上周美国管理预算办公室OMB、总统网络安全特别协调员Howard、国土安全部联合发布文件,调整明确了在网络空间安全方面的任务分工:
Under various national security and homeland security Presidential directives, and pursuant to its statutory authorities, DHS oversees critical infrastructure protection, operates the United States Computer Emergency Readiness Team (US-CERT), oversees implementation of the Trusted
Internet Connection initiative, and takes other actions to help secure both the Federal civilian government systems and the private sector. At the same time, OMB has a number of
cybersecurity responsibilities, principally in connection with FISMA. The Cybersecurity Coordinator leads the interagency process for cybersecurity strategy and policy development. Read more…
Oct.18 2009(Beijing time), China CCTV news reported the release of national vulnerability database of China.
Along with the upsoaring of the Internet applications, the vulnerability number is also in a sharp growth. So the update and automation of vulnerability information is becoming more and more critical for the whole information ssytems. Vulnerability Database is used to research, collect, release, automate the lifecycle of vulnerability management, which is regarded the core of the related activities. Although there have been a series of open source vulnerability database(e.g. OSVDB, etc.), commercial maintained vulnerailibity database(e.g. CERT CVE, Bugtraq, NSFocus VDB, etc.), it’s still regarded very essential to setup one authoritive database for the industry, particularly for government and research organizations. Read more…
Categories: -English-, Architect, Cloud, Security, Telecom Tags: CERT, CNVD, CNVDB, CVE, NIST, NVD, SVM
针对这次紧急的MS08-067, 我们在周五一早,就开始向管理层汇报,并动员了所有的安全团队和服务器、应用运行团队的服务器管理员:
1 在周末对Windows服务器打MS08-067补丁
2 另外,紧急更新了全球所有的病毒服务器代码,保证可以查杀相关蠕虫
3 加入了新的LANDesk对客户端的补丁auto-fix分发
4 重新检测全球所有的防火墙系统,内网隔离系统,确保封锁135/139/445端口
5 启动紧急响应流程,要求SOC保证监视和通知,相关人员保持24小时可联系。
至今,非常感谢各个团队的理解和辛苦工作,艰苦努力,进展良好。接下来的一周非常关键,我们还需努力。也祝各位同行同仁都能顺利过关。
拉丁美洲的一个关于网络犯罪的会议上发现了一个有趣的现象。当前的网络犯罪越来越多的体现出高度地域化的特征,换句话说,网络攻击、钓鱼等被定制为只针对某个特定的国家或者地区,或者用户群体。这些定制过的攻击很少会越过设定的边界。这样定制过的地域化的恶意攻击变得更加隐蔽,更难被国际范围的反病毒公司检测发现,所以可以隐蔽持续更长的时间。 从这个意义上来说,本土防病毒公司将会更有优势,国际反病毒公司需要开设更多的本地化的研究中心和快速响应中心来应对这种地域化的趋势。
CNCERT released their annual report on the overall security status at China for 2007. You can download this report at their website. This report is in Chinese.
At this report, some numbers and trends are highlighted.
Compared against those numbers at 2006, security incidents and botnet(zombie) hosts at China increased rapidly, or even upsoared.
- website phishing – 1.4 times
- malicious code at web pages – 2.6 times
- defaced websites – 1.5 times
- Trojaned hosts – 22 times….
where the Trojaned hosts are estimated to up to one million (995,154) IPs compared against 44717 IPs at 2006.
上周美国管理预算办公室OMB、总统网络安全特别协调员Howard、国土安全部联合发布文件,调整明确了在网络空间安全方面的任务分工:
Recent Comments