NSFOCUS is a leading provider of enterprise-level network security solutions and services. NSFOCUS has released the annual cybersecurity insights report in April, which analyzed the overall trends, threats, and challenges in the cyber landscape. The full NSFOCUS Cybersecurity Insights for 2022 report is available here. Here are some of the...
Year: 2023
GitLab Code Execution Vulnerability (CVS 2023-2478)
Overview Recently, NSFOCUS CERT monitored that GitLab officially issued a security notice, and fixed a code execution vulnerability in GitLab Community Edition (CE) and Enterprise Edition (EE) (CVE-2023-2478). Remote attackers with low privileges can add malicious Runners to any project of the instance through GraphQL endpoints, further exploiting the ability...
Packet Forwarding Mode
The packet Forwarding Mode is mainly used for debugging network faults. If this function is enabled, it indicates that the ADS device will directly forward network packets without any checks. The Packet Forwarding Enable feature can be reminded through the ADS webpage if this function is enabled. If you want...
TA569 Suspected of Phishing Attack against Russia and Germany
I. Overview On April 18, 2023, NSFOCUS Security Labs discovered a spear phishing attack against Russia during daily threat hunting. After correlation analysis of the event, NSFOCUS Security Labs confirmed that the attacker also launched a similar phishing attack against Germany. The active time of the attacker, the attack target,...
CyberSecurity Business Connect
CSBC, May 05, 2023, Sands Expo & Convention Centre, Singapore CyberSecurity Business Connect 2023 (CSBC), is an event organized by Ingram Micro to showcase and deliver a full spectrum of global technology and supply chain services to businesses around the world. NSFOCUS participated in CSBC as Gold Sponsor, and announced...
NSFOCUS Unveils EASM and PTaaS Services at Cybersecurity Business Connect 2023 in Singapore
NSFOCUS at Cybersecurity Business Connect 2023 in Singapore Singapore, May 5, 2023 – NSFOCUS, a leading provider of network security solutions and services, has announced the launch of its new External Attack Surface Management (EASM) and Penetration Testing-as-a-Service (PTaaS) offerings at Cybersecurity Business Connect 2023 in Singapore, organized by Ingram...
