Aggregator

4月25日在上海参加了ArchSummit全球架构师峰会，分享了一些我对计算的看法，演讲全文如下。各位嘉宾

Reflecting on the cybersecurity threat landscape in 2020, we can't overlook the massive changes that landed on us. Global security attacks increased at a significant pace between 2019 and 2020, and the COVID-19 pandemic only deepened these troubling conditions.

While those of us in places like the U.S. are experiencing some relief with access to the COVID-19 vaccine, it has been heartbreaking to see surges in infection, hospitalization, and death across the globe, including the dire situation in India.

目录: 一、背景与应用场景介绍 二、企业APP面临的问题 三、个人面临的问题 四、解决方案 五、未来展望与总结 一、背景与应用场景介绍 1.1、国家对个人隐私保护越来越重视 2019年初，中央网信办、工信部、公安部及市场监管总局四部门联合发布了《关于开展App违法违规收集使用个人信息专项治理的公告》

当地时间4月27日，美国华盛顿特区大都会警察局发布声明表示，其内部系统遭到黑客入侵，部分数据文件被窃，并且黑

Summary Google has released an update to its Chrome web browser for Windows, Mac, and Linux that provides fixes for nine vulnerabilities. Of the seven CVE-numbered vulnerabilities noted in the advisory, Google has three of them rated as High, three as Medium, and one as Low. Threat Type Vulnerability Overview Google has released an update, version 90.0.4430.93, to its Chrome web browser for Windows, Mac, and Linux that provides fixes for nine vulnerabilities. Of the seven CVE-numbered vulnerabilities noted

中央网信办、工信部、公安部及市场监管总局四部门联合发布了《关于开展App违法违规收集使用个人信息专项治理的公告》，预示着我国在APP隐私层面的治理进入了一个新的高度，期间部分APP采集隐私数据受到了严重处罚。用户权益保护越来越被重视。

Ransomware attacks continued to proliferate in Q1 2021 as several common but unpatched software vulnerabilities created a fresh supply of compromised network access to ransomware affiliates.

本篇文章将分享如何通过MCU的调试接口提取固件

据华盛顿邮报和美联社报道，隶属于美国国防部的一个部门Defense Digita

reference: https://ray-cp.github.io/archivers/qemu-pwn- […]

背景软件供应链（Software Supply Chain）指的是软件从软件供应商到用户使用的整个过程中，从设计软件、编写代码到生成软件的开发环节，再到分发软件和用户下载的交付环节，最终到用户使...

（本文比较偏产品，不涉及技术细节）上一篇文章说到，企业安全建设后期都会有各种各样的平台，比如 WAF、HIDS、SOC、SIEM、SOAR、SDL 等，在大部分互联网公司里，这些平台都是独立的，...

开个新坑，写一些企业安全建设的经验和想法。网络上安全相关的文章，最多的是攻防类的，涉及企业安全建设的基本都是《一个人的安全部》系列，里面往往列举一堆安全工具和服务。对于处于安全建设初期的企业来说...

Summary A Security Advisory for Drupal, SA-CORE-2021-002, addresses a vulnerability rated by Drupal as Critical. Threat Type Vulnerability Overview The Drupal security advisory, SA-CORE-2021-002, addresses a vulnerability that could allow an unauthenticated, remote attacker to conduct a cross-site scripting attack. The vulnerability is caused by a failure to properly sanitize input. The vulnerability has been rated as Critical by Drupal. No CVE number has been provided for the vulnerability. The vulnerabili

Summary The ICS-CERT has published two advisories that affect Horner Automation Cscape and Mitsubishi Electric GOT. Threat Type Vulnerability Overview The ICS-CERT has published two advisories that affect Horner Automation Cscape and Mitsubishi Electric GOT. Further information is available from the advisories which are summarized below. ICS Advisory ICSA-21-112-01 - Horner Automation Cscape CVE-2021-22678 - The affected application lacks proper validation of user-supplied data when parsing project files. T