Não Categorizado

Overview Microsoft released January 2021 security updates on Tuesday which fix 83 vulnerabilities ranging from simple spoofing attacks to remote code execution in various products, including .NET Repository, ASP.NET core & .NET core, Azure Active Directory Pod Identity, Microsoft Bluetooth Driver, Microsoft DTV-DVD Video Decoder, Microsoft Edge (HTML-based), Microsoft Graphics Component, Microsoft Malware Protection Engine, […]

0x00 Overview PowerShell has been a focus of concern for network defense. The fileless PowerShell, featuring LotL and excellent ease of use, is widely used in various attack scenarios. In order to capture PowerShell-based attacks, an increasing number of security professionals tend to, through PowerShell event log analysis, extract attack records such as post-exploitation data […]

The artificial intelligence (AI) technology based on deep neural networks has made breakthroughs in a wide range of fields, but only seen limited adoption in cybersecurity. At present, it is impractical to expect a hierarchical neural network to implement threat identification, association, and response from end to end. According to Zhou Tao, an algorithm expert, […]

DHDiscover reflection attack analysis In this chapter, we’ll demonstrate the threat status quo of DHDiscover reflection attack after referring to log data captured by the NSFOCUS Threat Capture System[AZ1]  from June 1, 2020 to August 18, 2020 at the port 37810. We analyzed the number of logs at the port 37810 as shown in the […]

1. Abstract In March 2020, Tencent published an article about a DVR being used for reflection attacks. Service port of this DVR is 37810, we named it DHDiscover service as there was DHDiscover shown in it. In the reflection attacks captured by Tencent, the scale of attack traffic exceeded 50G, and the reflection source regions […]

This document dwells upon function identification and symbol porting in reverse engineering of Internet of things (IoT) devices without using BinDiff and PatchDiff2, which are “too good” for the purposes here and are inapplicable in certain scenarios. Typical function identification technologies include the Fast Library Identification and Recognition Technology (FLIRT) in IDA and the rizzo […]

Biological virus and computer virus share similarities in some characters such as transmissibility. From the solutions to the COVID-19, we can learn the gain and loss of cyber security defense and protection, analyze the new trends and techniques and come up with the new ideas of defense and protection against attacks in the cyber security […]

2020 is almost halfway through, it is indeed a troubled period. Covid-19 swept all over the world in just a few months. The epidemic continues to spread and repeat, and has also changed many people’s inherent perceptions, including health care, public safety, organizational mobilization, economics and politics. The concept of computer virus is derived from […]

01 Overview of the Vulnerability Trend In 2020 H1, a total of 1419 vulnerabilities were added to the NSFOCUS Vulnerability Database (NSVD), 714 of which were high-risk vulnerabilities. Among these high-risk vulnerabilities, 184 vulnerabilities were Microsoft-related ones. High-risk vulnerabilities were mainly distributed in major products of Microsoft, Oracle, Adobe, Google, Cisco, IBM, Moxa, Apache, etc. […]

Executive Summary OpenVPN is an application layer VPN implementation based on the OpenSSL library and serves over port 1194. In September 2019, OpenVPN was found to be vulnerable to UDP reflection attacks. This document analyzes threat exposure of the entire network, common attack means, and the bandwidth amplification factor (BAF) of reflection attacks via the […]