Tag: ElasticSearch Remote Code Execution
Conclusion Continuing the trend from January, threat actors in February delivered crypto-miners and Mirai variants. Most of the vulnerabilities exploited in February are not new, however, they are known vulnerabilities in popular applications and systems. In these cases, a threat actor is not looking for a specific target, but instead tries to exploit as many…
Read MoreAs we can see in Figure 8, the developers for SG Optimizer added a permission_callback command to the newly registered REST API routes. This indicates that prior to version 5.0.13, the SG Optimizer plugin had various privilege escalation vulnerabilities. Those vulnerabilities allowed any threat actor to send a malicious request to these registered REST API…
Read MoreAlthough the attack scan traffic into the United States is in line with the proportion of the assigned IP addresses, most of the other countries are not. The extreme outlier that stands out is Malaysia, rising to second place in Q3 2021. Examining Attacks on Malaysia from China Since this is so unusual, we examined…
Read MoreRecent Posts
- Enhancing Cyber Resilience in US SLED Organizations
- Stories from the SOC: Registry Clues to PDF Blues: A Tale of…
- DSPM vs CSPM: Key Differences and Their Roles in Data…
- CISA and Partners Release Joint Guidance on PRC-Affiliated Threat Actor Compromising Networks of Global Telecommunications Providers | CISA
- Jack Rhysider Exposes our Digital Secrets