Adeline Zhang

VMware ESXi Remote Code Execution Vulnerability (CVE-2019-5544) Threat Alert

VMware

December 20, 2019

Overview

On December 5, local time, VMware officially released a security advisory that revealed a remote code execution vulnerability (CVE-2019-5544) in VMware ESXi and Horizon DaaS. The vulnerability is due to a heap overwrite issue in OpenSLP used in ESXi and Horizon DaaS appliances. Malicious users with access to port 427 on the ESXi host or any Horizon DaaS platform through the network may overwrite the heap of the OpenSLP service, eventually causing remote code execution. (more…)

IP Reputation Report-12152019

December 19, 2019

  1. Top 10 countries in attack counts:

  • The above diagram shows the top 10 regions with the most malicious IP addresses from the NSFOCUS IP Reputation databases at December 15, 2019.

(more…)

Cybersecurity Insights-9

December 18, 2019

5.3 DDoS Attacks

5.3.1 Attack Trend

In 2018, we observed 148,000 DDoS attacks (down 28.4% from 2017), which generated a total of 643,100 TB of attack traffic, about the same volume as observed in 2017. This trend suggests that
while the number of DDoS attacks is lower, the size of the attack are growing. Large and medium-size attacks are on the rise.

(more…)

Harbor Multiple Vulnerabilities Threat Alert

December 17, 2019

Overview

Today, VMware released five vulnerabilities for Harbor Container Registry, including two officially classified as critical vulnerabilities (CVE-2019-19025, CVE-2019-19023), and two high-risk vulnerabilities (CVE-2019-19029, CVE- 2019-19026), and a medium-risk vulnerability (CVE-2019-3990). (more…)

SDN-based Intelligent DDoS Cleaning System

December 16, 2019

Traditional DDoS protection solutions are designed to address flexibility, scheduling, and value addition requirements. However, the advent of the software-defined networking (SDN) technology, especially its combination with network virtualization, provides a new way to deploy security devices. NSFOCUS’s SDN-based intelligent cleaning system discussed here can intelligently detect DDoS attacks and work out an optimal cleaning policy before selecting the most appropriate cleaning resources in real time, thus implementing intelligent traffic cleaning on demand to effectively protect users from DDoS attacks. (more…)

Information Security in the Workplace- Business Chat Groups-v

December 13, 2019

With the advancement of IT-based transformation and the rapid development of IT, various network technologies have seen more extensive and profound applications, along with which come a multitude of cyber security issues. Come to find out what information security issues you should beware of in the workplace. (more…)

IP Reputation Report-12082019

December 12, 2019

  1. Top 10 countries in attack counts:

  • The above diagram shows the top 10 regions with the most malicious IP addresses from the NSFOCUS IP Reputation databases at December 08, 2019.

(more…)

Cybersecurity Insights-8

December 11, 2019

5.2 Web Attacks 5.2.1 Trend of Web Attacks Of all attacks targeting web servers in 2018, 89% of them still employed common methods such as server information disclosure, resource leech, SQL injection, and cross-site scripting. Hackers are using an increasing number of web server or plug-in vulnerabilities. In 2018, vulnerability based web attacks accounted for […]

Apache Flink Arbitrary Jar Package Upload Threat Alert

December 10, 2019

Overview

Recently, researchers have discovered the Apache Flink Jar package to upload the attack data. Attackers can exploit this vulnerability to upload a Jar package containing malicious code without authorization, thereby taking control of the target server. (more…)

Tracking and Analysis of the LoJack/CompuTrace Incident

December 9, 2019

1. Introduction to LoJack

With a history of 20 years, Absolute Software has been a leading provider for device security, management, and tracking. Its products have set an industry standard for persistent endpoint security and data risk management for computers, laptops, tablets, and smartphones. In 2005, Absolute Software released LoJack for Loaptops, also known as Computrace. This software is used to trace stolen laptops, with features including the abilities to remotely lock, delete files from, and locate the stolen laptop on a map. (more…)

Search

Subscribe to the NSFOCUS Blog