Emergency Response Archives - Página 52 de 90

TP-Link Tapo C200 IP Camera High-Risk Vulnerability Threat Alert

Por NSFOCUSPostou 18 de agosto de 2020

Overview Recently, TP-Link fixed a high-risk vulnerability in the C200 IP camera. A user's hashed password can be found in the memory dump by using the discovered Heartbleed vulnerability exposed on TCP port 443. The hash was then used for a pass-the-hash attack by exploiting the login process on the...

Adobe Releases Updates to Fix High-Risk Vulnerabilities Threat Alert

Por NSFOCUSPostou 14 de agosto de 2020

Overview On July 21, 2020, local time, Adobe released security updates to fix high-risk code execution vulnerabilities in its various products, including Adobe Bridge, Adobe Photoshop, Adobe Prelude, and Adobe Reader Mobile. For details about the security bulletins and advisories, visit the following link: https://helpx.adobe.com/security.html (mais…)

Code snippet with comments for string handling.

Microsoft Windows DNS Server Remote Code Execution Vulnerability SigRed (CVE-2020-1350) Threat Alert

Por NSFOCUSPostou 11 de agosto de 2020

Overview On July 14, 2020 local time, Microsoft addressed a wormable Windows DNS server vulnerability dubbed SigRed (CVE-2020-1350) in its latest monthly patch updates. Once exploited by attackers, the vulnerability could spread between vulnerable computers without user interaction, thereby probably infecting the network of the whole organization. It is reported...

Botnet Trend Report cover with network illustration.

Botnet Trend Report -5

Por NSFOCUSPostou 10 de agosto de 2020

Spear Phishing and Malicious Documents In the past few years, including malicious attachments in emails has become one of the most common methods that APT groups and various cybercriminal groups use to launch spear phishing attacks. Compared with previous years, 2019 saw more spear phishing attacks with a bigger impact,...

WebLogic Remote Code Execution Vulnerabilities (CVE-2020-14625, CVE-2020-14644, CVE-2020-14645, CVE-2020-14687) Threat Alert

Por NSFOCUSPostou 7 de agosto de 2020

Overview On July 15, 2020, Beijing time, Oracle released a Critical Patch Update (CPU) for July 2020 that fixes 443 vulnerabilities of different risk levels. The WebLogic Server Core component is prone to four severe vulnerabilities with a CVSS base score of 9.8, which are assigned CVE-2020-14625, CVE-2020-14644, CVE-2020-14645, and...

Multiple Cisco Vulnerabilities Threat Alert 2020

Por NSFOCUSPostou 4 de agosto de 2020

Overview On July 15, 2020 local time, Cisco released security advisories to address vulnerabilities across multiple products, including five Critical vulnerabilities with a CVSS base score of 9.8 (CVE-2020-3330, CVE-2020-3323, CVE-2020-3144, CVE-2020-3331, and CVE-2020-3140). Reference link: https://tools.cisco.com/security/center/publicationListing.x (mais…)