Aggregator

NGC2 чуть не утонула в собственных уязвимостях, но армейцы спасли проект.

PowerJob IDOR 0Day 挖掘

前言上文中我们讲述了直接系统调用技术，它可以不使用ntdll中的Syscall（系统调用）指令，自己在代码中实现、用以绕过针对ntdll中函数的hook，特点是Syscall指令在程序自身的内存空间中，而不是ntdll的内存空间中，由此，AV/EDR也有了相应的检测机制，如果发现Syscall指令不在ntdll内存空间中，则将其视为可疑的IoC，攻击者为了消除这个IoC，间接系统调用技术在此背景下

前言越来越多的安全厂商实现了用户模式Hook，简单说就是恶意软件使用Windows API时，被安全厂商重定向到它自己的Hooking.dll，然后进一步分析，如果研判代码没有恶意行为则放行，如果研判代码有恶意行为则拦截，这促使攻击者使用了新的技术，例如Unhooking、直接系统调用、间接系统调用、等等本文主要介绍直接系统调用，并介绍如何在Visual Studio中通过C++创建一个使用直接系

前言书接上文，高级进程注入之利用线程名和APC实现进程注入（上）：https://xz.aliyun.com/news/18877上文中已经介绍了相关的API，本文会讲述利用线程名注入的实现细节，相比较传统的进程注入需要创建线程，这是一个不需要创建线程的新技术介绍通常，向一个进程的内存写入内容，需要我们在打开进程句柄时带有写权限，PROCESS_VM_WRITE，但这可能被AV/EDR视为可疑指标

NCSC has issued an urgent warning regarding a critical zero-day flaw in Oracle E-Business Suite (EBS) that is currently being exploited in the wild.  Tracked as CVE-2025-61882, the vulnerability resides in the BI Publisher Integration component of Oracle Concurrent Processing and allows unauthenticated remote code execution.  Organisations running EBS versions 12.2.3 through 12.2.14—especially those exposed […]

The post NCSC Warns of Oracle E-Business Suite 0-Day Vulnerability Actively Exploited in Attacks appeared first on Cyber Security News.

LinkedIn sued ProAPIs and its CEO Rahmat Alam for running millions of fake accounts to scrape and sell user data, charging up to $15,000 per month. LinkedIn has filed a lawsuit against the software firm ProAPIs and its CEO, Rahmat Alam, accusing them of creating millions of fake accounts to scrape and sell user data. […]

Hosted at the repository “Huckel789/Android-RAT,” this fully undetectable (FUD) RAT is designed to evade antivirus detection permanently, maintain persistence in battery-optimized environments, and deliver a feature-rich command-and-control (C2C) experience entirely from a web interface. This Android RAT sets itself apart by eliminating the traditional requirement for a desktop or laptop in the attack chain. A […]

The post New ‘Fully Undetectable’ Android RAT Discovered on GitHub appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Хакеры – тоже маркетологи. Теперь они считают «клики» по троянам.

Part two of our Exposure Management Academy series on exposure management maturity explores how organizations like Drogaria Araujo, Tenable and Verizon have applied exposure management to strengthen their security postures. 

Key takeaways:

1. Case studies of Drogaria Araujo, Tenable and Verizon illustrate how exposure management provides tangible benefits to organizations of different sizes and security maturity levels.
    
2. The companies improved visibility, unified siloed data and prioritized risks that create attack paths leading to their organizations’ most critical assets.
    
3. Implementing exposure management principles is a crucial step for organizations aiming to enhance their security posture and mitigate cyber threats effectively.

In the first post in this series, we explored the five stages of the Exposure Management Maturity Model: Ad Hoc, Defined, Standardized, Advanced and Optimized. 

In this post, we explore three case studies to understand how an exposure management platform can help organizations advance their cybersecurity programs. We look at how the core principles of exposure management, supported via the implementation of an exposure management platform, helped these companies achieve better cybersecurity and compliance outcomes.

Drogaria Araujo uses exposure management to improve attack surface visibility 

Drogaria Araujo, a leading Brazilian pharmacy chain, turned to exposure management to improve attack surface visibility and gain the context the CISO needed to report on his company’s highest-risk exposures and demonstrate compliance with Brazil’s General Data Protection Law (LGPD). 

Drogaria Araujo relies on a geographically dispersed, hybrid infrastructure consisting of traditional IT systems and a rapidly growing cloud footprint. Prior to embracing exposure management, the company’s initial security practices depended on basic vulnerability assessment of their IT infrastructure. This resulted in a storm of noisy findings — and a lot of remediation tickets — which strained security and IT teams, despite the fact that these assessments didn’t pull in findings from cloud, identity or OT systems.

Typically, most organizations would look to evolve vulnerability assessment to a vulnerability management program, or maybe a more robust risk-based vulnerability management program. But the firm’s team set its sights on a holistic exposure management program that could better satisfy its needs, one that accounted for the expanding attack surface and encompassed all cybersecurity risks that lead to exposure. 

The company said it selected the Tenable One Exposure Management platform because it provides a unified view of the attack surface across on-premises, cloud, identity and OT environments. This enables the security team to spot cloud misconfigurations and identity-related weaknesses, in addition to traditional software vulnerabilities, that, when combined, create attack paths for threat actors.

Drogaria Araujo’s experience demonstrates how an organization can quickly and cost-effectively expand its visibility with an exposure management platform.

Tenable turns to exposure management to integrate and unify security data 

At Tenable, the need to consolidate security data from across more than 50 tools, improve prioritization and automate reporting were the catalysts for implementing an exposure management program. 

Tenable’s CSO began the exposure management journey by establishing a central team that could own all security policies across various security domains, including vulnerability management, cloud security, web application security and others. It made sense to extend the charter of the vulnerability management team to exposure management as the central control point. But this alone was not enough.

Tenable recognized it also needed to unify its asset and risk data across disparate tools, so it used the Tenable One Exposure Management Platform to aggregate data from Tenable-specific tools and provide rich relationship context, prioritization and KPIs. Following Tenable’s acquisition of Vulcan Cyber, the security team was able to feed data from third-party tools into Tenable One. 

Within the first 48 hours of turning on this new third-party data ingestion capability, Tenable was able to integrate and unify data from 15 third-party tools. Reporting, which previously took the security team an average of three days to manually create, became available in minutes. In addition, the exposure management team was able to extend its scope of visibility from less than 10,000 assets to more than 100,000, representing the entire attack surface, and reduce alert to ticket volume by 1,500 to 1 — all with the same number of staff. 

Assess your exposure management maturity

Do you have elements of an exposure management program in place? Take our exposure management maturity assessment to find out. 

Verizon uses exposure management to prioritize real-world risks and exploitable threats 

Global telecommunications leader Verizon faced the inherent challenges of managing one of the most vast and complex attack surfaces in the world. Like many large organizations, security teams at Verizon had traditionally operated in silos, each with its own specialized tools and priorities for areas like attack surface management, vulnerability scanning, identity exposure and cloud security. 

However, this siloed approach hindered efficient response and raised the potential for visibility gaps falling outside a team's specific area of responsibility or expertise. Recognizing that a reactive approach to managing risk wasn’t enough, Verizon shifted its cybersecurity focus to proactive exposure management. 

In a recent case study and blog post, Verizon said it chose to consolidate its proactive security efforts onto a single platform — Tenable One. This move enabled the integration of data from various security domains, providing a unified view of assets and associated risks. This consolidation was not just a technological shift but also an organizational one, requiring a change in how teams collaborated and shared data. Through transparent communication and demonstrating early value, Verizon was able to unify its security functions, including previously separate attack surface management, Active Directory, IoT and OT security teams.

A core principle of Verizon's new exposure management program is prioritizing real-world risks and exploitable threats rather than addressing every risk finding. The company prioritizes risks that are part of a realistic attack path leading to "crown jewel" assets. This approach enables it to strategically address the most significant exposures, enabling clearer communication with executives about what is at risk and the most urgent priorities, ultimately shifting from a compliance-driven to a risk-based security posture.

Harnessing the power of exposure management

These case studies illustrate the very real benefits of exposure management. Whether you're looking to unify siloed data or achieve the highest levels of proactive security, exposure management provides the framework.

Learn more

• Ready to understand where your organization stands and how to accelerate your journey? Take our exposure management maturity assessment. In less than five minutes, you’ll get a personalized report with recommendations tailored to your organization.

Part two of our Exposure Management Academy series on exposure management maturity explores how organizations like Drogaria Araujo, Tenable and Verizon have applied exposure management to strengthen their security postures. 

Key takeaways:

1. Case studies of Drogaria Araujo, Tenable and Verizon illustrate how exposure management provides tangible benefits to organizations of different sizes and security maturity levels.
    
2. The companies improved visibility, unified siloed data and prioritized risks that create attack paths leading to their organizations’ most critical assets.
    
3. Implementing exposure management principles is a crucial step for organizations aiming to enhance their security posture and mitigate cyber threats effectively.

In the first post in this series, we explored the five stages of the Exposure Management Maturity Model: Ad Hoc, Defined, Standardized, Advanced and Optimized. 

In this post, we explore three case studies to understand how an exposure management platform can help organizations advance their cybersecurity programs. We look at how the core principles of exposure management, supported via the implementation of an exposure management platform, helped these companies achieve better cybersecurity and compliance outcomes.

Drogaria Araujo uses exposure management to improve attack surface visibility 

Drogaria Araujo, a leading Brazilian pharmacy chain, turned to exposure management to improve attack surface visibility and gain the context the CISO needed to report on his company’s highest-risk exposures and demonstrate compliance with Brazil’s General Data Protection Law (LGPD). 

Drogaria Araujo relies on a geographically dispersed, hybrid infrastructure consisting of traditional IT systems and a rapidly growing cloud footprint. Prior to embracing exposure management, the company’s initial security practices depended on basic vulnerability assessment of their IT infrastructure. This resulted in a storm of noisy findings — and a lot of remediation tickets — which strained security and IT teams, despite the fact that these assessments didn’t pull in findings from cloud, identity or OT systems.

Typically, most organizations would look to evolve vulnerability assessment to a vulnerability management program, or maybe a more robust risk-based vulnerability management program. But the firm’s team set its sights on a holistic exposure management program that could better satisfy its needs, one that accounted for the expanding attack surface and encompassed all cybersecurity risks that lead to exposure. 

The company said it selected the Tenable One Exposure Management platform because it provides a unified view of the attack surface across on-premises, cloud, identity and OT environments. This enables the security team to spot cloud misconfigurations and identity-related weaknesses, in addition to traditional software vulnerabilities, that, when combined, create attack paths for threat actors.

Drogaria Araujo’s experience demonstrates how an organization can quickly and cost-effectively expand its visibility with an exposure management platform.

Tenable turns to exposure management to integrate and unify security data 

At Tenable, the need to consolidate security data from across more than 50 tools, improve prioritization and automate reporting were the catalysts for implementing an exposure management program. 

Tenable’s CSO began the exposure management journey by establishing a central team that could own all security policies across various security domains, including vulnerability management, cloud security, web application security and others. It made sense to extend the charter of the vulnerability management team to exposure management as the central control point. But this alone was not enough.

Tenable recognized it also needed to unify its asset and risk data across disparate tools, so it used the Tenable One Exposure Management Platform to aggregate data from Tenable-specific tools and provide rich relationship context, prioritization and KPIs. Following Tenable’s acquisition of Vulcan Cyber, the security team was able to feed data from third-party tools into Tenable One. 

Within the first 48 hours of turning on this new third-party data ingestion capability, Tenable was able to integrate and unify data from 15 third-party tools. Reporting, which previously took the security team an average of three days to manually create, became available in minutes. In addition, the exposure management team was able to extend its scope of visibility from less than 10,000 assets to more than 100,000, representing the entire attack surface, and reduce alert to ticket volume by 1,500 to 1 — all with the same number of staff. 

Assess your exposure management maturity

Do you have elements of an exposure management program in place? Take our exposure management maturity assessment to find out. 

Verizon uses exposure management to prioritize real-world risks and exploitable threats 

Global telecommunications leader Verizon faced the inherent challenges of managing one of the most vast and complex attack surfaces in the world. Like many large organizations, security teams at Verizon had traditionally operated in silos, each with its own specialized tools and priorities for areas like attack surface management, vulnerability scanning, identity exposure and cloud security. 

However, this siloed approach hindered efficient response and raised the potential for visibility gaps falling outside a team's specific area of responsibility or expertise. Recognizing that a reactive approach to managing risk wasn’t enough, Verizon shifted its cybersecurity focus to proactive exposure management. 

In a recent case study and blog post, Verizon said it chose to consolidate its proactive security efforts onto a single platform — Tenable One. This move enabled the integration of data from various security domains, providing a unified view of assets and associated risks. This consolidation was not just a technological shift but also an organizational one, requiring a change in how teams collaborated and shared data. Through transparent communication and demonstrating early value, Verizon was able to unify its security functions, including previously separate attack surface management, Active Directory, IoT and OT security teams.

A core principle of Verizon's new exposure management program is prioritizing real-world risks and exploitable threats rather than addressing every risk finding. The company prioritizes risks that are part of a realistic attack path leading to "crown jewel" assets. This approach enables it to strategically address the most significant exposures, enabling clearer communication with executives about what is at risk and the most urgent priorities, ultimately shifting from a compliance-driven to a risk-based security posture.

Harnessing the power of exposure management

These case studies illustrate the very real benefits of exposure management. Whether you're looking to unify siloed data or achieve the highest levels of proactive security, exposure management provides the framework.

Learn more

• Ready to understand where your organization stands and how to accelerate your journey? Take our exposure management maturity assessment. In less than five minutes, you’ll get a personalized report with recommendations tailored to your organization.

The post How Exposure Management Helped Three Companies Transform Their Cybersecurity Program appeared first on Security Boulevard.

万字长文：Linux 内核中/proc/self/maps 的实现与匿名空间释放机制探究

本文基于在攻防演习与众测平台中发现的若干高危 RCE 案例，聚焦于攻击者如何滥用系统原生功能（定时任务、OTA 更新、热加载补丁等）来实现远程命令执行（RCE）。将三个真实案例（均已修复）作为切入点，分析攻击链条、共性与风险，并补充实战层面的技术细节与检测/防御建议，帮助读者在渗透测试与蓝队防御中形成更完整的思路。

唯一一个困难pwn题，难是真难，为期2天的比赛总共只有11只队伍解出，该题是glibc-2.41下的题目，总共3个难点：如何绕过图像校验？如何在受限情况下进行堆利用？受限情况下如何劫持执行流？对于前半，本文将介绍完整的深入分析复杂流程的过程，对于后半，本文将结合glibc2.41源码来介绍fastbin+tcachebin的组合利用技巧，和exit中攻击向量。

Cybersecurity researchers are reporting an alleged security breach involving Chinese technology giant Huawei Technologies, with hackers claiming to have accessed and leaked sensitive source code and internal development tools. The incident, which surfaced through social media channels, represents a potentially significant security compromise of one of the world’s largest telecommunications equipment manufacturers. Hacker illustrating world’s biggest […]

The post Hackers Allegedly Breach Huawei Technologies, Leak Source Code and Internal Tools appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Discord расследует утечку данных после атаки на службу поддержки.