安全公司报告
文库搜索
切换导航
文件分类
频道
文件分类
批量下载
绿盟科技 安全事件响应观察报告 i g u th 5 b m o .c © 绿盟科技 关于绿盟科技 北京神州绿盟信息安全科技股份有限公司(简称绿盟科技)成立于 2000 年 4 月,总部位于北京。 在国内外设有 30 多个分支机构,为政府、运营商、金融、能源、互联网以及教育、医疗等行业用户, 提供具有核心竞争力的安全产品及解决方案,帮助客户实现业务的安全顺畅运行。 基于多年的安全攻防研究,绿盟科技在网络及终端安全、互联网基础安全、合规及安全管理 等领域,为客户提供入侵检测 / 防护、抗拒绝服务攻击、远程安全评估以及 Web 安全防护等产品 以及专业安全服务。 北京神州绿盟信息安全科技股份有限公司于 2014 年 1 月 29 日起在深圳证券交易所创业板上 市交易。 股票简称:绿盟科技 股票代码:300369 u th i g 特别声明 5 b 为避免合作伙伴及客户数据泄露,所有数据在进行分析前都已经过匿名化处理,不会在中 间环节出现泄露,任何与客户有关的具体信息,均不会出现在本报告中。 m o .c 安全事件响应观察报告 目录 1. 前言 ······································································································································································2 2. 网络安全形势分析 ················································································································································5 2.1 勒索软件仍是安全事件重点,并呈现家族化趋势 ················································································································ 8 2.1.1 勒索病毒家族类型增多,变种更新更加频繁 ········································································································································ 9 2.1.2 Windows 服务器需重点关注,跨平台勒索病毒开始出现 ·················································································································· 9 m o .c 2.1.3 RDP 弱口令暴力破解成为主流攻击方式 ·············································································································································10 2.1.4 病毒制作门槛降低,传播方式蠕虫化 ··················································································································································11 2.2 挖矿病毒利用多种漏洞传播 ··················································································································································· 12 2.2.1 WannaMine 挖矿病毒依然流行·····························································································································································12 2.2.2 门罗币成为挖矿病毒的首选币种 ··························································································································································12 5 b 2.3 网络威胁行业特征显著 ··························································································································································· 13 2.3.1 政府部门 Web 服务器成为攻击重点 ····················································································································································14 2.3.2 运营商需着重关注勒索软件、流量异常类安全事件 ··························································································································14 u th 2.3.3 金融机构已成为网络犯罪的主要目标 ··················································································································································15 2.3.4 企业的勒索事件占据绝对比重 ······························································································································································16 i g 2.4 脆弱系统将面临越来越多的攻击 ··········································································································································· 18 2.4.1 1Day 漏洞抢占肉鸡资源 ·········································································································································································18 2.4.2 NDay 漏洞持续威胁用户安全 ································································································································································19 2.4.3 弱口令仍是安全事件“高发地” ··························································································································································20 3. 安全处置建议 ····················································································································································21 4. 典型安全事件应急处置案例分析 ······················································································································23 4.1 勒索软件典型案例 ··································································································································································· 24 4.1.1 GlobeImposter 家族 ················································································································································································24 4.1.1.1 背景介绍 ·········································
绿盟 绿盟科技安全事件响应观察报告
文档预览
中文文档
53 页
50 下载
1000 浏览
0 评论
0 收藏
3.0分
赞助2.6元下载(无需注册)
温馨提示:本文档共53页,可预览 3 页,如浏览全部内容或当前文档出现乱码,可开通会员下载原始文档
下载文档到电脑,方便使用
赞助2.6元下载
本文档由 路人甲 于
2022-07-17 01:21:34
上传分享
举报
下载
原文档
(3.7 MB)
分享
友情链接
ISO TS 81001-2-1 2025 Health software and health IT systems safety effectiveness and security - Part 2-1 Coordination - Guidance for the use of assurance cases for safety and security.pdf
ISO TS 12025 2021 Nanomaterials — Quantification of nano-object release from powders by generation of aerosols.pdf
ISO-IEC 18046-5 2025 Information technology - Radio frequency identification device performance test methods - Part 5 Test methods for the environmental characteristics of RFID tags used in sporting g.pdf
ISO 20251 2016 Textile floor coverings — Water impermeability test.pdf
ISO-IEC 5259-5 2025 Artificial intelligence - Data quality for analytics and machine learning (ML) - Part 5 Data quality governance framework.pdf
ISO-IEC 23090-31 2025 Information technology - Coded representation of immersive media - Part 31 Haptics coding.pdf
ISO 20257-1 2020 Installation and equipment for liquefied natural gas Design of floating LNG installations Part 1 General requirements.pdf
ISO 15016 2025.pdf
ISO-IEC TR 19583-24 2025 Information technology - Concepts and usage of metadata - Part 24 11179-3 2013 Metamodel in RDF.pdf
ISO 20257-2 2021 Installation and equipment for liquefied natural gas — Design of floating LNG installations — Part 2 Specific FSRU issues.pdf
GB-Z 40839-2021 假肢和矫形器 矫形器和矫形器部件的分类和描述.pdf
GB-T 8436-1998 纺织品 色牢度试验 耐酸性毡合色牢度 温和的.pdf
GB-Z 40213-2021 自动化系统与集成 基于信息交换需求建模和软件能力建规的应用集成方法.pdf
GB-T 14447-1993 塑料薄膜静电性测试方法 半衰期法.pdf
GB-T 10195.2-1997 电子设备用压敏电阻器 第2部分 空白详细规范 氧化锌浪涌抑制型压敏电阻器 评定水平E.pdf
GB-T 39488-2020 燃气燃烧器和燃烧器具用安全和控制装置 特殊要求 电子式燃气与空气比例控制系统.pdf
GB-T 3098.1-2010 紧固件机械性能 螺栓、螺钉和螺柱.pdf
GB 175-2007 通用硅酸盐水泥.pdf
GB-T 26473-2021 起重机 随车起重机安全要求.pdf
GB-T 15683-2008 大米 直链淀粉含量的测定.pdf
1
/
3
53
评价文档
赞助2.6元 点击下载(3.7 MB)
回到顶部
×
微信扫码支付
2.6
元 自动下载
官方客服微信:siduwenku
支付 完成后 如未跳转 点击这里 下载
站内资源均来自网友分享或网络收集整理,若无意中侵犯到您的权利,敬请联系我们
微信(点击查看客服)
,我们将及时删除相关资源。