NSFOCUS Included in Forrester Network Analysis and Visibility (NAV) Landscape
March 3, 2023
Santa Clara, Calif. March 03, 2023 – NSFOCUS, a global provider of intelligent hybrid security solutions, announced today that it has been included in Forrester’s recently published report, The Network Analysis and Visibility Landscape, Q1 2023. The report provides an overview of the market development, functions, and technologies of NAV products in detail. As one […]
NSFOCUS WAF Syslog Introduction
March 3, 2023
In computing, syslog is a standard for message logging. It allows separation of the software that generates messages, the system that stores them, and the software that reports and analyzes them. Each message is labeled with a facility code, indicating the type of system generating the message, and is assigned a severity level. Computer system […]
ChatGPT Popularity Spurs Poisoning and Phishing Attacks
March 2, 2023
ChatGPT, the popular chat-based artificial intelligence platform, is becoming a target for malicious actors. Poisoning and phishing attacks are on the rise as more people use the platform for personal and business purposes. Poisoning Attack Targeting Open-Sourced ChatGPT Project A threat actor forked a very popular open-source ChatGPT desktop application project and implanted a data-stealing […]
Node.js Authentication Bypass Vulnerability (CVE-2023-23918) Notice
March 1, 2023
Overview Recently, NSFOCUS CERT detected that Node.js officially fixed an authentication vulnerability (CVE-2023-23918). Due to the flaw of improper permission control in Node.js, a remote attacker can use the process.mainModule.require() function to bypass permissions and access unauthorized modules. The official said that this vulnerability only affects users who have enabled the experimental permission option –experimental-policy. […]
Multiple Security Vulnerabilities in Google Chrome
February 28, 2023
Overview Recently, NSFOCUS CERT detected that Google Chrome officially released a security bulletin, which fixed multiple security vulnerabilities. The key vulnerabilities are as follows: Google Chrome use-after-free vulnerability (CVE-2023-0927): Due to a use-after-free flaw in the Web Payments API in Google Chrome, a remote attacker capable of compromising the renderer process could exploit a heap […]
VMware Carbon Black App Control Remote Code Execution Vulnerability (CVE-2023-20858) Notification
February 27, 2023
Overview Recently, NSFOCUS CERT found that VMware has officially fixed an App Control injection vulnerability (CVE-2023-20858). Due to flaws in product verification of user-input content, attackers with App Control management console permissions can access the underlying server operating system by entering specially crafted data, and ultimately achieve arbitrary code execution on the target system. The […]
Joomla Unauthorized Access Vulnerability (CVE-2023-23752) Notice
February 24, 2023
Overview Recently, Joomla officially released a security update notice to fix a Joomla unauthorized access vulnerability (CVE-2023-23752), which was submitted by a researcher of NSFOCUS Tianji Lab. Due to flaws in Joomla’s access control to Web service endpoints, unauthenticated attackers access the RestAPI interface to obtain Joomla-related configuration information by constructing specially crafted requests, which […]
ESXiArgs Ransomware Attack Event Analysis
February 23, 2023
The French Computer Emergency Response Team (CERT-FR) warned that [1] an attacker exploited a two-year-old remote code execution vulnerability in VMware ESXi server to deploy new ESXiArgs ransomware. The security vulnerability number is CVE-2021-21974 [2] and it is caused by a heap overflow vulnerability in the OpenSLP service. Unauthenticated attackers can use this vulnerability to […]
Fortinet Multiple Product Security Vulnerability Alerts
February 22, 2023
Overview Recently, NSFOCUS CERT found that Fortinet officially released a security notice, which fixed multiple Fortinet product vulnerabilities. The key vulnerabilities are as follows: FortiNAC keyUpload remote code execution vulnerability (CVE-2022-39952): Due to a flaw in the keyUpload script of FortNAC, an unauthenticated attacker can execute arbitrary code on the target system by sending a […]
Microsoft’s February security update for multiple high-risk product vulnerabilities
February 20, 2023
Overview On February 15, NSFOCUS CERT monitored that Microsoft had released a security update patch for February, which fixed 75 security issues, involving widely-used products such as Microsoft Exchange Server, Microsoft Word, Windows Graphics Component, Microsoft Publisher, etc., including high-risk vulnerability types such as privilege enhancement and remote code execution. Among the vulnerabilities fixed in […]