1.Top 10 countries in attack counts: The above diagram shows the top 10 regions with the most malicious IP addresses from the NSFOCUS IP Reputation databases at June 7, 2020. 2.Top 10 countries in attack percentage: The Belarus is in first place. The Cape Verde is in the second place....
Blog
Apache Kylin Remote Code Execution Vulnerability (CVE-2020-1956) Threat Alert
Vulnerability Description Recently, Apache released a security advisory to announce the fix of a remote code execution vulnerability (CVE-2020-1956) in Apache Kylin. Apache Kylin has some RESTful APIs that will associate OS commands with user-typed strings. As Apache Kylin fails to properly verify user inputs, an attacker could execute arbitrary...
Fastjson 1.2.68 and Earlier Remote Code Execution Vulnerability Threat Alert
Vulnerability Description On May 28, Fastjson 1.2.68 and before were reported to contain a remote code execution vulnerability that bypasses the autoType switch to implement deserialization of classes that contain security risks. Attackers could exploit this vulnerability to execute arbitrary code on the target machine. (more…)
Apache Tomcat Session Deserialization Code Execution Vulnerability (CVE-2020-9484) Threat Alert
Overview Recently, Apache Tomcat released a security advisory, announcing the fix of a remote code execution vulnerability (CVE-2020-9484) due to persistent session. An attacker can exploit this vulnerability only when the following conditions are met: The attacker can take control of the contents and name of a file on the...
IP Reputation Report-05312020
1. Top 10 countries in attack counts: The above diagram shows the top 10 regions with the most malicious IP addresses from the NSFOCUS IP Reputation databases at May 31, 2020. 2. Top 10 countries in attack percentage: The Belarus is in first place.The Cape Verde is in the second...
DDoS Attack Landscape 10
Active Families Gafgyt As one of the largest IoT DDoS families, Gafgyt compromises such devices as routers and cameras by means of password cracking and exploits to receive C&C commands and launch DDoS attacks. In 2019, the Gafgyt family continued to be active, mainly targeting North America, Europe, and Australia....
