Cryptojacking Malware In 2019, the pickup in cryptocurrency prices led to an increase in the number of cryptojacking malware families. Of all these families, Monero mining trojans still took a dominant place. EternalBlue and weak password cracking were the major methods for ransomware families to compromise large enterprises in financial and telecom sectors and spread […]

Executive Summary In recent years, more and more protocols that may cause UDP reflection attacks have come into our sight, such as CoAP[1], Ubiquiti[2], WS-Discovery[3], OpenVPN[4], and a certain DVR protocol[5]. These attack patterns are different from DNS, SSDP, NTP, Memcached, and other reflection attacks that are well familiar to us, posing certain challenges to […]

Botnets can pose a variety of cyber threats. NSFOCUS Security Labs has been focused on the capture, track, and study of botnet-related threats. In 2019, the Labs further upgraded its capturing and tracking techniques and capabilities and expanded its scope of interest to cover more diverse threats, including cryptojacking, ransomware attacks, data theft by banking […]

Overview On July 14, 2020 local time, Adobe released its July security updates to fix multiple vulnerabilities in its various products, including Adobe Creative Cloud Desktop Application, Adobe Media Encoder, Adobe Genuine Service, Adobe ColdFusion, and Adobe Download Manager.

Overview  Microsoft released July 2020 security updates on Tuesday that fix 124 vulnerabilities ranging from simple spoofing attacks to remote code execution in various products, including .NET Framework, Azure DevOps, Internet Explorer, Microsoft Edge, Microsoft Graphics Component, Microsoft JET Database Engine, Microsoft Malware Protection Engine, Microsoft Office, Microsoft Office SharePoint, Microsoft OneDrive, Microsoft Scripting Engine, […]

Vulnerability Description Recently, NSFOCUS detected that F5 had updated its security advisory on the Traffic Management User Interface (TUMI) remote code execution vulnerability (CVE-2020-5902). The affected 15.x versions were changed to 15.0.0–15.1.0, and bypassable workarounds and validation methods were updated. By accessing the TUMI via the BIG-IP management port or their own IP addresses, unauthenticated […]

1.Top 10 countries in attack counts: The above diagram shows the top 10 regions with the most malicious IP addresses from the NSFOCUS IP Reputation databases at July 19, 2020.

Ransomware In 2019, ransomware was still a major type of threats that haunted people around the world. The most prominent families were GlobeImposter, GandCrab, and WannaCry, which were extremely active and had far more variants than others. According to NSFOCUS Security Labs’ observation, the number of ransomware families and variants increased sharply in four months […]

Vulnerability Description Recently, NSFOCUS detected that Citrix had released a security bulletin on the remediation of 11 vulnerabilities in Citrix Application Delivery Controller (ADC), Citrix Gateway, and Citrix SD-WAN WANOP. Details are as follows:

2019 witnessed frequent breakout of cybersecurity events, in which malware played an important role, exhibiting an eye-popping power of destruction with botnets. At the end of 2018, Driver Talent suffered a supply chain attack as a result of its upgrade channel being planted with a Monero mining trojan, which, once breaking into a computer, would […]