Aggregator

Panda malware is back in full force with three currently active campaigns that extend its targets beyond banking to new industries and organizations worldwide.

通过对比 5 月补丁分析 win32k 空指针解引用漏洞

小刀志

7 years 1 month ago

微软在 5 月安全公告中包含并修复了 4 个 win32k 内核提权漏洞。这篇文章将通过补丁对比的方式，发现并分析补丁程序中修复的一个由某处空指针解引用导致的提权漏洞，最终实现其验证和利用代码。...

Leeqwind

对 UAF 漏洞 CVE-2016-0167 的分析和利用

小刀志

7 years 1 month ago

这篇文章将对 Windows 释放后重用（UAF）内核漏洞 CVE-2016-0167 进行一次简单的分析并构造其利用验证代码。该漏洞在 2016 年据报道称被用于攻击支付卡等目标的数据，并和...

Leeqwind

Introducing New WhoAmI Tool DNS Resolver Information

The Akamai Blog

7 years 1 month ago

The Domain Name System (DNS) tools ?whoami.akamai.net? and its alias ?whoami.akamai.com? have been used for many years, often as a step in the process for diagnosing how a content delivery network (CDN) is directing traffic, locality, and network reachability issues. Whoami was originally introduced as a quick solution that, as often happens, ended up sticking around for far longer than expected.

Mario Korf

Risky Business: The Fifth Element

F5 Labs

7 years 1 month ago

Preston Hogue writes for Security Week, explaining the fifth element of risk transfer: Sec-aaS.

May 2018 security update release

Update Tuesday on Microsoft Security Response Center

7 years 1 month ago

Today, we released security updates to provide additional protections against malicious attackers. As a best practice, we encourage customers to turn on automatic updates. More information about this month’s security updates can be found on the Security Update Guide. MSRC team