Function Description This function will be released on ADS Version 4.5R90F04 in Q1 2023. The group-specific NTI is supported in ADS V4.5R90F04 as a supplement to the existing protection method.Before using this function, choose Advanced > NTI > NTI Configuration and set Enable to Yes. The group-specific NTI policy supports...
Ano: 2022
Security Researcher from NSFOCUS Security Labs to Speak at Black Hat 2022 Europe
Gao Jian at NSFOCUS Security Labs was invited to speak at the Black Hat 2022 Europe held at ExCel London, United Kindom from December 5 to 8, 2022. Gao Jian specializes in industrial control system security, focusing on PLC and SCADA vulnerability exploitation and ICS security enhancement. He has helped...
Google Chrome V8 Type Confusion Vulnerability (CVE-2022-4262) Alert
Overview On December 5, NSFOCUS CERT found that Google officially released a type confusion vulnerability (CVE-2022-4262) in Google Chrome V8. A type confusion error occurs because a program uses one type of method to allocate or initialize a resource, such as a pointer, object, or variable, but then accesses that...
Snapd Local Privilege Escalation Vulnerability (CVE-2022-3328)
Overview On December 2, NSFOCUS CERT detected that Qualys released a local privilege escalation vulnerability (CVE-2022-3328) in Snapd. There is a conditional race vulnerability in the must_mkdir_and_open_with_perms() function in snap-confine, an attacker with normal user privileges can use Multipath Privilege Escalation Vulnerability (CVE-2022-41974) and Multipath Symbolic Link Vulnerability, bind the...
Security Concept for Software Supply Chain (Part 1) — Transparency of Software Supply Chain Compositions
Software supply chain security covers the whole software life cycle. In terms of software product complexity alone, apart from the software itself, it is necessary to ensure the security of the dependencies and transitive dependencies of software, as well as the security of the software ecosystem composed of these dependency...
New Feature – Protection Group-Specific ACL Rules in ADS R90F04
Function Description This function will be released on ADS Version 4.5R90F04 in Q1 2023. As global ACL rules may not be suitable for some scenarios, ADS R90F04 supports custom access control rules for a protection group for more refined control. The underlying implementation of ACL rules in ADS R90F04 is...
