Since its emergence in 2022, the BianLian ransomware group has rapidly evolved, showcasing sophisticated techniques and adapting to the shifting landscape of cyber threats. It’s among the top three most
![Protecting Networks from Opportunistic Ivanti Pulse Secure Vulnerability Exploitation](https://blogs.juniper.net/wp-content/uploads/2024/04/MicrosoftTeams-image-4.png)
Juniper Threat Labs has been monitoring exploitation attempts targeting an Ivanti Pulse Secure authentication bypass with remote code execution vulnerabilities. We have observed instances of Mirai botnet delivery in
![Shielding Networks From Androxgh0st](https://blogs.juniper.net/wp-content/uploads/2024/03/240100-DIGITAL-Threat-Labs-Shielding-Networks-830x463-v3.1.png)
AndroxGh0st is a Python-based malware designed to target Laravel applications. It works by scanning and taking out important information from .env files, revealing login details linked to AWS and
![Real-Time Defense: Analyzing Emerging Cyber Threats](https://blogs.juniper.net/wp-content/uploads/2024/01/skycnc_blog_banner_ratio-scaled.jpg)
In this blog, we will dive into the attack trends observed across our customers’ networks. First, we will highlight how the security threat intelligence in the Juniper Advanced Threat Prevention
![CVE-2023-20887: VMware Aria Operations for Networks Unauthenticated Remote Code Execution](https://blogs.juniper.net/wp-content/uploads/2023/09/230469_DIGITAL_Threat-Labs-Blog-Image-CVE-2023-20887_v1.1.jpg)
VMware Aria Operations for Networks is a network monitoring and management tool used to build and manage an optimized, secure network infrastructure. A command injection vulnerability has been recently reported
![Abused CDNs: From Speedy Content to Stealthy Malware](https://blogs.juniper.net/wp-content/uploads/2023/08/banner_CDN.png)
The global internet relies on Content Delivery Networks (CDNs) to deliver a seamless web experience for users. Because of the shared nature of a CDN’s resources, network operators must be
![DreamBus Botnet Resurfaces, Targets RocketMQ vulnerability](https://blogs.juniper.net/wp-content/uploads/2023/07/cover.png)
In May 2023, a vulnerability affecting RocketMQ servers (CVE-2023-33246), which allows remote code execution, was publicly disclosed. In a recent blog post, Juniper Threat Labs provided a detailed explanation of
![CVE-2023-27350: PaperCut NG and MF Remote Code Execution Vulnerability](https://blogs.juniper.net/wp-content/uploads/2023/07/ENT-230354_Threat-Labs-CVE-2023-27350-vulnerability-1024x571.png)
PaperCut is an enterprise print management software. PaperCut NG is used for managing and controlling printing. PaperCut MF is a more advanced solution that, in addition to managing printing, can
![CVE-2023-2825: Gitlab Arbitrary file Read via uploads Path Traversal](https://blogs.juniper.net/wp-content/uploads/2023/06/ENT-230336_DIGITAL_Blog-on-Gitlab-Arbitrary-file-Read-via-uploads-Path-Traversal_v1.1.png)
GitLab is a web-based platform for version control, CI/CD pipelines and collaboration on software development projects. An arbitrary path traversal vulnerability has been recently reported in the GitLab Community Edition
![CVE-2023-33246: Apache RocketMQ Remote Code Execution Vulnerability](https://blogs.juniper.net/wp-content/uploads/2023/06/230338_DIGITAL_CVE-2023-33246-Apache-RocketMQ-Remote-Code-Execution_830x463-1.png)
Apache RocketMQ is one of the most popular and widely used distributed messaging and streaming platforms. A command execution vulnerability has been recently reported in Apache RocketMQ affecting version 5.1.0