Quantcast
Channel: CodeSection,代码区,网络安全 - CodeSec
Browsing all 12749 articles
Browse latest View live

Image may be NSFW.
Clik here to view.

【漏洞预警】雪藏11年:Linux kernel DCCP double-free 权限提升漏洞(CVE-2017-6074)

【漏洞预警】雪藏11年:linux kernel DCCP double-free 权限提升漏洞(CVE-2017-6074) 2017-02-23 13:00:19 来源:安全客 作者:adlab_puky 阅读:1724次 点赞(0) 收藏 漏洞描述 漏洞编号:CVE-2017-6074 漏洞发现者:Andrey Konovalov 漏洞危害:通过非特权进程获得内核代码执行进而提升权限...

View Article


网络诈骗的3点风险提示

网络诈骗的3点风险提示 3小时前来源:找法网 原标题:网络诈骗的3点风险提示 网络购物便利快捷,成为新经济形态的亮点,但由于网络上买卖双方的信息不对称,网络购物诈骗事件时有发生。王某某利用在网络二手货品交易平台、论坛上发布虚假信息进行诈骗,本以为找到了不法生财之路,但最终受到了法律的严惩。日前,王某某因犯诈骗罪,被北京市第三中级人民法院终审判处有期徒刑一年,罚金人民币一千元。...

View Article


俄国防部长称俄将建立信息战部队应对网络攻击

俄国防部长称俄将建立信息战部队应对网络攻击 1小时前来源:陕西日报 原标题:俄国防部长称俄将建立信息战部队应对网络攻击 中国网新闻2月23日讯 据英国广播公司(BBC)报道,俄罗斯国防部长绍伊古22日在国家杜马会议上会发表讲话时说,俄罗斯将建立一支新的信息战部队。这是俄罗斯首次正式承认信息战部队的存在。...

View Article

Image may be NSFW.
Clik here to view.

受网络攻击拖累 雅虎出售价格被迫降低3.5亿美元

受网络攻击拖累 雅虎出售价格被迫降低3.5亿美元 2小时前来源:艾媒网 据路透社报道,Verizon通讯周二表示,将以44.8亿美元收购雅虎核心业务,较两次大规模网络攻击被曝光前的最初交易价降低了3.5亿美元。 php?url=0Fhu3EzWgG" alt="受网络攻击拖累 雅虎出售价格被迫降低3.5亿美元"...

View Article

Image may be NSFW.
Clik here to view.

最in跑酷来袭!Archiact移动VR新作《黑客迷城》

最in跑酷来袭!Archiact移动VR新作《黑客迷城》 56分钟前来源:站长之家 全球顶尖的虚拟研发商及发行商Archiact推出新作――移动VR游戏《黑客迷城》(HOVR) 。 php?url=0FhvxQ75Ep" alt="最in跑酷来袭!Archiact移动VR新作《黑客迷城》" />游戏融合最流行的跑酷玩法 动作冒险...

View Article


Image may be NSFW.
Clik here to view.

阿里巴巴安全第一人肖力:网络安全的五个洞见 | RSA 2017

雷锋网宅客频道按:肖力,阿里巴巴第一个安全工程师,阿里云安全团队创始人。 阿里云,这个国内最大的云计算平台,服务着万亿企业的数据和业务。它所代表的云计算能力已经像水、电一样成为了互联网国度的基础设施。...

View Article

5岁孩子发现微软漏洞 这些“黑客”不一般

据美国媒体近日报道,当同龄人沉迷于网络游戏的时候,他们在忙着发现并修补游戏程序里的漏洞。他们是迷上“黑客”技术的电脑神童,但有一股正义的使命感:练习怎么“黑”别人的网络,是为了打造一个更安全的网络世界。现在政府机构希望鼓励孩子们把自己培养成为“白帽黑客”,引导企业把大笔资金投向培训少年黑客的项目,根据预测,未来网络安全人员缺口达100万。 5岁发现微软漏洞 成最年轻黑客...

View Article

Image may be NSFW.
Clik here to view.

SDL-软件安全设计初窥

Auth:Cryin@insight-labs.org 前言 本文详细介绍微软软件安全开发生命周期(SDL)相关概念,并讨论要遵循 SDL 过程所应执行的各种安全活动,其中着重对软件安全设计的原则进行探讨。并对STRIDE威胁建模方法进行深入介绍。 SDL介绍 安全开发生命周期(SDL)即Security Development...

View Article


Image may be NSFW.
Clik here to view.

4 Simple Ways to Protect Your Smart Home From Hackers

Towards the end of 2016, a series of massive DDoS attacks took out some of the internet’s biggest websites, including PayPal, CNN, Reddit, Github, Netflix, Twitter, and many others. The attack billed...

View Article


Image may be NSFW.
Clik here to view.

Hackers, InterWebz, and Fish Tacos

In the harsh chill of a San Diego February… Well, it was a little drizzly and we couldn’t wear shorts (most of the time). Anyway … 120 devs from all over Unity ― most of whom showed up for the photo ―...

View Article

Banking Trojan Attacks Rose by 30% in 2016

Cybercriminals are leaning towards financial institutions because, not surprisingly, that's where the money is. In fact, Kaspersky says that 47.48% of all phishing attempts detected target financial...

View Article

Image may be NSFW.
Clik here to view.

Launching Code Cards on Hacker News and lessons learned

A few weeks ago I launched Code Cards . Code Cards helps you remember programming knowledge you don’t use on a day to day basis using spaced repetition. In this post I want to talk about how the...

View Article

Image may be NSFW.
Clik here to view.

理解HTTPS为什么安全前,先看看这些

HTTPS 是建立在密码学基础之上的一种安全通信协议,严格来说是基于 HTTP 协议和 SSL/TSL 的组合。理解 HTTPS 之前有必要弄清楚一些密码学的相关基础概念,比如:明文、密文、密码、密钥、对称加密、非对称加密、信息摘要、数字签名、数字证书。接下来我会逐个解释这些术语,文章里面提到的『数据』、『消息』都是同一个概念,表示用户之间通信的内容载体,此外文章中提到了以下几个角色:...

View Article


Image may be NSFW.
Clik here to view.

RSA 2017: What’s The Theme?

As I mentioned before, unlike some in our industry, I love RSA Conference ( #RSAC ), chiefly as an “industry in a-room” [not to be confused with a mythical SOC-in-a-box :-)] phenomenon. RSA is best...

View Article

Image may be NSFW.
Clik here to view.

AdminSDHolder

Folks, Today is Day-0 of Microsoft's 30-day Active Directory Security School , which starts on March 01. Today, I'll answer the2nd (here's the 1st ) $100 B question I had asked them,which concerns...

View Article


Image may be NSFW.
Clik here to view.

6 Security Measures Every Startup Should Take in 2017

Cyber criminals do not discriminate -- every business, regardless of size and reputation, is a potential victim. In fact, small businesses and startups are seen as more appealing to them because they...

View Article

丰县警方:集中打击压降通讯网络诈骗案件

丰县警方:集中打击压降通讯网络诈骗案件 3小时前来源:彭城视窗 原标题:丰县警方:集中打击压降通讯网络诈骗案件 彭城视窗(张安)2017年以来,江苏丰县警方在打击治理通讯网络新型违法犯罪中不断探索尝试、创新突破,开创了新局面,在打击通讯网络诈骗案件中,同比2016年下降34%,其中电话诈骗案件零发案,成效显著。...

View Article


Image may be NSFW.
Clik here to view.

IDG Contributor Network: What is OWASP, and why it matters for AppSec

Modern software development is firmly focused on speed. The race to be first in the market is extremely competitive. To innovate, companies develop at breakneck pace, quickly establishing feedback...

View Article

Pragmatically Generating a Self-Signed Certificate and Private Key usingOpenSSL

Recently I found myself needing to generate a HTTPS Server Certificate and Private Key for an iOS app using OpenSSL, what surprised me was the total lack of documentation for OpenSSL. While there is...

View Article

BSidesSF CTF wrap-up

Welcome! While this is technically a CTF writeup, like I frequently do, this one is going to be a bit backwards: this is for a CTF I ran , instead of one I played! I've gotta say, it's been a little...

View Article
Browsing all 12749 articles
Browse latest View live