Cisco: Java became the biggest culprit in 2013 cyber attacks

In Cisco's 2014 Annual Security Report, Cisco sees Oracle's Java language as the biggest blackout behind global security vulnerabilities. Java is now almost the most premeditated cyberattack. Important weapon. .

Cisco pointed out in the report that IT companies experienced large and small security risks and attacks in 2013, but no technology should be blamed more than Java. It is reported that in all forms of network intrusion in the world in 2013, hacker attacks based on Java contributed up to 91%.

Levi Gundert, a threat researcher who is also the author of the Cisco technology department, believes that Java is now almost the most important weapon for all premeditated cyber attacks.

“I was surprised to find that Java-based hacking accounts for 91% of all forms of network intrusion in the world in 2013. Some of these attacks use Java's zero-day attack, also called zero-day attack. Attacks, that is, security vulnerabilities and related vulnerabilities occur in the same day, the related malicious programs appear a form of vulnerabilities, and a large part of the use of Java vulnerabilities we already know. Special said.

In fact, Cisco is not the only company that has seen an increase in the number of Java-based hacking attacks in 2013, including HP and the industry-renowned Kaspersky Lab. On Saturday, local time, Oracle pushed updates to Java again. This update covers 51 known vulnerabilities.

"2013 can be said to be a year of Java vulnerabilities," Gondete added.

In addition, Gondt also believes that another reason why Java vulnerabilities are so easy to become hackers is that people usually don't update them on time. But at the same time, due to the excellent compatibility of Java, the language has been popular among enterprises and developers.

Gundt said: "The challenge now is that because of the huge number of applications written in the Java language, it is not an easy task to release the update patch. For enterprise users, the challenges they face are even more daunting."

Moreover, simply releasing the update patch is hard for Java to be foolproof, because in 2013 we saw a lot of Java zero-day attacks, which are even daily for the US Department of Labor. The work has had a huge impact.

Considering that enterprise users can't just prevent the occurrence of similar attacks by disabling Java, Gundert also provides some suggestions for prevention in the report. He believes that the most important point in preventing such attacks is that users are more vigilant.

“For example, when a page opened by a user contains some ambiguous Java scripts, the user needs to check if they have been redirected. Because most regular websites don’t use ambiguity or concealment. The Java scripting language will not redirect users before they are licensed by the user," Gondard added.

In addition to the apparent upward trend in the number of hacker attacks based on Java vulnerabilities, Cisco also pointed out some other key data in the technology industry in the 2014 Annual Security Report. Among them, the number of cyberattacks in 2014 increased by 14% compared with last year, and intellectual property-intensive industries such as pharmaceutical, mining and electronics industries have become the preferred targets of cybercriminals. Even more surprising is that among the 30 large multinational companies selected by Cisco, they all visited websites containing malware in 2013.

“We were very surprised to see that this ratio is as high as 100%. So the question now is not whether these companies will have security holes, but how long they need to be aware of this problem and Patched," Gondete added.

In addition to the growing number of companies facing security issues, Cisco also pointed out a human resource issue facing the technology industry. Specifically, the number of practitioners in the IT security field will reach a gap of 1 million in 2014.

“2013 is a very bleak year considering the threats we have experienced. No matter what kind of security tools you have on hand, if you don’t have the right staff to stay in this position, it’s still difficult to protect your IT. Safety.” Gondard finally said.

Electric Quartz Heater is a new type of integrated electric heating product with far-infrared radiation milky white quartz tube, ultra-high-quality insurance coefficient of nickel chromium alloy resistance wire, which could heat evenly and only the price of imports heater 1 / 4.

Quartz tube heating element
Such products mainly by the sealed electric components, parabolic or circular surface reflector, protective strip, power adjustment switch and other components. It is made of quartz radiation tube for the heating element, the use of far infrared heating energy-saving technology, so far far infrared radiation components issued by far infrared absorption of objects, directly into the heat to achieve the purpose of heating, while far infrared can also produce physical therapy. The heater is equipped with 2 to 4 quartz tubes, the use of power switch to make part or all of the quartz tube into work. Quartz tube by the electric wire and quartz glass tube composition. Quartz tube heater is characterized by fast heating, but the heating range is small, easy to produce open flames, and consumption of oxygen, although the previous low sales because of the price is good, but has clearly showed a downward trend.

Quartz Heater

Quartz Heaters, Quartz Space Heater, Electric Quartz Heater, Portable Quartz Heaters

Ningbo APG Machine(appliance)Co.,Ltd , http://www.apgelectrical.com

This entry was posted in on