首页
社区
课程
招聘
[转帖]New campaign targeting security researchers
发表于: 2021-1-26 18:55 2058

[转帖]New campaign targeting security researchers

2021-1-26 18:55
2058

New campaign targeting security researchers

Over the past several months, the Threat Analysis Group has identified an ongoing campaign targeting security researchers working on vulnerability research and development at different companies and organizations. The actors behind this campaign, which we attribute to a government-backed entity based in North Korea, have employed a number of means to target researchers which we will outline below. We hope this post will remind those in the security research community that they are targets to government-backed attackers and should remain vigilant when engaging with individuals they have not previously interacted with.


In order to build credibility and connect with security researchers, the actors established a research blog and multiple Twitter profiles to interact with potential targets. They've used these Twitter profiles for posting links to their blog, posting videos of their claimed exploits and for amplifying and retweeting posts from other accounts that they control.

https://blog.google/threat-analysis-group/new-campaign-targeting-security-researchers



[注意]传递专业知识、拓宽行业人脉——看雪讲师团队等你加入!

收藏
免费 2
支持
分享
最新回复 (3)
雪    币: 2311
活跃值: (8720)
能力值: ( LV2,RANK:15 )
在线值:
发帖
回帖
粉丝
2

上传的附件:
2021-1-26 19:00
0
雪    币: 15191
活跃值: (16857)
能力值: (RANK:730 )
在线值:
发帖
回帖
粉丝
3
大家不要浏览他们的任何blog,仅仅是浏览也会中招。但现在国内已经有部分厂商可以给出告警了。最大的漏洞还是人本身。
2021-1-26 19:01
0
雪    币: 97697
活跃值: (200824)
能力值: (RANK:10 )
在线值:
发帖
回帖
粉丝
4
2021-1-26 19:01
0
游客
登录 | 注册 方可回帖
返回
//