CVE-2024-23449

An uncaught exception in Elasticsearch >= 8.4.0 and < 8.11.1 occurs when an encrypted PDF is passed to an attachment processor through the REST API. The Elasticsearch ingest node that at ...

Continue Reading
China-linked Hackers Deploy New ‘UNAPIMON’ Malware for Stealthy Operations

A threat activity cluster tracked as Earth Freybug has been observed using a new malware called UNAPIMON to fly under the radar. "Earth Freybug is a cyberthreat group that has been active sin ...

Continue Reading
VolWeb – A Centralized And Enhanced Memory Analysis Platform

VolWeb is a digital forensic memory analysis platform that leverages the power of the Volatility 3 framework. It is dedicated to aiding in investigations and incident responses. Objective The goal of ...

Continue Reading
Exploit for Embedded Malicious Code in Tukaani Xz

xz-vulnerable-honeypot An ssh honeypot with the XZ backdoor. CVE-2024-3094 TODO: hook the backdoor and/or sshd. log rsa keys for decryption. notes: - https://gist.github.com/smx-smx/a6112d54777845d389 ...

Continue Reading
Security Bulletin: Cross-Site scripting vulnerability in ESAPI may affect IBM Business Automation Workflow – IBM X-Force ID: 273485

Summary IBM Business Automation Workflow is vulnerable to a Cross-Site scripting attack. Vulnerability Details ** IBM X-Force ID: 273485 DESCRIPTION: **Enterprise Security API for Java is vulnerable ...

Continue Reading
BioTime Directory Traversal / Remote Code Execution Exploit

BioTime versions 8.5.5 and 9.0.1 suffer from directory traversal and file write vulnerabilities. This exploit also achieves remote code execution on version...Read More ...

Continue Reading
Earth Freybug Uses UNAPIMON for Unhooking Critical APIs

This article provides an in-depth look into two techniques used by Earth Freybug actors: dynamic-link library (DLL) hijacking and application programming interface (API) unhooking to prevent child pro ...

Continue Reading
Malicious code in pt-api-tools (npm)

-= Per source details. Do not edit below this line.=- Source: ghsa-malware (78627b7277f79f6b0febc6c2efde348085a7bf7363ebc2986ac5d3e2ce2329d1) Any computer that has this package installed or running sh ...

Continue Reading

Back to Main

Subscribe for the latest news: