GandCrab Ransomware Virus Threat Alert
November 10, 2018
Risk Overview
The GandCrab family is updating at a rapid pace. Since its V5 was released in September this year, a number of variants have appeared, including V5.0, V5.0.2, V5.0.3, V5.0.4, and V5.0.5. This virus family has targeted customers in various sectors in China. Users should take precautions to remove it as soon as possible. (more…)
Apache mod_jk Access Control Bypass Vulnerability (CVE-2018-11759) Threat Alert
November 10, 2018
Vulnerability Overview
Recently, Apache Software Foundation (ASF) released a security advisory to announce the fix for an access control bypass vulnerability (CVE-2018-11759) in the mod_jk module in Apache Tomcat. Currently, the proof of concept (PoC) has been announced for this vulnerability. Users of this software should take precautions to fix this vulnerability as soon as possible. (more…)
USA & China Named As Top Cyber-Attack Sources
November 9, 2018
Cyber Security Intelligence – NSFOCUS has released its H1 Cybersecurity Insights report, which analyzed traffic from January to July this year across more than 27 million attack sources the first half of 2018. The standout issues are a big jump in crypto mining, the persistence of DDoS attacks and the predominace of repeated ‘recidivist’ attacks […]
Office Area——Screen Lock
November 8, 2018
Case AnalysisCase Analysis
Different employees assume different duties, and therefore have different permissions to access company data. If you do not lock your screen when you are out for lunch or go to the restroom, other co-workers may see the contents on your screen and those with ulterior motives may open files saved on your computer or even copy them to a USB drive. (more…)
Technical Report on Container Security (II)-1
November 7, 2018
Container Basics — Container Image
Container Image
Images are the basis of containers. The container engine service can use different images to launch different containers. After a container becomes faulty, the service can be promptly restored by deleting the faulty container and launching a new one thanks to the underlying technique of container images[i]. (more…)
Multiple Cisco Vulnerabilities Threat Alert
November 6, 2018
Overview
Recently, Cisco released an official security advisory to announce fixes for multiple high-risk vulnerabilities, which could cause a denial of service and remote code execution. (more…)
TJAL Adopts Anti-DDoS Solution
November 1, 2018
SAO PAULO, Brazil,. November 1, 2018 – Aloo Telecom has hired Everest Ridge for a data security assessment in a project for the Alagoas Court of Justice (TJAL). In order to protect the attack environment, the company implemented an NSFOCUS product. “As a result of increased hacking attacks, bidding bids have come to require highly reliable, […]
Technical Report on Container Security (I)
October 31, 2018
Overview
In recent years, the cloud computing model has gradually been universally recognized and accepted in the industry. In China, sectors such as governments, finance, carriers, and energy as well as small and medium-size organizations, to varying degrees, have migrated their business to the cloud. However, just turning hosts, platforms, or applications into virtual form cannot solve their legacy issues such as slow upgrade, clumsy architecture, and no support for rapid iteration. Then the concept of cloud native comes into being. (more…)
Week in review: Top cyber attack sources, serverless botnets, CFO as best cybersecurity friend
October 28, 2018
Help Net Security – Here’s an overview of some of last week’s most interesting news and articles: Repairnator bot finds software bugs, successfully submits patches Can a bot create valid, high-quality fixes for software bugs more rapidly than a human can, and get them accepted by human developers and permanently merged in the code base? […]
