Executive Summary It has been 31 years since China sent its first email to the world on September 14, 1987, thus triggering the development of the Internet in the country. From the Consumer Internet and the Industrial Internet to the Internet of Things, the Internet has been increasingly changing the...
Year: 2019
Joomla! Content Management System Remote Code Execution Vulnerability Threat Alert
Overview Recently, security researcher Alessandro Groppo posted a blog about a remote code execution vulnerability in the early version of the content management system Joomla!. The vulnerability is a remote code execution caused by a PHP object injection discovered by researchers in the Joomla! CMS 3.0.0. to 3.4.6 (released from...
Oracle October 2019 Critical Patch Update for All Product Families Threat Alert
Overview On October 15, 2019, local time, Oracle released its own security advisory and third-party security advisories for its October 2019 Critical Patch Update (CPU) which fixes 240 vulnerabilities of varying severity levels across the product families. For details about affected products and available patches, visit the appendix. (more…)
vBulletin Remote Code Execution Vulnerability (CVE-2019-16759) Threat Alert
Overview vBulletin is a powerful, scalable, and fully customizable forums package. Despite being a commercial product, vBulletin is still the most popular web forums package, whether from the market share or the actual installations. (more…)
IP Reputation Report-10132019
Top 10 countries in attack counts: The above diagram shows the top 10 regions with the most malicious IP addresses from the NSFOCUS IP Reputation databases at October 13, 2019. Top 10 countries in attack percentage: The Laos is in first place. The Uzbekistan is in the second place. The...
Harbor Remote Privilege Escalation Vulnerability (CVE-2019-16097) Threat Alert
Overview Harbor is an open-source project from VMware and an enterprise-class registry server that stores and distributes Docker container images. It adds some functionalities required by enterprises such as security, identity, and management. (more…)
