Brains vs. Brawn – Cracking the Seventh Layer

By: Rishi Agarwal, Chief Evangelist, NSFOCUS

When the news reports on DDoS attacks, it is generally referring to large-scale network attacks that are focused on Layer 3 and 4 of the network stack. However, from a mitigation point of view, network layer attacks are not sophisticated. The ability to mitigate this type of attack always comes down to a simple question: who has more network capacity, the attacker or the mitigation service?

On the other hand, the application/Layer 7 attack is a completely different animal. When defending against these stealthy and complex methods, success does not depend on how big you are, but rather how smart your security technology is and how well it can be utilized.

Read More »

Analysis of WordPress SQL Injection and Privilege Escalation Vulnerability

By: Junli Shen, Network Offensive and Defensive Researcher, NSFOCUS

Analysis of Core WordPress SQL Injection Vulnerability

As a Threat Response Center (TRC) researcher, I conducted a thorough analysis on the “Core WordPress SQL Injection Vulnerability” (CVE-2015-5623 and CVE-2015-2213).

Read More »

Junli Shen

Junli Shen(I.D: tang3), Network Offensive and Defensive researcher at NSFOCUS, mainly engaged  in web security attack and defense technology research.

How DDoS Attacks have Evolved in the Last Two Decades

By: Zujun Xu, Senior Security Consultant, NSFOCUS

The Current State of DDoS attacks

It has been 20 years passed since the first DDoS attack. Many variants appeared during this period of time, such as DDRoS, which has the same result as DDoS attacks, to disrupt the availability of the target host and their services. DDoS protection techniques also continue improving to defence the new types of DDoS attacks. Moreover the technology of DDoS defences requires further development and improvement not just to face the up-coming challenging DDoS attacks but also be suitable to interact with the other new technology.  For example, the so-called hybrid solution has been introduced to encounter the challenges met with either an on premise only or an in-cloud only solution.

Read More »


NSFOCUS wowed the audiences @WHD.AU

Carrying on the continuous success in introducing Anti-DDoS solutions to Australian audiences, NSFOCUS participated again at the 2015 World Hosting Days (WHD) conference in Sydney, Australia last month.

Read More »