Aggregator
Chrome Browser Update - May 10 2021
4 years 8 months ago
Summary
Google has released an update to its Chrome web browser for Windows, Mac, and Linux that provides fixes for nineteen vulnerabilities. Of the fifteen CVE-numbered vulnerabilities noted in the advisory, Google has rated thirteen of them as High, and two as Medium.
Threat Type
Vulnerability
Overview
Google has released an update, version 90.0.4430.212, to its Chrome web browser for Windows, Mac, and Linux that provides fixes for nineteen vulnerabilities. Of the fifteen CVE-numbered vulnerabilities note
Why Developers Are Writing Apps on Our Edge Platform
4 years 8 months ago
A lot of companies talk about edge computing today, but at Akamai, we've been doing it for more than 20 years.
Tom Leighton
DarkSide Malware Profile
4 years 8 months ago
The following report provides X-Force Threat Intelligence's analysis of the DarkSide ransomware family based on publicly available samples.
Summary
DarkSide, like other ransomware used in targeted attacks, encrypts user data in compromised computers. Recent variants of DarkSide ransomware enumerates various system properties of the victim and beacons them in an encoded POST request to its C2 address. DarkSide also executes an encoded PowerShell command to delete volume shadow copies. It deletes several s
Colonial Pipeline Falls Victim to Attack
4 years 8 months ago
Summary
A top U.S. fuel pipeline company has suffered a cyber attack that has forced them to halt operations. Several news sources and the company itself have confirmed the attack.
Threat Type
Cyber Attack
Overview
** Update May 10 - 8:50 AM**
The most recent reporting indicates that the attack likely involved DarkSide, a ransomware-as-a-service (RaaS) affiliate operation. DarkSide posted the following statement to their leak site following the attack:
We are apolitical, we do not participate in geopolitics
CodeQL学习——导航调用图 - bamb00
4 years 8 months ago
CodeQL具有用于标识调用其他代码,以及可以被任意位置调用的代码的类。通过这个类你可以找到从未使用过的方法。 调用图类 CodeQL的Java库提供了两个抽象类来表示程序的调用图:Callable和Call。前者是Method和Constructor的公共超类,后者是MethodAccess,Cl
bamb00
Istio自身服务的安全风险
4 years 8 months ago
Istio是目前最受关注的服务网格之一,越来越多的公司开始落地Service Mesh架构,并将已有的系统接入 […]
Rui0
计算的未来30年:2050大会分享实录
4 years 8 months ago
4.24日,我在云栖小镇的「2050大会」上的meetup环节,和一些参与团聚的朋友重点分享了我对于「计算的未来」的观点。恰巧有参与团聚的朋友全程录像和录音了,也因此得以整理成这份文字。
开源信息收集周报#74
4 years 8 months ago
今天,你学习了吗~
开源信息收集周报#74
4 years 8 months ago
今天,你学习了吗~
开源信息收集周报#74
4 years 8 months ago
今天,你学习了吗~
开源信息收集周报#74
4 years 8 months ago
今天,你学习了吗~
开源信息收集周报#74
4 years 8 months ago
今天,你学习了吗~
开源信息收集周报#74
4 years 8 months ago
今天,你学习了吗~
开源信息收集周报#74
4 years 8 months ago
今天,你学习了吗~
连载:演化的高级威胁治理(一)
4 years 8 months ago
序言系统性地接触、思考、规划“高级威胁治理”始于2014年,我的老东家趋势科技在大洋彼岸和FireEye激战正酣,拼沙箱、0 Day、网络检测、邮件检测、威胁情报和安全专家,我开始负责中国区高级威胁治理战略规划,有幸接触和了解这部分新兴领域
连载:演化的高级威胁治理(一)
4 years 8 months ago
序言系统性地接触、思考、规划“高级威胁治理”始于2014年,我的老东家趋势科技在大洋彼岸和FireEye激战正酣,拼沙箱、0 Day、网络检测、邮件检测、威胁情报和安全专家,我开始负责中国区高级威胁治理战略规划,有幸接触和了解这部分新兴领域
连载:演化的高级威胁治理(一)
4 years 8 months ago
序言系统性地接触、思考、规划“高级威胁治理”始于2014年,我的老东家趋势科技在大洋彼岸和FireEye激战正酣,拼沙箱、0 Day、网络检测、邮件检测、威胁情报和安全专家,我开始负责中国区高级威胁治理战略规划,有幸接触和了解这部分新兴领域
【Java 代码审计入门-05】RCE 漏洞原理与实际案例介绍
4 years 8 months ago
【Java 代码审计入门-05】RCE 漏洞原理与实际案例介绍
【Java 代码审计入门-05】RCE 漏洞原理与实际案例介绍
4 years 8 months ago
【Java 代码审计入门-05】RCE 漏洞原理与实际案例介绍