Cloud Security

Analysis of several security threats facing the medical industry in 2016 At the beginning of 2016, the medical industry suffered from many security incidents, for example, ransomware attacks at the Los Angeles Hospital, ransomware attacks at a

ProSAFE NMS300 Security Vulnerability exploitation Guide A security researcher has released Code stating that two critical security vulnerabilities are available in the Netgear ProSAFE NMS300 network management system. Are you using the Netgear

Apache Tomcat DoS Vulnerability (CVE-2016-3092)Apache Tomcat DoS Vulnerability (CVE-2016-3092) Release date:Updated on:Affected Systems: Apache Group Tomcat 9.0.0.M1 － 9.0.0M6Apache Group Tomcat 8.5.0 － 8.5.2Apache Group Tomcat 8.0.0.RC1 －

Google Chrome opj_j2k_read_SPCod_SPCoc Vulnerability (CVE-2016-1681)Google Chrome opj_j2k_read_SPCod_SPCoc Vulnerability (CVE-2016-1681) Release date:Updated on:Affected Systems: Google Chrome Description: CVE (CAN) ID: CVE-2016-1681Google

ABB PCM600 password hash Vulnerability (CVE-2016-4511)ABB PCM600 password hash Vulnerability (CVE-2016-4511) Release date:Updated on:Affected Systems: ABB pcm600 Description: CVE (CAN) ID: CVE-2016-4511ABB PCM600 is an IED manager for

Lantronix xPrintServer hard-coded credential Vulnerability (CVE-2016-4325)Lantronix xPrintServer hard-coded credential Vulnerability (CVE-2016-4325) Release date:Updated on:Affected Systems: Lantronix xPrintServer Description: CVE (CAN) ID:

Cisco APIC-EM API management notification Spoofing Vulnerability (CVE-2016-1386)Cisco APIC-EM API management notification Spoofing Vulnerability (CVE-2016-1386) Release date:Updated on:Affected Systems: Cisco Application Policy Infrastructure

Huawei UTPS suspicious search path vulnerabilities (CVE-2016-2780)Huawei UTPS suspicious search path vulnerabilities (CVE-2016-2780) Release date:Updated on:Affected Systems: Huawei UTPS Description: CVE (CAN) ID: CVE-2016-2780Huawei UTPS

Pakistan uses an Android APP named SmeshApp to collect Indian Military Intelligence India television CNN-IBN reported that a recent discovery of Pakistan is using a SmeshApp Android APP to collect Indian military intelligence.Google removes

How to Set Up Your iPhone to prevent the FBI from cracking   Recently, the press has been most concerned with the debate between Apple and American courts. The US Court asked Apple to cooperate with the FBI to unlock the mobile phone number of the

Analysis of malicious software detection mechanism bypass by SHA-1 and SHA-2 combination Symantec recently posted on its blog that it is aware of a disturbing attack trend in malware. After stealing a normal SHA-2 certificate, malware can survive

The Porn clicker Trojan struck again, and hundreds of applications were infected with the Porn clicker Trojan.   Recently, ESET security personnel found hundreds of apps infected with Porn clicker Trojans in the Google Play app store. Porn clicker

Best practices for strong passwords (more security authentication levels) Policies One-time password, client certificate, smart card, biometrics and other technologies Add a new level for account security. Two-factor authentication further enhances

WebUSB API: secure network access for your USB devices Two Google engineers developed an API called WebUSB (drafted version), which can Securely connect to your USB device through the WEB without going through a local driver.WebUSB was developed by

Communication XSS analysis of a large network community This XSS exists in an inconspicuous Sub-Forum in Tianya. It can be triggered by publishing a new post.Vulnerability AnalysisThe Forum has certain filtering measures for XSS, such as escaping

SQL Injection for an important website of Tom Online     POST /redeem/tom_ecardExchange.php HTTP/1.1Content-Length: 191Content-Type: application/x-www-form-urlencodedX-Requested-With: XMLHttpRequestReferer: http://tangyuan.tom.com/Cookie: PHPSESSID=0

Toshiba e-STUDIO series printer Vulnerability (unauthorized access) RT Toshiba e-STUDIO Series Printers can access historical printer files and data without authorization, restore printed files, and package and send them. This results in the leakage

You can view the authentication materials of the service platform of a sensitive Department (involving nearly 0.18 million images, ID card photos, reverse photos, license photos, and enterprise licenses) The authentication materials of a service

The SQL injection vulnerability in the main site of hillstone network affects database security. After seeing your recruitment information, I tested it with curiosity ··· POST Data Packet:  POST /pub/iNGFWtest/register.php HTTP/1.1Content-Length: 552

Yonyou software has multiple substations where SQL injection can run all the tables. UFIDA software second-level domain name:SQL Injection exists, and all tables can be run out. 1. SQL injection point 1-GETHttp: // **. **/servicehome/kmview. aspx?