Sensor Intel Series: Top CVEs in February 2023
One IoT vulnerability stops growing, and another one starts. See what attackers are up to this month.
Aggregator
〖工具〗LadonGo开源全平台内网渗透扫描器
1 year 7 months ago
K8gege
How to Detect PoshC2 PowerShell Implants
1 year 7 months ago
PoshC2 is a proxy-aware cross-platform C2 framework that natively supports Docker. Once configured and executed, it generates over 100 modifications of fresh implants, written in PowerShell, C#, and Python. The framework has a modular architecture to enable users to add their own modules and tools. No wonder, that nowadays PoshC2 is one of the most … Continued
The post How to Detect PoshC2 PowerShell Implants appeared first on VMware Security Blog.
Oleg Boyarchuk
What?s New for Developers: March 2023
1 year 7 months ago
Jessica Capuano Mora
RSAC 2023 / AI背后的安全风险
1 year 7 months ago
今年RSAC的Final List中包含三家数据/隐私厂商,一家AI模型防护厂商,让人很难不与最近ChatGPT的爆火联系到一起。
合规利器 - AppScan 正式发布
1 year 7 months ago
合规利器- AppScan 正式发布背景 随着移动互联网的高速发展,各公司对保护用户的个人隐私安全意识
热点探讨:你手上正在玩的AI画图画对了嘛?
1 year 7 months ago
看图说话,我说你画画画,你画我猜猜猜。
“创新领航 智连世界”东软NetEye亮相第二届民航科教创新成果展
1 year 7 months ago
东软NetEye产品目前已为国内5亿多航旅用户出行提供网络安全保障。
一个隐藏在Go语言标准库中的目录穿越漏洞 CVE-2022-29804
1 year 7 months ago
一天,我看完了番剧后,闲着无聊审计了一下我用来做内网共享的小工具——"Go HTTP File Server"。
这是一个文件服务器,可以快速搭建http服务器共享文件.
启动的默认路径为当前路径(./)
白帽酱
OpenAI, MinIO, And Why You Should Always Use docker-cli-scan To Keep Your Supply chAIn Clean
1 year 7 months ago
ChatGPT recently announced a "plugin" capability which lets their revolutionary chatbot and API reach out and touch external resources, enabling prompt engineers to — essentially — build complete, working applications. Unfortunately their examples contain an outdated component which attackers are actively exploiting in other contexts.
【漏洞预警】MinIO 敏感信息泄露漏洞(CVE-2023-28432)
1 year 7 months ago
漏洞描述MinIO 是一种开源的对象存储服务,它兼容 Amazon S3 API,可以在私有云或公有云中使用。MinIO 是一...
匿名者
What Is Cloud Architecture?
1 year 7 months ago
What is cloud architecture? And what types of clouds are there? Cloud architecture defines how all the components that enable cloud computing come together.
Pavel Despot
关于企业日志脱敏治理的经验之谈
1 year 7 months ago
在个人信息保护越来越受到重视的当下,数据安全管控力度也不断加强,有关部门也对金融单位提出了更高的要求。
时代的鱼和个人的熊掌
1 year 7 months ago
写下这篇文章的时候大概是自由职业1周年,一年的时间说长不长说短不短,期间有很多经历很多感受,对我自己来说可能是一个很神奇的人生经历与阶段。
What the NIS2 Directive Means for Your Business and Your APIs
1 year 7 months ago
Learn how implementing a comprehensive cybersecurity program that addresses all aspects of API security can ensure compliance with the NIS2 Directive.
Steven Duckaert
Pancakes Con: Cyber + Interests = The Best Con (ever?!)
1 year 7 months ago
If you’re looking for an extremely wholesome conference to attend, look no further than PancakesCon. This conference requires speakers to talk about 2 things: (1) a brief talk about any cybersecurity topic and (2) a brief talk about something which is not IT-related. As you might imagine, this leads to some great talks!
Chatbots, Celebrities, and Victim Retargeting: Why Crypto Giveaway Scams Are Still So Successful
1 year 7 months ago
Shiran Guez
〇 - 自动化工具迅速打点命令集合 - zha0gongz1
1 year 7 months ago
总结梳理自动化弱点探测技巧
zha0gongz1
以放款额度为抓手的零售信贷数字化风控策略
1 year 7 months ago
风浪越大,鱼越贵!能力越强,额度越大!
Defeating Triple Extortion Ransomware: The Potent Combo of Ransomware and DDoS Attacks
1 year 7 months ago
Protect your organization from triple extortion ransomware ? the devastating combination of ransomware and a DDoS attack ? with these four steps.
Venkat Praneeth Nangineni & Steve Winterfeld