l****z
发帖数: 29846 | 1 【 以下文字转载自 USANews 讨论区 】
发信人: lczlcz (lcz), 信区: USANews
标 题: Microsoft warns of all IE versions vulnerable
发信站: BBS 未名空间站 (Wed Sep 18 16:48:16 2013, 美东)
Microsoft warns of IE zero day in the wild, all IE versions vulnerable
By Ms. Smith
Microsoft is warning of a zero-day exploit targeting Internet Explorer. On
Tuesday, the company posted a security advisory [1] stating "Microsoft is
investigating public reports of a vulnerability in all supported versions of
Internet Explorer. Microsoft is aware... 阅读全帖 |
|
l****z
发帖数: 29846 | 2 Microsoft warns of IE zero day in the wild, all IE versions vulnerable
By Ms. Smith
Microsoft is warning of a zero-day exploit targeting Internet Explorer. On
Tuesday, the company posted a security advisory [1] stating "Microsoft is
investigating public reports of a vulnerability in all supported versions of
Internet Explorer. Microsoft is aware of targeted attacks that attempt to
exploit this vulnerability in Internet Explorer 8 and Internet Explorer 9."
Microsoft issues Fix It workaround for n... 阅读全帖 |
|
w**z
发帖数: 8232 | 3 Highly critical “Ghost” allowing code execution affects most Linux systems
New bug haunting Linux could spark "a lot of collateral damage on the
Internet."
by Dan Goodin - Jan 27 2015, 11:32am PST
Share
Tweet
110
Pixabay
An extremely critical vulnerability affecting most Linux distributions gives
attackers the ability to execute malicious code on servers used to deliver
e-mail, host webpages, and carry out other vital functions.
The vulnerability in the GNU C Library (glibc) represents a... 阅读全帖 |
|
s**********0
发帖数: 2798 | 4 【 以下文字转载自 Military 讨论区 】
发信人: gc01 (gc01), 信区: Military
标 题: Student Visa Program Vulnerable to ‘Potential Terrorists’zt
发信站: BBS 未名空间站 (Mon Mar 10 21:01:16 2014, 美东)
Student Visa Program Vulnerable to ‘Potential Terrorists’
DHS cannot account for 48,642 foreign students
http://freebeacon.com/student-visa-program-vulnerable-to-potent
The Department of Homeland Security (DHS) cannot account for nearly 50,000
foreign students taking advantage of a student work visa program, according
to a new rep... 阅读全帖 |
|
l****p
发帖数: 27354 | 5 US is still vulnerable to terrorist attacks.
当时心里就像,连武装到牙齿的美国都vulnerable,世界上有不vulnerable的国家么?
当时恐怖袭击的重点主要是美国,而不是中国。
现在轮到中国了,中国要不惜暂时影响一下GDP,要坚决大力全面细致的弥补升级各种安
全措施,否则,代价很大,资产的和人命的代价,如果接连让恐怖分子成功,投资环境
严重恶化,则会影响中国的复兴大业,这个是暗中资助训练恐怖分子的美帝做梦都愿意
看到的。 |
|
g**1
发帖数: 10330 | 6 Student Visa Program Vulnerable to ‘Potential Terrorists’
DHS cannot account for 48,642 foreign students
http://freebeacon.com/student-visa-program-vulnerable-to-potent
The Department of Homeland Security (DHS) cannot account for nearly 50,000
foreign students taking advantage of a student work visa program, according
to a new report released by the Government Accountability Office (GAO) on
Friday.
The program is a threat to national security and vulnerable to potential
terrorists, said Sen. Chu... 阅读全帖 |
|
J*********8
发帖数: 4876 | 7 ☆─────────────────────────────────────☆
JazzCat2008 (nunu) 于 (Tue May 26 17:05:36 2009) 提到:
Vulnerable lyrics
Everywhere I look I see her smile
Her absent-minded eyes
And she has kept me wondering for so long
How this thing could go wrong.
It seems to me that we are both the same
Playing the same game
But as darkness falls this true love falls apart
Into a riddle of her heart.
She's so vulnerable, like china in my hands
She's so vulnerable and I don't understand
I could never hurt the one I |
|
p*******f
发帖数: 530 | 8 Scientists say Oakland, Alameda most vulnerable to tsunami in Bay Area
By Lisa M. Krieger
l******[email protected]
Posted: 03/15/2011 04:17:49 PM PDT
Updated: 03/15/2011 04:31:20 PM PDT
An iconic landmark helps protect most low-lying Bay Area communities from a
devastating tsunami: the Golden Gate strait.
Huge currents would race through its narrow opening, but there's a limit to
how much water can pour through the rock-lined channel into the San
Francisco Bay -- reducing the risk of inland floo... 阅读全帖 |
|
s*****2
发帖数: 3103 | 9 不是“人尽可欺”那种vulnerable,而是“一不小心就会翻船”那种vulnerable,
今年总的感觉是老了一些,伤了一些,霸气少了一些。 |
|
T*******y
发帖数: 6523 | 10 hehe. She is with social science background, and she talked about how being
seen, although vulnerable, and believing in loving and belonging, despite
being potentially hurt, that can enable one to experience joy in life.
Numbing pain numbs joy as well.
"Brene Brown is a research professor at the University of Houston Graduate
College of Social Work. She has spent the past ten years studying
vulnerability, courage, authenticity, and shame. She spent the first five
years of her decade-long study f... 阅读全帖 |
|
|
|
发帖数: 1 | 13 【 以下文字转载自 USANews 讨论区 】
发信人: ThinkHarder (ThinkHarder), 信区: USANews
标 题: Without Andrew Yang Biden is so vulnerable--torn apart by Fox News Watters and Giuliani
关键字: Andrew Yang,美国大选,候选人,访谈
发信站: BBS 未名空间站 (Mon Mar 9 12:00:37 2020, 美东)
https://www.youtube.com/watch?v=zSH2i2hrO0Q |
|
w*********e
发帖数: 1088 | 14 How would you go about finding the security vulnerabilities in our 2 million
lines of code?
google了一下,没找到什么线索。谢谢了。 |
|
r*****t
发帖数: 7278 | 15 我自己的经验,年轻人刚刚入职的时候是最vulnerable的时候
要裁员,要开人就是你们开刀
没有绿卡,H1刚起步,这样的灾难是很可怕的
所以,切记,一定要勤苦肯干,好好的做人
拿到了绿卡至少485pending了才可以稍微懈怠。 |
|
d******8
发帖数: 1972 | 16 Why Chinese stocks leave US investors vulnerable
Associated Press
By PAUL WISEMAN and MARCY GORDON 21 hours ago
.
.
.
WASHINGTON (AP) — Something about the deal smelled fishy.
Related Stories
China Marine Food Group Ltd., a Chinese company then on the New York Stock
Exchange, spent $27 million in January 2010 to acquire a firm whose main
asset was "algae-based drink know-how." The weird thing: Three months
earlier, the beverage formula had been valued below $8,800.
But when the U.... 阅读全帖 |
|
n*****e
发帖数: 193 | 17 看来大家都有事,不能让牙膏厂一个人扛阿。
https://www.bleepingcomputer.com/news/security/google-almost-all-cpus-since-
1995-vulnerable-to-meltdown-and-spectre-flaws/
Issues described as hardware bugs that need software fixes
The issues at heart of all hoopla that happened today concern two attack
scenarios that Horn discovered and reported to CPU vendors in June 2017.
Horn describes these issues as hardware bugs that will need both firmware
patches from CPU vendors and software fixes from both OS and application
ven... 阅读全帖 |
|
|
|
s******0
发帖数: 13782 | 20 不错 轻松幽默 。。。
courage,connection 都可以凭自己能力,经验,悟性 容易达到
vulnerability 足够自信的人才敢于不断挑战自己
passion 这个最难了,年复一年很快厌倦了,怎样才能保持 当初的 passion?
下面请再温习一遍 Steve Jobs 同学的 passion 和 curiosity |
|
s******0
发帖数: 13782 | 21 不错 轻松幽默 。。。
courage,connection 都可以凭自己能力,经验,悟性 容易达到
vulnerability 足够自信的人才敢于不断挑战自己
passion 这个最难了,年复一年很快厌倦了,怎样才能保持 当初的 passion?
下面请再温习一遍 Steve Jobs 同学的 passion 和 curiosity |
|
p*******0
发帖数: 76 | 22 请问除了Scuba by Imperva 和 AppDetective, 大牛们知道哪些 database
vulnerability scanners
谢谢 |
|
c**t
发帖数: 2744 | 23 【 以下文字转载自 Security 讨论区 】
【 原文由 cogt 所发表 】
http://secunia.com/advisories/15292
Secunia Advisory: SA15292
Release Date: 2005-05-08
Last Update: 2005-05-09
Critical:
Extremely critical
Impact: Cross Site Scripting
System access
Where: From remote
Solution Status: Unpatched
Software: Mozilla Firefox 1.x
Select a product and view a complete list of all Patched/Unpatched Secunia advisories affecting it.
Description:
Two vulnerabilities have been discovered in Firefox, which can be exploited by mali |
|
|
c**t
发帖数: 2744 | 25 【 以下文字转载自 Windows 讨论区 】
【 原文由 cogt 所发表 】
Here we go again, fully patched systems, even with SP2 allow this bug to
slip through:
http://secunia.com/advisories/12321/
The vulnerability is caused due to insufficient validation of drag and drop
events issued from the "Internet" zone to local resources. This can be
exploited by a malicious website to e.g. plant an arbitrary executable
file in a user's startup folder, which will get executed the next time
Windows starts up. |
|
c**t
发帖数: 2744 | 26 http://secunia.com/advisories/15292
Secunia Advisory: SA15292
Release Date: 2005-05-08
Last Update: 2005-05-09
Critical:
Extremely critical
Impact: Cross Site Scripting
System access
Where: From remote
Solution Status: Unpatched
Software: Mozilla Firefox 1.x
Select a product and view a complete list of all Patched/Unpatched Secunia advisories affecting it.
Description:
Two vulnerabilities have been discovered in Firefox, which can be exploited by malicious people to conduct cross-site scripti |
|
w*****g
发帖数: 198 | 27 There is a fairly strong OpenSSH following here on campus. Please be aware of
the following vulnerability: |
|
c**t
发帖数: 2744 | 28 Here we go again, fully patched systems, even with SP2 allow this bug to
slip through:
http://secunia.com/advisories/12321/
The vulnerability is caused due to insufficient validation of drag and drop
events issued from the "Internet" zone to local resources. This can be
exploited by a malicious website to e.g. plant an arbitrary executable
file in a user's startup folder, which will get executed the next time
Windows starts up. |
|
|
p*******m
发帖数: 20761 | 30 Access control bypass in Hikvision IP Cameras
From: Monte Crypto
Date: Tue, 12 Sep 2017 04:19:00 +0200 (CEST)
Access control bypass in Hikvision IP Cameras
Full disclosure
Sep 12, 2017
Synopsis:
---------------
Many Hikvision IP cameras contain a backdoor that allows unauthenticated
impersonation of any configured user account.
The vulnerability has been present in Hikvision products since at least 2014
. In addition to Hikvision-branded devices,
it affects many whi... 阅读全帖 |
|
F**********I
发帖数: 1000 | 31 http://thenextweb.com/microsoft/2012/11/02/microsofts-security-
Oracle, Adobe和Apple几乎独占前十
1. Oracle Java Multiple Vulnerabilities: DoS-attack (Gain access to
a system and execute arbitrary code with local user privileges) and Cross-
Site Scripting (Gain access to sensitive data). Highly Critical.
2. Oracle Java Three Vulnerabilities: Gain access to a system and
execute arbitrary code with local user privileges. Extremely Critical.
3. Adobe Flash Player Multiple Vuln... 阅读全帖 |
|
p*******m
发帖数: 20761 | 32 Monday morning was not a great time to be an IT admin, with the public
release of a bug that effectively broke WPA2 wireless security.
WPA2 security flaw puts almost every Wi-Fi device at risk of hijack,
eavesdropping
WPA2 security flaw puts almost every Wi-Fi device at risk of hijack,
eavesdropping
Security experts have said the bug is a total breakdown of the WPA2 security
protocol.
Read More
As reported previously by ZDNet, the bug, dubbed "KRACK" -- which stands for
Key Reinstallation Attack... 阅读全帖 |
|
p*******m
发帖数: 20761 | 33 Monday morning was not a great time to be an IT admin, with the public
release of a bug that effectively broke WPA2 wireless security.
WPA2 security flaw puts almost every Wi-Fi device at risk of hijack,
eavesdropping
WPA2 security flaw puts almost every Wi-Fi device at risk of hijack,
eavesdropping
Security experts have said the bug is a total breakdown of the WPA2 security
protocol.
Read More
As reported previously by ZDNet, the bug, dubbed "KRACK" -- which stands for
Key Reinstallation Attack... 阅读全帖 |
|
l****z
发帖数: 29846 | 34 Posted by Bryan Jacoutot Monday, October 29, 2012 at 1:01pm
A new Boston Globe poll conducted by the University of New Hampshire Survey
Center shows Scott Brown is making a successful October push in
Massachusetts to keep his seat in the United States Senate. The Globe now
has Brown leading 47-45.
The poll is a reversal from a September Globe survey that showed Warren
ahead 43 percent to 38 percent, as well as several other recent polls that
have found Warren with a slight lead. The shift... 阅读全帖 |
|
w********2
发帖数: 632 | 35 IPMI: The most dangerous protocol you've never heard of
IPMI could be punching holes in your corporate defenses.
Paul F. Roberts By Paul F. Roberts
ITworld | AUGUST 19, 2013
MORE GOOD READS
Many servers expose insecure out-of-band management interfaces to the
Internet
Those 'invisible' servers could open your network to hackers
Despite patches, Supermicro's IPMI firmware is far from secure, researchers
say
screen shot 2018 09 21 at 10.43.22 am
DEALPOSTS
Apple's dropping Back To My M... 阅读全帖 |
|
T**********e
发帖数: 29576 | 36 Over the past week or so, one of the most prominent credit agencies,
Standard & Poor’s, has, in a series of reports, attempted to quantify the
financial impact of climate change. The company looked at the impact of
changing weather patterns on various industries, including utilities and
insurance.
+
Among other things, the ratings agency ranked nations based on the
percentage of their population living below an altitude of 5 meters (about
16 feet), their share of agriculture in total economic ou... 阅读全帖 |
|
p*******m
发帖数: 20761 | 37
What You Should Know About the ‘KRACK’ WiFi Security Weakness
Researchers this week published information about a newfound, serious
weakness in WPA2 — the security standard that protects all modern Wi-Fi
networks. What follows is a short rundown on what exactly is at stake here,
who’s most at-risk from this vulnerability, and what organizations and
individuals can do about it.
wifi
Short for Wi-Fi Protected Access II, WPA2 is the security protocol used by
most wireless networks today. Researche... 阅读全帖 |
|
l****z
发帖数: 29846 | 38 这里现讲怎么fix.
IE已经fix了.
用最新版firefox V38.01的可以很简单的fix.
Chrome和其他的不知道. 因为我基本不用.
=====
jscher2000 wrote:
Disable the insecure ciphers here:
(1) In a new tab, type or paste about:config in the address bar and press
Enter. Click the button promising to be careful.
(2) In the search box above the list, type or paste ssl3 and pause while the
list is filtered
(3) Double-click the security.ssl3.dhe_rsa_aes_128_sha preference to switch
it from true to false (this usually would be the first item on the list)
... 阅读全帖 |
|
g********2
发帖数: 6571 | 39 September 4, 2016
Analysis of FBI Reports: China more likely to have Hillary’s emails, not
Russia
By Richard Henry Lee
From an analysis of the FBI document dump (Part 1, Part 2) concerning
Hillary’s email use and her foreign travel schedule, it is apparent that
the Chinese are more likely to have gained access to Hillary’s emails than
Russia. Other countries would have had opportunities as well.
Hillary’s email server was most vulnerable from mid to late January to late
March 2009, when the emai... 阅读全帖 |
|
z*******n
发帖数: 1034 | 40 Apple Just Patched A Security Flaw In iCloud That Could've Been Used To Hack
Celebrity Accounts
James Cook
Sep. 1, 2014, 10:20 AM
Engadget reports that Apple has fixed a major bug in its Find My iPhone
software that allowed hackers to gain access to iCloud accounts. The fix
comes just hours after a hacker leaked hundreds of nude celebrity photos on
4chan in return for Bitcoin donations.
Apple's Find My iPhone login page was discovered to have been vulnerable to
so-called "brute force" ha... 阅读全帖 |
|
|
m****d
发帖数: 372 | 42 IMF Executive Board Approves 30 Billion Stand-By Arrangement
for Greece
Press Release No. 10/187
May 9, 2010
The Executive Board of the International Monetary Fund (IMF) today approved
a three-year SDR 26.4 billion (30 billion) Stand-By Arrangement for Greece
in support of the authorities’ economic adjustment and transformation prog
ram. This front-loaded program makes SDR 4.8 billion (about 5.5 billion) i
mmediately available to Greece from the IMF as part of joint financing with
the European U... 阅读全帖 |
|
t****n
发帖数: 2601 | 43 刘晓波是个病毒
企图瓦解中共宿主
诺贝尔和平奖委员会高度赞赏病毒对抗宿主强权
并在网站上大量免费发放病毒
广大痛恨IE,使用FF的liberals纷纷在和平奖网站上中毒
计算机被人侵入,底裤被人掀开
关键词:病毒,诺贝尔和平奖,台湾
Oslo, Norway – Oct. 26, 2010 - Norman ASA, a leading security company
offering products protecting government and enterprise networks and
consumer desktops, today announced that its researchers have identified new
Trojan malware that infected the Nobel Peace Prize site early Tuesday. The
new Trojan was transmitted through a vulnerability in Firefox version 3.5
and 3.6.
The Norman... 阅读全帖 |
|
t****n
发帖数: 2601 | 44 【 以下文字转载自 ChinaNews 讨论区 】
发信人: tgbyhn (CNN), 信区: ChinaNews
标 题: 明年诺贝尔和平奖得主病毒
发信站: BBS 未名空间站 (Sat Oct 30 11:47:24 2010, 美东)
刘晓波是个病毒
企图瓦解中共宿主
诺贝尔和平奖委员会高度赞赏病毒对抗宿主强权
并在网站上大量免费发放病毒
广大痛恨IE,使用FF的liberals纷纷中毒
计算机被人侵入,底裤被人掀开
关键词:病毒,诺贝尔和平奖,台湾
Oslo, Norway – Oct. 26, 2010 - Norman ASA, a leading security company
offering products protecting government and enterprise networks and
consumer desktops, today announced that its researchers have identified new
Trojan malware that infected the Nobel Peace Prize ... 阅读全帖 |
|
S*********4
发帖数: 5125 | 45 从航天飞机的终结谈美国的衰落和中国的崛起
解滨
公元2011年7月21日黎明,美国佛罗里达州的肯尼迪航天中心的跑道上,美国最后一架
航天飞机“阿特兰蒂斯”号在轰鸣声中降落下来,指令长克里斯托夫.弗洛森向位于休
斯敦的控制中心报告:“Houston, mission accomplished”。 此时在佛罗里达的肯尼
迪航天中心和休斯敦的约翰逊航天中心的几千员工,看着“阿特兰蒂斯”慢慢停下,眼
中含着泪水。 人们只有起劲的鼓掌,却没有了往日的欢呼。 一位工人跑到“阿特兰蒂
斯”轮胎擦地的那个着落点用红油漆画了个标记,作为永久纪念。 休斯敦的航天控制
中心和以往一样拿出成箩筐的蛋糕和成箱的香槟酒给员工们庆祝,但这一天却没有人打
开香槟。 人们互相握手祝好运,其实是祝在第二天不要被裁掉。 在这两个航天中心有
4000为美国航天事业做出努力的勤勤恳恳的员工将被解雇。 原因很简单:“Houston,
mission accomplished” 这句话被指令长说过数百次,但这一次的意思却是“Houston
, mission accomplished,forever”。
在今后不知多长的岁月中,休... 阅读全帖 |
|
