威胁情报[CTI]

1. 臭名昭著的黑客组织KittenSec的管理员，被称为"pushfs"，正在退出他们的业务。该组织与SiegedSec有隶属关系，有趣的是，SiegedSec的管理员此前曾宣布退出黑客组织。

   
   

2. 一名论坛用户出售巴西最大电话运营商Claro的网络邮件系统的访问权限。

3. 勒索软件组织Alphv新增2名新受害者，分别是：

   - hollandspecial(hollandspecial.com) 116 GB

   - MGM Resorts International

4. 勒索软件组织CL0P新增1名新受害者，分别是：

   - Shen Milsom & Wilke LLC (http://smwllc.com)

5. 勒索软件组织ThreeAM新增6名新受害者。

[安全简报]

• HackerOne

[8x8]

没有保护的Atlantis服务器https://132.226.█.█

https://hackerone.com/reports/1895783

• PacketStorm

Academy LMS 6.2 SQL Injection

https://packetstormsecurity.com/files/174681/Academy-LMS-6.2-SQL-Injection.html

Academy LMS 6.2 Cross Site Scripting

https://packetstormsecurity.com/files/174680/Academy-LMS-6.2-Cross-Site-Scripting.html

Italia Mediasky CMS 2.0 Cross Site Scripting

https://packetstormsecurity.com/files/174655/islamnt-CMS-2.1.0-Add-Administrator.html

Italia Mediasky CMS 2.0 Cross Site Request Forgery

https://packetstormsecurity.com/files/174670/Italia-Mediasky-CMS-2.0-Cross-Site-Request-Forgery.html

Chrome Read-Only Property Overwrite

https://packetstormsecurity.com/files/174669/Chrome-Read-Only-Property-Overwrite.html

• SCMagazine

针对数千组织的全球密码暴力破解攻击

https://www.scmagazine.com/news/global-password-spray-attacks-target-thousands-of-organizations

• TheGuardian

谁是最新一波英国勒索软件攻击的幕后黑手？

https://www.theguardian.com/technology/2023/sep/14/who-is-behind-latest-wave-of-ransomware-attacks

• Gizmodo

凯撒娱乐(Caesars Entertainment)证实在最近的第二次赌场袭击中遭到黑客攻击

https://gizmodo.com/caesars-confirms-hack-in-second-recent-casino-attack-1850837915

• SecurityWeek

"NLBrute"恶意软件背后的俄罗斯黑客被引渡认罪

https://www.securityweek.com/extradited-russian-hacker-behind-nlbrute-malware-pleads-guilty/

五角大楼的 2023 年网络战略侧重于帮助盟友

https://www.securityweek.com/pentagons-2023-cyber-strategy-focuses-on-helping-allies/

加州与谷歌就位置隐私诉讼达成和解，赔偿93万美元

https://www.securityweek.com/california-settles-with-google-over-location-privacy-practices-for-93-million/

• BleepingComputer

Retool 将漏洞归咎于Google Authenticator MFA云同步功能

https://www.bleepingcomputer.com/news/security/retool-blames-breach-on-google-authenticator-mfa-cloud-sync-feature/

Google将Chromebook的安全更新支持延长至10年

https://www.bleepingcomputer.com/news/security/google-extends-security-update-support-for-chromebooks-to-10-years/

ORBCOMM勒索软件攻击导致货运车队管理中断

https://www.bleepingcomputer.com/news/security/orbcomm-ransomware-attack-causes-trucking-fleet-management-outage/

TikTok因侵犯儿童隐私而被罚款3.68亿美元

https://www.bleepingcomputer.com/news/technology/tiktok-slapped-with-368-million-fine-over-child-privacy-violations/

Bing Chat AI宕机，影响Windows Copilot等

https://www.bleepingcomputer.com/news/microsoft/bing-chat-ai-is-down-affecting-windows-copilot-and-more/

• Malwarebytes Labs

欧洲刑警组织揭露网络犯罪策略

https://www.malwarebytes.com/blog/news/2023/09/europol-publishes-report-discussing-observed-methodologies-and-threats

• TheHackerNews

自动化威胁情报收集与人类之间的相互依赖

https://thehackernews.com/2023/09/the-interdependence-between-automated.html

谷歌同意在加州的位置隐私诉讼中达成93万美元的和解

https://thehackernews.com/2023/09/google-agrees-to-93-million-settlement.html

DDoS 2.0:物联网引发了新的DDoS警报

https://thehackernews.com/2023/09/ddos-20-iot-sparks-new-ddos-alert.html

NodeStealer 恶意软件现在针对多个浏览器上的Facebook企业账户

https://thehackernews.com/2023/09/nodestealer-malware-now-targets.html

网络犯罪分子结合网络钓鱼和EV证书来传递勒索软件有效负载

https://thehackernews.com/2023/09/cybercriminals-combine-phishing-and-ev.html

• DarkReading

攻击者声称Okta代理参与了美高梅的数据泄露

https://www.darkreading.com/application-security/okta-flaw-involved-mgm-resorts-breach-attackers-claim

Microsoft: 'Peach Sandstorm'网络攻击的目标是国防、制药组织

https://www.darkreading.com/dr-global/mideast-retailers-scam-facebook-pages-investment-opportunities

第三方供应商失手后，大曼彻斯特警方遭到黑客攻击

https://www.darkreading.com/endpoint/greater-manchester-police-hack-third-party-supplier-fumble