Tag:hacker
-
Time:2021-1-15
Technical editor: Zong enli from sifou newoffice SegmentFault has he reported the official account number: SegmentFault According to foreign media, nearly 25 million US dollars of assets were stolen from dforce, but then hackers returned almost all the funds to dforce, except for the loss of 1.2 million US dollars due to the conversion fee. […]
-
Time:2021-1-3
1-XSS Cross site scripting (XSS) is a code injection attack. The attacker injects malicious script into the target website to make it run on the user‘s browser. Using these malicious scripts, the attacker can obtain the user’s sensitive information, such as cookie, sessionid and so on, and then endanger the data security. source UGC information […]
-
Time:2020-12-13
Interested in my WeChat official account, Gu Linhai, I talked about technology, talked about life, and recorded what I had learned. case Dropbox, an online storage service company advantage: Initial users are very stable, there are seed users The product has practical value Disadvantages: Not big enough The budget is limited Objectives: Hope to attract […]
-
Time:2020-11-3
Unprotected APIs are very dangerous Unprotected API is very dangerous, and it is no different from streaking. Even if the API document is not leaked artificially, the API URL and corresponding request parameters can be easily obtained through simple packet capture. Here are a few security incidents that may be caused by unprotected APIs: Through […]
-
Time:2020-10-29
First of all, I’ll post the article I’ve read:1.http://www.cnblogs.com/xiekel…2.http://blog.leapoahead.com/20…3.http://blog.leapoahead.com/20…4.jwt demo :https://github.com/bigmeow/JWTFive https://github.com/jwtk/jjwt There are several good ones here, which are officially recommendedSix http://blog.csdn.net/koastal/… Anti replay attack scheme based on timestamp and nonce The company’s current web design is based on HTTP basic auth, and has always felt that there will be great security problems, and […]
-
Time:2020-10-14
Less than a month ago, security personnel Bob diachenko and Vinny Troia discovered a publicly accessible elasticsearch server that contained 1.2 billion user accounts, which was exposed on the dark web. The reason for most leaks is that elasticsearch server is not password protected. Just after the 1.2 billion personal data leakage incident of elasticsearch […]
-
Time:2020-10-11
On May 29th, based on the CCTP cross chain transfer standard agreement, aelf launched the first phase of reward offering activity for hackers with a reward amount of 88888 elf. As of the end of the activity on June 5, no hacker has successfully stolen the test token elf, and no reward has been obtained. […]
-
Time:2020-10-11
Technical editor: Xu Jiuyi from the editorial department According to foreign media reports, hackers hacked into 22900 mongodb databases, backed up and erased the relevant data content, and asked to pay 0.015 bitcoin (about US $140) within 48 hours for recovery. It is reported that the hacked databases account for about 47% of all mongodb […]
-
Time:2020-10-11
By Joe tidyOriginal text: https://www.bbc.com/news/tech…Compiled by: segmentfault editorial department @ Xu Jiu This is an 18-year-old boy from Sheffield named Abdel Herman Bader. Like many children of the same age, they indulge in eating chicken games. The bullets in the game come down from all angles, but he can still keep calm. Suddenly, an enemy […]
-
Time:2020-10-5
Technical editor: mango fruit from the editorial departmentSegmentFault has he reported the official account number: SegmentFault This week, a hacker named shiny hunters announced on the forum that he had broken into Microsoft’s GitHub account and downloaded some files. According to the information disclosed by Microsoft employees on the social platform and the time when […]
-
Time:2020-9-23
Author:__ Programmer Zhao XinOriginal text:https://www.cnblogs.com/xinzh… Our database authority management is very strict, sensitive information development engineers can not see, password plaintext storage can not? no way. There are many threats to the data stored in the database, such as application level, database level, operating system level, computer room level and staff level. It is very […]
-
Time:2020-9-16
Technical editor: Xu Jiuyi from: sinao editorial department Bitfinex, the top overseas exchange, recently issued a statement in the cryptocurrency community, hoping that they could help recover nearly 120000 bitcoins stolen by the exchange more than four years ago. The exchange said that if it could provide them with the contact information of the hackers, […]