by József Könnyű | Aug 31, 2018 | Security analysis
As a member of the BitNinja Development Team, one of our most important tasks is to develop the protection of BitNinja. When we deal with such a process we can see how an attack works or how a botnet can exploit a vulnerability. It’s almost like watching these...by József Könnyű | Aug 21, 2018 | Trending
Our world would be insecure without bug bounty platforms. We don’t know who we can or cannot trust. If we find a vulnerability in a software as a white hat hacker, we would be afraid to report it to the software owners because we wouldn’t know what their reaction...by Tóth Enikő | Aug 13, 2018 | Threat lab
The “Hello, Peppa!” botnet and the /ept/out.php vulnerability were newly discovered attacks by our Attack Vector Miner. But now, it has recognized the reactivation of a forgotten IoT botnet. This botnet exploits the D-Link router DSL-2750B remote command execution....by Nikolett Hegedűs | Aug 10, 2018 | Security analysis
In a previous article, we’ve discussed the BitNinja safe minimum ruleset for the BitNinja WAF, that consists of 15 rules from the OWASP Core Ruleset, along with 6 rules from the BitNinja rules category. These rules can be safely enabled on the root location pattern on...by Tóth Enikő | Aug 6, 2018 | Threat lab
After the “Hello, Peppa!” zero-day botnet, our Attack Vector Miner detected another zero-day vulnerability. Some vulnerable websites contain an /ept/out.php file, which can work as an open proxy. That’s why the attacker scans the /ept/out.php file. Let’s see an...