8220 Gang Exploiting Oracle WebLogic Server Vulnerability to Spread Malware

By Newsroom — December 19^th 2023 at 06:58

The threat actors associated with the 8220 Gang have been observed exploiting a high-severity flaw in Oracle WebLogic Server to propagate their malware. The security shortcoming is CVE-2020-14883 (CVSS score: 7.2), a remote code execution bug that could be exploited by authenticated attackers to take over susceptible servers. "This vulnerability allows remote authenticated

The Hacker News

Researchers Detail New Attack Method to Bypass Popular Web Application Firewalls

By Ravie Lakshmanan — December 10^th 2022 at 06:18

A new attack method can be used to circumvent web application firewalls (WAFs) of various vendors and infiltrate systems, potentially enabling attackers to gain access to sensitive business and customer information. Web application firewalls are a key line of defense to help filter, monitor, and block HTTP(S) traffic to and from a web application, and safeguard against attacks such as cross-site

The Hacker News

Record DDoS Attack with 25.3 Billion Requests Abused HTTP/2 Multiplexing

By Ravie Lakshmanan — September 21^st 2022 at 06:30

Cybersecurity company Imperva has disclosed that it mitigated a distributed denial-of-service (DDoS) attack with a total of over 25.3 billion requests on June 27, 2022. The "strong attack," which targeted an unnamed Chinese telecommunications company, is said to have lasted for four hours and peaked at 3.9 million requests per second (RPS). "Attackers used HTTP/2 multiplexing, or combining

FreshRSS

8220 Gang Exploiting Oracle WebLogic Server Vulnerability to Spread Malware

Researchers Detail New Attack Method to Bypass Popular Web Application Firewalls

Record DDoS Attack with 25.3 Billion Requests Abused HTTP/2 Multiplexing