RSA 2017: Microsoft Word Intruders step outside Office for the first time
This is the last instalment ofa four-part series about SophosLabs’ 2017 malware forecast , released this week atRSA Conference in San Francisco. Part 1 looked at malware targeting linux and...
View ArticleRasputin Hacker Uses SQLi to Hack 60 Universities and Government Agencies
A hacker known as Rasputin used SQL injection (SQLi) to breach the databases of over 60 universities and government agencies. The threat actor, a Russian-speaking computer criminal who gained notoriety...
View ArticleOWASP Top 10 cheat sheet for startup CTOs
In recent times, hacks seem to be increasingly prevalent , not to mention severe. What’s more, it doesn’t matter whether you’re a small player or a big name corporation such as LinkedIn or Yahoo! If...
View Article金立M6获“2016年度中国手机移动安全领域最佳产品奖”
9月8日,由中国电子信息产业发展研究院主办的第十七届中国信息安全大会在北京召开,金立M6/M6Plus以其在手机移动信息安全领域的表现,获得"2016年度中国手机移动安全领域最佳产品奖"。...
View ArticleRevealed: Malware that skulks in memory, invisibly collecting sysadmins'...
Cybercriminals have hit scores of enterprises in 40 countries using hidden malware. Banks, telecommunication companies and government organisations in the US, South America, Europe and Africa have...
View ArticleBrandPost: Security challenges to e-commerce
Although Willie Sutton denied having said it, we’ve all heard the quote attributed to him about why he robbed banks: “Because that’s where the money is.” Nowadays, money can be found in lots of places...
View ArticleWhy it pays to maintain your firewall
I n my last piece, I talked about the essentials of information risk analysis and its importance in the enterprise. I thought it would make sense to continue on that topic in the context of firewall...
View ArticleSCADA Part 2: Mission critical, highly vulnerable, almost un-protectable.
Hey folks, I’m back with my second installment on protecting the un-protectable: Last week we discussed the SCADA environment and some of the unique business and technology challenges we face when...
View ArticleGDPR and Cybersecurity, a Very Limited Partnership
If a security vendor has ever told you that the GDPR is imposing fines of up to 4% of annual global revenue for data breaches, they are either: ignorant of the standard; and/or lying. Being generous,...
View ArticleWatson Joins Cybersecurity Warriors' Ranks
IBM this week announced Watson for Cyber Security, a powerful new ally for organizations that want to protect their data from Net marauders. The new offering bolsters the ability of information...
View ArticleMicrosoft: Security Industry Must Be 'Neutral Digital Switzerland'
The security industry must declare itself a neutral party in cyber attacks between nation states, Microsoft President Brad Smith said here at the RSA Conference. "Even in an age of rising nationalism,...
View Article免费Zend 5.2 5.3 5.4解密工具-SeayDzend
Seay兄写的实用工具,免费分享给大家。from:http://www.cnseay.com/4498/ 最近在读一些有zend 5.4加密的代码,之前的黑刀无法解密5.4,网上找了下发现大多要收费,有一个工具叫G-DeZender能解5.4,但是未付费版本每点一次只能解密一个文件,这TM四五千个文件点完会死人的。...
View Article清华教授1800万没了,诈骗团伙却住豪宅开豪车!
今早,一则大快人心的消息登上网络热门,清华大学教授被诈骗1800万元的案件终于告破! 据台媒报道,台中警方15日逮捕了以刘姓男子为首的台湾诈骗集团8人。团伙被抓时,住在台中市台湾大道3段的豪宅大楼里,楼下还停着用诈骗所得购买的奔驰、宝马等豪车。 一边是教授被骗得几乎倾家荡产,另一边骗子们却在过着奢华的生活,甚至在警察抓捕时还狡辩说自己没犯罪,实在丧心病狂!...
View ArticleThe high price of security shaming [Infographic]
Bad press following a security breach hits companies hard. In fact, it can be so damaging that “two-thirds of companies would pay an average of $124k to avoid public shaming scandals,” according to a...
View Article2月17日 - 每日安全资讯播报
今日要闻推荐:RSA2017:SANS研究所列出了七种最危险的攻击技术;360发布智能网联汽车信息安全建设最佳实践报告;研究人员在美国的主要城市发现了超过1.7亿的IoT设备;IBM发布报告 公布了Shamoon恶意软件攻击链的详细信息。 [每日要闻] RSA2017:SANS研究所列出了七种最危险的攻击技术 http://t.cn/RJYnxO0 360发布智能网联汽车信息安全建设最佳实践报告...
View ArticleSimplifying Web Application Security with Qualys Web Application Firewall 2.0
The completely redesigned Qualys Web Application Firewall (WAF) 2.0 provides greater confidence in application security through increased customization, one-click virtual patching ability, simplified...
View ArticleRSA 2017 Roundup
RSA 2017 is a wrap. The final sessions are being recorded, the coat check area is filled with luggage, and the smell of propane is filling the show floors as forklifts begin to deliver packing crates...
View ArticleCisco Coverage for 'Magic Hound'
'Magic Hound' is the code name used to reference a seemingly limited series of malware distribution campaigns that were observed targeting organizations in Saudi Arabia as well as organizations with...
View ArticleQuestions of the Week 43
Surprisingly the big VM update we had last week didn’t trigger any major regressions but we did break some versioned build behavior with the string obfuscation feature . Todays update is far more tame...
View Article苦读18年后,他却选择当一名黑客
“ 我曾看到这样一段话:一个人生命中最大的幸运,莫过于在他年富力强的时候发现了自己的使命…… ” 说出这段话时,他的脸上浮现出若有所思的微笑。―― 显然,他觉得自己就是那个幸运者。 【白帽子黑客 hckmaple 】 hckmaple 是360补天漏洞响应平台综合排名第三的白帽子黑客,按照补天平台三万白帽子的数量来看,他也算万里挑一了。在白帽子群体中,hckmaple 的学历比较高 ――...
View Article