Week in Overview(7 Nov-14 Nov) Technical Summary 1. Kernel Exploit and Rootkit Detection Using eBPF 2. Email Phishing Campaigns Targeting OpenSea Users and Developers 3. Chrome Use-After-Free Vulnerability in WebAudio (CVE-2023-5996) Resolution: Ignoring channel count updates after the audio context is closed to prevent exploitation. 4. Malware Distribution via GitHub: Threat Actors Spreading AsyncRAT 5.
MoreWeek in Overview(10 Oct-17 Oct) Technical Summary 5. DarkGate Activity on IP 149.248.0.82: 🚨 Vulnerability of the Week IIS CVE-2023-36434 A significant security vulnerability, titled CVE-2023-36434, has been disclosed on October 10, 2023, impacting Microsoft’s Windows IIS Server. The vulnerability is categorized under “Elevation of Privilege,” posing potential threats to systems running vulnerable versions. The
More
Week in Overview(3 Oct-10 Oct) Technical Summary Zero-Day Privilege Escalation in Confluence Server and Data Center CVE: CVE-2023-22515 This zero-day vulnerability affects on-premises instances of Confluence Server and Confluence Data Center. Originally identified as a privilege escalation flaw, it was later classified as a broken access control issue. Attackers can exploit this vulnerability to create
MoreWeek in Overview(26 Sep-3 Oct) Technical Summary 5. Threat Actors Utilizing Malicious PowerShell-Backed Steganography 6. DIAN Phishing Campaign Targeting Taxpayers 7. Using Silent SMS to Localize LTE Users – Proof of Concept Implementation 8. Critical Vulnerabilities in WS_FTP Server Exploited by Attackers (CVE-2023-40044 and CVE-2023-42657) 9. CVE-2023-29357 and CVE-2023-24955 Exploit Chain for Microsoft SharePoint Server
More