News

Positive Technologies experts have analyzed the results of network activity monitoring at 41 companies where PT Network Attack Discovery (PT NAD) was deployed as pilot project . The experts detected suspicious network activity at most companies. Malware was identified at each industrial company and government institution.

The Server-Side Request Forgery (SSRF) vulnerability identified in IBM QRadar SIEM by Positive Technologies expert Mikhail Klyuchnikov has an average severity level (CVSS 5.4). The IBM QRadar SIEM event monitoring and correlation system is one of the world's leading SIEM systems.

Now-fixed vulnerabilities enabled local privilege escalation

The RCE vulnerability allows attackers to execute arbitrary commands on the server, compromising the vCenter Server, and gain access to sensitive data

A vulnerability in the data replication tool allowed remote command execution on the server

Threat actors combine sandbox evasion and anti-analysis methods in malware distribution

Positive Technologies’ experts have analyzed the ten most active forums on the dark web, which offer services for hacking websites, buying and selling databases, and accessing web resources . The research found that in the vast majority of cases on these forums, most individuals are looking for a hacker, and in 7 out of 10 ads, their main goal is to gain access to a web resource.

Remote code execution and interception of administrator accounts were among the threats found

F5 has fixed a vulnerability in the configuration interface of the popular BIG-IP application delivery controller. The bug, discovered by Positive Technologies expert Nikita Abramov, affected a product that is used by some of the world's leading companies, and would allow remote hackers to cause denial of service attacks to the controller.

The writers of the best essays on information security were awarded USD 1,000