Aggregator

Cybersecurity Awareness Month 2022: Recognizing & Reporting Phishing

NIST | Cybersecurity Insights
2 years ago
This blog will officially wrap up our 2022 Cybersecurity Awareness Month blog series — today we have a special interview from Marian Merritt, deputy director, lead for industry engagement for the National Initiative for Cybersecurity Education (NICE)! Marian will be discussing the importance of recognizing and reporting phishing incidents in detail. A phishing attack is an attempt to fool an individual into sharing private information or taking an action that gives criminals access to your accounts, your computer, login credentials or even your network. This week’s Cybersecurity Awareness
Marian Merritt

JAVA-JDBC反序列化

M1kael‘s Blog
2 years ago
前言示意图学习这个知识点之后,就可以面向数据库操作了先就是简单的与数据库交互的操作,但在这之前需要下载自己需要的对应数据库驱动这里以mysql为例:mysql的驱动package com.mte...
M1kael

IOS逆向之某抓包APP

浮萍
2 years ago
0x00 前言

本文的测试目标是一个抓包的APP,可以使用hook或者代理的方式来获取高级功能,如解密HTTPS流量、重写HTTP请求以及重放等功能。由于个人账户(没有付费成为苹果开发者账号)的限制,注入打包后,无法正常使用抓包功能,因此算是一篇半成品,不过本文主要提供一些思路以及介绍一下数据之间的转换。

浮萍

IOS逆向之appsflyer平台解密

浮萍
2 years ago
0x00 前言

前段时间有这样一个需求,需要抓一下IOS端下appsflyer这个平台的数据,于是就帮忙看了一下。这里其实和APP没多大关系,需要接入appsflyer这个平台的APP就可以,然后将抓包获取的加密数据进行解密。

浮萍

记一次简单计算验证码的识别过程

浮萍
2 years ago
0x00 前言

某CMS的验证码是简单的计算验证码,都是一位数的加减乘除运算,之前尝试用分割的方法识别,但成功率较低。后来采用了pytorch训练后进行识别,可以达到98%以上的识别率,于是整理一下过程,水一篇文章。

浮萍

记一次APP爬虫比赛

浮萍
2 years ago
0x01 前言

5月中旬的时候,猿人学举行了一个APP爬虫大赛,共设10题,主要涉及Android反混淆,双向认证,tls指纹对抗等技术。而且只需要答对一题就有参与奖,即可获得一件猿人学定制T恤。另外第一题不涉及so,仅涉及java层加密。为了T恤,立马去报了名参赛。

浮萍

BlueBleed Data Leak

X-Force Exchange - Collection Feed
2 years ago
Summary SOCRadar, a cyber intelligence company, has reported that they have discovered a data leakfrom a Microsoft Azure Blob Storage location. Microsoft has acknowledged the incident. However, details on the severity of the leak vary between Microsoft and the SOCRadar report. Threat Type Data Leak Overview Microsoft has published a blog on their Security Response Center in response to a report from a cyber intelligence company called SOCRadar. SOCRadar discovered and reported on a data leak in a misconfig

Student Insights on Cybersecurity Careers

NIST | Cybersecurity Insights
2 years ago
Hi, our names are Aubrie, Kyle, and Lindsey! We participated in internships at the National Initiative for Cybersecurity Education (NICE) Program Office this past year. This is a career pivot for Aubrie, meaning this is her introduction to cybersecurity from another career; she is earning her master’s with a concentration in cybersecurity. Kyle was an undergraduate intern majoring in Computer Engineering. He is almost finished with his education and will soon be transitioning into the workforce. Lindsey is a high school member of the program. The three of us come from different academic and
Aubrie Kendall, Kyle Truong, Lindsey Walter

Trustlook's Integration with OKC (OKX Chain)

Trustlook
2 years ago

San Jose, California, Oct. 19, 2022, Trustlook, the global leader of  AI-powered cybersecurity, today announced an integration with OKC (OKX Chain) an EVM-compatible L1 built on Cosmos with a focus on true interoperability (IBC) and maximized performance. Trustlook will provide their extensive portfolio of blockchain security products to OKC, which

Lifan Xu

Managed ad