Cloud Security

New utility of php dos Vulnerability: CVE-2015-4024 Reviewed 0x01 how WAF is bypassedAccording to the principles of the php dos Vulnerability, when the multipart_buffer_headers function resolves the value corresponding to the header, there are n

A simple "SwapMouseButton" shellcodeI. Introduction In the last part of the "Windows shellcode development getting started" series, we will compile a simple "SwapMouseButton" shellcode, which swaps the left and right mouse buttons. The basic

Create a Windows Defender offline flash drive to thoroughly eliminate potential Trojan viruses Microsoft's default anti-virus software Windows Defender, like other similar products, relies on constantly updating the virus database to maintain the

Proface GP-Pro EX Stack Buffer Overflow Remote Code Execution VulnerabilityProface GP-Pro EX Stack Buffer Overflow Remote Code Execution Vulnerability Release date:Updated on:Affected Systems: Proface GP-Pro EX Description: Proface GP-Pro EX

Review 2015 of the heartbreaking ransomwareThe old saying goes: It turns out that ransomware will also make people face-to-face, because even the FBI is helpless. The FBI has publicly stated that the smartest choice for a ransomware infection is to

Linux kernel Security Restriction Bypass Vulnerability (CVE-2015-2830)Linux kernel Security Restriction Bypass Vulnerability (CVE-2015-2830) Release date:Updated on:Affected Systems: Linux kernel 〈 3.19.2 Description: CVE (CAN) ID:

Moxa Industrial Managed Switch Denial of Service Vulnerability (CVE-2015-6465)Moxa Industrial Managed Switch Denial of Service Vulnerability (CVE-2015-6465) Release date:Updated on: 2015-09-07Affected Systems: Moxa Industrial Managed Switch EDS-408

Hacking Team: 0-day vulnerability Market Vglad Tsyrklevich shared an article on the Hacking Team's leaked information about 0-day vulnerability exploits in the transaction market. 0-day vulnerability transactions are not widely known, there have

Is it reliable to use a facial expression as a password? What can we do with passwords?Password, it's hard to say you love youGenerally, we recommend that you use a unique, complex, and preferably containing a weird character password, but you will

Foxit PhantomPDF WillClose: Reuse Remote Code Execution Vulnerability after release Affected Systems: Foxit Reader Description: Foxit Reader is a small PDF document viewer and print program.Foxit Reader's WillClose operation has a

Cool music IDC backend leakage can obtain detailed network topology information (typical case of poor division of network boundaries) A typical case where detailed information about all network assets of the company is disclosed due to poor division

Magento has an XSS vulnerability, which allows attackers to manipulate online malls. Magento is an open-source e-commerce system. It is mainly for enterprise applications and can handle e-commerce needs, including shopping, shipping, and product

Self-built CDN defends against DDoS attacks Self-built CDN to defend against DDoS attacks (1): Build a persistent defense line Preface This topic is the content we shared in the OWASP Hangzhou region security salon at the end of 2013. Here we

SQL Injection exists in China Telecom's Telecom broadband center in a city RT Http: // **. **/liucheng. aspSearch box post injectionPOST/liucheng. asp? Login = yes HTTP/1.1Host :**.**.**.**User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv: 42.0)

Beijing Foreign Company Human Resources Service Co., Ltd. SQL Injection Founded in 1979, Beijing Foreign Company Human Resources Service Co., Ltd. (hereinafter referred to as FESCO) is the first company in China to provide professional human

SQL Injection in a media group of China Science Press Good security ,,,,Detailed description: Root @ attack :~ # Sqlmap-u "http: // **. **/s_second.php? Id = 28"____ | _____ ___ {1.0-dev-nongit-20150918}| _-|. |. '|. || ___ | _ |__, | _ || _ | Http :

XML-RPC amplification attack: "Violent aesthetics" against WordPress" Brute force cracking attacks are one of the oldest and most common attacks we have seen on the Internet so far. Hackers can use SSH and FTP protocols to crack your WEB

Common security vulnerabilities and defense methods of PHP websitesCurrently, PHP-based website development has become the mainstream of website development. This article focuses on exploring PHP website attacks and security prevention to reduce

Necurs. P2P: A New Type of peer-to-peer network   Last week, I received a botnet analysis sample from a security researcher who thought it was a point-to-point peer-to-peer network, but after I analyzed it for a few days, I can determine that this

Yahoo fixes mailbox vulnerabilities and researchers receive a $10 thousand prize Yahoo has fixed a vulnerability that attackers can use to hijack users' mailboxes.This vulnerability has serious dangers.According to the latest news, Yahoo has fixed