Aggregator

Summary ***Updated 04/08/2022*** The Spring-Projects team has released a blog in an effort to clear up confusion about the alleged deserialization RCE vulnerability. There are, however, vulnerabilities that have been patched and a Yara rule has been published. Please see the latest recommendations. Threat Type Vulnerability Overview ***UPDATE #5, April 8, 2022*** A report from Chinese cybersecurity firm, Qihoo 360, has reported on the first confirmed case(s) of Spring4Shell being leveraged to gain access a

爱加密加固产品原理分析_定制版

矛和盾的故事

2 years 9 months ago

壳整体是指令抽取加方法native化二者结合，所有被抽走的指令还原后dump出来也能分析出80%左右的代码，其它被native化的用JNItrace配合分析，所以用该加固方案客户端代码安全性一般。

漂亮侧信道：从timeless attack到pipeline的放大攻击

赛博回忆录

2 years 9 months ago

0x00 前言太久没有整活了可以说是十分懈怠了。现在整活的门槛也越来越高，去年群友还只是每天rce就很开心了

美国国防承包商关联公司借激励计划名头，通过SDK收集用户敏感数据

黑鸟

2 years 9 months ago

他们告诉开发者如果部署SDK可每个月赚取 100 到 10000 美元甚至更多，这取决于它可以提供多少活跃用户。

Critical Vulnerability in Palo Alto Appliances

X-Force Exchange - Collection Feed

2 years 9 months ago

Summary According to multiple sources an OpenSSL vulnerability in some Palo Alto appliances could be exploited to trigger a denial of service (DOS) condition. This vulnerability has been patched in OpenSSL but not all Palo Alto appliances. Threat Type Vulnerability Overview X-Force is tracking the disclosure of an OpenSSL vulnerability in some Palo Alto appliances that if exploited could lead to a denial of service (DOS) condition. In early March of 2022, updates were released by OpenSSL to address CVE-20

一种快速的无代替模型的黑盒对抗攻击算法SurFree

VLabTeam

2 years 9 months ago

本文介绍了SurFree，这是一种基于几何原理的对抗攻击算法，可以在最苛刻的条件下，即基于黑盒决策的攻击，仅仅依赖最终的分类标签来大幅减少查询花销。

Exploit Development: Browser Exploitation on Windows - CVE-2019-0567, A Microsoft Edge Type Confusion Vulnerability (Part 3)

Security Researchers: Connor McGarr

2 years 9 months ago

Porting part 2's ChakraCore exploit to Microsoft Edge while defeating ASLR, DEP, CFG, ACG, CIG, and other mitigations.

Connor McGarr

基于反向代理的水坑攻击

默安玄甲实验室

2 years 9 months ago

一套基于反向代理的流程化、模板化水坑攻击，全程只使用前端，做到受害者无感知使用的技术

MAC virtualbox Kernel driver not installed (rc=-1908) - sevck

博客园_Sevck's Blog

2 years 9 months ago

MAC 的Nox模拟器依赖virtualbox模拟，一直卡在99%，因为nox只是个封装调用，实际上还是virtualbox,virtualbox单独启动报错： virtualbox也是最新版报错信息如下： Kernel driver not installed (rc=-1908) Make s

sevck

Conti?s Hacker Manuals ? Read, Reviewed & Analyzed

The Akamai Blog

2 years 9 months ago

Conti is a notorious ransomware group that targets high-revenue organizations. They were first detected in 2020, and appear to be based in Russia. It is believed that the group is the successor to Ryuk ransomware group. According to Chainalysis, The ransomware group was the highest grossing of all ransomware groups in 2021, with an estimated revenue of at least 180 million dollars.

Stiv Kupchik

On-Premises Servers Products are Here! Introducing the Applications and On-Premises Servers Bug Bounty Program

MSRC on Microsoft Security Response Center

2 years 9 months ago

Microsoft is excited to announce the addition of Exchange on-premises, SharePoint on-premises, and Skype for Business on-premises to the Applications and On-Premises Servers Bounty Program. Through this expanded program, we encourage researchers to discover and report high-impact security vulnerabilities to help protect customers. We offer awards up to $26,000 USD for eligible submissions.