Santa Clara, Calif. September 6, 2022 –  NSFOCUS, a global network and cyber security leader, today released NSFOCUS Global DDoS Landscape Report for the first half of 2022. Compared to the first half of 2021, DDoS attacks has a sharp increase of 205% year over year. Terabit attacks are not rare anymore. From April this year, […]

Part 1: Investigation Report on New APT Organization MurenShark: Torpedoes Fired to Turkish Navy [1] Characteristics of Attack Tactics Use compromised sites: MurenShark tends to use compromised sites as the file server and the C&C server in the attack process. As shown in the last chapter, the organization used the Near East University site (Yakın […]

Overview In 2022 Q2, NSFOCUS Security Labs detected a series of cyberattacks against Turkey. After analysis, the researchers confirmed that this round of attacks originated from Actor210426, a new threat entity identified by NSFOCUS Security Labs in April 2021. Through the clues of behavior pattern, attack method, attack tool, attack target and so on, NSFOCUS […]

SiS Cyber Security Solution Month kicked off in Kwun Tong District, Hong Kong in August.  NSFOCUS was invited to join this partner event. Kings Leung shared the topic “Be Prepared – Cyber Security Laws” at this event.     SiS International Limited is one of the largest value-added distributors in HK. NSFOCUS and SiS have been in a good partnership since Feb 2021.  In the future, […]

Santa Clara, Calif. August 24, 2022 – We are very happy to announce that NSFOCUS was included as one of notable vendors in the report The Security Analytics Platform Landscape, Q3 2022 published by Forrester, an authoritative international research consulting organization. “Security analytics platforms are the center of the SOC”, as stated in this report, “They […]

The security knowledge graph, a knowledge graph specific to the security domain, is the key to realizing cognitive intelligence in cyber security, and it also lays an indispensable technological foundation for dealing with advanced, continuous and complex threats and risks in cyberspace. NSFOCUS will publish a series of articles about the application of the security […]

Overview Recently, NSFOCUS CERT found that Apache Hadoop officially fixed a command injection vulnerability. Since Apache Hadoop’s FileUtil.unTar API does not escape the input filename before passing it to the shell, an attacker could exploit this vulnerability to inject arbitrary commands and thus achieve remote code execution. Affected users are recommended to take steps to […]

Background Recently, the cyber threat actor known as UNC 1151 group was spotted to use the Browser in the Browser (BitB) technique in its campaigns. This technique is used for phishing attacks by displaying a new browser window containing a fake login panel on the visited website. The window is so carefully crafted that it […]

Overview Recently, NSFOCUS CERT detected that VMware officially issued a security notice to fix multiple vulnerabilities in products such as VMware Workspace ONE Access, Identity Manager, and VMware vRealize Automation. Attackers can use these vulnerabilities to cause privilege escalation and remote code execution. At present, the official security update has been released, and relevant users […]

Company Named in Threat Intelligence Products and Services Category Santa Clara, Calif. August 5, 2022 – We are very proud to announce that NSFOCUS has been named a Sample Vendor in the July 2022 Gartner® Hype Cycle™ for Security Operations in the Threat Intelligence Products and Services category. In this report Gartner notes “Threat intelligence (TI) services […]