Security Boulevard

That “job brief” on Google Forms could infect your device

Instead of the usual phishing email or fake download page, attackers are using Google Forms to kick off the infection chain. The attack typically begins when a victim downloads a business-themed ZIP ...
Security Boulevard

How searching for a VPN could mean handing over your work login details

What looks like a legit VPN download could be a trap, as SEO poisoning is being used to steal corporate logins.
WeLiveSecurity

EDR killers explained: Beyond the drivers

ESET researchers dive deeper into the EDR killer ecosystem, disclosing how attackers abuse vulnerable drivers.
WinBuzzer

Xbox One Hacked After 12 Years Via Voltage Glitch Exploit

A researcher has cracked the Xbox One's 12-year security record using Bliss, a voltage glitching exploit targeting an unpatchable boot ROM vulnerability.
CSO Online

ClickFix techniques evolve in new infostealer campaigns

Recent social engineering schemes involving WordPress and Microsoft’s Windows Terminal show that this relatively basic tactic is a growing threat.
The Hacker News

Chinese Hackers Target Southeast Asian Militaries with AppleChris and MemFun Malware

China-linked CL-STA-1087 targets Southeast Asian militaries since 2020 using AppleChris and MemFun for espionage and credential theft.

基于iOS漏洞利用工具包“Coruna”的加密资产窃取机制与防御策略研究

移动互联网时代的到来彻底重塑了金融服务的交付模式,加密货币钱包作为去中心化金融(DeFi)的核心入口,其安全性直接关系到用户的资产存续。然而,移动操作系统的安全边界正面临前所未有的挑战。传统的网络钓鱼攻击多依赖于社会工程学诱导用户主动泄露凭证,而新一 ...

人工智能驱动下的网络攻击演化机制与自适应防御体系构建

当前,全球网络安全格局正经历着由人工智能(AI)技术深度介入而引发的范式转移。传统基于规则匹配和静态特征库的防御体系,在面对由生成式人工智能赋能的自动化、智能化及定制化攻击时,显得日益捉襟见肘。本文基于近期关于“网络安全威胁加剧,人工智能加速攻击并重塑安全格局”的深度报道,系统剖析了AI技术在网络攻击链各阶段的渗透路径与增强效应。研究指出,攻击者利用大语言模型(LLM)生成的多态恶意代码、高度逼真 ...