Sunday, July 25, 2010

Fraud warning: Fishing the latest plot and potential threats



As consumers and businesses can create a potential threat of cyber crimes, fishing in the past few years to the spread, the deceptive tricks are endless. The current downturn in the economic form, but also provides a breeding ground for fish, there has been the use of new social engineering to fraud without the knowledge of the phenomenon of consumers and business users.

First, fishing without boundaries

Fishing - to lure computer users to provide sensitive information, identity theft and business data - on both businesses and consumers a very real threat. In the past 10 the next year, the infiltration fishing, fishing in the daily attacks around the world, about 8 million times.




Anti-Phishing Working Group (APWG) reported that, in the second quarter of 2008, light phishing attacks rose by 13%, more than 28,000 times. It also reported that, in the same period, the infected computers to steal the password code, can be used to spread malicious software has been broken on the website 9500 - compared with the same period in 2007, an increase of 258%. Figure 1 shows the fishing - spear phishing in the 16 months of growth.

Second, beware of the latest phishing scheme

* Spear phishing (spear phishing)

Spear phishing attacks only against specific targets, usually the object lock is not a general person, but to a specific company, organization members, such as well-known banks, financial companies and their executives and so on.

Consumers are not the only spear phishing attack target. More and more employees are cunning criminals eyeing. Their goal is to obtain bank information, customer data and other information to support criminal acts of their network.

According to VeriSign iDefense, spear phishing attacks in April 2008 to May during the company launched the attack, reached unprecedented levels. The aim of these attacks is the company's senior management and other important figures. In 15 months, the number of victims of corporate users as much as a staggering 15,000. These victims include Fortune 500 companies, government agencies, financial institutions and law firms.

* Business Services phishing

In addition to spear phishing, the fishing new plot also targeted phishing attacks on commercial services. For example, the use of Yahoo! Introduced relations and Google's AdWords for fishing. According to PhishTank report, AdWords customers will be an e-mail to remind them of accounts need to be updated. , The user will be asked to visit the AdWords interface and a fake credit card information. As many SMEs rely on online advertising to provide site traffic, marketing managers who are vulnerable to anglers eye on.

* The use of economic intimidation launch phishing attacks

Gloomy economic situation, as the criminals phishing attacks launched to provide the facilities. For example, e-mail posing as financial institutions need to obtain from a victim of bank cards, deposits and loans and other financial information, to help deal with bankruptcy or mergers, acquisitions and other matters. A large number of mergers and acquisitions information, so that consumers are confused. To make matters worse, the lack of unified communications, even for those who have nothing to fear of fraud.

* Hybrid Fishing / malware threats

In order to increase the success rate, number of phishing attacks with malicious software, combined manner. For example, a potential victim received phishing e-cards sent by mail, by clicking on the card, the user will not know the conditions in a fake Web site to enter, and the infection site to automatically download over the Trojans . In addition, victims may see a message before viewing the cards need to download the updated software (eg Flash). When the user of the software, when in fact it is a keylogger.

Fishing-based keylogger will track each user access record, and monitor them useful information, such as online shopping, bank card accounts and passwords and other sensitive information.

Another allow phishers to capture sensitive information, Trojans, it is redirected. Redirect the user to enter not make its intended site. At present, based on fishing, keyloggers and redirection are pandemic.

* Middleman SSL penetration attacks

In 2008, the emergence of a new encrypted session enables criminals to deceive the malicious software. This variant of the standard middle attack that allows criminals access to the network transmission unprotected passwords and other sensitive information.

* SMS and phone phishing scams

Phishers may use SMS instead of email to impersonate a financial institution and obtain confidential account information. Known as smishing (short message through phishing attacks), is a typical cellular phone fraud, it will notify the user bank account has been compromised or bank card is disabled, and requested a telephone call to restore banking services. Once cell phone users visit the Web site or through automatic telephone system, will be disclosed fraudulent financial information and bank PIN number.

Third, the impact of fishing on the business

While the financial industry has always been a major target for phishing attacks, but it is not the sole objective of being phishing attacks. Online payment, donation sites, retail and social networking sites often become prey to anglers. Anti-Phishing Working Group (APWG) reported that cell phone providers and manufacturers against phishing attacks also showed a significant growth trend. In other words, no industry or field to escape danger from attack.

Posing as a company's official website phishing attacks, would seriously damage the company's brand image and hurt the confidence of users, allows users to not dare to visit the official website. In addition, the company will be subject to the following effect:

* The impact of customer trust, online revenue and click-through rate will decline

* Once the customer data was leaked, the company should pay compensation

Phishing attacks also cause the user can not easily conduct online transactions, especially for those who do not trust them.

Fourth, to prevent phishing attacks

Although there is no way to deal once and for all phishing attacks, but can still use some techniques to protect your users and your interests.褰撳墠鐨勯挀楸兼妧鏈紝涓昏杩樻槸渚濊禆浜庤浣跨敤鎴风櫥闄嗕吉閫犵綉绔欒幏鍙栫敤鎴蜂俊鎭?璇稿SSL銆丒VSSL绛夋妧鏈湪闃茶寖閽撻奔鍜屽叾浠栧舰寮忕殑缃戠粶鐘姜鏂归潰锛岃繕鏄捣鐫?嚦鍏抽噸瑕佺殑浣滅敤銆?br />
銆??瀹炵幇瀹夊叏鐨勬渶浣冲仛娉曞氨鏄紝寮?惎鏈?珮绾у埆鐨勫姞瀵嗗拰璁よ瘉鎺柦銆係SL锛學eb瀹夊叏鐨勪笘鐣岀骇鏍囧噯锛屽畠鍙互瀵瑰埄鐢℉TTS鍗忚浼犺緭淇℃伅杩涜鍔犲瘑淇濇姢銆傚綋鍓嶇殑缁濆ぇ閮ㄥ垎鎿嶄綔绯荤粺銆乄eb娴忚鍣ㄣ?Internet搴旂敤绋嬪簭鍜屾湇鍔″櫒纭欢閮藉唴缃湁瀵筍SL鐨勬敮鎸併?

銆??涓轰簡甯姪鏈夋晥闃叉閽撻奔鏀诲嚮锛屽苟澧炲己鐢ㄦ埛淇′换锛屽叕鍙镐篃闇?涓?鍙互鍚戠敤鎴疯瘉鏄庡叾涓哄悎娉曠綉绔欑殑鏂规硶銆侲V SSL璇佷功鍙互甯姪浼佷笟瀹炵幇杩欎竴鐩殑銆傚畠鏄叏鐞冮鍏堢殑鏁板瓧璇佷功棰佸彂鏈烘瀯鍜屼富娴佺殑娴忚鍣ㄥ紑鍙戝晢鍏卞悓鍒跺畾鐨勪竴涓柊鐨凷SL璇佷功涓ユ牸韬唤楠岃瘉鏍囧噯锛岃鏂颁竴浠e畨鍏ㄦ祻瑙堝櫒(濡傦細IE7)鑳借瘑鍒嚭 EV SSL 鑰屽湪鍦板潃鏍忔樉绀轰负缁胯壊锛岃鏅?娑堣垂鑰呰兘纭俊姝e湪璁块棶鐨勭綉绔欏氨鏄?杩囨潈濞佺涓夋柟涓ユ牸韬唤楠岃瘉鐨勭幇瀹炰笘鐣岀殑鐪熷疄瀹炰綋锛屼粠鑰屽寮烘秷璐硅?淇″績锛屼績鎴愭洿澶氬湪绾夸氦鏄撱?




銆??铏界劧缃戠粶鐘姜鍒嗗瓙姝e彉寰楄秺鏉ヨ秺浼氭ā浠垮悎娉曠綉绔欙紝浣嗙敱浜庝粬浠病鏈塃V SSL璇佷功锛屽洜姝ゅ湪鍦板潃鏍忎笂 骞朵笉鑳芥樉绀哄嚭浠栦滑鐨勫悎娉曚俊鎭?

銆??闄や簡鍒╃敤EV SSL璇佷功鎶?湳澶栵紝浼佷笟杩樺簲璇ュ鍛樺伐鍜岀敤鎴峰氨缃戠粶琛屼负鍜屽浣曢伩鍏嶆璇堣繘琛屽浼犲拰鏁欒偛銆傛暀瀵间粬浠浣曡瘑鍒豢鍐掔綉绔欙紝濡傦細鎷煎啓閿欒銆佸己鐑堣姹傜敤鎴锋彁渚涗釜浜轰俊鎭?浼?鍩熷悕鎴栬?鏈煡閾炬帴銆?br />
銆??杩樿鏁欒偛浣犵殑瀹㈡埛鍜屽憳宸ワ紝鍦ㄦ彁渚涗换浣曚釜浜轰俊鎭垨鑰呭叾浠栨晱鎰熶俊鎭箣鍓嶅浣曡瘑鍒竴涓湁鏁堢殑銆佸畨鍏ㄧ綉绔欙細

銆??*鏌ョ湅缁胯壊鍦板潃鏍?br />
銆??*纭繚URL涓篐TTPS

銆??*鏌ョ湅瀹夊叏鏁板瓧璇佷功

銆??涓轰簡娑堥櫎閽撻奔鏀诲嚮甯︽潵鐨勬亹鎯э紝鏁欏鍛樺伐鍜屽鎴锋槸鏍戠珛蹇呰鐨勪俊浠荤殑鍏抽敭缁勬垚閮ㄥ垎銆傞?杩囧府鍔╁鎴风悊瑙e浣曠‘璁や粬浠槸鍚︾櫥闄嗗悎娉曠綉绔欙紝浼佷笟鍙互鑾峰緱鏇村鐨勫湪绾夸氦鏄撳拰鐢ㄦ埛璁块棶锛屽苟鎵╁ぇ鐭ュ悕搴﹀拰鏁翠綋閿?噺銆?br />
Summary

銆??缃戠粶閽撻奔浼氱户缁紨鍙樻垚鏂扮殑鑺辨牱锛屽畠浠瘯鍥惧埄鐢ㄤ汉浠浐鏈夌殑鍚屾儏蹇冦?淇′换鎴栬?濂藉蹇冿紝鏉ュ紑灞曚竴杞張涓?疆鐨勯挀楸兼椿鍔ㄣ?鍥犳锛屼繚鎶や紒涓氬搧鐗屽拰瀹㈡埛闇?浼佷笟浠樺嚭涓嶆噲鐨勫姫鍔涖?鍒╃敤鏈?珮绾у埆鐨勫畨鍏ㄩ槻鑼冩帾鏂藉拰EV SSL璇佷功鏁欏鍜屼繚鎶や綘鐨勫鎴凤紝鍙互璁╁鎴峰浼佷笟鐨勫湪绾挎湇鍔″厖婊′俊蹇冦?







相关链接:



Converting avi to wmv



Shenzhen Helmuth Rilling Medical use Weaver e-cology



Winamp visual effects studio creating Flash



From the "advertised" to "point and to announce"



Free Download Convert Mp4 To 3gp



User experience better! See the latest features TT4.4.1



video formats



Expert JAVA And JavaScript



The Pressure Of Free Memory



For Kaspersky and Rising court



Simple E-Mail Tools



Premier Compilers And Interpreters



EHR Four Party Advisory Misunderstanding



Easy Tools And Editors



Qualified To Teach You To Do A Trip Report



Fireworks Frequently Asked Questions (5)



convert mov to FLV



Thursday, July 15, 2010

Symbian preparing for the dynamic link library DLL


DLL (Dynamic Link Library) is a special code, which can be an external program in the program
When running call. The code inside the DLL can also be a number of external programs share, and will not cause
Repeated phone memory allocation.

Static interfaces vs polymorphic interface
Symbian system supports two types of DLL:
(1) Static Interface DLL
(2) The polymorphic interface DLL

Static Interface DLL when the program starts in the melody is automatically loaded to the phone memory inside (the only exception is
If the DLL is read-only memory inside the ROM, it can be called by its address). And
If there is no external program to use it, and it will be automatically unloaded from memory. Static Interface DLL in the system
Provide a range of unique functions (for example, the two have the same DLL export functions in the system will not be confused)
Static Interface DLL has. Dll file suffix, often used to implement the system in the Symbian application engines
(For example, has nothing to do with the UI code).

Polymorphic interface DLL is only clear by calling RLibrary:: Load () function can be loaded into memory, and
When uninstalling, also preferably through RLibrary:: Close () function to uninstall. Number of polymorphic interface DLL can
For the external program to export more than the same function name of the function. Therefore, this DLL is widely used in normal circumstances
An application framework to achieve when the plug-in extensions. In the Symbian system, polymorphic interface DLL can
A variety of different file suffixes. The most famous one is. App at the end of the (application),. Ldd (logic
Device drivers),. Tsy and. Csy (telephone and communication services module) and so on. . .

In this article, we will be only concerned with static interfaces DLL technology, it is you and I in the development of DLL far the most common type.
We will continue our common DLL's content.

Static interface DLL
From the perspective of the caller DLL, DLL has three files:
(1) header file:. H file suffix, you can # include into the main theme of the program code to only compile
Useful time.
(2) export file:. Lib file suffix, you can link from the main theme of the procedures, the documentation of the DLL's
All interface functions to provide the name and address.
(3) DLL file itself:. Dll file extension, including all. Lib documented interface function of the specific implementation
The main theme of the function at run time and implement some of the actual call.

From the perspective of writers DLL, DLL can be seen as a complete Symbian project.
It consists of the following components:
(1) project their own MMP file (the file listed in the bld.inf)
(2) a header file, specifies the interface of the DLL needs to export
锛?锛夋簮浠g爜鏂囦欢锛屽叿浣撳鍑哄嚱鏁扮殑瀹炵幇

澶存枃浠?br />DLL鐨勫ご鏂囦欢涓庡叾瀹冪被鐨勫ご鏂囦欢鐨勫ご鏂囦欢闈炲父绫讳技銆備笉鍚岀殑鍦版柟鍦ㄤ簬
浣跨敤浜咺MPORT_C瀹忔潵瀹氫箟鎵?湁瀵煎嚭鍑芥暟锛?br />class CMyEngine : public CBase
(
public:
聽聽 // These functions are visible by the
聽聽 // clients of the DLL and needs to have
聽聽 // the IMPORT_C tag
聽聽 IMPORT_C static CMyEngine* NewL();
聽聽 IMPORT_C static CMyEngine* NewLC();

聽聽 IMPORT_C void MyPublicMethod();
聽聽 IMPORT_C void AnotherPublicMethod();
...
private:
聽聽 // These functions are not visible by the
聽聽 // clients of the DLL and then do not need
聽聽 // the IMPORT_C tag
聽聽 CMyEngine();
聽聽 void ConstructL();
聽聽 void SomePrivateMethod();
)

瀹炵幇鏂囦欢
缂栧啓DLL宸ヤ綔鏈韩娌℃湁浠?箞闇?澶嶆潅鐨勫湴鏂癸紝浣嗘槸鏈変袱涓噸瑕佺殑
鍦版柟闇?鐣欐剰锛?br />锛?锛塃32Dll()鍑芥暟蹇呴』瀹炵幇
锛?锛夊彟澶栦竴涓壒娈婄殑瀹忥紝EXPORT_C锛屽簲璇ュ姞鍦ㄦ瘡涓鍑哄嚱鏁板疄鐜?br />鐨勫墠闈?
For example:
// This function is mandatory for all DLLs
EXPORT_C TInt E32Dll(TDllReason)
(
聽聽聽聽聽聽聽 return KErrNone;
)

// This function is exported: The EXPORT_C tag shall be used.
EXPORT_C void MyPublicMethod()
(
...
)

// This one is not: The EXPORT_C tag shall not be used.
void SomePrivateMethod()
(
聽 // Do Something
)

MMP鏂囦欢
DLL鐨凪MP鏂囦欢搴旇鏈変互涓嬬壒鐐?br />锛?锛夊畾涔夐」鐩?project)鐨勭被鍨嬫槸dll
锛?锛変娇鐢ㄦ纭殑UID2鐨勫?(0x1000008d)

鍦ㄥ紑鍙戣繃绋嬩腑锛屼綘涔熷簲璇ラ?杩嘐XPORTUNFROZEN鍛婅瘔缂栬瘧鐜锛孌LL鎺ュ彛杩樻病鏈?br />瀹氱锛岃繕鍙互闅忔椂淇敼銆?br />
For example:
TARGET聽聽聽聽聽聽聽 MyEngine.dll
TARGETTYPE聽聽聽 dll
UID聽聽聽聽聽聽聽聽聽聽 0x1000008d <myUID3>
...
EXPORTUNFROZEN

鎶奃LL鎺ュ彛瀹氱锛團reezing DLL锛?br />涓?棪浣犲畬鎴愪簡DLL鐨勫紑鍙戯紝鍦ㄤ綘鍙戣浣犵殑DLL鐗堟湰涔嬪墠锛屽簲璇ユ妸鎺ュ彛瀹氱锛團reezing锛?br />杩欐牱鍙互纭畾灏嗘潵鍙戣鐨凞LL鍙互鍚戜笅鍏煎銆?br />
閫氳繃灏嗛」鐩殑MMP鏂囦欢涓殑EXPORTUNFROZEN鍏抽敭瀛楀幓鎺夛紝鐢ㄥ父瑙勭殑鏂规硶閲嶆柊寤虹珛DLL锛?br />鏉ュ疄鐜癉LL搴撶殑瀹氱銆傝繖鏃跺?浼氭湁鈥?def鏂囦欢涓嶅瓨鍦ㄢ?鐨勭紪璇戣鍛婁俊鎭嚭鐜帮紝涓嶈绱э紝
缁х画灏卞缓绔嬪綋鍓嶉」鐩紝鍦ㄩ」鐩紪璇戝畬姣曚互鍚庯紝浣犲彲浠ョ敤濡備笅鍛戒护瀹氱锛?br />abld freeze

娉ㄦ剰:
鎵?湁鐨凙RM骞冲彴鍏变韩涓?釜.def鏂囦欢锛屼絾鏄浜巜ins妯℃嫙鍣ㄥ拰winscw CodeWarrior
鐜鏉ヨ锛屼粬浠湁涓嶅悓鐨?def鏂囦欢銆?br />
涓?棪椤圭洰宸茬粡瀹氱锛岄噸鏂扮敓鎴恗akefile锛岃繖鏃跺?瀵煎叆鐨刲ib浼氱洿鎺ラ?杩囧畾绋跨殑.def
鏂囦欢鐢熸垚銆?br />





相关链接:



He Jie won the Xuhui District, President of ice, "KPS Cup top ten youth"



avi to wmv converter free



Youtube FLV to ASX Software



SPARK Trilogy: to see how we change the world



mp4 CONVERTER



What is mov



Pistonsoft MP3 Tags Editor



HAPPINESS YouTube to PS2



LasVegas FLASH Converter



Articles about Access Control



ValeSoft Ultimate Video Converter



comparison Reference Tools



Matroska format



AMD Switch to heat: between fundamental to the king of Wu-Soft international Cisco Rong Jin



Top Casino And Gambling



ALO Audio Center