NSFOCUS Cloud DDoS Protection Service Summary of 2022
janeiro 19, 2023
NSFOCUS published the Summary of Cloud DDoS Protection 2022 recently. This summary comes from DDoS attacks protected by NSFOCUS Cloud DDoS Protection Service (Cloud DPS) in the year 2022. The following service highlights can be found in the report: DDoS attack timeline, volume and attack type distribution collected from NSFOCUS Cloud DPS; Top 3 attacks […]
NSFOCUS Selected in Gartner’s Emerging Tech Impact Radar: Security
janeiro 17, 2023
We are pleased to announce that NSFOCUS was selected by Gartner® as a sample vendor in the field of Deception as a Feature in the report Emerging Tech Impact Radar: Security (November 2022). According to the report, “This technology can significantly reduce the amount of time an attacker gets to spend in a compromised environment […]
Harbor Unauthorized Access Vulnerability (CVE-2022-46463) Alert
janeiro 16, 2023
Overview Recently, NSFOCUS CERT detected that the technical details of the Harbor Unauthorized Access Vulnerability (CVE-2022-46463) were publicly disclosed on the Internet. Due to an access control flaw in Harbor, an attacker without authentication can access all information of public and private image repositories through this vulnerability and perform image pull. Currently, the technical details […]
NSFOCUS WAF Website Certificate Generation Method
janeiro 13, 2023
To protect HTTPS websites, the certificate used by these websites needs to be uploaded to NSFOCUS WAF. These certificates may be in different formats, such as .pfx, .crt, and .pem. NSFOCUS WAF, however, supports .cer certificates only. Therefore, the customer needs to extract the certificate information and private key from the original certificate file and […]
Bread Crumbs of Threat Actors (Dec 19, 2022 – Jan 1, 2023)
janeiro 12, 2023
From December 19, 2022 to Jan 1, 2023, NSFOCUS Security Labs found activity clues of 61 APT groups, 3 malware families (Zbot botnet, SpicyHotPot Trojan, and Banload Trojan), and 490 threat actors targeting critical infrastructure. APT Groups Among the 61 APT groups discovered, the APT28 affected the most significant number of hosts from December 19 […]
Analysis of Cyber Attack of APT Organization Confucius against Pakistan’s Intelligence-Based Operation
janeiro 12, 2023
Overview Affected by many factors, Pakistan has long suffered from serious local terrorism threats. The country has also taken counter-terrorism as an important national security strategy. In the second half of 2022, the Pakistani security forces carried out many intelligence-based operations (IBO) in Baluchistan, Khyber and North Waziristan, and killed many terrorists. Pakistan’s recent high-profile […]
NIPS V5.6R10 Rule Types
janeiro 6, 2023
NIPS V5.6R10 has five types of rules to detect DDoS attacks, local privilege elevation, information gathering, suspicious network behaviors, and network monitoring events, respectively. They are described as follows. 1. Information gathering Information gathering is the first step of network intrusion. Attackers use various methods to scan and probe target hosts and identify paths to […]
Relationship Between Security Concept and Security Assessment for Software Supply Chain
janeiro 5, 2023
The three concepts, transparency of software supply chain, assessable capabilities of software supply chain security, and trusted software supply chain, are closely related to the ability of end users to conduct security checks and assessments for the software supply chain, including: 1. Basic assessment of software composition security Upstream and downstream companies can provide end […]
Exchange Server OWASSRF Vulnerability (CVE-2022-41080/CVE-2022-41082) Alert
janeiro 1, 2023
Overview Recently, NSFOCUS CERT found that security teams overseas publicly disclosed the technical details of the exploit chain for Exchange Server vulnerabilities. An authenticated remote attacker exploits an Exchange Server privilege escalation vulnerability (CVE-2022-41080) to gain permission to execute PowerShell in the context of the system on an endpoint Outlook Web Application (OWA). An attacker […]
Glocomp – Partner Event in Malaysia
novembro 30, 2022
The partner event with Glocomp Systems (M) Sdn Bhd kicked off on Nov. 29th in Malaysia. It was a wonderful chance for us to introduce our latest Next-Gen Firewall (NGFW) solution which meets the changing needs of the cloud-enabled enterprise network.
