Kartwheel News

Cyber stories

Tag: ElasticSearch Remote Code Execution

Vulnerabilities, Exploits, and Malware Driving Attack Campaigns in February 2019

Conclusion Continuing the trend from January, threat actors in February delivered crypto-miners and Mirai variants. Most of the vulnerabilities exploited in February are not new, however, they are known vulnerabilities in popular applications and systems. In these cases, a threat actor is not looking for a specific target, but instead tries to exploit as many…

Read More

Vulnerabilities, Exploits, and Malware Driving Attack Campaigns in March 2019

As we can see in Figure 8, the developers for SG Optimizer added a permission_callback command to the newly registered REST API routes. This indicates that prior to version 5.0.13, the SG Optimizer plugin had various privilege escalation vulnerabilities. Those vulnerabilities allowed any threat actor to send a malicious request to these registered REST API…

Read More

How Global Cyberthreats Changed Over 2021 | F5 Labs

Although the attack scan traffic into the United States is in line with the proportion of the assigned IP addresses, most of the other countries are not. The extreme outlier that stands out is Malaysia, rising to second place in Q3 2021. Examining Attacks on Malaysia from China Since this is so unusual, we examined…

Read More

Recent Posts

Recent Comments

No comments to show.