New Feature – Upgrade of Detection Rules via the Cloud in NTA V4.5R90F04
March 20, 2023
Function Description This function will be available in NTA V4.5R90F04 in Q2 2023. NTA allows online upgrades of the DDoS detection rule library for automatic protection. This function can meet most of the current customization requirements by providing the latest detection rules against new types of DDoS attacks. Configuration Procedure Obtain the upgrade package of […]
Microsoft Outlook Privilege Escalation Vulnerability (CVE-2023-23397) Notification
March 18, 2023
Overview Recently, NSFOCUS CERT has monitored that Microsoft has officially released a patch update, which fixes a Microsoft Outlook privilege escalation vulnerability. An unauthenticated attacker sends a specially crafted email, causing the victim to connect to an external UNC location controlled by the attacker, causing the victim’s Net-NTLMv2 hash to be disclosed to the attacker. […]
GISEC Global 2023
March 17, 2023
GISEC Global, March 14-16, 2023, Dubai World Trade Centre, Dubai NSFOCUS participated in GISEC Global 2023 in Dubai, a great opportunity to connect with local partners, industry-leading experts and technology innovators. NSFOCUS team presented our solutions and services to booth visitors with hands-on demonstrations.
NSFOCUS Releases 2022 Global DDoS Attack Landscape Report
March 16, 2023
Santa Clara, Calif. March 16, 2023 – NSFOCUS, a global provider of intelligent hybrid security solutions, today released its “2022 Global DDoS Attack Landscape Report” which includes many findings to help organizations and users defend against DDoS attacks. According to the report, The DDoS attack landscape remains challenging. The increasing number of DDoS attacks in 2022 […]
NSFOCUS DDoS Attack Landscape Report 2022
March 16, 2023
The DDoS attack landscape remains challenging. While organizations continue to explore new defense methods to protect against DDoS attacks proactively, attackers never stop creating sly and novel tactics to take down the target services. Download a copy of the full report to learn more.
Microsoft’s March security update for multiple high-risk product vulnerabilities
March 15, 2023
Overview On March 15, NSFOCUS CERT monitored that Microsoft had released a security update patch for March, which fixed 82 security issues, involving widely used products such as Windows Hyper-V, Microsoft Outlook, Windows HTTP Protocol Stack, Microsoft Graphics, Microsoft Excel, etc., including high-risk vulnerability types such as privilege enhancement, remote code execution, etc. Among the […]
Apache Dubbo Deserialization Vulnerability Notice (CVE-2023-23638)
March 14, 2023
Overview Recently, NSFOCUS CERT detected that Apache officially issued a security notice, fixing an Apache Dubbo deserialization vulnerability (CVE-2023-23638). Due to the flaws in Apache Dubbo’s deserialization security check, remote attackers can construct malicious data packets to conduct deserialization attacks, and finally execute arbitrary code on the target system. Affected users are requested to take […]
A New Botnet Family Discovered by NSFOCUS
March 13, 2023
Background Recently NSFOCUS Security Labs detected a batch of suspicious ELF files spreading widely. Further analysis confirmed that these ELF samples belonged to a new botnet family. We named the family “Peachy Botnet” according to the signature information left by the Bot author in the sample. The Peachy Botnet began to spread as early as […]
Indian Government Agencies Targeted in Phishing Attacks by APT Group SideCopy
March 13, 2023
Overview NSFOCUS detected a malicious macro file named “Cyber Advisory 2023.docm ” last month and confirmed that the document was delivered by Pakistan APT group SideCopy to lure the target to open and read while downloading the Trojan horse ReverseRAT to receive CnC instructions to steal data. SideCopy was disclosed by the security company Quick […]
Fortinet FortiOS and FortiProxy Remote Code Execution Vulnerability Notice (CVE-2023-25610)
March 12, 2023
Overview Recently, NSFOCUS CERT found that Fortinet officially issued a security notice to fix a Fortinet FortiOS and FortiProxy remote code execution vulnerability (CVE-2023-25610). Due to the heap buffer underflow flaw in the management interface of FortiOS and FortiProxy, an unauthenticated remote attacker can execute arbitrary code on the target device or perform a DoS […]
