Cloud Security

Cisco TelePresence Multiple Products Remote Command Injection Vulnerability (CVE-2015-0713)Cisco TelePresence Multiple Products Remote Command Injection Vulnerability (CVE-2015-0713) Release date:Updated on:Affected Systems: Cisco TelePresence

Oracle MySQL SSL certificate verification Security Restriction Bypass Vulnerability (CVE-2015-3152)Oracle MySQL SSL certificate verification Security Restriction Bypass Vulnerability (CVE-2015-3152) Release date:Updated on:Affected Systems: Oracle

Spam malware has infected thousands of Linux and FreeBSD system servers According to the latest 23-page Security Report published by the anti-virus provider Eset, thousands of Linux and FreeBSD operating system-based servers have been infected with

Juniper Junos Security Restriction Bypass Vulnerability (CVE-2014-6383) Release date:Updated on: Affected Systems:Juniper Networks JUNOSDescription:Bugtraq id: 72071CVE (CAN) ID: CVE-2014-6383 JunosE is an operating system used in the e-series

Etiko CMS index. php Cross-Site Scripting Vulnerability Release date:Updated on: Affected Systems:Etiko CMSDescription:CVE (CAN) ID: CVE-2014-8505 Etiko CMS is a content management system. The Etiko CMS does not validate the index. A cross-site

IOS security vulnerabilities allow attackers to replace installed Legal applications with malicious applications Security company FireEye warned on its official blog that a security vulnerability on iOS devices allows attackers to replace installed

Apache Derby security function Bypass Vulnerability and Denial of Service Vulnerability Released on: 2014-09-04Updated on: 2014-09-05 Affected Systems:Apache Group Derby Description:------------------------------------------------------------------

VLC Media Player "get_chunk_header ()" dual-release Vulnerability Release date: 2011-12-21Updated on: 2011-12-22 Affected Systems:VideoLAN VLC Media Player 1.xDescription:-----------------------------------------------------------------------------

WebKit Multiple Memory Corruption Vulnerabilities (APPLE-SA-2014-08-13-1) Release date:Updated on: Affected Systems:WebKit Open Source Project

WordPress wpSS plugin 'ss _ handler. php' SQL Injection Vulnerability Release date:Updated on: Affected Systems:WordPress wpSSDescription:--------------------------------------------------------------------------------Bugtraq id: 69089 WpSS is the

Linksys WRT110 Cross-Site Request Forgery and Command Injection Vulnerability Release date:Updated on: 2013-07-16 Affected Systems:Linksys WRT110Description:--------------------------------------------------------------------------------Bugtraq id:

Use ICMP tunneling technology for ICMP encapsulation and penetration Firewall 0x00 icmp Tunneling Technology ICMP tunneling technology, also known as Ping tunneling technology, we know that the ping protocol is icmp. When the firewall receives a

How to lock the door to "Cloud" Storage Recently, Hollywood experienced the most serious "****" storm in the history of the entertainment industry. The 101 Hollywood actresses, including Oscar-winning Jennifer Lawrence, well-known singers bud Haina,

Cracking username and password for LAN ControlMany people share a piece of broadband, and they are most afraid of it. For example, during the peak hours at, when others are dying, they are driving BT download by themselves, for example, if some ARP

Four Common evasion techniques for malware Malware escaping technology is always evolving. At the RSA Conference last month, the co-founder of Lastline told a picture of evading technology development. This report titled "exposure and deconstruct of

Inventory: Four application scenarios of full disk encryption technology In this article, expert Karen Scarfone focuses on the advantages of FDE and its application scenarios to help enterprises determine whether this storage encryption technology

Xml file security Parsing XML eXtensible Markup Language, designed for data transmission and storage. Its diverse forms 1. Document Format (OOXML, ODF, PDF, RSS, docx ...) 2. Image Format (SVG, EXIF Headers ,...) 3. configuration file (custom name,

How to perform penetration testing on mobile devices? BYOD and mobile devices pose significant challenges to enterprise security. Some enterprise IT cannot effectively control the mobile devices that store company data, applications, and

How can we better implement Web application penetration testing? The more enterprises rely on network communication and cloud-based data systems, the more likely they are to be attacked and damaged by external attackers. When considering the data

A person's martial arts: analysis of the general idea of penetration testing (1) Preface Penetration Testing is both a technology and an art. This technology (ART) was not made by everyone at the beginning. It is said that no one will walk at birth,