Telecom Exchange NYC 2019
January 27, 2019
Telecom Exchange NYC 2019 May 14-15, 2019 The W Hoboken Hotel
RSA Conference 2019
January 26, 2019
RSA Conference 2019 March 4-8, 2019 Moscone Center, San Francisco, CA
Drupal Remote Code Execution Vulnerability Analysis
May 31, 2018
Overview Drupal released a security advisory on 28 March 2018 to disclose a remote execution code (RCE) vulnerability in the Drupal core, sa-core-2018-002 (CVE-2018-7600). Soon, two more security advisories were also published within a month, including a Cross-Site Scripting (XSS) vulnerability and a critical code execution vulnerability — sa-core-2018-004 (CVE-2018-7602). In the following two months, […]
2017 DDoS and Web Application Attack Landscape
April 25, 2018
1 Introduction New Internet-based technologies and models, such as cloud computing, big data, Internet of Things (IoT), and mobile computing, are profoundly influencing transformations in the cyberspace. In this context, cyber threats keep evolving and upgrading. Distributed denial-of-service (DDoS) attacks and web application attacks are the main security threats facing the Internet at present. While […]
2017 Fintech Security Analysis Report
April 16, 2018
Ping An Financial Security Research Institute:As the industry’s first comprehensive organization engaging in financial security research and innovation founded by Ping An Technology, a wholly funded subsidiary of Ping An Group, it provides robust technical support for financial security of Ping An Group, the related sector, and the country and makes technical contributions to information […]
Iran’s 3,500 Switches Attacked – Cisco IOS/IOS XE Remote Code Execution Vulnerability CVE-2018-0171 Exploitation
April 12, 2018
News from The Iran Project, the Iranian cyber police confirmed Friday night that the country’s data center was attacked. The attack involved Iran 3500 switches, but the official in the country emphasized that the attack didn’t lead to sensitive data leakage. From description, the suspected attacker exploited the Cisco IOS / IOS XE remote code execution vulnerability-2018-0171 […]
Cisco IOS/IOS XE Software Remote Code Execution Vulnerability (CVE-2018-0171)
March 30, 2018
Recently a serious vulnerability (CVE-2018-0171) was disclosed in Cisco IOS and IOS XE software. An attacker could reload an affected device without authorization, resulting in a denial of service condition or remote code execution. This vulnerability originated from improper validation of packet data. An attack could exploit this vulnerability by sending elaborately-crafted Smart Install message […]