Quantcast
Channel: CodeSection,代码区,网络安全 - CodeSec
Browsing all 12749 articles
Browse latest View live

Awesome golang security

A curated list of awesome golang Security related resources. List inspired by the awesome list thing. Supported by: GuardRails.io Tools Web Framework Hardening nosurf - CSRF protection middleware for...

View Article



Image may be NSFW.
Clik here to view.

区块链语言Solidity校验椭圆曲线加密数字签名(附实例)

2018-12-26 14:43 来源: ccidbc 我们知道整个比特币,以太坊的基石就是椭圆曲线加密算法。所有的数据均需要发起者通过私匙签发,其它人通过非对称的公匙验证确实消息的真实性。下面我们就一起来了解一下椭圆曲线加密算法,并使用以太坊提供的工具对要发送的数据进行数字签名,以及使用Solidity区块链编程语言的ecrecover()校验数字签名的合法性。 椭圆曲线DSA(ECDSA)简介...

View Article

Is this secure for serialized data in App with NSCoding?

here is the things: there are some data sensitive which be stored in the device using NSCoding serialization. I'd like to know is there a way the other people can find the key and unarchived the...

View Article

Cryptocurrencies crashed in 2018. Now they’re right where they should be.

What a difference a year makes. As 2017 drew to a close, the total value of all the world’s cryptocurrencies was over $600 billion. Today it’s around130 billion. People who bought Bitcoin last...

View Article

Image may be NSFW.
Clik here to view.

监控平台前端SDK开发实践

作者简介:杨婷,美团点评点餐终端团队成员。 监控平台 监控的重要性和必要性不必多说,这是提高故障处理能力和保障服务质量所必须的一环。 那么监控究竟要做什么呢?简而言之:及时上报错误,收集有效信息,提供故障排查依据。...

View Article


Image may be NSFW.
Clik here to view.

如何玩转信息物理系统威胁与攻击建模?

作者 | 邬晶,宋蕾,龙承念,李少远 上海交通大学 摘要 信息物理系统安全问题日益突出,引起了世界各国政府和社会各界的高度关注。本文通过研究信息物理系统的安全目标,对攻击威胁进行了概述。总结了攻击实施的基本条件,并针对攻击实施的不同特征,提出了几类常用攻击的建模方式和攻击过程的结构化表征。从实施要素的角度对比了故障与攻击,为准确辨识攻击行为以及制定信息物理系统安全防护提供了模型基础。 1引言...

View Article

Image may be NSFW.
Clik here to view.

Future Crimes by Marc Goodman (Book Summary)

The book Future Crimes: Everything Is Connected, Everyone Is Vulnerable and What We Can Do About It by Marc Goodman is a chilling look at a spectrum of current and future threats to digital security...

View Article

Image may be NSFW.
Clik here to view.

数据出境安全管理制度研究及启示

大数据时代,数据被誉为“21 世纪的石油和金矿”。随着数据的基础性战略资源地位日益凸显,数据安全对国家安全的影响日益深刻,数据逐渐成为各国新一轮国际政治博弈中争夺的重要资源,数据跨境流动和出境安全管理也成为各方关注的敏感议题。本文选取了欧盟、美国、澳大利亚三个在数据出境安全管理方面有着突出特点的国家,分析各自的基本情况和主要特点,结合国内实际,思考我国如何构建数据出境安全管理体系。...

View Article


Cybersecurity Is Providing Information And Solutions Not Selling Fear

Read Kalev Leetaru’s article about how many companies are making profits selling fear of hacking rather than providing solutions on Forbes : The vulnerabilities of the digital era have become...

View Article


5 Best Practices For Mobile App Security

There are millions of mobile applications on all the app stores combined and they are increasing in number exponentially. However, this does not mean that all the apps out there are safe. In fact, the...

View Article

Spending Spree: What's on Security Investors' Minds for 2019

Cybersecurity threats, technology, and investment trends that are poised to dictate venture capital funding in 2019. The new year will bring waves of consolidation and innovation to the cybersecurity...

View Article

Image may be NSFW.
Clik here to view.

9 highlights from the 2018 Software Integrity Blog

From vulnerability detection to API security, these nine topics hit the highlights from our coverage of software security and quality this year. 1. The year 2017 broke records for the number of...

View Article

Image may be NSFW.
Clik here to view.

网藤能力中心 | Nuxeo认证绕过和RCE漏洞(CVE-2018-16341) 分析

本文介绍的两个漏洞由笔者发现并提交给官方,CVE编号为:CVE-2018-16341。有趣的是在官方10.3版本的发布日志中并没有提及该漏洞(CVE-2018-16341),但实际已被修复。 简介 Nuxeo Platform是一款跨平台开源的企业级内容管理系统(CMS)。...

View Article


Image may be NSFW.
Clik here to view.

Spring Security系列之退出(十三)

退出原理 清除Cookie 清除当前用户的remember-me记录 使当前session失效 清空当前的SecurityContext 重定向到登录界面 Spring Security的退出请求(默认为 /logout )由 LogoutFilter 过滤器拦截处理。 退出的实现 主页中添加退出链接 <a href="/signOut">退出</a> 复制代码...

View Article

Do I need a subscription for a Netgear Arlo security camera?

Best answer:Arlo cameras can do more for free than most connected cameras, but if you want your cameras to take advantage of any smart detection, that requires the Arlo Smart add-on. Amazon: Arlo Pro...

View Article


Recent Security Breaches, IoT Vulnerabilities Make Top Stories of 2018

Cybersecurity continues to be a key concern in an IT industry that often seems under siege by new and increasingly sophisticated attacks launched by ever-morphing combinations of threat actors,...

View Article

Better Static Code Analysis and Security Scans

I was listening to a talk from Stefan Simenon on their CI/CD transformation within ABN AMRO , a large financial company. One of the interesting things he noted was that they consider open source to be...

View Article


Image may be NSFW.
Clik here to view.

NINA GODBOLE INFORMATION SYSTEMS SECURITY PDF

INFORMATION SYSTEMS SECURITY: SECURITY MANAGEMENT, METRICS, FRAMEWORKS AND BEST PRACTICES. By (author) NINA GODBOLE. 17 Dec Information Systems Security: Security Management, Metrics, Frameworks And...

View Article

Image may be NSFW.
Clik here to view.

诗与胡说 - PrestaShop后台远程代码执行漏洞分析(CVE-2018-19126)

0x01 概述...

View Article

Cybersecurity 101: Five simple security guides for protecting your privacy

With hundreds of millions of people home for the holidays, now is a better time than ever to spread good tidings and cheer, and ― well, some much needed security advice for all the family. Security...

View Article
Browsing all 12749 articles
Browse latest View live




Latest Images