Overview Recently, NSFOCUS CERT monitored that Google Chrome has officially released a security bulletin and fixed a remote code execution vulnerability in Chrome V8 (JavaScript engine). Due to a type confusion vulnerability in Chrome V8, a remote attacker could exploit the vulnerability to execute arbitrary code on the target system. At present, the official has […]

Overview The Magniber is a notorious ransomware. Unlike the common ransomware families such as Hive and LockBit that target companies, it is primarily used to blackmail individuals with a relatively low ransom around USD 2,500. The Magniber ransomware can neither be transmitted automatically nor used to upload user files, but encrypt files only. Here listed […]

GovWare 2022 went back in-person in Singapore from 18th to 20th Oct 2022. The conference & exhibition was held with the theme of “Fostering a safe and sustainable cyberspace amidst disruption.”  At the 3-day event, Richard, Hai Siang, Meng Kiat and Cindy were there to introduce our newly launched Cloud WAAP service, DDoS protection solution and hybrid intelligent […]

Overview On October 19, NSFOCUS CERT found that Apache issued a security notice to fix a remote code execution vulnerability (CVE-2022-39198) in Dubbo. Due to a deserialization vulnerability in Dubbo’s hessian-lite, an attacker can exploit this vulnerability to remotely execute arbitrary code on the target system. Relevant users are requested to take measures to protect […]

Software supply chain security is one of the key considerations in modern supply chain security. NSFOCUS Security Labs has conducted long-term research on security of the software supply chain. We’d like to publish a series of posts to share our observations, explore security issues existing in the software supply chain, conclude the core concepts, technical […]

Santa Clara, Calif. October 18, 2022  – NSFOCUS, a global provider of intelligent hybrid security solutions, today launched its Cloud Web application and API Protection (WAAP) service for the Asia Pacific Region at the GovWare Conference & Exhibition held at Sands Expo and Convention Centre in Singapore on 18-20 October 2022.  NSFOCUS at GovWare 2022 […]

In the last series of popular science, we talked about Zero Trust Network Access (ZTNA) and learned the three critical technologies of zero trust—SDP, IAM and MSG. In this article, we will continue to introduce a security capability of NSFOCUS SASE – the SDP, one of the three major technologies. What is SDP? The SDP […]

Santa Clara, Calif. October 9, 2022  – We are honored to announce that NSFOCUS was included in the Honorable Mentions section in the Gartner® Magic Quadrant for Cloud Web Application and API Protection report. According to Gartner, by 2026, 40% of organizations will select a WAAP provider on the basis of its advanced API protections […]

The security knowledge graph, a knowledge graph specific to the security domain, is the key to realizing cognitive intelligence in cyber security, and it also lays an indispensable technological foundation for dealing with advanced, continuous and complex threats and risks in cyberspace. NSFOCUS published a series of articles about the application of the security knowledge […]

With the continuous transformation of telecommunication infrastructure in recent years, the popularization of 5G technology has promoted the sustainable and rapid growth of network bandwidth resources, and driven the rapid development of technologies such as big data, cloud computing, and the Internet of Things (IoT). However, due to security flaws, a large number of IoT […]