Blog

Microsoft’s August 2020 Patches Fix 120 Security Vulnerabilities Threat Alert

August 30, 2020 | Mina Hao

Overview   Microsoft released August 2020 security updates on Tuesday which fix 120 vulnerabilities ranging from simple spoofing attacks to remote code execution in various products, including .NET Framework, ASP.NET, Internet Explorer, Microsoft Dynamics, Microsoft Edge, Microsoft Graphics Component, Microsoft JET Database Engine, Microsoft Office, Microsoft Office SharePoint, Microsoft Scripting Engine, Microsoft Video Control, Microsoft Windows, […]

2020 Mid-Year DDoS Attack Landscape Report-3

August 29, 2020 | Mina Hao

From January to May 2020, except in April when the number of DDoS attacks was on a par with that a year earlier, the other months experienced a year-on-year decrease in the number. However, attack traffic in each month in the first half of 2020 increased year on year.

Cisco SD-WAN High-Risk Vulnerabilities (CVE-2020-3374, CVE-2020-3375) Threat Alert

August 28, 2020 | Mina Hao

Overview Recently, Cisco released an announcement stating that it has repaired two high-risk vulnerabilities in Cisco SD-WAN vManager Software (CVE-2020-3374) and SD-WAN Solution Software (CVE-2020-3375). Cisco SD-WAN is a secure cloud-scale architecture with openness, programmability, and scalability. Through the Cisco vManage console, you can quickly establish SD-WAN coverage structures to connect data centers, branch offices, […]

IP Reputation Report-08232020

August 27, 2020 | Mina Hao

1. Top 10 countries in attack counts: The above diagram shows the top 10 regions with the most malicious IP addresses from the NSFOCUS IP Reputation databases at August 23, 2020.

2019 Cybersecurity Insights -18

August 26, 2020 | Mina Hao

UPnP is short for Universal Plug and Play. UPnP is an architecture that defines peer-to-peer connectivity of PCs and intelligent devices (or instruments). Built upon Internet standards and technologies (suchas TCP/IP, HTTP, and XML), UPnP allows such devices to connect to and collaborate with each other automatically, thus making it possible for the network (especially […]

WebSphere Application Server High-Risk Remote Code Execution Vulnerability (CVE-2020-4450) Threat Alert

August 25, 2020 | Mina Hao

Overview On June 5, Beijing time, IBM released a security bulletin to announce the fix of a high-risk remote code execution vulnerability (CVE-2020-4450) in WebSphere Application Server (WAS). This vulnerability was caused by deserialization of the Internet Inter-ORB Protocol (IIOP). It is assigned the CVSS base score of 9.8 and therefore is a high-risk one […]

Botnet Trend Report 2019-7

August 24, 2020 | Mina Hao

In 2019, ransomware was still a major type of threats that haunted people around the world. As an infamous botnet family, GandCrab generated more than USD 2 billion in ransom payments, simulating the rapid increase of other ransomware.

2019 Cybersecurity Insights -17

August 21, 2020 | Mina Hao

Threats Against WS-Discovery WSD is a multicast discovery protocol to locate services on a local area network (LAN). However, due to device vendors’ design flaw in the implementation, when a normal IP address sends a service discovery packet, devices will also respond to the request. If exposed on the Internet, these devices will be possibly […]

IP Reputation Report-08162020

August 20, 2020 | Mina Hao

1. Top 10 countries in attack counts: The above diagram shows the top 10 regions with the most malicious IP addresses from the NSFOCUS IP Reputation databases at August 16, 2020.