[每日信息流] 2025-10-29 #1034
Description
每日安全资讯(2025-10-29)
- SecWiki News
- Trustwave Blog
- Doonsec's feed
- 修改《中华人民共和国网络安全法》的决定
- 深圳 IT行业销售赚钱副业渠道
- 喜讯来袭!Dozer瞌睡虫战队再创佳绩,领航杯一等奖收入囊中!
- dddd新增POC及误报修改20251028
- 2025鹏云杯山东省第十二届网络安全技能大赛总决赛题解-WriteUp(山东省网络安全竞赛的净土)
- 用友U8 Cloud pubsmsservlet接口存在远程代码执行漏洞 附POC
- 政务数据安全新国标落地:以标准为基,以评估为桥,推动政务数据管理能力跃升
- 【数字政府优秀案例联播】凉山州:智能汇聚信息资源 创新打造“彝州日历”
- 第六批通过信创数智技术服务能力一级评估单位公示
- 哈佛大学 | UNICORN:基于运行时溯源的高级持续性威胁检测器
- 齐鲁师范学院2025级新生CTF网络安全练习平台 Week2 WriteUP
- 爆喜讯!Dozer瞌睡虫战队又夺冠啦,领航杯一等奖到手!
- 实战攻防 | 日穿某集团全域
- 活该你能挖到洞
- "Evtx Web Analysiser"实战案例(二)
- APT追踪第一集:“神秘大象”APT组织攻击战术分析
- 暗网空间测绘
- 论文研读与思考|Attention Is All You Need
- 靶场养成计划|蓝队方向:本科组一期靶场防守报告
- 【资料】开源情报的智能化演进——以乌克兰国防情报国际军团为例
- 战火终熄,荣耀收官 | 第九届XCTF国际网络攻防联赛总决赛圆满落幕!
- 4000只是起点
- 一夜速通Tr0ll靶场!这个隐藏文件夹竟让Root权限“白送”?
- obaby@mars
- Tenable Blog
- Private Feed for M09Ic
- bolucat released 202510281937 at bolucat/Archive
- Teach2Breach starred MalwareTech/ExifSmugglingPoC
- OpenAEV-Platform released 2.0.0 at OpenAEV-Platform/openaev
- Mr-xn starred wquguru/nof0
- mitre-attack released v18.0 at mitre-attack/attack-stix-data
- whwlsfb starred dushixiang/prism
- wuhan005 contributed to QuantumNous/new-api
- Rvn0xsy starred massgravel/Microsoft-Activation-Scripts
- gh0stkey starred atuinsh/atuin
- TideSec starred SleepingBag945/IPSearch-MCP
- Y4er starred lepoco/wpfui
- PrefectHQ released 3.4.26.dev3 at PrefectHQ/prefect
- niudaii starred optiv/Talon
- kyxiaxiang starred mdsecactivebreach/functionpeekaboo
- pmiaowu starred projectdiscovery/nuclei-templates
- uknowsec starred vnxfsc/fourmeme_parser_sdk
- gh0stkey starred fabi321/icmptunnel-rs
- Chuyu-Team released v1.1.9-Beta3 at Chuyu-Team/YY-Thunks
- Y4er starred MetaCubeX/metacubexd
- pydantic released v1.7.0 at pydantic/pydantic-ai
- paper - Last paper
- ongoing by Tim Bray
- Google Online Security Blog
- Cerbero Blog
- Recent Commits to cve:main
- GuidePoint Security
- 嘶吼 RoarTalk – 网络安全行业综合服务平台,4hou.com
- Horizon3.ai
- NVISO Labs
- Malwarebytes
- Securelist
- 锦行科技
- 网安志异
- 奇客Solidot–传递最新科技情报
- 绿盟科技CERT
- 安全内参
- 安全分析与研究
- 丁爸 情报分析师的工具箱
- 看雪学苑
- 代码卫士
- 安全研究GoSSIP
- 奇安信威胁情报中心
- 天黑说嘿话
- 信息安全国家工程研究中心
- DataCon大数据安全分析竞赛
- 青藤云安全
- 网络空间安全科学学报
- 默安科技
- 数世咨询
- 安全圈
- 极客公园
- 安全牛
- 中国信息安全
- 嘶吼专业版
- 黑鸟
- 专注安管平台
- 京东安全应急响应中心
- 字节跳动技术团队
- 云鼎实验室
- Securityinfo.it
- TrustedSec
- 网安国际
- ICT Security Magazine
- 360数字安全
- Over Security - Cybersecurity news aggregator
- Windows 11 KB5067036 update rolls out Administrator Protection feature
- Python rejects $1.5M grant from U.S. govt. fearing ethical compromise
- Le “sentenze fantasma” arrivano in Cassazione e fanno dubitare della giustizia
- Ransomware Attack on River City Eye Care: Leaked Files Reveal More Than the Official Notification Admits
- Advertising giant Dentsu reports data breach at subsidiary Merkle
- How Atlassian is protecting their brand with one click takedowns
- Primark is Winning the Takedown Game with PreCrime
- Qilin ransomware abuses WSL to run Linux encryptors in Windows
- Elloe AI wants to be the ‘immune system’ for AI — check it out at Disrupt 2025
- CyDeploy wants to create a replica of a company’s system to help it test updates before pushing them out — catch it at Disrupt 2025
- FCC adopts new rule targeting robocalls
- CISA warns of two more actively exploited Dassault vulnerabilities
- Da ACN le linee guida sui criteri di premialità per i fornitori: focus sulla cyber security
- Researchers warn of Qilin ransomware gang after group hit hundreds of orgs this year
- Microsoft sued for allegedly tricking millions into Copilot M365 subscriptions
- Microsoft: Copilot now lets you build apps, automate workflows
- Google Chrome to warn users before opening insecure HTTP sites
- TEE.Fail attack breaks confidential computing on Intel, AMD, NVIDIA CPUs
- The Evolution of Data Extortion TTPs: From Exploiting Code to Exploiting People
- Dal cyberspazio al territorio: come la Russia arruola volontari per sabotaggi, anche in Italia
- Il CISO a chi riporta? Le risposte giuste per una governance matura
- Lawsuit against NYPD alleges its surveillance system is unconstitutional
- New Android malware mimics human typing to evade detection, steal money
- Clearview AI sued in Europe over alleged privacy violations
- BiDi Swap: The bidirectional text trick that makes fake URLs look real
- New Herodotus Android malware fakes human typing to avoid detection
- New Atroposia malware comes with a local vulnerability scanner
- 5 SOC Challenges and How Threat Intelligence Solves Them
- New Android Malware Herodotus Mimics Human Behaviour to Evade Detection
- APT-C-60 Escalates SpyGlace Campaigns Targeting Japan with Evolved Malware, Advanced Evasion TTPs
- Strategia nazionale per la cyber sicurezza: ecco le priorità per i prossimi anni
- The Illusion of Wealth: Inside the Engineered Reality of Investment Scam Platforms
- Dal comando alla manovra: ecco come definire i ruoli nella gestione degli asset aziendali
- I cyberattacchi al governo U.S.A. sono quasi raddoppiati dopo lo “shutdown”
- Crypto wasted: BlueNoroff’s ghost mirage of funding and jobs
- Schneier on Security
- 希潭实验室
- IT Service Management News
- SANS Internet Storm Center, InfoCON: green
- SEI Blog
- Rasta Mouse
- Instapaper: Unread
- Videocamere di sorveglianza un buco nero per la security
- Deepfake vocali così l’AI permette attacchi di vishing in tempo reale
- Ransomware payments hit record low only 23% Pay in Q3 2025
- Facial recognition firm Clearview AI hit with criminal complaint | Euractiv
- New Android Malware Herodotus Mimics Human Behaviour to Evade Detection
- iOS 26 Deletes Pegasus and Predator Spyware Infection Evidence by Overwriting The ‘shutdown.log’ file on Reboot
- Memento Labs, the ghost of Hacking Team, has returned — or maybe it was never gone at all.
- The Hacker News
- New TEE.Fail Side-Channel Attack Extracts Secrets from Intel and AMD DDR5 Secure Enclaves
- New Android Trojan 'Herodotus' Outsmarts Anti-Fraud Systems by Typing Like a Human
- Researchers Expose GhostCall and GhostHire: BlueNoroff's New Malware Chains
- Why Early Threat Detection Is a Must for Long-Term Business Growth
- Is Your Google Workspace as Secure as You Think it is?
- Chrome Zero-Day Exploited to Deliver Italian Memento Labs' LeetAgent Spyware
- SideWinder Adopts New ClickOnce-Based Attack Chain Targeting South Asian Diplomats
- Trend Micro Research, News and Perspectives
- Graham Cluley
- Deeplinks
- Tor Project blog
- TorrentFreak
- The Register - Security
- Clearview AI faces criminal heat for ignoring EU data fines
- AI browsers face a security flaw as inevitable as death and taxes
- Beatings, killings, and lasting fear: The human toll of MoD's Afghan data breach
- Google says reports of a Gmail breach have been greatly exaggerated
- Chatbots parrot Putin's propaganda about the illegal invasion of Ukraine
- Marks & Spencer swaps out TCS for fresh helpdesk deal
- Security Affairs
- Aisuru botnet is behind record 20Tb/sec DDoS attacks
- Everest group claimed the hack of Sweden’s power grid operator Svenska kraftnät
- Critical ASP.NET flaw hits QNAP NetBak PC Agent
- Ransomware payments hit record low: only 23% Pay in Q3 2025
- X warns users to re-enroll passkeys and YubiKeys for 2FA by Nov 10
- Security Weekly Podcast Network (Audio)