What You Should Know About Mitigation Bypass
Mitigation measures are implemented with many implicit assumptions. They can work only when these assumptions prove to be true and would be bypassed if these assumptions were broken.
1. Top 10 countries in attack counts: The above diagram shows the top 10 regions with the most malicious IP addresses from the NSFOCUS IP Reputation databases at June 21, 2019. Top 10 countries in attack percentage: The Laos is in the first place since four weeks ago. The Suriname is in the second […]
Overview Recently, Red Hat released a security bulletin, pointing out multiple TCP-based remote denial-of-service vulnerabilities in the Linux kernel, namely, a SACK Panic vulnerability of important severity and two other vulnerabilities of moderate severity.
Overview Recently, a security expert from IBM X-Force discovered a remote code execution vulnerability (CVE-2019-7406) in multiple models of TP-Link Wi-Fi extenders. This vulnerability can be exploited by unauthenticated, remote attackers by sending a malformed HTTP request so as to execute arbitrary shell commands on a target Wi-Fi extender. The attack does not require escalation […]
Vulnerability Overview Recently, by using the Attack Trend Monitoring system (ATM), the NSFOCUS security team has discovered an Apache Axis remote command execution vulnerability, which allows attackers to obtain privileges of the target server and remotely execute commands without authorization by sending a crafted HTTP-POST request.
Overview Recently, the NSFOCUS security team has found that the Oracle Weblogic vulnerability is exploited in the wild. Its attack signature is similar to that of the CVE-2019-2725 vulnerability. The attack can bypass the latest security patch released by Oracle in April. This vulnerability exists because no proper sanitization is performed when deserialized information is […]
Executive Summary Botnets, one of the oldest threats on the internet, are still the most popular weapon in a hacker’s arsenal. They offer ease of use, flexibility, and high availability, traits ideal for launching large-scale lethal cyber-attacks ar-ound the world.
1 Vulnerability Overview On June 12, 2019, Beijing time, Microsoft released security patches for the Windows NTLM tampering vulnerability (CVE-2019-1040), which exists in Windows operating systems and allows attackers to bypass the NTLM MIC (Message Integrity Check) protection.