北京联通成为首家支持IPv6 DDoS流量清洗的运营商
背景 为响应国务院办公厅印发了《推进互联网第六版IPv6部署的行动计划》通知,2018年中国联通已完成大部分的IPv6改造,对基础设施从城域网、骨干网、传输网、国际互联网等全面支持IPv6,实现骨干网/国际IPv6互联互通,业务/网络支撑系统、总部大数据平台、新增核心数据中心内系统支持IPv6。...
View ArticleClik here to view.
OpenMandriva Lx 4.0 Alpha 1 发布,dnf为软件包管理器
Cristina Sgubbi宣布推出即将推出的OpenMandriva Lx 4.0的第一个开发版本。新版本带来了包管理器的变化(转换到RPM 4和dnf),现在使用Clang 7.0编译分发。 今天我们很自豪地向您介绍OpenMandriva Lx 4.0主要版本Alpha1。...
View ArticleClik here to view.
密码算法应用及国际标准化情况
文 / 中国人民银行金融信息中心 董贞良 密码技术是确保金融领域系统的高安全性、交易敏感数据的机密性、交易终端的可认证性的基础和核心技术。本文简要综述了密码算法和商用密码算法国际化的基本情况、金融领域密码技术应用现状,介绍了国际标准化组织(ISO)发布的技术报告―金融服务密码算法及使用建议,为后续密码应用标准化相关工作打下基础。 国密算法国际标准化情况...
View ArticleHackers steal 234 BTC from Electrum wallets
The cryptocurrency community suffered another attack from hackers after unknown person(s) managed to steal 243 Bitcoin Core (BTC) (about $750,000) from Electrum wallets. Reportedly, the hacker or...
View ArticleClik here to view.
盘点:2018物联网安全大事件
毫无疑问,IoT 会继续增长。 万物互联已经取得了巨大进步,从零售到医疗、从可穿戴设备到智能汽车,IoT 正在影响所有行业。一项调查预估到 2018 年末,全球会有 200 亿个联网设备。 然而,承载广大用户海量隐私数据与普遍脆弱的 IoT 让攻击者看到“宝藏”。仅 2017 年,IoT 攻击暴增 600%。 火爆的 IoT 市场产品发布与上世纪 90...
View ArticleClik here to view.
Electrum Wallet Phishing Attack Nets Hackers $900K in Bitcoin
Hackers managed to steal close to $900,000 worth of Bitcoin from Electrum wallet users via a phishing attack. While the attacks seem to have come to a halt, Electrum Devs say the hackers can launch new...
View ArticleClik here to view.
The Daily: Electrum Users Targeted by Hackers, Huobi DM’s Daily Volume...
The Daily 1 min ago| By Lubomir Tassev - | The Daily: Electrum Users Targeted by Hackers, Huobi DM’s Daily Volume Exceeds $1B Electrum d evelopers have confirmed reports of an attack against the...
View ArticleBreaking Up the Crypto-Criminal Bar Brawl
This story was originally published on the E-Commerce Times on Sept. 25, 2018, and is brought to you today as part of our Best of ECT News series. As if e-commerce companies didn't have enough...
View ArticleClik here to view.
4 Ways to Ensure You Always Get Your Security Deposit Back
Whether by choice or by necessity, renting a home or apartment can come with many benefits, including the possibility of getting your security deposit back. For one, you don’t have to worry about...
View ArticleOracle Fusion SaaS Security with Oracle Analytics Cloud
The question that is often asked is: Can we leverage the same security we already have in Oracle Fusion SaaS (which includes users, duties, roles and security policies) to secure data in Oracle...
View ArticleClik here to view.
WannaCry still lies dormant on thousands of computers
Why it matters:Even after 18 months, WannaCry still poses a significant threat to businesses worldwide. According to Kryptos Logic, over half a million computers are still infected. The ransomware has...
View ArticleIs there a memory leak in the following code?
If I calculate the MD5 value of a file about larger than 200Mb,the app will speed lots of memory and crash.Is there any memory leak in the following code? Is there a better way to calculate the MD5...
View ArticleClik here to view.
Messing with SWD - Part I
Over the last number of weeks I have been tearing down and performing research into a device powered by an STM32F103x microcontroller. As this particular device had RDP (Read-Out Protection) set to...
View ArticleClik here to view.
BUF早餐铺 | 研究人员放出Microsoft Edge内存漏洞利用代码;法国VirusTotal捕获Shamoo ...
各位Buffer早上好,今天是 2018 年 12 月 29 日星期六。今天的早餐铺内容有:研究人员放出Microsoft Edge内存漏洞利用代码;法国VirusTotal捕获Shamoon 3新变种,使用过期的百度证书签发;澳洲西悉尼大学推出网络安全与行为学位;黑客利用攻击软件侵入平罗政府信息网站,获刑9个月;Android自带浏览器会泄露系统敏感信息,包括漏洞修没修。...
View ArticleClik here to view.
Ledger: Recently Discovered Wallet Vulnerabilities Not Critical
Ledger claimed that the recently uncovered vulnerabilities in their hardware wallets are not critical. Ledger claimed that recently uncovered vulnerabilities in its hardware wallets are not critical in...
View ArticleClik here to view.
Clik here to view.
HTTP身份验证渗透测试指南
在本文中,我们将为读者介绍如何给Apache Web服务器配置密码保护功能,从而限制没有经过身份验证的联机访问者的访问权限,可以向未经身份验证的用户隐藏某些关键的信息;与此同时,我们还会介绍如何对该配置存在薄弱环节的系统进行渗透测试。 HTTP基本身份验证(HTTP Basic Authentication)简介...
View ArticleClik here to view.
AY的AyCore.Shared的诞生笔记-安全【1】
AesShared使用,AyCore.Shared 原理语法: 安全性: Core内置的语法,然后二次封装 接下来封装Base64 string key = Base64Shared.Base64Encode("1234567812345678"); Console.WriteLine(key); // MTIzNDU2NzgxMjM0NTY3OA == string key2 =...
View ArticleClik here to view.
千万级下载量的Event-Stream如何被植入了可获取比特币的恶意代码
前几天,开源项目event-stream的维护者将恶意代码注入到了依赖项flatmap-stream中,目的为定向窃取使用比特币项目Copay的用户密码私钥等信息以间接盗取比特币,该事件一经曝光就在国内外比特币和开源社区引起广泛讨论。event-stream被很多流行的前端框架和库项目使用,月下载量达千万级。本文,我们就一起来梳理该事件,详细分析恶意源码作者所使用的后门代码和相关技术。 事件影响...
View ArticleClik here to view.
Tiny Things Matter The Story of a Stellar Lumens Exploit
Tiny Things Matter or Detective Novel Featuring StellarDEX OrbitLens TL;DR More than half a year ago I discovered a vulnerability in Stellar DEX that allowed an attacker to buy micro-amounts of any...
View Article