Aggregator
2021年暑假红队训练营-常见问题答疑
3 years 11 months ago
2021年暑假红队训练营-常见问题答疑
3 years 11 months ago
2021年暑假红队训练营-常见问题答疑
3 years 11 months ago
2021年暑假红队训练营-常见问题答疑
3 years 11 months ago
Anyone For a Smart Network Slice?
3 years 11 months ago
As with any standardization effort, development of 5G specifications accounted for numerous technology trends and new use cases.
Mick Higgins
CISA Emergency Directive 21-03: VPN Vulnerabilities Actively Exploited
3 years 11 months ago
On April 20, 2021, the Department of Homeland Security Cybersecurity and Infrastructure Security Agency (CISA) released an alert on the exploitation of Pulse Connect Secure Vulnerabilities with Alert AA21-110A: Exploitation of Pulse Connect Secure Vulnerabilities, as well as Emergency Directive (ED) 21-03, after a FireEye blog shed light on security incidents involving compromises of Pulse Secure VPN appliances.
Patrick Sullivan
Cisco Security Advisories April 28 2021
3 years 11 months ago
Summary
Cisco has published thirteen Security Advisories. Of the advisories, five are rated as High and eight are rated as Medium.
Threat Type
Vulnerability
Overview
Cisco has published thirteen Security Advisories. Of the advisories, five are rated as High and eight are rated as Medium. For all advisories listed below, it is noted that Cisco's Product Security Incident Response Team (PSIRT) is "not aware of any public announcements or malicious use of the vulnerabilities" that are described in the advisori
美国CIA网络武器库新增被动流量监听器
3 years 11 months ago
颜色家族再添一员
美国CIA网络武器库新增被动流量监听器
3 years 11 months ago
颜色家族再添一员
Cyberattacks Targeting Latin America, January through March 2021
3 years 11 months ago
Latin America’s cyberattack landscape saw continued focus on port 5900 and the targeting of common web vulnerabilities.
SAST大规模应用实践
3 years 11 months ago
介绍Xcheck团队如何在企业内部落地SAST应用,以及取得的效果
SAST大规模应用实践
3 years 11 months ago
介绍Xcheck团队如何在企业内部落地SAST应用,以及取得的效果
SAST大规模应用实践
3 years 11 months ago
介绍Xcheck团队如何在企业内部落地SAST应用,以及取得的效果
SAST大规模应用实践
3 years 11 months ago
介绍Xcheck团队如何在企业内部落地SAST应用,以及取得的效果
Cyber Apocalypse 2021 Web Artillery WriteUP
3 years 11 months ago
大家好,我是BaCde,上周临时组队参与了HackTheBox组织的Cyber Apocalyps 2021的CTF比赛。今天主要写一下Web的Artillery,这是一道3星题(最难为4星),这是一道关于XXE利用的题,做出来的人相对很少,也花了不少时间,有些收获,这里写出来与大家分享。本文不介绍基础知识,如果要学习基础可以查看后面的推荐文章。
收集信息此次的CTF题大部分都提供源代码,并提供有Dockerfile文件,可通过docker build构建并运行。通过源码可知源代码为Java语言。openjdk 1.8.181版本,Web Server为Tomcat10。
《我对计算的理解》:2021全球架构师峰会演讲实录
3 years 11 months ago
4月25日在上海参加了ArchSummit全球架构师峰会,分享了一些我对计算的看法,演讲全文如下。各位嘉宾
Observed Changes to the Threat Landscape in 2020
3 years 11 months ago
Reflecting on the cybersecurity threat landscape in 2020, we can't overlook the massive changes that landed on us. Global security attacks increased at a significant pace between 2019 and 2020, and the COVID-19 pandemic only deepened these troubling conditions.
Shiran Guez
Supporting Akamai Communities Impacted by COVID-19
3 years 11 months ago
While those of us in places like the U.S. are experiencing some relief with access to the COVID-19 vaccine, it has been heartbreaking to see surges in infection, hospitalization, and death across the globe, including the dire situation in India.
Mani Sundaram
Linux 内核安全机制总结
3 years 11 months ago
hurricane618