Zip Slip, Path Traversal Vulnerability during File Decompression
Overview Path traversal or directory traversal vulnerabilities are security vulnerabilities that occur mainly due to improper validation of user inputs. Attackers can read, modify, or even create new files that are originally inaccessible or located in unintended paths using relative or absolute paths. Although these vulnerabilities have been known for
XLoader Info-stealer Distributed Using MS Equation Editor Vulnerability (CVE-2017-11882)
AhnLab Security Intelligence Center (ASEC) publishes the information of phishing emails to AhnLab TIP monthly under the title “Trends Report on Phishing Emails.” There are various keywords/topics disguised as phishing, and this blog will cover cases where emails disguised as emails for checking purchases and order confirmations are used to
CERT Report July 2024
01. Monthly Attack Trends Through Statistics Attack Type Statistics Attack type statistics lets you access statistical information on the Top 9 attack types that occurred in the previous month, including the progression of each attack in terms of increase and decrease, as well as attack progression by industry sector and
CERT Report June 2024
01. Monthly Attack Trends Through Statistics Attack Type Statistics Attack type statistics lets you access statistical information on the Top 9 attack types that occurred in the previous month, including the progression of each attack in terms of increase and decrease, as well as attack progression by industry sector and
CERT Report May 2024
01. MONTHLY ATTACK TRENDS THROUGH STATISTICS Attack Type Statistics Attack type statistics lets you access statistical information on the top 9 attack types that occurred in the previous month, including the progression of each attack in terms of increase and decrease, as well as attack progression by industry sector
CERT Report April 2024
01. MONTHLY ATTACK TRENDS THROUGH STATISTICS Attack Type Statistics Attack type statistics lets you access statistical information on the top nine attack types that occurred in the previous month, including the progression of each attack in terms of increase and decrease, as well as attack progression by industry
CERT Report March 2024
01. Monthly Attack TrendsThrough Statistics Attack Type Statistics Attack type statistics lets you access statistical information on the top nine attack types that occurred in the previous month, including the progression of each attack in terms of increase and decrease, as well as attack progression by industry sector
CERT Report February 2024
01. Monthly Attack Trends Through Statistics Attack Type Statistics In the attack type statistics, you can access statistical information on the top nine attack types that occurred in the previous month, including the progression of each attack in terms of increase and decrease, as well as the attack
CERT Report January 2024
01. Monthly Attack Trends Through Statistics Attack Type Statistics In the attack type statistics, you can access statistical information on the top nine attack types that occurred in the previous month, including the progression of each attack in terms of increase and decrease, as well as the attack
Warning Against Cisco IOS XE Software Web UI Vulnerabilities (CVE-2023-20198, CVE-2023-20273)
Overview This month, Cisco released a security advisory regarding two vulnerabilities currently being actively exploited in actual attacks: CVE-2023-20198 and CVE-2023-20273. These vulnerabilities are present in the web UI feature of Cisco IOS XE Software. The CVE-2023-20198 vulnerability allows an unauthorized threat actor to create an arbitrary account with level
