Apache HTTP Server Privilege Escalation Vulnerability Threat Alert
April 12, 2019
1 Vulnerability Overview
Recently, Apache released a security advisory, announcing remediation of a privilege escalation vulnerability (CVE-2019-0211). Apache HTTP Server running MPM event, worker or, prefork could allow a less-privileged child thread or process (including scripts executed by an in-process scripting interpreter) to execute arbitrary code with privileges of the parent process (usually root) by manipulating the scoreboard. (more…)
The CyberWire: The Daily Briefing
April 11, 2019
The CyberWire – CISA has issued a joint Homeland Security/FBI Malware Analysis Report on the “HOPLIGHT” Trojan, attributed to North Korea’s Hidden Cobra (a.k.a. the Lazarus Group). – See more at: https://thecyberwire.com/issues/issues2019/April/CyberWire_2019_04_11.html#.dpuf
DisruptOps: Agile Development-oriented Multi-Cloud Management Platform
April 11, 2019
Keywords: multi-cloud management, agile development
About the Company
DisruptOps Inc., founded in Kansas City, Missouri in 2014, is committed to enhancing the security of operations in the cloud by providing automated protection for multi-cloud infrastructure and implementing continuous monitoring and control of cloud infrastructure. In October 2018, the company secured USD 2.5 million seed round investment led by Rally Ventures. (more…)
IP Reputation Report-04052019
April 10, 2019
-
Top 10 countries in attack counts:
- The above diagram shows the top 10 regions with the most malicious IP addresses from the NSFOCUS IP Reputation databases at April 05, 2019.
NSFOCUS Identifies DDoS Attack Trends in New 2018 Insights Report
April 10, 2019
Report Finds Correlation Between Cryptocurrency Attacks and DDoS Attacks Over the Course of 2018 SANTA CLARA, Calif., NSFOCUS, a leader in holistic hybrid security solutions, today released its 2018 DDoS Attack Landscape report, which found that there is a direct correlation between cryptocurrency and DDoS attacks. The price of cryptocurrency dropped in 2018, leading to decreased profits from […]
Trouble at the federal CIO’s office
April 10, 2019
Politico – THE SAUCE ON DDoS — With cryptomining benefits on the decline, cyber attackers were more inclined to employ DDoS attacks in 2018, according to a report out this morning from NSFOCUS. However, the total number of DDoS attacks fell 28 percent from 2017, the company found. Most used DDoS only, but 13 percent […]
Apache HTTP Server Privilege Escalation Vulnerability (CVE-2019-0211) Threat Alert
April 8, 2019
Overview
Recently, Apache Software Foundation released a security advisory, announcing remediation of a privilege escalation vulnerability (CVE-2019-0211) in the Apache HTTP Server. Apache HTTP Server running MPM event, worker or prefork could allow an attacker to gain elevated privileges on the system by executing code in less-privileged child processes or threads (including scripts executed by an in-process scripting interpreter). By manipulating the scoreboard, an attacker could exploit this vulnerability to gain privileges of the parent process (usually root) and execute arbitrary code on the system. (more…)
2018 DDoS Attack Landscape-1
April 5, 2019
NSFOCUS Security Lab research has seen a dramatic decrease in DDoS attacks between 2017 and 2018. We are in consensus with other TI vendors as to most of the driving factors behind this large scale reduction, except one. This webinar 1 will show why NSFOCUS is breaking from the pack on one of the key factors leading to the significant decrease in DDoS attacks in 2018. (more…)
Internet Explorer and Edge Browsers 0-Day Vulnerability Threat Alert
April 4, 2019
Overview
Recently, a foreign researcher announced a 0-day vulnerability with Microsoft Edge and Internet Explorer (IE). Enticing a user to click a malicious link, an attacker could exploit this vulnerability to bypass the same-origin policy of the two kinds of browsers to launch a universal cross-site scripting (UXSS) attack to steal the user’s sensitive information. (more…)
