Aggregator

Heads up! Xdr33, A Variant Of CIA’s HIVE Attack Kit Emerges

1 year 11 months ago

Overview

On Oct 21, 2022, 360Netlab's honeypot system captured a suspicious ELF file ee07a74d12c0bb3594965b51d0e45b6f, which propagated via F5 vulnerability with zero VT detection, our system observces that it communicates with IP 45.9.150.144 using SSL with forged Kaspersky certificates, this caught our attention. After further lookup,

Alex.Turing

3 Ransomware Questions Every Security Leader Should Be Able to Answer

The Akamai Blog

1 year 11 months ago

Read about how organizations need microsegmentation to identify and remediate ransomware attacks, and the ransomware questions they need to answer.

Pavel Gurvich

MSSQL结合RBCD提权 - nice_0e3

nice0e3

1 year 11 months ago

MSSQL结合RBCD提权原理这里使用中继的方式给他中继到ldap中去添加msDS-AllowedToActOnBehalfOfOtherIdentity属性。默认域控的ms-DS-MachineAccountQuota属性设置允许所有域用户向一个域添加10个计算机帐户，就是说只要有一个域凭据就

nice_0e3

Using MSPs to administer your cloud services

NCSC Feed

1 year 11 months ago

Andrew A explains what you must check before giving Managed Service Providers (MSPs) the keys to your kingdom.

攻防技术创新探究

认知独省

1 year 11 months ago

1月7日在ADconf分享了攻防创新相关的议题

RealWorld CTF（体验赛）部分WP

Red0

1 year 11 months ago

警惕：魔改后的CIA攻击套件Hive进入黑灰产领域

360 Netlab Blog - 360

1 year 11 months ago

概述

2022年10月21日，360Netlab的蜜罐系统捕获了一个通过F5漏洞传播，VT 0检测的可疑ELF文件ee07a74d12c0bb3594965b51d0e45b6f，流量监控系统提示它和

Alex.Turing

一种inlineHook检测方案 - luoyesiqiu

博客园_luoyesiqiu

2 years ago

inlinehook是修改内存中的机器码来实现hook的方式

luoyesiqiu

Oracle数据恢复故障处理之启动报错：ORA-03113: end-of-file on communication channel和ORA-01081 - sevck

博客园_Sevck's Blog

2 years ago

lsnrctl启动实例startup报错 ORA-03113: end-of-file on communication channel $ su - oracle Step 1: You need to look at the alert log. It isn't in /var/log as

sevck

东软NetEye荣获2022年度电力创新奖

东软网络安全

2 years ago

东软NetEye电力行业网络安全解决方案已服务全国31个省级行政区。保障全国超7亿人安全用电，护航电力系统安全稳定运行。

建设安全架构

放之

2 years ago

知道安全架构建设，那又该如何建设安全架构呢？

阿里安全(alibaba.com)诚聘各类安全人才，base 北京/杭州

深潜之眼

2 years ago

“黑灰产”干活就像搭积木！蚂蚁集团发布年度反诈治理研究报告（附全文下载）

天书奇坛TFT

2 years ago

当前，围绕电信网络诈骗犯罪已经形成一个门类齐全、分工明确、协作紧密的生态产业链。几乎所有与之相关联的

Decrypting TLS browser traffic with Wireshark

Embrace The Red

2 years ago

There is a combination of lesser known tools and techniques to capture and later decrypt SSL/TLS network traffic on Windows. This technique is neat because it does not require the installation of additional driver/software when capturing the traffic. Technique, Tools and Steps It is quite straight forward and consists of: Setting the SSLKEYLOGFILE environment variable to capture TLS session keys on target host Use netsh trace start to capture traffic (no need to install additional driver/software!

Building an Effective Bot Management Strategy

The Akamai Blog

2 years ago

Effectively managing bot traffic requires a combination of strong detection and response strategies. Here, we explore Akamai?s methods for implementing both.

David S�n�cal