Threat Hunting: Improving Bot Detection in Enterprise SD-WANs
11/30/2018How security researchers tracked down Kuai and Bujoi malware through multiple vectors including client type, traffic frequency, and destination.
Post a Comment
Author
Profile of Elad Menahem
Head of Security Research, Cato Networks Member Since: 2/27/2017Author
News & Commentary Posts: 2
Comments: 0
Elad Menahem is the head of security research at Cato Networks, a disruptive cloud-based enterprise platform with a mission to make networking and security simple again. Elad served in an elite tech unit in the Israel Defense Forces (IDF) Intelligence Corps, and has more than 12 years of cybersecurity expertise. Previously, he was an enterprise security research manager at Trusteer, which was acquired by IBM. He has vast knowledge in network and endpoint security, focusing on research and developing breakthrough methods for malware detection.
Articles by Elad Menahem
How security researchers tracked down Kuai and Bujoi malware through multiple vectors including client type, traffic frequency, and destination.
Post a Comment
Google’s ‘SHA-1 Countdown Clock’ Could Undermine Enterprise Security
3/7/2017In the wake of a recently documented 'collision' attack, Google researchers should consider delaying the release of the code behind the crack until companies can roll out adequate patches. Here's why
Post a Comment
White Papers
Video
1 Comments
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: Talk about vendor lock in...
Latest Comment: Talk about vendor lock in...
Current Issue
Building and Managing an IT Security Operations ProgramAs cyber threats grow, many organizations are building security operations centers (SOCs) to improve their defenses. In this Tech Digest you will learn tips on how to get the most out of a SOC in your organization - and what to do if you can't afford to build one.
Flash Poll
How Enterprises Are Developing Secure Applications
IT security and application development are disparate processes that are increasingly coming together. Here's a look at how that's happening.
Twitter Feed
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database CVE-2019-11816
PUBLISHED: 2019-05-20
PUBLISHED: 2019-05-20
PUBLISHED: 2019-05-20
PUBLISHED: 2019-05-20
PUBLISHED: 2019-05-20
From DHS/US-CERT's National Vulnerability Database CVE-2019-11816
PUBLISHED: 2019-05-20
Incorrect access control in the WebUI in OPNsense before version 19.1.8, and pfsense before 2.4.4-p3 allows remote authenticated users to escalate privileges to administrator via a specially crafted request.
CVE-2019-10076PUBLISHED: 2019-05-20
A carefully crafted malicious attachment could trigger an XSS vulnerability on Apache JSPWiki 2.9.0 to 2.11.0.M3, which could lead to session hijacking.
CVE-2019-10077PUBLISHED: 2019-05-20
A carefully crafted InterWiki link could trigger an XSS vulnerability on Apache JSPWiki 2.9.0 to 2.11.0.M3, which could lead to session hijacking.
CVE-2019-10078PUBLISHED: 2019-05-20
A carefully crafted plugin link invocation could trigger an XSS vulnerability on Apache JSPWiki 2.9.0 to 2.11.0.M3, which could lead to session hijacking. Initial reporting indicated ReferredPagesPlugin, but further analysis showed that multiple plugins were vulnerable.
CVE-2019-12239PUBLISHED: 2019-05-20
The WP Booking System plugin 1.5.1 for WordPress has no CSRF protection, which allows attackers to reach certain SQL injection issues that require administrative access.
- Terms of Service
- Privacy Statement
- Legal Entities
- Copyright © 2019 UBM, All rights reserved
Tweet This