Click the blue words to follow us In today’s cybersecurity field, SDP is a hot topic. SDP (Software Defined Perimeter) is a security framework developed by the Cloud Security Alliance, based on the concept of zero trust. Every terminal connecting to the server must undergo authentication and authorization before connection, ensuring the trustworthiness of all … Read more
Recently, major companies such as Industrial and Commercial Bank of China, Boeing, and Dubai Ports World have suffered ransomware attacks due to their failure to promptly fix high-risk vulnerabilities or misconfigurations of exposed assets, highlighting the importance of Attack Surface Management (ASM). According to Sevco’s latest “2023 Enterprise Attack Surface Survey Report”, 11% of enterprise … Read more
With the intelligence and informatization of medical devices, many off-the-shelf software (OTS) are being applied in medical devices. On August 11, 2023, the FDA released the Guidance for Industry and Food and Drug Administration Staff on Off-The-Shelf Software Use in Medical Devices, which aims to provide information that applicants should include in the documentation submitted … Read more
In recent years, children’s smartwatches have become popular among parents and children. However, due to the unique nature of child users, the underlying concerns have also attracted widespread attention. Recently, the alliance technical specification formulated by the China Cybersecurity Industry Alliance, the “Guidelines for the Protection of Personal Information and Rights of Children’s Smartwatches,” has … Read more
Introduction Industrial automation consists of two parts: networking and interconnection of devices, and the design and manufacturing of embedded devices. The development of the Internet of Things (IoT) poses challenges to the interconnectivity and information security of factory, industrial facilities, and service equipment. Previously, when devices were not connected to the internet, everything was safe; … Read more
2024.12.13~12.19 Attack group intelligence Mask APT reappeared, targeting Latin American organizations. Attack Bitter APT utilized WmRAT and MiyaRAT malware to attack Turkish defense organization APT-C-36 (Blind Eye Eagle), continuously launching attacks against Colombia. Gamaredon deployed in former Soviet states Andr…
Emergency Response Steps: 1. Focus on ensuring business stability. Blacklist IP, rate limit, human verification code. First, activate the operational emergency plan to ensure stable business operation and system stability (network, system files, startup items, libraries, memory). Experience is irreplaceable. Think about security incidents with an event correlation mindset. All operations must be recorded with … Read more
Embedded engineers should enhance their understanding of system security, comprehend the essence of security threats, and master effective protection strategies. Through in-depth analysis, it is hoped to stimulate awareness of embedded security both within and outside the industry, and jointly promote the development of a safer and more reliable intelligent ecosystem. Due to the special … Read more
1. Introduction On the Android platform, the Java code written by programmers is ultimately compiled into bytecode that runs on the Android virtual machine. Since Android came into the public eye, decompilation tools such as apktool and jadx have emerged one after another, becoming increasingly powerful. The bytecode compiled from Java has become vulnerable in … Read more
Recently, two American internet service providers suffered a network attack, causing many well-known websites to be inaccessible, claiming that half of America’s internet was paralyzed. Subsequent investigations revealed that hackers exploited viruses to infect IoT devices, which were then used to launch network attacks. Internet security experts stated that the number of infected IoT devices … Read more