Small Companies, Big Security Concerns
Many people might tend to associate security breaches and malware attacks with large enterprises. After all, the attacks that grab the big headlines generally occur against global companies or large...
View ArticleHackers Exploit Recently Patched ColdFusion Vulnerability
A Chinese APT group has been hacking into web servers by exploiting a vulnerability in Adobe ColdFusion that was patched in September and for which no exploit has been released publicly. The...
View ArticleDissecting GandCrab Version 4.3
Introduction GandCrab is a ransomware that has been around for over a year and steadily altered (I explicitly do not say “improved”) its code. The author(s) version their builds, the version I analyzed...
View Article十大热门网购骗局知多少?腾讯手机管家助你双11安全购物
随着双11的临近,大家好像越来越“忙”,不仅要盯着商家推出的限时优惠券、各类购物津贴,还要向三五好友求助:“今年的购物清单发我参考一下”。与此同时,网络上也流传着各种“文艺女青年购物攻略”、“理工男购物清单”,每时每刻都在刺激着大家的购物欲望。但需要注意的是,网购狂欢背后潜藏诈骗风险。...
View Article针对医疗行业的5大攻击手段
医疗行业覆盖面广,产值巨大,却是最容易遭到网络攻击的,成为网络攻击者目标的可能性几乎是其他行业的 2倍 ,每年都有数不清数据泄露事件发生,数百万患者信息被窃。如果医疗行业不跟上黑客和身份窃贼技术技巧的进化,危机还会升级。 医疗行业网络安全现状 2015年,1.13亿患者沦为医疗行业信息泄露事件的受害者,利益受损,身份被盗。医疗机构遭受网络攻击的次数之多或许就是一个指征:医疗机构平均每天受到...
View ArticleHoliday season is DDoS season
Is your business ready for the holiday season? As we approach the holiday season and bring in thoughts of good cheers, many companies are faced with an elevated risk of cyber-attacks. What makes the...
View Article黑客溯源分析技术
0x00、概述 现有的网络安全防御体系中,特别是威胁感知系统中,不仅要透视黑客使用哪些手段攻击你,还要知道谁在攻击你。对攻击者的溯源需要从两方面着手,第一,对黑客使用的攻击设备做准确的定位和关联分析。第二,在黑客实施攻击过程中drop的样本做相识度溯源分析。 0x01、设备追踪技术 1、设备指纹追踪发展历史 2、目前厂商使用的比较多的设备追踪技术 (1)图片渲染引擎的特征(显卡指纹)...
View Article利用“已知明文攻击”破解加密的压缩文件
编者按 压缩文件的解密问题,一直是萦绕在电子取证人员心里的一把锁。当领导或者办案人员问到“能不能破解?”的时候,既不能回答“能”,又不能回答“不能”。解密的方法有很多,今天,小编向大家介绍一种较为特殊的方法或者机制,供取证圈的广大朋友参考。 “已知明文攻击”的概念和原理 我们为zip压缩文件所设定的密码,首先被转换成3个32bit的 key...
View Article4 Things to Do Immediately If Your Kids Are Hacking
Kids born only a decade ago have far more tech prowess than their parents. This false sense of technical skill leads many kids to infect their parent’s home computers and devices with malicious...
View ArticleThree-factor authentication is the new two-factor authentication
Two-factor authenticationcontinues to provide our online selves with more security for our email and online banking. Meanwhile, in the physical world, protecting our valuables is now all about...
View ArticleNovember security patch forces Night Mode when Battery Saver is enabled,...
With the November security patch that began rolling out to Pixelslast week, one change was made to the way Night Mode and Battery Saver interact. When the latter is enabled, the former immediately...
View ArticleWhat you need to know before choosing your first cryptocurrency wallet
Welcome to Hard Fork Basics, a collection of tips, tricks, guides, and advice to keep you up to date in the cryptocurrency and blockchain world. This might seem like an obvious one to a seasoned...
View ArticleSecurity vs Utility Tokens
After you decide that your product is a good use case for a blockchain and it makes sense to issue your own cryptocurrency it is time to determine the type of your token. The thing is that if your...
View ArticleSophisticated Campaign Targets Pakistan's Air Force
Espionage campaign uses a variety of new evasion techniques. A new campaign of exploits and malware has hit Pakistan's Air Force, and it shows signs of being the work of a sophisticated state-sponsored...
View ArticlePartnership for greater IT security: Panasonic teams up with Rohde &...
Panasonic partners with Rohde & Schwarz Cybersecurity to offer leading software solution for securing mobile devices BRACKNELL, UK. 13th November 2018 Panasonic today announced a new partnership...
View ArticleAruba Introduces New Secure, AI-Powered Mobility Innovations for the...
New Series of 802.11ax Access Points, 802.11ax-optimized Switches, and AI-Powered Software to Give Organizations a Secure, Autonomous Network for the Mobile, Cloud and IoT Era SANTA CLARA, Calif....
View ArticleAqua Security Extends Container Security Platform
Aqua Security today announced it has natively extended the reach of its container security platform to include serverless computing frameworks. Version 3.5 of Aqua Container Security Platform (CSP)...
View ArticleNew IoT Security Regulations
Due to ever-evolving technological advances, manufacturers are connecting consumer goods -- from toys to lightbulbs to major appliances -- to the internet at breakneck speeds. This is the Internet of...
View ArticleSecurity between app and server?
I know that there are a ton of threads about this. But I'm still confused. I've got an app that making request to my server(nodeJS) to get JSON-data. For the moment everyone can get everything at:...
View ArticleCVE-2018-15961在野利用
如果你的企业运行着ColdFusion网络版,那么你可能需要检查一下你的服务器了。Volexity研究人员近期发现Adobe ColdFusion CVE-2018-15961的漏洞利用。Adobe已经发布了该漏洞的补丁,并且没有公布该漏洞的详情和PoC。...
View Article
More Pages to Explore .....