Aggregator
终端应用安全之网络流量分析
2 years 7 months ago
NOW I SEE YOU 👁
Critical VMWare Vulnerabilities
2 years 7 months ago
Summary
An emergency directive (ED) from CISA directs U.S. government agencies update VMWare products in response to critical vulnerabilities that could affect those agencies.
Threat Type
Vulnerability
Overview
Be advised that X-Force Incident Command is tracking Cybersecurity Directive ED 22-03 and an advisory issued by CISA in response to multiple vulnerabilities in VMware products. The Cybersecurity & Infrastructure Security Agency has issued an emergency directive regarding critical vulnerabilities in t
安恒信息网络安全4月月报|内附完整版下载
2 years 7 months ago
本文为报告部分精彩内容,内附完整版下载方式
安恒高级安全威胁情报周报(2022.5.14~5.20)
2 years 7 months ago
1.汽车行业:《针对德国汽车经销商和制造商的信息窃取活动》;2.勒索专题:《加拿大战斗机培训公司遭LockBit勒索软件攻击》;3.高级威胁:《Lazarus组织利用Log4Shell漏洞针对韩国目标》
河马WebShell检测 | 再战机器学习
2 years 7 months ago
机器学习已合并到在线查杀https://n.shellpub.com的正式环境
Meet Mike Schiessl: Senior Technical Marketing Engineer
2 years 7 months ago
Meet Mike Schiessl to learn more about his career path, how companies can support a DevOps to DevSecOps transition, and the future of security and business.
Chuck Freedman
基于深度学习的主机操作系统识别
2 years 7 months ago
无论从网络安全的攻击或是防护视角,信息的采集和甄别都至关重要,其中主机的系统类型是关键出发点。在以往经验中,根据操作系统类型往往能够大致判断其存在的风险点及风险类型,因此,识别主机操作系统类型对系统网络安全防护具有极其重要的意义。
安恒信息| 总裁直聘高端人才直通车,等你上车
2 years 7 months ago
去繁从简高效应聘,公开透明广阔平台
BIGO安全团队招聘
2 years 7 months ago
广州,业务安全、蓝军、研发、客户端安全
SHELLPUB在线查杀更新公告(文末抽奖)
2 years 7 months ago
河马ShellPub更新(内含福利)
Mythbusting cloud key management services
2 years 7 months ago
Why trying to avoid trusting the KMS doesn't make sense (and other common misconceptions).
Linux多跳透明网关配置
2 years 7 months ago
理论上将适合任何架构,任何系统的linux网络拓扑
4 Steps to Prepare for Open Enrollment: Ready for Takeoff?
2 years 7 months ago
Preparing for open enrollment is a key part of running efficient healthcare organizations, but it's difficult to know where to start. Learn which steps to take.
Bridget Meuse & Connor Dario
简易版TCP实现Http Chunk
2 years 7 months ago
实现简易版用户态TCP
斗象科技招聘
2 years 7 months ago
Red Team 及相关研发,北上广深成
ie CVE-2020-1380 UAF 漏洞分析及利用
2 years 7 months ago
ie CVE-2020-1380是2020年抓到的一个在野利用的0 day,且此漏洞目前在野外利用不少。
Detecting Malicious JavaScript with Secure Internet Access Enterprise Secure Web Gateway
2 years 7 months ago
JavaScript is everywhere, and when malicious can be hugely detrimental. In this blog, learn about the types of malicious JavaScript and how Akamai's SWG product helps keep you more secure from it.
Jordan Garzon
Zyxel USG FLEX handler 远程命令执行漏洞 CVE-2022-30525
2 years 7 months ago
Zyxel USG FLEX handler 远程命令执行漏洞 CVE-2022-30525
BIG-IP Remote Code Execution
2 years 7 months ago
Summary
***UPDATED, May 12, 2022***
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued an advisory regarding the critical vulnerability.
***UPDATED, May 9, 2022***
New Proofs-of-Concept have been released by two leading offensive attack teams as reported by The Daily Swig.
***Original Summary***
A critical vulnerability in BIG-IP can allow for Remote Code Execution (RCE) that could allow an attacker to take control over an affected system. The Hacker News and F5 have both reported