Adeline Zhang

Threat Model ATT&CK

June 3, 2019

1.    Introduction

AI/ML is a hot topic in RSA Conference 2019. Current artificial intelligence (AI) can be roughly divided into perceptual intelligence (capabilities of perceiving images, audio, and video) and cognitive intelligence (knowledge-based reasoning and causal analysis). Most algorithms in use nowadays are perceptual. (more…)

Cisco Prime Infrastructure and Evolved Programmable Network Manager Remote Code Execution Vulnerabilities Threat Alert

May 31, 2019

Overview

On May 15, 2019, local time, Cisco officially released a security advisory, announcing remediation of three critical remote code execution vulnerabilities (CVE-2019-1821, CVE-2019-1822, and CVE-2019-1823) in the Cisco Prime Infrastructure (PI) and Evolved Programmable Network Manager (EPN). (more…)

Adobe Releases May’s Security Updates Threat Alert

May 30, 2019

Overview

On May 14, 2019, local time, Adobe officially released May’s security updates to fix multiple vulnerabilities in its various products, including Adobe Flash Player, Adobe Acrobat and Reader, and Media Encoder. (more…)

2018 DDoS Attack Landscape-8

May 29, 2019

3.6  Industrial Distribution of Attack Targets

From an industry perspective, cloud service/Internet data center (IDC), gaming, and e-commerce are top 3 industries suffering the most DDoS attacks. (more…)

DDoS Attacks and Mitigation

May 29, 2019

Nowadays, the advancement of information technology has brought tremendous convenience to people. Whether it is social networking or ecommerce, the Internet has become an integral and essential part of our lives. As Internet brought new opportunities, it also created new threats. DDoS is one of the most destructive form of threats. In the past decade, DDoS has been weaponized by various organizations and individuals used for ransomware, revenge, even cyber warfare. (more…)

Cybersecurity of Clouds over 10,000 Meters

May 27, 2019

Topic: Cybersecurity increasingly tends to be driven by IT instead of business. Enterprise security issues are no longer just concerned with the traditional infrastructure architecture, but have escalated to logical security issues of the business process as well as ecological security issues of multi-layered business. (more…)

A Look into RSA 2019: Cultural Blending and Capability Building During the Implementation of DevSecOps

May 24, 2019

As an increasing mature technical system in the security domain, DevSecOps, in nature, inherits the concept of shifting security to the left during the security development lifecycle (SDL). Simply speaking, DevSecOps is capability integration, continuous learning, and cultural blending. In fact, the concept of “blending” is also reflected by the theme of the DevSecOps Day at RSAC 2019, namely, “DevOps Connect”. The concept calls for CI/CD (continuous integration and continuous delivery and effective measurement to improve the efficiency.

(more…)

Microsoft Remote Desktop Services Remote Code Execution Vulnerability (CVE-2019-0708) Threat Alert

May 23, 2019

Overview

On May 14, 2019, local time, Microsoft released security updates for May that address a critical remote code execution vulnerability (CVE-2019-0708) in Remote Desktop Services. The Remote Desktop Protocol (RDP) is not affected by this vulnerability. As the vulnerability may be exploited in worm-related attacks, users are advised to download appropriate patches and upgrade their systems as soon as possible. (more…)

NSFOCUS UNVEILS 7TBPS CLOUD DDOS WITH BIGGER CAPABILITIES AND BETTER MITIGATION TO PROACTIVELY PROTECT ORGANISATIONS FROM THE MOST DETERMINED THREAT ACTORS

May 22, 2019

SINGAPORE, May 22, 2019 – NSFOCUS, the leader in holistic hybrid security solutions, today announced the launch of its 7Tbps Cloud Distributed Denial-of-Service (DDoS) Protection helps organisations to cope with the escalating frequency of DDoS attacks, regardless of their size, duration and complexity. The NSFOCUS Cloud DPS caters to gaming providers, internet service providers, and […]

2018 DDoS Attack Landscape-7

May 22, 2019

3.5  Analysis of IoT Attack Sources

3.5.1 Participation of IoT Devices in DDoS Attacks

According to NSFOCUS’s IoT threat intelligence, some DDoS attacks are associated with IoT devices. By further analyzing the proportion of IoT devices in DDoS attack source IP addresses, we find that 3.14% are IoT devices. Although this proportion is relatively small, compared to the large base of DDoS attack source IP addresses, the threat of IoT device-based DDoS attacks cannot be overlooked.

(more…)

Search

Subscribe to the NSFOCUS Blog