每日安全资讯（2023-09-28）

• SecWiki News
  • SecWiki News 2023-09-27 Review
• Security Boulevard
  • Webinar Highlights – Mastering the new SEC Regs
  • Step on It: What to Know About TISAX Compliance in the Automotive Market
  • Protecting Critical Infrastructure From Ransomware with LogRhythm NDR
  • Google LibWebP Arbitrary Code Execution Vulnerability (CVE-2023-5129) Notification
  • Cyber Week 2023 & The Israel National Cyber Directorate Presents – Scaling up Cyber Capacity Building: The Sectoral Approach to Critical Infrastructure Protection
  • ZenRAT Targets Windows Users with Fake Bitwarden Site
  • Meet the Ona: Stefan Popa
  • RATs, rootkits, and ransomware (oh my!)
  • Unlock 2023’s Top Benefits of Security as a Service!
  • Randall Munroe’s XKCD ‘Lying’
• Tenable Blog
  • CVE-2023-29357, CVE-2023-24955: Exploit Chain Released for Microsoft SharePoint Server Vulnerabilities
• HackerOne Hacker Activity
  • Twitter account hijack @Costalfy
  • [curl] CVE-2023-38039: HTTP header allocation DOS
  • Subdomain Takeover on mozaws.net
  • Missing Function Level Access Control in Mozilla formula containsRegular Expression Denial of Service (CVE-2023-25166)
• Files ≈ Packet Storm
  • Microsoft Error Reporting Local Privilege Elevation
  • Everlasting ROBOT: The Marvin Attack
  • Ubuntu Security Notice USN-6399-1
  • Ubuntu Security Notice USN-6398-1
  • Ubuntu Security Notice USN-6387-2
  • Ubuntu Security Notice USN-6397-1
  • Ubuntu Security Notice USN-6396-1
  • Red Hat Security Advisory 2023-5353-01
  • Red Hat Security Advisory 2023-5362-01
  • Red Hat Security Advisory 2023-5361-01
  • Red Hat Security Advisory 2023-5360-01
  • Red Hat Security Advisory 2023-5363-01
  • Ubuntu Security Notice USN-6361-2
• Sploitus.com Exploits RSS Feed
  • Microsoft Error Reporting Local Privilege Elevation exploit
  • Microsoft Error Reporting Local Privilege Elevation Exploit exploit
  • Exploit for OS Command Injection in Imagemagick exploit
  • Exploit for Improper Authentication in Fit2Cloud Jumpserver exploit
  • Exploit for Command Injection in Cisco Telepresence Video Communication Server exploit
  • Exploit for Vulnerability in Apple Macos exploit
  • Exploit for Cross-site Scripting in Roundcube Webmail exploit
  • Exploit for CVE-2023-42222 exploit
• Sec-News 安全文摘
  • jumpserver最新re-auth复现（伪随机经典案例）
• paper - Last paper
  • I have a mapping data analysis assistant
  • 我有一个称职的测绘数据分析助理
• Google Online Security Blog
  • SMS Security & Privacy Gaps Make It Clear Users Need a Messaging Upgrade
• obaby@mars
  • DAYI.MA（闺蜜圈）– 后台开发进度
• 嘶吼 RoarTalk – 网络安全行业综合服务平台,4hou.com
  • 连续上榜！360荣获国家信息安全漏洞共享平台多项荣誉
  • ChargePoint Home Flex电动汽车充电站攻击面总结
  • 短链接的危险
• Recent Commits to cve:main
  • Update Wed Sep 27 10:57:41 UTC 2023
• unSafe.sh - 不安全
  • GPU.zip: Hackers can now steal your passwords through your GPU (pixel-by-pixel)
  • 行政处罚决定书查询
  • Pegasus spyware and how it exploited a WebP vulnerability

  • [Sonoma in the Spotlight

    What’s New and What’s Missing in macOS 14](https://buaq.net/go-178078.html)

  • jumpserver最新re-auth复现（伪随机经典案例）
  • Xenomorph hunts cryptocurrency logins on Android
  • A Deep Dive into Brute Ratel C4 payloads – Part 2
  • You can now use WebGPU in Cloudflare Workers
• Perception Point
  • Booking.com Customers Hit by Phishing Campaign Delivered Via Compromised Hotels Accounts
• Forcepoint
  • AI in Business—Managing Generative AI Risk
• Securelist
  • QR codes in email phishing
• BREAKDEV
  • Evilginx Pro - The Future of Phishing
• SAP Blogs
  • A Supplier Portal for SAP S/4HANA Cloud in No-Code with Integration to SAP BTP Event Mesh
  • SAP Inside Track 2023 – Bangalore – August 19 !!
  • SAP Enable Now Learning Journey
  • SAP Enable Now – People Solution for successful Digital Transformation
  • SF Time Off – Compensatory Off – Complete Automated Process using MDF and Integration Center
  • Third party Sales process in SAP S/4 HANA system
• Dancho Danchev’s Blog
  • My New Dark Web Onion - Soliciting Your Input On Personally Identifiable Information on the Bad Guys
  • Bulgarian-Themed Ransomware Group Affects Small E-Business Web Sites in Bulgaria, A1 Pays Ransom
• Malwarebytes Labs
  • Pegasus spyware and how it exploited a WebP vulnerability
  • Xenomorph hunts cryptocurrency logins on Android
  • Malwarebytes MDR wins G2 awards for “Best ROI,” “Easiest to Use,” and more
  • Malwarebytes Admin update: New Detection screens to manage threats!
• GuidePoint Security
  • PCI DSS 4.0 – What You Need to Know About INFI Worksheets
• SentinelOne

  • [Sonoma in the Spotlight

    What’s New and What’s Missing in macOS 14](https://www.sentinelone.com/blog/sonoma-in-the-spotlight-whats-new-and-whats-missing-in-macos-14/)

• Reverse Engineering
  • GPU.zip: Hackers can now steal your passwords through your GPU (pixel-by-pixel)
  • A Deep Dive into Brute Ratel C4 payloads – Part 2
• Hexacorn
  • ZydisInfo – the disassembler that breaks the code, twice
• blog.avast.com EN
  • RATs, rootkits, and ransomware (oh my!)
• Intigriti
  • Bug Bytes #212 – XSS Payloads, IDOR prediction and Cloud Security
• FreeBuf网络安全行业门户
  • RansomedVC 勒索组织声称成功入侵了索尼
  • 《2023上半年网络安全观察报告》联合发布，呈现上半年五大安全领域趋势特点
  • 重磅更新！微软将在 Windows11中推出通行密钥支持功能
• KitPloit - PenTest & Hacking Tools
  • WMIExec - Set Of Python Scripts Which Perform Different Ways Of Command Execution Via WMI Protocol
• Black Hills Information Security
  • Talkin’ About Infosec News – 9/25/2023
• Checkmarx.com
  • Surprise: When Dependabot Contributes Malicious Code
• 安全牛

  • [安全牛研究

    2023年国产欺骗式防御技术应用及代表性厂商分析](https://www.aqniu.com/industry/100001.html)

  • 索尼公司回应勒索攻击传言：正紧急展开调查
  • Fortinet 2023上半年全球威胁态势研究报告：勒索软件检测成下降趋势，针对性攻击持续升温
  • 新型勒索“Megazord”肆虐 三家美国企业数据可随意下载
  • 重要通知丨JumpServer漏洞通知及修复方案（JS-2023.09.27）
• 奇客Solidot–传递最新科技情报
  • 网易手游因审核合规要求移除无根门
  • 网信办公布首批备案的应用商店，苹果应用商店未包含在内
  • 研究预测未来东北增温幅度最大
  • 研究预测哺乳动物的生存时间还剩下 2.5 亿年
  • CERN 获得至今对强力强度最精确测量
  • Google Podcasts 即将关闭，YouTube Music 将加入播客功能
  • Signal 总裁认为 AI 本质上是一种监控技术
  • FTC 和美国 17 个州起诉亚马逊非法垄断电商市场
  • 苹果为与 Google 的默认搜索交易辩护称没有有效替代
  • GPU 旁路攻击暴露视觉数据
  • OpenAI 估值可能最高达到 900 亿美元
  • Telegram 准备拥抱小程序
  • 微软释出 Windows 11 v23H2
• 绿盟科技技术博客
  • 绿盟科技威胁周报（2023.09.18-2023.09.24）
  • JumpServer多个安全漏洞通告
  • Google LibWebP任意代码执行漏洞（CVE-2023-5129）通告
• 腾讯玄武实验室
  • 每日安全动态推送(9-27)
• HackerNews
  • 苹果谷歌漏洞披露不完整，让腾讯 QQ 等数百万应用处于危险之中
  • 又一个基础组件满分漏洞曝光！曾因披露不当引发全球安全社区混乱
  • RansomedVC 勒索组织声称成功入侵了索尼
  • 重磅更新！微软将在 Windows11 中推出通行密钥支持功能
  • MOVEit 漏洞受害组织总数超过 2000 个
  • 三星、戴尔合作伙伴遭网络暴击，勒索软件团伙窃取 4000 万客户数据
  • 勒索软件 Akira 突破思科 SSL VPN 漏洞，横扫 110 个组织，攻击持续升级
• 雷神众测
  • 雷神众测在亚运安恒信数字体验馆等你来！
• 吾爱破解论坛
  • 吾爱破解安卓逆向入门教程《安卓逆向这档事》十四、是时候学习一下Frida一把梭了(中)
• 奇安信 CERT
  • Google libwebp 代码执行漏洞(CVE-2023-5129)安全风险通告
  • JumpServer 多个高危漏洞安全风险通告
• 丁爸 情报分析师的工具箱
  • 【通知】首届全国公安机关刑事侦查新技术论坛11月在嘉兴召开

  • [【转载】数说情报

    （四）TW网军打击异己手段](https://mp.weixin.qq.com/s?__biz=MzI2MTE0NTE3Mw==&mid=2651139194&idx=2&sn=ffe487e7a135c56172e270175ca652bb&chksm=f1af5b40c6d8d25698e8012402bc54b08813216ef9e1ae4c0a782ac98b1a95216ba34f40e9e4&scene=58&subscene=0#rd)

• 看雪学苑
  • Windows HyperV 和它的内存管理
  • 索尼系统疑似被入侵，多个团伙声称对此负责

  • [赛况播报

    2023 KCTF-第11题《步步逼近》已开赛](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458520056&idx=3&sn=2db58b79dbe8b392d2fc47b4f46d9d8f&chksm=b18d397286fab0640e1f23eb82b4f7a41b0c3c0647815f3b8a7d9eb1218c7b82a159992a5266&scene=58&subscene=0#rd)

  • 4h入门PHP代码审计之反序列化
• 慢雾科技

  • [慢雾中秋献礼

    黑暗森林主题版礼盒已上线](https://mp.weixin.qq.com/s?__biz=MzU4ODQ3NTM2OA==&mid=2247498556&idx=1&sn=300c5cbec65b3140d64429a9ea94263e&chksm=fdde85bbcaa90cad48a6270f64cb19b2c075410a4085f45a21f3b7c776561f701fc31f8ecf69&scene=58&subscene=0#rd)

• 代码卫士
  • 黑客利用高危 Openfire 漏洞加密服务器
  • 阿联酋APT被指利用新后门 Deadglyph 攻击中东政府实体
• 三六零CERT
  • CVE-2023-42820：JumpServer密码重置漏洞
  • 安全日报（2023.09.27）
  • 安全日报（2023.09.26）
• 我的安全视界观
  • 演习后认知外的见微知著
• 安全内参
  • 又一个基础组件满分漏洞曝光！曾因披露不当引发全球安全社区混乱
  • 超级软件供应链攻击！MOVEit漏洞受害组织总数超过2000个
• 安全牛

  • [安全牛研究

    2023年国产欺骗式防御技术应用及代表性厂商分析](https://mp.weixin.qq.com/s?__biz=MjM5Njc3NjM4MA==&mid=2651125827&idx=1&sn=236d88f8928370f53b9ace7ac52e7de7&chksm=bd1448908a63c186f722752a68517af3b0afa20c7ea887e32b1fb621ec117b10fddc069d9021&scene=58&subscene=0#rd)

  • 索尼公司回应勒索攻击传言：正紧急展开调查
• 青藤云安全
  • 青藤获评国家信息安全漏洞共享平台（CNVD）三项荣誉
• 极客公园

  • [B 站公布《中国奇谭第二季》；中国队拿下亚运会「电竞首金」；菜鸟提交上市申请，1 年 15 亿跨境包裹

    极客早知道](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653013578&idx=1&sn=c665c1735ad0d53d06e4540974e21ee3&chksm=7e54bbfc492332ea4eefa4ca1e3d3e020c64d474c624d77f0cd376b73c6344d8e24f31d5637e&scene=58&subscene=0#rd)

• 国家互联网应急中心CNCERT
  • 网络安全信息与动态周报2023年第39期（9月18日-9月24日）
  • CNVD漏洞周报2023年第38期
  • 上周关注度较高的产品安全漏洞(20230918-20230924)
• rtl-sdr.com
  • Manuel Compares the RTL-SDR Blog V3 vs RTL-SDR Blog V4
• 360漏洞云
  • 连续上榜！360荣获国家信息安全漏洞共享平台多项荣誉
• 火线安全平台
  • 大人，时代变了
• 安全研究GoSSIP
  • G.O.S.S.I.P 阅读推荐 2023-09-27 Android 在野漏洞 Exploit 分析
• 数世咨询
  • 零信任无法保护到的5个领域
• 我的安全梦
  • Shc-Update工具测试版本
• 嘶吼专业版
  • ChargePoint Home Flex电动汽车充电站攻击面总结
  • 短链接的危险
• DataCon大数据安全分析竞赛
  • 快看！第七届“蓝帽杯”初赛+半决赛官方WP公布
• 情报分析师
  • 情报分析师出品——网络威胁情报指南
  • 军情内参知识社群攻略来啦！
  • 关注小号，谨防失联！
• 腾讯安全威胁情报中心
  • 一图看懂威胁情报云查API接口服务
• 关键基础设施安全应急响应中心
  • 黄奇帆重磅发声：数字经济是新一轮科技革命和产业变革的主要方向
  • 深入推进新时代网络强国建设
  • 勒索软件Akira突破思科SSL VPN漏洞，横扫110个组织，攻击持续升级
  • 盗亦有道?谁在勒索SONY？
• OPPO安全应急响应中心
  • OPPO参与编写的《隐私工程白皮书》正式发布，持续将隐私保护嵌入产品全生命周期
• CNCERT国家工程研究中心
  • 黄奇帆重磅发声：数字经济是新一轮科技革命和产业变革的主要方向
  • Earth Lusca采用新的Linux后门，使用Cobalt Strike 进行传播
  • 苹果谷歌漏洞披露不完整，让腾讯QQ等数百万应用处于危险之中
  • MOVEit漏洞导致美国900所院校学生信息发生大规模泄露
• 中国信息安全

  • [聚焦	算力网络安全架构与数据安全治理技术研讨会在京成功举办](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664194057&idx=1&sn=f6385ebd5edef8e0390e98a6f1fbe242&chksm=8b5962f0bc2eebe662c402b3eed4d6ebbcc3558decd402159b911c646c0e03581e66b9147cdc&scene=58&subscene=0#rd)

  • [关注	工信部通报23款侵害用户权益行为的APP（SDK）](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664194057&idx=2&sn=57cb8a9ae69043aa6273aae96f7fa6f8&chksm=8b5962f0bc2eebe6117da20e74cd9335d6ed17bd01b262f9b0780c0f4c48f711038e98152b95&scene=58&subscene=0#rd)

  • [发布	国家网信办发布第一批应用程序分发平台备案编号](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664194057&idx=3&sn=52d2f9bdddbb99befd6ccb2f180583af&chksm=8b5962f0bc2eebe60dd9a9decb1602ea5d1e02f2229144061e1960e6b15b789edc260eb0eeb8&scene=58&subscene=0#rd)

  • [CNNVD

    关于Linux kernel安全漏洞情况的通报](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664194057&idx=4&sn=b6a0b6675b7ad1ee2ad4f4d7b610ae95&chksm=8b5962f0bc2eebe673ac09eca109c71d0d241bfe93dbc5227eaa5493e510e23ec505e7010080&scene=58&subscene=0#rd)

  • 国家金融监督管理总局王蔚：推进金融数据要素开发利用和安全保护

  • [观点	协同发力严厉打击跨境诈骗](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664194057&idx=6&sn=a196c00c349a06dac4a1c11486091569&chksm=8b5962f0bc2eebe66c18d9496137905e8a592b878e932d2f87bdb629bcb1df61890d1a0769d0&scene=58&subscene=0#rd)

  • [观点	数字化生存时代我的信息谁做主](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664194057&idx=7&sn=1a0e17d139dfa9be3e48973617a4f6e9&chksm=8b5962f0bc2eebe6ab59b57ad73ddeb74eb939a703651fc63708d4fbde527a335d04ffb64c9b&scene=58&subscene=0#rd)

• 默安科技
  • 聊聊亚运会竞赛项目中的攻与防（第二期）
• 深信服千里目安全技术中心
  • 【高级威胁追踪(APT)】Ducktail利用虚假广告攻击市场营销人员的Facebook账号
• 山石网科安全技术研究院
  • 《信息安全技术 网络弹性评价准则》征求意见稿征求意见
• 微步在线
  • 微步在线CEO薛锋荣登“2023科创先锋人物·未来数智领袖榜”
• 360数字安全
  • 【权威】赛迪顾问：360领跑中国数字安全托管运营服务市场
  • 连续上榜！360荣获国家信息安全漏洞共享平台多项荣誉
• Securityinfo.it
  • Individuata una vulnerabilità critica in libwebp già sfruttata dagli attaccanti
  • Malware-as-a-service: i ransomware sono i software più venduti
• D3Lab
  • Campagna di phishing ai danni di Segugio.it con falso call center
• Google Online Security Blog
  • SMS Security & Privacy Gaps Make It Clear Users Need a Messaging Upgrade
• Over Security - Cybersecurity news aggregator
  • Google fixes fifth actively exploited Chrome zero-day of 2023
  • SSH keys stolen by stream of malicious PyPI and npm packages
  • Fake Bitwarden sites push new ZenRAT password-stealing malware
  • Dallas: Royal ransomware gang infiltrated networks weeks before striking
  • RICO class-action data privacy lawsuit filed against H&R Block, Google, Meta
  • Building automation giant Johnson Controls hit by ransomware attack
  • Vulnerability in popular ‘libwebp’ code more widespread than expected
  • Microsoft now rolling out AI-powered Paint Cocreator to Insiders
  • US, Japan say ‘BlackTech’ Chinese gov’t hackers exploiting routers during attacks
  • 10 new vulnerabilities disclosed by Talos, including use-after-free issue in Google Chrome
  • US and Japan warn of Chinese hackers backdooring Cisco routers
  • Vulnerabilità Libwebp ora guadagna la massima severità: come proteggersi dopo i cyber attacchi
  • Individuata una vulnerabilità critica in libwebp già sfruttata dagli attaccanti
  • Campagna di phishing ai danni di Segugio.it con falso call center
  • Sicurezza informatica delle organizzazioni sanitarie: fronteggiare le sfide con un approccio socio-tecnico
  • Modern GPUs vulnerable to new GPU.zip side-channel attack
  • GitHub repos bombarded by info-stealing commits masked as Dependabot
  • Malware-as-a-service: i ransomware sono i software più venduti
  • Putin and Prigozhin went through an ‘amazing transformation,’ says former Kremlin speechwriter
  • ‘Snatch’ Ransom Group Exposes Visitor IP Addresses
  • Ransomed.vc, the new comet in the extortion landscape: the interview
  • Tre scenari di attacco dell’intelligenza artificiale: ecco come contrastarli
  • QR codes in email phishing
  • DHS to host Latin American cyber summit as region faces an onslaught of digital attacks
  • La nuova legge svizzera sulla privacy: gli impatti per le aziende italiane
  • Risky Biz News: CISA releases HBOM framework
• Schneier on Security
  • Critical Vulnerability in libwebp Library
• The Hacker News
  • Red Cross-Themed Phishing Attacks Distributing DangerAds and AtlasAgent Backdoors
  • Researchers Uncover New GPU Side-Channel Vulnerability Leaking Sensitive Data
  • New Survey Uncovers How Companies Are Confronting Data Security Challenges Head-On
  • New ZenRAT Malware Targeting Windows Users via Fake Password Manager Software
  • Critical libwebp Vulnerability Under Active Exploitation - Gets Maximum CVSS Score
• Graham Cluley
  • Smashing Security podcast #341: Another T-Mobile breach, ThemeBleed, and farewell Naked Security
  • British charities warn supporters their personal data has been breached
• Unsupervised Learning
  • Extracted Wisdom Series: Achievement Society and the Rise of Narcissism, Depression, and Anxiety
• Deeplinks
  • EFF’s Comment to the Meta Oversight Board on Polish Anti-Trans Facebook Post
• TG Soft Software House - News
  • Mancano pochi giorni! Sabato 30 settembre 2023 non perdere l’evento LIGHT ON! - Menti Illuminate organizzato da TEDxAsiago.
    
  • Torna a colpire il gruppo hacker che veicola il Ransomware Rhysida
    
• Computer Forensics
  • Big 4 Consulting vs Cybersecurity company
  • Legitimacy of Software Resellers
  • BitLocker, Bypass External Key Protector
• Your Hacking Tutorial by Zempirians
  • Airlec Smart switch with port 6668 (IRC) open
  • Will these 2 requests make a mitm attack?
  • Is what I did considered hacking?
• SANS Internet Storm Center, InfoCON: green
  • ISC Stormcast For Wednesday, September 27th, 2023 https://isc.sans.edu/podcastdetail/8676, (Wed, Sep 27th)
• netsecstudents: Subreddit for students studying Network Security and its related subjects
  • practical differences between gobuster/feroxbuster/ffuf/dirsearch?
  • Why do payment systems verify the transaction once it has been completed?
  • Find & exploit NoSQL Injection, with labs
• Deep Web
  • I know nothing about the dark web but I think I might be all over it
  • should i ship to my house
  • Is there an onion version of Bedpage?
  • How to access a website that gives me a timeout error on Tor Browser?
• Technical Information Security Content & Discussion
  • Cisco advisory: Reports about bad Actors Hiding in Router Firmware
  • How to get persistent reverse shell from Android app without visible permissions to DoS device
  • NoSQL injection techniques & labs
  • Getting RCE in Chrome with incorrect side effect in the JIT compiler
  • Chalk - Total visibility of your software engineering lifecycle
  • A Deep Dive into Brute Ratel C4 payloads – Part 2
• Krebs on Security
  • ‘Snatch’ Ransom Group Exposes Visitor IP Addresses
• Information Security
  • Hi, I’m Matteo Malvica, senior content developer at OffSec. I’m doing an AMA on Thursday, September 28th from 12 - 2 pm EDT. Ask me Anything about Exploit Development.
  • How do you typically verify the authenticity of websites before entering personal information or making online transactions?
• Il Disinformatico
  • Chi c’è nello spazio? Aggiornamento 2023/09/27: 10 persone, nuovo record USA di durata
• Social Engineering
  • What’s technique name where someone finishes your sentence?
  • Authenticity and walls
  • Identifying whether a belief is a description of reality or a description of the individual.
  • Techniques for extracting social utility
• Pentestmag
  • Efficient Reconnaissance with BBRF: Organizing Enumeration
• 安全419
  • 万径安全CTO姬锦坤：Yak已走完万里长征上的一小步路 未来将不负众望
  • 亚马逊云科技：让数据安全释放价值 是企业的首要工作
  • 提升云上数据的安全性已成为组织的迫切需求
• Penetration testing Archives - MDSec
  • Nighthawk 0.2.6 – Three Wise Monkeys
• Yoroi Warning Archive Feed
  • Warning: Vulnerabilità su NAGIOS XI Network
• KitPloit - PenTest Tools!
  • WMIExec - Set Of Python Scripts Which Perform Different Ways Of Command Execution Via WMI Protocol
• Security Affairs
  • Russian zero-day broker is willing to pay $20M for zero-day exploits for iPhones and Android devices
  • China-linked APT BlackTech was spotted hiding in Cisco router firmware
  • Watch out! CVE-2023-5129 in libwebp library affects millions applications
  • DarkBeam leaks billions of email and password combinations
  • ‘Ransomed.vc’ in the Spotlight – What is Known About the Ransomware Group Targeting Sony and NTT Docomo
  • Top 5 Problems Solved by Data Lineage