Top 10 countries in attack counts: The above diagram shows the top 10 regions with the most malicious IP addresses from the NSFOCUS IP Reputation databases at March 8, 2020. (mais…)
Blog
Fastjson 1.2.62 and Earlier Remote Code Execution Vulnerability Threat Alert
Vulnerability Description On February 19, National Vulnerability Database (NVD) released a JNDI injection vulnerability (CVE-2020-8840) in jackson-databind. However, gadget deserialization in jackson-databind also affects Fastjson. According to researchers from NSFOCUS, when the AutoType fucntion is enabled (disabled by default), this vulnerability affects Fastjson 1.2.62, allowing attackers to result in remote...
ICS Information Security Assurance Framework 20
Petroleum and Petrochemical Industry Overview System introduction Oil field exploitation is field work featuring strong fluidity, large quantities of scattered points, and a long distance. In the process of oil field exploitation, out of management requirements, the oil and gas management center connects to the gathering and transportation control center,...
Jackson-databind Remote Code Execution Vulnerability (CVE-2020-8840) Threat Alert
Vulnerability Description On February 19, National Vulnerability Database (NVD) disclosed a remote code execution vulnerability (CVE-2020-8840) that resulted from JNDI injection in jackson-databind and assigned a CVSS score of 9.8. Affected versions of jackson-databind lack certain xbean-reflect/JNDI blocking, as demonstrated by org.apache.xbean.propertyeditor.JndiConverter. An attacker could exploit this vulnerability to...
ICS Information Security Assurance Framework 19
Government Affairs SCADA System Architecture Used in Water Affairs The SCADA system used in water affairs mainly consists of the operator workstation, engineering workstation, SCADA system of the water intake pump room, SCADA system of the drug dosing room, SCADA system of the backwashing system, SCADA system of the water...
IP Reputation Report-03012020
Top 10 countries in attack counts: The above diagram shows the top 10 regions with the most malicious IP addresses from the NSFOCUS IP Reputation databases at March 1, 2020. (mais…)
