CyberSecThreat NextGen ITAD Service
| | | | | |

IT 資產處置(ITAD):安全資料銷毀的完整指南

IT 資產處置(ITAD)是處理 IT 設備退役、回收或重新利用過程中不可或缺的步驟,旨在確保機敏資料在處置過程中得到妥善銷毀,防止未經授權的存取或資料洩漏。本文提供 ITAD 的高層次概述,涵蓋定義、資料銷毀方法、全球標準,以及安全和合規的 IT 資產管理中需考慮的關鍵因素。

SSL Secured
| |

Ingest logs into Splunk using TLS

In today’s digital world, organizations are generating massive amounts of log data that contain valuable insights into their systems, applications, and networks. Splunk is a popular platform that helps organizations analyze and visualize this log data to gain insights and improve their operations. Today we are going to discuss ingesting syslog from FireEye HX Cloud…

CVE-2021-45040 webshell
| | | | | |

CVE-2021-45040

A vulnerability (CVE-2021-45040) was reported in Spatie’s Media Library Pro, a Laravel add-on, allowing remote attackers to upload executable files. This happened because the ‘Temporary Upload’ function lacked authentication by default. Other issues include a lack of file name length protection and rate-limiting. Potential solutions include limiting executable file uploads, extending the TemporaryUpload model, and implementing rate limiting. The Laravel Media Library Pro team has since released fixes to address reported issues.