The GitHub security team said that Wotong had issued a GitHub certificate without their authorization. This prompted the GitHub security team and Mozilla to cooperate in the investigation of Wotong, and found that Wotong issued several certificates in violation of regulations. This investigation shows that Wotong has deliberately circumvented browser restrictions (that is, the invalidation plan for SHA-1 signature certificate) and CA requirements. Furthermore, it was found that StartCom, another CA company, was also secretly acquired by Votone, which violated the requirement of CA company to disclose information when it was acquired. In addition, Wotong also replaced the infrastructure, personnel, policies and issuance system of the original StartCom. Faced with this situation, the management of Wotong and StartCom also tried to mislead the fact of the acquisition between the two companies.

Karmen was active around December 2016, when it appeared in security incidents in Germany and the United States. But it didn't appear in the ads on the Dark Web forum until March. After analysis, researchers believe that Karmen is derived from the open-source ransomware Hidden Tear, which uses the AES-256 encryption protocol. The encryption target is the target file on the local machine.

GitHub Enterprise is an application software produced by GitHub. com, which can set up the whole GitHub service in its own enterprise intranet. If you are interested, you can download images in various formats from enterprise.github.com and obtain a 45 day trial license from the website! After installation, you should see the following screen

Recently, the National Information Security Vulnerability Sharing Platform (CNVD) has included the disaerialization vulnerability (CNVD-2017-04483) of the EnableDefaultTyping method of the Jackson framework submitted by CNVD White Hat (ID: around). An attacker can use the vulnerability to execute arbitrary code or system instructions on the server host and gain control of the website server. 1. Vulnerability Analysis Jackson is an open source java serialization and deserialization tool framework, which can serialize java objects into strings in xml and json formats and provide the corresponding deserialization process. Because of its high parsing efficiency, it is currently a built-in parsing method in Spring MVC. 4…

From April 17 to 18, the 2017 Global Future Network Development Summit was held in Jiangning, Nanjing with the theme of "win-win cooperation in innovation and leading future development". This morning, the opening ceremony of the 2017 Global Future Network Development Summit was held in Nanjing Future Network Town. This grand event, with an unprecedented gathering of guests, is a "thought feast" and "brainstorming" of the future network, which will not only boost the development of Jiangning's future network strategic emerging industry, but also lay a solid foundation for Jiangning to build a future network featured town. Wu Hequan, academician of the Chinese Academy of Engineering, said in his opening speech that Nanjing, with the support of the Jiangsu Provincial Party Committee, the Jiangsu Provincial Government and the Nanjing Municipal Party Committee and the Nanjing Municipal People's Government, has the courage to take the lead in the project, taking Nanjing as the base. This innovative exploration is strategic. The development process of the future network can

On the evening of April 14, Beijing time, the Shadow Brokers organization released on the Internet some of the previously obtained file information of the Equation Group, including multiple high-risk vulnerability exploitation tools for Windows operating system and other server system software. Due to the high degree of integration of the attack tools released by it and the efficient use of some attacks, it may cause large-scale attacks against server hosts on the Internet. Brief analysis of the event Shadow Brokers released a large number of engineering tools used by hackers for Windows operating systems, bank specific systems, and other widely used server software products, involving

Vulnerability description: The udp. c file in the Linux kernel before 4.5 has a security vulnerability, The udp. c in the Linux kernel allows remote attackers to execute arbitrary code through UDP traffic, which will trigger the insecure second checksum calculation when executing the recv system call with the MSG_PEEK flag. Remote attackers can carefully construct data to execute arbitrary code, further leading to local empowerment. It is recommended that some major Linux distributions, such as Ubuntu and Debian, have deployed the repaired build version as early as February this year; Red Ha…

China Telecom National Trunk Network News: The second Beijing Wuhan Guangzhou optical cable was interrupted in Zhumadian, Henan, causing high delays in north and south visits, and is under urgent repair. [Jinshan Cloud] Dear Jinshan Cloud users! Our company's monitoring found that at present, the telecom lines from Beijing machine room to several southern regions have packet loss, which has been reported to the operator for emergency treatment. Affected by this, the above regional users' access to EIP, CDN, KS3 and other services in Beijing Machine Room will be affected. Please pay attention to the business situation, and we will continue to pay attention to the progress of the situation, and update and report whenever there is any new progress. [UCloud] At 11:10, our company monitored that there was packet loss delay in the telecommunications lines in North China and South China. It was initially judged that it was a problem in the telecommunications backbone network, and we have urgently contacted the operator for support. 11:34

Recently, the National Information Security Vulnerability Sharing Platform (CNVD) recorded that PHP has an arbitrary file upload vulnerability (CNVD-2017-04180). Remote attackers can use the foreground registration function to upload arbitrary image trojan files and gain control permissions of the website. 1、 Vulnerability Analysis PHPCMS uses PHP5+MYSQL as the technical basis for development. It is a website building system. The system uses modular development, supports multiple classification methods, and can be used to facilitate the design, development and maintenance of personalized websites. PHPCMS V9.6 WAP module does not strictly filter file extensions uploaded by foreground users, leading to an arbitrary file upload vulnerability. Remote attackers use the registration function to use # truncation to bypass the text

China news agency, Taipei, April 5 According to the Central News Agency, on the 5th, since March 25, the hacker organization code named "Anonymous Fox" has invaded hundreds of websites across Taiwan and carried out webpage replacement attacks. According to the database statistics of the internationally famous hacker website "Zone-H", nearly 200 Taiwan websites with the domain name ending in "com. tw" have been attacked by the organization, and some websites such as insurance companies and medical beauty companies that have been attacked are still completely suspended. The Zhongshi Electronic News reported that the attack on hundreds of websites "adds another embarrassing record" to Taiwan's history of information security protection. The media believed that the types of attacks were mainly home page replacement and large-scale replacement. This method will not create