NSFOCUS

VMware vCenter Server Command Execution Vulnerability (CVE-2025-41225)

maio 21, 2025

Overview Recently, NSFOCUS CERT detected that VMware issued a security bulletin to fix the command execution vulnerability (CVE-2025-41225) of VMware vCenter Server; Due to an authenticated command execution vulnerability in VMware vCenter Server, an attacker with permissions to create or modify alerts and run scripts can exploit this vulnerability to execute arbitrary commands on the […]

Ivanti Endpoint Manager Mobile Authentication Bypass and Remote Code Execution Vulnerability (CVE-2025-4427/CVE-2025-4428)

maio 16, 2025

Recently, NSFOCUS CERT detected that Ivanti issued a security advisory to fix the authentication bypass and remote code execution vulnerabilities (CVE-2025-4427/CVE-2025-4428) in Ivanti Endpoint Manager Mobile (EPMM). At present, both 2 vulnerabilities have been found to be exploited in the wild. Please take measures to protect them as soon as possible. CVE-2025-4427: An authentication bypass […]

NSFOCUS WAF Selected in the 2025 Gartner® Market Guide for Cloud Web Application and API Protection

maio 14, 2025

Santa Clara, Calif. May 14, 2025 – Recently, Gartner released the “Market Guide for Cloud Web Application and API Protection”[1], and NSFOCUS was selected as a Representative Vendor with its innovative WAAP solution. We believe this recognition reflects the technical accumulation and practical capabilities of NSFOCUS WAF in the field of cloud native security protection. Its […]

India-Pakistan Conflicts Escalating: Military Operations and DDoS Attacks Making Targeted Strikes

maio 13, 2025

Background On May 7, 2025, NSFOCUS Fuying Lab released “Two-Front Confrontation: Parallel Narratives of India-Pakistan Reality Friction and Cyber DDoS Attacks“, which analyzed the DDoS attack activities in the early stage of India-Pakistan friction. This article is the second in this series, mainly analyzing the DDoS attack activities against India after May 7. May 7, […]

High Risk Warning for Windows Ecosystem: New Botnet Family HTTPBot is Expanding

maio 12, 2025

Overview In April 2025, the Global Threat Hunting system of NSFOCUS Fuying Lab detected a significant increase in the activity of a new Botnet Trojan developed based on Go language. Given that many of its built-in DDoS attack methods are HTTP-based, Fuying Lab named it HTTPBot. The HTTPBot Botnet family first came into our monitoring […]

Elastic Kibana Prototype Contamination Leads to Arbitrary Code Execution Vulnerability (CVE-2025-25014)

maio 9, 2025

Overview Recently, NSFOCUS CERT detected that Elastic issued a security bulletin to fix the arbitrary code execution vulnerability caused by Elastic Kibana prototype contamination (CVE-2025-25014); Due to the prototype contamination problem in Kibana, an attacker with specific role privileges can bypass the authentication mechanism by constructing specially crafted file uploads and specific HTTP requests to […]

Two Battlegrounds: India-Pakistan Conflicts and DDoS Attacks

maio 8, 2025

Background Monitoring data from the Global Threat Hunting System of NSFOCUS Fuying Lab shows that since the terrorist attack on tourists in Pahargam Town, Indian-controlled Kashmir on April 22, 2025 (killing 26 people), there has been a significant surge in DDoS attacks between India and Pakistan. This escalation of cyber confrontation is highly consistent with […]

NSFOCUS ISOP: Reshaping Security Operations with Autonomous SOC

NSFOCUS ISOP

abril 29, 2025

In the daily operations of traditional Security Operations Centers (SOCs), operators often face two major challenges: NSFOCUS ISOP leverages AI and LLM technologies include NSFGPT and Deepseek to build a autonomous security operations system covering all stage of SOC operations: detection – analysis – response – monitoring. Our aim is: SOC Engineers + SecLLM = Senior Security Experts […]

NSFOCUS ISOP Receives International Recognition: AI Drives Enterprise Security Operations from “Complex” to “Simple”

abril 28, 2025

Santa Clara, Calif. April 27, 2025 – Recently, NSFOCUS Intelligent Security Operations Platform (NSFOCUS ISOP) was once again recognized by the internationally renowned consulting firm Frost & Sullivan and won the 2024 “Global Modern SIEM Technology Innovation Leadership Award”. Frost & Sullivan Best Practices Recognition awards companies each year in a variety of regional and global […]

NSFOCUS APT Monthly Briefing – March 2025

Uma imagem que ilustra um hacker.

abril 27, 2025

Regional APT Threat Situation Overview In March 2025, the global threat hunting system of NSFOCUS Fuying Laboratory discovered a total of 19 APT attack activities. These activities were mainly distributed in South Asia, East Asia, Eastern Europe, and South America, as shown in the following figure. In terms of group activity, the most active APT […]

Search

Inscreva-se no Blog da NSFOCUS