Posts of last 24 hours
本文记录了 HackTheBox 靶机 OneTwoSeven 的完整渗透过程。攻击链从端口扫描与 Web 信息搜集开始,发现目标开放 SSH、HTTP 以及仅允许本地访问的 60080 管理端口。随后利用 SFTP 提供的软链接功能绕过目录限制,读取系统敏感文件与 Vim swap 文件,恢复后台登录源码并获得管理员凭据。通过 SSH 本地端口转发访问内部管理后台后,进一步分析插件管理逻辑,利用
https://xz.aliyun.com/news/92288
本篇文章完整解析了黄河流域全部逆向题目,涉及的考点包括手动脱壳,控制流劫持,父子进程 ptrace,花指令混淆,python VM,HarmonyOS逆向 ArkTS + NAPI
https://xz.aliyun.com/news/92292
NETSCOUT is proud to announce that multiple solutions have earned Leader badges in the G2 Summer 2026 Grid Reports. These recognitions reflect continued customer confidence in NETSCOUT’s ability to help organizations protect, assure, and optimize the complex digital environments their businesses depend on every day. G2...
https://www.netscout.com/blog/netscout-earns-six-leader-badges-g2-summer-2026-grid-reports
American insurance giant Aflac has disclosed a new data breach after attackers breached its Japan subsidiary's systems and stole personal and bank account information. [...]
https://www.bleepingcomputer.com/news/security/insurance-giant-aflac-discloses-data-breach-after-subsidiary-hack/
Microsoft has introduced a new Teams admin policy that allows organizers to prevent third-party bots from joining meetings without approval. [...]
https://www.bleepingcomputer.com/news/microsoft/mircosoft-adds-smarter-bot-protection-to-teams-meetings/
For a US automotive manufacturer working with more than 200 active vendors, supplier file intake had become a growing security and cost challenge. Suspicious submissions often reached the SOC without enough context, forcing Tier 1 analysts to escalate most cases and slowing detection and response across the business. By introducing a scalable triage and analysis process […]
The post Closing the Supplier Security Gap: How a US Manufacturer Cut Third-Party Risk and Doubled SOC Triage Speed appeared first on ANY.RUN's Cybersecurity Blog.
https://any.run/cybersecurity-blog/us-manufacturer-security-risk/
自研LangGraph漏洞挖掘工作流
https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458617129&idx=3&sn=18432103dc762bac8fda66d695a25548
苹果紧急修复多项系统漏洞
https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458617129&idx=2&sn=ca52e8ec86fbf0d7444c639939e4b1c7
看雪论坛作者ID:r8e8cd8
https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458617129&idx=1&sn=2d02e4eeb41fbfddfd1c3d4438f42582
Kali Linux 2026.2, the second release of the year, is now available for download, featuring 9 new tools and numerous Kali NetHunter improvements. [...]
https://www.bleepingcomputer.com/news/linux/kali-linux-20262-released-with-9-new-tools-nethunter-updates/