- Everything is everything
- After winter, must come spring
- EKS kubernetes
- aws farnet
- aws lambda
- aws Aurora
- aws IoT
- aws Sumerian
- aws cloud9
- stop and resume on spot
- save up to 90% on spot fleet
2018年1月31日 星期三
AWS re:INVENT 2017 recap
TrendLabs: Digital Extortion: A Forward-looking View
2018年1月29日 星期一
Plex: Virtual Reality on Daydream
You can now experience your movies and shows in dazzling virtual reality with Plex on Google Daydream. From an upscale condo to an enchanting drive-in, you’ve never experienced your media like this before AND you can share the love! Interact with different scenes and chat with friends while you Watch Together (available with Plex Passbut free for the first week!). Click for more details about virtual reality, device requirements, and co-watching.
2018年1月28日 星期日
TrendLabs: Malvertising Campaign Abuses Google’s DoubleClick
Figure 1. Activity of the malvertising campaign from January 18-24
REF: https://blog.trendmicro.com/trendlabs-security-intelligence/malvertising-campaign-abuses-googles-doubleclick-to-deliver-cryptocurrency-miners/
2018年1月27日 星期六
2018年1月26日 星期五
TrendLabs: Lazarus Campaign Targeting Cryptocurrencies
Figure 2: Malicious CHM file used as RATANKBA lure
REF: https://blog.trendmicro.com/trendlabs-security-intelligence/lazarus-campaign-targeting-cryptocurrencies-reveals-remote-controller-tool-evolved-ratankba/
2018年1月25日 星期四
Plex: New year, new Xbox One
The newest update to Plex for Xbox One brings so many improvements under the hood, you'd think it was a completely new app! We've brought the heat with new audio, video, and photo players. What else? How about direct streaming HEVC for Xbox One S and One X! Enjoy an even smoother, more beautiful experience using Plex and update right from your Xbox. |
GET THE DETAILS |
2018年1月24日 星期三
Puppet highlights in 2017
|
2018年1月23日 星期二
TrendLabs: Motivations and Methods of Web Defacement
Cybercrime takes on many forms, but one of the long-standing tactics attackers use is web defacement—the act of compromising and vandalizing a website. Typically, these attackers—known as web defacers—replace the original page with their own content, boldly stating a political or social message. This is not a new phenomenon, but it is an enduring one. We’ve analyzed data that goes back almost two decades, and we’ve seen how the process of web defacement is still being used nowadays.
REF: https://blog.trendmicro.com/trendlabs-security-intelligence/hacktivism-web-defacement/
REF: https://blog.trendmicro.com/trendlabs-security-intelligence/hacktivism-web-defacement/
2018年1月22日 星期一
2018年1月21日 星期日
TrendLabs: Server Exploits Used For Cryptocurrency Mining
Figure 3. Number of hits in November – December
REF: https://blog.trendmicro.com/trendlabs-security-intelligence/struts-dotnetnuke-server-exploits-used-cryptocurrency-mining/
FSF: Intel Management Engine – Take Action
If there is an event at your university or in your community addressing the Intel chip bugs, we urge you to distribute printed copies of our report on the Intel ME by Denis GNUtoo Carikli, with the following foreword by Free Software Foundation president Richard Stallman:
Meltdown and Spectre are errors. Grave errors, to be sure, but not evidently malicious. Everyone makes mistakes.
Intel has done far worse with its CPUs than make a mistake. It has built in an intentional back door called the Management Engine.
Important as these bugs are, don't let Intel's mistakes distract you from Intel's deliberate attack!
2018年1月19日 星期五
TrendLabs: GhostTeam Adware can Steal Facebook Credentials
2018年1月18日 星期四
ADMIN: First Malware for macOS in 2018
“OSX/MaMi isn't particular advanced - but does alter infected systems in rather nasty and persistent ways. By installing a new root certificate and hijacking the DNS servers, the attackers can perform a variety of nefarious actions such as man-in-the-middle'ing traffic (perhaps to steal credentials, or inject ads),” wrote Wardle.
REF: http://www.admin-magazine.com/News/First-Malware-for-macOS-in-2018
REF: http://www.admin-magazine.com/News/First-Malware-for-macOS-in-2018
2018年1月17日 星期三
TrendLabs: UK Conviction Arises out of Trend Micro and NCA Partnership
Figure 1. Advertisement for Cryptex listing many of its features
REF: https://blog.trendmicro.com/trendlabs-security-intelligence/uk-conviction-arises-out-of-trend-micro-and-nca-partnership/
DNS resolution change for Google Compute Engine
In the coming months, all VMs in newly created Compute Engine projects will use zonal DNS names by default. These VMs' DNS configuration will differ from current VMs in the following ways:
- The "search" entry in resolv.conf ("c.[PROJECT_ID].internal") will be changed to "[ZONE].c.[PROJECT_ID].
internal" - The VM domain name ("c.[project-id].internal") will be changed to "[zone].c.[project-id].
internal" - The VM fully-qualified domain name ("[vm-name].c.[project-id].
internal") will change to "[vm-name].[zone].c.[project- id].internal"
2018年1月15日 星期一
International Shopping in Amazon App
REF: https://www.amazon.com/gp/b/ref=pe_3518040_264868100_pe_btn/?node=17052338011
2018年1月14日 星期日
TrendLabs: Patch Tuesday Fixes Meltdown and Spectre
This year’s first Patch Tuesday is a busy one. Microsoft released 56 updates that include patches for the Meltdown and Spectre vulnerabilities. The patches also addressed security issues in Windows OS, Internet Explorer, Edge, Office, ChakraCore, ASP.NET, and .NET Framework. Sixteen were rated critical and 38 important, 20 of which can result in remote code execution (RCE).
REF: http://blog.trendmicro.com/trendlabs-security-intelligence/januarys-patch-tuesday-fixes-56-security-issues-including-meltdown-spectre/
REF: http://blog.trendmicro.com/trendlabs-security-intelligence/januarys-patch-tuesday-fixes-56-security-issues-including-meltdown-spectre/
2018年1月13日 星期六
2018年1月11日 星期四
The Best Advice For Remote Work Success From 10 Global Teams
REF: https://blog.trello.com/remote-work-team-success-guide
2018年1月10日 星期三
TrendLabs: Malicious App Signs Users Up for Premium SMS Services
Figure 1. Swift Cleaner, the malicious app posing as an Android cleaning app
REF: http://blog.trendmicro.com/trendlabs-security-intelligence/first-kotlin-developed-malicious-app-signs-users-premium-sms-services/
2018年1月8日 星期一
Multitasking: How To Do It The Right Way
Multitasking: is it actually a good thing? Scientific research suggests there are ways to manage multiple tasks effectively.
REF: https://blog.trello.com/why-multitasking-is-good-for-you
2018年1月7日 星期日
TrendLabs: Understanding Meltdown and Spectre
Solutions and best practices
Users have no way to mitigate this threat; the responsibility of doing so ultimately falls on vendors who have released multiple patches to mitigate Meltdown. Microsoft has released documents that cover both server and client versions of Windows:
- Windows Server guidance to protect against speculative execution side-channel vulnerabilities
- Windows Client Guidance for IT Pros to protect against speculative execution side-channel vulnerabilities
Note that in order to receive automatic updates from Microsoft, a registry key must be in place on the affected system. Details can be found in this article.
Apple’s December updates for macOS (released last December 2017) already resolved this vulnerability as well. As noted earlier, patches for Meltdown have been merged into the Linux kernel. It is up to individual vendors to release this update for their distribution; some vendors such as Debian, Red Hat, and SUSE have released bulletins and patches as appropriate.
REF: http://blog.trendmicro.com/trendlabs-security-intelligence/speculation-risky-understanding-meltdown-spectre/
2018年1月6日 星期六
Graylog v2.4.0 of 2018
|
2018年1月5日 星期五
TrendLabs: Apps Disguised as Security Tools
Figure 1. Malicious apps found on Google Play, detected by Trend Micro Mobile Security
We notified Google of these apps, and at the time of writing all the apps have been removed from Google Play.
REF: http://blog.trendmicro.com/trendlabs-security-intelligence/apps-disguised-security-tools-bombard-users-ads-track-users-location/
2018年1月4日 星期四
Diving Into Deep Work Theory
REF: https://blog.trello.com/deep-work-productivity-interview-with-cal-newport
“Many think that focusing without distraction is a habit, like flossing their teeth—something they know how to do but simply need to make time to do more often. The reality, however, is that deep work is a skill, like playing the guitar—something that you shouldn’t expect to be good at if you haven’t been practicing.”
2018年1月3日 星期三
2018年1月2日 星期二
2018年1月1日 星期一
TrendLabs: New GnatSpy Mobile Malware Family Discovered
Figures 1 and 2. Old and new receivers and services
REF: http://blog.trendmicro.com/trendlabs-security-intelligence/new-gnatspy-mobile-malware-family-discovered/
Does Remote Work Increase Our Risk Of Impostor Syndrome?
The impostor phenomenon, also known as impostor syndrome, has been generating buzz in psychology and business circles since the 1970s. Common symptoms of impostor syndrome include feeling under-qualified for (or unworthy of) your job, even though success after success proves your abilities. Although you and everyone in your network considers you high-performing, you live with a persistent fear of being exposed as a fraud.
REF: https://blog.trello.com/does-remote-work-increase-impostor-syndrome-risk
訂閱:
文章 (Atom)