F5 BIG-IP Remote Code Execution Vulnerability (CVE-2023-46747) Notification
outubro 31, 2023
Overview Recently, NSFOCUS CERT monitored that F5 had released a security announcement to fix a remote code execution vulnerability in BIG-IP (CVE-2023-46747). Due to the problem of F5 BIG-IP forwarding AJP protocol through Apache httpd, requests were smuggled, which could bypass permission verification. Unauthenticated remote attackers can access the BIG-IP system through the BIG-IP management […]
Introduction to WAF Exception Policy
outubro 27, 2023
Exception policies are supplements or restrictions to configured basic or advanced protection policies. On the Exception Policy page, you can create, edit, delete, and duplicate exception policies. You can also create and edit exception policies on the Website Protection page. Configuration procedure: Choose Security Management > Policy Management > Exception Policy, click Create in the […]
Citrix NetScaler ADC and Gateway Sensitive Information Disclosure Vulnerability (CVC-2023-4966) Notification
outubro 26, 2023
Overview Recently, NSFOCUS CERT detected a sensitive information disclosure vulnerability in Citrix NetScaler ADC and Gateway (CVE-2023-4966). When the device is configured as a gateway (VPN virtual server, ICA proxy, CVPN, RDP proxy) or AAA virtual server, unauthorized remote attackers can exploit this vulnerability to access sensitive information and cause information leakage. The CVSS score […]
NSFOCUS Achieves Three Certifications, Paving the Path to Sustainable and Environmentally Responsible Development
outubro 26, 2023
SANTA CLARA, Calif., Oct 26, 2023 – NSFOCUS, a global leader in intelligent hybrid security solutions, proudly announces its recent acquisition of three significant certifications: the “Verification Statement of Greenhouse Gas Emissions,” the “Energy Management System Certificate,” and the “Certificate of Product Carbon Footprint.” Verification Statement of Greenhouse Gas Emissions In the face of the […]
Apache ActiveMQ Remote Code Execution Vulnerability Notification
outubro 25, 2023
Overview Recently, NSFOCUS CERT found that the open source message middleware ActiveMQ developed by the Apache Software Foundation had an XML external entity injection vulnerability. Since the port 61616 was opened by default after the installation of ActiveMQ was started, and the TcpTransport function did not perform necessary checks on the data, an attacker could […]
Israeli-Palestinian Conflict: Multifaceted Alliances and Fierce Cyberspace Battle
outubro 23, 2023
Background On October 7th, accompanied by the launch of thousands of rockets, the Palestinian Islamic Resistance Movement (Hamas) declared a military operation against Israel. As real-world conflict escalated, hacktivist organizations from various countries, including Russia, India, Indonesia, and Iraq, began engaging in continuous cyber warfare within the cyberspace domains of both sides. The primary methods […]
GovWare 2023
outubro 21, 2023
GovWare, Oct 17-19, 2023, Sands Expo Convention Centre, Singapore. The conference & exhibition was held with the theme of “Fostering Trust Through Collaboration in the New Digital Reality”. NSFOCUS participated this pivotal event in APAC to introduce our latest effective continuous threat exposure management (CTEM) program and XDR-powered threat analysis and response.
HTTP/2 Protection in ADS R90F03
outubro 20, 2023
Function Description For HTTPS application layer protection, ADS establishes a TLS connection with a client in replace of the server, and then authenticates the client through the application-layer protocol HTTP. If the client properly responds to the HTTP packet from ADS, ADS deems this client reliable and will add it to the trust list so […]
NSFOCUS AISecOps: Elevating Your Security Operations Efficacy and Mitigating Alert Fatigue
outubro 19, 2023
In the realm of security operations, enterprises often face challenges such as a high volume of alerts, an inability to pinpoint real threats, insufficient security knowledge, and a lack of operational staff. While the operational platforms of major security firms exhibit similarities in functionality, some companies diligently analyze customer pain points and requirements, continually enhancing […]
Six Algorithms for Defending Against the Novel “HTTP/2 Rapid Reset” DDoS Attack
outubro 18, 2023
A recently discovered HTTP/2 protocol-based Distributed-Denial-of-Service (DDoS) vulnerability has been identified by multiple cloud service providers. This vulnerability enables attackers to achieve an unprecedented record of 398 million requests per second. This vulnerability has been identified as CVE-2023-44487, potentially making it one of the largest layer 7 DDoS attacks ever recorded. What is HTTP/2 Rapid […]
