VIMU: Effective Physics-Based Realtime Detection and Recovery against Stealthy Attacks on UAVs

Sensor attacks on robotic vehicles have become pervasive and manipulative. Their latest advancements exploit sensor and detector characteristics to bypass detection. Recent security efforts have leveraged the physics-based model to detect or mitigate sensor attacks. However, these approaches are...

ZDI-CAN-19105: Parse Server literalizeRegexPart SQL Injection

Impact This vulnerability allows SQL injection when Parse Server is configured to use the PostgreSQL database. Patches The algorithm to detect SQL injection has been improved. Workarounds None. References - https://github.com/parse-community/parse-server/security/advisories/GHSA-6927-3vr9-fxf2 -...

Debian DSA-5354-1 : snort - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5354 advisory. Multiple security vulnerabilities were discovered in snort, a flexible Network Intrusion Detection System, which could allow an unauthenticated, remote attacker t...

Cisco IOS XE Products Snort Application Detection Engine Policy Bypass (cisco-sa-snort-app-bypass-cSBYCATq)

According to its self-reported version, Cisco IOS XE is affected by a vulnerability in the UTD SNORT IPS detection engine due to a flaw in the detection algorithm. An unauthenticated, remote attacker can exploit this by sending crafted packets that would flow through an affected system. A...

Multiple Cisco Products Snort Application Detection Engine Policy Bypass Vulnerability

Multiple Cisco products are affected by a vulnerability in the Snort application detection engine that could allow an unauthenticated, remote attacker to bypass the configured policies on an affected system. The vulnerability is due to a flaw in the detection algorithm. An attacker could exploit...

Multiple Cisco Products Security Vulnerabilities

The Cisco RV110W, among others, is a router from Cisco USA. A security vulnerability exists in a number of Cisco products and stems from a flaw in the detection algorithm. The vulnerability can be exploited by an attacker to bypass configured policies. The following products and versions are...

Detecting Account Takeover Botnets

A botnet is a network of compromised computers - known as bots - usually controlled by a command and control computer, that work together in coordination for a malicious purpose. In this blog post, we’ll discuss how to detect botnets used for account takeover ATO, an attack used to obtain the val...

A View into Top Level Domain (TLD) Abuse

Data science and security research teams in the carrier organization at Akamai process massive volumes of DNS queries every day to detect and track malicious activity. The data is live-streamed from DNS resolvers deployed in diverse service provider networks in every region of the world. Provider...