Aggregator

#勒索病毒 #BlackHunt2.0 #Ransomware BlackHunt2.0勒索病毒攻击

针对一款开源跨平台Linux远控样本的分析

内閣サイバーセキュリティセンター（NISC）は、2024年12月から2025年1月の年末年始にかけて相次いだDDoS攻撃を受け、各事業者、各インターネット利用者に対して注意喚起を公開しました。本文書に記載された事項を参照の上、リスク低減に向けたセキュリティ対策を進めてください。

GreyNoise has observed active exploitation attempts targeting a newly disclosed authentication bypass vulnerability, CVE-2025-0108, affecting Palo Alto Networks PAN-OS. This high-severity flaw allows unauthenticated attackers to execute specific PHP scripts, potentially leading to unauthorized access to vulnerable systems.

为热力安全供应提供坚实保障。

This daily article is intended to make it easier for those who want to stay updated with my regular Dark Web Informer and X/Twitter posts.

黑客利用Pyramid渗透测试工具建立隐蔽的C2通信，绕过EDR检测，威胁终端安全。其基于Python的轻量级服务器和内存执行模块，使攻击者更难以被传统安全工具发现。

A Threat Actor Allegedly is Selling RDWeb Access to an Unidentified Insurance Company in the USA

Decentralized money lender zkLend suffered a breach where threat actors exploited a smart contract flaw to steal 3,600 Ethereum, worth $9.5 million at the time. [...]

Increased hacker activity has been observed in attempts to compromise poorly maintained devices that are vulnerable to older security issues from 2022 and 2023. [...]