Zero-Trust Cloud Native Network Security Enabled by Micro-segmentation
August 31, 2021
Traditional networks or virtual networks have employed network segregation technologies like VLAN or VPC which are, however, more often used for segregation of deterministic networks or tenant networks. In cloud native environments, containers or microservices have a shorter lifecycle and change more frequently compared with traditional networks or tenant networks. Complex business access relationships are […]
Exim Remote Code Execution Vulnerability (CVE-2020-28020) Threat Alert
August 30, 2021
Overview In May, Qualys publicly disclosed 21 security vulnerabilities in the Exim server, announcing that these vulnerabilities affected all Exim versions released after 2004 and most of them can be exploited in default configurations. Recently, NSFOCUS found that certain vulnerability details and PoCs were publicly available. Among the vulnerabilities, the most severe one is the […]
Microsoft August Security Updates for Multiple High-Risk Product Vulnerabilities
August 27, 2021
Overview According to NSFOCUS CERT’s monitoring, Microsoft released August 2021 Security Updates on August 11 to fix 46 vulnerabilities, including high-risk remote code execution and privilege escalation, in widely used products like Windows, Microsoft Office, ASP.NET Core, Visual Studio, and Azure. This month’s security updates fix seven critical vulnerabilities and 39 important ones, including three […]
Security Visibility Augmented by Cloud Native
August 25, 2021
In the cloud native era, containerized infrastructure makes possible much more lightweight applications that run faster. Dozens or even hundreds of containers can be rapidly deployed and run on a host. What’s more, Kubernetes and other container orchestration platforms provide excellent security management mechanisms like load balancing, task scheduling, and fault tolerance. Therefore, in a […]
Windows Privilege Escalation Vulnerability (CVE-2021-36934) Threat Alert
August 24, 2021
Overview Recently, NSFOCUS CERT discovered a critical security bulletin released by Microsoft to disclose a privilege escalation vulnerability (CVE-2021-36934) in Windows. A privilege escalation vulnerability exists because of overly permissive Access Control Lists (ACLs) on multiple system files (including the Security Account Manager (SAM) database). When a built-in administrator account is enabled in the system, […]
NSFOCUS Appraised Maturity Level 5 of CMMI Development V2.0
August 23, 2021
We are very excited to announce that NSFOCUS has been appraised at Maturity Level 5 of the CMMI Institute’s Capability Maturity Model Integration (CMMI)® Version 2.0. CMMI is a proven set of global best practices that drives business performance through building and benchmarking key capabilities. It is an integrated framework of best practices that can rapidly […]
SASE, Born for Digital Age
August 19, 2021
SASE (Security Access Services Edge, pronounced sassy /ˈsæsi/) is a network security service architecture introduced by Gartner in 2019. Gartner defines it as “an emerging offering combining comprehensive WAN capabilities with comprehensive network security functions (such as SWG, CASB, FWaaS, and ZTNA) to support the dynamic security access needs of digital enterprises.” In the diagram below, […]
Security Risks and Threats of Containerized Infrastructure
-e1619596788284.jpg)
August 17, 2021
As a kind of lightweight virtualization technology, containers run in the operating system kernel of a host. Therefore, traditional security issues remain in hosts and networks. Besides, container escape risks, container image risks, virtual network risks, and configuration risks will become new security threats facing containerized infrastructure. Attacks on Container Images With the prevalence of […]
The New Trend of Ransomware: Triple Extortion
August 16, 2021
Threat actors who specialize in ransomware are always using Double Extortion Tactics in which they not only encrypt the victim’s data but also threaten to leak sensitive data publicly unless the ransom is paid. Double Extortion Tactics first started appearing in late 2019, becoming an increasingly common trend through 2020. The attack against Allied Universal […]
Linux Kernel Privilege Escalation Vulnerability (CVE-2021-33909) Threat Alert
August 13, 2021
Overview Recently, NSFOCUS CERT discovered that the Qualys research team disclosed a local privilege escalation vulnerability (CVE-2021-33909, aka Sequoia) in the filesystem layer in the Linux kernel. It is a size_t-to-int type conversion vulnerability in the seq_file interface in the Linux kernel. fs/seq_file.c’s improper restriction of the seq buffer allocation may cause an integer overflow, […]
