Quantcast
Channel: CodeSection,代码区,网络安全 - CodeSec
Browsing all 12749 articles
Browse latest View live

A Hacker's Tips For Protecting Your Digital Privacy

Protecting individual privacy from government intrusion is older than American democracy. In 1604, the attorney general of England, Sir Edward Coke, ruled that a man’s house is his castle . This was...

View Article


Yahoo Patches Critical XSS Flaw in Mail

There was a serious security flaw in the Yahoo Mail that enabled an attacker to attach malicious code to a victim’s outgoing messages or read any email in the victim’s inbox just by having the victim...

View Article


Image may be NSFW.
Clik here to view.

Points mean prizes in gamified DDoS platform

Gamification is increasingly used by business as a means of enhancing the usability of software. But now it seems hackers are exploiting the technique too. Researchers at threat protection company...

View Article

Image may be NSFW.
Clik here to view.

Compromised Sites Rig-E and Rig-V Exploit Kits deliver Cerber Chthonic GootKit

NOTES: Today’s compromised sites redirect to Rig-E and Rig-V exploit kits delivering Cerber ransomware, Chthonic and GootKit banking malware. Presently there are 3 versions of the Rig Exploit Kit. For...

View Article

Why it is Hard to Implement Cryptographic Algorithms

Although it is oft-repeated that implementing cryptographic algorithms by non-professionals is a bad idea, we would like to give some concrete examples of how things can go wrong, and show some of the...

View Article


Image may be NSFW.
Clik here to view.

Securing a GWT app using Spring security

Spring security is one of the most used frameworks for securing java web applications. While it remains biased towards Servlets and server side java applications, it can also be used to secure single...

View Article

Image may be NSFW.
Clik here to view.

Monitor your application security in New Relic Insights

Companies are continuously collecting and storing more and more data about every aspect of their web applications, from error monitoring to business KPIs such as performance monitoring. Each monitoring...

View Article

Image may be NSFW.
Clik here to view.

Play online with no lag, no interruptions, and maximum safety

Shopping online is one of the reasons why we love the internet, but it’s not the only one. Video games are also a major reason. With more than 155 million Americans playing on their PC, game console,...

View Article


PHP 5.6.29 发布,安全漏洞修复

php 开发团队宣布 PHP 5.6.29 可用。 这是一个安全版本, 修复了几个安全漏洞。 建议所有 PHP 5.6 用户升级到此版本。 更新内容: mysqlnd: Fixed bug #64526 (将缺失的mysqlnd.* 参数添加到 php.ini-*). Opcache: Fixed bug #73402 (Opcache segfault 当使用类常量时调用一个方法). Fixed...

View Article


Image may be NSFW.
Clik here to view.

认清这14张脸!海南重金悬赏通缉这些电信诈骗嫌疑人,最高奖10万!

认清这14张脸!海南重金悬赏通缉这些电信诈骗嫌疑人,最高奖10万! 一点号南海网3小时前 php?url=0FAwaqysxm" alt="认清这14张脸!海南重金悬赏通缉这些电信诈骗嫌疑人,最高奖10万!" />小伙伴们, 注意了! 海南省公安厅有重要通知: 悬赏通缉电信诈骗嫌疑人 快认清这14张人脸 举报有重奖...

View Article

Image may be NSFW.
Clik here to view.

月饼,有毒 | 2016影响因子

再过半个月,就到了有圣诞老人和发苹果的日子了。 一到这种和“吃”有关的节日(虽然对吃货而言,每个节日都和吃有关),不禁想起2016年中秋那场和“吃”有关的“惨案”。在2016年与网络安全相关的大事件盘点中,这一事件有些特别:它不是什么和技术、黑客紧密结合的大事件,却与安全部的几位写脚本抢月饼的安全工程师以及一家知名互联网公司相关。 几个月过去,那些“被离职”的安全人员和月饼怎么样了?...

View Article

Image may be NSFW.
Clik here to view.

所谓京东数据泄露,其实是Struts惹下的大祸

所谓京东数据泄露,其实是Struts惹下的大祸 一点号尚科技7分钟前 php?url=0FB0azWeTu" alt="所谓京东数据泄露,其实是Struts惹下的大祸"...

View Article

Image may be NSFW.
Clik here to view.

renren-security v1.3.0 发布,轻量级权限管理系统

renren-security v1.3.0 发布了。 renren-security 是一个轻量级权限管理系统,其核心设计目标是开发迅速、学习简单、轻量级、易扩展。 具有如下特点 轻量级的权限系统,只涉及Spring、Shiro、Mybatis后端框架,降低学习使用成本 友好的代码结构及注释,便于阅读及二次开发 支持HTML、JSP、Velocity、Freemarker等视图,零技术门槛...

View Article


Vulnerability Pricing

What is the right price for a security vulnerability? TL;DR: Vendors should focus on vulnerabilities, not on exploits. Vulnerabilities should be priced based on how difficult they are to find, not...

View Article

Samsung Galaxy S7 edge starts getting December security patch

Samsung has started rolling out a new update to itsGalaxy S7 edge smartphone. Currently hitting units in Australia, the update brings Android security fixes for the month of December. @SamMobiles...

View Article


Image may be NSFW.
Clik here to view.

AirDroid Security Fixes Hit The App’s Stable Version

About a week ago, reports hit the internet that AirDroid, an app that helps to connect Android devices with PCs for remote control and other nifty functions in a web-based interface, had some serious...

View Article

Image may be NSFW.
Clik here to view.

Avira Security Suite 2017: Review, News Features, Price

Avira has been a great friend of people, who are concerned for their online security. It doesn’t matter whether you open an email or browse websites, your computer can be tricked by an attacker, who...

View Article


Image may be NSFW.
Clik here to view.

HackerOne平台2016年最具竞争力的漏洞悬赏项目

互联网充斥着漏洞,这是不足为奇的事。从程序员开始写代码起,他们就必定会犯错。而只要他们犯错,犯罪分子、政府、黑客分子就都能对这些漏洞无所不用其极。 谷歌、Facebook、Dropbox、PayPal、微软、雅虎,甚至电动车制造商特斯拉等科技公司如今都有一种悬赏机制,只要黑客发现他们产品存在的漏洞并报告给他们,这些公司就会向这些黑客提供奖金。 这是科技行业对黑客发现漏洞的标准回应方式发生的重大转变。...

View Article

Image may be NSFW.
Clik here to view.

京东 12G 用户数据泄露被证实,源自 2013 年的 Struts 2 安全漏洞

昨晚, 金融新媒体一本财经曝出了一条信息 :一个 12G 的数据包开始在地下渠道流通,其中包括用户名、密码、邮箱、QQ号、电话号码、身份证等多个维度,数据多达数千万条。 而黑市买卖双方皆称,这些数据来自京东。 一本财经的记者获取了这个数据包,尝试根据部分用户名和破解的密码登陆,确实大部分可登陆京东账户。通过在数据库中搜索自己的名字,一本财经的记者甚至发现自己的信息也早已泄露。...

View Article

Image may be NSFW.
Clik here to view.

Fatal flaw found in PricewaterhouseCoopers SAP security software

A security tool built for SAP systems by PricewaterhouseCoopers has turned out to have worrying security holes of its own. German security research firm ESNC has been analyzing the Automated Controls...

View Article
Browsing all 12749 articles
Browse latest View live