Aggregator

xjar加密破解

Mutual Transport Layer Security (mTLS) allows two parties to authenticate each other during the initial connection of an SSL/TLS handshake.

Chromium内核的安全问题，早已悄无声息地牵动着互联网生活方方面面。基于对实战经历的复盘，本文将从Chromium架构及安全机制概况入手，剖析Chromium组件在多场景下给企业带来的安全风险并一探收敛方案。

7 月 14 日，布局在 BSC 和 Polygon 链上的收益聚合器 Aperocket 在不到 12 小时的时间内先后遭到闪电代攻击。

7 月 14 日，布局在 BSC 和 Polygon 链上的收益聚合器 Aperocket 在不到 12 小时的时间内先后遭到闪电代攻击。

操作系统上账号作为取证分析的一部分，通过分析主机上账号属性，可以帮助我们识别未知的用户帐户，清除账号后门。

根据浏览器版本，图片自动返回 AVIF、WebP 或传统格式

基于网页实现的各种敲门方案

使用 iptables 拦截端口扫描

整理了一些前端黑魔法

JS 函数式编程案例

JS 调用一个空函数有可能报错吗

5

On July 2, 2021, Kaseya disclosed an active attack against customers using its VSA product, and urged all on-premise customers to switch-off Kaseya VSA. Shortly before this alert, users on Reddit started describing ransomware incidents against managed security providers (MSPs), and the common thread among them was on-premise VSA deployments. In the hours to follow, several indicators of compromise (IOCs) were released, and Akamai was able to observe some of that traffic. A patch for the VSA product was released by Kaseya on July 11.

If the term Zero Trust has been popping up in your news feed with astonishing frequency lately, you may be tempted to think that Zero Trust must be a brand-new technology cooked up in a research lab at MIT and powered by the latest artificial intelligence, machine learning, quantum computing, and a 1.21 gigawatt flux capacitor. In this and subsequent blog posts, I want to make the case that, in fact, Zero Trust is all about simplicity, and that at its core, Zero Trust is a strong form of the age-old principle of least privilege.

java源代码审计-sql注入

Elkeid-RASP 发布，易部署的RASP方案。

安全客2021年电子刊（上）发布，推荐阅读。

安全客2021年电子刊（上）发布，推荐阅读。

CVE-2021-1675分析