What personal data we collect and why we collect it
Comments
When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.
An anonymized string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service privacy policy is available here: https://automattic.com/privacy/. After approval of your comment, your profile picture is visible to the public in the context of your comment.
Media
If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.
Contact forms
Cookies
If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.
If you visit our login page, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.
When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.
If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.
Embedded content from other websites
Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.
These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website.
Analytics
Who we share your data with
How long we retain your data
If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue.
For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.
What rights you have over your data
If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.
Where we send your data
Visitor comments may be checked through an automated spam detection service.
Your contact information
Additional information
How we protect your data
What data breach procedures we have in place
What third parties we receive data from
What automated decision making and/or profiling we do with user data
全球網路安全解決方案廠商Check Point Software Technologies Ltd(NASDAQ股票代碼:CHKP)的威脅情報部門Check Point Research發佈「網路攻擊趨勢:2023年中資安報告」,內容指出全球第二季每週遭受的網路攻擊次數遽增 8%,創2年來最大增幅,突顯攻擊者巧妙結合新一代AI人工智慧與USB等傳統工具來發動破壞性網路攻擊。此外,因新型勒索軟體團體出現,2023上半年的攻擊隨之加劇;平均每間台灣企業在上半年遭到3,245次攻擊,居全球之冠,較去年同期增加10%。
2023年中資安報告揭露,今年主要的網路攻擊趨勢與行為,包含攻擊方式升級,勒索軟體組織不斷精進其攻擊手法,利用常見的企業軟體漏洞,並將策略從資料加密轉向資料竊取;另外,USB再度成為重大威脅來源,由國家支持的勒索軟體組織和網路犯罪分子正在利用 USB 作為感染全球組織的威脅途徑。
再來是駭客激進主義興起,受政治動機驅使的勒索軟體組織向特定目標展開攻擊;以及濫用AI的情形加劇,生成式 AI 工具被用於製作網路釣魚電子郵件、鍵盤側錄程式,以及基礎勒索軟體程式碼,因此需要採取更有力的監管措施。
Check Point Software研究副總裁Maya Horowitz表示,從今年上半年網路攻擊趨勢可看出,勒索軟體和駭客激進主義等常見威脅更蓬勃發展,勒索組織調整其手段和工具,企圖感染和影響世界各地的組織,使USB這種傳統工具也被拿來作為傳散惡意軟體的媒介。他建議,各組織需要制定彈性的資安防禦策略,並採用以預防為主的整合式解決方案,以強化防禦能力。
