Quantcast
Channel: CodeSection,代码区,网络安全 - CodeSec
Browsing all 12749 articles
Browse latest View live

Ingres 11 Technical Preview

Version 11 of Actian's Ingres open source RDBMS, is going to be a major release as indicated by the jump in the version number. The sequence goes 10.0.0, 10.1.0, 10.2 and from there to 11. This heralds...

View Article


Image may be NSFW.
Clik here to view.

基于Libevent转发的内网端口暴露(三):添加SS5代理功能

比较好奇Shadowsocks代理是怎么工作的:为什么这么流行这么火?而且实际用起来的速度比vpn、https等代理的速度快的多!查了一下,其是基于sockets5(后面简称ss5)的代理,而ss5的规范文档RFC1928/RFC1929就两三页,算是我看到的最简短的RFC文件了。实际数据流上,就是ss_client告诉服务器自己要访问的主机和端口,然后把本地请求的数据发到ss_server,ss_...

View Article

Image may be NSFW.
Clik here to view.

详解https是如何确保安全的?

Https介绍 1 什么是Https HTTPS(全称:Hypertext Transfer Protocol over Secure Socket Layer),是以安全为目标的HTTP通道,简单讲是HTTP的安全版。即HTTP下加入SSL层,HTTPS的安全基础是SSL,因此加密的详细内容就需要SSL 2 Https的作用 内容加密建立一个信息安全通道,来保证数据传输的安全;...

View Article

Image may be NSFW.
Clik here to view.

Introducing the p-hacker app: Train your expert p-hacking skills

[This is a guest post byNedBicare, PhD] Start the p-hacker app! My dear fellow scientists! “If you torture the data long enough, it will confess.” This aphorism, attributed to Ronald Coase , sometimes...

View Article

Image may be NSFW.
Clik here to view.

再看API设计――从黑客的角度

互联网的高速发展以及多终端设备的广泛使用使得前后端分离架构变成了必须,越来越多的网络应用暴露出API以便于前端的使用,RESTFul API的设计成为了业界主流的设计范式。在持续的业务增长以及后端技术的革新中,微服务架构(Microservice)崭露头角,解决了单体应用(Monolithic...

View Article


Solar-storm: A serious security exploit with Ethereum, not just the DAO

Another exploit in Solidity, a javascript-like language that Ethereum uses for smart contracts, has been discovered that impacts all of Ethereum and not just the DAO. Ethereum contracts call out to...

View Article

Image may be NSFW.
Clik here to view.

The Not-So Odd Couple of DDoS and WAF

Posted byBen Desjardins on Jun 21, 2016 inSecurity |0 comments As the saying goes in the real world, “necessity is the mother of invention.” However, those of us that work in the technology sector...

View Article

New Study: We Can't Stop Using Our Phones for Business On Summer Vacation

A new study has proven what we all know in our guts already. Intel Security announced that 55% of us who plan to unplug during a summervacation don't actually do that, according to their own survey...

View Article


Image may be NSFW.
Clik here to view.

Shining a light on application layer DDoS attacks

DDoS attacks are rightly understood as one of the biggest cyber threats today, with their frequency and size growing every year and their financial consequences more dire than ever. DDoS attacks...

View Article


Image may be NSFW.
Clik here to view.

A Peek into BlackMoon’s Sustained Attacks against South Korea

A few months ago, wetalked about a malicious campaign that targets South Korean users in the form of malware known as BlackMoon . BlackMoon is a banking Trojan that installs a proxy auto-config file...

View Article

Image may be NSFW.
Clik here to view.

Bunnie and EFF Sue US Goverment over DMCA 1201

This morning Bunnie Huang wrote about his reasons for suing the US Government over Section 1201 of the Digital Millennium Copyright Act (DMCA). The DMCA was enacted in 1996 and put in place...

View Article

Image may be NSFW.
Clik here to view.

Microsoft launches Azure Security Center out of preview

Microsoft today announced that it’s releasing the Azure Security Center service ― for detecting and making recommendations about security vulnerabilities ― out of preview. Azure Security Center became...

View Article

Image may be NSFW.
Clik here to view.

Feedback Loops: Seeing the Invisible (Part 2 of 2)

Seeing the Invisible In our last article we discussed feedback loops and taking a defensive thinking approach . We identified three key areas to gain feedback in your stack that aligns security and...

View Article


Image may be NSFW.
Clik here to view.

Microsoft given 3 months to fix Windows 10 security and privacy

France’s privacy watchdog has declared that windows 10 is gobbling up too much data and snooping on users’ browsing without their consent. The National Data Protection Commission (CNIL) has given...

View Article

Security Sessions: Protecting data when it’s increasingly mobile

There’s no doubt that the corporate world is more mobile, with employees working both on the road, in their homes or down at the local coffee shop. A huge challenge for enterprise IT security is to...

View Article


Image may be NSFW.
Clik here to view.

开源代码,被忽视的安全漏洞数量惊人

开源代码,被忽视的安全漏洞数量惊人 4小时前来源:IT之家 IT之家讯 提到开源代码,很多企业都乐于使用,原因是成本很低,而且也很好用。不过正是由于使用广泛,如果开源代码中存在漏洞,它们被用到企业应用软件中的几率也随之上升,由此产生的软件漏洞数量也十分惊人。 php?url=0DyLDktJBJ" alt="开源代码,被忽视的安全漏洞数量惊人"...

View Article

Image may be NSFW.
Clik here to view.

外媒爆料:苹果公司产品再曝安全漏洞!

外媒爆料:苹果公司产品再曝安全漏洞! 9小时前来源:与非网 苹果公司已经在OS X和IOS系统中发现五个与Android系统手机惊人相似问题并发现了著名的Stagefright漏洞,此漏洞允许攻击者通过恶意图像控制苹果设备。当苹果产品处理某些类型的图像文件时,该漏洞就会出现,受影响的产品包括OS X,iOS的,TVOS和watchOS。...

View Article


军工、网安即将吹响上攻“集结号”

军工、网安即将吹响上攻“集结号” 20小时前来源:中国电子政务网 近期,在恐怖袭击和地缘冲突增多的环境下,军工信息化、网络安全这样的A股“精兵强将”有望拥抱长期牛市,在下半年吹响上涨行情“集结号”,且将大概率加速上冲新高地。 现代战争是信息化的竞赛 板块机会凸显...

View Article

Image may be NSFW.
Clik here to view.

企业安全集团还没影 传360又要成立名叫“网神”的新公司

企业安全集团还没影 传360又要成立名叫“网神”的新公司 1小时前来源:TechWeb 新浪科技讯 7月22日消息,奇虎360在美国东部时间7月15日成功完成私有化交易后,今日又有消息传出,360即将拆分成两家独立的公司,同时拆分已经获得周鸿yN和360内部高层的拍板。消息称,新公司名为360网神,将专注政府、企业安全产品和服务。360方面向新浪科技表示,目前尚未有新公司拆分的确切消息。...

View Article

Image may be NSFW.
Clik here to view.

黑客、病毒、木马……如何保护你的工业4.0?

黑客、病毒、木马……如何保护你的工业4.0? 20小时前来源:界面 当互联的计算机数量越来越多,局域网逐渐演变成了万维网;当机器和机器互联、机器与人互联,当更多的系统被整合到同一体系内时,工业也正从2.0、3.0迈向4.0时代。...

View Article
Browsing all 12749 articles
Browse latest View live