Investigating A Web Shell Intrusion With Trend Micro™ Managed XDR
This blog discusses a web shell intrusion incident where attackers abused the IIS worker to exfiltrate stolen data. Read More HERE…
This blog discusses a web shell intrusion incident where attackers abused the IIS worker to exfiltrate stolen data. Read More HERE…
This blog entry provides an overview of CVE-2024-49112 and CVE-2024-49113 and includes information that IT and SOC professionals need to know to stay protected against possible exploitation. Read More HERE…
Prompt injection exploits vulnerabilities in generative AI to manipulate its behavior, even without extensive permissions. This attack can expose sensitive data, making awareness and preventive measures essential. Learn how it works and how to stay protected. Read More HERE…
Enterprise 2024 will incorporate multiple, smaller emulations for a more nuanced and targeted evaluation of defensive capabilities. We’re excited to offer two distinct adversary focus areas: Ransomware targeting Windows and Linux, and the Democratic People’s Republic of Korea’s targeting macOS. Read More HERE…
On Wednesday, NVIDA released updates to fix a critical vulnerability in its NVIDIA Container Toolkit, which, if exploited, could put a wide range of AI infrastructure and underlying data/secrets at risk. Read More HERE…
On Wednesday, NVIDIA released updates to fix a critical vulnerability in its NVIDIA Container Toolkit, which, if exploited, could put a wide range of AI infrastructure and underlying data/secrets at risk. Read More HERE…
On Wednesday, NVIDA released updates to fix a critical vulnerability in its NVIDIA Container Toolkit, which, if exploited, could put a wide range of AI infrastructure and underlying data/secrets at risk. Read More HERE…
Our research reveals two significant vulnerabilities in Microsoft Azure Private 5G Core (AP5GC). The first vulnerability (CVE-2024-20685) allows a crafted signaling message to crash the control plane, leading to potential service outages. The second (ZDI-CAN-23960) disconnects and replaces attached base stations, disrupting network operations. While these issues are implementation-specific, their exploitation is made possible by a systemic weakness: the lack of mandatory authentication procedures between base stations and packet-cores. Read More HERE…
In this blog entry, we provide an analysis of the recent remote code execution attacks related to Progress Software’s WhatsUp Gold that possibly abused the vulnerabilities CVE-2024-6670 and CVE-2024-6671. Read More HERE…
A technical analysis on how CVE-2023-22527 can be exploited by malicious actors for cryptojacking attacks that can spread across the victim’s system. Read More HERE…