Adeline Zhang

WordPress plug-in authentication bypass vulnerability Security Alert

janeiro 26, 2020

Overview

Recently, webarx researchers announced two high-risk authentication bypass vulnerabilities in WordPress plug-ins, which allow attackers to log in to an administrator account without a password. (mais…)

ICS Information Security Assurance Framework 8

janeiro 25, 2020

2.2.3 New ICS Attack Framework “TRITON”

In the middle of November 2017, the Dragos, Inc. team found malware tailor-made for ICSs and identified it as TRISIS (referred to as TRITON in this document) because it fixed it gaze on Schneider Electric’s Triconex safety instrumented system (SIS), enabling the replacement of logic in final control elements. (mais…)

GitLab EE / CE Information Disclosure Vulnerability (CVE-2020-6832) Security Alert

janeiro 24, 2020

Vulnerability Description

On January 14th, GitLab officially released an important version update security notice, fixing a vulnerability (CVE-2020-6832) that could lead to private project inform-ation disclosure. GitLab is an open source project for a warehouse management system. It uses Git as a code management tool and a web service built on it. (mais…)

Cybersecurity Insights-14

janeiro 23, 2020

Analysis of IoT Attack Sources

From NSFOCUS’s IoT threat intelligence, we can associate DDoS attack events with IoT devices. Further analysis of IoT devices compared to source IP addresses of DDoS attacks found that 3.14% of DDoS attackers are IoT devices. Though this proportion is relatively small, the number of DDoS source IP addresses is so staggering large that DDoS attacks based on IoT devices is a very significant threat. (mais…)

ICS Information Security Assurance Framework 7

janeiro 23, 2020

2.2.2 Dragonfly 2.0 Malware The Dragonfly organization, also known as Energetic Bear, mainly carries out cyber espionage activities targeting electric power operators, major power generation enterprises, petroleum pipeline operators, and industrial equipment providers in the energy sector. According to a Joint Analysis Report (JAR) released by the Department of Homeland Security (DHS), Dragonfly is a […]

IP Reputation Report-01192020

janeiro 22, 2020

  1. Top 10 countries in attack counts:

  • The above diagram shows the top 10 regions with the most malicious IP addresses from the NSFOCUS IP Reputation databases at January 19, 2020.

(mais…)

ICS Information Security Assurance Framework 6

janeiro 21, 2020

2.2 ICS-Targeting Malware Analysis

In recent years, more and more malware took ICSs as targets, causing an increasingly great damage.

The following sections analyze major ICS-targeting malware. (mais…)

Cisco Data Center Network Manager (DCNM) authentication bypass vulnerability Security Alert

janeiro 21, 2020

Overview

Multiple vulnerabilities in the authentication mechanism of Cisco Data Center Network Manager (dcnm) (cve-2019-15975, cve-2019-15976, cve-2019-15977) may allow unauthorized remote attackers to bypass authentication and perform arbitrary operations with administrative privileges on the affected devices. (mais…)

ICS Information Security Assurance Framework 5

janeiro 19, 2020

Typical ICS Security Incidents

As ICSs are increasingly informatized and open, more and more attacks are hitting ICSs, doing an increasing harm. ICS-targeted attacks use the IT network as a springboard to affect the operating of OT systems. Currently, attacks against ICSs are carried out to achieve three purposes: disrupting the normal operating of ICSs, obtaining ICS data, and making financial gains. (mais…)

ICS Information Security Assurance Framework 4

janeiro 18, 2020

Technical Trend of ICS Information Security

1.3.1 General Introduction

As the application of IT technologies in industrial fields is expanding in breadth and depth, ICSs are facing an increasing number of security risks. ICSs’ original security protection systems which
feature border separation and protection tend to be associated and integrated with business. With the emergence of new application forms such as industrial clouds and industrial big data, ICS security products need to surpass the existing products in terms of functions and application form, so as to better adapt to new applications. (mais…)

Search

Inscreva-se no Blog da NSFOCUS