NSFOCUS Joins CNCF Cloud Native Landscape

March 21, 2023 | NSFOCUS

Santa Clara, Calif. March 21, 2023 – NSFOCUS, a global provider of intelligent hybrid security solutions, today announced that its Metarget project has been included in CNCF Cloud Native Landscape in the field Security & Compliance of the Provisioning Category. CNCF Introduction The Cloud Native Computing Foundation (CNCF) was founded in 2015 by Google and […]

NSFOCUS Releases 2022 Global DDoS Attack Landscape Report

March 16, 2023 | NSFOCUS

Santa Clara, Calif. March 16, 2023 – NSFOCUS, a global provider of intelligent hybrid security solutions, today released its “2022 Global DDoS Attack Landscape Report” which includes many findings to help organizations and users defend against DDoS attacks.  According to the report, The DDoS attack landscape remains challenging. The increasing number of DDoS attacks in 2022 […]

NSFOCUS DDoS Attack Landscape Report 2022

March 16, 2023 | NSFOCUS

The DDoS attack landscape remains challenging. While organizations continue to explore new defense methods to protect against DDoS attacks proactively, attackers never stop creating sly and novel tactics to take down the target services. Download a copy of the full report to learn more.

Apache Dubbo Deserialization Vulnerability Notice (CVE-2023-23638)

March 14, 2023 | NSFOCUS

Overview Recently, NSFOCUS CERT detected that Apache officially issued a security notice, fixing an Apache Dubbo deserialization vulnerability (CVE-2023-23638). Due to the flaws in Apache Dubbo’s deserialization security check, remote attackers can construct malicious data packets to conduct deserialization attacks, and finally execute arbitrary code on the target system. Affected users are requested to take […]

A New Botnet Family Discovered by NSFOCUS

March 13, 2023 | NSFOCUS

Background Recently NSFOCUS Security Labs detected a batch of suspicious ELF files spreading widely. Further analysis confirmed that these ELF samples belonged to a new botnet family. We named the family “Peachy Botnet” according to the signature information left by the Bot author in the sample. The Peachy Botnet began to spread as early as […]

Indian Government Agencies Targeted in Phishing Attacks by APT Group SideCopy

March 13, 2023 | NSFOCUS

Overview NSFOCUS detected a malicious macro file named “Cyber Advisory 2023.docm ” last month and confirmed that the document was delivered by Pakistan APT group SideCopy to lure the target to open and read while downloading the Trojan horse ReverseRAT to receive CnC instructions to steal data. SideCopy was disclosed by the security company Quick […]

Fortinet FortiOS and FortiProxy Remote Code Execution Vulnerability Notice (CVE-2023-25610)

March 12, 2023 | NSFOCUS

Overview Recently, NSFOCUS CERT found that Fortinet officially issued a security notice to fix a Fortinet FortiOS and FortiProxy remote code execution vulnerability (CVE-2023-25610). Due to the heap buffer underflow flaw in the management interface of FortiOS and FortiProxy, an unauthenticated remote attacker can execute arbitrary code on the target device or perform a DoS […]

Multiple Apache HTTP Server Security Vulnerabilities

March 10, 2023 | NSFOCUS

Overview Recently, NSFOCUS CERT found that Apache has issued an official security notice to fix multiple Apache HTTP Server vulnerabilities. Affected users should take protective measures as soon as possible. Apache HTTP Server Request Smuggling Vulnerability (CVE-2023-25690): When mod_ When proxy is enabled with some form of RewriteRule or ProxyPassMatch, a non-specific pattern will match […]

Bread Crumbs of Threat Actors (Feb 13 – 26, 2023)

March 10, 2023 | NSFOCUS

From 13 to 26 February 2023, NSFOCUS Security Labs found activity clues from 66 APT groups, one malware family (CoinMiner), and 426 threat actors targeting critical infrastructure. APT Groups Among the 66 APT groups discovered, the APT28 affected the most significant number of hosts from 13 to 26 February. Number of hosts affected by APT […]

Microsoft Word Remote Code Execution Vulnerability (CVE-2023-21716)

March 8, 2023 | NSFOCUS

Overview Recently, NSFOCUS CERT found the PoC that disclosed Microsoft Word remote execution code vulnerability (CVE-2023-21716) on the Internet. Because the RTF parser in Microsoft Word will trigger a heap corruption vulnerability when processing a font table (*  fonttbl *) that contains too many fonts (*  f # # # *), an attacker can exploit […]