Overview Drupal released a security advisory, announcing remediation of a highly critical remote code execution vulnerability (CVE-2019-6430), which stems from some field types improperly sanitizing data from non-form sources, leading to potential execution of arbitrary PHP code. (more…)
Blog
Gafgy Botnet – Practitioner of the BaaS Mode
Overview In an era of everything being connected, with the increase of IoT devices exposed on the Internet and vulnerabilities detected in them, more and more malware focuses on the inexhaustible zombie repository. Therefore, IoT platform-based malware families have undergone an exponential growth. The year 2018 alone saw 21 new...
IP Reputation Report-03012019
Top 10 countries in attack counts: The above diagram shows the top 10 regions with the most malicious IP addresses from the NSFOCUS IP Reputation databases at March 01, 2019. (more…)
Attack and Defense Around PowerShell Event Logging
0x00 Overview PowerShell has been a focus of concern for network defense. The fileless PowerShell, featuring LotL and excellent ease of use, is widely used in various attack scenarios. In order to capture PowerShell-based attacks, an increasing number of security professionals tend to, through PowerShell event log analysis, extract attack...
Technical Report on Container Security (IV)
Container Security Protection – Application Security Application Security The ecosystem of the container technology is gradually established and various solutions become available in specific segments of containers, both of which lay a solid foundation for the container deployment. On the basis of the enterprise container deployment, the emergence of business...
ADB.Mirai: New Mirai Botnet Variant Spreading via the ADB Debug Port
Overview At the beginning of 2019, the domestic and overseas security vendors have detected cryptominers that spread via Android devices with an open ADB debug port. Recently, NSFOCUS Fu Ying Labs has detected once more such botnets that can be used to launch distributed denial-of-service (DDoS) attacks. The sample analysis...
