Clik here to view.
都知道电子邮件是重大威胁 如何阻止和应对?
电子邮件由于其成本低、效率高的特性,已经成为企业通信最重要的形式之一。如今,我们习惯咨询的问题也已经从“你有电子邮件吗”转变成“你的电子邮件地址是什么?” 不过,电子邮件也是其自身成功的受害者。助力电子邮件成为企业通信最重要形式的特性,也同样吸引了那些将其用作非法目的的犯罪分子。 如今的企业电子邮件系统必须与日益增长的垃圾信息、病毒、网络欺诈或网络钓鱼邮件,以及邮件中所包含的间谍软件作斗争 。...
View ArticleClik here to view.
Security and Privacy considerations in Artificial Intelligence & Machine...
Where are the assets that need to be protected? Security and Privacy considerations in Artificial Intelligence & Machine Learning ― Part 2: The NewAssets Note: This is part-2 of a series of...
View Article人与信息泄露
本文总结一下我对信息泄露的理解 0x01 信息泄露与个人的关系 本文会将主要内容分为三个层次去写,适用于个人、企业、像我这样的安全从业者等。 最近看了很多 “通过信息泄露” 打开漏洞旅程的渗透测试案例。关于个人的安全在网络上并没有普及太多,大多数网民还不知道“网络安全与个人”之间的直接、间接关系。这一节就给大家剖析一下我个人对 个人安全 的定义。...
View ArticleClik here to view.
诡异!半夜收到上百条验证短信后钱款莫名全部被卷走
据媒体报道,近期不少市民反馈称,醒来后发现手机收到数条验证码和银行扣款短信,甚至很多市民还因此莫名“被网贷”,蒙受了极为严重的经济损失。李女士(化名)便是此类诈骗案件中的一名受害者,她在凌晨接收到来自银行、京东和支付宝平台的100多条验证码后,发现自己钱款全部被转走,京东平台还开通了金条、白条功能,被借走一万多元。...
View ArticleClik here to view.
“谁动了我的奶酪?”从挖矿脚本谈企业网络安全
“浏览即挖矿,黑客总能找到各种奇怪的资源来牟利” 近年来,数字货币已经成为经济和金融界最为热门的话题,目前的虚拟加密数字货币比如比特币、以太坊、门罗币等都已经渐渐成为了全世界都在参与的“财富盛宴“。当然,这其中也不乏常年活跃于互联网的神秘人士――网络黑客们的存在感,而且他们的参与方式相比常人,显得更加另类清奇,脑洞迭出。...
View ArticleClik here to view.
白帽采访 | 对话香港HackerOne白帽Ron Chan
Ron Chan,中国香港人,现专职网络安全顾问和漏洞挖掘专家。Ron于2013年香港科技大学纯物理专业毕业,之后转入销售工作。在进入漏洞众测之前,他用了1年时间学会黑客技术,并通过了Offensive Security Certified Professional...
View ArticleClik here to view.
“截获短信验证码”盗刷案频发
原标题:“截获短信验证码”盗刷案频发 IT之家8月4日消息 如果你的手机突然长时间处于2G信号状态时,那么你可要小心了。8月2日下午,南京江宁公安分局官方微博发布消息称,一种名为“GSM劫持+短信嗅探技术”的犯罪手法是近两年来出现的新型伪基站犯罪手段,多地警方已经有所发现。 警方称,“不同于传统的伪基站只给你发诈骗短信的方法,这种新型手法实现不接触目标手机而获得目标手机所接收到的验证短信的目的。”...
View ArticleCloudbric Seeks To Enhance Users’ Blockchain Experience With Decentralized...
This is a submitted sponsored story. ToshiTimes.com urges readers to conduct their own research with due diligence into the company, product or service mentioned in the content below. ToshiTimes.com is...
View ArticleClik here to view.
Confirmed: Fortnite for Android will risk players' security by sidestepping...
Fortnite for Android is one of the most eagerly-anticipated game launches of recent times, but the impending release could turn out to be something of a security nightmare. Following on fromrecent...
View ArticleTSMC chip fab tools hit by virus, payment biz BGP hijacked, CCleaner gets...
RoundupThis week we took a close look atGoogle security keys, bid adieu to Facebook'shead security honcho, and had a few email credentials overshared by Atlassian. Here's everything else that happened...
View ArticleClik here to view.
通用推出漏洞悬赏计划,重视自动驾驶时代的汽车网络安全
说到汽车黑客,不得不提的是在汽车安全领域有着“鼻祖”地位的大黑客 Charlie Miller。 他在 2015 年与队友联手成功入侵了一辆 2014 款的 Jeep 大切诺基,向车辆刷入了带有病毒的固件,并对 CAN 总线发送指令控制汽车。这一“黑 Jeep”事件直接导致 FCA 集团(菲亚特克莱斯勒)在当年从全球范围召回了 140...
View ArticleClik here to view.
回忆杀:QQ宠物要死了,这些年你竟在桌面上养过这些货……
Q宠消散的话题一出,一些朋友就开始为了反对而反对了。“从没玩过这么小儿科的东西”、“宠物这东西,不是已经进化到了鲲这样的猛兽了吗?尽管只是海报”、“养成类游戏一直都很女性向,请不要把男玩家包括其中”、“初音未来、洛天依不正是新一代的萌宠吗?尽管我们都叫她偶像”…… 如此种种,大多基于一种基调――一个过时的宠物,13年的寿命不可谓不长,比真实的宠物大多还要久,凋零了也有接班宠。...
View ArticleClik here to view.
How Hedera Hashgraph is building a fast and secure blockchain alternative
Hedera Hashgraph derives its name from an algorithm. It is based on the “hashgraph consensus” technology that gets around the big trade-off related to blockchain, the fundamental technology behind...
View ArticleOptus and Curtin Uni raise curtain on major AI project
The impact of artificial intelligence on regional telecommunications, higher education and the urban environment will be the focus of a new research group launched today as part of a new alliance...
View ArticleClik here to view.
小心AI成为2003年时的防火墙
在不太适用的用例上过度依赖人工智能(AI)和机器学习,可能遭致不必要的危险。 网络安全行业的短板之一,是过多关注方法学本身,错把方法当成解决方案,而没有认真考虑怎么发挥这些方法的最大效能。当下网络安全行业对AI和机器学习(ML)的大肆吹捧,恰恰反映出了这一现象,令人不由得回想起2003年时的防火墙。...
View ArticleClik here to view.
SSL/TLS协议详解:密码套件,哈希,加密,密钥交换算法(上)
SSL/TLS协议详解(上):密码套件,哈希,加密,密钥交换算法 本文翻译自: https://www.wst.space/ssl-part1-ciphersuite-hashing-encryption/ https://www.wst.space/ssl-part-2-diffie-hellman-key-exchange/...
View ArticleMobile banking Trojans reach all-time high
The number of installation packages for modifications for mobile banking Trojans peaked at more than 61,000 an all-time high in the second quarter of 2018, researchers at Kaspersky Lab have reported....
View ArticleClik here to view.
How do signature-based attacks work?
Recently,whilst delving under the bonnet to find out what firewalls really do I came across the unforgettably-named Ping of Death signature-based attack or PoD. This is what’s known as a...
View ArticleClik here to view.
Cangibrina Admin Dashboard Finder Tool
Cangibrina is a python-based multi platform admin dashboard finder tool which aims to obtain the location of website dashboards by using brute-force, wordlists, Google, Nmap and robots.txt . It is...
View ArticleClik here to view.
Unpatched MikroTik Routers Allow a Threat Actor to Mine Cryptocurrency
Add to favorites Attacker showed a clear understanding of how MikroTik routers work A malicious cryptocurrency mining operation that utilises an unpatched vulnerability in MikroTik network routers has...
View Article