Blog

Enterprise Blockchain Security 2020-2

January 26, 2021 | Mina Hao

This chapter describes the characteristics, usage scenarios, and architecture of enterprise blockchains, and illustrates three major enterprise blockchain systems in three separate sections.

Microsoft’s Security Patches for January 2021 Fix 83 Security Vulnerabilities

January 25, 2021 | Mina Hao

Overview Microsoft released January 2021 security updates on Tuesday which fix 83 vulnerabilities ranging from simple spoofing attacks to remote code execution in various products, including .NET Repository, ASP.NET core & .NET core, Azure Active Directory Pod Identity, Microsoft Bluetooth Driver, Microsoft DTV-DVD Video Decoder, Microsoft Edge (HTML-based), Microsoft Graphics Component, Microsoft Malware Protection Engine, […]

Oracle January 2021 Critical Patch Update for All Product Families

January 24, 2021 | Mina Hao

Overview On January 20, 2021, NSFOCUS detected that Oracle released the January 2021 Critical Patch Update (CPU), which fixed 329 vulnerabilities of varying risk levels. This CPU involves multiple commonly used products, such as Oracle WebLogic Server, Oracle Database Server, Oracle Java SE, Oracle Fusion Middleware, Oracle MySQL, Oracle Enterprise Manager, and Oracle Systems. Oracle […]

Non-negligible ICS Security Risks — Device Simulator Security

January 23, 2021 | Mina Hao

Background To facilitate debugging and analysis by developers, a lot of master computer configuration software often comes with a simulator that simulates a real programmable logic controller (PLC) or human-machine interface (HMI) device. Such simulators exchange data with master computer configuration software through TCP/IP and therefore some will listen on a designated port which is […]

WebLogic Multiple Remote Code Execution Vulnerabilities Threat Alert

January 22, 2021 | Mina Hao

Vulnerability Description On January 20, 2021, NSFOCUS detected that Oracle released the January 2021 Critical Patch Update (CPU), which fixed 329 vulnerabilities of varying risk levels. Seven of these vulnerabilities are severe and assigned CVE-2021-1994, CVE-2021-2047, CVE-2021-2064, CVE-2021-2108, CVE-2021-2075, CVE-2019-17195, and CVE-2020-14756. Unauthenticated attackers could exploit these vulnerabilities to execute code remotely. These vulnerabilities are […]

Annual IoT Security Report 2019-17

January 22, 2021 | Mina Hao

Malicious Behaviors Targeting UPnP Vulnerabilities We captured four kinds of UPnP exploits 1, as shown in Table 4-7. Apparently, all the exploits targeted remote command execution vulnerabilities. Besides, we found that when a vulnerability is found on a specific port, attackers usually directly hit this port by skipping the UPnP discovery phase.

JumpServer Remote Command Execution Vulnerability Threat Alert

January 21, 2021 | Mina Hao

Overview On January 15, 2021, Beijing time, JumpServer released an emergency bulletin to announce a remote command execution vulnerability in its bastion host and advised users to fix it as soon as possible, especially those whose JumpServer can be accessed via the Internet.

Suggestions on Detection and Prevention of the Incaseformat Virus

January 20, 2021 | Mina Hao

Overview On January 13, 2021, NSFOCUS’s emergency response team received feedback on the incaseformat virus from a host of customers in the government, healthcare, education, and telecom sectors. According to analysis, we found that this virus mainly infected hosts installed with financial management application systems. Also, we observed that all other files than system partition […]

Enterprise Blockchain Security 2020-1

January 19, 2021 | Mina Hao

Blockchains are distributed digital ledgers of cryptographically signed transactions that are grouped into blocks. Each block is cryptographically linked to the previous one (making it tamper evident) after validation and undergoing a consensus decision. As new blocks are added, older blocks become more difficult to modify (creating tamper resistance). New blocks are replicated across copies […]

Watch Out! “Incaseformat” Came Back

January 18, 2021 | Mina Hao

The outbreak of Incaseformat virus has affected many industries recently. It is critical because it has removed all non-system files and caused serious data loss. This virus appeared before, now it has come back and infected many hosts, especially in China. As of 14 Jan, 2:00 P.M.(GMT+8), NSFOCUS Labs and NSFOCUS Threat Intelligence have detected […]