Quantcast
Channel: EnglishVersion –绿盟科技博客
Browsing latest articles
Browse All 10 View Live

Image may be NSFW.
Clik here to view.

Apache Struts2 Remote Code Execution Vulnerability (S2-045) Technical...

Apache Struts2 is prone to a remote code execution vulnerability (CNNVD-201703-152) in the Jakarta Multipart parser plug-in. When uploading a file with this plug-in, an attacker could change the value...

View Article


Image may be NSFW.
Clik here to view.

Dahua Cameras Unauthorized Access Vulnerability Technical Analysis and Solution

Recently, Dahua Technology, a well-known security camera and digital video recorder (DVR) vendor in China, released firmware updates to address a serious security issue in certain products. Before the...

View Article

Image may be NSFW.
Clik here to view.

Dridex Banking Malware Sample Technical Analysis and Solution

IBM’s X-Force security team recently discovered an updated version of Dridex, called Dridex v4. Dridex is one of the most popular banking trojans. It was first spotted in 2014 when it was viewed as the...

View Article

Image may be NSFW.
Clik here to view.

Apache Struts 2 Remote Code Execution Vulnerability (S2-046) Technical...

In the wee hours of March 21, Apache Struts 2 released a security bulletin, announcing a remote code execution (RCE) vulnerability in the Jakarta Multipart parser, which has been assigned...

View Article

Image may be NSFW.
Clik here to view.

Microsoft Windows Server 2003 R2 IIS 6.0 Remote Code Execution Technical...

On March 37, Zhiniang Peng and Chen Wu disclosed the Internet Information Services (IIS) 6.0 WebDAV remote code execution vulnerability, which has been assigned CVE-2017-7269 and CNNVD-201703-1151....

View Article


Image may be NSFW.
Clik here to view.

2016 DDoS Threat Trend

In this report, we present a multi-dimensional analysis of DDoS attack data and botnet data and summarize and analyze typical attack events in 2016, revealing threats of DDoS attacks and the overall...

View Article

Image may be NSFW.
Clik here to view.

Analysis Report on the WannaCry Sample

The sample exploits the ETERNALBLUE SMB vulnerability or DOUBLEPULSAR backdoor for propagation and infection of the ransomware. The sample first connects to the domain name...

View Article

Image may be NSFW.
Clik here to view.

Analysis on Exposed IoT Assets in China

With the maturity of sensing, computing, and communication technologies, the Internet of Things (IoT) will be more and more widely used in various industries. Gartner, a market research agency,...

View Article


Image may be NSFW.
Clik here to view.

Petya Variant Sample Technical Analysis

On the evening of June 27, 2017, multiple enterprises were attacked by ransomware, hence service interruption was caused. The first infections were identified in Ukraine. Since then, it has spread to...

View Article


Image may be NSFW.
Clik here to view.

Petya — Technologically Challenging and Imaginative Ransomware

The malware uses the following icons to disguise its EXE files as PDF and RAR executables. The attacker then sends malicious code to the target via email, tricking the victim into executing it. In this...

View Article
Browsing latest articles
Browse All 10 View Live