Cloud Security

First Android malware developed in Kotlin programming language exposure, kotlinandroid Network security vendors have discovered the new Android malware family and have basically confirmed that it is the first malicious tool developed in the Kotlin

IBM Security Key Lifecycle Manager Vulnerability (CVE-2017-1669)IBM Security Key Lifecycle Manager Vulnerability (CVE-2017-1669) Release date:Updated on:Affected Systems: IBM Tivoli Key Lifecycle Manager 2.7IBM Tivoli Key Lifecycle Manager 2.6IBM

Cisco 8800 Series IP Phone Unauthorized Access Vulnerability (CVE-2016-1435)Cisco 8800 Series IP Phone Unauthorized Access Vulnerability (CVE-2016-1435) Release date:Updated on:Affected Systems: Cisco IP Phone 8800 Description: CVE (CAN) ID:

Cisco AsyncOS Memory leakage Denial of Service Vulnerability (CVE-2016-1383)Cisco AsyncOS Memory leakage Denial of Service Vulnerability (CVE-2016-1383) Release date:Updated on:Affected Systems: Cisco AsyncOS Description: CVE (CAN) ID: CVE-201

Citrix Command Center SQL injection vulnerability in CVE-2015-7999)Citrix Command Center SQL injection vulnerability in CVE-2015-7999) Release date:Updated on:Affected Systems: Citrix Command Center Citrix Command Center Description: CVE (CAN)

Ibm was Liberty Profile oidc xss Vulnerability (CVE-2016-0283)Ibm was Liberty Profile oidc xss Vulnerability (CVE-2016-0283) Release date:Updated on:Affected Systems: Ibm was Liberty Profile Description: CVE (CAN) ID: CVE-2016-0283IBM

Adobe is releasing a patch for Flash's "critical vulnerability ". Adobe is releasing a patch for Flash's "critical vulnerability". Why? Why is "you" used in the title 」? No way. Adobe does not do this once or twice... in this case, they released

Technology sharing: Build poc for malware by using python and PyInstaller Disclaimer: This article is intended to be shared and never used maliciously!This article mainly shows how to use python and PyInstaller to build some poc of malware.As we all

You are not afraid of getting your pants removed. Password security can be guaranteed in this way. In the previous article "Designing the correct posture of a secure account system", I mainly proposed some design methods and ideas, but did not

Comments: 7jdg's blog. This is a long-haired blog .... the genie also wrote a exploitation tool and couldn't find it. add it back .. in ystem32, msv1_0.dllxp sp2F8 10 75 11 B0 01 8B 4D is changed to E0 00 75 11 B0 01 8B 4D2k 1_sinalf8 10 0F 84 71 FF

Comments: Maybe you will ask -- isn't Cain used for sniffing? How can I restore the encrypted password? That's right! Today, I accidentally discovered that Cain also had a good usage skill in the Penetration Process. It was used to restore the

Reset any user password in a system of Tongcheng Network (sensitive data is easily leaked) The problem occurs in the self-help ebk system. In order not to affect your online account business, use a test account for demonstration.Address: http://ebk.

Oracle Releases emergency Java security updates to fix a critical vulnerability Oracle has released an emergency Java security update that fixes a critical vulnerability (CVE-2016-0636, CNNVD-201603-377 ).Vulnerability OverviewOracle responds so

The getshell vulnerability exists due to improper verification by a domain name vendor (information such as + member account and password is leaked) Posanaka!Leakage of a large amount of user information # Control of 18658 domain name resolution #

In those years, we will explore the global protection of SQL Injection Bypass wide byte injection.0x01 background First, let's take a look at the wide byte injection. The wide byte injection is caused by the error set: set character_set_client = gbk

Shiba Property Insurance Co., Ltd. Improper O & M verification code can be bypassed, resulting in a large amount of insurance information leakage The improper O & M of Shiba Property Insurance Co., Ltd. leads to leakage of a large amount of

A large amount of information leaked by drug users purchased by drug network (including/user sign \ User detailed address \ User Name \ User email \ purchase time \ Drug Name \ etc) Rt   Http://www.12yao.com/user/log.txtUser log leakage,

A pseudo-static SQL Injection on a video game Bus A pseudo-static injection on a video game Bus Http://yxsg.tgbus.com: 80/db/jineng/309 xor sleep(52.16.shtmlSqlmap needs to use between. py [21:44:52] [WARNING] changes made by tampering scripts are

There are two SQL injections for an OEM device product (No Logon is required and many security vendors are involved) Http: // **. **/bugs/wooyun-2010-0122195According to the previous report, two other injections are also found.Article 1:  /Topframe.

From crash to vulnerability exploits: bypass aslr Vulnerability Analysis) 0 × 01 Introduction This is an out-of-bounds read bug that exists in Internet Explorer 9-11. The vulnerability exists for nearly five years and was not found until April 2015.