Let’s Encrypt will shorten default TLS/SSL certificate lifetimes from 90 to 45 days and reduce domain‑validation reuse windows to seven hours, rolling out a trial in May 2026, a default change in July 2027, and full enforcement in August 2028, while also introducing a persistent DNS‑TXT validation method.
The article examines how modern military software, built largely from third‑party components, faces supply‑chain attacks, explains the need for SBOMs, and proposes a centralized trusted component repository with automated scanning, compliance checks, and full‑lifecycle auditing to secure defense systems.
After upgrading to recent Linux distributions, SecureCRT often cannot establish SSH connections due to disabled legacy algorithms, but the issue can be resolved by updating SecureCRT or manually enabling modern key‑exchange and host‑key types in its settings.
This article examines the distinct SBOM strategies of Google, Microsoft, and Meta, highlighting Google's large‑scale automation, Microsoft's open‑source tooling, and Meta's internal security integration, and draws lessons for enterprises seeking transparent and resilient software supply chain governance.
This article explains why permission management is essential, outlines basic and advanced permission models—including RBAC, role inheritance, constraints, user groups, organizations, and positions—and provides detailed table designs for both standard and ideal RBAC implementations, helping developers build scalable, secure access control systems.
vshell is a versatile remote‑shell framework offering eBPF C2 support, interactive terminals, zero‑compile client generation, multi‑protocol traffic handling, in‑memory plugin execution, WebSocket CDN relay, and full NPS proxy capabilities, all managed via a single‑file server and a web UI.
The IEEE 3169‑2025 standard, led by Ant Group, introduces a unified five‑level security grading framework for privacy‑preserving computation across technologies like MPC, federated learning and TEEs, detailing attack‑defense effectiveness, information leakage categories, and additional metrics to guide secure data‑flow implementations.
This guide presents a complete, compliance‑ready solution for enforcing the GB/T 22239 (等保2.0) requirement that Linux user passwords be changed every 90 days, including a safe Bash script, audit logging, crontab scheduling, permission hardening, and evidence collection for security assessments.
This guide presents a comprehensive network security shell script library, outlining modular design principles, a categorized inventory of over 180 scripts for reconnaissance, vulnerability scanning, monitoring, incident response, credential management, automation, and utility tools, along with practical build strategies and usage tips for secure, portable deployments.
The Chinese National Time Service Center revealed a sophisticated cyber‑attack attributed to the U.S. NSA, detailing the deployment of multiple custom malware families—including Back_eleven, eHome_0cx, and New_Dsz_Implant—used for data theft, persistent footholds, encrypted tunneling, lateral movement, and command‑and‑control via numerous IP addresses.
Alipay’s trusted deep defense architecture, built on security parallel slices and trusted computing, was selected as a flagship case for the 2025 Important Industry Security Protection list, demonstrating zero‑false‑positive, zero‑miss, and zero‑business‑disruption protection against advanced threats such as 0‑day and APT attacks during high‑traffic events like Double 11.
A recent breach of the AI companion apps Chattee and GiMe Chat exposed over 40 million private conversations, hundreds of thousands of media files, and transaction records due to publicly accessible Kafka brokers lacking any authentication, putting user privacy and security at serious risk.
The article explores how companies can safeguard source code from employee leaks, discussing strategies ranging from generous compensation and strict permission controls to advanced sandbox and virtualization solutions, while also weighing the true commercial value of proprietary code and the cost‑benefit of heavy security measures.
This article explores the evolution of QR codes from their barcode origins, explains how their two‑dimensional matrix stores massive information, describes the standards and error‑correction mechanisms that make them reliable, and examines the massive data, energy, and security challenges they create in today’s digital society.
This article compiles several expert answers on protecting corporate source code from employee leakage, covering monetary incentives, permission segmentation, strict auditing, sandbox/virtualization solutions, cost‑benefit considerations, and why most internal code may not be worth heavy protection.
This article examines real‑world anecdotes of hidden backdoors in software, explores how Chinese law treats such vulnerabilities, and outlines the hierarchy of backdoor techniques from simple code tricks to compiler‑level implants, highlighting the security risks they pose.
This article examines three categories of techniques—naïve, conventional, and advanced—for enabling fuzzy queries on encrypted data, evaluates their pros and cons, provides implementation details, performance considerations, and references to real‑world solutions, guiding developers toward secure and efficient search strategies.
A Shenzhen tech employee was fired after his girlfriend posted his badge and 3‑million‑yuan salary online, sparking a debate about strict corporate data protection, internal reporting mechanisms, and the broader responsibilities of both companies and individuals in safeguarding sensitive information.
This article explains the workflow of mobile SMS verification login, outlines its main security risks such as code leakage, SMS bombing, and replay attacks, and provides practical mitigation strategies for developers and platform operators to protect user accounts.
This article provides a comprehensive guide to Go cryptography, covering fundamental concepts, common mistakes like using math/rand for keys or RSA v1.5 padding, correct implementations with crypto/rand, AES‑GCM, RSA‑OAEP/PSS, password‑derived keys, performance benchmarks, and practical testing strategies.
This article explains data masking (data desensitization), its importance for privacy and compliance, outlines the four implementation stages, compares common masking techniques, and discusses the challenges and future directions for secure data handling in development and testing.
The article analyzes why Web3’s immutable, code‑as‑law nature forces a shift from traditional post‑deployment audits to continuous DevSecOps practices, and extends this security imperative to other high‑risk sectors such as critical infrastructure, aerospace, and medical devices.
The article redefines security by introducing the concept of endogenous security, explaining its origins, biological analogy, core characteristics, and how it synergizes with DevSecOps to embed self‑protecting, adaptive immunity directly into software and infrastructure rather than relying on external defenses.
This article explains how CVE identifiers serve as a universal naming system for vulnerabilities and compares the roles of NVD, GitHub Advisory Database, and vendor security advisories, showing how to combine these sources into a layered intelligence network for effective risk assessment and remediation.
Even though modern browsers enforce sandboxing and many frameworks add XSS defenses, a successful cross‑site scripting attack can still break through server and browser protections, allowing attackers to hijack sessions, steal data, scan internal networks, exploit browser bugs, or run cryptojacking scripts.
The article explains why telnet commands are now considered a security violation in many production environments, detailing legal requirements, operator network restrictions, high‑risk scenarios, and concrete examples of prohibited commands and their associated risks.
This article examines the OAuth security challenges in Volcano Engine's Model Context Protocol (MCP) ecosystem and outlines a comprehensive, three‑stage defense strategy—including pre‑authorization double confirmation, token identity isolation, and API‑level permission controls—to protect user assets and data.
In GitLab CI/CD pipelines, SAST and Dependency Scanning are independent, complementary security mechanisms—one inspects your own source code while the other checks third‑party libraries—so enabling both provides a comprehensive defense against vulnerabilities.
This document outlines the background, scope, key definitions, and strict data security red lines that all employees must adhere to, including prohibitions on bypassing security measures, unauthorized data use, external disclosures, cross‑border transfers, and requirements for handling sensitive information.
This guide walks you through essential Linux security measures—including system account cleanup, password policies, command history restrictions, PAM authentication modules, sudo configuration, GRUB boot protection, weak‑password detection with John the Ripper, and network port scanning with nmap—to help you harden servers against unauthorized access and privilege escalation.
ZAP (Zed Attack Proxy) is an OWASP open-source web application security testing tool that offers proxy interception, active and passive scanning, integrates with CI/CD pipelines, and supports manual and automated testing to detect vulnerabilities such as SQL injection, XSS, SSRF, and compliance issues.
This article dissects modern phishing and ransomware threats, detailing preparation, bait construction, email header spoofing, and open‑source tools like Gophish, then outlines comprehensive defensive measures—from endpoint security and threat intelligence to risk‑based response economics—offering a systematic, technology‑to‑tactics‑to‑strategy framework for information security teams.
This article explains why strict permission management is essential for data security, outlines various permission models—from basic data‑view and edit rights to hierarchical RBAC, RBAC1, RBAC2, role inheritance, constraints, user groups, organizations and positions—and provides guidance on designing ideal database tables for robust access control.
Explore the seven most commonly used encryption algorithms—including MD5, SHA families, HMAC, AES, DES/3DES, RSA, and DSA—detailing their principles, Java implementations, performance, and practical security guidelines, while highlighting real-world attack scenarios and best‑practice recommendations for robust information protection.
A 90‑born programmer created illegal video‑transfer software that bypassed watermark and originality checks on platforms like TikTok and Kuaishou, earning over 7 million yuan in less than a year before being sentenced to three years in prison, highlighting a criminal supply chain in China’s short‑video industry.
On July 4, 2025, Ingram Micro, the world’s largest IT distributor, suffered a crippling ransomware attack by the SafePay group that stole nearly 1 TB of confidential data, encrypted critical systems, and forced a 48‑hour outage, highlighting severe risks for global supply‑chain operations.
This guide explains WeChat’s hidden “recover” function, its official purpose and limitations, step‑by‑step recovery methods via search or settings, practical tips, backup strategies, user‑tested success rates, and the risks of third‑party tools, helping users safeguard and restore chat data.
With the rise of digital economies, token security—especially JWT—has become critical; this article compares token and traditional session authentication, outlines token-based authentication flow, identifies theft, replay, and forgery threats, and presents comprehensive safeguards such as HTTPS, encryption, secure storage, expiration policies, 2FA, and safe refresh mechanisms.
A disgruntled IT worker in the UK exploited his privileged accounts after being suspended, causing massive system outages across multiple countries, incurring over £200,000 in losses, and was sentenced to seven months in prison, highlighting critical insider‑threat risks for organizations.
This article walks through a real‑world case where a large platform suffered a massive traffic‑based attack, showing how to extract high‑frequency IPs, join logs by trace_id, perform geographic analysis, and automate blacklist updates across Alibaba Cloud and AWS using SLS SQL and Python SDKs.
A missed renewal of a TLS certificate for the domain https://support.content.office.net caused widespread certificate‑expired warnings for Office users on June 24, 2024, affecting all services that rely on several related domains and will likely be resolved once Microsoft updates the certificate during regular working hours.
This article explains why strict permission management is essential for data security, outlines various permission models—including basic RBAC, role inheritance, and constrained RBAC—and provides practical guidance on designing tables, roles, groups, and organizational structures for scalable access control.
This guide explains the WeChat team's risk‑control logic, the three‑level response model, and provides a complete self‑service unlocking workflow, high‑success material checklist, official contact channels, and post‑unlock protection strategies to resolve account restrictions within minutes.
A Reddit user’s Microsoft account was abruptly blocked, rendering decades of OneDrive‑stored photos and files inaccessible, which underscores the risks of relying on a single cloud backup and highlights the importance of multi‑point data protection strategies like the 3‑2‑1 rule.
Learn step-by-step how to set up a private Certificate Authority on Linux using OpenSSL, covering CA and PKI basics, directory structure, configuration files, generating root and client certificates, managing revocation lists, and essential commands for secure certificate management.
A comprehensive study reveals that Model Context Protocol (MCP) platforms lack strict vetting, users struggle to detect malicious servers, and current large language models cannot effectively resist MCP‑level injection attacks, highlighting critical security challenges and proposing mitigation strategies.
This article explains WeChat’s hidden “recover” feature, detailing its official purpose, technical limits, step‑by‑step recovery methods, effectiveness, backup strategies, and the risks of third‑party tools, helping users safely restore lost chat records.
Guangzhou police investigated a foreign cyber‑attack on a local tech firm, traced the malicious code to a Taiwan‑based hacker group linked to the DPP, and detailed the group’s low‑level tactics, extensive asset scanning, and use of VPNs and overseas cloud servers.
Google Chrome now offers an automatic password‑change function that detects leaked credentials, generates strong passwords, and updates them with minimal user effort, while websites must adopt specific autocomplete attributes and change‑password URLs to integrate seamlessly with this security enhancement.
Huolala, a major internet freight platform, outlines its multi‑layered data security compliance system—covering national standards, industry regulations, organizational structures, technical safeguards, lifecycle management, incident response, audits, and AI‑driven maturity models—to ensure robust protection of personal and critical business data.
This article examines how HuoLala, a major internet freight platform, constructs a comprehensive data security compliance system that aligns with national standards, industry regulations, AI‑assisted processes, certification requirements, and a continuous PDCA improvement cycle.
A coordinated overseas cyber‑attack breached a Guangzhou tech firm's self‑service equipment backend, causing hours of service outage, data leakage, and significant losses, prompting swift police investigation, evidence preservation, and a detailed technical analysis of the attackers' methods.
This article presents six widely used data masking solutions—from simple regex string replacement to advanced K‑anonymity—detailing their principles, Java implementations, pros and cons, performance impact, and suitable application scenarios, helping developers protect sensitive data in production and test environments.
The People's Bank of China has issued a comprehensive Data Security Management Measures, effective June 30, 2025, outlining classification, protection, risk monitoring, incident response, and legal responsibilities for all data processors handling business‑domain data.
This article provides a systematic security analysis of the Model Context Protocol (MCP), demonstrating how malicious tool definitions, prompt injection, command injection, and over‑privileged implementations enable data theft, arbitrary code execution, and large‑scale attacks against AI agents and their users.
This article explains the fundamentals of JSON Web Tokens (JWT), compares token‑based authentication with traditional session authentication, outlines common security threats such as theft, replay and forgery, and provides practical mitigation measures including HTTPS, token encryption, secure storage, expiration policies, two‑factor authentication and safe token refresh mechanisms.
A crypto firm lost hundreds of thousands of USDT after a hard‑coded wallet address, allegedly inserted by an employee who blamed AI, prompting investigators to rule out AI misconduct and highlight human sabotage, while a separate ChatGPT‑generated code snippet secretly exfiltrated private keys, underscoring the emerging security risks of AI‑assisted programming.
The article explains why some companies prohibit IntelliJ IDEA, citing copyright risks, security vulnerabilities, efficiency losses from activation prompts, collaboration challenges, and the high cost of commercial licenses, while emphasizing the need to follow unified tool policies.
Bilibili Comics deploys a three‑layer protection system—stereoscopic tracing, crawler defense, and encrypted channels—that dramatically reduces illegal distribution, boosts creator engagement, and creates a healthier comic ecosystem through real‑time monitoring, automated takedowns, and secure CDN delivery.
This article explains the fundamentals of JSON Web Tokens (JWT), compares token‑based authentication with traditional session authentication, outlines common token security threats such as theft, replay, and forgery, and presents practical mitigation measures including HTTPS, encryption, secure storage, short expiration, MFA, and safe token refresh mechanisms.
This article provides a comprehensive comparison of free PC firewall solutions, detailing each software's core functions, suitable scenarios, drawbacks, and source references, followed by key recommendations, compatibility notes, performance assessments, and user feedback to help readers choose the most suitable firewall.
Oracle disclosed that attackers stole data from its legacy Cloud Classic servers, posted the breach on security forums, and claimed millions of records were compromised, while the company insists its Oracle Cloud Infrastructure was never breached, prompting widespread criticism and concern.
This article explains the risks of exposing sensitive PHP files, outlines common security threats, and provides concrete best‑practice measures such as proper permission settings, .htaccess rules, placing files outside the web root, configuration safeguards, and regular security audits to protect web applications.
Tscanplus is a comprehensive network security and operations platform that quickly discovers and identifies assets, builds an asset database, and offers features such as port scanning, service detection, URL fingerprinting, POC validation, weak‑password guessing, encoding tools, privilege‑escalation aids, and more, with usage screenshots and a GitHub download link.
Sonatype’s Q1 2025 Open‑Source Malware Index identified 17,954 malicious packages—including hijacked npm crypto modules, a fake Truffle for VS Code extension, and counterfeit Solana packages—revealing that 56% of these components are associated with data breaches, a sharp rise from the 26% reported in Q4 2024, and highlighting the growing prevalence of complex, threat‑laden malware such as droppers and code‑injection threats.
Oracle’s recent cloud security breach, allegedly exposing six million records from dozens of customers worldwide, has sparked FBI investigations, a class‑action lawsuit, and revelations about outdated middleware and evidence‑tampering, highlighting critical risks in cloud infrastructure and the need for stronger data protection.
The ISO/IEC JTC 1/SC 27 plenary meeting in Virginia approved the ISO/IEC 25330 Part 3 standard on Oblivious Transfer Extension, a cryptographic protocol standardized by Ant Group with contributions from Chinese researchers, aiming to improve OT efficiency and interoperability for secure multi‑party computation.
The article explains why data masking is essential for protecting sensitive information, then details three implementation methods—SQL, Java (with open‑source plugins), and the MyBatis‑Mate‑Sensitive‑Jackson ORM extension—comparing their principles, code examples, advantages, limitations, performance, suitable scenarios, and cost considerations.
This article explains how to use Python's built‑in zipfile module and the third‑party rarfile library to brute‑force and decrypt encrypted zip archives, handle Chinese filename encoding issues, and generate password permutations efficiently with itertools for flexible password lengths.
This article explains how to automatically detect and block accidental commits of sensitive data such as database passwords or API keys in a PHP project by integrating the captainhook/secrets library via Composer, covering installation, predefined suppliers, custom regex, whitelist usage, and the benefits of CI/CD integration.
The article examines the often‑ignored hidden vulnerabilities in cloud architectures—such as API flaws, misconfigurations, and third‑party service risks—illustrates real‑world incidents, explains why enterprises neglect these issues, and offers concrete measures to strengthen cloud security.
The article examines how cryptographic watermarking can secure AI‑generated content by embedding robust, undetectable, and unforgeable signatures, reviews existing methods such as SynthID and Video Seal, and discusses recent research using pseudo‑random codes, error‑correcting codes, and diffusion inversion to improve watermark resilience.
This comprehensive guide explains OpenSSL’s role in cryptography, covering symmetric and asymmetric encryption, hashing, key generation, certificate creation, and practical command‑line examples for encrypting files, managing keys, signing data, and configuring TLS servers, empowering readers to master secure communications.
Wuhan University appointed 29‑year‑old Zhao Mang as its youngest full professor, highlighting his award‑winning work on Ed25519 security proofs, post‑quantum FIDO2 analysis, automated AEAD protocol verification, and a vision to develop China‑origin cryptographic standards.
A 55‑year‑old programmer at Eaton embedded a malicious Java loop that monitors his Azure AD account and, once disabled after his layoff, triggers an endless thread creation that crashes servers, blocks thousands of employees, and leads to a costly legal case.
This article explains Apache Tika's core features, architecture, and multiple application scenarios, then provides a step‑by‑step guide to embed Tika in a Spring Boot project to extract file content, detect personal data such as ID numbers, credit cards and phone numbers using regular expressions, and protect against data leakage.
This article explains how prompt injection attacks exploit large language models by altering their behavior through crafted inputs, outlines the major harms and attack categories—including direct, indirect, multimodal, code, and jailbreak attacks—and presents a comprehensive three‑layer defense framework covering input‑side, output‑side, and system‑level protections.
Microsoft uncovered a malicious ad campaign that used pirated streaming sites and multi‑layer redirects to deliver GitHub‑hosted malware, while a separate Surfshark report revealed popular phone‑cleaning apps secretly sharing extensive user data with hundreds of third‑party partners.
This article explains symmetric and asymmetric encryption principles, digital signatures, HTTPS with certificate authorities, and demonstrates how to implement combined encryption, digital signing, and URL protection using Spring Cloud Gateway filters and Java code examples.
A recent case where a maintenance worker exploited device‑management flaws to steal confidential files for foreign spies highlights the need for heightened vigilance, strict self‑discipline, and prompt reporting, offering practical steps to safeguard against similar security breaches.
This article critiques the empty slogan “Security is our top priority,” explores the endless nature of security, its conflict with user experience, and offers practical risk‑assessment frameworks to help organizations find a realistic balance between safety and usability.
On February 8, 2025, the homepage of Wuhan Huike Zhichuang Technology Co., a state‑owned enterprise, was hijacked with a bold protest message about unpaid programmer wages, sparking legal analysis, public debate on labor rights, and concerns over information‑security vulnerabilities in Chinese state firms.
The article examines the growing threat of black‑market malicious websites, outlines a five‑part war‑themed framework for comprehensive opponent analysis, detection strategies across traffic, channel, content and relationship dimensions, and advanced detection models—including fingerprint, text, image, graph, and multimodal approaches—while highlighting the supporting operational and intelligence systems.
This article explains Apache Tika’s core features and architecture, outlines common use‑cases, and provides a step‑by‑step Spring Boot tutorial—including Maven/Gradle setup, a service that extracts text with Tika, regex‑based sensitive‑info detection, a REST controller, optional front‑end, testing instructions, expected output, and extension ideas.
This tutorial explains how to build a Python-based keylogger on Windows by importing win32 API DLLs with ctypes, registering low‑level keyboard hooks, defining hook procedures using WINFUNCTYPE, handling hook events, and properly installing and uninstalling the hook, complete with full source code.
A former Bilibili front‑end engineer inserted malicious code that displays a fake ban screen, deletes users' uploaded videos at high speed, and reveals how insider threats can turn a popular video platform into a security nightmare.
A former Bilibili engineer inserted malicious JavaScript into the platform's web frontend, causing some users to see a fake account‑ban notice, which exposed internal code‑review weaknesses and sparked widespread discussion about insider threats and web security.
This article explains data masking techniques—including static (SDM) and dynamic (DDM) methods—detailing how to protect sensitive fields like phone numbers and IDs through replacement, truncation, encryption, randomization, and other schemes, while preserving data utility for testing and analysis.
The article breaks down five technical defenses—database storage, transaction logs, double‑entry checks, account‑aging monitoring, and external reconciliation—that prevent anyone from arbitrarily changing a WeChat user's balance, illustrating why such tampering is practically impossible.
SSL/TLS certificates secure data between browsers and servers, but while one‑way authentication verifies only the server, mutual (two‑way) authentication also validates the client using personal authentication certificates, requiring additional keys and CA roots, making it ideal for high‑security enterprise environments.
This article presents a comprehensive visual guide to enterprise digital transformation, covering overall digital planning, application system architecture, data architecture, information security architecture, and digital organization and governance, illustrating each layer with detailed diagrams to aid strategic implementation.
In December 2024, Xiaohongshu’s information security team topped the Shanghai “Panshi Action” competition, earning top blue‑team honors and a zero‑loss defense record by leveraging real‑time traffic monitoring, big‑data analytics, rapid incident response, and successful attacker attribution.
This article examines the challenges of fuzzy searching encrypted data and presents three categories of solutions—naïve in‑memory decryption, conventional database‑level approaches, and advanced algorithmic methods—evaluating their implementation steps, security implications, and performance trade‑offs.
The Chaoyang District People's Court in Beijing found that a technology company illegally scraped the "congestion delay index" from a navigation map, used it for commercial purposes, and ordered it to stop the infringement and pay a total of 12.5 million yuan in damages, highlighting the legal protection of competitive data rights.
The article critiques hollow security‑first slogans, explores the endless nature of security, the tension between security and user experience, and offers practical risk‑scoring frameworks and phrasing advice for organizations seeking a realistic balance between protection and usability.
This article documents a step‑by‑step investigation of a compromised Linux server that exhibited 100% CPU usage, detailing process, network, and startup‑service analysis, the discovery of a cryptomining malware, and the complete removal procedure.
Ant Financial's MorseCrypto team secured first place in the 2024 Financial Cipher Cup second‑stage competition by delivering highly optimized SM2, SM3, and SM4 implementations on X86 and ARM platforms that achieve up to 4.3‑times faster verification while meeting strict security and memory constraints.
This article outlines ten essential best‑practice principles for implementing a Secure Development Lifecycle (SDL), covering top‑down leadership, alignment with existing management systems, visualizable processes, security goal classification, componentized security capabilities, supply‑chain management, service‑oriented SDL, DevSecOps toolchains, continuous optimization, and staff training.
This article reviews several high‑profile incidents where operations staff deleted or sabotaged critical databases, detailing the legal consequences, financial losses, and lessons for improving security and operational safeguards.
A recent advisory from China’s National Computer Virus Emergency Response Center reveals a new “Silver Fox” Trojan variant distributed via phishing pages and social‑media links, explains its infection process on Windows PCs, and outlines practical prevention steps for enterprises and individual users.
