Overview Recently, Red Hat released a security bulletin, pointing out multiple TCP-based remote denial-of-service vulnerabilities in the Linux kernel, namely, a SACK Panic vulnerability of important severity and two other vulnerabilities of moderate severity. (more…)
Blog
TP-Link Wi-Fi Extenders Remote Code Execution Vulnerability (CVE-2019-7406) Threat Alert
Overview Recently, a security expert from IBM X-Force discovered a remote code execution vulnerability (CVE-2019-7406) in multiple models of TP-Link Wi-Fi extenders. This vulnerability can be exploited by unauthenticated, remote attackers by sending a malformed HTTP request so as to execute arbitrary shell commands on a target Wi-Fi extender. The...
Apache Axis Remote Code Execution 0-Day Vulnerability Handling Guide
Vulnerability Overview Recently, by using the Attack Trend Monitoring system (ATM), the NSFOCUS security team has discovered an Apache Axis remote command execution vulnerability, which allows attackers to obtain privileges of the target server and remotely execute commands without authorization by sending a crafted HTTP-POST request. (more…)
IP Reputation Report-06172019
1. Top 10 countries in attack counts: (more…)
NSFOCUS Shares Botnet Trends in New 2018 Insights Report
SANTA CLARA, Calif., -- June 18, 2019 – NSFOCUS, a leader in holistic hybrid security solutions, today released its 2018 Botnet Trend report, which found that botnets in 2018 continued to use distributed denial-of-service (DDoS) as their primary weapon to attack high-speed networks. In the 2018 Botnet report, developed by...
Oracle WebLogic Remote Code Execution Vulnerability (CVE-2019-2725) Patch Bypass Threat Alert
Overview Recently, the NSFOCUS security team has found that the Oracle Weblogic vulnerability is exploited in the wild. Its attack signature is similar to that of the CVE-2019-2725 vulnerability. The attack can bypass the latest security patch released by Oracle in April. This vulnerability exists because no proper sanitization is...
