When researching vulnerabilities, we often find that environment setup takes up a significant amount of time, and in comparison, the actual time spent testing PoCs and exploits may be relatively short. Meanwhile, there are excellent security projects in the open-source community, such as Vulhub and VulApps, which package vulnerability scenarios...
Tag: security research
NSFOCUS Research Labs Acknowledged by MSRC for Reporting Azure Database Service RCE Vulnerability
Overview NSFOCUS received acknowledgments from the Microsoft Security Response Center (MSRC) for reporting Azure Database Service RCE Vulnerability. Azure Database for PostgreSQL - Flexible Server is a relational database service based on the open-source PostgreSQL database engine. It is a fully managed database-as-a-service that can handle mission-critical workloads, offering predictable performance,...
2023 Cybersecurity Regulation Recap (Part 4): Tech Development & Governance
In 2023, countries worldwide continued to strengthen their cybersecurity capabilities and systems in response to their national needs, using regulatory means to enhance their cybersecurity management. Based on continuous tracking and research, NSFOCUS summarized the development of global cybersecurity regulations and policies in 2023, hoping to provide valuable insights and...
CTEM: Navigating the Future of Attack Surface
This article introduces the concept of Continuous Threat Exposure Management (CTEM), delving into the philosophy behind CTEM, its five stages, and exploring key technologies that support its implementation. I. Introduction In mid-October 2023, Gartner released the top 10 strategic technology trends for 2024 that enterprises need to explore, as depicted in Figure 1. Figure...
2023 Cybersecurity Regulation Recap (Part 3): Privacy Protection
In 2023, countries worldwide continued to strengthen their cybersecurity capabilities and systems in response to their national needs, using regulatory means to enhance their cybersecurity management. Based on continuous tracking and research, NSFOCUS summarized the development of global cybersecurity regulations and policies in 2023, hoping to provide valuable insights and...
2023 Cybersecurity Regulation Recap (Part 2): Data Security
In 2023, countries worldwide continued to strengthen their cybersecurity capabilities and systems in response to their national needs, using regulatory means to enhance their cybersecurity management. Based on continuous tracking and research, NSFOCUS summarized the development of global cybersecurity regulations and policies in 2023, hoping to provide valuable insights and...
