Aggregator

凯歌而行，不以山海为远；乘势而上，不以日月为限。随着2024年上半年的结束，我们迎来了回顾与总结的时刻！

每逢“佳节”倍思亲，思的什么亲？蓝队的父老乡亲！

Meta Platforms on Wednesday said it took steps to remove around 63,000 Instagram accounts in Nigeria that were found to target people with financial sextortion scams. "These included a smaller coordinated network of around 2,500 accounts that we were able to link to a group of around 20 individuals," the company said. "They targeted primarily adult men in the U.S. and used fake accounts to mask

The browser is the nerve center of the modern workspace. Ironically, however, the browser is also one of the least protected threat surfaces of the modern enterprise. Traditional security tools provide little protection against browser-based threats, leaving organizations exposed. Modern cybersecurity requires a new approach based on the protection of the browser itself, which offers both

3月10日起，每周日13点～18点直播授课

CrowdStrike的首席安全官Shawn Henry表示：“我们多年来在点滴中建立的信心在几个小时内就消失得无影无踪，这是一次沉重的打击。”

看雪论坛作者ID：touful

[握手]回复口令：“一草一木皆是兵”，获取今日最新情报！ [太阳]tips强烈推荐 ：https://tix.qq.com - 高阶版免费体验：查询额度权益 - 每日最新封禁IOC获取 - 专家IP鉴定分析权限

[握手]回复口令：“一草一木皆是兵”，获取今日最新情报！ [太阳]tips强烈推荐 ：https://tix.qq.com - 高阶版免费体验：查询额度权益 - 每日最新封建IOC获取 - 专家IP鉴定分析权限

Research by: hasherezade Highlights: Introduction Process injection is one of the important techniques used by attackers. We can find its variants implemented in almost every malware. It serves purposes such as: Due to the fact that interference in the memory of a process by malicious modules can cause a lot of damage, all sorts of AV […]

The post Thread Name-Calling – using Thread Name for offense appeared first on Check Point Research.

SonicWall observed a surge in malware attacks in H1 2024, with strains becoming more adept at defense evasion

从最新欺诈风险感知、业务/风控策略指引、到恶意贷款群体定位，构建信贷反欺诈闭环

APT组织Lazarus 在Rootkit（获取内核权限）攻击中使用了微软的0day漏洞;APT组织Kimsuky利用软件公司产品安装程序进行伪装展开攻击;NoName057(16)组织DDoSia项目持续更新;

Cybersecurity researchers have disclosed a privilege escalation vulnerability impacting Google Cloud Platform's Cloud Functions service that an attacker could exploit to access other services and sensitive data in an unauthorized manner. Tenable has given the vulnerability the name ConfusedFunction. "An attacker could escalate their privileges to the Default Cloud Build Service Account and

谷歌表示放弃了之前计划Chrome浏览器彻底禁用第三方cookie的方案，将推出新的浏览器体验，用户可以自主调整第三方cookie。

多无人系统协同可以将在空间上分布的无人系统有机连接起来，实现多系统在时间、空间、模式、任务等多维度上的有效协同，最终形成目标探测、跟踪识别、智能决策、自主控制和效能评估的完整链条。

7月24日消息，今年1月中旬，正值隆冬时节，乌克兰利沃夫市的部分居民被迫在没有集中供暖的情况下生活了两天。

物联网已经渗透到社会经济的方方面面，构建出一个全新的智能化世界。