Aggregator

最近小黑屋有个大佬写了篇硬核安全技术文章。不过由于内容比较敏感，没敢发出来。 刚好小黑屋好久没更新了，就找了篇去年写的文章，滥竽充数。 内容嘛，主要还是针对 Web 3 的

首篇公众号文章，读者千二百五十人俱

As of March we are contributing our vulnerability targeting intelligence to FIRST’s Exploit Prediction Scoring System.

尝试卷入 Java 安全

尝试卷入 Java 安全

Fastjson学习JSON: JavaScript Object Notation(对象表示法),js对象简谱,是一种轻量级的数据交换格式.Fastjson优点：速度快，使用广泛，测试完备，使...

在云原生高速发展的今天，针对云环境的攻击方法也层出不穷。本文讲述了vesta对云原生后门检测的理念和实践。D

在云原生高速发展的今天，针对云环境的攻击方法也层出不穷。本文讲述了vesta对云原生后门检测的理念和实践。D

在云原生高速发展的今天，针对云环境的攻击方法也层出不穷。本文讲述了vesta对云原生后门检测的理念和实践。D

在云原生高速发展的今天，针对云环境的攻击方法也层出不穷。本文讲述了vesta对云原生后门检测的理念和实践。D

在云原生高速发展的今天，针对云环境的攻击方法也层出不穷。本文讲述了vesta对云原生后门检测的理念和实践。D

在云原生高速发展的今天，针对云环境的攻击方法也层出不穷。本文讲述了vesta对云原生后门检测的理念和实践。D

This is a developing situation and this blog post will be updated as needed.  Reports of malicious code associated with the 3CX desktop application – part of the 3CX VoIP (Voice over Internet Protocol) platform – began on March 22, 2023. On March 30, 2023, 3CX confirmed the compromise, noting the affected 3CX desktop app … Continued

The post Investigating 3CX Desktop Application Attacks: What You Need to Know appeared first on VMware Security Blog.

Researchers at NIST have developed a new — and sound — way to accurately measure the rate at which gas flows in and out of a vessel. The technique, which uses acoustic waves to determine the average temperature of the gas and microwaves to ascertain

此次分析Realtek SDK的upnp服务程序，CVE-2021-35392, UPnP 订阅标头参数堆栈缓冲区溢出。

此次分析Realtek SDK的upnp服务程序，CVE-2021-35392, UPnP 订阅标头参数堆栈缓冲区溢出。

此次分析Realtek SDK的upnp服务程序，CVE-2021-35392, UPnP 订阅标头参数堆栈缓冲区溢出。