Pesquisas e Relatórios

Security Knowledge Graph – APT Group Profiling and Attribution

agosto 5, 2022 | Jie Ji

The security knowledge graph, a knowledge graph specific to the security domain, is the key to realizing cognitive intelligence in cyber security, and it also lays an indispensable technological foundation for dealing with advanced, continuous and complex threats and risks in cyberspace. NSFOCUS will publish a series of articles about the application of the security […]

SASE: The Relationship Between SD-WAN and SASE

maio 2, 2022 | Jie Ji

Last time we talked about the powerful features and rich usage scenarios of SD-WAN (SASE Popular Science Series: Understanding SD-WAN), what about the relationship between such a powerful SD-WAN and NSFOCUS SASE? This starts with the challenges faced by enterprises today…… Current Problems Faced by Enterprises Single node deployment security capacities, causing network congestion With […]

7 Gbps TCP-Middlebox-Reflection Incident Mitigated by NSFOCUS

abril 29, 2022 | Jie Ji

In mid-April, NSFOCUS discovered that one of its Cloud DDoS Protection Service customer in APAC region has encountered a TCP-middlebox-reflection attack which became popular throughout the world during past months after its first discourse in Aug, 2021. The attack reached its peak at 7Gbps and lasted for several hours, after immediate reaction by NSFOCUS Managed […]

Information Collection Technology of Cloud Native Environment (I)

março 31, 2022 | Jie Ji

Abstract Information collection is a very important part of both attack and defense, and high-quality information collected is the basis and premise of follow-up work. However, fragmentary information and the complex composition of cloud native itself bring certain challenges to information collection in cloud native environment. This series of posts will share ideas and methods […]

Threat Analysis

Thoughts on Encrypted Traffic Detection in the Era of Encrypt Everything

março 24, 2022 | Jie Ji

Background With the wide application of encryption technology and the continuous development of new network technology, the network structure becomes more and more complex and the encrypted traffic explodes. Furthermore, as the evolution and promotion of encryption protocols such as TLS1.3, the era of full encryption is silently coming. When protecting users’ privacy, encryption technology […]

How to Monitor Threat Traffic in Cloud Environment ?

março 22, 2022 | Jie Ji

Background The public cloud has become the hardest hit by cyberattacks. This article gives you an effective threat monitoring proposal by using VPC traffic mirror. Traffic Mirror In the traditional network environment, the data communications between devices are realized via cables or wireless networks. We can completely divert the traffic to the bypass monitoring device […]

Security Risks of 5G Core Network Introduced by New Technology

março 8, 2022 | Jie Ji

Intro This article cuts into 5G from the key technologies of 5G networks and discusses the security risks facing 5G networks. Today, 5G networks have achieved performance goals, namely high speed, low latency, and large capacity, and have started a new chapter for communications between mobile devices. Further, 5G will also empower vertical industries such […]

OBSERVATIONS OF SECURITY EVENTS IN 2021 – Conclusion of Yesterday for a Better Tomorrow

março 2, 2022 | Jie Ji

Intro 2021 witnessed a complex and changeable network security situation. Large-scale and targeted cyber attacks continue to grow. Critical information infrastructure is still the hardest hit area. Data leakages and industrial supply chain attacks occur frequently. While emerging technologies such as Big Data, Internet of Things, Artificial Intelligence and Mobile Payment boost the transformation and […]

Highlights of 2021 Security Emergency Incident Observations

fevereiro 23, 2022 | Jie Ji

Intro The world of cybersecurity is rapidly changing and technologies continue to evolve and innovate. While emerging technologies on big data, Internet of Things, artificial intelligence, mobile payment, just name a few, are helping digital transformation, new security risks expose constantly. Security incidents handled by NSFOCUS emergency response team in 2021 reaches 438, an increase […]

APT Lorec53 group launched a series of cyber attacks against Ukraine

fevereiro 21, 2022 | Jie Ji

Overview Recently, NSFOCUS Security Labs captured a large number of phishing files against Ukraine in format of pdf, doc, cpl, lnk and other types. After analysis, we confirmed that the series of phishing activities came from the APT group Lorec53. During the period from the end of 2021 to February 2022, this group used multiple […]