国际ERP软件大厂云泄露超7亿条记录,内含密钥等敏感信息
包括访问令牌、API密钥、密钥、银行账号等敏感信息。
Aggregator
Huge Increase in Scanning for CVE-2017-9841 With Large Variability in Scanning Infrastructure
1 year 8 months ago
The rather old CVE-2017-9841, an RCE in PHPUnit, suddenly jumps to the top of our list, with an increase of nearly 400% since last month. We dig into the scanning infrastructure.
Huge Increase in Scanning for CVE-2017-9841 With Large Variability in Scanning Infrastructure
1 year 8 months ago
The rather old CVE-2017-9841, an RCE in PHPUnit, suddenly jumps to the top of our list, with an increase of nearly 400% since last month. We dig into the scanning infrastructure.
Huge Increase in Scanning for CVE-2017-9841 With Large Variability in Scanning Infrastructure
1 year 8 months ago
The rather old CVE-2017-9841, an RCE in PHPUnit, suddenly jumps to the top of our list, with an increase of nearly 400% since last month. We dig into the scanning infrastructure.
【0725】重保演习每日情报汇总
1 year 8 months ago
每日更新当天鲜活情报和热点漏洞
BSRC 2024 年中总结报告
1 year 8 months ago
凯歌而行,不以山海为远;乘势而上,不以日月为限。随着2024年上半年的结束,我们迎来了回顾与总结的时刻!
微步云沙箱送上一大波高频IOC
1 year 8 months ago
每逢“佳节”倍思亲,思的什么亲?蓝队的父老乡亲!
Meta Removes 63,000 Instagram Accounts Linked to Nigerian Sextortion Scams
1 year 8 months ago
Meta Platforms on Wednesday said it took steps to remove around 63,000 Instagram accounts in Nigeria that were found to target people with financial sextortion scams.
"These included a smaller coordinated network of around 2,500 accounts that we were able to link to a group of around 20 individuals," the company said. "They targeted primarily adult men in the U.S. and used fake accounts to mask
The Hacker News
Webinar: Securing the Modern Workspace: What Enterprises MUST Know about Enterprise Browser Security
1 year 8 months ago
The browser is the nerve center of the modern workspace. Ironically, however, the browser is also one of the least protected threat surfaces of the modern enterprise. Traditional security tools provide little protection against browser-based threats, leaving organizations exposed. Modern cybersecurity requires a new approach based on the protection of the browser itself, which offers both
The Hacker News
一步步斩获大厂offer!内核驱动高级班:算法+内核+安全
1 year 8 months ago
3月10日起,每周日13点~18点直播授课
CrowdStrike将微软蓝屏故障归咎于验证不足,承诺改进
1 year 8 months ago
CrowdStrike的首席安全官Shawn Henry表示:“我们多年来在点滴中建立的信心在几个小时内就消失得无影无踪,这是一次沉重的打击。”
一次诈骗APP的逆向分析
1 year 8 months ago
看雪论坛作者ID:touful
重保战报20240725|重视高温补贴相关主题钓鱼文件
1 year 8 months ago
[握手]回复口令:“一草一木皆是兵”,获取今日最新情报!
[太阳]tips强烈推荐 :https://tix.qq.com
- 高阶版免费体验:查询额度权益
- 每日最新封禁IOC获取
- 专家IP鉴定分析权限
重保战报20240725|重视高温补贴相关主题钓鱼文件
1 year 8 months ago
[握手]回复口令:“一草一木皆是兵”,获取今日最新情报!
[太阳]tips强烈推荐 :https://tix.qq.com
- 高阶版免费体验:查询额度权益
- 每日最新封建IOC获取
- 专家IP鉴定分析权限
安全419企业探营 | 走进微步在线
1 year 8 months ago
“微软蓝屏”事件引发对我国关键信息基础设施安全保护的思考
1 year 8 months ago
Thread Name-Calling – using Thread Name for offense
1 year 8 months ago
Research by: hasherezade Highlights: Introduction Process injection is one of the important techniques used by attackers. We can find its variants implemented in almost every malware. It serves purposes such as: Due to the fact that interference in the memory of a process by malicious modules can cause a lot of damage, all sorts of AV […]
The post Thread Name-Calling – using Thread Name for offense appeared first on Check Point Research.
Malware Attacks Surge 30% in First Half of 2024
1 year 8 months ago
SonicWall observed a surge in malware attacks in H1 2024, with strains becoming more adept at defense evasion
金融欺诈手段持续升级,威胁猎人信贷反欺诈产品助力识别金融欺诈风险
1 year 8 months ago
从最新欺诈风险感知、业务/风控策略指引、到恶意贷款群体定位,构建信贷反欺诈闭环
多个俄罗斯网络攻击组织针对法国巴黎展开攻击,可能跟随后的奥运会有关——每周威胁情报动态第185期(07.19-07.25)
1 year 8 months ago
APT组织Lazarus 在Rootkit(获取内核权限)攻击中使用了微软的0day漏洞;APT组织Kimsuky利用软件公司产品安装程序进行伪装展开攻击;NoName057(16)组织DDoSia项目持续更新;