According to the analysis of geographic distribution of IPv6 attack sources, China had the largest proportion of attack sources (86.76%), followed by the USA (3.97%) and Romania (0.77%). (more…)
Blog
Update New Nginx Threat Backdoor Alert
Overview This is an update advisory. For details, please see "Verification Method"-"Local Verification". On July 16, 2020, Beijing time, a competitor published an article stating that it captured a new Nginx backdoor recently which could bypass antivirus software. By the time this advisory is released, the backdoor had not been...
Botnet Trend Report 2019-9
Overview In 2019, banking Trojans frequently launched attacks via the multilevel free technology, posing a severe threat to enterprises and public sectors. Spam was still the main propagation method. Attackers collected a great number of email addresses against which they launched phishing attacks. In 2019,NSFOCUS Security Labs captured and tracked...
WebSphere Remote Code Execution Vulnerability (CVE-2020-4534) Threat Alert
1. Vulnerability Description On July 31, 2020, Beijing time, IBM released a security bulletin which addressed a remote code execution vulnerability (CVE-2020-4534) in WebSphere Application Server (WAS). The vulnerability is caused by improper handling of UNC paths. An authenticated local attacker could exploit the vulnerability to execute arbitrary code. The...
2019 Cybersecurity Insights -19
Since the Promoting Scale Deployment of Internet Protocol Version 6 (IPv6) ("Plan") 1 was published in November 2017, IPv6 deployments in China are on the rise. By June 2019, the number of active IPv6 users had reached 130 million, and 1.207 billion telecom users had been assigned an IPv6 address....
What You Should Know about OpenVPN Reflection Attacks
Executive Summary OpenVPN is an application layer VPN implementation based on the OpenSSL library and serves over port 1194. In September 2019, OpenVPN was found to be vulnerable to UDP reflection attacks. This document analyzes threat exposure of the entire network, common attack means, and the bandwidth amplification factor (BAF)...
