WAF HTTP Access Control Feature Overview and Configuration Examples
December 2, 2024
In the process of using WAF, when we need to detect elements like hostname, URL path, HTTP request methods, and IP blacklists, we can utilize the HTTP Access Control function to meet these requirements. This article provides a detailed guide on using WAF’s HTTP Access Control feature and highlights relevant considerations. 1. HTTP Access Control […]
Alert: XorBot Comes Back with Enhanced Tactics
November 21, 2024
I. Overview According to the monitoring by NSFOCUS, since the beginning of 2024, a new-type botnet family with a high level of anti-tracking awareness—XorBot—has been continuously updating its versions and introducing new features, undergoing significant changes. This botnet family first emerged in November 2023 and was exclusively disclosed by the NSFOCUS Security Labs in December […]
Microsoft’s Security Update in November on High-Risk Vulnerabilities in Multiple Products
November 15, 2024
Overview On November 13, NSFOCUS CERT detected that Microsoft released a security update patch for November, which fixed 89 security issues, including Windows, Microsoft SQL Server, Microsoft Office, Azure, Open Source Software, Microsoft Visual Studio, System Center and other widely used products, including high-risk vulnerabilities such as privilege escalation vulnerability and remote code execution vulnerability. […]
Introduction to TI Capability on NSFOCUS ADS
November 12, 2024
NSFOCUS ADS integrates NSFOCUS Threat Intelligence (NTI) capability to block IP addresses with high threat levels and risks. To ensure data reliability, ADS allows the daily update of intelligence data and offers optional update time periods. ADS also provides an exception IP function to filter IPs in NTI. IPs in exception IP no longer go […]
Oracle WebLogic Server Remote Code Execution Vulnerability (CVE-2024-21216)
November 8, 2024
Overview Recently, NSFOCUS CERT detected that Oracle issued a security announcement and fixed the deserialization vulnerability in WebLogic Server (CVE-2024-21216). Since WebLogic does not strictly filter incoming data through the T3/IIOP protocol, when the T3/IIOP protocol is enabled, an unauthenticated remote attacker sends a special request to the server through the T3/IIOP protocol to execute […]
Behind the 2024 US Election Curtain: Cyberwar’s Silent Sabotage
November 7, 2024
On November 5th, Eastern Standard Time, the United States held its 47th presidential and congressional elections. The 2024 US election process, which began with the Republican Party’s candidate nomination on July 15th, concluded after nearly four months of intense campaigning. Former President Donald Trump and his Republican Party secured a decisive victory, with Trump projected […]
Discover NSFOCUS RSAS V6.0R04F04’s Enhanced Web Scanning Capabilities
November 6, 2024
The recently released RSAS version, V6.0R04F04, not only boasts a refreshed user interface but also packs a punch with enhanced web scanning capabilities. In addition to the already impressive Web Crawler 2.0, which is capable of handling front-end and back-end separated architectures, we’ve fortified the crawler engine with new features and a brand-new policy configuration […]
What is a Cyber Range?
November 5, 2024
Today, we’re diving into the fascinating world of cyber ranges—a critical component in the ever-evolving landscape of cybersecurity. But what exactly is a cyber range? Let’s break it down. What is a Cyber Range? A cyber range is a sophisticated environment that leverages technologies such as virtualization, hybrid reality, security orchestration, behavior and traffic simulation, […]
NSFOCUS Showcases Two Groundbreaking Topics at SAS 2024
October 30, 2024
NSFOCUS Showcases Two Groundbreaking Topics at SAS 2024: An In-Depth Analysis of the DarkCasino APT Group and the Evolution of New Botnets. SANTA CLARA, Calif., October 30, 2024 – The 17th Security Analyst Summit (SAS), a premier global event focused on cybersecurity, recently concluded in Bali, Indonesia, where NSFOCUS was invited to participate. As the […]
NSFOCUS RSAS New Features: Scenario-based Scans, CCoP Benchmarks, Richer Vulnerability KB, and More
October 28, 2024
In the ever-evolving landscape of cybersecurity threats, we’re always on the lookout for cutting-edge solutions to safeguard our digital assets. Today, I’m thrilled to announce the release of NSFOCUS RSAS 6.0R04F04, a new iteration that comes packed with a suite of features designed to enhance your security posture and streamline your operations. Let’s dive into […]
