At RSA Conference Innovation Sandbox Contest 2020, SECURITI.ai was named “Most Innovative Startup”. The technical directions shown in this year’s contest covered external data representation (XDR), DevSecOps, and TVM+SOAR. Obviously, security operations are still one of the main directions that ignite the most efforts of innovation companies. According to the topics talked about at RSAC […]

Overview On March 23, local time, Microsoft released an out-of-band security advisory ADV200006 to address two critical 0-day vulnerabilities in Adobe Type Manager Library. A vulnerability exists in Microsoft Windows when the Windows Adobe Type Manager Library improperly handles a crafted multi-master font, namely, the Adobe Type 1 PostScript format. An attacker could exploit the […]

Top 10 countries in attack counts: The above diagram shows the top 10 regions with the most malicious IP addresses from the NSFOCUS IP Reputation databases at March 29, 2020.

DDoS Attack Counts and Peak Sizes Distribution of Peak Sizes From the monthly data in the last three years, the number of large-scale attacks (> 100 Gbps) soared in 2018 and then fluctuated at a high level over a two-year period. In 2017, the number of such attacks reached 11,800, only 48% of the number […]

Vulnerability Description Security researchers from NSFOCUS found a directory traversal vulnerability (CVE-2020-5405) in the Spring Cloud Config component. On February 26, Spring released a security bulletin to announce this vulnerability and also expressed appreciation to NSFOCUS.

Overview On March 11, Beijing time, Microsoft released March 2020 updates to fix vulnerabilities among which is a remote code execution vulnerability in Microsoft Server Message Block 3.1.1 (SMBv3) indicated in a security bulletin released earlier. This vulnerability exists in the way the Microsoft SMBv3 protocol handles certain requests. An attacker could exploit this vulnerability […]

Overview On March 11, Beijing time, Microsoft released March 2020 updates to fix vulnerabilities among which is a remote code execution vulnerability in Microsoft Server Message Block 3.1.1 (SMBv3) indicated in a security bulletin released earlier. Instead of a security patch, Microsoft currently provides a workaround for users to mitigate this vulnerability.

Vulnerability Description On March 6, the United States Computer Emergency Readiness Team (US-CERT) release a security bulletin to announce a 17-year-old remote code execution vulnerability in the PPP daemon (pppd). This vulnerability affects nearly all Linux-based operating systems and network device firmware. This vulnerability is a buffer overflow vulnerability (CVE-2020-8597), with a CVSS score of […]

Top 10 countries in attack counts: The above diagram shows the top 10 regions with the most malicious IP addresses from the NSFOCUS IP Reputation databases at March 22, 2020.

Executive Summary In 2019, the average peak size of DDoS attacks rose steadily from 2018 to 42.9 Gbps, indicating that techniques employed by large and medium scale attacks are advancing year by year. After a sharp rise in 2018, super-sized DDoS attacks (> 300 Gbps) were relatively stabilizing in 2019, increasing slightly by around 200.