How much system hardening should you do?
System Hardening When it comes to linux system hardening there is a lot to do. From the almost book-like CIS benchmarksto following best practices found all over the web. Recently someone new to the...
View ArticleImproving QEMU security part 6: TLS support for character devices
This blog is part 6 of a series I am writing about work I’ve completed over the past few releases to improve QEMU security related features. A number of QEMU device models and objects use a character...
View ArticleDark Reading Radio: What Keeps IT Security Pros Awake at Night
Join us for a discussion with (ISC) 2 Chief Exec David Shearer on your most worrisome trends and challenges. Tune in tomorrow, Wednesday, Aug 17, 1 pm. EDT/10 am PDT. Whether it's phishing, ransomware,...
View ArticleVeraCrypt security audit: Four PGP-encoded emails VANISH
Security researchers running a project to audit open source disk encryption tool VeraCrypt have been spooked by the mysterious disappearance or non-arrival of encrypted communications. The OSTIF (the...
View ArticleThe Make or Break Factor All Websites Must Have
By now we all know the general qualities of a good site versus a bad one. We know how to make use of SEO practices, we know the importance of quality content, and we know what Google does and does not...
View Article'Shadow Brokers' 组织100万比特币(5.68亿美元)叫卖美国军方网络攻击工具(含视频)
'Shadow Brokers' 组织100万比特币(5.68亿美元)叫卖美国军方网络攻击工具(含视频) 2016-08-17 08:43:33 来源:安全客 作者:安全客 阅读:2342次 点赞(0) 收藏 分享到: 下面视频通过使用黑客组织公布的snmp漏洞利用工具,在无密码情况下以特权模式直接控制一台cisco asa 设备...
View Article10 year-old teaches hackers a valuable lesson in privacy
Evan Robertson, age 10, took a science fair project and turned it into a valuable lesson in privacy earlier this month at rootz Asylum, a kids-only gathering at DEF CON where children can learn about...
View ArticleShadowBrokers’ Leak Has ‘Strong Connection’ to Equation Group
A high-stakes game of attribution started by a group claiming to have a cache of exploits belonging to the Equation Group took a somewhat definitive turn Tuesday afternoon. Researchers at Kaspersky Lab...
View ArticleSamsung Galaxy Note 7’s security, iris scanning features shown off
The Samsung Galaxy Note 7 is presently the talk of the town. We're anticipating sales will exceed those of the previous Note 5's for many reasons. For one, the latest premium phablet from the South...
View Article婴儿出生当天产妇家属就接到诈骗电话
婴儿出生当天产妇家属就接到诈骗电话 2小时前来源:凤凰网 谎称可领政府补助,患者质疑院方泄漏个人信息,市妇幼保健院称正调查原因 华商报讯(记者丁瑜...
View Article中国互联网安全大会在京开幕
中国互联网安全大会在京开幕 昨天来源:中国军视网 php?url=0EC8xjKu75" alt="中国互联网安全大会在京开幕" />本报北京8月16日电 记者扶满报道:16日,以“协同联动,共建安全命运共同体”为主题的第四届中国互联网安全大会在国家会议中心开幕,3万余名安全行业人士,围绕世界网络安全形势、网络空间战略、产业方向、行业趋势、技术未来、人才培养等方面展开研讨。...
View Article安全界“钢铁侠”McAfee:白帽子发现漏洞就不该索取回报
2015年12月,袁炜提交了婚恋交友网站世纪佳缘的系统漏洞。随后,世纪佳缘确认并修复了漏洞,按照惯例向漏洞提交者致谢。谁料此后事态发展急转直下,今年1月18日,世纪佳缘向北京市公安局朝阳分局报案称数据被窃取,4月12日,袁炜因涉嫌非法获取计算机信息系统数据犯罪被批捕。...
View ArticlePGP admins: Kill short keys now, or Alice will become Chuck
The issue of short PGP IDs is back on the agenda, with unknown scammers spoofing identities like Linus Torvalds and Tor core developer Isis Agora Lovecruft. Short keys are just what the name describes:...
View Article为什么说外国无法破解中国量子密钥技术?
日前,美国网络安全技术供应商赛门铁克指出,一个名为“神行客”(Strider)的黑客小组,过去5年间对中国、俄罗斯等国展开网络间谍式攻击,该黑客小组技术手段先进,赛门铁克怀疑小组有国家背景的团队支援。...
View Article卡巴斯基研究显示:网络欺凌危害严重
根据卡巴斯基实验室和iconKids & Youth联合进行的名为“ 在线成长的一代――互联环境下的孩子 ”主题研究,网络欺凌给孩子造成的危害比很多家长认为的要严重的多。在线骚扰会给大多数年幼的受害者造成严重后果,包括严重的健康和社交问题。...
View Article手把手教你如何从Whois数据中收集到有价值的情报
手把手教你如何从Whois数据中收集到有价值的情报 2016-08-18 10:34:38 来源:webbreacher 作者:Mickeyyyyy 阅读:381次 点赞(0) 收藏 分享到: 前言 在我的日常工作中,我经常需要去查找某些域名是否已经被我们公司的员工注册了。由于公司的组成结构和部门划分的问题,可能公司已经有人注册过这些域名了,可是我们有时却无法在第一时间得知这些信息。...
View ArticleRunning a DNSSec responder? Make sure it doesn't help the black hats
Sysadmins are making mistakes configuring and managing DNSSec, and it's leaving systems that should be secure open to exploitation in DNS reflection attacks. That's the conclusion of Neustar, in a...
View ArticleTech support scammers mess with hacker's mother, so he retaliated with...
Vengeful security boffin Ivan Kwiatkowski has infected the computer of an Indian tech support scammer with the Locky ransomware. Kwiatkowski inflicted the virus on the scammers after they attempted to...
View ArticleOperation Ghoul Targeting Middle Eastern Industrial, Engineering Organizations
Researchers today identified a series of ongoing targeted attacks primarily designed to steal sensitivecorporate financialdata fromindustrial and engineering organizations in the Middle East. The group...
View Article