.jpg)
In the big data era, data receives more and more attention. Deep integration of big data and artificial intelligence (AI) has produced a profound and widespread impact on all walks of life, including government, finance, carriers, electricity, and the Internet. In addition, the circulation and release of data value have...
Year: 2021
GitLab Remote Command Execution Vulnerability (CVE-2021-22205) Threat Alert
Overview Recently, NSFOCUS monitored that researchers disclosed the exploitation program of GitLab remote command execution vulnerability (CVE-2021-22205), and found that the existence of unauthorized endpoints in GitLab cause the vulnerability exploitable without authentication. Both Community Edition (CE) and Enterprise Edition (EE) are affected. On April 15, GitLab official released a...
CODESYS V2 Multiple High-Risk Vulnerabilities Threat Alert
Overview Recently, CODESYS officially issued four security update advisories that fixed 10 vulnerabilities in CODESYS V2. NSFOCUS received a letter of acknowledgement from CODESYS for NSFOCUS Gewu Lab's reporting of three vulnerabilities that were rated high-risk. All of the three vulnerabilities are exploited for attacks via private communication protocols supported...
Solidifying Threat Intelligence Foundation with Incident Forensics Regulation
Author: Richard ZHAO Incident Investigations and Threat Intelligence Threat intelligence, as the cornerstone of defenses against advanced threats, has had its significance fully recognized by the administration and the security community, as demonstrated in lots of conferences and forums held across the globe, numerous reports written around threat intelligence, and...
Oracle October Critical Patch Update for All Product Families
Overview On October 20, 2021, NSFOCUS detected that Oracle released the October Critical Patch Update (CPU), which fixed 419 vulnerabilities of varying risk levels. The update involves multiple commonly used products, such as Oracle MySQL, Oracle WebLogic Server, Oracle Java SE, Oracle Fusion Middleware and Oracle Retail Applications. Oracle strongly...
AISecOps Development Trend
As an old saying goes, "Rome was not built in a day", it is impossible to build AISecOps capabilities simply by following the example of other businesses. In fact, the most topical and mature AI technology is widely applied, but needs to be delved a little deeper. For instance, typical...
