Collaborate Disseminate
CVE-2021-1675, a Windows Print Spooler vulnerability that Microsoft patched in June 2021, presents a much greater danger than initially thought: researchers have proved that it can be exploited to achieve remote code execution and – what’s … Continue reading PoC for critical Windows Print Spooler flaw leaked (CVE-2021-1675)
Botnets in 2018 continued to use DDoS as their primary weapon to attack high-speed networks, according to NSFOCUS. Continuous monitoring and research of botnets discovered significant changes taking place in the coding of malware used to create bots, o… Continue reading Botnets shift from Windows towards Linux and IoT platforms
We are pleased to announce that the multisandbox project has partnered with NSFOCUS POMA. This brings VirusTotal up to six integrated sandboxes. The NSFOCUS sandbox gives us insight into the behaviour of samples that run on Windows 7 and XP SP3.In thei… Continue reading VirusTotal Multisandbox += NSFOCUS POMA
There is a direct correlation between cryptocurrency and DDoS attacks. As the price of cryptocurrency dropped in 2018, leading to decreased profits from cryptomining, hackers on the black market began to divert prime botnet resources to DDoS attack act… Continue reading The correlation between DDoS attacks and cryptomining
In a new report, NSFOCUS introduced the IP Chain-Gang concept, in which each chain-gang is controlled by a single threat actor or a group of related threat actors and exhibit similar behavior among the various attacks conducted by the same gang. IP Gan… Continue reading Researchers analyze DDoS attacks as coordinated gang activities
NSFOCUS released its H1 Cybersecurity Insights report, which analyzed traffic from January 1, 2018 to June 30, 2018. Crypto miners Since the end of March, the number of crypto mining activities has risen sharply compared to the beginning of 2018. Among… Continue reading USA and China identified as top cyber attack sources
NSFOCUS announced the launch of NSFOCUS Exposed Internet Surface Analysis (EISA), a new capability to address the cyber security risk faced by organizations today. EISA identifies malicious activity of rogue IPs, ports and services that might be compro… Continue reading NSFOCUS introduces new capability to identify cyber risk exposure
Cyber attacks aren’t slowing down – in fact, 76 percent of organizations have experienced a breach within the last two years. Enterprises of all sizes, across every industry, are challenged to respond to increasingly complex and severe attacks – often only learning about the size, severity, and type of incident they’re dealing with as their security teams work to stop them. Many organizations continue to maintain a reactive approach – implementing stand-alone point solutions that … More → Continue reading Moving toward an intelligent hybrid security model
This past May, the Internet was abuzz about a report by the Government Accountability Office (GAO) highlighting a number of outdated “legacy systems” still in use across the U.S. government. According to the report, “The Strategic Automated Command and Control System coordinates the operational functions of the United States’ nuclear forces, such as intercontinental ballistic missiles, nuclear bombers, and tanker support aircrafts. This system runs on an IBM Series/1 Computer—a 1970s computing system—and uses 8-inch … More → Continue reading Unsung cybersecurity vulnerabilities in US infrastructure and utilities
One of the most concerning characteristics of the Godless malware is the ability to receive remote instructions on which app to download and install on mobile devices, without the user’s knowledge. This is called command and control (C&C). Being a DDoS subject matter expert, I believe this has the makings of something more insidious than malicious ads. Nearly one million infected Android devices connected to 4G LTE networks offers some serious firepower for a botnet … More → Continue reading Godless Android malware offers serious firepower to a botnet herder