Aggregator

Summary Using a new programming language, Rust, threat actors have turned their attention to the creation of adware. SecureList posted a blog detailing the language and its use in the creation of adware. Threat Type Malware, Adware Overview A new adware program dubbed Convuster has been seen in the wild. The adware is written in a little known programming language called Rust. Analysts were able to identify the language through the use of Rust specific language and the file extension .rs. The malware works

Summary The Cofense Phishing Defense Center (PDC) takes a brief look at Mekotio, also known as Metamorfo, a banking Trojan with Latin American origins that is now expanding its reach to victims across Europe. This trojan is one that makes use of a little known scripting language known as AutoHotKey (AHK). Threat Type Malware, Phishing, Keylogger, Infostealer, Trojan Overview The Cofense Phishing Defense Center (PDC) takes a brief look at Mekotio, also known as Metamorfo, a banking Trojan with Latin American

You probably heard of NFTs (non-fungible tokens). They are receiving a lot of interest over the last several months. I did some digging and realized that there are some bigger issues with the standards and various interpretations and implementations of it, and how centralized many offerings are. What is an NFT The idea behind it is simple, use a blockchain (and cryptography) to assign and be able to proof ownership over a specific piece of digital content.

The edge is becoming more critical in a world of 5G and IoT. I've seen the evolution from 1x to 3G to 4G and now 5G over the many years I've worked in the mobile space, and 5G and IoT will drive the biggest changes we have seen on the edge in 10 or 20 years.

Akamai Technologies India Pvt. Ltd. has chosen the grantees for Cohort 2 of Accelerator Program for Early-Stage Innovations in Water.

Passwords are inherently flawed, and not just because of credential stuffing. The future of authentication looks very different, but there are steps you can take now to control risk.

How NCSC guidance can help organisations detect and protect themselves from credential abuse.

美国情报机构17日表示，具有种族动机的极端分子和武装激进团体是最致命的国内恐怖主义威胁，并警告称这些威胁可能

网传米哈游的《原神》近日遭到攻击，并由此导致即将推出的大量1.5版本游戏内容泄露。其泄露的内容从游戏机制、到

Summary NimzaLoader is a new initial access malware that is relatively unique in its usage of the Nim programming language. Proofpoint observed this malware being distributed in a TA800 email campaign in place of BazaLoader. Threat Type Malware, Loader Overview Proofpoint published a blog post analyzing the NimzaLoader malware, a loader written in the Nim programming language. This malware is being distributed by TA800 in their email campaigns; previously the group used BazaLoader for initial access. The em

Summary Cisco has published a Security Advisory which is rated as High. Threat Type Vulnerability Overview Cisco has published a Security Advisory which is rated as High. In the advisory summarized below, it is noted that Cisco's Product Security Incident Response Team (PSIRT) is "not aware of any public announcements or malicious use of the vulnerabilities" that are described in the advisory. Cisco Small Business RV132W and RV134W Routers Management Interface Remote Command Execution and Denial of Service

Metasploit最新资讯更新！添加了新功能！

大家好，我是BaCde。今天给大家分享一下我这个月提交鹅厂漏洞的一个挖掘思路。

首先说一下结果，一个SQL注入（可报错回显）、弱口令（审核后发现是域名解析IP错误）和一个有限的SSRF漏洞。

当然今天我要说的不是直接查询子域名，那就没必要写这篇文章了。

像鹅厂这样规模的企业，其资产数量众多。同样的，其盯着他的大佬们也非常多。而目前收集信息的方法大多数都差不多。本身厂商自己也会对其进行监控、检测。基本上很多被筛选了很多遍。那应该如何去挖掘呢？其中一种思路就是找到别人未发现的一些资产，这将增加挖掘的概率。

RapidDNS网站在2020年12月的时候增加了5000万的HTTPS证书数据。暂时还没有对证书查询独立（将在新上线的版本独立查询）。

美国国家情报总监办公室（Office of the Director of National Intelli

简单说一下最近在TSRC挖到漏洞的思路

手持两把锟斤拷,口中疾呼烫烫烫。脚踏千朵屯屯屯,笑看万物锘锘锘

In my previous blog, I discussed the important role multi-factor authentication (MFA) plays in further securing access to enterprise and consumer services. We also established the fact that although MFA increases authentication security and decreases the risk of account takeover, MFA can, and is, being bypassed in the wild.

主要新增了判断进程是否为 Workerman 进程的逻辑，从而优化了确定主进程是否存活的准确性。 发现问题 年前逛 GitHub 的时候，发现 Workerman 有一个 2017 年打开的 Issue：already r

目录: 一、APP加固背景 二、APP加固前世今生 三、整体框架 四、详细流程分析 五、总结 一、APP加固背景 1.1、概述 Android系统是基于Linux开发己具有其开放性、自由性的一种操作系统，现主要应用于移动设备，如手机、平板电脑和车载系统等。从2007年Google推出第一代Andro

Summary The FBI has issued a FLASH Alert (CP-000142-MW) regarding a recent increase of PYSA ransomware targeting education institutions in 12 U.S. states and the United Kingdom. Threat Type Malware, Phishing, Ransomware, Data-theft Overview The FBI has issued a FLASH (FBI Liaison Alert System) Alert (CP-000142-MW) regarding a recent increase of PYSA ransomware targeting education institutions in 12 U.S. states and the United Kingdom. The initial attack vector is often via phishing emails, but PYSA, also kno