Blog

PHP CGI Windows Platform Remote Code Execution Vulnerability (CVE-2024-4577) Advisory

junho 12, 2024 | NSFOCUS

Overview NSFOCUS CERT has monitored the disclosure of a PHP CGI Windows platform remote code execution vulnerability (CVE-2024-4577) on the internet recently. Due to PHP’s oversight of the Best-Fit character mapping feature of the Windows system during its design, running PHP in CGI mode on the Windows platform and using the following language settings (Simplified […]

NSFOCUS: Pioneering Technology and Industry Leadership

junho 7, 2024 | NSFOCUS

We are excited to share that NSFOCUS has been recognized in Forrester’s The Insider Risk Solutions Landscape, Q2 2024 report. This accolade underscores our unwavering commitment to being a leader and innovator in the cybersecurity industry. Insider Risk Management is a field filled with internationally renowned security vendors and tech giants. Unlike traditional segmented markets […]

Linux Kernel Privilege Escalation Vulnerability (CVE-2024-1086) Notice

junho 6, 2024 | NSFOCUS

Overview Recently, NSFOCUS CERT detected that the details and verification tools of a Linux kernel privilege escalation vulnerability (CVE-2024-1086) are disclosed on the internet. Because the netfilter: nf _ tables component of the Linux kernel has a post-release reuse vulnerability, the nft _ verdict _ init () function allows positive values to be used as […]

Uma imagem que ilustra um escudo em um fundo azul.

Cloud WAF: o que é, vantagens e para que serve?

junho 6, 2024 | Eduardo Guerra

A segurança cibernética é uma preocupação crescente para empresas de todos os tamanhos. Com a expansão dos aplicativos web, a necessidade de protegê-los de ataques cibernéticos também cresceu. Nesse contexto, está o Cloud WAF (Web Application Firewall), ferramenta de segurança que oferece proteção em tempo real contra ameaças cibernéticas, como SQL injection e cross-site scripting […]

NSFOCUS Sets a New Benchmark as the World’s First to Achieve Dual-Domain CMMI V3.0 Level 5 Certification

junho 4, 2024 | NSFOCUS

SANTA CLARA, Calif., June 4, 2024 – NSFOCUS, a global leader in cybersecurity solutions, proudly announces a groundbreaking achievement: becoming the world’s first company to receive CMMI V3.0 Level 5 certification in both Development (DEV) and Security (SEC) domains. Following the CMMI Institute’s recent update to version 3.0 on April 1, 2024, this landmark accomplishment […]

Contextual Intelligence is the Key

maio 29, 2024 | NSFOCUS

With the increasing complexity and frequency of cybersecurity threats, organizations face many network threats. The importance of threat intelligence has become increasingly prominent. During this year’s RSA Conference, Sierra Stanczyk, the Senior Manager of Global Threat intelligence at PwC, and Allison Wikoff, the Director of Global Threat Intelligence for the Americas at PwC, shared “Connecting […]

Uma imagem que possui API escrito no fundo.

O que é uma API? Entenda a importância e suas funções

maio 24, 2024 | WPAdmin

As APIs têm sido cada vez mais utilizadas no mundo da tecnologia, mas nem todo mundo sabe exatamente o que elas são e como funcionam.  Uma API é um conjunto de regras e protocolos que permite a comunicação entre diferentes softwares, tornando a integração e a troca dessas informações mais eficientes. Além disso, elas facilitam […]

Uma imagem que ilustra ataques ddos e um sistema de segurança.

O que é um Ataque DDoS? Veja como funciona e como se proteger

maio 24, 2024 | Eduardo Guerra

Ataques DDoS, ou Distributed Denial of Service, são ataques cibernéticos que visam a sobrecarregar um servidor ou serviço online com um grande volume de tráfego virtual. Estes ataques são feitos para bloquear um serviço, servidor ou site para que os usuários não possam acessar ou utilizar o serviço. Entre os ataques mais realizados, o DDoS […]

Confluence Remote Code Execution Vulnerability (CVE-2024-21683) Notification

maio 22, 2024 | NSFOCUS

Overview Recently, NSFOCUS CERT detected that Atlassian issued a security announcement and fixed the remote code execution vulnerability in Confluence Data Center and Server (CVE-2024-21683), with a CVSS score of 8.3. Authenticated attackers can realize remote code execution by constructing malicious requests, which will have a great impact on the confidentiality, integrity and availability of […]

How Financial Institutions Can Protect Themselves from Modern DDoS Attacks

maio 14, 2024 | NSFOCUS

With the digital transformation of the financial industry and the prevalence of online business, financial institutions inevitably face various cybersecurity threats, among which DDoS attacks are the most common and threatening. With the rise of Internet finance, banks, insurance companies, securities firms, and other financial institutions are gradually migrating their businesses to the cloud. This […]