According to an industry report, over 75% of cybersecurity attacks target the web application layer. Additionally, statistics indicate that more than two-thirds of websites lack adequate security measures. With digital transformation, organizations are moving more business operations to the Internet. New-generation applications are accessed through various channels like the Web...
Categoria: Blog
Secure Boot 101: Getting Started with Secure Boot
Secure Boot aims to add an additional layer of protection to the boot process, laying the foundation for overall computer security. Secure Boot technology, much like a vigilant guardian, ensures that only digitally signed and trusted components are allowed to initiate the system boot process, fortifying the system against unauthorized...
NSFOCUS Zero Trust Solution Makes It Into The Security Service Edge Solutions Landscape Report
SANTA CLARA, Calif., Dec 27, 2023 – NSFOCUS, a global provider of intelligent hybrid security solutions, today announced that NSFOCUS is included in the Security Service Edge Solutions Landscape for Q4 2023 recently published by Forrester, an internationally authoritative research and consulting firm. Forrester believes that security service edge (SSE)...
OpenSSH Command Injection Vulnerability (CVE-2023-51385) Alert
Overview Recently, NSFOCUS CERT detected that OpenSSH released a security update and fixed a command injection vulnerability caused by malicious shell characters (CVE-2023-51385), with a CVSS score of 9.8; Since there is no security filtering of username and hostname input represented by %h,%u in OpenSSH's ProxyCommand command, command injection may...
Apache OFBiz Arbitrary File Reading and Remote Code Execution Vulnerabilities (CVE-2023-50968/CVE-2023-51467) Alert
Overview Recently, NSFOCUS CERT detected that Apache officially released a security announcement and fixed two high-risk vulnerabilities in Apache Ofbiz. CVE-2023-50968: Due to problems in Apache Software Foundation, unauthorized attackers can read files and carry out SSRF attacks when operating uri calls; CVE-2023-51467: Due to a privilege verification logic error...
NSFOCUS Recognized as One of Representative SOAR Vendors in Frost & Sullivan’s Report
SANTA CLARA, Calif., Dec 21, 2023 – NSFOCUS proudly announces its recognition in Frost & Sullivan's latest report Insights for CISOs: Modernizing Security Operations Centers with Security Orchestration and Automated Response as a representative vendor. This insightful report delves into the growth environment, enterprise application value, SOAR solution benefits, the...
