SiriSpy – iOS bug allowed apps to eavesdrop on your conversations with Siri

TL;DR: Any app with access to Bluetooth could record your conversations with Siri and audio from the iOS keyboard dictation feature when using AirP...

SSD Advisory – Galaxy Store Applications Installation/Launching without User Interaction

TL;DR A vulnerability in the Galaxy Store allows attackers through an XSS to cause the store to install and/or launch an application, allowing rem...

Chrome Browser Exploitation, Part 1: Introduction to V8 and JavaScript Internals

Web browsers, our extensive gateway to the internet. Browsers today play a vital role in modern organizations as more and more software application...

Missing Authentication in ZKTeco ZEM/ZMM Web Interface

The ZKTeco time attendance device does not require authentication to use the web interface, exposing the database of employees and their credential...

Windows 0 day漏洞利用可绕过JS文件安全告警

研究人员发现一个新的Windows 0day漏洞,攻击者利用该漏洞可以让恶意JS文件绕过mark-of-the-web安全告警。目前已有攻击者将该0day漏洞利用应用于勒索软件攻击...

Firecracker

Firecracker: Lightweight Virtualization for Serverless Applications今天和大家分享的论文是Firecracker: Lightweight Virtualization for Serverless App...

安全招聘汇总 | 第二十四期

360集团安全运营分析专家工作地点:北京联系方式:[email protected](注明来自ChaMd5)岗位详情:https://www.chamd5.org/jobdetail.aspx?id=1414安全分...

(八)合约的高级特性(完)

继承 继承的机制和 python 的非常相似,但是存在差异。一般而言使用过 C++, 基本已经掌握。 当合约继承其他的合约时,只会在区块链上生成一个合约,所有相关...

哲学家和程序员眼中的web3:密码学、分布式与博弈论

作者 | Fishylosopher编译 | Arena Wang来源 | TechFlow“本文将从意识形态的角度对web3进行“竖向”介绍,并阐述Web3的三大基础原则...

【论文分享】vSGX:Virtualizing SGX Enclaves on AMD SEV

今天要分享的文章是发表于2022 IEEE S&P上的《vSGX: Virtualizing SGX Enclaves on AMD SEV》简介近年来,由于对保护程序代码和隐私数据的需求,可...
1 609 610 611 612 613 1,015