Clik here to view.
The Security Talent Gap is Misunderstood and AI Changes it All
Despite headlines now at least a couple years old, the InfoSec world is still (largely) playing lip-service to the lack of security talent and the growing skills gap. The community is apt to quote and...
View ArticleClik here to view.
QBOT变种近期活动及分析
概述 彼时,Mirai与QBOT先后在GitHub上公开了源代码,对IOT安全产生了巨大的影响,在此前Mirai的感染过程中还主要针对QBOT做了一系列对抗的行为。 近期绿盟威胁情报中心(NTI)研究团队捕获到了首例结合Mirai扫描特征的QBOT变种,同时该变种还增加了多个漏洞利用进行传播。...
View ArticleClik here to view.
Hack the MinU: 1 (CTF Challenge)
Hello Friends! Today we are going to solve another CTF challenge “MinU: 1” This boot2root is an Ubuntu Based virtual machine and has been tested using Virtual Box. The network interface of the virtual...
View ArticleWhat Is a Data Protection Officer?
Introduction to the General Data Privacy Regulation The General Data Privacy Regulation (GDPR) governs how the personal data of EU citizens can be collected, transmitted, processed and stored inside...
View Article3 Ways You Can Lose Your Social Security Benefits
Social Security benefits are a critical part of most Americans' retirements, so it's rather important to aim to get as much as you can from the program. I've written before about various ways that you...
View Article时刻绷紧网络安全这根弦
8.02亿、4.33亿、5.4万……一组看似枯燥的数字在网络安全宣传周期间再度引发了人们的关注。8.02亿网民中4.33亿人在2018年1月至6月间遭遇过网络安全问题,5.4万则是上半年报告过的网络安全事件。 看不见的互联网在给我们生活带来便利的同时,还把我们以前想象不到的病毒、黑客、网络诈骗等等一系列网络安全问题裹挟到了我们跟前,给了我们“当头一棒”,让我们认识到了它的破坏力之大!...
View Article攻守兼备,构建“三不”网络安全新格局
网络安全一直是牵动人心的敏感话题。在“全网时代”,网络空间清朗安全与否不仅关乎每个网民的切身利益,也是国家治理体系和治理能力现代化的“网端”投射和重要体现。...
View Article信任需求就像网络安全需求,不出事故不被发现
信任需求就像网络安全需求,不出事故不被发现 Odaily星球日报 16小时前 区块链信任需求什么时候能变“刚”? “入华”数年,区块链经历了不少起落。 最初比特币从业者受人侧目,到今天被贴上 “高大上” 和“一夜暴富”的标签。纵使争议不断,但总算是是可以 “抬起头买币” 了。从底层来看,业界对区块链技术的使用场景也有了不同的认识,在 2015 年到 2016...
View ArticleClik here to view.
制贩假证团伙雇佣黑客入侵全国近百个政府网站,篡改数据为假证提供查验服务
警方查获的假证 20日,四川省公安厅网安总队对外通报,今年7月,泸州网安支队侦破一起非法控制计算机信息系统、伪造公文证件案,抓获犯罪嫌疑人14名,其中9人已被批捕。...
View ArticlePHP Security: Passwords
My Password Rules Minimum length of 16 characters. Maximum length of 256, 512, 1,024 or 2,048 characters. Make sure the password isn't pwned. ALLOW PASTING OF PASSWORDS! Microsoft has a maximum...
View Article“网络仿真靶场”虚拟未来城市信息安全防护策略
随着智慧城市的发展,未来城市将处于一个巨大而复杂的网络环境中。那么,面对复杂、智能的网络环境,如何保证城市级的整体信息安全防护需求?答案是信息安全防护体系必须更智能。 在2018年国家网络安全宣传周期间,成都“城市网络仿真靶场”上演了一场虚拟的“城市网络控制权争夺战”。...
View ArticleClik here to view.
技术讨论 | Meterpreter在Windows 445端口实施远程NTLM中继攻击测试
写在前面的话 劫持445端口来执行中继攻击或Hash-Capturing攻击已经是一种经常会出现的攻击方式了,当你使用meterpreter感染目标设备时,你如何监听445端口呢?就在几周之前,这个话题再次浮出了水面。但实际上,现有的工具早就已经解决了这个问题了,只不过很少有人知道罢了…...
View ArticleClik here to view.
黎曼猜想对我们影响不大
作者: tiankonguse | 更新日期: 2018-09-22 23:40:00 听说黎曼猜想被证明了 最近一个消息在数学圈火了起来。 9月21号。一条大新闻炸翻了学术界:著名数学家、菲尔兹奖和阿贝尔奖双料得主阿提亚爵士(Sir Michael Francis Atiyah)宣布要在本月24号在海德堡宣讲自己对于黎曼猜想的证明。...
View ArticleClik here to view.
Threat Roundup for September 14 to September 21
Today, as we do every week, Talos is giving you a glimpse into the most prevalent threats we’ve observed this week ― covering the dates between Sept. 14 and 21. As with previous roundups, this post...
View ArticleClik here to view.
Ggplot2 tutorial
Should you bother with ggplot? Switching to data visualisation through code is a huge ask. Is this how you feel about code? How I used to feel about code. This is a perfectly normal reaction . But..!...
View ArticleBitcoin Crisis Averted DoS & Inflation Vulnerability Patched
Since its release in 2009, Bitcoin Core has dealt with several software bugs, yet only a few have been deemed as serious and high-risk. Recent reports indicate that a bug which essentially allowed...
View ArticleClik here to view.
Going from an “A” to an “A+” on ssllabs.com
In aprevious post, I went into some (hopefully enough) detail on getting nginx working on docker with Letsencrypt. To wrap up the post, I had ran my website through ssllabs.com , and received an “A”...
View ArticleClik here to view.
Getting around Chrome POST XSS Protection
On this page: I've been working on a small string conversion utility for turning strings into various code formats. Specifically, I've been writing a number of Visual Studio Code templates and VS code...
View ArticleClik here to view.
比特币核心发现网络漏洞CVE-2018-17144 社区敦促所有节点尽快升级补丁
金色财经 区块链9月22日讯本周五(9月21日),比特币核心开发人员披露了几个漏洞,并多次呼吁所有节点需要优先升级到最新版本,因为这些漏洞可能会对比特币客户端的一些操作执行产生影响。 除了披露了有关漏洞(CVE-2018-17144)的具体技术细节之外,比特币核心开发人员还解释了如何处理比特币网络威胁,并且公布了在比特币核心版本0.16.3中发现和修补漏洞的时间线。 根据公布的通知中写道:...
View Article广东警方侦破黑客类案件100余宗 涉案金额2500余万元
广东警方“净网安网”15号专项行动收网 侦破黑客类案件100余宗 涉案金额2500余万元 来源:南方都市报 南都记者从广东省公安厅获悉,近日,在公安部的指挥协调下,省公安厅组织开展“净网安网”15号打击黑客网络攻击破坏违法犯罪专项行动。行动期间,共侦破黑客类案件100余宗,成功打掉黑客团伙30余个,刑事拘留160余人,核实被攻击入侵网站7240余个,涉案金额共计2500余万元。...
View Article