Frequent verification codes may appear for non-Mainland China IP visits. If visitors are severely affected, please send [IP|ASN](3.215.79.68|AS14618) to the bottom mailbox to add to the whitelist

文章列表

2022-06-24 10:27   RCS Labs Spyware vendor targets users in Italy and Kazakhstan. IOS: Use two 0day exploits. Android add package:com.fintur./support report: https://blog.google/threat-analysis-group/italian-spyware-vendor-targets-users-in-italy-and-kazakhstan/ Technical analysis of CVE-2021-30983: https://googleprojectzero.blogspot.com/2022/06/curious-case-carrier-app.html    #[email protected] #社交媒体 RCS Labs Spyware vendor targets users in Italy and Kazakhstan.IOS: Use two 0day exploits.Android add package:com.fintur./supportreport:blog.google/threat-analysis-…Technical analysis of CVE-2021-30983:googleprojectzero.blogspot.c…twitter.com/blackorbird/status/1537618630828953601#m

2022-06-18 15:29   mark    #[email protected] #社交媒体 marktwitter.com/LetsDefendIO/status/1537810563824242695#m

2022-06-17 14:42   Police Linked to Hacking Campaign to Frame Indian Activists #ModifiedElephant New details connect police in India to a plot to plant evidence on victims' computers that led to their arrest. https://www.wired.com/story/modified-elephant-planted-evidence-hacking-police/    #[email protected] #社交媒体 Police Linked to Hacking Campaign to Frame Indian Activists #ModifiedElephant New details connect police in India to a plot to plant evidence on victims' computers that led to their arrest.wired.com/story/modified-ele…twitter.com/blackorbird/status/1492005108195885056#m

2022-06-17 10:10   Android Spyware Deployed in Kazakhstan Package Name: com.xdja.safekeyservice com.xdja.jxclient com.tencent.mobileqq com.vodaservices com/.androidservices.support https://www.lookout.com/blog/hermit-spyware-discovery    #[email protected] #社交媒体 Android Spyware Deployed in KazakhstanPackage Name:com.xdja.safekeyservicecom.xdja.jxclientcom.tencent.mobileqqcom.vodaservicescom/.androidservices.supportlookout.com/blog/hermit-spyw…

2022-06-14 10:45   mark    #[email protected] #社交媒体 marktwitter.com/TomTomjarvis/status/1536116337155637248#m

2022-06-10 14:53   R to @blackorbird: Symbiote uses BPF to hide traffic from someone that investigates an infected machine.    #[email protected] #社交媒体 Symbiote uses BPF to hide traffic from someone that investigates an infected machine.

2022-06-10 14:35   Symbiote utilizes BPF to hide malicious network traffic on an infected machine. The malware is designed to be loaded by the linker via the LD_PRELOAD directive. https://blogs.blackberry.com/en/2022/06/symbiote-a-new-nearly-impossible-to-detect-linux-threat https://www.intezer.com/blog/research/new-linux-threat-symbiote/    #[email protected] #社交媒体 Symbiote utilizes BPF to hide malicious network traffic on an infected machine.The malware is designed to be loaded by the linker via the LD_PRELOAD directive.blogs.blackberry.com/en/2022…intezer.com/blog/research/ne…

2022-06-09 18:41   Good way to forensics. Capture SSL/TLS text content without CA cert Using eBPF. https://github.com/ehids/ecapture    #[email protected] #社交媒体 Good way to forensics.Capture SSL/TLS text content without CA cert Using eBPF.github.com/ehids/ecapture

2022-06-08 11:14   #Bitter Group's New Management System. #APT Bitter && SideWinder IOCs https://mp.weixin.qq.com/s/8j_rHA7gdMxY1_X8alj8Zg https://mp-weixin-qq-com.translate.goog/s/8j_rHA7gdMxY1_X8alj8Zg?_x_tr_sl=zh-CN&_x_tr_tl=en&_x_tr_hl=en    #[email protected] #社交媒体 #Bitter Group's New Management System. #APT Bitter && SideWinder IOCsmp.weixin.qq.com/s/8j_rHA7gd…mp-weixin-qq-com.translate.g…

2022-06-07 18:58   #Kimsuky #BabyShark Update ielsems[.]com worldinfocontact[.]club H:\HIJACKING\OneDrive_Hijacking\googleDrive_rat_load_complete\googleDrive_rat_load_complete\rat_load\Release\rat_load.pdb https://mp.weixin.qq.com/s/ZV8AOTd7YGUgCTTTZtTktQ https://mp-weixin-qq-com.translate.goog/s/ZV8AOTd7YGUgCTTTZtTktQ?_x_tr_sl=zh-CN&_x_tr_tl=en&_x_tr_hl=en    #[email protected] #社交媒体 #Kimsuky #BabyShark Update ielsems[.]comworldinfocontact[.]clubH:\HIJACKING\OneDrive_Hijacking\googleDrive_rat_load_complete\googleDrive_rat_load_complete\rat_load\Release\rat_load.pdbmp.weixin.qq.com/s/ZV8AOTd7Y…mp-weixin-qq-com.translate.g…

2022-06-02 15:13   #sidewinder started using an anti-bot script to filter their victims. report: https://blog.group-ib.com/sidewinder-antibot    #[email protected] #社交媒体 #sidewinder started using an anti-bot script to filter their victims.report:blog.group-ib.com/sidewinder…

By QianX.in