Aggregator

短视频的荣辱浮沉；跨境电商监管再升级，支付企业需提交资质证书；阿里证实正在进行无人驾驶研究；手机APP“流氓索权”：3300款APP拷贝少儿隐私；Microsoft Outlook曝严重安全漏洞；网易《第五人格》或加入“附近语音”功能

24K 纯金金融科技报告

连看了几年创新沙盒比赛，发现很多基本的安全产品思路还是会反复出现；在某一个细分领域，虽然不像国内市场呼啦啦十几家涌进来，但至少三家是肯定有的。入围公司质量参差不齐，有些明显因为赛道，或因创始团队光环，而候选公司本身并无特色。

ruby -v
ruby 2.5.1p57 (2018-03-29 revision 63029) [x64-mingw32]

C:\Ruby25-x64\lib\ruby\gems\2.5.0\gems\sqlite3-1.3.13-x64-mingw32>ruby setup.rb
config
---> lib
---> lib/sqlite3
---> lib/sqlite3/2.0
<--- lib/sqlite3/2.0
---> lib/sqlite3/2.1
<--- lib/sqlite3/2.1
---> lib/sqlite3/2.2
<--- lib/sqlite3/2.2
---> lib/sqlite3/2.3
<--- lib/sqlite3/2.3
---> lib/sqlite3/2.4
<--- lib/sqlite3/2.4
<--- lib/sqlite3
<--- lib
---> ext
---> ext/sqlite3
C:/Ruby25-x64/bin/ruby C:/Ruby25-x64/lib/ruby/gems/2.5.0/gems/sqlite3-1.3.13-x64
-mingw32/ext/sqlite3/extconf.rb
checking for sqlite3.h... yes
checking for pthread_create() in -lpthread... yes
checking for sqlite3_libversion_number() in -lsqlite3... yes
checking for rb_proc_arity()... yes
checking for rb_integer_pack()... yes
checking for sqlite3_initialize()... yes
checking for sqlite3_backup_init()... yes
checking for sqlite3_column_database_name()... yes
checking for sqlite3_enable_load_extension()... yes
checking for sqlite3_load_extension()... yes
checking for sqlite3_open_v2()... yes
checking for sqlite3_prepare_v2()... yes
checking for sqlite3_int64 in sqlite3.h... yes
checking for sqlite3_uint64 in sqlite3.h... yes
creating Makefile
<--- ext/sqlite3
<--- ext

C:\Ruby25-x64\lib\ruby\gems\2.5.0\gems\sqlite3-1.3.13-x64-mingw32>ruby setup.rb
setup
---> lib
---> lib/sqlite3
---> lib/sqlite3/2.0
<--- lib/sqlite3/2.0
---> lib/sqlite3/2.1
<--- lib/sqlite3/2.1
---> lib/sqlite3/2.2
<--- lib/sqlite3/2.2
---> lib/sqlite3/2.3
<--- lib/sqlite3/2.3
---> lib/sqlite3/2.4
<--- lib/sqlite3/2.4
<--- lib/sqlite3
<--- lib
---> ext
---> ext/sqlite3
make
generating sqlite3_native-x64-mingw32.def
compiling backup.c
compiling database.c
compiling exception.c
compiling sqlite3.c
compiling statement.c
linking shared-object sqlite3/sqlite3_native.so
<--- ext/sqlite3
<--- ext

C:\Ruby25-x64\lib\ruby\gems\2.5.0\gems\sqlite3-1.3.13-x64-mingw32>ruby setup.rb
 install
---> lib
mkdir -p C:/Ruby25-x64/lib/ruby/site_ruby/2.5.0/
install sqlite3.rb C:/Ruby25-x64/lib/ruby/site_ruby/2.5.0/
---> lib/sqlite3
mkdir -p C:/Ruby25-x64/lib/ruby/site_ruby/2.5.0/sqlite3
install constants.rb C:/Ruby25-x64/lib/ruby/site_ruby/2.5.0/sqlite3
install database.rb C:/Ruby25-x64/lib/ruby/site_ruby/2.5.0/sqlite3
install errors.rb C:/Ruby25-x64/lib/ruby/site_ruby/2.5.0/sqlite3
install pragmas.rb C:/Ruby25-x64/lib/ruby/site_ruby/2.5.0/sqlite3
install resultset.rb C:/Ruby25-x64/lib/ruby/site_ruby/2.5.0/sqlite3
install statement.rb C:/Ruby25-x64/lib/ruby/site_ruby/2.5.0/sqlite3
install translator.rb C:/Ruby25-x64/lib/ruby/site_ruby/2.5.0/sqlite3
install value.rb C:/Ruby25-x64/lib/ruby/site_ruby/2.5.0/sqlite3
install version.rb C:/Ruby25-x64/lib/ruby/site_ruby/2.5.0/sqlite3
---> lib/sqlite3/2.0
mkdir -p C:/Ruby25-x64/lib/ruby/site_ruby/2.5.0/sqlite3/2.0
<--- lib/sqlite3/2.0
---> lib/sqlite3/2.1
mkdir -p C:/Ruby25-x64/lib/ruby/site_ruby/2.5.0/sqlite3/2.1
<--- lib/sqlite3/2.1
---> lib/sqlite3/2.2
mkdir -p C:/Ruby25-x64/lib/ruby/site_ruby/2.5.0/sqlite3/2.2
<--- lib/sqlite3/2.2
---> lib/sqlite3/2.3
mkdir -p C:/Ruby25-x64/lib/ruby/site_ruby/2.5.0/sqlite3/2.3
<--- lib/sqlite3/2.3
---> lib/sqlite3/2.4
mkdir -p C:/Ruby25-x64/lib/ruby/site_ruby/2.5.0/sqlite3/2.4
<--- lib/sqlite3/2.4
<--- lib/sqlite3
<--- lib
---> ext
---> ext/sqlite3
mkdir -p C:/Ruby25-x64/lib/ruby/site_ruby/2.5.0/x64-msvcrt/sqlite3
install sqlite3_native.so C:/Ruby25-x64/lib/ruby/site_ruby/2.5.0/x64-msvcrt/sqli
te3
<--- ext/sqlite3
<--- ext

C:\Ruby25-x64\lib\ruby\gems\2.5.0\gems\sqlite3-1.3.13-x64-mingw32>irb
irb(main):001:0> require "sqlite3"
=> true

P.S. 鉴于个人水平有限，若有表述错误之处敬请指出，愿我

Every security team knows that the success of any security product relies heavily on the ability to maintain an optimal security configuration. Any misconfiguration can result in malicious or undesired traffic reaching the application, or worse - legitimate traffic being blocked. In addition, it can result in noisy false positive security events, which can eventually mask real attacks from being detected and blocked. What is Web Security Analytics? Akamai's new Web Security Analytics tool provides a single unified and efficient interface to assess a wide range of security events, perform analysis of events, and evaluate any needed changes in order to maintain an optimal security configuration. For example, customers can use this tool to better:

新一届RSA展会日渐临近，之前的创新沙盒是否还记忆犹新？吹去泡沫，创新沙盒委实是检阅和发现未来技术发展方向的优秀渠道，下面就让我们一起来粗略探究各公司到底有哪些创新点引人关注。

同款App，不同平台索取手机权限大不同，所谓的权限真有这么可怕？APP权限获取，点击同意后你的信息就已经……

前言 前段时间，晴天师傅在朋友圈发了一张ThinkPHP 注入的截图。最近几天忙于找工作的事情，没来得及看。趁着中午赶紧搭起环境分析一波。Think PHP就不介绍了，搞PHP的都应该知道。 环境搭建 本文中的测试环境为ThinkPHP 5.0.15的版本。下载，解压好以后，开始配置。首先开启deb

首先编写这么一个hta的文件： 然后运行： 结果如下： 会弹出计算器来。

Application Programming Interfaces (API) are a software design approach which enables software and system developers to integrate with other systems based on a defined set of communication methods. APIs serve as software building blocks and allow for software reuse - essentially allowing fast development of new systems based on existing capabilities.

CVE-2017-0263 is a UAF vulnerability in Menu Management Component in win32k kernel module of Wind...

本記事は、Microsoft Secure のブログ “How artificial intelligence stopped an Emotet outbreak” (2018 年 2 月 14 日 米国時間公開)

本記事は、Microsoft Secure のブログ “How artificial intelligence stopped an Emotet outbreak” (2018 年 2 月 14 日 米国時間公開)

Attacks are back to targeting a Windows IIS vulnerability first disclosed a year ago to mine Electroneum.

上传附件失败 问题： 上传所有附件都显示上传失败。 解决

[TOC] ### 前言 >这一段时间博客一直木有时间和东西产出，所以趁着这个小短假研究了一下XSS平台的运行原理是怎么样的。 该博文大概是这么一个流程：创建-》接收返回数据-》存储返回数据-》...

CVE-2017-0263 是 Windows 操作系统 win32k 内核模块菜单管理组件中的一个 UAF（释放后重用）漏洞，据报道称该漏洞在之前与一个 EPS 漏洞被 APT28 组织组合攻...

Critical apps are the ones that must never go down or be hacked. They are also the hardest to defend because they are often massive, ancient, and touch everything.

打造自己的IoT安全测试系统