Tag

Cyberattacks

Browsing

Wallarm has rolled out the update to detect and mitigate CVE-2021-44228. No additional actions are required from the customers Attempts at exploitation will be automatically blocked in a blocking mode When working in a monitoring mode, consider creating a virtual patch Log4Shell A 0-day exploit in the Java core library log4j was discovered that results in Remote Code Execution (RCE) by simple 1-line exploit with JNDI URL. Given how ubiquitous this library is, the impact…

Cyber-attacks have become a norm these days as many as 4,000 attacks are happening every day, alone in the US. Bad actors have ample ways to target it’s the victim and the logic bomb is one of them. Logic bomb virus may seem subtle on the surface but can be profoundly damaging, if not taken care of expertly. As the logic bomb is not much debated and gets overshadowed by more notorious dangers like phishing,…

In the latest version of Wallarm Node, we integrated a new attack detection engine that will work with a combination of current detects. Libdetection is a unique open-source project (https://github.com/wallarm/libdetection), that provides a signature-free payloads detection by implementing a syntax analysis and the base theory of grammars. Libdetection uses a formal model for attack detection, which allows it to make a decision based on the type of attack. This approach allows us to implement the…

This article is written specifically for web developers who use a module. We will tell you how we got access to sensitive data on a staging server through Yii2 Gii Remote Code: First to the testing environment, and then to the production. Spoiler: We have notified the module developer about the problem and it will be fixed soon. A temporary patch is available on GitHub. Gii is a module used to automatically generate code…

In the previous article, we described the vulnerability discovered in the Yii2 Framework 2.0.35. In this piece, you’ll find out how to prevent it.  It’s a highly recommended read, especially for web developers who want to quickly check the rule settings and fix a detected vulnerability. Yii is an object-oriented component framework that implements the MVC design pattern (learn more on Wiki).  We used Yii2 Framework 2.0.35 as a demo configuration.How a seemingly…