Compromises, attacks and vulnerabilities!
The CrowdStrike Falcon platform is a combination of big data technology and endpoint security driven by advanced threat intelligence. CrowdStrike Falcon enables enterprises to identify unknown malware, detect zero-day threats, pinpoint advanced adversaries and attribution, and prevent harm from targeted attacks in real-time.
A large security vulnerability in OpenSSL called "Heartbleed" has been exposed, which allows hackers to enter affected websites without leaving any trace and steal user data. Hackers can launch attacks on websites that use https (this vulnerability exists). Each time they read 64K data in the server's memory, they can repeatedly obtain it. The memory may contain the user's original HTTP request, user cookies, and even clear text account passwords, etc.
In order to help users cope with this incident, the online password management tool LastPass immediately launched a special detection tool to detect whether the website used by the user has updated certificates, so that users can change their passwords with confidence and continue to log in and use these website.
Now, LastPass has launched a new fully automated testing tool: this tool can automatically check whether the websites stored by users are threatened by this vulnerability, and whether the passwords of these websites need to be changed now. Users can directly click on the LastPass icon to open the menu and click "Security Check" to complete automatic detection of stored websites.
The OpenSSL vulnerability is also a computer "Heartbleed" vulnerability, which shows its seriousness and danger. This high-risk vulnerability poses a huge threat to our personal privacy and property security, and many websites such as email addresses are affected by it. No matter how secure the user's computer is, as long as the website uses a vulnerable version of OpenSSL, hackers may monitor the user's login account and password in real time when logging into the website. Therefore, it is very important to download a reliable and practical vulnerability checking tool!
According to my observation, in the face of this vulnerability crisisTencent Computer ManagerIt was the first to react. It has updated the OpenSSL vulnerability warning function. Any user who logs in to a website with this serious vulnerability will be prompted to intercept it. At this juncture, time is life and money. You should download it immediately and check your computer! And when logging into a website that requires input, it is best to make sure that the website has undergone a comprehensive system vulnerability upgrade, and enter the password carefully!
it works
it works
it works