At the RSA Conference 2023, Yossi Weizman, Senior Security Researcher at Microsoft Defender for Cloud, shared with us the lateral movement of the Kubernetes (aka K8s) cluster and its impact on the cloud environment. Based on Yossi's speech and NSFOCUS researchers’ understanding, this paper describes the use of lateral movement...
Blog
An Insight into RSAC 2023: 6 Keywords of RSAC 2023
Keyword 1: Stronger Together Alone we can do so little; together we can do so much." - Helen Keller The theme of this year's conference is "Stronger Together". What does "Stronger" mean? What is the specific scope to be “Together”? “Stronger" refers to the ability of the business itself to...
NSFOCUS Lua-based Anti-DDoS Solution
Limitations of Pre-configured DDoS Protection Policies Lots of organizations have realized that DDoS defense is critical to the availability of network infrastructure. But most Anti-DDoS solutions in the market still rely on pre-configured protection policies with multiple threshold options to offer multi-layered protection at different levels. However, this approach has...
Will the device restart after importing the license for ADS, ADS M, and NTA?
Upon successful import of the new license: The ADS services will be restarted. It will not cause any interruption to your business operations. The ADS M services will be restarted. It will not cause any interruption to your business operations. The NTA system be restarted. It may cause a brief...
NSFOCUS Listed in Gartner® 2023 Market Guide for Security Threat Intelligence Products and Services Again
Santa Clara, Calif. June 1, 2023 – We are proud to announce that NSFOCUS has been included in the Gartner®2023 Market Guide for Security Threat Intelligence Products and Services[1] as a representative vendor for 3 years in a row. According to this report published in May, “Security and risk management...
Apache RocketMQ Remote Code Execution Vulnerability (CVS 2023-33246)
Overview Recently, NSFOCUS CERT found that the PoC of Apache RocketMQ remote code execution vulnerability (CVE-2023-33246) was publicly disclosed online. Due to the lack of appropriate permission verification in some components such as NameServer, Broker, and Controller of RocketMQ, they were unintentionally exposed to the external network. In specific circumstances,...
