Aggregator

How InfoSec leaders can build successful threat models by defining the threat landscape and its component resources, then asking simple, situational questions.

分享我在使用 python subprocess 进行扫描器开发过程中踩过的坑，以及应用在分布式扫描程序中的时候，可能存在的远程命令执行漏洞。

The Internet is full of information about your company that’s easily accessible to anyone and particularly useful to attackers.

Gray hats might have good intentions launching their “vigilante” botnets, but are they really helping us win the war against Death Star-sized thingbots?

Vulnerabilities are an emergent property of modern software’s complexity, requested features, and the way data inputs are handled.

目前我国无人机发展迅猛，虽然已经有不少机构针对无人机取证进行研究，但是至今为止，尚未有相关取证软件发布。

作为一个学习web安全的菜鸟，前段时间被人问到PHP反序列化相关的问题，以前的博客中是有这样一篇反序列化漏洞的利用文章的。但是好久过去了，好多的东西已经记得不是很清楚。所以这里尽可能写一篇详细点的文章来做一下记录。 我们来参考这里： 我们根据官方文档中的解释，一个一个来进行测试。 __constru

With “thingbots” now launching Death Star-sized DDoS attacks, hosting banking trojans, and causing physical destruction, all signs point to them becoming the attacker infrastructure of the future.

前言 在 Ubuntu 下安装软件非常的方便，几条命令就可以完成软件的下载和安装，不多说，直接上命令。 安装 Redis sudo apt-get update # 更新源 sudo apt-get install redis-server # 安装 redis 启动 redis redis-server Redis 安装完成！ 安装 Composer 首

Cybercriminals continue to send their regards to HBO, as their threats have turned into a stark reality. First, they teased...

The post New Details on HBO Attack Emerge, “Game of Thrones” Actors’ Personal Data Leaked appeared first on McAfee Blog.

Today, we released security updates to provide additional protections against malicious attackers. By default, Windows 10 receives these updates automatically, and for customers running previous versions, we recommend they turn on automatic updates as a best practice. More information about this month’s security updates can be found in the Security Update Guide.

Today, we released security updates to provide additional protections against malicious attackers. By default, Windows 10 receives these updates automatically, and for customers running previous versions, we recommend they turn on automatic updates as a best practice. More information about this month’s security updates can be found in the Security Update Guide.

智能家居是目前国内物联网重要应用途径之一，而近几年，针对智能家居产品入侵的案件屡屡发生。

在美国，汽车已经继传统的取证介质——计算机、手机后，成为第三大取证介质。

This series explores how InfoSec practitioners can use math, technology, and critical thinking to mitigate risk in a world where networks and data have surpassed the scope of human comprehension.

距离上一次写采集教程已经是一年前了，而我已经实习快一个月了，不得不感叹时间过得真快，岁月催人老啊…. 先品尝一下《PHP使用file_ge

Quantum computing is coming. What should your strategy be today to deal with what’s on the horizon?

The night is dark and full of hackers. HBO (Home Box Office, Inc.) has been thrown into chaos, as the...

The post HBO Targeted by a Cyberattack, Potential “Game of Thrones” Scripts and Episodes Leaked appeared first on McAfee Blog.

回顾几个上周北京安全会议上的干货