57 matches found
Hiding in the Tunnels: Unmasking the New Stealthy BPFDoor Variants
This is Rapid7's whitepaper discussing BPFDoor variants. Advanced persistent threats APTs are locked in a continuous arms race with network defenders. As static indicators of compromise IoCs for the notorious BPFDoor malware became widely deployed by security vendors, the threat actors went back ...
Fire Ant Exploits VMware Flaws to Compromise ESXi Hosts and vCenter Environments
Virtualization and networking infrastructure have been targeted by a threat actor codenamed Fire Ant as part of a prolonged cyber espionage campaign. The activity, observed this year, is primarily designed Now to infiltrate organizations' VMware ESXi and vCenter environments as well as network...
Why top SOC teams are shifting to Network Detection and Response
Security Operations Center SOC teams are facing a fundamentally new challenge — traditional cybersecurity tools are failing to detect advanced adversaries who have become experts at evading endpoint-based defenses and signature-based detection systems. The reality of these “invisible intruders” i...
IBM QRadar SIEM Cross-Site Scripting Vulnerability (CNVD-2024-15725)
IBM QRadar SIEM is a solution from International Business Machines IBM that utilizes security intelligence to protect assets and information from advanced threats. The solution provides oversight of the entire scope of the IT architecture, generates detailed reports on data access and user...
IBM QRadar SIEM Information Disclosure Vulnerability (CNVD-2023-83656)
IBM QRadar SIEM is a solution from International Business Machines IBM that utilizes security intelligence to protect assets and information from advanced threats. The solution provides oversight of the entire scope of the IT architecture, generates detailed reports on data access and user...
Zero Trust + Deception: Join This Webinar to Learn How to Outsmart Attackers!
Cybersecurity is constantly evolving, but complexity can give hostile actors an advantage. To stay ahead of current and future attacks, it's essential to simplify and reframe your defenses. Zscaler Deception is a state-of-the-art next-generation deception technology seamlessly integrated with the...
IBM QRadar SIEM Information Disclosure Vulnerability (CNVD-2023-11693)
IBM QRadar SIEM is a solution from IBM that leverages security intelligence to protect assets and information from advanced threats. IBM QRadar SIEM versions 7.4 and 7.5 contain an information disclosure vulnerability that originates when a non-tenant user assigned a domain-specific security...
IBM QRadar SIEM Information Disclosure Vulnerability (CNVD-2022-68281)
IBM QRadar SIEM is a solution from International Business Machines IBM that leverages security intelligence to protect assets and information from advanced threats. The solution provides oversight of the entire scope of the IT architecture, generates detailed reports on data access and user...
IBM QRadar Network Security Trust Management Issue Vulnerability
IBM QRadar Network Security is a network security manager from IBM, USA. used to provide better visibility and control over activities and users on the network, while using deep packet inspection, heuristics and behavior-based analysis to detect and prevent advanced threats.IBM QRadar Network...
IBM QRadar SIEM Licensing Issue Vulnerability (CNVD-2022-83585)
IBM QRadar SIEM is a solution from IBM America that leverages security intelligence to protect assets and information from advanced threats. The solution provides monitoring of the entire scope of the IT architecture, generates detailed reports on data access and user activity, etc. IBM QRadar SI...
IBM QRadar SIEM Information Disclosure Vulnerability (CNVD-2022-83586)
IBM QRadar SIEM is an IBM solution that leverages security intelligence to protect assets and information from advanced threats. IBM QRadar SIEM has an information leakage vulnerability that stems from the program's lack of protection for sensitive information, which could be exploited by an...
IBM QRadar SIEM Denial of Service Vulnerability (CNVD-2022-56976)
IBM QRadar SIEM is a U.S.-based solution from IBM that leverages security intelligence to protect assets and information from advanced threats. The solution provides monitoring of the entire scope of the IT architecture, generating detailed reports on data access and user activity, etc. A...
Even the Most Advanced Threats Rely on Unpatched Systems
Common cybercriminals are a menace, there's no doubt about it – from bedroom hackers through to ransomware groups, cybercriminals are causing a lot of damage. But both the tools used and the threat posed by common cybercriminals pale in comparison to the tools used by more professional groups suc...
Fidelis Network Deception Command Injection Vulnerability (CNVD-2022-59171)
Fidelis Network Deception is a security product from Fidelis USA. A security vulnerability exists in versions prior to Fidelis Network Deception 9.4.5, which stems from a faulty remotetextfile in rconfig, to detect threats and prevent data loss, detect malicious behavior, identify traffic...
IBM QRadar SIEM Cross-Site Scripting Vulnerability (CNVD-2022-38551)
IBM QRadar SIEM is a solution from IBM USA that leverages security intelligence to protect assets and information from advanced threats. The solution provides monitoring of the entire scope of the IT architecture, generating detailed reports on data access and user activity, etc. A cross-site...
Unspecified Vulnerability in IBM QRadar SIEM (CNVD-2022-33845)
IBM QRadar SIEM is an IBM USA solution that utilizes security intelligence to protect assets and information from advanced threats. The solution provides oversight of the entire scope of the IT architecture, generates detailed reports on data access and user activity, and more. IBM QRadar SIEM ha...
IBM QRadar SIEM Information Disclosure Vulnerability (CNVD-2022-34982)
IBM QRadar SIEM is an IBM USA solution that utilizes security intelligence to protect assets and information from advanced threats. The solution provides oversight of the entire scope of the IT architecture, generates detailed reports on data access and user activity, and more. An information...
IBM QRadar SIEM Information Disclosure Vulnerability (CNVD-2022-34984)
IBM QRadar SIEM is a U.S.-based solution from IBM that leverages security intelligence to protect assets and information from advanced threats. The solution provides oversight of the entire scope of the IT architecture, generates detailed reports on data access and user activity, etc. IBM QRadar...
IBM QRadar SIEM Cross-Site Scripting Vulnerability (CNVD-2022-34987)
IBM QRadar SIEM is an IBM USA solution that utilizes security intelligence to protect assets and information from advanced threats. The solution provides oversight of the entire scope of the IT architecture, generates detailed reports on data access and user activity, and more. IBM QRadar SIEM...
IBM QRadar SIEM Authorization Issue Vulnerability (CNVD-2022-34988)
IBM QRadar SIEM is an IBM USA solution that utilizes security intelligence to protect assets and information from advanced threats. The solution provides oversight of the entire scope of the IT architecture, generates detailed reports on data access and user activity, and more. An authorization...