Drupal Remote Code Execution Vulnerability Analysis
May 31, 2018
Overview Drupal released a security advisory on 28 March 2018 to disclose a remote execution code (RCE) vulnerability in the Drupal core, sa-core-2018-002 (CVE-2018-7600). Soon, two more security advisories were also published within a month, including a Cross-Site Scripting (XSS) vulnerability and a critical code execution vulnerability — sa-core-2018-004 (CVE-2018-7602). In the following two months, […]
2017 DDoS and Web Application Attack Landscape
April 25, 2018
1 Introduction New Internet-based technologies and models, such as cloud computing, big data, Internet of Things (IoT), and mobile computing, are profoundly influencing transformations in the cyberspace. In this context, cyber threats keep evolving and upgrading. Distributed denial-of-service (DDoS) attacks and web application attacks are the main security threats facing the Internet at present. While […]
2017 Fintech Security Analysis Report
April 16, 2018
Ping An Financial Security Research Institute:As the industry’s first comprehensive organization engaging in financial security research and innovation founded by Ping An Technology, a wholly funded subsidiary of Ping An Group, it provides robust technical support for financial security of Ping An Group, the related sector, and the country and makes technical contributions to information […]
Iran’s 3,500 Switches Attacked – Cisco IOS/IOS XE Remote Code Execution Vulnerability CVE-2018-0171 Exploitation
April 12, 2018
News from The Iran Project, the Iranian cyber police confirmed Friday night that the country’s data center was attacked. The attack involved Iran 3500 switches, but the official in the country emphasized that the attack didn’t lead to sensitive data leakage. From description, the suspected attacker exploited the Cisco IOS / IOS XE remote code execution vulnerability-2018-0171 […]
Cisco IOS/IOS XE Software Remote Code Execution Vulnerability (CVE-2018-0171)
March 30, 2018
Recently a serious vulnerability (CVE-2018-0171) was disclosed in Cisco IOS and IOS XE software. An attacker could reload an affected device without authorization, resulting in a denial of service condition or remote code execution. This vulnerability originated from improper validation of packet data. An attack could exploit this vulnerability by sending elaborately-crafted Smart Install message […]
NSFOCUS launches Web Application Firewall for SB Cloud in Japan
November 15, 2017
SB Cloud partners with NSFOCUS to bring the first ICSA and Veracode certified Web Application Firewall powered by NSFOCUS to its customers SINGAPORE, November 15, 2017 – NSFOCUS, the leader in holistic hybrid security solutions, is now offering its comprehensive Web Application Security solution on SB Cloud to provide enterprises with the most comprehensive application-layer […]
Pacific Internet Joined Forces with NSFOCUS to Deliver Cloud DDoS Defenses for Businesses across SEA
October 10, 2017
Strengthening suite of services to enhance customers’ enterprise security SINGAPORE, October 10, 2017 – Pacific Internet Singapore Pte Ltd, Southeast Asia’s Internet Service Provider, has signed up with NSFOCUS, a global enterprise DDoS (Distributed Denial of Service) mitigation solution provider, to complement its Internet services with best-in-class DDoS defense strategies. According to Deloitte’s Technology, Media […]
IP Reputation Analysis Report – August 2017
October 3, 2017
Executive Overview There was a 34.06% increase in number of IP addresses globally in the NSFOCUS IP Reputation databases this month compared to both the beginning of the year and post WannaCry and Petya (33.17% through July). Globally the number of Botnets did not change significantly. However, the overall percentage of Botnets compared to other […]
Retrospective: NHS, ransomware and technical debt
May 31, 2017
By: Stephen Gates, Chief Research Intelligence Analyst, NSFOCUS
On May 15th, the NHS (UK’s National Health Service) suffered its single worst disruption to service in the history of the organisation. The disruption was due to a type of malicious software, known as ransomware, with the purpose of attempting to extort money from victims by encrypting their data, and offering to decrypt that data for a fee, a ransom no less, or lose that data forever. (more…)
NSFOCUS Wins Big at European IT and Software Excellence Awards 2017
March 31, 2017
Intelligent Hybrid DDoS defence provider claims Top prize for Security Solution of the Year London, UK – 31 March 2017 – NSFOCUS, the intelligent hybrid DDoS defence provider, has been awarded the Security Solution of the Year at the European IT & Software Awards 2017 (www.iteawards.com) – the leading pan-European awards for ISVs, Solution Providers […]
