JSOC INSIGHT vol.20 English Edition

"JSOC INSIGHT" is an analysis report on the trend of security incidents, such as unauthorized access and malware infection, in Japan, based on daily analysis results by our JSOC security analysts. Since this report analyzes the trends in attacks, based on the data of incidents which JSOC customers actually encountered, the report will help in understanding world trends as well as actual threats that Japanese users are facing.

JSOC INSIGHT vol.20 contains below topics.

• Explosion of file upload attempts against WordPress plugins
• Arbitrary code execution vulnerability in PHPUnit

Contents

1. Preface
2. Executive Summary
3. Trends in Severe Incidents at the JSOC
    3.1 Trends in severe incidents
    3.2 Types of traffic to pay attention to
4. Topics of This Volume
    4.1 Explosion of file upload attempts against WordPress plugins
     4.1.1 Vulnerabilities exploited
     4.1.2 Changes in the number of attacks detected
     4.1.3 Files uploaded
     4.1.4 Investigating the impact of attacks and the countermeasures for such
    4.2 Arbitrary code execution vulnerability in PHPUnit
     4.2.1 Testing the vulnerability
     4.2.2 Examples of attacks detected that exploited the vulnerability
     4.2.3 Countermeasures against the vulnerability
5. Fiscal Year 2017 Trend Summary
    5.1 FY2017 Summary
    5.2 Severe incidents related to attacks from the Internet
    5.3 Severe incidents that occurred in intra-networks
6. Conclusion