Finding 1: In 2019, over 30 types of IoT vulnerability exploits were captured, most of which targeted remote command execution vulnerabilities. Though hundreds of to thousands of IoT vulnerabilities are unveiled each year, only a few can exert an extensive impact. Attackers were keen on targeting devices (routers and video...
Blog
Microsoft Windows DNS Server Remote Code Execution Vulnerability SigRed (CVE-2020-1350) Threat Alert
Overview On July 14, 2020 local time, Microsoft addressed a wormable Windows DNS server vulnerability dubbed SigRed (CVE-2020-1350) in its latest monthly patch updates. Once exploited by attackers, the vulnerability could spread between vulnerable computers without user interaction, thereby probably infecting the network of the whole organization. It is reported...
Botnet Trend Report -5
Spear Phishing and Malicious Documents In the past few years, including malicious attachments in emails has become one of the most common methods that APT groups and various cybercriminal groups use to launch spear phishing attacks. Compared with previous years, 2019 saw more spear phishing attacks with a bigger impact,...
FBI Warning: New DDoS Reflection Attacks Are Coming, Are You Ready?
According to ZDNet’s reports, FBI released a warning last week that some new network protocols were used by criminals to launch large-scale DDoS attacks. Three protocols and one Web applications were found as DDoS attack vectors, including CoAP, WS-DD, ARMS and Web-based Jenkins. (more…)
WebLogic Remote Code Execution Vulnerabilities (CVE-2020-14625, CVE-2020-14644, CVE-2020-14645, CVE-2020-14687) Threat Alert
Overview On July 15, 2020, Beijing time, Oracle released a Critical Patch Update (CPU) for July 2020 that fixes 443 vulnerabilities of different risk levels. The WebLogic Server Core component is prone to four severe vulnerabilities with a CVSS base score of 9.8, which are assigned CVE-2020-14625, CVE-2020-14644, CVE-2020-14645, and...
2019 Cybersecurity Insights -14
Malware Threats from Mobile Platforms Nowadays, smartphones are ubiquitous. Android, as a widely used mobile operating system, is vulnerable to an increasing large number of malware families owing to its openness and privilege issues. Such malware can even be spread via legal channels, including Google Store. (more…)
