Overview Recently, a code execution vulnerability (CVE-2019-18408) was disclosed in the security update of Debian, Ubuntu, Gentoo and other distributions.

What Is DDoS? Look at the following example: Assume that you run a shop that is doing well. At this time, your neighbor, Mr. Wang (or whatever his name is), whose business is slack, looks at you as an eyesore. Therefore, he hires a group of hooligans. Then you find that your shop is crowded […]

In July, 2019, Cloud DPS, a cloud cleaning product from NSFOCUS, managed to withstand a wave of DDoS attacks over 100 Gbps that lasted one week. Targeting a board/card game vendor, those attacks exhibited perfect regularity, with the traffic averaging 100 Gbps and peaking at 431.6 Gbps.

I. Principle At present, there has been a great deal of news coverage about information disclosure. A large amount of information is constantly disclosed and sold through various websites, resulting in endless cases of telecom fraud. We have already known that SQL injection is the culprit responsible for all the cases. An SQL injection attack […]

Top 10 countries in attack counts: The above diagram shows the top 10 regions with the most malicious IP addresses from the NSFOCUS IP Reputation databases at November 10, 2019.

3.3 Recidivists “Recidivists” here refer to attack sources found to repeatedly engage in malicious activities. In the 2018 H1 Cybersecurity Insights, we pointed out that 25% of recidivists were responsible for 40% of attack events24. Considering the quantity and level of threat, these attackers should not be underestimated. By the end of 2018, the number […]

Vulnerability Description On October 30, @_S00pY disclosed the exploitation of Apache Solr Remote Code Execution Vulnerability, which allows attackers to implement remote code execution via velocity templates. After testing, the vulnerability can be successfully triggered, and no official security patch has been released.

Incident Review In February 2019, our monitoring found that some domestic users, when accessing certain websites through their home routers, were hijacked to pornographic and gambling websites. According to our sample inspection, more than 4 million IP addresses were hijacked to about 190 domain names concerning pornography and gambling during this incident. These victim users […]

1 Overview On April 18, 2019 a hacker/hacker organization sold a toolkit of the APT34 group, under the false name of Lab Dookhtegan, on a Telegram channel. The organization also posted screenshots of the tool’s backend panels, where victim data had been collected. Early in the middle of March 2019, this hacker/hacker organization had released […]

With the advancement of IT-based transformation and the rapid development of IT, various network technologies have seen more extensive and profound applications, along with which come a multitude of cyber security issues. Come to find out what information security issues you should beware of in the workplace.