Installing Nessus for SecurityCenter on laptop
The great thing about Tenable SecurityCenter: when you buy it you also gethundreds of licenses for Nessus. You will need these licenses to deploy Nessus hosts on your network, connect them to your...
View ArticleSony Xperia XZ and X Performance updated with December's security patch
The Sony Xperia X Performance andXperia XZ were both recently updated with Android Nougat (1,2). Despite being updated right at the cusp between November and December, neither of these smartphones...
View Article新手指南:DVWA-1.9全级别教程(完结篇,附实例)之XSS
*本文原创作者:lonehand,转载请注明来自CodeSec.Net 目前,最新的 DVWA 已经更新到 1.9 版本( http://www.dvwa.co.uk/ ),而网上的教程大多停留在旧版本,且没有针对 DVWA high 级别的教程,因此萌发了一个撰写新手教程的想法,错误的地方还请大家指正。 DVWA简介 DVWA ( Damn Vulnerable Web Application...
View Article【CodeSec年终策划】2016年Exploit Kits漏洞TOP 10分析
本文将简单介绍2016年漏洞工具包(Exploit Kits)中的漏洞 榜 TOP 10。 前情提要 从2015年11月16日-2016年11月15日,Adobe Flash Player占了2016漏洞工具包TOP 10漏洞中的6个席位。在Adobe官方对安全问题加强重视后,黑客对于Adobe Flash Player的关注仍然热度不减。...
View ArticleChristmas Tree with ggplot
# create data x <- c(8,7,6,7,6,5,6,5,4,5,4,3,4,3,2,3,2,1,0.5,0.1) dat1 <- data.frame(x1 = 1:length(x), x2 = x) dat2 <- data.frame(x1 = 1:length(x), x2 = -x) dat1$xvar <- dat2$xvar <- NA...
View ArticleU2F Security Keys May Be the World's Best Hope Against Account Takeovers
earlytime writes: Large scale account hacks such as the billion user Yahoo breach and targeted phishing hacks of gmail accounts during the U.S. election have made 2016 an infamous year for web...
View Article使用第三方库进行软件开发的安全风险研究
如今,很多软件由于长期使用第三方库文件,导致了持续的安全问题。而在程序开发设计阶段,开发者又经常忽略了第三方库代码的漏洞审查,甚至有些资源库(repositories)直接被信手拈来使用,从根本上就缺乏了安全审计。...
View ArticleEnabling Flashback Be Cautious
Enabling flashback on 11.2.0.4 database can take minutes and cause multiple database wait events degrading database performance. On a quite busy system, during the low peak hours, I tried to enable...
View ArticleManaging Your Big Data Security Strategy in 2017
In the era of Big Data, as the amount of data available for analysis has exploded exponentially, securing that data has become absolutely essential for corporate success. Firms like Target and Home...
View Article被指责种植间谍软件后 俄罗斯:上面写了名字吗?
近日,俄罗斯又一次被指控攻击外国政府的电脑系统,这一次是立陶宛。据立陶宛发言人说,他们发现自己的电脑系统中被种植了来自俄罗斯克里姆林宫的间谍软件。根据一份来自路透社的声明内容,立陶宛网络安全中心负责人Rimtautas Cerniauskas表示从2015年开始,俄罗斯黑客就试图用间谍软件感染立陶宛政府电脑。 去年就开始攻击...
View ArticleDistribution Release: Parrot Security OS 3.3
Recent Related News and Releases 2016-10-16 Distribution Release: Parrot Security OS 3.2 Lorenzo Faletra has announced the release ofParrot Security OS 3.2, the latest release of the project's...
View Article美国联邦通信委员会:力求通过5G监管解决物联网网络安全问题
美国联邦通信委员会:力求通过5G监管解决物联网网络安全问题 5小时前来源:E安全 E安全12月27日讯美国联邦通信委员会(Federal Communication Commission,FCC)的公共安全与国土安全局发布一系列5G网络安全问题。5G作为下一代蜂窝网络,承诺为下一波数十亿物联网设备提供连接。 php?url=0FJWLAovD5"...
View Article【技术分享】Burp Suite扩展开发之Shodan扫描器(已开源)
【技术分享】Burp Suite扩展开发之Shodan扫描器(已开源) 2016-12-27 09:29:49 来源:resources.infosecinstitute.com 作者:scriptkid 阅读:1797次 点赞(0) 收藏 翻译:scriptkid 预估稿费:130RMB(不服你也来投稿啊!) 投稿方式:发送邮件至linwei#360.cn,或登陆网页版在线投稿 前言...
View Article9 predictions for AI in 2017
AI has been hot in 2016, and it’s not cooling off anytime soon. The investments, acquisitions, trials, reorganizations and breakthroughs of the past year have set the AI industry up to have tremendous...
View Article[安恒信息每日资讯 2016.12.27]
[安恒信息每日资讯2016.12.27] http://seclab.dbappsecurity.com.cn/?cat=15 [国际资讯] 1.美国想放宽网络武器出口 39个国家不同意 https://www.easyaq.com/newsdetail/id/1515919149.shtml 2.瑞士CERT破解僵尸网络域名生成算法 封禁大批顶级域名...
View Article《国家网络空间安全战略》发布 9股迎布局时点(名单)
《国家网络空间安全战略》发布 9股迎布局时点(名单) 昨天来源:证券时报网 央视新闻客户端27日消息,国家互联网信息办公室今日发布了《国家网络空间安全战略》,这是我国首次发布关于网络空间安全的战略。《战略》阐明了中国关于网络空间发展和安全的重大立场和主张,明确了战略方针和主要任务,是指导国家网络安全工作的纲领性文件。...
View ArticleOSCP Certified
On December 1st, I took theOffensive Security Certified Professional (OSCP) exam and successfully earned my certification. For those unfamiliar with OSCP, it is a hands-on training course and...
View ArticleSecureAuth Goes Beyond Two-Factor Authentication
While many of today’s organizations have made the shift to cloud-native infrastructures, for others doing so can still be challenging. In particular, older companies may find themselves dealing with...
View ArticleLeEco Le Pro3 receives new update, adds December security patch and many...
Chinese company LeEco might not make any profit from selling its flagship smartphone, the Le Pro3 in the United States, but that doesn't get in the way of offering new updates. If you happen to be the...
View Article学习领会法律实质内涵 《网络安全法》宣传大会在京召开
学习领会法律实质内涵 《网络安全法》宣传大会在京召开 一点号CNNVD安全动态3小时前 php?url=0FK2sIHtiG" alt="学习领会法律实质内涵 《网络安全法》宣传大会在京召开"...
View Article