Category: Chatgpt
Mitigating FluBot David Warburton, principal threat research evangelist with F5 Labs, offers the following suggestions for mitigating FluBot. Prevent FluBot relies on tricking the user into downloading a trojan hosted on an attacker-controlled server. Android phones will, by default, prevent installation from outside of the Google Play store, though attackers know this and coach the…
Read More
Mitigation Coverage Restrict web-based content 7 Disable or remove feature or program 5 Multifactor authentication 5 Network segmentation 5 User training 5 Application isolation and sandboxing 4 Exploit protection 4 Network intrusion prevention 4 Privileged account management 4 User account management 4 Antivirus/antimalware 3 Data backup 3 Filter network traffic 3 Password policies 3 Update…
Read MoreBy now you have probably heard about another raft of high-severity vulnerabilities in the open-source Java application framework, Spring. The Spring Framework is a collection of programming libraries which allow developers to easily integrate features into their apps such as authentication, data access, testing, and even the creation of web applications on top of Java…
Read MoreMaliBot’s C2 IP has been used in other malware smishing campaigns since June 2020, which raises questions about how the authors of this malware are related to other campaigns (see Campaign Screenshots). How MaliBot Works Android ‘packers’ are becoming increasingly popular with malware developers since they allow native code to be encrypted within the mobile…
Read MoreAs you can see in Figure 1, six out of the 29 identified CVEs constituted the vast majority (96.7%) of the traffic, so much of our analysis is focused on them. CVE-2017-9841 was the most frequently targeted for the entire six-month period, fluctuating slightly but never enough to fall from the top spot. Below that,…
Read MoreOverview Blackguard Infostealer is a malware strain that was first discovered infecting Windows devices at the start of 2022. Other security researchers have already documented how the malware operates and its dissemination via underground Russian crimeware forums., This article aims to expand on existing research by exploring its data exfiltration capabilities in greater detail. Blackguard…
Read MoreTable 1 shows counts and monthly changes for all of the CVEs we identified in July traffic. CVE Number Count Change in Count (June – July) CVE-2020-8958 8244 3876 CVE-2017-9841 5991 -303 CVE-2020-25078 3739 2821 CVE-2018-10562 3728 2915 CVE-2017-18368 3265 3063 CVE-2019-9082 2508 -278 CVE-2021-3129 2057 -203 CVE-2021-28481 1839 -159 CVE-2022-22947 1330 -128 CVE-2021-22986 447…
Read MoreMuch of our threat research is focused on analyzing quantitative threat data—the larger the sample size, the better. However, the critical piece of information about a specific attack, the thing that differentiates it from the attacks that happened the day before or after, often lies in minute detail that is rarely captured in a large…
Read More
As we have done for prior DDoS Attack Trends reports, we recently analyzed attack data from the F5 Distributed Cloud DDoS Mitigation service to get a look at the DDoS traffic they handled for their customers in 2022. We continued our analysis by comparing 2022 data to that of 2021 and 2020. Some interesting trends…
Read More
Tenable®, the Exposure Management company, today announced that it has achieved the “Ready” designation at the moderate impact level from the Federal Risk and Authorization Management Program (FedRAMP®) for Tenable Cloud Security for U.S. Government – Ermetic. Ermetic was acquired by Tenable in October 2023. Tenable Cloud Security is a comprehensive CNAPP solution that simplifies identification…
Read More