Blog

Linux Kernel Privilege Escalation Vulnerability (CVE-2024-1086) Alert

março 29, 2024 | NSFOCUS

NSFOCUS CERT has detected that details and a proof-of-concept (PoC) tool for a Linux kernel privilege escalation vulnerability CVE-2024-1086, have been publicly disclosed recently. Due to a use-after-free vulnerability in the netfilter: nf_tables component of the Linux kernel, the nft_verdict_init() function allows the use of positive values as a drop error in the hook verdict. […]

BITTER APT Targets Chinese Government Agency

março 28, 2024 | NSFOCUS

On February 1, 2024, the APT Group BITTER launched a spear-phishing attack on a Chinese government agency. BITTER, also known as APT-C-08 or T-APT-17, has been actively targeting countries such as China and Pakistan, focusing on industries like government, power, and military to steal sensitive information, driven by strong political motives. In this incident, the […]

Uma imagem que ilustra um cadeado em forma de desenho com o fundo azul e preto.

Solução Anti-DDoS: o que é e como funciona essa proteção?

março 26, 2024 | Eduardo Guerra

O Distributed Denial of Service (DDoS) é um dos maiores desafios de segurança para empresas de todos os tamanhos, pois esse tipo de ataque tem como objetivo inoperar serviços vitais e aplicações importantes, afetando diretamente a fonte de receita das organizações. Com o crescimento da internet, as empresas têm tido que encontrar formas de se […]

Imagem que ilustra segurança.

ISOP – O que é e como a solução pode proteger seus ativos?

março 26, 2024 | Eduardo Guerra

No mundo digital, a segurança dos ativos tornou-se uma preocupação primordial para empresas de todos os portes e setores. A ameaça de ataques cibernéticos, violações de dados e outras formas de comprometimento de segurança é uma realidade constante. Neste cenário, ferramentas e plataformas inovadoras são essenciais para garantir a proteção dos ativos digitais. Uma dessas […]

AI and Cybersecurity: Unveiling NSFOCUS’s Innovative Edge at HKIB Cybersecurity Solutions Day 2024

março 26, 2024 | NSFOCUS

On March 15th, the Cybersecurity Solutions Day event, organized by the Hong Kong Institute of Bankers (HKIB), officially commenced. The event focused on addressing the increasingly complex cybersecurity environment influenced by AI technologies, gathering globally renowned information security vendors and experts to discuss new trends and models driven by AI in cybersecurity. NSFOCUS, as a […]

Atlassian Confluence Path Traversal Vulnerability (CVE-2024-21677) Notice

março 21, 2024 | NSFOCUS

Overview Recently, NSFOCUS CERT detected that Atlassian issued a security announcement and fixed the directory traversal vulnerability in Confluence Data Center and Server (CVE-2024-21677), with a CVSS score of 8.3. Unauthenticated attackers need to interact with users, and exploiting this vulnerability can have a great impact on the confidentiality, integrity, and availability of the target […]

Your FAQ Guide to RSA Conference 2024

março 19, 2024 | NSFOCUS

Here’s your essential FAQ guide for RSA Conference 2024! Whether you’re a first-timer or a seasoned attendee, this guide aims to help you navigate the conference with ease and make the most of your experience. Welcome to stop by our booth #3301 at the South Expo of Moscone Center! Q1: What is the RSA Conference […]

Three Major Challenges Faced by WAF in the Banking Industry

março 11, 2024 | NSFOCUS

As the digital transformation is deepening, the banking industry is making efforts to build digital banks, open banks, and scenario-based financial business models. On one hand, banks are pushed to pay more attention to online operations and to enhance their openness. On the other hand, this raises higher standards for their security risk control. As […]

What Happened in Cybersecurity in 2023: A Summary of Security Incidents, Vulnerability Information, and Cybersecurity Trends

março 8, 2024 | NSFOCUS

The year 2023 witnessed a dynamic and complex cybersecurity landscape, with various security incidents, vulnerabilities, and trends emerging and evolving. Today, we released the 2023 Annual Security Incident Observation Report, based on our security incident data recorded in 2023. This report provides a summary of the security incidents, the security vulnerability information, and the cybersecurity […]

AI Supply Chain Security: Hugging Face Malicious ML Models

março 5, 2024 | NSFOCUS

Introduction to Hugging Face Malicious ML Models Background A recent report by JFrog researchers found that some machine learning models on Hugging Face may be used to attack the user environment. These malicious models will lead to code execution when loaded, providing the attacker with the ability to gain full control of the infected machine […]