混合办公(Hybrid Work)安全的“三年”技术落地趋势推演
混合办公(Hybrid Work)安全的三年技术落地趋势推演。"端到端零信任"大的版图。
Aggregator
混合办公(Hybrid Work)安全的“三年”技术落地趋势推演
3 years ago
混合办公(Hybrid Work)安全的三年技术落地趋势推演。"端到端零信任"大的版图。
Spring Cloud Function SpEL Injection (CVE-2022-22963) Exploited in the Wild
3 years ago
Although Spring Cloud Functions are not as widespread as the Log4j library, and should provide a good separation from the hosting server, some draw the line between the two, due to the ease of exploitation over HTTP/s. This new vulnerability will definitely result in many threat actors launching campaigns for crypto-mining, ddos, ransomware, and as a golden ticket to break into organizations for the next years to come.
Akamai Threat Research Team
Mitigating Spring Core ?Spring4Shell? Zero-Day
3 years ago
When Spring, the Java-based application, fell victim to cyberattacks, Akamai's Adaptive Security Engine detected zero-day attacks and protected customers against them.
Akamai Threat Research Team
Spring 参数绑定的分析以及甲方自查
3 years ago
春天
Spring 参数绑定的分析以及甲方自查
3 years ago
春天
Spring 参数绑定的分析以及甲方自查
3 years ago
春天
Spring 参数绑定的分析以及甲方自查
3 years ago
春天
Spring 参数绑定的分析以及甲方自查
3 years ago
春天
Caging the Malicious Insider Application
3 years ago
The applications we need to run inside our organizations can turn malicious, so how can we architect for this?
如何解析并白嫖xray yml V2 poc
3 years ago
从去年开始 xray的yml poc升级到了v2版本和v1版本相比,执行流程上有了较大变化
Lapsus$ Group Heists Ramp Up
3 years ago
Summary
***UPDATED March 30, 2022***
The Lapsus$ group is ramping up its already breakneck pace of infiltration, exfiltration, and extortion campaigns against several high profile companies including Microsoft, NVIDIA, Samsung, and others.
Threat Type
Threat Group
Overview
***UPDATE #4, March 30, 2022***
Lapsus$ returns from its self-imposed hiatus to compromise Globant, a software services company. Images of data extracted as well as credentials for the DevOps structure were posted on the group's Telegram
Welcome to Edge Diagnostics
3 years ago
After more than a year of dedication and hard work, we are delighted to officially announce the launch of our new Edge Diagnostics application on March 30, 2022. Diagnosing network and content issues quickly and effectively is critical to your success! Therefore the aim is to make the existing diagnostic tools faster, easier to navigate, more user-friendly, and with improved functionality and a developer focus in mind.
Amit Mohanty
Meet Anthony Hogg: Senior Enterprise Architect and Lifelong Learner
3 years ago
At Akamai and across the tech industry at large, best practices and tools are constantly evolving. To keep up with these changes, a passion for learning is key, especially among those who support and enable others. One Senior Enterprise Architect on Akamai?s Advanced Solutions team, Anthony Hogg, truly embodies this value.
Chuck Freedman
CVE-2022-22947 Spring Cloud Gateway漏洞分析从0到1
3 years ago
Spring Cloud Gateway是Spring Cloud官方推出的第二代网关框架,取代Zuul网关。网关作为流量的,在微服务系统中有着非常作用,网关常见的功能有路由转发、权限校验、限流控制等作用。
CVE-2022-22947 Spring Cloud Gateway漏洞分析从0到1
3 years ago
Spring Cloud Gateway是Spring Cloud官方推出的第二代网关框架,取代Zuul网关。网关作为流量的,在微服务系统中有着非常作用,网关常见的功能有路由转发、权限校验、限流控制等作用。
安全对抗,从统计学到人工智能(一)
3 years ago
写在前面一直有一个想法,想把统计学的知识复习一下,边复习边尝试把统计学应用到安全对抗领域中。之前一直写的都是
安全对抗,从统计学到人工智能(一)
3 years ago
写在前面一直有一个想法,想把统计学的知识复习一下,边复习边尝试把统计学应用到安全对抗领域中。之前一直写的都是
安全对抗,从统计学到人工智能(一)
3 years ago
写在前面一直有一个想法,想把统计学的知识复习一下,边复习边尝试把统计学应用到安全对抗领域中。之前一直写的都是
安全对抗,从统计学到人工智能(一)
3 years ago
写在前面一直有一个想法,想把统计学的知识复习一下,边复习边尝试把统计学应用到安全对抗领域中。之前一直写的都是