2019 Cybersecurity Insights -20

September 9, 2020 | Mina Hao

According to the analysis of geographic distribution of IPv6 attack sources, China had the largest proportion of attack sources (86.76%), followed by the USA (3.97%) and Romania (0.77%).

Update New Nginx Threat Backdoor Alert

September 8, 2020 | Mina Hao

Overview This is an update advisory. For details, please see “Verification Method”-“Local Verification”. On July 16, 2020, Beijing time, a competitor published an article stating that it captured a new Nginx backdoor recently which could bypass antivirus software. By the time this advisory is released, the backdoor had not been detected by any antivirus software […]

Botnet Trend Report 2019-9

September 7, 2020 | Mina Hao

Overview In 2019, banking Trojans frequently launched attacks via the multilevel free technology, posing a severe threat to enterprises and public sectors. Spam was still the main propagation method. Attackers collected a great number of email addresses against which they launched phishing attacks. In 2019,NSFOCUS Security Labs captured and tracked such banking Trojans as Emotet, […]

WebSphere Remote Code Execution Vulnerability (CVE-2020-4534) Threat Alert

September 4, 2020 | Mina Hao

1. Vulnerability Description On July 31, 2020, Beijing time, IBM released a security bulletin which addressed a remote code execution vulnerability (CVE-2020-4534) in WebSphere Application Server (WAS). The vulnerability is caused by improper handling of UNC paths. An authenticated local attacker could exploit the vulnerability to execute arbitrary code. The vulnerability has a CVSS score […]

IP Reputation Report-08302020

September 3, 2020 | Mina Hao

1. Top 10 countries in attack counts: The above diagram shows the top 10 regions with the most malicious IP addresses from the NSFOCUS IP Reputation databases at August 30, 2020.

2019 Cybersecurity Insights -19

September 2, 2020 | Mina Hao

Since the Promoting Scale Deployment of Internet Protocol Version 6 (IPv6) (“Plan”) 1 was published in November 2017, IPv6 deployments in China are on the rise. By June 2019, the number of active IPv6 users had reached 130 million, and 1.207 billion telecom users had been assigned an IPv6 address. At the same time, IPv6 […]

What You Should Know about OpenVPN Reflection Attacks

September 1, 2020 | Mina Hao

Executive Summary OpenVPN is an application layer VPN implementation based on the OpenSSL library and serves over port 1194. In September 2019, OpenVPN was found to be vulnerable to UDP reflection attacks. This document analyzes threat exposure of the entire network, common attack means, and the bandwidth amplification factor (BAF) of reflection attacks via the […]

2020 Mid-Year DDoS Attack Landscape Report-4

September 1, 2020 | Mina Hao

At 17:00 of May 20, NSFOCUS SOC detected an abnormal traffic alert in the global monitoring center, the IP addresses of a customer from Hong Kong were under attack and the maximum attack peak reached 634.6 Gbps. This had been the largest of all attacks targeting NSFOCUS’s customers by thetime this report was written. According […]

Botnet Trend Report 2019-8

August 31, 2020 | Mina Hao

The first nine months of 2019 saw sharp rise in the market prices of cryptocurrencies dominated by Bitcoin. Despite a fall in the fourth quarter, the prices remained high. Meanwhile, cryptojacking malware became active with the rise of cryptocurrency prices.

Adobe Releases August’s Security Updates Threat Alert

August 31, 2020 | Mina Hao

Overview On August 11, 2020 (local time), Adobe released security updates to address multiple vulnerabilities in Adobe Acrobat, Reader, and Lightroom. For details about the security bulletins and advisories, visit the following link: