#

Petya Ransomware Attack

In the evening of June, 27th, 2017, a malicious ransomware known as Petya spread across the world. According to foreign news media HackerNews, in Ukraine, many banks including the national bank Oschadbank and many other private banks, electric power company KyivEnergo, and national post system UkrPoshta were all attacked by Petya.

Date Published:2017-06-30 Read More >>

Recent Security Event

#

WannaCry Ransomware Worm Attacking Network of Universities and Governments

In the evening of May, 12th, WannaCry Ransomware Worm took place and attacked the network of government, school, hospital, etc, globally. A great many domestic industries have been affected, among which, the education industry was the most severely attacked and therefore many education systems crashed.

  • Source:Sangfor Security Center
  • Date Published:2017-05-14
#

Arbitrary File Upload Vulnerability In PHPCMS v9.6.0

A severe arbitrary file upload vulnerability has been discovered in PHPCMS v9.6.0. Attackers can abuse this upload feature to upload Webshell so as to get control of the servers of the websites that have been affected.

  • Source:Sangfor Security Center
  • Date Published:2017-04-13
#

[Vulnerability Alert] Remote Code Execution Vulnerability in Struts 2(S2-045)

On March, 7th, 2017, Apache released a security bulletin(S2-045) addressing a security vulnerability(CVE-2017-5638) in Struts 2. In that bulletin, it states that remote code execution will be triggered to perform operations (e.g., adding user accounts, viewing, modifying or deleting files, etc) when performing file upload based on Jakarta Multipart parser.

  • Source:Sangfor Security Center
  • Date Published:2017-03-09
#

Content Injection Vulnerability In WordPress REST API

During the Chinese spring festival, a severe content injection vulnerability was discovered in WordPress. This vulnerability allows an unauthorized user to inject malicious content and modify the content of any post or page within a WordPress site.

  • Source:Sangfor Security Center
  • Date Published:2017-02-13
#

'One billion' affected by Yahoo hack

​Yahoo has said more than one billion user accounts may have been affected in a hacking attack dating back to 2013.

  • Source:Sangfor Security Center
  • Date Published:2016-12-29