Configuration backup is important in many scenarios: System Upgrades: Backing up the configuration file can be used as a precautionary measure before carrying out system updates, software upgrades, or installing patches. This way, we can revert to the previous configuration state if something goes wrong during the update process. Hardware...
Blog
NSFOCUS Receives CNVD Outstanding Contribution Award for Original Vulnerability Submission
The CNVD (China National Vulnerability Database) platform recently initiated the 2022 annual technical group support unit's capability assessment. A comprehensive assessment was conducted across six capability domains, including vulnerability collection, vulnerability discovery, big data analysis of vulnerability threat risks, vulnerability technical analysis, major vulnerability incident response, and collaborative teamwork. NSFOCUS...
Mirai Botnet’s New Wave: hailBot,kiraiBot, catDDoS, and Their Fierce Onslaught
I. Abstract In September 2023, NSFOCUS global threat hunting system monitored several new botnet variant families developed based on Mirai, among which hailBot, kiraiBot and catDDoS are the most active, are accelerating their spread, and are widely deployed, which has constituted a considerable threat. Through this article, we will disclose...
Google Chrome Heap Buffer Overflow Vulnerability (CVE-2023-5217) Notification
Overview Recently, NSFOCUS CERT found that Google officially fixed a zero-day exploit (CVE-2023-5217), which was caused by the heap buffer overflow in the VP8 encoding of the open source libvpx video codec library. An attacker could use this vulnerability to execute arbitrary code on the target system. At present, this...
O que são bots? Conheça os tipos e como se precaver
Os bots, uma abreviação para robôs, tornaram-se uma parte essencial do nosso mundo digital. Eles desempenham várias funções, desde automatizar tarefas simples até realizar atividades complexas na internet. Neste artigo, vamos conhecer melhor o mundo dos bots, como eles funcionam, os diferentes tipos e como você pode proteger sua empresa...
JumpServer Multiple Security Vulnerabilities Notification
Overview Recently, NSFOCUS CERT monitored that JumpServer officially issued a notice to fix multiple security vulnerabilities. The vulnerabilities are detailed below. JumpServer Reset Password Vulnerability (CVS 2023-42820): There is a password reset vulnerability in JumpServer, as third-party libraries expose random seed numbers to APIs, which may cause random verification codes...
