Aggregator
【As-Exploits】你不能错过的antSword插件
3 years 6 months ago
antSword 后渗透模块,一个你不能错过的插件。本文将介绍 v1.2 更新内容,并介绍该插件目前已有的功能。
5.33亿Facebook用户的电话号码在黑客论坛上泄露
3 years 6 months ago
黑客已在可公开访问的网络犯罪论坛上发布了估计5.33亿Facebook用户的电话号码和帐户详细信息,约占整个
护网专题第二篇-Java内存马(下)
3 years 6 months ago
Java Agent 从入门到内存马(下)
ClassLoader 详解 - 论如何使用 ClassLoader 加载自定义类
3 years 6 months ago
得补 java 基础。很多 java 特性之前没有碰到过的。
【热剩饭】获取代理池背后攻击者的真实IP
3 years 6 months ago
利用 WebRTC 这碗老剩饭,貌似大家都忘关这功能了,拿出来再热一热
暗流涌动——中国新疆反恐挑战
3 years 6 months ago
从“误入歧途的人生”“来自内部的敌人”“包藏祸心的教材”“互联网中的威胁”四个部分,充分揭示新疆虽连续4年多未发生暴恐案事件,但仍面临来自恐怖主义和极端主义的威胁和挑战。
Metasploit最新资讯
3 years 6 months ago
Metasploit最新资讯!!新模块*7,功能更新*5,BUG修复*10~
Combatting Digital Fraud with Security Convergence
3 years 6 months ago
Even with 99.95% efficacy of network security controls, bad actors can still monetize fraud. Security convergence is the way forward in surviving digital fraud.
使用 Workerman 接入 Bilibili 直播弹幕协议
3 years 6 months ago
逛 B 站的时候,突然想到可以用 PHP 接入直播弹幕,然后在命令行显示弹幕消息。 经过搜索发现了一篇讲解 Bilibili 直播弹幕协议的文章(链接在文末),通过这篇文章了解到了弹
[胖猴小玩闹]智能门锁与BLE设备安全第十三篇:云丁鹿客门锁BLE通信的分析(上)
3 years 6 months ago
通过之前几篇对智能门锁的分析和讨论,是不是有种渐入佳境的感觉?从本篇开始,我们再换一个门锁品牌进行研究
2020 年总结 · 渐入佳境
3 years 6 months ago
转眼间 2021 年已经过去将近三分之一了,然而作者的 2020 年年终总结还没有写,本来已经把这件事情抛在
Xen Security Advisory XSA-371
3 years 6 months ago
Summary
A security advisory has been published for Xen. The vulnerability addressed in the advisory could potentially allow an attacker to cause a denial of service condition on the host system.
Threat Type
Vulnerability
Overview
A security advisory has been published for Xen. The vulnerability addressed in the advisory could potentially allow an attacker to cause a denial of service condition on the host system. Further details are available from the advisories linked below.
Xen Security Advisory CVE-2021-
VMware Security Advisory VMSA-2021-0004
3 years 6 months ago
Summary
VMWare published a security advisory, VMSA-2021-0004, that addresses two vulnerabilities in vRealize Operations, Cloud Foundation, and vRealize Suite Lifecycle Manager.
Threat Type
Vulnerability
Overview
VMWare published a security advisory, VMSA-2021-0004, that addresses two vulnerabilities in vRealize Operations, Cloud Foundation, and vRealize Suite Lifecycle Manager. The first vulnerability (CVE-2021-21975) is caused by a failure to properly validate user-provided input. An unauthenticated, remot
Chrome Browser Updates - March 30 2021
3 years 6 months ago
Summary
Google has released an update to its Chrome web browser for Windows, Mac, and Linux that provides fixes for eight vulnerabilities. Of the six CVE numbered vulnerabilities noted in the advisory, Google has rated all of them as High.
Threat Type
Vulnerability
Overview
Google has released an update, version 89.0.4389.114, to its Chrome web browser for Windows, Mac, and Linux that provides fixes for eight vulnerabilities. Of the six CVE numbered vulnerabilities noted in the advisory, Google has rated al
安卓手机收集的用户数据量是IPhone的20倍
3 years 6 months ago
都柏林大学三一学院的道格拉斯·莱思教授进行了一项学术研究,调查了现代iOS和Android设备发送回Appl
2021: Volumetric DDoS Attacks Rising Fast
3 years 6 months ago
In our 2020 DDoS retrospective, we highlighted the twists and turns of a very, very active threat landscape. As a quick refresher, we mitigated some of the largest attacks ever seen (1.44 Tbps and 809 Mpps);
Tom Emmons
New Android Infostealer Seen in the Wild
3 years 7 months ago
Summary
Zimperium zLabs researchers discovered a new advanced android malware package posing as "System Update". The malware exfiltrates a wide range of data using methods to limit the amount of bandwidth used in order to avoid detection. The spyware mobile app is not found on the Google Play Store.
Threat Type
Malware, Infostealer, Spyware, RAT
Overview
Zimperium zLabs researchers discovered a new advanced android malware package posing as "System Update". The malware ex-filtrates a wide range of data usin
俄罗斯黑客取得美国国安部长邮件
3 years 7 months ago
俄罗斯黑客可以访问属于前(访问的时候还不是“前”)国土安全部部长(DHS)的电子邮件帐户以及网络安全人员的电
使用 GitHub Actions 自动部署 Hexo
3 years 7 months ago
目前部署 Hexo 的操作比较麻烦,先在本地执行 hexo clean && hexo d 生成博客静态文件并发布到 GitHub 上,然后通过 XShell 登录到服务器,切换到博客站点目录下 git pull 拉取最新的代码,最近网络