Adeline Zhang

A Look into RSAC 2020: Cloud Security

abril 13, 2020

RSA Conference (RSAC) 2020 was held still at the Moscone Center in San Francisco in February as scheduled. Unfortunately, I failed to attend this conference. So, instead of talking about my actual feelings of visiting the scene, I focus on what I think after watching session tracks of this conference.

(mais…)

Linux Kernel Information Disclosure and Privilege Escalation Vulnerability Threat Alert

abril 10, 2020

Vulnerability Description

On March 31, the Linux kernel privilege escalation vulnerability demonstrated by the competitor Manfred Paul on the Pwn2Own contest was included in the CVE database and identified as CVE-2020-8835. This vulnerability exists because the bpf verifier in the Linux kernel does not properly calculate register bounds for certain operations. A local attacker could exploit this vulnerability to read confidential information (kernel memory) or gain administrative privileges. Users should take preventive measures as soon as possible.

(mais…)

IP Reputation Report-04052020

abril 9, 2020

  1. Top 10 countries in attack counts:

  • The above diagram shows the top 10 regions with the most malicious IP addresses from the NSFOCUS IP Reputation databases at April 05, 2020.

(mais…)

DDoS Attack Landscape 3

abril 8, 2020

DDoS Attack Type Analysis

Proportions of Different Attack Types

In 2019, most frequently seen attacks were UDP floods, SYN floods, and ACK floods, which together accounted for 82% of all DDoS attacks. By contrast, reflection attacks took up only 10%. Compared with 2018, reflection attacks rose slightly in number, but remained small in proportion. (mais…)

What’s New in NSFOCUS’s Anti-DDoS Solution in 2020

abril 7, 2020

If you are clueless about DDoS prevention in 2020 and do not understand why customers choose to adopt NSFOCUS’s anti-DDoS solution, you have to read the following contents carefully to find the answer. In 2020, ADS/NTA/ADS M V4.5R90F02 is about to be released with new functions which will enable you to win bids, upgrade your protection, and simplify your O&M. So, read on to find out what they can do for you. (mais…)

A Look into RSAC 2020: NSFOCUS’s Practices in Automated Security Orchestration and Response

abril 6, 2020

At RSA Conference Innovation Sandbox Contest 2020, SECURITI.ai was named “Most Innovative Startup”. The technical directions shown in this year’s contest covered external data representation (XDR), DevSecOps, and TVM+SOAR. Obviously, security operations are still one of the main directions that ignite the most efforts of innovation companies.

According to the topics talked about at RSAC 2020, security operations are shifting from security orchestration automation and response (SOAR) solutions to DevSevOps, which features end-to-end automation and streamlined processes, and have incorporated automated security processes (such as automated bug findings) into the security orchestration and response system to practice the concept of “automate as much as possible”. (mais…)

Type1 Font Parsing 0-day Remote Code Execution Vulnerability Threat Alert

abril 3, 2020

Overview

On March 23, local time, Microsoft released an out-of-band security advisory ADV200006 to address two critical 0-day vulnerabilities in Adobe Type Manager Library. A vulnerability exists in Microsoft Windows when the Windows Adobe Type Manager Library improperly handles a crafted multi-master font, namely, the Adobe Type 1 PostScript format. An attacker could exploit the vulnerability to cause remote code execution by convincing a user to open a crafted document or viewing it in the Windows Preview pane. (mais…)

IP Reputation Report-03292020

abril 2, 2020

  1. Top 10 countries in attack counts:

  • The above diagram shows the top 10 regions with the most malicious IP addresses from the NSFOCUS IP Reputation databases at March 29, 2020.

(mais…)

DDoS Attack Landscape 2

abril 1, 2020

DDoS Attack Counts and Peak Sizes

Distribution of Peak Sizes

From the monthly data in the last three years, the number of large-scale attacks (> 100 Gbps) soared in 2018 and then fluctuated at a high level over a two-year period. In 2017, the number of
such attacks reached 11,800, only 48% of the number in 2018 (24,500). 2019 saw 21,400 largescale attacks peaking above 100 Gbps (according to data by November 2019), on a par with 2018 (22,000 by November 2018). Besides, super-sized attacks (> 300 Gbps) have increased year by year from an average of 30 per month in 2017 to 247 in 2018 and then to 262 in 2019. Arguably, it has become a normal thing for super-sized attacks to keep increasing in number.

(mais…)

Spring Cloud Config Server Path Traversal (CVE-2020-5405) Threat Alert

março 31, 2020

Vulnerability Description

Security researchers from NSFOCUS found a directory traversal vulnerability (CVE-2020-5405) in the Spring Cloud Config component. On February 26, Spring released a security bulletin to announce this vulnerability and also expressed appreciation to NSFOCUS. (mais…)

Search

Inscreva-se no Blog da NSFOCUS