Vulnerabilities, Exploits, and Malware Driving Attack Campaigns in August 2019
- by nlqip
Further analysis on this sample was not conducted. F5 Labs has reported extensively on the Mirai botnet, IoT landscape, and some of its variants. For a detailed breakdown on current Mirai botnets seen in the threat landscape, the Hunt for IoT Research Series publishes current threat data.
Conclusion
All of the vulnerabilities targeted this month can be classified as unsafe input injection. According to 2017 OWASP Top 10 List of web vulnerabilities, injection flaws are the most prevalent type of vulnerability present in applications. These flaws can allow a resourceful attacker to execute malicious commands and queries.
Threat actors used their resources wisely this month, focusing on target reconnaissance. Instead of sending the main payload in the first request, they attempted to do system reconnaissance before sending the malicious payload. Exploits targeting Oracle WebLogic and Elasticsearch were also lower than seen in previous months. This could be due to the fact that a lot of these servers are protected by a web application firewall (WAF). If kept updated, a WAF can stop an attacker from exploiting known vulnerabilities. For most organizations, a web application firewall serves as the first line of defense for their applications. A well-monitored, configured, and updated WAF should also be able to stop these threat actors from exploiting vulnerable systems within a network.
Along with targeting these vulnerabilities that we have reported on in past months, DDoS capabilities continue to be a focus for threat actors. These attacks have been on the rise, with Wikipedia being the latest target.
F5 security researchers continuously monitor new web application exploits to deliver the latest threat intelligence to our customers, as well as the broader IT security community. Join us in continuing the conversation on social media. You can reach us on Twitter @f5labs, or email us at F5LabsTeam@f5.com.
Source link
lol
Further analysis on this sample was not conducted. F5 Labs has reported extensively on the Mirai botnet, IoT landscape, and some of its variants. For a detailed breakdown on current Mirai botnets seen in the threat landscape, the Hunt for IoT Research Series publishes current threat data. Conclusion All of the vulnerabilities targeted this month…
Recent Posts
- Windows 10 KB5046714 update fixes bug preventing app uninstalls
- Eight Key Takeaways From Kyndryl’s First Investor Day
- QNAP pulls buggy QTS firmware causing widespread NAS issues
- N-able Exec: ‘Cybersecurity And Compliance Are A Team Sport’
- Hackers breach US firm over Wi-Fi from Russia in ‘Nearest Neighbor Attack’