Log4j Vulnerability: Attackers Shift Focus From LDAP to RMI

In a previous post, we discussed the Log4j vulnerability CVE-2021-44228 and how the exploit works when the attacker uses a Lightweight Directory Access Protocol (LDAP) service to exploit the vulnerability.

Share
Apache Log4j Vulnerability CVE-2021-44228 Raises widespread Concerns

Log4j is a popular logging library used in Java by a large number of applications online. To enhance its functionality from basic log formatting, Log4j added the ability to perform

Share
Juniper Networks Named a Challenger in the 2021 Gartner Magic Quadrant for Network Firewalls

At Juniper Networks, we have always been focused on delivering great end-user experiences for our customers. We do this by providing not just uptime, but reliable connectivity from anywhere in

Share
Necro Python Botnet Goes After Vulnerable VisualTools DVR

In the last week of September 2021, Juniper Threat Labs detected a new activity from Necro Python (a.k.a N3Cr0m0rPh , Freakout, Python.IRCBot) that is actively exploiting some services, including a

Share
Juniper Networks Completes DOE Project and Introduces a New Release of the Converged Industrial Edge (CIE) Solution Architecture

Juniper Networks is pleased to announce the completion of Project Ambassador, a Department of Energy (DOE) funded initiative, and with it, the general availability of Juniper Networks’ Converged Industrial Edge

Share
Muhstik Botnet Targeting Confluence Servers with CVE-2021-26084

  Juniper Threat Labs is seeing an on-going attack targeting Confluence servers. On August 25, Atlassian, the company behind Confluence, disclosed the vulnerability CVE-2021-26084. A few days after that, several

Share
Aggah Malware Campaign Expands to Zendesk and GitHub to Host Its Malware

Juniper Threat Labs has detected a new development in the Aggah malware campaign. Previously, Aggah was known to be using legitimate infrastructures like BlogSpot, WordPress and Pastebin to host its

Share
Attacks Continue Against Realtek Vulnerabilities

As we predicted in last week’s post, threat actors continue to utilize new Realtek vulnerabilities disclosed by IoT Inspector Research Lab to distribute malware. Starting on August 19th, Juniper Threat

Share
Freshly Disclosed Vulnerability CVE-2021-20090 Exploited in the Wild

Juniper Threat Labs continuously monitors in-the-wild network traffic for malicious activity. Today, we have discovered an active exploitation of a vulnerability that was disclosed just 2 days ago.  CVE-2021-20090 is a vulnerability that was discovered by

Share
Connecting and Protecting Applications within a Zero Trust Data Center Architecture with Juniper Cloud Workload Protection

Nearly everything we do on the network involves applications, from web browsing and chat to mobile games and services that allow us to get work done. Applications store, process and

Share