JSOC INSIGHT vol.15 English Edition
01 AUG 2017 | JSOC INSIGHT
"JSOC INSIGHT" is an analysis report on the trend of security incidents, such as unauthorized access and malware infection, in Japan, based on daily analysis results by our JSOC security analysts. Since this report analyzes the trends in attacks, based on the data of incidents which JSOC customers actually encountered, the report will help in understanding world trends as well as actual threats that Japanese users are facing.
JSOC INSIGHT vol.15 contains below topics.
- Multiple vulnerabilities found in Joomla! account management
- Vulnerability found in NETGEAR routers that allows for arbitrary command execution
- Vulnerability found in PHPMailer that allows for OS command injection
Contents
- Preface
- Executive Summary
- Trends in Severe Incidents at the JSOC
3.1 Trends in severe incidents
3.2 Analysis of severe incidents
3.3 Attack traffic detected numerous times
3.3.1 OS command injection attacks that aim for worm infection
3.3.2 Attacks from the Internet that were observed many times - Topics of This Volume
4.1 Multiple vulnerabilities found in Joomla! account management
4.1.1 Vulnerability that allows for unauthorized account creation (CVE-2016-8870)
4.1.2 Vulnerability that allows account promotion to a higher level of permission (CVE-2016-8869)
4.1.3 Example of attack traffic observed that exploited the vulnerability
4.1.4 Protection against attacks that exploit the vulnerability
4.2 Vulnerability found in NETGEAR routers that allows for arbitrary command execution
4.2.1 Vulnerability overview
4.2.2 Testing attack traffic that exploits the vulnerability
4.2.3 Protection against attacks that exploit the vulnerability
4.3 Vulnerability found in PHPMailer that allows for OS command injection
4.3.1 Vulnerability overview
4.3.2 Testing attack traffic that exploits the vulnerability
4.3.3 Protection against attacks that exploit the vulnerability
Conclusion
Click here to download PDF file.