SANTA CLARA, Calif., June 26, 2024 — At the 16th Information Security Forum and 2024 RSAC Hot Topics Seminar held on June 7, 2024, Richard Zhao, Chief Operating Officer of International Business at NSFOCUS, presented the new picture of cybersecurity in the post-cloud era with his professional insights. Key Highlights Richard’s speech focused on three […]

Overview Recently, NSFOCUS CERT detected that VMware released a security announcement to fix the heap overflow vulnerability (CVE-2024-37079/CVE-2024-37080) and privilege escalation vulnerability (CVE-2024-37081) in VMware vCenter Server. At present, the official version has been fixed. Please take measures for protection. CVE-2024-37079/CVE-2024-37080: Because the vCenter Server has a heap overflow vulnerability when executing the DCERPC protocol, […]

SANTA CLARA, Calif., June 19, 2024 – NSFOCUS, a global leader in cybersecurity solutions, proudly announces that in the recently released IDC report, China WAAP Vendor Technology Capability Assessment, 2024, NSFOCUS’s WAAP technology received outstanding evaluations with perfect scores in five key areas: Web Application Firewall (WAF), Bot Traffic Management, Threat Intelligence, Application-layer DDoS Protection, […]

Overview Recently, NSFOCUS CERT detected that Microsoft released a security update patch for June, which fixed 49 security issues involving widely used products such as Windows, Azure, Microsoft Office and Microsoft Visual Studio, including high-risk vulnerabilities such as privilege escalation and remote code execution. Among the vulnerabilities fixed in Microsoft’s monthly update this month, there […]

Overview NSFOCUS CERT has monitored the disclosure of a PHP CGI Windows platform remote code execution vulnerability (CVE-2024-4577) on the internet recently. Due to PHP’s oversight of the Best-Fit character mapping feature of the Windows system during its design, running PHP in CGI mode on the Windows platform and using the following language settings (Simplified […]

We are excited to share that NSFOCUS has been recognized in Forrester’s The Insider Risk Solutions Landscape, Q2 2024 report. This accolade underscores our unwavering commitment to being a leader and innovator in the cybersecurity industry. Insider Risk Management is a field filled with internationally renowned security vendors and tech giants. Unlike traditional segmented markets […]

Overview Recently, NSFOCUS CERT detected that the details and verification tools of a Linux kernel privilege escalation vulnerability (CVE-2024-1086) are disclosed on the internet. Because the netfilter: nf _ tables component of the Linux kernel has a post-release reuse vulnerability, the nft _ verdict _ init () function allows positive values to be used as […]

SANTA CLARA, Calif., June 4, 2024 – NSFOCUS, a global leader in cybersecurity solutions, proudly announces a groundbreaking achievement: becoming the world’s first company to receive CMMI V3.0 Level 5 certification in both Development (DEV) and Security (SEC) domains. Following the CMMI Institute’s recent update to version 3.0 on April 1, 2024, this landmark accomplishment […]

With the increasing complexity and frequency of cybersecurity threats, organizations face many network threats. The importance of threat intelligence has become increasingly prominent. During this year’s RSA Conference, Sierra Stanczyk, the Senior Manager of Global Threat intelligence at PwC, and Allison Wikoff, the Director of Global Threat Intelligence for the Americas at PwC, shared “Connecting […]

Overview Recently, NSFOCUS CERT detected that Atlassian issued a security announcement and fixed the remote code execution vulnerability in Confluence Data Center and Server (CVE-2024-21683), with a CVSS score of 8.3. Authenticated attackers can realize remote code execution by constructing malicious requests, which will have a great impact on the confidentiality, integrity and availability of […]