Threat actors who specialize in ransomware are always using Double Extortion Tactics in which they not only encrypt the victim’s data but also threaten to leak sensitive data publicly unless the ransom is paid. Double Extortion Tactics first started appearing in late 2019, becoming an increasingly common trend through 2020. The attack against Allied Universal […]
Overview Recently, NSFOCUS CERT discovered that the Qualys research team disclosed a local privilege escalation vulnerability (CVE-2021-33909, aka Sequoia) in the filesystem layer in the Linux kernel. It is a size_t-to-int type conversion vulnerability in the seq_file interface in the Linux kernel. fs/seq_file.c’s improper restriction of the seq buffer allocation may cause an integer overflow, […]
After nearly 20 years of cloud computing development, we have stepped into the cloud native era. Cloud native technologies, exemplified by container, service mesh, and micro-service, are bringing disruptive changes to IT infrastructure, platforms, and application systems deployed for various sectors and are also permeating industrial Internet platforms with IT/OT convergence, 5G infrastructure with IT/CT […]
The Internet has become an indispensable part of our lives, and it is of vital importance to work out how to guarantee the security of users’ sensitive information and privacy in cyberspace. Most of the Internet traffic is encrypted with Transport Layer Security (TLS), which cannot guarantee absolute security. Malware has been seen to use […]
2. Encrypter: DP_Main 2.2 Self Copy and Automatic Running at Startup The program copies itself to %APPDATA%/DP/DP_Main.exe, and modifies the registry for automatic running at startup. 2.3 Deletion of Volume Shadow Backups The program uses CMD command parameters to delete volume shadow backups. 2.4 Upload of Encryption Information After obtaining disk information, the program begins […]
Event Overview Recently, NSFOCUS CERT, through ongoing monitoring, found that the source code of the Paradise ransomware was leaked. Since data encrypted by Paradise cannot be decrypted now, the source code, if widely spread over the Internet, may cause a lot of trouble. Paradise had its source code leaked on a Russian hacker forum on […]
Telecom Exchange, one of the largest C-level networking events that provides unparalleled collaboration, education, and one-on-one engagement with the industry’s top decision-makers, is heading to NYC next week. Executives from all around the world will be meeting to discuss the complex network infrastructure ecosystems, technology and what it means for telecom. The event will […]
Earlier this month at RSA we released the newest service in our arsenal of holistic hybrid security solutions, Attack Threat Monitoring (ATM). We were thrilled not only to demo ATM at our RSA booth, but even more pleased to release the service to the public having already won an award. Cyber Defense Magazine examines thousands […]
