Aggregator
php代码审计之install.php重装漏洞
2 years 8 months ago
欢迎各位大佬入群交流,需要各种资料也可入群领取。二维码失效加好友进群!!!!!!!!!!!wx:kalith
逆向入门之简单脱壳
2 years 8 months ago
欢迎各位大佬入群交流,需要各种资料也可入群领取。二维码失效加好友进群!!!!!!!!!!!wx:kalith
Scrum Pattern学习社群笔记之“能力成熟度”
2 years 8 months ago
6月15日参加Scrum Pattern学习社群直播,有个问题得到诸位老师解答
Scrum Pattern学习社群笔记之“能力成熟度”
2 years 8 months ago
6月15日参加Scrum Pattern学习社群直播,有个问题得到诸位老师解答
Scrum Pattern学习社群笔记之“能力成熟度”
2 years 8 months ago
6月15日参加Scrum Pattern学习社群直播,有个问题得到诸位老师解答
Unpatched Microsoft Office Zero-Day Vulnerability
2 years 8 months ago
Summary
According to a Microsoft blog and other reputable sources, an unpatched zero-day vulnerability exists in multiple Windows and Office products that has been exploited in a phishing campaign targeting NATO.
Threat Type
Vulnerability
Overview
-Update #01 - 07/13/2023
IOC's added.
-Original Post-
Microsoft has published a blog detailing their investigation into the exploitation of a zero-day vulnerability in their products. According to the investigation, an attacker exploiting this flaw with a “high-c
(Micro)Segmentation from a Practical Perspective
2 years 8 months ago
Stiv Kupchik
东软NetEye防火墙全线产品首获CNNVD兼容性资质证书
2 years 8 months ago
东软NetEye防火墙系统v3.2百兆/千兆/万兆产品正式获得中国信息安全测评中心颁发的“CNNVD兼容性资质证书”,这是NetEye防火墙产品首次获得该项证书。
东软NetEye防火墙全线产品首获CNNVD兼容性资质证书
2 years 8 months ago
东软NetEye防火墙系统v3.2百兆/千兆/万兆产品正式获得中国信息安全测评中心颁发的“CNNVD兼容性资质证书”,这是NetEye防火墙产品首次获得该项证书。
东软NetEye防火墙全线产品首获CNNVD兼容性资质证书
2 years 8 months ago
东软NetEye防火墙系统v3.2百兆/千兆/万兆产品正式获得中国信息安全测评中心颁发的“CNNVD兼容性资质证书”,这是NetEye防火墙产品首次获得该项证书。
东软NetEye防火墙全线产品首获CNNVD兼容性资质证书
2 years 8 months ago
东软NetEye防火墙系统v3.2百兆/千兆/万兆产品正式获得中国信息安全测评中心颁发的“CNNVD兼容性资质证书”,这是NetEye防火墙产品首次获得该项证书。
东软NetEye防火墙全线产品首获CNNVD兼容性资质证书
2 years 8 months ago
东软NetEye防火墙系统v3.2百兆/千兆/万兆产品正式获得中国信息安全测评中心颁发的“CNNVD兼容性资质证书”,这是NetEye防火墙产品首次获得该项证书。
Google Docs AI Features: Vulnerabilities and Risks
2 years 8 months ago
Google Docs is a popular word processing tool that is used by millions of people around the world. Recently Google added new AI features to Docs (and a couple of other products), such as the ability to generate summaries, and write different kinds of creative content.
Check out Google Labs for more info.
These features can be very helpful, but they also introduce new security risks.
At the moment there are not too many degress of freedom an adversary has, but operating your AI on untrusted data can have unwanted consequences:
企业软件供应链安全建设价值闭门研讨会
2 years 8 months ago
闭门研讨会安排和参与方式如文。希望通过交流对企业软件供应链安全建设价值有更全面和清晰的认知,为软件供应链安全技术发展做出一点点贡献。更深度了解大厂甲方安全软件供应链建设价值
Charting a Course for the Modern Cloud
2 years 8 months ago
Adam Karon
MOVEit Critical SQL Injection Vulnerability
2 years 8 months ago
Summary
***UPDATED OVERVIEW with PoC and CVSS Score***
Progress, the vendor that provides MOVEit, has released a fix for additional vulnerabilities in their product, once of which being a critical SQL injection flaw.
Threat Type
Vulnerability
Overview
***UPDATE #1, July 11, 2023***
A proof-of-concept (PoC) has been reported for MOVEit's CVE-2023-36934. At this time, there is no further information on the PoC. In addition to the above, the vulnerability has been assessed and now carries a CVSSv3 score 9.1, c
Wordpress插件漏洞快速分析
2 years 8 months ago
添加微信:quake_360,邀请加入技术交流群~
Wordpress插件漏洞快速分析
2 years 8 months ago
添加微信:quake_360,邀请加入技术交流群~
Wordpress插件漏洞快速分析
2 years 8 months ago
添加微信:quake_360,邀请加入技术交流群~