Extensive Power Outages in Venezuela and New York Starting from the evening of March 7, 2019, a cyberattack hit Venezuela, leaving most parts of the country, including the capital Caracas, without power for more than 24 hours1. Because of the outage, the subway service in Caracas came to a halt,...
Category: DDoS Mitigation
Annual IoT Security Report 2019-1
Executive Summary With the constant evolution of the Internet of Things (IoT), the security of IoT is becoming an issue that more and more people are concerned about. In 2016, we issued the IoT Security Whitepaper to popularize IoT security for a general audience. In 2018, we released the 2017...
Analysis of the 2020 H1 Vulnerability Trend
Overview In 2020 H1, a total of 1419 vulnerabilities were added to the NSFOCUS Vulnerability Database (NSVD), 714 of which were high-risk vulnerabilities. Among these high-risk vulnerabilities, 184 vulnerabilities were Microsoft-related ones. High-risk vulnerabilities were mainly distributed in major products of Microsoft, Oracle, Adobe, Google, Cisco, IBM, Moxa, Apache, and...
Analysis of Ripple20 Vulnerabilities
1. Background Recently, the JSOF research lab discovered a series of vulnerabilities on the Treck TCP/IP stack, which were dubbed Ripple20. Successful exploit of these vulnerabilities may allow remote code execution or disclosure of sensitive information. Technical details will be fully released at BlackHat USA 2020. (more…)
DHDiscover reflection attacks can magnify nearly 200 times of the attack 2
DHDiscover reflection attack analysis In this chapter, we’ll demonstrate the threat status quo of DHDiscover reflection attack after referring to log data captured by the NSFOCUS Threat Capture System[AZ1] from June 1, 2020 to August 18, 2020 at the port 37810. We analyzed the number of logs at the port...
DHDiscover reflection attacks can magnify nearly 200 times of the attack 1
1. Abstract In March 2020, Tencent published an article about a DVR being used for reflection attacks. Service port of this DVR is 37810, we named it DHDiscover service as there was DHDiscover shown in it. In the reflection attacks captured by Tencent, the scale of attack traffic exceeded 50G,...
