From 63429e8b18e2b33547952f888144593652bf0e6c Mon Sep 17 00:00:00 2001 From: ubuntu-master <204118693@qq.com> Date: Fri, 29 Aug 2025 00:00:01 +0800 Subject: [PATCH] =?UTF-8?q?=E6=9B=B4=E6=96=B0?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- results/2025-08-28.md | 51 ++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 50 insertions(+), 1 deletion(-) diff --git a/results/2025-08-28.md b/results/2025-08-28.md index f982583..afa9b0a 100644 --- a/results/2025-08-28.md +++ b/results/2025-08-28.md @@ -3,7 +3,7 @@ > 本文由AI自动生成,基于对安全相关仓库、CVE和最新安全研究成果的自动化分析。 > -> 更新时间:2025-08-28 18:45:48 +> 更新时间:2025-08-28 21:23:54 @@ -34,6 +34,10 @@ * [java审计之下载漏洞获取到的代码如何断点调试](https://mp.weixin.qq.com/s?__biz=MzU0MTc2NTExNg==&mid=2247492827&idx=1&sn=fd8a45d9224b0dc0f0f4347fbdd3b3b1) * [网络安全脱钩!微软停止向中国网络安全公司发送漏洞预警情报|重拳打击电诈,美国将1200家语音服务提供商踢出电话网络](https://mp.weixin.qq.com/s?__biz=MzAxMjE3ODU3MQ==&mid=2650612033&idx=2&sn=e9385f7d347ea07c07fca67621570c43) * [遗忘的子域名 = 1000 美元 “AWS 入侵” 漏洞赏金](https://mp.weixin.qq.com/s?__biz=MzkwOTE5MDY5NA==&mid=2247507448&idx=1&sn=90dfb0905b145cd3f2d243ff8d8ae4c2) +* [记一次hw中用到的某云waf绕过技巧](https://mp.weixin.qq.com/s?__biz=Mzg2ODYxMzY3OQ==&mid=2247519724&idx=1&sn=18fd31ff977c2f9b88fb4a4f385da709) +* [成功复现Apache Druid服务端请求伪造漏洞CVE-2025-27888](https://mp.weixin.qq.com/s?__biz=MzU2NDgzOTQzNw==&mid=2247503578&idx=1&sn=60ffc56465256fafbc8fcbd788338bc6) +* [安全圈腾讯云曝严重安全漏洞重要长期暴露公网](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652071426&idx=1&sn=28a54bc37540f152d54801c177828c73) +* [论文速读| LLM-GUARD:基于大语言模型的 C++ 和 Python 中的错误和安全漏洞的检测和修复](https://mp.weixin.qq.com/s?__biz=MzkzNDUxOTk2Mw==&mid=2247496946&idx=1&sn=ac3383562b3dd703bc22bf2a400797f5) ### 🔬 安全研究 @@ -56,6 +60,9 @@ * [智慧医疗分级评价方法及标准(2025版)](https://mp.weixin.qq.com/s?__biz=MjM5OTk4MDE2MA==&mid=2655290321&idx=6&sn=77689ad6b6450d6dd1dbbc6b55ada5b6) * [主题发布 | CCS2025 成都网络安全技术交流活动主题正式公布 诚邀各方参与 共启数字安全新征程!](https://mp.weixin.qq.com/s?__biz=MzkwMjI2MDQwMA==&mid=2247486788&idx=1&sn=5a9d3918ac089dc0d7083ec957670f89) * [油猴脚本助力Google搜索:高效收集与批量链接打开方法](https://mp.weixin.qq.com/s?__biz=MzIxOTM2MDYwNg==&mid=2247517784&idx=1&sn=dbacd1184407a50397c5856f64ad9e4c) +* [强化学习新视角:从贝尔曼方程到TD方法的深度解析](https://mp.weixin.qq.com/s?__biz=MzU1ODEzNjI2NA==&mid=2247574689&idx=1&sn=5a1ddb04c152b73aae01b9f38504c559) +* [奇安信科技:网络安全厂商结合网联汽车趋势的战略布局研究](https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247626967&idx=1&sn=241a33d55cd65d50f1b2c94f2891f6bd) +* [汽车电子通信的安全技术运用分析](https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247626967&idx=3&sn=a1cadbb4fd385c6c0c0890e26203fc16) ### 🎯 威胁情报 @@ -72,6 +79,11 @@ * [黑客从0到大师?网安开学领跑福利限时返厂!](https://mp.weixin.qq.com/s?__biz=MzUyODkwNDIyMg==&mid=2247551534&idx=1&sn=dfb552a395ad60ec8e664091cbc31ee3) * [朝鲜黑客组织Kimsuky再出手:韩国政府、 telecom公司遭精准攻击,敏感数据恐外泄](https://mp.weixin.qq.com/s?__biz=Mzg3OTYxODQxNg==&mid=2247486636&idx=1&sn=d4e4592b261541c865ac056c252c4997) * [谷歌“参军”,拟成立攻击性网络部门](https://mp.weixin.qq.com/s?__biz=MzkxNTI2MTI1NA==&mid=2247503982&idx=2&sn=7f51eacd8468dc3577f62b8c77af9ea5) +* [第132篇:SolarWinds供应链攻击补充——Sunburst后门通信全貌揭秘](https://mp.weixin.qq.com/s?__biz=MzkzMjI1NjI3Ng==&mid=2247487696&idx=1&sn=fd9d7dfc401acb463c83b120299f9271) +* [安全圈瑞典多家市政及地区系统因网络攻击瘫痪](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652071426&idx=2&sn=32b5003b655d145e6127f1516d0c2933) +* [安全圈美国著名公关公司 Singer Associates遭Qilin攻击](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652071426&idx=4&sn=145c41f7a5117924be43bad4b4a84d08) +* [史上首例:NPM 包 Nx 被投毒,开发人员遭AI软件供应链攻击](https://mp.weixin.qq.com/s?__biz=MzI2NTg4OTc5Nw==&mid=2247523916&idx=3&sn=29b31c8a9b1792e1c24850fd823d82ea) +* [IT 系统供应商遭攻击,瑞典200多个城市受影响](https://mp.weixin.qq.com/s?__biz=MzI2NTg4OTc5Nw==&mid=2247523916&idx=4&sn=2545e6883f748334fbe02c0061d577ac) ### 🛠️ 安全工具 @@ -85,6 +97,9 @@ * [EDUSRC某大学虚拟仿真实验平台渗透测试](https://mp.weixin.qq.com/s?__biz=Mzk0Mzc1MTI2Nw==&mid=2247496046&idx=1&sn=0c49498138fa357ec37fb5e96053dfeb) * [原厂编制 | 上海中级渗透测试工程师](https://mp.weixin.qq.com/s?__biz=MzUyODkwNDIyMg==&mid=2247551534&idx=2&sn=f952b403fe73bd953632080761ec3a82) * [带你解锁编码新世界!-随波逐流CTF编码工具使用教程126 -Fernet密码](https://mp.weixin.qq.com/s?__biz=MzU2NzIzNzU4Mg==&mid=2247491069&idx=1&sn=876e7000d6e11af31978d8c04fa08039) +* [Java 代码审计(三)Java漏代码审计专项](https://mp.weixin.qq.com/s?__biz=MzkwMjI2OTc3MQ==&mid=2247488724&idx=1&sn=adb7bc1284610ea5867637bbb665ce59) +* [AWS EKS集群中Pod权限审计方法](https://mp.weixin.qq.com/s?__biz=MzkyOTQ4NTc3Nw==&mid=2247485696&idx=1&sn=77033d7595aafe6f37d1396e140dfc6b) +* [Shadowrend 斩影 1.0 — 一个集成AI大模型的渗透测试框架](https://mp.weixin.qq.com/s?__biz=MzkwMDMwNDgwNQ==&mid=2247485878&idx=1&sn=30f2873daaecb113fe70dfee6d6ded1b) ### 📚 最佳实践 @@ -107,6 +122,8 @@ * [医院网络安全运营能力成熟度评估指南](https://mp.weixin.qq.com/s?__biz=MjM5OTk4MDE2MA==&mid=2655290321&idx=8&sn=416cbc8c7975f360a643be4ec83f264d) * [2025年成都车展展前指南](https://mp.weixin.qq.com/s?__biz=MzkyOTMwMDQ5MQ==&mid=2247520420&idx=1&sn=c1c5219c9da7c4f66f99d2249c8c0bd2) * [数字身份指南](https://mp.weixin.qq.com/s?__biz=MzkzMjcxOTk4Mg==&mid=2247485511&idx=1&sn=441b3db5c90641dccccd7d473c576b86) +* [等级保护2.0解读|安全建设管理的7大核心要点刨析](https://mp.weixin.qq.com/s?__biz=MzUyMjAyODU1NA==&mid=2247492525&idx=1&sn=797d2c26f80d65c438788440193fd0cb) +* [案例精选 | 某省级水电工程局“日志+流量”协同安全运营体系建设实践](https://mp.weixin.qq.com/s?__biz=MzIzMDQwMjg5NA==&mid=2247507933&idx=1&sn=b6335c9ab79e49200c21a345b4ec3417) ### 🍉 吃瓜新闻 @@ -127,6 +144,12 @@ * [2025中国网络安全企业100强、新势力30强发布!](https://mp.weixin.qq.com/s?__biz=MzkzMDE5MDI5Mg==&mid=2247509504&idx=1&sn=f06eb6021ed05cb88baa9e02b2594881) * [会议预告|第三届“数据要素流通与安全”学术会议通知(8月30日-9月1日 上海)](https://mp.weixin.qq.com/s?__biz=MzI1MjAyMTg1Ng==&mid=2650471658&idx=1&sn=50b657e4494e111ee092616650664bf1) * [中国联通广西壮族自治区分公司社会招聘公告(网络安全岗)](https://mp.weixin.qq.com/s?__biz=Mzg3MzE4ODU4Nw==&mid=2247483883&idx=1&sn=a4b261616c56b39613c35fdb8489baf8) +* [中国民企500强出炉!看看你的所在省份有多少企业上榜(附榜单)](https://mp.weixin.qq.com/s?__biz=MzIwNDYzNTYxNQ==&mid=2247503840&idx=1&sn=6ec9f2a988ec16a5a72a3e466ce4c828) +* [资讯最高人民法院首次发布数据权益司法保护专题指导性案例(附答记者问)](https://mp.weixin.qq.com/s?__biz=MzU1NDY3NDgwMQ==&mid=2247555302&idx=1&sn=5014f9dede35c06cc1c2e66f04040db3) +* [启信宝数据透视:长三角文旅顶流!湖州休闲旅游产业链企业超4000家](https://mp.weixin.qq.com/s?__biz=MzAxMzg0NjY2NA==&mid=2247493515&idx=1&sn=fc4346f1c6abcb5a8cf4709c096fbc03) +* [合合信息与南京大学苏州校区成功举办2025企业嘉年华](https://mp.weixin.qq.com/s?__biz=MzAxMzg0NjY2NA==&mid=2247493515&idx=2&sn=20e328ad5c458169290d29e5676f029a) +* [数博会2025: 360提出“以模制模”新范式,破解AI领域关键数据安全难题](https://mp.weixin.qq.com/s?__biz=MzA4MTg0MDQ4Nw==&mid=2247581780&idx=1&sn=a3783acdeb6b62a0c8d81ab34aa8d461) +* [首个AI 驱动勒索软件 PromptLock 瞄准 Windows、Linux 和 macOS](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458599064&idx=3&sn=fdefaddfd3b802ea5ff10a9a9f05d65b) ### 📌 其他 @@ -194,6 +217,32 @@ * [招聘平安银河实验室招人啦(大模型安全方向),可内推~](https://mp.weixin.qq.com/s?__biz=Mzg5MjkwODc4MA==&mid=2247487169&idx=1&sn=a986b19cad253cb184230b0c978b8d0a) * [标准三层网络里,汇聚层和核心层交换机到底差在哪?这四点最重要!](https://mp.weixin.qq.com/s?__biz=MzIyMzIwNzAxMQ==&mid=2649470428&idx=1&sn=b744d5d3f2b9e3cbb16602ab44002aa5) * [Wireshark & Packetdrill | TCP FRTO](https://mp.weixin.qq.com/s?__biz=MzA5NTUxODA0OA==&mid=2247493521&idx=1&sn=6d60c464d48b561f90ed96596d43d13c) +* [国务院关于深入实施“人工智能+”行动的意见](https://mp.weixin.qq.com/s?__biz=MzkyMDMwNTkwNg==&mid=2247487828&idx=1&sn=a9f3096cdb976921585657c98d9847c7) +* [UNC2891银行劫案:从ATM物理后门到Linux反取证的攻防博弈](https://mp.weixin.qq.com/s?__biz=MzAxODA3NDc3NA==&mid=2247485654&idx=1&sn=c8db148b36f846eb694b60aabae8d1b6) +* [学吧 学无止境 太深了](https://mp.weixin.qq.com/s?__biz=Mzg2ODYxMzY3OQ==&mid=2247519724&idx=2&sn=d7dc5ff9babf5954ea44712c9734d9c4) +* [内网对抗穿透之隧道转发及突破系统防火墙限制](https://mp.weixin.qq.com/s?__biz=MzI0MzM3NTQ5MA==&mid=2247484737&idx=1&sn=0c2b2a3b8859c9129071bbf82436a3ff) +* [G.O.S.S.I.P 阅读推荐 2025-08-28 TETD](https://mp.weixin.qq.com/s?__biz=Mzg5ODUxMzg0Ng==&mid=2247500618&idx=1&sn=1e6e1caf18e553da07aa26c61bde1a7b) +* [早有耳闻的免杀思路—垃圾AV覆盖Defender](https://mp.weixin.qq.com/s?__biz=MzkxNzY0MzE2NQ==&mid=2247484022&idx=1&sn=d3de93261190a81516cfa3f4fab94d30) +* [美团 M17 团队开源 Meeseeks 评测集:揭秘大模型的 “听话”能力](https://mp.weixin.qq.com/s?__biz=MjM5NjQ5MTI5OA==&mid=2651781354&idx=1&sn=437c965fefdad34bfaedfc74f0071d62) +* [官宣 | 快手向量化引擎Auron 正式加入Apache孵化器](https://mp.weixin.qq.com/s?__biz=Mzg2NzU4MDM0MQ==&mid=2247497310&idx=1&sn=685f8970aa1874ba431a267e05962dba) +* [为什么建议尝试用 Podman Compose 来替换 Docker Compose](https://mp.weixin.qq.com/s?__biz=MzU2MjU2MzI3MA==&mid=2247484801&idx=1&sn=3039eedf840066a73e8325551d4ef715) +* [赛博菩萨CloudFlare:免费CDN不靠谱?](https://mp.weixin.qq.com/s?__biz=MzU2MjU2MzI3MA==&mid=2247484801&idx=2&sn=73877a6c82bee7744117bd66e34af5b9) +* [一款 AI 驱动的开源知识库搭建系统](https://mp.weixin.qq.com/s?__biz=MzU2MjU2MzI3MA==&mid=2247484801&idx=3&sn=24f684d9d7807742f1f75f5f6a7aa5ef) +* [新态势·新实战 | CSOP 2025 网络安全运营实战大会上海站圆满举行](https://mp.weixin.qq.com/s?__biz=MzI5NjA0NjI5MQ==&mid=2650184535&idx=1&sn=71cdc2586c572d741f5c407d789d707b) +* [智能网联汽车 SOME/IP 在线实战培训课程 2025](https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247626967&idx=2&sn=4f3f2e2fc775d9e0da1afa275f2d8dba) +* [到底是什么让网络安全从业者“夜不能寐”?](https://mp.weixin.qq.com/s?__biz=MzU5ODgzNTExOQ==&mid=2247643036&idx=1&sn=a479af63708f7a411f44fe32286ae666) +* [8月信贷欺诈月报|非法代理维权已扩展至车贷领域、非法解除限高手法频出](https://mp.weixin.qq.com/s?__biz=MzU5ODgzNTExOQ==&mid=2247643036&idx=2&sn=b8105dc870185d578fe8c706b8be0ce1) +* [免费赠送 | 网络安全意识:AI安全海报20幅](https://mp.weixin.qq.com/s?__biz=MzU5ODgzNTExOQ==&mid=2247643036&idx=3&sn=090fee75843078d6293489927c1759e6) +* [安全圈18 亿条 Discord 聊天记录被暗网兜售:付费才能删除?](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652071426&idx=3&sn=c87573fdc5f52e4a9b30d3777fec2457) +* [贵州省委书记徐麟会见出席2025数博会的360集团创始人周鸿祎一行](https://mp.weixin.qq.com/s?__biz=MzA4MTg0MDQ4Nw==&mid=2247581786&idx=1&sn=c5dd9409fb1fdd79944d15977f516ad7) +* [央视|奇安信张庭:这几招让你识破AI视频](https://mp.weixin.qq.com/s?__biz=MzU0NDk0NTAwMw==&mid=2247628814&idx=1&sn=9914d99f45cd36eaac62574840fbf82e) +* [一图读懂奇安信2025年半年报](https://mp.weixin.qq.com/s?__biz=MzU0NDk0NTAwMw==&mid=2247628814&idx=2&sn=bbcac8d8690fa1a50a32fb6a6c23a71e) +* [知道创宇亮相数博会:“安全靶场 X 城市立体防御系统”联合实验室重磅揭牌](https://mp.weixin.qq.com/s?__biz=MjM5NzA3Nzg2MA==&mid=2649872359&idx=1&sn=cbc1b2397dc1d5b3df17bce2084efa79) +* [数博会2025: 360两大智能体蜂群实战引关注 展区热度爆棚!](https://mp.weixin.qq.com/s?__biz=MzA4MTg0MDQ4Nw==&mid=2247581780&idx=2&sn=371383b5af5e29e87bd4de1da4c8961d) +* [股市割韭菜群](https://mp.weixin.qq.com/s?__biz=MzU3MDE2NTU2Mw==&mid=2247484584&idx=1&sn=2df0b7eaf191db0aab7812530912f155) +* [预售中,别再错过!车联网安全赛道爆发,这门实战课帮你抢占先机](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458599064&idx=1&sn=64a772db30c3de8b421d4aece9ec11be) +* [初识白盒AES-含具体实操案例](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458599064&idx=2&sn=bbd2b09c972ce150c2e2b4bf77d5fce5) +* [2025 KCTF 第七题战况 | 共有14支战队成功破解此题](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458599064&idx=4&sn=101d9f1ec89952503c7d2c666ec41768) ## 安全分析 (2025-08-28)