Adeline Zhang

IP Reputation Report-10132019

October 17, 2019

Top 10 countries in attack counts: The above diagram shows the top 10 regions with the most malicious IP addresses from the NSFOCUS IP Reputation databases at October 13, 2019. Top 10 countries in attack percentage: The Laos is in first place. The Uzbekistan is in the second place. The country China (CN) is not […]

Harbor Remote Privilege Escalation Vulnerability (CVE-2019-16097) Threat Alert

October 16, 2019

Overview

Harbor is an open-source project from VMware and an enterprise-class registry server that stores and distributes Docker container images. It adds some functionalities required by enterprises such as security, identity, and management. (more…)

Microsoft Internet Explorer Remote Code Execution Vulnerability (CVE-2019-1367) Threat Alert

October 15, 2019

1 Vulnerability Description

On September 23, local time, Microsoft released cumulative security updates for the Internet Explorer (IE), fixing a remote code execution vulnerability (CVE-2019-1367) in IE. This vulnerability exists in the way the IE’s script engine handles objects in memory. By tricking a user into accessing a crafted website through IE, an attacker could exploit this vulnerability to execute arbitrary code to finally gain control access to the system. (more…)

WebSphere Arbitrary File Read Vulnerability (CVE-2019-4505) Threat Alert

October 14, 2019

  1. Vulnerability Description

On September 18, 2019, IBM officially released a security bulletin, disclosing an arbitrary file read vulnerability (CVE-2019-4505) in WebSphere (web service deployment middleware), which allows remote attackers to read sensitive files on the server via a crafted URL. This could result in attackers viewing any files in a certain directory, which may aid in further attacks. (more…)

Information Security in the Workplace- System Update-v

October 11, 2019

With the advancement of IT-based transformation and the rapid development of IT, various network technologies have seen more extensive and profound applications, along with which come a multitude of cyber security issues. Come to find out what information security issues you should beware of in the workplace. (more…)

IP Reputation Report-10072019

October 10, 2019

  1. Top 10 countries in attack counts:

(more…)

phpStudy Backdoor Event Threat Alert

October 9, 2019

  1. Event Overview

Hangzhou Municipal Bureau of Public Security mentioned in its press release of Hangzhou Police Reports Work on Cracking Down on Cybercrimes and Achievements in the Cyberspace Cleanup Campaign 2019 released on September 20, 2019 that the phpStudy version released in 2016 was maliciously planted with a backdoor and the person allegedly responsible for it was arrested in early 2019. According to the report, the suspect, with the planted backdoor, had illegally controlled 670,000+ computers and obtained 100,000+ pieces of data, including accounts/passwords, chat data, and device IDs. (more…)

phpMyAdmin Cross-Site Request Forgery Vulnerability (CVE-2019-12922) Threat Alert

October 8, 2019

  1. Vulnerability Description

phpMyAdmin is a free, open-source tool for administering MySQL and MariaDB. It is widely used to manage databases of websites created with WordPress, Joomla, and other content management platforms. (more…)

DDoS Attack Landscape and Smart Protection

October 7, 2019

  1. Evolution of the Internet and Accompanying Cyber Threats

The fast growth of the Internet has brought constant changes to our lives. More than a decade ago, the egress bandwidth of 100 Mbps was available only to a small number of users, but today links with Tbps-level bandwidths are nothing unusual. The Internet connects everyone and everything, rapidly changing people’s centuries-long habits by bringing everything online, including communication, transportation, payment, and shopping, as well as household appliances. While benefiting from the convenience of the Internet, we are pushing the Internet forward. (more…)

Microsoft Excel Remote Code Execution Vulnerability (CVE-2019-1297) Threat Alert

October 4, 2019

Overview

Microsoft released security updates for September that address a remote code execution vulnerability (CVE-2019-1297) in Microsoft Excel.

This vulnerability exists in Microsoft Excel when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged in with administrative user rights, an attacker could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. (more…)

Search

Subscribe to the NSFOCUS Blog