Cybersecurity Newsletters

Cybersecurity Newsletters

(No. 114)

Wednesday, December 13, 2017

Today's highlights. Bitcoin and other cryptocurrencies will be the main target of hackers; Vietnamese hackers break into computer systems at Perth Airport in Australia; Mobile wallpaper can read your address book and browsers may record you at any time; New concept-based app that can still track users with GPS turned off; Security Awareness #walkingcloudtech salon recommendation: how to stop your website from being hacked?



Freebuf] Even if GPS is turned off, mobile apps can still track users

Recently, researchers at Princeton University have developed a new concept-based app that can record a user's whereabouts without accessing GPS permissions, even if the user has made sure to turn off the phone's GPS function.

Reference link:


[E Security] How good are Vietnamese hackers? Single-handedly taking over Perth Airport

A 31-year-old Vietnamese hacker, named Le Duc Hoang Hai, is accused of successfully hacking into the computer system of Perth Airport in Australia in March 2016 using the credentials of a third-party contractor and successfully stealing sensitive information related to security details and building planning and design.

Reference link:


[Netflix] The wallpaper of your phone can read your address book The browser may record you at any time

Back in 2014, CCTV's Weekly Quality Report exposed a large number of Android mobile apps that required open access to contacts, geolocation and other permissions during installation, thus seriously threatening users' privacy and security. Some industry insiders analyzed that behind this phenomenon is the formation of a chain of interests in the sale of privacy information, unscrupulous mobile phone application manufacturers obtain users' privacy information through mobile phone permissions and then resell it, thus earning a substantial gray income.

Reference link:

Security Awareness #WalkingCloud Technology Salon Recommendations

How to stop your website from being hacked?

1、Clear and validate user parameters: By clearing and validating user parameters before submitting them to the database, the possibility of SQL injection attacks can be reduced

2. Use a firewall: If the attack is a simple DOS, you can use a firewall to remove traffic from the suspicious IP address

3. Encrypted cookies: Cookie or session poisoning can be prevented by encrypting the contents of the cookie, associating the cookie with the client's IP address and timing out the cookie after a period of time

4. Validate and verify user input: This method prevents form duplication by validating and verifying user input before it is processed

5, header validation and removal: this technique is useful for cross-site scripting or XSS, this technique includes validation and elimination of headers, parameters passed through the url, form parameters and hidden values to reduce XSS attacks

1、Weining Health dynamic review industry boom to improve the companys performance accelerated growth
2、Brupsuite crawls nonHTTP traffic
3、Artificial intelligence is coming after car models lose their jobs and become car wash girls
4、Tesla autopilot death highway autopilot crashes into 6 stone piers in a row owner is chilled
5、Panlu Health and Wellness Program Introduction

    已推荐到看一看 和朋友分享想法
    最多200字,当前共 发送