Fake Facebook Lite App Infected with Trojan to Steal Users' Info
A version of Facebook Lite circulating on third-party app stores is infected with Spy FakePlay Trojan. Instead of coming from Facebook, the app was actually developed by some people in China. According...
View ArticleClik here to view.
FIN7 Spear Phishing Campaign Targets Personnel Involved in SEC Filings
In late February 2017, FireEye as a Service (FaaS) identified a spear phishing campaign that appears to be targeting personnel involved with United States Securities and Exchange Commission (SEC)...
View ArticleClik here to view.
Famous jailbreaker says WikiLeaks CIA dump is overhyped
WikiLeak’s trove ofCIA cyber documents is being hyped as one of the biggest leaks since Snowden blew the whistle on the NSA, but according to one of the world’s top jailbreakers you shouldn’t believe...
View ArticleClik here to view.
The Internet of Weaponized Things: Tackle device security before it's too late
The Internet of Things opens a Pandora's box of security issues. Image: iStock Failing to tackle the insecurity of the Internet of Things and connected devices could lead to the technology's...
View ArticleSecurity 101 for SaaS startups
Security 101 for SaaS startups Things I wish my first boss had told me So you are working at a startup, and you have been wondering at what point should you start looking into security considerations...
View ArticleClik here to view.
The 2017 State of SecOps: Attempts to transfer risk to managed services
In the 2017 State of Security Operations Report , the summary of findings can be broken down into 8 topics regarding major trend findings Part 4: Attempts to transfer risk with managed services When...
View ArticleClik here to view.
Google's 'SHA-1 Countdown Clock' Could Undermine Enterprise Security
Googles SHA-1 Countdown Clock Could Undermine Enterprise Security In the wake of a recently documented 'collision' attack, Google researchers should release a patch for the cryptographic Secure Hash...
View ArticleSQL Injection Vulnerability and the U.S. Election Agency
Amidst growing doubts of Russian involvement in the recent US presidential elections, there are fresh reports about a possible election agency breach. According to an article published in Reuters , a...
View ArticleClik here to view.
Apache Struts2 远程代码执行漏洞(S2-045)技术分析与防护方案
阅读: 53 Apache Struts2的Jakarta Multipart parser插件存在远程代码执行漏洞,漏洞编号为CNNVD-201703-152。攻击者可以在使用该插件上传文件时,修改HTTP请求头中的Content-Type值来触发该漏洞,导致远程执行代码。 相关链接如下:...
View ArticleDahua video kit left user credentials in plain sight
Chinese security camera/DVR company Dahua is pushing firmware patches after accusations by a security researcher that a swathe of its products carried a back door. First notified to video surveillance...
View ArticleClik here to view.
苹果去年独占全球智能手机市场近八成利润 华为捞到1.6%
php?url=0FoKMbfgV2" alt="苹果去年独占全球智能手机市场近八成利润 华为捞到1.6%" />韩联社援引研究机构的最新报告称,苹果占据去年全球智能手机市场79.2%的利润。 市场研究机构Strategy Analytics发布的最新报告称,估算全球智能手机行业去年总营业利润为537亿美元,而苹果占据了449亿美元。 这一数据足以显示苹果提高手机售价,同时降低生产成本的能力。...
View ArticleClik here to view.
CIA才是最大黑客! 维基解密披露最大规模CIA机密文件
CIA才是最大黑客! 维基解密披露最大规模CIA机密文件 一点号首席安全官4小时前 据英国BBC网站消息,维基解密(WikiLeaks)网站日前披露大批据称来自美国中央情报局(CIA)网络情报中心的文件和档案。网站始创人阿桑奇声称,这是有史以来公诸于世的最全面美国间谍搜集机密档案,数量多过“叛逃特工”爱德华斯诺登(Edward Snowden)披露,以至于CIA成全球最大黑客。...
View ArticleClik here to view.
Create your own MD5 collisions
A while ago a lot of people visited my site ( ~ 90,000 ) with a post about how easy it is to make two images with same MD5 by using a chosen prefix collision. I used Marc Steven 's HashClash on AWS...
View ArticleClik here to view.
The Guardian Project’s “Proof Mode” app for activists doesn’t work
On February 24, 2017 The Guardian Project (not to be confused with the newspaper) presented “Proof Mode”, an app for Android smartphones which promises to add cryptographic “proof” to ever image and...
View ArticleClik here to view.
Android gets patches for critical OpenSSL, mediaserver, and kernel driver flaws
A five-month-old flaw in Android's SSL cryptographic libraries is among the 35 critical vulnerabilities Google fixed in its March security patches for the mobile OS. The first set of patches, known as...
View ArticleClik here to view.
WikiLeaks dump shows CIA can use IoT to hack ‘anything, anywhere’
WikiLeaks’ release of8,761 pages of internal CIA documents makes this much abundantly clear: the agency has built a monster hacking operation possibly the biggest in the world on the backs of the many...
View ArticleClik here to view.
Consumer Reports now rates product privacy and security
Just what is the standard, though? From a cursory glimpse, the privacy standard mostly amounts to a few logical rules. An internet-connected device should ask you to sign in and transmit encrypted...
View Article安全创新中心应对网络安全威胁 产研共建网络强国
【赛迪网专访】“互联网+”、云计算、大数据、人工智能等正在向各行业渗透发展。新技术提升生产力的同时,全社会,全行业也正面临复杂的网络安全问题。形形色色的电信诈骗;恶意破解、盗取账户密码;黑客攻击商业网站,窃取商业机密和企业财产……,因此带来的财产损失难以计数。网络威胁干扰人民正常生产、生活,最终必将引发国家安全问题,“没有网络安全就没有国家安全”也并非耸人听闻。...
View ArticleNest finally adds two-factor authentication for improved security
Alphabet-owned Nest has today announced that it’s finally addingtwo-factor account authentication to its mobile application. Once activated, theoptional feature will require usersto enter a...
View ArticleClik here to view.
曝中情局惊天秘密:黑客中心? 维基解密又瞎说大实话!
曝中情局惊天秘密:黑客中心? 维基解密又瞎说大实话! 昨天来源:舜网 php?url=0FoJeksPJE" alt="曝中情局惊天秘密:黑客中心? 维基解密又瞎说大实话!" />曝中情局惊天秘密...
View Article
