unSafe.sh - 不安全
我的收藏
今日热榜
公众号文章
导航
Github CVE
Github Tools
编码/解码
文件传输
Twitter Bot
Telegram Bot
Rss
黑夜模式
Some notes and reflections on the Terminator threat
Throughout the week, a tool called «Terminator» has been discussed in the media, which woul...
2023-6-2 17:16:55 | 阅读: 3 |
收藏
|
Tarlogic Security - www.tarlogic.com
terminator
microsoft
security
malicious
byovd
Why does your company need ransomware simulations?
1. Ransomware attacks, a hazardous scenario2. What are ransomware simulations?2.1. Which compa...
2023-5-30 15:36:13 | 阅读: 6 |
收藏
|
Tarlogic Security - www.tarlogic.com
ransomware
simulations
defensive
resilience
security
CVE-2023-2825: Critical vulnerability affects Gitlab
Information about a new critical vulnerability affecting Gitlab software has been disclosed. Th...
2023-5-30 15:21:53 | 阅读: 12 |
收藏
|
Tarlogic Security - www.tarlogic.com
gitlab
2825
software
urgently
attachment
DNS Water Torture: how not to drown in this tsunami of requests
1. Understanding the domain name system2. The lifetime of a DNS record3. DNS Water Torture4. D...
2023-5-24 23:54:43 | 阅读: 3 |
收藏
|
Tarlogic Security - www.tarlogic.com
water
torture
victim
attackers
CVE-2023-32233: Privilage escalation in Linux Kernel due to a Netfilter nf_tables vulnerability
Recently, a user-after-free vulnerability (CVE-2023-32233) has been published that would allow...
2023-5-18 18:47:33 | 阅读: 23 |
收藏
|
Tarlogic Security - www.tarlogic.com
32233
netfilter
sysctl
userns
CVE-2023-27363: Proof of concept for remote code execution in Foxit Reader
Following the initial announcement of a critical vulnerability (CVE-2023-27363) which allows re...
2023-5-15 21:54:47 | 阅读: 38 |
收藏
|
Tarlogic Security - www.tarlogic.com
foxit
27363
github
software
cpath
EPSS: What is the probability of a vulnerability being exploited?
1. What is EPSS?1.1. Incorporation of up-to-date, real-world information1.2. A model to automa...
2023-5-15 21:14:53 | 阅读: 14 |
收藏
|
Tarlogic Security - www.tarlogic.com
epss
exploited
indicator
probability
Attack Path Management: Securing the Active Directory
1. Active Directory: Essential for businesses and a target for bad guys1.1. Why is AD an attra...
2023-5-10 22:58:16 | 阅读: 6 |
收藏
|
Tarlogic Security - www.tarlogic.com
network
security
routes
malicious
The 10 Keys to Ransomware as a Service
1. Ransomware, the great threat of this era2. What is Ransomware as a Service?2.1. Developers2...
2023-4-27 14:50:33 | 阅读: 8 |
收藏
|
Tarlogic Security - www.tarlogic.com
ransomware
attackers
criminal
affiliates
malicious
The 6 keys to threat modeling
1. What is threat modeling?1.1. Elements1.2. Find answers to 4 basic questions2. Objectives of...
2023-4-17 23:9:45 | 阅读: 7 |
收藏
|
Tarlogic Security - www.tarlogic.com
modeling
threats
security
software
objectives
4 key differences between Pentesting and Red Team
1. Pentesting: Meeting predefined objectives2. Red Team: Improving resilience to attacks3. The...
2023-4-11 23:28:17 | 阅读: 5 |
收藏
|
Tarlogic Security - www.tarlogic.com
security
objectives
Blue Team, proactive defence against threats
Blue Team proactively looks for threats that could put an organisation’s assets at risk and in...
2023-4-4 19:18:23 | 阅读: 4 |
收藏
|
Tarlogic Security - www.tarlogic.com
security
defensive
threats
objectives
Cyber Kill Chain. Dissecting the 7 phases of a targeted cyber attack
1. The origin of the Cyber Kill Chain: from military to virtual2. Combating advanced persisten...
2023-3-29 19:3:35 | 阅读: 8 |
收藏
|
Tarlogic Security - www.tarlogic.com
security
threats
phases
guys
malicious
Fancy Bear and where to find them
Who is Fancy Bear?Malware and TTPsDeveloped queriesTA0002: ExecutionTA0003: PersistenceTA0004:...
2023-3-28 19:49:44 | 阅读: 5 |
收藏
|
Tarlogic Security - www.tarlogic.com
fancy
bear
microsoft
windows
marzo
NIST and secure software development
Why use the Secure Software Development Framework?2. Best practices to achieve results2.1. Pre...
2023-3-22 18:47:11 | 阅读: 6 |
收藏
|
Tarlogic Security - www.tarlogic.com
software
development
security
OWASP SCVS: Reducing Risks in the Software Supply Chain
1. What is OWASP SCVS?2. Verification levels of software components2.1. Designing a strategy t...
2023-3-15 22:40:58 | 阅读: 6 |
收藏
|
Tarlogic Security - www.tarlogic.com
software
scvs
security
BlueTrust, goodbye to Bluetooth privacy
BlueTrust and protocol security flawsBluetoothBIAS and KNOBHow we got to BlueTrustConclusions...
2023-3-8 20:52:16 | 阅读: 6 |
收藏
|
Tarlogic Security - www.tarlogic.com
security
bias
bluetrust
firmware
Improving APT resilience
A general approach to accelerating APT defensive capabilitiesA particular approach to comp...
2023-3-6 20:55:8 | 阅读: 6 |
收藏
|
Tarlogic Security - www.tarlogic.com
defensive
resilience
agreed
apts
malicious
CIS Controls Implementation Groups: How to protect enterprises
1. Digitalization and cybersecurity2. SMEs, the target of cyberattacks3. CIS Controls Implemen...
2023-2-28 19:44:46 | 阅读: 8 |
收藏
|
Tarlogic Security - www.tarlogic.com
security
safeguards
sized
smes
Supply chain attacks: When the bad guys attack from behind
1. What are supply chain attacks?1.1. Attacking library vulnerabilities1.1.1. Log4Shell, a par...
2023-2-22 16:23:29 | 阅读: 10 |
收藏
|
Tarlogic Security - www.tarlogic.com
software
security
lifecycle
Previous
1
2
3
4
5
6
7
8
Next