Aggregator

本文转载自“中国网安”微信公众号

本文由MS509团队成员“thor@MS509 Team”原创，转载请注明来源。 本文已于2017-10-30 发布于“先知安全技术社区”。

一不小心，博客就被黑了呢……

使用syslog-ng和UF（HF）收集syslog日志（一）需求 & 逻辑图 & 配置关系图

0x00 前言 今天在Seebug的公众号看到了Typecho的一个前台getshell分析的文章，然后自己也想来学习一下。保持对行内的关注，了解最新的漏洞很重要。 0x01 什么是反序列化漏洞 如题所说，这是一个反序列化导致的代码执行。看过我之前文章的人应该不会陌生。PHP在反序列化一个字符串时，

While Reaper might be considered an “object lesson” today, it should serve as a blistering warning that IoT security needs to be fixed now.

Assessing the State of Application Delivery depends on getting information from you about your applications!

When you must depend on third parties for a variety of products and services, it’s critical that you hold them to high security standards.

When it comes to IoT threats, we’re nowhere near being out of the woods yet; we’ve just barely entered the forest.

Doubt is not a pleasant condition, but certainty is an absurd one.

from: DiDi

If you grew up before, or even during the 90s, you were familiar with a world of cords. A cord...

The post KRACK Hack Threatens Wi-Fi Security – What it Means for You appeared first on McAfee Blog.

Combating this vulnerability might mean you have to force updates on employees’ personal devices or deny them access altogether.

Security must align to the business needs, not the other way around. Begin with investigation and understanding to be most effective.

常见内网攻击类型及检测思路。"不打扰是我的温柔"这种拖更借口已经没脸说了...

Organizations need to provide clear and specific guidance to employees who travel across national borders when it comes to giving up passwords and surrendering devices.

Personally identifiable information and user credentials are the primary nuggets attackers are after when they exploit known vulnerabilities in web applications.

Today, we released security updates to provide additional protections against malicious attackers. By default, Windows 10 receives these updates automatically, and for customers running previous versions, we recommend they turn on automatic updates as a best practice. More information about this month’s security updates can be found in the Security Update Guide.