Hillstone Adds Botnet C&C Prevention to StoneOS

Today, botnet requires more than just static signature based security protection. The modern botnet is essentially a collection of proxies and hosts that are the battleground for attackers and their malicious objectives. The compromised systems are called “bots” and tied to a command and control (C&C) server. The C&C server is used by attackers to…

Vulnerability Notification: Microsoft Windows Shell Zip File Remote Code Execution

[Overview] Microsoft Windows supports the use of ZIP documents as “compressed folders,” allowing users to browse the contents of ZIP documents through folders. Recently, Microsoft fixed a remote code execution vulnerability in the Windows Shell component. [Vulnerability Details] CVE-2018-0883: An attacker would craft a ZIP file containing a “setup” or “install” file and malware with…