Last year hackers stole millions from Taiwan First Commercial bank's ATMs without using a card. This was absolutely a premeditated attack. Hackers "broke into" the voice recording server of First Bank's London branch. They started to gain administrator privilege of servers and workstations. Finally they manipulated those ATMs to spit out cash successfully. Suspects were caught at last oweing to three factors:

1.Taiwanese law-enforcement authorities(indluding skillful forensic examiner from MJIB,CIB, etc)
2.vast network of security cameras
3.sharp-eyed and enthusiastic citizens

How to improve endpoint security is a very important issue. Take ATM for example, ATM is like a self service kiosk. Customers can access their bank deposit or credit accounts conveniently. As long as these ATMs are up and running, IT administrators seldom pay attention to these ATMs.They'd like to spend time on banking systems and servers.

So how to keep ATMs safe and sound? My suggestion is to deploy some security machanism like "Trend Micro SafeLock". It could prevent intrusion and execution of any executable programs not on the whitelist. If you try to run a .exe not on the approved list, Safe Lock will block it and you will see a error message popup as below.

The keypoint is "hash value". Safe Lock will scan and calculate hash values of files in this computer. Administrators could do approved list managemnt easily.

Look at the event log and you could know what suspecious application blocked by Safe Lock, including the applcation name, full path and date.Even the exe running in command prompt could be detected and blocked with fail.

A glance at endpoint security的更多相关文章

  1. Windows Kernel Security Training Courses

    http://www.codemachine.com/courses.html#kerdbg Windows Kernel Internals for Security Researchers Thi ...

  2. SQL Server扫盲系列——安全性专题——SQL Server 2012 Security Cookbook

    由于工作需要,最近研究这本书:<Microsoft SQL Server 2012 Security Cookbook>,为了总结及分享给有需要的人,所以把译文公布.预计每周最少3篇.如有 ...

  3. CentOS7.2非HA分布式部署Openstack Pike版 (实验)

    部署环境 一.组网拓扑 二.设备配置 笔记本:联想L440处理器:i3-4000M 2.40GHz内存:12G虚拟机软件:VMware® Workstation 12 Pro(12.5.2 build ...

  4. openstack核心组件——keystone身份认证服务(5)

    云计算openstack核心组件——keystone身份认证服务(5) 部署公共环境 ntp openstack mariadb-server rabbitmq-server memcache 1.w ...

  5. OpenStack从入门到放弃

    OpenStack从入门到放弃 目录: 为何选择云计算/云计算之前遇到的问题 什么是云计算 云服务模式 云应用形式 传统应用与云感知应用 openstack及其相关组件介绍 flat/vlan/gre ...

  6. 通过例子学习 Keystone - 每天5分钟玩转 OpenStack(19)

    上一节介绍了 Keystone 的核心概念.本节我们通过“查询可用 image”这个实际操作让大家对这些概念建立更加感性的认识. User admin 要查看 Project 中的 image 第 1 ...

  7. kafka - advertised.listeners and listeners

    listeners, Listener List - Comma-separated list of URIs we will listen on and their protocols. Speci ...

  8. openstack组件之keystone

    一 什么是keystone keystone是 OpenStack Identity Service 的项目名称.它在整个体系中充当一个授权者的角色. Keystone项目的主要目的是给整个opens ...

  9. 玩转spring boot——properties配置

    前言 在以往的java开发中,程序员最怕大量的配置,是因为配置一多就不好统一管理,经常出现找不到配置的情况.而项目中,从开发测试环境到生产环境,往往需要切换不同的配置,如测试数据库连接换成生产数据库连 ...

随机推荐

  1. 编译Twitter的Heron时一直报错“heron/bazel_configure.py", line 25, in <module> import semver ImportError: No module named semver”如何处理。

    今天编译heron的时候,从官方git到的源码bazel_configure的时候一直报错如下: Traceback (most recent call last): File , in <mo ...

  2. input选择框样式修改与自定义

    html自带的选择框样式不好看,并且在ios设备上丑的罚款.所以一般都是自定义样式: 原理:将原来默认的input选择框隐藏,然后控制label的:before与:after,配合矢量图标或者图片来实 ...

  3. 2018年第一篇行动笔记:Reading Log

    今天读了盖兆泉的文章<美国教师怎么上阅读课>,觉得干货颇多,不仅仅针对儿童英语阅读,而且对生活的方方面面都有助益. 该文章主要内容摘要如下: 学生需要大量时间阅读 这里的阅读时间是特指花在 ...

  4. requireJS对文件合并与压缩(二)

    requireJS对文件合并与压缩 RequireJS提供了一个打包与压缩工具r.js,r.js的压缩工具使用UglifyJS进行压缩的或Closure Compiler.r.js下载 require ...

  5. bug运输[辽宁2014年省队互测一]

    奇奇怪怪的题目,不知道他要我们干什么. 我们观察一波局势,发现答案最大不过5.因为如果答案是6或以上的话,我们就至少要2^(5*5)个5*5的方格. 仔细计算一波时间复杂度,再信仰一波,坚信暴力压正解 ...

  6. partition length exceeds the loop-partition-table-imposed maximum of 4294967295

    问题: 当大于2T的磁盘,在用parted操作的时候,会出现这样的报错,原因是因为现在的分区表是mbr,需要修改为gpt.mbr最大支持2T的空间. 解决方法: 搞清楚问题,解决方法也很简单:mkla ...

  7. ts中interface与class的区别

    interface -- 接口只声明成员方法,不做实现. class -- 类声明并实现方法. 那么接口有什么用呢?设想如下需求: 要实现一个print函数,它将传入的对象打印出来.在实际实现上,它将 ...

  8. PHP curl请求https遇到的坑

    PHP里curl对https的证书配置默认是服务器端要求验证的,如果服务器端没有配置证书验证,则无法请求https路径.如果为了简便使用不需要配置https证书的话,配置curl时将以下两项设置为fa ...

  9. 深入理解ES6之—数据解构

    一 对象解构 对象解构语法在赋值语句的左侧使用了对象字面量 let node = { type: true, name: false } //既声明又赋值 let { type, name } = n ...

  10. 概率分布之间的距离度量以及python实现(四)

    1.f 散度(f-divergence) KL-divergence 的坏处在于它是无界的.事实上KL-divergence 属于更广泛的 f-divergence 中的一种. 如果P和Q被定义成空间 ...