海莲花APT钓鱼样本分析-上
#恶意软件分析 #APT #海莲花APT组织
海莲花APT钓鱼样本分析-上
微步近日发的海莲花APT攻击样本,利用了一个vs的漏洞,然后在样本层和流量层都使用了相关的免杀手法。
研究了一下漏洞poc源代码,巧妙的利用了vs的一个反序列化加载机制漏洞,攻击活动从10-11月或者更早就开始了,poc是半年前放岀来的
Aggregator
海莲花APT钓鱼样本分析-上
1 year 5 months ago
Daily Dose of Dark Web Informer - January 8th, 2025
1 year 5 months ago
This daily article is intended to make it easier for those who want to stay updated with my regular Dark Web Informer and X/Twitter posts.
Dark Web Informer - Cyber Threat Intelligence
ALPC 之殇 - 8月未知 Windows 在野提权 Nday 漏洞研究
1 year 5 months ago
近期,我们发现一个未知 Windows 在野提权 Nday 漏洞样本,该漏洞样最早被上传时只有6个查杀。经过分析确认该漏洞应该是在八月的微软补丁中被修复,是一个被修复的未知nday利用。本文对该漏洞及漏洞样本进行了详细分析。
ALPC 之殇 - 8月未知 Windows 在野提权 Nday 漏洞研究
1 year 5 months ago
综述该漏洞样本为前段时间奇安信威胁情报中心日常在野漏洞监控运营经发现,其最早被上传时只有6个查杀。经过分析确认该漏洞应该是在八月的微软补丁中被修复,是一个被修复的未知nday利用,运行的具体效果如下所
威努特零信任终端沙箱:守护政务外网终端数据安全
1 year 5 months ago
构建安全政务环境,满足政务外网“一机两用”要求。
威努特零信任终端沙箱:守护政务外网终端数据安全
1 year 5 months ago
当前政务外网安全现状政务网络具有大规模、分布式、复杂多样的特点,涉及到政府、企事业单位和公众等多个主体。政务外网作为政府的业务专网,主要运行政务部门面向社会的专业性业务和不需要在内网上运行的业务,其安
Abandoned Backdoors: How Malicious Infrastructure Lives On
1 year 5 months ago
Studying Backdoors in Web Shells, Researchers Find 4,000 Infected Systems
How many servers are infected by web shells designed to give attackers remote access to systems, but now "phone home" to malicious infrastructure that's now abandoned or expired? Security researchers who posed that question have counted 4,000 such systems, including in government and education.
How many servers are infected by web shells designed to give attackers remote access to systems, but now "phone home" to malicious infrastructure that's now abandoned or expired? Security researchers who posed that question have counted 4,000 such systems, including in government and education.
Meta's Fact-Checking Pull Back to Could Help Scammers Thrive
1 year 5 months ago
Facebook Unveils Community Notes Program But Has Done Little to Curb Fraud
Meta has decided to end its fact-checking program. Meta CEO Mark Zuckerberg announced significant changes to the company's moderation policies and practices on Tuesday, attributing the shift to a renewed commitment to free speech. Some fear the move will embolden financial scammers.
Meta has decided to end its fact-checking program. Meta CEO Mark Zuckerberg announced significant changes to the company's moderation policies and practices on Tuesday, attributing the shift to a renewed commitment to free speech. Some fear the move will embolden financial scammers.
High-Paying Security Career: Choosing a Path, Getting There
1 year 5 months ago
Know the Challenges and Opportunities of Working as a CISO, Architect or Pen Tester
Cybersecurity jobs typically pay well and they can be personally rewarding because they merge advanced technical challenges with a vital mission - protecting critical systems, data and people. In this post, we'll focus on the highest-paying jobs and the challenges and opportunities they offer.
Cybersecurity jobs typically pay well and they can be personally rewarding because they merge advanced technical challenges with a vital mission - protecting critical systems, data and people. In this post, we'll focus on the highest-paying jobs and the challenges and opportunities they offer.
Live Webinar | Enhancing SecOps Efficiency: How to Bridge IT and OT Threat Detection & Response Against Threats like VOLTZITE
1 year 5 months ago
Live Webinar | AI in the Spotlight: Exploring the Future of AppSec Evolution
1 year 5 months ago
Cymulate Expands Exposure Management with Cync Secure Deal
1 year 5 months ago
Cync Acquisition Bolsters Exposure Validation Through Advanced Offensive Expertise
Cymulate’s acquisition of Cync Secure enhances its ability to bridge vulnerability identification and resolution. The deal integrates Cync offensive capabilities, creating a next-gen exposure prioritization platform to tackle vulnerabilities effectively and address unmet market demands.
Cymulate’s acquisition of Cync Secure enhances its ability to bridge vulnerability identification and resolution. The deal integrates Cync offensive capabilities, creating a next-gen exposure prioritization platform to tackle vulnerabilities effectively and address unmet market demands.
European Court Fines European Commission for Privacy Violation
1 year 5 months ago
Transfer of German Man's IP Address Wins Him 400 Euros
European privacy regulation - bane of American technology companies and a favorite cudgel of activists - came to haunt no less an organization than the European Commission, which must pay 400 euros to aggrieved German national Thomas Bindl, peeved that Facebook obtained his IP address.
European privacy regulation - bane of American technology companies and a favorite cudgel of activists - came to haunt no less an organization than the European Commission, which must pay 400 euros to aggrieved German national Thomas Bindl, peeved that Facebook obtained his IP address.
UN Cybercrime Treaty Faces Longs Odds to US Passage
1 year 5 months ago
US Senate Unlikely to Ratify Contentious Cybercrime Treaty Amid Mounting Concerns
Experts tell Information Security Media Group that a controversial United Nations cybercrime convention is unlikely to be ratified in the U.S. Senate due to mounting concerns from technology, human rights, and privacy advocates over its potential impact on internet security and privacy protections.
Experts tell Information Security Media Group that a controversial United Nations cybercrime convention is unlikely to be ratified in the U.S. Senate due to mounting concerns from technology, human rights, and privacy advocates over its potential impact on internet security and privacy protections.
White House Launches US Cyber Trust Mark for IoT Devices
1 year 5 months ago
Biden Administration Hopes Good Cybersecurity Is Also Good Marketing
The Biden administration Tuesday launched a cybersecurity labeling program for IoT devices aimed to help consumers choose smart devices that offer enhanced protections against hacking. Eligible products include wireless IoT devices such as fitness trackers, smart appliances and garage door openers.
The Biden administration Tuesday launched a cybersecurity labeling program for IoT devices aimed to help consumers choose smart devices that offer enhanced protections against hacking. Eligible products include wireless IoT devices such as fitness trackers, smart appliances and garage door openers.
Abandoned Backdoors: How Malicious Infrastructure Lives On
1 year 5 months ago
Studying Backdoors in Web Shells, Researchers Find 4,000 Infected Systems
How many servers are infected by web shells designed to give attackers remote access to systems, but now "phone home" to malicious infrastructure that's now abandoned or expired? Security researchers who posed that question have counted 4,000 such systems, including in government and education.
How many servers are infected by web shells designed to give attackers remote access to systems, but now "phone home" to malicious infrastructure that's now abandoned or expired? Security researchers who posed that question have counted 4,000 such systems, including in government and education.
Meta's Fact-Checking Pull Back to Could Help Scammers Thrive
1 year 5 months ago
Facebook Unveils Community Notes Program But Has Done Little to Curb Fraud
Meta has decided to end its fact-checking program. Meta CEO Mark Zuckerberg announced significant changes to the company's moderation policies and practices on Tuesday, attributing the shift to a renewed commitment to free speech. Some fear the move will embolden financial scammers.
Meta has decided to end its fact-checking program. Meta CEO Mark Zuckerberg announced significant changes to the company's moderation policies and practices on Tuesday, attributing the shift to a renewed commitment to free speech. Some fear the move will embolden financial scammers.
High-Paying Security Career: Choosing a Path, Getting There
1 year 5 months ago
Know the Challenges and Opportunities of Working as a CISO, Architect or Pen Tester
Cybersecurity jobs typically pay well and they can be personally rewarding because they merge advanced technical challenges with a vital mission - protecting critical systems, data and people. In this post, we'll focus on the highest-paying jobs and the challenges and opportunities they offer.
Cybersecurity jobs typically pay well and they can be personally rewarding because they merge advanced technical challenges with a vital mission - protecting critical systems, data and people. In this post, we'll focus on the highest-paying jobs and the challenges and opportunities they offer.
Live Webinar | Guess Who’s Back? Exploring the Use of Canaries for Threat Deception in the Cloud
1 year 5 months ago