1 Vulnerability Overview Recently, ThinkPHP 5.0-5.0.23 was found to have a remote code execution (RCE) vulnerability. The NSFOCUS Falcon Team carried out tests and found that ThinkPHP 5.0-5.0.23, 5.1.0-5.1.31, and 5.2.* were also prone to this vulnerability, which could be triggered in both Linux and Windows systems. (more…)
Blog
Researchers analyze DDoS attacks as coordinated gang activities
Help Net Security - In a new report, NSFOCUS introduced the IP Chain-Gang concept, in which each chain-gang is controlled by a single threat actor or a group of related threat actors and exhibit similar behavior among the various attacks conducted by the same gang. Researchers analyzed attack types, volume,...
Are Smart Cities Secure?
RFID Journal - Planning and oversight have the most significant impact when securing a smart city utilizing Internet of Things and RFID technologies. Recently, I participated in several tenders for smart-city projects around the world. I also partook in CEO roundtable discussions at Telecom Exchange LA, including one about what...
IP Reputation Report-01182019
Top 10 countries in attack counts: The above diagram shows the top 10 regions with the most malicious IP addresses from the NSFOCUS IP Reputation databases at January 18, 2019. CN dropped from 51% to 43% and US increased from 9% to 12% from last week. Top 10 countries in...
Mobile Office——SMS phishing
Case Analysis This story starts from an SMS message and ends with financial loss, sounding just like an ordinary telecom fraud. But it is distinctive in that a malicious link and a web page that contains a trojan are leveraged, indicating that the attacker is quite tech-savvy. After the mobile...
The Daily Briefing
CyberWire - Yesterday Troy Hunt announced, to considerable éclat, the discovery of a large trove of credentials for sale in a dark web souk. He calls it "Collection #1." The hood offering the material for sale goes by the nom-de-hack of "Sanixer." KrebsOnSecurity contacted Sanixer and concluded that the material...
