Security_News/해외보안소식 썸네일형 리스트형 malware that went straing for victims money Malware that Went Straight for Victims MoneyWith all the media and security research attention in 2013 being focused on the targeted attack phenomenon and the growth in the numbers and type of organisations falling victim to these attacks, you could be thinking that traditional end-user level attack campaigns are on the wane. You’d be wrong, very wrong. Cybercriminals are still following the mon.. 더보기 에너지 산업분야 대상 표적공격 시도 증가 Symantec 社, 에너지 산업분야를 대상으로 하는 표적공격 시도 증가2014.03.06개요최근 시만택(Symantec)社는 해커의 공격 타켓으로 급부상하는 에너지 산업분야에 대한 표적 공격 (Targeted Attack) 동향 및 분석보고서를 발표함 (2014.1.13)표적 공격(Targeted Attack) : APT(Advanced Persistent Attack) 공격의 한 유형으로, 특정인을 대상으로 기밀정보 유출, 악의적인 명령 수행 등을 위한 공격기법주요 내용최근 국가 핵심 인프라 중 하나인 에너지 산업은 최근 스마트 그리드(SmartGrid), 스마트 미터(SmartMeter) 등이 차세대 에너지 산업 발전을 이끌어 갈 핵심 기술로 자리 잡으면서, 이를 겨낭한 사이버 공격이 증가하고 있으.. 더보기 구글검색 암호화 구글, 검색 암호화 정부의 첩보기관, 사법기관 및 공격자들의 감시를 예방하고 프라이버시 기술을 강화하기 위해, 구글은 디폴트로 웹 검색을 암호화한다고 밝혔다. 이 번 조치로 사용자가 특정 민감한 키워드로 검색을 하더라도 탐지할 수 없게 된다. 또한 이 번 조치로 사람들의 활동을 도청하는 것으로 알려진 국가의 정부는 온라인 감시를 더욱 어렵게 된다. http://www.washingtonpost.com/blogs/the-switch/wp/2014/03/12/google-is-encrypting-search-worldwide-thats-bad-for-the-nsa-and-china/ 더보기 신용카드 칩 채택만으로 보안강롸 안되 신용카드 칩 채택만으로 보안강화 안돼 미국 국가소매기업협회(NRF)은 마스터카드 및 비자가 EMV 칩을 채택한다는 계획에 대해서 유감을 표명하였다. 이번 성명은 결제 카드 및 거래의 보안성을 강화하기 위해 칩-PIN 기술을 채택해야 한다고 주장한 것이다. 칩-PIN은 전 세계에서 많은 국가에서 사용되고 있으나, 미국은 아직 이 기술을 채택하지 않고 있다. http://www.scmagazine.com/mastercard-visa-to-push-emv-nfr-calls-for-use-of-pins/article/338019/ 미국 NRF 성명: http://www.nrf.com/modules.php?name=News&op=viewlive&sp_id=1781 더보기 Missed Alarms and 40 Million Stolen Credit Card Numbers: How Target Blew It (Corrects to identify Romania in a map accompanying the story.)The biggest retail hack in U.S. history wasn’t particularly inventive, nor did it appear destined for success. In the days prior to Thanksgiving 2013, someone installed malware in Target’s (TGT) security and payments system designed to steal every credit card used at the company’s 1,797 U.S. stores. At the critical moment—when the Ch.. 더보기 Intelligence Analysts Dissect the Headlines: Russia, Hackers, Cyberwar! Not So Fast. Intelligence Analysts Dissect the Headlines: Russia, Hackers, Cyberwar! Not So Fast.Claims of cyber attacks, website defacements, sophisticated Russian malware, and even “cyberwar” have hit front pages since the conflict in Crimea heated up. With all the noise, it’s hard to know what has actually occurred, and even tougher to interpret the consequences of the potential activity.Here’s our take o.. 더보기 From Windows to Droids: An insight in to multi vector attack mechanisms in RATs From Windows to Droids: An insight in to multi vector attack mechanisms in RATs FireEye recently observed a targeted attack on an US based financial institution via spear phishing email. The payload used in this campaign is a tool called WinSpy, which is sold by the author as a spying and monitoring tool. The features in this tool resemble that of many other off-the-shelf RATs (Remote Administra.. 더보기 말레이시아 항공기실종을 악용한 scam 주의 he Websense® ThreatSeeker® Intelligence Cloud has observed Facebook-themed scams using news of the missing Malaysia Airlines MH370 flight as a lure. Legitimate news sources report that on March 8, 2014, the plane went missing over the South China Sea. The lure websites have been configured to appear like a legitimate Facebook page; complete with sharing button, suitable graphics, and relevant li.. 더보기 Scans for FCKEditor File Manager FCKEditor (now known as CKEditor [1]) is a popular full featured GUI editor many web sites use. For example, you frequently find it with blog systems like WordPress or as part of commenting/forum systems. As an additional feature, a filemanager can be added to allow users to upload images or other files. Sadly, while a very nice and functional plugin, this features if frequently not well secured.. 더보기 Agent.btz: a source of inspiration? The past few days has seen an extensive discussion within the IT security industry about a cyberespionage campaign called Turla, aka Snake and Uroburos, which, according to G-DATA experts, may have been created by Russian special services.One of the main conclusions also pointed out by research from BAE SYSTEMS, is a connection between the authors of Turla and those of another malicious program,.. 더보기 이전 1 ··· 181 182 183 184 185 186 다음