Daily Communication——Release of Code on GitHub
March 21, 2019
Case Analysis
Before compromising a website or system, a hacker usually searches for related information beforehand. Code repositories are a major target. A security-unaware developer may upload code to a public platform, providing an opportunity for hackers to obtain API accounts or security holes by analyzing the uploaded code. (more…)
Microsoft’s Security Bulletin for March Patches That Fix 68 Security Vulnerabilities Threat Alert
March 20, 2019
Overview
Microsoft released the March 2019 security patch on Tuesday that fixes 68 vulnerabilities ranging from simple spoofing attacks to remote code execution in various products, including Active Directory, Adobe Flash Player, Azure, Internet Explorer, Microsoft Browsers, Microsoft Edge, Microsoft Graphics Component, Microsoft JET Database Engine, Microsoft Office, Microsoft Office SharePoint, Microsoft Scripting Engine, Microsoft Windows, Microsoft XML, NuGet, Servicing Stack Updates, Skype for Business, Team Foundation Server, Visual Studio, Windows DHCP Client, Windows Hyper-V, Windows Kernel, Windows Kernel-Mode Drivers, Windows Print Spooler Components, Windows SMB Server, and Windows Subsystem for Linux. (more…)
Technical Report on Container Security (V)-2
March 20, 2019
Security Tools – NeuVector
About NeuVector
NeuVector[I] is the first company to take up development of Docker/Kubernetes security products. With a commitment to assuring the security of enterprise-wide container platforms, the company provides products that are suitable for deployment across multi-cloud and on-premises production environments. (more…)
Resource-based Constrained Delegation Allows Obtaining of System Privileges of Any Domain Hosts Threat Alert
March 19, 2019
1 Vulnerability Overview Recently, the NSFOCUS M01N team released the Analysis of Privilege Escalation Attacks by Exploiting Resource-based Constrained Delegation, in which they describe the principle of attacks launched by exploiting the resource-based constrained delegation, so as to escalate privileges of domain hosts. For details, click the following link: http://blog.nsfocus.net/analysis-attacks-entitlement-resource-constrained-delegation/ Several days ago, a security […]
Windows Domain Machines Local Privilege Escalation Attack Threat Alert
March 18, 2019
Overview
A security researcher from Shenanigans Labs disclosed a method of attacking the Active Directory by abusing resource-based constrained delegation. This would impose a serious threat to domain environments as an attacker could make a common domain user access services on local computers as a domain administrator, thus escalating local privileges. For details, see reference link [1]. (more…)
IP Reputation Report-03152019
March 15, 2019
-
Top 10 countries in attack counts:
- The above diagram shows the top 10 regions with the most malicious IP addresses from the NSFOCUS IP Reputation databases at March 15, 2019.
Daily Communication——Business Chat Groups
March 15, 2019
Case Analysis
Chat groups convenience communication, but contain great risks, which include ill-disposed persons impersonating the company’s employees, information disclosure as a result of chat group hacking, and resigned employees lurking in the group for malicious purposes. (more…)
Chrome and Windows 7 32-Bit Vulnerabilities Threat Alert
March 14, 2019
Overview
On March 7 (local time), Google released a security advisory to announce the existence of a Microsoft Windows vulnerability. According to Google, this local privilege escalation vulnerability could be exploited together with the vulnerability (CVE-2019-5786) in Google Chrome announced last week, to take control of the machine of the victim. (more…)
Technical Report on Container Security (V)-1
March 13, 2019
Security Tools—Open-Source Security Tool Kubernetes
In addition to commercial software, open-source software projects can also provide some security functions. This document describes several open-source projects that are usually used for protection of non-critical business. (more…)
Resource-based Constrained Delegation Allows Obtaining of System Privileges of Any Domain Hosts Threat Alert
March 12, 2019
1 Vulnerability Overview
Recently, the NSFOCUS M01N team released the Analysis of Privilege Escalation Attacks by Exploiting Resource-based Constrained Delegation, in which they describe the principle of attacks launched by exploiting the resource-based constrained delegation, so as to escalate privileges of domain hosts. For details, click the following link: (more…)
