Blog

Adobe Releases November’s Security Updates Threat Alert

November 28, 2020 | Mina Hao

Overview On November 11, 2020 (local time), Adobe released security updates which address multiple vulnerabilities in Adobe Connect and Adobe Reader Mobile.

SaltStack Multiple Vulnerabilities (CVE-2020-16846, CVE-2020-17490, CVE-2020-25592) Threat Alert

November 27, 2020 | Mina Hao

Overview Recently, SaltStack released a security update to address multiple vulnerabilities (CVE-2020-16846, CVE-2020-17490, CVE-2020-25592). These vulnerabilities can cause authentication bypass and command execution. SaltStack recommends users upgrade as soon as possible. Salt is an open-source IP architecture management solution written in Python. It has been widely used in data centers worldwide.

IP Reputation Report-11222020

November 26, 2020 | Mina Hao

1. Top 10 countries in attack counts: The above diagram shows the top 10 regions with the most malicious IP addresses from the NSFOCUS IP Reputation databases at November 22, 2020.

Annual IoT Security Report 2019-6

November 25, 2020 | Mina Hao

Identification of IoT Assets from Known IPv6 Addresses The preceding section gives a brief account of difficulties in the blind-scan of IPv6 addresses. To work around these problems, we based our recon on some available IPv6 addresses, in a bid to discover IoT assets operating in IPv6 environments. Sources of these addresses include Hitlist27, which […]

Supply Chain Attack Event — Targeted Attacks on Java Projects in GitHub

November 24, 2020 | Mina Hao

Preface Recently, GitHub’s Security Incident Response Team (SIRT) published an article saying that a set of Github code repositories were serving open-source projects that were infected with malicious code (https://securitylab.github.com/research/octopus-scanner-malware-open-source-supply-chain). According to the article, attackers submitted malicious code to the open-source projects, which were referenced by other open-source projects. After being used by developers, these […]

Annual IoT Security Report 2019-5

November 23, 2020 | Mina Hao

This section presents the exposure of IPv6 assets on the Internet and methods for recon of these assets. IPv6 Evolution With the IoT and 5G gaining ground, the demand of network applications for IP addresses is undergoing an explosive growth. However, the IPv4 address space has been depleted and IPv4 addresses have been unevenly allocated. […]

Analysis of the 2020 H1 IoT Security Trend

November 20, 2020 | Mina Hao

Overview 2020 H1 witnessed nine Internet of Things (IoT) security events that deserved close attention: Ripple20 0-day vulnerabilities were discovered and affected hundreds of millions of networked devices in various industries across the globe. A high-risk 0-day vulnerability was detected in dozens of Netgear router products. A group of Industrial Control System (ICS) honeypots attracted […]

IP Reputation Report-11152020

November 19, 2020 | Mina Hao

1. Top 10 countries in attack counts: The above diagram shows the top 10 regions with the most malicious IP addresses from the NSFOCUS IP Reputation databases at November 15, 2020.

Annual IoT Security Report 2019-4

November 18, 2020 | Mina Hao

Introduction As we indicated in the 2018 Annual IoT Security Report, network addresses on the Internet constantly change. Use of historical data to delineate exposure of assets will result in a deviation from reality, presenting a value higher than the actual number. Therefore, to accurately reflect the reality of a given area, we should specify […]

Windows Kernel cng.sys Privilege Escalation 0-day Vulnerability CVE-2020-17087 Threat Alert

November 17, 2020 | Mina Hao

Overview Recently, Google Project Zero published an article about the Windows cng.sys privilege escalation vulnerability (CVE-2020-17087). The vulnerability allows attackers without authentication to trick users into running crafted malicious programs to escalate privileges. At present, this vulnerability has been exploited in the wild, and Microsoft has not released patches to fix it. Users are advised […]