Critical VMware Product Vulnerability Alerts
agosto 10, 2022
Overview Recently, NSFOCUS CERT detected that VMware officially issued a security notice to fix multiple vulnerabilities in products such as VMware Workspace ONE Access, Identity Manager, and VMware vRealize Automation. Attackers can use these vulnerabilities to cause privilege escalation and remote code execution. At present, the official security update has been released, and relevant users […]
NSFOCUS Named as a Sample Vendor for Threat Intelligence Products and Services in 2022 Gartner® report
agosto 5, 2022
Company Named in Threat Intelligence Products and Services Category Santa Clara, Calif. August 5, 2022 – We are very proud to announce that NSFOCUS has been named a Sample Vendor in the July 2022 Gartner® Hype Cycle™ for Security Operations in the Threat Intelligence Products and Services category. In this report Gartner notes “Threat intelligence (TI) services […]
Security Knowledge Graph – APT Group Profiling and Attribution
agosto 5, 2022
The security knowledge graph, a knowledge graph specific to the security domain, is the key to realizing cognitive intelligence in cyber security, and it also lays an indispensable technological foundation for dealing with advanced, continuous and complex threats and risks in cyberspace. NSFOCUS will publish a series of articles about the application of the security […]
NIPS Blocklist Implementation and Whitelist Priority
agosto 4, 2022
The blocklist is matched based on the source IP address, destination IP address, or a combination of source and destination IP addresses of a packet. The blocklist works for TCP and UDP transport layer packets. That is to say, after an IP address is added to the blocklist, the ping is successful, but transport layer […]
Multiple High-Risk Vulnerability Alerts in Atlassian
agosto 1, 2022
Overview Recently, NSFOCUS CERT has detected that Atlassian has officially released a security bulletin, which has fixed several high-risk vulnerabilities in Atlassian products, and relevant users are requested to take measures to protect them. Arbitrary Servlet Filter Bypass Vulnerability (CVE-2022-26136): Vulnerabilities in multiple Atlassian products allow unauthenticated remote attackers to bypass servlet filters used by […]
IDNOG Workshop & Conference
julho 29, 2022
IDNOG | 2022 July 25-28, 2022 | Sheraton Grand Jakarta Gandaria City Hotel, Indonesia INDONESIA NETWORK OPERATORS GROUP (IDNOG) founded in Jakarta On June 24, 2014. IDNOG initiated by a group of volunteers from Internet Service Provider (ISP) companies, Network Access Providers (NAP) and Stake Holders. It is a non-profit organization, which is independent and do […]
Critical Patch Update for All Oracle Products in July
julho 27, 2022
Overview On July 20, 2022, NSFOCUS CERT monitored and found that Oracle officially released the CPU (Critical Patch Update) in July. A total of 349 vulnerabilities of varying degrees were fixed this time. This security update involves Oracle WebLogic Server, Oracle MySQL, Oracle Java SE, Oracle Retail Applications and many other common products. Oracle strongly […]
Configuring Collaboration Between ADS and ADS M
julho 25, 2022
ADS M supports standalone management and cluster management. In standalone management mode, ADS M manages a single ADS in an in-path or out-of-path deployment. In cluster management mode, ADS M manages multiple ADSs as a cluster for automatic synchronization of device configuration and protocol synchronization among these ADSs. The following describes how to configure stand-alone […]
Apache Spark Shell Command Injection Vulnerability (CVE-2022-33891) Alerts
julho 21, 2022
Overview Recently, NSFOCUS CERT detected that Apache officially released a security bulletin and fixed a command injection vulnerability (CVE-2022-33891) in Apache Spark. Since the Apache Spark UI enables acl through the configuration option Spark.acl.enable, by using an authentication filter, it is possible to check if a user has access to view or modify the application. […]
Configuring SSL Offload on NSFOCUS WAF
julho 18, 2022
With the increasing scale of SSL traffic, its disadvantages are becoming more and more obvious. In HTTPS communication, the client needs to start an SSL handshake with the server after the TCP handshake, which may cause SSL delay. In addition, the web server needs to encrypt and decrypt the data in transit, so the SSL […]
