Blog

IP Reputation Report-03152019

March 15, 2019 | Mina Hao

Top 10 countries in attack counts: The above diagram shows the top 10 regions with the most malicious IP addresses from the NSFOCUS IP Reputation databases at March 15, 2019.

Daily Communication——Business Chat Groups

March 15, 2019 | Mina Hao

Case Analysis Chat groups convenience communication, but contain great risks, which include ill-disposed persons impersonating the company’s employees, information disclosure as a result of chat group hacking, and resigned employees lurking in the group for malicious purposes.

Chrome and Windows 7 32-Bit Vulnerabilities Threat Alert

March 14, 2019 | Mina Hao

Overview On March 7 (local time), Google released a security advisory to announce the existence of a Microsoft Windows vulnerability. According to Google, this local privilege escalation vulnerability could be exploited together with the vulnerability (CVE-2019-5786) in Google Chrome announced last week, to take control of the machine of the victim.

Technical Report on Container Security (V)-1

March 13, 2019 | Mina Hao

Security Tools—Open-Source Security Tool Kubernetes In addition to commercial software, open-source software projects can also provide some security functions. This document describes several open-source projects that are usually used for protection of non-critical business.

Resource-based Constrained Delegation Allows Obtaining of System Privileges of Any Domain Hosts Threat Alert

March 12, 2019 | Mina Hao

1 Vulnerability Overview Recently, the NSFOCUS M01N team released the Analysis of Privilege Escalation Attacks by Exploiting Resource-based Constrained Delegation, in which they describe the principle of attacks launched by exploiting the resource-based constrained delegation, so as to escalate privileges of domain hosts. For details, click the following link:

Chrome PDF File Parsing 0-Day Vulnerability Threat Alert

March 12, 2019 | Mina Hao

1 Vulnerability Overview On February 28, 2019, a security vendor outside of China spotted a 0-day vulnerability in Google’s Chrome browser, which could lead to information disclosure upon a user’s opening of a malicious PDF file using Chrome. Up to now, a number of malicious samples have been found to exploit this vulnerability in the […]

IP Reputation Report-03082019

March 8, 2019 | Mina Hao

Top 10 countries in attack counts: The above diagram shows the top 10 regions with the most malicious IP addresses from the NSFOCUS IP Reputation databases at March 08, 2019.

Drupal Remote Code Execution Vulnerability (CVE-2019-6340) Threat Alert

March 2, 2019 | Mina Hao

Overview Drupal released a security advisory, announcing remediation of a highly critical remote code execution vulnerability (CVE-2019-6430), which stems from some field types improperly sanitizing data from non-form sources, leading to potential execution of arbitrary PHP code.

Gafgy Botnet – Practitioner of the BaaS Mode

March 2, 2019 | Mina Hao

Overview In an era of everything being connected, with the increase of IoT devices exposed on the Internet and vulnerabilities detected in them, more and more malware focuses on the inexhaustible zombie repository. Therefore, IoT platform-based malware families have undergone an exponential growth. The year 2018 alone saw 21 new variants from IoT-based botnet families.

IP Reputation Report-03012019

March 1, 2019 | Mina Hao

Top 10 countries in attack counts: The above diagram shows the top 10 regions with the most malicious IP addresses from the NSFOCUS IP Reputation databases at March 01, 2019.