This article examines common login vulnerabilities such as brute‑force attacks, CAPTCHA bypass, IP‑based lockouts, and man‑in‑the‑middle threats, and provides practical mitigation techniques—including password‑retry limits, CAPTCHA, SMS verification, HTTPS enforcement, and logging—to harden web authentication systems.
TLS handshake is the essential process that establishes encrypted communication between a client and server, involving a series of messages such as ClientHello, ServerHello, certificate exchange, key exchange, and verification steps that culminate in a shared secret for secure data transmission.
The article explains why Huorong antivirus may mistakenly delete the Windows Explorer process, provides step‑by‑step commands to restore explorer.exe and add it to the whitelist, and also includes a promotional book giveaway for readers.
Recent reports reveal that misconfigured Azure storage buckets and exposed GitHub keys leaked sensitive BMW and Mercedes data, highlighting how simple cloud configuration errors can lead to massive breaches and underscoring the need for strict security controls and best‑practice cloud management.
Single Sign-On (SSO) lets users log in once to access multiple trusted applications, and this article explains its necessity, core components like CAS Server, Client, and Service, the authentication flow, and common use cases in e‑commerce, enterprises, education, and finance.
Exposing your public IP address can invite DDoS floods, vulnerability scanning, privacy breaches, and targeted phishing or malware attacks, so you should protect it with firewalls, regular updates, secure VPN connections, and by avoiding public disclosure on social platforms.
The report released by the Chinese Academy of Social Sciences and Ant Group highlights how security technology, now a public good alongside AI, is essential for managing accelerating digital risks, outlines its four pillars, and proposes collaborative strategies to make security technology a universal, socially responsible foundation for the digital society.
This guide shows how to list and export all saved WiFi profiles on a Windows PC via the command prompt and a Python script, explains the use of the subprocess module for executing system commands, and includes notes on UTF‑8 handling and related code examples.
At the 21st GOPS Global Operations Conference in Shanghai, Shenwan Hongyuan Securities' application security lead Wang Biansi detailed a step‑by‑step 100‑day journey to create a DevSecOps sample room, covering goal setting, research, platform design, tool integration, and security training.
During his 2023 'Growth' speech, Lei Jun recalled his 1992 university paper on a computer virus detection expert system—once a pioneering AI approach published in *Computer Research and Development*—which resurfaced online after 30 years, sparking admiration for its forward‑thinking security insights.
The 2024 software development landscape will be driven by AI and machine‑learning integration, blockchain expansion, multi‑runtime microservices, heightened security, AR/VR adoption, sustainable coding, serverless, edge and quantum computing, as well as evolving programming languages and low‑code platforms.
At the 7th Cloud Security Alliance Greater China Conference, OPPO’s security chief outlined the challenges of global smart‑device compliance and shared a BSIMM‑based framework for building robust enterprise security systems that bridge legal, technical, and operational hurdles.
This article explains the principles of XSS attacks and demonstrates how to prevent them in PHP by using htmlspecialchars for output escaping, mysqli or PDO prepared statements for database queries, and the filter_var function with appropriate filters, providing clear code examples for each method.
This article explains why HTTPS is needed, defines the protocol, describes the four security properties—confidentiality, integrity, authentication, and non‑repudiation—covers symmetric and asymmetric encryption, hybrid encryption, hash functions, digital signatures, certificate authorities, and the trust chain that together protect web communications.
This guide explains how MSE Nacos integrates with Alibaba Cloud KMS to encrypt and protect sensitive configuration data, covering the security challenges, architecture, encryption/decryption workflows, recommended configuration items, step‑by‑step setup, and Java/Go SDK examples for cloud‑native applications.
China Postal Savings Bank’s software R&D center detailed how its Gold‑Metal Cloud Mall project passed the CAICT DevSecOps Level‑2 assessment, showcasing a comprehensive cultural, process and technical rollout that boosted security metrics, cross‑team collaboration, and positioned the bank at the forefront of digital transformation.
This article explains what ransomware is, outlines its main variants such as encryption‑based, lock‑screen and doxware ransomware, describes common infection vectors like brute‑force, phishing and exploit kits, and provides practical network‑ and host‑side defenses as well as response steps if an attack occurs.
Researchers demonstrate a $3,000 electromagnetic detector that can capture encryption keys and other sensitive data from computers that are not connected to any network, revealing a fast, non‑intrusive side‑channel attack that bypasses traditional security measures.
A high‑severity Bluetooth vulnerability (CVE‑2023‑45866) discovered by SkySafe researcher Marc Newlin allows attackers to bypass authentication, pair a fake keyboard, and execute code on Android, iOS, Linux, and macOS devices, with Google’s December Android security update already addressing the issue.
This article explains the principles of symmetric and asymmetric encryption, digital signatures, HTTPS with CA, and demonstrates how to generate RSA keys, handle symmetric keys, encrypt URLs with AES, and verify signatures using custom Spring Cloud Gateway filters, complete with Java code examples.
A careless screen‑sharing mistake by Nvidia engineer Mohammad Moniruzzaman revealed Valeo's confidential automotive source code, leading to a German court conviction, a hefty fine, and a lawsuit accusing Nvidia of profiting from stolen intellectual property.
The article details a recent LockBit ransomware attack on a bank’s US subsidiary, explains the malware’s intrusion, infection, and data‑exfiltration tactics, and outlines Huawei Cloud Host Security’s risk‑prevention, detection, and data‑recovery measures to defend against such threats.
This article details how XCMG Mining Machinery leveraged the DCMM framework to drive digital transformation, improve data governance, address data quality and security challenges, and establish a sustainable data-driven culture across the organization, highlighting the background, implementation steps, lessons learned, and future outlook.
This article explains the evolution, legal basis, supervising agencies, definitions, core standards, and implementation process of China’s cybersecurity grade protection system, including the transition to the 2.0 framework and the required filing, construction, assessment, and supervision steps.
This article outlines the red‑blue adversarial testing process for a big‑data platform during the Double‑Eleven promotion, detailing its purpose, benefits, step‑by‑step execution, common issues, and recommendations to improve system reliability and security.
The 2023 China Xinchuang industry report analyzes the sector's evolution, policy environment, market scale, value chain, cost structure, and investment opportunities across hardware, operating systems, middleware, databases, cloud computing, and information security, highlighting a projected market size of 8 trillion CNY by 2025.
This guide outlines a complete data security architecture, covering protection systems, design principles, overall framework concepts, management and technical systems, and operational processes, emphasizing holistic, lifecycle‑focused strategies rather than isolated security domains.
The whitepaper examines how exploding complexity in digitally transformed enterprises demands a native security paradigm and parallel security aspects that embed distributed, real‑time, and tool‑driven protection into system design, enabling high integration and low coupling between security and business functions.
The article outlines the composition and responsibilities of a security architecture team, detailing the roles of Security Architect, Information Security Architect, CISO, and Security Analyst, their required business and technical skills, risk management, threat modeling, and how they integrate with enterprise architecture.
This article explains the legal and strategic importance of data classification and grading in China, outlines the relevant regulations, describes the principles and processes for implementing classification, and offers practical steps for enterprises to secure data while meeting compliance and business needs.
Apache ActiveMQ versions prior to 5.18.3 are vulnerable to a deserialization flaw that allows remote code execution via crafted OpenWire messages on port 61616, affecting various activemq-client and activemq-openwire-legacy artifacts, and can be mitigated by upgrading to 5.15.16, 5.16.7, 5.17.6, 5.18.3 or later.
This article explains PHP's built‑in encryption functions—including OpenSSL encryption/decryption, hashing, and password handling—shows how to generate keys, encrypt and decrypt data, and provides best‑practice tips for securely protecting sensitive information in PHP applications.
The article describes how Ant Group and partners created an accessible online movie platform for visually impaired users in China, employing innovative privacy‑computing, blockchain, and terminal‑security technologies to enable secure, minimal‑disclosure identity verification and protect intellectual‑property rights.
This article explains the structure of JWT payloads, enumerates standard and custom claims, demonstrates how to generate tokens with expiration using Java code, and compares single‑token and double‑token renewal schemes—including Redis storage and WeChat OAuth2.0 examples—to help developers manage authentication securely.
This guide explains why CDNs hide a site's true IP, how to determine if a website uses a CDN, and outlines practical techniques—including DNS queries, online tools, sub‑domain analysis, email reverse lookup, and scanning scripts—to bypass the CDN and discover the real server address.
Despite modern privacy expectations, many companies in 2023 still monitor employees' chat records using root‑level management software and network interception, exposing personal WeChat conversations; this article explains the surveillance methods, real‑world examples, and practical steps employees can take to protect their privacy.
Data security governance, essential for modern enterprises, involves classifying and authorizing data, implementing scenario-based protections, and establishing comprehensive frameworks that address compliance, asset management, process control, and continuous improvement, guiding organizations through strategic planning, organizational structuring, policy creation, and ongoing operational monitoring.
A recent breach of Donald Trump Jr.'s X account exposed fake posts, highlighted ongoing security flaws on the platform, and underscored the broader challenges of protecting user data against sophisticated hacking attempts.
This article analyzes a ThinkPHP 6.0 deserialization exploit chain that leverages LeagueFlysystem's cached storage classes, detailing the sequence from __destruct to write, showing how controllable parameters enable arbitrary file writes and providing a proof‑of‑concept demonstration.
This article explains how containers work, outlines the challenges of detecting and fixing vulnerabilities throughout the software lifecycle, and presents practical strategies—including CI/CD pipeline, registry, runtime, and host scanning—plus key principles for building a robust container security program.
The 2023 Pujiang Innovation Forum highlighted the rapid rise of generative AI, its associated security and privacy risks, and presented Ant Group's multi‑stage, multi‑layered approach—including data, training, and inference controls and three core defense technologies—to achieve safe, reliable, and open knowledge sharing in the era of large language models.
Security researchers have identified four high‑severity buffer‑overflow vulnerabilities (CVE‑2023‑40031, CVE‑2023‑40036, CVE‑2023‑40164, CVE‑2023‑40166) in the popular open‑source editor Notepad++, disclosed after the developers failed to patch them before the release of version 8.5.6, urging users to apply mitigations.
This article details the design and development of a unified permission management service (MPS) that consolidates RBAC, ACL, and DAC models to solve fragmented enterprise permission issues, covering requirement analysis, technical selection, functional modules, deployment, and performance outcomes.
siusiu is a Docker‑based penetration testing toolbox that bundles more than 50 security utilities, offers an interactive console for listing, downloading, and running tools, supports non‑interactive mode, and can be installed via binary, Git, or Go with detailed usage commands.
This article examines why encrypted data hinders fuzzy queries and presents three categories of solutions—naïve, conventional, and advanced—detailing their implementations, performance trade‑offs, and security implications to help developers choose an appropriate approach.
siusiu is a Docker‑based penetration testing toolbox that bundles dozens of security utilities as Docker images, offering an easy‑to‑use console, multiple installation methods, and a rich command set for both interactive and scripted security assessments.
A recent UK study demonstrates that a deep‑learning model can analyze audio recordings of keystrokes—captured via microphones or video‑call platforms like Zoom—to infer typed characters with up to 95 % accuracy, highlighting a serious acoustic side‑channel threat to passwords and other sensitive information.
The paper "VILLAIN: Backdoor Attacks Against Vertical Split Learning" introduced at USENIX Security 2023 proposes a novel framework that enables label‑free attackers to infer data labels and inject backdoors into vertically partitioned federated learning models, highlighting new security challenges and defense considerations for collaborative AI systems.
This article examines the expanded scope, updated standards, and practical workflow of security risk assessment in today's regulatory environment, offering detailed guidance on assessment criteria, target objects, methodologies, organizational steps, and decision‑making for effective risk management.
This article explains why container security is critical, outlines common threats such as image vulnerabilities, runtime escapes, network isolation, compliance, and orphaned containers, and shows how DevSecOps practices and automation tools can protect the entire container lifecycle.
This guide explains three ways to generate SSL certificates using OpenSSL, including creating a private key, self‑signed certificate, and CSR‑based signing, and shows how to configure Nginx to enable HTTPS with the generated certificates.
Celebrating Wireshark's 25‑year journey, this article recounts its origin as Ethereal, the community‑driven growth, pivotal milestones, and the essential support structures that turned a simple open‑source packet analyzer into a cornerstone tool for network reliability, education, and security worldwide.
On July 25, Ant Group and Singapore's Nanyang Technological University announced a research partnership to advance Private Set Intersection (PSI) privacy‑computing technology using Ant's YinYu framework, aiming to improve secure machine‑learning and data‑analysis applications while aligning with regional data‑privacy initiatives.
This article explores how to systematically tackle complex security problems by defining system thinking, distinguishing simple from complex issues, and applying a comprehensive, deep, and dynamic approach illustrated with a data‑leakage case study and practical recommendations for future security strategy.
Kevin Mitnick, once dubbed the world’s most famous hacker and the first to be pursued by the FBI, transformed from a teenage social‑engineering prodigy into a celebrated information‑security consultant, author, and founder of Mitnick Security, leaving a lasting impact on computer security after his 2023 death.
Shenwan Hongyuan Securities showcased its advanced DevSecOps capabilities by passing the CAICT's DevSecOps security and risk management assessment and DevOps continuous delivery level‑3 evaluation, sharing detailed cultural, process, and technical practices that boost software security across the full lifecycle.
This article explains the BlackLotus UEFI bootkit (CVE‑2023‑24932), outlines Microsoft's three‑phase remediation strategy, details the KB5025885 and KB5028166/KB5028185 updates, provides a simplified registry command for manual activation, and warns of compatibility issues for legacy boot managers.
This guide introduces several popular internal network tunneling tools—including NPS/NPC, FRP, EW, and NGROK—explaining their core principles, key features, installation steps, configuration files, and practical usage scenarios such as RDP, SSH, web services, file sharing, and advanced options like encryption, compression, TLS, and bandwidth limiting.
This guide explains how to use tcpdump (and its predecessor ethereal) for capturing and analyzing network traffic, describes key command‑line options, and provides dozens of practical examples ranging from basic packet dumps to complex filtered captures and related networking utilities.
Anonymous Sudan alleges it has breached Microsoft’s servers and obtained a database containing over 30 million customer credentials, while Microsoft firmly denies any such breach, prompting widespread debate over the hacker group’s capabilities, motives, and the broader implications for information security.
A recent data breach at Renmin University's website exposed thousands of students' personal information, revealing that the hacker, a former graduate student with a strong academic record and industry experience, was arrested, highlighting serious privacy and information security concerns in China.
The June API security report highlights three critical vulnerabilities—MinIO unauthorized data exposure, Joomla Rest API unauthenticated access, and multiple Argo CD API flaws—detailing their impacts and providing concrete remediation steps to protect sensitive data and maintain system integrity.
This article explains how ICBC's software development center integrated DevSecOps practices—embedding security awareness, automating toolchains, and using metric‑driven assessments—to reduce vulnerabilities, lower compliance risk, and support a cloud‑native, secure smart‑banking ecosystem.
The forum highlighted the growing importance of DNS in cloud-era digital transformation, presented security challenges of cloud‑based DNS load balancing, and outlined research findings and future "DNS+" strategies to ensure stable, scalable, and secure internet naming services.
This article describes AutoHome's data security challenges in the big‑data era and explains how the self‑developed AutoProxy encryption middleware provides transparent, compliant data masking across legacy and new sensitive data, reducing cost, improving performance, and enabling automated masking workflows.
The article explains how ChatGPT's hallucinations can generate non‑existent package links that attackers register and weaponize, demonstrates the attack with a fake Node.js npm package, and offers practical steps to detect and prevent such supply‑chain threats.
Microsoft Edge's newly enabled image super‑resolution feature automatically enhances picture clarity but sends image URLs to Microsoft servers, prompting privacy concerns; the article explains the feature, its local processing claim, and provides step‑by‑step instructions to disable it in both stable and Canary builds.
This article explains what a Software Bill of Materials (SBOM) is, compares it with SLSA and Black Duck, outlines best practices for creating and maintaining SBOMs, and reviews popular tools for generating SBOMs to improve software supply chain security.
Microsoft’s May 2023 security update addressed 52 CVEs, including a critical Win32k privilege‑escalation flaw (CVE‑2023‑29336) exploited in the wild and a Visual Studio installer UI vulnerability (CVE‑2023‑28299), with researchers detailing the attack vectors, proof‑of‑concept exploits, and mitigation strategies.
The article outlines the composition of a security architecture team, detailing the roles of security architect, information security architect, chief information security officer, and security analyst, along with their business and technical skills, organizational relationships, and key responsibilities in managing enterprise security.
This comprehensive list chronicles the 70 biggest data breach incidents ever recorded, detailing dates, affected records, compromised data types, and the security failures that exposed personal information for companies ranging from social networks to financial institutions.
This article explains what browser sandboxes are, why they are crucial for web security, outlines their benefits, lists common sandboxed applications, describes various sandbox types, and provides practical guidance on using and disabling sandbox features in major browsers.
The article uses a CEO’s one‑hour flight lesson for ten staff as a metaphor to illustrate why hands‑on, relevant experience is essential for effective industrial control systems (ICS) cybersecurity training, and describes the structure and objectives of the SANS ICS612 course.
An online CSA seminar on May 30 examined ChatGPT’s security impact, presenting a whitepaper and four AI‑security interaction dimensions, while experts discussed telecom‑operator security‑GPT models, safe vertical‑domain large‑model training, and future industry implications.
This article explains how Ziroom implements a comprehensive data classification and grading system to meet the 2021 Data Security Law, improve risk management, optimize security resources, and boost user trust through automated tools, multi‑level categorization, and continuous manual verification.
This tutorial walks beginners through the entire process of compromising a WordPress website, from initial information gathering and DNS enumeration to vulnerability scanning, exploitation with tools like sqlmap and nmap, privilege escalation, and establishing persistent backdoors.
AI-powered deepfake technology is increasingly being exploited for sophisticated scams, as illustrated by a case where a company executive transferred 4.3 million yuan to a fraudster using a fabricated video call, prompting urgent warnings about the need for verification, emerging regulations, and the broader misuse of face‑swap tools.
The article analyzes why government data sharing often fails—citing legal, technical, security, and organizational hurdles—then outlines one‑to‑one and centralized sharing models, highlights four critical success factors, and proposes a “three‑rights” framework supported by blockchain to create trustworthy, sustainable inter‑departmental data exchange.
This tutorial walks through setting up an Ubuntu 16.04 vulnerable environment, gathering information, uploading a webshell via MySQL into outfile or log injection, establishing a reverse shell with Metasploit, and finally exploiting CVE‑2021‑4034 for kernel privilege escalation, while also covering post‑exploitation persistence techniques.
At the 6th Digital China Construction Summit in Fuzhou, Ant Group’s Song Zheng presented a comprehensive data security governance framework that integrates strategy, management, and technology, outlining four key characteristics—strategic positioning, combat‑driven implementation, full‑staff participation, and technological breakthrough—to guide industry practice.
The Vivo Internet Security Team demonstrates how to extend the Doop static analysis framework with custom Datalog rules to detect the Apache Commons Text CVE‑2022‑42889 remote code execution vulnerability by tracing taint from StringSubstitutor.replace to ScriptEngine.eval, producing source‑sink CSV reports and showcasing Doop’s extensibility for security research.
The article details Ant Group’s Ant Security Tianji Lab’s end‑to‑end biometric security testing framework, covering standards, automated 1.0‑2.0‑3.0 detection stages, fingerprint and face‑recognition attack materials, intelligent AI‑driven countermeasures, and a 24/7 robotic testing infrastructure.
An in‑depth comparison of Kali Linux and Parrot OS examines their origins, pre‑installed security tools, customization options, hardware requirements, user interfaces, and performance, helping security professionals and enthusiasts choose the most suitable Linux distribution for penetration testing and privacy‑focused work.
DRM safeguards digital content by authenticating users and encrypting streams, a necessity highlighted by iQIYI’s shift from free distribution to paid membership, prompting a dual‑layer architecture that combines hardware‑based Trusted Execution Environment protection with flexible software SDKs, continuously assessed and evolving to balance security, cost, and user experience.
This whitepaper outlines JD.com's practical zero‑trust security approach, detailing a five‑element framework that includes asset digitization, asset identity, diversified security checkpoints, a strategy center, and a zero‑trust cockpit, to help digital enterprises strengthen security, reduce costs, and meet regulatory requirements.
This article explains the principles and workflow of Single Sign‑On (SSO) and OAuth 2.0, compares their concepts, details implementation steps and grant types, and concludes with a promotional invitation to join a community offering related resources and discounts.
This article explains what a VPN is, how it works, its legal status across countries, common misconceptions about privacy, its role as a proxy, and tips for choosing a trustworthy VPN provider.
The article explains how to enable Kubernetes audit logging and use its detailed fields—such as userAgent, responseStatus, requestURI, and object references—to detect CDK‑generated attacks and other threats like CVE‑2022‑3172, privilege escalation, and backdoor deployment, offering practical detection examples and security recommendations.
This article explains how phishing exploits human psychology, outlines common phishing variants such as email, spear, whaling, business email compromise, smishing, vishing, social‑media, pharming and evil‑twin attacks, and provides practical measures to recognize and defend against them.
The article details China Postal Savings Bank's successful DevSecOps assessment at the 2023 GOPS Global Operations Conference, sharing the bank's project background, interview insights on culture, processes, and tooling, and outlining the benefits and future plans of adopting standardized DevSecOps practices.
In 2022, Ant Group and leading cybersecurity firms launched a five‑year funding program to support 1,200 students in open‑source security projects, linking academic research with real‑world industry needs and achieving high academic performance across the first reporting phase.
The article explains the nationwide "Huwang" cybersecurity red‑blue exercise, its purpose, rules, team roles, scheduling, and the lucrative daily earnings (1.5K‑3K ¥) for participants, while also showing how alumni can get internal referrals through the training institute.
This article explains how attackers can exploit Linux file timestamps using shell commands and a custom Bash script to hide their activities, covering tools like touch, stat, ls, and detailed script steps for saving, modifying, and restoring timestamps to evade forensic detection.
The article recounts real-world examples of hidden backdoors in software—from an Android ROM project and Ken Thompson’s compiler-level exploit—to discuss their legal ambiguity in China, highlight the challenges of detection, and conclude with a call for developers to share their own experiences, alongside a promotional Python course.
A recent bug in the open‑source redis‑py library caused ChatGPT to leak personal data of about 1.2 % of Plus users, allowing some users to see others' names, emails, and partial credit‑card details; OpenAI issued an apology, published a post‑mortem, and deployed a patch to fix the Redis Cluster async client issue.
Twitter filed a DMCA request to force GitHub to remove a repository exposing proprietary code, while also seeking a court order to identify the leaker, highlighting the security risks and legal complexities of source‑code leaks in the era of high‑profile tech acquisitions.
This article introduces ten open‑source cloud security solutions—including Wazuh, Osquery, GoAudit, Grapl, OSSEC, Suricata, Zeek, Panther, Kali Linux, and PacBot—explaining their key features, deployment options, and how they help enterprises protect SaaS, PaaS, and IaaS environments.
This article explains the concept, background, and definition of Single Sign‑On (SSO), outlines three SSO deployment types, introduces the Central Authentication Service (CAS) with detailed ticket mechanisms, and provides step‑by‑step SSO and Single Logout (SLO) processes for multiple applications.
Starting March 13, 2023, GitHub will enforce two‑factor authentication for all contributors, rolling out the requirement gradually based on activity and project impact, to strengthen the global software supply chain against account takeover attacks and align with broader cybersecurity policies.
The article outlines a large commercial bank’s understanding of data security, shares its comprehensive management practices—including governance, lifecycle protection, technical support, and industry collaboration—and presents a forward‑looking perspective on future challenges and enhancements in data security.
