Aggregator
Android so注入(inject)和Hook技术学习(二)——Got表hook之导入表hook - bamb00
6 years 5 months ago
全局符号表(GOT表)hook实际是通过解析SO文件,将待hook函数在got表的地址替换为自己函数的入口地址,这样目标进程每次调用待hook函数时,实际上是执行了我们自己的函数。 GOT表其实包含了导入表和导出表,导出表指将当前动态库的一些函数符号保留,供外部调用,导入表中的函数实际是在该动态库中
bamb00
The Ethical and Legal Dilemmas of Threat Researchers
6 years 5 months ago
F5 Labs' Ray Pompon writes for HelpNetSecurity, discussing the grey areas of threat research and some common issues researchers encounter.
一种工控系统主动防御技术
6 years 5 months ago
6月30日,首届工业互联网安全精英邀请赛颁奖典礼在2018年第二十二届中国国际软件博览会“软件之夜”盛典上隆重…
Z-0ne
Tackling Gootkit's Traps
6 years 5 months ago
Gootkit malware uses misleading code to hinder manual research and automated analysis.
Popular Social Media App Timehop Hit With Huge Data Breach
6 years 5 months ago
The Fourth of July is characterized by barbeques, fireworks, and patriotism – and now cyberattacks! Just this past Independence Day,...
The post Popular Social Media App Timehop Hit With Huge Data Breach appeared first on McAfee Blog.
McAfee
PHP 7.1 使用 json_encode 函数造成浮点类型数据出现精度问题
6 years 5 months ago
新项目用的 PHP 7.1.13 版本,在使用过程中发现 浮点类型 数据经过 json_encode 之后会出现精度问题。 举个例子: $data = [ 'stock' => '100', 'amount' => 10, 'price' => 0.1 ]; var_dump($data); echo json_encode($data); 输出结果: array(3) { ["stock"]=> string(3) "100" ["amount"]=> int(10) ["price"]=> float(0.1) } { "stock":"100",
灯塔实验室助力2018年工业信息安全技能大赛西部赛区
6 years 5 months ago
7月5日上午,2018年工业信息安全技能大赛开幕赛,西部赛区初赛启动仪式在四川大学望江校区体育馆正式拉开帷幕。…
Z-0ne
July 2018 Security Update Release
6 years 5 months ago
Today, we released security updates to provide additional protections against malicious attackers. As a best practice, we encourage customers to turn on automatic updates.
More information about this month’s security updates can be found on the Security Update Guide.
July 2018 Security Update Release
6 years 5 months ago
Today, we released security updates to provide additional protections against malicious attackers. As a best practice, we encourage customers to turn on automatic updates.
More information about this month’s security updates can be found on the Security Update Guide.
FastJson反序列化漏洞利用的三个细节 - TemplatesImpl的利用链
6 years 5 months ago
KINGX
New Jenkins Campaign Hides Malware, Kills Competing Crypto-Miners
6 years 5 months ago
Threat actors continue to find creative yet relatively unsophisticated ways to launch new campaigns to reap profits from crypto-mining operations.
FastJson反序列化漏洞利用的三个细节 - TemplatesImpl利用链
6 years 5 months ago
记录在FastJson反序列化RCE漏洞分析和利用时的一些细节问题。
How Digital Transformation is Making the Anonymous Personal
6 years 5 months ago
F5 Labs' Preston Hogue writes for SecurityWeek, discussing how the trend towards digital transformation is bringing data together in a way that provides intelligence to malicious actors.
Gmail Users: App Developers Can Potentially Read Your Private Emails
6 years 5 months ago
Email has been the norm for decades now, as most digitally connected people use it to communicate in both their...
The post Gmail Users: App Developers Can Potentially Read Your Private Emails appeared first on McAfee Blog.
McAfee
GCSB welcomes report about its activity in relation to the Pacific
6 years 5 months ago
Laravel 授权策略(Policy)的基本使用
6 years 5 months ago
Policy(即策略)是在特定模型或者资源中组织授权逻辑的类,用来处理用户授权动作。 比如在博客程序中会有一个 Article 模型,这个模型就会有一个相应的 ArticlePolicy 来对用户
Snooping on Tor from Your Load Balancer
6 years 5 months ago
An F5 Labs researcher snoops on Tor exit node traffic from a load balancer. What he finds will shock you. SHOCK YOU.
IoT安全测试之通信测试环境及方法
6 years 5 months ago
IoT安全测试之通信测试环境及过程总结。
BackSwap Defrauds Online Banking Customers Using Hidden Input Fields
6 years 5 months ago
BackSwap demonstrates unique behavior in its manipulation of user input fields and its handling of International Bank Account Numbers (IBANs).