Date Author Title
2024-03-29Xavier MertensQuick Forensics Analysis of Apache logs
2023-12-20Guy BruneauHow to Protect your Webserver from Directory Enumeration Attack ? Apache2 [Guest Diary]
2023-05-30Johannes UllrichYour Business Data and Machine Learning at Risk: Attacks Against Apache NiFi
2023-05-03Xavier MertensIncreased Number of Configuration File Scans
2022-09-01Johannes UllrichJolokia Scans: Possible Hunt for Vulnerable Apache Geode Servers (CVE-2022-37021)
2021-10-16Guy BruneauApache is Actively Scan for CVE-2021-41773 & CVE-2021-42013
2021-10-06Johannes UllrichApache 2.4.49 Directory Traversal Vulnerability (CVE-2021-41773)
2021-08-24Johannes UllrichAttackers Hunting For Twilio Credentials
2018-06-06Xavier MertensConverting PCAP Web Traffic to Apache Log
2016-07-05Johannes UllrichApache Update: TLS Certificate Authentication Bypass with HTTP/2 (CVE-2016-4979)
2015-10-12Guy BruneauCritical Vulnerability in Multiple Cisco Products - Apache Struts 2 Command Execution http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20131023-struts2
2014-07-28Johannes UllrichInteresting HTTP User Agent "chroot-apach0day"
2014-03-17Jim ClausingNew Apache web server release
2014-03-13Daniel WesemannWeb server logs containing RS=^ ?
2013-11-27Rob VandenBrinkApache 2.4.7 is released 11/25. Download: http://httpd.apache.org/download.cgi#apache24 and Readme: http://apache.mirror.iweb.ca//httpd/CHANGES_2.4.7
2013-04-30Russ McReeApache binary backdoor adds malicious redirect to Blackhole
2012-02-22Johannes UllrichApache 2.4 Features
2011-10-06Rob VandenBrinkApache HTTP Server mod_proxy reverse proxy issue
2011-08-30Johannes UllrichApache patch out for "byte range" DoS vulnerability http://www.apache.org/dist/httpd/Announcement2.2.html
2011-08-25Kevin ShorttRevival of an Unpatched Apache HTTPD DoS
2010-04-13Johannes UllrichApache.org Bugtracker Breach
2010-03-07Mari NicholsApache releases version 2.2.15 with 5 security fixes including OpenSSL issue.
2010-01-25William Salusky"Bots and Spiders and Crawlers, be gone!" - or - "New Open Source WebAppSec tools, Huzzah!"
2009-10-14Johannes UllrichOdd Apache/MSIE issue with downloads from ISC
2009-08-28Adrien de Beaupreapache.org compromised
2009-06-23Bojan ZdrnjaSlowloris and Iranian DDoS attacks
2009-06-21Bojan ZdrnjaApache HTTP DoS tool mitigation
2009-06-18Bojan ZdrnjaApache HTTP DoS tool released
2009-04-07Johannes UllrichCommon Apache Misconception
2009-01-12William SaluskyWeb Application Firewalls (WAF) - Have you deployed WAF technology?
2008-10-09Bojan ZdrnjaWatch that .htaccess file on your web site