|
Agent Tesla Malware Attack
FortiGuard Labs captured a phishing campaign that spreads a new Agent Tesla variant. This well-known malware family uses a .Net-based Remote Access Trojan (RAT) and data stealer to gain initial access by exploiting vulnerabilities Microsoft Office vulnerabilities CVE-2017-11882 and CVE-2018-0802. The Agent Tesla core module can collect sensitive information from the victim's device that may include the saved credentials, keylogging information, and device screenshots. |
Zoho ManageEngine RCE Vulnerability
Multiple Zoho ManageEngine on-premise products, such as ServiceDesk Plus, Password Manager Pro and ADSelfService Plus, allow remote code execution due to the usage of an outdated third party dependency, Apache Santuario. Successful exploitation could lead to remote code execution and evidence of exploitation in the wild by Advanced Persistent Threat (APT) Groups. |
Apache RocketMQ Remote Command Execution Vulnerability
RocketMQ versions 5.1.0 and below are vulnerable to Arbitrary Code Injection. Broker component of RocketMQ is leaked on the extranet and lack permission verification. An attacker can exploit this vulnerability by using the update configuration function to execute commands or by forging the RocketMQ protocol content. CVE-2023-33246 is reportedly being exploited in the wild. Additionally, proof-of-concept (PoC) code is publicly available. |
| Distributed by aarss.com. |
|
|
|
|
Internet Security Related News
|
|