Abstract: SQL injections are a significant and ever-present threat to web applications and database security. During these attacks, malicious SQL statements are injected into input fields of ...

description: The following analytic identifies potential phishing attempts blocked by Zscaler within a network. It leverages web proxy logs to detect actions tagged as HTML.Phish. The detection method ...

description: The following analytic identifies potential exploitation of Windows Exchange servers via ProxyShell or ProxyNotShell vulnerabilities, followed by post-exploitation activities such as ...

In late May 2023, a critical flaw in the MOVEit file-transfer platform was publicly disclosed. Within hours, the Cl0p ransomware group had a working exploit and was already stealing data from hundreds ...

The Apache Software Foundation (ASF) has released security updates to address several security vulnerabilities in the HTTP Server, including a severe vulnerability that could potentially lead to ...