Blog

In offensive and defensive exercises, attackers will use various attack methods to maximize their objectives, including not only common attack methods but also complex attacks. Phishing email is popular among attackers as the most commonly used and low-cost attack method. Attackers typically use a variety of techniques and deception to send emails with malicious attachments […]

Os ataques de Negação de Serviço (DoS) e Negação de Serviço Distribuído (DDoS) são um dos principais desafios enfrentados pelas empresas e instituições no mundo digital. Neste artigo, vamos explorar o que são esses ataques, suas diferenças e motivações por trás deles. Além disso, você vai saber sobre a importância de proteger sua empresa contra […]

The botnet family “Boat” was first discovered by NSFOCUS Security Labs in June 2022. Its name comes from the fact that malicious samples in its early versions propagate with the file name “boat”. At the same time, since some malicious samples in later versions of this family retain symbolic information and there are a large […]

As machine learning is increasingly used in data analysis in cybersecurity, there is a risk of privacy disclosure to some extent if models inadvertently capture sensitive information from training data. Since training data will exist in the model parameters for a long time, it is possible to directly output training samples if some data with […]

I. Overview NSFOCUS Security Labs recently detected that a new botnet family KmsdBot, which combines DDoS and mining functions, has become active again. Attackers continue to replace C&C infrastructure and update Trojan versions. Compared with the traditional botnet-like family, KmsdBot adopts a brand-new architecture and is developed in the Go programming language. The simplicity, high […]

Em um mundo cada vez mais conectado e dependente da tecnologia, a segurança cibernética já se tornou um dos principais pilares para todos os tipos de empresas.  Com o aumento constante do cibercrime, é crucial adotar medidas proativas para proteger informações sensíveis e garantir a integridade dos negócios.  Diante disto, o Pentest surge como uma […]

Overview Recently, NSFOCUS CERT detected a remote code execution vulnerability in Metabase (CVE-2023-37470). Due to a flaw in the vulnerability fix for CVS 2023 38646, attackers can achieve remote code execution through H2 connection string injection. Affected users should take protective measures as soon as possible. Reference link: https://github.com/metabase/metabase/security/advisories/GHSA-p7w3-9m58-rq83 Scope of Impact Affected version Open […]

SANTA CLARA, Calif., Aug 3, 2023 – NSFOCUS, a global provider of intelligent hybrid security solutions, today announced the general availability of NSFOCUS Intelligent Security Operations Platform (ISOP), an innovative security analytics and intelligent operations platform that can streamline the security analyst experience, rejuvenate threat response efficiency and improve security operations productivity. NSFOCUS ISOP was […]

Overview Recently, NSFOCUS CERT monitored that QNAP officially released the QVPN code execution vulnerability and QANP denial-of-service vulnerability. Affected users should take protective measures as soon as possible. VPN Code Execution Vulnerability (CVS 2022-27595): There is a code execution vulnerability in the Windows version of the QVPN client, which can be exploited by authenticated local […]

Overview Recently, NSFOCUS CERT detected a remote code execution vulnerability in Metabase (CVE-2023-38646). Unauthenticated attackers can successfully exploit this vulnerability to execute arbitrary commands with Metabase server privileges on the target server. Affected users should take protective measures as soon as possible. Reference link: https://www.metabase.com/blog/security-advisory Scope of Impact Affected version Open source version: Enterprise version: […]