Aggregator

Фишинговые тактики становятся всё более изощрёнными благодаря умным алгоритмам.

KAPE(Kroll Artifact Parser and Extractor)用于获取和解析 Window阅读更多

Hackers often attack secure boot during the boot process to execute unauthorized code, which gives them the ability to bypass a system’s security measures. By compromising Secure Boot, they can install rootkits and malware at a low level, gaining persistent control over the system and evading traditional security defenses. The Binarly Research Team discovered a […]

The post PKfail, Critical Firmware Supply-Chain Issue Let Attackers Bypass Secure Boot appeared first on GBHackers on Security | #1 Globally Trusted Cyber Security News Platform.

A malicious campaign emerged on June 21, 2024, distributing a JavaScript file hosted on grupotefex.com, which executes an MSI installer, subsequently dropping a Brute Ratel Badger DLL into the user’s AppData.  The command-and-control framework Brute Ratel then downloads and inserts the stealthy Latrodectus backdoor, which gives threat actors remote control, the ability to steal data, […]

The post Hackers Attacking Users Searching For W2 Form appeared first on GBHackers on Security | #1 Globally Trusted Cyber Security News Platform.

一、境外厂商产品漏洞 1、PDF-XChange Editor栈缓冲区溢出漏洞（CNVD-2024-33502）

2024年07月22日-2023年07月28日 本周漏洞态势研判情况本周信息安全漏洞威胁整体评价级别为中。

Onyx Sleet, a cyber espionage group also known as SILENT CHOLLIMA, Andariel, DarkSeoul, Stonefly, and TDrop2, mainly targets the military, defense sector, and technology in the United States, South Korea, and India. The group historically used spear-phishing, but they have now started using N-day vulnerabilities, such as in their October 2023 attack on TeamCity. To […]

The post North Korean Onyx Sleet Using Group Of Malware And Exploits to Gain Intelligence appeared first on GBHackers on Security | #1 Globally Trusted Cyber Security News Platform.

文章讲述了利用Nginx WebUI的RCE漏洞进行渗透测试，通过Python脚本和NPS工具，成功获取内网服务和数据库访问权限的过程。

国内ai，注册几个使用，视频生成需要申请内测，现在申请大概率秒过。 可以设置不同氛围，运镜，风格。   卡通3d风格，怎么说呢，感觉有点一言难尽。。。 https://chatglm...

Cisco has issued patches for multiple products affected by a critical vulnerability in the RADIUS protocol. The vulnerability, identified as CVE-2024-3596, was disclosed by security researchers on July 7, 2024. This flaw allows an on-path attacker to forge responses using a chosen prefix collision attack against the MD5 Response Authenticator signature. Cisco has been actively […]

The post Cisco Patches the Products Impacted by RADIUS Protocol Vulnerability appeared first on GBHackers on Security | #1 Globally Trusted Cyber Security News Platform.

Последствия атаки на Selenium Grid приводит к разным последствиям - от потери ресурсов до утечки данных.

据纽约时报27日报道，韩国国防情报指挥部遭遇重大泄密事件，敏感情报流向朝鲜，包括海外特工的个人信息。这一事件对韩国情报收集能力构成严重威胁，可能削弱其对朝鲜的情报优势。韩国军方已启动调查，计划对泄密责任人采取严厉措施。

Linux 系统上广泛使用的 Ghostscript 文档转换工具包中存在一个远程代码执行漏洞，目前正在遭受攻击。

本期CNCERT国家工程研究中心安全资讯周报共收录安全资讯29篇。点击文章，快速阅读最新资讯。

Квантовая механика и фармацевтика – союз, который изменит будущее науки.

Группа вымогателей похитила 1,7 ТБ данных и угрожает их публикацией.

7月26日消息，英国皇家联合军种国防研究所（RUSI）发表了文章《俄罗斯网络战重心转向乌克兰前线》，作者为谷歌云旗下曼迪安特公司网络谍报分析经理Dan Black。

ESET Research在一个地下论坛上发现了一个针对Android Telegram的零日漏洞广告。

本期关键基础设施安全资讯周报共收录安全资讯29篇。点击文章，快速阅读最新资讯。

Атаки на цепочку поставок становятся всё более разрушительными…