Blog

Multiple Apache HTTP Server Security Vulnerabilities

March 10, 2023 | NSFOCUS

Overview Recently, NSFOCUS CERT found that Apache has issued an official security notice to fix multiple Apache HTTP Server vulnerabilities. Affected users should take protective measures as soon as possible. Apache HTTP Server Request Smuggling Vulnerability (CVE-2023-25690): When mod_ When proxy is enabled with some form of RewriteRule or ProxyPassMatch, a non-specific pattern will match […]

Bread Crumbs of Threat Actors (Feb 13 – 26, 2023)

March 10, 2023 | NSFOCUS

From 13 to 26 February 2023, NSFOCUS Security Labs found activity clues from 66 APT groups, one malware family (CoinMiner), and 426 threat actors targeting critical infrastructure. APT Groups Among the 66 APT groups discovered, the APT28 affected the most significant number of hosts from 13 to 26 February. Number of hosts affected by APT […]

Microsoft Word Remote Code Execution Vulnerability (CVE-2023-21716)

March 8, 2023 | NSFOCUS

Overview Recently, NSFOCUS CERT found the PoC that disclosed Microsoft Word remote execution code vulnerability (CVE-2023-21716) on the Internet. Because the RTF parser in Microsoft Word will trigger a heap corruption vulnerability when processing a font table (*  fonttbl *) that contains too many fonts (*  f # # # *), an attacker can exploit […]

Key Technologies for Software Supply Chain Security – Detection Techniques (Part 1) – Software Composition Analysis

March 6, 2023 | NSFOCUS

Software supply chain security detection techniques must cover the software delivery life cycle, including software design, building, testing, and operation. There are mainly five types of security detection techniques, namely software composition analysis (SCA), static application security testing (SAST), dynamic application security testing (DAST), interactive application security testing (IAST), and FUZZ testing. Each of these […]

GitLab Cross-Site Scripting (XSS) Vulnerability (CVE-2023-0050)

March 5, 2023 | NSFOCUS

Overview Recently, NSFOCUS CERT found that GitLab has issued an official security notice to fix a cross-site scripting vulnerability in GitLab Community Edition (CE) and Enterprise Edition (EE) (CVE-2023-0050). A remote attacker with low privileges can cause the client to store XSS through a specially crafted Kroki diagram, and finally perform arbitrary operations on the […]

NSFOCUS Included in Forrester Network Analysis and Visibility (NAV) Landscape

March 3, 2023 | NSFOCUS

Santa Clara, Calif. March 03, 2023 – NSFOCUS, a global provider of intelligent hybrid security solutions, announced today that it has been included in Forrester’s recently published report, The Network Analysis and Visibility Landscape, Q1 2023. The report provides an overview of the market development, functions, and technologies of NAV products in detail. As one […]

ChatGPT Popularity Spurs Poisoning and Phishing Attacks

March 2, 2023 | NSFOCUS

ChatGPT, the popular chat-based artificial intelligence platform, is becoming a target for malicious actors. Poisoning and phishing attacks are on the rise as more people use the platform for personal and business purposes. Poisoning Attack Targeting Open-Sourced ChatGPT Project A threat actor forked a very popular open-source ChatGPT desktop application project and implanted a data-stealing […]

Node.js Authentication Bypass Vulnerability (CVE-2023-23918) Notice

March 1, 2023 | NSFOCUS

Overview Recently, NSFOCUS CERT detected that Node.js officially fixed an authentication vulnerability (CVE-2023-23918). Due to the flaw of improper permission control in Node.js, a remote attacker can use the process.mainModule.require() function to bypass permissions and access unauthorized modules. The official said that this vulnerability only affects users who have enabled the experimental permission option –experimental-policy. […]

Multiple Security Vulnerabilities in Google Chrome

February 28, 2023 | NSFOCUS

Overview Recently, NSFOCUS CERT detected that Google Chrome officially released a security bulletin, which fixed multiple security vulnerabilities. The key vulnerabilities are as follows: Google Chrome use-after-free vulnerability (CVE-2023-0927): Due to a use-after-free flaw in the Web Payments API in Google Chrome, a remote attacker capable of compromising the renderer process could exploit a heap […]

VMware Carbon Black App Control Remote Code Execution Vulnerability (CVE-2023-20858) Notification

February 27, 2023 | NSFOCUS

Overview Recently, NSFOCUS CERT found that VMware has officially fixed an App Control injection vulnerability (CVE-2023-20858). Due to flaws in product verification of user-input content, attackers with App Control management console permissions can access the underlying server operating system by entering specially crafted data, and ultimately achieve arbitrary code execution on the target system. The […]