O que é segurança cloud? Como funciona o Cloud Security
julho 29, 2024
Com o aumento do armazenamento e processamento de dados na nuvem, proteger informações sensíveis tornou-se uma preocupação crucial para indivíduos e empresas. Neste artigo, mergulharemos no conceito de segurança cloud e exploraremos como o Cloud Security funciona para garantir a proteção dos dados. Conheça mais sobre os mecanismos de segurança utilizados e as práticas recomendadas […]
Use ADS Programmable Rules to Customize Protection Capabilities
julho 26, 2024
This document will guide you through the process of leveraging programmable rules in ADS to customize your protection capabilities. Unlike static solutions, the programmable defense allows you to create custom rules and policies that respond to attacks in real time, providing more precise and effective protection. NSFOCUS ADS has incorporated this functionality in its F05 […]
Lessons Learned from the CrowdStrike Incident: Strengthening Organizational Resilience
julho 25, 2024
On July 19, 2024, a major global digital catastrophe unfolded as a faulty Windows update led by cybersecurity firm CrowdStrike’s Falcon software caused widespread system crashes and service disruptions across vital sectors in over 20 countries. This incident has exposed the deficiencies of Microsoft and its partners in product stability and risk management. Security software, […]
TransparentTribe’s Spear-Phishing Targeting Indian Government Departments
julho 24, 2024
Overview Leveraging our global threat hunting system, NSFOCUS Security Research Labs discovered spear-phishing email attacks by the APT group TransparentTribe targeting Indian government departments on February 2, 2024. The timing of these attacks coincides with the presidential election in India, scheduled for April-May of this year, and the bait documents are related to the “President’s […]
JumpServer File Read and Upload Vulnerability (CVE-2024-40628/CVE-2024-40629) Notification
julho 19, 2024
Overview Recently, NSFOCUS CERT detected that JumpServer issued a security announcement and fixed the file reading and uploading vulnerabilities in JumpServer (CVE-2024-40628/CVE-2024-40629). Due to improper permission configuration of the Ansible module in JumpServer, an attacker with a low-privilege account can use the ansible playbook to read arbitrary files in the celery container, resulting in disclosure […]
Critical Patch Update Notice in July for All Series of Oracle Products
julho 19, 2024
Overview On July 17, 2024, NSFOCUS CERT detected that Oracle officially released a critical patch update announcement CPU (Critical Patch Update) for July. A total of 397 vulnerabilities of varying degrees were fixed this time. This security update involves Oracle WebLogic Server, Oracle MySQL, Oracle Java SE, Oracle Fusion Middleware, Oracle Financial Services Applications, Oracle […]
O que é Malware? Tipos e como se proteger contra ataques
julho 17, 2024
Estar protegido contra malwares é fundamental devido às constantes ameaças que rondam o mundo digital. Mas você sabe o que é um malware? Quais os tipos que existem? E, principalmente, como proteger o seu negócio contra possíveis ataques? Continue a leitura e fortaleça a segurança dos dados para garantir uma boa experiência na era digital. […]
NSFOCUS Recognized in Forrester’s Enterprise Firewall Landscape Report, Q2 2024
julho 17, 2024
SANTA CLARA, Calif., July 17, 2024 – NSFOCUS, a leading cybersecurity company, is proud to announce its inclusion in the prestigious The Enterprise Firewall Landscape, Q2 2024 report by Forrester, a globally recognized research and advisory firm. NSFOCUS has been distinguished as a Notable Vendor for its innovative Next-Generation Firewall (NGFW) solution. Since the introduction […]
GitLab Authentication Bypass Vulnerability (CVE-2024-6385) Notification
julho 12, 2024
Overview Recently, NSFOCUS CERT detected that GitLab issued a security announcement and fixed the identity bypass vulnerability (CVE-2024-6385) in GitLab Community Edition (CE) and Enterprise Edition (EE). Due to the incomplete fixing of CVE-2024-5655, if the target branch has been deleted, when the target Gitlab repository merges the Merge Request controllable by attackers, The Pipeline […]
Microsoft’s Security Update in July of High-Risk Vulnerabilities in Multiple Products
julho 12, 2024
Overview On July 10, NSFOCUS CERT detected that Microsoft released a security update patch for July, which fixed 139 security issues involving Windows, Microsoft SQL Server, Microsoft Office, Azure and other widely used products, including high-risk vulnerabilities such as privilege escalation and remote code execution. Among the vulnerabilities fixed in Microsoft’s monthly update this month, […]
