RevengeHotels: a new wave of attacks leveraging LLMs and VenomRAT 文章描述了一个错误代码（1016），通常与网络连接问题相关，可能由代理服务器配置错误、网络连接中断或防火墙设置不当引起。解决方法包括检查代理设置、重启设备或联系网络管理员以排查具体原因。... 2025-9-16 10:15:14 | 阅读: 8 | 收藏 | Over Security - Cybersecurity news aggregator - securelist.com 1016

Shiny tools, shallow checks: how the AI hype opens the door to malicious MCP servers 本文探讨了Model Context Protocol (MCP)作为AI助手与外部工具连接的标准如何被滥用为攻击手段。文章分析了协议级和供应链攻击路径，并通过恶意MCP服务器的概念验证展示了敏感数据泄露风险。建议采取审查安装、限制权限和监控异常行为等措施以防范威胁。... 2025-9-15 10:45:13 | 阅读: 9 | 收藏 | Over Security - Cybersecurity news aggregator - securelist.com mcp malicious analysis github ssh

Notes of cyber inspector: three clusters of threat in cyberspace 近年来，网络激进主义和地缘政治驱动的APT组织对全球构成严重威胁，尤其在乌克兰-俄罗斯冲突中激增。研究发现激进主义者与财务动机团体合作，共享工具和资源，导致对关键基础设施和服务的大规模破坏。报告提供了技术细节并提出防御建议。... 2025-9-10 14:30:17 | 阅读: 7 | 收藏 | Over Security - Cybersecurity news aggregator - securelist.com ttps motivated security hacktivists russia

IT threat evolution in Q2 2025. Non-mobile statistics 2025年第二季度全球IT威胁报告显示, Kaspersky解决方案拦截超4.71亿次网络攻击,检测到7700万独特恶意链接及近2300万恶意对象。勒索软件活动显著,发现1702种新变种,8.6万名用户受攻击,其中12%为Qilin受害者。执法部门成功打击多个勒索团伙,如Black Kingdom、Nefilim及Ryuk等。... 2025-9-5 09:15:14 | 阅读: 6 | 收藏 | Over Security - Cybersecurity news aggregator - securelist.com ransomware quarter trojan territory q2

IT threat evolution in Q2 2025. Mobile statistics read file error: read notes: is a directory... 2025-9-5 09:15:12 | 阅读: 6 | 收藏 | Over Security - Cybersecurity news aggregator - securelist.com trojan banker mamont q2 trojans

Cookies and how to bake them: what they are for, associated risks, and what session hijacking has to do with it 文章介绍了Cookies的基本概念及其在网站中的作用，包括不同类型（如第一方、第三方、临时和持久性）及其用途。Cookies存储用户信息以优化体验，但也涉及隐私和安全问题。文章讨论了Session ID的重要性及其易受攻击的风险，并提供了开发者和用户的保护建议。... 2025-9-2 10:15:12 | 阅读: 13 | 收藏 | Over Security - Cybersecurity news aggregator - securelist.com security attacker malicious developers fixation

How attackers adapt to built-in macOS protection 文章介绍了macOS的安全机制（如Keychain、TCC、SIP、File Quarantine、Gatekeeper和XProtect），分析了常见攻击方式及其绕过方法，并提供了检测和防御建议。... 2025-8-29 10:30:15 | 阅读: 13 | 收藏 | Over Security - Cybersecurity news aggregator - securelist.com security keychain library spctl keychains

Exploits and vulnerabilities in Q2 2025 read file error: read notes: is a directory... 2025-8-27 10:15:13 | 阅读: 16 | 收藏 | Over Security - Cybersecurity news aggregator - securelist.com q2 security c2 exploited

Modern vehicle cybersecurity trends 现代汽车正向数字化发展,提供智能系统与便利功能,但也扩大了网络安全风险。车内网络复杂,不同车型安全架构差异大,未来可能面临更多威胁,尤其是针对车队和商用车辆的攻击风险增加。... 2025-8-22 09:15:14 | 阅读: 12 | 收藏 | Over Security - Cybersecurity news aggregator - securelist.com vehicles vehicle security remote

GodRAT – New RAT targeting financial institutions 2024年9月发现针对金融行业的恶意攻击，通过Skype分发伪装成财务文件的恶意屏幕保护程序文件，部署名为GodRAT的远程访问木马（RAT），基于Gh0st RAT代码，并利用隐写术隐藏恶意代码。攻击者还使用AsyncRAT作为辅助植入程序以维持长期访问。该活动持续至2025年8月，主要针对香港和阿联酋等地。... 2025-8-19 11:15:13 | 阅读: 9 | 收藏 | Over Security - Cybersecurity news aggregator - securelist.com godrat shellcode scr c2 injector

Evolution of the PipeMagic backdoor: from the RansomExx incident to CVE-2025-29824 read file error: read notes: is a directory... 2025-8-18 09:0:16 | 阅读: 40 | 收藏 | Over Security - Cybersecurity news aggregator - securelist.com pipemagic attackers payload memory loader

New trends in phishing and scams: how AI and social media are changing the game read file error: read notes: is a directory... 2025-8-13 08:45:12 | 阅读: 18 | 收藏 | Over Security - Cybersecurity news aggregator - securelist.com phishing victim bots attackers translate

Scammers mass-mailing the Efimer Trojan to steal crypto read file error: read notes: is a directory... 2025-8-8 09:15:11 | 阅读: 13 | 收藏 | Over Security - Cybersecurity news aggregator - securelist.com trojan efimer c2 phrases ntdlg

Driver of destruction: How a legitimate driver is being used to take down AV processes 文章描述了一起利用恶意软件“AV killer”攻击事件，该软件通过滥用ThrottleStop.sys驱动终止杀毒进程并降低系统防御。攻击者通过有效凭证入侵SMTP服务器后横向移动，并部署MedusaLocker勒索软件加密系统。... 2025-8-6 10:15:13 | 阅读: 20 | 收藏 | Over Security - Cybersecurity news aggregator - securelist.com killer memory attacker security

Cobalt Strike Beacon delivered via GitHub and social media 2024年下半年，俄罗斯IT行业及其他国家实体遭遇网络攻击。攻击者利用DLL劫持、API混淆等技术，并通过社交平台隐藏恶意软件。攻击主要通过伪装成合法通信的钓鱼邮件传播，目标为俄罗斯IT公司为主，波及多国。... 2025-7-30 09:30:19 | 阅读: 22 | 收藏 | Over Security - Cybersecurity news aggregator - securelist.com malicious hxxps microsoft attackers

ToolShell: a story of five vulnerabilities in Microsoft SharePoint 在2025年7月19日至20日，安全公司和国家CERT报告称，在Premise SharePoint服务器上活跃利用了两个漏洞（CVE-2025-49704和CVE-2025-49706），允许无认证控制服务器。微软发布了针对其他漏洞的补丁（CVE-2025-53770和CVE-2025-53771），但引发混淆。攻击影响全球多国多行业。Kaspersky检测到恶意活动并提供防护建议。... 2025-7-25 07:0:20 | 阅读: 13 | 收藏 | Over Security - Cybersecurity news aggregator - securelist.com microsoft 49704 layouts 49706

Rumble in the jungle: APT41’s new target in Africa read file error: read notes: is a directory... 2025-7-21 08:0:0 | 阅读: 34 | 收藏 | Securelist - securelist.com attackers windows malicious cobalt library

GhostContainer backdoor: malware compromising Exchange servers of high-value organizations in Asia read file error: read notes: is a directory... 2025-7-17 08:0:53 | 阅读: 17 | 收藏 | Securelist - securelist.com exchange proxy attacker

Forensic journey: Breaking down the UserAssist artifact structure read file error: read notes: is a directory... 2025-7-14 10:0:6 | 阅读: 23 | 收藏 | Securelist - securelist.com userassist fireevent ueme ctlsession nmax

Code highlighting with Cursor AI for $500,000 read file error: read notes: is a directory... 2025-7-10 11:15:19 | 阅读: 24 | 收藏 | Over Security - Cybersecurity news aggregator - securelist.com malicious solidity attackers powershell developer