郝秀文 – 绿盟科技技术博客

Analysis on Exposed IoT Assets in China

2017-05-21郝秀文Analysis on Exposed IoT Assets in China, Chinese territory, EnglishVersion, IoT, NTI, Research Methodology

With the maturity of sensing, computing, and communication technologies, the Internet of Things (IoT) will be more and more widely used in various industries. Gartner, a market research agency, predicts that endpoints of the IoT will grow at a 33% CAGR from 2015 through 2020, reaching an installed base of 20.4 billion units, with almost two-thirds of them consumer applications. Spending on networked consumer and business endpoints will displace non-networked, growing at a 20% CAGR to $2.9 trillion.

Analysis Report on the WannaCry Sample

2017-05-17郝秀文Attack Location, Detection Method, EnglishVersion, Main Functions, NSFOCUS, NSFOCUS Detection Services, Sample Analysis, WannaCry Sample

The sample exploits the ETERNALBLUE SMB vulnerability or DOUBLEPULSAR backdoor for propagation and infection of the ransomware. The sample first connects to the domain name http://www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.com, to test network connectivity. If the network is reachable, the sample exits; otherwise, the sample carries out subsequent behaviors. Therefore, a reachable domain name can be registered to stop further attacks.

Firefox Remote Code Execution Vulnerability Technical Analysis and Solution

2016-12-08郝秀文EnglishVersion, Firefox Remote Code Execution Vulnerability, Unaffected Versions, Vendor Solutions, Vulnerability Analysis

On November 30, 2016, Mozilla Firefox released an emergency update on its official website to fix a vulnerability assigned CVE-2016-9079.