Overview Recently, NSFOCUS CERT detected that GitLab issued a security announcement and fixed the identity bypass vulnerability (CVE-2024-6385) in GitLab Community Edition (CE) and Enterprise Edition (EE). Due to the incomplete fixing of CVE-2024-5655, if the target branch has been deleted, when the target Gitlab repository merges the Merge Request...
Ano: 2024
Microsoft’s Security Update in July of High-Risk Vulnerabilities in Multiple Products
Overview On July 10, NSFOCUS CERT detected that Microsoft released a security update patch for July, which fixed 139 security issues involving Windows, Microsoft SQL Server, Microsoft Office, Azure and other widely used products, including high-risk vulnerabilities such as privilege escalation and remote code execution. Among the vulnerabilities fixed in...
Enable Two-Factor Authentication (2FA) with Email Verification on NTA
This article provides instructions on configuring and using email verification with password authentication to implement two-factor authentication (2FA) on NTA. The NTA version used in this article is V4.5R90F05. The email verification feature is unavailable if your device runs an earlier version. To use this feature, you must upgrade NTA...
NSFOCUS Recognized as a Leading Innovator in AI-driven Cybersecurity Solutions at WAIC 2024
SANTA CLARA, Calif., July 12, 2024 — NSFOCUS is honored to announce that its Large Model Empowered Security Operations case has been featured in the 2024 Case Studies of Demonstration Application for Foundation Models at the World Artificial Intelligence Conference (WAIC). This prestigious recognition highlights NSFOCUS’s pioneering efforts in AI-driven...
O que é RSAS? Veja como funciona a solução
Em meio ao cenário dinâmico de segurança cibernética, as organizações enfrentam um desafios cada vez maiores. A necessidade de proteger ativos de dados críticos e atender aos requisitos de conformidade é mais crucial do que nunca. Nesse contexto, o RSAS (Sistema de Avaliação de Segurança Remota) da NSFOCUS se destaca...
Remote Code Execution Vulnerability between GeoServer and GeoTools (CVE-2024-36401/CVE-2024-36404) Notification
Overview Recently, NSFOCUS CERT detected that GeoServer and GeoTools issued security announcements and fixed the XPath expression injection vulnerability in GeoServer and GeoTools (CVE-2024-36404). As the GeoTools library API called by GeoServer will pass the attribute name of element type to commons-jxpath library in an insecure manner, this library can...
