During the Mid‑Autumn Festival I received a seemingly harmless mooncake email, suspected it was a phishing test, and then used a virtual machine, network‑capture tools, Shodan, and open‑source intelligence to trace the malicious link back to its source and exposed the underlying infrastructure.
In 2020, when Windows 7 support ended, a massive leak of Windows XP and Server 2003 source code surfaced online, sparking concerns about potential vulnerabilities and offering a rare research resource for security professionals.
A misconfigured ElasticSearch server owned by Microsoft leaked millions of Bing mobile app search queries, location data, device IDs and other details, exposing users worldwide to phishing, ransomware and even robbery risks, while Microsoft claims the breach affected only a small amount of non‑identifiable data.
A recent investigation revealed that an unsecured server containing more than 6.5 TB of user data from Bing’s iOS, iPadOS, and Android apps was exposed, allowing attackers to harvest nearly 100 million records and launch destructive “Meow” attacks that nearly wiped the Elasticsearch database.
A Shanghai court sentenced programmer He Mou to six years in prison for deliberately deleting all SaaS data of Weimeng, causing an eight‑day outage, over 300 million yuan in losses, and prompting a discussion on on‑premise versus cloud data protection strategies.
A massive breach exposed over 6.5 TB of Bing mobile app data—including search queries, location coordinates, device identifiers, and URLs—on an unsecured Elasticsearch server, putting iOS and Android users at risk of fraud, phishing, and physical threats, while highlighting common causes of such leaks.
This article introduces the fundamentals of cryptography, explaining what passwords are, the difference between encryption and decryption, classifications of cryptographic algorithms such as symmetric, asymmetric, hash functions, and message authentication, and illustrates concepts with examples like RC4 and block cipher modes.
The article recounts the 2020 “delete‑and‑run” incident where a disgruntled employee erased all data from the SaaS platform Weimeng, causing over 300 million users to lose access, a market‑value plunge of over HK$1 billion, and a six‑year prison sentence, while exposing critical flaws in data‑security practices and the risks of insufficient cloud adoption.
This guide explains what technical risk is, why it matters, and provides a step‑by‑step methodology for assessing, mitigating, and managing technology‑related risks—including lifecycle, compliance, and complexity considerations—to improve cost efficiency, agility, and security across the enterprise.
HTTPS combines HTTP with SSL/TLS to protect data through encryption, integrity checks, and authentication, using asymmetric keys during the handshake to negotiate symmetric encryption, digital signatures, certificates, and a secure session, ensuring safe client‑server communication.
Microsoft’s report reveals that Russian and Iranian state‑backed hacker groups have targeted candidates, campaign staff, and consulting firms involved in the 2020 U.S. presidential election, employing phishing and other tactics, but strong defenses have limited successful intrusions.
This article explains the fundamentals of the HTTP protocol, illustrates its vulnerability to man‑in‑the‑middle attacks, and details how HTTPS—through SSL/TLS, asymmetric key exchange, and a trusted CA certificate hierarchy—secures communications by encrypting data and preventing interception and tampering.
Even without network connectivity, mobile payment apps like WeChat and Alipay can complete transactions using offline payment codes; this article explains the two common QR payment methods, the online and offline code schemes, the underlying OTP and HMAC‑SHA1 algorithms, and their security trade‑offs.
The article explains that GitHub’s user agreement and the Apache Software Foundation’s policies include U.S. export‑control clauses, but legal experts clarify that publicly available open‑source code without encryption is generally exempt from EAR restrictions, while enterprises may still need licenses for certain uses.
Storing passwords in plaintext is insecure; instead, use cryptographic hash functions with proper salting, avoid simple encryption like AES, understand rainbow table attacks, and adopt modern password‑hash algorithms such as Argon2, Bcrypt or Scrypt to protect user credentials against modern threats.
After the US announced its “Clean Network” initiative, concerns arose about whether America could block national top‑level domains by controlling the 13 DNS root servers; this article explains DNS fundamentals, the role of root mirrors, historical shutdowns, and how China mitigates such risks.
In 2020, Chinese authorities uncovered and busted a nationwide network selling illegal League of Legends cheat software, arresting 21 suspects across 14 provinces, exposing the developers, sales tactics, massive profits, and the legal ramifications under criminal law.
After gathering reconnaissance data in a penetration test, this article reviews seven popular web vulnerability scanners, outlining their core capabilities, typical usage scenarios, and visual screenshots to help security professionals choose the right tool for detecting SQL injection, XSS, file inclusion, and other common web flaws.
This article outlines twelve essential cybersecurity best practices for 2019, covering biometric security, tiered policies, risk‑based approaches, data backup, IoT protection, multi‑factor authentication, password management, least‑privilege principles, privileged‑user monitoring, third‑party access control, phishing defense, and employee awareness to safeguard sensitive data.
This article reviews major 2020 data breach incidents worldwide, shows how to check if your accounts appear on the dark web using HaveIBeenPwned, and offers practical advice on password reuse and recommended password‑manager tools to protect your online identities.
The article explains how the widespread use of third‑party open‑source components creates a large, often overlooked attack surface, describes the fragmented nature of vulnerability information, and reviews a variety of tools that help organizations detect and manage security risks in their software dependencies.
A compromised CentOS server was frozen by Alibaba Cloud after malicious outbound traffic; the investigation uncovered a disguised gpg‑agentd process, malicious cron jobs downloading remote scripts, a Redis exploit that injected SSH keys, and mass‑scan tools, illustrating a sophisticated multi‑stage malware infection.
This article explains the core RBAC0 model and its extensions (RBAC1, RBAC2, RBAC3), discusses user groups, organizations and positions, and outlines manual and approval-based authorization workflows along with a sample database schema for implementing role‑based access control in complex systems.
On August 6, a Swiss engineer uploaded roughly 20 GB of Intel’s internal firmware source code and confidential documents to a public file‑sharing site, prompting Intel to investigate the breach, deny a backdoor, and attribute the leak to a privileged user of its Resource and Design Center.
The article explains how e‑commerce fraud such as fake order brushing can be modeled as a bipartite transaction network and tackled with the Fraudar algorithm, which iteratively removes low‑suspicion nodes using a global suspiciousness metric and priority‑tree structures to uncover dense suspicious sub‑graphs.
The article lists major 2020 data‑breach incidents worldwide, explains how to use HaveIBeenPwned to discover whether your credentials have been exposed, and offers practical advice on password hygiene and reliable password‑manager tools to protect your online accounts.
This report examines the rise of cloud security, defining its scope, tracing its evolution from traditional information security, analyzing market dynamics, investment and M&A activity, and evaluating the strategies of cloud providers, specialist vendors, traditional security firms, and large IT companies in the rapidly growing sector.
A recent investigation uncovered a 1.2 TB leak containing personal data of up to 20 million users from seven VPN services that claim to keep no logs, revealing email addresses, passwords, IPs, device details, and connection logs, and prompting urgent security recommendations.
Application security principles are language‑agnostic design and implementation guidelines that help reduce the likelihood and impact of threats, providing a systematic way to make secure decisions, derive requirements, and identify potential defects in software systems.
This guide walks you through installing OpenResty—a high‑performance Nginx/Lua web platform—on CentOS, adding a ready‑made Lua WAF module, configuring its various security rules (IP blacklist/whitelist, CC protection, URL, User‑Agent, GET/POST filters), and troubleshooting common issues.
Cloud security is emerging as a critical field, driven by rapid cloud adoption, evolving infrastructure, and increasing threats, with major vendors, startups, and traditional security firms competing through innovative SaaS solutions, partnerships, and acquisitions, while market forecasts predict substantial growth in the coming years.
This article explores Alibaba's Data Experience Technology team's comprehensive architecture for SQL editors, BI platforms, data visualization, low‑code solutions, heterogeneous rendering, and data security, highlighting design principles, performance optimizations, and future directions across the data lifecycle.
This article explains why HTTP is insecure, demonstrates a plain‑text attack using Wireshark, and then details the encryption types, certificate issuance, digital signatures, and the combined asymmetric‑symmetric handshake that make HTTPS a secure protocol for web communication.
The article examines how personal grievances have led to tragic events—from a bus driver’s fatal crash to destructive IT incidents—highlighting the need for psychological care, robust security policies, and a DevSecOps mindset to prevent such revenge‑driven catastrophes.
This article explains in plain language what HTTPS is, how it encrypts data using symmetric and asymmetric techniques, how it verifies server identity with digital signatures and certificates, and why these mechanisms keep web communications safe from eavesdropping and tampering.
The article examines the controversy sparked by Google’s VP withdrawing from Black Hat USA 2020 and the push for neutral terminology in cybersecurity, exploring historical origins, community reactions, and recent industry changes toward inclusive language.
The article introduces kk-anti-reptile, a Spring Boot‑based anti‑crawler component that uses servlet filters, Redis, and configurable rule chains (IP and User‑Agent), explains its workflow, shows Maven and property configurations, and provides front‑end Axios interception code for handling 509 responses.
A Cloud Access Security Broker (CASB) sits between cloud service consumers and providers to enforce security, compliance, and governance policies, offering visibility, data protection, threat detection, and control over shadow IT, with various deployment modes and integration options for modern cloud environments.
The article explains how constant‑time string comparison functions work, shows Java and Scala implementations, and demonstrates why such techniques are essential to thwart timing attacks in cryptographic and authentication scenarios.
This article explains why HTTPS is essential, compares symmetric and asymmetric encryption, illustrates how encryption keys are securely exchanged, and outlines the three core reasons HTTPS reliably protects data from eavesdropping and man‑in‑the‑middle attacks.
The article details the high‑severity CVE‑2020‑1948 remote code execution flaw in Apache Dubbo, describing its background, risk rating, affected versions, remediation steps, asset‑mapping data, and a timeline of disclosures to help users protect their Java RPC services.
This guide explains why Zabbix data transmission in mixed‑cloud environments requires encryption, describes the TLS/PSK and certificate‑based security options supported since Zabbix 3.0, outlines their limitations, lists compatible encryption libraries, and provides step‑by‑step configuration commands for both GnuTLS and OpenSSL.
This tutorial explains how to recognize and eliminate dead code and flower‑instruction obfuscation techniques in JavaScript, walks through using Obfuscator.io to generate heavily mixed code, and demonstrates step‑by‑step static analysis to strip away useless statements, ultimately restoring the original concise logic.
Information governance is a program that ensures enterprise data accuracy, completeness, consistency, accessibility, and security by establishing business‑driven roles such as a data governance committee, data stewards, and data custodians, and by defining key responsibilities, processes, and metrics for data quality, privacy, and compliance.
This article presents a comprehensive collection of 100 essential networking concepts, covering topics such as links, OSI model layers, backbone, LAN, routers, subnet masks, VPN, NAT, TCP/IP, security measures, cabling, topologies, protocols, and many other foundational terms that every network professional should know.
This article explains why standardized log parsing is crucial for security analytics, outlines key parsing concepts, compares pre‑ and post‑parsing approaches, discusses flexible custom parsing methods, and offers practical guidance to improve accuracy and efficiency in large‑scale security environments.
The article compiles 2020 industry data, revealing programmer salary averages, Alibaba Cloud's second‑place global security rating, DB‑Engines database popularity, IDC's cloud services market growth, Baidu's accelerated cloud center construction, a dip in global Ethernet switch revenue, and China Mobile's massive data‑center investment.
The article explains why data security governance is essential for rapidly growing businesses, outlines technical goals across the data lifecycle, describes data classification and labeling methods, and details approval processes, network security zones, and management controls to protect data throughout its lifecycle.
The article examines why web content needs protection, explains common server‑side header checks, describes client‑side JavaScript fingerprinting and headless‑browser detection methods, and outlines practical anti‑crawling measures such as CAPTCHAs and robots.txt, highlighting the ongoing cat‑and‑mouse game between crawlers and defenders.
This article provides a comprehensive, step‑by‑step tutorial for hardening a CentOS 7.7 server, covering complex password creation, password‑policy configuration, PAM strength settings, login‑attempt limits, disabling root SSH access, changing the SSH port, tightening security‑group rules, command‑history limits, log monitoring, and regular data backup procedures.
This article outlines ten essential steps to strengthen JumpServer security, including upgrading the operating system and JumpServer software, updating dependencies, avoiding weak passwords, enabling OS security components, minimizing open ports, securing public access, configuring SSL, enforcing strong passwords, and enabling multi‑factor authentication.
This article explains practical API security techniques for protecting data exchange with third‑party systems, covering token generation and storage, timestamp validation to mitigate DoS attacks, MD5‑based request signing with nonce, preventing duplicate submissions using Redis, and illustrates the concepts with comprehensive Java code examples.
This article explains common API security mechanisms such as token, timestamp, signature, and anti‑replay techniques, demonstrates how to prevent duplicate submissions, and provides complete Java Spring Boot code examples including interceptors, Redis configuration, and utility classes for secure API design.
This article explains the concepts of secure boot and trusted boot, discusses their limitations on general-purpose devices, and compares the application workflows and security properties of Intel SGX and ARM TrustZone, highlighting practical usage scenarios such as DRM-protected media.
This article examines Meituan's custom rule engine Zeus, detailing the security challenges of a massive multi‑service platform, the architectural decisions made to decouple risk logic, the implementation of reusable factors and rule groups, and the ongoing push toward automated, intelligent risk mitigation.
This article explores the limitations of traditional web vulnerability scanners and manual testing, proposes a proxy‑based architecture that captures real user requests for centralized analysis, demonstrates a demo implementation using Burp and custom scanners, and reflects on the design's strengths and remaining challenges.
The article reviews the growing importance of data privacy in machine learning, explains privacy concepts and attack vectors, and details anonymization methods such as k‑anonymity, l‑diversity, t‑closeness, as well as differential privacy techniques and their practical applications.
The article explains the rise of Pandownload as a third‑party Baidu Cloud download tool, its technical basis on Aria2, massive user base and modest profits, the police raid that led to the developer's arrest, and the broader legal and security implications for similar software.
This article explores the layered redundancy of financial data centers, explaining hot and cold backups, multi‑site architectures, power supply safeguards, fire‑suppression systems, and why simply attacking a single component is unlikely to cripple services like Alipay.
The article explains the recent Weibo data breach, describing how attackers used credential‑stuffing (撞库), data leakage (漏水), database dumping (拖库) and data laundering (洗库) to obtain millions of user records, the technical steps involved, and the security implications for both users and platforms.
A Chinese court case reveals how a reverse‑engineered, unauthorized WeChat client for feature phones spread illegal ads, compromised encrypted communications, and led to criminal charges for providing tools to infiltrate computer systems, highlighting serious information‑security risks and the legal consequences of software piracy.
In March 2020, Apple devices displayed security warnings because the HTTPS certificate for appleimap.163.com had expired due to NetEase Mail’s failure to renew it, highlighting how overlooked certificate management can disrupt services and underscoring the need for automated monitoring tools in large organizations.
This article explains why HTTPS was created to address HTTP’s lack of encryption, authentication, and integrity, describes how TLS/SSL adds security, details the roles of symmetric and asymmetric encryption, hash algorithms, digital certificates, and the full handshake process that secures modern web communication.
A former Baidu operations engineer illegally mined Bitcoin and Monero using 155 of the company's search servers, earning about 100,000 CNY before being caught, fined, and sentenced to three years in prison, highlighting severe risks of abusing corporate computing resources.
A Baidu operations engineer illegally mined cryptocurrency on more than 150 company servers in 2018, netting over 100,000 RMB, was caught, sentenced to three years in prison and a fine, and the case now serves as a stark reminder of insider threats and the need for strict access controls in IT operations.
This article provides a step‑by‑step technical guide to the AES encryption and decryption algorithm, covering state matrix construction, key expansion, round operations, final round differences, and practical Node.js code examples for handling padding and common implementation pitfalls.
This article explains why enterprises need information security, outlines the core security requirements such as data protection and business continuity, and presents a phased ISO 27001‑based roadmap—including short‑term, medium‑term goals, management policies, network segmentation, third‑party compliance, and budgeting—to establish a comprehensive security architecture.
This article analyzes the high‑severity Apache Tomcat AJP file‑inclusion vulnerability (CVE‑2020‑1938), detailing affected versions, the underlying code flaw, how attackers can read arbitrary files and achieve remote code execution, and provides concrete upgrade recommendations to mitigate the risk.
This article explains why data security is vital for businesses, outlines common technical, process and human threats, and provides actionable cloud‑based measures—including backup strategies, snapshot usage, permission management, data classification, and encryption—to protect enterprise data throughout its lifecycle.
Yazan’s SaaS platform maintains 99.99% uptime through robust IaaS infrastructure, dedicated DBA and network teams, while defending against DDoS attacks and data breaches with ISO‑27001 and CSA C*STAR‑aligned security controls, employing multi‑cloud real‑time and cold backups and offering compensation for outage‑related business impacts.
The article analyzes the recent Weimeng database deletion incident, explains why recovery took 36 hours, and provides practical guidance on backup practices, minimal‑privilege management, and cloud‑based disaster recovery to prevent similar data loss in small and large organizations.
A malicious insider deleted Weimob's primary and backup databases, prompting a slow recovery effort and highlighting the critical need for stricter permission controls and reliable backup mechanisms to prevent similar incidents.
This guide walks through installing Drozer, configuring port forwarding, connecting the console, and using a variety of commands to enumerate packages, activities, content providers, services, and broadcast receivers on Android devices, while also addressing common errors and demonstrating vulnerability scans such as SQL injection and directory traversal.
In June 2018, a disgruntled former technical director of a Zhejiang company used retained Alibaba Cloud credentials to delete database indexes and tables, crippling a SaaS platform for over five hours, causing millions in losses, and was later convicted of destroying computer information systems with a suspended sentence.
This guide outlines key remote collaboration tools, highlights the advantages and challenges of working from home, and offers practical advice on communication, security, and trust to maintain high productivity during and after the COVID‑19 pandemic.
This guide shows how to use Python's scapy library to send ARP broadcast packets, collect MAC addresses of devices on a hotel Wi‑Fi network, query their manufacturers, and identify potential hidden cameras, providing a practical method for ensuring hotel security.
The article outlines ten major 2020 cybersecurity forecasts—including surging ransomware, sophisticated phishing, faster threat detection, expanding attack surfaces, emerging IoT security laws, stricter GDPR enforcement, OT security challenges, and the rise of managed security services—to help organizations prepare for the evolving threat landscape.
In a fiercely competitive internet era, technical professionals must continuously learn across fields such as information security, Python, cloud computing, big data, AI, software testing, IoT, and internet marketing to become the highly sought‑after talent that companies urgently need.
Through a narrative of a college student and her mother whose chat is intercepted and altered by a hacker, the article illustrates why plain HTTP is vulnerable, explains the principles of symmetric and asymmetric encryption, TLS/SSL, and how certificates and hybrid encryption secure modern communications.
A recent ElasticSearch breach exposed 2.7 billion email addresses, one‑billion plain‑text passwords and hundreds of thousands of birth‑certificate copies, highlighting persistent security gaps in cloud‑based search services despite growing corporate safeguards.
The article analyzes the sharp decline of the antivirus software market, citing reduced search interest, Microsoft’s free built‑in Defender, high development costs, shifting user habits toward mobile devices, and offers guidance on when third‑party protection may still be needed.
This article explains the legal boundaries of web crawling in China, covering recent cybersecurity regulations, what makes a crawler illegal or legal, common developer questions, and practical advice to avoid personal‑data violations and criminal liability.
This article reconstructs the design of HTTPS step by step, explaining why both symmetric and asymmetric encryption are required, how key negotiation works, the role of digital certificates and certificate authorities, and the underlying security concepts that protect client‑server communication.
The article examines how Alipay’s financial data would survive a physical destruction of its servers by explaining multi‑site data center architectures, hot and cold backups, power redundancy, fire‑suppression systems, and the role of partner banks in data recovery, highlighting the extensive resilience measures in modern financial infrastructures.
This article reconstructs the design of HTTPS by starting from a simple secure chat, explaining why symmetric encryption alone cannot secure web traffic, introducing asymmetric encryption for key exchange, detailing how digital certificates and certificate authorities solve public‑key distribution, and summarizing the TLS handshake process.
The article explains why and when to scan product code for vulnerabilities, describes static source‑code and binary scanning methods, introduces deep code‑search techniques, outlines the system architecture and incremental indexing pipeline, and shows how these practices can substantially raise overall product quality.
This case study details Capital One’s evolution from a regional credit‑card unit to a data‑centric financial giant, highlighting its vision, data‑driven product strategy, big‑data analytics, AI‑powered customer service, cloud migration to AWS, and the DevOpsSec practices that enabled rapid, secure, and scalable innovation across banking, automotive finance, and digital services.
The article explains how Alipay’s financial system uses multi‑site, multi‑center architectures, hot‑standby, active‑active, and cold‑backup strategies, along with stringent A‑class data‑center standards, to ensure that even catastrophic physical attacks cannot erase users' money.
This comprehensive guide walks operations engineers through Linux security hardening—covering account and login protection, service minimization, password and key authentication, proper use of su/sudo, banner trimming, remote access safeguards, file system security, rootkit detection tools, and step‑by‑step post‑attack response—to build resilient servers against modern threats.
This article explains the principles of single sign‑on and compares several practical implementations—including shared session via Redis, OpenID‑based authentication, cookie‑based OpenID storage, and cross‑domain JSONP techniques—while also discussing their limitations and security considerations.
The popular Windows file‑search tool Everything includes an HTTP server that, when left unsecured, lets anyone who knows your IP and port browse and download every file on your computer, exposing personal data that can even be indexed by search engines, but simple configuration changes can close the leak.
A recently disclosed Linux kernel vulnerability (CVE‑2019‑17666) in the Realtek RTLWIFI driver allows remote code execution via specially crafted Wi‑Fi Direct frames, affecting devices with Realtek chips and requiring no user interaction, with a fix pending kernel integration.
Leah Neukirchen uncovered historic Unix passwords, cracked many using John the Ripper and hashcat, and after months of effort Nigel Williams finally revealed Ken Thompson’s long‑uncracked password, which turns out to be a clever chess‑notation hint.
This article outlines twelve essential cybersecurity practices for 2019, covering biometric authentication, tiered security policies, risk‑based approaches, regular backups, IoT security, multi‑factor authentication, password management, least‑privilege principles, privileged‑user monitoring, third‑party access control, phishing awareness, and employee training.
Tencent led the creation of the world’s first zero‑trust security standard at the ITU‑T SG17 meeting, detailing the concept, its industry impact, and real‑world deployments across sectors such as government, healthcare, transportation, and finance.
At the 2019 World Artificial Intelligence Conference, the Ministry of Science and Technology announced ten national AI open‑innovation platforms, selecting 360 to lead the security‑brain platform, highlighting its role in AI‑driven cybersecurity, big‑data analytics, cloud and blockchain technologies.
The article presents a graph‑based anomaly detection architecture that tackles black‑market resource switching by constructing complex user‑traffic networks, mining graph similarities, and applying multi‑dimensional strategies to achieve high‑accuracy detection while meeting timeliness, performance, and interpretability requirements.
The 7th Internet Security Conference in Beijing gathered international experts to discuss the merging of cyberspace and physical space, the heightened impact of 5G and industrial IoT on cyber attacks, and collaborative strategies among China, Israel, Russia, and Singapore to build a comprehensive security ecosystem.
In a Sanya digital summit speech, Zhou Hongyi warned that cyber warfare has become a major national‑level threat, outlined four key shifts in enterprise security, and described 360's big‑data security brain and future plans to build a nation‑wide defensive ecosystem.
This article describes Qunar's comprehensive data security framework, covering data classification, warehouse access control, permission compliance, encryption, leakage detection, and the supporting institutional policies that together enable a small security team to protect large‑scale business data.
