Background On May 7, 2025, NSFOCUS Fuying Lab released "Two-Front Confrontation: Parallel Narratives of India-Pakistan Reality Friction and Cyber DDoS Attacks", which analyzed the DDoS attack activities in the early stage of India-Pakistan friction. This article is the second in this series, mainly analyzing the DDoS attack activities against India...
Autor: NSFOCUS
High Risk Warning for Windows Ecosystem: New Botnet Family HTTPBot is Expanding
Overview In April 2025, the Global Threat Hunting system of NSFOCUS Fuying Lab detected a significant increase in the activity of a new Botnet Trojan developed based on Go language. Given that many of its built-in DDoS attack methods are HTTP-based, Fuying Lab named it HTTPBot. The HTTPBot Botnet family...
Elastic Kibana Prototype Contamination Leads to Arbitrary Code Execution Vulnerability (CVE-2025-25014)
Overview Recently, NSFOCUS CERT detected that Elastic issued a security bulletin to fix the arbitrary code execution vulnerability caused by Elastic Kibana prototype contamination (CVE-2025-25014); Due to the prototype contamination problem in Kibana, an attacker with specific role privileges can bypass the authentication mechanism by constructing specially crafted file uploads...
Two Battlegrounds: India-Pakistan Conflicts and DDoS Attacks
Background Monitoring data from the Global Threat Hunting System of NSFOCUS Fuying Lab shows that since the terrorist attack on tourists in Pahargam Town, Indian-controlled Kashmir on April 22, 2025 (killing 26 people), there has been a significant surge in DDoS attacks between India and Pakistan. This escalation of cyber...
NSFOCUS ISOP: Reshaping Security Operations with Autonomous SOC
In the daily operations of traditional Security Operations Centers (SOCs), operators often face two major challenges: Massive alerts which are often too many for SOC operators: critical security incident may hide in daily massive alerts, as too many alerts can easily distract and exhaust the limited SOC resource, preventing SOC...
NSFOCUS ISOP Receives International Recognition: AI Drives Enterprise Security Operations from “Complex” to “Simple”
Santa Clara, Calif. April 27, 2025 – Recently, NSFOCUS Intelligent Security Operations Platform (NSFOCUS ISOP) was once again recognized by the internationally renowned consulting firm Frost & Sullivan and won the 2024 "Global Modern SIEM Technology Innovation Leadership Award". Frost & Sullivan Best Practices Recognition awards companies each year in a...
