1 Image Metadata By default, in the Linux system, Docker data is stored in /var/lib/docker by default. However, different systems have different Docker storage drivers and directory structures.. This document uses Docker images in the OCI standard format as an example to describes how Docker images are stored. (more…)
Year: 2018
AVEVA InduSoft Web Studio and InTouch Edge HMI Critical Vulnerabilities Threat Alert
Overview Recently, AVEVA released a security bulletin to announce the remediation of two critical vulnerabilities in industrial software. CVE-2018-17916 is a stack overflow vulnerability that can be triggered by sending a crafted packet, leading to remote code execution by an unauthorized user. CVE-2018-17914 stems from an empty password in the...
NSFOCUS Present at the CS3STHLM Summit as the Only Asia-Pacific Security Vendor
On October 24, 2018, the CS3STHLM industrial cyber security & Stockholm international summit on Cyber Security in SCADA and Industrial Control Systems ("the Stockholm summit") kicked off in Sweden for the fifth consecutive year, bringing together cybersecurity experts worldwide. NSFOCUS, as the only participating security vendor from Asia-Pacific, delivered a...
Cisco ASA Security Product Denial-of-Service Vulnerability (CVE-2018-15454) Threat Alert
Vulnerability Overview Recently, Cisco officially released a security advisory to fix the denial-of-service (DoS) vulnerability (CVE-2018-15454) in Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) software. This vulnerability exists in the Session Initiation Protocol (SIP) inspection engine used by Cisco ASA and FTD. An unauthorized attacker could exploit this...
GandCrab Ransomware Virus Threat Alert
Risk Overview The GandCrab family is updating at a rapid pace. Since its V5 was released in September this year, a number of variants have appeared, including V5.0, V5.0.2, V5.0.3, V5.0.4, and V5.0.5. This virus family has targeted customers in various sectors in China. Users should take precautions to remove...
Apache mod_jk Access Control Bypass Vulnerability (CVE-2018-11759) Threat Alert
Vulnerability Overview Recently, Apache Software Foundation (ASF) released a security advisory to announce the fix for an access control bypass vulnerability (CVE-2018-11759) in the mod_jk module in Apache Tomcat. Currently, the proof of concept (PoC) has been announced for this vulnerability. Users of this software should take precautions to fix...
