Technical Report on Container Security (III)-1
dezembro 5, 2018
Security Risks and Challenges — Vulnerability and Security Risk Analysis
Vulnerability and Security Risk Analysis
As a specific implementation of the container technology, Docker is getting more and more popular in recent years. To some extent, Docker has become a typical representation of the container technology. Docker is based on the common client/server (C/S) architecture design as shown in Figure 3.1. In this architecture, the Docker daemon (server) runs on the Docker host and the Docker client sends requests to the daemon. This chapter uses Docker as an example to describe containers’ vulnerabilities and security risks. (mais…)
60 Cybersecurity Predictions For 2019
dezembro 4, 2018
Forbes – I’ve always been a loner, avoiding crowds as much as possible, but last Friday I found myself in the company of 500 million people. The breach of the personal accounts of Marriott and Starwood customers forced us to join the 34% of U.S. consumers who experienced a compromise of their personal information over […]
Cyber Defense eMagazine 2018 – Recidivist Hackers
dezembro 4, 2018
Cyber Defense Magazine – Recidivist is an interesting word. It means “a convicted criminal who reoffends, especially repeatedly.” The word had common usage in the last century although it started to fall into disuse the last 30 years or so. There isn’t another word that aptly describes the behavior identified in the NSFOCUS 2018 H1 […]
Personal Computer——Encrypted File Storage
dezembro 4, 2018
Case AnalysisCase Analysis If files are stored in the hard disk, they may be read by others stealing the computer. If files are put in an encrypted disk, others obtaining this disk must type the encryption password before viewing the files. This effectively prevents disclosure of important files. Security Tips/Takeaways Store sensitive files in an […]
Sample Analysis Report-3
novembro 26, 2018
1 Sample Introduction
1.1 Sample Type
The sample is a Trojan, which belongs to the Tsunami family. (mais…)
Wi-Fi Security——Automatic Connection to Wi-Fi
novembro 24, 2018
Case AnalysisCase Analysis When finding a bogus Wi-Fi hotspot with the same name as a legitimate one, smartphones also try to connect to it with the stored password. This gives hackers access to legitimate Wi-Fi networks. Security Tips/Takeaways Disable WLAN on smartphones and laptops when Wi-Fi is not used, in case the devices automatically connect […]
Adobe Flash Player Remote Code Execution Vulnerability Threat Alert
novembro 23, 2018
Overview
On November 20, 2018, local time, Adobe released a security advisory for documenting the remediation of a critical vulnerability in Adobe Flash Player. Successful exploitation of this vulnerability could allow attackers to remotely execute arbitrary code. (mais…)
Sample Analysis Report
novembro 22, 2018
1 Sample Introduction
1.1 Sample Type
This sample is a trojan, similar to Satori which is a Mirai variant. (mais…)
Technical Report on Container Security (II)-3
novembro 22, 2018
Container Basics — Container Networking
Container Networking
From the evolutionary history of cloud computing systems, the industry has reached a consensus that, while constant breakthroughs have been made to drive the maturation of computing virtualization and storage virtualization, network virtualization has lagged behind, becoming a major bottleneck that encumbers the fast growth of cloud computing. Such features as network virtualization, multitenancy, and hybrid clouds are posing brand new challenges of varying degrees to the security development of cloud networks. (mais…)
Telecom Exchange LA 2018: NSFOCUS Discusses 2017-18 Report on 27 Million Cyber Attackers
novembro 19, 2018
Telecom Exchange LA – Live from Telecom Exchange (TEX) LA 2018, we are pleased to be joined by Guy Rosefelt, Director, Threat Intelligence & Web Security for NSFOCUS. NSFOCUS is an iconic internet and application security company with over 18 years of proven industry experience. Mr. Rosefelt talks about the importance of focusing on low […]
