Tagged articles

994 articles

Page 7 of 10

Oct 4, 2021 · Artificial Intelligence

Intelligent Risk Control Practices and Architecture by Shumei Technology

This article presents Shumei Technology's comprehensive approach to fraud prevention, detailing the scale of black‑market losses, typical abuse scenarios, challenges of traditional defenses, and the design of a full‑stack, AI‑driven risk control system that combines device, behavior, and content detection with real‑time, multi‑cluster deployment and case studies from banking and live‑stream platforms.

Artificial IntelligenceInformation Securityfraud detection

0 likes · 24 min read

Intelligent Risk Control Practices and Architecture by Shumei Technology

Top Architect

Sep 20, 2021 · Information Security

Case Study: Violation of Computer Information System Laws by Yang Mou – Court Judgment and Legal Analysis

The article details how Yang Mou, a former ticketing system programmer, remotely accessed and sabotaged a bus company's ticketing platform in October 2020, leading to a court conviction for destroying computer information systems under Chinese criminal law, with a nine‑month prison sentence and references to relevant statutes.

Chinese lawInformation Securitycomputer crime

0 likes · 6 min read

Case Study: Violation of Computer Information System Laws by Yang Mou – Court Judgment and Legal Analysis

Ops Development Stories

Sep 18, 2021 · Information Security

Secure Message Delivery: Symmetric & Asymmetric Encryption, Hashes, Signatures

Learn the fundamentals of information security through a myth-inspired scenario, covering how symmetric and asymmetric encryption, message digests, and digital signatures ensure confidentiality, integrity, and authenticity when transmitting a simple invitation, and explore a practical secure email system design.

Information SecuritySymmetric Cryptographydigital signatures

0 likes · 7 min read

Secure Message Delivery: Symmetric & Asymmetric Encryption, Hashes, Signatures

iQIYI Technical Product Team

Sep 10, 2021 · Information Security

Introduction and Business Practice of Cloud KMS for Data Security at iQIYI

iQIYI’s security team created a Cloud KMS platform that, in line with China’s Data Security Law, provides HSM‑backed key lifecycle management, API‑driven encryption, high‑availability deployment and fine‑grained access control, enabling its membership services to meet compliance, cut development effort by ~80 %, halve operational workload and lower costs, while laying groundwork for future features such as traffic splitting and zero‑intrusion integration.

Business PracticeCloud ComputingCloud KMS

0 likes · 7 min read

Introduction and Business Practice of Cloud KMS for Data Security at iQIYI

21CTO

Sep 9, 2021 · Information Security

Critical IE Zero-Day (CVE‑2021‑40444) Exploited via Malicious Office Docs – What You Need to Know

Microsoft warned on September 8 that a critical IE zero‑day (CVE‑2021‑40444) is being actively exploited through specially crafted Office documents, allowing remote code execution via ActiveX, and urged users to disable IE ActiveX controls until a patch is released.

ActiveXCVE-2021-40444IE

0 likes · 3 min read

Critical IE Zero-Day (CVE‑2021‑40444) Exploited via Malicious Office Docs – What You Need to Know

Java Architect Essentials

Sep 5, 2021 · Industry Insights

When AI Code Assistants Leak Fake IDs: GitHub Copilot’s Privacy Risks Explained

GitHub Copilot once auto‑completed a seemingly real Chinese ID number for a public figure, sparking concerns that large language models can unintentionally expose personal data learned from public web sources, highlighting privacy and security challenges in AI‑driven code assistants.

AI privacyGitHub CopilotInformation Security

0 likes · 8 min read

When AI Code Assistants Leak Fake IDs: GitHub Copilot’s Privacy Risks Explained

Liangxu Linux

Aug 30, 2021 · Information Security

Understanding TCP/IP Layers and Common Network Attacks: ARP, DoS, DNS

This article explains how the four-layer TCP/IP model underpins various network attacks such as ARP spoofing, DoS (including SYN flood), and DNS hijacking, and provides practical security recommendations for detecting and mitigating these threats.

ARPDNSDoS

0 likes · 11 min read

Understanding TCP/IP Layers and Common Network Attacks: ARP, DoS, DNS

Qingyun Technology Community

Aug 25, 2021 · Information Security

How QingCloud’s Security Resource Pool Leverages SDN for Scalable Cloud Protection

This article explains how QingCloud’s security resource pool, built on a trusted cloud platform and SDN orchestration, provides self‑service, high‑performance, and open‑architecture security services for tenants, addressing control‑plane and data‑flow challenges while enabling flexible north‑south and east‑west traffic protection.

Information SecurityQingCloudSDN orchestration

0 likes · 10 min read

How QingCloud’s Security Resource Pool Leverages SDN for Scalable Cloud Protection

MaGe Linux Operations

Aug 22, 2021 · Information Security

What Happens When an Elasticsearch Database Exposes 2 Million Sensitive Records?

In July, security researcher Bob Diachenko uncovered an exposed Elasticsearch cluster leaking nearly two million personal records—including passport details and no‑fly indicators—highlighting the severe impact of unsecured Elasticsearch deployments and offering recommendations to prevent future breaches.

ElasticsearchInformation Securitydata breach

0 likes · 5 min read

What Happens When an Elasticsearch Database Exposes 2 Million Sensitive Records?

DataFunSummit

Aug 20, 2021 · Artificial Intelligence

Data Privacy and Differential Privacy Techniques in Machine Learning

This article reviews recent data privacy challenges in machine learning, explains the distinction between privacy and security, presents classic attacks and anonymization methods such as K‑anonymity, L‑diversity and T‑closeness, and details differential privacy techniques and their impact on model performance.

Information Securityanonymizationdifferential privacy

0 likes · 17 min read

Data Privacy and Differential Privacy Techniques in Machine Learning

OPPO Amber Lab

Aug 10, 2021 · Information Security

AI, IoT, and Zero Trust: Key Takeaways from the 2021 ACM China Turing Conference

At the 2021 ACM China Turing Conference in Hefei, leading academics and industry experts presented cutting‑edge research on AI‑driven security, mobile OS vulnerability detection, IoT sensor risks, ARM confidential computing, and zero‑trust frameworks, highlighting how emerging technologies reshape secure mobile and industrial ecosystems.

AIARMInformation Security

0 likes · 7 min read

AI, IoT, and Zero Trust: Key Takeaways from the 2021 ACM China Turing Conference

DevOps

Aug 9, 2021 · Operations

Microsoft Digital: Internal IT Transformation and Operational Excellence

Microsoft Digital describes how Microsoft’s internal IT organization, renamed from CSEO to Microsoft Digital, drove a comprehensive digital transformation by migrating operations to Azure, adopting cloud‑centric architecture, implementing DevOps, enhancing security, data, and AI capabilities, and aligning vision‑driven priorities to boost productivity, customer focus, and business outcomes.

Digital TransformationInformation SecurityOperations

0 likes · 20 min read

Microsoft Digital: Internal IT Transformation and Operational Excellence

Liangxu Linux

Aug 7, 2021 · Information Security

Master Packet Crafting with Scapy: ARP Scanning and TCP SYN Port Scanning in Python

This tutorial shows how to use Python's Scapy library to craft and send ARP requests for network discovery, perform ARP spoofing attacks, and implement TCP SYN port scanning by interpreting packet flags, providing complete code examples and practical security insights.

ARPInformation SecurityScapy

0 likes · 7 min read

Master Packet Crafting with Scapy: ARP Scanning and TCP SYN Port Scanning in Python

58 Tech

Aug 5, 2021 · Artificial Intelligence

Exploration and Practice of Text Representation Algorithms in the 58 Security Scenario

This article presents a comprehensive study of text representation techniques—from weighted word‑vector methods to supervised SimBert and unsupervised contrastive learning models—applied to large‑scale unstructured data in 58's information‑security workflows, evaluating their effectiveness for classification and content‑recall tasks.

BERTInformation SecuritySimCSE

0 likes · 11 min read

Exploration and Practice of Text Representation Algorithms in the 58 Security Scenario

Java High-Performance Architecture

Jul 25, 2021 · Information Security

Are Your Face Scans Exposing You Naked? Hidden Risks of Facial Recognition

Facial recognition technology, now common in payments, transport and law enforcement, often captures more than just the face, uploading full‑camera images to back‑ends where human reviewers may see users in vulnerable situations, raising serious privacy and security concerns.

AI ethicsInformation Securitydata leakage

0 likes · 7 min read

Are Your Face Scans Exposing You Naked? Hidden Risks of Facial Recognition

Code Ape Tech Column

Jul 23, 2021 · Information Security

Mastering OAuth2 SSO with SpringBoot: A Step‑by‑Step Guide

This article explains the principles of Single Sign‑On using OAuth2.0, illustrates the flow with a real‑world analogy, and provides a complete SpringBoot implementation for both the authorization server and client, including role‑based permission control and microservice integration.

AuthenticationAuthorizationInformation Security

0 likes · 11 min read

Mastering OAuth2 SSO with SpringBoot: A Step‑by‑Step Guide

NetEase Smart Enterprise Tech+

Jul 22, 2021 · Information Security

Mastering CAS-Based Single Sign-On: From Session Mechanics to Seamless Logout

This article explains a complete CAS-based single sign‑on solution, covering traditional session mechanisms, the CAS architecture, implementation of single sign‑on, session renewal, single logout, and practical extensions for multi‑system integration to ensure secure and seamless user experiences across enterprise applications.

AuthenticationCASInformation Security

0 likes · 12 min read

Mastering CAS-Based Single Sign-On: From Session Mechanics to Seamless Logout

Beike Product & Technology

Jul 20, 2021 · Information Security

Building an Enterprise Information Security Management System: Challenges, Role, and Implementation Strategies

This article shares practical experiences from building a zero‑to‑one information security management system for enterprises, outlining common security challenges, the role of such systems in risk governance, and detailed implementation approaches including security policies, penalty mechanisms, and management operations to achieve closed‑loop risk mitigation.

Information SecuritySecurity Governanceenterprise security

0 likes · 10 min read

Building an Enterprise Information Security Management System: Challenges, Role, and Implementation Strategies

Python Crawling & Data Mining

Jul 15, 2021 · Information Security

How Hackers Locate Unsecured Network Cameras Using ZoomEye, Shodan, and IP Scanning

This article explains how attackers discover vulnerable internet‑connected cameras by using searchable databases like ZoomEye and Shodan, as well as by scanning IP ranges for common camera ports, and highlights the ethical considerations of such techniques.

IP scanningInformation SecurityNetwork Cameras

0 likes · 4 min read

How Hackers Locate Unsecured Network Cameras Using ZoomEye, Shodan, and IP Scanning

Laravel Tech Community

Jul 13, 2021 · Information Security

The Rise and Decline of Ruixing Antivirus: History, Market Share, and Current Status

This article chronicles the evolution of Ruixing antivirus from its 1990s founding and dominant market share of up to 80% to its recent shift toward enterprise security, highlighting key industry competition, pricing changes, and user experience issues such as ads, performance slowdown, and uninstall difficulty.

AntivirusInformation SecurityRuixing

0 likes · 5 min read

The Rise and Decline of Ruixing Antivirus: History, Market Share, and Current Status

ByteFE

Jul 13, 2021 · Information Security

Privacy vs. Personalization in Advertising: Technical Foundations and Emerging Solutions

The article examines how increasing privacy regulations—especially after iOS 14—challenge personalized advertising by focusing on the technical core of user identification, the risks of cross‑domain data sharing, and a range of mitigation strategies such as fingerprint protection, third‑party cookie blocking, and privacy‑preserving attribution frameworks like PCM, SKAdNetwork, AEM, and FLoC.

AdvertisingInformation SecurityWeb

0 likes · 34 min read

Privacy vs. Personalization in Advertising: Technical Foundations and Emerging Solutions

21CTO

Jul 12, 2021 · Information Security

Why Are the US and Russia Negotiating Over Ransomware Threats?

Recent high‑profile ransomware attacks on US critical infrastructure have prompted President Biden to call President Putin, urging Russia to curb ransomware groups like REvil and DarkSide, while both nations discuss cybersecurity negotiations and potential retaliatory actions.

Information SecurityRansomwareUS-Russia

0 likes · 6 min read

Why Are the US and Russia Negotiating Over Ransomware Threats?

Alibaba Cloud Developer

Jul 5, 2021 · Cloud Native

How Cloud‑Native Architecture Turns Security Into an Immune System

In this talk, Alibaba Cloud security leader Xiao Li shares two decades of network security experience, explains how cloud‑native technologies reshape protection from external add‑ons to built‑in, on‑demand immune systems, and outlines trends like zero‑trust, hardware‑rooted trust, and automatic remediation.

Information Securitycloud securityhardware trust

0 likes · 10 min read

How Cloud‑Native Architecture Turns Security Into an Immune System

Python Programming Learning Circle

Jul 3, 2021 · Information Security

Brute‑Force Decryption of Password‑Protected Zip/Rar Files Using Python

This article explains how to use Python's built‑in zipfile module and the third‑party rarfile library to extract encrypted archives, handle Chinese filename encoding issues, and implement a brute‑force password search with itertools for arbitrary password lengths.

Information SecurityPythonbruteforce

0 likes · 7 min read

Brute‑Force Decryption of Password‑Protected Zip/Rar Files Using Python

Tencent Cloud Developer

Jun 29, 2021 · Information Security

Tencent Cloud Object Storage Content Security: Comprehensive Multi-Modal Content Moderation Solution

Tencent Cloud Object Storage Content Security offers a comprehensive, multi‑modal moderation solution—leveraging YouTu Lab’s advanced image, video, audio and text analysis—to automatically detect and handle prohibited material across hundreds of violation types, providing one‑click task initiation, configurable callbacks, and visual tracking for platforms such as social media, online education, e‑commerce, and gaming.

AI content moderationAudio AnalysisContent Security

0 likes · 6 min read

Tencent Cloud Object Storage Content Security: Comprehensive Multi-Modal Content Moderation Solution

Open Source Linux

Jun 28, 2021 · Information Security

Top 100 Cybersecurity Tips to Strengthen Your Network Safety

This guide compiles 100 practical cybersecurity tips across ten key areas—including password hygiene, virus protection, safe browsing, online transactions, email handling, host computer safeguards, office environment practices, mobile device security, wireless network defenses, and sensitive data protection—to help readers build a more secure digital environment.

Information Securitycybersecurityemail protection

0 likes · 13 min read

Top 100 Cybersecurity Tips to Strengthen Your Network Safety

Python Programming Learning Circle

Jun 26, 2021 · Information Security

Security Analysis and Exploitation of a QQ Phishing Website

The article documents a step‑by‑step security investigation of a QQ phishing site, detailing its fake login page, POST endpoint, Python‑based credential flooding, network reconnaissance, port scanning, vulnerability scanning, and discovery of the backend control panel, while discussing the challenges of XSS and brute‑force attacks.

Information SecurityNetwork ScanningWeb Security

0 likes · 7 min read

Security Analysis and Exploitation of a QQ Phishing Website

Java Architect Essentials

Jun 17, 2021 · Information Security

WeChat One‑Way Friend Detection Patent and How to Identify Deleted Contacts

The article explains how WeChat users can detect when they have been removed as friends, describes Tencent's recent patent for a single‑way friend detection feature, shows the proposed UI workflow, discusses user reactions, and warns against unsafe third‑party tools.

Friend DetectionInformation SecurityWeChat

0 likes · 5 min read

WeChat One‑Way Friend Detection Patent and How to Identify Deleted Contacts

Efficient Ops

Jun 17, 2021 · Information Security

Linus Torvalds Slams Anti‑Vaccine Rhetoric, New Cloud Malware, and Tech Market Shifts

The article reports Linus Torvalds’ harsh response to anti‑vaccine comments, recent global website outages, Tim Berners‑Lee’s NFT auction of the web’s source code, the discovery of a Windows Server container‑escaping malware, rapid growth in China’s industrial cloud market, forecasts for the global telecom cloud market, Microsoft’s upcoming Windows 10 end‑of‑support, Google’s custom video‑processing hardware for YouTube, and a massive Volkswagen customer data leak.

Information SecurityLinus TorvaldsWindows Server malware

0 likes · 9 min read

Linus Torvalds Slams Anti‑Vaccine Rhetoric, New Cloud Malware, and Tech Market Shifts

ITPUB

Jun 17, 2021 · Information Security

How Illegal Web Crawlers Stole Over 1 Billion Chinese Users’ Data and Got Sent to Prison

A recent Chinese court case reveals that a university graduate used a custom web‑crawler to harvest more than 1.18 billion Taobao user records, which were then sold to a partner who ran fraudulent WeChat groups, leading to both perpetrators’ conviction for violating personal information protection laws.

ChinaInformation SecurityWeb Crawler

0 likes · 10 min read

How Illegal Web Crawlers Stole Over 1 Billion Chinese Users’ Data and Got Sent to Prison

Java Architect Essentials

Jun 14, 2021 · Information Security

How the Qike PDF Converter Turns PCs into Botnets: Malware Analysis and Prevention

Huorong’s threat intelligence team discovered that the Qike PDF Converter carries a malicious proxy module that silently spreads via download‑site installers, hijacks system processes, persists as a startup service, and can turn infected machines into high‑CPU‑usage botnets, prompting immediate security updates.

HuorongInformation SecurityPersistence

0 likes · 5 min read

How the Qike PDF Converter Turns PCs into Botnets: Malware Analysis and Prevention

DataFunTalk

Jun 7, 2021 · Information Security

Anti‑Fraud Strategies and Practices for the Jimu Social App

This article presents Xu Ming, head of risk control at Jimu, sharing comprehensive insights and practical experiences on combating black‑gray market fraud within the Jimu app, covering the platform’s risk points, common challenges, overall anti‑fraud strategy, detailed operational tactics, and reflective thoughts on future improvements.

App SecurityInformation Securityanti‑fraud

0 likes · 17 min read

Anti‑Fraud Strategies and Practices for the Jimu Social App

Laravel Tech Community

Jun 2, 2021 · Information Security

mcrypt_module_open – Opening Encryption Algorithm and Mode Modules in PHP

The article explains the PHP function mcrypt_module_open, detailing its purpose of opening encryption algorithm and mode modules, describing each of its four parameters, default directory behaviors, and the return value indicating success with a resource or failure with FALSE.

Information SecurityPHPencryption

0 likes · 2 min read

mcrypt_module_open – Opening Encryption Algorithm and Mode Modules in PHP

ITPUB

May 29, 2021 · Information Security

When a Resigned Developer Deletes Company Data: A Real‑World InfoSec Crime Case

The article recounts a high‑profile Chinese case where a former developer, after a salary dispute, exploited server vulnerabilities to delete critical user data and application files, leading to massive user impact, a court trial, and an eleven‑month prison sentence under computer‑information‑system sabotage laws.

Information Securitycomputer crimedata breach

0 likes · 6 min read

When a Resigned Developer Deletes Company Data: A Real‑World InfoSec Crime Case

Laravel Tech Community

May 26, 2021 · Information Security

mcrypt_enc_get_key_size – Returns the Maximum Supported Key Size for an Opened Encryption Mode

The PHP function mcrypt_enc_get_key_size returns the maximum key length, in bytes, that the currently opened encryption mode can support, taking a resource descriptor as its sole parameter and providing developers with essential information for handling encryption keys securely.

Information SecurityPHPencryption

0 likes · 1 min read

mcrypt_enc_get_key_size – Returns the Maximum Supported Key Size for an Opened Encryption Mode

Laravel Tech Community

May 25, 2021 · Information Security

mcrypt_enc_get_block_size – Returns the Block Size of the Opened Encryption Algorithm

The mcrypt_enc_get_block_size function in PHP returns the block size, in bytes, of the encryption algorithm associated with a given encryption descriptor resource, providing essential information for handling block cipher operations and ensuring correct data padding during encryption and decryption processes.

Block SizeInformation SecurityPHP

0 likes · 1 min read

mcrypt_enc_get_block_size – Returns the Block Size of the Opened Encryption Algorithm

MaGe Linux Operations

May 25, 2021 · Information Security

Why Spam Packages Flooded PyPI with Pirated Movie Links and How to Stay Safe

A wave of malicious PyPI packages named after popular movies and TV shows, many containing spam keywords and stolen code, exposed supply‑chain risks and prompted urgent cleanup by maintainers, highlighting the need for developers to verify packages before use.

Information SecurityPyPIPython

0 likes · 4 min read

Why Spam Packages Flooded PyPI with Pirated Movie Links and How to Stay Safe

Laravel Tech Community

May 24, 2021 · Information Security

mcrypt_enc_get_algorithms_name() Returns the Name of the Opened Encryption Algorithm

The PHP function mcrypt_enc_get_algorithms_name($td) returns the name of the encryption algorithm associated with the given encryption descriptor, providing developers with a string that identifies the algorithm currently in use for cryptographic operations.

Information SecurityPHPencryption

0 likes · 1 min read

mcrypt_enc_get_algorithms_name() Returns the Name of the Opened Encryption Algorithm

Laravel Tech Community

May 23, 2021 · Information Security

PHP mcrypt_decrypt() – Decrypt Ciphertext with Given Parameters

The PHP mcrypt_decrypt() function decrypts data using a specified cipher, key, mode, and optional initialization vector, returning the plaintext string or FALSE on failure, with detailed parameter descriptions and usage notes.

Information Securitydecryptionencryption

0 likes · 2 min read

PHP mcrypt_decrypt() – Decrypt Ciphertext with Given Parameters

ITFLY8 Architecture Home

May 22, 2021 · Fundamentals

How Meituan Scaled Data Governance: Practical Lessons for Enterprise Data Management

This article outlines Meituan's journey in data governance, detailing the challenges of data quality, cost, security, standardization and efficiency, and presenting a three‑stage roadmap—passive, proactive, and automated governance—along with concrete technical and organizational solutions.

Data ArchitectureData QualityInformation Security

0 likes · 9 min read

How Meituan Scaled Data Governance: Practical Lessons for Enterprise Data Management

Laravel Tech Community

May 20, 2021 · Information Security

mcrypt_cbc() Function for CBC‑Mode Encryption and Decryption in PHP

This article explains the PHP mcrypt_cbc() function, detailing its two prototypes for different libmcrypt versions, the full parameter list—including optional IV—and the mode constants MCRYPT_ENCRYPT and MCRYPT_DECRYPT used for CBC‑mode cryptographic operations.

CBCInformation SecurityPHP

0 likes · 1 min read

mcrypt_cbc() Function for CBC‑Mode Encryption and Decryption in PHP

Sohu Tech Products

May 19, 2021 · Information Security

Understanding HTTPS: TLS/SSL Principles, Encryption, Digital Signatures, and Certificate Authorities

This article explains the fundamental concepts of HTTPS, covering TLS/SSL algorithms, the roles of symmetric and asymmetric encryption, digital signatures, certificate authorities, the TLS 1.2 handshake process, and why HTTPS is preferred over HTTP despite deployment challenges.

Certificate AuthorityHTTPSInformation Security

0 likes · 21 min read

Understanding HTTPS: TLS/SSL Principles, Encryption, Digital Signatures, and Certificate Authorities

58 Tech

May 10, 2021 · Information Security

Marketing Anti‑Fraud Algorithm Framework and Practice at 58.com

This article details the design, implementation, and evaluation of a multi‑layer anti‑fraud system for 58.com’s marketing activities, covering data and feature engineering, unsupervised and supervised models, graph‑based community detection, and semi‑supervised graph neural networks, with empirical results demonstrating their effectiveness.

Graph Neural NetworkInformation SecurityMarketing

0 likes · 18 min read

Marketing Anti‑Fraud Algorithm Framework and Practice at 58.com

MaGe Linux Operations

May 9, 2021 · Information Security

How to Block Foreign IPs in Nginx Using the ngx_http_geoip2 Module

This guide walks you through installing the ngx_http_geoip2 module, upgrading Nginx, downloading the GeoLite2 database, configuring Nginx to detect foreign IPs, and applying rules that return a 404 response for non‑Chinese visitors, complete with command‑line examples and verification steps.

Information SecurityServer Configurationblock foreign IP

0 likes · 7 min read

How to Block Foreign IPs in Nginx Using the ngx_http_geoip2 Module

DevOps

May 7, 2021 · Information Security

Container Image Security: Challenges, Scanning in the SDLC, and Best Practices

This article examines the growing security concerns of container images, presents alarming vulnerability statistics, explains why image scanning should be placed before image push in the CI/CD pipeline, and outlines practical best‑practice recommendations such as using lightweight base images, non‑root users, secret management, minimal packages, Dockerfile linting, and avoiding unmaintained images.

DevSecOpsDockerInformation Security

0 likes · 14 min read

Container Image Security: Challenges, Scanning in the SDLC, and Best Practices

DataFunTalk

May 6, 2021 · Information Security

Intelligent Risk Control at 58.com: Architecture, Challenges, and Unknown Risk Detection

This article explains the business background of 58.com, the security challenges it faces, the design of its AI‑driven risk‑control architecture, and detailed practices for perceiving and handling unknown risks using big‑data, machine‑learning and anomaly‑detection techniques.

AIInformation Securityrisk control

0 likes · 16 min read

Intelligent Risk Control at 58.com: Architecture, Challenges, and Unknown Risk Detection

Open Source Tech Hub

Apr 30, 2021 · Information Security

How to Implement RBAC with PHP‑Casbin: Installation, Configuration, and Permission Checks

This guide shows how to install PHP‑Casbin, configure an RBAC model, initialize an enforcer with a MySQL adapter, add roles and permissions, and verify access decisions for different users using concrete code examples.

Backend DevelopmentCasbinInformation Security

0 likes · 4 min read

How to Implement RBAC with PHP‑Casbin: Installation, Configuration, and Permission Checks

21CTO

Apr 26, 2021 · Information Security

Remembering Dan Kaminsky: The Hacker Who Secured the Internet

The article commemorates Dan Kaminsky, the renowned information‑security researcher who uncovered the critical DNS vulnerability in 2008, outlines his career, explains the impact of his discovery and coordinated patch, and dispels rumors surrounding his death.

DNS vulnerabilityDan KaminskyInformation Security

0 likes · 5 min read

Remembering Dan Kaminsky: The Hacker Who Secured the Internet

Programmer DD

Apr 24, 2021 · Information Security

When a Research Paper Turned Into a Linux Kernel Security Disaster

A controversial university paper on covertly injecting vulnerabilities into open‑source software sparked a chain of malicious Linux kernel patches, provoked a fierce response from maintainer Greg Kroah‑Hartman, and forced the University of Minnesota to suspend the research amid heated community debate.

Academic PaperCode InjectionInformation Security

0 likes · 7 min read

When a Research Paper Turned Into a Linux Kernel Security Disaster

Su San Talks Tech

Apr 21, 2021 · Information Security

How Data Masking Protects Sensitive Information: Techniques & Best Practices

This article explains what data masking (also called data de‑identification) is, why it is essential for protecting personal data in sectors like finance and healthcare, and details static and dynamic masking methods along with common techniques such as truncation, randomization, replacement, encryption, averaging and offsetting.

DDMInformation SecuritySDM

0 likes · 8 min read

How Data Masking Protects Sensitive Information: Techniques & Best Practices

21CTO

Apr 17, 2021 · Information Security

Critical WeChat PC 0‑Day, M1 Chip Upgrade & More: Top Tech Security News

This article reports a high‑severity WeChat PC zero‑day, a Chinese engineer’s M1‑chip memory and storage upgrade, Slackware 15.0 Beta release, Google Project Zero’s extended disclosure windows, and the debut of the world’s first officially certified semi‑cyborg, highlighting major tech security and innovation news.

Hardware HackingInformation SecurityLinux

0 likes · 5 min read

Critical WeChat PC 0‑Day, M1 Chip Upgrade & More: Top Tech Security News

58 Tech

Apr 16, 2021 · Artificial Intelligence

Graph Neural Network Based Anti‑Fraud Solution for Online Information Services

The article presents a comprehensive anti‑fraud framework that analyzes black‑market fraud characteristics, reviews conventional fraud‑mitigation methods, and proposes a multimodal graph‑neural‑network approach—leveraging device, behavior, and content similarity—to accurately identify fraudulent users on large‑scale internet platforms.

Information Securityanti‑fraudfraud detection

0 likes · 18 min read

Graph Neural Network Based Anti‑Fraud Solution for Online Information Services

vivo Internet Technology

Apr 14, 2021 · Information Security

Understanding Encryption: From Simple Stories to Diffie‑Hellman and RSA

This article explains the fundamentals of encryption by walking through a relatable story, defining keys, comparing symmetric and asymmetric methods, illustrating key‑exchange techniques such as paint‑mixing, multiplication tricks, Diffie‑Hellman, AES block processing, and the RSA algorithm with step‑by‑step calculations.

Diffie-HellmanInformation SecurityRSA

0 likes · 15 min read

Understanding Encryption: From Simple Stories to Diffie‑Hellman and RSA

Architects' Tech Alliance

Apr 13, 2021 · Artificial Intelligence

Top Ten Technology Trends in the Information Industry for 2021

The 2021 report from the China Electronic Information Industry Development Research Institute outlines ten major technology trends—including diversified chip design, MEMS‑based sensors, cloud‑edge collaboration, intelligent networking, evolving display technologies, AI algorithm and compute advances, open‑source software, ARM‑centric ecosystems, heightened information security, and autonomous‑controllable hardware—shaping the future of the information sector.

AIInformation Securityinformation industry

0 likes · 9 min read

Top Ten Technology Trends in the Information Industry for 2021

MaGe Linux Operations

Apr 4, 2021 · Information Security

Step‑by‑Step Analysis and Exploitation of a QQ Phishing Site

An in‑depth walkthrough demonstrates how to identify, analyze, and attack a QQ phishing website—revealing its URL, POST parameters, using Python to flood it with fake credentials, performing WHOIS, ping, nmap, and w3af scans, uncovering backend details, and discussing mitigation strategies.

Information SecurityNetwork ScanningPython

0 likes · 7 min read

Step‑by‑Step Analysis and Exploitation of a QQ Phishing Site

Tencent Cloud Developer

Mar 29, 2021 · Information Security

What Is Zero Trust? Benefits, Technologies, and Deployment Guide

This article explains the Zero Trust security model, its advantages over traditional perimeter defenses, core technologies such as SDP, IAM, and micro‑segmentation, implementation principles, essential components, real‑world deployment scenarios, future trends, and Tencent's practical contributions to the industry.

Enterprise ArchitectureIAMInformation Security

0 likes · 16 min read

What Is Zero Trust? Benefits, Technologies, and Deployment Guide

Top Architect

Mar 17, 2021 · Information Security

Case Study: Baidu Engineer Convicted for Unauthorized System Manipulation and Financial Fraud

A former Baidu advertising platform engineer illegally altered media‑review data using CURL commands and scripts, enabling 735 fraudulent sites to pass audits and generating over 3.7 million yuan in ad revenue, ultimately resulting in a conviction for destroying computer information systems.

BaiduInformation Securitycomputer crime

0 likes · 8 min read

Case Study: Baidu Engineer Convicted for Unauthorized System Manipulation and Financial Fraud

ITPUB

Mar 16, 2021 · Information Security

How a Baidu Engineer Bypassed Audits to Fraudulently Approve 735 Sites and Steal 3.7 M Yuan

A 1992‑born Baidu developer abused his system privileges, wrote scripts and used CURL commands to illegally approve hundreds of media sites—including gambling portals—through the company's ad‑network audit, resulting in a loss of 3.74 million yuan and a one‑year‑nine‑month prison sentence.

BaiduInformation Securityaudit bypass

0 likes · 10 min read

How a Baidu Engineer Bypassed Audits to Fraudulently Approve 735 Sites and Steal 3.7 M Yuan

Java Backend Technology

Mar 16, 2021 · Information Security

Inside the Fake WeChat App That Promotes Porn: Hidden Mechanics Unveiled

Security researchers dissect the counterfeit “Le Bao” app that mimics WeChat, revealing its covert QR‑code group‑joining, custom decoding, member‑paid porn livestreams, embedded payment methods, server infrastructure, and illicit profit models, highlighting its high concealment and the need for aggressive mitigation.

Information SecurityTraceabilitycybercrime

0 likes · 15 min read

Inside the Fake WeChat App That Promotes Porn: Hidden Mechanics Unveiled

ITPUB

Mar 12, 2021 · Information Security

How a Rookie SQL Mistake by a Former Facebook CTO Led to a $500K Gab Data Breach

A former Facebook engineer, newly hired as CTO of the social platform Gab, introduced a simple SQL injection vulnerability by removing critical reject and filter calls, allowing hackers to steal 70 GB of user data, demand a $500,000 Bitcoin ransom, and expose the company's lax security practices.

CTOGabGit commit

0 likes · 8 min read

How a Rookie SQL Mistake by a Former Facebook CTO Led to a $500K Gab Data Breach

Top Architect

Mar 9, 2021 · Information Security

Analysis of the ‘Le Bao’ Fraudulent Chat Application Used for Pornographic Promotion

This report provides a comprehensive technical analysis of the malicious "Le Bao" app that masquerades as a WeChat‑like chat tool, detailing its sample characteristics, hidden QR‑code group joining mechanism, payment flow, server‑side tracing, and profit model, highlighting its covert distribution of pornographic content and associated illicit activities.

Information SecurityThreat Intelligencemalware analysis

0 likes · 12 min read

Analysis of the ‘Le Bao’ Fraudulent Chat Application Used for Pornographic Promotion

58UXD

Mar 8, 2021 · Product Management

How Luffy Turns Excel Chaos into a Seamless Data Visualization Platform

This case study describes how the Luffy platform was built from scratch to replace cumbersome Excel workflows with a minimalist, component‑driven design that visualizes data securely, improves team collaboration, and accelerates product iteration for operations and product teams.

Component LibraryData visualizationFrontend Development

0 likes · 10 min read

How Luffy Turns Excel Chaos into a Seamless Data Visualization Platform

21CTO

Mar 3, 2021 · Information Security

9 Real-World Data Breaches Every Developer Should Learn From

This article reviews nine major data breach incidents—from Clearview AI to Yahoo—detailing their scope, compromised data types, and impact, and emphasizes the importance of robust security practices for developers to prevent such losses.

Information Securitycase studydata breach

0 likes · 10 min read

9 Real-World Data Breaches Every Developer Should Learn From

System Architect Go

Mar 1, 2021 · Information Security

Server-side Request Forgery (SSRF)

This article explains what server‑side request forgery (SSRF) is, describes its impact, common attack vectors such as targeting the server itself or internal services, outlines bypass techniques for blacklist and whitelist filters, and discusses blind SSRF detection using out‑of‑band methods.

Information SecuritySSRFout‑of‑band

0 likes · 12 min read

21CTO

Mar 1, 2021 · Information Security

How Chinese Hackers Targeted India's Power Grid Amid Border Tensions

Amid escalating China‑India border tensions, coordinated Chinese hacking groups launched cyber attacks on Indian critical infrastructure, compromising power generation and transmission systems, while retaliatory Indian state‑sponsored actors also deployed spear‑phishing campaigns against Chinese military and government entities.

APTChinaIndia

0 likes · 5 min read

How Chinese Hackers Targeted India's Power Grid Amid Border Tensions

DataFunSummit

Feb 25, 2021 · Information Security

Intelligent Risk Control at 58.com: Architecture, Challenges, and Unknown‑Risk Detection

This article introduces the business background and security challenges of 58.com, explains the three‑layer intelligent risk‑control architecture built on big‑data and AI, and details practical methods for perceiving and detecting unknown risks using techniques such as PU learning, Prophet, and HotSpot.

AIInformation Securityalgorithm

0 likes · 14 min read

Architects Research Society

Feb 24, 2021 · Information Security

Security Architecture Team: Roles, Skills, and Responsibilities

The security architecture team consists of security architects, information security architects, chief information security officers, and security analysts, each with distinct business and technical responsibilities, risk‑management and threat‑modeling skills, and a collaborative relationship with enterprise architecture to ensure secure, compliant solutions.

CISOInformation SecuritySecurity Architecture

0 likes · 11 min read

Security Architecture Team: Roles, Skills, and Responsibilities

Top Architect

Feb 24, 2021 · Information Security

The Mystery of the Password “ji32k7au4a83” and How to Create Strong Passwords

The article explains why the rare password “ji32k7au4a83” appears in breach data, traces its origin to the Chinese Zhuyin phonetic system, presents statistics on common passwords, and offers expert advice on crafting secure, long, and varied passwords.

Information SecurityZhuyindata breach

0 likes · 4 min read

The Mystery of the Password “ji32k7au4a83” and How to Create Strong Passwords

ITFLY8 Architecture Home

Feb 22, 2021 · Information Security

How Meituan-Dianping Secures User Data in the Big Data Era

In the era of big data, Meituan-Dianping implements a comprehensive security management system—including organizational safeguards, deep defense architecture, encryption, and data desensitization—to meet regulatory demands and protect billions of users' privacy and information security.

Data SecurityInformation SecurityMeituan

0 likes · 3 min read

How Meituan-Dianping Secures User Data in the Big Data Era

DevOps Cloud Academy

Feb 21, 2021 · Information Security

Docker Security Best Practices: Protecting Infrastructure, Images, and Access

This article outlines comprehensive Docker security best practices covering infrastructure hardening, image trust and scanning, and access/authentication controls to help organizations safeguard containerized applications in cloud‑native environments.

DockerInformation Securitybest-practices

0 likes · 8 min read

Docker Security Best Practices: Protecting Infrastructure, Images, and Access

21CTO

Feb 17, 2021 · Information Security

Why "123456" Still Tops the Worst Password List and How to Protect Yourself

The 2020 NordPass survey reveals that simple numeric passwords like "123456" remain the most common weak passwords, highlighting new risky entries and offering practical advice for creating stronger, more secure credentials.

Best PracticesInformation SecurityNordPass survey

0 likes · 4 min read

Why "123456" Still Tops the Worst Password List and How to Protect Yourself

Liangxu Linux

Feb 15, 2021 · Information Security

Why the Chinese Phonetic Password ‘ji32k7au4a83’ Shows Up 141 Times

The article examines how a seemingly random string ‘ji32k7au4a83’ appears 141 times in the Have I Been Pwned password database, explains its origin in the Chinese Zhuyin phonetic system, and offers practical guidelines for creating stronger passwords to avoid common security pitfalls.

Have I Been PwnedInformation SecurityZhuyin

0 likes · 5 min read

Why the Chinese Phonetic Password ‘ji32k7au4a83’ Shows Up 141 Times

php Courses

Feb 7, 2021 · Information Security

Scanning Files for Viruses with ClamAV and PHP on Linux

This guide explains how to configure ClamAV on Linux, run the clamdscan command to detect malicious files, and invoke the scanner from PHP using the exec function, including sample configuration and output details.

ClamAVInformation SecurityLinux

0 likes · 2 min read

Scanning Files for Viruses with ClamAV and PHP on Linux

Architecture Digest

Feb 5, 2021 · Information Security

Token-Based Authentication Architecture Using OAuth2 and JWT

The article explains the design and implementation of a token‑based authentication system for micro‑services, covering terminology, business background, OAuth2 password‑grant flow, JWT usage, security advantages, functional modules, technical choices, detailed authentication workflow, and API design.

Information SecurityJWTOAuth2

0 likes · 10 min read

Token-Based Authentication Architecture Using OAuth2 and JWT

macrozheng

Feb 2, 2021 · Information Security

How Malware Hides Its Mining Process on Linux and How to Uncover It

An infected Linux server shows high CPU usage but standard tools miss the culprit; this guide explains how mining malware hides its process via /proc tricks, demonstrates detection using network scans, unhide tools, and offers removal steps to eradicate the hidden miner.

Cryptocurrency MiningInformation SecurityLinux

0 likes · 8 min read

How Malware Hides Its Mining Process on Linux and How to Uncover It

Programmer DD

Jan 24, 2021 · Information Security

Why the Weird Password “ji32k7au4a83” Reveals Hidden Risks in Common Passwords

The article explains how a seemingly random password "ji32k7au4a83" appeared in millions of data breaches because it encodes the Chinese phrase "my password" in Zhuyin, highlights the prevalence of weak passwords like "123456", and offers practical advice for creating stronger, more secure passwords.

Have I Been PwnedInformation SecurityZhuyin

0 likes · 4 min read

Why the Weird Password “ji32k7au4a83” Reveals Hidden Risks in Common Passwords

Python Programming Learning Circle

Jan 21, 2021 · Information Security

The Mystery of Password “ji32k7au4a83” and How to Choose Secure Passwords

The article explains why the seemingly random password “ji32k7au4a83” appears in breach data, traces its origin to the Chinese Zhuyin phonetic system, and provides practical recommendations for creating strong, hard‑to‑guess passwords.

Chinese ZhuyinInformation Securitycommon passwords

0 likes · 4 min read

The Mystery of Password “ji32k7au4a83” and How to Choose Secure Passwords

Liangxu Linux

Jan 12, 2021 · Information Security

What Is a Bastion Host and How Does It Secure Operations?

This article explains the concept, purpose, design principles, functional modules, authentication methods, deployment options, and open‑source implementations of bastion hosts, highlighting how they centralize control, audit, and protect privileged access to servers and network devices.

AuthenticationBastion HostInformation Security

0 likes · 9 min read

What Is a Bastion Host and How Does It Secure Operations?

Programmer DD

Jan 8, 2021 · Information Security

When Deleting Data Becomes a Crime: DBA Sentenced to 7 Years

A former database administrator at Lianjia was convicted of deliberately deleting 9 TB of financial data, leading to a seven‑year prison sentence after forensic evidence linked his root‑access actions to the breach, highlighting the severe legal consequences of insider data sabotage.

Information Securitycomputer crimedata deletion

0 likes · 7 min read

When Deleting Data Becomes a Crime: DBA Sentenced to 7 Years

dbaplus Community

Jan 7, 2021 · Information Security

Understanding CC Attacks and Slow DDoS: Mechanisms, Tools, and Defenses

This article explains how CC (Challenge Collapsar) attacks and their slow‑request variants overwhelm web services, describes the underlying botnet concepts, shows practical attack commands with tools like slowhttptest, and outlines multiple mitigation strategies such as rate limiting, IP hiding, high‑protection IP services, and static page optimization.

CC AttackDDoSInformation Security

0 likes · 18 min read

Understanding CC Attacks and Slow DDoS: Mechanisms, Tools, and Defenses

21CTO

Jan 4, 2021 · Information Security

How to Secure Passwords with Salt in Java: MD5 Salting Explained

This article explains the concept of password salting, its security benefits, and provides a complete Java implementation using MD5, including salt generation, hashing with and without salt, storing salt within the hash, and verification procedures for registration and login.

HashingInformation SecurityJava

0 likes · 12 min read

How to Secure Passwords with Salt in Java: MD5 Salting Explained

Java Backend Technology

Jan 2, 2021 · Information Security

Why Your Personal Data Is Worthless: The Dark Reality of Big Data Privacy Leaks

The article exposes how the promise of big‑data convenience masks rampant privacy violations—from celebrity photo leaks and app data sales to weak legal penalties—illustrating that ordinary users’ personal information has become a cheap commodity with little protection.

Big DataChinaData Protection

0 likes · 6 min read

Why Your Personal Data Is Worthless: The Dark Reality of Big Data Privacy Leaks

21CTO

Jan 1, 2021 · Information Security

Did Hackers Peek into Microsoft’s Source Code? Insights from the SolarWinds Attack

A recent SolarWinds breach gave hackers read‑only access to Microsoft’s internal source‑code repositories, prompting the company to stress that no production systems or user data were compromised while highlighting broader security implications for the software industry.

Information SecurityMicrosoftSolarWinds

0 likes · 5 min read

Did Hackers Peek into Microsoft’s Source Code? Insights from the SolarWinds Attack

Programmer DD

Dec 30, 2020 · Information Security

When a Bonus Dispute Triggers a Massive Cloud Outage: The Real Cost of Deleting Code

A disgruntled programmer, denied a promised bonus, altered Huawei Cloud's OBS service code, causing a platform-wide crash, a court conviction for destroying a computer information system, and prompting a broader discussion on why developers repeatedly risk severe legal and professional consequences despite low penalties and harsh work conditions.

Information Securitycloud outagecode deletion

0 likes · 10 min read

When a Bonus Dispute Triggers a Massive Cloud Outage: The Real Cost of Deleting Code

DataFunTalk

Dec 27, 2020 · Information Security

Evolution of 58.com Risk Control Architecture: From Early Stages to Intelligent Auditing

This talk outlines 58.com’s risk control evolution, detailing the platform’s four development stages, the challenges of fraud, fake traffic, and content abuse, and how architecture, algorithms, and operational strategies have been refined to achieve high‑throughput, intelligent auditing.

AIBig DataInformation Security

0 likes · 12 min read

Evolution of 58.com Risk Control Architecture: From Early Stages to Intelligent Auditing

iQIYI Technical Product Team

Dec 25, 2020 · Information Security

iQiyi Security Incident Response Center Vulnerability Handling Policy (Version 3.0)

iQiyi Security Incident Response Center Vulnerability Handling Policy version 3.0 outlines scope, principles, reporting process, severity scoring, reward system, user levels, dispute resolution, and prohibitions, emphasizing dedicated handling, point-based rewards, and strict rules for disclosures and malicious activity.

Bug BountyInformation SecurityRisk Assessment

0 likes · 13 min read

iQiyi Security Incident Response Center Vulnerability Handling Policy (Version 3.0)

DataFunSummit

Dec 24, 2020 · Information Security

Evolution and Architecture of Risk Control at 58.com

This article outlines the development stages, architectural evolution, and practical challenges of 58.com’s risk‑control platform, describing how the system progressed from manual review to configurable automation, multi‑scene governance, and intelligent expert‑driven auditing to protect billions of daily transactions.

Information Securityfraud detectionplatform architecture

0 likes · 10 min read

Evolution and Architecture of Risk Control at 58.com

Full-Stack Internet Architecture

Dec 23, 2020 · Information Security

Comprehensive Summary of XSS (Cross‑Site Scripting) Attacks and Defenses

This article provides a comprehensive overview of Cross‑Site Scripting (XSS), covering its definition, impact, underlying mechanisms, classification, common injection vectors, defensive strategies, practical Q&A, and a curated list of reference resources for developers and security professionals.

Cross-site scriptingInformation SecurityXSS

0 likes · 16 min read

Comprehensive Summary of XSS (Cross‑Site Scripting) Attacks and Defenses

MaGe Linux Operations

Dec 17, 2020 · Information Security

Mastering Apache Ranger: Secure Hadoop Data Access with Real‑World Examples

This guide explains Apache Ranger’s role as a centralized security framework for Hadoop, detailing its core features, architecture, workflow, policy creation, auditing, field‑level masking, row‑level filtering, and how to automate policy management via its REST API and Java code.

Apache RangerBig DataData access control

0 likes · 13 min read

Mastering Apache Ranger: Secure Hadoop Data Access with Real‑World Examples

macrozheng

Dec 17, 2020 · Information Security

How Data Masking Protects Your Users: Techniques & Best Practices

Data masking, also known as data desensitization, transforms sensitive information such as phone numbers and ID numbers using static and dynamic methods—including truncation, randomization, replacement, encryption, and averaging—to prevent privacy breaches while preserving data utility for testing, analysis, and production environments.

Dynamic MaskingInformation Securitydata anonymization

0 likes · 9 min read

How Data Masking Protects Your Users: Techniques & Best Practices

DataFunSummit

Dec 16, 2020 · Artificial Intelligence

Federated Learning vs Secure Multi‑Party Computation: Concepts, Challenges, and Alibaba’s Solutions

This article explains the fundamentals of federated learning and secure multi‑party computation, compares their security and performance trade‑offs, discusses the differences between Google’s cross‑device FL and China’s cross‑silo FL, and presents Alibaba’s recent advances and practical solutions for privacy‑preserving collaborative modeling.

Information Securitycross-silodifferential privacy

0 likes · 18 min read

Federated Learning vs Secure Multi‑Party Computation: Concepts, Challenges, and Alibaba’s Solutions

ITPUB

Dec 15, 2020 · Information Security

How Dark‑Web Ransomware Hijacks MySQL Databases and Sells Them for $550

The article explains how ransomware gangs steal MySQL databases, automate ransom‑payment portals on the dark web, auction unsold data, and accept Bitcoin, revealing the scale of over 85,000 databases for sale at roughly $500‑$550 each.

Dark WebInformation SecurityMySQL

0 likes · 4 min read

How Dark‑Web Ransomware Hijacks MySQL Databases and Sells Them for $550

FunTester

Dec 12, 2020 · Operations

Why Redundancy Is the Key to Effective Disaster Recovery in IT Systems

The article explains that disaster recovery for information systems relies on redundancy across hardware, energy, and data, classifies natural, human, and technical disasters, defines critical metrics such as RTO and RPO, and outlines the technologies, architectures, and maturity levels needed to ensure business continuity.

Information SecurityRPORTO

0 likes · 29 min read

Why Redundancy Is the Key to Effective Disaster Recovery in IT Systems

JD Tech Talk

Dec 9, 2020 · Information Security

Understanding “Wool Party” Attacks: Interface and Business Layer Threats in Marketing Scenarios

This article explains how the so‑called “wool party” (羊毛党) operates in marketing environments, detailing common interface‑layer attacks, business‑layer (UI) attacks, the tools they use such as card‑issuing and SMS‑receiving platforms, and the defensive measures employed by intelligent risk‑control systems.

Information Securitybusiness layer attackinterface attack

0 likes · 7 min read

Understanding “Wool Party” Attacks: Interface and Business Layer Threats in Marketing Scenarios

Programmer DD

Dec 6, 2020 · Information Security

How Fraudsters Exploit Online Promotions: Real Cases and Lessons

This article explains the concept of "薅羊毛" (exploiting online promotions), presents several real police‑investigated cases—including massive membership recharges, coupon abuse, and game‑reward scams—and warns readers about the legal risks of using illegal methods to obtain freebies.

Information Securitycase studycybercrime

0 likes · 7 min read

How Fraudsters Exploit Online Promotions: Real Cases and Lessons

Architect's Tech Stack

Dec 5, 2020 · Information Security

Case Study: Micro-Alliance Database Deletion Incident and Its Legal Consequences

In February 2020, a core operations engineer at Micro-Alliance maliciously deleted the company's production databases, causing over ten billion yuan in market loss, massive user disruption, and a six‑year prison sentence, while highlighting broader industry risks and the need for stronger security controls.

Information Securitycybercrimedata breach

0 likes · 8 min read

Case Study: Micro-Alliance Database Deletion Incident and Its Legal Consequences

FunTester

Dec 4, 2020 · Information Security

Introduction to Cryptography: History, Significance, and Future Directions

This introductory text explores the evolution of cryptography from ancient symbols to modern quantum and DNA‑based codes, highlighting its pivotal role in politics, warfare, and society while emphasizing the need for universal understanding of encryption and decryption across all fields.

Information SecurityQuantum Cryptographycodebreaking

0 likes · 14 min read

Introduction to Cryptography: History, Significance, and Future Directions

JD Cloud Developers

Dec 3, 2020 · Information Security

Why Weak Passwords Still Prevail and How Modern Cryptography Secures Your Data

This article explores the prevalence of weak passwords, introduces fundamental concepts of cryptography, explains symmetric encryption algorithms and their key distribution challenges, and demonstrates the Diffie‑Hellman key‑exchange process with a concrete example and a Python implementation of primitive‑root calculation.

Diffie-HellmanInformation Securitycryptography

0 likes · 9 min read

Why Weak Passwords Still Prevail and How Modern Cryptography Secures Your Data

Programmer DD

Nov 26, 2020 · Information Security

What the 2020 Most Common Passwords Reveal About Your Online Security

A recent NordPass analysis of the 200 most common passwords in 2020 shows why simple strings like "123456" dominate, how millions of accounts are exposed, and offers practical advice on creating stronger, unique passwords to protect against breaches and phishing attacks.

Information SecurityNordPassPassword Management

0 likes · 6 min read

What the 2020 Most Common Passwords Reveal About Your Online Security

Efficient Ops

Nov 23, 2020 · Information Security

When Revenge Becomes a Crime: A Programmer’s OBS Sabotage Case

A Chinese programmer, angry over an unpaid bonus, altered Huawei Cloud OBS storage code, crippling a consumer platform for hours, leading to a conviction for destroying a computer information system and sparking a broader discussion on developer respect and security safeguards.

Information Securitycloud storagecode sabotage

0 likes · 7 min read

When Revenge Becomes a Crime: A Programmer’s OBS Sabotage Case