Cloud Security

VLC arbitrary pointer indirect reference vulnerability (CVE-2015-5949)VLC arbitrary pointer indirect reference vulnerability (CVE-2015-5949) Release date:Updated on:Affected Systems: VideoLAN VLC Media Player Description: CVE (CAN) ID: CVE-2015-594

Wireshark ZigBee parser DoS Vulnerability (CVE-2015-6244)Wireshark ZigBee parser DoS Vulnerability (CVE-2015-6244) Release date:Updated on:Affected Systems: Wireshark Wireshark 1.12.x Description: Bugtraq id: 76383CVE (CAN) ID:

Cisco TelePresence VCS Expressway information leakage (CVE-2015-4320)Cisco TelePresence VCS Expressway information leakage (CVE-2015-4320) Release date:Updated on:Affected Systems: Cisco TelePresence Video Communication Server X8.5.2 Description:

Linux Kernel 'virtio-net' fragment Package Processing Buffer Overflow VulnerabilityLinux Kernel 'virtio-net' fragment Package Processing Buffer Overflow Vulnerability Release date:Updated on:Affected Systems: Linux kernel Description: Bugtraq

Pupils exploit software vulnerabilities with EasyFuzzer 1.0 EasyFuzzer is a new fuzzy testing tool. Currently, only file format fuzzy testing is supported. Features: Easy, streamlined, efficient, and intelligent.Easy: it is very easy to use and does

Use showModalDialog to bypass IE's XSS Filtering Today, I want to share with you an article about Xss filtering that uses showModalDialog to bypass IE.The showModalDialog function has been in existence for many years. Although it is currently

Air travel gesture lock easily bypasses and other vulnerabilities and Solutions Security functions are not properly implemented. Test version: the latest version of the android client v2.5.51. In this version, you can set the gesture lock function

Introduction to AAA (I) of Elasticsearch) 0x00 Preface Elasticsearch (Elasticsearch) has been widely used by more and more companies, and its own security problems have also attracted much attention. Recently, many security problems have emerged,

Get network administrator permissions within 17 seconds Many Security Auditors must obtain the permissions of the network administrator of the target network when conducting security audits on the target network environment. This usually makes us

HTTP Content Security Policy (CSP) This document describes W3C Content Security Policy (CSP. As the name suggests, this specification is related to content security. It is mainly used to define the resources that can be loaded on a page to reduce

Backdoor implantation experience and solutions I found that many programs on the server were infected with Trojans and handled trojan files together with developers. This morning I found that the game background could not be opened again. On the

Dedicated to cybersecurity-anti-Black security guard EvaluationAnti-Black security guard is a security software independently developed by Anwei technology with the dual-engine detection and removal function. It can quickly and accurately identify

One SMS Trojan tracking and analysisVirus features Program name: Photo Album Image Package name: com.net.cn Program size: 323 K (331,603 bytes) Mobile phone hardware: MI3/China Mobile Security Software: LBE Security Master/ZjdroidHook

Analysis of a Trojan Horse virus (1)I. Basic Information Sample name: Rub. EXE Sample size: 21504 bytes Virus name: Trojan. Win32.Rootkit. hv Shelling: UPX (3.07) Sample MD5: 035c1ada4bace78dd1_cb0e1d184043 Sample SHA1:

Comparison of common database encryption technologies Abstract: As a database security technology that has emerged in recent years, database encryption has been paid more and more attention. This protection method based on storage layer encryption

IPSec VPN encrypted tunnel Based on ASA firewall As shown in the experiment environment, you can plan the IP address by yourself, and the ISP operator simulates the external internet. The procedure of configuration is as follows.First, configure

Reverse BASICS (13) JAVA (4) 54.15 for an exception, let's modify it a little. The example of monthly processing (in 54.13.4 on page 1) Configuration 54.10: IncorrectMonthException. java public class IncorrectMonthException extends Exception{

Multiple weak passwords in a station on the 19th floor (with test scripts) Multiple weak passwords in a station on the 19th floor (with test scripts) Vulnerability system http://blog.19ued.com/The WordPress blog system is used.Based on WP defects,

A mobile phone system in China causes SQL injection to leak a large number of databases URL: http://subadmin.cnmo.com First, the system will return the user does not exist and the password is wrong. So I started to use top500 to run the user name

Fragment Injection vulnerability Miscellaneous 13 years ago, IBM's security researchers discovered a Google framework layer vulnerability, Fragment injection, which can reset the Android mobile phone PIN code, you should be familiar with figure 1.