today.md

每日安全资讯（2025-01-31）

• Sukka's Blog
  • 2024：浏览器从 A 到 Z
• Trustwave Blog
  • How Trustwave’s Fusion Platform Analyzes Ransomware Tactics in the Energy Sector: A Comprehensive Overview
• Security Boulevard
  • 2025 predictions: Security industry
  • Preparing for PCI DSS 4.0: How Sonatype SBOM Manager can streamline and accelerate your transition
  • Trust in Cloud Security with Effective Secrets Rotation
  • Innovative PAM Strategies for Modern Enterprises
  • Advancing Cloud Compliance with Proactive Measures
  • Hiya AI Phone App Protects Against Deepfakes, Other Scams
  • DEF CON 32 – Color Blasted Badge Making: How Hard Could It Be
  • 2025’s Top Five Trends in Identity Verification
  • Next Steps from the PCI Council’s SAQ-A Update: Critical Responsibilities and Opportunities for PSPs
  • Assessing the New SAQ-A Changes: Insights for QSAs
• Armin Ronacher's Thoughts and Writings
  • How I Use AI: Meet My Promptly Hired Model Intern
• Recent Commits to cve:main
  • Update Thu Jan 30 20:25:02 UTC 2025
  • Update Thu Jan 30 12:18:33 UTC 2025
  • Update Thu Jan 30 04:17:50 UTC 2025
• bunnie's blog
  • Name that Ware, January 2025
  • Winner, Name that Ware December 2024
• InfoSec Write-ups - Medium
  • How iPhone Data Can Be Securely Erased?
  • Cutting Off Skynet: Running Local LLMs With Ollama
• 一个被知识诅咒的人
  • 【Python】深入探索Python元类：动态生成类与对象的艺术
  • 【Python】深入理解Python中的装饰器链：创建组合装饰器的技巧与实践
• SecWiki News
  • SecWiki News 2025-01-30 Review
• Flexera Blog - Feed
  • Cyber-Resilience regulations are here—is your organization ready?
• gynvael.coldwind//vx.log (en)
  • On hackers, hackers, and hilarious misunderstandings
• Securelist
  • No need to RSVP: a closer look at the Tria stealer campaign
• Twitter @bytehx
  • Re @CristiVlad25 @SynackRedTeam Yes!
  • Thanks @SynackRedTeam
• Trail of Bits Blog
  • PyPI now supports archiving projects
• Malware-Traffic-Analysis.net - Blog Entries
  • 2025-01-30: XLoader infection
• Malwarebytes
  • Microsoft advertisers phished via malicious Google ads
  • The DeepSeek controversy: Authorities ask where does the data come from and how safe is it?
• Reverse Engineering
  • ReSym: Harnessing LLMs to Recover Variable and Data Structure Symbols from Stripped Binaries [PDF]
  • Decompiling 2024: A Year of Resurgance in Decompilation Research
  • arm64 PC-relative addressing fun
  • College Survey on AI-Enhanced Phishing and Cybersecurity Training Effectiveness
• Intigriti
  • Power of the collective: Investing in the security researcher community for shared success
• Hacking Articles
  • AD Recon: Kerberos Username Bruteforce
• Shostack & Friends Blog
  • The Birth of the CVE System, on Hackers To Founders
  • Hoarding, Debt and Threat Modeling
• FreeBuf网络安全行业门户
  • DeepSeek AI数据库泄露：超百万条日志和密钥曝光
• rtl-sdr.com
  • Jeff Geerling Explores the CaribouLite Raspberry Pi Hat
  • The Taylorator: Flooding the Broadcast FM Band with Taylor Swift Songs using a LimeSDR
  • Video on the Basics of SDR for Hackers
• 奇客Solidot–传递最新科技情报
  • 美国版权局称 AI 辅助作品如果包含足够的人类创意可获得版权保护
  • LibreOffice 下载量突破 4 亿
  • Debian 项目停止在 X 上发推
  • Douglas Engelbart 诞辰 100 周年
• Black Hills Information Security
  • Questions From a Beginner Threat Hunter
• 锦行科技
  • 初二 | 姻缘美满
• 红日安全
  • 新年新挑战，红日安全不打烊！携手同行，保障数字世界，迎接无限机遇！💻💼
• M01N Team
  • AI风险分析 | Grok提示词泄露前后暗藏玄机
• 安全内参
  • 针对DeepSeek的网络攻击再升级：僵尸网络进场 攻击指令激增上百倍​
• 安全分析与研究
  • Fake CAPTCHA攻击技术
• 吾爱破解论坛
  • [【2025春节】解题领红包活动开始喽，解出就送论坛币！

第一题送分题有手就行（不需有脑，已有 1376 位会员完成此任务）。

第二题 Windows 初级题 14点整 上线，题目很简单，如果你对逆向分析感兴趣，不妨借此机会自学尝试，让这次活动真正成为你技能提升的阶梯。](https://mp.weixin.qq.com/s?__biz=MjM5Mjc3MDM2Mw==&mid=2651141658&idx=1&sn=11067b00a771b8ee9bd4c4d0da1e8908&chksm=bd50a64e8a272f589319d04410866e550b8792cd73b49c0eecc8abb4df9996d504f306e3b43c&scene=58&subscene=0#rd)

• 墨菲安全
  • DeepSeek因软件供应链安全问题导致严重聊天记录数据泄漏
• 极客公园
  • 我合理怀疑，春晚节目组混进了 B 站的人
  • 美国对 DeepSeek 开展国家安全调查；传 DS 训练模型绕过英伟达 CUDA；春节档刷新初一票房纪录 | 极客早知道
• Project Zero
  • Windows Bug Class: Accessing Trapped COM Objects with IDispatch
  • Windows Exploitation Tricks: Trapping Virtual Memory Access (2025 Update)
• Krypt3ia
  • Threat Report: Risks and Considerations of Storing Corporate Security Telemetry in EDR Vendor Cloud Instances
  • Krypt3ia Daily Cyber Threat Intelligence (CTI) Digest
• bellingcat
  • Neo-Nazis Linked to “Terrorist Activities” to Host Budapest Concert
• Securityinfo.it
  • Privacy dei dati: la maggior parte degli utenti teme una violazione
• 360数字安全
  • 大年初二 | 金蛇迎春，福“巳”绵延
• Over Security - Cybersecurity news aggregator
  • Backdoor found in two healthcare patient monitors, linked to IP in China
  • Lawmakers push for guardrails, deadline on cyber military study
  • Google blocked 2.36 million risky Android apps from Play Store in 2024
  • States with laws requiring data brokers to register are ramping up enforcement
  • Gabbard grilled over Snowden comments during Senate confirmation hearing
  • US Justice Department says cybercrime forum allegedly affected 17 million Americans
  • Defeating Future Threats Starts Today
  • Ransomware attack disrupts New York blood donation giant
  • Infrastructure Laundering: Blending in with the Cloud
  • Ransomware attack on New York Blood Center forces workarounds, drive cancellations
  • DeepSeek exposes database with over 1 million chat records
  • International police coalition takes down two prolific cybercrime and hacking forums
  • Police take down two large cybercrime forums, arrest suspects
  • Major GitHub outage affects pull requests and other services
  • The Advantages of Cloud-Based Remote Desktop versus RDP over VPN
  • (Un)Happy Trails
  • New Syncjacking attack hijacks devices using Chrome extensions
  • bedevil: Dynamic Linker Patching
  • Hack.lu: In-Depth Study of Linux Rootkits: Evolution, Detection, and Defense
  • Hack.lu: The Gist of Hundreds of Incident Response Cases
  • Reptile's Custom Kernel-Module Launcher
  • BSides Munich: /proc for Security Analysts
  • DeepSec: RAT Builders - How to catch them all
  • Shell Script Compiler (shc)
  • Today I Learned - setfacl
  • Analysis of Python's .pth files as a persistence mechanism
  • Tear Down The Castle - Part 1
  • Oh my .. ! - Suspicious network traffic detected including Ransomware
  • Tear Down The Castle - Part 2
  • Follow-Up: Alibaba’s Qwen2.5-VL Model is Also Vulnerable to Prompt Attacks
  • Police seizes Cracked and Nulled hacking forum servers, arrests suspects
  • Microsoft lifts Windows 11 update block for PCs with gaming issues
  • Common OAuth Vulnerabilities
  • DeepSeek’s Growing Influence Sparks a Surge in Frauds and Phishing Attacks
  • Time Bandit ChatGPT jailbreak bypasses safeguards on sensitive topics
  • Comunicare per proteggere: strategie e strumenti per implementare i requisiti ISO 27001
  • Bilanciare i rischi di security beneficiando di tecnologie di AI: fra opportunità e rischi
  • DeepSeek: i timori per la privacy e la cyber security
  • DeepSeek, serve cautela: ci sono pericoli per la sicurezza
  • Smishing a tema Poste Italiane: i dettagli e come difendersi
  • Più cyber attacchi nel 2024. E nel 2025 il trend non si fermerà
  • I cyber rischi in azienda che (anche) gli italiani non comprendono
  • Le chat WhatsApp sono corrispondenza da tutelare: i paletti privacy della Cassazione
  • Decentraleyes potenzia la privacy online: vantaggi e limiti
  • Il controllo del dipendente da parte del datore di lavoro: le sfide per la privacy
  • Talos IR trends Q4 2024: Web shell usage and exploitation of public-facing applications spike
  • UK, US Introduce “Content Credentials” Labeling to Counter Deepfakes, Misinformation in the Age of AI
  • Speedio (unverified) - 27,501,041 breached accounts
  • ICS Vulnerability Report: Cyble Urges Critical mySCADA Fixes
• 迪哥讲事
  • 深入浅出API测试｜搜集分析与漏洞挖掘实战
• SANS Internet Storm Center, InfoCON: green
  • PCAPs or It Didn't Happen: Exposing an Old Netgear Vulnerability Still Active in 2025 [Guest Diary], (Thu, Jan 30th)
  • ISC Stormcast For Thursday, January 30th, 2025 https://isc.sans.edu/podcastdetail/9302, (Thu, Jan 30th)
• 白帽子章华鹏
  • DeepSeek被海外曝出严重聊天记录数据泄漏问题
• Have I Been Pwned latest breaches
  • Speedio (unverified) - 27,501,041 breached accounts
• Hacking Exposed Computer Forensics Blog
  • Daily Blog #733: Test Kitchen building cloud tools with cursor
• Full Disclosure
  • Quorum onQ OS - 6.0.0.5.2064 | Reflected Cross Site Scripting (XSS) | CVE-2024-44449
  • Deepseek writes textbook insecure code in 2025-01-28
  • Text injection on https://www.google.com/sorry/index via ?q parameter (no XSS)
• Graham Cluley
  • Smashing Security podcast #402: Hackers get hacked, the British Museum IT shutdown, and social media kidnaps
• Information Security
  • Change Healthcare data breach – how to protect yourself
  • College Survey on AI-Enhanced Phishing and Cybersecurity Training Effectiveness
  • CIS standards for CyberArk
  • What is SHEIN doing to our data?
• Krebs on Security
  • Infrastructure Laundering: Blending in with the Cloud
• netsecstudents: Subreddit for students studying Network Security and its related subjects
  • GCP Red Teaming / Pentesting Certifications
• Social Engineering
  • "Humans Aren’t the Weakest Link, They’re the Strongest Layer in Cybersecurity"
  • How to better at socialising?
• Deep Web
  • My friend stumbled upon these while gliding at dark web.
• Technical Information Security Content & Discussion
  • The Slow Death of OCSP
  • Practising Heap Exploitation: Using House Of Force Technique with Practicals
  • WebAssembly and security: a review
  • A short Introduction to BloodHound Custom Queries
  • CVE-2024-46506: Unauthenticated RCE in NetAlertx
• Your Open Hacker Community
  • Everything is hacked 😊
  • Phones that are open to connecting via Bluetooth
  • Most Effective learning path to Reverse engineer network server of old games?
  • Is there any website I can use to convert a large amount of passwords into Hashes (in batch)?
  • Finding an array of class instances using Cheat Engine?
  • Free course
  • Cheat engine?
  • Who has dark web AI?
  • Question
  • I want to hack like elliot from mister robot
  • Tips for Copying and Pasting from Apps That Restrict It
  • Can I duplicate a SIM card?
• Schneier on Security
  • Fake Reddit and WeTransfer Sites are Pushing Malware
• Deeplinks
  • Executive Order to the State Department Sideswipes Freedom Tools, Threatens Censorship Resistance, Privacy, and Anonymity of Millions
  • The Internet Never Forgets: Fighting the Memory Hole
  • Protect Your Privacy on Bumble
• The Hacker News
  • Google: Over 57 Nation-State Threat Groups Using AI for Cyber Operations
  • Authorities Seize Domains of Popular Hacking Forums in Major Cybercrime Crackdown
  • Lightning AI Studio Vulnerability Allowed RCE via Hidden URL Parameter
  • SOC Analysts - Reimagining Their Role Using AI
  • DeepSeek AI Database Exposed: Over 1 Million Log Lines, Secret Keys Leaked
  • Unpatched PHP Voyager Flaws Leave Servers Open to One-Click RCE Exploits
  • New Aquabot Botnet Exploits CVE-2024-41710 in Mitel Phones for DDoS Attacks
• Security Affairs
  • DeepSeek database exposed highly sensitive information
  • TeamViewer fixed a vulnerability in Windows client and host applications
  • Operation Talent: An international law enforcement operation seized Cracked, Nulled and other cybercrime websites
  • PHP package Voyager flaws expose to one-click RCE exploits
  • Italy’s Data Protection Authority Garante requested information from Deepseek
• Security Weekly Podcast Network (Audio)
  • Cred Vaults, Cheap AI, and Hacking Devices - Matt Bishop - PSW #859