Clik here to view.
东软安全提出业务驱动安全理念 赋能智能网联汽车信息安全产业
【赛迪网讯】随着信息技术不断发展,网络技术及设施已经成为现代化社会的基础,摩尔定律与贝尔定律更是为新一次的科技革命带来了可能。从工作站到个人电脑,从个人电脑再到智能手机,很显然,科技的进步和新技术的出现正在改变着人们的生产和生活方式,而这场以信息技术为主要标志的工业变革仍在继续。...
View ArticleClik here to view.
Cyber Security Roundup for December 2018
The final Cyber Security Roundup of 2018 concludes reports of major data breaches, serious software vulnerabilities and evolving cyber threats, so pretty much like the previous 11 months of the year....
View ArticleClik here to view.
Hackers take over Chromecasts to warn owners about security risks
A couple of dutiful hackers have been hijacking thousands of Google’s Chromecast streaming dongles to warn users that the devices can be taken over, and remotely forced to play any YouTube video the...
View ArticleClik here to view.
NRSMiner updates to newer version
More than a year after the world first saw the Eternal Blue exploit in action during the May 2017 WannaCry outbreak , we are still seeing unpatched machines in Asia being infected by malware that uses...
View ArticleClik here to view.
7 Habits of a Highly Effective CISO: 2019 Data Security Resolutions
It’s 2019 and data is everywhere and what you can do with what is at your fingertips is truly transformative. It changes the way you look at your business, improves your productivity and simplifies...
View ArticleClik here to view.
3 GitHub Security Updates You Should Know
Developers don’t agree on much, but they sure do love GitHub. It is their first stop when looking for a bit of code to solve a problem and a great place to collaborate with other developers on public...
View ArticleClik here to view.
2018 Retrospective
I started doing these retrospectives 3 years ago in my first year of independence. I reckon they're a good thing for everyone to do if not in written form then at least mentally to look back on your...
View ArticleIntel admits chip security has a long way to go
A year on from the discovery of theSpectre and Meltdown processor flaws, Intel has admitted its work on security has only just begun. In a web post , Leslie Culbertson, an executive vice-president and...
View ArticleClik here to view.
5家新APT组织被披露,2019是“后起之秀”的天下?
“2018难过吗?不好意思,2019你还得照样过!”上班第一天,小赵的这句问候语算是真真切切地扎了心。这种感觉,就像是你花了三天时间灌的鸡汤付之东流,2018年那些糟心回忆似乎又回来了。 在网络安全领域2018年的糟心事儿的确也不少,这其中最属APT攻击让人印象深刻。而最新发现的APT组织以及与之匹配的隐蔽攻击手段似乎也在向各家网络安全公司宣誓――我们2019再见!...
View ArticleClik here to view.
区块链智能合约安全开发技术研究与实现
区块链智能合约具有高效实时更新、准确执行、去中心化等优点,但是智能合约执行过程中的漏洞问题却给用户及投资者带来较大困扰。针对以太坊上运行的智能合约安全防护问题,分析已发现漏洞类型,对智能合约整数溢出问题、可重入攻击、短地址漏洞三个智能合约安全漏洞典型问题,从 Solidity...
View ArticleClik here to view.
挖洞经验 | Oculus CDN服务器的XSS漏洞
我来分享一个Facebook旗下公司Oculus网站存在的类似XSS漏洞,该漏洞最终获得了Facebook官方$1500美金的奖励。 Facebook在2014年3月宣布以20亿美元收购虚拟现实(VR)头戴设备制造商 Oculus ,Facebook计划将Oculus的VR技术优势扩大至新的垂直领域,如通信、媒体和娱乐、教育及其他领域等。 Oculus发布了定制化开源的开发者项目( Custom...
View ArticleClik here to view.
安全研究的生命力在于对抗:绿盟确立五大实验室研究方向
2018年12月初,绿盟科技发布了以“智慧城市、云安全、企业安全”为主要场景的“安全运营+”体系,基于其智慧安全2.0战略(产品到方案和运营)思路,确定了未来绿盟科技安全运营业务的主要方向。12月26日,绿盟科技再次将其多年的安全研究资源聚焦,发布了由绿盟科技安全研究院孵化而出的五大安全实验室和对应的五大方向。希望通过体系化的研究,为其产品和方案,乃至交付后的安全运营,提供更有力的支撑,更好的解决客...
View ArticleClik here to view.
个人信息黑产链:内鬼与黑客并存,一次交易动辄数十万条
[ 摘要 ]澎湃新闻在中国裁判文书网检索到近五年共75份判决书后发现,在侵犯公民个人信息的案件中,犯罪嫌疑人盗取公民个人信息的主要渠道有三:通过网络廉价购买大量信息二次倒卖、利用职务之便盗取信息和利用黑客技术攻入计算机系统。...
View ArticleClik here to view.
华为率先完成中国5G研发试验第三阶段核心网安全技术测试
1月3日,IMT-2020(5G)推进组(5G推进组)组织发布消息称:由5G推进组组织的中国5G技术研发试验第三阶段测试中,华为率先于2018年12月27日以100%通过率完成5G核心网安全技术测试。 5G推进组称,网络安全是5G规模商用的关键能力,本次率先完成全部(必选及可选)网络安全技术测试的内容,再次证明华为在网络安全方面具备深厚的技术积累,为运营商5G的规模商用已经做好准备。...
View ArticleClik here to view.
Use Best Practice Questions on the Way of Getting CompTIA Security+, Network+...
CompTIA Certifications:CompTIA is known for its in-demand certifications over the globe. It offers training courses and prep materials for thousands of people, who wish to work in IT or upgrade their...
View ArticleClik here to view.
The Future of Cybersecurity A 2019 Outlook
From the record-breaking number of data breaches to the implementation of the General Data Protection Regulation (GDPR), 2018 will certainly go down as a memorable year for the cybersecurity industry....
View ArticleClik here to view.
How to Stay Ahead of Data Retention Requirements Part 1
Home Blog DevOps How to Stay Ahead of Data Retention Requirements Part 1 Record keeping tasks such as data retention and disposal are an essential part of business management and regulatory...
View ArticleClik here to view.
谷歌坐视不理Chromecast漏洞多年 现被黑客利用
[ 摘要 ]谷歌没有解决这个存在多年的漏洞,导致任何人都可以访问Chromecast,劫持流媒体视频 腾讯科技讯 据外媒报道,几年前,谷歌曾被警告其Chromecast流媒体电视棒存在漏洞,但它一直没有理会。现在,黑客正在利用这个漏洞。安全研究人员说,如果不赶紧修复这个漏洞,情况可能会变得更糟。 一位名叫“长颈鹿黑客”(Hacker...
View ArticleClik here to view.
Dual UPnP-Chromecast Exploit Allows Hacker to Hijack Devices, Force Any...
A Google Chromecast Ultra. Photo: Gizmodo Hackers have discovered a bug that allows attackers to seize control of Google’s Chromecast media streaming player, making it possible to force the device...
View ArticleHuawei CEO defiant on security claims, vows to be so good, 'no market can...
Increasingly in the crosshairs of government paranoia and beset by its place in the US-China trade war, Huawei's rotating chairman Guo Ping has come out swinging in a letter to staff. There's no...
View Article
