华为发布2016年网络安全白皮书 呼吁ICT产业加大合作力度
光明网讯(记者郭丽君)华为近日发布了2016年网络安全白皮书《全球网络安全挑战――解决供应链风险,正当其时》,旨在阐述全球信息及通信技术(ICT)产业在应对供应链安全挑战方面的不间断努力、优秀实践及标准。白皮书还阐述了如何保障全球供应链的安全,分享了供应链专家、标准组织及及华为的优秀实践,并呼吁各方加大合作力度,应对这一共同挑战。...
View ArticleTeamView余波危机,英国运营商TalkTalk用户深陷水火
近日,深陷被黑疑云的 TeamViewer再次被推至风口浪尖,而此次躺枪的是 TalkTalk 用户 。 TeamViewer 事件详细报道请查看 《TeamViewer服务器挂了,被黑谣言四起》 。 近日,拥有TeamViewer 账户的ISP (InternetService Provider)用户表示,他们正遭受试图控制他们电脑的投机分子的攻击。...
View ArticleGrab this "The Data and Internet Security Guide, Vol 2" eBook (valued at $9. ...
Advanced tips and tools for safe computing -- on and off the Web.. Claim your complimentary copy (valued at $9.95) for free now! What's it about? This eBook takes computing security to the next level....
View ArticleJSON Web Tokens (JWT) deep walkthrough are sessions dying?
What is JWT? In essence it's a signed piece of data in JSON format. Because it's signed the recipient can verify its authenticity. Because it's JSON it weights very little. If you are after the formal...
View ArticleJust a quick reminder that you cannot sneak your iguana into court
Before stepping through the security line, ensure you do not have any hazardous materials, weapons or large lizard pets. Security at the Boulder Justice Center in Colorado discovered an iguana in a...
View ArticleIntel Management Engine's security through obscurity should scare the ****...
For a long time there was a commonly held belief that open source products were inherently more secure because there was nothing hidden. The thought was that with the code for popular applications out...
View ArticleThinking About Smart Contract Security
Over the last day with the community’s help we have crowdsourced alist of all of the major bugs with smart contracts on Ethereum so far, including both the DAO as well as various smaller 100-10000 ETH...
View ArticleDistribution Release: Parrot Security OS 3.0
Parrot Security OS 3.0 has been released. Parrot Security OS is a Debian-based distribution featuring a collection of tools designed for penetration testing, computer forensics, reverse engineering,...
View ArticleDDoS Attack on BitGo Bitcoin Wallet Sends Shockwaves Through the Industry
On Saturday afternoon, a massive DDoS attack hit BitGo, a service that describes itself as the most secure Bitcoin wallet solution available today. The attack lasted between four and five hours and...
View Article比特币钱包服务BitGo遭遇大规模DDoS攻击:波及面甚广
周六下午,自诩“当前最安全的比特币钱包解决方案”的BitGo,遭遇了一场严重的分布式拒绝服务(DDoS)攻击。本轮攻击持续了4-5个小时,期间完全瘫痪掉了该公司的服务器。攻击开始1个小时之后,该公司才开始应对,并在Twitter上向客户表达了歉意。通常情况下,比特币客户需要等待数小时才能完成(被批准)一笔交易。而在过去几年里,BitGo算是打造出了一个独创的、极度安全的、近乎实时交易的比特币平台。...
View Article千万当心这些论坛 论坛已成病毒传播高发区
“你觉得网上哪里的病毒最多?”关于这个问题,相信有经验的老司机们都会毫不犹豫地回答――色情网站。可最近,一批论坛却超越色情网站成为了木马病毒的新窝点,其中不乏一些访问量数十万甚至上百万的大型论坛。任意注册用户都可以在发帖时轻松挂马,利用热门贴等途径向论坛的其他用户发起直接攻击。...
View ArticleStateless Session Logout with Rolling Bloom Filters
One of the headline new features in OpenAM 13 is support for Stateless Sessions , which allow for essentially unlimited horizontal scalability of your session infrastructure. This is achieved by...
View ArticleFixing ERR_SPDY_INADEQUATE_TRANSPORT_SECURITY SSL error in Chrome
Recently, I was upgrading the infrastructure for Hosted Apache Solr , and as part of the upgrade, I jumped from Nginx 1.8.x to 1.10.x, which includes HTTP/2 support . I had previously used SPDY...
View ArticleSecure VSFTPD server with TLS/SSL encryption in Ubuntu 16.04
In our previous tutorial, I have showed you how to setup and configure a basic FTP server using VSFTPD in Ubuntu 16.04 LTS server. If you haven’t setup VSFTPD server, check the following link. Install...
View ArticleVMware NSX Manager SSL certificate a how-to guide
VMware NSX Manager SSL certificate a how-to guide VMware NSX is hot since the day it was released and I personally couldn’t wait to get my hands on it, in my current project we are using VMware NSX to...
View ArticleUsing Masscan with Top Ports
Want to use masscan like nmap and scan just the “top ports”? A quick way of getting that list of ports is to run the following nmap command: nmap -F -oG - 0.0.0.1 -v --top-ports N Where N is the...
View ArticleIn Depth: How hackers are really getting your information, and what you can...
Another day, another hack. People are getting hacked or becoming compromised in their digital lives at an alarming rate, and it seems as though that's not going to slow down any time soon. Just earlier...
View ArticleOracle VP Des Cahill: Get in Tune With Your Customer
Oracle Vice President Des Cahill is the company's head CX evangelist. An expert in B2B software and marketing, Cahill has spent most of his career in Silicon Valley, helping companies develop, refine...
View ArticleNew Malware Mangit Surfaces as Banking-Trojan-as-a-Service
Trend Micro security researchers have uncovered a new malware family called Mangit (BKDR_MANGIT.SM), linked to the Brazilian hacking underground, where it's peddled as a Banking-Trojan-as-a-Service...
View Article