Overview This year a significant amount of security events such as WannaCry, Petya, and NotPetya occurred adversely affecting a wide variety of social and economic activities. To mitigate threats brought by such events IT and security teams have spared no effort in combating against such attacks for the security and...
Blog
NSFOCUS solutions now available in AliCloud Marketplace
AliCloud offers first ICSA and Veracode certified Web Application Firewall powered by NSFOCUS to secure more than 2 million customers SINGAPORE, August 22, 2017 – NSFOCUS, the leader in holistic hybrid security solutions, is now offering its comprehensive Web Application Security solution on Alibaba Cloud (AliCloud) to ensure enterprises are...
Remote Access Trojan KONNI Targeting North Korea Technical Analysis and Solution
This July a remote access trojan (RAT) KONNI was discovered to be involved in a cyberattack targeting North Korea, which was presumably linked to South Korea. This RAT spreads mainly through phishing emails. Specifically, the attacker first tries to have a powershell script executed via an .scr file, and then...
Dumbo Exploit Project
Overview This week WikiLeaks published a document outlining another leaked hacking tool developed by the CIA (Central Intelligence Agency). The exploit titled ‘Dumbo’ possesses the capability of remotely managing and altering video and audio recordings on Windows XP systems. At the moment, the malware is only able to successfully run...
Threat Actor – APT28
Overview APT28 is a recognized state-sponsored threat actor operating out of Russia. Nefarious efforts and known exploits conducted by ATP28 (Advanced Persistent Threat) have been tracked as early as 2007 by various cyber-security experts in the field. The following information will outline the worldwide cyber warfare attacks that have been...
Blackmoon Banking Trojan Overview
Overview The Blackmoon Bank Trojan that was originally identified in 2016 has since re-surfaced. Recently, more than 150,000 bank accounts were compromised in South Korea and the Blackmoon Trojan has been identified as the culprit. A new 2017 version has hit the financial industry and employs a new framework model...
