NSFOCUS 2016 Q3 Report on DDoS Situation and Trends
In Q3, the global distributed denial-of-service (DDoS) attacks increased by 40%.
In Q3, a total of 71,416 DDoS attacks were detected, up 40% from Q2 (50,988).
2016 NSFOCUS Security Report Regarding Network Video Surveillance Systems
With the robust development of the Internet of Things (IoT), more and more security issues are found with IoT devices. These imminent threats, especially those from network video surveillance systems (NVSSs) that account for a large majority of IoT devices, have drawn attention from security professionals from home and abroad. (In this paper, network video monitors (NVMs), web cameras, and digital video recorders (DVRs) are all referred to as NVSSs.)
【威胁通告】Firefox跨域设置cookie漏洞
2016年12月6日,insert-script.blogspot.gr网站发布了一条关于Firefox跨域设置cookie的消息,该漏洞的成因是火狐浏览器允许元标签对浏览器cookie进行设置。
Firefox Remote Code Execution Vulnerability Technical Analysis and Solution
On November 30, 2016, Mozilla Firefox released an emergency update on its official website to fix a vulnerability assigned CVE-2016-9079.
Nginx Local Privilege Escalation Vulnerability Technical Analysis and Solution
On November 15, 2016 (local time), legalhackers.com released an advisory about a privilege escalation vulnerability, assigned CVE-2016-1247, found in the Nginx server. Nginx web server packaging on Debian-based distributions, such as Debian or Ubuntu, was found to allow creating log directories with insecure permissions.
2016年第三季度DDoS态势报告
据绿盟科技全球DDoS态势感知平台监控数据分析显示,Q3发生DDoS攻击次数增加,小流量攻击占比增加,攻击手段呈现复杂化,总体攻击态势依然严峻。
2016 年上半年中国网站安全报告
2016年11月16日,中国电信股份有限公司北京研究院(以下简称“中国电信北研院”)联合绿盟科技等,在北京发布“2016年上半年网站安全报告”,本文对报告内容进行生动解读,大家可以当段子看。报告全文下载见文末。
【漏洞通告】Apache HTTPD拒绝服务漏洞
2016年12月5日(当地时间),seclists.org网站发布了一条关于Apache网页服务器拒绝服务漏洞的消息,漏洞编号为CNNVD-201612-069。该漏洞存在于mod_http2模块中,这是从Apache HTTPD 2.4.17版本开始引入的关于HTTP/2协议的模块。