Blog

Doing It Better

January 21, 2016 | Adeline Zhang

Track:  Technical Author: Stephen Gates, Chief Research Intelligence Analyst, NSFOCUS Flying at 40,000 feet above the ground always gives one a sense of clarity.  Looking down on the world from such a height can make a person feel somewhat insignificant.  However, my trip today is very noteworthy.  I will be landing in Las Vegas in a […]

Anatomy of an attack: network bandwidth exhaustion

January 5, 2016 | NSFOCUS

Track:  Technical Author: Vann Abernethy, Field CTO, NSFOCUS DDoS attacks come in three basic flavors:  network-layer, application-layer and a hybrid of the two.  This is a somewhat simplistic view but when you look at the strategy for taking someone down via DDoS, the two primary vehicles are either exhaustion of available network bandwidth or the overwhelming […]

DDoS attacks – more than just disruption?

December 21, 2015 | NSFOCUS

Track:  General Security Author: Vann Abernethy, Field CTO, NSFOCUS Distributed Denial-of-Service (DDoS) attacks have been around for decades and have been increasing in popularity due to the relative ease in carrying one out.  Traditionally, the purpose of these attacks has been to make a site or service unavailable to its intended users for some duration via […]

Anatomy of an attack – DNS amplification

December 14, 2015 | NSFOCUS

Track:  Technical Author: Vann Abernethy, Field CTO, NSFOCUS DNS amplification attacks ramp up the power of a botnet when targeting a victim.  The basic technique of a DNS amplification attack is to spoof the IP of the intended target and send a request for a large DNS zone file to any number of open recursive DNS […]

The financial impact of DDoS attacks: The devil is in the details

December 7, 2015 | NSFOCUS

Track:  Business Author: Dave Martin, Director of Product Marketing, NSFOCUS Even if you have not yet been the victim of a DDoS attack it is helpful to examine the financial impact of a potential attack on your organization for the purposes of doing risk assessment or for calculating the payback period of a DDoS protection solution.

Modern DDoS attacks: When Moore’s law meets Darwin’s Theory of Evolution

December 4, 2015 | NSFOCUS

Track:  General Security Author: Dave Martin, Director of Product Marketing, NSFOCUS What would happen if you combined Moore’s law with Darwin’s Theory of Evolution and applied them to DDoS attacks?  Unfortunately, modern DDoS attacks seem to embody this idea perfectly as both the frequency and complexity of these attacks have become truly staggering in just a […]

Brains vs. Brawn – Cracking the Seventh Layer

October 1, 2015 | NSFOCUS

Author: Rishi Agarwal, Chief Evangelist, NSFOCUS When the news reports on DDoS attacks, it is generally referring to large-scale network attacks that are focused on Layer 3 and 4 of the network stack. However, from a mitigation point of view, network layer attacks are not sophisticated. The ability to mitigate this type of attack always […]

Analysis of WordPress SQL Injection and Privilege Escalation Vulnerability

September 24, 2015 | NSFOCUS

By: Junli Shen, Network Offensive and Defensive Researcher, NSFOCUS Analysis of Core WordPress SQL Injection Vulnerability As a Threat Response Center (TRC) researcher, I conducted a thorough analysis on the “Core WordPress SQL Injection Vulnerability” (CVE-2015-5623 and CVE-2015-2213). Vulnerability Overview Previously, I read a tweet about the SQL injection vulnerability found in the core function of […]

How DDoS Attacks have Evolved in the Last Two Decades

September 14, 2015 | NSFOCUS

By: Zujun Xu, Senior Security Consultant, NSFOCUS The Current State of DDoS attacks It has been 20 years passed since the first DDoS attack. Many variants appeared during this period of time, such as DDRoS, which has the same result as DDoS attacks, to disrupt the availability of the target host and their services. DDoS protection […]

NSFOCUS Listed in Gartner’s Two Magic Quadrants for Web Security Products

September 8, 2015 | NSFOCUS

Gartner, the world’s leading research and advisory firm, released two authoritative magic quadrants (application security testing (AST) and web application firewalls (WAFs)) regarding web security every year by selecting important vendors with global influence. We are so proud that NSFOCUS WVSS and WAF had both recognized in Gartner’s Two Magic Quadrants. With dramatic increasing services […]