PoC for critical Windows Print Spooler flaw leaked (CVE-2021-1675)

CVE-2021-1675, a Windows Print Spooler vulnerability that Microsoft patched in June 2021, presents a much greater danger than initially thought: researchers have proved that it can be exploited to achieve remote code execution and – what’s … Continue reading PoC for critical Windows Print Spooler flaw leaked (CVE-2021-1675)

Botnets shift from Windows towards Linux and IoT platforms

Botnets in 2018 continued to use DDoS as their primary weapon to attack high-speed networks, according to NSFOCUS. Continuous monitoring and research of botnets discovered significant changes taking place in the coding of malware used to create bots, o… Continue reading Botnets shift from Windows towards Linux and IoT platforms

VirusTotal Multisandbox += NSFOCUS POMA

We are pleased to announce that the multisandbox project has partnered with NSFOCUS POMA. This brings VirusTotal up to six integrated sandboxes. The NSFOCUS sandbox gives us insight into the behaviour of samples that run on Windows 7 and XP SP3.In thei… Continue reading VirusTotal Multisandbox += NSFOCUS POMA

The correlation between DDoS attacks and cryptomining

There is a direct correlation between cryptocurrency and DDoS attacks. As the price of cryptocurrency dropped in 2018, leading to decreased profits from cryptomining, hackers on the black market began to divert prime botnet resources to DDoS attack act… Continue reading The correlation between DDoS attacks and cryptomining

Researchers analyze DDoS attacks as coordinated gang activities

In a new report, NSFOCUS introduced the IP Chain-Gang concept, in which each chain-gang is controlled by a single threat actor or a group of related threat actors and exhibit similar behavior among the various attacks conducted by the same gang. IP Gan… Continue reading Researchers analyze DDoS attacks as coordinated gang activities

USA and China identified as top cyber attack sources

NSFOCUS released its H1 Cybersecurity Insights report, which analyzed traffic from January 1, 2018 to June 30, 2018. Crypto miners Since the end of March, the number of crypto mining activities has risen sharply compared to the beginning of 2018. Among… Continue reading USA and China identified as top cyber attack sources

Moving toward an intelligent hybrid security model

Cyber attacks aren’t slowing down – in fact, 76 percent of organizations have experienced a breach within the last two years. Enterprises of all sizes, across every industry, are challenged to respond to increasingly complex and severe attacks – often only learning about the size, severity, and type of incident they’re dealing with as their security teams work to stop them. Many organizations continue to maintain a reactive approach – implementing stand-alone point solutions that … More Continue reading Moving toward an intelligent hybrid security model

Unsung cybersecurity vulnerabilities in US infrastructure and utilities

This past May, the Internet was abuzz about a report by the Government Accountability Office (GAO) highlighting a number of outdated “legacy systems” still in use across the U.S. government. According to the report, “The Strategic Automated Command and Control System coordinates the operational functions of the United States’ nuclear forces, such as intercontinental ballistic missiles, nuclear bombers, and tanker support aircrafts. This system runs on an IBM Series/1 Computer—a 1970s computing system—and uses 8-inch … More Continue reading Unsung cybersecurity vulnerabilities in US infrastructure and utilities

Godless Android malware offers serious firepower to a botnet herder

One of the most concerning characteristics of the Godless malware is the ability to receive remote instructions on which app to download and install on mobile devices, without the user’s knowledge. This is called command and control (C&C). Being a DDoS subject matter expert, I believe this has the makings of something more insidious than malicious ads. Nearly one million infected Android devices connected to 4G LTE networks offers some serious firepower for a botnet … More Continue reading Godless Android malware offers serious firepower to a botnet herder