勒索病毒变异版再引爆发高峰:神秘黑客组织曝光

虽然一方面各种应急手册、紧急补丁、漏洞修复工具,以及让家庭用户安心的科普文章在大量刷存在感。但另一方面,我们看到该病毒的变异版如约而至”,被攻击范围和受攻击次数在不断增加,已受攻击网络依旧没有很好的处理方案。
勒索病毒变异版再引爆发高峰:神秘黑客组织曝光在病毒袭击爆发的48小时之内,我们身边的学校、加油站、政府网络已经相继有受袭案例传出,在国外更是直接产生了病毒影响医院工作的恶性事件。
这样肆虐全世界的病毒袭击,已经很久没有出现在人类世界的新闻当中了。而此次事件的多方矛头,都指向一种名为WanaCrypt0r 2.0”的蠕虫病毒。这种病毒被广泛认定为是根据 NSA(美国国家安全局)此前泄露的黑客渗透工具之一,永恒之蓝(Eternal Blue)升级而来。
假如这次事件明确指向NSA的渗透武器泄露事件,那么此次大规模病毒肆虐恐怕很难被定义为孤立事件。
反而更有可能是,此次事件与之前著名的黑客组织影子经纪人(Shadow Brokers)”攻破NSA黑客武器库,导致大量基于Windows系统漏洞的黑客工具流失事件有关。这次流散出的工具绝不仅仅是永恒之蓝”一种或一个类型。其中隐含的未知风险,也许比目前大众判断中更加惊人。
如果看过生化危机,那这集剧情你可能眼熟
关于举办网络与信息安全攻防技能提升培训班(第四期)的通知
黑客们现在的动机很明显,他们有确定的目标,就是我们的核心数据,通过利用先进的黑客技术,试图甚至可以获得这些重要的数据,比如商业标底,产品设计,知识产权等等,然后出售给我们的商业竞争者,最终让我们蒙受重大损失。
恰好在一个月前的4月15日,已经屡次出手教训”NSA的神秘组织影子经纪人”发布了一份关于NSA的泄密文档。
这份300M的转存文档中,是NSA旗下黑客组织方程式”的入侵工具,主要针对微软的Windows系统和装载SWIFT系统的银行。
这些恶意攻击工具中,包括恶意软件、私有的攻击框架及其它攻击工具。根据已知资料,其中至少有设计微软23个系统漏洞的12种攻击工具,而这次完成变身出击”的永恒之蓝,不过12种的其中之一而已。
永恒之蓝所针对的是Windows中的SMB网络文件共享协议所存在漏洞。其他针对RDP远程显示协议、Kerberos 服务器认证协议的尊重审查(Esteem Audit)、 爱斯基摩卷(Eskimo Roll)等等,说不定还在暗中蠢蠢欲动。[1][2][3][4]下一页
尽管多年来我们一直致力于教育最终用户如何选择和使用一个好的密码,但是仍然很多人经常犯错,而大都是可以轻易避免的错误。不要成为经常犯低级错误的人,遵守良好的密码使用实践,您将会出人头地。

猜您喜欢

实名制后怎样保障用户信息安全
信息安全培训测验
网络安全法宣传推广视频 https://v.qq.com/x/page/p050493s0f5.html
视频:射速最快机枪 3秒就把一辆车扫成渣
MAGNAT ONENORTHINTERACTIVE
信息安全意识培训游戏之安全防御战

雅虎邮箱也“出血”了,雅虎选择弃用ImageMagick

1.png

近日,图像处理库ImageMagick曝出Yahoobleed漏洞,雅虎邮箱个人邮件图片附件与身份凭证等面临泄露风险。漏洞曝出后,雅虎弃用了这个图像处理库。

ImageMagick

ImageMagick是一个广泛使用的开源图像处理库,自90年代就投入使用,可以让用户自主调整图像大小,缩放、裁剪,以及给图像加水印等。ImageMagick支持PHP,Python,Ruby,Perl,C ++等多种编程语言,可融入到各种项目、操作系统和应用之中,也包括雅虎、Facebook等大型网站。

这些年ImageMagick不断曝出漏洞。 2014年5月,安全研究人员发现ImageMagick允许“恶意构造图像强制Web服务器执行攻击代码”。2016年,又曝出了名为ImageTragick的0-day漏洞。利用这个漏洞,黑客可以往Web服务器上传恶意构造的图像,进而执行恶意代码。ImageMagick拥有很多“社交媒体和博客站点”用户,因此,其漏洞造成的影响也十分广泛。2016年10月,Facebook因为ImageMagick漏洞支付了40,000美元的奖金。

Yahoobleed

上周,安全研究员Chris Evans又发现了ImageMagick的一个漏洞,仅需发送18个字节的利用代码,就能令雅虎服务器泄露邮箱用户的图片。Evans因此获得了Yahoo高达14,000美元的奖励,也就是每个字节奖励778美元。

Evans将这个漏洞命名为“Yahoobleed#1”(YB1,雅虎出血?),YB1会导致存储在服务器内存中的图片泄露。

该漏洞实际上存在于RLE(Utah Raster Toolkit Run Length Encoded)图像格式中。攻击者只需创建一个恶意的RLE图像,并将其发送到受害者的电子邮箱,然后创建空RLE协议命令循环,就能造成信息泄露。

2.png

Evans演示了该漏洞PoC,即利用该漏洞攻击雅虎电子邮件帐户。他创建了一个包含18字节漏洞利用代码的恶意图像,并将其作为电子邮件附件发送给自己。一旦附件送达雅虎的电子邮件服务器,ImageMagick就对图像进行处理,以生成缩略图和预览,但是由于执行了Evans的漏洞利用代码,Imagemagick生成的图像附件预览是损坏的。点击图像附件后,会启动图像预览窗格,展示仍储存在服务器内存中的部分图像信息,但不显示原始图像。

与越界读取的Heartbleed与Cloudbleed漏洞不同,Yahoobleed漏洞利用的是未初始化或以前释放过的内存内容。

Evans说:“以前的bleed漏洞通常是越界读取,但是Yahoobleed却利用了未初始化的图像内容。未初始化的图像解码buffer是客户端呈现图像的基础。这就泄漏了服务器端的内存信息。与越界读取相比,利用未初始化内容获取信息更加隐蔽,因为它不会造成服务器崩溃。不过这种方式能够获取的信息也仅限于已释放的堆。”

此外,Evans还发现了Yahoobleed#2(YB2)漏洞这个漏洞出现的原因是雅虎未能及时安装ImageMagick在2015年1月发布的关键补丁。YB1和YB2二者结合使用,可以让攻击者直接获得Yahoo Mail用户的浏览器Cookie,身份验证token和个人图片等信息。

Yahoobleed的修复也很简单,通过如下过程就能实现:

(void)ResetMagickMemory(pixels,0,pixel_info_length);

雅虎弃用ImageMagick

在Evans向雅虎提交了18字节的PoC之后,雅虎认为ImageMagick的bug太多,修复很麻烦,因此决定不再进行修复,而是直接弃用。

QQ截图20170524160804.png

向雅虎报告这个问题后,Evans又向ImageMagick团队报告了漏洞。事实上,两个月前,ImageMagick已经发布了ImageMagick 7.0.5-1版本,针对YB1和YB2漏洞进行修复。由于Yahoo Mail并未及时更新,才被Evans检测出漏洞。

现在,Linux和其他下游用户已经可以下载ImageMagick的新版本更新修复了。去年,与ImageMagick相关但独立的GraphicsMagick也已经修补了相同的bug。要注意的是,使用ImageMagick图片库的其他大型Web服务可商仍可能受漏洞影响,建议尽快进行修复,更新到最新版本。

参考来源:THN, AngelaY编译,转载请注明来自FreeBuf.COM

教育非赢利机构计算机安全意识

猜您喜欢

软件业 经济增长新引擎(图)
Calling time of death on HHSs breach tool http://news.securemymind.com/201705242751.html
收购两大翘楚 Blue Coat加紧全面布局云安全
Security-Frontline-安全前线
ENC-DIC TIREDOCK
实现安全控管不能仅仅信赖技术创新
构筑反恐维稳钢铁长城确保意识形态领域安全

程序开发人员也需要信息安全意识,实际上广泛意义上的IT互联网行业从业人员都要加强自身的安全意识。
Organizers at the DEF CON hacking conference in July are planning a mass cracking of US electronic election machines.
The event, which for over 20 years has attracted the best and the brightest in the hacking community, will see a group hackathon against the voting machines that are used in every US election these days. The purpose is to check whether the machinery that underpins the electoral system is up to scratch.
“Pretty much, just like everything else, it’s time for hackers to come in and tell you what’s possible and what’s not,” DEF CON founder Jeff Moss told Politico. “We’re only going to play with them for a couple of days, but bad guys can play with them for weeks or years.”
America was one of the earliest adopters of electronic voting systems, in part due to the fiasco of the 2000 presidential election that saw lawsuits over partially punched paper ballots. But there have been doubts raised about the security of electronic systems almost immediately since their introduction.
While there has never been definitive proof of election machine hacking, it has long been a concern and there have been allegations aplenty. Even now, security experts are finding worryingly easy ways to subvert legitimate vote counts.
“Up until now, the voting machine companies keep telling us everything is totally secure, when everyone in cybersecurity knows there’s nothing that’s totally secure, it’s all just a matter of risk mitigation,” said Jake Braun, cybersecurity lecturer at the University of Chicago. “It’ll be good to get some independent folks who don’t have an ax to grind one way or the other.”
Other countries are also troubled by the prospect of voting machine manipulation. India is to hold a hackathon for its election machines to find out if they can be subverted, and the EU has voiced concern about voting security. US regulations on voting machines are lax to say the least, and the DEF CON crews should find lots of interesting holes.
The Register has yet to receive a response from manufacturers as to whether they will be patching beforehand. ®
Security-Frontline-安全前线

内地多家SOC安全运维中心正式成立,数据中心、运营商和安全厂商可以利用这一合作模式,为客户提供更有商业竞争力的网络信息安全保障服务。

猜您喜欢

格尔软件:专注于PKI 领域的信息安全领先厂商
信息安全在线课程
Security-Frontline-安全前线
与海外车型有区别 国产新君威内饰官图
WFSU STORIESOFCROSSDRESSING
PCI-DSS安全意识培训

如何使用连接知道你的应用程序调用

我们要走在网络犯罪份子的前面,并不表示我们就一定要比犯罪份子更厉害,通常我们只要能够识别犯罪份子的常见诈骗伎俩就已经足够。
LMS学习管理系统管理员快速操作指南
狡猾的黑客们也可能会多次变换短链接,甚至自己搭建短链接系统蒙骗安全扫描机制,安全信誉评级在时间的响应上会有延迟,所以加强用户不点击奇怪消息中的链接的安全意识培训很必要。

猜您喜欢

案例分享:TT物联网是什么?
如何防范假冒WiFi热点
Cyber Security Law 网络安全法宣传视频系列001
第四任妻子出书曝拉登被杀前遗言:他们要的人是我
PTLAND RACELAKELAND
大数据的成功关键在公众安全信心

Ransomware saw a more than eight-fold (752 per cent) increase as a mode of attack in 2016, according to Trend Micro.
勒索看到超过八倍分)作为一种攻击模式增,根据趋势科技。
The infosec firm estimates file-scrambling malware families such as Locky and Goldeneye raked in $1 billion in 2016.
信息安全公司估计文件加扰的恶意软件家族如Locky和黄金亿美元。
2016 was the year when ransomware ruled, and this danger has been maintained by recent WannaCrypt attacks and the latest threat Eternal Rocks, which has no kill switch and continues to grow.
2016是在勒索统治以来,这种危险已经被最近的wannacrypt攻击保持最新威胁的恒久不变的岩石,它没有杀死开关和持续增长。
Trend Micro’s report, Ransomware: Past, Present and Future (pdf), provides a useful overview of the history and evolution of ransomware, from its beginnings in Russia in 2005/6 to the growth of the ransomware-as-a-service (RaaS) business model.
趋势科技的报告,勒索:过去、现在和未来(PDF格式),提供了历史演变和勒索的一个有用的概述,从一开始在俄罗斯 \/ 6的ransomware-as-a-service生长(RAAS)的商业模式。
RaaS means that unskilled crooks can hire code and rent the command and control infrastructure they need to run ransomware attacks.
RAAS意味着不熟练的骗子可以雇佣代码和租金的指挥和控制基础设施需要运行勒索攻击。
Crooks behind ransomware attacks in general are targeting organisations rather than individual consumers, with the encryption of business-critical files like databases in order to inflict the maximum damage and exert the maximum leverage in securing payouts.
一般在勒索攻击骗子瞄准的是组织而不是个人消费者,具有关键业务数据库为文件加密造成的最大伤害,在确保支出发挥最大的杠杆。
Trend Micro’s report concludes with a list of top tips in defending against ransomware attacks. It’s mostly standard stuff about the need for patching and users education against the threat of phishing. However it’s backup advice is a slight variant on the usual. Regular back-ups of key data: three copies, two formats, and one air-gapped from the network should be taken, security researchers at Trend Micro advises. ®
趋势科技报告的结论与防御勒索攻击顶部提示表。这主要是标准的东西,需要修补和用户教育对网络钓鱼的威胁。然而,它的备份建议是一个轻微的变化,通常。关键数据定期备份:三份,两种格式,和一个空气间隙的从网络中应采取的措施,在趋势科技安全研究人员建议。®
LMS学习管理系统管理员快速操作指南
硬件防火墙比软件防火墙更安全争执显得再无意义,防火墙都是运行在硬件上的网络软件应用程序。
信息系统的数据安全管理本身并不复杂,处理业务过程也很明确和简单,但是在一个企业里要约束企业的业务人员处理信息的行为,没有明确制度约束是无法实现的。

猜您喜欢

全球顶级IT展会或来佛山
公司内部信息安全意识沙龙参加者寥寥无几
Security-Frontline-安全前线
全新哈弗H6 | 5.20武汉源华荣耀上市发布会!
WALLDECORIDEA EBERHARDSDAIRY
保密课程在线

Ransomware saw a more than eight-fold (752 per cent) increase as a mode of attack in 2016, according to Trend Micro.
The infosec firm estimates file-scrambling malware families such as Locky and Goldeneye raked in $1 billion in 2016.

2016 was the year when ransomware ruled, and this danger has been maintained by recent WannaCrypt attacks and the latest threat Eternal Rocks, which has no kill switch and continues to grow.
一些缺少技术、资金支撑的地方政府网站,可以合并,由省级、地级政府建一个大的网络平台,而不是为了短期的政绩,匆匆上马网站,又被黑客控制。
Trend Micro’s report, Ransomware: Past, Present and Future (pdf), provides a useful overview of the history and evolution of ransomware, from its beginnings in Russia in 2005/6 to the growth of the ransomware-as-a-service (RaaS) business model.
RaaS means that unskilled crooks can hire code and rent the command and control infrastructure they need to run ransomware attacks.
Crooks behind ransomware attacks in general are targeting organisations rather than individual consumers, with the encryption of business-critical files like databases in order to inflict the maximum damage and exert the maximum leverage in securing payouts.
国家网信办发布互联网新闻信息服务管理规定
Trend Micro’s report concludes with a list of top tips in defending against ransomware attacks. It’s mostly standard stuff about the need for patching and users education against the threat of phishing. However it’s backup advice is a slight variant on the usual. Regular back-ups of key data: three copies, two formats, and one air-gapped from the network should be taken, security researchers at Trend Micro advises. ®
多个中文版的虚假杀毒软件出现,“免费”的幌子令大量用户在输入手机号码后被恶意扣费,损失惨重。

猜您喜欢

国家网信办发布互联网新闻信息服务管理规定
网络安全公益短片个人信息保护实战
网络安全法网络宣传片 002 国家网络安全的现状与重要性概述
刘作虎宣布一加5搭载骁龙835:今年主打流畅度
EMPOWERNETWORK WESTARK
如何防范垃圾短信、骚扰电话、电话诈骗

好:个人信息曝光人在斯蒂尔沃特未经授权的访问,获得电脑城后

蜡笔小新食品(01262)股价下跌5.952%,现价港币$0.395AASTOCKS市…
上市公司:安全事故披露普遍滞后,投资者、社区居民和社会公众等待着上市公司的权威公告,时间越长,舆情越可能往不可控的方向发展。
人人都在思考我们的商业竞争环境问题,环境是人们组建的,所以最终还是人员的问题,加强组织内部人员的商业道德建设和信息安全保密观念,对于提升企业的长久竞争力,大有裨益。

猜您喜欢

上海普威图文加密分享数据加密技术
针对全员的ISO14001体系在线动画培训问世
学习管理系统LMS 学员操作演示
北京92号汽油每升降0.21元 年内最大降幅
THE-MAHARAJAS GEEKBOBBER
“毁灭世界的力量”基于云计算的僵尸网络

纽约:尼什卡纳学校笔记本电脑被盗,设备上个学生个人信息

.m-corr{margin:0px 0px 15px 0px;}.m-corr h3{font-weight:lighter;font-size:13px;background:url(‘

需检视补丁管理流程,加强漏洞的监控,通过多渠道订阅软件的弱点报告信息,及时走变更管理流程、修复它们,降低可能带来的安全隐患。
数字取证帮助抓住网络黑手,实际上通过聪明地分析系统日志,可以发现不少攻击事件的端倪,不过数字取证并不能局限于技术产品和相关的培训,要将其转化为商业服务才更有价值,这还需我们培育相关的法制环境。

猜您喜欢

今年拟建执法情报信息中心
全民国家安全教育-海外安全防间谍
网络安全法网络宣传片 002 国家网络安全的现状与重要性概述
特朗普首访中东的22个瞬间
LITHONPLUS-STEINMANUFAKTUR GIFTS-ARE-US
互联网金融“宝宝们”的信息安全敌手并非黑客

纽约:尼什卡纳学校笔记本电脑被盗,设备上个学生个人信息

目前许多受害公司根本不愿意公布被害事件。即便越来越多的公司公布这类事件的细节,大多数企业领导们也会认为这些安全事件不会发生在他们自己身上,直到悲剧在他们身上上演后才相信。
2017陕西省网络安全论坛暨网络安全技能大赛即将举行

当您准备丢弃过时的电脑、服务器、网络设备和打印机等的时候,请注意这项工作并不是那么简单。如果您不采用适当的措施来彻底删除或清除这些设备,它们将可能带走您公司的敏感信息。

猜您喜欢

电信研究院全国互联网信息安全综合管理系统2016年运维专项
信息安全意识教育案例之商业黑客参与搜索引擎专利大战
网络安全法学习课堂
糕点师打造唯美婚纱蛋糕
BLOOMINGHOMESTEAD VOTEMAXFOWLER
网络安全宣传日网上交易安全培训视频

How to protect your laptop in cargo when you fly

PAUL J. RICHARDS/AFP/Getty Images
Flying is not as simple as it used to be.
The threat of terrorism in the West and further afield has made security in many aspects of life more difficult to ensure.
The 9/11 attacks on the US World Trade centers in 2011 in which four planes were hijacked by members of al-Qaeda prompted tighter controls at airports and restrictions on carry-on luggage, and since then, bombings, suicides, and violent attacks against the public have carried on.
At the time of writing, Islamic terrorist organization ISIS has claimed responsibility for the latest attack conducted in the name of the group, in which at least 22 people — including children — were killed at a concert in Manchester, UK.
As part of President Trump’s election campaign, he promised to keep Americans safe by introducing immigration controls.
While the so-called “Muslim ban” caused chaos for the public and technology vendors alike whose staff had trouble traveling to and fro as it barred citizens from seven Muslim-majority countries from entering the US for 90 days — leading to US judges issuing injunctions against the order and protests en masse — Trump also introduced changes for flights into the country due to fears that terrorists would smuggle explosives or bombs onto flights within electronics.
The US now bans certain electronic devices, depending on size, from being taken on specific flights as cabin luggage. The UK was quick to follow suit.Current rules and regulationsWhat is banned? US: Electronic devices which are larger than your average smartphone, including laptops, tablets, e-readers, cameras, travel printers/scanners, and game consoles.
UK: The UK has banned laptops, tablets and other electronic devices larger than 16cm x 9.3cm x 1.5cm. (However, as many smartphones these days fall into these measurements, they will still be allowed on board.)Which flights are affected? US: If you are booking a flight to and from the US via Egypt, Turkey, United Arab Emirates, Kuwait, Qatar, Morocco, Jordan, or Saudi Arabia, you will be required to stow your electronic devices in cargo.
Specifically, any flights leaving from the Queen Alia International Airport (AMM), Cairo International Airport (CAI), Ataturk International Airport (IST), King Abdul-Aziz International Airport (JED), King Khalid International Airport (RUH), Kuwait International Airport (KWI), Mohammed V Airport (CMN), Hamad International Airport (DOH), Dubai International Airport (DXB), and Abu Dhabi International Airport (AUH) are required to submit to the new security measures.
UK: In the United Kingdom, flights from Turkey, Lebanon, Jordan, Egypt, Tunisia and Saudi Arabia are affected in the same manner.

If you are catching a connecting flight, check with your carrier ahead of time as you are likely to be made to place your items in cargo.
See also: Laptops and tablets banned? Here’s how to stay productive in flight
President Trump is reportedly considering extending this ban to flights from Europe, and should this be the case, it is likely the UK — and potentially other countries — will follow suit.
Business and First-class passengers can loan a laptop from Qatar Airways, but if you are forced to put your tablet or laptop into cargo, there are things to consider.The consequences Being separated from your devices comes with the risk of theft, tampering, and physical damage. It is worth contacting your insurer to see if they will make an exception for flights, as in general, most will not traditionally cover any damage caused by bumps, scrapes, or theft if you are separate from your device for a period of time.
In addition, many airlines, such as American Airlines and United will not accept liability for damaged computers in cargo.
Here are some tips, best practices, and a gadget or two which can help keep your devices as safe as possible on your next flight.
Not much time? View in pictures below:
How to protect your laptop in cargo when…
SEE FULL GALLERY
1 – 5 of 8
NEXT
PREV
1. Before you leave, backup your information: The general rule of thumb used to be: anything you want to see again, don’t put in cargo. Now that there is sometimes no choice, apply this rule instead to your data. Use an external hard drive or a cloud service to create a copy of your information before you go.
2. Consider the content on your device: Data can be cloned, checked baggage can be stolen. Before you leave home, have a think about what information is stored on your smartphone or laptop and, despite the annoyance which may accompany such a move, you may want to consider removing all but the bare bones from your device. If you don’t want anyone else to see it, either leave it at home as a copy or wipe it.
3. An external storage solution: There is currently nothing in the rules to say that an external hard drive, flash drives, or memory cards which are smaller than your average smartphone cannot be taken with you in the cabin. The prospect of losing critical information from your laptop or tablet, or irreplaceable photos from your camera can be heartbreaking, so keep these storage devices on your person. If you have any room to spare in your cabin luggage, a protective sleeve or case to keep your storage devices safe is recommended.
我们要制定移动安全政策和标准、部署或升级控制措施,还得加强员工的移动设备安全意识教育。
4. Fully encrypt and password-protect your laptop: At the least, you should make sure your laptop or tablet is password-protected. To enhance your personal security further, fully encrypting your device can make it far more difficult for spying eyes to access your property, as well as view or clone your information.
Encryption guides: Privacy 101: How to encrypt your iPhone in one minute | How to encrypt your Android smartphone or tablet | How to encrypt your Apple Mac | How to encrypt Microsoft Windows machines
See also: Must-have mobile apps to encrypt your texts and calls
5. Have a spare? With checks at the border on the rise, reports of customs in both the US and UK demanding passwords and account information, I am probably not the only one that takes a spare smartphone and laptop away. Rather than having anything to hide, I personally resent the intrusion into my privacy, and so I would only — grudgingly — give the bare minimum when asked at these crossings. If you have the budget, taking travel-only “burner” smartphone and laptop without any valuable or sensitive information, account links and data could be a way not only to keep your privacy intact but also to salve the heartache should your devices end up stolen or damaged in transit.
6. Sealed, tamper-proof packaging: It is not always evident if someone has been snooping in your things, so consider using sealed and tamper-resistant packaging will at least warn you in the event your bag has been searched without your knowledge.
7. Packing properly is key: Cargo bags are thrown about, stacked on top of each other, and the pressure of luggage piled up can create the perfect environment to destroy valuable, delicate electronics. UrbanArmor offers rugged casing for everything from Samsung smartphones to Apple Mac laptops, Ottorbox has fashionable and slightly cheaper alternatives, but for a sturdy, foam-filled laptop case you can trim to your own specifications, head over to Maplin.
8. LoJack: One of several tracking services on offer, LoJack is a subscription-based service which uses hard-wipe resistant software embedded in your device’s firmware to act as a location tracker and alert system if your laptop is tampered with.
Read on: You’re right. That ‘electronic Muslim ban’ makes no sense
More security news
Apple reveals it received a secret national security letter
After the ransomware attack: Hospitals are still recovering from the WannaCry infection
华锐风电沦落1元股 安信证券赚1亿保荐费坑惨30万股民
Fresh wave of mutating Qakbot malware brings down enterprise networks
Bogus movie subtitles could let hackers take over your device, warn security researchers
数据分级时有制定数据的“所有者”及给敏感数据分级,按照分级的要求制定严格的访问控制策略,基本的思想是最小特权原则和权限分离原则。

猜您喜欢

网络安全意识培训——电信诈骗防范
陆易Louis是知名的搜索引擎公司搜度SoDo公司的一名资深研发组长,看看他遇到了什么搜索算法问题,以及信息安全调查人员有什么发现。
Cyber Security Law 网络安全法宣传视频系列001
法国总统选举
NORWEGIANCLASS101 WEBB-CONSTRUCTION
信息安全培训检测