2022 - Página 25 de 26

Futuristic skyscrapers with digital network overlay.

APT Retrospection: FIN7 Uses Windows 11 Topics as Bait to Do Spear Phishing Attacks

Por Jie JiPostou 3 de fevereiro de 2022

Overview In July 2021, NSFOCUS Security Labs captured a number of phishing documents using windows 11 related topics as bait. These phishing documents show some ideas and techniques that are different from common phishing attacks. Through in-depth analysis, NSFOCUS Security Labs found that the phishing files are part of a large-scale spear...

Digital security concept with padlock hologram.

SASE Popular Science Series – Understanding SD-WAN

Por Jie JiPostou 1 de fevereiro de 2022

SASE (Security Access Services Edge) is a SaaS service that integrates security and network (To learn about what the SASE is, read SASE, Born for Digital Age). It incorporates too many new concepts. To make it easier to understand, we decided to post the popular science series on SASE, which...

Diagram illustrating a BERT model extraction attack.

NSFOCUS Releases 2021 Global DDoS Attack Landscape Report

Por Jie JiPostou 29 de janeiro de 2022

MILPITAS, Calif. – January 28, 2022 – NSFOCUS, a leader in holistic hybrid security solutions, today released the 2021 Global DDoS Attack Landscape, a joint report by working with Tencent, which found that DDoS attacks have entered terabit era with the largest DDoS traffic peaked at 2.4 Tbps (or 3.25 Tbps...

DDoS Attacks Have Entered Terabit Era

Por Jie JiPostou 29 de janeiro de 2022

MILPITAS, Calif. – January 28, 2022 – NSFOCUS, a leader in holistic hybrid security solutions, today released the 2021 Global DDoS Attack Landscape, a joint report by working with Tencent, which found that DDoS attacks have entered the terabit era with the largest DDoS traffic peaked at 2.4 Tbps (or 3.25...

Command prompt showing a Python script connection.

HTTP Stack Remote Code Execution Vulnerability (CVE-2022-21907) Alert

Por Jie JiPostou 28 de janeiro de 2022

Overview On January 12, NSFOCUS CERT detected that Microsoft released a monthly security update, which fixed an HTTP protocol stack remote code execution vulnerability (CVE-2022-21907). A buffer overflow can occur due to a boundary error in the HTTP Trailer Support feature in the HTTP stack (HTTP.sys). An unauthenticated attacker can...

Apache log4j Deserialization and SQL Injection Vulnerability (CVE-2022-23302/CVE-2022-23305/CVE-2022-23307) Alert

Por Jie JiPostou 26 de janeiro de 2022

Overview On January 19, NSFOCUS CERT detected that Apache released a security bulletin that disclosed three Log4j vulnerabilities, all of which affected the Apache Log4j 1.x version, and the official support and maintenance are no longer available. Please take measures as soon as possible to protect the relevant users. Apache...