Blog

Oracle WebLogic Server Deserialization Remote Code Execution Vulnerability Threat Alert

May 3, 2019 | Mina Hao

1 Vulnerability Overview On April 17, China National Vulnerability Database (CNVD) published details of a remote code execution vulnerability in Oracle WebLogic Server. Specifically, this vulnerability exists in the wls9_async_response.war component that comes with Oracle WebLogic Server as this component fails to properly deserialize the input information. An unauthorized attacker could exploit this vulnerability to […]

Cisco IOS XR 64-Bit Critical Vulnerability (CVE-2019-1710) Threat Alert

May 2, 2019 | Mina Hao

Overview Cisco has released a security advisory to announce the fix of a vulnerability (CVE-2019-1710) in Cisco IOS XR 64-bit Software running on Cisco ASR 9000 Series Aggregation Services Routers. This vulnerability is the result of incorrect isolation of the secondary management interface from internal sysadmin applications. An unauthenticated attacker could exploit this vulnerability to […]

A Look into RSA 2019: Finding a New Balance Between Efficiency and Security in Incident Response

May 1, 2019 | Mina Hao

Incident Response Is Changing The enterprise security market has seen fast incorporation of more and more cloud, Internet of Things (IoT), and mobile devices into enterprise security environments, which traditionally abound with servers, workstations, and networking and security devices. In this context, enterprises are faced with decentralized services and products from a variety of service […]

Daily Communication – Password Grading

April 30, 2019 | Devika Jain

   

Daily Communication – Entry of Outsiders

April 30, 2019 | Devika Jain

   

Oracle April 2019 Critical Patch Update for All Product Families Threat Alert

April 30, 2019 | Mina Hao

Overview On April 16, 2019, local time, Oracle released its security advisory of the Critical Patch Update (CPU) for the second quarter. The CPU fixes 297 vulnerabilities of varying severity levels across the product families. For details about affected products and available patches, visit the following link: https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html

Cisco Common Service Platform Collector Default Password Vulnerability (CVE-2019-1723) Threat Alert

April 29, 2019 | Mina Hao

Overview Cisco officially released a security advisory, announcing the fix of a vulnerability (CVE-2019-1723) existing in the Cisco Common Service Platform Collector (CSPC). This vulnerability exists because the affected software has a default account with a fixed password. An attacker could exploit this vulnerability to remotely access an affected device by using this account. This […]

Apache Tomcat Remote Code Execution Vulnerability (CVE-2019-0232) Threat Alert

April 26, 2019 | Mina Hao

Overview On April 10, local time, Apache Software Foundation officially released a security advisory, announcing the fix of a remote code execution vulnerability (CVE-2019-0232). The Java Runtime Environment (JRE), when running on a Windows system with enableCmdLineArguments enabled, passes command-line parameters to Windows in an incorrect manner. This leads to the CGI servlet susceptible to […]

Siemens Multiple Products Vulnerabilities Threat Alert

April 25, 2019 | Mina Hao

Overview On April 9, local time, Siemens officially released a security advisory, announcing the fix of vulnerabilities of different risk levels in a spectrum of products such as SIMATIC WinCC Open Architecture (SIMATIC WinCC OA), Spectrum Power, and RUGGEDCOM RXO II. Of all these vulnerabilities, two have a CVSS v3.0 base score of 10.

IP Reputation Report-04192019

April 24, 2019 | Mina Hao

Top 10 countries in attack counts: The above diagram shows the top 10 regions with the most malicious IP addresses from the NSFOCUS IP Reputation databases at April 19, 2019.   Top 10 countries in attack percentage: The country Suriname (SR) has been in the first place for three weeks. The Laos is still in […]