ASLR遭破解:这可能是最难修复的大规模漏洞
过去10年,想要侵入计算机的黑客面临一个艰巨的任务:即便已经让 恶意代码 运行在目标计算机上,他们也不得不找出代码究竟运行在内存的哪个位置。这是因为windows、安卓和其他每个现代操作系统,都会采用随机化进程内存位置的安全保护措施。这让数字侵入过程变得好像是在完全黑暗的环境里尝试抢劫民居一样。...
View ArticleRSAC2017:一个大而细的安全展览会
2017年2月13日(北京时间2月14日,情人节),RSA Conference 2017正式开幕了。好大的一个安全展览会,好细分、好细心的一个安全展览会啊! 好大的安全展会 成为安全新兵之后,我也代表公司参加了几次国内的安全展,比如去年的武汉安全周的展览会,如果说场馆大小,RSA...
View ArticleRSA 2017:量子计算与AI安全都是炒作,代码无bug才是正事
ZD至顶网安全频道 02月16日 综合消息: 每一年,旧金山的 RSA 大会都会在其加密专项讨论环节中,吸引到全球最出色及最睿智的头脑,而其探讨核心也非常简单――摆脱一切热门及炒作性因素,集中精力考虑如何实现更出色、更简洁且更安全的编程成果。 研讨小组各成员对于人工智能安全系统(尽管其已经在 DARPA Cyber...
View ArticleA rash of invisible, fileless malware is infecting banks around the globe
Two years ago, researchers at Moscow-based Kaspersky Lab discovered their corporate network was infected with malware that was unlike anything they had ever seen . Virtually all of the malware resided...
View ArticleCyber Insurance Coverage Concerns
The perceived silver bullet ofcyber insurance has existed since the 1990s, but companies were forced to consider coverage limitations when a New York Court ruled in February 2014 that Sony’s general...
View ArticleITU ponders whether blockchain belongs in its security standards
The International Telecommunication Union has decided the time has come to consider whether Blockchain deserves its attention so it can be considered for future security standards. Study Group 17 of...
View ArticleRSA2017极简报:我们正在网络安全的战场上节节退败
美国当地时间2月13日,RSA Conference 2017在旧金山Moscone中心隆重拉开序幕。随着创新沙盒大赛的揭晓,UnifyID的夺冠,RSA大会如火如荼的开展着,吸引了从安全初创公司到数十亿美元的数万参会者,2月14日,来自国内外六百多个参展商首次亮相更是将RSA推向一个高潮,除了常驻军团,今年也涌现了不少黑马,这群黑马骄傲的喊着:我们是“Research &...
View ArticleXen Project asks to limit security vulnerability advisories
The Xen Project has requested feedback from the community in thrashing out new disclosure guidelines which may only reveal the most serious vulnerabilities affecting the hypervisor. The Xen Project is...
View ArticleToo many high-risk vulnerabilities leave CISOs scrabbling to patch
IT security company F-Secure has warned that there is too much hype surrounding zero-day vulnerabilities. In its State of Cyber Security 2017 report, the anti-virus security company noted: “The...
View ArticleYahoo notifies users about 'forged cookie' security breaches and it could...
Yahoo -- or, rather, its users -- have not been doing very well recently when it comes to security . Having already revealed details of ahuge historic attack that led to the theft of details for...
View ArticleWord From Our Editor: National Cyber Security Centre Highlights Scale Of Threat
New centre is the public face of the government’s online security efforts. On February 14, the Queen officially opened the UK’s National Cyber Security Centre (NCSC). Based in central London, it can be...
View ArticleSecurity platforms to disrupt industry, predicts Palo Alto Networks
Security platforms with open application programming interfaces (APIs) are set to turn the business model for the information security on its head, according to Mark McLaughlin, president and CEO of...
View Article赛可达发布2016年度全球手机安全软件横评报告
近日,第三方网络安全测评认证机构――赛可达实验室发布了2016年度全球中文手机安全软件横评报告。本次横评依然遵循赛可达实验室严格的测试方法,采用Android...
View Article英国国家网络安全中心:大规模网络攻击严重威胁英国国家安全
英国国家网络安全中心:大规模网络攻击严重威胁英国国家安全 一点号嘶吼RoarTalk2小时前 根据英国国家网络安全中心(NCSC)最新统计数据显示:英国在过去的三个月中已经遭遇了多达188起大规模网络攻击事件,严重威胁国家网络安全。 日益严峻的网络安全现状 前任英国情报机构政府通信总部(GCHQ)网络安全负责人Ciaran...
View Article黑科技魅力到底多大?能让女黑客一年不洗澡
黑科技魅力到底多大?能让女黑客一年不洗澡 一点号科技耳朵2小时前 近日,一则“女黑客一年不洗澡,沉迷黑科技”的网络新闻让网友大为惊讶。女黑客曾某仪,在网上几乎无所不能,技校毕业的她成了一个黑客,干起了银行卡信息买卖的勾当。不疯狂不成活,为了获取更多的“料”,曾某仪每天在网上聊天超过20小时。她基本不上床睡,累了就靠在电脑椅上眯一会。为了拿“料”,她已近癫狂。 php?url=0Ff4SNIQQu"...
View Article中国黑客窃取高强度钢关键配方 美国钢铁公司撤回诉讼
中国证券网讯 当地时间2月15日美国钢铁公司发表声明,称正在撤回针对中国黑客窃取其高科技钢铁关键配方的诉讼。这是美国首次针对中国钢铁产品的337调查的一部分。 据澎湃新闻2月17日消息,同时,美国钢铁公司表示,将继续推进有关中国制造商违反反垄断规定、通过第三国发货各种钢铁制品以逃避关税的指控,并保留重新提起网络盗窃诉讼的权利。...
View ArticleRSA2017:360谭晓生阐述处置高级威胁的行业趋势
中新网2月16日电 RSA Conference 2017已于美国时间2月13日盛大开幕。360企业安全集在本届RSA大会上展示360全球网络扫描实时监测系统、360威胁情报中心、360上网行为管理、360天眼、360云守、360 Total Security、360...
View ArticleShortage of Cybersecurity Workforce to Increase An Opportunity for Managed Se...
One of the discussions I have with a lot of customers is around managed security services. Especially themes like Security Operation Centers seem to be fairly emotional as quite some customers want to...
View ArticleRSA:CASB已成大势所趋 云安全防护进入新阶段
在今年的RSA Conference 2017上,云访问 安全 代理(CASB)无疑成为了整个行业关注的焦点,Skyhigh、Netskope、360等全球多家企业都展示了CASB产品和方案。...
View Article