Top 10 countries in attack counts: The above diagram shows the top 10 regions with the most malicious IP addresses from the NSFOCUS IP Reputation databases at March 29, 2020. (more…)
Blog
DDoS Attack Landscape 2
DDoS Attack Counts and Peak Sizes Distribution of Peak Sizes From the monthly data in the last three years, the number of large-scale attacks (> 100 Gbps) soared in 2018 and then fluctuated at a high level over a two-year period. In 2017, the number of such attacks reached 11,800,...
Spring Cloud Config Server Path Traversal (CVE-2020-5405) Threat Alert
Vulnerability Description Security researchers from NSFOCUS found a directory traversal vulnerability (CVE-2020-5405) in the Spring Cloud Config component. On February 26, Spring released a security bulletin to announce this vulnerability and also expressed appreciation to NSFOCUS. (more…)
Windows SMBv3 Remote Code Execution Vulnerability (CVE-2020-0796) Technical Analysis and Solution
Overview On March 11, Beijing time, Microsoft released March 2020 updates to fix vulnerabilities among which is a remote code execution vulnerability in Microsoft Server Message Block 3.1.1 (SMBv3) indicated in a security bulletin released earlier. This vulnerability exists in the way the Microsoft SMBv3 protocol handles certain requests. An...
Microsoft SMBv3 Remote Code Execution Vulnerability (CVE-2020-0796) Threat Alert
Overview On March 11, Beijing time, Microsoft released March 2020 updates to fix vulnerabilities among which is a remote code execution vulnerability in Microsoft Server Message Block 3.1.1 (SMBv3) indicated in a security bulletin released earlier. Instead of a security patch, Microsoft currently provides a workaround for users to mitigate...
Linux System PPPD Remote Code Execution Vulnerability (CVE-2020-8597) Threat Alert
Vulnerability Description On March 6, the United States Computer Emergency Readiness Team (US-CERT) release a security bulletin to announce a 17-year-old remote code execution vulnerability in the PPP daemon (pppd). This vulnerability affects nearly all Linux-based operating systems and network device firmware. This vulnerability is a buffer overflow vulnerability (CVE-2020-8597),...
