本網站使用瀏覽器紀錄 (Cookies) 來提供您最好的使用體驗,我們使用的 Cookie 也包括了第三方 Cookie。相關資訊請訪問我們的隱私權與 Cookie 政策。如果您選擇繼續瀏覽或關閉這個提示,便表示您已接受我們的網站使用條款。 關閉
高通及聯發科採用 Apple 所開源的音訊解碼器,內含漏洞將導致音訊及視訊資料外洩 【臺北訊,2022 年 04 月 28 日】全球網路安全解決方案領導廠商 Check Point® Software Technologies Ltd.(NASDAQ股票代碼:CHKP)的威脅情報部門 Check Point Research 於高通(Qualcomm)和聯發科(MediaTek)的音訊解碼器(Audio Decoder)中發現漏洞。此漏洞是基於一個 Apple 11 年前開源的程式碼;若未及時修補,攻擊者將能夠遠端存取媒體和對話音訊,或透過惡意遠端程式碼執行(RCE)威脅全球三分之二的行動裝置。 Apple 開發的保真壓縮音訊編解碼器(Apple Lossless Audio Codec,ALAC)是一種音訊編碼格式,於 2004 年首次推出,用於數位音樂的保真音訊壓縮,並於 2011 年底開源。ALAC 格式自此被應用於許多非 Apple 音訊播放設備和程式中,包括 Android 智慧型手機、Linux 和 Windows 媒體播放器及轉換器。此後 Apple 多次更新並修補其私有版本的解碼器,但開源版本自 2011 年以來就未再更新;Check Point Research 團隊發現,高通和聯發科都在其音訊解碼器中採用了含有安全漏洞的 ALAC。 此漏洞可能被攻擊者用於遠端程式碼執行,透過異常音訊檔對行動裝置發起攻擊;此類型漏洞影響層面廣,包含惡意軟體執行和攻擊者能成功控制使用者的多媒體資料,例如能串流受攻擊裝置的攝影畫面等。此外,權限較低的 Android 應用程式可利用這些漏洞提升權限,並存取使用者的媒體資料和對話紀錄。 Check Point Research 逆向工程和安全研究部 Slava Makkaveev 指出:「這組漏洞能讓攻擊者在全球三分之二的行動裝置上遠端執行及提升權限,且這些漏洞很容易被利用,受害者只要播放攻擊者傳送的一首歌曲(媒體檔案),惡意程式碼便能成功注入權限較高的媒體服務中。攻擊者將能看到使用者在手機上查找的資訊;而在 Check Point Research 的概念驗證(PoC)中,我們也證實能夠直接串流受害手機的攝影畫面。手機中最敏感資訊是包含音訊及視訊等的媒體服務,而攻擊者竟能透過此漏洞成功竊取這些資訊,其中易受攻擊的解碼器正是源自於 Apple 11年前開源的程式碼。」 Check Point Research 已向聯發科和高通揭露相關資訊,並與這兩家廠商密切合作,確保這些漏洞得以盡快修復。聯發科將漏洞命名為 CVE-2021-0674 和 CVE-2021-0675,目前這些漏洞已修復,並發佈在 2021 年 12 月聯發科產品安全佈告欄中;高通則在 2021 年 12 月高通安全佈告欄中發佈了 CVE-2021-30351 的修補程式。 Check Point Software 建議使用者可依循 Google 每月發佈的安全性公告更新手機。 關注 Check Point Software Facebook:https://www.facebook.com/checkpoint.tw/ 部落格:https://research.checkpoint.com/ Twitter: https://twitter.com/_cpresearch 關於 Check Point Software Technologies Ltd. Check Point Software Technologies Ltd. (www.checkpoint.com)是全球領先的政府與企業網路安全解決方案供應商。Check Point Infinity 的解決方案組合以領先業界的惡意軟體、勒索軟體與其他攻擊手法攔截率,有效保護企業和公家機關免於第五代網路攻擊。「Infinity」的三大核心支柱可於各類企業環境中提供全面防護與針對第五代網路攻擊的進階威脅防護:專為遠距辦公而生的 Check Point Harmony、提供自動化雲端防護的 Check Point CloudGuard、以及用於保護網路邊界和資料中心的 Check Point Quantum。Check Point 以最全面、最直觀的單點控制安全管理系統,為超過 10 萬家各種規模的企業提供安全防護。 關於 Check Point Research Check Point Research 能夠為 Check Point Software 客戶以及整個情報界提供領先的網路威脅情報。Check Point 研究團隊負責蒐集和分析 ThreatCloud 儲存的全球網路攻擊數據,以便在防範駭客時,確保所有 Check Point 產品都享有最新保護措施。此外,該團隊由 100 多名分析師和研究人員組成,能夠與其他安全廠商、執法機關及各個計算機安全應急機關展開合作。
Companies identify Business interruption as their top business concern for the year ahead (37% of overall responses) Cyber ranks #2 (31%), with data breaches identified as the cyber exposure companies fear most Natural catastrophes retain #3 rank (27%) in Asia, which is heating up faster than the global average SINGAPORE - Media OutReach Newswire - 15 January 2025 - Business interruption is the biggest worry for Asian companies in 2025, according to the Allianz Risk Barometer. Cyber incidents such as data breaches or ransomware attacks, and IT disruptions, such as the CrowdStrike incident, are also a main concern for companies of all sizes, ranking #2. After another heavy year of Natural catastrophes activity in 2024 this peril remains #3. The top three risks globally – Cyber incidents (#1), Business interruption (#2), and Natural catastrophes (#3) – retained their positions in this year's Allianz Risk Barometer, which is based on the insights of more than 3,700 risk management professionals from over 100 countries. Allianz Commercial Chief Underwriting Officer Vanessa Maxwell comments: "2024 was an extraordinary year in terms of risk management and the results of our annual Allianz Risk Barometer reflect the uncertainty many companies around the globe are facing right now. What stands out this year is the interconnectivity of the top risks. Climate change, emerging technology, regulation and geopolitical risks are increasingly intertwined, resulting in a complex network of cause and effect. Businesses need to adopt a holistic approach to risk management and consistently strive to enhance their resilience in order to address these fast-evolving risks." Christian Sandric, Regional Managing Director of Allianz Commercial Asia, says, "Business interruption is the most significant risk for companies in the region and this is no surprise as Asian economies are increasingly participating in trade globally and regionally. This is also often due to events like cyber incidents or natural catastrophes, which are part of the top risks in the region. Against this backdrop of an increasingly volatile risk landscape, businesses should ensure they are sufficiently protected and their response measures robust. This includes adopting measures such as loss prevention, developing multiple suppliers, alternative risk transfer, and multinational insurance policies." Business interruption strongly interlinked with other risks Business interruption (BI) is the top risk in Asia; it ranks in the top three risks in all countries and territories, and is the top risk in China and Hong Kong, Malaysia, Singapore, and South Korea. Its persistence at the top reflects severe supply chain disruption during and after the pandemic. Such disruptions are of particular concern as Asian economies are increasingly participating in trade. Asia is now the world's second-most integrated trade region, driven by the rapid growth of manufacturing supply chains across borders. In addition, due to rising US-China tensions, bilateral trade between geopolitically aligned countries has risen. Global trade flows are becoming more intricate and this shift has opened doors for nations like India and Malaysia to step up as next-generation trade hubs, according to Allianz Trade. Globally, BI has ranked either #1 or #2 in every Allianz Risk Barometer for the past decade and retains its position at #2 in 2025 with 31% of responses. BI is typically a consequence of events like a natural disaster, a cyber-attack or outage, insolvency or political risks like conflict or civil unrest, which can all affect the ability of a business to operate normally. Several examples from 2024 highlight why companies still see BI as a major threat to their business model. Houthi attacks in the Red Sea led to supply chain disruptions due to rerouting of container ships, while incidents such as the collapse of the Francis Scott Key Bridge in Baltimore also directly impacted global and local supply chains. Supply chain disruptions with global effects occur approximately every 1.4 years, and the trend is rising, according to analysis from Circular Republic, in collaboration with Allianz and others. Those disruptions cause major economic damages, ranging up to 5% to 10% of product costs and additional downtime impacts. Cyber risks continue to increase with rapid development of technology Cyber incidents rank #2 in Asia; it is the top risk in India for the eighth consecutive year, and the second most significant risk in Japan and Singapore. The Asia Pacific region saw a 23% increase in weekly cyberattacks per organization in Q2 2024, compared to the same period in 2023. Some of the cyber incidents around the region include the attack on India's biggest crypto exchange WazirX, the distributed denial-of-service (DDoS) attack on Japan Airlines, and cyberattack on Singapore law firm Shook Lin & Bok. Globally, Cyber incidents (38% of overall responses) rank as the most important risk for the fourth year in a row – and by a higher margin than ever (7% points). It is the top peril in 20 countries, including Argentina, France, Germany, India, South Africa, the UK and the US. More than 60% of respondents identified data breaches as the cyber exposure companies fear most, followed by attacks on critical infrastructure and physical assets with 57%. Natural catastrophes remain a major concern Natural catastrophes retain its #3 spot in Asia. The region is heating up faster than the global average, with increased casualties and economic losses from floods, storms, and more severe heatwaves. It is the top risk in Japan, which faced a M7.5 earthquake in the Noto Peninsula that resulted in insured losses of US$3bn, with economic losses reaching US$12bn, as well as in Hong Kong, which experienced its heaviest rain in November 2024 since records began 140 years ago due to Typhoon Haikui. Globally, Natural catastrophes remain at #3 with 29%, although more respondents also picked this as a top risk year-on-year. For the fifth time in a row in 2024, insured losses surpassed US$100bn. 2024 is expected to have been the hottest year on record. It was also a year of terrible natural catastrophes with extreme hurricanes and storms in North America, devastating floods in Europe and Asia and drought in Africa and South America. Resources: Global media release and top 10 business risks for 2025 Allianz Risk Barometer methodology and full global and country risk rankings Asia media releases for China, Hong Kong, India, Japan, Malaysia, Singapore, South Korea, and Thailand Hashtag: #Allianzhttps://commercial.allianz.com/https://www.linkedin.com/company/allianz-commercial/The issuer is solely responsible for the content of this announcement.About Allianz CommercialAllianz Commercial is the center of expertise and global line of Allianz Group for insuring mid-sized businesses, large enterprises and specialist risks. Among our customers are the world's largest consumer brands, financial institutions and industry players, the global aviation and shipping industry as well as family-owned and medium enterprises which are the backbone of the economy. We also cover unique risks such as offshore wind parks, infrastructure projects or film productions. Powered by the employees, financial strength, and network of the world's #1 insurance brand, as ranked by Interbrand, we work together to help our customers prepare for what's ahead: They trust us to provide a wide range of traditional and alternative risk transfer solutions, outstanding risk consulting and Multinational services, as well as seamless claims handling. The trade name Allianz Commercial brings together the large corporate insurance business of Allianz Global Corporate & Specialty (AGCS) and the commercial insurance business of national Allianz Property & Casualty entities serving mid-sized companies. We are present in over 200 countries and territories either through our own teams or the Allianz Group network and partners. In 2023, the integrated business of Allianz Commercial generated more than €18 billion gross premium globally.
KUALA LUMPUR, Malaysia, Jan. 15, 2025 (GLOBE NEWSWIRE) -- VCI Global Limited (NASDAQ: VCIG) (“VCI Global,” or the “Company”), is proud to announce its exclusive distributorship of Secure Encryption Storage Limited (“SES”) for Data Security Solutions (“SES Solutions”) in Malaysia. Powered by AI, SES Solutions provide advanced features such as real-time threat detection, virus defense, data encryption, and multi-channel backup. Trusted by over 300 clients, including Fortune 500 companies and government agencies, SES is a leading choice for safeguarding enterprise data and combating cyber threats. According to Check Point Research, the urgency of addressing cybersecurity risks is highlighted by a 30% year-over-year increase in global cyberattacks, with organizations facing an average of 1,636 cyberattacks per week. In response to the rising threat landscape, leading technology players have taken significant steps to enhance data protection. Inetum has partnered with Rubrik, Inc. to improve data protection and recovery, while IBM Corporation launched the Guardium Data Security Center, offering AI and quantum-safe features for unified data protection. At the same time, Salesforce, Inc. has completed its US$1.9 billion acquisition of Own Company, leveraging the latter’s data protection and management solutions to enhance the security and compliance of customer data across the Salesforce platform. These strategic initiatives reflect the increasing demand for robust cybersecurity solutions. According to Statista, the global cybersecurity market is projected to reach around US$280 billion by 2029, fueled by advancements in AI and the growing need for enhanced security. In Malaysia, the cybersecurity market is expected to grow from around US$500 million in 2025 to approximately US$800 million by 2029. In response to this growth, VCI Global is positioning itself to capture 3% of the Malaysian market, with expected revenues surpassing US$15 million within the first two years of its partnership. “Securing the exclusive distributorship of SES Solutions in Malaysia is a major step forward in our strategy to expand within the dynamic cybersecurity sector. Looking ahead, VCI Global plans to expand into neighboring countries in Asia, and eventually into Europe and the US, bringing cutting-edge cybersecurity solutions to a broader global market,” said Dato’ Victor Hoo, Group Executive Chairman and Chief Executive Officer of VCI Global. About VCI Global Limited VCI Global is a diversified holding company headquartered in Kuala Lumpur, Malaysia. The Company operates through five core businesses: Capital Market Consultancy, Fintech, Real Estate, AI & Robotics, and Cybersecurity. In Capital Market Consultancy, we provide IPO solutions, investor relations (IR) and public relations (PR) consultancy, and M&A consultancy. Our Fintech arm offers a proprietary financing platform. In Real Estate, we offer specialized real estate consultancy services. The AI business delivers GPU servers, GPU cloud computing services, AI and large language model (LLM) solutions, while the Robotics segment focuses on post-harvest robotics systems. Our Cybersecurity segment provides comprehensive cybersecurity consultancy services and solutions. Committed to fostering innovation and delivering exceptional value, VCI Global has established a strong presence across the Asia-Pacific region, the United States, Europe, and the Middle East, driving growth and transformation on a global scale. For more information on the Company, please log on to https://v-capital.co/. About Secure Encryption Storage Limited Secure Encryption Storage Limited is a professional data security service provider. Focusing on data protection, providing one-stop data security services and one-stop software and hardware solutions. Continuously committed to improving customer data protection and security, empowering customer business data security, and ensuring the security of digital assets. For further details about the Company, please visit https://www.secures.hk/. Cautionary Note Regarding Forward-Looking Statements This press release contains forward-looking statements that are subject to various risks and uncertainties. Such statements include statements regarding the Company’s ability to grow its business and other statements that are not historical facts, including statements which may be accompanied by the words “intends,” “may,” “will,” “plans,” “expects,” “anticipates,” “projects,” “predicts,” “estimates,” “aims,” “believes,” “hopes,” “potential” or similar words. These forward-looking statements are based only on our current beliefs, expectations, and other future conditions. Because forward-looking statements relate to the future, they are subject to inherent uncertainties, risks, and changes in circumstances that are difficult to predict and many of which are outside of our control. Therefore, you should not rely on any of these forward-looking statements. Actual results could differ materially from those described in these forward-looking statements due to certain factors, including without limitation, the Company’s ability to achieve profitable operations, customer acceptance of new products, the effects of the spread of coronavirus (COVID-19) and future measures taken by authorities in the countries wherein the Company has supply chain partners, the demand for the Company’s products and the Company’s customers’ economic condition, the impact of competitive products and pricing, successfully managing and, general economic conditions and other risk factors detailed in the Company’s filings with the United States Securities and Exchange Commission (“SEC”). The forward-looking statements contained in this press release are made as of the date of this press release, and the Company does not undertake any responsibility to update the forward-looking statements in this release, except in accordance with applicable law. CONTACT INFORMATION: For media queries, please contact: VCI GLOBAL LIMITEDenquiries@v-capital.co
AI 驅動與雲端交付的網路安全平台領導廠商 Check Point® Software Technologies Ltd.(納斯達克股票代碼:CHKP)旗下威脅情報部門 Check Point Research 報告指出,今年前三季全球平均每週網路攻擊次數為 1,876 次,相較去年同期增加 75%,而台灣更以每週 4,129 次的平均攻擊次數位居亞太地區榜首。Check Point 發佈 2025 年網路安全趨勢預測,列舉未來一年組織將面臨的主要安全挑戰;隨著企業不斷擁抱新技術,AI 驅動攻擊、量子威脅和雲端漏洞將重新定義數位威脅情勢。 Check Point 技術長 Dorit Dor 博士表示:「2025 年,AI 將同時助長網路攻擊與強化安全防護—安全團隊將依賴為其獨特環境量身打造的 AI 驅動工具,而攻擊者則會以日益複雜的 AI 驅動網路釣魚和深度偽造攻擊予以回應。與此同時,攻擊者將利用被忽視的漏洞、服務帳戶和機器對機器存取金鑰在網路內橫向移動,進一步增加防禦難度。隨著網路衝突逐漸擴展到社交平台甚至戰場,各組織必須更主動地採取預防措施,並能夠迅速做出調整,以確保其維運不受新興威脅影響。」 Check Point Software 提出 2025 年全球九大網路安全趨勢預測: · 趨勢一:AI 驅動攻擊日益增多 2025 年 AI 將成為網路犯罪的主要幫兇。攻擊者將利用 AI 技術發起高度客製化的網路釣魚攻擊,以及生成能夠從即時資料中學習、躲避偵測的自適應惡意軟體(adaptive malware)。小型駭客組織也可利用 AI 工具發起大規模攻擊,而無需具備高深專業知識,將導致網路犯罪更加普及。 · 趨勢二:勒索軟體將重創供應鏈 勒索軟體將變得更具針對性和自動化,並將攻擊矛頭指向關鍵供應鏈,大規模攻擊可能更加頻繁,影響整個產業。同時,攻擊者會運用 AI 增強型網路釣魚電子郵件和深度偽造技術冒充身份,以避開防禦系統。 · 趨勢三:AI 使用不當將增加資料外洩風險隨著 ChatGPT 等 AI 工具成為業務流程中不可或缺的一部分,意外的資料外洩將成為重要隱憂。員工可能在無意間將敏感資料分享給外部 AI 平台,導致非蓄意的資料外洩。組織需要建立治理架構來監控 AI 使用情況並保護資料隱私。 · 趨勢四:量子計算將對加密技術構成新威脅量子計算即將挑戰現有的加密方法。儘管大規模量子攻擊威脅形成尚需數年時間,但金融和醫療等產業必須及早開始採用量子安全加密技術,以有效抵禦這一近在眉睫的威脅。 · 趨勢五:社群媒體濫用和深度偽造技術將屢見不鮮愈來愈多的網路犯罪分子將瞄準社群媒體平台,利用個人資訊實施精準詐騙和身份冒充。AI 驅動的深度偽造技術將更加逼真,對金融交易和企業安全構成威脅。為了偵測並防範這些複雜攻擊,企業需要採用即時 AI 防禦。 · 趨勢六:AI 驅動的 SOC 助手將革新安全維運資訊安全監控中心(SOC)將利用 AI 助手處理大量資料並對威脅進行優先順序劃分,進而縮短回應時間。這些 AI 驅動的工具將有助於自動偵測威脅並減少誤報,藉此提升安全團隊效率。 · 趨勢七:隨 AI 普及,資訊長和資安長角色趨於融合隨著企業日益採用 AI 和導入混合雲環境,資訊長和資安長的角色將逐步整合,轉向全面風險管理。根據 Check Point 報告預測,資訊長將監管愈來愈多網路安全維運,推動 IT 與安全職能團隊之間更緊密的協作。 · 趨勢八:雲端安全平台主導市場組織將遷移至整合式雲端安全平台,採用雲端原生安全平台(CNAPP)等工具來監控並保護多雲環境。AI 將在自動化威脅防禦上發揮關鍵作用,將重心從被動防護轉向主動防禦。 · 趨勢九:物聯網擴展增大攻擊面預計到了 2025 年物聯網裝置數量將達到 320 億台,確保這些互連系統的安全將變得至關重要,攻擊者將利用安全防護脆弱的物聯網裝置入侵雲端網路。為了降低此風險,組織必須採用零信任架構和 AI 威脅偵測工具。 完整預測報告,請見 Check Point Software 2025 年網路安全趨勢預測。 關注 Check Point Software X(前身為 Twitter): https://www.twitter.com/checkpointsw Facebook: https://www.facebook.com/checkpoint.tw Blog: https://blog.checkpoint.com YouTube: https://www.youtube.com/user/CPGlobal LinkedIn: https://www.linkedin.com/company/check-point-software-technologies 關於 Check Point Software Technologies Ltd. Check Point Software Technologies Ltd.(www.checkpoint.com)是 AI 驅動與雲端交付的網路安全平台領導廠商,為全球超過 10 萬家組織提供防護。Check Point 利用無所不在的人工智慧力量,透過其 Infinity 平台提高網路安全效率和準確性,以業界領先的捕獲率實現主動威脅預測和更智慧、更 快速的回應時間。此綜合平台包含雲端交付技術,涵蓋確保工作空間安全的 Check Point Harmony、確保雲端安全的 Check Point CloudGuard、確保網路安全的 Check Point Quantum,以及用於協作安全操作和服務的 Check Point Infinity Core Services。
AI 驅動與雲端交付的網路安全平台領導廠商 Check Point® Software Technologies Ltd.(NASDAQ 股票代碼:CHKP)的威脅情報部門 Check Point Research 數據顯示,2024 年第二季全球平均各組織每週網路攻擊達 1,636 次,比去年同期增加 30%;台灣各組織平均每週遭受 4,061 次攻擊,為全球近 2.5 倍。Check Point Research 同時發佈《2024 年第二季品牌網路釣魚報告》,揭示網路犯罪者企圖竊取個人資料或付款資料時最常冒充的品牌,其中微軟(Microsoft)仍是網路釣魚攻擊中最常被冒充的品牌,在所有攻擊中占比超過一半(57%);高居第二的蘋果(Apple)(10%)從 2024 年第一季的第四位躍升至第二位;領英(LinkedIn)仍位列第三,占比 7%。與此同時,愛迪達(adidas)、WhatsApp 和 Instagram 自 2022 年以來首次進入榜單前十。 在品牌網路釣魚攻擊中,科技業仍是最常被冒充的產業,其次為社交網路和銀行業。由於科技公司通常掌握各種敏感資訊,包括個人資料、財務資訊及其他帳戶的存取權限,因此成為攻擊者的重要目標。提供電子郵件、雲端儲存及線上購物等服務的微軟(Microsoft)、谷歌(Google)和亞馬遜(Amazon)等公司均榜上有名,這意味著在品牌網路釣魚攻擊中,人們更有可能對看似來自這些關鍵服務供應商的電子郵件作出回應。 Check Point Software 數據研究經理 Omer Dembinsky 強調:「網路釣魚攻擊仍是主要網路威脅之一,且往往是更大規模供應鏈攻擊活動的起點。為了防範網路釣魚攻擊,使用者應始終驗證寄件者的電子郵件地址,切勿點擊來歷不明的連結,並在帳戶上啟用多重身份驗證(MFA)。此外,使用安全防護軟體並確保即時更新也有助於檢測和阻止網路釣魚攻擊。」 2024 年第二季最常被用於網路釣魚攻擊的品牌 全球所有網路釣魚攻擊的品牌出現率排名如下: 排名 品牌 出現率 1 微軟(Microsoft) 57% 2 蘋果(Apple) 10% 3 領英(LinkedIn) 7% 4 谷歌(Google) 6% 5 臉書(Facebook) 1.8% 6 亞馬遜(Amazon) 1.6% 7 DHL 0.9% 8 愛迪達(adidas) 0.8% 9 WhatsApp 0.8% 10 Instagram 0.7% 愛迪達(adidas)網路釣魚攻擊—偽造官網頁面 2024 年第二季度 Check Point 發現多起冒充愛迪達(adidas)品牌網站的網路釣魚攻擊活動。舉例而言,adidasyeezys[.]cz(圖一)和 adidasyeezys[.]it(圖二)與合法愛迪達(adidas)網站高度相似以欺騙受害者。這些詐騙網站旨在透過假冒品牌官方網站誘騙使用者輸入其憑證和個人資訊,從而成功竊取資訊。同樣,adidas-ozweego[.]fr(圖三)和 adidascampus[.]co[.]at(圖四)也冒充愛迪達(adidas)官方平台;此外,adidasoriginalss[.]fr 目前似乎已停止進行網路釣魚活動,轉而用於刊登廣告。 Instagram 網路釣魚攻擊—誘騙登入憑證 研究人員在 2024 年第二季觀察到大量利用 Instagram 品牌實施線上詐騙的攻擊活動,Instagram 因此在受網路釣魚影響的主要品牌排行榜中躍升至第十,此為其自 2022 年以來首次上榜。近幾個月來,Check Point 發現一系列冒充 Instagram 誘騙使用者透露登入憑證的網路釣魚攻擊活動。例如,託管在 instagram-nine-flame[.]vercel[.]app/login(圖五)的網路釣魚頁面模仿 Instagram 登入介面,此假網頁託管在用於創建 React 應用程式的平台 Vercel 上,引誘使用者輸入其用戶名和密碼。 另一起觀察到的攻擊活動使用網域 instagram-verify-accoun[.]tk(圖六),雖其目前已停用,但它曾顯示引誘使用者驗證 Instagram 帳號訊息,誘騙使用者輸入個人資訊。此策略旨在利用信任,騙取使用者憑證。 關注 Check Point Software X(前身為 Twitter): https://www.twitter.com/checkpointsw Facebook: https://www.facebook.com/checkpoint.tw Blog: https://blog.checkpoint.com YouTube: https://www.youtube.com/user/CPGlobal LinkedIn: https://www.linkedin.com/company/check-point-software-technologies 關於 Check Point Software Technologies Ltd. Check Point Software Technologies Ltd.(www.checkpoint.com)是 AI 驅動與雲端交付的網路安全平台領導廠商,為全球超過 10 萬家組織提供防護。Check Point 利用無所不在的人工智慧力量,透過其 Infinity 平台提高網路安全效率和準確性,以業界領先的捕獲率實現主動威脅預測和更智慧、更 快速的回應時間。此綜合平台包含雲端交付技術,涵蓋確保工作空間安全的 Check Point Harmony、確保雲端安全的 Check Point CloudGuard、確保網路安全的 Check Point Quantum,以及用於協作安全操作和服務的 Check Point Infinity Core Services。 關於 Check Point Research Check Point Research 能夠為 Check Point Software 客戶以及整個情報界提供領先的網路威脅情報。Check Point 研究團隊負責蒐集和分析 ThreatCloud 儲存的全球網路攻擊數據,以便在防範駭客時,確保所有 Check Point 產品都享有最新保護措施。此外,該團隊由 100 多名分析師和研究人員組成,能夠與其他安全廠商、執法機關及各個計算機安全應急機關展開合作。
藉 AI 技術賦能、實現雲端交付,Check Point 強化產品線打造堅實防線,開創網路安全嶄新時代 【臺北訊,2024 年 3 月 7 日】AI 驅動與雲端交付的網路安全平台領導廠商 Check Point® Software Technologies Ltd.(NASDAQ 股票代碼:CHKP)於今(7)日分享其威脅情報部門 Check Point Research 發布的《2024 年網路安全報告》,深入探討日益複雜的網路威脅,同時回顧過去一年的網路動盪與不安。面對今年生成式 AI 帶來的多變網路攻擊,Check Point 進一步揭示全新發展策略,藉由 AI 技術賦能、實現雲端交付,推出更靈活與彈性的解決方案,協助組織應對不斷演化的威脅,擘劃嶄新網路安全時代。 Check Point 揭三大網路威脅 建議企業提升全面防禦機制透過檢視過往一年的網路局勢,《2024 年網路安全報告》指出遭勒索軟體公開的受害者增加 90%,而目前此類勒索軟體攻擊在所有 Check Point 偵測到的惡意軟體中佔一成。Check Point 事件回應小組(CPIRT)發現,將近一半的攻擊事件涉及勒索軟體,遭公開勒索的受害者飆升至約 5,000 位,較前一年增加一倍。 面對 2024 年的網路威脅,Check Point 指出企業須慎防的三大趨勢:• 勒索軟體的演進:攻擊者已改變策略,透過零日漏洞,以全新手法增強勒索軟體即服務(RaaS)。此外,高價值目標逐漸成為攻擊焦點,顯示強大防禦機制的需求正同步攀升。• 針對邊緣裝置的攻擊升溫:針對邊緣裝置的攻擊呈現持續增長,突顯涵蓋所有網路元件全面安全措施的必要性。• 駭客激進主義的興起:國家支持的駭客激進主義不斷升級,與地緣政治衝突相關的網路攻擊顯著提升。利用毀滅性資料清除程式最大化攻擊影響範圍,彰顯了網路戰不斷演變的特性。 Check Point Software 台灣區總經理劉基章表示:「面對不斷革新的網路犯罪,以及持續升溫的國家級資安威脅和駭客激進主義,組織必須作出調整;而這也是 Check Point 發展全新策略的目標,期盼藉由 AI 技術賦能、實現雲端交付,協助組織應對詭譎多變的威脅。」 Check Point 產品及技術再進化 穩固組織防線、抵禦威脅面對不停變化的安全威脅,Check Point 以 AI 技術賦能、實現雲端交付的發展策略運用在專為多變威脅所設計之 Check Point Infinity 平台,其擁有超過 50 款 AI 引擎的 Infinity ThreatCloud AI,提供業界領先的即時威脅防禦,包含零日攻擊和釣魚攻擊,每年防範超過 30 億次攻擊;對於釣魚與惡意軟體攻擊的攔截率高達 99.8%。此平台亦提供基於雲端的安全情報,不到 2 秒即可共享即時的全球威脅情報。Infinity 平台強調以預防為主的安全營運和統一管理,提供橫跨網路、雲端、物聯網、端點和行動裝置的完整威脅可視性,確保高效且全面的安全管理和營運。Check Point 近期將 AI 與雲端技術結合,推出首代 Infinity AI Copilot,提高安全團隊的工作效率與成效,並且藉由將 Infinity AI Copilot 無縫整合到 Check Point Infinity 平台,於端點、網路、雲端等環境提供一致性的安全體驗。 此外,Check Point 進一步強化其產品組合,推出 Check Point Quantum Spark 1900 和 2000,擴展針對中小型企業(SMB)的次世代防火牆系列。這些經過特別設計的進階安全閘道(器)旨在保護中小型企業免受不斷進化的網路威脅攻擊。全系列閘道(器)能滿足各種規模企業的需求,從僅有 1 名員工的公司到擁有 1,000 名員工的公司都可以支援;為中小型企業提供強大的 AI 威脅防禦能力與擴充性,同時其易於管理,這些對於網路安全資源和專業都相對有限的中小型企業而言尤其重要。 Check Point 亦宣布推出 Check Point Quantum Force 系列。此創新產品陣容由十款高效能防火牆組成,旨在滿足各種規模的企業資料中心、網路邊界、校園和企業的安全要求。Quantum Force 安全閘道搭載先進的 Check Point Infinity 平台,其整合雲端安全情報、精密的自動威脅回應系統,以及超過 50 個 AI 引擎,可提供高達 1 Tbps 的 AI 威脅防禦效能,實現高達 99.8% 的惡意軟體攔截率。Quantum Force 系列重新定義防火牆的基準,將威脅防禦效能和能源效率提高一倍,不僅擁有輕巧的 1RU/2RU 外形設計,可節省空間,並藉由統一管理,滿足最嚴格的安全需求。 關注 Check Point Software X(前身為 Twitter): https://www.twitter.com/checkpointswFacebook: https://www.facebook.com/checkpoint.twBlog: https://blog.checkpoint.comYouTube: https://www.youtube.com/user/CPGlobalLinkedIn: https://www.linkedin.com/company/check-point-software-technologies 關於 Check Point Software Technologies Ltd. Check Point Software Technologies Ltd.(www.checkpoint.com)是 AI 驅動與雲端交付的網路安全平台領導廠商,為全球超過 10 萬家組織提供防護。Check Point 利用無所不在的人工智慧力量,透過其 Infinity 平台提高網路安全效率和準確性,以業界領先的捕獲率實現主動威脅預測和更智慧、更快速的回應時間。此綜合平台包含雲端交付技術,涵蓋確保工作空間安全的 Check Point Harmony、確保雲端安全的 Check Point CloudGuard、確保網路安全的 Check Point Quantum,以及用於協作安全操作和服務的 Check Point Infinity Core Services。
A12 藝術空間
Check Point Research
請先登入後才能發佈新聞。
還不是會員嗎?立即 加入台灣產經新聞網會員 ,使用免費新聞發佈服務。 (服務項目) (投稿規範)