SEARCH KEYWORD -- attack


  Oracle released an urgent Java patch

On March 23, Oracle just released an urgent Java patch which is out of its normal update schedule. The security vulnerability is related to the Java SE running in web browsers on desktops. The CVE ID for this issue is CVE-2016-0636. With the unpatched Java, attackers can remotely exploit the target system without username and credentials. Successful exploits can impact the availability, integrity, and confidentiality of the user's system. When the user access pages containing malicious code...

   JAVA,SECURITY,ORACLE,NEWS     2016-03-25 08:39:59

  10 notorious computer virus

The history of computer virus is the same as computer history. With more and more powerful computers, virus also are smarter and harder to be detected and killed. They have big impact on data security and system usability. We introduce 10 notorious computer virus in the history. 1. Creeper In 1971, the Creeper virus, an experimental self-replicating program, is written by Bob Thomas at BBN Technologies. Creeper infected DEC PDP-10 computers running the TENEX operating sy...

   Computer virus,History,Security     2013-07-16 21:09:22

  Some hidden XSS injection vulnerabilities

XSS injection refers to a Web page generates some unexpected executable js codes based on user input  and these executable codes are executed by web browser,i.e, the source code sent to web browser by the server contains some illegal js codes, and these illegal js codes are related to user's input. Common XSS injection vulnerabilities can be fixed with some functions such as htmlspecialchars(escaping HTML special characters) and strip_tags() or similar, but there are some hidden XSS injecti...

   XSS,PHP,Security,Code,JavaScript     2012-08-27 20:32:08

  Privacy & Security What Is the Difference?

                       When we discuss the internet today, there are two terms that we frequently here: privacy and security. While you may think that these two terms mean the same thing and are thus interchangeable, this isn’t true. As such, you’ll want to take a moment to learn the difference between these two terms. Understanding the Difference Between Privacy and Security When you open a checking account you share your p...

   SECURITY,PRIVACY,CYBERSECURITY     2018-12-27 00:29:57

  What is cache penetration, cache breakdown and cache avalanche?

When designing and developing highly available system, cache is an very important consideration. It is useful to cache some frequently accessed data so that they can be accessed quickly and also cache can protect the downstream system like DB from being hit too often.  To provide better cache design in large systems, some problems may need to be considered first. In this post, we will talk about some frequently discussed cache problems and mitigation plans. Cache penetration Cache penetrati...

   SYSTEM DESIGN,CACHE PENETRATION,CACHE BREAKDOWN,CACHE AVALANCHE     2020-04-10 08:43:00

  $40 million per year to keep Wikipedia running

Wikipedia is an incredibly frugal and efficient nonprofit organization. It serves half a billion visits per month. But do you know how much it costs to keep this huge website running? According to 2012-13 Wikimedia Foundation Annual Plan, the expected spending is around $40 million. Some may argue that Wikipedia is just a site with "just text", why does it cost so much? Oliver Emberton shared his view. To keep Wikipedia running and serve 500 million visits per month. First, you're going to need ...

   Wikipedia,Spending,Cost     2013-09-24 23:05:10

  Why should we drop or reduce use of MD5?

MD5 is a frequently used one-way hash algorithm, it is commonly used in following situations: Check data integrity. We take hash of the data stored in two different places and compare them. If the hash results are the same, then there is no need to check the actual data. This utilizes the collision-resistant feature. Two different data block will have little chance that their hash values will be the same. Many data service providers use such technique to check repeated data to avoild repeating...

   MD5,Vulnerability,attack     2012-09-29 04:47:49

  Top 3 Cybersecurity Trends to Watch Out for Today

One trend in cybersecurity that never changes is that it’s getting more important with every passing year. According to statistics, the number of cyberattacks and severity of the losses they incur are growing at an alarming rate. Every day about 24,000 of malicious mobile apps get blocked yet more pop up overnight. For a business today cybersecurity isn’t an option, it’s a necessary measure one needs to invest in heavily. And it’s essential to follow the trends and develo...

   SECURITY,CYBER SECURITY     2019-05-14 09:03:24

  IoT System Cyber Attack Case Study 02: Python Deserialization Attack and Library Hijacking Attack

Project Design Purpose: The objective of this cyber attack case study is to develop a workshop that demonstrates how a red team attacker can permanently compromise a people detection radar IoT device. The attack path is achieved through a series of attacks, including traffic eavesdropping, data deserialization attacks, web shell attacks, remote command/code execution, and Python library hijacking attacks. This case study is intended for IoT and data security professional training, aiming to ill...

       2024-07-14 01:40:09

  IT System Cyber Attack Case Study 01: Malicious Macro and Backdoor Trojan Attack on IT-Network

Project Design Purpose: The objective of this cyber attack case study is to develop a workshop showcasing a practical demonstration of a red team attacker implementing an IT system/network attack via a Malicious Macro MS-Office-Word file (CVE-2015-1641) and phishing email generation program to penetrate multiple layers of firewall defenses and implant a backdoor trojan into the railway system's OT network. Related Links: GitHub Project Link , LinkedIn Post Link Attacker Vector: Malicious Macro ...

       2024-08-03 08:21:49

RECENT