In this section, we analyze two vulnerabilities, namely, the CVE-2016-10372 vulnerability32 in the Eir D1000 router and the backdoor vulnerability in Netis routers. Except UPnP-related vulnerabilities described in section 4.4.3 Malicious Behaviors Targeting UPnP Vulnerabilities, the CVE-2016-10372vulnerability was exploited most frequently. The backdoor vulnerability in Netis routers exerted a severe impact when it was initially […]

“Pay or Die” is an opening phrase often used by DDoS blackmailers. Github was attacked, NZX was unable to provide services for 4 days… these are all serious DDoS blackmail incidents this year. This is just the tip of the iceberg of such lucrative crimes. In various forms of digital black mailings, using “distributed denial […]

Abstract The real economy with manufacturing as the core industry is the basis for maintaining national competitiveness and healthy economic development. Based on the universal recognition of this concept, the Industry 4.0 strategy of Germany, the national advanced manufacturing strategy of the United States, and the national manufacturing policy of India, have taken place as […]

Overview Recently, Citrix SD-WAN released a security update to address three vulnerabilities (CVE-2020-8271, CVE-2020-8272, CVE-2020-8273). These vulnerabilities allow an unauthenticated attacker with network access to SD-WAN Center to perform arbitrary code execution as root. At present, there exist detailed analysis of relevant vulnerabilities and the proof of concept (POC) concerning CVE-2020-8271.

IoT Exploits Viewpoint 3: Over 30 types of IoT exploits were captured, most of which targeted remote command execution vulnerabilities. Though hundreds of to thousands of IoT vulnerabilities were unveiled each year, only a few can exert an extensive impact. Attackers were keen on targeting devices (routers and video surveillance devices) exposed in large quantities, […]

Overview On November 18, 2020 (local time), Cisco released security advisories fixing vulnerabilities in multiple products. These vulnerabilities include three high-risk ones: CVE-2020-3531, CVE-2020-3586, and CVE-2020-3470. Reference link:

Overview On November 19, 2020 (Beijing time), Drupal released a security advisory that fixes a remote code execution vulnerability (CVE-2020-13671). Drupal core does not properly sanitize certain filenames on uploaded files, which can lead to files being interpreted as the incorrect extension and served as the wrong MIME type or executed as PHP for certain […]

Overview Recently, XStream released a security advisory that fixes a remote code execution vulnerability (CVE-2020-26217). The vulnerability may allow a remote attacker to execute arbitrary code by sending crafted requests to the web application that uses XStream and thereby taking control of the target server. XStream is a commonly used tool for converting between Java […]

Introduction This chapter analyzes IoT threats from the perspective of vulnerabilities. We first analyze the change trends of IoT vulnerabilities and exploits 1 in the NVD and Exploit Database (Exploit-DB) in 2019 and then IoT exploits captured by NSFOCUS’s threat hunting system. The following dwells upon some representative exploits.

Chapter 1. Brief on the risk In phishing email attacks worldwide, Covid-19 is still an important topic. With the increasing availability of epidemic prevention material supplies in various countries and the transparency of news channels, attackers have begun to look for “hot issues” from other perspectives that may attract people’s attention. With the impact of […]