vulnerability Archives

Oracle WebLogic RCE Vulnerability: CVE-2023-21839

In this article, we will cover the latest vulnerability of Oracle's WebLogic Server, which is one of the serious remote code vulnerabilities. CVE-2023-21839, which targets WebLogic Server, a Java web application server developed by Oracle, was first mentioned about three months ago as a vulnerability that could be exploited by RCE (Remote Code Execution). As [...]

By Criminal IP|2023-06-19T09:12:08+09:00June 14th, 2023|Tags: Oracle, RCE, vulnerability, WebLogic|0 Comments

DDoS Attack Case Study: 20 Hours of Unprovoked Aggression

Recently, there was a GET Flooding Attack-type DDoS attack case on a web services company for about 20 hours. Various attack traffic was detected on the login page, which caused a serious load on the server and ultimately paralyzed the entire login function. The CIP Team was provided with data from the attack with the cooperation [...]

By Criminal IP|2023-03-30T19:08:42+09:00July 27th, 2022|Tags: brute force, case study, DDoS attack, DDoS attack case, Get Flooding Attack, Hosting, IP addres, IP Intelligence, Log4j, Proxy, SMB Worm, Tor, VPN, vulnerability|1 Comment

Collaboration Tool Vulnerability: Protecting Your Business from Data Leaks

With their easy work management systems, online collaboration tools such as Trello, Jira, Notion, and Monday are used by many companies to run efficient team tasks in the process of work digitization. However, such online collaboration tools have downsides as major tasks and information are shared where anybody can access them, which could lead to [...]

By Criminal IP|2023-04-07T10:27:10+09:00July 1st, 2022|Tags: collaboration tool, collaboration tool vulnerability, data leakage, html_meta_description filter, keyword, login-authentication, Search Tip, vulnerability|1 Comment