Investigation Report on New APT Organization MurenShark: Torpedoes Fired to Turkish Navy [1]
setembro 2, 2022
Overview In 2022 Q2, NSFOCUS Security Labs detected a series of cyberattacks against Turkey. After analysis, the researchers confirmed that this round of attacks originated from Actor210426, a new threat entity identified by NSFOCUS Security Labs in April 2021. Through the clues of behavior pattern, attack method, attack tool, attack target and so on, NSFOCUS […]
Configuring Collaboration Between ADS M and NTA
setembro 1, 2022
ADS M can manage NTAs, including checking NTA running status, time synchronization, dispatching IP group configuration of a region, displaying traffic information of NTAs, and receiving logs uploaded from NTAs. The steps to configure the collaboration between ADS M and NTA are as follows: Configuring NTA Step 1: Choose Administration > Third-Party Interface > Management […]
SiS Cyber Security Solution Month
agosto 27, 2022
SiS Cyber Security Solution Month kicked off in Kwun Tong District, Hong Kong in August. NSFOCUS was invited to join this partner event. Kings Leung shared the topic “Be Prepared – Cyber Security Laws” at this event. SiS International Limited is one of the largest value-added distributors in HK. NSFOCUS and SiS have been in a good partnership since Feb 2021. In the future, […]
Description of NIPS Discarding Jumbo Frames in MPLS Traffic by Default
agosto 25, 2022
When there is MPLS traffic in the network, there may be jumbo frames whose layer 2 packet including the CRC code has a length greater than 1518 bytes. The NIPS network interface card directly discards these jumbo frames by default, causing network failure. Perform the following check on the client side: 1. Test the client-side […]
NSFOCUS ISOP Listed in The Security Analytics Platform Landscape Report
agosto 24, 2022
Santa Clara, Calif. August 24, 2022 – We are very happy to announce that NSFOCUS was included as one of notable vendors in the report The Security Analytics Platform Landscape, Q3 2022 published by Forrester, an authoritative international research consulting organization. “Security analytics platforms are the center of the SOC”, as stated in this report, “They […]
Security Knowledge Graph | Cyberspace Mapping Strengthens Tailor-Made Security
agosto 22, 2022
The security knowledge graph, a knowledge graph specific to the security domain, is the key to realizing cognitive intelligence in cyber security, and it also lays an indispensable technological foundation for dealing with advanced, continuous and complex threats and risks in cyberspace. NSFOCUS will publish a series of articles about the application of the security […]
Introduction to Web APIs of ADS
agosto 18, 2022
O&M personnel can quickly and easily perform operations such as information query and diversion configuration through web APIs. If web APIs of ADS are to be used by the management platform, mutual authentication between the management platform and ADS must be performed first to ensure security. The procedure is as follows: Step 1:Choose System > […]
Apache Hadoop Remote Code Execution Vulnerability (CVE-2022-25168) Alert
agosto 16, 2022
Overview Recently, NSFOCUS CERT found that Apache Hadoop officially fixed a command injection vulnerability. Since Apache Hadoop’s FileUtil.unTar API does not escape the input filename before passing it to the shell, an attacker could exploit this vulnerability to inject arbitrary commands and thus achieve remote code execution. Affected users are recommended to take steps to […]
Novel Browser in the Browser (BitB) technique used by threat actor UNC 1151 for phishing attacks
agosto 12, 2022
Background Recently, the cyber threat actor known as UNC 1151 group was spotted to use the Browser in the Browser (BitB) technique in its campaigns. This technique is used for phishing attacks by displaying a new browser window containing a fake login panel on the visited website. The window is so carefully crafted that it […]
Configuring HTTP Access Control on NSFOCUS WAF
agosto 12, 2022
HTTP access control policies can prevent websites from unauthorized and malicious access by controlling over HTTP requests that protected resources respond to. NSFOCUS WAF inspects requests and takes actions when a request matches any of policies you specified. Multiple policies can be applied to a single website and evaluated in top-down order. Once a packet […]
