Frequent verification codes may appear for non-Mainland China IP visits. If visitors are severely affected, please send [IP|ASN](|AS14618) to the bottom mailbox to add to the whitelist


yday 09:19   Investigating DNS abuse in Japan    #APNIC Blog #安全文章 Guest Post: Two DNS-related incidents that we see a lot in Japan are phishing sites and domain hijackings.

yday 09:00   FreeBuf早报 | 腾讯QQ惊现密码Bug;BOSS直聘等恢复新用户注册    #freebuf #安全文章 据不少用户反馈,腾讯 QQ 出现 Bug,退出登录后,会显示密码为“123456789”,然后使用“123456789”密码竟然真的能够登录进去。

yday 08:00   Java反序列化基础篇-JDK动态代理    #freebuf #安全文章 Java反序列化基础篇-JDK动态代理,一文带你梳理清到底什么是 jdk 动态代理。为之后的 cc 链分析打好基础。

yday 08:00   超低成本DDoS攻击来袭,看WAF如何绝地防护    #freebuf #安全文章 在应用层发起DDoS攻击可以同时对目标网络与目标服务器的稳定性造成威胁。除此之外,攻击者往往只需较小的带宽成本,实现更大的破坏效果。

yday 07:30   Event Wrap: Indonesia MCIT webinar on 5G, IoT, and IPv6    #APNIC Blog #安全文章 Sanjaya presented on IPv6 at the Indonesia MCIT webinar on 5G, IoT, and IPv6, held online on 9 June 2022.

dby 05:20   Norway accuses pro-Russian hackers of launching wave of DDoS attacks    #The Record #安全文章 Norway’s National Security Authority (NSM) accused pro-Russian hackers of launching several distributed denial-of-service (DDoS) attacks at a number of critical organizations in the country.  The NSM did not respond to requests for comment but the organization’s director Sofie Nystrøm rel

dby 04:14   TSA to change cybersecurity rules for pipelines following industry criticism    #The Record #安全文章 The Transportation Security Administration (TSA) announced changes to a cybersecurity directive for U.S. pipelines after backlash from industry experts and trade groups.  TSA issued two sets of security directives last year after the ransomware attack on Colonial Pipeline dominated headlines an

dby 03:16   Burrowing your way into VPNs, Proxies, and Tunnels    #MANDIANT BLOG #安全文章 Burrowing your way into VPNs, Proxies, and Tunnels

dby 03:16   Introducing the Microsoft Climate Research Initiative    #Microsoft Research Blog #安全文章 Addressing and mitigating the effects of climate change requires a collective effort, bringing our strengths to bear across industry, government, academia, and civil society.The post Introducing the Microsoft Climate Research Initiative appeared first on Microsoft Research.

dby 03:09   Microsoft at RSA 2022: Envisioning the future of security    #Microsoft Security Blog #安全文章 The 2022 RSA Conference was a great success, drawing 26,000 attendees to three days of cutting-edge security sessions, tutorials, seminars, and special events at Moscone Center in San Francisco. Microsoft Security was on the ground, interacting with customers and security professionals at Microsoft’

dby 23:47   Deepfake video call: New effort discovered    #Avast Blog #安全文章 Since I wrote about the creation and weaponization of deepfake videos back in October 2020, the situation has worsened. Earlier this month, several European mayors received video calls from Vitali Klitschko, the mayor of Kyiv. These calls turned out to be impersonations, generated by trickster

dby 23:00   Mozilla Releases Security Updates for Firefox, Firefox ESR, and Thunderbird    #Us-Cert #安全文章 Original release date: June 29, 2022Mozilla has released security updates to address vulnerabilities in Firefox, Firefox ESR, and Thunderbird. An attacker could exploit some of these vulnerabilities to take control of an affected system.  CISA encourages users and administrators to review the M

dby 22:48   Path Traversal flaw in UnRAR utility can allow hacking Zimbra Mail servers    #Security Affairs #安全文章 Researchers discovered a new flaw in RARlab’s UnRAR utility, tracked CVE-2022-30333, that can allow to remotely hack Zimbra Webmail servers. SonarSource researchers have discovered a new vulnerability in RARlab’s UnRAR utility, tracked as CVE-2022-30333, that can be exploited by remote a

dby 21:07   Obstacles in Dart decompilation and the impact on Flutter app security    #[email protected] #安全文章   submitted by   /u/Floni [link]   [留言]

dby 20:55   Internet Explorer, we hardly knew ye    #CloudFlare Blog #安全文章 With the recent retirement of Microsoft Internet Explorer 11, we analyzed Internet Explorer traffic trends. Breaking the traffic down by bot score revealed much of this traffic is “likely automated”