Weblogic RCE in one request CVE-2020-14882

Bug hunting for a quick buck using WebLogic vulnerability (CVE-2020–14882)

| | Research labs
Introduction Popular within the commercial sphere, Oracle WebLogic Server is a scalable enterprise Java platform application server for Java-based web applications. When a vulnerability is discovered in WebLogic, hackers will try to exploit it ASAP. And it’s not only hackers – bug hunters also want to make a quick buck ... Read More
Figure 1

Never Leave Your Cloud Database Publicly Accessible

| | Data Security
Introduction In cybersecurity, we often hear about best practices, one of the most important of which is never to open services that should be for internal use to public access. These are best practices for a good reason – when you don’t follow them, you might be hacked! Research we ... Read More
Source code that is vulnerable to RFI

Remote File Inclusion (RFI) – Detecting the Undetectable

Intro Remote File Inclusion [RFI] is an attack exploiting the functionality in web applications which allows the inclusion of external source code without validating its content or origin. An RFI payload is a link that points to a malicious file that an application will include in its code (example: url=[h]ttp://rfi.nessus.org/rfi.txt) ... Read More
Layer 7 attack

Imperva Blocks Our Largest DDoS L7/Brute Force Attack Ever (Peaking at 292,000 RPS)

Imagine you’re a developer building a new web application. You’ve followed all of the security best practices, hired a reputable penetration testing company before launch, and gone through extensive bug fixing to remove any vulnerabilities. However, would you be confident that your application could survive the largest and longest DDoS ... Read More
The Ping is the Thing: Popular HTML5 Feature Used to Trick Chinese Mobile Users into Joining Latest DDoS Attack

The Ping is the Thing: Popular HTML5 Feature Used to Trick Chinese Mobile Users into Joining Latest DDoS Attack

DDoS attacks have always been a major threat to network infrastructure and web applications. Attackers are always creating new ways to exploit legitimate services for malicious purposes, forcing us to constantly research DDoS attacks in our CDN to build advanced mitigations. We recently investigated a DDoS attack which was generated ... Read More
Hundreds of Vulnerable Docker Hosts Exploited by Cryptocurrency Miners

Hundreds of Vulnerable Docker Hosts Exploited by Cryptocurrency Miners

Docker is a technology that allows you to perform operating system level virtualization. An incredible number of companies and production hosts are running Docker to develop, deploy and run applications inside containers. You can interact with Docker via the terminal and also via remote API. The Docker remote API is ... Read More