Threat Actor – APT28
June 8, 2017
Overview APT28 is a recognized state-sponsored threat actor operating out of Russia. Nefarious efforts and known exploits conducted by ATP28 (Advanced Persistent Threat) have been tracked as early as 2007 by various cyber-security experts in the field. The following information will outline the worldwide cyber warfare attacks that have been linked to APT28 throughout their […]
Blackmoon Banking Trojan Overview
June 2, 2017
Overview The Blackmoon Bank Trojan that was originally identified in 2016 has since re-surfaced. Recently, more than 150,000 bank accounts were compromised in South Korea and the Blackmoon Trojan has been identified as the culprit. A new 2017 version has hit the financial industry and employs a new framework model primarily targeting the online banking […]
Retrospective: NHS, ransomware and technical debt
May 31, 2017
By: Stephen Gates, Chief Research Intelligence Analyst, NSFOCUS
On May 15th, the NHS (UK’s National Health Service) suffered its single worst disruption to service in the history of the organisation. The disruption was due to a type of malicious software, known as ransomware, with the purpose of attempting to extort money from victims by encrypting their data, and offering to decrypt that data for a fee, a ransom no less, or lose that data forever. (more…)
Solving the DDoS Problem – One Summit at a Time
April 8, 2017
By: Stephen Gates, Chief Research Intelligence Analyst, NSFOCUS
It’s no secret that DDoS attacks are on the rise. Statistic-after-statistic, report-after-report, all say the same thing about DDoS. However, who are the companies that have perfected the technology, tactics, techniques, and procedures used in front-lines to defeat DDoS attacks every day? NSFOCUS is one such company that has chosen to position themselves in the crossfire, between DDoS attackers and their often-unprepared victims. (more…)
Swearing Trojan Exploit Overview
April 3, 2017
Author: Cody Mercer – Senior Threat Intelligence Researcher Executive Overview A new mobile banking Trojan titled ‘Swearing Trojan’ has been discovered by Tencent Security and Checkpoint researchers. The odd name of the malware is in part attributed to the various Chinese swear words sparsely distributed in the source code. The primary attributes associated with the […]
NSFOCUS Wins Big at European IT and Software Excellence Awards 2017
March 31, 2017
Intelligent Hybrid DDoS defence provider claims Top prize for Security Solution of the Year London, UK – 31 March 2017 – NSFOCUS, the intelligent hybrid DDoS defence provider, has been awarded the Security Solution of the Year at the European IT & Software Awards 2017 (www.iteawards.com) – the leading pan-European awards for ISVs, Solution Providers […]
Dridex – v4
March 23, 2017
Author: Cody Mercer – Senior Threat Intelligence Research Analyst Executive Overview A newly discovered modified version of Dridex, now termed ‘Dridex v4’, has been recognized in the wild in recent days. The upgraded version of the Dridex Trojan was at one time one of the most successful bank Trojans originally discovered in 2014 and has […]
Dahua Cameras Unauthorized Access Vulnerability Analysis & Solution
March 17, 2017
Overview Dahua Technology, a well-known security camera and digital video recorder (DVR) vendor in China, released firmware updates to address serious security vulnerabilities for several of their products. By exploiting this vulnerability an attacker can access the user database of a Dahua camera without needing administrative privileges and extract the user name and password hash. […]
NSFOCUS launches in Australia, ideally placed to halt cyber attack tsunami from China
March 17, 2017
Threat Intelligence platform defends against sophisticated cyber attacks SYDNEY, March 17, 2017 – NSFOCUS, a global provider of intelligent hybrid DDoS defences, today announced its launch into Australia. The company believes it is uniquely placed to defend against cyber-attacks from China. Recent reports have indicated that up to 40 percent of global cyber-attacks are associated […]
StoneDrill – Shamoon & Shamoon 2.0 Variant
March 13, 2017
Author: Cody Mercer – Senior Threat Intelligence Researcher Executive Summary It would appear that a new variant titled ‘StoneDrill‘ has now hit the wild and conducts operations very similar to that of Shamoon 2.0 and Shamoon malware. Moreover, Kaspersky Labs has evaluated the source code and it appears to contain various source code line items […]
