Overview In recent years, the cloud computing model has gradually been universally recognized and accepted in the industry. In China, sectors such as governments, finance, carriers, and energy as well as small and medium-size organizations, to varying degrees, have migrated their business to the cloud. However, just turning hosts, platforms, or applications into virtual form […]
Taiwan Semiconductor Manufacturing Company (TSMC) is the world’s largest dedicated semiconductor and processor manufactor, manufacturing processors and other chips for the world’s largest science and technology companies including Apple, AMD, NVDIA and Qualcomm. In the evening of August 3, 2018, Beijing time, a technician’s improper operation during software installation caused the virus infection in the […]
(Report ID: 201827) Internet Threat Status CVE Statistics The number of new CVE IDs increased considerably last week. Threat Review XXE in WeChat Pay Sdk|WeChat leave a backdoor on merchant websites (07-01-2018) A payment security researcher found an XXE vulnerability in the JAVA version SDK. The attacker can build malicious payload towards the notification […]
Internet Threat Status CVE Statistics The number of new CVE IDs in last week was 193, a decrease compared with the previous week. Threat Review WPA3 Standard Officially Launches With New Wi-Fi Security Features (06-25-2018) The Wi-Fi Alliance today officially launched WPA3—the next-generation Wi-Fi security standard that promises to eliminate all the known […]
Internet Threat Status CVE Statistics From the figure above, we can see an obvious rise in CVE IDs over last week. Besides, the fact that quite a few vulnerabilites were disclosed or discovered recently also reminded people to keep close attention to their systems’ security. Threat Review Quarterly Threat Report |Q1 2018 Ransomware volumes reduced; […]
(Report ID: 201824) Internet Threat Status CVE Statistics Last week we saw a slight increase in the total entries of CVE IDs. Threat Review New ‘Lazy FP State Restore’ Vulnerability Found in All Modern Intel CPUs Date: 06-13-2018 Description: Hell Yeah! Another security vulnerability has been discovered in Intel chips that affects the processor’s […]
1 Introduction New Internet-based technologies and models, such as cloud computing, big data, Internet of Things (IoT), and mobile computing, are profoundly influencing transformations in the cyberspace. In this context, cyber threats keep evolving and upgrading. Distributed denial-of-service (DDoS) attacks and web application attacks are the main security threats facing the Internet at present. While […]
In August 2017, NSFOCUS’s DDoS situation awareness platform detected anoma-lous bandwidth usage over a customer’s network, which, upon analysis, was confirmed to be a distributed denial-of-service (DDoS) attack. The attack was characterized by different types of traffic, including TCP flood, HTTP flood, and DNS flood. Tracing source IP addresses, we found that the attack had […]
Executive Overview There was a 34.06% increase in number of IP addresses globally in the NSFOCUS IP Reputation databases this month compared to both the beginning of the year and post WannaCry and Petya (33.17% through July). Globally the number of Botnets did not change significantly. However, the overall percentage of Botnets compared to other […]
Overview On September 5, 2017, Apache Struts released the latest security bulletin announcing that the REST plug-in in Apache Struts 2.5.x and some 2.x versions is prone to a high-risk remote code execution vulnerability, which has been assigned CVE-2017-9805 (S2-052). When using an XStream handler with an instance of XStream for deserialization, the REST plug-in […]
