The “Hello, Peppa!” botnet and the /ept/out.php vulnerability were newly discovered attacks by our Attack Vector Miner. But now, it has recognized the reactivation of a forgotten IoT botnet. This botnet exploits the D-Link router DSL-2750B remote command execution. What does the attack look like? The discovered pattern is the /login.cgi?cli= as you can see below: In the case of the D-Link router DSL-2750B firmware 1.01 to 1.03, there’s an option for remote command […]
In a previous article, we’ve discussed the BitNinja safe minimum ruleset for the BitNinja WAF, that consists of 15 rules from the OWASP Core Ruleset, along with 6 rules from the BitNinja rules category. These rules can be safely enabled on the root location pattern on your server. In the BitNinja Ruleset, there are 5 […]
After the “Hello, Peppa!” zero-day botnet, our Attack Vector Miner detected another zero-day vulnerability. Some vulnerable websites contain an /ept/out.php file, which can work as an open proxy. That’s why the attacker scans the /ept/out.php file. Let’s see an example: The number of these attacks started to increase on July 11th, and as we can see in the diagram below, the botnet’s activity is slowing down […]
Our Attack Vector Miner (based on AI) is a very effective tool to identify 0. day attacks. Here comes the first catch! Discovery of a New Botnet At the beginning of July, our Attack Vector Miner created a new cluster, filled with logs about a new type of botnet. We perceived the first incident on […]
In the preceding articles, I’ve talked a lot about the BitNinja safe minimum ruleset template and how you should enable it on your “/” location (or on “*/wp-admin/*” if needed) if you’re hosting mainly WordPress websites. So I’d like to give you a little more explanation about the rules that are part of the safe […]
Content Management Systems (CMS) are highly vulnerable to zero-day attacks recently. Lately, the Drupal was picked on by the hackers. Now the ModX CMS is in the target. CVE-2018-1000207: The new MODX vulnerability Two critical vulnerabilities have been found in MODX Revolution <= 2.6.4 in the past few days. Exploiting it, the hackers can remote […]
We are checking in with an unusual article. We would like to share an upcoming story about a great Journey, which will start on 28th of July. Why is it worth mentioning? Well, one member of this great Adventure is one of our Ninjas, and we’re really proud of him. They will travel around Northern […]
Artificial Intelligence (AI) is spreading quickly in many industries, and we can gladly announce the Attack Vector Miner, one of our latest developments based on AI. But before we tell you more about that, let’s get a bit more familiar with AI. If you’re an AI expert, know everything about it, and are only curious […]
Last time we finished off with the advice that if you’re hosting mainly WordPress websites, you should only enable the BitNinja Safe Minimum ruleset for the “/” location or any other domain pattern that contains “/wp-admin”. So let’s talk a bit more about domain patterns With the BitNinja WAF, we’d like to give you the […]
