November 11, 2019
In February 2019, our monitoring found that some domestic users, when accessing certain websites through their home routers, were hijacked to pornographic and gambling websites. According to our sample inspection, more than 4 million IP addresses were hijacked to about 190 domain names concerning pornography and gambling during this incident. These victim users were supposed to open their intended websites, but redirected to another unexpected page. (more…)
November 9, 2019
On April 18, 2019 a hacker/hacker organization sold a toolkit of the APT34 group, under the false name of Lab Dookhtegan, on a Telegram channel. The organization also posted screenshots of the tool’s backend panels, where victim data had been collected. Early in the middle of March 2019, this hacker/hacker organization had released and sold this toolkit on the Internet. Interestingly, the CEO of a security company in Kuwait took to Twitter to stress in particular the authenticity of this post. (more…)
November 8, 2019
With the advancement of IT-based transformation and the rapid development of IT, various network technologies have seen more extensive and profound applications, along with which come a multitude of cyber security issues. Come to find out what information security issues you should beware of in the workplace. (more…)
November 6, 2019
Overall Cybersecurity Situation
3.1 Attack Type Distribution
Based on attack type13, DDoS contained the largest proportion of malicious IP addresses; more than half were involved in DDoS attacks. Other types of attacks that malicious IP addresses participated in included botnets, scanning, and spam. (more…)
November 5, 2019
In February 2019, an official announcement was made that Kibana had a remote code execution vulnerability. The Kibana version prior to 5.6.15 and 6.6.1 had a functional flaw in the Timelion visualization tool, which allowed an attacker to use Kibana to execute arbitrary code on the server. Currently PoC has been announced; Ussers are recommended to conduct self-examination and protection in a timely manner. (more…)
November 4, 2019
On October 17, local time, Cisco issued a security notice claiming that an unauthorized access vulnerability to Aironet Access Points (APs) was fixed. The vulnerability stems from the fact that no specific URL is filtered. An attacker can obtain the access rights of the device by constructing a malicious URL and sending it to the affected AP to trigger the vulnerability. The attacker can then modify multiple configuration data of the AP and cause a denial of service attack.
November 1, 2019
Recently, Oracle fixed two high-risk vulnerabilities in Weblogic (CVE-2019-2890 and CVE-2019-2891) in its October critical patch update.