This article explains the challenges of traditional key management, compares local and server‑side encryption approaches, and introduces a secure multi‑party computation (MPC) key management system that distributes key fragments across multiple servers to prevent key exposure even if some nodes are compromised.
The article examines how recent U.S. sanctions have led GitHub to restrict private repositories and access for developers in regions such as Crimea and Iran, detailing specific limitations, personal accounts affected, community workarounds, and the broader implications for open‑source collaboration.
This article explains the fundamentals of Public Key Infrastructure, the differences between symmetric and asymmetric encryption, how digital signatures and certificates ensure data integrity and authenticity, and illustrates the SSH protocol’s secure authentication mechanisms, providing a comprehensive overview of modern information security techniques.
This article explains why open‑source components constitute a major attack surface, outlines the fragmented nature of vulnerability information, debunks the myth that open‑source code is inherently safer, and reviews a range of tools—both open‑source and commercial—that help organizations detect and manage security risks in software dependencies.
The article explains how attackers can exploit file upload functionality by uploading malicious files, crafted filenames, SVG payloads, or symlinks to achieve remote code execution, data theft, or server denial‑of‑service, and provides practical defense measures such as whitelist validation, content‑type checks, and upload rate limiting.
This article provides a comprehensive overview of data backup and replication technologies, covering file‑level and block‑level backup, remote copy methods, snapshot mechanisms, CoFW vs RoFW approaches, backup destinations, data paths, and strategies such as full, incremental, and differential backups.
The 2019 Beijing Software and Information Service Industry Development Report reveals that the sector’s scale exceeded one trillion yuan, with double‑digit growth in cloud computing, big data, AI and cybersecurity, while talent, investment, and regional collaboration propelled the city to a leading national position.
After a grueling 30‑hour showdown in Shanghai, the 2019 Tencent Information Security Competition crowned r3kapig as international champion with Balsn and Tea Deliverers trailing, while Fudan’s Whitzard seized the New Star title and a DEF CON berth, highlighting Chinese dominance, cutting‑edge cloud/IoT challenges, live commentary, and Tencent’s role in cultivating cybersecurity talent across universities.
This article details a multi‑stage, file‑less attack that leveraged weak SQL Server credentials, Transact‑SQL stored procedures, and WMI to download and execute a downloader (cabs.exe) which fetched multiple botnet components, and explains the forensic steps and remediation measures taken to eradicate the threat.
A recent $100k research effort demonstrated a prefix collision attack on SHA-1, proving that attackers can forge signed documents and TLS certificates, and highlighting why the cryptographic community must retire SHA-1 in favor of stronger hash algorithms.
The 58 Group Technical Salon on April 23, 2019 presented a comprehensive overview of account system design, risk control, gateway authentication, multi‑active data synchronization, overseas account handling, cloud account platform capabilities, and security strategies, offering practical insights for building robust and secure user authentication infrastructures.
This article introduces the fundamentals of web crawlers, typical crawling methods, and a comprehensive set of anti‑crawling strategies—including IP control, browser and device simulation, CAPTCHA cracking, and traffic analysis—while detailing the architecture and capabilities of the 58 anti‑crawling platform.
A former DJI software engineer uploaded proprietary agricultural drone code to a public GitHub repository, leading to a criminal conviction for commercial‑secret theft, a six‑month prison term, a fine, and a detailed look at the legal penalties and security implications of such leaks.
This article walks through Spring Security OAuth's core classes, explaining how the TokenEndpoint processes /oauth/token requests, validates client details, builds TokenRequests, delegates to TokenGranters, and ultimately generates and returns an OAuth2 access token.
GandCrab V5.2, a Bitcoin‑based ransomware first seen in 2018, has recently surged across Brazil, the US, India, Indonesia, Pakistan and especially China, using spam‑email delivery, web‑inject attacks and known vulnerabilities, while remaining largely uncrackable and prompting security teams to recommend strict email hygiene, patching, and anti‑malware measures.
This article explains how to create an open platform using OAuth2.0 authorization code flow, configure Spring Cloud dependencies, set up the authorization and security servers, test the endpoints, and customize the login and confirmation pages, providing complete code examples and diagrams.
The article examines Tencent's legal push to force ByteDance's Duoshan app to stop using users' WeChat/QQ avatars and nicknames, detailing the data‑sharing dispute, the PR tactics that spiked Duoshan's DAU, and the provisional court injunction that halted the practice.
Alibaba Cloud DNS senior engineer Guo Chuan, the sole Chinese participant selected for the ICANN64 Talent Program, delivered a keynote on DNS practice, highlighted stability and security challenges, discussed DoH/DoT, DNSSEC, IoT impacts, and emphasized collaborative governance for a resilient global internet infrastructure.
This article explains the fundamentals of secure multi‑party computation, walks through oblivious transfer and garbled circuits, and introduces a novel publicly verifiable covert (PVC) model that offers near‑half‑honest performance with strong cheating deterrence, highlighting its practical impact on data privacy.
After his father's PC was infected by the GANDCRAB ransomware, the author recounts the alarming symptoms, explains how ransomware works, explores the role of the dark web and DASH cryptocurrency in ransom demands, and shares practical backup methods—from simple USB copies to the 3‑2‑1 principle—to protect personal data.
This guide walks through creating a simple PHP backdoor, using Python pty for interactive shells, compiling and exploiting local binaries, sniffing network traffic with arpsniffer and linsniffer, and applying various Linux privilege‑escalation techniques to obtain root access.
The article explains what threat intelligence is, classifies it into strategic, tactical, and operational categories, illustrates its critical role in modern cyber‑warfare and e‑commerce defense, and discusses the challenges of timeliness, accuracy, and sharing within the security ecosystem.
This article reviews recent Elasticsearch data breaches and presents practical security strategies—including network isolation, non‑root operation, custom ports, and free Search Guard authentication—to help engineers safeguard their search clusters against common attacks.
This article details a multi‑stage server compromise that injected gambling pages, planted hidden accounts, deployed crypto‑mining software, and opened unnecessary ports, providing step‑by‑step forensic analysis, code inspection, emergency response actions, and indicators of compromise.
This talk outlines Alibaba’s massive global host infrastructure, the evolving security governance from manual controls to data‑driven, automated systems, the challenges of compliance and operational efficiency, and future directions such as zero‑trust and invisible security.
This article presents a comprehensive collection of network security mind maps covering introductory concepts, scanning and defense techniques, monitoring, password cracking, deception attacks, denial-of-service, buffer overflow, web, trojan, virus threats, and future trends, guiding learners through a structured technical roadmap.
This article explains how the Hunter system integrates automated web vulnerability scanning—including black‑box testing, browser‑extension traffic capture, and distributed analysis engines—into CI/CD workflows to detect security risks early, improve efficiency, and reduce manual effort.
Alibaba’s Xianyu platform uses a multi‑signal device fingerprinting system, UMID, to uniquely identify users across Android and iOS devices, storing the data in sharded MySQL, HiStore OLAP, and Tair caches, enabling precise ad bidding, conversion tracking, and scalable user‑growth strategies.
Ant Financial’s internal red‑blue technical attack‑defense program, driven by a dedicated blue team and SRE‑based red team, continuously probes system weaknesses, refines fault‑injection tools like Awatch, and evolves high‑availability and self‑healing mechanisms to strengthen risk control and operational reliability.
On December 14, Tencent's security intelligence team uncovered a “DriverLife” Trojan that exploited the high‑severity EternalBlue vulnerability to propagate like a worm, infecting up to 100,000 users within two hours, and detailed its infection chain, malicious payloads, and mitigation recommendations.
Designing a relatively secure account system requires integrating strong multi-factor authentication, fine-grained authorization models like RBAC or ABAC, and continuous real-time and offline auditing to mitigate breaches, while recognizing that absolute security is impossible and ongoing vigilance is essential.
This article explains why database injection remains a critical security threat, illustrates how attackers exploit vulnerable web applications using manual techniques and automated tools such as sqlmap, and provides comprehensive defensive measures spanning secure coding, database hardening, web‑server configuration, WAF deployment, and log‑analysis to protect sensitive data.
JD Security’s Silicon Valley AI security scientist unveiled a novel container‑based sandbox at BlackHat Europe, detailing how contextual behavior analysis can detect and trace malicious code by leveraging lightweight containers, improving threat detection speed and accuracy for enterprise defenses.
This guide outlines practical techniques—ranging from analyzing debug‑mode error pages and hidden CSRF tokens to inspecting admin static files and third‑party module footprints—to reliably fingerprint Django‑based web applications during black‑box security assessments.
The draft "Internet Personal Information Security Protection Guideline" issued by China's Ministry of Public Security outlines comprehensive management mechanisms, technical safeguards, and business processes to help internet enterprises protect personal data throughout its lifecycle, and invites public feedback via the national security platform.
This article explains how the open‑source Keytap project captures short audio snippets from a microphone to reconstruct typed characters, outlines its four‑step process of data collection, model building, keystroke detection, and character identification, and compares it with related acoustic eavesdropping research.
This article explains data protection concepts—including file‑level and block‑level backup, remote file copy and remote volume imaging, snapshot mechanisms such as CoFW and RoFW, and clone technologies—while discussing their advantages, drawbacks, and practical backup architectures.
This article explains what HTTPS is, why it is needed, how TLS handshakes secure communication using asymmetric and symmetric encryption, the role of digital certificates and trust chains, methods of certificate revocation, and how to choose appropriate cipher suites for optimal security and performance.
Dr.Web’s recent report reveals Linux.BtcMine.174, a sophisticated 1000‑line shell‑script trojan that exploits Dirty COW or CVE‑2013‑2094 for root access, disables dozens of antivirus processes, mines cryptocurrency, and spreads via SSH‑collected hosts, with its components’ SHA‑1 hashes published on GitHub.
In a 2018 Beijing police operation, a former operations supervisor illegally raised his system permissions, downloaded three proprietary project source codes from a tech company, and sold them for nearly eight million yuan, leading to the arrest of two suspects after extensive digital forensic investigation.
This article introduces the most frequently used encryption techniques in frontend development—including Base64 encoding, hash functions, salting, slow hash algorithms, key‑hashing, XOR, symmetric and asymmetric encryption, digital signatures, and practical CryptoJS usage—explaining their principles, appropriate scenarios, and providing ready‑to‑use code examples.
This article introduces Wireshark as a cross‑platform packet capture tool, explains its installation and basic UI, details capture and display filter syntax with examples, and demonstrates how to decrypt and analyze HTTPS traffic by importing SSL key logs.
A Ukrainian journalist revealed that the armed forces' Dnipro system used default passwords like "admin" and "123456", allowing anyone to access critical network devices and potentially map and infiltrate the entire military network, highlighting severe information‑security risks.
The article explains Zhuanzhuan's risk‑control architecture, detailing content and behavior cheating types, three anti‑cheat approaches—strategy, product, and model—and practical interception, rule‑penalty mechanisms, and integration tips for developers and security engineers.
The ISC 2018 conference highlighted the growing importance of big data and artificial intelligence security, presenting JD's research on anti‑scraping techniques, AI‑driven defenses against black‑market attacks, and a service‑oriented approach to protecting user data across enterprises.
Operations security, the intersection of IT operations and security, has become critical as high‑profile vulnerabilities like Struts2, OpenSSL Heartbleed, and massive DDoS attacks expose the costly ROI of ops‑related flaws; this article defines the field, explains its importance, lists common bad practices, typical vulnerabilities, and real‑world case studies.
A recent dark‑web sale revealed that over 500 million records from dozens of Huazhu hotel brands—including personal IDs, booking details, and login credentials—were compromised, prompting urgent security advice and highlighting the growing risks of large‑scale data breaches.
This guide walks through creating a PHP backdoor, leveraging Python pty for interactive shells, compiling and using arpsniffer and linsniffer, performing network sniffing with tcpdump, applying various Linux privilege‑escalation exploits, and establishing persistent root access on vulnerable systems.
This article introduces web crawlers, classifies them by technology and intent, presents statistics on crawler traffic across industries and regions, and analyzes the various harms they cause, laying the groundwork for future discussions on anti‑crawling strategies.
This article chronicles the three‑generation evolution of Zhihu’s anti‑cheat platform Wukong, detailing its business context, spam taxonomy, multi‑layered control methods, architectural redesigns, strategy language improvements, graph‑based risk analysis, and the continuous integration of big‑data and machine‑learning techniques to combat content and behavior spam.
This article shares a step‑by‑step learning path for aspiring security researchers, emphasizing solid knowledge, hands‑on practice, experience accumulation, essential tools, and effective use of platforms like Shodan and ZoomEye to build real‑world testing scenarios.
This article explains the fundamentals of HTTPS by clarifying key terms such as HTTP, SSL/TLS, and encryption, describing how HTTP works over TCP, the differences between symmetric and asymmetric cryptography, and the core security requirements of confidentiality, integrity, authenticity, and performance.
In early June, AcFun announced a massive hack that leaked nearly ten million user records, including IDs, nicknames and encrypted passwords, urging users—especially those who haven’t logged in since July 2017 or use weak passwords—to change them immediately, while noting that the data is already being sold on the dark web.
The article analyzes the escalating DDoS attacks targeting the Chinese game industry, outlines typical risk scenarios based on game type, lifecycle, and latency requirements, and presents a multi‑layered protection framework that balances cost, performance, and security for game developers and publishers.
An in‑depth overview explains how blockchain, homomorphic encryption, zero‑knowledge proofs, group and ring signatures, and differential privacy collectively secure data flow, enabling trusted sharing while preserving ownership and privacy across providers, consumers, and algorithm services.
The article outlines a comprehensive, layered data‑security lifecycle—from secure traffic and authentication through encrypted storage, role‑based access, audit logging, and safe production‑to‑test data handling—emphasizing privacy‑compliant practices, anti‑scraping measures, secure deletion, and incremental ROI‑driven adoption for enterprises.
The article outlines how to build a credit‑based content management platform by describing the evolution of security practices, defining user‑generated, professional‑generated, and occupational content models, proposing a credit‑audit workflow with risk assessment, and presenting AI‑driven text classification and anti‑cheat methods to balance traffic, quality, and trust.
The article reports on DEFCON China 2018 held in Beijing, describing the conference’s significance, keynotes by Jeff Moss, diverse security topics ranging from mobile and system security to deep‑learning workshops, detailed accounts of specific talks on account hijacking and decentralized networks, and the cultural aspects such as badge colors and puzzles.
This article explains the fundamentals of cryptography, covering symmetric and asymmetric encryption, key distribution challenges and solutions, digital signatures, certificates, and practical applications such as SSH login, HTTPS handshakes, and API authentication, providing clear examples and code snippets.
This article outlines Suning's evolution from a basic network operations unit to a sophisticated, multi‑layered security architecture that integrates organizational structure, protection platforms, risk management, big‑data threat perception, and continuous improvement to safeguard e‑commerce operations.
This article walks through a reconstructed design process of HTTPS, explaining why secure web communication requires both symmetric encryption for data transfer and asymmetric encryption plus digital certificates for key exchange and authentication, while demystifying each component with clear diagrams.
Researchers at the International Computer Science Institute found that 57% of the 5,855 most popular free Android children’s apps likely breach COPPA by using third‑party SDKs to track personal data, prompting Google to say it is taking the report seriously and is investigating the findings.
This article walks through a step‑by‑step reconstruction of HTTPS design, showing why secure communication requires per‑client symmetric keys negotiated via asymmetric encryption, digital certificates from trusted CAs, and how signatures and random numbers protect against man‑in‑the‑middle attacks.
The Tencent Cloud GAME-TECH Salon in Beijing on April 13 will examine DDoS attack trends, showcase the new Aegis high‑defense solution, and provide game developers with multi‑scenario risk analysis, optimal defense strategies, and real‑world case studies to strengthen operational security and cost‑effective protection.
This guide explains how to watch iQiyi VIP videos for free by using the XFSub parsing service, capturing network traffic with Fiddler to locate the hidden video URL, and automating the process with Python to download the video files.
This article explains what HTTPS is, why encrypting HTTP traffic is essential, how symmetric and asymmetric encryption protect data, the role of certificates and public‑key infrastructure, and the performance impact of the HTTPS handshake, providing a concise Q&A guide for beginners.
The Facebook‑Cambridge Analytica scandal exposed the illicit harvesting of 50 million users' data, political manipulation allegations, multiple investigations, a sharp stock plunge, executive resignations, and heightened global scrutiny of data‑privacy practices.
An Android SDK project's shift from HTTPS to RSA‑encrypted HTTP prompts a deep dive into AES encryption, tracing its historical roots from early ciphers through DES and Triple‑DES, culminating in the Rijndael design, while illustrating core cryptographic concepts of confusion, diffusion, and secret keys.
The article explains how Android hooking frameworks Xposed Installer and Cydia Substrate operate and provides practical Java‑ and native‑level detection methods—such as package‑name checks, stack‑trace inspection, memory‑map scanning, and signature matching—to identify their presence and strengthen app security.
A security bulletin released on January 9 2018 details a critical Android WebView cross‑origin vulnerability that can expose user privacy data and credentials, outlines its widespread impact on many apps, and provides detection tools and concrete remediation steps for developers.
This article explains the Meltdown and Spectre speculative‑execution CPU flaws, introduces the alleged Skyfall and Solace vulnerabilities, lists affected hardware and operating systems, and provides a detailed FAQ on detection, patches, performance impact, and safe mitigation steps.
This article examines Suning's evolution from a basic network‑operations unit to a comprehensive security ecosystem, detailing its organizational structure, protection platforms, integrated risk‑control mechanisms, big‑data threat perception system, and management processes that together safeguard its e‑commerce operations.
The article explains the Meltdown CPU vulnerability discovered by Google Project Zero, detailing its speculative‑execution root cause, how attackers can read protected memory across virtual machines, the performance‑impacting OS‑level mitigations like KPTI, and the broader implications for cloud providers and users.
This article describes how Ctrip's security team replaced rule‑based web attack detection with a Spark‑powered machine‑learning pipeline, detailing the system architecture, feature engineering using TF‑IDF, model training, evaluation, online deployment, and future enhancements to improve detection accuracy and performance.
Linus Torvalds publicly rebuked recent kernel security hardening attempts, arguing that such changes often introduce bugs, should be deferred until final review, and that many security developers act irrationally, sparking a heated debate on the Linux mailing list.
During the debate over new features for Linux kernel 4.15, Linus Torvalds harshly rejected security‑hardening changes proposed by Kees Cook, calling them unnecessary bugs and criticizing the approach of killing processes to enforce new rules.
This article explains symmetric and asymmetric encryption, the key‑distribution problem, hybrid cryptosystems, one‑way hash functions, message authentication codes, digital signatures, public‑key certificates, and compares these cryptographic methods in detail.
An interview with Alibaba Security's iOS lead reveals his personal journey, the development of a global anti‑phishing feature for the 钱盾 app, and insights on KPI, product‑operation collaboration, and the broader challenges of delivering security innovations on mobile platforms.
This article explains the Lua 5.2 bytecode format, details each field of the Luac file header and function prototypes, and shows how to create a 010 Editor binary template to parse and edit Luac files for reverse‑engineering and security analysis.
This article details a high‑severity SQL injection vulnerability in Zabbix’s jsrpc.php profileIdx2 parameter that allows unauthenticated attackers to gain system privileges, outlines its impact, demonstrates testing methods with screenshots, analyzes the vulnerable code paths, and recommends mitigation steps such as upgrading, patching, and disabling the guest account.
The article explains Alibaba's Data Security Maturity Model (DSMM), its partnership program, the involvement of 17 leading security firms, and how the model aims to improve data security capabilities across industries by establishing standardized assessment criteria and fostering ecosystem collaboration.
This article shares practical IT security insights covering network, host, application, data backup, and web security measures, illustrating how comprehensive protection goes far beyond simple password changes and port tweaks.
The Equifax data breach exposed 143 million Americans' personal information due to unpatched Apache Struts flaws, chiefly CVE‑2017‑5638 and possibly CVE‑2017‑9805, prompting a swift response from the Apache Software Foundation and highlighting the critical need for timely vulnerability management.
The article details how Didi’s internal app “Orange Pile” consolidated scattered workplace tools into a single mobile platform, describing the technical challenges, security measures, user‑experience improvements, ecosystem integration, adoption metrics, and future development plans.
From a front‑end engineer’s viewpoint, this article dissects web security as a holistic system, examines attack motives, targets, and vectors across browsers, transmission channels, and servers, and proposes coordinated front‑end and back‑end defenses such as encryption, signing, XSS filtering, URL whitelisting, and CSRF mitigation.
This article examines common password‑storage techniques, explains why plain‑text, symmetric encryption, and simple hashes are insecure, and demonstrates how modern algorithms like PBKDF2, bcrypt, and scrypt, together with proper salting and iteration, can effectively protect user credentials against large‑scale cracking attacks.
Tencent's security lab uncovered a large‑scale trojan spread via pornographic web ads that exploits the CVE‑2016‑0189 IE vulnerability, installs a backdoor, and runs a Zcash mining program, while also distributing Linux malware and controlling numerous C&C servers across Chinese provinces.
Tencent Security Lab dissected the compromised XShell remote terminal, revealing a three‑stage malicious process where patched binaries load encrypted shellcode, exfiltrate system information via dynamically generated DGA domains, and ultimately deploy a svchost‑based payload, with detailed IOC listings and remediation advice.
In August 2017 MIT Technology Review honored Alibaba AI Lab chief scientist Wang Gang and Alibaba Cloud chief security scientist Wu Hanqing as part of its global TR35 young innovators, marking the first time two researchers from a Chinese company appeared on the prestigious list and highlighting China’s rising influence in AI and security research.
A critical backdoor was discovered in NetSarang’s Xshell 5 Build 1326, where the nssock2.dll module contains malicious code that contacts a remote domain, affecting multiple NetSarang products; the article details the vulnerability, affected versions, behavior, and provides safe download links.
A recent security advisory reveals that popular remote terminal Xshell versions contain a backdoor in the nssock2.dll component, enabling shellcode to harvest host information, generate monthly DGA domains, and potentially expose sensitive data, prompting immediate version checks and upgrades.
Security researchers discovered a physical attack vector on Amazon Echo that exposes its debug panel and allows booting from an external SD card, enabling persistent root access, covert audio streaming, and a full remote control backdoor, with detailed hardware and firmware exploitation steps provided.
This article explains how to protect Visual Studio Team Services (VSTS) by integrating Azure Conditional Access, covering account binding, rule creation, user and group selection, condition settings such as sign‑in risk and location, and testing the resulting access restrictions.
This article traces the evolution of cryptography from ancient substitution ciphers to modern standards like DES, RSA, and ECC, explains symmetric and asymmetric encryption, compares ECC and RSA in security and efficiency, and presents cloud‑server performance tests showing ECC‑256’s superiority in speed and resource usage.
This extensive essay traces the evolution of computer operating systems from the 1940s to today, analyzes the limitations of current OS architectures, and proposes a cloud‑native, container‑based future exemplified by the open‑source Elastos platform, highlighting security, interoperability, and new business models.
This article describes Ctrip's automated web vulnerability detection system, detailing the shift from active to passive scanning, the distributed architecture using traffic mirroring, message queues, Redis, and MySQL, and the processes for data collection, de‑duplication, scanning, and vulnerability management.
This guide walks through setting up Python 2.7 with the pywifi module, preparing a dictionary of common Wi‑Fi passwords, configuring a scanner, scanning nearby hotspots, testing each network, and recording results to identify vulnerable access points.
The article explores the hidden, high‑traffic world of web crawlers and anti‑crawling measures, revealing why most online requests are bots, how companies decide to crawl or block, the technical and organizational challenges involved, and what the future may hold for this perpetual cat‑and‑mouse game.
This article explores the often hidden and contentious world of web crawling and anti‑crawling, detailing industry motivations, the massive proportion of bot traffic, the technical arms race between scrapers and defenders, and the broader impact on developers, companies, and security practices.
The article examines how built‑in (embedded) security differs from bolt‑on security in IoT devices, outlines real‑world attack scenarios—including physical and network exploits—and recommends foundational security designs to protect connected sensors, actuators, and smart environments.
