Indian Government Agencies Targeted in Phishing Attacks by APT Group SideCopy
março 13, 2023
Overview NSFOCUS detected a malicious macro file named “Cyber Advisory 2023.docm ” last month and confirmed that the document was delivered by Pakistan APT group SideCopy to lure the target to open and read while downloading the Trojan horse ReverseRAT to receive CnC instructions to steal data. SideCopy was disclosed by the security company Quick […]
Fortinet FortiOS and FortiProxy Remote Code Execution Vulnerability Notice (CVE-2023-25610)
março 12, 2023
Overview Recently, NSFOCUS CERT found that Fortinet officially issued a security notice to fix a Fortinet FortiOS and FortiProxy remote code execution vulnerability (CVE-2023-25610). Due to the heap buffer underflow flaw in the management interface of FortiOS and FortiProxy, an unauthenticated remote attacker can execute arbitrary code on the target device or perform a DoS […]
Multiple Apache HTTP Server Security Vulnerabilities
março 10, 2023
Overview Recently, NSFOCUS CERT found that Apache has issued an official security notice to fix multiple Apache HTTP Server vulnerabilities. Affected users should take protective measures as soon as possible. Apache HTTP Server Request Smuggling Vulnerability (CVE-2023-25690): When mod_ When proxy is enabled with some form of RewriteRule or ProxyPassMatch, a non-specific pattern will match […]
Bread Crumbs of Threat Actors (Feb 13 – 26, 2023)
março 10, 2023
From 13 to 26 February 2023, NSFOCUS Security Labs found activity clues from 66 APT groups, one malware family (CoinMiner), and 426 threat actors targeting critical infrastructure. APT Groups Among the 66 APT groups discovered, the APT28 affected the most significant number of hosts from 13 to 26 February. Number of hosts affected by APT […]
The Hong Kong Institute of Bankers – Cybersecurity Solutions Day
março 9, 2023
Smart Cybersecurity Defence for the Future, March 8, 2023, Hong Kong Convention and Exhibition Centre, Hong Kong NSFOCUS participated Cybersecurity Solutions Day hosted by The Hong Kong Institute of Bankers as a Platinum Sponsor. Our Principal Security Solution Architect David Gao attended The Hong Kong Institute of Bankers Cybersecurity Solutions Day as a panel speaker to discuss how to protect […]
Microsoft Word Remote Code Execution Vulnerability (CVE-2023-21716)
março 8, 2023
Overview Recently, NSFOCUS CERT found the PoC that disclosed Microsoft Word remote execution code vulnerability (CVE-2023-21716) on the Internet. Because the RTF parser in Microsoft Word will trigger a heap corruption vulnerability when processing a font table (* fonttbl *) that contains too many fonts (* f # # # *), an attacker can exploit […]
Key Technologies for Software Supply Chain Security – Detection Techniques (Part 1) – Software Composition Analysis
março 6, 2023
Software supply chain security detection techniques must cover the software delivery life cycle, including software design, building, testing, and operation. There are mainly five types of security detection techniques, namely software composition analysis (SCA), static application security testing (SAST), dynamic application security testing (DAST), interactive application security testing (IAST), and FUZZ testing. Each of these […]
GitLab Cross-Site Scripting (XSS) Vulnerability (CVE-2023-0050)
março 5, 2023
Overview Recently, NSFOCUS CERT found that GitLab has issued an official security notice to fix a cross-site scripting vulnerability in GitLab Community Edition (CE) and Enterprise Edition (EE) (CVE-2023-0050). A remote attacker with low privileges can cause the client to store XSS through a specially crafted Kroki diagram, and finally perform arbitrary operations on the […]
NSFOCUS Included in Forrester Network Analysis and Visibility (NAV) Landscape
março 3, 2023
Santa Clara, Calif. March 03, 2023 – NSFOCUS, a global provider of intelligent hybrid security solutions, announced today that it has been included in Forrester’s recently published report, The Network Analysis and Visibility Landscape, Q1 2023. The report provides an overview of the market development, functions, and technologies of NAV products in detail. As one […]
NSFOCUS WAF Syslog Introduction
março 3, 2023
In computing, syslog is a standard for message logging. It allows separation of the software that generates messages, the system that stores them, and the software that reports and analyzes them. Each message is labeled with a facility code, indicating the type of system generating the message, and is assigned a severity level. Computer system […]
