CVE-2025-24813 is a remote code execution (RCE) vulnerability that affects Apache Tomcat, allowing attackers to upload malicious serialized session files by sending a PUT request, and trigger deserialization through a GET request, thereby executing arbitrary code on the server. This vulnerability has been exploited in the field, and its utilization conditions are relatively simple. Tomcat only needs to use file storage sessions and support some PUT requests.

On August 9, 2024, the National Information Security Vulnerability Sharing Platform (CNVD) included the remote code execution vulnerability of Windows Remote Desktop Licensing Service (CNVD-2024-34918, corresponding to CVE-2024-38077). An unauthenticated attacker can use the vulnerability to remotely execute code and gain server control privileges. At present, part of the technical principle and proof of concept pseudo code of the vulnerability have been disclosed, and the manufacturer has released a security update to complete the repair. CNVD recommends that the security of affected organizations and users be upgraded to the latest version immediately. 1、 Vulnerability analysis: The Windows Remote Desktop License Service (RDL) is Wi

Hackers are using vulnerabilities in the outdated version of Popup Builder plug-in to invade WordPress websites, infecting more than 3300 websites and injecting malicious code.

The vulnerability exploited in the attack was traced as CVE-2023-6000, which is a cross site scripting (XSS) vulnerability that affects Popup Builder 4.2.3 and earlier, and was initially disclosed in November 2023.

On January 10, Microsoft released its monthly security announcement in January 2024, fixing 53 security vulnerabilities in multiple products. Fixed Windows11、Windows 10、Windows Server 2022、Windows Server 2008、SharePoint Server 2019 And Office 2019. Using the above vulnerabilities, attackers can cheat, bypass security function restrictions, obtain sensitive information, elevate permissions, execute remote code, or launch denial of service attacks. CNVD reminds Microsoft users to download the patch update as soon as possible to avoid causing network security issues related to vulnerabilities

Atlassian Influence is a professional enterprise knowledge management and collaboration software produced by Atlassian, which can be used to build enterprise libraries, etc. On August 26, 2021, the official announcement of Atlas disclosed the remote code execution vulnerability of CVE-2021-26084 Atlas Influence. After authentication or without authentication in some scenarios, attackers can construct malicious requests, cause OGNL expression injection, and execute arbitrary code to control the server. Wuhan Cloud Summit Emergency Response Center reminds the Atlas Influence users to take security measures to prevent vulnerability attacks as soon as possible.

Redis is a memory based high-speed key value pair database widely used in the world. On July 21, 2021, Redis officially announced that CVE-2021-32761 32-bit Redis remote code execution vulnerability was disclosed. In 32-bit Redis, an attacker can use the * BIT * command and the proto max bulk len configuration parameter in the case of unauthorized access to Redis, which may cause a shaping overflow and eventually lead to remote code execution. At present, there is no relevant script outflow, and the vulnerability only affects 32-bit Redis. Wuhan Cloud Summit Emergency Response Center reminds Redis users to take security measures to prevent vulnerability attacks as soon as possible.

SQL injection is a common security vulnerability. An attacker manipulates the database to perform unauthorized operations by injecting malicious SQL code. The following are the troubleshooting and prevention methods for SQL injection

Cloud computing technology has brought many benefits for modern enterprise organizations, such as scalability, flexibility, reduction of physical infrastructure, reduction of operating costs, and all-weather data access. However, research data also shows that only 4% of enterprise organizations can provide adequate security protection for cloud assets. In 2023, more than 80% of data leakage events will involve data stored in the cloud. In order to improve the protection level of cloud security, enterprises need to focus on strengthening the security measures for cloud applications and data in 2024. This article has collected and sorted out 10 key points in cloud security construction, which can better protect the organization's cloud assets and ensure the security and availability of data.

With the rapid development of the Internet, a large number of data are constantly generated, accompanied by how to store, retrieve and manage them safely and effectively. Effective storage, efficient access, convenient sharing and security control of data have become a very important issue in the information age. The significance of data backup is that when network attacks, intrusions, power failures or operational errors occur, the original system can be completely, quickly, simply and reliably restored to ensure the normal operation of the system within a certain range. Here are 10 suggestions from Wuhan Cloud Summit based on years of practical experience.

In many cases, our website is not simply a direct route from the user's browser to your server. Considering the website's access speed, security and other attributes, we may add advanced anti DDoS IP, advanced anti DDoS CDN, or access other security products in the reverse proxy mode.

On June 29, 2020, Wuhan Cloud Summit monitored that Apache Dubbo GitHub officially released Pull requests to fix the circumvention of the CVE-2020-1948 vulnerability patch. Dubbo<=2.7.7 still has a deserialization vulnerability. At present, no new version has been officially released. The vulnerability is of 0day level, which is extremely risky. Vulnerability description Apache Dubbo is a widely used Java RPC distributed service framework. On June 23, 2020, Apache Dubbo disclosed that there was a remote code execution vulnerability in deserialization in Dubbo Provider (CVE-2020-1948)

Wuhan Cloud Summit Security Operation and Maintenance Sharing: Linux server quickly checks whether the system is hacked or intruded

Massachusetts emergency department officials said on the 19th that the state emergency service telephone "911" was paralyzed on the 18th because the system firewall software blocked people's incoming help calls.

A statement issued by the French Prime Minister's Office on Monday confirmed that a series of DDoS attacks that began on Sunday night hit many government departments' websites, and the scale of the attacks was "unprecedented". On Tuesday, the Russian hacker group Anonymous Sudan claimed responsibility for large-scale distributed denial of service (DDoS) attacks on several French government websites. A large number of websites of French government institutions have been affected. "We launched a large-scale cyber attack on the infrastructure of the French Inter Governmental Digital Affairs Bureau (DINUM)," said the anonymous sultan on its official Telegram channel, "The digital endpoint of the French core government has been attacked, with great scope of damage." In addition to DINUM, the "anonymous sultan" confirmed in its post that the attack

Illegal gambling information appears on the website of a science and technology information service limited liability company in Beijing. The company's official website is a static page, and the involved server is a virtual server. Users do not need any permission to access static files. On November 12, 2023, someone entered the company's server to rewrite the file into gambling website information.

In the face of AI new fraud, in addition to widely informing the public of practical identification skills, in the long run, it is also necessary to take a multi pronged approach of personal prevention, defense technology iteration, compaction of platform responsibilities, and improvement of laws and regulations.
Generative artificial intelligence (AIGC) continues to be popular, and the legal, security and ethical challenges that follow are also growing.

After Microsoft suspended product sales in Russia on March 4, the number of online searches for pirated Microsoft software in the region soared by 250%. So far, the search volume of Excel downloads has increased by 650% in June. At the end of June, Microsoft banned Russian users from downloading Windows 10 and 11 from its official website. Microsoft said last month that it was significantly reducing its business in Russia. According to Bloomberg, the move hit Russia hard because many of its manufacturing and engineering systems depend on foreign software. According to the Moscow Times, a Russian media, Russian government agencies are shifting from Microsoft Windows to Linux. Kommers…

Today, network security is increasingly becoming a new battlefield of national interests and competition. However, vulnerabilities have become the biggest threat to network security. Around loopholes, various industries and groups compete for profits. Among them, "white hat" detection of loopholes has formed a special private industry.