NSFOCUS

NSFOCUS, Inc., a global network and cyber security leader, protects enterprises and carriers from advanced cyber attacks.

NSFOCUS CERT has detected that details and a proof-of-concept (PoC) tool for a Linux kernel privilege escalation vulnerability CVE-2024-1086, have been publicly disclosed recently. Due to a use-after-free vulnerability in the netfilter: nf_tables component of the Linux kernel, the nft_verdict_init() function allows the use of positive values as a drop ... Read More

On February 1, 2024, the APT Group BITTER launched a spear-phishing attack on a Chinese government agency. BITTER, also known as APT-C-08 or T-APT-17, has been actively targeting countries such as China and Pakistan, focusing on industries like government, power, and military to steal sensitive information, driven by strong political ... Read More

On March 15th, the Cybersecurity Solutions Day event, organized by the Hong Kong Institute of Bankers (HKIB), officially commenced. The event focused on addressing the increasingly complex cybersecurity environment influenced by AI technologies, gathering globally renowned information security vendors and experts to discuss new trends and models driven by AI ... Read More

This article summarizes the preparation configuration of ADS diversion. The specific configuration details may vary depending on the information of the ADS on the client side, router information, and ADS version. The configuration content and order can be referenced from this article. 1. Before configuring diversion, it is necessary to ... Read More

Overview Recently, NSFOCUS CERT detected that Atlassian issued a security announcement and fixed the directory traversal vulnerability in Confluence Data Center and Server (CVE-2024-21677), with a CVSS score of 8.3. Unauthenticated attackers need to interact with users, and exploiting this vulnerability can have a great impact on the confidentiality, integrity, ... Read More

Here’s your essential FAQ guide for RSA Conference 2024! Whether you’re a first-timer or a seasoned attendee, this guide aims to help you navigate the conference with ease and make the most of your experience. Welcome to stop by our booth #3301 at the South Expo of Moscone Center! Q1: ... Read More

NTA can monitor the CPU and memory usage, as well as traffic on the router interfaces where SNMP functionality is enabled. We will provide an example to explain the configuration for a better understanding of SNMP setup. Scenario: Configuring SNMP between the NTA management interface (IP: 10.66.249.47) and a switch ... Read More

As the digital transformation is deepening, the banking industry is making efforts to build digital banks, open banks, and scenario-based financial business models. On one hand, banks are pushed to pay more attention to online operations and to enhance their openness. On the other hand, this raises higher standards for ... Read More

The year 2023 witnessed a dynamic and complex cybersecurity landscape, with various security incidents, vulnerabilities, and trends emerging and evolving. Today, we released the 2023 Annual Security Incident Observation Report, based on our security incident data recorded in 2023. This report provides a summary of the security incidents, the security ... Read More

A brute-force attack involves systematically attempting every possible combination of letters, numbers, and symbols to discover a password. Websites requiring user authentication are susceptible to such attacks. Attackers may begin with dictionary words or slightly modified versions to expedite the process, exploiting common user password practices. These variations are known ... Read More