zm = after the end of the Miscellaneous Fur Internet Incident.

On the first day, the United States announced that it had confirmed that the hacker who attacked the root server of the Internet domain name was "zm = miscellaneous hair", and the US cybersecurity department offered a reward of 500,000 US dollars for the global wanted zm = miscellaneous hair. Coupled with the previous 300,000 bounty in the UK, the total value of ZM = miscellaneous hair has soared to $800,000.

The next day, the Chinese side said that there was no evidence that zm = miscellaneous hair was a Chinese hacker.

On the third day, ZM raised his stick again and started a new round of beating, and this time the target of their beating turned out to be Verisign.

Many people in the industry fell all over the ground looking for their chins, I wipe, why is this so incomprehensible, it is said that zm and Chinese hackers "zm = miscellaneous hair" should be life and death rivals, zm = miscellaneous hair attacked Verisign, and then was wanted by the United States, even if zm does not jump out, it should be secretly stealing fun, how can it jump out at this time to knock on Verisign, you should provide clues to the United States, right.

ZM released a video confirming the unreliability of the SSL encryption service provided by Verisign, and although the video shielded key technical steps, it was still clear that ZM easily obtained the information content of the SSL encrypted communication and intercepted a user's bank account and transaction data without the help of any tools.

In the field of SSL encryption, Verisign has always been in a dominant position, and ninety out of five of the world's top 500 companies have used the SSL certificate service provided by Verisign; More than 90% of the world's 40 largest banks use SSL certificate services provided by Verisign; More than half of China's banks use Verisign's SSL certificates; Among the world's 50 largest e-commerce websites, 47 of them use SSL certificates provided by Verisign, and Alipay, the largest online payment platform in China, also uses Verisign's SSL certificates.

At the same time, ZM pointed out that Verisign has long known that its SSL encryption is unreliable, but it has been selling and promoting it, and it cannot be ruled out that Verisign has attempted to monitor users' encrypted communication data.

Verisign was first humiliated by ZM = Miscellaneous Mao, and then slapped in the face by ZM, and immediately stood up and said: Verisign's SSL encryption service is unbreakable and can stand the test, and it has also been unanimously praised by customers, who believe that ZM's video content is only a part of the interception, which does not confirm that the attack is reliable.

Since ZM knocked on the stick, everyone has passively accepted it, and no one has ever argued, knowing that ZM's existence is limited to the security community, although Hu Yifei previously announced ZM's hacker ranking, so that ZM began to surface, but the strength is also very limited. Verisign's rebuttal made ZM really appear in the public eye for the first time.

On the fourth day, ZM continued to raise the stick, and instead of arguing with Verisign on SSL, he revealed an even more shocking piece of news.

ZM released a screenshot of the transaction, confirming that Verisign had obtained the PDF vulnerability in the Oldobie software from Carrot's trading platform eight months ago.

At this time, even Odobi was involved, and Odobi hurriedly issued a statement, saying that he did cooperate with Verisign in the "Security Vulnerability Contributor Program", but Verisign has not yet delivered the information about this vulnerability to himself.

Verisign got the vulnerability information in the Toolobie software, but did not give it to Adobe, so what was the vulnerability used for 8 months?

This time, Verisign himself was also yellow mud and lost his crotch, not but either, although he jumped out to explain, saying that it might have been forgotten by the staff. But this can't dispel everyone's suspicions at all, and some people are even already speculating whether the previous theft of British secrets is also related to Verisign?

On the fifth day, ZM continued to slap Verisign, this time saying that the domain name managed by Verisign was at risk of being hijacked.

Verisign argued the first time, explained the second time, and this time, they didn't even have the courage to explain, but they still didn't escape their fate. Not long after the ZM announcement, Google's domain name was suddenly hijacked to Verisign's website, and the huge traffic caused the Verisign website to crash instantly. Verisign then repaired Google's domain name, but did not say anything about the incident.

For three days in a row, ZM's dog beating stick, dancing so that a tiger and tiger are angry, so that many people in the industry are addicted to it, Verisign in front of ZM, can only hold the head of the mouse, not even a little power to fight back, which is completely out of everyone's expectations, but Verisign is also an authoritative security agency.

Hei Tian was completely immersed in excitement at this time, ZM's counterattack was really unexpected by him, and no one expected that there would be such a turn of the washing utensils in advance. Heitian's motto is "A righteous man and a gentleman can't defend the country", so he contacted his superiors as soon as possible and asked to launch a counterattack, so that people were bullied in vain, and he couldn't say nothing, so the country raised so many people, it was better than a zm = miscellaneous hair.

Fools can see that the domain name is invalid, Google China closes its servers, and MSN China stops instant messaging services, all of which are a set of attack steps planned in advance, and the United States' move is intended to make China understand who is the boss of the Internet.

On the sixth day, ZM didn't come out to dance the stick again, which made everyone a little depressed, and said that ZM also had a weekend.

However, although everyone didn't see the excitement on ZM's side, in other places, everyone watched it more enjoyable.

China suddenly announced today that after investigation and analysis, the hackers who previously attacked China's major community websites took advantage of a common vulnerability in Microsoft's 32-bit operation system, and then the China Internet Emergency Response Center issued a temporary patch to remind all users who have installed and used Microsoft's operation system to install patches.

"Common vulnerabilities?"

As soon as these four words came out, all the people in the security community were shocked! People may think that the hackers who attacked China's network are from Iran, but these people are not stupid, they are responsible for the security of their countries' networks, and they know the truth of this cyber incident very well. The U.S. uses a common vulnerability in Microsoft's system to attack China, which means that it could suffer the same attack itself, and most importantly, why does there exist a common vulnerability in Microsoft's operating system, and why do Americans know about this vulnerability but don't fix it?

As the hacking incident intensified, the fire burned to Microsoft, which said that it was not aware of the general vulnerability, but would contact the Chinese side as soon as possible to obtain detailed information about the vulnerability.

Two hours later, Microsoft issued an announcement that said nothing about the vulnerability, only that it would release a patch for the vulnerability in the fastest possible time.

Microsoft has to compete with others this time,The vulnerability information negotiated from the Chinese side,It has been proven to be completely reliable,If Microsoft doesn't act quickly,At most, in a few hours,Someone will reverse analyze the vulnerability from the temporary patch released by China,Don't say that you don't know why there is this vulnerability,That is, Microsoft's brand may be smashed,This vulnerability is completely a seckill type,It's simply a weapon for instantaneous intrusion。

For a software company, it is not uncommon for one of your products to have a vulnerability, but if a vulnerability can cover all your software products in the entire series, and the time span is more than ten years, this is very abnormal, especially for a long-term monopoly of the enterprise, it is light to question your brand reputation, and it is the most fatal to suspect the ulterior intentions behind you.

They have no idea when China has mastered this general vulnerability, how long has it been, whether they have used this vulnerability to carry out any attacks and theft of secrets, and whether the United States has any losses. When I think about it now, it really sends chills down my spine.

This stick woke up the Americans, and they suddenly found that China is no longer the student who didn't know anything in the field of computer level, and after so many years of catching up, China is fully equipped with the ability to compete with the United States, and the United States can no longer launch cyber attacks at will to deter and sanction.

After another two hours, Microsoft broke the convention again and released a patch for the vulnerability, which is a common vulnerability for all 32-bit operating systems.

But Microsoft's nightmare isn't over.

On the seventh day, ZM pulled out a big stick and also announced a general vulnerability in Microsoft's operating system, and released a temporary patch.

On the same day, Microsoft launched the upgrade process again and released an official patch.

On the eighth day, the mysterious hacker "Sky Eye" also announced a general vulnerability in Microsoft's operation system on the Wolf's Den forum, and like others, he also left a temporary patch.

On the same day, Microsoft released an official patch again and used MSN to remind users to upgrade their systems as soon as possible.

In the space of three days, three common vulnerabilities, and the credibility of Microsoft's system was lost. Although Microsoft released patches in a timely manner and still occupies a dominant position in the field of operating systems, Microsoft itself knows in its own heart that the network security departments of many countries are afraid that they have begun to formulate plans, and it is likely that they will gradually reduce Microsoft's share in the operating system market through a series of means, and the Microsoft system has become a thunder that will explode at any time in their hearts.

On the ninth day, ZM's website was completely revamped, and its own domain name was launched, and then it officially announced its entry into the field of high-end network security. At the same time, Google has also announced that it will soon launch its own personal production system.

On the tenth day, Figo Security issued an announcement, announcing the acceptance of venture capital, the company's registered capital increased to 2 million, and at the same time changed its name to Figo Software Company, and the company's website will be revised within a month.

It's just that Figo's influence is too small, and only Lao Scratch shouted after seeing Figo's announcement: "The wolf is coming!" ”

(To be continued)