Adeline Zhang

AVEVA InduSoft Web Studio and InTouch Edge HMI Critical Vulnerabilities Threat Alert

November 14, 2018

Overview

Recently, AVEVA released a security bulletin to announce the remediation of two critical vulnerabilities in industrial software.

CVE-2018-17916 is a stack overflow vulnerability that can be triggered by sending a crafted packet, leading to remote code execution by an unauthorized user.

CVE-2018-17914 stems from an empty password in the configuration file. An unauthorized attacker could exploit this vulnerability to remotely execute code with the same privilege as that of the affected software. (more…)

NSFOCUS Present at the CS3STHLM Summit as the Only Asia-Pacific Security Vendor

November 12, 2018

On October 24, 2018, the CS3STHLM industrial cyber security & Stockholm international summit on Cyber Security in SCADA and Industrial Control Systems (“the Stockholm summit”) kicked off in Sweden for the fifth consecutive year,  bringing together cybersecurity experts worldwide. NSFOCUS, as the only participating security vendor from Asia-Pacific, delivered a speech titled Attacking PLCs by PLC in Deep, sharing the company’s security research experience in the industrial control system (ICS) realm. (more…)

Cisco ASA Security Product Denial-of-Service Vulnerability (CVE-2018-15454) Threat Alert

November 12, 2018

  1. Vulnerability Overview

Recently, Cisco officially released a security advisory to fix the denial-of-service (DoS) vulnerability (CVE-2018-15454) in Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) software. This vulnerability exists in the Session Initiation Protocol (SIP) inspection engine used by Cisco ASA and FTD. An unauthorized attacker could exploit this vulnerability remotely to cause an affected device to reload or trigger a high CPU usage, causing a denial of service to the device. (more…)

GandCrab Ransomware Virus Threat Alert

November 10, 2018

Risk Overview

The GandCrab family is updating at a rapid pace. Since its V5 was released in September this year, a number of variants have appeared, including V5.0, V5.0.2, V5.0.3, V5.0.4, and V5.0.5. This virus family has targeted customers in various sectors in China. Users should take precautions to remove it as soon as possible. (more…)

Apache mod_jk Access Control Bypass Vulnerability (CVE-2018-11759) Threat Alert

November 10, 2018

Vulnerability Overview

Recently, Apache Software Foundation (ASF) released a security advisory to announce the fix for an access control bypass vulnerability (CVE-2018-11759) in the mod_jk module in Apache Tomcat. Currently, the proof of concept (PoC) has been announced for this vulnerability. Users of this software should take precautions to fix this vulnerability as soon as possible. (more…)

USA & China Named As Top Cyber-Attack Sources

November 9, 2018

Cyber Security Intelligence – NSFOCUS has released its H1 Cybersecurity Insights report, which analyzed traffic from January to July this year across more than 27 million attack sources the first half of 2018. The standout issues are a big jump in crypto mining, the persistence of DDoS attacks and the predominace of repeated ‘recidivist’ attacks […]

Office Area——Screen Lock

November 8, 2018

Case AnalysisCase Analysis

Different employees assume different duties, and therefore have different permissions to access company data. If you do not lock your screen when you are out for lunch or go to the restroom, other co-workers may see the contents on your screen and those with ulterior motives may open files saved on your computer or even copy them to a USB drive. (more…)

Technical Report on Container Security (II)-1

11 Security Solutions for Small Business

November 7, 2018

Container Basics — Container Image

Container Image

Images are the basis of containers. The container engine service can use different images to launch different containers. After a container becomes faulty, the service can be promptly restored by deleting the faulty container and launching a new one thanks to the underlying technique of container images[i]. (more…)

Multiple Cisco Vulnerabilities Threat Alert

November 6, 2018

Overview

Recently, Cisco released an official security advisory to announce fixes for multiple high-risk vulnerabilities, which could cause a denial of service and remote code execution. (more…)

Office Area——Strangers’ Entrance

November 2, 2018

Office safety should not be underestimated.

(more…)

Search

Subscribe to the NSFOCUS Blog