Crypto Mining, DDoS Attacks On The Rise – Report
October 19, 2018
BlockTribune – NSFOCUS, a hybrid security solution company, today released its H1 Cybersecurity Insights report, which highlights the observations of the NSFOCUS Threat Intelligence center, a security research organization created by NSFOCUS for implementing an intelligent security 2.0 strategy and improving the cybersecurity ecosystem. NSFOCUS analyzed traffic from January 1, 2018 to June 30, 2018. […]
The daily briefing.
October 19, 2018
The Cyber Wire – McAfee researchers report finding a hitherto unremarked “data reconnaissance implant” that’s targeting Korean speakers. They’re calling it “Oceansalt,” an homage to the earlier Seasalt implant that the old Chinese Comment Crew used back in 2010. Indeed, Oceansalt reuses code from Seasalt. The Comment Crew, also known as APT1, is thought to […]
Google security official on election threats, spearphishing
October 19, 2018
POLITICO – GOOGLE EMAIL SECURITY GURU SPEAKS — MC recently caught up with Mark Risher, director of product management at Google with an emphasis on security and privacy. A few highlights: — Election security threats are broader than one country or one group of people, Risher said. “One of the headlines that shows up often […]
New Report from NSFOCUS Analyzes 27 Million Attacks in H1 Cybersecurity Insights Report
October 18, 2018
SANTA CLARA, Calif., October 18, 2018 – NSFOCUS, a leader in holistic hybrid security solutions, today released its H1 Cybersecurity Insights report, which highlights the observations of the NSFOCUS Threat Intelligence center, a security research organization created by NSFOCUS for implementing an intelligent security 2.0 strategy and improving the cybersecurity ecosystem. NSFOCUS analyzed traffic from […]
XBash Malware Security Advisory
October 18, 2018
On September 17, 2018, Unit42 researchers published an analysis of a new malware family XBash on its official blog. According to them, XBash was developed by the Iron Group, a cybercrime organization that has been active since 2016. The malware was named XBash based on the name of the malicious code’s original main module. XBash combines functions of ransomware, coinminers, botnets, and worms to target Linux and Microsoft Windows servers. (more…)
Git RCE Vulnerability (CVE-2018-17456)Security Advisory
October 17, 2018
1 Vulnerability Overview
Recently, the Git project disclosed CVE-2018-17456, a vulnerability in Git that can cause arbitrary code execution when a user clones a malicious repository. An attacker can take control of a target host by exploiting this vulnerability and at the same time using social engineering methods such as phishing. Git encourages all users to update their clients to protect themselves. (more…)
NuggetPhantom Analysis Report
October 12, 2018
1.1 Executive Summary
In a recent emergency response activity, NSFOCUS Threat Intelligence center (NTI) discovered a security event that featured NuggetPhantom, a modularized malware toolkit. According to our observation, the organization behind this event made its debut at the end of 2016 in the blue screen of death (BSOD) event that targeted Tianyi Campus clients, and was again involved in another security event that leveraged Tianyi Campus clients to mine cryptocurrency at the end of 2017. (more…)
Thoughts on the Application of the Micro Honeypot System in the Financial Sector
October 11, 2018
Overview
According to the Emerging Technology Analysis: Deception Techniques and Technologies Create Security Technology Business Opportunities released by Gartner in 2015, “Deception technologies are defined by the use of deceit and/or feints designed to thwart or throw off an attacker’s cognitive processes, disrupt an attacker’s automation tools, delay an attacker’s activities or disrupt breach progression. Deceptions are achieved through use of deceitful responses, purposeful obfuscations, feints, misdirections and other falsehoods.” Gartner also predicted the market of deception-based security defense technologies, saying that 10 percent of enterprises will use deception tools or tactics to counter cyberattacks by 2018. (more…)
Telecom Exchange LA 2018
October 8, 2018
Telecom Exchange LA 2018 November 6-7, 2018 Kimpton Hotel Palomar Los Angeles Beverly Hills
An Analysis of Qbot Variants in the Wild
October 1, 2018
Overview Since their source code was publicly released on GitHub, Mirai and Qbot have wreaked havoc on the Internet of things (IoT). Before such public release, Mirai had been found to have adversarial behavior against Qbot in its infection process. Recently, the research team of NSFOCUS Threat Intelligence center (NTI) captured the first Qbot variant […]
