With the advancement of IT-based transformation and the rapid development of IT, various network technologies have seen more extensive and profound applications, along with which come a multitude of cyber security issues. Come to find out what information security issues you should beware of in the workplace.
Overview Recently, Apache Dubbo was reported to contain a remote code execution vulnerability (CVE-2020-1948) resulting from deserialization. Apache Dubbo is a high-performance Java RPC framework. The vulnerability exists in hessian, a default deserialization tool used by Apache Dubbo. An attacker may trigger it by sending malicious RPC requests which usually contain unidentifiable service or method […]
With the robust development of the Internet, more and more companies have put their services online. While the Internet conveniences people’s lives, how to secure it becomes an increasingly severe challenge. Distributed denial-of-service (DDoS) is one of the most common types of cyberattacks. It paralyzes the target network, disrupts services, and causes direct financial damages […]
With the advancement of IT-based transformation and the rapid development of IT, various network technologies have seen more extensive and profound applications, along with which come a multitude of cyber security issues. Come to find out what information security issues you should beware of in the workplace.
The world’s leading research and advisory company, Gartner, has named NSFOCUS as a Representative Vendor in its May 2020 Market Guide for Security Threat Intelligence Products and Services. This guide provides in-depth analysis of the threat intelligence (TI) market, focusing on introducing its technical value and commercial potential of threat intelligence, and selecting credible vendors […]
In 2019, An Trinh discovered two vulnerabilities, CVE-2019-9670 (XXE/SSRF) and CVE-2019-6980 (deserialization vulnerability), in Zimbra. As usual, An Trinh did not disclose any details. Luckily, Hans Martin Munch is more generous than An Trinh and has shared many interesting ideas. For example, he once advised using YouDebug to fix the CVE-2017-3241 vulnerability. ysoserial.payloads.JRMPClient is designed […]
NSFOCUS cloud scrubbing center witnessed a torrent of DDoS attack traffic, with peak volume up to 634.8 Gbps. At 5 p.m. of May 20th, 2020, NSFOCUS SOC team detected an enormous DDoS attack – three IPs of a Hong Kong customer were hit by DDoS attacks and inbound traffic kept increasing sharply. As DDoS attack […]
With the outbreak of the COVID-19 pandemic around the world, trending hashtags related to the epidemic are flooding social media, attracting attention of a number of international hacker organizations, which jump at the chance to conduct social engineering based on decoy messages. Recently, NSFCOUS found that NetWire controllers began to drop the trojan with the […]
GoAhead is an open-source web architecture that is widely used in embedded systems thanks to its high performance and high availability. Traditional servers built on the GoAhead architecture usually see a large number of dynamic pages written in the Active Server Pages (ASP) scripting language and functions written in C/C++ that are registered to the […]
With the advancement of IT-based transformation and the rapid development of IT, various network technologies have seen more extensive and profound applications, along with which come a multitude of cyber security issues. Come to find out what information security issues you should beware of in the workplace.
