eee431f1edacbc928e) - - [ ] [Ollama+DeepSeek+AnythingLLM搭建个人AI知识库](https://mp.weixin.qq.com/s?__biz=Mzg2ODc0Mjc0Mw==&mid=2247484177&idx=1&sn=6e2fc13cf7e00b48395558c104b0773d) - - [ ] [告别命令行!DeepSeek本地运行可视化指南:从安装到交互界面实战](https://mp.weixin.qq.com/s?__biz=MzU3Mjk2NDU2Nw==&mid=2247492552&idx=1&sn=402d5fb57f89d62a333008877fafe951) - - [ ] [三个小技巧(二)](https://mp.weixin.qq.com/s?__biz=MjM5NDcxMDQzNA==&mid=2247489395&idx=1&sn=befd90cc96a0a37eb3aff5412bf52dde) - - [ ] [安全圈瓜田理下集合【2025/1/31】](https://mp.weixin.qq.com/s?__biz=MzAxNzg3NzMyNQ==&mid=2247489534&idx=1&sn=17b382547ab13aa20e5bb705d28c4e5d) - - [ ] [web应急之各中间件日志保存位置](https://mp.weixin.qq.com/s?__biz=MzU4NTg4MzIzNA==&mid=2247484358&idx=1&sn=d537fdb218cc12823147e284dbb35d76) - - [ ] [网络安全入门必知的攻击方法](https://mp.weixin.qq.com/s?__biz=MzI3NzM5NDA0NA==&mid=2247490339&idx=1&sn=8d98eac3f1e2cf716da9844f415f3d39) - - [ ] [仅80元,用ESP32 开发板 DIY一个AI大模型瓦力机器人,可接入DeepSeek、OpenAI](https://mp.weixin.qq.com/s?__biz=MjM5OTA4MzA0MA==&mid=2454936748&idx=1&sn=910a43dcda1073b8061c817da504189c) - - [ ] [【谨防诈骗】DeepSeek 的大流量引发的假冒诈骗](https://mp.weixin.qq.com/s?__biz=Mzk0NDU1NTA5MA==&mid=2247484408&idx=1&sn=7381fe4211cc20dbd84a27f5a2207a62) - - [ ] [大年初三 | 新春万福 聚财纳福!](https://mp.weixin.qq.com/s?__biz=MzkzMjE5MTY5NQ==&mid=2247503442&idx=1&sn=af8273c40dcc9f97ebf68761a3d37a9a) - - [ ] [(吃瓜)神人TV之网安姜萍——CTF圈PY之神,民办“清华”哥](https://mp.weixin.qq.com/s?__biz=MzkzNjczNzEyMw==&mid=2247484186&idx=1&sn=dcd2d7bab9054490e1826758361cc7aa) - - [ ] [如何快速的在本地搭建 deepseek (小白一学就会)](https://mp.weixin.qq.com/s?__biz=Mzg4NzgzMjUzOA==&mid=2247485474&idx=1&sn=954535d81510437ec8f706144bc91b74) - - [ ] [AI风险分析 | 从Freysa转账案例看智能体应用的潜在风险](https://mp.weixin.qq.com/s?__biz=MzkyMTI0NjA3OA==&mid=2247494055&idx=1&sn=1a0b66065e3db8d26597a12328032d82) - - [ ] [在汽车行业实现卓越的网络安全和合规性 - 一个真实的案例研究](https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247620273&idx=1&sn=89354977edba60af567bd946514124cd) - - [ ] [推进汽车网络安全:弥合鸿沟,拥抱机遇](https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247620273&idx=2&sn=8020625a5bfbe49f838a4783b82b9587) - - [ ] [掌握模糊测试-如何在法规遵从中克服网络安全挑战](https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247620273&idx=3&sn=81d8a8e66ef322e532fdb9b8d7b1021a) - - [ ] [每周高级威胁情报解读(2025.01.24~01.31)](https://mp.weixin.qq.com/s?__biz=MzI2MDc2MDA4OA==&mid=2247513888&idx=1&sn=2a5b30e99a3f23b7dbe60666c3d81cca) - - [ ] [攻击再次升级,DeepSeek被网络攻击的真凶?](https://mp.weixin.qq.com/s?__biz=Mzg2NDYwMDA1NA==&mid=2247543659&idx=1&sn=156fe9160529ef9165dd4a443b781c7c) - - [ ] [Deepseek核心成员学历及薪资,最高110K](https://mp.weixin.qq.com/s?__biz=Mzg2NDYwMDA1NA==&mid=2247543659&idx=2&sn=f80909372d13c0dba56d7282eb1ef9bf) - - [ ] [【实操】美国客机与黑鹰直升机相撞的视频、音频、轨迹回放及遇难机组和乘客](https://mp.weixin.qq.com/s?__biz=MzI2MTE0NTE3Mw==&mid=2651148793&idx=1&sn=03180450dc0a7ac7bb10d75ce4ca6d3c) - - [ ] [水洞扫描工具 -- PenSafe](https://mp.weixin.qq.com/s?__biz=MzkxMzMyNzMyMA==&mid=2247570692&idx=1&sn=ef1d45f4f6f3b1eb949acb33510daaa9) - - [ ] [高级 DNS 攻击:投毒与利用](https://mp.weixin.qq.com/s?__biz=MzAxMjYyMzkwOA==&mid=2247527421&idx=1&sn=96068eceb823d6761b0f08fc7dd9ae35) - - [ ] [破解 Active Directory — CrackMapExec 传递哈希值:探索 AD 攻击技术](https://mp.weixin.qq.com/s?__biz=MzAxMjYyMzkwOA==&mid=2247527421&idx=2&sn=100eff74c2040603d8c90616e868cb7d) - - [ ] [DeepSeek暴露出的典型网络安全问题](https://mp.weixin.qq.com/s?__biz=MzA4MzMzOTQ4Mw==&mid=2453672535&idx=1&sn=ad93fe6c0a53d44203ada57225a5b660) - - [ ] [DeepSeek黑科技:当AI化身网络世界的\"超级保镖\",黑客慌了!](https://mp.weixin.qq.com/s?__biz=MzIyODU4MzcyMQ==&mid=2247485427&idx=1&sn=292e05b010cda839b87aa17699b84f1e) - - [ ] [DeepSeek的强大,一句话让AI帮我写了个程序-流量安全分析研判工具](https://mp.weixin.qq.com/s?__biz=Mzg2NTk4MTE1MQ==&mid=2247486497&idx=1&sn=5ec5098395786fd3ea02d05786a5558d) - - [ ] [仿生人deepseek会梦见电子cnvd吗](https://mp.weixin.qq.com/s?__biz=MzIxOTQ1OTY4OQ==&mid=2247486313&idx=1&sn=d6bb43d09876844acfba07a896c6ee15) - - [ ] [从deepseek看ddos攻击](https://mp.weixin.qq.com/s?__biz=MzkxNTY4NTQwMg==&mid=2247484298&idx=1&sn=2a90ffda25b5a3c5142512fb51d9ad86) - - [ ] [这真是大沙笔](https://mp.weixin.qq.com/s?__biz=MzkzMjQ0MTk1OQ==&mid=2247484076&idx=1&sn=0c9c05e859a43886a8c34b7cd5667f73) - - [ ] [伪造cookie进入后台](https://mp.weixin.qq.com/s?__biz=MzkxNzY2MjU2Mg==&mid=2247483807&idx=1&sn=9a1c99c32c84640da7f966692a981b71) - - [ ] [旧知新话说“标识”之生意篇:基于标识的智能仓储保障年货供应](https://mp.weixin.qq.com/s?__biz=MzU1OTUxNTI1NA==&mid=2247592383&idx=1&sn=46b4e9e8667a84be60382140e6d8e931) - - [ ] [州弟的靶场练习 - HEYBBS 2.1 审计](https://mp.weixin.qq.com/s?__biz=Mzg4MTkwMTI5Mw==&mid=2247488820&idx=1&sn=d24fff0083c62bbb08de7522ddcfb191) - - [ ] [哥斯拉二开从0到1-2(免杀)](https://mp.weixin.qq.com/s?__biz=MzAxNzkyOTgxMw==&mid=2247493840&idx=1&sn=3482149c0823f566085f61a99735ad9e) - - [ ] [deepseek本地部署+web图形化页面配置+对比其他ai模型](https://mp.weixin.qq.com/s?__biz=Mzk1NzE0ODk3Nw==&mid=2247491155&idx=1&sn=c4f6531eef133548b6676af5a9a5c1bf) - - [ ] [夜鹰(NightHawk)C2工具-泄露部分](https://mp.weixin.qq.com/s?__biz=MzkwOTE5MDY5NA==&mid=2247504834&idx=1&sn=9111b67c602d807277dacf1aa967d974) - - [ ] [2025年1月 一批网络安全相关新规开始施行!](https://mp.weixin.qq.com/s?__biz=MzIxNDIzNTcxMg==&mid=2247506760&idx=1&sn=19e9444d7721854b8c39f29f151fa0f9) - - [ ] [收藏 | dotNet安全矩阵 2024 年度逆向调试分析阶段文章和工具汇总](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498584&idx=1&sn=d85935a8bccaf28b5e5203c9cd937ea9) - - [ ] [.NET 内网攻防实战电子报刊](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498584&idx=2&sn=3d15023570e640313e68870e0ee24904) - - [ ] [收藏 | dotNet安全矩阵 2024 年度外网入口打点阶段文章和工具汇总](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498584&idx=3&sn=8e71ffa26350c09847ab769b9dbedcc2) - - [ ] [收藏 | dotNet安全矩阵 2024 年度目标权限维持阶段文章和工具汇总](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498584&idx=4&sn=d14acdfea6504a47d1e46e7c8f38cf54) - - [ ] [Linux基础命令(二)](https://mp.weixin.qq.com/s?__biz=Mzk1Nzc0MzY3NA==&mid=2247483753&idx=1&sn=49384ed01ecedc2565a44a132b272d09) - - [ ] [滥用多播投毒实现预认证 Kerberos 中继](https://mp.weixin.qq.com/s?__biz=MzAxODM5ODQzNQ==&mid=2247486893&idx=1&sn=2c0a70c6f644cacbabbec21d304946a6) - - [ ] [DeepSeek爆火快来搭建私有ChatGPT_deepseek成为你私有化](https://mp.weixin.qq.com/s?__biz=MzI2OTk4MTA3Ng==&mid=2247496962&idx=1&sn=ad190b15e766558d2b057e80e5eb864d) - - [ ] [手把手教大家学习DeepSeek新手必看!全功能详解与实操指南,带你逆袭成AI大神](https://mp.weixin.qq.com/s?__biz=MzI2OTk4MTA3Ng==&mid=2247496962&idx=2&sn=464bca3a03a1e209a0aff4cedb8341ad) - - [ ] [年已过半,该收拾收拾,准备打工去了......](https://mp.weixin.qq.com/s?__biz=MzUzNjkxODE5MA==&mid=2247488209&idx=1&sn=24d45d27215ad6616e7ad11724e25609) - - [ ] [这个世界这么抽象的嘛](https://mp.weixin.qq.com/s?__biz=Mzk0MzY3MDE5Mg==&mid=2247484024&idx=1&sn=164631b9aaa65c09dca95bc893f744ee) - - [ ] [我毕生玩抽象,也玩不过这些真正的大沙币](https://mp.weixin.qq.com/s?__biz=MzkyOTQzNjIwNw==&mid=2247491645&idx=1&sn=8b35f7286af6ab00b755190330bb4c79) - - [ ] [【2025春节】解题领红包活动排行榜(初三 1/31)](https://mp.weixin.qq.com/s?__biz=MjM5Mjc3MDM2Mw==&mid=2651141663&idx=1&sn=63c355a201f947c905a68b07647ab32a) - - [ ] [惊天一撞,华盛顿客机与直升机空难背后的真相!](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650559372&idx=1&sn=0410ce8851f28ddbc609457ae73483de) - - [ ] [美国为何对 DeepSeek 如此“上心”?一场科技博弈的真相](https://mp.weixin.qq.com/s?__biz=MzkwNzM0NzA5MA==&mid=2247505068&idx=1&sn=4bf2334b280b144d562ac07095958acd) - - [ ] [俄罗斯APT威胁英国及其盟友,英政府高官发出警告](https://mp.weixin.qq.com/s?__biz=Mzg3OTYxODQxNg==&mid=2247485659&idx=1&sn=9a1f88742398761691e3da98dddfddcb) - - [ ] [2024 年渗透测试路线图:从初学者到受聘的 8 个步骤](https://mp.weixin.qq.com/s?__biz=Mzg4NzgyODEzNQ==&mid=2247488640&idx=1&sn=6823a2045bf297fd8f81e176be33a15f) - - [ ] [WVP-GB28181摄像头管理平台user信息泄露漏洞](https://mp.weixin.qq.com/s?__biz=MzkyOTg3ODc5OA==&mid=2247484326&idx=1&sn=ec20d154a16e5fff47cb40da8080cff7) - - [ ] [这才是DeepSeek的正确使用方式!你还在用GPT那套就废了,春节前最后预警](https://mp.weixin.qq.com/s?__biz=MzkxNjMwNDUxNg==&mid=2247487250&idx=1&sn=8515efa2ae03b73faf0154fcac23f1ac) - - [ ] [如何找到更多漏洞赏金的子域?深入了解 Recon](https://mp.weixin.qq.com/s?__biz=MzkwOTE5MDY5NA==&mid=2247504783&idx=1&sn=0b286a996a793e420114b78a4ab28260) - - [ ] [太专业了 | 看完直呼学到了](https://mp.weixin.qq.com/s?__biz=Mzk0NzQxNzY2OQ==&mid=2247488121&idx=1&sn=5b995263cc37edcb4b5b49b0c9e04fbd) - - [ ] [三大暗网论坛被FBI查封:Nulled.to、Cracked.to、Sellix.io](https://mp.weixin.qq.com/s?__biz=MzkzNDIzNDUxOQ==&mid=2247494660&idx=1&sn=78a7e764b99312cacb05bbc152126f47) - - [ ] [Claude的CEO表示:AI可能改变一切,AI监管迫在眉睫](https://mp.weixin.qq.com/s?__biz=MzkzNDIzNDUxOQ==&mid=2247494660&idx=2&sn=1fec4b47ea7ed7cf1ffa7a383a2c1720) - - [ ] [[0131] 一周重点威胁情报|天际友盟情报站](https://mp.weixin.qq.com/s?__biz=MzIwNjQ4OTU3NA==&mid=2247510031&idx=1&sn=96238f2c438e027f989dc96653204673) - - [ ] [【JAVA代码审计】bootplus 管理系统审计](https://mp.weixin.qq.com/s?__biz=Mzg4MTkwMTI5Mw==&mid=2247488801&idx=1&sn=23d3e5f6c01320523c5495ca12df4bf2) - - [ ] [DeepSeek 数据库未授权访问漏洞,导致大量数据泄露](https://mp.weixin.qq.com/s?__biz=MzIxMTg1ODAwNw==&mid=2247500544&idx=1&sn=ebf9f3fcb46a7bcadad135da1b6e8fd8) - - [ ] [美国对DeepSeek“出手”了!AI大模型如何迎战网络恶意攻击?](https://mp.weixin.qq.com/s?__biz=MjM5NzA3Nzg2MA==&mid=2649870870&idx=1&sn=7685e470c401fdb0831d90ac129b068f) - - [ ] [创宇猎幽NDR流量监测系统:向前防御,威胁检测](https://mp.weixin.qq.com/s?__biz=MjM5NzA3Nzg2MA==&mid=2649870870&idx=2&sn=72942469d7ee4ea63b7171dd6e606c62) - - [ ] [医疗行业数据安全风险评估实践指南(二)](https://mp.weixin.qq.com/s?__biz=Mzg2NjY2MTI3Mg==&mid=2247498376&idx=1&sn=8f7f3f907a84a2b5a13e4e552247526a) - - [ ] [无参数读文件和RCE的利用研究](https://mp.weixin.qq.com/s?__biz=MjM5MjEyMTcyMQ==&mid=2651037458&idx=1&sn=0ee75174afec20a34c3f3243329d42e4) - - [ ] [AI抢不走的工作,微软力挺红队测试仍需人类“掌舵”](https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651313290&idx=1&sn=a6d328c9fd6e44ceb96698a3205f5786) - - [ ] [新的“双击劫持”漏洞绕过主要网站上的点击劫持保护](https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651313290&idx=2&sn=44a6a38890bbe1cf23af0cb8162a8362) - - [ ] [虚假PoC漏洞利用正用来攻击研究人员](https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651313290&idx=3&sn=c9beec9c5ce5078f2a7e260af8dc140f) - - [ ] [IAMActionHunter:一款AWS IAM策略声明解析和查询工具](https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651313290&idx=4&sn=c46a99c55e12a98fb61cc4819e385d68) - - [ ] [大年初三 蛇全蛇美](https://mp.weixin.qq.com/s?__biz=Mzg2MTU5ODQ2Mg==&mid=2247507175&idx=1&sn=0d04c34fa4f1ea8c975d2765b3fcdde8) - - [ ] [数字取证之数据保护u200c](https://mp.weixin.qq.com/s?__biz=MjM5OTk4MDE2MA==&mid=2655264880&idx=1&sn=7424698e3f088be94f084851bee8adde) - - [ ] [祥蛇嬉初三 福运伴身畔](https://mp.weixin.qq.com/s?__biz=MzU0MjEwNTM5Ng==&mid=2247520423&idx=1&sn=435bb09e1f0125a3af0ccfdbbe203099) - - [ ] [大年初三 | 金福盈门,万象更新](https://mp.weixin.qq.com/s?__biz=Mzk0MDQ5MTQ4NA==&mid=2247487429&idx=1&sn=5756ef7cab4f6ff1ce0a1364151444a5) - - [ ] [网安原创文章推荐【2025/1/30】](https://mp.weixin.qq.com/s?__biz=MzAxNzg3NzMyNQ==&mid=2247489527&idx=1&sn=410e2304fe7538839c5cb1c2467bb056) - - [ ] [初三](https://mp.weixin.qq.com/s?__biz=MzUyMjAyODU1NA==&mid=2247491948&idx=1&sn=4852c2eb3611785194c330002093797a) - - [ ] [大年初三 | 福绕蛇年,万“巳”胜意](https://mp.weixin.qq.com/s?__biz=MzA4MTg0MDQ4Nw==&mid=2247579271&idx=1&sn=bfb185d569ae97db908675e7f2419714) - - [ ] [rsync进阶指南:14个提升效率的黑科技用法](https://mp.weixin.qq.com/s?__biz=MzI5MjY4MTMyMQ==&mid=2247489889&idx=1&sn=ed213d71fa01c3309c93e853d4e8c1ed) - - [ ] [DeepSeek 数据库裸奔 百万敏感数据任人取!](https://mp.weixin.qq.com/s?__biz=MzAwMjA5OTY5Ng==&mid=2247525706&idx=1&sn=976ec18c7118e288efff987289130d14) - - [ ] [欧盟《网络复原力法》全文翻译](https://mp.weixin.qq.com/s?__biz=MzIxODM0NDU4MQ==&mid=2247506421&idx=1&sn=f3b2c847cf7748ef86bc68daa496de01) - - [ ] [飞书文档快速转化本地makedown文件](https://mp.weixin.qq.com/s?__biz=Mzk0ODY1NzEwMA==&mid=2247486602&idx=1&sn=faff49b1d51d07088cac426018d9ddef) - - [ ] [Java反序列化漏洞 | Fastjson反序列化漏洞原理+漏洞复现](https://mp.weixin.qq.com/s?__biz=Mzk0Mzc1MTI2Nw==&mid=2247487416&idx=1&sn=3071e9e82d12510b732a50c8e22cd596) - - [ ] [美国DARPA的宏伟Red-C计划:通过“自我修复固件”实现网络攻击的实时检测与修复](https://mp.weixin.qq.com/s?__biz=MzkyMjQ5ODk5OA==&mid=2247507167&idx=1&sn=26840502c819f510d39d577dccb84196) - - [ ] [5th域安全微讯早报【20250131】027期](https://mp.weixin.qq.com/s?__biz=MzkyMjQ5ODk5OA==&mid=2247507167&idx=2&sn=5e964e3fa5c3c44a17a1eade47f8ea71) - - [ ] [CVE-2024-49138 poc windows CLFS.sys提权漏洞](https://mp.weixin.qq.com/s?__biz=MzU1NzczNTM1MQ==&mid=2247485185&idx=1&sn=b8349c313ac09f29240c61f055433ddd) - - [ ] [Cadiclus – 使用PowerShell辅助Linux 系统提权](https://mp.weixin.qq.com/s?__biz=MzU1NzczNTM1MQ==&mid=2247485185&idx=2&sn=c8f3a8d2d11a3eaf2491baeb50be5792) - - [ ] [正月初三| 三阳开泰 日富一日](https://mp.weixin.qq.com/s?__biz=MzI2MzU0NTk3OA==&mid=2247506082&idx=1&sn=f2db30e5f0ea2346966522e0549b57d3) - - [ ] [捷普信创安全产品线,助力信创产业发展](https://mp.weixin.qq.com/s?__biz=MzI2MzU0NTk3OA==&mid=2247506082&idx=2&sn=20cc3516e0158067694fa5fd3a3ce1a9) - - [ ] [【焕新领先】捷普IPS/IDS系统](https://mp.weixin.qq.com/s?__biz=MzI2MzU0NTk3OA==&mid=2247506082&idx=3&sn=93dde62780cb716dcdb350ec05102794) - - [ ] [使用豆包获取抖音文案](https://mp.weixin.qq.com/s?__biz=Mzk0MTI4NTIzNQ==&mid=2247492239&idx=1&sn=f547e48b7cb815b2cde4361dd852d1e9) - - [ ] [ECShop 4.x collection_list SQL注入](https://mp.weixin.qq.com/s?__biz=Mzg4NDg3NjE5MQ==&mid=2247485617&idx=1&sn=cbea289e260befd038d87e4741df7ca9) - - [ ] [正月初三贴赤口!亚信安全祝大家抬头见禧,蛇运亨通](https://mp.weixin.qq.com/s?__biz=MjM5NjY2MTIzMw==&mid=2650620967&idx=1&sn=d6e3efc6033a4781fd8740b2499a17fb) - - [ ] [大年初三 三阳开泰](https://mp.weixin.qq.com/s?__biz=MjM5NzE0NTIxMg==&mid=2651135290&idx=1&sn=dbeba374802d07fb246a2c9630ba2375) - - [ ] [初三 | 四季皆如意,万事尽亨通,新岁多欢颜,康泰常相伴!](https://mp.weixin.qq.com/s?__biz=MzU4NjY4MDAyNQ==&mid=2247497080&idx=1&sn=4a5edfd2575e50bfbd568743f9f9a172) - - [ ] [2025年全球风险报告:冲突、环境和虚假信息是主要威胁](https://mp.weixin.qq.com/s?__biz=MzUzODYyMDIzNw==&mid=2247516970&idx=1&sn=06109ad8fa78d90f969ee430577ef590) - - [ ] [针对DeepSeek的网络攻击再升级:僵尸网络进场 攻击指令激增上百倍u200b](https://mp.weixin.qq.com/s?__biz=MzAxMjE3ODU3MQ==&mid=2650607360&idx=1&sn=c48a0548576e4ce9ae4ed53e751d671c) - - [ ] [2025网络暴露危机报告:45%第三方应用越权访问用户数据](https://mp.weixin.qq.com/s?__biz=MzAxMjE3ODU3MQ==&mid=2650607360&idx=2&sn=d60da4ef519827d85981b8d02d848e2f) - - [ ] [经典华为路由器漏洞复现详细分析(包括整个漏洞链)](https://mp.weixin.qq.com/s?__biz=MzAxMjE3ODU3MQ==&mid=2650607360&idx=3&sn=cac10cb8e85c07f523764294668f4fec) - - [ ] [AutoPen - 自动化渗透测试工具](https://mp.weixin.qq.com/s?__biz=MzAxMjE3ODU3MQ==&mid=2650607360&idx=4&sn=e33cdb19a4aabc1350cfd4c407aa7076) - - [ ] [初三:喜报春来](https://mp.weixin.qq.com/s?__biz=MzU0NDk0NTAwMw==&mid=2247624777&idx=1&sn=4af85ac3e0ff1b3aa079b4aea709111c) - - [ ] [自动化代码审计工具](https://mp.weixin.qq.com/s?__biz=MzkyNzIxMjM3Mg==&mid=2247489194&idx=1&sn=c3c275b655d3817e6f75a800f10a0e01) - - [ ] [夺回失去的一切](https://mp.weixin.qq.com/s?__biz=MzkyNzIxMjM3Mg==&mid=2247489194&idx=2&sn=c7ce655667ccb528720b4da5ed8ded7f) - - [ ] [【初三】畅享惬意假期 尽享无忧时光](https://mp.weixin.qq.com/s?__biz=MjM5NTE0MjQyMg==&mid=2650624575&idx=1&sn=a1c5ed5f4b0b0de27bba620517b40099) - - [ ] [【贺蛇年】初三送福 信安保吉](https://mp.weixin.qq.com/s?__biz=MzAxMjE1MDY0NA==&mid=2247508844&idx=1&sn=08446e6ae4fd80b63e788f60f6df0ec1) - - [ ] [一分钟搭建本地大模型DeepSeek!永久免费!无需联网!一条命令即可搭建!!!!](https://mp.weixin.qq.com/s?__biz=Mzg2Nzk0NjA4Mg==&mid=2247498557&idx=1&sn=4be63db2842575769a912e8c3332c989) - - [ ] [山石网科·AI汇东方|正月初三,张贴赤口](https://mp.weixin.qq.com/s?__biz=MzAxMDE4MTAzMQ==&mid=2661298290&idx=1&sn=b4f906505b483a77b737f218f4ee339e) -- Tenable Blog - - [ ] [Cybersecurity Snapshot: CSA Offers Tips for Deploying AI Securely, While Deloitte Says Cyber Teams’ GenAI Use Yields Top ROI](https://www.tenable.com/blog/cybersecurity-snapshot-ai-security-tips-generative-ai-roi-01-31-2025) -- Blog – Red Siege Information Security - - [ ] [Security Posture Review and Penetration Testing](https://redsiege.com/blog/2025/01/security-posture-review-and-penetration-testing/) -- Bug Bounty in InfoSec Write-ups on Medium - - [ ] [My Bug Bounty Journey: A Middle-Class Kid’s Quest for Free and Beyond](https://infosecwriteups.com/my-bug-bounty-journey-a-middle-class-kids-quest-for-free-and-beyond-1cd6b65240d6?source=rss----7b722bfd1b8d--bug_bounty) - - [ ] [How I Earned $200 Using GitHub Dorking: A Manual and Automated Guide to Finding Sensitive…](https://infosecwriteups.com/how-i-earned-200-using-github-dorking-a-manual-and-automated-guide-to-finding-sensitive-ebbbfcad7296?source=rss----7b722bfd1b8d--bug_bounty) -- Hexacorn - - [ ] [Files of interest](https://www.hexacorn.com/blog/2025/01/31/9839/) -- SentinelOne - - [ ] [The Good, the Bad and the Ugly in Cybersecurity – Week 5](https://www.sentinelone.com/blog/the-good-the-bad-and-the-ugly-in-cybersecurity-week-5-6/) -- Malware-Traffic-Analysis.net - Blog Entries - - [ ] [2025-01-31: Two pcaps of AgentTesla-style data exfil, one using FTP and one using SMTP](https://www.malware-traffic-analysis.net/2025/01/31/index.html) -- HAHWUL - - [ ] [Enhancing OWASP Noir with AI](https://www.hahwul.com/2025/01/31/owasp-noir-x-llm/) -- Securelist - - [ ] [One policy to rule them all](https://securelist.com/group-policies-in-cyberattacks/115331/) -- Binary Ninja - - [ ] [RE//thinking Conferences](https://binary.ninja/2025/01/31/re-thinking-conferences.html) + - [ ] [DIDCTF-2023陇剑杯](https://mp.weixin.qq.com/s?__biz=MzkxMTcyMDczOQ==&mid=2247489928&idx=1&sn=6d7c3e6bdc2ebf1e295e8267c5d8bdde) + - [ ] [使用ollama+chatboxai本地部署DeepSeek-R1](https://mp.weixin.qq.com/s?__biz=MzkzMjIxNjExNg==&mid=2247486252&idx=1&sn=61ab0d9e1d997b8d7b472c1053ae329f) + - [ ] [登录页面渗透的骚操作](https://mp.weixin.qq.com/s?__biz=MzIzMTIzNTM0MA==&mid=2247497000&idx=1&sn=75f5108d220ca6e274950e535e153016) + - [ ] [云安全(三):弹性计算](https://mp.weixin.qq.com/s?__biz=MzkyMjUzNTM1Mw==&mid=2247487015&idx=1&sn=e89a2fcd6f86808d6620ba1ceadcd11d) + - [ ] [一张图带你精通 OSPF 8种邻居状态机!](https://mp.weixin.qq.com/s?__biz=MzIyMzIwNzAxMQ==&mid=2649464773&idx=1&sn=acb575af881525a3e2cd0186d455397c) + - [ ] [山石网科安全技术研究院2024年度重点工作回顾](https://mp.weixin.qq.com/s?__biz=MzUzMDUxNTE1Mw==&mid=2247510303&idx=1&sn=645d8cdc8b8ff9655f7539e399beee77) + - [ ] [揭开人工智能在交通网络安全中的神秘面纱](https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247620287&idx=1&sn=6f9d6cb2c027a272fd9f3071ee1c6d98) + - [ ] [华为: Al系统的网络安全治理实践](https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247620287&idx=2&sn=0cdae5eb3d4907028fd0f96852ad3668) + - [ ] [自动驾驶汽车面临的新兴人工智能安全威胁——案例研究](https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247620287&idx=3&sn=47cf0400cb3ddb350259918836a8c068) + - [ ] [请立即拿下软考证书(政策风口)](https://mp.weixin.qq.com/s?__biz=MzkxMzIwNTY1OA==&mid=2247510853&idx=1&sn=9815e46599f8b6ca3afbebaed5b3bc14) + - [ ] [红盟只会蹭!](https://mp.weixin.qq.com/s?__biz=MjM5MDA3MzI0MA==&mid=2650091305&idx=1&sn=46fdbe456aa28cd1adac446738c5485a) + - [ ] [80元,国产开源小智AI机器人,ESP32开发板接入大模型DeepSeek、OpenAI、通义千问Qwen 2.5-Max](https://mp.weixin.qq.com/s?__biz=MjM5OTA4MzA0MA==&mid=2454936768&idx=1&sn=6f29da51c0c66d3b3071ecb6a687758f) + - [ ] [基于Linux的僵尸网络构建器,构建高级隐秘僵尸网络负载](https://mp.weixin.qq.com/s?__biz=MzA4ODEyODA3MQ==&mid=2247490259&idx=1&sn=c08c2bd9abcefc046bac145ca7cbfe50) + - [ ] [从小白开发渗透工具视角入手,探究普通的DeepSeek和深度思考DeepSeek!](https://mp.weixin.qq.com/s?__biz=MzkxNjQyODY5MA==&mid=2247487061&idx=1&sn=72f827cadc8c26260ee3070fc1b7efd2) + - [ ] [爆火后,春节期间DeepSeek遭受持续网络攻击](https://mp.weixin.qq.com/s?__biz=Mzg4NzQ4MzA4Ng==&mid=2247485208&idx=1&sn=4fcdd68a9ed97a7a5ce93ad85d49bfa7) + - [ ] [美国出手!DeepSeek面临国家安全审查,背后真相竟是?](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485498&idx=1&sn=84a02aeabc93094170e1c0d52c326621) + - [ ] [【干货原创】实网攻防演习常态化,会带来什么变化01](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485498&idx=4&sn=c60736a2da5c4b3aee5754d81a719daf) + - [ ] [【干货原创】K12教育,鲜为人知的模式秘密](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485498&idx=5&sn=a7411432d09e6c934f287ea4aa143914) + - [ ] [原创文章目录](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485498&idx=6&sn=b4b5521d819b8caacf8445038a197b3e) + - [ ] [攻防技战术动态一周更新 - 20250127](https://mp.weixin.qq.com/s?__biz=MzkzODc4NjE1OQ==&mid=2247483926&idx=1&sn=1cf9efa9275745a63e8321ce0f5b52e0) + - [ ] [啊不行了 | 州弟的完全仿真代码审计环境](https://mp.weixin.qq.com/s?__biz=Mzk0NzQxNzY2OQ==&mid=2247488177&idx=1&sn=5a13360627fa6f17845ed7f5ecb49401) + - [ ] [如何快速入门TARA分析](https://mp.weixin.qq.com/s?__biz=MzIzOTc2OTAxMg==&mid=2247549669&idx=1&sn=d9810c4fd500ea3b02c460bb4d3a834a) + - [ ] [65页PPT,彻底看懂车联网!](https://mp.weixin.qq.com/s?__biz=MzIzOTc2OTAxMg==&mid=2247549669&idx=2&sn=955034255c03e02fe1ee9b3369ad005a) + - [ ] [6大免费观影神器,速收藏!另外在送两个建议大家收藏哦](https://mp.weixin.qq.com/s?__biz=MzI2OTk4MTA3Ng==&mid=2247496979&idx=1&sn=65d0260847cf75b6e233e2e5cc89ac13) + - [ ] [ctftools-all-in-oneV7.5研发进度](https://mp.weixin.qq.com/s?__biz=MzI1NzUxOTUzMA==&mid=2247485804&idx=1&sn=d28981ead96f5082104db24877042d3f) + - [ ] [AI风险分析 | 攻击组织在多个AWS租户环境劫持LLM模型](https://mp.weixin.qq.com/s?__biz=MzkyMTI0NjA3OA==&mid=2247494056&idx=1&sn=4e236c890b1530189931881acd81dc9b) + - [ ] [成为看雪讲师,开启技术分享的高光时刻](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458589300&idx=1&sn=5bc3ab9031d8c5a62d14e0fc0189cf4f) + - [ ] [关于PAN-OS DoS(CVE-2024-3393)的研究](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458589300&idx=2&sn=e9f874ab1024ce5d7a8a2a424b891a7f) + - [ ] [新年新气象!想换工作看这里](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458589300&idx=3&sn=9f27f3668d0461ba4776901f8b44fc8d) + - [ ] [DeepSeek-R1展示了小模型也能成为推理专家](https://mp.weixin.qq.com/s?__biz=MzIxODM0NDU4MQ==&mid=2247506426&idx=1&sn=b8eae0703ee904b21809cbae29edd137) + - [ ] [Cobalt Strike 和一对 SOCKS 代理引发 LockBit 勒索软件事件](https://mp.weixin.qq.com/s?__biz=MzAxODM5ODQzNQ==&mid=2247486923&idx=1&sn=d11a4c7e9e5411ca2c7631f9f4706dbe) + - [ ] [营销号别再传了!deepseek的安全攻防不是武侠修仙!](https://mp.weixin.qq.com/s?__biz=MzIxNDAyNjQwNg==&mid=2456099384&idx=1&sn=1878da953490a6aa39caed770ad1406f) + - [ ] [21.4k star,开源安全漏洞扫描神器,可集成CI/CD](https://mp.weixin.qq.com/s?__biz=MzkxMzMyNzMyMA==&mid=2247570693&idx=1&sn=91430db87cc7d4fe301b95d1c68fda36) + - [ ] [19岁、利用黑客技术盗取4万余网络账号,获利7万:被判](https://mp.weixin.qq.com/s?__biz=MzIxMDIwODM2MA==&mid=2653931481&idx=1&sn=6f6dfc4a0f5a36ad5886ae1d975ca3d5) + - [ ] [荣耀终端申请热点控制相关专利,提高Wi-Fi网络安全性](https://mp.weixin.qq.com/s?__biz=MzIxMDIwODM2MA==&mid=2653931481&idx=2&sn=9bd4ad59f5cb2457c1b33a0d0febc77f) + - [ ] [Android 检测:高级 Root 检测绕过 - Smali 代码篡改](https://mp.weixin.qq.com/s?__biz=MzAxMjYyMzkwOA==&mid=2247527447&idx=1&sn=a371987781d51e0e776920a85741fe0c) + - [ ] [CVE-2025-0065:TeamViewer 修补 Windows 客户端中的权限提升漏洞](https://mp.weixin.qq.com/s?__biz=MzAxMjYyMzkwOA==&mid=2247527447&idx=2&sn=0ab2f693c54ddb608b553da95edaa698) + - [ ] [【预警】Deepseek钓鱼页面预警](https://mp.weixin.qq.com/s?__biz=MzkzNDIzNDUxOQ==&mid=2247494693&idx=1&sn=2d26a1d29cf92409af1b5826a779c05c) + - [ ] [\'史上最精密\'的钓鱼攻击](https://mp.weixin.qq.com/s?__biz=MzkzNDIzNDUxOQ==&mid=2247494693&idx=2&sn=e209774c65a6c7a9279e12103a2853a2) + - [ ] [DeepSeek 容易受到各种越狱策略的攻击](https://mp.weixin.qq.com/s?__biz=MzkzNDIzNDUxOQ==&mid=2247494693&idx=3&sn=d3bf7966fb506b6c0d12d7178b05975f) + - [ ] [deepseek被攻击,让一篇AI科幻爽文全网一起“造假”.....爱国饭是真容易吃啊](https://mp.weixin.qq.com/s?__biz=MzkyOTQzNjIwNw==&mid=2247491672&idx=1&sn=b7360aefe54f86dd75c59761ea4505e6) + - [ ] [学员免费课-新课:rust语言全栈开发视频教程更新到91节啦](https://mp.weixin.qq.com/s?__biz=MzkwOTE5MDY5NA==&mid=2247504843&idx=1&sn=889ae64c0adba860a43bdf303b1e8c55) + - [ ] [再看《哪吒之魔童降世》,照见了每个孤独灵魂的镜像](https://mp.weixin.qq.com/s?__biz=MzUzNjkxODE5MA==&mid=2247488225&idx=1&sn=db0f673d48ff5d473ec98bbbc1fb985d) + - [ ] [当心!你访问的DeepSeek可能是假的(附鉴别攻略)](https://mp.weixin.qq.com/s?__biz=MzkxOTUyOTc0NQ==&mid=2247492979&idx=1&sn=4359b2068a9e33a73390c8d5c3b09cd6) + - [ ] [[狗头]既然你们不装了 我也不装了](https://mp.weixin.qq.com/s?__biz=MzkxNTczMjA1Ng==&mid=2247483979&idx=1&sn=84d324835c297123830f204b2c017ca3) + - [ ] [小学生也能把DeepSeek AI大模型部署到本地电脑](https://mp.weixin.qq.com/s?__biz=Mzg3MDYyNzY0MA==&mid=2247491061&idx=1&sn=3c2a793788ec33b5e7deab60be9d861f) + - [ ] [分享的图片、视频、链接](https://mp.weixin.qq.com/s?__biz=Mzk1NzI0NDYyNA==&mid=2247483681&idx=1&sn=2f48ada9475d73f797f2610b931ad951) + - [ ] [【紧急通知】重要声明!!!你们别搞抽象](https://mp.weixin.qq.com/s?__biz=Mzk0NDU1NTA5MA==&mid=2247484419&idx=1&sn=771b1853e3d266165af8d6fc34bf59d8) + - [ ] [To B大模型应用的落地实践与思考](https://mp.weixin.qq.com/s?__biz=MzIzNjAyODE0NQ==&mid=2247483940&idx=1&sn=6c82ca97527b253a09315b3787c555cd) + - [ ] [星火年鉴· 顶级篇|从建设热潮转向深化应用 工业互联网国家顶级节点(上海)“申”势赫奕](https://mp.weixin.qq.com/s?__biz=MzU1OTUxNTI1NA==&mid=2247592384&idx=1&sn=0a29d3a3786c033ddb4ddcf3cb7b5c39) + - [ ] [人工智能/机器学习在美国太空域感知方面的应用](https://mp.weixin.qq.com/s?__biz=Mzg2NTYyODgyNg==&mid=2247504627&idx=1&sn=e66481ed12da4238df098da5ec1adcf8) + - [ ] [超燃!民间流传的DeepSeek安全反击战,堪比大片!](https://mp.weixin.qq.com/s?__biz=MzkzMzcxNTQyNw==&mid=2247485589&idx=1&sn=87b3c484760a254daeba89499a24251a) + - [ ] [信息泄露到任意用户重置密码](https://mp.weixin.qq.com/s?__biz=MzkzNTQwNjQ4OA==&mid=2247484067&idx=1&sn=455e369cd15c1b958e17f3221ad96a51) + - [ ] [6](https://mp.weixin.qq.com/s?__biz=MzAwMjQ2NTQ4Mg==&mid=2247496913&idx=1&sn=b90c2f8c33e0648cc1e9d560c5982fcb) + - [ ] [[耻辱] DeepSeek 遭受新轮“攻击”的幕后黑手竟来自国人内部?](https://mp.weixin.qq.com/s?__biz=MzkwODI1ODgzOA==&mid=2247506632&idx=1&sn=2bd540c33d1be58d380037ae2d1cd7c5) + - [ ] [不使用基于SUPI的寻呼:应用5G网络安全和隐私功能](https://mp.weixin.qq.com/s?__biz=MzA5MTYyMDQ0OQ==&mid=2247493605&idx=1&sn=423f73cc546dcfedf633d523d57b0a42) + - [ ] [(吃瓜)神人TV之糯米团子的清华学姐(续)](https://mp.weixin.qq.com/s?__biz=MzkzNjczNzEyMw==&mid=2247484243&idx=1&sn=0b7ae7f6bc8ebcd56064d456e227f82c) + - [ ] [创建和黑客攻击 Slack 机器人:深入探讨 Slack Jack](https://mp.weixin.qq.com/s?__biz=MzkwOTE5MDY5NA==&mid=2247504835&idx=1&sn=75a977e90904e15849abe75679e5bdc4) + - [ ] [Deepseek引发的流量之战,关于乌鸦的祛魅与重构](https://mp.weixin.qq.com/s?__biz=MzUzNjkxODE5MA==&mid=2247488214&idx=1&sn=af0b3a477109f155a16506461391656e) + - [ ] [VLAN和VXLAN的区别?网络工程师必知](https://mp.weixin.qq.com/s?__biz=MzUyNTExOTY1Nw==&mid=2247528063&idx=1&sn=fd1340771f653bfa6373c8dff5296ca4) + - [ ] [索尼盖了一座「Sony Park」,我在里面发现了 Sony 的「精神内核」](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653073083&idx=1&sn=d126353a3135b021c1f8fd8c0e66f61a) + - [ ] [【2025春节】解题领红包活动排行榜(初四 2/1)](https://mp.weixin.qq.com/s?__biz=MjM5Mjc3MDM2Mw==&mid=2651141665&idx=1&sn=cf29ecaf3b5e2954cc5cb4b91fcef39f) + - [ ] [Pwnkit:CVE-2021-4034](https://mp.weixin.qq.com/s?__biz=MzkyMDY5OTg5OA==&mid=2247493360&idx=1&sn=ac3879690699a5af38b6a86f1cf232a2) + - [ ] [静态代码分析工具推荐:保障你的应用安全](https://mp.weixin.qq.com/s?__biz=MzkxNTU5NTI1Ng==&mid=2247487270&idx=1&sn=bc240b5098e27842d109a426e8eb92a3) + - [ ] [时间强盗漏洞:ChatGPT绕过敏感话题安全防护](https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651313321&idx=1&sn=0d6cfa7efe94cdf992cd2dcb49139048) + - [ ] [DeepSeek AI数据库泄露:超百万条日志和密钥曝光](https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651313321&idx=2&sn=c838d48d01493b39dad417919a053be4) + - [ ] [OWASP发布2025十大智能合约安全漏洞](https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651313321&idx=3&sn=2d401e6e743d4029238b04acea892e1b) + - [ ] [卡巴斯基公布奔驰汽车十几个漏洞](https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651313321&idx=4&sn=87670a1665432dda01a0ca651d6f847a) + - [ ] [这份书法论文快速生成指南,让你和图书馆说拜拜!](https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247493258&idx=1&sn=0ffef35899a9b653fee3225ef51b12eb) + - [ ] [这是官方内部同行鲜有知道的工商管理论文大纲落实与完善实操秘籍!](https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247493258&idx=2&sn=bf003ad605fea1e133a894e93f22b29b) + - [ ] [真实案例解密:新手公共管理论文初稿快速生成高阶攻略。](https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247493258&idx=3&sn=98ef31c04f8b932a7e8923248b3734eb) + - [ ] [震惊!电气工程论文大纲落实完善6大高阶攻略(被导师狂赞)。](https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247493258&idx=4&sn=7a1dad8668c13b926bc5e0610c36c877) + - [ ] [震惊!老社工博士的社会工作论文文献搜集内部高阶指南。](https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247493258&idx=5&sn=43192e01e90bfbbedacaf1c381833a86) + - [ ] [震惊!这个审稿神器竟助电商工程学术论文一键查漏补缺的实用攻略。](https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247493258&idx=6&sn=51d6cd0475f631f8e919625aa386b995) + - [ ] [震惊!ChatGPT如何一天发现诉讼法学论文全部问题的内部指南!](https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247493258&idx=7&sn=09ee2cb7b26c763785df00a162d27a7b) + - [ ] [震惊内部圈!我是如何用ChatGPT玩转林业工程论文方向的文献搜集!](https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247493258&idx=8&sn=527bb9ac25138f9b2e6cd7654c165a39) + - [ ] [GamaCopy 现身!模仿 Gamaredon 组织,对俄发动新一轮攻击](https://mp.weixin.qq.com/s?__biz=Mzg3OTYxODQxNg==&mid=2247485683&idx=1&sn=5c06bb2b3ba34ca9a23534534837c8a9) + - [ ] [一张屋顶照片,开源情报如何锁定它的秘密坐标](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650559421&idx=1&sn=553b9a49e14e867a2da952e98f64e056) + - [ ] [曼德海峡危机:胡塞武装如何搅动全球贸易与地缘政治的“一池春水”?](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650559421&idx=2&sn=da3d637f045dd6b7a31208d6a3090c6e) + - [ ] [你好 2025,世界会继续越来越快](https://mp.weixin.qq.com/s?__biz=MzA3NTEzMTUwNA==&mid=2651081669&idx=1&sn=aa0b77b261c5fe6e6c4784263302e03f) + - [ ] [正月初四最搞笑的笑话](https://mp.weixin.qq.com/s?__biz=MzU1NTkzMTYxOQ==&mid=2247485751&idx=1&sn=7463c252806b7e8e8da0ecf06eea866f) + - [ ] [AI 本地部署中的 ollama 是什么?](https://mp.weixin.qq.com/s?__biz=Mzk0MTI4NTIzNQ==&mid=2247492261&idx=1&sn=c7178360ac6dba4741717fd3c56a1146) + - [ ] [DeepSeek最出色的能力应该是代骂而不是代码😀](https://mp.weixin.qq.com/s?__biz=MzA3NDE0NTY0OQ==&mid=2247484242&idx=1&sn=a9166a36c2c2bb21ecd7637b5a84f422) + - [ ] [Microsoft 365 copilot 新功能202501](https://mp.weixin.qq.com/s?__biz=MzkxNzY0Mzg2OQ==&mid=2247486274&idx=1&sn=59caf18e3b9bf034c72478234c8590ad) + - [ ] [创新终端主动防护-多种通用0day漏洞检测方案](https://mp.weixin.qq.com/s?__biz=Mzg3Mzk2MzA3Nw==&mid=2247483863&idx=1&sn=3bad3dd3b64d3812fb4640e91bdf52ea) + - [ ] [【burpsuite靶场-服务端3】目录遍历漏洞](https://mp.weixin.qq.com/s?__biz=MzkzMDg1MzIwNA==&mid=2247487295&idx=1&sn=1d68a219fec3a01ea84c598bf48811fe) + - [ ] [【一周安全资讯0201】国家密码管理局废止、宣布失效部分行政规范性文件;突发!DeepSeek遭大规模恶意攻击](https://mp.weixin.qq.com/s?__biz=MzIzMDQwMjg5NA==&mid=2247506589&idx=1&sn=1c1b2e3e5c338dff993f141284e0f906) + - [ ] [安天AVL SDK反病毒引擎升级通告(20250201)](https://mp.weixin.qq.com/s?__biz=MjM5MTA3Nzk4MQ==&mid=2650209919&idx=1&sn=a0b5d397ab81a0e73c55800ff09b01a0) + - [ ] [大年初四丨安天融川给您拜年了](https://mp.weixin.qq.com/s?__biz=MjM5MTA3Nzk4MQ==&mid=2650209919&idx=2&sn=a9efdf07b227af4acbdb20e6717bc1d7) + - [ ] [DeepSeek与ChatGPT针对CTF解题对比|附在线环境](https://mp.weixin.qq.com/s?__biz=MzU5OTMxNjkxMA==&mid=2247488632&idx=1&sn=1806092dd0584dbfa5a5c8e4012dd747) + - [ ] [进京证如何办理?10分钟解决问题。](https://mp.weixin.qq.com/s?__biz=MzU4NDY3MTk2NQ==&mid=2247491071&idx=1&sn=6966854f010f06f257f245e7bc657400) + - [ ] [【2025-02-01】黑客新闻摘要](https://mp.weixin.qq.com/s?__biz=MzIzNDU5NTI4OQ==&mid=2247488405&idx=1&sn=f62872b286736d06109777492b8d9fba) + - [ ] [“黑鹰”军用直升机在华盛顿坠毁,美国防部长赫格塞斯证实与执行秘密任务有关](https://mp.weixin.qq.com/s?__biz=MzkwNzM0NzA5MA==&mid=2247505160&idx=1&sn=05f376010583e168e07d9c78e504193e) + - [ ] [刚果(金)戈马越狱风暴:4400囚犯“出逃”,局势失控?](https://mp.weixin.qq.com/s?__biz=MzkwNzM0NzA5MA==&mid=2247505160&idx=2&sn=a4a7f865889145d36a8dd860df1690cb) + - [ ] [FOFA API 驱动的图形化资产发现工具 - fofaEX](https://mp.weixin.qq.com/s?__biz=MzU2NzY5MzI5Ng==&mid=2247504982&idx=1&sn=2d93981ebe365bcb4c2964035dea3702) + - [ ] [Android Intent 重定向漏洞分析总结](https://mp.weixin.qq.com/s?__biz=MjM5MjEyMTcyMQ==&mid=2651037464&idx=1&sn=439f05b2a2f5523c148d07a794aff60a) + - [ ] [大年初四 灵蛇献瑞](https://mp.weixin.qq.com/s?__biz=Mzg2MTU5ODQ2Mg==&mid=2247507176&idx=1&sn=8819e47701a5cf51b812fd021a3bf950) + - [ ] [DeepSeek爆火后,黑产已闻风而动!](https://mp.weixin.qq.com/s?__biz=MzkyMjQ5ODk5OA==&mid=2247507181&idx=1&sn=976efdc26cefd2a37c525fb26e8ab646) + - [ ] [5th域安全微讯早报【20250201】028期](https://mp.weixin.qq.com/s?__biz=MzkyMjQ5ODk5OA==&mid=2247507181&idx=2&sn=854ed0a16f73598c2b27a762c4a53ffd) + - [ ] [数字取证之数据分析u200c](https://mp.weixin.qq.com/s?__biz=MjM5OTk4MDE2MA==&mid=2655264930&idx=1&sn=0a275a5bf702dc56d6a9f833e7aeacdf) + - [ ] [byd营销号](https://mp.weixin.qq.com/s?__biz=MzkyNTQ0OTYxOQ==&mid=2247484015&idx=1&sn=1a1073f8587d098c6dc51f8b87a766c5) + - [ ] [分享图片](https://mp.weixin.qq.com/s?__biz=MzI3Njc1MjcxMg==&mid=2247494440&idx=1&sn=1b8af18b3a22c5f39fd97ad2dfb2ae32) + - [ ] [总结 | 2024 年度内网实战攻防电子报刊 34 篇文章内容汇总](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498632&idx=1&sn=681e983fa35bb19e0904831b335d7e0f) + - [ ] [.NET 安全攻防知识交流社区](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498632&idx=2&sn=6855593bf81f6d589c2562c3edaa601f) + - [ ] [收藏 | dotNet安全矩阵 2024 年度外网入口打点阶段文章和工具汇总](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498632&idx=3&sn=66a759fa72b074482a993bee88e6bd92) + - [ ] [手机成“间谍”,亚马逊因秘密收集数据遭消费者起诉](https://mp.weixin.qq.com/s?__biz=MzAxMjE3ODU3MQ==&mid=2650607379&idx=1&sn=f423643d84fa60f7c80da858f7743731) + - [ ] [新的“双击劫持”漏洞绕过主要网站上的点击劫持保护](https://mp.weixin.qq.com/s?__biz=MzAxMjE3ODU3MQ==&mid=2650607379&idx=2&sn=1a33bc4a7ac127d883ebe4a69affe12b) + - [ ] [一次窃取程序的恶意样本分析](https://mp.weixin.qq.com/s?__biz=MzAxMjE3ODU3MQ==&mid=2650607379&idx=3&sn=28d0ae38a96ecf4446ef6bd8046c038e) + - [ ] [link-tools为一款Windows GUI界面的渗透测试工具箱](https://mp.weixin.qq.com/s?__biz=MzAxMjE3ODU3MQ==&mid=2650607379&idx=4&sn=0447ff461c0fe2afa30f94745b30c72e) + - [ ] [初四](https://mp.weixin.qq.com/s?__biz=MzUyMjAyODU1NA==&mid=2247491949&idx=1&sn=db34e5b2b978d140668f25745ca4f3ac) + - [ ] [深度解析:如何用Deepseek打造你的专属网安知识宝库?](https://mp.weixin.qq.com/s?__biz=MzkyNTQ0OTYxOQ==&mid=2247484011&idx=1&sn=6b25491f38e5b7e274cc5bc7bdeec18e) + - [ ] [OpenAI 推出 o3-mini;传苹果接近敲定折叠显示屏供应商;唐探系列票房逼近百亿元 | 极客早知道](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653073082&idx=1&sn=260c62fbf5a7f5143c5f9484f5f7f354) + - [ ] [首个由DeepSeek独立开发的AI网络安全工具箱!引起热议!](https://mp.weixin.qq.com/s?__biz=MzkxMTUwOTY1MA==&mid=2247490185&idx=1&sn=4a59c7132dfa0c66a3ee2d9273d44c79) + - [ ] [大年初三丨安天探海给您拜年了](https://mp.weixin.qq.com/s?__biz=MjM5MTA3Nzk4MQ==&mid=2650209911&idx=1&sn=e6d55300bbc6128f171aa8922b309af2) + - [ ] [正月初四| 四季平安 万物生春](https://mp.weixin.qq.com/s?__biz=MzI2MzU0NTk3OA==&mid=2247506083&idx=1&sn=4c32b2ddc46b9644a0f80c254e40075f) + - [ ] [捷普工业互联网安全产品线,驱动新型工业化发展](https://mp.weixin.qq.com/s?__biz=MzI2MzU0NTk3OA==&mid=2247506083&idx=2&sn=509abbaebad90f4e7b41a052a1b37506) + - [ ] [【焕新领先】捷普工业安全隔离与信息交换系统](https://mp.weixin.qq.com/s?__biz=MzI2MzU0NTk3OA==&mid=2247506083&idx=3&sn=bba933d63e82cfcce8411557476b0720) + - [ ] [神农安全给师傅们拜年了!内部小圈子限时半价优惠(春节专属30立减卷)](https://mp.weixin.qq.com/s?__biz=Mzk0Mzc1MTI2Nw==&mid=2247487446&idx=1&sn=81200c041d8e12afcccf366c12367022) + - [ ] [创宇盾:创宇护网安,铸盾迎春暖](https://mp.weixin.qq.com/s?__biz=MjM5NzA3Nzg2MA==&mid=2649870879&idx=1&sn=0835d1a397055e042f0ffebc0fb0b256) + - [ ] [ISO 45001: 2018 标准详解与实施(12)6.1.4 措施的策划](https://mp.weixin.qq.com/s?__biz=MzA5OTEyNzc1Nw==&mid=2247486054&idx=1&sn=8056a235d36ed43fc2ef8916630fa792) + - [ ] [2025春节网络安全警报](https://mp.weixin.qq.com/s?__biz=Mzg5OTg5OTI1NQ==&mid=2247489862&idx=1&sn=f0e4f34adcfd5b93927c5793af524fd2) + - [ ] [正月初四迎灶神!亚信安全祝大家丰衣足蛇,富贵吉祥](https://mp.weixin.qq.com/s?__biz=MjM5NjY2MTIzMw==&mid=2650620968&idx=1&sn=a03995a1122619732c382c5319d9f728) + - [ ] [大年初四 | 恭迎灶神,五谷丰登](https://mp.weixin.qq.com/s?__biz=Mzk0MDQ5MTQ4NA==&mid=2247487430&idx=1&sn=bb82f751709e49cc5ef44148ed512432) + - [ ] [大年初四 四季平安](https://mp.weixin.qq.com/s?__biz=MjM5NzE0NTIxMg==&mid=2651135291&idx=1&sn=6b54de7df7454cca49ce477a120d86fb) + - [ ] [Log4j CVE-2017-5645反序列化漏洞](https://mp.weixin.qq.com/s?__biz=Mzg4NDg3NjE5MQ==&mid=2247485618&idx=1&sn=83cfbd2aab32a9e8073abb2cd983f27d) + - [ ] [初四 | 祥蛇蜿蜒,好运满仓,锦绣山河,吉运长长!](https://mp.weixin.qq.com/s?__biz=MzU4NjY4MDAyNQ==&mid=2247497081&idx=1&sn=96484e2122edceda10e3de161b86484c) + - [ ] [大年初四 | 银蛇吐瑞,万事胜意](https://mp.weixin.qq.com/s?__biz=MzA3OTMxNTcxNA==&mid=2650963506&idx=1&sn=b2661ebf223823e387ec7d46637c3ac2) + - [ ] [零基础本地部署DeepSeek!手把手教你搭建国产最强AI大脑](https://mp.weixin.qq.com/s?__biz=Mzk0ODY1NzEwMA==&mid=2247486675&idx=1&sn=ff46b4b4ce2fb3ededd885f2398bafb9) + - [ ] [Ai战狼](https://mp.weixin.qq.com/s?__biz=MzAwMjQ2NTQ4Mg==&mid=2247496907&idx=1&sn=36a478dc796d527b7c1195a0afb86c11) + - [ ] [论文一直投不中?保姆级SCI全程投稿发表服务来了!润色、选刊、投稿、返修,直至中刊!](https://mp.weixin.qq.com/s?__biz=MzAwMjQ2NTQ4Mg==&mid=2247496907&idx=2&sn=9eeba04206e60a80699f287ad3c825bb) + - [ ] [初四:福星高照](https://mp.weixin.qq.com/s?__biz=MzU0NDk0NTAwMw==&mid=2247624778&idx=1&sn=de687f302a706e482c124823f899808b) + - [ ] [傻瓜式一键代理池,v0.3又变强了!](https://mp.weixin.qq.com/s?__biz=MzkyNzIxMjM3Mg==&mid=2247489195&idx=1&sn=3b904fbc768821fac403d8a4bca8c875) + - [ ] [闭环](https://mp.weixin.qq.com/s?__biz=MzkyNzIxMjM3Mg==&mid=2247489195&idx=2&sn=867087cc30ea38e636ef9f895828c934) + - [ ] [【初四】福气源自持续追求 幸福来自成功守护](https://mp.weixin.qq.com/s?__biz=MjM5NTE0MjQyMg==&mid=2650624576&idx=1&sn=d59a4adc412c2ff7d3e3da35639973d7) + - [ ] [【实操】美国这家公司为什么要招聘懂中文的开源情报分析师](https://mp.weixin.qq.com/s?__biz=MzI2MTE0NTE3Mw==&mid=2651148805&idx=1&sn=9e063d3b00f1b8244a1f93112561b52f) + - [ ] [山石网科·AI汇东方|正月初四,迎接灶神](https://mp.weixin.qq.com/s?__biz=MzAxMDE4MTAzMQ==&mid=2661298301&idx=1&sn=020ccfa41ee840b9ed073e4bc4aafed0) + - [ ] [初四|云端祈福许新愿 安全托管保资产](https://mp.weixin.qq.com/s?__biz=MzkxNDY0MjMxNQ==&mid=2247532973&idx=1&sn=859678b1d31898c68b30c23d9b2d7953) + - [ ] [祥蛇舞初四 瑞霭罩华枝](https://mp.weixin.qq.com/s?__biz=MzU0MjEwNTM5Ng==&mid=2247520424&idx=1&sn=bd286f553451028add056c52c23fb577) + - [ ] [初四 | 迎灶神](https://mp.weixin.qq.com/s?__biz=MzI5NjA4NjA3OA==&mid=2652102066&idx=1&sn=65d25d6bc65a19c522aa1b765683f1a6) + - [ ] [一文读懂Wi-Fi技术演进与防护方案,避开90%的安全陷阱](https://mp.weixin.qq.com/s?__biz=MzI5MjY4MTMyMQ==&mid=2247489894&idx=1&sn=0a9a3e007b347310e07aef45595554b7) + - [ ] [2025.03截稿的密码学与信息安全会议](https://mp.weixin.qq.com/s?__biz=MzI2NTUyODMwNA==&mid=2247494156&idx=1&sn=f5973b71bbd93c4e75ef0f89fe91d46e) + - [ ] [【SOUPS 2025】Feb. 13@Seattle, USA](https://mp.weixin.qq.com/s?__biz=MzI2NTUyODMwNA==&mid=2247494156&idx=2&sn=5660ed37ffa1a10ea505c80f6adce6c7) + - [ ] [【AFRICACRYPT 2025】Mar. 1@Rabat, Morocco](https://mp.weixin.qq.com/s?__biz=MzI2NTUyODMwNA==&mid=2247494156&idx=3&sn=b9caafe019d0d392cfb0c431ef040690) + - [ ] [【ACNS-SCI 2025】Mar. 15@Munich, Germany](https://mp.weixin.qq.com/s?__biz=MzI2NTUyODMwNA==&mid=2247494156&idx=4&sn=b05df3a35a52275464e34574e47e9a5e) + - [ ] [大年初四 | 大吉大利、四季平安](https://mp.weixin.qq.com/s?__biz=MzU3MzU4NjI4OQ==&mid=2247516491&idx=1&sn=fa5d0dc624abd329a7afce42b26fdb11) + - [ ] [我国密码国家标准、行业标准一览表](https://mp.weixin.qq.com/s?__biz=Mzg2NjY2MTI3Mg==&mid=2247498377&idx=1&sn=0524062d04dd563b349c3ace821721db) + - [ ] [大年初四 | 迎灶神,五谷丰登,食来运转!](https://mp.weixin.qq.com/s?__biz=MzkzMjE5MTY5NQ==&mid=2247503443&idx=1&sn=007f1bb9970631e0c19d5c2e6e40420f) + - [ ] [守护中国AI历史时刻,360为DeepSeek免费提供安全保障](https://mp.weixin.qq.com/s?__biz=MzA4MTg0MDQ4Nw==&mid=2247579285&idx=1&sn=cebadf7010ad5ea332fbd969f42808ad) + - [ ] [大年初四 | 瑞蛇赐褔,心想“巳”成](https://mp.weixin.qq.com/s?__biz=MzA4MTg0MDQ4Nw==&mid=2247579285&idx=2&sn=85f4b5408e99f96e5dd2291611fbf2f5) + - [ ] [渗透测试工具箱 -- link-tools](https://mp.weixin.qq.com/s?__biz=MzI4MDQ5MjY1Mg==&mid=2247515803&idx=1&sn=7dc9c78a24095c70a213f3029d651300) + - [ ] [APP渗透测试 -- 支付逻辑漏洞](https://mp.weixin.qq.com/s?__biz=MzI4MDQ5MjY1Mg==&mid=2247515803&idx=2&sn=0e8d3509ce68e9d3c751586e26ea08c5) + - [ ] [新的 UEFI 安全启动严重漏洞,请立即修补](https://mp.weixin.qq.com/s?__biz=Mzg3ODY0NTczMA==&mid=2247492129&idx=1&sn=a7625b1a910086ee3bbde9544f055382) + - [ ] [攻防靶场(57):十分钟拿下 Shakabrah](https://mp.weixin.qq.com/s?__biz=MzI0NjA3Mzk2NQ==&mid=2247496159&idx=1&sn=80e1dae96ac4c1f2a060607f47acebdc) + - [ ] [“职业打手”下场!DeepSeek遭攻击烈度暴增百倍](https://mp.weixin.qq.com/s?__biz=MzU2NDY2OTU4Nw==&mid=2247518527&idx=1&sn=9576e3c027418393cc4343bd599fc4dd) + - [ ] [勒索软件的现状:利用披露规则等手段](https://mp.weixin.qq.com/s?__biz=MzA5MzU5MzQzMA==&mid=2652114271&idx=1&sn=538db909410af0e5d9a565398ee71bcc) + - [ ] [网络安全等级保护核查工具 -- Golin](https://mp.weixin.qq.com/s?__biz=MzU3NzY3MzYzMw==&mid=2247499299&idx=1&sn=aad06652b663cbd055c268507cb72e35) + - [ ] [APP渗透测试 -- APK反编译](https://mp.weixin.qq.com/s?__biz=MzU3NzY3MzYzMw==&mid=2247499299&idx=2&sn=a2f442e5f21ee513a8bbd035db266679) +- Recent Commits to cve:main + - [ ] [Update Sat Feb 1 20:26:39 UTC 2025](https://github.com/trickest/cve/commit/8762f3f58de4551c97168dde18c7e266ced38a8e) + - [ ] [Update Sat Feb 1 12:22:34 UTC 2025](https://github.com/trickest/cve/commit/2eae26b3af16158a5777acd6222b88b72a623860) + - [ ] [Update Sat Feb 1 04:24:34 UTC 2025](https://github.com/trickest/cve/commit/7de9e18e5f8ae22f5eb7a3004c105a16620b2176) +- Private Feed for M09Ic + - [ ] [lz520520 starred sfackler/rust-native-tls](https://github.com/sfackler/rust-native-tls) + - [ ] [spf13 starred bitfield/script](https://github.com/bitfield/script) + - [ ] [ourren starred google/osv-scalibr](https://github.com/google/osv-scalibr) + - [ ] [ourren starred BlackSnufkin/LitterBox](https://github.com/BlackSnufkin/LitterBox) + - [ ] [zer0yu starred browser-use/browser-use](https://github.com/browser-use/browser-use) + - [ ] [glzjin starred ading2210/linuxpdf](https://github.com/ading2210/linuxpdf) + - [ ] [wuhan005 starred qiufengqijun/mini_qwen](https://github.com/qiufengqijun/mini_qwen) + - [ ] [wuhan005 starred zhanshijinwat/Steel-LLM](https://github.com/zhanshijinwat/Steel-LLM) + - [ ] [zer0yu starred datawhalechina/llms-from-scratch-cn](https://github.com/datawhalechina/llms-from-scratch-cn) + - [ ] [zer0yu starred Hiram-Wong/ZyPlayer](https://github.com/Hiram-Wong/ZyPlayer) + - [ ] [zer0yu starred fullstorydev/grpcurl](https://github.com/fullstorydev/grpcurl) + - [ ] [zer0yu starred Jiayi-Pan/TinyZero](https://github.com/Jiayi-Pan/TinyZero) + - [ ] [zer0yu started following rasbt](https://github.com/rasbt) + - [ ] [mitre forked mitre/chef-workstation from chef/chef-workstation](https://github.com/mitre/chef-workstation) +- 一个被知识诅咒的人 + - [ ] [【Python】理解Python中的协程和生成器:从yield到async](https://blog.csdn.net/nokiaguy/article/details/145412058) + - [ ] [Python中的数据类(dataclass):简化类的定义与数据管理](https://blog.csdn.net/nokiaguy/article/details/145412051) +- Twitter @bytehx + - [ ] [Re @_godiego__ Thanks for sharing good stuff. You inspired me a lot dude.](https://x.com/bytehx343/status/1885732198948765886) + - [ ] [Re @kongwenbin @Hacker0x01 Congrats man 🎉🎉🎉](https://x.com/bytehx343/status/1885732031868637343) + - [ ] [Re @stealthcopter Thank you for sharing and congrats for the bounty my friend!](https://x.com/bytehx343/status/1885622934997467535) + - [ ] [RT Mat Rollings: Chained two 'meh' WordPress vulnerabilities into a high-impact exploit on JupiterX Core 👾. From low-privilege SVG upload to full R...](https://x.com/bytehx343/status/1885622856140369997) - Reverse Engineering - - [ ] [Game Reverse Engineering for Dummies](https://www.reddit.com/r/ReverseEngineering/comments/1ief03g/game_reverse_engineering_for_dummies/) -- Malwarebytes - - [ ] [ClickFix vs. traditional download in new DarkGate campaign](https://www.malwarebytes.com/blog/cybercrime/2025/01/clickfix-vs-traditional-download-in-new-darkgate-campaign) - - [ ] [Cybercrime gets a few punches on the nose](https://www.malwarebytes.com/blog/news/2025/01/cybercrime-gets-a-few-punches-on-the-nose) -- Wallarm - - [ ] [Analyzing DeepSeek’s System Prompt: Jailbreaking Generative AI](https://lab.wallarm.com/jailbreaking-generative-ai/) + - [ ] [Formally Verified Binary-level Pointer Analysis](https://www.reddit.com/r/ReverseEngineering/comments/1ifeeay/formally_verified_binarylevel_pointer_analysis/) + - [ ] [PE basics: A windows executable walkthrough - File formats hexplorations 16](https://www.reddit.com/r/ReverseEngineering/comments/1ifjwuw/pe_basics_a_windows_executable_walkthrough_file/) + - [ ] [Reverse Engineering and Cataloging Vidar (Info stealer/Loader)](https://www.reddit.com/r/ReverseEngineering/comments/1ifair6/reverse_engineering_and_cataloging_vidar_info/) +- glzjin + - [ ] [懒猫微服外挂虚拟机管理器启动方法说明](https://www.zhaoj.in/read-9046.html) - FreeBuf网络安全行业门户 - - [ ] [意大利数据保护局封禁DeepSeek AI平台,用户数据透明度不足成焦点](https://www.freebuf.com/articles/database/420991.html) + - [ ] [90名记者和活动家遭WhatsApp零点击间谍软件攻击,Meta确认事件](https://www.freebuf.com/news/421009.html) + - [ ] [虚假谷歌广告瞄准微软广告账户,恶意软件攻击再升级](https://www.freebuf.com/articles/web/421008.html) - 奇客Solidot–传递最新科技情报 - - [ ] [朱诺号在木卫一上记录到至今最强的火山活动](https://www.solidot.org/story?sid=80455) - - [ ] [新发现小行星有 1/83 的概率在 2032 年撞击地球](https://www.solidot.org/story?sid=80454) - - [ ] [库克告诉张忠谋英特尔不知道如何代工芯片](https://www.solidot.org/story?sid=80453) - - [ ] [巴塞尔税务机关因域名错误不得不购买巴哈马域名](https://www.solidot.org/story?sid=80452) -- 黑海洋 - IT技术知识库 - - [ ] [DeepSeek 多模态大模型 Janus-Pro-7B 本地部署教程!支持图像生成](https://blog.upx8.com/4681) -- 吾爱破解论坛 - - [ ] [【2025春节】解题领红包活动排行榜(初三 1/31)](https://mp.weixin.qq.com/s?__biz=MjM5Mjc3MDM2Mw==&mid=2651141663&idx=1&sn=63c355a201f947c905a68b07647ab32a&chksm=bd50a64b8a272f5d946a584369ed1e63aa1e848c064f9913f5d0b8b726d9d660a7d66a00e91c&scene=58&subscene=0#rd) + - [ ] [OpenAI 考虑开源旧模型](https://www.solidot.org/story?sid=80459) + - [ ] [Bennu 小行星样本发现构成生命的基本成分](https://www.solidot.org/story?sid=80458) + - [ ] [WhatsApp 称记者等成为以色列间谍软件的目标](https://www.solidot.org/story?sid=80457) +- Dhole Moments + - [ ] [Hell Is Overconfident Developers Writing Encryption Code](https://soatok.blog/2025/01/31/hell-is-overconfident-developers-writing-encryption-code/) +- 懒人在思考 + - [ ] [你好 2025,世界会继续越来越快](https://mp.weixin.qq.com/s?__biz=MzA3NTEzMTUwNA==&mid=2651081669&idx=1&sn=aa0b77b261c5fe6e6c4784263302e03f&chksm=8485d4dab3f25dcc6c72bc871f2c82bb91346cc258daa86cf4d931e657135ec686fead183589&scene=58&subscene=0#rd) +- 杨龙 + - [ ] [Could not find rpcgen / rockylinux 8 / mysql 5.7 编译](https://www.yanglong.pro/could-not-find-rpcgen-rockylinux-8/) - dotNet安全矩阵 - - [ ] [收藏 | dotNet安全矩阵 2024 年度逆向调试分析阶段文章和工具汇总](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498584&idx=1&sn=d85935a8bccaf28b5e5203c9cd937ea9&chksm=fa5955b5cd2edca34577829765f94d7f8f8ba90adf5b6e399ec3c452c66f86875c7bf5bf1fe9&scene=58&subscene=0#rd) - - [ ] [.NET 内网攻防实战电子报刊](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498584&idx=2&sn=3d15023570e640313e68870e0ee24904&chksm=fa5955b5cd2edca3ab75eec14cdb7db823d32a7563590a024fd77a432760513df551302e0537&scene=58&subscene=0#rd) - - [ ] [收藏 | dotNet安全矩阵 2024 年度外网入口打点阶段文章和工具汇总](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498584&idx=3&sn=8e71ffa26350c09847ab769b9dbedcc2&chksm=fa5955b5cd2edca3ff4e40e9c3fbd087950be3490983ed47fb037e3bed4a8ec43f8f4ff18cc2&scene=58&subscene=0#rd) - - [ ] [收藏 | dotNet安全矩阵 2024 年度目标权限维持阶段文章和工具汇总](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498584&idx=4&sn=d14acdfea6504a47d1e46e7c8f38cf54&chksm=fa5955b5cd2edca3e25bcab2043d40960b8493619cf515dd830c9a69f2f552048d360d1723d5&scene=58&subscene=0#rd) + - [ ] [总结 | 2024 年度内网实战攻防电子报刊 34 篇文章内容汇总](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498632&idx=1&sn=681e983fa35bb19e0904831b335d7e0f&chksm=fa595565cd2edc73d886f41d9397e163f030a12a60338c2df1d0c1a99313c34cdcf453aa5fea&scene=58&subscene=0#rd) + - [ ] [.NET 安全攻防知识交流社区](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498632&idx=2&sn=6855593bf81f6d589c2562c3edaa601f&chksm=fa595565cd2edc735c22d1d43d28bf31a8043c2ff0206e4a1fad46e91c47f503b969c34ad67c&scene=58&subscene=0#rd) + - [ ] [收藏 | dotNet安全矩阵 2024 年度外网入口打点阶段文章和工具汇总](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498632&idx=3&sn=66a759fa72b074482a993bee88e6bd92&chksm=fa595565cd2edc732b090dd7e2e465cab66aa723f707fa97061db95641beb2e9080ebe414db5&scene=58&subscene=0#rd) +- 吾爱破解论坛 + - [ ] [【2025春节】解题领红包活动排行榜(初四 2/1)](https://mp.weixin.qq.com/s?__biz=MjM5Mjc3MDM2Mw==&mid=2651141665&idx=1&sn=cf29ecaf3b5e2954cc5cb4b91fcef39f&chksm=bd50a6758a272f63660c32ba0c3ecc6a4c6d0036e2c3311ac5a9642e041e64846a8b2d665c2a&scene=58&subscene=0#rd) +- 看雪学苑 + - [ ] [成为看雪讲师,开启技术分享的高光时刻](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458589300&idx=1&sn=5bc3ab9031d8c5a62d14e0fc0189cf4f&chksm=b18c28fe86fba1e830bdfaaa3dad1ea3f45cb278603db9b29f7f82a13061c29d3fad34ffb90a&scene=58&subscene=0#rd) + - [ ] [关于PAN-OS DoS(CVE-2024-3393)的研究](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458589300&idx=2&sn=e9f874ab1024ce5d7a8a2a424b891a7f&chksm=b18c28fe86fba1e8336887843dd4ab08afa58ca810f485f7a4efd1b50cb9fd256fc84de3faef&scene=58&subscene=0#rd) + - [ ] [新年新气象!想换工作看这里](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458589300&idx=3&sn=9f27f3668d0461ba4776901f8b44fc8d&chksm=b18c28fe86fba1e8dd2d842e7865bb85275949ce91d8343b184e67d31116e265167a799346d9&scene=58&subscene=0#rd) - 丁爸 情报分析师的工具箱 - - [ ] [【实操】美国客机与黑鹰直升机相撞的视频、音频、轨迹回放及遇难机组和乘客](https://mp.weixin.qq.com/s?__biz=MzI2MTE0NTE3Mw==&mid=2651148793&idx=1&sn=03180450dc0a7ac7bb10d75ce4ca6d3c&chksm=f1af26c3c6d8afd574a2952fe360477386f6c4b3918f013832c9caf99dedafd4d4838e3aa576&scene=58&subscene=0#rd) + - [ ] [【实操】美国这家公司为什么要招聘懂中文的开源情报分析师](https://mp.weixin.qq.com/s?__biz=MzI2MTE0NTE3Mw==&mid=2651148805&idx=1&sn=9e063d3b00f1b8244a1f93112561b52f&chksm=f1af253fc6d8ac290fc8dca96c30d62e60d07618c84cb14ae5438deb25c2cf1d94b912bfdefc&scene=58&subscene=0#rd) +- M01N Team + - [ ] [AI风险分析 | 攻击组织在多个AWS租户环境劫持LLM模型](https://mp.weixin.qq.com/s?__biz=MzkyMTI0NjA3OA==&mid=2247494056&idx=1&sn=4e236c890b1530189931881acd81dc9b&chksm=c18429b9f6f3a0af3f80e1754671e55d82a71e47ec29f9272b4b4a098b2589be1f97125f789e&scene=58&subscene=0#rd) - 情报分析师 - - [ ] [惊天一撞,华盛顿客机与直升机空难背后的真相!](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650559372&idx=1&sn=0410ce8851f28ddbc609457ae73483de&chksm=87117dc7b066f4d1ad44ee89f45d8490695f007aa2b56cf7f6d72328537333ddcdfc9c7337b7&scene=58&subscene=0#rd) - - [ ] [美国为何对 DeepSeek 如此“上心”?一场科技博弈的真相](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650559372&idx=2&sn=369c0d3168fb3469fb3aefa3fb9cafd0&chksm=87117dc7b066f4d1185de6f282e7121df9671775c92c0f4fb83ca20be6f20fe42e7a73261f00&scene=58&subscene=0#rd) + - [ ] [一张屋顶照片,开源情报如何锁定它的秘密坐标](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650559421&idx=1&sn=553b9a49e14e867a2da952e98f64e056&chksm=87117df6b066f4e02b4a6876e54d720ee170450d1c395ffe0105d0706fe5d6ab74379e4b352c&scene=58&subscene=0#rd) + - [ ] [曼德海峡危机:胡塞武装如何搅动全球贸易与地缘政治的“一池春水”?](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650559421&idx=2&sn=da3d637f045dd6b7a31208d6a3090c6e&chksm=87117df6b066f4e0fb09af9b07d9ca4bba5438966830e0fa0eefe10d061d66df93c7333cd85f&scene=58&subscene=0#rd) - 极客公园 - - [ ] [对 Deepseek 从赞叹到压制,硅谷为何一周内变脸](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653073065&idx=1&sn=a7e25c9de7abe6fdf8234a898f67c3ca&chksm=7e57d31f49205a09b4245af36dad8e7b2b6ae8ed98f621dae59d0665e632d55f834f35024074&scene=58&subscene=0#rd) - - [ ] [针对 DeepSeek 网络攻击暴增上百倍;苹果在华销售额下降 11%;《鱿鱼游戏》第三季公布 | 极客早知道](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653073064&idx=1&sn=56daa14e6f49dd3d526aa22a9ca2de8a&chksm=7e57d31e49205a089760b83fce00f837009c8dc1e6bcc9969dc9819cc32f9df30f57631463a7&scene=58&subscene=0#rd) -- M01N Team - - [ ] [AI风险分析 | 从Freysa转账案例看智能体应用的潜在风险](https://mp.weixin.qq.com/s?__biz=MzkyMTI0NjA3OA==&mid=2247494055&idx=1&sn=1a0b66065e3db8d26597a12328032d82&chksm=c18429b6f6f3a0a0f87c56e68eb79be4df5d7a78ecb73f1a39c54ea3e74374f0d2671ba3d073&scene=58&subscene=0#rd) -- 吴鲁加 - - [ ] [YC 的 AI 创业创意](https://mp.weixin.qq.com/s?__biz=Mzg5NDY4ODM1MA==&mid=2247485169&idx=1&sn=59224d6daf6f30591f7da17a13031fd7&chksm=c01a8bc0f76d02d648546ccc4303533b8e1ba5c3a69a2d84ba7809e30f397b269423fd3847f6&scene=58&subscene=0#rd) -- 360数字安全 - - [ ] [大年初三 | 福绕蛇年,万“巳”胜意](https://mp.weixin.qq.com/s?__biz=MzA4MTg0MDQ4Nw==&mid=2247579271&idx=1&sn=bfb185d569ae97db908675e7f2419714&chksm=9f8d268fa8faaf9939e8fef41d497b2f71db4645149724c942c4674b04c19548141fda1cbdd9&scene=58&subscene=0#rd) + - [ ] [索尼盖了一座「Sony Park」,我在里面发现了 Sony 的「精神内核」](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653073083&idx=1&sn=d126353a3135b021c1f8fd8c0e66f61a&chksm=7e57d30d49205a1b3b0befa1b468d85f278e27b8b85d28714b4d63e42c6985ec0391686a33a3&scene=58&subscene=0#rd) + - [ ] [OpenAI 推出 o3-mini;传苹果接近敲定折叠显示屏供应商;唐探系列票房逼近百亿元 | 极客早知道](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653073082&idx=1&sn=260c62fbf5a7f5143c5f9484f5f7f354&chksm=7e57d30c49205a1a5ee41aba5d469ec4863035eca62673386b175198c0eea17bbbf6e73b3c3b&scene=58&subscene=0#rd) +- 赛博回忆录 + - [ ] [营销号别再传了!deepseek的安全攻防不是武侠修仙!](https://mp.weixin.qq.com/s?__biz=MzIxNDAyNjQwNg==&mid=2456099384&idx=1&sn=1878da953490a6aa39caed770ad1406f&chksm=803c6bf1b74be2e79fd3f7765e200a46d7360ef282b340a87ee2f73c4d2519b92edab928cbc9&scene=58&subscene=0#rd) +- 白日放歌须纵9 + - [ ] [To B大模型应用的落地实践与思考](https://mp.weixin.qq.com/s?__biz=MzIzNjAyODE0NQ==&mid=2247483940&idx=1&sn=6c82ca97527b253a09315b3787c555cd&chksm=e8df6bbadfa8e2ac5f5a8238794a3b3afbde91740bcb757a8b7741b6e1f5bbe26d34de694639&scene=58&subscene=0#rd) - 迪哥讲事 - - [ ] [Deepseek是如何被黑掉的](https://mp.weixin.qq.com/s?__biz=MzIzMTIzNTM0MA==&mid=2247496994&idx=1&sn=d77c2e01b0dd8e2cb783fe7214e688c4&chksm=e8a5ff41dfd27657214d811c7635b0229bfd4e0dd9f949d59f1702d65efee83dd64fe76d58cb&scene=58&subscene=0#rd) -- Krypt3ia - - [ ] [Krypt3ia Daily Cyber Threat Intelligence (CTI) Digest](https://krypt3ia.wordpress.com/2025/01/31/krypt3ia-daily-cyber-threat-intelligence-cti-digest-7/) -- Hacking Exposed Computer Forensics Blog - - [ ] [Daily Blog #734: My favorite interview question](https://www.hecfblog.com/2025/01/daily-blog-734-my-favorite-interview.html) -- Securityinfo.it - - [ ] [DeepSeek: il top della tecnologia cinese dimentica di chiudere il database esposto](https://www.securityinfo.it/2025/01/31/deepseek-il-top-della-tecnologia-cinese-dimentica-di-chiudere-il-database-esposto/?utm_source=rss&utm_medium=rss&utm_campaign=deepseek-il-top-della-tecnologia-cinese-dimentica-di-chiudere-il-database-esposto) - - [ ] [Trovata una backdoor in due dispositivi cinesi per il monitoraggio dei pazienti](https://www.securityinfo.it/2025/01/31/trovata-una-backdoor-in-due-dispositivi-cinesi-per-il-monitoraggio-dei-pazienti/?utm_source=rss&utm_medium=rss&utm_campaign=trovata-una-backdoor-in-due-dispositivi-cinesi-per-il-monitoraggio-dei-pazienti) + - [ ] [登录页面渗透的骚操作](https://mp.weixin.qq.com/s?__biz=MzIzMTIzNTM0MA==&mid=2247497000&idx=1&sn=75f5108d220ca6e274950e535e153016&chksm=e8a5ff4bdfd2765d6726120c344006dbddab0e8a7885d8c2dc52909cf0cef093765cbf0161e2&scene=58&subscene=0#rd) +- Qualys Security Blog + - [ ] [DeepSeek Failed Over Half of the Jailbreak Tests by Qualys TotalAI](https://blog.qualys.com/category/vulnerabilities-threat-research) - Over Security - Cybersecurity news aggregator - - [ ] [Former Polish justice minister arrested in sprawling spyware probe](https://therecord.media/poland-spyware-former-justice-minister-arrested) - - [ ] [Regional healthcare systems report data breaches affecting more than 1.5 million](https://therecord.media/connecticut-california-healthcare-networks-data-breaches) - - [ ] [WhatsApp accuses Paragon of targeting about 90 users with spyware](https://therecord.media/whatsapp-paragon-spyware-targeting-users) - - [ ] [FBI, Dutch Police Disrupt ‘Manipulaters’ Phishing Gang](https://krebsonsecurity.com/2025/01/fbi-dutch-police-disrupt-manipulaters-phishing-gang/) - - [ ] [Insurance firm Globe Life to warn 850,000 of potential data theft following extortion attempt](https://therecord.media/globe-life-updated-sec-filing-hackers-extortion-data-breach) - - [ ] [Cracked and Nulled Marketplaces Disrupted in International Cyber Operation](https://flashpoint.io/blog/cracked-and-nulled-marketplaces-disrupted-in-cyber-operation/) - - [ ] [DeepSeek: il top della tecnologia cinese dimentica di chiudere il database esposto](https://www.securityinfo.it/2025/01/31/deepseek-il-top-della-tecnologia-cinese-dimentica-di-chiudere-il-database-esposto/) - - [ ] [CISA employees told they are exempt from federal worker resignation program](https://therecord.media/cisa-employees-told-they-are-exempt-deferred-resignation) - - [ ] [Hackers use fake wedding invitations to spread Android malware in Southeast Asia](https://therecord.media/hackers-wedding-invitations-southeast-asia) - - [ ] [Microsoft improves text contrast for all Windows Chromium browsers](https://www.bleepingcomputer.com/news/microsoft/microsoft-improves-text-contrast-for-all-windows-chromium-browsers/) - - [ ] [Come DeepSeek ha riconfigurato la corsa all’intelligenza artificiale](https://www.guerredirete.it/come-deepseek-ha-riconfigurato-la-corsa-allintelligenza-artificiale/) - - [ ] [Italy blocks Chinese AI tool DeepSeek over privacy concerns](https://therecord.media/italy-blocks-chinese-ai-tool-deepseek-over-privacy-concerns) - - [ ] [FDA, CISA warn of backdoor in popular patient monitor used by US hospitals](https://therecord.media/contec-cms8000-firmware-backdoor-fda-cisa-warning) - - [ ] [Tata Technologies reports ransomware attack to Indian stock exchange](https://therecord.media/tata-ransomware-attack-report-incident) - - [ ] [DeepSeek a rischio blocco in Italia? Il Garante privacy chiede conto sul trattamento dei dati](https://www.cybersecurity360.it/news/deepseek-a-rischio-blocco-in-italia-il-garante-privacy-chiede-conto-sul-trattamento-dei-dati/) - - [ ] [Trovato un database di DeepSeek esposto online, senza protezioni: quali rischi](https://www.cybersecurity360.it/news/trovato-un-database-di-deepseek-esposto-online-senza-protezioni-quali-rischi/) - - [ ] [Attacchi cyber contro la Pa: come funziona la difesa del Polo Strategico Nazionale](https://www.cybersecurity360.it/cybersecurity-nazionale/polo-strategico-nazionale-a-difesa-cloud-pa/) - - [ ] [La nomina del DPO: competenze, indipendenza e incompatibilità](https://www.cybersecurity360.it/legal/privacy-dati-personali/la-nomina-del-dpo-competenze-indipendenza-e-incompatibilita/) - - [ ] [DeepSeek, ecco il lato oscuro dell’AI cinese](https://www.cybersecurity360.it/cultura-cyber/la-startup-cinese-deepseek-sfida-chatgpt-il-modello-ai-che-supera-le-restrizioni-usa/) - - [ ] [TorNet: la nuova backdoor che sfrutta la rete TOR per evadere le difese](https://www.cybersecurity360.it/news/tornet-la-nuova-backdoor-che-sfrutta-la-rete-tor-per-evadere-le-difese/) - - [ ] [Il Browser Syncjacking dirotta i nostri dispositivi sfruttando le estensioni di Chrome](https://www.cybersecurity360.it/news/il-browser-syncjacking-dirotta-i-nostri-dispositivi-sfruttando-le-estensioni-di-chrome/) - - [ ] [DeepSeek: i perché del blocco del Garante privacy e le sfide per l’UE](https://www.cybersecurity360.it/legal/blocco-deepseek-garante-privacy-le-sfide-ue/) - - [ ] [Indian tech giant Tata Technologies hit by ransomware attack](https://www.bleepingcomputer.com/news/security/indian-tech-giant-tata-technologies-hit-by-ransomware-attack/) - - [ ] [US healthcare provider data breach impacts 1 million patients](https://www.bleepingcomputer.com/news/security/us-healthcare-provider-data-breach-impacts-1-million-patients/) - - [ ] [Globe Life data breach may impact an additional 850,000 clients](https://www.bleepingcomputer.com/news/security/globe-life-data-breach-may-impact-an-additional-850-000-clients/) - - [ ] [WhatsApp says it disrupted a hacking campaign targeting journalists with Paragon spyware](https://techcrunch.com/2025/01/31/whatsapp-says-it-disrupted-a-hacking-campaign-targeting-journalists-with-spyware/) - - [ ] [Pakistan-based cybercrime network dismantled by US, Dutch authorities](https://therecord.media/pakistan-cybercrime-busted-dutch-doj) - - [ ] [Mizuno USA says hackers stayed in its network for two months](https://www.bleepingcomputer.com/news/security/mizuno-usa-says-hackers-stayed-in-its-network-for-two-months/) - - [ ] [The TechCrunch Cyber Glossary](https://techcrunch.com/2025/01/31/techcrunch-reference-guide-to-security-terminology/) - - [ ] [Sintesi riepilogativa delle campagne malevole nella settimana del 25 – 31 gennaio](https://cert-agid.gov.it/news/sintesi-riepilogativa-delle-campagne-malevole-nella-settimana-del-25-31-gennaio/) - - [ ] [Vulnerabilità Subaru: il vero problema sono le politiche di gestione dei dati](https://www.securityinfo.it/2025/01/30/vulnerabilita-subaru-il-vero-problema-sono-le-politiche-di-gestione-dei-dati/) - - [ ] [Norway seizes ship suspected of sabotage, says crew are Russian nationals](https://therecord.media/norway-seizes-ship-suspected-sabotage) - - [ ] [Police dismantles HeartSender cybercrime marketplace network](https://www.bleepingcomputer.com/news/security/police-dismantles-heartsender-cybercrime-marketplace-network/) - - [ ] [Exclusive: Heart Centre Cyberattack in Australia, DragonForce Claims Responsibility for Sensitive Data Theft](https://www.suspectfile.com/exclusive-heart-centre-cyberattack-in-australia-dragonforce-claims-responsibility-for-sensitive-data-theft/) - - [ ] [Trovata una backdoor in due dispositivi cinesi per il monitoraggio dei pazienti](https://www.securityinfo.it/2025/01/31/trovata-una-backdoor-in-due-dispositivi-cinesi-per-il-monitoraggio-dei-pazienti/) - - [ ] [One policy to rule them all](https://securelist.com/group-policies-in-cyberattacks/115331/) - - [ ] [Cyble’s Weekly Vulnerability Update: Critical SonicWall Zero-Day and Exploited Flaws Discovered](https://cyble.com/blog/cybles-weekly-vulnerability-update-critical/) - - [ ] [Dark Web Activity January 2025: A New Hacktivist Group Emerges](https://cyble.com/blog/dark-web-activity-new-hacktivist-group-emerges/) - - [ ] [KuCoin to pay nearly $300 million in penalties after guilty plea](https://www.bleepingcomputer.com/news/cryptocurrency/kucoin-to-pay-nearly-300-million-in-penalties-after-guilty-plea/) -- SANS Internet Storm Center, InfoCON: green - - [ ] [To Simulate or Replicate: Crafting Cyber Ranges, (Fri, Jan 31st)](https://isc.sans.edu/diary/rss/31642) - - [ ] [ISC Stormcast For Friday, January 31st, 2025 https://isc.sans.edu/podcastdetail/9304, (Fri, Jan 31st)](https://isc.sans.edu/diary/rss/31640) -- Posts By SpecterOps Team Members - Medium - - [ ] [SlackPirate Set Sails Again! Or: How to Send the Entire “Bee Movie” Script to Your Friends in Slack](https://posts.specterops.io/slackpirate-set-sails-again-or-how-to-send-the-entire-bee-movie-script-to-your-friends-in-slack-d9c691ae33f5?source=rss----f05f8696e3cc---4) -- Instapaper: Unread - - [ ] [DeepSeek, serve cautela ci sono pericoli per la sicurezza](https://www.cybersecurity360.it/news/deepseek-usarlo-con-cautela-ci-sono-pericoli-per-la-sicurezza/) - - [ ] [Backdoor found in two healthcare patient monitors, linked to IP in China](https://www.bleepingcomputer.com/news/security/backdoor-found-in-two-healthcare-patient-monitors-linked-to-ip-in-china/) -- Trend Micro Research, News and Perspectives - - [ ] [Future of Cybersecurity: Will XDR Absorb SIEM & SOAR?](https://www.trendmicro.com/en_us/research/25/a/xdr-siem-soar.html) -- Deeplinks - - [ ] [Copyright is a Civil Liberties Nightmare](https://www.eff.org/deeplinks/2025/01/copyright-civil-liberties-nightmare) -- Schneier on Security - - [ ] [Friday Squid Blogging: On Squid Brains](https://www.schneier.com/blog/archives/2025/01/friday-squid-blogging-on-squid-brains-2.html) -- Computer Forensics - - [ ] [Baloney Detection Kit](https://www.reddit.com/r/computerforensics/comments/1iegsc1/baloney_detection_kit/) - - [ ] [Is this normal with iphone digital forensics?](https://www.reddit.com/r/computerforensics/comments/1iegbx6/is_this_normal_with_iphone_digital_forensics/) - - [ ] [Audi transcription](https://www.reddit.com/r/computerforensics/comments/1ief751/audi_transcription/) -- Blackhat Library: Hacking techniques and research - - [ ] [New Business Opportunity](https://www.reddit.com/r/blackhat/comments/1iek6i3/new_business_opportunity/) -- Krebs on Security - - [ ] [FBI, Dutch Police Disrupt ‘Manipulaters’ Phishing Gang](https://krebsonsecurity.com/2025/01/fbi-dutch-police-disrupt-manipulaters-phishing-gang/) -- Deep Web - - [ ] [Anyone who can provide invitational links?](https://www.reddit.com/r/deepweb/comments/1iepero/anyone_who_can_provide_invitational_links/) - - [ ] [Is there a reliable list of links?](https://www.reddit.com/r/deepweb/comments/1iebzm9/is_there_a_reliable_list_of_links/) -- Your Open Hacker Community - - [ ] [Is Hacking: The Art of Exploitation still a good book for beginners in 2025?](https://www.reddit.com/r/HowToHack/comments/1ieayzm/is_hacking_the_art_of_exploitation_still_a_good/) - - [ ] [I’m stuck in my hacking learning](https://www.reddit.com/r/HowToHack/comments/1iefdhx/im_stuck_in_my_hacking_learning/) - - [ ] [Cybersecurity Roadmap After Learning Networking, Linux & Python? Need Guidance!](https://www.reddit.com/r/HowToHack/comments/1iemc6e/cybersecurity_roadmap_after_learning_networking/) - - [ ] [How to have a career in cyber security and ethical hacking?](https://www.reddit.com/r/HowToHack/comments/1iek4vz/how_to_have_a_career_in_cyber_security_and/) - - [ ] [Javascript: trying to grab a class from runtime script](https://www.reddit.com/r/HowToHack/comments/1ierdsb/javascript_trying_to_grab_a_class_from_runtime/) - - [ ] [Using embedded RTTI to reverse engineer classes.](https://www.reddit.com/r/HowToHack/comments/1ief4dz/using_embedded_rtti_to_reverse_engineer_classes/) - - [ ] [Can anyone help me find this guy he got in my mates pc and then provided a email or something](https://www.reddit.com/r/HowToHack/comments/1ieouov/can_anyone_help_me_find_this_guy_he_got_in_my/) - - [ ] [Phone hacked](https://www.reddit.com/r/HowToHack/comments/1iembsn/phone_hacked/) - - [ ] [Can we catch someone using VPN or TOR for hoax calls?](https://www.reddit.com/r/HowToHack/comments/1ie9efv/can_we_catch_someone_using_vpn_or_tor_for_hoax/) - - [ ] [I need a friend fr](https://www.reddit.com/r/HowToHack/comments/1ies4at/i_need_a_friend_fr/) - - [ ] [Can someone send me a phishing link and then say my password etc.](https://www.reddit.com/r/HowToHack/comments/1ieriwo/can_someone_send_me_a_phishing_link_and_then_say/) - - [ ] [hi if anyone is available I need a little help](https://www.reddit.com/r/HowToHack/comments/1iesp85/hi_if_anyone_is_available_i_need_a_little_help/) - - [ ] [What's I need to learn?](https://www.reddit.com/r/HowToHack/comments/1ie6pza/whats_i_need_to_learn/) - - [ ] [Trying to find a way to expose a racist, can you help?](https://www.reddit.com/r/HowToHack/comments/1iep6ol/trying_to_find_a_way_to_expose_a_racist_can_you/) - - [ ] [Phishing links](https://www.reddit.com/r/HowToHack/comments/1ie49f5/phishing_links/) - - [ ] [Android Rat](https://www.reddit.com/r/HowToHack/comments/1iejeu5/android_rat/) - - [ ] [Has anyone “created” their own WHID Cactus?](https://www.reddit.com/r/HowToHack/comments/1ie23b8/has_anyone_created_their_own_whid_cactus/) - - [ ] [Hello guys, I wanted to ddos attack on my college website, how can I do?](https://www.reddit.com/r/HowToHack/comments/1ieiva8/hello_guys_i_wanted_to_ddos_attack_on_my_college/) - - [ ] [Best way to get started in ethical hacking and pentesting?](https://www.reddit.com/r/HowToHack/comments/1iedc7i/best_way_to_get_started_in_ethical_hacking_and/) -- netsecstudents: Subreddit for students studying Network Security and its related subjects - - [ ] [🔥 Evolution of Wi-Fi Security: From WEP to WPA3 🔥](https://www.reddit.com/r/netsecstudents/comments/1ie274v/evolution_of_wifi_security_from_wep_to_wpa3/) -- The Register - Security - - [ ] [The Big Short on Cybersecurity](https://go.theregister.com/feed/www.theregister.com/2025/01/31/the_big_short_on_cybersecurity/) - - [ ] [Another banner year for ransomware gangs despite takedowns by the cops](https://go.theregister.com/feed/www.theregister.com/2025/01/31/banner_year_for_ransomware_gangs/) - - [ ] [Google to Iran: Yes, we see you using Gemini for phishing and scripting. We're onto you](https://go.theregister.com/feed/www.theregister.com/2025/01/31/state_spies_google_gemini/) -- Palo Alto Networks Blog - - [ ] [DeepSeek’s Rise Shows AI Security Remains a Moving Target](https://www.paloaltonetworks.com/blog/2025/01/deepseek-rise-shows-ai-security-remains-moving-target/) -- Social Engineering - - [ ] [How We Used Psychology To Increase Positive Reviews](https://www.reddit.com/r/SocialEngineering/comments/1iecatk/how_we_used_psychology_to_increase_positive/) -- Information Security - - [ ] [3 Cyber Attacks in January 2025](https://www.reddit.com/r/Information_Security/comments/1ieeo5l/3_cyber_attacks_in_january_2025/) + - [ ] [Google says hackers abuse Gemini AI to empower their attacks](https://www.bleepingcomputer.com/news/security/google-says-hackers-abuse-gemini-ai-to-empower-their-attacks/) + - [ ] [Vulnerability & Patch Roundup — January 2025](https://blog.sucuri.net/2025/01/vulnerability-patch-roundup-january-2025.html) +- Hacking Exposed Computer Forensics Blog + - [ ] [Daily Blog #735: Zeltser Challenge Spotlight on Argelius Labs](https://www.hecfblog.com/2025/01/daily-blog-735-zeltser-challenge.html) - The Hacker News - - [ ] [CISA and FDA Warn of Critical Backdoor in Contec CMS8000 Patient Monitors](https://thehackernews.com/2025/01/cisa-and-fda-warn-of-critical-backdoor.html) - - [ ] [Top 5 AI-Powered Social Engineering Attacks](https://thehackernews.com/2025/01/top-5-ai-powered-social-engineering.html) - - [ ] [Italy Bans Chinese DeepSeek AI Over Data Privacy and Ethical Concerns](https://thehackernews.com/2025/01/italy-bans-chinese-deepseek-ai-over.html) - - [ ] [Google Bans 158,000 Malicious Android App Developer Accounts in 2024](https://thehackernews.com/2025/01/google-bans-158000-malicious-android.html) - - [ ] [Broadcom Patches VMware Aria Flaws – Exploits May Lead to Credential Theft](https://thehackernews.com/2025/01/broadcom-patches-vmware-aria-flaws.html) + - [ ] [U.S. and Dutch Authorities Dismantle 39 Domains Linked to BEC Fraud Network](https://thehackernews.com/2025/02/us-and-dutch-authorities-dismantle-39.html) + - [ ] [BeyondTrust Zero-Day Breach Exposed 17 SaaS Customers via Compromised API Key](https://thehackernews.com/2025/02/beyondtrust-zero-day-breach-exposes-17.html) + - [ ] [Meta Confirms Zero-Click WhatsApp Spyware Attack Targeting 90 Journalists, Activists](https://thehackernews.com/2025/02/meta-confirms-zero-click-whatsapp.html) + - [ ] [Malvertising Scam Uses Fake Google Ads to Hijack Microsoft Advertising Accounts](https://thehackernews.com/2025/02/malvertising-scam-uses-fake-google-ads.html) - TorrentFreak - - [ ] [Pirate Libraries Are Forbidden Fruit for AI Companies. But at What Cost?](https://torrentfreak.com/pirate-libraries-are-forbidden-fruit-for-ai-companies-but-at-what-cost-250131/) - - [ ] [Court Rejects Musi’s Bid to Force Apple to Reinstate its Music App](https://torrentfreak.com/court-rejects-musis-bid-to-force-apple-to-reinstate-its-music-app-250131/) -- Security Affairs - - [ ] [Community Health Center data breach impacted over 1 million patients](https://securityaffairs.com/173687/data-breach/community-health-center-data-breach.html) - - [ ] [Italy’s data protection authority Garante blocked the DeepSeek AI platform](https://securityaffairs.com/173680/security/italys-data-protection-authority-garante-blocked-deepseek.html) - - [ ] [Broadcom fixed information disclosure flaws in VMware Aria Operations](https://securityaffairs.com/173677/security/vmware-aria-operations-flaws.html) + - [ ] [Anna’s Archive Urges AI Copyright Overhaul to Protect National Security](https://torrentfreak.com/annas-archive-urges-ai-copyright-overhaul-to-protect-national-security-250201/) + - [ ] [FADPA: MPA’s Export-Only Site-Blocking Primed For Full Strength U.S. Launch](https://torrentfreak.com/fadpa-mpa-export-only-site-blocking-primed-for-full-strength-u-s-launch-250201/) - Technical Information Security Content & Discussion - - [ ] [SlackPirate Set Sails Again! Or: How to Send the Entire “Bee Movie” Script to Your Friends in Slack](https://www.reddit.com/r/netsec/comments/1iejrzh/slackpirate_set_sails_again_or_how_to_send_the/) - - [ ] [Cisco Webex Connect - Unauthenticated access to all chats](https://www.reddit.com/r/netsec/comments/1iebyye/cisco_webex_connect_unauthenticated_access_to_all/) - - [ ] [RCE (LAN) in Marvel Rivals](https://www.reddit.com/r/netsec/comments/1iecdx2/rce_lan_in_marvel_rivals/) - - [ ] [CRLF injection via TryAddWithoutValidation in .NET](https://www.reddit.com/r/netsec/comments/1iean5l/crlf_injection_via_tryaddwithoutvalidation_in_net/) -- 网安寻路人 - - [ ] [欧盟《网络复原力法》全文翻译](https://mp.weixin.qq.com/s?__biz=MzIxODM0NDU4MQ==&mid=2247506421&idx=1&sn=f3b2c847cf7748ef86bc68daa496de01&chksm=97e9641fa09eed095158a4f84b80d0b52ad9fe6ab463c8869e956608d218c6715d95e0a3ce92&scene=58&subscene=0#rd) -- Security Weekly Podcast Network (Audio) - - [ ] [.ASS, Deepseek, AI Time Travel, Google, HeartBlocker, TikTok, Aaran Leyland, and More - SWN #447](http://sites.libsyn.com/18678/ass-deepseek-ai-time-travel-google-heartblocker-tiktok-aaran-leyland-and-more-swn-447) + - [ ] [Everyone knows your location: tracking myself down through in-app ads](https://www.reddit.com/r/netsec/comments/1if344u/everyone_knows_your_location_tracking_myself_down/) +- Computer Forensics + - [ ] [Pointers for how-to file craving courses](https://www.reddit.com/r/computerforensics/comments/1ifj53x/pointers_for_howto_file_craving_courses/) + - [ ] [Looking for complete guidance and roadmap to become an expert in digital forensics.](https://www.reddit.com/r/computerforensics/comments/1ifitvw/looking_for_complete_guidance_and_roadmap_to/) + - [ ] [Finding a Digital Forensics job?](https://www.reddit.com/r/computerforensics/comments/1if2p5r/finding_a_digital_forensics_job/) + - [ ] [iPhone daily backup BFU](https://www.reddit.com/r/computerforensics/comments/1iewy9p/iphone_daily_backup_bfu/) +- Security Affairs + - [ ] [A ransomware attack forced New York Blood Center to reschedule appointments](https://securityaffairs.com/173702/cyber-crime/new-york-blood-center-faced-ransomware-attack.html) + - [ ] [Contec CMS8000 patient monitors contain a hidden backdoor](https://securityaffairs.com/173694/security/cisa-fda-warned-hidden-backdoor-in-contec-cms8000.html) +- Social Engineering + - [ ] [Social Engineering Con - Layer 8?](https://www.reddit.com/r/SocialEngineering/comments/1if8m7n/social_engineering_con_layer_8/) +- Your Open Hacker Community + - [ ] [Using windows as a beginner](https://www.reddit.com/r/HowToHack/comments/1ifjgf3/using_windows_as_a_beginner/) + - [ ] [In search for friends](https://www.reddit.com/r/HowToHack/comments/1iewofv/in_search_for_friends/) + - [ ] [Need help with an AI security challenge](https://www.reddit.com/r/HowToHack/comments/1if4g8x/need_help_with_an_ai_security_challenge/) + - [ ] [[Repost] Magnetic Card Reader for Linux Devices](https://www.reddit.com/r/HowToHack/comments/1ifgf3x/repost_magnetic_card_reader_for_linux_devices/) + - [ ] [Need help getting my microsoft account back](https://www.reddit.com/r/HowToHack/comments/1if68fl/need_help_getting_my_microsoft_account_back/) + - [ ] [Please can someone help me!](https://www.reddit.com/r/HowToHack/comments/1if6zdm/please_can_someone_help_me/) + - [ ] [Career opportunities](https://www.reddit.com/r/HowToHack/comments/1iex9k8/career_opportunities/) + - [ ] [Bash](https://www.reddit.com/r/HowToHack/comments/1ievtjc/bash/) + - [ ] [I need help](https://www.reddit.com/r/HowToHack/comments/1ieuef3/i_need_help/) From 13cd022105353419896208d7b1004763500e1879 Mon Sep 17 00:00:00 2001 From: chainreactorbot Date: Mon, 3 Feb 2025 02:46:05 +0000 Subject: [PATCH 27/29] =?UTF-8?q?=E6=AF=8F=E6=97=A5=E5=AE=89=E5=85=A8?= =?UTF-8?q?=E8=B5=84=E8=AE=AF=EF=BC=882025-02-03=EF=BC=89?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- archive/daily/2025/2025-02-03.md | 228 +++++++++++++++ archive/tmp/2025-02-03.json | 262 +++++++++++++++++ today.md | 487 ++++++++++++++----------------- 3 files changed, 707 insertions(+), 270 deletions(-) create mode 100644 archive/daily/2025/2025-02-03.md create mode 100644 archive/tmp/2025-02-03.json diff --git a/archive/daily/2025/2025-02-03.md b/archive/daily/2025/2025-02-03.md new file mode 100644 index 0000000000..b642bcf13b --- /dev/null +++ b/archive/daily/2025/2025-02-03.md @@ -0,0 +1,228 @@ +# 每日安全资讯(2025-02-03) + +- SecWiki News + - [ ] [SecWiki News 2025-02-02 Review](http://www.sec-wiki.com/?2025-02-02) +- Doonsec's feed + - [ ] [秦安:特朗普表态DeepSeek,新质生产力文化力国防力进入生死抉择](https://mp.weixin.qq.com/s?__biz=MzA5MDg1MDUyMA==&mid=2650476446&idx=1&sn=667c5ecbfb13d7afed253e28d76959e5) + - [ ] [Fastjson1.2.24反序列化利用](https://mp.weixin.qq.com/s?__biz=Mzk0NDYwOTcxNg==&mid=2247485410&idx=1&sn=1ec1af3a9daa8bede6b50c48d4c6ad22) + - [ ] [【oscp】SickOS系列全教程](https://mp.weixin.qq.com/s?__biz=MzU2MTc4NTEyNw==&mid=2247486459&idx=1&sn=bdb973718eb5b746ffb36010c1126ab7) + - [ ] [泰国拟对妙瓦底地区断电](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650559426&idx=1&sn=319562dc0c95468cf20353c016f72e52) + - [ ] [新年第一周,网络安全“重启”:关键防护措施与实战指南](https://mp.weixin.qq.com/s?__biz=MzA4MzMzOTQ4Mw==&mid=2453672545&idx=1&sn=be79c51468776f970b7c557484e9c3d3) + - [ ] [DeepSeek 容易受到各种越狱策略的攻击](https://mp.weixin.qq.com/s?__biz=MzU2NDY2OTU4Nw==&mid=2247518533&idx=1&sn=b33cca1bd4585c8e72b323541ed3a3bd) + - [ ] [世界需要一个能谋善断的AI(六):关于DeepSeek出圈的思考](https://mp.weixin.qq.com/s?__biz=MzAxOTk3NTg5OQ==&mid=2247492311&idx=1&sn=0d662ce191c8997b8885a692a22c2b92) + - [ ] [DeepSeek R1 模型本地部署教程](https://mp.weixin.qq.com/s?__biz=MzkyOTQ4NTc3Nw==&mid=2247485501&idx=1&sn=d28152a69a687bbe9607eb0e813fd760) + - [ ] [如何通过情报分析一个人](https://mp.weixin.qq.com/s?__biz=MzkxMDIwMTMxMw==&mid=2247494517&idx=1&sn=640bcd44db8abcf1392a66a843ac737f) + - [ ] [GenAI技术栈市场分析](https://mp.weixin.qq.com/s?__biz=MjM5OTk4MDE2MA==&mid=2655264940&idx=1&sn=4e9a9d38cff3eda388d2841790e8eee6) + - [ ] [2025年,自己要做自己的灯塔!](https://mp.weixin.qq.com/s?__biz=MzA3OTg3Mjg3NA==&mid=2456976653&idx=1&sn=66f686a7f02b5f57cbff18b32be74a3a) + - [ ] [手把手教你如何本地化部署DeepSeek](https://mp.weixin.qq.com/s?__biz=MzIzMTIzNTM0MA==&mid=2247497017&idx=1&sn=c755513c5dbf6ec01ad0d40eba61ae44) + - [ ] [Hashcat vs John the Ripper:两大密码破解神器深度对比](https://mp.weixin.qq.com/s?__biz=MzI5MjY4MTMyMQ==&mid=2247489899&idx=1&sn=52471d15e881d9f921886305d9ac0fdd) + - [ ] [perplexity支持DeepSeek R1和o3-mini模型](https://mp.weixin.qq.com/s?__biz=MzkxNzY0Mzg2OQ==&mid=2247486282&idx=1&sn=c92a5e3be98e56ca2240a51d2c366462) + - [ ] [[系统安全] 六十二.恶意软件分析 (13)LLM赋能实现基于机器学习的恶意家族分类(初探)](https://mp.weixin.qq.com/s?__biz=Mzg5MTM5ODU2Mg==&mid=2247501299&idx=1&sn=c461a9440fcea0ecee2c1d78cdda5cdd) + - [ ] [聊聊国内的数据安全尺度问题](https://mp.weixin.qq.com/s?__biz=MzI1Mjc3NTUwMQ==&mid=2247538549&idx=1&sn=521c18c3ae58546adae92616cb83808f) + - [ ] [美国CISA报告称Contec病人监护仪存在后门](https://mp.weixin.qq.com/s?__biz=MzkwOTM0MjI5NQ==&mid=2247488058&idx=1&sn=f2da86198b12bcad5bde72ea431dcdcc) + - [ ] [【AI】DeepSeek 概念/影响/使用/部署](https://mp.weixin.qq.com/s?__biz=MzUyNTUyNTA5OQ==&mid=2247484881&idx=1&sn=1ce74fe3cc4869f130e0b068ec229f45) + - [ ] [FUZZ出来的一系列漏洞](https://mp.weixin.qq.com/s?__biz=MzkxNzY2MjU2Mg==&mid=2247483819&idx=1&sn=f720e0623daf07c7838527d03dce27e1) + - [ ] [DeepSeek(R1) vs Gpt-o3-mini(-high)](https://mp.weixin.qq.com/s?__biz=MzU5Mzk3NTE0Mw==&mid=2247483715&idx=1&sn=8f936ef2f0c039f3e1d7bbf3d7bf66df) + - [ ] [【AI】人工智能没那么神秘!](https://mp.weixin.qq.com/s?__biz=MzUyNTUyNTA5OQ==&mid=2247484879&idx=1&sn=5ad4a8e0fe4d3be18ea0f01e2935473f) + - [ ] [安全圈瓜田理下集合【2025/2/2】](https://mp.weixin.qq.com/s?__biz=MzAxNzg3NzMyNQ==&mid=2247489548&idx=1&sn=b9efc35c8d73c866d549db2234a7d17c) + - [ ] [不藏了!Wireshark 命令、捕获、过滤器大全分享给你](https://mp.weixin.qq.com/s?__biz=MzIyMzIwNzAxMQ==&mid=2649464775&idx=1&sn=26133889c68b7a82c112264dd161d512) + - [ ] [二层交换机和三层交换机到底有啥区别?2025年最新讲解!](https://mp.weixin.qq.com/s?__biz=MzUyNTExOTY1Nw==&mid=2247528073&idx=1&sn=6301a2e8fc2761c557904a0f410d59e7) + - [ ] [使用 NTP 进行定向 Timeroasting 窃取用户哈希值](https://mp.weixin.qq.com/s?__biz=MzAxODM5ODQzNQ==&mid=2247486924&idx=1&sn=bffa91f44bad8f39b89a25f21e0b1a59) + - [ ] [渗透测试工程师常用的搜索引擎](https://mp.weixin.qq.com/s?__biz=Mzg2MTc1MjY5OQ==&mid=2247486249&idx=1&sn=1e366c735cb526d8ed13cace6f26cc1e) + - [ ] [停更几日 找工作去了](https://mp.weixin.qq.com/s?__biz=Mzg4MTkwMTI5Mw==&mid=2247488841&idx=1&sn=57abcbe7def662f4b2fbc518fcf718f0) + - [ ] [DeepSeek老板梁文峰,谈近期热点问题](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485509&idx=1&sn=1af3f439672105c862f4bb0091c3f3a2) + - [ ] [北七家-未来科学城,3居变4居豪装,理想楼层/户型/朝向](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485509&idx=2&sn=670e807204cde52fca39474b57618c52) + - [ ] [【干货】笑傲职场的独家经验(1)](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485509&idx=3&sn=62c6e7a1ff368ba3cbd91298ad18483c) + - [ ] [【干货原创】实网攻防演习常态化,会带来什么变化01](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485509&idx=4&sn=57569d432f14f1f8ee639997920b435c) + - [ ] [汽车诊断及OBD和UDS协议的基础概念介绍](https://mp.weixin.qq.com/s?__biz=MzIzOTc2OTAxMg==&mid=2247549670&idx=1&sn=1e77e974f9698cc0d74c125e9eb62288) + - [ ] [揭示AUTOSAR中隐藏的漏洞](https://mp.weixin.qq.com/s?__biz=MzIzOTc2OTAxMg==&mid=2247549670&idx=2&sn=5f3fb6a0f0d849bdcf52c3b088620c0e) + - [ ] [【2025-02-02】黑客新闻摘要](https://mp.weixin.qq.com/s?__biz=MzIzNDU5NTI4OQ==&mid=2247488410&idx=1&sn=d520eefe614e2ce5642067897cf29310) + - [ ] [Tenable收购Vulcan Cyber,继续加速巩固暴露风险管理市场的领导地位](https://mp.weixin.qq.com/s?__biz=MzIyMTg0MTE3MA==&mid=2247487464&idx=1&sn=b2896c8828c9fe6b47d1296c0436f95f) + - [ ] [收藏 | dotNet安全矩阵 2024 年度本地权限操作阶段文章和工具汇总](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498654&idx=1&sn=5900448e0b83460002b339bdd888b89a) + - [ ] [国内最专业、最全面的 [ .NET 代码审计 ] 体系化学习交流社区](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498654&idx=2&sn=ec3a4a0258a1e9eba731417aa3354ed2) + - [ ] [总结 | 2024 年度内网实战攻防电子报刊 34 篇文章内容汇总](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498654&idx=3&sn=5f3ba6adeafc3eeeb6bac4a8709281f6) + - [ ] [高效、安全的 V2X PKI 与全球统一解决方案的集成](https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247620303&idx=1&sn=cd6c84599aef8f9308d3a9275a265bf1) + - [ ] [在软件定义汽车中实现安全的全球时间同步](https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247620303&idx=2&sn=c6f1e1c62c277153dfadbdb7bb7f03f3) + - [ ] [全球数据隐私、数据安全与网络安全技术发展报告](https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247620303&idx=3&sn=a94ce29de1c0b7625c8efc9602d3a095) + - [ ] [一款使用Rust编写的PE加壳器](https://mp.weixin.qq.com/s?__biz=MzA4ODEyODA3MQ==&mid=2247490280&idx=1&sn=27a8a52ec1103e01e0110d3cd8177b5d) + - [ ] [LockBit勒索软件案例(CS+Socks5)](https://mp.weixin.qq.com/s?__biz=MzkzMDE3ODc1Mw==&mid=2247489011&idx=1&sn=cdefefd425a7437c3ef0df558eb05375) + - [ ] [以小见大,彻底理解 cookie,session,token 之间的关系,通俗易懂](https://mp.weixin.qq.com/s?__biz=MzkxMzMyNzMyMA==&mid=2247570694&idx=1&sn=29f7161a798e3c693f2e07545a8b52ff) + - [ ] [Troll系列---Troll1靶场](https://mp.weixin.qq.com/s?__biz=Mzk1NzIzMzQ3OA==&mid=2247484332&idx=1&sn=fba78491557f3cbc1ee34fbedc0cd8bd) + - [ ] [2024年十大网络安全事件盘点](https://mp.weixin.qq.com/s?__biz=MzIxMDIwODM2MA==&mid=2653931483&idx=1&sn=5ee0aaf91c5db8412e184d348b4a1d06) + - [ ] [奇瑞汽车申请信息安全传输专利,防止多种攻击手段](https://mp.weixin.qq.com/s?__biz=MzIxMDIwODM2MA==&mid=2653931483&idx=2&sn=59bdf40380a2fc0d3df5b2d3a9d8b1e7) + - [ ] [【吃瓜】我家有女初长成!](https://mp.weixin.qq.com/s?__biz=MzU3MjU4MjM3MQ==&mid=2247489723&idx=1&sn=93b809a5e3a62b231b628e053aa39e98) + - [ ] [日志文件分析](https://mp.weixin.qq.com/s?__biz=Mzk1Nzc0MzY3NA==&mid=2247483783&idx=1&sn=4793ee638a53387ff52638f428afaa4c) + - [ ] [【吃瓜】某官方媒体下场传播Deepseek谣言](https://mp.weixin.qq.com/s?__biz=Mzg4MTkwMTI5Mw==&mid=2247488836&idx=1&sn=0b4b90b809d4d1d411d9d7cb07bb41dd) + - [ ] [[靶场复现计划]CSLAB Thunder](https://mp.weixin.qq.com/s?__biz=MzkxOTYwMDI2OA==&mid=2247484342&idx=1&sn=fbf99114ba0a7734a34ca35d09047003) + - [ ] [2025 Arch Linux 配置与常用操作指南](https://mp.weixin.qq.com/s?__biz=Mzg4MzgwMDE2Mw==&mid=2247488266&idx=1&sn=231087764693c81ab974ce49aaa367fd) + - [ ] [deepseek用不了解决方案 siliconflow](https://mp.weixin.qq.com/s?__biz=MzkxNjMwNDUxNg==&mid=2247487263&idx=1&sn=fa27a458767be5da87e8f0dd2959ac90) + - [ ] [星火年鉴· 品牌生态篇 | 2024星火品牌与市场生态亮点回顾](https://mp.weixin.qq.com/s?__biz=MzU1OTUxNTI1NA==&mid=2247592385&idx=1&sn=13ab2eff27d3b4532a504eb26a695327) + - [ ] [纯动嘴让DeepSeek给自己写一个壳](https://mp.weixin.qq.com/s?__biz=MzA3NDE0NTY0OQ==&mid=2247484313&idx=1&sn=8e3f8f76629035619e1743da5afd28a1) + - [ ] [网络安全新手必看:你的电脑够硬核吗?CTF 神器选购指南!](https://mp.weixin.qq.com/s?__biz=MzA3NDE0NTY0OQ==&mid=2247484313&idx=2&sn=4562514cd4be9ea89f1ed48f7e33ddf2) + - [ ] [Microsoft SQL Server 中的 RCE:探索错误配置并获得命令执行能力](https://mp.weixin.qq.com/s?__biz=MzAxMjYyMzkwOA==&mid=2247527476&idx=1&sn=3c6e650cd3989e4318e4de87b1cab4a3) + - [ ] [通过 JSON 文件上传进行存储型 XSS](https://mp.weixin.qq.com/s?__biz=MzAxMjYyMzkwOA==&mid=2247527476&idx=2&sn=52e6aaaaa606bc10d5c53f2ab36dab9d) + - [ ] [网安人的Deepseek使用指南](https://mp.weixin.qq.com/s?__biz=MzkxMDU5MzY0NQ==&mid=2247484471&idx=1&sn=19de64512beab336b1d931e46707a4f3) + - [ ] [国内首家!360推出“DeepSeek版”安全大模型](https://mp.weixin.qq.com/s?__biz=MzA4MTg0MDQ4Nw==&mid=2247579300&idx=1&sn=fb81fc2b90cac494c296287ef221c64f) + - [ ] [大年初五 | 蛇报佳春,万“巳”大吉](https://mp.weixin.qq.com/s?__biz=MzA4MTg0MDQ4Nw==&mid=2247579300&idx=2&sn=c06abb2df32188e9b4d4cda59aad3c1a) + - [ ] [教练,我想做红客](https://mp.weixin.qq.com/s?__biz=Mzg4NzgzMjUzOA==&mid=2247485481&idx=1&sn=8bb195be87285a44b7949441eeb4d438) + - [ ] [三步教你使用ollama+chatboxai本地部署DeepSeek-R1(含电脑配置参考)](https://mp.weixin.qq.com/s?__biz=MzkzMjIxNjExNg==&mid=2247486256&idx=1&sn=0e5e16559014d6990e2655f742bbf8c3) + - [ ] [设备管理系统开发:结合FastAPI+uvicorn技术(V2.3版本)](https://mp.weixin.qq.com/s?__biz=MzAxMDIwNjg2MA==&mid=2247486192&idx=1&sn=b7addf22dac6c645a9e16f0cd71da809) + - [ ] [大年初五迎财神|大吉大利,八方来财](https://mp.weixin.qq.com/s?__biz=MzI3NzMzNzE5Ng==&mid=2247489523&idx=1&sn=8bb39b35916f60e2052342891502afc1) + - [ ] [政府媒体下场!证明“宇宙镜像防御系统”“在黑客电脑放大悲咒”都是真的!](https://mp.weixin.qq.com/s?__biz=MzkyOTQzNjIwNw==&mid=2247491692&idx=1&sn=b3bb6b0e8bc8cf46f507d2af76f7e46f) + - [ ] [2024年近2亿人受影响,美国医疗成重点攻击目标](https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651313350&idx=1&sn=14f2e762074e1c311ff513905bd74451) + - [ ] [新型僵尸网络正对路由器、摄像头等设备发起大规模DDoS攻击](https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651313350&idx=2&sn=325091293f887d4b02b45a66abdcc9b9) + - [ ] [无需拆机!Windows 11 BitLocker加密文件被破解](https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651313350&idx=3&sn=d66f493838161567f4aa1ccfefa9c7da) + - [ ] [记一次框架利用接管学工系统](https://mp.weixin.qq.com/s?__biz=MzUyODkwNDIyMg==&mid=2247547536&idx=1&sn=3c4f0b94df8e73bc5c8f02e75f6bf1f9) + - [ ] [Zyxel CPE 设备遭遇大规模攻击:关键漏洞(CVE-2024-40891)仍未修复!](https://mp.weixin.qq.com/s?__biz=Mzg3OTYxODQxNg==&mid=2247485684&idx=1&sn=ca0044c1a5698a1a8bad3d17b325b3a4) + - [ ] [国内黑产组织利用AWS 和 Azure进行诈骗活动](https://mp.weixin.qq.com/s?__biz=MzkzNDIzNDUxOQ==&mid=2247494701&idx=1&sn=3e0582b510dbccde979bed07cc7c3488) + - [ ] [DeepSeek 突破了西方对于强大AI开发的垄断](https://mp.weixin.qq.com/s?__biz=MzkzNDIzNDUxOQ==&mid=2247494701&idx=2&sn=e859fa26b1c6c3b3a0de07cd580f711d) + - [ ] [奇幻爽文之风终于吹到了网安](https://mp.weixin.qq.com/s?__biz=Mzg4Njc0Mjc3NQ==&mid=2247486634&idx=1&sn=0dc181deac52d82cd9a46eab2a487461) + - [ ] [【2025春节】解题领红包活动排行榜(初五 2/2)](https://mp.weixin.qq.com/s?__biz=MjM5Mjc3MDM2Mw==&mid=2651141668&idx=1&sn=82663ea0981e0c6f1544bb1fe7ab6bb8) + - [ ] [时间强盗漏洞:ChatGPT绕过敏感话题安全防护](https://mp.weixin.qq.com/s?__biz=MzAxMjE3ODU3MQ==&mid=2650607394&idx=1&sn=387b2dc9dd6ebd7d27288d882c5d9832) + - [ ] [虚假谷歌广告瞄准微软广告账户,恶意软件攻击再升级](https://mp.weixin.qq.com/s?__biz=MzAxMjE3ODU3MQ==&mid=2650607394&idx=2&sn=9afd369d22b8ae77608115d1b2309b66) + - [ ] [一些木马反制技巧](https://mp.weixin.qq.com/s?__biz=MzAxMjE3ODU3MQ==&mid=2650607394&idx=3&sn=f2dbe4fa4dc6ad21d2bbc79d3e38c60b) + - [ ] [Burpsuite存储桶配置不当漏洞检测插件](https://mp.weixin.qq.com/s?__biz=MzAxMjE3ODU3MQ==&mid=2650607394&idx=4&sn=d21b7373ba4514475e76fc1e86673954) + - [ ] [掌握这些隐藏技巧,快速生成高质量美学论文初稿指南!](https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247493260&idx=1&sn=6e7603d4bf552141b202da8e2c7226ef) + - [ ] [掌握中国史论文写作的文献综述绝技:解锁每个研究生都该懂的内部秘笈。](https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247493260&idx=2&sn=20c75c3aa689fee6c249bf331d9695e1) + - [ ] [掌握AI军事战略论文初稿的5种极致写作技巧,用ChatGPT打造高效论文写作流程!](https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247493260&idx=3&sn=9a4e44b87ce1049e024adfebfd892d5b) + - [ ] [掌握ChatGPT人力资源管理论文大纲的完善攻略,新手也能3小时上手。](https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247493260&idx=4&sn=d4c9789e053207760dc89bc30e97bdbe) + - [ ] [掌握ChatGPT特殊教育论文审稿的内部高阶技巧,审稿速度提升200%!](https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247493260&idx=5&sn=1b7188bc90a73bd66bfbd639ffb205c1) + - [ ] [初五接财神 | 顺风顺水,八方来财](https://mp.weixin.qq.com/s?__biz=Mzk0ODI4MDI4Nw==&mid=2247494628&idx=1&sn=86f1f585e2527dffb49f31e3cb3b77e6) + - [ ] [初五财神到,火绒安全祝大家蛇年行大运,事事皆顺遂~](https://mp.weixin.qq.com/s?__biz=MzI3NjYzMDM1Mg==&mid=2247522009&idx=1&sn=427a7360c75c10d3278f62a51ef5b068) + - [ ] [诚邀渠道合作伙伴共启新征程](https://mp.weixin.qq.com/s?__biz=MzI3NjYzMDM1Mg==&mid=2247522009&idx=2&sn=ca2b184d62f7ecba76d349a8faa6d2bf) + - [ ] [MQTT协议安全攻击面技术分析总结](https://mp.weixin.qq.com/s?__biz=MjM5MjEyMTcyMQ==&mid=2651037465&idx=1&sn=c91979cf125a6f93d28586817671f1d7) + - [ ] [大年初五吉祥如意](https://mp.weixin.qq.com/s?__biz=Mzg3NTU3NTY0Nw==&mid=2247489546&idx=1&sn=48d30c9bf0c189657c24003dd0ef3551) + - [ ] [大年初五 巳蛇呈祥](https://mp.weixin.qq.com/s?__biz=Mzg2MTU5ODQ2Mg==&mid=2247507177&idx=1&sn=c70f06c1d86e5a233713734b6ee2f9ce) + - [ ] [数字取证之呈现证据u200c](https://mp.weixin.qq.com/s?__biz=MjM5OTk4MDE2MA==&mid=2655264934&idx=1&sn=b566f40a1e56c1ead34ae7196ce9f9b8) + - [ ] [DeepSeek的R1与R1-Zero:技术差异与AI风险管控](https://mp.weixin.qq.com/s?__biz=MzIxODM0NDU4MQ==&mid=2247506432&idx=1&sn=ddb2b818c020739b2b004f3cfcb69a91) + - [ ] [Nmap高级攻击指南:用官方工具实施SYN欺骗攻击](https://mp.weixin.qq.com/s?__biz=MzkxOTUyOTc0NQ==&mid=2247493009&idx=1&sn=4450fdf706551f053287269ac3017075) + - [ ] [迎财神](https://mp.weixin.qq.com/s?__biz=Mzg2Mzg2NDM0NA==&mid=2247484863&idx=1&sn=38cb397e43ce3141523a19c0581ad5e1) + - [ ] [90%企业等保无效?红蓝对抗揭露真相!](https://mp.weixin.qq.com/s?__biz=MzIwMzIyMjYzNA==&mid=2247517989&idx=1&sn=c773878e5458413dc7f713382eb2c815) + - [ ] [迎财神,送福到,愿您在新的一年里,财运旺盛,心想事成!](https://mp.weixin.qq.com/s?__biz=MjM5NzU4NjkyMw==&mid=2650747926&idx=1&sn=51b6804dd2334ea79d326a1a7717461a) + - [ ] [谁说红客只会蹭!过来看看他们的实力!](https://mp.weixin.qq.com/s?__biz=Mzk0MzY3MDE5Mg==&mid=2247484028&idx=1&sn=5854fd05510860e4b1a8934a02138131) + - [ ] [红盟只会蹭!](https://mp.weixin.qq.com/s?__biz=MzkwMTU2NzMwOQ==&mid=2247484533&idx=1&sn=6247c1831a0bfd5ce1a4b0733b912d9c) + - [ ] [ISO 45001: 2018 标准详解与实施(13)6.2 职业健康安全目标及其实现的策划](https://mp.weixin.qq.com/s?__biz=MzA5OTEyNzc1Nw==&mid=2247486058&idx=1&sn=5999aad43bc68811dab5ca40c639b197) + - [ ] [实战内测-某内测项目站点FUZZ到SQL注入](https://mp.weixin.qq.com/s?__biz=Mzk0Mzc1MTI2Nw==&mid=2247487449&idx=1&sn=bae043c1e8117312d3d18624f4c070a5) + - [ ] [大年初五丨安天捕风给您拜年了](https://mp.weixin.qq.com/s?__biz=MjM5MTA3Nzk4MQ==&mid=2650209925&idx=1&sn=b804ce5af784fca3a1e05a9077cdf1c2) + - [ ] [正月初五 | 五福临门 招财进宝](https://mp.weixin.qq.com/s?__biz=MzI2MzU0NTk3OA==&mid=2247506084&idx=1&sn=beab459a146e3c03036ca82226a1c621) + - [ ] [Meta 确认零点击 WhatsApp 间谍软件攻击针对 90 名记者和活动人士](https://mp.weixin.qq.com/s?__biz=MzI2NzAwOTg4NQ==&mid=2649794014&idx=1&sn=0bf99aa1e7fb87b545c84b364e027dc0) + - [ ] [大年初五|接财神](https://mp.weixin.qq.com/s?__biz=MzUyMjAyODU1NA==&mid=2247491950&idx=1&sn=f325c8233c093a74fde97c588f87e12a) + - [ ] [Shoko:动漫管理的另一种选择,完美集成Plex、Jellyfin、Kodi](https://mp.weixin.qq.com/s?__biz=MzA4MjkzMTcxMg==&mid=2449046777&idx=1&sn=a0ad55fed18cd06f87ff32c4f5be473b) + - [ ] [初五 | 财源滚滚万事顺,鸿运当头福临门!](https://mp.weixin.qq.com/s?__biz=MzU4NjY4MDAyNQ==&mid=2247497082&idx=1&sn=9b4b2f985f0aa0b0b50392da125f46fe) + - [ ] [正月初五 | 财安福来](https://mp.weixin.qq.com/s?__biz=Mzg2NDU3Mzc5OA==&mid=2247489780&idx=1&sn=76693eb6e5caa655bd2a6320c1ae8629) + - [ ] [大年初五 五福临门](https://mp.weixin.qq.com/s?__biz=MjM5NzE0NTIxMg==&mid=2651135292&idx=1&sn=0c7186a57a71bbffcf1d576a5e3176ff) + - [ ] [正月初五迎财神!亚信安全祝大家金蛇接财,福气满满](https://mp.weixin.qq.com/s?__biz=MjM5NjY2MTIzMw==&mid=2650620969&idx=1&sn=e2ea7bfca815e935b52839d6161bb0bf) + - [ ] [【oscp】vulnerable_docker,三种代理方法打入内网](https://mp.weixin.qq.com/s?__biz=Mzg2Nzk0NjA4Mg==&mid=2247498989&idx=1&sn=a860e19fe2d20c9b8aa5cc9ca81ac488) + - [ ] [【2025】初五迎财神,恭喜发财](https://mp.weixin.qq.com/s?__biz=MzUwOTc3MTQyNg==&mid=2247491392&idx=1&sn=75011220308fe9a69d8dd70b7d07d5f0) + - [ ] [大年初五 | 恒御科技祝大家“蛇运亨通,瑞气盈门”](https://mp.weixin.qq.com/s?__biz=MzU4NjY3OTAzMg==&mid=2247514958&idx=1&sn=01c937eee1af2942500f59fc5740acf7) + - [ ] [大年初五 | 爆竹声中财门开,如意平安富贵来](https://mp.weixin.qq.com/s?__biz=Mzk0MDQ5MTQ4NA==&mid=2247487431&idx=1&sn=c15740e5ae9f941b205365b9d758ee32) + - [ ] [Hawkeye 一款Windows综合应急响应工具](https://mp.weixin.qq.com/s?__biz=Mzk0ODY1NzEwMA==&mid=2247486676&idx=1&sn=3417cbc224d25e1e2d58028f2163bb57) + - [ ] [正月初五|喜迎财神 招财纳祥](https://mp.weixin.qq.com/s?__biz=MzkxODczNjA4NQ==&mid=2247494022&idx=1&sn=4a63c5fbf635f14e625c112957d0ea1d) + - [ ] [DecryptTools综合解密](https://mp.weixin.qq.com/s?__biz=MzkyNzIxMjM3Mg==&mid=2247489196&idx=1&sn=bc1fd862ec7ec58e385b7e0f3de44318) + - [ ] [一半人可以开了](https://mp.weixin.qq.com/s?__biz=MzkyNzIxMjM3Mg==&mid=2247489196&idx=2&sn=dec356d33c41d89e7b628f05471e3d2e) + - [ ] [【贺蛇年】初五迎财 网安聚福](https://mp.weixin.qq.com/s?__biz=MzAxMjE1MDY0NA==&mid=2247508846&idx=1&sn=9ce423304dea95172f851d637a204f7a) + - [ ] [【初五】安全守护好 发展自然来](https://mp.weixin.qq.com/s?__biz=MjM5NTE0MjQyMg==&mid=2650624577&idx=1&sn=4c14d0c391b3e76a3335a93e4e16c2f4) + - [ ] [山石网科·AI汇东方|正月初五,喜迎财神](https://mp.weixin.qq.com/s?__biz=MzAxMDE4MTAzMQ==&mid=2661298314&idx=1&sn=a06e947eb117e1a6e4ac13f9aba74f9b) + - [ ] [初五 | 迎财神](https://mp.weixin.qq.com/s?__biz=MzIxNTQxMjQyNg==&mid=2247493742&idx=1&sn=6c298f8ce178ae5f381c68b29f886a7f) + - [ ] [初五|财神叩门送金来 全域互连倚云脉](https://mp.weixin.qq.com/s?__biz=MzkxNDY0MjMxNQ==&mid=2247532974&idx=1&sn=f7a29699391399ad4582af3321de5ad1) + - [ ] [ZoomEye、ZoomEye Pro:网络资产测绘,筑牢财富根基](https://mp.weixin.qq.com/s?__biz=MjM5NzA3Nzg2MA==&mid=2649870888&idx=1&sn=572bcba2cdd6c61f272fbc1ee4943f22) + - [ ] [祥蛇初五至 福运启新时](https://mp.weixin.qq.com/s?__biz=MzU0MjEwNTM5Ng==&mid=2247520425&idx=1&sn=7936883faac2bd5d0b54fbc8772c487c) + - [ ] [Dark OSINT:我是如何识别多个性犯罪分子及其基础设施的](https://mp.weixin.qq.com/s?__biz=MzkwOTE5MDY5NA==&mid=2247504844&idx=1&sn=0567a540ffa5f4aa2f0bd08da69c6254) + - [ ] [赚美刀?来扶盈安全就对了-扶楹安全第二期招生了!](https://mp.weixin.qq.com/s?__biz=MzkyNzQzODA3Ng==&mid=2247484777&idx=1&sn=007f74bd81906a993fad37a59f5e1afd) + - [ ] [初五 | 迎财神,接好运!](https://mp.weixin.qq.com/s?__biz=Mzg4MjQ4MjM4OA==&mid=2247523803&idx=1&sn=e5fe6e9fcd4de214c94e3f5efd295dd8) + - [ ] [苏说安全两周年记 | 感恩每一份照亮前路的星光](https://mp.weixin.qq.com/s?__biz=Mzg5OTg5OTI1NQ==&mid=2247489874&idx=1&sn=47b12bb1e57d2b02fc0dbb3b38913d8b) +- Security Boulevard + - [ ] [DEF CON 32 – Navigating the Turbulent Skies of Aviation Cyber Regulation](https://securityboulevard.com/2025/02/def-con-32-navigating-the-turbulent-skies-of-aviation-cyber-regulation-2/) + - [ ] [Hackers Hijack JFK File Release: Malware & Phishing Surge](https://securityboulevard.com/2025/02/hackers-hijack-jfk-file-release-malware-phishing-surge/) + - [ ] [Core Features in NSFOCUS RSAS R04F04 1-2](https://securityboulevard.com/2025/02/core-features-in-nsfocus-rsas-r04f04-1-2/) +- Private Feed for M09Ic + - [ ] [mgeeky starred Teach2Breach/rust_api_demo](https://github.com/Teach2Breach/rust_api_demo) + - [ ] [zer0yu starred LaurentMazare/tch-rs](https://github.com/LaurentMazare/tch-rs) + - [ ] [zer0yu starred guillaume-be/rust-bert](https://github.com/guillaume-be/rust-bert) + - [ ] [zer0yu starred ldclabs/anda](https://github.com/ldclabs/anda) + - [ ] [zer0yu starred HKUDS/MiniRAG](https://github.com/HKUDS/MiniRAG) + - [ ] [phith0n starred X1a0He/X1a0HeWeChatPlugin](https://github.com/X1a0He/X1a0HeWeChatPlugin) + - [ ] [mgeeky starred megadose/holehe](https://github.com/megadose/holehe) + - [ ] [b1nhack starred b1nhack/nvim](https://github.com/b1nhack/nvim) + - [ ] [zer0yu started following karpathy](https://github.com/karpathy) + - [ ] [zer0yu started following wdndev](https://github.com/wdndev) + - [ ] [zer0yu starred wdndev/tiny-llm-zh](https://github.com/wdndev/tiny-llm-zh) + - [ ] [lz520520 forked lz520520/rust-native-tls from sfackler/rust-native-tls](https://github.com/lz520520/rust-native-tls) +- Recent Commits to cve:main + - [ ] [Update Sun Feb 2 20:27:07 UTC 2025](https://github.com/trickest/cve/commit/fcf3014fa98cc26f06af3e2bab5e9248e80b149f) + - [ ] [Update Sun Feb 2 12:20:58 UTC 2025](https://github.com/trickest/cve/commit/a65cb4569063b4a65b895041ed0abcdb1df57ff9) + - [ ] [Update Sun Feb 2 04:21:00 UTC 2025](https://github.com/trickest/cve/commit/3e10a03ba05176de772d99d5a5a2c51ac1c34160) +- 一个被知识诅咒的人 + - [ ] [【人工智能】使用Python和Hugging Face构建情感分析应用:从模型训练到Web部署](https://blog.csdn.net/nokiaguy/article/details/145420450) + - [ ] [【人工智能】深入探索Python中的自注意力机制:实现Transformer的核心组件](https://blog.csdn.net/nokiaguy/article/details/145420439) +- obaby@mars + - [ ] [年复一年](https://h4ck.org.cn/2025/02/19063) +- Blogs on STAR Labs + - [ ] [Mali-cious Intent: Exploiting GPU Vulnerabilities (CVE-2022-22706 / CVE-2021-39793)](https://starlabs.sg/blog/2025/12-mali-cious-intent-exploiting-gpu-vulnerabilities-cve-2022-22706/) +- MaskRay + - [ ] [lld 20 ELF changes](https://maskray.me/blog/2025-02-02-lld-20-elf-changes) +- Blog – Red Siege Information Security + - [ ] [Red Siege at Wild West Hackin’ Fest Mile High 2025 – What to Expect!](https://redsiege.com/blog/2025/02/red-siege-at-wild-west-hackin-fest-mile-high-2025-what-to-expect/) +- Blogs dade + - [ ] [Weekly Retro 2025-W05](https://0xda.de/blog/2025/02/weekly-retro-2025-w05/) +- Bug Bounty in InfoSec Write-ups on Medium + - [ ] [How I Earned $200 Using GitHub Dorking P=2:Advanced GitHub Dorking: More Secrets, More Automation…](https://infosecwriteups.com/advanced-github-dorking-more-secrets-more-automation-more-bounties-f39dd553b1c2?source=rss----7b722bfd1b8d--bug_bounty) +- 安全分析与研究 + - [ ] [一款使用Rust编写的PE加壳器](https://mp.weixin.qq.com/s?__biz=MzA4ODEyODA3MQ==&mid=2247490280&idx=1&sn=27a8a52ec1103e01e0110d3cd8177b5d&chksm=902fb5c0a7583cd6218d677628b2525d44e71fe4a1a277e33d09f2eb178e9d0f3d1b7f16868b&scene=58&subscene=0#rd) +- 锦行科技 + - [ ] [初五 | 迎财神](https://mp.weixin.qq.com/s?__biz=MzIxNTQxMjQyNg==&mid=2247493742&idx=1&sn=6c298f8ce178ae5f381c68b29f886a7f&chksm=979a13cba0ed9add09c5b22955bcce5e7a177a09072e01fe7ecdb9b58a578e7a75a7338606aa&scene=58&subscene=0#rd) +- 吾爱破解论坛 + - [ ] [【2025春节】解题领红包活动排行榜(初五 2/2)](https://mp.weixin.qq.com/s?__biz=MjM5Mjc3MDM2Mw==&mid=2651141668&idx=1&sn=82663ea0981e0c6f1544bb1fe7ab6bb8&chksm=bd50a6708a272f660989d775c0b51760ab65a87bdfaebbc3eb8e52d3797a728c8c3c53cdc3db&scene=58&subscene=0#rd) +- MBHC + - [ ] [DeepSeek(R1) vs Gpt-o3-mini(-high)](https://mp.weixin.qq.com/s?__biz=MzU5Mzk3NTE0Mw==&mid=2247483715&idx=1&sn=8f936ef2f0c039f3e1d7bbf3d7bf66df&chksm=fe09034bc97e8a5d5e70e334a94f5e775517c607f283d57c8b72e82f3e69e3f55861234dbc2d&scene=58&subscene=0#rd) +- 极客公园 + - [ ] [阿西莫夫三定律,还适用于今天的 AI 吗?](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653073110&idx=1&sn=b277757d83dc66d3c5755989bdf48f50&chksm=7e57d36049205a76146ef55cb30a443f45110c7828858b74358ef216851bb3d2050790c61b32&scene=58&subscene=0#rd) + - [ ] [特朗普会面黄仁勋,谈到 DS 和 AI 芯片;小米汽车一月交付超 2 万辆;ChatGPT 去年付费用户增长三倍 | 极客早知道](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653073109&idx=1&sn=3a5c6e9636f6223b1e994a0d7c7ef99e&chksm=7e57d36349205a75d495f380e35da4f2c90ad22710777273824e8a28f1952b68aff534019547&scene=58&subscene=0#rd) +- 火绒安全 + - [ ] [初五财神到,火绒安全祝大家蛇年行大运,事事皆顺遂~](https://mp.weixin.qq.com/s?__biz=MzI3NjYzMDM1Mg==&mid=2247522009&idx=1&sn=427a7360c75c10d3278f62a51ef5b068&chksm=eb7048e6dc07c1f0dfeea1cbf6b85548ce582944fbfea679ffde25c1b6e6d1f148aea83dabc7&scene=58&subscene=0#rd) + - [ ] [诚邀渠道合作伙伴共启新征程](https://mp.weixin.qq.com/s?__biz=MzI3NjYzMDM1Mg==&mid=2247522009&idx=2&sn=ca2b184d62f7ecba76d349a8faa6d2bf&chksm=eb7048e6dc07c1f05ec257548f51393da431feaac3cc1a829fa508cde8291071d95277882a19&scene=58&subscene=0#rd) +- 360数字安全 + - [ ] [国内首家!360推出“DeepSeek版”安全大模型](https://mp.weixin.qq.com/s?__biz=MzA4MTg0MDQ4Nw==&mid=2247579300&idx=1&sn=fb81fc2b90cac494c296287ef221c64f&chksm=9f8d26aca8faafbab862d9d12c16bf810abde53f061e47a38f952b28862d897e8405ebd99be1&scene=58&subscene=0#rd) + - [ ] [大年初五 | 蛇报佳春,万“巳”大吉](https://mp.weixin.qq.com/s?__biz=MzA4MTg0MDQ4Nw==&mid=2247579300&idx=2&sn=c06abb2df32188e9b4d4cda59aad3c1a&chksm=9f8d26aca8faafba2fa3a2ff9c51bb3b8b9909869b1b29790b16afb0c7c3bf5db029ef357909&scene=58&subscene=0#rd) +- 迪哥讲事 + - [ ] [手把手教你如何本地化部署DeepSeek](https://mp.weixin.qq.com/s?__biz=MzIzMTIzNTM0MA==&mid=2247497017&idx=1&sn=c755513c5dbf6ec01ad0d40eba61ae44&chksm=e8a5ff5adfd2764cbfc5d5022694332b05284a95fecaccdd14aa436daac1a63d33e4089b7287&scene=58&subscene=0#rd) +- 娜璋AI安全之家 + - [ ] [[系统安全] 六十二.恶意软件分析 (13)LLM赋能实现基于机器学习的恶意家族分类(初探)](https://mp.weixin.qq.com/s?__biz=Mzg5MTM5ODU2Mg==&mid=2247501299&idx=1&sn=c461a9440fcea0ecee2c1d78cdda5cdd&chksm=cfcf753ef8b8fc289095d45e909b053dcb87dd4794e462fcf1d60ee5c8e7715cc2f2f8c2af13&scene=58&subscene=0#rd) +- Hacking Exposed Computer Forensics Blog + - [ ] [Daily Blog #737: Sunday Funday 2/2/25](https://www.hecfblog.com/2025/02/daily-blog-737-sunday-funday-2225.html) + - [ ] [Daily Blog #736: Solution Saturday 2/1/25](https://www.hecfblog.com/2025/02/daily-blog-736-solution-saturday-2125.html) +- Over Security - Cybersecurity news aggregator + - [ ] [9Lives - 109,515 breached accounts](https://haveibeenpwned.com/PwnedWebsites#9Lives) +- Have I Been Pwned latest breaches + - [ ] [9Lives - 109,515 breached accounts](https://haveibeenpwned.com/PwnedWebsites#9Lives) +- IT Service Management News + - [ ] [Sicurezza negli esercizi pubblici](http://blog.cesaregallotti.it/2025/02/sicurezza-negli-esercizi-pubblici.html) + - [ ] [Dispositivi medici che mandano dati dei pazienti in Cina](http://blog.cesaregallotti.it/2025/02/dispositivi-medici-che-mandano-dati-dei.html) + - [ ] [Privacy: sanzione a Regione Molise e ai responabili](http://blog.cesaregallotti.it/2025/02/privacy-sanzione-regione-molise-e-ai.html) +- Troy Hunt's Blog + - [ ] [Weekly Update 437](https://www.troyhunt.com/weekly-update-437/) +- Desync InfoSec + - [ ] [LockBit勒索软件案例(CS+Socks5)](https://mp.weixin.qq.com/s?__biz=MzkzMDE3ODc1Mw==&mid=2247489011&idx=1&sn=cdefefd425a7437c3ef0df558eb05375&chksm=c27f665df508ef4b1dd69002004b822d8088e12e7ddb41fb844da301a2dc60d7acacb9ed6733&scene=58&subscene=0#rd) +- Full Disclosure + - [ ] [APPLE-SA-01-30-2025-1 GarageBand 10.4.12](https://seclists.org/fulldisclosure/2025/Feb/2) + - [ ] [Re: Text injection on https://www.google.com/sorry/index via ?q parameter (no XSS)](https://seclists.org/fulldisclosure/2025/Feb/1) + - [ ] [Xinet Elegant 6 Asset Lib Web UI 6.1.655 / SQL Injection / Exploit Update Python3](https://seclists.org/fulldisclosure/2025/Feb/0) +- TorrentFreak + - [ ] [Russia VPN Crackdown Revelation – VPN Sites Hide Their IP Addresses](https://torrentfreak.com/russia-vpn-crackdown-revelation-vpn-sites-hide-their-ip-addresses-250202/) +- Your Open Hacker Community + - [ ] [Alternative for mnt reform?](https://www.reddit.com/r/HowToHack/comments/1ig2fg0/alternative_for_mnt_reform/) + - [ ] [would it be possible to make a tool that maps out a network automatically?](https://www.reddit.com/r/HowToHack/comments/1ifq4l8/would_it_be_possible_to_make_a_tool_that_maps_out/) + - [ ] [Speed queen NEW model hack needed](https://www.reddit.com/r/HowToHack/comments/1ig61me/speed_queen_new_model_hack_needed/) + - [ ] [Looking to get into a couple Snapchat accounts. Will pay but work has to be done first!! Please reach out if you can help!](https://www.reddit.com/r/HowToHack/comments/1ifwya9/looking_to_get_into_a_couple_snapchat_accounts/) +- Security Affairs + - [ ] [SECURITY AFFAIRS MALWARE NEWSLETTER – ROUND 31](https://securityaffairs.com/173746/malware/security-affairs-malware-newsletter-round-31.html) + - [ ] [Security Affairs newsletter Round 509 by Pierluigi Paganini – INTERNATIONAL EDITION](https://securityaffairs.com/173741/breaking-news/security-affairs-newsletter-round-509-by-pierluigi-paganini-international-edition.html) + - [ ] [WhatsApp disrupted a hacking campaign targeting journalists with Paragon spyware](https://securityaffairs.com/173721/security/whatsapp-disrupted-paragon-spyware-campaign.html) + - [ ] [Ransomware attack hit Indian multinational Tata Technologies](https://securityaffairs.com/173712/cyber-crime/tata-technologies-ransomware-attack.html) +- The Register - Security + - [ ] [What does it mean to build in security from the ground up?](https://go.theregister.com/feed/www.theregister.com/2025/02/02/security_design_choices/) + - [ ] [Gilmore Girls fans nabbed as Eurocops dismantle two major cybercrime forums](https://go.theregister.com/feed/www.theregister.com/2025/02/02/eurocops_takedown_cybercrime/) +- Computer Forensics + - [ ] [TCU Passware (2025JAN31)](https://www.reddit.com/r/computerforensics/comments/1igaiem/tcu_passware_2025jan31/) +- 网安寻路人 + - [ ] [DeepSeek的R1与R1-Zero:技术差异与AI风险管控](https://mp.weixin.qq.com/s?__biz=MzIxODM0NDU4MQ==&mid=2247506432&idx=1&sn=ddb2b818c020739b2b004f3cfcb69a91&chksm=97e967eaa09eeefc9023ae78007b8295e56b81a367336405b00fd9e2494d207b2d3cf1fc0ba7&scene=58&subscene=0#rd) diff --git a/archive/tmp/2025-02-03.json b/archive/tmp/2025-02-03.json new file mode 100644 index 0000000000..af82aa8b40 --- /dev/null +++ b/archive/tmp/2025-02-03.json @@ -0,0 +1,262 @@ +{ + "SecWiki News": { + "SecWiki News 2025-02-02 Review": "http://www.sec-wiki.com/?2025-02-02" + }, + "Doonsec's feed": { + "秦安:特朗普表态DeepSeek,新质生产力文化力国防力进入生死抉择": "https://mp.weixin.qq.com/s?__biz=MzA5MDg1MDUyMA==&mid=2650476446&idx=1&sn=667c5ecbfb13d7afed253e28d76959e5", + "Fastjson1.2.24反序列化利用": "https://mp.weixin.qq.com/s?__biz=Mzk0NDYwOTcxNg==&mid=2247485410&idx=1&sn=1ec1af3a9daa8bede6b50c48d4c6ad22", + "【oscp】SickOS系列全教程": "https://mp.weixin.qq.com/s?__biz=MzU2MTc4NTEyNw==&mid=2247486459&idx=1&sn=bdb973718eb5b746ffb36010c1126ab7", + "泰国拟对妙瓦底地区断电": "https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650559426&idx=1&sn=319562dc0c95468cf20353c016f72e52", + "新年第一周,网络安全“重启”:关键防护措施与实战指南": "https://mp.weixin.qq.com/s?__biz=MzA4MzMzOTQ4Mw==&mid=2453672545&idx=1&sn=be79c51468776f970b7c557484e9c3d3", + "DeepSeek 容易受到各种越狱策略的攻击": "https://mp.weixin.qq.com/s?__biz=MzU2NDY2OTU4Nw==&mid=2247518533&idx=1&sn=b33cca1bd4585c8e72b323541ed3a3bd", + "世界需要一个能谋善断的AI(六):关于DeepSeek出圈的思考": "https://mp.weixin.qq.com/s?__biz=MzAxOTk3NTg5OQ==&mid=2247492311&idx=1&sn=0d662ce191c8997b8885a692a22c2b92", + "DeepSeek R1 模型本地部署教程": "https://mp.weixin.qq.com/s?__biz=MzkyOTQ4NTc3Nw==&mid=2247485501&idx=1&sn=d28152a69a687bbe9607eb0e813fd760", + "如何通过情报分析一个人": "https://mp.weixin.qq.com/s?__biz=MzkxMDIwMTMxMw==&mid=2247494517&idx=1&sn=640bcd44db8abcf1392a66a843ac737f", + "GenAI技术栈市场分析": "https://mp.weixin.qq.com/s?__biz=MjM5OTk4MDE2MA==&mid=2655264940&idx=1&sn=4e9a9d38cff3eda388d2841790e8eee6", + "2025年,自己要做自己的灯塔!": "https://mp.weixin.qq.com/s?__biz=MzA3OTg3Mjg3NA==&mid=2456976653&idx=1&sn=66f686a7f02b5f57cbff18b32be74a3a", + "手把手教你如何本地化部署DeepSeek": "https://mp.weixin.qq.com/s?__biz=MzIzMTIzNTM0MA==&mid=2247497017&idx=1&sn=c755513c5dbf6ec01ad0d40eba61ae44", + "Hashcat vs John the Ripper:两大密码破解神器深度对比": "https://mp.weixin.qq.com/s?__biz=MzI5MjY4MTMyMQ==&mid=2247489899&idx=1&sn=52471d15e881d9f921886305d9ac0fdd", + "perplexity支持DeepSeek R1和o3-mini模型": "https://mp.weixin.qq.com/s?__biz=MzkxNzY0Mzg2OQ==&mid=2247486282&idx=1&sn=c92a5e3be98e56ca2240a51d2c366462", + "[系统安全] 六十二.恶意软件分析 (13)LLM赋能实现基于机器学习的恶意家族分类(初探)": "https://mp.weixin.qq.com/s?__biz=Mzg5MTM5ODU2Mg==&mid=2247501299&idx=1&sn=c461a9440fcea0ecee2c1d78cdda5cdd", + "聊聊国内的数据安全尺度问题": "https://mp.weixin.qq.com/s?__biz=MzI1Mjc3NTUwMQ==&mid=2247538549&idx=1&sn=521c18c3ae58546adae92616cb83808f", + "美国CISA报告称Contec病人监护仪存在后门": "https://mp.weixin.qq.com/s?__biz=MzkwOTM0MjI5NQ==&mid=2247488058&idx=1&sn=f2da86198b12bcad5bde72ea431dcdcc", + "【AI】DeepSeek 概念/影响/使用/部署": "https://mp.weixin.qq.com/s?__biz=MzUyNTUyNTA5OQ==&mid=2247484881&idx=1&sn=1ce74fe3cc4869f130e0b068ec229f45", + "FUZZ出来的一系列漏洞": "https://mp.weixin.qq.com/s?__biz=MzkxNzY2MjU2Mg==&mid=2247483819&idx=1&sn=f720e0623daf07c7838527d03dce27e1", + "DeepSeek(R1) vs Gpt-o3-mini(-high)": "https://mp.weixin.qq.com/s?__biz=MzU5Mzk3NTE0Mw==&mid=2247483715&idx=1&sn=8f936ef2f0c039f3e1d7bbf3d7bf66df", + "【AI】人工智能没那么神秘!": "https://mp.weixin.qq.com/s?__biz=MzUyNTUyNTA5OQ==&mid=2247484879&idx=1&sn=5ad4a8e0fe4d3be18ea0f01e2935473f", + "安全圈瓜田理下集合【2025/2/2】": "https://mp.weixin.qq.com/s?__biz=MzAxNzg3NzMyNQ==&mid=2247489548&idx=1&sn=b9efc35c8d73c866d549db2234a7d17c", + "不藏了!Wireshark 命令、捕获、过滤器大全分享给你": "https://mp.weixin.qq.com/s?__biz=MzIyMzIwNzAxMQ==&mid=2649464775&idx=1&sn=26133889c68b7a82c112264dd161d512", + "二层交换机和三层交换机到底有啥区别?2025年最新讲解!": "https://mp.weixin.qq.com/s?__biz=MzUyNTExOTY1Nw==&mid=2247528073&idx=1&sn=6301a2e8fc2761c557904a0f410d59e7", + "使用 NTP 进行定向 Timeroasting 窃取用户哈希值": "https://mp.weixin.qq.com/s?__biz=MzAxODM5ODQzNQ==&mid=2247486924&idx=1&sn=bffa91f44bad8f39b89a25f21e0b1a59", + "渗透测试工程师常用的搜索引擎": "https://mp.weixin.qq.com/s?__biz=Mzg2MTc1MjY5OQ==&mid=2247486249&idx=1&sn=1e366c735cb526d8ed13cace6f26cc1e", + "停更几日 找工作去了": "https://mp.weixin.qq.com/s?__biz=Mzg4MTkwMTI5Mw==&mid=2247488841&idx=1&sn=57abcbe7def662f4b2fbc518fcf718f0", + "DeepSeek老板梁文峰,谈近期热点问题": "https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485509&idx=1&sn=1af3f439672105c862f4bb0091c3f3a2", + "北七家-未来科学城,3居变4居豪装,理想楼层/户型/朝向": "https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485509&idx=2&sn=670e807204cde52fca39474b57618c52", + "【干货】笑傲职场的独家经验(1)": "https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485509&idx=3&sn=62c6e7a1ff368ba3cbd91298ad18483c", + "【干货原创】实网攻防演习常态化,会带来什么变化01": "https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485509&idx=4&sn=57569d432f14f1f8ee639997920b435c", + "汽车诊断及OBD和UDS协议的基础概念介绍": "https://mp.weixin.qq.com/s?__biz=MzIzOTc2OTAxMg==&mid=2247549670&idx=1&sn=1e77e974f9698cc0d74c125e9eb62288", + "揭示AUTOSAR中隐藏的漏洞": "https://mp.weixin.qq.com/s?__biz=MzIzOTc2OTAxMg==&mid=2247549670&idx=2&sn=5f3fb6a0f0d849bdcf52c3b088620c0e", + "【2025-02-02】黑客新闻摘要": "https://mp.weixin.qq.com/s?__biz=MzIzNDU5NTI4OQ==&mid=2247488410&idx=1&sn=d520eefe614e2ce5642067897cf29310", + "Tenable收购Vulcan Cyber,继续加速巩固暴露风险管理市场的领导地位": "https://mp.weixin.qq.com/s?__biz=MzIyMTg0MTE3MA==&mid=2247487464&idx=1&sn=b2896c8828c9fe6b47d1296c0436f95f", + "收藏 | dotNet安全矩阵 2024 年度本地权限操作阶段文章和工具汇总": "https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498654&idx=1&sn=5900448e0b83460002b339bdd888b89a", + "国内最专业、最全面的 [ .NET 代码审计 ] 体系化学习交流社区": "https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498654&idx=2&sn=ec3a4a0258a1e9eba731417aa3354ed2", + "总结 | 2024 年度内网实战攻防电子报刊 34 篇文章内容汇总": "https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498654&idx=3&sn=5f3ba6adeafc3eeeb6bac4a8709281f6", + "高效、安全的 V2X PKI 与全球统一解决方案的集成": "https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247620303&idx=1&sn=cd6c84599aef8f9308d3a9275a265bf1", + "在软件定义汽车中实现安全的全球时间同步": "https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247620303&idx=2&sn=c6f1e1c62c277153dfadbdb7bb7f03f3", + "全球数据隐私、数据安全与网络安全技术发展报告": "https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247620303&idx=3&sn=a94ce29de1c0b7625c8efc9602d3a095", + "一款使用Rust编写的PE加壳器": "https://mp.weixin.qq.com/s?__biz=MzA4ODEyODA3MQ==&mid=2247490280&idx=1&sn=27a8a52ec1103e01e0110d3cd8177b5d", + "LockBit勒索软件案例(CS+Socks5)": "https://mp.weixin.qq.com/s?__biz=MzkzMDE3ODc1Mw==&mid=2247489011&idx=1&sn=cdefefd425a7437c3ef0df558eb05375", + "以小见大,彻底理解 cookie,session,token 之间的关系,通俗易懂": "https://mp.weixin.qq.com/s?__biz=MzkxMzMyNzMyMA==&mid=2247570694&idx=1&sn=29f7161a798e3c693f2e07545a8b52ff", + "Troll系列---Troll1靶场": "https://mp.weixin.qq.com/s?__biz=Mzk1NzIzMzQ3OA==&mid=2247484332&idx=1&sn=fba78491557f3cbc1ee34fbedc0cd8bd", + "2024年十大网络安全事件盘点": "https://mp.weixin.qq.com/s?__biz=MzIxMDIwODM2MA==&mid=2653931483&idx=1&sn=5ee0aaf91c5db8412e184d348b4a1d06", + "奇瑞汽车申请信息安全传输专利,防止多种攻击手段": "https://mp.weixin.qq.com/s?__biz=MzIxMDIwODM2MA==&mid=2653931483&idx=2&sn=59bdf40380a2fc0d3df5b2d3a9d8b1e7", + "【吃瓜】我家有女初长成!": "https://mp.weixin.qq.com/s?__biz=MzU3MjU4MjM3MQ==&mid=2247489723&idx=1&sn=93b809a5e3a62b231b628e053aa39e98", + "日志文件分析": "https://mp.weixin.qq.com/s?__biz=Mzk1Nzc0MzY3NA==&mid=2247483783&idx=1&sn=4793ee638a53387ff52638f428afaa4c", + "【吃瓜】某官方媒体下场传播Deepseek谣言": "https://mp.weixin.qq.com/s?__biz=Mzg4MTkwMTI5Mw==&mid=2247488836&idx=1&sn=0b4b90b809d4d1d411d9d7cb07bb41dd", + "[靶场复现计划]CSLAB Thunder": "https://mp.weixin.qq.com/s?__biz=MzkxOTYwMDI2OA==&mid=2247484342&idx=1&sn=fbf99114ba0a7734a34ca35d09047003", + "2025 Arch Linux 配置与常用操作指南": "https://mp.weixin.qq.com/s?__biz=Mzg4MzgwMDE2Mw==&mid=2247488266&idx=1&sn=231087764693c81ab974ce49aaa367fd", + "deepseek用不了解决方案 siliconflow": "https://mp.weixin.qq.com/s?__biz=MzkxNjMwNDUxNg==&mid=2247487263&idx=1&sn=fa27a458767be5da87e8f0dd2959ac90", + "星火年鉴· 品牌生态篇 | 2024星火品牌与市场生态亮点回顾": "https://mp.weixin.qq.com/s?__biz=MzU1OTUxNTI1NA==&mid=2247592385&idx=1&sn=13ab2eff27d3b4532a504eb26a695327", + "纯动嘴让DeepSeek给自己写一个壳": "https://mp.weixin.qq.com/s?__biz=MzA3NDE0NTY0OQ==&mid=2247484313&idx=1&sn=8e3f8f76629035619e1743da5afd28a1", + "网络安全新手必看:你的电脑够硬核吗?CTF 神器选购指南!": "https://mp.weixin.qq.com/s?__biz=MzA3NDE0NTY0OQ==&mid=2247484313&idx=2&sn=4562514cd4be9ea89f1ed48f7e33ddf2", + "Microsoft SQL Server 中的 RCE:探索错误配置并获得命令执行能力": "https://mp.weixin.qq.com/s?__biz=MzAxMjYyMzkwOA==&mid=2247527476&idx=1&sn=3c6e650cd3989e4318e4de87b1cab4a3", + "通过 JSON 文件上传进行存储型 XSS": "https://mp.weixin.qq.com/s?__biz=MzAxMjYyMzkwOA==&mid=2247527476&idx=2&sn=52e6aaaaa606bc10d5c53f2ab36dab9d", + "网安人的Deepseek使用指南": "https://mp.weixin.qq.com/s?__biz=MzkxMDU5MzY0NQ==&mid=2247484471&idx=1&sn=19de64512beab336b1d931e46707a4f3", + "国内首家!360推出“DeepSeek版”安全大模型": "https://mp.weixin.qq.com/s?__biz=MzA4MTg0MDQ4Nw==&mid=2247579300&idx=1&sn=fb81fc2b90cac494c296287ef221c64f", + "大年初五 | 蛇报佳春,万“巳”大吉": "https://mp.weixin.qq.com/s?__biz=MzA4MTg0MDQ4Nw==&mid=2247579300&idx=2&sn=c06abb2df32188e9b4d4cda59aad3c1a", + "教练,我想做红客": "https://mp.weixin.qq.com/s?__biz=Mzg4NzgzMjUzOA==&mid=2247485481&idx=1&sn=8bb195be87285a44b7949441eeb4d438", + "三步教你使用ollama+chatboxai本地部署DeepSeek-R1(含电脑配置参考)": "https://mp.weixin.qq.com/s?__biz=MzkzMjIxNjExNg==&mid=2247486256&idx=1&sn=0e5e16559014d6990e2655f742bbf8c3", + "设备管理系统开发:结合FastAPI+uvicorn技术(V2.3版本)": "https://mp.weixin.qq.com/s?__biz=MzAxMDIwNjg2MA==&mid=2247486192&idx=1&sn=b7addf22dac6c645a9e16f0cd71da809", + "大年初五迎财神|大吉大利,八方来财": "https://mp.weixin.qq.com/s?__biz=MzI3NzMzNzE5Ng==&mid=2247489523&idx=1&sn=8bb39b35916f60e2052342891502afc1", + "政府媒体下场!证明“宇宙镜像防御系统”“在黑客电脑放大悲咒”都是真的!": "https://mp.weixin.qq.com/s?__biz=MzkyOTQzNjIwNw==&mid=2247491692&idx=1&sn=b3bb6b0e8bc8cf46f507d2af76f7e46f", + "2024年近2亿人受影响,美国医疗成重点攻击目标": "https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651313350&idx=1&sn=14f2e762074e1c311ff513905bd74451", + "新型僵尸网络正对路由器、摄像头等设备发起大规模DDoS攻击": "https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651313350&idx=2&sn=325091293f887d4b02b45a66abdcc9b9", + "无需拆机!Windows 11 BitLocker加密文件被破解": "https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651313350&idx=3&sn=d66f493838161567f4aa1ccfefa9c7da", + "记一次框架利用接管学工系统": "https://mp.weixin.qq.com/s?__biz=MzUyODkwNDIyMg==&mid=2247547536&idx=1&sn=3c4f0b94df8e73bc5c8f02e75f6bf1f9", + "Zyxel CPE 设备遭遇大规模攻击:关键漏洞(CVE-2024-40891)仍未修复!": "https://mp.weixin.qq.com/s?__biz=Mzg3OTYxODQxNg==&mid=2247485684&idx=1&sn=ca0044c1a5698a1a8bad3d17b325b3a4", + "国内黑产组织利用AWS 和 Azure进行诈骗活动": "https://mp.weixin.qq.com/s?__biz=MzkzNDIzNDUxOQ==&mid=2247494701&idx=1&sn=3e0582b510dbccde979bed07cc7c3488", + "DeepSeek 突破了西方对于强大AI开发的垄断": "https://mp.weixin.qq.com/s?__biz=MzkzNDIzNDUxOQ==&mid=2247494701&idx=2&sn=e859fa26b1c6c3b3a0de07cd580f711d", + "奇幻爽文之风终于吹到了网安": "https://mp.weixin.qq.com/s?__biz=Mzg4Njc0Mjc3NQ==&mid=2247486634&idx=1&sn=0dc181deac52d82cd9a46eab2a487461", + "【2025春节】解题领红包活动排行榜(初五 2/2)": "https://mp.weixin.qq.com/s?__biz=MjM5Mjc3MDM2Mw==&mid=2651141668&idx=1&sn=82663ea0981e0c6f1544bb1fe7ab6bb8", + "时间强盗漏洞:ChatGPT绕过敏感话题安全防护": "https://mp.weixin.qq.com/s?__biz=MzAxMjE3ODU3MQ==&mid=2650607394&idx=1&sn=387b2dc9dd6ebd7d27288d882c5d9832", + "虚假谷歌广告瞄准微软广告账户,恶意软件攻击再升级": "https://mp.weixin.qq.com/s?__biz=MzAxMjE3ODU3MQ==&mid=2650607394&idx=2&sn=9afd369d22b8ae77608115d1b2309b66", + "一些木马反制技巧": "https://mp.weixin.qq.com/s?__biz=MzAxMjE3ODU3MQ==&mid=2650607394&idx=3&sn=f2dbe4fa4dc6ad21d2bbc79d3e38c60b", + "Burpsuite存储桶配置不当漏洞检测插件": "https://mp.weixin.qq.com/s?__biz=MzAxMjE3ODU3MQ==&mid=2650607394&idx=4&sn=d21b7373ba4514475e76fc1e86673954", + "掌握这些隐藏技巧,快速生成高质量美学论文初稿指南!": "https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247493260&idx=1&sn=6e7603d4bf552141b202da8e2c7226ef", + "掌握中国史论文写作的文献综述绝技:解锁每个研究生都该懂的内部秘笈。": "https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247493260&idx=2&sn=20c75c3aa689fee6c249bf331d9695e1", + "掌握AI军事战略论文初稿的5种极致写作技巧,用ChatGPT打造高效论文写作流程!": "https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247493260&idx=3&sn=9a4e44b87ce1049e024adfebfd892d5b", + "掌握ChatGPT人力资源管理论文大纲的完善攻略,新手也能3小时上手。": "https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247493260&idx=4&sn=d4c9789e053207760dc89bc30e97bdbe", + "掌握ChatGPT特殊教育论文审稿的内部高阶技巧,审稿速度提升200%!": "https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247493260&idx=5&sn=1b7188bc90a73bd66bfbd639ffb205c1", + "初五接财神 | 顺风顺水,八方来财": "https://mp.weixin.qq.com/s?__biz=Mzk0ODI4MDI4Nw==&mid=2247494628&idx=1&sn=86f1f585e2527dffb49f31e3cb3b77e6", + "初五财神到,火绒安全祝大家蛇年行大运,事事皆顺遂~": "https://mp.weixin.qq.com/s?__biz=MzI3NjYzMDM1Mg==&mid=2247522009&idx=1&sn=427a7360c75c10d3278f62a51ef5b068", + "诚邀渠道合作伙伴共启新征程": "https://mp.weixin.qq.com/s?__biz=MzI3NjYzMDM1Mg==&mid=2247522009&idx=2&sn=ca2b184d62f7ecba76d349a8faa6d2bf", + "MQTT协议安全攻击面技术分析总结": "https://mp.weixin.qq.com/s?__biz=MjM5MjEyMTcyMQ==&mid=2651037465&idx=1&sn=c91979cf125a6f93d28586817671f1d7", + "大年初五吉祥如意": "https://mp.weixin.qq.com/s?__biz=Mzg3NTU3NTY0Nw==&mid=2247489546&idx=1&sn=48d30c9bf0c189657c24003dd0ef3551", + "大年初五 巳蛇呈祥": "https://mp.weixin.qq.com/s?__biz=Mzg2MTU5ODQ2Mg==&mid=2247507177&idx=1&sn=c70f06c1d86e5a233713734b6ee2f9ce", + "数字取证之呈现证据u200c": "https://mp.weixin.qq.com/s?__biz=MjM5OTk4MDE2MA==&mid=2655264934&idx=1&sn=b566f40a1e56c1ead34ae7196ce9f9b8", + "DeepSeek的R1与R1-Zero:技术差异与AI风险管控": "https://mp.weixin.qq.com/s?__biz=MzIxODM0NDU4MQ==&mid=2247506432&idx=1&sn=ddb2b818c020739b2b004f3cfcb69a91", + "Nmap高级攻击指南:用官方工具实施SYN欺骗攻击": "https://mp.weixin.qq.com/s?__biz=MzkxOTUyOTc0NQ==&mid=2247493009&idx=1&sn=4450fdf706551f053287269ac3017075", + "迎财神": "https://mp.weixin.qq.com/s?__biz=Mzg2Mzg2NDM0NA==&mid=2247484863&idx=1&sn=38cb397e43ce3141523a19c0581ad5e1", + "90%企业等保无效?红蓝对抗揭露真相!": "https://mp.weixin.qq.com/s?__biz=MzIwMzIyMjYzNA==&mid=2247517989&idx=1&sn=c773878e5458413dc7f713382eb2c815", + "迎财神,送福到,愿您在新的一年里,财运旺盛,心想事成!": "https://mp.weixin.qq.com/s?__biz=MjM5NzU4NjkyMw==&mid=2650747926&idx=1&sn=51b6804dd2334ea79d326a1a7717461a", + "谁说红客只会蹭!过来看看他们的实力!": "https://mp.weixin.qq.com/s?__biz=Mzk0MzY3MDE5Mg==&mid=2247484028&idx=1&sn=5854fd05510860e4b1a8934a02138131", + "红盟只会蹭!": "https://mp.weixin.qq.com/s?__biz=MzkwMTU2NzMwOQ==&mid=2247484533&idx=1&sn=6247c1831a0bfd5ce1a4b0733b912d9c", + "ISO 45001: 2018 标准详解与实施(13)6.2 职业健康安全目标及其实现的策划": "https://mp.weixin.qq.com/s?__biz=MzA5OTEyNzc1Nw==&mid=2247486058&idx=1&sn=5999aad43bc68811dab5ca40c639b197", + "实战内测-某内测项目站点FUZZ到SQL注入": "https://mp.weixin.qq.com/s?__biz=Mzk0Mzc1MTI2Nw==&mid=2247487449&idx=1&sn=bae043c1e8117312d3d18624f4c070a5", + "大年初五丨安天捕风给您拜年了": "https://mp.weixin.qq.com/s?__biz=MjM5MTA3Nzk4MQ==&mid=2650209925&idx=1&sn=b804ce5af784fca3a1e05a9077cdf1c2", + "正月初五 | 五福临门 招财进宝": "https://mp.weixin.qq.com/s?__biz=MzI2MzU0NTk3OA==&mid=2247506084&idx=1&sn=beab459a146e3c03036ca82226a1c621", + "Meta 确认零点击 WhatsApp 间谍软件攻击针对 90 名记者和活动人士": "https://mp.weixin.qq.com/s?__biz=MzI2NzAwOTg4NQ==&mid=2649794014&idx=1&sn=0bf99aa1e7fb87b545c84b364e027dc0", + "大年初五|接财神": "https://mp.weixin.qq.com/s?__biz=MzUyMjAyODU1NA==&mid=2247491950&idx=1&sn=f325c8233c093a74fde97c588f87e12a", + "Shoko:动漫管理的另一种选择,完美集成Plex、Jellyfin、Kodi": "https://mp.weixin.qq.com/s?__biz=MzA4MjkzMTcxMg==&mid=2449046777&idx=1&sn=a0ad55fed18cd06f87ff32c4f5be473b", + "初五 | 财源滚滚万事顺,鸿运当头福临门!": "https://mp.weixin.qq.com/s?__biz=MzU4NjY4MDAyNQ==&mid=2247497082&idx=1&sn=9b4b2f985f0aa0b0b50392da125f46fe", + "正月初五 | 财安福来": "https://mp.weixin.qq.com/s?__biz=Mzg2NDU3Mzc5OA==&mid=2247489780&idx=1&sn=76693eb6e5caa655bd2a6320c1ae8629", + "大年初五 五福临门": "https://mp.weixin.qq.com/s?__biz=MjM5NzE0NTIxMg==&mid=2651135292&idx=1&sn=0c7186a57a71bbffcf1d576a5e3176ff", + "正月初五迎财神!亚信安全祝大家金蛇接财,福气满满": "https://mp.weixin.qq.com/s?__biz=MjM5NjY2MTIzMw==&mid=2650620969&idx=1&sn=e2ea7bfca815e935b52839d6161bb0bf", + "【oscp】vulnerable_docker,三种代理方法打入内网": "https://mp.weixin.qq.com/s?__biz=Mzg2Nzk0NjA4Mg==&mid=2247498989&idx=1&sn=a860e19fe2d20c9b8aa5cc9ca81ac488", + "【2025】初五迎财神,恭喜发财": "https://mp.weixin.qq.com/s?__biz=MzUwOTc3MTQyNg==&mid=2247491392&idx=1&sn=75011220308fe9a69d8dd70b7d07d5f0", + "大年初五 | 恒御科技祝大家“蛇运亨通,瑞气盈门”": "https://mp.weixin.qq.com/s?__biz=MzU4NjY3OTAzMg==&mid=2247514958&idx=1&sn=01c937eee1af2942500f59fc5740acf7", + "大年初五 | 爆竹声中财门开,如意平安富贵来": "https://mp.weixin.qq.com/s?__biz=Mzk0MDQ5MTQ4NA==&mid=2247487431&idx=1&sn=c15740e5ae9f941b205365b9d758ee32", + "Hawkeye 一款Windows综合应急响应工具": "https://mp.weixin.qq.com/s?__biz=Mzk0ODY1NzEwMA==&mid=2247486676&idx=1&sn=3417cbc224d25e1e2d58028f2163bb57", + "正月初五|喜迎财神 招财纳祥": "https://mp.weixin.qq.com/s?__biz=MzkxODczNjA4NQ==&mid=2247494022&idx=1&sn=4a63c5fbf635f14e625c112957d0ea1d", + "DecryptTools综合解密": "https://mp.weixin.qq.com/s?__biz=MzkyNzIxMjM3Mg==&mid=2247489196&idx=1&sn=bc1fd862ec7ec58e385b7e0f3de44318", + "一半人可以开了": "https://mp.weixin.qq.com/s?__biz=MzkyNzIxMjM3Mg==&mid=2247489196&idx=2&sn=dec356d33c41d89e7b628f05471e3d2e", + "【贺蛇年】初五迎财 网安聚福": "https://mp.weixin.qq.com/s?__biz=MzAxMjE1MDY0NA==&mid=2247508846&idx=1&sn=9ce423304dea95172f851d637a204f7a", + "【初五】安全守护好 发展自然来": "https://mp.weixin.qq.com/s?__biz=MjM5NTE0MjQyMg==&mid=2650624577&idx=1&sn=4c14d0c391b3e76a3335a93e4e16c2f4", + "山石网科·AI汇东方|正月初五,喜迎财神": "https://mp.weixin.qq.com/s?__biz=MzAxMDE4MTAzMQ==&mid=2661298314&idx=1&sn=a06e947eb117e1a6e4ac13f9aba74f9b", + "初五 | 迎财神": "https://mp.weixin.qq.com/s?__biz=MzIxNTQxMjQyNg==&mid=2247493742&idx=1&sn=6c298f8ce178ae5f381c68b29f886a7f", + "初五|财神叩门送金来 全域互连倚云脉": "https://mp.weixin.qq.com/s?__biz=MzkxNDY0MjMxNQ==&mid=2247532974&idx=1&sn=f7a29699391399ad4582af3321de5ad1", + "ZoomEye、ZoomEye Pro:网络资产测绘,筑牢财富根基": "https://mp.weixin.qq.com/s?__biz=MjM5NzA3Nzg2MA==&mid=2649870888&idx=1&sn=572bcba2cdd6c61f272fbc1ee4943f22", + "祥蛇初五至 福运启新时": "https://mp.weixin.qq.com/s?__biz=MzU0MjEwNTM5Ng==&mid=2247520425&idx=1&sn=7936883faac2bd5d0b54fbc8772c487c", + "Dark OSINT:我是如何识别多个性犯罪分子及其基础设施的": "https://mp.weixin.qq.com/s?__biz=MzkwOTE5MDY5NA==&mid=2247504844&idx=1&sn=0567a540ffa5f4aa2f0bd08da69c6254", + "赚美刀?来扶盈安全就对了-扶楹安全第二期招生了!": "https://mp.weixin.qq.com/s?__biz=MzkyNzQzODA3Ng==&mid=2247484777&idx=1&sn=007f74bd81906a993fad37a59f5e1afd", + "初五 | 迎财神,接好运!": "https://mp.weixin.qq.com/s?__biz=Mzg4MjQ4MjM4OA==&mid=2247523803&idx=1&sn=e5fe6e9fcd4de214c94e3f5efd295dd8", + "苏说安全两周年记 | 感恩每一份照亮前路的星光": "https://mp.weixin.qq.com/s?__biz=Mzg5OTg5OTI1NQ==&mid=2247489874&idx=1&sn=47b12bb1e57d2b02fc0dbb3b38913d8b" + }, + "Security Boulevard": { + "DEF CON 32 – Navigating the Turbulent Skies of Aviation Cyber Regulation": "https://securityboulevard.com/2025/02/def-con-32-navigating-the-turbulent-skies-of-aviation-cyber-regulation-2/", + "Hackers Hijack JFK File Release: Malware & Phishing Surge": "https://securityboulevard.com/2025/02/hackers-hijack-jfk-file-release-malware-phishing-surge/", + "Core Features in NSFOCUS RSAS R04F04 1-2": "https://securityboulevard.com/2025/02/core-features-in-nsfocus-rsas-r04f04-1-2/" + }, + "Private Feed for M09Ic": { + "mgeeky starred Teach2Breach/rust_api_demo": "https://github.com/Teach2Breach/rust_api_demo", + "zer0yu starred LaurentMazare/tch-rs": "https://github.com/LaurentMazare/tch-rs", + "zer0yu starred guillaume-be/rust-bert": "https://github.com/guillaume-be/rust-bert", + "zer0yu starred ldclabs/anda": "https://github.com/ldclabs/anda", + "zer0yu starred HKUDS/MiniRAG": "https://github.com/HKUDS/MiniRAG", + "phith0n starred X1a0He/X1a0HeWeChatPlugin": "https://github.com/X1a0He/X1a0HeWeChatPlugin", + "mgeeky starred megadose/holehe": "https://github.com/megadose/holehe", + "b1nhack starred b1nhack/nvim": "https://github.com/b1nhack/nvim", + "zer0yu started following karpathy": "https://github.com/karpathy", + "zer0yu started following wdndev": "https://github.com/wdndev", + "zer0yu starred wdndev/tiny-llm-zh": "https://github.com/wdndev/tiny-llm-zh", + "lz520520 forked lz520520/rust-native-tls from sfackler/rust-native-tls": "https://github.com/lz520520/rust-native-tls" + }, + "Recent Commits to cve:main": { + "Update Sun Feb 2 20:27:07 UTC 2025": "https://github.com/trickest/cve/commit/fcf3014fa98cc26f06af3e2bab5e9248e80b149f", + "Update Sun Feb 2 12:20:58 UTC 2025": "https://github.com/trickest/cve/commit/a65cb4569063b4a65b895041ed0abcdb1df57ff9", + "Update Sun Feb 2 04:21:00 UTC 2025": "https://github.com/trickest/cve/commit/3e10a03ba05176de772d99d5a5a2c51ac1c34160" + }, + "一个被知识诅咒的人": { + "【人工智能】使用Python和Hugging Face构建情感分析应用:从模型训练到Web部署": "https://blog.csdn.net/nokiaguy/article/details/145420450", + "【人工智能】深入探索Python中的自注意力机制:实现Transformer的核心组件": "https://blog.csdn.net/nokiaguy/article/details/145420439" + }, + "obaby@mars": { + "年复一年": "https://h4ck.org.cn/2025/02/19063" + }, + "Blogs on STAR Labs": { + "Mali-cious Intent: Exploiting GPU Vulnerabilities (CVE-2022-22706 / CVE-2021-39793)": "https://starlabs.sg/blog/2025/12-mali-cious-intent-exploiting-gpu-vulnerabilities-cve-2022-22706/" + }, + "MaskRay": { + "lld 20 ELF changes": "https://maskray.me/blog/2025-02-02-lld-20-elf-changes" + }, + "Blog – Red Siege Information Security": { + "Red Siege at Wild West Hackin’ Fest Mile High 2025 – What to Expect!": "https://redsiege.com/blog/2025/02/red-siege-at-wild-west-hackin-fest-mile-high-2025-what-to-expect/" + }, + "Blogs dade": { + "Weekly Retro 2025-W05": "https://0xda.de/blog/2025/02/weekly-retro-2025-w05/" + }, + "Bug Bounty in InfoSec Write-ups on Medium": { + "How I Earned $200 Using GitHub Dorking P=2:Advanced GitHub Dorking: More Secrets, More Automation…": "https://infosecwriteups.com/advanced-github-dorking-more-secrets-more-automation-more-bounties-f39dd553b1c2?source=rss----7b722bfd1b8d--bug_bounty" + }, + "安全分析与研究": { + "一款使用Rust编写的PE加壳器": "https://mp.weixin.qq.com/s?__biz=MzA4ODEyODA3MQ==&mid=2247490280&idx=1&sn=27a8a52ec1103e01e0110d3cd8177b5d&chksm=902fb5c0a7583cd6218d677628b2525d44e71fe4a1a277e33d09f2eb178e9d0f3d1b7f16868b&scene=58&subscene=0#rd" + }, + "锦行科技": { + "初五 | 迎财神": "https://mp.weixin.qq.com/s?__biz=MzIxNTQxMjQyNg==&mid=2247493742&idx=1&sn=6c298f8ce178ae5f381c68b29f886a7f&chksm=979a13cba0ed9add09c5b22955bcce5e7a177a09072e01fe7ecdb9b58a578e7a75a7338606aa&scene=58&subscene=0#rd" + }, + "吾爱破解论坛": { + "【2025春节】解题领红包活动排行榜(初五 2/2)": "https://mp.weixin.qq.com/s?__biz=MjM5Mjc3MDM2Mw==&mid=2651141668&idx=1&sn=82663ea0981e0c6f1544bb1fe7ab6bb8&chksm=bd50a6708a272f660989d775c0b51760ab65a87bdfaebbc3eb8e52d3797a728c8c3c53cdc3db&scene=58&subscene=0#rd" + }, + "MBHC": { + "DeepSeek(R1) vs Gpt-o3-mini(-high)": "https://mp.weixin.qq.com/s?__biz=MzU5Mzk3NTE0Mw==&mid=2247483715&idx=1&sn=8f936ef2f0c039f3e1d7bbf3d7bf66df&chksm=fe09034bc97e8a5d5e70e334a94f5e775517c607f283d57c8b72e82f3e69e3f55861234dbc2d&scene=58&subscene=0#rd" + }, + "极客公园": { + "阿西莫夫三定律,还适用于今天的 AI 吗?": "https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653073110&idx=1&sn=b277757d83dc66d3c5755989bdf48f50&chksm=7e57d36049205a76146ef55cb30a443f45110c7828858b74358ef216851bb3d2050790c61b32&scene=58&subscene=0#rd", + "特朗普会面黄仁勋,谈到 DS 和 AI 芯片;小米汽车一月交付超 2 万辆;ChatGPT 去年付费用户增长三倍 | 极客早知道": "https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653073109&idx=1&sn=3a5c6e9636f6223b1e994a0d7c7ef99e&chksm=7e57d36349205a75d495f380e35da4f2c90ad22710777273824e8a28f1952b68aff534019547&scene=58&subscene=0#rd" + }, + "火绒安全": { + "初五财神到,火绒安全祝大家蛇年行大运,事事皆顺遂~": "https://mp.weixin.qq.com/s?__biz=MzI3NjYzMDM1Mg==&mid=2247522009&idx=1&sn=427a7360c75c10d3278f62a51ef5b068&chksm=eb7048e6dc07c1f0dfeea1cbf6b85548ce582944fbfea679ffde25c1b6e6d1f148aea83dabc7&scene=58&subscene=0#rd", + "诚邀渠道合作伙伴共启新征程": "https://mp.weixin.qq.com/s?__biz=MzI3NjYzMDM1Mg==&mid=2247522009&idx=2&sn=ca2b184d62f7ecba76d349a8faa6d2bf&chksm=eb7048e6dc07c1f05ec257548f51393da431feaac3cc1a829fa508cde8291071d95277882a19&scene=58&subscene=0#rd" + }, + "360数字安全": { + "国内首家!360推出“DeepSeek版”安全大模型": "https://mp.weixin.qq.com/s?__biz=MzA4MTg0MDQ4Nw==&mid=2247579300&idx=1&sn=fb81fc2b90cac494c296287ef221c64f&chksm=9f8d26aca8faafbab862d9d12c16bf810abde53f061e47a38f952b28862d897e8405ebd99be1&scene=58&subscene=0#rd", + "大年初五 | 蛇报佳春,万“巳”大吉": "https://mp.weixin.qq.com/s?__biz=MzA4MTg0MDQ4Nw==&mid=2247579300&idx=2&sn=c06abb2df32188e9b4d4cda59aad3c1a&chksm=9f8d26aca8faafba2fa3a2ff9c51bb3b8b9909869b1b29790b16afb0c7c3bf5db029ef357909&scene=58&subscene=0#rd" + }, + "迪哥讲事": { + "手把手教你如何本地化部署DeepSeek": "https://mp.weixin.qq.com/s?__biz=MzIzMTIzNTM0MA==&mid=2247497017&idx=1&sn=c755513c5dbf6ec01ad0d40eba61ae44&chksm=e8a5ff5adfd2764cbfc5d5022694332b05284a95fecaccdd14aa436daac1a63d33e4089b7287&scene=58&subscene=0#rd" + }, + "娜璋AI安全之家": { + "[系统安全] 六十二.恶意软件分析 (13)LLM赋能实现基于机器学习的恶意家族分类(初探)": "https://mp.weixin.qq.com/s?__biz=Mzg5MTM5ODU2Mg==&mid=2247501299&idx=1&sn=c461a9440fcea0ecee2c1d78cdda5cdd&chksm=cfcf753ef8b8fc289095d45e909b053dcb87dd4794e462fcf1d60ee5c8e7715cc2f2f8c2af13&scene=58&subscene=0#rd" + }, + "Hacking Exposed Computer Forensics Blog": { + "Daily Blog #737: Sunday Funday 2/2/25": "https://www.hecfblog.com/2025/02/daily-blog-737-sunday-funday-2225.html", + "Daily Blog #736: Solution Saturday 2/1/25": "https://www.hecfblog.com/2025/02/daily-blog-736-solution-saturday-2125.html" + }, + "Over Security - Cybersecurity news aggregator": { + "9Lives - 109,515 breached accounts": "https://haveibeenpwned.com/PwnedWebsites#9Lives" + }, + "Have I Been Pwned latest breaches": { + "9Lives - 109,515 breached accounts": "https://haveibeenpwned.com/PwnedWebsites#9Lives" + }, + "IT Service Management News": { + "Sicurezza negli esercizi pubblici": "http://blog.cesaregallotti.it/2025/02/sicurezza-negli-esercizi-pubblici.html", + "Dispositivi medici che mandano dati dei pazienti in Cina": "http://blog.cesaregallotti.it/2025/02/dispositivi-medici-che-mandano-dati-dei.html", + "Privacy: sanzione a Regione Molise e ai responabili": "http://blog.cesaregallotti.it/2025/02/privacy-sanzione-regione-molise-e-ai.html" + }, + "Troy Hunt's Blog": { + "Weekly Update 437": "https://www.troyhunt.com/weekly-update-437/" + }, + "Desync InfoSec": { + "LockBit勒索软件案例(CS+Socks5)": "https://mp.weixin.qq.com/s?__biz=MzkzMDE3ODc1Mw==&mid=2247489011&idx=1&sn=cdefefd425a7437c3ef0df558eb05375&chksm=c27f665df508ef4b1dd69002004b822d8088e12e7ddb41fb844da301a2dc60d7acacb9ed6733&scene=58&subscene=0#rd" + }, + "Full Disclosure": { + "APPLE-SA-01-30-2025-1 GarageBand 10.4.12": "https://seclists.org/fulldisclosure/2025/Feb/2", + "Re: Text injection on https://www.google.com/sorry/index via ?q parameter (no XSS)": "https://seclists.org/fulldisclosure/2025/Feb/1", + "Xinet Elegant 6 Asset Lib Web UI 6.1.655 / SQL Injection / Exploit Update Python3": "https://seclists.org/fulldisclosure/2025/Feb/0" + }, + "TorrentFreak": { + "Russia VPN Crackdown Revelation – VPN Sites Hide Their IP Addresses": "https://torrentfreak.com/russia-vpn-crackdown-revelation-vpn-sites-hide-their-ip-addresses-250202/" + }, + "Your Open Hacker Community": { + "Alternative for mnt reform?": "https://www.reddit.com/r/HowToHack/comments/1ig2fg0/alternative_for_mnt_reform/", + "would it be possible to make a tool that maps out a network automatically?": "https://www.reddit.com/r/HowToHack/comments/1ifq4l8/would_it_be_possible_to_make_a_tool_that_maps_out/", + "Speed queen NEW model hack needed": "https://www.reddit.com/r/HowToHack/comments/1ig61me/speed_queen_new_model_hack_needed/", + "Looking to get into a couple Snapchat accounts. Will pay but work has to be done first!! Please reach out if you can help!": "https://www.reddit.com/r/HowToHack/comments/1ifwya9/looking_to_get_into_a_couple_snapchat_accounts/" + }, + "Security Affairs": { + "SECURITY AFFAIRS MALWARE NEWSLETTER – ROUND 31": "https://securityaffairs.com/173746/malware/security-affairs-malware-newsletter-round-31.html", + "Security Affairs newsletter Round 509 by Pierluigi Paganini – INTERNATIONAL EDITION": "https://securityaffairs.com/173741/breaking-news/security-affairs-newsletter-round-509-by-pierluigi-paganini-international-edition.html", + "WhatsApp disrupted a hacking campaign targeting journalists with Paragon spyware": "https://securityaffairs.com/173721/security/whatsapp-disrupted-paragon-spyware-campaign.html", + "Ransomware attack hit Indian multinational Tata Technologies": "https://securityaffairs.com/173712/cyber-crime/tata-technologies-ransomware-attack.html" + }, + "The Register - Security": { + "What does it mean to build in security from the ground up?": "https://go.theregister.com/feed/www.theregister.com/2025/02/02/security_design_choices/", + "Gilmore Girls fans nabbed as Eurocops dismantle two major cybercrime forums": "https://go.theregister.com/feed/www.theregister.com/2025/02/02/eurocops_takedown_cybercrime/" + }, + "Computer Forensics": { + "TCU Passware (2025JAN31)": "https://www.reddit.com/r/computerforensics/comments/1igaiem/tcu_passware_2025jan31/" + }, + "网安寻路人": { + "DeepSeek的R1与R1-Zero:技术差异与AI风险管控": "https://mp.weixin.qq.com/s?__biz=MzIxODM0NDU4MQ==&mid=2247506432&idx=1&sn=ddb2b818c020739b2b004f3cfcb69a91&chksm=97e967eaa09eeefc9023ae78007b8295e56b81a367336405b00fd9e2494d207b2d3cf1fc0ba7&scene=58&subscene=0#rd" + } +} \ No newline at end of file diff --git a/today.md b/today.md index 26b3bbe66a..b642bcf13b 100644 --- a/today.md +++ b/today.md @@ -1,281 +1,228 @@ -# 每日安全资讯(2025-02-02) +# 每日安全资讯(2025-02-03) -- Security Boulevard - - [ ] [Mastering SEO for Cybersecurity Entrepreneurs: A Strategic Guide to Dominating Search Rankings](https://securityboulevard.com/2025/02/mastering-seo-for-cybersecurity-entrepreneurs-a-strategic-guide-to-dominating-search-rankings/) - - [ ] [Critical ‘Backdoor’ Discovered in Widely Used Healthcare Patient Monitors](https://securityboulevard.com/2025/02/critical-backdoor-discovered-in-widely-used-healthcare-patient-monitors/) - - [ ] [DEF CON 32 – Navigating the Turbulent Skies of Aviation Cyber Regulation](https://securityboulevard.com/2025/02/def-con-32-navigating-the-turbulent-skies-of-aviation-cyber-regulation/) - - [ ] [The Network Security Business System of Low-altitude Economy](https://securityboulevard.com/2025/02/the-network-security-business-system-of-low-altitude-economy/) - - [ ] [5 Encrypted Attack Predictions for 2025](https://securityboulevard.com/2025/02/5-encrypted-attack-predictions-for-2025/) -- CXSECURITY Database RSS Feed - CXSecurity.com - - [ ] [MySchool 1.0 SQL Injection / Code Injection / XSS / CSRF](https://cxsecurity.com/issue/WLB-2025020003) - - [ ] [Quorum onQ OS 6.0.0.5.2064 Cross Site Scripting](https://cxsecurity.com/issue/WLB-2025020002) - - [ ] [Xinet Elegant 6 Asset Lib Web UI 6.1.655 / SQL Injection / Exploit Update](https://cxsecurity.com/issue/WLB-2025020001) - SecWiki News - - [ ] [SecWiki News 2025-02-01 Review](http://www.sec-wiki.com/?2025-02-01) + - [ ] [SecWiki News 2025-02-02 Review](http://www.sec-wiki.com/?2025-02-02) - Doonsec's feed - - [ ] [DIDCTF-2023陇剑杯](https://mp.weixin.qq.com/s?__biz=MzkxMTcyMDczOQ==&mid=2247489928&idx=1&sn=6d7c3e6bdc2ebf1e295e8267c5d8bdde) - - [ ] [使用ollama+chatboxai本地部署DeepSeek-R1](https://mp.weixin.qq.com/s?__biz=MzkzMjIxNjExNg==&mid=2247486252&idx=1&sn=61ab0d9e1d997b8d7b472c1053ae329f) - - [ ] [登录页面渗透的骚操作](https://mp.weixin.qq.com/s?__biz=MzIzMTIzNTM0MA==&mid=2247497000&idx=1&sn=75f5108d220ca6e274950e535e153016) - - [ ] [云安全(三):弹性计算](https://mp.weixin.qq.com/s?__biz=MzkyMjUzNTM1Mw==&mid=2247487015&idx=1&sn=e89a2fcd6f86808d6620ba1ceadcd11d) - - [ ] [一张图带你精通 OSPF 8种邻居状态机!](https://mp.weixin.qq.com/s?__biz=MzIyMzIwNzAxMQ==&mid=2649464773&idx=1&sn=acb575af881525a3e2cd0186d455397c) - - [ ] [山石网科安全技术研究院2024年度重点工作回顾](https://mp.weixin.qq.com/s?__biz=MzUzMDUxNTE1Mw==&mid=2247510303&idx=1&sn=645d8cdc8b8ff9655f7539e399beee77) - - [ ] [揭开人工智能在交通网络安全中的神秘面纱](https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247620287&idx=1&sn=6f9d6cb2c027a272fd9f3071ee1c6d98) - - [ ] [华为: Al系统的网络安全治理实践](https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247620287&idx=2&sn=0cdae5eb3d4907028fd0f96852ad3668) - - [ ] [自动驾驶汽车面临的新兴人工智能安全威胁——案例研究](https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247620287&idx=3&sn=47cf0400cb3ddb350259918836a8c068) - - [ ] [请立即拿下软考证书(政策风口)](https://mp.weixin.qq.com/s?__biz=MzkxMzIwNTY1OA==&mid=2247510853&idx=1&sn=9815e46599f8b6ca3afbebaed5b3bc14) - - [ ] [红盟只会蹭!](https://mp.weixin.qq.com/s?__biz=MjM5MDA3MzI0MA==&mid=2650091305&idx=1&sn=46fdbe456aa28cd1adac446738c5485a) - - [ ] [80元,国产开源小智AI机器人,ESP32开发板接入大模型DeepSeek、OpenAI、通义千问Qwen 2.5-Max](https://mp.weixin.qq.com/s?__biz=MjM5OTA4MzA0MA==&mid=2454936768&idx=1&sn=6f29da51c0c66d3b3071ecb6a687758f) - - [ ] [基于Linux的僵尸网络构建器,构建高级隐秘僵尸网络负载](https://mp.weixin.qq.com/s?__biz=MzA4ODEyODA3MQ==&mid=2247490259&idx=1&sn=c08c2bd9abcefc046bac145ca7cbfe50) - - [ ] [从小白开发渗透工具视角入手,探究普通的DeepSeek和深度思考DeepSeek!](https://mp.weixin.qq.com/s?__biz=MzkxNjQyODY5MA==&mid=2247487061&idx=1&sn=72f827cadc8c26260ee3070fc1b7efd2) - - [ ] [爆火后,春节期间DeepSeek遭受持续网络攻击](https://mp.weixin.qq.com/s?__biz=Mzg4NzQ4MzA4Ng==&mid=2247485208&idx=1&sn=4fcdd68a9ed97a7a5ce93ad85d49bfa7) - - [ ] [美国出手!DeepSeek面临国家安全审查,背后真相竟是?](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485498&idx=1&sn=84a02aeabc93094170e1c0d52c326621) - - [ ] [【干货原创】实网攻防演习常态化,会带来什么变化01](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485498&idx=4&sn=c60736a2da5c4b3aee5754d81a719daf) - - [ ] [【干货原创】K12教育,鲜为人知的模式秘密](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485498&idx=5&sn=a7411432d09e6c934f287ea4aa143914) - - [ ] [原创文章目录](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485498&idx=6&sn=b4b5521d819b8caacf8445038a197b3e) - - [ ] [攻防技战术动态一周更新 - 20250127](https://mp.weixin.qq.com/s?__biz=MzkzODc4NjE1OQ==&mid=2247483926&idx=1&sn=1cf9efa9275745a63e8321ce0f5b52e0) - - [ ] [啊不行了 | 州弟的完全仿真代码审计环境](https://mp.weixin.qq.com/s?__biz=Mzk0NzQxNzY2OQ==&mid=2247488177&idx=1&sn=5a13360627fa6f17845ed7f5ecb49401) - - [ ] [如何快速入门TARA分析](https://mp.weixin.qq.com/s?__biz=MzIzOTc2OTAxMg==&mid=2247549669&idx=1&sn=d9810c4fd500ea3b02c460bb4d3a834a) - - [ ] [65页PPT,彻底看懂车联网!](https://mp.weixin.qq.com/s?__biz=MzIzOTc2OTAxMg==&mid=2247549669&idx=2&sn=955034255c03e02fe1ee9b3369ad005a) - - [ ] [6大免费观影神器,速收藏!另外在送两个建议大家收藏哦](https://mp.weixin.qq.com/s?__biz=MzI2OTk4MTA3Ng==&mid=2247496979&idx=1&sn=65d0260847cf75b6e233e2e5cc89ac13) - - [ ] [ctftools-all-in-oneV7.5研发进度](https://mp.weixin.qq.com/s?__biz=MzI1NzUxOTUzMA==&mid=2247485804&idx=1&sn=d28981ead96f5082104db24877042d3f) - - [ ] [AI风险分析 | 攻击组织在多个AWS租户环境劫持LLM模型](https://mp.weixin.qq.com/s?__biz=MzkyMTI0NjA3OA==&mid=2247494056&idx=1&sn=4e236c890b1530189931881acd81dc9b) - - [ ] [成为看雪讲师,开启技术分享的高光时刻](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458589300&idx=1&sn=5bc3ab9031d8c5a62d14e0fc0189cf4f) - - [ ] [关于PAN-OS DoS(CVE-2024-3393)的研究](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458589300&idx=2&sn=e9f874ab1024ce5d7a8a2a424b891a7f) - - [ ] [新年新气象!想换工作看这里](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458589300&idx=3&sn=9f27f3668d0461ba4776901f8b44fc8d) - - [ ] [DeepSeek-R1展示了小模型也能成为推理专家](https://mp.weixin.qq.com/s?__biz=MzIxODM0NDU4MQ==&mid=2247506426&idx=1&sn=b8eae0703ee904b21809cbae29edd137) - - [ ] [Cobalt Strike 和一对 SOCKS 代理引发 LockBit 勒索软件事件](https://mp.weixin.qq.com/s?__biz=MzAxODM5ODQzNQ==&mid=2247486923&idx=1&sn=d11a4c7e9e5411ca2c7631f9f4706dbe) - - [ ] [营销号别再传了!deepseek的安全攻防不是武侠修仙!](https://mp.weixin.qq.com/s?__biz=MzIxNDAyNjQwNg==&mid=2456099384&idx=1&sn=1878da953490a6aa39caed770ad1406f) - - [ ] [21.4k star,开源安全漏洞扫描神器,可集成CI/CD](https://mp.weixin.qq.com/s?__biz=MzkxMzMyNzMyMA==&mid=2247570693&idx=1&sn=91430db87cc7d4fe301b95d1c68fda36) - - [ ] [19岁、利用黑客技术盗取4万余网络账号,获利7万:被判](https://mp.weixin.qq.com/s?__biz=MzIxMDIwODM2MA==&mid=2653931481&idx=1&sn=6f6dfc4a0f5a36ad5886ae1d975ca3d5) - - [ ] [荣耀终端申请热点控制相关专利,提高Wi-Fi网络安全性](https://mp.weixin.qq.com/s?__biz=MzIxMDIwODM2MA==&mid=2653931481&idx=2&sn=9bd4ad59f5cb2457c1b33a0d0febc77f) - - [ ] [Android 检测:高级 Root 检测绕过 - Smali 代码篡改](https://mp.weixin.qq.com/s?__biz=MzAxMjYyMzkwOA==&mid=2247527447&idx=1&sn=a371987781d51e0e776920a85741fe0c) - - [ ] [CVE-2025-0065:TeamViewer 修补 Windows 客户端中的权限提升漏洞](https://mp.weixin.qq.com/s?__biz=MzAxMjYyMzkwOA==&mid=2247527447&idx=2&sn=0ab2f693c54ddb608b553da95edaa698) - - [ ] [【预警】Deepseek钓鱼页面预警](https://mp.weixin.qq.com/s?__biz=MzkzNDIzNDUxOQ==&mid=2247494693&idx=1&sn=2d26a1d29cf92409af1b5826a779c05c) - - [ ] [\'史上最精密\'的钓鱼攻击](https://mp.weixin.qq.com/s?__biz=MzkzNDIzNDUxOQ==&mid=2247494693&idx=2&sn=e209774c65a6c7a9279e12103a2853a2) - - [ ] [DeepSeek 容易受到各种越狱策略的攻击](https://mp.weixin.qq.com/s?__biz=MzkzNDIzNDUxOQ==&mid=2247494693&idx=3&sn=d3bf7966fb506b6c0d12d7178b05975f) - - [ ] [deepseek被攻击,让一篇AI科幻爽文全网一起“造假”.....爱国饭是真容易吃啊](https://mp.weixin.qq.com/s?__biz=MzkyOTQzNjIwNw==&mid=2247491672&idx=1&sn=b7360aefe54f86dd75c59761ea4505e6) - - [ ] [学员免费课-新课:rust语言全栈开发视频教程更新到91节啦](https://mp.weixin.qq.com/s?__biz=MzkwOTE5MDY5NA==&mid=2247504843&idx=1&sn=889ae64c0adba860a43bdf303b1e8c55) - - [ ] [再看《哪吒之魔童降世》,照见了每个孤独灵魂的镜像](https://mp.weixin.qq.com/s?__biz=MzUzNjkxODE5MA==&mid=2247488225&idx=1&sn=db0f673d48ff5d473ec98bbbc1fb985d) - - [ ] [当心!你访问的DeepSeek可能是假的(附鉴别攻略)](https://mp.weixin.qq.com/s?__biz=MzkxOTUyOTc0NQ==&mid=2247492979&idx=1&sn=4359b2068a9e33a73390c8d5c3b09cd6) - - [ ] [[狗头]既然你们不装了 我也不装了](https://mp.weixin.qq.com/s?__biz=MzkxNTczMjA1Ng==&mid=2247483979&idx=1&sn=84d324835c297123830f204b2c017ca3) - - [ ] [小学生也能把DeepSeek AI大模型部署到本地电脑](https://mp.weixin.qq.com/s?__biz=Mzg3MDYyNzY0MA==&mid=2247491061&idx=1&sn=3c2a793788ec33b5e7deab60be9d861f) - - [ ] [分享的图片、视频、链接](https://mp.weixin.qq.com/s?__biz=Mzk1NzI0NDYyNA==&mid=2247483681&idx=1&sn=2f48ada9475d73f797f2610b931ad951) - - [ ] [【紧急通知】重要声明!!!你们别搞抽象](https://mp.weixin.qq.com/s?__biz=Mzk0NDU1NTA5MA==&mid=2247484419&idx=1&sn=771b1853e3d266165af8d6fc34bf59d8) - - [ ] [To B大模型应用的落地实践与思考](https://mp.weixin.qq.com/s?__biz=MzIzNjAyODE0NQ==&mid=2247483940&idx=1&sn=6c82ca97527b253a09315b3787c555cd) - - [ ] [星火年鉴· 顶级篇|从建设热潮转向深化应用 工业互联网国家顶级节点(上海)“申”势赫奕](https://mp.weixin.qq.com/s?__biz=MzU1OTUxNTI1NA==&mid=2247592384&idx=1&sn=0a29d3a3786c033ddb4ddcf3cb7b5c39) - - [ ] [人工智能/机器学习在美国太空域感知方面的应用](https://mp.weixin.qq.com/s?__biz=Mzg2NTYyODgyNg==&mid=2247504627&idx=1&sn=e66481ed12da4238df098da5ec1adcf8) - - [ ] [超燃!民间流传的DeepSeek安全反击战,堪比大片!](https://mp.weixin.qq.com/s?__biz=MzkzMzcxNTQyNw==&mid=2247485589&idx=1&sn=87b3c484760a254daeba89499a24251a) - - [ ] [信息泄露到任意用户重置密码](https://mp.weixin.qq.com/s?__biz=MzkzNTQwNjQ4OA==&mid=2247484067&idx=1&sn=455e369cd15c1b958e17f3221ad96a51) - - [ ] [6](https://mp.weixin.qq.com/s?__biz=MzAwMjQ2NTQ4Mg==&mid=2247496913&idx=1&sn=b90c2f8c33e0648cc1e9d560c5982fcb) - - [ ] [[耻辱] DeepSeek 遭受新轮“攻击”的幕后黑手竟来自国人内部?](https://mp.weixin.qq.com/s?__biz=MzkwODI1ODgzOA==&mid=2247506632&idx=1&sn=2bd540c33d1be58d380037ae2d1cd7c5) - - [ ] [不使用基于SUPI的寻呼:应用5G网络安全和隐私功能](https://mp.weixin.qq.com/s?__biz=MzA5MTYyMDQ0OQ==&mid=2247493605&idx=1&sn=423f73cc546dcfedf633d523d57b0a42) - - [ ] [(吃瓜)神人TV之糯米团子的清华学姐(续)](https://mp.weixin.qq.com/s?__biz=MzkzNjczNzEyMw==&mid=2247484243&idx=1&sn=0b7ae7f6bc8ebcd56064d456e227f82c) - - [ ] [创建和黑客攻击 Slack 机器人:深入探讨 Slack Jack](https://mp.weixin.qq.com/s?__biz=MzkwOTE5MDY5NA==&mid=2247504835&idx=1&sn=75a977e90904e15849abe75679e5bdc4) - - [ ] [Deepseek引发的流量之战,关于乌鸦的祛魅与重构](https://mp.weixin.qq.com/s?__biz=MzUzNjkxODE5MA==&mid=2247488214&idx=1&sn=af0b3a477109f155a16506461391656e) - - [ ] [VLAN和VXLAN的区别?网络工程师必知](https://mp.weixin.qq.com/s?__biz=MzUyNTExOTY1Nw==&mid=2247528063&idx=1&sn=fd1340771f653bfa6373c8dff5296ca4) - - [ ] [索尼盖了一座「Sony Park」,我在里面发现了 Sony 的「精神内核」](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653073083&idx=1&sn=d126353a3135b021c1f8fd8c0e66f61a) - - [ ] [【2025春节】解题领红包活动排行榜(初四 2/1)](https://mp.weixin.qq.com/s?__biz=MjM5Mjc3MDM2Mw==&mid=2651141665&idx=1&sn=cf29ecaf3b5e2954cc5cb4b91fcef39f) - - [ ] [Pwnkit:CVE-2021-4034](https://mp.weixin.qq.com/s?__biz=MzkyMDY5OTg5OA==&mid=2247493360&idx=1&sn=ac3879690699a5af38b6a86f1cf232a2) - - [ ] [静态代码分析工具推荐:保障你的应用安全](https://mp.weixin.qq.com/s?__biz=MzkxNTU5NTI1Ng==&mid=2247487270&idx=1&sn=bc240b5098e27842d109a426e8eb92a3) - - [ ] [时间强盗漏洞:ChatGPT绕过敏感话题安全防护](https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651313321&idx=1&sn=0d6cfa7efe94cdf992cd2dcb49139048) - - [ ] [DeepSeek AI数据库泄露:超百万条日志和密钥曝光](https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651313321&idx=2&sn=c838d48d01493b39dad417919a053be4) - - [ ] [OWASP发布2025十大智能合约安全漏洞](https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651313321&idx=3&sn=2d401e6e743d4029238b04acea892e1b) - - [ ] [卡巴斯基公布奔驰汽车十几个漏洞](https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651313321&idx=4&sn=87670a1665432dda01a0ca651d6f847a) - - [ ] [这份书法论文快速生成指南,让你和图书馆说拜拜!](https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247493258&idx=1&sn=0ffef35899a9b653fee3225ef51b12eb) - - [ ] [这是官方内部同行鲜有知道的工商管理论文大纲落实与完善实操秘籍!](https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247493258&idx=2&sn=bf003ad605fea1e133a894e93f22b29b) - - [ ] [真实案例解密:新手公共管理论文初稿快速生成高阶攻略。](https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247493258&idx=3&sn=98ef31c04f8b932a7e8923248b3734eb) - - [ ] [震惊!电气工程论文大纲落实完善6大高阶攻略(被导师狂赞)。](https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247493258&idx=4&sn=7a1dad8668c13b926bc5e0610c36c877) - - [ ] [震惊!老社工博士的社会工作论文文献搜集内部高阶指南。](https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247493258&idx=5&sn=43192e01e90bfbbedacaf1c381833a86) - - [ ] [震惊!这个审稿神器竟助电商工程学术论文一键查漏补缺的实用攻略。](https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247493258&idx=6&sn=51d6cd0475f631f8e919625aa386b995) - - [ ] [震惊!ChatGPT如何一天发现诉讼法学论文全部问题的内部指南!](https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247493258&idx=7&sn=09ee2cb7b26c763785df00a162d27a7b) - - [ ] [震惊内部圈!我是如何用ChatGPT玩转林业工程论文方向的文献搜集!](https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247493258&idx=8&sn=527bb9ac25138f9b2e6cd7654c165a39) - - [ ] [GamaCopy 现身!模仿 Gamaredon 组织,对俄发动新一轮攻击](https://mp.weixin.qq.com/s?__biz=Mzg3OTYxODQxNg==&mid=2247485683&idx=1&sn=5c06bb2b3ba34ca9a23534534837c8a9) - - [ ] [一张屋顶照片,开源情报如何锁定它的秘密坐标](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650559421&idx=1&sn=553b9a49e14e867a2da952e98f64e056) - - [ ] [曼德海峡危机:胡塞武装如何搅动全球贸易与地缘政治的“一池春水”?](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650559421&idx=2&sn=da3d637f045dd6b7a31208d6a3090c6e) - - [ ] [你好 2025,世界会继续越来越快](https://mp.weixin.qq.com/s?__biz=MzA3NTEzMTUwNA==&mid=2651081669&idx=1&sn=aa0b77b261c5fe6e6c4784263302e03f) - - [ ] [正月初四最搞笑的笑话](https://mp.weixin.qq.com/s?__biz=MzU1NTkzMTYxOQ==&mid=2247485751&idx=1&sn=7463c252806b7e8e8da0ecf06eea866f) - - [ ] [AI 本地部署中的 ollama 是什么?](https://mp.weixin.qq.com/s?__biz=Mzk0MTI4NTIzNQ==&mid=2247492261&idx=1&sn=c7178360ac6dba4741717fd3c56a1146) - - [ ] [DeepSeek最出色的能力应该是代骂而不是代码😀](https://mp.weixin.qq.com/s?__biz=MzA3NDE0NTY0OQ==&mid=2247484242&idx=1&sn=a9166a36c2c2bb21ecd7637b5a84f422) - - [ ] [Microsoft 365 copilot 新功能202501](https://mp.weixin.qq.com/s?__biz=MzkxNzY0Mzg2OQ==&mid=2247486274&idx=1&sn=59caf18e3b9bf034c72478234c8590ad) - - [ ] [创新终端主动防护-多种通用0day漏洞检测方案](https://mp.weixin.qq.com/s?__biz=Mzg3Mzk2MzA3Nw==&mid=2247483863&idx=1&sn=3bad3dd3b64d3812fb4640e91bdf52ea) - - [ ] [【burpsuite靶场-服务端3】目录遍历漏洞](https://mp.weixin.qq.com/s?__biz=MzkzMDg1MzIwNA==&mid=2247487295&idx=1&sn=1d68a219fec3a01ea84c598bf48811fe) - - [ ] [【一周安全资讯0201】国家密码管理局废止、宣布失效部分行政规范性文件;突发!DeepSeek遭大规模恶意攻击](https://mp.weixin.qq.com/s?__biz=MzIzMDQwMjg5NA==&mid=2247506589&idx=1&sn=1c1b2e3e5c338dff993f141284e0f906) - - [ ] [安天AVL SDK反病毒引擎升级通告(20250201)](https://mp.weixin.qq.com/s?__biz=MjM5MTA3Nzk4MQ==&mid=2650209919&idx=1&sn=a0b5d397ab81a0e73c55800ff09b01a0) - - [ ] [大年初四丨安天融川给您拜年了](https://mp.weixin.qq.com/s?__biz=MjM5MTA3Nzk4MQ==&mid=2650209919&idx=2&sn=a9efdf07b227af4acbdb20e6717bc1d7) - - [ ] [DeepSeek与ChatGPT针对CTF解题对比|附在线环境](https://mp.weixin.qq.com/s?__biz=MzU5OTMxNjkxMA==&mid=2247488632&idx=1&sn=1806092dd0584dbfa5a5c8e4012dd747) - - [ ] [进京证如何办理?10分钟解决问题。](https://mp.weixin.qq.com/s?__biz=MzU4NDY3MTk2NQ==&mid=2247491071&idx=1&sn=6966854f010f06f257f245e7bc657400) - - [ ] [【2025-02-01】黑客新闻摘要](https://mp.weixin.qq.com/s?__biz=MzIzNDU5NTI4OQ==&mid=2247488405&idx=1&sn=f62872b286736d06109777492b8d9fba) - - [ ] [“黑鹰”军用直升机在华盛顿坠毁,美国防部长赫格塞斯证实与执行秘密任务有关](https://mp.weixin.qq.com/s?__biz=MzkwNzM0NzA5MA==&mid=2247505160&idx=1&sn=05f376010583e168e07d9c78e504193e) - - [ ] [刚果(金)戈马越狱风暴:4400囚犯“出逃”,局势失控?](https://mp.weixin.qq.com/s?__biz=MzkwNzM0NzA5MA==&mid=2247505160&idx=2&sn=a4a7f865889145d36a8dd860df1690cb) - - [ ] [FOFA API 驱动的图形化资产发现工具 - fofaEX](https://mp.weixin.qq.com/s?__biz=MzU2NzY5MzI5Ng==&mid=2247504982&idx=1&sn=2d93981ebe365bcb4c2964035dea3702) - - [ ] [Android Intent 重定向漏洞分析总结](https://mp.weixin.qq.com/s?__biz=MjM5MjEyMTcyMQ==&mid=2651037464&idx=1&sn=439f05b2a2f5523c148d07a794aff60a) - - [ ] [大年初四 灵蛇献瑞](https://mp.weixin.qq.com/s?__biz=Mzg2MTU5ODQ2Mg==&mid=2247507176&idx=1&sn=8819e47701a5cf51b812fd021a3bf950) - - [ ] [DeepSeek爆火后,黑产已闻风而动!](https://mp.weixin.qq.com/s?__biz=MzkyMjQ5ODk5OA==&mid=2247507181&idx=1&sn=976efdc26cefd2a37c525fb26e8ab646) - - [ ] [5th域安全微讯早报【20250201】028期](https://mp.weixin.qq.com/s?__biz=MzkyMjQ5ODk5OA==&mid=2247507181&idx=2&sn=854ed0a16f73598c2b27a762c4a53ffd) - - [ ] [数字取证之数据分析u200c](https://mp.weixin.qq.com/s?__biz=MjM5OTk4MDE2MA==&mid=2655264930&idx=1&sn=0a275a5bf702dc56d6a9f833e7aeacdf) - - [ ] [byd营销号](https://mp.weixin.qq.com/s?__biz=MzkyNTQ0OTYxOQ==&mid=2247484015&idx=1&sn=1a1073f8587d098c6dc51f8b87a766c5) - - [ ] [分享图片](https://mp.weixin.qq.com/s?__biz=MzI3Njc1MjcxMg==&mid=2247494440&idx=1&sn=1b8af18b3a22c5f39fd97ad2dfb2ae32) - - [ ] [总结 | 2024 年度内网实战攻防电子报刊 34 篇文章内容汇总](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498632&idx=1&sn=681e983fa35bb19e0904831b335d7e0f) - - [ ] [.NET 安全攻防知识交流社区](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498632&idx=2&sn=6855593bf81f6d589c2562c3edaa601f) - - [ ] [收藏 | dotNet安全矩阵 2024 年度外网入口打点阶段文章和工具汇总](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498632&idx=3&sn=66a759fa72b074482a993bee88e6bd92) - - [ ] [手机成“间谍”,亚马逊因秘密收集数据遭消费者起诉](https://mp.weixin.qq.com/s?__biz=MzAxMjE3ODU3MQ==&mid=2650607379&idx=1&sn=f423643d84fa60f7c80da858f7743731) - - [ ] [新的“双击劫持”漏洞绕过主要网站上的点击劫持保护](https://mp.weixin.qq.com/s?__biz=MzAxMjE3ODU3MQ==&mid=2650607379&idx=2&sn=1a33bc4a7ac127d883ebe4a69affe12b) - - [ ] [一次窃取程序的恶意样本分析](https://mp.weixin.qq.com/s?__biz=MzAxMjE3ODU3MQ==&mid=2650607379&idx=3&sn=28d0ae38a96ecf4446ef6bd8046c038e) - - [ ] [link-tools为一款Windows GUI界面的渗透测试工具箱](https://mp.weixin.qq.com/s?__biz=MzAxMjE3ODU3MQ==&mid=2650607379&idx=4&sn=0447ff461c0fe2afa30f94745b30c72e) - - [ ] [初四](https://mp.weixin.qq.com/s?__biz=MzUyMjAyODU1NA==&mid=2247491949&idx=1&sn=db34e5b2b978d140668f25745ca4f3ac) - - [ ] [深度解析:如何用Deepseek打造你的专属网安知识宝库?](https://mp.weixin.qq.com/s?__biz=MzkyNTQ0OTYxOQ==&mid=2247484011&idx=1&sn=6b25491f38e5b7e274cc5bc7bdeec18e) - - [ ] [OpenAI 推出 o3-mini;传苹果接近敲定折叠显示屏供应商;唐探系列票房逼近百亿元 | 极客早知道](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653073082&idx=1&sn=260c62fbf5a7f5143c5f9484f5f7f354) - - [ ] [首个由DeepSeek独立开发的AI网络安全工具箱!引起热议!](https://mp.weixin.qq.com/s?__biz=MzkxMTUwOTY1MA==&mid=2247490185&idx=1&sn=4a59c7132dfa0c66a3ee2d9273d44c79) - - [ ] [大年初三丨安天探海给您拜年了](https://mp.weixin.qq.com/s?__biz=MjM5MTA3Nzk4MQ==&mid=2650209911&idx=1&sn=e6d55300bbc6128f171aa8922b309af2) - - [ ] [正月初四| 四季平安 万物生春](https://mp.weixin.qq.com/s?__biz=MzI2MzU0NTk3OA==&mid=2247506083&idx=1&sn=4c32b2ddc46b9644a0f80c254e40075f) - - [ ] [捷普工业互联网安全产品线,驱动新型工业化发展](https://mp.weixin.qq.com/s?__biz=MzI2MzU0NTk3OA==&mid=2247506083&idx=2&sn=509abbaebad90f4e7b41a052a1b37506) - - [ ] [【焕新领先】捷普工业安全隔离与信息交换系统](https://mp.weixin.qq.com/s?__biz=MzI2MzU0NTk3OA==&mid=2247506083&idx=3&sn=bba933d63e82cfcce8411557476b0720) - - [ ] [神农安全给师傅们拜年了!内部小圈子限时半价优惠(春节专属30立减卷)](https://mp.weixin.qq.com/s?__biz=Mzk0Mzc1MTI2Nw==&mid=2247487446&idx=1&sn=81200c041d8e12afcccf366c12367022) - - [ ] [创宇盾:创宇护网安,铸盾迎春暖](https://mp.weixin.qq.com/s?__biz=MjM5NzA3Nzg2MA==&mid=2649870879&idx=1&sn=0835d1a397055e042f0ffebc0fb0b256) - - [ ] [ISO 45001: 2018 标准详解与实施(12)6.1.4 措施的策划](https://mp.weixin.qq.com/s?__biz=MzA5OTEyNzc1Nw==&mid=2247486054&idx=1&sn=8056a235d36ed43fc2ef8916630fa792) - - [ ] [2025春节网络安全警报](https://mp.weixin.qq.com/s?__biz=Mzg5OTg5OTI1NQ==&mid=2247489862&idx=1&sn=f0e4f34adcfd5b93927c5793af524fd2) - - [ ] [正月初四迎灶神!亚信安全祝大家丰衣足蛇,富贵吉祥](https://mp.weixin.qq.com/s?__biz=MjM5NjY2MTIzMw==&mid=2650620968&idx=1&sn=a03995a1122619732c382c5319d9f728) - - [ ] [大年初四 | 恭迎灶神,五谷丰登](https://mp.weixin.qq.com/s?__biz=Mzk0MDQ5MTQ4NA==&mid=2247487430&idx=1&sn=bb82f751709e49cc5ef44148ed512432) - - [ ] [大年初四 四季平安](https://mp.weixin.qq.com/s?__biz=MjM5NzE0NTIxMg==&mid=2651135291&idx=1&sn=6b54de7df7454cca49ce477a120d86fb) - - [ ] [Log4j CVE-2017-5645反序列化漏洞](https://mp.weixin.qq.com/s?__biz=Mzg4NDg3NjE5MQ==&mid=2247485618&idx=1&sn=83cfbd2aab32a9e8073abb2cd983f27d) - - [ ] [初四 | 祥蛇蜿蜒,好运满仓,锦绣山河,吉运长长!](https://mp.weixin.qq.com/s?__biz=MzU4NjY4MDAyNQ==&mid=2247497081&idx=1&sn=96484e2122edceda10e3de161b86484c) - - [ ] [大年初四 | 银蛇吐瑞,万事胜意](https://mp.weixin.qq.com/s?__biz=MzA3OTMxNTcxNA==&mid=2650963506&idx=1&sn=b2661ebf223823e387ec7d46637c3ac2) - - [ ] [零基础本地部署DeepSeek!手把手教你搭建国产最强AI大脑](https://mp.weixin.qq.com/s?__biz=Mzk0ODY1NzEwMA==&mid=2247486675&idx=1&sn=ff46b4b4ce2fb3ededd885f2398bafb9) - - [ ] [Ai战狼](https://mp.weixin.qq.com/s?__biz=MzAwMjQ2NTQ4Mg==&mid=2247496907&idx=1&sn=36a478dc796d527b7c1195a0afb86c11) - - [ ] [论文一直投不中?保姆级SCI全程投稿发表服务来了!润色、选刊、投稿、返修,直至中刊!](https://mp.weixin.qq.com/s?__biz=MzAwMjQ2NTQ4Mg==&mid=2247496907&idx=2&sn=9eeba04206e60a80699f287ad3c825bb) - - [ ] [初四:福星高照](https://mp.weixin.qq.com/s?__biz=MzU0NDk0NTAwMw==&mid=2247624778&idx=1&sn=de687f302a706e482c124823f899808b) - - [ ] [傻瓜式一键代理池,v0.3又变强了!](https://mp.weixin.qq.com/s?__biz=MzkyNzIxMjM3Mg==&mid=2247489195&idx=1&sn=3b904fbc768821fac403d8a4bca8c875) - - [ ] [闭环](https://mp.weixin.qq.com/s?__biz=MzkyNzIxMjM3Mg==&mid=2247489195&idx=2&sn=867087cc30ea38e636ef9f895828c934) - - [ ] [【初四】福气源自持续追求 幸福来自成功守护](https://mp.weixin.qq.com/s?__biz=MjM5NTE0MjQyMg==&mid=2650624576&idx=1&sn=d59a4adc412c2ff7d3e3da35639973d7) - - [ ] [【实操】美国这家公司为什么要招聘懂中文的开源情报分析师](https://mp.weixin.qq.com/s?__biz=MzI2MTE0NTE3Mw==&mid=2651148805&idx=1&sn=9e063d3b00f1b8244a1f93112561b52f) - - [ ] [山石网科·AI汇东方|正月初四,迎接灶神](https://mp.weixin.qq.com/s?__biz=MzAxMDE4MTAzMQ==&mid=2661298301&idx=1&sn=020ccfa41ee840b9ed073e4bc4aafed0) - - [ ] [初四|云端祈福许新愿 安全托管保资产](https://mp.weixin.qq.com/s?__biz=MzkxNDY0MjMxNQ==&mid=2247532973&idx=1&sn=859678b1d31898c68b30c23d9b2d7953) - - [ ] [祥蛇舞初四 瑞霭罩华枝](https://mp.weixin.qq.com/s?__biz=MzU0MjEwNTM5Ng==&mid=2247520424&idx=1&sn=bd286f553451028add056c52c23fb577) - - [ ] [初四 | 迎灶神](https://mp.weixin.qq.com/s?__biz=MzI5NjA4NjA3OA==&mid=2652102066&idx=1&sn=65d25d6bc65a19c522aa1b765683f1a6) - - [ ] [一文读懂Wi-Fi技术演进与防护方案,避开90%的安全陷阱](https://mp.weixin.qq.com/s?__biz=MzI5MjY4MTMyMQ==&mid=2247489894&idx=1&sn=0a9a3e007b347310e07aef45595554b7) - - [ ] [2025.03截稿的密码学与信息安全会议](https://mp.weixin.qq.com/s?__biz=MzI2NTUyODMwNA==&mid=2247494156&idx=1&sn=f5973b71bbd93c4e75ef0f89fe91d46e) - - [ ] [【SOUPS 2025】Feb. 13@Seattle, USA](https://mp.weixin.qq.com/s?__biz=MzI2NTUyODMwNA==&mid=2247494156&idx=2&sn=5660ed37ffa1a10ea505c80f6adce6c7) - - [ ] [【AFRICACRYPT 2025】Mar. 1@Rabat, Morocco](https://mp.weixin.qq.com/s?__biz=MzI2NTUyODMwNA==&mid=2247494156&idx=3&sn=b9caafe019d0d392cfb0c431ef040690) - - [ ] [【ACNS-SCI 2025】Mar. 15@Munich, Germany](https://mp.weixin.qq.com/s?__biz=MzI2NTUyODMwNA==&mid=2247494156&idx=4&sn=b05df3a35a52275464e34574e47e9a5e) - - [ ] [大年初四 | 大吉大利、四季平安](https://mp.weixin.qq.com/s?__biz=MzU3MzU4NjI4OQ==&mid=2247516491&idx=1&sn=fa5d0dc624abd329a7afce42b26fdb11) - - [ ] [我国密码国家标准、行业标准一览表](https://mp.weixin.qq.com/s?__biz=Mzg2NjY2MTI3Mg==&mid=2247498377&idx=1&sn=0524062d04dd563b349c3ace821721db) - - [ ] [大年初四 | 迎灶神,五谷丰登,食来运转!](https://mp.weixin.qq.com/s?__biz=MzkzMjE5MTY5NQ==&mid=2247503443&idx=1&sn=007f1bb9970631e0c19d5c2e6e40420f) - - [ ] [守护中国AI历史时刻,360为DeepSeek免费提供安全保障](https://mp.weixin.qq.com/s?__biz=MzA4MTg0MDQ4Nw==&mid=2247579285&idx=1&sn=cebadf7010ad5ea332fbd969f42808ad) - - [ ] [大年初四 | 瑞蛇赐褔,心想“巳”成](https://mp.weixin.qq.com/s?__biz=MzA4MTg0MDQ4Nw==&mid=2247579285&idx=2&sn=85f4b5408e99f96e5dd2291611fbf2f5) - - [ ] [渗透测试工具箱 -- link-tools](https://mp.weixin.qq.com/s?__biz=MzI4MDQ5MjY1Mg==&mid=2247515803&idx=1&sn=7dc9c78a24095c70a213f3029d651300) - - [ ] [APP渗透测试 -- 支付逻辑漏洞](https://mp.weixin.qq.com/s?__biz=MzI4MDQ5MjY1Mg==&mid=2247515803&idx=2&sn=0e8d3509ce68e9d3c751586e26ea08c5) - - [ ] [新的 UEFI 安全启动严重漏洞,请立即修补](https://mp.weixin.qq.com/s?__biz=Mzg3ODY0NTczMA==&mid=2247492129&idx=1&sn=a7625b1a910086ee3bbde9544f055382) - - [ ] [攻防靶场(57):十分钟拿下 Shakabrah](https://mp.weixin.qq.com/s?__biz=MzI0NjA3Mzk2NQ==&mid=2247496159&idx=1&sn=80e1dae96ac4c1f2a060607f47acebdc) - - [ ] [“职业打手”下场!DeepSeek遭攻击烈度暴增百倍](https://mp.weixin.qq.com/s?__biz=MzU2NDY2OTU4Nw==&mid=2247518527&idx=1&sn=9576e3c027418393cc4343bd599fc4dd) - - [ ] [勒索软件的现状:利用披露规则等手段](https://mp.weixin.qq.com/s?__biz=MzA5MzU5MzQzMA==&mid=2652114271&idx=1&sn=538db909410af0e5d9a565398ee71bcc) - - [ ] [网络安全等级保护核查工具 -- Golin](https://mp.weixin.qq.com/s?__biz=MzU3NzY3MzYzMw==&mid=2247499299&idx=1&sn=aad06652b663cbd055c268507cb72e35) - - [ ] [APP渗透测试 -- APK反编译](https://mp.weixin.qq.com/s?__biz=MzU3NzY3MzYzMw==&mid=2247499299&idx=2&sn=a2f442e5f21ee513a8bbd035db266679) -- Recent Commits to cve:main - - [ ] [Update Sat Feb 1 20:26:39 UTC 2025](https://github.com/trickest/cve/commit/8762f3f58de4551c97168dde18c7e266ced38a8e) - - [ ] [Update Sat Feb 1 12:22:34 UTC 2025](https://github.com/trickest/cve/commit/2eae26b3af16158a5777acd6222b88b72a623860) - - [ ] [Update Sat Feb 1 04:24:34 UTC 2025](https://github.com/trickest/cve/commit/7de9e18e5f8ae22f5eb7a3004c105a16620b2176) + - [ ] [秦安:特朗普表态DeepSeek,新质生产力文化力国防力进入生死抉择](https://mp.weixin.qq.com/s?__biz=MzA5MDg1MDUyMA==&mid=2650476446&idx=1&sn=667c5ecbfb13d7afed253e28d76959e5) + - [ ] [Fastjson1.2.24反序列化利用](https://mp.weixin.qq.com/s?__biz=Mzk0NDYwOTcxNg==&mid=2247485410&idx=1&sn=1ec1af3a9daa8bede6b50c48d4c6ad22) + - [ ] [【oscp】SickOS系列全教程](https://mp.weixin.qq.com/s?__biz=MzU2MTc4NTEyNw==&mid=2247486459&idx=1&sn=bdb973718eb5b746ffb36010c1126ab7) + - [ ] [泰国拟对妙瓦底地区断电](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650559426&idx=1&sn=319562dc0c95468cf20353c016f72e52) + - [ ] [新年第一周,网络安全“重启”:关键防护措施与实战指南](https://mp.weixin.qq.com/s?__biz=MzA4MzMzOTQ4Mw==&mid=2453672545&idx=1&sn=be79c51468776f970b7c557484e9c3d3) + - [ ] [DeepSeek 容易受到各种越狱策略的攻击](https://mp.weixin.qq.com/s?__biz=MzU2NDY2OTU4Nw==&mid=2247518533&idx=1&sn=b33cca1bd4585c8e72b323541ed3a3bd) + - [ ] [世界需要一个能谋善断的AI(六):关于DeepSeek出圈的思考](https://mp.weixin.qq.com/s?__biz=MzAxOTk3NTg5OQ==&mid=2247492311&idx=1&sn=0d662ce191c8997b8885a692a22c2b92) + - [ ] [DeepSeek R1 模型本地部署教程](https://mp.weixin.qq.com/s?__biz=MzkyOTQ4NTc3Nw==&mid=2247485501&idx=1&sn=d28152a69a687bbe9607eb0e813fd760) + - [ ] [如何通过情报分析一个人](https://mp.weixin.qq.com/s?__biz=MzkxMDIwMTMxMw==&mid=2247494517&idx=1&sn=640bcd44db8abcf1392a66a843ac737f) + - [ ] [GenAI技术栈市场分析](https://mp.weixin.qq.com/s?__biz=MjM5OTk4MDE2MA==&mid=2655264940&idx=1&sn=4e9a9d38cff3eda388d2841790e8eee6) + - [ ] [2025年,自己要做自己的灯塔!](https://mp.weixin.qq.com/s?__biz=MzA3OTg3Mjg3NA==&mid=2456976653&idx=1&sn=66f686a7f02b5f57cbff18b32be74a3a) + - [ ] [手把手教你如何本地化部署DeepSeek](https://mp.weixin.qq.com/s?__biz=MzIzMTIzNTM0MA==&mid=2247497017&idx=1&sn=c755513c5dbf6ec01ad0d40eba61ae44) + - [ ] [Hashcat vs John the Ripper:两大密码破解神器深度对比](https://mp.weixin.qq.com/s?__biz=MzI5MjY4MTMyMQ==&mid=2247489899&idx=1&sn=52471d15e881d9f921886305d9ac0fdd) + - [ ] [perplexity支持DeepSeek R1和o3-mini模型](https://mp.weixin.qq.com/s?__biz=MzkxNzY0Mzg2OQ==&mid=2247486282&idx=1&sn=c92a5e3be98e56ca2240a51d2c366462) + - [ ] [[系统安全] 六十二.恶意软件分析 (13)LLM赋能实现基于机器学习的恶意家族分类(初探)](https://mp.weixin.qq.com/s?__biz=Mzg5MTM5ODU2Mg==&mid=2247501299&idx=1&sn=c461a9440fcea0ecee2c1d78cdda5cdd) + - [ ] [聊聊国内的数据安全尺度问题](https://mp.weixin.qq.com/s?__biz=MzI1Mjc3NTUwMQ==&mid=2247538549&idx=1&sn=521c18c3ae58546adae92616cb83808f) + - [ ] [美国CISA报告称Contec病人监护仪存在后门](https://mp.weixin.qq.com/s?__biz=MzkwOTM0MjI5NQ==&mid=2247488058&idx=1&sn=f2da86198b12bcad5bde72ea431dcdcc) + - [ ] [【AI】DeepSeek 概念/影响/使用/部署](https://mp.weixin.qq.com/s?__biz=MzUyNTUyNTA5OQ==&mid=2247484881&idx=1&sn=1ce74fe3cc4869f130e0b068ec229f45) + - [ ] [FUZZ出来的一系列漏洞](https://mp.weixin.qq.com/s?__biz=MzkxNzY2MjU2Mg==&mid=2247483819&idx=1&sn=f720e0623daf07c7838527d03dce27e1) + - [ ] [DeepSeek(R1) vs Gpt-o3-mini(-high)](https://mp.weixin.qq.com/s?__biz=MzU5Mzk3NTE0Mw==&mid=2247483715&idx=1&sn=8f936ef2f0c039f3e1d7bbf3d7bf66df) + - [ ] [【AI】人工智能没那么神秘!](https://mp.weixin.qq.com/s?__biz=MzUyNTUyNTA5OQ==&mid=2247484879&idx=1&sn=5ad4a8e0fe4d3be18ea0f01e2935473f) + - [ ] [安全圈瓜田理下集合【2025/2/2】](https://mp.weixin.qq.com/s?__biz=MzAxNzg3NzMyNQ==&mid=2247489548&idx=1&sn=b9efc35c8d73c866d549db2234a7d17c) + - [ ] [不藏了!Wireshark 命令、捕获、过滤器大全分享给你](https://mp.weixin.qq.com/s?__biz=MzIyMzIwNzAxMQ==&mid=2649464775&idx=1&sn=26133889c68b7a82c112264dd161d512) + - [ ] [二层交换机和三层交换机到底有啥区别?2025年最新讲解!](https://mp.weixin.qq.com/s?__biz=MzUyNTExOTY1Nw==&mid=2247528073&idx=1&sn=6301a2e8fc2761c557904a0f410d59e7) + - [ ] [使用 NTP 进行定向 Timeroasting 窃取用户哈希值](https://mp.weixin.qq.com/s?__biz=MzAxODM5ODQzNQ==&mid=2247486924&idx=1&sn=bffa91f44bad8f39b89a25f21e0b1a59) + - [ ] [渗透测试工程师常用的搜索引擎](https://mp.weixin.qq.com/s?__biz=Mzg2MTc1MjY5OQ==&mid=2247486249&idx=1&sn=1e366c735cb526d8ed13cace6f26cc1e) + - [ ] [停更几日 找工作去了](https://mp.weixin.qq.com/s?__biz=Mzg4MTkwMTI5Mw==&mid=2247488841&idx=1&sn=57abcbe7def662f4b2fbc518fcf718f0) + - [ ] [DeepSeek老板梁文峰,谈近期热点问题](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485509&idx=1&sn=1af3f439672105c862f4bb0091c3f3a2) + - [ ] [北七家-未来科学城,3居变4居豪装,理想楼层/户型/朝向](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485509&idx=2&sn=670e807204cde52fca39474b57618c52) + - [ ] [【干货】笑傲职场的独家经验(1)](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485509&idx=3&sn=62c6e7a1ff368ba3cbd91298ad18483c) + - [ ] [【干货原创】实网攻防演习常态化,会带来什么变化01](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485509&idx=4&sn=57569d432f14f1f8ee639997920b435c) + - [ ] [汽车诊断及OBD和UDS协议的基础概念介绍](https://mp.weixin.qq.com/s?__biz=MzIzOTc2OTAxMg==&mid=2247549670&idx=1&sn=1e77e974f9698cc0d74c125e9eb62288) + - [ ] [揭示AUTOSAR中隐藏的漏洞](https://mp.weixin.qq.com/s?__biz=MzIzOTc2OTAxMg==&mid=2247549670&idx=2&sn=5f3fb6a0f0d849bdcf52c3b088620c0e) + - [ ] [【2025-02-02】黑客新闻摘要](https://mp.weixin.qq.com/s?__biz=MzIzNDU5NTI4OQ==&mid=2247488410&idx=1&sn=d520eefe614e2ce5642067897cf29310) + - [ ] [Tenable收购Vulcan Cyber,继续加速巩固暴露风险管理市场的领导地位](https://mp.weixin.qq.com/s?__biz=MzIyMTg0MTE3MA==&mid=2247487464&idx=1&sn=b2896c8828c9fe6b47d1296c0436f95f) + - [ ] [收藏 | dotNet安全矩阵 2024 年度本地权限操作阶段文章和工具汇总](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498654&idx=1&sn=5900448e0b83460002b339bdd888b89a) + - [ ] [国内最专业、最全面的 [ .NET 代码审计 ] 体系化学习交流社区](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498654&idx=2&sn=ec3a4a0258a1e9eba731417aa3354ed2) + - [ ] [总结 | 2024 年度内网实战攻防电子报刊 34 篇文章内容汇总](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498654&idx=3&sn=5f3ba6adeafc3eeeb6bac4a8709281f6) + - [ ] [高效、安全的 V2X PKI 与全球统一解决方案的集成](https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247620303&idx=1&sn=cd6c84599aef8f9308d3a9275a265bf1) + - [ ] [在软件定义汽车中实现安全的全球时间同步](https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247620303&idx=2&sn=c6f1e1c62c277153dfadbdb7bb7f03f3) + - [ ] [全球数据隐私、数据安全与网络安全技术发展报告](https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247620303&idx=3&sn=a94ce29de1c0b7625c8efc9602d3a095) + - [ ] [一款使用Rust编写的PE加壳器](https://mp.weixin.qq.com/s?__biz=MzA4ODEyODA3MQ==&mid=2247490280&idx=1&sn=27a8a52ec1103e01e0110d3cd8177b5d) + - [ ] [LockBit勒索软件案例(CS+Socks5)](https://mp.weixin.qq.com/s?__biz=MzkzMDE3ODc1Mw==&mid=2247489011&idx=1&sn=cdefefd425a7437c3ef0df558eb05375) + - [ ] [以小见大,彻底理解 cookie,session,token 之间的关系,通俗易懂](https://mp.weixin.qq.com/s?__biz=MzkxMzMyNzMyMA==&mid=2247570694&idx=1&sn=29f7161a798e3c693f2e07545a8b52ff) + - [ ] [Troll系列---Troll1靶场](https://mp.weixin.qq.com/s?__biz=Mzk1NzIzMzQ3OA==&mid=2247484332&idx=1&sn=fba78491557f3cbc1ee34fbedc0cd8bd) + - [ ] [2024年十大网络安全事件盘点](https://mp.weixin.qq.com/s?__biz=MzIxMDIwODM2MA==&mid=2653931483&idx=1&sn=5ee0aaf91c5db8412e184d348b4a1d06) + - [ ] [奇瑞汽车申请信息安全传输专利,防止多种攻击手段](https://mp.weixin.qq.com/s?__biz=MzIxMDIwODM2MA==&mid=2653931483&idx=2&sn=59bdf40380a2fc0d3df5b2d3a9d8b1e7) + - [ ] [【吃瓜】我家有女初长成!](https://mp.weixin.qq.com/s?__biz=MzU3MjU4MjM3MQ==&mid=2247489723&idx=1&sn=93b809a5e3a62b231b628e053aa39e98) + - [ ] [日志文件分析](https://mp.weixin.qq.com/s?__biz=Mzk1Nzc0MzY3NA==&mid=2247483783&idx=1&sn=4793ee638a53387ff52638f428afaa4c) + - [ ] [【吃瓜】某官方媒体下场传播Deepseek谣言](https://mp.weixin.qq.com/s?__biz=Mzg4MTkwMTI5Mw==&mid=2247488836&idx=1&sn=0b4b90b809d4d1d411d9d7cb07bb41dd) + - [ ] [[靶场复现计划]CSLAB Thunder](https://mp.weixin.qq.com/s?__biz=MzkxOTYwMDI2OA==&mid=2247484342&idx=1&sn=fbf99114ba0a7734a34ca35d09047003) + - [ ] [2025 Arch Linux 配置与常用操作指南](https://mp.weixin.qq.com/s?__biz=Mzg4MzgwMDE2Mw==&mid=2247488266&idx=1&sn=231087764693c81ab974ce49aaa367fd) + - [ ] [deepseek用不了解决方案 siliconflow](https://mp.weixin.qq.com/s?__biz=MzkxNjMwNDUxNg==&mid=2247487263&idx=1&sn=fa27a458767be5da87e8f0dd2959ac90) + - [ ] [星火年鉴· 品牌生态篇 | 2024星火品牌与市场生态亮点回顾](https://mp.weixin.qq.com/s?__biz=MzU1OTUxNTI1NA==&mid=2247592385&idx=1&sn=13ab2eff27d3b4532a504eb26a695327) + - [ ] [纯动嘴让DeepSeek给自己写一个壳](https://mp.weixin.qq.com/s?__biz=MzA3NDE0NTY0OQ==&mid=2247484313&idx=1&sn=8e3f8f76629035619e1743da5afd28a1) + - [ ] [网络安全新手必看:你的电脑够硬核吗?CTF 神器选购指南!](https://mp.weixin.qq.com/s?__biz=MzA3NDE0NTY0OQ==&mid=2247484313&idx=2&sn=4562514cd4be9ea89f1ed48f7e33ddf2) + - [ ] [Microsoft SQL Server 中的 RCE:探索错误配置并获得命令执行能力](https://mp.weixin.qq.com/s?__biz=MzAxMjYyMzkwOA==&mid=2247527476&idx=1&sn=3c6e650cd3989e4318e4de87b1cab4a3) + - [ ] [通过 JSON 文件上传进行存储型 XSS](https://mp.weixin.qq.com/s?__biz=MzAxMjYyMzkwOA==&mid=2247527476&idx=2&sn=52e6aaaaa606bc10d5c53f2ab36dab9d) + - [ ] [网安人的Deepseek使用指南](https://mp.weixin.qq.com/s?__biz=MzkxMDU5MzY0NQ==&mid=2247484471&idx=1&sn=19de64512beab336b1d931e46707a4f3) + - [ ] [国内首家!360推出“DeepSeek版”安全大模型](https://mp.weixin.qq.com/s?__biz=MzA4MTg0MDQ4Nw==&mid=2247579300&idx=1&sn=fb81fc2b90cac494c296287ef221c64f) + - [ ] [大年初五 | 蛇报佳春,万“巳”大吉](https://mp.weixin.qq.com/s?__biz=MzA4MTg0MDQ4Nw==&mid=2247579300&idx=2&sn=c06abb2df32188e9b4d4cda59aad3c1a) + - [ ] [教练,我想做红客](https://mp.weixin.qq.com/s?__biz=Mzg4NzgzMjUzOA==&mid=2247485481&idx=1&sn=8bb195be87285a44b7949441eeb4d438) + - [ ] [三步教你使用ollama+chatboxai本地部署DeepSeek-R1(含电脑配置参考)](https://mp.weixin.qq.com/s?__biz=MzkzMjIxNjExNg==&mid=2247486256&idx=1&sn=0e5e16559014d6990e2655f742bbf8c3) + - [ ] [设备管理系统开发:结合FastAPI+uvicorn技术(V2.3版本)](https://mp.weixin.qq.com/s?__biz=MzAxMDIwNjg2MA==&mid=2247486192&idx=1&sn=b7addf22dac6c645a9e16f0cd71da809) + - [ ] [大年初五迎财神|大吉大利,八方来财](https://mp.weixin.qq.com/s?__biz=MzI3NzMzNzE5Ng==&mid=2247489523&idx=1&sn=8bb39b35916f60e2052342891502afc1) + - [ ] [政府媒体下场!证明“宇宙镜像防御系统”“在黑客电脑放大悲咒”都是真的!](https://mp.weixin.qq.com/s?__biz=MzkyOTQzNjIwNw==&mid=2247491692&idx=1&sn=b3bb6b0e8bc8cf46f507d2af76f7e46f) + - [ ] [2024年近2亿人受影响,美国医疗成重点攻击目标](https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651313350&idx=1&sn=14f2e762074e1c311ff513905bd74451) + - [ ] [新型僵尸网络正对路由器、摄像头等设备发起大规模DDoS攻击](https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651313350&idx=2&sn=325091293f887d4b02b45a66abdcc9b9) + - [ ] [无需拆机!Windows 11 BitLocker加密文件被破解](https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651313350&idx=3&sn=d66f493838161567f4aa1ccfefa9c7da) + - [ ] [记一次框架利用接管学工系统](https://mp.weixin.qq.com/s?__biz=MzUyODkwNDIyMg==&mid=2247547536&idx=1&sn=3c4f0b94df8e73bc5c8f02e75f6bf1f9) + - [ ] [Zyxel CPE 设备遭遇大规模攻击:关键漏洞(CVE-2024-40891)仍未修复!](https://mp.weixin.qq.com/s?__biz=Mzg3OTYxODQxNg==&mid=2247485684&idx=1&sn=ca0044c1a5698a1a8bad3d17b325b3a4) + - [ ] [国内黑产组织利用AWS 和 Azure进行诈骗活动](https://mp.weixin.qq.com/s?__biz=MzkzNDIzNDUxOQ==&mid=2247494701&idx=1&sn=3e0582b510dbccde979bed07cc7c3488) + - [ ] [DeepSeek 突破了西方对于强大AI开发的垄断](https://mp.weixin.qq.com/s?__biz=MzkzNDIzNDUxOQ==&mid=2247494701&idx=2&sn=e859fa26b1c6c3b3a0de07cd580f711d) + - [ ] [奇幻爽文之风终于吹到了网安](https://mp.weixin.qq.com/s?__biz=Mzg4Njc0Mjc3NQ==&mid=2247486634&idx=1&sn=0dc181deac52d82cd9a46eab2a487461) + - [ ] [【2025春节】解题领红包活动排行榜(初五 2/2)](https://mp.weixin.qq.com/s?__biz=MjM5Mjc3MDM2Mw==&mid=2651141668&idx=1&sn=82663ea0981e0c6f1544bb1fe7ab6bb8) + - [ ] [时间强盗漏洞:ChatGPT绕过敏感话题安全防护](https://mp.weixin.qq.com/s?__biz=MzAxMjE3ODU3MQ==&mid=2650607394&idx=1&sn=387b2dc9dd6ebd7d27288d882c5d9832) + - [ ] [虚假谷歌广告瞄准微软广告账户,恶意软件攻击再升级](https://mp.weixin.qq.com/s?__biz=MzAxMjE3ODU3MQ==&mid=2650607394&idx=2&sn=9afd369d22b8ae77608115d1b2309b66) + - [ ] [一些木马反制技巧](https://mp.weixin.qq.com/s?__biz=MzAxMjE3ODU3MQ==&mid=2650607394&idx=3&sn=f2dbe4fa4dc6ad21d2bbc79d3e38c60b) + - [ ] [Burpsuite存储桶配置不当漏洞检测插件](https://mp.weixin.qq.com/s?__biz=MzAxMjE3ODU3MQ==&mid=2650607394&idx=4&sn=d21b7373ba4514475e76fc1e86673954) + - [ ] [掌握这些隐藏技巧,快速生成高质量美学论文初稿指南!](https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247493260&idx=1&sn=6e7603d4bf552141b202da8e2c7226ef) + - [ ] [掌握中国史论文写作的文献综述绝技:解锁每个研究生都该懂的内部秘笈。](https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247493260&idx=2&sn=20c75c3aa689fee6c249bf331d9695e1) + - [ ] [掌握AI军事战略论文初稿的5种极致写作技巧,用ChatGPT打造高效论文写作流程!](https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247493260&idx=3&sn=9a4e44b87ce1049e024adfebfd892d5b) + - [ ] [掌握ChatGPT人力资源管理论文大纲的完善攻略,新手也能3小时上手。](https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247493260&idx=4&sn=d4c9789e053207760dc89bc30e97bdbe) + - [ ] [掌握ChatGPT特殊教育论文审稿的内部高阶技巧,审稿速度提升200%!](https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247493260&idx=5&sn=1b7188bc90a73bd66bfbd639ffb205c1) + - [ ] [初五接财神 | 顺风顺水,八方来财](https://mp.weixin.qq.com/s?__biz=Mzk0ODI4MDI4Nw==&mid=2247494628&idx=1&sn=86f1f585e2527dffb49f31e3cb3b77e6) + - [ ] [初五财神到,火绒安全祝大家蛇年行大运,事事皆顺遂~](https://mp.weixin.qq.com/s?__biz=MzI3NjYzMDM1Mg==&mid=2247522009&idx=1&sn=427a7360c75c10d3278f62a51ef5b068) + - [ ] [诚邀渠道合作伙伴共启新征程](https://mp.weixin.qq.com/s?__biz=MzI3NjYzMDM1Mg==&mid=2247522009&idx=2&sn=ca2b184d62f7ecba76d349a8faa6d2bf) + - [ ] [MQTT协议安全攻击面技术分析总结](https://mp.weixin.qq.com/s?__biz=MjM5MjEyMTcyMQ==&mid=2651037465&idx=1&sn=c91979cf125a6f93d28586817671f1d7) + - [ ] [大年初五吉祥如意](https://mp.weixin.qq.com/s?__biz=Mzg3NTU3NTY0Nw==&mid=2247489546&idx=1&sn=48d30c9bf0c189657c24003dd0ef3551) + - [ ] [大年初五 巳蛇呈祥](https://mp.weixin.qq.com/s?__biz=Mzg2MTU5ODQ2Mg==&mid=2247507177&idx=1&sn=c70f06c1d86e5a233713734b6ee2f9ce) + - [ ] [数字取证之呈现证据u200c](https://mp.weixin.qq.com/s?__biz=MjM5OTk4MDE2MA==&mid=2655264934&idx=1&sn=b566f40a1e56c1ead34ae7196ce9f9b8) + - [ ] [DeepSeek的R1与R1-Zero:技术差异与AI风险管控](https://mp.weixin.qq.com/s?__biz=MzIxODM0NDU4MQ==&mid=2247506432&idx=1&sn=ddb2b818c020739b2b004f3cfcb69a91) + - [ ] [Nmap高级攻击指南:用官方工具实施SYN欺骗攻击](https://mp.weixin.qq.com/s?__biz=MzkxOTUyOTc0NQ==&mid=2247493009&idx=1&sn=4450fdf706551f053287269ac3017075) + - [ ] [迎财神](https://mp.weixin.qq.com/s?__biz=Mzg2Mzg2NDM0NA==&mid=2247484863&idx=1&sn=38cb397e43ce3141523a19c0581ad5e1) + - [ ] [90%企业等保无效?红蓝对抗揭露真相!](https://mp.weixin.qq.com/s?__biz=MzIwMzIyMjYzNA==&mid=2247517989&idx=1&sn=c773878e5458413dc7f713382eb2c815) + - [ ] [迎财神,送福到,愿您在新的一年里,财运旺盛,心想事成!](https://mp.weixin.qq.com/s?__biz=MjM5NzU4NjkyMw==&mid=2650747926&idx=1&sn=51b6804dd2334ea79d326a1a7717461a) + - [ ] [谁说红客只会蹭!过来看看他们的实力!](https://mp.weixin.qq.com/s?__biz=Mzk0MzY3MDE5Mg==&mid=2247484028&idx=1&sn=5854fd05510860e4b1a8934a02138131) + - [ ] [红盟只会蹭!](https://mp.weixin.qq.com/s?__biz=MzkwMTU2NzMwOQ==&mid=2247484533&idx=1&sn=6247c1831a0bfd5ce1a4b0733b912d9c) + - [ ] [ISO 45001: 2018 标准详解与实施(13)6.2 职业健康安全目标及其实现的策划](https://mp.weixin.qq.com/s?__biz=MzA5OTEyNzc1Nw==&mid=2247486058&idx=1&sn=5999aad43bc68811dab5ca40c639b197) + - [ ] [实战内测-某内测项目站点FUZZ到SQL注入](https://mp.weixin.qq.com/s?__biz=Mzk0Mzc1MTI2Nw==&mid=2247487449&idx=1&sn=bae043c1e8117312d3d18624f4c070a5) + - [ ] [大年初五丨安天捕风给您拜年了](https://mp.weixin.qq.com/s?__biz=MjM5MTA3Nzk4MQ==&mid=2650209925&idx=1&sn=b804ce5af784fca3a1e05a9077cdf1c2) + - [ ] [正月初五 | 五福临门 招财进宝](https://mp.weixin.qq.com/s?__biz=MzI2MzU0NTk3OA==&mid=2247506084&idx=1&sn=beab459a146e3c03036ca82226a1c621) + - [ ] [Meta 确认零点击 WhatsApp 间谍软件攻击针对 90 名记者和活动人士](https://mp.weixin.qq.com/s?__biz=MzI2NzAwOTg4NQ==&mid=2649794014&idx=1&sn=0bf99aa1e7fb87b545c84b364e027dc0) + - [ ] [大年初五|接财神](https://mp.weixin.qq.com/s?__biz=MzUyMjAyODU1NA==&mid=2247491950&idx=1&sn=f325c8233c093a74fde97c588f87e12a) + - [ ] [Shoko:动漫管理的另一种选择,完美集成Plex、Jellyfin、Kodi](https://mp.weixin.qq.com/s?__biz=MzA4MjkzMTcxMg==&mid=2449046777&idx=1&sn=a0ad55fed18cd06f87ff32c4f5be473b) + - [ ] [初五 | 财源滚滚万事顺,鸿运当头福临门!](https://mp.weixin.qq.com/s?__biz=MzU4NjY4MDAyNQ==&mid=2247497082&idx=1&sn=9b4b2f985f0aa0b0b50392da125f46fe) + - [ ] [正月初五 | 财安福来](https://mp.weixin.qq.com/s?__biz=Mzg2NDU3Mzc5OA==&mid=2247489780&idx=1&sn=76693eb6e5caa655bd2a6320c1ae8629) + - [ ] [大年初五 五福临门](https://mp.weixin.qq.com/s?__biz=MjM5NzE0NTIxMg==&mid=2651135292&idx=1&sn=0c7186a57a71bbffcf1d576a5e3176ff) + - [ ] [正月初五迎财神!亚信安全祝大家金蛇接财,福气满满](https://mp.weixin.qq.com/s?__biz=MjM5NjY2MTIzMw==&mid=2650620969&idx=1&sn=e2ea7bfca815e935b52839d6161bb0bf) + - [ ] [【oscp】vulnerable_docker,三种代理方法打入内网](https://mp.weixin.qq.com/s?__biz=Mzg2Nzk0NjA4Mg==&mid=2247498989&idx=1&sn=a860e19fe2d20c9b8aa5cc9ca81ac488) + - [ ] [【2025】初五迎财神,恭喜发财](https://mp.weixin.qq.com/s?__biz=MzUwOTc3MTQyNg==&mid=2247491392&idx=1&sn=75011220308fe9a69d8dd70b7d07d5f0) + - [ ] [大年初五 | 恒御科技祝大家“蛇运亨通,瑞气盈门”](https://mp.weixin.qq.com/s?__biz=MzU4NjY3OTAzMg==&mid=2247514958&idx=1&sn=01c937eee1af2942500f59fc5740acf7) + - [ ] [大年初五 | 爆竹声中财门开,如意平安富贵来](https://mp.weixin.qq.com/s?__biz=Mzk0MDQ5MTQ4NA==&mid=2247487431&idx=1&sn=c15740e5ae9f941b205365b9d758ee32) + - [ ] [Hawkeye 一款Windows综合应急响应工具](https://mp.weixin.qq.com/s?__biz=Mzk0ODY1NzEwMA==&mid=2247486676&idx=1&sn=3417cbc224d25e1e2d58028f2163bb57) + - [ ] [正月初五|喜迎财神 招财纳祥](https://mp.weixin.qq.com/s?__biz=MzkxODczNjA4NQ==&mid=2247494022&idx=1&sn=4a63c5fbf635f14e625c112957d0ea1d) + - [ ] [DecryptTools综合解密](https://mp.weixin.qq.com/s?__biz=MzkyNzIxMjM3Mg==&mid=2247489196&idx=1&sn=bc1fd862ec7ec58e385b7e0f3de44318) + - [ ] [一半人可以开了](https://mp.weixin.qq.com/s?__biz=MzkyNzIxMjM3Mg==&mid=2247489196&idx=2&sn=dec356d33c41d89e7b628f05471e3d2e) + - [ ] [【贺蛇年】初五迎财 网安聚福](https://mp.weixin.qq.com/s?__biz=MzAxMjE1MDY0NA==&mid=2247508846&idx=1&sn=9ce423304dea95172f851d637a204f7a) + - [ ] [【初五】安全守护好 发展自然来](https://mp.weixin.qq.com/s?__biz=MjM5NTE0MjQyMg==&mid=2650624577&idx=1&sn=4c14d0c391b3e76a3335a93e4e16c2f4) + - [ ] [山石网科·AI汇东方|正月初五,喜迎财神](https://mp.weixin.qq.com/s?__biz=MzAxMDE4MTAzMQ==&mid=2661298314&idx=1&sn=a06e947eb117e1a6e4ac13f9aba74f9b) + - [ ] [初五 | 迎财神](https://mp.weixin.qq.com/s?__biz=MzIxNTQxMjQyNg==&mid=2247493742&idx=1&sn=6c298f8ce178ae5f381c68b29f886a7f) + - [ ] [初五|财神叩门送金来 全域互连倚云脉](https://mp.weixin.qq.com/s?__biz=MzkxNDY0MjMxNQ==&mid=2247532974&idx=1&sn=f7a29699391399ad4582af3321de5ad1) + - [ ] [ZoomEye、ZoomEye Pro:网络资产测绘,筑牢财富根基](https://mp.weixin.qq.com/s?__biz=MjM5NzA3Nzg2MA==&mid=2649870888&idx=1&sn=572bcba2cdd6c61f272fbc1ee4943f22) + - [ ] [祥蛇初五至 福运启新时](https://mp.weixin.qq.com/s?__biz=MzU0MjEwNTM5Ng==&mid=2247520425&idx=1&sn=7936883faac2bd5d0b54fbc8772c487c) + - [ ] [Dark OSINT:我是如何识别多个性犯罪分子及其基础设施的](https://mp.weixin.qq.com/s?__biz=MzkwOTE5MDY5NA==&mid=2247504844&idx=1&sn=0567a540ffa5f4aa2f0bd08da69c6254) + - [ ] [赚美刀?来扶盈安全就对了-扶楹安全第二期招生了!](https://mp.weixin.qq.com/s?__biz=MzkyNzQzODA3Ng==&mid=2247484777&idx=1&sn=007f74bd81906a993fad37a59f5e1afd) + - [ ] [初五 | 迎财神,接好运!](https://mp.weixin.qq.com/s?__biz=Mzg4MjQ4MjM4OA==&mid=2247523803&idx=1&sn=e5fe6e9fcd4de214c94e3f5efd295dd8) + - [ ] [苏说安全两周年记 | 感恩每一份照亮前路的星光](https://mp.weixin.qq.com/s?__biz=Mzg5OTg5OTI1NQ==&mid=2247489874&idx=1&sn=47b12bb1e57d2b02fc0dbb3b38913d8b) +- Security Boulevard + - [ ] [DEF CON 32 – Navigating the Turbulent Skies of Aviation Cyber Regulation](https://securityboulevard.com/2025/02/def-con-32-navigating-the-turbulent-skies-of-aviation-cyber-regulation-2/) + - [ ] [Hackers Hijack JFK File Release: Malware & Phishing Surge](https://securityboulevard.com/2025/02/hackers-hijack-jfk-file-release-malware-phishing-surge/) + - [ ] [Core Features in NSFOCUS RSAS R04F04 1-2](https://securityboulevard.com/2025/02/core-features-in-nsfocus-rsas-r04f04-1-2/) - Private Feed for M09Ic - - [ ] [lz520520 starred sfackler/rust-native-tls](https://github.com/sfackler/rust-native-tls) - - [ ] [spf13 starred bitfield/script](https://github.com/bitfield/script) - - [ ] [ourren starred google/osv-scalibr](https://github.com/google/osv-scalibr) - - [ ] [ourren starred BlackSnufkin/LitterBox](https://github.com/BlackSnufkin/LitterBox) - - [ ] [zer0yu starred browser-use/browser-use](https://github.com/browser-use/browser-use) - - [ ] [glzjin starred ading2210/linuxpdf](https://github.com/ading2210/linuxpdf) - - [ ] [wuhan005 starred qiufengqijun/mini_qwen](https://github.com/qiufengqijun/mini_qwen) - - [ ] [wuhan005 starred zhanshijinwat/Steel-LLM](https://github.com/zhanshijinwat/Steel-LLM) - - [ ] [zer0yu starred datawhalechina/llms-from-scratch-cn](https://github.com/datawhalechina/llms-from-scratch-cn) - - [ ] [zer0yu starred Hiram-Wong/ZyPlayer](https://github.com/Hiram-Wong/ZyPlayer) - - [ ] [zer0yu starred fullstorydev/grpcurl](https://github.com/fullstorydev/grpcurl) - - [ ] [zer0yu starred Jiayi-Pan/TinyZero](https://github.com/Jiayi-Pan/TinyZero) - - [ ] [zer0yu started following rasbt](https://github.com/rasbt) - - [ ] [mitre forked mitre/chef-workstation from chef/chef-workstation](https://github.com/mitre/chef-workstation) + - [ ] [mgeeky starred Teach2Breach/rust_api_demo](https://github.com/Teach2Breach/rust_api_demo) + - [ ] [zer0yu starred LaurentMazare/tch-rs](https://github.com/LaurentMazare/tch-rs) + - [ ] [zer0yu starred guillaume-be/rust-bert](https://github.com/guillaume-be/rust-bert) + - [ ] [zer0yu starred ldclabs/anda](https://github.com/ldclabs/anda) + - [ ] [zer0yu starred HKUDS/MiniRAG](https://github.com/HKUDS/MiniRAG) + - [ ] [phith0n starred X1a0He/X1a0HeWeChatPlugin](https://github.com/X1a0He/X1a0HeWeChatPlugin) + - [ ] [mgeeky starred megadose/holehe](https://github.com/megadose/holehe) + - [ ] [b1nhack starred b1nhack/nvim](https://github.com/b1nhack/nvim) + - [ ] [zer0yu started following karpathy](https://github.com/karpathy) + - [ ] [zer0yu started following wdndev](https://github.com/wdndev) + - [ ] [zer0yu starred wdndev/tiny-llm-zh](https://github.com/wdndev/tiny-llm-zh) + - [ ] [lz520520 forked lz520520/rust-native-tls from sfackler/rust-native-tls](https://github.com/lz520520/rust-native-tls) +- Recent Commits to cve:main + - [ ] [Update Sun Feb 2 20:27:07 UTC 2025](https://github.com/trickest/cve/commit/fcf3014fa98cc26f06af3e2bab5e9248e80b149f) + - [ ] [Update Sun Feb 2 12:20:58 UTC 2025](https://github.com/trickest/cve/commit/a65cb4569063b4a65b895041ed0abcdb1df57ff9) + - [ ] [Update Sun Feb 2 04:21:00 UTC 2025](https://github.com/trickest/cve/commit/3e10a03ba05176de772d99d5a5a2c51ac1c34160) - 一个被知识诅咒的人 - - [ ] [【Python】理解Python中的协程和生成器:从yield到async](https://blog.csdn.net/nokiaguy/article/details/145412058) - - [ ] [Python中的数据类(dataclass):简化类的定义与数据管理](https://blog.csdn.net/nokiaguy/article/details/145412051) -- Twitter @bytehx - - [ ] [Re @_godiego__ Thanks for sharing good stuff. You inspired me a lot dude.](https://x.com/bytehx343/status/1885732198948765886) - - [ ] [Re @kongwenbin @Hacker0x01 Congrats man 🎉🎉🎉](https://x.com/bytehx343/status/1885732031868637343) - - [ ] [Re @stealthcopter Thank you for sharing and congrats for the bounty my friend!](https://x.com/bytehx343/status/1885622934997467535) - - [ ] [RT Mat Rollings: Chained two 'meh' WordPress vulnerabilities into a high-impact exploit on JupiterX Core 👾. From low-privilege SVG upload to full R...](https://x.com/bytehx343/status/1885622856140369997) -- Reverse Engineering - - [ ] [Formally Verified Binary-level Pointer Analysis](https://www.reddit.com/r/ReverseEngineering/comments/1ifeeay/formally_verified_binarylevel_pointer_analysis/) - - [ ] [PE basics: A windows executable walkthrough - File formats hexplorations 16](https://www.reddit.com/r/ReverseEngineering/comments/1ifjwuw/pe_basics_a_windows_executable_walkthrough_file/) - - [ ] [Reverse Engineering and Cataloging Vidar (Info stealer/Loader)](https://www.reddit.com/r/ReverseEngineering/comments/1ifair6/reverse_engineering_and_cataloging_vidar_info/) -- glzjin - - [ ] [懒猫微服外挂虚拟机管理器启动方法说明](https://www.zhaoj.in/read-9046.html) -- FreeBuf网络安全行业门户 - - [ ] [90名记者和活动家遭WhatsApp零点击间谍软件攻击,Meta确认事件](https://www.freebuf.com/news/421009.html) - - [ ] [虚假谷歌广告瞄准微软广告账户,恶意软件攻击再升级](https://www.freebuf.com/articles/web/421008.html) -- 奇客Solidot–传递最新科技情报 - - [ ] [OpenAI 考虑开源旧模型](https://www.solidot.org/story?sid=80459) - - [ ] [Bennu 小行星样本发现构成生命的基本成分](https://www.solidot.org/story?sid=80458) - - [ ] [WhatsApp 称记者等成为以色列间谍软件的目标](https://www.solidot.org/story?sid=80457) -- Dhole Moments - - [ ] [Hell Is Overconfident Developers Writing Encryption Code](https://soatok.blog/2025/01/31/hell-is-overconfident-developers-writing-encryption-code/) -- 懒人在思考 - - [ ] [你好 2025,世界会继续越来越快](https://mp.weixin.qq.com/s?__biz=MzA3NTEzMTUwNA==&mid=2651081669&idx=1&sn=aa0b77b261c5fe6e6c4784263302e03f&chksm=8485d4dab3f25dcc6c72bc871f2c82bb91346cc258daa86cf4d931e657135ec686fead183589&scene=58&subscene=0#rd) -- 杨龙 - - [ ] [Could not find rpcgen / rockylinux 8 / mysql 5.7 编译](https://www.yanglong.pro/could-not-find-rpcgen-rockylinux-8/) -- dotNet安全矩阵 - - [ ] [总结 | 2024 年度内网实战攻防电子报刊 34 篇文章内容汇总](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498632&idx=1&sn=681e983fa35bb19e0904831b335d7e0f&chksm=fa595565cd2edc73d886f41d9397e163f030a12a60338c2df1d0c1a99313c34cdcf453aa5fea&scene=58&subscene=0#rd) - - [ ] [.NET 安全攻防知识交流社区](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498632&idx=2&sn=6855593bf81f6d589c2562c3edaa601f&chksm=fa595565cd2edc735c22d1d43d28bf31a8043c2ff0206e4a1fad46e91c47f503b969c34ad67c&scene=58&subscene=0#rd) - - [ ] [收藏 | dotNet安全矩阵 2024 年度外网入口打点阶段文章和工具汇总](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498632&idx=3&sn=66a759fa72b074482a993bee88e6bd92&chksm=fa595565cd2edc732b090dd7e2e465cab66aa723f707fa97061db95641beb2e9080ebe414db5&scene=58&subscene=0#rd) + - [ ] [【人工智能】使用Python和Hugging Face构建情感分析应用:从模型训练到Web部署](https://blog.csdn.net/nokiaguy/article/details/145420450) + - [ ] [【人工智能】深入探索Python中的自注意力机制:实现Transformer的核心组件](https://blog.csdn.net/nokiaguy/article/details/145420439) +- obaby@mars + - [ ] [年复一年](https://h4ck.org.cn/2025/02/19063) +- Blogs on STAR Labs + - [ ] [Mali-cious Intent: Exploiting GPU Vulnerabilities (CVE-2022-22706 / CVE-2021-39793)](https://starlabs.sg/blog/2025/12-mali-cious-intent-exploiting-gpu-vulnerabilities-cve-2022-22706/) +- MaskRay + - [ ] [lld 20 ELF changes](https://maskray.me/blog/2025-02-02-lld-20-elf-changes) +- Blog – Red Siege Information Security + - [ ] [Red Siege at Wild West Hackin’ Fest Mile High 2025 – What to Expect!](https://redsiege.com/blog/2025/02/red-siege-at-wild-west-hackin-fest-mile-high-2025-what-to-expect/) +- Blogs dade + - [ ] [Weekly Retro 2025-W05](https://0xda.de/blog/2025/02/weekly-retro-2025-w05/) +- Bug Bounty in InfoSec Write-ups on Medium + - [ ] [How I Earned $200 Using GitHub Dorking P=2:Advanced GitHub Dorking: More Secrets, More Automation…](https://infosecwriteups.com/advanced-github-dorking-more-secrets-more-automation-more-bounties-f39dd553b1c2?source=rss----7b722bfd1b8d--bug_bounty) +- 安全分析与研究 + - [ ] [一款使用Rust编写的PE加壳器](https://mp.weixin.qq.com/s?__biz=MzA4ODEyODA3MQ==&mid=2247490280&idx=1&sn=27a8a52ec1103e01e0110d3cd8177b5d&chksm=902fb5c0a7583cd6218d677628b2525d44e71fe4a1a277e33d09f2eb178e9d0f3d1b7f16868b&scene=58&subscene=0#rd) +- 锦行科技 + - [ ] [初五 | 迎财神](https://mp.weixin.qq.com/s?__biz=MzIxNTQxMjQyNg==&mid=2247493742&idx=1&sn=6c298f8ce178ae5f381c68b29f886a7f&chksm=979a13cba0ed9add09c5b22955bcce5e7a177a09072e01fe7ecdb9b58a578e7a75a7338606aa&scene=58&subscene=0#rd) - 吾爱破解论坛 - - [ ] [【2025春节】解题领红包活动排行榜(初四 2/1)](https://mp.weixin.qq.com/s?__biz=MjM5Mjc3MDM2Mw==&mid=2651141665&idx=1&sn=cf29ecaf3b5e2954cc5cb4b91fcef39f&chksm=bd50a6758a272f63660c32ba0c3ecc6a4c6d0036e2c3311ac5a9642e041e64846a8b2d665c2a&scene=58&subscene=0#rd) -- 看雪学苑 - - [ ] [成为看雪讲师,开启技术分享的高光时刻](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458589300&idx=1&sn=5bc3ab9031d8c5a62d14e0fc0189cf4f&chksm=b18c28fe86fba1e830bdfaaa3dad1ea3f45cb278603db9b29f7f82a13061c29d3fad34ffb90a&scene=58&subscene=0#rd) - - [ ] [关于PAN-OS DoS(CVE-2024-3393)的研究](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458589300&idx=2&sn=e9f874ab1024ce5d7a8a2a424b891a7f&chksm=b18c28fe86fba1e8336887843dd4ab08afa58ca810f485f7a4efd1b50cb9fd256fc84de3faef&scene=58&subscene=0#rd) - - [ ] [新年新气象!想换工作看这里](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458589300&idx=3&sn=9f27f3668d0461ba4776901f8b44fc8d&chksm=b18c28fe86fba1e8dd2d842e7865bb85275949ce91d8343b184e67d31116e265167a799346d9&scene=58&subscene=0#rd) -- 丁爸 情报分析师的工具箱 - - [ ] [【实操】美国这家公司为什么要招聘懂中文的开源情报分析师](https://mp.weixin.qq.com/s?__biz=MzI2MTE0NTE3Mw==&mid=2651148805&idx=1&sn=9e063d3b00f1b8244a1f93112561b52f&chksm=f1af253fc6d8ac290fc8dca96c30d62e60d07618c84cb14ae5438deb25c2cf1d94b912bfdefc&scene=58&subscene=0#rd) -- M01N Team - - [ ] [AI风险分析 | 攻击组织在多个AWS租户环境劫持LLM模型](https://mp.weixin.qq.com/s?__biz=MzkyMTI0NjA3OA==&mid=2247494056&idx=1&sn=4e236c890b1530189931881acd81dc9b&chksm=c18429b9f6f3a0af3f80e1754671e55d82a71e47ec29f9272b4b4a098b2589be1f97125f789e&scene=58&subscene=0#rd) -- 情报分析师 - - [ ] [一张屋顶照片,开源情报如何锁定它的秘密坐标](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650559421&idx=1&sn=553b9a49e14e867a2da952e98f64e056&chksm=87117df6b066f4e02b4a6876e54d720ee170450d1c395ffe0105d0706fe5d6ab74379e4b352c&scene=58&subscene=0#rd) - - [ ] [曼德海峡危机:胡塞武装如何搅动全球贸易与地缘政治的“一池春水”?](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650559421&idx=2&sn=da3d637f045dd6b7a31208d6a3090c6e&chksm=87117df6b066f4e0fb09af9b07d9ca4bba5438966830e0fa0eefe10d061d66df93c7333cd85f&scene=58&subscene=0#rd) + - [ ] [【2025春节】解题领红包活动排行榜(初五 2/2)](https://mp.weixin.qq.com/s?__biz=MjM5Mjc3MDM2Mw==&mid=2651141668&idx=1&sn=82663ea0981e0c6f1544bb1fe7ab6bb8&chksm=bd50a6708a272f660989d775c0b51760ab65a87bdfaebbc3eb8e52d3797a728c8c3c53cdc3db&scene=58&subscene=0#rd) +- MBHC + - [ ] [DeepSeek(R1) vs Gpt-o3-mini(-high)](https://mp.weixin.qq.com/s?__biz=MzU5Mzk3NTE0Mw==&mid=2247483715&idx=1&sn=8f936ef2f0c039f3e1d7bbf3d7bf66df&chksm=fe09034bc97e8a5d5e70e334a94f5e775517c607f283d57c8b72e82f3e69e3f55861234dbc2d&scene=58&subscene=0#rd) - 极客公园 - - [ ] [索尼盖了一座「Sony Park」,我在里面发现了 Sony 的「精神内核」](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653073083&idx=1&sn=d126353a3135b021c1f8fd8c0e66f61a&chksm=7e57d30d49205a1b3b0befa1b468d85f278e27b8b85d28714b4d63e42c6985ec0391686a33a3&scene=58&subscene=0#rd) - - [ ] [OpenAI 推出 o3-mini;传苹果接近敲定折叠显示屏供应商;唐探系列票房逼近百亿元 | 极客早知道](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653073082&idx=1&sn=260c62fbf5a7f5143c5f9484f5f7f354&chksm=7e57d30c49205a1a5ee41aba5d469ec4863035eca62673386b175198c0eea17bbbf6e73b3c3b&scene=58&subscene=0#rd) -- 赛博回忆录 - - [ ] [营销号别再传了!deepseek的安全攻防不是武侠修仙!](https://mp.weixin.qq.com/s?__biz=MzIxNDAyNjQwNg==&mid=2456099384&idx=1&sn=1878da953490a6aa39caed770ad1406f&chksm=803c6bf1b74be2e79fd3f7765e200a46d7360ef282b340a87ee2f73c4d2519b92edab928cbc9&scene=58&subscene=0#rd) -- 白日放歌须纵9 - - [ ] [To B大模型应用的落地实践与思考](https://mp.weixin.qq.com/s?__biz=MzIzNjAyODE0NQ==&mid=2247483940&idx=1&sn=6c82ca97527b253a09315b3787c555cd&chksm=e8df6bbadfa8e2ac5f5a8238794a3b3afbde91740bcb757a8b7741b6e1f5bbe26d34de694639&scene=58&subscene=0#rd) + - [ ] [阿西莫夫三定律,还适用于今天的 AI 吗?](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653073110&idx=1&sn=b277757d83dc66d3c5755989bdf48f50&chksm=7e57d36049205a76146ef55cb30a443f45110c7828858b74358ef216851bb3d2050790c61b32&scene=58&subscene=0#rd) + - [ ] [特朗普会面黄仁勋,谈到 DS 和 AI 芯片;小米汽车一月交付超 2 万辆;ChatGPT 去年付费用户增长三倍 | 极客早知道](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653073109&idx=1&sn=3a5c6e9636f6223b1e994a0d7c7ef99e&chksm=7e57d36349205a75d495f380e35da4f2c90ad22710777273824e8a28f1952b68aff534019547&scene=58&subscene=0#rd) +- 火绒安全 + - [ ] [初五财神到,火绒安全祝大家蛇年行大运,事事皆顺遂~](https://mp.weixin.qq.com/s?__biz=MzI3NjYzMDM1Mg==&mid=2247522009&idx=1&sn=427a7360c75c10d3278f62a51ef5b068&chksm=eb7048e6dc07c1f0dfeea1cbf6b85548ce582944fbfea679ffde25c1b6e6d1f148aea83dabc7&scene=58&subscene=0#rd) + - [ ] [诚邀渠道合作伙伴共启新征程](https://mp.weixin.qq.com/s?__biz=MzI3NjYzMDM1Mg==&mid=2247522009&idx=2&sn=ca2b184d62f7ecba76d349a8faa6d2bf&chksm=eb7048e6dc07c1f05ec257548f51393da431feaac3cc1a829fa508cde8291071d95277882a19&scene=58&subscene=0#rd) +- 360数字安全 + - [ ] [国内首家!360推出“DeepSeek版”安全大模型](https://mp.weixin.qq.com/s?__biz=MzA4MTg0MDQ4Nw==&mid=2247579300&idx=1&sn=fb81fc2b90cac494c296287ef221c64f&chksm=9f8d26aca8faafbab862d9d12c16bf810abde53f061e47a38f952b28862d897e8405ebd99be1&scene=58&subscene=0#rd) + - [ ] [大年初五 | 蛇报佳春,万“巳”大吉](https://mp.weixin.qq.com/s?__biz=MzA4MTg0MDQ4Nw==&mid=2247579300&idx=2&sn=c06abb2df32188e9b4d4cda59aad3c1a&chksm=9f8d26aca8faafba2fa3a2ff9c51bb3b8b9909869b1b29790b16afb0c7c3bf5db029ef357909&scene=58&subscene=0#rd) - 迪哥讲事 - - [ ] [登录页面渗透的骚操作](https://mp.weixin.qq.com/s?__biz=MzIzMTIzNTM0MA==&mid=2247497000&idx=1&sn=75f5108d220ca6e274950e535e153016&chksm=e8a5ff4bdfd2765d6726120c344006dbddab0e8a7885d8c2dc52909cf0cef093765cbf0161e2&scene=58&subscene=0#rd) -- Qualys Security Blog - - [ ] [DeepSeek Failed Over Half of the Jailbreak Tests by Qualys TotalAI](https://blog.qualys.com/category/vulnerabilities-threat-research) -- Over Security - Cybersecurity news aggregator - - [ ] [Google says hackers abuse Gemini AI to empower their attacks](https://www.bleepingcomputer.com/news/security/google-says-hackers-abuse-gemini-ai-to-empower-their-attacks/) - - [ ] [Vulnerability & Patch Roundup — January 2025](https://blog.sucuri.net/2025/01/vulnerability-patch-roundup-january-2025.html) + - [ ] [手把手教你如何本地化部署DeepSeek](https://mp.weixin.qq.com/s?__biz=MzIzMTIzNTM0MA==&mid=2247497017&idx=1&sn=c755513c5dbf6ec01ad0d40eba61ae44&chksm=e8a5ff5adfd2764cbfc5d5022694332b05284a95fecaccdd14aa436daac1a63d33e4089b7287&scene=58&subscene=0#rd) +- 娜璋AI安全之家 + - [ ] [[系统安全] 六十二.恶意软件分析 (13)LLM赋能实现基于机器学习的恶意家族分类(初探)](https://mp.weixin.qq.com/s?__biz=Mzg5MTM5ODU2Mg==&mid=2247501299&idx=1&sn=c461a9440fcea0ecee2c1d78cdda5cdd&chksm=cfcf753ef8b8fc289095d45e909b053dcb87dd4794e462fcf1d60ee5c8e7715cc2f2f8c2af13&scene=58&subscene=0#rd) - Hacking Exposed Computer Forensics Blog - - [ ] [Daily Blog #735: Zeltser Challenge Spotlight on Argelius Labs](https://www.hecfblog.com/2025/01/daily-blog-735-zeltser-challenge.html) -- The Hacker News - - [ ] [U.S. and Dutch Authorities Dismantle 39 Domains Linked to BEC Fraud Network](https://thehackernews.com/2025/02/us-and-dutch-authorities-dismantle-39.html) - - [ ] [BeyondTrust Zero-Day Breach Exposed 17 SaaS Customers via Compromised API Key](https://thehackernews.com/2025/02/beyondtrust-zero-day-breach-exposes-17.html) - - [ ] [Meta Confirms Zero-Click WhatsApp Spyware Attack Targeting 90 Journalists, Activists](https://thehackernews.com/2025/02/meta-confirms-zero-click-whatsapp.html) - - [ ] [Malvertising Scam Uses Fake Google Ads to Hijack Microsoft Advertising Accounts](https://thehackernews.com/2025/02/malvertising-scam-uses-fake-google-ads.html) + - [ ] [Daily Blog #737: Sunday Funday 2/2/25](https://www.hecfblog.com/2025/02/daily-blog-737-sunday-funday-2225.html) + - [ ] [Daily Blog #736: Solution Saturday 2/1/25](https://www.hecfblog.com/2025/02/daily-blog-736-solution-saturday-2125.html) +- Over Security - Cybersecurity news aggregator + - [ ] [9Lives - 109,515 breached accounts](https://haveibeenpwned.com/PwnedWebsites#9Lives) +- Have I Been Pwned latest breaches + - [ ] [9Lives - 109,515 breached accounts](https://haveibeenpwned.com/PwnedWebsites#9Lives) +- IT Service Management News + - [ ] [Sicurezza negli esercizi pubblici](http://blog.cesaregallotti.it/2025/02/sicurezza-negli-esercizi-pubblici.html) + - [ ] [Dispositivi medici che mandano dati dei pazienti in Cina](http://blog.cesaregallotti.it/2025/02/dispositivi-medici-che-mandano-dati-dei.html) + - [ ] [Privacy: sanzione a Regione Molise e ai responabili](http://blog.cesaregallotti.it/2025/02/privacy-sanzione-regione-molise-e-ai.html) +- Troy Hunt's Blog + - [ ] [Weekly Update 437](https://www.troyhunt.com/weekly-update-437/) +- Desync InfoSec + - [ ] [LockBit勒索软件案例(CS+Socks5)](https://mp.weixin.qq.com/s?__biz=MzkzMDE3ODc1Mw==&mid=2247489011&idx=1&sn=cdefefd425a7437c3ef0df558eb05375&chksm=c27f665df508ef4b1dd69002004b822d8088e12e7ddb41fb844da301a2dc60d7acacb9ed6733&scene=58&subscene=0#rd) +- Full Disclosure + - [ ] [APPLE-SA-01-30-2025-1 GarageBand 10.4.12](https://seclists.org/fulldisclosure/2025/Feb/2) + - [ ] [Re: Text injection on https://www.google.com/sorry/index via ?q parameter (no XSS)](https://seclists.org/fulldisclosure/2025/Feb/1) + - [ ] [Xinet Elegant 6 Asset Lib Web UI 6.1.655 / SQL Injection / Exploit Update Python3](https://seclists.org/fulldisclosure/2025/Feb/0) - TorrentFreak - - [ ] [Anna’s Archive Urges AI Copyright Overhaul to Protect National Security](https://torrentfreak.com/annas-archive-urges-ai-copyright-overhaul-to-protect-national-security-250201/) - - [ ] [FADPA: MPA’s Export-Only Site-Blocking Primed For Full Strength U.S. Launch](https://torrentfreak.com/fadpa-mpa-export-only-site-blocking-primed-for-full-strength-u-s-launch-250201/) -- Technical Information Security Content & Discussion - - [ ] [Everyone knows your location: tracking myself down through in-app ads](https://www.reddit.com/r/netsec/comments/1if344u/everyone_knows_your_location_tracking_myself_down/) -- Computer Forensics - - [ ] [Pointers for how-to file craving courses](https://www.reddit.com/r/computerforensics/comments/1ifj53x/pointers_for_howto_file_craving_courses/) - - [ ] [Looking for complete guidance and roadmap to become an expert in digital forensics.](https://www.reddit.com/r/computerforensics/comments/1ifitvw/looking_for_complete_guidance_and_roadmap_to/) - - [ ] [Finding a Digital Forensics job?](https://www.reddit.com/r/computerforensics/comments/1if2p5r/finding_a_digital_forensics_job/) - - [ ] [iPhone daily backup BFU](https://www.reddit.com/r/computerforensics/comments/1iewy9p/iphone_daily_backup_bfu/) -- Security Affairs - - [ ] [A ransomware attack forced New York Blood Center to reschedule appointments](https://securityaffairs.com/173702/cyber-crime/new-york-blood-center-faced-ransomware-attack.html) - - [ ] [Contec CMS8000 patient monitors contain a hidden backdoor](https://securityaffairs.com/173694/security/cisa-fda-warned-hidden-backdoor-in-contec-cms8000.html) -- Social Engineering - - [ ] [Social Engineering Con - Layer 8?](https://www.reddit.com/r/SocialEngineering/comments/1if8m7n/social_engineering_con_layer_8/) + - [ ] [Russia VPN Crackdown Revelation – VPN Sites Hide Their IP Addresses](https://torrentfreak.com/russia-vpn-crackdown-revelation-vpn-sites-hide-their-ip-addresses-250202/) - Your Open Hacker Community - - [ ] [Using windows as a beginner](https://www.reddit.com/r/HowToHack/comments/1ifjgf3/using_windows_as_a_beginner/) - - [ ] [In search for friends](https://www.reddit.com/r/HowToHack/comments/1iewofv/in_search_for_friends/) - - [ ] [Need help with an AI security challenge](https://www.reddit.com/r/HowToHack/comments/1if4g8x/need_help_with_an_ai_security_challenge/) - - [ ] [[Repost] Magnetic Card Reader for Linux Devices](https://www.reddit.com/r/HowToHack/comments/1ifgf3x/repost_magnetic_card_reader_for_linux_devices/) - - [ ] [Need help getting my microsoft account back](https://www.reddit.com/r/HowToHack/comments/1if68fl/need_help_getting_my_microsoft_account_back/) - - [ ] [Please can someone help me!](https://www.reddit.com/r/HowToHack/comments/1if6zdm/please_can_someone_help_me/) - - [ ] [Career opportunities](https://www.reddit.com/r/HowToHack/comments/1iex9k8/career_opportunities/) - - [ ] [Bash](https://www.reddit.com/r/HowToHack/comments/1ievtjc/bash/) - - [ ] [I need help](https://www.reddit.com/r/HowToHack/comments/1ieuef3/i_need_help/) + - [ ] [Alternative for mnt reform?](https://www.reddit.com/r/HowToHack/comments/1ig2fg0/alternative_for_mnt_reform/) + - [ ] [would it be possible to make a tool that maps out a network automatically?](https://www.reddit.com/r/HowToHack/comments/1ifq4l8/would_it_be_possible_to_make_a_tool_that_maps_out/) + - [ ] [Speed queen NEW model hack needed](https://www.reddit.com/r/HowToHack/comments/1ig61me/speed_queen_new_model_hack_needed/) + - [ ] [Looking to get into a couple Snapchat accounts. Will pay but work has to be done first!! Please reach out if you can help!](https://www.reddit.com/r/HowToHack/comments/1ifwya9/looking_to_get_into_a_couple_snapchat_accounts/) +- Security Affairs + - [ ] [SECURITY AFFAIRS MALWARE NEWSLETTER – ROUND 31](https://securityaffairs.com/173746/malware/security-affairs-malware-newsletter-round-31.html) + - [ ] [Security Affairs newsletter Round 509 by Pierluigi Paganini – INTERNATIONAL EDITION](https://securityaffairs.com/173741/breaking-news/security-affairs-newsletter-round-509-by-pierluigi-paganini-international-edition.html) + - [ ] [WhatsApp disrupted a hacking campaign targeting journalists with Paragon spyware](https://securityaffairs.com/173721/security/whatsapp-disrupted-paragon-spyware-campaign.html) + - [ ] [Ransomware attack hit Indian multinational Tata Technologies](https://securityaffairs.com/173712/cyber-crime/tata-technologies-ransomware-attack.html) +- The Register - Security + - [ ] [What does it mean to build in security from the ground up?](https://go.theregister.com/feed/www.theregister.com/2025/02/02/security_design_choices/) + - [ ] [Gilmore Girls fans nabbed as Eurocops dismantle two major cybercrime forums](https://go.theregister.com/feed/www.theregister.com/2025/02/02/eurocops_takedown_cybercrime/) +- Computer Forensics + - [ ] [TCU Passware (2025JAN31)](https://www.reddit.com/r/computerforensics/comments/1igaiem/tcu_passware_2025jan31/) +- 网安寻路人 + - [ ] [DeepSeek的R1与R1-Zero:技术差异与AI风险管控](https://mp.weixin.qq.com/s?__biz=MzIxODM0NDU4MQ==&mid=2247506432&idx=1&sn=ddb2b818c020739b2b004f3cfcb69a91&chksm=97e967eaa09eeefc9023ae78007b8295e56b81a367336405b00fd9e2494d207b2d3cf1fc0ba7&scene=58&subscene=0#rd) From 77b430fd09f7e2f73f50bbeabb929885b1597a70 Mon Sep 17 00:00:00 2001 From: chainreactorbot Date: Tue, 4 Feb 2025 02:45:24 +0000 Subject: [PATCH 28/29] =?UTF-8?q?=E6=AF=8F=E6=97=A5=E5=AE=89=E5=85=A8?= =?UTF-8?q?=E8=B5=84=E8=AE=AF=EF=BC=882025-02-04=EF=BC=89?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- archive/daily/2025/2025-02-04.md | 330 +++++++++++++++++++ archive/tmp/2025-02-04.json | 383 ++++++++++++++++++++++ today.md | 528 ++++++++++++++++++------------- 3 files changed, 1028 insertions(+), 213 deletions(-) create mode 100644 archive/daily/2025/2025-02-04.md create mode 100644 archive/tmp/2025-02-04.json diff --git a/archive/daily/2025/2025-02-04.md b/archive/daily/2025/2025-02-04.md new file mode 100644 index 0000000000..ca18614399 --- /dev/null +++ b/archive/daily/2025/2025-02-04.md @@ -0,0 +1,330 @@ +# 每日安全资讯(2025-02-04) + +- Doonsec's feed + - [ ] [06x函数50-55](https://mp.weixin.qq.com/s?__biz=MzA3NDE0NTY0OQ==&mid=2247484328&idx=1&sn=56cb7fa45a42211cef760c64219cfe6d) + - [ ] [靶场系列之Kioptix Level 4](https://mp.weixin.qq.com/s?__biz=Mzk1NzIzNjM0OQ==&mid=2247484082&idx=1&sn=8ae9a5e59b4672dd6ca406e270e8bd72) + - [ ] [【Win11抓不到密码?】| 内存匹配规则的添加!!](https://mp.weixin.qq.com/s?__biz=Mzk1NzM5MTI2Mg==&mid=2247484433&idx=1&sn=c880bb48a013ff14e3bab913ecbfe043) + - [ ] [渗透测试与Linux管理系统化](https://mp.weixin.qq.com/s?__biz=Mzk1Nzc0MzY3NA==&mid=2247483802&idx=1&sn=5d2ed26dce664d4671ea49803c0b5721) + - [ ] [openEuler 24.03 操作系统上部署 DeepSeek-R1:671B 大模型训练使用GPU显卡NVIDIA A100](https://mp.weixin.qq.com/s?__biz=Mzg2MjYxODQ4Mw==&mid=2247485001&idx=1&sn=7cafb2cadfaa1242093af5dd79f1f9b4) + - [ ] [【burpsuite靶场-服务端4】命令注入漏洞](https://mp.weixin.qq.com/s?__biz=MzkzMDg1MzIwNA==&mid=2247487335&idx=1&sn=c230b1063e5abc07d7a340d33329a10e) + - [ ] [一键直达,告别中转!AutoRedirector 插件让你的浏览体验飞起来!](https://mp.weixin.qq.com/s?__biz=MzU2MTc4NTEyNw==&mid=2247486485&idx=1&sn=0708e0ba9aaae6b483cf7006497b904d) + - [ ] [2025年网络安全态势感知的主要趋势和挑战](https://mp.weixin.qq.com/s?__biz=MzU2NDY2OTU4Nw==&mid=2247518539&idx=1&sn=a6be0023f68c6a11448c70df2384b293) + - [ ] [世界需要一个能谋善断的AI(七)数字分身:生理永生与数字永生的思考](https://mp.weixin.qq.com/s?__biz=MzAxOTk3NTg5OQ==&mid=2247492313&idx=1&sn=c436d968a908073fb49f919afe55128d) + - [ ] [Unity游戏开发学习笔记](https://mp.weixin.qq.com/s?__biz=MjM5Mzc4MzUzMQ==&mid=2650260521&idx=1&sn=0ab4effac06bb65dab6afa3ebf32e1b7) + - [ ] [大模型基础](https://mp.weixin.qq.com/s?__biz=MjM5OTk4MDE2MA==&mid=2655265044&idx=1&sn=7801ee77daf09eae3fe05c448a3a2c43) + - [ ] [日产聆风电动汽车(Leaf-EV)-2018款本地拒绝服务漏洞](https://mp.weixin.qq.com/s?__biz=MzkyOTg3ODc5OA==&mid=2247484330&idx=1&sn=8558bf04848af41f0e0f56123fc3ae5d) + - [ ] [列目录引起的信息泄露获取1w5赏金](https://mp.weixin.qq.com/s?__biz=MzIzMTIzNTM0MA==&mid=2247497023&idx=1&sn=f4dad5920e40978a4ba8d4c41549b151) + - [ ] [特斯拉电动汽车越狱](https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247620379&idx=1&sn=0d4d48f552a8acea197682a3d291f961) + - [ ] [智慧护航:量产落地的盖瑞特入侵检测系统,确保智能网联汽车安全](https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247620379&idx=2&sn=5d7fd1071b30851066c47559fe48c00f) + - [ ] [单芯片舱驾&舱控跨域融合技术方案在线培训课](https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247620379&idx=3&sn=6703784580243fe5c19338db1ccf0fc1) + - [ ] [联发科发布公告CVE-2025-20633可能导致远程代码执行](https://mp.weixin.qq.com/s?__biz=MzkzNDIzNDUxOQ==&mid=2247494738&idx=1&sn=f776c6f5b2c8fbd315f6a6fbb4e83658) + - [ ] [G.O.S.S.I.P 2025 新春总动员(1):疯狂的PDF](https://mp.weixin.qq.com/s?__biz=Mzg5ODUxMzg0Ng==&mid=2247499652&idx=1&sn=589b1778aa04f72cdc07c947be4bc17c) + - [ ] [SecWiki周刊(第570期)](https://mp.weixin.qq.com/s?__biz=MjM5NDM1OTM0Mg==&mid=2651053429&idx=1&sn=31d3160a718b707ff1494a94ccb17e05) + - [ ] [SecWiki周刊(第569期)](https://mp.weixin.qq.com/s?__biz=MjM5NDM1OTM0Mg==&mid=2651053429&idx=2&sn=52ca024a6e40c3b8bfa8aee1ae304c03) + - [ ] [SecWiki周刊(第568期)](https://mp.weixin.qq.com/s?__biz=MjM5NDM1OTM0Mg==&mid=2651053429&idx=3&sn=a8270fb531eb9042a816850e48c609e2) + - [ ] [SecWiki周刊(第567期)](https://mp.weixin.qq.com/s?__biz=MjM5NDM1OTM0Mg==&mid=2651053429&idx=4&sn=1a33c07c70777c6b4ee1ff6913533e0d) + - [ ] [大年初六 | 辞旧迎新,送穷迎福](https://mp.weixin.qq.com/s?__biz=MzU3MzU4NjI4OQ==&mid=2247516498&idx=1&sn=e9790d235440fdc1e5d82fbb21a2ff57) + - [ ] [小白也能懂的DeepSeek本地安装教程](https://mp.weixin.qq.com/s?__biz=MzU5NzQ3NzIwMA==&mid=2247486425&idx=1&sn=d5a313dd4ffa06ab7ccd8e37ca614892) + - [ ] [海外虚拟信用卡之BinPay](https://mp.weixin.qq.com/s?__biz=MzkyNzYzNTQ2Nw==&mid=2247484119&idx=1&sn=ba45102f59a34f18e8ced5e0639b48b9) + - [ ] [白嫖DeepSeek R1 -腾讯云部署将免费进行到底!](https://mp.weixin.qq.com/s?__biz=MjM5Nzk3MjMzMA==&mid=2650570216&idx=1&sn=4dded799de34c8aad693320a5562dccc) + - [ ] [Topert4|内容计划|已有内容|10小时后删除](https://mp.weixin.qq.com/s?__biz=MzU5Njg5NzUzMw==&mid=2247490468&idx=1&sn=7e879727a18c30ea764c2f7f090ccfab) + - [ ] [1月份,到访奇安信的两大车企巨头!](https://mp.weixin.qq.com/s?__biz=MzkzMzcxNTQyNw==&mid=2247485600&idx=1&sn=1080d72650a49581ed39b353de1b2693) + - [ ] [服务崩溃,DeepSeek该给金主一个贴金的机会](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485511&idx=1&sn=4df6a88c69aee53ffdd181cc712e7f41) + - [ ] [【干货原创】实网攻防演习常态化,会带来什么变化01](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485511&idx=4&sn=68b99bc3a3d9c0166c11be378b838cac) + - [ ] [【干货原创】K12教育,鲜为人知的模式秘密](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485511&idx=5&sn=66af2d055dd3946c55837e742af38e56) + - [ ] [原创文章目录](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485511&idx=6&sn=881293b43a52e8b558223c554ddebcbf) + - [ ] [秦安:伟大的战略反攻已经开始,灵动之蛇年,中国人民就靠真功夫](https://mp.weixin.qq.com/s?__biz=MzA5MDg1MDUyMA==&mid=2650476470&idx=1&sn=f6505f40fe1a4a811cd9320a2365b123) + - [ ] [秦安:初一,美国动手了,安全和道德问题,以小人之心量君子之腹](https://mp.weixin.qq.com/s?__biz=MzA5MDg1MDUyMA==&mid=2650476470&idx=2&sn=e3248c99757c48d1753daab3678c4bb3) + - [ ] [这么强的渗透神器,你真的舍得不试试?](https://mp.weixin.qq.com/s?__biz=Mzg5OTg1MDk0Mw==&mid=2247485506&idx=1&sn=b0b0b4fac01f448f36a415fb860eeb81) + - [ ] [企业信息安全建设:你的数据防线真的固若金汤吗?](https://mp.weixin.qq.com/s?__biz=MzI5MjEyOTE4MA==&mid=2648520049&idx=1&sn=2ebb6422e7ffeffd0e9e501bd6ec2c7f) + - [ ] [ISO 45001: 2018 标准详解与实施(14)7.1 资源](https://mp.weixin.qq.com/s?__biz=MzA5OTEyNzc1Nw==&mid=2247486063&idx=1&sn=377991c5d6f47b70bc76fd3db40d4292) + - [ ] [【资料】生成式人工智能下的世界](https://mp.weixin.qq.com/s?__biz=MzI2MTE0NTE3Mw==&mid=2651148842&idx=1&sn=a98ad85e918a855004f545cb00b2141b) + - [ ] [智能网联汽车多域电子电气架构会如何发展?](https://mp.weixin.qq.com/s?__biz=MzIzOTc2OTAxMg==&mid=2247549671&idx=1&sn=7043300bc8465aca13f85f5610eadd9f) + - [ ] [CAN总线不加终端电阻会咋样?](https://mp.weixin.qq.com/s?__biz=MzIzOTc2OTAxMg==&mid=2247549671&idx=2&sn=1ccdb8a902fad33f54ae970878279444) + - [ ] [星火年鉴 | 工业互联网标识智库2024年度热文盘点,你最pick哪一篇?](https://mp.weixin.qq.com/s?__biz=MzU1OTUxNTI1NA==&mid=2247592465&idx=1&sn=c1802084a4d36089406dfe91c03545c7) + - [ ] [浅析代码重定位技术](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458589301&idx=1&sn=f8b5a4c4740123d4431ccb68a9063f17) + - [ ] [实用干货!无人机安全攻防入门,速来报名](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458589301&idx=2&sn=cd340085d0abd8a5fc5233d9ec93603f) + - [ ] [实施数据加密策略:保护云中敏感数据的关键要素(一)](https://mp.weixin.qq.com/s?__biz=MzkyMzU2NjQyNA==&mid=2247483943&idx=1&sn=30651b48ba2470ae7cf394536e6f42db) + - [ ] [【文末抽奖】奉天安全团队招人啦](https://mp.weixin.qq.com/s?__biz=Mzk0NjQ2NzQ0Ng==&mid=2247485016&idx=1&sn=eacd6f2faccf3347f92496544b099c41) + - [ ] [本地部署DeepSeek R1辅助CTF解题详解](https://mp.weixin.qq.com/s?__biz=Mzg2MjgwMzIxMA==&mid=2247484868&idx=1&sn=ed0f3277300e13861180e709a4818013) + - [ ] [【计划】2025,开工大吉及年度工作计划](https://mp.weixin.qq.com/s?__biz=MzU5MTM4MTIxMA==&mid=2247485508&idx=1&sn=21554b6361dcb2d065befb222b6da092) + - [ ] [【培训通知】2025年第一期专业反窃密技术操作培训班开班通知](https://mp.weixin.qq.com/s?__biz=MzU5MTM4MTIxMA==&mid=2247485508&idx=2&sn=c4e543ce0de16f5562006bd36c2e639c) + - [ ] [官方合并计划](https://mp.weixin.qq.com/s?__biz=MzU5Njg5NzUzMw==&mid=2247490462&idx=1&sn=470daf7ca3006edac1301cf05389d26f) + - [ ] [EDR专题学习-对抗EDR](https://mp.weixin.qq.com/s?__biz=Mzg5MDg3OTc0OA==&mid=2247489431&idx=1&sn=d3225f3d2e727cbd4b4c992fe9f989d0) + - [ ] [2025年,网络安全学习路线来袭,顺序千万别搞反!](https://mp.weixin.qq.com/s?__biz=MzkxMzMyNzMyMA==&mid=2247570695&idx=1&sn=1673575e8dc90594ba01e57b3cb359af) + - [ ] [违法获取网购订单中的个人信息,8人被判侵犯公民个人信息罪](https://mp.weixin.qq.com/s?__biz=MzIxMDIwODM2MA==&mid=2653931485&idx=1&sn=daf542fd9764c57a700fa306a231902d) + - [ ] [中国电信申请网元验证方法专利,保证SRv6网络安全不受影响](https://mp.weixin.qq.com/s?__biz=MzIxMDIwODM2MA==&mid=2653931485&idx=2&sn=9867cd25ac6ce0b727806848e5b8060f) + - [ ] [DeepSeek一键部署与DeepSeek免费14元额度羊毛福利](https://mp.weixin.qq.com/s?__biz=MzkyOTQyOTk3Mg==&mid=2247485061&idx=1&sn=41e34f22538f3d7766dfffadea89f948) + - [ ] [人工智能将如何改变劳动力市场:哪些职业将消失,哪些职业将继续存在](https://mp.weixin.qq.com/s?__biz=MzkzNDIzNDUxOQ==&mid=2247494733&idx=1&sn=9f39bc986bcee5287ab657f30bef435c) + - [ ] [2022-2024年间-美国对华芯片出口管制规则的梳理分析](https://mp.weixin.qq.com/s?__biz=MzIxODM0NDU4MQ==&mid=2247506447&idx=1&sn=0a423985369639ab65ad56e3f60aef66) + - [ ] [基于转换模型的安全属性验证](https://mp.weixin.qq.com/s?__biz=MzA5MTYyMDQ0OQ==&mid=2247493616&idx=1&sn=9211f1b45c30a302935f15077cc8b115) + - [ ] [8000字34张图史诗级介绍同轴电缆、双绞线、光纤等线缆,超级详细!](https://mp.weixin.qq.com/s?__biz=MzIyMzIwNzAxMQ==&mid=2649464777&idx=1&sn=32b2badc3ecfeef46c9f362629a4682c) + - [ ] [【吃瓜】《科普文章被网暴》《支持红客,打击霉离贱汉奸走狗!》DeepSeek乱象频发](https://mp.weixin.qq.com/s?__biz=Mzg4MTkwMTI5Mw==&mid=2247488860&idx=1&sn=41c835917e4191a5051118f4df625334) + - [ ] [网络钓鱼与社交工程:如何保护自己免受心理攻击——从受害者画像到防御体系构建](https://mp.weixin.qq.com/s?__biz=Mzk1NzI5MTc0Nw==&mid=2247484721&idx=1&sn=9b57ddd6ef8e9d09eb6c25c6bd0f2b22) + - [ ] [探索 HPE Insight Remote Support 中的最新 CVE](https://mp.weixin.qq.com/s?__biz=MzAxMjYyMzkwOA==&mid=2247527501&idx=1&sn=5f839664fa63bb4e792aa22a18e78ce0) + - [ ] [dde-api-proxy:Deepin D-Bus 代理服务中的身份验证绕过(CVE-2025-23222)](https://mp.weixin.qq.com/s?__biz=MzAxMjYyMzkwOA==&mid=2247527501&idx=2&sn=737f8a4b724e5ff7d00edcdeb03128cb) + - [ ] [Android Web攻击表面](https://mp.weixin.qq.com/s?__biz=MzAxMjYyMzkwOA==&mid=2247527501&idx=3&sn=5f9225bd5a2a555eeb1bfa1f39dd010b) + - [ ] [[民族之悲哀] DeepSeek 正在成为行业败类、无知黑心者的炒作敛财“傀儡”](https://mp.weixin.qq.com/s?__biz=MzkwODI1ODgzOA==&mid=2247506662&idx=1&sn=85cd5ef3832b2cd3e8770a6265aa290c) + - [ ] [美国为何对 DeepSeek 如此“上心”?一场科技博弈的真相](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650559440&idx=1&sn=a71dae9b931ab06febdba6081a3e1c26) + - [ ] [美国联邦调查局“变天”?特朗普全面清洗大动作曝光](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650559440&idx=2&sn=ac91eaccfce9275a6fd64aed2388e1a6) + - [ ] [专家解读 | 推动个人信息出境个人信息保护认证制度落地 促进个人信息高效便利安全跨境流动](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235937&idx=1&sn=d246a29f11e44289e30c16ad02323ea2) + - [ ] [征订|欢迎订阅2025年《中国信息安全》杂志](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235937&idx=2&sn=4edccca64682f8f41e9b56497807eb00) + - [ ] [专家解读 | 提升数据流通安全治理能力 促进数据流通开发利用](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235937&idx=3&sn=4b74cb1e75a739f80043e4d79c6f19a5) + - [ ] [国际 | 日本推进人工智能立法兼顾双重性](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235937&idx=4&sn=f8a6890f42bfbbbee12fcb55f0fde756) + - [ ] [评论 | 铲除“反防沉迷产业链”,撑起“数字晴空”](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235937&idx=5&sn=64e31032d2a327b33ad9368ee8790d3f) + - [ ] [微软惊现「零点击」核弹级漏洞!打开邮件就中招?](https://mp.weixin.qq.com/s?__biz=MzU0NDc0NTY3OQ==&mid=2247488439&idx=1&sn=98793685608a483e27976abf658cb08f) + - [ ] [Linux通用应急响应脚本](https://mp.weixin.qq.com/s?__biz=MzkyNzIxMjM3Mg==&mid=2247489197&idx=1&sn=5884ffe11accd736ab98ef2136c649bb) + - [ ] [前途光明](https://mp.weixin.qq.com/s?__biz=MzkyNzIxMjM3Mg==&mid=2247489197&idx=2&sn=ae88a87de118a9c320d0c5b5821c056e) + - [ ] [网安工作者被骂罕见,红客才是行业主导!](https://mp.weixin.qq.com/s?__biz=MzkyNTQ0OTYxOQ==&mid=2247484019&idx=1&sn=bcf60352216bd1de85eabb90f627c3d3) + - [ ] [“杉菜”再见,大S离世原因](https://mp.weixin.qq.com/s?__biz=Mzg2NDYwMDA1NA==&mid=2247543667&idx=1&sn=ae1deeaf06d309925fe3bfbadf32878d) + - [ ] [恶意样本静态分析-上](https://mp.weixin.qq.com/s?__biz=MzA4ODEyODA3MQ==&mid=2247490311&idx=1&sn=3ddb48128acc2772763bd99ba4cf850a) + - [ ] [APT狩猎工具](https://mp.weixin.qq.com/s?__biz=MzA4ODEyODA3MQ==&mid=2247490311&idx=2&sn=411e5b869e7b4425b9b6ce4d386e170a) + - [ ] [网络钓鱼工具资源库](https://mp.weixin.qq.com/s?__biz=Mzg4NzgyODEzNQ==&mid=2247488641&idx=1&sn=ce3b46fb8a2c5727264f28a851167f8c) + - [ ] [Docker 入门指南:10个核心命令助你快速上手容器化](https://mp.weixin.qq.com/s?__biz=Mzg4NDg3NjE5MQ==&mid=2247485645&idx=1&sn=1bd9d8741680f01bc152d9608e3391fb) + - [ ] [用DeepSeek学习区块链量化](https://mp.weixin.qq.com/s?__biz=MzU3NDY1NTYyOQ==&mid=2247486034&idx=1&sn=c8655d5eb94f15ce10b24ee79ebb2821) + - [ ] [掌握艺术设计学论文文献收集全指南,让文献不再难搞。](https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247493259&idx=1&sn=ea25f2184ac90e4708490138156b2621) + - [ ] [掌握影视摄影与制作论文文献搜集内部攻略,助你写出高分必备指南!](https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247493259&idx=2&sn=822a6781edeeaf9e98aaeb1434eff4ad) + - [ ] [掌握硬核技巧:电子商务论文文献搜集全攻略,再也不愁找不到高质量文献了!](https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247493259&idx=3&sn=8b6a73f7d723ccca32e7506256455a9c) + - [ ] [掌握云计算与大数据论文选题技巧,导师都说靠谱的秘诀指南!](https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247493259&idx=4&sn=efa511efbec97d70ba6bd3f53083017b) + - [ ] [掌握这份电子商务论文初稿生成指南,一天搞定毕业论文!](https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247493259&idx=5&sn=831b7e600453447ad06a62b31b3aef2a) + - [ ] [掌握这份诉讼法学论文文献搜集高阶攻略,提升你的学术创新力!](https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247493259&idx=6&sn=5e1ea103b527981dab1ba28838f2d973) + - [ ] [掌握这份AI版社会保障论文写作大纲高阶脚本指南,一周完整论文不是梦!](https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247493259&idx=7&sn=cf40d9551ecccbb1c21543955cd555a9) + - [ ] [掌握这份ChatGPT物理化学论文选题指南,让论文写作从此不愁!](https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247493259&idx=8&sn=e677fc46b82e5dd576a4dd1503d89713) + - [ ] [谷歌称黑客正滥用Gemini AI来增强攻击能力](https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651313430&idx=1&sn=4afd94e32a04c49dcc25f593341c2fd5) + - [ ] [2025年AI网络安全预测](https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651313430&idx=2&sn=7388f9c978f61ad866c97f57c21abe6f) + - [ ] [Meta确认90名用户遭WhatsApp零点击间谍软件攻击](https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651313430&idx=3&sn=e5f4cbdc2013e8fc276d774eeeb951ae) + - [ ] [微软披露macOS漏洞CVE-2024-44243,允许安装Rootkit](https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651313430&idx=4&sn=6e74cf5e7a16522cf7f639a52c3789c7) + - [ ] [漏洞挖掘 | 基于mssql数据库的sql注入](https://mp.weixin.qq.com/s?__biz=MzUyODkwNDIyMg==&mid=2247547538&idx=1&sn=2de25baa764188f0bd83a351248a40c5) + - [ ] [通过计算机视觉帮助发现隐藏的漏洞](https://mp.weixin.qq.com/s?__biz=MzI4NTcxMjQ1MA==&mid=2247615413&idx=1&sn=363d6567bfa41a8f33e272e1185da50a) + - [ ] [AI驱动API漏洞激增1205%,企业安全面临空前挑战!](https://mp.weixin.qq.com/s?__biz=Mzg3OTYxODQxNg==&mid=2247485686&idx=1&sn=6ad3015e97dc52bd69dc9921b81a5f9c) + - [ ] [大算力之路,生命不选GPU](https://mp.weixin.qq.com/s?__biz=Mzk0MTI4NTIzNQ==&mid=2247492308&idx=1&sn=775c682a9974e1a355dc8b8b2a206a11) + - [ ] [想用 DeepSeek?这里能用,扫码还送 14 元体验金](https://mp.weixin.qq.com/s?__biz=MzkyNzUzMjM1NQ==&mid=2247484777&idx=1&sn=0acdb741af24de7e3f86557afa0a53be) + - [ ] [【2025春节】解题领红包活动排行榜(初六 2/3)](https://mp.weixin.qq.com/s?__biz=MjM5Mjc3MDM2Mw==&mid=2651141670&idx=1&sn=de73fb9cf91c717915c2bd5adcde0c09) + - [ ] [Stratovirt 的 RISC-V 虚拟化支持(五):BootLoader 和设备树](https://mp.weixin.qq.com/s?__biz=MzA5NDQzODQ3MQ==&mid=2648194570&idx=1&sn=c848bb41f340e4869973a3e8eb22c5e8) + - [ ] [标签巨头 Avery 称网站遭黑客攻击,信用卡信息被窃](https://mp.weixin.qq.com/s?__biz=Mzg3ODY0NTczMA==&mid=2247492132&idx=1&sn=13d6fe7fec657cd4cb7b5191b4e4ef8a) + - [ ] [一次区块链的安全研究](https://mp.weixin.qq.com/s?__biz=MzkyNDU2MDk4NQ==&mid=2247484034&idx=1&sn=ecdb621b08c7137bfb1cb1bd900cf5f9) + - [ ] [DeepSeek接入个人知识库,一般电脑也能飞速跑,确实可以封神了!](https://mp.weixin.qq.com/s?__biz=MzkyMzg4MTY4Ng==&mid=2247484596&idx=1&sn=5e1a1f6c02555974e75a31c95e629591) + - [ ] [全网最全、最详细的 Linux 进程间通信方式讲解来了,你不容错过!](https://mp.weixin.qq.com/s?__biz=MzI1NzI5NDM4Mw==&mid=2247498590&idx=1&sn=3ee93d415c16a3700b965bd1c5ddbfe1) + - [ ] [500 美元的漏洞:Censys 搜索如何引导我获得快速漏洞赏金](https://mp.weixin.qq.com/s?__biz=MzkwOTE5MDY5NA==&mid=2247504845&idx=1&sn=8c8fa9f474d370a021e30aa8209268ac) + - [ ] [码住!一次把CISP认证说清楚](https://mp.weixin.qq.com/s?__biz=Mzg4MTg0MjQ5OA==&mid=2247487899&idx=1&sn=f5087c557ca623669bc4a1ad49138032) + - [ ] [一次性把中东关系讲清楚:中东地区的情报战略](https://mp.weixin.qq.com/s?__biz=MzkwNzM0NzA5MA==&mid=2247505221&idx=1&sn=b0a5ccbab53fc8198452223d8cb6eb62) + - [ ] [特朗普“重返中亚”:经济与能源的“双重奏”](https://mp.weixin.qq.com/s?__biz=MzkwNzM0NzA5MA==&mid=2247505221&idx=2&sn=a237923be240db67501e67e018240b6e) + - [ ] [万物随春醒 云堤护网宁](https://mp.weixin.qq.com/s?__biz=MzkxNDY0MjMxNQ==&mid=2247532981&idx=1&sn=a02ca7b9dd52b7b11881079f1e0485aa) + - [ ] [Active Directory Domain Services 权限提升漏洞 (CVE-2025-21293)](https://mp.weixin.qq.com/s?__biz=MzAxODM5ODQzNQ==&mid=2247487001&idx=1&sn=eaae88e6f2b15e26732ca6b90fb5ca69) + - [ ] [Flask代码审计从思路到实战](https://mp.weixin.qq.com/s?__biz=MzkyNTUyNDMyOA==&mid=2247487699&idx=1&sn=34f12cfc82af827d58e8d758143316bf) + - [ ] [OSCP考试必备:最全实战命令手册](https://mp.weixin.qq.com/s?__biz=Mzk0ODY1NzEwMA==&mid=2247486694&idx=1&sn=1cdf7df2384a0e643d3f364d5e3040f1) + - [ ] [麻省理工科技评论:2025年AI五大趋势](https://mp.weixin.qq.com/s?__biz=MzUzODYyMDIzNw==&mid=2247516971&idx=1&sn=65365df101260e7ccf5f42018c654110) + - [ ] [立春|春之启幕 万物生晖](https://mp.weixin.qq.com/s?__biz=MzIxNDIzNTcxMg==&mid=2247506764&idx=1&sn=ce887174eaa79679513bf66138d1fe3b) + - [ ] [内网横向渗透之Windows连接技巧](https://mp.weixin.qq.com/s?__biz=MjM5MjEyMTcyMQ==&mid=2651037466&idx=1&sn=fd456a13dbe3d7a82884d0b43cb51f82) + - [ ] [今日立春](https://mp.weixin.qq.com/s?__biz=Mzg3NTU3NTY0Nw==&mid=2247489552&idx=1&sn=7bf9b6c74a63b3620493157b380a8849) + - [ ] [大年初六 银蛇报春](https://mp.weixin.qq.com/s?__biz=Mzg2MTU5ODQ2Mg==&mid=2247507178&idx=1&sn=d90f00dc663f73a9b5d1e9b926920bc3) + - [ ] [数字取证之法律遵从性u200c](https://mp.weixin.qq.com/s?__biz=MjM5OTk4MDE2MA==&mid=2655265046&idx=1&sn=37f22293698b7e90fd4cc49c08fbc426) + - [ ] [网安原创文章推荐【2025/2/2】](https://mp.weixin.qq.com/s?__biz=MzAxNzg3NzMyNQ==&mid=2247489552&idx=1&sn=4cdba465482fcd99df63ffa4bf4ac236) + - [ ] [以色列间谍无需点击即可入侵 WhatsApp](https://mp.weixin.qq.com/s?__biz=MzkzNDIzNDUxOQ==&mid=2247494727&idx=1&sn=92a7f62638a9a6dc5e71a39655e2b9f1) + - [ ] [大年初六 | 金蛇昂首,“巳”如破竹](https://mp.weixin.qq.com/s?__biz=MzA4MTg0MDQ4Nw==&mid=2247579301&idx=1&sn=35ed47abf0879798ddd2a03509c33f87) + - [ ] [老板让我节后研究一下deepseek](https://mp.weixin.qq.com/s?__biz=Mzk0MTI4NTIzNQ==&mid=2247492302&idx=1&sn=bd877522ae6488d1ff49f8325ab6b720) + - [ ] [程序员注定被淘汰](https://mp.weixin.qq.com/s?__biz=Mzk0MTI4NTIzNQ==&mid=2247492302&idx=2&sn=0144e48c3daefe11282c0145291f06d4) + - [ ] [大年初六丨安天镇关给您拜年了](https://mp.weixin.qq.com/s?__biz=MjM5MTA3Nzk4MQ==&mid=2650209932&idx=1&sn=ffcf5ae2b2a579a036936f3d466c4a18) +- Security Boulevard + - [ ] [Orca Security Adds Additional CNAPP Deployment Options](https://securityboulevard.com/2025/02/orca-security-adds-additional-cnapp-deployment-options/) + - [ ] [Meet Rule Architect: Your AI-Powered WAF Rule Expert | Impart Security](https://securityboulevard.com/2025/02/meet-rule-architect-your-ai-powered-waf-rule-expert-impart-security/) + - [ ] [CISA/FDA Warn: Chinese Patient Monitors Have BAD Bugs](https://securityboulevard.com/2025/02/contec-epsimed-china-fda-cisa-richixbw/) + - [ ] [Randall Munroe’s XKCD ‘AlphaMove’](https://securityboulevard.com/2025/02/randall-munroes-xkcd-alphamove/) + - [ ] [HIPAA Cybersecurity Requirements and Best Practices](https://securityboulevard.com/2025/02/hipaa-cybersecurity-requirements-and-best-practices/) + - [ ] [How to create realistic test data for PostgreSQL](https://securityboulevard.com/2025/02/how-to-create-realistic-test-data-for-postgresql/) + - [ ] [Mockaroo and Tonic: Partners in mock data generation](https://securityboulevard.com/2025/02/mockaroo-and-tonic-partners-in-mock-data-generation/) + - [ ] [Why I joined Tonic: A product manager’s perspective](https://securityboulevard.com/2025/02/why-i-joined-tonic-a-product-managers-perspective/) + - [ ] [The Secret to Your Artifactory: Inside The Attacker Kill-Chain](https://securityboulevard.com/2025/02/the-secret-to-your-artifactory-inside-the-attacker-kill-chain/) + - [ ] [DEF CON 32 – Exposing Attacks Hiding In The Sheer Noise Of False Positives](https://securityboulevard.com/2025/02/def-con-32-exposing-attacks-hiding-in-the-sheer-noise-of-false-positives/) +- Recent Commits to cve:main + - [ ] [Update Mon Feb 3 20:25:45 UTC 2025](https://github.com/trickest/cve/commit/547eaddf6f9cd1e8e42627d796880a8f88ae171a) + - [ ] [Update Mon Feb 3 12:25:21 UTC 2025](https://github.com/trickest/cve/commit/c19a224cde37606b534e629bf1ee9e3a4e6f38b4) + - [ ] [Update Mon Feb 3 04:22:25 UTC 2025](https://github.com/trickest/cve/commit/364e032b264aaf1c882aaefa99178147eb6b841a) +- SecWiki News + - [ ] [SecWiki News 2025-02-03 Review](http://www.sec-wiki.com/?2025-02-03) +- Private Feed for M09Ic + - [ ] [phith0n starred Huanshere/VideoLingo](https://github.com/Huanshere/VideoLingo) + - [ ] [mitre forked mitre/salsa from salsa-rs/salsa](https://github.com/mitre/salsa) + - [ ] [Safe3 released UUSEC WAF Community Edition v6.4.0 at Safe3/uuWAF](https://github.com/Safe3/uuWAF/releases/tag/v6.4.0) + - [ ] [CHYbeta starred Kelvin-1013/Solana-Arbitrage-Bot](https://github.com/Kelvin-1013/Solana-Arbitrage-Bot) + - [ ] [boy-hack starred dyyz1993/twitter-monitor](https://github.com/dyyz1993/twitter-monitor) + - [ ] [gh0stkey starred veracrypt/VeraCrypt](https://github.com/veracrypt/VeraCrypt) + - [ ] [phra starred cmu-sei/GHOSTS](https://github.com/cmu-sei/GHOSTS) + - [ ] [gh0stkey starred browser-use/web-ui](https://github.com/browser-use/web-ui) + - [ ] [gh0stkey starred browser-use/browser-use](https://github.com/browser-use/browser-use) + - [ ] [wabzsy starred SpeedyOrc-C/HoYo-Glyphs](https://github.com/SpeedyOrc-C/HoYo-Glyphs) + - [ ] [wabzsy starred ading2210/linuxpdf](https://github.com/ading2210/linuxpdf) +- Publications | Outflank + - [ ] [Secure Enclaves for Offensive Operations (Part I)](https://www.outflank.nl/blog/2025/02/03/secure-enclaves-for-offensive-operations-part-i/) +- Horizon3.ai + - [ ] [Securing Financial Services: From Promises to Proof with NodeZero®](https://www.horizon3.ai/intelligence/blogs/securing-financial-services-from-promises-to-proof-with-nodezero/) +- Twitter @bytehx + - [ ] [RT Jayesh Madnani: 🚀 Unspoken Bug Bounty Rules – From many years of failures & experience! 🕵️‍♂️ Got a similar bug across multiple assets b...](https://x.com/bytehx343/status/1886462043009769629) + - [ ] [Re @l33tdawg @Verichains Congrats man🎉🎉🎉🎉](https://x.com/bytehx343/status/1886368068483649594) + - [ ] [RT yso: Just uploaded my Bluetooth security testing slides! 📡 Also, Škoda disclosed a vulnerability I reported—they fixed & rewarded it fast! �...](https://x.com/bytehx343/status/1886367495373848670) +- SentinelOne + - [ ] [macOS FlexibleFerret | Further Variants of DPRK Malware Family Unearthed](https://www.sentinelone.com/blog/macos-flexibleferret-further-variants-of-dprk-malware-family-unearthed/) +- Malwarebytes + - [ ] [WhatsApp says Paragon is spying on specific users](https://www.malwarebytes.com/blog/news/2025/02/whatsapp-says-paragon-is-spying-on-specific-users) + - [ ] [A week in security (January 27 – February 2)](https://www.malwarebytes.com/blog/news/2025/02/a-week-in-security-january-27-february-2-2) +- Reverse Engineering + - [ ] [/r/ReverseEngineering's Weekly Questions Thread](https://www.reddit.com/r/ReverseEngineering/comments/1igk62y/rreverseengineerings_weekly_questions_thread/) + - [ ] [Lifting Binaries, Part 0: Devirtualizing VMProtect and Themida: It’s Just Flattening?](https://www.reddit.com/r/ReverseEngineering/comments/1igx34h/lifting_binaries_part_0_devirtualizing_vmprotect/) + - [ ] [Disassembling a binary: linear sweep and recursive traversal](https://www.reddit.com/r/ReverseEngineering/comments/1ih3ga3/disassembling_a_binary_linear_sweep_and_recursive/) + - [ ] [Is there a way to reverse Agile.NET compiled library for NinjaTrader 8?](https://www.reddit.com/r/ReverseEngineering/comments/1iguky3/is_there_a_way_to_reverse_agilenet_compiled/) + - [ ] [AMD: Microcode Signature Verification Vulnerability](https://www.reddit.com/r/ReverseEngineering/comments/1ih3ez3/amd_microcode_signature_verification_vulnerability/) +- glzjin + - [ ] [懒猫微服外挂ProxmoxVE启动方法说明](https://www.zhaoj.in/read-9077.html) +- Webroot Blog + - [ ] [MDR for MSPs: Navigating EDR compatibility](https://www.webroot.com/blog/2025/02/03/mdr-for-msps-navigating-edr-compatibility/) +- FreeBuf网络安全行业门户 + - [ ] [2024年768个CVE漏洞被利用,较2023年增长20%](https://www.freebuf.com/vuls/421042.html) + - [ ] [Shiro CVE-2023-34478 路径规范化不一致](https://www.freebuf.com/vuls/421037.html) + - [ ] [思科研究发现DeepSeek R1极易受有害提示影响](https://www.freebuf.com/articles/421045.html) + - [ ] [俄语系邪恶黑客团伙操纵10余种高度专业化的社交媒体诈骗](https://www.freebuf.com/articles/network/421044.html) + - [ ] [恶意软件冒充DeepSeek AI工具在PyPI上传播](https://www.freebuf.com/articles/421046.html) + - [ ] [疯狂邪恶团伙利用StealC、AMOS和Angel Drainer恶意软件瞄准加密货币](https://www.freebuf.com/articles/network/421028.html) +- daniel.haxx.se + - [ ] [European Open Source Achievement Award](https://daniel.haxx.se/blog/2025/02/03/european-open-source-achievement-award/) +- 奇客Solidot–传递最新科技情报 + - [ ] [天文学家发现一巨型射电星系](https://www.solidot.org/story?sid=80466) + - [ ] [过去四十年海洋表面变暖速度翻了两番](https://www.solidot.org/story?sid=80465) + - [ ] [Ubuntu 的开发讨论平台将从 IRC 迁移到 Matrix](https://www.solidot.org/story?sid=80464) +- 锦行科技 + - [ ] [初六 | 六六大顺](https://mp.weixin.qq.com/s?__biz=MzIxNTQxMjQyNg==&mid=2247493743&idx=1&sn=9735ef44726404099d144253792e54d8&chksm=979a13caa0ed9adca648632b3a4495d3f5749a8ff6f4e170b279b471ff7b6675f7382d149206&scene=58&subscene=0#rd) +- 技可达工作室 + - [ ] [用DeepSeek学习区块链量化](https://mp.weixin.qq.com/s?__biz=MzU3NDY1NTYyOQ==&mid=2247486034&idx=1&sn=c8655d5eb94f15ce10b24ee79ebb2821&chksm=fd2e57b0ca59dea622a62f1323974973b15d0a21a3b284bbaa3832d5fe729c6a28a0bc1f8571&scene=58&subscene=0#rd) +- dotNet安全矩阵 + - [ ] [限时福利 | 2024 年度隧道代理、数据外发、痕迹清理阶段文章和工具汇总](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498677&idx=1&sn=8a4dcac147d84f3f1bd3ccb37a8d5e9e&chksm=fa595558cd2edc4e632bbfa5ccf31a9f66ee0d13161c10d466ac3487177f072458ac51f42af0&scene=58&subscene=0#rd) + - [ ] [总结 | 2024 年度内网实战攻防电子报刊 34 篇文章内容汇总](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498677&idx=2&sn=b973bed512a412529ca496db03a70cb7&chksm=fa595558cd2edc4e0635075a22a66da8311fced2fb3f09b46376c516d06ca1bdf5713c5374f3&scene=58&subscene=0#rd) + - [ ] [2024 年度本地权限操作阶段文章和工具汇总](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498677&idx=3&sn=7bf0c0bc3fdbee0fcbac31d78562ff0f&chksm=fa595558cd2edc4ee958c938fecfe4b37a180940e3b19ba4c06ca3aac6292817262680e954c3&scene=58&subscene=0#rd) +- 安全分析与研究 + - [ ] [恶意样本静态分析-上](https://mp.weixin.qq.com/s?__biz=MzA4ODEyODA3MQ==&mid=2247490311&idx=1&sn=3ddb48128acc2772763bd99ba4cf850a&chksm=902fb42fa7583d39df80656526a79ff7e90160bdaf250c3ef5570920f6290bc7d172804eeeec&scene=58&subscene=0#rd) + - [ ] [APT狩猎工具](https://mp.weixin.qq.com/s?__biz=MzA4ODEyODA3MQ==&mid=2247490311&idx=2&sn=411e5b869e7b4425b9b6ce4d386e170a&chksm=902fb42fa7583d3998df7212df242d3ded6c932acd3b4b8a1fc90df1dcdea22ff764a30d9c03&scene=58&subscene=0#rd) +- 吾爱破解论坛 + - [ ] [【2025春节】解题领红包活动排行榜(初六 2/3)](https://mp.weixin.qq.com/s?__biz=MjM5Mjc3MDM2Mw==&mid=2651141670&idx=1&sn=de73fb9cf91c717915c2bd5adcde0c09&chksm=bd50a6728a272f64da4372a71de026e82781be975527fbb78c174055dc84299836178249ac7f&scene=58&subscene=0#rd) +- 丁爸 情报分析师的工具箱 + - [ ] [【资料】生成式人工智能下的世界](https://mp.weixin.qq.com/s?__biz=MzI2MTE0NTE3Mw==&mid=2651148842&idx=1&sn=a98ad85e918a855004f545cb00b2141b&chksm=f1af2510c6d8ac063ffdd7fa3fe1058b652280fbd2ae894b93c5781e7646424e70472f15f631&scene=58&subscene=0#rd) +- 看雪学苑 + - [ ] [浅析代码重定位技术](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458589301&idx=1&sn=f8b5a4c4740123d4431ccb68a9063f17&chksm=b18c28ff86fba1e99cd342a44cbdef0919f382e909a6181f50378ef9f83b9e5a90ed2a4eba53&scene=58&subscene=0#rd) + - [ ] [实用干货!无人机安全攻防入门,速来报名](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458589301&idx=2&sn=cd340085d0abd8a5fc5233d9ec93603f&chksm=b18c28ff86fba1e99daf5639ca2271fc027a1fdf2e613c62c6759c1135458a9f9e5e21bb30f4&scene=58&subscene=0#rd) +- 信息安全国家工程研究中心 + - [ ] [【二十四节气】立春 | 冬去春来万物生](https://mp.weixin.qq.com/s?__biz=MzU5OTQ0NzY3Ng==&mid=2247498793&idx=1&sn=441c9d8c6db5d81afa624f8430127389&chksm=feb67d3ac9c1f42c15e947ca936857e5d5c64261d37496ee03b940a94c66338e2c99840b5e5d&scene=58&subscene=0#rd) +- 安全研究GoSSIP + - [ ] [G.O.S.S.I.P 2025 新春总动员(1):疯狂的PDF](https://mp.weixin.qq.com/s?__biz=Mzg5ODUxMzg0Ng==&mid=2247499652&idx=1&sn=589b1778aa04f72cdc07c947be4bc17c&chksm=c063d15df714584b9680831e04f60a8d775211b89366d6125e8a337aa07a891760a5f272c4ba&scene=58&subscene=0#rd) +- 杨龙 + - [ ] [nginx restart failed:nginx: [alert] OPENSSL_init_ssl() failed (SSL: error:12800067:DSO support routines::could not load the shared library:filename(/snap/certbot/4325/usr/lib/x86_64-linux-gnu/ossl-modules/fips.so): /snap/certbot/4325/usr/lib/x86_64-linux-gnu/ossl-modules/fips.so: cannot open shared object file: No such file or directory error:12800067:DSO support routines::could not load the shared library error:07880025:common libcrypto routines::reason(37):name=fips error:0700006D:configuration file routines::module initialization error:module=providers, value=provider_sect retcode=-1 ) 解决办法](https://www.yanglong.pro/nginx-restart-failednginx-alert-openssl_init_ssl-failed-ssl-error12800067dso-support-routinescould-not-load-the-shared-libraryfilename-snap-certbot-4325-usr-lib-x86_64-linux-gnu-ossl-mod/) +- 中国信息安全 + - [ ] [专家解读 | 推动个人信息出境个人信息保护认证制度落地 促进个人信息高效便利安全跨境流动](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235937&idx=1&sn=d246a29f11e44289e30c16ad02323ea2&chksm=8b580158bc2f884ee870cf909293f550b4c6d68f752798b4305df99158a937ae96c708b46913&scene=58&subscene=0#rd) + - [ ] [征订|欢迎订阅2025年《中国信息安全》杂志](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235937&idx=2&sn=4edccca64682f8f41e9b56497807eb00&chksm=8b580158bc2f884e1eadb1ba8edd1fc7ee1b96d216203155cb5d91797f95b1378359e3428734&scene=58&subscene=0#rd) + - [ ] [专家解读 | 提升数据流通安全治理能力 促进数据流通开发利用](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235937&idx=3&sn=4b74cb1e75a739f80043e4d79c6f19a5&chksm=8b580158bc2f884ec910feed597fb437cb51a6951c0f1ae66fb67ec4ab7d0b6a18b58f8fdeb4&scene=58&subscene=0#rd) + - [ ] [国际 | 日本推进人工智能立法兼顾双重性](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235937&idx=4&sn=f8a6890f42bfbbbee12fcb55f0fde756&chksm=8b580158bc2f884ee7d8be0d3b95af42bf87dc525ebe931098d6678ae4a3721ef29ebeda5c6c&scene=58&subscene=0#rd) + - [ ] [评论 | 铲除“反防沉迷产业链”,撑起“数字晴空”](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235937&idx=5&sn=64e31032d2a327b33ad9368ee8790d3f&chksm=8b580158bc2f884ebdeeb7ed2b4c3494060fcc77a43367fd6ea18e1cc4f062d3772f1dd9519e&scene=58&subscene=0#rd) +- 极客公园 + - [ ] [为什么说大模型,补上了搜索的最后一块短板](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653073232&idx=1&sn=2e8dd2550e1834a9affa554d120ca22e&chksm=7e57d2e649205bf04b6221d8162c87808b7db4914fb54ed96ff7894c4dbdf9ae2fc3b60d5446&scene=58&subscene=0#rd) + - [ ] [微信视频美颜「仅自己可见」,官方:都能看见;《哪吒 2》破30亿冲击票房冠军;水上机器人救回 3 位溺水者 | 极客早知道](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653073231&idx=1&sn=075c62ad2e8d854da64c1ed036e2bb36&chksm=7e57d2f949205befef103e65c9db8965a3a3a773976308faabe56e0234093ebad38383430fe8&scene=58&subscene=0#rd) +- 情报分析师 + - [ ] [美国为何对 DeepSeek 如此“上心”?一场科技博弈的真相](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650559440&idx=1&sn=a71dae9b931ab06febdba6081a3e1c26&chksm=87117d9bb066f48de68a68083afd89c401fc25c0148c8c7d276322a69401f9f0519b30a3fd15&scene=58&subscene=0#rd) + - [ ] [美国联邦调查局“变天”?特朗普全面清洗大动作曝光](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650559440&idx=2&sn=ac91eaccfce9275a6fd64aed2388e1a6&chksm=87117d9bb066f48d6b4f6c684a3bf0af5da9b279e4674d5c1dc38c70d86f10fae55b46bf64a4&scene=58&subscene=0#rd) +- Black Hills Information Security + - [ ] [Introducing ORBIT, Scan Targets and Clients at Scale](https://www.blackhillsinfosec.com/introducing-orbit-scan-targets-and-clients-at-scale/) +- 360数字安全 + - [ ] [大年初六 | 金蛇昂首,“巳”如破竹](https://mp.weixin.qq.com/s?__biz=MzA4MTg0MDQ4Nw==&mid=2247579301&idx=1&sn=35ed47abf0879798ddd2a03509c33f87&chksm=9f8d26ada8faafbbbb8a81d52e8929c1dfdcf019590ce3e3b1fffe2c997372f76abc89f2a72f&scene=58&subscene=0#rd) +- Qualys Security Blog + - [ ] [Qualys TotalAppSec Delivers AI-powered Unified Application Risk Management for Modern Web Apps and APIs](https://blog.qualys.com/category/product-tech) +- 迪哥讲事 + - [ ] [列目录引起的信息泄露获取1w5赏金](https://mp.weixin.qq.com/s?__biz=MzIzMTIzNTM0MA==&mid=2247497023&idx=1&sn=f4dad5920e40978a4ba8d4c41549b151&chksm=e8a5ff5cdfd2764a24279a9dc8a829590dbe024450bedf43308c4ac21ef5ed933c146156054e&scene=58&subscene=0#rd) +- Securityinfo.it + - [ ] [Meta smantella una campagna di spionaggio su WhatsApp](https://www.securityinfo.it/2025/02/03/meta-smantella-una-campagna-di-spionaggio-su-whatsapp/?utm_source=rss&utm_medium=rss&utm_campaign=meta-smantella-una-campagna-di-spionaggio-su-whatsapp) + - [ ] [CERT-AGID 25 – 31 gennaio: attacchi contro funzionari governativi e rappresentanti di ambasciate](https://www.securityinfo.it/2025/02/03/cert-agid-25-31-gennaio-attacchi-funzionari-governativi-rappresentanti-ambasciate/?utm_source=rss&utm_medium=rss&utm_campaign=cert-agid-25-31-gennaio-attacchi-funzionari-governativi-rappresentanti-ambasciate) +- Krypt3ia + - [ ] [Corporate Panopticon: How Big Tech Became the New Surveillance State](https://krypt3ia.wordpress.com/2025/02/03/corporate-panopticon-how-big-tech-became-the-new-surveillance-state/) + - [ ] [Modern Moscow Rules: Counter-Surveillance in the Digital & Physical World](https://krypt3ia.wordpress.com/2025/02/03/modern-moscow-rules-counter-surveillance-in-the-digital-physical-world/) + - [ ] [Krypt3ia Daily Cyber Threat Intelligence (CTI) Digest](https://krypt3ia.wordpress.com/2025/02/03/krypt3ia-daily-cyber-threat-intelligence-cti-digest-8/) +- Over Security - Cybersecurity news aggregator + - [ ] [‘Yes, this is real’: hackers targeting high-profile X accounts blur fact and fiction](https://therecord.media/hackers-x-accounts-security-crypto) + - [ ] [Amazon Redshift gets new default settings to prevent data breaches](https://www.bleepingcomputer.com/news/security/amazon-redshift-gets-new-default-settings-to-prevent-data-breaches/) + - [ ] [Woman nabbed by Thai police on alleged link to $182 million romance scam](https://therecord.media/arrest-thai-police-woman-romance-scam) + - [ ] [Australia sanctions ‘Terrorgram’ white supremacist online group](https://therecord.media/australia-sanctions-terrorgram-online-hate-group) + - [ ] [Canadian charged in two crypto platform thefts totaling $65 million](https://therecord.media/indictment-canadian-two-cryptocurrency-platform-hacks) + - [ ] [Google fixes Android kernel zero-day exploited in attacks](https://www.bleepingcomputer.com/news/security/google-fixes-android-kernel-zero-day-exploited-in-attacks/) + - [ ] [Journalist targeted on WhatsApp by Paragon spyware: “I feel violated”](https://techcrunch.com/2025/02/03/journalist-targeted-on-whatsapp-by-paragon-spyware-i-feel-violated/) + - [ ] [Canadian charged with stealing $65 million using DeFI crypto exploits](https://www.bleepingcomputer.com/news/security/canadian-charged-with-stealing-65-million-using-defi-crypto-exploits/) + - [ ] [Casio UK online store hacked to steal customer credit cards](https://www.bleepingcomputer.com/news/security/casio-uk-online-store-hacked-to-steal-customer-credit-cards/) + - [ ] [Mississippi electric utility warns 20,000 residents of data breach](https://therecord.media/mississippii-electric-utility-residents-breach) + - [ ] [1win - 96,166,543 breached accounts](https://haveibeenpwned.com/PwnedWebsites#1win) + - [ ] [Kazakhstan to audit foreign ministry after suspected Russia-linked cyberattack](https://therecord.media/kazakhstan-foreign-ministry-cyberattack-russia) + - [ ] [Microsoft kills off Defender 'Privacy Protection' VPN feature](https://www.bleepingcomputer.com/news/microsoft/microsoft-kills-off-defender-privacy-protection-vpn-feature/) + - [ ] [DeepSeek AI tools impersonated by infostealer malware on PyPI](https://www.bleepingcomputer.com/news/security/deepseek-ai-tools-impersonated-by-infostealer-malware-on-pypi/) + - [ ] [Telemarketing e trattamento illecito dei dati: la sanzione privacy a E.On sia monito per tutti](https://www.cybersecurity360.it/news/sanzione-eon-garante-privacy/) + - [ ] [Japanese sportswear company Mizuno confirms data breach after 2024 ransomware claims](https://therecord.media/mizuno-data-breach-notification) + - [ ] [AI Act, scattano i primi divieti: chi rischia le sanzioni e le prossime tappe](https://www.cybersecurity360.it/news/ai-act-scattano-i-primi-divieti-chi-rischia-le-sanzioni-e-le-prossime-tappe/) + - [ ] [Analysis of an advanced malicious Chrome extension](https://palant.info/2025/02/03/analysis-of-an-advanced-malicious-chrome-extension/) + - [ ] [Sweden releases suspected ship, says cable break ‘clearly’ not sabotage](https://therecord.media/sweden-releases-ship-suspected-cable-sabotage) + - [ ] [Cyble Sensors Detect Attacks on Apache OFBiz, Palo Alto Networks](https://cyble.com/blog/cyble-sensors-detect-attacks-on-palo-alto-networks/) + - [ ] [Vidar muta ancora: payload variabile e offuscamento più raffinato per questa nuova ondata](https://cert-agid.gov.it/news/vidar-muta-ancora-payload-variabile-e-offuscamento-piu-raffinato-per-questa-nuova-ondata/) + - [ ] [Russian hackers suspected of compromising British PM’s personal email account](https://therecord.media/keir-starmer-email-hack-russia-suspected) + - [ ] [Apple Issues Security Updates for iOS, macOS, watchOS, and More—Patch Now!](https://cyble.com/blog/apple-fixes-cve-2025-24085-security-update/) + - [ ] [Trump elimina i vincoli all’IA: i rischi cyber e privacy e le questioni etiche](https://www.cybersecurity360.it/cultura-cyber/trump-elimina-i-vincoli-allia-i-rischi-cyber-e-privacy-e-le-questioni-etiche/) + - [ ] [Meta smantella una campagna di spionaggio su WhatsApp](https://www.securityinfo.it/2025/02/03/meta-smantella-una-campagna-di-spionaggio-su-whatsapp/) + - [ ] [PyPI adds project archiving system to stop malicious updates](https://www.bleepingcomputer.com/news/security/pypi-adds-project-archiving-system-to-stop-malicious-updates/) + - [ ] [Vulnerabilità in Cisco Webex Chat, a rischio dati aziendali riservati: come mitigarla](https://www.cybersecurity360.it/news/vulnerabilita-in-cisco-webex-chat-a-rischio-dati-aziendali-riservati-come-mitigarla/) + - [ ] [CERT-AGID 25 – 31 gennaio: attacchi contro funzionari governativi e rappresentanti di ambasciate](https://www.securityinfo.it/2025/02/03/cert-agid-25-31-gennaio-attacchi-funzionari-governativi-rappresentanti-ambasciate/) + - [ ] [DragonNest - 511,290 breached accounts](https://haveibeenpwned.com/PwnedWebsites#DragonNest) +- SANS Internet Storm Center, InfoCON: green + - [ ] [Crypto Wallet Scam, (Mon, Feb 3rd)](https://isc.sans.edu/diary/rss/31646) + - [ ] [ISC Stormcast For Monday, February 3rd, 2025 https://isc.sans.edu/podcastdetail/9306, (Mon, Feb 3rd)](https://isc.sans.edu/diary/rss/31644) +- LuxSci + - [ ] [The Risks of Non-Compliant Email: How HIPAA Violations Hurt Healthcare Companies](https://luxsci.com/blog/the-risks-of-non-compliant-email-how-hipaa-violations-hurt-healthcare-companies.html) +- Posts By SpecterOps Team Members - Medium + - [ ] [Further Adventures With CMPivot — Client Coercion](https://posts.specterops.io/further-adventures-with-cmpivot-client-coercion-38b878b740ac?source=rss----f05f8696e3cc---4) +- ICT Security Magazine + - [ ] [E-Identity ed eIDAS 2.0: l’evoluzione dell’identità digitale europea](https://www.ictsecuritymagazine.com/notizie/e-identity-e-eidas-2-0/) +- Schneier on Security + - [ ] [Journalists and Civil Society Members Using WhatsApp Targeted by Paragon Spyware](https://www.schneier.com/blog/archives/2025/02/journalists-and-civil-society-members-using-whatsapp-targeted-by-paragon-spyware.html) +- Have I Been Pwned latest breaches + - [ ] [1win - 96,166,543 breached accounts](https://haveibeenpwned.com/PwnedWebsites#1win) + - [ ] [DragonNest - 511,290 breached accounts](https://haveibeenpwned.com/PwnedWebsites#DragonNest) +- TG Soft Software House - News + - [ ] [Phishing: i tentativi di furto credenziali e/o dati maggiormente diffusi nel mese di FEBBRAIO 2025...](http://www.tgsoft.it/italy/news_archivio.asp?id=1609) +- The Register - Security + - [ ] [TSA’s airport facial-recog tech faces audit probe](https://go.theregister.com/feed/www.theregister.com/2025/02/03/tsa_facial_recognition_audit/) + - [ ] [2 officers bailed as anti-corruption unit probes data payouts to N Irish cops](https://go.theregister.com/feed/www.theregister.com/2025/02/03/two_psni_officers_arrested_bailed/) + - [ ] [Privacy Commissioner warns the ‘John Smiths’ of the world can acquire ‘digital doppelgangers’](https://go.theregister.com/feed/www.theregister.com/2025/02/03/australia_digital_doppelgangers_privacy_award/) + - [ ] [Medical monitoring machines spotted stealing patient data, users warned to pull the plug ASAP](https://go.theregister.com/feed/www.theregister.com/2025/02/03/backdoored_contec_patient_monitors_leak_data/) +- TorrentFreak + - [ ] [Publishers Ramp Up Pressure vs. Anna’s Archive, Sci-Hub, Z-Library & Libgen](https://torrentfreak.com/publishers-ramp-up-pressure-vs-annas-archive-sci-hub-z-library-libgen-250203/) + - [ ] [MPA Shares Pirate Site Blocking ‘Best Practices’ at WIPO Meeting](https://torrentfreak.com/mpa-shares-pirate-site-blocking-best-practices-at-wipo-meeting-250203/) +- Your Open Hacker Community + - [ ] [How do you know what xss payload to use](https://www.reddit.com/r/HowToHack/comments/1igybrw/how_do_you_know_what_xss_payload_to_use/) + - [ ] [What is the best wordlist?](https://www.reddit.com/r/HowToHack/comments/1ih2ewh/what_is_the_best_wordlist/) + - [ ] [Game Save Hack](https://www.reddit.com/r/HowToHack/comments/1ih2139/game_save_hack/) + - [ ] [Need Help Setting Up a Proxy Server for HTTP Custom with Custom Payload on OMV (Debian)](https://www.reddit.com/r/HowToHack/comments/1igprcu/need_help_setting_up_a_proxy_server_for_http/) + - [ ] [Hacking an android device.](https://www.reddit.com/r/HowToHack/comments/1igtb54/hacking_an_android_device/) + - [ ] [SunNxt movies download](https://www.reddit.com/r/HowToHack/comments/1igmnwu/sunnxt_movies_download/) + - [ ] [Hey new guy, I have a question Does anyone have anything that is in url form that i can send my friends that will crash a chromebook.](https://www.reddit.com/r/HowToHack/comments/1igz5tg/hey_new_guy_i_have_a_question_does_anyone_have/) + - [ ] [Tizen os](https://www.reddit.com/r/HowToHack/comments/1igjoy4/tizen_os/) + - [ ] [how to find a password](https://www.reddit.com/r/HowToHack/comments/1igjfkf/how_to_find_a_password/) +- Trend Micro Research, News and Perspectives + - [ ] [Native Sensors vs. Integrations for XDR Platforms?](https://www.trendmicro.com/en_us/research/25/b/native-sensors-integrations-xdr-platform.html) +- Deeplinks + - [ ] [Open Licensing Promotes Culture and Learning. That's Why EFF Is Upgrading its Creative Commons Licenses.](https://www.eff.org/deeplinks/2025/02/open-licensing-promotes-culture-and-learning-thats-why-eff-upgrading-its-creative) +- Technical Information Security Content & Discussion + - [ ] [How Attackers Can Bypass OPA Gatekeeper in Kubernetes Due to Rego Flaws](https://www.reddit.com/r/netsec/comments/1igvgbh/how_attackers_can_bypass_opa_gatekeeper_in/) +- Security Affairs + - [ ] [Web Skimmer found on at least 17 websites, including Casio UK](https://securityaffairs.com/173797/malware/web-skimmer-casio-uks-site.html) + - [ ] [Crazy Evil gang runs over 10 highly specialized social media scams](https://securityaffairs.com/173784/cyber-crime/crazy-evil-runs-10-social-media-scams.html) + - [ ] [Elon Musk ’s DOGE team granted ‘full access’ to sensitive Treasury systems. What are the risks?](https://securityaffairs.com/173776/security/elon-musk-s-doge-granted-full-access-to-sensitive-treasury-systems.html) + - [ ] [Texas is the first state to ban DeepSeek on government devices](https://securityaffairs.com/173764/laws-and-regulations/texas-bans-deepseek-and-rednote-govt-devices.html) + - [ ] [Law enforcement seized the domains of HeartSender cybercrime marketplaces](https://securityaffairs.com/173750/cyber-crime/heartsender-cybercrime-marketplaces-seized.html) +- Palo Alto Networks Blog + - [ ] [10 Cyber Recommendations for the Trump Administration](https://www.paloaltonetworks.com/blog/2025/02/10-cyber-recommendations-trump-administration/) +- Computer Forensics + - [ ] [Sigma Rule Repo](https://www.reddit.com/r/computerforensics/comments/1igy288/sigma_rule_repo/) +- The Hacker News + - [ ] [768 CVEs Exploited in 2024, Reflecting a 20% Increase from 639 in 2023](https://thehackernews.com/2025/02/768-cves-exploited-in-2024-reflecting.html) + - [ ] [PyPI Introduces Archival Status to Alert Users About Unmaintained Python Packages](https://thehackernews.com/2025/02/pypi-introduces-archival-status-to.html) + - [ ] [⚡ THN Weekly Recap: Top Cybersecurity Threats, Tools and Tips [27 February]](https://thehackernews.com/2025/02/thn-weekly-recap-top-cybersecurity.html) + - [ ] [Coyote Malware Expands Reach: Now Targets 1,030 Sites and 73 Financial Institutions](https://thehackernews.com/2025/02/coyote-malware-expands-reach-now.html) + - [ ] [What Is Attack Surface Management?](https://thehackernews.com/2025/02/what-is-attack-surface-management.html) + - [ ] [Crazy Evil Gang Targets Crypto with StealC, AMOS, and Angel Drainer Malware](https://thehackernews.com/2025/02/crazy-evil-gang-targets-crypto-with.html) diff --git a/archive/tmp/2025-02-04.json b/archive/tmp/2025-02-04.json new file mode 100644 index 0000000000..c555d28cc2 --- /dev/null +++ b/archive/tmp/2025-02-04.json @@ -0,0 +1,383 @@ +{ + "Doonsec's feed": { + "06x函数50-55": "https://mp.weixin.qq.com/s?__biz=MzA3NDE0NTY0OQ==&mid=2247484328&idx=1&sn=56cb7fa45a42211cef760c64219cfe6d", + "靶场系列之Kioptix Level 4": "https://mp.weixin.qq.com/s?__biz=Mzk1NzIzNjM0OQ==&mid=2247484082&idx=1&sn=8ae9a5e59b4672dd6ca406e270e8bd72", + "【Win11抓不到密码?】| 内存匹配规则的添加!!": "https://mp.weixin.qq.com/s?__biz=Mzk1NzM5MTI2Mg==&mid=2247484433&idx=1&sn=c880bb48a013ff14e3bab913ecbfe043", + "渗透测试与Linux管理系统化": "https://mp.weixin.qq.com/s?__biz=Mzk1Nzc0MzY3NA==&mid=2247483802&idx=1&sn=5d2ed26dce664d4671ea49803c0b5721", + "openEuler 24.03 操作系统上部署 DeepSeek-R1:671B 大模型训练使用GPU显卡NVIDIA A100": "https://mp.weixin.qq.com/s?__biz=Mzg2MjYxODQ4Mw==&mid=2247485001&idx=1&sn=7cafb2cadfaa1242093af5dd79f1f9b4", + "【burpsuite靶场-服务端4】命令注入漏洞": "https://mp.weixin.qq.com/s?__biz=MzkzMDg1MzIwNA==&mid=2247487335&idx=1&sn=c230b1063e5abc07d7a340d33329a10e", + "一键直达,告别中转!AutoRedirector 插件让你的浏览体验飞起来!": "https://mp.weixin.qq.com/s?__biz=MzU2MTc4NTEyNw==&mid=2247486485&idx=1&sn=0708e0ba9aaae6b483cf7006497b904d", + "2025年网络安全态势感知的主要趋势和挑战": "https://mp.weixin.qq.com/s?__biz=MzU2NDY2OTU4Nw==&mid=2247518539&idx=1&sn=a6be0023f68c6a11448c70df2384b293", + "世界需要一个能谋善断的AI(七)数字分身:生理永生与数字永生的思考": "https://mp.weixin.qq.com/s?__biz=MzAxOTk3NTg5OQ==&mid=2247492313&idx=1&sn=c436d968a908073fb49f919afe55128d", + "Unity游戏开发学习笔记": "https://mp.weixin.qq.com/s?__biz=MjM5Mzc4MzUzMQ==&mid=2650260521&idx=1&sn=0ab4effac06bb65dab6afa3ebf32e1b7", + "大模型基础": "https://mp.weixin.qq.com/s?__biz=MjM5OTk4MDE2MA==&mid=2655265044&idx=1&sn=7801ee77daf09eae3fe05c448a3a2c43", + "日产聆风电动汽车(Leaf-EV)-2018款本地拒绝服务漏洞": "https://mp.weixin.qq.com/s?__biz=MzkyOTg3ODc5OA==&mid=2247484330&idx=1&sn=8558bf04848af41f0e0f56123fc3ae5d", + "列目录引起的信息泄露获取1w5赏金": "https://mp.weixin.qq.com/s?__biz=MzIzMTIzNTM0MA==&mid=2247497023&idx=1&sn=f4dad5920e40978a4ba8d4c41549b151", + "特斯拉电动汽车越狱": "https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247620379&idx=1&sn=0d4d48f552a8acea197682a3d291f961", + "智慧护航:量产落地的盖瑞特入侵检测系统,确保智能网联汽车安全": "https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247620379&idx=2&sn=5d7fd1071b30851066c47559fe48c00f", + "单芯片舱驾&舱控跨域融合技术方案在线培训课": "https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247620379&idx=3&sn=6703784580243fe5c19338db1ccf0fc1", + "联发科发布公告CVE-2025-20633可能导致远程代码执行": "https://mp.weixin.qq.com/s?__biz=MzkzNDIzNDUxOQ==&mid=2247494738&idx=1&sn=f776c6f5b2c8fbd315f6a6fbb4e83658", + "G.O.S.S.I.P 2025 新春总动员(1):疯狂的PDF": "https://mp.weixin.qq.com/s?__biz=Mzg5ODUxMzg0Ng==&mid=2247499652&idx=1&sn=589b1778aa04f72cdc07c947be4bc17c", + "SecWiki周刊(第570期)": "https://mp.weixin.qq.com/s?__biz=MjM5NDM1OTM0Mg==&mid=2651053429&idx=1&sn=31d3160a718b707ff1494a94ccb17e05", + "SecWiki周刊(第569期)": "https://mp.weixin.qq.com/s?__biz=MjM5NDM1OTM0Mg==&mid=2651053429&idx=2&sn=52ca024a6e40c3b8bfa8aee1ae304c03", + "SecWiki周刊(第568期)": "https://mp.weixin.qq.com/s?__biz=MjM5NDM1OTM0Mg==&mid=2651053429&idx=3&sn=a8270fb531eb9042a816850e48c609e2", + "SecWiki周刊(第567期)": "https://mp.weixin.qq.com/s?__biz=MjM5NDM1OTM0Mg==&mid=2651053429&idx=4&sn=1a33c07c70777c6b4ee1ff6913533e0d", + "大年初六 | 辞旧迎新,送穷迎福": "https://mp.weixin.qq.com/s?__biz=MzU3MzU4NjI4OQ==&mid=2247516498&idx=1&sn=e9790d235440fdc1e5d82fbb21a2ff57", + "小白也能懂的DeepSeek本地安装教程": "https://mp.weixin.qq.com/s?__biz=MzU5NzQ3NzIwMA==&mid=2247486425&idx=1&sn=d5a313dd4ffa06ab7ccd8e37ca614892", + "海外虚拟信用卡之BinPay": "https://mp.weixin.qq.com/s?__biz=MzkyNzYzNTQ2Nw==&mid=2247484119&idx=1&sn=ba45102f59a34f18e8ced5e0639b48b9", + "白嫖DeepSeek R1 -腾讯云部署将免费进行到底!": "https://mp.weixin.qq.com/s?__biz=MjM5Nzk3MjMzMA==&mid=2650570216&idx=1&sn=4dded799de34c8aad693320a5562dccc", + "Topert4|内容计划|已有内容|10小时后删除": "https://mp.weixin.qq.com/s?__biz=MzU5Njg5NzUzMw==&mid=2247490468&idx=1&sn=7e879727a18c30ea764c2f7f090ccfab", + "1月份,到访奇安信的两大车企巨头!": "https://mp.weixin.qq.com/s?__biz=MzkzMzcxNTQyNw==&mid=2247485600&idx=1&sn=1080d72650a49581ed39b353de1b2693", + "服务崩溃,DeepSeek该给金主一个贴金的机会": "https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485511&idx=1&sn=4df6a88c69aee53ffdd181cc712e7f41", + "【干货原创】实网攻防演习常态化,会带来什么变化01": "https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485511&idx=4&sn=68b99bc3a3d9c0166c11be378b838cac", + "【干货原创】K12教育,鲜为人知的模式秘密": "https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485511&idx=5&sn=66af2d055dd3946c55837e742af38e56", + "原创文章目录": "https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485511&idx=6&sn=881293b43a52e8b558223c554ddebcbf", + "秦安:伟大的战略反攻已经开始,灵动之蛇年,中国人民就靠真功夫": "https://mp.weixin.qq.com/s?__biz=MzA5MDg1MDUyMA==&mid=2650476470&idx=1&sn=f6505f40fe1a4a811cd9320a2365b123", + "秦安:初一,美国动手了,安全和道德问题,以小人之心量君子之腹": "https://mp.weixin.qq.com/s?__biz=MzA5MDg1MDUyMA==&mid=2650476470&idx=2&sn=e3248c99757c48d1753daab3678c4bb3", + "这么强的渗透神器,你真的舍得不试试?": "https://mp.weixin.qq.com/s?__biz=Mzg5OTg1MDk0Mw==&mid=2247485506&idx=1&sn=b0b0b4fac01f448f36a415fb860eeb81", + "企业信息安全建设:你的数据防线真的固若金汤吗?": "https://mp.weixin.qq.com/s?__biz=MzI5MjEyOTE4MA==&mid=2648520049&idx=1&sn=2ebb6422e7ffeffd0e9e501bd6ec2c7f", + "ISO 45001: 2018 标准详解与实施(14)7.1 资源": "https://mp.weixin.qq.com/s?__biz=MzA5OTEyNzc1Nw==&mid=2247486063&idx=1&sn=377991c5d6f47b70bc76fd3db40d4292", + "【资料】生成式人工智能下的世界": "https://mp.weixin.qq.com/s?__biz=MzI2MTE0NTE3Mw==&mid=2651148842&idx=1&sn=a98ad85e918a855004f545cb00b2141b", + "智能网联汽车多域电子电气架构会如何发展?": "https://mp.weixin.qq.com/s?__biz=MzIzOTc2OTAxMg==&mid=2247549671&idx=1&sn=7043300bc8465aca13f85f5610eadd9f", + "CAN总线不加终端电阻会咋样?": "https://mp.weixin.qq.com/s?__biz=MzIzOTc2OTAxMg==&mid=2247549671&idx=2&sn=1ccdb8a902fad33f54ae970878279444", + "星火年鉴 | 工业互联网标识智库2024年度热文盘点,你最pick哪一篇?": "https://mp.weixin.qq.com/s?__biz=MzU1OTUxNTI1NA==&mid=2247592465&idx=1&sn=c1802084a4d36089406dfe91c03545c7", + "浅析代码重定位技术": "https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458589301&idx=1&sn=f8b5a4c4740123d4431ccb68a9063f17", + "实用干货!无人机安全攻防入门,速来报名": "https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458589301&idx=2&sn=cd340085d0abd8a5fc5233d9ec93603f", + "实施数据加密策略:保护云中敏感数据的关键要素(一)": "https://mp.weixin.qq.com/s?__biz=MzkyMzU2NjQyNA==&mid=2247483943&idx=1&sn=30651b48ba2470ae7cf394536e6f42db", + "【文末抽奖】奉天安全团队招人啦": "https://mp.weixin.qq.com/s?__biz=Mzk0NjQ2NzQ0Ng==&mid=2247485016&idx=1&sn=eacd6f2faccf3347f92496544b099c41", + "本地部署DeepSeek R1辅助CTF解题详解": "https://mp.weixin.qq.com/s?__biz=Mzg2MjgwMzIxMA==&mid=2247484868&idx=1&sn=ed0f3277300e13861180e709a4818013", + "【计划】2025,开工大吉及年度工作计划": "https://mp.weixin.qq.com/s?__biz=MzU5MTM4MTIxMA==&mid=2247485508&idx=1&sn=21554b6361dcb2d065befb222b6da092", + "【培训通知】2025年第一期专业反窃密技术操作培训班开班通知": "https://mp.weixin.qq.com/s?__biz=MzU5MTM4MTIxMA==&mid=2247485508&idx=2&sn=c4e543ce0de16f5562006bd36c2e639c", + "官方合并计划": "https://mp.weixin.qq.com/s?__biz=MzU5Njg5NzUzMw==&mid=2247490462&idx=1&sn=470daf7ca3006edac1301cf05389d26f", + "EDR专题学习-对抗EDR": "https://mp.weixin.qq.com/s?__biz=Mzg5MDg3OTc0OA==&mid=2247489431&idx=1&sn=d3225f3d2e727cbd4b4c992fe9f989d0", + "2025年,网络安全学习路线来袭,顺序千万别搞反!": "https://mp.weixin.qq.com/s?__biz=MzkxMzMyNzMyMA==&mid=2247570695&idx=1&sn=1673575e8dc90594ba01e57b3cb359af", + "违法获取网购订单中的个人信息,8人被判侵犯公民个人信息罪": "https://mp.weixin.qq.com/s?__biz=MzIxMDIwODM2MA==&mid=2653931485&idx=1&sn=daf542fd9764c57a700fa306a231902d", + "中国电信申请网元验证方法专利,保证SRv6网络安全不受影响": "https://mp.weixin.qq.com/s?__biz=MzIxMDIwODM2MA==&mid=2653931485&idx=2&sn=9867cd25ac6ce0b727806848e5b8060f", + "DeepSeek一键部署与DeepSeek免费14元额度羊毛福利": "https://mp.weixin.qq.com/s?__biz=MzkyOTQyOTk3Mg==&mid=2247485061&idx=1&sn=41e34f22538f3d7766dfffadea89f948", + "人工智能将如何改变劳动力市场:哪些职业将消失,哪些职业将继续存在": "https://mp.weixin.qq.com/s?__biz=MzkzNDIzNDUxOQ==&mid=2247494733&idx=1&sn=9f39bc986bcee5287ab657f30bef435c", + "2022-2024年间-美国对华芯片出口管制规则的梳理分析": "https://mp.weixin.qq.com/s?__biz=MzIxODM0NDU4MQ==&mid=2247506447&idx=1&sn=0a423985369639ab65ad56e3f60aef66", + "基于转换模型的安全属性验证": "https://mp.weixin.qq.com/s?__biz=MzA5MTYyMDQ0OQ==&mid=2247493616&idx=1&sn=9211f1b45c30a302935f15077cc8b115", + "8000字34张图史诗级介绍同轴电缆、双绞线、光纤等线缆,超级详细!": "https://mp.weixin.qq.com/s?__biz=MzIyMzIwNzAxMQ==&mid=2649464777&idx=1&sn=32b2badc3ecfeef46c9f362629a4682c", + "【吃瓜】《科普文章被网暴》《支持红客,打击霉离贱汉奸走狗!》DeepSeek乱象频发": "https://mp.weixin.qq.com/s?__biz=Mzg4MTkwMTI5Mw==&mid=2247488860&idx=1&sn=41c835917e4191a5051118f4df625334", + "网络钓鱼与社交工程:如何保护自己免受心理攻击——从受害者画像到防御体系构建": "https://mp.weixin.qq.com/s?__biz=Mzk1NzI5MTc0Nw==&mid=2247484721&idx=1&sn=9b57ddd6ef8e9d09eb6c25c6bd0f2b22", + "探索 HPE Insight Remote Support 中的最新 CVE": "https://mp.weixin.qq.com/s?__biz=MzAxMjYyMzkwOA==&mid=2247527501&idx=1&sn=5f839664fa63bb4e792aa22a18e78ce0", + "dde-api-proxy:Deepin D-Bus 代理服务中的身份验证绕过(CVE-2025-23222)": "https://mp.weixin.qq.com/s?__biz=MzAxMjYyMzkwOA==&mid=2247527501&idx=2&sn=737f8a4b724e5ff7d00edcdeb03128cb", + "Android Web攻击表面": "https://mp.weixin.qq.com/s?__biz=MzAxMjYyMzkwOA==&mid=2247527501&idx=3&sn=5f9225bd5a2a555eeb1bfa1f39dd010b", + "[民族之悲哀] DeepSeek 正在成为行业败类、无知黑心者的炒作敛财“傀儡”": "https://mp.weixin.qq.com/s?__biz=MzkwODI1ODgzOA==&mid=2247506662&idx=1&sn=85cd5ef3832b2cd3e8770a6265aa290c", + "美国为何对 DeepSeek 如此“上心”?一场科技博弈的真相": "https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650559440&idx=1&sn=a71dae9b931ab06febdba6081a3e1c26", + "美国联邦调查局“变天”?特朗普全面清洗大动作曝光": "https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650559440&idx=2&sn=ac91eaccfce9275a6fd64aed2388e1a6", + "专家解读 | 推动个人信息出境个人信息保护认证制度落地 促进个人信息高效便利安全跨境流动": "https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235937&idx=1&sn=d246a29f11e44289e30c16ad02323ea2", + "征订|欢迎订阅2025年《中国信息安全》杂志": "https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235937&idx=2&sn=4edccca64682f8f41e9b56497807eb00", + "专家解读 | 提升数据流通安全治理能力 促进数据流通开发利用": "https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235937&idx=3&sn=4b74cb1e75a739f80043e4d79c6f19a5", + "国际 | 日本推进人工智能立法兼顾双重性": "https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235937&idx=4&sn=f8a6890f42bfbbbee12fcb55f0fde756", + "评论 | 铲除“反防沉迷产业链”,撑起“数字晴空”": "https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235937&idx=5&sn=64e31032d2a327b33ad9368ee8790d3f", + "微软惊现「零点击」核弹级漏洞!打开邮件就中招?": "https://mp.weixin.qq.com/s?__biz=MzU0NDc0NTY3OQ==&mid=2247488439&idx=1&sn=98793685608a483e27976abf658cb08f", + "Linux通用应急响应脚本": "https://mp.weixin.qq.com/s?__biz=MzkyNzIxMjM3Mg==&mid=2247489197&idx=1&sn=5884ffe11accd736ab98ef2136c649bb", + "前途光明": "https://mp.weixin.qq.com/s?__biz=MzkyNzIxMjM3Mg==&mid=2247489197&idx=2&sn=ae88a87de118a9c320d0c5b5821c056e", + "网安工作者被骂罕见,红客才是行业主导!": "https://mp.weixin.qq.com/s?__biz=MzkyNTQ0OTYxOQ==&mid=2247484019&idx=1&sn=bcf60352216bd1de85eabb90f627c3d3", + "“杉菜”再见,大S离世原因": "https://mp.weixin.qq.com/s?__biz=Mzg2NDYwMDA1NA==&mid=2247543667&idx=1&sn=ae1deeaf06d309925fe3bfbadf32878d", + "恶意样本静态分析-上": "https://mp.weixin.qq.com/s?__biz=MzA4ODEyODA3MQ==&mid=2247490311&idx=1&sn=3ddb48128acc2772763bd99ba4cf850a", + "APT狩猎工具": "https://mp.weixin.qq.com/s?__biz=MzA4ODEyODA3MQ==&mid=2247490311&idx=2&sn=411e5b869e7b4425b9b6ce4d386e170a", + "网络钓鱼工具资源库": "https://mp.weixin.qq.com/s?__biz=Mzg4NzgyODEzNQ==&mid=2247488641&idx=1&sn=ce3b46fb8a2c5727264f28a851167f8c", + "Docker 入门指南:10个核心命令助你快速上手容器化": "https://mp.weixin.qq.com/s?__biz=Mzg4NDg3NjE5MQ==&mid=2247485645&idx=1&sn=1bd9d8741680f01bc152d9608e3391fb", + "用DeepSeek学习区块链量化": "https://mp.weixin.qq.com/s?__biz=MzU3NDY1NTYyOQ==&mid=2247486034&idx=1&sn=c8655d5eb94f15ce10b24ee79ebb2821", + "掌握艺术设计学论文文献收集全指南,让文献不再难搞。": "https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247493259&idx=1&sn=ea25f2184ac90e4708490138156b2621", + "掌握影视摄影与制作论文文献搜集内部攻略,助你写出高分必备指南!": "https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247493259&idx=2&sn=822a6781edeeaf9e98aaeb1434eff4ad", + "掌握硬核技巧:电子商务论文文献搜集全攻略,再也不愁找不到高质量文献了!": "https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247493259&idx=3&sn=8b6a73f7d723ccca32e7506256455a9c", + "掌握云计算与大数据论文选题技巧,导师都说靠谱的秘诀指南!": "https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247493259&idx=4&sn=efa511efbec97d70ba6bd3f53083017b", + "掌握这份电子商务论文初稿生成指南,一天搞定毕业论文!": "https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247493259&idx=5&sn=831b7e600453447ad06a62b31b3aef2a", + "掌握这份诉讼法学论文文献搜集高阶攻略,提升你的学术创新力!": "https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247493259&idx=6&sn=5e1ea103b527981dab1ba28838f2d973", + "掌握这份AI版社会保障论文写作大纲高阶脚本指南,一周完整论文不是梦!": "https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247493259&idx=7&sn=cf40d9551ecccbb1c21543955cd555a9", + "掌握这份ChatGPT物理化学论文选题指南,让论文写作从此不愁!": "https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247493259&idx=8&sn=e677fc46b82e5dd576a4dd1503d89713", + "谷歌称黑客正滥用Gemini AI来增强攻击能力": "https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651313430&idx=1&sn=4afd94e32a04c49dcc25f593341c2fd5", + "2025年AI网络安全预测": "https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651313430&idx=2&sn=7388f9c978f61ad866c97f57c21abe6f", + "Meta确认90名用户遭WhatsApp零点击间谍软件攻击": "https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651313430&idx=3&sn=e5f4cbdc2013e8fc276d774eeeb951ae", + "微软披露macOS漏洞CVE-2024-44243,允许安装Rootkit": "https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651313430&idx=4&sn=6e74cf5e7a16522cf7f639a52c3789c7", + "漏洞挖掘 | 基于mssql数据库的sql注入": "https://mp.weixin.qq.com/s?__biz=MzUyODkwNDIyMg==&mid=2247547538&idx=1&sn=2de25baa764188f0bd83a351248a40c5", + "通过计算机视觉帮助发现隐藏的漏洞": "https://mp.weixin.qq.com/s?__biz=MzI4NTcxMjQ1MA==&mid=2247615413&idx=1&sn=363d6567bfa41a8f33e272e1185da50a", + "AI驱动API漏洞激增1205%,企业安全面临空前挑战!": "https://mp.weixin.qq.com/s?__biz=Mzg3OTYxODQxNg==&mid=2247485686&idx=1&sn=6ad3015e97dc52bd69dc9921b81a5f9c", + "大算力之路,生命不选GPU": "https://mp.weixin.qq.com/s?__biz=Mzk0MTI4NTIzNQ==&mid=2247492308&idx=1&sn=775c682a9974e1a355dc8b8b2a206a11", + "想用 DeepSeek?这里能用,扫码还送 14 元体验金": "https://mp.weixin.qq.com/s?__biz=MzkyNzUzMjM1NQ==&mid=2247484777&idx=1&sn=0acdb741af24de7e3f86557afa0a53be", + "【2025春节】解题领红包活动排行榜(初六 2/3)": "https://mp.weixin.qq.com/s?__biz=MjM5Mjc3MDM2Mw==&mid=2651141670&idx=1&sn=de73fb9cf91c717915c2bd5adcde0c09", + "Stratovirt 的 RISC-V 虚拟化支持(五):BootLoader 和设备树": "https://mp.weixin.qq.com/s?__biz=MzA5NDQzODQ3MQ==&mid=2648194570&idx=1&sn=c848bb41f340e4869973a3e8eb22c5e8", + "标签巨头 Avery 称网站遭黑客攻击,信用卡信息被窃": "https://mp.weixin.qq.com/s?__biz=Mzg3ODY0NTczMA==&mid=2247492132&idx=1&sn=13d6fe7fec657cd4cb7b5191b4e4ef8a", + "一次区块链的安全研究": "https://mp.weixin.qq.com/s?__biz=MzkyNDU2MDk4NQ==&mid=2247484034&idx=1&sn=ecdb621b08c7137bfb1cb1bd900cf5f9", + "DeepSeek接入个人知识库,一般电脑也能飞速跑,确实可以封神了!": "https://mp.weixin.qq.com/s?__biz=MzkyMzg4MTY4Ng==&mid=2247484596&idx=1&sn=5e1a1f6c02555974e75a31c95e629591", + "全网最全、最详细的 Linux 进程间通信方式讲解来了,你不容错过!": "https://mp.weixin.qq.com/s?__biz=MzI1NzI5NDM4Mw==&mid=2247498590&idx=1&sn=3ee93d415c16a3700b965bd1c5ddbfe1", + "500 美元的漏洞:Censys 搜索如何引导我获得快速漏洞赏金": "https://mp.weixin.qq.com/s?__biz=MzkwOTE5MDY5NA==&mid=2247504845&idx=1&sn=8c8fa9f474d370a021e30aa8209268ac", + "码住!一次把CISP认证说清楚": "https://mp.weixin.qq.com/s?__biz=Mzg4MTg0MjQ5OA==&mid=2247487899&idx=1&sn=f5087c557ca623669bc4a1ad49138032", + "一次性把中东关系讲清楚:中东地区的情报战略": "https://mp.weixin.qq.com/s?__biz=MzkwNzM0NzA5MA==&mid=2247505221&idx=1&sn=b0a5ccbab53fc8198452223d8cb6eb62", + "特朗普“重返中亚”:经济与能源的“双重奏”": "https://mp.weixin.qq.com/s?__biz=MzkwNzM0NzA5MA==&mid=2247505221&idx=2&sn=a237923be240db67501e67e018240b6e", + "万物随春醒 云堤护网宁": "https://mp.weixin.qq.com/s?__biz=MzkxNDY0MjMxNQ==&mid=2247532981&idx=1&sn=a02ca7b9dd52b7b11881079f1e0485aa", + "Active Directory Domain Services 权限提升漏洞 (CVE-2025-21293)": "https://mp.weixin.qq.com/s?__biz=MzAxODM5ODQzNQ==&mid=2247487001&idx=1&sn=eaae88e6f2b15e26732ca6b90fb5ca69", + "Flask代码审计从思路到实战": "https://mp.weixin.qq.com/s?__biz=MzkyNTUyNDMyOA==&mid=2247487699&idx=1&sn=34f12cfc82af827d58e8d758143316bf", + "OSCP考试必备:最全实战命令手册": "https://mp.weixin.qq.com/s?__biz=Mzk0ODY1NzEwMA==&mid=2247486694&idx=1&sn=1cdf7df2384a0e643d3f364d5e3040f1", + "麻省理工科技评论:2025年AI五大趋势": "https://mp.weixin.qq.com/s?__biz=MzUzODYyMDIzNw==&mid=2247516971&idx=1&sn=65365df101260e7ccf5f42018c654110", + "立春|春之启幕 万物生晖": "https://mp.weixin.qq.com/s?__biz=MzIxNDIzNTcxMg==&mid=2247506764&idx=1&sn=ce887174eaa79679513bf66138d1fe3b", + "内网横向渗透之Windows连接技巧": "https://mp.weixin.qq.com/s?__biz=MjM5MjEyMTcyMQ==&mid=2651037466&idx=1&sn=fd456a13dbe3d7a82884d0b43cb51f82", + "今日立春": "https://mp.weixin.qq.com/s?__biz=Mzg3NTU3NTY0Nw==&mid=2247489552&idx=1&sn=7bf9b6c74a63b3620493157b380a8849", + "大年初六 银蛇报春": "https://mp.weixin.qq.com/s?__biz=Mzg2MTU5ODQ2Mg==&mid=2247507178&idx=1&sn=d90f00dc663f73a9b5d1e9b926920bc3", + "数字取证之法律遵从性u200c": "https://mp.weixin.qq.com/s?__biz=MjM5OTk4MDE2MA==&mid=2655265046&idx=1&sn=37f22293698b7e90fd4cc49c08fbc426", + "网安原创文章推荐【2025/2/2】": "https://mp.weixin.qq.com/s?__biz=MzAxNzg3NzMyNQ==&mid=2247489552&idx=1&sn=4cdba465482fcd99df63ffa4bf4ac236", + "以色列间谍无需点击即可入侵 WhatsApp": "https://mp.weixin.qq.com/s?__biz=MzkzNDIzNDUxOQ==&mid=2247494727&idx=1&sn=92a7f62638a9a6dc5e71a39655e2b9f1", + "大年初六 | 金蛇昂首,“巳”如破竹": "https://mp.weixin.qq.com/s?__biz=MzA4MTg0MDQ4Nw==&mid=2247579301&idx=1&sn=35ed47abf0879798ddd2a03509c33f87", + "老板让我节后研究一下deepseek": "https://mp.weixin.qq.com/s?__biz=Mzk0MTI4NTIzNQ==&mid=2247492302&idx=1&sn=bd877522ae6488d1ff49f8325ab6b720", + "程序员注定被淘汰": "https://mp.weixin.qq.com/s?__biz=Mzk0MTI4NTIzNQ==&mid=2247492302&idx=2&sn=0144e48c3daefe11282c0145291f06d4", + "大年初六丨安天镇关给您拜年了": "https://mp.weixin.qq.com/s?__biz=MjM5MTA3Nzk4MQ==&mid=2650209932&idx=1&sn=ffcf5ae2b2a579a036936f3d466c4a18" + }, + "Security Boulevard": { + "Orca Security Adds Additional CNAPP Deployment Options": "https://securityboulevard.com/2025/02/orca-security-adds-additional-cnapp-deployment-options/", + "Meet Rule Architect: Your AI-Powered WAF Rule Expert | Impart Security": "https://securityboulevard.com/2025/02/meet-rule-architect-your-ai-powered-waf-rule-expert-impart-security/", + "CISA/FDA Warn: Chinese Patient Monitors Have BAD Bugs": "https://securityboulevard.com/2025/02/contec-epsimed-china-fda-cisa-richixbw/", + "Randall Munroe’s XKCD ‘AlphaMove’": "https://securityboulevard.com/2025/02/randall-munroes-xkcd-alphamove/", + "HIPAA Cybersecurity Requirements and Best Practices": "https://securityboulevard.com/2025/02/hipaa-cybersecurity-requirements-and-best-practices/", + "How to create realistic test data for PostgreSQL": "https://securityboulevard.com/2025/02/how-to-create-realistic-test-data-for-postgresql/", + "Mockaroo and Tonic: Partners in mock data generation": "https://securityboulevard.com/2025/02/mockaroo-and-tonic-partners-in-mock-data-generation/", + "Why I joined Tonic: A product manager’s perspective": "https://securityboulevard.com/2025/02/why-i-joined-tonic-a-product-managers-perspective/", + "The Secret to Your Artifactory: Inside The Attacker Kill-Chain": "https://securityboulevard.com/2025/02/the-secret-to-your-artifactory-inside-the-attacker-kill-chain/", + "DEF CON 32 – Exposing Attacks Hiding In The Sheer Noise Of False Positives": "https://securityboulevard.com/2025/02/def-con-32-exposing-attacks-hiding-in-the-sheer-noise-of-false-positives/" + }, + "Recent Commits to cve:main": { + "Update Mon Feb 3 20:25:45 UTC 2025": "https://github.com/trickest/cve/commit/547eaddf6f9cd1e8e42627d796880a8f88ae171a", + "Update Mon Feb 3 12:25:21 UTC 2025": "https://github.com/trickest/cve/commit/c19a224cde37606b534e629bf1ee9e3a4e6f38b4", + "Update Mon Feb 3 04:22:25 UTC 2025": "https://github.com/trickest/cve/commit/364e032b264aaf1c882aaefa99178147eb6b841a" + }, + "SecWiki News": { + "SecWiki News 2025-02-03 Review": "http://www.sec-wiki.com/?2025-02-03" + }, + "Private Feed for M09Ic": { + "phith0n starred Huanshere/VideoLingo": "https://github.com/Huanshere/VideoLingo", + "mitre forked mitre/salsa from salsa-rs/salsa": "https://github.com/mitre/salsa", + "Safe3 released UUSEC WAF Community Edition v6.4.0 at Safe3/uuWAF": "https://github.com/Safe3/uuWAF/releases/tag/v6.4.0", + "CHYbeta starred Kelvin-1013/Solana-Arbitrage-Bot": "https://github.com/Kelvin-1013/Solana-Arbitrage-Bot", + "boy-hack starred dyyz1993/twitter-monitor": "https://github.com/dyyz1993/twitter-monitor", + "gh0stkey starred veracrypt/VeraCrypt": "https://github.com/veracrypt/VeraCrypt", + "phra starred cmu-sei/GHOSTS": "https://github.com/cmu-sei/GHOSTS", + "gh0stkey starred browser-use/web-ui": "https://github.com/browser-use/web-ui", + "gh0stkey starred browser-use/browser-use": "https://github.com/browser-use/browser-use", + "wabzsy starred SpeedyOrc-C/HoYo-Glyphs": "https://github.com/SpeedyOrc-C/HoYo-Glyphs", + "wabzsy starred ading2210/linuxpdf": "https://github.com/ading2210/linuxpdf" + }, + "Publications | Outflank": { + "Secure Enclaves for Offensive Operations (Part I)": "https://www.outflank.nl/blog/2025/02/03/secure-enclaves-for-offensive-operations-part-i/" + }, + "Horizon3.ai": { + "Securing Financial Services: From Promises to Proof with NodeZero®": "https://www.horizon3.ai/intelligence/blogs/securing-financial-services-from-promises-to-proof-with-nodezero/" + }, + "Twitter @bytehx": { + "RT Jayesh Madnani: 🚀 Unspoken Bug Bounty Rules – From many years of failures & experience! 🕵️‍♂️ Got a similar bug across multiple assets b...": "https://x.com/bytehx343/status/1886462043009769629", + "Re @l33tdawg @Verichains Congrats man🎉🎉🎉🎉": "https://x.com/bytehx343/status/1886368068483649594", + "RT yso: Just uploaded my Bluetooth security testing slides! 📡 Also, Škoda disclosed a vulnerability I reported—they fixed & rewarded it fast! �...": "https://x.com/bytehx343/status/1886367495373848670" + }, + "SentinelOne": { + "macOS FlexibleFerret | Further Variants of DPRK Malware Family Unearthed": "https://www.sentinelone.com/blog/macos-flexibleferret-further-variants-of-dprk-malware-family-unearthed/" + }, + "Malwarebytes": { + "WhatsApp says Paragon is spying on specific users": "https://www.malwarebytes.com/blog/news/2025/02/whatsapp-says-paragon-is-spying-on-specific-users", + "A week in security (January 27 – February 2)": "https://www.malwarebytes.com/blog/news/2025/02/a-week-in-security-january-27-february-2-2" + }, + "Reverse Engineering": { + "/r/ReverseEngineering's Weekly Questions Thread": "https://www.reddit.com/r/ReverseEngineering/comments/1igk62y/rreverseengineerings_weekly_questions_thread/", + "Lifting Binaries, Part 0: Devirtualizing VMProtect and Themida: It’s Just Flattening?": "https://www.reddit.com/r/ReverseEngineering/comments/1igx34h/lifting_binaries_part_0_devirtualizing_vmprotect/", + "Disassembling a binary: linear sweep and recursive traversal": "https://www.reddit.com/r/ReverseEngineering/comments/1ih3ga3/disassembling_a_binary_linear_sweep_and_recursive/", + "Is there a way to reverse Agile.NET compiled library for NinjaTrader 8?": "https://www.reddit.com/r/ReverseEngineering/comments/1iguky3/is_there_a_way_to_reverse_agilenet_compiled/", + "AMD: Microcode Signature Verification Vulnerability": "https://www.reddit.com/r/ReverseEngineering/comments/1ih3ez3/amd_microcode_signature_verification_vulnerability/" + }, + "glzjin": { + "懒猫微服外挂ProxmoxVE启动方法说明": "https://www.zhaoj.in/read-9077.html" + }, + "Webroot Blog": { + "MDR for MSPs: Navigating EDR compatibility": "https://www.webroot.com/blog/2025/02/03/mdr-for-msps-navigating-edr-compatibility/" + }, + "FreeBuf网络安全行业门户": { + "2024年768个CVE漏洞被利用,较2023年增长20%": "https://www.freebuf.com/vuls/421042.html", + "Shiro CVE-2023-34478 路径规范化不一致": "https://www.freebuf.com/vuls/421037.html", + "思科研究发现DeepSeek R1极易受有害提示影响": "https://www.freebuf.com/articles/421045.html", + "俄语系邪恶黑客团伙操纵10余种高度专业化的社交媒体诈骗": "https://www.freebuf.com/articles/network/421044.html", + "恶意软件冒充DeepSeek AI工具在PyPI上传播": "https://www.freebuf.com/articles/421046.html", + "疯狂邪恶团伙利用StealC、AMOS和Angel Drainer恶意软件瞄准加密货币": "https://www.freebuf.com/articles/network/421028.html" + }, + "daniel.haxx.se": { + "European Open Source Achievement Award": "https://daniel.haxx.se/blog/2025/02/03/european-open-source-achievement-award/" + }, + "奇客Solidot–传递最新科技情报": { + "天文学家发现一巨型射电星系": "https://www.solidot.org/story?sid=80466", + "过去四十年海洋表面变暖速度翻了两番": "https://www.solidot.org/story?sid=80465", + "Ubuntu 的开发讨论平台将从 IRC 迁移到 Matrix": "https://www.solidot.org/story?sid=80464" + }, + "锦行科技": { + "初六 | 六六大顺": "https://mp.weixin.qq.com/s?__biz=MzIxNTQxMjQyNg==&mid=2247493743&idx=1&sn=9735ef44726404099d144253792e54d8&chksm=979a13caa0ed9adca648632b3a4495d3f5749a8ff6f4e170b279b471ff7b6675f7382d149206&scene=58&subscene=0#rd" + }, + "技可达工作室": { + "用DeepSeek学习区块链量化": "https://mp.weixin.qq.com/s?__biz=MzU3NDY1NTYyOQ==&mid=2247486034&idx=1&sn=c8655d5eb94f15ce10b24ee79ebb2821&chksm=fd2e57b0ca59dea622a62f1323974973b15d0a21a3b284bbaa3832d5fe729c6a28a0bc1f8571&scene=58&subscene=0#rd" + }, + "dotNet安全矩阵": { + "限时福利 | 2024 年度隧道代理、数据外发、痕迹清理阶段文章和工具汇总": "https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498677&idx=1&sn=8a4dcac147d84f3f1bd3ccb37a8d5e9e&chksm=fa595558cd2edc4e632bbfa5ccf31a9f66ee0d13161c10d466ac3487177f072458ac51f42af0&scene=58&subscene=0#rd", + "总结 | 2024 年度内网实战攻防电子报刊 34 篇文章内容汇总": "https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498677&idx=2&sn=b973bed512a412529ca496db03a70cb7&chksm=fa595558cd2edc4e0635075a22a66da8311fced2fb3f09b46376c516d06ca1bdf5713c5374f3&scene=58&subscene=0#rd", + "2024 年度本地权限操作阶段文章和工具汇总": "https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498677&idx=3&sn=7bf0c0bc3fdbee0fcbac31d78562ff0f&chksm=fa595558cd2edc4ee958c938fecfe4b37a180940e3b19ba4c06ca3aac6292817262680e954c3&scene=58&subscene=0#rd" + }, + "安全分析与研究": { + "恶意样本静态分析-上": "https://mp.weixin.qq.com/s?__biz=MzA4ODEyODA3MQ==&mid=2247490311&idx=1&sn=3ddb48128acc2772763bd99ba4cf850a&chksm=902fb42fa7583d39df80656526a79ff7e90160bdaf250c3ef5570920f6290bc7d172804eeeec&scene=58&subscene=0#rd", + "APT狩猎工具": "https://mp.weixin.qq.com/s?__biz=MzA4ODEyODA3MQ==&mid=2247490311&idx=2&sn=411e5b869e7b4425b9b6ce4d386e170a&chksm=902fb42fa7583d3998df7212df242d3ded6c932acd3b4b8a1fc90df1dcdea22ff764a30d9c03&scene=58&subscene=0#rd" + }, + "吾爱破解论坛": { + "【2025春节】解题领红包活动排行榜(初六 2/3)": "https://mp.weixin.qq.com/s?__biz=MjM5Mjc3MDM2Mw==&mid=2651141670&idx=1&sn=de73fb9cf91c717915c2bd5adcde0c09&chksm=bd50a6728a272f64da4372a71de026e82781be975527fbb78c174055dc84299836178249ac7f&scene=58&subscene=0#rd" + }, + "丁爸 情报分析师的工具箱": { + "【资料】生成式人工智能下的世界": "https://mp.weixin.qq.com/s?__biz=MzI2MTE0NTE3Mw==&mid=2651148842&idx=1&sn=a98ad85e918a855004f545cb00b2141b&chksm=f1af2510c6d8ac063ffdd7fa3fe1058b652280fbd2ae894b93c5781e7646424e70472f15f631&scene=58&subscene=0#rd" + }, + "看雪学苑": { + "浅析代码重定位技术": "https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458589301&idx=1&sn=f8b5a4c4740123d4431ccb68a9063f17&chksm=b18c28ff86fba1e99cd342a44cbdef0919f382e909a6181f50378ef9f83b9e5a90ed2a4eba53&scene=58&subscene=0#rd", + "实用干货!无人机安全攻防入门,速来报名": "https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458589301&idx=2&sn=cd340085d0abd8a5fc5233d9ec93603f&chksm=b18c28ff86fba1e99daf5639ca2271fc027a1fdf2e613c62c6759c1135458a9f9e5e21bb30f4&scene=58&subscene=0#rd" + }, + "信息安全国家工程研究中心": { + "【二十四节气】立春 | 冬去春来万物生": "https://mp.weixin.qq.com/s?__biz=MzU5OTQ0NzY3Ng==&mid=2247498793&idx=1&sn=441c9d8c6db5d81afa624f8430127389&chksm=feb67d3ac9c1f42c15e947ca936857e5d5c64261d37496ee03b940a94c66338e2c99840b5e5d&scene=58&subscene=0#rd" + }, + "安全研究GoSSIP": { + "G.O.S.S.I.P 2025 新春总动员(1):疯狂的PDF": "https://mp.weixin.qq.com/s?__biz=Mzg5ODUxMzg0Ng==&mid=2247499652&idx=1&sn=589b1778aa04f72cdc07c947be4bc17c&chksm=c063d15df714584b9680831e04f60a8d775211b89366d6125e8a337aa07a891760a5f272c4ba&scene=58&subscene=0#rd" + }, + "杨龙": { + "nginx restart failed:nginx: [alert] OPENSSL_init_ssl() failed (SSL: error:12800067:DSO support routines::could not load the shared library:filename(/snap/certbot/4325/usr/lib/x86_64-linux-gnu/ossl-modules/fips.so): /snap/certbot/4325/usr/lib/x86_64-linux-gnu/ossl-modules/fips.so: cannot open shared object file: No such file or directory error:12800067:DSO support routines::could not load the shared library error:07880025:common libcrypto routines::reason(37):name=fips error:0700006D:configuration file routines::module initialization error:module=providers, value=provider_sect retcode=-1 ) 解决办法": "https://www.yanglong.pro/nginx-restart-failednginx-alert-openssl_init_ssl-failed-ssl-error12800067dso-support-routinescould-not-load-the-shared-libraryfilename-snap-certbot-4325-usr-lib-x86_64-linux-gnu-ossl-mod/" + }, + "中国信息安全": { + "专家解读 | 推动个人信息出境个人信息保护认证制度落地 促进个人信息高效便利安全跨境流动": "https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235937&idx=1&sn=d246a29f11e44289e30c16ad02323ea2&chksm=8b580158bc2f884ee870cf909293f550b4c6d68f752798b4305df99158a937ae96c708b46913&scene=58&subscene=0#rd", + "征订|欢迎订阅2025年《中国信息安全》杂志": "https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235937&idx=2&sn=4edccca64682f8f41e9b56497807eb00&chksm=8b580158bc2f884e1eadb1ba8edd1fc7ee1b96d216203155cb5d91797f95b1378359e3428734&scene=58&subscene=0#rd", + "专家解读 | 提升数据流通安全治理能力 促进数据流通开发利用": "https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235937&idx=3&sn=4b74cb1e75a739f80043e4d79c6f19a5&chksm=8b580158bc2f884ec910feed597fb437cb51a6951c0f1ae66fb67ec4ab7d0b6a18b58f8fdeb4&scene=58&subscene=0#rd", + "国际 | 日本推进人工智能立法兼顾双重性": "https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235937&idx=4&sn=f8a6890f42bfbbbee12fcb55f0fde756&chksm=8b580158bc2f884ee7d8be0d3b95af42bf87dc525ebe931098d6678ae4a3721ef29ebeda5c6c&scene=58&subscene=0#rd", + "评论 | 铲除“反防沉迷产业链”,撑起“数字晴空”": "https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235937&idx=5&sn=64e31032d2a327b33ad9368ee8790d3f&chksm=8b580158bc2f884ebdeeb7ed2b4c3494060fcc77a43367fd6ea18e1cc4f062d3772f1dd9519e&scene=58&subscene=0#rd" + }, + "极客公园": { + "为什么说大模型,补上了搜索的最后一块短板": "https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653073232&idx=1&sn=2e8dd2550e1834a9affa554d120ca22e&chksm=7e57d2e649205bf04b6221d8162c87808b7db4914fb54ed96ff7894c4dbdf9ae2fc3b60d5446&scene=58&subscene=0#rd", + "微信视频美颜「仅自己可见」,官方:都能看见;《哪吒 2》破30亿冲击票房冠军;水上机器人救回 3 位溺水者 | 极客早知道": "https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653073231&idx=1&sn=075c62ad2e8d854da64c1ed036e2bb36&chksm=7e57d2f949205befef103e65c9db8965a3a3a773976308faabe56e0234093ebad38383430fe8&scene=58&subscene=0#rd" + }, + "情报分析师": { + "美国为何对 DeepSeek 如此“上心”?一场科技博弈的真相": "https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650559440&idx=1&sn=a71dae9b931ab06febdba6081a3e1c26&chksm=87117d9bb066f48de68a68083afd89c401fc25c0148c8c7d276322a69401f9f0519b30a3fd15&scene=58&subscene=0#rd", + "美国联邦调查局“变天”?特朗普全面清洗大动作曝光": "https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650559440&idx=2&sn=ac91eaccfce9275a6fd64aed2388e1a6&chksm=87117d9bb066f48d6b4f6c684a3bf0af5da9b279e4674d5c1dc38c70d86f10fae55b46bf64a4&scene=58&subscene=0#rd" + }, + "Black Hills Information Security": { + "Introducing ORBIT, Scan Targets and Clients at Scale": "https://www.blackhillsinfosec.com/introducing-orbit-scan-targets-and-clients-at-scale/" + }, + "360数字安全": { + "大年初六 | 金蛇昂首,“巳”如破竹": "https://mp.weixin.qq.com/s?__biz=MzA4MTg0MDQ4Nw==&mid=2247579301&idx=1&sn=35ed47abf0879798ddd2a03509c33f87&chksm=9f8d26ada8faafbbbb8a81d52e8929c1dfdcf019590ce3e3b1fffe2c997372f76abc89f2a72f&scene=58&subscene=0#rd" + }, + "Qualys Security Blog": { + "Qualys TotalAppSec Delivers AI-powered Unified Application Risk Management for Modern Web Apps and APIs": "https://blog.qualys.com/category/product-tech" + }, + "迪哥讲事": { + "列目录引起的信息泄露获取1w5赏金": "https://mp.weixin.qq.com/s?__biz=MzIzMTIzNTM0MA==&mid=2247497023&idx=1&sn=f4dad5920e40978a4ba8d4c41549b151&chksm=e8a5ff5cdfd2764a24279a9dc8a829590dbe024450bedf43308c4ac21ef5ed933c146156054e&scene=58&subscene=0#rd" + }, + "Securityinfo.it": { + "Meta smantella una campagna di spionaggio su WhatsApp": "https://www.securityinfo.it/2025/02/03/meta-smantella-una-campagna-di-spionaggio-su-whatsapp/?utm_source=rss&utm_medium=rss&utm_campaign=meta-smantella-una-campagna-di-spionaggio-su-whatsapp", + "CERT-AGID 25 – 31 gennaio: attacchi contro funzionari governativi e rappresentanti di ambasciate": "https://www.securityinfo.it/2025/02/03/cert-agid-25-31-gennaio-attacchi-funzionari-governativi-rappresentanti-ambasciate/?utm_source=rss&utm_medium=rss&utm_campaign=cert-agid-25-31-gennaio-attacchi-funzionari-governativi-rappresentanti-ambasciate" + }, + "Krypt3ia": { + "Corporate Panopticon: How Big Tech Became the New Surveillance State": "https://krypt3ia.wordpress.com/2025/02/03/corporate-panopticon-how-big-tech-became-the-new-surveillance-state/", + "Modern Moscow Rules: Counter-Surveillance in the Digital & Physical World": "https://krypt3ia.wordpress.com/2025/02/03/modern-moscow-rules-counter-surveillance-in-the-digital-physical-world/", + "Krypt3ia Daily Cyber Threat Intelligence (CTI) Digest": "https://krypt3ia.wordpress.com/2025/02/03/krypt3ia-daily-cyber-threat-intelligence-cti-digest-8/" + }, + "Over Security - Cybersecurity news aggregator": { + "‘Yes, this is real’: hackers targeting high-profile X accounts blur fact and fiction": "https://therecord.media/hackers-x-accounts-security-crypto", + "Amazon Redshift gets new default settings to prevent data breaches": "https://www.bleepingcomputer.com/news/security/amazon-redshift-gets-new-default-settings-to-prevent-data-breaches/", + "Woman nabbed by Thai police on alleged link to $182 million romance scam": "https://therecord.media/arrest-thai-police-woman-romance-scam", + "Australia sanctions ‘Terrorgram’ white supremacist online group": "https://therecord.media/australia-sanctions-terrorgram-online-hate-group", + "Canadian charged in two crypto platform thefts totaling $65 million": "https://therecord.media/indictment-canadian-two-cryptocurrency-platform-hacks", + "Google fixes Android kernel zero-day exploited in attacks": "https://www.bleepingcomputer.com/news/security/google-fixes-android-kernel-zero-day-exploited-in-attacks/", + "Journalist targeted on WhatsApp by Paragon spyware: “I feel violated”": "https://techcrunch.com/2025/02/03/journalist-targeted-on-whatsapp-by-paragon-spyware-i-feel-violated/", + "Canadian charged with stealing $65 million using DeFI crypto exploits": "https://www.bleepingcomputer.com/news/security/canadian-charged-with-stealing-65-million-using-defi-crypto-exploits/", + "Casio UK online store hacked to steal customer credit cards": "https://www.bleepingcomputer.com/news/security/casio-uk-online-store-hacked-to-steal-customer-credit-cards/", + "Mississippi electric utility warns 20,000 residents of data breach": "https://therecord.media/mississippii-electric-utility-residents-breach", + "1win - 96,166,543 breached accounts": "https://haveibeenpwned.com/PwnedWebsites#1win", + "Kazakhstan to audit foreign ministry after suspected Russia-linked cyberattack": "https://therecord.media/kazakhstan-foreign-ministry-cyberattack-russia", + "Microsoft kills off Defender 'Privacy Protection' VPN feature": "https://www.bleepingcomputer.com/news/microsoft/microsoft-kills-off-defender-privacy-protection-vpn-feature/", + "DeepSeek AI tools impersonated by infostealer malware on PyPI": "https://www.bleepingcomputer.com/news/security/deepseek-ai-tools-impersonated-by-infostealer-malware-on-pypi/", + "Telemarketing e trattamento illecito dei dati: la sanzione privacy a E.On sia monito per tutti": "https://www.cybersecurity360.it/news/sanzione-eon-garante-privacy/", + "Japanese sportswear company Mizuno confirms data breach after 2024 ransomware claims": "https://therecord.media/mizuno-data-breach-notification", + "AI Act, scattano i primi divieti: chi rischia le sanzioni e le prossime tappe": "https://www.cybersecurity360.it/news/ai-act-scattano-i-primi-divieti-chi-rischia-le-sanzioni-e-le-prossime-tappe/", + "Analysis of an advanced malicious Chrome extension": "https://palant.info/2025/02/03/analysis-of-an-advanced-malicious-chrome-extension/", + "Sweden releases suspected ship, says cable break ‘clearly’ not sabotage": "https://therecord.media/sweden-releases-ship-suspected-cable-sabotage", + "Cyble Sensors Detect Attacks on Apache OFBiz, Palo Alto Networks": "https://cyble.com/blog/cyble-sensors-detect-attacks-on-palo-alto-networks/", + "Vidar muta ancora: payload variabile e offuscamento più raffinato per questa nuova ondata": "https://cert-agid.gov.it/news/vidar-muta-ancora-payload-variabile-e-offuscamento-piu-raffinato-per-questa-nuova-ondata/", + "Russian hackers suspected of compromising British PM’s personal email account": "https://therecord.media/keir-starmer-email-hack-russia-suspected", + "Apple Issues Security Updates for iOS, macOS, watchOS, and More—Patch Now!": "https://cyble.com/blog/apple-fixes-cve-2025-24085-security-update/", + "Trump elimina i vincoli all’IA: i rischi cyber e privacy e le questioni etiche": "https://www.cybersecurity360.it/cultura-cyber/trump-elimina-i-vincoli-allia-i-rischi-cyber-e-privacy-e-le-questioni-etiche/", + "Meta smantella una campagna di spionaggio su WhatsApp": "https://www.securityinfo.it/2025/02/03/meta-smantella-una-campagna-di-spionaggio-su-whatsapp/", + "PyPI adds project archiving system to stop malicious updates": "https://www.bleepingcomputer.com/news/security/pypi-adds-project-archiving-system-to-stop-malicious-updates/", + "Vulnerabilità in Cisco Webex Chat, a rischio dati aziendali riservati: come mitigarla": "https://www.cybersecurity360.it/news/vulnerabilita-in-cisco-webex-chat-a-rischio-dati-aziendali-riservati-come-mitigarla/", + "CERT-AGID 25 – 31 gennaio: attacchi contro funzionari governativi e rappresentanti di ambasciate": "https://www.securityinfo.it/2025/02/03/cert-agid-25-31-gennaio-attacchi-funzionari-governativi-rappresentanti-ambasciate/", + "DragonNest - 511,290 breached accounts": "https://haveibeenpwned.com/PwnedWebsites#DragonNest" + }, + "SANS Internet Storm Center, InfoCON: green": { + "Crypto Wallet Scam, (Mon, Feb 3rd)": "https://isc.sans.edu/diary/rss/31646", + "ISC Stormcast For Monday, February 3rd, 2025 https://isc.sans.edu/podcastdetail/9306, (Mon, Feb 3rd)": "https://isc.sans.edu/diary/rss/31644" + }, + "LuxSci": { + "The Risks of Non-Compliant Email: How HIPAA Violations Hurt Healthcare Companies": "https://luxsci.com/blog/the-risks-of-non-compliant-email-how-hipaa-violations-hurt-healthcare-companies.html" + }, + "Posts By SpecterOps Team Members - Medium": { + "Further Adventures With CMPivot — Client Coercion": "https://posts.specterops.io/further-adventures-with-cmpivot-client-coercion-38b878b740ac?source=rss----f05f8696e3cc---4" + }, + "ICT Security Magazine": { + "E-Identity ed eIDAS 2.0: l’evoluzione dell’identità digitale europea": "https://www.ictsecuritymagazine.com/notizie/e-identity-e-eidas-2-0/" + }, + "Schneier on Security": { + "Journalists and Civil Society Members Using WhatsApp Targeted by Paragon Spyware": "https://www.schneier.com/blog/archives/2025/02/journalists-and-civil-society-members-using-whatsapp-targeted-by-paragon-spyware.html" + }, + "Have I Been Pwned latest breaches": { + "1win - 96,166,543 breached accounts": "https://haveibeenpwned.com/PwnedWebsites#1win", + "DragonNest - 511,290 breached accounts": "https://haveibeenpwned.com/PwnedWebsites#DragonNest" + }, + "TG Soft Software House - News": { + "Phishing: i tentativi di furto credenziali e/o dati maggiormente diffusi nel mese di FEBBRAIO 2025...": "http://www.tgsoft.it/italy/news_archivio.asp?id=1609" + }, + "The Register - Security": { + "TSA’s airport facial-recog tech faces audit probe": "https://go.theregister.com/feed/www.theregister.com/2025/02/03/tsa_facial_recognition_audit/", + "2 officers bailed as anti-corruption unit probes data payouts to N Irish cops": "https://go.theregister.com/feed/www.theregister.com/2025/02/03/two_psni_officers_arrested_bailed/", + "Privacy Commissioner warns the ‘John Smiths’ of the world can acquire ‘digital doppelgangers’": "https://go.theregister.com/feed/www.theregister.com/2025/02/03/australia_digital_doppelgangers_privacy_award/", + "Medical monitoring machines spotted stealing patient data, users warned to pull the plug ASAP": "https://go.theregister.com/feed/www.theregister.com/2025/02/03/backdoored_contec_patient_monitors_leak_data/" + }, + "TorrentFreak": { + "Publishers Ramp Up Pressure vs. Anna’s Archive, Sci-Hub, Z-Library & Libgen": "https://torrentfreak.com/publishers-ramp-up-pressure-vs-annas-archive-sci-hub-z-library-libgen-250203/", + "MPA Shares Pirate Site Blocking ‘Best Practices’ at WIPO Meeting": "https://torrentfreak.com/mpa-shares-pirate-site-blocking-best-practices-at-wipo-meeting-250203/" + }, + "Your Open Hacker Community": { + "How do you know what xss payload to use": "https://www.reddit.com/r/HowToHack/comments/1igybrw/how_do_you_know_what_xss_payload_to_use/", + "What is the best wordlist?": "https://www.reddit.com/r/HowToHack/comments/1ih2ewh/what_is_the_best_wordlist/", + "Game Save Hack": "https://www.reddit.com/r/HowToHack/comments/1ih2139/game_save_hack/", + "Need Help Setting Up a Proxy Server for HTTP Custom with Custom Payload on OMV (Debian)": "https://www.reddit.com/r/HowToHack/comments/1igprcu/need_help_setting_up_a_proxy_server_for_http/", + "Hacking an android device.": "https://www.reddit.com/r/HowToHack/comments/1igtb54/hacking_an_android_device/", + "SunNxt movies download": "https://www.reddit.com/r/HowToHack/comments/1igmnwu/sunnxt_movies_download/", + "Hey new guy, I have a question Does anyone have anything that is in url form that i can send my friends that will crash a chromebook.": "https://www.reddit.com/r/HowToHack/comments/1igz5tg/hey_new_guy_i_have_a_question_does_anyone_have/", + "Tizen os": "https://www.reddit.com/r/HowToHack/comments/1igjoy4/tizen_os/", + "how to find a password": "https://www.reddit.com/r/HowToHack/comments/1igjfkf/how_to_find_a_password/" + }, + "Trend Micro Research, News and Perspectives": { + "Native Sensors vs. Integrations for XDR Platforms?": "https://www.trendmicro.com/en_us/research/25/b/native-sensors-integrations-xdr-platform.html" + }, + "Deeplinks": { + "Open Licensing Promotes Culture and Learning. That's Why EFF Is Upgrading its Creative Commons Licenses.": "https://www.eff.org/deeplinks/2025/02/open-licensing-promotes-culture-and-learning-thats-why-eff-upgrading-its-creative" + }, + "Technical Information Security Content & Discussion": { + "How Attackers Can Bypass OPA Gatekeeper in Kubernetes Due to Rego Flaws": "https://www.reddit.com/r/netsec/comments/1igvgbh/how_attackers_can_bypass_opa_gatekeeper_in/" + }, + "Security Affairs": { + "Web Skimmer found on at least 17 websites, including Casio UK": "https://securityaffairs.com/173797/malware/web-skimmer-casio-uks-site.html", + "Crazy Evil gang runs over 10 highly specialized social media scams": "https://securityaffairs.com/173784/cyber-crime/crazy-evil-runs-10-social-media-scams.html", + "Elon Musk ’s DOGE team granted ‘full access’ to sensitive Treasury systems. What are the risks?": "https://securityaffairs.com/173776/security/elon-musk-s-doge-granted-full-access-to-sensitive-treasury-systems.html", + "Texas is the first state to ban DeepSeek on government devices": "https://securityaffairs.com/173764/laws-and-regulations/texas-bans-deepseek-and-rednote-govt-devices.html", + "Law enforcement seized the domains of HeartSender cybercrime marketplaces": "https://securityaffairs.com/173750/cyber-crime/heartsender-cybercrime-marketplaces-seized.html" + }, + "Palo Alto Networks Blog": { + "10 Cyber Recommendations for the Trump Administration": "https://www.paloaltonetworks.com/blog/2025/02/10-cyber-recommendations-trump-administration/" + }, + "Computer Forensics": { + "Sigma Rule Repo": "https://www.reddit.com/r/computerforensics/comments/1igy288/sigma_rule_repo/" + }, + "The Hacker News": { + "768 CVEs Exploited in 2024, Reflecting a 20% Increase from 639 in 2023": "https://thehackernews.com/2025/02/768-cves-exploited-in-2024-reflecting.html", + "PyPI Introduces Archival Status to Alert Users About Unmaintained Python Packages": "https://thehackernews.com/2025/02/pypi-introduces-archival-status-to.html", + "⚡ THN Weekly Recap: Top Cybersecurity Threats, Tools and Tips [27 February]": "https://thehackernews.com/2025/02/thn-weekly-recap-top-cybersecurity.html", + "Coyote Malware Expands Reach: Now Targets 1,030 Sites and 73 Financial Institutions": "https://thehackernews.com/2025/02/coyote-malware-expands-reach-now.html", + "What Is Attack Surface Management?": "https://thehackernews.com/2025/02/what-is-attack-surface-management.html", + "Crazy Evil Gang Targets Crypto with StealC, AMOS, and Angel Drainer Malware": "https://thehackernews.com/2025/02/crazy-evil-gang-targets-crypto-with.html" + } +} \ No newline at end of file diff --git a/today.md b/today.md index b642bcf13b..ca18614399 100644 --- a/today.md +++ b/today.md @@ -1,228 +1,330 @@ -# 每日安全资讯(2025-02-03) +# 每日安全资讯(2025-02-04) -- SecWiki News - - [ ] [SecWiki News 2025-02-02 Review](http://www.sec-wiki.com/?2025-02-02) - Doonsec's feed - - [ ] [秦安:特朗普表态DeepSeek,新质生产力文化力国防力进入生死抉择](https://mp.weixin.qq.com/s?__biz=MzA5MDg1MDUyMA==&mid=2650476446&idx=1&sn=667c5ecbfb13d7afed253e28d76959e5) - - [ ] [Fastjson1.2.24反序列化利用](https://mp.weixin.qq.com/s?__biz=Mzk0NDYwOTcxNg==&mid=2247485410&idx=1&sn=1ec1af3a9daa8bede6b50c48d4c6ad22) - - [ ] [【oscp】SickOS系列全教程](https://mp.weixin.qq.com/s?__biz=MzU2MTc4NTEyNw==&mid=2247486459&idx=1&sn=bdb973718eb5b746ffb36010c1126ab7) - - [ ] [泰国拟对妙瓦底地区断电](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650559426&idx=1&sn=319562dc0c95468cf20353c016f72e52) - - [ ] [新年第一周,网络安全“重启”:关键防护措施与实战指南](https://mp.weixin.qq.com/s?__biz=MzA4MzMzOTQ4Mw==&mid=2453672545&idx=1&sn=be79c51468776f970b7c557484e9c3d3) - - [ ] [DeepSeek 容易受到各种越狱策略的攻击](https://mp.weixin.qq.com/s?__biz=MzU2NDY2OTU4Nw==&mid=2247518533&idx=1&sn=b33cca1bd4585c8e72b323541ed3a3bd) - - [ ] [世界需要一个能谋善断的AI(六):关于DeepSeek出圈的思考](https://mp.weixin.qq.com/s?__biz=MzAxOTk3NTg5OQ==&mid=2247492311&idx=1&sn=0d662ce191c8997b8885a692a22c2b92) - - [ ] [DeepSeek R1 模型本地部署教程](https://mp.weixin.qq.com/s?__biz=MzkyOTQ4NTc3Nw==&mid=2247485501&idx=1&sn=d28152a69a687bbe9607eb0e813fd760) - - [ ] [如何通过情报分析一个人](https://mp.weixin.qq.com/s?__biz=MzkxMDIwMTMxMw==&mid=2247494517&idx=1&sn=640bcd44db8abcf1392a66a843ac737f) - - [ ] [GenAI技术栈市场分析](https://mp.weixin.qq.com/s?__biz=MjM5OTk4MDE2MA==&mid=2655264940&idx=1&sn=4e9a9d38cff3eda388d2841790e8eee6) - - [ ] [2025年,自己要做自己的灯塔!](https://mp.weixin.qq.com/s?__biz=MzA3OTg3Mjg3NA==&mid=2456976653&idx=1&sn=66f686a7f02b5f57cbff18b32be74a3a) - - [ ] [手把手教你如何本地化部署DeepSeek](https://mp.weixin.qq.com/s?__biz=MzIzMTIzNTM0MA==&mid=2247497017&idx=1&sn=c755513c5dbf6ec01ad0d40eba61ae44) - - [ ] [Hashcat vs John the Ripper:两大密码破解神器深度对比](https://mp.weixin.qq.com/s?__biz=MzI5MjY4MTMyMQ==&mid=2247489899&idx=1&sn=52471d15e881d9f921886305d9ac0fdd) - - [ ] [perplexity支持DeepSeek R1和o3-mini模型](https://mp.weixin.qq.com/s?__biz=MzkxNzY0Mzg2OQ==&mid=2247486282&idx=1&sn=c92a5e3be98e56ca2240a51d2c366462) - - [ ] [[系统安全] 六十二.恶意软件分析 (13)LLM赋能实现基于机器学习的恶意家族分类(初探)](https://mp.weixin.qq.com/s?__biz=Mzg5MTM5ODU2Mg==&mid=2247501299&idx=1&sn=c461a9440fcea0ecee2c1d78cdda5cdd) - - [ ] [聊聊国内的数据安全尺度问题](https://mp.weixin.qq.com/s?__biz=MzI1Mjc3NTUwMQ==&mid=2247538549&idx=1&sn=521c18c3ae58546adae92616cb83808f) - - [ ] [美国CISA报告称Contec病人监护仪存在后门](https://mp.weixin.qq.com/s?__biz=MzkwOTM0MjI5NQ==&mid=2247488058&idx=1&sn=f2da86198b12bcad5bde72ea431dcdcc) - - [ ] [【AI】DeepSeek 概念/影响/使用/部署](https://mp.weixin.qq.com/s?__biz=MzUyNTUyNTA5OQ==&mid=2247484881&idx=1&sn=1ce74fe3cc4869f130e0b068ec229f45) - - [ ] [FUZZ出来的一系列漏洞](https://mp.weixin.qq.com/s?__biz=MzkxNzY2MjU2Mg==&mid=2247483819&idx=1&sn=f720e0623daf07c7838527d03dce27e1) - - [ ] [DeepSeek(R1) vs Gpt-o3-mini(-high)](https://mp.weixin.qq.com/s?__biz=MzU5Mzk3NTE0Mw==&mid=2247483715&idx=1&sn=8f936ef2f0c039f3e1d7bbf3d7bf66df) - - [ ] [【AI】人工智能没那么神秘!](https://mp.weixin.qq.com/s?__biz=MzUyNTUyNTA5OQ==&mid=2247484879&idx=1&sn=5ad4a8e0fe4d3be18ea0f01e2935473f) - - [ ] [安全圈瓜田理下集合【2025/2/2】](https://mp.weixin.qq.com/s?__biz=MzAxNzg3NzMyNQ==&mid=2247489548&idx=1&sn=b9efc35c8d73c866d549db2234a7d17c) - - [ ] [不藏了!Wireshark 命令、捕获、过滤器大全分享给你](https://mp.weixin.qq.com/s?__biz=MzIyMzIwNzAxMQ==&mid=2649464775&idx=1&sn=26133889c68b7a82c112264dd161d512) - - [ ] [二层交换机和三层交换机到底有啥区别?2025年最新讲解!](https://mp.weixin.qq.com/s?__biz=MzUyNTExOTY1Nw==&mid=2247528073&idx=1&sn=6301a2e8fc2761c557904a0f410d59e7) - - [ ] [使用 NTP 进行定向 Timeroasting 窃取用户哈希值](https://mp.weixin.qq.com/s?__biz=MzAxODM5ODQzNQ==&mid=2247486924&idx=1&sn=bffa91f44bad8f39b89a25f21e0b1a59) - - [ ] [渗透测试工程师常用的搜索引擎](https://mp.weixin.qq.com/s?__biz=Mzg2MTc1MjY5OQ==&mid=2247486249&idx=1&sn=1e366c735cb526d8ed13cace6f26cc1e) - - [ ] [停更几日 找工作去了](https://mp.weixin.qq.com/s?__biz=Mzg4MTkwMTI5Mw==&mid=2247488841&idx=1&sn=57abcbe7def662f4b2fbc518fcf718f0) - - [ ] [DeepSeek老板梁文峰,谈近期热点问题](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485509&idx=1&sn=1af3f439672105c862f4bb0091c3f3a2) - - [ ] [北七家-未来科学城,3居变4居豪装,理想楼层/户型/朝向](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485509&idx=2&sn=670e807204cde52fca39474b57618c52) - - [ ] [【干货】笑傲职场的独家经验(1)](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485509&idx=3&sn=62c6e7a1ff368ba3cbd91298ad18483c) - - [ ] [【干货原创】实网攻防演习常态化,会带来什么变化01](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485509&idx=4&sn=57569d432f14f1f8ee639997920b435c) - - [ ] [汽车诊断及OBD和UDS协议的基础概念介绍](https://mp.weixin.qq.com/s?__biz=MzIzOTc2OTAxMg==&mid=2247549670&idx=1&sn=1e77e974f9698cc0d74c125e9eb62288) - - [ ] [揭示AUTOSAR中隐藏的漏洞](https://mp.weixin.qq.com/s?__biz=MzIzOTc2OTAxMg==&mid=2247549670&idx=2&sn=5f3fb6a0f0d849bdcf52c3b088620c0e) - - [ ] [【2025-02-02】黑客新闻摘要](https://mp.weixin.qq.com/s?__biz=MzIzNDU5NTI4OQ==&mid=2247488410&idx=1&sn=d520eefe614e2ce5642067897cf29310) - - [ ] [Tenable收购Vulcan Cyber,继续加速巩固暴露风险管理市场的领导地位](https://mp.weixin.qq.com/s?__biz=MzIyMTg0MTE3MA==&mid=2247487464&idx=1&sn=b2896c8828c9fe6b47d1296c0436f95f) - - [ ] [收藏 | dotNet安全矩阵 2024 年度本地权限操作阶段文章和工具汇总](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498654&idx=1&sn=5900448e0b83460002b339bdd888b89a) - - [ ] [国内最专业、最全面的 [ .NET 代码审计 ] 体系化学习交流社区](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498654&idx=2&sn=ec3a4a0258a1e9eba731417aa3354ed2) - - [ ] [总结 | 2024 年度内网实战攻防电子报刊 34 篇文章内容汇总](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498654&idx=3&sn=5f3ba6adeafc3eeeb6bac4a8709281f6) - - [ ] [高效、安全的 V2X PKI 与全球统一解决方案的集成](https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247620303&idx=1&sn=cd6c84599aef8f9308d3a9275a265bf1) - - [ ] [在软件定义汽车中实现安全的全球时间同步](https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247620303&idx=2&sn=c6f1e1c62c277153dfadbdb7bb7f03f3) - - [ ] [全球数据隐私、数据安全与网络安全技术发展报告](https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247620303&idx=3&sn=a94ce29de1c0b7625c8efc9602d3a095) - - [ ] [一款使用Rust编写的PE加壳器](https://mp.weixin.qq.com/s?__biz=MzA4ODEyODA3MQ==&mid=2247490280&idx=1&sn=27a8a52ec1103e01e0110d3cd8177b5d) - - [ ] [LockBit勒索软件案例(CS+Socks5)](https://mp.weixin.qq.com/s?__biz=MzkzMDE3ODc1Mw==&mid=2247489011&idx=1&sn=cdefefd425a7437c3ef0df558eb05375) - - [ ] [以小见大,彻底理解 cookie,session,token 之间的关系,通俗易懂](https://mp.weixin.qq.com/s?__biz=MzkxMzMyNzMyMA==&mid=2247570694&idx=1&sn=29f7161a798e3c693f2e07545a8b52ff) - - [ ] [Troll系列---Troll1靶场](https://mp.weixin.qq.com/s?__biz=Mzk1NzIzMzQ3OA==&mid=2247484332&idx=1&sn=fba78491557f3cbc1ee34fbedc0cd8bd) - - [ ] [2024年十大网络安全事件盘点](https://mp.weixin.qq.com/s?__biz=MzIxMDIwODM2MA==&mid=2653931483&idx=1&sn=5ee0aaf91c5db8412e184d348b4a1d06) - - [ ] [奇瑞汽车申请信息安全传输专利,防止多种攻击手段](https://mp.weixin.qq.com/s?__biz=MzIxMDIwODM2MA==&mid=2653931483&idx=2&sn=59bdf40380a2fc0d3df5b2d3a9d8b1e7) - - [ ] [【吃瓜】我家有女初长成!](https://mp.weixin.qq.com/s?__biz=MzU3MjU4MjM3MQ==&mid=2247489723&idx=1&sn=93b809a5e3a62b231b628e053aa39e98) - - [ ] [日志文件分析](https://mp.weixin.qq.com/s?__biz=Mzk1Nzc0MzY3NA==&mid=2247483783&idx=1&sn=4793ee638a53387ff52638f428afaa4c) - - [ ] [【吃瓜】某官方媒体下场传播Deepseek谣言](https://mp.weixin.qq.com/s?__biz=Mzg4MTkwMTI5Mw==&mid=2247488836&idx=1&sn=0b4b90b809d4d1d411d9d7cb07bb41dd) - - [ ] [[靶场复现计划]CSLAB Thunder](https://mp.weixin.qq.com/s?__biz=MzkxOTYwMDI2OA==&mid=2247484342&idx=1&sn=fbf99114ba0a7734a34ca35d09047003) - - [ ] [2025 Arch Linux 配置与常用操作指南](https://mp.weixin.qq.com/s?__biz=Mzg4MzgwMDE2Mw==&mid=2247488266&idx=1&sn=231087764693c81ab974ce49aaa367fd) - - [ ] [deepseek用不了解决方案 siliconflow](https://mp.weixin.qq.com/s?__biz=MzkxNjMwNDUxNg==&mid=2247487263&idx=1&sn=fa27a458767be5da87e8f0dd2959ac90) - - [ ] [星火年鉴· 品牌生态篇 | 2024星火品牌与市场生态亮点回顾](https://mp.weixin.qq.com/s?__biz=MzU1OTUxNTI1NA==&mid=2247592385&idx=1&sn=13ab2eff27d3b4532a504eb26a695327) - - [ ] [纯动嘴让DeepSeek给自己写一个壳](https://mp.weixin.qq.com/s?__biz=MzA3NDE0NTY0OQ==&mid=2247484313&idx=1&sn=8e3f8f76629035619e1743da5afd28a1) - - [ ] [网络安全新手必看:你的电脑够硬核吗?CTF 神器选购指南!](https://mp.weixin.qq.com/s?__biz=MzA3NDE0NTY0OQ==&mid=2247484313&idx=2&sn=4562514cd4be9ea89f1ed48f7e33ddf2) - - [ ] [Microsoft SQL Server 中的 RCE:探索错误配置并获得命令执行能力](https://mp.weixin.qq.com/s?__biz=MzAxMjYyMzkwOA==&mid=2247527476&idx=1&sn=3c6e650cd3989e4318e4de87b1cab4a3) - - [ ] [通过 JSON 文件上传进行存储型 XSS](https://mp.weixin.qq.com/s?__biz=MzAxMjYyMzkwOA==&mid=2247527476&idx=2&sn=52e6aaaaa606bc10d5c53f2ab36dab9d) - - [ ] [网安人的Deepseek使用指南](https://mp.weixin.qq.com/s?__biz=MzkxMDU5MzY0NQ==&mid=2247484471&idx=1&sn=19de64512beab336b1d931e46707a4f3) - - [ ] [国内首家!360推出“DeepSeek版”安全大模型](https://mp.weixin.qq.com/s?__biz=MzA4MTg0MDQ4Nw==&mid=2247579300&idx=1&sn=fb81fc2b90cac494c296287ef221c64f) - - [ ] [大年初五 | 蛇报佳春,万“巳”大吉](https://mp.weixin.qq.com/s?__biz=MzA4MTg0MDQ4Nw==&mid=2247579300&idx=2&sn=c06abb2df32188e9b4d4cda59aad3c1a) - - [ ] [教练,我想做红客](https://mp.weixin.qq.com/s?__biz=Mzg4NzgzMjUzOA==&mid=2247485481&idx=1&sn=8bb195be87285a44b7949441eeb4d438) - - [ ] [三步教你使用ollama+chatboxai本地部署DeepSeek-R1(含电脑配置参考)](https://mp.weixin.qq.com/s?__biz=MzkzMjIxNjExNg==&mid=2247486256&idx=1&sn=0e5e16559014d6990e2655f742bbf8c3) - - [ ] [设备管理系统开发:结合FastAPI+uvicorn技术(V2.3版本)](https://mp.weixin.qq.com/s?__biz=MzAxMDIwNjg2MA==&mid=2247486192&idx=1&sn=b7addf22dac6c645a9e16f0cd71da809) - - [ ] [大年初五迎财神|大吉大利,八方来财](https://mp.weixin.qq.com/s?__biz=MzI3NzMzNzE5Ng==&mid=2247489523&idx=1&sn=8bb39b35916f60e2052342891502afc1) - - [ ] [政府媒体下场!证明“宇宙镜像防御系统”“在黑客电脑放大悲咒”都是真的!](https://mp.weixin.qq.com/s?__biz=MzkyOTQzNjIwNw==&mid=2247491692&idx=1&sn=b3bb6b0e8bc8cf46f507d2af76f7e46f) - - [ ] [2024年近2亿人受影响,美国医疗成重点攻击目标](https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651313350&idx=1&sn=14f2e762074e1c311ff513905bd74451) - - [ ] [新型僵尸网络正对路由器、摄像头等设备发起大规模DDoS攻击](https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651313350&idx=2&sn=325091293f887d4b02b45a66abdcc9b9) - - [ ] [无需拆机!Windows 11 BitLocker加密文件被破解](https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651313350&idx=3&sn=d66f493838161567f4aa1ccfefa9c7da) - - [ ] [记一次框架利用接管学工系统](https://mp.weixin.qq.com/s?__biz=MzUyODkwNDIyMg==&mid=2247547536&idx=1&sn=3c4f0b94df8e73bc5c8f02e75f6bf1f9) - - [ ] [Zyxel CPE 设备遭遇大规模攻击:关键漏洞(CVE-2024-40891)仍未修复!](https://mp.weixin.qq.com/s?__biz=Mzg3OTYxODQxNg==&mid=2247485684&idx=1&sn=ca0044c1a5698a1a8bad3d17b325b3a4) - - [ ] [国内黑产组织利用AWS 和 Azure进行诈骗活动](https://mp.weixin.qq.com/s?__biz=MzkzNDIzNDUxOQ==&mid=2247494701&idx=1&sn=3e0582b510dbccde979bed07cc7c3488) - - [ ] [DeepSeek 突破了西方对于强大AI开发的垄断](https://mp.weixin.qq.com/s?__biz=MzkzNDIzNDUxOQ==&mid=2247494701&idx=2&sn=e859fa26b1c6c3b3a0de07cd580f711d) - - [ ] [奇幻爽文之风终于吹到了网安](https://mp.weixin.qq.com/s?__biz=Mzg4Njc0Mjc3NQ==&mid=2247486634&idx=1&sn=0dc181deac52d82cd9a46eab2a487461) - - [ ] [【2025春节】解题领红包活动排行榜(初五 2/2)](https://mp.weixin.qq.com/s?__biz=MjM5Mjc3MDM2Mw==&mid=2651141668&idx=1&sn=82663ea0981e0c6f1544bb1fe7ab6bb8) - - [ ] [时间强盗漏洞:ChatGPT绕过敏感话题安全防护](https://mp.weixin.qq.com/s?__biz=MzAxMjE3ODU3MQ==&mid=2650607394&idx=1&sn=387b2dc9dd6ebd7d27288d882c5d9832) - - [ ] [虚假谷歌广告瞄准微软广告账户,恶意软件攻击再升级](https://mp.weixin.qq.com/s?__biz=MzAxMjE3ODU3MQ==&mid=2650607394&idx=2&sn=9afd369d22b8ae77608115d1b2309b66) - - [ ] [一些木马反制技巧](https://mp.weixin.qq.com/s?__biz=MzAxMjE3ODU3MQ==&mid=2650607394&idx=3&sn=f2dbe4fa4dc6ad21d2bbc79d3e38c60b) - - [ ] [Burpsuite存储桶配置不当漏洞检测插件](https://mp.weixin.qq.com/s?__biz=MzAxMjE3ODU3MQ==&mid=2650607394&idx=4&sn=d21b7373ba4514475e76fc1e86673954) - - [ ] [掌握这些隐藏技巧,快速生成高质量美学论文初稿指南!](https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247493260&idx=1&sn=6e7603d4bf552141b202da8e2c7226ef) - - [ ] [掌握中国史论文写作的文献综述绝技:解锁每个研究生都该懂的内部秘笈。](https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247493260&idx=2&sn=20c75c3aa689fee6c249bf331d9695e1) - - [ ] [掌握AI军事战略论文初稿的5种极致写作技巧,用ChatGPT打造高效论文写作流程!](https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247493260&idx=3&sn=9a4e44b87ce1049e024adfebfd892d5b) - - [ ] [掌握ChatGPT人力资源管理论文大纲的完善攻略,新手也能3小时上手。](https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247493260&idx=4&sn=d4c9789e053207760dc89bc30e97bdbe) - - [ ] [掌握ChatGPT特殊教育论文审稿的内部高阶技巧,审稿速度提升200%!](https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247493260&idx=5&sn=1b7188bc90a73bd66bfbd639ffb205c1) - - [ ] [初五接财神 | 顺风顺水,八方来财](https://mp.weixin.qq.com/s?__biz=Mzk0ODI4MDI4Nw==&mid=2247494628&idx=1&sn=86f1f585e2527dffb49f31e3cb3b77e6) - - [ ] [初五财神到,火绒安全祝大家蛇年行大运,事事皆顺遂~](https://mp.weixin.qq.com/s?__biz=MzI3NjYzMDM1Mg==&mid=2247522009&idx=1&sn=427a7360c75c10d3278f62a51ef5b068) - - [ ] [诚邀渠道合作伙伴共启新征程](https://mp.weixin.qq.com/s?__biz=MzI3NjYzMDM1Mg==&mid=2247522009&idx=2&sn=ca2b184d62f7ecba76d349a8faa6d2bf) - - [ ] [MQTT协议安全攻击面技术分析总结](https://mp.weixin.qq.com/s?__biz=MjM5MjEyMTcyMQ==&mid=2651037465&idx=1&sn=c91979cf125a6f93d28586817671f1d7) - - [ ] [大年初五吉祥如意](https://mp.weixin.qq.com/s?__biz=Mzg3NTU3NTY0Nw==&mid=2247489546&idx=1&sn=48d30c9bf0c189657c24003dd0ef3551) - - [ ] [大年初五 巳蛇呈祥](https://mp.weixin.qq.com/s?__biz=Mzg2MTU5ODQ2Mg==&mid=2247507177&idx=1&sn=c70f06c1d86e5a233713734b6ee2f9ce) - - [ ] [数字取证之呈现证据u200c](https://mp.weixin.qq.com/s?__biz=MjM5OTk4MDE2MA==&mid=2655264934&idx=1&sn=b566f40a1e56c1ead34ae7196ce9f9b8) - - [ ] [DeepSeek的R1与R1-Zero:技术差异与AI风险管控](https://mp.weixin.qq.com/s?__biz=MzIxODM0NDU4MQ==&mid=2247506432&idx=1&sn=ddb2b818c020739b2b004f3cfcb69a91) - - [ ] [Nmap高级攻击指南:用官方工具实施SYN欺骗攻击](https://mp.weixin.qq.com/s?__biz=MzkxOTUyOTc0NQ==&mid=2247493009&idx=1&sn=4450fdf706551f053287269ac3017075) - - [ ] [迎财神](https://mp.weixin.qq.com/s?__biz=Mzg2Mzg2NDM0NA==&mid=2247484863&idx=1&sn=38cb397e43ce3141523a19c0581ad5e1) - - [ ] [90%企业等保无效?红蓝对抗揭露真相!](https://mp.weixin.qq.com/s?__biz=MzIwMzIyMjYzNA==&mid=2247517989&idx=1&sn=c773878e5458413dc7f713382eb2c815) - - [ ] [迎财神,送福到,愿您在新的一年里,财运旺盛,心想事成!](https://mp.weixin.qq.com/s?__biz=MjM5NzU4NjkyMw==&mid=2650747926&idx=1&sn=51b6804dd2334ea79d326a1a7717461a) - - [ ] [谁说红客只会蹭!过来看看他们的实力!](https://mp.weixin.qq.com/s?__biz=Mzk0MzY3MDE5Mg==&mid=2247484028&idx=1&sn=5854fd05510860e4b1a8934a02138131) - - [ ] [红盟只会蹭!](https://mp.weixin.qq.com/s?__biz=MzkwMTU2NzMwOQ==&mid=2247484533&idx=1&sn=6247c1831a0bfd5ce1a4b0733b912d9c) - - [ ] [ISO 45001: 2018 标准详解与实施(13)6.2 职业健康安全目标及其实现的策划](https://mp.weixin.qq.com/s?__biz=MzA5OTEyNzc1Nw==&mid=2247486058&idx=1&sn=5999aad43bc68811dab5ca40c639b197) - - [ ] [实战内测-某内测项目站点FUZZ到SQL注入](https://mp.weixin.qq.com/s?__biz=Mzk0Mzc1MTI2Nw==&mid=2247487449&idx=1&sn=bae043c1e8117312d3d18624f4c070a5) - - [ ] [大年初五丨安天捕风给您拜年了](https://mp.weixin.qq.com/s?__biz=MjM5MTA3Nzk4MQ==&mid=2650209925&idx=1&sn=b804ce5af784fca3a1e05a9077cdf1c2) - - [ ] [正月初五 | 五福临门 招财进宝](https://mp.weixin.qq.com/s?__biz=MzI2MzU0NTk3OA==&mid=2247506084&idx=1&sn=beab459a146e3c03036ca82226a1c621) - - [ ] [Meta 确认零点击 WhatsApp 间谍软件攻击针对 90 名记者和活动人士](https://mp.weixin.qq.com/s?__biz=MzI2NzAwOTg4NQ==&mid=2649794014&idx=1&sn=0bf99aa1e7fb87b545c84b364e027dc0) - - [ ] [大年初五|接财神](https://mp.weixin.qq.com/s?__biz=MzUyMjAyODU1NA==&mid=2247491950&idx=1&sn=f325c8233c093a74fde97c588f87e12a) - - [ ] [Shoko:动漫管理的另一种选择,完美集成Plex、Jellyfin、Kodi](https://mp.weixin.qq.com/s?__biz=MzA4MjkzMTcxMg==&mid=2449046777&idx=1&sn=a0ad55fed18cd06f87ff32c4f5be473b) - - [ ] [初五 | 财源滚滚万事顺,鸿运当头福临门!](https://mp.weixin.qq.com/s?__biz=MzU4NjY4MDAyNQ==&mid=2247497082&idx=1&sn=9b4b2f985f0aa0b0b50392da125f46fe) - - [ ] [正月初五 | 财安福来](https://mp.weixin.qq.com/s?__biz=Mzg2NDU3Mzc5OA==&mid=2247489780&idx=1&sn=76693eb6e5caa655bd2a6320c1ae8629) - - [ ] [大年初五 五福临门](https://mp.weixin.qq.com/s?__biz=MjM5NzE0NTIxMg==&mid=2651135292&idx=1&sn=0c7186a57a71bbffcf1d576a5e3176ff) - - [ ] [正月初五迎财神!亚信安全祝大家金蛇接财,福气满满](https://mp.weixin.qq.com/s?__biz=MjM5NjY2MTIzMw==&mid=2650620969&idx=1&sn=e2ea7bfca815e935b52839d6161bb0bf) - - [ ] [【oscp】vulnerable_docker,三种代理方法打入内网](https://mp.weixin.qq.com/s?__biz=Mzg2Nzk0NjA4Mg==&mid=2247498989&idx=1&sn=a860e19fe2d20c9b8aa5cc9ca81ac488) - - [ ] [【2025】初五迎财神,恭喜发财](https://mp.weixin.qq.com/s?__biz=MzUwOTc3MTQyNg==&mid=2247491392&idx=1&sn=75011220308fe9a69d8dd70b7d07d5f0) - - [ ] [大年初五 | 恒御科技祝大家“蛇运亨通,瑞气盈门”](https://mp.weixin.qq.com/s?__biz=MzU4NjY3OTAzMg==&mid=2247514958&idx=1&sn=01c937eee1af2942500f59fc5740acf7) - - [ ] [大年初五 | 爆竹声中财门开,如意平安富贵来](https://mp.weixin.qq.com/s?__biz=Mzk0MDQ5MTQ4NA==&mid=2247487431&idx=1&sn=c15740e5ae9f941b205365b9d758ee32) - - [ ] [Hawkeye 一款Windows综合应急响应工具](https://mp.weixin.qq.com/s?__biz=Mzk0ODY1NzEwMA==&mid=2247486676&idx=1&sn=3417cbc224d25e1e2d58028f2163bb57) - - [ ] [正月初五|喜迎财神 招财纳祥](https://mp.weixin.qq.com/s?__biz=MzkxODczNjA4NQ==&mid=2247494022&idx=1&sn=4a63c5fbf635f14e625c112957d0ea1d) - - [ ] [DecryptTools综合解密](https://mp.weixin.qq.com/s?__biz=MzkyNzIxMjM3Mg==&mid=2247489196&idx=1&sn=bc1fd862ec7ec58e385b7e0f3de44318) - - [ ] [一半人可以开了](https://mp.weixin.qq.com/s?__biz=MzkyNzIxMjM3Mg==&mid=2247489196&idx=2&sn=dec356d33c41d89e7b628f05471e3d2e) - - [ ] [【贺蛇年】初五迎财 网安聚福](https://mp.weixin.qq.com/s?__biz=MzAxMjE1MDY0NA==&mid=2247508846&idx=1&sn=9ce423304dea95172f851d637a204f7a) - - [ ] [【初五】安全守护好 发展自然来](https://mp.weixin.qq.com/s?__biz=MjM5NTE0MjQyMg==&mid=2650624577&idx=1&sn=4c14d0c391b3e76a3335a93e4e16c2f4) - - [ ] [山石网科·AI汇东方|正月初五,喜迎财神](https://mp.weixin.qq.com/s?__biz=MzAxMDE4MTAzMQ==&mid=2661298314&idx=1&sn=a06e947eb117e1a6e4ac13f9aba74f9b) - - [ ] [初五 | 迎财神](https://mp.weixin.qq.com/s?__biz=MzIxNTQxMjQyNg==&mid=2247493742&idx=1&sn=6c298f8ce178ae5f381c68b29f886a7f) - - [ ] [初五|财神叩门送金来 全域互连倚云脉](https://mp.weixin.qq.com/s?__biz=MzkxNDY0MjMxNQ==&mid=2247532974&idx=1&sn=f7a29699391399ad4582af3321de5ad1) - - [ ] [ZoomEye、ZoomEye Pro:网络资产测绘,筑牢财富根基](https://mp.weixin.qq.com/s?__biz=MjM5NzA3Nzg2MA==&mid=2649870888&idx=1&sn=572bcba2cdd6c61f272fbc1ee4943f22) - - [ ] [祥蛇初五至 福运启新时](https://mp.weixin.qq.com/s?__biz=MzU0MjEwNTM5Ng==&mid=2247520425&idx=1&sn=7936883faac2bd5d0b54fbc8772c487c) - - [ ] [Dark OSINT:我是如何识别多个性犯罪分子及其基础设施的](https://mp.weixin.qq.com/s?__biz=MzkwOTE5MDY5NA==&mid=2247504844&idx=1&sn=0567a540ffa5f4aa2f0bd08da69c6254) - - [ ] [赚美刀?来扶盈安全就对了-扶楹安全第二期招生了!](https://mp.weixin.qq.com/s?__biz=MzkyNzQzODA3Ng==&mid=2247484777&idx=1&sn=007f74bd81906a993fad37a59f5e1afd) - - [ ] [初五 | 迎财神,接好运!](https://mp.weixin.qq.com/s?__biz=Mzg4MjQ4MjM4OA==&mid=2247523803&idx=1&sn=e5fe6e9fcd4de214c94e3f5efd295dd8) - - [ ] [苏说安全两周年记 | 感恩每一份照亮前路的星光](https://mp.weixin.qq.com/s?__biz=Mzg5OTg5OTI1NQ==&mid=2247489874&idx=1&sn=47b12bb1e57d2b02fc0dbb3b38913d8b) + - [ ] [06x函数50-55](https://mp.weixin.qq.com/s?__biz=MzA3NDE0NTY0OQ==&mid=2247484328&idx=1&sn=56cb7fa45a42211cef760c64219cfe6d) + - [ ] [靶场系列之Kioptix Level 4](https://mp.weixin.qq.com/s?__biz=Mzk1NzIzNjM0OQ==&mid=2247484082&idx=1&sn=8ae9a5e59b4672dd6ca406e270e8bd72) + - [ ] [【Win11抓不到密码?】| 内存匹配规则的添加!!](https://mp.weixin.qq.com/s?__biz=Mzk1NzM5MTI2Mg==&mid=2247484433&idx=1&sn=c880bb48a013ff14e3bab913ecbfe043) + - [ ] [渗透测试与Linux管理系统化](https://mp.weixin.qq.com/s?__biz=Mzk1Nzc0MzY3NA==&mid=2247483802&idx=1&sn=5d2ed26dce664d4671ea49803c0b5721) + - [ ] [openEuler 24.03 操作系统上部署 DeepSeek-R1:671B 大模型训练使用GPU显卡NVIDIA A100](https://mp.weixin.qq.com/s?__biz=Mzg2MjYxODQ4Mw==&mid=2247485001&idx=1&sn=7cafb2cadfaa1242093af5dd79f1f9b4) + - [ ] [【burpsuite靶场-服务端4】命令注入漏洞](https://mp.weixin.qq.com/s?__biz=MzkzMDg1MzIwNA==&mid=2247487335&idx=1&sn=c230b1063e5abc07d7a340d33329a10e) + - [ ] [一键直达,告别中转!AutoRedirector 插件让你的浏览体验飞起来!](https://mp.weixin.qq.com/s?__biz=MzU2MTc4NTEyNw==&mid=2247486485&idx=1&sn=0708e0ba9aaae6b483cf7006497b904d) + - [ ] [2025年网络安全态势感知的主要趋势和挑战](https://mp.weixin.qq.com/s?__biz=MzU2NDY2OTU4Nw==&mid=2247518539&idx=1&sn=a6be0023f68c6a11448c70df2384b293) + - [ ] [世界需要一个能谋善断的AI(七)数字分身:生理永生与数字永生的思考](https://mp.weixin.qq.com/s?__biz=MzAxOTk3NTg5OQ==&mid=2247492313&idx=1&sn=c436d968a908073fb49f919afe55128d) + - [ ] [Unity游戏开发学习笔记](https://mp.weixin.qq.com/s?__biz=MjM5Mzc4MzUzMQ==&mid=2650260521&idx=1&sn=0ab4effac06bb65dab6afa3ebf32e1b7) + - [ ] [大模型基础](https://mp.weixin.qq.com/s?__biz=MjM5OTk4MDE2MA==&mid=2655265044&idx=1&sn=7801ee77daf09eae3fe05c448a3a2c43) + - [ ] [日产聆风电动汽车(Leaf-EV)-2018款本地拒绝服务漏洞](https://mp.weixin.qq.com/s?__biz=MzkyOTg3ODc5OA==&mid=2247484330&idx=1&sn=8558bf04848af41f0e0f56123fc3ae5d) + - [ ] [列目录引起的信息泄露获取1w5赏金](https://mp.weixin.qq.com/s?__biz=MzIzMTIzNTM0MA==&mid=2247497023&idx=1&sn=f4dad5920e40978a4ba8d4c41549b151) + - [ ] [特斯拉电动汽车越狱](https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247620379&idx=1&sn=0d4d48f552a8acea197682a3d291f961) + - [ ] [智慧护航:量产落地的盖瑞特入侵检测系统,确保智能网联汽车安全](https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247620379&idx=2&sn=5d7fd1071b30851066c47559fe48c00f) + - [ ] [单芯片舱驾&舱控跨域融合技术方案在线培训课](https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247620379&idx=3&sn=6703784580243fe5c19338db1ccf0fc1) + - [ ] [联发科发布公告CVE-2025-20633可能导致远程代码执行](https://mp.weixin.qq.com/s?__biz=MzkzNDIzNDUxOQ==&mid=2247494738&idx=1&sn=f776c6f5b2c8fbd315f6a6fbb4e83658) + - [ ] [G.O.S.S.I.P 2025 新春总动员(1):疯狂的PDF](https://mp.weixin.qq.com/s?__biz=Mzg5ODUxMzg0Ng==&mid=2247499652&idx=1&sn=589b1778aa04f72cdc07c947be4bc17c) + - [ ] [SecWiki周刊(第570期)](https://mp.weixin.qq.com/s?__biz=MjM5NDM1OTM0Mg==&mid=2651053429&idx=1&sn=31d3160a718b707ff1494a94ccb17e05) + - [ ] [SecWiki周刊(第569期)](https://mp.weixin.qq.com/s?__biz=MjM5NDM1OTM0Mg==&mid=2651053429&idx=2&sn=52ca024a6e40c3b8bfa8aee1ae304c03) + - [ ] [SecWiki周刊(第568期)](https://mp.weixin.qq.com/s?__biz=MjM5NDM1OTM0Mg==&mid=2651053429&idx=3&sn=a8270fb531eb9042a816850e48c609e2) + - [ ] [SecWiki周刊(第567期)](https://mp.weixin.qq.com/s?__biz=MjM5NDM1OTM0Mg==&mid=2651053429&idx=4&sn=1a33c07c70777c6b4ee1ff6913533e0d) + - [ ] [大年初六 | 辞旧迎新,送穷迎福](https://mp.weixin.qq.com/s?__biz=MzU3MzU4NjI4OQ==&mid=2247516498&idx=1&sn=e9790d235440fdc1e5d82fbb21a2ff57) + - [ ] [小白也能懂的DeepSeek本地安装教程](https://mp.weixin.qq.com/s?__biz=MzU5NzQ3NzIwMA==&mid=2247486425&idx=1&sn=d5a313dd4ffa06ab7ccd8e37ca614892) + - [ ] [海外虚拟信用卡之BinPay](https://mp.weixin.qq.com/s?__biz=MzkyNzYzNTQ2Nw==&mid=2247484119&idx=1&sn=ba45102f59a34f18e8ced5e0639b48b9) + - [ ] [白嫖DeepSeek R1 -腾讯云部署将免费进行到底!](https://mp.weixin.qq.com/s?__biz=MjM5Nzk3MjMzMA==&mid=2650570216&idx=1&sn=4dded799de34c8aad693320a5562dccc) + - [ ] [Topert4|内容计划|已有内容|10小时后删除](https://mp.weixin.qq.com/s?__biz=MzU5Njg5NzUzMw==&mid=2247490468&idx=1&sn=7e879727a18c30ea764c2f7f090ccfab) + - [ ] [1月份,到访奇安信的两大车企巨头!](https://mp.weixin.qq.com/s?__biz=MzkzMzcxNTQyNw==&mid=2247485600&idx=1&sn=1080d72650a49581ed39b353de1b2693) + - [ ] [服务崩溃,DeepSeek该给金主一个贴金的机会](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485511&idx=1&sn=4df6a88c69aee53ffdd181cc712e7f41) + - [ ] [【干货原创】实网攻防演习常态化,会带来什么变化01](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485511&idx=4&sn=68b99bc3a3d9c0166c11be378b838cac) + - [ ] [【干货原创】K12教育,鲜为人知的模式秘密](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485511&idx=5&sn=66af2d055dd3946c55837e742af38e56) + - [ ] [原创文章目录](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485511&idx=6&sn=881293b43a52e8b558223c554ddebcbf) + - [ ] [秦安:伟大的战略反攻已经开始,灵动之蛇年,中国人民就靠真功夫](https://mp.weixin.qq.com/s?__biz=MzA5MDg1MDUyMA==&mid=2650476470&idx=1&sn=f6505f40fe1a4a811cd9320a2365b123) + - [ ] [秦安:初一,美国动手了,安全和道德问题,以小人之心量君子之腹](https://mp.weixin.qq.com/s?__biz=MzA5MDg1MDUyMA==&mid=2650476470&idx=2&sn=e3248c99757c48d1753daab3678c4bb3) + - [ ] [这么强的渗透神器,你真的舍得不试试?](https://mp.weixin.qq.com/s?__biz=Mzg5OTg1MDk0Mw==&mid=2247485506&idx=1&sn=b0b0b4fac01f448f36a415fb860eeb81) + - [ ] [企业信息安全建设:你的数据防线真的固若金汤吗?](https://mp.weixin.qq.com/s?__biz=MzI5MjEyOTE4MA==&mid=2648520049&idx=1&sn=2ebb6422e7ffeffd0e9e501bd6ec2c7f) + - [ ] [ISO 45001: 2018 标准详解与实施(14)7.1 资源](https://mp.weixin.qq.com/s?__biz=MzA5OTEyNzc1Nw==&mid=2247486063&idx=1&sn=377991c5d6f47b70bc76fd3db40d4292) + - [ ] [【资料】生成式人工智能下的世界](https://mp.weixin.qq.com/s?__biz=MzI2MTE0NTE3Mw==&mid=2651148842&idx=1&sn=a98ad85e918a855004f545cb00b2141b) + - [ ] [智能网联汽车多域电子电气架构会如何发展?](https://mp.weixin.qq.com/s?__biz=MzIzOTc2OTAxMg==&mid=2247549671&idx=1&sn=7043300bc8465aca13f85f5610eadd9f) + - [ ] [CAN总线不加终端电阻会咋样?](https://mp.weixin.qq.com/s?__biz=MzIzOTc2OTAxMg==&mid=2247549671&idx=2&sn=1ccdb8a902fad33f54ae970878279444) + - [ ] [星火年鉴 | 工业互联网标识智库2024年度热文盘点,你最pick哪一篇?](https://mp.weixin.qq.com/s?__biz=MzU1OTUxNTI1NA==&mid=2247592465&idx=1&sn=c1802084a4d36089406dfe91c03545c7) + - [ ] [浅析代码重定位技术](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458589301&idx=1&sn=f8b5a4c4740123d4431ccb68a9063f17) + - [ ] [实用干货!无人机安全攻防入门,速来报名](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458589301&idx=2&sn=cd340085d0abd8a5fc5233d9ec93603f) + - [ ] [实施数据加密策略:保护云中敏感数据的关键要素(一)](https://mp.weixin.qq.com/s?__biz=MzkyMzU2NjQyNA==&mid=2247483943&idx=1&sn=30651b48ba2470ae7cf394536e6f42db) + - [ ] [【文末抽奖】奉天安全团队招人啦](https://mp.weixin.qq.com/s?__biz=Mzk0NjQ2NzQ0Ng==&mid=2247485016&idx=1&sn=eacd6f2faccf3347f92496544b099c41) + - [ ] [本地部署DeepSeek R1辅助CTF解题详解](https://mp.weixin.qq.com/s?__biz=Mzg2MjgwMzIxMA==&mid=2247484868&idx=1&sn=ed0f3277300e13861180e709a4818013) + - [ ] [【计划】2025,开工大吉及年度工作计划](https://mp.weixin.qq.com/s?__biz=MzU5MTM4MTIxMA==&mid=2247485508&idx=1&sn=21554b6361dcb2d065befb222b6da092) + - [ ] [【培训通知】2025年第一期专业反窃密技术操作培训班开班通知](https://mp.weixin.qq.com/s?__biz=MzU5MTM4MTIxMA==&mid=2247485508&idx=2&sn=c4e543ce0de16f5562006bd36c2e639c) + - [ ] [官方合并计划](https://mp.weixin.qq.com/s?__biz=MzU5Njg5NzUzMw==&mid=2247490462&idx=1&sn=470daf7ca3006edac1301cf05389d26f) + - [ ] [EDR专题学习-对抗EDR](https://mp.weixin.qq.com/s?__biz=Mzg5MDg3OTc0OA==&mid=2247489431&idx=1&sn=d3225f3d2e727cbd4b4c992fe9f989d0) + - [ ] [2025年,网络安全学习路线来袭,顺序千万别搞反!](https://mp.weixin.qq.com/s?__biz=MzkxMzMyNzMyMA==&mid=2247570695&idx=1&sn=1673575e8dc90594ba01e57b3cb359af) + - [ ] [违法获取网购订单中的个人信息,8人被判侵犯公民个人信息罪](https://mp.weixin.qq.com/s?__biz=MzIxMDIwODM2MA==&mid=2653931485&idx=1&sn=daf542fd9764c57a700fa306a231902d) + - [ ] [中国电信申请网元验证方法专利,保证SRv6网络安全不受影响](https://mp.weixin.qq.com/s?__biz=MzIxMDIwODM2MA==&mid=2653931485&idx=2&sn=9867cd25ac6ce0b727806848e5b8060f) + - [ ] [DeepSeek一键部署与DeepSeek免费14元额度羊毛福利](https://mp.weixin.qq.com/s?__biz=MzkyOTQyOTk3Mg==&mid=2247485061&idx=1&sn=41e34f22538f3d7766dfffadea89f948) + - [ ] [人工智能将如何改变劳动力市场:哪些职业将消失,哪些职业将继续存在](https://mp.weixin.qq.com/s?__biz=MzkzNDIzNDUxOQ==&mid=2247494733&idx=1&sn=9f39bc986bcee5287ab657f30bef435c) + - [ ] [2022-2024年间-美国对华芯片出口管制规则的梳理分析](https://mp.weixin.qq.com/s?__biz=MzIxODM0NDU4MQ==&mid=2247506447&idx=1&sn=0a423985369639ab65ad56e3f60aef66) + - [ ] [基于转换模型的安全属性验证](https://mp.weixin.qq.com/s?__biz=MzA5MTYyMDQ0OQ==&mid=2247493616&idx=1&sn=9211f1b45c30a302935f15077cc8b115) + - [ ] [8000字34张图史诗级介绍同轴电缆、双绞线、光纤等线缆,超级详细!](https://mp.weixin.qq.com/s?__biz=MzIyMzIwNzAxMQ==&mid=2649464777&idx=1&sn=32b2badc3ecfeef46c9f362629a4682c) + - [ ] [【吃瓜】《科普文章被网暴》《支持红客,打击霉离贱汉奸走狗!》DeepSeek乱象频发](https://mp.weixin.qq.com/s?__biz=Mzg4MTkwMTI5Mw==&mid=2247488860&idx=1&sn=41c835917e4191a5051118f4df625334) + - [ ] [网络钓鱼与社交工程:如何保护自己免受心理攻击——从受害者画像到防御体系构建](https://mp.weixin.qq.com/s?__biz=Mzk1NzI5MTc0Nw==&mid=2247484721&idx=1&sn=9b57ddd6ef8e9d09eb6c25c6bd0f2b22) + - [ ] [探索 HPE Insight Remote Support 中的最新 CVE](https://mp.weixin.qq.com/s?__biz=MzAxMjYyMzkwOA==&mid=2247527501&idx=1&sn=5f839664fa63bb4e792aa22a18e78ce0) + - [ ] [dde-api-proxy:Deepin D-Bus 代理服务中的身份验证绕过(CVE-2025-23222)](https://mp.weixin.qq.com/s?__biz=MzAxMjYyMzkwOA==&mid=2247527501&idx=2&sn=737f8a4b724e5ff7d00edcdeb03128cb) + - [ ] [Android Web攻击表面](https://mp.weixin.qq.com/s?__biz=MzAxMjYyMzkwOA==&mid=2247527501&idx=3&sn=5f9225bd5a2a555eeb1bfa1f39dd010b) + - [ ] [[民族之悲哀] DeepSeek 正在成为行业败类、无知黑心者的炒作敛财“傀儡”](https://mp.weixin.qq.com/s?__biz=MzkwODI1ODgzOA==&mid=2247506662&idx=1&sn=85cd5ef3832b2cd3e8770a6265aa290c) + - [ ] [美国为何对 DeepSeek 如此“上心”?一场科技博弈的真相](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650559440&idx=1&sn=a71dae9b931ab06febdba6081a3e1c26) + - [ ] [美国联邦调查局“变天”?特朗普全面清洗大动作曝光](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650559440&idx=2&sn=ac91eaccfce9275a6fd64aed2388e1a6) + - [ ] [专家解读 | 推动个人信息出境个人信息保护认证制度落地 促进个人信息高效便利安全跨境流动](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235937&idx=1&sn=d246a29f11e44289e30c16ad02323ea2) + - [ ] [征订|欢迎订阅2025年《中国信息安全》杂志](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235937&idx=2&sn=4edccca64682f8f41e9b56497807eb00) + - [ ] [专家解读 | 提升数据流通安全治理能力 促进数据流通开发利用](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235937&idx=3&sn=4b74cb1e75a739f80043e4d79c6f19a5) + - [ ] [国际 | 日本推进人工智能立法兼顾双重性](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235937&idx=4&sn=f8a6890f42bfbbbee12fcb55f0fde756) + - [ ] [评论 | 铲除“反防沉迷产业链”,撑起“数字晴空”](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235937&idx=5&sn=64e31032d2a327b33ad9368ee8790d3f) + - [ ] [微软惊现「零点击」核弹级漏洞!打开邮件就中招?](https://mp.weixin.qq.com/s?__biz=MzU0NDc0NTY3OQ==&mid=2247488439&idx=1&sn=98793685608a483e27976abf658cb08f) + - [ ] [Linux通用应急响应脚本](https://mp.weixin.qq.com/s?__biz=MzkyNzIxMjM3Mg==&mid=2247489197&idx=1&sn=5884ffe11accd736ab98ef2136c649bb) + - [ ] [前途光明](https://mp.weixin.qq.com/s?__biz=MzkyNzIxMjM3Mg==&mid=2247489197&idx=2&sn=ae88a87de118a9c320d0c5b5821c056e) + - [ ] [网安工作者被骂罕见,红客才是行业主导!](https://mp.weixin.qq.com/s?__biz=MzkyNTQ0OTYxOQ==&mid=2247484019&idx=1&sn=bcf60352216bd1de85eabb90f627c3d3) + - [ ] [“杉菜”再见,大S离世原因](https://mp.weixin.qq.com/s?__biz=Mzg2NDYwMDA1NA==&mid=2247543667&idx=1&sn=ae1deeaf06d309925fe3bfbadf32878d) + - [ ] [恶意样本静态分析-上](https://mp.weixin.qq.com/s?__biz=MzA4ODEyODA3MQ==&mid=2247490311&idx=1&sn=3ddb48128acc2772763bd99ba4cf850a) + - [ ] [APT狩猎工具](https://mp.weixin.qq.com/s?__biz=MzA4ODEyODA3MQ==&mid=2247490311&idx=2&sn=411e5b869e7b4425b9b6ce4d386e170a) + - [ ] [网络钓鱼工具资源库](https://mp.weixin.qq.com/s?__biz=Mzg4NzgyODEzNQ==&mid=2247488641&idx=1&sn=ce3b46fb8a2c5727264f28a851167f8c) + - [ ] [Docker 入门指南:10个核心命令助你快速上手容器化](https://mp.weixin.qq.com/s?__biz=Mzg4NDg3NjE5MQ==&mid=2247485645&idx=1&sn=1bd9d8741680f01bc152d9608e3391fb) + - [ ] [用DeepSeek学习区块链量化](https://mp.weixin.qq.com/s?__biz=MzU3NDY1NTYyOQ==&mid=2247486034&idx=1&sn=c8655d5eb94f15ce10b24ee79ebb2821) + - [ ] [掌握艺术设计学论文文献收集全指南,让文献不再难搞。](https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247493259&idx=1&sn=ea25f2184ac90e4708490138156b2621) + - [ ] [掌握影视摄影与制作论文文献搜集内部攻略,助你写出高分必备指南!](https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247493259&idx=2&sn=822a6781edeeaf9e98aaeb1434eff4ad) + - [ ] [掌握硬核技巧:电子商务论文文献搜集全攻略,再也不愁找不到高质量文献了!](https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247493259&idx=3&sn=8b6a73f7d723ccca32e7506256455a9c) + - [ ] [掌握云计算与大数据论文选题技巧,导师都说靠谱的秘诀指南!](https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247493259&idx=4&sn=efa511efbec97d70ba6bd3f53083017b) + - [ ] [掌握这份电子商务论文初稿生成指南,一天搞定毕业论文!](https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247493259&idx=5&sn=831b7e600453447ad06a62b31b3aef2a) + - [ ] [掌握这份诉讼法学论文文献搜集高阶攻略,提升你的学术创新力!](https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247493259&idx=6&sn=5e1ea103b527981dab1ba28838f2d973) + - [ ] [掌握这份AI版社会保障论文写作大纲高阶脚本指南,一周完整论文不是梦!](https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247493259&idx=7&sn=cf40d9551ecccbb1c21543955cd555a9) + - [ ] [掌握这份ChatGPT物理化学论文选题指南,让论文写作从此不愁!](https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247493259&idx=8&sn=e677fc46b82e5dd576a4dd1503d89713) + - [ ] [谷歌称黑客正滥用Gemini AI来增强攻击能力](https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651313430&idx=1&sn=4afd94e32a04c49dcc25f593341c2fd5) + - [ ] [2025年AI网络安全预测](https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651313430&idx=2&sn=7388f9c978f61ad866c97f57c21abe6f) + - [ ] [Meta确认90名用户遭WhatsApp零点击间谍软件攻击](https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651313430&idx=3&sn=e5f4cbdc2013e8fc276d774eeeb951ae) + - [ ] [微软披露macOS漏洞CVE-2024-44243,允许安装Rootkit](https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651313430&idx=4&sn=6e74cf5e7a16522cf7f639a52c3789c7) + - [ ] [漏洞挖掘 | 基于mssql数据库的sql注入](https://mp.weixin.qq.com/s?__biz=MzUyODkwNDIyMg==&mid=2247547538&idx=1&sn=2de25baa764188f0bd83a351248a40c5) + - [ ] [通过计算机视觉帮助发现隐藏的漏洞](https://mp.weixin.qq.com/s?__biz=MzI4NTcxMjQ1MA==&mid=2247615413&idx=1&sn=363d6567bfa41a8f33e272e1185da50a) + - [ ] [AI驱动API漏洞激增1205%,企业安全面临空前挑战!](https://mp.weixin.qq.com/s?__biz=Mzg3OTYxODQxNg==&mid=2247485686&idx=1&sn=6ad3015e97dc52bd69dc9921b81a5f9c) + - [ ] [大算力之路,生命不选GPU](https://mp.weixin.qq.com/s?__biz=Mzk0MTI4NTIzNQ==&mid=2247492308&idx=1&sn=775c682a9974e1a355dc8b8b2a206a11) + - [ ] [想用 DeepSeek?这里能用,扫码还送 14 元体验金](https://mp.weixin.qq.com/s?__biz=MzkyNzUzMjM1NQ==&mid=2247484777&idx=1&sn=0acdb741af24de7e3f86557afa0a53be) + - [ ] [【2025春节】解题领红包活动排行榜(初六 2/3)](https://mp.weixin.qq.com/s?__biz=MjM5Mjc3MDM2Mw==&mid=2651141670&idx=1&sn=de73fb9cf91c717915c2bd5adcde0c09) + - [ ] [Stratovirt 的 RISC-V 虚拟化支持(五):BootLoader 和设备树](https://mp.weixin.qq.com/s?__biz=MzA5NDQzODQ3MQ==&mid=2648194570&idx=1&sn=c848bb41f340e4869973a3e8eb22c5e8) + - [ ] [标签巨头 Avery 称网站遭黑客攻击,信用卡信息被窃](https://mp.weixin.qq.com/s?__biz=Mzg3ODY0NTczMA==&mid=2247492132&idx=1&sn=13d6fe7fec657cd4cb7b5191b4e4ef8a) + - [ ] [一次区块链的安全研究](https://mp.weixin.qq.com/s?__biz=MzkyNDU2MDk4NQ==&mid=2247484034&idx=1&sn=ecdb621b08c7137bfb1cb1bd900cf5f9) + - [ ] [DeepSeek接入个人知识库,一般电脑也能飞速跑,确实可以封神了!](https://mp.weixin.qq.com/s?__biz=MzkyMzg4MTY4Ng==&mid=2247484596&idx=1&sn=5e1a1f6c02555974e75a31c95e629591) + - [ ] [全网最全、最详细的 Linux 进程间通信方式讲解来了,你不容错过!](https://mp.weixin.qq.com/s?__biz=MzI1NzI5NDM4Mw==&mid=2247498590&idx=1&sn=3ee93d415c16a3700b965bd1c5ddbfe1) + - [ ] [500 美元的漏洞:Censys 搜索如何引导我获得快速漏洞赏金](https://mp.weixin.qq.com/s?__biz=MzkwOTE5MDY5NA==&mid=2247504845&idx=1&sn=8c8fa9f474d370a021e30aa8209268ac) + - [ ] [码住!一次把CISP认证说清楚](https://mp.weixin.qq.com/s?__biz=Mzg4MTg0MjQ5OA==&mid=2247487899&idx=1&sn=f5087c557ca623669bc4a1ad49138032) + - [ ] [一次性把中东关系讲清楚:中东地区的情报战略](https://mp.weixin.qq.com/s?__biz=MzkwNzM0NzA5MA==&mid=2247505221&idx=1&sn=b0a5ccbab53fc8198452223d8cb6eb62) + - [ ] [特朗普“重返中亚”:经济与能源的“双重奏”](https://mp.weixin.qq.com/s?__biz=MzkwNzM0NzA5MA==&mid=2247505221&idx=2&sn=a237923be240db67501e67e018240b6e) + - [ ] [万物随春醒 云堤护网宁](https://mp.weixin.qq.com/s?__biz=MzkxNDY0MjMxNQ==&mid=2247532981&idx=1&sn=a02ca7b9dd52b7b11881079f1e0485aa) + - [ ] [Active Directory Domain Services 权限提升漏洞 (CVE-2025-21293)](https://mp.weixin.qq.com/s?__biz=MzAxODM5ODQzNQ==&mid=2247487001&idx=1&sn=eaae88e6f2b15e26732ca6b90fb5ca69) + - [ ] [Flask代码审计从思路到实战](https://mp.weixin.qq.com/s?__biz=MzkyNTUyNDMyOA==&mid=2247487699&idx=1&sn=34f12cfc82af827d58e8d758143316bf) + - [ ] [OSCP考试必备:最全实战命令手册](https://mp.weixin.qq.com/s?__biz=Mzk0ODY1NzEwMA==&mid=2247486694&idx=1&sn=1cdf7df2384a0e643d3f364d5e3040f1) + - [ ] [麻省理工科技评论:2025年AI五大趋势](https://mp.weixin.qq.com/s?__biz=MzUzODYyMDIzNw==&mid=2247516971&idx=1&sn=65365df101260e7ccf5f42018c654110) + - [ ] [立春|春之启幕 万物生晖](https://mp.weixin.qq.com/s?__biz=MzIxNDIzNTcxMg==&mid=2247506764&idx=1&sn=ce887174eaa79679513bf66138d1fe3b) + - [ ] [内网横向渗透之Windows连接技巧](https://mp.weixin.qq.com/s?__biz=MjM5MjEyMTcyMQ==&mid=2651037466&idx=1&sn=fd456a13dbe3d7a82884d0b43cb51f82) + - [ ] [今日立春](https://mp.weixin.qq.com/s?__biz=Mzg3NTU3NTY0Nw==&mid=2247489552&idx=1&sn=7bf9b6c74a63b3620493157b380a8849) + - [ ] [大年初六 银蛇报春](https://mp.weixin.qq.com/s?__biz=Mzg2MTU5ODQ2Mg==&mid=2247507178&idx=1&sn=d90f00dc663f73a9b5d1e9b926920bc3) + - [ ] [数字取证之法律遵从性u200c](https://mp.weixin.qq.com/s?__biz=MjM5OTk4MDE2MA==&mid=2655265046&idx=1&sn=37f22293698b7e90fd4cc49c08fbc426) + - [ ] [网安原创文章推荐【2025/2/2】](https://mp.weixin.qq.com/s?__biz=MzAxNzg3NzMyNQ==&mid=2247489552&idx=1&sn=4cdba465482fcd99df63ffa4bf4ac236) + - [ ] [以色列间谍无需点击即可入侵 WhatsApp](https://mp.weixin.qq.com/s?__biz=MzkzNDIzNDUxOQ==&mid=2247494727&idx=1&sn=92a7f62638a9a6dc5e71a39655e2b9f1) + - [ ] [大年初六 | 金蛇昂首,“巳”如破竹](https://mp.weixin.qq.com/s?__biz=MzA4MTg0MDQ4Nw==&mid=2247579301&idx=1&sn=35ed47abf0879798ddd2a03509c33f87) + - [ ] [老板让我节后研究一下deepseek](https://mp.weixin.qq.com/s?__biz=Mzk0MTI4NTIzNQ==&mid=2247492302&idx=1&sn=bd877522ae6488d1ff49f8325ab6b720) + - [ ] [程序员注定被淘汰](https://mp.weixin.qq.com/s?__biz=Mzk0MTI4NTIzNQ==&mid=2247492302&idx=2&sn=0144e48c3daefe11282c0145291f06d4) + - [ ] [大年初六丨安天镇关给您拜年了](https://mp.weixin.qq.com/s?__biz=MjM5MTA3Nzk4MQ==&mid=2650209932&idx=1&sn=ffcf5ae2b2a579a036936f3d466c4a18) - Security Boulevard - - [ ] [DEF CON 32 – Navigating the Turbulent Skies of Aviation Cyber Regulation](https://securityboulevard.com/2025/02/def-con-32-navigating-the-turbulent-skies-of-aviation-cyber-regulation-2/) - - [ ] [Hackers Hijack JFK File Release: Malware & Phishing Surge](https://securityboulevard.com/2025/02/hackers-hijack-jfk-file-release-malware-phishing-surge/) - - [ ] [Core Features in NSFOCUS RSAS R04F04 1-2](https://securityboulevard.com/2025/02/core-features-in-nsfocus-rsas-r04f04-1-2/) -- Private Feed for M09Ic - - [ ] [mgeeky starred Teach2Breach/rust_api_demo](https://github.com/Teach2Breach/rust_api_demo) - - [ ] [zer0yu starred LaurentMazare/tch-rs](https://github.com/LaurentMazare/tch-rs) - - [ ] [zer0yu starred guillaume-be/rust-bert](https://github.com/guillaume-be/rust-bert) - - [ ] [zer0yu starred ldclabs/anda](https://github.com/ldclabs/anda) - - [ ] [zer0yu starred HKUDS/MiniRAG](https://github.com/HKUDS/MiniRAG) - - [ ] [phith0n starred X1a0He/X1a0HeWeChatPlugin](https://github.com/X1a0He/X1a0HeWeChatPlugin) - - [ ] [mgeeky starred megadose/holehe](https://github.com/megadose/holehe) - - [ ] [b1nhack starred b1nhack/nvim](https://github.com/b1nhack/nvim) - - [ ] [zer0yu started following karpathy](https://github.com/karpathy) - - [ ] [zer0yu started following wdndev](https://github.com/wdndev) - - [ ] [zer0yu starred wdndev/tiny-llm-zh](https://github.com/wdndev/tiny-llm-zh) - - [ ] [lz520520 forked lz520520/rust-native-tls from sfackler/rust-native-tls](https://github.com/lz520520/rust-native-tls) + - [ ] [Orca Security Adds Additional CNAPP Deployment Options](https://securityboulevard.com/2025/02/orca-security-adds-additional-cnapp-deployment-options/) + - [ ] [Meet Rule Architect: Your AI-Powered WAF Rule Expert | Impart Security](https://securityboulevard.com/2025/02/meet-rule-architect-your-ai-powered-waf-rule-expert-impart-security/) + - [ ] [CISA/FDA Warn: Chinese Patient Monitors Have BAD Bugs](https://securityboulevard.com/2025/02/contec-epsimed-china-fda-cisa-richixbw/) + - [ ] [Randall Munroe’s XKCD ‘AlphaMove’](https://securityboulevard.com/2025/02/randall-munroes-xkcd-alphamove/) + - [ ] [HIPAA Cybersecurity Requirements and Best Practices](https://securityboulevard.com/2025/02/hipaa-cybersecurity-requirements-and-best-practices/) + - [ ] [How to create realistic test data for PostgreSQL](https://securityboulevard.com/2025/02/how-to-create-realistic-test-data-for-postgresql/) + - [ ] [Mockaroo and Tonic: Partners in mock data generation](https://securityboulevard.com/2025/02/mockaroo-and-tonic-partners-in-mock-data-generation/) + - [ ] [Why I joined Tonic: A product manager’s perspective](https://securityboulevard.com/2025/02/why-i-joined-tonic-a-product-managers-perspective/) + - [ ] [The Secret to Your Artifactory: Inside The Attacker Kill-Chain](https://securityboulevard.com/2025/02/the-secret-to-your-artifactory-inside-the-attacker-kill-chain/) + - [ ] [DEF CON 32 – Exposing Attacks Hiding In The Sheer Noise Of False Positives](https://securityboulevard.com/2025/02/def-con-32-exposing-attacks-hiding-in-the-sheer-noise-of-false-positives/) - Recent Commits to cve:main - - [ ] [Update Sun Feb 2 20:27:07 UTC 2025](https://github.com/trickest/cve/commit/fcf3014fa98cc26f06af3e2bab5e9248e80b149f) - - [ ] [Update Sun Feb 2 12:20:58 UTC 2025](https://github.com/trickest/cve/commit/a65cb4569063b4a65b895041ed0abcdb1df57ff9) - - [ ] [Update Sun Feb 2 04:21:00 UTC 2025](https://github.com/trickest/cve/commit/3e10a03ba05176de772d99d5a5a2c51ac1c34160) -- 一个被知识诅咒的人 - - [ ] [【人工智能】使用Python和Hugging Face构建情感分析应用:从模型训练到Web部署](https://blog.csdn.net/nokiaguy/article/details/145420450) - - [ ] [【人工智能】深入探索Python中的自注意力机制:实现Transformer的核心组件](https://blog.csdn.net/nokiaguy/article/details/145420439) -- obaby@mars - - [ ] [年复一年](https://h4ck.org.cn/2025/02/19063) -- Blogs on STAR Labs - - [ ] [Mali-cious Intent: Exploiting GPU Vulnerabilities (CVE-2022-22706 / CVE-2021-39793)](https://starlabs.sg/blog/2025/12-mali-cious-intent-exploiting-gpu-vulnerabilities-cve-2022-22706/) -- MaskRay - - [ ] [lld 20 ELF changes](https://maskray.me/blog/2025-02-02-lld-20-elf-changes) -- Blog – Red Siege Information Security - - [ ] [Red Siege at Wild West Hackin’ Fest Mile High 2025 – What to Expect!](https://redsiege.com/blog/2025/02/red-siege-at-wild-west-hackin-fest-mile-high-2025-what-to-expect/) -- Blogs dade - - [ ] [Weekly Retro 2025-W05](https://0xda.de/blog/2025/02/weekly-retro-2025-w05/) -- Bug Bounty in InfoSec Write-ups on Medium - - [ ] [How I Earned $200 Using GitHub Dorking P=2:Advanced GitHub Dorking: More Secrets, More Automation…](https://infosecwriteups.com/advanced-github-dorking-more-secrets-more-automation-more-bounties-f39dd553b1c2?source=rss----7b722bfd1b8d--bug_bounty) -- 安全分析与研究 - - [ ] [一款使用Rust编写的PE加壳器](https://mp.weixin.qq.com/s?__biz=MzA4ODEyODA3MQ==&mid=2247490280&idx=1&sn=27a8a52ec1103e01e0110d3cd8177b5d&chksm=902fb5c0a7583cd6218d677628b2525d44e71fe4a1a277e33d09f2eb178e9d0f3d1b7f16868b&scene=58&subscene=0#rd) + - [ ] [Update Mon Feb 3 20:25:45 UTC 2025](https://github.com/trickest/cve/commit/547eaddf6f9cd1e8e42627d796880a8f88ae171a) + - [ ] [Update Mon Feb 3 12:25:21 UTC 2025](https://github.com/trickest/cve/commit/c19a224cde37606b534e629bf1ee9e3a4e6f38b4) + - [ ] [Update Mon Feb 3 04:22:25 UTC 2025](https://github.com/trickest/cve/commit/364e032b264aaf1c882aaefa99178147eb6b841a) +- SecWiki News + - [ ] [SecWiki News 2025-02-03 Review](http://www.sec-wiki.com/?2025-02-03) +- Private Feed for M09Ic + - [ ] [phith0n starred Huanshere/VideoLingo](https://github.com/Huanshere/VideoLingo) + - [ ] [mitre forked mitre/salsa from salsa-rs/salsa](https://github.com/mitre/salsa) + - [ ] [Safe3 released UUSEC WAF Community Edition v6.4.0 at Safe3/uuWAF](https://github.com/Safe3/uuWAF/releases/tag/v6.4.0) + - [ ] [CHYbeta starred Kelvin-1013/Solana-Arbitrage-Bot](https://github.com/Kelvin-1013/Solana-Arbitrage-Bot) + - [ ] [boy-hack starred dyyz1993/twitter-monitor](https://github.com/dyyz1993/twitter-monitor) + - [ ] [gh0stkey starred veracrypt/VeraCrypt](https://github.com/veracrypt/VeraCrypt) + - [ ] [phra starred cmu-sei/GHOSTS](https://github.com/cmu-sei/GHOSTS) + - [ ] [gh0stkey starred browser-use/web-ui](https://github.com/browser-use/web-ui) + - [ ] [gh0stkey starred browser-use/browser-use](https://github.com/browser-use/browser-use) + - [ ] [wabzsy starred SpeedyOrc-C/HoYo-Glyphs](https://github.com/SpeedyOrc-C/HoYo-Glyphs) + - [ ] [wabzsy starred ading2210/linuxpdf](https://github.com/ading2210/linuxpdf) +- Publications | Outflank + - [ ] [Secure Enclaves for Offensive Operations (Part I)](https://www.outflank.nl/blog/2025/02/03/secure-enclaves-for-offensive-operations-part-i/) +- Horizon3.ai + - [ ] [Securing Financial Services: From Promises to Proof with NodeZero®](https://www.horizon3.ai/intelligence/blogs/securing-financial-services-from-promises-to-proof-with-nodezero/) +- Twitter @bytehx + - [ ] [RT Jayesh Madnani: 🚀 Unspoken Bug Bounty Rules – From many years of failures & experience! 🕵️‍♂️ Got a similar bug across multiple assets b...](https://x.com/bytehx343/status/1886462043009769629) + - [ ] [Re @l33tdawg @Verichains Congrats man🎉🎉🎉🎉](https://x.com/bytehx343/status/1886368068483649594) + - [ ] [RT yso: Just uploaded my Bluetooth security testing slides! 📡 Also, Škoda disclosed a vulnerability I reported—they fixed & rewarded it fast! �...](https://x.com/bytehx343/status/1886367495373848670) +- SentinelOne + - [ ] [macOS FlexibleFerret | Further Variants of DPRK Malware Family Unearthed](https://www.sentinelone.com/blog/macos-flexibleferret-further-variants-of-dprk-malware-family-unearthed/) +- Malwarebytes + - [ ] [WhatsApp says Paragon is spying on specific users](https://www.malwarebytes.com/blog/news/2025/02/whatsapp-says-paragon-is-spying-on-specific-users) + - [ ] [A week in security (January 27 – February 2)](https://www.malwarebytes.com/blog/news/2025/02/a-week-in-security-january-27-february-2-2) +- Reverse Engineering + - [ ] [/r/ReverseEngineering's Weekly Questions Thread](https://www.reddit.com/r/ReverseEngineering/comments/1igk62y/rreverseengineerings_weekly_questions_thread/) + - [ ] [Lifting Binaries, Part 0: Devirtualizing VMProtect and Themida: It’s Just Flattening?](https://www.reddit.com/r/ReverseEngineering/comments/1igx34h/lifting_binaries_part_0_devirtualizing_vmprotect/) + - [ ] [Disassembling a binary: linear sweep and recursive traversal](https://www.reddit.com/r/ReverseEngineering/comments/1ih3ga3/disassembling_a_binary_linear_sweep_and_recursive/) + - [ ] [Is there a way to reverse Agile.NET compiled library for NinjaTrader 8?](https://www.reddit.com/r/ReverseEngineering/comments/1iguky3/is_there_a_way_to_reverse_agilenet_compiled/) + - [ ] [AMD: Microcode Signature Verification Vulnerability](https://www.reddit.com/r/ReverseEngineering/comments/1ih3ez3/amd_microcode_signature_verification_vulnerability/) +- glzjin + - [ ] [懒猫微服外挂ProxmoxVE启动方法说明](https://www.zhaoj.in/read-9077.html) +- Webroot Blog + - [ ] [MDR for MSPs: Navigating EDR compatibility](https://www.webroot.com/blog/2025/02/03/mdr-for-msps-navigating-edr-compatibility/) +- FreeBuf网络安全行业门户 + - [ ] [2024年768个CVE漏洞被利用,较2023年增长20%](https://www.freebuf.com/vuls/421042.html) + - [ ] [Shiro CVE-2023-34478 路径规范化不一致](https://www.freebuf.com/vuls/421037.html) + - [ ] [思科研究发现DeepSeek R1极易受有害提示影响](https://www.freebuf.com/articles/421045.html) + - [ ] [俄语系邪恶黑客团伙操纵10余种高度专业化的社交媒体诈骗](https://www.freebuf.com/articles/network/421044.html) + - [ ] [恶意软件冒充DeepSeek AI工具在PyPI上传播](https://www.freebuf.com/articles/421046.html) + - [ ] [疯狂邪恶团伙利用StealC、AMOS和Angel Drainer恶意软件瞄准加密货币](https://www.freebuf.com/articles/network/421028.html) +- daniel.haxx.se + - [ ] [European Open Source Achievement Award](https://daniel.haxx.se/blog/2025/02/03/european-open-source-achievement-award/) +- 奇客Solidot–传递最新科技情报 + - [ ] [天文学家发现一巨型射电星系](https://www.solidot.org/story?sid=80466) + - [ ] [过去四十年海洋表面变暖速度翻了两番](https://www.solidot.org/story?sid=80465) + - [ ] [Ubuntu 的开发讨论平台将从 IRC 迁移到 Matrix](https://www.solidot.org/story?sid=80464) - 锦行科技 - - [ ] [初五 | 迎财神](https://mp.weixin.qq.com/s?__biz=MzIxNTQxMjQyNg==&mid=2247493742&idx=1&sn=6c298f8ce178ae5f381c68b29f886a7f&chksm=979a13cba0ed9add09c5b22955bcce5e7a177a09072e01fe7ecdb9b58a578e7a75a7338606aa&scene=58&subscene=0#rd) + - [ ] [初六 | 六六大顺](https://mp.weixin.qq.com/s?__biz=MzIxNTQxMjQyNg==&mid=2247493743&idx=1&sn=9735ef44726404099d144253792e54d8&chksm=979a13caa0ed9adca648632b3a4495d3f5749a8ff6f4e170b279b471ff7b6675f7382d149206&scene=58&subscene=0#rd) +- 技可达工作室 + - [ ] [用DeepSeek学习区块链量化](https://mp.weixin.qq.com/s?__biz=MzU3NDY1NTYyOQ==&mid=2247486034&idx=1&sn=c8655d5eb94f15ce10b24ee79ebb2821&chksm=fd2e57b0ca59dea622a62f1323974973b15d0a21a3b284bbaa3832d5fe729c6a28a0bc1f8571&scene=58&subscene=0#rd) +- dotNet安全矩阵 + - [ ] [限时福利 | 2024 年度隧道代理、数据外发、痕迹清理阶段文章和工具汇总](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498677&idx=1&sn=8a4dcac147d84f3f1bd3ccb37a8d5e9e&chksm=fa595558cd2edc4e632bbfa5ccf31a9f66ee0d13161c10d466ac3487177f072458ac51f42af0&scene=58&subscene=0#rd) + - [ ] [总结 | 2024 年度内网实战攻防电子报刊 34 篇文章内容汇总](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498677&idx=2&sn=b973bed512a412529ca496db03a70cb7&chksm=fa595558cd2edc4e0635075a22a66da8311fced2fb3f09b46376c516d06ca1bdf5713c5374f3&scene=58&subscene=0#rd) + - [ ] [2024 年度本地权限操作阶段文章和工具汇总](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498677&idx=3&sn=7bf0c0bc3fdbee0fcbac31d78562ff0f&chksm=fa595558cd2edc4ee958c938fecfe4b37a180940e3b19ba4c06ca3aac6292817262680e954c3&scene=58&subscene=0#rd) +- 安全分析与研究 + - [ ] [恶意样本静态分析-上](https://mp.weixin.qq.com/s?__biz=MzA4ODEyODA3MQ==&mid=2247490311&idx=1&sn=3ddb48128acc2772763bd99ba4cf850a&chksm=902fb42fa7583d39df80656526a79ff7e90160bdaf250c3ef5570920f6290bc7d172804eeeec&scene=58&subscene=0#rd) + - [ ] [APT狩猎工具](https://mp.weixin.qq.com/s?__biz=MzA4ODEyODA3MQ==&mid=2247490311&idx=2&sn=411e5b869e7b4425b9b6ce4d386e170a&chksm=902fb42fa7583d3998df7212df242d3ded6c932acd3b4b8a1fc90df1dcdea22ff764a30d9c03&scene=58&subscene=0#rd) - 吾爱破解论坛 - - [ ] [【2025春节】解题领红包活动排行榜(初五 2/2)](https://mp.weixin.qq.com/s?__biz=MjM5Mjc3MDM2Mw==&mid=2651141668&idx=1&sn=82663ea0981e0c6f1544bb1fe7ab6bb8&chksm=bd50a6708a272f660989d775c0b51760ab65a87bdfaebbc3eb8e52d3797a728c8c3c53cdc3db&scene=58&subscene=0#rd) -- MBHC - - [ ] [DeepSeek(R1) vs Gpt-o3-mini(-high)](https://mp.weixin.qq.com/s?__biz=MzU5Mzk3NTE0Mw==&mid=2247483715&idx=1&sn=8f936ef2f0c039f3e1d7bbf3d7bf66df&chksm=fe09034bc97e8a5d5e70e334a94f5e775517c607f283d57c8b72e82f3e69e3f55861234dbc2d&scene=58&subscene=0#rd) + - [ ] [【2025春节】解题领红包活动排行榜(初六 2/3)](https://mp.weixin.qq.com/s?__biz=MjM5Mjc3MDM2Mw==&mid=2651141670&idx=1&sn=de73fb9cf91c717915c2bd5adcde0c09&chksm=bd50a6728a272f64da4372a71de026e82781be975527fbb78c174055dc84299836178249ac7f&scene=58&subscene=0#rd) +- 丁爸 情报分析师的工具箱 + - [ ] [【资料】生成式人工智能下的世界](https://mp.weixin.qq.com/s?__biz=MzI2MTE0NTE3Mw==&mid=2651148842&idx=1&sn=a98ad85e918a855004f545cb00b2141b&chksm=f1af2510c6d8ac063ffdd7fa3fe1058b652280fbd2ae894b93c5781e7646424e70472f15f631&scene=58&subscene=0#rd) +- 看雪学苑 + - [ ] [浅析代码重定位技术](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458589301&idx=1&sn=f8b5a4c4740123d4431ccb68a9063f17&chksm=b18c28ff86fba1e99cd342a44cbdef0919f382e909a6181f50378ef9f83b9e5a90ed2a4eba53&scene=58&subscene=0#rd) + - [ ] [实用干货!无人机安全攻防入门,速来报名](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458589301&idx=2&sn=cd340085d0abd8a5fc5233d9ec93603f&chksm=b18c28ff86fba1e99daf5639ca2271fc027a1fdf2e613c62c6759c1135458a9f9e5e21bb30f4&scene=58&subscene=0#rd) +- 信息安全国家工程研究中心 + - [ ] [【二十四节气】立春 | 冬去春来万物生](https://mp.weixin.qq.com/s?__biz=MzU5OTQ0NzY3Ng==&mid=2247498793&idx=1&sn=441c9d8c6db5d81afa624f8430127389&chksm=feb67d3ac9c1f42c15e947ca936857e5d5c64261d37496ee03b940a94c66338e2c99840b5e5d&scene=58&subscene=0#rd) +- 安全研究GoSSIP + - [ ] [G.O.S.S.I.P 2025 新春总动员(1):疯狂的PDF](https://mp.weixin.qq.com/s?__biz=Mzg5ODUxMzg0Ng==&mid=2247499652&idx=1&sn=589b1778aa04f72cdc07c947be4bc17c&chksm=c063d15df714584b9680831e04f60a8d775211b89366d6125e8a337aa07a891760a5f272c4ba&scene=58&subscene=0#rd) +- 杨龙 + - [ ] [nginx restart failed:nginx: [alert] OPENSSL_init_ssl() failed (SSL: error:12800067:DSO support routines::could not load the shared library:filename(/snap/certbot/4325/usr/lib/x86_64-linux-gnu/ossl-modules/fips.so): /snap/certbot/4325/usr/lib/x86_64-linux-gnu/ossl-modules/fips.so: cannot open shared object file: No such file or directory error:12800067:DSO support routines::could not load the shared library error:07880025:common libcrypto routines::reason(37):name=fips error:0700006D:configuration file routines::module initialization error:module=providers, value=provider_sect retcode=-1 ) 解决办法](https://www.yanglong.pro/nginx-restart-failednginx-alert-openssl_init_ssl-failed-ssl-error12800067dso-support-routinescould-not-load-the-shared-libraryfilename-snap-certbot-4325-usr-lib-x86_64-linux-gnu-ossl-mod/) +- 中国信息安全 + - [ ] [专家解读 | 推动个人信息出境个人信息保护认证制度落地 促进个人信息高效便利安全跨境流动](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235937&idx=1&sn=d246a29f11e44289e30c16ad02323ea2&chksm=8b580158bc2f884ee870cf909293f550b4c6d68f752798b4305df99158a937ae96c708b46913&scene=58&subscene=0#rd) + - [ ] [征订|欢迎订阅2025年《中国信息安全》杂志](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235937&idx=2&sn=4edccca64682f8f41e9b56497807eb00&chksm=8b580158bc2f884e1eadb1ba8edd1fc7ee1b96d216203155cb5d91797f95b1378359e3428734&scene=58&subscene=0#rd) + - [ ] [专家解读 | 提升数据流通安全治理能力 促进数据流通开发利用](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235937&idx=3&sn=4b74cb1e75a739f80043e4d79c6f19a5&chksm=8b580158bc2f884ec910feed597fb437cb51a6951c0f1ae66fb67ec4ab7d0b6a18b58f8fdeb4&scene=58&subscene=0#rd) + - [ ] [国际 | 日本推进人工智能立法兼顾双重性](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235937&idx=4&sn=f8a6890f42bfbbbee12fcb55f0fde756&chksm=8b580158bc2f884ee7d8be0d3b95af42bf87dc525ebe931098d6678ae4a3721ef29ebeda5c6c&scene=58&subscene=0#rd) + - [ ] [评论 | 铲除“反防沉迷产业链”,撑起“数字晴空”](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235937&idx=5&sn=64e31032d2a327b33ad9368ee8790d3f&chksm=8b580158bc2f884ebdeeb7ed2b4c3494060fcc77a43367fd6ea18e1cc4f062d3772f1dd9519e&scene=58&subscene=0#rd) - 极客公园 - - [ ] [阿西莫夫三定律,还适用于今天的 AI 吗?](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653073110&idx=1&sn=b277757d83dc66d3c5755989bdf48f50&chksm=7e57d36049205a76146ef55cb30a443f45110c7828858b74358ef216851bb3d2050790c61b32&scene=58&subscene=0#rd) - - [ ] [特朗普会面黄仁勋,谈到 DS 和 AI 芯片;小米汽车一月交付超 2 万辆;ChatGPT 去年付费用户增长三倍 | 极客早知道](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653073109&idx=1&sn=3a5c6e9636f6223b1e994a0d7c7ef99e&chksm=7e57d36349205a75d495f380e35da4f2c90ad22710777273824e8a28f1952b68aff534019547&scene=58&subscene=0#rd) -- 火绒安全 - - [ ] [初五财神到,火绒安全祝大家蛇年行大运,事事皆顺遂~](https://mp.weixin.qq.com/s?__biz=MzI3NjYzMDM1Mg==&mid=2247522009&idx=1&sn=427a7360c75c10d3278f62a51ef5b068&chksm=eb7048e6dc07c1f0dfeea1cbf6b85548ce582944fbfea679ffde25c1b6e6d1f148aea83dabc7&scene=58&subscene=0#rd) - - [ ] [诚邀渠道合作伙伴共启新征程](https://mp.weixin.qq.com/s?__biz=MzI3NjYzMDM1Mg==&mid=2247522009&idx=2&sn=ca2b184d62f7ecba76d349a8faa6d2bf&chksm=eb7048e6dc07c1f05ec257548f51393da431feaac3cc1a829fa508cde8291071d95277882a19&scene=58&subscene=0#rd) + - [ ] [为什么说大模型,补上了搜索的最后一块短板](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653073232&idx=1&sn=2e8dd2550e1834a9affa554d120ca22e&chksm=7e57d2e649205bf04b6221d8162c87808b7db4914fb54ed96ff7894c4dbdf9ae2fc3b60d5446&scene=58&subscene=0#rd) + - [ ] [微信视频美颜「仅自己可见」,官方:都能看见;《哪吒 2》破30亿冲击票房冠军;水上机器人救回 3 位溺水者 | 极客早知道](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653073231&idx=1&sn=075c62ad2e8d854da64c1ed036e2bb36&chksm=7e57d2f949205befef103e65c9db8965a3a3a773976308faabe56e0234093ebad38383430fe8&scene=58&subscene=0#rd) +- 情报分析师 + - [ ] [美国为何对 DeepSeek 如此“上心”?一场科技博弈的真相](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650559440&idx=1&sn=a71dae9b931ab06febdba6081a3e1c26&chksm=87117d9bb066f48de68a68083afd89c401fc25c0148c8c7d276322a69401f9f0519b30a3fd15&scene=58&subscene=0#rd) + - [ ] [美国联邦调查局“变天”?特朗普全面清洗大动作曝光](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650559440&idx=2&sn=ac91eaccfce9275a6fd64aed2388e1a6&chksm=87117d9bb066f48d6b4f6c684a3bf0af5da9b279e4674d5c1dc38c70d86f10fae55b46bf64a4&scene=58&subscene=0#rd) +- Black Hills Information Security + - [ ] [Introducing ORBIT, Scan Targets and Clients at Scale](https://www.blackhillsinfosec.com/introducing-orbit-scan-targets-and-clients-at-scale/) - 360数字安全 - - [ ] [国内首家!360推出“DeepSeek版”安全大模型](https://mp.weixin.qq.com/s?__biz=MzA4MTg0MDQ4Nw==&mid=2247579300&idx=1&sn=fb81fc2b90cac494c296287ef221c64f&chksm=9f8d26aca8faafbab862d9d12c16bf810abde53f061e47a38f952b28862d897e8405ebd99be1&scene=58&subscene=0#rd) - - [ ] [大年初五 | 蛇报佳春,万“巳”大吉](https://mp.weixin.qq.com/s?__biz=MzA4MTg0MDQ4Nw==&mid=2247579300&idx=2&sn=c06abb2df32188e9b4d4cda59aad3c1a&chksm=9f8d26aca8faafba2fa3a2ff9c51bb3b8b9909869b1b29790b16afb0c7c3bf5db029ef357909&scene=58&subscene=0#rd) + - [ ] [大年初六 | 金蛇昂首,“巳”如破竹](https://mp.weixin.qq.com/s?__biz=MzA4MTg0MDQ4Nw==&mid=2247579301&idx=1&sn=35ed47abf0879798ddd2a03509c33f87&chksm=9f8d26ada8faafbbbb8a81d52e8929c1dfdcf019590ce3e3b1fffe2c997372f76abc89f2a72f&scene=58&subscene=0#rd) +- Qualys Security Blog + - [ ] [Qualys TotalAppSec Delivers AI-powered Unified Application Risk Management for Modern Web Apps and APIs](https://blog.qualys.com/category/product-tech) - 迪哥讲事 - - [ ] [手把手教你如何本地化部署DeepSeek](https://mp.weixin.qq.com/s?__biz=MzIzMTIzNTM0MA==&mid=2247497017&idx=1&sn=c755513c5dbf6ec01ad0d40eba61ae44&chksm=e8a5ff5adfd2764cbfc5d5022694332b05284a95fecaccdd14aa436daac1a63d33e4089b7287&scene=58&subscene=0#rd) -- 娜璋AI安全之家 - - [ ] [[系统安全] 六十二.恶意软件分析 (13)LLM赋能实现基于机器学习的恶意家族分类(初探)](https://mp.weixin.qq.com/s?__biz=Mzg5MTM5ODU2Mg==&mid=2247501299&idx=1&sn=c461a9440fcea0ecee2c1d78cdda5cdd&chksm=cfcf753ef8b8fc289095d45e909b053dcb87dd4794e462fcf1d60ee5c8e7715cc2f2f8c2af13&scene=58&subscene=0#rd) -- Hacking Exposed Computer Forensics Blog - - [ ] [Daily Blog #737: Sunday Funday 2/2/25](https://www.hecfblog.com/2025/02/daily-blog-737-sunday-funday-2225.html) - - [ ] [Daily Blog #736: Solution Saturday 2/1/25](https://www.hecfblog.com/2025/02/daily-blog-736-solution-saturday-2125.html) + - [ ] [列目录引起的信息泄露获取1w5赏金](https://mp.weixin.qq.com/s?__biz=MzIzMTIzNTM0MA==&mid=2247497023&idx=1&sn=f4dad5920e40978a4ba8d4c41549b151&chksm=e8a5ff5cdfd2764a24279a9dc8a829590dbe024450bedf43308c4ac21ef5ed933c146156054e&scene=58&subscene=0#rd) +- Securityinfo.it + - [ ] [Meta smantella una campagna di spionaggio su WhatsApp](https://www.securityinfo.it/2025/02/03/meta-smantella-una-campagna-di-spionaggio-su-whatsapp/?utm_source=rss&utm_medium=rss&utm_campaign=meta-smantella-una-campagna-di-spionaggio-su-whatsapp) + - [ ] [CERT-AGID 25 – 31 gennaio: attacchi contro funzionari governativi e rappresentanti di ambasciate](https://www.securityinfo.it/2025/02/03/cert-agid-25-31-gennaio-attacchi-funzionari-governativi-rappresentanti-ambasciate/?utm_source=rss&utm_medium=rss&utm_campaign=cert-agid-25-31-gennaio-attacchi-funzionari-governativi-rappresentanti-ambasciate) +- Krypt3ia + - [ ] [Corporate Panopticon: How Big Tech Became the New Surveillance State](https://krypt3ia.wordpress.com/2025/02/03/corporate-panopticon-how-big-tech-became-the-new-surveillance-state/) + - [ ] [Modern Moscow Rules: Counter-Surveillance in the Digital & Physical World](https://krypt3ia.wordpress.com/2025/02/03/modern-moscow-rules-counter-surveillance-in-the-digital-physical-world/) + - [ ] [Krypt3ia Daily Cyber Threat Intelligence (CTI) Digest](https://krypt3ia.wordpress.com/2025/02/03/krypt3ia-daily-cyber-threat-intelligence-cti-digest-8/) - Over Security - Cybersecurity news aggregator - - [ ] [9Lives - 109,515 breached accounts](https://haveibeenpwned.com/PwnedWebsites#9Lives) + - [ ] [‘Yes, this is real’: hackers targeting high-profile X accounts blur fact and fiction](https://therecord.media/hackers-x-accounts-security-crypto) + - [ ] [Amazon Redshift gets new default settings to prevent data breaches](https://www.bleepingcomputer.com/news/security/amazon-redshift-gets-new-default-settings-to-prevent-data-breaches/) + - [ ] [Woman nabbed by Thai police on alleged link to $182 million romance scam](https://therecord.media/arrest-thai-police-woman-romance-scam) + - [ ] [Australia sanctions ‘Terrorgram’ white supremacist online group](https://therecord.media/australia-sanctions-terrorgram-online-hate-group) + - [ ] [Canadian charged in two crypto platform thefts totaling $65 million](https://therecord.media/indictment-canadian-two-cryptocurrency-platform-hacks) + - [ ] [Google fixes Android kernel zero-day exploited in attacks](https://www.bleepingcomputer.com/news/security/google-fixes-android-kernel-zero-day-exploited-in-attacks/) + - [ ] [Journalist targeted on WhatsApp by Paragon spyware: “I feel violated”](https://techcrunch.com/2025/02/03/journalist-targeted-on-whatsapp-by-paragon-spyware-i-feel-violated/) + - [ ] [Canadian charged with stealing $65 million using DeFI crypto exploits](https://www.bleepingcomputer.com/news/security/canadian-charged-with-stealing-65-million-using-defi-crypto-exploits/) + - [ ] [Casio UK online store hacked to steal customer credit cards](https://www.bleepingcomputer.com/news/security/casio-uk-online-store-hacked-to-steal-customer-credit-cards/) + - [ ] [Mississippi electric utility warns 20,000 residents of data breach](https://therecord.media/mississippii-electric-utility-residents-breach) + - [ ] [1win - 96,166,543 breached accounts](https://haveibeenpwned.com/PwnedWebsites#1win) + - [ ] [Kazakhstan to audit foreign ministry after suspected Russia-linked cyberattack](https://therecord.media/kazakhstan-foreign-ministry-cyberattack-russia) + - [ ] [Microsoft kills off Defender 'Privacy Protection' VPN feature](https://www.bleepingcomputer.com/news/microsoft/microsoft-kills-off-defender-privacy-protection-vpn-feature/) + - [ ] [DeepSeek AI tools impersonated by infostealer malware on PyPI](https://www.bleepingcomputer.com/news/security/deepseek-ai-tools-impersonated-by-infostealer-malware-on-pypi/) + - [ ] [Telemarketing e trattamento illecito dei dati: la sanzione privacy a E.On sia monito per tutti](https://www.cybersecurity360.it/news/sanzione-eon-garante-privacy/) + - [ ] [Japanese sportswear company Mizuno confirms data breach after 2024 ransomware claims](https://therecord.media/mizuno-data-breach-notification) + - [ ] [AI Act, scattano i primi divieti: chi rischia le sanzioni e le prossime tappe](https://www.cybersecurity360.it/news/ai-act-scattano-i-primi-divieti-chi-rischia-le-sanzioni-e-le-prossime-tappe/) + - [ ] [Analysis of an advanced malicious Chrome extension](https://palant.info/2025/02/03/analysis-of-an-advanced-malicious-chrome-extension/) + - [ ] [Sweden releases suspected ship, says cable break ‘clearly’ not sabotage](https://therecord.media/sweden-releases-ship-suspected-cable-sabotage) + - [ ] [Cyble Sensors Detect Attacks on Apache OFBiz, Palo Alto Networks](https://cyble.com/blog/cyble-sensors-detect-attacks-on-palo-alto-networks/) + - [ ] [Vidar muta ancora: payload variabile e offuscamento più raffinato per questa nuova ondata](https://cert-agid.gov.it/news/vidar-muta-ancora-payload-variabile-e-offuscamento-piu-raffinato-per-questa-nuova-ondata/) + - [ ] [Russian hackers suspected of compromising British PM’s personal email account](https://therecord.media/keir-starmer-email-hack-russia-suspected) + - [ ] [Apple Issues Security Updates for iOS, macOS, watchOS, and More—Patch Now!](https://cyble.com/blog/apple-fixes-cve-2025-24085-security-update/) + - [ ] [Trump elimina i vincoli all’IA: i rischi cyber e privacy e le questioni etiche](https://www.cybersecurity360.it/cultura-cyber/trump-elimina-i-vincoli-allia-i-rischi-cyber-e-privacy-e-le-questioni-etiche/) + - [ ] [Meta smantella una campagna di spionaggio su WhatsApp](https://www.securityinfo.it/2025/02/03/meta-smantella-una-campagna-di-spionaggio-su-whatsapp/) + - [ ] [PyPI adds project archiving system to stop malicious updates](https://www.bleepingcomputer.com/news/security/pypi-adds-project-archiving-system-to-stop-malicious-updates/) + - [ ] [Vulnerabilità in Cisco Webex Chat, a rischio dati aziendali riservati: come mitigarla](https://www.cybersecurity360.it/news/vulnerabilita-in-cisco-webex-chat-a-rischio-dati-aziendali-riservati-come-mitigarla/) + - [ ] [CERT-AGID 25 – 31 gennaio: attacchi contro funzionari governativi e rappresentanti di ambasciate](https://www.securityinfo.it/2025/02/03/cert-agid-25-31-gennaio-attacchi-funzionari-governativi-rappresentanti-ambasciate/) + - [ ] [DragonNest - 511,290 breached accounts](https://haveibeenpwned.com/PwnedWebsites#DragonNest) +- SANS Internet Storm Center, InfoCON: green + - [ ] [Crypto Wallet Scam, (Mon, Feb 3rd)](https://isc.sans.edu/diary/rss/31646) + - [ ] [ISC Stormcast For Monday, February 3rd, 2025 https://isc.sans.edu/podcastdetail/9306, (Mon, Feb 3rd)](https://isc.sans.edu/diary/rss/31644) +- LuxSci + - [ ] [The Risks of Non-Compliant Email: How HIPAA Violations Hurt Healthcare Companies](https://luxsci.com/blog/the-risks-of-non-compliant-email-how-hipaa-violations-hurt-healthcare-companies.html) +- Posts By SpecterOps Team Members - Medium + - [ ] [Further Adventures With CMPivot — Client Coercion](https://posts.specterops.io/further-adventures-with-cmpivot-client-coercion-38b878b740ac?source=rss----f05f8696e3cc---4) +- ICT Security Magazine + - [ ] [E-Identity ed eIDAS 2.0: l’evoluzione dell’identità digitale europea](https://www.ictsecuritymagazine.com/notizie/e-identity-e-eidas-2-0/) +- Schneier on Security + - [ ] [Journalists and Civil Society Members Using WhatsApp Targeted by Paragon Spyware](https://www.schneier.com/blog/archives/2025/02/journalists-and-civil-society-members-using-whatsapp-targeted-by-paragon-spyware.html) - Have I Been Pwned latest breaches - - [ ] [9Lives - 109,515 breached accounts](https://haveibeenpwned.com/PwnedWebsites#9Lives) -- IT Service Management News - - [ ] [Sicurezza negli esercizi pubblici](http://blog.cesaregallotti.it/2025/02/sicurezza-negli-esercizi-pubblici.html) - - [ ] [Dispositivi medici che mandano dati dei pazienti in Cina](http://blog.cesaregallotti.it/2025/02/dispositivi-medici-che-mandano-dati-dei.html) - - [ ] [Privacy: sanzione a Regione Molise e ai responabili](http://blog.cesaregallotti.it/2025/02/privacy-sanzione-regione-molise-e-ai.html) -- Troy Hunt's Blog - - [ ] [Weekly Update 437](https://www.troyhunt.com/weekly-update-437/) -- Desync InfoSec - - [ ] [LockBit勒索软件案例(CS+Socks5)](https://mp.weixin.qq.com/s?__biz=MzkzMDE3ODc1Mw==&mid=2247489011&idx=1&sn=cdefefd425a7437c3ef0df558eb05375&chksm=c27f665df508ef4b1dd69002004b822d8088e12e7ddb41fb844da301a2dc60d7acacb9ed6733&scene=58&subscene=0#rd) -- Full Disclosure - - [ ] [APPLE-SA-01-30-2025-1 GarageBand 10.4.12](https://seclists.org/fulldisclosure/2025/Feb/2) - - [ ] [Re: Text injection on https://www.google.com/sorry/index via ?q parameter (no XSS)](https://seclists.org/fulldisclosure/2025/Feb/1) - - [ ] [Xinet Elegant 6 Asset Lib Web UI 6.1.655 / SQL Injection / Exploit Update Python3](https://seclists.org/fulldisclosure/2025/Feb/0) + - [ ] [1win - 96,166,543 breached accounts](https://haveibeenpwned.com/PwnedWebsites#1win) + - [ ] [DragonNest - 511,290 breached accounts](https://haveibeenpwned.com/PwnedWebsites#DragonNest) +- TG Soft Software House - News + - [ ] [Phishing: i tentativi di furto credenziali e/o dati maggiormente diffusi nel mese di FEBBRAIO 2025...](http://www.tgsoft.it/italy/news_archivio.asp?id=1609) +- The Register - Security + - [ ] [TSA’s airport facial-recog tech faces audit probe](https://go.theregister.com/feed/www.theregister.com/2025/02/03/tsa_facial_recognition_audit/) + - [ ] [2 officers bailed as anti-corruption unit probes data payouts to N Irish cops](https://go.theregister.com/feed/www.theregister.com/2025/02/03/two_psni_officers_arrested_bailed/) + - [ ] [Privacy Commissioner warns the ‘John Smiths’ of the world can acquire ‘digital doppelgangers’](https://go.theregister.com/feed/www.theregister.com/2025/02/03/australia_digital_doppelgangers_privacy_award/) + - [ ] [Medical monitoring machines spotted stealing patient data, users warned to pull the plug ASAP](https://go.theregister.com/feed/www.theregister.com/2025/02/03/backdoored_contec_patient_monitors_leak_data/) - TorrentFreak - - [ ] [Russia VPN Crackdown Revelation – VPN Sites Hide Their IP Addresses](https://torrentfreak.com/russia-vpn-crackdown-revelation-vpn-sites-hide-their-ip-addresses-250202/) + - [ ] [Publishers Ramp Up Pressure vs. Anna’s Archive, Sci-Hub, Z-Library & Libgen](https://torrentfreak.com/publishers-ramp-up-pressure-vs-annas-archive-sci-hub-z-library-libgen-250203/) + - [ ] [MPA Shares Pirate Site Blocking ‘Best Practices’ at WIPO Meeting](https://torrentfreak.com/mpa-shares-pirate-site-blocking-best-practices-at-wipo-meeting-250203/) - Your Open Hacker Community - - [ ] [Alternative for mnt reform?](https://www.reddit.com/r/HowToHack/comments/1ig2fg0/alternative_for_mnt_reform/) - - [ ] [would it be possible to make a tool that maps out a network automatically?](https://www.reddit.com/r/HowToHack/comments/1ifq4l8/would_it_be_possible_to_make_a_tool_that_maps_out/) - - [ ] [Speed queen NEW model hack needed](https://www.reddit.com/r/HowToHack/comments/1ig61me/speed_queen_new_model_hack_needed/) - - [ ] [Looking to get into a couple Snapchat accounts. Will pay but work has to be done first!! Please reach out if you can help!](https://www.reddit.com/r/HowToHack/comments/1ifwya9/looking_to_get_into_a_couple_snapchat_accounts/) + - [ ] [How do you know what xss payload to use](https://www.reddit.com/r/HowToHack/comments/1igybrw/how_do_you_know_what_xss_payload_to_use/) + - [ ] [What is the best wordlist?](https://www.reddit.com/r/HowToHack/comments/1ih2ewh/what_is_the_best_wordlist/) + - [ ] [Game Save Hack](https://www.reddit.com/r/HowToHack/comments/1ih2139/game_save_hack/) + - [ ] [Need Help Setting Up a Proxy Server for HTTP Custom with Custom Payload on OMV (Debian)](https://www.reddit.com/r/HowToHack/comments/1igprcu/need_help_setting_up_a_proxy_server_for_http/) + - [ ] [Hacking an android device.](https://www.reddit.com/r/HowToHack/comments/1igtb54/hacking_an_android_device/) + - [ ] [SunNxt movies download](https://www.reddit.com/r/HowToHack/comments/1igmnwu/sunnxt_movies_download/) + - [ ] [Hey new guy, I have a question Does anyone have anything that is in url form that i can send my friends that will crash a chromebook.](https://www.reddit.com/r/HowToHack/comments/1igz5tg/hey_new_guy_i_have_a_question_does_anyone_have/) + - [ ] [Tizen os](https://www.reddit.com/r/HowToHack/comments/1igjoy4/tizen_os/) + - [ ] [how to find a password](https://www.reddit.com/r/HowToHack/comments/1igjfkf/how_to_find_a_password/) +- Trend Micro Research, News and Perspectives + - [ ] [Native Sensors vs. Integrations for XDR Platforms?](https://www.trendmicro.com/en_us/research/25/b/native-sensors-integrations-xdr-platform.html) +- Deeplinks + - [ ] [Open Licensing Promotes Culture and Learning. That's Why EFF Is Upgrading its Creative Commons Licenses.](https://www.eff.org/deeplinks/2025/02/open-licensing-promotes-culture-and-learning-thats-why-eff-upgrading-its-creative) +- Technical Information Security Content & Discussion + - [ ] [How Attackers Can Bypass OPA Gatekeeper in Kubernetes Due to Rego Flaws](https://www.reddit.com/r/netsec/comments/1igvgbh/how_attackers_can_bypass_opa_gatekeeper_in/) - Security Affairs - - [ ] [SECURITY AFFAIRS MALWARE NEWSLETTER – ROUND 31](https://securityaffairs.com/173746/malware/security-affairs-malware-newsletter-round-31.html) - - [ ] [Security Affairs newsletter Round 509 by Pierluigi Paganini – INTERNATIONAL EDITION](https://securityaffairs.com/173741/breaking-news/security-affairs-newsletter-round-509-by-pierluigi-paganini-international-edition.html) - - [ ] [WhatsApp disrupted a hacking campaign targeting journalists with Paragon spyware](https://securityaffairs.com/173721/security/whatsapp-disrupted-paragon-spyware-campaign.html) - - [ ] [Ransomware attack hit Indian multinational Tata Technologies](https://securityaffairs.com/173712/cyber-crime/tata-technologies-ransomware-attack.html) -- The Register - Security - - [ ] [What does it mean to build in security from the ground up?](https://go.theregister.com/feed/www.theregister.com/2025/02/02/security_design_choices/) - - [ ] [Gilmore Girls fans nabbed as Eurocops dismantle two major cybercrime forums](https://go.theregister.com/feed/www.theregister.com/2025/02/02/eurocops_takedown_cybercrime/) + - [ ] [Web Skimmer found on at least 17 websites, including Casio UK](https://securityaffairs.com/173797/malware/web-skimmer-casio-uks-site.html) + - [ ] [Crazy Evil gang runs over 10 highly specialized social media scams](https://securityaffairs.com/173784/cyber-crime/crazy-evil-runs-10-social-media-scams.html) + - [ ] [Elon Musk ’s DOGE team granted ‘full access’ to sensitive Treasury systems. What are the risks?](https://securityaffairs.com/173776/security/elon-musk-s-doge-granted-full-access-to-sensitive-treasury-systems.html) + - [ ] [Texas is the first state to ban DeepSeek on government devices](https://securityaffairs.com/173764/laws-and-regulations/texas-bans-deepseek-and-rednote-govt-devices.html) + - [ ] [Law enforcement seized the domains of HeartSender cybercrime marketplaces](https://securityaffairs.com/173750/cyber-crime/heartsender-cybercrime-marketplaces-seized.html) +- Palo Alto Networks Blog + - [ ] [10 Cyber Recommendations for the Trump Administration](https://www.paloaltonetworks.com/blog/2025/02/10-cyber-recommendations-trump-administration/) - Computer Forensics - - [ ] [TCU Passware (2025JAN31)](https://www.reddit.com/r/computerforensics/comments/1igaiem/tcu_passware_2025jan31/) -- 网安寻路人 - - [ ] [DeepSeek的R1与R1-Zero:技术差异与AI风险管控](https://mp.weixin.qq.com/s?__biz=MzIxODM0NDU4MQ==&mid=2247506432&idx=1&sn=ddb2b818c020739b2b004f3cfcb69a91&chksm=97e967eaa09eeefc9023ae78007b8295e56b81a367336405b00fd9e2494d207b2d3cf1fc0ba7&scene=58&subscene=0#rd) + - [ ] [Sigma Rule Repo](https://www.reddit.com/r/computerforensics/comments/1igy288/sigma_rule_repo/) +- The Hacker News + - [ ] [768 CVEs Exploited in 2024, Reflecting a 20% Increase from 639 in 2023](https://thehackernews.com/2025/02/768-cves-exploited-in-2024-reflecting.html) + - [ ] [PyPI Introduces Archival Status to Alert Users About Unmaintained Python Packages](https://thehackernews.com/2025/02/pypi-introduces-archival-status-to.html) + - [ ] [⚡ THN Weekly Recap: Top Cybersecurity Threats, Tools and Tips [27 February]](https://thehackernews.com/2025/02/thn-weekly-recap-top-cybersecurity.html) + - [ ] [Coyote Malware Expands Reach: Now Targets 1,030 Sites and 73 Financial Institutions](https://thehackernews.com/2025/02/coyote-malware-expands-reach-now.html) + - [ ] [What Is Attack Surface Management?](https://thehackernews.com/2025/02/what-is-attack-surface-management.html) + - [ ] [Crazy Evil Gang Targets Crypto with StealC, AMOS, and Angel Drainer Malware](https://thehackernews.com/2025/02/crazy-evil-gang-targets-crypto-with.html) From 03c39faa91c299117b2f3ae2f56ad99a99937022 Mon Sep 17 00:00:00 2001 From: chainreactorbot Date: Wed, 5 Feb 2025 02:46:51 +0000 Subject: [PATCH 29/29] =?UTF-8?q?=E6=AF=8F=E6=97=A5=E5=AE=89=E5=85=A8?= =?UTF-8?q?=E8=B5=84=E8=AE=AF=EF=BC=882025-02-05=EF=BC=89?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- archive/daily/2025/2025-02-05.md | 278 +++++++++++++++ archive/tmp/2025-02-05.json | 336 ++++++++++++++++++ today.md | 562 ++++++++++++++----------------- 3 files changed, 869 insertions(+), 307 deletions(-) create mode 100644 archive/daily/2025/2025-02-05.md create mode 100644 archive/tmp/2025-02-05.json diff --git a/archive/daily/2025/2025-02-05.md b/archive/daily/2025/2025-02-05.md new file mode 100644 index 0000000000..4462f21356 --- /dev/null +++ b/archive/daily/2025/2025-02-05.md @@ -0,0 +1,278 @@ +# 每日安全资讯(2025-02-05) + +- SecWiki News + - [ ] [SecWiki News 2025-02-04 Review](http://www.sec-wiki.com/?2025-02-04) +- Doonsec's feed + - [ ] [机遇与挑战](https://mp.weixin.qq.com/s?__biz=MzkzMDM5NzIwMw==&mid=2247484518&idx=1&sn=861dfb406410914241c67defe6d91ec6) + - [ ] [DeepSeek 本地部署](https://mp.weixin.qq.com/s?__biz=MzIxMTg1ODAwNw==&mid=2247500560&idx=1&sn=981a4f8ada46441d7d74c01205ececcb) + - [ ] [渗透实战 | Solidstate靶机攻防全解析](https://mp.weixin.qq.com/s?__biz=Mzk1NzIzMTA5OA==&mid=2247483757&idx=1&sn=37399e93e3d4548dc019166c317575df) + - [ ] [官网正式开放!](https://mp.weixin.qq.com/s?__biz=Mzk1NzM1OTc3Nw==&mid=2247484012&idx=1&sn=525cd7c3e888f5824a10bce5531d3335) + - [ ] [大年初七丨安天追影给您拜年了](https://mp.weixin.qq.com/s?__biz=MjM5MTA3Nzk4MQ==&mid=2650209960&idx=1&sn=cce56eec596f90bf9a33252c8ee4be97) + - [ ] [AutoPentest:高级渗透测试工程师的终极利器,全流程自动化渗透测试框架](https://mp.weixin.qq.com/s?__biz=MzU2MTc4NTEyNw==&mid=2247486515&idx=1&sn=0b5f8fa5d86a19511ff1833ff2f2753e) + - [ ] [世界需要一个能谋善断的AI(八)AI时代孩子应该学什么?](https://mp.weixin.qq.com/s?__biz=MzAxOTk3NTg5OQ==&mid=2247492389&idx=1&sn=c171fc4e63e7f7cfbc596aeab35787f0) + - [ ] [我用deepseek发现了未来10年的数字取证趋势洞察](https://mp.weixin.qq.com/s?__biz=MzI1NDMxOTkyNw==&mid=2247485302&idx=1&sn=1a68901f191f7fefe71debe1bd108ed2) + - [ ] [Deepseek-R1的本地部署](https://mp.weixin.qq.com/s?__biz=MzkwOTE3MzAxOA==&mid=2247485406&idx=1&sn=6a49483a834622537b994a92e30c0d40) + - [ ] [从deepseek安全问题看NTP反射放大攻击](https://mp.weixin.qq.com/s?__biz=MzI3NzM5NDA0NA==&mid=2247490347&idx=1&sn=796ff74be44d20c70c2e5561993c0b7e) + - [ ] [秦安:DeepSeek暴起,警惕核心成员人身安全,美国已准备偷走一切](https://mp.weixin.qq.com/s?__biz=MzA5MDg1MDUyMA==&mid=2650476644&idx=1&sn=bc0eed8cf42c9fa9145c1cf3e4a0296d) + - [ ] [牟林:驳AI时代记忆力无用论](https://mp.weixin.qq.com/s?__biz=MzA5MDg1MDUyMA==&mid=2650476644&idx=2&sn=bf786eb84d21ed3384a20b81bbb0197e) + - [ ] [PyTorch入门 (1)环境搭建、神经网络普及和Torch基础知识](https://mp.weixin.qq.com/s?__biz=Mzg5MTM5ODU2Mg==&mid=2247501337&idx=1&sn=1d5b325bd3781d3366805cba31133082) + - [ ] [人工智能网络安全协作手册](https://mp.weixin.qq.com/s?__biz=MjM5OTk4MDE2MA==&mid=2655265068&idx=1&sn=7c48aa185e4e30f0ea044f459095282b) + - [ ] [论文阅读:AI学习之钥](https://mp.weixin.qq.com/s?__biz=MzI3MDY0Nzg1Nw==&mid=2247489484&idx=1&sn=a9627e1c551186695cc7a37f2571eba9) + - [ ] [新时代来啦,文科生找不到工作了!!?](https://mp.weixin.qq.com/s?__biz=Mzk1NzI0MzI5NQ==&mid=2247484496&idx=1&sn=2730838d475ea6288615f7b14a756b7c) + - [ ] [管理型交换机与非管理型交换机有何不同?](https://mp.weixin.qq.com/s?__biz=MzIyMzIwNzAxMQ==&mid=2649464791&idx=1&sn=db6607f928d3206cdcf8611183f65f7a) + - [ ] [感谢你们,无名英雄!](https://mp.weixin.qq.com/s?__biz=Mzg2NDg2MDIxNQ==&mid=2247485359&idx=1&sn=45de5f58cb6cdf2fa36baff08d30530b) + - [ ] [一文带你了解私有云、公有云与混合云有啥区别?](https://mp.weixin.qq.com/s?__biz=MzUyNTExOTY1Nw==&mid=2247528084&idx=1&sn=7376e68f2ffd9a33b74b4ab0e939d753) + - [ ] [G.O.S.S.I.P 2025 新春总动员(2):反编译研究的又一年](https://mp.weixin.qq.com/s?__biz=Mzg5ODUxMzg0Ng==&mid=2247499661&idx=1&sn=76d0e94d245ff6aa345521b8bf4a4f17) + - [ ] [帆软bi反序列化漏洞利用工具更新V3.0](https://mp.weixin.qq.com/s?__biz=Mzk0ODM0NDIxNQ==&mid=2247493428&idx=1&sn=47039c762156ca739f4badbe020d9d88) + - [ ] [【2025-02-04】黑客新闻摘要](https://mp.weixin.qq.com/s?__biz=MzIzNDU5NTI4OQ==&mid=2247488418&idx=1&sn=6d2a64739172e951c2d890e6de5ab459) + - [ ] [无点击钓鱼?微软超高危RCE漏洞](https://mp.weixin.qq.com/s?__biz=Mzk0NzM4NzI1MA==&mid=2247486241&idx=1&sn=42301175cbc8633a71f78d3d218df92b) + - [ ] [DeepSeek + Continue:Android 开发效率提升 10 倍的秘密!](https://mp.weixin.qq.com/s?__biz=Mzg2NzUzNzk1Mw==&mid=2247497214&idx=1&sn=d3776e4e8ce79ffe90b533ae95255b10) + - [ ] [DeepSeek杀死传统IT企业,踢开数据资产时代](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485513&idx=1&sn=c43833b381cb5b9889364d3f24bad740) + - [ ] [【干货原创】实网攻防演习常态化,会带来什么变化01](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485513&idx=4&sn=380d80ccf94e80cfd466ad9e7065f575) + - [ ] [【干货原创】K12教育,鲜为人知的模式秘密](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485513&idx=5&sn=575e333e1d71235af0b5590e1f9fa643) + - [ ] [原创文章目录](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485513&idx=6&sn=cc8803c8db1225a47f371c81fcea8ae5) + - [ ] [智能汽车网络安全防护与实践](https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247620476&idx=1&sn=af68a1f6710033f23125f04671ad2ace) + - [ ] [GB_T 44778-2024 汽车诊断接口信息安全技术要求及试验方法](https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247620476&idx=2&sn=8b39c245f8173951afe0c24ffa5aa1ae) + - [ ] [GB T 44774-2024 汽车信息安全应急响应管理规范-市场监督总局、国标委](https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247620476&idx=3&sn=6e3161777dcde192f99276ab32c7d775) + - [ ] [DeepSeek帮你公众号优化:从300到1万粉的实战步骤](https://mp.weixin.qq.com/s?__biz=MzA3NDE0NTY0OQ==&mid=2247484336&idx=1&sn=a1535d993012628894c32e35fab37a31) + - [ ] [车联网TSP为什么要用MQTT协议传输数据?](https://mp.weixin.qq.com/s?__biz=MzIzOTc2OTAxMg==&mid=2247549672&idx=1&sn=5f641d8680e8b46ac05ff87f3966eeb8) + - [ ] [一文详解AUTOSAR DLT模块](https://mp.weixin.qq.com/s?__biz=MzIzOTc2OTAxMg==&mid=2247549672&idx=2&sn=d45d7f3ddbf98e8a3089a7870892f8c5) + - [ ] [【手慢无】DeepSeek崩疯了吧?速领2000万Token平替方案!华为云护航稳如狗](https://mp.weixin.qq.com/s?__biz=MzIxMTEyOTM2Ng==&mid=2247504554&idx=1&sn=d1c0bedfb35d58181772200167e62945) + - [ ] [尝试获取一下DeepSeek的系统设定提示词](https://mp.weixin.qq.com/s?__biz=MzkwODQyMjgwNg==&mid=2247485477&idx=1&sn=e1a235c3682fd02117efd82ddf409722) + - [ ] [天线的性能参数之相位中心(一)](https://mp.weixin.qq.com/s?__biz=MzI3NzQ3NzY4OA==&mid=2247484089&idx=1&sn=b3643b7cc01c397bba3be4ee3e4daabe) + - [ ] [靶场系列之Kioptix Level 2014](https://mp.weixin.qq.com/s?__biz=Mzk1NzIzNjM0OQ==&mid=2247484191&idx=1&sn=ec856f2469e9eacf45eb7780f12aa7a3) + - [ ] [以亲身安全经历聊聊安全方向、价值与未来](https://mp.weixin.qq.com/s?__biz=MzA4ODEyODA3MQ==&mid=2247490317&idx=1&sn=5c05e289a164028bc3044f962294c041) + - [ ] [我让AI当黑客!基于DeepSeek+ollama的网安神器开发实录,效率提升300%](https://mp.weixin.qq.com/s?__biz=MzkxMTUwOTY1MA==&mid=2247490204&idx=1&sn=4f7cfbc7db9862c3f46da030ce3d8cf4) + - [ ] [2025年美国BIS《AI扩散框架》解析:芯片篇](https://mp.weixin.qq.com/s?__biz=MzIxODM0NDU4MQ==&mid=2247506458&idx=1&sn=ecec764ff424e604de3eaa973d8cf71b) + - [ ] [本地部署DeepSeek R1模型并打造专属的AI知识库](https://mp.weixin.qq.com/s?__biz=Mzg2MjgwMzIxMA==&mid=2247484907&idx=1&sn=7a4e902606cb6ac2e7399b9e8a2875a3) + - [ ] [问deepseek,人生的意义是什么?](https://mp.weixin.qq.com/s?__biz=Mzk0MTI4NTIzNQ==&mid=2247492324&idx=1&sn=c671e860833125f018fb28ee2b7b8781) + - [ ] [【免杀实践】 二进制文件分析与利用,不一样的免杀思路](https://mp.weixin.qq.com/s?__biz=MzkyNDUzNjk4MQ==&mid=2247484838&idx=1&sn=8cbc7c76746c3394f941a64a079e9843) + - [ ] [【工具推荐】 - ZeroEye3.0自动化找白文件,提升免杀效率,实现降本增效](https://mp.weixin.qq.com/s?__biz=MzkyNDUzNjk4MQ==&mid=2247484838&idx=2&sn=05e53e2cd408fbe1112c378c6a781673) + - [ ] [【免杀实战】 - R3Kill掉system启动的火绒6.0主程序 * 追加篇](https://mp.weixin.qq.com/s?__biz=MzkyNDUzNjk4MQ==&mid=2247484838&idx=3&sn=b6a0f2530a90f15d4efc6b42faf0fcea) + - [ ] [新春惊喜大放送!70+本中国信通院权威报告合集等你来领,错过等一年!](https://mp.weixin.qq.com/s?__biz=MzU1OTUxNTI1NA==&mid=2247592487&idx=1&sn=3fdcd70f034216b522f2ee1a966921d0) + - [ ] [5款常用的漏洞扫描工具,网安人得会吧~](https://mp.weixin.qq.com/s?__biz=MzkxMzMyNzMyMA==&mid=2247570696&idx=1&sn=9cc57dc2e85ffaab5367dae31cdb200e) + - [ ] [非法获取抖音用户个人信息:4 人获刑](https://mp.weixin.qq.com/s?__biz=MzIxMDIwODM2MA==&mid=2653931486&idx=1&sn=e89bc8c9d204591a2da50214281eb74d) + - [ ] [“红客”or“哄客”——圈内专业技术人士锐评网红真相](https://mp.weixin.qq.com/s?__biz=MzUyOTcyNDg1OA==&mid=2247484250&idx=1&sn=94e06ec43a13647767b677efe6ba963e) + - [ ] [天选](https://mp.weixin.qq.com/s?__biz=MzAwMjQ2NTQ4Mg==&mid=2247496964&idx=1&sn=644ae05f8a05e277c4261c335cf72d03) + - [ ] [MAC/IP/ARP地址欺骗原理及实践](https://mp.weixin.qq.com/s?__biz=MzAxNTg1MDYxNA==&mid=2247489351&idx=1&sn=4d6173f4e6f7c1b8dc7b9a5dc319e3d6) + - [ ] [谷歌公司涉嫌违反反垄断法 市场监管总局依法决定立案调查](https://mp.weixin.qq.com/s?__biz=MjM5MzMwMDU5NQ==&mid=2649170589&idx=1&sn=469b0572be4635c66fcce9f37510fe5b) + - [ ] [德媒:DeepSeek成就凸显美国科技制裁失败](https://mp.weixin.qq.com/s?__biz=MjM5MzMwMDU5NQ==&mid=2649170589&idx=2&sn=ce5c9252c1eeccd6872ee2680bb7a70e) + - [ ] [黑客都是靠什么赚钱的?](https://mp.weixin.qq.com/s?__biz=MzU3MjczNzA1Ng==&mid=2247495758&idx=1&sn=5e537120cd28303ed00ae6d3ca0efb2d) + - [ ] [黑客装逼网站大全,零基础入门到精通,收藏这一篇就够了](https://mp.weixin.qq.com/s?__biz=MzU3MjczNzA1Ng==&mid=2247495758&idx=2&sn=4f52b2ba449f57337e7d31e8ae692806) + - [ ] [24H2 新的稳定的绕过ASLR的技术是什么?](https://mp.weixin.qq.com/s?__biz=MzU4OTk0NDMzOA==&mid=2247490058&idx=1&sn=37b966891237588d072307fc6742c256) + - [ ] [OpenAI发布Deep Research深度研究功能](https://mp.weixin.qq.com/s?__biz=MzkxNzY0Mzg2OQ==&mid=2247486288&idx=1&sn=f587ddb1e682cdb2c5b7dcd64122811a) +- A Few Thoughts on Cryptographic Engineering + - [ ] [How to prove false statements? (Part 1)](https://blog.cryptographyengineering.com/2025/02/04/how-to-prove-false-statements-part-1/) +- Armin Ronacher's Thoughts and Writings + - [ ] [Fat Rand: How Many Lines Do You Need To Generate A Random Number?](http://lucumr.pocoo.org/2025/2/4/fat-rand) +- 世事难料,保持低调 + - [ ] [DeepSeek V2/V3中的MLA和Matrix Absorption](https://blog.csdn.net/ariesjzj/article/details/145392128) +- Trustwave Blog + - [ ] [Trustwave SpiderLabs: Examining How New Ransomware Groups Emerge](https://www.trustwave.com/en-us/resources/blogs/trustwave-blog/trustwave-spiderlabs-examining-how-new-ransomware-groups-emerge/) +- Tenable Blog + - [ ] [CISA Releases FOCAL Plan to Help Federal Agencies Reduce Cyber Risk](https://www.tenable.com/blog/cisa-releases-focal-plan-to-help-federal-agencies-reduce-cyber-risk) +- Security Boulevard + - [ ] [How Imperva Infused AI Throughout Research and Development](https://securityboulevard.com/2025/02/how-imperva-infused-ai-throughout-research-and-development/) + - [ ] [DEF CON 32 – Hacker Vs. AI Perspectives From An Ex-Spy](https://securityboulevard.com/2025/02/def-con-32-hacker-vs-ai-perspectives-from-an-ex-spy/) + - [ ] [Cyberhaven: A Wake-Up Call for Consent Phishing Risks | Grip](https://securityboulevard.com/2025/02/cyberhaven-a-wake-up-call-for-consent-phishing-risks-grip/) + - [ ] [Randall Munroe’s XKCD ‘Stromatolites’](https://securityboulevard.com/2025/02/randall-munroes-xkcd-stromatolites/) + - [ ] [Survey Sees Organizations Being Overwhelmed by Remediation Challenges](https://securityboulevard.com/2025/02/survey-sees-organizations-being-overwhelmed-by-remediation-challenges/) + - [ ] [Anomalies are not Enough](https://securityboulevard.com/2025/02/anomalies-are-not-enough/) + - [ ] [AttackIQ Bolsters Cyber Defenses with DeepSurface’s Risk-Analysis Tech](https://securityboulevard.com/2025/02/attackiq-bolsters-cyber-defenses-with-deepsurfaces-risk-analysis-tech/) + - [ ] [How bots and fraudsters exploit free tiers in AI SaaS](https://securityboulevard.com/2025/02/how-bots-and-fraudsters-exploit-free-tiers-in-ai-saas/) + - [ ] [DEF CON 32 – D0N0H4RM Cyber STEM Storytime](https://securityboulevard.com/2025/02/def-con-32-d0n0h4rm-cyber-stem-storytime/) + - [ ] [Top 15 Cloud Compliance Tools in 2025](https://securityboulevard.com/2025/02/top-15-cloud-compliance-tools-in-2025/) +- Private Feed for M09Ic + - [ ] [zer0yu starred flexflow/flexflow-train](https://github.com/flexflow/flexflow-train) + - [ ] [zer0yu starred deepspeedai/DeepSpeed](https://github.com/deepspeedai/DeepSpeed) + - [ ] [Freakboy starred klausw/hackerskeyboard](https://github.com/klausw/hackerskeyboard) + - [ ] [mgeeky starred airbus-seclab/soxy](https://github.com/airbus-seclab/soxy) + - [ ] [phith0n released 1.0 at vulhub/rocketmq-attack](https://github.com/vulhub/rocketmq-attack/releases/tag/1.0) + - [ ] [phith0n created a repository vulhub/rocketmq-attack](https://github.com/vulhub/rocketmq-attack//) + - [ ] [INotGreen starred netbiosX/AMSI-Provider](https://github.com/netbiosX/AMSI-Provider) + - [ ] [zer0yu starred airbus-seclab/bincat](https://github.com/airbus-seclab/bincat) + - [ ] [zer0yu starred airbus-seclab/soxy](https://github.com/airbus-seclab/soxy) + - [ ] [INotGreen starred jborean93/AmsiProvider](https://github.com/jborean93/AmsiProvider) + - [ ] [niudaii starred dyyz1993/twitter-monitor](https://github.com/dyyz1993/twitter-monitor) +- Recent Commits to cve:main + - [ ] [Update Tue Feb 4 20:32:01 UTC 2025](https://github.com/trickest/cve/commit/4a5361dc1eae2ea00fbfc91dceab648791976c24) + - [ ] [Update Tue Feb 4 12:24:03 UTC 2025](https://github.com/trickest/cve/commit/4553f118ae05848a0b87e7f13dd0e71467f284b8) + - [ ] [Update Tue Feb 4 04:24:21 UTC 2025](https://github.com/trickest/cve/commit/b8e3c9c765f22bbf4d8d5019707cf0dc32ea5bd0) +- 一个被知识诅咒的人 + - [ ] [【人工智能】掌握图像风格迁移:使用Python实现艺术风格的自动化迁移](https://blog.csdn.net/nokiaguy/article/details/145442258) + - [ ] [【人工智能】多模态学习在Python中的应用:结合图像与文本数据的深度探索](https://blog.csdn.net/nokiaguy/article/details/145442242) +- Bug Bounty in InfoSec Write-ups on Medium + - [ ] [Google did an Oopsie: a simple IDOR worth $3,133.7](https://infosecwriteups.com/google-did-an-oopsie-a-simple-idor-worth-3-133-7-2abefaef954d?source=rss----7b722bfd1b8d--bug_bounty) + - [ ] [Google: HTML Injection Bug](https://infosecwriteups.com/google-html-injection-bug-14a50e12bb96?source=rss----7b722bfd1b8d--bug_bounty) +- GuidePoint Security + - [ ] [GRIT’s 2025 Report: Annual Vulnerability Analysis and Exploitation Trends](https://www.guidepointsecurity.com/blog/grits-2025-report-annual-vulnerability-analysis-and-exploitation-trends/) +- Twitter @bytehx + - [ ] [Re @busf4ctor @Hacker0x01 Congrats! Is it the epic games one?](https://x.com/bytehx343/status/1886823603263692950) +- VMRay + - [ ] [Fully undetected Shell Script dropping macOS Atomic Stealer](https://www.vmray.com/fully-undetected-shell-script-dropping-macos-atomic-stealer/) +- Malwarebytes + - [ ] [Valley News Live exposed more than a million job seeker’s resumes](https://www.malwarebytes.com/blog/news/2025/02/valley-news-live-exposed-more-than-a-million-job-seekers-resumes) + - [ ] [New AI “agents” could hold people for ransom in 2025](https://www.malwarebytes.com/blog/news/2025/02/new-ai-agents-could-hold-people-for-ransom-in-2025) +- SpiderLabs Blog + - [ ] [Beyond the Chatbot: Meta Phishing with Fake Live Support](https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/beyond-the-chatbot-meta-phishing-with-fake-live-support/) +- Reverse Engineering + - [ ] [Cloudflare jsd challenge reverse engineered (cf_clearance)](https://www.reddit.com/r/ReverseEngineering/comments/1ihcivi/cloudflare_jsd_challenge_reverse_engineered_cf/) +- PortSwigger Research + - [ ] [Top 10 web hacking techniques of 2024](https://portswigger.net/research/top-10-web-hacking-techniques-of-2024) +- FreeBuf网络安全行业门户 + - [ ] [FreeBuf早报 | 关于Deepseek的一些普遍误读;黑客利用7-Zip零日漏洞部署恶意软件](https://www.freebuf.com/news/421061.html) +- 奇客Solidot–传递最新科技情报 + - [ ] [Freedesktop 和 Alpine Linux 寻找新托管商](https://www.solidot.org/story?sid=80467) +- 安全分析与研究 + - [ ] [以亲身安全经历聊聊安全方向、价值与未来](https://mp.weixin.qq.com/s?__biz=MzA4ODEyODA3MQ==&mid=2247490317&idx=1&sn=5c05e289a164028bc3044f962294c041&chksm=902fb425a7583d33ffe98bf9bce591842d91643609f7c7b5f3f5a2caa72c373f14fb3b1a9743&scene=58&subscene=0#rd) +- 杨龙 + - [ ] [Nginx+PHP服务器上传限制调节](https://www.yanglong.pro/blog%e6%9c%8d%e5%8a%a1%e5%99%a8%e4%b8%8a%e4%bc%a0%e9%99%90%e5%88%b6%e8%b0%83%e8%8a%82/) +- 锦行科技 + - [ ] [初七 | 人日吉祥](https://mp.weixin.qq.com/s?__biz=MzIxNTQxMjQyNg==&mid=2247493744&idx=1&sn=f67c79d0ee451159f9d8b63a31ffa483&chksm=979a13d5a0ed9ac319549b9b712bc1aaa0e74fc7af62ce670d3fd7dd98dcd7e2a5fdafcffd0e&scene=58&subscene=0#rd) +- 吾爱破解论坛 + - [ ] [分享图片](https://mp.weixin.qq.com/s?__biz=MjM5Mjc3MDM2Mw==&mid=2651141676&idx=1&sn=72023018cd03f75887c2ed1741e5e8e0&chksm=bd50a6788a272f6e033dd144a7bc829356b6797d17d157f1399ae32d8c859579132739f55f0a&scene=58&subscene=0#rd) +- dotNet安全矩阵 + - [ ] [最后一天福利 | 2024年度WebShell专题、内存马技术、反序列化漏洞文章和工具汇总](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498718&idx=1&sn=0bbf3d272f4c72302d21c151106a9275&chksm=fa595533cd2edc25867405807f8e4bfdee1cf510746683efe669fd6a09f3f08f97c6e86ca47a&scene=58&subscene=0#rd) + - [ ] [.NET 安全基础入门学习知识库](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498718&idx=2&sn=19e62b92cf72c453cb87a2a849165c10&chksm=fa595533cd2edc256454361bd96cb15ab09cfeb56264abdb375529be15ba79d7ad6d882db94d&scene=58&subscene=0#rd) + - [ ] [2024 年度隧道代理、数据外发、痕迹清理阶段文章和工具汇总](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498718&idx=3&sn=30beabdcff16e3ec0dbe4096cab483fd&chksm=fa595533cd2edc2557a91d1a20e49233529988735a1ad63c2cd1bae1ecbc24e58d482683612c&scene=58&subscene=0#rd) +- 安全学术圈 + - [ ] [北京理工大学 | 利用高鲁棒流量表示瓦解网站指纹防御](https://mp.weixin.qq.com/s?__biz=MzU5MTM5MTQ2MA==&mid=2247491622&idx=1&sn=9c8adf0775c59b6630c5d518da11bfb0&chksm=fe2d1fadc95a96bb9fa8fc64e04a456bff174e4505248f2b146e3d41250a796cb38e0dbd16bf&scene=58&subscene=0#rd) +- 安全研究GoSSIP + - [ ] [G.O.S.S.I.P 2025 新春总动员(2):反编译研究的又一年](https://mp.weixin.qq.com/s?__biz=Mzg5ODUxMzg0Ng==&mid=2247499661&idx=1&sn=76d0e94d245ff6aa345521b8bf4a4f17&chksm=c063d154f71458428c47a7c127c7aa10098db4d0d64253424108bd5b79a87e3ac38ff18f37a1&scene=58&subscene=0#rd) +- 中国信息安全 + - [ ] [专家解读 | 刘贤刚:以高水平安全保障数据合规高效流通利用](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235998&idx=1&sn=e5c48f11f03db570c3a90816bad8c1d5&chksm=8b580127bc2f88316c198cf75c2984eb2176621a4368b7312cebbfdc9e66ac0f70bf9c3fd6d7&scene=58&subscene=0#rd) + - [ ] [专家解读 | 吴沈括:科学建构个人信息保护认证 促进数据高效便利安全跨境流动](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235998&idx=2&sn=90c7e93a07b50d82c6780007144f2d20&chksm=8b580127bc2f8831c2460a0a643f82b36a62568c56e94926687d95d3a05855c445fc8913c5b5&scene=58&subscene=0#rd) + - [ ] [专家观点 | 数据资产登记:推动数字经济发展的关键钥匙](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235998&idx=3&sn=9b9ac7c176f476f344450cffb04b11cd&chksm=8b580127bc2f883187630723c5ed285c07e34d481fd7ea76c5f77d255726091eda39ad2724e0&scene=58&subscene=0#rd) + - [ ] [专家观点 | 卫生健康数据资产全过程管理的法治路径](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235998&idx=4&sn=eea10396ff51751871886d0c472aa6c7&chksm=8b580127bc2f883149290247051a17f092c240538939cc329863fe5813572399c064e87f28a9&scene=58&subscene=0#rd) +- 360数字安全 + - [ ] [大年初七 | 祥蛇送安,前程“巳”锦](https://mp.weixin.qq.com/s?__biz=MzA4MTg0MDQ4Nw==&mid=2247579302&idx=1&sn=312f41b6a398879cd51cef2086bd411c&chksm=9f8d26aea8faafb813d81d84efc298f6ab32c3d59c70e3f11e053e9786c9ce8062c7bf2520e7&scene=58&subscene=0#rd) +- 极客公园 + - [ ] [小米股价创新高,市值突破万亿;披头士 「AI 歌曲」获格莱美大奖;《流浪地球 3》三月开机,开招演员|极客早知道](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653073254&idx=1&sn=4c63eb6266e84fc673589f365a56ba3b&chksm=7e57d2d049205bc6a939ef6ca8c4912447c4fe10f231e12d472569c227579674ab0c653e00d5&scene=58&subscene=0#rd) +- Over Security - Cybersecurity news aggregator + - [ ] [Union groups sue Treasury over giving DOGE access to sensitive data](https://therecord.media/union-groups-sue-treasury-over-giving-doge-access-to-data) + - [ ] [Zyxel won’t patch newly exploited flaws in end-of-life routers](https://www.bleepingcomputer.com/news/security/zyxel-wont-patch-newly-exploited-flaws-in-end-of-life-routers/) + - [ ] [Spyware maker Paragon confirms U.S. government is a customer](https://techcrunch.com/2025/02/04/spyware-maker-paragon-confirms-u-s-government-is-a-customer/) + - [ ] [Proposal for federal cyber scholarship, with service requirement, returns in House](https://therecord.media/pivott-act-returns-cyber-scholarships-rep-mark-green) + - [ ] [Google Play, Apple App Store apps caught stealing crypto wallets](https://www.bleepingcomputer.com/news/mobile/google-play-apple-app-store-apps-caught-stealing-crypto-wallets/) + - [ ] [Grubhub says hack on third-party exposed information on campus customers](https://therecord.media/grubhub-says-third-party-hack-exposed-campus-customers) + - [ ] [Cyber agencies share security guidance for network edge devices](https://www.bleepingcomputer.com/news/security/cyber-agencies-share-security-guidance-for-network-edge-devices/) + - [ ] [Chinese cyberspies use new SSH backdoor in network device hacks](https://www.bleepingcomputer.com/news/security/chinese-cyberspies-use-new-ssh-backdoor-in-network-device-hacks/) + - [ ] [Botnet: cosa sono, come funzionano, i consigli per proteggere la rete aziendale dagli zombie del Web](https://www.cybersecurity360.it/nuove-minacce/botnet-cosa-sono-come-funzionano-e-come-proteggere-la-rete-aziendale-dagli-zombie-del-web/) + - [ ] [Aggiornamenti Android febbraio 2025, corretta una vulnerabilità sfruttata attivamente: i dettagli](https://www.cybersecurity360.it/news/aggiornamenti-android-febbraio-2025-corretta-una-vulnerabilita-sfruttata-attivamente-i-dettagli/) + - [ ] [Who’s Behind the Seized Forums ‘Cracked’ & ‘Nulled’?](https://krebsonsecurity.com/2025/02/whos-behind-the-seized-forums-cracked-nulled/) + - [ ] [Netgear warns users to patch critical WiFi router vulnerabilities](https://www.bleepingcomputer.com/news/security/netgear-warns-users-to-patch-critical-wifi-router-vulnerabilities/) + - [ ] [Russian cyber research companies post alerts about infostealer, industrial threats](https://therecord.media/russia-cybersecurity-research-bizone-nova-infostealer) + - [ ] [Aquabot, il malware che prende di mira i sistemi telefonici VoIP: come difendersi](https://www.cybersecurity360.it/nuove-minacce/aquabot-il-malware-che-prende-di-mira-i-sistemi-telefonici-voip-come-difendersi/) + - [ ] [How hackers target your Active Directory with breached VPN passwords](https://www.bleepingcomputer.com/news/security/how-hackers-target-your-active-directory-with-breached-vpn-passwords/) + - [ ] [California man steals $50 million using fake investment sites, gets 7 years](https://www.bleepingcomputer.com/news/security/california-man-steals-50-million-using-fake-investment-sites-gets-7-years/) + - [ ] [35 anni di ransomware: com’è evoluta la minaccia e com’è cambiato il modo di difendersi](https://www.cybersecurity360.it/nuove-minacce/ransomware/cisco-35-anni-ransomware/) + - [ ] [7-Zip MotW bypass exploited in zero-day attacks against Ukraine](https://www.bleepingcomputer.com/news/security/7-zip-motw-bypass-exploited-in-zero-day-attacks-against-ukraine/) + - [ ] [Data breach del FSE Molise, tutta la catena di trattamento dati è responsabile: ecco perché](https://www.cybersecurity360.it/news/data-breach-del-fse-molise-tutta-la-catena-di-trattamento-dati-e-responsabile-ecco-perche/) + - [ ] [DeepSeek’s Growing Influence Sparks a Surge in Frauds and Phishing Attacks](https://cyble.com/blog/deepseeks-growing-influence-surge-frauds-phishing-attacks/) + - [ ] [NETGEAR Urges Immediate Firmware Updates for Critical Security Flaws](https://cyble.com/blog/netgear-issues-security-severe-rce-vulnerabilities/) + - [ ] [Il DPO nel percorso di adeguamento alla NIS 2: spettatore o protagonista?](https://www.cybersecurity360.it/legal/privacy-dati-personali/il-dpo-nel-percorso-di-adeguamento-alla-nis-2-spettatore-o-protagonista/) + - [ ] [Release Notes: System Updates, New YARA and Suricata Rules, Signatures, and More](https://any.run/cybersecurity-blog/release-notes-january-2025/) + - [ ] [Detection engineering at scale: one step closer (part two)](https://blog.sekoia.io/detection-engineering-at-scale-one-step-closer-part-two/) + - [ ] [GrubHub data breach impacts customers, drivers, and merchants](https://www.bleepingcomputer.com/news/security/grubhub-data-breach-impacts-customers-drivers-and-merchants/) + - [ ] [Security Operations Report - Gennaio 2025](https://www.certego.net/blog/whitepaper-secops-report-gennaio-2025/) + - [ ] [Sophos acquisisce Secureworks e diventa il principale fornitore di servizi MDR](https://www.securityinfo.it/2025/02/04/sophos-acquisisce-secureworks-e-diventa-il-principale-fornitore-di-servizi-mdr/) + - [ ] [PoinCampus - 89,116 breached accounts](https://haveibeenpwned.com/PwnedWebsites#PoinCampus) + - [ ] [First Apple-notarized porn app available to iPhone users in Europe](https://www.bleepingcomputer.com/news/apple/first-apple-notarized-porn-app-available-to-iphone-users-in-europe/) + - [ ] [As DOGE teams plug into federal networks, cybersecurity risks could be huge, experts say](https://therecord.media/doge-opm-treasury-cybersecurity) +- 迪哥讲事 + - [ ] [限时福利 | 新年规划](https://mp.weixin.qq.com/s?__biz=MzIzMTIzNTM0MA==&mid=2247497034&idx=1&sn=9db28c4110f936bdab5fdc4d4a08bbe0&chksm=e8a5ff29dfd2763f82c4e66f8a055d79d8a9c6af1a96e1dba7c49d0a9ae1fea0ac4905fd16b0&scene=58&subscene=0#rd) +- bellingcat + - [ ] [Satellite Imagery Shows Schools and Hospitals Destroyed in Northern Gaza](https://www.bellingcat.com/news/2025/02/04/satellite-imagery-shows-schools-and-hospitals-destroyed-in-northern-gaza/) +- 娜璋AI安全之家 + - [ ] [PyTorch入门 (1)环境搭建、神经网络普及和Torch基础知识](https://mp.weixin.qq.com/s?__biz=Mzg5MTM5ODU2Mg==&mid=2247501337&idx=1&sn=1d5b325bd3781d3366805cba31133082&chksm=cfcf76d4f8b8ffc2bbf9a0d4b21b1d25fdb22fba974fb45849f750a272269e03399a890e940f&scene=58&subscene=0#rd) +- Securityinfo.it + - [ ] [Sophos acquisisce Secureworks e diventa il principale fornitore di servizi MDR](https://www.securityinfo.it/2025/02/04/sophos-acquisisce-secureworks-e-diventa-il-principale-fornitore-di-servizi-mdr/?utm_source=rss&utm_medium=rss&utm_campaign=sophos-acquisisce-secureworks-e-diventa-il-principale-fornitore-di-servizi-mdr) +- Hacking Exposed Computer Forensics Blog + - [ ] [Daily Blog #738: Arsenal Recon LevelDB Recon](https://www.hecfblog.com/2025/02/daily-blog-738-arsenal-recon-leveldb.html) +- ICT Security Magazine + - [ ] [Cyber Crime Conference 2025, partecipa il 16 e 17 aprile a Roma](https://www.ictsecuritymagazine.com/notizie/cyber-crime-conference-2025/) + - [ ] [Criminalità informatica in Europa: l’analisi Eurojust-Europol 2024](https://www.ictsecuritymagazine.com/notizie/criminalita-informatica-2024/) +- SANS Internet Storm Center, InfoCON: green + - [ ] [Some updates to our data feeds, (Tue, Feb 4th)](https://isc.sans.edu/diary/rss/31650) + - [ ] [ISC Stormcast For Tuesday, February 4th, 2025 https://isc.sans.edu/podcastdetail/9308, (Tue, Feb 4th)](https://isc.sans.edu/diary/rss/31648) +- Have I Been Pwned latest breaches + - [ ] [PoinCampus - 89,116 breached accounts](https://haveibeenpwned.com/PwnedWebsites#PoinCampus) +- Tor Project blog + - [ ] [New Release: Tor Browser 14.0.5](https://blog.torproject.org/new-release-tor-browser-1405/) +- Full Disclosure + - [ ] [KL-001-2025-002: Checkmk NagVis Remote Code Execution](https://seclists.org/fulldisclosure/2025/Feb/4) + - [ ] [KL-001-2025-001: Checkmk NagVis Reflected Cross-site Scripting](https://seclists.org/fulldisclosure/2025/Feb/3) +- Krypt3ia + - [ ] [Krypt3ia Daily Cyber Threat Intelligence (CTI) Digest](https://krypt3ia.wordpress.com/2025/02/04/krypt3ia-daily-cyber-threat-intelligence-cti-digest-9/) +- TorrentFreak + - [ ] [LaLiga: Cloudflare, Google and X Are Essential Piracy Facilitators](https://torrentfreak.com/laliga-cloudflare-google-and-x-are-essential-piracy-facilitators-250204/) +- The Hacker News + - [ ] [Malicious Go Package Exploits Module Mirror Caching for Persistent Remote Access](https://thehackernews.com/2025/02/malicious-go-package-exploits-module.html) + - [ ] [Russian Cybercrime Groups Exploiting 7-Zip Flaw to Bypass Windows MotW Protections](https://thehackernews.com/2025/02/russian-cybercrime-groups-exploiting-7.html) + - [ ] [North Korean Hackers Deploy FERRET Malware via Fake Job Interviews on macOS](https://thehackernews.com/2025/02/north-korean-hackers-deploy-ferret.html) + - [ ] [Watch Out For These 8 Cloud Security Shifts in 2025](https://thehackernews.com/2025/02/watch-out-for-these-8-cloud-security.html) + - [ ] [Taiwan Bans DeepSeek AI Over National Security Concerns, Citing Data Leakage Risks](https://thehackernews.com/2025/02/taiwan-bans-deepseek-ai-over-national.html) + - [ ] [AMD SEV-SNP Vulnerability Allows Malicious Microcode Injection with Admin Access](https://thehackernews.com/2025/02/amd-sev-snp-vulnerability-allows.html) + - [ ] [Microsoft Patches Critical Azure AI Face Service Vulnerability with CVSS 9.9 Score](https://thehackernews.com/2025/02/microsoft-patches-critical-azure-ai.html) + - [ ] [Google Patches 47 Android Security Flaws, Including Actively Exploited CVE-2024-53104](https://thehackernews.com/2025/02/google-patches-47-android-security.html) + - [ ] [Microsoft SharePoint Connector Flaw Could've Enabled Credential Theft Across Power Platform](https://thehackernews.com/2025/02/microsoft-sharepoint-connector-flaw.html) +- Trend Micro Research, News and Perspectives + - [ ] [CVE-2025-0411: Ukrainian Organizations Targeted in Zero-Day Campaign and Homoglyph Attacks](https://www.trendmicro.com/en_us/research/25/a/cve-2025-0411-ukrainian-organizations-targeted.html) +- Graham Cluley + - [ ] [The AI Fix #36: A DeepSeek special](https://grahamcluley.com/the-ai-fix-36/) +- The Register - Security + - [ ] [Google: How to make any AMD Zen CPU always generate 4 as a random number](https://go.theregister.com/feed/www.theregister.com/2025/02/04/google_amd_microcode/) + - [ ] [Poisoned Go programming language package lay undetected for 3 years](https://go.theregister.com/feed/www.theregister.com/2025/02/04/golang_supply_chain_attack/) + - [ ] [Grubhub serves up security incident with a side of needing to change your password](https://go.theregister.com/feed/www.theregister.com/2025/02/04/grubhub_data_incident/) + - [ ] [US accuses Canadian math prodigy of $65M crypto scheme](https://go.theregister.com/feed/www.theregister.com/2025/02/04/math_prodigy_crypto_scheme/) + - [ ] [Cyberattack on NHS causes hospitals to miss cancer care targets](https://go.theregister.com/feed/www.theregister.com/2025/02/04/cyberattack_on_nhs_hospitals_sees/) + - [ ] [Abandoned AWS S3 buckets can be reused in supply-chain attacks that would make SolarWinds look 'insignificant'](https://go.theregister.com/feed/www.theregister.com/2025/02/04/abandoned_aws_s3/) + - [ ] [UK govt must learn fast and let failing projects die young](https://go.theregister.com/feed/www.theregister.com/2025/02/04/ukgov_must_embrace_a_fastlearning/) + - [ ] [Google patches odd Android kernel security bug amid signs of targeted exploitation](https://go.theregister.com/feed/www.theregister.com/2025/02/04/google_android_patch_netgear/) + - [ ] [Why digital resilience is critical to banks](https://go.theregister.com/feed/www.theregister.com/2025/02/04/why_digital_resilience_is_critical/) +- Security Affairs + - [ ] [Netgear urges users to upgrade two flaws impacting WiFi router models](https://securityaffairs.com/173839/security/netgear-wifi-routers-flaws.html) + - [ ] [AMD fixed a flaw that allowed to load malicious microcode](https://securityaffairs.com/173831/security/amd-flaw-allowed-load-malicious-microcode.html) + - [ ] [Coyote Banking Trojan targets Brazilian users, stealing data from 70+ financial apps and websites](https://securityaffairs.com/173818/malware/coyote-banking-trojan-targets-brazilian-users.html) + - [ ] [Google fixed actively exploited kernel zero-day flaw](https://securityaffairs.com/173812/hacking/google-android-kernel-zero-day-flaw.html) +- Schneier on Security + - [ ] [Deepfakes and the 2024 US Election](https://www.schneier.com/blog/archives/2025/02/deepfakes-and-the-2024-us-election.html) +- Deeplinks + - [ ] [European Commission Gets Dinged for Unlawful Data Transfer, Sending a Big Message About Accountability](https://www.eff.org/deeplinks/2025/02/courts-fine-against-european-commission-unlawful-personal-data-transfer-small) + - [ ] [Key Issues Shaping State-Level Tech Policy](https://www.eff.org/deeplinks/2025/02/key-issues-shaping-state-level-tech-policy) + - [ ] [How State Tech Policies in 2024 Set the Stage for 2025](https://www.eff.org/deeplinks/2025/02/how-state-tech-policies-2024-set-stage-2025) +- Technical Information Security Content & Discussion + - [ ] [Replacing a Space Heater Firmware over WiFi](https://www.reddit.com/r/netsec/comments/1ihtrx0/replacing_a_space_heater_firmware_over_wifi/) + - [ ] [8 Million Requests Later, We Made The SolarWinds Supply Chain Attack Look Amateur - watchTowr Labs](https://www.reddit.com/r/netsec/comments/1ihf6qt/8_million_requests_later_we_made_the_solarwinds/) + - [ ] [Now live: Our Global InfoSec Salary Index for 2025 - with full dataset in the Public Domain :)](https://www.reddit.com/r/netsec/comments/1ihlqeq/now_live_our_global_infosec_salary_index_for_2025/) + - [ ] [Top 10 (new) web hacking techniques of 2024](https://www.reddit.com/r/netsec/comments/1ihl0w9/top_10_new_web_hacking_techniques_of_2024/) + - [ ] [How to prove false statements? (Part 1)](https://www.reddit.com/r/netsec/comments/1ihth34/how_to_prove_false_statements_part_1/) + - [ ] [Collabfiltrator 4.0.1 Plugin released! New SQLi DNS exfiltration capabilities available in BurpSuite. Download it from the BApp Store.](https://www.reddit.com/r/netsec/comments/1ihjlku/collabfiltrator_401_plugin_released_new_sqli_dns/) + - [ ] [Masquerade the Windows "Program Files" path with Unicode "En Quad" character.](https://www.reddit.com/r/netsec/comments/1ih7wch/masquerade_the_windows_program_files_path_with/) +- Your Open Hacker Community + - [ ] [hiding processes from tasklist by manipulating ntquerysysteminformation](https://www.reddit.com/r/HowToHack/comments/1ihc0bm/hiding_processes_from_tasklist_by_manipulating/) + - [ ] [John the Ripper Generates a 319 Million Character Hash](https://www.reddit.com/r/HowToHack/comments/1ihb8j6/john_the_ripper_generates_a_319_million_character/) + - [ ] [I want destroy someone...](https://www.reddit.com/r/HowToHack/comments/1ihsbu5/i_want_destroy_someone/) + - [ ] [Help to progress](https://www.reddit.com/r/HowToHack/comments/1ih5log/help_to_progress/) + - [ ] [How to get behind the paywall of this website? (bladet.no)](https://www.reddit.com/r/HowToHack/comments/1ihdpz7/how_to_get_behind_the_paywall_of_this_website/) + - [ ] [Can someone tell me if this code that Chat GPT generated is legit?](https://www.reddit.com/r/HowToHack/comments/1ihdjw7/can_someone_tell_me_if_this_code_that_chat_gpt/) + - [ ] [HELP ???](https://www.reddit.com/r/HowToHack/comments/1ihdbuu/help/) + - [ ] [Suddenly, all my terminal (MacOS) just says "login:incorrect" and all my processes have stopped... What do I do?](https://www.reddit.com/r/HowToHack/comments/1ih6q5k/suddenly_all_my_terminal_macos_just_says/) + - [ ] [I want to make a memory scanner/editor](https://www.reddit.com/r/HowToHack/comments/1ih9evu/i_want_to_make_a_memory_scannereditor/) +- netsecstudents: Subreddit for students studying Network Security and its related subjects + - [ ] [WebGoat and starting with Web App Sec](https://www.reddit.com/r/netsecstudents/comments/1ihivn7/webgoat_and_starting_with_web_app_sec/) +- Blackhat Library: Hacking techniques and research + - [ ] [Spam data](https://www.reddit.com/r/blackhat/comments/1ihi7gq/spam_data/) + - [ ] [Spam](https://www.reddit.com/r/blackhat/comments/1ihi6x6/spam/) +- Computer Forensics + - [ ] [Axiom help](https://www.reddit.com/r/computerforensics/comments/1ihva7p/axiom_help/) + - [ ] [Phone number recovery from GPS tracker device](https://www.reddit.com/r/computerforensics/comments/1ihelkv/phone_number_recovery_from_gps_tracker_device/) + - [ ] [Career Possibilities](https://www.reddit.com/r/computerforensics/comments/1ih9hug/career_possibilities/) + - [ ] [Need help with Internet Archive (Wayback Machine) breach](https://www.reddit.com/r/computerforensics/comments/1ihslo3/need_help_with_internet_archive_wayback_machine/) + - [ ] [Forensic Lab](https://www.reddit.com/r/computerforensics/comments/1ihpjkk/forensic_lab/) + - [ ] [Suggestion for a triage tool with keyword search capability](https://www.reddit.com/r/computerforensics/comments/1ihbu5l/suggestion_for_a_triage_tool_with_keyword_search/) +- Krebs on Security + - [ ] [Who’s Behind the Seized Forums ‘Cracked’ & ‘Nulled’?](https://krebsonsecurity.com/2025/02/whos-behind-the-seized-forums-cracked-nulled/) +- Security Weekly Podcast Network (Audio) + - [ ] [DeepSeek, Nicolas Cage, OpenAI, Hackers, Ransomware, Canada, Joshua Marpet and More - SWN #448](http://sites.libsyn.com/18678/deepseek-nicolas-cage-openai-hackers-ransomware-canada-joshua-marpet-and-more-swn-448) + - [ ] [Threat Modeling That Helps the Business - Akira Brand, Sandy Carielli - ASW #316](http://sites.libsyn.com/18678/threat-modeling-that-helps-the-business-akira-brand-sandy-carielli-asw-316) diff --git a/archive/tmp/2025-02-05.json b/archive/tmp/2025-02-05.json new file mode 100644 index 0000000000..de6a914047 --- /dev/null +++ b/archive/tmp/2025-02-05.json @@ -0,0 +1,336 @@ +{ + "SecWiki News": { + "SecWiki News 2025-02-04 Review": "http://www.sec-wiki.com/?2025-02-04" + }, + "Doonsec's feed": { + "机遇与挑战": "https://mp.weixin.qq.com/s?__biz=MzkzMDM5NzIwMw==&mid=2247484518&idx=1&sn=861dfb406410914241c67defe6d91ec6", + "DeepSeek 本地部署": "https://mp.weixin.qq.com/s?__biz=MzIxMTg1ODAwNw==&mid=2247500560&idx=1&sn=981a4f8ada46441d7d74c01205ececcb", + "渗透实战 | Solidstate靶机攻防全解析": "https://mp.weixin.qq.com/s?__biz=Mzk1NzIzMTA5OA==&mid=2247483757&idx=1&sn=37399e93e3d4548dc019166c317575df", + "官网正式开放!": "https://mp.weixin.qq.com/s?__biz=Mzk1NzM1OTc3Nw==&mid=2247484012&idx=1&sn=525cd7c3e888f5824a10bce5531d3335", + "大年初七丨安天追影给您拜年了": "https://mp.weixin.qq.com/s?__biz=MjM5MTA3Nzk4MQ==&mid=2650209960&idx=1&sn=cce56eec596f90bf9a33252c8ee4be97", + "AutoPentest:高级渗透测试工程师的终极利器,全流程自动化渗透测试框架": "https://mp.weixin.qq.com/s?__biz=MzU2MTc4NTEyNw==&mid=2247486515&idx=1&sn=0b5f8fa5d86a19511ff1833ff2f2753e", + "世界需要一个能谋善断的AI(八)AI时代孩子应该学什么?": "https://mp.weixin.qq.com/s?__biz=MzAxOTk3NTg5OQ==&mid=2247492389&idx=1&sn=c171fc4e63e7f7cfbc596aeab35787f0", + "我用deepseek发现了未来10年的数字取证趋势洞察": "https://mp.weixin.qq.com/s?__biz=MzI1NDMxOTkyNw==&mid=2247485302&idx=1&sn=1a68901f191f7fefe71debe1bd108ed2", + "Deepseek-R1的本地部署": "https://mp.weixin.qq.com/s?__biz=MzkwOTE3MzAxOA==&mid=2247485406&idx=1&sn=6a49483a834622537b994a92e30c0d40", + "从deepseek安全问题看NTP反射放大攻击": "https://mp.weixin.qq.com/s?__biz=MzI3NzM5NDA0NA==&mid=2247490347&idx=1&sn=796ff74be44d20c70c2e5561993c0b7e", + "秦安:DeepSeek暴起,警惕核心成员人身安全,美国已准备偷走一切": "https://mp.weixin.qq.com/s?__biz=MzA5MDg1MDUyMA==&mid=2650476644&idx=1&sn=bc0eed8cf42c9fa9145c1cf3e4a0296d", + "牟林:驳AI时代记忆力无用论": "https://mp.weixin.qq.com/s?__biz=MzA5MDg1MDUyMA==&mid=2650476644&idx=2&sn=bf786eb84d21ed3384a20b81bbb0197e", + "PyTorch入门 (1)环境搭建、神经网络普及和Torch基础知识": "https://mp.weixin.qq.com/s?__biz=Mzg5MTM5ODU2Mg==&mid=2247501337&idx=1&sn=1d5b325bd3781d3366805cba31133082", + "人工智能网络安全协作手册": "https://mp.weixin.qq.com/s?__biz=MjM5OTk4MDE2MA==&mid=2655265068&idx=1&sn=7c48aa185e4e30f0ea044f459095282b", + "论文阅读:AI学习之钥": "https://mp.weixin.qq.com/s?__biz=MzI3MDY0Nzg1Nw==&mid=2247489484&idx=1&sn=a9627e1c551186695cc7a37f2571eba9", + "新时代来啦,文科生找不到工作了!!?": "https://mp.weixin.qq.com/s?__biz=Mzk1NzI0MzI5NQ==&mid=2247484496&idx=1&sn=2730838d475ea6288615f7b14a756b7c", + "管理型交换机与非管理型交换机有何不同?": "https://mp.weixin.qq.com/s?__biz=MzIyMzIwNzAxMQ==&mid=2649464791&idx=1&sn=db6607f928d3206cdcf8611183f65f7a", + "感谢你们,无名英雄!": "https://mp.weixin.qq.com/s?__biz=Mzg2NDg2MDIxNQ==&mid=2247485359&idx=1&sn=45de5f58cb6cdf2fa36baff08d30530b", + "一文带你了解私有云、公有云与混合云有啥区别?": "https://mp.weixin.qq.com/s?__biz=MzUyNTExOTY1Nw==&mid=2247528084&idx=1&sn=7376e68f2ffd9a33b74b4ab0e939d753", + "G.O.S.S.I.P 2025 新春总动员(2):反编译研究的又一年": "https://mp.weixin.qq.com/s?__biz=Mzg5ODUxMzg0Ng==&mid=2247499661&idx=1&sn=76d0e94d245ff6aa345521b8bf4a4f17", + "帆软bi反序列化漏洞利用工具更新V3.0": "https://mp.weixin.qq.com/s?__biz=Mzk0ODM0NDIxNQ==&mid=2247493428&idx=1&sn=47039c762156ca739f4badbe020d9d88", + "【2025-02-04】黑客新闻摘要": "https://mp.weixin.qq.com/s?__biz=MzIzNDU5NTI4OQ==&mid=2247488418&idx=1&sn=6d2a64739172e951c2d890e6de5ab459", + "无点击钓鱼?微软超高危RCE漏洞": "https://mp.weixin.qq.com/s?__biz=Mzk0NzM4NzI1MA==&mid=2247486241&idx=1&sn=42301175cbc8633a71f78d3d218df92b", + "DeepSeek + Continue:Android 开发效率提升 10 倍的秘密!": "https://mp.weixin.qq.com/s?__biz=Mzg2NzUzNzk1Mw==&mid=2247497214&idx=1&sn=d3776e4e8ce79ffe90b533ae95255b10", + "DeepSeek杀死传统IT企业,踢开数据资产时代": "https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485513&idx=1&sn=c43833b381cb5b9889364d3f24bad740", + "【干货原创】实网攻防演习常态化,会带来什么变化01": "https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485513&idx=4&sn=380d80ccf94e80cfd466ad9e7065f575", + "【干货原创】K12教育,鲜为人知的模式秘密": "https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485513&idx=5&sn=575e333e1d71235af0b5590e1f9fa643", + "原创文章目录": "https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485513&idx=6&sn=cc8803c8db1225a47f371c81fcea8ae5", + "智能汽车网络安全防护与实践": "https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247620476&idx=1&sn=af68a1f6710033f23125f04671ad2ace", + "GB_T 44778-2024 汽车诊断接口信息安全技术要求及试验方法": "https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247620476&idx=2&sn=8b39c245f8173951afe0c24ffa5aa1ae", + "GB T 44774-2024 汽车信息安全应急响应管理规范-市场监督总局、国标委": "https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247620476&idx=3&sn=6e3161777dcde192f99276ab32c7d775", + "DeepSeek帮你公众号优化:从300到1万粉的实战步骤": "https://mp.weixin.qq.com/s?__biz=MzA3NDE0NTY0OQ==&mid=2247484336&idx=1&sn=a1535d993012628894c32e35fab37a31", + "车联网TSP为什么要用MQTT协议传输数据?": "https://mp.weixin.qq.com/s?__biz=MzIzOTc2OTAxMg==&mid=2247549672&idx=1&sn=5f641d8680e8b46ac05ff87f3966eeb8", + "一文详解AUTOSAR DLT模块": "https://mp.weixin.qq.com/s?__biz=MzIzOTc2OTAxMg==&mid=2247549672&idx=2&sn=d45d7f3ddbf98e8a3089a7870892f8c5", + "【手慢无】DeepSeek崩疯了吧?速领2000万Token平替方案!华为云护航稳如狗": "https://mp.weixin.qq.com/s?__biz=MzIxMTEyOTM2Ng==&mid=2247504554&idx=1&sn=d1c0bedfb35d58181772200167e62945", + "尝试获取一下DeepSeek的系统设定提示词": "https://mp.weixin.qq.com/s?__biz=MzkwODQyMjgwNg==&mid=2247485477&idx=1&sn=e1a235c3682fd02117efd82ddf409722", + "天线的性能参数之相位中心(一)": "https://mp.weixin.qq.com/s?__biz=MzI3NzQ3NzY4OA==&mid=2247484089&idx=1&sn=b3643b7cc01c397bba3be4ee3e4daabe", + "靶场系列之Kioptix Level 2014": "https://mp.weixin.qq.com/s?__biz=Mzk1NzIzNjM0OQ==&mid=2247484191&idx=1&sn=ec856f2469e9eacf45eb7780f12aa7a3", + "以亲身安全经历聊聊安全方向、价值与未来": "https://mp.weixin.qq.com/s?__biz=MzA4ODEyODA3MQ==&mid=2247490317&idx=1&sn=5c05e289a164028bc3044f962294c041", + "我让AI当黑客!基于DeepSeek+ollama的网安神器开发实录,效率提升300%": "https://mp.weixin.qq.com/s?__biz=MzkxMTUwOTY1MA==&mid=2247490204&idx=1&sn=4f7cfbc7db9862c3f46da030ce3d8cf4", + "2025年美国BIS《AI扩散框架》解析:芯片篇": "https://mp.weixin.qq.com/s?__biz=MzIxODM0NDU4MQ==&mid=2247506458&idx=1&sn=ecec764ff424e604de3eaa973d8cf71b", + "本地部署DeepSeek R1模型并打造专属的AI知识库": "https://mp.weixin.qq.com/s?__biz=Mzg2MjgwMzIxMA==&mid=2247484907&idx=1&sn=7a4e902606cb6ac2e7399b9e8a2875a3", + "问deepseek,人生的意义是什么?": "https://mp.weixin.qq.com/s?__biz=Mzk0MTI4NTIzNQ==&mid=2247492324&idx=1&sn=c671e860833125f018fb28ee2b7b8781", + "【免杀实践】 二进制文件分析与利用,不一样的免杀思路": "https://mp.weixin.qq.com/s?__biz=MzkyNDUzNjk4MQ==&mid=2247484838&idx=1&sn=8cbc7c76746c3394f941a64a079e9843", + "【工具推荐】 - ZeroEye3.0自动化找白文件,提升免杀效率,实现降本增效": "https://mp.weixin.qq.com/s?__biz=MzkyNDUzNjk4MQ==&mid=2247484838&idx=2&sn=05e53e2cd408fbe1112c378c6a781673", + "【免杀实战】 - R3Kill掉system启动的火绒6.0主程序 * 追加篇": "https://mp.weixin.qq.com/s?__biz=MzkyNDUzNjk4MQ==&mid=2247484838&idx=3&sn=b6a0f2530a90f15d4efc6b42faf0fcea", + "新春惊喜大放送!70+本中国信通院权威报告合集等你来领,错过等一年!": "https://mp.weixin.qq.com/s?__biz=MzU1OTUxNTI1NA==&mid=2247592487&idx=1&sn=3fdcd70f034216b522f2ee1a966921d0", + "5款常用的漏洞扫描工具,网安人得会吧~": "https://mp.weixin.qq.com/s?__biz=MzkxMzMyNzMyMA==&mid=2247570696&idx=1&sn=9cc57dc2e85ffaab5367dae31cdb200e", + "非法获取抖音用户个人信息:4 人获刑": "https://mp.weixin.qq.com/s?__biz=MzIxMDIwODM2MA==&mid=2653931486&idx=1&sn=e89bc8c9d204591a2da50214281eb74d", + "“红客”or“哄客”——圈内专业技术人士锐评网红真相": "https://mp.weixin.qq.com/s?__biz=MzUyOTcyNDg1OA==&mid=2247484250&idx=1&sn=94e06ec43a13647767b677efe6ba963e", + "天选": "https://mp.weixin.qq.com/s?__biz=MzAwMjQ2NTQ4Mg==&mid=2247496964&idx=1&sn=644ae05f8a05e277c4261c335cf72d03", + "MAC/IP/ARP地址欺骗原理及实践": "https://mp.weixin.qq.com/s?__biz=MzAxNTg1MDYxNA==&mid=2247489351&idx=1&sn=4d6173f4e6f7c1b8dc7b9a5dc319e3d6", + "谷歌公司涉嫌违反反垄断法 市场监管总局依法决定立案调查": "https://mp.weixin.qq.com/s?__biz=MjM5MzMwMDU5NQ==&mid=2649170589&idx=1&sn=469b0572be4635c66fcce9f37510fe5b", + "德媒:DeepSeek成就凸显美国科技制裁失败": "https://mp.weixin.qq.com/s?__biz=MjM5MzMwMDU5NQ==&mid=2649170589&idx=2&sn=ce5c9252c1eeccd6872ee2680bb7a70e", + "黑客都是靠什么赚钱的?": "https://mp.weixin.qq.com/s?__biz=MzU3MjczNzA1Ng==&mid=2247495758&idx=1&sn=5e537120cd28303ed00ae6d3ca0efb2d", + "黑客装逼网站大全,零基础入门到精通,收藏这一篇就够了": "https://mp.weixin.qq.com/s?__biz=MzU3MjczNzA1Ng==&mid=2247495758&idx=2&sn=4f52b2ba449f57337e7d31e8ae692806", + "24H2 新的稳定的绕过ASLR的技术是什么?": "https://mp.weixin.qq.com/s?__biz=MzU4OTk0NDMzOA==&mid=2247490058&idx=1&sn=37b966891237588d072307fc6742c256", + "OpenAI发布Deep Research深度研究功能": "https://mp.weixin.qq.com/s?__biz=MzkxNzY0Mzg2OQ==&mid=2247486288&idx=1&sn=f587ddb1e682cdb2c5b7dcd64122811a" + }, + "A Few Thoughts on Cryptographic Engineering": { + "How to prove false statements? (Part 1)": "https://blog.cryptographyengineering.com/2025/02/04/how-to-prove-false-statements-part-1/" + }, + "Armin Ronacher's Thoughts and Writings": { + "Fat Rand: How Many Lines Do You Need To Generate A Random Number?": "http://lucumr.pocoo.org/2025/2/4/fat-rand" + }, + "世事难料,保持低调": { + "DeepSeek V2/V3中的MLA和Matrix Absorption": "https://blog.csdn.net/ariesjzj/article/details/145392128" + }, + "Trustwave Blog": { + "Trustwave SpiderLabs: Examining How New Ransomware Groups Emerge": "https://www.trustwave.com/en-us/resources/blogs/trustwave-blog/trustwave-spiderlabs-examining-how-new-ransomware-groups-emerge/" + }, + "Tenable Blog": { + "CISA Releases FOCAL Plan to Help Federal Agencies Reduce Cyber Risk": "https://www.tenable.com/blog/cisa-releases-focal-plan-to-help-federal-agencies-reduce-cyber-risk" + }, + "Security Boulevard": { + "How Imperva Infused AI Throughout Research and Development": "https://securityboulevard.com/2025/02/how-imperva-infused-ai-throughout-research-and-development/", + "DEF CON 32 – Hacker Vs. AI Perspectives From An Ex-Spy": "https://securityboulevard.com/2025/02/def-con-32-hacker-vs-ai-perspectives-from-an-ex-spy/", + "Cyberhaven: A Wake-Up Call for Consent Phishing Risks | Grip": "https://securityboulevard.com/2025/02/cyberhaven-a-wake-up-call-for-consent-phishing-risks-grip/", + "Randall Munroe’s XKCD ‘Stromatolites’": "https://securityboulevard.com/2025/02/randall-munroes-xkcd-stromatolites/", + "Survey Sees Organizations Being Overwhelmed by Remediation Challenges": "https://securityboulevard.com/2025/02/survey-sees-organizations-being-overwhelmed-by-remediation-challenges/", + "Anomalies are not Enough": "https://securityboulevard.com/2025/02/anomalies-are-not-enough/", + "AttackIQ Bolsters Cyber Defenses with DeepSurface’s Risk-Analysis Tech": "https://securityboulevard.com/2025/02/attackiq-bolsters-cyber-defenses-with-deepsurfaces-risk-analysis-tech/", + "How bots and fraudsters exploit free tiers in AI SaaS": "https://securityboulevard.com/2025/02/how-bots-and-fraudsters-exploit-free-tiers-in-ai-saas/", + "DEF CON 32 – D0N0H4RM Cyber STEM Storytime": "https://securityboulevard.com/2025/02/def-con-32-d0n0h4rm-cyber-stem-storytime/", + "Top 15 Cloud Compliance Tools in 2025": "https://securityboulevard.com/2025/02/top-15-cloud-compliance-tools-in-2025/" + }, + "Private Feed for M09Ic": { + "zer0yu starred flexflow/flexflow-train": "https://github.com/flexflow/flexflow-train", + "zer0yu starred deepspeedai/DeepSpeed": "https://github.com/deepspeedai/DeepSpeed", + "Freakboy starred klausw/hackerskeyboard": "https://github.com/klausw/hackerskeyboard", + "mgeeky starred airbus-seclab/soxy": "https://github.com/airbus-seclab/soxy", + "phith0n released 1.0 at vulhub/rocketmq-attack": "https://github.com/vulhub/rocketmq-attack/releases/tag/1.0", + "phith0n created a repository vulhub/rocketmq-attack": "https://github.com/vulhub/rocketmq-attack//", + "INotGreen starred netbiosX/AMSI-Provider": "https://github.com/netbiosX/AMSI-Provider", + "zer0yu starred airbus-seclab/bincat": "https://github.com/airbus-seclab/bincat", + "zer0yu starred airbus-seclab/soxy": "https://github.com/airbus-seclab/soxy", + "INotGreen starred jborean93/AmsiProvider": "https://github.com/jborean93/AmsiProvider", + "niudaii starred dyyz1993/twitter-monitor": "https://github.com/dyyz1993/twitter-monitor" + }, + "Recent Commits to cve:main": { + "Update Tue Feb 4 20:32:01 UTC 2025": "https://github.com/trickest/cve/commit/4a5361dc1eae2ea00fbfc91dceab648791976c24", + "Update Tue Feb 4 12:24:03 UTC 2025": "https://github.com/trickest/cve/commit/4553f118ae05848a0b87e7f13dd0e71467f284b8", + "Update Tue Feb 4 04:24:21 UTC 2025": "https://github.com/trickest/cve/commit/b8e3c9c765f22bbf4d8d5019707cf0dc32ea5bd0" + }, + "一个被知识诅咒的人": { + "【人工智能】掌握图像风格迁移:使用Python实现艺术风格的自动化迁移": "https://blog.csdn.net/nokiaguy/article/details/145442258", + "【人工智能】多模态学习在Python中的应用:结合图像与文本数据的深度探索": "https://blog.csdn.net/nokiaguy/article/details/145442242" + }, + "Bug Bounty in InfoSec Write-ups on Medium": { + "Google did an Oopsie: a simple IDOR worth $3,133.7": "https://infosecwriteups.com/google-did-an-oopsie-a-simple-idor-worth-3-133-7-2abefaef954d?source=rss----7b722bfd1b8d--bug_bounty", + "Google: HTML Injection Bug": "https://infosecwriteups.com/google-html-injection-bug-14a50e12bb96?source=rss----7b722bfd1b8d--bug_bounty" + }, + "GuidePoint Security": { + "GRIT’s 2025 Report: Annual Vulnerability Analysis and Exploitation Trends": "https://www.guidepointsecurity.com/blog/grits-2025-report-annual-vulnerability-analysis-and-exploitation-trends/" + }, + "Twitter @bytehx": { + "Re @busf4ctor @Hacker0x01 Congrats! Is it the epic games one?": "https://x.com/bytehx343/status/1886823603263692950" + }, + "VMRay": { + "Fully undetected Shell Script dropping macOS Atomic Stealer": "https://www.vmray.com/fully-undetected-shell-script-dropping-macos-atomic-stealer/" + }, + "Malwarebytes": { + "Valley News Live exposed more than a million job seeker’s resumes": "https://www.malwarebytes.com/blog/news/2025/02/valley-news-live-exposed-more-than-a-million-job-seekers-resumes", + "New AI “agents” could hold people for ransom in 2025": "https://www.malwarebytes.com/blog/news/2025/02/new-ai-agents-could-hold-people-for-ransom-in-2025" + }, + "SpiderLabs Blog": { + "Beyond the Chatbot: Meta Phishing with Fake Live Support": "https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/beyond-the-chatbot-meta-phishing-with-fake-live-support/" + }, + "Reverse Engineering": { + "Cloudflare jsd challenge reverse engineered (cf_clearance)": "https://www.reddit.com/r/ReverseEngineering/comments/1ihcivi/cloudflare_jsd_challenge_reverse_engineered_cf/" + }, + "PortSwigger Research": { + "Top 10 web hacking techniques of 2024": "https://portswigger.net/research/top-10-web-hacking-techniques-of-2024" + }, + "FreeBuf网络安全行业门户": { + "FreeBuf早报 | 关于Deepseek的一些普遍误读;黑客利用7-Zip零日漏洞部署恶意软件": "https://www.freebuf.com/news/421061.html" + }, + "奇客Solidot–传递最新科技情报": { + "Freedesktop 和 Alpine Linux 寻找新托管商": "https://www.solidot.org/story?sid=80467" + }, + "安全分析与研究": { + "以亲身安全经历聊聊安全方向、价值与未来": "https://mp.weixin.qq.com/s?__biz=MzA4ODEyODA3MQ==&mid=2247490317&idx=1&sn=5c05e289a164028bc3044f962294c041&chksm=902fb425a7583d33ffe98bf9bce591842d91643609f7c7b5f3f5a2caa72c373f14fb3b1a9743&scene=58&subscene=0#rd" + }, + "杨龙": { + "Nginx+PHP服务器上传限制调节": "https://www.yanglong.pro/blog%e6%9c%8d%e5%8a%a1%e5%99%a8%e4%b8%8a%e4%bc%a0%e9%99%90%e5%88%b6%e8%b0%83%e8%8a%82/" + }, + "锦行科技": { + "初七 | 人日吉祥": "https://mp.weixin.qq.com/s?__biz=MzIxNTQxMjQyNg==&mid=2247493744&idx=1&sn=f67c79d0ee451159f9d8b63a31ffa483&chksm=979a13d5a0ed9ac319549b9b712bc1aaa0e74fc7af62ce670d3fd7dd98dcd7e2a5fdafcffd0e&scene=58&subscene=0#rd" + }, + "吾爱破解论坛": { + "分享图片": "https://mp.weixin.qq.com/s?__biz=MjM5Mjc3MDM2Mw==&mid=2651141676&idx=1&sn=72023018cd03f75887c2ed1741e5e8e0&chksm=bd50a6788a272f6e033dd144a7bc829356b6797d17d157f1399ae32d8c859579132739f55f0a&scene=58&subscene=0#rd" + }, + "dotNet安全矩阵": { + "最后一天福利 | 2024年度WebShell专题、内存马技术、反序列化漏洞文章和工具汇总": "https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498718&idx=1&sn=0bbf3d272f4c72302d21c151106a9275&chksm=fa595533cd2edc25867405807f8e4bfdee1cf510746683efe669fd6a09f3f08f97c6e86ca47a&scene=58&subscene=0#rd", + ".NET 安全基础入门学习知识库": "https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498718&idx=2&sn=19e62b92cf72c453cb87a2a849165c10&chksm=fa595533cd2edc256454361bd96cb15ab09cfeb56264abdb375529be15ba79d7ad6d882db94d&scene=58&subscene=0#rd", + "2024 年度隧道代理、数据外发、痕迹清理阶段文章和工具汇总": "https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498718&idx=3&sn=30beabdcff16e3ec0dbe4096cab483fd&chksm=fa595533cd2edc2557a91d1a20e49233529988735a1ad63c2cd1bae1ecbc24e58d482683612c&scene=58&subscene=0#rd" + }, + "安全学术圈": { + "北京理工大学 | 利用高鲁棒流量表示瓦解网站指纹防御": "https://mp.weixin.qq.com/s?__biz=MzU5MTM5MTQ2MA==&mid=2247491622&idx=1&sn=9c8adf0775c59b6630c5d518da11bfb0&chksm=fe2d1fadc95a96bb9fa8fc64e04a456bff174e4505248f2b146e3d41250a796cb38e0dbd16bf&scene=58&subscene=0#rd" + }, + "安全研究GoSSIP": { + "G.O.S.S.I.P 2025 新春总动员(2):反编译研究的又一年": "https://mp.weixin.qq.com/s?__biz=Mzg5ODUxMzg0Ng==&mid=2247499661&idx=1&sn=76d0e94d245ff6aa345521b8bf4a4f17&chksm=c063d154f71458428c47a7c127c7aa10098db4d0d64253424108bd5b79a87e3ac38ff18f37a1&scene=58&subscene=0#rd" + }, + "中国信息安全": { + "专家解读 | 刘贤刚:以高水平安全保障数据合规高效流通利用": "https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235998&idx=1&sn=e5c48f11f03db570c3a90816bad8c1d5&chksm=8b580127bc2f88316c198cf75c2984eb2176621a4368b7312cebbfdc9e66ac0f70bf9c3fd6d7&scene=58&subscene=0#rd", + "专家解读 | 吴沈括:科学建构个人信息保护认证 促进数据高效便利安全跨境流动": "https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235998&idx=2&sn=90c7e93a07b50d82c6780007144f2d20&chksm=8b580127bc2f8831c2460a0a643f82b36a62568c56e94926687d95d3a05855c445fc8913c5b5&scene=58&subscene=0#rd", + "专家观点 | 数据资产登记:推动数字经济发展的关键钥匙": "https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235998&idx=3&sn=9b9ac7c176f476f344450cffb04b11cd&chksm=8b580127bc2f883187630723c5ed285c07e34d481fd7ea76c5f77d255726091eda39ad2724e0&scene=58&subscene=0#rd", + "专家观点 | 卫生健康数据资产全过程管理的法治路径": "https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235998&idx=4&sn=eea10396ff51751871886d0c472aa6c7&chksm=8b580127bc2f883149290247051a17f092c240538939cc329863fe5813572399c064e87f28a9&scene=58&subscene=0#rd" + }, + "360数字安全": { + "大年初七 | 祥蛇送安,前程“巳”锦": "https://mp.weixin.qq.com/s?__biz=MzA4MTg0MDQ4Nw==&mid=2247579302&idx=1&sn=312f41b6a398879cd51cef2086bd411c&chksm=9f8d26aea8faafb813d81d84efc298f6ab32c3d59c70e3f11e053e9786c9ce8062c7bf2520e7&scene=58&subscene=0#rd" + }, + "极客公园": { + "小米股价创新高,市值突破万亿;披头士 「AI 歌曲」获格莱美大奖;《流浪地球 3》三月开机,开招演员|极客早知道": "https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653073254&idx=1&sn=4c63eb6266e84fc673589f365a56ba3b&chksm=7e57d2d049205bc6a939ef6ca8c4912447c4fe10f231e12d472569c227579674ab0c653e00d5&scene=58&subscene=0#rd" + }, + "Over Security - Cybersecurity news aggregator": { + "Union groups sue Treasury over giving DOGE access to sensitive data": "https://therecord.media/union-groups-sue-treasury-over-giving-doge-access-to-data", + "Zyxel won’t patch newly exploited flaws in end-of-life routers": "https://www.bleepingcomputer.com/news/security/zyxel-wont-patch-newly-exploited-flaws-in-end-of-life-routers/", + "Spyware maker Paragon confirms U.S. government is a customer": "https://techcrunch.com/2025/02/04/spyware-maker-paragon-confirms-u-s-government-is-a-customer/", + "Proposal for federal cyber scholarship, with service requirement, returns in House": "https://therecord.media/pivott-act-returns-cyber-scholarships-rep-mark-green", + "Google Play, Apple App Store apps caught stealing crypto wallets": "https://www.bleepingcomputer.com/news/mobile/google-play-apple-app-store-apps-caught-stealing-crypto-wallets/", + "Grubhub says hack on third-party exposed information on campus customers": "https://therecord.media/grubhub-says-third-party-hack-exposed-campus-customers", + "Cyber agencies share security guidance for network edge devices": "https://www.bleepingcomputer.com/news/security/cyber-agencies-share-security-guidance-for-network-edge-devices/", + "Chinese cyberspies use new SSH backdoor in network device hacks": "https://www.bleepingcomputer.com/news/security/chinese-cyberspies-use-new-ssh-backdoor-in-network-device-hacks/", + "Botnet: cosa sono, come funzionano, i consigli per proteggere la rete aziendale dagli zombie del Web": "https://www.cybersecurity360.it/nuove-minacce/botnet-cosa-sono-come-funzionano-e-come-proteggere-la-rete-aziendale-dagli-zombie-del-web/", + "Aggiornamenti Android febbraio 2025, corretta una vulnerabilità sfruttata attivamente: i dettagli": "https://www.cybersecurity360.it/news/aggiornamenti-android-febbraio-2025-corretta-una-vulnerabilita-sfruttata-attivamente-i-dettagli/", + "Who’s Behind the Seized Forums ‘Cracked’ & ‘Nulled’?": "https://krebsonsecurity.com/2025/02/whos-behind-the-seized-forums-cracked-nulled/", + "Netgear warns users to patch critical WiFi router vulnerabilities": "https://www.bleepingcomputer.com/news/security/netgear-warns-users-to-patch-critical-wifi-router-vulnerabilities/", + "Russian cyber research companies post alerts about infostealer, industrial threats": "https://therecord.media/russia-cybersecurity-research-bizone-nova-infostealer", + "Aquabot, il malware che prende di mira i sistemi telefonici VoIP: come difendersi": "https://www.cybersecurity360.it/nuove-minacce/aquabot-il-malware-che-prende-di-mira-i-sistemi-telefonici-voip-come-difendersi/", + "How hackers target your Active Directory with breached VPN passwords": "https://www.bleepingcomputer.com/news/security/how-hackers-target-your-active-directory-with-breached-vpn-passwords/", + "California man steals $50 million using fake investment sites, gets 7 years": "https://www.bleepingcomputer.com/news/security/california-man-steals-50-million-using-fake-investment-sites-gets-7-years/", + "35 anni di ransomware: com’è evoluta la minaccia e com’è cambiato il modo di difendersi": "https://www.cybersecurity360.it/nuove-minacce/ransomware/cisco-35-anni-ransomware/", + "7-Zip MotW bypass exploited in zero-day attacks against Ukraine": "https://www.bleepingcomputer.com/news/security/7-zip-motw-bypass-exploited-in-zero-day-attacks-against-ukraine/", + "Data breach del FSE Molise, tutta la catena di trattamento dati è responsabile: ecco perché": "https://www.cybersecurity360.it/news/data-breach-del-fse-molise-tutta-la-catena-di-trattamento-dati-e-responsabile-ecco-perche/", + "DeepSeek’s Growing Influence Sparks a Surge in Frauds and Phishing Attacks": "https://cyble.com/blog/deepseeks-growing-influence-surge-frauds-phishing-attacks/", + "NETGEAR Urges Immediate Firmware Updates for Critical Security Flaws": "https://cyble.com/blog/netgear-issues-security-severe-rce-vulnerabilities/", + "Il DPO nel percorso di adeguamento alla NIS 2: spettatore o protagonista?": "https://www.cybersecurity360.it/legal/privacy-dati-personali/il-dpo-nel-percorso-di-adeguamento-alla-nis-2-spettatore-o-protagonista/", + "Release Notes: System Updates, New YARA and Suricata Rules, Signatures, and More": "https://any.run/cybersecurity-blog/release-notes-january-2025/", + "Detection engineering at scale: one step closer (part two)": "https://blog.sekoia.io/detection-engineering-at-scale-one-step-closer-part-two/", + "GrubHub data breach impacts customers, drivers, and merchants": "https://www.bleepingcomputer.com/news/security/grubhub-data-breach-impacts-customers-drivers-and-merchants/", + "Security Operations Report - Gennaio 2025": "https://www.certego.net/blog/whitepaper-secops-report-gennaio-2025/", + "Sophos acquisisce Secureworks e diventa il principale fornitore di servizi MDR": "https://www.securityinfo.it/2025/02/04/sophos-acquisisce-secureworks-e-diventa-il-principale-fornitore-di-servizi-mdr/", + "PoinCampus - 89,116 breached accounts": "https://haveibeenpwned.com/PwnedWebsites#PoinCampus", + "First Apple-notarized porn app available to iPhone users in Europe": "https://www.bleepingcomputer.com/news/apple/first-apple-notarized-porn-app-available-to-iphone-users-in-europe/", + "As DOGE teams plug into federal networks, cybersecurity risks could be huge, experts say": "https://therecord.media/doge-opm-treasury-cybersecurity" + }, + "迪哥讲事": { + "限时福利 | 新年规划": "https://mp.weixin.qq.com/s?__biz=MzIzMTIzNTM0MA==&mid=2247497034&idx=1&sn=9db28c4110f936bdab5fdc4d4a08bbe0&chksm=e8a5ff29dfd2763f82c4e66f8a055d79d8a9c6af1a96e1dba7c49d0a9ae1fea0ac4905fd16b0&scene=58&subscene=0#rd" + }, + "bellingcat": { + "Satellite Imagery Shows Schools and Hospitals Destroyed in Northern Gaza": "https://www.bellingcat.com/news/2025/02/04/satellite-imagery-shows-schools-and-hospitals-destroyed-in-northern-gaza/" + }, + "娜璋AI安全之家": { + "PyTorch入门 (1)环境搭建、神经网络普及和Torch基础知识": "https://mp.weixin.qq.com/s?__biz=Mzg5MTM5ODU2Mg==&mid=2247501337&idx=1&sn=1d5b325bd3781d3366805cba31133082&chksm=cfcf76d4f8b8ffc2bbf9a0d4b21b1d25fdb22fba974fb45849f750a272269e03399a890e940f&scene=58&subscene=0#rd" + }, + "Securityinfo.it": { + "Sophos acquisisce Secureworks e diventa il principale fornitore di servizi MDR": "https://www.securityinfo.it/2025/02/04/sophos-acquisisce-secureworks-e-diventa-il-principale-fornitore-di-servizi-mdr/?utm_source=rss&utm_medium=rss&utm_campaign=sophos-acquisisce-secureworks-e-diventa-il-principale-fornitore-di-servizi-mdr" + }, + "Hacking Exposed Computer Forensics Blog": { + "Daily Blog #738: Arsenal Recon LevelDB Recon": "https://www.hecfblog.com/2025/02/daily-blog-738-arsenal-recon-leveldb.html" + }, + "ICT Security Magazine": { + "Cyber Crime Conference 2025, partecipa il 16 e 17 aprile a Roma": "https://www.ictsecuritymagazine.com/notizie/cyber-crime-conference-2025/", + "Criminalità informatica in Europa: l’analisi Eurojust-Europol 2024": "https://www.ictsecuritymagazine.com/notizie/criminalita-informatica-2024/" + }, + "SANS Internet Storm Center, InfoCON: green": { + "Some updates to our data feeds, (Tue, Feb 4th)": "https://isc.sans.edu/diary/rss/31650", + "ISC Stormcast For Tuesday, February 4th, 2025 https://isc.sans.edu/podcastdetail/9308, (Tue, Feb 4th)": "https://isc.sans.edu/diary/rss/31648" + }, + "Have I Been Pwned latest breaches": { + "PoinCampus - 89,116 breached accounts": "https://haveibeenpwned.com/PwnedWebsites#PoinCampus" + }, + "Tor Project blog": { + "New Release: Tor Browser 14.0.5": "https://blog.torproject.org/new-release-tor-browser-1405/" + }, + "Full Disclosure": { + "KL-001-2025-002: Checkmk NagVis Remote Code Execution": "https://seclists.org/fulldisclosure/2025/Feb/4", + "KL-001-2025-001: Checkmk NagVis Reflected Cross-site Scripting": "https://seclists.org/fulldisclosure/2025/Feb/3" + }, + "Krypt3ia": { + "Krypt3ia Daily Cyber Threat Intelligence (CTI) Digest": "https://krypt3ia.wordpress.com/2025/02/04/krypt3ia-daily-cyber-threat-intelligence-cti-digest-9/" + }, + "TorrentFreak": { + "LaLiga: Cloudflare, Google and X Are Essential Piracy Facilitators": "https://torrentfreak.com/laliga-cloudflare-google-and-x-are-essential-piracy-facilitators-250204/" + }, + "The Hacker News": { + "Malicious Go Package Exploits Module Mirror Caching for Persistent Remote Access": "https://thehackernews.com/2025/02/malicious-go-package-exploits-module.html", + "Russian Cybercrime Groups Exploiting 7-Zip Flaw to Bypass Windows MotW Protections": "https://thehackernews.com/2025/02/russian-cybercrime-groups-exploiting-7.html", + "North Korean Hackers Deploy FERRET Malware via Fake Job Interviews on macOS": "https://thehackernews.com/2025/02/north-korean-hackers-deploy-ferret.html", + "Watch Out For These 8 Cloud Security Shifts in 2025": "https://thehackernews.com/2025/02/watch-out-for-these-8-cloud-security.html", + "Taiwan Bans DeepSeek AI Over National Security Concerns, Citing Data Leakage Risks": "https://thehackernews.com/2025/02/taiwan-bans-deepseek-ai-over-national.html", + "AMD SEV-SNP Vulnerability Allows Malicious Microcode Injection with Admin Access": "https://thehackernews.com/2025/02/amd-sev-snp-vulnerability-allows.html", + "Microsoft Patches Critical Azure AI Face Service Vulnerability with CVSS 9.9 Score": "https://thehackernews.com/2025/02/microsoft-patches-critical-azure-ai.html", + "Google Patches 47 Android Security Flaws, Including Actively Exploited CVE-2024-53104": "https://thehackernews.com/2025/02/google-patches-47-android-security.html", + "Microsoft SharePoint Connector Flaw Could've Enabled Credential Theft Across Power Platform": "https://thehackernews.com/2025/02/microsoft-sharepoint-connector-flaw.html" + }, + "Trend Micro Research, News and Perspectives": { + "CVE-2025-0411: Ukrainian Organizations Targeted in Zero-Day Campaign and Homoglyph Attacks": "https://www.trendmicro.com/en_us/research/25/a/cve-2025-0411-ukrainian-organizations-targeted.html" + }, + "Graham Cluley": { + "The AI Fix #36: A DeepSeek special": "https://grahamcluley.com/the-ai-fix-36/" + }, + "The Register - Security": { + "Google: How to make any AMD Zen CPU always generate 4 as a random number": "https://go.theregister.com/feed/www.theregister.com/2025/02/04/google_amd_microcode/", + "Poisoned Go programming language package lay undetected for 3 years": "https://go.theregister.com/feed/www.theregister.com/2025/02/04/golang_supply_chain_attack/", + "Grubhub serves up security incident with a side of needing to change your password": "https://go.theregister.com/feed/www.theregister.com/2025/02/04/grubhub_data_incident/", + "US accuses Canadian math prodigy of $65M crypto scheme": "https://go.theregister.com/feed/www.theregister.com/2025/02/04/math_prodigy_crypto_scheme/", + "Cyberattack on NHS causes hospitals to miss cancer care targets": "https://go.theregister.com/feed/www.theregister.com/2025/02/04/cyberattack_on_nhs_hospitals_sees/", + "Abandoned AWS S3 buckets can be reused in supply-chain attacks that would make SolarWinds look 'insignificant'": "https://go.theregister.com/feed/www.theregister.com/2025/02/04/abandoned_aws_s3/", + "UK govt must learn fast and let failing projects die young": "https://go.theregister.com/feed/www.theregister.com/2025/02/04/ukgov_must_embrace_a_fastlearning/", + "Google patches odd Android kernel security bug amid signs of targeted exploitation": "https://go.theregister.com/feed/www.theregister.com/2025/02/04/google_android_patch_netgear/", + "Why digital resilience is critical to banks": "https://go.theregister.com/feed/www.theregister.com/2025/02/04/why_digital_resilience_is_critical/" + }, + "Security Affairs": { + "Netgear urges users to upgrade two flaws impacting WiFi router models": "https://securityaffairs.com/173839/security/netgear-wifi-routers-flaws.html", + "AMD fixed a flaw that allowed to load malicious microcode": "https://securityaffairs.com/173831/security/amd-flaw-allowed-load-malicious-microcode.html", + "Coyote Banking Trojan targets Brazilian users, stealing data from 70+ financial apps and websites": "https://securityaffairs.com/173818/malware/coyote-banking-trojan-targets-brazilian-users.html", + "Google fixed actively exploited kernel zero-day flaw": "https://securityaffairs.com/173812/hacking/google-android-kernel-zero-day-flaw.html" + }, + "Schneier on Security": { + "Deepfakes and the 2024 US Election": "https://www.schneier.com/blog/archives/2025/02/deepfakes-and-the-2024-us-election.html" + }, + "Deeplinks": { + "European Commission Gets Dinged for Unlawful Data Transfer, Sending a Big Message About Accountability": "https://www.eff.org/deeplinks/2025/02/courts-fine-against-european-commission-unlawful-personal-data-transfer-small", + "Key Issues Shaping State-Level Tech Policy": "https://www.eff.org/deeplinks/2025/02/key-issues-shaping-state-level-tech-policy", + "How State Tech Policies in 2024 Set the Stage for 2025": "https://www.eff.org/deeplinks/2025/02/how-state-tech-policies-2024-set-stage-2025" + }, + "Technical Information Security Content & Discussion": { + "Replacing a Space Heater Firmware over WiFi": "https://www.reddit.com/r/netsec/comments/1ihtrx0/replacing_a_space_heater_firmware_over_wifi/", + "8 Million Requests Later, We Made The SolarWinds Supply Chain Attack Look Amateur - watchTowr Labs": "https://www.reddit.com/r/netsec/comments/1ihf6qt/8_million_requests_later_we_made_the_solarwinds/", + "Now live: Our Global InfoSec Salary Index for 2025 - with full dataset in the Public Domain :)": "https://www.reddit.com/r/netsec/comments/1ihlqeq/now_live_our_global_infosec_salary_index_for_2025/", + "Top 10 (new) web hacking techniques of 2024": "https://www.reddit.com/r/netsec/comments/1ihl0w9/top_10_new_web_hacking_techniques_of_2024/", + "How to prove false statements? (Part 1)": "https://www.reddit.com/r/netsec/comments/1ihth34/how_to_prove_false_statements_part_1/", + "Collabfiltrator 4.0.1 Plugin released! New SQLi DNS exfiltration capabilities available in BurpSuite. Download it from the BApp Store.": "https://www.reddit.com/r/netsec/comments/1ihjlku/collabfiltrator_401_plugin_released_new_sqli_dns/", + "Masquerade the Windows \"Program Files\" path with Unicode \"En Quad\" character.": "https://www.reddit.com/r/netsec/comments/1ih7wch/masquerade_the_windows_program_files_path_with/" + }, + "Your Open Hacker Community": { + "hiding processes from tasklist by manipulating ntquerysysteminformation": "https://www.reddit.com/r/HowToHack/comments/1ihc0bm/hiding_processes_from_tasklist_by_manipulating/", + "John the Ripper Generates a 319 Million Character Hash": "https://www.reddit.com/r/HowToHack/comments/1ihb8j6/john_the_ripper_generates_a_319_million_character/", + "I want destroy someone...": "https://www.reddit.com/r/HowToHack/comments/1ihsbu5/i_want_destroy_someone/", + "Help to progress": "https://www.reddit.com/r/HowToHack/comments/1ih5log/help_to_progress/", + "How to get behind the paywall of this website? (bladet.no)": "https://www.reddit.com/r/HowToHack/comments/1ihdpz7/how_to_get_behind_the_paywall_of_this_website/", + "Can someone tell me if this code that Chat GPT generated is legit?": "https://www.reddit.com/r/HowToHack/comments/1ihdjw7/can_someone_tell_me_if_this_code_that_chat_gpt/", + "HELP ???": "https://www.reddit.com/r/HowToHack/comments/1ihdbuu/help/", + "Suddenly, all my terminal (MacOS) just says \"login:incorrect\" and all my processes have stopped... What do I do?": "https://www.reddit.com/r/HowToHack/comments/1ih6q5k/suddenly_all_my_terminal_macos_just_says/", + "I want to make a memory scanner/editor": "https://www.reddit.com/r/HowToHack/comments/1ih9evu/i_want_to_make_a_memory_scannereditor/" + }, + "netsecstudents: Subreddit for students studying Network Security and its related subjects": { + "WebGoat and starting with Web App Sec": "https://www.reddit.com/r/netsecstudents/comments/1ihivn7/webgoat_and_starting_with_web_app_sec/" + }, + "Blackhat Library: Hacking techniques and research": { + "Spam data": "https://www.reddit.com/r/blackhat/comments/1ihi7gq/spam_data/", + "Spam": "https://www.reddit.com/r/blackhat/comments/1ihi6x6/spam/" + }, + "Computer Forensics": { + "Axiom help": "https://www.reddit.com/r/computerforensics/comments/1ihva7p/axiom_help/", + "Phone number recovery from GPS tracker device": "https://www.reddit.com/r/computerforensics/comments/1ihelkv/phone_number_recovery_from_gps_tracker_device/", + "Career Possibilities": "https://www.reddit.com/r/computerforensics/comments/1ih9hug/career_possibilities/", + "Need help with Internet Archive (Wayback Machine) breach": "https://www.reddit.com/r/computerforensics/comments/1ihslo3/need_help_with_internet_archive_wayback_machine/", + "Forensic Lab": "https://www.reddit.com/r/computerforensics/comments/1ihpjkk/forensic_lab/", + "Suggestion for a triage tool with keyword search capability": "https://www.reddit.com/r/computerforensics/comments/1ihbu5l/suggestion_for_a_triage_tool_with_keyword_search/" + }, + "Krebs on Security": { + "Who’s Behind the Seized Forums ‘Cracked’ & ‘Nulled’?": "https://krebsonsecurity.com/2025/02/whos-behind-the-seized-forums-cracked-nulled/" + }, + "Security Weekly Podcast Network (Audio)": { + "DeepSeek, Nicolas Cage, OpenAI, Hackers, Ransomware, Canada, Joshua Marpet and More - SWN #448": "http://sites.libsyn.com/18678/deepseek-nicolas-cage-openai-hackers-ransomware-canada-joshua-marpet-and-more-swn-448", + "Threat Modeling That Helps the Business - Akira Brand, Sandy Carielli - ASW #316": "http://sites.libsyn.com/18678/threat-modeling-that-helps-the-business-akira-brand-sandy-carielli-asw-316" + } +} \ No newline at end of file diff --git a/today.md b/today.md index ca18614399..4462f21356 100644 --- a/today.md +++ b/today.md @@ -1,330 +1,278 @@ -# 每日安全资讯(2025-02-04) +# 每日安全资讯(2025-02-05) +- SecWiki News + - [ ] [SecWiki News 2025-02-04 Review](http://www.sec-wiki.com/?2025-02-04) - Doonsec's feed - - [ ] [06x函数50-55](https://mp.weixin.qq.com/s?__biz=MzA3NDE0NTY0OQ==&mid=2247484328&idx=1&sn=56cb7fa45a42211cef760c64219cfe6d) - - [ ] [靶场系列之Kioptix Level 4](https://mp.weixin.qq.com/s?__biz=Mzk1NzIzNjM0OQ==&mid=2247484082&idx=1&sn=8ae9a5e59b4672dd6ca406e270e8bd72) - - [ ] [【Win11抓不到密码?】| 内存匹配规则的添加!!](https://mp.weixin.qq.com/s?__biz=Mzk1NzM5MTI2Mg==&mid=2247484433&idx=1&sn=c880bb48a013ff14e3bab913ecbfe043) - - [ ] [渗透测试与Linux管理系统化](https://mp.weixin.qq.com/s?__biz=Mzk1Nzc0MzY3NA==&mid=2247483802&idx=1&sn=5d2ed26dce664d4671ea49803c0b5721) - - [ ] [openEuler 24.03 操作系统上部署 DeepSeek-R1:671B 大模型训练使用GPU显卡NVIDIA A100](https://mp.weixin.qq.com/s?__biz=Mzg2MjYxODQ4Mw==&mid=2247485001&idx=1&sn=7cafb2cadfaa1242093af5dd79f1f9b4) - - [ ] [【burpsuite靶场-服务端4】命令注入漏洞](https://mp.weixin.qq.com/s?__biz=MzkzMDg1MzIwNA==&mid=2247487335&idx=1&sn=c230b1063e5abc07d7a340d33329a10e) - - [ ] [一键直达,告别中转!AutoRedirector 插件让你的浏览体验飞起来!](https://mp.weixin.qq.com/s?__biz=MzU2MTc4NTEyNw==&mid=2247486485&idx=1&sn=0708e0ba9aaae6b483cf7006497b904d) - - [ ] [2025年网络安全态势感知的主要趋势和挑战](https://mp.weixin.qq.com/s?__biz=MzU2NDY2OTU4Nw==&mid=2247518539&idx=1&sn=a6be0023f68c6a11448c70df2384b293) - - [ ] [世界需要一个能谋善断的AI(七)数字分身:生理永生与数字永生的思考](https://mp.weixin.qq.com/s?__biz=MzAxOTk3NTg5OQ==&mid=2247492313&idx=1&sn=c436d968a908073fb49f919afe55128d) - - [ ] [Unity游戏开发学习笔记](https://mp.weixin.qq.com/s?__biz=MjM5Mzc4MzUzMQ==&mid=2650260521&idx=1&sn=0ab4effac06bb65dab6afa3ebf32e1b7) - - [ ] [大模型基础](https://mp.weixin.qq.com/s?__biz=MjM5OTk4MDE2MA==&mid=2655265044&idx=1&sn=7801ee77daf09eae3fe05c448a3a2c43) - - [ ] [日产聆风电动汽车(Leaf-EV)-2018款本地拒绝服务漏洞](https://mp.weixin.qq.com/s?__biz=MzkyOTg3ODc5OA==&mid=2247484330&idx=1&sn=8558bf04848af41f0e0f56123fc3ae5d) - - [ ] [列目录引起的信息泄露获取1w5赏金](https://mp.weixin.qq.com/s?__biz=MzIzMTIzNTM0MA==&mid=2247497023&idx=1&sn=f4dad5920e40978a4ba8d4c41549b151) - - [ ] [特斯拉电动汽车越狱](https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247620379&idx=1&sn=0d4d48f552a8acea197682a3d291f961) - - [ ] [智慧护航:量产落地的盖瑞特入侵检测系统,确保智能网联汽车安全](https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247620379&idx=2&sn=5d7fd1071b30851066c47559fe48c00f) - - [ ] [单芯片舱驾&舱控跨域融合技术方案在线培训课](https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247620379&idx=3&sn=6703784580243fe5c19338db1ccf0fc1) - - [ ] [联发科发布公告CVE-2025-20633可能导致远程代码执行](https://mp.weixin.qq.com/s?__biz=MzkzNDIzNDUxOQ==&mid=2247494738&idx=1&sn=f776c6f5b2c8fbd315f6a6fbb4e83658) - - [ ] [G.O.S.S.I.P 2025 新春总动员(1):疯狂的PDF](https://mp.weixin.qq.com/s?__biz=Mzg5ODUxMzg0Ng==&mid=2247499652&idx=1&sn=589b1778aa04f72cdc07c947be4bc17c) - - [ ] [SecWiki周刊(第570期)](https://mp.weixin.qq.com/s?__biz=MjM5NDM1OTM0Mg==&mid=2651053429&idx=1&sn=31d3160a718b707ff1494a94ccb17e05) - - [ ] [SecWiki周刊(第569期)](https://mp.weixin.qq.com/s?__biz=MjM5NDM1OTM0Mg==&mid=2651053429&idx=2&sn=52ca024a6e40c3b8bfa8aee1ae304c03) - - [ ] [SecWiki周刊(第568期)](https://mp.weixin.qq.com/s?__biz=MjM5NDM1OTM0Mg==&mid=2651053429&idx=3&sn=a8270fb531eb9042a816850e48c609e2) - - [ ] [SecWiki周刊(第567期)](https://mp.weixin.qq.com/s?__biz=MjM5NDM1OTM0Mg==&mid=2651053429&idx=4&sn=1a33c07c70777c6b4ee1ff6913533e0d) - - [ ] [大年初六 | 辞旧迎新,送穷迎福](https://mp.weixin.qq.com/s?__biz=MzU3MzU4NjI4OQ==&mid=2247516498&idx=1&sn=e9790d235440fdc1e5d82fbb21a2ff57) - - [ ] [小白也能懂的DeepSeek本地安装教程](https://mp.weixin.qq.com/s?__biz=MzU5NzQ3NzIwMA==&mid=2247486425&idx=1&sn=d5a313dd4ffa06ab7ccd8e37ca614892) - - [ ] [海外虚拟信用卡之BinPay](https://mp.weixin.qq.com/s?__biz=MzkyNzYzNTQ2Nw==&mid=2247484119&idx=1&sn=ba45102f59a34f18e8ced5e0639b48b9) - - [ ] [白嫖DeepSeek R1 -腾讯云部署将免费进行到底!](https://mp.weixin.qq.com/s?__biz=MjM5Nzk3MjMzMA==&mid=2650570216&idx=1&sn=4dded799de34c8aad693320a5562dccc) - - [ ] [Topert4|内容计划|已有内容|10小时后删除](https://mp.weixin.qq.com/s?__biz=MzU5Njg5NzUzMw==&mid=2247490468&idx=1&sn=7e879727a18c30ea764c2f7f090ccfab) - - [ ] [1月份,到访奇安信的两大车企巨头!](https://mp.weixin.qq.com/s?__biz=MzkzMzcxNTQyNw==&mid=2247485600&idx=1&sn=1080d72650a49581ed39b353de1b2693) - - [ ] [服务崩溃,DeepSeek该给金主一个贴金的机会](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485511&idx=1&sn=4df6a88c69aee53ffdd181cc712e7f41) - - [ ] [【干货原创】实网攻防演习常态化,会带来什么变化01](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485511&idx=4&sn=68b99bc3a3d9c0166c11be378b838cac) - - [ ] [【干货原创】K12教育,鲜为人知的模式秘密](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485511&idx=5&sn=66af2d055dd3946c55837e742af38e56) - - [ ] [原创文章目录](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485511&idx=6&sn=881293b43a52e8b558223c554ddebcbf) - - [ ] [秦安:伟大的战略反攻已经开始,灵动之蛇年,中国人民就靠真功夫](https://mp.weixin.qq.com/s?__biz=MzA5MDg1MDUyMA==&mid=2650476470&idx=1&sn=f6505f40fe1a4a811cd9320a2365b123) - - [ ] [秦安:初一,美国动手了,安全和道德问题,以小人之心量君子之腹](https://mp.weixin.qq.com/s?__biz=MzA5MDg1MDUyMA==&mid=2650476470&idx=2&sn=e3248c99757c48d1753daab3678c4bb3) - - [ ] [这么强的渗透神器,你真的舍得不试试?](https://mp.weixin.qq.com/s?__biz=Mzg5OTg1MDk0Mw==&mid=2247485506&idx=1&sn=b0b0b4fac01f448f36a415fb860eeb81) - - [ ] [企业信息安全建设:你的数据防线真的固若金汤吗?](https://mp.weixin.qq.com/s?__biz=MzI5MjEyOTE4MA==&mid=2648520049&idx=1&sn=2ebb6422e7ffeffd0e9e501bd6ec2c7f) - - [ ] [ISO 45001: 2018 标准详解与实施(14)7.1 资源](https://mp.weixin.qq.com/s?__biz=MzA5OTEyNzc1Nw==&mid=2247486063&idx=1&sn=377991c5d6f47b70bc76fd3db40d4292) - - [ ] [【资料】生成式人工智能下的世界](https://mp.weixin.qq.com/s?__biz=MzI2MTE0NTE3Mw==&mid=2651148842&idx=1&sn=a98ad85e918a855004f545cb00b2141b) - - [ ] [智能网联汽车多域电子电气架构会如何发展?](https://mp.weixin.qq.com/s?__biz=MzIzOTc2OTAxMg==&mid=2247549671&idx=1&sn=7043300bc8465aca13f85f5610eadd9f) - - [ ] [CAN总线不加终端电阻会咋样?](https://mp.weixin.qq.com/s?__biz=MzIzOTc2OTAxMg==&mid=2247549671&idx=2&sn=1ccdb8a902fad33f54ae970878279444) - - [ ] [星火年鉴 | 工业互联网标识智库2024年度热文盘点,你最pick哪一篇?](https://mp.weixin.qq.com/s?__biz=MzU1OTUxNTI1NA==&mid=2247592465&idx=1&sn=c1802084a4d36089406dfe91c03545c7) - - [ ] [浅析代码重定位技术](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458589301&idx=1&sn=f8b5a4c4740123d4431ccb68a9063f17) - - [ ] [实用干货!无人机安全攻防入门,速来报名](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458589301&idx=2&sn=cd340085d0abd8a5fc5233d9ec93603f) - - [ ] [实施数据加密策略:保护云中敏感数据的关键要素(一)](https://mp.weixin.qq.com/s?__biz=MzkyMzU2NjQyNA==&mid=2247483943&idx=1&sn=30651b48ba2470ae7cf394536e6f42db) - - [ ] [【文末抽奖】奉天安全团队招人啦](https://mp.weixin.qq.com/s?__biz=Mzk0NjQ2NzQ0Ng==&mid=2247485016&idx=1&sn=eacd6f2faccf3347f92496544b099c41) - - [ ] [本地部署DeepSeek R1辅助CTF解题详解](https://mp.weixin.qq.com/s?__biz=Mzg2MjgwMzIxMA==&mid=2247484868&idx=1&sn=ed0f3277300e13861180e709a4818013) - - [ ] [【计划】2025,开工大吉及年度工作计划](https://mp.weixin.qq.com/s?__biz=MzU5MTM4MTIxMA==&mid=2247485508&idx=1&sn=21554b6361dcb2d065befb222b6da092) - - [ ] [【培训通知】2025年第一期专业反窃密技术操作培训班开班通知](https://mp.weixin.qq.com/s?__biz=MzU5MTM4MTIxMA==&mid=2247485508&idx=2&sn=c4e543ce0de16f5562006bd36c2e639c) - - [ ] [官方合并计划](https://mp.weixin.qq.com/s?__biz=MzU5Njg5NzUzMw==&mid=2247490462&idx=1&sn=470daf7ca3006edac1301cf05389d26f) - - [ ] [EDR专题学习-对抗EDR](https://mp.weixin.qq.com/s?__biz=Mzg5MDg3OTc0OA==&mid=2247489431&idx=1&sn=d3225f3d2e727cbd4b4c992fe9f989d0) - - [ ] [2025年,网络安全学习路线来袭,顺序千万别搞反!](https://mp.weixin.qq.com/s?__biz=MzkxMzMyNzMyMA==&mid=2247570695&idx=1&sn=1673575e8dc90594ba01e57b3cb359af) - - [ ] [违法获取网购订单中的个人信息,8人被判侵犯公民个人信息罪](https://mp.weixin.qq.com/s?__biz=MzIxMDIwODM2MA==&mid=2653931485&idx=1&sn=daf542fd9764c57a700fa306a231902d) - - [ ] [中国电信申请网元验证方法专利,保证SRv6网络安全不受影响](https://mp.weixin.qq.com/s?__biz=MzIxMDIwODM2MA==&mid=2653931485&idx=2&sn=9867cd25ac6ce0b727806848e5b8060f) - - [ ] [DeepSeek一键部署与DeepSeek免费14元额度羊毛福利](https://mp.weixin.qq.com/s?__biz=MzkyOTQyOTk3Mg==&mid=2247485061&idx=1&sn=41e34f22538f3d7766dfffadea89f948) - - [ ] [人工智能将如何改变劳动力市场:哪些职业将消失,哪些职业将继续存在](https://mp.weixin.qq.com/s?__biz=MzkzNDIzNDUxOQ==&mid=2247494733&idx=1&sn=9f39bc986bcee5287ab657f30bef435c) - - [ ] [2022-2024年间-美国对华芯片出口管制规则的梳理分析](https://mp.weixin.qq.com/s?__biz=MzIxODM0NDU4MQ==&mid=2247506447&idx=1&sn=0a423985369639ab65ad56e3f60aef66) - - [ ] [基于转换模型的安全属性验证](https://mp.weixin.qq.com/s?__biz=MzA5MTYyMDQ0OQ==&mid=2247493616&idx=1&sn=9211f1b45c30a302935f15077cc8b115) - - [ ] [8000字34张图史诗级介绍同轴电缆、双绞线、光纤等线缆,超级详细!](https://mp.weixin.qq.com/s?__biz=MzIyMzIwNzAxMQ==&mid=2649464777&idx=1&sn=32b2badc3ecfeef46c9f362629a4682c) - - [ ] [【吃瓜】《科普文章被网暴》《支持红客,打击霉离贱汉奸走狗!》DeepSeek乱象频发](https://mp.weixin.qq.com/s?__biz=Mzg4MTkwMTI5Mw==&mid=2247488860&idx=1&sn=41c835917e4191a5051118f4df625334) - - [ ] [网络钓鱼与社交工程:如何保护自己免受心理攻击——从受害者画像到防御体系构建](https://mp.weixin.qq.com/s?__biz=Mzk1NzI5MTc0Nw==&mid=2247484721&idx=1&sn=9b57ddd6ef8e9d09eb6c25c6bd0f2b22) - - [ ] [探索 HPE Insight Remote Support 中的最新 CVE](https://mp.weixin.qq.com/s?__biz=MzAxMjYyMzkwOA==&mid=2247527501&idx=1&sn=5f839664fa63bb4e792aa22a18e78ce0) - - [ ] [dde-api-proxy:Deepin D-Bus 代理服务中的身份验证绕过(CVE-2025-23222)](https://mp.weixin.qq.com/s?__biz=MzAxMjYyMzkwOA==&mid=2247527501&idx=2&sn=737f8a4b724e5ff7d00edcdeb03128cb) - - [ ] [Android Web攻击表面](https://mp.weixin.qq.com/s?__biz=MzAxMjYyMzkwOA==&mid=2247527501&idx=3&sn=5f9225bd5a2a555eeb1bfa1f39dd010b) - - [ ] [[民族之悲哀] DeepSeek 正在成为行业败类、无知黑心者的炒作敛财“傀儡”](https://mp.weixin.qq.com/s?__biz=MzkwODI1ODgzOA==&mid=2247506662&idx=1&sn=85cd5ef3832b2cd3e8770a6265aa290c) - - [ ] [美国为何对 DeepSeek 如此“上心”?一场科技博弈的真相](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650559440&idx=1&sn=a71dae9b931ab06febdba6081a3e1c26) - - [ ] [美国联邦调查局“变天”?特朗普全面清洗大动作曝光](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650559440&idx=2&sn=ac91eaccfce9275a6fd64aed2388e1a6) - - [ ] [专家解读 | 推动个人信息出境个人信息保护认证制度落地 促进个人信息高效便利安全跨境流动](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235937&idx=1&sn=d246a29f11e44289e30c16ad02323ea2) - - [ ] [征订|欢迎订阅2025年《中国信息安全》杂志](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235937&idx=2&sn=4edccca64682f8f41e9b56497807eb00) - - [ ] [专家解读 | 提升数据流通安全治理能力 促进数据流通开发利用](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235937&idx=3&sn=4b74cb1e75a739f80043e4d79c6f19a5) - - [ ] [国际 | 日本推进人工智能立法兼顾双重性](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235937&idx=4&sn=f8a6890f42bfbbbee12fcb55f0fde756) - - [ ] [评论 | 铲除“反防沉迷产业链”,撑起“数字晴空”](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235937&idx=5&sn=64e31032d2a327b33ad9368ee8790d3f) - - [ ] [微软惊现「零点击」核弹级漏洞!打开邮件就中招?](https://mp.weixin.qq.com/s?__biz=MzU0NDc0NTY3OQ==&mid=2247488439&idx=1&sn=98793685608a483e27976abf658cb08f) - - [ ] [Linux通用应急响应脚本](https://mp.weixin.qq.com/s?__biz=MzkyNzIxMjM3Mg==&mid=2247489197&idx=1&sn=5884ffe11accd736ab98ef2136c649bb) - - [ ] [前途光明](https://mp.weixin.qq.com/s?__biz=MzkyNzIxMjM3Mg==&mid=2247489197&idx=2&sn=ae88a87de118a9c320d0c5b5821c056e) - - [ ] [网安工作者被骂罕见,红客才是行业主导!](https://mp.weixin.qq.com/s?__biz=MzkyNTQ0OTYxOQ==&mid=2247484019&idx=1&sn=bcf60352216bd1de85eabb90f627c3d3) - - [ ] [“杉菜”再见,大S离世原因](https://mp.weixin.qq.com/s?__biz=Mzg2NDYwMDA1NA==&mid=2247543667&idx=1&sn=ae1deeaf06d309925fe3bfbadf32878d) - - [ ] [恶意样本静态分析-上](https://mp.weixin.qq.com/s?__biz=MzA4ODEyODA3MQ==&mid=2247490311&idx=1&sn=3ddb48128acc2772763bd99ba4cf850a) - - [ ] [APT狩猎工具](https://mp.weixin.qq.com/s?__biz=MzA4ODEyODA3MQ==&mid=2247490311&idx=2&sn=411e5b869e7b4425b9b6ce4d386e170a) - - [ ] [网络钓鱼工具资源库](https://mp.weixin.qq.com/s?__biz=Mzg4NzgyODEzNQ==&mid=2247488641&idx=1&sn=ce3b46fb8a2c5727264f28a851167f8c) - - [ ] [Docker 入门指南:10个核心命令助你快速上手容器化](https://mp.weixin.qq.com/s?__biz=Mzg4NDg3NjE5MQ==&mid=2247485645&idx=1&sn=1bd9d8741680f01bc152d9608e3391fb) - - [ ] [用DeepSeek学习区块链量化](https://mp.weixin.qq.com/s?__biz=MzU3NDY1NTYyOQ==&mid=2247486034&idx=1&sn=c8655d5eb94f15ce10b24ee79ebb2821) - - [ ] [掌握艺术设计学论文文献收集全指南,让文献不再难搞。](https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247493259&idx=1&sn=ea25f2184ac90e4708490138156b2621) - - [ ] [掌握影视摄影与制作论文文献搜集内部攻略,助你写出高分必备指南!](https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247493259&idx=2&sn=822a6781edeeaf9e98aaeb1434eff4ad) - - [ ] [掌握硬核技巧:电子商务论文文献搜集全攻略,再也不愁找不到高质量文献了!](https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247493259&idx=3&sn=8b6a73f7d723ccca32e7506256455a9c) - - [ ] [掌握云计算与大数据论文选题技巧,导师都说靠谱的秘诀指南!](https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247493259&idx=4&sn=efa511efbec97d70ba6bd3f53083017b) - - [ ] [掌握这份电子商务论文初稿生成指南,一天搞定毕业论文!](https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247493259&idx=5&sn=831b7e600453447ad06a62b31b3aef2a) - - [ ] [掌握这份诉讼法学论文文献搜集高阶攻略,提升你的学术创新力!](https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247493259&idx=6&sn=5e1ea103b527981dab1ba28838f2d973) - - [ ] [掌握这份AI版社会保障论文写作大纲高阶脚本指南,一周完整论文不是梦!](https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247493259&idx=7&sn=cf40d9551ecccbb1c21543955cd555a9) - - [ ] [掌握这份ChatGPT物理化学论文选题指南,让论文写作从此不愁!](https://mp.weixin.qq.com/s?__biz=MzU4MzM4MzQ1MQ==&mid=2247493259&idx=8&sn=e677fc46b82e5dd576a4dd1503d89713) - - [ ] [谷歌称黑客正滥用Gemini AI来增强攻击能力](https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651313430&idx=1&sn=4afd94e32a04c49dcc25f593341c2fd5) - - [ ] [2025年AI网络安全预测](https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651313430&idx=2&sn=7388f9c978f61ad866c97f57c21abe6f) - - [ ] [Meta确认90名用户遭WhatsApp零点击间谍软件攻击](https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651313430&idx=3&sn=e5f4cbdc2013e8fc276d774eeeb951ae) - - [ ] [微软披露macOS漏洞CVE-2024-44243,允许安装Rootkit](https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651313430&idx=4&sn=6e74cf5e7a16522cf7f639a52c3789c7) - - [ ] [漏洞挖掘 | 基于mssql数据库的sql注入](https://mp.weixin.qq.com/s?__biz=MzUyODkwNDIyMg==&mid=2247547538&idx=1&sn=2de25baa764188f0bd83a351248a40c5) - - [ ] [通过计算机视觉帮助发现隐藏的漏洞](https://mp.weixin.qq.com/s?__biz=MzI4NTcxMjQ1MA==&mid=2247615413&idx=1&sn=363d6567bfa41a8f33e272e1185da50a) - - [ ] [AI驱动API漏洞激增1205%,企业安全面临空前挑战!](https://mp.weixin.qq.com/s?__biz=Mzg3OTYxODQxNg==&mid=2247485686&idx=1&sn=6ad3015e97dc52bd69dc9921b81a5f9c) - - [ ] [大算力之路,生命不选GPU](https://mp.weixin.qq.com/s?__biz=Mzk0MTI4NTIzNQ==&mid=2247492308&idx=1&sn=775c682a9974e1a355dc8b8b2a206a11) - - [ ] [想用 DeepSeek?这里能用,扫码还送 14 元体验金](https://mp.weixin.qq.com/s?__biz=MzkyNzUzMjM1NQ==&mid=2247484777&idx=1&sn=0acdb741af24de7e3f86557afa0a53be) - - [ ] [【2025春节】解题领红包活动排行榜(初六 2/3)](https://mp.weixin.qq.com/s?__biz=MjM5Mjc3MDM2Mw==&mid=2651141670&idx=1&sn=de73fb9cf91c717915c2bd5adcde0c09) - - [ ] [Stratovirt 的 RISC-V 虚拟化支持(五):BootLoader 和设备树](https://mp.weixin.qq.com/s?__biz=MzA5NDQzODQ3MQ==&mid=2648194570&idx=1&sn=c848bb41f340e4869973a3e8eb22c5e8) - - [ ] [标签巨头 Avery 称网站遭黑客攻击,信用卡信息被窃](https://mp.weixin.qq.com/s?__biz=Mzg3ODY0NTczMA==&mid=2247492132&idx=1&sn=13d6fe7fec657cd4cb7b5191b4e4ef8a) - - [ ] [一次区块链的安全研究](https://mp.weixin.qq.com/s?__biz=MzkyNDU2MDk4NQ==&mid=2247484034&idx=1&sn=ecdb621b08c7137bfb1cb1bd900cf5f9) - - [ ] [DeepSeek接入个人知识库,一般电脑也能飞速跑,确实可以封神了!](https://mp.weixin.qq.com/s?__biz=MzkyMzg4MTY4Ng==&mid=2247484596&idx=1&sn=5e1a1f6c02555974e75a31c95e629591) - - [ ] [全网最全、最详细的 Linux 进程间通信方式讲解来了,你不容错过!](https://mp.weixin.qq.com/s?__biz=MzI1NzI5NDM4Mw==&mid=2247498590&idx=1&sn=3ee93d415c16a3700b965bd1c5ddbfe1) - - [ ] [500 美元的漏洞:Censys 搜索如何引导我获得快速漏洞赏金](https://mp.weixin.qq.com/s?__biz=MzkwOTE5MDY5NA==&mid=2247504845&idx=1&sn=8c8fa9f474d370a021e30aa8209268ac) - - [ ] [码住!一次把CISP认证说清楚](https://mp.weixin.qq.com/s?__biz=Mzg4MTg0MjQ5OA==&mid=2247487899&idx=1&sn=f5087c557ca623669bc4a1ad49138032) - - [ ] [一次性把中东关系讲清楚:中东地区的情报战略](https://mp.weixin.qq.com/s?__biz=MzkwNzM0NzA5MA==&mid=2247505221&idx=1&sn=b0a5ccbab53fc8198452223d8cb6eb62) - - [ ] [特朗普“重返中亚”:经济与能源的“双重奏”](https://mp.weixin.qq.com/s?__biz=MzkwNzM0NzA5MA==&mid=2247505221&idx=2&sn=a237923be240db67501e67e018240b6e) - - [ ] [万物随春醒 云堤护网宁](https://mp.weixin.qq.com/s?__biz=MzkxNDY0MjMxNQ==&mid=2247532981&idx=1&sn=a02ca7b9dd52b7b11881079f1e0485aa) - - [ ] [Active Directory Domain Services 权限提升漏洞 (CVE-2025-21293)](https://mp.weixin.qq.com/s?__biz=MzAxODM5ODQzNQ==&mid=2247487001&idx=1&sn=eaae88e6f2b15e26732ca6b90fb5ca69) - - [ ] [Flask代码审计从思路到实战](https://mp.weixin.qq.com/s?__biz=MzkyNTUyNDMyOA==&mid=2247487699&idx=1&sn=34f12cfc82af827d58e8d758143316bf) - - [ ] [OSCP考试必备:最全实战命令手册](https://mp.weixin.qq.com/s?__biz=Mzk0ODY1NzEwMA==&mid=2247486694&idx=1&sn=1cdf7df2384a0e643d3f364d5e3040f1) - - [ ] [麻省理工科技评论:2025年AI五大趋势](https://mp.weixin.qq.com/s?__biz=MzUzODYyMDIzNw==&mid=2247516971&idx=1&sn=65365df101260e7ccf5f42018c654110) - - [ ] [立春|春之启幕 万物生晖](https://mp.weixin.qq.com/s?__biz=MzIxNDIzNTcxMg==&mid=2247506764&idx=1&sn=ce887174eaa79679513bf66138d1fe3b) - - [ ] [内网横向渗透之Windows连接技巧](https://mp.weixin.qq.com/s?__biz=MjM5MjEyMTcyMQ==&mid=2651037466&idx=1&sn=fd456a13dbe3d7a82884d0b43cb51f82) - - [ ] [今日立春](https://mp.weixin.qq.com/s?__biz=Mzg3NTU3NTY0Nw==&mid=2247489552&idx=1&sn=7bf9b6c74a63b3620493157b380a8849) - - [ ] [大年初六 银蛇报春](https://mp.weixin.qq.com/s?__biz=Mzg2MTU5ODQ2Mg==&mid=2247507178&idx=1&sn=d90f00dc663f73a9b5d1e9b926920bc3) - - [ ] [数字取证之法律遵从性u200c](https://mp.weixin.qq.com/s?__biz=MjM5OTk4MDE2MA==&mid=2655265046&idx=1&sn=37f22293698b7e90fd4cc49c08fbc426) - - [ ] [网安原创文章推荐【2025/2/2】](https://mp.weixin.qq.com/s?__biz=MzAxNzg3NzMyNQ==&mid=2247489552&idx=1&sn=4cdba465482fcd99df63ffa4bf4ac236) - - [ ] [以色列间谍无需点击即可入侵 WhatsApp](https://mp.weixin.qq.com/s?__biz=MzkzNDIzNDUxOQ==&mid=2247494727&idx=1&sn=92a7f62638a9a6dc5e71a39655e2b9f1) - - [ ] [大年初六 | 金蛇昂首,“巳”如破竹](https://mp.weixin.qq.com/s?__biz=MzA4MTg0MDQ4Nw==&mid=2247579301&idx=1&sn=35ed47abf0879798ddd2a03509c33f87) - - [ ] [老板让我节后研究一下deepseek](https://mp.weixin.qq.com/s?__biz=Mzk0MTI4NTIzNQ==&mid=2247492302&idx=1&sn=bd877522ae6488d1ff49f8325ab6b720) - - [ ] [程序员注定被淘汰](https://mp.weixin.qq.com/s?__biz=Mzk0MTI4NTIzNQ==&mid=2247492302&idx=2&sn=0144e48c3daefe11282c0145291f06d4) - - [ ] [大年初六丨安天镇关给您拜年了](https://mp.weixin.qq.com/s?__biz=MjM5MTA3Nzk4MQ==&mid=2650209932&idx=1&sn=ffcf5ae2b2a579a036936f3d466c4a18) + - [ ] [机遇与挑战](https://mp.weixin.qq.com/s?__biz=MzkzMDM5NzIwMw==&mid=2247484518&idx=1&sn=861dfb406410914241c67defe6d91ec6) + - [ ] [DeepSeek 本地部署](https://mp.weixin.qq.com/s?__biz=MzIxMTg1ODAwNw==&mid=2247500560&idx=1&sn=981a4f8ada46441d7d74c01205ececcb) + - [ ] [渗透实战 | Solidstate靶机攻防全解析](https://mp.weixin.qq.com/s?__biz=Mzk1NzIzMTA5OA==&mid=2247483757&idx=1&sn=37399e93e3d4548dc019166c317575df) + - [ ] [官网正式开放!](https://mp.weixin.qq.com/s?__biz=Mzk1NzM1OTc3Nw==&mid=2247484012&idx=1&sn=525cd7c3e888f5824a10bce5531d3335) + - [ ] [大年初七丨安天追影给您拜年了](https://mp.weixin.qq.com/s?__biz=MjM5MTA3Nzk4MQ==&mid=2650209960&idx=1&sn=cce56eec596f90bf9a33252c8ee4be97) + - [ ] [AutoPentest:高级渗透测试工程师的终极利器,全流程自动化渗透测试框架](https://mp.weixin.qq.com/s?__biz=MzU2MTc4NTEyNw==&mid=2247486515&idx=1&sn=0b5f8fa5d86a19511ff1833ff2f2753e) + - [ ] [世界需要一个能谋善断的AI(八)AI时代孩子应该学什么?](https://mp.weixin.qq.com/s?__biz=MzAxOTk3NTg5OQ==&mid=2247492389&idx=1&sn=c171fc4e63e7f7cfbc596aeab35787f0) + - [ ] [我用deepseek发现了未来10年的数字取证趋势洞察](https://mp.weixin.qq.com/s?__biz=MzI1NDMxOTkyNw==&mid=2247485302&idx=1&sn=1a68901f191f7fefe71debe1bd108ed2) + - [ ] [Deepseek-R1的本地部署](https://mp.weixin.qq.com/s?__biz=MzkwOTE3MzAxOA==&mid=2247485406&idx=1&sn=6a49483a834622537b994a92e30c0d40) + - [ ] [从deepseek安全问题看NTP反射放大攻击](https://mp.weixin.qq.com/s?__biz=MzI3NzM5NDA0NA==&mid=2247490347&idx=1&sn=796ff74be44d20c70c2e5561993c0b7e) + - [ ] [秦安:DeepSeek暴起,警惕核心成员人身安全,美国已准备偷走一切](https://mp.weixin.qq.com/s?__biz=MzA5MDg1MDUyMA==&mid=2650476644&idx=1&sn=bc0eed8cf42c9fa9145c1cf3e4a0296d) + - [ ] [牟林:驳AI时代记忆力无用论](https://mp.weixin.qq.com/s?__biz=MzA5MDg1MDUyMA==&mid=2650476644&idx=2&sn=bf786eb84d21ed3384a20b81bbb0197e) + - [ ] [PyTorch入门 (1)环境搭建、神经网络普及和Torch基础知识](https://mp.weixin.qq.com/s?__biz=Mzg5MTM5ODU2Mg==&mid=2247501337&idx=1&sn=1d5b325bd3781d3366805cba31133082) + - [ ] [人工智能网络安全协作手册](https://mp.weixin.qq.com/s?__biz=MjM5OTk4MDE2MA==&mid=2655265068&idx=1&sn=7c48aa185e4e30f0ea044f459095282b) + - [ ] [论文阅读:AI学习之钥](https://mp.weixin.qq.com/s?__biz=MzI3MDY0Nzg1Nw==&mid=2247489484&idx=1&sn=a9627e1c551186695cc7a37f2571eba9) + - [ ] [新时代来啦,文科生找不到工作了!!?](https://mp.weixin.qq.com/s?__biz=Mzk1NzI0MzI5NQ==&mid=2247484496&idx=1&sn=2730838d475ea6288615f7b14a756b7c) + - [ ] [管理型交换机与非管理型交换机有何不同?](https://mp.weixin.qq.com/s?__biz=MzIyMzIwNzAxMQ==&mid=2649464791&idx=1&sn=db6607f928d3206cdcf8611183f65f7a) + - [ ] [感谢你们,无名英雄!](https://mp.weixin.qq.com/s?__biz=Mzg2NDg2MDIxNQ==&mid=2247485359&idx=1&sn=45de5f58cb6cdf2fa36baff08d30530b) + - [ ] [一文带你了解私有云、公有云与混合云有啥区别?](https://mp.weixin.qq.com/s?__biz=MzUyNTExOTY1Nw==&mid=2247528084&idx=1&sn=7376e68f2ffd9a33b74b4ab0e939d753) + - [ ] [G.O.S.S.I.P 2025 新春总动员(2):反编译研究的又一年](https://mp.weixin.qq.com/s?__biz=Mzg5ODUxMzg0Ng==&mid=2247499661&idx=1&sn=76d0e94d245ff6aa345521b8bf4a4f17) + - [ ] [帆软bi反序列化漏洞利用工具更新V3.0](https://mp.weixin.qq.com/s?__biz=Mzk0ODM0NDIxNQ==&mid=2247493428&idx=1&sn=47039c762156ca739f4badbe020d9d88) + - [ ] [【2025-02-04】黑客新闻摘要](https://mp.weixin.qq.com/s?__biz=MzIzNDU5NTI4OQ==&mid=2247488418&idx=1&sn=6d2a64739172e951c2d890e6de5ab459) + - [ ] [无点击钓鱼?微软超高危RCE漏洞](https://mp.weixin.qq.com/s?__biz=Mzk0NzM4NzI1MA==&mid=2247486241&idx=1&sn=42301175cbc8633a71f78d3d218df92b) + - [ ] [DeepSeek + Continue:Android 开发效率提升 10 倍的秘密!](https://mp.weixin.qq.com/s?__biz=Mzg2NzUzNzk1Mw==&mid=2247497214&idx=1&sn=d3776e4e8ce79ffe90b533ae95255b10) + - [ ] [DeepSeek杀死传统IT企业,踢开数据资产时代](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485513&idx=1&sn=c43833b381cb5b9889364d3f24bad740) + - [ ] [【干货原创】实网攻防演习常态化,会带来什么变化01](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485513&idx=4&sn=380d80ccf94e80cfd466ad9e7065f575) + - [ ] [【干货原创】K12教育,鲜为人知的模式秘密](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485513&idx=5&sn=575e333e1d71235af0b5590e1f9fa643) + - [ ] [原创文章目录](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485513&idx=6&sn=cc8803c8db1225a47f371c81fcea8ae5) + - [ ] [智能汽车网络安全防护与实践](https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247620476&idx=1&sn=af68a1f6710033f23125f04671ad2ace) + - [ ] [GB_T 44778-2024 汽车诊断接口信息安全技术要求及试验方法](https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247620476&idx=2&sn=8b39c245f8173951afe0c24ffa5aa1ae) + - [ ] [GB T 44774-2024 汽车信息安全应急响应管理规范-市场监督总局、国标委](https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247620476&idx=3&sn=6e3161777dcde192f99276ab32c7d775) + - [ ] [DeepSeek帮你公众号优化:从300到1万粉的实战步骤](https://mp.weixin.qq.com/s?__biz=MzA3NDE0NTY0OQ==&mid=2247484336&idx=1&sn=a1535d993012628894c32e35fab37a31) + - [ ] [车联网TSP为什么要用MQTT协议传输数据?](https://mp.weixin.qq.com/s?__biz=MzIzOTc2OTAxMg==&mid=2247549672&idx=1&sn=5f641d8680e8b46ac05ff87f3966eeb8) + - [ ] [一文详解AUTOSAR DLT模块](https://mp.weixin.qq.com/s?__biz=MzIzOTc2OTAxMg==&mid=2247549672&idx=2&sn=d45d7f3ddbf98e8a3089a7870892f8c5) + - [ ] [【手慢无】DeepSeek崩疯了吧?速领2000万Token平替方案!华为云护航稳如狗](https://mp.weixin.qq.com/s?__biz=MzIxMTEyOTM2Ng==&mid=2247504554&idx=1&sn=d1c0bedfb35d58181772200167e62945) + - [ ] [尝试获取一下DeepSeek的系统设定提示词](https://mp.weixin.qq.com/s?__biz=MzkwODQyMjgwNg==&mid=2247485477&idx=1&sn=e1a235c3682fd02117efd82ddf409722) + - [ ] [天线的性能参数之相位中心(一)](https://mp.weixin.qq.com/s?__biz=MzI3NzQ3NzY4OA==&mid=2247484089&idx=1&sn=b3643b7cc01c397bba3be4ee3e4daabe) + - [ ] [靶场系列之Kioptix Level 2014](https://mp.weixin.qq.com/s?__biz=Mzk1NzIzNjM0OQ==&mid=2247484191&idx=1&sn=ec856f2469e9eacf45eb7780f12aa7a3) + - [ ] [以亲身安全经历聊聊安全方向、价值与未来](https://mp.weixin.qq.com/s?__biz=MzA4ODEyODA3MQ==&mid=2247490317&idx=1&sn=5c05e289a164028bc3044f962294c041) + - [ ] [我让AI当黑客!基于DeepSeek+ollama的网安神器开发实录,效率提升300%](https://mp.weixin.qq.com/s?__biz=MzkxMTUwOTY1MA==&mid=2247490204&idx=1&sn=4f7cfbc7db9862c3f46da030ce3d8cf4) + - [ ] [2025年美国BIS《AI扩散框架》解析:芯片篇](https://mp.weixin.qq.com/s?__biz=MzIxODM0NDU4MQ==&mid=2247506458&idx=1&sn=ecec764ff424e604de3eaa973d8cf71b) + - [ ] [本地部署DeepSeek R1模型并打造专属的AI知识库](https://mp.weixin.qq.com/s?__biz=Mzg2MjgwMzIxMA==&mid=2247484907&idx=1&sn=7a4e902606cb6ac2e7399b9e8a2875a3) + - [ ] [问deepseek,人生的意义是什么?](https://mp.weixin.qq.com/s?__biz=Mzk0MTI4NTIzNQ==&mid=2247492324&idx=1&sn=c671e860833125f018fb28ee2b7b8781) + - [ ] [【免杀实践】 二进制文件分析与利用,不一样的免杀思路](https://mp.weixin.qq.com/s?__biz=MzkyNDUzNjk4MQ==&mid=2247484838&idx=1&sn=8cbc7c76746c3394f941a64a079e9843) + - [ ] [【工具推荐】 - ZeroEye3.0自动化找白文件,提升免杀效率,实现降本增效](https://mp.weixin.qq.com/s?__biz=MzkyNDUzNjk4MQ==&mid=2247484838&idx=2&sn=05e53e2cd408fbe1112c378c6a781673) + - [ ] [【免杀实战】 - R3Kill掉system启动的火绒6.0主程序 * 追加篇](https://mp.weixin.qq.com/s?__biz=MzkyNDUzNjk4MQ==&mid=2247484838&idx=3&sn=b6a0f2530a90f15d4efc6b42faf0fcea) + - [ ] [新春惊喜大放送!70+本中国信通院权威报告合集等你来领,错过等一年!](https://mp.weixin.qq.com/s?__biz=MzU1OTUxNTI1NA==&mid=2247592487&idx=1&sn=3fdcd70f034216b522f2ee1a966921d0) + - [ ] [5款常用的漏洞扫描工具,网安人得会吧~](https://mp.weixin.qq.com/s?__biz=MzkxMzMyNzMyMA==&mid=2247570696&idx=1&sn=9cc57dc2e85ffaab5367dae31cdb200e) + - [ ] [非法获取抖音用户个人信息:4 人获刑](https://mp.weixin.qq.com/s?__biz=MzIxMDIwODM2MA==&mid=2653931486&idx=1&sn=e89bc8c9d204591a2da50214281eb74d) + - [ ] [“红客”or“哄客”——圈内专业技术人士锐评网红真相](https://mp.weixin.qq.com/s?__biz=MzUyOTcyNDg1OA==&mid=2247484250&idx=1&sn=94e06ec43a13647767b677efe6ba963e) + - [ ] [天选](https://mp.weixin.qq.com/s?__biz=MzAwMjQ2NTQ4Mg==&mid=2247496964&idx=1&sn=644ae05f8a05e277c4261c335cf72d03) + - [ ] [MAC/IP/ARP地址欺骗原理及实践](https://mp.weixin.qq.com/s?__biz=MzAxNTg1MDYxNA==&mid=2247489351&idx=1&sn=4d6173f4e6f7c1b8dc7b9a5dc319e3d6) + - [ ] [谷歌公司涉嫌违反反垄断法 市场监管总局依法决定立案调查](https://mp.weixin.qq.com/s?__biz=MjM5MzMwMDU5NQ==&mid=2649170589&idx=1&sn=469b0572be4635c66fcce9f37510fe5b) + - [ ] [德媒:DeepSeek成就凸显美国科技制裁失败](https://mp.weixin.qq.com/s?__biz=MjM5MzMwMDU5NQ==&mid=2649170589&idx=2&sn=ce5c9252c1eeccd6872ee2680bb7a70e) + - [ ] [黑客都是靠什么赚钱的?](https://mp.weixin.qq.com/s?__biz=MzU3MjczNzA1Ng==&mid=2247495758&idx=1&sn=5e537120cd28303ed00ae6d3ca0efb2d) + - [ ] [黑客装逼网站大全,零基础入门到精通,收藏这一篇就够了](https://mp.weixin.qq.com/s?__biz=MzU3MjczNzA1Ng==&mid=2247495758&idx=2&sn=4f52b2ba449f57337e7d31e8ae692806) + - [ ] [24H2 新的稳定的绕过ASLR的技术是什么?](https://mp.weixin.qq.com/s?__biz=MzU4OTk0NDMzOA==&mid=2247490058&idx=1&sn=37b966891237588d072307fc6742c256) + - [ ] [OpenAI发布Deep Research深度研究功能](https://mp.weixin.qq.com/s?__biz=MzkxNzY0Mzg2OQ==&mid=2247486288&idx=1&sn=f587ddb1e682cdb2c5b7dcd64122811a) +- A Few Thoughts on Cryptographic Engineering + - [ ] [How to prove false statements? (Part 1)](https://blog.cryptographyengineering.com/2025/02/04/how-to-prove-false-statements-part-1/) +- Armin Ronacher's Thoughts and Writings + - [ ] [Fat Rand: How Many Lines Do You Need To Generate A Random Number?](http://lucumr.pocoo.org/2025/2/4/fat-rand) +- 世事难料,保持低调 + - [ ] [DeepSeek V2/V3中的MLA和Matrix Absorption](https://blog.csdn.net/ariesjzj/article/details/145392128) +- Trustwave Blog + - [ ] [Trustwave SpiderLabs: Examining How New Ransomware Groups Emerge](https://www.trustwave.com/en-us/resources/blogs/trustwave-blog/trustwave-spiderlabs-examining-how-new-ransomware-groups-emerge/) +- Tenable Blog + - [ ] [CISA Releases FOCAL Plan to Help Federal Agencies Reduce Cyber Risk](https://www.tenable.com/blog/cisa-releases-focal-plan-to-help-federal-agencies-reduce-cyber-risk) - Security Boulevard - - [ ] [Orca Security Adds Additional CNAPP Deployment Options](https://securityboulevard.com/2025/02/orca-security-adds-additional-cnapp-deployment-options/) - - [ ] [Meet Rule Architect: Your AI-Powered WAF Rule Expert | Impart Security](https://securityboulevard.com/2025/02/meet-rule-architect-your-ai-powered-waf-rule-expert-impart-security/) - - [ ] [CISA/FDA Warn: Chinese Patient Monitors Have BAD Bugs](https://securityboulevard.com/2025/02/contec-epsimed-china-fda-cisa-richixbw/) - - [ ] [Randall Munroe’s XKCD ‘AlphaMove’](https://securityboulevard.com/2025/02/randall-munroes-xkcd-alphamove/) - - [ ] [HIPAA Cybersecurity Requirements and Best Practices](https://securityboulevard.com/2025/02/hipaa-cybersecurity-requirements-and-best-practices/) - - [ ] [How to create realistic test data for PostgreSQL](https://securityboulevard.com/2025/02/how-to-create-realistic-test-data-for-postgresql/) - - [ ] [Mockaroo and Tonic: Partners in mock data generation](https://securityboulevard.com/2025/02/mockaroo-and-tonic-partners-in-mock-data-generation/) - - [ ] [Why I joined Tonic: A product manager’s perspective](https://securityboulevard.com/2025/02/why-i-joined-tonic-a-product-managers-perspective/) - - [ ] [The Secret to Your Artifactory: Inside The Attacker Kill-Chain](https://securityboulevard.com/2025/02/the-secret-to-your-artifactory-inside-the-attacker-kill-chain/) - - [ ] [DEF CON 32 – Exposing Attacks Hiding In The Sheer Noise Of False Positives](https://securityboulevard.com/2025/02/def-con-32-exposing-attacks-hiding-in-the-sheer-noise-of-false-positives/) -- Recent Commits to cve:main - - [ ] [Update Mon Feb 3 20:25:45 UTC 2025](https://github.com/trickest/cve/commit/547eaddf6f9cd1e8e42627d796880a8f88ae171a) - - [ ] [Update Mon Feb 3 12:25:21 UTC 2025](https://github.com/trickest/cve/commit/c19a224cde37606b534e629bf1ee9e3a4e6f38b4) - - [ ] [Update Mon Feb 3 04:22:25 UTC 2025](https://github.com/trickest/cve/commit/364e032b264aaf1c882aaefa99178147eb6b841a) -- SecWiki News - - [ ] [SecWiki News 2025-02-03 Review](http://www.sec-wiki.com/?2025-02-03) + - [ ] [How Imperva Infused AI Throughout Research and Development](https://securityboulevard.com/2025/02/how-imperva-infused-ai-throughout-research-and-development/) + - [ ] [DEF CON 32 – Hacker Vs. AI Perspectives From An Ex-Spy](https://securityboulevard.com/2025/02/def-con-32-hacker-vs-ai-perspectives-from-an-ex-spy/) + - [ ] [Cyberhaven: A Wake-Up Call for Consent Phishing Risks | Grip](https://securityboulevard.com/2025/02/cyberhaven-a-wake-up-call-for-consent-phishing-risks-grip/) + - [ ] [Randall Munroe’s XKCD ‘Stromatolites’](https://securityboulevard.com/2025/02/randall-munroes-xkcd-stromatolites/) + - [ ] [Survey Sees Organizations Being Overwhelmed by Remediation Challenges](https://securityboulevard.com/2025/02/survey-sees-organizations-being-overwhelmed-by-remediation-challenges/) + - [ ] [Anomalies are not Enough](https://securityboulevard.com/2025/02/anomalies-are-not-enough/) + - [ ] [AttackIQ Bolsters Cyber Defenses with DeepSurface’s Risk-Analysis Tech](https://securityboulevard.com/2025/02/attackiq-bolsters-cyber-defenses-with-deepsurfaces-risk-analysis-tech/) + - [ ] [How bots and fraudsters exploit free tiers in AI SaaS](https://securityboulevard.com/2025/02/how-bots-and-fraudsters-exploit-free-tiers-in-ai-saas/) + - [ ] [DEF CON 32 – D0N0H4RM Cyber STEM Storytime](https://securityboulevard.com/2025/02/def-con-32-d0n0h4rm-cyber-stem-storytime/) + - [ ] [Top 15 Cloud Compliance Tools in 2025](https://securityboulevard.com/2025/02/top-15-cloud-compliance-tools-in-2025/) - Private Feed for M09Ic - - [ ] [phith0n starred Huanshere/VideoLingo](https://github.com/Huanshere/VideoLingo) - - [ ] [mitre forked mitre/salsa from salsa-rs/salsa](https://github.com/mitre/salsa) - - [ ] [Safe3 released UUSEC WAF Community Edition v6.4.0 at Safe3/uuWAF](https://github.com/Safe3/uuWAF/releases/tag/v6.4.0) - - [ ] [CHYbeta starred Kelvin-1013/Solana-Arbitrage-Bot](https://github.com/Kelvin-1013/Solana-Arbitrage-Bot) - - [ ] [boy-hack starred dyyz1993/twitter-monitor](https://github.com/dyyz1993/twitter-monitor) - - [ ] [gh0stkey starred veracrypt/VeraCrypt](https://github.com/veracrypt/VeraCrypt) - - [ ] [phra starred cmu-sei/GHOSTS](https://github.com/cmu-sei/GHOSTS) - - [ ] [gh0stkey starred browser-use/web-ui](https://github.com/browser-use/web-ui) - - [ ] [gh0stkey starred browser-use/browser-use](https://github.com/browser-use/browser-use) - - [ ] [wabzsy starred SpeedyOrc-C/HoYo-Glyphs](https://github.com/SpeedyOrc-C/HoYo-Glyphs) - - [ ] [wabzsy starred ading2210/linuxpdf](https://github.com/ading2210/linuxpdf) -- Publications | Outflank - - [ ] [Secure Enclaves for Offensive Operations (Part I)](https://www.outflank.nl/blog/2025/02/03/secure-enclaves-for-offensive-operations-part-i/) -- Horizon3.ai - - [ ] [Securing Financial Services: From Promises to Proof with NodeZero®](https://www.horizon3.ai/intelligence/blogs/securing-financial-services-from-promises-to-proof-with-nodezero/) + - [ ] [zer0yu starred flexflow/flexflow-train](https://github.com/flexflow/flexflow-train) + - [ ] [zer0yu starred deepspeedai/DeepSpeed](https://github.com/deepspeedai/DeepSpeed) + - [ ] [Freakboy starred klausw/hackerskeyboard](https://github.com/klausw/hackerskeyboard) + - [ ] [mgeeky starred airbus-seclab/soxy](https://github.com/airbus-seclab/soxy) + - [ ] [phith0n released 1.0 at vulhub/rocketmq-attack](https://github.com/vulhub/rocketmq-attack/releases/tag/1.0) + - [ ] [phith0n created a repository vulhub/rocketmq-attack](https://github.com/vulhub/rocketmq-attack//) + - [ ] [INotGreen starred netbiosX/AMSI-Provider](https://github.com/netbiosX/AMSI-Provider) + - [ ] [zer0yu starred airbus-seclab/bincat](https://github.com/airbus-seclab/bincat) + - [ ] [zer0yu starred airbus-seclab/soxy](https://github.com/airbus-seclab/soxy) + - [ ] [INotGreen starred jborean93/AmsiProvider](https://github.com/jborean93/AmsiProvider) + - [ ] [niudaii starred dyyz1993/twitter-monitor](https://github.com/dyyz1993/twitter-monitor) +- Recent Commits to cve:main + - [ ] [Update Tue Feb 4 20:32:01 UTC 2025](https://github.com/trickest/cve/commit/4a5361dc1eae2ea00fbfc91dceab648791976c24) + - [ ] [Update Tue Feb 4 12:24:03 UTC 2025](https://github.com/trickest/cve/commit/4553f118ae05848a0b87e7f13dd0e71467f284b8) + - [ ] [Update Tue Feb 4 04:24:21 UTC 2025](https://github.com/trickest/cve/commit/b8e3c9c765f22bbf4d8d5019707cf0dc32ea5bd0) +- 一个被知识诅咒的人 + - [ ] [【人工智能】掌握图像风格迁移:使用Python实现艺术风格的自动化迁移](https://blog.csdn.net/nokiaguy/article/details/145442258) + - [ ] [【人工智能】多模态学习在Python中的应用:结合图像与文本数据的深度探索](https://blog.csdn.net/nokiaguy/article/details/145442242) +- Bug Bounty in InfoSec Write-ups on Medium + - [ ] [Google did an Oopsie: a simple IDOR worth $3,133.7](https://infosecwriteups.com/google-did-an-oopsie-a-simple-idor-worth-3-133-7-2abefaef954d?source=rss----7b722bfd1b8d--bug_bounty) + - [ ] [Google: HTML Injection Bug](https://infosecwriteups.com/google-html-injection-bug-14a50e12bb96?source=rss----7b722bfd1b8d--bug_bounty) +- GuidePoint Security + - [ ] [GRIT’s 2025 Report: Annual Vulnerability Analysis and Exploitation Trends](https://www.guidepointsecurity.com/blog/grits-2025-report-annual-vulnerability-analysis-and-exploitation-trends/) - Twitter @bytehx - - [ ] [RT Jayesh Madnani: 🚀 Unspoken Bug Bounty Rules – From many years of failures & experience! 🕵️‍♂️ Got a similar bug across multiple assets b...](https://x.com/bytehx343/status/1886462043009769629) - - [ ] [Re @l33tdawg @Verichains Congrats man🎉🎉🎉🎉](https://x.com/bytehx343/status/1886368068483649594) - - [ ] [RT yso: Just uploaded my Bluetooth security testing slides! 📡 Also, Škoda disclosed a vulnerability I reported—they fixed & rewarded it fast! �...](https://x.com/bytehx343/status/1886367495373848670) -- SentinelOne - - [ ] [macOS FlexibleFerret | Further Variants of DPRK Malware Family Unearthed](https://www.sentinelone.com/blog/macos-flexibleferret-further-variants-of-dprk-malware-family-unearthed/) + - [ ] [Re @busf4ctor @Hacker0x01 Congrats! Is it the epic games one?](https://x.com/bytehx343/status/1886823603263692950) +- VMRay + - [ ] [Fully undetected Shell Script dropping macOS Atomic Stealer](https://www.vmray.com/fully-undetected-shell-script-dropping-macos-atomic-stealer/) - Malwarebytes - - [ ] [WhatsApp says Paragon is spying on specific users](https://www.malwarebytes.com/blog/news/2025/02/whatsapp-says-paragon-is-spying-on-specific-users) - - [ ] [A week in security (January 27 – February 2)](https://www.malwarebytes.com/blog/news/2025/02/a-week-in-security-january-27-february-2-2) + - [ ] [Valley News Live exposed more than a million job seeker’s resumes](https://www.malwarebytes.com/blog/news/2025/02/valley-news-live-exposed-more-than-a-million-job-seekers-resumes) + - [ ] [New AI “agents” could hold people for ransom in 2025](https://www.malwarebytes.com/blog/news/2025/02/new-ai-agents-could-hold-people-for-ransom-in-2025) +- SpiderLabs Blog + - [ ] [Beyond the Chatbot: Meta Phishing with Fake Live Support](https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/beyond-the-chatbot-meta-phishing-with-fake-live-support/) - Reverse Engineering - - [ ] [/r/ReverseEngineering's Weekly Questions Thread](https://www.reddit.com/r/ReverseEngineering/comments/1igk62y/rreverseengineerings_weekly_questions_thread/) - - [ ] [Lifting Binaries, Part 0: Devirtualizing VMProtect and Themida: It’s Just Flattening?](https://www.reddit.com/r/ReverseEngineering/comments/1igx34h/lifting_binaries_part_0_devirtualizing_vmprotect/) - - [ ] [Disassembling a binary: linear sweep and recursive traversal](https://www.reddit.com/r/ReverseEngineering/comments/1ih3ga3/disassembling_a_binary_linear_sweep_and_recursive/) - - [ ] [Is there a way to reverse Agile.NET compiled library for NinjaTrader 8?](https://www.reddit.com/r/ReverseEngineering/comments/1iguky3/is_there_a_way_to_reverse_agilenet_compiled/) - - [ ] [AMD: Microcode Signature Verification Vulnerability](https://www.reddit.com/r/ReverseEngineering/comments/1ih3ez3/amd_microcode_signature_verification_vulnerability/) -- glzjin - - [ ] [懒猫微服外挂ProxmoxVE启动方法说明](https://www.zhaoj.in/read-9077.html) -- Webroot Blog - - [ ] [MDR for MSPs: Navigating EDR compatibility](https://www.webroot.com/blog/2025/02/03/mdr-for-msps-navigating-edr-compatibility/) + - [ ] [Cloudflare jsd challenge reverse engineered (cf_clearance)](https://www.reddit.com/r/ReverseEngineering/comments/1ihcivi/cloudflare_jsd_challenge_reverse_engineered_cf/) +- PortSwigger Research + - [ ] [Top 10 web hacking techniques of 2024](https://portswigger.net/research/top-10-web-hacking-techniques-of-2024) - FreeBuf网络安全行业门户 - - [ ] [2024年768个CVE漏洞被利用,较2023年增长20%](https://www.freebuf.com/vuls/421042.html) - - [ ] [Shiro CVE-2023-34478 路径规范化不一致](https://www.freebuf.com/vuls/421037.html) - - [ ] [思科研究发现DeepSeek R1极易受有害提示影响](https://www.freebuf.com/articles/421045.html) - - [ ] [俄语系邪恶黑客团伙操纵10余种高度专业化的社交媒体诈骗](https://www.freebuf.com/articles/network/421044.html) - - [ ] [恶意软件冒充DeepSeek AI工具在PyPI上传播](https://www.freebuf.com/articles/421046.html) - - [ ] [疯狂邪恶团伙利用StealC、AMOS和Angel Drainer恶意软件瞄准加密货币](https://www.freebuf.com/articles/network/421028.html) -- daniel.haxx.se - - [ ] [European Open Source Achievement Award](https://daniel.haxx.se/blog/2025/02/03/european-open-source-achievement-award/) + - [ ] [FreeBuf早报 | 关于Deepseek的一些普遍误读;黑客利用7-Zip零日漏洞部署恶意软件](https://www.freebuf.com/news/421061.html) - 奇客Solidot–传递最新科技情报 - - [ ] [天文学家发现一巨型射电星系](https://www.solidot.org/story?sid=80466) - - [ ] [过去四十年海洋表面变暖速度翻了两番](https://www.solidot.org/story?sid=80465) - - [ ] [Ubuntu 的开发讨论平台将从 IRC 迁移到 Matrix](https://www.solidot.org/story?sid=80464) -- 锦行科技 - - [ ] [初六 | 六六大顺](https://mp.weixin.qq.com/s?__biz=MzIxNTQxMjQyNg==&mid=2247493743&idx=1&sn=9735ef44726404099d144253792e54d8&chksm=979a13caa0ed9adca648632b3a4495d3f5749a8ff6f4e170b279b471ff7b6675f7382d149206&scene=58&subscene=0#rd) -- 技可达工作室 - - [ ] [用DeepSeek学习区块链量化](https://mp.weixin.qq.com/s?__biz=MzU3NDY1NTYyOQ==&mid=2247486034&idx=1&sn=c8655d5eb94f15ce10b24ee79ebb2821&chksm=fd2e57b0ca59dea622a62f1323974973b15d0a21a3b284bbaa3832d5fe729c6a28a0bc1f8571&scene=58&subscene=0#rd) -- dotNet安全矩阵 - - [ ] [限时福利 | 2024 年度隧道代理、数据外发、痕迹清理阶段文章和工具汇总](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498677&idx=1&sn=8a4dcac147d84f3f1bd3ccb37a8d5e9e&chksm=fa595558cd2edc4e632bbfa5ccf31a9f66ee0d13161c10d466ac3487177f072458ac51f42af0&scene=58&subscene=0#rd) - - [ ] [总结 | 2024 年度内网实战攻防电子报刊 34 篇文章内容汇总](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498677&idx=2&sn=b973bed512a412529ca496db03a70cb7&chksm=fa595558cd2edc4e0635075a22a66da8311fced2fb3f09b46376c516d06ca1bdf5713c5374f3&scene=58&subscene=0#rd) - - [ ] [2024 年度本地权限操作阶段文章和工具汇总](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498677&idx=3&sn=7bf0c0bc3fdbee0fcbac31d78562ff0f&chksm=fa595558cd2edc4ee958c938fecfe4b37a180940e3b19ba4c06ca3aac6292817262680e954c3&scene=58&subscene=0#rd) + - [ ] [Freedesktop 和 Alpine Linux 寻找新托管商](https://www.solidot.org/story?sid=80467) - 安全分析与研究 - - [ ] [恶意样本静态分析-上](https://mp.weixin.qq.com/s?__biz=MzA4ODEyODA3MQ==&mid=2247490311&idx=1&sn=3ddb48128acc2772763bd99ba4cf850a&chksm=902fb42fa7583d39df80656526a79ff7e90160bdaf250c3ef5570920f6290bc7d172804eeeec&scene=58&subscene=0#rd) - - [ ] [APT狩猎工具](https://mp.weixin.qq.com/s?__biz=MzA4ODEyODA3MQ==&mid=2247490311&idx=2&sn=411e5b869e7b4425b9b6ce4d386e170a&chksm=902fb42fa7583d3998df7212df242d3ded6c932acd3b4b8a1fc90df1dcdea22ff764a30d9c03&scene=58&subscene=0#rd) + - [ ] [以亲身安全经历聊聊安全方向、价值与未来](https://mp.weixin.qq.com/s?__biz=MzA4ODEyODA3MQ==&mid=2247490317&idx=1&sn=5c05e289a164028bc3044f962294c041&chksm=902fb425a7583d33ffe98bf9bce591842d91643609f7c7b5f3f5a2caa72c373f14fb3b1a9743&scene=58&subscene=0#rd) +- 杨龙 + - [ ] [Nginx+PHP服务器上传限制调节](https://www.yanglong.pro/blog%e6%9c%8d%e5%8a%a1%e5%99%a8%e4%b8%8a%e4%bc%a0%e9%99%90%e5%88%b6%e8%b0%83%e8%8a%82/) +- 锦行科技 + - [ ] [初七 | 人日吉祥](https://mp.weixin.qq.com/s?__biz=MzIxNTQxMjQyNg==&mid=2247493744&idx=1&sn=f67c79d0ee451159f9d8b63a31ffa483&chksm=979a13d5a0ed9ac319549b9b712bc1aaa0e74fc7af62ce670d3fd7dd98dcd7e2a5fdafcffd0e&scene=58&subscene=0#rd) - 吾爱破解论坛 - - [ ] [【2025春节】解题领红包活动排行榜(初六 2/3)](https://mp.weixin.qq.com/s?__biz=MjM5Mjc3MDM2Mw==&mid=2651141670&idx=1&sn=de73fb9cf91c717915c2bd5adcde0c09&chksm=bd50a6728a272f64da4372a71de026e82781be975527fbb78c174055dc84299836178249ac7f&scene=58&subscene=0#rd) -- 丁爸 情报分析师的工具箱 - - [ ] [【资料】生成式人工智能下的世界](https://mp.weixin.qq.com/s?__biz=MzI2MTE0NTE3Mw==&mid=2651148842&idx=1&sn=a98ad85e918a855004f545cb00b2141b&chksm=f1af2510c6d8ac063ffdd7fa3fe1058b652280fbd2ae894b93c5781e7646424e70472f15f631&scene=58&subscene=0#rd) -- 看雪学苑 - - [ ] [浅析代码重定位技术](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458589301&idx=1&sn=f8b5a4c4740123d4431ccb68a9063f17&chksm=b18c28ff86fba1e99cd342a44cbdef0919f382e909a6181f50378ef9f83b9e5a90ed2a4eba53&scene=58&subscene=0#rd) - - [ ] [实用干货!无人机安全攻防入门,速来报名](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458589301&idx=2&sn=cd340085d0abd8a5fc5233d9ec93603f&chksm=b18c28ff86fba1e99daf5639ca2271fc027a1fdf2e613c62c6759c1135458a9f9e5e21bb30f4&scene=58&subscene=0#rd) -- 信息安全国家工程研究中心 - - [ ] [【二十四节气】立春 | 冬去春来万物生](https://mp.weixin.qq.com/s?__biz=MzU5OTQ0NzY3Ng==&mid=2247498793&idx=1&sn=441c9d8c6db5d81afa624f8430127389&chksm=feb67d3ac9c1f42c15e947ca936857e5d5c64261d37496ee03b940a94c66338e2c99840b5e5d&scene=58&subscene=0#rd) + - [ ] [分享图片](https://mp.weixin.qq.com/s?__biz=MjM5Mjc3MDM2Mw==&mid=2651141676&idx=1&sn=72023018cd03f75887c2ed1741e5e8e0&chksm=bd50a6788a272f6e033dd144a7bc829356b6797d17d157f1399ae32d8c859579132739f55f0a&scene=58&subscene=0#rd) +- dotNet安全矩阵 + - [ ] [最后一天福利 | 2024年度WebShell专题、内存马技术、反序列化漏洞文章和工具汇总](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498718&idx=1&sn=0bbf3d272f4c72302d21c151106a9275&chksm=fa595533cd2edc25867405807f8e4bfdee1cf510746683efe669fd6a09f3f08f97c6e86ca47a&scene=58&subscene=0#rd) + - [ ] [.NET 安全基础入门学习知识库](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498718&idx=2&sn=19e62b92cf72c453cb87a2a849165c10&chksm=fa595533cd2edc256454361bd96cb15ab09cfeb56264abdb375529be15ba79d7ad6d882db94d&scene=58&subscene=0#rd) + - [ ] [2024 年度隧道代理、数据外发、痕迹清理阶段文章和工具汇总](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498718&idx=3&sn=30beabdcff16e3ec0dbe4096cab483fd&chksm=fa595533cd2edc2557a91d1a20e49233529988735a1ad63c2cd1bae1ecbc24e58d482683612c&scene=58&subscene=0#rd) +- 安全学术圈 + - [ ] [北京理工大学 | 利用高鲁棒流量表示瓦解网站指纹防御](https://mp.weixin.qq.com/s?__biz=MzU5MTM5MTQ2MA==&mid=2247491622&idx=1&sn=9c8adf0775c59b6630c5d518da11bfb0&chksm=fe2d1fadc95a96bb9fa8fc64e04a456bff174e4505248f2b146e3d41250a796cb38e0dbd16bf&scene=58&subscene=0#rd) - 安全研究GoSSIP - - [ ] [G.O.S.S.I.P 2025 新春总动员(1):疯狂的PDF](https://mp.weixin.qq.com/s?__biz=Mzg5ODUxMzg0Ng==&mid=2247499652&idx=1&sn=589b1778aa04f72cdc07c947be4bc17c&chksm=c063d15df714584b9680831e04f60a8d775211b89366d6125e8a337aa07a891760a5f272c4ba&scene=58&subscene=0#rd) -- 杨龙 - - [ ] [nginx restart failed:nginx: [alert] OPENSSL_init_ssl() failed (SSL: error:12800067:DSO support routines::could not load the shared library:filename(/snap/certbot/4325/usr/lib/x86_64-linux-gnu/ossl-modules/fips.so): /snap/certbot/4325/usr/lib/x86_64-linux-gnu/ossl-modules/fips.so: cannot open shared object file: No such file or directory error:12800067:DSO support routines::could not load the shared library error:07880025:common libcrypto routines::reason(37):name=fips error:0700006D:configuration file routines::module initialization error:module=providers, value=provider_sect retcode=-1 ) 解决办法](https://www.yanglong.pro/nginx-restart-failednginx-alert-openssl_init_ssl-failed-ssl-error12800067dso-support-routinescould-not-load-the-shared-libraryfilename-snap-certbot-4325-usr-lib-x86_64-linux-gnu-ossl-mod/) + - [ ] [G.O.S.S.I.P 2025 新春总动员(2):反编译研究的又一年](https://mp.weixin.qq.com/s?__biz=Mzg5ODUxMzg0Ng==&mid=2247499661&idx=1&sn=76d0e94d245ff6aa345521b8bf4a4f17&chksm=c063d154f71458428c47a7c127c7aa10098db4d0d64253424108bd5b79a87e3ac38ff18f37a1&scene=58&subscene=0#rd) - 中国信息安全 - - [ ] [专家解读 | 推动个人信息出境个人信息保护认证制度落地 促进个人信息高效便利安全跨境流动](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235937&idx=1&sn=d246a29f11e44289e30c16ad02323ea2&chksm=8b580158bc2f884ee870cf909293f550b4c6d68f752798b4305df99158a937ae96c708b46913&scene=58&subscene=0#rd) - - [ ] [征订|欢迎订阅2025年《中国信息安全》杂志](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235937&idx=2&sn=4edccca64682f8f41e9b56497807eb00&chksm=8b580158bc2f884e1eadb1ba8edd1fc7ee1b96d216203155cb5d91797f95b1378359e3428734&scene=58&subscene=0#rd) - - [ ] [专家解读 | 提升数据流通安全治理能力 促进数据流通开发利用](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235937&idx=3&sn=4b74cb1e75a739f80043e4d79c6f19a5&chksm=8b580158bc2f884ec910feed597fb437cb51a6951c0f1ae66fb67ec4ab7d0b6a18b58f8fdeb4&scene=58&subscene=0#rd) - - [ ] [国际 | 日本推进人工智能立法兼顾双重性](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235937&idx=4&sn=f8a6890f42bfbbbee12fcb55f0fde756&chksm=8b580158bc2f884ee7d8be0d3b95af42bf87dc525ebe931098d6678ae4a3721ef29ebeda5c6c&scene=58&subscene=0#rd) - - [ ] [评论 | 铲除“反防沉迷产业链”,撑起“数字晴空”](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235937&idx=5&sn=64e31032d2a327b33ad9368ee8790d3f&chksm=8b580158bc2f884ebdeeb7ed2b4c3494060fcc77a43367fd6ea18e1cc4f062d3772f1dd9519e&scene=58&subscene=0#rd) -- 极客公园 - - [ ] [为什么说大模型,补上了搜索的最后一块短板](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653073232&idx=1&sn=2e8dd2550e1834a9affa554d120ca22e&chksm=7e57d2e649205bf04b6221d8162c87808b7db4914fb54ed96ff7894c4dbdf9ae2fc3b60d5446&scene=58&subscene=0#rd) - - [ ] [微信视频美颜「仅自己可见」,官方:都能看见;《哪吒 2》破30亿冲击票房冠军;水上机器人救回 3 位溺水者 | 极客早知道](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653073231&idx=1&sn=075c62ad2e8d854da64c1ed036e2bb36&chksm=7e57d2f949205befef103e65c9db8965a3a3a773976308faabe56e0234093ebad38383430fe8&scene=58&subscene=0#rd) -- 情报分析师 - - [ ] [美国为何对 DeepSeek 如此“上心”?一场科技博弈的真相](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650559440&idx=1&sn=a71dae9b931ab06febdba6081a3e1c26&chksm=87117d9bb066f48de68a68083afd89c401fc25c0148c8c7d276322a69401f9f0519b30a3fd15&scene=58&subscene=0#rd) - - [ ] [美国联邦调查局“变天”?特朗普全面清洗大动作曝光](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650559440&idx=2&sn=ac91eaccfce9275a6fd64aed2388e1a6&chksm=87117d9bb066f48d6b4f6c684a3bf0af5da9b279e4674d5c1dc38c70d86f10fae55b46bf64a4&scene=58&subscene=0#rd) -- Black Hills Information Security - - [ ] [Introducing ORBIT, Scan Targets and Clients at Scale](https://www.blackhillsinfosec.com/introducing-orbit-scan-targets-and-clients-at-scale/) + - [ ] [专家解读 | 刘贤刚:以高水平安全保障数据合规高效流通利用](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235998&idx=1&sn=e5c48f11f03db570c3a90816bad8c1d5&chksm=8b580127bc2f88316c198cf75c2984eb2176621a4368b7312cebbfdc9e66ac0f70bf9c3fd6d7&scene=58&subscene=0#rd) + - [ ] [专家解读 | 吴沈括:科学建构个人信息保护认证 促进数据高效便利安全跨境流动](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235998&idx=2&sn=90c7e93a07b50d82c6780007144f2d20&chksm=8b580127bc2f8831c2460a0a643f82b36a62568c56e94926687d95d3a05855c445fc8913c5b5&scene=58&subscene=0#rd) + - [ ] [专家观点 | 数据资产登记:推动数字经济发展的关键钥匙](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235998&idx=3&sn=9b9ac7c176f476f344450cffb04b11cd&chksm=8b580127bc2f883187630723c5ed285c07e34d481fd7ea76c5f77d255726091eda39ad2724e0&scene=58&subscene=0#rd) + - [ ] [专家观点 | 卫生健康数据资产全过程管理的法治路径](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235998&idx=4&sn=eea10396ff51751871886d0c472aa6c7&chksm=8b580127bc2f883149290247051a17f092c240538939cc329863fe5813572399c064e87f28a9&scene=58&subscene=0#rd) - 360数字安全 - - [ ] [大年初六 | 金蛇昂首,“巳”如破竹](https://mp.weixin.qq.com/s?__biz=MzA4MTg0MDQ4Nw==&mid=2247579301&idx=1&sn=35ed47abf0879798ddd2a03509c33f87&chksm=9f8d26ada8faafbbbb8a81d52e8929c1dfdcf019590ce3e3b1fffe2c997372f76abc89f2a72f&scene=58&subscene=0#rd) -- Qualys Security Blog - - [ ] [Qualys TotalAppSec Delivers AI-powered Unified Application Risk Management for Modern Web Apps and APIs](https://blog.qualys.com/category/product-tech) + - [ ] [大年初七 | 祥蛇送安,前程“巳”锦](https://mp.weixin.qq.com/s?__biz=MzA4MTg0MDQ4Nw==&mid=2247579302&idx=1&sn=312f41b6a398879cd51cef2086bd411c&chksm=9f8d26aea8faafb813d81d84efc298f6ab32c3d59c70e3f11e053e9786c9ce8062c7bf2520e7&scene=58&subscene=0#rd) +- 极客公园 + - [ ] [小米股价创新高,市值突破万亿;披头士 「AI 歌曲」获格莱美大奖;《流浪地球 3》三月开机,开招演员|极客早知道](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653073254&idx=1&sn=4c63eb6266e84fc673589f365a56ba3b&chksm=7e57d2d049205bc6a939ef6ca8c4912447c4fe10f231e12d472569c227579674ab0c653e00d5&scene=58&subscene=0#rd) +- Over Security - Cybersecurity news aggregator + - [ ] [Union groups sue Treasury over giving DOGE access to sensitive data](https://therecord.media/union-groups-sue-treasury-over-giving-doge-access-to-data) + - [ ] [Zyxel won’t patch newly exploited flaws in end-of-life routers](https://www.bleepingcomputer.com/news/security/zyxel-wont-patch-newly-exploited-flaws-in-end-of-life-routers/) + - [ ] [Spyware maker Paragon confirms U.S. government is a customer](https://techcrunch.com/2025/02/04/spyware-maker-paragon-confirms-u-s-government-is-a-customer/) + - [ ] [Proposal for federal cyber scholarship, with service requirement, returns in House](https://therecord.media/pivott-act-returns-cyber-scholarships-rep-mark-green) + - [ ] [Google Play, Apple App Store apps caught stealing crypto wallets](https://www.bleepingcomputer.com/news/mobile/google-play-apple-app-store-apps-caught-stealing-crypto-wallets/) + - [ ] [Grubhub says hack on third-party exposed information on campus customers](https://therecord.media/grubhub-says-third-party-hack-exposed-campus-customers) + - [ ] [Cyber agencies share security guidance for network edge devices](https://www.bleepingcomputer.com/news/security/cyber-agencies-share-security-guidance-for-network-edge-devices/) + - [ ] [Chinese cyberspies use new SSH backdoor in network device hacks](https://www.bleepingcomputer.com/news/security/chinese-cyberspies-use-new-ssh-backdoor-in-network-device-hacks/) + - [ ] [Botnet: cosa sono, come funzionano, i consigli per proteggere la rete aziendale dagli zombie del Web](https://www.cybersecurity360.it/nuove-minacce/botnet-cosa-sono-come-funzionano-e-come-proteggere-la-rete-aziendale-dagli-zombie-del-web/) + - [ ] [Aggiornamenti Android febbraio 2025, corretta una vulnerabilità sfruttata attivamente: i dettagli](https://www.cybersecurity360.it/news/aggiornamenti-android-febbraio-2025-corretta-una-vulnerabilita-sfruttata-attivamente-i-dettagli/) + - [ ] [Who’s Behind the Seized Forums ‘Cracked’ & ‘Nulled’?](https://krebsonsecurity.com/2025/02/whos-behind-the-seized-forums-cracked-nulled/) + - [ ] [Netgear warns users to patch critical WiFi router vulnerabilities](https://www.bleepingcomputer.com/news/security/netgear-warns-users-to-patch-critical-wifi-router-vulnerabilities/) + - [ ] [Russian cyber research companies post alerts about infostealer, industrial threats](https://therecord.media/russia-cybersecurity-research-bizone-nova-infostealer) + - [ ] [Aquabot, il malware che prende di mira i sistemi telefonici VoIP: come difendersi](https://www.cybersecurity360.it/nuove-minacce/aquabot-il-malware-che-prende-di-mira-i-sistemi-telefonici-voip-come-difendersi/) + - [ ] [How hackers target your Active Directory with breached VPN passwords](https://www.bleepingcomputer.com/news/security/how-hackers-target-your-active-directory-with-breached-vpn-passwords/) + - [ ] [California man steals $50 million using fake investment sites, gets 7 years](https://www.bleepingcomputer.com/news/security/california-man-steals-50-million-using-fake-investment-sites-gets-7-years/) + - [ ] [35 anni di ransomware: com’è evoluta la minaccia e com’è cambiato il modo di difendersi](https://www.cybersecurity360.it/nuove-minacce/ransomware/cisco-35-anni-ransomware/) + - [ ] [7-Zip MotW bypass exploited in zero-day attacks against Ukraine](https://www.bleepingcomputer.com/news/security/7-zip-motw-bypass-exploited-in-zero-day-attacks-against-ukraine/) + - [ ] [Data breach del FSE Molise, tutta la catena di trattamento dati è responsabile: ecco perché](https://www.cybersecurity360.it/news/data-breach-del-fse-molise-tutta-la-catena-di-trattamento-dati-e-responsabile-ecco-perche/) + - [ ] [DeepSeek’s Growing Influence Sparks a Surge in Frauds and Phishing Attacks](https://cyble.com/blog/deepseeks-growing-influence-surge-frauds-phishing-attacks/) + - [ ] [NETGEAR Urges Immediate Firmware Updates for Critical Security Flaws](https://cyble.com/blog/netgear-issues-security-severe-rce-vulnerabilities/) + - [ ] [Il DPO nel percorso di adeguamento alla NIS 2: spettatore o protagonista?](https://www.cybersecurity360.it/legal/privacy-dati-personali/il-dpo-nel-percorso-di-adeguamento-alla-nis-2-spettatore-o-protagonista/) + - [ ] [Release Notes: System Updates, New YARA and Suricata Rules, Signatures, and More](https://any.run/cybersecurity-blog/release-notes-january-2025/) + - [ ] [Detection engineering at scale: one step closer (part two)](https://blog.sekoia.io/detection-engineering-at-scale-one-step-closer-part-two/) + - [ ] [GrubHub data breach impacts customers, drivers, and merchants](https://www.bleepingcomputer.com/news/security/grubhub-data-breach-impacts-customers-drivers-and-merchants/) + - [ ] [Security Operations Report - Gennaio 2025](https://www.certego.net/blog/whitepaper-secops-report-gennaio-2025/) + - [ ] [Sophos acquisisce Secureworks e diventa il principale fornitore di servizi MDR](https://www.securityinfo.it/2025/02/04/sophos-acquisisce-secureworks-e-diventa-il-principale-fornitore-di-servizi-mdr/) + - [ ] [PoinCampus - 89,116 breached accounts](https://haveibeenpwned.com/PwnedWebsites#PoinCampus) + - [ ] [First Apple-notarized porn app available to iPhone users in Europe](https://www.bleepingcomputer.com/news/apple/first-apple-notarized-porn-app-available-to-iphone-users-in-europe/) + - [ ] [As DOGE teams plug into federal networks, cybersecurity risks could be huge, experts say](https://therecord.media/doge-opm-treasury-cybersecurity) - 迪哥讲事 - - [ ] [列目录引起的信息泄露获取1w5赏金](https://mp.weixin.qq.com/s?__biz=MzIzMTIzNTM0MA==&mid=2247497023&idx=1&sn=f4dad5920e40978a4ba8d4c41549b151&chksm=e8a5ff5cdfd2764a24279a9dc8a829590dbe024450bedf43308c4ac21ef5ed933c146156054e&scene=58&subscene=0#rd) + - [ ] [限时福利 | 新年规划](https://mp.weixin.qq.com/s?__biz=MzIzMTIzNTM0MA==&mid=2247497034&idx=1&sn=9db28c4110f936bdab5fdc4d4a08bbe0&chksm=e8a5ff29dfd2763f82c4e66f8a055d79d8a9c6af1a96e1dba7c49d0a9ae1fea0ac4905fd16b0&scene=58&subscene=0#rd) +- bellingcat + - [ ] [Satellite Imagery Shows Schools and Hospitals Destroyed in Northern Gaza](https://www.bellingcat.com/news/2025/02/04/satellite-imagery-shows-schools-and-hospitals-destroyed-in-northern-gaza/) +- 娜璋AI安全之家 + - [ ] [PyTorch入门 (1)环境搭建、神经网络普及和Torch基础知识](https://mp.weixin.qq.com/s?__biz=Mzg5MTM5ODU2Mg==&mid=2247501337&idx=1&sn=1d5b325bd3781d3366805cba31133082&chksm=cfcf76d4f8b8ffc2bbf9a0d4b21b1d25fdb22fba974fb45849f750a272269e03399a890e940f&scene=58&subscene=0#rd) - Securityinfo.it - - [ ] [Meta smantella una campagna di spionaggio su WhatsApp](https://www.securityinfo.it/2025/02/03/meta-smantella-una-campagna-di-spionaggio-su-whatsapp/?utm_source=rss&utm_medium=rss&utm_campaign=meta-smantella-una-campagna-di-spionaggio-su-whatsapp) - - [ ] [CERT-AGID 25 – 31 gennaio: attacchi contro funzionari governativi e rappresentanti di ambasciate](https://www.securityinfo.it/2025/02/03/cert-agid-25-31-gennaio-attacchi-funzionari-governativi-rappresentanti-ambasciate/?utm_source=rss&utm_medium=rss&utm_campaign=cert-agid-25-31-gennaio-attacchi-funzionari-governativi-rappresentanti-ambasciate) -- Krypt3ia - - [ ] [Corporate Panopticon: How Big Tech Became the New Surveillance State](https://krypt3ia.wordpress.com/2025/02/03/corporate-panopticon-how-big-tech-became-the-new-surveillance-state/) - - [ ] [Modern Moscow Rules: Counter-Surveillance in the Digital & Physical World](https://krypt3ia.wordpress.com/2025/02/03/modern-moscow-rules-counter-surveillance-in-the-digital-physical-world/) - - [ ] [Krypt3ia Daily Cyber Threat Intelligence (CTI) Digest](https://krypt3ia.wordpress.com/2025/02/03/krypt3ia-daily-cyber-threat-intelligence-cti-digest-8/) -- Over Security - Cybersecurity news aggregator - - [ ] [‘Yes, this is real’: hackers targeting high-profile X accounts blur fact and fiction](https://therecord.media/hackers-x-accounts-security-crypto) - - [ ] [Amazon Redshift gets new default settings to prevent data breaches](https://www.bleepingcomputer.com/news/security/amazon-redshift-gets-new-default-settings-to-prevent-data-breaches/) - - [ ] [Woman nabbed by Thai police on alleged link to $182 million romance scam](https://therecord.media/arrest-thai-police-woman-romance-scam) - - [ ] [Australia sanctions ‘Terrorgram’ white supremacist online group](https://therecord.media/australia-sanctions-terrorgram-online-hate-group) - - [ ] [Canadian charged in two crypto platform thefts totaling $65 million](https://therecord.media/indictment-canadian-two-cryptocurrency-platform-hacks) - - [ ] [Google fixes Android kernel zero-day exploited in attacks](https://www.bleepingcomputer.com/news/security/google-fixes-android-kernel-zero-day-exploited-in-attacks/) - - [ ] [Journalist targeted on WhatsApp by Paragon spyware: “I feel violated”](https://techcrunch.com/2025/02/03/journalist-targeted-on-whatsapp-by-paragon-spyware-i-feel-violated/) - - [ ] [Canadian charged with stealing $65 million using DeFI crypto exploits](https://www.bleepingcomputer.com/news/security/canadian-charged-with-stealing-65-million-using-defi-crypto-exploits/) - - [ ] [Casio UK online store hacked to steal customer credit cards](https://www.bleepingcomputer.com/news/security/casio-uk-online-store-hacked-to-steal-customer-credit-cards/) - - [ ] [Mississippi electric utility warns 20,000 residents of data breach](https://therecord.media/mississippii-electric-utility-residents-breach) - - [ ] [1win - 96,166,543 breached accounts](https://haveibeenpwned.com/PwnedWebsites#1win) - - [ ] [Kazakhstan to audit foreign ministry after suspected Russia-linked cyberattack](https://therecord.media/kazakhstan-foreign-ministry-cyberattack-russia) - - [ ] [Microsoft kills off Defender 'Privacy Protection' VPN feature](https://www.bleepingcomputer.com/news/microsoft/microsoft-kills-off-defender-privacy-protection-vpn-feature/) - - [ ] [DeepSeek AI tools impersonated by infostealer malware on PyPI](https://www.bleepingcomputer.com/news/security/deepseek-ai-tools-impersonated-by-infostealer-malware-on-pypi/) - - [ ] [Telemarketing e trattamento illecito dei dati: la sanzione privacy a E.On sia monito per tutti](https://www.cybersecurity360.it/news/sanzione-eon-garante-privacy/) - - [ ] [Japanese sportswear company Mizuno confirms data breach after 2024 ransomware claims](https://therecord.media/mizuno-data-breach-notification) - - [ ] [AI Act, scattano i primi divieti: chi rischia le sanzioni e le prossime tappe](https://www.cybersecurity360.it/news/ai-act-scattano-i-primi-divieti-chi-rischia-le-sanzioni-e-le-prossime-tappe/) - - [ ] [Analysis of an advanced malicious Chrome extension](https://palant.info/2025/02/03/analysis-of-an-advanced-malicious-chrome-extension/) - - [ ] [Sweden releases suspected ship, says cable break ‘clearly’ not sabotage](https://therecord.media/sweden-releases-ship-suspected-cable-sabotage) - - [ ] [Cyble Sensors Detect Attacks on Apache OFBiz, Palo Alto Networks](https://cyble.com/blog/cyble-sensors-detect-attacks-on-palo-alto-networks/) - - [ ] [Vidar muta ancora: payload variabile e offuscamento più raffinato per questa nuova ondata](https://cert-agid.gov.it/news/vidar-muta-ancora-payload-variabile-e-offuscamento-piu-raffinato-per-questa-nuova-ondata/) - - [ ] [Russian hackers suspected of compromising British PM’s personal email account](https://therecord.media/keir-starmer-email-hack-russia-suspected) - - [ ] [Apple Issues Security Updates for iOS, macOS, watchOS, and More—Patch Now!](https://cyble.com/blog/apple-fixes-cve-2025-24085-security-update/) - - [ ] [Trump elimina i vincoli all’IA: i rischi cyber e privacy e le questioni etiche](https://www.cybersecurity360.it/cultura-cyber/trump-elimina-i-vincoli-allia-i-rischi-cyber-e-privacy-e-le-questioni-etiche/) - - [ ] [Meta smantella una campagna di spionaggio su WhatsApp](https://www.securityinfo.it/2025/02/03/meta-smantella-una-campagna-di-spionaggio-su-whatsapp/) - - [ ] [PyPI adds project archiving system to stop malicious updates](https://www.bleepingcomputer.com/news/security/pypi-adds-project-archiving-system-to-stop-malicious-updates/) - - [ ] [Vulnerabilità in Cisco Webex Chat, a rischio dati aziendali riservati: come mitigarla](https://www.cybersecurity360.it/news/vulnerabilita-in-cisco-webex-chat-a-rischio-dati-aziendali-riservati-come-mitigarla/) - - [ ] [CERT-AGID 25 – 31 gennaio: attacchi contro funzionari governativi e rappresentanti di ambasciate](https://www.securityinfo.it/2025/02/03/cert-agid-25-31-gennaio-attacchi-funzionari-governativi-rappresentanti-ambasciate/) - - [ ] [DragonNest - 511,290 breached accounts](https://haveibeenpwned.com/PwnedWebsites#DragonNest) -- SANS Internet Storm Center, InfoCON: green - - [ ] [Crypto Wallet Scam, (Mon, Feb 3rd)](https://isc.sans.edu/diary/rss/31646) - - [ ] [ISC Stormcast For Monday, February 3rd, 2025 https://isc.sans.edu/podcastdetail/9306, (Mon, Feb 3rd)](https://isc.sans.edu/diary/rss/31644) -- LuxSci - - [ ] [The Risks of Non-Compliant Email: How HIPAA Violations Hurt Healthcare Companies](https://luxsci.com/blog/the-risks-of-non-compliant-email-how-hipaa-violations-hurt-healthcare-companies.html) -- Posts By SpecterOps Team Members - Medium - - [ ] [Further Adventures With CMPivot — Client Coercion](https://posts.specterops.io/further-adventures-with-cmpivot-client-coercion-38b878b740ac?source=rss----f05f8696e3cc---4) + - [ ] [Sophos acquisisce Secureworks e diventa il principale fornitore di servizi MDR](https://www.securityinfo.it/2025/02/04/sophos-acquisisce-secureworks-e-diventa-il-principale-fornitore-di-servizi-mdr/?utm_source=rss&utm_medium=rss&utm_campaign=sophos-acquisisce-secureworks-e-diventa-il-principale-fornitore-di-servizi-mdr) +- Hacking Exposed Computer Forensics Blog + - [ ] [Daily Blog #738: Arsenal Recon LevelDB Recon](https://www.hecfblog.com/2025/02/daily-blog-738-arsenal-recon-leveldb.html) - ICT Security Magazine - - [ ] [E-Identity ed eIDAS 2.0: l’evoluzione dell’identità digitale europea](https://www.ictsecuritymagazine.com/notizie/e-identity-e-eidas-2-0/) -- Schneier on Security - - [ ] [Journalists and Civil Society Members Using WhatsApp Targeted by Paragon Spyware](https://www.schneier.com/blog/archives/2025/02/journalists-and-civil-society-members-using-whatsapp-targeted-by-paragon-spyware.html) + - [ ] [Cyber Crime Conference 2025, partecipa il 16 e 17 aprile a Roma](https://www.ictsecuritymagazine.com/notizie/cyber-crime-conference-2025/) + - [ ] [Criminalità informatica in Europa: l’analisi Eurojust-Europol 2024](https://www.ictsecuritymagazine.com/notizie/criminalita-informatica-2024/) +- SANS Internet Storm Center, InfoCON: green + - [ ] [Some updates to our data feeds, (Tue, Feb 4th)](https://isc.sans.edu/diary/rss/31650) + - [ ] [ISC Stormcast For Tuesday, February 4th, 2025 https://isc.sans.edu/podcastdetail/9308, (Tue, Feb 4th)](https://isc.sans.edu/diary/rss/31648) - Have I Been Pwned latest breaches - - [ ] [1win - 96,166,543 breached accounts](https://haveibeenpwned.com/PwnedWebsites#1win) - - [ ] [DragonNest - 511,290 breached accounts](https://haveibeenpwned.com/PwnedWebsites#DragonNest) -- TG Soft Software House - News - - [ ] [Phishing: i tentativi di furto credenziali e/o dati maggiormente diffusi nel mese di FEBBRAIO 2025...](http://www.tgsoft.it/italy/news_archivio.asp?id=1609) -- The Register - Security - - [ ] [TSA’s airport facial-recog tech faces audit probe](https://go.theregister.com/feed/www.theregister.com/2025/02/03/tsa_facial_recognition_audit/) - - [ ] [2 officers bailed as anti-corruption unit probes data payouts to N Irish cops](https://go.theregister.com/feed/www.theregister.com/2025/02/03/two_psni_officers_arrested_bailed/) - - [ ] [Privacy Commissioner warns the ‘John Smiths’ of the world can acquire ‘digital doppelgangers’](https://go.theregister.com/feed/www.theregister.com/2025/02/03/australia_digital_doppelgangers_privacy_award/) - - [ ] [Medical monitoring machines spotted stealing patient data, users warned to pull the plug ASAP](https://go.theregister.com/feed/www.theregister.com/2025/02/03/backdoored_contec_patient_monitors_leak_data/) + - [ ] [PoinCampus - 89,116 breached accounts](https://haveibeenpwned.com/PwnedWebsites#PoinCampus) +- Tor Project blog + - [ ] [New Release: Tor Browser 14.0.5](https://blog.torproject.org/new-release-tor-browser-1405/) +- Full Disclosure + - [ ] [KL-001-2025-002: Checkmk NagVis Remote Code Execution](https://seclists.org/fulldisclosure/2025/Feb/4) + - [ ] [KL-001-2025-001: Checkmk NagVis Reflected Cross-site Scripting](https://seclists.org/fulldisclosure/2025/Feb/3) +- Krypt3ia + - [ ] [Krypt3ia Daily Cyber Threat Intelligence (CTI) Digest](https://krypt3ia.wordpress.com/2025/02/04/krypt3ia-daily-cyber-threat-intelligence-cti-digest-9/) - TorrentFreak - - [ ] [Publishers Ramp Up Pressure vs. Anna’s Archive, Sci-Hub, Z-Library & Libgen](https://torrentfreak.com/publishers-ramp-up-pressure-vs-annas-archive-sci-hub-z-library-libgen-250203/) - - [ ] [MPA Shares Pirate Site Blocking ‘Best Practices’ at WIPO Meeting](https://torrentfreak.com/mpa-shares-pirate-site-blocking-best-practices-at-wipo-meeting-250203/) -- Your Open Hacker Community - - [ ] [How do you know what xss payload to use](https://www.reddit.com/r/HowToHack/comments/1igybrw/how_do_you_know_what_xss_payload_to_use/) - - [ ] [What is the best wordlist?](https://www.reddit.com/r/HowToHack/comments/1ih2ewh/what_is_the_best_wordlist/) - - [ ] [Game Save Hack](https://www.reddit.com/r/HowToHack/comments/1ih2139/game_save_hack/) - - [ ] [Need Help Setting Up a Proxy Server for HTTP Custom with Custom Payload on OMV (Debian)](https://www.reddit.com/r/HowToHack/comments/1igprcu/need_help_setting_up_a_proxy_server_for_http/) - - [ ] [Hacking an android device.](https://www.reddit.com/r/HowToHack/comments/1igtb54/hacking_an_android_device/) - - [ ] [SunNxt movies download](https://www.reddit.com/r/HowToHack/comments/1igmnwu/sunnxt_movies_download/) - - [ ] [Hey new guy, I have a question Does anyone have anything that is in url form that i can send my friends that will crash a chromebook.](https://www.reddit.com/r/HowToHack/comments/1igz5tg/hey_new_guy_i_have_a_question_does_anyone_have/) - - [ ] [Tizen os](https://www.reddit.com/r/HowToHack/comments/1igjoy4/tizen_os/) - - [ ] [how to find a password](https://www.reddit.com/r/HowToHack/comments/1igjfkf/how_to_find_a_password/) + - [ ] [LaLiga: Cloudflare, Google and X Are Essential Piracy Facilitators](https://torrentfreak.com/laliga-cloudflare-google-and-x-are-essential-piracy-facilitators-250204/) +- The Hacker News + - [ ] [Malicious Go Package Exploits Module Mirror Caching for Persistent Remote Access](https://thehackernews.com/2025/02/malicious-go-package-exploits-module.html) + - [ ] [Russian Cybercrime Groups Exploiting 7-Zip Flaw to Bypass Windows MotW Protections](https://thehackernews.com/2025/02/russian-cybercrime-groups-exploiting-7.html) + - [ ] [North Korean Hackers Deploy FERRET Malware via Fake Job Interviews on macOS](https://thehackernews.com/2025/02/north-korean-hackers-deploy-ferret.html) + - [ ] [Watch Out For These 8 Cloud Security Shifts in 2025](https://thehackernews.com/2025/02/watch-out-for-these-8-cloud-security.html) + - [ ] [Taiwan Bans DeepSeek AI Over National Security Concerns, Citing Data Leakage Risks](https://thehackernews.com/2025/02/taiwan-bans-deepseek-ai-over-national.html) + - [ ] [AMD SEV-SNP Vulnerability Allows Malicious Microcode Injection with Admin Access](https://thehackernews.com/2025/02/amd-sev-snp-vulnerability-allows.html) + - [ ] [Microsoft Patches Critical Azure AI Face Service Vulnerability with CVSS 9.9 Score](https://thehackernews.com/2025/02/microsoft-patches-critical-azure-ai.html) + - [ ] [Google Patches 47 Android Security Flaws, Including Actively Exploited CVE-2024-53104](https://thehackernews.com/2025/02/google-patches-47-android-security.html) + - [ ] [Microsoft SharePoint Connector Flaw Could've Enabled Credential Theft Across Power Platform](https://thehackernews.com/2025/02/microsoft-sharepoint-connector-flaw.html) - Trend Micro Research, News and Perspectives - - [ ] [Native Sensors vs. Integrations for XDR Platforms?](https://www.trendmicro.com/en_us/research/25/b/native-sensors-integrations-xdr-platform.html) + - [ ] [CVE-2025-0411: Ukrainian Organizations Targeted in Zero-Day Campaign and Homoglyph Attacks](https://www.trendmicro.com/en_us/research/25/a/cve-2025-0411-ukrainian-organizations-targeted.html) +- Graham Cluley + - [ ] [The AI Fix #36: A DeepSeek special](https://grahamcluley.com/the-ai-fix-36/) +- The Register - Security + - [ ] [Google: How to make any AMD Zen CPU always generate 4 as a random number](https://go.theregister.com/feed/www.theregister.com/2025/02/04/google_amd_microcode/) + - [ ] [Poisoned Go programming language package lay undetected for 3 years](https://go.theregister.com/feed/www.theregister.com/2025/02/04/golang_supply_chain_attack/) + - [ ] [Grubhub serves up security incident with a side of needing to change your password](https://go.theregister.com/feed/www.theregister.com/2025/02/04/grubhub_data_incident/) + - [ ] [US accuses Canadian math prodigy of $65M crypto scheme](https://go.theregister.com/feed/www.theregister.com/2025/02/04/math_prodigy_crypto_scheme/) + - [ ] [Cyberattack on NHS causes hospitals to miss cancer care targets](https://go.theregister.com/feed/www.theregister.com/2025/02/04/cyberattack_on_nhs_hospitals_sees/) + - [ ] [Abandoned AWS S3 buckets can be reused in supply-chain attacks that would make SolarWinds look 'insignificant'](https://go.theregister.com/feed/www.theregister.com/2025/02/04/abandoned_aws_s3/) + - [ ] [UK govt must learn fast and let failing projects die young](https://go.theregister.com/feed/www.theregister.com/2025/02/04/ukgov_must_embrace_a_fastlearning/) + - [ ] [Google patches odd Android kernel security bug amid signs of targeted exploitation](https://go.theregister.com/feed/www.theregister.com/2025/02/04/google_android_patch_netgear/) + - [ ] [Why digital resilience is critical to banks](https://go.theregister.com/feed/www.theregister.com/2025/02/04/why_digital_resilience_is_critical/) +- Security Affairs + - [ ] [Netgear urges users to upgrade two flaws impacting WiFi router models](https://securityaffairs.com/173839/security/netgear-wifi-routers-flaws.html) + - [ ] [AMD fixed a flaw that allowed to load malicious microcode](https://securityaffairs.com/173831/security/amd-flaw-allowed-load-malicious-microcode.html) + - [ ] [Coyote Banking Trojan targets Brazilian users, stealing data from 70+ financial apps and websites](https://securityaffairs.com/173818/malware/coyote-banking-trojan-targets-brazilian-users.html) + - [ ] [Google fixed actively exploited kernel zero-day flaw](https://securityaffairs.com/173812/hacking/google-android-kernel-zero-day-flaw.html) +- Schneier on Security + - [ ] [Deepfakes and the 2024 US Election](https://www.schneier.com/blog/archives/2025/02/deepfakes-and-the-2024-us-election.html) - Deeplinks - - [ ] [Open Licensing Promotes Culture and Learning. That's Why EFF Is Upgrading its Creative Commons Licenses.](https://www.eff.org/deeplinks/2025/02/open-licensing-promotes-culture-and-learning-thats-why-eff-upgrading-its-creative) + - [ ] [European Commission Gets Dinged for Unlawful Data Transfer, Sending a Big Message About Accountability](https://www.eff.org/deeplinks/2025/02/courts-fine-against-european-commission-unlawful-personal-data-transfer-small) + - [ ] [Key Issues Shaping State-Level Tech Policy](https://www.eff.org/deeplinks/2025/02/key-issues-shaping-state-level-tech-policy) + - [ ] [How State Tech Policies in 2024 Set the Stage for 2025](https://www.eff.org/deeplinks/2025/02/how-state-tech-policies-2024-set-stage-2025) - Technical Information Security Content & Discussion - - [ ] [How Attackers Can Bypass OPA Gatekeeper in Kubernetes Due to Rego Flaws](https://www.reddit.com/r/netsec/comments/1igvgbh/how_attackers_can_bypass_opa_gatekeeper_in/) -- Security Affairs - - [ ] [Web Skimmer found on at least 17 websites, including Casio UK](https://securityaffairs.com/173797/malware/web-skimmer-casio-uks-site.html) - - [ ] [Crazy Evil gang runs over 10 highly specialized social media scams](https://securityaffairs.com/173784/cyber-crime/crazy-evil-runs-10-social-media-scams.html) - - [ ] [Elon Musk ’s DOGE team granted ‘full access’ to sensitive Treasury systems. What are the risks?](https://securityaffairs.com/173776/security/elon-musk-s-doge-granted-full-access-to-sensitive-treasury-systems.html) - - [ ] [Texas is the first state to ban DeepSeek on government devices](https://securityaffairs.com/173764/laws-and-regulations/texas-bans-deepseek-and-rednote-govt-devices.html) - - [ ] [Law enforcement seized the domains of HeartSender cybercrime marketplaces](https://securityaffairs.com/173750/cyber-crime/heartsender-cybercrime-marketplaces-seized.html) -- Palo Alto Networks Blog - - [ ] [10 Cyber Recommendations for the Trump Administration](https://www.paloaltonetworks.com/blog/2025/02/10-cyber-recommendations-trump-administration/) + - [ ] [Replacing a Space Heater Firmware over WiFi](https://www.reddit.com/r/netsec/comments/1ihtrx0/replacing_a_space_heater_firmware_over_wifi/) + - [ ] [8 Million Requests Later, We Made The SolarWinds Supply Chain Attack Look Amateur - watchTowr Labs](https://www.reddit.com/r/netsec/comments/1ihf6qt/8_million_requests_later_we_made_the_solarwinds/) + - [ ] [Now live: Our Global InfoSec Salary Index for 2025 - with full dataset in the Public Domain :)](https://www.reddit.com/r/netsec/comments/1ihlqeq/now_live_our_global_infosec_salary_index_for_2025/) + - [ ] [Top 10 (new) web hacking techniques of 2024](https://www.reddit.com/r/netsec/comments/1ihl0w9/top_10_new_web_hacking_techniques_of_2024/) + - [ ] [How to prove false statements? (Part 1)](https://www.reddit.com/r/netsec/comments/1ihth34/how_to_prove_false_statements_part_1/) + - [ ] [Collabfiltrator 4.0.1 Plugin released! New SQLi DNS exfiltration capabilities available in BurpSuite. Download it from the BApp Store.](https://www.reddit.com/r/netsec/comments/1ihjlku/collabfiltrator_401_plugin_released_new_sqli_dns/) + - [ ] [Masquerade the Windows "Program Files" path with Unicode "En Quad" character.](https://www.reddit.com/r/netsec/comments/1ih7wch/masquerade_the_windows_program_files_path_with/) +- Your Open Hacker Community + - [ ] [hiding processes from tasklist by manipulating ntquerysysteminformation](https://www.reddit.com/r/HowToHack/comments/1ihc0bm/hiding_processes_from_tasklist_by_manipulating/) + - [ ] [John the Ripper Generates a 319 Million Character Hash](https://www.reddit.com/r/HowToHack/comments/1ihb8j6/john_the_ripper_generates_a_319_million_character/) + - [ ] [I want destroy someone...](https://www.reddit.com/r/HowToHack/comments/1ihsbu5/i_want_destroy_someone/) + - [ ] [Help to progress](https://www.reddit.com/r/HowToHack/comments/1ih5log/help_to_progress/) + - [ ] [How to get behind the paywall of this website? (bladet.no)](https://www.reddit.com/r/HowToHack/comments/1ihdpz7/how_to_get_behind_the_paywall_of_this_website/) + - [ ] [Can someone tell me if this code that Chat GPT generated is legit?](https://www.reddit.com/r/HowToHack/comments/1ihdjw7/can_someone_tell_me_if_this_code_that_chat_gpt/) + - [ ] [HELP ???](https://www.reddit.com/r/HowToHack/comments/1ihdbuu/help/) + - [ ] [Suddenly, all my terminal (MacOS) just says "login:incorrect" and all my processes have stopped... What do I do?](https://www.reddit.com/r/HowToHack/comments/1ih6q5k/suddenly_all_my_terminal_macos_just_says/) + - [ ] [I want to make a memory scanner/editor](https://www.reddit.com/r/HowToHack/comments/1ih9evu/i_want_to_make_a_memory_scannereditor/) +- netsecstudents: Subreddit for students studying Network Security and its related subjects + - [ ] [WebGoat and starting with Web App Sec](https://www.reddit.com/r/netsecstudents/comments/1ihivn7/webgoat_and_starting_with_web_app_sec/) +- Blackhat Library: Hacking techniques and research + - [ ] [Spam data](https://www.reddit.com/r/blackhat/comments/1ihi7gq/spam_data/) + - [ ] [Spam](https://www.reddit.com/r/blackhat/comments/1ihi6x6/spam/) - Computer Forensics - - [ ] [Sigma Rule Repo](https://www.reddit.com/r/computerforensics/comments/1igy288/sigma_rule_repo/) -- The Hacker News - - [ ] [768 CVEs Exploited in 2024, Reflecting a 20% Increase from 639 in 2023](https://thehackernews.com/2025/02/768-cves-exploited-in-2024-reflecting.html) - - [ ] [PyPI Introduces Archival Status to Alert Users About Unmaintained Python Packages](https://thehackernews.com/2025/02/pypi-introduces-archival-status-to.html) - - [ ] [⚡ THN Weekly Recap: Top Cybersecurity Threats, Tools and Tips [27 February]](https://thehackernews.com/2025/02/thn-weekly-recap-top-cybersecurity.html) - - [ ] [Coyote Malware Expands Reach: Now Targets 1,030 Sites and 73 Financial Institutions](https://thehackernews.com/2025/02/coyote-malware-expands-reach-now.html) - - [ ] [What Is Attack Surface Management?](https://thehackernews.com/2025/02/what-is-attack-surface-management.html) - - [ ] [Crazy Evil Gang Targets Crypto with StealC, AMOS, and Angel Drainer Malware](https://thehackernews.com/2025/02/crazy-evil-gang-targets-crypto-with.html) + - [ ] [Axiom help](https://www.reddit.com/r/computerforensics/comments/1ihva7p/axiom_help/) + - [ ] [Phone number recovery from GPS tracker device](https://www.reddit.com/r/computerforensics/comments/1ihelkv/phone_number_recovery_from_gps_tracker_device/) + - [ ] [Career Possibilities](https://www.reddit.com/r/computerforensics/comments/1ih9hug/career_possibilities/) + - [ ] [Need help with Internet Archive (Wayback Machine) breach](https://www.reddit.com/r/computerforensics/comments/1ihslo3/need_help_with_internet_archive_wayback_machine/) + - [ ] [Forensic Lab](https://www.reddit.com/r/computerforensics/comments/1ihpjkk/forensic_lab/) + - [ ] [Suggestion for a triage tool with keyword search capability](https://www.reddit.com/r/computerforensics/comments/1ihbu5l/suggestion_for_a_triage_tool_with_keyword_search/) +- Krebs on Security + - [ ] [Who’s Behind the Seized Forums ‘Cracked’ & ‘Nulled’?](https://krebsonsecurity.com/2025/02/whos-behind-the-seized-forums-cracked-nulled/) +- Security Weekly Podcast Network (Audio) + - [ ] [DeepSeek, Nicolas Cage, OpenAI, Hackers, Ransomware, Canada, Joshua Marpet and More - SWN #448](http://sites.libsyn.com/18678/deepseek-nicolas-cage-openai-hackers-ransomware-canada-joshua-marpet-and-more-swn-448) + - [ ] [Threat Modeling That Helps the Business - Akira Brand, Sandy Carielli - ASW #316](http://sites.libsyn.com/18678/threat-modeling-that-helps-the-business-akira-brand-sandy-carielli-asw-316)