The SonicWall Capture Labs threat research team became aware of a path traversal vulnerability in SolarWinds Serv-U, assessed its impact and developed mitigation measures. Serv-U server is a solution …
Author: SonicWall
The SonicWall Capture Labs threat research team has been observing PDF files with QR codes being abused by malware authors to deceive users for a long time.
QR codes are …
This week, the SonicWall Capture Labs threat research team investigated a sample of Orcinius malware. This is a multi-stage trojan that is using Dropbox and Google Docs to download …
The SonicWall Capture Labs threat research team became aware of an exploited-in-the-wild information disclosure vulnerability affecting the Windows-based PHP servers used in CGI mode. Identified as CVE-2024-4577 and given …
The SonicWall Capture Labs threat research team became aware of an exploited-in-the-wild information disclosure vulnerability affecting the Check Point Security Gateways. Identified as CVE-2024-24919 and given a CVSSv3 score …
This week, the SonicWall Capture Labs Research team analyzed a new sample of Linux ransomware. The group behind this ransomware, called INC Ransomware, has been active since it was …
The SonicWall Capture Labs threat research team became aware of a remote code execution vulnerability in the Atlassian Confluence Data Center and Server, assessed its impact and developed mitigation …
The SonicWall Capture Labs threat research team became aware of a noteworthy vulnerability โan SQL injection in the WordPress plugin Automatic by ValvePress โ assessed its impact and developed …
This week, the SonicWall Capture Labs threat research team investigated a sample of the RemcosRAT that uses a PrivateLoader module to provide additional data and persistence on the victimโs …
The SonicWall Capture Labs threat research team became aware of CVE-2024-31984, which is a code injection vulnerability in XWikiโs management of space titles and has a critical CVSS score …
SonicWall Capture Labs threat research team became aware of a fully unauthenticated server-side template injection vulnerability within CrushFTP, assessed its impact, and developed mitigation measures. CrushFTP is an enterprise …
This week the SonicWall Capture Labs threat research team came across a sample purporting to be Windows Explorer. At a glance, everything checks out โ it uses the legitimate …
The SonicWall Capture Labs threat research team has been regularly sharing information about malware targeting Android devices. Weโve encountered similar RAT samples before, but this one includes extra commands …
The SonicWall Capture Labs threat research team became aware of a cross-site scripting vulnerability in GitLab, assessed its impact and developed mitigation measures. GitLab, an open-source code-sharing platform, published …
Overview
SonicWall Capture Labs threat research team has observed fileless .Net managed code injection in a native 64-bit process. Native code or unmanaged code refers to low-level compiled code such …
Overview
The SonicWall Capture Labs threat research team became aware of a noteworthy vulnerabilityโan Unauthenticated Template Injection โin Atlassian Confluence platforms, assessed its impact and developed mitigation measures for it. …
Overview
The SonicWall Capture Labs threat research team became aware of a couple of remote code execution vulnerabilities in JumpServer, assessed their impact and developed mitigation measures. JumpServer is an …
Overview
The SonicWall Capture Labs threat research team analyzed a malware purporting to be a Java utility. It arrives as an installer for Java Access Bridge, but ultimately installs the …
____________________ Summary: The SonicWall Capture Labs threat research team has discovered an Unauthenticated Command Injection vulnerability in Progress Kemp LoadMaster. This vulnerability allows attackers to bypass authentication and execute arbitrary …
Overview
This week, the Sonicwall Capture Labs threat research team analyzed a new Golang malware sample. It uses multiple geographic checks and publicly available packages to screenshot the system before …
Overview
SonicWall Capture Labs threat research team has observed a new variant of WhiteSnake Stealer. This stealer poses significant risks to users and organizations as it can steal critical sensitive …
Overview
This week, the Sonicwall Capture Labs threat research team analyzed a ransomware calling itself Lighter Ransomware. Upon execution, it opens up a window with a countdown timer instructing the …
Overview
The SonicWall Capture Labs threat research team recently observed an interesting variant of StopCrypt ransomware. The ransomware executes its malicious activities by utilizing multi-stage shellcodes before launching a final …
Overview
The SonicWall Capture Labs threat research team has been tracking ransomware that has gained recent notoriety known as Medusa. Medusa surfaced as a Ransomware-as-a-Service (RaaS) platform in late 2022. …
Overview
The SonicWall Capture Labs Threat research team has regularly monitored hidden adware on Android. These misleading apps show ads and collect user data to make money from advertisements. They …
Overview
The SonicWall Capture Labs threat research team became aware of a couple of noteworthy vulnerabilities โ an authentication bypass vulnerability and a path traversal vulnerability โ in JetBrains TeamCity, …
Overview
SonicWall Capture Labs Threat Research Team became aware of the MonikerLink Remote Code Execution vulnerability (CVE-2024-21413) in Microsoft Outlook, assessed its impact and developed mitigation measures for the vulnerability.…
SonicWall Capture Labs Threat Research Team became aware of the ClamAV VirusEvent command injection vulnerability (CVE-2024-20328), assessed its impact, and developed mitigation measures for the vulnerability.
ClamAV is a notable, …