当全球忙于应对自动传播的WannaCry勒索软件所带来的威胁时 ,维基解密发布了“Vault 7”(第七号保险库)的新一轮中央情报局(CIA)机密信息,详细介绍了CIA明显针对微软的Windows平台的恶意软件框架。 这两个恶意软件框架名为“AfterMidnight”(“午夜之后”)和“Assassin”(“暗杀者”),主要用于监控和上报运行Windows操作系统的受感染远程计算机上的行动,并执行CIA下达的恶意行动。 自三月以来,维基解密已发布几十万份文档和机密的黑客工具,并宣称这些文档和工具来自CIA。本轮信…
E安全5月17日讯 ProofPoint公司的安全专家们发现,相当一部分设备之所以未受WannaCry影响,是因为其已经被Adylkuzz成功感染。 近期引发轩然大波的WannaCry勒索软件攻击事件并非首例与美国NSA“永恒之蓝”及“双脉冲星”黑客工具相关的安全问题。 Adylkuzz才是WannaCry勒索软件的大哥 Proofpoint公司的研究人员们已经发现,隐藏式矿工Adylkuzz才是首例利用永恒之蓝触发服务器消息块(简称SMB)协议内安全漏洞的实际威胁。 该僵尸网络利用永恒之蓝漏洞以提升恶意软件传播能…
全国人大常委会5月16日在中国人大网官网公布《中华人民共和国国家情报法(草案)》全文,公开征求意见,意见截止日期为2017年6月4日。 2016年12月19日在十二届全国人大常委会第二十五次会议上首次审议了国家情报法草案,全国人大常委会2017年立法工作计划中明确了将在2017年6月召开的全国人大常委会继续审议国家情报法。 草案全文共计五章28个条文,主要内容是明确了国家情报工作的任务和体制机制,明确了国家情报工作机构的职权,明确了国家情报工作保障,明确对国家情报工作的规范和监督。 该草案声明中写道:“国家情报工作…
北京时间5月12日以来,互联网上出现了针对Windows操作系统的Wannacry勒索软件蠕虫大范围感染事件,并在5月13日出现了传播感染高峰期,对我国互联网络构成较为严重的安全威胁。在经过突发重大网络安全事件应急协调处置工作后,5月14日下午以后Wannacry勒索软件蠕虫在全网的传播趋势已得到有效控制,但仍应保持高度关注。 通过对 Wannacry蠕虫所发动的SMB漏洞攻击态势的持续监测,CNCERT 发现自5月13 日至 5 月 14 日,发起 SMB 漏洞攻击尝试的主机(很可能已被Wannacry蠕虫感染)…
由工业和信息化部指导,国家互联网应急中心和中国通信学会联合主办,中国电子学会、中国互联网协会网络与信息安全工作委员会和中国通信学会通信安全技术委员会协办的2017中国网络安全年会(第14届)将于5月22日-24日在山东青岛举办。22日将举行第二届CNCERT国际合作论坛暨FIRST技术研讨会。 据组委会介绍,第二届CNCERT国际合作论坛暨FIRST技术研讨会面向2017中国网络安全年会的所有参会代表开放,与国际事件应急响应与安全组织(FIRST)成员、亚太地区计算机应急响应组织(APCERT)成员、东盟各国CER…
2017年5月17日,中国互联网协会、国家互联网应急中心在京联合发布《中国移动互联网发展状况及其安全报告(2017)》,这是国内针对中国移动互联网发展状况及其安全的顶级、专业、权威的研究报告,报告对中国移动互联网发展状况、移动互联网安全态势情况及移动互联网治理情况等方面进行了全面、综合、深入地统计、分析和研究。报告显示,在国家大力实施创新驱动发展、互联网+、宽带中国及大众创业、万众创新等战略下,中国移动互联网发展呈现出以下特征和趋势(根据CNCERT抽样监测结果统计)。 2016年中国境内活跃的手机上网码号数量达1…
漏洞类别:CGI 漏洞等级: 漏洞信息 Apache Hadoop is an open-source software framework used for distributed storage and processing of big data sets using the MapReduce programming model. Apache Hadoop versions prior to 2.7.0 contain the following vulnerabilities: CVE-2017-316…
漏洞类别:Fedora 漏洞等级: 漏洞信息 Fedora has released security update for kernel to fix the vulnerability. Affected OS: Fedora 25 漏洞危害 This vulnerability could be exploited to gain complete access to sensitive information. Malicious users could also use this vulnerabilit…
漏洞类别:Fedora 漏洞等级: 漏洞信息 Fedora has released security update for kernel to fix the vulnerability. Affected OS: Fedora 24 漏洞危害 This vulnerability could be exploited to gain complete access to sensitive information. Malicious users could also use this vulnerabilit…
漏洞类别:Fedora 漏洞等级: 漏洞信息 Fedora has released security update for libplist to fix the vulnerability. Affected OS: Fedora 24 Fedora 25 漏洞危害 This vulnerability can also be used to cause a limited denial of service in the form of interruptions in resource availabili…
漏洞类别:Fedora 漏洞等级: 漏洞信息 Fedora has released security update for mediawiki to fix the vulnerability. Affected OS: Fedora 25 漏洞危害 Successful exploitation allows attacker to compromise the system. 解决方案 Fedora has issued updated packages to fix this vulnerability. …
漏洞类别:Fedora 漏洞等级: 漏洞信息 Fedora has released security update for freetype to fix the vulnerability. Affected OS: Fedora 25 漏洞危害 This vulnerability could be exploited to gain partial access to sensitive information. Malicious users could also use this vulnerabili…
漏洞类别:Fedora 漏洞等级: 漏洞信息 Fedora has released security update for ghostscript to fix the vulnerability. Affected OS: Fedora 24 漏洞危害 This vulnerability can also be used to cause a limited denial of service in the form of interruptions in resource availability. 解决方…
漏洞类别:Fedora 漏洞等级: 漏洞信息 Fedora has released security update for php-horde-ingo to fix the vulnerability. Affected OS: Fedora 25 Fedora 24 漏洞危害 Successful exploitation of the vulnerability allows XSS attacks. 解决方案 Fedora has issued updated packages to fix this v…
漏洞类别:Fedora 漏洞等级: 漏洞信息 Fedora has released security update for thunderbird to fix the vulnerability. Affected OS: Fedora 25 漏洞危害 An attacker may exploit this issue to crash the affected application, resulting in a denial-of-service condition. 解决方案 Fedora has i…
漏洞类别:Fedora 漏洞等级: 漏洞信息 Fedora has released security update for kernel to fix the vulnerability. Affected OS: Fedora 25 漏洞危害 This vulnerability could be exploited to gain complete access to sensitive information. Malicious users could also use this vulnerabilit…
漏洞类别:Fedora 漏洞等级: 漏洞信息 Fedora has released security update for kernel to fix the vulnerability. Affected OS: Fedora 24 漏洞危害 This vulnerability could be exploited to gain complete access to sensitive information. Malicious users could also use this vulnerabilit…
漏洞类别:Fedora 漏洞等级: 漏洞信息 Fedora has released security update for xen to fix the vulnerability. Affected OS: Fedora 25 漏洞危害 Successful exploitation allows attacker to compromise the system. 解决方案 Fedora has issued updated packages to fix this vulnerability. Update…
漏洞类别:Fedora 漏洞等级: 漏洞信息 Fedora has released security update for xen to fix the vulnerability. Affected OS: Fedora 24 漏洞危害 Successful exploitation allows attacker to compromise the system. 解决方案 Fedora has issued updated packages to fix this vulnerability. Update…
漏洞类别:Fedora 漏洞等级: 漏洞信息 Fedora has released security update for radicale to fix the vulnerability. Affected OS: Fedora 24 Fedora 25 漏洞危害 This vulnerability could be exploited to gain partial access to sensitive information. 解决方案 Fedora has issued updated packag…
漏洞类别:Fedora 漏洞等级: 漏洞信息 Fedora has released security update for python-fedora to fix the vulnerability. Affected OS: Fedora 25 漏洞危害 解决方案 Fedora has issued updated packages to fix this vulnerability. Updates can be installed using the yum utility, which can be d…
漏洞类别:Fedora 漏洞等级: 漏洞信息 Fedora has released security update for git to fix the vulnerability. Affected OS: Fedora 25 漏洞危害 Successful exploitation allows attacker to compromise the system. 解决方案 Fedora has issued updated packages to fix this vulnerability. Update…
漏洞类别:Fedora 漏洞等级: 漏洞信息 Fedora has released security update for kf5-kauth to fix the vulnerability. Affected OS: Fedora 25 Fedora 24 漏洞危害 Successful exploitation of the vulnerability allows local privilege escalation. 解决方案 Fedora has issued updated packages to …
漏洞类别:Fedora 漏洞等级: 漏洞信息 Fedora has released security update for kdelibs to fix the vulnerability. Affected OS: Fedora 25 漏洞危害 Successful exploitation of the vulnerability allows local privilege escalation. 解决方案 Fedora has issued updated packages to fix this vul…
漏洞类别:Fedora 漏洞等级: 漏洞信息 Fedora has released security update for openvpn to fix the vulnerability. Affected OS: Fedora 25 漏洞危害 Successful exploitation of the vulnerability allows denial of service attacks. 解决方案 Fedora has issued updated packages to fix this vuln…