| Posted by Mikko @ 17:27 GMT | Comments (2) | |
|
|
|
Here's an example that we saw today:
- Dec 04 Tue 2007 13:25
Merry Christmas and so on
Here's an example that we saw today:
- Dec 04 Tue 2007 13:22
Microsoft Report on IE Security Draws Mozilla Rebuttal
- Dec 04 Tue 2007 13:02
Gov Site Reinfested Due to Hosting Provider Sloppiness
- Dec 04 Tue 2007 12:00
[轉貼]保護IT系統的100個絕招
IT系統,無論是軟件還是硬件,都日益成為企業日常運作不可或缺的支撐。於是,如何保護IT系統,使其安全平穩運行,發揮其業務支撐作用,成為IT支持人員的必修課。本期,我們精選了十個應用面比較廣泛的領域
,介紹100個保護IT系統的方法,供讀者參考。
,介紹100個保護IT系統的方法,供讀者參考。
- Nov 29 Thu 2007 15:20
Top of SANS 2007 Internet Threats List: The Gullible
Humans have replaced buggy software to become the primary target of online crime, the SANS Institute concluded in its annual list of Internet security threats, released Nov. 27.
"This year for the first time we're reporting that one of the most critical risks is attacks against people, where attackers focus on executives," said Alan Paller, director of the SANS Institute, in a call with media following the posting of the list. In fact, spear-phishing executives and rich people even rated a new term in 2007: It's called "whaling," drawing on the Las Vegas habit of referring to rich gamblers as "whales."
"This year for the first time we're reporting that one of the most critical risks is attacks against people, where attackers focus on executives," said Alan Paller, director of the SANS Institute, in a call with media following the posting of the list. In fact, spear-phishing executives and rich people even rated a new term in 2007: It's called "whaling," drawing on the Las Vegas habit of referring to rich gamblers as "whales."
- Nov 28 Wed 2007 16:08
專家警告說明年Vista將成黑客眾矢之的
·專家警告說明年Vista將成黑客眾矢之的 ·索尼新款PSP遊戲機兩月銷量已達100萬
由於WindowsVista的運行速度落後於WindowsXP的速度,本週WindowsVista再次成為業界關注的焦點。安全專家分析認為,即將到來的新一年裡,WindowsVista操作系統將可能面臨更多更嚴重的惡意軟件攻擊。
由於WindowsVista的運行速度落後於WindowsXP的速度,本週WindowsVista再次成為業界關注的焦點。安全專家分析認為,即將到來的新一年裡,WindowsVista操作系統將可能面臨更多更嚴重的惡意軟件攻擊。
- Nov 27 Tue 2007 12:18
QuickTime新bug影響XP和Vista,暫無補丁
安全研究人員表示已經出現了針對Apple的QuickTime中存在的bug的攻擊代碼,並且補充道離針對XP和Vista的攻擊代碼已經不遠矣。但他們沒有透露Mac OS X平台的QuickTime播放器是否也存在同樣的隱患。
在QuickTime 7.2/7.3(有可能其他版本也受影響)中的高危漏洞存在于QuickTime處理即時流協定(RTSP)中,RTSP是一個音頻/視頻流標準。據賽門鐵克與美國電腦緊急回應組反映,攻擊者通過欺騙用戶訪問某個提供了特別修改過的視頻內容的惡意站點,或者引誘用戶打開電子郵件中修改過的QTL格式文件來實現攻擊。
在QuickTime 7.2/7.3(有可能其他版本也受影響)中的高危漏洞存在于QuickTime處理即時流協定(RTSP)中,RTSP是一個音頻/視頻流標準。據賽門鐵克與美國電腦緊急回應組反映,攻擊者通過欺騙用戶訪問某個提供了特別修改過的視頻內容的惡意站點,或者引誘用戶打開電子郵件中修改過的QTL格式文件來實現攻擊。
- Nov 27 Tue 2007 11:43
微軟Windows系統不安全隨機數生成器信息洩露漏洞
- Nov 27 Tue 2007 11:42
Wireshark 0.99.6 版本存在多個遠程拒絕服務漏洞
- Nov 27 Tue 2007 10:47
Securing Your Web Browser
Will Dormann and Jason Rafail
US-CERT
This paper will help you configure your web browser for safer internet surfing. It is written for home computer users, students, small business workers, and any other person who works with limited information technology (IT) support and broadband (cable modem, DSL) or dial-up connectivity. Although the information in this document may be applicable to users with formal IT support as well, organizational IT policies should supersede these recommendations.
US-CERT
This paper will help you configure your web browser for safer internet surfing. It is written for home computer users, students, small business workers, and any other person who works with limited information technology (IT) support and broadband (cable modem, DSL) or dial-up connectivity. Although the information in this document may be applicable to users with formal IT support as well, organizational IT policies should supersede these recommendations.
- Nov 26 Mon 2007 14:40
安全性不足引來黑手 工行電話銀行遭質疑
資料來源 北京新浪網 (2007-11-26 11:31)
http://news.sina.com.tw/tech/sinacn/cn/2007-11-26/113138209319.shtml
http://news.sina.com.tw/tech/sinacn/cn/2007-11-26/113138209319.shtml
- Nov 26 Mon 2007 14:26
避免企業個資外洩 加強防範SQL injection
中廣新聞網 (2007-11-26 13:38)
資料來源 http://news.sina.com.tw/life/bcc/tw/2007-11-26/133812768299.shtml
資料來源 http://news.sina.com.tw/life/bcc/tw/2007-11-26/133812768299.shtml
- Nov 26 Mon 2007 14:01
[大砲開講]高雄縣政府水利局網站被植入惡意連結
高雄縣政府水利局網站被植入惡意連結,最近有瀏覽這個網頁的網友 (最好認真檢查,因為它植入很多惡意檔案),應該要盡速檢查自己的電腦,請各位暫時不要瀏覽這個網站,以免中毒。
詳文請按 rogerspeaking.blogspot.com/2007/11/blog-post_344.html
詳文請按 rogerspeaking.blogspot.com/2007/11/blog-post_344.html
- Nov 26 Mon 2007 14:00
[大砲開講]女人國女性購物社群入口網站又被植入惡意連結
女人國女性購物社群入口網站又被植入惡意連結,此惡意程式為 Trojan-PSW.Win32.OnLineGames.dr,最近有瀏覽這個網頁的網友,應該要盡速檢查自己的電腦,請各位暫時不要瀏覽這個網站,以免中毒。
- Nov 26 Mon 2007 13:59
[大砲開講]台灣小冠鸚鵡俱樂部被植入惡意連結
台灣小冠鸚鵡俱樂部被植入惡意連結,此惡意程式為 TSPY_LINEAGE.GLP,最近有瀏覽這個網頁的網友,應該要盡速檢查自己的電腦,請各位暫時不要瀏覽這個網站,以免中毒。
