Análise de Ameaças

Uma imagem que ilustra o que é EDR.

EDR Security: o que é Detecção e Resposta de Endpoint? 

novembro 27, 2024 | Eduardo Guerra

Em um mundo cada vez mais digital, a segurança cibernética já é uma necessidade. E uma das tecnologias emergentes nesse campo é a Detecção e Resposta de Endpoint (EDR). Por isso, criamos este conteúdo a fim de desmistificá-lo, explicando desde a sua definição até os principais recursos e como a tecnologia pode ser um diferencial […]

2018 DDoS Attack Landscape-5

maio 8, 2019 | Adeline Zhang

3.3 DDoS Attack Duration 3.3.1 Attack Duration Distribution In 2018, the average duration of a DDoS attack was 42 minutes, down 17% from 2017. This indicates that DDoS attacks were upgraded in industrialization, weaponization, and efficiency and DDoS-as-aService gained momentum for fast growth. We noticed that the longest DDoS attack in 2018 lasted around 12 […]

Analysis of File Disclosure by APT34

maio 6, 2019 | Adeline Zhang

1 About APT34 APT34, exposed to the public view in 2014, mainly targets Middle Eastern countries and some international organizations. APT34 attacks a variety of sectors mainly in the Middle East, but not limited to finance, government, energy, chemical engineer, and telecommunications.

ADB.Mirai: New Mirai Botnet Variant Spreading via the ADB Debug Port

fevereiro 26, 2019 | Adeline Zhang

Overview At the beginning of 2019, the domestic and overseas security vendors have detected cryptominers that spread via Android devices with an open ADB debug port. Recently, NSFOCUS Fu Ying Labs has detected once more such botnets that can be used to launch distributed denial-of-service (DDoS) attacks. The sample analysis suggests that this botnet family […]

Adobe Security Bulletin for December 2018 Security Updates

dezembro 29, 2018 | Adeline Zhang

Overview On December 11, 2018 (local time), Adobe released security updates which address multiple vulnerabilities in Acrobat and Reader.

ThinkPHP Remote Code Execution Vulnerability Handling Guide

dezembro 17, 2018 | Adeline Zhang

1 Vulnerability Overview Recently, ThinkPHP posted a blog, announcing the release of an update that addresses a high-risk remote code execution (RCE) vulnerability. This vulnerability stems from the framework’s insufficient checks on controller names, which, in case forced routing is not enabled, would allow arbitrary code execution or even access to the server. ThinkPHP is […]

ThinkPHP 5.x Remote Code Execution Vulnerability Threat Alert

dezembro 13, 2018 | Adeline Zhang

Overview Recently, ThinkPHP posted a blog, announcing the release of an important update that addresses a critical vulnerability. This security update fixes a getShell vulnerability caused by the framework’s insufficient checks on controller names in case forced routing is not enabled. The vulnerability, which affects ThinkPHP 5.0 and 5.1, is fixed in the latest version.

Adobe Flash Player 0-Day Vulnerabilities Threat Alert

dezembro 11, 2018 | Adeline Zhang

Overview On December 5, 2018, local time, Adobe released a security bulletin to document the remediation of two vulnerabilities, namely a critical 0-day vulnerability (CVE-2018-15982) in Adobe Flash Player and an important vulnerability (CVE-2018-15983) in Adobe Flash Player installer.

“WeChat Pay” Ransomware Analysis and Decryption Tool

dezembro 10, 2018 | Adeline Zhang

Risk Overview Recently, over 20,000 PCs in China have fallen victim to WeChat Pay ransomware. Files on the affected devices are encrypted by the ransomware. To regain access to the files, users are asked to scan a WeChat QR code that appears in a pop-up window and pay 110 yuan (about $16) in ransom. So […]

Sample Analysis Report-3

novembro 26, 2018 | Adeline Zhang

1 Sample Introduction 1.1 Sample Type The sample is a Trojan, which belongs to the Tsunami family.