The DDoS attack landscape remains challenging. While organizations continue to explore new defense methods to protect against DDoS attacks proactively, attackers never stop creating sly and novel tactics to take down the target services. Download a copy of the full report to learn more.
Blog
Microsoft’s March security update for multiple high-risk product vulnerabilities
Overview On March 15, NSFOCUS CERT monitored that Microsoft had released a security update patch for March, which fixed 82 security issues, involving widely used products such as Windows Hyper-V, Microsoft Outlook, Windows HTTP Protocol Stack, Microsoft Graphics, Microsoft Excel, etc., including high-risk vulnerability types such as privilege enhancement, remote...
Apache Dubbo Deserialization Vulnerability Notice (CVE-2023-23638)
Overview Recently, NSFOCUS CERT detected that Apache officially issued a security notice, fixing an Apache Dubbo deserialization vulnerability (CVE-2023-23638). Due to the flaws in Apache Dubbo's deserialization security check, remote attackers can construct malicious data packets to conduct deserialization attacks, and finally execute arbitrary code on the target system. Affected...
A New Botnet Family Discovered by NSFOCUS
Background Recently NSFOCUS Security Labs detected a batch of suspicious ELF files spreading widely. Further analysis confirmed that these ELF samples belonged to a new botnet family. We named the family “Peachy Botnet†according to the signature information left by the Bot author in the sample. The Peachy Botnet began...
Indian Government Agencies Targeted in Phishing Attacks by APT Group SideCopy
Overview NSFOCUS detected a malicious macro file named "Cyber Advisory 2023.docm " last month and confirmed that the document was delivered by Pakistan APT group SideCopy to lure the target to open and read while downloading the Trojan horse ReverseRAT to receive CnC instructions to steal data. SideCopy was disclosed...
Fortinet FortiOS and FortiProxy Remote Code Execution Vulnerability Notice (CVE-2023-25610)
Overview Recently, NSFOCUS CERT found that Fortinet officially issued a security notice to fix a Fortinet FortiOS and FortiProxy remote code execution vulnerability (CVE-2023-25610). Due to the heap buffer underflow flaw in the management interface of FortiOS and FortiProxy, an unauthenticated remote attacker can execute arbitrary code on the target...
