Hidden Dangers of Security Threats in the Tide of DeepSeek
fevereiro 19, 2025
Recently, DeepSeek attracted global attention and triggered worldwide discussion with its advanced AI models. According to media, numerous Chinese companies have integrated DeepSeek, including Tencent, Alibaba, Baidu, Huawei, Geely Auto, PICC, Huawei, Honor, OPPO and Lenovo, covering multiple industries such as telecommunications, cloud computing, semiconductors, finance, automotive, and mobile technology. Meanwhile, With the fast increasing […]
Palo Alto Networks PAN-OS Authentication Bypass Vulnerability (CVE-2025-0108)
fevereiro 14, 2025
Overview Recently, NSFOCUS CERT detected that Palo Alto Networks issued a security announcement and fixed the identity bypass vulnerability in PAN-OS (CVE-2025-0108). Due to the problem of path processing by Nginx/Apache in PAN-OS, unauthenticated attackers can bypass authentication to access the management web interface of PAN-OS device and call some PHP scripts, thus obtaining sensitive […]
Microsoft Security Update Notification in February of High-Risk Vulnerabilities in Multiple Products
fevereiro 14, 2025
Overview On February 12, NSFOCUS CERT detected that Microsoft released a security update patch for February, which fixed 63 security issues involving widely used products such as Windows, Microsoft Office, Azure, Apps, and Microsoft Visual Studio, including high-risk vulnerabilities such as privilege escalation and remote code execution. Among the vulnerabilities fixed in Microsoft’s monthly update […]
NSFGPT VS DeepSeek: A Test on DeepSeek’s Security Alarm Capability
fevereiro 13, 2025
NSFOCUS Security Lab conducted actual tests recently to evaluate DeepSeek-R1’s performance in security alarm analysis, in which DeepSeek-R1 showed higher alarm coverage than NSFOCUS’ self-developed SecLLM NSFGPT, but it also faces high false alarm rate and large performance overhead. Nonetheless, its enormous potential is noteworthy. This post will focus on the application evaluation of DeepSeek-R1 […]
Insights from the DeepSeek Malicious Software Package Incident: Why Software Supply Chain Security Matters in Global AI Technology Competition
fevereiro 11, 2025
Background With the widespread application of AI technology, software supply chains are facing more complex and diverse security threats. Since January 2025, DeepSeek, as an emerging force in China’s AI industry, has suffered from series of cyberattacks. According to the analysis by NSFOCUS Security Lab, most attacks are from IP addresses in the United States. […]
Core Features in NSFOCUS RSAS R04F04 2-2
fevereiro 6, 2025
Continuous Improvement of Asset Detection Capability Asset detection refers to the process of tracking and mastering network assets. The detection covers hardware equipment such as network products and general computing equipment; system software such as operating systems and virtualization platforms; middleware such as databases, language environments and development frameworks; application software such as ERP and […]
The Supply Chain Security System of Low-altitude Economy
fevereiro 4, 2025
Previous posts: Security Risks of Low-altitude Economy The Network Security Business System of Low-altitude Economy The low-altitude economic supply chain security system aims to build an all-round security system from upstream to downstream. The upstream links ensure the safety at source by strictly controlling the supply of raw materials and key components. Implement trusted design […]
Core Features in NSFOCUS RSAS R04F04 1-2
fevereiro 2, 2025
In the new NSFOCUS RSAS version R04F04, we optimized several core features and functions. In this post, we will focus on the optimization of the product interface function process during the vulnerability scanning process. Efficient Asset Management Vulnerabilities are asset-based, so it is necessary to sort out the existing assets of users and manage them […]
The Network Security Business System of Low-altitude Economy
fevereiro 1, 2025
Previous post on security risks of low-altitude Economy: https://nsfocusglobal.com/security-risks-of-low-altitude-economy How to construct a comprehensive network security business system in the field of low-altitude economy? The purpose of network data security is to prevent leakage, resist attack and protect system and privacy. The operation of the low-altitude connection system contains massive information and data, so it […]
The Undercurrent Behind the Rise of DeepSeek: DDoS Attacks in the Global AI Technology Game
janeiro 31, 2025
Background The rise of DeepSeek is undoubtedly a milestone in the development of AI technology in China. As a representative AI enterprise, DeepSeek has not only made breakthrough progress in technological innovation and commercial application, but also demonstrated the outstanding strength and great potential of Chinese technology enterprises in the global AI competition. However, as […]
