Lucene search
K

9 matches found

Rapid7 Blog
Rapid7 Blog
added 2026/03/11 5:31 p.m.12 views

Rapid7 Detection Coverage for Iran-Linked Cyber Activity

The tension arising out of the conflict in Iran is beginning to show signs of expanding beyond a strictly regional crisis. Following our recent published advisories, this communication is intended to outline and summarize the detection and enrichment coverage available to Rapid7 customers, broadl...

10CVSS7.4AI score0.97859EPSS
Exploits59
hivepro
hivepro
added 2025/11/26 2:15 p.m.2 views

What Does BAS Stand For? A Complete Guide

Running generic security tests is like studying for the wrong exam. You might be prepared for something, but not for the threats you’re most likely to face. To build a truly resilient defense, you need to test your controls against the specific tactics, techniques, and procedures that adversaries...

6.7AI score
Exploits0
The Hacker News
The Hacker News
added 2024/11/06 1:59 p.m.15 views

Winos 4.0 Malware Infects Gamers Through Malicious Game Optimization Apps

Cybersecurity researchers are warning that a command-and-control C&C framework called Winos is being distributed within gaming-related applications like installation tools, speed boosters, and optimization utilities. "Winos 4.0 is an advanced malicious framework that offers comprehensive...

7.6AI score
Exploits0
Prion
Prion
added 2024/02/14 5:15 p.m.18 views

Design/Logic Flaw

When a BIG-IP Advanced WAF or BIG-IP ASM policy with a Request Body Handling option is attached to a virtual server, undisclosed requests can cause the BD process to terminate. The condition results from setting the Request Body Handling option in the Header-Based Content Profile for an Allowed U...

5CVSS7.1AI score0.00515EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/02/14 12:0 a.m.4 views

PT-2024-19799 · F5 · Big-Ip

Name of the Vulnerable Software and Affected Versions: BIG-IP affected versions not specified Description: When a BIG-IP Advanced WAF or BIG-IP ASM policy with a Request Body Handling option is attached to a virtual server, undisclosed requests can cause the BD process to terminate. The condition...

7.5CVSS6.5AI score0.00515EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2024/02/14 12:0 a.m.18 views

F5 Networks BIG-IP : BIG-IP Advanced WAF and BIG-IP ASM vulnerability (K000137416)

The version of F5 Networks BIG-IP installed on the remote host is prior to 17.1.1. It is, therefore, affected by a vulnerability as referenced in the K000137416 advisory. - When a BIG-IP Advanced WAF or BIG-IP ASM policy with a Request Body Handling option is attached to a virtual server,...

7.5CVSS7.4AI score0.00515EPSS
Exploits0References2
The Hacker News
The Hacker News
added 2023/03/01 2:2 p.m.41 views

Cybercriminals Targeting Law Firms with GootLoader and FakeUpdates Malware

Six different law firms were targeted in January and February 2023 as part of two disparate threat campaigns distributing GootLoader and FakeUpdates aka SocGholish malware strains. GootLoader, active since late 2020, is a first-stage downloader that's capable of delivering a wide range of seconda...

0.5AI score
Exploits0
Securelist
Securelist
added 2021/06/22 9:30 a.m.161 views

Behind the scenes with the head of Kaspersky’s GReAT

Costin Raiu has been with Kaspersky since 2000, initially as the Chief Security Expert overseeing research efforts in the EEMEA region. In 2010, he became Director of our Global Research and Analysis Team GReAT. During his tenure at Kaspersky, he has spearheaded the companys research on some of t...

7.4AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2021/04/21 8:10 p.m.886 views

Active Exploitation of Pulse Connect Secure Zero-Day (CVE-2021-22893)

On Tuesday, April 20, 2021, security firm FireEye published detailed analysis of multiple threat campaigns targeting Ivanti’s Pulse Connect Secure VPN. According to FireEye’s analysis, threat actors have been leveraging multiple techniques to bypass single- and multi-factor authentication on Puls...

7.5CVSS0.7AI score0.99999EPSS
Exploits43
Rows per page
Query Builder