Citrix Multiple High-Risk Vulnerabilities Threat Alert
julho 21, 2020
Vulnerability Description
Recently, NSFOCUS detected that Citrix had released a security bulletin on the remediation of 11 vulnerabilities in Citrix Application Delivery Controller (ADC), Citrix Gateway, and Citrix SD-WAN WANOP. Details are as follows:
(mais…)Botnet Trend Report -2
julho 20, 2020
2019 witnessed frequent breakout of cybersecurity events, in which malware played an important role, exhibiting an eye-popping power of destruction with botnets.
At the end of 2018, Driver Talent suffered a supply chain attack as a result of its upgrade channel being planted with a Monero mining trojan, which, once breaking into a computer, would spread laterally via the EternalBlue exploit to infect more computers. The impact of this attack could still be felt in 2019, giving rise to a slew of emergencies.
(mais…)Information Security in the Workplace- Illegal Internet Connection-v
julho 17, 2020
With the advancement of IT-based transformation and the rapid development of IT, various network technologies have seen more extensive and profound applications, along with which come a multitude of cyber security issues. Come to find out what information security issues you should beware of in the workplace.
(mais…)IP Reputation Report-07122020
julho 16, 2020
1. Top 10 countries in attack counts:
- The above diagram shows the top 10 regions with the most malicious IP addresses from the NSFOCUS IP Reputation databases at July 12, 2020.
2019 Cybersecurity Insights -11
julho 15, 2020
Cryptomining Traffic
Based on all sorts of security alert data from NSFOCUS Managed Security Service (MSS), we made a quantitative analysis of cryptomining activities and hosts in enterprises in 2019 and found that the cryptomining topicality is positively correlated with the cryptomining market trend.
Design of Protection Against HTTPS-Targeted DDoS Attacks
julho 14, 2020
As more and more Internet business is switched to the encrypted HTTPS from the plaintext HTTP, distributed denial of service (DDoS) attacks against HTTPS are also on the rise, including attacks targeting the SSL/TLS handshake and HTTPS services. Protecting against HTTPS-targeted DDoS attacks has always been a hard nut to crack within the industry. This document describes the working principle and harm of this kind of attacks as well as the protection design and practices.
(mais…)Botnet Trend Report 1
julho 13, 2020
Executive Summary
With the rapid advancement of computer technologies and more and more network devices joining the Internet, the global Internet has expanded at an unbelievably high speed. However, efforts made in enhancing cybersecurity are lagging far behind the growth of the Internet, leaving an ever-growing gap in between. Many cybercrime groups and individuals are trying to take hold of insufficiently secured network resources and turn them into botnet clusters for the purpose of garnering illegal profits.
(mais…)2019 Cybersecurity Insights -10
julho 10, 2020
Second Largest Gang by the Number of Attack Sources
The second largest gang in terms of the number of attack sources generated the largest traffic. This gang had 23,000 recidivists and favored volumetric SYN flood attacks. According to historical attack records, 99.54% of recidivists had resorted to this kind of attack. This gang stayed active from January to October and was at its busiest in May.
Figure 5-14 shows the monthly quantity trend of attack sources and attack targets of this gang. We can see that this gang remained active from January to October, having more attack sources in January, April, May, and June. On average, 6000 active attack sources launched attacks against seven targets each month.
(mais…)IP Reputation Report-07052020
julho 9, 2020
1.Top 10 countries in attack counts:
- The above diagram shows the top 10 regions with the most malicious IP addresses from the NSFOCUS IP Reputation databases at July 5, 2020.
2019 Cybersecurity Insights -9
julho 8, 2020
In 2019, 7% of recidivists1 were responsible for 78% of DDoS attacks. Obviously, recidivists are too menacing to overlook. Several groups of DDoS recidivists often work together to initiate attacks. Such groups are collectively referred to as an “IP gang”. In 2019, a total of 60 DDoS gangs were detected, including 15 ones that contained more than 1000 attack sources. The largest gang, formidably, consisted of 88,000 attack sources. On average, 35,000 attack sources remained active every month. Therefore, we should keep vigilant on gang behavior and attack gangs. In this section, we will profile and analyze major attack gangs.
(mais…)