Aggregator

项目遇到的好玩技巧

Has REvil returned? In this new post by Akamai's SIRT, see a DDoS incident by a threat actor claiming to be REvil.

Read on to get information on Akamai?s new managed database service powered by Linode, to watch a fun video on DDoS attacks, and more.

好久没写真实漏洞挖掘案例了,今天写一笔. 直接发漏洞细节,很生硬,大家也学不到什么,只有带入感情,留下笔者的想法,才能产生共鸣,真正的帮助到别人 这篇文章会设置密码,如果你通过密码查看到了它,你可以转发给其他人,有密码,是因为防止被"某些人"看见,相关漏洞已经修复了. 四个漏洞描述顺序:(1)存储过

0x01 前言在这个信息过载的时代，我既是一名知识汲取的受益者，同时也是知识反噬的焦虑者。作为一名信息安全从业者，需要具有大量的阅读和碎片知识的积累，来帮助自己完善知识体系、提升对安全认知的见...

Java Agent 核心技术JVM之类的热替换原理

NOW I SEE YOU 👁

Summary An emergency directive (ED) from CISA directs U.S. government agencies update VMWare products in response to critical vulnerabilities that could affect those agencies. Threat Type Vulnerability Overview Be advised that X-Force Incident Command is tracking Cybersecurity Directive ED 22-03 and an advisory issued by CISA in response to multiple vulnerabilities in VMware products. The Cybersecurity & Infrastructure Security Agency has issued an emergency directive regarding critical vulnerabilities in t

本文为报告部分精彩内容，内附完整版下载方式

1.汽车行业：《针对德国汽车经销商和制造商的信息窃取活动》;2.勒索专题：《加拿大战斗机培训公司遭LockBit勒索软件攻击》;3.高级威胁：《Lazarus组织利用Log4Shell漏洞针对韩国目标》

机器学习已合并到在线查杀https://n.shellpub.com的正式环境

Meet Mike Schiessl to learn more about his career path, how companies can support a DevOps to DevSecOps transition, and the future of security and business.

无论从网络安全的攻击或是防护视角，信息的采集和甄别都至关重要，其中主机的系统类型是关键出发点。在以往经验中，根据操作系统类型往往能够大致判断其存在的风险点及风险类型，因此，识别主机操作系统类型对系统网络安全防护具有极其重要的意义。

去繁从简高效应聘，公开透明广阔平台

广州，业务安全、蓝军、研发、客户端安全

河马ShellPub更新（内含福利）

Why trying to avoid trusting the KMS doesn't make sense (and other common misconceptions).