Apache Axis Remote Code Execution 0-Day Vulnerability Handling Guide

June 21, 2019 | Mina Hao

Vulnerability Overview Recently, by using the Attack Trend Monitoring system (ATM), the NSFOCUS security team has discovered an Apache Axis remote command execution vulnerability, which allows attackers to obtain privileges of the target server and remotely execute commands without authorization by sending a crafted HTTP-POST request.

IP Reputation Report-06172019

June 20, 2019 | Mina Hao

1. Top 10 countries in attack counts:

Oracle WebLogic Remote Code Execution Vulnerability (CVE-2019-2725) Patch Bypass Threat Alert

June 18, 2019 | Mina Hao

Overview Recently, the NSFOCUS security team has found that the Oracle Weblogic vulnerability is exploited in the wild. Its attack signature is similar to that of the CVE-2019-2725 vulnerability. The attack can bypass the latest security patch released by Oracle in April. This vulnerability exists because no proper sanitization is performed when deserialized information is […]

Botnet Trend Report-1

June 18, 2019 | Mina Hao

Executive Summary Botnets, one of the oldest threats on the internet, are still the most popular weapon in a hacker’s arsenal. They offer ease of use, flexibility, and high availability, traits ideal for launching large-scale lethal cyber-attacks ar-ound the world.

Windows NTLM Tampering Vulnerability (CVE-2019-1040) Threat Alert

June 17, 2019 | Mina Hao

1 Vulnerability Overview On June 12, 2019, Beijing time, Microsoft released security patches for the Windows NTLM tampering vulnerability (CVE-2019-1040), which exists in Windows operating systems and allows attackers to bypass the NTLM MIC (Message Integrity Check) protection.

The Road to 5G is Paved with Malware

June 14, 2019 | Mina Hao

There is no doubt that 5G will revolutionize how we use online services. Mobile high-speed internet access in excess of 5Gbs will facilitate revolutionary technologies to take advantage of the new bandwidth. Feature rich apps for entertainment, productivity, social media, and health & fitness are preparing to offer functionality only possible with high-speed mobile access. […]

Microsoft’s SecurityPatches for June that Fix 93 Security Vulnerabilities Threat Alert

June 14, 2019 | Mina Hao

Overview Microsoft released June 2019 security patches on Tuesday that fix 93 vulnerabilities ranging from simple spoofing attacks to remote code execution in various products, including Adobe Flash Player, Kerberos, Microsoft Browsers, Microsoft Devices, Microsoft Edge, Microsoft Exchange Server, Microsoft Graphics Component, Microsoft JET Database Engine, Microsoft Office, Microsoft Office SharePoint, Microsoft Scripting Engine, Microsoft […]

IP Reputation Report-06102019

June 13, 2019 | Mina Hao

Top 10 countries in attack counts: The above diagram shows the top 10 regions with the most malicious IP addresses from the NSFOCUS IP Reputation databases at June 09, 2019. Top 10 countries in attack percentage: The Laos is in the first place since last week. The Myanmar is still in the second place. The […]

2018 DDoS Attack Landscape-9

June 12, 2019 | Mina Hao

Behind DDoS attacks, there are complex economic interests in the underground industry. Therefore, effective governance needs to start from multiple dimensions, including policy, industry, resource, and technical dimensions. This chapter dwells upon how to mitigate DDoS attacks from the following perspectives.

Adobe Security Bulletins for June 2019 Security Updates Threat Alert

June 11, 2019 | Mina Hao

Overview On June 11, 2019, local time, Adobe officially released June’s security updates to fix multiple vulnerabilities in its various products, including Adobe Flash Player, Adobe Campaign, and Adobe ColdFusion.