Overview On January 26, NSFOCUS CERT detected that the Qualys research team publicly disclosed a privilege escalation vulnerability (CVE-2021-4034) found in Polkit’s pkexec, also known as PwnKit. The vulnerability is due to the inability of pkexec to properly process the call parameters, thereby executing the environment variable as a command. An attacker with arbitrary user […]
Overview In July 2021, NSFOCUS Security Labs captured a number of phishing documents using windows 11 related topics as bait. These phishing documents show some ideas and techniques that are different from common phishing attacks. Through in-depth analysis, NSFOCUS Security Labs found that the phishing files are part of a large-scale spear attacks being carried out by […]
SASE (Security Access Services Edge) is a SaaS service that integrates security and network (To learn about what the SASE is, read SASE, Born for Digital Age). It incorporates too many new concepts. To make it easier to understand, we decided to post the popular science series on SASE, which can simplify the concepts so […]
MILPITAS, Calif. – January 28, 2022 – NSFOCUS, a leader in holistic hybrid security solutions, today released the 2021 Global DDoS Attack Landscape, a joint report by working with Tencent, which found that DDoS attacks have entered the terabit era with the largest DDoS traffic peaked at 2.4 Tbps (or 3.25 Tbps according the latest news […]
Overview On January 12, NSFOCUS CERT detected that Microsoft released a monthly security update, which fixed an HTTP protocol stack remote code execution vulnerability (CVE-2022-21907). A buffer overflow can occur due to a boundary error in the HTTP Trailer Support feature in the HTTP stack (HTTP.sys). An unauthenticated attacker can execute arbitrary code on a […]
Overview On January 19, NSFOCUS CERT detected that Apache released a security bulletin that disclosed three Log4j vulnerabilities, all of which affected the Apache Log4j 1.x version, and the official support and maintenance are no longer available. Please take measures as soon as possible to protect the relevant users. Apache log4j JMSSink Deserialization Code Execution […]
Compliance has seen radical changes in the requirements and driving force of data security and a broader category of data objects under data security protection. Application scenarios covered by data security will become more diversified, and data security requirements will cover all phases of the data lifecycle. In order to better cope with the challenges […]
Overview On January 12, NSFOCUS CERT found that Apache issued a security notice to fix a remote code execution vulnerability (CVE-2021-43297) in Dubbo. Due to a deserialization vulnerability in Dubbo’s hessian-lite, an unauthenticated attacker could exploit the vulnerability to remotely execute arbitrary code on the target system. Most Dubbo users use Hessian2 as the serialization/deserialization […]
Compliance has seen radical changes in the requirements and driving force of data security and a broader category of data objects under data security protection. Application scenarios covered by data security will become more diversified, and data security requirements will cover all phases of the data lifecycle. In order to better cope with the challenges […]
The outbreak of Log4j2 vulnerability has caused an uproar all over the world, with a wide range of influence and great harm second to none. The event is a typical supply chain event caused by open source software. The vulnerability of upstream software affects the products of downstream industries. The complex dependency expands the scope […]
