Aggregator
XXL-JOB漏洞分析与利用
7 months 3 weeks ago
XXL-JOB作为一款流行的分布式任务调度平台,因其强大的功能和易用性,被广泛部署在各种规模的系统中。对于渗透测试人员来说,学习XXL-JOB的漏洞原理,能够在一定程度上提升渗透能力。
Malware hiding in pictures? More likely than you think
7 months 3 weeks ago
There is more to some images than meets the eye – their seemingly innocent façade can mask a sinister threat.
Setting up 2-Step Verification (2SV)
7 months 3 weeks ago
How setting up 2SV can help protect your online accounts, even if your password is stolen.
Announcing Flow-IPC, an Open-Source Project for Developers to Create Low-Latency Applications
7 months 3 weeks ago
Yuri Goldfeld
情报速递20240402|警惕以桃色新闻为主题的“索伦”木马钓鱼
7 months 3 weeks ago
UTCTF2024 WriteUp By Mini-Venom
7 months 3 weeks ago
欢迎喜欢打CTF小伙伴加入
NetNoiseCon: Amplifying the Future of InfoSec
7 months 3 weeks ago
GreyNoise is announcing the launch of NetNoiseCon, an online conference series hosted by GreyNoise aimed at advancing InfoSec education and fostering community collaboration, featuring technical talks and career advice from industry experts.
XZ Utils Backdoor ? Everything You Need to Know, and What You Can Do
7 months 3 weeks ago
Akamai Security Intelligence Group
XZ压缩库供应链攻击事件深度刨析
7 months 3 weeks ago
3月29日,微软的工程师在进行软件性能基准测试时,发现系统SSHD进程CPU占用飙升的异常情况,进一步定位到SSHD中调用的XZ压缩库模块疑似被安插后门,再经过安全社区和开源社区的一系列调查,最终确认这是一次非常严重的供应链攻击事件
Our People and Our Growth: Key Drivers of Akamai?s ESG Strategy
7 months 3 weeks ago
Khalil Smith
盘古实验室连续四年获评年度华为终端安全突出贡献奖
7 months 3 weeks ago
3月28日,华为终端安全奖励计划年度大会在深圳成功举办,盘古实验室作为长久以来华为终端安全关键技术支撑方与合作
CVE-2023-27997-FortiGate-SSLVPN-HeapOverflow
7 months 3 weeks ago
CVE-2023-27997
Swing
NIST Researchers Use Cellphone Compass to Measure Tiny Concentrations of Compounds Important for Human Health
7 months 3 weeks ago
Nearly every modern cellphone has a built-in compass, or magnetometer, that detects the direction of Earth’s magnetic field, providing critical information for navigation. Now a team of researchers at the National Institute of Standards and
Pamela L Corey
安全日报(2024.04.01)
7 months 3 weeks ago
安全日报(2024.04.01)
安全事件周报 2024-03-25 第13周
7 months 3 weeks ago
安全事件周报 2024-03-25 第13周
云安全风险情报(3.1-3.31)
7 months 3 weeks ago
近一个月,云上攻击保持高度的活跃状态,Confluence、GitLab相关漏洞热度持续霸占榜单,”ChatGPT-Next-Web服务器端请求伪造 漏洞新上热榜,在受攻击行业方面,技术服务、电商等行业持续霸占榜单。
360QUAKE全网测绘:XZ Utils后门事件全球影响
7 months 3 weeks ago
+微信号:quake_360, 获取更多信息哦~
aiohttp目录穿越漏洞(CVE-2024-23334)分析
7 months 3 weeks ago
aiohtp 是构建于 Python l/0 框架 AsyncI0 之上的开源库,用于处理无需基于传统线程网络的大量并发HTTP请求。启明星辰ADLab研究员在漏洞情报跟踪中发现aiohttp存在目录遍历漏洞,并对其进行了深入分析和验证。
山东省移动应用三月份安全态势
7 months 3 weeks ago
TideInspire(潮启)是由新潮信息Tide安全团队自研推出的一款移动端安全管控平台。通过利用该平台获取的数据,进而对山东省移动应用数量、恶意仿冒应用分布情况,安全漏洞数量等九个方面进行总结与展示。