SecLLM: Enhancing Cyber Security with Large Language Model – Technical White Paper Overview
January 31, 2024
Drawing on years of accumulated expertise in security and high-quality data in the field of “artificial intelligence + security,” NSFOCUS has announced the release of its Technical White Paper: Enhancing Network Security with Security Large Language Model (SecLLM). This white paper shares the best practices and lessons learned during the development of NSFOCUS SecLLM, exploring […]
Jenkins Arbitrary File Read Vulnerability (CVE-2024-23897) Notice
January 30, 2024
Overview Recently, NSFOCUS CERT detected that Jenkins issued a security announcement and fixed an arbitrary file reading vulnerability in the Jenkins CLI (CVE-2024-23897). Since one function of its CLI command parser is enabled by default in Jenkins, the specific parser function expandAtFiles can replace the character following the file path in the @ parameter with […]
2023 Cybersecurity Regulation Recap (Part 1): Network Security
January 30, 2024
In 2023, countries worldwide continued to strengthen their cybersecurity capabilities and systems in response to their national needs, using regulatory means to enhance their cybersecurity management. Based on continuous tracking and research, NSFOCUS summarized the development of global cybersecurity regulations and policies in 2023, providing a brief commentary and presenting NSFOCUS’s perspective on some important […]
Collaboration Achievement: NSFOCUS and China University of Geosciences Article Secures Spotlight in Acclaimed Journal TIFS
January 26, 2024
In a recent achievement, the paper BABD: A Bitcoin Address Behavior Dataset for Pattern Analysis, a collaboration between the NSFOCUS research team and Professor Ren Wei’s team at the Computer School of China University of Geosciences, has been featured in the prestigious journal IEEE Transactions on Information Forensics and Security (TIFS). IEEE Transactions on Information […]
GitLab Arbitrary File Write Vulnerability (CVE-2024-0402) Alert
January 26, 2024
Overview Recently, NSFOCUS CERT detected that GitLab officially released a security announcement and fixed an arbitrary file write vulnerability (CVE-2024-0402) in GitLab Community Edition (CE) and Enterprise Edition (EE). Due to path traversal issues, authenticated attackers can copy files to any location on the GitLab server when creating workspaces. The CVSS score is 9.9, affected […]
NSFOCUS SecLLM: A Paradigm Shift in Network Security
January 25, 2024
SANTA CLARA, Calif., January 25, 2024 – NSFOCUS, a leading innovator in cybersecurity solutions, is proud to announce the release of a cutting-edge Technical White Paper titled “Enhancing Network Security with Security Large Language Model (SecLLM).” This paper unveils NSFOCUS’s latest technology, developed through years of expertise in artificial intelligence and security, designed to revolutionize the landscape […]
Configuring Management IP Address for ADS M Portal
January 25, 2024
After installing the ADS M portal, configuring a management IP address is necessary to deploy the portal on the ADS M and access its webpage. Follow the steps below to set up the management IP for the portal: 1. Access the Backend of the ADS M Portal: Log in to the backend of the ADS […]
Making Secure Boot Even More Secure
January 18, 2024
Secure Boot lays the foundation for the security of the entire computer system. However, in practice, there are potential security risks in secure boot. I. Overview In the previous post “Secure Boot 101: Getting Started with Secure Boot”, we introduced several core concepts of Secure Boot. In reality, users’ computers are often encrypted, and using […]
Key Patch Updates for All Series of Oracle Products in January
January 18, 2024
Overview Recently, NSFOCUS CERT found that Oracle officially released a Critical Patch Update announcement (CPU) in January. A total of 413 vulnerabilities of different levels were fixed this time. This security update involves Oracle WebLogic Server, Oracle MySQL, Oracle Java SE, Oracle Fusion Middleware, Oracle HTTP Server and other commonly used products. Oracle strongly recommends […]
NSFOCUS WAF Disguised Response File Management
January 18, 2024
For a specific protection policy, NSFOCUS WAF can configure five actions. For more details, please view NSFOCUS WAF Protection Actions. When configuring a policy with Action set to Disguise, you need to select an existing disguised response file or upload a new one. Such files, whether existing or newly uploaded, will be displayed on the […]
