NSFOCUS

NSFOCUS Launches CTEM Offerings to Mitigate Threat Exposure

Continuous Threat Exposure Management

outubro 17, 2023

NSFOCUS CTEM Offerings: A Comprehensive Solution to Enhance Your Security Posture Singapore – October 17, 2023 – NSFOCUS, a globally recognized leader in cybersecurity solutions, is pleased to announce a comprehensive suite of security offerings designed to enhance the Continuous Threat Exposure Management (CTEM) program for organizations of all sizes. CTEM is a 5-step process […]

APT Group DarkPink Exploits WinRAR 0-Day to Target Multiple Entities in Vietnam and Malaysia

APT Group DarkPink

outubro 13, 2023

Overview NSFOCUS Security Labs has been continuously monitoring the newly discovered WinRAR 0-day vulnerability, CVE-2023-38831. It has come to our attention that the advanced persistent threat group known as DarkPink has recently begun exploiting this vulnerability to target government entities in Vietnam and Malaysia. In this round of attack activities, DarkPink attackers have incorporated the […]

Countdown to GovWare 2023 – The Application of Artificial Intelligence (AI) in Cybersecurity

NSFOCUS post: AI in cybersecurity

outubro 12, 2023

The stage is set, and the countdown has begun. GovWare 2023, a pivotal event in cybersecurity, is just around the corner. From a thorough review of the event agenda, we discerned that many speeches, keynotes and panels will be centered around the application of Artificial Intelligence (AI) in cybersecurity. As we eagerly await GovWare 2023, […]

SSL Certificate Replacement Guide for NSFOCUS ADSM and Portal

outubro 12, 2023

When the SSL certificate for ADSM or ADSM Portal expires, we could replace it manually on the Web GUI. ADSM Click Choose File on Administration > Local Settings > SSL Certificate Replacement to upload .crt file and .key file. Then click Replace to update the SSL certificate. ADSM Portal Click Choose File on Administration > Third-Party Interface […]

Microsoft’s October security update for multiple high-risk product vulnerabilities

outubro 12, 2023

Overview On October 11, NSFOCUS CERT monitored that Microsoft had released a security update patch for October, fixing 104 security problems, involving Microsoft WordPad, Skype for Business, Windows Layer 2 Tunneling Protocol, Microsoft Message Queuing and other widely used products, including high-risk vulnerability types such as privilege enhancement, remote code execution, etc. Among the vulnerabilities […]

curl SOCKS5 Heap Overflow Vulnerability (CVC-2023-38545) Notification

outubro 12, 2023

Overview Recently, NSFOCUS monitored curl’s official security announcement, which fixed the SOCKS5 heap buffer overflow vulnerability (CVE-2023-38545) and cookie injection vulnerability (CVE-2023-38546). The details of the vulnerability have been made public. Affected users should upgrade curl as soon as possible. SOCKS5 Heap Buffer Overflow Vulnerability (CVS 2023-38545) When curl is required to pass the host […]

Exim Remote Code Execution Vulnerability (CVS 2023-42115) Notification

outubro 10, 2023

Overview Recently, NSFOCUS CERT detected an Exim remote code execution vulnerability (CVE-2023-42115). When external authentication is enabled, due to improper user input verification, an unauthenticated attacker can remotely exploit this vulnerability by writing data beyond the bounds, ultimately executing arbitrary code on the target server. At present, the details of the vulnerability have been disclosed. […]

Automated and Manual Backup Procedures for ADS, ADSM and NTA

outubro 6, 2023

Configuration backup is important in many scenarios: Next, we will provide a step-by-step guide on performing configuration backup individually for ADS, ADSM, and NTA. ADS ADS supports one-click export of the current configuration. Click Export on ADS System > Local Settings > Configuration File Management to download configuration files directly: Pay attention to the following […]

NSFOCUS Receives CNVD Outstanding Contribution Award for Original Vulnerability Submission

outubro 5, 2023

The CNVD (China National Vulnerability Database) platform recently initiated the 2022 annual technical group support unit’s capability assessment. A comprehensive assessment was conducted across six capability domains, including vulnerability collection, vulnerability discovery, big data analysis of vulnerability threat risks, vulnerability technical analysis, major vulnerability incident response, and collaborative teamwork. NSFOCUS was awarded the Outstanding Contribution […]

Mirai Botnet’s New Wave: hailBot,kiraiBot, catDDoS, and Their Fierce Onslaught

outubro 3, 2023

I. Abstract In September 2023, NSFOCUS global threat hunting system monitored several new botnet variant families developed based on Mirai, among which hailBot, kiraiBot and catDDoS are the most active, are accelerating their spread, and are widely deployed, which has constituted a considerable threat. Through this article, we will disclose the technical details of these […]

Search

Inscreva-se no Blog da NSFOCUS