The LogicHub Security Roundup
Hello, and welcome to the LogicHub Monthly Update! Each month we’ll be covering a broad view of this past month’s threats, a series of informative use cases seen this month by our teams, and a series of recommended articles, podcasts, and other useful resources.
December 2020
Highlights
Samsung FRP Bypass
Android RCE
CASE STUDY
Automated Salesforce Monitoring
January 2021
Highlights
NGINX Absolute Paths
SolarWinds Authentication Bypass
Jabber Arbitrary Execution
CASE STUDY
Daily Metrics for Ease of Data Management
February 2021
Highlights
Active Exploits on Chrome Zero-Day
Android Packet Injection via Bluetooth
CASE STUDY
CIS AWS Benchmarking
March 2021
Highlights
Active Exploits on Chrome Zero-Day
vSphere Client RCE
Privileged Escalation in Cisco Application Services Engine (CASE)
CASE STUDY
Distance-Based Detections
April 2021
Highlights
Netgear File Upload Zero Day
Cisco IOS XE Boundary Checks
Snapdragon Buffer Overflow
CASE STUDY
Automatic Rule Pushing
May 2021
Highlights
Solarwinds Orion Escalated Privileges
Smart Air Fryer RCE
CASE STUDY
Oracle Cloud Infrastructure Detections
June 2021
Highlights
Pulse Secure VPN RCE
Hyper-V Kernel Trickery
Solarwinds Validation Failure
CASE STUDY
Detecting Binary Masquerading
July 2021
Highlights
Windows Print Spooler Vulnerability
phplist RCE
CASE STUDY
Identity and Access Management Monitoring
August 2021
Highlights
Windows Hyper-V RCE
Windows Kernel RCE
Google Chrome DevTools Sandbox Vulnerability
CASE STUDY
Suspicious Production Account Activity Triage
September 2021
Highlights
VMWare Workspace One Open Network Access
Confluence OGNL Injection
Node.JS Input Validation Issues
CASE STUDY
Okta Administration and Authorization
October 2021
Highlights
WordPress Publications ZIP RCE
SAP Netweaver Proxy Attacks
Zoom Client Validation Failure
CASE STUDY
Network Connection Triage with Talos
November 2021
Highlights
Juniper Header Arbitrary Code Execution
Cisco Policy Suite Static SSH Keys
Ethereum PoS DDoS
CASE STUDY
AWS Route 53 Domain Monitoring
December 2021
Highlights
Google Chrome Use After Free
Zoom Buffer Overflow
Palo Alto GlobalProtect Arbitrary Execution
CASE STUDY
Phishing Context Automation and Response
January 2022
Highlights
Batch of NETGEAR Vulnerabilities
Zoho ManageEngine Authentication Bypass
IBM Spectrum Protect Plus Cross-Origin Resource Sharing
CASE STUDY
Log4J Automation and Response
February 2022
Highlights
IBM Financial Transaction Manager Cross-Site Request Forgery
Polkit pkexec Privilege Escalation
Samba 4 RCE
CASE STUDY
Collecting Rain: Cloudflare WAF Triage and Correlation
March 2022
Highlights
Mozilla Use After Free Vulnerabilities
Adobe Magento/Commerce Arbitrary Code Execution
Zimbra Collaboration Suite Zero-Day
CASE STUDY
Detection of Persistent Programs and Changing Hashes
April 2022
Highlights
Apple Buffer Overflow Zero Days
NodeIPC ‘Protestware’
OpenSSL Palo Alto DoS
CASE STUDY
Threat Hunting in Github
May 2022
Highlights
Cisco Enterprise NFV Infrastructure VM Escape
F5 BIG-IP RCE
Azure Insufficient Tenant Separation
CASE STUDY
Automating with Flashpoint
