Aggregator

文章描述了错误代码521的含义及其常见原因，并提供了相应的解决方法和预防措施。

作者：Orange Tsai 译者：知道创宇404实验室翻译组 原文链接：https://phrack.org/issues/72/5_md#article 序言 我们一生都在扮演不同的角色。我很幸运早早发现了我的热情所在——更幸运的是，还能靠它谋生。在成为全职黑客之前，我也是一个制造麻烦的脚本小子，一个渴望更大刺激的年轻人，以及追逐更高赏金的漏洞猎人。而现在，我终于可以自豪地称自己为“黑客...

作者：mr_me 译者：知道创宇404实验室翻译组 原文链接：https://phrack.org/issues/72/6_md#article 0. Journey 在对源代码进行多次长时间审计的过程中，一款安全设备引起了我的注意。它运行着一些过时的、糟糕的 PHP 代码，让我想起了那些……嗯，算了。 这款设备曾多次被审计，这吸引了我，因为我个人喜欢在复杂的网络环境中寻找漏洞的挑战。这意味...

作者：Saber, cyb0rg 译者：知道创宇404实验室翻译组 原文链接：https://phrack.org/issues/72/7_md#article 0. 引言 本文分析了一个APT（高级持续性威胁）工作站的数据转储。特别是从一个积极针对韩国和台湾组织的威胁行为者的工作站中检索到的数据和源代码。 我们相信这是朝鲜“Kimsuky”组织的一名成员[#14]。 “Kimsuky是一...

Ex-developer jailed 4 years for sabotaging Ohio employer with kill-switch malware that locked employees out after his account was disabled. Ex-developer Davis Lu (55) was sentenced to 4 years for sabotaging Ohio employer with kill-switch malware that locked staff out after his account was disabled. The Chinese national was also sentenced to three years of […]

前开发人员因破坏雇主系统被判处四年监禁。他部署恶意软件，在账户被禁用时触发“kill switch”，导致数千名用户无法登录，并删除数据造成巨大损失。

Authorities in Africa have arrested 1,209 people in an Interpol-led crackdown on cybercrime that targeted nearly 88,000 victims. 11,432 malicious infrastructures were dismantled during Operation Serengeti 2025 (Source: Interpol) Operation Serengeti 2.0 The operation, which ran from June to August 2025, recovered $97.4 million and shut down 11,432 malicious online systems. Called Operation Serengeti 2.0, the effort brought together investigators from 18 African nations and the United Kingdom. It focused on serious cybercrimes such as … More →

The post Interpol operation seizes $97 million in African cybercrime sweep appeared first on Help Net Security.

Palo Alto Networks CEO Nikesh Arora has sounded the alarm over the dawn of a new wave of “browser wars.” Speaking during the company’s Q4 2025 earnings call, he observed that Microsoft, Google, OpenAI,...

The post A New “Browser War” Is Coming: How AI Agents Are Reshaping Cybersecurity appeared first on Penetration Testing Tools.

Hunt.io发现并分析了ERMAC的PHP命令与控制（C2）后端、React前端面板、基于Go语言的数据窃取服务器、Kotlin后门，以及用于生成定制化木马化APK的生成器面板。

检测业务是否受到此漏洞影响，请联系长亭应急服务团队！

Linux environments, long considered bastions of security, are facing a sophisticated new threat that challenges traditional assumptions about operating system safety. A recently discovered malware campaign exploits an ingenious attack vector that weaponizes RAR archive filenames to deliver the VShell backdoor, demonstrating how attackers are evolving beyond conventional exploitation techniques to target scripting patterns and […]

The post New Linux Malware With Weaponized RAR Archive Deploys VShell Backdoor appeared first on Cyber Security News.

公益全体活动上线中秋献礼，感恩相伴！不只有中秋礼盒哦！

Microsoft has set out a roadmap to complete transition to PQC in all its products and services by 2033, with roll out beginning by 2029

腾讯云安全威胁情报团队在实战攻防演练常态化运营期间，发现一批伪装为名为“简历”，“错误视频”的多功能恶意软件通过钓鱼方式传播。经分析发现这批恶意软件为同一款软件框架。该软件框架主要使用 Golang 编写，兼具远控木马与勒索双重能力。

当前环境出现异常情况，需完成验证后方可继续访问。

MITM6 и NTLM Relay работают как идеальная пара — один обманывает сеть, другой крадёт личности.

The Anatsa banking trojan, also known as TeaBot, continues to evolve as one of the most sophisticated Android malware threats targeting financial institutions worldwide. First discovered in 2020, this malicious software has demonstrated remarkable persistence in infiltrating Android devices through the official Google Play Store, where it masquerades as legitimate document reading applications to steal […]

The post Anatsa Malware Attacking Android Devices to Steal Login Credentials and Monitor Keystrokes appeared first on Cyber Security News.

As cloud adoption continues to rise, organizations are increasingly concerned about safeguarding personal data stored and processed by cloud service providers (CSPs). ISO/IEC 27018 is an internationally recognized standard that specifically addresses data protection in cloud environments. It provides guidelines to help CSPs implement effective measures for protecting Personally Identifiable Information (PII). In this blog, […]

The post Top 10 Frequently Asked Questions on ISO 27018 Compliance appeared first on Kratikal Blogs.

The post Top 10 Frequently Asked Questions on ISO 27018 Compliance appeared first on Security Boulevard.

文章介绍了ISO/IEC 27018标准在云环境中保护个人数据的重要性，并解答了关于合规性的常见问题。该标准适用于处理个人身份信息（PII）的组织，提供数据安全指南，并与GDPR等法规相辅相成。通过实施ISO 27018，组织可增强数据隐私和信任。

Colt Technology Services confirmed a data breach by the WarLock ransomware group; the company is working to restore disrupted systems. Colt Technology Services confirmed that threat actors breached its systems and stole some data. The telecoms company is working to restore disrupted systems. Colt, officially known as Colt Technology Services Group Limited, is a multinational telecommunications […]