Overview Recently, NSFOCUS CERT detected an Authentication Bypass vulnerability in VMware Aria Operations for Networks. Due to the lack of unique cryptographic key generation, Aria Operations for Networks is susceptible to an authentication bypass vulnerability. Attackers with network access to Aria Operations for Networks could bypass SSH authentication to gain...
Blog
NSFOCUS Included in Gartner 2023 Hype Cycle for Smart City and Sustainability in China Report Again
We proudly announce that NSFOCUS was again included in Gartner® Hype CycleTM for Smart City and Sustainability in China (2023) report1 in CPS Security. “Cyber-physical systems (CPS) are engineered systems that orchestrate sensing, computation, control, networking and analytics to interact with the physical world (including humans). When secure, they enable...
IDNIC (Indonesia Network Information Center)’s Training Series workshop
IDNIC, Aug 29-30, 2023, Aston Lampung City Hotel, Indonesia. NSFOCUS team attended IDNIC (Indonesia Network Information Center)'s Training Series workshop in the Aston Lampung City Hotel. Together we had a fruitful discussion about BGP, Information Security, DNS and IPv6.
Ameaças virtuais: Dicas para manter a segurança
A era digital trouxe consigo inúmeras conveniências, mas também abriu portas para uma crescente quantidade de ameaças virtuais. Por isso, a proteção é essencial tanto para indivíduos, quanto para empresas. Neste artigo, vamos explorar o que são ameaças virtuais, os tipos mais comuns, dicas para prevenção e a importância de...
APT34 Unleashes New Wave of Phishing Attack with Variant of SideTwist Trojan
Recently, NSFOCUS Security Labs captured a new APT34 phishing attack. During the campaign, APT34 attackers disguised as a marketing services company called GGMS launched attacks against enterprise targets and released a variant of SideTwist Trojan to achieve long-term control of the victim host. Introduction to APT34 APT34, also known as...
Introduction to ADS’s HTTP Keyword Checking Policy
HTTP Keyword Checking is a process by which ADS controls HTTP traffic through the ADS device. In addition, ADS takes a specific action (Accept, Drop, Disconnect, Add to blacklist, Add to whitelist, or Limit rate) as configured on passing packets whose source IP address and specific fields match the HTTP...
