网络安全笔记 – Telegram

网络安全笔记

7.38K subscribers

109 photos

3 videos

571 files

642 links

从零开始、持续积累、开放共享、共同成长（网络安全、AI方向）

Download Telegram

About

Blog

Apps

Platform

网络安全笔记

7.38K subscribers

网络安全笔记

LAPSUSS TTP 和 MITRE ATT&CK 映射

463 viewsZer0, 07:21

网络安全笔记

https://mp.weixin.qq.com/s/1pJo_b979rqqKP9ldC13Vg

Weixin Official Accounts Platform

ATT&CK 变成安全“元宇宙”？

从某种意义来看，ATT\x26amp;CK框架包含了太多的安全场景，从“元宇宙”的现实表达和普遍包容性这个点上来看，ATT\x26amp;CK可能是安全领域的“元宇宙”层面的存在。

373 viewsZer0, 14:52

网络安全笔记

https://www.microsoft.com/security/blog/2022/04/13/dismantling-zloader-how-malicious-ads-led-to-disabled-security-tools-and-ransomware/

Dismantling ZLoader: How malicious ads led to disabled security tools and ransomware

Microsoft took action against the ZLoader trojan by working with telecommunications providers around the world to disrupt key ZLoader infrastructure. In this blog, we detail the various characteristics for identifying ZLoader activity, including its associated…

398 viewsZer0, 01:39

网络安全笔记

https://github.com/pwn1sher/frostbyte

GitHub - pwn1sher/frostbyte: FrostByte is a POC project that combines different defense evasion techniques to build better redteam…

FrostByte is a POC project that combines different defense evasion techniques to build better redteam payloads - pwn1sher/frostbyte

392 viewsZer0, 13:49

网络安全笔记

https://klrgrz.medium.com/cyber-threat-intelligence-study-plan-c60484d319cb

Cyber Threat Intelligence Study Plan

A recent(ish) rant about mentoring on Twitter led to an awesome thread of Cyber Threat Intelligence (CTI) resources and reading plans. That…

449 viewsZer0, 13:53

网络安全笔记

https://googleprojectzero.blogspot.com/2022/04/the-more-you-know-more-you-know-you.html

projectzero.google

The More You Know, The More You Know You Don’t Know

A Year in Review of 0-days Used In-the-Wild in 2021 Posted by Maddie Stone, Google Project Zero ...

452 viewsZer0, 05:49

网络安全笔记

security-playbooks-v1.1-csd02.pdf

🔥1

433 viewsZer0, 22:47

网络安全笔记

Media is too big

VIEW IN TELEGRAM

448 viewsZer0, 03:40

网络安全笔记

微软安全运营最佳实践security-compass-presentation.pptx

435 viewsZer0, 09:24

网络安全笔记

macOS_forensic_22.pdf

448 viewsZer0, 09:25

网络安全笔记

0days-enterprise-software.pdf

374 viewsZer0, 23:13

网络安全笔记

spring4shell-scan

373 viewsZer0, 23:14

网络安全笔记

https://github.com/fullhunt/spring4shell-scan

GitHub - fullhunt/spring4shell-scan: A fully automated, reliable, and accurate scanner for finding Spring4Shell and Spring Cloud…

A fully automated, reliable, and accurate scanner for finding Spring4Shell and Spring Cloud RCE vulnerabilities - fullhunt/spring4shell-scan

409 viewsZer0, 23:14

网络安全笔记

【2022_03_17】安全大讲堂_产品和技术角度的网络安全行业发展新趋势.pdf

307 viewsZer0, 13:18

网络安全笔记

【2022_03_23】安天_肖新光_安全的复杂与复杂的安全.pdf

304 viewsZer0, 13:19

网络安全笔记

重新思考合规安全与对抗安全，当前阶段的合规不一定就意味着无法面临真实的对抗攻击。
但是企业只顾着合规势必造成忽略真正有威胁的点。
现有很多优秀的指导文件对企业的建设非常有帮助，可以考虑建设适合企业特色的网络安全道路

👍1

308 viewsZer0, 05:42

网络安全笔记

https://docs.microsoft.com/en-us/azure/governance/policy/samples/nist-sp-800-53-r5

Regulatory Compliance details for NIST SP 800-53 Rev. 5 - Azure Policy

Details of the NIST SP 800-53 Rev. 5 Regulatory Compliance built-in initiative. Each control is mapped to one or more Azure Policy definitions that assist with assessment.

👍1

338 viewsZer0, 05:42

网络安全笔记

NIST_CSWP_20_1为零信任架构进行规划:联邦管理者的规划指南.pdf

NIST_IR_8354_draft数字调查技术:NIST科学基金会综述.pdf

NIST.SP.800-40r4企业补丁管理规划指南.pdf

NIST_SP_800_53r5信息系统和组织的安全和隐私控制.pdf

NIST.SP.800-82r3.ipd运营技术(OT)安全指南.pdf

NIST_SP_800_161r1系统和组织的网络安全供应链风险管理实践.pdf

NIST_SP_800_172A评估受控非机密信息的增强安全要求.pdf

NIST.SP.800-204C基于微服务应用中DevSecOps的实现.pdf

NISTIR_8374勒索软件风险管理:网络安全框架概要.pdf

330 viewsZer0, 06:03