Multiple Security Vulnerabilities Alerts of VMware vRealize Log Insight
fevereiro 1, 2023
Overview Recently, NSFOCUS CERT found that VMware has officially fixed multiple security vulnerabilities in VMware vRealize Log Insight. Under default configuration conditions, unauthenticated attackers exploit the following key vulnerabilities in combination, and finally achieve arbitrary code execution with ROOT privileges on the target system. These vulnerabilities have been successfully verified by international security teams, and […]
Technical Framework of Software Supply Chain Security
janeiro 31, 2023
NSFOCUS Security Labs is keeping an eye out for the trends in supply chain security and is pleased to share observations and thoughts with our blog readers. You will see the links for more posts we published about software supply chain security at the end of the article. In this post, we are going to […]
NSFOCUS NTA Syslog Introduction
janeiro 27, 2023
Computer system designers may use syslog for system management and security auditing as well as general informational, analysis, and debugging messages. A wide variety of devices, such as printers, routers, and message receivers, across many platforms use the syslog standard. This permits the consolidation of logging data from different types of systems in a central […]
NSFOCUS Recognized Again by Forrester as a Sample Vendor for Its Next-Generation WAF
janeiro 26, 2023
Santa Clara, Calif. January 26, 2023 – NSFOCUS, a global provider of intelligent hybrid security solutions, announced today that it has been selected by Forrester as a sample vendor for its next-generation Web Application Firewall (WAF) in the report The Forrester Tech Tide™: Zero Trust Threat Prevention, Q4 2022 published recently. The Forrester Tech TideTM […]
NSFOCUS Selected as a Representative Vendor in IDC Perspective: Unified Security Management as a Service (USMaaS), 2022
janeiro 24, 2023
Santa Clara, Calif. January 19, 2023 – NSFOCUS, a global provider of intelligent hybrid security solutions, announced today that it has been selected by IDC as a representative vendor in the report IDC Perspective: Unified Security Management as a Service (USMaaS), 2022 released recently, and NSFOCUS T-ONE Cloud was selected as an excellent practice of […]
SSL Certificate Replacement on NSFOCUS ADS
janeiro 20, 2023
A Secure Sockets Layer (SSL) certificate is digitally signed and issued by a trusted certificate authority (CA) to an organization for authentication of server identities and encryption of data in transit. Therefore, SSL certificates can protect user privacy and information security. For a website with an SSL certificate issued by a CA, the browser marks […]
NSFOCUS Cloud DDoS Protection Service Summary of 2022
janeiro 19, 2023
NSFOCUS published the Summary of Cloud DDoS Protection 2022 recently. This summary comes from DDoS attacks protected by NSFOCUS Cloud DDoS Protection Service (Cloud DPS) in the year 2022. The following service highlights can be found in the report: DDoS attack timeline, volume and attack type distribution collected from NSFOCUS Cloud DPS; Top 3 attacks […]
NSFOCUS Selected in Gartner’s Emerging Tech Impact Radar: Security
janeiro 17, 2023
We are pleased to announce that NSFOCUS was selected by Gartner® as a sample vendor in the field of Deception as a Feature in the report Emerging Tech Impact Radar: Security (November 2022). According to the report, “This technology can significantly reduce the amount of time an attacker gets to spend in a compromised environment […]
Harbor Unauthorized Access Vulnerability (CVE-2022-46463) Alert
janeiro 16, 2023
Overview Recently, NSFOCUS CERT detected that the technical details of the Harbor Unauthorized Access Vulnerability (CVE-2022-46463) were publicly disclosed on the Internet. Due to an access control flaw in Harbor, an attacker without authentication can access all information of public and private image repositories through this vulnerability and perform image pull. Currently, the technical details […]
NSFOCUS WAF Website Certificate Generation Method
janeiro 13, 2023
To protect HTTPS websites, the certificate used by these websites needs to be uploaded to NSFOCUS WAF. These certificates may be in different formats, such as .pfx, .crt, and .pem. NSFOCUS WAF, however, supports .cer certificates only. Therefore, the customer needs to extract the certificate information and private key from the original certificate file and […]
