NSFOCUS’s Presence at Botconf 2018
dezembro 17, 2018
On December 7, 2018 security experts from NSFOCUS Fu Ying Labs delivered a speech at Botconf 2018, presenting WASM security threat analysis technologies with researchers from security firms, media personnel, and security practitioners from CERTs (Computer Emergency Response Teams) of various countries. Their striking insights were highly accepted and acknowledged by the international security industry. […]
ThinkPHP Remote Code Execution Vulnerability Handling Guide
dezembro 17, 2018
1 Vulnerability Overview Recently, ThinkPHP posted a blog, announcing the release of an update that addresses a high-risk remote code execution (RCE) vulnerability. This vulnerability stems from the framework’s insufficient checks on controller names, which, in case forced routing is not enabled, would allow arbitrary code execution or even access to the server. ThinkPHP is […]
Personal Computer——File Deletion
dezembro 14, 2018
Case AnalysisCase Analysis
When you delete files from a computer or USB flash drive, just clicking the deletion button or doing a quick formatting does not completely remove files because you can easily recover them using data recovery software. Even after you clear the recycle bin, those deleted files can still be retrieved. (mais…)
NSFOCUS 2019 Predictions: Email Attachments, IoT, and Cryptominers to be Security Pain Points in 2019
dezembro 13, 2018
VMblog.com – It’s no surprise that 2018 continued to bring an increase in fraud attacks and data security breaches, including those of Facebook and now Marriott. In the past two years, the average number of overall daily searches for keywords such as “personal information disclosure” and “hacker” have been fluctuating at a very high level. […]
ThinkPHP 5.x Remote Code Execution Vulnerability Threat Alert
dezembro 13, 2018
Overview
Recently, ThinkPHP posted a blog, announcing the release of an important update that addresses a critical vulnerability. This security update fixes a getShell vulnerability caused by the framework’s insufficient checks on controller names in case forced routing is not enabled. The vulnerability, which affects ThinkPHP 5.0 and 5.1, is fixed in the latest version. (mais…)
Technical Report on Container Security (III)-2
dezembro 11, 2018
Security Risks and Challenges—Security Threat Analysis
Security Threat Analysis
When we talk about security risks to containers, we mean security threats to hosts, to containers, and to the carried applications. (mais…)
Adobe Flash Player 0-Day Vulnerabilities Threat Alert
dezembro 11, 2018
Overview
On December 5, 2018, local time, Adobe released a security bulletin to document the remediation of two vulnerabilities, namely a critical 0-day vulnerability (CVE-2018-15982) in Adobe Flash Player and an important vulnerability (CVE-2018-15983) in Adobe Flash Player installer. (mais…)
Satan Ransomware Variant Exploits 10 Server-Side Flaws
dezembro 10, 2018
Dark Reading – Windows, Linux systems vulnerable to self-propagating ‘Lucky’ malware, security researchers say. A new version of ransomware that first surfaced about two years ago is garnering attention for its ability to spread via as many as ten different vulnerabilities in Windows and Linux server platforms.
Bravo! NSFOCUS’s Big Win in the Flare-On Challenge
dezembro 10, 2018
The fifth annual Flare-on Challenge held by FireEye recently took place.129 out of 4925 players, of which 10 were Chinese players, reportedly finished the challenge this year. NSFOCUS’s KoAll team made a huge splash by topping the global medal tally with four medals. (mais…)
“WeChat Pay” Ransomware Analysis and Decryption Tool
dezembro 10, 2018
Risk Overview
Recently, over 20,000 PCs in China have fallen victim to WeChat Pay ransomware. Files on the affected devices are encrypted by the ransomware. To regain access to the files, users are asked to scan a WeChat QR code that appears in a pop-up window and pay 110 yuan (about $16) in ransom. So far, WeChat carrier has suspended the use of this QR code. It also steals passwords to popular platforms including Alipay, Baidu Cloud, internet company NetEase’s 163 email service, Tencent’s instant messaging platform QQ, Taobao, Tmall, and JD.com. (mais…)
