Kibana Remote Code Execution Vulnerability (CVE-2019-7609) Threat Alert
novembro 5, 2019
Vulnerability Description
In February 2019, an official announcement was made that Kibana had a remote code execution vulnerability. The Kibana version prior to 5.6.15 and 6.6.1 had a functional flaw in the Timelion visualization tool, which allowed an attacker to use Kibana to execute arbitrary code on the server. Currently PoC has been announced; Ussers are recommended to conduct self-examination and protection in a timely manner. (mais…)
Cisco Aironet Access Points Unauthorized Access Vulnerability Threat Alert
novembro 4, 2019
Overview
On October 17, local time, Cisco issued a security notice claiming that an unauthorized access vulnerability to Aironet Access Points (APs) was fixed. The vulnerability stems from the fact that no specific URL is filtered. An attacker can obtain the access rights of the device by constructing a malicious URL and sending it to the affected AP to trigger the vulnerability. The attacker can then modify multiple configuration data of the AP and cause a denial of service attack.
(mais…)
Weblogic High Risk Vulnerability Threat Alert
novembro 1, 2019
Overview
Recently, Oracle fixed two high-risk vulnerabilities in Weblogic (CVE-2019-2890 and CVE-2019-2891) in its October critical patch update.
References:
https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html
IP Reputation Report-10272019
outubro 31, 2019
-
Top 10 countries in attack counts:
- The above diagram shows the top 10 regions with the most malicious IP addresses from the NSFOCUS IP Reputation databases at October 27, 2019.
Cybersecurity Insights-2
outubro 30, 2019
Key Findings
Finding 1
The interval between disclosure of a vulnerability and successful exploitation of this vulnerability was shortened to hours, posing the greatest challenge to traditional security operations. (mais…)
Php-fpm Remote Code Execution Vulnerability (CVE-2019-11043) Threat Alert
outubro 29, 2019
Overview
Recently, security researchers have published a vulnerability in php-fpm (CVE-2019-11043) that could lead to remote code execution in certain Nginx configurations.
The vulnerability exists in the file sapi/fpm/fpm/fpm_main.c (https://github.com/php/php-src/blob/master/sapi/fpm/fpm/fpm_main.c#L1140), which assumes the prefix of env_path_info Equal to the path of the php script, but in fact the code does not check if this assumption is met, and the lack of this check will invalidate the pointer in the “path_info” variable. In some Nginx configurations, an attacker can use a line break (encoded at %0a) to destroy the regexp in the `fastcgi_split_path_info` directive, which can cause a null PATH_INFO, which triggers the vulnerability. (mais…)
Weaver E-cology OA System SQL Ijection Vulnerability Threat Alert
outubro 28, 2019
-
Vulnerability Description
On October 10, 2019, the national information security vulnerability sharing platform of China (CNVD) announced a SQL injection vulnerability (CNVD-2019-34241) in the Weaver e-cology OA system. When the workflowcentertreedata interface of the Weaver e-cology OA system uses the Oracle database, due to the loose splicing of the built-in SQL statements, there is a SQL injection vulnerability in the Weaver e-cology OA system. (mais…)
Microsoft Released October Patches to Fix 61 Security Vulnerabilities
outubro 26, 2019
Overview
Microsoft released the October security update patch on Tuesday, fixing 61 security issues ranging from simple spoofing attacks to remote code execution. Products include Azure, Internet Explorer, Microsoft Browsers, Microsoft Devices, Microsoft Dynamics, Microsoft Edge, Microsoft Graphics Component. , Microsoft JET Database Engine, Microsoft Office, Microsoft Office SharePoint, Microsoft Scripting Engine, Microsoft Windows, Open Source Software, Secure Boot, Servicing Stack Updates, SQL Server, Windows Hyper-V, Windows IIS, Windows Installer, Windows Kernel, Windows NTLM , Windows RDP and Windows Update Stack.
(mais…)
Information Security in the Workplace- Data Backup-v
outubro 25, 2019
With the advancement of IT-based transformation and the rapid development of IT, various network technologies have seen more extensive and profound applications, along with which come a multitude of cyber security issues. Come to find out what information security issues you should beware of in the workplace.
IP Reputation Report-10202019
outubro 24, 2019
Top 10 countries in attack counts: The above diagram shows the top 10 regions with the most malicious IP addresses from the NSFOCUS IP Reputation databases at October 20, 2019. Top 10 countries in attack percentage: The Laos is in first place. The Uzbekistan is in the second place. The country China (CN) is not […]
