Mobile Office——SMS phishing

January 18, 2019 | Mina Hao

Case Analysis This story starts from an SMS message and ends with financial loss, sounding just like an ordinary telecom fraud. But it is distinctive in that a malicious link and a web page that contains a trojan are leveraged, indicating that the attacker is quite tech-savvy. After the mobile phone is infected with the […]

NSFOCUS Detects Two Satan Variants Targeting Financial Sector

January 17, 2019 | Devika Jain

  In early November of 2018, NSFOCUS spotted the first variant of Satan malware that targets Linux and Windows systems and spreads by exploiting various application vulnerabilities. A few weeks later, NSFOCUS came across a second variant of this Satan, capable of self-propagation via Windows and Linux platforms. These two variant detections are just another […]

NSFOCUS Forms Strategic Partnerships in LATAM and Around the World

January 14, 2019 | Andre Mello

  By: Andre Tristao e Mello, Vice President, Latin America & Caribbean, NSFOCUS At NSFOCUS, we are always looking for ways to better serve and work with our customers — from innovative product updates to partnerships; we’re dedicated to helping and protecting our customers. Across the LATAM region, we focused many of our efforts into […]

NSFOCUS’s Presence at Botconf 2018

December 17, 2018 | Adeline Zhang

On December 7, 2018 security experts from NSFOCUS Fu Ying Labs delivered a speech at Botconf 2018, presenting WASM security threat analysis technologies with researchers from security firms, media personnel, and security practitioners from CERTs (Computer Emergency Response Teams) of various countries. Their striking insights were highly accepted and acknowledged by the international security industry. […]

ThinkPHP Remote Code Execution Vulnerability Handling Guide

December 17, 2018 | Adeline Zhang

1 Vulnerability Overview Recently, ThinkPHP posted a blog, announcing the release of an update that addresses a high-risk remote code execution (RCE) vulnerability. This vulnerability stems from the framework’s insufficient checks on controller names, which, in case forced routing is not enabled, would allow arbitrary code execution or even access to the server. ThinkPHP is […]

Personal Computer——File Deletion

December 14, 2018 | Adeline Zhang

Case AnalysisCase Analysis When you delete files from a computer or USB flash drive, just clicking the deletion button or doing a quick formatting does not completely remove files because you can easily recover them using data recovery software. Even after you clear the recycle bin, those deleted files can still be retrieved.

ThinkPHP 5.x Remote Code Execution Vulnerability Threat Alert

December 13, 2018 | Adeline Zhang

Overview Recently, ThinkPHP posted a blog, announcing the release of an important update that addresses a critical vulnerability. This security update fixes a getShell vulnerability caused by the framework’s insufficient checks on controller names in case forced routing is not enabled. The vulnerability, which affects ThinkPHP 5.0 and 5.1, is fixed in the latest version.

The missing leg – integrity in the CIA triad

December 13, 2018 | wangyang2

Linkedin Eric Vanderburg Information security is often described using the CIA Triad. The CIA stands for Confidentiality, Integrity, and Availability and these are the three elements of data that information security tries to protect. If we look at the CIA triad from the attacker’s viewpoint, they would seek to compromise confidentiality by stealing data, integrity by manipulating data […]

Technical Report on Container Security (III)-2

December 11, 2018 | Adeline Zhang

Security Risks and Challenges—Security Threat Analysis Security Threat Analysis When we talk about security risks to containers, we mean security threats to hosts, to containers, and to the carried applications.

Adobe Flash Player 0-Day Vulnerabilities Threat Alert

December 11, 2018 | Adeline Zhang

Overview On December 5, 2018, local time, Adobe released a security bulletin to document the remediation of two vulnerabilities, namely a critical 0-day vulnerability (CVE-2018-15982) in Adobe Flash Player and an important vulnerability (CVE-2018-15983) in Adobe Flash Player installer.