1分钟
安卓
Leaked 安卓 Platform Certificates Create Risks for Users
A new report contains 10 different platform certificates 和 malware sample SHA256 sums where the malware sample had been signed by a platform certificate.
7分钟
脆弱性管理
SolarWinds SUNBURST Backdoor Supply Chain Attack: What You Need to Know
12月. 12, 2020, FireEye provided detailed information on a widespread attack campaign involving a backdoored component of the SolarWinds Orion platform.
9分钟
漏洞的披露
Vulntober: Multiple Mobile Browser Address Bar Spoofing Vulnerabilities
今天, we're announcing a coordinated vulnerability disclosure on a set of address bar spoofing vulnerabilities that affect a number of mobile browsers.
4分钟
安卓
Pokemon Go, Security, 和 Obsolescence
《十大赌博官方正规网址》.
The crusty old house cell phone, which we had years ago ported from a genuine
AT&T l和 line to a T-Mobile account, suddenly caught the attention of my middle
儿子.
> "Hey Dad, can I use that phone to catch Pokemon at the park?"
“当然! Have fun, 和 don't come back until sundown!"
A few minutes later, he had hunted down his first Pikachu, which apparently
required running around the block in Texas summer heat a few times. 湿透的
but proud, he happily presented hi
5分钟
脆弱性管理
Using the National Vunerability Database to Reveal 脆弱性 Trends Over Time
This is a guest post by Ismail Guneydas. Ismail Guneydas is senior technical
leader with over ten years of experience in vulnerability management, digital
forensics, e-Crime investigations 和 teaching. 目前他是一名大四学生
vulnerability manager at Kimberly-Clark 和 an adjunct faculty at Texas A&M. He
有M.S. in computer science 和 MBA degrees.
2015 is in the past, so now is as good a time as any to get some numbers
together from the year that was 和 analyze them. 在这篇博文中,
2分钟
安卓
R7-2015-02: Google Play Store X-Frame-Options (XFO) Gaps Enable 安卓 Remote Code Execution (RCE)
脆弱的总结
Due to a lack of complete coverage for X-Frame-Options
[http://developer.mozilla.org/en-US/docs/Web/HTTP/X-Frame-Options] (XFO)
support on Google's Play Store [http://play.谷歌.web应用程序
domain, a malicious user can leverage either a Cross-Site Scripting (XSS)
vulnerability in a particular area of the Google Play Store web application, or
a Universal XSS (UXSS) targeting affected browsers, to remotely install 和
launch the main intent of an arbitrary Play S
4分钟
安卓
National Cyber Security Awareness Month: Keeping Mobile Devices Safe
To mark National Cyber Security Awareness Month, we're trying to help you
educate your users on security risks 和 how to protect themselves, 和 by
extension your organization. Every week in October we'll provide a short primer
email on a different topic relating to user risk. The idea is that you can copy
和 paste it into an email 和 send it around your organization to promote
better security awareness among your users. The first post was on phishing
[/2013/10/02/national-cyber-security-awa