今日已更新 420 条资讯 | 累计 20392 条内容
关于我们

标签:#SEC

找到 682 篇相关文章

AI 资讯

Production RBAC patterns for Go and Node startups

A founder told me last year: "We need admin features shipped by Friday. Can we just hardcode the roles for now?" That was 7 months ago. They're still paying for that decision today. This article is the breakdown I wish I had given them before that Friday — the patterns that separate a quick MVP version of RBAC from one that won't bite you back in six months. If you're a startup CTO, technical founder, or senior engineer about to ship admin/dashboard features for the first time, this is for you. The 4 signs your RBAC is a time bomb I've reviewed this exact pattern in 5+ early-stage codebases. Every one of them eventually hit the wall. Look for these signs: 1. Roles hardcoded in the JWT { "sub" : "user_123" , "role" : "admin" } Simple. Until you need to: Add a new role → migration + token refresh strategy Give one user a temporary elevated permission → "we'll just reissue tokens" Audit who had admin last month → good luck 2. Permission checks scattered across 40+ controllers // In every single handler: if user . Role != "admin" { return c . Status ( 403 ) . JSON ( ... ) } By the time you have 30 endpoints, you've made the same mistake 30 times. Refactoring is a full sprint. 3. One admin superuser that can do everything Until a sales rep accidentally deletes a customer record because they were elevated to admin "just for that one task last week." 4. Zero audit trail When the data goes missing, your only investigative tool is git blame on the source code and a desperate grep through CloudWatch logs. If you've nodded at any of these — keep reading. The real problem: policies-as-code Most teams treat permissions like business logic. They live in source files, gated by if statements, deployed with the rest of the code. This is the original sin. Code changes need deploys. Permissions change daily. When marketing onboards a new role next quarter, when a customer success rep needs view-only access to billing, when legal asks "who could have read this customer's data on Tuesda

2026-06-17 原文 →
AI 资讯

A password and a PIN aren't multifactor: the Security+ authentication trap

If you have spent any time on SY0-701 practice questions, you have hit at least one that looks trivial and then quietly fails you. Authentication factor questions are a favorite for this. The scenario sounds secure, the answer feels obvious, and the obvious answer is wrong. Here is the version that catches people. A login asks for your password, then a PIN, then your mother's maiden name. Three prompts, three steps. Is that multifactor authentication? No. It is single-factor wearing a costume. Factors are categories, not steps The exam wants you thinking about authentication in terms of categories , not how many boxes you fill in. There are three classic factors: Something you know (knowledge): a password, a PIN, a security question, a passphrase. Something you have (possession): a phone running an authenticator app, a hardware token, a smart card, a code texted to a device you are holding. Something you are (inherence): a fingerprint, a face scan, an iris pattern, a voiceprint. Multifactor authentication means pulling from different categories. A password (know) plus a code from your authenticator app (have) is two factors. A password plus a PIN plus a security question is still one factor, because all three are things you know. Stacking more knowledge on top of knowledge never changes the category. That is the entire trick. The question piles on prompts so it feels layered, and the count baits you into answering "three things, must be multifactor." Read for the category, not the quantity. The two factors people forget SY0-701 also expects you to recognize two more that sit just outside the classic three: Somewhere you are (location): access is allowed or blocked based on geolocation or which network you are on. A login permitted only from inside the corporate IP range leans on this. Something you do (behavioral): how you type, your gait, the rhythm of your swipe. This is the fuzziest one, and the exam treats it as a real but supporting signal. You will not see the

2026-06-17 原文 →
AI 资讯

Intelligence Brief: The Disinformation Machine

The Disinformation Supply Chain: How Coordinated Influence Campaigns Are Built Before They Go Viral Article from Digital HUMINT Series, For better understanding read the full report Right now, somewhere on X/forum people are fighting about a post that feels real raw, emotional, perfectly worded to hit a nerve. It has the right language, the right anger, the right timing. It sounds like someone who thinks exactly the way you do, or exactly the way you hate. It wasn't written there. It wasn't written today. And the person who wrote it doesn't care about the issue at all. That post was created two or three days earlier, on a hidden forum or a private chat group, following a set of instructions that described who to target, what emotions to trigger, which platform to use, and how much the job pays. By the time you see it, the operation has already worked. You engaging with it for or against is the whole point. I've spent almost two decades watching these hidden spaces where online manipulation is planned. What I've learned isn't that fake content exists everyone knows that by now. What most people don't realize is that it works like a factory. There's a production line. There are workers, managers, and paychecks. And just like any factory, if you know where to look, you can see the product being assembled before it ever reaches the shelf. It Works Like Any Other Business We talk about "disinformation campaigns" as if they're political movements. Some are. But more and more, what you're actually looking at is a business with four steps, each handled by different people, often in different countries. Step 1 — Someone writes the plan. A person with a goal and a budget writes a document that says: push this story, target these kinds of people, make them feel this emotion, use this language, post it on these platforms. These plans used to appear on hidden internet forums. Many have moved to private Telegram groups, but the structure hasn't changed since I first saw it in 201

2026-06-17 原文 →
AI 资讯

Startup Security Guide & LLM CISO

An open-source security guide, compliance checklist, and LLM-based virtual CISO persona for startups -- with specialized coverage for foreign companies entering the Korean market. The Problem Startups are vulnerable. Limited resources, no dedicated CISO, and security always deferred to "later." But customer data and intellectual property accumulate from day one -- and legal obligations apply regardless of company size. Three incidents from Korea in the first half of 2026 demonstrate that one misconfiguration can cascade into existential damage: Tving Data Breach (2026.06): Mass exposure of CI (Connecting Information, Korea's digital identity key) and refund bank account numbers. Classified as a "major breach" by the Personal Information Protection Commission. The leaked CI enables cross-service identity correlation, multiplying the damage. (CTI-2026-0604-TVING) CU Convenience Store Delivery Hack (2026.06): A simple web vulnerability led to the exfiltration of CI, addresses, phone numbers, and 9+ other data fields. The leaked data was linked to illegal private investigator inquiries and secondary crimes. (CTI-2026-0604-CU_BREACH) FastCampus / DayOne Company GitHub Master Key Theft (2026.06): A single GitHub master key was exfiltrated, granting attackers 30 days of undetected access to internal systems. Over 700,000 user records were exposed. The company took approximately 30 days to detect the breach, and customer notification was delayed beyond 72 hours. (CTI-2026-0611-FASTCAMPUS_DAYONECOMPANY) The common thread: All three began with a single misconfiguration or a single overlooked vulnerability. None required sophisticated zero-days. The damage was inversely proportional to organizational maturity. What startups need is not a $100K security suite. It is knowing what to do first , and a system to check it regularly . The Core Hypothesis An LLM can serve as a startup's first CISO. As of mid-2026, Claude 4, GPT-4o, and DeepSeek V3 -- alongside locally-run models via O

2026-06-17 原文 →
AI 资讯

Headless Browser Detection in 2026: What Still Trips Up Playwright

Playwright is the best browser automation library in 2026. It's also the most fingerprinted, the most detected, and the most patched in anti-bot databases. If you're running default Playwright against any platform with serious anti-bot defenses, you're getting flagged. We learned what's left of the cat-and-mouse game the hard way building HelperX . This article is what still trips up Playwright today — beyond the well-known navigator.webdriver flag, which everyone fixes in week one. The detection surface has shifted dramatically since 2022. The classic tells (PhantomJS, missing plugins, undefined chrome object) are largely solved. The new battleground is more subtle: CDP protocol artifacts, behavioral inconsistencies, and side-effects of the Playwright runtime that aren't part of the public API. What stopped working in 2024-2025 Detection on the platforms we monitor has gotten dramatically better in the last 18 months. A few things that worked in 2023 and stopped working since: Generic navigator.webdriver = undefined patches — detectable via Object.getOwnPropertyDescriptor if you do it naively Patching Notification.permission — modern detection cross-references with Permissions.query() Faking window.chrome — the property structure changed; old fakes are missing newer subkeys Setting a single User-Agent profile — detection now expects Client Hints to match Empty navigator.languages — flagged as suspicious; needs at least 2 entries These were all "set it once, ship it" fixes. The current generation of detection requires ongoing engineering. CDP artifacts: the deepest tell The Chrome DevTools Protocol (CDP) is how Playwright controls the browser. The browser exposes signals that it's being controlled, and modern detection looks for them specifically. Symptom: Runtime.evaluate artifacts When you run await page.evaluate(() => ...) , Playwright uses Runtime.evaluate under the hood. The evaluated script runs in a special isolated world. If the page can detect that an isola

2026-06-17 原文 →
AI 资讯

Vibe citing: how KPMG used AI to write a report about AI and AI made them look like fools

vibe citing: how KPMG used AI to write a report about AI and AI made them look like fools by t474-r0b07 There are companies that charge you to tell you how to use AI responsibly. KPMG is one of them. 250,000 employees. 138 countries. Decades advising governments and corporations on how to avoid costly mistakes. In October 2025 they published a report titled "Total Experience: Redefining Excellence in the Age of Agentic AI" . They wrote it with AI. The AI invented 88% of the sources. Nobody verified anything. They published it anyway. // what is "agentic AI" — because the title matters An agentic AI is not a chatbot. Not the assistant that answers your questions. It's a system that makes decisions and executes actions on its own, without a human approving each step. You give it an objective and it acts, corrects, moves forward. It's the product everyone in the tech sector was selling in 2025. KPMG was selling it too. That's why they needed a report proving their clients were already using it. Spoiler: they weren't. And the report invented it anyway. // the forensic analysis GPTZero — a company specialized in detecting AI-generated content — ran a full audit on the report. First: what is an AI hallucination, because the term is going to come up a lot. When a language model doesn't have the information you ask for, it doesn't say "I don't know." It generates a response that sounds correct. It invents with the same confidence it would use if it actually knew the truth. Perfect format. False content. No warning. That's a hallucination. Now the numbers from the KPMG report: TOTAL CITATIONS: 45 REAL CITATIONS: 5 INVENTED CITATIONS: 40 ACCURACY RATE: 11.1% 40 of 45 citations have invented titles, authors that don't exist, or sources that don't say what KPMG claimed they said. Half of the factual claims in the report are false or misattributed. A firm that charges for intellectual rigor published a document with 11% accuracy. // the organizations that read the report and sai

2026-06-17 原文 →
AI 资讯

I stopped trusting curl | sh — so I built a tool that reads the script first

Every developer has done it. You hit a README, you see the install command: curl -fsSL https://example.com/install.sh | sh And you run it. Maybe you skim the script first. Maybe you don't. But you run it. I've been doing this for years. And each time, a small voice in the back of my head says: you have no idea what that script actually does. You just piped a stranger's code straight into your shell. Eventually I got tired of ignoring that voice. What the pattern actually is curl | sh is not a bad pattern — it's a fast, convenient pattern with a real trust gap. The script runs with your permissions, in your shell, right now. It can: Install something with sudo Delete files with rm -rf Write to your disk with dd Access your SSH keys or .env files Set up a cron job or a systemd service that runs again next reboot Decode and run a payload with base64 | eval Most install scripts do none of these things maliciously. But many do several of them legitimately — and you wouldn't know which ones until something went wrong. --- ## What I built instead I'm a solo founder based in Ouagadougou, Burkina Faso. I build with heavy AI pairing — I'm not a trained engineer, I work with Claude, review the output, and ship. This tool ( peek ) was AI-paired and reviewed by me before release. peek is a ~130-line POSIX shell script that sits in front of the pattern: # Instead of: curl -fsSL https://example.com/install.sh | sh # Do: peek https://example.com/install.sh Before anything runs, peek: Fetches the script Scans it for risky patterns Prints a risk score and the exact dangerous lines Asks you to confirm — and refuses to auto-run a HIGH-RISK script unless you type RUN You can also pipe into it, or run it in analysis-only mode: curl -fsSL https://example.com/install.sh | peek # analyze from a pipe peek --print ./downloaded.sh # never runs, analysis only What it flags (and what it doesn't) The patterns peek checks: Root escalation — sudo , running as root Destructive file ops — rm -rf , fi

2026-06-17 原文 →
AI 资讯

15 perguntas de segurança para quem está praticando vibe coding

Outro dia, vi nos stories do Instagram uma amiga pesquisadora contando que estava usando o Claude para ressuscitar uma plataforma criada anos antes por parceiros. Ela não é da área de desenvolvimento de software. O projeto estava praticamente parado. Não havia mais recurso para manter tudo como estava. Com a ajuda da IA generativa, ela conseguiu migrar serviços, reduzir custo, melhorar performance, redesenhar partes da experiência e voltar a implementar coisas que estavam no backlog havia muito tempo. Achei aquilo inspirador! Mas também um pouco assustador. Não por ela estar usando IA generativa. Pelo contrário: acho fascinante que pessoas que não programam profissionalmente estejam conseguindo recuperar autonomia sobre projetos que antes ficavam dependentes de verba, disponibilidade de terceiros ou uma fila infinita de prioridades. O ponto que me acendeu uma luz amarela foi outro: em certo momento da conversa ela comentou que o projeto tinha dados de usuários e pagamentos via Stripe . Antes de seguir, uma ressalva: eu não gosto muito do termo "vibe coding" . Vou usar o termo aqui porque ele pegou, e porque todo mundo entende mais ou menos o que ele quer dizer: criar software com muita ajuda de IA generativa, muitas vezes sem dominar profundamente a linguagem, o framework ou a arquitetura por trás do projeto. Mas o termo me incomoda porque parece diminuir a responsabilidade envolvida. Se você está criando código, alterando código e colocando esse código no ar, você é sim uma pessoa desenvolvedora. Talvez iniciante. Talvez insegura. Talvez dependente demais da IA generativa. Talvez uma pessoa desenvolvedora ruim ou medíocre, como todos nós somos em algum recorte. Mas é. E isso traz responsabilidades. Vibe coding em uma página pessoal é uma coisa. Vibe coding em um sistema com login, dados pessoais, áreas administrativas, arquivos, integrações externas ou pagamento é outra. E aqui existe uma tensão interessante. Eu trabalho com desenvolvimento de software há bastante

2026-06-17 原文 →
AI 资讯

Is AI Making Us More Vulnerable? The Growing Threat of Cyberattacks in the AI Era

Something feels different about security incidents lately. Breaches, leaks, account takeovers, phishing campaigns they're not new. But their frequency, sophistication, and scale seem to be growing at a pace that feels genuinely alarming. Instagram accounts hacked overnight. Corporate systems compromised in hours. Phishing emails that sound disturbingly human. As someone studying AI & Big Data, I can't help but ask: is AI responsible for this? And if so, how? I think the honest answer is: yes but in two very different ways. The two faces of AI in cybersecurity When we talk about AI and cyberattacks, most people imagine one scenario: hackers using AI to attack systems faster and smarter. That's real. But it's only half the picture. The other half is something we talk about far less: the vulnerabilities that come from integrating AI into systems in the first place. These are two very different problems. And conflating them leads to the wrong solutions. Problem 1: AI is expanding the attack surface Every time a platform integrates an AI feature, they're adding something new to their infrastructure. And new infrastructure means new potential vulnerabilities. AI systems require: Massive data pipelines more data flowing through more systems APIs connecting multiple services more endpoints that can be exploited Third-party models and tools more external dependencies, more trust relationships Real-time processing less time to detect anomalies before damage is done Many organizations are integrating AI features faster than their security teams can audit them. And the consequences are already visible. In June 2026 , hackers reportedly manipulated AI-powered support systems to gain unauthorized access to Instagram accounts. The attack didn't target traditional software vulnerabilities it targeted the AI system itself , exploiting the automated account recovery flow that Meta had built with AI. This is the new reality: attackers are no longer just targeting your code. They're ta

2026-06-17 原文 →
AI 资讯

I pointed capgate at Damn Vulnerable MCP. Here's what it caught — and what it couldn't.

A capability-compiler meets ten deliberately-broken MCP servers. The honest scorecard: it cleanly stops one class, shrinks the blast radius on several, and is useless against another. Knowing which is which is the whole point. Disclosure: I'm the author of capgate , the Apache-2.0 sandbox compiler this post puts to the test. The DVMCP project and the other tools mentioned aren't mine; the manifests and compiled output are reproducible from the repo . The setup Damn Vulnerable MCP (DVMCP) is a teaching project: ten MCP servers, each built to demonstrate one attack — prompt injection, tool poisoning, excessive permission scope, token theft, command injection, and so on. It's the closest thing the ecosystem has to a shared adversarial fixture. capgate is a compile-time tool. You write a manifest declaring what an MCP server is allowed to do — fs:read:/workspace/** , net:connect:api.github.com:443 , nothing else — and it compiles that to a concrete sandbox policy ( docker run flags, bwrap argv, or an egress-proxy config). It does not run anything, watch traffic, or inspect the server's code. It turns a declared capability set into an enforced boundary. So this is a fair, falsifiable test: for each DVMCP challenge, I wrote the honest minimum manifest, compiled it, and asked one question — does the boundary capgate emits actually stop the attack? The answer is not "yes" across the board, and the cases where it's "no" are the interesting ones. The bullseye: Challenge 3 — Excessive Permission Scope The vulnerable tool advertises "read a file from the public directory" and then does this: @mcp.tool () def read_file ( filename : str ) -> str : # VULNERABILITY: doesn't restrict file access to the public directory if os . path . exists ( filename ): # any absolute path works with open ( filename , " r " ) as f : return f . read () The private directory next door holds employee_salaries.txt , acquisition_plans.txt , and system_credentials.txt (a live DB password and cloud API ke

2026-06-17 原文 →
开发者

How we became the first Indian hosting company to deploy Cloudflare Magic Transit

I run a hosting company. I'm also a BCA student. These two things coexist somehow. GigaNodes started in 2022 as a game server hosting brand — Minecraft, FiveM, ARK, the usual. Over time it grew into a proper VPS and dedicated server operation under GigaNode Technologies Private Limited, with AMD EPYC 7C13 hardware co-located at Yotta DC Noida. Earlier this year we did something I haven't seen any other Indian hosting provider do: we deployed Cloudflare Magic Transit across our entire network. What that actually means Magic Transit is not Cloudflare CDN. It is not a proxy. It is Cloudflare's enterprise network product where your IP prefixes get announced via BGP into Cloudflare's global backbone. All traffic destined for your servers enters Cloudflare's network first, gets scrubbed for attack traffic, and clean packets get forwarded to your data center via GRE tunnel. To deploy it, your infrastructure partner needs to have BGP-level integration with Cloudflare. Individual companies can't just sign up for it. We made it work through our partnership with Advika Datacenters Private Limited (AS135682) at Yotta DC Noida. The result: DDoS traffic never reaches our hardware. Our servers don't see the attack at all. Why no other Indian provider had done this Most Indian hosting providers use blackholing. When an attack comes in, they null-route your IP. Server goes offline. Attack stops eventually. Server comes back. That is the standard. That is what "DDoS protection included" usually means in India. The difference with Magic Transit is that legitimate traffic keeps flowing while attack traffic gets dropped. Your server stays online. Players stay connected. Trades don't get interrupted. We found out pretty quickly this actually works. We took a 1.7 Tbps attack after deployment. The servers didn't notice. A 1.7 Tbps volumetric attack hit our network in May 2026. Cloudflare absorbed it at the edge. No downtime. No support tickets from customers. We found out from the Cloudfla

2026-06-16 原文 →
AI 资讯

Discovering PII Inside InterSystems IRIS

Data privacy regulations such as GDPR, LGPD, and HIPAA demand that organizations know exactly where Personally Identifiable Information (PII) lives inside their databases. Yet in practice, most teams rely on manual inventories, tribal knowledge, or external scanning tools that require data to leave the database engine — a process that itself creates privacy and security risks. This article presents an MVP that takes a different approach: it runs PII detection inside InterSystems IRIS using Embedded Python, analyzing data where it lives and never exporting it to an external process. The result is a lightweight, non-intrusive utility that scans your tables, identifies PII using AI, and produces a structured CSV report — all without data ever leaving the IRIS process. The Problem: PII You Don't Know You Have Organizations today face a painful blind spot. A typical IRIS instance may contain hundreds of tables across dozens of schemas, some holding decades of accumulated data. Columns named ContactInfo , Notes , or Description might silently contain social security numbers, email addresses, or government IDs — sometimes intentionally, sometimes as a side effect of free-text fields that capture whatever users type in. Traditional approaches to PII discovery share a common flaw: they require data extraction. You export samples, send them to an external service, or pipe them through a standalone tool. Every step in that pipeline is an additional attack surface and a potential compliance violation. The principle of data sovereignty — keeping data within its jurisdiction and under controlled access — suggests a better path: bring the analysis to the data, not the data to the analysis. This is not just a technical preference; it is a governance requirement: GDPR (EU) — Article 28 requires that any processing of personal data by a third-party processor be governed by a binding contract covering subject-matter, duration, purpose, data types, and obligations [ Art. 28 GDPR ]. Art

2026-06-16 原文 →
AI 资讯

What Is Shadow AI, and Why It's a Real Security Problem

Shadow AI is the unapproved use of AI tools at work. Here is what it actually is, why it creates security and compliance exposure, and how Bifrost Edge brings it under control at the endpoint. Somewhere in your company right now, someone is pasting a customer list into a personal ChatGPT account to clean up an email. A developer has a coding agent pointed at a repo that still has live credentials in it. Someone in marketing wired up an MCP server they found over the weekend so their assistant can pull from a CRM. None of it shows up anywhere the security team can see. That is shadow AI: people using AI tools for work faster than anyone can govern them. It is rarely reckless. The tools are genuinely useful, they are one click away, and most people have no real sense of what happens to the text they paste into them. The scale is what tends to surprise teams. A 2025 UpGuard report found that more than 80% of workers use unapproved AI tools , security professionals included, and that half use them regularly. This is not a fringe behavior at the edges of the org. It is most people, most days. What counts as shadow AI Shadow AI is any AI tool used for work without security review or central oversight. It is the AI version of shadow IT, except it moved faster and the data leaving the building is often more sensitive. It usually shows up in four shapes: Consumer chat apps used with work data: ChatGPT, Claude, and the rest, on personal accounts. AI inside the browser, where a prompt box is one tab away at all times. Coding agents in the terminal and IDE, which can read source, run commands, and touch infrastructure. MCP servers, the external tools an AI app connects to so it can read files, call APIs, and take actions. The first two leak data outward. The last two are more interesting, because they let an AI tool do things, often with whatever access the employee already has. Why it is an actual security problem, not just a policy headache The risk is not that AI is dangerou

2026-06-16 原文 →