Blog

Security Knowledge Graph | Drawing Knowledge Graph of Software Supply Chain and Strengthening Risk Analysis

October 5, 2022 | Adeline Zhang

The security knowledge graph, a knowledge graph specific to the security domain, is the key to realizing cognitive intelligence in cyber security, and it also lays an indispensable technological foundation for dealing with advanced, continuous and complex threats and risks in cyberspace. NSFOCUS published a series of articles about the application of the security knowledge […]

Three Transformations of NSFOCUS ADS Solution

October 3, 2022 | Adeline Zhang

With the continuous transformation of telecommunication infrastructure in recent years, the popularization of 5G technology has promoted the sustainable and rapid growth of network bandwidth resources, and driven the rapid development of technologies such as big data, cloud computing, and the Internet of Things (IoT). However, due to security flaws, a large number of IoT […]

APT Group Gamaredon Intensifies Cyber Offensive in Ukraine (Part 2)

September 29, 2022 | Adeline Zhang

Part 1: APT Group Gamaredon Intensifies Cyber Offensive in Ukraine (Part 1) Type 2: Send malicious HTML attachments by masquerading notification emails The second type of attack activity Gamaredon mainly carried out is spear phishing emails. This is a new attack process that emerged in the second quarter of this year. Gamaredon attackers placed layers […]

APT Group Gamaredon Intensifies Cyber Offensive in Ukraine (Part 1)

September 28, 2022 | Adeline Zhang

Overview Beginning in the second quarter of this year, NSFOCUS Security Labs discovered that the APT group Gamaredon began frequently using a number of different types of attacks to conduct cyberattacks against military and police targets in Ukraine’s Kherson, Donetsk and other regions. In this attack cycle, Gamaredon mainly used attack tools such as malicious […]

Linux Kernel Privilege Escalation Vulnerability (CVE-2022-2588) Notification

September 27, 2022 | Jie Ji

Overview Recently, NSFOCUS CERT detected that a researcher disclosed an EXP that exists in the Linux kernel privilege escalation vulnerability (CVE-2022-2588) on the Internet. Due to improper operation of the route4_filter linked list, there is a use-after-free vulnerability in the route4_change function of the net/schedule/cls_route.c filter. By exploiting this vulnerability, a local attacker with general […]

APT Group Evilnum Launched a New Round of Cyberattacks on Online Transactions

September 26, 2022 | Adeline Zhang

Overview NSFOCUS Security Labs detected a string of related phishing attacks recently. The analysis confirmed that these activities were staged by the APT group Evilnum and they were a continuation of the group’s recent operation DarkCasino. This round of cyberattacks occurred in late July and lasted until early August. Evilnum attackers maintained consistent attack methodology […]

Security Knowledge Graph | Application in Integration of Functional Safety with Information Security in Industrial Control Systems

September 22, 2022 | Adeline Zhang

The security knowledge graph, a knowledge graph specific to the security domain, is the key to realizing cognitive intelligence in cyber security, and it also lays an indispensable technological foundation for dealing with advanced, continuous and complex threats and risks in cyberspace. NSFOCUS published a series of articles about the application of the security knowledge […]

Operation DarkCasino: In-Depth Analysis of Attacks by APT Group Evilnum (Part 2)

September 20, 2022 | Adeline Zhang

Operation DarkCasino: In-Depth Analysis of Attacks by APT Group Evilnum (Part 1) Components Evilnum mainly used a new customized trojan in this operation. NSFOCUS Security Labs named it DarkMe based on the particular string in the trojan program. NSFOCUS Security Labs also discovered another new trojan program that had a close connection to this operation […]

Operation DarkCasino: In-Depth Analysis of Attacks by APT Group Evilnum (Part 1)

September 19, 2022 | Adeline Zhang

Overview Recently, NSFOCUS Security Labs observed a series of phishing activities against European countries. Those activities mainly targeted online gambling platforms as well as active online trading behaviors, aiming to steal transaction credentials of service providers and customers for illegal profits. The in-depth analysis revealed that it was a continuation of recent attacks staged by […]

NSFOCUS Case Study on Protection Against Carpet-Bombing Attacks

September 16, 2022 | Adeline Zhang

Introduction According to the H1 2022 NSFOCUS Global DDoS Attack Landscape report released on 6 Sept 2022, DDoS attacks made a surprising 205% increase compared with the first half of 2021. When it comes to the carpet-bombing attacks prevalent in recent years, more than 100,000 IP addresses on hundreds of network segments were hit by […]