Regional APT Threat Situation Overview In March 2025, the global threat hunting system of NSFOCUS Fuying Laboratory discovered a total of 19 APT attack activities. These activities were mainly distributed in South Asia, East Asia, Eastern Europe, and South America, as shown in the following figure. In terms of group...
Category: Threat Analysis
2018 DDoS Attack Landscape-5
3.3 DDoS Attack Duration 3.3.1 Attack Duration Distribution In 2018, the average duration of a DDoS attack was 42 minutes, down 17% from 2017. This indicates that DDoS attacks were upgraded in industrialization, weaponization, and efficiency and DDoS-as-aService gained momentum for fast growth. We noticed that the longest DDoS attack...
Analysis of File Disclosure by APT34
1 About APT34 APT34, exposed to the public view in 2014, mainly targets Middle Eastern countries and some international organizations. APT34 attacks a variety of sectors mainly in the Middle East, but not limited to finance, government, energy, chemical engineer, and telecommunications. (more…)
ADB.Mirai: New Mirai Botnet Variant Spreading via the ADB Debug Port
Overview At the beginning of 2019, the domestic and overseas security vendors have detected cryptominers that spread via Android devices with an open ADB debug port. Recently, NSFOCUS Fu Ying Labs has detected once more such botnets that can be used to launch distributed denial-of-service (DDoS) attacks. The sample analysis...
Adobe Security Bulletin for December 2018 Security Updates
Overview On December 11, 2018 (local time), Adobe released security updates which address multiple vulnerabilities in Acrobat and Reader. (more…)
ThinkPHP Remote Code Execution Vulnerability Handling Guide
1 Vulnerability Overview Recently, ThinkPHP posted a blog, announcing the release of an update that addresses a high-risk remote code execution (RCE) vulnerability. This vulnerability stems from the framework's insufficient checks on controller names, which, in case forced routing is not enabled, would allow arbitrary code execution or even access...
