Behind the Rise of ChatGPT
abril 27, 2023
ChatGPT is like a bomb in the Artificial Intelligence (AI) world, causing vibrations that have gradually spread to various industries. Against the backdrop of the widespread application of AI, why can ChatGPT still stand out and become the new top stream of popular discussion? After analyzing the core of ChatGPT, it is not difficult to […]
Models are also assets: AI will be a new arena of attack and defense
abril 26, 2023
On the afternoon of April 24, 2023, RSA Conference announced the winner of the innovation sandbox contest this year, and HiddenLayer, an AI security vendor, was crowned the Most Innovative Startup 2023. Starting from HiddenLayer, the innovative sandbox champion, this article will further interpret and explore AI security. Figure 1. HiddenLayer Won the Most Innovative […]
Strapi Multiple Security Vulnerability Notice
abril 26, 2023
Overview Recently, NSFOCUS CERT found that Strapi has officially issued a security notice, which fixes several Strapi security vulnerabilities. Due to a flaw in the Strapi system, when there are any entries created or updated by super administrator users on publicly accessed entries, attackers can execute arbitrary code on the target system by combining the […]
NSFOCUS Launches NSFOCUS T-ONE CLOUD at RSAC 2023
abril 26, 2023
A Revolutionary Security Architecture Empowers ISPs, MSSPs and Hosting Providers To Deliver SOC-as-a-Service To Customers Santa Clara, Calif. April 26, 2023 – NSFOCUS, a leading provider of network security solutions and services, is proud to announce the launch of NSFOCUS T-ONE CLOUD, a cutting-edge security architecture designed specifically for Internet Service Providers (ISPs), Managed Security Service […]
NSFOCUS Blocked an 8-Day Persistent DDoS Attack with 386.5 Gbps Peak Traffic
abril 25, 2023
What happened In March 2023, NSFOCUS security team blocked the worst DDoS attack of the year. The attack was targeted at an Internet service provider customer located in Brazil, with a peak attack traffic of 386.5 Gbps and astonishing total attack traffic of 1184.4 Tbps. This large-scale DDoS attack lasted for 8 days, posing huge […]
Spring Boot Security Bypass Vulnerability (CVS-2023-20873) Notice
abril 25, 2023
Overview Recently, NSFOCUS CERT found that Spring officially issued a security notice, which fixed a Spring Boot authentication bypass vulnerability (CVE-2023-20873). When Spring Boot is deployed to Cloud Foundry and there is code/cloudFoundryapplication/* * that can handle matching requests, and used in conjunction with a catch all request mapping that matches/* *, unauthenticated remote attackers […]
Communication Port Between ADS M & Portal
abril 25, 2023
Scenario Integrate Portal on the External Network with ADS M on the Internal Network. Required Ports The Portal has a dedicated public IP address. ADS M intranet uses a single public egress IP for external connectivity, and any access to the public network must go through this IP. To establish a connection between Portal and […]
Apache Druid Remote Code Execution Vulnerability Notice
abril 24, 2023
Overview Recently, NSFOCUS CERT found that an Apache Druid remote code execution vulnerability was publicly disclosed online. Under default configuration, Apache Druid supports loading data from Kafka. Unauthenticated remote attackers can implement JNDI injection attacks by modifying Kafka connection configuration properties, ultimately leading to the execution of arbitrary code on the server. Affected users should […]
Google Chrome Skia Integer Overflow Vulnerability (CVS 2023-2136) Notice
abril 24, 2023
Overview Recently, NSFOCUS CERT found that Google officially fixed an integer overflow vulnerability in Chrome Skia (CVE-2023-2136). Due to a flaw in Skia, when the value exceeds the maximum limit of integer type due to arithmetic operations, an integer overflow will occur. The attacker triggers this vulnerability by inducing users to open a specially crafted […]
Who Will Be the Winner? – Top 10 Finalists at RSAC 2023 Innovation Sandbox at a Glance
abril 23, 2023
RSAC Innovation Sandbox contest 2023 will be held on April 24th at Moscone South, San Francisco. As the “Oscar of Cybersecurity,” the RSAC Innovation Sandbox contest is highly anticipated every year. Let’s take a look at the top 10 finalists this year. Figure 1 The 2023 Top 10 Finalists The top 10 innovative sandbox […]
