Multiple Security Vulnerabilities in Linux Kernel

December 27, 2022 | Jie Ji

Overview On December 26, 2022, NSFOCUS CERT detected multiple security vulnerabilities in Linux Kernel released online, relevant users are requested to take protective measures as soon as possible. Linux Kernel Remote Code Execution Vulnerability (CVE-2022-47939): A remote code execution vulnerability exists in Linux Kernel SMB2_TREE_DISCONNECT command processing. Due to the lack of verification of the […]

Bread Crumbs of Threat Actors (Dec 5, 2022 – Dec 18, 2022)

December 26, 2022 | Adeline Zhang

From December 5, 2022 to December 18, 2022, NSFOCUS Security Labs found activity clues of 66 APT groups, 3 malware families (MoonBounce Trojans, Razy Trojans and the CoinMinder), and 509 threat actors targeting critical infrastructure. APT Groups Among the 66 discovered APT groups, the APT28 affected the most significant number of hosts from December 5 […]

NSFOCUS Earns ISO 22301:2019 Business Continuity Management System Certification

December 23, 2022 | Adeline Zhang

Santa Clara, Calif. Dec 23, 2022 – NSFOCUS, a global provider of intelligent hybrid security solutions, announced today that it has attained ISO 22301:2019 Business Continuity Management System (BCMS) certification. ISO 22301 is an international standard for business continuity. It specifies the requirements for a management system to protect against, reduce the likelihood of occurrence, […]

Bread Crumbs of Threat Actors (Nov 21, 2022 – Dec 4, 2022)

December 22, 2022 | Adeline Zhang

From November 21, 2022 to December 4, 2022, NSFOCUS Security Labs found activity clues of 60 APT groups, 2 malware families (Mozi ransomware and Banload Trojan horse), and 510 threat actors targeting critical infrastructure. APT Groups Among the 60 discovered APT groups, the APT group Outlaw affected the most significant number of hosts from November […]

Citrix ADC and Citrix Gateway Remote Code Execution Vulnerability (CVE-2022-27518)

December 15, 2022 | Jie Ji

Overview On December 14, NSFOCUS CERT detected that Citrix officially released a remote code execution vulnerability (CVE-2022-27518) in Citrix ADC and Gateway. Due to deficiencies in the system’s control over the lifecycle of resources, an unauthenticated remote attacker could exploit this vulnerability to execute arbitrary code on a target system when Citrix ADC and Citrix […]

Security Concept for Software Supply Chain (Part 2) — Assessable Capabilities of Software Supply Chain Compositions

December 14, 2022 | Adeline Zhang

To deal with threats from supply chains and ensure the security of their own IT infrastructure, companies shall set a list of software compositions to sort out the supply chain products, identify and manage key software suppliers, control security risks through security assessments at all stages of the life cycle of supply chains, and reduce […]

Fortinet FortiOS sslvpnd Remote Code Execution Vulnerability (CVE-2022-42475)

December 14, 2022 | Jie Ji

Overview Recently, NSFOCUS CERT detected that Fortinet officially fixed a remote code execution vulnerability (CVE-2022-42475) in FortiOS sslvpnd. Due to the flaw in sslvpnd’s validation of user input, an unauthenticated attacker can trigger a buffer overflow by sending a specially crafted packet, which can eventually execute arbitrary code on the target system. The CVSS score […]

Thinkphp Remote Code Execution Vulnerability Alert

December 11, 2022 | Jie Ji

Overview Recently, NSFOCUS CERT has monitored that the exploit details of the Thinkphp remote code execution vulnerability are publicly disclosed on the Internet. Due to the incoming parameter inspection defect in the Thinkphp program, when Thinkphp enables the multilingual function, unauthenticated attackers can pass in parameters through get, header, cookie, etc., to achieve directory traversal […]

Security Researcher from NSFOCUS Security Labs to Speak at Black Hat 2022 Europe

December 7, 2022 | Adeline Zhang

Gao Jian at NSFOCUS Security Labs was invited to speak at the Black Hat 2022 Europe held at ExCel London, United Kindom from December 5 to 8, 2022. Gao Jian specializes in industrial control system security, focusing on PLC and SCADA vulnerability exploitation and ICS security enhancement. He has helped many vendors, including Siemens, Codesys, […]

Google Chrome V8 Type Confusion Vulnerability (CVE-2022-4262) Alert

December 6, 2022 | Jie Ji

Overview On December 5, NSFOCUS CERT found that Google officially released a type confusion vulnerability (CVE-2022-4262) in Google Chrome V8. A type confusion error occurs because a program uses one type of method to allocate or initialize a resource, such as a pointer, object, or variable, but then accesses that resource with another method that […]

Search

Subscribe to the NSFOCUS Blog