Blog

I. Overview NSFOCUS Security Labs recently detected that a new botnet family KmsdBot, which combines DDoS and mining functions, has become active again. Attackers continue to replace C&C infrastructure and update Trojan versions. Compared with the traditional botnet-like family, KmsdBot adopts a brand-new architecture and is developed in the Go programming language. The simplicity, high […]

Em um mundo cada vez mais conectado e dependente da tecnologia, a segurança cibernética já se tornou um dos principais pilares para todos os tipos de empresas.  Com o aumento constante do cibercrime, é crucial adotar medidas proativas para proteger informações sensíveis e garantir a integridade dos negócios.  Diante disto, o Pentest surge como uma […]

Overview Recently, NSFOCUS CERT detected a remote code execution vulnerability in Metabase (CVE-2023-37470). Due to a flaw in the vulnerability fix for CVS 2023 38646, attackers can achieve remote code execution through H2 connection string injection. Affected users should take protective measures as soon as possible. Reference link: https://github.com/metabase/metabase/security/advisories/GHSA-p7w3-9m58-rq83 Scope of Impact Affected version Open […]

SANTA CLARA, Calif., Aug 3, 2023 – NSFOCUS, a global provider of intelligent hybrid security solutions, today announced the general availability of NSFOCUS Intelligent Security Operations Platform (ISOP), an innovative security analytics and intelligent operations platform that can streamline the security analyst experience, rejuvenate threat response efficiency and improve security operations productivity. NSFOCUS ISOP was […]

Overview Recently, NSFOCUS CERT monitored that QNAP officially released the QVPN code execution vulnerability and QANP denial-of-service vulnerability. Affected users should take protective measures as soon as possible. VPN Code Execution Vulnerability (CVS 2022-27595): There is a code execution vulnerability in the Windows version of the QVPN client, which can be exploited by authenticated local […]

Overview Recently, NSFOCUS CERT detected a remote code execution vulnerability in Metabase (CVE-2023-38646). Unauthenticated attackers can successfully exploit this vulnerability to execute arbitrary commands with Metabase server privileges on the target server. Affected users should take protective measures as soon as possible. Reference link: https://www.metabase.com/blog/security-advisory Scope of Impact Affected version Open source version: Enterprise version: […]

IDC released the market share research report on China’s hardware WAF market share recently. NSFOCUS ranks first with a market share of 11.9%, leading the WAF market in China for four consecutive years from 2019 to 2022. NSFOCUS’s next-generation WAF has been selected by more than 5,000 organizations and has become the preferred WAF product […]

NSFOCUS Security Labs recently collaborated with the research team from the School of Computer Science at China University of Geosciences (Wuhan) on a research paper titled “Computable Access Control: Embedding Access Control Rules into Euclidean Space“. This paper has been officially accepted and published online by the prestigious international journal “IEEE Transactions on Systems, Man, […]

Overview Recently, NSFOCUS CERT monitored Spring’s official security announcement and disclosed an identity bypass vulnerability in Spring Security. Using ‘**’ as the pattern in the Spring Security configuration of WebFlux can cause a pattern mismatch between Spring Security and Spring WebFlux, and may result in identity authentication bypass. CVSS score is 9.1. Affected users should […]

Overview Recently, NSFOCUS CERT monitored that the official security announcement of Atlassian has fixed multiple high-risk vulnerabilities in the Atlassian products. Affected users should take protective measures as soon as possible. Atlas Conflict Data Center and Server Remote Code Execution Vulnerability (CVS-2023-22508/CVC-2023-22505): There is a remote code execution vulnerability in the Atlas Conflict Data Center […]