Aggregator

VLab是墨云科技旗下的安全研究团队，专注于漏洞挖掘，红蓝对抗，APT攻防，前瞻性安全技术预研等方向。

问题环境 PHP: 8.0.13 Swoole: 4.6.2 Hyperf: 2.2.33 运行环境: Docker Desktop on WSL2 问题背景 有同事说我之前使用注解实现的某个功能有问题，具体表现就是有部分使用了注解的类没有被 Hyperf 收集到注解收集器中，

Summary Multiple vulnerabilities in the web-based management interface of certain Cisco IP Phones could allow an unauthenticated, remote attacker to execute arbitrary code or cause a denial of service. Threat Type Vulnerability Overview Cisco has issued an advisory for certain models of its IP phone lineup due to vulnerabilities in the web-based management interface that could allow an unauthenticated, remote attacker to perform arbitrary code execution or cause a denial of service. Affected phones include

PortSwigger today announces that The Daily Swig is closing down

SentinelOne is a Leader in the 2023 Gartner Magic Quadrant for Endpoint Protection Platforms (EPP) 

The post 顧客価値、イノベーション、プラットフォームアプローチ： SentinelOneがガートナーのマジッククアドラントでリーダークアドラントに位置付けされる理由 appeared first on SentinelOne JP.

2023年了，AI都会写编码器了你还不会?

本文主要谈一谈如何发现Django官方没有披露的潜在漏洞以及高效查看潜在问题的代码块

近日， Smartbi官方发布安全更新，其中包含Smartbi 远程命令执行漏洞，未经身份认证的远程攻击者利用此漏洞向系统发送恶意数据，可能执行任意命令，导致系统被攻...

Every few months, an important ceremony takes place. It’s not splashed all over the news, and it’s not attended by global dignitaries. It goes unnoticed by many, but its effects are felt across the globe. This ceremony helps make the internet more secure for billions of people. This unique ceremony began in 2010 when Verisign, […]

The post Verisign’s Role in Securing the DNS Through Key Signing Ceremonies appeared first on Verisign Blog.

ChatGPT Plus

上一次这么大福利还是在上一次

这篇文章从市场角度深度剖析了软件供应链安全方向的现在和未来，强烈推荐阅读，感谢凯雯的分享。

上海or北京 等你来！

动态SQL动态 SQL 是 MyBatis 的强大特性之一，一般而言，如果不使用动态SQL来拼接SQL语句，是比较痛苦的，比如拼接时要确保不能漏空格，还要注意去掉列表最后一个列名的逗号等，但是利...

The IP Timeline provides context to 60 days of data collected on an IP displayed in timechart format. Users can correlate the behavior of an IP they have seen in their data, learn what schedule an IP operates on, or gain a greater understanding of ownership and behavioral changes.

To create IP Similarity, we have been collecting, analyzing, and labeling internet background noise, and we have come to identify patterns among scanners and background noise traffic. We want to enable anyone to quickly sniff out these groups without synthesizing large amounts of raw data to find similar behavior combinations.

Plus, the 7 Weirdest CVEs (You won’t believe number 6!)