HackDig : Dig high-quality web security articles for hacker

Don’t Just Put Out the Zero-Day Fire — Get Rid of the Fuel

How often have you heard a co-worker say that he or she had to put out a fire? Depending on your job role, you may have anywhere from one to more than a dozen so-called fires weekly. A zero-day vulnerability is an example of a work-related fire that a security operations analyst might have to extinguish. Enterprises should be prepared to handle zero-day fir
Publish At:2017-10-22 05:00 | Read:2293 | Comments:0 | Tags:Advanced Threats Endpoint Risk Management Software & App Vul

CVE-2017-12617 Code Execution flaw patched in Apache Tomcat

Several security vulnerabilities have been patched in recent weeks in Apache Tomcat, including the CVE-2017-12617 Code Execution vulnerability. Several security vulnerabilities have been patched in recent weeks in Apache Tomcat. The list of fixed flaws recently addressed also included code execution vulnerabilities. Apache Tomcat is the most widely used web
Publish At:2017-10-05 17:05 | Read:1448 | Comments:0 | Tags:Breaking News Hacking Apache RCE Tomcat

Worried About Apache Struts? Stay One Step Ahead of Endpoint Attacks

Endpoint attacks can come from any direction and many sources. Just consider the reported vulnerabilities found in Apache Struts and the damage caused by WannaCry and Petya. Companies need to stay one step ahead of endpoint attacks, but they struggle due to a lack of visibility of endpoint status, the complexity of investigations and ineffective remediation.
Publish At:2017-09-25 15:30 | Read:2463 | Comments:0 | Tags:Endpoint Incident Response Apache Endpoint Management Endpoi

OptionsBleed – The Apache HTTP Server Now Bleeds

A new vulnerability in the Apache HTTP server was found recently. Designated as CVE-2017-9798, this vulnerability lies in how Apache handles certain settings in its configuration files, resulting in memory leaks. This vulnerability is named OptionsBleed, based on its similarities with the Heartbleed vulnerability. Patches to Apache are now available. What is
Publish At:2017-09-22 21:10 | Read:2610 | Comments:0 | Tags:Vulnerabilities apache OptionsBleed

The Apache Struts 2 Vulnerability and the Importance of Patch Management

Apache Struts is a free, open source framework for creating Java web applications. It’s widely used to build corporate websites in sectors including education, government, financial services, retail and media. In early March 2017, Apache released a patch for the Struts 2 framework. The patch fixes an easy-to-exploit vulnerability that allows attacker
Publish At:2017-04-25 12:20 | Read:1630 | Comments:0 | Tags:Application Security Endpoint Apache Incident Response (IR)

Defending Against Apache Web Server DDoS Attacks

What Is a DDoS Attack? A distributed denial-of-service (DDoS) attack is a coordinated strike, distributed among different computers, that aims to prevent the authorized use of one or more systems. These Web server DDoS attacks have become a weapon of choice for malicious actors to conduct cyberattacks. They are used by different types of attackers, from expe
Publish At:2015-12-09 23:55 | Read:2858 | Comments:0 | Tags:Application Security Network & Endpoint Apache Distributed D

New encryption ransomware targets Linux systems

The antivirus software company Doctor Web has issued an alert about a new form of crypto-ransomware that targets users of Linux-based operating systems. Designated as "Linux.Encoder.1" by the company, the malware largely targets Web servers, encrypting their contents and demanding a ransom of one Bitcoin (currently about $500).Many of the systems that have b
Publish At:2015-11-09 18:35 | Read:2283 | Comments:0 | Tags:Risk Assessment Technology Lab Apache crypto ransomware Linu

Mozilla’s Bugzilla Hacked | Stolen Data Used For Targeting Firefox users

Mozilla yesterday detailed a security attack on its bug tracker and testing tool Bugzilla, as well as the steps it is taking to mitigate a repeat incident. In short, a hacker compromised the service, stole security-sensitive information, and used it to attack Firefox users. Bugzilla is open-source software that has been adopted by a variety of organization
Publish At:2015-09-08 05:15 | Read:1696 | Comments:0 | Tags:Application Security Cyber Security Security Updates Apache

Trend Micro Discovers Apache Cordova Vulnerability that Allows One-Click Modification of Android Apps

We’ve discovered a vulnerability in the Apache Cordova app framework that allows attackers to modify the behavior of apps just by clicking a URL. The extent of the modifications can range from causing nuisance for app users to crashing the apps completely. Designated as CVE-2015-1835, this high-severity vulnerability affects all versions of Apache Cordova up
Publish At:2015-06-09 19:25 | Read:1861 | Comments:0 | Tags:Mobile Vulnerabilities android apache cordova Google vunerab

Darkleech Update – November 2014

Just wanted to document some latest changes in Darkleech behavior that may help you detect it. I’d like to thank internet security enthusiasts who share their findings with me. Without you, I could have easily missed these new (?) details. Quick recap Darkleech is a root level server infection that installs malicious Apache modules. The modules inject
Publish At:2014-11-27 18:15 | Read:2132 | Comments:0 | Tags:Short Attack Reviews Website exploits Apache Darkleech Emula

Apache Warns of Tomcat Remote Code Execution Vulnerability

Some older versions of the open source Apache Tomcat web server and servlet container, are vulnerable to remote code execution.In what Mark Thomas, a longtime Apache Tomcat committer, calls “limited circumstances,” a user could upload malicious JavaServer Pages (JSP) to a server running Tomcat, and then later trigger the execution of that JSP. JSP shells can
Publish At:2014-09-11 05:00 | Read:2582 | Comments:0 | Tags:Vulnerabilities Web Security Apache Apache Tomcat remote cod

ImpressPages CMS 3.6 Multiple Vulnerabilities (XSS/SQLi/FD/RCE)

Input passed via several parameters is not properly sanitized before being returned to the user or used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code and HTML/script code in a user’s browser session in context of an affected site. Input passed to the ‘files[0][file]‘ parameter in ‘/ip_
Publish At:2014-08-13 01:56 | Read:3724 | Comments:0 | Tags:Internal advisory apache arbitrary CMS code delete deletion

Vulnerability Management: Just Turn It Off! Part II

Our last post in the “Turn It Off!” blog series discussed some of the most common and yet unnecessary features that can make your environment more vulnerable, including JBoss JMX consoles, server banners and the Apache HTExploit.These risks are often encountered by our Vulnerability and Exposure Research Team (VERT), even on well-defended network
Publish At:2014-08-10 14:07 | Read:3626 | Comments:0 | Tags:Featured Articles Vulnerability Management Apache HTTP TRACE

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud