GandCrab Ransomware Virus Threat Alert

November 10, 2018 | Adeline Zhang

Risk Overview The GandCrab family is updating at a rapid pace. Since its V5 was released in September this year, a number of variants have appeared, including V5.0, V5.0.2, V5.0.3, V5.0.4, and V5.0.5. This virus family has targeted customers in various sectors in China. Users should take precautions to remove it as soon as possible.

Apache mod_jk Access Control Bypass Vulnerability (CVE-2018-11759) Threat Alert

November 10, 2018 | Adeline Zhang

Vulnerability Overview Recently, Apache Software Foundation (ASF) released a security advisory to announce the fix for an access control bypass vulnerability (CVE-2018-11759) in the mod_jk module in Apache Tomcat. Currently, the proof of concept (PoC) has been announced for this vulnerability. Users of this software should take precautions to fix this vulnerability as soon as […]

Office Area——Screen Lock

November 8, 2018 | Adeline Zhang

Case AnalysisCase Analysis Different employees assume different duties, and therefore have different permissions to access company data. If you do not lock your screen when you are out for lunch or go to the restroom, other co-workers may see the contents on your screen and those with ulterior motives may open files saved on your […]

11 Security Solutions for Small Business

Technical Report on Container Security (II)-1

November 7, 2018 | Adeline Zhang

Container Basics — Container Image Container Image Images are the basis of containers. The container engine service can use different images to launch different containers. After a container becomes faulty, the service can be promptly restored by deleting the faulty container and launching a new one thanks to the underlying technique of container images[i].

Office Area——Strangers’ Entrance

November 2, 2018 | Adeline Zhang

Office safety should not be underestimated.

NSFOCUS Completes IDC Migration and Expansion

October 1, 2018 | Triet Nguyen

NSFOCUS Completes IDC Migration and Expansion by Triet Nguyen Earlier this year, we kicked off a massive undertaking to shift our NSFOCUS Cloud to a managed service provider with the intention of consolidating internal data center real estate within our five data centers so we could regain resources to focus on our products. By taking […]

Oracle WebLogic Server RCE Deserialization Vulnerability

April 18, 2018 | Adeline Zhang

On 17 April, the local time in California, Oracle released its Critical Patch Update(CPU) Advisory in which a critical WebLogic deserialization vulnerability (CVE-2018-2628) allowing remote code execution without authorization was disclosed. This vulnerability was first discovered by an NSFOCUS researcher, who reported it to Oracle immediately. More information about this vulnerability together with NSFOCUS’s technical […]

Swearing Trojan Exploit Overview

April 3, 2017 | Devika Jain

Author: Cody Mercer – Senior Threat Intelligence Researcher Executive Overview A new mobile banking Trojan titled ‘Swearing Trojan’ has been discovered by Tencent Security and Checkpoint researchers. The odd name of the malware is in part attributed to the various Chinese swear words sparsely distributed in the source code. The primary attributes associated with the […]

Apache Struts2 Remote Code Execution Vulnerability (S2-045)

March 9, 2017 | Devika Jain

Overview Apache Struts2 is prone to a remote code execution vulnerability (CNNVD-201703-152) in the Jakarta Multipart parser plug-in. When uploading a file with this plug-in, an attacker could change the value of the Content-Type header field of an HTTP request to trigger this vulnerability, causing remote code execution. For details, visit the following link: https://cwiki.apache.org/confluence/display/WW/S2-045?from=timeline&isappinstalled=0 […]