Overview This year a significant amount of security events such as WannaCry, Petya, and NotPetya occurred adversely affecting a wide variety of social and economic activities. To mitigate threats brought by such events IT and security teams have spared no effort in combating against such attacks for the security and...
Category: Global Events
Dumbo Exploit Project
Overview This week WikiLeaks published a document outlining another leaked hacking tool developed by the CIA (Central Intelligence Agency). The exploit titled ‘Dumbo’ possesses the capability of remotely managing and altering video and audio recordings on Windows XP systems. At the moment, the malware is only able to successfully run...
Blackmoon Banking Trojan Overview
Overview The Blackmoon Bank Trojan that was originally identified in 2016 has since re-surfaced. Recently, more than 150,000 bank accounts were compromised in South Korea and the Blackmoon Trojan has been identified as the culprit. A new 2017 version has hit the financial industry and employs a new framework model...
HostingCon Global 2017
HostingCon Global 2017 03-06 April 2017 L.A. Convention Center 210
Apache Struts2 Remote Code Execution Vulnerability (S2-045)
Overview Apache Struts2 is prone to a remote code execution vulnerability (CNNVD-201703-152) in the Jakarta Multipart parser plug-in. When uploading a file with this plug-in, an attacker could change the value of the Content-Type header field of an HTTP request to trigger this vulnerability, causing remote code execution. For details,...
Does a Dropbear DDoS in the Woods?
Author: Guy Rosefelt - Dir, PM Threat Intelligence & Web Security Recently, NSFOCUS has seen some interesting DDoS behavior. Since Q4 of last year, there has been a rise in SSL/VPN and SSH based DDoS attacks. Most people would not equate VPN or SSH as a viable mechanism for what...
