Aggregator

又被黑了！就因为业务区加密流量没解密，检测设备没反应。老王被领导劈头盖脸的骂，还要求追溯全过程。他突然想起防火墙是自带解密功能的，结果一测性能掉得跟自由落体似的，业务卡顿，客户投诉，老王焦头烂额。听说

深入电力行业，满足合规要求，护航生产安全。

随着信息技术的快速发展，现代工业和生产环境对自动化和智能化的需求不断增加，新一代集控站设备监控系统（以下简称“集控系统”）满足了管辖范围内无人值班变电站一、二次设备和辅助设备远程集中监视、操作及控制等

近期我在开发 Video2X 的时候为了程序在支持 AVX2 和 AVX-512 的 CPU 上能完全发挥出扩展指令集的性能，同时又能够保持对不支持这些扩展的 CPU 的支持，研究了一下如何将一个函数多个微架构的版本同时编译进可执行文件中，并且在运行时根据 CPU 支持的扩展动态选择应该调用的函数。我将在这篇文章中讲述如何在 GCC 和 LLVM 中用多版本控制来达成在程序运行时自动选择最佳的函数实现。

近期我在开发 Video2X 的时候为了程序在支持 AVX2 和 AVX-512 的 CPU 上能完全发挥出扩展指令集的性能，同时又能够保持对不支持这些扩展的 CPU 的支持，研究了一下如何将一个函数多个架构的版本同时编译进可执行文件中，并且在运行时根据 CPU 支持的扩展动态选择应该调用的函数。我将在这篇文章中讲述如何在 GCC 和 LLVM 中用多版本控制来达成在程序运行时自动选择最佳的函数实现。

A comprehensive analysis of benign internet scanning activity from November 2024, examining how quickly and thoroughly various legitimate scanning services (like Shodan, Censys, and others) discover and probe new internet-facing assets. The study deployed 24 new sensors across 8 geographies and 5 autonomous systems, revealing that most scanners found new nodes within 5 minutes, with ONYPHE leading in first contacts.

A vulnerability was found in GitLab Community Edition and Enterprise Edition up to 14.7.6/14.8.4/14.9.1 and classified as problematic. This issue affects some unknown processing of the component Note Handler. The manipulation leads to cross site scripting. The identification of this vulnerability is CVE-2022-1175. The attack may be initiated remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

美国中情局（CIA）情报研究中心的刊物《情报研究》2024年9月多篇文章专门讨论了开源情报，今天把相关内容分享给大家。

A vulnerability, which was classified as problematic, has been found in MPlayer. This issue affects some unknown processing. The manipulation leads to improper resource management. The identification of this vulnerability is CVE-2008-4610. The attack may be initiated remotely. Furthermore, there is an exploit available.

A vulnerability classified as critical was found in KTH Kerberos 4.1.0.3. This vulnerability affects unknown code. The manipulation of the argument krb4_proxy leads to improper privilege management. This vulnerability was named CVE-2001-0034. It is possible to launch the attack on the local host. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

提问者的原意是：系统发版前进行了安全测试，但是业务方不想投入太多时间整改，直接把未改完的代码给到运维中心发版上线。如果仅进行安全团队自省，则大概率是研发安全的工作模式出现了问题： 1、安全检查没有嵌入到研发流程中，缺少卡点或检查，不能阻断不达标系统上线； 2、安全质量没有和业务绩效挂钩，或执行不到位，导致可以直接不理安全就发版。 再深挖一层，可能是研发安全团队处境比较尴尬，没有足够的话语权，甚至没有取得高管的认可与信任。这是开展研发安全工作的基础，值得想办法去破局。 更多软件安全内容，可以访问： 1、SDL100问：我与SDL的故事 SAST误报太高，如何解决？ SDL需要哪些人参与？ 设计阶段应开展哪些安全活动？ 有哪些不错的安全设计参考资料？ 安全设计要求怎么做才能落地？ 有哪些威胁建模方法论？ 如何选择开源组件安全扫描(SCA)工具？ SCA工具扫描出很多漏洞，如何处理？ SCA工具识别出高风险协议，如何处理？ 应该如何选型代码安全扫描工具？ 白盒检测工具存在局限性，如何进行补偿？ SCA用什么系统做，自研还是外购？ 有没有好用的SDL平台？ Sonar是否好用以及误报率咋样？ 如何推进有问题的jar包更新？ SCA工具的误报率怎样？ 在研发安全流程落地方面，有何经验？ 如何说服业务完成checklist自检？ sdl会对项目变更代码做review吗？ SDL 39/100问：如何展示SDL的成果或效果？ 2、SDL创新实践系列 首发！“ 研发安全运营 ” 架构研究与实践 DevSecOps实施关键：研发安全团队 DevSecOps实施关键：研发安全流程 DevSecOps实施关键：研发安全规范 从安全视角，看研发安全 数字化转型下的研发安全痛点

提问者的原意是：系统发版前进行了安全测试，但是业务方不想投入太多时间整改，直接把未改完的代码给到运维中心发版上线。如果仅进行安全团队自省，则大概率是研发安全的工作模式出现了问题： 1、安全检查没有嵌入到研发流程中，缺少卡点或检查，不能阻断不达标系统上线； 2、安全质量没有和业务绩效挂钩，或执行不到位，导致可以直接不理安全就发版。 再深挖一层，可能是研发安全团队处境比较尴尬，没有足够的话语权，甚至没有取得高管的认可与信任。这是开展研发安全工作的基础，值得想办法去破局。 更多软件安全内容，可以访问： 1、SDL100问：我与SDL的故事 SAST误报太高，如何解决？ SDL需要哪些人参与？ 设计阶段应开展哪些安全活动？ 有哪些不错的安全设计参考资料？ 安全设计要求怎么做才能落地？ 有哪些威胁建模方法论？ 如何选择开源组件安全扫描(SCA)工具？ SCA工具扫描出很多漏洞，如何处理？ SCA工具识别出高风险协议，如何处理？ 应该如何选型代码安全扫描工具？ 白盒检测工具存在局限性，如何进行补偿？ SCA用什么系统做，自研还是外购？ 有没有好用的SDL平台？ Sonar是否好用以及误报率咋样？ 如何推进有问题的jar包更新？ SCA工具的误报率怎样？ 在研发安全流程落地方面，有何经验？ 如何说服业务完成checklist自检？ sdl会对项目变更代码做review吗？ SDL 39/100问：如何展示SDL的成果或效果？ 2、SDL创新实践系列 首发！“ 研发安全运营 ” 架构研究与实践 DevSecOps实施关键：研发安全团队 DevSecOps实施关键：研发安全流程 DevSecOps实施关键：研发安全规范 从安全视角，看研发安全 数字化转型下的研发安全痛点

Why Advanced Threat Detection Matters? Ever wondered why organizations across various sectors -financial services, healthcare, travel, and DevOps, are placing great emphasis on advanced threat detection? Well, the reason lies in our increasingly digitized economy, where securing digital assets has become a high priority. More so, when we recognize that these digital assets are not […]

The post Ensure Certainty with Advanced Threat Detection Methods appeared first on Entro.

The post Ensure Certainty with Advanced Threat Detection Methods appeared first on Security Boulevard.

Have You Ever Wondered about the Management of Cloud-Based Secret Sprawl? With the rapid digital transformation and the upsurge in cloud computing, enterprises are continually looking for innovative strategies to manage the ever-increasing avalanche of non-human identities (NHIs) and secrets with minimum risk and maximum efficiency. This necessity has given rise to the urgent need […]

The post Innovations in Handling Cloud-Based Secret Sprawl appeared first on Entro.

The post Innovations in Handling Cloud-Based Secret Sprawl appeared first on Security Boulevard.

Is Your Organization Taking a Rigorous Approach to Secrets Rotation? In today’s advanced technological landscape, ensuring compliance and maintaining a capable security posture is no longer optional. Particularly, the management of Non-Human Identities (NHIs) and secrets rotation has become a cornerstone of robust cybersecurity strategies. The question is, is your organization up to speed with […]

The post Capable Compliance through Rigorous Secrets Rotation appeared first on Entro.

The post Capable Compliance through Rigorous Secrets Rotation appeared first on Security Boulevard.

Unpacking the Importance of Non-Human Identities (NHIs) in Cloud Security Can we imagine a world where Non-Human Identities (NHIs) weren’t instrumental to our cybersecurity strategies? NHIs, or machine identities, perform an irreplaceable function in today’s environment, where businesses are increasingly migrating their operations to the cloud. They are the unheralded heroes, working tirelessly behind the […]

The post Protected Access: Enhancing Cloud IAM Strategies appeared first on Entro.

The post Protected Access: Enhancing Cloud IAM Strategies appeared first on Security Boulevard.

Why is Privileged Access Management Crucial? Does it ever cross your mind how privileged access management plays a significant role in safeguarding your organization’s data and systems? With a largely digitalized economy, the landscape of potential security threats has dramatically shifted, introducing us to the likes of Non-Human Identities (NHIs) and the vast complexities they […]

The post Building Trust with Efficient Privileged Access Management appeared first on Entro.

The post Building Trust with Efficient Privileged Access Management appeared first on Security Boulevard.

How Does Innovation Impact Machine Identity Management? Imagine an environment where machine identities are as secure as human identities, where every “tourist” in the system is accounted for, their “passports” encrypted and secure. This is the goal of Non-Human Identity (NHI) management. But how is such a task undertaken? The answer lies in harnessing innovation. […]

The post Harnessing Innovation in Machine Identity Management appeared first on Entro.

The post Harnessing Innovation in Machine Identity Management appeared first on Security Boulevard.

A vulnerability was found in Wireshark up to 1.12.8/2.0.0 and classified as critical. This issue affects the function dissect_diameter_base_framed_ipv6_prefix of the file epan/dissectors/packet-diameter.c of the component DIAMETER Dissector. The manipulation leads to improper input validation. The identification of this vulnerability is CVE-2015-8725. The attack may be initiated remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Oracle Insurance IFRS 17 Analyzer 8.0.6/8.0.7. It has been declared as critical. This vulnerability affects unknown code of the component jQuery. The manipulation leads to improper input validation. This vulnerability was named CVE-2014-0114. The attack can be initiated remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.