Aggregator

本篇我们继续分享一些关于华为智联旗下小豚AI摄像头的研究内容

Summary A variety of threat actors have been exploiting the ProxyLogon vulnerability in order to carry out malicious activities. Sophos identified the operators of the Black KingDom ransomware also taking advantage of this exploit in a recent campaign. Threat Type Ransomware Overview Sophos published a blog post analyzing Black KingDom's use of the ProxyLogon exploit to distribute its ransomware payloads. After exploiting ProxyLogon ( CVE-2021-27065 ) on vulnerable on-premise versions of Microsoft Exchange

Summary The ICS-CERT has published four advisories that affect Weintek EasyWeb cMT, GE MU320E, GE Reason DR60, and Ovarro TBox. Threat Type Vulnerability Overview The ICS-CERT has published four advisories that affect Weintek EasyWeb cMT, GE MU320E, GE Reason DR60, and Ovarro TBox. Further information is available from the advisories, which are summarized below. ICS Advisory ICSA-21-082-01 - Weintek EasyWeb cMT CVE-2021-27446 - The Weintek cMT product line is vulnerable to Code Injection, which may allow an

Google 如何通过电力超售在数据中心部署更多的机器

Summary Necro, a classic botnet family, first discovered in 2015, was written in Python. On March 2nd, Netlab 360 discovered two samples of a new variant of Necro. Keksec, also known as Kek Security is the threat actor group responsible for the botnet. The botnet has been found on both Windows and Linux systems. Threat Type Malware, Botnet, Cryptomining Overview Necro, a classic botnet family first discovered in 2015, was written in Python. On March 2nd, Netlab 360 discovered two samples of a new variant of

Summary PAM update 4103.18182 contains 7 new events, 0 new moderate event responses, and 0 new aggressive event responses. Threat Type Vulnerability Overview PAM update 4103.18182 contains 7 new events, 0 new moderate event responses, and 0 new aggressive event responses. This content update is compatible with IBM QRadar Network Security Firmware version 5.4 or later, IBM QRadar Network Security for VMware firmware version 5.4 or later, IBM Security Network IPS GV-Series Virtual Appliances, IBM Security Net

Akamai hit a new milestone last week when web traffic delivered across our edge network peaked at 200 terabits per second (Tbps).

The past month has been a very dynamic time in the world of security for hackers and threat researchers, but it has been an extended nightmare for CSOs responsible for securing their enterprise networks.

The Akamai Foundation was set up in 2018 to improve the impact and focus of our long-term philanthropic activities.

Summary Analysts from the Malware Hunter Team have discovered a new tactic being employed by threat actors: Windows Safe Mode Encryption. Bleeping Computer has published an article on the details of the boot mode ransomware encryption technique. Threat Type Vulnerability, Ransomware Overview REvil has added the ability to encrypt files even in Windows Safe Mode. This mode allows users to troubleshoot the operating system for errors. Safe Mode prevents startup menu items from starting and only allows the bar

Three years of reported security incidents shows continued growth in denial-of-service and password login attacks such as brute force and credential stuffing.

Summary IBM X-Force Threat Intelligence has published a report on ITG14 and their shift from Point-of-Sale (POS) systems to ransomware and the emersion of new TTPs for the group. Threat Type Malware, Ransomware,Phishing, VBS, PowerShell, Backdoor Overview IBM X-Force Threat Intelligence has published a report on ITG14, which shares overlap with FIN7 and CARBON SPIDER, and its latest shift from Point-of-Sale (POS) systems to ransomware with new TTPs. X-Force analysts have concluded the latest campaign is aff

日本、德国两国政府22日签署了相互提供安全保障领域机密情报的《情报保护协定》。德国近年来关注中国加强海洋活动

原文：没有Nginx，你还能做什么？ PHP 程序员的未来不是 Java，Java 拯救不了你。 已经 1368 年了，你扪胸自问，没有了 Nginx 的你，还能用 PHP 做什么。有一些高端的

1.背景介绍Webshell是一种基于web应用的后门程序，是黑客在入侵过程中经常使用的一类恶意工具之一。w

Recent attacks against Akamai customers have leveraged a networking protocol known as protocol 33, or Datagram Congestion Control Protocol (DCCP).

Summary IBM X-Force Intelligence has published a report updating the latest activities from Hive0097, known as Cloud Atlas. Threat Type Threat Group Overview IBM X-Force Threat Intelligence has published a report on the latest activities from Hive0097, known as Cloud Atlas. Analysis has revealed several new malicious documents at the beginning of 2021. These documents are consistent with Hive0097's TTPs of focusing on former Soviet-bloc nations in Eastern Europe and Central Asia. Previous findings indicate

美国将“中国网军攻击”视为“对全球资安的严重威胁”，台湾地区位处于网络作战的前沿，台湾军方培训资电通实力，并