“暗象”组织:潜藏十年的网络攻击
点击上方'蓝字'关注我们吧!01概述“暗象”组织(DarkElephant Group)是一个疑似来自印度的APT攻击组织,其主要针对印度境内的社会活动人士、社会团体和在野政...
某远控RCE绕过某数字的利用方式
声明:该公众号大部分文章来自作者日常学习笔记,也有部分文章是经过作者授权和其他公众号白名单转载,未经授权,严禁转载,如需转载,联系开白。请勿利用文...
CVE-2022-30287 Horde Webmail PHP反序列化漏洞 “填坑式” 分析
★且听安全★-点关注,不迷路!★漏洞空间站★-优质漏洞资源和小伙伴聚集地!漏洞信息Horde Webmail 是一个开源免费的基于浏览器的通信套件,由 Horde 项目组织负...
Router security in 2021
AUTHORS MARIA NAMESTNIKOVA A router is a gateway from the internet to a home or office — despite being conceived quite the opposite. Route...
An Autopsy on a Zombie In-the-Wild 0-day
Whenever there’s a new in-the-wild 0-day disclosed, I’m very interested in understanding the root cause of the bug. This allows us to then understa...
Iranian Spear-Phishing Operation Targets Former Israeli and US High-Ranking Officials
Introduction Check Point Research uncovers a recent Iranian-based spear-phishing operation aimed against former Israeli officials, high-ranking mil...
활발하게 유포 중인 BAT 스크립트 포함한 악성 한글문서 (북한/국방/방송)
ASEC 분석팀은 한글 문서의 정상 기능(OLE 개체 연결 삽입)을 악용하는 APT 문서가 최근 활발하게 유포 중임을 확인하였다. 지난 3월 3일 소개한 “20대 대통...
Technical Analysis of PureCrypter: A Fully-Functional Loader Distributing Remote Access Trojans and Information Stealers
Key points PureCrypter is a fully-featured loader being sold since at least March 2021 The malware has been observed distributing a variety of...
主机安全技术剖析-手把手教会你防御Java内存马
书接上文,在上篇文章中我们论述了java内存马的一些基本注入方式,本篇我们将从防御和绕过的方式继续讨论java内存马的攻防实战。 1 防 Agent...
BlockSec成功拦截针对FSWAP的黑客攻击
北京时间2022年6月13日晚,FSWAP项目遭受黑客攻击,黑客通过操纵DEX的pool中资产比例获利。黑客共计发动三笔攻击,BlockSec成功阻断拦截了其中2笔攻击交易,...