In depth analysis of the alleged Qilin, DragonForce and LockBit alliance LockBit、Qilin和DragonForce宣布结盟后，分析显示LockBit自2025年6月起几乎无活动，Qilin活动增加但未显著改变趋势。勒索软件生态系统呈现碎片化，赎金支付下降，数据泄露勒索模式兴起。... 2025-12-18 17:31:24 | 阅读: 6 | 收藏 | Over Security - Cybersecurity news aggregator - labs.yarix.com ransomware lockbit claims qilin alliance

Red Teaming & Jazz: Creativity as a Service 作者探讨了如何在网络安全领域平衡创意与专业性，并通过将红队测试转化为游戏化体验（如任务设计）提升客户参与度。他强调沟通、同理心和即兴发挥的重要性，在严格领域中创造独特价值。... 2025-10-2 14:1:9 | 阅读: 11 | 收藏 | Over Security - Cybersecurity news aggregator - labs.yarix.com teaming mission musical improvise

Elons (Proxima/Black Shadow related) ransomware attack via Oracle DBS External Jobs read file error: read notes: is a directory... 2025-9-16 14:31:8 | 阅读: 24 | 收藏 | Over Security - Cybersecurity news aggregator - labs.yarix.com windows ngrok eventdata recycle

Doppelganger: An Advanced LSASS Dumper with Process Cloning 文章介绍了Windows系统中关键组件LSASS的作用及其作为高价值攻击目标的原因。微软通过PPL、VBS和Credential Guard等机制增强了LSASS的安全性。尽管如此，攻击者仍利用工具如Doppelganger通过克隆LSASS进程、绕过保护并加密转储内容来窃取凭证。该工具结合了低级Windows内部操作和隐蔽技术，在现代防御环境下仍具有效性。... 2025-6-3 13:1:34 | 阅读: 19 | 收藏 | Over Security - Cybersecurity news aggregator - labs.yarix.com memory shellcode security windows

Exploring the LockBit Panel Breach – What Logs and Chats Reveal About Ransomware-as-a-Service LockBit 勒索软件集团的域名在2025年5月7日遭遇网络攻击，导致数据库泄露。分析显示大部分攻击由新手实施，仅8.7%的受害者支付赎金。... 2025-5-29 15:46:37 | 阅读: 11 | 收藏 | Over Security - Cybersecurity news aggregator - labs.yarix.com lockbit affiliates ransomware ycti victim

Behind The Scenes: Yarix Approach to Physical Security 文章探讨了物理安全在信息安全中的重要性及常见漏洞。许多组织忽视物理威胁或低估其风险，导致防御措施不足。作者提出了一套构建物理安全服务的框架，涵盖评估方法、工具选择、测试流程及报告呈现，并强调了人员培训和技术结合的重要性。... 2025-5-28 14:46:34 | 阅读: 14 | 收藏 | Over Security - Cybersecurity news aggregator - labs.yarix.com security client perimeter assessments

Inside the Attack: The Javascript Code Behind Credit Card Theft 文章分析了一种针对电子商务网站的 Magecart 攻击，攻击者通过注入恶意 JavaScript 脚本窃取用户信用卡数据。该脚本利用数据库污染技术隐藏在网站数据库中，并通过 WebSocket 和图像对象实现数据外泄。攻击者通过获取网站后端访问权限上传恶意 PHP 文件并建立持久化控制。文章还探讨了脚本的混淆技术和数据窃取机制，并提出了加强密码安全、使用 Web 应用防火墙等防护建议。... 2025-4-17 15:31:29 | 阅读: 16 | 收藏 | Over Security - Cybersecurity news aggregator - labs.yarix.com parseint mp2mk1sl attacker

The rise of Savastan0: a look into a growing carding marketplace Reading Time: 6 minutesCarding is a sort of fraud in which unauthorized individuals, referred... 2025-2-13 15:1:32 | 阅读: 4 | 收藏 | Over Security - Cybersecurity news aggregator - labs.yarix.com carding savastan0 sale expiration european

Zyxel vulnerability exploited by “Helldown” ransomware group Reading Time: 16 minutesIntroductionAs Yarix’s Incident Response Team, our responsibilities a... 2025-1-21 09:30:54 | 阅读: 19 | 收藏 | Over Security - Cybersecurity news aggregator - labs.yarix.com ransomware 4376006 04t21 network zyxel

Behind The Scenes: Yarix Approach to Mobile Security TLDR: This article highlights the Yarix Red Team’s daily challenges and internal work done to impro... 2024-12-6 01:31:3 | 阅读: 4 | 收藏 | Over Security - Cybersecurity news aggregator - labs.yarix.com security outcomes yarix mas mstg

Behind The Scenes: Yarix Approach to Mobile Security TLDR: This article highlights the Yarix Red Team’s daily challenges and internal work done to impro... 2024-12-6 00:15:52 | 阅读: 1 | 收藏 | Over Security - Cybersecurity news aggregator - labs.yarix.com security outcomes yarix ethical mstg

Threat Actors leverage Chinese SHOPOEM Platforms to spread infamous scam campaign Reading Time: 13 minutesIntroductionAs Yarix Cyber Threat Intelligence (YCTI) team, we keep a... 2024-8-1 17:46:35 | 阅读: 21 | 收藏 | Over Security - Cybersecurity news aggregator - labs.yarix.com shopoem cdns fraudulent shop nike

Java – Cracking the Random: CVE-2024-29868 Reading Time: 7 minutesTL;DRIf you employ a Java application with a token-based password reco... 2024-6-25 18:16:30 | 阅读: 34 | 收藏 | Over Security - Cybersecurity news aggregator - labs.yarix.com streampipes github security

BlueDuck: an(other) Infostealer Coveting Digital Marketing Agencies’ Facebook Business Accounts Reading Time: 10 minutesIntroduction In November 2023, the Yarix Cyber Threat Intelligence tea... 2024-4-4 23:1:21 | 阅读: 23 | 收藏 | Over Security - Cybersecurity news aggregator - labs.yarix.com blueduck malicious vietnamese phishing python

Citrix ADC – Unexpected Treasure TL;DR Setting secure rules for the RelayState parameter is a MUST when configuring Citrix Applicatio... 2024-3-22 00:46:23 | 阅读: 15 | 收藏 | Over Security - Cybersecurity news aggregator - labs.yarix.com citrix relaystate attacker victim

Rhysida – Ransomware Payload Analysis Reading Time: 8 minutesRyhsida is a ransomware gang that became famous starting from May 2023... 2023-11-24 00:1:24 | 阅读: 17 | 收藏 | Over Security - Cybersecurity news aggregator - labs.yarix.com analysis payload rhysida encryption memory

Pizza, Pasta and Red Teaming: insights and ideas for an Italian-style report Reading Time: 6 minutesForewordAfter more than 2 years from the inauguration of Labs, made wi... 2023-10-5 23:1:36 | 阅读: 14 | 收藏 | Over Security - Cybersecurity news aggregator - labs.yarix.com teaming italy beep objectives