Adeline Zhang

Cisco Policy Suite Cluster Manager Default Password Vulnerability

julho 31, 2018

Cisco released an advisory on July 18 to alert users about a critical vulnerability (CVE-2018-0375) in its Cluster Manager of Cisco Policy Suite. This vulnerability could allow an unauthenticated, remote attacker to log in to an affected system using the root account, which has default, static user credentials. The vulnerability is due to the presence […]

MODX Revolution Remote Code Execution Vulnerability

julho 20, 2018

Recently MODX announced two critical vulnerabilities (CVE-2018-1000207) in MODX Revolution 2.6.4 and earlier versions.  A remote attacker could use the vulnerabilities to execute arbitrary code and further to control the website or delete files. Reference: https://forums.modx.com/thread/104040/revolution-2-6-4-and-prior-two-cricital-vulnerabilities-upgrade-mandatory-patch#dis-post-559515 Affected Versions MODX Revolution <= 2.6.4 Unaffected Versions  Modx Revolution >= 2.6.5 Solution Users are advised to upgrade to MODX […]

NSFOCUS Weekly Cybersecurity Report (ID: 201827)

julho 18, 2018

(Report ID: 201827)   Internet Threat Status CVE Statistics The number of new CVE IDs increased considerably last week. Threat Review XXE in WeChat Pay Sdk|WeChat leave a backdoor on merchant websites (07-01-2018) A payment security researcher found an XXE vulnerability in the JAVA version SDK. The attacker can build malicious payload towards the notification […]

XXE Vulnerability in WeChat Payment

julho 9, 2018

The website Seclists.Org disclosed a vulnerability in WeChat Pay on 3 July 2018. It was found by a payment security researcher, who described that WeChat unintentionally provides an xxe vulnerability in the JAVA version SDK when merchants provide a notification URL to accept asynchronous payment results. The attacker can build malicious payload towards the notification […]

NSFOCUS Weekly Cybersecurity Report (ID: 201826)

julho 3, 2018

Internet Threat Status CVE Statistics The number of new CVE IDs in last week was 193, a decrease compared with the previous week.   Threat Review   WPA3 Standard Officially Launches With New Wi-Fi Security Features (06-25-2018) The Wi-Fi Alliance today officially launched WPA3—the next-generation Wi-Fi security standard that promises to eliminate all the known […]

Arbitrary File Deletion Vulnerability in WordPress Core

junho 28, 2018

RIPS Technologies (www. www.ripstech.com/) published an arbitrary file deletion vulnerability in the WordPress core on 26 June 2018. Any WordPress version including the current version is affected. After an attacker gains the privileges to edit and delete media files, the vulnerability can be used to escalate privileges attained through the takeover of an account with […]

NSFOCUS Weekly Cybersecurity Report (ID: 201825)

junho 28, 2018

Internet Threat Status CVE Statistics From the figure above, we can see an obvious rise in CVE IDs over last week. Besides, the fact that quite a few vulnerabilites were disclosed or discovered recently also reminded people to keep close attention to their systems’ security. Threat Review Quarterly Threat Report |Q1 2018 Ransomware volumes reduced; […]

NSFOCUS Weekly Cybersecurity Report

junho 20, 2018

(Report ID: 201824) Internet Threat Status CVE Statistics Last week we saw a slight increase in the total entries of CVE IDs.   Threat Review New ‘Lazy FP State Restore’ Vulnerability Found in All Modern Intel CPUs Date: 06-13-2018 Description: Hell Yeah! Another security vulnerability has been discovered in Intel chips that affects the processor’s […]

Zip Slip Vulnerability Advisory

junho 7, 2018

On 5th June 2018 Snyk Security team disclosed a Zip Slip vulnerability, which could result in potential command execution using a specially crafted archive that holds directory traversal filenames . Reference: https://snyk.io/research/zip-slip-vulnerability Description Attackers could use a specially crafted archive holding directory traversal filenames (e.g. ../../evil.sh) to trigger this vulnerability. Once a vulnerable code database […]

Cisco IOS XE AAA RCE Vulnerability

junho 7, 2018

Cisco released an advisory on 6th June for a critical vulnerability (CVE-2018-0315) in its Authentication, Authorization, and Accounting Login Authentication service. It could allow an unauthenticated, remote attacker to execute arbitrary code on an affected device or cause an affected device to reload, resulting in a denial of service condition. Reference: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180606-aaa Affected Versions Cisco […]

Search

Inscreva-se no Blog da NSFOCUS