Apache Struts code execution vulnerability (CVE-2023-50164) allows attackers to control file upload parameter execution path traversal, and in some cases can upload malicious files to execute arbitrary code.

1. Introduction On the evening of December 9, 2021, the Apache Log4j2 remote code execution vulnerability (CVE-2021-44228) detonated the world. This vulnerability can be called an epic vulnerability, with a CVSS score of 10 out of 10, affecting…

Foreword The outbreak of the COVID-19 epidemic has accelerated the digital transformation process of the whole society, and industries such as remote office, online education, and online live broadcast have developed rapidly. With the advent of the digital economy era, emerging technologies such as cloud computing, big data, and the Internet of Things are deeply applied in various industries, and various industries are changing their production methods...

Explore how ChatGPT can assist in analyzing malware, specifically the Remote Access Trojan (RAT) AsyncRAT, and delve into ChatGPT's ability to discuss how it can assist in identifying threat indicators by analyzing network traffic and revealing command and control (C2) infrastructure.

Yesterday we already knew that the administrator of the "Breach Forum" or webmaster "Pompompurin" was arrested, and we also knew that the man was 21-year-old American Conor Brian Fitzpatrick...

According to foreign media reports, a source code leak occurred at Yandex, one of Russia's largest IT technology companies. Nearly all of Yandex’s source code leaked A former employee allegedly leaked Yandex’s source code repository, which leaked…

The US military believes that cloud computing is a shared computing resource pool that can meet the rapidly changing needs of users at any time. By building a cloud environment, military data processing advantages can be ensured, thereby ensuring military advantages in the digital and physical worlds. The US military believes that its cloud technology for joint operations...

Recently, Northwestern Polytechnical University issued a "Public Statement" stating that the school suffered from overseas cyber attacks. The Beilin Branch of the Public Security Bureau of Xi'an City, Shaanxi Province immediately issued a "Police Information Bulletin", confirming that a number of Trojan horse program samples originating from abroad were found in the information network of Northwestern Polytechnical University. The Xi'an police...

1. Product Introduction Nanqiang WEB Application Firewall (abbreviation: uuWAF) is a comprehensive website protection product launched by Youan Technology. Through Youan Technology’s proprietary WEB intrusion anomaly detection and other technologies, combined with the Youan Technology team’s years of application security attack...

Recently, many scientific research institutions in China have discovered traces of the activity of the "verifier" Trojan program. A research report released by 360 on the 28th showed that according to the available US NSA confidential documents: "Authenticator" is a small implanted Trojan that can be deployed remotely...