Blog

“Stronger Together” is the theme of the RSA Conference this year. Under the trend that the cyber security industry not only deeply participates in international competition to ensure technological advancement, but also continues to strengthen independent innovation ability, this theme reflects the development vitality and unique confrontation characteristics of this industry and is in line […]

Overview Recently, NSFOCUS CERT found that GitLab officially issued a security notice, fixing an arbitrary file reading vulnerability (CVE-2023-2825) in GitLab Community Edition (CE) and Enterprise Edition (EE). When there are attachments in public projects nested in at least five groups, unauthenticated remote attackers use the upload function to traverse the path, resulting in reading […]

Continued from the previous post: Software Supply Chain Security Solution – Supply Chain Security Supervision (Part 1) II.  Open-source Software Risk Monitoring Driven by the open source community and the continuous development of open source, open source software is widely used in practical engineering projects, and the number is growing rapidly. The number of open […]

NSFOCUS Security Labs is keeping an eye out for the trends in supply chain security and is pleased to share observations and thoughts with our blog readers. You will see the links for more posts we published about software supply chain security at the end of the article. In the next several posts, we are going to […]

A new reflective Distributed-Denial-of-Service (DDoS) amplification vulnerability was recently discovered in the Service Location Protocol (SLP), which allows attackers to achieve a high amplification factor of over 2,200 times. This vulnerability has been identified as CVE-2023-29552, potentially making it one of the largest amplification attacks ever recorded. SLP is a protocol that provides a dynamic […]

Overview Recently, NSFOCUS CERT found that the PoC of Linux Kernel privilege escalation vulnerability (CVE-2023-32233) was publicly disclosed online. There is a use-after-free vulnerability in Linux kernel’s subsystem Netfilter nf_tables, which can be exploited by authenticated local attackers to perform arbitrary read and write operations in kernel memory, ultimately elevating permissions to ROOT. The CVSS […]

Secret Life of Enterprise Botnets The Secret Life of Enterprise Botnets is a speech in a session of RSA Conference 2023 by Dr. Craig Labovitz, Head of Technology for the Deepfield business unit at Nokia. In collaboration with global Internet providers, researchers tracked more than 500,000 compromised enterprise servers, security cameras and IoT (HVAC, PoS, […]

According to Gartner’s supply chain security risk report in 2021[1], breaches of confidential or sensitive information constitute another major factor contributing to software supply chain risks. Hackers steal hard-coded credentials in source code, building logs, and infrastructure, such as API keys, encryption keys, tokens, and passwords, or locate vulnerabilities in a leaked software bill of […]

Overview On May 10, NSFOCUS CERT monitored that Microsoft had released a security update patch for May, which fixed 38 security issues, involving Win32k, Windows OLE, Microsoft SharePoint Server, Windows Pragmatic General Multicast (PGM) and other widely used products, including high-risk vulnerability types such as privilege enhancement and remote code execution. Among the vulnerabilities fixed […]

In the middle of April, NSFOCUS held a seminar on “Are You Ready for the Evolving DDoS Landscape?”. In the seminar, David Gao, Principal Security Solution Architect of NSFOCUS summarized the findings of the Global DDoS Attack Landscape in 2022 and gave his insights on the trends to help customers protect against the evolving DDoS attacks. Some topics […]