Top 10 countries in attack counts: The above diagram shows the top 10 regions with the most malicious IP addresses from the NSFOCUS IP Reputation databases at March 15, 2019. (more…)
Year: 2019
Daily Communication——Business Chat Groups
Case Analysis Chat groups convenience communication, but contain great risks, which include ill-disposed persons impersonating the company's employees, information disclosure as a result of chat group hacking, and resigned employees lurking in the group for malicious purposes. (more…)
Chrome and Windows 7 32-Bit Vulnerabilities Threat Alert
Overview On March 7 (local time), Google released a security advisory to announce the existence of a Microsoft Windows vulnerability. According to Google, this local privilege escalation vulnerability could be exploited together with the vulnerability (CVE-2019-5786) in Google Chrome announced last week, to take control of the machine of the...
Technical Report on Container Security (V)-1
Security Tools—Open-Source Security Tool Kubernetes In addition to commercial software, open-source software projects can also provide some security functions. This document describes several open-source projects that are usually used for protection of non-critical business. (more…)
Resource-based Constrained Delegation Allows Obtaining of System Privileges of Any Domain Hosts Threat Alert
1 Vulnerability Overview Recently, the NSFOCUS M01N team released the Analysis of Privilege Escalation Attacks by Exploiting Resource-based Constrained Delegation, in which they describe the principle of attacks launched by exploiting the resource-based constrained delegation, so as to escalate privileges of domain hosts. For details, click the following link: (more…)
Chrome PDF File Parsing 0-Day Vulnerability Threat Alert
1 Vulnerability Overview On February 28, 2019, a security vendor outside of China spotted a 0-day vulnerability in Google's Chrome browser, which could lead to information disclosure upon a user's opening of a malicious PDF file using Chrome. Up to now, a number of malicious samples have been found to...
