RSA Conference 2020
February 24, 2020
RSA Conference 2020 February 24-28, 2020 Moscone Center, San Francisco, CA
Adobe Security Bulletins for February 2020 Security Updates Threat Alert
February 24, 2020
Overview
On February 11, 2020, local time, Adobe officially released February’s security updates to fix multiple vulnerabilities in its various products, including Adobe Experience Manager, Adobe Digital Editions, Adobe Flash Player, Adobe Acrobat and Reader, and Adobe Framemaker. (more…)
Microsoft’s Security Bulletin for February 2020 Patches That Fix 100 Security Vulnerabilities Threat Alert
February 21, 2020
Overview
Microsoft released the February 2020 security patches on Tuesday that fixes 100 vulnerabilities ranging from simple spoofing attacks to remote code execution in various products, including Adobe Flash Player, Internet Explorer, Microsoft Edge, Microsoft Exchange Server, Microsoft Graphics Component, Microsoft Malware Protection Engine, Microsoft Office, Microsoft Office SharePoint, Microsoft Scripting Engine, Microsoft Windows, Microsoft Windows Search Component, Remote Desktop Client, Secure Boot, SQL Server, Windows Authentication Methods, Windows COM, Windows Hyper-V, Windows Installer, Windows Kernel, Windows Kernel-Mode Drivers, Windows Media, Windows NDIS, Windows RDP, Windows Shell, and Windows Update Stack. (more…)
IP Reputation Report-02162020
February 20, 2020
-
Top 10 countries in attack counts:
- The above diagram shows the top 10 regions with the most malicious IP addresses from the NSFOCUS IP Reputation databases at February 16, 2020.
Cisco Discovery Protocol Vulnerabilities Threat Alert
February 19, 2020
Overview
On February 6, 2020, Beijing time, Cisco fixed five high-risk vulnerabilities in the Cisco Discovery Protocol (CDP) in new versions. The CDP protocol allows Cisco devices to share information in the intranet via multicast messages. These vulnerabilities affect VoIP (Voice over Internet Protocol) phones and cameras. (more…)
Android Bluetooth Component Critical Vulnerability (CVE-2020-0022) Threat Alert
February 18, 2020
Overview
Recently, Google released February 2020 security updates for Android which fixed a critical vulnerability (CVE-2020-0022) in Android’s Bluetooth component. This vulnerability could be exploited without user interaction when Bluetooth is enabled on devices. An attacker that successfully exploits this vulnerability could execute arbitrary code on the target system. Also, researchers pointed out that this vulnerability could be exploited to craft self-spreading Bluetooth worms. (more…)
ICS Information Security Assurance Framework 17
February 17, 2020
Nuclear Power
The security scenario of the nuclear power plant is similar to that of the thermal power platform. For details, sees section 4.1.1. Generally, it contains the following contents: (more…)
FusionAuth Remote Code Execution Vulnerability (CVE-2020-7799) Threat Alert
February 14, 2020
On January 28, 2019, Beijing time, NVD released a remote command execution vulnerability (CVE-2020-7799) in the Apache Freemarker template in FusionAuth. It is found that an authenticated user can edit email templates (Home > Settings > Email Templates) or themes (Home > Settings > Themes) in FusionAuth to execute arbitrary commands in the underlying operating system by using freemarker.template.utility.Execute in the Apache FreeMarker engine of custom templates. (more…)
IP Reputation Report-02092020
February 13, 2020
-
Top 10 countries in attack counts:
- The above diagram shows the top 10 regions with the most malicious IP addresses from the NSFOCUS IP Reputation databases at February 9, 2020.
WebLogic WLS Component IIOP Protocol Remote Code Execution Vulnerability (CVE-2020-2551) Threat Alert
February 12, 2020
-
Overview
Oracle released Critical Patch Update (CPU) for January 2020, announcing a remote code execution vulnerability (CVE-2020-2551) in the Internet Inter-ORB Protocol (IIOP) used by the WLA component in WebLogic. (more…)
