Aggregator

好的，我现在需要帮用户总结这篇文章的内容，控制在100字以内。首先，我得通读整篇文章，抓住主要信息。 文章主要讲的是Latrodectus后门被用来投放BackConnect RAT，这个RAT使用了与IcedID和QakBot相同的C2协议。作者用NetworkMiner Professional解析了这个流量，展示了攻击者如何通过VNC、反向shell等手段入侵系统。此外，还提到了攻击者的一些键盘错误以及后续的恶意软件投放。 接下来，我需要将这些要点浓缩成100字以内的总结。要注意不要使用“文章内容总结”这样的开头，直接描述内容即可。 可能的结构是：Latrodectus后门用于投放BackConnect RAT，该RAT利用特定协议进行攻击活动，包括VNC会话和反向shell。NetworkMiner Professional帮助解析了这些流量，并展示了攻击者的活动细节。 现在检查字数是否符合要求，并确保所有关键点都被涵盖。 文章描述了Latrodectus后门用于投放BackConnect RAT的活动，该RAT利用与IcedID和QakBot相同的C2协议进行攻击。通过NetworkMiner Professional解析的流量显示，攻击者使用反向VNC、Shell等手段入侵系统，并投放了Cobalt Strike和Brute Ratel等恶意软件。

So far the attacks, which compromise virtual network computing (VNC) connections in OT systems, have not been particularly destructive, but this could change as they evolve.

OWASP GenAI Security Project发布AI代理十大安全威胁列表，并在Black Hat Europe 2025会议上公布相关指南和工具。该列表扩展了此前针对大型语言模型和网络应用的威胁跟踪项目，强调AI代理广泛应用将显著扩大攻击面，给网络安全团队带来挑战。

OWASP unveils its GenAI Top 10 threats for agentic AI, plus new security and governance guides, risk maps, and a FinBot CTF tool to help organizations secure emerging AI agents.

The post OWASP Project Publishes List of Top Ten AI Agent Threats appeared first on Security Boulevard.

A vulnerability identified as critical has been detected in webSPELL 4.2.1. Affected by this issue is some unknown functionality of the file asearch.php. Performing manipulation of the argument Search results in sql injection. This vulnerability is identified as CVE-2010-4861. The attack can be initiated remotely. Additionally, an exploit exists.

A vulnerability, which was classified as critical, has been found in WHMCS 4.2. Affected is an unknown function of the file submitticket.php. Performing manipulation of the argument deptid results in sql injection. This vulnerability is cataloged as CVE-2010-1702. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

A vulnerability was found in Valarsoft Webmatic. It has been declared as critical. This vulnerability affects unknown code of the file index.php. Such manipulation leads to sql injection. This vulnerability is documented as CVE-2010-4808. The attack can be executed remotely. Additionally, an exploit exists.

A vulnerability described as critical has been identified in Wikiwebhelp Wiki Web Help 0.28. The affected element is an unknown function of the component Help. The manipulation of the argument ID results in sql injection. This vulnerability is cataloged as CVE-2010-4970. The attack may be launched remotely. Furthermore, there is an exploit available.

A vulnerability classified as critical has been found in Kjetiltroan WebMaid CMS up to 0.2-6. The affected element is an unknown function of the file cContactus.php. This manipulation of the argument menu causes code injection. This vulnerability is tracked as CVE-2010-1266. The attack is possible to be carried out remotely. Moreover, an exploit is present.

A vulnerability classified as problematic was found in Kjetiltroan WebMaid CMS up to 0.2-6. The impacted element is an unknown function of the file cContactus.php. Such manipulation of the argument com leads to path traversal. This vulnerability is listed as CVE-2010-1267. The attack may be performed from remote. In addition, an exploit is available.

A vulnerability categorized as problematic has been discovered in WeBid 0.8.5. The affected element is an unknown function of the file confirm.php. The manipulation of the argument ID results in cross site scripting. This vulnerability was named CVE-2010-4873. The attack may be performed from remote. In addition, an exploit is available.

GhostFrame 是一种新型钓鱼工具包，利用 iframe 和动态生成的子域名隐藏恶意活动，并通过技术手段规避检测。该工具已发起超百万次钓鱼攻击。

A vulnerability classified as critical has been found in Linux Kernel up to 6.4.10. Impacted is the function alauda_check_media. Performing manipulation results in uninitialized pointer. This vulnerability is reported as CVE-2023-53847. The attacker must have access to the local network to execute the attack. No exploit exists. It is recommended to upgrade the affected component.

A vulnerability described as critical has been identified in Linux Kernel up to 6.1.52/6.4.15/6.5.2. The impacted element is the function r5l_exit_log. Executing manipulation can lead to null pointer dereference. This vulnerability is registered as CVE-2023-53848. The attack requires access to the local network. No exploit is available. Upgrading the affected component is recommended.

A vulnerability identified as critical has been detected in Robocode 1.9.3.6. This vulnerability affects the function recursivelyDelete of the component CacheCleaner. Performing manipulation results in path traversal. This vulnerability is known as CVE-2025-14306. Remote exploitation of the attack is possible. No exploit is available.

A vulnerability marked as problematic has been reported in TianoCore EDK2. This affects an unknown function. The manipulation leads to improper input validation. This vulnerability is referenced as CVE-2025-2296. Remote exploitation of the attack is possible. No exploit is available. It is suggested to upgrade the affected component.

美国检察官起诉一名乌克兰女子参与针对全球关键基础设施的网络攻击，包括美国水系统、选举系统和核设施。她涉嫌代表俄罗斯支持的黑客组织活动，并被引渡至美国受审。

U.S. prosecutors have charged a Ukrainian national for her role in cyberattacks targeting critical infrastructure worldwide, including U.S. water systems, election systems, and nuclear facilities, on behalf of Russian state-backed hacktivist groups. [...]

Под прицелом оказалась механика, выкачивающая информацию авторов без возможности отказа.