Blog

Code Execution Vulnerability in Red Hat DHCP Client Script
May 16, 2018 | Adeline Zhang

  Red Hat released a security advisory on May 15 for fixing a critical vulnerability (CVE-2018-1111)in the DHCP Client. An attacker on local network could use a malicious DHCP server or a spoofed DHCP response to execute arbitrary command with root privileges on systems using NetworkManager which is configured to obtain network configuration using the […]

read more

Adobe Fixed Nearly 50 Vulnerabilities in Acrobat and Reader
May 16, 2018 | Adeline Zhang

Adobe released updates on Monday for 47 vulnerabilities in its Acrobat and reader, including critical ones that allow information leakage and arbitrary code execution. Category Impact Severity CVE# Double Free Arbitrary Code Execution Critical CVE-2018-4990 Heap Overflow Arbitrary Code Execution Critical CVE-2018-4947, CVE-2018-4948, CVE-2018-4966, CVE-2018-4968, CVE-2018-4978, CVE-2018-4982, CVE-2018-4984 Use-after-free Arbitrary Code Execution Critical CVE-2018-4946, CVE-2018-4952, CVE-2018-4954, CVE-2018-4958, CVE-2018-4959, […]

read more

Multiple Vulnerabilities Found in Spring
May 10, 2018 | Adeline Zhang

Spring released security advisories on May 9 local time for fixing its multiple vulnerabilities, including a critical remote code execution vulnerability. Reference link: https://pivotal.io/security  Vulnerability Description CVE-2018-1257 (High) Parts of Spring Framework versions allow application programs to use Spring message module to make public STOMP on WebSocket endpoint through simple memory STOMP broker. An attacker could […]

read more

Drupal Remote Code Execution Vulnerability
April 30, 2018 | Adeline Zhang

  Drupal released a security advisory on April 25 local time, saying a critical vulnerability (CVE-2018-7602) affected Drupal 7.x and 8.x. Attackers could exploit this vulnerability in many ways for remote code execution. Drupal says it correlates with the previous vulnerability CVE-2018-7600 and has been found exploited by attackers. NSFOCUS Threat Intelligence (NTI) Center shows […]

read more

2017 DDoS and Web Application Attack Landscape
April 25, 2018 | NSFOCUS

1 Introduction New Internet-based technologies and models, such as cloud computing, big data, Internet of Things (IoT), and mobile computing, are profoundly influencing transformations in the cyberspace. In this context, cyber threats keep evolving and upgrading. Distributed denial-of-service (DDoS) attacks and web application attacks are the main security threats facing the Internet at present. While […]

read more

Oracle WebLogic Server RCE Deserialization Vulnerability Analysis
April 20, 2018 | Adeline Zhang

On April 17th local time, Oracle released the critical patch update (CPU) advisory, which contains a fix for the high-risk WebLogic server deserialization vulnerability (CVE-2018-2628), via which attackers can remotely execute arbitrary code in an unauthorized manner. Reference link: http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html Affected Versions WebLogic 10.3.6.0 WebLogic 12.1.3.0 WebLogic 12.2.1.2 WebLogic 12.2.1.3 According to data on the […]

read more

Oracle WebLogic Server RCE Deserialization Vulnerability
April 18, 2018 | Adeline Zhang

On 17 April, the local time in California, Oracle released its Critical Patch Update(CPU) Advisory in which a critical WebLogic deserialization vulnerability (CVE-2018-2628) allowing remote code execution without authorization was disclosed. This vulnerability was first discovered by an NSFOCUS researcher, who reported it to Oracle immediately. More information about this vulnerability together with NSFOCUS’s technical […]

read more

 2017 Fintech Security Analysis Report
April 16, 2018 | NSFOCUS

Ping An Financial Security Research Institute:As the industry’s first comprehensive organization engaging in financial security research and innovation founded by Ping An Technology, a wholly funded subsidiary of Ping An Group, it provides robust technical support for financial security of Ping An Group, the related sector, and the country and makes technical contributions to information […]

read more

Iran’s 3,500 Switches Attacked – Cisco IOS/IOS XE Remote Code Execution Vulnerability CVE-2018-0171 Exploitation
April 12, 2018 | NSFOCUS

News from The Iran Project, the Iranian cyber police confirmed Friday night that the country’s data center was attacked. The attack involved Iran 3500 switches, but the official in the country emphasized that the attack didn’t lead to sensitive data leakage. From description, the suspected attacker exploited the Cisco IOS / IOS XE remote code execution vulnerability-2018-0171 […]

read more

Cisco IOS/IOS XE Software Remote Code Execution Vulnerability (CVE-2018-0171)
March 30, 2018 | NSFOCUS

Recently a serious vulnerability (CVE-2018-0171) was disclosed in Cisco IOS and IOS XE software. An attacker could reload an affected device without authorization, resulting in a denial of service condition or remote code execution. This vulnerability originated from improper validation of packet data. An attack could exploit this vulnerability by sending elaborately-crafted Smart Install message […]

read more

Subscribe to the NSFOCUS Blog

Categories

Keywords

About NSFOCUS Advanced Persistent Threats amplification anti-DDoS protection application-layer APT bandwidth bandwidth consumption Bitcoin Container Security Customer loss CVE-2018-15454 Damage to brand data loss DDoS DDoS attack DDoS attacks DDoS defense DDoS protection DNS DNS amplification Handling Guide HTML5 malware Microsoft Security network-layer NSFOCUS Phishing Report security Security Risks and Challenges Security Tips smokescreens start SYN-Flood attacks Technical Report on Container Security Theft of vital data ThinkPHP Vulnerability Threat Alert vital data Vulnerability Vulnerability Protection Web WebLogic Remote Code Execution Vulnerability XSS