Investigation Report on New APT Organization MurenShark: Torpedoes Fired to Turkish Navy [1]
September 2, 2022
Overview In 2022 Q2, NSFOCUS Security Labs detected a series of cyberattacks against Turkey. After analysis, the researchers confirmed that this round of attacks originated from Actor210426, a new threat entity identified by NSFOCUS Security Labs in April 2021. Through the clues of behavior pattern, attack method, attack tool, attack target and so on, NSFOCUS […]
NSFOCUS ISOP Listed in The Security Analytics Platform Landscape Report
August 24, 2022
Santa Clara, Calif. August 24, 2022 – We are very happy to announce that NSFOCUS was included as one of notable vendors in the report The Security Analytics Platform Landscape, Q3 2022 published by Forrester, an authoritative international research consulting organization. “Security analytics platforms are the center of the SOC”, as stated in this report, “They […]
Security Knowledge Graph | Cyberspace Mapping Strengthens Tailor-Made Security
August 22, 2022
The security knowledge graph, a knowledge graph specific to the security domain, is the key to realizing cognitive intelligence in cyber security, and it also lays an indispensable technological foundation for dealing with advanced, continuous and complex threats and risks in cyberspace. NSFOCUS will publish a series of articles about the application of the security […]
Apache Hadoop Remote Code Execution Vulnerability (CVE-2022-25168) Alert
August 16, 2022
Overview Recently, NSFOCUS CERT found that Apache Hadoop officially fixed a command injection vulnerability. Since Apache Hadoop’s FileUtil.unTar API does not escape the input filename before passing it to the shell, an attacker could exploit this vulnerability to inject arbitrary commands and thus achieve remote code execution. Affected users are recommended to take steps to […]
Novel Browser in the Browser (BitB) technique used by threat actor UNC 1151 for phishing attacks
August 12, 2022
Background Recently, the cyber threat actor known as UNC 1151 group was spotted to use the Browser in the Browser (BitB) technique in its campaigns. This technique is used for phishing attacks by displaying a new browser window containing a fake login panel on the visited website. The window is so carefully crafted that it […]
Critical VMware Product Vulnerability Alerts
August 10, 2022
Overview Recently, NSFOCUS CERT detected that VMware officially issued a security notice to fix multiple vulnerabilities in products such as VMware Workspace ONE Access, Identity Manager, and VMware vRealize Automation. Attackers can use these vulnerabilities to cause privilege escalation and remote code execution. At present, the official security update has been released, and relevant users […]
NSFOCUS Named as a Sample Vendor for Threat Intelligence Products and Services in 2022 Gartner® report
August 5, 2022
Company Named in Threat Intelligence Products and Services Category Santa Clara, Calif. August 5, 2022 – We are very proud to announce that NSFOCUS has been named a Sample Vendor in the July 2022 Gartner® Hype Cycle™ for Security Operations in the Threat Intelligence Products and Services category. In this report Gartner notes “Threat intelligence (TI) services […]
Security Knowledge Graph – APT Group Profiling and Attribution
August 5, 2022
The security knowledge graph, a knowledge graph specific to the security domain, is the key to realizing cognitive intelligence in cyber security, and it also lays an indispensable technological foundation for dealing with advanced, continuous and complex threats and risks in cyberspace. NSFOCUS will publish a series of articles about the application of the security […]
Multiple High-Risk Vulnerability Alerts in Atlassian
August 1, 2022
Overview Recently, NSFOCUS CERT has detected that Atlassian has officially released a security bulletin, which has fixed several high-risk vulnerabilities in Atlassian products, and relevant users are requested to take measures to protect them. Arbitrary Servlet Filter Bypass Vulnerability (CVE-2022-26136): Vulnerabilities in multiple Atlassian products allow unauthenticated remote attackers to bypass servlet filters used by […]
Critical Patch Update for All Oracle Products in July
July 27, 2022
Overview On July 20, 2022, NSFOCUS CERT monitored and found that Oracle officially released the CPU (Critical Patch Update) in July. A total of 349 vulnerabilities of varying degrees were fixed this time. This security update involves Oracle WebLogic Server, Oracle MySQL, Oracle Java SE, Oracle Retail Applications and many other common products. Oracle strongly […]