ADB.Mirai: New Mirai Botnet Variant Spreading via the ADB Debug Port
February 26, 2019
Overview
At the beginning of 2019, the domestic and overseas security vendors have detected cryptominers that spread via Android devices with an open ADB debug port. Recently, NSFOCUS Fu Ying Labs has detected once more such botnets that can be used to launch distributed denial-of-service (DDoS) attacks. The sample analysis suggests that this botnet family (named Darks) is another variant of the Mirai botnet, whose scanning behavior is highly similar to the mining sample discovered in early 2019. The mining sample is created for the mining purpose, while this sample is intended for DDoS. We suspect that the emergence of this sample possibly has something to do with the depression of the virtual currency industry. (more…)
NSFOCUS APPOINTS CHUI CHUN FAI AS PRINCIPAL ARCHITECT
February 25, 2019
Chui brings over 20 years of experience to the role, and will work closely with customers to ensure optimal deployment of their network security solutions
SINGAPORE, February 19, 2019 – NSFOCUS, a leader in holistic hybrid security solutions, today announced the appointment of Chui Chun Fai as Principal Architect for Asia Pacific, where he is responsible for driving technical leadership and excellence, as well as strengthening the network security posture of customers through vulnerability management and thorough security monitoring. Based in Hong Kong, Chui will report to Attley Ng, Senior Vice President, Asia Pacific. (more…)
Genius? Lunatic? Maybe Both (III)
February 25, 2019
Today, people live in a connected world. No matter how far away they are from one another, the Internet can bring them together, talking face to face in cyberspace. The prevalence of big data and the super powerful computing capability of machines herald a golden era of artificial intelligence, known as “the third wave”. New technologies such as smart watches, smart wearables, and driverless cars have changed people’s way of living. (more…)
IP Reputation Report-02222019
February 22, 2019
-
Top 10 countries in attack counts:
- The above diagram shows the top 10 regions with the most malicious IP addresses from the NSFOCUS IP Reputation databases at February 22, 2019.
WinRAR Code Execution Vulnerability Threat Alert
February 21, 2019
1 Vulnerability Overview
Recently, a security researcher found a logical bug in WinRAR using the WinAFL fuzzer and exploited it to gain full control over a victim’s computer. An attacker could exploit this vulnerability by crafting an archive and then tricking victims into downloading it by means of a phishing email, net disk, or forum. When a victim opens this malicious file with WinRAR, the attack is complete. (more…)
Microsoft Security Bulletin for February 2019 Patches That Fix 79 Security Vulnerabilities
February 21, 2019
Overview
Microsoft released the January 2019 security patch on Tuesday that fixes 79 vulnerabilities ranging from simple spoofing attacks to remote code execution in various products, including .NET Framework, Adobe Flash Player, Azure, Internet Explorer, Microsoft Browsers, Microsoft Edge, Microsoft Exchange Server, Microsoft Graphics Component, Microsoft JET Database Engine, Microsoft Office, Microsoft Office SharePoint, Microsoft Scripting Engine, Microsoft Windows, Servicing Stack Updates, Team Foundation Server, Visual Studio, Windows DHCP Server, Windows Hyper-V, Windows Kernel, and Windows SMB Server. (more…)
Data Manipulation: The Next Level of Cyberattacks
February 20, 2019
Channel Futures – Today cyberattacks aim to steal information or hijack infrastructure. While these threats are damaging enough, nation states and bad actors are not resting on their laurels. Next up in their nasty bag of tricks is blowing a hole in data integrity via unauthorized data changes, planting false information, changing sensor reads, and […]
Technical Report on Container Security (IV)-7
February 20, 2019
Container Security Protection – Orchestration Security
Orchestration Security
The maturity of the container technology pushes the development and implementation of microservices. More and more enterprises choose to adopt a mircoservice architecture to build their applications. Container orchestration tools are responsible for managing container clusters that carry various services. Arguably, it is container orchestration tools that support core services in a variety of projects adopting a mircoservice architecture. This document takes the most popular orchestration tool in the community, Kubernetes, as an example to describe security protection measures that container orchestration tools should take. (more…)
Adobe Security Advisory for February 2019 Security Updates
February 19, 2019
Overview
On February 12, local time, Adobe officially released security bulletins and advisories to announce security updates to patch multiple vulnerabilities in such products as Adobe Flash Player, Adobe Creative Cloud Desktop Application, ColdFusion, and Adobe Acrobat and Reader. (more…)
Critical runC Container Escape Vulnerability (CVE-2019-5736) Threat Alert
February 18, 2019
-
Overview
RUNC is a CLI tool for spawning and running containers according to the Open Container Initiative (OCI) specification. As the core of the Docker, runC can be called for creating, running, and destructing containers. (more…)
