Unit 42, a research team of Palo Alto Networks found a new malware family this month and named it Xbash. This new malware combines ransomware, coinming, botnet, and worm features and targets Linux and Windows mainly. Xbash is developed in Python and was then converted into self-contained Linux ELF executables by abusing the legitimate tool […]

Cisco has released bundles of Cisco IOS and IOS XE software security advisories on September 26, 2018. The release of the Cisco IOS and IOS XE Software Security Advisory Bundled Publication includes 13 vulnerabilities in Cisco IOS Software and Cisco IOS XE Software. One of the advisories describes a vulnerability that also exists in Cisco […]

Recently Rockwell Automation fixed a critical vulnerability (CVE-2018-14829) found in its RSLinx Classic, a software platform that allows Logix 5000 Programmable Automation Controllers to connect to a wide variety of Rockwell Software applications. A remote attacker could make the device being accessed stop responding and crash by sending a malicious CIP packet to Port 44818. […]

SANTA CLARA, Calif., September 20, 2018 – NSFOCUS, a leader in holistic hybrid security solutions, announced today its newest cloud security service, Cloud-in-a-Box (CiaB), designed specifically for local and regional service providers across the globe. CiaB enables service providers to quickly deploy cloud security services with minimal expertise and without the upfront costs typically associated […]

Yesterday, September 19th, Cisco announced an advisory for a critical vulnerability (CVE-2018-0150) that exists with their  IOS XE Software. The vulnerability is due to an undocumented user account with privilege level 15 that has a default username and password. An attacker could exploit this vulnerability by using this account to remotely connect to an affected […]

Help Net Security – NSFOCUS announced the launch of NSFOCUS Exposed Internet Surface Analysis (EISA), a new capability to address the cyber security risk faced by organizations today. EISA identifies malicious activity of rogue IPs, ports and services that might be compromised and hidden within the organization’s network providing insights to prioritize remediation and block […]

Tenable Research released two vulnerabilities in NVRMini2, NUUO’s Network Video Recorder software on September 17th. Risk information is as below: Reference link: https://www.tenable.com/security/research/tra-2018-25 Attack demo: https://www.youtube.com/watch?v=2EuFOZfRL4U Sketch of NVRMini2 structure： Vulnerability Description CVE-2018-1149: Unauthenticated Remote Stack Buffer Overflow The HTTP interface exposes the binary cgi_system through the http://<target>/cgi-bin/cgi_system endpoint. Much of the functionality of cgi_system […]

CSO Australia – A host of security vendors are targeting governance-minded companies with tools for formalising the evaluation and management of cybsersecurity risk across an organisation. Secureworks, for one, has wrapped its Secureworks Security Maturity Model (SSMM) methodology into a self-assessment tool that helps organisations benchmark the maturity of their cybersecurity processes. The methodology – […]

Recently IBM released a remote code execution vulnerability (CVE-2018-1567) in WebSphere application server. It could allow remote attackers to execute arbitrary Java code through the SOAP connector with a serialized object from untrusted sources. CVSS: 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Affected versions: IBM WebSphere 9.0.0.0 – 9.0.0.9 IBM WebSphere 8.5.0.0 – 8.5.5.14 IBM WebSphere 8.0.0.0 – 8.0.0.15 IBM […]

SANTA CLARA, Calif., September 18, 2018 – NSFOCUS, the leader in holistic hybrid security solutions, today announced the launch of NSFOCUS Exposed Internet Surface Analysis (EISA), a new capability to address the ever-expanding cyber security risk faced by organizations today. EISA identifies malicious activity of rogue IPs, ports and services that might be compromised and […]