UEBA实体画像技术设计和应用
在基础安全领域中,通过实体画像技术可以从多维度对检测对象进行描绘。这些描绘的成果将成为复杂安全检测,与复杂网络攻击调研的数据基础。
Aggregator
UEBA实体画像技术设计和应用
4 years 11 months ago
在基础安全领域中,通过实体画像技术可以从多维度对检测对象进行描绘。这些描绘的成果将成为复杂安全检测,与复杂网络攻击调研的数据基础。
Spoofing credential dialogs on macOS, Linux and Windows
4 years 11 months ago
A nifty way for adversaries to acquire passwords during post-exploitation is to spoof credential dialogs and perform a local phishing attack. This means tricking a user on a compromised computer to enter their password.
Unfortunately, users are conditioned to enter their credentials frequently and therefore don’t question random passwords prompts too much.
Long, long time ago… but nothing has changedThe idea to spoof a credential dialog is one of the most simple ideas one might come up with.
浅入浅出 HTTP 协议
4 years 11 months ago
HTTP 消息是服务器和客户端之间交换数据的方式。有两种类型的消息︰ 请求(requests)--由客户端发送用来触发一个服务器上的动作
XSS + Chrome Rce = 上线到CobaltStrike
4 years 11 months ago
最近 Google Chrome 浏览器被爆出存在远程代码执行漏洞(CNVD-2021-27989),攻击者只需要构造一个恶意的 html 页面诱导用户点击访问,就能实现对浏览器的远程代码执行攻击。
XSS + Chrome Rce = 上线到CobaltStrike
4 years 11 months ago
最近 Google Chrome 浏览器被爆出存在远程代码执行漏洞(CNVD-2021-27989),攻击者只需要构造一个恶意的 html 页面诱导用户点击访问,就能实现对浏览器的远程代码执行攻击。
XSS + Chrome Rce = 上线到CobaltStrike
4 years 11 months ago
最近 Google Chrome 浏览器被爆出存在远程代码执行漏洞(CNVD-2021-27989),攻击者只需要构造一个恶意的 html 页面诱导用户点击访问,就能实现对浏览器的远程代码执行攻击。
Building an A/B Test with EdgeWorkers and EdgeKV
4 years 11 months ago
When paired with our new EdgeKV distributed key-value database, the Akamai EdgeWorkers serverless platform gives you the ability to do powerful things at the CDN level.
Jeffrey Costa
Malicious Android Apps Targeting Users of JIO Telecom in India
4 years 11 months ago
Summary
Zscaler has identified a threat actor spreading malicious android apps via WhatsApp and SMS. The apps are specifically targeting JIO telecom users in India. Those targeted are tricked into thinking that TikTok is available again in India or that they are installing an app to register to receive a free Lenovo laptop, courtesy of the Government of India.
Threat Type
Malware, Phishing, Smishing
Overview
An unnamed threat actor has been identified as actively operating since as early as March 20, 2020.
Metasploit最新资讯
4 years 11 months ago
Metasploit最新资讯!!新模块*4,功能更新*1,BUG修复*7~
Metasploit最新资讯
4 years 11 months ago
Metasploit最新资讯!!新模块*4,功能更新*1,BUG修复*7~
Metasploit最新资讯
4 years 11 months ago
Metasploit最新资讯!!新模块*4,功能更新*1,BUG修复*7~
Metasploit最新资讯
4 years 11 months ago
Metasploit最新资讯!!新模块*4,功能更新*1,BUG修复*7~
Metasploit最新资讯
4 years 11 months ago
Metasploit最新资讯!!新模块*4,功能更新*1,BUG修复*7~
Microsoft Patch Tuesday - April 2021
4 years 11 months ago
Summary
In its April 2021 security updates, Microsoft list 108 CVE numbered vulnerabilities in various Microsoft products. Of those, nineteen are rated as Critical, eighty-eight rated as Important, and one as Moderate. One of the vulnerabilities is reported to have been exploited in the wild. Six vulnerabilities in Microsoft's Chromium based browser, Edge, were addressed in a prior update. Microsoft rated these vulnerabilities as Unknown.
Threat Type
Vulnerability
Overview
In its April 2021 security updates
InScan 内网自动化横向渗透工具使用教程
4 years 11 months ago
InScan 内网自动化横向渗透工具使用教程
InScan 内网自动化横向渗透工具使用教程
4 years 11 months ago
InScan 内网自动化横向渗透工具使用教程
InScan 内网自动化横向渗透工具使用教程
4 years 11 months ago
InScan 内网自动化横向渗透工具使用教程
美英将SolarWinds供应链事件归因于俄罗斯对外情报局SVR
4 years 11 months ago
SolarWinds供应链攻击事件对美国造成非常大的影响,抛开多家科技巨头被入侵不说,就连美国国土安全部门的
美英将SolarWinds供应链事件归因于俄罗斯对外情报局SVR
4 years 11 months ago
SolarWinds供应链攻击事件对美国造成非常大的影响,抛开多家科技巨头被入侵不说,就连美国国土安全部门的