Annual IoT Security Report 2019-14

January 2, 2021 | Mina Hao

This section analyzes WS-Discovery reflection attacks. For details about the WS-Discovery service, see section 1.6 WS-Discovery First Found to Be Abused for DDoS Reflection Attacks.

A Global DTLS Amplification DDoS Attack Is Ongoing

January 1, 2021 | Mina Hao

Attackers are targeting Citrix ADC (Application Delivery Controller) and utilize it to launch amplification attacks. However, no official patch has been released yet.

Annual IoT Security Report 2019-13

December 30, 2020 | Mina Hao

Introduction This chapter analyzes IoT threats from the perspective of protocols. According to the data from NSFOCUS’s threat hunting system, Telnet services (port 23) were targeted most frequently1. Therefore, we first analyze the attacks launched via Telnet. WS-Discovery reflection attacks are a new type of DDoS reflection attacks emerging in 2019 and will be described […]

A Preliminary Investigation into the Worm Technique Affecting Schneider’s Programmable Logic Controllers

December 29, 2020 | Mina Hao

Background Some time ago, some researchers detected a code injection vulnerability (CVE-2020-7475), which could cause Schneider’s Programmable Logic Controllers (PLCs) to operate like worms. If successfully exploited, this vulnerability could allow a PLC to act as a mini PC to carry out malicious network activities or as an intranet springboard or a network scanner to […]

Adobe Releases December’s Security Updates Threat Alert

December 28, 2020 | Mina Hao

Overview On December 8, 2020, local time, Adobe released security updates which address multiple vulnerabilities in Adobe Prelude, Adobe Experience Manager, and Adobe Lightroom.

Annual IoT Security Report 2019-12

December 25, 2020 | Mina Hao

In this section, we analyze threat trends related to Netis routers according to the data captured by NSFOCUS’s threat hunting system. Our data is based on log messages generated from May 21 to October 30, 2019. The following subsections analyze these log messages from the aspects of attack sources, attack incidents, and samples. Attack Sources […]

Microsoft’s December 2020 Patches Fix 58 Security Vulnerabilities Threat Alert

December 23, 2020 | Mina Hao

Overview  Microsoft released December 2020 security updates on Tuesday which fix 58 vulnerabilities ranging from simple spoofing attacks to remote code execution, including 9 critical vulnerabilities, 47 important vulnerabilities, and two moderate vulnerabilities. All users are advised to install updates without delay.

Annual IoT Security Report 2019-11

December 22, 2020 | Mina Hao

In this section, we analyze two vulnerabilities, namely, the CVE-2016-10372 vulnerability32 in the Eir D1000 router and the backdoor vulnerability in Netis routers. Except UPnP-related vulnerabilities described in section 4.4.3 Malicious Behaviors Targeting UPnP Vulnerabilities, the CVE-2016-10372vulnerability was exploited most frequently. The backdoor vulnerability in Netis routers exerted a severe impact when it was initially […]

Pay or Die!

December 21, 2020 | Mina Hao

“Pay or Die” is an opening phrase often used by DDoS blackmailers. Github was attacked, NZX was unable to provide services for 4 days… these are all serious DDoS blackmail incidents this year. This is just the tip of the iceberg of such lucrative crimes. In various forms of digital black mailings, using “distributed denial […]

Introduction of common attack types in manufacturing industry

December 18, 2020 | Mina Hao

Abstract The real economy with manufacturing as the core industry is the basis for maintaining national competitiveness and healthy economic development. Based on the universal recognition of this concept, the Industry 4.0 strategy of Germany, the national advanced manufacturing strategy of the United States, and the national manufacturing policy of India, have taken place as […]