Adeline Zhang

NSFOCUS Identifies DDoS Attack Trends in New 2018 Insights Report

April 10, 2019

Report Finds Correlation Between Cryptocurrency Attacks and DDoS Attacks Over the Course of 2018 SANTA CLARA, Calif., NSFOCUS, a leader in holistic hybrid security solutions, today released its 2018 DDoS Attack Landscape report, which found that there is a direct correlation between cryptocurrency and DDoS attacks. The price of cryptocurrency dropped in 2018, leading to decreased profits from […]

Trouble at the federal CIO’s office

April 10, 2019

Politico – THE SAUCE ON DDoS — With cryptomining benefits on the decline, cyber attackers were more inclined to employ DDoS attacks in 2018, according to a report out this morning from NSFOCUS. However, the total number of DDoS attacks fell 28 percent from 2017, the company found. Most used DDoS only, but 13 percent […]

Apache HTTP Server Privilege Escalation Vulnerability (CVE-2019-0211) Threat Alert

April 8, 2019

Overview

Recently, Apache Software Foundation released a security advisory, announcing remediation of a privilege escalation vulnerability (CVE-2019-0211) in the Apache HTTP Server. Apache HTTP Server running MPM event, worker or prefork could allow an attacker to gain elevated privileges on the system by executing code in less-privileged child processes or threads (including scripts executed by an in-process scripting interpreter). By manipulating the scoreboard, an attacker could exploit this vulnerability to gain privileges of the parent process (usually root) and execute arbitrary code on the system. (more…)

2018 DDoS Attack Landscape-1

April 5, 2019

NSFOCUS Security Lab research has seen a dramatic decrease in DDoS attacks between 2017 and 2018.  We are in consensus with other TI vendors  as to most of the driving factors behind this large scale reduction, except one. This webinar 1 will show why NSFOCUS is breaking from the pack on one of the key factors leading to the significant decrease in DDoS attacks in 2018. (more…)

Internet Explorer and Edge Browsers 0-Day Vulnerability Threat Alert

April 4, 2019

Overview

Recently, a foreign researcher announced a 0-day vulnerability with Microsoft Edge and Internet Explorer (IE). Enticing a user to click a malicious link, an attacker could exploit this vulnerability to bypass the same-origin policy of the two kinds of browsers to launch a universal cross-site scripting (UXSS) attack to steal the user’s sensitive information. (more…)

IP Reputation Report-03292019

April 2, 2019

  1. Top 10 countries in attack counts:

(more…)

UC Browser Potential Man-in-the-Middle Vulnerability Threat Alert

April 2, 2019

Overview

Recently, a foreign researcher discovered a potential vulnerability in the UC browser which may affect hundreds of millions of users around the world. A hidden feature is found in the UC browser to download auxiliary software modules for execution by bypassing some restrictions of an application store. This feature is used to add new functions or install updates to the client, but can also be exploited for man-in-the-middle (MITM) attacks. For example, when a user uses the UC browser to download a PDF file and attempts to open it, an attacker, via an MITM attack, could enable the browser to download a malicious file and finally execute it. (more…)

PostgreSQL Arbitrary Code Execution Vulnerability (CVE-2019-9193) Threat Alert

April 1, 2019

1 Vulnerability Overview

Recently, a security researcher disclosed details about a PostgreSQL privilege escalation code execution vulnerability (CVE-2019-9193), which allows attackers with read access to database server-side files to execute arbitrary system commands. (more…)

Daily Communication——Use of Shared Folders

March 29, 2019

Case Analysis

Public shared folders usually house various documents from different departments, many of which contain sensitive data. Sensitive files reside in such folders mainly because people forget to delete them after copying them, thus exposing sensitive data to intranet hackers and rogue insiders. (more…)

Apache Tomcat DoS Vulnerability (CVE-2019-0199) Threat Alert

March 28, 2019

1 Vulnerability Overview

Recently, The Apache Software Foundation announced the existence of a denial-of-service (DoS) vulnerability in Apache Tomcat HTTP/2. Specifically, the HTTP/2 implementation accepts streams with excessive numbers of SETTINGS frames and also permits clients to keep streams open without reading/writing request/response data. Thus, too many connection requests from clients can cause server-side thread exhaustion. Successful exploitation of this vulnerability would result in a denial of service on the target. (more…)

Search

Subscribe to the NSFOCUS Blog