If I Had to Do It Over Again, Part 2
More lessons learned from CISOs about “fire and forget,” physical security, the human factor, and audit logging.
Aggregator
Phishing Attacks Against Facebook / Google via Google Translate
6 years 4 months ago
When it comes to phishing, criminals put a lot of effort into making their attacks look legitimate, while putting pressure on their victims to take action. In today's post, we're going to examine a recent phishing attempt against me personally....
Larry Cashdollar
Safer Internet Day 2019 – Together for a Better Internet
6 years 4 months ago
What You Can Do Today to Help Create a Better Internet Today is Safer Internet Day (SID) – an...
The post Safer Internet Day 2019 – Together for a Better Internet appeared first on McAfee Blog.
Alex Merton-McCann
Anatomy of the seccomp
6 years 4 months ago
Terenceli
thinkphp 5.0.23 rce分析和复现
6 years 4 months ago
hurricane618
【Splunk】使用syslog-ng和HF(UF)收集syslog日志(三)syslog-ng配置
6 years 4 months ago
这部分详细讲讲syslog-ng服务器上的配置
使用Aggressor脚本雕饰Cobalt Strike
6 years 4 months ago
对cobalt strike常见aggressor脚本的简单收集和介绍。
使用Aggressor脚本雕饰Cobalt Strike
6 years 4 months ago
对cobalt strike常见aggressor脚本的简单收集和介绍。
使用Aggressor脚本雕饰Cobalt Strike
6 years 4 months ago
对cobalt strike常见aggressor脚本的简单收集和介绍。
使用Aggressor脚本雕饰Cobalt Strike
6 years 4 months ago
对cobalt strike常见aggressor脚本的简单收集和介绍。
使用Aggressor脚本雕饰Cobalt Strike
6 years 4 months ago
对cobalt strike常见aggressor脚本的简单收集和介绍。
Fighting Back Against Phishing and Fraud—Part 2
6 years 4 months ago
How certificate transparency can help you spot fraudulently registered TLS certificates that exploit your domain or brand name.
Apple Users: Here’s What to Do About the Major FaceTime Bug
6 years 4 months ago
FaceTime is a popular way for people of all ages to connect with long-distance loved ones. The feature permits Apple...
The post Apple Users: Here’s What to Do About the Major FaceTime Bug appeared first on McAfee Blog.
McAfee
Gozi Adds Evasion Techniques to its Growing Bag of Tricks
6 years 4 months ago
Gozi “banking” trojan continues to shift its targets beyond banking as it employs client-side and server-side evasion techniques via time-tested web injection.
修改考满分和小站托福上托福考试字体的油猴插件
6 years 4 months ago
最近重新捡起托福,突然想起了第一次考托时在考场被i
修改考满分和小站托福上托福考试字体的油猴插件
6 years 4 months ago
最近重新捡起托福,突然想起了第一次考托时在考场被i
安卓APP测试之HOOK大法-Xposed篇
6 years 4 months ago
0x01 前言
安卓APP测试之HOOK大法-Frida篇是基于Frida来实现HOOK,对于部分用户来说,一方面手机ROOT会带来一些风险,另一方面虽然愿意承担风险但是手机无法ROOT。这就需要采用另外一种方法–利用Xposed来进行HOOK。安装VirtualXposed之后,并不需要对手机进行ROOT,也可以来运行Xposed模块进行HOOK。
浮萍
安卓APP测试之HOOK大法-Frida篇
6 years 4 months ago
浮萍
Pbootcms-V1.3.2版本前台代码执行
6 years 4 months ago
详细介绍:0x00 cms简介PbootCMS是翱云科技开发的全新内核且永久开源免费PHP企业网站开发建设管
Linux Kernel Exploitation Part 3: Ret2Usr and SMEP
6 years 4 months ago
Introduction I’d like to talk about the ret2usr attack in Linux kernel exploitation and the corresponding Supervisor Mode Execution Prevention (SMEP). Rather than detailing the exploitation details in control flow hijacking, this post will explain what is ret2usr attack and what is the expected behaviour from SMEP. ret2usr attack ret2usr (return-to-user) attack exploits the truth […]
dangokyo