Blog

WebLogic Remote Code Execution Vulnerabilities (CVE-2020-14625, CVE-2020-14644, CVE-2020-14645, CVE-2020-14687) Threat Alert

August 7, 2020 | Mina Hao

Overview On July 15, 2020, Beijing time, Oracle released a Critical Patch Update (CPU) for July 2020 that fixes 443 vulnerabilities of different risk levels. The WebLogic Server Core component is prone to four severe vulnerabilities with a CVSS base score of 9.8, which are assigned CVE-2020-14625, CVE-2020-14644, CVE-2020-14645, and CVE-2020-14687 respectively. These vulnerabilities are […]

IP Reputation Report-08022020

August 6, 2020 | Mina Hao

1. Top 10 countries in attack counts: The above diagram shows the top 10 regions with the most malicious IP addresses from the NSFOCUS IP Reputation databases at August 2, 2020.

2019 Cybersecurity Insights -14

August 5, 2020 | Mina Hao

Malware Threats from Mobile Platforms Nowadays, smartphones are ubiquitous. Android, as a widely used mobile operating system, is vulnerable to an increasing large number of malware families owing to its openness and privilege issues. Such malware can even be spread via legal channels, including Google Store.

Multiple Cisco Vulnerabilities Threat Alert 2020

August 4, 2020 | Mina Hao

Overview On July 15, 2020 local time, Cisco released security advisories to address vulnerabilities across multiple products, including five Critical vulnerabilities with a CVSS base score of 9.8 (CVE-2020-3330, CVE-2020-3323, CVE-2020-3144, CVE-2020-3331, and CVE-2020-3140). Reference link:

Botnet Trend Report -4

August 3, 2020 | Mina Hao

In the reconnaissance phase, a bad actor can determine which targets to attack through batch scanning. Such scanning is often focused on user names and passwords for access to and vulnerabilities in devices. Besides, an attacker may try to compromise targets by delivering malicious baits to their email addresses collected previously.

Oracle July 2020 Critical Patch Update for All Product Families Threat Alert

July 31, 2020 | Mina Hao

Overview On July 14, 2020 local time, Oracle released its July 2020 Critical Patch Update (CPU), its own security advisories, and third-party security bulletins, which fix 443 vulnerabilities of varying severity levels. For details about affected products and available patches, see the appendix.

IP Reputation Report-07262020

July 30, 2020 | Mina Hao

1.Top 10 countries in attack counts: The above diagram shows the top 10 regions with the most malicious IP addresses from the NSFOCUS IP Reputation databases at July 26, 2020.

2019 Cybersecurity Insights -13

July 29, 2020 | Mina Hao

Cryptojacking Malware In 2019, the pickup in cryptocurrency prices led to an increase in the number of cryptojacking malware families. Of all these families, Monero mining trojans still took a dominant place. EternalBlue and weak password cracking were the major methods for ransomware families to compromise large enterprises in financial and telecom sectors and spread […]

Alert: Digi Devices Affected by Ripple20 Can Be Used in Reflection Attacks

July 28, 2020 | Mina Hao

Executive Summary In recent years, more and more protocols that may cause UDP reflection attacks have come into our sight, such as CoAP[1], Ubiquiti[2], WS-Discovery[3], OpenVPN[4], and a certain DVR protocol[5]. These attack patterns are different from DNS, SSDP, NTP, Memcached, and other reflection attacks that are well familiar to us, posing certain challenges to […]

Botnet Trend Report -3

July 27, 2020 | Mina Hao

Botnets can pose a variety of cyber threats. NSFOCUS Security Labs has been focused on the capture, track, and study of botnet-related threats. In 2019, the Labs further upgraded its capturing and tracking techniques and capabilities and expanded its scope of interest to cover more diverse threats, including cryptojacking, ransomware attacks, data theft by banking […]