Hackers are using vulnerabilities in the outdated version of Popup Builder plug-in to invade WordPress websites, infecting more than 3300 websites and injecting malicious code.

The vulnerability exploited in the attack was traced as CVE-2023-6000, which is a cross site scripting (XSS) vulnerability that affects Popup Builder 4.2.3 and earlier, and was initially disclosed in November 2023.

On January 10, Microsoft released its monthly security announcement in January 2024, fixing 53 security vulnerabilities in multiple products. Fixed vulnerabilities in Windows 11, Windows 10, Windows Server 2022, Windows Server 2008, SharePoint Server 2019, Office 2019 and other products. Using the above vulnerabilities, attackers can cheat, bypass security function restrictions, obtain sensitive information, elevate permissions, execute remote code, or launch denial of service attacks. CNVD reminds Microsoft users to download the patch update as soon as possible to avoid causing network security issues related to vulnerabilities

Atlassian Influence is a professional enterprise knowledge management and collaboration software produced by Atlassian, which can be used to build enterprise libraries, etc. On August 26, 2021, the official announcement of Atlas disclosed the remote code execution vulnerability of CVE-2021-26084 Atlas Influence. After authentication or without authentication in some scenarios, attackers can construct malicious requests, cause OGNL expression injection, and execute arbitrary code to control the server. Wuhan Cloud Summit Emergency Response Center reminds the Atlas Influence users to take security measures to prevent vulnerability attacks as soon as possible.

Redis is a memory based high-speed key value pair database widely used in the world. On July 21, 2021, Redis officially announced that CVE-2021-32761 32-bit Redis remote code execution vulnerability was disclosed. In 32-bit Redis, an attacker can use the * BIT * command and the proto max bulk len configuration parameter in the case of unauthorized access to Redis, which may cause a shaping overflow and eventually lead to remote code execution. At present, there is no relevant script outflow, and the vulnerability only affects 32-bit Redis. Wuhan Cloud Summit Emergency Response Center reminds Redis users to take security measures to prevent vulnerability attacks as soon as possible.

On August 23, 2021, Wuhan Cloud Summit Emergency Response Center monitored that XStream officially issued a security announcement, disclosing multiple remote code execution vulnerabilities for deserialization (CVE-2021-39139, etc.). Vulnerability description XStream is a commonly used tool for mutual transformation between Java objects and XML. On August 23, 2021, XStream officially released a security update that fixes multiple XStream deserialization vulnerabilities. By constructing a malicious XML document, an attacker can bypass the blacklist of XStream and trigger deserialization, resulting in a deserialization code execution vulnerability (CVE-2021-39139, etc.). Actual vulnerability exploitation depends on specific code implementation to

YApi is a visual interface management platform that can be deployed locally, connects the front and rear ends and QA. On July 7, 2021, Alibaba Cloud Emergency Response Center monitored the disclosure of YApi management platform arbitrary command execution vulnerability on the Internet. If Yapi opens the registration function to the outside world, an attacker can execute arbitrary code and take over the server by constructing a special request after registering and logging in. Alibaba Cloud Emergency Response Center reminds YApi users to take security measures as soon as possible to prevent vulnerability attacks.

Cloud computing technology has brought many benefits for modern enterprise organizations, such as scalability, flexibility, reduction of physical infrastructure, reduction of operating costs, and all-weather data access. However, research data also shows that only 4% of enterprise organizations can provide adequate security protection for cloud assets. In 2023, more than 80% of data leakage events will involve data stored in the cloud. In order to improve the protection level of cloud security, enterprises need to focus on strengthening the security measures for cloud applications and data in 2024. This article has collected and sorted out 10 key points in cloud security construction, which can better protect the organization's cloud assets and ensure the security and availability of data.

With the rapid development of the Internet, a large number of data are constantly generated, accompanied by how to store, retrieve and manage them safely and effectively. Effective storage, efficient access, convenient sharing and security control of data have become a very important issue in the information age. The significance of data backup is that when network attacks, intrusions, power failures or operational errors occur, the original system can be completely, quickly, simply and reliably restored to ensure the normal operation of the system within a certain range. Here are 10 suggestions from Wuhan Cloud Summit based on years of practical experience.

In many cases, our website is not simply a direct route from the user's browser to your server. Considering the website's access speed, security and other attributes, we may add advanced anti DDoS IP, advanced anti DDoS CDN, or access other security products in the reverse proxy mode.

On June 29, 2020, Wuhan Cloud Summit monitored that Apache Dubbo GitHub officially released Pull requests to fix the circumvention of the CVE-2020-1948 vulnerability patch. Dubbo<=2.7.7 still has a deserialization vulnerability. At present, no new version has been officially released. The vulnerability is of 0day level, which is extremely risky. Vulnerability description Apache Dubbo is a widely used Java RPC distributed service framework. On June 23, 2020, Apache Dubbo disclosed that there was a remote code execution vulnerability in deserialization in Dubbo Provider (CVE-2020-1948)

Wuhan Cloud Summit Security Operation and Maintenance Sharing: Linux server quickly checks whether the system is hacked or intruded

Wuhan Cloud Summit Security Operation and Maintenance Sharing: Windows servers quickly check whether the system is hacked or intruded

A statement issued by the French Prime Minister's Office on Monday confirmed that a series of DDoS attacks that began on Sunday night hit many government departments' websites, and the scale of the attacks was "unprecedented". On Tuesday, the Russian hacker group Anonymous Sudan claimed responsibility for large-scale distributed denial of service (DDoS) attacks on several French government websites. A large number of websites of French government institutions have been affected. "We launched a large-scale cyber attack on the infrastructure of the French Inter Governmental Digital Affairs Bureau (DINUM)," said the anonymous sultan on its official Telegram channel, "The digital endpoint of the French core government has been attacked, with great scope of damage." In addition to DINUM, the "anonymous sultan" confirmed in its post that the attack

Illegal gambling information appears on the website of a science and technology information service limited liability company in Beijing. The company's official website is a static page, and the involved server is a virtual server. Users do not need any permission to access static files. On November 12, 2023, someone entered the company's server to rewrite the file into gambling website information.

In the face of AI new fraud, in addition to widely informing the public of practical identification skills, in the long run, it is also necessary to take a multi pronged approach of personal prevention, defense technology iteration, compaction of platform responsibilities, and improvement of laws and regulations.
Generative artificial intelligence (AIGC) continues to be popular, and the legal, security and ethical challenges that follow are also growing.

After Microsoft suspended product sales in Russia on March 4, the number of online searches for pirated Microsoft software in the region soared by 250%. So far, the search volume of Excel downloads has increased by 650% in June. At the end of June, Microsoft banned Russian users from downloading Windows 10 and 11 from its official website. Microsoft said last month that it was significantly reducing its business in Russia. According to Bloomberg, the move hit Russia hard because many of its manufacturing and engineering systems depend on foreign software. According to the Moscow Times, a Russian media, Russian government agencies are shifting from Microsoft Windows to Linux. Kommers…

Today, network security is increasingly becoming a new battlefield of national interests and competition. However, vulnerabilities have become the biggest threat to network security. Around loopholes, various industries and groups compete for profits. Among them, "white hat" detection of loopholes has formed a special private industry.

Xinhua News Agency, Macao, May 17 (Reporter Liu Chang) - Huang Shaoze, Director of the Security Department of the Macao Special Administrative Region Government, said on the 17th that the Security Department had completed the cyber security bill at the end of last year and submitted it to the Executive Council, which will discuss it later. According to the bill, a network security early warning center will be set up, which will release real-time information to the society when network risks are found. Huang Shaoze, after attending the seminar on "Emergency Response and Aftermath Strategies for Emergencies" on the same day, said that the Judicial Police Department and the Public Security Police Department have not received the relevant report of "blackmail software" so far. He said that since 2015, the SAR government has studied the establishment of a cyber security center to better unify the prevention system of cyber security across Australia. By the end of last year, the relevant cyber security bill had been completed and submitted to the Executive Council, and will be related later