The Skybox View

27 07, 2018

Oracle WebLogic Vulnerability Used for Cryptomining and Other Attacks

By |2018-07-30T09:23:30-07:00July 27th, 2018|Threat Intelligence|

A critical Oracle WebLogic vulnerability (CVE-2018-2893) is being utilized by attackers three days after the publication of a proof of concept. Since the sample exploit code was released, there has been a rise in its exploitation attempts. The vulnerability has received a "critical" severity level and a score of 9.8 out of 10 on the [...]

26 07, 2018

Cryptominers Surpass Ransomware as Most Widespread Cybercrime Malware

By |2018-07-26T14:31:09-07:00July 26th, 2018|Vulnerability & Threat Management|

Cryptominers have surpassed ransomware as the cybercriminal’s tool-of-choice in the first half of 2018. That’s according to the mid-year update to the Vulnerability and Threat Trends Report. The report is compiled by the Skybox Research Lab and includes security analyst research of the vulnerabilities, exploits and threats that are shaping the threat landscape. It explores trends observed [...]

3 07, 2018

Cisco ASA Vulnerabilities See POC and Active Exploits

By |2018-07-03T13:44:31-07:00July 3rd, 2018|Uncategorized, Vulnerability & Threat Management|

A vulnerability recently surfaced in Cisco ASA, affecting Cisco Firepower and other Cisco devices. Exploiting the vulnerability (CVE-2018-0296) could cause an affected device to reload unexpectedly, allowing remote denial-of-service or information disclosure due to a path transversal issue. The vulnerability exists at the web interface and applies to IPv4 and IPv6 traffic. It does not [...]

11 06, 2018

Thousands of Open Source Projects at Risk Due to Zip Slip Vulnerability

By |2018-06-18T15:37:25-07:00June 11th, 2018|Vulnerability & Threat Management|

An archive extraction vulnerability known as Zip Slip is putting thousands of open source projects across many ecosystems at risk. These projects are within recognizable companies including Amazon, HP, Apache and many others. The June 5, 2018 disclosure was published shortly after the Zip Slip vulnerability was discovered by the Synk Security team sometime during the [...]

28 05, 2018

VPNFilter Malware: What we know so far on the router threat

By |2019-03-08T12:58:10-07:00May 28th, 2018|Threat Intelligence|

Recently, a malware known as “VPNFilter” was discovered infecting various types of routers. VPNFilter is a modular, multi-stage malware that works mainly on home or small office routers. Since 2016, when the malware was initially introduced, it has compromised more than 500,000 home and small office routers and NAS boxes. Infection of such a large [...]

23 05, 2018

Speculative Store Buffer Bypass, Rogue System Register Read

By |2018-05-23T17:16:43-07:00May 23rd, 2018|Vulnerability & Threat Management|

Bug bounties pay off, uncovering two more side-channel flaws in the wake of Meltdown and Spectre — Rogue System Register Read and Speculative Store Buffer Bypass. Timeline As soon as Google Project Zero publicized Meltdown and Spectre, researchers started hunting down related flaws. For any hackers not motivated enough by the impact of identifying such a widespread [...]