Cloud Security

A Cisco router is detected infected with a secret backdoor. Security company FireEye researchers reported that backdoor programs called SYNful knock were found on 14 Cisco routers in 4 countries. Cisco has confirmed this. The attack does not take

WebKit multiple security vulnerabilities (APPLE-SA-2015-09-16-1)WebKit multiple security vulnerabilities (APPLE-SA-2015-09-16-1) Release date:Updated on:Affected Systems: Apple iTunes WebKit Open Source Project WebKit Apple iOS

Cisco Firepower 9000 Series unauthenticated web Vulnerability (CVE-2015-4287)Cisco Firepower 9000 Series unauthenticated web Vulnerability (CVE-2015-4287) Release date:Updated on:Affected Systems: Cisco Firepower Description: CVE (CAN) ID: CVE-

Lenovo computer system updates found serious Security Vulnerabilities Security company IOActive discloses a high-risk vulnerability in Lenovo computer system updates that has been fixed. Security researchers notified Lenovo in February this year

WordPress Photo Gallery plug-in 'asc _ or_desc 'parameter SQL Injection Vulnerability Release date:Updated on: Affected Systems:WordPress Photo Gallery 1.2.8Description:Bugtraq id: 72364CVE (CAN) ID: CVE-2015-1393 The Photo Gallery advanced

Cisco Jabber Guest Server Multiple Cross-Site Scripting Vulnerabilities (CVE-2014-8026) Release date:Updated on: Affected Systems:Cisco Jabber GuestDescription:Bugtraq id: 71769CVE (CAN) ID: CVE-2014-8026 Cisco Jabber Guest is a

The latest version of Android in sogou browser UXSS (not limited by the System Version) After several waves of webkit UXSS baptism, it was found that the sogou browser basically had no guns, so the security was relatively good. However, this UXSS

Use Wireshark to analyze ICMP Packets ICMP protocol Introduction 1. ICMP is the abbreviation of "Internet Control Message Protocol" (Internet Control Message Protocol. It is a sub-Protocol of the TCP/IP protocol family. It is used to transmit

Wordpress Game Speed plugin 'timthumb. php' Cross-Site Scripting Vulnerability Release date:Updated on: Affected Systems:WordPress Game SpeedDescription:--------------------------------------------------------------------------------Bugtraq id: 690

Microsoft Word '.doc 'Remote Denial of Service Vulnerability Release date:Updated on: Affected Systems:Microsoft Word XPMicrosoft Word 2003 SP3Microsoft Word 2003 SP2Unaffected system:Microsoft Word 2010Description:---------------------------------

Multiple security vulnerabilities in Apple Mac OS X Release date:Updated on: Affected Systems:Apple Mac OS X Description:--------------------------------------------------------------------------------Bugtraq id: 60329CVE (CAN) ID: CVE-2013-0975,

Cisco Unified Communications Manager concurrent logon Security Restriction Bypass Vulnerability Release date:Updated on: Affected Systems:Cisco uniied Communications ManagerDescription:---------------------------------------------------------------

If you get rid of it, it's not at the point you think.   I am still looking forward to my speech in QCon Shanghai in October 18 on the topic "programmers and hackers". I have made a lot of effort on this topic, I used my programmers and hackers'

Virus Trojan scan: Reverse Analysis of pandatv incense (Part 2)I. Preface This time, we will continue to analyze the virus in the previous article. The analysis may encounter some different situations. After all, we only need to step down the

Lenovo employee information leakage vulnerability in shengxin sunshine Consulting Company The login system customized by shengxin sunshine consulting company for Lenovo has design defects, which can leak information of all Lenovo employees. (1)

Waf xss bypass posture Due to the wide use of application firewalls, it is necessary to test WAF's ability to defend against xss attacks. Of course, all the experiments are to prove that the vendor must eliminate the vulnerability from the root

Elevator recruitment network 0.2 million resume leakage (ID card, phone number, name, address)POST or ureg.html HTTP/1.1 Host: **.**.**.** Content-Length: 225 Content-Type: application/x-www-form-urlencoded X-Requested-With: XMLHttpRequest

Web security practice (4) c # simple http programming exampleFor http programming, we can follow the http protocol in Socket mode. For http programming, Microsoft provides encapsulated classes such as WebRequest, WebResponse, HttpWebRequest, and

Web security practice (6) Information Extraction from web Application Analysis The web security practice series focuses on the practical research and some programming implementation of the content of hacker exposure-web Application Security secrets

WAF Defense Capability Evaluation and tools This article describes how to evaluate a WAF from the defense capability of conventional attacks. A total of 16 attack types are covered, each of which ranges from the Use scenario (The purpose of the