Overview Recently, NSFOCUS CERT has detected a Linux kernel privilege escalation vulnerability (Dirty Frag) disclosed online. Attackers use the logical defects of splice system calls in conjunction with xfrm-ESP or RxRPC protocol stacks to tamper with the page cache of any read-only file without race conditions to obtain system root...
Blog
WAF Defense in Crisis? NSFOCUS Locks Down “Ghost Bits” Attacks in Advance
Incident Review In April 2026, Black Hat Asia 2026 disclosed a systematic security threat named Ghost Bits, targeting underlying encoding flaws in the Java ecosystem that can render mainstream WAF/IDS defenses completely ineffective. The core of this risk lies in inconsistent encoding interpretations of the same input between the security...
How to Check the Versions of BSA and ISOP
Checking the ISOP version Method 1 Switch to the security management platform, click the exclamation mark in the upper-right corner, the version is V3.0R01. Method 2 In the upper-right corner, click the small gear icon [System—Component Management] to view the version of the Security Operations Management Platform. Checking the BSA...
Coming Soon: AI-Scan OpenClaw Ecosystem Security Scanning Capabilities
As the OpenClaw ecosystem continues to surge in popularity, more customers are deploying and utilizing these AI agents on a large scale. However, this growth has brought significant security challenges to the forefront, including over 33 documented CVE vulnerabilities, 288+ GHSA security advisories, the rise in malicious Skills, and frequent...
ISOP’s Integration with NSFOCUS Devices
ISOP device management can display information about the underlying NSFOCUS devices that are connected to the interface. The NSFOCUS devices that can be integrated include RSAS, BVS, WVSS, WSM, NIPS, WAF, NF, NIDS, NTA, SAS, and UTS. The displayed information includes device name, device IP address, device type, status, version,...
ISOP Traffic Forensics
When a customer business system experiences a security incident, they often need to conduct forensic analysis on historical network traffic to identify the source of the intrusion and reconstruct the entire incident for targeted emergency response. In scenarios where customers have such traffic-analysis requirements, we can leverage the traffic forensics...
