Overview On April 6, Sangfor released an advisory, announcing that an overseas APT organization illegally took control of some of their SSL VPN devices and sent malicious files to clients by exploiting a client upgrade vulnerability. NSFOCUS has kept a close eye on this issue and conducted overall analysis. We...
Blog
WebSphere Application Server Remote Code Execution Vulnerability (CVE-2020-4276 and CVE-2020-4362) Threat Alert
Overview IBM released security advisories to announce the fix of two remote code execution vulnerabilities (CVE-2020-4276 and CVE-2020-4362) in WebSphere Application Server. The two vulnerabilities exist when WebSphere uses token-based authentication in an admin request over the SOAP connector. By sending a maliciously crafted request to WebSphere SOAP Connector, an...
IP Reputation Report-04122020
Top 10 countries in attack counts: The above diagram shows the top 10 regions with the most malicious IP addresses from the NSFOCUS IP Reputation databases at April 12, 2020. (more…)
DDoS Attack Landscape 4
Attack Distribution by Duration In 2019, the average duration of DDoS attacks was registered at 52 minutes, an 18% increase from 2018. We noticed that the longest DDoS attack in 2019 lasted around 20 days, far longer than attacks detected in previous years. In 2019, a DDoS attacks lasting less...
Vollgar Botnet Threat Alert
Overview On April 1, the Guardicore Labs team uncovered a long-running attack campaign which aims to infect Windows machines running MS-SQL servers. At least since May 2018, the campaign uses password brute force to breach victim machines, deploys multiple backdoors, and executes numerous malicious modules, such as remote access tools...
A Look into RSAC 2020: Cloud Security
RSA Conference (RSAC) 2020 was held still at the Moscone Center in San Francisco in February as scheduled. Unfortunately, I failed to attend this conference. So, instead of talking about my actual feelings of visiting the scene, I focus on what I think after watching session tracks of this conference....
