Aggregator

这段常态化时期，每天都整理和学习历年能打穿小朋友的漏洞，本文转载自 https://forum.butian.net/share/2491 这个师傅写的真得很细

中国科学技术大学高新校区，红墙方砖间，一个个怀揣热忱的身影，向阳而行。

Editor’s note: The current article is authored by Mohamed Talaat, a cybersecurity researcher and malware analyst. You can find Mohamed on X and LinkedIn. Brute Ratel C4 (BRC4) is a customized, commercial command and control (C2) framework that was first introduced in December 2020. Its primary use is for conducting adversarial attack simulation, red-team engagements, […]

The post Brute Ratel C4 Badger Used to Load Latrodectus appeared first on ANY.RUN's Cybersecurity Blog.

Security questionnaires aren’t just an inconvenience — they’re a recurring problem for security and sales teams. They bleed time from organizations, filling the schedules of professionals with monotonous, automatable work. But what if there were a way to reduce or even altogether eliminate security questionnaires? The root problem isn’t a lack of great questionnaire products — it’s the

Research shows that the cellular Internet of Things (IoT) market is in recovery, with a growth of 7 percent year over year in the first quarter of 2024. 5G provides connectivity for emerging IoT devices and allows for advanced use cases in support of massive, critical, and broadband IoT. Current 4G LTE cellular...

The Internet Systems Consortium (ISC) released security advisories to address vulnerabilities affecting multiple versions of ISC’s Berkeley Internet Name Domain (BIND) 9. A cyber threat actor could exploit one of these vulnerabilities to cause a denial-of-service condition. 

CISA encourages users and administrators to review the following advisories and apply the necessary updates: 

• CVE-2024-4076: Assertion failure when serving both stale cache data and authoritative zone content
• CVE-2024-1975: SIG(0) can be used to exhaust CPU resources
• CVE-2024-1737: BIND’s database will be slow if a very large number of RRs exist at the same name
• CVE-2024-0760: A flood of DNS messages over TCP may make the server unstable

A zero-day security flaw in Telegram's mobile app for Android called EvilVideo made it possible for attackers to malicious files disguised as harmless-looking videos. The exploit appeared for sale for an unknown price in an underground forum on June 6, 2024, ESET said. Following responsible disclosure on June 26, the issue was addressed by Telegram in version 10.14.5 released on July 11. "

The announcement of the Cyber Security and Resilience Bill is a landmark moment in tackling the growing threat to the UK's critical systems.

不得不忍受低于零度的环境

Research by: Antonis Terefos (@Tera0017) Key Points Introduction Threat actors continually evolve their tactics to stay ahead of detection. Traditional methods of malware distribution via emails containing malicious attachments are heavily monitored, and the general public has become more aware of these tactics. Recently, Check Point Research observed threat actors using GitHub to achieve initial […]

The post Stargazers Ghost Network appeared first on Check Point Research.

每日更新当天鲜活情报和热点漏洞

分享近期值得关注的IOC

速修复

CrowdStrike坚称是逻辑错误，安全专家怎么说？

作者：CataLpa 原文链接：https://wzt.ac.cn/2023/12/14/protobuf/ 1 Protobuf Protobuf 是 Google 推出的一款开源跨平台的序列化数据结构的协议，它在执行效率、兼容性等方面比较优秀，在 Google 内部以及很多大型项目中被广泛使用。 Protobuf 的基础是 proto 文件以及 protoc 编译器，开发者把想要进...

感谢您的支持和理解~

Windows下shellcode的通用流程是

1. 通过PEB遍历获取DLL模块的地址
2. 搜索DLL模块的导出表获取需要的API
3. 通过API实现特定的功能

早期很多教程借助汇编来实现，但现在

There is one simple driver behind the modern explosion in SaaS adoption: productivity. We have reached an era where purpose-built tools exist for almost every aspect of modern business and it’s incredibly easy (and tempting) for your workforce to adopt these tools without going through the formal IT approval and procurement process. But this trend has also increased the attack surface—and with