0 views collected around this technical thread.
This article explains what network attacks are, outlines the most common attack types such as malware, DoS/DDoS, phishing, SQL injection and DNS tunneling, and provides practical prevention measures including regular updates, firewall configuration, VPN use, and security awareness training.
This article provides a detailed glossary of common hacking terms and techniques—from black‑hat attackers and backdoors to APTs, exploits, and dark‑web concepts—explaining each threat, its purpose, and how it impacts information security.
A recent supply‑chain poisoning incident injected malicious post‑install scripts into the popular Vant component library and Rspack build tool, stealing cloud credentials and mining Monero, prompting developers to upgrade to safe versions and reconsider npm dependency risks.
This article documents a step‑by‑step investigation of a compromised Linux server that exhibited 100% CPU usage, detailing process, network, and startup‑service analysis, the discovery of a cryptomining malware, and the complete removal procedure.
This article walks through a real-world intrusion on an Alibaba Cloud CentOS server, detailing how a disguised gpg-agentd process was used to install backdoors, hijack SSH keys, exploit Redis, and launch mass scanning, and provides concrete hardening recommendations to prevent similar attacks.
A recent ASEC report reveals that a malicious program disguised as the popular Office 2013‑2024 C2R Install crack tool distributes a .NET‑based malware suite that installs Orcus RAT, the XMRig cryptocurrency miner, and the 3Proxy proxy tool, primarily targeting Korean users and persisting via scheduled tasks and PowerShell updates.
Red Hat's urgent security advisory reveals that the latest xz 5.6.0/5.6.1 tools and libraries contain sophisticated malicious code that can grant unauthorized remote access, impacting Fedora 40, Fedora 41, and Rawhide while leaving all RHEL versions unaffected.
This article surveys a series of high‑profile supply‑chain attacks on the JavaScript/npm ecosystem—such as left‑pad removal, malicious faker.js updates, cross‑env hijacking, is‑promise bugs, getcookies backdoors, event‑stream social‑engineering, ESLint credential leaks, manifest obfuscation, and politically‑motivated code injections—highlighting how tiny, widely‑used packages can become vectors for large‑scale compromise and what developers can do to mitigate the risk.
The article examines how the rapid popularity of ChatGPT has spurred both legitimate opportunities and a surge in illicit activities, including account resale, scam scripts generated via prompt injection, and the creation of malware, highlighting the need for stricter regulation and security awareness.
This article explains the concept of in‑memory PHP trojans, provides simple obfuscated source code that deletes itself and persists in RAM, discusses their stealth characteristics, and offers a basic mitigation strategy of terminating the process and removing the generated files.
An in‑depth investigation by China’s national computer emergency response center and 360 Company uncovered a sophisticated cyber‑attack on Northwestern Polytechnical University orchestrated by the U.S. NSA’s Tailored Access Operations unit, detailing the attack infrastructure, weaponised tools, data theft and broader implications for Chinese critical sectors.
The article provides a comprehensive overview of phishing as a social‑engineering attack, detailing its various techniques—including email deception, spear‑phishing, whaling, malware‑based lures, domain spoofing, vishing, SMS and QR‑code scams—and offers practical defense measures such as anti‑phishing tools, multi‑factor authentication, content filtering, and security standards.
The article explains how WeChat aims to protect chat content through asymmetric key exchange and symmetric encryption, discusses why network monitoring alone cannot capture messages, and warns about other threats such as monitoring software, system vulnerabilities, and private‑key compromise that can expose communications.
Mozilla’s security team has blocked the malicious Firefox add-ons “Bypass” and “Bypass XM”, which abused the browser’s proxy API to hijack updates and bypass paywalls, affecting hundreds of thousands of users, and introduced new fallback mechanisms and a “Proxy Failover” extension in Firefox 93.
The article explains how modern chat applications protect communication with asymmetric and symmetric encryption, why network eavesdropping alone cannot reveal messages, and how installed monitoring software or system vulnerabilities can still expose chat records, emphasizing the need for regular updates and careful device usage.
A new Inno Stealer malware campaign masquerades as a legitimate Windows 11 upgrade installer, using a spoofed Microsoft site to distribute an infected ISO that creates hidden scripts, disables security, and steals browser data and cryptocurrency wallets, posing a serious information‑security threat.
The article explains how counterfeit Chrome browsers proliferate in China, how search engine ads and misleading download pages trick users into installing malicious software, and provides a reliable method to obtain the genuine offline Chrome installer to protect against these security threats.
In September 2022, Nantong police uncovered China's first nationwide case of illegal WeChat user data harvesting using a "clean fan" application, leading to the arrest of eight suspects who were convicted for illegally obtaining computer system data and controlling systems, highlighting severe information security risks.
Huorong’s threat intelligence team discovered that the Qike PDF Converter distributes a hidden malicious proxy module through download‑site installers, leading to unexplained high CPU usage, persistent system services, and widespread infection traced back to a Hangzhou tech company, urging users to update antivirus definitions and remove the software.
The 2019 Tencent Game Security report reveals rising cheat samples on PC and mobile, dominant custom cheats, emerging subtle cheating tactics, a diversified black‑market selling fake IDs and compromised devices, rampant account theft largely through scams, and improved player reporting that boosted detection rates.