Author: nlqip

Here we are in April 2023, which gives us another opportunity to see what vulnerabilities attackers were most interested in last month. After receiving a huge amount of attacker attention from November 2022 to February 2023, CVE-2020-8958 has returned to volumes of traffic more consistent with what we’d come to expect over the last year…

Read More

Why does vulnerability management fail? There are a couple of reasons: Enterprise IT teams can’t keep up with all the vulnerabilities because secure coding hasn’t been, and still isn’t, a priority across all organizations that write software. In a recent F5 security event where 300 participants responded to live polling, 21% of respondents said they…

Read More

By now you have probably heard about another raft of high-severity vulnerabilities in the open-source Java application framework, Spring. The Spring Framework is a collection of programming libraries which allow developers to easily integrate features into their apps such as authentication, data access, testing, and even the creation of web applications on top of Java…

Read More

MS-ISAC ADVISORY NUMBER: 2024-002 DATE(S) ISSUED: 01/09/2024 OVERVIEW: Multiple vulnerabilities have been discovered in Microsoft products, the most severe of which could allow for remote code execution in the context of the logged on user. Depending on the privileges associated with the user, an attacker could then install programs; view, change, or delete data; or…

Read More

Welcome to the Sensor Intelligence Series for April 2023. Last month was comparatively quiet in terms of attack traffic, like March before it. CVE-2020-8958 (an OS command injection vulnerability in a GPON router) remained the top-targeted vulnerability, as it has for nine of the last ten months. Many of the other top targets, such as…

Read More

The Power of Data Massive amounts of new data are generated every day. In 2017, IBM calculated that 90% of all the world’s data had been created within the past two years. Data shapes our knowledge, decisions, and everyday life; data has power. Thanks to the fact that technology devices are getting smaller and smaller,…

Read More

MaliBot’s C2 IP has been used in other malware smishing campaigns since June 2020, which raises questions about how the authors of this malware are related to other campaigns (see Campaign Screenshots). How MaliBot Works Android ‘packers’ are becoming increasingly popular with malware developers since they allow native code to be encrypted within the mobile…

Read More

Introduction In part one of this two-part series, we explained what web APIs are and how they work. In this article, we look at how APIs can pose risks to your data and infrastructure—and what you can do to secure them. In part one, we learned that web APIs (application programming interfaces) provide a way…

Read More

​Microsoft warns that the Russian APT28 threat group exploits a Windows Print Spooler vulnerability to escalate privileges and steal credentials and data using a previously unknown hacking tool called GooseEgg. APT28 designed this tool to target the CVE-2022-38028 vulnerability reported by the U.S. National Security Agency, which Redmond fixed during the Microsoft October 2022 Patch…

Read More

Do All the Things IT folks face a grand challenge. They’re being pushed more than ever to secure more services faster, with fewer resources. Applications are now more critical than ever. And apps now need to be available 24×7 everywhere. On top of that, they need to be more responsive to changes, faster, and able…

Read More