Overview Recently, a security researcher discovered a vulnerability (CVE-2019-12384) in jackson-databind, noting that when certain conditions are met, an attacker, via a malicious request, could bypass the blacklist restriction and remotely execute code in an affected server during deserialization. (more…)
Year: 2019
Drupal Access Bypass Vulnerability (CVE-2019-6342) Technical Analysis
1 Vulnerability Description Recently, Drupal released a security advisory on the remediation of an access bypass vulnerability (CVE-2019-6342). In Drupal 8.7.4, when the experimental Workspaces module is enabled, an access bypass condition is created. In terms of the security risk, Drupal rates the vulnerability as Critical. (more…)
Botnet Trend Report-7
3.4 DDoS Attacks 3.4.1 Behavior Seen Effective attack instructions are botnet attack instructions that control a task other that starting and stopping. Effective attack instructions captured in 2018 included DDoS, Local Area Network (LAN) scanning, and vulnerability exploits among other types of attacks. There were 440,000 DDoS attack instructions issued...
IP Reputation Report-07292019
Top 10 countries in attack counts: The above diagram shows the top 10 regions with the most malicious IP addresses from the NSFOCUS IP Reputation databases at July 28, 2019. Top 10 countries in attack percentage: The Palestine is in first place. The Curacao changes from fourth to second....
Drupal Access Bypass Vulnerability (CVE-2019-6342) Threat Alert
Overview On July 17, 2019, local time, Drupal released a security advisory on the remediation of an access bypass vulnerability (CVE-2019-6342). In Drupal 8.7.4, when the experimental Workspaces module is enabled, an access bypass condition is created. In terms of the security risk, Drupal rates the vulnerability as Critical. (more…)
DDoS Attack Misinterpretations
River blockage used to be a great survival crisis in ancient times. Similarly in cyberspace, distributed denial-of-service (DDoS) attacks have become a devastating disaster. As we all know, DDoS attacks are destructive attacks and after over 10 years of evolution, such attacks have become an effective attack tool favored by...
