Welcome to our

Cyber Security News Aggregator

.

Cyber Tzar

provide a

cyber security risk management

platform; including automated penetration tests and risk assesments culminating in a "cyber risk score" out of 1,000, just like a credit score.

Hunting for PHPUnit Installed via Composer, (Tue, Nov 30th)

published on 2021-11-30 14:04:18 UTC by
Content:
One rather persistent pattern in our honeypot logs is attacks against older PHPUnit flaws. These attacks appear to exploit %%cve:2017-9841%%, a simple remote code execution vulnerability [1]. Back in 2019, Imperva called it "one of the most exploitable CVEs of 2019", and even now, attacks keep coming in [2]. After tuning one of our honeypots to be more sensitive to these attacks, we saw one to two thousand attacks against the honeypot a day (the honeypot covers multiple IP addresses).
Article: Hunting for PHPUnit Installed via Composer, (Tue, Nov 30th) - published almost 3 years ago.

https://isc.sans.edu/diary/rss/28084   
Published: 2021 11 30 14:04:18
Received: 2021 11 30 14:20:27
Feed: SANS Internet Storm Center, InfoCON: green
Source: SANS Internet Storm Center, InfoCON: green
Category: Alerts
Topic: Vulnerabilities
Views: 3

Custom HTML Block

Click to Open Code Editor