攻击者如何进行持久化以及如何查找-Linux部分
https://www.elastic.co/security-labs/primer-on-persistence-mechanisms
https://www.elastic.co/security-labs/primer-on-persistence-mechanisms
www.elastic.co
Linux Detection Engineering - A primer on persistence mechanisms — Elastic Security Labs
In this second part of the Linux Detection Engineering series, we map multiple Linux persistence mechanisms to the MITRE ATT&CK framework, explain how they work, and how to detect them.
👍1
解码 Stealthy Memory-Only 恶意软件
https://cloud.google.com/blog/topics/threat-intelligence/peaklight-decoding-stealthy-memory-only-malware/
https://cloud.google.com/blog/topics/threat-intelligence/peaklight-decoding-stealthy-memory-only-malware/
Google Cloud Blog
PEAKLIGHT: Decoding the Stealthy Memory-Only Malware | Google Cloud Blog
Mandiant identified a new memory-only dropper using a complex, multi-stage infection process.
Internal of Malice(恶联网) 力图实现一套post-exploit基础设施, 在兼容CS,MSF,Sliver生态的同时, 提供更高的拓展性与隐蔽性, 并提供一套工程化的解决方案.
https://chainreactors.github.io/wiki/IoM/
https://chainreactors.github.io/wiki/IoM/
chainreactors.github.io
Internal of Malice · index - ChainReactor Wiki
chainreactors wiki
一体化实战漏洞运营体系建设实践--具备内外、总分一致性的资产漏洞运营体系的建设实践
https://mp.weixin.qq.com/s/xsT_KZQsP1-9l0toKQ4_9A
https://mp.weixin.qq.com/s/xsT_KZQsP1-9l0toKQ4_9A
Forwarded from 竹新社
黎巴嫩和叙利亚17日发生数百起手持传呼设备爆炸事件,造成至少8人死亡,2750人受伤,其中200人伤势严重。死者中包括1名哈马斯成员、2名真主党成员。伤者包括伊朗驻黎巴嫩大使。
一名真主党官员称,传呼设备先是发热,然后爆炸。据黎巴嫩媒体MTV报道,受伤的黎巴嫩真主党成员使用的传呼设备中的电池被远程引爆。网传照片和视频显示,人们躺在人行道上,手部或靠近裤袋处有伤口。
黎巴嫩公共卫生部公共卫生紧急行动中心发表声明,要求所有携带传呼设备的民众立即将其扔掉,呼吁民众给救护车腾出通行空间,要求医院做好接受紧急病人准备,并避免使用无线设备。
真主党官员将事件矛头指向以色列,但未详细说明。以色列军方拒绝置评。
(美联社,路透社,新华社)
一名真主党官员称,传呼设备先是发热,然后爆炸。据黎巴嫩媒体MTV报道,受伤的黎巴嫩真主党成员使用的传呼设备中的电池被远程引爆。网传照片和视频显示,人们躺在人行道上,手部或靠近裤袋处有伤口。
黎巴嫩公共卫生部公共卫生紧急行动中心发表声明,要求所有携带传呼设备的民众立即将其扔掉,呼吁民众给救护车腾出通行空间,要求医院做好接受紧急病人准备,并避免使用无线设备。
真主党官员将事件矛头指向以色列,但未详细说明。以色列军方拒绝置评。
(美联社,路透社,新华社)
👍4
如何从 Windows 事件日志中提取凭证信息,以及如何将此过程自动化 #安全运营
https://practicalsecurityanalytics.com/extracting-credentials-from-windows-logs/#Overview
https://practicalsecurityanalytics.com/extracting-credentials-from-windows-logs/#Overview
Practical Security Analytics LLC
Extracting Credentials From Windows Logs
Overview During a recent engagement, I observed a lot of members of a particular organization authenticating with remote systems and services over the commandline with username and password in plai…
❤1👍1
最近几年使用大型语言模型(LLMs)进行软件漏洞检测的研究论文、项目和资源。
https://github.com/huhusmang/Awesome-LLMs-for-Vulnerability-Detection
https://github.com/huhusmang/Awesome-LLMs-for-Vulnerability-Detection
GitHub
GitHub - huhusmang/Awesome-LLMs-for-Vulnerability-Detection: Awesome Large Language Models for Vulnerability Detection
Awesome Large Language Models for Vulnerability Detection - huhusmang/Awesome-LLMs-for-Vulnerability-Detection
❤5👍3
出国旅行移动设备安全指南:
1、如何为手机和平板电脑在国外的隐私做准备
https://architectsecurity.org/2017/08/international-mobile-device-security-part-1-preparing-your-mobile-devices-for-travel/
2、如何在国际旅行期间维护隐私
https://architectsecurity.org/2017/09/mobile-device-security-for-international-travelers-part-2-how-to-maintain-mobile-device-security-and-privacy-during-international-travel/
3、国际旅行后如何清理移动设备
https://architectsecurity.org/2017/10/mobile-device-security-for-international-travelers-part-3-how-to-clean-up-your-mobile-devices-after-international-travel/
1、如何为手机和平板电脑在国外的隐私做准备
https://architectsecurity.org/2017/08/international-mobile-device-security-part-1-preparing-your-mobile-devices-for-travel/
2、如何在国际旅行期间维护隐私
https://architectsecurity.org/2017/09/mobile-device-security-for-international-travelers-part-2-how-to-maintain-mobile-device-security-and-privacy-during-international-travel/
3、国际旅行后如何清理移动设备
https://architectsecurity.org/2017/10/mobile-device-security-for-international-travelers-part-3-how-to-clean-up-your-mobile-devices-after-international-travel/
👍1