unSafe.sh - 不安全
我的收藏
今日热榜
公众号文章
导航
Github CVE
Github Tools
编码/解码
文件传输
Twitter Bot
Telegram Bot
Rss
黑夜模式
CVE-2023-3519: 0-day vulnerability exploited the wild in Citrix NetScaler
On July 18, 2023, Citrix released information and updates to address a critical vulnerability (...
2023-7-21 02:9:14 | 阅读: 36 |
收藏
|
Tarlogic Security - www.tarlogic.com
netscaler
adc
fips
3519
citrix
OWASP API Security Top 10
1. APIs, a key element in the digitization of the world2. Top 10 API Security Risks2.1. Broken...
2023-7-18 15:22:4 | 阅读: 14 |
收藏
|
Tarlogic Security - www.tarlogic.com
security
hostile
prevention2
Detecting emerging vulnerabilities before they are exploited
1. Navigating an ocean of more than 200,000 vulnerabilities2. Supply chain attacks and the dom...
2023-7-10 18:12:30 | 阅读: 12 |
收藏
|
Tarlogic Security - www.tarlogic.com
emerging
security
hostile
CVE-2023-33299: Unauthenticated remote code execution vulnerability in FortiNAC
On June 19, 2023, Fortiguard published the information and updates to fix a critical vulnerabil...
2023-6-30 15:19:50 | 阅读: 39 |
收藏
|
Tarlogic Security - www.tarlogic.com
fortinac
33299
network
software
security
CVSS v4: Assessing vulnerabilities to prioritize their mitigation
1. A standard that facilitates IT vulnerability management1.1. Measuring the severity level of...
2023-6-29 21:12:51 | 阅读: 9 |
收藏
|
Tarlogic Security - www.tarlogic.com
metric
security
measure
assessing
MITRE ATT&CK: What tactics and techniques are cybercriminals employing?
1. Approach cybersecurity from the point of view of the bad guys2. The three MITRE ATT&CK tech...
2023-6-27 21:58:59 | 阅读: 8 |
收藏
|
Tarlogic Security - www.tarlogic.com
malicious
tactic
security
network
The ins and outs of BlueTrust, a Bluetooth vulnerability
1. BIAS and KNOB1.1. BIAS1.3. KNOB1.3. Combining BIAS and KNOB2. Overcoming the challenges of...
2023-6-23 18:49:11 | 阅读: 23 |
收藏
|
Tarlogic Security - www.tarlogic.com
bias
bluetrust
lmp
encryption
CVE-2023-27997: Fortinet Fortigate SSL VPN Pre-Auth RCE critical vulnerability
Details have been disclosed about a critical vulnerability (CVE-2023-27997) affecting Fortinet...
2023-6-16 17:29:54 | 阅读: 52 |
收藏
|
Tarlogic Security - www.tarlogic.com
fortios
6k7k
fortiproxy
27997
fortigate
CVE-2023-34362: SQL Injection in Progress Software’s MOVEit Transfer
On May 31, 2023, Progress informed about a critical vulnerability (CVE-2023-34362) in its M...
2023-6-8 22:19:25 | 阅读: 48 |
收藏
|
Tarlogic Security - www.tarlogic.com
moveit
software
database
silock
34362
CVE-2023-32353: Local privilege escalation via iTunes in Windows
Information has been disclosed about a new high criticality vulnerability that affects the Appl...
2023-6-8 16:16:48 | 阅读: 35 |
收藏
|
Tarlogic Security - www.tarlogic.com
itunes
software
windows
cyrc
privileges
MSSQL linked servers: abusing ADSI for password retrieval
IntroductionADSII saw your credentials!Scenario 1: Obtain the cleartext password of an ADSI li...
2023-6-7 23:15:7 | 阅读: 30 |
收藏
|
Tarlogic Security - www.tarlogic.com
adsi
cleartext
logins
OWASP Top 10 Privacy Risks
1. What is and what is not the OWASP Top 10 Privacy Risks?1.1. Why focus on web application pr...
2023-6-6 18:10:40 | 阅读: 24 |
收藏
|
Tarlogic Security - www.tarlogic.com
security
deletion
Some notes and reflections on the Terminator threat
Throughout the week, a tool called «Terminator» has been discussed in the media, which woul...
2023-6-2 17:16:55 | 阅读: 15 |
收藏
|
Tarlogic Security - www.tarlogic.com
terminator
microsoft
security
malicious
byovd
Why does your company need ransomware simulations?
1. Ransomware attacks, a hazardous scenario2. What are ransomware simulations?2.1. Which compa...
2023-5-30 15:36:13 | 阅读: 18 |
收藏
|
Tarlogic Security - www.tarlogic.com
ransomware
simulations
defensive
resilience
security
CVE-2023-2825: Critical vulnerability affects Gitlab
Information about a new critical vulnerability affecting Gitlab software has been disclosed. Th...
2023-5-30 15:21:53 | 阅读: 25 |
收藏
|
Tarlogic Security - www.tarlogic.com
gitlab
2825
software
urgently
attachment
DNS Water Torture: how not to drown in this tsunami of requests
1. Understanding the domain name system2. The lifetime of a DNS record3. DNS Water Torture4. D...
2023-5-24 23:54:43 | 阅读: 12 |
收藏
|
Tarlogic Security - www.tarlogic.com
water
torture
victim
attackers
CVE-2023-32233: Privilage escalation in Linux Kernel due to a Netfilter nf_tables vulnerability
Recently, a user-after-free vulnerability (CVE-2023-32233) has been published that would allow...
2023-5-18 18:47:33 | 阅读: 45 |
收藏
|
Tarlogic Security - www.tarlogic.com
32233
netfilter
sysctl
userns
CVE-2023-27363: Proof of concept for remote code execution in Foxit Reader
Following the initial announcement of a critical vulnerability (CVE-2023-27363) which allows re...
2023-5-15 21:54:47 | 阅读: 64 |
收藏
|
Tarlogic Security - www.tarlogic.com
foxit
27363
github
software
cpath
EPSS: What is the probability of a vulnerability being exploited?
1. What is EPSS?1.1. Incorporation of up-to-date, real-world information1.2. A model to automa...
2023-5-15 21:14:53 | 阅读: 24 |
收藏
|
Tarlogic Security - www.tarlogic.com
epss
exploited
indicator
probability
Attack Path Management: Securing the Active Directory
1. Active Directory: Essential for businesses and a target for bad guys1.1. Why is AD an attra...
2023-5-10 22:58:16 | 阅读: 21 |
收藏
|
Tarlogic Security - www.tarlogic.com
network
security
routes
malicious
Previous
2
3
4
5
6
7
8
9
Next