Aggregator

Matrix 首页推荐 Matrix 是少数派的写作社区，我们主张分享真实的产品体验，有实用价值的经验与思考。我们会不定期挑选 Matrix 最优质的文章，展示来自用户的最真实的体验和观点。 文章

部分成人网站利用SVG图像嵌入恶意代码劫持用户Facebook账户并点赞广告；SVG允许嵌入脚本使攻击更隐秘；安全公司已开始拦截相关脚本。

第三届全国大学生开源情报数据采集与分析大赛开始报名啦！提供免费培训。

一、摘要印度的国家安全框架以复杂且多层次的情报架构为基础，由一系列职责各异的机构组成。

HackerNews 编译，转载请注明出处： 一种新型攻击技术可操控全球数千台公共域控制器（DC）组建恶意僵尸网络，用于发动高威力分布式拒绝服务（DDoS）攻击。该技术被SafeBreach研究人员奥尔·亚伊尔（Or Yair）和沙哈克·莫拉格（Shahak Morag）命名为Win-DDoS，并于今日在DEF CON 33安全大会上公布研究成果。 亚伊尔和莫拉格在报告中指出：“分析Windows轻量级目录访问协议（LDAP）客户端代码时，我们发现其转介流程存在重大缺陷。攻击者可操纵该流程，诱导域控制器向目标服务器发送海量请求致其瘫痪。”他们进一步解释：“由此开发的Win-DDoS技术，能让黑客无需任何成本且不留痕迹地操控全球数万台公共域控制器，组建具备巨大算力和带宽的恶意僵尸网络。” 攻击核心机制 该技术无需代码执行或凭证即可将域控制器转化为DDoS武器，使Windows平台同时成为受害者和攻击载体。攻击流程分为四步： 攻击者向域控制器发送RPC调用，触发其成为CLDAP客户端； 域控制器向攻击者的CLDAP服务器发送请求，服务器返回转介响应，指示域控制器切换至TCP协议连接攻击者的LDAP服务器； 域控制器通过TCP向攻击者的LDAP服务器发送查询； 攻击者的LDAP服务器返回包含超长转介URL列表的响应，所有URL均指向目标服务器的同一IP和端口。 研究人员说明：“当TCP连接因目标服务器过载而中断后，域控制器会继续访问列表中指向同一服务器的下一个URL。此过程循环直至遍历完整个列表，形成创新的Win-DDoS攻击链。” 技术优势与危害 Win-DDoS的核心威胁在于其具备高带宽攻击能力，且攻击者无需购买专用基础设施或入侵设备，可完美隐藏行踪。深入分析LDAP客户端转介流程还发现： 利用转介列表长度无限制及堆内存未释放的设计缺陷，发送超长列表可导致LSASS服务崩溃、系统重启或触发蓝屏死机（BSoD）； 处理客户端请求的传输无关代码中存在三个新型零点击、无需认证的拒绝服务（DoS）漏洞，可瘫痪域控制器； 另有一个漏洞允许域内任何认证用户崩溃域控制器或Windows主机。 相关漏洞清单 研究披露的四项漏洞均属“不受控资源消耗”类型： CVE-2025-26673（CVSS 7.5）：Windows LDAP服务漏洞，未授权攻击者可实施网络级拒绝服务（2025年5月修复） CVE-2025-32724（CVSS 7.5）：Windows LSASS服务漏洞，未授权攻击者可实施网络级拒绝服务（2025年6月修复） CVE-2025-49716（CVSS 7.5）：Windows Netlogon服务漏洞，未授权攻击者可实施网络级拒绝服务（2025年7月修复） CVE-2025-49722（CVSS 5.7）：Windows打印后台程序漏洞，相邻网络认证攻击者可实施拒绝服务（2025年7月修复） 打破安全假设 这些发现与今年1月披露的LdapNightmare漏洞（CVE-2024-49113）共同揭示：Windows系统存在可瘫痪企业运营的盲点。研究人员强调：“这些漏洞均为零点击、无需认证型，攻击者能远程崩溃公开暴露的系统。即使仅获得内部网络最低权限，也能对私有基础设施造成同等破坏。”他们总结：“研究颠覆了企业威胁建模的两大常见假设：拒绝服务风险仅影响公共服务；内部系统在完全失陷前不会被滥用。这对企业韧性建设、风险模型和防御策略具有重大意义。”       消息来源：thehackernews； 本文由 HackerNews.cc 翻译整理，封面来源于网络； 转载请注明“转自 HackerNews.cc”并附上原文

本文介绍了HTTP错误代码521的含义、常见原因及解决方法，并提供了预防措施以避免该问题再次发生。

A vulnerability, which was classified as problematic, has been found in vim up to 9.0.1377. This issue affects some unknown processing. The manipulation leads to incorrect calculation of buffer size. The identification of this vulnerability is CVE-2023-1175. It is possible to launch the attack on the local host. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in icret easyimages2 up to 2.6.6. It has been classified as problematic. This affects an unknown part. The manipulation leads to cross site scripting. This vulnerability is uniquely identified as CVE-2023-1181. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Linux Kernel 6.1-rc2 and classified as problematic. Affected by this vulnerability is the function reconn_set_ipaddr_from_hostname of the file fs/cifs/connect.c. The manipulation leads to use after free. This vulnerability is known as CVE-2023-1195. It is possible to launch the attack on the local host. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, was found in Kubernetes minikube up to 1.28.0. This affects an unknown part of the component Network Port Handler. The manipulation leads to use of hard-coded password. This vulnerability is uniquely identified as CVE-2023-1174. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, has been found in GitLab Community Edition and Enterprise Edition. Affected by this issue is some unknown functionality of the component Installation Handler. The manipulation leads to insufficient verification of data authenticity. This vulnerability is handled as CVE-2023-1178. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in GitLab Enterprise Edition and classified as critical. Affected by this issue is some unknown functionality. The manipulation leads to improper authorization. This vulnerability is handled as CVE-2023-1167. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, has been found in vim up to 9.0.1375. This issue affects some unknown processing. The manipulation leads to heap-based buffer overflow. The identification of this vulnerability is CVE-2023-1170. An attack has to be approached locally. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, has been found in Wireshark up to 3.6.11/4.0.3. This issue affects some unknown processing of the component ISO 15765 Dissector. The manipulation leads to denial of service. The identification of this vulnerability is CVE-2023-1161. The attack may be initiated remotely. There is no exploit available.

A vulnerability classified as very critical has been found in Biosig libbiosig 2.5.0. Affected is an unknown function of the component BrainVision ASCII Header Parser. The manipulation leads to double free. This vulnerability is traded as CVE-2024-23809. It is possible to launch the attack remotely. There is no exploit available.

火狐浏览器新增基于AI的选项卡组管理功能，默认开启后会消耗大量CPU资源，导致设备卡顿和续航时间下降。用户反馈强烈批评该功能占用过多硬件资源且实用性有限。Mozilla目前尚未修复此问题。