Highlights of 2021 Security Emergency Incident Observations
February 23, 2022
Intro The world of cybersecurity is rapidly changing and technologies continue to evolve and innovate. While emerging technologies on big data, Internet of Things, artificial intelligence, mobile payment, just name a few, are helping digital transformation, new security risks expose constantly. Security incidents handled by NSFOCUS emergency response team in 2021 reaches 438, an increase […]
Moving Swiftly from Makeshift Remedies to Routine: A Thought on Security Operations
February 15, 2022
On December 9, 2021, the Log4j vulnerability was disclosed and had a huge impact. According to monitoring of NSFOCUS Threat Intelligence, hundreds of thousands of assets were affected by the vulnerability. A week after the vulnerability was disclosed, the NTI detected tens of thousands of malicious IP addresses using the Log4j vulnerability to launch various […]
Apache log4j Deserialization and SQL Injection Vulnerability (CVE-2022-23302/CVE-2022-23305/CVE-2022-23307) Alert
January 26, 2022
Overview On January 19, NSFOCUS CERT detected that Apache released a security bulletin that disclosed three Log4j vulnerabilities, all of which affected the Apache Log4j 1.x version, and the official support and maintenance are no longer available. Please take measures as soon as possible to protect the relevant users. Apache log4j JMSSink Deserialization Code Execution […]
Analysis of Log4j2 0-Day Vulnerability from the Perspective of Supply Chain
December 23, 2021
The outbreak of Log4j2 vulnerability has caused an uproar all over the world, with a wide range of influence and great harm second to none. The event is a typical supply chain event caused by open source software. The vulnerability of upstream software affects the products of downstream industries. The complex dependency expands the scope […]
