News stories from Wednesday 24 May, 2017

Favicon for 詹姆斯•孟-51CTO技术博客 17:18 终于攒够了60PDU » Post from 詹姆斯•孟-51CTO技术博客 Visit off-site link
在PMP证书到期之前终于攒够了60PDU,收到了PMI符合正常renew的邮件如下,   From: Project Management Institute Sent: Wednesday, September 14, 2011 11:37 AM To: XXXXXXXX Subject: You are eligib..【继续阅读全文
Favicon for 詹姆斯•孟-51CTO技术博客 17:18 通过CISA的一些经验分享(原文写于09年) » Post from 詹姆斯•孟-51CTO技术博客 Visit off-site link
今天一个朋友问我一些CISA的考试信息,我翻了一下原来的文档,这里也share给大家,原文写于2009年。 ---------------------------------------------------------------------------------------------------- ..【继续阅读全文
Favicon for 詹姆斯•孟-51CTO技术博客 17:18 Mac Book Air 从雪豹升级到狮子 » Post from 詹姆斯•孟-51CTO技术博客 Visit off-site link
一同事7月初购入一台MBA,月底Lion发布,可以免费升级,不过免费是有期限的,尝试多次在美国网站注册皆失败。 昨日和同事一起研究了一下,有些收获,总结如下。 1.现在大陆信用卡无法注册USA的app store ID,故..【继续阅读全文
Favicon for 詹姆斯•孟-51CTO技术博客 17:18 用Lion 自带图片装饰Windows 7 » Post from 詹姆斯•孟-51CTO技术博客 Visit off-site link
今天一个兄弟找我要Lion的默认图片,可能是我的Win7用了Lion的图片后还比较cool,呵呵。   默认的Lion图片在那里呢? MAC OS操作如下 Command+F 调出 Find Command+Shift+G 调出Go to folder: ..【继续阅读全文
Favicon for 詹姆斯•孟-51CTO技术博客 17:18 一次购买Mac book air引发的思考 » Post from 詹姆斯•孟-51CTO技术博客 Visit off-site link
最近采购了一台最新的Mac Book Air,通过比较大陆和HK两地价格引发了一些小思考。   7月下旬Apple正式发布了最新的MBA,大陆和香港价格第一时间就放了出来,都是9998,考虑到HK$已经贬值,通过汇率计算 ..【继续阅读全文
Favicon for 詹姆斯•孟-51CTO技术博客 17:18 姗姗来迟的SPC 2 » Post from 詹姆斯•孟-51CTO技术博客 Visit off-site link
Symantec最近刚刚发布了SPC 2.0,和大家交流一下我对该产品的一些了解   SPC背景: 轻量级日志收集系统,支持的Symantec产品线如下,   费用: SPC对已经购买了SEP 12.1的用户免费,通过序列号..【继续阅读全文
Favicon for 詹姆斯•孟-51CTO技术博客 17:18 对倒卖公民信息案有感 » Post from 詹姆斯•孟-51CTO技术博客 Visit off-site link
           今天浏览新浪,又见一起倒卖信息案宣判,这次国内提供移动服务的三大运营商全部有人卷入该案。归根到底是当前国内的违法成本太低,并没有对服务提供商..【继续阅读全文
Favicon for 信息安全播客 05:33 凭据填充威胁加剧密码重用 » Post from 信息安全播客 Visit off-site link
Favicon for 信息安全播客 05:33 Credential-Stuffing Threat Intensifies Amid Password Reuse » Post from 信息安全播客 Visit off-site link

Credential-Stuffing Threat Intensifies Amid Password ReuseEmployees who reuse logins on multiple websites drive the impact of third-party breaches as hackers use credential stuffing to compromise more accounts. Password reuse poses a tremendous security risk as attackers increasingly employ leaked credentials to search for other accounts to compromise via reused passwords.
There’s no shortage of leaked credentials for attackers to employ. Nearly all (97%) of the world’s 1,000 largest companies have had corporate credentials exposed, Digital Shadows reports in its newly published research on account takeover attacks and mitigation.
Hackers are using this information in six main ways: for building botnets, post-breach extortion, credential harvesting, spearphishing, account takeover, and credential stuffing. This research specifically dives into account takeover, which is increasing with credential-stuffing tools.
Credential stuffing is the process of using automated systems to brute-force a website with login information stolen from another site, hoping it will match with an existing account. It’s easy for attackers to automate account takeover by identifying where users employ the same credentials on multiple sites, and spreading their attack to more accounts.
“Barriers to entry have gotten lower and lower,” says Michael Marriott, research analyst at Digital Shadows, of account takeover attacks. Threat actors don’t need advanced expertise to infiltrate accounts, and they’re realizing users’ poor security habits will drive their success. With an “obscene amount” of data available online, they’re likely to find a match, he says.
Many credentials are publicly available; cost varies depending on their age. For example, Digital Shadows reports the LinkedIn database cost $2,280 in April 2016:  now, you can buy it for a mere $4. One of the most thorough packages costs $2,999 for a total of 3,825,302,948 credentials collected from 1,074 databases.
Attackers use a few different tools to launch credential stuffing attacks, but the main ones are SentryMBA, Vertex Cracker, and Account Hitman. Marriott says the most popular is SentryMBA, which is free and designed to bypass the CAPTCHA controls implemented to stop automated logins.
“There are different motivations, but making money is an obvious one,” says Marriott of what’s driving these attacks. “People also use account takeover to find out more information about users. If you want to tailor an attack more, you can log on to different accounts.”
Technically skilled people can make money by selling a website’s configuration files, which maps out the specific parts of a site so credential-stuffing software knows where to attempt logins. Those who don’t have the tech-savvy to create these files can buy them on forums, marketplaces, and social media.
Credential stuffing affects businesses of all sizes and industries across the board. Gaming and technology businesses were most frequently targeted, but attackers also went after gift card companies, hotels, pizza shops, and online retailers. The most vulnerable websites are those with an employee or customer login page, which are open to account takeover attempts.
Multi-factor authentication is one means of fighting account takeover attacks; however, Marriott warns against using this as a “silver bullet” to get full protection.
“If [businesses] don’t have multi-factor authentication, it’s not because they haven’t thought about it,” he explains. Oftentimes companies decide against it because it leads to loss of customers; in some cases, like with SMS authentication, it may not even be that effective.

c5ad2c838a8312aa7a4c9159c3af497f.jpg

信息安全及保密知识在线
There are other ways to detect and protect against account takeover attempts. Marriott recommends companies check Have I been pwned for signs of email compromise, and use Google Alerts to check for mentions of company and brand names across cracking forums. This will give you a heads-up if someone is discussing a potential attack on your business.
He also advises organizations to learn more about credential-stuffing tools and inform staff and consumers of the dangers of reusing passwords and corporate email addresses for personal accounts.
Related Content
9 Ways Organizations Sabotage Their Own Security: Lessons from the Verizon DBIR
密码多长最合适?专家建议12位,仅长度并不够,如果使用身份证号码或手机号码,可能会方便了攻击者,所以复杂度也一定得考虑,要记住即复杂又长的密码,需要来一些技巧。
With Billions Spent on Cybersecurity, Why Are Problems Getting Worse?
Staying a Step Ahead of Internet Attacks
并非所有的网站都是安全的,所以要确保您进行软件下载的来源网站是合法的可信的。

猜您喜欢

互联网消费金融需求旺盛 小额贷款或迎来春天
广告软件与免费的防病毒软件
网络安全法实施宣传
一位基层军人拍下的南沙
ANUNICO PRAHASKOLAK
三招建立安全意识文化
Favicon for 信息安全播客 02:10 58% off RAVPower Portable Multi-Functional Power Bank with 9000mAh Built-in Apple Lightning Connector and AC Plug – Deal Alert » Post from 信息安全播客 Visit off-site link

The RAVPower Savior 9000mAh portable charger has both a built built-in Apple Lightning Connector and a foldable two prong wall plug so you don’t need to bring an extra cable to charge your Apple Device.  The additional USB output is 1A & Lightning output is 2.4A – this means you can have incredible charging speeds up to 3.4A 
This unit currently receives 4.5 out of 5 stars on Amazon (read reviews). It is currently discounted by 58% from it listed price of $99.99.  Check out the buying options to purchase this now for $41.99 on Amazon
 
This story, “58% off RAVPower Portable Multi-Functional Power Bank with 9000mAh Built-in Apple Lightning Connector and AC Plug – Deal Alert” was originally published by
TechConnect.
To comment on this article and other PCWorld content, visit our Facebook page or our Twitter feed.
At a Glance
Cyber Security Law 网络安全法宣传视频系列001
RAVPower Multi-Functional 9000mAh PowerBank with Built-in Apple Lightning Connector and AC Plug
$41.99
MSRP $99.99
View
on Amazon
Related:
Computer Accessories
Back to School
Consumer Electronics
Gadgets
Tablet Accessories
多家集团遭受网络诽谤,对他人不礼貌的言语都会让双方心情不快,网络诽谤更会让双方两败俱伤,不管事实真假。
Phone Accessories
Mobile

Our DealPost commerce team presents the best deals on products and services from online retailers and our partners.
Follow
多个国家级网站被黑,基本的安全控制技术如防火墙、安全漏洞扫描等等受到质疑,何不聘请“有道德黑客”即通过认证的安全专家进行渗透测试?

猜您喜欢

严望佳:建立健全移动支付信息安全协同监管体系
保密意识教育
网络安全法宣传片 002 国家网络安全的现状与重要性概述
马思纯花中露脸眼神深邃 宠辱不惊人比花娇
SORUMFACTORY SAMEDAYCASKETS
电子教学课件设计制作

News stories from Tuesday 23 May, 2017

Favicon for 信息安全播客 23:02 » Post from 信息安全播客 Visit off-site link

European network and infosec agency ENISA has taken a look at Internet of Things security, and doesn’t much like what it sees.
So it’s mulling a vendor’s nightmare that the US and UK dared not approach: security regulation – at least the minimal regulation of testing and certification.
In a position paper published Monday, the group says there is “no level zero defined for the security and privacy of connected and smart devices,” no legal guidelines for IoT device and service trust, and no “precautionary requirements in place.”
In other words, to readers familiar with the woe The Register has chronicled over the years, it’s an Internet of St.
Three vendors, Infineon, NXP, and STMicroelectronics, developed the position paper for ENISA, which it announced here (full PDF here).
The paper reckons IoT security needs bottom-to-top baseline requirements, from simple devices all the way up to complete systems (it cites connected cars and factories as examples of the latter).
中天金融(000540)融资融券信息(05-22)
Proposals in the paper include European Baseline Requirements for Security and Privacy (currently under development by the The Alliance for the Internet of Things Innovation, AIOTI), and the introduction of an EU “Trust Label” for IoT devices.
Also on the top-priority list:
Standards and certifications – as well as the baseline, this includes interop testing, mandatory reference levels for trusted IoT solutions, the scalability of security controls and more;
信息安全涉及到企业安全甚至于国家安全,除了商业利益方面的原因,也有政治和军事上的原因。解决此类问题,技术手段只是其一,信息安全意识的教育培训或许更重要。
Security processes and services need to be evaluated and “adapted to IoT”.
In 2016, Dutch MP Kees Verhoeven called for EU regulation, an idea briefly pursued but abandoned by America’s Federal Trade Commission earlier this year, and passed over by the UK’s Ofcom in 2015. ®

598e0f7e9952168af38b37603a8f6e8e.jpg

云计算将严重压制传统软硬件销售,客户需要简单化,而云就是交付软件服务最简单的方式,从GFI从云端向所有应用客户推送安全补丁的趋势来看,内部网络中的很多管理系统搬到互联网就成了云计算了,安全管理系统放到互联网就成了云安全了。

猜您喜欢

失效居民身份证信息系统试运行 保障个人信息安全
防范一般黑客只需简单几招
Security-Frontline-安全前线
堪称独一无二的建筑 世界第三大圣地
BULANGANDSONS CHEATENGINE
勿让网络安全人才培养走“中国足球”的老路
Favicon for 信息安全播客 22:46 Apples updated Android Switch campaign explains why people move to iPhone » Post from 信息安全播客 Visit off-site link

当禁止浪费之风刮向网络安全行业

所有的数据应该有一个“所有者”,一般来讲,应该赋予业务单元和职能单元相应的所有权,有了“所有权”,才能让“所有者”担负起管理的职责。

infosec-video-elearning-5f835b8ae4e7b51c

为了获得更好的安全宣贯效果,我们开发了信息安全宣传手册,它使用朗朗上口的语句,配以形象生动的漫画,深入浅出地告诉我们的员工,什么是信息安全,为什么要信息安全,信息安全认识误区,严禁的信息安全行为等等。

猜您喜欢

TUV南德授予西门子工业信息安全运营中心ISO/IEC 27001认证证书
商业间谍与黑客参与搜索专利大战 APT攻击让员工信息安全意识
网络安全法动漫宣传片 002 国家网络安全的现状与重要性概述
洛阳培训机构押中8成事业单位试题 警方:没作弊
VERNOEMING SCAMMMERTELEPHONENUMBERS
安全生产、职业健康、环境保护
Favicon for 信息安全播客 18:45 HHS OIG Recommends Virginia Medicaid Address Security Gaps » Post from 信息安全播客 Visit off-site link

A federal watchdog agency is recommending that Virginia Medicaid, administered by the state’s department of medical assistance services, or DMAS, address security weaknesses that could potentially leave beneficiaries’ data vulnerable to breaches and state Medicaid operations susceptible to disruptions. Security experts say the audit’s recommended improvements are needed at many healthcare organizations.
See Also: Defend Against Spear Phishing: Encouraging Developments Gaining Momentum
The Department of Health and Human Services’ Office of Inspector General’s report released May 19 notes that the agency did not include specific details of vulnerabilities identified during an audit of Virginia’s Medicaid Management Information System because of “the sensitive nature” of the information.
The OIG’s general recommendations to Virginia presented in the report, however, cover an array of security control areas – including access and authentication – that also have been frequently spotlighted by the watchdog agency’s reviews of systems at other state or federal healthcare agencies, as well as their contractors (see HHS OIG: Medicare Contractors Struggle with Security Gaps).
In its report, OIG says it reviewed Virginia MMIS policies, procedures and information system general controls that were in place as of September 2015, determining that Virginia did not adequately secure its Medicaid data and information systems in accordance with federal requirements. “Virginia had adopted a security program for its MMIS, but numerous significant system vulnerabilities remained,”
the report states.
OIG notes that although it did not identify evidence that anyone had exploited the vulnerabilities, “exploitation could have resulted in unauthorized access to and disclosure of Medicaid beneficiary data, as well as the disruption of critical Medicaid operations.” The vulnerabilities were collectively and, in some cases, individually significant and could have compromised the integrity of Virginia’s Medicaid program, OIG adds.
OIG Recommendations
OIG recommended that Virginia “improve its Medicaid security program to secure Medicaid data and information systems in accordance with federal requirements, provide adequate oversight to its contractor, and address the vulnerabilities identified during our audit.”
Specifically, OIG recommended that Virginia enhance its Medicaid:
网络安全法动漫宣传片 002 国家网络安全的现状与重要性概述

Systems and information integrity controls;
Risk management process;
Access and authentication controls;
Audit and accountability controls;
System and communications protection controls;
Configuration management controls.
OIG notes in the report that Virginia concurred with the agency’s recommendations and described corrective actions that it had taken or planned to take.
Common Problems
The MMIS security control areas that OIG recommended Virginia bolster are also frequent trouble spots for healthcare sector entities and their business associates.
“These are common areas where audits reveal weaknesses in security controls,” says Keith Fricke, principle consultant at tw-Security.
“In particular, the risk management process is often lacking, and this is something we’ve heard the HHS Office for Civil Rights say at conferences over the past six months,” he notes. “A good and consistent risk analysis/risk management process would identify the security controls areas in need of attention and define the plan to address them.”
As cybersecurity attacks rage, weak access controls are especially worrisome, says Mac McMillan, president of security consulting firm CynergisTek.
“Given the recent incidents with WannaCry and other malware types, I’m always concerned when I see integrity and access control issues,” he says. “Right now everyone needs to be diligent in basic management of security.”
Assessing Risks
The OIG review of Virginia Medicaid is one in its series of audits of states’ computer systems used to administer HHS-funded programs. The report notes that Virginia’s Medicaid program uses an outside contractor to develop and operate its claims processing system.
Virginia’s Medicaid program processed $8.2 billion in claims for nearly 1.3 million beneficiaries in fiscal year 2015, the report notes.
The Virginia Information Technology Agency supports the state’s DMAS Medicaid Management Information System by providing cybersecurity, information technology services and governance.
In a statement to Information Security Media Group, DMAS says it is “addressing the findings of the OIG and will meet the timeline established by our Director of Information Management.”
In March, OIG released a review of Massachusetts’ Medicaid information systems with findings of various security weaknesses, including security management, configuration management and website and database vulnerability scans.
Fricke notes that while the OIG’s reviews of government agencies bring to light security vulnerabilities that need to be addressed by those entities, it’s critical that private sector organizations also scrutinize their systems for similar weaknesses.
信息安全管理体系的部署是一个商业项目,而不是技术或IT项目。除非获得会对业务的成功有重要影响力的董事会、高层管理及高阶业务和职能经理们的积极支持,否则项目会失败。
“With a good risk analysis and risk management process in place, healthcare sector organizations and business associates can identify risks and prioritize them,” he says. “Often starting with medium-to-high ranked risks that are low-cost/low-effort to address gets results and creates momentum.”
网络信息安全是一个关系国家安全、主权和社会稳定的重要问题。美国是全球互联网的最大垄断者、霸权者,无疑是一个强大的“网络帝国”,并且在事实上把持着国际互联网的生杀大权。

猜您喜欢

消防安全小贴士|如何正确拨打119报警电话?
企业安全意识之歌
Cyber Security Law 网络安全法宣传视频系列001
这22个县级市城区人口规模堪比地级市 义乌领先
HOME DEVINDOORS
网络信息安全小曲
Favicon for 信息安全播客 17:46 What kind of month was April for health data breaches? » Post from 信息安全播客 Visit off-site link

安全问题总难免会出现,重要的是要及时修复,要有正确的响应,您的组织有明确可操作的信息安全紧急事件响应流程吗?有进行过演练吗?事故之后有没有总结和分享经验?

infosec-video-elearning-a425859123855459

网络安全法宣传推广视频 https://v.qq.com/x/page/p050493s0f5.html

永远存在未知的缺陷,所以您和您的组织需要永远修复系统中的漏洞或弱点。

猜您喜欢

距离理工实验室开放还有两天!史上最全RUC实验室参观攻略参上
网络安全宣传月公益教育动画之保障工作场所安全
网络安全法视频宣传片 第二集 国家网络安全的现状与重要性概述
我们都是深井冰(631):姑娘这当自己家了吧
BRITAC ETIMER-TAB
家庭办公并非两难选择
Favicon for 信息安全播客 10:42 VMware Patches Workstation Vulnerabilities » Post from 信息安全播客 Visit off-site link

VMware informed customers last week that updates released for the Linux and Windows versions of Workstation patch privilege escalation and denial-of-service (DoS) vulnerabilities.
One of the flaws, discovered by Jann Horn of Google Project Zero and tracked as CVE-2017-4915, affects VMware Workstation Pro and Player 12.x on Linux. The weakness has been classified as “important” severity.
The security hole, described as an insecure library loading vulnerability, allows an unprivileged host user to escalate their privileges to root on the host via ALSA sound driver configuration files.

infosec-video-elearning-a511803a85b39582

哈尔滨太平国际机场口岸开展核与辐射事件应急处置演练
The second vulnerability, identified by Borja Merino and tracked as CVE-2017-4916, affects VMware Workstation Pro and Player 12.x on Windows.
This “moderate” severity flaw is a NULL pointer dereference issue that exists in the vstor2 driver. An attacker with regular host user privileges can exploit the vulnerability to cause a DoS condition on the host machine.
The vulnerabilities have been patched with the release of VMware Workstation 12.5.6. There are no workarounds for either of the flaws.
VMware has released eight other security advisories this year, including for an Apache Struts 2 vulnerability that had been exploited in the wild, and security bugs disclosed by white hat hackers at this year’s Pwn2Own competition.
Exploits involving VMware virtual machine escapes earned participants more than $200,000 at Pwn2Own 2017. Researchers at Qihoo 360 received $105,000 for an Edge exploit that achieved a VM escape, while Tencent Security’s Team Sniper earned $100,000 for a Workstation exploit.
Related: VMware Patches Vulnerabilities in AirWatch Android Apps
Related: VMware Patches Critical RCE Flaw in vCenter Server
Related: VMware Patches VDP, ESXi Vulnerabilities
GPS和一些定位服务的缺陷可让黑客跟踪智能手机用户,不要说黑客和监管机构,现在手机的硬件商、软件商、运营商、WIFI接入商等等都可以跟踪和控制手机用户,所以除非必要,在不用时,将数据网络和定位功能都关掉。
企业调查称繁荣的云计算加剧网络犯罪率,供应商来确保客户的云服务是安全的,而客户也必须提高安全意识,积极的寻找可能的防御洞,并确保在离开供应商之前来将备份磁盘加密。

猜您喜欢

信息中心关于举办正版化培训的通知
地理位置泄漏个人信息引来窃贼
网络安全法学习课堂
马化腾买了一辆新车,价值千万无法上路
FACEBOOK BIBLELANDSTUDIOS
再谈安全意识教育
Favicon for 信息安全播客 05:34 想哭到Windows 7机器最 » Post from 信息安全播客 Visit off-site link
Favicon for 信息安全播客 05:34 WannaCry Hit Windows 7 Machines Most » Post from 信息安全播客 Visit off-site link

19日晚公告精编丨华夏幸福拟与华为战略合作,遭问询
WannaCry Hit Windows 7 Machines MostMore than 95% of all of the infected machines were running Windows 7, according to Kaspersky Lab data.Don’t blame Windows XP: Now that the dust has started to settle in the epic global WannaCry ransomware worm attacks, new data shows that the hardest hit version of Windows in the attacks was the soon-to-be-fully-retired Windows 7 – specifically, the 64-bit version of the OS, which suffered 60% of the ransomware infections, according to data from Kaspersky Lab.
Another 31.72% were Windows 7 proper, and another 6% were Windows 7 Home OS machines.
Amid the chaos and panic during the outbreak and fast spread of the worm that first reared its head on May 12 were calls for organizations to keep their Windows machines updated with the latest patches and to abandon older Windows operating system versions like Windows XP and Windows 7. XP ended up being less of a victim factor than experts initially posited.
Costin Raiu, head of the global research and analysis team at Kaspersky Lab, says the WannaCry attackers didn’t activate support for targeting XP machines. “Their code worked only with Windows 7, Windows 7 x64 and Windows 2008 servers,” Raiu says. “So, while in theory it was possible to implement support for the infection of Windows XP, it seems they didn’t. This could be because they thought almost nobody uses XP anymore, or because they didn’t have time to finish the worm before the ransomware was released.”
Some XP machines threw error messages or crashed during WannaCry, but they weren’t successfully infected with the malware, according to several researchers who studied the code. Microsoft even issued a rare emergency patch for XP and the also-retired Windows 2003 Server platforms out of abundant caution.
While leftover Windows XP-based machines and systems (think some medical and ICS devices) running out there dodged a bullet, the narrative advice of “patch and update” remains just as relevant when it comes to the older and still widely deployed Windows 7 OS, which Microsoft has begun to phase out with some limited extended support options for its business customers. Windows 7 Service Pack 1 expires on January 14, 2020. 
BitSight says the consumer-heavy telecommunications sector led WannaCry infections with 15.31% of the ransomware victims worldwide, and the Russian Federation topped the list of victim nations, with some 25,829 infected machines, followed by China (22,991), Taiwan (7,625), Ukraine (5,974), the US (4,557), and others, in some 167 nations affected by the attack.
Dan Dahlberg, research scientist at BitSight, says researchers are still studying just why Windows 7 was hit hardest. “It is known that the worm had difficulty infecting Windows XP machines and spreading as it often caused the machine to crash when it attempted to exploit the vulnerabilities,” he says. “Microsoft has also designed a more seamless automatic update experience for Windows 10 that would have allowed for the MS17-010 patch to be installed on a much larger population of Windows 10 machines compared to older operating systems.”
From WannaCry to “EternalRocks”
WannaCry isn’t really ever going to be over. Subsequent copycats and variants are circulating at a rapid clip.
不要贪小便宜。世界上没有免费的午餐,哪怕在流行免费的互联网上也是一样。
The most interesting attack to surface: a piece of malware known as “EternalRocks” network worm that employs six of the NSA tools leaked by Shadow Brokers, which actually dates back to May 3 of this year, before WannaCry was found.
EternalRocks uses multiple SMB exploits from the NSA trove, including EternalBlue (the one WannaCry used), Eternal Champion, EternalRomance, and EternalSynergy, plus the DoublePulsar, Architou8ch, and SMBTouch tools.
Security experts say while the radical combination tool is intriguing, so far it’s not doing much damage since it doesn’t carry a payload per se: just a backdoor implant. “At this time, the malware is not weaponized, but allows remote code execution once installed on a machine, so it could potentially be weaponized later,” notes Chris Hinkley, lead ethical hacker for Armor.
EternalRocks won’t be the last of the recycled NSA cyber tools going rogue. Security experts are keeping  close eye on the next wave of attack campaigns now that WannaCry blazed a trail with the worm-spread ransomware technique. 
Related Content:
5 Security Lessons WannaCry Taught Us the Hard Way
NSA Tools Behind WannaCry Being Used In Even Bigger Attack Campaign

WannaCry: Ransomware Catastrophe or Failure?
WannaCry’s ‘Kill Switch’ May Have Been a Sandbox-Evasion Tool
不要回复那些让您打一个电话号码去更新您的帐户的消息。如果您需要和那些组织联系您的业务,请拨打您的合约或发票上提供的电话号码。

猜您喜欢

网络安全宣传周动画——出差在外时注意保护信息设备
安全活动周企业安全负责人员畅谈办公室及网络信息安全基础
网络安全法培训短片
别具一格 丰田凯美瑞海外将推性能套件
CMFMFANS CAI-LA
海外风险与安全基础知识,海外留学或移民需知,出国前的必修课:

News stories from Monday 22 May, 2017

Favicon for 信息安全_比特网 23:19 » Post from 信息安全_比特网 Visit off-site link
勒索病毒来势汹汹,梭子鱼给您支招防范
Favicon for 信息安全_比特网 23:06 » Post from 信息安全_比特网 Visit off-site link
业务安全新挑战创新动态安全技术研讨会
Favicon for 信息安全_比特网 23:02 » Post from 信息安全_比特网 Visit off-site link
告诉你不一样的云安全2.0:清晰准确的风险可视化呈现
Favicon for 信息安全_比特网 23:00 » Post from 信息安全_比特网 Visit off-site link
WannaCry 不相信眼泪 它需要你的安全防御与响应能力
Favicon for 信息安全_比特网 15:46 » Post from 信息安全_比特网 Visit off-site link

News stories from Sunday 21 May, 2017

Favicon for 信息安全_比特网 21:00 » Post from 信息安全_比特网 Visit off-site link
此次“永恒之蓝”这样的大规模网络安全事件的爆发,或许也正是对传统安全防御模式进行改变和变革的一个契机。

News stories from Friday 19 May, 2017

Favicon for 信息安全_比特网 21:51 » Post from 信息安全_比特网 Visit off-site link
2017年5月12日起,“永恒之蓝”勒索蠕虫利用微软系统漏洞横扫全球,目标直指没有及时更新系统补丁的Windows系统
Favicon for 信息安全_比特网 21:13 » Post from 信息安全_比特网 Visit off-site link
《数据至上,业务安全——2017年医疗行业信息安全调查报告》(简称报告)
Favicon for 信息安全_比特网 10:52 » Post from 信息安全_比特网 Visit off-site link

News stories from Thursday 18 May, 2017

Favicon for CIO频道_比特网 09:55 » Post from CIO频道_比特网 Visit off-site link
近日,“一带一路”国际合作高峰论坛圆满召开,国家主席习近平曾引用莎翁的名言,“凡是过去,皆为序章”。而“一带一路”论坛所拉开的,则是以中国为纽带、以世界为舞台的,新经济时代的序章。