IP Reputation Report-04052019

April 10, 2019 | Mina Hao

Top 10 countries in attack counts: The above diagram shows the top 10 regions with the most malicious IP addresses from the NSFOCUS IP Reputation databases at April 05, 2019.

Apache HTTP Server Privilege Escalation Vulnerability (CVE-2019-0211) Threat Alert

April 8, 2019 | Mina Hao

Overview Recently, Apache Software Foundation released a security advisory, announcing remediation of a privilege escalation vulnerability (CVE-2019-0211) in the Apache HTTP Server. Apache HTTP Server running MPM event, worker or prefork could allow an attacker to gain elevated privileges on the system by executing code in less-privileged child processes or threads (including scripts executed by […]

2018 DDoS Attack Landscape-1

April 5, 2019 | Mina Hao

NSFOCUS Security Lab research has seen a dramatic decrease in DDoS attacks between 2017 and 2018.  We are in consensus with other TI vendors  as to most of the driving factors behind this large scale reduction, except one. This webinar 1 will show why NSFOCUS is breaking from the pack on one of the key […]

Internet Explorer and Edge Browsers 0-Day Vulnerability Threat Alert

April 4, 2019 | Mina Hao

Overview Recently, a foreign researcher announced a 0-day vulnerability with Microsoft Edge and Internet Explorer (IE). Enticing a user to click a malicious link, an attacker could exploit this vulnerability to bypass the same-origin policy of the two kinds of browsers to launch a universal cross-site scripting (UXSS) attack to steal the user’s sensitive information.

IP Reputation Report-03292019

April 2, 2019 | Mina Hao

Top 10 countries in attack counts:

UC Browser Potential Man-in-the-Middle Vulnerability Threat Alert

April 2, 2019 | Mina Hao

Overview Recently, a foreign researcher discovered a potential vulnerability in the UC browser which may affect hundreds of millions of users around the world. A hidden feature is found in the UC browser to download auxiliary software modules for execution by bypassing some restrictions of an application store. This feature is used to add new […]

PostgreSQL Arbitrary Code Execution Vulnerability (CVE-2019-9193) Threat Alert

April 1, 2019 | Mina Hao

1 Vulnerability Overview Recently, a security researcher disclosed details about a PostgreSQL privilege escalation code execution vulnerability (CVE-2019-9193), which allows attackers with read access to database server-side files to execute arbitrary system commands.

Daily Communication——Use of Shared Folders

March 29, 2019 | Mina Hao

Case Analysis Public shared folders usually house various documents from different departments, many of which contain sensitive data. Sensitive files reside in such folders mainly because people forget to delete them after copying them, thus exposing sensitive data to intranet hackers and rogue insiders.

Apache Tomcat DoS Vulnerability (CVE-2019-0199) Threat Alert

March 28, 2019 | Mina Hao

1 Vulnerability Overview Recently, The Apache Software Foundation announced the existence of a denial-of-service (DoS) vulnerability in Apache Tomcat HTTP/2. Specifically, the HTTP/2 implementation accepts streams with excessive numbers of SETTINGS frames and also permits clients to keep streams open without reading/writing request/response data. Thus, too many connection requests from clients can cause server-side thread […]

Technical Report on Container Security (V)-3

March 27, 2019 | Mina Hao

Security Tools – StackRox About StackRox StackRox features a distributed architecture that collects and analyzes data throughout the application lifecycle to detect and block malicious actors, and finally meet the requirement for protecting containerized cloud-native applications. StackRox delivers continuous detection through its unique combination of distributed sensors and centralized analysis and machine learning to provide […]