Month: September 2018

Xbash Malware Combines Many Malicious Functions in Worm

September 30, 2018

Unit 42, a research team of Palo Alto Networks found a new malware family this month and named it Xbash. This new malware combines ransomware, coinming, botnet, and worm features and targets Linux and Windows mainly. Xbash is developed in Python and was then converted into self-contained Linux ELF executables by abusing the legitimate tool […]

Cisco Released Semi-annual Security Updates for IOS and IOS XE

September 30, 2018

Cisco has released bundles of Cisco IOS and IOS XE software security advisories on September 26, 2018. The release of the Cisco IOS and IOS XE Software Security Advisory Bundled Publication includes 13 vulnerabilities in Cisco IOS Software and Cisco IOS XE Software. One of the advisories describes a vulnerability that also exists in Cisco […]

Rockwell Automation Buffer Overflow Vulnerability

September 26, 2018

Recently Rockwell Automation fixed a critical vulnerability (CVE-2018-14829) found in its RSLinx Classic, a software platform that allows Logix 5000 Programmable Automation Controllers to connect to a wide variety of Rockwell Software applications. A remote attacker could make the device being accessed stop responding and crash by sending a malicious CIP packet to Port 44818. […]

NSFOCUS Introduces All-in-One Cloud Security Service for Regional Service Providers

September 20, 2018

SANTA CLARA, Calif., September 20, 2018 – NSFOCUS, a leader in holistic hybrid security solutions, announced today its newest cloud security service, Cloud-in-a-Box (CiaB), designed specifically for local and regional service providers across the globe. CiaB enables service providers to quickly deploy cloud security services with minimal expertise and without the upfront costs typically associated […]

Cisco IOS XE Software Static Credential Vulnerability

September 20, 2018

Yesterday, September 19th, Cisco announced an advisory for a critical vulnerability (CVE-2018-0150) that exists with their  IOS XE Software. The vulnerability is due to an undocumented user account with privilege level 15 that has a default username and password. An attacker could exploit this vulnerability by using this account to remotely connect to an affected […]

NSFOCUS introduces new capability to identify cyber risk exposure

September 19, 2018

Help Net Security – NSFOCUS announced the launch of NSFOCUS Exposed Internet Surface Analysis (EISA), a new capability to address the cyber security risk faced by organizations today. EISA identifies malicious activity of rogue IPs, ports and services that might be compromised and hidden within the organization’s network providing insights to prioritize remediation and block […]

Vulnerabilities Discovered in NUUO Network Video Recorder

September 19, 2018

Tenable Research released two vulnerabilities in NVRMini2, NUUO’s Network Video Recorder software on September 17th. Risk information is as below: Reference link: https://www.tenable.com/security/research/tra-2018-25 Attack demo: https://www.youtube.com/watch?v=2EuFOZfRL4U Sketch of NVRMini2 structure: Vulnerability Description CVE-2018-1149: Unauthenticated Remote Stack Buffer Overflow The HTTP interface exposes the binary cgi_system through the http://<target>/cgi-bin/cgi_system endpoint. Much of the functionality of cgi_system […]

Security, insurance providers want to help you evaluate your cyber risk

September 18, 2018

CSO Australia – A host of security vendors are targeting governance-minded companies with tools for formalising the evaluation and management of cybsersecurity risk across an organisation. Secureworks, for one, has wrapped its Secureworks Security Maturity Model (SSMM) methodology into a self-assessment tool that helps organisations benchmark the maturity of their cybersecurity processes. The methodology – […]

Response Guide of IBM WebSphere Code Execution Vulnerability

September 18, 2018

Recently IBM released a remote code execution vulnerability (CVE-2018-1567) in WebSphere application server. It could allow remote attackers to execute arbitrary Java code through the SOAP connector with a serialized object from untrusted sources. CVSS: 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Affected versions: IBM WebSphere 9.0.0.0 – 9.0.0.9 IBM WebSphere 8.5.0.0 – 8.5.5.14 IBM WebSphere 8.0.0.0 – 8.0.0.15 IBM […]

NSFOCUS Introduces New Capability to Identify Cyber Risk Exposure

September 17, 2018

SANTA CLARA, Calif., September 18, 2018 – NSFOCUS, the leader in holistic hybrid security solutions, today announced the launch of NSFOCUS Exposed Internet Surface Analysis (EISA), a new capability to address the ever-expanding cyber security risk faced by organizations today. EISA identifies malicious activity of rogue IPs, ports and services that might be compromised and […]

Search

Subscribe to the NSFOCUS Blog