Recherche : [Technical]

Onenote Malware: Classification and Personal Notes https://marcoramilli.com/2023/02/04/onenote-malware-classification-and-personal-notes/

06/02/2023 18:59:12

During the past 4 months Microsoft Onenote file format has been (ab)used as Malware carrier by different criminal groups. While the main infection vector is still on eMail side - so nothing really relevant to write on - the used techniques, the templates and the implemented code to inoculate Malware changed a lot. So it…

ManageEngine CVE-2022-47966 Technical Deep Dive https://www.horizon3.ai/manageengine-cve-2022-47966-technical-deep-dive/

20/01/2023 15:29:40

Introduction On January 10, 2023, ManageEngine released a security advisory for CVE-2022-47966 (discovered by Khoadha of Viettel Cyber Security) affecting a wide range of products. The vulnerability allows an attacker to gain remote code execution by issuing a HTTP POST request containing a malicious SAML response. This vulnerability is a result of using an outdated […]

Aurora: a rising stealer flying under the radar https://blog.sekoia.io/aurora-a-rising-stealer-flying-under-the-radar/

21/11/2022 20:56:10

Since September 2022, Aurora malware is advertised as an infostealer and several traffers teams announced they added it to their malware toolset.

Technical Analysis of the RedLine Stealer https://cloudsek.com/technical-analysis-of-the-redline-stealer/

19/11/2022 23:14:10

RedLine is an information stealer which operates on a MaaS (malware-as-a-service) model. This stealer is available on underground forums, and priced according to users' needs.

Melting the DNS Iceberg: Taking over your infrastructure Kaminsky style https://sec-consult.com/blog/detail/melting-the-dns-iceberg-taking-over-your-infrastructure-kaminsky-style/

20/10/2022 21:15:06

Hidden DNS resolvers and how to compromise your infrastructure

Liens par page

Filtres