Aggregator

История хакера, чьи действия потрясли мир.

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Zimbra Collaboration vulnerability to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the Zimbra Collaboration vulnerability CVE-2024-45519 (CVSS score of 10) to its Known Exploited Vulnerabilities (KEV) catalog. This week, Proofpoint cybersecurity researchers reported that threat actors are attempting to exploit a recently disclosed […]

Цифровой конфликт между странами перерос в долгосрочную разведывательную кампанию.

For several years, external attack surface management (EASM) has been an important focus for many security organizations and the vendors that serve them. EASM, attempting to discover the full extent of an organization’s external attack surface and remediate issues, had broad purview, targeting software vulnerabilities, misconfigurations and neglected shadow IT assets from the outside-in. The focus on greater attack surface visibility and external asset awareness resonated with CISOs, CIOs and practitioners alike. Recently, a new … More →

The post The case for enterprise exposure management appeared first on Help Net Security.

A critical vulnerability in Zimbra’s postjournal service, identified as CVE-2024-45519, has left over 19,600 public Zimbra installations exposed to remote code execution attacks. This vulnerability, with a CVSS score of 9.8, allows unauthenticated attackers to execute arbitrary commands on affected Zimbra installations, posing a significant threat to the security and integrity of these systems. Scans […]

The post 19.6K+ Public Zimbra Installations Vulnerable to Code Execution Attacks – CVE-2024-45519 appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

In this Help Net Security interview, Amiram Shachar, CEO at Upwind, discusses the complexities of cloud security in hybrid and multi-cloud environments. He outlines the need for deep visibility into configurations and real-time insights to achieve a balance between agility and security. Shachar also shares strategies for addressing misconfigurations and ensuring compliance, recommending a proactive approach to risk management in cloud deployments. With hybrid and multi-cloud setups becoming the norm, cloud environments are getting more … More →

The post Transforming cloud security with real-time visibility appeared first on Help Net Security.

境外僵尸网络攻击溯源与样本分析分享学习，切勿用作它途。

恶意代码检测技术简述恶意代码检测技术目前主流的有特征码扫描技术、基于签名的扫描技术、启发式扫描技术等。

引言在信息化时代，网络已成为我们生活中不可或缺的一部分。它为我们提供了快速沟通和便捷服务的渠道，使我们能够高效地办理业务、完成工作和享受娱乐。然而，随着网络的普及和信息化程度的加深，我们在享受便利的同

0x00 前言本文是关于“2024高校网络安全管理运维赛”的详细题解，主要针对Web、Pwn、Re、Misc以及Algorithm等多方向题目的解题过程，包含但不限于钓鱼邮件识别、流量分析、SQLite文件解析、ssrf、xxe等等。如有错误，欢迎指正。0x01 Misc签到给了一个gif，直接在线

第一部分：初始谜题这一部分算是开胃菜，形式也更像平时见到的CTF题目，三个题目都是python加密的，做出其中任意一个就可以进入第二部分，也就是一个更类似真实情境的大型密码渗透系统。但每个初始谜题都是有分数的，所以就算开了第二部分也当然要接着做。每个题目也都有前三血的加成，一血5%，二血3%，三血1

Rspamd is an open-source spam filtering and email processing framework designed to evaluate messages based on a wide range of rules, including regular expressions, statistical analysis, and integrations with custom services like URL blacklists. The system analyzes each message and assigns a verdict, which the MTA can use to take further actions, such as rejecting the message or adding a spam indicator header. Additionally, Rspamd provides valuable information like potential DKIM signatures and suggested message … More →

The post Rspamd: Open-source spam filtering system appeared first on Help Net Security.

Security operations center (SOC) practitioners believe they are losing the battle detecting and prioritizing real threats – due to too many siloed tools and a lack of accurate attack signal, according to Vectra AI. They cite a growing distrust in vendors, believing their tools can be more of a hindrance than help in spotting real attacks. This is at odds with growing confidence in their teams’ abilities and a sense of optimism around the promise … More →

The post SOC teams are frustrated with their security tools appeared first on Help Net Security.

Quickpost: The Electric Energy Consumption Of LLMs Filed under: Quickpost — Didier Steve

You can’t fulfill your end of the shared responsibility model if you don’t emphasize secure configurations. Depending on the cloud services you’re using, you’re responsible for configuring different things. Once you figure out those responsibilities, you then need to perform the hardening. Our guidance helps simplify the process. It explains how you can use the CIS Foundations Benchmarks to get started with identity and access management (IAM), logging and monitoring, and networking on the cloud … More →

The post Meet the shared responsibility model with new CIS resources appeared first on Help Net Security.

一些WordPress用户的部分主题在上传svg、ico、webp文件时出现“ ”的提示，意思是这类图片格式不允许上传，今天这个教程能解决这个问题 WordPr […]

SHELLSILO SHELLSILO is a cutting-edge tool that translates C syntax into syscall assembly and its corresponding shellcode. It streamlines the process of constructing and utilizing structures, assigning variables, and making system calls. With this...

The post SHELLSILO: Simplifying Syscall Assembly and Shellcode Creation appeared first on Penetration Testing Tools.

BPF Compiler Collection (BCC) BCC is a toolkit for creating efficient kernel tracing and manipulation programs and includes several useful tools and examples. It makes use of extended BPF (Berkeley Packet Filters), formally known...

The post BPF Compiler Collection: BPF-based Linux IO analysis, networking, monitoring, and more appeared first on Penetration Testing Tools.

SharpDPAPI SharpDPAPI is a C# port of some DPAPI functionality from @gentilkiwi‘s Mimikatz project. The SharpChrome subproject is an adaptation of work from @gentilkiwi and @djhohnstein, specifically his SharpChrome project. However, this version of SharpChrome uses a different version of the C# SQL library that...

The post SharpDPAPI: C# port of some Mimikatz DPAPI functionality appeared first on Penetration Testing Tools.