This chapter describes the characteristics, usage scenarios, and architecture of enterprise blockchains, and illustrates three major enterprise blockchain systems in three separate sections. (more…)
Blog
Microsoft’s Security Patches for January 2021 Fix 83 Security Vulnerabilities
Overview Microsoft released January 2021 security updates on Tuesday which fix 83 vulnerabilities ranging from simple spoofing attacks to remote code execution in various products, including .NET Repository, ASP.NET core & .NET core, Azure Active Directory Pod Identity, Microsoft Bluetooth Driver, Microsoft DTV-DVD Video Decoder, Microsoft Edge (HTML-based), Microsoft Graphics...
Oracle January 2021 Critical Patch Update for All Product Families
Overview On January 20, 2021, NSFOCUS detected that Oracle released the January 2021 Critical Patch Update (CPU), which fixed 329 vulnerabilities of varying risk levels. This CPU involves multiple commonly used products, such as Oracle WebLogic Server, Oracle Database Server, Oracle Java SE, Oracle Fusion Middleware, Oracle MySQL, Oracle Enterprise...
Non-negligible ICS Security Risks — Device Simulator Security
Background To facilitate debugging and analysis by developers, a lot of master computer configuration software often comes with a simulator that simulates a real programmable logic controller (PLC) or human-machine interface (HMI) device. Such simulators exchange data with master computer configuration software through TCP/IP and therefore some will listen on...
WebLogic Multiple Remote Code Execution Vulnerabilities Threat Alert
Vulnerability Description On January 20, 2021, NSFOCUS detected that Oracle released the January 2021 Critical Patch Update (CPU), which fixed 329 vulnerabilities of varying risk levels. Seven of these vulnerabilities are severe and assigned CVE-2021-1994, CVE-2021-2047, CVE-2021-2064, CVE-2021-2108, CVE-2021-2075, CVE-2019-17195, and CVE-2020-14756. Unauthenticated attackers could exploit these vulnerabilities to execute...
Annual IoT Security Report 2019-17
Malicious Behaviors Targeting UPnP Vulnerabilities We captured four kinds of UPnP exploits 1, as shown in Table 4-7. Apparently, all the exploits targeted remote command execution vulnerabilities. Besides, we found that when a vulnerability is found on a specific port, attackers usually directly hit this port by skipping the UPnP...
