威胁情报[CTI]
CISA发布威胁组织利用CVE-2022-47966和CVE-2022-42475。
UsDoD发布TransUnion 数据库,泄露的数据库大小超过3GB,包含58,505人的高度敏感的个人信息。
一名论坛用户泄露Mindanao State University Naawan数据
(http://msunaawan.edu.ph):
黑客组织Dark Storm针对以色列和阿联酋发起DDOS攻:
- First Abu Dhabi Bank
- IAI - Israel Aerospace Industries
- Fast Track TLV
- Evigilo
LockBit发布23个被勒索的受害者列表
[安全简报]
HackerOne
[Invision Power Services, Inc.]
带有可视语言编辑器标记的XSS
https://hackerone.com/reports/2031855
BleepingComputer
TikTok被Elon Musk("埃隆马斯克")加密货币赠品骗局覆盖
https://www.bleepingcomputer.com/news/security/tiktok-flooded-by-elon-musk-cryptocurrency-giveaway-scams/
TheHackerNews
朝鲜Lazarus组织涉嫌31万美元的CoinEx抢劫案
https://thehackernews.com/2023/09/north-koreas-lazarus-group-suspected-in.html
DataBreaches
"我不是亲俄罗斯的,我也不是恐怖分子!" - USDoD
https://www.databreaches.net/im-not-pro-russia-and-im-not-a-terrorist-infragard-and-airbus-hacker-usdod-unveils-his-new-campaigns/
瑞典隐私保护局对保险公司Trygg-Hansa处以罚款,原因是该公司暴露了敏感的客户数据
https://www.databreaches.net/swedens-privacy-protection-agency-fines-insurer-trygg-hansa-for-exposing-sensitive-customer-data/
专员宣布两项新加坡个人数据保护
https://www.databreaches.net/personal-data-protection-commissioner-of-singapore-announces-two-decisions/
BlackCat勒索软件使用Sphynx加密攻击Azure存储
https://www.databreaches.net/blackcat-ransomware-hits-azure-storage-with-sphynx-encryptor/