Vulnerability Description On January 20, 2021, NSFOCUS detected that Oracle released the January 2021 Critical Patch Update (CPU), which fixed 329 vulnerabilities of varying risk levels. Seven of these vulnerabilities are severe and assigned CVE-2021-1994, CVE-2021-2047, CVE-2021-2064, CVE-2021-2108, CVE-2021-2075, CVE-2019-17195, and CVE-2020-14756. Unauthenticated attackers could exploit these vulnerabilities to execute...
Year: 2021
Annual IoT Security Report 2019-17
Malicious Behaviors Targeting UPnP Vulnerabilities We captured four kinds of UPnP exploits 1, as shown in Table 4-7. Apparently, all the exploits targeted remote command execution vulnerabilities. Besides, we found that when a vulnerability is found on a specific port, attackers usually directly hit this port by skipping the UPnP...
JumpServer Remote Command Execution Vulnerability Threat Alert
Overview On January 15, 2021, Beijing time, JumpServer released an emergency bulletin to announce a remote command execution vulnerability in its bastion host and advised users to fix it as soon as possible, especially those whose JumpServer can be accessed via the Internet. (more…)
Suggestions on Detection and Prevention of the Incaseformat Virus
Overview On January 13, 2021, NSFOCUS's emergency response team received feedback on the incaseformat virus from a host of customers in the government, healthcare, education, and telecom sectors. According to analysis, we found that this virus mainly infected hosts installed with financial management application systems. Also, we observed that all...
Enterprise Blockchain Security 2020-1
Blockchains are distributed digital ledgers of cryptographically signed transactions that are grouped into blocks. Each block is cryptographically linked to the previous one (making it tamper evident) after validation and undergoing a consensus decision. As new blocks are added, older blocks become more difficult to modify (creating tamper resistance). New...
Watch Out! “Incaseformat” Came Back
The outbreak of Incaseformat virus has affected many industries recently. It is critical because it has removed all non-system files and caused serious data loss. This virus appeared before, now it has come back and infected many hosts, especially in China. As of 14 Jan, 2:00 P.M.(GMT+8), NSFOCUS Labs and...
