Торренты на службе хакеров. Как новый бэкдор PeerBlight прячет управление в сети BitTorrent
Как код на Go помогает хакерам подменять временные метки и скрывать следы взлома.
Aggregator
Akira
2 weeks ago
You must login to view this content
cohenido
Rhysida
2 weeks ago
You must login to view this content
cohenido
Trump moves to pardon Colorado election clerk Tina Peters, even though he can’t
2 weeks ago
Peters, one of many election deniers Trump has sought to shield from legal consequences, is serving a nine-year state prison sentence that can’t be nullified by a presidential pardon.
The post Trump moves to pardon Colorado election clerk Tina Peters, even though he can’t appeared first on CyberScoop.
djohnson
古早互联网情报挖掘计划
2 weeks ago
随着年龄的增长,黑鸟爱上了阅读之前无人详细研究的各类杂七杂八的情报数据,甚至开始看古早互联网时期的八卦类开源情报调查报告。
从近期的几篇文章可以看出一丝的不对劲。
RuBee:隐匿于军工与核设施的小众无线协议
美国紧急通信系统:保障国家紧急状态下通信畅通
在阅读过程中,黑鸟认为人类对于古早互联网情报挖掘不足百分之一,比如各类国外解禁文档(上个时代的东西),而大模型的出现让这一切成为了可能,举个简单例子,分析图1来自斯诺登泄露文件:XKEYSCORE 中的 CNE 分析。(09年的ppt),并参考其系统思路。
XKEYSCORE是美国国家安全局NSA的一个高度机密的计算机系统,主要用于搜索和分析全球互联网数据。
该系统不是直接进行数据收集的工具,而是处理 NSA 通过其他渠道(如光纤电缆拦截)已获取的全量数据(full-take data),包括电子邮件、浏览历史、聊天记录、IP 地址、用户名、密码以及其他元数据和内容,并提供用户友好的界面,让分析师像使用搜索引擎一样查询信息。
自 2010 年起,XKEYSCORE整合机器学习,以应对PB级增长的数据爆炸。
模仿上述处理流程,即通过黑鸟Ai情报处理系统对文档进行清洗,对模糊图片清晰化图3(中文清晰的效果还是不够,但是图片文字提取却还行),然后再自动解读后的成果图4图5。
未来(拖更预警)会自动分析处理类似的古早情报,再自动化发知识星球做一下测试,如果有比较好的素材会发公众号。总之开个新坑,也欢迎投稿比较好的古早情报数据或文章,目前需要有价值的互联网情报语料进行训练。
#古早互联网情报挖掘计划
坚守十七载,静待花开时 —— T00ls 12.12 老用户回归/复活活动开启
2 weeks ago
十七岁,正青春。 感谢大家一路相伴,T00ls 期待您的归来!
SecWiki News 2025-12-12 Review
2 weeks ago
Weekly Threat Landscape Digest – Week 50
2 weeks ago
This week’s threat landscape (Week 45) reflects the ongoing evolution of attacker tactics toward greater precision, automation, and persistence. Adversaries […]
The post Weekly Threat Landscape Digest – Week 50 appeared first on HawkEye.
HawkEye
Успешный успех отменяется. Автор гайдов по взлому Android сменил доминиканский пляж на тюремную камеру
2 weeks ago
Пока заказчик схемы остаётся в бегах, исполнителю придётся отвечать за «режиссуру» финансовых махинаций.
Critical React2Shell Vulnerability (CVE-2025-55182) Analysis: Surge in Attacks Targeting RSC-Enabled Services Worldwide
2 weeks ago
Torrance, United States / California, December 12th, 2025, CyberNewsWire In December 2025, CVE-2025-55182 (React2Shell), a vulnerability in React Server Components (RSC) that enables remote code execution (RCE), was publicly disclosed. Shortly after publication, multiple security vendors reported scanning activity and suspected exploitation attempts, and CISA has since added the flaw to its Known Exploited Vulnerabilities […]
The post Critical React2Shell Vulnerability (CVE-2025-55182) Analysis: Surge in Attacks Targeting RSC-Enabled Services Worldwide appeared first on Cyber Security News.
Cybernewswire
Germany summons Russian ambassador over cyberattack, election disinformation
2 weeks ago
Germany said it had "clear evidence" that a 2024 cyberattack on its air traffic control authority was the work of the Russian hacking operation known as APT28 or Fancy Bear.
Kali Linux 2025.4 released with 3 new tools, desktop updates
2 weeks ago
Kali Linux has released version 2025.4, its final update of the year, introducing three new hacking tools, desktop environment improvements, the preview of Wifipumpkin3 in NetHunter, and enhanced Wayland support. [...]
Lawrence Abrams
CVE-2025-36746 | SolarEdge Monitoring platform cross site scripting
2 weeks ago
A vulnerability, which was classified as problematic, has been found in SolarEdge Monitoring platform. Affected is an unknown function. Performing manipulation results in cross site scripting.
This vulnerability is known as CVE-2025-36746. Remote exploitation of the attack is possible. No exploit is available.
This product is a managed service. This means that users cannot maintain vulnerability countermeasures themselves.
vuldb.com
CVE-2025-36743 | SolarEdge SE3680H up to 4.21 Debug Interface improper authentication
2 weeks ago
A vulnerability classified as critical was found in SolarEdge SE3680H up to 4.21. This impacts an unknown function of the component Debug Interface. Such manipulation leads to improper authentication.
This vulnerability is traded as CVE-2025-36743. The attack can be executed directly on the physical device. There is no exploit available.
Upgrading the affected component is advised.
vuldb.com
CVE-2025-36744 | SolarEdge SE3680H up to 4.21 debug messages revealing unnecessary information
2 weeks ago
A vulnerability classified as problematic has been found in SolarEdge SE3680H up to 4.21. This affects an unknown function. This manipulation causes debug messages revealing unnecessary information.
This vulnerability appears as CVE-2025-36744. It is feasible to perform the attack on the physical device. There is no available exploit.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2025-36745 | SolarEdge SE3680H up to 4.21 Linux Kernel unmaintained third party components
2 weeks ago
A vulnerability described as critical has been identified in SolarEdge SE3680H up to 4.21. The impacted element is an unknown function of the component Linux Kernel. The manipulation results in use of unmaintained third party components.
This vulnerability is reported as CVE-2025-36745. An attack on the physical device is feasible. No exploit exists.
Upgrading the affected component is recommended.
vuldb.com
CVE-2025-54981 | Apache StreamPark up to 2.1.6 risky encryption
2 weeks ago
A vulnerability marked as problematic has been reported in Apache StreamPark up to 2.1.6. The affected element is an unknown function. The manipulation leads to risky cryptographic algorithm.
This vulnerability is documented as CVE-2025-54981. The attack can be initiated remotely. There is not any exploit available.
It is suggested to upgrade the affected component.
vuldb.com
CVE-2025-54947 | Apache StreamPark up to 2.1.6 hard-coded key
2 weeks ago
A vulnerability labeled as problematic has been found in Apache StreamPark up to 2.1.6. Impacted is an unknown function. Executing manipulation can lead to use of hard-coded cryptographic key
.
This vulnerability is registered as CVE-2025-54947. It is possible to launch the attack remotely. No exploit is available.
The affected component should be upgraded.
vuldb.com
New JSCEAL Infostealer Malware Attacking Windows Systems to Steal Login Credentials
2 weeks ago
JSCEAL has emerged as a serious threat to Windows users, specifically targeting those who work with cryptocurrency applications and valuable accounts. First reported by Check Point Research in July 2025, this information stealing malware has quietly grown stronger, introducing advanced techniques designed to avoid detection by security tools. A new wave of attacks starting in […]
The post New JSCEAL Infostealer Malware Attacking Windows Systems to Steal Login Credentials appeared first on Cyber Security News.
Tushar Subhra Dutta
CVE-2025-14581 | HAPPY Plugin up to 1.0.9 on WordPress Support Ticket submit_form_reply happy_topic_id authorization
2 weeks ago
A vulnerability identified as critical has been detected in HAPPY Plugin up to 1.0.9 on WordPress. This issue affects the function submit_form_reply of the component Support Ticket Handler. Performing manipulation of the argument happy_topic_id results in missing authorization.
This vulnerability is cataloged as CVE-2025-14581. It is possible to initiate the attack remotely. There is no exploit available.
vuldb.com