Jie Ji

Security Risks of 5G Core Network Introduced by New Technology

março 8, 2022

Intro This article cuts into 5G from the key technologies of 5G networks and discusses the security risks facing 5G networks. Today, 5G networks have achieved performance goals, namely high speed, low latency, and large capacity, and have started a new chapter for communications between mobile devices. Further, 5G will also empower vertical industries such […]

Spring Cloud Gateway Remote Code Execution Vulnerability (CVE-2022-22947) Alert

março 7, 2022

Overview Recently, NSFOCUS CERT detected that Spring released a report to fix the Spring Cloud Gateway code injection vulnerability (CVE-2022-22947). Due to a flaw in the Actuator endpoint of Spring Cloud Gateway, when a user enables and exposes an insecure Gateway Actuator endpoint, Applications using Spring Cloud Gateway are vulnerable to code injection attacks. Unauthenticated […]

OBSERVATIONS OF SECURITY EVENTS IN 2021 – Conclusion of Yesterday for a Better Tomorrow

março 2, 2022

Intro 2021 witnessed a complex and changeable network security situation. Large-scale and targeted cyber attacks continue to grow. Critical information infrastructure is still the hardest hit area. Data leakages and industrial supply chain attacks occur frequently. While emerging technologies such as Big Data, Internet of Things, Artificial Intelligence and Mobile Payment boost the transformation and […]

Reflective and Short-burst DDoS Attacks Harnessed to Knock Down the Targets in Ukraine

fevereiro 25, 2022

Background Since 2022, the relationship between Russia and Ukraine has become increasingly tense. The two sides are at loggerheads and have deployed a large number of military personnel and equipment in the border areas of the two countries. However, since entering the 21st century, war is not limited to armed actions, but happens in other […]

Highlights of 2021 Security Emergency Incident Observations

fevereiro 23, 2022

Intro The world of cybersecurity is rapidly changing and technologies continue to evolve and innovate. While emerging technologies on big data, Internet of Things, artificial intelligence, mobile payment, just name a few, are helping digital transformation, new security risks expose constantly. Security incidents handled by NSFOCUS emergency response team in 2021 reaches 438, an increase […]

APT Lorec53 group launched a series of cyber attacks against Ukraine

fevereiro 21, 2022

Overview Recently, NSFOCUS Security Labs captured a large number of phishing files against Ukraine in format of pdf, doc, cpl, lnk and other types. After analysis, we confirmed that the series of phishing activities came from the APT group Lorec53. During the period from the end of 2021 to February 2022, this group used multiple […]

Microsoft’s February security update for multiple high-risk product vulnerabilities

fevereiro 18, 2022

Overview On February 9, NSFOCUS CERT detected that Microsoft released the February security update patch, which fixed 48 security issues involving widely used products such as Windows, Microsoft Office, Microsoft Dynamics, and Azure, including privilege escalation and remote code execution. and other high-risk vulnerability types. Among the vulnerabilities fixed by Microsoft’s monthly update this month, […]

India’s National APT Organization SideWinder Launched Phishing Attacks

fevereiro 17, 2022

Overview Recently, NSFOCUS Labs discovered that the South Asian APT organization SideWinder launched phishing attacks with documents used Pakistan National Day-related content as the bait. The domain name of command and control (C2) server was forged as a Pakistani government website. Since SideWinder ‘s targets include Pakistan and China, it has always been considered an […]

Moving Swiftly from Makeshift Remedies to Routine: A Thought on Security Operations

fevereiro 15, 2022

On December 9, 2021, the Log4j vulnerability was disclosed and had a huge impact. According to monitoring of NSFOCUS Threat Intelligence, hundreds of thousands of assets were affected by the vulnerability. A week after the vulnerability was disclosed, the NTI detected tens of thousands of malicious IP addresses using the Log4j vulnerability to launch various […]

Samba Remote Code Execution Vulnerability (CVE-2021-44142)

fevereiro 14, 2022

Overview Recently, NSFOCUS CERT detected a Samba remote code execution vulnerability (CVE-2021-44142) disclosed online. Because the default configuration of Samba’s vfs_fruit module allows out-of-bounds heap read and write through extended file attributes. When smbd parses EA metadata, a remote attacker (guest account or unauthorized user) with write access to the file’s extended attributes can execute […]

Search

Inscreva-se no Blog da NSFOCUS