unSafe.sh - 不安全
我的收藏
今日热榜
公众号文章
导航
Github CVE
Github Tools
编码/解码
文件传输
Twitter Bot
Telegram Bot
Rss
黑夜模式
Hunting for Remote Management Tools: Detecting RMMs
In our previous blog post about RMM (Remote Management and Monitoring) tools, we highlighted the pre...
2024-10-21 15:0:0 | 阅读: 3 |
收藏
|
NVISO Labs - blog.nviso.eu
bomgar
remote
rmm
rmms
remoteurl
All that JavaScript for… spear phishing?
NVISO employs several hunting rules in multiple Threat Intelligence Platforms and other sources,...
2024-10-2 23:0:0 | 阅读: 18 |
收藏
|
NVISO Labs - blog.nviso.eu
phishing
cryptojs
stage
decoded
malicious
Emergency Accounts: Last Call!
read file error: read notes: is a directory...
2024-9-17 18:21:57 | 阅读: 4 |
收藏
|
NVISO Labs - blog.nviso.eu
emergency
fido2
entra
microsoft
quorum
Introduction to Third-Party Risk Management
In today’s world, organizations are increasingly depending on their third-party vendors, s...
2024-9-12 15:0:0 | 阅读: 3 |
收藏
|
NVISO Labs - blog.nviso.eu
parties
tprm
security
operational
procurement
Hunting Chromium Notifications
Earlier this year, NVISO identified an active cluster of domains likely tied to social engineeri...
2024-9-6 15:0:0 | 阅读: 10 |
收藏
|
NVISO Labs - blog.nviso.eu
chromium
microsoft
chrome
interacted
Validate your Windows Audit Policy Configuration with KQL
Defining an audit policy in Windows is crucial for making sure that the appropriate security events...
2024-9-5 15:0:0 | 阅读: 15 |
收藏
|
NVISO Labs - blog.nviso.eu
subcategory
security
logoff
isempty
windows
MEGAsync Forensics and Intrusion Attribution
When intrusions near completion, adversaries commonly exfiltrate any data...
2024-9-4 15:0:0 | 阅读: 16 |
收藏
|
NVISO Labs - blog.nviso.eu
statecache
mega
megasync
rubbish
maxime
The Big TIBER Encyclopedia
TIBER (Threat Intelligence-Based Ethical Red Teaming) is a framework introduced by the European Cent...
2024-8-29 15:0:0 | 阅读: 37 |
收藏
|
NVISO Labs - blog.nviso.eu
tiber
purple
teaming
leg
From Evidence to Advantage: Leveraging Incident Response Artifacts for Red Team Engagements
What is this blog post about?This blog post is about why incident responder artifacts not on...
2024-8-2 17:0:44 | 阅读: 2 |
收藏
|
NVISO Labs - blog.nviso.eu
windows
artifacts
microsoft
security
software
Hunting for Remote Management Tools
In today’s digital landscape, Remote Management and Monitoring (RMM) tools...
2024-7-18 19:58:55 | 阅读: 8 |
收藏
|
NVISO Labs - blog.nviso.eu
rmm
software
engagements
security
hunt
Punch Card Hacking – Exploring a Mainframe Attack Vector
Mainframes are the unseen workhorses that carry the load for many services we use on a daily bas...
2024-7-16 15:0:0 | 阅读: 8 |
收藏
|
NVISO Labs - blog.nviso.eu
jcl
jes
nviso
mainframe
security
The End of Passwords? Embrace the Future with Passkeys.
Yesterday, unexpectedly, my personal Google account suggested using Passkeys for login. This is...
2024-7-2 15:0:0 | 阅读: 16 |
收藏
|
NVISO Labs - blog.nviso.eu
passkeys
security
passwords
cloud
Format String Exploitation: A Hands-On Exploration for Linux
SummaryThis blogpost covers a Capture The Flag challenge that was part of the 2024 picoCTF e...
2024-5-23 19:0:0 | 阅读: 9 |
收藏
|
NVISO Labs - blog.nviso.eu
memory
setvbuf
payload
remote
gamers
Top things that you might not be doing (yet) in Entra Conditional Access – Advanced Edition
IntroductionIn the first post of the top things that you might not be doing (yet) in Entra C...
2024-3-18 16:0:0 | 阅读: 10 |
收藏
|
NVISO Labs - blog.nviso.eu
entra
microsoft
security
enforce
Unpacking Flutter hives
IntroWhen analyzing the security of mobile applications, it’s important to verify that all d...
2024-3-13 16:0:0 | 阅读: 13 |
收藏
|
NVISO Labs - blog.nviso.eu
dart
flutter
frames
ultimatebox
bee
Become Big Brother with Microsoft Purview
IntroductionWith the never-ending amount of data we generate, process, and share within and...
2024-3-6 16:0:0 | 阅读: 11 |
收藏
|
NVISO Labs - blog.nviso.eu
microsoft
purview
security
sensitivity
triangle
Covert TLS n-day backdoors: SparkCockpit & SparkTar
In early 2024, Ivanti’s Pulse Secure appliances suffered from wide-spread...
2024-3-1 18:59:0 | 阅读: 12 |
收藏
|
NVISO Labs - blog.nviso.eu
backdoors
network
nviso
sparktar
ivanti
Top things that you might not be doing (yet) in Entra Conditional Access
IntroductionIn this blog post, I focus on the top things that you might not be doing (yet) i...
2024-2-27 16:0:14 | 阅读: 14 |
收藏
|
NVISO Labs - blog.nviso.eu
entra
microsoft
security
identities
Is the Google search bar enough to hack Belgian companies?
In this blog post, we will go over a technique called Google Dorking and demonstrate how it can...
2024-1-22 16:0:0 | 阅读: 24 |
收藏
|
NVISO Labs - blog.nviso.eu
security
robots
attacker
belgium
Deobfuscating Android ARM64 strings with Ghidra: Emulating, Patching, and Automating
In a recent engagement I had to deal with some custom encrypted strings inside an Android ARM64...
2024-1-15 16:0:0 | 阅读: 31 |
收藏
|
NVISO Labs - blog.nviso.eu
ghidra
pcode
xorstring
decrypted
Previous
-85
-84
-83
-82
-81
-80
-79
-78
Next