Microsoft Security Bulletin for December Patches That Fix 39 Security Vulnerabilities

Overview Microsoft released December 2018 security updates on Tuesday which fix 39 vulnerabilities ranging from simple spoofing attacks to remote code execution. Such security updates cover the following products: .NET Framework, Adobe Flash Player,Internet Explorer, Microsoft Dynamics, Microsoft Exchange Server, Microsoft Graphics Component, Microsoft Office, Microsoft Office SharePoint, Microsoft Scripting […]

NSFOCUS’s Presence at Botconf 2018

On December 7, 2018 security experts from NSFOCUS Fu Ying Labs delivered a speech at Botconf 2018, presenting WASM security threat analysis technologies with researchers from security firms, media personnel, and security practitioners from CERTs (Computer Emergency Response Teams) of various countries. Their striking insights were highly accepted and acknowledged […]

Satan Variant Analysis & Handling Guide

1 Background In early November 2018, NSFOCUS discovered that some of its financial customers had been infected with a worm virus FT.exe that could affect both Linux and Windows platforms. Like the ransomware Satan, the virus spreads itself by exploiting multiple application vulnerabilities. However, this virus, after breaking into the […]

NSFOCUS Present at the CS3STHLM Summit as the Only Asia-Pacific Security Vendor

On October 24, 2018, the CS3STHLM industrial cyber security & Stockholm international summit on Cyber Security in SCADA and Industrial Control Systems (“the Stockholm summit”) kicked off in Sweden for the fifth consecutive year,  bringing together cybersecurity experts worldwide. NSFOCUS, as the only participating security vendor from Asia-Pacific, delivered a […]

Cisco ASA Security Product Denial-of-Service Vulnerability (CVE-2018-15454) Threat Alert

Vulnerability Overview Recently, Cisco officially released a security advisory to fix the denial-of-service (DoS) vulnerability (CVE-2018-15454) in Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) software. This vulnerability exists in the Session Initiation Protocol (SIP) inspection engine used by Cisco ASA and FTD. An unauthorized attacker could exploit this […]

Drupal Remote Code Execution Vulnerability Threat Alert

Overview Recently, Drupal released an official security advisory to announce the fixes for multiple security issues, including two critical remote code execution vulnerabilities which affect Drupal 7 and 8. The two critical vulnerabilities are described as follows:

libssh Server-Side Identity Authentication Bypass Vulnerability (CVE-2018-10933)Threat Alert

Overview On October 16, local time, libssh officially released an update to fix the server-side identity authentication bypass vulnerability (CVE-2018-10933) existing in libssh 0.6 and later versions. By presenting the server an SSH2_MSG_USERAUTH_SUCCESS message in place of the SSH2_MSG_USERAUTH_REQUEST message which the server would expect to initiate authentication, the attacker […]

WebLogic Remote Code Execution Vulnerability(CVE-2018-3191)Threat Alert

Overview On October 17, Beijing time, Oracle officially released a Critical Patch Update (CPU), which contains a fix for the critical WebLogic remote code execution vulnerability (CVE-2018-3191). This vulnerability allows unauthenticated attackers with network access via T3 to compromise vulnerable Oracle WebLogic Server. Successful exploitation of it can result in […]