Aggregator

平安经之网络安全篇

本篇文章开始介绍海康萤石智能门锁的分析。从本篇文章开始，我们不再将目光聚焦在BLE通信方面，而是更多地关注门锁及配套网关的安全分析。

本篇文章开始介绍海康萤石智能门锁的分析。从本篇文章开始，我们不再将目光聚焦在BLE通信方面，而是更多地关注门锁及配套网关的安全分析。

本篇文章开始介绍海康萤石智能门锁的分析。从本篇文章开始，我们不再将目光聚焦在BLE通信方面，而是更多地关注门锁及配套网关的安全分析。

As users, we’ll do just about anything to ensure that our devices run as efficiently as possible. This includes renewing...

The post How to Keep Your Data Safe From the Latest Phishing Scam appeared first on McAfee Blog.

今日公布抽奖结果

今日公布抽奖结果

While we've highlighted both record PPS and BPS attacks mitigated on the Akamai Prolexic Platform over the past few weeks, these attacks are part of a broader trend of increasingly large and complex DDoS activity. We have seen clear indications across the industry of high-water mark DDoS attacks being publicized by multiple vendors. The sheer number of large attacks has been unprecedented. The attacks are also noteworthy for their increasing complexity, illustrated in the number and combinations of different attack vectors. The tenacity of attackers is also increasing -- one Akamai customer experienced 14 separate 100+ Gbps attacks in just the first half of 2020. "What's new is the concept of campaigns. We go back a couple of years, and 'attack' was the right word to use. There were many attacks every single day, but they weren't, in my opinion, campaign-oriented. Some of our more recent ones are campaign-oriented, where the attacker is working in a coordinated way over an extended period of time." -- Roger Barranco, Vice President, Global Security Operations, Akamai Some likely reasons for the rise in attacks are a combination of: The proliferation of DDoS-for-hire tools Emerging botnets (enterprise DVRs, IoT, etc.) entering the scene Plenty of motivating factors across social, geopolitical, and online unrest Quarantine and boredom -- what's a malicious actor supposed to do? Whatever the unique reason of each attack, the result is the same: a security and IT team needs an effective defense.

从一条告警里发现了不少新的知识点

前言

Linux-PAM是可插入认证模块(Pluggable Authentication Modules)，PAM使用配置/etc/pam.d/下的

CVE-2017-0263 是 Windows 操作系统 win32k 内核模块菜单管理组件中的一个 UAF（释放后重用）漏洞，据报道称该漏洞在之前与一个 EPS 漏洞被 APT28 组织组合攻击用来干涉法国大选。这篇文章将对用于这次攻击的样本的 CVE-2017-0263 漏洞部分进行一次简单的分析，以整理出该漏洞利用的运作原理和基本思路，并对 Windows 窗口管理器子系统的菜单管理组件进行简单的探究。分析的环境是 Windows 7 x86 SP1 基础环境的虚拟机。

CVE-2017-0263 is a UAF vulnerability in Menu Management Component in win32k kernel module of Windows operating system, which was reported to be used to attack with an EPS vulnerability to interfere the French election. This article will simply analyze the CVE-2017-0263 part of the attacking sample in order to come up with the operation principle and basic exploiting idea of this vulnerability, and make a brief investigation into the Menu Management Component of Windows Window Manager Subsystem. ...

目前我们御见UEBA产品最新版本已经发布，上一篇文章我们结合最新版本对御见UEBA产品进行了简单介绍，本文将对腾讯御见UEBA相关技术进行介绍，有兴趣欢迎交流。

目前我们御见UEBA产品最新版本已经发布，上一篇文章我们结合最新版本对御见UEBA产品进行了简单介绍，本文将对腾讯御见UEBA相关技术进行介绍，有兴趣欢迎交流。

CVE-2017-0263 是 Windows 操作系统 win32k 内核模块菜单管理组件中的一个 UAF（释放后重用）漏洞，据报道称该漏洞在之前与一个 EPS 漏洞被 APT28 组织组合攻击用来干涉法国大选。这篇文章将对用于这次攻击的样本的 CVE-2017-0263 漏洞部分进行一次简单的分析，以整理出该漏洞利用的运作原理和基本思路，并对 Windows 窗口管理器子系统的菜单管理组件进行简单的探究。分析的环境是 Windows 7 x86 SP1 基础环境的虚拟机。

CVE-2017-0263 is a UAF vulnerability in Menu Management Component in win32k kernel module of Windows operating system, which was reported to be used to attack with an EPS vulnerability to interfere the French election. This article will simply analyze the CVE-2017-0263 part of the attacking sample i...