Apache SSRF bug Exploited
Threat actors are exploiting a recently addressed server-side request forgery (SSRF) vulnerability, tracked as CVE-2021-40438, in Apache HTTP servers. This flaw can be exploited against httpd web servers that have…
ALPACA 🦙 Attack
The NSA has issued a technical advisory this week warning organizations against the use of wildcard TLS certificates and the new ALPACA TLS attack. Their are infinite ways an attacks…
WebServers in to APT Radar
A sophisticated,threat actor has been compromising major public and private organisations over the past year by exploiting deserialisation flaws in public-facing ASP.NET applications to deploy file-less malware. Dubbed Praying Mantis,…