April 10, 2018
Hillstone Adds Botnet C&C Prevention to StoneOS
Today, botnet requires more than just static signature based security protection. The modern botnet is essentially a collection of proxies and hosts that are the battleground for attackers and their malicious objectives. The compromised systems are called “bots” and tied to a command and control (C&C) server. The C&C server is used by attackers to…April 9, 2018
Vulnerability Notification: Microsoft Windows Shell Zip File Remote Code Execution
[Overview] Microsoft Windows supports the use of ZIP documents as “compressed folders,” allowing users to browse the contents of ZIP documents through folders. Recently, Microsoft fixed a remote code execution vulnerability in the Windows Shell component. [Vulnerability Details] CVE-2018-0883: An attacker would craft a ZIP file containing a “setup” or “install” file and malware with…March 26, 2018
Vulnerability Notification: Cisco Adaptive Security Appliance Webvpn XML Parser Double Free
[Overview] Cisco Adaptive Security Appliance (ASA) software is the core operating system of the Cisco ASA Series. It provides enterprise-class firewall functionality for physical or virtual ASA devices in distributed network environments. The XML parser vulnerability of VPN feature in this software allows unauthenticated remote attackers to reload system or remotely execute code. [Vulnerability Details]…March 20, 2018
Announcing Enhancements to Hillstone Networks CloudView
Today we are announcing the release of Hillstone Networks CloudView, version 2.2. With this new upgrade, CloudView further enhances the security posture of the network and ensures overall business continuity for customers. Customers no longer need to go the traditional route of onsite inspection for security devices, making the solution even more efficient, timely, as…March 7, 2018