Technical Report on Container Security (IV)-4
January 24, 2019
Container Security Protection – Image Security
Image Security
Images are the basis of containers. Therefore, their security speaks a lot for that of the entire container ecosystem. Container images are a series of images stacked layer by layer. They are distributed and updated through image repositories. The following sections describe how to secure images from the aspects of image build security, repository security, and image distribution security. (more…)
2019 Predictions: Email Attachments, IoT, and Cryptominers to be Security Pain Points
January 23, 2019
Data breaches in 2018 compromised personal information of millions of people around the world, most notably from large corporations such as Facebook, Marriott, T-Mobile and Quora. Seemingly every week there is a new breach reported, and consumers have taken notice. In the past year, the average number of overall daily searches for keywords such […]
Oracle January 2019 Critical Patch Update Security Advisory for All Product Families
January 22, 2019
Overview
On January 15, 2019, local time, Oracle released its own security advisory and third-party security advisories for its January 2019 Critical Patch Update (CPU) which fix 284 vulnerabilities of varying severity levels across the product families. For details about affected products and available patches, see the appendix. (more…)
ThinkPHP 5.0-5.0.23, 5.1.0-5.1.31, and 5.2.* Remote Code Execution Vulnerability Handling Guide
January 21, 2019
1 Vulnerability Overview
Recently, ThinkPHP 5.0-5.0.23 was found to have a remote code execution (RCE) vulnerability. The NSFOCUS Falcon Team carried out tests and found that ThinkPHP 5.0-5.0.23, 5.1.0-5.1.31, and 5.2.* were also prone to this vulnerability, which could be triggered in both Linux and Windows systems. (more…)
Researchers analyze DDoS attacks as coordinated gang activities
January 21, 2019
Help Net Security – In a new report, NSFOCUS introduced the IP Chain-Gang concept, in which each chain-gang is controlled by a single threat actor or a group of related threat actors and exhibit similar behavior among the various attacks conducted by the same gang. Researchers analyzed attack types, volume, size of events, gang activities, […]
Are Smart Cities Secure?
January 20, 2019
RFID Journal – Planning and oversight have the most significant impact when securing a smart city utilizing Internet of Things and RFID technologies. Recently, I participated in several tenders for smart-city projects around the world. I also partook in CEO roundtable discussions at Telecom Exchange LA, including one about what Los Angeles would look like […]
IP Reputation Report-01182019
January 18, 2019
Top 10 countries in attack counts: The above diagram shows the top 10 regions with the most malicious IP addresses from the NSFOCUS IP Reputation databases at January 18, 2019. CN dropped from 51% to 43% and US increased from 9% to 12% from last week. Top 10 countries in attack percentage: From the diagram […]
Mobile Office——SMS phishing
January 18, 2019
Case Analysis
This story starts from an SMS message and ends with financial loss, sounding just like an ordinary telecom fraud. But it is distinctive in that a malicious link and a web page that contains a trojan are leveraged, indicating that the attacker is quite tech-savvy. After the mobile phone is infected with the trojan, the hacker can listen for and intercept SMS verification codes in the background. By using such information and the user’s ID card number and bank account information previously collected, the perpetrator can sign up for the quick pay service.
The Daily Briefing
January 18, 2019
CyberWire – Yesterday Troy Hunt announced, to considerable éclat, the discovery of a large trove of credentials for sale in a dark web souk. He calls it “Collection #1.” The hood offering the material for sale goes by the nom-de-hack of “Sanixer.” KrebsOnSecurity contacted Sanixer and concluded that the material is relatively old, gleaned from […]
NSFOCUS Detects Two Satan Variants Targeting Financial Sector
January 17, 2019
In early November of 2018, NSFOCUS spotted the first variant of Satan malware that targets Linux and Windows systems and spreads by exploiting various application vulnerabilities. A few weeks later, NSFOCUS came across a second variant of this Satan, capable of self-propagation via Windows and Linux platforms. These two variant detections are just another […]
