Vulnerability Description On April 15, Git issued a security bulletin announcing a vulnerability that could reveal Git user credentials (CVE-2020-5260). Git uses a credential helper to store and retrieve credentials. But when a URL contains an encoded newline (%0a), it may inject unexpected values into the protocol stream of the...
Blog
IP Reputation Report-04262020
1.Top 10 countries in attack counts: The above diagram shows the top 10 regions with the most malicious IP addresses from the NSFOCUS IP Reputation databases at April 26, 2020. 2.Top 10 countries in attack percentage: The Belarus is in first place.The Cape Verde is in the second place.The country...
Adobe Security Bulletins for April 2020 Security Updates
Overview On April 14, 2020, local time, Adobe officially released April's security updates to fix multiple vulnerabilities in its various products, including Adobe ColdFusion, Adobe After Effects, and Adobe Digital Editions. (more…)
Microsoft’s April Patches Fix 113 Security Vulnerabilities Threat Alert
Overview Microsoft released April 2020 security updates on Tuesday that fix 113 vulnerabilities ranging from simple spoofing attacks to remote code execution in various products, including Android App, Apps, Microsoft Dynamics, Microsoft Graphics Component, Microsoft JET Database Engine, Microsoft Office, Microsoft Office SharePoint, Microsoft Scripting Engine, Microsoft Windows, Microsoft Windows...
Oracle Coherence Remote Code Execution Vulnerability (CVE-2020-2915) Threat Alert
Overview On April 14, local time, Oracle released the April Critical Patch Update (CPU) which fixes vulnerabilities that include a critical one (CVE-2020-2915) in Oracle Coherence CPU, with a CVSS score of 9.8. This vulnerability allows unauthenticated attackers with network access via T3 to compromise vulnerable Oracle Coherence. Successful exploitation...
How Does WannaRen Ransomware Spread?
Background Recently, a new strain of ransomware WannaRen came to the surface and began to spread between PCs. This ransomware encrypts files in the Windows system and uses .WannaRen as the extension of encrypted files. The attacker leaves a Bitcoin wallet address and demands 0.05 Bitcoin as ransom. Through tracking...
