YApi mongo Injection Vulnerability Alert
November 12, 2022
Overview Recently, NSFOCUS CERT detected that an open source API interface management platform YApi mongo injection vulnerability was publicly released on the Internet. Due to the splicing of a certain function in YApi, MongoDB injection can be realized. Unauthenticated remote attackers can exploit this vulnerability to obtain the user token (including necessary parameters such as […]
Spring Security Authentication Bypass Vulnerability (CVE-2022-31692) Notice
November 4, 2022
Overview Recently, NSFOCUS CERT found that the PoC of the Spring Security authentication bypass vulnerability (CVE-2022-31692) was publicly disclosed online. Due to improper authorization flaws, under certain conditions, an unauthenticated remote attacker can use FORWARD or INCLUDE for forwarding, thereby exploiting the vulnerability to bypass the authorization rules and ultimately achieve authentication bypass. At present, […]
OpenSSL Multiple Buffer Overflow Vulnerability Notice
November 2, 2022
Overview On November 2, 2022, NSFOCUS CERT detected that openssl officially released a security notice and fixed multiple buffer overflow vulnerabilities in OpenSSL. OpenSSL is an open source software library package. Applications can use this package to communicate securely, avoid eavesdropping, and confirm the identity of the other end of the connection. It is widely […]
Google Chrome Remote Code Execution Vulnerability (CVE-2022-3723) Alert
October 31, 2022
Overview Recently, NSFOCUS CERT monitored that Google Chrome has officially released a security bulletin and fixed a remote code execution vulnerability in Chrome V8 (JavaScript engine). Due to a type confusion vulnerability in Chrome V8, a remote attacker could exploit the vulnerability to execute arbitrary code on the target system. At present, the official has […]
Apache Dubbo Remote Code Execution Vulnerability (CVE-2022-39198) Notification
October 22, 2022
Overview On October 19, NSFOCUS CERT found that Apache issued a security notice to fix a remote code execution vulnerability (CVE-2022-39198) in Dubbo. Due to a deserialization vulnerability in Dubbo’s hessian-lite, an attacker can exploit this vulnerability to remotely execute arbitrary code on the target system. Relevant users are requested to take measures to protect […]
Linux Kernel Privilege Escalation Vulnerability (CVE-2022-2588) Notification
September 27, 2022
Overview Recently, NSFOCUS CERT detected that a researcher disclosed an EXP that exists in the Linux kernel privilege escalation vulnerability (CVE-2022-2588) on the Internet. Due to improper operation of the route4_filter linked list, there is a use-after-free vulnerability in the route4_change function of the net/schedule/cls_route.c filter. By exploiting this vulnerability, a local attacker with general […]
MyNOG-9 2022
September 21, 2022
MyNOG-9 was held in Kuala Lumpur, Indonesia on September 19, 2022. MyNOG, the Malaysia Network Operators Group, provided a good platform for network operators and experts in other industries who came together to share knowledge, learn about up-to-date technologies, and promote communication and collaboration. Link to the event: https://www.mynog.org/
Microsoft’s September security update for multiple high-risk product vulnerabilities
September 15, 2022
Overview On September 14, NSFOCUS CERT detected that Microsoft released the September security update patch, which fixed 63 security issues, involving widely used products such as Windows TCP/IP, .NET Framework, Windows Print Spooler Components, and Windows LDAP. Including high-risk vulnerability types such as privilege escalation and remote code execution. Among the vulnerabilities fixed by Microsoft’s […]
NSFOCUS Report: DDoS Attacks Skyrocketed by 205% in H1 2022
September 6, 2022
Santa Clara, Calif. September 6, 2022 – NSFOCUS, a global network and cyber security leader, today released NSFOCUS Global DDoS Landscape Report for the first half of 2022. Compared to the first half of 2021, DDoS attacks has a sharp increase of 205% year over year. Terabit attacks are not rare anymore. From April this year, […]
Investigation Report on New APT Organization MurenShark: Torpedoes Fired to Turkish Navy [2]
September 2, 2022
Part 1: Investigation Report on New APT Organization MurenShark: Torpedoes Fired to Turkish Navy [1] Characteristics of Attack Tactics Use compromised sites: MurenShark tends to use compromised sites as the file server and the C&C server in the attack process. As shown in the last chapter, the organization used the Near East University site (Yakın […]