UPnP is short for Universal Plug and Play. UPnP is an architecture that defines peer-to-peer connectivity of PCs and intelligent devices (or instruments). Built upon Internet standards and technologies (suchas TCP/IP, HTTP, and XML), UPnP allows such devices to connect to and collaborate with each other automatically, thus making it...
Blog
WebSphere Application Server High-Risk Remote Code Execution Vulnerability (CVE-2020-4450) Threat Alert
Overview On June 5, Beijing time, IBM released a security bulletin to announce the fix of a high-risk remote code execution vulnerability (CVE-2020-4450) in WebSphere Application Server (WAS). This vulnerability was caused by deserialization of the Internet Inter-ORB Protocol (IIOP). It is assigned the CVSS base score of 9.8 and...
Botnet Trend Report 2019-7
In 2019, ransomware was still a major type of threats that haunted people around the world. As an infamous botnet family, GandCrab generated more than USD 2 billion in ransom payments, simulating the rapid increase of other ransomware. (more…)
2019 Cybersecurity Insights -17
Threats Against WS-Discovery WSD is a multicast discovery protocol to locate services on a local area network (LAN). However, due to device vendors' design flaw in the implementation, when a normal IP address sends a service discovery packet, devices will also respond to the request. If exposed on the Internet,...
2019 Cybersecurity Insights -16
In this section, we analyzed threats against three major protocols. Threats Against Telnet According to data from NSFOCUS's threat hunting system, Telnet (available on port 23), targeted by a total of 120,000 attack sources, was the IoT protocol most favored by attackers1 . Figure 7-3 shows the activity trend of...
