Adeline Zhang

Weaver E-cology OA System Remote Code Execution Vulnerability Threat Alert

outubro 3, 2019

  1. Vulnerability Description

On September 19, 2019, the Weaver e-cology OA system was reported to contain a remote code execution vulnerability. This vulnerability exists in the BeanShell component of the Weaver OA system. This component comes with the system and allows unauthorized access. Attackers could exploit this vulnerability to directly execute arbitrary commands on the target server by calling a vulnerable interface of the BeanShell component. Currently, Weaver has released security patches to fix this vulnerability. Affected users are advised to download and install patches as soon as possible.

(mais…)

Fastjson 1.2.60 and Earlier Remote Code Execution Vulnerability Threat Alert

outubro 2, 2019

1 Vulnerability Description

On September 18, a security researcher submitted Fastjson remediation code on Alibaba’s official GitHub to prevent new exploits of the Fastjson deserialization remote code execution vulnerability. An attacker could exploit this vulnerability to remotely execute malicious code to compromise the server. (mais…)

Exim Remote Code Execution Vulnerability (CVE-2019-15846) Threat Alert

outubro 1, 2019

  1. Vulnerability Description

Recently, Linux’s mail transfer agent Exim was reported to contain a remote code execution vulnerability (CVE-2019-15846). When the Exim server is accepting TLS connections, attackers could exploit this vulnerability to remotely execute arbitrary code with root privileges by sending an SNI ending in a backslash-null sequence. By default, the TLS function is disabled on the Exim server, but many users need to have this function enabled for processing network traffic. (mais…)

Fastjson Remote Denial-of-Service Vulnerability Threat Alert

setembro 30, 2019

  1. Vulnerability Description

Recently, multiple versions of fastjson have been found to contain a remote denial-of-service (DoS) vulnerability. An attacker could exploit a flaw in the processing logic of fastjson to exhaust memory and CPU resources of the server via a maliciously crafted json string, leading to a denial of service. (mais…)

Information Security in the Workplace- Screen Lock v

setembro 29, 2019

With the advancement of IT-based transformation and the rapid development of IT, various network technologies have seen more extensive and profound applications, along with which come a multitude of cyber security issues. Come to find out what information security issues you should beware of in the workplace. (mais…)

Microsoft Released September Patches to Fix 81 Security Vulnerabilities Threat Alert

setembro 27, 2019

Overview  

Microsoft released the Spetember 2019 security patch on Tuesday that fixes 81 vulnerabilities ranging from simple spoofing attacks to remote code execution in various products, including .NET Core, .NET Framework, Active Directory, Adobe Flash Player, ASP.NET, Common Log File System Driver, Microsoft Browsers, Microsoft Edge, Microsoft Exchange Server, Microsoft Graphics Component, Microsoft JET Database Engine, Microsoft Office, Microsoft Office SharePoint, Microsoft Scripting Engine, Microsoft Windows, Microsoft Yammer, Project Rome, Servicing Stack Updates, Skype for Business and Microsoft Lync, Team Foundation Server, Visual Studio, Windows Hyper-V, Windows Kernel, and Windows RDP. (mais…)

Adobe Security Bulletins for September 2019 Security Updates Threat Alert

setembro 27, 2019

Overview

On September 10, 2019, local time, Adobe officially released September’s security updates to fix multiple vulnerabilities in its various products, including Adobe Application Manager and Adobe Flash Player. (mais…)

IP Reputation Report-09222019

setembro 26, 2019

Top 10 countries in attack counts: The above diagram shows the top 10 regions with the most malicious IP addresses from the NSFOCUS IP Reputation databases at September 22, 2019.   Top 10 countries in attack percentage: The Laos is in first place. The Palestine is in the second place. The country China (CN) is […]

Windows Remote Desktop Services Remote Code Execution Vulnerability (CVE-2019-0708) Exploit Disclosure Threat Alert

setembro 25, 2019

  1. Exploit Disclosure

In the early morning of September 7, Beijing time, a developer disclosed a Metasploit exploit module for the Windows remote desktop services remote code execution vulnerability (CVE-2019-0708) on GitHub. The initial public exploit module (BlueKeep) for the CVE-2019-0708 vulnerability could cause old versions of Windows (Windows 7 SP1 x64 and Windows 2008 R2 x64) to execute code remotely without user interaction. This vulnerability, like WannaCry, will propagate widely, having constituted security threats in the wild.

  (mais…)

Confluence Local File Disclosure Vulnerability (CVE-2019-3394) Handling Guide

setembro 24, 2019

  1. Vulnerability Description

Recently, Atlassian released a security advisory, announcing remediation of a local file disclosure vulnerability (CVE-2019-3394) in Confluence products. (mais…)

Search

Inscreva-se no Blog da NSFOCUS