Blog

ThinkPHP 5.0-5.0.23, 5.1.0-5.1.31, and 5.2.* Remote Code Execution Vulnerability Handling Guide

January 21, 2019 | Mina Hao

1 Vulnerability Overview Recently, ThinkPHP 5.0-5.0.23 was found to have a remote code execution (RCE) vulnerability. The NSFOCUS Falcon Team carried out tests and found that ThinkPHP 5.0-5.0.23, 5.1.0-5.1.31, and 5.2.* were also prone to this vulnerability, which could be triggered in both Linux and Windows systems.

Mobile Office——SMS phishing

January 18, 2019 | Mina Hao

Case Analysis This story starts from an SMS message and ends with financial loss, sounding just like an ordinary telecom fraud. But it is distinctive in that a malicious link and a web page that contains a trojan are leveraged, indicating that the attacker is quite tech-savvy. After the mobile phone is infected with the […]

NSFOCUS Detects Two Satan Variants Targeting Financial Sector

January 17, 2019 | Devika Jain

  In early November of 2018, NSFOCUS spotted the first variant of Satan malware that targets Linux and Windows systems and spreads by exploiting various application vulnerabilities. A few weeks later, NSFOCUS came across a second variant of this Satan, capable of self-propagation via Windows and Linux platforms. These two variant detections are just another […]

ThinkPHP 5.0.* Remote Code Execution Vulnerability Handling Guide

January 17, 2019 | Mina Hao

1 Vulnerability Overview Recently, ThinkPHP 5.0.* is prone to a remote code execution vulnerability that has been officially fixed. All related users should stay wary and take precautions as soon as possible.

ThinkPHP 5 Remote Code Execution Vulnerability Threat Alert

January 16, 2019 | Mina Hao

Overview On January 11, ThinkPHP addressed a remote code execution vulnerability. This vulnerability stems from the Request class’s (thinkphp/library/think/Request.php) lack of sufficient input validation when handling requests, which finally leads to remote code execution.

Technical Report on Container Security (IV)-3

January 16, 2019 | Mina Hao

Container Security Protection – Host Security Host Security Hardening of Basic Host Security Containers share the operating system kernel with the host. Therefore, host configuration determines whether containers can be executed in a secure manner. For example, vulnerable software puts the host at risk of arbitrary code execution; opening ports at will exposes the host […]

Microsoft’s January 2019 Patch Fixes 51 Security Vulnerabilities Threat Alert

January 15, 2019 | Mina Hao

Overview Microsoft released the January 2019 security patch on Tuesday that fixes 51 vulnerabilities ranging from simple spoofing attacks to remote code execution in various products, including .NET Framework, Adobe Flash Player, Android App, ASP.NET, Internet Explorer, Microsoft Edge, Microsoft Exchange Server, Microsoft JET Database Engine, Microsoft Office, Microsoft Office SharePoint, Microsoft Scripting Engine, Microsoft […]

NSFOCUS Forms Strategic Partnerships in LATAM and Around the World

January 14, 2019 | Andre Mello

  By: Andre Tristao e Mello, Vice President, Latin America & Caribbean, NSFOCUS At NSFOCUS, we are always looking for ways to better serve and work with our customers — from innovative product updates to partnerships; we’re dedicated to helping and protecting our customers. Across the LATAM region, we focused many of our efforts into […]

Microsoft Exchange Server Arbitrary User Impersonation Vulnerability Handling Guide

January 10, 2019 | Mina Hao

1 Vulnerability Overview Recently, a security researcher released details of an arbitrary user impersonation vulnerability (CVE-2018-8581) in Microsoft Exchange Server (also known as Exchange Web Server, EWS for short), revealing that an authenticated attacker could exploit this vulnerability to impersonate arbitrary accounts or even gain privileges of the target user. Currently, the vulnerability’s proof of […]

Technical Report on Container Security (IV)-2

January 8, 2019 | Mina Hao

Container Security Protection – Container Service Security Container Service Security The security of the container management and orchestration service has a direct bearing on that of the container control plane. Take Docker for example. Whether the Docker daemon is properly configured determines the security of Docker to some extent. It is recommended that the following […]