SEARCH KEYWORD -- CYBER ATTACK

  Oracle released an urgent Java patch

On March 23, Oracle just released an urgent Java patch which is out of its normal update schedule. The security vulnerability is related to the Java SE running in web browsers on desktops. The CVE ID for this issue is CVE-2016-0636. With the unpatched Java, attackers can remotely exploit the target system without username and credentials. Successful exploits can impact the availability, integrity, and confidentiality of the user's system. When the user access pages containing malicious code...

   JAVA,SECURITY,ORACLE,NEWS     2016-03-25 08:39:59

  Internet trends and your web development strategy

Takeaway: Ryan Boudreaux looks at some of the latest reports on how users are spending their time on the web. Keeping an eye on trends is one way for web developers to stay current. Recent figures in Internet activity include several interesting trends, including: the number of smartphone-user adoption rates Cyber Monday sales figures mobile banking app usage social networking on mobile social media hours spent online search habits Trends in worldwide Internet activity may or may not translate ...

   Internet trend,Mobile,Web design,Web app     2012-02-01 00:02:29

  Applying Large Language Models (LLMs) to Solve Cybersecurity Questions

In this document, we will introduce some test, experiment and analysis conclusion about applying Large Language Models (LLMs) to solve cybersecurity questions. Introduction Large Language Models (LLMs) are increasingly used in education and research for tasks such as analyzing program code error logs, help summarize papers and improving reports. In this project, we aim to evaluate the effectiveness of LLMs in solving cybersecurity-related questions, such as Capture The Flag (CTF) challenges, ...

       2024-09-08 04:05:07

  IoT System Cyber Attack Case Study 02: Python Deserialization Attack and Library Hijacking Attack

Project Design Purpose: The objective of this cyber attack case study is to develop a workshop that demonstrates how a red team attacker can permanently compromise a people detection radar IoT device. The attack path is achieved through a series of attacks, including traffic eavesdropping, data deserialization attacks, web shell attacks, remote command/code execution, and Python library hijacking attacks. This case study is intended for IoT and data security professional training, aiming to ill...

       2024-07-14 01:40:09

  Programming: the benefits of taking a break

This post lists several benefits of taking a break during programming. You work smarter, not harder. Once, I worked really hard on a feature. For two weeks, 12 hours a day, I put in a lot of effort. After those two weeks, I took a break and came up with several ideas that made much of the work unnecessary.You think more clearly. Being tired has a similar effect as being drunk. At the end of a day, I often kid myself that I’ll just get this one thing finished quickly to have a fresh ...

   Programming,Tips,Break,Tired     2011-07-28 09:04:29

  10 notorious computer virus

The history of computer virus is the same as computer history. With more and more powerful computers, virus also are smarter and harder to be detected and killed. They have big impact on data security and system usability. We introduce 10 notorious computer virus in the history. 1. Creeper In 1971, the Creeper virus, an experimental self-replicating program, is written by Bob Thomas at BBN Technologies. Creeper infected DEC PDP-10 computers running the TENEX operating sy...

   Computer virus,History,Security     2013-07-16 21:09:22

  Some hidden XSS injection vulnerabilities

XSS injection refers to a Web page generates some unexpected executable js codes based on user input  and these executable codes are executed by web browser,i.e, the source code sent to web browser by the server contains some illegal js codes, and these illegal js codes are related to user's input. Common XSS injection vulnerabilities can be fixed with some functions such as htmlspecialchars(escaping HTML special characters) and strip_tags() or similar, but there are some hidden XSS injecti...

   XSS,PHP,Security,Code,JavaScript     2012-08-27 20:32:08

  Three Simple Ways to Improve the Security of Your Web App

It seems like web app security has entered the public conscious recently, probably as a result of the press covering the activities of groups like Anonymous and incidents like security breaches at several CAs. Here are a couple of quick security tips to improve the security of your web apps. Think of these as low-hanging fruit, not as a substitute for thorough analysis of your app’s security. If there’s interest in this topic we can do more posts, too - let us know in the com...

   Web app,Security,X-FRAME-OPTIONS,SSL     2011-12-08 10:10:20

  Python Process Protection Watchdog

Project Design Purpose: During participating the cyber exercise as red team member, we found that the injected malware or attack launching program can easy be stopped by the blue team or defense program / mechanisms via killing the process / deleting the file. To address this, our project aims to develop a robust watchdog program designed to bind to target programs, diligently monitor their execution states, and ensure uninterrupted functionality. Continuous Monitoring: Establish a vigilant wa...

       2024-09-14 11:09:14

  JavaScript Attack/Defend

As developers and designers we work hard to build visually attractive, fast and easy to maintain applications. Our goals are to make sure the applications we build stick to users and keep them coming back for more. Security is not always at the forefront of our minds. No one intentionally builds insecure software but often a lack of security knowledge leads developers to build vulnerabilities into their applications. In this article we are going to examine two web security attacks, how they are ...

   JavaScript,Attack,Defend,Security,Cross site     2011-10-13 13:09:11

RECENT