Vulnerability Notification: Adobe ColdFusion Deserialization

[Overview] Adobe ColdFusion is a dynamic web server, a rapid application development platform offered by Adobe Systems that contains advanced features for enterprise integration and internet application development. [Vulnerability Details] CVE-2017-11284: This vulnerability is caused by no input validation before the object in the RMI registry is deserialized. An unidentified attacker could exploit this vulnerability…

Vulnerability Notification: Oracle WebLogic Server XmlAdapter Deserialization

[Overview] Oracle WebLogic Server is an enterprise multi-tiered Java application service, commonly used as a large enterprise web application platform. [Vulnerability Details] This vulnerability is exploited due to insufficient validation of serialized XML data by WorkContextXmlInputAdapter. An unauthenticated attacker could exploit this vulnerability by sending carefully crafted HTTP XML requests. Exploiting this vulnerability could result…

Statement on Vulnerability: Hillstone Networks does not use Intel Processors in its NGFW

At beginning of 2018, a CPU vulnerability news shocking the whole security industry. According to the Register, a fundamental design flaw in Intel’s processor chips has forced a significant redesign of the Linux and Windows kernels to defang the chip-level security bug. The bug is present in modern Intel processors produced in the past decade….

Hillstone Responds to Bad Rabbit Ransomware

Overview of Bad Rabbit Ransomware As of October 24, a new ransomware “Bad Rabbit” is raging in Russia, Ukraine, Germany, and other countries. Unlike WannaCry, “Bad Rabbit” does not use EternalBlue, but launches watering hole attack to well-known websites and disguises as the Adobe Flash update program. When victims browse legitimate websites, forged Flash update…

Protections of NEW Variant of Petya Ransomware Using Hillstone Network’s Layered Security Solution

On Jun. 27th, 2017, The Petya ransomware is receiving worldwide attention by attacking the governments, banks, electrical systems, communication systems, enterprises, and airports in several countries. The attacking virus is the Petya ransomware variant, which spreads through combinations of the email, downloader and the worm. It exploits a vulnerability (CVE-2017-0199) through the RTF attachment in…