卷土重来的DDoS狂魔:Fodcha僵尸网络再次露出獠牙
背景
2022年4月13日,360Netlab首次向社区披露了Fodcha僵尸网络,在我们的文章发表之后,Fodcha遭受到相关部门的打击,其作者
Aggregator
Vulnerability in VMware Cloud Foundation
2 years 5 months ago
Summary
VMWare has released advisory VMSA-2022-0027 in order to remedy a critical remote code execution vulnerability in VMWare Cloud Foundation. This vulnerability is being tracked as CVE-2021-39144 and only affects VMware Cloud Foundation (NSX-V) version 3.11.
Threat Type
Vulnerability
Overview
X-Force is tracking the release of a patch for a critical remote code execution vulnerability in VMWare Cloud Foundation. VMWare has released advisory VMSA-2022-0027 to remedy this vulnerability tracked as CVE-202
Uber Verdict Raises New Risks for Ransom Payments
2 years 5 months ago
The conviction of a high profile security executive who paid to suppress a
data leak has created a new dimension of risk for security executives.
Bill Siegel
Windows RPC应用详解 - zha0gongz1
2 years 5 months ago
RPC(远程过程调用)并不是Windows独有的概念,RPC的第一个实现是在unix上;RPC在Windows上的设计是一种强大、健壮、高效且“安全”的进程间通信 (IPC) 机制,它支持数据交换和调用驻留在不同进程中的功能。不同的进程可以在同一台机器上、局域网上或互联网上。简单说它允许请求操作另一台计算机上的服务,而无需了解背后的详细信息。
zha0gongz1
dhpcd: The Cryptominer That Hid for Four Years
2 years 5 months ago
Akamai Researchers have uncovered a long-running attack campaign attack targeting Linux SSH servers that has been running a monero cryptominer.
Oryan De Paz
2022看雪安全开发者峰会
2 years 5 months ago
1、面向业务守护的移动安全对抗实践2、从应用场景看金融安全 —— 逻辑为王3、Linux内核漏洞检测与防御4、从后门到漏洞——智能设备私有协议中的安全问题5、漫谈AOSP蓝牙漏洞挖掘技术
Hack Inn
造谣不止一张嘴:网络“黑公关”产业链洞察与刑事规制
2 years 5 months ago
“黑公关”呈现隐蔽性强、调查取证难、维权成本高、损失难估算等特点,被害人或被害企业受限于财力或精力,不得已选择冷处理,助长“黑公关”气焰。网络”黑公关“已经快速形成产业链条,扰乱舆论环境。
造谣不止一张嘴:网络“黑公关”产业链洞察与刑事规制
2 years 5 months ago
“黑公关”呈现隐蔽性强、调查取证难、维权成本高、损失难估算等特点,被害人或被害企业受限于财力或精力,不得已选择冷处理,助长“黑公关”气焰。网络”黑公关“已经快速形成产业链条,扰乱舆论环境。
小米6X变砖之菜鸟折腾笔记
2 years 5 months ago
最终还是成了砖家
小米6X变砖之菜鸟折腾笔记
2 years 5 months ago
最终还是成了砖家
Akamai?s Prolexic Launches Sixth-Generation DDoS Platform Upgrade
2 years 5 months ago
Today, we are excited to announce a significant evolution of Akamai?s distributed denial-of-service (DDoS) protection solution, Prolexic.
Ankita Kharya
Financial Services Firms Operating Under False Sense of Security
2 years 5 months ago
Why Employers Should Embrace Competency-Based Learning in Cybersecurity
2 years 5 months ago
There is a growing movement toward increasing the use of competency and skills-based education and hiring practices in both the public and private sectors. For example, the Executive Order on Modernizing and Reforming the Assessment and Hiring of Federal Job Candidates calls upon the Federal Government to “ensure that the individuals most capable of performing the roles and responsibilities required of a specific position are those hired for that position”—resulting in “merit-based reforms that will replace degree-based hiring with skills- and competency-based hiring.” Similarly, the
Marni Baker-Stein, Bridgett Paradise, Rodney Petersen
【10月29日-11月1日】GeekPwn 2022 大赛实况直播来了!
2 years 5 months ago
10.29-11.01 每天19:00 不PWN不散
【10月29日-11月1日】GeekPwn 2022 大赛实况直播来了!
2 years 5 months ago
10.29-11.01 每天19:00 不PWN不散
【10月29日-11月1日】GeekPwn 2022 大赛实况直播来了!
2 years 5 months ago
10.29-11.01 每天19:00 不PWN不散
【10月29日-11月1日】GeekPwn 2022 大赛实况直播来了!
2 years 5 months ago
10.29-11.01 每天19:00 不PWN不散
DotNet安全-CVE-2022-23277漏洞复现
2 years 5 months ago
该漏洞主要是由于SerializationBinder的错误使用导致反序列化白名单的绕过,从而实现任意命令执行。触发漏洞的功能与CVE-2021-42321一致。
Sensor Intel Series: Top CVEs in September 2022
2 years 5 months ago
Learn which CVEs are top of mind for attackers this autumn.
OpenSSL and zlib update assessment, and Node.js Assessment workflow
2 years 5 months ago