From December 5, 2022 to December 18, 2022, NSFOCUS Security Labs found activity clues of 66 APT groups, 3 malware families (MoonBounce Trojans, Razy Trojans and the CoinMinder), and 509 threat actors targeting critical infrastructure. APT Groups Among the 66 discovered APT groups, the APT28 affected the most significant number of hosts from December 5 […]
Santa Clara, Calif. Dec 23, 2022 – NSFOCUS, a global provider of intelligent hybrid security solutions, announced today that it has attained ISO 22301:2019 Business Continuity Management System (BCMS) certification. ISO 22301 is an international standard for business continuity. It specifies the requirements for a management system to protect against, reduce the likelihood of occurrence, […]
From November 21, 2022 to December 4, 2022, NSFOCUS Security Labs found activity clues of 60 APT groups, 2 malware families (Mozi ransomware and Banload Trojan horse), and 510 threat actors targeting critical infrastructure. APT Groups Among the 60 discovered APT groups, the APT group Outlaw affected the most significant number of hosts from November […]
To deal with threats from supply chains and ensure the security of their own IT infrastructure, companies shall set a list of software compositions to sort out the supply chain products, identify and manage key software suppliers, control security risks through security assessments at all stages of the life cycle of supply chains, and reduce […]
O mapa de conhecimento de segurança é a chave para a realização da inteligência cognitiva em segurança cibernética, e também estabelece uma base tecnológica indispensável para lidar com ameaças e riscos avançados, contínuos e complexos no ciberespaço. Com o desenvolvimento das principais tecnologias de infraestrutura de informação, como computação em nuvem, 5G, IoT e Internet […]
Gao Jian at NSFOCUS Security Labs was invited to speak at the Black Hat 2022 Europe held at ExCel London, United Kindom from December 5 to 8, 2022. Gao Jian specializes in industrial control system security, focusing on PLC and SCADA vulnerability exploitation and ICS security enhancement. He has helped many vendors, including Siemens, Codesys, […]
Software supply chain security covers the whole software life cycle. In terms of software product complexity alone, apart from the software itself, it is necessary to ensure the security of the dependencies and transitive dependencies of software, as well as the security of the software ecosystem composed of these dependency chains. Especially regarding the issue […]
As the 2022 FIFA World Cup kicked off on Sunday, Nov 20, 2022, no country can be more notable than Qatar these days. In this article, we will get you familiar with the host nation Qatar, and show you its infrastructure construction level through analysis of cyberspace services. Qatar and the FIFA 2022 World Cup […]
Unlike vulnerability exploitation in products, attack vectors and implementation channels targeting the supply chain in the real environment are more diverse. Due to the advantages of low development cost, the widespread use of open-source components in projects has become the mainstream development method. The conflict between a rule-relaxed open community and limited maintenance resources provides […]
Application programming interfaces (APIs) have become a role that can’t be ignored in digital transformation, whether in application modernization or agile business strategies. At the application development stage, APIs are standard service interfaces. When it comes to interfacing with third-party services, APIs are a common choice. In the microservice architecture, APIs are an integral part […]
