Ping An Financial Security Research Institute:As the industry's first comprehensive organization engaging in financial security research and innovation founded by Ping An Technology, a wholly funded subsidiary of Ping An Group, it provides robust technical support for financial security of Ping An Group, the related sector, and the country and...
Blog
Iran’s 3,500 Switches Attacked – Cisco IOS/IOS XE Remote Code Execution Vulnerability CVE-2018-0171 Exploitation
News from The Iran Project, the Iranian cyber police confirmed Friday night that the country's data center was attacked. The attack involved Iran 3500 switches, but the official in the country emphasized that the attack didn’t lead to sensitive data leakage. From description, the suspected attacker exploited the Cisco IOS / IOS...
Cisco IOS/IOS XE Software Remote Code Execution Vulnerability (CVE-2018-0171)
Recently a serious vulnerability (CVE-2018-0171) was disclosed in Cisco IOS and IOS XE software. An attacker could reload an affected device without authorization, resulting in a denial of service condition or remote code execution. This vulnerability originated from improper validation of packet data. An attack could exploit this vulnerability by...
Drupal Code Execution Vulnerability Analysis
Recently, Drupal, a popular open-source content management framework, is found to contain a highly critical remote code execution vulnerability, which allows attackers to execute malicious code on a Drupal site, resulting in the site being completely compromised. This vulnerability is assigned CVE-2018-7600. The root cause of this vulnerability is related...
ThreatQ Leverages NSFOCUS to Categorize Threats and Pinpoint Valuable Connections
It is no surprise that everyone, including organizations, are vulnerable to a large amount of threats on a daily basis. In Q3 of 2016 alone, Panda Labs captured 18 million new malware samples; that is not including samples detected by other companies. Furthermore, in a study done by Friedrich-Alexander University...
