当前节点:rss
时间节点
2022年6月21日 15:32Fuzzing Labs
Solidity/Ethereum Smart Contract Audit using SlitherBlockchain Security In this video, I will show how to audit and find vulnerabilities inside an Ethereum smart contract written in Solidity using Slither, one of the best EVM smart contract analysis tools. https://youtu.be/s3FL5caAy5w You will get access of the complete tutorial with source code, cheat sheet and or complete...
在这个视频中,我将展示如何使用 Slither 来审计和发现以太智能合同中的漏洞。 Slither 是最好的 EVM 智能合同分析工具之一。Https://youtu.be/s3fl5caay5w 你可以获得完整的教程,包括源代码、备忘录和或完整的..。
2022年6月21日 14:10malware.news
By pinpointing common behaviors , organizations can develop mitigation efforts by anticipating threat actors’ specific characteristics.
Article Link: The 7 common traits among highly successful… | Intel471
1 post - 1 participant
Read full topic
通过精确定位共同行为,组织可以通过预测威胁行为者的具体特征来开展缓解工作。
文章链接: 高度成功的7个共同特征... | Intel471
1名1职参与者
阅读完整主题
2022年6月21日 14:10malware.news
A recent study conducted by Microsoft in partnership with Ponemon Institute included a survey of companies that have adopted IoT solutions and 65 percent of them mentioned that security is a top priority when implementing IoT. Attacks targeting IoT devices put businesses at risk. Impacted devices can be bricked, held for ransom, employed as launch points for further network attacks, or used for malicious purposes. Among many consequences, we often see intellectual property (IP) and data theft and compromised regulatory status, all of which can have brand and financial implications on the business.
Subsequently, we did a survey to understand the top concerns around the security of IoT devices, and we shared the findings in a previous blog about best practices for managing IoT security concerns. The following list summarizes the top security concerns from companies that have adopted IoT solutions:
Ensuring data privacy (46 percent).
Ensuring network-level security (40 percent).
Security endpoints for each IoT d
2022年6月21日 13:39绿盟科技博客
“攻击者可以入侵公共设施的SCADA系统来监控峰值负载,或更改分布式能源管理系统 (DERMS) 控制设置,以
Read More
2022年6月21日 12:39malware.news
The ASEC analysis team has recently discovered the active distribution of Bumblebee, a downloader type malware. It is distributed using phishing emails in ISO file, and this file contains a shortcut and malicious DLL file. There were also cases of malware being distributed to Korean users through email hijacking.
The image below shows phishing emails distributing Bumblebee. They hijacked normal emails and were sent to users as replies with malicious attachments. Users who receive the email may open the attachment thinking that it is a normal reply, therefore, caution is advised. Other phishing emails are also being distributed using the email hijacking method. Phishing emails may also include malicious URLs to prompt users to download files. This method uses Google Drive for the distribution.
Phishing email
Phishing email (2)
The compressed file attached to the phishing email is locked with a password that is included in the email. The attachment is disguised as an invoice or request, containing an ISO file.
2022年6月21日 11:40malware.news
Article Link: InfoSec Handlers Diary Blog - SANS Internet Storm Center
1 post - 1 participant
Read full topic
文章链接: InfoSec 处理者日记博客-SANS 互联网风暴中心
1名1职参与者
阅读完整主题
2022年6月21日 11:40malware.news
Trail of Bits has launched a podcast. The first five-episode season is now available for download. The podcast and its RSS feed are available at trailofbits.audio, and you may subscribe on all major podcast outlets, including Apple iTunes, Spotify, Gaana, Google Podcasts, Amazon Music, and many others.
Listening to our podcast is like having a couple of friends—who happen to be the world’s leading cybersecurity experts—explain to you how they protect some of the world’s most precious data, in plain, straightforward English. Each episode provides entertaining, plain-language descriptions of the exciting technologies and projects that Trail of Bits engineer-consultants are working on. The podcast is designed to be simple (yet not dumbed-down), technically accurate, and really fun to listen to. And the only ads you’ll ever hear are for our free and open source software and tools.
Our audience includes tech-savvy and technically curious people who want to learn more about the trends at technology’s leading edge:
2022年6月21日 11:37Trail of Bits Blog
Trail of Bits has launched a podcast. The first five-episode season is now available for download. The podcast and its RSS feed are available at trailofbits.audio, and you may subscribe on all major podcast outlets, including Apple iTunes, Spotify, Gaana, Google Podcasts, Amazon Music, and many others. Listening to our podcast is like having a […]
追踪比特发布了一个播客。第一季共五集,现在可供下载。该播客及其 RSS 订阅可以在 trailofbits.Audio 上找到,你也可以订阅所有主要的播客渠道,包括苹果 iTunes、 Spotify、 Gaana、谷歌播客、亚马逊音乐等等。听我们的播客就像..
2022年6月21日 11:31360漏洞预警
360-CERT每日安全简报
2022年6月21日 11:09跳跳糖
JNI (Java Native Interface,JAVA 本地接口) 允许 Java 代码和其它编程语言编写的代码进行交互,主要为Java和Native层(C/C++)相互调用的接口规范,但是并不妨碍扩展其他语言。 JNI 在 Java1.1 中正式推出,在 Java1.2 中加入了JNI_OnLoad和JNI_OnUnload方法。
2022年6月21日 08:09malware.news
In this blog post, I will show how to decode a payload encoded in a variation of hexadecimal encoding, by performing statistical analysis and guessing some of the “plaintext”.
I do have the decoder too now (a .NET assembly), but here I’m going to show how you can try to decode a payload like this without having the decoder.
The payload looks like this:
Seeing all these letters, I thought: this is lowercase Netbios Name encoding. That is an encoding where each byte is represented by 2 hexadecimal characters, but the characters are all letters, in stead of digits and letters. Since my tool base64dump.py can handle netbios name encoding, I let it try all encodings:
That failed: no netbios encoding was found. Only base64 and 2 variants of base85, but that doesn’t decode to anything I recognize. Plus, for the last 2 decodings, only 17 unique characters were found. That makes it very unlikely that it is indeed base64 or base85.
Next I use my tools byte-stats.py to produce statistics for the bytes found inside the p
2022年6月21日 05:39malware.news
ORIGINALLY AIRED ON MAY 23, 2022 Articles discussed in this episode: 00:00 – BHIS – Talkin’ Bout [infosec] News 2022-05-23 02:38 – Story # 1 – National bank trolls hackers with dick pics – https://www.bleepingcomputer.com/news/security/national-bank-hit-by-ransomware-trolls-hackers-with-dick-pics/ 06:59 – Story # 2 – Ransomware attack exposes data of 500,000 Chicago students – https://www.bleepingcomputer.com/news/security/ransomware-attack-exposes-data-of-500-000-chicago-students/ 14:09 – Story # […]
The post Talkin’ About Infosec News – 5/23/2022 appeared first on Black Hills Information Security.
Article Link: Talkin’ About Infosec News - 5/23/2022 - Black Hills Information Security
1 post - 1 participant
Read full topic
最初播出于2022年5月23日本集中讨论的文章: 00:00-BHIS-Talkin’Bout [ infosec ] News 2022-05-2302:38-Story # 1-National bank troll hacker with dick pics-Story 06:59-Story # 2-Ransomware 黑客用鸡巴图片攻击国家银行- https://www.bleepingcomputer.com/News/security/National-bank-hit-by-Ransomware-trolls-hackers-with-dick-pics/
2022年6月21日 05:39malware.news
This blog post was authored by Jérôme Segura
We have seen and heard less buzz about ‘Magecart’ during the past several months. While some companies continue to rehash the same breaches of yesteryear, we have been wondering if some changes took place in the threat landscape.
One thing we know is that if the Magecart threat actors decided to switch their operations exclusively server-side then the majority of companies, including ours, would lose visibility overnight. This is why we often look up to researchers that work the website cleanups. If something happens, these guys would likely notice it.
We followed the trail on two recent reports that proved to be worthwhile. It allowed us to make a connection to a previous campaign and identify new pieces of a pretty wide infrastructure.
For now we can say that Magecart client-side attacks are still around and that we could easily be missing them if we rely on automated crawlers and sandboxes, at least if we don’t make them more robust.
Newly reported domains linke
2022年6月21日 05:35Black Hills Information Securi
ORIGINALLY AIRED ON MAY 23, 2022 Articles discussed in this episode: 00:00 – BHIS – Talkin’ Bout [infosec] News 2022-05-23 02:38 – Story # 1 – National bank trolls hackers with dick pics – https://www.bleepingcomputer.com/news/security/national-bank-hit-by-ransomware-trolls-hackers-with-dick-pics/ 06:59 – Story # 2 – Ransomware attack exposes data of 500,000 Chicago students – https://www.bleepingcomputer.com/news/security/ransomware-attack-exposes-data-of-500-000-chicago-students/ 14:09 – Story # […]
The post Talkin’ About Infosec News – 5/23/2022 appeared first on Black Hills Information Security.
最初播出于2022年5月23日本集中讨论的文章: 00:00-BHIS-Talkin’Bout [ infosec ] News 2022-05-2302:38-Story # 1-National bank troll hacker with dick pics-Story 06:59-Story # 2-Ransomware 黑客用鸡巴图片攻击国家银行- https://www.bleepingcomputer.com/News/security/National-bank-hit-by-Ransomware-trolls-hackers-with-dick-pics/06:59-Story # 2-勒索软件攻击暴露了500,000名芝加哥学生的数据-Https://www.bleepingcomputer.com/news/security/ransomware-attack-exposes-data-of-500-
2022年6月21日 05:10malware.news
Article Link: InfoSec Handlers Diary Blog - SANS Internet Storm Center
1 post - 1 participant
Read full topic
文章链接: InfoSec 处理者日记博客-SANS 互联网风暴中心
1名1职参与者
阅读完整主题
2022年6月21日 05:10malware.news
At the start of the global coronavirus pandemic, nearly everyone was forced to learn about the “supply chain.” Immediate stockpiling by an alarmed (and from a smaller share, opportunistic) public led to an almost overnight disappearance of hand sanitizer, bottled water, toilet paper, and face masks.
In time, those items returned to stores. But then a big ship got stuck in the Suez, and once again, we learned even more about the vulnerability of supply chains. They can handle little stress. They can be derailed with one major accident. They spread farther than we know.
While the calamity in the canal involved many lessons, there was another story in late 2020 that required careful study in cyberspace—an attack on the digital supply chain.
That year, attackers breached a network management tool called Orion, which is developed by the Texas-based company SolarWinds. Months before the attack was caught, the attackers swapped malicious code into a legitimately produced security update from SolarWinds. This malicio
2022年6月21日 05:10malware.news
Last week on Malwarebytes Labs:
Serious vulnerabilities found in ITarian software, patches available for SaaS products
Update Chrome now: Four high risk vulnerabilities found
Taking down the IP2Scam tech support campaign
Don’t panic! “Unpatchable” Mac vulnerability discovered
Introducing Malwarebytes Vulnerability Assessment for OneView: How to check for Common Vulnerabilities and Exposures (CVEs)
“Multiple adversaries” exploiting Confluence vulnerability, warns Microsoft
Instagram scam steals your selfies to trick your friends
Karakurt extortion group: Threat profile
Email compromise leads to healthcare data breach at Kaiser Permanente
It’s official, today you can say goodbye to Internet Explorer. Or can you?
Update now!  Microsoft patches Follina, and many other security updates
Firefox stops advertisers tracking you as you browse, calls itself the most “private and secure major browser”
Record breaking HTTPS DDoS attack
Stealthy Symbiote Linux malware is after financial institutions
Photos of kids taken fr
2022年6月21日 05:10malware.news
This blog was written by an independent guest blogger.
Stop, look, listen; lock, stock, and barrel; "Friends, Romans, Countrymen..." The 3 Little Pigs; Art has 3 primary colors; photography has the rule of thirds; the bands Rush and The Police; the movie The 3 Amigos. On and on it goes - "Omne trium perfectum" – “Everything that comes in threes is perfect.”
While this article doesn’t provide perfection, we’ll focus on the top three API vulnerabilities (according to OWASP). OWASP’s international standard is important to read because it’s not only developed by professionals worldwide, but it’s also read by the threat actors who will take advantage of those vulnerabilities.
OWASP determines the risk of APIs based on the level of the API vulnerability's Exploitability, Weakness Prevalence, Weakness Detectability, and Technical Impact. Therefore, the API Top 10 are in order of OWASP's own risk methodology. Their risk method doesn't consider the chance of materialization or the impact - that's left up to each busin
2022年6月21日 05:10malware.news
Introduction
When reports of a cyberattack appear in the headlines, questions abound regarding who launched it and why. Even if an attacker has what are to it perfectly rational reasons for conducting such an attack, these reasons are often known only to them. The rest of the world, including the victims of the attack, must often engage in some degree of speculation to explain the events and devise ways to protect themselves accordingly. Knowing the technical aspects of an attack may allow victims to build stronger defences, patch gaps and increase their cyber-resilience. This is why both policymakers and industry leaders are usually eager to have this knowledge as a possible ‘cure’ to mitigate or prevent such cyberattacks from happening again.
A constant challenge in such an endeavour is that the cyber context, in all its complexity and interconnectedness, remains a dark, unknown forest for many decision-makers. How then can they find out who was behind an attack and why?
Attribution of a cyberattack is not 
2022年6月21日 05:10malware.news
Bitdefender recently joined more than 26,000 attendees, 600 speakers and 400 exhibitors at the 2022 RSA Conference in San Francisco, the world’s leading information security conference. As cyber-attacks continue to grow in frequency and sophistication, the annual RSA Conference plays an important role in bringing together practitioners and experts from across the public and private sector to share the latest cybersecurity research, exchange perspectives, and demonstrate the industry’s leading technologies designed to address today’s security challenges.
Article Link: Exploring the Latest in Cybersecurity Technologies at the 2022 RSA Conference
1 post - 1 participant
Read full topic
2022年在旧金山举行的全球领先的信息安全会议—— RSA 大会(RSA Conference)最近吸引了2.6万多名与会者、600名演讲者和400多家参展商。随着网络攻击日趋频密和复杂,每年一度的网络安全研讨会发挥重要作用,汇聚来自公共和私营机构的从业员和专家,分享最新的网络安全研究成果,交流观点,并展示业界应对当今安全挑战的领先技术。
文章链接: 在2022年 RSA 会议上探索最新的网络安全技术
1名1职参与者
阅读完整主题
2022年6月21日 05:10malware.news
I am looking into a new sample of Android/Joker, reported on June 19, 2022 by @ReBensk:
afeb6efad25ed7bf1bc183c19ab5b59ccf799d46e620a5d1257d32669bedff6f
Android/Joker is known for using many payloads: a first payload loads another payload, which loads another one etc. Matryoshka dolls-style . See an analysis of a previous Joker sample. This sample uses many payloads too, but the implementation to load the payloads is a bit different. I’ll detail.
Medusa
I recently discovered Medusa and like it very much… for dynamic analysis (I still prefer static analysis, everybody knows that by now?). Medusa is easy to use and comes with a collection of ready-to-use Frida hooks. Launch an Android emulator, a Frida server, install the sample, then launch Medusa python3 medusa.py.
Select the hooks you want to use (search through hooks with the search command, then use to use a given hook, finally compile the list of hooks). Those are the hooks you need (I recently contributed to the last two hooks):
use http_communications/u
2022年6月21日 05:10malware.news
Microsoft has enabled a new privacy feature for Windows 11 that shows which apps access sensitive data or devices like the microphone.
Article Link: This new Windows 11 privacy feature shows when apps access your microphone, camera or location | ZDNet
1 post - 1 participant
Read full topic
微软为 Windows11启用了一个新的隐私功能,可以显示哪些应用程序访问敏感数据或麦克风等设备。
文章链接: 这个新的 Windows 11隐私功能显示当应用程序访问您的麦克风,相机或位置 | ZDNet
1名1职参与者
阅读完整主题
2022年6月21日 05:10malware.news
There are certain types of data that criminals target the most, according to an analysis of attacks.
Article Link: Ransomware attacks: This is the data that cyber criminals really want to steal | ZDNet
1 post - 1 participant
Read full topic
根据对攻击的分析,某些类型的数据是罪犯最容易攻击的目标。
文章链接: 勒索软件攻击: 这是网络罪犯真正想窃取的数据 | ZDNet
1名1职参与者
阅读完整主题
2022年6月21日 05:10malware.news
The BRATA Android banking trojan aims to gain a persistent foothold on a target’s network.
Article Link: This phone-wiping Android banking trojan is getting nastier | ZDNet
1 post - 1 participant
Read full topic
BRATA Android 银行木马的目的是在目标网络上获得一个持久的立足点。
文章链接: 这个手机擦除 Android 银行木马正变得更加肮脏 | ZDNet
1名1职参与者
阅读完整主题
2022年6月21日 05:10malware.news
Preventing escalation from initial access in your Active Directory (AD) environment to Domain Admins can feel impossible, especially after years of successful red team engagements finding new attack paths each time. While securing your critical assets is challenging, it is not impossible with the right approach.
This blog post provides a high-level explanation of how to implement security boundaries in an on-prem AD and Azure environment to protect your critical assets based on the principle of tiered administration, including how BloodHound Enterprise can help you in the process. Finally, we will cover how to organize your AD objects and Azure resources in a structure that reflects your security boundaries.
The blog post was produced as a collaboration between Teal and SpecterOps.
We recommend that you have a basic understanding of attack paths before reading this blog post, which you can gain from the first section of wald0’s deep dive into the subject: The Attack Path Management Manifesto.
Old and new Micr
2022年6月21日 05:09malware.news
Digital currency fraud is a growing issue on social media, and LinkedIn is no different. In fact, according to according to Sean Ragan, the FBI’s special agent in charge of the San Francisco and Sacramento, California, field offices, cryptocurrency scams are big business on LinkedIn.
“It’s a significant threat. This type of fraudulent activity is significant, and there are many potential victims, and there are many past and current victims.”
How cryptocurrency scams work on LinkedIn
Aspects of LinkedIn cryptocurrency scams share similar traits with fraud attempts on other platforms:
Someone messages you out of the blue. They begin with small talk, and eventually work their way up to cryptocurrency conversation. They claim that, yes, they can help you make big money from certain investments.
LinkedIn is generally seen as a trusted platform, reinforced by people’s perception as the go-to place for business related dealings. This is one advantage it has over less formal sites.
Victims are directed to genuine cry
2022年6月21日 05:09malware.news
Matthew Gatrel, a 33-year-old man from St. Charles, Illinois, has been sentenced to two years in prison for running websites that provide powerful distributed denial-of-service (DDoS) attacks against internet users and websites. This sentencing resulted in the seizure of his websites, making the internet a little safer from DDoS attacks.
Gatrel was the administrator and owner of DownThem.org and AmpNode.com, two DDoS-for-hire websites with thousands of clients which launched attacks against more than 200,000 targets. He was convicted of three charges, including conspiracy to commit unauthorized impairment of a protected computer, conspiracy to commit wire fraud, and unauthorized impairment of a protected computer.
“Gatrel ran a criminal enterprise designed around launching hundreds of thousands of cyberattacks on behalf of hundreds of customers,” prosecutors wrote in a sentencing memorandum. More from that memorandum:
“He also provided infrastructure and resources for other cybercriminals to run their own bus
2022年6月21日 05:09malware.news
Since March of 2022 we’ve seen a gradual uptick in Adobe Acrobat Reader processes attempting to query which security product DLLs are loaded into it by acquiring a handle of the DLL. The significant rise over the recent months caught our attention as it is very unusual behavior for Adobe.
Article Link: Does Acrobat Reader Unload Injection of Security Products?
1 post - 1 participant
Read full topic
自2022年3月以来,我们已经看到 Adobe Acrobat Reader 进程逐渐上升,它试图通过获取 DLL 的句柄来查询哪些安全产品 DLL 被加载到其中。最近几个月的显著上升引起了我们的注意,因为这对 Adobe 来说是非常不寻常的行为。
文章链接: Acrobat Reader 是否卸载安全产品注入?
1名1职参与者
阅读完整主题
2022年6月21日 05:09malware.news
<div> <div> <div> <div><h2>Systems Software Developer</h2>
Location Hanover (Germany) & San Gwann (Malta)
Apply now
<div><p>The Hornetsecurity Group is the leading cloud security provider in Europe, which protects the IT infrastructure, digital communication and data of companies and organizations of all sizes. Its services are provided worldwide via 11 redundantly secured data centers. The product portfolio covers all important areas of email security, including spam and virus filters, legally compliant archiving and encryption, as well as defense against CEO fraud and ransomware. With more than 350 employees, the Hornetsecurity Group is represented globally at several locations and operates in more than 30 countries through its international distribution network. The premium services are used by approximately 50,000 customers including Swisscom, Telefónica, KONICA MINOLTA, LVM Versicherung and CLAAS.</p>
For our locations in San Gwann (Malta) or Hanover (Germany) we are looking for a motivated Systems Softw
2022年6月21日 05:09malware.news
<div> <div> <div> <div><h2>Systems Software Developer</h2>
Location Hanover (Germany) & San Gwann (Malta)
Apply now
<div><p>The Hornetsecurity Group is the leading cloud security provider in Europe, which protects the IT infrastructure, digital communication and data of companies and organizations of all sizes. Its services are provided worldwide via 11 redundantly secured data centers. The product portfolio covers all important areas of email security, including spam and virus filters, legally compliant archiving and encryption, as well as defense against CEO fraud and ransomware. With more than 350 employees, the Hornetsecurity Group is represented globally at several locations and operates in more than 30 countries through its international distribution network. The premium services are used by approximately 50,000 customers including Swisscom, Telefónica, KONICA MINOLTA, LVM Versicherung and CLAAS.</p>
For our locations in San Gwann (Malta) or Hanover (Germany) we are looking for a motivated Systems Softw
2022年6月21日 05:09malware.news
Going on vacation has never been more talked about and anticipated. I mean—for many of us, it’s been a while.
But before you get lost in dreamy thoughts of sun, sea, and sand, you might want to set aside some time to plan on how to keep your devices, and your data, safe while you are relaxing
Your devices need some prepping, too
Before anything else, know which devices you’ll bring and which ones you’ll leave at home. Then make backups of the files in them.
This is also the perfect time to look deeper into what’s on your devices, especially if you haven’t done any spring cleaning due to busyness. So update those apps that need updating and uninstall those that waste space; scan your devices with a trusty malware scanner, and change any duplicate passwords. Then follow these tips:
7 security and privacy tips that fit in your pocket
Ensure your devices have the “Find My Device” feature enabled. This feature isn’t just limited to Apple products, and can really help if you lose your device. You can remotely wipe 
2022年6月21日 05:09malware.news
<div> <div> <div> <div><h2><strong>Technical Support Specialist<br /></strong></h2>
San Gwann (Malta)
Apply now
<div><p>The Hornetsecurity Group is the leading cloud security provider in Europe, which protects the IT infrastructure, digital communication and data of companies and organizations of all sizes. Its services are provided worldwide via 11 redundantly secured data centers. The product portfolio covers all important areas of email security, including spam and virus filters, legally compliant archiving and encryption, as well as defense against CEO fraud and ransomware. With more than 350 employees, the Hornetsecurity Group is represented globally at several locations and operates in more than 30 countries through its international distribution network. The premium services are used by approximately 50,000 customers including Swisscom, Telefónica, KONICA MINOLTA, LVM Versicherung and CLAAS.</p>
For our location in San Gwann (Malta) we are looking for a motivated Technical Support Specialist for 40 hou
2022年6月21日 05:09malware.news
The RSOCKS proxy service was built on a network of millions of compromised Internet of Things devices.
Article Link: US disrupts Russian botnet that 'hacked millions of devices' | ZDNet
1 post - 1 participant
Read full topic
RSOCKS 代理服务是建立在一个由数以百万计的物联网设备组成的网络上的。
文章链接: 美国扰乱俄罗斯僵尸网络,“黑客数以百万计的设备”| ZDNet
1名1职参与者
阅读完整主题
2022年6月21日 05:09malware.news
For the latest discoveries in cyber research for the week of 20th June, please download our Threat Intelligence Bulletin.
Top Attacks and Breaches
Check Point Research has exposed an Iranian spear-phishing operation targeting high profile Israeli and US executives. As part of their operations, the attackers take over existing accounts of the executives and create impersonating accounts to lure their targets into long email conversations. The operation aims at stealing personal information, passport scans, and access to email accounts.
CERT Ukraine has issued a warning concerning Russian hackers, possibly the state-sponsored APT group Sandworm, launching attacks exploiting the Follina critical vulnerability (CVE-2022-30190) in Microsoft Windows Support Diagnostic Tool. The campaign leverages malicious emails with DOCX attachments targeting media and news outlets in Ukraine.
Check Point IPS, Threat Emulation and Harmony Endpoint provide protection against this threat (Microsoft Support Diagnostic Tool Remote Co
2022年6月21日 05:09malware.news
TCP Fast Open (TFO) is a relatively new TCP feature. The corresponding RFC7413 was published in 2014 and labeled “Experimental” [1]. The feature has been showing up in browsers and operating systems in the last couple of years. In particular, together with TLS 1.3, it can significantly decrease the time it takes to set up a connection.
Article Link: InfoSec Handlers Diary Blog - SANS Internet Storm Center
1 post - 1 participant
Read full topic
TCP 快速开放(TFO)是一个相对较新的 TCP 特性。相应的 RFC7413于2014年发表,标签为“实验”[1]。在过去的几年里,这个功能已经出现在浏览器和操作系统中。特别是,与 TLS 1.3一起,它可以显著减少建立连接所需的时间。
文章链接: InfoSec 处理者日记博客-SANS 互联网风暴中心
1名1职参与者
阅读完整主题
2022年6月21日 05:09malware.news
There’s still a perception that the most successful computer scientists learn programming at a young age, study engineering at a top school, and then get a software development job right out of college. While that’s how many people enter the field, it’s not the only path. Microsoft Software Engineer Rebecca Nzioki is living proof. She started out studying business but switched disciplines because she found IT more interesting. She decided to switch disciplines again after she started working and discovered a passion for solving customer problems. She then dedicated herself to learning how to code so she could find permanent fixes to issues that were frustrating the customers she supported.
In my experience, no matter what path they followed in the field of computer science, the best engineers are those who, like Rebecca, focus on solving problems for customers and making sure their experience just gets better and better. There’s no reason to think that, just because you weren’t a “child genius” who already kn
2022年6月21日 05:09malware.news
How crypto mixers, also known as crypto tumblers, are used to obscure the trail of digital money
The post Crypto mixers: What are they and how are they used? appeared first on WeLiveSecurity
Article Link: Crypto mixers: What are they and how are they used? | WeLiveSecurity
1 post - 1 participant
Read full topic
如何加密混合器,也被称为加密玻璃杯,是用来掩盖数字货币的踪迹
后加密混频器: 它们是什么以及如何使用它们? 首先出现在 WeLiveSecurity 上
文章链接: 加密混合器: 它们是什么,如何使用? | WeLiveSecurity
1名1职参与者
阅读完整主题
2022年6月21日 05:09malware.news
Not everything in a function is equally important. Sometimes, especially with large functions, you want a way to hide all that extra conditional cruft so you can focus on just the execution path that matters to you. Enter Tantō: a brand-new official plugin for Binary Ninja that splits functions into smaller chunks (or “slices”) to help you understand functions faster.
What’s a slice?
Slices, for our purposes, are similar to function traces, but broader in context: they need not represent a single linear flow of instructions, a real instruction path, or even contain all the instructions in a similar execution trace.
Tantō provides two types of function slices: block slices and variable slices.
A block slice is the combined graph of all traces through a function that reach a given basic block. A variable slice is similar, but takes some extra state into account. We’ll cover block slices first as they provide a simpler illustration of what Tantō is doing.
Block slices
I’ll be using Bash version 5.0.0(1) (, ) for
2022年6月21日 03:35CXSECURITY Database RSS Feed -
Topic: Gentics CMS 5.36.29 Cross Site Scripting / Deserialization Risk: High Text:SEC Consult Vulnerability Lab Security Advisory < 20220608-0 > == title: Stored Cross-S...
讲题: 遗传学 CMS 5.36.29跨网站脚本/反序列化风险: 高风险: 证券交易委员会咨询脆弱性实验室安全咨询 < 20220608-0 > = = 标题: 存储交叉-S..。
2022年6月21日 03:35CXSECURITY Database RSS Feed -
Topic: WordPress Ninja Forms Code Injection Risk: High Text:On June 16, 2022, the Wordfence Threat Intelligence team noticed a back-ported security update in Ninja Forms, a WordPress plug...
主题: WordPress Ninja Forms 代码注入风险: 高风险文本: 2022年6月16日,Wordence Threat 智能团队注意到了一个 Ninja Forms 的后端安全更新,一个 WordPress 插件..。
2022年6月21日 03:35CXSECURITY Database RSS Feed -
Topic: SoftGuard SNMP Network Management Extension HTML Injection / File Download Risk: High Text:SEC Consult Vulnerability Lab Security Advisory < 20220609-0 > == title: Multiple vulne...
主题: SoftGuard SNMP 网络管理扩展 HTML 注入/文件下载风险: 高风险: SEC 咨询漏洞实验室安全咨询 < 20220609-0 > = = 标题: 多漏洞..。
2022年6月21日 03:35CXSECURITY Database RSS Feed -
Topic: Verbatim Executive Fingerprint Secure SSD GDMSFE01-INI3637-C VER1.1 Missing Trust Risk: High Text:Advisory ID: SYSS-2022-011 Product: Executive Fingerprint Secure SSD Manufacturer: ...
讲题: 逐字逐句执行指纹安全 SSD GDMSFE01-INI3637-C VER1.1缺少信任风险: 高文本: 咨询 ID: SYSS-2022-011产品: 执行指纹安全 SSD 制造商: ..。
2022年6月21日 03:35CXSECURITY Database RSS Feed -
Topic: Verbatim Fingerprint Secure Portable Hard Drive Insufficient Verification Risk: Low Text:Advisory ID: SYSS-2022-017 Product: Fingerprint Secure Portable Hard Drive Manufacturer: ...
主题: 逐字指纹安全便携硬盘驱动器验证风险不足: 低文本: 建议 ID: SYSS-2022-017产品: 指纹安全便携硬盘驱动器制造商: ..。
2022年6月21日 03:35CXSECURITY Database RSS Feed -
Topic: Pandora FMS 7.0NG.742 Remote Code Execution Risk: High Text:# Exploit Title: Pandora FMS v7.0NG.742 - Remote Code Execution (RCE) (Authenticated) # Date: 05/20/2022 # Exploit Author: UN...
2022年6月21日 03:35CXSECURITY Database RSS Feed -
Topic: Verbatim Store N Go Secure Portable HDD GD25LK01-3637-C VER4.0 Behavior Violation Risk: Low Text:Advisory ID: SYSS-2022-008 Product: Store 'n' Go Secure Portable HDD Manufacturer: ...
主题: 逐字存储 N 去安全便携硬盘 GD25LK01-3637-C VER4.0行为违反风险: 低文本: 咨询 ID: SYSS-2022-008产品: 存储 n 去安全便携硬盘制造商: ..。
2022年6月21日 03:35CXSECURITY Database RSS Feed -
Topic: Old Age Home Management System 1.0 SQL Injection Risk: Medium Text:# Exploit Title: Old Age Home Management System 1.0 - SQLi Authentication Bypass # Date: 12/06/2022 # Exploit Author: twsepti...
2022年6月21日 03:35CXSECURITY Database RSS Feed -
Topic: phpIPAM 1.4.5 Remote Code Execution Risk: High Text:# Exploit Title: phpIPAM 1.4.5 - Remote Code Execution (RCE) (Authenticated) # Date: 2022-04-10 # Exploit Author: Guilherme '...
2022年6月21日 03:35CXSECURITY Database RSS Feed -
Topic: Nexans FTTO GigaSwitch Outdated Components / Hardcoded Backdoor Risk: Medium Text:SEC Consult Vulnerability Lab Security Advisory < 20220615-0 > == title: Hardcoded Back...
题目: Nexans FTTO GigaSwitch 过时组件/硬编码后门风险: 中级文本: SEC 咨询漏洞实验室安全咨询 < 20220615-0 > = = 标题: 硬编码后门..。
2022年6月21日 03:35CXSECURITY Database RSS Feed -
Topic: SolarView Compact 6.00 Cross Site Scripting Risk: Low Text:# Exploit Title: SolarView Compact 6.00 - 'time_begin' Cross-Site Scripting (XSS) # Date: 2022-05-15 # Exploit Author: Ahmed ...
2022年6月21日 03:35CXSECURITY Database RSS Feed -
Topic: Mitel 6800/6900 Series SIP Phones Backdoor Access Risk: Medium Text: --BEGIN PGP SIGNED MESSAGE -- Hash: SHA512 Advisory ID: SYSS-2022-021 Product: Mitel 6800...
讲题: Mitel 6800/6900系列 SIP 电话后门访问风险: 中等文本: —— BEGIN PGP 签名消息—— Hash: SHA512咨询 ID: SYSS-2022-021产品: Mitel 6800..。
2022年6月21日 03:35CXSECURITY Database RSS Feed -
Topic: Chrome CVE-2022-1096 Incomplete Fix Risk: High Text:Chrome: Incomplete fix for CVE-2022-1096 VULNERABILITY DETAILS The fix for https://crbug.com/1309225 has modified `SetPrope...
主题: Chrome cve-2022-1096不完全修复风险: 高文本: Chrome: cve-2022-1096漏洞的不完全修复细节针对 https://crbug.com/1309225的修复已经修改了“ SetPrope..。
2022年6月21日 03:35CXSECURITY Database RSS Feed -
Topic: Lepin EP-KP001 KP001_V19 Authentication Bypass Risk: Medium Text:Advisory ID: SYSS-2022-024 Product: EP-KP001 Manufacturer: Lepin Affected Versi...
讲题: Lepin EP-KP001 KP001 _ V19身份验证旁路风险: 中等文本: 咨询 ID: SYSS-2022-024产品: EP-KP001制造商: Lepin Affected Versi..。
2022年6月21日 03:35CXSECURITY Database RSS Feed -
Topic: Marval MSM 14.19.0.12476 Remote Code Execution Risk: High Text:# Exploit Title: Marval MSM v14.19.0.12476 - Remote Code Execution (RCE) (Authenticated) # Date: 27/5/2022 # Exploit Author: ...
2022年6月21日 03:35CXSECURITY Database RSS Feed -
Topic: Kitty 0.76.0.8 Stack Buffer Overflow Risk: High Text:# Exploit Title: Kitty 0.76.0.8 Stack Buffer Overflow # Discovered by: Yehia Elghaly # Discovered Date: 2022-06-08 # Vendor ...
主题: Kitty 0.76.0。8堆栈缓冲区溢出风险: 高文本: # 开发标题: Kitty 0.76.0。8堆栈缓冲区溢出 # 发现者: Yehia Elghaly # 发现日期: 2022-06.08 # 供应商..。
2022年6月21日 03:35CXSECURITY Database RSS Feed -
Topic: Warehouse Management System 2022 SQL Injection Risk: Medium Text:## Title: Warehouse Management System 2022 ML-SQLi ## Author: nu11secur1ty ## Date: 06.13.2022 ## Vendor: https://www.source...
主题: 仓库管理系统2022 SQL 注入风险: 中等文本: # # 标题: 仓库管理系统2022 ML-SQLi # # 作者: nu11secur1ty # # 日期: 06.13.2022 # # 供应商:  https://www.source  ..。
2022年6月21日 03:35CXSECURITY Database RSS Feed -
Topic: ChurchCRM 4.4.5 SQL Injection Risk: Medium Text:## Title: ChurchCRM 4.4.5 SQLi session hijacking L2 ## Author: nu11secur1ty ## Date: 05.11.2022 ## Vendor: https://churchcrm...
2022年6月21日 03:35CXSECURITY Database RSS Feed -
Topic: JM-DATA ONU JF511-TV 1.0.67 / 1.0.62 / 1.0.55 XSS / CSRF / Open Redirect Risk: Medium Text:JM-DATA ONU JF511-TV Multiple Remote Vulnerabilities Vendor: JM-DATA GmbH Product web page: https://www.jm-data.at Affec...
主题: JM-dATA ONU jf511-TV 1.0.67/1.0.62/1.0.55 XSS/CSRF/Open Redirect Risk: Medium Text: JM-dATA ONU jf511-TV multiRemote 漏洞供应商: JM-dATA 有限公司产品网页:  https://www.JM-DATA.at 影响..。
2022年6月21日 03:35CXSECURITY Database RSS Feed -
Topic: WSO2 Management Console XML Injection Risk: Medium Text:XML External Entity (XXE) vulnerability in the WSO2 Management Console I. VULNERABILITY - XML External Entity (XXE...
主题: WSO2管理控制台 XML 注入风险: 中等文本: WSO2管理控制台中的 XML 外部实体(XXE)漏洞 I. VULNERABILITY-XML 外部实体(XXE..。
2022年6月21日 03:35CXSECURITY Database RSS Feed -
Topic: Virtua Software Cobranca 12S SQL Injection Risk: Medium Text:# Exploit Title: Virtua Software Cobranca 12S - SQLi # Shodan Query: http.favicon.hash:876876147 # Date: 13/08/2021 # Exploi...
主题: Virtua Software Cobranca 12S SQL 注入风险: 中等文本: # 开发标题: Virtua Software Cobranca 12S-SQLi # Shodan Query: http.Favicon.hash: 876876147 # Date: 13/08/2021 # 开发..。
2022年6月21日 03:35CXSECURITY Database RSS Feed -
Topic: Marval MSM 14.19.0.12476 Cross Site Request Forgery Risk: Low Text:# Exploit Title: Marval MSM v14.19.0.12476 - Cross-Site Request Forgery (CSRF) # Date: 27/5/2022 # Exploit Author: Momen Elda...