Quantcast
Channel: CodeSection,代码区,网络安全 - CodeSec
Browsing all 12749 articles
Browse latest View live

Image may be NSFW.
Clik here to view.

The struggle against digital threats is real―But Malwarebytes has your back

Everyone lives on the internet, period. Whether you’re streaming a standup special on Netflix, answering emails from your boss, chatting on Tinder, or completing everyday errands like paying bills...

View Article



Image may be NSFW.
Clik here to view.

Why Banks Should Encrypt for Security Rather than Compliance

Why Banks Should Encrypt for Security Rather than Compliance kdobieski Tue, 11/20/2018 13:57 Banks here, like others around the world, are indeed concerned about implementing end-to-end encryption....

View Article

Image may be NSFW.
Clik here to view.

Both consumers and retailers need to up their cyber security to make holidays...

We’ve got some Black Friday advice for retailers and shoppers who want to keep everyone’s data safe and secure, for a truly happy holiday season. The original version of this post was published on...

View Article

Only fibre can meet our needs into the future, says ISP chief

A full-fibre national broadband network would have cost much more, possibly as much as an extra $40 billion, but it will have to be built some time as it is the only technology that can do the heavy...

View Article

Image may be NSFW.
Clik here to view.

百度杀毒软件正式谢幕 11月20日以后不再提供下载

【TechWeb】11月21日消息,百度杀毒官网显示“百度杀毒感谢一路有你”,这意味着百度杀毒正式谢幕,不再提供下载。 官网首页,在“百度杀毒感谢一路有你”的大字下方还写着,“了解更多清理加速、杀毒、防欺诈产品,请下载百度手机卫士”、“获取windows安全信息获取和解决方案,请关注微软安全中心”的字样。 公开资料显示,百度杀毒是百度公司出品的专业杀毒软件,2013年4月,百度推出...

View Article


Image may be NSFW.
Clik here to view.

某行小程序投标测试的思路和坑

*本文作者:一只耗子,本文属于CodeSec原创奖励计划,未经许可禁止转载。 先发下牢骚吧,最近看FB里面的文章,大体上往底层概念越来越多,各种挖矿木马的,还有各种难理解的概念,都没有勇气点开看看了。 有关Web层次有价值的文献越来越少了,这点最近在打CTF时候也体现出来了,得PWN者得天下…..Web题有点难度的基本就是大杂烩(把所有和Web相关的整合到一起出一道题)...

View Article

Fancy Bear APT Uses New Cannon Trojan to Target Government Entities

The advanced persistent threat group Fancy Bear continues its attacks on government entities all around the world using a two-stage payload malware campaign dropping the Zebroy Trojan and a new Trojan...

View Article

Image may be NSFW.
Clik here to view.

Gmail也出漏洞,邮件潜在的安全风险不得不防

近日,Gmail被曝出现漏洞:在邮件的“发件人”部分,如果使用错误的标题结构则可能导致攻击者在发件人字段中插入任意内容。 虽然这个漏洞目前还不会造成太大的危害,但是能够添加任意的收件人地址以及发送邮件,也无形之中增加了网络犯罪的可能性。 漏洞来源 该漏洞由软件开发人员Tim...

View Article


Image may be NSFW.
Clik here to view.

0 day漏洞CVE-2018-8589的新利用

11月13日,微软发布了安全公告,修补了我们发现的漏洞。我们于2018年10月17日向Microsoft报告了该漏洞。微软确认了该漏洞,其ID为CVE-2018-8589。 2018年10月,我们的自动漏洞防护(AEP)系统检测到试图利用Microsoft windows操作系统中的漏洞。进一步分析显示win32k.sys中存在0...

View Article


区块链已成黑客攻击重灾区――区块链安全标准有望出台

过去10年,区块链技术快速发展,被认为是未来信息存储的主要发展方向。但是,由于缺乏安全基础设施建设和防护,区块链成为黑客攻击的“重灾区”,行业亟待建立严格的安全标准。目前,《区块链平台安全技术要求》行业标准正在立项并起草...

View Article

Sofacy APT Takes Aim with Novel ‘Cannon’ Trojan

The Sofacy APT group is back, with a new second-stage custom malware payload that researchers have dubbed “Cannon.” A campaign against several government entities around the globe, including in North...

View Article

Image may be NSFW.
Clik here to view.

Flash Player类型混淆严重漏洞,成功利用可能导致任意代码执行(CVE-2018-15981)

Adobe修补了Flash Player中的一个关键漏洞,潜在攻击者可利用该漏洞在当前用户的上下文中触发任意代码执行条件。 Flash Confio安全问题出现在Flash Player 31.0.0.148及更早版本中,它会影响在多个平台上运行的版本,从windows和macOS到linux和Chrome OS。 正如Common Weakness Enumeration平台 所详述的那样...

View Article

Tips to Protect Your Domain[s] Investments

A few months back I was working with a customer that was having the worst day of their lives. Attackers had taken full control of their most critical digital asset their domains and the domains of...

View Article


LDAP nested group membership query

I have a lot of applications at work which do not support Active Directory but instead rely on LDAP queries for granting user access. A problem we have is much of our access is granted to a security...

View Article

动态 | 网络安全公司在Make-A-Wish基金会网站上检测到加密恶意软件

据cointelegraph消息,近日,网络安全公司Trustwave发布的一份报告称,黑客已经通过加密劫持恶意软件感染了全球非营利组织Make-A-Wish基金会的网站。据Trustwave研究人员称,加密恶意软件设法将一个javascript(JS)矿工CoinImp纳入域名worldwish.org,以便非法挖掘以隐私为特点的加密货币...

View Article


A bit of smart security design from Tiller

A bit of smart security design fromTiller I’m trying out Tiller (a service that pulls financial transaction data into Google Sheets), and there’s a nifty bit of security design. Instead of its own...

View Article

Govt pledge to put all services online by 2025

The Federal Government has said it would make all services with which citizens have to interact accessible online by 2025, according to a Digital Transformation Strategy released by Human Services and...

View Article


Image may be NSFW.
Clik here to view.

A Complete Guide on Prestashop Security.

E-commercehas gained momentum within these few years. As a result, multiple online platforms likeMagento,Opencart,andPrestashop have sprung up. Prestashop has been gaining popularity globally. Thanks...

View Article

US Homeland Security reportedly infiltrating WhatsApp groups and using paid...

The Department of Homeland Security is reportedly using paid undercover informants to gather intelligence on the migrant caravan nearing the US-Mexico border, according to multiple news reports ....

View Article

Image may be NSFW.
Clik here to view.

Blockchain security: Economic vs technical attacks

(Image Credit: TechCrunch 中国) One of the many promises of blockchain technology is that it allows users to store and exchange valuable information in a secure and tamperproof way. But how secure is...

View Article
Browsing all 12749 articles
Browse latest View live




Latest Images