Insights from Attack and Defense Drills: Strategies and Resilience
September 11, 2023
Recently, NSFOCUS SOC team summarized the findings from attack and defense drills in the first half of 2023. In these smokeless battles, the attackers advanced with aggressive strategies, while the defenders relied on comprehensive defense systems, taking measures from protecting, monitoring to tracing, and resisting every attempt to breach their defenses. Vulnerability and Asset Impact […]
Introduction to NSFOCUS WAF Apply Rule Database
September 11, 2023
In the versions before 6.0.7.3.61634, after users upgrade the NSFOCUS WAF Rule Database, they have to add the new rules one by one to the website’s policy based on the rule name or the rule number manually to apply the new policies. To improve user experience, the NSFOCUS WAF version 6.0.7.3.61634 has optimized this functionality. […]
Multiple Security Vulnerability Notifications on Apple Products
September 8, 2023
Overview Recently, NSFOCUS CERT has detected that Apple has officially repaired two 0day vulnerabilities in multiple Apple products. At present, it has detected that there are uses in wild. Affected users should take protective measures as soon as possible. The details of the vulnerability are as follows: Apple ImageIO Remote Code Execution Vulnerability (CVS 2023-41064): […]
Multiple security vulnerability notifications on Google Chrome
September 7, 2023
Overview Recently, NSFOCUS CERT has monitored that Google Chrome has officially released security announcements and fixed several security vulnerabilities. The key vulnerabilities are as follows: Google Chrome Cross Border Read Vulnerability (CVE-2023-4761): Due to an out of bounds memory read vulnerability in Google Chrome FebCM, attackers who can disrupt the renderer process can perform out […]
VMware Aria Operations for Networks Authentication Bypass Vulnerability (CVE-2023-34039)
September 5, 2023
Overview Recently, NSFOCUS CERT detected an Authentication Bypass vulnerability in VMware Aria Operations for Networks. Due to the lack of unique cryptographic key generation, Aria Operations for Networks is susceptible to an authentication bypass vulnerability. Attackers with network access to Aria Operations for Networks could bypass SSH authentication to gain access to the Aria Operations […]
NSFOCUS Included in Gartner 2023 Hype Cycle for Smart City and Sustainability in China Report Again
September 5, 2023
We proudly announce that NSFOCUS was again included in Gartner® Hype CycleTM for Smart City and Sustainability in China (2023) report1 in CPS Security. “Cyber-physical systems (CPS) are engineered systems that orchestrate sensing, computation, control, networking and analytics to interact with the physical world (including humans). When secure, they enable safe, real-time, reliable, resilient and […]
IDNIC (Indonesia Network Information Center)’s Training Series workshop
August 31, 2023
IDNIC, Aug 29-30, 2023, Aston Lampung City Hotel, Indonesia. NSFOCUS team attended IDNIC (Indonesia Network Information Center)‘s Training Series workshop in the Aston Lampung City Hotel. Together we had a fruitful discussion about BGP, Information Security, DNS and IPv6.
APT34 Unleashes New Wave of Phishing Attack with Variant of SideTwist Trojan
August 30, 2023
Recently, NSFOCUS Security Labs captured a new APT34 phishing attack. During the campaign, APT34 attackers disguised as a marketing services company called GGMS launched attacks against enterprise targets and released a variant of SideTwist Trojan to achieve long-term control of the victim host. Introduction to APT34 APT34, also known as OilRig or Helix Kitten, is […]
Introduction to ADS’s HTTP Keyword Checking Policy
August 29, 2023
HTTP Keyword Checking is a process by which ADS controls HTTP traffic through the ADS device. In addition, ADS takes a specific action (Accept, Drop, Disconnect, Add to blacklist, Add to whitelist, or Limit rate) as configured on passing packets whose source IP address and specific fields match the HTTP Keyword Checking rule. HTTP Keyword […]
Mastering Defense and Understanding Offense: Approach of Detecting Abnormal Attack Behaviors
August 29, 2023
In offensive and defensive exercises, attackers will use various attack methods to maximize their objectives, including not only common attack methods but also complex attacks. Phishing email is popular among attackers as the most commonly used and low-cost attack method. Attackers typically use a variety of techniques and deception to send emails with malicious attachments […]
