Aggregator

Cybersecurity researchers have discovered a new, sophisticated remote access trojan called ResolverRAT that has been observed in attacks targeting healthcare and pharmaceutical sectors. "The threat actor leverages fear-based lures delivered via phishing emails, designed to pressure recipients into clicking a malicious link," Morphisec Labs researcher Nadav Lorber said in a report shared with The

Research by: hasherezade Key Points Introduction Process injection is one of the important techniques used by attackers. We can find its variants implemented in almost every malware. It serves purposes such as: In our previous blog on process injections we explained the foundations of this topic and basic ideas behind detection and prevention. We also proposed a new technique dubbed Thread […]

The post Waiting Thread Hijacking: A Stealthier Version of Thread Execution Hijacking appeared first on Check Point Research.

SecWiki周刊（第580期) by ourren

OneEval：大模型知识增强综合能力评测榜单 by ourren

Awesome-NTA: awesome papers, datasets and tools about network traffic analysis by ourren

更多最新文章，请访问SecWiki

正文昨天在开bp测试的时候,突然看到一个令人吃惊的消息:GitHub 疑似屏蔽了所有中国 IP 的访问。

Meta announced today that it will soon start training its artificial intelligence models using content shared by European adult users on its Facebook and Instagram social media platforms. [...]

In this blog, we'll explore the main reasons why security teams fall behind, what you can do to fix it, and how to build a culture of continuous learning.

Windows 11 24H2 用户在安装最新安全更新之后可能会对设备上出现一个神秘的空文件夹 inetpub 而感到困惑，鉴于它是空文件夹，一部分人可能觉得删除它不会发生什么大事。微软发表声明，警告不要删除，称该文件夹是修复 Windows Process Activation 提权漏洞 CVE-2025-21204 的一部分，IT 管理员和用户不要对此采取任何行动。如果你已经删除了怎么办？微软提供了修复方法：控制面板 > 程序 > 程序和功能 > 启用或关闭 Windows 功能，点击之后寻找到 Internet Information Services 然后勾选框，点击确定按钮，inetpub 文件夹将会重新创建。

A vulnerability was found in Shiba-Design Nukecalendar 1.1.a. It has been rated as problematic. This issue affects some unknown processing of the file modules.php of the component Error Message Handler. The manipulation leads to information disclosure. The identification of this vulnerability is CVE-2004-1912. The attack may be initiated remotely. Furthermore, there is an exploit available.

A vulnerability was found in IBM Robotic Process Automation and Robotic Process Automation for Cloud Pak up to 21.0.7.20/23.0.20 and classified as critical. This issue affects some unknown processing. The manipulation leads to session expiration. The identification of this vulnerability is CVE-2024-49825. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.