Aggregator

GreyNoise added a number of exciting updates in April, including 20 new tags for users to monitor emerging vulnerabilities and threats, and identify benign actors. We’ve also added integration updates to support our new IP Similarity and Timeline features, and enhancements to the IP Similarity capability to improve accuracy and give users a summary view to easily understand similar IP infrastructure.

PaperCut MF SetupCompleted 远程命令执行漏洞 CVE-2023-27350

Threat Analysis Group shares their Q1 2023 bulletin.

1.

0x01

The findings hint at potential solutions for safer equipment.

无论你的动机是什么，最好的状态是考证是为了增加知识面和广度，让自己能学到东西又能证明自己。不要迷恋证书，不要

温故而知新。

On Monday, May 1, 2023, CISA added CVE-2021-45046, CVE-2023-21839, and CVE-2023-1389 to the Known Exploited Vulnerabilities (KEV) list. For all three CVEs, GreyNoise users had visibility into which IPs were attempting mass exploitation prior to their addition to the KEV list.

Apache Superset SECRET_KEY 未授权访问漏洞 CVE-2023-27524

filetime时间戳是Windows中使用最广泛的时间格式，回收站中记录的文件删除时间，快捷方式文件中记录的文档打开时间，都是这种格式。

xscan发布后，已经有不少人获得了赏金了一个xss奖金将近5000CNY，加入星球找到一个就回本，甚至有2

好久不见。 在汹涌而至的技术变革下，大家还好吗？有受

好久不见。 在汹涌而至的技术变革下，大家还好吗？有受