As the clock ticks down to the full enforcement of Hong Kong’s Protection of Critical Infrastructures (Computer Systems) Ordinance on January 1, 2026, designated operators of Critical Infrastructures (CI) and Critical Computer Systems (CCS) must act decisively. This landmark law mandates robust cybersecurity measures for Critical Computer Systems (CCS) to prevent disruptions, with non-compliance risking […]

The post Hong Kong’s New Critical Infrastructure Ordinance will be effective by 1 January 2026 – What CIOs Need to Know appeared first on NSFOCUS, Inc., a global network and cyber security leader, protects enterprises and carriers from advanced cyber attacks..

The post Hong Kong’s New Critical Infrastructure Ordinance will be effective by 1 January 2026 – What CIOs Need to Know appeared first on Security Boulevard.

Overview On December 10, NSFOCUS CERT detected that Microsoft released the December Security Update patch, which fixed 57 security issues involving widely used products such as Windows, Microsoft Office, Microsoft Exchange Server, Azure, etc., including high-risk vulnerability types such as privilege escalation and remote code execution. Among the vulnerabilities fixed by Microsoft’s monthly update this […]

The post Microsoft’s December Security Update of High-Risk Vulnerability Notice for Multiple Products appeared first on NSFOCUS, Inc., a global network and cyber security leader, protects enterprises and carriers from advanced cyber attacks..

The post Microsoft’s December Security Update of High-Risk Vulnerability Notice for Multiple Products appeared first on Security Boulevard.

SANTA CLARA, Calif., Nov 25, 2025 – Recently, NSFOCUS Generative Pre-trained Transformer (NSFGPT) and Intelligent Security Operations Platform (NSFOCUS ISOP) were recognized by the internationally renowned consulting firm Frost & Sullivan and won the 2025 Global Competitive Strategy Leadership for AI-Driven Security Operation [1]. Frost & Sullivan Best Practices Recognition awards companies each year in […]

The post NSFOCUS Receives International Recognition: 2025 Global Competitive Strategy Leadership for AI-Driven Security Operation appeared first on NSFOCUS, Inc., a global network and cyber security leader, protects enterprises and carriers from advanced cyber attacks..

The post NSFOCUS Receives International Recognition: 2025 Global Competitive Strategy Leadership for AI-Driven Security Operation appeared first on Security Boulevard.

Overview Recently, NSFOCUS CERT detected that Fortinet issued a security bulletin to fix the FortiWeb authentication bypass and command injection vulnerability (CVE-2025-64446/CVE-2025-58034); Combined exploitation can realize unauthorized remote code execution. At present, the vulnerability details and PoC have been made public, and wild exploitation has been found. Relevant users are requested to take measures to […]

The post Fortinet FortiWeb Authentication Bypass and Command Injection Vulnerability (CVE-2025-64446/CVE-2025-58034) Notice appeared first on NSFOCUS, Inc., a global network and cyber security leader, protects enterprises and carriers from advanced cyber attacks..

The post Fortinet FortiWeb Authentication Bypass and Command Injection Vulnerability (CVE-2025-64446/CVE-2025-58034) Notice appeared first on Security Boulevard.

Incident Summary On October 21, 2025, NSFOCUS Cloud DDoS Protection Service (Cloud DPS) detected and mitigated an 800G+ DDoS attack towards a critical infrastructure operator. The target network sustained a multi-vector volumetric DDoS attack peaking at 843.4 Gbps and 73.6 Mpps. The assault combined UDP-based floods (dominant) with amplification and reflection techniques. NSFOCUS Cloud DPS […]

The post NSFOCUS Cloud DDoS Protection Service (Cloud DPS) Detected and Mitigated an 800G+ DDoS Attack towards a Critical Infrastructure Operator appeared first on NSFOCUS, Inc., a global network and cyber security leader, protects enterprises and carriers from advanced cyber attacks..

The post NSFOCUS Cloud DDoS Protection Service (Cloud DPS) Detected and Mitigated an 800G+ DDoS Attack towards a Critical Infrastructure Operator appeared first on Security Boulevard.

Overview On November 12, NSFOCUS CERT detected that Microsoft released the November Security Update patch, which fixed 63 security issues involving widely used products such as Windows, Microsoft Office, Microsoft SQL Server, Azure, and Microsoft Visual Studio, including privilege escalation, high-risk vulnerability types such as remote code execution. Among the vulnerabilities fixed by Microsoft’s monthly […]

The post Microsoft’s November Security Update of High-Risk Vulnerability Notice for Multiple Products appeared first on NSFOCUS, Inc., a global network and cyber security leader, protects enterprises and carriers from advanced cyber attacks..

The post Microsoft’s November Security Update of High-Risk Vulnerability Notice for Multiple Products appeared first on Security Boulevard.

Regional APT Threat Situation In September 2025, the global threat hunting system of Fuying Lab detected a total of 24 APT attack activities. These activities were primarily concentrated in regions including East Asia, South Asia, as shown in the following figure. Regarding the activity levels of different groups, the most active APT groups this month […]

The post NSFOCUS Monthly APT Insights – September 2025 appeared first on NSFOCUS, Inc., a global network and cyber security leader, protects enterprises and carriers from advanced cyber attacks..

The post NSFOCUS Monthly APT Insights – September 2025 appeared first on Security Boulevard.

Overview Recently, NSFOCUS CERT detected that JumpServer issued a security bulletin to fix the JumpServer connection token improper authentication vulnerability (CVE-2025-62712); Due to improper authentication of JumpServer’s /api/v1/authentication/super-connection-token/hyper-connected endpoint, attackers with low-privilege accounts can obtain the connection tokens of all system users and connect to managed assets as them, thereby achieving unauthorized access and privilege […]

The post JumpServer Connection Token Improper Authentication Vulnerability (CVE-2025-62712) Notice appeared first on NSFOCUS, Inc., a global network and cyber security leader, protects enterprises and carriers from advanced cyber attacks..

The post JumpServer Connection Token Improper Authentication Vulnerability (CVE-2025-62712) Notice appeared first on Security Boulevard.

SANTA CLARA, Calif., November 4, 2025 – The 18th Global Security Analyst Summit (SAS) concluded successfully in Khao Lak, Thailand. Focused on the complexity of APT attacks, the summit exposed the latest attack activities from Hacking Team and disclosed multiple major security risk incidents. It gathered top global cybersecurity experts, academic elites, and law enforcement representatives to […]

The post NSFOCUS in SAS 2025: Unveiling Secrets Behind Large-Scale DDoS Attacks on AI Platform and Social Media appeared first on NSFOCUS, Inc., a global network and cyber security leader, protects enterprises and carriers from advanced cyber attacks..

The post NSFOCUS in SAS 2025: Unveiling Secrets Behind Large-Scale DDoS Attacks on AI Platform and Social Media appeared first on Security Boulevard.