Vulnerability Description On August 28, 2019, Artifex submitted "Bug 701446: Avoid divide by zero in shading" on the master branch of Ghostscript and announced remediation of four -dSAFER sandbox bypass vulnerabilities. -dSAFER is a security sandbox used by Ghostscript for prevention of insecure PostScript operations. (more…)
Blog
Ghostscript -dSAFER Sandbox Bypass Vulnerability (CVE-2019-10216) Threat Alert
Overview Recently, Ghostscript announced the discovery of the -dSAFER sandbox bypass vulnerability (CVE-2019-10216). The .buildfont1 procedure in Ghostscript does not properly restrict privileged calls, which allows attackers to escalate privileges and access files beyond the restricted domain. (more…)
IP Reputation Report-08252019
Top 10 countries in attack counts: (more…)
Botnet Trend Report-11
4.2.2 Analysis During the first quarter of 2018 when BillGates was extremely active, the family was found to attack 3962 targets, most of which were in two Central American countries. The following map shows the distribution of BillGates targets in China that NSFOCUS was able to directly monitor. BillGates ignored...
What You Should Know About DDoS Incident Response
This document addresses the overall strategy and process for DDoS incident response and provides detailed analysis of and countermeasures against some typical attacks, in a bid to help organizations respond to DDoS attacks more effectively and efficiently. Therefore, we will not dwell upon specific methods of and configurations of specific...
Adobe Security Bulletins for August 2019 Security Updates Threat Alert
Overview On August 13, 2019, local time, Adobe officially released August's security updates to fix multiple vulnerabilities in its various products, including Adobe Photoshop CC , Adobe Experience Manager, Adobe Acrobat and Reader, Adobe Creative Cloud Desktop Application, Adobe Prelude CC, Adobe Premiere Pro CC, Adobe Character Animator CC, and Adobe After Effects CC....
