10 matches found
CVE-2023-50969
Thales Imperva SecureSphere WAF 14.7.0.40 allows remote attackers to bypass WAF rules via a crafted POST request, a different vulnerability than CVE-2021-45468...
NetScaler AppFirewall: Configuration, CEF logging, Signatures
Introduction This article provides a list of resources on how to Configure, investigate, troubleshoot, and prevent the most common issues with NetScaler AppFirewall. Overview of the Issue NetScaler web application firewall WAF provides comprehensive protection for web applications from various...
[SECURITY] Fedora 36 Update: golang-github-cloudflare-0.21.0-4.fc36
A Go library for interacting with Cloudflare's API v4. This library allows you to: - Manage and automate changes to your DNS records within Cloudflare - Manage and automate changes to your zones domains on Cloudflare, includi ng adding new zones to your account - List and modify the status of WAF...
[SECURITY] Fedora 36 Update: golang-github-cloudflare-0.21.0-3.fc36
A Go library for interacting with Cloudflare's API v4. This library allows you to: - Manage and automate changes to your DNS records within Cloudflare - Manage and automate changes to your zones domains on Cloudflare, includi ng adding new zones to your account - List and modify the status of WAF...
CVE-2021-44228 - Patching is Recommended for Evolving Zero Day Vulnerability in Apache Log4j that allows remote code execution (RCE)
Akamai has been monitoring the rapidly evolving developments of CVE-2021-44228. We have been working closely with our customers and internal application teams to mitigate the risks posed by the threat of unauthorized remote code execution. This includes deploying an update to our existing Apache...
CVE-2021-44228 - Patching is Recommended for Evolving Zero Day Vulnerability in Apache Log4j that allows remote code execution (RCE)
Akamai has been monitoring the rapidly evolving developments of CVE-2021-44228. We have been working closely with our customers and internal application teams to mitigate the risks posed by the threat of unauthorized remote code execution. This includes deploying an update to our existing Apache...
U.S. Dept Of Defense: XSS because of Akamai ARL misconfiguration on ████
Hello team, I hope you're doing well & healthy. I found a reflected XSS because of the misconfiguration of Akamai ARL. ███████ References - https://github.com/war-and-code/akamai-arl-hack - https://twitter.com/SpiderSec/status/1421176297548435459 - https://warandcode.com/post/akamai-arl-hack/ -...
October Release: Q&A with Ari Weil
Shortly after Akamai announced the October 2019 Release with new features and capabilities across its security, performance and media product lines, Akamai's VP of Product Marketing, Ari Weil, took over Akamai's Twitter account for a live October Release Q&A. For those that missed the live event,...
The Myth of the self tuning / machine learning Web Application Firewall
There's an old adage that if something seems too good to be true, it probably is. If you're like me, you can apply this to your own experiences. For example, about 5 years ago a small chain of gyms that exclusively used vibrating exercise machines popped up near my home. Their gym goers would sta...
Update: Vulnerability found in Apache Struts
Akamai has created two new WAF rules in response to new information about the Apache Struts2 vulnerability. The first rule, the most recent version of KRS Rule 3000014, is a standard part of the Kona Ruleset and protects against the many common attacks leveraging this vulnerability. This rule is...