CVE-2022-31626 PHP远程命令执行漏洞成因分析与复现

★且听安全★-点关注,不迷路!★漏洞空间站★-优质漏洞资源和小伙伴聚集地!漏洞信息2022 年 6月 10 日,PHP 官方发布了 1 个远程命令执行高危漏洞通报,编号为 ...

红队必备-防蜜罐抓到被打断腿

扫码领资料获黑客教程免费&进群随作者:安全祖师爷背景由于最近参与做了一些hw前的演习项目,在这个过程中,时不时有别的攻击队踩了蜜罐导致被防守方反向溯...

详解T-BOX 车载网联终端设计

“智能汽车生态群'加微信Time-machine-(备注公司+姓名)摘要基于瑞萨RH850微控制器、TICC2640R2F蓝牙微控制器、高通MDM9628微处理器设计了一款T-BOX车载终端...

NTLM Relay over HTTP (Webdav)

NTLM Relay over HTTP (Webdav)NTLM Relay over HTTP (Webdav)WebdavCoercing Authentication From WebdavNTLM Relay over HTTP (Webdav)S4U To SYSTEMCreate...

FOTA技术专栏—UDS刷写

公众号前面几篇文章,笔者已经对FOTA、SOTA、信息安全等内容进行了系统性的综述。从本期开始,笔者将开设技术专栏,分别对上述主题展开更详细、深入的介绍,...

Apache Httpd AJP请求走私 CVE-2022-26377 漏洞分析

Smi1e@卫兵实验室漏洞分析0x00 影响版本Apache Httpd < 2.4.540x01 AJP协议介绍Tomcat最主要的功能是提供Servlet/JSP容器,尽管它也可以作为独...

Exposing POLONIUM activity and infrastructure targeting Israeli organizations

Microsoft successfully detected and disabled attack activity abusing OneDrive by a previously undocumented Lebanon-based activity group Microsoft T...

Shining the Light on Black Basta

Summary tl;dr This blog post documents some of the TTPs employed by a threat actor group who were observed deploying Black Basta ransomware during ...

Aoqin Dragon | Newly-Discovered Chinese-linked APT Has Been Quietly Spying On Organizations For 10 Years

Executive Summary Aoqin Dragon, a threat actor SentinelLabs has been extensively tracking, has operated since 2013 targeting government, educati...

About iOS 15.0 – 15.3.1 sandbox escape technique using kernel read/write primitives

Sandbox Extension Generator A method of generating arbitary sandbox extensions using kernel read/write primitives on iOS 7 - 15.3.1 (patched via PA...
1 970 971 972 973 974 1,240