Blog

The New APT Group DarkCasino and the Global Surge in WinRAR 0-Day Exploits

novembro 10, 2023 | NSFOCUS

Overview In 2022, NSFOCUS Research Labs revealed a large-scale APT attack campaign called DarkCasino and identified an active and dangerous aggressive threat actor. By continuously tracking and in-depth study of the attacker’s activities, NSFOCUS Research Labs has ruled out its link with known APT groups, confirmed its high-level persistent threat nature, and following the operational […]

Software Supply Chain Security Solution – Supply Chain Security Control

novembro 9, 2023 | NSFOCUS

Establishing a Software Supply Chain Asset Register An organization’s products and services are diverse and complex. By establishing a software supply chain asset register, you can have a clear understanding of the supply chain relationships within your organization. The organization needs to create a comprehensive inventory of suppliers, software, tools, services, and upstream and downstream […]

Bolstering API Security and Bot Attack Protection with NSFOCUS Next-Generation WAF

novembro 6, 2023 | NSFOCUS

NSFOCUS’s Next-Generation WAF addresses various threats faced by users, such as web vulnerability exploitation, resource abuse, and resource access control. It provides a comprehensive solution that includes traditional WAF functionality, bot traffic management, API security, and DDoS protection, all integrated into one coherent system. The upgraded system architecture ensures the security of web applications, business […]

Atlassian Confluence Improper Authentication Vulnerability (CVC-2023-22518) Notification

novembro 2, 2023 | NSFOCUS

Overview Recently, NSFOCUS CERT monitored that Atlassian officially fixed an improper authentication vulnerability in the Atlassian Communication Data Center and Server (CVE-2023-22518). Unauthenticated remote attackers can bypass the authentication of the target system to a certain extent by constructing malicious requests and obtain the authority to take over the server through the backend interface, achieving […]

F5 BIG-IP Remote Code Execution Vulnerability (CVE-2023-46747) Notification

outubro 31, 2023 | NSFOCUS

Overview Recently, NSFOCUS CERT monitored that F5 had released a security announcement to fix a remote code execution vulnerability in BIG-IP (CVE-2023-46747). Due to the problem of F5 BIG-IP forwarding AJP protocol through Apache httpd, requests were smuggled, which could bypass permission verification. Unauthenticated remote attackers can access the BIG-IP system through the BIG-IP management […]

Citrix NetScaler ADC and Gateway Sensitive Information Disclosure Vulnerability (CVC-2023-4966) Notification

outubro 26, 2023 | NSFOCUS

Overview Recently, NSFOCUS CERT detected a sensitive information disclosure vulnerability in Citrix NetScaler ADC and Gateway (CVE-2023-4966). When the device is configured as a gateway (VPN virtual server, ICA proxy, CVPN, RDP proxy) or AAA virtual server, unauthorized remote attackers can exploit this vulnerability to access sensitive information and cause information leakage. The CVSS score […]

Sustainable and Environmentally Responsible Development

NSFOCUS Achieves Three Certifications, Paving the Path to Sustainable and Environmentally Responsible Development

outubro 26, 2023 | NSFOCUS

SANTA CLARA, Calif., Oct 26, 2023 – NSFOCUS, a global leader in intelligent hybrid security solutions, proudly announces its recent acquisition of three significant certifications: the “Verification Statement of Greenhouse Gas Emissions,” the “Energy Management System Certificate,” and the “Certificate of Product Carbon Footprint.” Verification Statement of Greenhouse Gas Emissions In the face of the […]

Apache ActiveMQ Remote Code Execution Vulnerability Notification

outubro 25, 2023 | NSFOCUS

Overview Recently, NSFOCUS CERT found that the open source message middleware ActiveMQ developed by the Apache Software Foundation had an XML external entity injection vulnerability. Since the port 61616 was opened by default after the installation of ActiveMQ was started, and the TcpTransport function did not perform necessary checks on the data, an attacker could […]

Israeli-Palestinian Conflict: Multifaceted Alliances and Fierce Cyberspace Battle

outubro 23, 2023 | NSFOCUS

Background On October 7th, accompanied by the launch of thousands of rockets, the Palestinian Islamic Resistance Movement (Hamas) declared a military operation against Israel. As real-world conflict escalated, hacktivist organizations from various countries, including Russia, India, Indonesia, and Iraq, began engaging in continuous cyber warfare within the cyberspace domains of both sides. The primary methods […]

NSFOCUS AISecOps: Elevating Your Security Operations Efficacy and Mitigating Alert Fatigue

outubro 19, 2023 | NSFOCUS

In the realm of security operations, enterprises often face challenges such as a high volume of alerts, an inability to pinpoint real threats, insufficient security knowledge, and a lack of operational staff. While the operational platforms of major security firms exhibit similarities in functionality, some companies diligently analyze customer pain points and requirements, continually enhancing […]