Aggregator

Summary VMWare published a security advisory, VMSA-2021-0004, that addresses two vulnerabilities in vRealize Operations, Cloud Foundation, and vRealize Suite Lifecycle Manager. Threat Type Vulnerability Overview VMWare published a security advisory, VMSA-2021-0004, that addresses two vulnerabilities in vRealize Operations, Cloud Foundation, and vRealize Suite Lifecycle Manager. The first vulnerability (CVE-2021-21975) is caused by a failure to properly validate user-provided input. An unauthenticated, remot

Summary Google has released an update to its Chrome web browser for Windows, Mac, and Linux that provides fixes for eight vulnerabilities. Of the six CVE numbered vulnerabilities noted in the advisory, Google has rated all of them as High. Threat Type Vulnerability Overview Google has released an update, version 89.0.4389.114, to its Chrome web browser for Windows, Mac, and Linux that provides fixes for eight vulnerabilities. Of the six CVE numbered vulnerabilities noted in the advisory, Google has rated al

都柏林大学三一学院的道格拉斯·莱思教授进行了一项学术研究，调查了现代iOS和Android设备发送回Appl

In our 2020 DDoS retrospective, we highlighted the twists and turns of a very, very active threat landscape. As a quick refresher, we mitigated some of the largest attacks ever seen (1.44 Tbps and 809 Mpps);

Summary Zimperium zLabs researchers discovered a new advanced android malware package posing as "System Update". The malware exfiltrates a wide range of data using methods to limit the amount of bandwidth used in order to avoid detection. The spyware mobile app is not found on the Google Play Store. Threat Type Malware, Infostealer, Spyware, RAT Overview Zimperium zLabs researchers discovered a new advanced android malware package posing as "System Update". The malware ex-filtrates a wide range of data usin

俄罗斯黑客可以访问属于前（访问的时候还不是“前”）国土安全部部长（DHS）的电子邮件帐户以及网络安全人员的电

目前部署 Hexo 的操作比较麻烦，先在本地执行 hexo clean && hexo d 生成博客静态文件并发布到 GitHub 上，然后通过 XShell 登录

谈谈扩展 Kubernetes 的几种策略，CNI、CSI、CRI、设备插件、调度框架和准入控制等

谈谈扩展 Kubernetes 的几种策略，CNI、CSI、CRI、设备插件、调度框架和准入控制等

Check up on Your Virtual Safety: Tips for Telehealth Protection In a poll conducted by the Canadian Medical Association, nearly...

The post Check up on Your Virtual Safety: Tips for Telehealth Protection appeared first on McAfee Blog.

供应链攻击

谈谈扩展 Kubernetes 的几种策略，CNI、CSI、CRI、设备插件、调度框架和准入控制等

本题的核心考点是利用 HPACK 在同一个 connection 的不同的 stream 中使用相同的 Indexing Tables 这一特性导致的 Header 字段重用。

首发于 https://xz.aliyun.com/t/9276 概述 Fortify是一款商业级的源码扫描工具，其工作原理和codeql类似，甚至一些规则编写的语法都很相似，其工作示意图如下： 首先Fortify对源码进行分析（需要编译），然后提取出相关信息保存到某个位置，然后加载规则进行扫描，扫

文章首发于 https://xz.aliyun.com/t/9277 概述 和 codeql，Fortify 相比 Joern不需要编译源码即可进行扫描，适用场景和环境搭建方面更加简单。 环境搭建 首先安装 jdk ，然后从github下载压缩包解压即可 https://github.com/Shi

首发于 https://xz.aliyun.com/t/9275 概述 codeql 是一个静态源码扫描工具，支持 c, python, java 等语言，用户可以使用 ql 语言编写自定义规则识别软件中的漏洞，也可以使用ql自带的规则进行扫描。 环境搭建 codeql的工作方式是首先使用codeq

发表于安全客 1. socket 1.1 sock_create 1.1.1 sock_alloc 1.1.2 inet_create 1.1.2.1 sk_alloc 1.2 sock_map_fd 2. send(运输层) 2.1 import_single_range 2.2 sockfd_lookup_light 2.3 sock_sendmsg 2.4 udp_sendmsg 2.4.1 udp_cmsg_send 2.4.2 TOS 2.4.3 多播/本地广播 2.4.4 检查sock中路由信息是否过期 2.4.5 udp_send_skb 2.4.6 udp_push_pending_frames 3. recv(运输层) 2.1 udp_recvmsg 2.1.1 __skb_recv_udp 2.1.1.1 __skb_try_recv_from_queue 4. IP(网络层) 4.1 ip_cmsg_send 4.2 ip_make_skb 4.2.1 ip_setup_cork 4.2.2 __ip_make_skb 4.3 ip_append_data 4.3.1 __ip_append_data 4.4 ip_send_skb 4.4.1 __ip_local_out 1. socket SOCK_CLOEXEC 和 SOCK_NONBLOCK是2.6.27版本后增加的sock类型: SOCK_CLOEXEC 借助文件描述符FD_CLOEXEC 实现子进程运行exec后关闭sock_fd机制 SOCK_NONBLOCK 借助文件描述符O_NONBLOCK 实现非阻塞IO通信

随着软件架构不断的演进，更加快捷部署大型复杂应用成为了人们关注的方向。近几年Service Mesh开始不断出 […]

随机UA, JSP升级,返回包加密