Aggregator

The tale of The Three Little Pigs can teach us more than you think about cybersecurity risk.

See how doxxing victims are distributed across industries, company sizes, and revenue tiers. Find Coveware’s data and analysis on doxxing trends in Q4.

A recent piece of malware from a known crypto mining botnet campaign has started leveraging Bitcoin blockchain transactions in order to hide its backup C2 IP address. It's a simple, yet effective, way to defeat takedown attempts.

Ios13增加了判断对象是否属于zone的安全检查，这将导致以前通过伪造内核对象的漏洞利用手段变得困难了

漏洞管理Vulnerability Management就像淘金，攻击者要在扫描报告众多的漏洞中淘出一击即中的金子，防守方要在里面淘出一堆正中要害的。且看小而美的创业公司如何在这个细分领域淘金。

How charities can erase personal data from donated laptops, phones and tablets, before passing them on.

亲身经历，现身说法

这篇文章主要是讨论ios内核堆的分配特性，辟谣下：zalloc内存分配器并没有在释放内存时将object随机插入freelist链表中。

工作中，用到了网络知识，本科时候大部分都学过，刷b站复习一下，以下就是复习笔记。 二层隔离技术-MUX-VLAN 实现PC1，PC2，PC3，PC4可以和Server1访问，PC1和PC2可以互相访问，PC3和PC4不能相互访问，其中VLAN 30 主VLAN，VLAN 10为互通型从VLAN，VL

网商银行安全团队致力于通过创新安全技术守护用户的数据与资金安全，为银行业务数字化转型保驾护航，期待与金融行业

在城市规划领域中有个非常著名的“城市进化模型”，该模型以“监管”为核心，以“规划、建设、运营、评估”为过程，通过不断迭代达到城市持续进化和持续发展的目的，我认为把该模型同样适用于用户安全能力进化场景。

和杨枫（HeavenDuke）老师合作写的一篇分析

I remember well my first day as a member of Akamai's InfoSec department. The Friday prior, I'd just completed the Akamai Technical Academy, a five-month crash-course in all things tech, and was now, on a cold but sunny Monday morning, joining InfoSec for their weekly staff meeting. Eager to make a good first impression, I took a seat at the large, crowded conference table, opened my notebook, and started to take notes.

Using Zero Trust for Microservices with DevSecOps: Advice from USAF’s Nicolas Chaillan

The year three report covers 2019 and aims to highlight the achievements and efforts made by the Active Cyber Defence programe.

嗯...

On 14 July, 2020, Oliver Hough, a security researcher from Cyjax, published a report centered on a phishing campaign targeting banking customers in the United Kingdom, which evades two-factor authentication (2FA).