Typecho install.php 后门分析
一不小心,博客就被黑了呢……
Aggregator
【Splunk】使用syslog-ng和UF(HF)收集syslog日志(一)需求 & 逻辑图 & 配置关系图
7 years 2 months ago
使用syslog-ng和UF(HF)收集syslog日志(一)需求 & 逻辑图 & 配置关系图
Typecho V1.1反序列化导致代码执行分析 - magic_zero
7 years 2 months ago
0x00 前言 今天在Seebug的公众号看到了Typecho的一个前台getshell分析的文章,然后自己也想来学习一下。保持对行内的关注,了解最新的漏洞很重要。 0x01 什么是反序列化漏洞 如题所说,这是一个反序列化导致的代码执行。看过我之前文章的人应该不会陌生。PHP在反序列化一个字符串时,
magic_zero
Reaper: The Professional Bot Herder’s Thingbot
7 years 2 months ago
While Reaper might be considered an “object lesson” today, it should serve as a blistering warning that IoT security needs to be fixed now.
DOS security vulnerability, October 2017
7 years 2 months ago
Help Guide the Future of Apps – Ultimately Your Threat Landscape – By Responding to Our SOAD Survey!
7 years 2 months ago
Assessing the State of Application Delivery depends on getting information from you about your applications!
Third-Party Security is Your Security
7 years 2 months ago
When you must depend on third parties for a variety of products and services, it’s critical that you hold them to high security standards.
Interview With the Experts: The Future of IoT Security Through the Eyes of F5 Threat Researchers
7 years 2 months ago
When it comes to IoT threats, we’re nowhere near being out of the woods yet; we’ve just barely entered the forest.
盘点前几年的预测
7 years 2 months ago
Doubt is not a pleasant condition, but certainty is an absurd one.
一波招聘 · 滴滴安全
7 years 2 months ago
from: DiDi
KRACK Hack Threatens Wi-Fi Security – What it Means for You
7 years 2 months ago
If you grew up before, or even during the 90s, you were familiar with a world of cords. A cord...
The post KRACK Hack Threatens Wi-Fi Security – What it Means for You appeared first on McAfee Blog.
McAfee
New Threat May Slip Through the KRACK in BYOD Policies
7 years 2 months ago
Combating this vulnerability might mean you have to force updates on employees’ personal devices or deny them access altogether.
How to Be a More Effective CISO by Aligning Your Security to the Business
7 years 2 months ago
Security must align to the business needs, not the other way around. Begin with investigation and understanding to be most effective.
蜜罐与内网安全从0到1(三)
7 years 2 months ago
常见内网攻击类型及检测思路。"不打扰是我的温柔"这种拖更借口已经没脸说了...
Joining Forces With Criminals, Deviants, and Spies to Defend Privacy
7 years 3 months ago
Organizations need to provide clear and specific guidance to employees who travel across national borders when it comes to giving up passwords and surrendering devices.
Academic Research: Web Application Attacks
7 years 3 months ago
Personally identifiable information and user credentials are the primary nuggets attackers are after when they exploit known vulnerabilities in web applications.
October 2017 security update release
7 years 3 months ago
Today, we released security updates to provide additional protections against malicious attackers. By default, Windows 10 receives these updates automatically, and for customers running previous versions, we recommend they turn on automatic updates as a best practice.
More information about this month’s security updates can be found in the Security Update Guide.
October 2017 security update release
7 years 3 months ago
Today, we released security updates to provide additional protections against malicious attackers. By default, Windows 10 receives these updates automatically, and for customers running previous versions, we recommend they turn on automatic updates as a best practice.
More information about this month’s security updates can be found in the Security Update Guide.
Canterbury Institute of Directors on Cyber Security
7 years 3 months ago
The Good News About Breaches
7 years 3 months ago
Security breaches in the news serve as a good reminder to check and make sure you have a solid application protection strategy in place, starting with never trusting user input.