Oracle April 2019 Critical Patch Update for All Product Families Threat Alert
April 30, 2019
Overview
On April 16, 2019, local time, Oracle released its security advisory of the Critical Patch Update (CPU) for the second quarter. The CPU fixes 297 vulnerabilities of varying severity levels across the product families. For details about affected products and available patches, visit the following link:
https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html (more…)
Cisco Common Service Platform Collector Default Password Vulnerability (CVE-2019-1723) Threat Alert
April 29, 2019
Overview
Cisco officially released a security advisory, announcing the fix of a vulnerability (CVE-2019-1723) existing in the Cisco Common Service Platform Collector (CSPC).
This vulnerability exists because the affected software has a default account with a fixed password. An attacker could exploit this vulnerability to remotely access an affected device by using this account. This account does not have administrative privileges. (more…)
Apache Tomcat Remote Code Execution Vulnerability (CVE-2019-0232) Threat Alert
April 26, 2019
Overview
On April 10, local time, Apache Software Foundation officially released a security advisory, announcing the fix of a remote code execution vulnerability (CVE-2019-0232). The Java Runtime Environment (JRE), when running on a Windows system with enableCmdLineArguments enabled, passes command-line parameters to Windows in an incorrect manner. This leads to the CGI servlet susceptible to remote code execution attacks. By default, the CGI servlet is disabled. (more…)
Siemens Multiple Products Vulnerabilities Threat Alert
April 25, 2019
Overview
On April 9, local time, Siemens officially released a security advisory, announcing the fix of vulnerabilities of different risk levels in a spectrum of products such as SIMATIC WinCC Open Architecture (SIMATIC WinCC OA), Spectrum Power, and RUGGEDCOM RXO II. Of all these vulnerabilities, two have a CVSS v3.0 base score of 10. (more…)
IP Reputation Report-04192019
April 24, 2019
Top 10 countries in attack counts: The above diagram shows the top 10 regions with the most malicious IP addresses from the NSFOCUS IP Reputation databases at April 19, 2019. Top 10 countries in attack percentage: The country Suriname (SR) has been in the first place for three weeks. The Laos is still in […]
2018 DDoS Attack Landscape-4
April 23, 2019
3.2 DDoS Attack Type Analysis
3.2.1 Proportions of Different Attack Types
In 2018, the most frequently seen attacks were SYN flood, UDP flood, ACK flood, HTTP flood, and HTTPS flood attacks6, which altogether accounted for 96% of all DDoS attacks. In contrast, reflection attacks contributed to no more than 3% of attacks. Compared with 2017, the year 2018 witnessed an 80% decrease in the number of reflection attacks, but a 73% increase in other attacks. This is because Chinese authorities took effective measures against reflectors (see section 3.1.1 “Attack Count and Traffic”). (more…)
Confluence SSRF and Remote Code Execution Vulnerability Handling Guide
April 22, 2019
1 Vulnerability Overview
Recently, Atlassian officially released a security bulletin, announcing a server-side request forgery (SSRF) vulnerability and a remote code execution vulnerability (CVE-2019-3396). The two vulnerabilities respectively reside in WebDAV and Widget Connector and could be exploited by an attacker for remote code execution and server-side request forgery. (more…)
Apache Axis Remote Code Execution Vulnerability (CVE-2019-0227) Threat Alert
April 19, 2019
Overview
The default service StockQuoteService.jws in Axis contains a hard-coded HTTP URL, which can be used to trigger an HTTP request. An attacker can conduct a man-in-the-middle (MITM) attack by taking control of a domain (www.xmltoday.com) or performing ARP poisoning against the targeted Axis server, and then redirect the HTTP request to a malicious web server before remotely executing code on the Apache Axis server (CVE-2019-0227). (more…)
Microsoft’s April 2019 Patches Fix 76 Vulnerabilities Threat Alert
April 18, 2019
Overview
Microsoft released April 2019 security patches on Tuesday that fix 76 vulnerabilities ranging from simple spoofing attacks to remote code execution in various products, including .NET Core, Adobe Flash Player, CSRSS, Microsoft Browsers, Microsoft Edge, Microsoft Exchange Server, Microsoft Graphics Component, Microsoft JET Database Engine, Microsoft Office, Microsoft Office SharePoint, Microsoft Scripting Engine, Microsoft Windows, Microsoft XML, Open Source Software, Servicing Stack Updates, Team Foundation Server, Windows Admin Center, Windows Kernel, and Windows SMB Server. (more…)