RSAC 2025 Innovation Sandbox | Command Zero: The Human-Machine Collaboration Engine Redefining Security Investigations

April 21, 2025 | NSFOCUS

Company Profile Command Zero was founded in 2022 and is headquartered in Austin, Texas, USA[1]. The company was co-founded by three seasoned cybersecurity experts—Dov Yoran, Dean De Beer, and Alfred Huger—who have held senior technical positions at renowned companies such as Cisco, IBM, and McAfee. They have also successfully established and sold multiple cybersecurity startups. […]

RSAC 2025 Innovation Sandbox | MIND: Data Security Innovator Leading the AI Era

April 21, 2025 | NSFOCUS

The RSA Conference 2025 is set to kick off on April 28. Known as the “Oscars of Cybersecurity”, RSAC Innovation Sandbox has become a benchmark for innovation in the cybersecurity industry. Let’s focus on the new hotspots in cybersecurity and understand the new trends in security development. Today, let’s get to know the company MIND. […]

Critical Patch Update Announcement in April for All Oracle Products

April 18, 2025 | NSFOCUS

Overview On April 16, 2025, NSFOCUS CERT detected that Oracle officially released the Critical Patch Update (CPU) for April. A total of 390 vulnerabilities with different degrees were fixed this time. This security update involves Oracle MySQL Connectors, Oracle MySQL Server, Oracle Java SE, Oracle Fusion Middleware, Oracle Financial Services Applications, Oracle Communications Applications and […]

Imagem que ilustra o que é WAF.

NSFOCUS WAF New UI Showcase: Brand New Policy and Template Management Workflow

April 15, 2025 | NSFOCUS

Three-Tier Protection Rules • Basic Protection: Pre-configured, general and popular security rules for out-of-box deployment.• Optional/Advanced Protection: Advanced rules, customized for specific Web/API applications for optimum protection. Basic Protection HTTP Protocol Verification Server Plug-in Crawler Web General Illegal Upload Information Disclosure Semantic Engine Scan Protection Optional Protection HTTP Access Control Sensitive Information Filter Smart Engine […]

Microsoft’s April Security Update of High-Risk Vulnerabilities in Multiple Products

April 11, 2025 | NSFOCUS

Overview On April 9, NSFOCUS CERT detected that Microsoft released a security update patch for April, fixing 126 security problems in widely used products such as Windows, Microsoft Office, Azure, Microsoft Edge for iOS, Microsoft Visual Studio, etc. This includes high-risk vulnerabilities such as privilege escalation and remote code execution. Among the vulnerabilities fixed in […]

Imagem que ilustra o que é WAF.

NSFOCUS WAF New UI Walkthrough: Site Configuration

April 9, 2025 | NSFOCUS

Basic Information Functional Configuration Manage Advanced Features in One Page Security Settings Key Benefits

Vite Arbitrary File Read Vulnerability (CVE-2025-31486)

April 9, 2025 | NSFOCUS

Overview Recently, NSFOCUS CERT detected that Vite issued a security bulletin to fix the Vite arbitrary file read vulnerability (CVE-2025-31486); Because the Vite development server does not strictly verify the path when processing URL requests, unauthenticated attackers can bypass path access restrictions by constructing special URLs and read arbitrary files on the target server. At […]

Vite Arbitrary File Read Vulnerability (CVE-2025-31125)

April 3, 2025 | NSFOCUS

Overview Recently, NSFOCUS CERT detected that Vite issued a security bulletin to fix the Vite arbitrary file read vulnerability (CVE-2025-31125); Because the Vite development server does not strictly verify the path when processing URL requests, unauthenticated attackers can bypass path access restrictions by constructing special URLs and read arbitrary files on the target server. At […]

Imagem que ilustra o que é WAF.

New UI for NSFOCUS WAF V6.0R09F00 – Experience a Smoother Site Management

April 3, 2025 | NSFOCUS

NSFOCUS understands that the Security Operations team is facing increasing threats to their web applications and workloads are rising accordingly, a simple yet easy-to-use WAF has become more important than ever for effective Security Operations. The upcoming NSFOCUS Web Application Firewall (WAF) V6.0R09F00 (hereafter called as 6090) not only comprehensively reconstructs the architecture but also […]

Uma imagem que ilustra um hacker.

A Deep Analysis of the Ransomware Group Babuk2’s Recent Activities

March 28, 2025 | NSFOCUS

Overview Recently, NSFOCUS CERT detected that the Babuk2 group has been frequently publishing sensitive data of several well-known organizations on its dark web site. The data is from multiple sectors, including government, finance, internet, healthcare, and education, across various countries and regions. Up to this month, at least 71 victims’ data has been disclosed, and […]

Search

Subscribe to the NSFOCUS Blog