×

Alibaba Cloud Security

189 Reputation

Follow
Activities(10) Posts(10) Series(0) Areas of Expertise Following Followers

Alibaba Cloud Security Posted blog

New Miner Hijacker RDPMiner Adds Malicious Accounts to Victimized Hosts

Alibaba Cloud has detected a new type of cryptocurrency mining hijacker, RDPMiner, which spreads by launching brute-force attacks on the RDP service of Windows server port 3389.

Alibaba Cloud Security Posted blog

Threat Alert: Multiple Cryptocurrency Miner Botnets Start to Exploit the New ThinkPHP Vulnerability

Alibaba Cloud security team has detected new attacks based on the ThinkPHP vulnerability, in which botnets BuleHero and Sefa exploited hosts for various cybercrime purposes.

Alibaba Cloud Security Posted blog

Alibaba Cloud Web Application Firewall Endorsed by Top Research Agencies

Alibaba Cloud establishes its presence in the global security market as its WAF product gains recognition by top research agencies, including Gartner and Frost & Sullivan.

Alibaba Cloud Security Posted blog

Alibaba Cloud Offers a Security Emergency Response Plan for Global Bank Websites Targeted by Hackers

Alibaba Cloud has detected DDoS and HTTP Flood attacks against global central bank websites and has suggested an appropriate response plan to cope with similar attacks.

Alibaba Cloud Security Posted blog

Alibaba Cloud Discovers the Latest ThinkPHP v5 Vulnerability

The latest ThinkPHP v5 vulnerability has been discovered by Alibaba Cloud and can be blocked using an alert in Alibaba Cloud Threat Detection Service.

Alibaba Cloud Security Posted blog

New Vulnerability Found in the Decade-Old phpCMS 2008 Can Lead to Fresh WebShell Attacks

This article describes Alibaba Cloud Security's discovery of the web shell vulnerability in phpCMS 2008 content management system, still in use to manage many websites today.

Alibaba Cloud Security Posted blog

The Qakbot Family Extends: Introducing a New QBot Variant

In this article, we will look at a new QBot family variant discovered by Alibaba Cloud Security team, known as 'QBotVariant'.

Alibaba Cloud Security Posted blog

DockerKiller Threat Analysis: First Instance of Batch Attack and Exploitation of Docker Services

The Alibaba Cloud Security team has discovered a novel attack, dubbed DockerKiller, on Docker services exposed to the web.

Alibaba Cloud Security Posted blog

Is Your PostgreSQL Server Secretly Mining Digital Coins?

Alibaba Cloud security team detected the first batch mining attack exploiting the PROGRAM feature of PostgreSQL, an open source database popular in cloud deployments.

Alibaba Cloud Security Posted blog

Alibaba Cloud Security Team Discovers Apache Spark Rest API Remote Code Execution (RCE) Exploit

This article describes the discovery of the first "in-the-wild" Spark Rest API Remote Code Execution (RCE) vulnerability made by Fengwei Zhang and the team at Alibaba Cloud Security on July 7, 2018.

Latest Comments
No series yet.