Frequent verification codes may appear for non-Mainland China IP visits. If visitors are severely affected, please send [IP|ASN](18.232.127.73|AS14618) to the bottom mailbox to add to the whitelist

文章列表

dby 19:00   Vice Society: Profiling a Persistent Threat to the Education Sector    #unit42 #威胁情报 Vice Society, a ransomware gang, has been involved in high-profile activity against schools this year. The post Vice Society: Profiling a Persistent Threat to the Education Sector appeared first on Unit 42.

2022-12-02 22:00   Blowing Cobalt Strike Out of the Water With Memory Analysis    #unit42 #威胁情报 Unit 42 researchers examine several malware samples that incorporate Cobalt Strike components, and discuss some of the ways that we catch these samples by analyzing artifacts from the deltas in process memory at key points of execution. We will also discuss the evasion tactics used by these threats,

2022-11-21 19:00   Threat Assessment: Luna Moth Callback Phishing Campaign    #unit42 #威胁情报 Unit 42 investigates Luna Moth/Silent Ransom Group callback phishing extortion campaign that targeted businesses in multiple sectors.The post Threat Assessment: Luna Moth Callback Phishing Campaign appeared first on Unit 42.

2022-11-19 10:00   An AI Based Solution to Detecting the DoubleZero .NET Wiper    #unit42 #威胁情报 Unit 42 presents a machine learning model to predict maliciousness of .NET samples based on file structures, by analyzing the DoubleZero .NET wiper.The post An AI Based Solution to Detecting the DoubleZero .NET Wiper appeared first on Unit 42.

2022-11-16 22:00   Network Security Trends: May-July 2022    #unit42 #威胁情报 Unit 42 provides summaries and analysis of the vulnerabilities published between May-July 2022, including the severity and attack origin distribution.The post Network Security Trends: May-July 2022 appeared first on Unit 42.

2022-11-14 22:00   Typhon Reborn With New Capabilities    #unit42 #威胁情报 Typhon Stealer, a crypto miner/stealer for hire that was discovered in August 2022, now has an updated version called Typhon Reborn.The post Typhon Reborn With New Capabilities appeared first on Unit 42.

2022-11-10 22:00   Unit 42 Finds Three Vulnerabilities in OpenLiteSpeed Web Server    #unit42 #威胁情报 Unit 42 discovered three vulnerabilities in OpenLiteSpeed Web Server and LiteSpeed Web Server that could be used together for remote code execution.The post Unit 42 Finds Three Vulnerabilities in OpenLiteSpeed Web Server appeared first on Unit 42.

2022-11-03 21:00   Cobalt Strike Analysis and Tutorial: Identifying Beacon Team Servers in the Wild    #unit42 #威胁情报 We present new techniques that leverage active probing and network fingerprint technology to help you detect Cobalt Strike’s Team Servers.The post Cobalt Strike Analysis and Tutorial: Identifying Beacon Team Servers in the Wild appeared first on Unit 42.

2022-11-03 09:00   Threat Brief: CVE-2022-3786 and CVE-2022-3602: OpenSSL X.509 Buffer Overflows    #unit42 #威胁情报 OpenSSL released a security advisory describing two high severity vulnerabilities within the OpenSSL library (CVE-2022-3786 and CVE-2022-3602).The post Threat Brief: CVE-2022-3786 and CVE-2022-3602: OpenSSL X.509 Buffer Overflows appeared first on Unit 42.

2022-10-31 21:00   Banking Trojan Techniques: How Financially Motivated Malware Became Infrastructure    #unit42 #威胁情报 Learning about the variety of techniques used by banking Trojans can help us detect other activities of financially motivated threat groups.The post Banking Trojan Techniques: How Financially Motivated Malware Became Infrastructure appeared first on Unit 42.

2022-10-28 21:00   Defeating Guloader Anti-Analysis Technique    #unit42 #威胁情报 Unit 42 is providing a script to deobfuscate a recently discovered Guloader variant that uses anti-analysis techniques, and other samples like it.The post Defeating Guloader Anti-Analysis Technique appeared first on Unit 42.

2022-10-26 21:00   Trends in Web Threats in CY Q2 2022: Malicious JavaScript Downloaders Are Evolving    #unit42 #威胁情报 We examine trends in web threats for the second calendar year quarter of 2022, including how a malicious JavaScript downloader is evolving to evade detection.The post Trends in Web Threats in CY Q2 2022: Malicious JavaScript Downloaders Are Evolving appeared first on Unit 42.

2022-10-24 21:00   CNAME Cloaking: Disguising Third Parties Through the DNS    #unit42 #威胁情报 CNAME cloaking uses DNS records to hide when browsers are sending data to a third party such as an advertiser. The post CNAME Cloaking: Disguising Third Parties Through the DNS appeared first on Unit 42.

2022-10-21 21:00   Trends in Web Threats: Old Web Skimmer Still Active Today    #unit42 #威胁情报 We examine trends in web threats for the first quarter of 2022, including an old web skimmer that is still active five years later.The post Trends in Web Threats: Old Web Skimmer Still Active Today appeared first on Unit 42.

2022-10-17 21:00   Detecting Emerging Network Threats From Newly Observed Domains    #unit42 #威胁情报 We discuss how to discover potential threats among newly observed domains at the time they begin to carry attack traffic. The post Detecting Emerging Network Threats From Newly Observed Domains appeared first on Unit 42.

By QianX.in