Jie Ji

Investigation Report on New APT Organization MurenShark: Torpedoes Fired to Turkish Navy [1]

September 2, 2022

Overview In 2022 Q2, NSFOCUS Security Labs detected a series of cyberattacks against Turkey. After analysis, the researchers confirmed that this round of attacks originated from Actor210426, a new threat entity identified by NSFOCUS Security Labs in April 2021. Through the clues of behavior pattern, attack method, attack tool, attack target and so on, NSFOCUS […]

NSFOCUS ISOP Listed in The Security Analytics Platform Landscape Report

August 24, 2022

Santa Clara, Calif. August 24, 2022 – We are very happy to announce that NSFOCUS was included as one of notable vendors in the report The Security Analytics Platform Landscape, Q3 2022 published by Forrester, an authoritative international research consulting organization. “Security analytics platforms are the center of the SOC”, as stated in this report, “They […]

Security Knowledge Graph | Cyberspace Mapping Strengthens Tailor-Made Security

August 22, 2022

The security knowledge graph, a knowledge graph specific to the security domain, is the key to realizing cognitive intelligence in cyber security, and it also lays an indispensable technological foundation for dealing with advanced, continuous and complex threats and risks in cyberspace. NSFOCUS will publish a series of articles about the application of the security […]

Apache Hadoop Remote Code Execution Vulnerability (CVE-2022-25168) Alert

August 16, 2022

Overview Recently, NSFOCUS CERT found that Apache Hadoop officially fixed a command injection vulnerability. Since Apache Hadoop’s FileUtil.unTar API does not escape the input filename before passing it to the shell, an attacker could exploit this vulnerability to inject arbitrary commands and thus achieve remote code execution. Affected users are recommended to take steps to […]

Novel Browser in the Browser (BitB) technique used by threat actor UNC 1151 for phishing attacks

August 12, 2022

Background Recently, the cyber threat actor known as UNC 1151 group was spotted to use the Browser in the Browser (BitB) technique in its campaigns. This technique is used for phishing attacks by displaying a new browser window containing a fake login panel on the visited website. The window is so carefully crafted that it […]

Critical VMware Product Vulnerability Alerts

August 10, 2022

Overview Recently, NSFOCUS CERT detected that VMware officially issued a security notice to fix multiple vulnerabilities in products such as VMware Workspace ONE Access, Identity Manager, and VMware vRealize Automation. Attackers can use these vulnerabilities to cause privilege escalation and remote code execution. At present, the official security update has been released, and relevant users […]

NSFOCUS Named as a Sample Vendor for Threat Intelligence Products and Services in 2022 Gartner® report

August 5, 2022

Company Named in Threat Intelligence Products and Services Category Santa Clara, Calif. August 5, 2022 – We are very proud to announce that NSFOCUS has been named a Sample Vendor in the July 2022 Gartner® Hype Cycle™ for Security Operations in the Threat Intelligence Products and Services category. In this report Gartner notes “Threat intelligence (TI) services […]

Security Knowledge Graph – APT Group Profiling and Attribution

August 5, 2022

The security knowledge graph, a knowledge graph specific to the security domain, is the key to realizing cognitive intelligence in cyber security, and it also lays an indispensable technological foundation for dealing with advanced, continuous and complex threats and risks in cyberspace. NSFOCUS will publish a series of articles about the application of the security […]

Multiple High-Risk Vulnerability Alerts in Atlassian

August 1, 2022

Overview Recently, NSFOCUS CERT has detected that Atlassian has officially released a security bulletin, which has fixed several high-risk vulnerabilities in Atlassian products, and relevant users are requested to take measures to protect them. Arbitrary Servlet Filter Bypass Vulnerability (CVE-2022-26136): Vulnerabilities in multiple Atlassian products allow unauthenticated remote attackers to bypass servlet filters used by […]

Critical Patch Update for All Oracle Products in July

July 27, 2022

Overview On July 20, 2022, NSFOCUS CERT monitored and found that Oracle officially released the CPU (Critical Patch Update) in July. A total of 349 vulnerabilities of varying degrees were fixed this time. This security update involves Oracle WebLogic Server, Oracle MySQL, Oracle Java SE, Oracle Retail Applications and many other common products. Oracle strongly […]

Search

Subscribe to the NSFOCUS Blog