0 views collected around this technical thread.
The article delivers a technical overview of modern botnet threats, detailing the PBot and Xanthe families, their infection vectors, command‑and‑control operations, and provides practical detection, mitigation, and statistical analysis methods for defending against large‑scale DDoS, spam, and other malicious activities.
This report provides a comprehensive technical analysis of the malicious "Le Bao" app that masquerades as a WeChat‑like chat tool, detailing its sample characteristics, hidden QR‑code group joining mechanism, payment flow, server‑side tracing, and profit model, highlighting its covert distribution of pornographic content and associated illicit activities.
This article explores five primary correlation analysis models—rule‑based, statistical, threat‑intelligence‑based, context‑based, and big‑data‑driven—detailing their principles, typical use cases such as single‑log alerts, event‑count thresholds, multi‑value detections, temporal sequences, and how accurate log parsing underpins effective security analytics.
In a Sanya digital summit speech, Zhou Hongyi warned that cyber warfare has become a major national‑level threat, outlined four key shifts in enterprise security, and described 360's big‑data security brain and future plans to build a nation‑wide defensive ecosystem.
This article explains how threat intelligence is generated by defining it as judged security information, outlines methods for collecting and evaluating security data, introduces a two‑dimensional reliability/quality rating system, and provides a step‑by‑step engineering workflow for enterprise threat‑intelligence operations.
The article explains how situational awareness—covering pre‑attack, during‑attack, and post‑attack stages—leverages big data, AI, threat intelligence, UEBA and visualization to turn security platforms into proactive “security brains,” while also critiquing current product implementations and market practices.
The article explains what threat intelligence is, classifies it into strategic, tactical, and operational categories, illustrates its critical role in modern cyber‑warfare and e‑commerce defense, and discusses the challenges of timeliness, accuracy, and sharing within the security ecosystem.
On December 14, Tencent's security intelligence team uncovered a “DriverLife” Trojan that exploited the high‑severity EternalBlue vulnerability to propagate like a worm, infecting up to 100,000 users within two hours, and detailed its infection chain, malicious payloads, and mitigation recommendations.