Sangfor Blog

Microsoft Internet Explorer Remote Memory Corruption Vulnerability (MS17-005)

20/03/2017 16:35:22

Microsoft Internet Explorer vulnerability allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site....

Struts 2 Remote Code Execution Vulnerability (S2-045)

08/03/2017 11:32:31

It is possible to perform a RCE attack with a malicious Content-Type value. If the Content-Type value isn't valid an exception is thrown which is then used to display an error message to a user....

Protect Your Data on Sangfor HCI with Arcserve

08/03/2017 10:55:56

Running Arcserve on Sangfor HCI gives you the best of both worlds, a deeply optimized backup and disaster recovery solution to provide comprehensive data protection with custom-fit SLAs....

Content Injection Vulnerability In WordPress REST API

13/02/2017 17:25:21

During the Chinese spring festival, a severe content injection vulnerability was discovered in WordPress. This vulnerability allows an unauthorized user to inject malicious content and modify the content of any post or page within a WordPress site. ...

'One billion' affected by Yahoo hack

29/12/2016 18:30:25

Yahoo has said more than one billion user accounts may have been affected in a hacking attack dating back to 2013....

Nginx Privilege Escalation Vulnerability on Debian-based Linux

22/11/2016 13:25:05

On November 15th, 2016, Dawid Golunski discovered that there is privilege escalation vulnerability (CVE-2016-1247) in Nginx. When Nginx creates log directories with insecure permissions, the vulnerability may be exploited by malicious local attackers to escalate their privileges from Nginx/Web user(www-data) to root. Nginx web server package on Debian-based distributions such as Debian or Ubuntu will be affected....

This Hack Gives Linux Root Shell Just By Pressing 'ENTER' for 70 Seconds

21/11/2016 13:25:45

A hacker with little more than a minute can bypass the authentication procedures on some Linux systems just by holding down the Enter key for around 70 seconds....

Someone is Using Mirai Botnet to Shut Down Internet for an Entire Country

10/11/2016 17:25:03

Someone is trying to take down the whole Internet of a country, and partially succeeded, by launching massive distributed denial-of-service (DDoS) attacks using a botnet of insecure IoT devices infected by the Mirai malware....

SQL Injection Vulnerability in Joomla Component ja-k2-filter-and-search was Discovered

24/10/2016 10:10:12

In the past couple of days, Information Security experts discovered an SQL injection vulnerability in Joomla component ja-k2-filter-and-search....

NSA contractor charged with stealing secret data

18/10/2016 10:00:59

A federal contractor suspected in the leak of powerful National Security Agency hacking tools has been arrested and charged with stealing classified information from the U.S. government...

Our Social Networks

Global Service Center: