Blog

Linux apt/apt-get Remote Code Execution (RCE) Vulnerability (CVE-2019-3462) Threat Alert

January 28, 2019 | Mina Hao

Overview On January 22, 2019, local time, security researcher Max Justicz announced his discovery of a remote code execution (RCE) vulnerability in Linux apt/apt-get. This vulnerability stems from the APT’s failure to properly handle certain parameters involved in HTTP redirects. It can be triggered via a man-in-the-middle attack or a malicious package mirror, resulting in […]

Genius? Lunatic? Maybe Both (II)

January 28, 2019 | Mina Hao

The ubiquity of the Internet is attracting more and more youths to the computer industry, especially the hacker community that holds a supreme position in the realm of cyber security. Every person eager to be part of the IT industry seems to be able to get something from it, ranging from appearing cool to making […]

IP Reputation Report-01252019

January 25, 2019 | Mina Hao

Top 10 countries in attack counts: The above diagram shows the top 10 regions with the most malicious IP addresses from the NSFOCUS IP Reputation databases at January 25, 2019. CN increased 1% from 43% to 44% and US stayed at 12% from last week.

Mobile Office — Two-Step Verification

January 25, 2019 | Mina Hao

Case Analysis It is a common practice to protect an account with a password. However, the account will be compromised if the password is disclosed. Now many mobile phones or apps support two-step verification. When detecting a login to your account from another phone, the mechanism requires the other form of authentication, for example, a […]

Technical Report on Container Security (IV)-4

January 24, 2019 | Mina Hao

Container Security Protection – Image Security Image Security Images are the basis of containers. Therefore, their security speaks a lot for that of the entire container ecosystem. Container images are a series of images stacked layer by layer. They are distributed and updated through image repositories. The following sections describe how to secure images from […]

2019 Predictions: Email Attachments, IoT, and Cryptominers to be Security Pain Points

January 23, 2019 | Devika Jain

  Data breaches in 2018 compromised personal information of millions of people around the world, most notably from large corporations such as Facebook, Marriott, T-Mobile and Quora. Seemingly every week there is a new breach reported, and consumers have taken notice. In the past year, the average number of overall daily searches for keywords such […]

Oracle January 2019 Critical Patch Update Security Advisory for All Product Families

January 22, 2019 | Mina Hao

Overview On January 15, 2019, local time, Oracle released its own security advisory and third-party security advisories for its January 2019 Critical Patch Update (CPU) which fix 284 vulnerabilities of varying severity levels across the product families. For details about affected products and available patches, see the appendix.

ThinkPHP 5.0-5.0.23, 5.1.0-5.1.31, and 5.2.* Remote Code Execution Vulnerability Handling Guide

January 21, 2019 | Mina Hao

1 Vulnerability Overview Recently, ThinkPHP 5.0-5.0.23 was found to have a remote code execution (RCE) vulnerability. The NSFOCUS Falcon Team carried out tests and found that ThinkPHP 5.0-5.0.23, 5.1.0-5.1.31, and 5.2.* were also prone to this vulnerability, which could be triggered in both Linux and Windows systems.

IP Reputation Report-01182019

January 18, 2019 | Mina Hao

Top 10 countries in attack counts: The above diagram shows the top 10 regions with the most malicious IP addresses from the NSFOCUS IP Reputation databases at January 18, 2019. CN dropped from 51% to 43% and US increased from 9% to 12% from last week. Top 10 countries in attack percentage: From the diagram […]

Mobile Office——SMS phishing

January 18, 2019 | Mina Hao

Case Analysis This story starts from an SMS message and ends with financial loss, sounding just like an ordinary telecom fraud. But it is distinctive in that a malicious link and a web page that contains a trojan are leveraged, indicating that the attacker is quite tech-savvy. After the mobile phone is infected with the […]