漏洞发展趋势 u th 5 b m o .c 1day 0100101000101010010010101000010010010010100101000100101 00100101000101010010010101000010010010010100101000100101 100100101000101010010010101000010010010010100101000100101 0100100101000101010010010101000010010010010100101000100101 10100100101000101010010010101000010010010010100101000100101 110100100101000101010010010101000010010010010100101000100101 0110100100101000101010010010101000010010010010100101000100101 00110100100101000101010010010101000010010010010100101000100101 00110100100101000101010010010101000010010010010100101000100101 100110100100101000101010010010101000010010010010100101000100101 010011010010010100010101001001010100001001001001010010100010010 001001101001001010001010100100101010000100100100101001010001001 000100110100100101000101010010010101000010010010010100101000100 000010011010010010100010101001001010100001001001001010010100010 0day 0000010011010010010100010101001001010100001001001001010010100010 1000001001101001001010001010100100101010000100100100101001010001 0100000100110100100101000101010010010101000010010010010100101000 i g 关于绿盟科技 绿盟科技集团股份有限公司(以下简称绿盟科技),成立于 2000 年 4 月,总部位于北京。 公司于 2014 年 1 月 29 日起在深圳证券交易所创业板上市,证券代码:300369。绿盟科技在国 内设有 40 多个分支机构,为政府、运营商、金融、能源、互联网以及教育、医疗等行业用户, 提供全线网络安全产品、全方位安全解决方案和体系化安全运营服务。公司在美国硅谷、日本东京、 英国伦敦、新加坡设立海外子公司,深入开展全球业务,打造全球网络安全行业的中国品牌。 u th i g 版权声明 5 b 为避免合作伙伴及客户数据泄露,所有数据在进行分析前都已经过匿名化处理,不会在中 间环节出现泄露,任何与客户有关的具体信息,均不会出现在本报告中。 m o .c 漏洞发展趋势 目录 CONTENTS 目录 摘要 ···········································································································································································2 1. 历史漏洞回顾 ·······················································································································································4 1.1 漏洞数量逐年显著增长 ······························································································································································ 5 1.2 通用软件产品的漏洞数量排名 ·················································································································································· 8 1.2.1 操作系统漏洞排名 ······················································································································································································ 8 m o .c 1.2.2 应用软件漏洞排名 ······················································································································································································ 9 2. 漏洞利用情况 ·····················································································································································11 2.1 典型漏洞攻击事件监测举例 ···················································································································································· 12 2.2 实际攻击中常用到 Nday 漏洞 ················································································································································· 14 5 b 3. 漏洞发展趋势 ·····················································································································································16 3.1 浏览器漏洞种类复杂多样 ························································································································································ 17 u th 3.2 文档类型漏洞是鱼叉攻击的重要载体 ···································································································································· 19 3.3 Flash 漏洞面临消亡 ·································································································································································· 21 3.4 开源软件面临漏洞利用和软件供应链的双重攻击 ··············································································································· 22 i g 3.5 Android 和 iOS 漏洞加剧移动安全的威胁 ····························································································································· 24 3.6 安全堪忧的 IoT 设备································································································································································· 26 4. 结论 ·····································································································································································28 A 漏洞发展趋势 摘要 摘要 随着计算机网络技术的发展,全球互联网体量急速膨胀,网络安全形势日益严峻,国家政治、经济、 文化、社会及公民在网络空间的合法权益面

pdf文档 绿盟 漏洞发展趋势报告

文档预览
中文文档 33 页 50 下载 1000 浏览 0 评论 0 收藏 3.0分
温馨提示:本文档共33页,可预览 3 页,如浏览全部内容或当前文档出现乱码,可开通会员下载原始文档
绿盟 漏洞发展趋势报告 第 1 页 绿盟 漏洞发展趋势报告 第 2 页 绿盟 漏洞发展趋势报告 第 3 页
下载文档到电脑,方便使用
本文档由 路人甲 于 2022-07-17 01:21:29上传分享
站内资源均来自网友分享或网络收集整理,若无意中侵犯到您的权利,敬请联系我们微信(点击查看客服),我们将及时删除相关资源。