Lacework Labs, Author at Lacework

Search Results

Results For:
Blog

Security Advisory: Critical vulnerabilities in VMware

CVE(s) (if available): CVE-2022-22954, CVE-2022-22955,CVE-2022-22956, CVE-2022-22957, CVE-2022-22958, CVE-2022-22959, CVE-2022-22960, CVE-2022-22961, CVE-2022-22972, CVE-2022-22973 Summary In early April VMware released patches for remote code… Read More

Read More
Blog

Malware targeting latest F5 vulnerability

On May 9th, 2022 a remote code execution vulnerability in F5’s Big IP suite of appliances under CVE-2022-1388. Per… Read More

Read More
Blog

NginxDay

Lacework Labs Advisory – “Nginx Day” “Nginx Day”, a zero day targeting Nginx was announced by “AgainstTheWest” via their Twitter account. On April 11th,… Read More

Read More
Blog

New Lacework report reveals increase in sophisticated cloud attacks

  Security in the cloud continues to prove a challenge for organizations around the world. Threat actors are refining their techniques to gain… Read More

Read More
Blog

A guide to responding to the Log4j vulnerability

On December 10th, 2021, CVE-2021-44228 took the security industry by storm when a remote code execution vulnerability was discovered in the… Read More

Read More
Blog

Log4j Today – Prepare for What’s Next

Greg Foss, Lacework Labs The holiday season is never complete without a significant security event unfolding as the year comes to an end. Read More

Read More
Blog

Log4j Attacks – A Week in Review

Key Takeaways Log4J Vulnerabilities (CVE-2021-44228, CVE-2021-45046)  are being exploited by opportunistic attackers. Evasion techniques are being employed to subvert detection. Overview A week… Read More

Read More
Blog

CVE-2021-43326: Automox Privilege Escalation

Lacework Labs researcher Greg Foss (@35Foss) spent some time analyzing the Automox Windows agent and ultimately… Read More

Read More
Blog

Lacework Labs Identifies Log4J Attacks

Key Takeaways CVE-2021-44228 is being adopted by opportunistic attackers. Mirai and Kinsing are being distributed via this attack vector. Overview Lacework Labs is constantly… Read More

Read More
Blog

Lacework Labs Security Predictions for 2022

  If 2020 and 2021 taught us anything, it’s to expect the unexpected. This is especially true with respect to cyber threats which can make… Read More

Read More