Geek-Guy.com

Tag: Imperva Research Labs

How We’re Protecting Customers & Staying Ahead of CVE-2021-44228

CVE-2021-44228 is a high profile vulnerability impacting multiple versions of a widely distributed Java software component, Apache Log4j 2. The specific vulnerability allows for unauthenticated remote code execution. For additional technical information, the team at LunaSec has an excellent technical writeup on their blog. In terms of magnitude, this will without any doubt, have a […]

The post How We’re Protecting Customers & Staying Ahead of CVE-2021-44228 appeared first on Blog.

Attackers exploit CVE-2021-26084 for XMRig crypto mining on affected Confluence servers

Vulnerability Overview On August 25, 2021 a security advisory was released for a vulnerability identified in Confluence Server titled “CVE-2021-26084: Atlassian Confluence OGNL Injection”. The vulnerability allows an unauthenticated attacker to perform remote command execution by taking advantage of an insecure handling of OGNL (Object-Graph Navigation Language) on affected Confluence servers. Soon after the publication, […]

The post Attackers exploit CVE-2021-26084 for XMRig crypto mining on affected Confluence servers appeared first on Blog.

How to Exploit SQL Server Using Registry Keys

At the Imperva Research Labs we have the chance to scrutinize various security situations. In this blog, we will take a closer look at database security on SQL Server. One routine approach that security practitioners employ to protect databases is deploying honeypots and waiting for bad actors to take the bait. This approach is very […]

The post How to Exploit SQL Server Using Registry Keys appeared first on Blog.