Overview Recently, NSFOCUS CERT monitored that Google Chrome has officially released a security bulletin and fixed a remote code execution vulnerability in Chrome V8 (JavaScript engine). Due to a type confusion vulnerability in Chrome V8, a remote attacker could exploit the vulnerability to execute arbitrary code on the target system....
Author: Jie Ji
Apache Dubbo Remote Code Execution Vulnerability (CVE-2022-39198) Notification
Overview On October 19, NSFOCUS CERT found that Apache issued a security notice to fix a remote code execution vulnerability (CVE-2022-39198) in Dubbo. Due to a deserialization vulnerability in Dubbo's hessian-lite, an attacker can exploit this vulnerability to remotely execute arbitrary code on the target system. Relevant users are requested...
Linux Kernel Privilege Escalation Vulnerability (CVE-2022-2588) Notification
Overview Recently, NSFOCUS CERT detected that a researcher disclosed an EXP that exists in the Linux kernel privilege escalation vulnerability (CVE-2022-2588) on the Internet. Due to improper operation of the route4_filter linked list, there is a use-after-free vulnerability in the route4_change function of the net/schedule/cls_route.c filter. By exploiting this vulnerability,...
MyNOG-9 2022
MyNOG-9 was held in Kuala Lumpur, Indonesia on September 19, 2022. MyNOG, the Malaysia Network Operators Group, provided a good platform for network operators and experts in other industries who came together to share knowledge, learn about up-to-date technologies, and promote communication and collaboration. Link to the event: https://www.mynog.org/
Microsoft’s September security update for multiple high-risk product vulnerabilities
Overview On September 14, NSFOCUS CERT detected that Microsoft released the September security update patch, which fixed 63 security issues, involving widely used products such as Windows TCP/IP, .NET Framework, Windows Print Spooler Components, and Windows LDAP. Including high-risk vulnerability types such as privilege escalation and remote code execution. Among...
NSFOCUS Report: DDoS Attacks Skyrocketed by 205% in H1 2022
Santa Clara, Calif. September 6, 2022 – NSFOCUS, a global network and cyber security leader, today released NSFOCUS Global DDoS Landscape Report for the first half of 2022. Compared to the first half of 2021, DDoS attacks has a sharp increase of 205% year over year. Terabit attacks are not rare...
