Clik here to view.
欺骗防御入门:花最少的时间、金钱和资源得到最大效能
欺骗技术能赋予防御者其他防护技术所不具备的优势:通过布置满是鲜香美味诱饵的雷区,诱使攻击者暴露出自身意图和手段,实现早期准确检测。FBI和其他顶级司法机构早已使用此类技术诱捕儿童色情犯和金融大盗一类的罪犯了。...
View ArticleClik here to view.
One in three networks has exposed passwords
Passwords are exposed in Group Policy Preferences in 32.2 percent of networks, according to new research, leaving them open to the risk of hackers traveling laterally through the network. The study...
View ArticleOverstock’s Investment Wing Uses Digital Tokens to Acquire Shares from...
CoinSpeaker Overstock’s Investment Wing Uses Digital Tokens to Acquire Shares from Security Startup Medici Ventures, Overstock .com’s investment wing, has acquired digital tokens translating to 3.6...
View ArticleInformation Security Manager Salary and Job Outlook
As information security continues to be a pressing concern in all sectors of business and government throughout the world, the job of information security manager is constantly in demand. Let’s take a...
View ArticleClik here to view.
Top 10 Logz.io Features and Announcements in 2018
Home Blog Community Top 10 Logz.io Features and Announcements in 2018 What a year this has been for Logz.io! It’s been an event-packed year for both our users and our community, with a myriad of new...
View ArticleA Post-Compliant World? Part 1
Over the next three articles, we will consider the past, present and future state of infosec compliance. Please note that these are personal views, not necessarily shared by past employers....
View ArticleClik here to view.
MailChimp deleted my account with no warning or notification
I make and sell a security product called the SC4-HSM which, among other things, acts as a FIDO U2F key . A few days ago I was contacted by an independent security researcher named Christian Reitter...
View ArticleClik here to view.
Spring Security系列之授权过程(七)
前言 本文是接上一章 Spring Security系列之认证过程(六) 进一步分析Spring Security用户名密码登录授权是如何实现得; 类图 调试过程 使用debug方式启动https://github.com/longfeizheng/logback该项目,浏览器输入http://localhost:8080/persons,用户名随意,密码123456即可; 源码分析...
View ArticleClik here to view.
Serious Security: When cryptographic certificates attack
Artificial intelligence, fuzzy logic, neural networks, deep learning… …any tools that help computers to behave in a way that’s closer to what we could call “thinking” are immensely useful in fighting...
View ArticleClik here to view.
Norton LifeLock Research Identifies American Cyber Literacy Gap
Norton LifeLock Enlists Former MythBuster Kari Byron To Expose Cyber Myths Placing Consumers’ Personal Information At Risk MOUNTAIN VIEW, Calif. (BUSINESS WIRE) More than half of Americans (53 percent)...
View ArticleClik here to view.
2018 Annual Digest of Identity and Access Management
Identity and Access Management continues to be a key component in building an enterprise’s cyber security strategy. Today we are presenting our observations of Identity and Access Management in 2018....
View ArticleCoinPoker offers 1,000,000 CHP to anyone who debunks their transparent card...
Cryptocurrency poker platform CoinPoker releases open source random number generation software, allowing players to participate in card shuffling and verify the fairness of hands. The software is an...
View ArticleClik here to view.
Beyond Scanning: Don’t Let AppSec Ignorance Become Negligence
In recent months, as I’ve worked with more and more prospects and customers, I’ve started to see an interesting trend: As more agile dev teams become responsible for their own security posture, they...
View ArticleClik here to view.
Vulcan plans to test AI security system on Seattle plaza, capable of scanning...
Vulcan plans to test AI security system on Seattle plaza, capable of scanning passersby for threats by Mark Harris on December 19, 2018 at 7:17 amDecember 19, 2018 at 7:19 am Listen to our new podcast...
View ArticleClik here to view.
Huawei will spend $2 billion to rebuild its international reputation
A campaign against Huawei has been underway for some months, led by the United States of America, to which many other countries are joining. The Chinese giant is afraid of its alleged ties with the...
View ArticleClik here to view.
Sophos 在XG Firewall 中加入横向移动保护功能以阻止网络威胁散播
2018年 12月18日 -全球网络及端点安全领导厂商Sophos (LSE: SOPH) 今天宣布,其下一代 SophosXGFirewall现已加入横向移动保护功能,以便阻止人工操纵的针对性网络攻击或漏洞利用在受感染的网络中进一步渗透。 根据SophosLabs 2019...
View Article新华社:黑客攻击“零门槛”、涉网犯罪“链条化
从6月视频网站Acfun受黑客攻击造成千万用户数据外泄,到近期华住、万豪等企业因被“黑”致上亿客户个人信息泄露,今年以来黑客类犯罪频频进入公众视野。 记者日前从北京市公安局网安总队了解到,黑客类犯罪逐步呈现数量多、范围广、链条化的新特点,“零门槛”学会黑客攻击,获得大量信息后进行勒索或靠售卖信息为网络诈骗、色情、赌博等恶性犯罪“输血供电”的行为层出不穷。 黑客犯罪频发 已成涉网犯罪核心...
View ArticleClik here to view.
关于TLS/SSL协议
由于http协议是明文传输,安全性差,因此要利用https来进行加密传输,关键点在于TLS/SSL协议 一、TLS/SSL协议的发展 SSL(安全套接层)最初在1994年创建,作为http的扩展,后来逐步发展为独立协议,并更新了三个版本(v1.0、v2.0、v3.0),后来在v3.0基础上标准化了该协议,并命名为TLS(传输层安全协议v1.0)。因此,TLS可以理解为SSL协议的升级版。...
View ArticleClik here to view.
检测了3万多份智能合约,这份白皮书找到了9大智能合约安全漏洞(附下载链接)
以太坊智能合约数量与日俱增,其安全问题也随之暴露。攻击者利用安全漏洞对智能合约进行攻击,导致数字资产发生丢失或被盗取。故加强区块链智能合约的安全性随着以太坊合约的增加逐步进入大众视野,成为了区块链智能合约开发中工作中的一个难题。 近日,区块链安全研究中心(由中国信息通信研究院泰尔终端实验室、上海交通大学网络空间安全学院、上海掌御信息科技有限公司共建)、中国区块链应用研究中心等机构联合发布了...
View Article
