Aggregator

自动化爬虫介绍什么是自动化爬虫 1. 爬虫主要可以分为协议爬虫和自动化爬虫 2. 协议爬虫：模拟发送数据

APT-C-56（透明部落）针对Linux系统的DISGOMOJI变体攻击活动分析；Stealth Falcon 组织利用微软 WebDAV 0day 漏洞开展间谍活动；Bitter 使用定制工具逃避复杂攻击检测

Australian Securities Commission Says HSBC Ignored Repeated Internal Warnings
Some lessons come with a price. The recent lawsuit against HSBC by the Australian Securities and Investments Commission claims the bank prioritized profits over customer safety. Despite repeated internal warnings from its own fraud experts, HSBC failed to act.

Hackers Use TeamFiltration Penetration Testing Tool
A threat actor is using the password spraying feature of the TeamFiltration pentesting tool to launch attacks against Microsoft Entra accounts - and finding success. The threat actor has targeted more than 80,000 user accounts across roughly 100 cloud tenants.

300-Person Acquisition Expands Managed Services, Adds Legal and Forensics Expertise
The acquisition of Aon’s 300-person cyber unit enhances LevelBlue’s incident response and managed security services. It brings legal experience, global coverage and new law firm partnerships to strengthen its channel strategy and customer support, said CEO Bob McCullen.

Multi-Line Insurance Company Warns Customers of Potential Scams
Erie Indemnity Corp., which offers a wide range of insurance including Medicare supplements and cyber coverage, has notified the U.S. Securities and Exchange Commission that it has been responding to a cyber incident since last weekend. The company is also warning customers of potential scams.

WhatsApp CEO Says UK Request Sets "Dangerous Precedent"
Instant messaging app WhatsApp is seeking to join Apple's legal battle with the U.K. government over end-to-end encryption. Apple is challenging a Home Office order requiring the device maker to provide law enforcement with unencrypted copies of customer data.

HackerNews 编译，转载请注明出处： 网络安全监督组织公民实验室（Citizen Lab）披露，美国监控公司Paragon制造的间谍软件近期锁定了第二名意大利记者，这使已导致意大利总理焦尔吉娅·梅洛尼政府与Paragon终止合作的监控丑闻再添新疑点。 公民实验室在周四发布的报告中指出，调查记者西罗·佩莱格里诺（Ciro Pellegrino）的iPhone存在遭Paragon精密间谍软件攻击的证据。佩莱格里诺供职于网络媒体Fanpage，该媒体主编弗朗切斯科·坎切拉托（Francesco Cancellato）此前已公开表示，他是2025年1月收到WhatsApp间谍软件攻击警报的数十名用户之一。 Fanpage持续发布针对梅洛尼政府的批评性报道，尤其曾揭露其政党青年分支与新纳粹活动关联的独家新闻。该媒体记者遭监控的指控在意大利国内引发巨大争议。本周一，意大利政府与Paragon宣布终止合作，但双方对解约责任各执一词。 面对质询，Paragon援引其向以色列媒体《国土报》提供的声明称，曾向意大利当局提供验证系统是否被滥用的方案，但遭政府拒绝。 意大利政府未回应路透社就公民实验室报告提出的置评请求。佩莱格里诺在那不勒斯通过短信向路透社表示，发现自己成为间谍软件目标的感觉“极其可怕”，并强调手机是“存储个人健康数据、新闻来源等一切信息的生命黑匣子”。 意大利议会安全委员会（COPASIR）6月9日报告称，情报部门曾在执法工作中使用Paragon工具截获移民海上救援活动人士的通信，但“未发现针对Fanpage主编坎切拉托实施监控的证据”。人权组织“现在访问”（Access Now）高级律师纳塔利娅·克拉皮瓦指出：“佩莱格里诺的受害事实，严重质疑了议会调查的充分性。”该委员会未回应质询，仅表示保留进一步调查权。 公民实验室报告同时提到一名遭Paragon间谍软件攻击的欧洲记者（匿名），但以“保护隐私”为由拒绝透露其身份及攻击细节。       消息来源： cybernews； 本文由 HackerNews.cc 翻译整理，封面来源于网络； 转载请注明“转自 HackerNews.cc”并附上原文

HackerNews 编译，转载请注明出处： 美国主要财产保险公司伊瑞保险（Erie Insurance）近日向监管机构及客户通报了一起网络安全事件及相关网络瘫痪。作为财富500强企业，该公司拥有超7000名员工和14000名代理人，其母公司伊瑞赔偿公司（Erie Indemnity Company）去年营收近40亿美元，目前持有超600万份有效保单。 然而，该公司昨日警告客户称，因上周六（6月7日）确认的“信息安全事件”导致“持续网络瘫痪”。公司官网公告声明： “6月7日星期六，伊瑞保险信息安全团队发现异常网络活动。我们立即采取行动应对此情况以保护系统和数据。自周六起，我们持续实施防护措施保障系统安全。 停电期间，伊瑞保险不会致电或发送电子邮件要求客户付款。最佳做法是：勿点击未知来源链接，勿通过电话或电子邮件提供个人信息。” 后一项提示表明，该公司担忧网络犯罪分子可能已获取客户数据，或正利用本次事件发起钓鱼攻击。 美国证券交易委员会文件显示，除已通报执法部门及正在执行事件响应协议外，暂无其他进展说明： “公司持续采取防护措施，并在领先第三方网络安全专家协助下开展全面的取证分析，以彻底查明事件全貌。鉴于事件发生时间较短，调查与响应仍在进行中，事件完整范围、性质及最终影响尚不明确。” 尽管具体细节未明，此次网络瘫痪极可能是该公司为遏制攻击影响范围而主动采取的隔离措施。鉴于保险公司持有大量敏感客户数据，它们已成为网络攻击的高频目标。       消息来源： infosecurity-magazine； 本文由 HackerNews.cc 翻译整理，封面来源于网络； 转载请注明“转自 HackerNews.cc”并附上原文

A vulnerability has been found in Moodle and classified as critical. This vulnerability affects unknown code of the component Badge Recipient Handler. The manipulation leads to improper control of resource identifiers. This vulnerability was named CVE-2024-48900. The attack can be initiated remotely. There is no exploit available.

A vulnerability, which was classified as problematic, was found in PeoplePond Plugin up to 1.1.9 on WordPress. This affects an unknown part of the component Setting Handler. The manipulation leads to cross-site request forgery. This vulnerability is uniquely identified as CVE-2024-8085. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability was found in Widgets Reset Plugin up to 0.1 on WordPress. It has been declared as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to cross-site request forgery. This vulnerability is known as CVE-2024-8082. The attack can be launched remotely. There is no exploit available.

A vulnerability has been found in WP-FeedStats events-calendar Plugin up to 1.0.4 on WordPress and classified as problematic. Affected by this vulnerability is an unknown functionality of the component Setting Handler. The manipulation leads to cross site scripting. This vulnerability is known as CVE-2024-8701. The attack can be launched remotely. There is no exploit available.

A vulnerability was found in CYAN Backup Plugin up to 2.5.2 on WordPress. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component Setting Handler. The manipulation leads to cross site scripting. This vulnerability is known as CVE-2024-9662. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic was found in CYAN Backup Plugin up to 2.5.2 on WordPress. Affected by this vulnerability is an unknown functionality of the component Setting Handler. The manipulation leads to cross site scripting. This vulnerability is known as CVE-2024-9663. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, was found in AI ChatBot for WordPress Plugin up to 6.2.3 on WordPress. This affects an unknown part of the component Setting Handler. The manipulation leads to cross site scripting. This vulnerability is uniquely identified as CVE-2025-0329. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Taskbuilder Plugin up to 3.0.8 on WordPress. It has been classified as critical. Affected is an unknown function. The manipulation leads to sql injection. This vulnerability is traded as CVE-2024-9831. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Auto Affiliate Links Plugin up to 6.4.6 on WordPress. It has been declared as critical. Affected by this vulnerability is an unknown functionality. The manipulation leads to sql injection. This vulnerability is known as CVE-2024-9838. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Melapress File Monitor Plugin up to 2.1.0 on WordPress. It has been rated as critical. Affected by this issue is some unknown functionality. The manipulation leads to sql injection. This vulnerability is handled as CVE-2024-9879. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Badgearoo Plugin up to 1.0.14 on WordPress and classified as problematic. Affected by this vulnerability is an unknown functionality of the component Setting Handler. The manipulation leads to cross site scripting. This vulnerability is known as CVE-2025-1033. The attack can be launched remotely. There is no exploit available.