Frequent verification codes may appear for non-Mainland China IP visits. If visitors are severely affected, please send [IP|ASN](44.200.136.171|AS14618) to the bottom mailbox to add to the whitelist

文章列表

8hour ago   Malicious Life Podcast: What It’s Like to Fight LulzSec    #cybereason #威胁情报 The name LulzSec is probably very familiar to listeners who were around in 2011 when this hacking group was at the peak of its nefarious activity. As their name implies, LulzSec was known for trolling their victims:, and while their childish behavior might have fooled some people into thinking

10hour ago   NullMixer drops Redline Stealer, SmokeLoader and other malware    #alienvault #威胁情报 NullMixer is a dropper leading to an infection chain of a wide variety of malware families. NullMixer spreads via malicious websites that can be found mainly via search engines. These websites are often related to crack, keygen and activators for downloading software illegally, and while they may pr

11hour ago   New campaign uses government, union-themed lures to deliver Cobalt Strike beacons    #Talos #威胁情报 By Chetan Raghuprasad and Vanja Svajcer. Cisco Talos discovered a malicious campaign in August 2022 delivering Cobalt Strike beacons that could be used in later, follow-on attacks.Lure themes in the phishing documents in this campaign are related to the job details of a government organization in th

13hour ago   Protecting teens from sextortion: What parents should know    #welivesecurity(ESET) #威胁情报 Online predators increasingly trick or coerce youth into sharing explicit videos and photos of themselves before threatening to post the content onlineThe post Protecting teens from sextortion: What parents should know appeared first on WeLiveSecurity

22hour ago   【セミナーレポート】これからのアプリケーション開発のセキュリティ対策を考える    #LAC WATCH #威胁情报 セキュリティ診断サービスを手掛けているラックとユービーセキュア社は、システム開発を実施するお客様のセキュリティ対策について、共通の課題認識がありました。それは「システム開発のスピードを落とさずにセキュリティ診断を行うにはどうすれば良いか?」ということでした。 そこで、「診断内製化の次を行く!これからのアプリケーション開発のセキュリティ対策とは!?」と題したセミナーを開催しましたので、レポートをお届けします。 目次 開発の早い段階で開発チームがセキュリティ対策に取り組んでいく 開発チームとの伴走で実現するセキュリティ:komabato 開発者

23hour ago   1 Key for 1 Lock: The Chinese Communist Party’s Strategy for Targeted Propaganda    #recordedfuture #威胁情报 China’s new propaganda strategy aims to maximize influence by targeting specific audiences with bespoke content they’ll enjoy – using behavioral data research.

23hour ago   1 Key for 1 Lock: The Chinese Communist Party’s Strategy for Targeted Propaganda Report    #recordedfuture #威胁情报 China’s new propaganda strategy aims to maximize influence by targeting specific audiences with bespoke content they’ll enjoy – using behavioral data research.

yday 03:28   Whitepaper – Project Triforce: Run AFL On Everything (2017)    #NCC Group Research #威胁情报 Six years ago, NCC Group researchers Tim Newsham and Jesse Burns released TriforceAFL – an extension of the American Fuzzy Lop (AFL) fuzzer which supports full-system fuzzing using QEMU – but unfortunately the associated whitepaper for this work was never published. Today, we’re releasin

yday 00:51   Anomali Cyber Watch: Sandworm Uses HTML Smuggling and Commodity RATs, BlackCat Ransomware Adds New Features, Domain Shadowing Is Rarely Detected, and More    #anomali #威胁情报 The various threat intelligence stories in this iteration of the Anomali Cyber Watch discuss the following topics: APT, China, Fraud, Inbound connectors, Phishing, Ransomware, Russia, and Ukraine. The IOCs related to these stories are attached to Anomali Cyber Watch and can be used to check your log

yday 00:00   Cloud security fundamentals for an informed buyer    #lacework #威胁情报 Given the complexity of cloud environments, how do you know what cloud security solution is right for you? There are many factors to consider, including the coordination of technologies, processes, controls, and policies. The cloud also lacks traditional network or infrastructure architecture, meani

yday 22:44   White Paper: Operation-Centric Security - Leveraging Indicators of Behavior for Early Detection    #cybereason #威胁情报 Today’s security model produces an endless stream of uncorrelated alerts for individual events on the network. The majority of these alerts are either false positives that need to be disqualified, or are simply glimpses of a larger attack sequence that will require an analyst to manually triag

yday 22:43   Defending Against Supply Chain and Ransomware Attacks    #cybereason #威胁情报 “The level of damage associated with ransomware-based supply chain attacks has never been higher,” warned a recent article. These attacks are so disruptive because, as one consultancy firm revealed, the average company has 3,000 suppliers per $1 billion US in spend. That means when it comes to

yday 22:04   Erbium Stealer, a new Infostealer enters the scene    #alienvault #威胁情报 Cluster25 has obtained a sample of Erbium InfoStealer, a new type of malware that can change its features to evade detection and has been used to sell data stolen through a Telegram bot. In the analyzed sample, the first stage of the infection consists in a 32-bit PE executable with a highly obfusc

yday 21:36   PowerPoint mouse-over event abused to deliver Graphite implants    #alienvault #威胁情报 Researchers from the Cluster25 Threat Intel Team collected and analyzed a lure document used to implant a variant of Graphite malware, which uses the Microsoft Graph API and OneDrive for C&C communications. The lure document is a PowerPoint file that exploits a code execution technique, which i

yday 21:00   More Than Meets the Eye: Exposing a Polyglot File That Delivers IcedID    #unit42 #威胁情报 Polyglot files, such as the malicious CHM file analyzed here, can be abused to hide from anti-malware systems that rely on file format identification.The post More Than Meets the Eye: Exposing a Polyglot File That Delivers IcedID appeared first on Unit 42.

By QianX.in