Clik here to view.
What’s new in Windows Defender ATP
Across windows Defender Advanced Threat Protection ( Windows Defender ATP ) engineering and research teams, innovation drives our mission to protect devices in the modern workplace. Our goal is to...
View ArticleManaging the Risk of IT-OT Convergence
A few years ago, it wasn’t easy getting executives on board with the concept of operational technology (OT) security. Having finally come around to acknowledging the need for information technology...
View ArticleClik here to view.
iOS12 被黑客攻破,iPhone X 上被删照片也能看到
根据《福布斯》最新的报道 ,两位黑客表示已经攻破 iOS 12.1 系统,利用编译器代码中的漏洞来查看 iPhone 设备上存放在“最近等待删除”相册的照片。 这是目前在东京举办的 Mobile Pwn2Own 活动上曝光的漏洞。Richard Zhu 和 Amat Cama 联手发现并展示了这个漏洞。 在现场视频的演示中,Richard Zhu 和 Amat Cama...
View ArticleClik here to view.
攻防最前线:勒索软件Dharma近期已攻陷上百个希腊网站
在过去的几个月里,有新闻报道称,一家颇受欢迎的啤酒厂遭到了勒索软件的攻击,而与此同时,一个主要的海港也遭遇了同样的问题,导致进出港口的船只受到影响。调查显示,这两起案件的罪魁祸首都是Dharma(也称CrySiS)勒索软件。 事实上,有很多Dharma勒索软件变种在短时间内出现,伴随而来的是一些新的扩展名,如.bip和.combo,以及最近的.gamma。 FortiGuard...
View ArticleClik here to view.
非对称加密体系
#简介 对称加密的问题在于密钥配送问题,因为对称加密和解密使用的是同一个密钥,因此在发送密文的同时也要发送密钥,但是其中又存在矛盾,如果能安全的发送密钥,可以使用同样的方式发送明文,这样对称加密就没有存在的必要了,此时非对称加密就应运而生。非对称加密也叫做公钥密码,使用公钥密码可以很好的解决密钥配送的问题。...
View ArticleClik here to view.
台积电:病毒损失近5.84亿元 无法评估欧盟调查的后果
11月15日下午消息,据中国台湾地区媒体报道,台积电第三季度财报显示,8月3日电脑病毒感染事件约造成25.96亿新台币(约人民币5.84亿元)损失;而对于欧盟委员会调查反垄断一事,台积电表示,目前相关程序仍在初期阶段,无法评估后续进展及可能结果或影响。...
View ArticleClik here to view.
基于Bushido的DDoS服务只需要几美元就能打垮一个网站
前言 近期,来自FortiGuard实验室的安全研究专家发现了一个名叫“0x-booter”的DDoS即服务平台,这个平台虽然代码架构不优秀,但是功能却非常强大,而且还提供了易于使用的用户接口。 “0x-booter”首次出现在大家眼前是2018年10月17日,根据当时Facebook上的一条广告,这个平台能够提供超过500Gbps的攻击流量和20000多个bot。 根据Fortinet发布的...
View ArticleClik here to view.
[原]数字签名
#简介 假设Alice需要向Bob借100万元,不过,Alice和Bob离得很远,无法直接见面。通过银行汇款,Alice可以立刻从Bob那里收到钱,但是Alice的借条应该怎样发送给Bob呢?可以用挂号寄过去,不过那样需要花上一段时间,能不能用电子邮件来发送借条呢?比如: “Bob,我向你借款100万元。-----Alice"...
View ArticleClik here to view.
sr.ht, the hacker's forge, now open for public alpha
I’m happy to announce today that I’m opening sr.ht to the general public for the remainder of the alpha period. Though it’s missing some of the features which will be available when it’s completed,...
View ArticleBlack Friday alert
Banking Trojans traditionally target users of online financial services; looking for financial data to steal or building botnets out of hacked devices for future attacks. However, over time, several of...
View ArticleClik here to view.
ATM security still running Windows XP
New research from Positive Technologies has revealed that ATM machines are vulnerable to a number of basic attack techniques that could allow hackers to steal thousands in cash. The company's...
View ArticleClik here to view.
Why You Need More than Certificate Authority Management Solutions
Why You Need More than Certificate Authority Management Solutions kdobieski Thu, 11/15/2018 09:40 In fact, giving further thought to the question of CA management solutions, it does not seem to make...
View ArticleCryptoMove Launches Private Beta for Tholos Key Vault to Secure Cloud Native...
Cloud-native Secrets Management Key Vault Delivers Enterprise-grade Scalability, Reliability and UI/UX; Moving Target Defense Enables Security Paradigm Shift for Microservices and Multi-cloud Recent...
View ArticleResearchers Created Fake 'Master' Fingerprints to Unlock Smartphones
AI can generate fake fingerprints that work as master keys for smartphones that use biometric sensors. According to the researchers that developed the technique, the attack can be launched against...
View ArticleClik here to view.
Introducing Kibana Spaces for Organization and Security
Organize your work with Kibana spaces Version 6.5 introduces our new Spaces feature. Spaces allows you to organize your dashboards, visualizations, and other saved objects into meaningful categories....
View ArticleClik here to view.
R tip: Keep your passwords and tokens secure with the keyring package
As a former security reporter, it makes me a little queasy to store a password or token in plain text. And that’s basically what happens when you store a password or token string in an R environment...
View ArticleClik here to view.
Feature Spotlight Behavioral Indicators and MITRE ATT&CK for Enterprise ...
The complexity of today’s cyber threats presents unique challenges for IT administrators and security practitioners. You may know a specific file is malicious, but how did it get there? How did it...
View ArticleClik here to view.
What Do We Really Need to Encrypt. Cheatsheet
We frequently see how regulatory requirements are mapped onto real-world demands during the integration ofour tools andsecurity consulting projects. Producing a coherent vision of which data assets...
View ArticleCloud, China, Generic Malware Top Security Concerns for 2019
FireEye researchers unveil an extensive list of security risks waiting in the new year's wings. There may still be nearly seven weeks left in 2018, but security leaders are already looking ahead to the...
View Article