Aggregator

微软Exchange漏洞攻击者行为分析

微软Exchange漏洞攻击者行为分析

At Akamai, the Enterprise Security Red Team (ESRT) continuously strives to evaluate the security of both our external and internal services.

Summary Cisco has published thirty-eight Security Advisories. Of the advisories, one is rated as Critical, eighteen are rated as High and nineteen are rated as Medium. Threat Type Vulnerability Overview Cisco has published thirty-eight Security Advisories. Of the advisories, one is rated as Critical, eighteen are rated as High and nineteen are rated as Medium. For all advisories listed below, it is noted that Cisco's Product Security Incident Response Team (PSIRT) is "not aware of any public announcements o

Summary Microsoft has finally fixed a vulnerability initially disclosed by a Tenable researcher back in January 2021. Threat Type Vulnerability Overview A component of Microsoft's Sysinternals utility was found in January 2021 to be vulnerable to privilege escalation. According to the release notes from Microsoft: "This update to PsExec mitigates named pipe squatting attacks that can be leveraged by an attacker to intercept credentials or elevate to System privilege. the -i command line switch is now necess

Summary In mid-February, several vulnerabilities were attacked, according to researchers with Unit 42 of Palo Alto Networks. As of this writing, the attacks are ongoing. Unit 42 provides information about these attacks and the malware discovered during analysis. Threat Type Malware Overview Threat actors have been busy with exploits against several vulnerabilities, some of which are rated as critical. Among the vulnerabilities being exploited are VisualDoor, CVE-2020-25506, CVE-2021-27561, CVE-2021-27562, C

Summary PAM update 4103.23203 contains 1 new event, 1 new moderate event response, and 1 new aggressive event response. The new events relate to the vulnerability, CVE-2021-22986, in certain F5 products. Threat Type Vulnerability Overview PAM update 4103.23203 contains 1 new event, 1 new moderate event response, and 1 new aggressive event response. The new events relate to the vulnerability, CVE-2021-22986, in certain F5 products. This content update is compatible with IBM QRadar Network Security Firmware v

众所周知，C 语言中使用字符数组来表示字符串，并在字符串末尾使用空字符 \0 标识字符串结束。 如果字符串中包含 \0 或者二进制数据，就会导致

本篇我们继续分享一些关于华为智联旗下小豚AI摄像头的研究内容

本篇我们继续分享一些关于华为智联旗下小豚AI摄像头的研究内容

本篇我们继续分享一些关于华为智联旗下小豚AI摄像头的研究内容

本篇我们继续分享一些关于华为智联旗下小豚AI摄像头的研究内容

本篇我们继续分享一些关于华为智联旗下小豚AI摄像头的研究内容

Google 如何通过电力超售在数据中心部署更多的机器

Google 如何通过电力超售在数据中心部署更多的机器

Summary A variety of threat actors have been exploiting the ProxyLogon vulnerability in order to carry out malicious activities. Sophos identified the operators of the Black KingDom ransomware also taking advantage of this exploit in a recent campaign. Threat Type Ransomware Overview Sophos published a blog post analyzing Black KingDom's use of the ProxyLogon exploit to distribute its ransomware payloads. After exploiting ProxyLogon ( CVE-2021-27065 ) on vulnerable on-premise versions of Microsoft Exchange

Summary The ICS-CERT has published four advisories that affect Weintek EasyWeb cMT, GE MU320E, GE Reason DR60, and Ovarro TBox. Threat Type Vulnerability Overview The ICS-CERT has published four advisories that affect Weintek EasyWeb cMT, GE MU320E, GE Reason DR60, and Ovarro TBox. Further information is available from the advisories, which are summarized below. ICS Advisory ICSA-21-082-01 - Weintek EasyWeb cMT CVE-2021-27446 - The Weintek cMT product line is vulnerable to Code Injection, which may allow an

Google 如何通过电力超售在数据中心部署更多的机器

Summary Necro, a classic botnet family, first discovered in 2015, was written in Python. On March 2nd, Netlab 360 discovered two samples of a new variant of Necro. Keksec, also known as Kek Security is the threat actor group responsible for the botnet. The botnet has been found on both Windows and Linux systems. Threat Type Malware, Botnet, Cryptomining Overview Necro, a classic botnet family first discovered in 2015, was written in Python. On March 2nd, Netlab 360 discovered two samples of a new variant of