标签: 佛山桑拿

Worms, spyware … What weapons are there in the US network arsenal?

  A few days after the ransomware "Want to Cry" raged around the world, the tracing behind the scenes finally got a little clue: Kaspersky Lab in Russia and Symantec in the United States said on the 15th that this ransomware may be related to a hacker organization called lazarus. In this cyber attack, they made malicious ransomware by using the hacking tool "Eternal Blue" leaked from the National Security Agency (NSA) network arsenal.

  Reuters once reported that 90% of the expenditure on network projects in the United States was used to develop hacker attack weapons, which could invade the "enemy’s" computer network, monitor people, and paralyze or block infrastructure. Cyber security experts accuse the United States of investing heavily in developing hacking tools instead of self-defense mechanisms, making the global network environment "more insecure".

  Compiled by Wen Junhua, all-media reporter of Guangzhou Daily

  "The ransomware is not developed by the US National Security Bureau, but by criminal gangs, which may be criminals or foreign governments." Bossert, Assistant to the US President for Homeland Security and Counter-Terrorism, said in response to the "Want to Cry" ransomware incident on 15th, but he evaded the question whether the hacking tools leaked by US intelligence agencies would lead to more cyber attacks in the future.

  In fact, the leak of the NSA network arsenal that caused the ransomware rampage was disclosed as early as last August. At that time, a hacker organization named "Shadow Intermediary" claimed to have broken into the "Formula Organization" hacker organization under the NSA and stolen its network arsenal. The "shadow middleman" leaked some of the hacking tools and data through social platforms, and publicly auctioned the complete data package at a high price of 1 million bitcoins (worth about 568 million US dollars), but the hawking did not attract response and widespread attention, and eventually it was auctioned.

  Since then, the "shadow middleman" has tried several times to sell the NSA network arsenal without success. Its latest exposure of NSA network weapons was released in mid-April this year. The organization said that NSA had invaded the international banking system to monitor the capital flow between some banks in the Middle East and Latin America. The hacking tool "Eternal Blue" of NSA network arsenal is believed to have been leaked by "shadow middleman".

  Although the profit-making purpose of the "shadow middleman" has not been realized, the statement that the hacking tools it stole originated from NSA is considered to be highly reliable. Last year, when the "shadow middleman" released some hacking tools and data, Snowden, the exposer of the "Prism Gate" incident, provided an NSA "malware implantation operation manual" to prove that the cyber weapons peddled by the "shadow middleman" carried NSA’s virtual fingerprints. For example, NSA’s "Malware Implantation Operation Manual" instructs operators to use a special 16-bit string "ace02468bdf13579" when using a malware program SECONDDATE. Among the dozens of hacking tools leaked by "Shadow Broker", the tool SECONDDATE is one of them, and its related code contains a large number of this string.

  When it comes to the NSA network arsenal, you can’t avoid the "equation organization". This hacking organization is considered to be a "unwilling to admit" department of NSA, similar to the "fantasy bear" hacking organization in Russia. Before being caught by Kaspersky Lab in 2015, Equation Organization was secretly active for 15 years. According to media reports, because the time and money spent on malware development, mobile technology breakthrough and target blockade are all funded by the state, the project resources are almost unlimited, and Equation Organization has become the "best" hacker organization in the world.

  Iran, Russia, Pakistan, Afghanistan, India, Syria, and Mali are among the top 500 infections in 42 countries made by Formula Organization previously announced by Kaspersky Lab. Due to the built-in self-destruction mechanism of malware, the attack of Equation Organization is difficult to be tracked. Therefore, the hacker tools leaked from this arsenal and some previously exposed attack methods can only represent the tip of the iceberg of the NSA network arsenal.

  Some NSA cyber weapons

  The "Equation Organization" under NSA was discovered and named by Kaspersky Lab. The name comes from their preference for using powerful encryption methods in cyber attacks. In the previous network attacks, they used various attack methods, such as worms, hard disk viruses, spyware, and network-based attacks.

  Fanny worm virus

  Fanny worm is the most powerful worm, which can invade the network isolated by the gateway. Fanny worm virus uses a unique USB-based control mechanism, which is mainly realized by USB disk infection.

  There is a hidden storage area in the U disk to collect basic system information from the isolated network. When the U disk infected with worms is inserted, the collected information can be immediately sent to the attacker in the networked state. If attackers want to run instructions on the network environment isolated by the gateway, they can store the instructions in the hidden space of the U disk through a worm. When the U disk is inserted into the target computer, the worm will automatically recognize and run the instructions.

  "Shenzhen" virus

  It is reported that "Shenzhen" is the first destructive virus specially written for industrial control system, which contains the vulnerability intrusion technology of Fanny worm virus, and can attack Windows system and Siemens SIMATIC WinCC system by using seven vulnerabilities. It is said that it was jointly developed by the United States and the Israeli government.

  The structure of "Shenzhen" virus is extremely complicated and its concealment is super strong. After the computer operator inserts the infected U disk into the USB interface, this virus will gain control of the industrial computer system without any operation.

  During the attack on Iran’s nuclear facilities, the virus suddenly changed the engine speed in the centrifuge. This sudden change was enough to destroy the centrifuge’s operation ability and could not be repaired. After the centrifuge was out of control, the virus still sent a report of "working normally" to the control room, so that the centrifuge was destroyed without anyone knowing. spyware

  Regin spyware is an advanced stealth malware discovered by Symantec in 2014, which can avoid the detection of conventional anti-virus software. The malware has been accused of being used to monitor the government, companies and individuals since 2008 and is considered to be associated with the NSA.

  Symantec pointed out that Regin spy tool uses a number of stealth technologies, which requires a lot of time and resources, indirectly indicating that it is a product developed by a "country". Regin malware allows hackers to launch a series of remote Trojan attacks, including stealing users’ passwords and data, intercepting users’ mouse clicks, capturing screenshots from infected computers, monitoring network traffic, and analyzing emails from Exchange databases. Hard disk virus

  A report by Kaspersky Lab has revealed that NSA may have implanted a virus in the hard disk firmware to rewrite the hard disk firmware of the infected computer.

  According to the report, because the virus is written into firmware, it can be activated after the hard disk is powered on. This malicious firmware creates a secret information repository, which can effectively prevent military-level disk erasure and reformatting, so that sensitive data stolen from victims can still be used even after reformatting the driver and reinstalling the operating system.

  PHP intrusion code

  Equation organization has been found to use malicious PHP intrusion code to attack loopholes in Oracle’s Java software framework or IE browser, ranging from scientific and technological product evaluation to various websites of Islamic Jihad forum. This invasion is as precise as surgery, which can ensure that only one specific target is infected. In an invasion case, the PHP script of Equation Organization also paid special attention to avoid infecting the IP addresses of Jordan, Turkey and Egypt.

Year of the loong’s first day at work? These three tips will help you to be full of energy tomorrow

Today is the eighth day of the Lunar New Year.
It is also the last day of the Spring Festival holiday.
An important reminder:
I will go to work tomorrow!
Everyone is about to start from
Switch "Vacation Mode" to "Work Mode"
How to adjust the state
Welcome to the first day of construction
Please check these tips.
↓↓↓
01
It is very important to return to work.
There are ways to deal with "post-holiday syndrome"
Going to work after the holiday is worried that you can’t find the state?
Feeling listless?
Difficulties in getting up, anxiety, excessive internal heat, fatigue and irritability.
What should we do?
Don’t panic!
maybe"Postholiday syndrome"Incoming
"Postholiday syndrome"
Is "sign"Not a "disease"
"Post-holiday syndrome" refers to a series of problems that arise when people suddenly enter the tense state of work from the relaxed state of holidays, and the balance between physiology and psychology is broken.
But it is called "sign" rather than "symptom" because it is a functional disorder, not an organic lesion, and it is not a disease. Everyone can return to normal work and life after a little recovery, so don’t worry too much ~
How to deal with "post-holiday syndrome"
Try the following methods.
Yue Xiaodong, a professor at the School of Psychology of Capital Normal University, pointed out
Going to work after the holiday is not in the state
It is inappropriate to attribute it to "laziness"
Because the whole rhythm of life in the early stage was out of order.
The autonomic nerve is also messed up.
It’s not that the motive is not in place
But energy can’t keep up.
Most people need a transition period.
You can try these methods to find your status.
Adjust sleep schedule
Three meals diet rule
Moderate sports activities
Actively adjust mentality, etc.
02
Set the alarm clock to check the road conditions.
The first working day in year of the loong never starts late.
Tomorrow (February 18th) is Sunday.
But it’s also a working day.
Pay attention to setting the alarm clock.
Don’t be late tomorrow ~
The first day to work
Morning and evening peak road conditions need attention
Spring Festival travel rush Return+First Day of Resumption of Work
Increased traffic pressure
Traffic control departments of several cities have released
Early warning and travel tips for congested road sections
Beijing
There is no limit to the tail number of motor vehicles tomorrow
8:00 to 9: 00 and 17: 30 to 19:30 are the peak hours.
Zhengzhou
The peak period is from 7:30 to 8:30 tomorrow morning.
Wuhan
Four types of roads have high risk of traffic congestion.
Pay attention to the release of the local traffic control department
Get road information
Please plan ahead for work.
Travel modes and routes
Try to avoid construction and easy-to-slow sections.
03
Start working healthily, don’t ignore the cold wave, keep warm.
From today (February 17th)
Year of the loong’s first cold wave
Will affect our country from west to east.
Many areas will have severe ups and downs.
Accompanied by a wide range of rain and snow
There is freezing rain in Henan, Hubei, Hunan and Guizhou.
There is heavy snowfall in Xinjiang and Heilongjiang.
Don’t worry about collecting thick clothes.
Add clothes in time to guard against colds!
a new year
Let’s start together when we are full of energy.
I wish everyone a good start.
(Source: CCTV News)
Reporting/feedback

Solar term Chengdu | Great cold, snow has fallen in Xiling Snow Mountain.

Original title: Solar Term Chengdu | Great Cold, Xiling Snow Mountain has fallen heavily.

Every winter comes to an end.

It’s a cold year to welcome the Spring Festival.

January 20, 2024

-great cold

Winter goes and spring comes, and the years flow.

Great cold is the poetic end of winter.

It is also the beginning of a new round of solar terms.

There are three Hou in the great cold

One wait: the chicken begins to milk.Milk, used as a verb here, means reproductive feeding. Everything has been sleeping for a whole winter. At this moment, they feel the budding spring air. Chickens began to hatch chicks, and the world ushered in new life.

The second stage: the bird is severely ill.About five days after the great cold, falcons, such as eagles, will hover around in the air looking for food to replenish their energy to resist the cold.

Third stage: Shui Ze’s abdomen is firm.In another five days, the ice in the northern waters will be frozen to the center of the water, solid and thick.

The Great Cold Day in Old Chengdu:

Wei sumptuous food

Source: Dai Shuliang’s old Chengdu folk festival painting "Great Cold"

Tail teeth originated from the custom of worshipping the land as "teeth" The so-called February is the first tooth, and it will be the "tooth" every second and sixteenth day, and it happens to be the tail tooth on December 16th of the lunar calendar. Under normal circumstances, the worship of the tail teeth usually begins at 4 or 5 pm on December 16. When the tail tooth worships the land Lord, the altar will be set in front of the land Lord. There will also be a altar at the door or back door to worship the foundation owner. Sacrificial offerings include sacrificial rites (chicken, fish and pig), four fruits (four kinds of fruits, among which citrus and apple are necessary), and "spring rolls", that is, moist cakes, which are filled with bean sprouts, carrots, shredded bamboo shoots, shredded pork and coriander, and are wrapped with peanut powder, which tastes delicious. Tail teeth originated from the custom of worshipping the land Lord as "teeth" The so-called second day of February is the first tooth. From now on, every second day and sixteenth day will be the "tooth", and it happens to be the tail tooth on December 16th of the lunar calendar.

Laba porridge

When the great cold comes, every household in old Chengdu will eat Laba porridge, which means that the grain is abundant and people and animals are prosperous. Ordinary people will cook residual vegetables, noodles and red beans into porridge on this day. Rich people should add delicious dishes such as meat, chicken and delicacies when cooking porridge. Nowadays, people cook laba porridge with whole grains and peanuts and red dates.

Appreciate plums

When plum blossoms "bloom alone", it is also a good time to enjoy plum blossoms in a year. In the cold season, going to Du Fu’s thatched cottage to enjoy plums is also a custom that has been preserved in old Chengdu. Not only Du Fu Caotang, but also People’s Park, Cultural Palace, Baihuatan and other places at that time can see plum blossoms in full bloom.

Today’s cold day in Chengdu:

Sauna

In the cold winter, sauna has become a popular way of health care for many people. Sauna can not only keep warm, but also relax and detoxify.It is undoubtedly a pleasant option in winter..

Pick oranges

Winter is the season when oranges are ripe, and golden sweet oranges are covered with branches, which is the warmth and sweetness of winter. In this cold season, tasting a fresh orange can not only moisten the taste, but also bring you warm comfort.

Xiling Snow Mountain reproduces the most beautiful snow scene in the middle of winter.

"It’s easy to dry sand and soft roads when it’s slightly wet, but it’s warm and snowy and sunny when it’s cold." After an unusually warm "March 9th", today, on the third day of entering the "April 9th", along with the "Great Cold" solar terms, there is also a big reversal of cold and warm.

Affected by the nationwide cooling, Xiling Snow Mountain ushered in the first heavy snowfall in 2024. In a few hours, the whole mountain was covered with a large quilt of edelweiss, and the thickest place was at least 10cm. Xiling Snow Mountain has opened the most beautiful snow scene mode in winter. Snow leaves are stained with frost, and the sky is full of clouds and clouds at sunrise. Such a beautiful Xiling Snow Mountain is waiting for you!

Great cold solar terms meet cold wave crit

Quick freezing "doubles", adding cold to cold.

Remind friends to pay attention to keeping warm and keeping out the cold.

Editor | Deng Ying

-Recommended reading-

Strong cooling is coming! Will it snow in Chengdu?

Recent popular videos

Editor in charge:

The Table Tennis World Cup will be held in Macau, China in April 2024.

On December 11th, according to Mi Gu Sports, the ITTF announced that the men’s singles World Cup and the women’s singles World Cup will return at the same time, and the competition will be held in April, 2024 at the Galaxy Variety Hall in Macau, China.

Liu Guoliang, Chairman of the Board of Directors of WTT World Table Tennis Federation, First Vice Chairman of ITTF and Chairman of China Table Tennis Association, said: "In April next year, the men’s and women’s singles World Cup will return to Macau, and table tennis fans from all over the world are welcome to gather in Macau again."

[Source: Mi Gu Sports]

Disclaimer: The copyright of this article belongs to the original author. If there is any source error or infringement of your legitimate rights and interests, you can contact us through email, and we will deal with it in time. E-mail address: jpbl@jp.jiupainews.com

Reporting/feedback