漏洞管理新论:从KEV到CTEM
漏洞管理(Vulnerability Management)作为信息安全领域中最为人熟知的概念之一,一直是安全运营的核心活动。本文将探讨KEV目录、EPSS等新兴的漏洞评估方法,以及CTEM等前瞻性框架如何帮助组织更好地应对当前的威胁环境。
Aggregator
安天移动一周威胁情报盘点(7月1日-7月8日)
6 months ago
近期威胁情报速览!
盘点:2024年5月移动设备威胁态势
6 months ago
移动恶意软件类型整体呈活跃上升趋势
Decrypted: DoNex Ransomware and its Predecessors
6 months ago
Researchers from Avast have discovered a flaw in the cryptographic schema of the DoNex ransomware and its predecessors. In cooperation with law enforcement organizations, we have been silently providing the decryptor to DoNex ransomware victims since March 2024. The cryptographic weakness was made public at Recon 2024 and therefore we have no reason to keep […]
The post Decrypted: DoNex Ransomware and its Predecessors appeared first on Avast Threat Labs.
Threat Research Team
Rosetta:多样化网络环境下的TLS流量分类
6 months ago
在加密流量分类问题中,因多样化网络中不同的TCP机制导致的数据包长度序列发生变化而使模型失效, Rosetta系统通过TCP感知的流量增强机制和自监督学习获取TLS特征从而使不同网络环境中达到相对较好的分类效果。
Attack Activities by Kimsuky Targeting Japanese Organizations
6 months ago
JPCERT/CC has confirmed attack activities targeting Japanese organizations by an attack group called Kimsuky in March 2024. This article introduces the attack methods of the group confirmed by JPCERT/CC. Attack overview In the attack we identified, the attacker sent a...
喜野 孝太(Kota Kino)
抓NSA特种木马的方法
6 months ago
抓不到西方APT的技术,都是狗屁!
Monday, July 8, 2024 Security Releases
6 months ago
青少年之友
6 months ago
cby现在认可我「青少年之友」的称号,多次承认,名不虚传
做了一款服务网络安全领域人员的情报系统。
6 months ago
主要是提供安全情报,安全漏洞,威胁情报,数据泄露信息和众多安全工具,方便及时响应!
内置AI(gpt4o)/ai绘画(sd)/ChatTTS,无需登陆免费使用。里面有gpt4o,充了几十美元反正也用不完,给大家用了
3 个帖子 - 3 位参与者
abyssdawn
2024InForSec夏令营“导师面对面”专题活动最新议程出炉,快来围观你心仪的导师!
6 months ago
2024年InForSec“网络空间安全”大学生夏令营活动于2024年7月14日至23日在合肥中国科学技术大学举行。
[Flutter]设置应用包名、名称、版本号、最低支持版本、Icon、启动页以及环境判断、平台判断和打包
6 months ago
一、设置应用包名 在Flutter开发中,修改应用程序的包名(也称作Application ID)涉及几个步骤,因为包名是在项目的Android和iOS平台代码 […]
root
利用Brute Ratel安装恶意软件攻击活动的详细分析
6 months ago
利用Brute Ratel安装恶意软件攻击活动的详细分析
The Top 10 AI Security Risks Every Business Should Know
6 months ago
With every week bringing news of another AI advance, it’s becoming increasingly important for organizations to understand the risks before adopting AI tools. This look at 10 key areas of concern identified by the Open Worldwide Application Security Project (OWASP) flags risks enterprises should keep in mind through the back half of the year.
An In-Depth Look at Crypto-Crime in 2023 Part 1
6 months ago
Cybersecurity is a growing concern in today's digital age, as more sensitive information is stored and transmitted online. With the rise of cryptocurrencies, there has also been a rise in crypto-crimes, which pose a significant threat to the security of both individuals and businesses.
关于员工上网行为管理与防范恶意域名的策略探讨| 总第253周
6 months ago
您有一份周报待查收......
Курсы по SOCам? Где, какие, сколько?..
6 months ago
加入T00ls,与网络安全精英同行!
6 months ago
立即行动! 不要错过与网络安全精英共同成长的机会!加入T00ls,让我们一起探索网络安全的无限可能!
SecMet#5期 智能代码审计:机遇、挑战与解决方案
6 months ago
主讲人将会分享他们在智能合约漏洞检测方面的五项研究
揭露美国情报机构炮制内幕 “伏特台风”行动炒作真相
6 months ago
“伏特台风”计划至少起始于2023年初