A former Bilibili engineer inserted malicious JavaScript into the platform's web frontend, causing some users to see a fake account‑ban notice, which exposed internal code‑review weaknesses and sparked widespread discussion about insider threats and web security.
This article explains data masking techniques—including static (SDM) and dynamic (DDM) methods—detailing how to protect sensitive fields like phone numbers and IDs through replacement, truncation, encryption, randomization, and other schemes, while preserving data utility for testing and analysis.
The article breaks down five technical defenses—database storage, transaction logs, double‑entry checks, account‑aging monitoring, and external reconciliation—that prevent anyone from arbitrarily changing a WeChat user's balance, illustrating why such tampering is practically impossible.
SSL/TLS certificates secure data between browsers and servers, but while one‑way authentication verifies only the server, mutual (two‑way) authentication also validates the client using personal authentication certificates, requiring additional keys and CA roots, making it ideal for high‑security enterprise environments.
This article presents a comprehensive visual guide to enterprise digital transformation, covering overall digital planning, application system architecture, data architecture, information security architecture, and digital organization and governance, illustrating each layer with detailed diagrams to aid strategic implementation.
In December 2024, Xiaohongshu’s information security team topped the Shanghai “Panshi Action” competition, earning top blue‑team honors and a zero‑loss defense record by leveraging real‑time traffic monitoring, big‑data analytics, rapid incident response, and successful attacker attribution.
This article examines the challenges of fuzzy searching encrypted data and presents three categories of solutions—naïve in‑memory decryption, conventional database‑level approaches, and advanced algorithmic methods—evaluating their implementation steps, security implications, and performance trade‑offs.
The Chaoyang District People's Court in Beijing found that a technology company illegally scraped the "congestion delay index" from a navigation map, used it for commercial purposes, and ordered it to stop the infringement and pay a total of 12.5 million yuan in damages, highlighting the legal protection of competitive data rights.
The article critiques hollow security‑first slogans, explores the endless nature of security, the tension between security and user experience, and offers practical risk‑scoring frameworks and phrasing advice for organizations seeking a realistic balance between protection and usability.
This article documents a step‑by‑step investigation of a compromised Linux server that exhibited 100% CPU usage, detailing process, network, and startup‑service analysis, the discovery of a cryptomining malware, and the complete removal procedure.
Ant Financial's MorseCrypto team secured first place in the 2024 Financial Cipher Cup second‑stage competition by delivering highly optimized SM2, SM3, and SM4 implementations on X86 and ARM platforms that achieve up to 4.3‑times faster verification while meeting strict security and memory constraints.
This article outlines ten essential best‑practice principles for implementing a Secure Development Lifecycle (SDL), covering top‑down leadership, alignment with existing management systems, visualizable processes, security goal classification, componentized security capabilities, supply‑chain management, service‑oriented SDL, DevSecOps toolchains, continuous optimization, and staff training.
This article reviews several high‑profile incidents where operations staff deleted or sabotaged critical databases, detailing the legal consequences, financial losses, and lessons for improving security and operational safeguards.
A recent advisory from China’s National Computer Virus Emergency Response Center reveals a new “Silver Fox” Trojan variant distributed via phishing pages and social‑media links, explains its infection process on Windows PCs, and outlines practical prevention steps for enterprises and individual users.
The National Computer Virus Emergency Response Center reports a new “Silver Fox” Trojan variant distributed via phishing links in WeChat groups, disguised as tax‑related installers, which can hijack systems for remote control and fraud, and provides concrete steps for users and enterprises to defend against it.
This article explains the pain points of multiple logins in enterprises, introduces Single Sign‑On concepts and protocols, outlines its benefits, and provides a step‑by‑step guide to deploy an open‑source Golang‑Vue SSO solution using Docker Compose.
This article outlines the challenges of traditional credential handling in modern enterprises, presents a professional password‑management platform with advanced encryption, sharing, and audit features, and provides step‑by‑step Docker‑based deployment instructions to secure and streamline account administration.
This article explains the fundamentals, architecture, workflow, and practical scenarios of Single Sign-On (SSO), illustrating how a centralized authentication server enables users to log in once and seamlessly access multiple trusted applications, while also offering resources for deeper study.
A widespread crash affecting QQ and TIM on Windows, iOS, and Android was caused by a vulnerability in the QQ NT kernel that allowed malicious code in group file previews to trigger the failure, and users are advised to clean chat records or await server-side fixes.
This article explains the structure of JSON Web Tokens, outlines common attack vectors such as algorithm confusion, weak keys, replay, and header injection, and provides practical mitigation strategies and a testing checklist with recommended security tools.
This article compiles practical insights from Zhihu discussions and real‑world experience on preventing insider spying and tampering with databases, covering least‑privilege policies, mutual supervision, strict access controls, audit mechanisms, and cultural factors that shape effective information security operations.
This article explains how to generate an MD5 hash for a string in Java with the java.security.MessageDigest class, provides a complete example program, details each step of the MD5 algorithm, and describes the core methods and internal workings of MessageDigest for cryptographic hashing.
A comprehensive cheat sheet of high‑frequency Linux penetration‑testing commands covering system information, package management, user handling, compression, file operations, Samba access, shell bypass techniques, miscellaneous utilities, bash history clearing, filesystem permissions, and privilege‑escalation tips.
Companies can monitor employee WeChat chats on corporate‑issued, rooted computers through network sniffing, OS‑level screen capture, and file‑watching tools, allowing them to view personal messages, infer app usage, and thus personal privacy on work devices is vulnerable, so users should avoid personal WeChat on such devices or use separate accounts and enterprise archiving features.
This guide lists the most dangerous Linux ports, explains their typical uses, the security risks they pose, and provides concrete recommendations—such as changing default ports, disabling services, and applying firewall rules—to harden your system against attacks.
The article surveys classic FPS cheating methods—memory editing, packet manipulation, and macro simulation—explains their technical implementations and anti‑cheat defenses, then examines how AI and machine‑learning are reshaping both cheat creation and detection, concluding with recommendations for staying ahead of cheat developers.
This article explains the purpose of TCP RST packets, how they appear during connection establishment, data transfer, firewall enforcement, and teardown, and provides practical techniques for distinguishing legitimate resets from spoofed or policy‑driven resets to improve network troubleshooting and security.
Amid rising memory‑safety concerns highlighted by Chrome’s vulnerabilities and high‑profile attacks, the C++ community proposes a Safe C++ Extension to add memory‑safety features, while experts compare it to Rust and discuss challenges, adoption pressures, and DARPA’s AI‑driven code‑conversion efforts.
The Chinese Cyberspace Security Association warns that Intel processors suffer frequent high‑severity vulnerabilities, reliability problems, covert remote‑management features, and built‑in backdoors, urging a systematic cybersecurity review of Intel products sold in China to protect national security and consumer rights.
This article explains how Kubernetes leverages the Linux kernel security mechanisms Seccomp, AppArmor, and SELinux together with Pod Security Standards and the built‑in admission controller to enforce fine‑grained security policies for container workloads in cloud‑native environments.
A disgruntled former infrastructure engineer at a U.S. industrial firm deleted backups, locked administrators, and demanded $750,000 in Bitcoin, leading to his arrest and highlighting the severe risks, legal consequences, and mitigation strategies associated with insider ransomware threats.
This article explains how to securely hash passwords in PHP using the password_hash function, demonstrates code examples, describes verification with password_verify, and highlights automatic salting and best practices for protecting user credentials.
The article uses a classroom love‑note scenario to illustrate how single‑key (symmetric) and double‑key (asymmetric) locks model modern cryptographic techniques, explaining key exchange, signatures, man‑in‑the‑middle attacks, and how HTTPS secures communication.
This article explains a security vulnerability grading standard that defines five severity levels (S0‑S4), outlines handling timeframes, describes conditions for automatic level upgrades, and lists typical vulnerability types for each level to guide effective risk management.
This document outlines a security incident grading policy that defines purpose, scope, detailed classification across application, network, host, and data layers, and provides remarks on applicability, data‑related events, and the definition of critical (S0) vulnerabilities, helping organizations assess and prioritize security faults.
This article provides a comprehensive overview of TLS handshakes, detailing the RSA and ECDHE key exchange mechanisms, their step-by-step processes, security properties, and the differences between TLS 1.2 and TLS 1.3, including cipher suite structures and certificate validation.
This article outlines the framework for data element circulation, identifies three major security and compliance challenges in data flow, and presents five practical measures plus a six‑step method for incorporating data assets into financial statements to enhance transparency and value.
The article explains how Cloud Security Center protects Serverless container workloads through vulnerability scanning, intrusion detection, baseline checks, and isolation, outlines the integration architecture and workflow, examines key challenges such as multi‑tenant isolation, resource consumption and blast‑radius control, and presents test results and future security roadmap.
On September 5 at the 2024 Inclusion·Bund Conference, Ant InTech announced its first ten award-winning young scholars from top Chinese universities, highlighting their research in artificial intelligence, data processing, cloud computing, security, and related fields, each receiving a 200,000‑RMB grant.
The article examines a single sign‑on loop‑login problem caused by Secure‑flagged cookies being set over HTTP, explains how missing tokens trigger endless redirects, and recommends enforcing HTTPS or using a non‑Secure auxiliary token to break the redirect cycle.
This article explains the fundamentals of JSON Web Tokens (JWT), compares token-based authentication with traditional session methods, outlines common security threats such as theft, replay and forgery, and provides practical measures—including HTTPS, encryption, proper storage, expiration policies, and two-factor authentication—to safeguard token integrity.
The article chronicles Pavel Durov’s rise from a programming prodigy to the founder of VKontakte and Telegram, highlighting the platforms' rapid growth, privacy‑focused features, global usage, and the legal and ethical controversies surrounding his personal life and recent arrest.
This article presents an overview of data security related regulations, outlines the standards for data classification and grading, and showcases industry-specific classification schemes through illustrative diagrams, providing a concise visual guide for implementing data security measures.
This article explains the fundamentals of JSON Web Tokens (JWT), compares token-based authentication with traditional session methods, outlines common security threats such as theft, replay and forgery, and provides practical mitigation measures including HTTPS, encryption, secure storage, short lifetimes, two‑factor authentication, and safe token refresh strategies.
This article examines why many enterprises repeatedly suffer data breaches, highlighting common security flaws such as manual permission management, account sharing, lack of least‑privilege, insufficient environment isolation, weak audit logging, and offers practical recommendations to strengthen information security.
A high‑severity Windows TCP/IP IPv6 vulnerability (CVE‑2024‑38063) allows unauthenticated remote attackers to trigger denial‑of‑service or execute arbitrary code on millions of systems, and Microsoft recommends immediate patching or temporary IPv6 disabling as mitigation.
This article explains how data has become a strategic resource, outlines the economic and industrial value of data, differentiates data governance from data security governance, and reviews major data security frameworks and a data‑centric security architecture to guide organizations in protecting their data assets.
This article provides an in‑depth analysis of Spring Security 6.x architecture, explaining its filter‑chain design, authentication and authorization mechanisms, key components such as DelegatingFilterProxy, FilterChainProxy, SecurityFilterChain, and offers code examples and practical guidance for developers.
This article explains the fundamentals of the HTTP protocol, demonstrates how man‑in‑the‑middle attacks exploit its plaintext nature, discusses symmetric and asymmetric encryption attempts to mitigate these risks, and describes how HTTPS (TLS) and the CA trust model provide robust protection against such attacks.
At Black Hat 2024, SafeBreach researcher Alon Leviev revealed a “Downdate” technique that manipulates the Windows update mechanism to roll back the operating system and critical components to vulnerable older versions, exposing numerous historic flaws and enabling potential full system compromise.
This article examines why encrypted data is unfriendly to fuzzy search, categorises three implementation strategies—naïve, conventional, and advanced—analyses their advantages and disadvantages, and provides practical guidance and reference links for securely enabling fuzzy queries on encrypted fields.
This article explains how to secure data transmission in PHP by using HTTPS, symmetric encryption algorithms like AES, and asymmetric encryption with OpenSSL, including code examples and key management recommendations for web applications.
This article examines the challenges of fuzzy searching encrypted data and compares three implementation approaches—naïve, conventional, and advanced—detailing their principles, performance implications, storage costs, and security trade‑offs, ultimately recommending the conventional token‑based method for most practical applications.
A former NCS employee in Singapore, disgruntled after being fired, repeatedly accessed the company's QA system without authorization, wrote scripts, and in March 2023 deleted 180 virtual servers, causing losses of over $670,000 and leading to his conviction for illegal computer access.
This article outlines the evolution of data security in China, explains why data classification and grading are central to governance, and provides a step‑by‑step framework, principles, implementation details, adjustment triggers, and practical reflections for building effective data protection strategies.
This article examines the challenges of fuzzy searching encrypted data and compares three categories of solutions—naïve, conventional, and advanced—detailing their implementation ideas, performance trade‑offs, storage costs, and security implications for real‑world applications.
The article outlines how internet and financial risk control are categorized into anti‑cheat, anti‑fraud, and content security, describes full‑scenario cheating types, and presents a three‑step joint defense framework using perception, identification, and mitigation with feature‑based analysis.
This guide explains why MD5 with salt is insecure, introduces stronger hashing algorithms like bcrypt and Argon2, and provides practical PHP examples using password_hash and password_verify to safely store and verify user passwords with built‑in salts and configurable cost factors.
The article analyzes how shady mobile applications exploit phone‑credit and electricity‑bill recharge interfaces to funnel user payments through complex, hidden channels, describing the laundering chain, various payment methods, server tracing details, and the broader security implications for the black‑gray market.
Data architecture governance, encompassing standards, security, modeling, quality, and lifecycle management, is essential for digital transformation in fast‑growing industries like express delivery, and this article outlines current challenges, traditional approaches, and a practical, phased methodology with platform support to implement effective governance.
A recent CrowdStrike Falcon update triggered widespread Windows blue screen (BSOD) crashes across multiple countries, prompting IT departments worldwide to raise alarms while forcing the security firm to issue urgent fixes and grapple with damage to its reputation and user trust.
Data security, centered on the full data lifecycle, demands deep defense against dynamic, continuous risks; by adopting a new operational mindset and a comprehensive metrics system, organizations can achieve greater visibility, control, sustainability, and trustworthiness in protecting their data assets.
This guide explains how to use the ssh -Q command to list all OpenSSH-supported ciphers, cipher‑auth methods, key‑exchange algorithms, public‑key types, certificate keys, MACs, protocol versions, and signature algorithms, providing concrete command output and common examples for each category.
This article explains the principles of Message Authentication Codes (MAC), details the operation and characteristics of HMAC and CMAC, compares common algorithms, and provides Python code examples for generating and verifying these codes to ensure data integrity and authenticity.
This article provides a comprehensive overview of web security, covering authentication, input validation, secure coding practices, SQL injection and XSS attack mechanisms, detection methods, defensive techniques, and best practices for secure file upload and download.
This guide explains what China’s algorithm filing regulation entails, which services must comply, the types of algorithms covered, why filing is essential, the step‑by‑step process, and the documents needed to complete the mandatory filing within the stipulated timeframe.
A New York Times report reveals that a hacker accessed OpenAI's internal messaging system, exposing employee discussions on AI advancements and sparking concerns about foreign espionage, internal security practices, and the broader national‑security implications of AI technology.
A June 2024 security breach compromised a popular JavaScript polyfill CDN, injecting malicious code that redirected over 100,000 sites, prompting warnings from Google and GitHub and highlighting best practices for protecting web applications from CDN‑based supply‑chain attacks.
This article explains the fundamentals of the HTTP protocol, illustrates its susceptibility to man‑in‑the‑middle attacks, discusses symmetric and asymmetric encryption attempts, and then details how HTTPS (TLS) and the CA trust model protect data transmission from interception and tampering.
Web application penetration testing is a systematic security assessment that identifies vulnerabilities such as SQL injection, XSS, CSRF, insecure authentication, and file‑upload flaws, using methods ranging from black‑box to manual testing, and follows best practices like OWASP guidelines to protect data, privacy, and system integrity.
A severe backdoor discovered in XZ Utils versions 5.6.0 and 5.6.1 (CVE‑2024‑3094) allows unauthorized remote code execution via SSH, affecting major Linux distributions such as Debian testing, Fedora Rawhide, Arch, and openSUSE, and users are urged to upgrade immediately.
A Singapore court sentenced former NCS employee Kandula Nagaraju to over two years in prison after he illegally accessed his ex‑employer’s QA system, deleted 180 virtual servers, and caused more than $670,000 in damages, highlighting serious cybersecurity and legal repercussions.
A security research team created a counterfeit VSCode extension in half an hour, demonstrated how easily malicious code can be injected and distributed through the VSCode Marketplace, and revealed that dozens of high‑value companies, security firms and even a national court were compromised, highlighting critical gaps in extension vetting and supply‑chain protection.
This article outlines the national‑standard‑based methodology for classifying and grading data, detailing industry‑specific processes, core and important data identification criteria, general data handling, and a privacy‑focused governance framework that enables organizations to protect sensitive information effectively.
The article presents NordPass's annual most‑used password list, highlights the top ten weak passwords in China that can be cracked in seconds, explains why users choose them, and offers four practical recommendations for creating stronger, more secure passwords.
A recent ASEC report reveals that a malicious program disguised as the popular Office 2013‑2024 C2R Install crack tool distributes a .NET‑based malware suite that installs Orcus RAT, the XMRig cryptocurrency miner, and the 3Proxy proxy tool, primarily targeting Korean users and persisting via scheduled tasks and PowerShell updates.
The article reports that Microsoft’s upcoming Windows 11 24H2 will require CPUs with the POPCNT instruction, notes that only pre‑2008 processors lack it, highlights a community‑modified Windows XP ISO that runs on an Intel i486, and details experiments showing how quickly legacy Windows systems become infected when exposed to the internet, underscoring modern security improvements.
The article reports that Microsoft’s upcoming Windows 11 24H2 will require CPUs with POPCNT support, highlights a successful run of Windows XP on a 1990s Intel i486, and details a YouTuber’s experiment exposing legacy Windows XP and 2000 systems to the internet, revealing rapid virus infections and security risks.
The article examines the opportunities and risks of applying large language models (LLMs) to cybersecurity, outlines fourteen practical recommendations for assessing their real‑world capabilities, and concludes with an invitation to the upcoming R&D Efficiency Conference covering AI, product management, and related topics.
php-encryption, an open‑source library by security expert Defuse, offers developers a straightforward way to implement strong AES‑256‑GCM, AES‑256‑CBC, and XChaCha20‑Poly1305 encryption in PHP, handling key derivation, random number generation, and error reporting without requiring deep cryptographic expertise.
Huolala’s Information Security team built a comprehensive security asset library and visualization framework, detailing asset pain points, mapping methodology, detection and drawing modules, and measurable outcomes, to enhance asset visibility, risk assessment, and continuous security operations in a cloud‑native environment.
A recent backdoor implanted in the widely used open‑source compression tool XZ exposes the fragile reliance on volunteer‑maintained software infrastructure, highlighting the massive economic value of open‑source, the sophisticated attack methods employed, and the urgent need for better security and maintenance practices.
Amid rapid digital transformation, this article examines the growing importance of cybersecurity insurance for Chinese SMEs, presenting market data, challenges, a three‑layer protection model, and details of a recent industry salon that discussed practical solutions and future pilots.
A Chinese procurement announcement listed the localhost IP 127.0.0.1 in five bidders' documents, sparking online debate and technical analysis that traced the issue to a bug in the official electronic tender software, which can be reproduced by disabling IPv4.
The article outlines the CISSP‑ISSAP certification for security architects, detailing exam format, passing score, target audience, prerequisites, and a range of preparation resources including official guides, online courses, books, community forums, and practice tests to help candidates succeed.
The Chinese national standard GB/T 43697‑2024 on Data Security Technology – Data Classification and Grading Rules has been officially released, providing universal classification guidelines and set to take effect on October 1 2024, offering essential direction for implementing data classification and grading management.
Researchers from Harbin Institute of Technology analyzed nearly 14,000 Chinese government websites, uncovering widespread security flaws such as missing DNS records, over‑reliance on a few DNS and ISP providers, vulnerable jQuery versions, and inadequate server redundancy, all of which could enable large‑scale attacks.
A security researcher uncovered a sophisticated supply‑chain attack where a malicious contributor infiltrated the open‑source xz project, inserted a hidden backdoor into versions 5.6.0 and 5.6.1, and leveraged it to compromise systems that rely on xz via OpenSSH.
This article reviews several leading cross‑platform antivirus products—Avast, ESET NOD32, F‑PROT, ClamAV, Comodo, and Sophos—highlighting their features, Linux compatibility, and considerations for securing servers while noting that proper security practices may reduce the need for constant antivirus deployment.
The article explains how Python's simplicity, extensive ecosystem, versatility, and strong automation capabilities make it a preferred language for cybersecurity professionals, outlining five key reasons and showcasing typical use cases such as network scanning, penetration testing, malware analysis, security auditing, and tool development.
This article explains what code signing is, why it is essential for software integrity and trust, outlines the signing process, compares traditional code signing certificates with the GaraSign cloud service, and offers guidance on choosing the right solution based on cost, scalability, and compliance needs.
This article outlines essential strategies—including secure HttpOnly cookies, session ID regeneration, timeout handling, encrypted storage, user‑attribute verification, and permission checks—to harden PHP session management against hijacking, fixation, and unauthorized access.
The article examines why encrypted sensitive fields such as passwords, phone numbers, and bank details need special handling, categorises three families of fuzzy‑search solutions for encrypted data, evaluates their security, performance and storage costs, and recommends a balanced conventional method for production use.
Kali Linux, a Debian‑based distribution maintained by Offensive Security, bundles over 600 penetration‑testing and digital‑forensics tools such as Metasploit, Nmap, Wireshark, Aircrack‑ng and John the Ripper, making it a preferred platform for security professionals in testing, forensics, and network defense.
The article defines user assets, explains why protecting them is vital for SaaS companies, and outlines organizational, procedural, technical, and emergency-response measures—plus common challenges—to help enterprises build comprehensive user asset security programs.
Data classification and grading, essential components of data security governance, involve defining data categories, assigning sensitivity levels, adhering to national standards, and establishing organizational processes to ensure compliant, secure, and value‑driven data handling across enterprises.
Datadog’s 2024 DevSecOps report reveals that 90% of Java services contain at least one severe vulnerability—far higher than other languages—largely due to indirect dependencies, and stresses the need for comprehensive dependency scanning, prioritized remediation, and robust alert triage to manage the flood of low‑impact automated attacks.
HTTPS secures web traffic by combining symmetric and asymmetric encryption, digital signatures, and certificate authorities within the TLS protocol to ensure confidentiality, integrity, authentication, and non‑repudiation, replacing insecure HTTP and becoming mandatory for modern browsers, servers, and platforms despite earlier concerns about cost and complexity.
The 2024 software development landscape will be shaped by rapid advances in artificial intelligence and machine learning, deeper integration of blockchain beyond cryptocurrency, the rise of multi‑runtime microservices and cloud‑native architectures, heightened focus on information security, expanding AR/VR applications, sustainable coding practices, quantum and edge computing, as well as evolving programming language preferences toward Python and Rust.
The article explains why MD5 and simple salted hashes are insecure for password storage, distinguishes between cryptographic and non‑cryptographic hash functions, introduces slow key‑derivation algorithms such as Bcrypt, Scrypt and Argon2, and recommends using strong KDFs with unique salts in modern applications.
