Aggregator

深蓝洞察年度安全报告第三篇

近期，我们捕获到了SideWinder针对不丹、缅甸、尼泊尔的攻击样本，这类样本主要是通过宏文档释放Nim语言编译的攻击载荷，这类载荷在响尾蛇历史攻击者中很少见。鉴于此情况，本文重点披露响尾蛇组织使用的这类组件。

屏幕另一端的人严肃地提出了第一个问题：“2022 年 x 月 x 日，你在 x 点 x 分 x 秒你打开了 xx 文档，你先是快速滑动页面，之后在 xx 位置停 […]

深蓝洞察年度安全报告的第二篇

英方宣称重创LockBit勒索软件组织

英方宣称重创LockBit勒索软件组织

英方宣称重创LockBit勒索软件组织

本研究探讨了通过复杂性原则生成高质量大型语言模型（LLM）对抗样本的方法。

A mix of PSYOPs, espionage and … fake Canadian pharmacies!

​希望能成为产品owner与创业者们的灵感之源。

​希望能成为产品owner与创业者们的灵感之源。

​希望能成为产品owner与创业者们的灵感之源。

​希望能成为产品owner与创业者们的灵感之源。

In 2021, Ivanti patched a vulnerability that they called “code injection”. Rumors say it was a backdoor in an open source project. Let’s find out what actually happened!

U.S. and U.K. authorities have seized the darknet websites run by LockBit, a prolific and destructive ransomware group that has claimed more than 2,000 victims worldwide and extorted over $120 million in payments. Instead of listing data stolen from ransomware victims who didn't pay, LockBit's victim shaming website now offers free recovery tools, as well as news about arrests and criminal charges involving LockBit affiliates.

HomuWitch is a ransomware strain that initially emerged in July 2023. Unlike the majority of current ransomware strains, HomuWitch targets end-users - individuals - rather than institutions and companies.

The post Decrypted: HomuWitch Ransomware appeared first on Avast Threat Labs.