护网前夜 | 防守的五个谎言和一个真相
风雨欲来风满楼
Aggregator
无影(TscanPlus) v2.0发布:编解码及加解密
4 months 2 weeks ago
无影(TscanPlus) v2.0正式版发布,新增编解码、加解密、格式化等6类36种编码,优化poc智能匹配规则、资产分拣规则、Url探测流程等,并提供Linux编译版下载。
德克萨斯大学 | 基于异构域自适应的网络威胁数据多流分类
4 months 2 weeks ago
提出了一个异构域自适应网络(HDAN)框架来解决上述问题
拓展港澳|V-Transform 2024盛会,不容错过!
4 months 2 weeks ago
走!
SolarWinds Serv-U (CVE-2024-28995) exploitation: We see you!
4 months 2 weeks ago
Discover details about CVE-2024-28995, a path-traversal vulnerability in SolarWinds Serv-U, and see how a honeypot setup revealed diverse exploit attempts, including manual attacks. Learn how attackers bypassed filters and targeted specific files in this comprehensive analysis.
Not Just Another 100% Score: MITRE ENGENUITY ATT&CK
4 months 2 weeks ago
The latest MITRE Engenuity ATT&CK Evaluations pitted leading managed detection and response (MDR) services against threats modeled on the menuPass and BlackCat/AlphV adversary groups. Trend Micro achieved 100% detection across all 15 major attack steps with an 86% actionable rate for those steps— balancing detections and business priorities including operational continuity and minimized disruption.
【从微信收藏图片看微信存储详细记录】
4 months 2 weeks ago
【微信、支付宝、抖音、美团、携程调查取证和协助执行指引(2024)】
4 months 2 weeks ago
移动互联网时代,微信、支付宝、抖音等平台成为了人们之间重要的生活、经济交往平台,记录了大量的个人数据,甚至存储
17th June – Threat Intelligence Report
4 months 2 weeks ago
For the latest discoveries in cyber research for the week of 17th June, please download our Threat Intelligence Bulletin. TOP ATTACKS AND BREACHES An attack targeting Snowflake customer databases, identified as the work of threat actor UNC5537, has led to significant data theft and extortion. UNC5537 used stolen Snowflake customer credentials, obtained mainly from infostealer […]
The post 17th June – Threat Intelligence Report appeared first on Check Point Research.
urias
需要了解的贷款利率细节
4 months 2 weeks ago
我们看到的并不是真实的这是最近两个月在生活的经历里逐步体会到的观点,经过了一个以月为单位的实践过程,我准备写文
一个人走得快,一群人走得远
4 months 2 weeks ago
做“组队打卡”,我想解决的问题是:微信群内打卡统计麻烦。举个例子,有个群里约定,每人每周需要两次 30 分钟以上的运动,打卡带上图片证据。
网安周报 | 国家互联网信息办公室等四部门公布《网络暴力信息治理规定》
4 months 2 weeks ago
学术前沿 | 面向人脸深度伪造检测模型的校准性评测
4 months 2 weeks ago
Adventures in Shellcode Obfuscation! Part 1: Overview
4 months 2 weeks ago
by Mike Saunders, Principal Security Consultant This blog is the first in a series of articles on methods for obfuscating shellcode. I’ll be focusing on how to obfuscate shellcode to […]
Red Siege
【学术报告】无意的“劫持”:安卓应用中TLS证书验证问题的细粒度归因分析
4 months 2 weeks ago
【学术报告】无意的“劫持”:安卓应用中TLS证书验证问题的细粒度归因分析
Enhance Your Cloud Visibility
4 months 2 weeks ago
In today's rapidly evolving digital landscape, achieving comprehensive visibility across cloud environments is paramount for maintaining security and performance. NETSCOUT, a leader in network visibility, offers a cloud-native solution that provides unparalleled packet-based network visibility, enabling enterprises to...
Robert Derby
你存在,我们的攻击画像里
4 months 2 weeks ago
顺丰“威胁情报作战三部曲”第一篇,强烈安利给各位师傅
原创 Paper | Mitmproxy 数据包解密实战篇
4 months 2 weeks ago
本文介绍了mitmproxy工具的使用,包含mitmproxy的安装、基本使用方法,以及如何使用mitmdump编写和运行插件修改流量。在安全研究中,展示了拦截和解密数据包的实际应用,并提供了多层代理配置实现数据包加密和解密的详细步骤。
浅谈.Net Profiling在红队中的使用
4 months 2 weeks ago
.NET Profiling 是一组用于开发性能分析工具的接口,用于监控和分析 .NET 应用程序的各种行为。近日,有研究员将该项技术用于横向移动,本文主要对此技术在红队中的使用做介绍。
阿里集团安全部招聘安全工程师/高级安全工程师
4 months 2 weeks ago
集团安全部-安全工程师/高级安全工程师(攻防演练)-业务安全攻防技术