防范勒索软件的七种方法
当前,勒索软件已经成为重要的互联网地下黑色产业之一,企业、研究机构和个人都是勒索软件的攻击目标和勒索对象。面对这种勒索软件的攻击,安全专家提出了以下七条防范建议: 1. 安全意识培训 对员工和广大计算机用户进行持续的安全教育培训是十分必要的,应当让用户了解勒索软件的传播方式,如社交媒体、社会工程学、不可信网站、不可信下载源、垃圾邮件和钓鱼邮件等。通过案例教育使用户具备一定的风险识别能力和意识。 2....
View ArticleMicro-segmentation Protecting Advanced Threats Within The Perimeter
Micro-segmentation Changing with the times is frequently overlooked when it comes to data center security. The technology powering today’s networks has become increasingly dynamic, but most data center...
View ArticleMaking the High Security of Repeated Hashing Practical
Last week I explained how repeated hashing works . Our user Alice can prove that she knows her secret without exposing that secret, and the server can verify this without knowing what her secret is....
View ArticleCan Mr. Robot Attack your Data Center?
In the Mr. Robot Season 2 finale, we finally learn about phase 2 of the hack. Spoiler Alert: The hack is to overwrite firmware and cause a battery room in a data center to explode. The key to this...
View ArticleTIBCO CTO: API agility is a digital business responsibility
This is a guest post for the Computer Weekly Developer Network blog ‘penned’ by Maurizio Canton in his role as CTO for EMEA at TIBCO Software. Canton has been vocal on the ubiquity of Application...
View ArticleHow do you approach continuous security?
PromoEarlier this week we ran a live broadcast looking at how to build security into your application development process. You can watch ithere. The key theme was this: The world has moved on in terms...
View Article预警:Mac木马出新招,利用俄罗斯太空计划作诱饵
不管是电信诈骗,还是木马攻击,骗子总会想尽各种办法让你入坑。 近日,国外一家安全公司Palo Alto追踪到了一种新的Mac OS X 恶意木马病毒,这个恶意木马病毒利用俄罗斯太空计划做诱饵,在入侵装有Mac OS X 系统的电脑后,会自动保存一个声称与俄国太空计划有关的PDF文件,用户打开文件后就会中招。 | 利用流氓杀毒软件漏洞进行攻击...
View Article数据加密技术与密钥安全管理
单向散列加密 单向散列加密就是把任意长的输入消息串变化成固定长的输出串且由输出串难以得到输入串的一种加密算法。 常见单向散列函数: - MD5 (Message Digest Algorithm 5) - SHA (Secure Hash Algorithm) - MAC (Message Authentication Code) - CRC (Cyclic Redundancy Check)...
View Article电信诈骗猖獗:央行终于出手了!
据央行官方消息,9月29日,中国人民银行召开加强支付结算管理、防范电信网络新型违法犯罪全国电视电话会议,贯彻落实中央领导指示批示精神以及国务院打击治理电信网络新型违法犯罪工作部际联席会议第三次会议暨深入推进专项行动电视电话会议相关工作部署。 中国人民银行党委委员、副行长范一飞出席会议并讲话。...
View ArticleSad reality: Look, no one's going to patch their insecure IoT gear
If you think ordinary people are going to look out for and apply firmware fixes to patch vulnerabilities in the Internet of Things, you're crazy. It's going to be down to manufacturers to secure IoT...
View Article通付盾亮相国家网络安全宣传周 防范网络电信诈骗宣传巡回展
通付盾亮相国家网络安全宣传周 防范网络电信诈骗宣传巡回展 9 月 19 日,国家网络安全宣传周北京站系列活动之“防范网络电信诈骗宣传巡回展”于北京长安商场拉开帷幕。之后,宣传周巡回展又在商场、月坛公园、北京青年宫等北京市民主要活动区域相继亮相,为市民普及网络安全的相关知识。通付盾作为本次巡展活动的技术支持单位,与奇虎 360 等公司一道亮相宣传周巡展,向参展市民展示了防范网络电信诈骗的新技术、新方式...
View ArticleIs Biometrics Really Better?
Biometrics is a step forward, but it increases risks. What happens when the digital code for a fingerprint, iris scan, voice print or facial geometry is hacked? As organizations look to navigate out of...
View ArticleCritical Security Controls Could Thwart 70% of Cyber Attacks
Most cyber attacks could be avoided by adopting a list of Critical Security Controls that were created by the Center for Internet Security. Thats the message from Steve Mustard at his session at...
View ArticleMicrosoft's cloud dominance comes with a security risk
With each cloud vendor doing its utmost to shove more features into its offerings and tie them all together, are we looking at a new technology monoculture? That is, a community of computers that run...
View ArticleSSL 证书简介
(1) 执行命令 openssl genrsa -out my-private-key.pem 2048 ,通过RSA算法生成私钥,并保存在 my-private-key.pem 文件中。百度开放云支持1024、2048和4096 bits长度的私钥,建议使用2048 bits长度。 注意:请妥善保管私钥,避免遗失和泄露。 查看私钥文件的具体内容如下: -----BEGIN RSA PRIVATE...
View ArticleImageMagick远程执行漏洞分析及利用
1.1ImageMagick简介 1. ImageMagick简介 ImageMagick是一套功能强大、稳定而且开源的工具集和开发包,可以用来读、写和处理超过89种基本格式的图片文件,包括流行的TIFF、JPEG、GIF、 PNG、PDF以及PhotoCD等格式。利用ImageMagick,你可以根据web应用程序的需要动态生成图片,...
View ArticleSecurity: It might not be the outside world that's the largest threat to...
Image: iStock/LucasSG83 When IT professionals think of threats to their organizations the focus is usually put on the outside: hackers and malware are the main problem―right? A new report from cloud...
View ArticleKaramba Security raises $2.5 million to keep self-driving cars safe from hackers
A cybersecurity startup based in Hod Hasharon, Israel, Karamba Security , has raised $2.5 million in new series A funding to protects internet-connect cars and self-driving vehicles from hackers....
View Article三星:超过百万消费者正在使用安全的Galaxy Note 7智能手机
三星:超过百万消费者正在使用安全的Galaxy Note 7智能手机 1小时前来源:cnBeta 摘要:三星今天透露,世界各地的超过一百万客户现在正在使用安全的Galaxy Note 7智能手机。这其中包括更换安全电池之后的Galaxy Note 7以及出厂就安装有安全电池的Galaxy Note 7。一个月前,因为电池有可能起火,三星宣布在全球范围内召回250万台Galaxy Note 7。...
View ArticleMajority of enterprises admit they are vulnerable to insider threats
F-Secure The majority of enterprise players admit they are vulnerable to insider threats to their networks and a third have already become victims, according to new research. Insider threats are not...
View Article