9 matches found
Rapid7 Detection Coverage for Iran-Linked Cyber Activity
The tension arising out of the conflict in Iran is beginning to show signs of expanding beyond a strictly regional crisis. Following our recent published advisories, this communication is intended to outline and summarize the detection and enrichment coverage available to Rapid7 customers, broadl...
What Does BAS Stand For? A Complete Guide
Running generic security tests is like studying for the wrong exam. You might be prepared for something, but not for the threats you’re most likely to face. To build a truly resilient defense, you need to test your controls against the specific tactics, techniques, and procedures that adversaries...
Winos 4.0 Malware Infects Gamers Through Malicious Game Optimization Apps
Cybersecurity researchers are warning that a command-and-control C&C framework called Winos is being distributed within gaming-related applications like installation tools, speed boosters, and optimization utilities. "Winos 4.0 is an advanced malicious framework that offers comprehensive...
Design/Logic Flaw
When a BIG-IP Advanced WAF or BIG-IP ASM policy with a Request Body Handling option is attached to a virtual server, undisclosed requests can cause the BD process to terminate. The condition results from setting the Request Body Handling option in the Header-Based Content Profile for an Allowed U...
PT-2024-19799 · F5 · Big-Ip
Name of the Vulnerable Software and Affected Versions: BIG-IP affected versions not specified Description: When a BIG-IP Advanced WAF or BIG-IP ASM policy with a Request Body Handling option is attached to a virtual server, undisclosed requests can cause the BD process to terminate. The condition...
F5 Networks BIG-IP : BIG-IP Advanced WAF and BIG-IP ASM vulnerability (K000137416)
The version of F5 Networks BIG-IP installed on the remote host is prior to 17.1.1. It is, therefore, affected by a vulnerability as referenced in the K000137416 advisory. - When a BIG-IP Advanced WAF or BIG-IP ASM policy with a Request Body Handling option is attached to a virtual server,...
Cybercriminals Targeting Law Firms with GootLoader and FakeUpdates Malware
Six different law firms were targeted in January and February 2023 as part of two disparate threat campaigns distributing GootLoader and FakeUpdates aka SocGholish malware strains. GootLoader, active since late 2020, is a first-stage downloader that's capable of delivering a wide range of seconda...
Behind the scenes with the head of Kaspersky’s GReAT
Costin Raiu has been with Kaspersky since 2000, initially as the Chief Security Expert overseeing research efforts in the EEMEA region. In 2010, he became Director of our Global Research and Analysis Team GReAT. During his tenure at Kaspersky, he has spearheaded the companys research on some of t...
Active Exploitation of Pulse Connect Secure Zero-Day (CVE-2021-22893)
On Tuesday, April 20, 2021, security firm FireEye published detailed analysis of multiple threat campaigns targeting Ivanti’s Pulse Connect Secure VPN. According to FireEye’s analysis, threat actors have been leveraging multiple techniques to bypass single- and multi-factor authentication on Puls...