Despite having been discovered and reported in 2014, the vulnerability that allows pixie dust attacks still impacts consumer and SOHO networking equipment around the world, NetRise researchers have confirmed. WPS and the pixie dust attack Wi-Fi Protected Setup (WPS) allows users to connect to their network by using an eight-digit pin instead of a password. “[A pixie dust attack] targets weaknesses in the Wi-Fi Protected Setup protocol, exploiting poor entropy in key generation,” the company … More →
The post Many networking devices are still vulnerable to pixie dust attack appeared first on Help Net Security.
背景介绍 Background Introduction 对抗路径分析 Adversarial Path Analysis 落地实践 Practical Implementation 总结展望 Summary and Outlook
这份演示文稿(PPT)的主题是“从被动响应到主动防御:基于对抗路径的数字化安全转型实践”。内容围绕如何从攻击者视角出发,通过分析和预测攻击路径,构建主动防御体系。
以下是该PPT的主要内容总结:
1. 背景介绍这部分从攻击者视角出发,分析其攻击目的、手法和路径。 * 攻击目的:主要分为获取利益(如资金窃取、数据贩卖、勒索)、商业竞争(如窃取机密、损害声誉)、蓄意破坏(如员工报复、APT攻击) 和其它(如炫技)。 * 攻击手法:包括漏洞利用、恶意软件(如后门木马、勒索病毒)、社会工程学(如钓鱼邮件)、DDoS攻击 和供应链打击 等。 * 攻击路径(动态组合):攻击通常分三阶段动态组合各种手法: 1. 外部突破:选择暴露面最大、防御最弱的入口(如钓鱼邮件、漏洞利用)。 2. 内部横移:寻找最短的权限继承路径(如命令执行、提权)。 3. 目标达成:避开检测,实现最大化收益(如数据窃取、勒索软件)。 * 防御范式转变:核心思想是从“被动响应”转变为“主动截杀”。这要求在攻击发生前就预判路径,锁定关键节点,并部署检测、阻断和欺骗措施。
3. 落地实践这部分探讨了如何将对抗路径分析应用于实际防御。 * 攻击成功公式:文稿将攻击成功拆解为“数据资产缺陷被利用”+“手法绕过防护体系”。 * 两大应对方法: 1. 消除资产缺陷:通过“资产全生命周期管理”,在需求、研发、测试、发布、运维、回收等各个环节植入安全措施。 2. 阻断手法绕过:构建“纵深防御体系”,包括边界防御(WAF/IPS)、流量监测(NDR)、终端防护(EDR/HIDS) 和主动欺骗(蜜罐) 等。 * 核心技术:“对抗路径生成”。通过叠加“攻防图谱(技术视角)” 和“业务资产链路(业务视角)”,描绘出基于资产链路的对抗路径,从而实现对上游节点的精准隔离和对下游节点的重点防护。 * 能力验证:通过勒索演练等方式,验证边界、主机、内网等各环节的防护有效性。
4. 案例分析:“银狐”攻击链处置文稿以“银狐”攻击为例,展示了在不同阶段的对抗策略: * 投递阶段:攻击方通过IM群发、网站挂马、钓鱼邮件等方式投递恶意文件。防御方通过攻击面收敛,阻止恶意文件落盘。 * 落盘+控制阶段:防御方通过阻断恶意文件执行、隔离恶意进程、监测并阻断反连(C2连接) 来对抗。 * 扩散阶段:通过横向监测 发现威胁,并立即对受害终端进行隔离,阻断其横向移动。
5. 总结与展望You must login to view this content
A critical security flaw has been discovered in Greenshot, a popular open-source screenshot utility for Windows. The vulnerability allows a local attacker to execute arbitrary code within the Greenshot process, potentially enabling them to bypass security measures and carry out further attacks. A proof-of-concept (PoC) exploit has been released, demonstrating the severity of the issue. […]
The post Windows Screenshot Utility Greenshot Vulnerability Enable Malicious code execution – PoC Released appeared first on Cyber Security News.
Creators, Authors and Presenters: Helvetigoth interviews Andra Lezza
Our sincere appreciation to DEF CON, and the Creators/Presenters/Authors for publishing their timely DEF CON 33 outstanding content. Originating from the conference's events located at the Las Vegas Convention Center; and via the organizations YouTube channel.
The post DEF CON 33: Andra Lezza On Being A DC Speake appeared first on Security Boulevard.
In the emergency room at 2 AM, a cardiac patient arrives in distress. The attending physician rushes to the nearest workstation—one that three other doctors have used in the past hour—and needs immediate access to prescribe life-saving medication. But first, there’s the familiar friction: logging out the previous user, entering credentials, waiting for systems to..
The post When Every Second Counts: Rethinking Authentication for Modern Healthcare appeared first on Security Boulevard.