Aggregator

随着网络攻击手段的不断演进，内存马技术因其隐蔽性和高效性而备受关注。

2024 年 6 月 11 日，微软官方发布了 6 月安全更新，针对共 58 个 CVE 进行修复，涉及多个 Windows 主流版本及多款主流产品和组件，请及时安装补丁修复。

风雨欲来风满楼

无影(TscanPlus) v2.0正式版发布，新增编解码、加解密、格式化等6类36种编码，优化poc智能匹配规则、资产分拣规则、Url探测流程等，并提供Linux编译版下载。

提出了一个异构域自适应网络(HDAN)框架来解决上述问题

走！

Discover details about CVE-2024-28995, a path-traversal vulnerability in SolarWinds Serv-U, and see how a honeypot setup revealed diverse exploit attempts, including manual attacks. Learn how attackers bypassed filters and targeted specific files in this comprehensive analysis.

The latest MITRE Engenuity ATT&CK Evaluations pitted leading managed detection and response (MDR) services against threats modeled on the menuPass and BlackCat/AlphV adversary groups. Trend Micro achieved 100% detection across all 15 major attack steps with an 86% actionable rate for those steps— balancing detections and business priorities including operational continuity and minimized disruption.

移动互联网时代，微信、支付宝、抖音等平台成为了人们之间重要的生活、经济交往平台，记录了大量的个人数据，甚至存储

For the latest discoveries in cyber research for the week of 17th June, please download our Threat Intelligence Bulletin. TOP ATTACKS AND BREACHES An attack targeting Snowflake customer databases, identified as the work of threat actor UNC5537, has led to significant data theft and extortion. UNC5537 used stolen Snowflake customer credentials, obtained mainly from infostealer […]

The post 17th June – Threat Intelligence Report appeared first on Check Point Research.

我们看到的并不是真实的这是最近两个月在生活的经历里逐步体会到的观点，经过了一个以月为单位的实践过程，我准备写文

做“组队打卡”，我想解决的问题是：微信群内打卡统计麻烦。举个例子，有个群里约定，每人每周需要两次 30 分钟以上的运动，打卡带上图片证据。

by Mike Saunders, Principal Security Consultant This blog is the first in a series of articles on methods for obfuscating shellcode. I’ll be focusing on how to obfuscate shellcode to […]

【学术报告】无意的“劫持”：安卓应用中TLS证书验证问题的细粒度归因分析

In today's rapidly evolving digital landscape, achieving comprehensive visibility across cloud environments is paramount for maintaining security and performance. NETSCOUT, a leader in network visibility, offers a cloud-native solution that provides unparalleled packet-based network visibility, enabling enterprises to...

顺丰“威胁情报作战三部曲”第一篇，强烈安利给各位师傅

本文介绍了mitmproxy工具的使用，包含mitmproxy的安装、基本使用方法，以及如何使用mitmdump编写和运行插件修改流量。在安全研究中，展示了拦截和解密数据包的实际应用，并提供了多层代理配置实现数据包加密和解密的详细步骤。