Blog

Adobe Flash Player 0-Day Vulnerabilities Threat Alert

December 11, 2018 | Adeline Zhang

Overview On December 5, 2018, local time, Adobe released a security bulletin to document the remediation of two vulnerabilities, namely a critical 0-day vulnerability (CVE-2018-15982) in Adobe Flash Player and an important vulnerability (CVE-2018-15983) in Adobe Flash Player installer.

Bravo! NSFOCUS’s Big Win in the Flare-On Challenge

December 10, 2018 | Adeline Zhang

The fifth annual Flare-on Challenge held by FireEye recently took place.129 out of 4925 players, of which 10 were Chinese players, reportedly finished the challenge this year. NSFOCUS’s KoAll team made a huge splash by topping the global medal tally with four medals.

“WeChat Pay” Ransomware Analysis and Decryption Tool

December 10, 2018 | Adeline Zhang

Risk Overview Recently, over 20,000 PCs in China have fallen victim to WeChat Pay ransomware. Files on the affected devices are encrypted by the ransomware. To regain access to the files, users are asked to scan a WeChat QR code that appears in a pop-up window and pay 110 yuan (about $16) in ransom. So […]

Personal Computer——Password Grading

December 7, 2018 | Adeline Zhang

Case AnalysisCase Analysis Many people use the same user names and passwords to access different websites. This makes it possible for hackers to use the password for access to a website that has been hacked to log in to other websites. Each password for each website seems unlikely. To solve this issue, you can follow […]

Satan Variant Analysis & Handling Guide

December 6, 2018 | Adeline Zhang

1 Background In early November 2018, NSFOCUS discovered that some of its financial customers had been infected with a worm virus FT.exe that could affect both Linux and Windows platforms. Like the ransomware Satan, the virus spreads itself by exploiting multiple application vulnerabilities. However, this virus, after breaking into the system, does not do anything […]

Technical Report on Container Security (III)-1

December 5, 2018 | Adeline Zhang

Security Risks and Challenges — Vulnerability and Security Risk Analysis Vulnerability and Security Risk Analysis As a specific implementation of the container technology, Docker is getting more and more popular in recent years. To some extent, Docker has become a typical representation of the container technology. Docker is based on the common client/server (C/S) architecture […]

Personal Computer——Encrypted File Storage

December 4, 2018 | Adeline Zhang

Case AnalysisCase Analysis If files are stored in the hard disk, they may be read by others stealing the computer. If files are put in an encrypted disk, others obtaining this disk must type the encryption password before viewing the files. This effectively prevents disclosure of important files. Security Tips/Takeaways Store sensitive files in an […]

Sample Analysis Report-3

November 26, 2018 | Adeline Zhang

1 Sample Introduction 1.1 Sample Type The sample is a Trojan, which belongs to the Tsunami family.

Wi-Fi Security——Automatic Connection to Wi-Fi

November 24, 2018 | Adeline Zhang

Case AnalysisCase Analysis When finding a bogus Wi-Fi hotspot with the same name as a legitimate one, smartphones also try to connect to it with the stored password. This gives hackers access to legitimate Wi-Fi networks. Security Tips/Takeaways Disable WLAN on smartphones and laptops when Wi-Fi is not used, in case the devices automatically connect […]

Adobe Flash Player Remote Code Execution Vulnerability Threat Alert

November 23, 2018 | Adeline Zhang

Overview On November 20, 2018, local time, Adobe released a security advisory for documenting the remediation of a critical vulnerability in Adobe Flash Player. Successful exploitation of this vulnerability could allow attackers to remotely execute arbitrary code.