Protecting Networks from Opportunistic Ivanti Pulse Secure Vulnerability Exploitation

  Juniper Threat Labs has been monitoring exploitation attempts targeting an Ivanti Pulse Secure authentication bypass with remote code execution vulnerabilities. We have observed instances of Mirai botnet delivery in

Share
Shielding Networks From Androxgh0st

  AndroxGh0st is a Python-based malware designed to target Laravel applications. It works by scanning and taking out important information from .env files, revealing login details linked to AWS and

Share
Real-Time Defense: Analyzing Emerging Cyber Threats

In this blog, we will dive into the attack trends observed across our customers’ networks. First, we will highlight how the security threat intelligence in the Juniper Advanced Threat Prevention

Share
CVE-2023-20887: VMware Aria Operations for Networks Unauthenticated Remote Code Execution

VMware Aria Operations for Networks is a network monitoring and management tool used to build and manage an optimized, secure network infrastructure. A command injection vulnerability has been recently reported

Share
Abused CDNs: From Speedy Content to Stealthy Malware

The global internet relies on Content Delivery Networks (CDNs) to deliver a seamless web experience for users. Because of the shared nature of a CDN’s resources, network operators must be

Share
DreamBus Botnet Resurfaces, Targets RocketMQ vulnerability

In May 2023, a vulnerability affecting RocketMQ servers (CVE-2023-33246), which allows remote code execution, was publicly disclosed. In a recent blog post, Juniper Threat Labs provided a detailed explanation of

Share
CVE-2023-27350: PaperCut NG and MF Remote Code Execution Vulnerability

PaperCut is an enterprise print management software. PaperCut NG is used for managing and controlling printing. PaperCut MF is a more advanced solution that, in addition to managing printing, can

Share
CVE-2023-2825: Gitlab Arbitrary file Read via uploads Path Traversal

GitLab is a web-based platform for version control, CI/CD pipelines and collaboration on software development projects.  An arbitrary path traversal vulnerability has been recently reported in the GitLab Community Edition

Share
CVE-2023-33246: Apache RocketMQ Remote Code Execution Vulnerability

Apache RocketMQ is one of the most popular and widely used distributed messaging and streaming platforms. A command execution vulnerability has been recently reported in Apache RocketMQ affecting version 5.1.0

Share
Using ChatGPT to Generate Native Code Malware

The capabilities of OpenAI’s large language model have astounded, delighted and (at times) horrified those who have tried it. Much ink has been spilled speculating which professions will be replaced

Share