Category: Threat Intelligence
Addressing the HTTP/2 Rapid Reset Attack Vulnerability
A recent disclosure pinpointed a vulnerability in the HTTP/2 protocol (CVE-2023-44487), which under...
VIEW MOREDetailed Look at a Real-World Credential Stuffing Event
Credential stuffing attack events are becoming increasingly common against organizations of every...
VIEW MOREThe Evolving MyloBot Botnet
What Is MyloBot? MyloBot is a sophisticated botnet that controls thousands of systems in...
VIEW MOREAnnouncing ThreatX Labs
I’m happy to announce that ThreatX will be conducting more threat research with the formation of...
VIEW MOREOpenSSL Vulnerability
On October 26, the OpenSSL Project announced the discovery of a critical vulnerability, and that a...
VIEW MOREHTTP Request Smuggling Vulnerability in Node.js
Last week, researchers discovered an HTTP request smuggling vulnerability in Node.js. This...
VIEW MOREAddressing the Atlassian Confluence Vulnerability
On June 2, Atlassian issued a security advisory regarding a newly discovered remote code execution...
VIEW MOREThreatX SOC Vulnerability Alert: CVE-2022-21449 “Psychic Signatures”
Earlier this week, the ThreatX SOC deployed a rule to protect our client base from a newly...
VIEW MORESpring4Shell: Day 1 Update and Insights
As we reported yesterday, ThreatX deployed to production a ruleset to protect against Spring4Shell...
VIEW MOREThreatX Response to Spring4Shell
On March 29, 2022, Spring disclosed a zero-day vulnerability – Spring4Shell. A widely used Java...
VIEW MOREHow We Were Able to Help Our Customers With the Log4j 0Day
Many security teams are still working overtime to patch and protect against any log4j-related...
VIEW MOREAccount Takeover (ATO): Types, Detection, Prevention and Protection
In the previous installment of our blog series on the modern threat landscape, we looked at how...
VIEW MORE