一隅

手握三尺青锋,平尽天下不平事

[Stages of APT]INITIAL COMPROMISE

原文地址 https://azeria-labs.com/

In order to gain initial foothold within the target infrastructure APTs drop a malicious program during the point of entry step. While there are multiple ways of deploying malicious payloads the most common cases are malicious email attachments or exploits against the user’s web browser which are embedded into the websites the victim is usually browsing or is forced to browse to [1]. The approach the APTs choose to use depends on the resources they possess or time that is available for carrying out the attack.

[Stages of APT]RECONNAISSANCE

原文地址 https://azeria-labs.com/

If I had six hours to chop down a tree, I’d spend the first four sharpening the axe.
– Abraham Lincoln

One of the differences between a targeted attack and a wide spread malware campaign is the effort and time spent on preparation for attacking a specific target. Preparation, especially in the form of reconnaissance, is the first and most important phase in the APT life-cycle.

ADVANCED PERSISTENT THREATS (APTS)

原文地址 https://azeria-labs.com/

The cyber espionage “investigations” has become popular within the information security industry and resulted in easy marketing opportunities of research reports about Advanced Persistent Threats along with headlines of “nation-state attack”. Apart from the purpose of APT research report marketing, the term “APT” itself got generalized for the sake of convenience. However, this was done at the expense of accuracy and greater

关于区块链

对于区块链,个人是抱有非常大的期望的,或将是对这个世界的一次技术革新
无论是去中心化还是构建信任体系或者其它的什么

持续关注,持续学习


DNS隧道之端口转发

注解:
DMZ是英文“demilitarized zone”的缩写,中文名称为“隔离区”,“非军事化区”。它是为了解决安装防火墙后外部网络不能访问内部网络服务器的问题,而设立的一个非安全系统与安全系统之间的缓冲区,这个缓冲区位于企业内部网络和外部网络之间的小网络区域内,在这个小网络区域内可以放置一些必须公开的服务器设施,如企业Web服务器、FTP服务器等。DMZ防火墙方案为要保护的内部网络增加了一道安全防线,通常认为是非常安全的。同时它提供了一个区域放置公共服务器,从而又能有效地避免一些互联应用需要公开,而与内部安全策略相矛盾的情况发生。