Aggregator

With DDoS, we typically observe a moderate degree of attacker persistence. DDoS attacks are relatively easy to launch from a number of online booter services, and the availability of cryptocurrencies for payment has made it easy to remain anonymous. Attackers can try their hand at DDoS for little effort and money, and in relative safety. They give it a go, try a few things (vector, endpoint, and scale changes), and for those with effective defenses, the attacker eventually burns out.

Summary Multiple sources, including T-Mobile, have reported on a data breach that occurred against the cellular communications company. The data breach affects more than 100 million of T-Mobile's customers. Threat Type Data Breach Overview First reported by Vice on Saturday, August 14, T-Mobile has suffered a data breach that purportedly affects more than 100 million of its customers. More than 106GB of data, including social security numbers, names, addresses, IMEI numbers, and driver license information a

0x01 背景前言我是个记性不太好的人，因此平日里会去写写弄弄把零碎的想法记录下来。之前内容排版上大多都是按照自己的习惯、语言上的常识，在看完阮一峰老师的中文技术文档写作风格指南 之后觉得挺有必...

前言Java技术栈漏洞目前业已是web安全领域的主流战场，随着IPS、RASP等防御系统的更新迭代，Java

百万级开源HIDS解决方案的策略建设思路

郑重声明：文中所涉及的技术、思路和工具仅供以安全为目的的学习交流使用，任何人不得将其用于非法用途以及盈利等目

《关键信息基础设施安全保护条例》已经2021年4月27日国务院第133次常务会议通过，现予公布，自2021年9月1日起施行。

企业防御之安全运营数据分析

Guidance for home users or small businesses who want to reduce the likelihood of being held to ransom by WannaCry (or other types of ransomware).

With 35 medals at stake, the last full day of competition during the games in Tokyo generated the highest video streaming traffic for 30-plus customers on the Akamai Intelligent Edge Platform. Medal matches for baseball, basketball, and soccer, along with several track and field finals, drove related traffic to 10 Tbps on Saturday, August 7.

一、前言 在之前某次渗透测试中，发现一个ASP.NET的站点，通过数据库权限提权拿下系统之后发现站点的密码是经过几次编码和不可逆加密算法存储的。导致无法通过管理员的账号密码登录系统（因为当时是个比较重要的系统，因此需要账号密码来登录后台），因此最后的解决办法就是通过加密算法生成一个新的密码，再写入数

4.用户态睡眠以sleep为例来说明任务在用户态是如何睡眠的。首先我们通过strace工具来看下其调用的系统调用：$stracesleep1 ... close(3)...

1开场白环境：处理器架构：arm64内核源码：linux-5.10.50ubuntu版本：20.04.1代码阅读工具：vim+ctags+cscope无论是任务处于用户态还是内核态，经常会...

利用 Service Worker 离线化特性，即使服务器被打垮，浏览器也能通过备用站点加载并更新

Poly Network 攻击者透露攻击的初衷是因为跨链协议攻击很“火”。

这是一个残酷的世界，无论我们多么努力，结果可能还是不如意。这一点，软件人深有体会，不管我们多么认真地编码，多么仔细地测试，仍然无法抵挡Bug顽强地冒出来。如果Bug被发布出去了，谁将为此背...

在先前文章《近距离看GPU计算（2）》中，我们谈到现代GPU发展出SIMT(Single Instruction Multiple Thread)的执行结构，硬件线程池的线程们有相对独立的...

SSH 是常见远程管理工具，常见于linux机器，windows 也能安装ssh服务利用场景：控制目标机器，

Elkeid 对容器支持的说明