Overview Recently, NSFOCUS CERT monitored that F5 had released a security announcement to fix a remote code execution vulnerability in BIG-IP (CVE-2023-46747). Due to the problem of F5 BIG-IP forwarding AJP protocol through Apache httpd, requests were smuggled, which could bypass permission verification. Unauthenticated remote attackers can access the BIG-IP...
Blog
Introduction to WAF Exception Policy
Exception policies are supplements or restrictions to configured basic or advanced protection policies. On the Exception Policy page, you can create, edit, delete, and duplicate exception policies. You can also create and edit exception policies on the Website Protection page. Configuration procedure: Choose Security Management > Policy Management > Exception...
Citrix NetScaler ADC and Gateway Sensitive Information Disclosure Vulnerability (CVC-2023-4966) Notification
Overview Recently, NSFOCUS CERT detected a sensitive information disclosure vulnerability in Citrix NetScaler ADC and Gateway (CVE-2023-4966). When the device is configured as a gateway (VPN virtual server, ICA proxy, CVPN, RDP proxy) or AAA virtual server, unauthorized remote attackers can exploit this vulnerability to access sensitive information and cause...
NSFOCUS Achieves Three Certifications, Paving the Path to Sustainable and Environmentally Responsible Development
SANTA CLARA, Calif., Oct 26, 2023 – NSFOCUS, a global leader in intelligent hybrid security solutions, proudly announces its recent acquisition of three significant certifications: the "Verification Statement of Greenhouse Gas Emissions," the "Energy Management System Certificate," and the "Certificate of Product Carbon Footprint." Verification Statement of Greenhouse Gas Emissions...
Apache ActiveMQ Remote Code Execution Vulnerability Notification
Overview Recently, NSFOCUS CERT found that the open source message middleware ActiveMQ developed by the Apache Software Foundation had an XML external entity injection vulnerability. Since the port 61616 was opened by default after the installation of ActiveMQ was started, and the TcpTransport function did not perform necessary checks on...
O que é computação em nuvem? Como funciona o cloud computing
A computação em nuvem está presente por todos os lados, mas você tem ideia do que isso significa? Neste artigo, vamos explorar mais sobre esse mundo, desvendar conceitos, funcionamento e os diferentes tipos de nuvem. Além disso, abordamos como a inteligência artificial impacta esse campo, como proteger os dados na...
