Aggregator

A Spectre of Meltdowns Could be in Store for 2018, Including Fileless Malware Attacks and More Costly Bots

6 years 11 months ago

Every week another bug, vulnerability, or exploit is released - we need a multi-layered security strategy (beyond our standard patch “spin cycles”) to deal with threats like Spectre and Meltdown.

小心第三方代码

岚光

6 years 11 months ago

看到一篇有趣的文章 I’m harvesting credit card numbers and passwords from your site. Here’s how，讲的是通过在 NPM ...

0x0d

Global Consultancy Overcomes Cloud Security Risks

F5 Labs

6 years 11 months ago

How moving application into the cloud can make your organization stronger and more valuable to your customers.

January 2018 security update release

Update Tuesday on Microsoft Security Response Center

6 years 11 months ago

Today, we released security updates to provide additional protections against malicious attackers. By default, Windows 10 receives these updates automatically, and for customers running previous versions, we recommend they turn on automatic updates as a best practice. More information about this month’s security updates can be found in the Security Update Guide.

January 2018 security update release

Microsoft Update Tuesday

6 years 11 months ago

Apache Maven的入门使用之常用操作以及核心概念介绍（2） - magic_zero

Magic_Zero

6 years 11 months ago

我们接着上篇文章，来继续介绍Maven中几个核心的概念： POM (Project Object Model) 我们首先来看一下，上篇文章做演示的时候生成的pom.xml文件：在该配置文件中有三个必须写的字段，groupId,artifactId,version。groupId代表组织或者创建团队

magic_zero

Apache Maven的入门使用之项目的基本构建（1） - magic_zero

Magic_Zero

6 years 11 months ago

前言最近在研究java框架struts2的相关漏洞，然后就去看了官方给出的文档。在看文档的过程中发现使用到了Apache Maven这个项目管理工具，我在网上搜索了一下，大多数文章都写得不是很系统，容易产生迷惑。我就自己来根据自己的学习过程，做个记录。一来为了方便自己复习，二来别人如果有类似需求也

magic_zero

McAfee Shares Threat Predictions For 2018 – As the Saying Goes, Forewarned is Forearmed

Security News, Insights and Analysis | McAfee

6 years 11 months ago

2017 has drawn to a close and phew, what a year it has been in the digital world. Terms like...

The post McAfee Shares Threat Predictions For 2018 – As the Saying Goes, Forewarned is Forearmed appeared first on McAfee Blog.

McAfee

Meltdown and Spectre - Impact On Node.js

Node.js Blog: Vulnerability Reports

6 years 11 months ago

Cybercriminals taking advantage of Cryptocurrency Boom

abuse.ch | IT-Security Blog

6 years 11 months ago

Struts2 漏洞系列之S2-001分析 - magic_zero

Magic_Zero

6 years 11 months ago

0x00 前言最近在学习java的相关漏洞，所以Struts2的漏洞自然是绕不开的。为了更好的理解漏洞原理，计划把Struts2所有的漏洞自己都做一个复现。并且自己去实现相关的POC。相关的环境搭建，以及POC实现细节，参考文章我都会尽可能的写清楚。方便自己记录学习过程的同时，方便看文章的人学习。

magic_zero

Mirai is Attacking Again, So We’re Outing its Hilarious, Explicit C&C Hostnames

F5 Labs

7 years ago

With Mirai rearing its ugly head again, we’re revealing its C&C hostnames so organizations can update their denylists and protect themselves.

meltdown漏洞小白理解

不忘初心方得始终

7 years ago

Terenceli

New Python-Based Crypto-Miner Botnet Flying Under the Radar

F5 Labs

7 years ago

A new Python-based botnet that mines Monero spreads via SSH and leverages Pastebin to publish new C&C server addresses.

Liability in an Assume Breach World

F5 Labs

7 years ago

The safest way to run a network is to assume it’s going to breached, but that also means minimizing your liability and ensuring the executive team is fully aware of what is going on.