Cloud Security

Huawei WS318 predictable random number generator Vulnerability Release date:Updated on: Affected Systems:Huawei WS318Huawei WS318Description:Bugtraq id: 71787 Huawei WS318 is a wireless router product. A predictable random number generator

Android Hacking Part 1: Attack and Defense (serialization) of Application Components) With the rapid growth of mobile apps, mobile app security has become the hottest topic in the security field. In this article, let's take a look at how to attack

APP security analysis-taxi hailing Software Recently, I found that the APK of a taxi hailing software is very popular. I heard that they are providing very strict protection to prevent users from packing twice. Today, let's analyze how secure he is.

Vulnerability warning: FTP exposes a severe remote execution vulnerability, affecting multiple versions of Linux (with a detection script) On July 6, October 28, a public email showed the FTP remote command execution vulnerability. The vulnerability

Play bad vulnerability: Let the CVE-2014-4113 overflow Win8 1. Introduction In October 14, 2014, Crowdstrike and FireEye published an article describing a new Windows Elevation of Privilege Vulnerability.Articles about CrowdstrikeMing: This new

Shellshock analysis CVE-2014-6271 Some time ago, the shell-breaking vulnerabilities made various companies very busy. The vulnerabilities have been around for a while, and the analysis of the Internet has also been transferred. When they stop, it's

Apache POI Denial of Service Vulnerability (CVE-2014-3574) Released on: 2014-09-03Updated on: Affected Systems:Apache Group POI 3.11.xApache Group POI 3.10.xDescription:Bugtraq id: 69648CVE (CAN) ID: CVE-2014-3574 Apache POI is an open-source

Node. js qs module DoS Vulnerability Release date:Updated on: 2014-3 3 Affected Systems:Nodejs NodejsDescription:Bugtraq id: 70115 Node. js is a platform built on Chrome's JavaScript runtime environment for building network applications. The

Self-diagnosis and repair of "shell-breaking vulnerabilities" Self-diagnosis and repair of [Shell Cracking vulnerabilities] a Bash vulnerability, also known as a "Shell Cracking Vulnerability", can cause remote attackers to execute arbitrary code on

Linux Kernel Local Privilege Escalation Vulnerability (CVE-2014-0205) Release date:Updated on: Affected Systems:Linux kernelDescription:Bugtraq id: 69725CVE (CAN) ID: CVE-2014-0205 Linux Kernel is the Kernel of the Linux operating system. Linux

How to protect the Apache HTTP Server by configuring fail2ban? (1) Apache HTTP servers in the production environment may be attacked in different ways. Attackers may use brute force attacks or execute malicious scripts to attempt to access

Analysis: event records of one intrusion into Linux servers This vulnerability is common in ColdFusion and content management systems. In some cases, a specific attack may succeed, and a high-value server may cause significant data leakage. In

A city cartoon system has a severe privilege escalation vulnerability, which may cause a large amount of financial data leakage.   A city cartoon system has a severe privilege escalation vulnerability, which may cause a large amount of financial

Smart Home can remotely control devices of other people's homes. I like your design and admire the magic design of smart config,But it's a little worse.Oribo WiWo s20 smart Outlet Protocol Analysis:Control Switch  Uid = MAC + 0x202020202020MAC

Security problems caused by mobile bank https certificate validity VerificationPreface: In the actual project code audit, it is found that many mobile banking currently Use https communication, but it is only a simple call and does not verify the

About your battle: simple and beautiful hacking gamesThis is a simple and beautiful little game mounted on Github. It seems nothing special, challenges test your exploration of various programming languages or at a higher level (today I am not low-I

Xuehesi sensitive information leakage caused by an unfixed SQL injection vulnerability in a substation SQL injection vulnerability in a business This is an SQL injection vulnerability in the talent recruitment system. It is generally considered that

Past, present, and future of Web attack Log Analysis0x00: Preface When talking about log analysis, most people feel that this is an afterthought behavior. When hackers succeed, the website will be hacked. When an operator finds out, the security

Ecshop csrf defense bypasses the background sensitive function csrf getshell   Supports csrf to execute various background sensitive functions. The analysis here is to use the empty referer method to bypass.This bypass can be used to implement csrf

RPC protocol Learning (3) differences from otherSummary The Web Service is no longer fresh, and the subsequent SOA and Cloud Computing are also emerging until Baidu also proposed its own box Computing, we still don't care how much actual