Frequent verification codes may appear for non-Mainland China IP visits. If visitors are severely affected, please send [IP|ASN](|AS14618) to the bottom mailbox to add to the whitelist


2022-12-02 19:25   Analysis of APT-C-60 Attack on South Korea    #alienvault #威胁情报 The APT-C-60 cyber-attack group has targeted targets in South Korea, Germany, and China, and is believed to be targeting politicians related to the 2022 Pyeong Chang Peace Forum. Two-time nodes of this attack: an attack on the politicians related to the 2022 Pyeong Chang Peace Forum in early Februar

2022-12-02 18:34   Fake Cryptocurrency Applications Serving as Front for AppleJeus Malware    #alienvault #威胁情报 In February 2021, CISA published an advisory concerning the AppleJeus malware. The advisory describes the variants observed from 2018 to 2021. Volexity has identified a similar campaign taking place between June and October 2022 using new variants of AppleJeus. The campaign from June 2022 follows th

2022-12-02 16:02   Operation(верность)mercenary:陷阵于东欧平原的钢铁洪流    #奇安信威胁情报中心 #威胁情报 奇安信威胁情报中心一直在对俄语威胁者以及活跃的地下论坛保持高强度的跟踪,最近我们观察到闻名全球的Conti Group在这半年内使用Exchange漏洞对风险投资公司、奢侈品企业、芯片制造业、外企合资制造业发起定向性攻击活动,这些被攻击的企业都有一个共同的特点:“富有”。除了Conti Group,我们也观察到其他俄语威胁者通过爆破主流数据库或者利用Nday漏洞的形式植入CobaltStrike或者anydesk远程控制软件,等到时机成熟后下发GlobeImposter或者Leakthemall勒索软件,我们将其命名为BruteSql Group。

2022-12-02 09:00   Microsoft MVP 受賞レポート~活動の一例と悩んだこととは?    #LAC WATCH #威胁情报 デジタルペンテスト部の北原です。 カーネルやハードウェアなどを中心とした、低レイヤに対する攻撃手法の研究を中心とした業務を担当しています。 少し前の話になりますが、2022年9月に、Windows and Devices for ITというカテゴリでMicrosoft MVPを受賞しました。 Microsoft MVP プロフィール 本記事では、これから受賞を目指す人に向けて、Microsoft MVPを受賞するまでに自分ならではの苦労した点と活動内容についてレポートします。 目次 Microsoft MVPとは 受賞カテゴリの

2022-12-02 08:00   Tracking the Vulnerability Weaponization Lifecycle    #recordedfuture #威胁情报 Get ahead of the adversary. Find out how you can proactively identify, track, and prioritize vulnerabilities as they advance in the weaponization lifecycle.

2022-12-02 01:23   New Ransomware Group    #DarkFeed #威胁情报 Data Leak

2022-12-02 00:56   Data Leak    #DarkFeed #威胁情报 Wiesauplast Deutschland

2022-12-02 00:56   Data Leak    #DarkFeed #威胁情报 The Beacon Insurance Company

2022-12-02 00:56   Data Leak    #DarkFeed #威胁情报 Grant & Weber

2022-12-02 00:55   Data Leak    #DarkFeed #威胁情报 RKW Group

2022-12-02 00:53   Data Leak    #DarkFeed #威胁情报 Nissin Foods Do Brasil

2022-12-02 00:42   New Malware Strain Spotted In The Wild    #alienvault #威胁情报 A new malware strain named DuckLogs is emerging in the wild, according to Cyble Research and Intelligence Labs (CRIL). DuckLogs is a unique combination of Stealer, Keylogger, and Clipper malware bundled into one malicious software package available in cybercrime forums for a relatively low price, ma

2022-12-02 00:00   Operation(верность)mercenary:陷阵于东欧平原的钢铁洪流    #奇安信威胁情报中心 #威胁情报 奇安信威胁情报中心一直在对俄语威胁者以及活跃的地下论坛保持高强度的跟踪,最近我们观察到闻名全球的Conti Group在这半年内使用Exchange漏洞对风险投资公司、奢侈品企业、芯片制造业、外企合资制造业发起定向性攻击活动,这些被攻击的企业都有一个共同的特点:“富有”。除了Conti Group,我们也观察到其他俄语威胁者通过爆破主流数据库或者利用Nday漏洞的形式植入CobaltStrike或者anydesk远程控制软件,等到时机成熟后下发GlobeImposter或者Leakthemall勒索软件,我们将其命名为BruteSql Group。

2022-12-01 23:47   Vulnerability Spotlight: Lansweeper directory traversal and cross-site scripting vulnerabilities    #Talos #威胁情报 Marcin ‘Icewall’ Noga of Cisco Talos discovered these vulnerabilities.Cisco Talos recently discovered several directory traversal and cross-site scripting vulnerabilities in Lansweeper.Lansweeper is an IT Asset Management solution that gathers hardware and software information of compu

2022-12-01 22:23   BlackCat    #DarkFeed #威胁情报 pro office Büro + Wohnkultur GmbH