ThinkPHP 5.x Remote Code Execution Vulnerability Threat Alert
December 13, 2018
Overview
Recently, ThinkPHP posted a blog, announcing the release of an important update that addresses a critical vulnerability. This security update fixes a getShell vulnerability caused by the framework’s insufficient checks on controller names in case forced routing is not enabled. The vulnerability, which affects ThinkPHP 5.0 and 5.1, is fixed in the latest version. (more…)
The missing leg – integrity in the CIA triad
December 13, 2018
Linkedin Eric Vanderburg Information security is often described using the CIA Triad. The CIA stands for Confidentiality, Integrity, and Availability and these are the three elements of data that information security tries to protect. If we look at the CIA triad from the attacker’s viewpoint, they would seek to compromise confidentiality by stealing data, integrity by manipulating data […]
Technical Report on Container Security (III)-2
December 11, 2018
Security Risks and Challenges—Security Threat Analysis
Security Threat Analysis
When we talk about security risks to containers, we mean security threats to hosts, to containers, and to the carried applications. (more…)
Adobe Flash Player 0-Day Vulnerabilities Threat Alert
December 11, 2018
Overview
On December 5, 2018, local time, Adobe released a security bulletin to document the remediation of two vulnerabilities, namely a critical 0-day vulnerability (CVE-2018-15982) in Adobe Flash Player and an important vulnerability (CVE-2018-15983) in Adobe Flash Player installer. (more…)
Satan Ransomware Variant Exploits 10 Server-Side Flaws
December 10, 2018
Dark Reading – Windows, Linux systems vulnerable to self-propagating ‘Lucky’ malware, security researchers say. A new version of ransomware that first surfaced about two years ago is garnering attention for its ability to spread via as many as ten different vulnerabilities in Windows and Linux server platforms.
Bravo! NSFOCUS’s Big Win in the Flare-On Challenge
December 10, 2018
The fifth annual Flare-on Challenge held by FireEye recently took place.129 out of 4925 players, of which 10 were Chinese players, reportedly finished the challenge this year. NSFOCUS’s KoAll team made a huge splash by topping the global medal tally with four medals. (more…)
“WeChat Pay” Ransomware Analysis and Decryption Tool
December 10, 2018
Risk Overview
Recently, over 20,000 PCs in China have fallen victim to WeChat Pay ransomware. Files on the affected devices are encrypted by the ransomware. To regain access to the files, users are asked to scan a WeChat QR code that appears in a pop-up window and pay 110 yuan (about $16) in ransom. So far, WeChat carrier has suspended the use of this QR code. It also steals passwords to popular platforms including Alipay, Baidu Cloud, internet company NetEase’s 163 email service, Tencent’s instant messaging platform QQ, Taobao, Tmall, and JD.com. (more…)
Personal Computer——Password Grading
December 7, 2018
Case AnalysisCase Analysis Many people use the same user names and passwords to access different websites. This makes it possible for hackers to use the password for access to a website that has been hacked to log in to other websites. Each password for each website seems unlikely. To solve this issue, you can follow […]
Satan Variant Analysis & Handling Guide
December 6, 2018
1 Background
In early November 2018, NSFOCUS discovered that some of its financial customers had been infected with a worm virus FT.exe that could affect both Linux and Windows platforms. Like the ransomware Satan, the virus spreads itself by exploiting multiple application vulnerabilities. However, this virus, after breaking into the system, does not do anything obviously damaging, but only spreads itself.
At the end of Novemb (more…)
Technical Report on Container Security (III)-1
December 5, 2018
Security Risks and Challenges — Vulnerability and Security Risk Analysis
Vulnerability and Security Risk Analysis
As a specific implementation of the container technology, Docker is getting more and more popular in recent years. To some extent, Docker has become a typical representation of the container technology. Docker is based on the common client/server (C/S) architecture design as shown in Figure 3.1. In this architecture, the Docker daemon (server) runs on the Docker host and the Docker client sends requests to the daemon. This chapter uses Docker as an example to describe containers’ vulnerabilities and security risks. (more…)
