IP Reputation Report-11102019

November 14, 2019 | Mina Hao

Top 10 countries in attack counts: The above diagram shows the top 10 regions with the most malicious IP addresses from the NSFOCUS IP Reputation databases at November 10, 2019.

Cybersecurity Insights-4

November 13, 2019 | Mina Hao

3.3 Recidivists “Recidivists” here refer to attack sources found to repeatedly engage in malicious activities. In the 2018 H1 Cybersecurity Insights, we pointed out that 25% of recidivists were responsible for 40% of attack events24. Considering the quantity and level of threat, these attackers should not be underestimated. By the end of 2018, the number […]

Apache Solr velocity Remote Code Execution Vulnerability Handling Guide

November 12, 2019 | Mina Hao

Vulnerability Description On October 30, @_S00pY disclosed the exploitation of Apache Solr Remote Code Execution Vulnerability, which allows attackers to implement remote code execution via velocity templates. After testing, the vulnerability can be successfully triggered, and no official security patch has been released.

What Should I Do When I Am Directed to a Macao Gambling Website Instead of the Intended Website

November 11, 2019 | Mina Hao

Incident Review In February 2019, our monitoring found that some domestic users, when accessing certain websites through their home routers, were hijacked to pornographic and gambling websites. According to our sample inspection, more than 4 million IP addresses were hijacked to about 190 domain names concerning pornography and gambling during this incident. These victim users […]

APT34 Event Analysis Report

November 9, 2019 | Mina Hao

1 Overview On April 18, 2019 a hacker/hacker organization sold a toolkit of the APT34 group, under the false name of Lab Dookhtegan, on a Telegram channel. The organization also posted screenshots of the tool’s backend panels, where victim data had been collected. Early in the middle of March 2019, this hacker/hacker organization had released […]

Information Security in the Workplace- Phishing email-v

November 8, 2019 | Mina Hao

With the advancement of IT-based transformation and the rapid development of IT, various network technologies have seen more extensive and profound applications, along with which come a multitude of cyber security issues. Come to find out what information security issues you should beware of in the workplace.

IP Reputation Report-11032019

November 7, 2019 | Mina Hao

Top 10 countries in attack counts:

Cybersecurity Insights-3

November 6, 2019 | Mina Hao

Overall Cybersecurity Situation 3.1 Attack Type Distribution Based on attack type13, DDoS contained the largest proportion of malicious IP addresses; more than half were involved in DDoS attacks. Other types of attacks that malicious IP addresses participated in included botnets, scanning, and spam.

Kibana Remote Code Execution Vulnerability (CVE-2019-7609) Threat Alert

November 5, 2019 | Mina Hao

Vulnerability Description In February 2019, an official announcement was made that Kibana had a remote code execution vulnerability. The Kibana version prior to 5.6.15 and 6.6.1 had a functional flaw in the Timelion visualization tool, which allowed an attacker to use Kibana to execute arbitrary code on the server. Currently PoC has been announced; Ussers […]

Cisco Aironet Access Points Unauthorized Access Vulnerability Threat Alert

November 4, 2019 | Mina Hao

Overview On October 17, local time, Cisco issued a security notice claiming that an unauthorized access vulnerability to Aironet Access Points (APs) was fixed. The vulnerability stems from the fact that no specific URL is filtered. An attacker can obtain the access rights of the device by constructing a malicious URL and sending it to […]