Cross-Site Scripting (XSS) attacks are a type of injection in which malicious scripts are injected into otherwise benign and trusted websites. XSS attacks occur when an attacker uses a web application to send malicious code, generally in the form of a browser side script, to a different end user. Flaws...
Author: NSFOCUS
APT Group Gamaredon Intensifies Cyber Offensive in Ukraine (Part 2)
Part 1: APT Group Gamaredon Intensifies Cyber Offensive in Ukraine (Part 1) Type 2: Send malicious HTML attachments by masquerading notification emails The second type of attack activity Gamaredon mainly carried out is spear phishing emails. This is a new attack process that emerged in the second quarter of this...
APT Group Gamaredon Intensifies Cyber Offensive in Ukraine (Part 1)
Overview Beginning in the second quarter of this year, NSFOCUS Security Labs discovered that the APT group Gamaredon began frequently using a number of different types of attacks to conduct cyberattacks against military and police targets in Ukraine’s Kherson, Donetsk and other regions. In this attack cycle, Gamaredon mainly used...
APT Group Evilnum Launched a New Round of Cyberattacks on Online Transactions
Overview NSFOCUS Security Labs detected a string of related phishing attacks recently. The analysis confirmed that these activities were staged by the APT group Evilnum and they were a continuation of the group's recent operation DarkCasino. This round of cyberattacks occurred in late July and lasted until early August. Evilnum...
Description of the Server Name Indication Feature on NSFOCUS WAF
The early SSLv2 was designed based on the classic public key infrastructure. By default, a server or an IP address could provide only one service so that the server could know which certificate to serve during the SSL handshake. The widespread use of virtual hosts leads to the situation where...
Mind the Sec 2022
The 8th edition of Mind The Sec was held from September 20 to 22, 2022 at the Transamerica Expo, in São Paulo. it is one of the largest and most qualified corporate events of information security and cyber security in Latin America. Mind The Sec presents three tracks of content,...
