Quantcast
Channel: CodeSection,代码区,网络安全 - CodeSec
Browsing all 12749 articles
Browse latest View live

Image may be NSFW.
Clik here to view.

网络风险管理的三个关键词:协作、数据、评估

企业风险管理(ERM)的目标即企业可用最经济合理的方法来综合处理风险。过程可简述为对企业可能面临的各种风险进行评估,对其进行分类、量化,了解对风险的容忍度,并适时采取及时有效的方法进行防范和控制。...

View Article



Image may be NSFW.
Clik here to view.

网络协议传奇(五):大国阴影难消除

温顿瑟夫与TCP/IP的风云际会始于1973年,他在后来的回忆中提到,直到20年后他才意识到当年参与的这项开创性工作正在改变世界,而触发这一认知的是网景公司推出的万维网服务,“这意味着普通人也能随意使用网络,我发现变化真的发生了”。 但是,如同物理学史上著名的“两朵乌云说”,就在温顿瑟夫们为互联网的伟大而弹冠相庆时,互联网上空已经乌云来袭,并且它向人们发出了强烈的安全警示。 (图片来源:包图网)...

View Article

Cisco Fixes Critical SQL Injection Vulnerability in Prime License Manager

Cisco just patched a critical SQL injection vulnerability residing in the web framework code of theCisco Prime License Manager (PLM) designed to help administrators to manage user licenses on an...

View Article

Image may be NSFW.
Clik here to view.

2019年网络安全的9个预测

预测一向很难,而且网络安全领域的预测更难。威胁界面广阔无垠,攻击性和防御性技术层出不穷,民族国家攻击无论规模还是复杂程度都在不断增加。 网络战争迷雾令人很难看清或评估任何趋势。比如说,去年,CSO网站对2018年的预测就没料想到加密货币挖矿的快速上升。事后来看的话,这种对网络罪犯而言相对容易且低风险的变现手法应该是很明显的。...

View Article

Image may be NSFW.
Clik here to view.

FIT 2019议题前瞻:从Bugbounty到网络空间,如何做好一名合格的白帽丨X-Tech技术派对

自网络问世以来,就在不断地通过各种方式改善人们的生活。如今步入“互联网+”时代,互联网的创新成果高度融合在了经济社会的各个领域之中,人们越来越多的日常行为得以通过网络实现。云计算、大数据、物联网、人工智能等等为代表的新一代信息技术与传统产业的融合创新,更是加速了数字化社会的转型革新。不断提升的创新力和生产力,也形成了更广泛的发展生态。...

View Article


Image may be NSFW.
Clik here to view.

【公益译文】网络安全滑动标尺模型 SANS分析师白皮书

阅读: 52 网络安全滑动标尺模型对组织在威胁防御方面的措施、能力以及所做的资源投资进行分类,详细探讨了网络安全的方方面面。该模型可作为了解网络安全措施的框架。模型的标尺用途广泛,如向非技术人员解释安全技术事宜,对资源和各项技能投资进行优先级排序和追踪、评估安全态势以及确保事件根本原因分析准确无误。 作者 :罗伯特 梅里尔 . 李( Robert M. Lee ) 文章目录 执行摘要...

View Article

Image may be NSFW.
Clik here to view.

Tripwire Products: Quick Reference Guide

Here at The State of Security , we cover everything from breaking stories about new cyberthreats to step-by-step guides on passing your next compliance audit . But today, we’d like to offer a...

View Article

Botnets Are Being Repurposed for Crypto Mining Malware: Kaspersky

A security bulletin released by Kaspersky Labs states that botnets are increasingly being used to distribute illicit crypto mining software. In the note , analysts for the cybersecurity firm said...

View Article


Image may be NSFW.
Clik here to view.

How AI and Machine Learning Can Fool Biometric Sensors

Both my phone and my tablet have fingerprint sensors. For some reason, my tablet never reads my fingerprint correctly, so I find I have to try multiple times before giving up and using another method...

View Article


Image may be NSFW.
Clik here to view.

Landmark GCHQ Publication Reveals Vulnerability Disclosure Process

Add to favorites “Our default is to tell the vendor and have them fix it. But sometimes, after weighing up the implications, we decide to keep the fact of the vulnerability secret and develop...

View Article

SOAR Doesn’t Have Mood Swings

If you looked back at how your cyberdefense centers have evolved, you’ll realize that you’ve only thrown more eyeballs on the screen to deal the with the ever-expanding threat landscape. The challenge...

View Article

Image may be NSFW.
Clik here to view.

Perspectives on the ‘Paris Call’

“We the People of the United States, in Order to form a more perfect Union” “Four score and seven years ago” “I have a dream” These are very well known quotes to every American. These quotes where...

View Article

Image may be NSFW.
Clik here to view.

Axiado’s Processor Architecture Without Meltdown & Spectre Vulnerabilitie...

SAN JOSE, Calif. (BUSINESS WIRE) #Firewall Axiado today announces a deterministic in-order protocol for its firewall processor architecture, delivering high performance without compromising security....

View Article


Image may be NSFW.
Clik here to view.

Bare Metal Programming

As the need for safety and security grows across application areas such as automotive, industrial, and in the cloud, the semiconductor industry is searching for the best ways to protect these systems....

View Article

Image may be NSFW.
Clik here to view.

【每日资讯】泄露数百万儿童数据,玩具制造商伟易达被FTC处以65万美元罚款

摘要: 泄露数百万儿童数据,玩具制造商伟易达被FTC处以65万美元罚款 美国联邦贸易委员会(FTC)本日同意与一儿童电子玩具制造商达成和解协议。而实际上该公司伟易达收集了数百万儿童用户数据,却未能做好数据保护工作。 参考来源: theregister windows... 泄露数百万儿童数据,玩具制造商伟易达被FTC处以65万美元罚款...

View Article


Image may be NSFW.
Clik here to view.

工信部:三季度受理涉嫌通讯信息诈骗用户举报1.4万余件次

【TechWeb】11月29日消息,据工信部方面公布的数据显示,三季度,监测处置恶意网络资源、恶意程序、安全漏洞等网络安全威胁约3397万个,其中WannaCry、Globelmposter等多种勒索病毒活跃,WannaCry勒索病毒感染的设备每天仍高达6000至14000台。...

View Article

7 Novice Mistakes to Avoid When Adopting Smart Devices for Your Company

Opinions expressed by Entrepreneur contributors are their own. It typically takes careful planning and execution to be successful when adopting any new technology. Internet-of-Things (IoT) devices are...

View Article


Image may be NSFW.
Clik here to view.

Instart Logic Is Now Instart

Rebranding Reflects Corporate Vision for Making Digital Properties Faster, More Appealing and Profitable PALO ALTO, Calif. (BUSINESS WIRE) Instart , the company helping thousands of leading brands...

View Article

Image may be NSFW.
Clik here to view.

48小时内劫持3亿次浏览器会话的iOS恶意攻击

本月,一场针对iOS设备的大规模恶意攻击活动在短短48小时内劫持了多达3亿次的浏览器会话。Confiant的研究人员于11月12日观察到了此次攻击,并在对其跟踪后表示此项活动背后的威胁行为者至今仍然活跃。 恶意页面...

View Article

Image may be NSFW.
Clik here to view.

SQL注入常规Fuzz全记录

前言 本篇文章是在做ctf bugku的一道sql 盲注的题(题目地址: 注入题目 )中运用了fuzz的思路,完整记录整个fuzz的过程,给师傅们当点心,方便大家加深对web sql注入 fuzz的理解。 进入主题 1.访问题目,是个典型的登录框...

View Article
Browsing all 12749 articles
Browse latest View live




Latest Images