Chinese News Feed

How far is zero trust?

Although most it and security professionals regard zero trust as an important part of their network security construction, many people still have a long way to go to actually complete the deployment. In particular, when users continue to move from the cam

freebuf @ 2020/08/14

The foreign ministry's response to the escalation of the US "net net" action against China is absolutely ridiculous

The tiktok storm has not subsided, but the "net net" action against China has been upgraded again. On August 5, U.S. Secretary of state pompeio announced that it would expand the scope of "clean network" announced at the end of April, add

freebuf @ 2020/08/06

Deceptikons: a ten-year "hacking army" emerges

After hackers, decketin, hired hackers, discovered the second organization after baskovin hired hackers this year. Kaspersky, a Russian cyber security company, said in a webinar that a new hack hiring organization had been active for nearly a decade. Acco

freebuf @ 2020/08/02

Security advantages and challenges of HTTP / 3 protocol

Http / 3 is the third official version of Hypertext Transfer Protocol (HTTP). It will improve network performance and stability, and solve various security and privacy issues. However, there are still some security challenges. Http / 3 will no longer use

freebuf @ 2020/07/27

BUF event: fast charging products have security risks; 18000 computers of Argentina Telecom Company were infected

This week's buf incident has brought fresh and interesting security news to you. There are "bad power" security risks in fast charging products; details of account hijacking are announced by twitter; 18000 computers of Argentina Telecom Compan

freebuf @ 2020/07/25

2020 NTA / NDR network security product capability evaluation content announcement

Under the background of the booming development of NTA / NDR, freebuf consulting has investigated hundreds of enterprises through on-site visits, data integration and questionnaire survey. Combined with quantitative analysis and qualitative analysis, free

freebuf @ 2020/07/23

BUF event: Twitter was hacked by large-scale hackers, and many celebrities and politicians were hacked; GitHub went down on a large scale

Many hackers have been hacked on the world's big news website, but some of them have been attacked by hackers on the world's website

freebuf @ 2020/07/19

Data security risks in data center

Data center, known as the next station of big data, is proposed by internet giants, and its core idea is data sharing. Data middle platform is a logical concept that aggregates and governs cross domain data, encapsulates data into services abstractly, and

freebuf @ 2020/07/11

Who is the lamb that hacker group keeper aims at?

"Small and medium-sized e-commerce sites that use Magento may need to be careful." Nowadays, mageart attack has become a normal event faced by small and medium-sized e-commerce enterprises in various regions of the world. Attackers can compromise

freebuf @ 2020/07/09

Trial edition | "2020 China network traffic monitoring and analysis products research report"

With the continuous development of network intrusion detection technology, network intrusion detection can not be effective. Based on this situation, NTA (network traffic analysis) network traffic analysis was first proposed in 2013, and gradually rose in

freebuf @ 2020/07/08

Security research: the number of open source projects in 2019 has doubled.

Recently, security experts have analyzed and studied the most popular 54 open source projects, and found that the number of security vulnerabilities in these open source tools doubled in 2019. Because there were only 421 vulnerabilities in the same open s

freebuf @ 2020/07/05

BUF big events, multiple appointments APP up to 845GB data leakage, Research Report on small program personal information protection

This week's BUF event has brought fresh and interesting safety news to you, with multiple appointments APP as high as 845GB data leakage, including naked photos and chat records; APP frequent self initiated access to files 25 thousand times; small pro

freebuf @ 2020/06/27

80000 printers are exposed online every day through IPP.

For many years, every online device that is not protected by firewall is the attack surface. Hackers can deploy vulnerabilities to force control systems, or they can simply connect to exposed ports without requiring authentication. Hacking devices in this

freebuf @ 2020/06/26

Tips for entry-level emergency response

This article mainly describes the conventional way of dealing with denial of service attacks, DNS hijacking, IOC alerts and APT events. Denial of service attack denial of service attacks can be classified into two types, DDOS attack and DOS attack. DDOS a

freebuf @ 2020/06/25

Payment or no ransom? This is a problem.

According to the Veritas Technologies study, 40% of respondents believe that corporate leaders are responsible for blackmail attacks. 65% of respondents wanted to get compensation from companies that were blackmailed by software, and 9% wanted to send CEO

freebuf @ 2020/06/21

A security company sells a cryptographic device to a malware Gang, earning at least 500 thousand dollars.

CloudEyE, a Italy security company, has earned over $500 thousand in revenue by selling its binary encryption device to malicious software groups. In the past four years, the Italy security company has been running a seemingly legitimate website and provi

freebuf @ 2020/06/15

The hacker organization leader served 10 years in prison and became a "illiterate" network after being released from prison.

Jesse William McGraw, also known as "GhostExodus", is responsible for the anarchism hacker organization of Electronik Tribulation Army (ETA), and also a member of the hacker organization anonymous. Interestingly, he was the first one in the United

freebuf @ 2020/06/11

FreeBuf consulting "2020 China Vulnerability Management Solutions Research Report" officially launched

Vulnerability Management is a commonplace concept, but it is also the most familiar concept in the field of information security, which is most needed to be valued and landed by enterprises. With the increase of risk awareness and compliance requirements

freebuf @ 2020/06/09

BUF big event fastjson exposes the high risk Remote Code Execution Vulnerability; the Apple ID login vulnerability is worth 100 thousand US dollars.

This week's BUF incident brought fresh and interesting security news to us. Fastjson was exposed to "high risk" Remote Code Execution Vulnerability; Apple ID login vulnerability, without user login to user accounts; the largest hacker organiza

freebuf @ 2020/06/07

U.S. nuclear missile military data suspected to leak, "roundabout" supply chain attacks trigger new thinking.

The US Department of defense network security defense system seems to have been a constant problem. After being charged with "three sins" within its government, it has been exposed to "new thunder". In June 3rd, according to foreign media

freebuf @ 2020/06/06