Microsoft Exchange Server Arbitrary User Impersonation Vulnerability Handling Guide
janeiro 10, 2019
1 Vulnerability Overview
Recently, a security researcher released details of an arbitrary user impersonation vulnerability (CVE-2018-8581) in Microsoft Exchange Server (also known as Exchange Web Server, EWS for short), revealing that an authenticated attacker could exploit this vulnerability to impersonate arbitrary accounts or even gain privileges of the target user. Currently, the vulnerability’s proof of concept (PoC) has been made publicly available. However, Microsoft has not released any security patches to address it, but provided a workaround in its official security advisory. Users of this software are advised to take precautions as soon as possible. (mais…)
Technical Report on Container Security (IV)-2
janeiro 8, 2019
Container Security Protection – Container Service Security Container Service Security The security of the container management and orchestration service has a direct bearing on that of the container control plane. Take Docker for example. Whether the Docker daemon is properly configured determines the security of Docker to some extent. It is recommended that the following […]
Email Security – Attachment Virus
janeiro 7, 2019
Case AnalysisCase Analysis
Ransomware emails usually have an intriguing subject and body to entice receivers to open the attachment. As shown above, the attachment is compressed. The virus file is an executable with the extension of js. To disguise it as a seemingly secure text file, the attacker adds .txt in the file name. Files encrypted by this virus can only be decrypted upon payment of the ransom. (mais…)
Windows Arbitrary File Read 0-Day Vulnerability Handling Guide
janeiro 7, 2019
1 Vulnerability Overview
Recently, a security researcher with Twitter alias SandboxEscaper, once again, published proof-of-concept (PoC) code for a new 0-day vulnerability affecting Windows. This is the third Windows 0-day vulnerability published by this same researcher since August 2018. The vulnerability made known to the public this time could lead to arbitrary file read. Specifically, it allows low-privileged users or malicious programs to read, but not write into, arbitrary files on a targeted Windows host. Before an official patch is released by Microsoft, all Windows users will be affected by this vulnerability. (mais…)
Technical Report on Container Security (IV)-1
janeiro 7, 2019
Container Security Protection—Linux Kernel Security Mechanism
As a lightweight virtualized implementation, the container technology took into account security factors at the time of design, which constitute an important basis for container security protection. This chapter describes security risks and threats facing containers and common protection ideas and methods. (mais…)
IP Reputation Report-01042019
janeiro 4, 2019
-
Top 10 c¿ountries:
The above diagram shows the top 10 regions with most malicious IP addresses from the NSFOCUS IP Reputation databases at January 04, 2019. (mais…)
Cybersecurity trends 2019: What should you look out for?
janeiro 4, 2019
Silicon Republic – As the year begins, there are a few key areas that cybersecurity professionals should keep in mind. After the excesses of the holiday period, you are more than likely looking at the blank slate of a new year before you with a sense of optimism and hope for times ahead. Those in […]
Microsoft Security Bulletin for December Patches That Fix 39 Security Vulnerabilities
dezembro 29, 2018
Overview
Technical Report on Container Security (III)-3
dezembro 29, 2018
Security Risks and Challenges – Container Application Security Threat
Container Application Security Threat- Microservice Security
Adobe Security Bulletin for December 2018 Security Updates
dezembro 29, 2018
