UPnP is short for Universal Plug and Play. UPnP is an architecture that defines peer-to-peer connectivity of PCs and intelligent devices (or instruments). Built upon Internet standards and technologies (suchas TCP/IP, HTTP, and XML), UPnP allows such devices to connect to and collaborate with each other automatically, thus making it possible for the network (especially […]
Overview On June 5, Beijing time, IBM released a security bulletin to announce the fix of a high-risk remote code execution vulnerability (CVE-2020-4450) in WebSphere Application Server (WAS). This vulnerability was caused by deserialization of the Internet Inter-ORB Protocol (IIOP). It is assigned the CVSS base score of 9.8 and therefore is a high-risk one […]
In 2019, ransomware was still a major type of threats that haunted people around the world. As an infamous botnet family, GandCrab generated more than USD 2 billion in ransom payments, simulating the rapid increase of other ransomware.
Threats Against WS-Discovery WSD is a multicast discovery protocol to locate services on a local area network (LAN). However, due to device vendors’ design flaw in the implementation, when a normal IP address sends a service discovery packet, devices will also respond to the request. If exposed on the Internet, these devices will be possibly […]
In this section, we analyzed threats against three major protocols. Threats Against Telnet According to data from NSFOCUS’s threat hunting system, Telnet (available on port 23), targeted by a total of 120,000 attack sources, was the IoT protocol most favored by attackers1 . Figure 7-3 shows the activity trend of Telnet attack sources from March […]
Summary Global distribution of DDoS attacks: U.S. suffered the most DDoS attacks, and Japan received the largest volume of DDoS traffic. DDoS attack trend: March and April witnessed the most frequent DDoS attacks, and May saw the peak of attack traffic. DDoS attacks and COVID-19 pandemic: DDoS attacks fluctuated noticebly with the worldwide outbreak of […]
Overview Recently, TP-Link fixed a high-risk vulnerability in the C200 IP camera. A user’s hashed password can be found in the memory dump by using the discovered Heartbleed vulnerability exposed on TCP port 443. The hash was then used for a pass-the-hash attack by exploiting the login process on the API. This caused a login […]
Overview of DDoS Attacks in 2019 According to the observation of NSFOCUS Security Labs, DDoS botnets in 2019, though with some changes, continued with the same patterns in attack targets, families, and operating platforms overall. Among the track data of NSFOCUS Security Labs in 2019, there were more than 1.1 million instructions given by DDoS […]
