NSFOCUS Identifies IP Chain-Gangs in New Cybersecurity Insights Report
January 17, 2019
Report Studies and Analyzes DDoS Attacks as Coordinated Gang-Activities SANTA CLARA, Calif., January 17, 2019 – NSFOCUS, a leader in holistic hybrid security solutions, today released its Behavior Analysis of IP Chain-Gangs report, a follow up to their H1 Cybersecurity Insights report, which found that more than 27 million attack sources detected by NSFOCUS, 25 […]
ThinkPHP 5.0.* Remote Code Execution Vulnerability Handling Guide
January 17, 2019
1 Vulnerability Overview
Recently, ThinkPHP 5.0.* is prone to a remote code execution vulnerability that has been officially fixed. All related users should stay wary and take precautions as soon as possible. (more…)
Morning Cybersecurity: Cyberattacks could cost trillions globally
January 17, 2019
POLITICO – OUCH! CYBERCRIME LOSSES WILL STING — Research out today from Accenture found that cyberattacks could cost companies worldwide some $5.2 trillion over five years. That’s according to more than 1,700 CEOs and C-suite executives in Accenture’s first survey of business leaders on the financial toll from criminal hackers. High tech is expected take […]
ThinkPHP 5 Remote Code Execution Vulnerability Threat Alert
January 16, 2019
Overview
On January 11, ThinkPHP addressed a remote code execution vulnerability. This vulnerability stems from the Request class’s (thinkphp/library/think/Request.php) lack of sufficient input validation when handling requests, which finally leads to remote code execution. (more…)
Technical Report on Container Security (IV)-3
January 16, 2019
Container Security Protection – Host Security Host Security Hardening of Basic Host Security Containers share the operating system kernel with the host. Therefore, host configuration determines whether containers can be executed in a secure manner. For example, vulnerable software puts the host at risk of arbitrary code execution; opening ports at will exposes the host […]
Microsoft’s January 2019 Patch Fixes 51 Security Vulnerabilities Threat Alert
January 15, 2019
Overview
Microsoft released the January 2019 security patch on Tuesday that fixes 51 vulnerabilities ranging from simple spoofing attacks to remote code execution in various products, including .NET Framework, Adobe Flash Player, Android App, ASP.NET, Internet Explorer, Microsoft Edge, Microsoft Exchange Server, Microsoft JET Database Engine, Microsoft Office, Microsoft Office SharePoint, Microsoft Scripting Engine, Microsoft Windows, Microsoft XML, Servicing Stack Updates, Visual Studio, Windows COM, Windows DHCP Client, Windows Hyper-V, Windows Kernel, and Windows Subsystem for Linux. (more…)
IP Reputation Report-01112019
January 11, 2019
Top 10 countries in attack counts: The above diagram shows the top 10 regions with the most malicious IP addresses from the NSFOCUS IP Reputation databases at January 11, 2019. Top 10 countries in attack percentage: From the diagram above, we can see the region Palestinian Territory has the biggest percentage of malicious IPs. The […]
Microsoft Exchange Server Arbitrary User Impersonation Vulnerability Handling Guide
January 10, 2019
1 Vulnerability Overview
Recently, a security researcher released details of an arbitrary user impersonation vulnerability (CVE-2018-8581) in Microsoft Exchange Server (also known as Exchange Web Server, EWS for short), revealing that an authenticated attacker could exploit this vulnerability to impersonate arbitrary accounts or even gain privileges of the target user. Currently, the vulnerability’s proof of concept (PoC) has been made publicly available. However, Microsoft has not released any security patches to address it, but provided a workaround in its official security advisory. Users of this software are advised to take precautions as soon as possible. (more…)
Technical Report on Container Security (IV)-2
January 8, 2019
Container Security Protection – Container Service Security Container Service Security The security of the container management and orchestration service has a direct bearing on that of the container control plane. Take Docker for example. Whether the Docker daemon is properly configured determines the security of Docker to some extent. It is recommended that the following […]
Email Security – Attachment Virus
January 7, 2019
Case AnalysisCase Analysis
Ransomware emails usually have an intriguing subject and body to entice receivers to open the attachment. As shown above, the attachment is compressed. The virus file is an executable with the extension of js. To disguise it as a seemingly secure text file, the attacker adds .txt in the file name. Files encrypted by this virus can only be decrypted upon payment of the ransom. (more…)
