Quantcast
Channel: CodeSection,代码区,网络安全 - CodeSec
Browsing all 12749 articles
Browse latest View live

3 Reasons Why You Should Manage Your Third-Party Security Better in 2019

If you are worried about managing your third parties, you are not alone. Gartner reports that nearly 70% of chief audit executives reported third-party risk as one of their top concerns, but many...

View Article



Train for the fight against cybercrime at SANS London 2019

PromoAs new and ever more inventive threats keep crowding over the IT horizon, the security professional is under constant pressure to stay ahead of the cybercriminals. Prepare to meet whatever the...

View Article

2018年终总结

2018我觉得对我自己来说是需要总结的一年,所以稍微写一丢丢总结吧。 0x02 历程 其实早在2017年毕业时候就想着离开福建出去看看,但是由于一些其他原因就一直拖到了2018年过年前面试完360企业安全,决定跳开当前的舒适圈工作环境,试试新的开始。第一份工作每天重复性做着没有差别的工作,有一点疲倦和技能瓶颈了。...

View Article

Chromebooks to become a little safer from hackers with 'USB Guard' feature

Leaving your Chromebook unattended in a public place will get a little less dangerous soon. A new Chrome OS feature, noticed recently by ZDNet , will block access to the USB port while the Chromebook's...

View Article

25 Years Later: Looking Back at the First Great (Cyber) Bank Heist

The Citibank hack in 1994 marked a turning point for banking -- and cybercrime -- as we know it. What can we learn from looking back at the past 25 years? The banking industry was at a crossroads 25...

View Article


Image may be NSFW.
Clik here to view.

Ring security lights all but confirmed by FCC filing

A pair of outdoor security lights from Ring have leaked via two FCC filings . The documents, which were first spotted by Dave Zatz , indicate that Ring is preparing to launch two new outdoor lights ―...

View Article

Image may be NSFW.
Clik here to view.

Open Source Security Tools and Threat Hunting: The 10 Most Read Bricata Posts...

Every week we publish a blog post where we dive into a topic or study around network security. In 2018, we even produced original research Amid AI and Machine Learning, the Human Touch Remains Crucial...

View Article

Image may be NSFW.
Clik here to view.

USB-C Is Going to Get A Lot More Secure

As more devices move to USB-C for charging and data needs, it’s also becoming more clear that the tech needs improved security. Today, the USB Implementers Forum is announcing one such change with USB...

View Article


Image may be NSFW.
Clik here to view.

Sitecore Commerce security hardening note

Let’s start the New Year off with a fun Sitecore Commerce note. Using the latest Sitecore Commerce available today, that is running Sitecore 9.0 update-2 with Sitecore Commerce update-3 (you have to...

View Article


Image may be NSFW.
Clik here to view.

Cobalt Strike 3.13 Why do we argue?

Cobalt Strike 3.13 is now available. This release adds a TCP Beacon, process argument spoofing, and extends the Obfuscate and Sleep capability to the SMB and TCP Beacons. TCP Beacon Cobalt Strike has...

View Article

35C3 Junior CTF web writeup By Saferman

在这个月圣诞节和元旦节之间参加了这个比赛,这个比赛有二个 https://35c3ctf.ccc.ac 是难度较高的,还有一个是 https://junior.35c3ctf.ccc.ac/ 中等难度的。中等难度的题目总体来讲还是很符合Junior水平的 :-)。题目整体来讲都不难,只有一二道题花了较多时间,现在将自己的解题思路总结出来。 Blind 这题打开就是一个显示源码的页面,php如下:...

View Article

Image may be NSFW.
Clik here to view.

Identifying and Mitigating Security Risks of Pre-Shared Keys

Identifying and Mitigating Security Risks of Pre-Shared Keys kdobieski Wed, 01/02/2019 09:49 Security Risks Because there are two ends of communication with a PSK, there are two major areas of...

View Article

The Simple Social Security Move We All Need to Make Right Now

The Social Security Administration wants you to double check its work through your personalized and free online portal. Your account includes valuable information about your anticipated retirement...

View Article


Image may be NSFW.
Clik here to view.

Microsoft is adding two more Microsoft 365 SKUs for security and compliance

Today, Microsoft announced two new SKUs of its Microsoft 365 offering, which combines windows 10, Office 365, and Enterprise Mobility + Security (EMS). The new offerings are called Identity &...

View Article

5 steps to simple role-based access control (RBAC)

Despite all of the advanced attack scenarios we face in cybersecurity today, it seems like we continue to shoot ourselves in the proverbial feet with the simple things. Case in point: the 2017 Verizon...

View Article


Is Your Chief Security Officer Prepared for M&A?

Very few data breaches have garnered as much attention recently as the Starwood/Marriott breach in which up to 500 million records may have been accessed by an unauthorized user. It’s suspected that...

View Article

Image may be NSFW.
Clik here to view.

New in 2018.12: Safe web-browsing with Emsisoft Browser Security

“A browser extension that blocks bad websites without compromising your privacy?” What sounds like an attempt to square the circle, actually can be done. Almost all browser extensions that aim to block...

View Article


Image may be NSFW.
Clik here to view.

Newsmaker Interview: Bruce Schneier on Physical Cyber Threats

Bruce Schneier discusses the clash between critical infrastructure and cyber threats. Attacks on physical devices and infrastructure offer a new target for cyber crime, a new opportunity for espionage...

View Article

US-CERT Offers Tips for Securing Internet-Connected Holiday Gifts

Key steps to making those home Internet of Things devices just a bit safer. The Department of Homeland Security's US-CERT has welcomed the new year with advice to those who received Internet-connected...

View Article

Image may be NSFW.
Clik here to view.

Vulnerability Spotlight: Multiple privilege escalation vulnerabilities in...

Tyler Bohan of Cisco Talos discovered these vulnerabilities. Executive summary Today, Cisco Talos is disclosing several vulnerabilities in MacPaw’s CleanMyMac X software. CleanMyMac X is a cleanup...

View Article
Browsing all 12749 articles
Browse latest View live




Latest Images