As machine learning is increasingly used in data analysis in cybersecurity, there is a risk of privacy disclosure to some extent if models inadvertently capture sensitive information from training data. Since training data will exist in the model parameters for a long time, it is possible to directly output training...
Ano: 2023
Blacklist Function Optimization on ADS R90F03
ADS R90F03 refactors the blacklist function. You can configure group-specific blacklist rules, and blacklists of different groups take effect independently. Besides, you can use a global blacklist to make related rules and blocked addresses take effect for all groups. Blacklist Introduction on ADS The blacklist function in ADS before R90F03...
KmsdBot: A Customized Botnet Family with DDoS and Mining Capabilities
I. Overview NSFOCUS Security Labs recently detected that a new botnet family KmsdBot, which combines DDoS and mining functions, has become active again. Attackers continue to replace C&C infrastructure and update Trojan versions. Compared with the traditional botnet-like family, KmsdBot adopts a brand-new architecture and is developed in the Go...
O que é Pentest? Entenda os tipos e para que serve
Em um mundo cada vez mais conectado e dependente da tecnologia, a segurança cibernética já se tornou um dos principais pilares para todos os tipos de empresas. Com o aumento constante do cibercrime, é crucial adotar medidas proativas para proteger informações sensíveis e garantir a integridade dos negócios. Diante disto,...
Cyber Heist – Cyber Madness 2023
Cyber Heist, Aug 1-2, 2023, The Globe Tower in BGC, Taguig City, Philippines. This event aims to raise awareness of common cybersecurity threats by immersing the attendees in simulations of cybersecurity breach scenarios. Our experts discussed with audiences about the best course of action in real-world scenarios, and showcased our security...
Metabase Remote Code Execution Vulnerability (CVS 2023-37470)
Overview Recently, NSFOCUS CERT detected a remote code execution vulnerability in Metabase (CVE-2023-37470). Due to a flaw in the vulnerability fix for CVS 2023 38646, attackers can achieve remote code execution through H2 connection string injection. Affected users should take protective measures as soon as possible. Reference link: https://github.com/metabase/metabase/security/advisories/GHSA-p7w3-9m58-rq83 Scope...
