Easy Shield business risk control, the weekly newsletter reported notable security technologies and events, including, but not limited to, content security, mobile security, business security and network security to help businesses be vigilant, avoid these like a small real big, healthy development of the business impact Security Risk.
1, two high "interpretation" makes Internet arena panic-stricken: Risk control is not in place have a chance to crime
Recently, Supreme and Supreme Procuratorate jointly issued a "judicial interpretation." From the major giants have sniffed out "murderous", with the political sensitivity of the companies are immediately reviewed and strengthened risk control efforts penalties for violations, but also have launched a variety of cautionary announcement.
2, Shanghai prosecutors: involving several Internet companies increased significantly in criminal cases
According to news Liberation Daily, 2015-2019 June, the Shanghai Putuo District People's Procuratorate for examination and prosecution handled all types of criminal cases involving Internet companies 70 44, the number of cases and the number of people involved was significantly increased. For the development of the Internet features of area businesses, Putuo Procuratorate yesterday released the "Internet enterprise risk prevention and control of common criminal law tips", summed leakage of personal information of citizens, common risk point of intellectual property protection, Internet technology applications and made recommendations for the prevention and control of enterprise , build a strong "firewall", the healthy development of enterprises escort.
3, dark online sale of Indian payment card details of 1.3 million
Group-IB is a Singapore-based network security company, recently, the company detected a massive database that could save more than 1.3 million bank customers in India recorded credit and debit cards, and in October 28 uploaded to the Joker's Stash. Dark net value of the database of close to $ 130 million.
4, the network platform for the disclosure of user information may incriminate more than 500
According to Xinhua News Agency reported that since November, including the disclosure of user information network platform may incriminate more than 500 laws and regulations, including into effect. Criminal law, a network service provider does not fulfill the information network security management obligations under the laws and administrative regulations, the regulatory authorities ordered to take corrective measures and refuses to make corrections, resulting in disclosure of user information, the consequences are serious, three years imprisonment, criminal detention or control, or impose a fine.
5, triggered by a malicious GIF file RCE vulnerability, affected more than 40,000 applications
Earlier this month, security researchers @Awakened Singapore disclose articles on WhatsApp (versions prior to 2.19.244) exist RCE vulnerability (CVE-2019-11932) use, the vulnerability is triggered by mistake Android-gif-Drawable open source library double-free . 43619 GIF using the open source library to develop Android APP may be affected by the vulnerability worldwide.
6, the European Union asked Google to Facebook to do more to combat false news
The European Commission said recently, Facebook, Google and Twitter have to do more to solve the problem of false news, or face regulatory action. In fact, it issued the threat a year ago at the European Commission, Microsoft and Mozilla and other US technology giants have signed a voluntary code of conduct and seven European trade organizations, to combat false news. But critics point out that the measures taken by these companies since the signature is not enough.
7, micro-blog combat illegal recommended shares of class information, such as shutting down @ Golden Eagle Jiepan 37 Financial accounts
Microblogging released to combat illegal recommended stocks and other illegal information processing announcement shows that in order to implement the main responsibility of enterprises, strictly implement the "community Convention microblogging", "microblogging Code of Business Conduct approach" regulations, the station square take customer complaints, to impersonation accounts, defrauding by false certification materials, diversion to illegal marketing information outside the station platform QQ group, micro-channel group number and other public investigation and treatment by centralized microblog posts, private messages and other channels.
8, extortion software, mobile malware attacks will surge in 2020
According to the latest forecast of Check Point Software, targeted extortion software, mobile malware and sophisticated phishing attacks and other cyber threats will be upgraded in 2020. Meanwhile, artificial intelligence, network security and faster response to security and other defense capabilities will be enhanced to help protect businesses from imminent threat. Check Point Overview "critical security and related trends" in the blog post, which includes a series of technology trends can be used to attack the system and alleviate the threat.
