Aggregator

DNS is better known, but some recent high-profile outages are a reminder that Border Gateway Protocol (BGP) failures can take sites down too.

As I took on the role of Chief Marketing Officer of Akamai earlier this year, I set out to inspire and challenge our teams to build an impactful global campaign that showcases not just what we do, but what we make possible. What quickly became clear is that to be authentic in talking about what we make possible, we first needed to get crystal clear on our why ? WHY our company exists, and what our greater impact on the world is.

This post is part of a series about Offensive BPF that I’m working on to learn about BPF to understand attacks and defenses, click the “ebpf” tag to see all relevant posts. I’m learning BPF to understand how its use will impact offensive security, malware, and detection engineering. One offsec idea that quickly comes to mind with BPF is to observe network traffic and act upon specific events. So, I wanted to see if/how bpftrace, a popular tool for running BPF programs, can be used to create potential backdoors, and what evidence to look for as defenders.

"任何职业都可以成为黑客。" ——引自《黑客伦理与信息时代精神》。线下就业班宽字节安全线下就业班 第二期，于

October is here, and that means we are less than two months away from the busiest weekend of the year. Parts one and two of the Holiday Readiness blog series covered topics ranging from security checklists to disaster recovery strategies and flash crowd management. If you haven?t had a chance to review those topics and checklists, now is a critical time to start to ensure you are ready for the traffic rush the holiday season brings.

This post covers the details of CVE-2021-40683 (CVSS 6.5), the vulnerability impacting the Akamai Enterprise Application Access (EAA) Client running on Windows systems, for which Akamai has provided a patch to its customers.

1. 导言性能测试对于 Linux 发行版来说至关重要，Alibaba Cloud Linux 2 也是如此。（Alibaba Cloud Linux 2 是阿里巴巴操作系统团队推出的一款...

[TOC] # 实践研究 > 本篇文写了挺久了，18年底进行总结编写，一直忘记发出来，当时在想否能将某个EXE使用PowerShell通过无文件的方式进行利用，于是就在网上搜索了各种资料，搜索到...

"任何职业都可以成为黑客。" ——引自《黑客伦理与信息时代精神》。线下就业班宽字节安全线下就业班 第二期，于

"任何职业都可以成为黑客。" ——引自《黑客伦理与信息时代精神》。线下就业班宽字节安全线下就业班 第二期，于

祝各位公众号的关注者国庆节快乐，身体健康、工作顺利、阖家幸福！

终于在国庆前把X-C2的GUI完成大半了。

免杀杂谈-Golang篇

9月30日，PeckShield 协助 Eleven Finance 追回 450 万美元。据链上追踪信息显示，攻击者已于下午15时57分返还所获全部虚拟资产。

Over the last few years eBPF has gained a lot of traction in the Linux community and beyond. eBPF’s offensive usage is also slowly getting more attention. So, I decided to dive into the topic from a red teaming point of view to learn about it to raise awareness and share the journey. Similar to the format of my Machine Learning Attack Series, there will be a serious of posts around BPF usage in offensive settings, and also how its misuse can be detected.

前言宽字节安全首次推出 内网渗透 课程。系统性的讲解 内网渗透 从 0 到 1 的攻击手法，深入各个安全机制

线下就业班宽字节安全线下培训班 第二期，于 2021 年 11 月 25 号开班。为什么选择我们宽字节有自己

十月一号是祖国成立七十二周年，数字观星携全体员工为庆贺国庆来临开启新一轮的POC&指纹平台活动。

Ransomware is everywhere. And the shift of workloads to the cloud and employees to work-from-home models has only expanded the attack surface, creating new opportunities for attackers to leverage. Companies need Zero Trust solutions that not only defend against threat actors gaining access to enterprise systems, but also mitigate the impact of infections that slip through the cracks.