Blog

ICS Information Security Assurance Framework 20

March 10, 2020 | Mina Hao

Petroleum and Petrochemical Industry Overview System introduction Oil field exploitation is field work featuring strong fluidity, large quantities of scattered points, and a long distance. In the process of oil field exploitation, out of management requirements, the oil and gas management center connects to the gathering and transportation control center, gas processing plant control center, […]

Jackson-databind Remote Code Execution Vulnerability (CVE-2020-8840) Threat Alert

March 9, 2020 | Mina Hao

  Vulnerability Description On February 19, National Vulnerability Database (NVD) disclosed a remote code execution vulnerability (CVE-2020-8840) that resulted from JNDI injection in jackson-databind and assigned a CVSS score of 9.8. Affected versions of jackson-databind lack certain xbean-reflect/JNDI blocking, as demonstrated by org.apache.xbean.propertyeditor.JndiConverter. An attacker could exploit this vulnerability to cause remote code execution via […]

ICS Information Security Assurance Framework 19

March 6, 2020 | Mina Hao

Government Affairs SCADA System Architecture Used in Water Affairs The SCADA system used in water affairs mainly consists of the operator workstation, engineering workstation, SCADA system of the water intake pump room, SCADA system of the drug dosing room, SCADA system of the backwashing system, SCADA system of the water supply pump room, and SCADA […]

IP Reputation Report-03012020

March 5, 2020 | Mina Hao

Top 10 countries in attack counts: The above diagram shows the top 10 regions with the most malicious IP addresses from the NSFOCUS IP Reputation databases at March 1, 2020.

ICS Information Security Assurance Framework 18

March 4, 2020 | Mina Hao

Manufacturing Sector Network Architecture of a Cigarette Factory The network architecture of a cigarette factory consists of the production network and management network, as shown in Figure.

Microsoft SQL Server Remote Code Execution Vulnerability (CVE-2020-0618) Threat Alert

March 3, 2020 | Mina Hao

Vulnerability Description On February 12, Microsoft released a security update to announce the fix of the remote code execution vulnerability (CVE-2020-0618) in Microsoft SQL Server Reporting Services. SQL Server, developed by Microsoft, is a relational database management system (RDBMS) that is widely used in the world.

Apache Tomcat File Inclusion Vulnerability (CVE-2020-1938) Threat Alert

March 2, 2020 | Mina Hao

Vulnerability Description On February 20, China National Vulnerability Database (CNVD) released an Apache Tomcat file inclusion vulnerability (CNVD-2020-10487/CVE-2020-1938). This vulnerability is due to a flaw in the Tomcat Apache JServ Protocol (AJP). An attacker could exploit this vulnerability to read arbitrary files from a web application directory on the server. If the target server also […]

Django SQL Injection (CVE-2020-7471) Threat Alert

February 28, 2020 | Mina Hao

Vulnerability Description On February 3, Django Software Foundation (DSF) released a security bulletin, announcing the fix of a SQL injection vulnerability (CVE-2020-7471) that is exploited via a StringAgg delimiter. An attacker could break escaping and inject malicious SQL statements by passing a crafted delimiter to the aggregation function contrib.postgres.aggregates.StringAgg.

IP Reputation Report-02232020

February 27, 2020 | Mina Hao

Top 10 countries in attack counts: The above diagram shows the top 10 regions with the most malicious IP addresses from the NSFOCUS IP Reputation databases at February 23, 2020.

Microsoft Multiple Products Critical Vulnerabilities Threat Alert

February 26, 2020 | Mina Hao

Vulnerability Description On February 12, 2020, Microsoft released February security update that fixed 100 security issues, including critical vulnerabilities like privilege escalation and remote code execution, found in Internet Explorer, Microsoft Edge, Microsoft Exchange Server, Microsoft Office, and other widely used applications.