Mitigação DDoS

NSFOCUS Protected an IDC Customer Against Volumetric Mixed DDoS Attacks

junho 11, 2021 | Jie Ji

ABOUT CUSTOMER Based in APAC, company A provides comprehensive IDC services for the world’s top 500 as well as many small and medium enterprises. Other than server rental and hosting, company A also cooperates with NSFOCUS to provide server rental service with advanced protection against DDoS attacks. The investment in DDoS protection not only protects […]

Speech by Wenmao Liu of NSFOCUS: Research on New Vectors of UDP-based DDoS Amplification Attacks of IoT

junho 2, 2021 | Jie Ji

As the world’s largest cybersecurity industry conference, the RSA Conference held its 30th annual event in 2021. It has been a driving force behind sharing, innovation, and progress in the global cybersecurity community. NSFOCUS stood out at the RSA Conference 2021 by making a debut on the conference speech podium as a Chinese security vendor. […]

2020 DDoS Attack Landscape Report – 2

maio 31, 2021 | Jie Ji

Key Findings – 2 The Bandwidth of DDoS attacks in 5G Environments Grew Steadily. Small and Medium-sized Attacks Overtook Small Attacks to Become the Mainstream Over the five-year period from 2016 to 2020, the average peak size of DDoS attacks rose to a new level since the latter half of 2018 despite obvious fluctuations. Of […]

Analysis of the SBIDIOT IoT Malware

maio 21, 2021 | Jie Ji

Produced by: Yuchen PAN Introduction Recently, an IoT malware sample dubbed SBIDIOT is found to engage in malicious activities, mainly distributed denial of service (DDoS) attacks. So far, very few incidents of this malware have been discovered by VirusTotal and cybersecurity communities. Though some IoT botnets focus on cryptocurrency mining or fraud activities, SBIDIOT-related botnets […]

A Look into the Colonial Pipeline Hack by DarkSide on CII and Countermeasures

maio 13, 2021 | Jie Ji

Background On May 7, 2021, local time, Colonial Pipeline, the largest fuel pipeline operator in the USA, was forced to shut down its critical fuel network serving states on the US East Coast after being hit by a ransomware attack. This ransomware attack had fuel supply halted across three regions, affecting 17 states. On May […]

WebLogic Multiple Severe Vulnerabilities Threat Alert

maio 6, 2021 | Jie Ji

Vulnerability Description On April 21, 2021, NSFOCUS detected that Oracle released the April 2021 Critical Patch Update (CPU), which fixed 400 vulnerabilities of varying risk levels. Seven of these vulnerabilities are severe and easy to exploit and affect WebLogic. Users are advised to take measures without delay to protect against the preceding vulnerabilities. CVE-2021-2135: This […]

Principles and Characteristics of TCP Reflection Attacks

abril 28, 2021 | Jie Ji

Produced by: Siqi GUO, Qiwen LUO Increasingly Serious Reflection Attacks Reflection attacks, as nothing new, have become one of the most troublesome and common DDoS attacks and are dominant in bandwidth consumption DDoS attacks. According to NSFOCUS’s latest 2020 DDoS Attack Landscape, reflection attacks made up 34% of all DDoS attacks in 2020. Compared with […]

2020 DDoS Attack Landscape Report – 1

abril 20, 2021 | Jie Ji

Executive Summary In 2020, the total number of distributed denial-of-service (DDoS) attacks declined a little compared with 2019, probably attributable to effective governance and enhanced protection capabilities of Anti-DDoS products. Despite this, DDoS attacks intensified during the COVID-19 pandemic, especially for healthcare, government, and education sectors. January to April 2020 was a period when China […]

malware

‘FreakOut’ Malware Analysis – FreakOut Samples

março 16, 2021 | Jie Ji

Produced by: NSFOCUS Security Labs FreakOut samples appearing in the campaign were a typical IRC bot Trojan program written in Python. The Trojan program would connect to IRC channels in hardcoded C&C and act as instructed by C&C to collect information, launch DDoS attacks, interact with shells, and conduct ARP sniffing attacks. Also, it carried […]

malware

‘FreakOut’ Malware Analysis – Groups Behind FreakOut

março 15, 2021 | Jie Ji

Produced by: NSFOCUS Security Labs In early January 2021, NSFOCUS Security Labs captured an unknown malicious program called “out.py” via its real-time data platform, which is usually spread with the domain name “gxbrowser.net”. NSFOCUS Security Labs conducted an in-depth research on the samples and payloads of the malware and compared the malware with NSFOCUS threat […]