Bread Crumbs of Threat Actors (Nov 21, 2022 – Dec 4, 2022)
December 22, 2022
From November 21, 2022 to December 4, 2022, NSFOCUS Security Labs found activity clues of 60 APT groups, 2 malware families (Mozi ransomware and Banload Trojan horse), and 510 threat actors targeting critical infrastructure. APT Groups Among the 60 discovered APT groups, the APT group Outlaw affected the most significant number of hosts from November […]
Security Concept for Software Supply Chain (Part 2) — Assessable Capabilities of Software Supply Chain Compositions
December 14, 2022
To deal with threats from supply chains and ensure the security of their own IT infrastructure, companies shall set a list of software compositions to sort out the supply chain products, identify and manage key software suppliers, control security risks through security assessments at all stages of the life cycle of supply chains, and reduce […]
New Feature – Protection Group-Specific NTI of ADS V4.5R90F04
December 9, 2022
Function Description This function will be released on ADS Version 4.5R90F04 in Q1 2023. The group-specific NTI is supported in ADS V4.5R90F04 as a supplement to the existing protection method.Before using this function, choose Advanced > NTI > NTI Configuration and set Enable to Yes. The group-specific NTI policy supports Traffic Control by Dst IP […]
Security Researcher from NSFOCUS Security Labs to Speak at Black Hat 2022 Europe
December 7, 2022
Gao Jian at NSFOCUS Security Labs was invited to speak at the Black Hat 2022 Europe held at ExCel London, United Kindom from December 5 to 8, 2022. Gao Jian specializes in industrial control system security, focusing on PLC and SCADA vulnerability exploitation and ICS security enhancement. He has helped many vendors, including Siemens, Codesys, […]
Security Concept for Software Supply Chain (Part 1) — Transparency of Software Supply Chain Compositions
December 2, 2022
Software supply chain security covers the whole software life cycle. In terms of software product complexity alone, apart from the software itself, it is necessary to ensure the security of the dependencies and transitive dependencies of software, as well as the security of the software ecosystem composed of these dependency chains. Especially regarding the issue […]
New Feature – Protection Group-Specific ACL Rules in ADS R90F04
December 2, 2022
Function Description This function will be released on ADS Version 4.5R90F04 in Q1 2023. As global ACL rules may not be suitable for some scenarios, ADS R90F04 supports custom access control rules for a protection group for more refined control. The underlying implementation of ACL rules in ADS R90F04 is refactored, significantly improving the performance. […]
Glocomp – Partner Event in Malaysia
November 30, 2022
The partner event with Glocomp Systems (M) Sdn Bhd kicked off on Nov. 29th in Malaysia. It was a wonderful chance for us to introduce our latest Next-Gen Firewall (NGFW) solution which meets the changing needs of the cloud-enabled enterprise network.
A Look at Qatar’s Infrastructure Construction Through Cyberspace Surveying and Mapping Technology
November 28, 2022
As the 2022 FIFA World Cup kicked off on Sunday, Nov 20, 2022, no country can be more notable than Qatar these days. In this article, we will get you familiar with the host nation Qatar, and show you its infrastructure construction level through analysis of cyberspace services. Qatar and the FIFA 2022 World Cup […]
NSFOCUS WAF IP Reputation Introduction
November 24, 2022
NSFOCUS WAF obtains IP Reputation Data Feed from NSFOCUS Threat Intelligence (NTI). NSFOCUS WAF IP Reputation can get the list of IP addresses that have earned a negative reputation through involvement in suspicious activity, including phishing attacks, spam, botnets, DDoS attacks, APT attacks, and more. NSFOCUS WAF will filter high-risk IP addresses from IP Reputation […]
The Increasingly Complex and Varied Vectors to Attack Software Supply Chain
November 23, 2022
Unlike vulnerability exploitation in products, attack vectors and implementation channels targeting the supply chain in the real environment are more diverse. Due to the advantages of low development cost, the widespread use of open-source components in projects has become the mainstream development method. The conflict between a rule-relaxed open community and limited maintenance resources provides […]
