Cybersecurity information flow

干净的信息流推送工具,偏向安全圈的点点滴滴,为安全研究人员每日发现优质内容.

了解更多 »

全部节点
时间 节点
2023年4月1日 13:21 Github关注
Empire is a post-exploitation and adversary emulation framework that is used to aid Red Teams and Penetration Testers.
2023年4月1日 13:21 Github关注
C# obfuscator that bypass windows defender
2023年4月1日 13:01 freebuf
我们将2022年流行的窃密木马进行梳理,阐述其发展现状,并总结出有效的防护建议。
2023年4月1日 10:11 freebuf
大家都说这个漏洞是上传漏洞,其实这个不是上传漏洞,是远程文件下载漏洞。
2023年4月1日 09:11 freebuf
文章总结推荐了本周的热点资讯、安全事件、一周好文和省心工具,保证大家不错过本周的每一个重点!
2023年4月1日 09:01 Github_POC
Minio is a Multi-Cloud Object Storage framework. In a cluster deployment starting with RELEASE.2019-12-17T23-16-33Z and prior to RELEASE.2023-03-20T20-16-18Z, MinIO returns all environment variables, including `MINIO_SECRET_KEY` and `MINIO_ROOT_PASSWORD`, resulting in information disclosure. All users of distributed deployment are impacted. All users are advised to upgrade to RELEASE.2023-03-20T20-16-18Z.
[GitHub]minio敏感信息泄露
2023年4月1日 08:31 malware.news
On March 29th 2023, CrowdStrike published a blog outlining a supply chain attack leveraging the 3CXDesktopApp - a softphone application from 3CX. The ThreatLabz Team immediately started hunting for IoCs on the Zscaler Cloud.
We observed infections dating back to February 2023 for both the Windows as well as the MacOS variant of the Trojanized 3CXDesktopApp installers.
Fig.1 - Infections dating back to February 2023 in Zscaler Cloud
In this case the Threat Actors targeted various industry verticals such as:
Technology Services Manufacturing and more
Further let’s analyze the Infection Chain for the 3CX Supply Chain Attack:
Infection Chain:
Fig.2 - Infection Chain
The Infection chain begins with the software update routine where the 3CXDesktopApp calls the “Update.exe --update <3cx_update_url>” from its bundle to fetch the updates. This then downloads the valid signed Malicious 3CX MSI installer and the Affected 3CX MAC Application as required in the form of an update package on the victim’s machine as shown in
2023年4月1日 08:31 malware.news
Happy World Backup Day everyone!
What, you didn't know it was World Backup Day? Hmmm, perhaps that's not a surprise. If there was an award for "most overlooked really important thing in computing", backups would win. Every year.
So let's put that right this year and spend a minute or two of World Backup Day thinking about backups. Backups are great! Having backups is like having a do-over for your mistakes, and who hasn't wished for that? And they can keep you safe too. Good computer security means creating layers of protection that overlap and cover each others' backs. The final layer is your backups. They're a "get out of jail free" card you can play if any of your files are destroyed, deleted, or corrupted by malware.
To get you off on the right foot we've got three tips: A beginner tip, an intermediate tip, and an advanced tip.
1. Make backups
Yes, our first tip really is "make backups". Why? Because backups are the dental floss of cybersecurity—the thing that everyone knows they should do, that everyone 
2023年4月1日 08:31 malware.news
Backups are an organization's last line of defense against ransomware, because comprehensive, offline, offsite backups give you a chance to restore or rebuild your computers without paying a criminal for a decryption key.
Unfortunately, many organizations don't realize how important it is to make backups until it's too late. And it's all-too-common for those that do take regular backups to discover too late that they aren't fit for purpose.
Why? Because backups are hard to get right.
In September 2021, Malwarebytes spoke with Matt Crape from VMWare to find out why backups are so hard, why they fail, and what to do about it. This World Backup Day, we thought we'd revisit his advice for creating a more consistent, stable, and resilient backup process. Here are three essential things every organization can ponder today.
1. Know what you're trying to achieve
Good backups start with a clear understanding of what your organization needs them to do. From that, you can determine what needs to be backed up, why, how f
2023年4月1日 08:31 Github关注
2023年4月1日 08:11 freebuf
HardBit 勒索软件会利用“双重勒索”加密受害者的文件来勒索赎金,如果不支付赎金就会威胁发布相关敏感信息与数据。
2023年4月1日 06:11 Github关注
2023年4月1日 05:37 malware.news
This week’s healthcare data breach roundup includes a massive vendor incident, a ransomware attack, and yet another provider reporting a pixel-related patient data exposure.
Article Link: Healthcare vendor reports breach from 2021, at least 9 providers impacted | SC Media
1 post - 1 participant
Read full topic
2023年4月1日 05:11 Github关注
tui-rs revival project
2023年4月1日 05:11 Github关注
Compile-time, Usermode + Kernelmode, safe and lightweight string crypter library for C++11+
2023年4月1日 05:01 malware.news
Written by Ralph Losey with some help from ChatGPT-4. Illustrations by Losey using Midjourney or Dall-E. Chat GPT-4 now estimates, and I agree, that there is a 5-10% chance that The Singularity will occur in the next five years. Considering the profound implications, a possibility as high as 10% is motivating as hell. We need […]
Article Link: Start Preparing For “THE SINGULARITY.” There is a 5% to 10% chance it will be here in five years. Part 1 | e-Discovery Team ®
1 post - 1 participant
Read full topic
2023年4月1日 05:01 malware.news
The hackers stole 4,822,580 customers' personal information, including their names, dates of birth, passport numbers, driver's license numbers, federal and state identification card numbers, tax identification numbers, social security numbers, and financial account information.
Article Link: High-cost lender TMX Finance data breach affects nearly 5 million customers | SC Media
1 post - 1 participant
Read full topic
2023年4月1日 04:31 Github关注
Source code for Twitter's Recommendation Algorithm
2023年4月1日 04:31 Github关注
中文版的ai地牢,直接使用的openai的ChatGPT api作为讲故事的模型。
2023年4月1日 03:35 Hex Rays
If you ever looked at IDA ARM module’s processor-specific settings, you may have been puzzled by the option “Disable BL jumps detection”. What is it and when to use it? Background The ARM instruction set initially used fixed-width 32-bit instructions. The relative branch instruction, B, allocated 24 bits for the offset, giving it a range of ±32MB. Some [...]
2023年4月1日 03:31 hackone
影响厂商:GitHub Security Lab 奖励:5500.0USD 危险等级:high
2023年4月1日 03:31 hackone
影响厂商:GitHub Security Lab 奖励:2300.0USD 危险等级:medium
2023年4月1日 03:01 malware.news
Article Link: [Control systems] ABB security advisory (AV23-180) - Canadian Centre for Cyber Security
1 post - 1 participant
Read full topic
2023年4月1日 03:01 malware.news
Technical glitch during a scheduled upgrade affected all automated immigration clearance systems and led to rare delays at Singapore’s Changi Airport, which recently was again named the world’s best airport.
Article Link: Glitch in system upgrade identified as cause of delays at Singapore immigration | ZDNET
1 post - 1 participant
Read full topic
2023年4月1日 03:01 malware.news
Orca Security details a vulnerability dubbed “Super FabriXss” – a bug researchers said teams should patch immediately if they don’t apply automatic updates.
Article Link: Azure bug, patched this month, could have allowed access to critical systems | SC Media
1 post - 1 participant
Read full topic
2023年4月1日 03:01 malware.news
On March 29, 2023, security researchers documented a malicious campaign targeting 3CX Desktop App customers. 3CX Desktop App is a software application developed by 3CX, a Voice over Internet Protocol (VoIP) solutions provider with 12M+ daily users. This application is available for Windows, macOS, Linux, and mobile.
Article Link: Technical Advisory: Software Supply Chain Attack Against 3CX Desktop App
1 post - 1 participant
Read full topic
2023年4月1日 02:01 malware.news
Article Link: Apple security advisory (AV23-179) - Canadian Centre for Cyber Security
1 post - 1 participant
Read full topic
2023年4月1日 01:21 malware.news
Article Link: CyberChef Recipe to Loop Over Values to Modify and Decode - YouTube
1 post - 1 participant
Read full topic
2023年4月1日 01:21 malware.news
Article Link: Post-Conference Tech Spec: Why Building Your Ship (Application) with Raw Materials is a Bad Idea
1 post - 1 participant
Read full topic
2023年4月1日 01:21 malware.news
If you ever looked at IDA ARM module’s processor-specific settings, you may have been puzzled by the option “Disable BL jumps detection”.
What is it and when to use it?
Background
The ARM instruction set initially used fixed-width 32-bit instructions. The relative branch instruction, B, allocated 24 bits for the offset, giving it a range of ±32MB.
Some time later, ARM introduced a a compact 16-bit encoding for a subset of instructions, called Thumb. Because most relative branches occur in the same function, the ±2KB range available for 16-bit B instructions was usually enough. In case longer distance was needed, a longer instruction sequence would have to be generated.
Some compiler writers realized, that the BL instruction, normally used for function calls, can be used for simple branches as well. On ARM, the function calls do not use the stack, so the only side effect of BL as opposed to simple branch is that it sets the LR register to the address following the BL instruction. If the LR is saved at the star