January(56) February(146) March(137) April(491) May(161) June(162) July(242) August(171) September(238) October(161) November(135) December(70)
|
DATE |
NAME |
CATEGORY |
SUBCATE |
INFO |
|
29.11.23 |
GCleaner | Malware | Malware | Deep Analysis of GCleaner |
|
29.11.23 |
Fabookie | Malware | Loader | Loader Galore - TaskLoader at the start of a Pay-per-Install Infection Chain |
|
29.11.23 |
Amadey | Malware | Backdoor | Amadey is a botnet that appeared around October 2018 and is being sold for about $500 on Russian-speaking hacking forums. |
|
29.11.23 |
PrivateLoader | Malware |
Loader |
According to sekoia, PrivateLoader is a modular malware whose main capability is to download and execute one or several payloads. |
|
29.11.23 |
SmokeLoader | Malware | Backdoor | The SmokeLoader family is a generic backdoor with a range of capabilities which depend on the modules included in any given build of the malware. |
|
29.11.23 |
CVE-2023-46604 |
CVE |
The Java OpenWire protocol marshaller is vulnerable to Remote Code Execution. | |
|
29.11.23 |
GoTitan Botnet | BOTNET | BOTNET | GoTitan Botnet - Ongoing Exploitation on Apache ActiveMQ |
|
29.11.23 |
CVE-2023-5217 |
CVE |
Heap buffer overflow in vp8 encoding in libvpx in Google Chrome prior to 117.0.5938.132 and libvpx 1.13.1 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |
|
29.11.23 |
CVE-2023-4863 |
CVE |
Heap buffer overflow in libwebp in Google Chrome prior to 116.0.5845.187 and libwebp 1.3.2 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. | |
|
29.11.23 |
CVE-2023-3079 |
CVE |
Type confusion in V8 in Google Chrome prior to 114.0.5735.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | |
|
29.11.23 |
CVE-2023-2033 |
CVE |
Type confusion in V8 in Google Chrome prior to 112.0.5615.121 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | |
|
29.11.23 |
CVE-2023-6345 |
CVE |
CVE-2023-2136 is said to have "allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page." | |
|
29.11.23 |
CVE-2023-2136 |
CVE |
Integer overflow in Skia in Google Chrome prior to 112.0.5615.137 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. | |
|
29.11.23 |
MAR-10478915-1.v1 Citrix Bleed | CERT | CERT | Responding to the recently disclosed CVE-2023-4966, affecting Citrix NetScaler ADC and NetScaler Gateway appliances, CISA received four files for analysis that show files being used to save registry hives, dump the Local Security Authority Subsystem Service (LSASS) process memory to disk, and attempts to establish sessions via Windows Remote Management (WinRM). |
|
28.11.23 |
PERFORM NTLM FORCED AUTHENTICATION ATTACKS | Hacking | Hacking | ABUSING MICROSOFT ACCESS “LINKED TABLE” FEATURE TO PERFORM NTLM FORCED AUTHENTICATION ATTACKS |
|
28.11.23 |
CVE-2023-46604 |
CVE |
The Java OpenWire protocol marshaller is vulnerable to Remote Code Execution. This vulnerability may allow a remote attacker with network access to either a Java-based OpenWire broker or client to run arbitrary shell commands by manipulating serialized class types in the OpenWire protocol to cause either the client or the broker (respectively) to instantiate any class on the classpath. | |
|
28.11.23 |
KANDYKORN | Malware | osx | Elastic catches DPRK passing out KANDYKORN |
|
28.11.23 |
RustBucket | Malware | masOS | BlueNoroff | How DPRK’s macOS RustBucket Seeks to Evade Analysis and Detection |
|
28.11.23 |
Tiger RAT | Malware | RAT | This is third stage backdoor mentioned in the Kaspersky blog, "Andariel evolves to target South Korea with ransomware". The third stage payload was created via the second stage payload, is interactively executed in the operation and exists in both x64 and x86 versions. |
|
28.11.23 |
Prompt Injection Attack | Attack | AI | A prompt injection attack is a type of cyberattack where a hacker enters a text prompt into a large language model (LLM) or chatbot, which is designed to enable the user to perform unauthorized actions. |
|
28.11.23 |
Marvin Attack | Attack | Crypto | The Marvin Attack is a return of a 25 year old vulnerability that allows performing RSA decryption and signing operations as an attacker with the ability to observe only the time of the decryption operation performed with the private key. |
|
25.11.23 |
HrServ | Attack | WebShell | The web shell, a dynamic-link library (DLL) named "hrserv.dll," exhibits "sophisticated features such as custom encoding methods for client communication and in-memory execution |
|
25.11.23 |
CVE-2023-43177 |
CVE |
CrushFTP prior to 10.5.1 is vulnerable to Improperly Controlled Modification of Dynamically-Determined Object Attributes. | |
|
25.11.23 |
Telekopye | Operation | Operation | Telekopye: Chamber of Neanderthals’ secrets |
|
25.11.23 |
SYSJOKER | Malware | Backdoor | ISRAEL-HAMAS WAR SPOTLIGHT: SHAKING THE RUST OFF SYSJOKER |
|
25.11.23 |
Konni | Malware | RAT | Konni is a remote administration tool, observed in the wild since early 2014. |
|
25.11.23 |
WailingCrab | Malware | Loader | Stealthy WailingCrab Malware misuses MQTT Messaging Protocol |
|
25.11.23 |
Mirai | BOTNET | BOTNET | InfectedSlurs Botnet Spreads Mirai via Zero-Days |
|
25.11.23 |
JenX | BOTNET | IoT | JenX botnet, a new IoT botnet, has begun recruiting IoT devices. The JenX botnet is being marketed over the Internet and offers up to 300Gbps attacks for as little as $20. |
|
23.11.23 |
CVE-2023-42793 |
CVE |
In JetBrains TeamCity before 2023.05.4 authentication bypass leading to RCE on TeamCity Server was possible | |
|
23.11.23 |
CVE-2021-34466 |
CVE |
Windows Hello Security Feature Bypass Vulnerability | |
|
22.11.23 |
Atomic Stealer | Malware | Mac | Atomic Stealer distributed to Mac users via fake browser updates |
|
22.11.23 |
CVE-2023-4966 |
CVE |
Sensitive information disclosure in NetScaler ADC and NetScaler Gateway when configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or AAA virtual server. | |
|
22.11.23 |
Agent Tesla | Malware | Stealer | New "Agent Tesla" Variant: Unusual "ZPAQ" Archive Format Delivers Malware |
|
22.11.23 |
Kinsing | Malware | Linux | CVE-2023-46604 (Apache ActiveMQ) Exploited to Infect Systems With Cryptominers and Rootkits |
|
21.11.23 |
Android |
Enchant malware uses the Accessibility Service feature to target specific cryptocurrency wallets, including imToken, OKX, Bitpie Wallet, and TokenPocket wallet. |
||
|
21.11.23 |
Backdoor |
My Tea’s not cold. An overview of China’s cyber threat |
||
|
21.11.23 |
Dropper |
Popping Blisters for research: An overview of past payloads and exploring recent developments |
||
|
21.11.23 |
Loader |
According to Rapid7, this is a loader first spotted in July 2023. It implements several evasion techniques including Process Doppelgänging, DLL Search Order Hijacking, and Heaven's Gate. IDAT loader got its name as the threat actor stores the malicious payload in the IDAT chunk of PNG file format. |
||
|
21.11.23 |
Banking |
QBot is a modular information stealer also known as Qakbot or Pinkslipbot. It has been active for years since 2007. It has historically been known as a banking Trojan, meaning that it steals financial data from infected systems, and a loader using C2 servers for payload targeting and download. |
||
|
21.11.23 |
Downloader |
Introducing Pikabot, an emerging malware family that comprises a downloader/installer, a loader, and a core backdoor component. Despite being in the early stages of development, it already demonstrates advanced techniques in evasion, injection, and anti-analysis. |
||
|
21.11.23 |
Downloader |
First documented in 2018, DarkGate is a commodity loader with features that include the ability to download and execute files to memory, a Hidden Virtual Network Computing (HVNC) module, keylogging, information-stealing capabilities, and privilege escalation. |
||
|
20.11.23 |
Sayler RAT | Malware | RAT | New Java-Based Sayler RAT Targets Polish Speaking Users |
|
20.11.23 |
Predator AI | Malware | Infosteler | Predator AI | ChatGPT-Powered Infostealer Takes Aim at Cloud Platforms |
|
20.11.23 |
Trap Stealer | Malware | Stealer | New Open-Source ‘Trap Stealer’ Pilfers Data in just 6 Seconds |
|
20.11.23 |
BbyStealer | Malware | Stealer | BbyStealer Malware Resurfaces, Sets Sights on VPN Users |
|
20.11.23 |
LummaC2 | Malware | Stealer | Lumma Stealer (aka LummaC2 Stealer) is an information stealer written in C language that has been available through a Malware-as-a-Service (MaaS) model on Russian-speaking forums since at least August 2022 |
|
18.11.23 |
Backdoor |
Most of the group’s Phobos variants are distributed by SmokeLoader, a backdoor trojan. This commodity loader typically drops or downloads additional payloads when deployed. |
||
|
18.11.23 |
CVE |
RARLAB WinRAR before 6.23 allows attackers to execute arbitrary code when a user attempts to view a benign file within a ZIP archive. |
||
|
18.11.23 |
Worm |
MALWARE SPOTLIGHT – INTO THE TRASH: ANALYZING LITTERDRIFTER |
||
|
17.11.23 |
RAT |
Information stealer which uses AutoIT for wrapping. |
||
|
17.11.23 |
CVE |
FortiSIEM - Remote unauthenticated os command injection |
||
|
17.11.23 |
CVE |
(CVSS score: 5.4) - Microsoft Windows Mark-of-the-Web (MotW) Security Feature Bypass Vulnerability |
||
|
17.11.23 |
CVE |
(CVSS score: 9.8) - Sophos Web Appliance Command Injection Vulnerability |
||
|
17.11.23 |
CVE |
(CVSS score: 8.8) - Oracle Fusion Middleware Unspecified Vulnerability |
||
|
17.11.23 |
CVE |
Zimbra Collaboration (ZCS) 8 before 8.8.15 Patch 41 allows XSS in the Zimbra Classic Web Client. |
||
|
17.11.23 |
CVE |
RARLAB WinRAR before 6.23 allows attackers to execute arbitrary code when a user attempts to view a benign file within a ZIP archive. |
||
|
16.11.23 |
CVE-2023-28771 |
CVE |
Improper error message handling in Zyxel ZyWALL/USG series firmware versions 4.60 through 4.73, VPN series firmware versions 4.60 through 5.35, USG FLEX series firmware versions 4.60 through 5.35, and ATP series firmware versions 4.60 through 5.35, which could allow an unauthenticated attacker to execute some OS commands remotely by sending crafted packets to an affected device. | |
|
16.11.23 |
SparkRAT | Malware | RAT | BlueShell malware used in APT attacks targeting Korea and Thailand |
|
16.11.23 |
CVE-2023-46604 |
CVE |
The Java OpenWire protocol marshaller is vulnerable to Remote Code Execution. | |
|
15.11.23 |
CVE-2023-23583 |
CVE |
Sequence of processor instructions leads to unexpected behavior for some Intel(R) Processors may allow an authenticated user to potentially enable escalation of privilege and/or information disclosure and/or denial of service via local access. | |
|
15.11.23 |
CVE-2023-36052 |
CVE |
Azure CLI REST Command Information Disclosure Vulnerability | |
|
15.11.23 |
CVE-2023-38545 |
CVE |
This flaw makes curl overflow a heap based buffer in the SOCKS5 proxy handshake. When curl is asked to pass along the host name to the SOCKS5 proxy to allow that to resolve the address instead of it getting done by curl itself, the maximum length that host name can be is 255 bytes | |
|
15.11.23 |
CVE-2023-36397 |
CVE |
Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability | |
|
15.11.23 |
CVE-2023-36028 |
CVE |
Microsoft Protected Extensible Authentication Protocol (PEAP) Remote Code Execution Vulnerability | |
|
15.11.23 |
CVE-2023-32049 |
CVE |
Windows SmartScreen Security Feature Bypass Vulnerability | |
|
15.11.23 |
CVE-2023-24880 |
CVE |
Windows SmartScreen Security Feature Bypass Vulnerability | |
|
15.11.23 |
CVE-2022-44698 |
CVE |
Windows SmartScreen Security Feature Bypass Vulnerability | |
|
15.11.23 |
CVE-2023-36413 |
CVE |
(CVSS score: 6.5) - Microsoft Office Security Feature Bypass Vulnerability | |
|
15.11.23 |
CVE-2023-36038 |
CVE |
(CVSS score: 8.2) - ASP.NET Core Denial of Service Vulnerability | |
|
15.11.23 |
CVE-2023-36036 |
CVE |
(CVSS score: 7.8) - Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability | |
|
15.11.23 |
CVE-2023-36033 |
CVE |
(CVSS score: 7.8) - Windows DWM Core Library Elevation of Privilege Vulnerability | |
|
15.11.23 |
CVE-2023-36025 |
CVE |
(CVSS score: 8.8) - Windows SmartScreen Security Feature Bypass Vulnerability | |
|
15.11.23 |
CVE-2023-34048 |
CVE |
vCenter Server contains an out-of-bounds write vulnerability in the implementation of the DCERPC protocol. A malicious actor with network access to vCenter Server may trigger an out-of-bounds write potentially leading to remote code execution. | |
|
15.11.23 |
CVE-2023-34060 |
CVE |
VMware Cloud Director Appliance contains an authentication bypass vulnerability in case VMware Cloud Director Appliance was upgraded to 10.5 from an older version. | |
|
15.11.23 |
CVE-2023-20592 |
CVE |
Vulnerabilities within the web-based management interface of ClearPass Policy Manager could allow a remote attacker to conduct a reflected cross-site scripting (XSS) attack against a user of the interface. A successful exploit allows an attacker to execute arbitrary script code in a victim's browser in the context of the affected interface. | |
|
15.11.23 |
CVE-2023-20583 |
CVE |
A potential power side-channel vulnerability in AMD processors may allow an authenticated attacker to monitor the CPU power consumption as the data in a cache line changes over time potentially resulting in a leak of sensitive information. | |
|
15.11.23 |
CACHEWARP | Attack | Attack | CacheWarp: Software-based Fault Injection using Selective State Res |
|
14.11.23 |
Linux |
Linux DDoS C&C Malware |
||
|
14.11.23 |
Downloader |
TA402 Uses Complex IronWind Infection Chains to Target Middle East-Based Government Entities |
||
|
14.11.23 |
Stealer |
According to Tony Lambert, this is a malware written in .NET. It was observed to be delivered using the .NET Single File deployment feature. |
||
|
14.11.23 |
CVE |
(CVSS score: 5.3) - Juniper Junos OS EX Series PHP External Variable Modification Vulnerability |
||
|
14.11.23 |
CVE |
(CVSS score: 5.3) - Juniper Junos OS EX Series and SRX Series PHP External Variable Modification Vulnerability |
||
|
14.11.23 |
CVE |
(CVSS score: 5.3) - Juniper Junos OS SRX Series Missing Authentication for Critical Function Vulnerability |
||
|
14.11.23 |
CVE |
(CVSS score: 5.3) - Juniper Junos OS EX Series Missing Authentication for Critical Function Vulnerability |
||
|
14.11.23 |
CVE |
(CVSS score: 5.3) - Juniper Junos OS SRX Series Missing Authentication for Critical Function Vulnerability |
||
|
13.11.23 |
Wiper |
According to Security Joes, this malware is an x64 ELF executable, lacking obfuscation or protective measures. It allows attackers to specify target folders and can potentially destroy an entire operating system if run with root permissions. |
||
|
11.11.23 |
CaddyWiper | Malware | Wiper | CaddyWiper is another destructive malware believed to be deployed to target Ukraine. |
|
11.11.23 |
CVE-2023-22518 |
CVE |
All versions of Confluence Data Center and Server are affected by this unexploited vulnerability. This Improper Authorization vulnerability allows an unauthenticated attacker to reset Confluence and create a Confluence instance administrator account. | |
|
11.11.23 |
CVE-2023-22515 |
CVE |
Atlassian has been made aware of an issue reported by a handful of customers where external attackers may have exploited a previously unknown vulnerability in publicly accessible Confluence Data Center and Server instances to create unauthorized Confluence administrator accounts and access Confluence instances. Atlassian Cloud sites are not affected by this vulnerability. | |
|
11.11.23 |
Effluence | Malware | Backdoor | Detecting “Effluence”, An Unauthenticated Confluence Web Shell |
|
11.11.23 |
Kamran | Malware | Android | Unlucky Kamran: Android malware spying on Urdu-speaking residents of Gilgit-Baltistan |
|
11.11.23 |
CVE-2023-47246 |
CVE |
In SysAid On-Premise before 23.3.36, a path traversal vulnerability leads to code execution after an attacker writes a file to the Tomcat webroot, as exploited in the wild in November 2023. | |
|
11.11.23 |
FakeBat | Malware | Loader | FakeBat (also known as EugenLoader) is a malicious software loader and dropper that has emerged as a significant player in the world of cyber threats. FakeBat has been associated with malvertising campaigns since at least November 2022. |
| 9.11.23 | CVE-2023-29552 |
CVE |
The Service Location Protocol (SLP, RFC 2608) allows an unauthenticated, remote attacker to register arbitrary services. This could allow the attacker to use spoofed UDP traffic to conduct a denial-of-service attack with a significant amplification factor. | |
| 9.11.23 | BlazeStealer | Malware | Python | In the realm of software development, open-source tools and packages play a pivotal role in simplifying tasks and accelerating development processes. Yet, as the community grows, so does the number of bad actors looking to exploit it. A recent example involves developers being targeted by seemingly legitimate Python obfuscation packages that harbor malicious code. |
| 9.11.23 | ObjCShellz | Malware | MacOS | Jamf Threat Labs discovered a new later-stage malware variant from BlueNoroff that shares characteristics with their RustBucket campaign. Read this blog to learn more about this malware and view the indicators of compromise. |
| 9.11.23 | GootBot | Malware | Bot | GootBot – Gootloader’s new approach to post-exploitation |
| 9.11.23 | GootLoader | Malware | JS | According to PCrisk, they discovered GootLoader malware while examining legitimate but compromised websites (mainly websites managed using WordPress). It was found that GootLoader is used to infect computers with additional malware. Cybercriminals using GootLoader seek to trick users into unknowingly downloading and executing the malware by disguising it as a document or other file. |
| 9.11.23 | CVE-2023-38831 |
CVE |
RARLAB WinRAR before 6.23 allows attackers to execute arbitrary code when a user attempts to view a benign file within a ZIP archive. | |
| 9.11.23 | Action RAT | Malware | RAT | Double Action, Triple Infection, and a New RAT: SideCopy’s Persistent Targeting of Indian Defence |
| 9.11.23 | AllaKore | Malware | RAT | AllaKore is a simple Remote Access Tool written in Delphi, first observed in 2015 but still in early stages of development. It implements the RFB protocol which uses frame buffers and thus is able to send back only the changes of screen frames to the controller, speeding up the transport and visualization control. |
| 7.11.23 | CVE-2023-46604 |
CVE |
Apache ActiveMQ is vulnerable to Remote Code Execution.The vulnerability may allow a remote attacker with network access to a broker to run arbitrary shell commands by manipulating serialized class types in the OpenWire protocol to cause the broker to instantiate any class on the classpath. | |
| 7.11.23 | CVE-2023-22515 |
CVE |
Atlassian has been made aware of an issue reported by a handful of customers where external attackers may have exploited a previously unknown vulnerability in publicly accessible Confluence | |
| 7.11.23 | CVE-2023-22518 |
CVE |
All versions of Confluence Data Center and Server are affected by this unexploited vulnerability. There is no impact to confidentiality as an attacker cannot exfiltrate any instance data. | |
| 7.11.23 | CVE-2023-41723 |
CVE |
A vulnerability in Veeam ONE allows a user with the Veeam ONE Read-Only User role to view the Dashboard Schedule. | |
| 7.11.23 | CVE-2023-38549 |
CVE |
A vulnerability in Veeam ONE allows a user with the Veeam ONE Power User role to obtain the access token of a user with the Veeam ONE Administrator role through the use of XSS. | |
| 7.11.23 | CVE-2023-38548 |
CVE |
A vulnerability in Veeam ONE allows an unprivileged user who has access to the Veeam ONE Web Client the ability to acquire the NTLM hash of the account used by the Veeam ONE Reporting Service. | |
| 7.11.23 | CVE-2023-38547 |
CVE |
A vulnerability in Veeam ONE allows an unauthenticated user to gain information about the SQL server connection Veeam ONE uses to access its configuration database. This may lead to remote code execution on the SQL server hosting the Veeam ONE configuration database. | |
| 7.11.23 | Jupyter | Malware | Infostealer | An updated version of an information stealer malware known as Jupyter has resurfaced with "simple yet impactful changes" that aim to stealthily establish a persistent foothold on compromised systems. |
| 7.11.23 | CVE-2023-23369 |
CVE |
An OS command injection vulnerability has been reported to affect several QNAP operating system and application versions. If exploited, the vulnerability could allow remote attackers to execute commands via a network. | |
| 7.11.23 | CVE-2023-23368 |
CVE |
An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers to execute commands via a network. | |
| 6.11.23 | Agonizing Serpens | Hacking | Hacking | The attacks are characterized by attempts to steal sensitive data, such as personally identifiable information (PII) and intellectual property. |
| 6.11.23 | SecuriDropper | Malware | Android | Droppers are a specific category of malware whose main purpose is to install a payload on an infected device. |
| 6.11.23 | Google Calendar RAT | Malware | RAT | The Rising Threat of Covert Cyber Attacks through Google Calendar |
| 4.11.23 | StripedFly | Malware | Crypto | It’s just another cryptocurrency miner… Nobody would even suspect the mining malware was merely a mask, masquerading behind an intricate modular framework that supports both Linux and Windows. |
| 4.11.23 | CVE-2017-9841 |
CVE |
Util/PHP/eval-stdin.php in PHPUnit before 4.8.28 and 5.x before 5.6.3 allows remote attackers to execute arbitrary PHP code via HTTP POST data beginning with a "<?php " substring, as demonstrated by an attack on a site with an exposed /vendor folder, i.e., external access to the /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php URI. | |
| 4.11.23 | CVE-2023-32315 |
CVE |
Openfire is an XMPP server licensed under the Open Source Apache License. Openfire's administrative console, a web-based application, was found to be vulnerable to a path traversal attack via the setup environment. | |
| 4.11.23 | CVE-2023-4911 |
CVE |
A buffer overflow was discovered in the GNU C Library's dynamic loader ld.so while processing the GLIBC_TUNABLES environment variable. | |
| 3.11.23 | NodeStealer | Malware | Stealer | NodeStealer attacks on Facebook take a provocative turn – threat actors deploy malvertising campaigns to hijack users’ accounts |
| 3.11.23 | CanesSpy | Malware | Spyware | Cybersecurity researchers have unearthed a number of WhatsApp mods for Android that come fitted with a spyware module dubbed CanesSpy. |
| 2.11.23 | Mozi | Malware | Linux | P2P Botnets: Review - Status - Continuous Monitoring |
| 2.11.23 | CVE-2023-35841 |
CVE |
RadHwMgr.sys, rtif.sys, rtport.sys, stdcdrv64.sys, and TdkLib64.sys | |
| 2.11.23 | CVE-2023-20598 |
CVE |
An improper privilege management in the AMD Radeon™ Graphics driver may allow an authenticated attacker to craft an IOCTL request to gain I/O control over arbitrary hardware ports or physical addresses resulting in a potential arbitrary code execution. | |
| 2.11.23 | CVE-2023-46604 |
CVE |
Apache ActiveMQ is vulnerable to Remote Code Execution.The vulnerability may allow a remote attacker with network access to a broker to run arbitrary shell commands by manipulating serialized class types in the OpenWire protocol to cause the broker to instantiate any class on the classpath. Users are recommended to upgrade to version 5.15.16, 5.16.7, 5.17.6, or 5.18.3, which fixes this issue. | |
| 2.11.23 | Kopeechka | Hacking | Tool | How Kopeechka, an Automated Social Media Accounts Creation Service, Can Facilitate Cybercrime |
| 1.11.23 | WINTAPIX | Malware | Backdoor | WINTAPIX: A New Kernel Driver Targeting Countries in The Middle East |
| 1.11.23 | LIONTAIL | Malware | Steal | FROM ALBANIA TO THE MIDDLE EAST: THE SCARRED MANTICORE IS LISTENING |
| 1.11.23 | RustBucket | Malware | Trojan | Bluenoroff’s RustBucket campaign |
| 1.11.23 | RustBucket | Malware | OSX | BlueNoroff | How DPRK’s macOS RustBucket Seeks to Evade Analysis and Detection |
| 1.11.23 | KANDYKORN | Malware | macOS | Elastic Security Labs exposes an attempt by the DPRK to infect blockchain engineers with novel macOS malware. |
| 1.11.23 | Kazuar | Malware | Backdoor | Over the Kazuar’s Nest: Cracking Down on a Freshly Hatched Backdoor Used by Pensive Ursa (Aka Turla) |
| 1.11.23 | CVE-2023-46747 |
CVE |
Undisclosed requests may bypass configuration utility authentication, allowing an attacker with network access to the BIG-IP system through the management port and/or self IP addresses to execute arbitrary system commands. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated | |
| 1.11.23 | AridViper | Malware | Android | Arid Viper disguising mobile spyware as updates for non-malicious Android applications |