33 matches found
Agent389
Agent389 Agent389 is a professional, high-fidelity LDAP inje...
MCP Pitfall Lab: Exposing Developer Pitfalls in MCP Tool Server Security under Multi-Vector Attacks
Model Context Protocol MCP is increasingly adopted for tool-integrated LLM agents, but its multi-layer design and third-party server ecosystem expand risks across tool metadata, untrusted outputs, cross-tool flows, multimodal inputs, and supply-chain vectors. Existing MCP benchmarks largely measu...
GuardPhish: Securing Open-Source LLMs from Phishing Abuse
The rapid adoption of open-source Large Language Models LLMs in offline and enterprise environments has introduced a largely unexamined security risk like susceptibility to adversarial phishing prompts under static safety configurations. In this work, we systematically investigate this...
Why Most DDoS Protection Fails: Solving for Continuity and Resilience
Most organisations assume DDoS Distributed denial of service protection is a box they’ve already ticked. If traffic spikes or an attack starts, the thinking goes, their provider will absorb it and move on. But in the real world it can be a different story. Many incidents aren’t caused by the scal...
Abusing the Internet of Medical Things: Evaluating Threat Models and Forensic Readiness for Multi-Vector Attacks on Connected Healthcare Devices
Individuals experiencing interpersonal violence IPV, who depend on medical devices, represent a uniquely vulnerable population as healthcare technologies become increasingly connected. Despite rapid growth in MedTech innovation and "health-at-home" ecosystems, the intersection of MedTech...
Active Water Saci Campaign Spreading Via WhatsApp Features Multi-Vector Persistence and Sophisticated C&C
Continuous investigation on the Water Saci campaign reveals innovative email-based C&C system, multi-vector persistence, and real-time command capabilities that allow attackers to orchestrate coordinated botnet operations, gather detailed campaign intelligence, and dynamically control malware...
Exploit for Incomplete List of Disallowed Inputs in Fasterxml Jackson-Databind
🔥 Jackson RCE Exploiter - Enterprise Bypass Edition !Versi...
Tech Overtakes Gaming as Top DDoS Attack Target, New Gcore Radar Report Finds
The latest Gcore Radar report analyzing attack data from Q1–Q2 2025, reveals a 41% year-on-year increase in total attack volume. The largest attack peaked at 2.2 Tbps, surpassing the 2 Tbps record in late 2024. Attacks are growing not only in scale but in sophistication, with longer durations,...
Lumma Stealer: Breaking down the delivery techniques and capabilities of a prolific infostealer
Over the past year, Microsoft observed the persistent growth and operational sophistication of Lumma Stealer, an infostealer malware used by multiple financially motivated threat actors to target various industries. Our investigation into Lumma Stealer’s distribution infrastructure reveals a...
Measures Healthcare Providers Can Take to Mitigate Disruptions
Earlier this month, an internet outage affected public healthcare clusters in Singapore, including major hospitals and polyclinics, lasting more than seven hours from 9:20 am. Investigations identified that a distributed denial-of-service DDoS attack was the cause of the online service outage. DD...
Forta GoAnywhere Zero-Day Exploited By Threat Actors
On February 1st, 2023, Forta released an advisory behind an auth wall notifying their customers of a remote code execution zero-day exploit affecting their GoAnywhere Managed File Transfer MFT application. This was picked up by Brian Krebs, an investigative journalist who published this on his...
Massive Multi-Vector 1.37 Tbps DDoS Attack Mitigated by Imperva DDoS Protection
On July 22, an Imperva customer was targeted by a network DDoS attack that reached a maximum bandwidth of 1.37 trillion bits per second Tbps, making it one of the largest attacks that Imperva has stopped and one of the larger DDoS attacks on record. The attack lasted a little over two hours in...
AsyncRAT C2 Framework: Overview, Technical Analysis & Detection
In this blog we describe the AsyncRAT C2 command & control Framework, which allows attackers to remotely monitor and control other computers over a secure encrypted link. We provide an overview of this threat, a technical analysis, and a method of detecting the malware using Qualys Multi-Vector...
Can your EDR handle a ransomware attack? 6-point checklist for an anti-ransomware EDR
Most cybersecurity experts agree that having Endpoint Detection and Response software is essential to fighting ransomware today--but not every EDR is equal. Businesses, especially small-to-medium sized ones with limited budget or IT resources, need to make sure that their EDR is cost-effective,...
Here’s a Simple Script to Detect the Stealthy Nation-State BPFDoor
In this blog, the Qualys Research Team explains the mechanics of a Linux malware variant named BPFdoor. We then demonstrate the efficacy of Qualys Custom Assessment and Remediation to detect it, and Qualys Multi-Vector EDR to protect against it. BPFDoor is a Linux/Unix backdoor that allows threat...
Australia Experiences Massive Spike in WAF Multi-Vector, DDoS Attacks
With web applications under increased attacks, Akamai has analyzed data points for web application firewall WAF multi-vector and DDoS attacks between April 2021 and March 2022 to determine the severity of the situation in Australia...
EDR Is Dead. Long Live Multi-Vector EDR.
News of EDR’s demise has been greatly exaggerated. Fact is: older approaches to EDR have to move over. There’s a new solution now: Multi-Vector EDR. This blog reviews the highlights of our latest release of this critically important app on the Qualys Cloud Platform. Although it now seems like a...
Qualys Multi-Vector EDR Excels in 2022 MITRE ATT&CK Evaluation
MITRE evaluated Qualys Multi-Vector EDR against competing alternatives, and the results are in. This blog reviews the basics of MITRE ATT&CK evaluation, how our EDR solution performed, and how to interpret the ratings. MITRE Engenuity has released the results of round 4 of its ATT&CK Evaluations...
Rising Demand for DDoS Protection Software Market By 2020-2028
Distributed Denial of Service DDoS attack is a malicious form of attack that disrupts the regular network traffic by overwhelming the website with more traffic than the server can handle. The main aim of this kind of cyberattack is to render the website inoperable. Over recent years, these kinds ...
PART I: Retrospective 2020: DDoS Was Back -- Bigger and Badder Than Ever Before
Never before has the risk of a distributed denial-of-service DDoS attack been higher. In 2020, we saw record-breaking attacks, a DDoS extortion campaign impacting thousands of organizations globally, more emergency customer turnups, and more Akamai customers attacked than any year on record -- an...