Overview On April 10, local time, Apache Software Foundation officially released a security advisory, announcing the fix of a remote code execution vulnerability (CVE-2019-0232). The Java Runtime Environment (JRE), when running on a Windows system with enableCmdLineArguments enabled, passes command-line parameters to Windows in an incorrect manner. This leads to...
Categoria: Blog
Siemens Multiple Products Vulnerabilities Threat Alert
Overview On April 9, local time, Siemens officially released a security advisory, announcing the fix of vulnerabilities of different risk levels in a spectrum of products such as SIMATIC WinCC Open Architecture (SIMATIC WinCC OA), Spectrum Power, and RUGGEDCOM RXO II. Of all these vulnerabilities, two have a CVSS v3.0...
IP Reputation Report-04192019
Top 10 countries in attack counts: The above diagram shows the top 10 regions with the most malicious IP addresses from the NSFOCUS IP Reputation databases at April 19, 2019. Top 10 countries in attack percentage: The country Suriname (SR) has been in the first place for three weeks....
2018 DDoS Attack Landscape-4
3.2 DDoS Attack Type Analysis 3.2.1 Proportions of Different Attack Types In 2018, the most frequently seen attacks were SYN flood, UDP flood, ACK flood, HTTP flood, and HTTPS flood attacks6, which altogether accounted for 96% of all DDoS attacks. In contrast, reflection attacks contributed to no more than 3%...
Confluence SSRF and Remote Code Execution Vulnerability Handling Guide
1 Vulnerability Overview Recently, Atlassian officially released a security bulletin, announcing a server-side request forgery (SSRF) vulnerability and a remote code execution vulnerability (CVE-2019-3396). The two vulnerabilities respectively reside in WebDAV and Widget Connector and could be exploited by an attacker for remote code execution and server-side request forgery. (mais…)
Apache Axis Remote Code Execution Vulnerability (CVE-2019-0227) Threat Alert
Overview The default service StockQuoteService.jws in Axis contains a hard-coded HTTP URL, which can be used to trigger an HTTP request. An attacker can conduct a man-in-the-middle (MITM) attack by taking control of a domain (www.xmltoday.com) or performing ARP poisoning against the targeted Axis server, and then redirect the HTTP...
