Clik here to view.
Layers and Runtimes @ Protego
Background Protego is the provider of a comprehensive security solution for cloud native and serverless applications, providing enhanced security posture, realtime security observability and cloud...
View ArticleActive Directory Integrated Network Appliances
That’s a Nice Palo-Alto Firewall Forescout Active Directory Integrated Network Appliance you have there … be a shame if it: Exposed it’s PAN Agent hashes to the internet Used a weak password Used a...
View ArticleKIWICON 2038AD Securing a World of Physically Capable Computers
Kiwicon is an IT security conference created by the community and for the community. It was my great pleasure to attend this year. The venue is spectacular but the content is even better. I will...
View ArticleWeek in review: The lessons of Conficker, holiday season cybercrime, IoT...
Here’s an overview of some of last week’s most interesting news and articles: Don’t accept risk with a pocket veto No security professional wants to accept risk. If we had our way, the organization...
View ArticlePassword bAdvice
TL;DR: Guy who knows everyone has weak passwords, tells them it’s their fault they get hacked, yet, it’s not their fault he has their passwords. good talk. I spent some of Thursday and Friday trying...
View ArticleBuilding a Multi-Cloud Strategy? Be Sure to Address the Security and...
Many organizations today are adopting a multi-cloud strategy, using services from several cloud providers and deploying offerings such as software-as-a-service (SaaS), platform-as-a-service (PaaS), and...
View ArticleClik here to view.
Are Developers Your First Line of Security Risk or Defense?
Every organization on the planet, whether public or commercial, is facing an ongoing challenge: to exist in an increasingly digital space. Past products must transform to meet the digital expectations...
View ArticleIf otherwise, compare the table to the string
I have the following if-else : if (entity.length > depot.length) { for (var i = 0 ; i < entity.length; i++) { promises.push(this.getDataFromREST(security, i)); console.log(entity, depot) } }...
View ArticleClik here to view.
FIT 2019 议题前瞻:AI+安全,是机遇亦是挑战 | 前沿安全神盾局
从“互联网+”到“AI+”,信息化时代向新的阶段进化。2018年,人工智能的发展逐渐落到实处,少了许多浮夸和空谈。网络安全战略意义的升级,“网络安全+AI”已经成为了必然的趋势。 2018年,全球网络环境中已经出现了不少恶意软件、黑客攻击事件中利用人工智能技术。这意味着安全人员与网络攻击者在AI领域又将上演一场新的竞速。同时AI技术的发展,也伴随着其本身安全问题地不断暴露与修复。...
View ArticleClik here to view.
EICS:一个致力于守护工控系统安全的攻防竞赛
我国2017年颁布的《网络安全法》规定:将影响国家安全、国计民生、公共利益的关键信息基础设施,在网络安全等级保护制度的基础上,实行重点保护。各行各业必将制定政策法规,加强关键信息基础设施网络安全的监督管理。...
View ArticleClik here to view.
Avoid the “Kittens of Doom” Emoji Attack, patch your Skype for Business...
A denial of service vulnerability exists in Skype for Business clients. If the attacker sends you a huge amount of emojis, e.g. cute kittens. Depending on the actual amount of kitten emojis, you might...
View ArticleClik here to view.
BUF早餐铺 | 警惕Rotexy移动木马,三个月内已发起超过70000次攻击;Aurora勒索软件的最 ...
各位 Buffer 早上好,今天是 2018 年 11 月 26日星期一,农历十月十九。今天的早餐铺内容有:警惕Rotexy移动木马,三个月内已发起超过70000次攻击;Aurora勒索软件的最新变种Zorro日趋活跃;25个欧盟成员国将开展电子作战领域合作;防御DNS攻击成本报告:机构2018年平均损失71.5万美元;全新的Rowhammer攻击可能绕过内存ECC保护机制。...
View ArticleClik here to view.
欧美国家关于个人信息保护的立法实践
【编者按】华住酒店数据泄露事件引发的公众热议逐渐在网上淡去,这很大程度上是因为我国在立法层面问责和监管缺位。在当前个人信息泄露频繁、大数据顶层设计不到位和第三方监管缺乏的背景下,在个人信息保护方面,欧美国家的立法实践可以为我们提供一些启示。 欧美国家关于个人信息保护的立法实践 上海戎磐网络科技有限公司首席信息官 Slimming Panda “很好与优秀只差一点点距离,这段距离叫安全”。8 月...
View ArticleIPFire Hardened Linux Firewall Gets 802.11ac Wi-Fi Support, Security Updates
IPFire project's Michael Tremer announced today the general availability of IPFire 2.21 Core Update 125, an incremental update to the hardened open-source linux firewall distribution targeted at...
View ArticleClik here to view.
Stablecoin space to face storm of disruption from ROCKZ, a coin backed by one...
The stablecoin space is to face a storm of disruption from ROCKZ, the first legally enforceable stablecoin backed by the Swiss Francs, one of the strongest fiat currencies in the world. Those that have...
View ArticleClik here to view.
Entering the New Age of the CISO
Add to favorites “The need to separate roles in an organisation into discrete functions is imperative” The role of a Chief Information Security Officer (CISO) is undoubtedly changing. Not only does the...
View ArticleIDG Contributor Network: 7 security trends to watch in 2019: More AI,...
In reflecting on 2018 from a security perspective, some of the major themes, as I’ve written previously, have been about new AI security tools, industry consolidation and the blurring of lines between...
View ArticleThe US Postal Service exposed data of 60 million users
A broken US Postal Service API exposed from over 60 million users and allowed a researcher to pull millions of rows of data by sending wildcard requests to the server. The resulting security hole has...
View ArticleClik here to view.
Overview of Web Application Security Scanners
The number of cyber attacks is increasing every year, they are becoming more widespread and are causing increasing losses. Cybercriminals are targeting not only corporate networks and computers but...
View ArticleClik here to view.
程序员必须了解的计算机加密规则-公钥和私钥
这些密码学的概念容易被搞混淆,的确也情有可原。因为公钥、私钥、加密、认证这些都是较为复杂的问题,其概念不太容易理解,理解不透就容易产生各种似是而非的概念,为了让大家对于密码学有进一步的了解,这里我就详细解说一下公钥和私钥的具体作用和使用方法。 加密和认证 首先我们需要区分加密和认证这两个基本概念。...
View Article
