Malware authors have released modified versions of the Mirai and Gafgyt IoT malware that are capable of targeting vulnerabilities affecting SonicWall's GMS and Apache Struts.
The best way to remediate zero-day threats is to focus on proactively assessing and patching the vulnerabilities that facilitate them.
Security teams needs advanced visibility into all endpoints across the organization to prevent endpoint attacks such as the recent Apache Struts exploit.
Even with a patch available for the new Struts vulnerability, threat actors developed new exploits within hours and coordinated security breach attacks.
A security researcher discovered how to create malicious Apache modules, giving cyberattackers a new way to tap into and control web servers.
The disclosure of an Apache Struts 2 vulnerability made the framework a lucrative target and highlighted the importance of patch management.
Here's what you need to know about Web server DDoS attacks, how to defend against them and what tools are available to help in your efforts.
Analysis of Recent Struts Vulnerabilities in Parameters and Cookie Interceptors, Their Impact and Exploitation
An analysis of the recent Struts vulnerabilities in parameters and Cookie Interceptors, their impact and one possible way to exploit them.