Spring Security Authentication Bypass Vulnerability (CVE-2022-31692) Notice
novembro 4, 2022
Overview Recently, NSFOCUS CERT found that the PoC of the Spring Security authentication bypass vulnerability (CVE-2022-31692) was publicly disclosed online. Due to improper authorization flaws, under certain conditions, an unauthenticated remote attacker can use FORWARD or INCLUDE for forwarding, thereby exploiting the vulnerability to bypass the authorization rules and ultimately achieve authentication bypass. At present, […]
OpenSSL Multiple Buffer Overflow Vulnerability Notice
novembro 2, 2022
Overview On November 2, 2022, NSFOCUS CERT detected that openssl officially released a security notice and fixed multiple buffer overflow vulnerabilities in OpenSSL. OpenSSL is an open source software library package. Applications can use this package to communicate securely, avoid eavesdropping, and confirm the identity of the other end of the connection. It is widely […]
Google Chrome Remote Code Execution Vulnerability (CVE-2022-3723) Alert
outubro 31, 2022
Overview Recently, NSFOCUS CERT monitored that Google Chrome has officially released a security bulletin and fixed a remote code execution vulnerability in Chrome V8 (JavaScript engine). Due to a type confusion vulnerability in Chrome V8, a remote attacker could exploit the vulnerability to execute arbitrary code on the target system. At present, the official has […]
Apache Dubbo Remote Code Execution Vulnerability (CVE-2022-39198) Notification
outubro 22, 2022
Overview On October 19, NSFOCUS CERT found that Apache issued a security notice to fix a remote code execution vulnerability (CVE-2022-39198) in Dubbo. Due to a deserialization vulnerability in Dubbo’s hessian-lite, an attacker can exploit this vulnerability to remotely execute arbitrary code on the target system. Relevant users are requested to take measures to protect […]
Linux Kernel Privilege Escalation Vulnerability (CVE-2022-2588) Notification
setembro 27, 2022
Overview Recently, NSFOCUS CERT detected that a researcher disclosed an EXP that exists in the Linux kernel privilege escalation vulnerability (CVE-2022-2588) on the Internet. Due to improper operation of the route4_filter linked list, there is a use-after-free vulnerability in the route4_change function of the net/schedule/cls_route.c filter. By exploiting this vulnerability, a local attacker with general […]
MyNOG-9 2022
setembro 21, 2022
MyNOG-9 was held in Kuala Lumpur, Indonesia on September 19, 2022. MyNOG, the Malaysia Network Operators Group, provided a good platform for network operators and experts in other industries who came together to share knowledge, learn about up-to-date technologies, and promote communication and collaboration. Link to the event: https://www.mynog.org/
Microsoft’s September security update for multiple high-risk product vulnerabilities
setembro 15, 2022
Overview On September 14, NSFOCUS CERT detected that Microsoft released the September security update patch, which fixed 63 security issues, involving widely used products such as Windows TCP/IP, .NET Framework, Windows Print Spooler Components, and Windows LDAP. Including high-risk vulnerability types such as privilege escalation and remote code execution. Among the vulnerabilities fixed by Microsoft’s […]
NSFOCUS Report: DDoS Attacks Skyrocketed by 205% in H1 2022
setembro 6, 2022
Santa Clara, Calif. September 6, 2022 – NSFOCUS, a global network and cyber security leader, today released NSFOCUS Global DDoS Landscape Report for the first half of 2022. Compared to the first half of 2021, DDoS attacks has a sharp increase of 205% year over year. Terabit attacks are not rare anymore. From April this year, […]
Investigation Report on New APT Organization MurenShark: Torpedoes Fired to Turkish Navy [2]
setembro 2, 2022
Part 1: Investigation Report on New APT Organization MurenShark: Torpedoes Fired to Turkish Navy [1] Characteristics of Attack Tactics Use compromised sites: MurenShark tends to use compromised sites as the file server and the C&C server in the attack process. As shown in the last chapter, the organization used the Near East University site (Yakın […]
Investigation Report on New APT Organization MurenShark: Torpedoes Fired to Turkish Navy [1]
setembro 2, 2022
Overview In 2022 Q2, NSFOCUS Security Labs detected a series of cyberattacks against Turkey. After analysis, the researchers confirmed that this round of attacks originated from Actor210426, a new threat entity identified by NSFOCUS Security Labs in April 2021. Through the clues of behavior pattern, attack method, attack tool, attack target and so on, NSFOCUS […]
