NSFOCUS Included in Forrester External Threat Intelligence Service Providers Landscape Q1 2023

março 31, 2023

Santa Clara, Calif. March 31, 2023 – NSFOCUS, a global provider of intelligent hybrid security solutions, announced that it has been included in Forrester The External Threat Intelligence Service Providers Landscape, Q1 2023 report as a Notable Provider recently. In the main trend, the report[1] says, “The evolving nature of threats is expanding use cases […]

Sudo Permission Elevation Vulnerability (CVE-2023-22809) Notification

março 31, 2023

Overview Recently, NSFOCUS CERT found that the analysis article and ExP of Sudo privilege enhancement vulnerability (CVE-2023-22809) were publicly disclosed online. Since sudoedit in Sudo has a flaw in handling additional parameters passed in user provided environment variables such as SUDO_EDITOR, VISUAL, and EDITOR., when a user specified editor contains a “–” parameter that bypasses […]

MiniO Information Disclosure Vulnerability (CVE-2023-28432) Notification

março 27, 2023

Overview Recently, NSFOCUS CERT found that MinIO officially issued a security notice, which fixed a MinIO information disclosure vulnerability (CVE-2023-28432). When MiniO is configured in cluster mode, an unauthenticated attacker can ultimately obtain information about all environment variables by constructing a crafted request packet, which allows the attacker to utilize the MINIO_ SECRET_ KEY&MINIO_ ROOT_ […]

Why IPS and Firewalls Are Not Anti-DDoS Solutions?

março 24, 2023

Not all distributed denial of service (DDoS) defenses are created equal. Whether it’s a Web Application Firewall (WAF), Intrusion Prevention System (IPS), Content Delivery Network (CDN) or traditional firewall, every “defense” has its own purpose, potential and peril. Even a firewall that claims to have Anti-DDoS capabilities built-in has only one method of blocking attacks: […]

22 DDoS Attacks to See Trends in 2023

março 23, 2023

2022 was a turbulent year full of regional conflicts. NSFOCUS Global Threat Hunting System detected a large number of DDoS worldwide in 2022, with some governments or banks suffering from the largest attacks in their history. Launching a DDoS attack is not expensive but can paralyze critical infrastructure and network systems, bringing huge economic losses […]

NSFOCUS Joins CNCF Cloud Native Landscape

março 21, 2023

Santa Clara, Calif. March 21, 2023 – NSFOCUS, a global provider of intelligent hybrid security solutions, today announced that its Metarget project has been included in CNCF Cloud Native Landscape in the field Security & Compliance of the Provisioning Category. CNCF Introduction The Cloud Native Computing Foundation (CNCF) was founded in 2015 by Google and […]

Adobe ColdFusion Multiple Security Vulnerabilities Notification

março 20, 2023

Vulnerability Overview Recently, NSFOCUS CERT monitored that Adobe has officially released security notices and fixed multiple Adobe ColdFusion vulnerabilities. Please take protective measures as soon as possible. Key vulnerabilities are as follows: Adobe ColdFusion deserialization vulnerability (CVE-2023-26359): Due to a flaw in Adobe ColdFusion’s deserialization security check, unauthenticated remote attackers can conduct deserialization attacks by […]

New Feature – Upgrade of Detection Rules via the Cloud in NTA V4.5R90F04

março 20, 2023

Function Description This function will be available in NTA V4.5R90F04 in Q2 2023. NTA allows online upgrades of the DDoS detection rule library for automatic protection. This function can meet most of the current customization requirements by providing the latest detection rules against new types of DDoS attacks. Configuration Procedure Obtain the upgrade package of […]

Microsoft Outlook Privilege Escalation Vulnerability (CVE-2023-23397) Notification

março 18, 2023

Overview Recently, NSFOCUS CERT has monitored that Microsoft has officially released a patch update, which fixes a Microsoft Outlook privilege escalation vulnerability. An unauthenticated attacker sends a specially crafted email, causing the victim to connect to an external UNC location controlled by the attacker, causing the victim’s Net-NTLMv2 hash to be disclosed to the attacker. […]

GISEC Global 2023

março 17, 2023

GISEC Global, March 14-16, 2023, Dubai World Trade Centre, Dubai NSFOCUS participated in GISEC Global 2023 in Dubai, a great opportunity to connect with local partners, industry-leading experts and technology innovators. NSFOCUS team presented our solutions and services to booth visitors with hands-on demonstrations.


Inscreva-se no Blog da NSFOCUS