IXUP partners with Servian on encrypted data collaboration service
Data collaboration company, IXUP, has signed a one-year partnership agreement with Australian-based data and analytics consulting firm Servian. The partnership agreement will deliver Servian access to...
View ArticleClik here to view.
Bitglass: Securing Smartsheet from Day One
Smartsheet is a software-as-a-service (SaaS) application that gives employees the ability to assign tasks, manage projects, and track their progress. According to Forbes , it is being used by 72...
View ArticleCybersecurity: a cultural issue
By James Taylor, Strategic Development Manager, UK and Ireland, for Nuvias If only I could manufacture a ‘Security Culture’ solution, package it and market it, I would have the most effective security...
View ArticleWeebit Nano appoints 40-year semiconductor veteran for China market push
Australian-listed Israel-based semiconductor company Weebit Nano has appointed Jackson Lam as vice-president Strategic Alliances, China, in an advisory capacity. Lam, who has almost 40 years of...
View Article万豪酒店被黑客入侵导致信息泄露
11月30日,万豪国际集团在官方微博账号上表示,其公司旗下喜达屋酒店的一个客房预订数据库被黑客入侵,多达5亿人次的详细信息可能遭到泄露。 万豪方面表示,一项集团内部的调查发现,自2014年以来,一名攻击者一直都能够访问该集团喜达屋(Starwood)部门的客户预订数据库,数据库中包含约5亿名客人信息,其中高达3.27亿人次的泄露信息包括名字、邮寄地址、电话号码、护照号码、生日、到达和离店信息等。...
View ArticleClik here to view.
应用安全:Web攻击手段及防御之―网络层或漏洞
常见的XSS攻击、SQL注入、CSRF攻击等攻击方式和防御手段,这些都是针对代码或系统本身发生的攻击,另外还有一些攻击方式发生在网络层或者潜在的攻击漏洞在这里也总结一下。 DOS/DDOS攻击 DOS攻击不是说攻击DOS系统,或者通过DOS系统攻击。 DOS攻击全称为Denial of...
View ArticleClik here to view.
RSA 数学原理
提起 RSA 大家一定不陌生,在开发中经常使用,也经常听同事说道。 前奏 对称加密 话说很久以前,人们就懂的了加密这个技术。在战争时期,间谍就会拿着 密文 和 密匙 来对信息就行传递。 这种简单的 密文 + 密匙(key) 就是 对称加密 加密: 明文 + 密匙 解密: 密文 + 密匙 非对称加密 由于这种加密方式过于简单,所以后来引入了数学算法。 RSA 就是由特殊的数学算法构成的,也是...
View ArticleCSRF, XSS, Sql注入原理和处理方案
含义 CSRF(Cross-site request forgery)跨站请求伪造,也被称为“One Click Attack”或者Session...
View ArticleClik here to view.
struts2架构网站漏洞修复详情与利用漏洞修复方案
struts2从开发出来到现在,很多互联网企业,公司,平台都在使用apache struts2系统来开发网站,以及应用系统,这几年来因为使用较多,被攻击者挖掘出来的struts2漏洞也越来越,从最一开始S2-001到现在的最新的s2-057漏洞,本文着重的给大家介绍一下struts2漏洞的利用详情以及漏洞修复办法。 先从1开始吧,S2-001影响的版本是Struts 2.0.0 - Struts...
View ArticleClik here to view.
专注Web及移动安全[红日安全30期]
渗透测试,web安全动态 -安全文章 -安全漏洞 -移动安全 -代码审计 标签:安全动态 安全技能 资源与工具分享 安全动态 [Security_week] 每日安全动态推送(03-02) --腾讯玄武实验室 https://mp.weixin.qq.com/s/1iSUSofBZsG2mopjLYg4Ow [Security_week] CNNVD最新漏洞(03-02) --CNNVD安全动态...
View ArticleClik here to view.
How Malware Can Easily Defeat Apple’s macOS Security
It was once a widely held belief among Apple enthusiasts that macOS (or OSX as it was then known) was a far more secure system than its windows or linux counterparts. Malware outbreaks were rarely...
View ArticleMarriott’s Starwood guest database faces a massive data breach affecting 500...
Last week, a popular Hospitality company, Marriott International, unveiled details about a massive data breach, which exposed the personal and financial information of its customers. According to...
View ArticleClik here to view.
The Biggest Myth in Blockchain: Transactions Per Second
The Biggest Myth in Blockchain: Transactions PerSecond And why you should ignoreit James Halladay Transactions per second. Network speed. Scaling. Whatever guise it comes in, the crypto community...
View ArticleClik here to view.
工业互联网背后的信息安全
以 “工业互联网安全” 为主题,中国信息协会信息安全专业委员会 (以下简称:信安委) 2018年年会,暨第八期网络安全创新发展高端论坛,上周四下午在北京召开。 作为信安委今年换届后的首次会员大会,会议主办方,信安委主任 叶红...
View ArticleEULA out, equity in: Why startups are now a part of larger companies'...
Written by Dec 3, 2018 | CYBERSCOOP Cybersecurity sales teams often spread the idea that companies with the most sophisticated data protection strategies got that way by spending the most money on the...
View ArticleHuawei opens a Vulnerability Reward Program with a max payout of ~$143,000
Mobile security is important for a number of reasons, no less because most of our personal lives now reside on our smartphones. From photographs to social media, anybody with malicious access to your...
View ArticleClik here to view.
YouTuber PewDiePie Promoted Via 50K Hacked Printers
A hacker claims to have commandeered 50,000 printers globally in order to print pamphlets promoting YouTube star “PewDiePie.” The alleged widespread hack sheds light on just how insecure printers are,...
View ArticleClik here to view.
Much Ado About Financial Services and Compliance
Why financial institutions should adapt a data-centric approach for compliance obligations Last September my colleague Alex Tay tackled the state of cybersecurity in Singapore and reasons for critical...
View ArticleBrandPost: Understanding the Attack Chain
Today’s security teams are struggling to keep pace with the changes in their networks. Multi-cloud , virtualization, the explosion of IoT and BYOD devices, agile software development, and the crushing...
View Article60 Cybersecurity Predictions For 2019
I’ve always been a loner, avoiding crowds as much as possible, but last Friday I found myself in the company of 500 million people. The breach of the personal accounts of Marriott and Starwood...
View Article