Speech by Wenmao Liu of NSFOCUS: Research on New Vectors of UDP-based DDoS Amplification Attacks of IoT
junho 2, 2021
As the world’s largest cybersecurity industry conference, the RSA Conference held its 30th annual event in 2021. It has been a driving force behind sharing, innovation, and progress in the global cybersecurity community. NSFOCUS stood out at the RSA Conference 2021 by making a debut on the conference speech podium as a Chinese security vendor. […]
2020 DDoS Attack Landscape Report – 2
maio 31, 2021
Key Findings – 2 The Bandwidth of DDoS attacks in 5G Environments Grew Steadily. Small and Medium-sized Attacks Overtook Small Attacks to Become the Mainstream Over the five-year period from 2016 to 2020, the average peak size of DDoS attacks rose to a new level since the latter half of 2018 despite obvious fluctuations. Of […]
Analysis of the SBIDIOT IoT Malware
maio 21, 2021
Produced by: Yuchen PAN Introduction Recently, an IoT malware sample dubbed SBIDIOT is found to engage in malicious activities, mainly distributed denial of service (DDoS) attacks. So far, very few incidents of this malware have been discovered by VirusTotal and cybersecurity communities. Though some IoT botnets focus on cryptocurrency mining or fraud activities, SBIDIOT-related botnets […]
Oracle April 2021 Critical Patch Update for All Product Families
maio 17, 2021
Vulnerability Description On April 21, 2021, NSFOCUS detected that Oracle released the April 2021 Critical Patch Update (CPU), which fixed 400 vulnerabilities of varying risk levels. This CPU involves multiple commonly used products, such as Oracle Database Server, Oracle Java SE, Oracle Fusion Middleware, Oracle MySQL, and Oracle Communications. Oracle strongly recommends users fix these […]
A Look into the Colonial Pipeline Hack by DarkSide on CII and Countermeasures
maio 13, 2021
Background On May 7, 2021, local time, Colonial Pipeline, the largest fuel pipeline operator in the USA, was forced to shut down its critical fuel network serving states on the US East Coast after being hit by a ransomware attack. This ransomware attack had fuel supply halted across three regions, affecting 17 states. On May […]
WebLogic Multiple Severe Vulnerabilities Threat Alert
maio 6, 2021
Vulnerability Description On April 21, 2021, NSFOCUS detected that Oracle released the April 2021 Critical Patch Update (CPU), which fixed 400 vulnerabilities of varying risk levels. Seven of these vulnerabilities are severe and easy to exploit and affect WebLogic. Users are advised to take measures without delay to protect against the preceding vulnerabilities. CVE-2021-2135: This […]
Principles and Characteristics of TCP Reflection Attacks
-e1619596788284.jpg)
abril 28, 2021
Produced by: Siqi GUO, Qiwen LUO Increasingly Serious Reflection Attacks Reflection attacks, as nothing new, have become one of the most troublesome and common DDoS attacks and are dominant in bandwidth consumption DDoS attacks. According to NSFOCUS’s latest 2020 DDoS Attack Landscape, reflection attacks made up 34% of all DDoS attacks in 2020. Compared with […]
Microsoft April Security Updates for Multiple High-Risk Product Vulnerabilities
abril 25, 2021
Vulnerability Description On April 14, 2020, Microsoft released April 2020 Security Updates that fix 114 vulnerabilities, including high-risk remote code execution and privilege escalation, in various products like Microsoft Windows, Office, Edge (Chromium-based), Visual Studio Code, Microsoft Exchange Server, Visual Studio, and Azure. In these security updates, Microsoft fixes 19 critical vulnerabilities and 88 important […]
2020 DDoS Attack Landscape Report – 1
abril 20, 2021
Executive Summary In 2020, the total number of distributed denial-of-service (DDoS) attacks declined a little compared with 2019, probably attributable to effective governance and enhanced protection capabilities of Anti-DDoS products. Despite this, DDoS attacks intensified during the COVID-19 pandemic, especially for healthcare, government, and education sectors. January to April 2020 was a period when China […]
