Overview Recently, Google released February 2020 security updates for Android which fixed a critical vulnerability (CVE-2020-0022) in Android's Bluetooth component. This vulnerability could be exploited without user interaction when Bluetooth is enabled on devices. An attacker that successfully exploits this vulnerability could execute arbitrary code on the target system. Also,...
Blog
ICS Information Security Assurance Framework 17
Nuclear Power The security scenario of the nuclear power plant is similar to that of the thermal power platform. For details, sees section 4.1.1. Generally, it contains the following contents: (mais…)
FusionAuth Remote Code Execution Vulnerability (CVE-2020-7799) Threat Alert
Vulnerability Description On January 28, 2019, Beijing time, NVD released a remote command execution vulnerability (CVE-2020-7799) in the Apache Freemarker template in FusionAuth. It is found that an authenticated user can edit email templates (Home > Settings > Email Templates) or themes (Home > Settings > Themes) in FusionAuth to...
IP Reputation Report-02092020
Top 10 countries in attack counts: The above diagram shows the top 10 regions with the most malicious IP addresses from the NSFOCUS IP Reputation databases at February 9, 2020. (mais…)
WebLogic WLS Component IIOP Protocol Remote Code Execution Vulnerability (CVE-2020-2551) Threat Alert
Overview Oracle released Critical Patch Update (CPU) for January 2020, announcing a remote code execution vulnerability (CVE-2020-2551) in the Internet Inter-ORB Protocol (IIOP) used by the WLA component in WebLogic. (mais…)
ICS Information Security Assurance Framework 16
System Introduction The computer monitoring system of the hydropower plant adopts a hierarchical distributed open system structure totally controlled by the computer, which consists of the main control layer of functions and the local control unit (LCU) layer of objects. The main control layer consists of the operator station, data...
