Siemens Multiple Products Vulnerabilities Threat Alert

April 25, 2019 | Mina Hao

Overview On April 9, local time, Siemens officially released a security advisory, announcing the fix of vulnerabilities of different risk levels in a spectrum of products such as SIMATIC WinCC Open Architecture (SIMATIC WinCC OA), Spectrum Power, and RUGGEDCOM RXO II. Of all these vulnerabilities, two have a CVSS v3.0 base score of 10.

IP Reputation Report-04192019

April 24, 2019 | Mina Hao

Top 10 countries in attack counts: The above diagram shows the top 10 regions with the most malicious IP addresses from the NSFOCUS IP Reputation databases at April 19, 2019.   Top 10 countries in attack percentage: The country Suriname (SR) has been in the first place for three weeks. The Laos is still in […]

2018 DDoS Attack Landscape-4

April 23, 2019 | Mina Hao

3.2  DDoS Attack Type Analysis 3.2.1  Proportions of Different Attack Types  In 2018, the most frequently seen attacks were SYN flood, UDP flood, ACK flood, HTTP flood, and HTTPS flood attacks6, which altogether accounted for 96% of all DDoS attacks. In contrast, reflection attacks contributed to no more than 3% of attacks. Compared with 2017, […]

Confluence SSRF and Remote Code Execution Vulnerability Handling Guide

April 22, 2019 | Mina Hao

1 Vulnerability Overview Recently, Atlassian officially released a security bulletin, announcing a server-side request forgery (SSRF) vulnerability and a remote code execution vulnerability (CVE-2019-3396). The two vulnerabilities respectively reside in WebDAV and Widget Connector and could be exploited by an attacker for remote code execution and server-side request forgery.

Apache Axis Remote Code Execution Vulnerability (CVE-2019-0227) Threat Alert

April 19, 2019 | Mina Hao

Overview The default service StockQuoteService.jws in Axis contains a hard-coded HTTP URL, which can be used to trigger an HTTP request. An attacker can conduct a man-in-the-middle (MITM) attack by taking control of a domain ( or performing ARP poisoning against the targeted Axis server, and then redirect the HTTP request to a malicious web […]

Microsoft’s April 2019 Patches Fix 76 Vulnerabilities Threat Alert

April 18, 2019 | Mina Hao

Overview Microsoft released April 2019 security patches on Tuesday that fix 76 vulnerabilities ranging from simple spoofing attacks to remote code execution in various products, including .NET Core, Adobe Flash Player, CSRSS, Microsoft Browsers, Microsoft Edge, Microsoft Exchange Server, Microsoft Graphics Component, Microsoft JET Database Engine, Microsoft Office, Microsoft Office SharePoint, Microsoft Scripting Engine, Microsoft […]

IP Reputation Report-04122019

April 17, 2019 | Mina Hao

Top 10 countries in attack counts:

2018 DDoS Attack Landscape-3

April 17, 2019 | Mina Hao

Analysis of DDoS Attacks in 2018 3.1  DDoS Attack Count and Peak Size 3.1.1  Attack Count and Traffic In 2018, we observed 148,000 DDoS attacks (down 28.4% from 2017), which generated a total of 643,100 TB of traffic, about the same level as in 2017. DDoS attacks keep expanding in size year by year as […]

Adobe Security Advisory for April Security Updates

April 15, 2019 | Mina Hao

Overview On April 9, local time, Adobe officially released April security updates which fix multiple vulnerabilities in such products as Adobe Flash Player, Shockwave Player, Dreamweaver, XD CC, InDesign, Experience Manager Forms, and Bridge CC.

Apache HTTP Server Privilege Escalation Vulnerability Threat Alert

April 12, 2019 | Mina Hao

1 Vulnerability Overview Recently, Apache released a security advisory, announcing remediation of a privilege escalation vulnerability (CVE-2019-0211). Apache HTTP Server running MPM event, worker or, prefork could allow a less-privileged child thread or process (including scripts executed by an in-process scripting interpreter) to execute arbitrary code with privileges of the parent process (usually root) by […]