SANS Database 2024 2024() 2023(26) 2022(52) 2021(93) 2020(1197) 2019(572) 2018(627) 2017(632) 2016(647) 2015(692) 2014(796) 2013(0) 2012(0)
DATE | NAME | CATEGORY | SUBCATE | INFO |
3.8.24 | Increased Activity Against Apache OFBiz CVE-2024-32113 | SANS | SANS | As part of its extensive project portfolio, the Apache Foundation supports OFBiz, a Java-based framework for creating ERP (Enterprise Resource Planning) applications. OFBiz appears to be far less prevalent than commercial alternatives. However, just as with any other ERP system, organizations rely on it for sensitive business data, and the security of these ERP systems is critical. |
27.7.24 | ExelaStealer Delivered "From Russia With Love" | SANS | SANS | Some simple PowerShell scripts might deliver nasty content if executed by the target. I found a very simple one (with a low VT score of 8/65): |
25.7.24 | "Mouse Logger" Malicious Python Script | SANS | SANS | Keylogging is a pretty common feature of many malware families because recording the key pressed on a keyboard may reveal a lot of interesting information like usernames, passwords, etc. |
24.7.24 | New Exploit Variation Against D-Link NAS Devices (CVE-2024-3273) | SANS | In April, an OS command injection vulnerability in various D-Link NAS devices was made public [1]. The vulnerability, %%CVE:2024-3273%% was exploited soon after it became public. Many of the affected devices are no longer supported. |