1 Vulnerability Overview Recently, the Git project disclosed CVE-2018-17456, a vulnerability in Git that can cause arbitrary code execution when a user clones a malicious repository. An attacker can take control of a target host by exploiting this vulnerability and at the same time using social engineering methods such as...
Author: NSFOCUS
NuggetPhantom Analysis Report
1.1 Executive Summary In a recent emergency response activity, NSFOCUS Threat Intelligence center (NTI) discovered a security event that featured NuggetPhantom, a modularized malware toolkit. According to our observation, the organization behind this event made its debut at the end of 2016 in the blue screen of death (BSOD) event...
Thoughts on the Application of the Micro Honeypot System in the Financial Sector
Overview According to the Emerging Technology Analysis: Deception Techniques and Technologies Create Security Technology Business Opportunities released by Gartner in 2015, "Deception technologies are defined by the use of deceit and/or feints designed to thwart or throw off an attacker's cognitive processes, disrupt an attacker's automation tools, delay an attacker's...
Telecom Exchange LA 2018
Telecom Exchange LA 2018 November 6-7, 2018 Kimpton Hotel Palomar Los Angeles Beverly Hills
An Analysis of Qbot Variants in the Wild
Overview Since their source code was publicly released on GitHub, Mirai and Qbot have wreaked havoc on the Internet of things (IoT). Before such public release, Mirai had been found to have adversarial behavior against Qbot in its infection process. Recently, the research team of NSFOCUS Threat Intelligence center (NTI)...
Xbash Malware Combines Many Malicious Functions in Worm
Unit 42, a research team of Palo Alto Networks found a new malware family this month and named it Xbash. This new malware combines ransomware, coinming, botnet, and worm features and targets Linux and Windows mainly. Xbash is developed in Python and was then converted into self-contained Linux ELF executables...
