2021.01.27-揭秘Lazarus组织最新活动中的新型间接命令执行攻击技术

近日,Google TAG安全部门披露了一起利用推特等社交媒体针对不同公司和组织从事漏洞研究和开发的安全研究人员的社会工程学攻击事件,经绿盟科技伏影实验室分析,确认此次事件为Lazarus组织针对网络安全行业的一次针对性网络攻击,并猜测其可能有更深层次的攻击意图和行动。

【专题策划】知己知彼,百战不殆——网络钓鱼面面观

钓鱼套路深,安全要认真!

要想玩得转,还得功夫深!

什么是网络钓鱼?

2017年网络钓鱼现状?

反钓鱼思路和解决方案?

一步一步教你成为网钓老司机!

面对勒索软件的汹汹攻势,你应如何备战?

勒索软件是近年来增长快速的重大威胁。本文通过分析勒索软件的攻击方式、危害、发展趋势,探讨如何应对日益增多的勒索软件威胁,重点介绍沙箱技术在勒索软件检测的应用场景。

Attack Chain-based Threat Aware System

With the network threat forms becoming more and more diversified and complex and challenges from advanced persistent threat (APT) attacks, new-generation threats spread more quickly on a larger scale, covering mobile devices, desktops, networks, web, applications, and social networks. In the new normal situation, it is far from enough for customers to obtain threat information only from traditional network intrusion prevention system (NIPS) and network intrusion detection system (NIDS) devices, and professional, systematical, and intelligent devices are becoming really crucial. In particular, with the development of the Internet and improvement of user experience requirements, network threat behaviors should be detected through big data analysis to show customers the entire dynamic attack process intuitively.