Aggregator

文章描述了错误代码521的含义及其在网络连接中的常见原因。

HackerNews 编译，转载请注明出处： 美国阿拉巴马州加登代尔市政府数据出现在黑客用于展示受害者的暗网论坛上。攻击者声称已窃取数十GB敏感数据。 该声明由名为INC Ransom的知名勒索组织发布。攻击者将加登代尔市列入该组织的泄密网站，这是胁迫受害者支付赎金的常见策略。 INC声称访问了近50GB数据，包括市政合同、财务记录、客户信息、人力资源档案、事故报告及其他机密资料。 然而，攻击者未提供据称被盗数据的样本或截图。我们已联系加登代尔市政府就数据泄露指控置评，收到回复后将更新本文。 若事件属实，此次数据泄露可能引发全市多重危机：市民面临身份盗用风险激增；攻击者可利用失窃信息渗透市政系统深层，使该市成为更频繁的攻击目标。 加登代尔市拥有超1.6万居民，是阿拉巴马州第二大城市伯明翰的北部郊区。 INC Ransom组织背景 INC Ransom是当前最活跃的勒索组织之一。该网络犯罪团伙自2023年7月被发现以来持续扩张，受害者名单包括国防承包商Stark AeroSpace、旧金山芭蕾舞团、英国莱斯特市政府、苏格兰NHS邓弗里斯-加洛韦卫生委员会及施乐公司（Xerox Corporation）。 该组织目标选择无特定限制，甚至曾攻击加拿大汉密尔顿教区天主教墓地等殡葬场所。 据Cybernews暗网监控工具Ransomlooker统计，过去12个月INC Ransom已攻击至少176家机构。 该团伙实施“多重勒索”：不仅加密窃取数据，还威胁受害者若不付款将公开数据。其随机攻击医疗、教育、政府等多行业领域。 尽管成员来源不明，其绝大多数受害者位于西方国家，且回避攻击独联体（CIS）国家——这一特征与许多俄罗斯网络犯罪团伙策略一致。 部分研究人员认为，勒索组织Lynx可能是INC Ransom相关成员的分支或重组尝试。       消息来源： cybernews； 本文由 HackerNews.cc 翻译整理，封面来源于网络； 转载请注明“转自 HackerNews.cc”并附上原文

Spanish police have begun casting a wary eye on users of Google Pixel smartphones, suspecting potential ties to criminal activity. In Catalonia, law enforcement officials report a growing trend of drug traffickers relying specifically...

The post GrapheneOS Under Scrutiny: Why Privacy-Focused Pixels Are Raising Police Suspicions appeared first on Penetration Testing Tools.

One of the world’s largest steel manufacturing conglomerates, the Japanese company Nippon Steel, has reported a large-scale cyberattack during which hackers gained unauthorized access to data belonging to clients, employees, and business partners. The...

The post Nippon Steel Hit by Zero-Day Cyberattack, Exposing Data of 100K+ Employees & Partners appeared first on Penetration Testing Tools.

文章描述了作者在尝试逆向分析TP-Link路由器固件时遇到的问题和困惑。他询问如何提取特定进程、编写自动化脚本以及寻找漏洞的方法，并希望得到建议。

Researchers at Huntress have observed active exploitation of a critical vulnerability in Wing FTP Server—a mere day after its public disclosure. The flaw, tracked as CVE-2025-47812, received the highest possible severity rating (CVSS 10.0),...

The post Critical Wing FTP Server Flaw (CVSS 10.0) Under Active Exploitation: Patch Now! appeared first on Penetration Testing Tools.

加密货币交易所 GMX 遭遇 4,000 万美元资产被盗事件后，与黑客协商达成和解。黑客退回被盗资金并获得 500 万美元漏洞奖金，双方均避免法律风险。

A vulnerability, which was classified as problematic, has been found in Amazon Shop. Affected by this issue is some unknown functionality of the file search.php. The manipulation of the argument Query leads to cross site scripting. This vulnerability is handled as CVE-2005-3908. The attack may be launched remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

Jack Dorsey, co-founder of Twitter and head of Block, recently unveiled his latest endeavor—Bitchat, a messaging application envisioned as a fully decentralized communication tool, independent of traditional internet infrastructure. Instead of relying on conventional...

The post Jack Dorsey’s Bitchat: Decentralized Promise, Centralized Security Concerns appeared first on Penetration Testing Tools.

该文章介绍了一个专注于数字取证科学的社区，涵盖从数字设备中恢复和调查材料的技术与原则，尤其在计算机犯罪中的应用，并扩展到手机、视频等多种媒体类型。

The research laboratory Security Explorations has unveiled the results of a months-long investigation exposing critical vulnerabilities at the core of eSIM technology. The focus of their analysis was a GSMA-certified eUICC card developed by...

The post Critical Flaws Expose eSIMs to Cloning and Mass Surveillance, Threatening Global Mobile Security appeared first on Penetration Testing Tools.

r/netsec是一个技术安全内容聚合平台，旨在为安全从业者提供有价值的信息。研究人员发现Interlock勒索软件的新变种采用PHP编写，取代了之前的JavaScript版本，并在大范围传播。

McDonald’s hiring system was found to be secured by a password so trivial that even a child might guess it—”123456.” Two elementary vulnerabilities granted access to the personal data of over 64 million job...

The post McDonald’s “123456” Password Exposes 64 Million Job Applicants’ Data appeared first on Penetration Testing Tools.

文章描述了错误代码521的含义及其常见原因。该错误通常与Cloudflare服务相关，表示Cloudflare无法连接到网站服务器。文章还提供了排查和解决该问题的方法，包括检查网络连接、访问网站状态页面以及联系网站管理员等。

HackerNews 编译，转载请注明出处： 网络安全公司Cyfirma发现，黑客正公然利用GitHub平台以“免费VPN”为幌子传播Lumma信息窃取木马。该恶意项目伪装成“Free VPN for PC”仓库，实际安装包会触发多阶段攻击链：首先释放伪装成VPN组件的.NET加载器，随后通过内存注入技术部署最终载荷。 该攻击采用双重诱饵策略：同一攻击者在GitHub同步上传名为“Minecraft Skin”的恶意仓库，瞄准青少年游戏群体；利用GitHub可信平台属性规避安全检测，受害者在搜索正版软件时易误入陷阱。技术层面采用多层混淆手段：初始载荷含Base64编码的PowerShell脚本，核心模块通过内存驻留规避磁盘扫描；注入合法进程（如explorer.exe）实现隐蔽运行，窃取流程包含浏览器凭证、加密货币钱包及文档文件。 Lumma窃密软件在地下市场以“恶意软件即服务”模式流通，月租费140-160美元，支持定制化攻击配置。近期活跃传播渠道除GitHub外，还包括：YouTube盗版教程视频诱导下载带毒安装包、虚假验证码页面诱骗用户执行系统命令、Discord游戏社区通过恶意机器人传播。 2025年5月，微软联合欧盟、日本执法机构开展专项打击行动：查封2,300个C2控制域名，瓦解暗网赃数据交易市场；39.4万台受感染Windows设备被重定向至安全服务器消毒；溯源发现俄罗斯开发者“Shamel”为核心运营者，其Telegram频道拥有超千名订阅者。 防护措施建议： 谨慎处理开源平台下载内容，优先验证仓库作者信誉及代码签名； 启用内存防护功能（如Microsoft Defender PPL），阻断非授权代码注入； 对敏感账户实施硬件级双因素认证，降低凭证泄露风险； 定期检查系统进程与网络连接状态，警惕异常行为。     消息来源： cybernews； 本文由 HackerNews.cc 翻译整理，封面来源于网络； 转载请注明“转自 HackerNews.cc”并附上原文

Four vulnerabilities within the Bluetooth stack BlueSDK, developed by OpenSynergy and collectively named PerfektBlue, pose a serious security threat to millions of vehicles. These flaws allow remote code execution on targeted devices and potentially...

The post PerfektBlue: Critical Bluetooth Flaws Expose Millions of Cars to Remote Hacks appeared first on Penetration Testing Tools.

Researchers have uncovered a new packer, Ducex, which conceals one of the most formidable mobile malware threats— the Triada Trojan—through advanced encryption and obfuscation techniques. Its analysis in the interactive sandbox environment ANY.RUN reveals...

The post Ducex Packer: The New Shield for Triada Android Trojan Evading Detection appeared first on Penetration Testing Tools.

A federal court in New York has issued a harsh ruling in a high-profile cryptocurrency theft case. Nicholas Truglia, previously convicted for his role in the cyberattack targeting entrepreneur Michael Terpin’s digital assets, has...

The post Crypto Thief Gets 12 Years: Court Cracks Down on $20M SIM Swap Fraud appeared first on Penetration Testing Tools.

A vulnerability, which was classified as problematic, was found in Truecrypt and VeraCrypt. Affected is the function IsDriveLetterAvailable of the file Driver/Ntdriver.c of the component Symbolic Links Handler. The manipulation leads to improper access controls. This vulnerability is traded as CVE-2015-7358. Attacking locally is a requirement. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

文章介绍了HTTP错误代码521的含义及其常见原因，并提供了排查和解决该问题的方法。