Apple security expert moves to ACLU as ‘public interest tech’ builds
“A senior Apple Inc security expert left for a much lower-paying job at the American Civil Liberties Union this week, the latest sign of increasing activity on policy issues by Silicon Valley privacy...
View ArticleClik here to view.
Is Someone Else Using Your Twilio Account? Best Practices to Protect Your...
With over 5 billion mobile phone users in the world, attackers are constantly finding ways to take advantage of unsuspecting people via their connected devices. Smishing ― using SMS to socially...
View ArticleClik here to view.
我是如何走进黑客世界的?
* 本文原创作者:MyselfExplorer;翻译编辑:楼兰, 本文属CodeSec原创奖励计划,未经许可禁止转载 我想给你一把打开这扇门的钥匙,而你要做的便是静静的聆听接下来的故事。挖掘0day一般需要掌握fuzzing,IDA Pro反汇编WinDbg调试等技术。 一点小东西 我最先接触到的是fuzzing,它所带来的自动化,让我陷入痴迷。...
View ArticleWhat does the Kubernetes privilege escalation flaw mean
RedHat has released CVE-2018-1002105 to help handle the recent privilege escalation flaw impacting Kubernetes that would allow users to gain full administrator access privileges to any compute node....
View Article万豪国际承诺:如果发生欺诈行为将支付新护照的费用
新浪 美股讯 北京时间12月5日, 万豪国际 的客户将获得免费身份盗窃监控软件,以监控账户。此前,一场大规模黑客攻击曝光了逾5亿人的数据。但在周一晚上,万豪表示,将进一步帮助受此次大规模黑客攻击影响的客户。 一位发言人表示:“由于涉及护照和潜在的欺诈行为,我们正在建立一个程序,与我们的客人合作,这些客人认为,由于他们的护照卷入了这起事件,他们经历了欺诈。”...
View ArticleClik here to view.
东进技术贺建楠谈IoT信息安全:与其坐而论道,不如加快行动
“面对IoT所蕴藏的庞大机会和数十倍数百倍连接增长可能,ICT厂家与其坐而论道,不如加快行动,从初始阶段就杜绝信息安全风险,推动市场更快成熟,也使这个生态中的利益相关者在拓展业务时得以免除后顾之忧,最终普惠整个社会。”东进技术总裁贺建楠谈及IoT时如是表示。 图:东进技术总裁贺建楠先生 甘当绿叶,还要行动...
View ArticleClik here to view.
Mac Developers Reminded to Have Their Apps Notarized as Apple Tightens Security
Apple today reminded Mac developers that it is encouraging them to have their apps notarized, meaning that the apps have been scanned by Apple and checked for malware and other security issues....
View ArticleClik here to view.
The Cryptopals Crypto Challenges 解题报告(1)
作者:上海交通大学蜚语安全(G.O.S.S.I.P)研究小组实习生张一苇 链接: https://cryptopals.com/ 参考: https://github.com/ickerwx/cryptopals 下载: PDF the cryptopals crypto challenges 中包含8组练习,共48个挑战。我们可以通过完成挑战,来学习密码学的相关知识。...
View ArticleSpeak Up: Pindrop Raises $90 Million to Expand Voice Security
We’re moving into an age of voice computing, and devices like Apple’s Siri or Amazon’s Alexa are just the beginning. Soon we will be using our voice to operate our front doors, offices and automobiles....
View ArticlePindrop raises $90 million for biometric voice authentication
Call center phone fraud is responsible for an estimated $14 billion in losses annually, and it’s on the rise. The frequency of attacks rose by an estimated 113 percent in 2018, which is bad news for...
View ArticlePindrop raises $90M to bring its voice-fraud prevention to IoT devices, and...
When it comes to how humans communicate with each other or with machines, voice is a major interface, with growth in the latter fuelled bythe rise of artificial intelligence, faster computing...
View ArticleClik here to view.
白硕:未来共识机制将如何演进和发展?三大趋势和新模式了解一下
11月30日,在由迅雷集团承办、互链脉搏支持的“2018国际区块链大会共识机制专题论坛”上,丹渥智能董事长、智子社区首席顾问、ChinaLedger技术负责人白硕参与大会并发表了题为“区块链共识机制的演进及未来发展方向”的演讲。 图:丹渥智能董事长、智子社区首席顾问、ChinaLedger技术负责人白硕...
View ArticleClik here to view.
APT最前线:疑似MuddyWater黑客组织使用新后门攻击土耳其政府
MuddyWater是一个早已名声在外的网络犯罪组织,自2017年以来一直很活跃。其目标群体遍布中东和中亚,主要的攻击手段是使用带有恶意附件的鱼叉式钓鱼电子邮件。最近,该组织被发现与今年3月份针对土耳其、巴基斯坦和塔吉克斯坦的一场攻击活动有关。...
View ArticleClik here to view.
针对美国智库、非盈利组织及公共部门的攻击事件
一、前言 路透社最近报道了针对全球各类目标的一次黑客攻击活动。在路透社相关报道发表之前,微软研究人员已经在密切跟踪这个攻击组织。 根据我们传感器收集到的数据,此次攻击活动主要针对的是公共部门机构和非政府组织,如智库和研究中心等,但也包括教育机构以及石油、天然气、化学、酒店领域的私营企业。 使用 Microsoft Threat Protection...
View ArticleActiv8me fronts court again over misleading consumer allegations
The competition watchdog, the ACCC, has initiated court action against Internet provider Activ8me for allegedly making false or misleading representations over advertising of its broadband services....
View ArticleClik here to view.
5 Online Security Measures to Survive as an eBusiness
Cybersecurity is a broad term that encompasses all the technologies geared toward protecting networks and computers, along with the software and data kept on them. While more and more data today can be...
View ArticleClik here to view.
900+软件中招 “网赚”成“微信支付”勒索病毒重灾区
12月初,一款“奇葩”的勒索病毒在国内爆发后并被360等安全公司迅速破解,这款勒索病毒被打上了N种标签,“微信支付”“支付宝盗号”“95后黑客”“供应链污染”“灰产软件中招”……...
View ArticleClik here to view.
勒索病毒与时俱进玩出新花样,黑色产业链恐更难斩断
文/东方亦落 近日,互联网中有许多人表示遭到了新型勒索病毒的攻击。该病毒锁死受害者文件并通过微信二维码的方式勒索赎金。这种勒索方式就和去年流行的WannaCry“蠕虫”病毒一样,只不过它不收取比特币,而是用微信扫码之后支付110元赎金方可获得密钥。此外,该病毒还会窃取用户的淘宝、天猫、支付宝、QQ等账号密码。...
View ArticleClik here to view.
渗透测试之子域名探测指南
原文链接:https://blog.appsecco.com/a-penetration-testers-guide-to-sub-domain-enumeration-7d842d5570f6 前言...
View Article
