最近更新
时间 | 节点 | |
---|---|---|
2023年2月4日 08:10 | freebuf | |
2023年2月4日 08:03 | Black Hills Information Securi | Talkin’ About Infosec News – 2/3/2023 00:00 – PreShow Banter™ — Woke Up Like This03:20 – BHIS – Talkin’ Bout [infosec] News 2023-01-3005:04 – Story # 1: GoTo says hackers stole customers’ backups and encryption keyhttps://www.bleepingcomputer.com/news/security/goto-says-hackers-stole-customers-backups-and-encryption-key/09:48 […] The post Talkin’ About Infosec News – 2/3/2023 appeared first on Black Hills Information Security. |
2023年2月4日 07:30 | Github关注 | ASkyeye forked ASkyeye/AMSI_patch from TheD1rkMtr/AMSI_patch Patching AmsiOpenSession by forcing an error branching |
2023年2月4日 07:30 | Github关注 | |
2023年2月4日 07:10 | Github关注 | riusksk starred hacksysteam/CVE-2023-21608 Adobe Acrobat Reader - CVE-2023-21608 - Remote Code Execution Exploit |
2023年2月4日 05:50 | hackone | |
2023年2月4日 05:10 | Github关注 | |
2023年2月4日 04:10 | malware.news | Microsoft Edge security advisory (AV23-067) Article Link: Microsoft Edge security advisory (AV23-067) - Canadian Centre for Cyber Security 1 post - 1 participant Read full topic |
2023年2月4日 04:09 | nccgroup | Machine Learning 102: Attacking Facial Authentication with Poisoned Data This blog post is the second in a series related to machine learning, and demonstrates exactly how a data poisoning attack might work to insert a backdoor into a facial authentication system. The simplified system has similarities to that which the TSA is running a proof of concept trial at the Detroit and Atlanta airports. As background, … Continue reading Machine Learning 102: Attacking Facial Authentication with Poisoned Data → |
2023年2月4日 03:20 | Github_POC | CVE-2022-46604 (2023-02-02) galoget/ResponsiveFileManager-CVE-2022-46604 An issue in Tecrail Responsive FileManager v9.9.5 and below allows attackers to bypass the file extension check mechanism and upload a crafted PHP file, leading to arbitrary code execution. [GitHub]Responsive FileManager v.9.9.5 vulnerable to CVE-2022–46604. |
2023年2月4日 03:20 | malware.news | To Protect Satellites, Secure Your Networks, Chief of Space Ops Says Cyber attacks can undermine space-based capabilities, Gen. Chance Saltzman said. Article Link: To Protect Satellites, Secure Your Networks, Chief of Space Ops Says - Nextgov 1 post - 1 participant Read full topic |
2023年2月4日 03:20 | malware.news | Sonatype's 2022: A Year-End Recap Article Link: Sonatype's 2022: A Year-End Recap 1 post - 1 participant Read full topic |
2023年2月4日 03:20 | malware.news | Walking the Process Environment Block (PEB) - How-To Discover In-Memory Libraries Article Link: Walking the Process Environment Block (PEB) - How-To Discover In-Memory Libraries - YouTube 1 post - 1 participant Read full topic |
2023年2月4日 03:20 | malware.news | Atlassian security advisory (AV23-062) Article Link: Atlassian security advisory (AV23-062) - Canadian Centre for Cyber Security 1 post - 1 participant Read full topic |
2023年2月4日 03:20 | malware.news | Feds get guilty plea in Ubiquiti data extortion case A former employee of the technology company Ubiquiti pleaded guilty on Thursday in a Manhattan federal courtroom on charges related to perpetrating an audacious insider attack on his employer, in which he accessed a trove of confidential data before demanding a ransom. Nickolas Sharp, 37, was a senior software engineer at the New York-based company, which specializes in wireless communications. In his role, he was responsible for cloud infrastructure security, as well as software development. According to the federal indictment, in late 2020 Sharp began abusing his administrative access and downloaded gigabytes of confidential data from the company’s Amazon Web Services and GitHub servers. “Nickolas Sharp’s company entrusted him with confidential information that he exploited and held for ransom,” U.S. Attorney Damian Williams said Thursday in a statement announcing the guilty plea. Sharp’s plan also had a disinformation angle. As Williams noted, “Adding insult to injury, when Sharp wasn’t given his ransom de |
2023年2月4日 03:20 | malware.news | Threat Source newsletter (Feb. 2, 2023): I bid you all adieu Welcome to this week’s edition of the Threat Source newsletter. If you haven’t noticed yet we’ve had a few guest writers on this newsletter over the last few months. Alas my time covering the newsletter has ended and I leave you with one final edition. Have no fear, William Largent will be rounding out the guest appearances next week and your long-time host Jon Munshaw will be back at the helm. Thanks for sticking with us this long and if you’re newly subscribed welcome! The one big thing Next week will be our final installment of our 2022 Year in Review report coverage. We’ll be publishing a final topic summary on Ransomware and Commodity Loaders and follow up these reports with a livestream on LinkedIn and Twitter with report and subject matter experts. Why do I care? We published our full 2022 Year in Review early December. If you haven’t read it yet we highly suggest your download your copy here or check out our previous livestreams. Through these reports and videos we’ve broken down the threat landscape |
2023年2月4日 03:20 | malware.news | Hackers linked to North Korea targeted Indian medical org, energy sector The North Korean military’s notorious hacking arm – known as the Lazarus Group – has been accused of targeting public and private sector research organizations, an Indian medical research company and other businesses in the energy sector. Security analysts at WithSecure said they were called on to respond to a cyberattack that they initially tied to the BianLian group — a ransomware gang that has targeted the health care, education, insurance and media industries since at least December 2021. But on closer examination, they assessed that several key factors pointed to Lazarus. “One of the victims was in the health care research vertical within India. In recent years the Indian research and technology sector has been a common target of those North Korean threat groups with a focus on intelligence collection,” the researchers said. “Other victims of this campaign identified by WithSecure included health care research, a manufacturer of technology used in energy, research, defense, and health care verticals, as |
2023年2月4日 03:20 | malware.news | AI, Processor Advances Will Improve Application Security Applications may soon become more secure as code written by artificial intelligence (AI) platforms finds its way onto next-generation secure processors. Matt Jarvis, director of developer relations for Snyk, told attendees at the CloudNative SecurityCon North America conference today that AI platforms used to write code will not use the same high-level programming languages that.. The post AI, Processor Advances Will Improve Application Security appeared first on Security Boulevard. Article Link: AI, Processor Advances Will Improve Application Security - Security Boulevard 1 post - 1 participant Read full topic |
2023年2月4日 03:20 | malware.news | Check out a couple of my older posts, (Thu, Feb 2nd) I don’t get nearly as much opportunity to play with packets these days as I did in the first 5-10 years I was a handler and I miss it. I was looking back through some of my old diaries and realized that in the years since I wrote some of them, we have at least a generation of folks who have entered the field. So I thought that on (the day after) Groundhog Day, it might be time to point folks back to some stuff I wrote earlier. Note, some of the tools have changed/evolved, so ethereal is now wireshark and instead of hping3 I would probably use scapy, but here are 2 of my favorite diaries from the past. Check them out, [1] is from 2006 and [2] is from 2009. Article Link: https://isc.sans.edu/diary/rss/29504 1 post - 1 participant Read full topic |
2023年2月4日 03:20 | malware.news | ISC Stormcast For Friday, February 3rd, 2023 https://isc.sans.edu/podcastdetail.html?id=8354, (Fri, Feb 3rd) Article Link: https://isc.sans.edu/diary/rss/29506 1 post - 1 participant Read full topic |
2023年2月4日 03:20 | malware.news | Hackers are using this new trick to deliver their phishing attacks Cyber criminals are trying a new method to help ensure phishing attacks are successful - here’s what to watch out for. Article Link: Hackers are using this new trick to deliver their phishing attacks | ZDNET 1 post - 1 participant Read full topic |
2023年2月4日 03:20 | malware.news | TgToxic Malware’s Automated Framework Targets Southeast Asia Android Users We look into an ongoing malware campaign we named TgToxic, targeting Android mobile users in Taiwan, Thailand, and Indonesia since July 2022. The malware steals users’ credentials and assets such as cryptocurrency from digital wallets, as well as money from bank and finance apps. Analyzing the automated features of the malware, we found that the threat actor abused legitimate test framework Easyclick to write a Javascript-based automation script for functions such as clicks and gestures. Article Link: TgToxic Malware’s Automated Framework Targets Southeast Asia Android Users 1 post - 1 participant Read full topic |
2023年2月4日 03:20 | malware.news | Switzerland’s largest university confirms ‘serious cyberattack’ The University of Zurich, Switzerland’s largest university, announced on Friday it was the target of a “serious cyberattack,” which comes amid a wave of hacks targeting German-speaking institutions. The university’s website is currently inaccessible, but the phone line to the press office is working. In a statement sent to The Record, a spokesperson described the incident as “part of a current accumulation of attacks on educational and health institutions.” Explaining this accumulation, they cited “several attacks” that “have been carried out on universities in German-speaking countries in recent weeks, resulting in suspension of their IT services for extended periods of time. The attacks are usually carried out by compromising several individual accounts and systems.” The identity of the attackers and nature of the attack was not disclosed. The university said it was conducted by perpetrators “acting in a very professional manner.” Last month the Vice Society ransomware group claimed responsibility for a Nov |
2023年2月4日 03:20 | malware.news | Capture22 photo competition: celebrating hard work and dedication The 2022 competition comprised the following three categories: Making Europe safer; Caring for the community; On the road. In the ‘Making Europe safer’ category, photographer Pedro Manuel Reis Valongo of the Polícia de Segurança Pública submitted the winning photo of a Portuguese police officer on patrol in a railway station. The officer stands on the platform as the trains pass… Article Link: Capture22 photo competition: celebrating hard work and dedication | Europol 1 post - 1 participant Read full topic |
2023年2月4日 03:20 | malware.news | Cybersecurity Controls Every Organization Needs The cybersecurity controls used to manage an organization’s cybersecurity program in previous years will not work against bad actors targeting networks today. Organizations rely more on cloud computing technology, connecting their sensitive data to more third party networks and in turn expanding their attack surface. Article Link: https://www.bitsight.com/blog/cybersecurity-controls-types 1 post - 1 participant Read full topic |
2023年2月4日 03:20 | malware.news | NCCoE Issues New Guide for Deploying Zero Trust Architectures The demand for zero trust architectures has long been well understood. However, while the “why” is clear, it’s the “how” that’s far less straightforward. As they pursue a move to zero trust, many teams struggle with devising the specific tools, tactics, and approaches that are optimally aligned with their organizations. Read on to learn more about vital new resources that offer much-needed guidance for teams looking to adopt zero trust in their organizations. Introduction: The Pressing Demands for Zero Trust The need for zero trust architectures continues to get more pressing as the notion of a defensible security perimeter becomes an increasingly distant memory. Particularly since the advent of the pandemic, the reality is that sensitive enterprise data can be anywhere. Consequently, the legacy focus on trying to keep the bad actors “out” is now a non-starter. Zero trust architectures represent a key imperative, an approach that’s truly aligned with current realities. Introducing the Zero Trust Architecture |
2023年2月4日 03:20 | malware.news | Meet an Open Source Developer - Theresa Mammarella Article Link: Meet an Open Source Developer - Theresa Mammarella 1 post - 1 participant Read full topic |
2023年2月4日 03:20 | malware.news | Russia-linked hacking against national labs spurs inquiry from two House chairmen The Republican chairmen of two U.S. House committees want more information from the Department of Energy about reported Russian hacking activity against three national laboratories last year. The lawmakers — James Comer of Kentucky and Frank Lucas of Oklahoma — cited a recent Reuters report about a group known as Cold River targeting the Brookhaven, Argonne and Lawrence Livermore labs in August and September. “Although it is unclear whether the attempted intrusions were successful, it is alarming that a hostile foreign adversary targeted government labs working on scientific research critical to the national security and competitiveness of the United States,” wrote Oversight Chairman Comer and Science Chairman Lucas in a letter to Energy Secretary Jennifer Granholm. The hacking campaign reportedly used fake login pages to attempt to collect credentials from nuclear scientists. All three facilities perform high-level research associated with the nation’s nuclear weapons programs. The lawmakers are asking for d |
2023年2月4日 03:20 | malware.news | Julius ‘zeekill’ Kivimäki, former Lizard Squad hacker, arrested in France Julius Kivimäki, the Finnish member of Lizard Squad — who as a teenager in 2015 was convicted on over 50,000 counts of computer crimes — has been arrested again in France. Finnish police confirmed the arrest on Friday in a press release stating the suspect is being held by French authorities while they “immediately initiate measures to extradite the suspect to Finland.” Finland’s police service had issued a European arrest warrant for Kivimäki, who now goes by the first name Aleksanteri, on charges of computer-related crime and racketeering and extortion. He was being sought as part of an investigation into a cyberattack targeting Vastaamo, a Helsinki-based private psychotherapy center, that was made public in 2020. As a result of the hack, which began in 2018, sensitive patient data was stolen as well as financial information that was reportedly fraudulently used. After the institution refused to meet the perpetrator’s extortion demands, individual patients faced demands that they pay up or have documents re |
2023年2月4日 03:20 | malware.news | [Control systems] Delta Electronics security advisory (AV22-063) Article Link: [Control systems] Delta Electronics security advisory (AV22-063) - Canadian Centre for Cyber Security 1 post - 1 participant Read full topic |