2017 DDoS and Web Application Attack Landscape

April 25, 2018 | NSFOCUS

1 Introduction New Internet-based technologies and models, such as cloud computing, big data, Internet of Things (IoT), and mobile computing, are profoundly influencing transformations in the cyberspace. In this context, cyber threats keep evolving and upgrading. Distributed denial-of-service (DDoS) attacks and web application attacks are the main security threats facing the Internet at present. While […]

Oracle WebLogic Server RCE Deserialization Vulnerability Analysis

April 20, 2018 | Adeline Zhang

On April 17th local time, Oracle released the critical patch update (CPU) advisory, which contains a fix for the high-risk WebLogic server deserialization vulnerability (CVE-2018-2628), via which attackers can remotely execute arbitrary code in an unauthorized manner. Reference link: http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html Affected Versions WebLogic 10.3.6.0 WebLogic 12.1.3.0 WebLogic 12.2.1.2 WebLogic 12.2.1.3 According to data on the […]

Oracle WebLogic Server RCE Deserialization Vulnerability

April 18, 2018 | Adeline Zhang

On 17 April, the local time in California, Oracle released its Critical Patch Update(CPU) Advisory in which a critical WebLogic deserialization vulnerability (CVE-2018-2628) allowing remote code execution without authorization was disclosed. This vulnerability was first discovered by an NSFOCUS researcher, who reported it to Oracle immediately. More information about this vulnerability together with NSFOCUS’s technical […]

 2017 Fintech Security Analysis Report

April 16, 2018 | NSFOCUS

Ping An Financial Security Research Institute:As the industry’s first comprehensive organization engaging in financial security research and innovation founded by Ping An Technology, a wholly funded subsidiary of Ping An Group, it provides robust technical support for financial security of Ping An Group, the related sector, and the country and makes technical contributions to information […]

Iran’s 3,500 Switches Attacked – Cisco IOS/IOS XE Remote Code Execution Vulnerability CVE-2018-0171 Exploitation

April 12, 2018 | NSFOCUS

News from The Iran Project, the Iranian cyber police confirmed Friday night that the country’s data center was attacked. The attack involved Iran 3500 switches, but the official in the country emphasized that the attack didn’t lead to sensitive data leakage. From description, the suspected attacker exploited the Cisco IOS / IOS XE remote code execution vulnerability-2018-0171 […]

Cisco IOS/IOS XE Software Remote Code Execution Vulnerability (CVE-2018-0171)

March 30, 2018 | NSFOCUS

Recently a serious vulnerability (CVE-2018-0171) was disclosed in Cisco IOS and IOS XE software. An attacker could reload an affected device without authorization, resulting in a denial of service condition or remote code execution. This vulnerability originated from improper validation of packet data. An attack could exploit this vulnerability by sending elaborately-crafted Smart Install message […]

Drupal Code Execution Vulnerability Analysis

March 30, 2018 | Adeline Zhang

Recently, Drupal, a popular open-source content management framework, is found to contain a highly critical remote code execution vulnerability, which allows attackers to execute malicious code on a Drupal site, resulting in the site being completely compromised. This vulnerability is assigned CVE-2018-7600. The root cause of this vulnerability is related with Drupal’s rendering of forms: […]

ThreatQ Leverages NSFOCUS to Categorize Threats and Pinpoint Valuable Connections

March 22, 2018 | Adeline Zhang

It is no surprise that everyone, including organizations, are vulnerable to a large amount of threats on a daily basis. In Q3 of 2016 alone, Panda Labs captured 18 million new malware samples; that is not including samples detected by other companies. Furthermore, in a study done by Friedrich-Alexander University (FAU), 78% of participants stated […]

Local Privilege Escalation Vulnerability in Latest Ubuntu Server

March 19, 2018 | Adeline Zhang

  The latest Ubuntu Server has exposed a local privilege escalation vulnerability (CVE-2017-16995). This vulnerability has been fixed in earlier versions but has resurfaced in the latest version. Attackers can directly gain root privileges through this vulnerability. Currently Ubuntu has not released the patch yet. Affected version: Currently we know:  Ubuntu 16.04.4 (the latest version) […]

Search

Subscribe to the NSFOCUS Blog