Overview Recently, NSFOCUS CERT found that Apache Hadoop officially fixed a command injection vulnerability. Since Apache Hadoop’s FileUtil.unTar API does not escape the input filename before passing it to the shell, an attacker could exploit this vulnerability to inject arbitrary commands and thus achieve remote code execution. Affected users are recommended to take steps to […]
Background Recently, the cyber threat actor known as UNC 1151 group was spotted to use the Browser in the Browser (BitB) technique in its campaigns. This technique is used for phishing attacks by displaying a new browser window containing a fake login panel on the visited website. The window is so carefully crafted that it […]
Overview Recently, NSFOCUS CERT detected that VMware officially issued a security notice to fix multiple vulnerabilities in products such as VMware Workspace ONE Access, Identity Manager, and VMware vRealize Automation. Attackers can use these vulnerabilities to cause privilege escalation and remote code execution. At present, the official security update has been released, and relevant users […]
The security knowledge graph, a knowledge graph specific to the security domain, is the key to realizing cognitive intelligence in cyber security, and it also lays an indispensable technological foundation for dealing with advanced, continuous and complex threats and risks in cyberspace. NSFOCUS will publish a series of articles about the application of the security […]
Overview Recently, NSFOCUS CERT has detected that Atlassian has officially released a security bulletin, which has fixed several high-risk vulnerabilities in Atlassian products, and relevant users are requested to take measures to protect them. Arbitrary Servlet Filter Bypass Vulnerability (CVE-2022-26136): Vulnerabilities in multiple Atlassian products allow unauthenticated remote attackers to bypass servlet filters used by […]
Overview On July 20, 2022, NSFOCUS CERT monitored and found that Oracle officially released the CPU (Critical Patch Update) in July. A total of 349 vulnerabilities of varying degrees were fixed this time. This security update involves Oracle WebLogic Server, Oracle MySQL, Oracle Java SE, Oracle Retail Applications and many other common products. Oracle strongly […]
Overview Recently, NSFOCUS CERT detected that Apache officially released a security bulletin and fixed a command injection vulnerability (CVE-2022-33891) in Apache Spark. Since the Apache Spark UI enables acl through the configuration option Spark.acl.enable, by using an authentication filter, it is possible to check if a user has access to view or modify the application. […]
Overview On July 13, NSFOCUS CERT detected that Microsoft released the July security update patch, which fixed 84 security issues, involving widely used products such as Windows, Microsoft Office, Windows Print Spooler Components, Windows Hyper-V, and Azure Site Recovery, and included high-risk vulnerability types such as privilege escalation and remote code execution. Among the vulnerabilities […]
Overview On July 1, 2022, NSFOCUS CERT detected that GitLab officially released a security bulletin and fixed multiple security vulnerabilities in GitLab Community Edition (CE) and Enterprise Edition (EE). Please take measures to protect it as soon as possible. GitLab Remote Code Execution Vulnerability (CVE-2022-2185): A remote code execution vulnerability exists in GitLab Community Edition […]
Overview With the development of key information infrastructure technologies such as cloud computing, 5G, IoT, and the Industrial Internet, cyberspace has linked industrial physical systems, social systems of humans, and network information systems, becoming the cornerstone of the development of the digital economy. Meanwhile, the attack surface in cyberspace is extended and expanded accordingly, and […]
