Vulnerability Overview Recently, by using the Attack Trend Monitoring system (ATM), the NSFOCUS security team has discovered an Apache Axis remote command execution vulnerability, which allows attackers to obtain privileges of the target server and remotely execute commands without authorization by sending a crafted HTTP-POST request. (mais…)
Categoria: Blog
IP Reputation Report-06172019
1. Top 10 countries in attack counts: (mais…)
Oracle WebLogic Remote Code Execution Vulnerability (CVE-2019-2725) Patch Bypass Threat Alert
Overview Recently, the NSFOCUS security team has found that the Oracle Weblogic vulnerability is exploited in the wild. Its attack signature is similar to that of the CVE-2019-2725 vulnerability. The attack can bypass the latest security patch released by Oracle in April. This vulnerability exists because no proper sanitization is...
Botnet Trend Report-1
Executive Summary Botnets, one of the oldest threats on the internet, are still the most popular weapon in a hacker's arsenal. They offer ease of use, flexibility, and high availability, traits ideal for launching large-scale lethal cyber-attacks ar-ound the world. (mais…)
Windows NTLM Tampering Vulnerability (CVE-2019-1040) Threat Alert
1 Vulnerability Overview On June 12, 2019, Beijing time, Microsoft released security patches for the Windows NTLM tampering vulnerability (CVE-2019-1040), which exists in Windows operating systems and allows attackers to bypass the NTLM MIC (Message Integrity Check) protection. (mais…)
The Road to 5G is Paved with Malware
There is no doubt that 5G will revolutionize how we use online services. Mobile high-speed internet access in excess of 5Gbs will facilitate revolutionary technologies to take advantage of the new bandwidth. Feature rich apps for entertainment, productivity, social media, and health & fitness are preparing to offer functionality only...
