Aggregator

SOC2 For Startups

1 year 8 months ago

GreyNoise today announced that it achieved SOC 2 Type 2 compliance in accordance with American Institute of Certified Public Accountants (AICPA) standards for Systems and Organizational Controls (SOC). Achieving SOC 2 compliance with unqualified opinion serves as third-party industry validation that companies provide best-in-class enterprise-level security for their customers’ data.

Episode 005 - Erik Vanderhasselt

The Blue Team Diaries

1 year 8 months ago

Join us for a conversation with Erik Vanderhasselt that will leave you with a newfound appreciation for the role of cyber defenders. As the principal incident handler for numerous prestigious European institutions, Erik shoulders the task of safeguarding their critical assets from unforeseen threats and plays a critical role in optimizing Security Operations.

In this episode, hosted by Peter Manev, Erik discusses the evolving landscape of cybersecurity and shares stories about the dynamic nature of his job, from identifying and analyzing potential threats to coordinating rapid response efforts.

Deploying HarperDB and Akamai Connected Cloud for Faster API Performance

The Akamai Blog

1 year 8 months ago

Michael King

crmeb java版本CMS fastjson利用 - sevck

博客园_Sevck's Blog

1 year 8 months ago

4.5K start 2K fork的项目，之前用了低版本的fastjson，新版本修复了。 https://gitee.com/ZhongBangKeJi/crmeb_java 之前用1.2.56版本fastjson，1.2.68公开的有fastjson commons-io AutoClosea

sevck

帝都买房记 - sevck

博客园_Sevck's Blog

1 year 8 months ago

最近一直理财不行，基金、股市都不稳定，年后回来突发奇想决定买房，从想买、到看房、购房，1天完成，当天就交了定金。大致流程：看房前准备→实地看房→排号选房→提交购房资质审核资料，认购→草签，网签合同→付首付款→办理贷款→审批放贷→验房收房→交税→办房本整理一下购房（新房、商品房）流程，供参考：

sevck

MOVEit SQLi Zero-Day (CVE-2023-34362) Exploited by CL0P Ransomware Group

The Akamai Blog

1 year 8 months ago

Akamai Security Intelligence Group, which has been examining the MOVEit vulnerability and its exploitation, provides recommendations for detection and mitigation.

Akamai Security Intelligence Group

BT最新版一处RCE&后门&登录漏洞 - sevck

博客园_Sevck's Blog

1 year 8 months ago

审计搞了宝塔好几个版本，花了也不算短时间，屯了3个洞 1.一个命令执行（有一定利用条件，最开始不能回显，配合DNSLOG完成回显） 2.一个不死后门（非官方，自留后门,用来持续维持权限）适用 Linux/windows 测试版本： linux 7.9.8 Windows 6.7.0 Window

sevck

GreyNoise Round Up: Product Updates - May 2023

Grey Noise

1 year 8 months ago

May brought more product enhancements to user workflows, data coverage… and of course, more interesting tags! Twenty four to be exact, as we continue to improve our product to help our customers monitor emerging threats and identify benign actors. We improved our sensor coverage to include coverage in the country of Ghana, plus we made some helpful improvements to our bulk analysis, RIOT dataset, and APIs.

反诈法在一线：基层民警处理电诈行政处罚的三大难题怎么破？

天书奇坛TFT

1 year 8 months ago

《反电信网络诈骗法》的出台为打击电信网络诈骗的刑行衔接提供了依据，但是在实践中也存在诸多争议。基层民警就适用《反诈法》作行政处罚提出了三个问题和思考。

docker安全实战3：亲自动手设置多容器架构

debugeeker

1 year 8 months ago

文末暗号

Analyzing Broken User Authentication Threats to JSON Web Tokens

The Akamai Blog

1 year 8 months ago

Nitzan Namer

系统架构设计师之启动（一）

傲慢的上校的专栏

1 year 8 months ago

在N年之前，自己参加过一次系统架构设计师考试，由于准备不充分，或者说基本上没有什么准备，导致了最终的失败，之后的几年，慌慌张张中几乎忘却了此事，在后面的工作中，经常因为到由于系统知识很多细节了解不清晰，对于总体没有轮廓，走了不少弯路，所以，想借此考试，系统性的补充下专业知识，提升一下自己的专业技能，也可以让自己在此后的工作中更得心应手。

aomandeshangxiao

慎用！！一个干掉所有EDR/XDR的工具：终结者

debugeeker

1 year 8 months ago

文末暗号

Labs API: It’s Playtime

Grey Noise

1 year 8 months ago

Introducing the Labs API Playground, a powerful tool designed to provide users quick access to data and an Early-Access/Beta API experience. Whether you’re a seasoned GreyNoise user (welcome back!) or just starting your journey (welcome aboard!), this playground will enable you to explore and interact with our data in new ways.