Brief Analysis and Solution | Virus Infection Shuts Down TSMC Factories

Taiwan Semiconductor Manufacturing Company (TSMC) is the world’s largest dedicated semiconductor and processor manufactor, manufacturing processors and other chips for the world’s largest science and technology companies including Apple, AMD, NVDIA and Qualcomm. In the evening of August 3, 2018, Beijing time, a technician’s improper operation during software installation caused […]

NSFOCUS Weekly Cybersecurity Report (ID: 201826)

Internet Threat Status CVE Statistics The number of new CVE IDs in last week was 193, a decrease compared with the previous week.   Threat Review   WPA3 Standard Officially Launches With New Wi-Fi Security Features (06-25-2018) The Wi-Fi Alliance today officially launched WPA3—the next-generation Wi-Fi security standard that promises […]

2017 DDoS and Web Application Attack Landscape

1 Introduction New Internet-based technologies and models, such as cloud computing, big data, Internet of Things (IoT), and mobile computing, are profoundly influencing transformations in the cyberspace. In this context, cyber threats keep evolving and upgrading. Distributed denial-of-service (DDoS) attacks and web application attacks are the main security threats facing […]

Technical Analysis Report on Rowdy, A New Type of IoT Malware Exploiting STBs

In August 2017, NSFOCUS’s DDoS situation awareness platform detected anoma-lous bandwidth usage over a customer’s network, which, upon analysis, was confirmed to be a distributed denial-of-service (DDoS) attack. The attack was characterized by different types of traffic, including TCP flood, HTTP flood, and DNS flood. Tracing source IP addresses, we […]

Struts 2 S2-052 REST Plug-in Remote Code Execution Vulnerability Analysis

Overview On September 5, 2017, Apache Struts released the latest security bulletin announcing that the REST plug-in in Apache Struts 2.5.x and some 2.x versions is prone to a high-risk remote code execution vulnerability, which has been assigned CVE-2017-9805 (S2-052). When using an XStream handler with an instance of XStream […]