Blog

2019 Cybersecurity Insights -16

August 19, 2020 | Mina Hao

In this section, we analyzed threats against three major protocols. Threats Against Telnet According to data from NSFOCUS’s threat hunting system, Telnet (available on port 23), targeted by a total of 120,000 attack sources, was the IoT protocol most favored by attackers1 . Figure 7-3 shows the activity trend of Telnet attack sources from March […]

2020 Mid-Year DDoS Attack Landscape Report-1

August 18, 2020 | Mina Hao

Summary Global distribution of DDoS attacks: U.S. suffered the most DDoS attacks, and Japan received the largest volume of DDoS traffic. DDoS attack trend: March and April witnessed the most frequent DDoS attacks, and May saw the peak of attack traffic. DDoS attacks and COVID-19 pandemic: DDoS attacks fluctuated noticebly with the worldwide outbreak of […]

TP-Link Tapo C200 IP Camera High-Risk Vulnerability Threat Alert

August 18, 2020 | Mina Hao

Overview Recently, TP-Link fixed a high-risk vulnerability in the C200 IP camera. A user’s hashed password can be found in the memory dump by using the discovered Heartbleed vulnerability exposed on TCP port 443. The hash was then used for a pass-the-hash attack by exploiting the login process on the API. This caused a login […]

Botnet Trend Report 2019-6

August 17, 2020 | Mina Hao

Overview of DDoS Attacks in 2019 According to the observation of NSFOCUS Security Labs, DDoS botnets in 2019, though with some changes, continued with the same patterns in attack targets, families, and operating platforms overall. Among the track data of NSFOCUS Security Labs in 2019, there were more than 1.1 million instructions given by DDoS […]

Adobe Releases Updates to Fix High-Risk Vulnerabilities Threat Alert

August 14, 2020 | Mina Hao

Overview On July 21, 2020, local time, Adobe released security updates to fix high-risk code execution vulnerabilities in its various products, including Adobe Bridge, Adobe Photoshop, Adobe Prelude, and Adobe Reader Mobile. For details about the security bulletins and advisories, visit the following link:

IP Reputation Report-08092020

August 13, 2020 | Mina Hao

1. Top 10 countries in attack counts: The above diagram shows the top 10 regions with the most malicious IP addresses from the NSFOCUS IP Reputation databases at August 9, 2020.

2019 Cybersecurity Insights -15

August 12, 2020 | Mina Hao

Finding 1: In 2019, over 30 types of IoT vulnerability exploits were captured, most of which targeted remote command execution vulnerabilities. Though hundreds of to thousands of IoT vulnerabilities are unveiled each year, only a few can exert an extensive impact. Attackers were keen on targeting devices (routers and video surveillance devices) exposed in large […]

Microsoft Windows DNS Server Remote Code Execution Vulnerability SigRed (CVE-2020-1350) Threat Alert

August 11, 2020 | Mina Hao

Overview On July 14, 2020 local time, Microsoft addressed a wormable Windows DNS server vulnerability dubbed SigRed (CVE-2020-1350) in its latest monthly patch updates. Once exploited by attackers, the vulnerability could spread between vulnerable computers without user interaction, thereby probably infecting the network of the whole organization. It is reported that the vulnerability has existed […]

Botnet Trend Report -5

August 10, 2020 | Mina Hao

Spear Phishing and Malicious Documents In the past few years, including malicious attachments in emails has become one of the most common methods that APT groups and various cybercriminal groups use to launch spear phishing attacks. Compared with previous years, 2019 saw more spear phishing attacks with a bigger impact, which was linked with the […]

FBI Warning: New DDoS Reflection Attacks Are Coming, Are You Ready?

August 7, 2020 | Mina Hao

According to ZDNet’s reports, FBI released a warning last week that some new network protocols were used by criminals to launch large-scale DDoS attacks. Three protocols and one Web applications were found as DDoS attack vectors, including CoAP, WS-DD, ARMS and Web-based Jenkins.