Modern DDoS Attacks and the Rise of DDoS Coalitions
abril 2, 2024
DDoS attacks have become an indispensable weapon to paralyze network systems in cyber warfare. Emerging DDoS attacks, such as HTTP/2 Rapid Reset and SLP reflection amplification attacks, are constantly emerging. Both attackers and defenders are struggling to upgrade their technology in order to discover new offensive and defensive strategies. DDoS attacks are no longer limited […]
XZ Utils Backdoor Vulnerability (CVE-2024-3094) Advisory
abril 1, 2024
Overview NSFOCUS CERT recently detected that a backdoor vulnerability in XZ Utils (CVE-2024-3094) was disclosed from the security community, with a CVSS score of 10. Because the SSH underlying layer relies on liblzma, an attacker could exploit this vulnerability to bypass SSH authentication and gain unauthorized access to affected systems, allowing arbitrary code execution. After […]
Linux Kernel Privilege Escalation Vulnerability (CVE-2024-1086) Alert
março 29, 2024
NSFOCUS CERT has detected that details and a proof-of-concept (PoC) tool for a Linux kernel privilege escalation vulnerability CVE-2024-1086, have been publicly disclosed recently. Due to a use-after-free vulnerability in the netfilter: nf_tables component of the Linux kernel, the nft_verdict_init() function allows the use of positive values as a drop error in the hook verdict. […]
NSFOCUS WAF API Security Overview
março 29, 2024
NSFOCUS WAF v.6080 provides protection for third-party API assets. The API security protection features assist clients in refining their inventory of API assets through a combination of proactive and reactive strategies. By integrating automatically generated API baselines and imported OAS files, NSFOCUS WAF conducts API compliance checks. NSFOCUS WAF supports parsing multi-protocol traffic for filtering […]
BITTER APT Targets Chinese Government Agency
março 28, 2024
On February 1, 2024, the APT Group BITTER launched a spear-phishing attack on a Chinese government agency. BITTER, also known as APT-C-08 or T-APT-17, has been actively targeting countries such as China and Pakistan, focusing on industries like government, power, and military to steal sensitive information, driven by strong political motives. In this incident, the […]
Solução Anti-DDoS: o que é e como funciona essa proteção?
março 26, 2024
O Distributed Denial of Service (DDoS) é um dos maiores desafios de segurança para empresas de todos os tamanhos, pois esse tipo de ataque tem como objetivo inoperar serviços vitais e aplicações importantes, afetando diretamente a fonte de receita das organizações. Com o crescimento da internet, as empresas têm tido que encontrar formas de se […]
ISOP – O que é e como a solução pode proteger seus ativos?
março 26, 2024
No mundo digital, a segurança dos ativos tornou-se uma preocupação primordial para empresas de todos os portes e setores. A ameaça de ataques cibernéticos, violações de dados e outras formas de comprometimento de segurança é uma realidade constante. Neste cenário, ferramentas e plataformas inovadoras são essenciais para garantir a proteção dos ativos digitais. Uma dessas […]
AI and Cybersecurity: Unveiling NSFOCUS’s Innovative Edge at HKIB Cybersecurity Solutions Day 2024
março 26, 2024
On March 15th, the Cybersecurity Solutions Day event, organized by the Hong Kong Institute of Bankers (HKIB), officially commenced. The event focused on addressing the increasingly complex cybersecurity environment influenced by AI technologies, gathering globally renowned information security vendors and experts to discuss new trends and models driven by AI in cybersecurity. NSFOCUS, as a […]
Preparation for ADS Diversion
março 22, 2024
This article summarizes the preparation configuration of ADS diversion. The specific configuration details may vary depending on the information of the ADS on the client side, router information, and ADS version. The configuration content and order can be referenced from this article. 1. Before configuring diversion, it is necessary to configure IP address information on […]
Atlassian Confluence Path Traversal Vulnerability (CVE-2024-21677) Notice
março 21, 2024
Overview Recently, NSFOCUS CERT detected that Atlassian issued a security announcement and fixed the directory traversal vulnerability in Confluence Data Center and Server (CVE-2024-21677), with a CVSS score of 8.3. Unauthenticated attackers need to interact with users, and exploiting this vulnerability can have a great impact on the confidentiality, integrity, and availability of the target […]
