Aggregator
狗牛:一段幽默史
Microsoft Warns of Hackers Compromising Employee Accounts to Steal Salary Payments
A sophisticated financially motivated threat actor known as Storm-2657 has been orchestrating elaborate “payroll pirate” attacks targeting US universities and other organizations, Microsoft Threat Intelligence has revealed. These attacks represent a concerning evolution in cybercriminal tactics, where hackers compromise employee accounts to gain unauthorized access to human resources systems and redirect salary payments to attacker-controlled […]
The post Microsoft Warns of Hackers Compromising Employee Accounts to Steal Salary Payments appeared first on Cyber Security News.
Reverse-Proxy SSO vs. SAML/OIDC: Understanding the Key Differences in Authentication Models
Learn the key differences between Reverse-Proxy SSO and SAML/OIDC authentication models to choose the best fit for your enterprise security.
The post Reverse-Proxy SSO vs. SAML/OIDC: Understanding the Key Differences in Authentication Models appeared first on Security Boulevard.
Gladinet CentreStack And Triofox 0-Day RCE Vulnerability Actively Exploited In Attacks
An active in-the-wild exploitation of a zero-day vulnerability in Gladinet CentreStack and Triofox products. Tracked as CVE-2025-11371, the unauthenticated Local File Inclusion (LFI) flaw allows attackers to achieve remote code execution (RCE) on affected systems. The vulnerability is currently unpatched, but a mitigation has been provided. Organizations using the affected software are strongly urged to […]
The post Gladinet CentreStack And Triofox 0-Day RCE Vulnerability Actively Exploited In Attacks appeared first on Cyber Security News.
行业会议 | 第22届中国信息和通信安全学术会议
RondoDox Botnet targets 56 flaws across 30+ device types worldwide
RondoDox Botnet targets 56 flaws across 30+ device types worldwide
Abbiamo già frainteso il GDPR. Ora non possiamo perdere l’occasione offerta dalla NIS 2
GitHub 正将其基础设施迁移到 Azure
再次领航“AI+安全” | 成功斩获信通院多项“2025年人工智能先锋案例”
Чип Cisco P200 заменяет 92 микросхемы, экономит 65% энергии и уже работает на Microsoft Azure
BlockDAG vs Remittix vs Pepeto: Which 2025 Presale Offers the Best Risk-Reward?
Snake Keylogger Uses Weaponized Emails and PowerShell to Steal Sensitive Data
A newly observed information‐stealing campaign is deploying a stealthy variant of the SnakeKeylogger malware via weaponized e-mails that masquerade as legitimate remittance advice from CPA Global and Clarivate. Researchers first identified the infection vector on October 7, 2025, when recipients received messages titled “remittance advice for the payment dated 07‐Oct‐2025,” urging them to download an […]
The post Snake Keylogger Uses Weaponized Emails and PowerShell to Steal Sensitive Data appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
关于防范PS1Bot恶意软件的风险提示
关于防范PS1Bot恶意软件的风险提示
近日,工业和信息化部网络安全威胁和漏洞信息共享平台(CSTIS)监测发现PS1Bot恶意软件持续活跃,其主要攻击目标为Windows用户,可能导致敏感信息泄露、系统受控等风险。
PS1Bot是一种采用PowerShell与C#编写的高级模块化恶意软件框架,于2025年初开始活跃。攻击者利用恶意广告和搜索引擎优化投毒(SEO Poisoning),诱导受害者下载带有热门搜索关键词的恶意压缩包文件,包内的JavaScript文件充当下载器,诱导用户执行恶意程序,随后从命令与控制(C2)服务器获取PowerShell脚本,并利用C盘序列号生成唯一C2 URL,恶意程序通过内存执行机制不断轮询C2服务器,可执行信息窃取、键盘记录、屏幕截取、加密货币钱包盗取等多种恶意行为。此外,其内存执行机制使其能够规避传统防病毒检测,同时其模块化设计使其能够根据需要快速部署更新或新增恶意功能,进一步对用户隐私和财务安全造成更大威胁。
建议相关单位和用户立即组织排查,及时更新防病毒软件,实施全盘病毒查杀,谨慎点击陌生链接或下载不明文件,强化PowerShell安全,并可通过及时修复安全漏洞、定期备份数据等措施,防范网络攻击风险。
文章来源自:网络安全威胁和漏洞信息共享平台