Aggregator

手持两把锟斤拷,口中疾呼烫烫烫。脚踏千朵屯屯屯,笑看万物锘锘锘

In my previous blog, I discussed the important role multi-factor authentication (MFA) plays in further securing access to enterprise and consumer services. We also established the fact that although MFA increases authentication security and decreases the risk of account takeover, MFA can, and is, being bypassed in the wild.

主要新增了判断进程是否为 Workerman 进程的逻辑，从而优化了确定主进程是否存活的准确性。 发现问题 年前逛 GitHub 的时候，发现 Workerman 有一个 2017 年打开的 Issue：already r

目录: 一、APP加固背景 二、APP加固前世今生 三、整体框架 四、详细流程分析 五、总结 一、APP加固背景 1.1、概述 Android系统是基于Linux开发己具有其开放性、自由性的一种操作系统，现主要应用于移动设备，如手机、平板电脑和车载系统等。从2007年Google推出第一代Andro

Summary The FBI has issued a FLASH Alert (CP-000142-MW) regarding a recent increase of PYSA ransomware targeting education institutions in 12 U.S. states and the United Kingdom. Threat Type Malware, Phishing, Ransomware, Data-theft Overview The FBI has issued a FLASH (FBI Liaison Alert System) Alert (CP-000142-MW) regarding a recent increase of PYSA ransomware targeting education institutions in 12 U.S. states and the United Kingdom. The initial attack vector is often via phishing emails, but PYSA, also kno

3月14日，日本《朝日新闻》旗下电视台发布了一篇题为《地图上不存在的军用基地-逼近中国威胁“最前线”》独家视

移动APP越来越普及，大多业务己放到APP中完 成，带来的安全隐患也越来越突出，漏洞、APP破解、恶意代码植入、广告植入、病毒木马、支付篡改、数据爬取等安全问题。在发版前可通过对APP进行安全检测，加固APP可以提高安全性，解决大部分风险。

取证小知识102

记一次跌宕起伏的白盒审计到RCE~

There are many crypto mining malware variants infecting systems on the internet. On Friday, March 4, 2021, I noticed an interesting hit in my honeypot logs. The binary it captured stood out, as it was rather large at 4MB. I immediately thought it would be a crypto miner written in the Go language. I was correct. This one however, has some newer exploits it's using for proliferation.

The use of authentication factors, one of the most fundamental and well understood concepts in information security, enables secure access to applications, services, and networks. It can affect an enterprise's security posture, however, as the drastic increase in data breaches and system attacks are largely based on compromised authentication.

Today, Akamai announced Akamai MFA, a phish-proof multi-factor authentication (MFA) service for the workforce that delivers all of the security benefits of FIDO2 with the frictionless end-user experience of a mobile push on a smartphone. Why has Akamai introduced this new service?

On March 2, 2021, the Microsoft Security Response Center alerted its customers to several?critical security?updates to Microsoft Exchange Server, addressing vulnerabilities currently?under attack.

ok

It's been an interesting start to March in terms of public security incidents. This month kicked off with multiple zero-day exploits being used to attack on-premises versions of Microsoft Exchange Server. And, as if that wasn't enough, that attack was quickly followed by the news that a hacktivist

0x00 前言前段时间在看某个cms代码的时候，发现log4j组件版本存在漏洞，并且开启了端口，但web站点

Summary A new Linux backdoor has been discovered by Intezer and has been named RedXOR. It's likely to have been developed by Chinese nation-state actors. Threat Type Malware, Backdoor, RAT, APT Overview Intezer discovered a new, sophisticated backdoor targeting Linux systems. It's likely to have been developed by Chinese nation-state actors based on the TTPs observed. Intezer has named the backdoor RedXOR due to it's encoding scheme based on XOR. RedXOR masquerades itself as polkit daemon. Intezer compares

Summary SideWinder is an APT that targets South Asian government and military organizations with espionage campaigns, likely acting in Indian interests. DeepEnd Research reports on the most recent wave of activity from this threat group. Threat Type Malware, Phishing, Spyware, APT Overview DeepEnd Research published a blog post analyzing the most recent wave of SideWinder APT activity. This specific campaign appears to target government entities in Nepal. Their research began with the discovery of a server