Author: Rishi Agarwal, Chief Evangelist, NSFOCUS When the news reports on DDoS attacks, it is generally referring to large-scale network attacks that are focused on Layer 3 and 4 of the network stack. However, from a mitigation point of view, network layer attacks are not sophisticated. The ability to mitigate this type of attack always […]

By: Junli Shen, Network Offensive and Defensive Researcher, NSFOCUS Analysis of Core WordPress SQL Injection Vulnerability As a Threat Response Center (TRC) researcher, I conducted a thorough analysis on the “Core WordPress SQL Injection Vulnerability” (CVE-2015-5623 and CVE-2015-2213). Vulnerability Overview Previously, I read a tweet about the SQL injection vulnerability found in the core function of […]

By: Zujun Xu, Senior Security Consultant, NSFOCUS The Current State of DDoS attacks It has been 20 years passed since the first DDoS attack. Many variants appeared during this period of time, such as DDRoS, which has the same result as DDoS attacks, to disrupt the availability of the target host and their services. DDoS protection […]

Gartner, the world’s leading research and advisory firm, released two authoritative magic quadrants (application security testing (AST) and web application firewalls (WAFs)) regarding web security every year by selecting important vendors with global influence. We are so proud that NSFOCUS WVSS and WAF had both recognized in Gartner’s Two Magic Quadrants. With dramatic increasing services […]