Aggregator
Uber在ESG报告上披露的数据安全内容
2 years 5 months ago
第一次发现ESG报告还挺好看
解读 Permission 注解权限认证流程 - nice_0e3
2 years 5 months ago
解读 Permission 注解权限认证流程 Shiro 注解授权简介 授权即访问控制,它将判断用户在应用程序中对资源是否拥有相应的访问权限。 如判断一个用户有查看页面的权限,编辑数据的权限,拥有某一按钮的权限等等。 @RequiresPermissions({"xxx:model:edit"})
nice_0e3
Akamai?s Perspective on October?s Patch Tuesday 2022
2 years 5 months ago
Every Patch Tuesday stirs up the community. See Akamai's October insights and recommendations on what to focus on, and patch, patch, patch!
Akamai Security Intelligence Group
bcel环境下打入springboot内存马
2 years 5 months ago
1.环境说明在某个不出网环境中,spring boot jar包启的环境,存在fastjson漏洞,可通过b
十大议题重磅亮相!2022 SDC 即将举办
2 years 5 months ago
GeekPwn&我是极客2022,1026线上见!
2 years 5 months ago
十大议题重磅亮相!2022 SDC 即将举办
2 years 5 months ago
GeekPwn&我是极客2022,1026线上见!
2 years 5 months ago
RASP的安全攻防研究实践
2 years 5 months ago
随着Web应用攻击手段变得复杂,基于请求特征的防护手段,已经不能满足企业安全防护需求。在2012年的时候,Gartner引入了“Runtime application self-protection”一词,简称为RASP。
RASP的安全攻防研究实践
2 years 5 months ago
随着Web应用攻击手段变得复杂,基于请求特征的防护手段,已经不能满足企业安全防护需求。在2012年的时候,Gartner引入了“Runtime application self-protection”一词,简称为RASP。
Cybersecurity Awareness Month 2022: Using Strong Passwords and a Password Manager
2 years 5 months ago
The key behavior that we are highlighting this week for Cybersecurity Awareness Month is using strong passwords and a password manager. In today’s blog we interviewed NIST’s Connie LaSalle, a senior technology policy advisor, and she offers four specific ways to mitigate your cybersecurity risks online while discussing the importance of adopting strong passwords. Take a look at her responses to our questions below… This week’s Cybersecurity Awareness Month theme is using strong passwords and a password manager. How does your work/specialty area at NIST tie into this behavior? As a senior
Connie LaSalle
Akamai Wins Brandon Hall Gold Award in Extended Enterprise Learning
2 years 5 months ago
For the third consecutive year, Akamai Global Services has won the coveted Gold Award from Brandon Hall Group.
Natalia Zbijowska
Nine months on from the Cyber Essentials update - debunking some myths
2 years 5 months ago
Anne W takes stock of where we are following the changes to Cyber Essentials in early 2022, discussing some of the feedback received and clarifying some common misconceptions.
Quarter of Healthcare Ransomware Victims Forced to Halt Operations
2 years 5 months ago
免杀一切;利用Todesk企业版制作远控
2 years 5 months ago
RASP的安全攻防研究实践 - admin-神风
2 years 5 months ago
本文在2022-09-18首次投稿于凌日实验室,原文链接:https://mp.weixin.qq.com/s/uboamTu5LinvFcDktmL3Xw 前言 前段时间研究了以下JRASP的代码,在研究过程中看到了2022年Kcon会议上徐元振(pyn3rd)、黄雨喆(Glassy)两位安全研究
admin-神风
免杀一切;利用Todesk企业版制作远控
2 years 5 months ago
Cold Hard Cache ? Bypassing RPC Interface Security with Cache Abuse
2 years 5 months ago
Ben Barnea & Stiv Kupchik
Killnet Targeting US Airports
2 years 5 months ago
Summary
Several reputable news outlets have reported on Killnet activities against multiple airports and government agencies across the U.S. and globally presently and over the past several months. The current efforts of Killnet appear to be mainly US airports as identified by a list within a twitter post linked below.
Threat Type
DDoS Campaign
Overview
***UPDATE #1, OCTOBER 10, 2022***
A new post from Bleeping Computer lists the following airports suffering from potential DDoS attacks:
Atlanta (ATL)
Los An