Cybersecurity Report
Web Server Vulnerabilities Caused by Software Package
Open-source web servers, especially Apache HTTP servers, have seen a tremendous increase in the number of vulnerabilities that hackers have consistently exploited since 2017. Hackers exploit various vulnerabilities to attack [...]
CVE-2022-40684: Fortinet Authentication Vulnerability That Threatens Fortinet Users
On October 7, 2022, less than a month after the ProxyNotShell attack that used Microsoft Exchange Server zero-day vulnerability, a Fortinet authentication bypass vulnerability, CVE-2022-40684, was discovered. This vulnerability is [...]
Government Servers Hacked by the Unseen Cryptojackers
Recently, it was discovered that a South Korean government server was infected by malware in 2017 and used for cryptomining. However, the problem comes from the fact that this malware [...]
LockBit 3.0 Ransomware Case Study: A Huge Cybersecurity Risk
In this article, we will analyze LockBit 3.0 ransomware attack cases to show you how attacks similar to these cases can be prevented. What is LockBit 3.0 Ransomware? LockBit 3.0 [...]
Cloud Attack Surfaces: Detect Neglected AWS Assets
Plenty of vulnerable default welcome pages can be found on a cloud attack surface. Software engineers who understand AWS cloud characteristics or users who have encountered AWS' default welcome pages can [...]
Default welcome page exposure: A Significant Security Risk
Default welcome page exposure refers to default settings pages left neglected on the attack surface while the system is active. They are most commonly encountered at the beginning stages of installing [...]