Mem3nt0 mori – The Hacking Team is back! 嗯，用户让我总结一下这篇文章的内容，控制在100字以内，而且不需要用“文章内容总结”之类的开头。首先，我需要通读整篇文章，抓住主要信息。 文章讲的是Kaspersky在2025年3月检测到的一波网络攻击。攻击者通过钓鱼邮件发送个性化链接，用户点击后访问恶意网站，利用Chrome的零日漏洞CVE-2025-2783进行攻击。这个漏洞允许攻击者绕过Chrome的沙盒保护，最终植入间谍软件Dante。 Dante是由意大利公司Memento Labs开发的商业间谍软件，之前称为Hacking Team。文章还提到攻击活动被命名为Operation ForumTroll，主要针对俄罗斯和白俄罗斯的组织。 总结的时候要注意时间、攻击方式、漏洞、间谍软件和目标。控制在100字以内，所以要简洁明了。 </think> Kaspersky detected a sophisticated cyberattack in March 2025, targeting organizations in Russia and Belarus via personalized phishing emails. The campaign, named Operation ForumTroll, exploited a zero-day vulnerability (CVE-2025-2783) in Google Chrome to bypass its sandbox protection. The attack chain involved a malicious website that executed an exploit to download and install malware, including a spyware called Dante developed by Memento Labs (formerly Hacking Team). The operation primarily aimed at espionage through keylogging and file theft.... 2025-10-27 03:0:20 | 阅读: 81 | 收藏 | Securelist - securelist.com dante spyware forumtroll chrome attackers

Deep analysis of the flaw in BetterBank reward logic 2025年8月，去中心化金融协议BetterBank因奖励系统漏洞遭攻击，损失约500万美元数字资产。攻击者利用虚假流动性池触发ESTEEM奖励机制，最终追回部分资金，净损失约140万美元。该漏洞源于协议未验证交易池合法性，此前安全审计已发现但未修复。... 2025-10-22 10:0:14 | 阅读: 16 | 收藏 | Securelist - securelist.com attacker liquidity esteem favor betterbank

The evolving landscape of email phishing attacks: how threat actors are reusing and refining established techniques 文章探讨了2025年网络钓鱼攻击的新趋势，包括使用PDF文件中的QR码和密码保护技术、日历事件钓鱼、语音信息钓鱼以及绕过多因素认证的方法。这些技术增加了攻击的隐蔽性和成功率，提醒用户需提高警惕并加强安全培训。... 2025-10-21 10:0:6 | 阅读: 40 | 收藏 | Securelist - securelist.com phishing pcloud security attackers qr

PassiveNeuron: a sophisticated campaign targeting servers of high-profile organizations PassiveNeuron活动针对政府、金融和工业组织的服务器，利用SQL注入部署恶意软件如Neursite和NeuralExecutor，并通过DLL加载器确保持久性。攻击者可能来自中文威胁行为者。给出了多个IOC指标以供检测。... 2025-10-21 08:0:52 | 阅读: 23 | 收藏 | Securelist - securelist.com attackers c2 neursite loader

Post-exploitation framework now also delivered via npm AdaptixC2框架被滥用为网络攻击工具，通过npm生态中的恶意包https-proxy-utils传播。该包伪装成代理工具，在安装时植入后门程序，并针对Windows、Linux和macOS系统进行定制化攻击，带来严重的远程控制风险。... 2025-10-17 10:0:33 | 阅读: 24 | 收藏 | Securelist - securelist.com adaptixc2 proxy cloudcenter malicious windows

SEO spam and hidden links: how to protect your website and your reputation 文章讨论了合法网站因包含隐藏的HTML块而被错误分类为“成人内容”的问题。这些隐藏块包含指向色情或赌博网站的链接及关键词，属于SEO垃圾技术。攻击者通过利用网站漏洞植入这些块以提高不良网站排名。文章分析了隐藏链接的工作原理、检测方法及防范措施。... 2025-10-17 07:0:55 | 阅读: 24 | 收藏 | Securelist - securelist.com blank mobi cassino overflow porn

Maverick: a new banking Trojan abusing WhatsApp in a mass-scale distribution read file error: read notes: is a directory... 2025-10-15 13:0:43 | 阅读: 17 | 收藏 | Securelist - securelist.com c2 trojan maverick brazil shellcode

Mysterious Elephant: a growing threat read file error: read notes: is a directory... 2025-10-15 10:0:11 | 阅读: 26 | 收藏 | Securelist - securelist.com elephant mysterious exfiltrator c2 memloader

Signal in the noise: what hashtags reveal about hacktivism in 2025 研究分析了2025年网络激进主义活动的模式与趋势,发现其战术以高可见性和易执行性为主,而非技术复杂性。Telegram成为主要策划平台,标签广泛用于协调行动与宣传,DDoS攻击占比最高。尽管聚焦中东地区,但目标遍布全球,建议加强DDoS防护与开放渠道监测。... 2025-10-14 10:0:9 | 阅读: 98 | 收藏 | Securelist - securelist.com hacktivist hashtags monitoring threats political

The king is dead, long live the king! Windows 10 EOL and Windows 11 forensic artifacts Windows 11引入了新的取证功能和变化，包括Recall截屏和AI分析、Notepad多标签支持及未保存内容存储、Windows Search从ESE转为SQLite数据库等。这些变化为取证分析提供了新工具和挑战。... 2025-10-14 08:0:57 | 阅读: 106 | 收藏 | Securelist - securelist.com windows artifacts recall microsoft uleb128

Detecting DLL hijacking with machine learning: real-world cases Kaspersky SIEM集成了一种机器学习模型，用于检测DLL劫持攻击。该模型通过检查系统中加载的所有DLL库，并结合Kaspersky安全网络的全球知识库进行验证，以提高检测准确性并减少误报。模型支持两种运行模式：在correlator上处理已触发规则的事件，在collector上处理所有相关事件。在试点测试中，该模型成功识别了多个真实攻击案例，包括利用DLL侧载技术的恶意活动。... 2025-10-6 08:15:13 | 阅读: 14 | 收藏 | Over Security - Cybersecurity news aggregator - securelist.com library malicious hijacking windows

How we trained an ML model to detect DLL hijacking 文章探讨了DLL劫持攻击的现状及其检测挑战，并介绍了卡巴斯基使用机器学习模型检测此类攻击的方法。通过三代模型的训练与优化，检测准确率显著提升，误报率降低。这些模型已应用于内部系统及商业产品中，有效识别并阻止 DLL 劫持攻击。... 2025-10-6 08:15:12 | 阅读: 15 | 收藏 | Over Security - Cybersecurity news aggregator - securelist.com hijacking library malicious labeling positives

Forensic journey: hunting evil within AmCache 文章探讨了Windows系统中AmCache文件的重要性。该文件记录了所有执行过的程序的元数据，包括路径、哈希值和时间戳等信息。通过分析这些数据，可以识别恶意软件、追踪攻击行为并生成威胁情报。... 2025-10-1 10:15:13 | 阅读: 15 | 收藏 | Over Security - Cybersecurity news aggregator - securelist.com amcache windows hve

Massive npm infection: the Shai-Hulud worm and patient zero read file error: read notes: is a directory... 2025-9-25 10:15:13 | 阅读: 23 | 收藏 | Over Security - Cybersecurity news aggregator - securelist.com crowdstrike shai hulud github

Threat landscape for industrial automation systems in Q2 2025 read file error: read notes: is a directory... 2025-9-19 10:45:13 | 阅读: 18 | 收藏 | Over Security - Cybersecurity news aggregator - securelist.com malicious q2 pp threats decreased

RevengeHotels: a new wave of attacks leveraging LLMs and VenomRAT 文章描述了一个错误代码（1016），通常与网络连接问题相关，可能由代理服务器配置错误、网络连接中断或防火墙设置不当引起。解决方法包括检查代理设置、重启设备或联系网络管理员以排查具体原因。... 2025-9-16 10:15:14 | 阅读: 17 | 收藏 | Over Security - Cybersecurity news aggregator - securelist.com 1016

Shiny tools, shallow checks: how the AI hype opens the door to malicious MCP servers 本文探讨了Model Context Protocol (MCP)作为AI助手与外部工具连接的标准如何被滥用为攻击手段。文章分析了协议级和供应链攻击路径，并通过恶意MCP服务器的概念验证展示了敏感数据泄露风险。建议采取审查安装、限制权限和监控异常行为等措施以防范威胁。... 2025-9-15 10:45:13 | 阅读: 15 | 收藏 | Over Security - Cybersecurity news aggregator - securelist.com mcp malicious analysis github ssh

Notes of cyber inspector: three clusters of threat in cyberspace read file error: read notes: is a directory... 2025-9-10 14:30:17 | 阅读: 17 | 收藏 | Over Security - Cybersecurity news aggregator - securelist.com ttps motivated security hacktivists russia

IT threat evolution in Q2 2025. Non-mobile statistics read file error: read notes: is a directory... 2025-9-5 09:15:14 | 阅读: 15 | 收藏 | Over Security - Cybersecurity news aggregator - securelist.com ransomware quarter trojan territory q2

IT threat evolution in Q2 2025. Mobile statistics read file error: read notes: is a directory... 2025-9-5 09:15:12 | 阅读: 14 | 收藏 | Over Security - Cybersecurity news aggregator - securelist.com trojan banker mamont q2 trojans