Quantcast
Channel: CodeSection,代码区,网络安全 - CodeSec
Browsing all 12749 articles
Browse latest View live

Former Facebook security chief Alex Stamos: Being a CSO can be a ‘crappy job’

Alex Stamos has been at the helm of some of the world’s most powerful companies for the past half-decade and is widely regarded as one of the smartest people working in the security space. Now, just a...

View Article



Image may be NSFW.
Clik here to view.

代码审计3-熊海cms v1.0

菜狗子学代码审计,只能挑挑软柿子捏一捏了。MVC框架现在估计是审计不出来,只能找找代码流不仅小一点,小型的CMS下手了。所以找了这一套又老有小的CMS来练练手了,目前还是用 seay审计系统 先扫描可疑的漏洞点,然后一个一个地去看漏洞涉及的代码,可能菜是原罪吧。 熊海CMS v1.0 任意文件包含 在路径 /admin/index.php 中,有一段入口文件代码: <?php...

View Article

McDreary? The Future of Medical Call Centers & DDoS

As healthcare’s digital transformation continues, security remains a top priority ― especially as distributed denial-of-service (DDoS) attacks target the click-to-call features on websites....

View Article

Image may be NSFW.
Clik here to view.

Vulnerability Spotlight: TALOS-2018-0560 - ERPNext SQL Injection Vulnerabilities

Vulnerabilities discovered by Yuri Kramar from the Cisco Security Advisor Team Overview Talos is disclosing multiple SQL injection vulnerabilities in the Frappe ERPNext Version 10.1.6 application....

View Article

U.S. Charges North Korean in Sony Hack and WannaCry Virus Attack

(LOS ANGELES) ― A computer programmer working for the North Korean government was charged with devastating cyberattacks that hacked Sony Pictures Entertainment and unleashed the WannaCry ransomware...

View Article


Security Tokens Get a Boost as PayPal Vet Joins 0x Board

In the future, many traditional investments like real estate and corporate shares will come in the form of digital tokens that are bought and transferred on a blockchain. Right now, this type of...

View Article

Image may be NSFW.
Clik here to view.

Singapore moots 'essential' cybersecurity rules for financial firms

Singapore has proposed a set of cybersecurity rules that financial institutions, including banks, in Singapore must adopt to ensure their IT systems are adequately protected and to beef up their cyber...

View Article

Image may be NSFW.
Clik here to view.

LIVESTREAM: DEF CON Badgelife Hardware Hacking

Abstract: When attacking IoT devices, it is often beneficial to bypass software and interact with the device’s hardware directly. Doing so allows for much greater access and control, but requires more...

View Article


Detectify security updates for 6 September

For continuous coverage, we push out major Detectify security updates every two weeks, keeping our tool up-to-date with new findings, features and improvements sourced from our security researchers and...

View Article


Becoming a Security Analyst: Requirements, Responsibilities, Salaries

Cybersecurity is a challenge that every enterprise needs to address. With the increased frequency of highly sophisticated attacks, businesses have had to turn to security experts who can leverage best...

View Article

齐向东:传统IT安全架构已跟不上时代发展

人民网 ( 603000 , 诊股 )北京9月7日电 (易潇)9月4日-6日,2018年ISC互联网安全大会在北京举行,今年大会的主题是“安全从0开始”,会上,360企业安全集团CEO齐向东接受记者采访。 齐向东表示,今年影响全球的网络安全事件此起彼伏,感知安全威胁变得越来越困难,必须回到安全的本源和原点思考,让安全从0开始,重新审视网络安全的思想、方法、技术和体系。 谈危机:传统安全架构已失效...

View Article

Image may be NSFW.
Clik here to view.

倪光南院士: 我国网络安全产业的发展任重而道远

9月5日,中国工程院院士倪光南接受人民网IT频道专访 人民网北京9月7日电 (任妍) 9月4日-6日,2018年ISC互联网安全大会在北京举行,今年大会的主题是“安全从0开始”,9月5日,中国工程院院士倪光南接受了人民网IT频道专访。他表示,在今年大会现场,出现了很多新的企业、新的网络安全技术和产品,这说明我国网络安全产业的创新力很强。同时,他也强调,我国网络安全产业的发展依然任重道远。...

View Article

郝叶力:网络安全一直在路上

人民网北京9月7日电 (易潇)9月4日-6日,2018年ISC互联网安全大会在北京举行,今年大会的主题是“安全从0开始”,会上,国家创新与发展战略研究会副会长郝叶力接受记者采访。 随着大数据云计算技术的飞速发展,世界已经进入了大数据时代,郝叶力认为大数据一定要流动起来才能保证互联网的繁荣,数字经济的发展发达。...

View Article


Image may be NSFW.
Clik here to view.

Calyptix Responds to NIST Small Business Cybersecurity Act

Charlotte, NC A new federal law is expected to bring “clear and concise” resources to help small businesses protect against the growing threat of cyber attacks. Signed on Aug. 14, the NIST Small...

View Article

Former Facebook security chief says creating election chaos is still easy

As someone who’s had a years-long front row seat to Russia’s efforts influence US politics, formerChief Security Officer Alex Stamos has a pretty solid read on what we can expect from the 2018...

View Article


Image may be NSFW.
Clik here to view.

British Airways Customer Data Stolen in Website and Mobile App Hack

In a statement, British Airways stated: “ From 22:58 BST August 21 2018 until 21:45 BST September 5 2018 inclusive, the personal and financial details of customers making bookings on ba.com and the...

View Article

Image may be NSFW.
Clik here to view.

Android App渗透测试工具分享

自己在网上搜集了一些App安全学习教程及工具,项目地址: https://github.com/Brucetg/App_Security 这段时间因为某些原因接触了Android App渗透测试,发现了几个不错的App渗透测试工具(虽然这些工具早就出来了 2333),搭建测试环境的过程中遇到了一些问题,特地总结一下,希望能给大家带来帮助。 一. drozer简介...

View Article


Image may be NSFW.
Clik here to view.

ProtonMail证实协助逮捕了Apophis Squad的重要成员

这个夏天,安全电子邮件服务提供商 ProtonMail 遭遇了多起网络攻击。幸运的是,在 Radware、F5 Networks、以及自家安全团队的帮助下,其努力将损失和影响降到了最低。 分析发现,其中一名攻击者,是来自 Apophis Squad 的重要成员 ―― George Duke-Cohan,其最终被英国犯罪调查局给逮捕。 此前他曾因为发出炸弹威胁,导致学校 400 人紧急撤离。...

View Article

网页劫持

最近和朋友谈到网页劫持,之前对这个话题还不是很了解。但在我们访问网页是,突然就能被传送到不知所谓的页面,铺满各种“屠龙宝刀点击就送”、“充值XX元就可获得流量大礼包”之类的内容。就算不是页面跳转,网页也有可能被插入额外的广告,无论是去哪个网站都会有一个烦不胜烦的小窗无法消除。 劫持分类...

View Article

以色列“网络安全强国”孵化术

对在以色列国防军8200部队服役两年的士兵,有私人公司愿意开出高薪或者提供学费、公寓、汽车和补贴等诱人福利,以提前预定这些人才,确保他们能在服役结束后进入公司,成为中坚力量。 《环球》杂志记者/王博闻(发自特拉维夫) 以色列高科技非营利组织Start-Up Nation...

View Article
Browsing all 12749 articles
Browse latest View live




Latest Images