CSA - asprox and supplemental SQL injection protection
For those of you running CSA to protect your IIS web server, which may also be utilizing SQL, you may want to supplement your existing DAC rules.
Asprox/Danmec obfuscates the sql injection by hex encoding it inside a CAST statement, like so:
In the rule originally named "IIS and Apache Web Servers, Common SQL Server command injection exploits", open the data set of the same name. Add the following:
In case you have a page that is vulnerable to an sql injection (and aren't aware yet), you are now protected.
GeneralWhich Cisco Secure products include access to SecureX?What are the SecureX data retention/privacy policies?What is SSE?How can I unlink my smart account from SSE and link it to a new account?Do I have to use the same SSE region as the SecureX regio...
More people are working remotely, and this increases the risk of security breaches and the difficulty in defending remote workers where they work and securing the devices they use.
Learn about Cisco Remote Secure Worker solutions that verify workers, secu...
GeneralWhich Cisco Secure products include access to SecureX?What are the SecureX data retention/privacy policies?What is SSE?How can I unlink my smart account from SSE and link it to a new account?Do I have to use the same SSE region as the Secur...
On December 8, FireEye reported that it had been compromised in a sophisticated supply chain attack: more specifically through the SolarWinds Orion IT monitoring and management software. The attackers leveraged business software updates in order to distr...