Decoding the Double-Edged Sword: The Role of LLM in Cybersecurity
Large Language Models (LLMs) are essentially language models with a vast number of parameters that have undergone extensive training to understand and process human language. They have been trained on a wide array of texts, enabling them to assist in problem-solving across various domains. Security professionals are also exploring the ... Read More
Remote Code Execution Vulnerability Alert of Unix CUPS Print Service (CVE-2024-47076 / CVE-2024-47175 / CVE-2024-47177)
Overview Recently, NSFOCUS CERT monitored the disclosure of the details of remote code execution vulnerabilities for Unix CUPS printing service on the Internet. When the system enables cups-browsed process listening (default port 631) to receive UDP packets, unauthenticated attackers induce victims to configure by constructing a malicious IPP server. When ... Read More
Over 300,000! GorillaBot: The New King of DDoS Attacks
Overview In September 2024, NSFOCUS Global Threat Hunting System monitored a new botnet family calling itself Gorilla Botnet entering an unusually active state. Between September 4 and September 27, it issued over 300,000 attack commands, with a shocking attack density. During this active period, Gorilla Botnet targeted over 100 countries, ... Read More
Are More Than Two-Thirds of Websites Vulnerable?
Cybersecurity threats have become a norm, with old vulnerabilities still frequently exploited and new ones emerging continuously, posing significant challenges to web security. Zero-day vulnerabilities have become a critical tool for attackers to breach defenses. According to a Gartner survey, over 75% of information security attacks focus on web applications, ... Read More
The Supply Chain Conspiracy: Cyber Attacks Behind the Lebanon Explosions
On September 17 and 18, a series of devastating explosions rocked Lebanon, resulting in 37 fatalities and nearly 3,000 injuries, according to the Lebanese Minister of Public Health. Initial investigations suggest these attacks were not mere accidents but rather the result of a sophisticated cyber operation targeting communication devices. Understanding ... Read More
NSFOCUS Recognized in Groundbreaking AI Security Industry Map
Beijing, China, September 18, 2024 – At the National Cybersecurity Awareness Week, the Cloud Security Alliance (CSA) Greater China Region unveiled the industry’s first-ever AI-empowered security map: AI Security Industry Map, 2024. This comprehensive map delineates four major categories and eighteen sub-categories, offering a clear depiction of the “AI+Security” ecosystem ... Read More
NSFOCUS Recognized in Eight Security Innovations in the Gartner® Hype Cycle™ for Security in China, 2024 Report
Gartner® has recently unveiled its Hype Cycle for Security in China, 2024 and NSFOCUS has been recognized as a Sample Vendor across eight security innovations. We believe this is a testament to NSFOCUS’s commitment to innovation and its role as a leading player in the cybersecurity landscape. The Eight Security ... Read More
NSFOCUS Introduces Digital Risk Protection Service to Bolster Cyber Defenses
SANTA CLARA, Calif., September 6, 2024 – NSFOCUS, a pioneer in the cybersecurity industry, is proud to announce the launch of our Digital Risk Protection Service (DRPS). In the era of digital transformation, enterprises are not just building businesses; they’re navigating a complex web of digital risks. NSFOCUS Digital Risk ... Read More
Embracing Private Cloud Web Security with NSFOCUS vWAF
In the digital age, the cloud has become the cornerstone of business operations, heralding a new era of innovation and efficiency. However, with the shift to cloud-based infrastructures, particularly private clouds, organizations are facing a new set of web security challenges that demand a robust and agile response. NSFOCUS vWAF ... Read More
WAF Cloud Authentication Issue Troubleshooting
If the virtual product uses cloud authentication, it needs to communicate with the cloud authentication center periodically every day to complete the authentication and ensure availability. You can confirm the authorization mode under System Management -> System Tools -> License -> Authorized by. For example, in the image below, the ... Read More