Matrix SEC每日安全简报(2023.09.18)
2023-9-18 11:33:51 Author: Matrix SEC(查看原文) 阅读量:6 收藏

威胁情报[CTI]

  1. CISA发布威胁组织利用CVE-2022-47966和CVE-2022-42475。

  2. UsDoD发布TransUnion 数据库,泄露的数据库大小超过3GB,包含58,505人的高度敏感的个人信息。

  3. 一名论坛用户泄露Mindanao State University Naawan数据

    (http://msunaawan.edu.ph):

  4. 黑客组织Dark Storm针对以色列和阿联酋发起DDOS攻

    - First Abu Dhabi Bank

    - IAI - Israel Aerospace Industries

    - Fast Track TLV

    - Evigilo

  5. LockBit发布23个被勒索的受害者列表

[安全简报]

  • HackerOne

[Invision Power Services, Inc.]

带有可视语言编辑器标记的XSS

https://hackerone.com/reports/2031855

  • BleepingComputer

TikTok被Elon Musk("埃隆马斯克")加密货币赠品骗局覆盖

https://www.bleepingcomputer.com/news/security/tiktok-flooded-by-elon-musk-cryptocurrency-giveaway-scams/

  • TheHackerNews

朝鲜Lazarus组织涉嫌31万美元的CoinEx抢劫案

https://thehackernews.com/2023/09/north-koreas-lazarus-group-suspected-in.html

  • DataBreaches

"我不是亲俄罗斯的,我也不是恐怖分子!" - USDoD

https://www.databreaches.net/im-not-pro-russia-and-im-not-a-terrorist-infragard-and-airbus-hacker-usdod-unveils-his-new-campaigns/

瑞典隐私保护局对保险公司Trygg-Hansa处以罚款,原因是该公司暴露了敏感的客户数据

https://www.databreaches.net/swedens-privacy-protection-agency-fines-insurer-trygg-hansa-for-exposing-sensitive-customer-data/

专员宣布两项新加坡个人数据保护

https://www.databreaches.net/personal-data-protection-commissioner-of-singapore-announces-two-decisions/

BlackCat勒索软件使用Sphynx加密攻击Azure存储

https://www.databreaches.net/blackcat-ransomware-hits-azure-storage-with-sphynx-encryptor/


文章来源: http://mp.weixin.qq.com/s?__biz=Mzk0NDUzMjU0NA==&mid=2247484666&idx=1&sn=17d1063ae2aeaaed89b06007e2bffb39&chksm=c32279d5f455f0c316d1a2a8a2276a561bf0d4e5d22330808905f504886d8bae50fb07894170&scene=0&xtrack=1#rd
如有侵权请联系:admin#unsafe.sh