Quantcast
Channel: CodeSection,代码区,网络安全 - CodeSec
Browsing all 12749 articles
Browse latest View live

Image may be NSFW.
Clik here to view.

女黑客SandboxEscaper第三次在Twitter披露未修复的Windows 0day

这是女黑客 SandboxEscaper 在四个月来第三次发布存在于微软 windows 中的 0day 漏洞,并且还提供了可读取未授权位置的利用代码。 她发布了影响 ReadFile.exe 的一个安全漏洞,如该文件的名称所示,可允许攻击者从特定位置读取数据。 PoC 利用代码证实有效...

View Article



Image may be NSFW.
Clik here to view.

Whistleblowing app Blind admits security lapse exposed messaging data

ByRoger Fingas Friday, December 21, 2018, 06:22 am PT (09:22 am ET) Blind, an anonymous whistleblowing app said to have users at Apple and other large tech corporations, has acknowledged that it...

View Article

Image may be NSFW.
Clik here to view.

XSS worm A creative use of web application vulnerability

In my free time, I like to do some bug bounty hunting. For some reasons, I’ve been doing this almost exclusively for Swisscom. One of the reason is that the scope is very broad and I like to have this...

View Article

Image may be NSFW.
Clik here to view.

Why Questioning is Pivotal to Successful Career in Web Security?

Questioning is pivotal to success in web security and you need to ask the WHY question almost every time (why did this work and why did this not work) and answer them yourself. As you start practicing...

View Article

Week 20: Quietly releasing 0.3

Protecting liberty by simplifying security Recap : We’re building Fluidkeys, to help you easily send end-to-end encrypted secrets using PGP. Using Fluidkeys reduces the impact of third-party data...

View Article


Image may be NSFW.
Clik here to view.

Introducing Dexter

Prioritizing security is not just a part of Coinbase’s culture, it’s necessary to our success. Traditional financial institutions have always required a high level of security to protect their...

View Article

Image may be NSFW.
Clik here to view.

OVERRULED: Containing a Potentially Destructive Adversary

Introduction FireEye assesses APT33 may be behind a series of intrusions and attempted intrusions within the engineering industry. Public reporting indicates this activity may be related to recent...

View Article

从0开始你的域渗透之旅

从0开始你的域渗透之旅 0x01 前言 ps:我们四个两个月前挖的坑,现在都还没填上。 不多BB,这个Book主要是介绍了域的搭建,有小型环境,大型环境,还有域渗透常用的工具,里面提到的都是常用的,emmm,我们会尽量去完善,业余时间比较紧张。 0x02 章节 Start 搭建实验环境 凭证窃取 探测域环境 攻击 提权 bypass AV 密码破解 C2维持 other...

View Article


Image may be NSFW.
Clik here to view.

VRO code to apply a NSX security tag

I recently created an environment that had a VRA XaaS to apply a security tag to individual virtual machines. I wanted to share the code I wrote to speed up your adoption. In this case we have a...

View Article


Image may be NSFW.
Clik here to view.

Truehost Cloud offers free SSL Certificates this festive season to nab in...

Tech Truehost Cloud Limited, a premier cloud computing company with operations in Kenya and Nigeria has started offering free SSL certificates to all users across the globe. This was revealed by the...

View Article

Image may be NSFW.
Clik here to view.

EOS再次受黑客攻击,准备要硬分叉,出现两个EOS?

据IMEOS报道,ToBet 12月19日凌晨2点遭到黑客恶意攻击,损失22000个EOS。 BetDice损失20万EOS,EOS...

View Article

Image may be NSFW.
Clik here to view.

陆宝华:建立科学的网络安全人才评价体系

网络安全离不开人才的支撑,网络对抗说到底也是人才的对抗。如何培养网络安全人才,对人才的评价是至关重要的,建立一个合理的人才评价体系,对于培养网络安全人才的重要性是不言而喻的。从人才评价体系的必要性、重要性及科学性等方面阐述了自己的观点:指出了网络安全需要一个建立数学基础上的完备的理论体系;需要对人才进行分类、分级。并给出了人才评价的标准和方法的思路。还提出一些新的观点:安全是没有受到威胁的状态。...

View Article

Automated Cyber Attacks Are the Next Big Threat. Ever Hear of 'Review Bombing'?

Opinions expressed by Entrepreneur contributors are their own. If you think hacks are bad now, just wait a few more years-- because "the machines" are coming. Related:3 Ways To Protect Your Company's...

View Article


Implementing Security Groups in OpenStack using OVN Port Groups

Some time back, when looking at the performance of OpenStack using OVN as the networking backend, we noticed that it didn't scale really well and it turned out that the major culprit was the way we...

View Article

Image may be NSFW.
Clik here to view.

Make CI/CD Fast and Secure

Twain Taylor Twain is a guest blogger for Twistlock and a Fixate IO Contributor. He began his career at Google, where, among other things, he was involved in technical support for the AdWords team. His...

View Article


Image may be NSFW.
Clik here to view.

How I accidentally found a clickjacking “feature” in Facebook

I would’ve never thought that one of my first blog posts will be about looking for bugs in Facebook. I don’t consider myself a bounty hunter, and had never actively looked for bugs. I focus mostly on...

View Article

Image may be NSFW.
Clik here to view.

FBI warns industry that hackers could probe vulnerable connections in...

Written by Dec 21, 2018 | CYBERSCOOP A port for communicating with control systems in buildings leaves unpatched devices on those networks exposed to hackers, the FBI warned the private sector this...

View Article


Image may be NSFW.
Clik here to view.

2019年最好的Android安全软件清单

我们都知道Android的安全生态环境比iOS要糟糕得多,尤其是在中国市场,由于Google Play缺席,本土应用分发市场的野蛮生长,安全审查缺乏标准,以及各种黑产利益的驱使,Android原生系统补丁更新不及时,甚至手机厂商和渠道新机预装全家桶,导致中国成为全球Android恶意软件的重灾区。...

View Article

Image may be NSFW.
Clik here to view.

Best Home Security Systems of 2019

U.S. News & World Report published its first 360 review of home security systems. The review compares both professionally installed and DIY systems, including Vivint Smart Home, ADT, Xfinity Home,...

View Article

Image may be NSFW.
Clik here to view.

Bubble Packed Chart with R using packcircles package

Tableau has chart type called “ Packed Bubble Chart ”, while I haven’t really utilized packed bubble chart much, I always thought they are fun and beautiful. I wanted to try creating same chart using...

View Article
Browsing all 12749 articles
Browse latest View live




Latest Images