Overview 2020 H1 witnessed nine Internet of Things (IoT) security events that deserved close attention: Ripple20 0-day vulnerabilities were discovered and affected hundreds of millions of networked devices in various industries across the globe.A high-risk 0-day vulnerability was detected in dozens of Netgear router products.A group of Industrial Control System...
Year: 2020
Annual IoT Security Report 2019-4
Introduction As we indicated in the 2018 Annual IoT Security Report, network addresses on the Internet constantly change. Use of historical data to delineate exposure of assets will result in a deviation from reality, presenting a value higher than the actual number. Therefore, to accurately reflect the reality of a...
Windows Kernel cng.sys Privilege Escalation 0-day Vulnerability CVE-2020-17087 Threat Alert
Overview Recently, Google Project Zero published an article about the Windows cng.sys privilege escalation vulnerability (CVE-2020-17087). The vulnerability allows attackers without authentication to trick users into running crafted malicious programs to escalate privileges. At present, this vulnerability has been exploited in the wild, and Microsoft has not released patches to...
WebLogic Console HTTP Remote Code Execution Vulnerability (CVE-2020-14882) Protection Solution
Overview The Critical Patch Update (CPU) for October 2020 released by Oracle contains a high-risk WebLogic Consoleremote code execution vulnerability (CVE-2020-14882). The vulnerability can be triggered without authentication and has an extensive impact. Unauthenticated attackers might construct special HTTP GET requests to exploit this vulnerability to execute arbitrary code on...
VMware ESXi Remote Code Execution Vulnerability (CVE-2020-3992) Threat Alert
Vulnerability Description On October 21, 2020, NSFOCUS detected that VMware released a security advisory that fixes a VMware ESXi remote code execution vulnerability (CVE-2020-3992). This vulnerability exists because OpenSLP as used in VMware ESXi has a use-after-free issue. An attacker residing in the management network who has access to port...
Annual IoT Security Report 2019-3
LockerGoga Ransomware Alleged to Repeatedly Attack Plants On January 24, 2019, France-based Altran Technologies was allegedly hit by LockerGoga ransomware. On March 19, Norsk Hydro, one of the largest aluminum companies worldwide, was hit by an extensive cyberattack, having machines around the globe infected with malware and some unable to...
