Blog

Microsoft Exchange Server Arbitrary User Impersonation Vulnerability Handling Guide

January 10, 2019 | Mina Hao

1 Vulnerability Overview Recently, a security researcher released details of an arbitrary user impersonation vulnerability (CVE-2018-8581) in Microsoft Exchange Server (also known as Exchange Web Server, EWS for short), revealing that an authenticated attacker could exploit this vulnerability to impersonate arbitrary accounts or even gain privileges of the target user. Currently, the vulnerability’s proof of […]

Technical Report on Container Security (IV)-2

January 8, 2019 | Mina Hao

Container Security Protection – Container Service Security Container Service Security The security of the container management and orchestration service has a direct bearing on that of the container control plane. Take Docker for example. Whether the Docker daemon is properly configured determines the security of Docker to some extent. It is recommended that the following […]

Email Security – Attachment Virus

January 7, 2019 | Mina Hao

Case AnalysisCase Analysis Ransomware emails usually have an intriguing subject and body to entice receivers to open the attachment. As shown above, the attachment is compressed. The virus file is an executable with the extension of js. To disguise it as a seemingly secure text file, the attacker adds .txt in the file name. Files […]

Windows Arbitrary File Read 0-Day Vulnerability Handling Guide

January 7, 2019 | Mina Hao

1 Vulnerability Overview Recently, a security researcher with Twitter alias SandboxEscaper, once again, published proof-of-concept (PoC) code for a new 0-day vulnerability affecting Windows. This is the third Windows 0-day vulnerability published by this same researcher since August 2018. The vulnerability made known to the public this time could lead to arbitrary file read. Specifically, […]

Technical Report on Container Security (IV)-1

January 7, 2019 | Mina Hao

Container Security Protection—Linux Kernel Security Mechanism As a lightweight virtualized implementation, the container technology took into account security factors at the time of design, which constitute an important basis for container security protection. This chapter describes security risks and threats facing containers and common protection ideas and methods.

IP Reputation Report-01042019

January 4, 2019 | Mina Hao

Top 10 c¿ountries: The above diagram shows the top 10 regions with most malicious IP addresses from the NSFOCUS IP Reputation databases at January 04, 2019.

Microsoft Security Bulletin for December Patches That Fix 39 Security Vulnerabilities

December 29, 2018 | Mina Hao

Overview Microsoft released December 2018 security updates on Tuesday which fix 39 vulnerabilities ranging from simple spoofing attacks to remote code execution. Such security updates cover the following products: .NET Framework, Adobe Flash Player,Internet Explorer, Microsoft Dynamics, Microsoft Exchange Server, Microsoft Graphics Component, Microsoft Office, Microsoft Office SharePoint, Microsoft Scripting Engine, Microsoft Windows, Microsoft Windows […]

Technical Report on Container Security (III)-3

December 29, 2018 | Mina Hao

Security Risks and Challenges – Container Application Security Threat Container Application Security Threat Microservice Security From traditional monolithic applications to modern microservice applications, security has always been a hot issue. A monolithic application usually exposes fewer services and ports,narrowing the attack surface. In addition, security professionals know common points from which attacks are often launched. […]

Adobe Security Bulletin for December 2018 Security Updates

December 29, 2018 | Mina Hao

Overview On December 11, 2018 (local time), Adobe released security updates which address multiple vulnerabilities in Acrobat and Reader.

IP Reputation Report-12212018

December 21, 2018 | Mina Hao

Top 10 countries: The above diagram shows the top 10 regions with most malicious IP addresses from the NSFOCUS IP Reputation databases at December 21, 2018. But the United States has the largest allocated IP addresses in the world and China is in the second place. So, report IP Reputation as a percentage of total […]