Microsoft September Security Updates for Multiple High-Risk Product Vulnerabilities

setembro 15, 2023

Overview On September 13, NSFOCUS CERT found that Microsoft had released a security update patch for September, fixing 61 security issues, involving Microsoft SharePoint Server, Visual Studio, Internet Connection Sharing (ICS), Microsoft Azure Kubernetes Service, Microsoft Exchange and other widely used products, including high-risk vulnerability types such as privilege enhancement, remote code execution, etc. Among […]

NSFOCUS Ranked No. 2 in China Network Detection and Response Market 2022

setembro 14, 2023

IDC has recently published its China Network Detection and Response (NDR) Market Report for 2022, which provides a comprehensive analysis of the market development, functions, and technologies pertaining to Network Detection and Response (NDR) products. The report specifically focuses on identifying and highlighting the leading NDR vendors in the industry. According to IDC’s estimates, NSFOCUS […]

Google Chrome Heap Buffer Overflow Vulnerability (CVS 2023-4863) Notification

setembro 13, 2023

Overview Recently, NSFOCUS CERT found that Google officially fixed a heap buffer overflow vulnerability (CVE-2023-4863). Due to a flaw in the WebP module, an attacker triggered the vulnerability by inducing users to visit a malicious website, which ultimately led to arbitrary code execution on the target system. At present, it has been detected that the […]

Turmoil in Libya: Major Industries Hit by Massive DDoS Attacks

setembro 12, 2023

I. Background In August, NSFOCUS Global Threat Hunting System spotted an abnormal trend of DDoS attacks against Libya. NSFOCUS Security Labs sorted out the traffic changes of DDoS attacks in August and found that this attack may be related to the turmoil in Libya in August by comparing it with key events in Libya in […]

Insights from Attack and Defense Drills: Strategies and Resilience

setembro 11, 2023

Recently, NSFOCUS SOC team summarized the findings from attack and defense drills in the first half of 2023. In these smokeless battles, the attackers advanced with aggressive strategies, while the defenders relied on comprehensive defense systems, taking measures from protecting, monitoring to tracing, and resisting every attempt to breach their defenses. Vulnerability and Asset Impact […]

Introduction to NSFOCUS WAF Apply Rule Database

setembro 11, 2023

In the versions before, after users upgrade the NSFOCUS WAF Rule Database, they have to add the new rules one by one to the website’s policy based on the rule name or the rule number manually to apply the new policies. To improve user experience, the NSFOCUS WAF version has optimized this functionality. […]

Multiple Security Vulnerability Notifications on Apple Products

setembro 8, 2023

Overview Recently, NSFOCUS CERT has detected that Apple has officially repaired two 0day vulnerabilities in multiple Apple products. At present, it has detected that there are uses in wild. Affected users should take protective measures as soon as possible. The details of the vulnerability are as follows: Apple ImageIO Remote Code Execution Vulnerability (CVS 2023-41064): […]

Multiple security vulnerability notifications on Google Chrome

setembro 7, 2023

Overview Recently, NSFOCUS CERT has monitored that Google Chrome has officially released security announcements and fixed several security vulnerabilities. The key vulnerabilities are as follows: Google Chrome Cross Border Read Vulnerability (CVE-2023-4761): Due to an out of bounds memory read vulnerability in Google Chrome FebCM, attackers who can disrupt the renderer process can perform out […]

VMware Aria Operations for Networks Authentication Bypass Vulnerability (CVE-2023-34039)

setembro 5, 2023

Overview Recently, NSFOCUS CERT detected an Authentication Bypass vulnerability in VMware Aria Operations for Networks. Due to the lack of unique cryptographic key generation, Aria Operations for Networks is susceptible to an authentication bypass vulnerability. Attackers with network access to Aria Operations for Networks could bypass SSH authentication to gain access to the Aria Operations […]

NSFOCUS Included in Gartner 2023 Hype Cycle for Smart City and Sustainability in China Report Again

smart city

setembro 5, 2023

We proudly announce that NSFOCUS was again included in Gartner® Hype CycleTM for Smart City and Sustainability in China (2023) report1 in CPS Security. “Cyber-physical systems (CPS) are engineered systems that orchestrate sensing, computation, control, networking and analytics to interact with the physical world (including humans). When secure, they enable safe, real-time, reliable, resilient and […]


Inscreva-se no Blog da NSFOCUS