# 每日安全资讯(2025-01-25) - paper - Last paper - [ ] [基于人工智能/机器学习的 IPv6 网络中隐秘通信的检测与分类](https://paper.seebug.org/3271/) - SecWiki News - [ ] [SecWiki News 2025-01-24 Review](http://www.sec-wiki.com/?2025-01-24) - 奇安信攻防社区 - [ ] [借壳上线之Patch PE文件](https://forum.butian.net/share/4085) - [ ] [间接提示注入攻击全面测评](https://forum.butian.net/share/4074) - Recent Commits to cve:main - [ ] [Update Fri Jan 24 20:25:39 UTC 2025](https://github.com/trickest/cve/commit/7cc0e3b9bf546832a32096d9ceafcc97c4d93574) - [ ] [Update Fri Jan 24 12:24:54 UTC 2025](https://github.com/trickest/cve/commit/f8b633c3d8a83678494182ef13bdefe3de45b845) - [ ] [Update Fri Jan 24 04:11:19 UTC 2025](https://github.com/trickest/cve/commit/2a95822f974d055bd443f22267473caedaf24a5d) - 嘶吼 RoarTalk – 网络安全行业综合服务平台,4hou.com - [ ] [AI鉴真刻不容缓!别让AI伪造“偷走”我们的善意](https://www.4hou.com/posts/xyzP) - [ ] [中央发文“推进新型城市基建”,祥云平台助力打造韧性城市](https://www.4hou.com/posts/wxyX) - [ ] [2024 Q4企业邮箱安全报告揭秘:盗号测试信背后的黑产攻击套路](https://www.4hou.com/posts/rpqL) - [ ] [新的 UEFI 安全启动漏洞使系统暴露于 bootkit](https://www.4hou.com/posts/7MyB) - [ ] [针对 Chrome 浏览器扩展程序网络钓鱼活动的新细节被披露](https://www.4hou.com/posts/nlJp) - Security Boulevard - [ ] [DEF CON 32 – Anyone Can Hack IoT- Beginner’s Guide To Hacking Your First IoT Device](https://securityboulevard.com/2025/01/def-con-32-anyone-can-hack-iot-beginners-guide-to-hacking-your-first-iot-device/) - [ ] [Cyber Lingo: What is GRC in cybersecurity?](https://securityboulevard.com/2025/01/cyber-lingo-what-is-grc-in-cybersecurity/) - [ ] [Randall Munroe’s XKCD ‘Unit Circle’](https://securityboulevard.com/2025/01/randall-munroes-xkcd-unit-circle/) - [ ] [Continuous Monitoring Guide: FedRAMP Meets Zero Trust](https://securityboulevard.com/2025/01/continuous-monitoring-guide-fedramp-meets-zero-trust/) - [ ] [How to Choose the Right Cybersecurity Software: A Comprehensive Guide](https://securityboulevard.com/2025/01/how-to-choose-the-right-cybersecurity-software-a-comprehensive-guide/) - [ ] [How bots and fraudsters exploit video games with credential stuffing](https://securityboulevard.com/2025/01/how-bots-and-fraudsters-exploit-video-games-with-credential-stuffing/) - [ ] [DEF CON 32 – Building A Secure Resilient Nationwide EV Charging Network](https://securityboulevard.com/2025/01/def-con-32-building-a-secure-resilient-nationwide-ev-charging-network/) - [ ] [Solving WAFs biggest challenge | Impart Security](https://securityboulevard.com/2025/01/solving-wafs-biggest-challenge-impart-security/) - [ ] [Unveiling the Dark Web: Myths, Realities, and Risks You Didn’t Know About](https://securityboulevard.com/2025/01/unveiling-the-dark-web-myths-realities-and-risks-you-didnt-know-about/) - 安全客-有思想的安全新媒体 - [ ] [年度盘点:AI+安全双重赋能,360解锁企业浏览器新动力](https://www.anquanke.com/post/id/303791) - [ ] [IntelBroker 的数字足迹: OSINT 分析揭露网络犯罪分子的行动](https://www.anquanke.com/post/id/303788) - [ ] [7-Zip 修复了可绕过 Windows MoTW 安全警告的错误,立即修补](https://www.anquanke.com/post/id/303776) - [ ] [Microsoft 在 Edge Stable 中预览 Game Assist 游戏内浏览器](https://www.anquanke.com/post/id/303773) - [ ] [ModiLoader 恶意软件利用 CAB 标头批处理文件逃避检测](https://www.anquanke.com/post/id/303770) - [ ] [Meta 的广告系统被俄罗斯宣传网络利用](https://www.anquanke.com/post/id/303767) - [ ] [13,000 台 MikroTik 路由器被僵尸网络劫持,用于发送垃圾邮件和网络攻击](https://www.anquanke.com/post/id/303785) - [ ] [DLL 副加载和代理: 向德国目标发送 Sliver 植入程序的新活动](https://www.anquanke.com/post/id/303764) - [ ] [Consilio Guided AI PrivDetect 缩短了权限审查时间](https://www.anquanke.com/post/id/303782) - [ ] [勒索软件团伙在 Microsoft Teams 网络钓鱼攻击中冒充 IT 支持](https://www.anquanke.com/post/id/303779) - Armin Ronacher's Thoughts and Writings - [ ] [Build It Yourself](http://lucumr.pocoo.org/2025/1/24/build-it-yourself) - Doonsec's feed - [ ] [秦安:拜登走了,完败于芯片,留下两场战争,还有耻辱与灾难](https://mp.weixin.qq.com/s?__biz=MzA5MDg1MDUyMA==&mid=2650476311&idx=1&sn=119884be68a469d54443b401908afe95) - [ ] [秦安:大消息!人民银行与证监会,座谈“3000+5000”亿资金入市](https://mp.weixin.qq.com/s?__biz=MzA5MDg1MDUyMA==&mid=2650476311&idx=2&sn=be8a2ff973ede5b074e70dc11899c350) - [ ] [上新日 | 口碑佳作上架!沉浸式翻译:双语对照网页翻译插件](https://mp.weixin.qq.com/s?__biz=MzI2MjcwMTgwOQ==&mid=2247492181&idx=1&sn=dc5a84bd0c1009bdda94f07507392b36) - [ ] [红队视角:揭秘内网提权的技术迷宫](https://mp.weixin.qq.com/s?__biz=MzkzNzg3NzQxMQ==&mid=2247485714&idx=1&sn=6a7ab0722e0c0f69ce8906539f544066) - [ ] [pikachu - Cross-Site Scripting(XSS)](https://mp.weixin.qq.com/s?__biz=Mzk1NzI2NDQyMw==&mid=2247484517&idx=1&sn=240276352d671fc67e03d7ccdecf2862) - [ ] [7-Zip高危漏洞曝光](https://mp.weixin.qq.com/s?__biz=MzU2MTc4NTEyNw==&mid=2247486441&idx=1&sn=4531aade32e795be54933b9d3a690c03) - [ ] [『漏洞复现』XXL-JOB 默认 accessToken 身份绕过 RCE 漏洞分析及复现](https://mp.weixin.qq.com/s?__biz=Mzg3OTUxNTU2NQ==&mid=2247490019&idx=1&sn=8b0ca8a5667607692018751b2e0db53a) - [ ] [图形化-Windiows日志分析工具](https://mp.weixin.qq.com/s?__biz=Mzg3OTUxNTU2NQ==&mid=2247490019&idx=2&sn=f204d355574f503af0ff0d6b11878996) - [ ] [技战法:巧用黑客攻击手法,被动积累技能](https://mp.weixin.qq.com/s?__biz=Mzg3OTUxNTU2NQ==&mid=2247490019&idx=3&sn=d1ade97995d489eec4760ec06058a2e0) - [ ] [文科应届生转行计算机的一年](https://mp.weixin.qq.com/s?__biz=Mzg4NTg0MjMzNQ==&mid=2247484202&idx=1&sn=91076a3a9a8de9de842344942c19a373) - [ ] [黑客攻防演练!!揭秘Sync Breeze缓冲溢出漏洞利用全过程!?](https://mp.weixin.qq.com/s?__biz=Mzk2NDE3NDUwNg==&mid=2247483890&idx=1&sn=00d4c726f5ef79a6a64b08e5c3bf5cca) - [ ] [一文看懂川普最新政策动向](https://mp.weixin.qq.com/s?__biz=MzkxMTA3MDk3NA==&mid=2247487089&idx=1&sn=f20b24974cce9ecc0b92a98268385c76) - [ ] [专题·人工智能安全治理 | 关于《人工智能安全治理框架》的解读与思考](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485456&idx=1&sn=f12cda55ab644a5227ada312bb79a62f) - [ ] [【干货原创】实网攻防演习常态化,会带来什么变化01](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485456&idx=4&sn=9936a954d36b83982d8a01b800f5a884) - [ ] [【干货原创】K12教育,鲜为人知的模式秘密](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485456&idx=5&sn=101312cecc9a495c7856503d86123187) - [ ] [原创文章目录](https://mp.weixin.qq.com/s?__biz=MzU3NjQ5NTIxNg==&mid=2247485456&idx=6&sn=416cca1469398aca13072a80a0f5c129) - [ ] [缓冲区溢出学习及漏洞复现](https://mp.weixin.qq.com/s?__biz=Mzk1NzQwNjQ4Ng==&mid=2247484665&idx=1&sn=55ab331218ce3316953848bc8a134e19) - [ ] [对抗小技巧:利用阿里云OSS做域前置](https://mp.weixin.qq.com/s?__biz=MzAxNzkyOTgxMw==&mid=2247493833&idx=1&sn=23a0220224aafdc3ab796f3cd5d0ff2b) - [ ] [一岁一逢,年度献礼 · 一图看懂2024年全球DDoS攻击态势](https://mp.weixin.qq.com/s?__biz=MzAwODU5NzYxOA==&mid=2247505829&idx=1&sn=4d7addf765ddfaf78ec11b722e8f815f) - [ ] [山石入选车联网产品安全漏洞专业库CAVD支撑单位](https://mp.weixin.qq.com/s?__biz=MzUzMDUxNTE1Mw==&mid=2247510279&idx=1&sn=06f1e42da19ca8f8da9668d9ed2ee6e4) - [ ] [YongYouNcTool-一款高效利用用友NC系列漏洞检测利用工具](https://mp.weixin.qq.com/s?__biz=MzkzNzg4MTI0NQ==&mid=2247485426&idx=1&sn=4b2b9a4778352c4a0791090d92cff7cc) - [ ] [春节 | 蛇年大吉,中泊研为您安全护航!](https://mp.weixin.qq.com/s?__biz=Mzg2NDc0MjUxMw==&mid=2247486072&idx=1&sn=2e79f7cd0c0fbc06d900089a529b1663) - [ ] [通用漏洞挖掘技巧](https://mp.weixin.qq.com/s?__biz=MzIzMTIzNTM0MA==&mid=2247496940&idx=1&sn=a33f04e5fdb7818531eeda42ebf4b6e7) - [ ] [知名企业遭「偷家」,攻击面管理势在必行](https://mp.weixin.qq.com/s?__biz=Mzg2NTk3NjczNQ==&mid=2247485619&idx=1&sn=378c053caf062e36f6d9c093a1e574dc) - [ ] [黑客、“内鬼”……2024年近千人涉侵害企业数据安全犯罪被检察机关起诉!](https://mp.weixin.qq.com/s?__biz=MzU2MTQwMzMxNA==&mid=2247541454&idx=1&sn=41f75791ee9265270755e2cede71b671) - [ ] [共研发展路径,平行切面联盟第一届理事会第三次会议召开](https://mp.weixin.qq.com/s?__biz=MzU5ODgzNTExOQ==&mid=2247635673&idx=1&sn=62b8bf30eb4df9ed99e5952408daf3c7) - [ ] [诸子云|甲方 :DLP遇到大模型软件,如何看待美国司法部发布的行政命令?](https://mp.weixin.qq.com/s?__biz=MzU5ODgzNTExOQ==&mid=2247635673&idx=2&sn=8efa180e659fee80150075eca38e5f0e) - [ ] [【智库报告】生物力量:确保美国在生物技术领域的领导地位](https://mp.weixin.qq.com/s?__biz=MzI2MTE0NTE3Mw==&mid=2651148676&idx=1&sn=1f06118ca29bead7275e53e21449c3d5) - [ ] [默安科技2024:既然选择远方 就会风雨兼程(文末赠好礼)](https://mp.weixin.qq.com/s?__biz=MzIzODQxMjM2NQ==&mid=2247500311&idx=1&sn=71f5bc1eb780b0762b766affc6bd68f6) - [ ] [一款专为红队恶意软件开发而设计的自动化分析沙箱](https://mp.weixin.qq.com/s?__biz=MzA4ODEyODA3MQ==&mid=2247490149&idx=1&sn=70a813d7a8848bc8648dd1aac1f118eb) - [ ] [LLM的“万能钥匙”](https://mp.weixin.qq.com/s?__biz=MzkzNjczNzEyMw==&mid=2247484110&idx=1&sn=c5759fe1f71dfc0f9ee76811361e1366) - [ ] [专题·人工智能安全治理 | 《人工智能安全治理框架》为人工智能安全发展提供重要指引](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235681&idx=1&sn=530f8234ebb092aa1a91e0c76012ae79) - [ ] [发布 | 国家数据局就《数据领域常用名词解释(第二批)》公开征求意见(附全文)](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235681&idx=2&sn=bf11efc7a9b860fb9b20b141baa90341) - [ ] [专家解读 | 构建高素质人才队伍,助力数据标注产业发展](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235681&idx=3&sn=a3cb25195824a0af1ff71d0489c3fffc) - [ ] [关注 | 检察机关依法惩治侵害企业数据安全犯罪 服务保障企业创新发展](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235681&idx=4&sn=42732fbe26b1fac5bc322a9e33b0b28a) - [ ] [解读 | 市场监管总局发布《网络交易执法协查暂行办法》 建立健全网络交易执法协查机制提升监管效能](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235681&idx=5&sn=5c63e275dc2b4b4f5dc92f28bbbf9bd5) - [ ] [发布 | 中国信通院联合发布《数据治理研究报告(2024年)》(附下载)](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235681&idx=6&sn=acbcf59882875e4e743a79a6a0213aff) - [ ] [国际 | 域外个人生物识别信息保护模式考察](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235681&idx=7&sn=a87473518e84e1b51f4fbc4906a29861) - [ ] [评论 | 让网络交易执法协作更规范有序](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235681&idx=8&sn=2f11ec80a6ee5f872457f929a062a55f) - [ ] [【2025-01-24】黑客新闻摘要](https://mp.weixin.qq.com/s?__biz=MzIzNDU5NTI4OQ==&mid=2247488355&idx=1&sn=ab928aff89673696e834f4dc18b7de2c) - [ ] [深度解读:特朗普新签数十项行政命令 将产生哪些影响?](https://mp.weixin.qq.com/s?__biz=Mzg3MDczNjcyNA==&mid=2247488936&idx=1&sn=4d76e5c799b12293df6e886eeba72957) - [ ] [3.6万亿!特朗普搞史上投资规模最大AI投资 剑指中国](https://mp.weixin.qq.com/s?__biz=Mzg3MDczNjcyNA==&mid=2247488936&idx=2&sn=266b328c867d28358b3ad08d0c0db044) - [ ] [phpMyAdmin 触发 XSS 攻击的安全漏洞](https://mp.weixin.qq.com/s?__biz=MzI0NzE4ODk1Mw==&mid=2652094694&idx=1&sn=4585dbd6a2385bcc0d9f83cd29f7b622) - [ ] [勒索病毒攻击 VMware ESXi 主机](https://mp.weixin.qq.com/s?__biz=MzI0NzE4ODk1Mw==&mid=2652094694&idx=2&sn=7325225efeb09b588a9ccc838efc3329) - [ ] [金蛇献瑞|筑梦前行|思维世纪2024年度总结及表彰大会圆满完成!](https://mp.weixin.qq.com/s?__biz=MjM5ODE4OTYzNw==&mid=2649563787&idx=1&sn=b7874fb0a3bb408ce2437d83d89462bb) - [ ] [加速安全设计——是时候采用TARA自动化技术来提高车辆安全性了吗?](https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247620079&idx=1&sn=23481c676669368be35dd7a2cddd9eac) - [ ] [网络安全最佳实践 - 从 TARA 到 PenTest](https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247620079&idx=2&sn=8a4462a7c4c53f946c5e01065135e83a) - [ ] [预防网络灾难 - 通过 TARA 分析进行深度防御](https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247620079&idx=3&sn=928dd30666e4f0e3e22e6ce103de6c61) - [ ] [红包封面第三弹!](https://mp.weixin.qq.com/s?__biz=MzUzMDQ1MTY0MQ==&mid=2247506601&idx=1&sn=70f914bcbbb9efc2fb037f6002cd45f6) - [ ] [《Java代码审计零基础入门到项目实战》2025第一期招生,五十多节课才五百多,手慢无。](https://mp.weixin.qq.com/s?__biz=MzkxNTU5NTI1Ng==&mid=2247487239&idx=1&sn=0202581931c1f46340bdf6f1001bda20) - [ ] [行业第二!实力藏不住了!](https://mp.weixin.qq.com/s?__biz=MzkxNDY0MjMxNQ==&mid=2247532859&idx=1&sn=da3d0fe94b70093b8c0cbb414e8683e5) - [ ] [聊热点|IDC: 2025年中国安全和信任市场十大预测、新型僵尸网络正对路由器、摄像头等设备发起大规模DDoS攻击……](https://mp.weixin.qq.com/s?__biz=MzkxNDY0MjMxNQ==&mid=2247532859&idx=2&sn=7af5ed5ca486c7d1ae633fed818088eb) - [ ] [带你解锁编码新世界!--随波逐流CTF编码工具使用教程41 --DNA密码](https://mp.weixin.qq.com/s?__biz=MzU2NzIzNzU4Mg==&mid=2247489588&idx=1&sn=f7fc3df0757ab001f3b1c34b240fd68e) - [ ] [学习代码审计除了大量练习,更多的还是代码审计思路,给大家分享分享。](https://mp.weixin.qq.com/s?__biz=Mzg3MDU1MjgwNA==&mid=2247487185&idx=1&sn=d6a035212abd74719d8d7ce79c254117) - [ ] [【安全圈】斯巴鲁汽车漏洞让黑客利用 Starlink 远程控制数百万辆汽车](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067590&idx=1&sn=32ea96086da2a1f7d7b7c25530ca8d55) - [ ] [【安全圈】GhostGPT – 黑客用来生成恶意软件和漏洞的新型 AI 黑帽工具](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067590&idx=2&sn=0963e1001cd7415a1987cb9c33807d8c) - [ ] [【安全圈】思科曝9.9分关键权限提升漏洞](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067590&idx=3&sn=7379d9127186d37af92f08f7a9ced06e) - [ ] [【安全圈】Chrome用户面临供应链攻击威胁,数百万人或受影响](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067590&idx=4&sn=ab568c073e0bfe554ca07ca03503f2da) - [ ] [Oracle 2025年1月补丁日多产品高危漏洞安全风险通告](https://mp.weixin.qq.com/s?__biz=MzI2NTg4OTc5Nw==&mid=2247522169&idx=1&sn=fce75986029eae4069d3b0638d1202bd) - [ ] [守护资产,防范风险 | 2025年Web3.0资产安全指南](https://mp.weixin.qq.com/s?__biz=MzU5OTg4MTIxMw==&mid=2247503926&idx=1&sn=d0bc90fe7f2f544c087615796f4035c5) - [ ] [企业动态 | 恒安嘉新入选2024全球计算产业案例汇编](https://mp.weixin.qq.com/s?__biz=MzIwMTUzNDY0NA==&mid=2649119281&idx=1&sn=12e90ca98164afb60a7bdf8a6b918bc4) - [ ] [安全报告 | 2024年12月恒安嘉新网络信息安全综合态势报告](https://mp.weixin.qq.com/s?__biz=MzIwMTUzNDY0NA==&mid=2649119281&idx=2&sn=822885323d0af590dcccbb115350825b) - [ ] [KwaiCoder-23B-A4B-v1:以 1/30 的成本训练全尺寸 SOTA 代码续写大模型](https://mp.weixin.qq.com/s?__biz=Mzg2NzU4MDM0MQ==&mid=2247495958&idx=1&sn=3383a72355bdb4c1d1bc79d83c1a8569) - [ ] [斯巴鲁曝关键漏洞,凭车牌号可远程入侵汽车](https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651312790&idx=1&sn=f164fbd58d9d173bbc7eae3626f9ab40) - [ ] [美国政府公布攻击Ivanti云服务设备的技术细节](https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651312790&idx=2&sn=b9aa66d005e4e639e712a5efed74fa6c) - [ ] [美国前中央情报局分析师承认泄露国防信息](https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651312790&idx=3&sn=83ffd20b9fd4d5d2da935ff3246e1ce6) - [ ] [MemProcFS-Analyzer:用于DFIR的Windows内存转储自动取证分析工具](https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651312790&idx=4&sn=d1ca26975b2bf3760969a9ce23192b28) - [ ] [解读丨《国家数据基础设施建设指引》主要内容+图解,附下载](https://mp.weixin.qq.com/s?__biz=MzI2MDk2NDA0OA==&mid=2247531208&idx=1&sn=fdf554db70e62d70c1452efb1191e994) - [ ] [干货 | 山信软件吕洪波:工业控制系统安全事件检测与处置(附视频+PPT)](https://mp.weixin.qq.com/s?__biz=MzI2MDk2NDA0OA==&mid=2247531208&idx=2&sn=d6cdc5a8d9df1a49d25016840187a4f1) - [ ] [24年总结](https://mp.weixin.qq.com/s?__biz=MzIyOTY1NDE5Mg==&mid=2247485100&idx=1&sn=0d1663a53843d7a2bd0c5504c41d1514) - [ ] [2025 蛇年迎新,盘古石取证暖心献礼:红包封面大放送,更多好礼等您来!](https://mp.weixin.qq.com/s?__biz=MzI2MDA0MTYyMQ==&mid=2654404359&idx=1&sn=cb7965528fedcff57cca3c5cf9847be5) - [ ] [春节将至,盛邦安全放假安排新鲜出炉!](https://mp.weixin.qq.com/s?__biz=MzAwNTAxMjUwNw==&mid=2650277587&idx=1&sn=28ae9f7e85590a579913877d8effc2a0) - [ ] [大模型系列之LLaMA Factory微调学习](https://mp.weixin.qq.com/s?__biz=Mzg2MTc1NDAxMA==&mid=2247484342&idx=1&sn=58be391a85f1cab4cdd6b7b0b41b1300) - [ ] [产品上新!捷普数据库防火墙正式发布!](https://mp.weixin.qq.com/s?__biz=MzI2MzU0NTk3OA==&mid=2247505825&idx=1&sn=6fc746a14da1dd33cecd278754c09e13) - [ ] [【漏洞预警】Elastic Fleet Server信息泄露漏洞](https://mp.weixin.qq.com/s?__biz=MzI3NzMzNzE5Ng==&mid=2247489518&idx=1&sn=4af05b6c62e451e4665c358a9b06bb24) - [ ] [烽火狼烟丨暗网数据及攻击威胁情报分析周报(01/20-01/24)](https://mp.weixin.qq.com/s?__biz=Mzk0NjMxNTgyOQ==&mid=2247484528&idx=1&sn=8663e8fd828e564560e8f8ef9b20fe32) - [ ] [Pwn2Own Automotive 2025结果汇总](https://mp.weixin.qq.com/s?__biz=Mzk0MzQzNzMxOA==&mid=2247487726&idx=1&sn=f8bb5a54e33ff80c2cb8894433b7f41d) - [ ] [【再发一遍】新春抽奖开启!与奉天安全团队 & 禾信智安共迎新年好运!](https://mp.weixin.qq.com/s?__biz=Mzk0NjQ2NzQ0Ng==&mid=2247484992&idx=1&sn=32c786903ab1ff5e499415b69a5dfc4b) - [ ] [新春抽奖开启!与奉天安全团队 & 禾信智安共迎新年好运!](https://mp.weixin.qq.com/s?__biz=Mzk0NjQ2NzQ0Ng==&mid=2247484992&idx=2&sn=0114b9f967a3e89fd0ec5627b0be8224) - [ ] [Jeddak星火计划-开启申报](https://mp.weixin.qq.com/s?__biz=MzI1MzYzMjE0MQ==&mid=2247512933&idx=1&sn=b2602ab68be9a48e636dfae7229f3144) - [ ] [DSRC 祝大家新年快乐(内含红包封面)](https://mp.weixin.qq.com/s?__biz=MzA3Mzk1MDk1NA==&mid=2651908507&idx=1&sn=090d7d7a925c36caa9bed1158c3df7ce) - [ ] [备考CISSP丨选择官方培训,查看官方培训课程计划](https://mp.weixin.qq.com/s?__biz=MzUzNTg4NDAyMg==&mid=2247492332&idx=1&sn=369749a7e2782981229c81e46366fbd2) - [ ] [每周蓝军技术推送(2025.1.18-1.24)](https://mp.weixin.qq.com/s?__biz=MzkyMTI0NjA3OA==&mid=2247494044&idx=1&sn=356681967a014551977e5051389b8f15) - [ ] [2025网安行业优质播客精选集⑥](https://mp.weixin.qq.com/s?__biz=Mzg2MTAwNzg1Ng==&mid=2247495515&idx=1&sn=2374d21d0f637deaaed6d28977cffa5d) - [ ] [【极思】安全运营第6年实践总结](https://mp.weixin.qq.com/s?__biz=Mzg2MTAwNzg1Ng==&mid=2247495515&idx=2&sn=32937e97ab2cae2201c2be8c08ed014e) - [ ] [中小企业及创业公司信息安全建设指南](https://mp.weixin.qq.com/s?__biz=Mzg2MTAwNzg1Ng==&mid=2247495515&idx=3&sn=4f64dbbd5c03c54883719d8d12c61b01) - [ ] [@网安人,你的2024年度关键词已生成(文末有福利)!](https://mp.weixin.qq.com/s?__biz=Mzg2MTAwNzg1Ng==&mid=2247495515&idx=4&sn=3e056e3e5b0b767c9ab1f787add702a0) - [ ] [网络安全罗盘2024-2025年度“最佳参与奖”揭晓](https://mp.weixin.qq.com/s?__biz=Mzg3OTg0OTAyOQ==&mid=2247486239&idx=1&sn=3d38cca0595dfc84ca2357ef5a25eb0f) - [ ] [限量赠送【10个前沿阵地🐍年红包封面】,恭祝大家新年快乐,财源广进。\\n\\n\\nhttps://support.weixin.qq.com/cgi-bin/mmsupport-bin/showredpacket?receiveuri=NU_pFu5bBp1TSI&check_type=2#wechat_redirect](https://mp.weixin.qq.com/s?__biz=MzA3MTM0NTQzNA==&mid=2455780136&idx=1&sn=06e52c12c5a8cfa7f7a57f51e487a05c) - [ ] [蛇舞新春,安全不打烊!云弈科技放假通知和值班安排](https://mp.weixin.qq.com/s?__biz=MzU2ODY0ODk2Nw==&mid=2247491055&idx=1&sn=420f20f35fa82fd4ec1b7426d38cd1db) - [ ] [边界无限春节护航,安全不打烊~](https://mp.weixin.qq.com/s?__biz=MzAwNzk0NTkxNw==&mid=2247487095&idx=1&sn=472bbc069d672b5973d5ea86c3073a43) - [ ] [大众DP BR X8跳转清理 & a5分析](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458589258&idx=1&sn=c1333a825d642b84f6494440d9d8f10c) - [ ] [职位更新!好工作不等人](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458589258&idx=2&sn=0f3ea01777f154e98bec7ccb0214b51c) - [ ] [特斯拉汽车被“重点关注”,Pwn2Own Automotive 2024首日曝出24个零日漏洞](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458589258&idx=3&sn=1ee9c0b4428aba7d94dead806b1d1cb1) - [ ] [学它!Browser Pwn Chrome V8篇](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458589258&idx=4&sn=f3db39003003caac0baa29b1e79f959e) - [ ] [安全守护,时刻在线丨永信至诚春节放假通知](https://mp.weixin.qq.com/s?__biz=MzAwNDUyMjk4MQ==&mid=2454829223&idx=1&sn=f73e544d3d20c83118c0a09feb410ac7) - [ ] [扫码下载 | 信息技术 安全技术 事件调查原则和过程](https://mp.weixin.qq.com/s?__biz=MjM5OTk4MDE2MA==&mid=2655264431&idx=1&sn=ed7164fc360d5a060ae12fc8ba35599d) - [ ] [第一波稳定测试结束|等待第二波](https://mp.weixin.qq.com/s?__biz=MzU5Njg5NzUzMw==&mid=2247490441&idx=1&sn=052ce0c328717954294bdc219233c174) - [ ] [网安周讯 | 抓捕7万人解救160余人,中国与多国联合打击电诈犯罪(一月第4期)](https://mp.weixin.qq.com/s?__biz=Mzg4MjQ4MjM4OA==&mid=2247523793&idx=1&sn=64147631f2e1dab957579c0acf00e360) - [ ] [回眸蓄力 逐新前行 | 丈八网安2024年度大事件盘点](https://mp.weixin.qq.com/s?__biz=MzkwNzI1NDk0MQ==&mid=2247492728&idx=1&sn=98ed0b98c1cd60e7c58b5bfc4265a8e7) - [ ] [梆叔说安全第三季Vol.8 | 梆梆安全2024年度回顾](https://mp.weixin.qq.com/s?__biz=MjM5NzE0NTIxMg==&mid=2651135241&idx=1&sn=afac26f6bfea1d968585123f9aa6e883) - [ ] [安全过春节 服务不打烊](https://mp.weixin.qq.com/s?__biz=MjM5NzE0NTIxMg==&mid=2651135241&idx=2&sn=2c39dd7159814b2ab9c889bc2a73ee7c) - [ ] [致谢之声|观安信息收到国家工业信息安全发展研究中心感谢信](https://mp.weixin.qq.com/s?__biz=MzIxNDIzNTcxMg==&mid=2247506747&idx=1&sn=3dad99620fdf85bd42c83b99d2853165) - [ ] [LinkedIn共享用户数据用于AI训练,面临集体诉讼](https://mp.weixin.qq.com/s?__biz=MzUzODYyMDIzNw==&mid=2247516907&idx=1&sn=32404b5acd0fa1d6c4fd1cef521c1bec) - [ ] [关于向社会公开征求《数据领域常用名词解释(第二批)》意见的公告](https://mp.weixin.qq.com/s?__biz=MzUzODYyMDIzNw==&mid=2247516907&idx=2&sn=86b6048d34de49f347b9e9df355e1e41) - [ ] [红队人员必备](https://mp.weixin.qq.com/s?__biz=Mzk1NzIzOTc5MQ==&mid=2247484618&idx=1&sn=028819b6f7389bc9b049f58b64d583b1) - [ ] [VulnNodeApp:一款包含大量安全漏洞的Node.js安全练习平台](https://mp.weixin.qq.com/s?__biz=MzU2MjY1ODEwMA==&mid=2247492083&idx=1&sn=32de1c271310b330793fd3aa20af2213) - [ ] [记录一次时序数据库的实战测试](https://mp.weixin.qq.com/s?__biz=MzkxNTIwNTkyNg==&mid=2247553194&idx=1&sn=2e004e579969317d5e92df0ddfcbb172) - [ ] [【免费领】新手必备!Web安全漏洞实战入门教程](https://mp.weixin.qq.com/s?__biz=MzkxNTIwNTkyNg==&mid=2247553194&idx=2&sn=3f4629f234882e5f46e5adca2331d21e) - [ ] [冰蝎V4.0流量分析到攻防检测](https://mp.weixin.qq.com/s?__biz=MzkyNTY3Nzc3Mg==&mid=2247489163&idx=1&sn=e175c3041e920dd6f348e5aea1cc803d) - [ ] [网络安全动态 - 2025.01.24](https://mp.weixin.qq.com/s?__biz=MzU1MzEzMzAxMA==&mid=2247499899&idx=1&sn=9a3d81b57f8642fbbad999c551f7d059) - [ ] [Oracle发布2025年1月的安全公告](https://mp.weixin.qq.com/s?__biz=MzU3ODM2NTg2Mg==&mid=2247495725&idx=1&sn=dedb6bb0dabaefa9b319ac1b7250d198) - [ ] [《智能化安全运营中心应用指南(2025年)》报告暨代表性厂商评估调研启动](https://mp.weixin.qq.com/s?__biz=MjM5Njc3NjM4MA==&mid=2651134885&idx=1&sn=1a1ed1ea95fed0e6eb76fe4a39386297) - [ ] [ChatGPT又全球大面积宕机,AI助手暂时\"失联\";斯巴鲁系统漏洞曝光,数百万车辆面临远程解锁并启动风险 | 牛览](https://mp.weixin.qq.com/s?__biz=MjM5Njc3NjM4MA==&mid=2651134885&idx=2&sn=b2ed8f09df9e5f6c4850178ee4311397) - [ ] [缓冲区溢出到getshell提权](https://mp.weixin.qq.com/s?__biz=Mzk0Mjg4MTQxMw==&mid=2247485817&idx=1&sn=e70b57b7fc4e92117a0bc5b84f9651a2) - [ ] [HTTP协议在IP协议之上对吗?](https://mp.weixin.qq.com/s?__biz=MzIxNTM3NDE2Nw==&mid=2247490315&idx=1&sn=8e90a9794db36a878015108ee0efad71) - [ ] [2025春节不打烊--全天候24小时服务](https://mp.weixin.qq.com/s?__biz=MzUxODY3MDExMA==&mid=2247490097&idx=1&sn=71c606f4b38243b1c7b326afaa7b148e) - [ ] [Cursor Pro自动化无限续杯方法](https://mp.weixin.qq.com/s?__biz=MzA3MzgwMzYyMA==&mid=2452890271&idx=1&sn=0a39d26afb00141c8df2a46f0ea99376) - [ ] [轻松使用cloudflare配置域名邮箱](https://mp.weixin.qq.com/s?__biz=MzA3MzgwMzYyMA==&mid=2452890271&idx=2&sn=3274f03a656568f84f84dafb0c6b5699) - [ ] [18部门印发《困境儿童个人信息保护工作办法》(附全文)](https://mp.weixin.qq.com/s?__biz=MzkwMTMyMDQ3Mw==&mid=2247597597&idx=2&sn=7b0a83cff6feb7012cf96d6ab6beae26) - [ ] [春节放假通知 | 众安天下:守护网络安全,保障“不打烊”](https://mp.weixin.qq.com/s?__biz=MzIyOTUzODY5Ng==&mid=2247504316&idx=1&sn=d83bd6c7e96fd6c7eafad474e007128d) - [ ] [国家级创新中心建设经验交流](https://mp.weixin.qq.com/s?__biz=MzAwNTc0ODM3Nw==&mid=2247488623&idx=1&sn=af66ff6a71f033f58448c3683b2f30e5) - Trustwave Blog - [ ] [Ransomware’s Evolution: Key Threat Groups Targeting the Energy and Utilities Sector in 2025](https://www.trustwave.com/en-us/resources/blogs/trustwave-blog/ransomwares-evolution-key-threat-groups-targeting-the-energy-and-utilities-sector-in-2025/) - CXSECURITY Database RSS Feed - CXSecurity.com - [ ] [CMS Twig Template Injection RCE via FTP Templates Path](https://cxsecurity.com/issue/WLB-2025010024) - Tenable Blog - [ ] [Cybersecurity Snapshot: WEF Offers AI Security Best Practices, as DORA Regulation Places Strict Cyber Rules on Banks](https://www.tenable.com/blog/ai-security-best-practices-01-24-2025) - Sucuri Blog - [ ] [Malware Redirects WordPress Traffic to Harmful Sites](https://blog.sucuri.net/2025/01/malware-redirects-wordpress-traffic-to-harmful-sites.html) - Private Feed for M09Ic - [ ] [safedv starred sadreck/Codecepticon](https://github.com/sadreck/Codecepticon) - [ ] [timwhitez starred decoder-it/ChgPass](https://github.com/decoder-it/ChgPass) - [ ] [evilashz starred decoder-it/ChgPass](https://github.com/decoder-it/ChgPass) - [ ] [niudaii starred 0x727/ChkApi_0x727](https://github.com/0x727/ChkApi_0x727) - [ ] [gh0stkey starred seaung/pocsuite-rs](https://github.com/seaung/pocsuite-rs) - [ ] [nightRainy starred ynwarcs/CVE-2025-21298](https://github.com/ynwarcs/CVE-2025-21298) - [ ] [0xbug starred google/osv-scanner](https://github.com/google/osv-scanner) - [ ] [yqcs forked yqcs/bolt.diy from stackblitz-labs/bolt.diy](https://github.com/yqcs/bolt.diy) - [ ] [niudaii starred leveryd/x-waf](https://github.com/leveryd/x-waf) - [ ] [spf13 starred theJayTea/WritingTools](https://github.com/theJayTea/WritingTools) - Blogs on STAR Labs - [ ] [CVE-2024-26230: Windows Telephony Service - It's Got Some Call-ing Issues (Elevation of Privilege)](https://starlabs.sg/blog/2025/cve-2024-26230-windows-telephony-service-its-got-some-call-ing-issues/) - Twitter @bytehx - [ ] [Re @roohaa_n @Bugcrowd Because it was on the testing environment.](https://x.com/bytehx343/status/1882793157093679381) - [ ] [I earned $650 for my submission on @bugcrowd https://bugcrowd.com/bytehx #ItTakesACrowd Bug: Admin Panel Takeover](https://x.com/bytehx343/status/1882791535617650979) - Bug Bounty in InfoSec Write-ups on Medium - [ ] [SQL injection in largest Electricity Board of Sri Lanka](https://infosecwriteups.com/sql-injection-in-largest-electricity-board-of-sri-lanka-1a55c12104bd?source=rss----7b722bfd1b8d--bug_bounty) - Reverse Engineering - [ ] [Dissecting the NVIDIA Hopper Architecture through Microbenchmarking and Multiple Level Analysis](https://www.reddit.com/r/ReverseEngineering/comments/1i974mg/dissecting_the_nvidia_hopper_architecture_through/) - [ ] [Hacking Subaru: Tracking and Controlling Cars via the STARLINK Admin Panel](https://www.reddit.com/r/ReverseEngineering/comments/1i8md2d/hacking_subaru_tracking_and_controlling_cars_via/) - [ ] [A particularly 'sus' sysctl in the XNU Kernel](https://www.reddit.com/r/ReverseEngineering/comments/1i8m9h3/a_particularly_sus_sysctl_in_the_xnu_kernel/) - Malwarebytes - [ ] [Texas scrutinizes four more car manufacturers on privacy issues](https://www.malwarebytes.com/blog/news/2025/01/texas-scrutinizes-four-more-car-manufacturers-on-privacy-issues) - SentinelOne - [ ] [The Good, the Bad and the Ugly in Cybersecurity – Week 4](https://www.sentinelone.com/blog/the-good-the-bad-and-the-ugly-in-cybersecurity-week-4-6/) - FreeBuf网络安全行业门户 - [ ] [Shiro CVE-2020-17523 路径绕过](https://www.freebuf.com/vuls/420772.html) - [ ] [FreeBuf周报 | 特朗普特赦暗网丝绸之路创始人;B站员工代码投毒报复用户](https://www.freebuf.com/news/420756.html) - [ ] [Tyrant(暴君) SUID二进制文件权限提升工具](https://www.freebuf.com/sectool/420749.html) - [ ] [黑客利用Windows RID劫持技术创建隐藏管理员账户](https://www.freebuf.com/articles/system/420811.html) - [ ] [2025网络暴露危机报告:45%第三方应用越权访问用户数据](https://www.freebuf.com/news/420744.html) - [ ] [黑客用假恶意软件生成器感染1.8万名“脚本小子”](https://www.freebuf.com/articles/endpoint/420809.html) - [ ] [斯巴鲁漏洞让黑客可以远程控制数百万辆汽车](https://www.freebuf.com/news/420728.html) - [ ] [[windows]自动锁屏程序](https://www.freebuf.com/sectool/420727.html) - [ ] [新型人工智能“黑帽”工具:GhostGPT带来的威胁与挑战](https://www.freebuf.com/news/420724.html) - HackerNews - [ ] [特斯拉电动汽车充电器在 Pwn2Own 东京大赛次日遭两次黑客攻击](https://hackernews.cc/archives/57086) - [ ] [QNAP 修复 NAS 备份恢复应用中的六项 Rsync 漏洞](https://hackernews.cc/archives/57078) - [ ] [近千个假冒 Reddit 网站推广 Lumma Stealer 恶意软件](https://hackernews.cc/archives/57073) - [ ] [TRIPLESTRENGTH 针对云环境进行加密货币劫持与勒索软件攻击](https://hackernews.cc/archives/57071) - [ ] [QakBot 相关 BC 恶意软件新增强化远程访问与数据收集功能](https://hackernews.cc/archives/57069) - [ ] [Juniper 路由器遭利用“魔术包”漏洞的定制后门攻击](https://hackernews.cc/archives/57064) - [ ] [Palo Alto 防火墙被发现存在安全启动绕过和固件漏洞](https://hackernews.cc/archives/57061) - 安全牛 - [ ] [2024年度全球邮件威胁报告](https://www.aqniu.com/vendor/108155.html) - [ ] [多个网络安全巨头的账户凭证泄露,在暗网被售卖;工信部提醒:防范Androxgh0st僵尸网络风险 | 牛览](https://www.aqniu.com/homenews/108150.html) - [ ] [深度长文 | 面对马斯克在CES2025上的预言,我们该何去何从?](https://www.aqniu.com/homenews/108149.html) - 杨龙 - [ ] [阿里云小内存机器频繁死机可能原因](https://www.yanglong.pro/%e9%98%bf%e9%87%8c%e4%ba%91%e5%b0%8f%e5%86%85%e5%ad%98%e6%9c%ba%e5%99%a8%e9%a2%91%e7%b9%81%e6%ad%bb%e6%9c%ba%e5%8f%af%e8%83%bd%e5%8e%9f%e5%9b%a0/) - 奇客Solidot–传递最新科技情报 - [ ] [秘密后门使用“魔法封包”感染企业 VPN](https://www.solidot.org/story?sid=80419) - [ ] [调查显示八成游戏开发商开发 PC 游戏](https://www.solidot.org/story?sid=80418) - [ ] [《自然》调查显示七成回应者使用 Bluesky](https://www.solidot.org/story?sid=80417) - [ ] [乔治 R.R.马丁合作发表了一篇物理学论文](https://www.solidot.org/story?sid=80416) - [ ] [Google 移动搜索移除网址面包屑导航](https://www.solidot.org/story?sid=80415) - [ ] [癌细胞利用有缺陷的线粒体毒害攻击免疫细胞](https://www.solidot.org/story?sid=80414) - [ ] [日本市场中国平板电视首次超过五成](https://www.solidot.org/story?sid=80413) - [ ] [智人离开非洲后血型可能发生适应性遗传变化](https://www.solidot.org/story?sid=80412) - [ ] [三菱不打算参与本田日产的合并](https://www.solidot.org/story?sid=80411) - [ ] [特朗普政府暂停了 NIH 的会议和旅行](https://www.solidot.org/story?sid=80410) - [ ] [Debian 15 代号 Duke](https://www.solidot.org/story?sid=80409) - [ ] [研究揭示不同政治光谱对传递虚假信息的偏好](https://www.solidot.org/story?sid=80408) - 腾讯玄武实验室 - [ ] [每日安全动态推送(25/1/24)](https://mp.weixin.qq.com/s?__biz=MzA5NDYyNDI0MA==&mid=2651960005&idx=1&sn=def8d5b004e60d0aa2f280d8493dc542&chksm=8baed25abcd95b4c23216c4b136a117918821b1f1ab95f8ce4b0e3c6ab2023bca38d426f0245&scene=58&subscene=0#rd) - 安全客 - [ ] [特斯拉充电桩一天被入侵两次,电动汽车基础设施网络安全引发全球关注](https://mp.weixin.qq.com/s?__biz=MzA5ODA0NDE2MA==&mid=2649787811&idx=1&sn=4927212fd9debdf7d94032ffd45aa0a9&chksm=8893bdccbfe434da1ec3c28eee36e47d63292e7a1c711d7f6818ff6f70209bede150d2007572&scene=58&subscene=0#rd) - 代码卫士 - [ ] [Oracle 2025年1月补丁日多产品高危漏洞安全风险通告](https://mp.weixin.qq.com/s?__biz=MzI2NTg4OTc5Nw==&mid=2247522169&idx=1&sn=fce75986029eae4069d3b0638d1202bd&chksm=ea94a613dde32f05ef7826dcffe2b3decd7b00ebdf610c08b0715fb2887545ac34d0f7f964dc&scene=58&subscene=0#rd) - 黑海洋 - IT技术知识库 - [ ] [PixPro图床 – Github存储版](https://blog.upx8.com/4678) - 威努特安全网络 - [ ] [中方回应美对中网络攻击,惠普公司开发文件泄漏 | 一周特辑](https://mp.weixin.qq.com/s?__biz=MzAwNTgyODU3NQ==&mid=2651130852&idx=1&sn=f1f55221d3afc7e74434b9d7e1180e95&chksm=80e71154b7909842dc785813844722ccaa15f8f08962db7fa984f1c156c60c4f4f285e6932e1&scene=58&subscene=0#rd) - 安全内参 - [ ] [知名车企漏洞:只需车牌号,就能远程监控劫持数百万辆车](https://mp.weixin.qq.com/s?__biz=MzI4NDY2MDMwMw==&mid=2247513589&idx=1&sn=1b70e6f4b48c39927bb2af1c0178da71&chksm=ebfaf2d5dc8d7bc3abdb845b15e34f01c5f9cc9f45c71804e231873a3c9b8be109f58083ea60&scene=58&subscene=0#rd) - [ ] [人数超TikTok!2024年美国医疗行业泄漏了1.8亿患者数据](https://mp.weixin.qq.com/s?__biz=MzI4NDY2MDMwMw==&mid=2247513589&idx=2&sn=3351a7a65979a78d643300f2a4dadfa5&chksm=ebfaf2d5dc8d7bc3d4cc9463e5f5a1a7ea306214b1c2ff9c9ef273fd5adadc40174c66510720&scene=58&subscene=0#rd) - 看雪学苑 - [ ] [大众DP BR X8跳转清理 & a5分析](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458589258&idx=1&sn=c1333a825d642b84f6494440d9d8f10c&chksm=b18c28c086fba1d62346bd0549dfc0cce7d6a264896bff49ec6fa9c67d09e41b8e76e90d5097&scene=58&subscene=0#rd) - [ ] [职位更新!好工作不等人](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458589258&idx=2&sn=0f3ea01777f154e98bec7ccb0214b51c&chksm=b18c28c086fba1d624ad70b554e691e9d88be8caa3deb07a854e332421e9924bf50e15a3c4b9&scene=58&subscene=0#rd) - [ ] [特斯拉汽车被“重点关注”,Pwn2Own Automotive 2024首日曝出24个零日漏洞](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458589258&idx=3&sn=1ee9c0b4428aba7d94dead806b1d1cb1&chksm=b18c28c086fba1d68376c00b114728f746f713fc2982b933066eb6ecbdc12c0081c2b3bb1411&scene=58&subscene=0#rd) - [ ] [学它!Browser Pwn Chrome V8篇](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458589258&idx=4&sn=f3db39003003caac0baa29b1e79f959e&chksm=b18c28c086fba1d6bd9cfde7e242476b6f95ecc53d490d7adb507edeb3df6e00bbe7c43f3169&scene=58&subscene=0#rd) - 天御攻防实验室 - [ ] [泄露文件揭示以色列军方与微软之间的深层联系,在加沙战争期间提供技术支持](https://mp.weixin.qq.com/s?__biz=MzU0MzgyMzM2Nw==&mid=2247486245&idx=1&sn=6c3bb1322ccb3edb14168ca734a6242b&chksm=fb04c84dcc73415bcf1d7c2f5ac99a3097bf6e51cee850fadde07cba4dc05c7d75774a1e3f00&scene=58&subscene=0#rd) - 奇安信威胁情报中心 - [ ] [每周高级威胁情报解读(2025.01.17~01.23)](https://mp.weixin.qq.com/s?__biz=MzI2MDc2MDA4OA==&mid=2247513863&idx=1&sn=9c4a03d780248697f3ef6da46a3760fe&chksm=ea664070dd11c9664b9d2879112628ee373660f60d7f25a7e8d14365524b15307382d82dac01&scene=58&subscene=0#rd) - M01N Team - [ ] [每周蓝军技术推送(2025.1.18-1.24)](https://mp.weixin.qq.com/s?__biz=MzkyMTI0NjA3OA==&mid=2247494044&idx=1&sn=356681967a014551977e5051389b8f15&chksm=c184298df6f3a09b94ddf8530ba9a609f1a4b3b5f9613ec89ba358c061f0b4d9593c735c2599&scene=58&subscene=0#rd) - 丁爸 情报分析师的工具箱 - [ ] [【智库报告】生物力量:确保美国在生物技术领域的领导地位](https://mp.weixin.qq.com/s?__biz=MzI2MTE0NTE3Mw==&mid=2651148676&idx=1&sn=1f06118ca29bead7275e53e21449c3d5&chksm=f1af26bec6d8afa8acd71cd12d352ac329764f11442e96d516ec4f5d4de731ff287f315664bb&scene=58&subscene=0#rd) - dotNet安全矩阵 - [ ] [文件痕迹清理,通过 Sharp4ModifyTime 修改任意文件时间戳](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498414&idx=1&sn=10c139db39735808d38c078682fce180&chksm=fa595443cd2edd55d66fb3d9017e009c5caf2c926f3df17fb94750bb82d71fe7f49bd2e51fa9&scene=58&subscene=0#rd) - [ ] [国内最专业、最全面的 [ .NET 代码审计 ] 体系化学习交流社区](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498414&idx=2&sn=d3c80ed5d3de19b8387f42bb7cc03601&chksm=fa595443cd2edd558f74d9545543622d73ec3aaf0037dd848378945854655e763a11ac52e1cf&scene=58&subscene=0#rd) - [ ] [通过 Sharp4Tokenvator 实现本地权限提升](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498414&idx=3&sn=ace80c4aea3efbc86df8b64024f230ba&chksm=fa595443cd2edd55b7f4ec0d4a576bc19c3cefa0a5e9de199379c5f8271cb941e2887b1ddd6d&scene=58&subscene=0#rd) - 吾爱破解论坛 - [ ] [吾爱破解论坛精华集2024](https://mp.weixin.qq.com/s?__biz=MjM5Mjc3MDM2Mw==&mid=2651141621&idx=1&sn=3f4c02af5506cb4440b9bc873071e716&chksm=bd50a5a18a272cb726747cfc86d50e65fcb43108e02ccddb2e78de7a82d173eb3bb2f4c05463&scene=58&subscene=0#rd) - ChaMd5安全团队 - [ ] [Kaiji恶意样本分析_v2](https://mp.weixin.qq.com/s?__biz=MzIzMTc1MjExOQ==&mid=2247511902&idx=1&sn=5a5087aec514f7b15779c18c089f0108&chksm=e89d8786dfea0e90e92921d5e1165a96c3c07af7d978f5c64f6eb6298ffd10e0112f71c100d4&scene=58&subscene=0#rd) - 安全圈 - [ ] [【安全圈】斯巴鲁汽车漏洞让黑客利用 Starlink 远程控制数百万辆汽车](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067590&idx=1&sn=32ea96086da2a1f7d7b7c25530ca8d55&chksm=f36e7b46c419f2508759cde38a0b63b3f4b1442bc7655fa88acfdb556c1fefa5e78211594fc2&scene=58&subscene=0#rd) - [ ] [【安全圈】GhostGPT – 黑客用来生成恶意软件和漏洞的新型 AI 黑帽工具](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067590&idx=2&sn=0963e1001cd7415a1987cb9c33807d8c&chksm=f36e7b46c419f2503cd6ccf7191847d24b6e5135071daedb82309bbc01b97545402cc0ff010b&scene=58&subscene=0#rd) - [ ] [【安全圈】思科曝9.9分关键权限提升漏洞](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067590&idx=3&sn=7379d9127186d37af92f08f7a9ced06e&chksm=f36e7b46c419f25055741d6542936063bf1b5787923201949d2998d3f1120257c12deaab9a8f&scene=58&subscene=0#rd) - [ ] [【安全圈】Chrome用户面临供应链攻击威胁,数百万人或受影响](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067590&idx=4&sn=ab568c073e0bfe554ca07ca03503f2da&chksm=f36e7b46c419f2504e60fb5ecb4e5b4587d40c40ef28fa92ddedef841c052dddeb060feb9d4a&scene=58&subscene=0#rd) - 数世咨询 - [ ] [2025年必看!人工智能重塑网络安全,超级自动化就在眼前!](https://mp.weixin.qq.com/s?__biz=MzkxNzA3MTgyNg==&mid=2247534964&idx=1&sn=cd109de22eeb6fcac5e7cd1247dd3038&chksm=c1443bc9f633b2dffee47e3c9a18afbcf4f64db84cbb2f3d5cb84383c63142f168c05adae6a9&scene=58&subscene=0#rd) - 奇安盘古 - [ ] [2025 蛇年迎新,盘古石取证暖心献礼:红包封面大放送,更多好礼等您来!](https://mp.weixin.qq.com/s?__biz=MzI2MDA0MTYyMQ==&mid=2654404359&idx=1&sn=cb7965528fedcff57cca3c5cf9847be5&chksm=f1ade1fdc6da68eb47796fef146879a2a2b5b5b44aab25764027cf594608aba90b65b0e9004d&scene=58&subscene=0#rd) - 嘶吼专业版 - [ ] [针对 Chrome 浏览器扩展程序网络钓鱼活动的新细节被披露](https://mp.weixin.qq.com/s?__biz=MzI0MDY1MDU4MQ==&mid=2247580965&idx=1&sn=7b271d77d7ae3794e77995267c934acf&chksm=e9146d1fde63e4097053f87e00d408e479510a2c67f11147c47b8735ea28cd8466e12a464d04&scene=58&subscene=0#rd) - [ ] [新的 UEFI 安全启动漏洞使系统暴露于 bootkit](https://mp.weixin.qq.com/s?__biz=MzI0MDY1MDU4MQ==&mid=2247580965&idx=2&sn=35ac8cf9ec1bfacb175b8622720863e2&chksm=e9146d1fde63e40910e314cac61af17533c328067d6bd015df8402266ba7692efae9a049c79f&scene=58&subscene=0#rd) - 情报分析师 - [ ] [情报:那些事儿](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650559205&idx=1&sn=6f86b1fec7d1f4306725254f5e6db47b&chksm=87117caeb066f5b815b102a771281eb4e910b4e244ef275aa4415290e48253076ec16ad5c18b&scene=58&subscene=0#rd) - [ ] [开源情报分析:透视一个人的多面性](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650559205&idx=2&sn=6a56dd9122e1a302bc2384123478737b&chksm=87117caeb066f5b87e14101a13336b9e6be83fbc2884d71296f17c29da9e70a956c4d40941f8&scene=58&subscene=0#rd) - [ ] [开源情报信息,一网打尽!](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650559205&idx=3&sn=1cca5108e67070471ee51e0e1ea8dcbd&chksm=87117caeb066f5b898030d03c8c46ca801ddfd645b1e85ec75ce59eeb5cb9c54e7da072470bd&scene=58&subscene=0#rd) - 中国信息安全 - [ ] [专题·人工智能安全治理 | 《人工智能安全治理框架》为人工智能安全发展提供重要指引](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235681&idx=1&sn=530f8234ebb092aa1a91e0c76012ae79&chksm=8b580058bc2f894ee2eae6f8c70502378a85d1c68c7854fc04a36aa415a806b70c3b95b59a89&scene=58&subscene=0#rd) - [ ] [发布 | 国家数据局就《数据领域常用名词解释(第二批)》公开征求意见(附全文)](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235681&idx=2&sn=bf11efc7a9b860fb9b20b141baa90341&chksm=8b580058bc2f894e8a78e5460bb45f362eeed694b3371ca573a75b3fd3cc0f08ad6cab57e0ce&scene=58&subscene=0#rd) - [ ] [专家解读 | 构建高素质人才队伍,助力数据标注产业发展](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235681&idx=3&sn=a3cb25195824a0af1ff71d0489c3fffc&chksm=8b580058bc2f894eb245d36a53ec92e5f687b6e6c66f7f71f0de296890f4298efb378db18fb8&scene=58&subscene=0#rd) - [ ] [关注 | 检察机关依法惩治侵害企业数据安全犯罪 服务保障企业创新发展](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235681&idx=4&sn=42732fbe26b1fac5bc322a9e33b0b28a&chksm=8b580058bc2f894e0f4cbee4ba19fbc1b27fa5adfa931776ec7cb3fd7561bac3e8b4892b8ccc&scene=58&subscene=0#rd) - [ ] [解读 | 市场监管总局发布《网络交易执法协查暂行办法》 建立健全网络交易执法协查机制提升监管效能](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235681&idx=5&sn=5c63e275dc2b4b4f5dc92f28bbbf9bd5&chksm=8b580058bc2f894e4ac6bd8b2f2a60ec364d705cfefc7db43b0fc7889dab60803743480b83bc&scene=58&subscene=0#rd) - [ ] [发布 | 中国信通院联合发布《数据治理研究报告(2024年)》(附下载)](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235681&idx=6&sn=acbcf59882875e4e743a79a6a0213aff&chksm=8b580058bc2f894eb05f0a640a04bc0c13832cf9659cfd9cf586f741342e097e7cb4f2034b14&scene=58&subscene=0#rd) - [ ] [国际 | 域外个人生物识别信息保护模式考察](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235681&idx=7&sn=a87473518e84e1b51f4fbc4906a29861&chksm=8b580058bc2f894efeb5cc3fd1319d517ad0008fc4cd0f9d85d46eb582042a0de18704a8873c&scene=58&subscene=0#rd) - [ ] [评论 | 让网络交易执法协作更规范有序](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664235681&idx=8&sn=2f11ec80a6ee5f872457f929a062a55f&chksm=8b580058bc2f894e56c7b4df2c980cea63ded34c1a6f34cf676f53b56d42c1167466955df122&scene=58&subscene=0#rd) - 滴滴安全应急响应中心 - [ ] [DSRC 祝大家新年快乐(内含红包封面)](https://mp.weixin.qq.com/s?__biz=MzA3Mzk1MDk1NA==&mid=2651908507&idx=1&sn=090d7d7a925c36caa9bed1158c3df7ce&chksm=84e37a1eb394f30889713a4a086f93c4d2b0954159a8cc113501e5116bd0d79c3b47bd7b1818&scene=58&subscene=0#rd) - 极客公园 - [ ] [豆包大模型 1.5 不走「捷径」,火山引擎要造「长坡厚雪」](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653072804&idx=1&sn=7fc6c4db1fad547f98df8d00ad106b33&chksm=7e57d0124920590444932c909ec415ffb185143d343e2419ea28f294c9fe2bc069783622d1a0&scene=58&subscene=0#rd) - [ ] [我们要摆脱『过个 AI 年』这样的初级阶段了](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653072771&idx=1&sn=3149d2565c3589ac38227d8d5878597f&chksm=7e57d0354920592309f96a4d274ad464edd3d0c87637c4b30146afc4041f5f392f17627fb714&scene=58&subscene=0#rd) - [ ] [OpenAI 推新智能体,能完成复杂任务;雷军、王传福入选全球最佳 CEO;字节游戏《决胜巅峰》开启国内公测 | 极客早知道](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653072732&idx=1&sn=0926a0b689d8e148d5c9fb4b32aa0892&chksm=7e57d0ea492059fc09eb0e9933091e0c43b3b5c2bc1d10a11b6be1acf32bb25d9c4bec737b0c&scene=58&subscene=0#rd) - 百度安全应急响应中心 - [ ] [限量红包封面 | 好运“嘶”声而来 滑进你的口袋](https://mp.weixin.qq.com/s?__biz=MzA4ODc0MTIwMw==&mid=2652542174&idx=1&sn=5fe0d886b064979793b3cbd19a61b7fe&chksm=8bcbb0e2bcbc39f42a01e0223d846599c26ac7e6e5fdf61cfad2eac81894c6229699bd5284b0&scene=58&subscene=0#rd) - 字节跳动技术团队 - [ ] [Jeddak星火计划-开启申报](https://mp.weixin.qq.com/s?__biz=MzI1MzYzMjE0MQ==&mid=2247512933&idx=1&sn=b2602ab68be9a48e636dfae7229f3144&chksm=e9d37887dea4f191941d0bb113066bf053408a8bd5796ecfeb49d90c5cf43e1920bf2dafab42&scene=58&subscene=0#rd) - 火绒安全 - [ ] [【火绒安全周报】B站员工滥用权限报复用户被开除/2000多名网红被“开盒”](https://mp.weixin.qq.com/s?__biz=MzI3NjYzMDM1Mg==&mid=2247521828&idx=1&sn=82479a718193afc90904db31f588c5e6&chksm=eb70481bdc07c10d2378d6352727843511736ac4f404c29cf9f77471d0d7f39ce10514d787ea&scene=58&subscene=0#rd) - [ ] [诚邀渠道合作伙伴共启新征程](https://mp.weixin.qq.com/s?__biz=MzI3NjYzMDM1Mg==&mid=2247521828&idx=2&sn=3f3425eb3c27f9524fb0f2d953ca029a&chksm=eb70481bdc07c10d32197f192e668777077d45aa9eea8faf428e04c535eb84d385aa11a0d679&scene=58&subscene=0#rd) - Tide安全团队 - [ ] [记一次钓鱼邮件实例分析](https://mp.weixin.qq.com/s?__biz=Mzg2NTA4OTI5NA==&mid=2247519791&idx=1&sn=f8f408c3e7b57b9783fde060aff1708e&chksm=ce5dac4ef92a25583e33450d525507ab9da79d6e5fc9a15b0a7e5c799935ec0614f904647568&scene=58&subscene=0#rd) - 360数字安全 - [ ] [春节假期,安全大模型帮你“躺赢”!](https://mp.weixin.qq.com/s?__biz=MzA4MTg0MDQ4Nw==&mid=2247579220&idx=1&sn=036d352c4a29bd9863fce78dcd7d5e64&chksm=9f8d265ca8faaf4acfd7a299e3d5b6e9edf55ef80424fc5ae53a59a7be22d2114eb1e9bd5678&scene=58&subscene=0#rd) - huasec - [ ] [24年总结](https://mp.weixin.qq.com/s?__biz=MzIyOTY1NDE5Mg==&mid=2247485100&idx=1&sn=0d1663a53843d7a2bd0c5504c41d1514&chksm=e8be2d73dfc9a4658eb6f0680a4e62f1bd800fe5988bfcf1fe194160e0157aa434d882f6d8b8&scene=58&subscene=0#rd) - CNVD漏洞平台 - [ ] [Oracle发布2025年1月的安全公告](https://mp.weixin.qq.com/s?__biz=MzU3ODM2NTg2Mg==&mid=2247495725&idx=1&sn=dedb6bb0dabaefa9b319ac1b7250d198&chksm=fd74c0e4ca0349f283b0e540501af4fa1eeb782340415eff1013718bda5508d4702dbdcfff2a&scene=58&subscene=0#rd) - Krypt3ia - [ ] [Krypt3ia Daily Cyber Threat Intelligence (CTI) Digest](https://krypt3ia.wordpress.com/2025/01/24/krypt3ia-daily-cyber-threat-intelligence-cti-digest-2/) - 赛博回忆录 - [ ] [36岁,本命年,再学一次安全](https://mp.weixin.qq.com/s?__biz=MzIxNDAyNjQwNg==&mid=2456099378&idx=1&sn=6c4312c836d50eb123463580236e3747&chksm=803c6bfbb74be2ed0ec59125bedcc4fd901ee5570ff68d872f74921ed684c13dcaf999cda2c5&scene=58&subscene=0#rd) - Securityinfo.it - [ ] [Oltre il 90% dei Microsoft Exchange Server è ancora vulnerabile a ProxyLogon](https://www.securityinfo.it/2025/01/24/oltre-il-90-dei-microsoft-exchange-server-e-ancora-vulnerabile-a-proxylogon/?utm_source=rss&utm_medium=rss&utm_campaign=oltre-il-90-dei-microsoft-exchange-server-e-ancora-vulnerabile-a-proxylogon) - ICT Security Magazine - [ ] [Cybersecurity e infrastrutture critiche sottomarine: Analisi delle vulnerabilità e strategie di resilienza nella backbone globale](https://www.ictsecuritymagazine.com/articoli/infrastrutture-critiche-sottomarine/) - 希潭实验室 - [ ] [第114篇:美国NSA量子DNS注入攻击技术,揭秘网络战的隐蔽手段QUANTUMDNS](https://mp.weixin.qq.com/s?__biz=MzkzMjI1NjI3Ng==&mid=2247487346&idx=1&sn=8c754ccbec08542992cce032cf7abcbf&chksm=c25fc009f528491fd031a9b145f7cf7f95dfda1164b98ab9fd5412b66f551cb85004a6eb533b&scene=58&subscene=0#rd) - 白泽安全实验室 - [ ] [伊朗支持的APT42组织针对以色列和美国的网络钓鱼活动加剧——每周威胁情报动态第210期 (01.17-01.23)](https://mp.weixin.qq.com/s?__biz=MzI0MTE4ODY3Nw==&mid=2247492529&idx=1&sn=e2697dd686fd55f34d2f6f17950d1ddc&chksm=e90dc99bde7a408dbde9bc281a602d9c44b3177611a589528c967540a171a0bdae4fb13ef0c8&scene=58&subscene=0#rd) - 迪哥讲事 - [ ] [通用漏洞挖掘技巧](https://mp.weixin.qq.com/s?__biz=MzIzMTIzNTM0MA==&mid=2247496940&idx=1&sn=a33f04e5fdb7818531eeda42ebf4b6e7&chksm=e8a5fe8fdfd277997c45b33df7177e2c0c39f4bb4e23b55308bf8a8ad59a087cb0ab7dace1d4&scene=58&subscene=0#rd) - 网络安全回收站 - [ ] [大模型系列之LLaMA Factory微调学习](https://mp.weixin.qq.com/s?__biz=Mzg2MTc1NDAxMA==&mid=2247484342&idx=1&sn=58be391a85f1cab4cdd6b7b0b41b1300&chksm=ce130443f9648d55205cc7a98a9fe40d7f0727f8daa16072fa35b7a71c3bd4150fe9e98a5e97&scene=58&subscene=0#rd) - Over Security - Cybersecurity news aggregator - [ ] [Update: New Details on the Medusa Ransomware Attack on Hospital El Cruce](https://www.suspectfile.com/update-new-details-on-the-medusa-ransomware-attack-on-hospital-el-cruce/) - [ ] [More than 2,000 SonicWall devices vulnerable to critical zero-day](https://therecord.media/sonicwall-devices-exposed-zero-day) - [ ] [Politicization of intel oversight board could threaten key US-EU data transfer agreement](https://therecord.media/politicization-of-pclob-could-threaten-key-eu-us-data-transfer-agreement) - [ ] [Zyxel warns of bad signature update causing firewall boot loops](https://www.bleepingcomputer.com/news/security/zyxel-warns-of-bad-signature-update-causing-firewall-boot-loops/) - [ ] [Microsoft to deprecate WSUS driver synchronization in 90 days](https://www.bleepingcomputer.com/news/microsoft/microsoft-to-deprecate-wsus-driver-synchronization-in-90-days/) - [ ] [At least $69 million stolen from crypto platform Phemex in suspected cyberattack](https://therecord.media/69-million-stolen-cyberattack-crypto-platform-phemex) - [ ] [Subaru Starlink flaw let hackers hijack cars in US and Canada](https://www.bleepingcomputer.com/news/security/subaru-starlink-flaw-let-hackers-hijack-cars-in-us-and-canada/) - [ ] [Hackers use Windows RID hijacking to create hidden admin account](https://www.bleepingcomputer.com/news/security/hackers-use-windows-rid-hijacking-to-create-hidden-admin-account/) - [ ] [Hospital El Cruce takes its website offline following a severe cyberattack](https://www.suspectfile.com/hospital-el-cruce-takes-its-website-offline-following-a-severe-cyberattack/) - [ ] [PayPal penalized $2 million over data breach involving 35K Social Security numbers](https://therecord.media/paypal-penalty-millions-data-breach) - [ ] [Update #6: blog e argomenti live](https://roccosicilia.com/2025/01/24/update-6-blog-e-argomenti-live/) - [ ] [Hacker infects 18,000 "script kiddies" with fake malware builder](https://www.bleepingcomputer.com/news/security/hacker-infects-18-000-script-kiddies-with-fake-malware-builder/) - [ ] [Oltre il 90% dei Microsoft Exchange Server è ancora vulnerabile a ProxyLogon](https://www.securityinfo.it/2025/01/24/oltre-il-90-dei-microsoft-exchange-server-e-ancora-vulnerabile-a-proxylogon/) - [ ] [Managed Detection and Response – How are you monitoring?](https://www.bleepingcomputer.com/news/security/managed-detection-and-response-how-are-you-monitoring/) - [ ] [Microsoft: Outdated Exchange servers fail to auto-mitigate security bugs](https://www.bleepingcomputer.com/news/security/microsoft-outdated-exchange-servers-fail-to-auto-mitigate-security-bugs/) - [ ] [Sintesi riepilogativa delle campagne malevole nella settimana del 18 – 24 gennaio](https://cert-agid.gov.it/news/sintesi-riepilogativa-delle-campagne-malevole-nella-settimana-del-18-24-gennaio/) - [ ] [Unlocking Vulnrichment: Enhancing CVE Data for Smarter Vulnerability Management](https://cyble.com/blog/cisa-reveals-vulnrichment-management-for-cve-data/) - [ ] [Anatomy of an Exploit Chain: CISA, FBI Detail Ivanti CSA Attacks](https://cyble.com/blog/ivanti-csa-attacks-cisa-fbi-expose-exploit-chain/) - [ ] [Seasoning email threats with hidden text salting](https://blog.talosintelligence.com/seasoning-email-threats-with-hidden-text-salting/) - [ ] [UK to examine undersea cable vulnerability as Russian spy ship spotted in British waters](https://therecord.media/britain-undersea-cables-russian-spy-ship) - [ ] [Hackers get $886,250 for 49 zero-days at Pwn2Own Automotive 2025](https://www.bleepingcomputer.com/news/security/hackers-get-886-250-for-49-zero-days-at-pwn2own-automotive-2025/) - [ ] [USB Army Knife: The Ultimate Close Access Penetest Tool](https://www.mobile-hacker.com/2025/01/24/usb-army-knife-the-ultimate-close-access-penetest-tool/) - [ ] [Malware Redirects WordPress Traffic to Harmful Sites](https://blog.sucuri.net/2025/01/malware-redirects-wordpress-traffic-to-harmful-sites.html) - SANS Internet Storm Center, InfoCON: green - [ ] [[Guest Diary] How Access Brokers Maintain Persistence, (Fri, Jan 24th)](https://isc.sans.edu/diary/rss/31600) - [ ] [ISC Stormcast For Friday, January 24th, 2025 https://isc.sans.edu/podcastdetail/9294, (Fri, Jan 24th)](https://isc.sans.edu/diary/rss/31622) - Schneier on Security - [ ] [Friday Squid Blogging: Beaked Whales Feed on Squid](https://www.schneier.com/blog/archives/2025/01/friday-squid-blogging-beaked-whales-feed-on-squid.html) - Null Byte - [ ] [iOS 18.3 Is Coming Soon — Here's What to Expect on Your iPhone](https://ios.gadgethacks.com/news/ios-18.3-features/) - [ ] [Freeform on iOS 18: All the Features You've Been Missing Out On](https://ios.gadgethacks.com/how-to/freeform-ios-18-features/) - The Hacker News - [ ] [RANsacked: Over 100 Security Flaws Found in LTE and 5G Network Implementations](https://thehackernews.com/2025/01/ransacked-over-100-security-flaws-found.html) - [ ] [2025 State of SaaS Backup and Recovery Report](https://thehackernews.com/2025/01/insights-from-2025-saas-backup-and-recovery-report.html) - [ ] [DoJ Indicts 5 Individuals for $866K North Korean IT Worker Scheme Violations](https://thehackernews.com/2025/01/doj-indicts-5-individuals-for-866k.html) - [ ] [Android's New Identity Check Feature Locks Device Settings Outside Trusted Locations](https://thehackernews.com/2025/01/androids-new-identity-check-feature.html) - [ ] [CISA Adds Five-Year-Old jQuery XSS Flaw to Exploited Vulnerabilities List](https://thehackernews.com/2025/01/cisa-adds-five-year-old-jquery-xss-flaw.html) - Graham Cluley - [ ] [Be careful what you say about data leaks in Turkey, new law could mean prison for reporting hacks](https://www.tripwire.com/state-of-security/new-law-could-mean-prison-reporting-data-leaks) - The Register - Security - [ ] [AI chatbot startup founder, lawyer wife accused of ripping off investors in $60M fraud](https://go.theregister.com/feed/www.theregister.com/2025/01/24/ai_startup_founder_wife_indicted/) - [ ] [Don't want your Kubernetes Windows nodes hijacked? Patch this hole now](https://go.theregister.com/feed/www.theregister.com/2025/01/24/kubernetes_windows_nodes_bug/) - [ ] [North Korean dev who renamed himself 'Bane' accused of IT worker fraud caper](https://go.theregister.com/feed/www.theregister.com/2025/01/24/north_korean_devs_and_their/) - [ ] [China and friends claim success in push to stamp out tech support cyber-scam slave camps](https://go.theregister.com/feed/www.theregister.com/2025/01/24/lancang_mekong_anti_cyberscam_cooperation/) - [ ] [Court rules FISA Section 702 surveillance of US resident was unconstitutional](https://go.theregister.com/feed/www.theregister.com/2025/01/24/section_702_court/) - Security Affairs - [ ] [U.S. CISA adds SonicWall SMA1000 flaw to its Known Exploited Vulnerabilities catalog](https://securityaffairs.com/173417/security/u-s-cisa-adds-sonicwall-sma1000-flaw-known-exploited-vulnerabilities-catalog.html) - [ ] [J-magic malware campaign targets Juniper routers](https://securityaffairs.com/173408/security/j-magic-malware-campaign-targets-juniper-routers.html) - [ ] [SonicWall warns of a critical CVE-2025-23006 zero-day likely exploited in the wild](https://securityaffairs.com/173387/security/sonicwall-warns-zero-day-sma-1000-series.html) - TorrentFreak - [ ] [PIPCU Uses UK IPO’s ‘Surplus Millions’ to Wage War on IPTV Pirates](https://torrentfreak.com/pipcu-utilizes-uk-ipos-surplus-millions-to-wage-war-on-iptv-pirates-250124/) - Instapaper: Unread - [ ] [iOS Stolen Device Protection](https://cellebrite.com/en/ios-stolen-device-protection/) - [ ] [The Internet is (once again) awash with IoT botnets delivering record DDoSes](https://arstechnica.com/security/2025/01/the-internet-is-once-again-awash-with-iot-botnets-delivering-record-ddoses/) - [ ] [What Is Jump List Cache](https://www.cybertriage.com/blog/what-is-jump-list-cache/) - [ ] [Subaru Car Vulnerability Lets Hackers Control Millions of Cars Remotely Using Starlink](https://cybersecuritynews.com/subaru-car-vulnerability-lets-hackers-control-the-millions-of-cars-remotely/) - [ ] [Torna Itasec 2025, il più grande evento dedicato alla cybersecurity in Italia](https://www.wired.it/article/itasec-2025-conferenza-cybersecurity-italia/) - Blackhat Library: Hacking techniques and research - [ ] [URGENT : File transfers](https://www.reddit.com/r/blackhat/comments/1i8ryzg/urgent_file_transfers/) - Computer Forensics - [ ] [Which Digital Forensic proprietary Tool is better for processing and Analysis?](https://www.reddit.com/r/computerforensics/comments/1i8qcho/which_digital_forensic_proprietary_tool_is_better/) - [ ] [Magnet Axiom Questions](https://www.reddit.com/r/computerforensics/comments/1i90lqz/magnet_axiom_questions/) - [ ] [Memory Forensics](https://www.reddit.com/r/computerforensics/comments/1i8rssu/memory_forensics/) - [ ] [Metadata and iMessage - Is key information stripped?](https://www.reddit.com/r/computerforensics/comments/1i8y0rn/metadata_and_imessage_is_key_information_stripped/) - [ ] [Preferred Methodology for ediscovery extraction for forensic images?](https://www.reddit.com/r/computerforensics/comments/1i8x4s0/preferred_methodology_for_ediscovery_extraction/) - Deep Web - [ ] [What do you do when you find something you aren’t suppose to find?](https://www.reddit.com/r/deepweb/comments/1i8tie9/what_do_you_do_when_you_find_something_you_arent/) - Your Open Hacker Community - [ ] [Study suggestion request (Reverse engineering)](https://www.reddit.com/r/HowToHack/comments/1i8wvf2/study_suggestion_request_reverse_engineering/) - [ ] [BadUSB Pico](https://www.reddit.com/r/HowToHack/comments/1i97jaf/badusb_pico/) - [ ] [Bypassing simple anti-debug feature of a CTF with LD_PRELOAD flag](https://www.reddit.com/r/HowToHack/comments/1i94qfm/bypassing_simple_antidebug_feature_of_a_ctf_with/) - [ ] [Linux and grey hacking](https://www.reddit.com/r/HowToHack/comments/1i93ulo/linux_and_grey_hacking/) - [ ] [Please read if you are new to hacking with limited skills](https://www.reddit.com/r/HowToHack/comments/1i93c0c/please_read_if_you_are_new_to_hacking_with/) - [ ] [Outlook hacked and I cannot disable the messages forwarding to hackers](https://www.reddit.com/r/HowToHack/comments/1i97cos/outlook_hacked_and_i_cannot_disable_the_messages/) - [ ] [People say that Linux needs no Antivirus... really? Can Linux really detect ZIP Bombs?](https://www.reddit.com/r/HowToHack/comments/1i99foc/people_say_that_linux_needs_no_antivirus_really/) - [ ] [Hidden profiles on Apple devices, weird 3rd party licenses etc. Brand new out of box Pixel Phone was already compromised on start up.](https://www.reddit.com/r/HowToHack/comments/1i97wfi/hidden_profiles_on_apple_devices_weird_3rd_party/) - [ ] [Finding the identity of scammers](https://www.reddit.com/r/HowToHack/comments/1i92om6/finding_the_identity_of_scammers/) - [ ] [Hash cat](https://www.reddit.com/r/HowToHack/comments/1i935ub/hash_cat/) - [ ] [Google reviews delete](https://www.reddit.com/r/HowToHack/comments/1i8wear/google_reviews_delete/) - [ ] [I suspect an ex-friend is creating sock puppet accounts on fb to harass my friend. Is there a way to track these accounts back to him?](https://www.reddit.com/r/HowToHack/comments/1i8v5or/i_suspect_an_exfriend_is_creating_sock_puppet/) - [ ] [help !!](https://www.reddit.com/r/HowToHack/comments/1i8llcl/help/) - [ ] [Don't know if it's possible but any guidance would help immensely](https://www.reddit.com/r/HowToHack/comments/1i8lfjf/dont_know_if_its_possible_but_any_guidance_would/) - [ ] [Help to delete google reviews](https://www.reddit.com/r/HowToHack/comments/1i8wgdx/help_to_delete_google_reviews/) - [ ] [got deauther made up on esp8266 but having deauth issues](https://www.reddit.com/r/HowToHack/comments/1i8izpb/got_deauther_made_up_on_esp8266_but_having_deauth/) - [ ] [Hacking Forums](https://www.reddit.com/r/HowToHack/comments/1i8q7zl/hacking_forums/) - [ ] [Best way to learn?](https://www.reddit.com/r/HowToHack/comments/1i8k7f9/best_way_to_learn/) - [ ] [Some help plz](https://www.reddit.com/r/HowToHack/comments/1i8p2hw/some_help_plz/) - netsecstudents: Subreddit for students studying Network Security and its related subjects - [ ] [Any starting guide to learn Sigma Rules ?](https://www.reddit.com/r/netsecstudents/comments/1i8yf9h/any_starting_guide_to_learn_sigma_rules/) - Hacking Exposed Computer Forensics Blog - [ ] [Daily Blog #727: Experimenting with Deepseek v3](https://www.hecfblog.com/2025/01/daily-blog-727-experimenting-with.html) - Technical Information Security Content & Discussion - [ ] [Someone wrote an Anti-Crawler/Scraper Trap](https://www.reddit.com/r/netsec/comments/1i93pzl/someone_wrote_an_anticrawlerscraper_trap/) - [ ] [USB Army Knife: Close Access Pentest Tool with VNC, Marauder, network adapter etc.](https://www.reddit.com/r/netsec/comments/1i8rdf5/usb_army_knife_close_access_pentest_tool_with_vnc/) - [ ] [WinVisor: A proof-of-concept hypervisor-based emulator for Windows x64 binaries](https://www.reddit.com/r/netsec/comments/1i8nnii/winvisor_a_proofofconcept_hypervisorbased/) - [ ] [Static Source Code Security Scanning Tools Evaluation Benchmark](https://www.reddit.com/r/netsec/comments/1i8q5mc/static_source_code_security_scanning_tools/) - Security Weekly Podcast Network (Audio) - [ ] [Cursive Funk, Microsoft, Ivanti, Sonic Wall, Exchange, PowerSchool, Aaran Leyland... - SWN #445](http://sites.libsyn.com/18678/cursive-funk-microsoft-ivanti-sonic-wall-exchange-powerschool-aaran-leyland-swn-445)
每日安全资讯(2025-01-25)