Windows Arbitrary File Read 0-Day Vulnerability Handling Guide
January 7, 2019
1 Vulnerability Overview
Recently, a security researcher with Twitter alias SandboxEscaper, once again, published proof-of-concept (PoC) code for a new 0-day vulnerability affecting Windows. This is the third Windows 0-day vulnerability published by this same researcher since August 2018. The vulnerability made known to the public this time could lead to arbitrary file read. Specifically, it allows low-privileged users or malicious programs to read, but not write into, arbitrary files on a targeted Windows host. Before an official patch is released by Microsoft, all Windows users will be affected by this vulnerability. (more…)
Technical Report on Container Security (IV)-1
January 7, 2019
Container Security Protection—Linux Kernel Security Mechanism
As a lightweight virtualized implementation, the container technology took into account security factors at the time of design, which constitute an important basis for container security protection. This chapter describes security risks and threats facing containers and common protection ideas and methods. (more…)
IP Reputation Report-01042019
January 4, 2019
-
Top 10 c¿ountries:
The above diagram shows the top 10 regions with most malicious IP addresses from the NSFOCUS IP Reputation databases at January 04, 2019. (more…)
Cybersecurity trends 2019: What should you look out for?
January 4, 2019
Silicon Republic – As the year begins, there are a few key areas that cybersecurity professionals should keep in mind. After the excesses of the holiday period, you are more than likely looking at the blank slate of a new year before you with a sense of optimism and hope for times ahead. Those in […]
Microsoft Security Bulletin for December Patches That Fix 39 Security Vulnerabilities
December 29, 2018
Overview
Technical Report on Container Security (III)-3
December 29, 2018
Security Risks and Challenges – Container Application Security Threat
Container Application Security Threat- Microservice Security
Adobe Security Bulletin for December 2018 Security Updates
December 29, 2018
Overview
On December 11, 2018 (local time), Adobe released security updates which address multiple vulnerabilities in Acrobat and Reader. (more…)Cyber security predictions roundup for 2019
December 21, 2018
IT WORLD CANADA – Criminals using artificial intelligence. More nation-state backed attacks. The Internet held hostage. Dangerous chatbots. President Trump’s cellphone will be hacked. And, of course, more malware. These are some of the predictions security vendors see coming in the next 12 months. It’s not a pretty picture, but then again cyber security never […]
New Satan Variants Target Financial Sector With Monero Miners and Ransomware
December 21, 2018
SecurityIntelligence – Researchers spotted two Satan variants targeting organizations in the financial sector with Monero miners and ransomware. The first variant of the malware, which security solutions provider NSFOCUS spotted in early November, targets Linux and Windows systems and spreads by exploiting various application vulnerabilities. After establishing a foothold into a system, the virus simply […]
IP Reputation Report-12212018
December 21, 2018
Top 10 countries: The above diagram shows the top 10 regions with most malicious IP addresses from the NSFOCUS IP Reputation databases at December 21, 2018. But the United States has the largest allocated IP addresses in the world and China is in the second place. So, report IP Reputation as a percentage of total […]