intelligence gathering
-
The Cyberspace Administration of China imposes penalties on CNKI for illegally handling personal information
On September 1, the Cyberspace Administration of China, in accordance with the Cybersecurity Law, the Personal Information Protection Law, the Administrative Penalty Law and other laws and regulations, comprehensively considered the nature, consequences, and duration of the illegal processing of personal information by CNKI, In particular, due to factors such as the network security review situation, CNKI made a decision on administrative penalties related to network security review in accordance with the law, ordered it to stop illegal processing of personal information, and imposed a fine of RMB 50 million.
-
[Vulnerability Warning] Unauthorized vulnerability in the API interface of the private version of Enterprise WeChat
Recently, a backend API execution permission vulnerability in the historical version of enterprise WeChat privatization was discovered. An attacker can obtain address book information and application permissions by sending specific messages. Through the API with vulnerability risk, https://cncso.com/cgi- The bin/gateway/agentinfo interface can directly obtain sensitive information such as corporate WeChat secrets without authorization, which can lead to the acquisition of all corporate WeChat data, file acquisition, and the use of corporate WeChat light applications to send phishing files and links within the enterprise.
-
Malicious AI tool FraudGPT is sold on the dark web, causing network security issues
With the rise of generative AI models, the threat landscape has changed dramatically. Now another hacker has created a malicious AI tool called FraudGPT, which is specifically used for attack purposes, such as making spear phishing emails, creating cracking tools, carding, etc. The tool is currently for sale on various darknet markets and Telegram platforms. It is said to be "capable of generating a variety of network attack codes" and "more than 3,000 buyers have placed orders in less than a week."
-
AsyncRAT malware analysis practice using Chatgpt
Explore how ChatGPT can assist in analyzing malware, specifically the Remote Access Trojan (RAT) AsyncRAT, and delve into ChatGPT's ability to discuss how it can assist in identifying threat indicators by analyzing network traffic and revealing command and control (C2) infrastructure.
-
Details of the arrest of the BR administrator of the world's largest English underground hacker forum are exposed
Yesterday we already knew that the administrator of the "Breach Forum" or webmaster "Pompompurin" was arrested, and we also knew that the man was 21-year-old American Conor Brian Fitzpatrick...
-
Russian tech giant Yandex source code leaked
According to foreign media reports, a source code leak occurred at Yandex, one of Russia's largest IT technology companies. Nearly all of Yandex’s source code leaked A former employee allegedly leaked Yandex’s source code repository, which leaked…
-
Analysis of U.S. military joint operations cloud capability planning in the context of military intelligence
The US military believes that cloud computing is a shared computing resource pool that can meet the rapidly changing needs of users at any time. By building a cloud environment, military data processing advantages can be ensured, thereby ensuring military advantages in the digital and physical worlds. The US military believes that its cloud technology for joint operations...
-
DevOps platform GitLab remote code execution (RCE) vulnerability
Background: GitLab officially released a security advisory to fix a remote code execution vulnerability (CVE-2022-2884) in GitLab Community Edition (CE) and Enterprise Edition (EE). The vulnerability allows authenticated users to access the GitLab Community Edition (CE) and Enterprise Edition (EE) by...
-
The United States uses the "Sour Fox Platform" to launch cyber attacks on China and Russia!
Recently, many scientific research institutions in China have discovered traces of the activity of the "verifier" Trojan program. A research report released by 360 on the 28th showed that according to the available US NSA confidential documents: "Authenticator" is a small implanted Trojan that can be deployed remotely...
-
WPS Office for windows is dealing with a certain OLE mechanism remote code vulnerability
Vulnerability description: WPS office software is an office software suite independently developed by Kingsoft Office Software Co., Ltd. It can realize the most commonly used functions of office software such as text, tables, presentations, etc., covering windows, macos, L...