Badusb 已经出现了很多年，使用usb进行攻击的手段也从最初的利用autorun.inf、伪造文件夹名、快捷方式等手段转为更加难以防御的Badusb。这种攻击方式就是目前可绕过杀毒软件，防御较难。 下面先看一下视频演示效果（youtube，请fq观看,如无法观看，请点此打开观看）： 利用场景 说下本文中利用场景： 混入企业内部，员工电脑未锁屏的情况下。在之前去过很多客户那里，大多数企业的员工离开电脑前不锁屏的情况,而且非常严重。 对于无安全意识的员工进行攻击，如公司文员、前台、行政等，例如将usb贴上保密、照片等字样，并扔到显眼位置，以吸引人来捡并插入其电脑。 针对Badusb攻击手段还有很多，利用场景也还有，这里仅列出与本文有关的部分。下面就让我们正式开始进入制作。 准备工作 硬件 Arduino

OGUsers, one of the most popular hacking forums, was hacked again, it is the second security breach it has suffered in a year. The popular hacking forum OGUsers was hacked again, it is the second security breach it has suffered in a year, the news was first reported by ZDNet. OGUsers is a black marketplace known for selling any kind of stolen data, inc

A group of security researchers has found thousands of Android apps containing hidden backdoors and blacklists. Researchers from The Ohio State University, New York University, and CISPA Helmholtz Center for Information Security analyzed thousands of mobile applications for Android and discovered dangerous behavior, including backdoors and blacklists.

In this post, I decided to share the details of the Coronavirus-themed attacks launched from March 29 to April 04, 2020. Threat actors exploit the interest in the COVID19 outbreak while infections increase worldwide, experts are observing new campaigns on a daily bases. Below a list of attacks detected this week. March 30, 2020 – Your colleagu

A new round of the weekly newsletter arrived! The best news of the week with Security Affairs Coronavirus-themed attacks March 22 – March 28, 2020FIN7 hackers target enterprises with weaponized USB drives via USPSSource code of Dharma ransomware now surfacing on public hacking forumsCrooks leverage Zooms popularity in Coronavirus outbreak to serve malware

Researchers spotted a new Coronavirus-themed attack, the messages pretend to be sent from the World Health Organization to deliver Lokibot infostealer. Security experts at FortiGuard Labs discovered a new Coronavirus-themed campaign using alleged messages from the World Health Organization (WHO) to deliver the LokiBot trojan. The campaign was uncovered

Remedying the "garbage in, garbage out" problem requires an understanding of what is causing the problem in the first place.When using event logs to monitor for security violations and incidents, the quality of output is determined by the quality of the input. Much of the logging being used is subpar, and there has been little industry incentive to fix it. T

The FBI expects attackers will target virtual environments as more organizations rely on them as a result of the COVID-19 pandemic.The FBI's Internet Crime Complaint Center (IC3) has issued an advisory that warns online education and remote work platforms of an increase in cyberattacks as more public and private organizations rely on virtual tools because of

A security researcher earned $75,000 for finding a whopping seven zero-days in Safari, three of which can be combined to access the camera.Apple has rewarded a security researcher $75,000 for discovering a total of seven zero-days in the Safari browser. Using only three of these flaws, an intruder could build an attack chain and access the camera and microph

It’s almost impossible not to rely on social networks in some way, whether for personal reasons or business. Sites such as LinkedIn continue to blur the line, increasing the amount of social function over time with features and services resembling less formal sites, such as Facebook. Can anyone imagine not relying on, of all things, Twitter to catch up on br

<p>Threat actors are repurposing<a href="https://info.phishlabs.com/blog/phishing-attack-breakdown-2-nigerian-419-scams"> Nigerian Prince or 419 </a>lures with novel coronavirus messaging to capitalize on the current pandemic. Today’s examples demonstrate how they are doing it.</p> <p><i>We are providing </i><a

According to the World Economic Forum’s Global Risks Report 2020, climate action failure is the top global risk in terms of impact. One action that can be taken to reduce this risk is to recycle; this goes for everything from domestic waste such as plastic containers, to more complex objects like technology. In fact, the amount of technology that is th

When you use up all of the available RAM on your computer, you may notice that your device struggles to complete tasks. If you find that your computer’s applications are frequently crashing and it takes longer to do simple tasks, then you might be wondering how to free up RAM on your computer. What is RAM? Your computer’s Random Access Memory (RAM) is store

Students now use technological devices both in school and at home. But what does that mean for student data privacy? The age of digital media means adapting education techniques to include edtech. With increased accessibility for all ages, new policing and privacy strategies must continually improve to protect the influx of data.  Understanding how students

Apache Shiro是一个Java安全框架，执行身份验证、授权、密码和会话管理。2016年，网络中曝光1.2.4以前的版本存在反序列化漏洞。尽管该漏洞已经曝光几年，但是在实战中仍然比较实用。花了点时间研究了下，并根据网络上的利用脚本改进。主要修改了检测方式，并使利用方式更加简单灵活，使其更具有实战意义，提升其效率。 漏洞原理 Apache Shiro框架提供了记住我的功能（RememberMe），用户登陆成功后会生成经过加密并编码的cookie。cookie的key为RememberMe，cookie的值是经过对相关信息进行序列化，然后使用aes加密，最后在使用base64编码处理形成的。 在服务端接收cookie值时，按照如下步骤来解析处理： 1、检索RememberMe cookie 的值 2、Base