DDoS Mitigation

Microsoft’s May security update for multiple high-risk product vulnerabilities

May 11, 2023 | NSFOCUS

Overview On May 10, NSFOCUS CERT monitored that Microsoft had released a security update patch for May, which fixed 38 security issues, involving Win32k, Windows OLE, Microsoft SharePoint Server, Windows Pragmatic General Multicast (PGM) and other widely used products, including high-risk vulnerability types such as privilege enhancement and remote code execution. Among the vulnerabilities fixed […]

How to Protect MEC from DDoS Attacks in 5G Networks

June 8, 2022 | Jie Ji

NSFOCUS at RSAC 2022 Why MEC is so important to the 5G Network? MEC (Multiple-access Edge Computing) is an important part of the 5G architecture, which is a type of distributed computing used to reduce bandwidth and improve response time, allowing operators to deploy their applications from centralized data centers to the edge of the […]

NSFOCUS Managed Security Service Case: Response to a Hybrid SYN/ACK Flood Incident

May 23, 2022 | Jie Ji

Incident discovered In early 2021, a private cloud service provider in the United States was hit by a massive hybrid SYN Flood attack. As the service provider is a customer of NSFOCUS Cloud DDoS Protection Service and subscribed with Managed Security Service (MSS), the malicious traffic is noticed instantly by NSFOCUS Managed Security Service team, […]

APT Group Lazarus Distributing Korean Phishing Lures to Feel Out Cryptocurrency Users

April 12, 2022 | Jie Ji

Overview Recently, NSFOCUS Security Labs captured a series of phishing documents containing specific Korean bait information. Most of these documents contain keywords such as “BTC”, “ETH”, “NFT”, and “account information”, which trick victims into opening them and then use remote template injection to implant malicious programs, thereby stealing host information. Analysis shows that these phishing […]

NSFOCUS Appraised Maturity Level 5 of CMMI Development V2.0

August 23, 2021 | Jie Ji

We are very excited to announce that NSFOCUS has been appraised at Maturity Level 5 of the CMMI Institute’s Capability Maturity Model Integration (CMMI)® Version 2.0. CMMI is a proven set of global best practices that drives business performance through building and benchmarking key capabilities. It is an integrated framework of best practices that can rapidly […]

Reflection on Detection of Encrypted Malware Traffic

July 29, 2021 | Jie Ji

The Internet has become an indispensable part of our lives, and it is of vital importance to work out how to guarantee the security of users’ sensitive information and privacy in cyberspace. Most of the Internet traffic is encrypted with Transport Layer Security (TLS), which cannot guarantee absolute security. Malware has been seen to use […]

Cloud DPS – Optimization for a Managed Security Service Customer

July 27, 2021 | Jie Ji

Today DDoS attacks are continuing to increase in frequency, volume and duration to affect a business’s continuity and reputation. DDoS mitigation capability has become the top priority for CIO/CISOs in Enterprise, Internet content providers and government, while they may have to face the challenge of finding sufficient experienced security professionals to build, maintain and operate […]

A Look into Source Code of Paradise Ransomware, a “Custom-Built” Virus – 2

July 20, 2021 | Jie Ji

2. Encrypter: DP_Main 2.2 Self Copy and Automatic Running at Startup The program copies itself to %APPDATA%/DP/DP_Main.exe, and modifies the registry for automatic running at startup. 2.3 Deletion of Volume Shadow Backups The program uses CMD command parameters to delete volume shadow backups. 2.4 Upload of Encryption Information After obtaining disk information, the program begins […]

A Look into Source Code of Paradise Ransomware, a “Custom-Built” Virus – 1

July 16, 2021 | Jie Ji

Event Overview Recently, NSFOCUS CERT, through ongoing monitoring, found that the source code of the Paradise ransomware was leaked. Since data encrypted by Paradise cannot be decrypted now, the source code, if widely spread over the Internet, may cause a lot of trouble. Paradise had its source code leaked on a Russian hacker forum on […]

2020 DDoS Attack Landscape Report – 4

July 8, 2021 | Jie Ji

Key Findings – 5 The Number of DDoS Attacks on Healthcare, Education, and Government Sectors Increased Significantly During the COVID-19 Pandemic The healthcare sector suffered more DDoS attacks during the COVID-19 pandemic than previous years. According to statistics2, the number of attacks in each month in 2020 H2 increased year on year, with March and […]