Adobe Security Bulletins for January 2021 Security Updates
January 28, 2021
Overview
On January 12, 2021, local time, Adobe officially released January’s security updates to fix multiple vulnerabilities in its various products, including Adobe Bridge, Adobe Captivate, Adobe InCopy, Adobe Campaign, Classic,Adobe Animate, Adobe Illustrator, and Adobe Photoshop.
For details about the security bulletins and advisories, visit the following link:
Enterprise Blockchain Security 2020-3
January 27, 2021
Current mainstream consortium blockchain platforms include Hyperledger, Quorum, and R3 Corda, which are described in detail in the following sections.
(more…)Considerations for Making ICS Networks Comply with CMMC
January 26, 2021
1. Background
In early 2020, the US Department of Defense (DOD) released the Cybersecurity Maturity Model Classification (CMMC).
On average, the USA loses USD 600 billion a year to adversaries in the cyberspace. Currently, the DOD has about 300,000 contractors, covering a variety of fields from hypersonic weapons to leather factories. Of all these contractors, about 290,000 virtually have no cybersecurity measures. In the past few years, the US Government has stepped up efforts in regulating the defense supply chain, with cybersecurity as the top concern.
(more…)Attributed Graph-based Anomaly Detection and Its Application in Cybersecurity
January 26, 2021
1. Background
On cyberspace battlefields, adversaries often lurk in the darkness, but will jump at the throat of victims whenever spotting a chance. Today, extensive collection of huge amounts of data from various dimensions is nothing new. This can be very useful for security defenses, but at the same time brings unprecedented challenges to security operations teams. Every day, security operations personnel are up to their necks in massive alerts, busying themselves analyzing alerts, correlating alerts with incidents, and attributing attacks based on their experience and expertise. To address these problems in security operations, it is urgent to find a method to profile attackers from multiple dimensions and assess their potentials before providing assessment results to security operations personnel, who will then identify most dangerous attackers. Attributed graph modeling is an effective method that allows modeling of attackers from aspects of attributes, structures, and temporal features.
(more…)Enterprise Blockchain Security 2020-2
January 26, 2021
This chapter describes the characteristics, usage scenarios, and architecture of enterprise blockchains, and illustrates three major enterprise blockchain systems in three separate sections.
(more…)Microsoft’s Security Patches for January 2021 Fix 83 Security Vulnerabilities
January 25, 2021
Overview
Microsoft released January 2021 security updates on Tuesday which fix 83 vulnerabilities ranging from simple spoofing attacks to remote code execution in various products, including .NET Repository, ASP.NET core & .NET core, Azure Active Directory Pod Identity, Microsoft Bluetooth Driver, Microsoft DTV-DVD Video Decoder, Microsoft Edge (HTML-based), Microsoft Graphics Component, Microsoft Malware Protection Engine, Microsoft Office, Microsoft Office SharePoint, Microsoft RPC, Microsoft Windows, Microsoft Windows Codecs Library, Microsoft Windows DNS, SQL Server, Visual Studio, Windows AppX Deployment Extensions, Windows CryptoAPI, Windows CSC Service, Windows Diagnostic Hub, Windows DP API, Windows Event Logging Service, Windows Event Tracing, Windows Hyper-V, Windows Installer, Windows Kernel, Windows Media, Windows NTLM, Windows Print Spooler Components, Windows Projected File System Filter Driver, Windows Remote Desktop, Windows Remote Procedure Call Runtime, Windows splwow64, Windows TPM Device Driver, Windows Update Stack, and Windows WalletService.
(more…)Oracle January 2021 Critical Patch Update for All Product Families
January 24, 2021
Overview
On January 20, 2021, NSFOCUS detected that Oracle released the January 2021 Critical Patch Update (CPU), which fixed 329 vulnerabilities of varying risk levels. This CPU involves multiple commonly used products, such as Oracle WebLogic Server, Oracle Database Server, Oracle Java SE, Oracle Fusion Middleware, Oracle MySQL, Oracle Enterprise Manager, and Oracle Systems. Oracle strongly recommends users fix these vulnerabilities by applying Critical Patch Update patches as soon as possible.
(more…)Non-negligible ICS Security Risks — Device Simulator Security
January 23, 2021
Background
To facilitate debugging and analysis by developers, a lot of master computer configuration software often comes with a simulator that simulates a real programmable logic controller (PLC) or human-machine interface (HMI) device. Such simulators exchange data with master computer configuration software through TCP/IP and therefore some will listen on a designated port which is sometimes even bound to the IP address 0.0.0.0 and open to other remote users.
As simulators may share the code base with real devices, vulnerabilities in simulators will affect real devices and vice versa, especially vulnerabilities in private protocols such as remote code execution vulnerabilities caused by buffer overflows. If simulators provide a publically available service that contains a high-risk vulnerability, attackers could exploit it to compromise developers’ hosts for further penetration.
(more…)WebLogic Multiple Remote Code Execution Vulnerabilities Threat Alert
January 22, 2021
Vulnerability Description
On January 20, 2021, NSFOCUS detected that Oracle released the January 2021 Critical Patch Update (CPU), which fixed 329 vulnerabilities of varying risk levels. Seven of these vulnerabilities are severe and assigned CVE-2021-1994, CVE-2021-2047, CVE-2021-2064, CVE-2021-2108, CVE-2021-2075, CVE-2019-17195, and CVE-2020-14756. Unauthenticated attackers could exploit these vulnerabilities to execute code remotely. These vulnerabilities are assigned a CVSS Base Score of 9.8 and are easy to exploit. Users are advised to take measures without delay to protect against the preceding vulnerabilities.
(more…)Annual IoT Security Report 2019-17
January 22, 2021
Malicious Behaviors Targeting UPnP Vulnerabilities
We captured four kinds of UPnP exploits 1, as shown in Table 4-7. Apparently, all the exploits targeted remote command execution vulnerabilities. Besides, we found that when a vulnerability is found on a specific port, attackers usually directly hit this port by skipping the UPnP discovery phase.
