admin

admin

  • Joined: September 10, 2024
  • Articles: 8823

F5 BIG-IP Exposed to Kerberos KDC Spoofing Vulnerability

On April 28, 2021, cybersecurity researchers revealed a significant bypass vulnerability (CVE-2021-23008) affecting the Kerberos Key Distribution Center (KDC) security feature in F5 BIG-IP application delivery services. According to Silverfort researchers Yaron Kassner and Rotem Zach, the KDC Spoofing vulnerability enables attackers to circumvent Kerberos authentication to the Big-IP Access Policy Manager (APM), allowing unauthorized access to sensitive resources and, in some instances, the Big-IP admin console. Following this disclosure, F5 Networks issued patches to rectify the vulnerability (CVE-2021-23008, CVSS score 8.1), which are available in BIG-IP APM versions 12.1.6, 13.1.4, 14.1.4, and 15.1.3. A similar patch for version 16.x is anticipated in the future. Customers using version 16.x are advised to consult the security advisory for exposure assessment and mitigation details.

F5 BIG-IP Vulnerability Exposed to Kerberos KDC Spoofing Threat April 28, 2021 Cybersecurity experts have uncovered a significant vulnerability in F5’s BIG-IP application delivery services that affects its Kerberos Key Distribution Center (KDC) security feature. Identified as CVE-2021-23008, this bypass…

New Cyber Attack Targets Regions Bank and SunTrust

October 11, 2012

As predicted by the Izz ad-Din al-Qassam Cyber Fighters, another distributed denial-of-service (DDoS) attack has struck the websites of Regions Financial Corp (regions.com) and SunTrust. These cyber assaults inundate the banks’ sites with excessive traffic, resulting in slow service or complete unavailability. In a Pastebin post dated October 8, the hacktivist group announced plans for several attacks: on Capital One on October 9, SunTrust on October 10, and Regions Financial Corp on October 11—and they successfully executed their threats. A spokesperson for SunTrust, Michael McCoy, confirmed that the bank’s site experienced heightened traffic, leading to intermittent availability for some online functions. Just days prior, Regions representatives had informed Fox Business that they were aware of the threats and were “taking every measure.”

Cyber Attack Targets Regions Bank and SunTrust On October 11, 2012, Regions Financial Corp and SunTrust fell victim to a significant distributed denial-of-service (DDoS) attack. This breach was executed by the hacktivist group Izz ad-Din al-Qassam Cyber Fighters, who had…

Remote Code Execution Risks Discovered in Commvault: Pre-Auth Exploit Chains Identified

August 21, 2025
Category: Vulnerability / Software Security

Commvault has issued updates to address four critical security vulnerabilities that could enable remote code execution on affected instances. The identified vulnerabilities arise in Commvault versions prior to 11.36.60, detailed as follows:

  • CVE-2025-57788 (CVSS score: 6.9): This vulnerability in a known login mechanism permits unauthenticated attackers to execute API calls without needing user credentials.

  • CVE-2025-57789 (CVSS score: 5.3): A flaw during the setup process allows remote attackers to exploit default credentials for administrative access before the first admin login.

  • CVE-2025-57790 (CVSS score: 8.7): A path traversal vulnerability enables remote attackers to gain unauthorized file system access, leading to potential remote code execution.

  • CVE-2025-57791 (CVSS score: 6.9): A vulnerability that allows attackers to inject or manipulate command-line arguments passed to internal components, resulting in further exploitation.

Commvault Issues Critical Security Updates to Mitigate Remote Code Execution Vulnerabilities On August 21, 2025, Commvault announced significant updates aimed at addressing four critical security vulnerabilities that could potentially be exploited to execute remote code on vulnerable instances of its…

Apple Issues Critical Security Updates for Zero-Day Vulnerabilities Amid Active Exploits

On May 4, 2021, Apple launched urgent security updates for iOS, macOS, and watchOS to tackle three zero-day vulnerabilities and to enhance protections for a fourth flaw that may have been actively exploited. These vulnerabilities, primarily affecting WebKit—the engine behind Safari and other browsers on iOS—could allow attackers to execute arbitrary code on targeted devices. Here’s a summary of the three security issues:

  • CVE-2021-30663: An integer overflow vulnerability exploitable via crafted web content, potentially leading to code execution. This was mitigated through improved input validation.

  • CVE-2021-30665: A memory corruption issue that could be leveraged to create malicious web content, resulting in code execution. This was remedied with enhanced state management.

  • CVE-2021-30666: A buffer overflow vulnerability that might be exploited to generate malicious web content, leading to…

Apple Issues Critical Security Patches for Zero-Day Vulnerabilities Amid Active Exploits On May 3, 2021, Apple announced the release of a suite of security updates for its operating systems, including iOS, macOS, and watchOS, aimed at addressing several pressing vulnerabilities.…

miniFlame: Newly Uncovered Cyber Espionage Malware

October 15, 2012

Kaspersky has revealed a new cyber espionage malware called “miniFlame,” which is directly associated with the infamous Flame malware. This latest sophisticated tool, linked to previous espionage software known as Flame and Gauss, functions as a “high-precision surgical attack” mechanism aimed at targets in Lebanon, Iran, and other regions.

Identified by Kaspersky Lab experts in July 2012, miniFlame, also referred to as SPE, was initially recognized as a component of Flame. It appears to be deployed to enhance spying capabilities on computers that have already been infected with Flame and Gauss. Analysis indicates that some variants of miniFlame were developed in 2010 and 2011, with several still active today. Development of this malicious software could date back to as early as 2007. “MiniFlame is a high precision attack tool,” stated Alexander Gostev, Chief Security Expert at Kaspersky.

Discovery of miniFlame Malware Marks a New Era in Cyber Espionage On October 15, 2012, cybersecurity firm Kaspersky Lab revealed the emergence of a new type of malware known as miniFlame. Directly associated with the more notorious Flame malware, miniFlame…

Former Developer Sentenced to Four Years for Sabotaging Ohio Employer with Kill-Switch Malware

A 55-year-old Chinese national has received a four-year prison sentence and three years of supervised release for deploying custom malware that targeted his former employer’s network. Davis Lu, 55, of Houston, Texas, was found guilty in March 2025 of intentionally damaging protected computers. He was arrested in April 2021 for misusing his position as a software developer to run malicious code on the company’s servers. While the company’s name was not disclosed, it has been identified as Eaton Corporation, a multinational power management firm based in Beachwood, Ohio. “The defendant violated his employer’s trust, using his technical expertise to disrupt network operations and causing significant financial losses to a U.S. company,” stated Acting Assistant Attorney General M…

Former Developer Sentenced for Sabotaging Employer with Kill-Switch Malware A 55-year-old man from Houston, Texas, has received a four-year prison sentence for the intentional disruption of his previous employer’s computer systems through custom malware. This case highlights significant cybersecurity vulnerabilities…

New Spectre Vulnerabilities in Intel and AMD CPUs Impact Billions of Devices

May 06, 2021

Since the revelation of Spectre, a serious vulnerability affecting modern processors, in January 2018, experts have warned that the issue is challenging to resolve, leading to its continued prevalence. Over three years later, researchers from the University of Virginia and the University of California, San Diego, have uncovered a new method of attack that circumvents existing Spectre defenses. This discovery places virtually all systems—including desktops, laptops, cloud servers, and smartphones—at significant risk once again. The initial disclosures of Spectre and Meltdown opened the floodgates to numerous attack variants, and the problem seems far from resolved, even as manufacturers strive to enhance security.

New Spectre Vulnerabilities in Intel and AMD Processors Impact Billions of Devices In a significant development for the cybersecurity landscape, researchers from the University of Virginia and the University of California, San Diego have identified new vulnerabilities associated with Spectre,…

Strategies for Reducing Security Risks in Web Applications

With web applications being prime targets for cyberattacks, ensuring their security can feel like navigating a digital “Good, the Bad, and the Ugly.” Vulnerabilities in web applications now represent the largest threat vector for enterprise security. Addressing web application security is often more complex than securing infrastructure. Common vulnerabilities, such as Cross-Site Scripting (XSS), SQL Injection (SQLi), and file inclusion, persistently arise. Many of these security challenges can be mitigated using established security measures. However, a survey indicates that only 51% of organizations have coding teams perform security testing, and just 40% incorporate testing during the development phase. These vulnerabilities frequently lie outside the expertise of traditional network security teams. To assist you in grasping…

Minimizing Risks in Web Application Security: A Critical Imperative As web applications continue to emerge as prime targets for cybercriminals, the landscape of web application security resembles a complex narrative reminiscent of “The Good, the Bad and the Ugly.” In…