Blog

NSFOCUS Appraised Maturity Level 5 of CMMI Development V2.0

agosto 23, 2021 | Jie Ji

We are very excited to announce that NSFOCUS has been appraised at Maturity Level 5 of the CMMI Institute’s Capability Maturity Model Integration (CMMI)® Version 2.0. CMMI is a proven set of global best practices that drives business performance through building and benchmarking key capabilities. It is an integrated framework of best practices that can rapidly […]

SASE, Born for Digital Age

agosto 19, 2021 | Jie Ji

SASE (Security Access Services Edge, pronounced sassy /ˈsæsi/) is a network security service architecture introduced by Gartner in 2019. Gartner defines it as “an emerging offering combining comprehensive WAN capabilities with comprehensive network security functions (such as SWG, CASB, FWaaS, and ZTNA) to support the dynamic security access needs of digital enterprises.” In the diagram below, […]

Security Risks and Threats of Containerized Infrastructure

agosto 17, 2021 | Jie Ji

As a kind of lightweight virtualization technology, containers run in the operating system kernel of a host. Therefore, traditional security issues remain in hosts and networks. Besides, container escape risks, container image risks, virtual network risks, and configuration risks will become new security threats facing containerized infrastructure. Attacks on Container Images With the prevalence of […]

The New Trend of Ransomware: Triple Extortion

agosto 16, 2021 | Jie Ji

Threat actors who specialize in ransomware are always using Double Extortion Tactics in which they not only encrypt the victim’s data but also threaten to leak sensitive data publicly unless the ransom is paid. Double Extortion Tactics first started appearing in late 2019, becoming an increasingly common trend through 2020. The attack against Allied Universal […]

Linux Kernel Privilege Escalation Vulnerability (CVE-2021-33909) Threat Alert

agosto 13, 2021 | Jie Ji

Overview Recently, NSFOCUS CERT discovered that the Qualys research team disclosed a local privilege escalation vulnerability (CVE-2021-33909, aka Sequoia) in the filesystem layer in the Linux kernel. It is a size_t-to-int type conversion vulnerability in the seq_file interface in the Linux kernel. fs/seq_file.c’s improper restriction of the seq buffer allocation may cause an integer overflow, […]

WebLogic Multiple High-Risk Vulnerabilities Threat Alert

agosto 10, 2021 | Jie Ji

Overview On July 21, 2021, NSFOCUS detected that Oracle released the April 2021 Critical Patch Update (CPU), which fixed 342 vulnerabilities of varying risk levels. Among these vulnerabilities, three severe ones are easy to exploit to affect WebLogic. Users are advised to take measures without delay to protect against the preceding vulnerabilities. CVE-2021-2382/CVE-2021-2394/CVE-2021-2397: These vulnerabilities […]

What is Cloud Native Security

agosto 5, 2021 | Jie Ji

After nearly 20 years of cloud computing development, we have stepped into the cloud native era. Cloud native technologies, exemplified by container, service mesh, and micro-service, are bringing disruptive changes to IT infrastructure, platforms, and application systems deployed for various sectors and are also permeating industrial Internet platforms with IT/OT convergence, 5G infrastructure with IT/CT […]

Oracle July 2021 Critical Patch Update for All Product Families

agosto 2, 2021 | Jie Ji

Overview On July 21, 2021, NSFOCUS detected that Oracle released the July 2021 Critical Patch Update (CPU), which fixed 342 vulnerabilities of varying risk levels. This CPU involves multiple commonly used products, such as Oracle Database Server, Oracle Java SE, Oracle Fusion Middleware, Oracle MySQL, and Oracle Communications. Oracle strongly recommends that users fix these […]

Reflection on Detection of Encrypted Malware Traffic

julho 29, 2021 | Jie Ji

The Internet has become an indispensable part of our lives, and it is of vital importance to work out how to guarantee the security of users’ sensitive information and privacy in cyberspace. Most of the Internet traffic is encrypted with Transport Layer Security (TLS), which cannot guarantee absolute security. Malware has been seen to use […]

Microsoft’s July 2021 Security Updates Fix Multiple Products’ High-Risk Vulnerabilities

julho 28, 2021 | Jie Ji

Overview According to NSFOCUS CERT’s monitoring, Microsoft released July 2021 Security Updates on July 14 to fix 117 vulnerabilities, including high-risk remote code execution and privilege escalation, in widely used products like Windows, Microsoft Office, Microsoft Edge, Visual Studio, and SharePoint Server. In the vulnerabilities fixed by this month’s security updates, there are 13 critical […]