| 2022-01-19 |
漏洞攻击、暴力破解、Bot流量... 威胁情报如何解决云上安全难题?(公有云网络安全威胁情报202112) |
公有云威胁情报 ‧ Rugang Chen |
|
| 2022-01-11 |
用DTA照亮DNS威胁分析之路 (2) |
DTA ‧ suqitian |
|
| 2021-12-27 |
用DTA照亮DNS威胁分析之路 (1) |
DTA ‧ suqitian |
|
| 2021-12-21 |
Day 10: where we are with log4j from honeypot’s perspective |
Log4j ‧ Rugang Chen |
|
| 2021-12-21 |
从蜜罐视角看Apache Log4j2漏洞攻击趋势 |
Log4j ‧ Rugang Chen |
|
| 2021-12-14 |
Ten families of malicious samples are spreading using the Log4j2 vulnerability Now |
Ghost |
|
| 2021-12-13 |
已有10个家族的恶意样本利用Log4j2漏洞传播 |
Log4j ‧ Ghost |
|
| 2021-12-11 |
Threat Alert: Log4j Vulnerability Has Been adopted by two Linux Botnets |
Botnet ‧ RootKiter |
|
| 2021-12-11 |
威胁快讯:Log4j漏洞已经被用来组建botnet,针对Linux设备 |
Log4j ‧ RootKiter |
|
| 2021-12-09 |
公有云网络安全威胁情报(202111):云上多个资源对外发起攻击 |
公有云威胁情报 ‧ Rugang Chen |
|
| 2021-12-08 |
An assessment of Non-Authorized Domain Name Resolution provided by DNS Resolution Service Provider |
PassiveDNS ‧ Zhang Zaifeng |
|
| 2021-12-06 |
解析服务提供商对非授权域名解析情况的评估 |
PassiveDNS ‧ Zhang Zaifeng |
|
| 2021-12-01 |
EwDoor僵尸网络,正在攻击美国AT&T用户 |
DDoS ‧ Alex.Turing |
|
| 2021-11-30 |
EwDoor Botnet Is Attacking AT&T Customers |
DDoS ‧ Alex.Turing |
|
| 2021-11-25 |
公有云网络安全威胁情报(202110):趋势及典型案例分析 |
公有云威胁情报 ‧ Rugang Chen |
|
| 2021-11-18 |
The Pitfall of Threat Intelligence Whitelisting: Specter Botnet is 'taking over' Top Legit DNS Domains By Using ClouDNS Service |
DNS ‧ Hui Wang |
|
| 2021-11-18 |
白名单之殇:Specter僵尸网络滥用ClouDNS服务,github.com无辜躺枪 |
DNS ‧ Hui Wang |
|
| 2021-11-12 |
Malware uses namesilo Parking pages and Google's custom pages to spread |
Alex.Turing |
|
| 2021-11-11 |
快讯:利用namesilo Parking和Google的自定义页面来传播恶意软件 |
Alex.Turing |
|
| 2021-11-09 |
Abcbot, an evolving botnet |
DDoS ‧ Alex.Turing |
|
| 2021-11-09 |
僵尸网络Abcbot的进化之路 |
DDoS ‧ Alex.Turing |
|
| 2021-10-29 |
Pink, a botnet that competed with the vendor to control the massive infected devices |
Ghost |
|
| 2021-10-26 |
一个藏在我们身边的巨型僵尸网络 Pink |
Botnet ‧ Ghost |
|
| 2021-10-21 |
七年一剑,360 DNS威胁分析平台 |
DTA ‧ kenshin |
|
| 2021-09-28 |
Mirai_ptea_Rimasuta variant is exploiting a new RUIJIE router 0 day to spread |
0-day ‧ Hui Wang |
|
| 2021-09-28 |
Mirai_ptea_Rimasuta变种正在利用RUIJIE路由器在野0DAY漏洞传播 |
0-day ‧ Hui Wang |
|
| 2021-08-30 |
The Mostly Dead Mozi and Its’ Lingering Bots |
Botnet ‧ Alex.Turing |
|
| 2021-08-27 |
Mozi已死,余毒犹存 |
Botnet ‧ Alex.Turing |
|
| 2021-08-06 |
威胁快讯:TeamTNT新变种通过ELF打包bash脚本,正通过Hadoop ResourceManager RCE 传播 |
jinye |
|
| 2021-07-01 |
Mirai_ptea Botnet is Exploiting Undisclosed KGUARD DVR Vulnerability |
nday ‧ Hui Wang |
|
| 2021-07-01 |
Mirai_ptea Botnet利用KGUARD DVR未公开漏洞报告 |
nday ‧ Hui Wang |
|
| 2021-06-25 |
被拦截的伊朗域名的快速分析 |
PassiveDNS ‧ Zhang Zaifeng |
|
| 2021-05-28 |
窃密者Facefish分析报告 |
Backdoor ‧ Alex.Turing |
|
| 2021-05-27 |
Analysis report of the Facefish rootkit |
Backdoor ‧ Alex.Turing |
|
| 2021-05-08 |
威胁快讯:z0Miner 正在利用 ElasticSearch 和 Jenkins 漏洞大肆传播 |
Botnet ‧ JiaYu |
|
| 2021-05-06 |
RotaJakiro, the Linux version of the OceanLotus |
Botnet ‧ Alex.Turing |
|
| 2021-05-06 |
“双头龙”源自海莲花组织? |
Botnet ‧ Alex.Turing |
|
| 2021-04-29 |
Threat Alert: New update from Sysrv-hello, now infecting victims‘ webpages to push malicious exe to end users |
sysrv ‧ LIU Ya |
|
| 2021-04-28 |
威胁快讯:Sysrv-hello再次升级,通过感染网页文件提高传播能力 |
sysrv ‧ LIU Ya |
|
| 2021-04-28 |
RotaJakiro: A long live secret backdoor with 0 VT detection |
Botnet ‧ Alex.Turing |
|
| 2021-04-28 |
双头龙(RotaJakiro),一个至少潜伏了3年的后门木马 |
Botnet ‧ Alex.Turing |
|
| 2021-03-25 |
Microsoft Exchange Vulnerability (CVE-2021-26855) Scan Analysis |
CVE-2021-26855 ‧ Genshen Ye |
|
| 2021-03-25 |
Microsoft Exchange 漏洞(CVE-2021-26855)在野扫描分析报告 |
CVE-2021-26855 ‧ Genshen Ye |
|
| 2021-03-18 |
Necro upgrades again, using Tor + dynamic domain DGA and aiming at both Windows & Linux |
Necro ‧ jinye |
|
| 2021-03-16 |
Necro再次升级,使用Tor+动态域名DGA 双杀Windows&Linux |
jinye |
|
| 2021-03-12 |
New Threat: ZHtrap botnet implements honeypot to facilitate finding more victims |
New Threat ‧ Alex.Turing |
|
| 2021-03-12 |
新威胁:ZHtrap僵尸网络分析报告 |
New Threat ‧ Alex.Turing |
|
| 2021-03-09 |
Threat Alert: z0Miner Is Spreading quickly by Exploiting ElasticSearch and Jenkins Vulnerabilities |
Botnet ‧ JiaYu |
|
| 2021-03-08 |
威胁快讯:z0Miner 正在利用 ElasticSearch 和 Jenkins 漏洞大肆传播 |
Miner ‧ JiaYu |
|
| 2021-03-05 |
QNAP NAS users, make sure you check your system |
QNAP ‧ Ma Yanlong |
|
| 2021-03-05 |
QNAP NAS在野漏洞攻击事件2 |
QNAP ‧ Ma Yanlong |
|
| 2021-03-05 |
Gafgtyt_tor,Necro作者再次升级“武器库” |
Necro ‧ jinye |
|
| 2021-03-04 |
Gafgtyt_tor and Necro are on the move again |
Necro ‧ jinye |
|
| 2021-03-03 |
Fbot is now riding the traffic and transportation smart devices |
Botnet ‧ Genshen Ye |
|
| 2021-03-03 |
Fbot僵尸网络正在攻击交通和运输智能设备 |
Botnet ‧ Genshen Ye |
|
| 2021-02-10 |
Rinfo Is Making A Comeback and Is Scanning and Mining in Full Speed |
rinfo ‧ LIU Ya |
|
| 2021-02-10 |
rinfo卷土重来,正在疯狂扫描和挖矿 |
rinfo ‧ LIU Ya |
|
| 2021-02-09 |
DNSMon: using DNS data to produce threat intelligence (3) |
DNSMon ‧ suqitian |
|
| 2021-02-08 |
DNSMon: 用DNS数据进行威胁发现(3) |
DNSMon ‧ suqitian |
|
| 2021-02-02 |
New Threat: Matryosh Botnet Is Spreading |
DDoS ‧ Alex.Turing |
|
| 2021-02-02 |
新威胁:能云端化配置C2的套娃(Matryosh)僵尸网络正在传播 |
DDoS ‧ Alex.Turing |
|
| 2021-01-22 |
Necro is going to version 3 and using PyInstaller and DGA |
DGA ‧ jinye |
|
| 2021-01-21 |
Necro在频繁升级,新版本开始使用PyInstaller和DGA |
DGA ‧ jinye |
|
| 2020-12-31 |
DNSMon: 用DNS数据进行威胁发现(2) |
DNSMon ‧ suqitian |
|
| 2020-12-03 |
Another LILIN DVR 0-day being used to spread Mirai |
0-day ‧ Genshen Ye |
|
| 2020-12-03 |
LILIN DVR/NVR 在野0-day漏洞攻击报告2 |
0-day ‧ Genshen Ye |
|
| 2020-11-30 |
DNS data mining case study - skidmap |
Zhang Zaifeng |
|
| 2020-11-25 |
DNSMon: 用DNS数据进行威胁发现 |
DNSMon ‧ Zhang Zaifeng |
|
| 2020-11-25 |
Blackrota, a heavily obfuscated backdoor written in Go |
Backdoor ‧ JiaYu |
|
| 2020-11-20 |
MooBot on the run using another 0 day targeting UNIX CCTV DVR |
0-day ‧ Hui Wang |
|
| 2020-11-20 |
Moobot 在野0day利用之UNIXCCTV DVR命令注入 |
0-day ‧ Hui Wang |
|
| 2020-11-20 |
Blackrota, 一个Go开发的高度混淆的后门 |
Backdoor ‧ JiaYu |
|
| 2020-11-13 |
Quick update on the Linux.Ngioweb botnet, now it is going after IoT devices |
Botnet Proxy ‧ Alex.Turing |
|
| 2020-11-12 |
Linux.Ngioweb变种正在攻击IOT设备 |
Botnet ‧ Alex.Turing |
|
| 2020-11-02 |
360netlab上线域名IOC(威胁情报)评估标准及评估数据服务 |
DNSMon ‧ Zhang Zaifeng |
|
| 2020-10-09 |
HEH Botnet, 一个处于开发阶段的 IoT P2P Botnet |
Botnet ‧ JiaYu |
|
| 2020-10-07 |
HEH, a new IoT P2P Botnet going after weak telnet services |
Botnet ‧ JiaYu |
|
| 2020-10-02 |
Ttint: An IoT Remote Access Trojan spread through 2 0-day vulnerabilities |
0-day ‧ Alex.Turing |
|
| 2020-09-30 |
Ttint: 一款通过2个0-day漏洞传播的IoT远控木马 |
0-day ‧ Alex.Turing |
|
| 2020-09-25 |
Ghost in action: the Specter botnet |
Botnet ‧ Alex.Turing |
|
| 2020-09-25 |
幽灵在行动:Specter分析报告 |
IoT ‧ Alex.Turing |
|
| 2020-09-08 |
360网络安全研究院杭州开点招聘 |
Genshen Ye |
|
| 2020-09-01 |
QNAP NAS在野漏洞攻击事件 |
QNAP ‧ Genshen Ye |
|
| 2020-09-01 |
In the wild QNAP NAS attacks |
QNAP ‧ Genshen Ye |
|
| 2020-07-10 |
The new Bigviktor Botnet is Targeting DrayTek Vigor Router |
DDoS ‧ Alex.Turing |
|
| 2020-07-10 |
千面人:Bigviktor 分析报告 |
Botnet ‧ Alex.Turing |
|
| 2020-07-09 |
An Update for a Very Active DDos Botnet: Moobot |
0-day ‧ Hui Wang |
|
| 2020-07-09 |
那些年我们一起追过的僵尸网络之Moobot |
0-day ‧ Hui Wang |
|
| 2020-07-06 |
The Gafgyt variant vbot seen in its 31 campaigns |
LIU Ya |
|
| 2020-05-26 |
Look at NTP pool using DNS data |
DNSMon ‧ Zhang Zaifeng |
|
| 2020-05-26 |
从DNS角度看NTP pool服务器的使用 |
DNSMon ‧ Zhang Zaifeng |
|
| 2020-05-23 |
New activity of DoubleGuns Group, control hundreds of thousands of bots via public cloud service |
jinye |
|
| 2020-05-23 |
双枪团伙新动向,借云服务管理数十万僵尸网络 |
jinye |
|
| 2020-04-27 |
The LeetHozer botnet |
Botnet ‧ Alex.Turing |
|
| 2020-04-27 |
LeetHozer Botnet分析报告 |
Botnet ‧ Alex.Turing |
|
| 2020-04-15 |
多款光纤路由器设备在野0-day漏洞简报 |
0-day ‧ Genshen Ye |
|
| 2020-04-15 |
Multiple fiber routers are being compromised by botnets using 0-day |
0-day ‧ Genshen Ye |
|
| 2020-04-08 |
DDG botnet, round X, is there an ending? |
DDG ‧ JiaYu |
|
| 2020-04-08 |
DDG的新征程——自研P2P协议构建混合P2P网络 |
Botnet ‧ JiaYu |
|
| 2020-03-28 |
Two zero days are Targeting DrayTek Broadband CPE Devices |
0-day ‧ Genshen Ye |
|
