Technical Analysis and Solution of WebLogic Server (WLS) Component Vulnerability

''

Overview Recently, NSFOCUS has received a slew of reports from customers in the finance, telecom, and Internet sectors on similar security events. Through analysis, NSFOCUS believes that these events are all associated with the malware-infected WebLogic Server (WLS) host. Specifically, attackers exploit the WLS component vulnerability (CVE-2017-10271) to attack the […]

Miner Virus Attacked Large Numbers of WebLogic Hosts Recently

''

On the 15th this month, K.Orange twittered a message, saying that unpatched WebLogic has a vulnerability that could be employed by attackers using a “watch-smartd” program. Recently NSFOCUS received requests from customers in many industries (finance, telecom carriers, the Internet companies and so on) asking for emergence response service as […]

IcedID Banking Trojan Sample Technical Analysis and Solution

''

IcedID Banking Trojan Sample Technical Analysis and Solution Date of Release: November 17, 2017 Overview Recently, the IBM X-Force research team discovered a brand new banking Trojan dubbed IcedID. This Trojan was first found spreading in the wild in September 2017, mainly targeting systems used in the financial sectors of […]

Technical Analysis Report on Rowdy, A New Type of IoT Malware Exploiting STBs

''

In August 2017, NSFOCUS’s DDoS situation awareness platform detected anoma-lous bandwidth usage over a customer’s network, which, upon analysis, was confirmed to be a distributed denial-of-service (DDoS) attack. The attack was characterized by different types of traffic, including TCP flood, HTTP flood, and DNS flood. Tracing source IP addresses, we […]

Past and Present of Underground Network Industry

''

The underground network industry has a long history and extensive coverage. What happened throughout its history? This document presents the definition, category, means, and examples of the underground network industry, as well as protection measures. Overview What is Underground Industry? Underground industry is a general name for a wide variety […]

Analysis and Solution of Spring Data REST Server PATCH Request RCE Vulnerability

''

  Overview Recently, Pivotal released a security advisory to reveal the Spring Data REST server is prone to a remote code execution vulnerability (CVE-2017-8046) when processing PATCH requests. Attackers could exploit this vulnerability by sending a crafted PATCH request to the Spring Data REST server. The submitted JSON data contains […]