恶意网站可利用这个新漏洞拖垮Win7和Win8电脑

这个月对于Windows 7用户来说真是糟透透顶。到处传播的WannaCry勒索病毒让大多数Windows 7电脑受到影响。现在,人们又发现了一种新的漏洞,它可以拖慢甚至拖垮Windows 7和Windows 8电脑。

据悉,这个漏洞允许邪恶网站在目录路径载入带有$MFT”名称的图片。Windows利用$MFT来指代NTFS文件系统使用的特殊元数据文件。Windows 7和Windows 8均无法正确地处理这个目录名称。

科技媒体网站The Verge利用默认IE浏览器在一台Windows 7电脑上测试过这个漏洞。它发现,在使用文件名中带有c:\$MFT\123”的文件时,这台电脑的速度逐步变慢,最后竟然到了非重启电脑不可的地步。有些电脑最后甚至可能会出现蓝屏,因为NTFS文件系统会被锁定到那个c:\$MFT\123”文件上,所有其他应用程序都无法访问系统文件。

但是,这个奇怪的漏洞并不会影响Windows 10用户。它与Windows 95和Windows 98出现的漏洞很相似。在Windows 95和Windows 98中,只要出现带有c:\con\con”的文件,电脑就会崩溃。

这种NTFS文件系统漏洞是在本周早些时候被发现的,而且已被报告给了微软。现在尚不清楚微软是否已针对这个漏洞提出了相应的解决方案。我们只知道这个漏洞会影响Windows Vista(微软已停止支持这个系统)、Windows 7和Windows 8电脑。

网络安全短片之办公室区域环境安全意识
(责任编辑:安博涛)

互联网罪犯开始利用云来发动攻击,安全专家警告说,移动设备在组织中的广泛应用使攻击者不再必要费力直接攻击组织,而只需要攻击您的设备。

近几年,由于信息安全事件的频繁发生,造成的危害和损失也是越来越大,国家对信息安全也就更加重视。

猜您喜欢

云计算和移动应用给IT安全人员带来的职业发展启示
金融服务行业要加强员工安全意识培训
网络安全法宣传视频系列001《网络安全法》背景知识
刘永宏公益爱心惠及十万多近视孩子
DAXON HEBRAEISCHKURS
网络安全公益短片防范社工电话诈骗

Linux终端下 dstat 监控工具

dstat 是一个可以取代vmstat,iostat,netstat和ifstat这些命令的多功能产品。dstat克服了这些命令的局限并增加了一些另外的功能,增加了监控项,也变得更灵活了。dstat可以很方便监控系统运行状况并用于基准测试和排除故障。

美国NSA对互联网通讯的恶意监控让全球各国政府什么担心数据和通讯的安全问题。
dstat可以让你实时地看到所有系统资源,例如,你能够通过统计IDE控制器当前状态来比较磁盘利用率,或者直接通过网络带宽数值来比较磁盘的吞吐率(在相同的时间间隔内)。
dstat将以列表的形式为你提供选项信息并清晰地告诉你是在何种幅度和单位显示输出。这样更好地避免了信息混乱和误报。更重要的是,它可以让你更容易编写插件来收集你想要的数据信息,以从未有过的方式进行扩展。
Dstat的默认输出是专门为人们实时查看而设计的,不过你也可以将详细信息通过CSV输出到一个文件,并导入到Gnumeric或者Excel生成表格中。
特性
结合了vmstat,iostat,ifstat,netstat以及更多的信息
实时显示统计情况
在分析和排障时可以通过启用监控项并排序
模块化设计
使用python编写的,更方便扩展现有的工作任务
容易扩展和添加你的计数器(请为此做出贡献)
包含的许多扩展插件充分说明了增加新的监控项目是很方便的
可以分组统计块设备/网络设备,并给出总数
可以显示每台设备的当前状态
极准确的时间精度,即便是系统负荷较高也不会延迟显示
显示准确地单位和和限制转换误差范围
用不同的颜色显示不同的单位
显示中间结果延时小于1秒
支持输出CSV格式报表,并能导入到Gnumeric和Excel以生成图形
安装方法
Ubuntu/Mint和Debin系统:
本地软件库中有相关安装包,你可以用下面命令安装:
# sudo apt-get install dstat
RHEL/Centos和Fedora系统:
你可以在romforge软件库中添加有相关安装包,参照指导,使用如下命令很简单就能进行安装:
# yum install dstat
ArchLinux系统:
相关软件包在社区资源库中,你可以用这个命令来安装:
# pacman -S dstat
使用方法
dstat的基本用法就是输入dstat命令,输出如下:
这是默认输出显示的信息:
CPU状态:CPU的使用率。这项报告更有趣的部分是显示了用户,系统和空闲部分,这更好地分析了CPU当前的使用状况。如果你看到”wait”一栏中,CPU的状态是一个高使用率值,那说明系统存在一些其它问题。当CPU的状态处在”waits”时,那是因为它正在等待I/O设备(例如内存,磁盘或者网络)的响应而且还没有收到。
磁盘统计:磁盘的读写操作,这一栏显示磁盘的读、写总数。
信息安全意识教育案例之商业黑客参与搜索引擎专利大战
网络统计:网络设备发送和接受的数据,这一栏显示的网络收、发数据总数。
分页统计:系统的分页活动。分页指的是一种内存管理技术用于查找系统场景,一个较大的分页表明系统正在使用大量的交换空间,或者说内存非常分散,大多数情况下你都希望看到page in(换入)和page out(换出)的值是0 0。
系统统计:这一项显示的是中断(int)和上下文切换(csw)。这项统计仅在有比较基线时才有意义。这一栏中较高的统计值通常表示大量的进程造成拥塞,需要对CPU进行关注。你的服务器一般情况下都会运行运行一些程序,所以这项总是显示一些数值。
默认情况下,dstat每秒都会刷新数据。如果想退出dstat,你可以按”CTRL-C”键。
需要注意的是报告的第一行,通常这里所有的统计都不显示数值的。
这是由于dstat会通过上一次的报告来给出一个总结,所以第一次运行时是没有平均值和总值的相关数据。
但是dstat可以通过传递2个参数运行来控制报告间隔和报告数量。例如,如果你想要dstat输出默认监控、报表输出的时间间隔为3秒钟,并且报表中输出10个结果,你可以运行如下命令:
dstat 3 10
在dstat命令中有很多参数可选,你可以通过man dstat命令查看,大多数常用的参数有这些:
-l :显示负载统计量
-m :显示内存使用率(包括used,buffer,cache,free值)
-r :显示I/O统计
-s :显示交换分区使用情况
-t :将当前时间显示在第一行
–fs :显示文件系统统计数据(包括文件总数量和inodes值)
–nocolor :不显示颜色(有时候有用)
–socket :显示网络统计数据
–tcp :显示常用的TCP统计
–udp :显示监听的UDP接口及其当前用量的一些动态数据
当然不止这些用法,dstat附带了一些插件很大程度地扩展了它的功能。你可以通过查看/usr/share/dstat目录来查看它们的一些使用方法,常用的有这些:
-–disk-util :显示某一时间磁盘的忙碌状况
-–freespace :显示当前磁盘空间使用率
-–proc-count :显示正在运行的程序数量
-–top-bio :指出块I/O最大的进程
-–top-cpu :图形化显示CPU占用最大的进程
-–top-io :显示正常I/O最大的进程
-–top-mem :显示占用最多内存的进程
举一些例子:
显示系统负载:
显示内存使用情况:
查看全部内存都有谁在占用:
dstat -g -l -m -s –top-mem
显示一些关于CPU资源损耗的数据:
dstat -c -y -l –proc-count –top-cpu
如何输出一个csv文件
想输出一个csv格式的文件用于以后,可以通过下面的命令:
# dstat –output /tmp/sampleoutput.csv -cdn
大多数的黑客行为、病毒、蠕虫等的泛滥都源自于系统安全漏洞没能及时得到修复,而被攻击者恶意利用,我们要加强教育员工及时修复漏洞或弱点的重要性。

猜您喜欢

异地在杭商会凝聚新杭商力量
网络安全形势严峻导致投资转向安全意识教育
Security-Frontline-安全前线
网友放水灯许愿却召唤出神龙
SERAB NATEDSANDERS
一分钟快速了解基础信息安全理念

StarHub buys controlling stake in Accel in cybersecurity boost

StarHub says it plans to acquire a 51 percent stake in Accel Systems & Technologies as part of efforts to boost its cybersecurity offerings.
Latest news on Asia
Apple opens first Southeast Asia store in Singapore
数据泄露与投机者的悲哀,劝投机者不要腐蚀官员,不要收买内幕信息,怎么可能呢?要么从制度上进行操作,打消特权和时间差,第一时间向所有人公开这些数据;要么加强安全保密意识教育,封住掌握更多信息的官员的泄密源头,这才是上策。
Chromebooks, detachables, and gaming PCs boost Lenovo results
DJI Spark is a palm-sized drone available for $499
Samsung resumes Brazil tech startup program
iPhone sales nose-diving in China could be really bad for Apple
In an all-cash deal worth S$19.38 million (US$13.99 million), the deal was estimated to close by mid-June, subject to the fulfilment of terms and conditions. The Singapore telco added that it would the acquisition would enable the company to augment the research and development capabilities of its Cyber Security Centre of Excellence in developing and localising cybersecurity tools.
During the launch of the centre last May, StarHub had inked partnerships with several industry players and local tertiary institutions including Blue Coat, Fortinet, and Republic Polytechnic. The Singapore telco said the Accel acquisition would not impact its existing partnerships in cyber threat monitoring, internet clean pipe, unified threat management.
It said Singapore-based Accel specialised in security products, consulting, and managed services. Following the merger, the company would operate as an independent subsidiary and retain its existing management team.
StarHub CEO Tan Tong Hai said the acquisition would enable the carrier to offer a “full spectrum” of cybersecurity products and services.
The Singapore telco in October 2016 said it had suffered distributed denial-of-service (DDoS) attacks on its Domain Name Servers (DNS), which it said caused two service outages. This was later found to be inaccurate and the outages were, in fact, the result of a surge in legitimate DNS requests.
1分钟的信息安全意识动画教程,包括信息安全注意事项及十字安全歌谣,白板动漫,让信息安全知识变得更有趣味。

Local ICT regulator Infocomm Media Development Authority (IMDA) and cybersecurity lead, Cyber Security Agency of Singapore (CSA), helped investigate the October 2016 incidents and determined the disruptions were due to the inability of StarHub’s DNS servers to handle the high volume of web requests.
Both government agencies said they highlighted areas of improvement in the telco’s home broadband network infrastructure and steps were taken to mitigate further risks, including boosting its home broadband DNS server capacity and enhancing traffic monitoring.
金融界安全现状令人担忧,调查称纳斯达克安全措施松懈,没有及时安装更新导致遭受网络攻击,对于所有行业,计算机安全都是一个令人挠头的问题。

猜您喜欢

河池市公安派出所消防监督管理信息化工作现场会在环江召开
职业健康、环境保护、安全生产
网络安全法视频宣传片 第二集 国家网络安全的现状与重要性概述
美军半月内3次遭解放军打脸并非变弱了 原因竟是这样
MARKETSTOCKTIPS MILNIX
信息安全培训检验

Health, personal records of 2,500 Arizona families with newborns lost

Ken Alltucker reports:
State health officials have warned 2,500 individuals and families with newborns that a box containing sensitive health, financial and personal information has been lost in the mail.
网络安全公益短片防范社工电话诈骗
The Arizona Department of Health Services said its newborn-screening program gathered the information for billing purposes.

The misplaced records may include health information for children tested in the program and their mothers, as well as their addresses, birth dates, health-insurance records, names, phone numbers and Social Security numbers.
打错地址很容易导致电子邮件泄露,我们需要加强邮件安全方面的意识教育,保障机密信息得以加密,让用户在发邮件之前进行必要的检查,并且设定相应的免责声明等。
Read more on Arizona Republic.
很多企业的日常工作很难脱离开计算机而独立运行,而垃圾邮件、病毒、间谍软件和不适内容已经成为黑客入侵企业网络盗取商业机密的重要手段,这就使得安全意识薄弱的员工很容易遭受攻击,不仅直接消耗了企业带宽资源,最终会影响企业发展。

猜您喜欢

本溪烟道钢结构防腐施工表面处理方法
安全基础理论课程助力培养全民网络安全意识
网络安全法网络宣传片 002 国家网络安全的现状与重要性概述
台湾真人版蛇姬晒新照:闺房秀大长腿
DIGITALSIGNAGETODAY THEHUIN
网络安全公益短片防范移动僵尸网络

Beacon Health System notifies 1,200 patients of employee wrong-doing

SOUTH BEND, INDIANA – May 26, 2017 – Although unaware of any actual or attempted fraudulent misuse of patient information, Beacon Health System (“Beacon”) is notifying approximately 1,200 patients that records were accessed without proper authorization by a former employee.
What Happened? After an audit of an employee access to medical records, Beacon discovered, on or around March 30, 2017, that an employee accessed some patient records without authorization between March of 2014 to March of 2017. Beacon immediately launched an investigation to determine the scope and nature of this incident. When interviewed, the employee admitted that certain patient medical record files were accessed out of curiosity after patient Emergency Room visits. While the employee may have had authorization to view records in certain circumstances, the employee viewed patient records without a permissible reason. The employee denied taking or misusing any information, and we have no evidence that any information was used to commit fraud or otherwise misused. This investigation involved the assistance of a third-party forensic investigation firm.
What Information Was Involved? While our investigation is ongoing, to date, we have no evidence of any actual or attempted misuse of patient information as a result of this incident. The information affected may include the following patient information: first and last name; Social Security number; age; diagnosis; room number; acuity of illness; chief complaint; and potentially financial account information and/or health insurance coverage information.
What We Are Doing. The confidentiality, privacy, and security of our patient health information is one of our highest priorities. We have stringent security measures in place to protect the security of information in our possession. Beacon is reviewing employee training curriculum and is implementing new procedures to reduce the likelihood that an incident like this will happen in the future. While we are unaware of any actual or attempted misuse of patient information, we are offering complimentary access to 12 months of free identity monitoring and identity restoration services with Experian. We are also notifying the U.S. Department of Health and Human Services (HHS) of this incident.
There are additional actions individuals can consider taking to reduce the chances of identity theft or fraud. Please refer to www.experian.com/fraudresolution for this information.
To further protect against possible identity theft or other financial loss, we encourage individuals to remain vigilant, to review their account statements, and to monitor their credit reports for suspicious activity. Under U.S. law, individuals are entitled to one free credit report annually from each of the three major credit bureaus. To order a free credit report, visit www.annualcreditreport.com or call, toll-free, 1-877-322-8228. Individuals may also contact the three major credit bureaus directly to request a free copy of their credit report.
We recommend that individuals regularly review any Explanation of Benefits statements that they receive from their insurer. If individuals see any service that they believe they did not receive, they should contact the insurer at the number on the statement. If individuals do not
receive regular Explanation of Benefits statements, contact the insurer and request that they send such statements following the provision of services in their name or number.
Individuals may want to order copies of their credit reports and check for any items or medical bills that they do not recognize. If they find anything suspicious, they can call the credit reporting agency at the phone number on the report. We advise individuals to keep a copy of this notice for their records in case of future problems with their records. Individuals may also want to request a copy of their medical records from their provider, to serve as a baseline.
At no charge, individuals can also have these credit bureaus place a “fraud alert’ on their file that alerts creditors to take additional steps to verify an individual’s identity prior to granting credit in their name. Note, however, that because it tells creditors to follow certain procedures to protect individuals, it may also delay their ability to obtain credit while the agency verifies their identity. As soon as one credit bureau confirms an individual’s fraud alert, the others are notified to place fraud alerts on their file. Should individuals wish to place a fraud alert, or should they have any questions regarding their credit report, they may contact any one of the agencies listed below.
Equifax
欧盟已经立法要求网站提示访客其Cookie搜集情况,美国也很注重保护用户的个人隐私,我们要奋起真追,做文明的互联网服务商,给用户足够的个人信息搜集方面的知情权。
P.O. Box 105069 Atlanta, GA 30348 800-525-6285 www.equifax.com
Experian
P.O. Box 2002 Allen, TX 75013 888-397-3742 www.experian.com
TransUnion
P.O. Box 2000
Chester, PA 19022-2000 800-680-7289 www.transunion.com
Individuals may also place a security freeze on their credit reports. A security freeze prohibits a credit bureau from releasing any information from a consumer’s credit report without the consumer’s written authorization. However, please be advised that placing a security freeze on a credit report may delay, interfere with, or prevent the timely approval of any requests an individual makes for new loans, credit mortgages, employment, housing or other services. Indiana residents can request a credit freeze free of charge. There is no fee for Indiana residents to place, temporarily lift, remove, or request a new password or PIN.
If an individual have been a victim of identity theft, and they provide the credit bureau with a valid police report, it cannot charge them to place, lift or remove a security freeze. In all other cases, a credit bureau may charge someone a fee to place, temporarily lift, or permanently remove a security freeze. Individuals will need to place a security freeze separately with each of the three major credit bureaus listed above if they wish to place the freeze on all of their credit files.
To find our more on how to place a security freeze, they can use the following contact information:

Equifax Security Freeze P.O. Box 105788 Atlanta, GA 30348 1-800-685-1111
(NY residents please call 1-800-349-9960) www.equifax.com/help/credit- freeze/en_cp
Experian Security Freeze
LMS学习管理系统管理员快速操作指南
P.O. Box 9554
Allen, TX 75013
1-888-397-3742 www.experian.com/freeze/center.html
TransUnion
P.O. Box 2000 Chester, PA 19022- 2000
800-680-7289 www.transunion.com
For Indiana Residents – Protected Person Security Freeze
As part of an ongoing effort by the Attorney General’s Office to help consumers protect themselves from identity theft and safeguard their credit, the Legislature in 2014 passed a new state law, Senate Enrolled Act 394 of 2014, creating the Protected Person Security Freeze. Because identity thieves could attempt to steal the information of individuals such as children or disabled adults who have clean credit history in order to assume their identities and perpetrate fraud, the 2014 law offers a security freeze for protected consumers, similar to the credit freeze for adults. Parents can use it to protect their children from identity theft even if the minors don’t have credit yet. For mentally disabled adults who also should be protected against identity theft, their legal guardians can register them for the security freeze.
Below are links to the three credit bureaus’ Protected Person Security Freeze sites. For the free service, each of the three credit bureaus requires that consumers register a minor or a protected consumer in writing, by mail, rather than online. And each credit bureau has a slightly different format for registering for a security freeze for a minor or other protected consumer, so read the directions carefully.
Equifax
Directions for registering for a credit freeze for a minor or protected person from Equifax are at this link:
http://bit.ly/1rIFEKY
Experian
At this link, scroll down to the final two paragraphs on the Experian page for information on a security freeze for a protected consumer: https://www.experian.com/consumer/help/states/in.html
TransUnion
Directions for registering for a credit freeze for a minor or protected person from TransUnion are at this link: http://www.transunion.com/personal-credit/credit-disputes/ProtectedConsumers.page
Consumers who have questions about the Protected Person Security Freeze can contact the Attorney General’s Consumer Protection Division.
Individuals can further educate themselves regarding identity theft, fraud alerts, security freezes, and the steps they can take to protect themselves, by contacting their state Attorney General or the Federal Trade Commission. The Federal Trade Commission also encourages those who discover that their information has been misused to file a complaint with them. The Federal Trade Commission can be reached at: 600 Pennsylvania Avenue, NW, Washington, DC 20580; www.ftc.gov/idtheft; 1-877-ID-THEFT (1-877-438-4338); and TTY: 1-866-653-4261. Individuals should report known or suspected identity theft or fraud to law enforcement, the FTC, and their state Attorney General.
For More Information. We recognize individuals may have questions that are not answered in this letter. We have established a toll-free hotline to assist them with questions regarding this incident. This hotline can be reached at (888) 729-1602 Monday through Friday from 9:00 a.m. to 9:00 p.m. EST.
SOURCE: Beacon Health System
道高一尺,魔高一丈,除了加强技术防范机制之外,“鱼儿”对安全的疏忽大意,才是成功被钓的关键原因。不断加强人员的信息安全意识培训,才是最佳防范措施。

猜您喜欢

信息安全知识考卷
中联重科与新快报陈永洲事件背后的信息安全思考
Security-Frontline-安全前线
英国居民家中惊现白额高脚蛛 和男性手掌一样大
KOLELKETAB KTVINTAGECARS
网络信息安全好歌曲

FTC: It Takes Criminals Just 9 Minutes to Use Stolen Consumer Info

FTC: It Takes Criminals Just 9 Minutes to Use Stolen Consumer InfoFederal Trade Commission experiment lured hackers to learn about how they use stolen consumer information.The Federal Trade Commission (FTC)’s Office of Technology conducted an experiment to learn how hackers use stolen information. Experts created a database of fake consumer credentials and posted them twice on a site that hackers use to make stolen data public.
This false information was made realistic by using popular names based on Census data, US-based addresses and phone numbers, common email address naming strategies, and one of three types of payment info (online payment service, bitcoin wallet, and credit card). Following the second posting of fake data, it took hackers just nine minutes to try and access it.
报喜鸟控股股份有限公司关于深圳证券交易所对公司2016年年报问…

There were more than 1,200 attempts to access the information, which hackers tried to use to pay for things like food, clothing, games, and online dating memberships. The FTC advises consumers to stay safe with two-factor authentication, which prevented the thieves from gaining access.
多家网络银行遭受分布式拒绝服务攻击,黑客显然是懂得些业务安全的,攻击很容易造成业务链如电子银行和网上交易的中断。
Read more details here.
如果电子邮件的邮件包含有下列短语,则它极有可能是一个诈骗陷阱。1.我们需要验证您的帐户信息。2.如果您不马上回复,您的帐户可能被取消。3.点击如下链接更新您的帐户信息。

猜您喜欢

北京印刷学院2017年录取政策微调 新增信息安全专业
隆重推荐4999元的信息安全意识课件——安全前线
网络安全法动漫宣传片 002 国家网络安全的现状与重要性概述
归隐农村住窑洞的美女作家
CIVIC-CLUB HOTSRDA
大数据的成功关键在公众安全信心