NIPS V5.6R10 Rule Types
January 6, 2023
NIPS V5.6R10 has five types of rules to detect DDoS attacks, local privilege elevation, information gathering, suspicious network behaviors, and network monitoring events, respectively. They are described as follows. 1. Information gathering Information gathering is the first step of network intrusion. Attackers use various methods to scan and probe target hosts and identify paths to […]
Relationship Between Security Concept and Security Assessment for Software Supply Chain
January 5, 2023
The three concepts, transparency of software supply chain, assessable capabilities of software supply chain security, and trusted software supply chain, are closely related to the ability of end users to conduct security checks and assessments for the software supply chain, including: 1. Basic assessment of software composition security Upstream and downstream companies can provide end […]
Exchange Server OWASSRF Vulnerability (CVE-2022-41080/CVE-2022-41082) Alert
January 1, 2023
Overview Recently, NSFOCUS CERT found that security teams overseas publicly disclosed the technical details of the exploit chain for Exchange Server vulnerabilities. An authenticated remote attacker exploits an Exchange Server privilege escalation vulnerability (CVE-2022-41080) to gain permission to execute PowerShell in the context of the system on an endpoint Outlook Web Application (OWA). An attacker […]
NTA Traffic Troubleshooting
December 30, 2022
Common Problems (1) Choose Monitor > Router, and find that no data is displayed or the router traffic data size is greatly different from that in the real situation.(2) The traffic of some region IP addresses is not monitored.(3) Before upgrading to NTA V4.5R90F02SP06, the router can monitor traffic data, but after the upgrade, no […]
Security Concept for Software Supply Chain (Part 3) – Building Trusted Software Supply Chain
December 28, 2022
A crop of multi-level upstream and downstream security problems makes software supply chain (SSC) security more complex. It is difficult to assess and control the security of the whole chain only depending on companies, but it is necessary to strengthen the security supervision of the supply chain products, provide companies SBOM hosting and trusted certification […]
Bread Crumbs of Threat Actors (Dec 5, 2022 – Dec 18, 2022)
December 26, 2022
From December 5, 2022 to December 18, 2022, NSFOCUS Security Labs found activity clues of 66 APT groups, 3 malware families (MoonBounce Trojans, Razy Trojans and the CoinMinder), and 509 threat actors targeting critical infrastructure. APT Groups Among the 66 discovered APT groups, the APT28 affected the most significant number of hosts from December 5 […]
NSFOCUS Earns ISO 22301:2019 Business Continuity Management System Certification
December 23, 2022
Santa Clara, Calif. Dec 23, 2022 – NSFOCUS, a global provider of intelligent hybrid security solutions, announced today that it has attained ISO 22301:2019 Business Continuity Management System (BCMS) certification. ISO 22301 is an international standard for business continuity. It specifies the requirements for a management system to protect against, reduce the likelihood of occurrence, […]
Introduction to NSFOCUS WAF Web Decoding Function
December 22, 2022
WAF web decoding function can decode base64-encoded data. After that, WAF performs attack detection by identifying attack signatures and provides prevention. The web decoding function is configured per website. Web Decoding Configuration Step 1. Choose Security Management > Website Protection, select a website group, click Web Decoding, and then click Create in the upper-right corner […]
Bread Crumbs of Threat Actors (Nov 21, 2022 – Dec 4, 2022)
December 22, 2022
From November 21, 2022 to December 4, 2022, NSFOCUS Security Labs found activity clues of 60 APT groups, 2 malware families (Mozi ransomware and Banload Trojan horse), and 510 threat actors targeting critical infrastructure. APT Groups Among the 60 discovered APT groups, the APT group Outlaw affected the most significant number of hosts from November […]
Security Concept for Software Supply Chain (Part 2) — Assessable Capabilities of Software Supply Chain Compositions
December 14, 2022
To deal with threats from supply chains and ensure the security of their own IT infrastructure, companies shall set a list of software compositions to sort out the supply chain products, identify and manage key software suppliers, control security risks through security assessments at all stages of the life cycle of supply chains, and reduce […]
