Frequent verification codes may appear for non-Mainland China IP visits. If visitors are severely affected, please send [IP|ASN](|AS14618) to the bottom mailbox to add to the whitelist


dby 00:09   Vulnerability Spotlight: NVIDIA driver memory corruption vulnerabilities discovered    #Talos #威胁情报 Piotr Bania of Cisco Talos discovered these vulnerabilities.Cisco Talos recently discovered two memory corruption vulnerabilities in shader functionality of an NVIDIA driver.NVIDIA Graphics drivers are software for NVIDIA Graphics GPU installed on the PC. They are used to communicate between the ope

dby 23:51   Vice Society: Profiling a Persistent Threat to the Education Sector    #alienvault #威胁情报 Vice Society is a ransomware gang that has been involved in high-profile activity against schools this year. Unlike many other ransomware groups such as LockBit that follow a typical ransomware-as-a-service (RaaS) model, Vice Society’s operations are different in that they’ve been known for using fo

dby 22:00   AndroxGhost – the python malware exploiting your AWS keys    #lacework #威胁情报 Hackers may hijack AWS infrastructure for a number of reasons. However, the most common motives are to facilitate illicit cryptomining or spamming. While cryptomining is more profitable on infrastructure owned by somebody else, the same can also be said for SMTP abuse and spam. Over the past year, n

dby 19:00   Vice Society: Profiling a Persistent Threat to the Education Sector    #unit42 #威胁情报 Vice Society, a ransomware gang, has been involved in high-profile activity against schools this year. The post Vice Society: Profiling a Persistent Threat to the Education Sector appeared first on Unit 42.

dby 17:01   Mustang Panda Uses the Russian-Ukrainian War to Attack Europe and Asia Pacific Targets    #blackberry #威胁情报 APT group Mustang Panda now appears to have Europe and Asia Pacific targets in its sights. The BlackBerry Research and Intelligence team recently unearthed evidence that the group may be using global interest in the Russian-Ukraine war to deliver PlugX malware via phishing lure to unsuspecting users

dby 13:49   Analysis of an Intrusion Campaign Targeting Telco and BPO Companies    #alienvault #威胁情报 In this attack campaign, the adversary demonstrates persistence in trying to gain access to victim environments and performs constant, and typically daily, activity within the target environment once access is gained. It is imperative for organizations to swiftly implement containment and mitigation

dby 13:32   Cranefly: Threat Actor Uses Previously Unseen Techniques and Tools in Stealthy Campaign    #alienvault #威胁情报 Symantec, by Broadcom Software, has discovered a previously undocumented dropper that is being used to install a new backdoor and other tools using the novel technique of reading commands from seemingly innocuous Internet Information Services (IIS) logs. The dropper (Trojan.Geppei) is being used by

dby 08:48   How Hackers Make NFTs Disappear    #checkpoint #威胁情报 Earlier this Fall, some users of the OpenSea trading platform posted dire messages to Twitter: all of the NFTs in their wallets were gone. Thousands of dollars worth of investments had suddenly disappeared. Soon it became clear: they were never getting their money back. This wasn’t just a glitch, it

dby 08:01   Public Report – Confidential Space Security Review    #NCC Group Research #威胁情报 During the summer of 2022, Google engaged NCC Group to conduct a security assessment of the Confidential Space product. The system provides a confidential computing environment that allows cloud customers to run workloads in the cloud that can be attested to run a specific payload with high assuranc

dby 06:12   Exploring Prompt Injection Attacks    #NCC Group Research #威胁情报 Have you ever heard about Prompt Injection Attacks[1]? Prompt Injection is a new vulnerability that is affecting some AI/ML models and, in particular, certain types of language models using prompt-based learning.  This vulnerability was initially reported to OpenAI by Jon Cefalu (May 2022)[2] b

dby 05:33   Blowing Cobalt Strike Out of the Water With Memory Analysis    #alienvault #威胁情报 Cobalt Strike is a clear example of the type of evasive malware that has been a thorn in the side of detection engines for many years. It is one of the most well-known adversary simulation frameworks for red team operations. However, it’s not only popular among red teams, but it is also abused by ma

dby 03:18   Advanced Phishing Campaign Targeting Individuals & Businesses in the Middle East (Part 2)    #alienvault #威胁情报 An advanced phishing campaign targeting Middle East-based companies and their vendors has been uncovered by researchers at CloudSEK, an artificial intelligence (AI) platform in the United Arab Emirates (UAE).

dby 00:18   5th December – Threat Intelligence Report    #checkpoint #威胁情报 For the latest discoveries in cyber research for the week of 5th December, please download our Threat Intelligence Bulletin. Top Attacks and Breaches Cyber criminals who breached Australian Medibank’s systems have released another batch of data onto the dark web, claiming that the files contai

2022-12-05 18:30   Tractors vs. threat actors: How to hack a farm    #welivesecurity(ESET) #威胁情报 Forget pests for a minute. Modern farms also face another – and more insidious – breed of threat.The post Tractors vs. threat actors: How to hack a farm appeared first on WeLiveSecurity