Month: January 2017

NSFOCUS Launches Global Threat Intelligence Platform to Defend Against Sophisticated Cyber Attacks

January 30, 2017

As New Threat Actors and Vulnerabilities Emerge, NSFOCUS Provides the Most Complete Insight into Evolving Threats with Real-time, Actionable Intelligence Santa Clara, Calif., January 30, 2017 – NSFOCUS, a global provider of intelligent hybrid security solutions, today announced the launch of its Global Threat Intelligence platform. In the world of cyber attacks, 2016 may go …read more

“Shifu” Banking Trojan – Technical Analysis and Recommendations

January 27, 2017

By: NSFOCUS Security Labs

Overview

The banking Trojan “Shifu” was discovered by the IBM counter fraud platform in April, 2015. Built on the Shiz source code, this Trojan employs techniques adopted by multiple notorious Trojans such as Zeus, Gozi, and Dridex. This particular Trojan targeted 14 banks in Japan and re-emerged in Britain compromising 10 banks on September 22, 2015. On January 6, 2017, Palo Alto Networks issued an article indicating that the author of this Trojan re-engineered the exploit in 2016. Specifically, this Trojan at its early stage obtained system privileges of the attacked host by exploiting the vulnerability CVE-2015-0003, but now achieves its purpose by leveraging the Windows privilege escalation vulnerability CVE-2016-0167. (more…)

ElasticSearch Hit by Ransom Attack

January 26, 2017

By: Dr. Richard Zhao, SVP of Global Threat Research, NSFOCUS

Overview

During the week of January 21, 2017, over 34,000 vulnerable MongoDB databases fell victim to a ransom attack. Data residing on these databases was erased or encrypted and bitcoin payment was demanded in lieu for return of the data. Moreover, on January 18th, 2017, several hundred ElasticSearch servers were hit by a ransom attack within a few hours, and data housed on those servers were erased with ransom demands. The methods that were used to attack the ElasticSearch servers where extremely similar to the exploit that was used in the MongoDB attack. Security researcher Niall Merrigan (who had been following up the MongoDB database compromise) stated, “till now, over 2711 ElasticSearch servers have been attacked.” Many of the victims reside in the USA, with a few outliers in Europe, China, and Singapore. (more…)

NSFOCUS introduces comprehensive web application security solution

January 26, 2017

Vigilance Security Magazine – Complex attacks on web-based applications are on the rise, accounting for approximately 40 percent of all data breaches in 2016. To combat this growing threat, NSFOCUS has introduced its Web Application Security solution to ensure enterprises are equipped with the most comprehensive application-layer protection against web attacks that can result in …read more

DDoS attacks: here to stay

January 24, 2017

SC Magazine UK – 2016 was a year of record breaking DDoS attacks, SC’s Roi Perez discusses why they are here to stay and what can we expect in 2017

Atomic fragments running amok: time to take IPv6 security seriously?

January 24, 2017

PC Authority AU – The danger of atomic fragments in the 20-year-old IPv6 protocol have been known for a long time, so why are sys admins still failing to harden their networks against this vulnerability?

NSFOCUS Introduces Comprehensive Web Application Security Solution

January 24, 2017

NSFOCUS Web Application Firewall and Web Vulnerability Scanning System identify vulnerabilities to enable smart patching and ensure protection against web attacks, data breaches and downtime Santa Clara, Calif., January 24, 2017 – Complex attacks on web-based applications are on the rise, accounting for approximately 40 percent of all data breaches in 2016. To combat this …read more

Atomic fragments running amok: time to take IPv6 security seriously?

January 23, 2017

SC Magazine UK – The danger of atomic fragments in the 20-year-old IPv6 protocol have been known for a long time, so why are sys admins still failing to harden their networks against this vulnerability?

Dark Reading: 2017 IT Forecast: Cloudy With A Chance Of Security Concerns

January 18, 2017

Dark Reading – Public cloud adoption and security concerns are expected to grow as more businesses transition to the cloud.

NSFOCUS Appoints Lin Xu to Vice President of Engineering

January 17, 2017

Santa Clara, Calif., January 17, 2017 – NSFOCUS, a global provider of intelligent hybrid security solutions, today announced the appointment of Lin Xu, to the position of Vice President of Engineering. In this new position, Xu will run dedicated engineering teams in Santa Clara, CA, as well as teams in China to further expand the …read more