Aggregator
Dell security advisory (AV25-642)
LightCube 十周年
十年前的午后,我在b站刷到了一个视频, 视频介绍了如何在 OpenShift 平台上搭建 WordPress 博客。
很多年后,我才意识到那是一个多么生机勃勃的时代:Docker、K8s、Vue 才刚起步,字节才刚开始融资,AS3 还没凉,自然语言对话服务还是谷歌 DialogFlow,微软小冰,IBM Waston。
可惜我找不到那个视频了,估计是被删了吧。但好在我跟着视频一步步搭建的博客,陪我记录了这十年。
我在 9 月 28 日凌晨发了这条朋友圈。原本是想等到 10 月 4 日再写些东西叙叙旧,奈何一想到 10 周年就心潮澎湃,就提前开始“预热”了。😂
此刻,我正坐在同样的沙发上,同样面朝阳台,写下这段文字,和十年前一样。
回看黑历史你可以结合 文章归档 页面,和我一起回忆我的“黑历史”。
我很少有能一直坚持下来的事情,很多 Side Project 都是轰轰烈烈开个头,三分钟热度一过,就再也不管了。写博客最初的动力源于 WordPress 后台给了我种打扮 QQ 空间的感觉,我可以换好看的主题,装一堆插件。但它比 QQ 空间的可定制程度更高,我可以通过自己的域名访问,可以在页面底部加自己的 Copyright 版权信息,一切都是自己的东西。
在按自己的想法装扮完页面后,我想着得写点东西挂上去充数。那会儿我刚上高中,身上的“中二”气息还没褪去,再加上高中开局不利,考试成绩接连爆炸,所以写了些很丧又很幼稚的文章。现在看来真是黑历史。到了 2016 年的高二,我因为接触 WordPress 而开始学习 PHP 语言,但那时同样很难找到东西写,便把自己发的 QQ 空间说说转载到博客来,这样“滥竽充数”也就成为一篇文章了。文章大多很短,有些还很意识流,我已经看不懂当时的自己想表达什么了。
2016 年下半年,我关注了「差评」公众号,在那之后的文章,会不自觉地去模仿差评公众号文章的标题和文笔。并且都是先发表在个人公众号,再顺带转载到博客。到了 2017 年,我终于是能写点正经技术文章了,我分享了如何给 WordPress 全站开启 CDN、写 C# 时踩得坑、用 CodeIgniter 框架写得小项目、用 PHP 写得微博爬虫…… 直到这里,我才算真正产出了能帮助别人文章。
2018 年高考结束后的暑假,我分享了自己开发的微信小程序的前后端实现,如何实现树莓派的内网穿透,初识 Jenkins 等。上了大学后,大学的自由让我能自主规划去学很多新东西,博客文章也是一篇接着一篇。从 CTF 到 Docker、PHP Swoole、PHP 内核(虽然只开了头)、CI/CD、Serverless 函数计算、Redis、Vue,再到现在混饭吃用的 Go。我在那时开了 Apicon 这个坑,把我学到的这些东西融入到了这个项目里,就当是自娱自乐。
时间来到 2020 年的疫情,那年我主要是在开发 CTF 平台 Cardinal,博客文章记录了我运营这个开源项目的感受,技术上和心理上的都有,虽然都比较“稚嫩”。2020 年下半年,我将重心投入到了在 ForkAI 的工作中,博客更新频率大不如从前。我在工作中接触到了 Macaron 框架和依赖注入,还被安利了《黑客与画家》这本书,我也总结了篇读书小记。
2021 年我开了很多坑,比如 EggMD 协作文档、Elaina 代码运行器、mebeats 小米手环心率采集、asoul.video 视频站等。每个项目都有可以分享的内容,都是一篇独立的文章。(虽然很多项目后来我就没维护过了)
这里我想重点表扬下 《Your Soul, Your Beats! —— 小米手环实时心率采集》 这篇文章,这是所有文章中访问量最多的一篇,直到文章发布 4 年后的现在,每天都还有人阅读。抛开文章内容的实用性不谈,更重要的是这篇文章详细描述了我当时一步步解决问题的思路和方法技巧。 我首先使用软件检测电脑蓝牙,再逐步扩展到编写代码操作蓝牙;在遇到依赖库年久失修无法使用的情况时,我又是如何成功找到还在维护且可用的库;最后照应前文一步步的软件操作,将功能编写为代码。直到今天,我都认为这篇文章写得真的真的很好!
2022-2023 年,又是 allin 工作的一年,文章产出更是大幅减少。这段时间的工作内容主要集中在 Kubernetes 集群,所以抽空写得文章都是些集群相关的骚操作。
2024 年中,我入职了鹅厂。工作强度相比前几年小了很多,我有更多的时间去思考,去动手做一些新东西。刚入职的那一个月,几乎每个周末都能写一个新项目出来。(虽然很多都还没开源) 我开发了 Sayrud,它现在也被我用来搭建博客的评论后端。我基于 Traefik ForwardAuth 开发了自己的集群统一认证 ikD,现在我服务器集群对外暴露的所有服务,都已经接入了;甚至该 Side Project 还被我成功引入到了公司团队内,稍作修改后作为团队成员登录各服务的统一认证。😄 之后又自己实现了个大模型套壳站,这段关于大模型应用的开发经验也被我用在了公司的项目中。我发现 2024 年后,我在闲暇时间自己研究的事情——无论是开发的 Side Project,还是在自己的 Kubernetes 集群或者腾讯云运维中积累的知识,在未来的某一天都能反哺到我的工作中。颇有种我提前预判了我的工作,提前就给做完了的感觉。(叠甲:这并不是说我之后就开始摸鱼了,当然是在追求更加精益求精 😛)我很喜欢无心插柳柳成荫的意外收获,希望这样的日子能永远永远地继续下去。
未来我是一个很在意他人看法的人,不止是他人对我口头评价的看法,也体现在比如 Twitter 粉丝,博客文章评论量这些事情上。我会因为 GitHub Follower 数 -1 或者博客一直没人评论而烦恼,会因为日常工作中他人对我态度不友好而内耗一整天,即使这很有可能是我听错了或者想多了。我时常会在睡前突然想起白天尴尬的事情,然后在床上缩成一团。我会评判自己白天是不是哪句话说得不对,给别人留下了不好的印象。我时常会将自己的成就归结于百年难遇的运气爆棚,进而陷入自我怀疑,会有种不配得感。
反过来也是同样,我对收到来自别人的反馈或者肯定可以兴奋地睡不着觉。之前很长一段时间没有维护过 NekoBox,偶然收到了来自用户的打赏和鼓励,那天晚上就跟打了鸡血一样写新功能肝到凌晨三四点。在工作中也同样,一旦收到了正反馈,我就会感觉这是自我价值得到了实现,自愿加班到 11 点后,开始抱怨为什么空调关了只能被迫下班。
能让我坚持将一件事情做下去的动力有两个。一个是我能从中持续得到反馈,让我觉得自己的所作所为是被看见了的。另一个是我能“吃自己的狗粮”,我自己也会作为用户,会去不断使用我所创造的东西。 NekoBox 是前者,ikD 是后者。
站在十年这个时间点,我觉得得立个 Flag 做点什么。我在年初注册了 nekobase.com 这个域名,并备了案。我想开个新坑,将我博客中用到的服务组件作为 SaaS 开放出来,供大家使用(例如评论后端、代码运行器服务等),顺带继续拓宽技术栈,去做些“更高级的 CRUD”。我也不知道这个服务会不会有人来用,但至少我自己的博客会迁移过去,能 dogfooding 的话,就不会半路弃坑吧。(应该吧)
我不知道下个十年的自己会身在何处,但当下,我发自内心地十分满意现在的工作和生活,希望这样的日子能永远永远地继续下去。
NCSC Warns of Oracle E-Business Suite 0-Day Vulnerability Actively Exploited in Attacks
NCSC has issued an urgent warning regarding a critical zero-day flaw in Oracle E-Business Suite (EBS) that is currently being exploited in the wild. Tracked as CVE-2025-61882, the vulnerability resides in the BI Publisher Integration component of Oracle Concurrent Processing and allows unauthenticated remote code execution. Organisations running EBS versions 12.2.3 through 12.2.14—especially those exposed […]
The post NCSC Warns of Oracle E-Business Suite 0-Day Vulnerability Actively Exploited in Attacks appeared first on Cyber Security News.
LinkedIn sues ProAPIs for $15K/Month LinkedIn data scraping scheme
New ‘Fully Undetectable’ Android RAT Discovered on GitHub
Hosted at the repository “Huckel789/Android-RAT,” this fully undetectable (FUD) RAT is designed to evade antivirus detection permanently, maintain persistence in battery-optimized environments, and deliver a feature-rich command-and-control (C2C) experience entirely from a web interface. This Android RAT sets itself apart by eliminating the traditional requirement for a desktop or laptop in the attack chain. A […]
The post New ‘Fully Undetectable’ Android RAT Discovered on GitHub appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
Вы уже скачали Windows 11? Проверьте свои аккаунты: возможно, они уже не ваши
How Exposure Management Helped Three Companies Transform Their Cybersecurity Program
Part two of our Exposure Management Academy series on exposure management maturity explores how organizations like Drogaria Araujo, Tenable and Verizon have applied exposure management to strengthen their security postures.
Key takeaways:- Case studies of Drogaria Araujo, Tenable and Verizon illustrate how exposure management provides tangible benefits to organizations of different sizes and security maturity levels.
- The companies improved visibility, unified siloed data and prioritized risks that create attack paths leading to their organizations’ most critical assets.
- Implementing exposure management principles is a crucial step for organizations aiming to enhance their security posture and mitigate cyber threats effectively.
In the first post in this series, we explored the five stages of the Exposure Management Maturity Model: Ad Hoc, Defined, Standardized, Advanced and Optimized.
In this post, we explore three case studies to understand how an exposure management platform can help organizations advance their cybersecurity programs. We look at how the core principles of exposure management, supported via the implementation of an exposure management platform, helped these companies achieve better cybersecurity and compliance outcomes.
Drogaria Araujo uses exposure management to improve attack surface visibilityDrogaria Araujo, a leading Brazilian pharmacy chain, turned to exposure management to improve attack surface visibility and gain the context the CISO needed to report on his company’s highest-risk exposures and demonstrate compliance with Brazil’s General Data Protection Law (LGPD).
Drogaria Araujo relies on a geographically dispersed, hybrid infrastructure consisting of traditional IT systems and a rapidly growing cloud footprint. Prior to embracing exposure management, the company’s initial security practices depended on basic vulnerability assessment of their IT infrastructure. This resulted in a storm of noisy findings — and a lot of remediation tickets — which strained security and IT teams, despite the fact that these assessments didn’t pull in findings from cloud, identity or OT systems.
Typically, most organizations would look to evolve vulnerability assessment to a vulnerability management program, or maybe a more robust risk-based vulnerability management program. But the firm’s team set its sights on a holistic exposure management program that could better satisfy its needs, one that accounted for the expanding attack surface and encompassed all cybersecurity risks that lead to exposure.
The company said it selected the Tenable One Exposure Management platform because it provides a unified view of the attack surface across on-premises, cloud, identity and OT environments. This enables the security team to spot cloud misconfigurations and identity-related weaknesses, in addition to traditional software vulnerabilities, that, when combined, create attack paths for threat actors.
Drogaria Araujo’s experience demonstrates how an organization can quickly and cost-effectively expand its visibility with an exposure management platform.
Tenable turns to exposure management to integrate and unify security dataAt Tenable, the need to consolidate security data from across more than 50 tools, improve prioritization and automate reporting were the catalysts for implementing an exposure management program.
Tenable’s CSO began the exposure management journey by establishing a central team that could own all security policies across various security domains, including vulnerability management, cloud security, web application security and others. It made sense to extend the charter of the vulnerability management team to exposure management as the central control point. But this alone was not enough.
Tenable recognized it also needed to unify its asset and risk data across disparate tools, so it used the Tenable One Exposure Management Platform to aggregate data from Tenable-specific tools and provide rich relationship context, prioritization and KPIs. Following Tenable’s acquisition of Vulcan Cyber, the security team was able to feed data from third-party tools into Tenable One.
Within the first 48 hours of turning on this new third-party data ingestion capability, Tenable was able to integrate and unify data from 15 third-party tools. Reporting, which previously took the security team an average of three days to manually create, became available in minutes. In addition, the exposure management team was able to extend its scope of visibility from less than 10,000 assets to more than 100,000, representing the entire attack surface, and reduce alert to ticket volume by 1,500 to 1 — all with the same number of staff.
Assess your exposure management maturityDo you have elements of an exposure management program in place? Take our exposure management maturity assessment to find out.
Verizon uses exposure management to prioritize real-world risks and exploitable threatsGlobal telecommunications leader Verizon faced the inherent challenges of managing one of the most vast and complex attack surfaces in the world. Like many large organizations, security teams at Verizon had traditionally operated in silos, each with its own specialized tools and priorities for areas like attack surface management, vulnerability scanning, identity exposure and cloud security.
However, this siloed approach hindered efficient response and raised the potential for visibility gaps falling outside a team's specific area of responsibility or expertise. Recognizing that a reactive approach to managing risk wasn’t enough, Verizon shifted its cybersecurity focus to proactive exposure management.
In a recent case study and blog post, Verizon said it chose to consolidate its proactive security efforts onto a single platform — Tenable One. This move enabled the integration of data from various security domains, providing a unified view of assets and associated risks. This consolidation was not just a technological shift but also an organizational one, requiring a change in how teams collaborated and shared data. Through transparent communication and demonstrating early value, Verizon was able to unify its security functions, including previously separate attack surface management, Active Directory, IoT and OT security teams.
A core principle of Verizon's new exposure management program is prioritizing real-world risks and exploitable threats rather than addressing every risk finding. The company prioritizes risks that are part of a realistic attack path leading to "crown jewel" assets. This approach enables it to strategically address the most significant exposures, enabling clearer communication with executives about what is at risk and the most urgent priorities, ultimately shifting from a compliance-driven to a risk-based security posture.
Harnessing the power of exposure managementThese case studies illustrate the very real benefits of exposure management. Whether you're looking to unify siloed data or achieve the highest levels of proactive security, exposure management provides the framework.
Learn more- Ready to understand where your organization stands and how to accelerate your journey? Take our exposure management maturity assessment. In less than five minutes, you’ll get a personalized report with recommendations tailored to your organization.
How Exposure Management Helped Three Companies Transform Their Cybersecurity Program
Part two of our Exposure Management Academy series on exposure management maturity explores how organizations like Drogaria Araujo, Tenable and Verizon have applied exposure management to strengthen their security postures.
Key takeaways:- Case studies of Drogaria Araujo, Tenable and Verizon illustrate how exposure management provides tangible benefits to organizations of different sizes and security maturity levels.
- The companies improved visibility, unified siloed data and prioritized risks that create attack paths leading to their organizations’ most critical assets.
- Implementing exposure management principles is a crucial step for organizations aiming to enhance their security posture and mitigate cyber threats effectively.
In the first post in this series, we explored the five stages of the Exposure Management Maturity Model: Ad Hoc, Defined, Standardized, Advanced and Optimized.
In this post, we explore three case studies to understand how an exposure management platform can help organizations advance their cybersecurity programs. We look at how the core principles of exposure management, supported via the implementation of an exposure management platform, helped these companies achieve better cybersecurity and compliance outcomes.
Drogaria Araujo uses exposure management to improve attack surface visibilityDrogaria Araujo, a leading Brazilian pharmacy chain, turned to exposure management to improve attack surface visibility and gain the context the CISO needed to report on his company’s highest-risk exposures and demonstrate compliance with Brazil’s General Data Protection Law (LGPD).
Drogaria Araujo relies on a geographically dispersed, hybrid infrastructure consisting of traditional IT systems and a rapidly growing cloud footprint. Prior to embracing exposure management, the company’s initial security practices depended on basic vulnerability assessment of their IT infrastructure. This resulted in a storm of noisy findings — and a lot of remediation tickets — which strained security and IT teams, despite the fact that these assessments didn’t pull in findings from cloud, identity or OT systems.
Typically, most organizations would look to evolve vulnerability assessment to a vulnerability management program, or maybe a more robust risk-based vulnerability management program. But the firm’s team set its sights on a holistic exposure management program that could better satisfy its needs, one that accounted for the expanding attack surface and encompassed all cybersecurity risks that lead to exposure.
The company said it selected the Tenable One Exposure Management platform because it provides a unified view of the attack surface across on-premises, cloud, identity and OT environments. This enables the security team to spot cloud misconfigurations and identity-related weaknesses, in addition to traditional software vulnerabilities, that, when combined, create attack paths for threat actors.
Drogaria Araujo’s experience demonstrates how an organization can quickly and cost-effectively expand its visibility with an exposure management platform.
Tenable turns to exposure management to integrate and unify security dataAt Tenable, the need to consolidate security data from across more than 50 tools, improve prioritization and automate reporting were the catalysts for implementing an exposure management program.
Tenable’s CSO began the exposure management journey by establishing a central team that could own all security policies across various security domains, including vulnerability management, cloud security, web application security and others. It made sense to extend the charter of the vulnerability management team to exposure management as the central control point. But this alone was not enough.
Tenable recognized it also needed to unify its asset and risk data across disparate tools, so it used the Tenable One Exposure Management Platform to aggregate data from Tenable-specific tools and provide rich relationship context, prioritization and KPIs. Following Tenable’s acquisition of Vulcan Cyber, the security team was able to feed data from third-party tools into Tenable One.
Within the first 48 hours of turning on this new third-party data ingestion capability, Tenable was able to integrate and unify data from 15 third-party tools. Reporting, which previously took the security team an average of three days to manually create, became available in minutes. In addition, the exposure management team was able to extend its scope of visibility from less than 10,000 assets to more than 100,000, representing the entire attack surface, and reduce alert to ticket volume by 1,500 to 1 — all with the same number of staff.
Assess your exposure management maturityDo you have elements of an exposure management program in place? Take our exposure management maturity assessment to find out.
Verizon uses exposure management to prioritize real-world risks and exploitable threatsGlobal telecommunications leader Verizon faced the inherent challenges of managing one of the most vast and complex attack surfaces in the world. Like many large organizations, security teams at Verizon had traditionally operated in silos, each with its own specialized tools and priorities for areas like attack surface management, vulnerability scanning, identity exposure and cloud security.
However, this siloed approach hindered efficient response and raised the potential for visibility gaps falling outside a team's specific area of responsibility or expertise. Recognizing that a reactive approach to managing risk wasn’t enough, Verizon shifted its cybersecurity focus to proactive exposure management.
In a recent case study and blog post, Verizon said it chose to consolidate its proactive security efforts onto a single platform — Tenable One. This move enabled the integration of data from various security domains, providing a unified view of assets and associated risks. This consolidation was not just a technological shift but also an organizational one, requiring a change in how teams collaborated and shared data. Through transparent communication and demonstrating early value, Verizon was able to unify its security functions, including previously separate attack surface management, Active Directory, IoT and OT security teams.
A core principle of Verizon's new exposure management program is prioritizing real-world risks and exploitable threats rather than addressing every risk finding. The company prioritizes risks that are part of a realistic attack path leading to "crown jewel" assets. This approach enables it to strategically address the most significant exposures, enabling clearer communication with executives about what is at risk and the most urgent priorities, ultimately shifting from a compliance-driven to a risk-based security posture.
Harnessing the power of exposure managementThese case studies illustrate the very real benefits of exposure management. Whether you're looking to unify siloed data or achieve the highest levels of proactive security, exposure management provides the framework.
Learn more- Ready to understand where your organization stands and how to accelerate your journey? Take our exposure management maturity assessment. In less than five minutes, you’ll get a personalized report with recommendations tailored to your organization.
The post How Exposure Management Helped Three Companies Transform Their Cybersecurity Program appeared first on Security Boulevard.
IBM security advisory (AV25-641)
天文学家发现至今信号最强的奇异电波圈
Hackers Allegedly Breach Huawei Technologies, Leak Source Code and Internal Tools
Cybersecurity researchers are reporting an alleged security breach involving Chinese technology giant Huawei Technologies, with hackers claiming to have accessed and leaked sensitive source code and internal development tools. The incident, which surfaced through social media channels, represents a potentially significant security compromise of one of the world’s largest telecommunications equipment manufacturers. Hacker illustrating world’s biggest […]
The post Hackers Allegedly Breach Huawei Technologies, Leak Source Code and Internal Tools appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
Паспорта, IP и карты. Хакеры взломали Discord
Android and Windows gamers worldwide potentially affected by bug in Unity game engine
Scattered Lapsus$ Hunters Extorts Victims, Demands Salesforce Negotiate
The threat group Scattered Lapsus$ Hunters, which last month said it was shutting down operations, is back with a data leak site listing dozens of high-profile Salesforce customers and claiming to have stolen almost 1 billion data files. The group is demanding that Salesforce negotiate with it or risk the data being released.
The post Scattered Lapsus$ Hunters Extorts Victims, Demands Salesforce Negotiate appeared first on Security Boulevard.
Cloud Monitor Provides Affordable Visibility and Control at Western Reserve Academy
Western Reserve Academy Balances Security and Privacy in Google Workspace and Microsoft 365 Western Reserve Academy is an independent boarding and day school in Hudson, Ohio that prides itself on providing a top-tier learning environment supported by modern technology. Matt Gerber, Chief Information Officer, and Brian Schwartz, Director of Network Administration, lead the school’s technology ...
The post Cloud Monitor Provides Affordable Visibility and Control at Western Reserve Academy appeared first on ManagedMethods Cybersecurity, Safety & Compliance for K-12.
The post Cloud Monitor Provides Affordable Visibility and Control at Western Reserve Academy appeared first on Security Boulevard.
Ультиматум с девятью нулями: у Salesforce есть несколько дней, чтобы решить судьбу почти миллиада строк данных
eBook: Defending Identity Security the Moment It’s Threatened
Credential-based attacks happen in seconds. Learn how to block weak or stolen passwords instantly, safeguard accounts in real time, and reduce helpdesk headaches with automated defense. Enzoic delivers lightweight APIs that: Block weak or compromised passwords at creation/reset Stop stolen username/password pairs at login in real time Deploy in minutes with no added friction for users Make every authentication attempt a security checkpoint. Download eBook: Defending Identity Security the Moment It’s Threatened
The post eBook: Defending Identity Security the Moment It’s Threatened appeared first on Help Net Security.
捆绑LetsVPN安装程序银狐最新攻击样本分析
CISA Adds Seven Known Exploited Vulnerabilities to Catalog
CISA has added seven new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation.
- CVE-2010-3765 Mozilla Multiple Products Remote Code Execution Vulnerability
- CVE-2010-3962 Microsoft Internet Explorer Uninitialized Memory Corruption Vulnerability
- CVE-2011-3402 Microsoft Windows Remote Code Execution Vulnerability
- CVE-2013-3918 Microsoft Windows Out-of-Bounds Write Vulnerability
- CVE-2021-22555 Linux Kernel Heap Out-of-Bounds Write Vulnerability
- CVE-2021-43226 Microsoft Windows Privilege Escalation Vulnerability
- CVE-2025-61882 Oracle E-Business Suite Unspecified Vulnerability
These types of vulnerabilities are frequent attack vector for malicious cyber actors and pose significant risks to the federal enterprise.
Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities established the KEV Catalog as a living list of known Common Vulnerabilities and Exposures (CVEs) that carry significant risk to the federal enterprise. BOD 22-01 requires Federal Civilian Executive Branch (FCEB) agencies to remediate identified vulnerabilities by the due date to protect FCEB networks against active threats. See the BOD 22-01 Fact Sheet for more information.
Although BOD 22-01 only applies to FCEB agencies, CISA strongly urges all organizations to reduce their exposure to cyberattacks by prioritizing timely remediation of KEV Catalog vulnerabilities as part of their vulnerability management practice. CISA will continue to add vulnerabilities to the catalog that meet the specified criteria.