Aggregator
值得纪念的20210422
3 years 6 months ago
Never Give Up
3 years 6 months ago
永不言弃,不忘初心!
用安全守护草原的梦|企业联合公益活动 — VIPKID SRC
3 years 6 months ago
助力公益!VIPKID SRC邀您以安全之名,为草原孩子的梦想撑腰!
勒索病毒演义
3 years 6 months ago
加密为何代替了锁屏?历史上最大的赎金是多少?AIDS艾滋病与这一切有什么关系?
Email Compromise with Credential Stuffing Attack Tools
3 years 6 months ago
How cybercriminals use credential stuffing attack tools OpenBullet and MailRanger to bypass CAPTCHA, compromise mailboxes, and reset passwords.
Innovative Ways Customers Compute on the Edge
3 years 6 months ago
Moving everything closer to the edge is the key to delivering better, faster experiences to people through billions of devices around the world.
CJ Arnesen
Announcing Akamai's 2030 Sustainability Goals
3 years 6 months ago
There are 4.66 billion (yes, with a B) internet users. Rough math will tell us that's three in every five people around the world -- talk about lessening the six degrees. I see head nods and shoulder shrugs. 4.66 billion people?
Mike Mattera
从零带你看struts2中ognl命令执行漏洞
3 years 6 months ago
转载记录
Iron Tiger APT Spotted Using Enhanced SysUpdate Malware
3 years 6 months ago
Summary
Trend Micro spotted an enhanced SysUpdate Malware package that now uses five files in its infection routine instead of the usual three. While conducting an incident response investigation involving a Philippine-based gambling company, Trend Micro that the Iron Tiger threat actor had been targeting he same company for 18 months and it was in December 2020 that they discovered the SysUpdate malware sample.
Threat Type
Malware, APT, Backdoor
Overview
Continued targeting of gambling companies and an inc
ProxyLogon利用链复现
3 years 6 months ago
ProxyLogon 利用链复现~~~~~
Codecov Supply-Chain Attack Hacked
3 years 6 months ago
Summary
A software company specializing in auditing tools suffered an attack over the course of the the past four months and disclosed this month. Several news outlets have reported on the attack and the vulnerability used to exploit a zero-day vulnerability.
Threat Type
Vulnerability, Breach
Overview
An investigation by Codecov led to the discovery of a supply-chain attack that has been occurring since January 2021. The maker of auditing tools stated a threat actor had modified Bash Uploader script and exp
中俄均就黑客攻击做出回应
3 years 6 months ago
【一】有日媒报道称,与中国军方相关的一个黑客组织对日本发动了近200次网络袭击。对此,外交部发言人汪文斌20
快递公司员工账号被租用于窃取公民信息!
3 years 6 months ago
吕某做过两个月快递员,知道如何在快递公司系统内查询个人信息,现在有了这样一个销售渠道,吕某就动员了几个同样无所事事的年轻人,以刷单或者跟踪邮件动态的名义,以每天租金500元的高价,先后租来五个快递公司员工的登录账号,从快递公司系统内窃取公民个人信息,吕某把窃取来的公民信息打包卖给他的上线,再由上线直接卖给境外诈骗团伙。
从Spring Boot FatJar文件写漏洞的一次实践 - admin-神风
3 years 6 months ago
前言 今天在landgrey师傅的博客上看到一篇将Spring Boot FatJar任意写目录漏洞如何来GetShell的方法,因为在Spring Boot中处理逻辑的控制层Controller是通过注解等方式来添加进Spring容器中,已经摒弃了JSP的方式。这样的方式导致JSP就算上传在网站目
admin-神风
ICS-CERT Advisories April 15 2021
3 years 6 months ago
Summary
The ICS-CERT has published two advisories that affect the Schneider Electric C-Bus Toolkit, and the EIPStackGroup OpENer Ethernet/IP.
Threat Type
Vulnerability
Overview
The ICS-CERT has published two advisories that affect the Schneider Electric C-Bus Toolkit, and the EIPStackGroup OpENer Ethernet/IP. Further information is available from the advisories which are summarized below.
ICS Advisory ICSA-21-105-01 - Schneider Electric C-Bus Toolkit
CVE-2021-22716 - The affected product is vulnerable to Im
腾讯安全-SOAR
3 years 6 months ago
数据显示,到2022年,30%的5人以上的安全团队将会采用SOAR(安全编排与自动化响应)。你是那30%吗?
Chrome Browser Update - April 14 2021
3 years 6 months ago
Summary
Google has released an update to its Chrome web browser for Windows, Mac, and Linux that provides fixes for thirty-seven vulnerabilities. Of the nineteen CVE-numbered vulnerabilities noted in the advisory, Google has six of them rated as High, ten as Moderate, and three as Low.
Threat Type
Vulnerability
Overview
Google has released an update, version 90.0.4430.72, to its Chrome web browser for Windows, Mac, and Linux that provides fixes for thirty-seven vulnerabilities. Of the nineteen CVE-numbered
五年前的python面试题
3 years 6 months ago
半块西瓜皮
记录所有ssh登陆用户的输入记录
3 years 6 months ago
半块西瓜皮