小黑盒生活 on MSN

硬核科普:Python类应用是如何悄无声息往电脑植入后门的?

【本文由小黑盒作者@周铁男是我于01月17日发布,转载请标明出处!】 今天看到火绒团队发的《银狐后门:Python库压缩包篡改与Chrome伪装攻击分析》后,感觉这里用到了一种很新奇的方法,于是我做了复现,顺便分享给大家共同学习 ...
The Hacker News

Hackers Exploit c-ares DLL Side-Loading to Bypass Security and Deploy Malware

Active malware exploits DLL side-loading in a signed GitKraken binary to deliver trojans, stealers, and remote access malware ...
IEEE

Process Injection Using Return-Oriented Programming

Abstract: Return-oriented programming (ROP) is a code-reuse attack that uses borrowed chunks of executable code for arbitrary computation. On Windows, ROP is often used solely to bypass Data Execution ...