HOME
Technology
Life
Discover science
Medicine - Health
Event
EntertainmentUsers are the central target of hackers
Hackers are moving attack targets to users instead of attacking systems.
The most obvious evidence for the trend of switching targets in hackers is the continuous disclosure of security flaws in the Microsoft Office suite and a variety of security threats from various types of documents. Malicious potentially exploits such security bugs.
In fact, it is also said that hackers seem to have automated the detection and exploitation of security flaws.
The goal is the user
Alfred Huger - a senior expert at security firm Symantec - said: " Hackers are targeting attacks on users rather than on systems. What they look for is not the server they're looking for. username and email address ".
" It is difficult to identify a specific person from a website. Therefore, the attackers have targeted a specific company, they focus on the attack, they are turning to tons. public specific client applications such as Microsoft. "
Huger simulates a targeted attack model through exploiting security flaws in Office as follows: " An attacker can find the name and email address of a low-level financial officer of a company. From a press release, for example, they will then pretend to be the financial manager of that company to send to the employee speaking on an Excel file. The hacker's Excel news is very high because he will think it was sent from his manager. Obviously the level of success of such attacks will be very high . "
Fuzzer shows up
The constant discovery of security flaws in Office has sparked concerns about tools called "fuzzer" - a tool that automatically detects security flaws developed by security researchers. and hackers over the past two years. However, this tool is only known to the public.
" A fuzzer tool will send any type of data value to the input of any program to detect if something goes wrong. This is a commonly used tool for detection. "Buffer overflow security errors. And it is also a quick and most effective solution for detecting security errors, " Huger said.
Huger said that thanks to HD Moore, everyone is known to fuzzer. Moore - one of the leading developers in the open source project Metasploit Framework - has just launched a "every day a security bug" project and claims he has used a lot of fuzzers to detect such security flaws. .
Microsoft is also one of the companies spending the most time and money for fuzzer, Huger said. This expert believes that Windows Vista itself is also tested with fuzzer tools.
" I think this will provide a better platform for Vista, " Huger said. " But that is not the end of concerns about security flaws. Hackers still detect errors in Vista because there are new scripts ."
Hoang Dung
- Hackers spread malicious code to attack Winamp
- Why do hackers like to wear hooded shirts, sitting in the dark?
- Central Bank of America canceled payment cards for hackers
- Security software is about to turn into the main target of hackers
- Hackers spread malicious code to attack Word
- Skype error paved the way for hackers to attack
- Add a new risk to Office users
- The Word vulnerability helps hackers gain control of the PC
- QuickTime 'abetted' hackers to attack users
- The bank is the number one target for hackers
- 25% of US hackers work for the FBI
- Hackers use the Olympics to spread malicious code
What is the Snapdragon SiP chip?
How to create a yellow circle around the mouse cursor on Windows
Edit the Boot.ini file in Windows XP
3 ways to restart the remote computer via the Internet