NSFOCUS WAF IP Reputation Introduction
novembro 24, 2022
NSFOCUS WAF obtains IP Reputation Data Feed from NSFOCUS Threat Intelligence (NTI). NSFOCUS WAF IP Reputation can get the list of IP addresses that have earned a negative reputation through involvement in suspicious activity, including phishing attacks, spam, botnets, DDoS attacks, APT attacks, and more. NSFOCUS WAF will filter high-risk IP addresses from IP Reputation […]
The Increasingly Complex and Varied Vectors to Attack Software Supply Chain
novembro 23, 2022
Unlike vulnerability exploitation in products, attack vectors and implementation channels targeting the supply chain in the real environment are more diverse. Due to the advantages of low development cost, the widespread use of open-source components in projects has become the mainstream development method. The conflict between a rule-relaxed open community and limited maintenance resources provides […]
Atlassian Bitbucket Server and Data Center Command Injection Vulnerability (CVE-2022-43781) Alert
novembro 23, 2022
Overview Recently, NSFOCUS CERT found that Atlassian officially fixed a command injection vulnerability in Bitbucket Server and Data Center. Due to flaws in Bitbucket Server and Data Center, attackers with user name control rights can implement command injection through environment variables, and eventually cause commands to be executed arbitrarily on the system. The CVSS score […]
Apache Airflow Remote Code Execution Vulnerability (CVE-2022-40127)
novembro 22, 2022
Overview On November 21, NSFOCUS CERT discovered on Internet a PoC of a remote code execution vulnerability (CVE-2022-40127) in Apache Airflow. Due to the flaw in Example Dags in Apache Airflow, an attacker with UI access rights can use this vulnerability to trigger Dags, and then by manually providing the run_id parameter, attacker can execute […]
API Protection: The New Focus in the Web Application Firewall Market
novembro 21, 2022
Application programming interfaces (APIs) have become a role that can’t be ignored in digital transformation, whether in application modernization or agile business strategies. At the application development stage, APIs are standard service interfaces. When it comes to interfacing with third-party services, APIs are a common choice. In the microservice architecture, APIs are an integral part […]
NSFOCUS Named a Representative Vendor by Gartner® in the Report of Tool: Vendor Identification for Data Loss Prevention 2022
novembro 18, 2022
NSFOCUS has been recognized as one of the Representative Vendors in the Report of Tool: Vendor Identification for Data Loss Prevention 2022 1. The COVID-19 pandemic has accelerated the process of digital transformation. With the vigorous development of digital economy and information industry, the rapid implementation and application of 5G, zero trust, AI, and blockchain […]
NSFOCUS Recognized by Gartner in Hype Cycle for Security in China, 2022
novembro 17, 2022
Gartner® recently published the report of Hype Cycle™ for Security in China, 2022. NSFOCUS has been named a Sample Vendor for situational awareness and 7 other technologies, which NSFOCUS believes validates its innovation and latest practice in security management and situational awareness. According to the report, “situational awareness (SA) technologies in China “are modern, centralized […]
Detection of Constituent Proportions of Outbound Traffic for DDoS Attacks
novembro 15, 2022
Function Description This function will be released on NTA Version 4.5R90F04 in Q1 2023. In the earlier versions, the NTA identifies outbound DDoS attacks by traffic thresholds set for region IP addresses. Some customers with small-traffic businesses hope the NTA can detect constituent proportions of outbound traffic for DDoS attacks. If the outbound traffic of […]
Citrix Gateway and Citrix ADC Authentication Bypass Vulnerability (CVE-2022-27510) Alert
novembro 13, 2022
Overview Recently, NSFOCUS CERT detected that Citrix released a security notice, fixing an authentication bypass vulnerability (CVE-2022-27510). When Citrix Gateway is running with Citrix ADC as a gateway device (either using the SSL VPN feature or deployed as an ICA proxy with authentication enabled), an unauthenticated remote attacker can send malicious packets to the target […]
YApi mongo Injection Vulnerability Alert
novembro 12, 2022
Overview Recently, NSFOCUS CERT detected that an open source API interface management platform YApi mongo injection vulnerability was publicly released on the Internet. Due to the splicing of a certain function in YApi, MongoDB injection can be realized. Unauthenticated remote attackers can exploit this vulnerability to obtain the user token (including necessary parameters such as […]
