In-The-Wild Exploitation of CVE-2025-53770 and CVE-2025-53771: Technical Details and Mitigation Strategies 微软SharePoint Server发现两个零日漏洞（CVE-2025-53770和CVE-2025-53771），构成“ToolShell”攻击链。这些漏洞被用于攻击本地部署的SharePoint 2016、2019及订阅版服务器。建议立即安装补丁并旋转机器密钥以增强安全性。... 2025-7-23 13:0:0 | 阅读: 0 | 收藏 | SpiderLabs Blog - levelblue.com microsoft security viewstate layouts

The Breach Beyond the Runway: Cybercriminals Targeted Qantas Through a Trusted Partner 2025年7月3日，澳大利亚航空公司Qantas证实一起网络攻击事件，攻击者通过第三方客服平台获取了客户个人信息。此次事件未影响核心系统及飞行安全，但暴露了供应链安全漏洞。Qantas已采取行动控制事件并通知受影响客户。专家推测此次攻击可能由Scattered Spider组织实施，该组织擅长利用社会工程学手段入侵企业系统。... 2025-7-4 12:25:29 | 阅读: 0 | 收藏 | SpiderLabs Blog - levelblue.com qantas attackers security spider scattered

Hijacked: How Cybercriminals Are Turning Anti-Virus Software Against You Executive Summary LevelBlue Labs has identified a new evolution in the toolset of threat... 2024-8-6 13:0:0 | 阅读: 1 | 收藏 | AlienVault Security Essentials Blog - levelblue.com malicious sbaproxy proxy powershell levelblue

LevelBlue Labs Discovers Highly Evasive, New Loader Targeting Chinese Organizations Executive SummaryLevelBlue Labs recently discovered a new highly evasive loader that is b... 2024-6-19 12:35:0 | 阅读: 1 | 收藏 | AlienVault Security Essentials Blog - levelblue.com loader payload levelblue squidloader shellcode

The dark side of 2023 Cybersecurity: Malware evolution and Cyber threats In the ever-evolving cybersecurity landscape, 2023 witnessed a dramatic surge in the sophis... 2024-1-25 11:0:0 | 阅读: 0 | 收藏 | AlienVault Security Essentials Blog - levelblue.com ransomware proxy malicious blackguard

AsyncRAT loader: Obfuscation, DGAs, decoys and Govno Executive summaryLevlBlue Labs has identified a campaign to deliver AsyncRAT onto unsuspe... 2024-1-5 11:0:0 | 阅读: 0 | 收藏 | AlienVault Security Essentials Blog - levelblue.com asyncrat dga bitlaunch trojan client

Behind the scenes: JaskaGO’s coordinated strike on macOS and Windows Executive summaryIn recent developments, a sophisticated malware stealer strain crafted i... 2023-12-18 22:51:0 | 阅读: 0 | 收藏 | AlienVault Security Essentials Blog - levelblue.com windows jaskago levelblue captured stealer

ProxyNation: The dark nexus between proxy apps and malware Executive summaryLevelBlue Labs researchers recently discovered a massive campaign of thr... 2023-8-16 11:0:0 | 阅读: 0 | 收藏 | AlienVault Security Essentials Blog - levelblue.com proxy windows alien delivering

Mac systems turned into proxy exit nodes by AdLoad This blog was jointly written by Fernando Martinez Sidera and Ofer Caspi, LevelBlue Labs th... 2023-8-10 10:0:0 | 阅读: 0 | 收藏 | AlienVault Security Essentials Blog - levelblue.com adload proxy beacon hxxp levelblue

SeroXen RAT for sale This blog was jointly written with Alejandro Prada and Ofer Caspi.Executive summarySero... 2023-5-30 22:0:0 | 阅读: 1 | 收藏 | AlienVault Security Essentials Blog - levelblue.com processes r77 seroxen quasar analysis

BlackGuard stealer extends its capabilities in new variant LevelBlue Labs researchers have discovered a new variant of BlackGuard stealer in the wild,... 2023-3-23 10:0:0 | 阅读: 0 | 收藏 | AlienVault Security Essentials Blog - levelblue.com blackguard wallets clipboard removable steals

Shikitega - New stealthy malware targeting Linux Executive summaryLevelBlue Labs has discovered a new malware targeting endpoints and IoT... 2022-9-6 10:0:0 | 阅读: 0 | 收藏 | AlienVault Security Essentials Blog - levelblue.com download payload encoder cryptominer shikitega