Analysis of the Execution Process of HTTPBot Botnet

Analysis of the Execution Process of HTTPBot Botnet

Introduction: Another emergency virus has appeared, and it has shown up twice in one day. Initially, I wanted to analyze whether it has infection capabilities, but I found it quite interesting, so I decided to write an article to document it. The main function is not complex; it only includes hiding the window, creating a … Read more

The Programmer’s Misstep: MATLAB Also Falls Victim!

The Programmer's Misstep: MATLAB Also Falls Victim!

The Programmer’s Misstep: MATLAB Also Falls Victim! 1. The Novice Theater Novice: (looking at the iPad screen, shocked) Wow, Brother Da Dong, look! This movie is so cool! Da Dong: (sipping tea, glancing over) Oh, watching “The Matrix” again? Novice: Yes! It just showed Neo being implanted with a program, that feeling of “being invaded … Read more

Practical Analysis of Attackers Exploiting Windows and Linux Vulnerabilities for System Intrusion

Practical Analysis of Attackers Exploiting Windows and Linux Vulnerabilities for System Intrusion

Part01 Exploitation Trend Escalation Recent monitoring by global cybersecurity teams has detected a significant increase in activities where attackers exploit vulnerabilities in Windows and Linux systems to conduct complex attacks aimed at gaining unauthorized system access. These attacks typically begin with phishing emails or malicious web content, deploying weaponized documents to initiate the attack. When … Read more

APT36 Hackers Use Linux .desktop Files to Install Malware in New Attack

APT36 Hackers Use Linux .desktop Files to Install Malware in New Attack

Pakistani APT36 cyber spies are using Linux .desktop files to load malware, launching new attacks against Indian government and defense entities.Reports from CYFIRMA and CloudSEK document this activity, which aims to steal data and maintain persistent espionage access. APT36 has previously used .desktop files to load malware in targeted espionage operations in South Asia.These attacks … Read more

New Fileless VShell Attack on Linux Systems

New Fileless VShell Attack on Linux Systems

Recently, a new type of fileless attack on Linux systems has emerged, which we have named “VShell“. The attackers employ fileless attack techniques, utilizing carefully crafted RAR filenames to trigger malicious code without explicit user execution. This type of attack does not rely on traditional software vulnerabilities but exploits common filename handling oversights in Linux … Read more

Hackers Exploit Two Python Function Calls to Execute Malicious Code

Hackers Exploit Two Python Function Calls to Execute Malicious Code

Author: Florence Nightingale Compiled by: Code Guardian Column: Supply Chain Security In the digital age, software is ubiquitous. Software acts as a “virtual person” in society and has become one of the fundamental elements supporting the normal operation of society. The security of software is becoming a fundamental and foundational issue in today’s society. With … Read more

The Traps in Filenames: A New Type of Linux Malware Attack Chain Exposed

The Traps in Filenames: A New Type of Linux Malware Attack Chain Exposed

As digital life becomes increasingly prevalent, attackers are continuously innovating their methods. Recently, cybersecurity researchers disclosed a highly covert new attack chain that delivers the open-source backdoor program VShell through phishing emails targeting female consumers in China, showcasing yet another evolution in the propagation of Linux malware. 1. Hidden Secrets in Filenames Researchers at Trellix … Read more

How Can a Panda Photo Compromise a Linux System?

How Can a Panda Photo Compromise a Linux System?

In the field of cybersecurity, technological innovations always come with new risks. In this episode, David Bombal’s video titled “AI Malware Hiding in Cute Panda Pics?!” reveals how hackers exploit AI-generated images and Polyglot file techniques to hide malicious code within seemingly harmless images, even bypassing traditional security detection to attack Linux systems. This article … Read more