PenguinCoder@beehaw.org to

Technology@beehaw.orgEnglish · 10 days ago

How I Got Hacked: A Warning about Malicious PoCs

44

How I Got Hacked: A Warning about Malicious PoCs

PenguinCoder@beehaw.org to

Technology@beehaw.orgEnglish · 10 days ago

An in-depth forensic analysis of how a seemingly legitimate Proof-of-Concept (PoC) for CVE-2020-35489 turned out to be a cleverly disguised malware. This blog post details the attack vector, payload deobfuscation, Indicators of Compromise (IoCs), and the steps taken to analyze and neutralize the threat.

Trust, but always verify. You are not immune.

Chat

tal@lemmy.today
link
fedilink
English
arrow-up
4·
10 days ago
For the command line, do what OpenSSH does, take passwords on terminals.

For environment variables, the issue is passing them to all programs; you don’t want to put credentials in a .bashenv or similar.

Technology@beehaw.org

technology@beehaw.org

You are not logged in. However you can subscribe from another Fediverse account, for example Lemmy or Mastodon. To do this, paste the following into the search field of your instance: [email protected]

A nice place to discuss rumors, happenings, innovations, and challenges in the technology sphere. We also welcome discussions on the intersections of technology and society. If it’s technological news or discussion of technology, it probably belongs here.

Remember the overriding ethos on Beehaw: Be(e) Nice. Each user you encounter here is a person, and should be treated with kindness (even if they’re wrong, or use a Linux distro you don’t like). Personal attacks will not be tolerated.

Subcommunities on Beehaw:

This community’s icon was made by Aaron Schneider, under the CC-BY-NC-SA 4.0 license.

Visibility: Public

This community can be federated to other instances and be posted/commented in by their users.

213 users / day
1.2K users / week
3.24K users / month
5.72K users / 6 months
1 local subscriber
38.6K subscribers
551 Posts
5.37K Comments
Modlog