Product
high
advisory
Web Server Potential SQL Injection Attempt Detection
1 rule 6 TTPsThis brief details the detection of potential SQL injection (SQLi) attempts against web servers by identifying common SQLi patterns in URLs and query strings, used by threat actors for reconnaissance, data exfiltration, or command execution, aiming for sensitive information disclosure or system compromise.
Apache +5
sql-injection
web-attack
reconnaissance
initial-access
data-exfiltration
command-execution
persistence
cross-platform
1r
6t
medium
advisory
Web Server Cloud Metadata SSRF Exploitation
1 rule 2 TTPs 7 IOCsAttackers are actively exploiting Server-Side Request Forgery (SSRF) vulnerabilities in public-facing web applications to access cloud instance metadata services, such as those on AWS, GCP, and Azure, to harvest temporary credentials and sensitive instance details.
AWS +8
ssrf
cloud-security
web-exploitation
credential-access
initial-access
webserver
1r
2t
7i