Facial recognition technology, now common in payments, transport and law enforcement, often captures more than just the face, uploading full‑camera images to back‑ends where human reviewers may see users in vulnerable situations, raising serious privacy and security concerns.
This article explains the principles of Single Sign‑On using OAuth2.0, illustrates the flow with a real‑world analogy, and provides a complete SpringBoot implementation for both the authorization server and client, including role‑based permission control and microservice integration.
This article explains a complete CAS-based single sign‑on solution, covering traditional session mechanisms, the CAS architecture, implementation of single sign‑on, session renewal, single logout, and practical extensions for multi‑system integration to ensure secure and seamless user experiences across enterprise applications.
This article shares practical experiences from building a zero‑to‑one information security management system for enterprises, outlining common security challenges, the role of such systems in risk governance, and detailed implementation approaches including security policies, penalty mechanisms, and management operations to achieve closed‑loop risk mitigation.
This article explains how attackers discover vulnerable internet‑connected cameras by using searchable databases like ZoomEye and Shodan, as well as by scanning IP ranges for common camera ports, and highlights the ethical considerations of such techniques.
This article chronicles the evolution of Ruixing antivirus from its 1990s founding and dominant market share of up to 80% to its recent shift toward enterprise security, highlighting key industry competition, pricing changes, and user experience issues such as ads, performance slowdown, and uninstall difficulty.
The article examines how increasing privacy regulations—especially after iOS 14—challenge personalized advertising by focusing on the technical core of user identification, the risks of cross‑domain data sharing, and a range of mitigation strategies such as fingerprint protection, third‑party cookie blocking, and privacy‑preserving attribution frameworks like PCM, SKAdNetwork, AEM, and FLoC.
Recent high‑profile ransomware attacks on US critical infrastructure have prompted President Biden to call President Putin, urging Russia to curb ransomware groups like REvil and DarkSide, while both nations discuss cybersecurity negotiations and potential retaliatory actions.
In this talk, Alibaba Cloud security leader Xiao Li shares two decades of network security experience, explains how cloud‑native technologies reshape protection from external add‑ons to built‑in, on‑demand immune systems, and outlines trends like zero‑trust, hardware‑rooted trust, and automatic remediation.
This article explains how to use Python's built‑in zipfile module and the third‑party rarfile library to extract encrypted archives, handle Chinese filename encoding issues, and implement a brute‑force password search with itertools for arbitrary password lengths.
Tencent Cloud Object Storage Content Security offers a comprehensive, multi‑modal moderation solution—leveraging YouTu Lab’s advanced image, video, audio and text analysis—to automatically detect and handle prohibited material across hundreds of violation types, providing one‑click task initiation, configurable callbacks, and visual tracking for platforms such as social media, online education, e‑commerce, and gaming.
This guide compiles 100 practical cybersecurity tips across ten key areas—including password hygiene, virus protection, safe browsing, online transactions, email handling, host computer safeguards, office environment practices, mobile device security, wireless network defenses, and sensitive data protection—to help readers build a more secure digital environment.
The article documents a step‑by‑step security investigation of a QQ phishing site, detailing its fake login page, POST endpoint, Python‑based credential flooding, network reconnaissance, port scanning, vulnerability scanning, and discovery of the backend control panel, while discussing the challenges of XSS and brute‑force attacks.
The article explains how WeChat users can detect when they have been removed as friends, describes Tencent's recent patent for a single‑way friend detection feature, shows the proposed UI workflow, discusses user reactions, and warns against unsafe third‑party tools.
The article reports Linus Torvalds’ harsh response to anti‑vaccine comments, recent global website outages, Tim Berners‑Lee’s NFT auction of the web’s source code, the discovery of a Windows Server container‑escaping malware, rapid growth in China’s industrial cloud market, forecasts for the global telecom cloud market, Microsoft’s upcoming Windows 10 end‑of‑support, Google’s custom video‑processing hardware for YouTube, and a massive Volkswagen customer data leak.
A recent Chinese court case reveals that a university graduate used a custom web‑crawler to harvest more than 1.18 billion Taobao user records, which were then sold to a partner who ran fraudulent WeChat groups, leading to both perpetrators’ conviction for violating personal information protection laws.
Huorong’s threat intelligence team discovered that the Qike PDF Converter carries a malicious proxy module that silently spreads via download‑site installers, hijacks system processes, persists as a startup service, and can turn infected machines into high‑CPU‑usage botnets, prompting immediate security updates.
This article presents Xu Ming, head of risk control at Jimu, sharing comprehensive insights and practical experiences on combating black‑gray market fraud within the Jimu app, covering the platform’s risk points, common challenges, overall anti‑fraud strategy, detailed operational tactics, and reflective thoughts on future improvements.
The article explains the PHP function mcrypt_module_open, detailing its purpose of opening encryption algorithm and mode modules, describing each of its four parameters, default directory behaviors, and the return value indicating success with a resource or failure with FALSE.
The article recounts a high‑profile Chinese case where a former developer, after a salary dispute, exploited server vulnerabilities to delete critical user data and application files, leading to massive user impact, a court trial, and an eleven‑month prison sentence under computer‑information‑system sabotage laws.
The PHP function mcrypt_enc_get_key_size returns the maximum key length, in bytes, that the currently opened encryption mode can support, taking a resource descriptor as its sole parameter and providing developers with essential information for handling encryption keys securely.
The mcrypt_enc_get_block_size function in PHP returns the block size, in bytes, of the encryption algorithm associated with a given encryption descriptor resource, providing essential information for handling block cipher operations and ensuring correct data padding during encryption and decryption processes.
A wave of malicious PyPI packages named after popular movies and TV shows, many containing spam keywords and stolen code, exposed supply‑chain risks and prompted urgent cleanup by maintainers, highlighting the need for developers to verify packages before use.
The PHP function mcrypt_enc_get_algorithms_name($td) returns the name of the encryption algorithm associated with the given encryption descriptor, providing developers with a string that identifies the algorithm currently in use for cryptographic operations.
The PHP mcrypt_decrypt() function decrypts data using a specified cipher, key, mode, and optional initialization vector, returning the plaintext string or FALSE on failure, with detailed parameter descriptions and usage notes.
This article outlines Meituan's journey in data governance, detailing the challenges of data quality, cost, security, standardization and efficiency, and presenting a three‑stage roadmap—passive, proactive, and automated governance—along with concrete technical and organizational solutions.
This article explains the PHP mcrypt_cbc() function, detailing its two prototypes for different libmcrypt versions, the full parameter list—including optional IV—and the mode constants MCRYPT_ENCRYPT and MCRYPT_DECRYPT used for CBC‑mode cryptographic operations.
This article explains the fundamental concepts of HTTPS, covering TLS/SSL algorithms, the roles of symmetric and asymmetric encryption, digital signatures, certificate authorities, the TLS 1.2 handshake process, and why HTTPS is preferred over HTTP despite deployment challenges.
This article details the design, implementation, and evaluation of a multi‑layer anti‑fraud system for 58.com’s marketing activities, covering data and feature engineering, unsupervised and supervised models, graph‑based community detection, and semi‑supervised graph neural networks, with empirical results demonstrating their effectiveness.
This guide walks you through installing the ngx_http_geoip2 module, upgrading Nginx, downloading the GeoLite2 database, configuring Nginx to detect foreign IPs, and applying rules that return a 404 response for non‑Chinese visitors, complete with command‑line examples and verification steps.
This article examines the growing security concerns of container images, presents alarming vulnerability statistics, explains why image scanning should be placed before image push in the CI/CD pipeline, and outlines practical best‑practice recommendations such as using lightweight base images, non‑root users, secret management, minimal packages, Dockerfile linting, and avoiding unmaintained images.
This article explains the business background of 58.com, the security challenges it faces, the design of its AI‑driven risk‑control architecture, and detailed practices for perceiving and handling unknown risks using big‑data, machine‑learning and anomaly‑detection techniques.
This guide shows how to install PHP‑Casbin, configure an RBAC model, initialize an enforcer with a MySQL adapter, add roles and permissions, and verify access decisions for different users using concrete code examples.
The article commemorates Dan Kaminsky, the renowned information‑security researcher who uncovered the critical DNS vulnerability in 2008, outlines his career, explains the impact of his discovery and coordinated patch, and dispels rumors surrounding his death.
A controversial university paper on covertly injecting vulnerabilities into open‑source software sparked a chain of malicious Linux kernel patches, provoked a fierce response from maintainer Greg Kroah‑Hartman, and forced the University of Minnesota to suspend the research amid heated community debate.
This article explains what data masking (also called data de‑identification) is, why it is essential for protecting personal data in sectors like finance and healthcare, and details static and dynamic masking methods along with common techniques such as truncation, randomization, replacement, encryption, averaging and offsetting.
This article reports a high‑severity WeChat PC zero‑day, a Chinese engineer’s M1‑chip memory and storage upgrade, Slackware 15.0 Beta release, Google Project Zero’s extended disclosure windows, and the debut of the world’s first officially certified semi‑cyborg, highlighting major tech security and innovation news.
The article presents a comprehensive anti‑fraud framework that analyzes black‑market fraud characteristics, reviews conventional fraud‑mitigation methods, and proposes a multimodal graph‑neural‑network approach—leveraging device, behavior, and content similarity—to accurately identify fraudulent users on large‑scale internet platforms.
This article explains the fundamentals of encryption by walking through a relatable story, defining keys, comparing symmetric and asymmetric methods, illustrating key‑exchange techniques such as paint‑mixing, multiplication tricks, Diffie‑Hellman, AES block processing, and the RSA algorithm with step‑by‑step calculations.
The 2021 report from the China Electronic Information Industry Development Research Institute outlines ten major technology trends—including diversified chip design, MEMS‑based sensors, cloud‑edge collaboration, intelligent networking, evolving display technologies, AI algorithm and compute advances, open‑source software, ARM‑centric ecosystems, heightened information security, and autonomous‑controllable hardware—shaping the future of the information sector.
An in‑depth walkthrough demonstrates how to identify, analyze, and attack a QQ phishing website—revealing its URL, POST parameters, using Python to flood it with fake credentials, performing WHOIS, ping, nmap, and w3af scans, uncovering backend details, and discussing mitigation strategies.
This article explains the Zero Trust security model, its advantages over traditional perimeter defenses, core technologies such as SDP, IAM, and micro‑segmentation, implementation principles, essential components, real‑world deployment scenarios, future trends, and Tencent's practical contributions to the industry.
A former Baidu advertising platform engineer illegally altered media‑review data using CURL commands and scripts, enabling 735 fraudulent sites to pass audits and generating over 3.7 million yuan in ad revenue, ultimately resulting in a conviction for destroying computer information systems.
A 1992‑born Baidu developer abused his system privileges, wrote scripts and used CURL commands to illegally approve hundreds of media sites—including gambling portals—through the company's ad‑network audit, resulting in a loss of 3.74 million yuan and a one‑year‑nine‑month prison sentence.
Security researchers dissect the counterfeit “Le Bao” app that mimics WeChat, revealing its covert QR‑code group‑joining, custom decoding, member‑paid porn livestreams, embedded payment methods, server infrastructure, and illicit profit models, highlighting its high concealment and the need for aggressive mitigation.
A former Facebook engineer, newly hired as CTO of the social platform Gab, introduced a simple SQL injection vulnerability by removing critical reject and filter calls, allowing hackers to steal 70 GB of user data, demand a $500,000 Bitcoin ransom, and expose the company's lax security practices.
This report provides a comprehensive technical analysis of the malicious "Le Bao" app that masquerades as a WeChat‑like chat tool, detailing its sample characteristics, hidden QR‑code group joining mechanism, payment flow, server‑side tracing, and profit model, highlighting its covert distribution of pornographic content and associated illicit activities.
This case study describes how the Luffy platform was built from scratch to replace cumbersome Excel workflows with a minimalist, component‑driven design that visualizes data securely, improves team collaboration, and accelerates product iteration for operations and product teams.
This article reviews nine major data breach incidents—from Clearview AI to Yahoo—detailing their scope, compromised data types, and impact, and emphasizes the importance of robust security practices for developers to prevent such losses.
This article explains what server‑side request forgery (SSRF) is, describes its impact, common attack vectors such as targeting the server itself or internal services, outlines bypass techniques for blacklist and whitelist filters, and discusses blind SSRF detection using out‑of‑band methods.
Amid escalating China‑India border tensions, coordinated Chinese hacking groups launched cyber attacks on Indian critical infrastructure, compromising power generation and transmission systems, while retaliatory Indian state‑sponsored actors also deployed spear‑phishing campaigns against Chinese military and government entities.
This article introduces the business background and security challenges of 58.com, explains the three‑layer intelligent risk‑control architecture built on big‑data and AI, and details practical methods for perceiving and detecting unknown risks using techniques such as PU learning, Prophet, and HotSpot.
The security architecture team consists of security architects, information security architects, chief information security officers, and security analysts, each with distinct business and technical responsibilities, risk‑management and threat‑modeling skills, and a collaborative relationship with enterprise architecture to ensure secure, compliant solutions.
The article explains why the rare password “ji32k7au4a83” appears in breach data, traces its origin to the Chinese Zhuyin phonetic system, presents statistics on common passwords, and offers expert advice on crafting secure, long, and varied passwords.
In the era of big data, Meituan-Dianping implements a comprehensive security management system—including organizational safeguards, deep defense architecture, encryption, and data desensitization—to meet regulatory demands and protect billions of users' privacy and information security.
This article outlines comprehensive Docker security best practices covering infrastructure hardening, image trust and scanning, and access/authentication controls to help organizations safeguard containerized applications in cloud‑native environments.
The 2020 NordPass survey reveals that simple numeric passwords like "123456" remain the most common weak passwords, highlighting new risky entries and offering practical advice for creating stronger, more secure credentials.
The article examines how a seemingly random string ‘ji32k7au4a83’ appears 141 times in the Have I Been Pwned password database, explains its origin in the Chinese Zhuyin phonetic system, and offers practical guidelines for creating stronger passwords to avoid common security pitfalls.
This guide explains how to configure ClamAV on Linux, run the clamdscan command to detect malicious files, and invoke the scanner from PHP using the exec function, including sample configuration and output details.
The article explains the design and implementation of a token‑based authentication system for micro‑services, covering terminology, business background, OAuth2 password‑grant flow, JWT usage, security advantages, functional modules, technical choices, detailed authentication workflow, and API design.
An infected Linux server shows high CPU usage but standard tools miss the culprit; this guide explains how mining malware hides its process via /proc tricks, demonstrates detection using network scans, unhide tools, and offers removal steps to eradicate the hidden miner.
The article explains how a seemingly random password "ji32k7au4a83" appeared in millions of data breaches because it encodes the Chinese phrase "my password" in Zhuyin, highlights the prevalence of weak passwords like "123456", and offers practical advice for creating stronger, more secure passwords.
The article explains why the seemingly random password “ji32k7au4a83” appears in breach data, traces its origin to the Chinese Zhuyin phonetic system, and provides practical recommendations for creating strong, hard‑to‑guess passwords.
This article explains the concept, purpose, design principles, functional modules, authentication methods, deployment options, and open‑source implementations of bastion hosts, highlighting how they centralize control, audit, and protect privileged access to servers and network devices.
A former database administrator at Lianjia was convicted of deliberately deleting 9 TB of financial data, leading to a seven‑year prison sentence after forensic evidence linked his root‑access actions to the breach, highlighting the severe legal consequences of insider data sabotage.
This article explains how CC (Challenge Collapsar) attacks and their slow‑request variants overwhelm web services, describes the underlying botnet concepts, shows practical attack commands with tools like slowhttptest, and outlines multiple mitigation strategies such as rate limiting, IP hiding, high‑protection IP services, and static page optimization.
This article explains the concept of password salting, its security benefits, and provides a complete Java implementation using MD5, including salt generation, hashing with and without salt, storing salt within the hash, and verification procedures for registration and login.
The article exposes how the promise of big‑data convenience masks rampant privacy violations—from celebrity photo leaks and app data sales to weak legal penalties—illustrating that ordinary users’ personal information has become a cheap commodity with little protection.
A recent SolarWinds breach gave hackers read‑only access to Microsoft’s internal source‑code repositories, prompting the company to stress that no production systems or user data were compromised while highlighting broader security implications for the software industry.
A disgruntled programmer, denied a promised bonus, altered Huawei Cloud's OBS service code, causing a platform-wide crash, a court conviction for destroying a computer information system, and prompting a broader discussion on why developers repeatedly risk severe legal and professional consequences despite low penalties and harsh work conditions.
This talk outlines 58.com’s risk control evolution, detailing the platform’s four development stages, the challenges of fraud, fake traffic, and content abuse, and how architecture, algorithms, and operational strategies have been refined to achieve high‑throughput, intelligent auditing.
iQiyi Security Incident Response Center Vulnerability Handling Policy version 3.0 outlines scope, principles, reporting process, severity scoring, reward system, user levels, dispute resolution, and prohibitions, emphasizing dedicated handling, point-based rewards, and strict rules for disclosures and malicious activity.
This article outlines the development stages, architectural evolution, and practical challenges of 58.com’s risk‑control platform, describing how the system progressed from manual review to configurable automation, multi‑scene governance, and intelligent expert‑driven auditing to protect billions of daily transactions.
This article provides a comprehensive overview of Cross‑Site Scripting (XSS), covering its definition, impact, underlying mechanisms, classification, common injection vectors, defensive strategies, practical Q&A, and a curated list of reference resources for developers and security professionals.
This guide explains Apache Ranger’s role as a centralized security framework for Hadoop, detailing its core features, architecture, workflow, policy creation, auditing, field‑level masking, row‑level filtering, and how to automate policy management via its REST API and Java code.
Data masking, also known as data desensitization, transforms sensitive information such as phone numbers and ID numbers using static and dynamic methods—including truncation, randomization, replacement, encryption, and averaging—to prevent privacy breaches while preserving data utility for testing, analysis, and production environments.
This article explains the fundamentals of federated learning and secure multi‑party computation, compares their security and performance trade‑offs, discusses the differences between Google’s cross‑device FL and China’s cross‑silo FL, and presents Alibaba’s recent advances and practical solutions for privacy‑preserving collaborative modeling.
The article explains how ransomware gangs steal MySQL databases, automate ransom‑payment portals on the dark web, auction unsold data, and accept Bitcoin, revealing the scale of over 85,000 databases for sale at roughly $500‑$550 each.
The article explains that disaster recovery for information systems relies on redundancy across hardware, energy, and data, classifies natural, human, and technical disasters, defines critical metrics such as RTO and RPO, and outlines the technologies, architectures, and maturity levels needed to ensure business continuity.
This article explains how the so‑called “wool party” (羊毛党) operates in marketing environments, detailing common interface‑layer attacks, business‑layer (UI) attacks, the tools they use such as card‑issuing and SMS‑receiving platforms, and the defensive measures employed by intelligent risk‑control systems.
This article explains the concept of "薅羊毛" (exploiting online promotions), presents several real police‑investigated cases—including massive membership recharges, coupon abuse, and game‑reward scams—and warns readers about the legal risks of using illegal methods to obtain freebies.
In February 2020, a core operations engineer at Micro-Alliance maliciously deleted the company's production databases, causing over ten billion yuan in market loss, massive user disruption, and a six‑year prison sentence, while highlighting broader industry risks and the need for stronger security controls.
This introductory text explores the evolution of cryptography from ancient symbols to modern quantum and DNA‑based codes, highlighting its pivotal role in politics, warfare, and society while emphasizing the need for universal understanding of encryption and decryption across all fields.
This article explores the prevalence of weak passwords, introduces fundamental concepts of cryptography, explains symmetric encryption algorithms and their key distribution challenges, and demonstrates the Diffie‑Hellman key‑exchange process with a concrete example and a Python implementation of primitive‑root calculation.
A recent NordPass analysis of the 200 most common passwords in 2020 shows why simple strings like "123456" dominate, how millions of accounts are exposed, and offers practical advice on creating stronger, unique passwords to protect against breaches and phishing attacks.
A Chinese programmer, angry over an unpaid bonus, altered Huawei Cloud OBS storage code, crippling a consumer platform for hours, leading to a conviction for destroying a computer information system and sparking a broader discussion on developer respect and security safeguards.
A NordPass analysis of 275 million passwords uncovered the 2020 top‑200 most used passwords, highlighting why simple strings like “123456” are easily cracked and offering practical advice—including length, complexity, and unique generation techniques—to help users create far stronger, unbreakable passwords.
This article demonstrates how to use Python's os and shutil modules to enumerate system drives, list directory trees, delete files and folders, copy a script to the startup folder, and finally trigger a forced shutdown, illustrating a simple educational hacking tool.
An in‑depth guide explains what a bastion host is, its 4A design (authentication, authorization, account, audit), core functions, common deployment models, authentication methods, and both commercial and open‑source options, highlighting how it centralizes control, enhances security, and streamlines operational compliance.
The article describes how Bitcoin‑based ransomware such as WannaRen encrypts victims' files, the large‑scale attacks on Chinese enterprises and institutions, the police investigations that led to the arrest of the mastermind Ju Mou and his accomplices, and practical advice for preventing such threats.
The report investigates the malicious “Le Bao” application that mimics WeChat, detailing its hidden QR‑code group‑joining mechanism, server‑side communication, payment and gambling integration, and the broader illicit promotion and profit model, while providing forensic traces, source‑code decoding, and mitigation recommendations.
This article explains how to employ Burp Suite to conduct comprehensive penetration testing on the ZhiXin mobile app, covering setup, proxy configuration, detection of sensitive data leaks, privilege escalation, XSS, and SQL injection vulnerabilities, and provides remediation recommendations.
This article explains practical methods for detecting account security threats—such as blacklisted, expired, or abnormal login behaviors—by analyzing Linux and Windows login logs, defining detection rules, and leveraging automated tools to generate timely alerts and reduce security risks.
This report analyzes the malicious “LeBao” application that masquerades as a WeChat‑like chat tool, detailing its covert QR‑code group entry, custom decoding, member‑paid porn livestreams, payment fraud, server tracing, and recommended mitigation measures to curb its illicit operations.
A sudden P1 incident reset all user passwords, and after a thorough investigation the team discovered that a security‑scanning tool’s weak‑password check repeatedly hit login attempts, triggering a bug that caused the outage, highlighting the critical need for proper incident response and security engineering.
This article explains why HTTPS has become essential for web security, compares it with HTTP, describes the weaknesses of plain HTTP and hashing algorithms, and details how symmetric and asymmetric encryption together with TLS/SSL certificates secure data transmission over the Internet.
This article explains the concept of open platforms, the evolution of OAuth 2.0, its core token‑based authorization mechanism, real‑world analogies, and the step‑by‑step Authorization Code grant flow that lets third‑party apps securely access protected resources.
This article provides a comprehensive overview of Cross‑Site Scripting (XSS), explaining its definition, dangers, underlying mechanisms, classification into stored, reflected, and DOM‑based types, common injection vectors, and practical defense strategies, while also addressing common questions and resources for further learning.
A Beijing Internet Court case ruled that Baidu must pay nominal damages after failing to remove a user’s ID photo, uploaded to a defunct alumni site, which the search engine indexed and displayed at the top of results, highlighting legal responsibilities for personal data handling.
This article explains the technical principles behind offline payment codes used by Alipay and WeChat, covering common payment modes, online and offline code schemes, OTP generation, cryptographic algorithms, their advantages, drawbacks, and practical implementation details.
