Cloud Security

Adobe releases emergency patches to fix North Korea's CVE-2018-4878 Vulnerabilities Adobe released an emergency fix that fixes two serious remote execution vulnerabilities, including the CVE-2018-4878 vulnerability exploited by North Korea. Last

Apache Geode Remote Code Execution Vulnerability (CVE-2017-9795)Apache Geode Remote Code Execution Vulnerability (CVE-2017-9795) Release date:Updated on:Affected Systems: Apache Group Geode Description: Bugtraq id: 102488CVE (CAN) ID: CVE-2017

VMware AirWatch Console Module access restriction bypassing Vulnerability (CVE-2017-4942)VMware AirWatch Console Module access restriction bypassing Vulnerability (CVE-2017-4942) Release date:Updated on:Affected Systems: VMWare Airwatch

Mozilla Thunderbird Information Leakage Vulnerability (CVE-2017-7847)Mozilla Thunderbird Information Leakage Vulnerability (CVE-2017-7847) Release date:Updated on:Affected Systems: Mozilla Thunderbird Description: Bugtraq id: 102258CVE (CAN)

Samba MS-SAMR/MS-LSAD man-in-the-middle attack Vulnerability (CVE-2016-2118)Samba MS-SAMR/MS-LSAD man-in-the-middle attack Vulnerability (CVE-2016-2118) Release date:Updated on:Affected Systems: Samba Samba 3.6.0 － 4.4.0 Description: CVE (CAN) ID:

Avast Virtualization alization aswSnx. sys Buffer Overflow Vulnerability (CVE-2015-8620)Avast Virtualization alization aswSnx. sys Buffer Overflow Vulnerability (CVE-2015-8620) Release date:Updated on:Affected Systems: Avast InternetSecurity Avast

Adobe Flash MPEG-4 cross-border read Remote Code Execution Vulnerability (CVE-2015-8657)Adobe Flash MPEG-4 cross-border read Remote Code Execution Vulnerability (CVE-2015-8657) Release date:Updated on:Affected Systems: Adobe Flash Player Adobe

Analysis on Locky, a new ransomware passed by email Locky is a new type of ransomware spread through spam, which features similar to Dridex Trojans.Locky can bypass anti-spam filters (except for other items) and use social engineering techniques to

Symantec released the latest threat intelligence report for February 2016 According to the latest report in February 2016, one of every 125 emails contains malware.Based on data from the Global Intelligence Network (GIN), one of the world's largest

Hacking Team's principle and Function Analysis of Mac malware Last week, security personnel Patrick Wardle published an article about HackingTeam's new backdoor and virus implants. It also indicates that the Hacking Team becomes active again,

Prevent departing employees from taking customers away, prevent internal employees from leaking data, and prevent employees from leaking data.Preventing leaks of departing employees and internal employees is an important aspect of enterprise

The csf firewall is installed to deal with a small number of ddos and cc attacks, which is quite useful. We have also used the TDS before. The following is a record of how I discovered the attack, and how to solve it.1. Adjusting apache connections

Comments: Today, due to a problem in the setup of the telecom data center, the website cannot be accessed. Because mcafee is installed on the server, many operations cannot be run on the server. Therefore, we have made a simple implementation step,

Comments: Keyboard security problems and hazards through various hacker technologies, hackers can remotely control the installation of keyboard recording programs in users' computers, these tools, known as keyboard recorders, can record all

Comments: The protection of early versions of CuteFTP is still quite powerful. First, it was KeyFile, and then changed to the registration code. It has a 3.x version used as the strainer of HCU (High Cracking University. Version 4.0 can be changed

CommentsSummary: cryptography is a technical science that studies the compilation of passwords (encryption: encode) and deciphering passwords (decryption: decode. The objective law of password change is studied. It is used to compile passwords to

Burp technique for non-Webapp testing (2): scanning and Replay In the first section of this series of serialization, I talked about the burp Function Testing for non-webapps. I only wanted to write something and share it with me. Now, I will

Analysis of penetration techniques-N methods for uploading files through cmd 0x00 Preface During the penetration test, files are often uploaded to the target host. I encountered this problem in the recent study and test process, only the cmd shell

Payment security: Getshell caused by multi-site deserialization command execution by Dongfang Fu (involving a large number of enterprise customer information \ affecting the security of a large number of Intranet hosts) Payment security. Come

Access SQL Injection reference  Description SQL query and comment Annotator Access does not have a special annotator. Therefore, "/*", "--" and "#" cannot be used. However, you can use the NULL character "NULL" (% 00) instead: