Tag: CVE-2018-11776
Just two weeks ago a new Apache Struts 2 critical remote code execution vulnerability was published,1 and F5 researchers have already detected known threat actors exploiting it in a new crypto-mining campaign: CVE-2018-11776 Apache Struts 2 namespace vulnerability allows unauthenticated remote code execution. In this Monero crypto-mining campaign, the injection point is within the URL.…
Read MoreWhile investigating a recent threat campaign, F5 researchers encountered a strange behaviour where malicious requests were originating from legitimate Googlebot servers. This relatively infrequent behavior could potentially have serious consequences in environments where the trust level given to Googlebot influences an organization’s security decisions. The Trust Paradox Google’s official support site advises to “make sure…
Read MoreRecent Posts
- Arm To Seek Retrial In Qualcomm Case After Mixed Verdict
- Jury Sides With Qualcomm Over Arm In Case Related To Snapdragon X PC Chips
- Equinix Makes Dell AI Factory With Nvidia Available Through Partners
- AMD’s EPYC CPU Boss Seeks To Push Into SMB, Midmarket With Partners
- Fortinet Releases Security Updates for FortiManager | CISA