Skip to main content

Threat Management changelog


- Changelog 2023.02.28

* Updated Whitelisted repositories.
* Changes to several OWASP WAF rules to drastically decrease false positives.
* Added signatures for several re-infecting malware.
* Researching spam protection rules.
* 5 New WAF rules. (3 zeroday vulnerabilities, 2 "inspector" rules)
- Rule ID: 406016 - Patching [CVE-2023-23488] | Enabled by default in all BitNinja recommended rulesets
- Rule ID: 406017 - Patching [CVE-2023-23489] | Enabled by default in all BitNinja recommended rulesets
- Rule ID: 406018 - Patching [CVE-2023-23489] | Enabled by default in all BitNinja recommended rulesets
- Rule ID: 400115 - "hidden, inspector rule" Helps eliminate false positives by setting a variable if an user is logged in to WordPress admin | Enabled by default, can not be disabled..
- Rule ID: 400116 - "hidden, inspector rule" Helps eliminate false positives by inspecting payloads to xmlrpc.php to see if they are a valid XML methodCall | Enabled by default, can not be disabled.
* Drastically reduced the number of restored malware.