TP-Link Wi-Fi Extenders Remote Code Execution Vulnerability (CVE-2019-7406) Threat Alert
June 24, 2019
Overview
Recently, a security expert from IBM X-Force discovered a remote code execution vulnerability (CVE-2019-7406) in multiple models of TP-Link Wi-Fi extenders. This vulnerability can be exploited by unauthenticated, remote attackers by sending a malformed HTTP request so as to execute arbitrary shell commands on a target Wi-Fi extender. The attack does not require escalation of privileges as all processes on the vulnerable devices already run with root privileges. (more…)
Apache Axis Remote Code Execution 0-Day Vulnerability Handling Guide
June 21, 2019
Recently, by using the Attack Trend Monitoring system (ATM), the NSFOCUS security team has discovered an Apache Axis remote command execution vulnerability, which allows attackers to obtain privileges of the target server and remotely execute commands without authorization by sending a crafted HTTP-POST request. (more…)
NSFOCUS Shares Botnet Trends in New 2018 Insights Report
June 18, 2019
SANTA CLARA, Calif., — June 18, 2019 – NSFOCUS, a leader in holistic hybrid security solutions, today released its 2018 Botnet Trend report, which found that botnets in 2018 continued to use distributed denial-of-service (DDoS) as their primary weapon to attack high-speed networks. In the 2018 Botnet report, developed by NSFOCUS Fuying Laboratory, a component […]
Oracle WebLogic Remote Code Execution Vulnerability (CVE-2019-2725) Patch Bypass Threat Alert
June 18, 2019
Overview
Recently, the NSFOCUS security team has found that the Oracle Weblogic vulnerability is exploited in the wild. Its attack signature is similar to that of the CVE-2019-2725 vulnerability. The attack can bypass the latest security patch released by Oracle in April. This vulnerability exists because no proper sanitization is performed when deserialized information is handled. By sending a crafted malicious HTTP request, attackers could exploit this vulnerability to gain server privileges and remotely execute arbitrary code in an unauthorized manner.
Botnet Trend Report-1
June 18, 2019
Executive Summary
Botnets, one of the oldest threats on the internet, are still the most popular weapon in a hacker’s arsenal. They offer ease of use, flexibility, and high availability, traits ideal for launching large-scale lethal cyber-attacks ar-ound the world.
Windows NTLM Tampering Vulnerability (CVE-2019-1040) Threat Alert
June 17, 2019
1 Vulnerability Overview
On June 12, 2019, Beijing time, Microsoft released security patches for the Windows NTLM tampering vulnerability (CVE-2019-1040), which exists in Windows operating systems and allows attackers to bypass the NTLM MIC (Message Integrity Check) protection. (more…)
The Road to 5G is Paved with Malware
June 14, 2019
There is no doubt that 5G will revolutionize how we use online services. Mobile high-speed internet access in excess of 5Gbs will facilitate revolutionary technologies to take advantage of the new bandwidth. Feature rich apps for entertainment, productivity, social media, and health & fitness are preparing to offer functionality only possible with high-speed mobile access. Already outside the United States disruptive technologies and services have started to appear in countries that have 5G, changing how people live, work, and interact. Smart cars driving in smart cities based on smart technologies. (more…)
Microsoft’s SecurityPatches for June that Fix 93 Security Vulnerabilities Threat Alert
June 14, 2019
Overview
Microsoft released June 2019 security patches on Tuesday that fix 93 vulnerabilities ranging from simple spoofing attacks to remote code execution in various products, including Adobe Flash Player, Kerberos, Microsoft Browsers, Microsoft Devices, Microsoft Edge, Microsoft Exchange Server, Microsoft Graphics Component, Microsoft JET Database Engine, Microsoft Office, Microsoft Office SharePoint, Microsoft Scripting Engine, Microsoft Windows, Servicing Stack Updates, Skype for Business and Microsoft Lync, Team Foundation Server, VBScript, Windows Authentication Methods, Windows Hyper-V, Windows IIS, Windows Installer, Windows Kernel, Windows Media, Windows NTLM, and Windows Shell. (more…)
IP Reputation Report-06102019
June 13, 2019
Top 10 countries in attack counts: The above diagram shows the top 10 regions with the most malicious IP addresses from the NSFOCUS IP Reputation databases at June 09, 2019. Top 10 countries in attack percentage: The Laos is in the first place since last week. The Myanmar is still in the second place. The […]
