Overview On March 15, NSFOCUS CERT monitored that Microsoft had released a security update patch for March, which fixed 82 security issues, involving widely used products such as Windows Hyper-V, Microsoft Outlook, Windows HTTP Protocol Stack, Microsoft Graphics, Microsoft Excel, etc., including high-risk vulnerability types such as privilege enhancement, remote...
Categoria: Blog
Apache Dubbo Deserialization Vulnerability Notice (CVE-2023-23638)
Overview Recently, NSFOCUS CERT detected that Apache officially issued a security notice, fixing an Apache Dubbo deserialization vulnerability (CVE-2023-23638). Due to the flaws in Apache Dubbo's deserialization security check, remote attackers can construct malicious data packets to conduct deserialization attacks, and finally execute arbitrary code on the target system. Affected...
A New Botnet Family Discovered by NSFOCUS
Background Recently NSFOCUS Security Labs detected a batch of suspicious ELF files spreading widely. Further analysis confirmed that these ELF samples belonged to a new botnet family. We named the family “Peachy Botnet†according to the signature information left by the Bot author in the sample. The Peachy Botnet began...
Indian Government Agencies Targeted in Phishing Attacks by APT Group SideCopy
Overview NSFOCUS detected a malicious macro file named "Cyber Advisory 2023.docm " last month and confirmed that the document was delivered by Pakistan APT group SideCopy to lure the target to open and read while downloading the Trojan horse ReverseRAT to receive CnC instructions to steal data. SideCopy was disclosed...
Fortinet FortiOS and FortiProxy Remote Code Execution Vulnerability Notice (CVE-2023-25610)
Overview Recently, NSFOCUS CERT found that Fortinet officially issued a security notice to fix a Fortinet FortiOS and FortiProxy remote code execution vulnerability (CVE-2023-25610). Due to the heap buffer underflow flaw in the management interface of FortiOS and FortiProxy, an unauthenticated remote attacker can execute arbitrary code on the target...
Multiple Apache HTTP Server Security Vulnerabilities
Overview Recently, NSFOCUS CERT found that Apache has issued an official security notice to fix multiple Apache HTTP Server vulnerabilities. Affected users should take protective measures as soon as possible. Apache HTTP Server Request Smuggling Vulnerability (CVE-2023-25690): When mod_ When proxy is enabled with some form of RewriteRule or ProxyPassMatch,...
