JSOC INSIGHT vol.18 English Edition

"JSOC INSIGHT" is an analysis report on the trend of security incidents, such as unauthorized access and malware infection, in Japan, based on daily analysis results by our JSOC security analysts. Since this report analyzes the trends in attacks, based on the data of incidents which JSOC customers actually encountered, the report will help in understanding world trends as well as actual threats that Japanese users are facing.

JSOC INSIGHT vol.18 contains below topics.

• New vulnerabilities found in Apache Struts 2
• Cyber-attacks intended for cryptocurrency mining

Contents

1. Preface
2. Executive Summary
3. Trends in Severe Incidents at the JSOC
    3.1 Trends in severe incidents
    3.2 Types of traffic to pay attention to
4. Topics of This Volume
    4.1 Multiple arbitrary code execution vulnerabilities in Apache Struts 2
     4.1.1 JSOC-detected incident examples
     4.1.2 Countermeasures against the vulnerabilities
    4.2 Increasing offensive traffic intended for cryptocurrency mining
     4.2.1 Observations
     4.2.2 Mining attack overview
     4.2.3 Large-scale mining attacker
     4.2.4 Conclusion

Conclusion