IP Reputation Report-04122020

April 16, 2020 | Mina Hao

Top 10 countries in attack counts: The above diagram shows the top 10 regions with the most malicious IP addresses from the NSFOCUS IP Reputation databases at April 12, 2020.

DDoS Attack Landscape 4

April 15, 2020 | Mina Hao

Attack Distribution by Duration In 2019, the average duration of DDoS attacks was registered at 52 minutes, an 18% increase from 2018. We noticed that the longest DDoS attack in 2019 lasted around 20 days, far longer than attacks detected in previous years. In 2019, a DDoS attacks lasting less than 30 minutes accounted for […]

Vollgar Botnet Threat Alert

April 14, 2020 | Mina Hao

Overview On April 1, the Guardicore Labs team uncovered a long-running attack campaign which aims to infect Windows machines running MS-SQL servers. At least since May 2018, the campaign uses password brute force to breach victim machines, deploys multiple backdoors, and executes numerous malicious modules, such as remote access tools (RATs). We dubbed the campaign […]

A Look into RSAC 2020: Cloud Security

April 13, 2020 | Mina Hao

RSA Conference (RSAC) 2020 was held still at the Moscone Center in San Francisco in February as scheduled. Unfortunately, I failed to attend this conference. So, instead of talking about my actual feelings of visiting the scene, I focus on what I think after watching session tracks of this conference.

Linux Kernel Information Disclosure and Privilege Escalation Vulnerability Threat Alert

April 10, 2020 | Mina Hao

Vulnerability Description On March 31, the Linux kernel privilege escalation vulnerability demonstrated by the competitor Manfred Paul on the Pwn2Own contest was included in the CVE database and identified as CVE-2020-8835. This vulnerability exists because the bpf verifier in the Linux kernel does not properly calculate register bounds for certain operations. A local attacker could […]

IP Reputation Report-04052020

April 9, 2020 | Mina Hao

Top 10 countries in attack counts: The above diagram shows the top 10 regions with the most malicious IP addresses from the NSFOCUS IP Reputation databases at April 05, 2020.

DDoS Attack Landscape 3

April 8, 2020 | Mina Hao

DDoS Attack Type Analysis Proportions of Different Attack Types In 2019, most frequently seen attacks were UDP floods, SYN floods, and ACK floods, which together accounted for 82% of all DDoS attacks. By contrast, reflection attacks took up only 10%. Compared with 2018, reflection attacks rose slightly in number, but remained small in proportion.

What’s New in NSFOCUS’s Anti-DDoS Solution in 2020

April 7, 2020 | Mina Hao

If you are clueless about DDoS prevention in 2020 and do not understand why customers choose to adopt NSFOCUS’s anti-DDoS solution, you have to read the following contents carefully to find the answer. In 2020, ADS/NTA/ADS M V4.5R90F02 is about to be released with new functions which will enable you to win bids, upgrade your […]

A Look into RSAC 2020: NSFOCUS’s Practices in Automated Security Orchestration and Response

April 6, 2020 | Mina Hao

At RSA Conference Innovation Sandbox Contest 2020, was named “Most Innovative Startup”. The technical directions shown in this year’s contest covered external data representation (XDR), DevSecOps, and TVM+SOAR. Obviously, security operations are still one of the main directions that ignite the most efforts of innovation companies. According to the topics talked about at RSAC […]

Type1 Font Parsing 0-day Remote Code Execution Vulnerability Threat Alert

April 3, 2020 | Mina Hao

Overview On March 23, local time, Microsoft released an out-of-band security advisory ADV200006 to address two critical 0-day vulnerabilities in Adobe Type Manager Library. A vulnerability exists in Microsoft Windows when the Windows Adobe Type Manager Library improperly handles a crafted multi-master font, namely, the Adobe Type 1 PostScript format. An attacker could exploit the […]