Ghostscript -dSAFER Sandbox Bypass Vulnerability (CVE-2019-10216) Threat Alert

August 30, 2019 | Mina Hao

Overview Recently, Ghostscript announced the discovery of the -dSAFER sandbox bypass vulnerability (CVE-2019-10216). The .buildfont1 procedure in Ghostscript does not properly restrict privileged calls, which allows attackers to escalate privileges and access files beyond the restricted domain.

IP Reputation Report-08252019

August 29, 2019 | Mina Hao

Top 10 countries in attack counts:

Botnet Trend Report-11

August 28, 2019 | Mina Hao

4.2.2 Analysis  During the first quarter of 2018 when BillGates was extremely active, the family was found to attack 3962 targets, most of which were in two Central American countries. The following map shows the distribution of BillGates targets in China that NSFOCUS was able to directly monitor. BillGates ignored common ports, such as 22, […]

What You Should Know About DDoS Incident Response

August 27, 2019 | Mina Hao

This document addresses the overall strategy and process for DDoS incident response and provides detailed analysis of and countermeasures against some typical attacks, in a bid to help organizations respond to DDoS attacks more effectively and efficiently. Therefore, we will not dwell upon specific methods of and configurations of specific mitigations against each type of […]

Adobe Security Bulletins for August 2019 Security Updates Threat Alert

August 26, 2019 | Mina Hao

Overview On August 13, 2019, local time, Adobe officially released August’s security updates to fix multiple vulnerabilities in its various products, including Adobe Photoshop CC , Adobe Experience Manager, Adobe Acrobat and Reader, Adobe Creative Cloud Desktop Application, Adobe Prelude CC, Adobe Premiere Pro CC, Adobe Character Animator CC, and Adobe After Effects CC.

Information Security in the Workplace- password grading

August 24, 2019 | Mina Hao

With the advancement of IT-based transformation and the rapid development of IT, various network technologies have seen more extensive and profound applications, along with which come a multitude of cyber security issues. Come to find out what information security issues you should beware of in the workplace.

Banking Trojan Banjori Analysis Report

August 23, 2019 | Mina Hao

1 Sample Introduction Banjori is a banking trojan that has been active since it was first spotted in 2013. It identifies personal online banking users in France, Germany, and the USA as major targets. After infecting a user, the trojan injects a malicious payload into the user’s active processes and collect the user’s information. Banking […]

IP Reputation Report-08192019

August 22, 2019 | Mina Hao

Top 10 countries in attack counts: The above diagram shows the top 10 regions with the most malicious IP addresses from the NSFOCUS IP Reputation databases at August 19, 2019.   Top 10 countries in attack percentage: The Palestine is in first place. The Curacao is in the second place. The country China (CN) is […]

Botnet Trend Report-10

August 21, 2019 | Mina Hao

4.2 BillGates: Best Cross-Platform Family In February 2014, a new botnet family was reported by the Russian website, habr5 and named BillGates because of its bill and gates modules. Subsequently the research group, MalwareMustDie reported that botnet family was operated by a Chinese hacker group, closely related with other known families such as ChinaZ and […]

Microsoft’s Security Patches for August Fix 95 Security Vulnerabilities Threat Alert

August 20, 2019 | Mina Hao

Overview  Microsoft released August 2019 security patches on Tuesday that fix 95 vulnerabilities ranging from simple spoofing attacks to remote code execution in various products, including Active Directory, HTTP/2, Microsoft Bluetooth Driver, Microsoft Browsers, Microsoft Dynamics, Microsoft Edge, Microsoft Graphics Component, Microsoft JET Database Engine, Microsoft Malware Protection Engine, Microsoft NTFS, Microsoft Office, Microsoft Office […]