记录黑客技术中优秀的内容, 传播黑客文化,分享黑客技术精华

Analysis on Exposed IoT Assets in China

阅读: 102With the maturity of sensing, computing, and communication technologies, the Internet of Things (IoT) will be more and more widely used in various industries. Gartner, a market research agency, predicts that endpoints of the IoT will grow at a 33% CAGR from 2015 through 2020, reaching an installed base of 20.4 billion units, with almost two-thirds of
发布时间:2017-05-22 11:15 | 阅读:120370 | 评论:0 | 标签:安全报告 Analysis on Exposed IoT Assets in China Chinese territo

Analysis Report on the WannaCry Sample

阅读: 49The sample exploits the ETERNALBLUE SMB vulnerability or DOUBLEPULSAR backdoor for propagation and infection of the ransomware. The sample first connects to the domain name http://www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.com, to test network connectivity. If the network is reachable, the sample exits; otherwise, the sample carries out subsequent b
发布时间:2017-05-18 05:45 | 阅读:319177 | 评论:0 | 标签:安全报告 Attack Location Detection Method EnglishVersion Main Fu

2016 DDoS Threat Trend

阅读: 54In this report, we present a multi-dimensional analysis of DDoS attack data and botnet data and summarize and analyze typical attack events in 2016, revealing threats of DDoS attacks and the overall threat trend in 2016.文章目录1 Overview of DDoS Trend in 2016DDoS Attack Trend in 2016Attack Count and Peak TrafficAttack Count and TrafficDistribution of Peak
发布时间:2017-04-21 22:00 | 阅读:114478 | 评论:0 | 标签:安全报告 Attack Count and Peak Traffic Attack Type Analysis DDoS

Microsoft Windows Server 2003 R2 IIS 6.0 Remote Code Execution Technical Analysis and Solution

阅读: 0On March 37, Zhiniang Peng and Chen Wu disclosed the Internet Information Services (IIS) 6.0 WebDAV remote code execution vulnerability, which has been assigned CVE-2017-7269 and CNNVD-201703-1151. This vulnerability, which could cause buffer overflows, is associated with the ScStoragePathFromUrl function in the WebDAV service in IIS 6.0 in Microsoft Wi
发布时间:2017-04-03 13:50 | 阅读:198840 | 评论:0 | 标签:安全报告 EnglishVersion Microsoft Windows Server 2003 R2 IIS 6.0

Dridex Banking Malware Sample Technical Analysis and Solution

阅读: 0IBM’s X-Force security team recently discovered an updated version of Dridex, called Dridex v4. Dridex is one of the most popular banking trojans. It was first spotted in 2014 when it was viewed as the successor of GameOver ZeuS (GoZ) because it uses GoZ-related techniques. An important improvement in Dridex v4 is that it evades detection antiviru
发布时间:2017-03-24 01:15 | 阅读:168080 | 评论:0 | 标签:安全报告 Dridex Dridex Banking Malware EnglishVersion IBM's X-Fo

Apache Struts 2 Remote Code Execution Vulnerability (S2-046) Technical Analysis and Solution

阅读: 0In the wee hours of March 21, Apache Struts 2 released a security bulletin, announcing a remote code execution (RCE) vulnerability in the Jakarta Multipart parser, which has been assigned CVE-2017-5638. An attacker could exploit this vulnerability to trigger an exception by setting the filename field in Content-Disposition maliciously or the Content-Len
发布时间:2017-03-24 01:15 | 阅读:193543 | 评论:0 | 标签:安全报告 Apache Struts 2 Remote Code Execution Vulnerability Apa

Dahua Cameras Unauthorized Access Vulnerability Technical Analysis and Solution

阅读: 0Recently, Dahua Technology, a well-known security camera and digital video recorder (DVR) vendor in China, released firmware updates to address a serious security issue in certain products. Before the vendor made an official statement on this issue, however, a security researcher named Bashis said that this vulnerability seemed to be a backdoor intentio
发布时间:2017-03-18 10:35 | 阅读:252368 | 评论:0 | 标签:威胁通报 About NSFOCUS Dahua Cameras Unauthorized EnglishVersion

Apache Struts2 Remote Code Execution Vulnerability (S2-045) Technical Analysis and Solution

阅读: 1Apache Struts2 is prone to a remote code execution vulnerability (CNNVD-201703-152) in the Jakarta Multipart parser plug-in. When uploading a file with this plug-in, an attacker could change the value of the Content-Type header field of an HTTP request to trigger this vulnerability, causing remote code execution.For details, visit the following link:htt
发布时间:2017-03-10 05:50 | 阅读:202784 | 评论:0 | 标签:安全报告 About NSFOCUS Apache Struts2 EnglishVersion NSFOCUS Thr

Hadoop Hit by Ransom Attack

阅读: 16Recently, some hacker organizations have turned their eyes to ransom attacks targeting certain products. As of last week, hacker organizations had taken control of and wiped data from at least 34,000 MongoDB databases, asking for a ransom to return the stolen files. 文章目录OverviewWhat Is Hadoop?Ransom Attack PatternProtection MeasuresAbout NSFOCUSOvervie
发布时间:2017-02-24 18:05 | 阅读:116581 | 评论:0 | 标签:安全报告 About NSFOCUS EnglishVersion Hadoop Hit by Ransom Attac

Power Outage Caused by the Cyber Attack on Ukrenergo Technical Analysis and Solution

阅读: 27Ukrenergo, a major energy provider in Ukraine, experienced a power failure on the night of December 17, 2016, which involved the automatic control system of the “North” substation in New Petrivtsi close to Kiev. The blackout affected the northern part of Kiev, the country’s capital, and surrounding areas.文章目录OverviewHistorical Attacks
发布时间:2017-02-24 18:05 | 阅读:202936 | 评论:0 | 标签:漏洞分析 Attack Location EnglishVersion Historical Attacks on Uk

ElasticSearch Hit by Ransom Attack

阅读: 9Over 34,000 vulnerable MongoDB databases were hit by a ransom attack. Data were erased from these databases and ransoms were requested for returning data. Then on Jan 18th 2017, several hundreds of ElasticSearch servers were hit by a ransom attack within a few hours. 文章目录OverviewAbout ElasticSearchElasticSearch Server DeploymentlasticSearch RiskProtecti
发布时间:2017-02-24 18:05 | 阅读:175845 | 评论:0 | 标签:漏洞分析 ElasticSearch ElasticSearch Hit by Ransom Attack Elasti

German Internet Outage on November 27 Technical Analysis and Solution

阅读: 75On November 27 (Sunday), at around 17:00 (local time), Deutsche Telekom was hit by a cyberattack, resulting in more than 900,000 routers getting disconnected, as confirmed by the company. The outage lasted several hours. Later, the problems continued on Monday morning from 08:00. Besides network access, the affected routers are used by Deutsche Telekom
发布时间:2016-12-16 00:35 | 阅读:255504 | 评论:0 | 标签:安全报告 Detailed Analysis EnglishVersion German Internet Outage

2016 NSFOCUS Security Report Regarding Network Video Surveillance Systems

阅读: 20With the robust development of the Internet of Things (IoT), more and more security issues are found with IoT devices. These imminent threats, especially those from network video surveillance systems (NVSSs) that account for a large majority of IoT devices, have drawn attention from security professionals from home and abroad. (In this paper, network v
发布时间:2016-12-09 19:20 | 阅读:165120 | 评论:0 | 标签:安全报告 2016-nsfocus-security-report-regarding-network-video-su

NSFOCUS 2016 Q3 Report on DDoS Situation and Trends

阅读: 8In Q3, the global distributed denial-of-service (DDoS) attacks increased by 40%.In Q3, a total of 71,416 DDoS attacks were detected, up 40% from Q2 (50,988).The proportion of low-volume DDoS attacks increased by 10.8% and that of and high-volume DDoS attacks decreased by 6.7%.20–50 Gbps medium-volume DDoS attacks and 50–300 Gbps high-volume DDos attacks
发布时间:2016-12-09 19:20 | 阅读:257621 | 评论:0 | 标签:安全报告 About NSFOCUS Attack Duration Attack Type Distribution

Nginx Local Privilege Escalation Vulnerability Technical Analysis and Solution

阅读: 3On November 15, 2016 (local time), legalhackers.com released an advisory about a privilege escalation vulnerability, assigned CVE-2016-1247, found in the Nginx server. Nginx web server packaging on Debian-based distributions, such as Debian or Ubuntu, was found to allow creating log directories with insecure permissions. Attackers could exploit this sec
发布时间:2016-12-09 02:45 | 阅读:168335 | 评论:0 | 标签:漏洞分析 About NSFOCUS EnglishVersion INC Nginx NSFOCUS Vendor S

Firefox Remote Code Execution Vulnerability Technical Analysis and Solution

阅读: 6On November 30, 2016, Mozilla Firefox released an emergency update on its official website to fix a vulnerability assigned CVE-2016-9079. This vulnerability is a use-after-free vulnerability in the SVG animation module. When a user uses Firefox to browse a page that contains malicious JavaScript and SVG code, an attacker could exploit this vulnerability
发布时间:2016-12-09 02:45 | 阅读:160674 | 评论:0 | 标签:漏洞分析 About NSFOCUS EnglishVersion Firefox Remote Code Execut

公告

关注公众号hackdig,学习最新黑客技术

推广

工具

标签云