Alibaba Cloud Offers a Security Emergency Response Plan for Global Bank Websites Targeted by Hackers

response plan to cope with similar attacks.By Shuang Le, Recently, Alibaba Cloud CloudMonitor has detected attacks against global the stability and reliability of the origin site. Based on the powerful big data capability of Alibaba Cloud, WAF defends ...
From: Community > blog Author: Alibaba Cloud Security Page View:166 Reply:0

Alibaba Cloud Security Team Discovers Apache Spark Rest API Remote Code Execution (RCE) Exploit

factor when deciding which cloud to deploy your big data infrastructure to. Finally, I would encourage to consider serverless model for big data processing, where infrastructure and its security is managed by your cloud provider. > Yuriy Yuzifovich, > ...
From: Community > blog Author: Alibaba Cloud Security Page View:1744 Reply:0

Deep Dive into Cloud Firewall: Addressing Aggressive Mining Worms

databases, Cloud Firewall Basic Protection takes the advantage of Alibaba Cloud big data to create precise defense rules from the Control for Compromised Servers If a server is compromised by cryptocurrency mining worms, Cloud Firewall can further control the ...
From: Community > blog Author: Alibaba Cloud Security Page View:24 Reply:0

Next-Gen Enterprise Security Based on Cloud-Native Technology

code and data of business systems and applications on the cloud cannot be tampered with, ensuring the systems and applications are. Data security is the core competency of cloud platforms. The protection of customer privacy has always been the top priority ...
From: Community > blog Author: Alibaba Cloud Security Page View:154 Reply:0

Is Your PostgreSQL Server Secretly Mining Digital Coins?

Alibaba Cloud security team detected the first batch mining attack exploiting the PROGRAM feature of PostgreSQL, an open source database popular in cloud deployments. By Fengwei Zhang > With the increasing popularity of digital currencies and their ...
From: Community > blog Author: Alibaba Cloud Security Page View:44 Reply:0

Alibaba Cloud Security: 2018 Cryptocurrency Mining Hijacker Report

Alibaba Cloud's data from 2018.[Join us at the Alibaba Cloud ACtivate Online Conference](https://www.alibabacloud.com individuals and enterprises based on Alibaba Cloud's data from 2018. ## Key Takeaways Popular 0-day and N-day vulnerabilities have ...
From: Community > blog Author: Alibaba Cloud Security Page View:92 Reply:0

Alibaba Cloud Web Application Firewall Endorsed by Top Research Agencies

data security analytics to deliver SaaS-based WAF service, Alibaba Cloud successfully expanded its business presence into the. ## About Alibaba Cloud WAF Alibaba Cloud WAF has 14 data centers in 6 regions including Australia, India, Indonesia, China, Malaysia ...
From: Community > blog Author: Alibaba Cloud Security Page View:31 Reply:0

Alibaba Cloud Discovers the Latest ThinkPHP v5 Vulnerability

The latest ThinkPHP v5 vulnerability has been discovered by Alibaba Cloud and can be blocked using an alert in Alibaba Cloud, get help from Alibaba Cloud's Threat Detection Service). > Yohai Einav > Principal Security Researcher, SIL ...
From: Community > blog Author: Alibaba Cloud Security Page View:42 Reply:0

The Qakbot Family Extends: Introducing a New QBot Variant

consequences such as data leakage and data loss. Alibaba Cloud Security reminds all Internet users to pay attention to theIn this article, we will look at a new QBot family variant discovered by Alibaba Cloud Security team, known as 'QBotVariant ...
From: Community > blog Author: Alibaba Cloud Security Page View:44 Reply:0

Alibaba Cloud Offers FIPS Validated HSM for Crypto Key Security

Alibaba Cloud has announced the beta release of Managed HSM, a cloud-managed hardware security module to protect your most sensitive workloads and assets.## Overview On July 31, 2019, Alibaba Cloud announced the ...
From: Community > blog Author: Alibaba Cloud Security Page View:145 Reply:0

New Miner Hijacker RDPMiner Adds Malicious Accounts to Victimized Hosts

Alibaba Cloud has detected a new type of cryptocurrency mining hijacker, RDPMiner, which spreads by launching brute-force attacks on the RDP service of Windows server port 3389.By Fan Wu, Security Engineer, and Nianjing Wu, Senior Security Engineer > ...
From: Community > blog Author: Alibaba Cloud Security Page View:33 Reply:0

ImposterMiner Trojan Takes Advantage of Newly Published Jenkins RCE Vulnerability

Alibaba Cloud Security team has recently detected a crypto-mining attack which uses the newly published Jenkins RCE, Alibaba Cloud Security Innovation Labs ## Overview Alibaba Cloud Security team has recently detected a crypto-mining attack ...
From: Community > blog Author: Alibaba Cloud Security Page View:32 Reply:0

Xulu: Cryptojacking Leveraging Shodan, Tor, and Malicious Docker Container

Alibaba Cloud has recently detected Xulu, a mining botnet that deploys malicious containers by exploiting Docker's remote dynamically searches Shodan for lists of possible preys. It also placed its controlling server in the Tor network, which is ...
From: Community > blog Author: Alibaba Cloud Security Page View:35 Reply:0

New Vulnerability Found in the Decade-Old phpCMS 2008 Can Lead to Fresh WebShell Attacks

tampering, data leaks, and remote server control. We recommend that vulnerable users upgrade to the latest phpCMS version asThis article describes Alibaba Cloud Security's discovery of the web shell vulnerability in phpCMS 2008 content management ...
From: Community > blog Author: Alibaba Cloud Security Page View:24 Reply:0

Solr Dataimport Vulnerability Becomes a New Attack Method for Mining Organizations

Alibaba Cloud security team has detected a new attack method using the Solr dataimport RCE vulnerability (CVE-2019-0193) that implants mining programs into target hosts.### Summary Recently, Alibaba Cloud security team has detected that the ...
From: Community > blog Author: Alibaba Cloud Security Page View:39 Reply:0

ProtonMiner Gains Momentum via Expanded Attack Surface

-2018-7600 Redis Unauthorized access Spring Data Commons CVE-2018-1273 SQL Server Weak passwordThe post provides a detailed analysis of ProtonMiner, a new cryptocurrency miner hijacker discovered by Alibaba Cloud, and ...
From: Community > blog Author: Alibaba Cloud Security Page View:64 Reply:0

Countrywide Spread of Database-Cracking Watchdogs Mining Worm: Issues and Countermeasures

## Overview On February 20th, 5pm Beijing time, Alibaba Cloud Security team detected a large-scale mining event, the security issues of common databases, including SQL Server, MySQL, and MongoDB are also exploited by multiple mining botnets ...
From: Community > blog Author: Alibaba Cloud Security Page View:41 Reply:0

Return of Watchbog: Exploiting Jenkins CVE-2018-1000861

Jenkins server, exploiting CVE-2018-1000861 : ``` GET /securityRealm/user/admin/descriptorByName execution of the aforesaid shell script, a cryptocurrency miner is installed on victim server by downloading from following URL (decoded ...
From: Community > blog Author: Alibaba Cloud Security Page View:77 Reply:0

ThinkphpDD: An In-Depth Analysis of Blackhat SEO Techniques

The Alibaba Cloud Security Team has recently traced a group of hackers that exploit website vulnerabilities for blackhat SEO improves the website ranking by using hacker technologies such as spider pools, hidden links, website groups, and server ...
From: Community > blog Author: Alibaba Cloud Security Page View:28 Reply:0

A New Trend of DDoS Attacks: Mobile Devices Are Becoming a New Generation of Botnets

user, to ensure device security and data privacy, the Alibaba Cloud security team recommends that you install approved apps from, Alibaba Cloud security team observed a new trend of DDoS attack where common, everyday mobile apps are becoming DDoS attack ...
From: Community > blog Author: Alibaba Cloud Security Page View:71 Reply:0
Total 2 Pages Go to:GO