Researchers have sinkholed a command and control server for a variant of the PlugX malware and observed in six months more than 2.5 million connections from unique IP addresses.
Cisco warns of a command injection escalation flaw in its IMC. PoC publicly available Pierluigi Paganini April 18, 2024 Cisco has addressed a high-severity vulnerability in its Integrated Management Controller (IMC) for which publicly available exploit code exists. Cisco has addressed a high-severity Integrated Management Controller (IMC) vulnerability and is aware of a public exploit […]
Mar 29, 2024NewsroomVulnerability / Linux Details have emerged about a vulnerability impacting the “wall” command of the util-linux package that could be potentially exploited by a bad actor to leak a user’s password or alter the clipboard on certain Linux distributions. The bug, tracked as CVE-2024-28085, has been codenamed WallEscape by security researcher Skyler Ferrante. […]
Three vulnerabilities have been disclosed, including an authentication bypass, command injection, and SQL injection, with one allowing remote execution without authentication.
The vulnerabilities, CVE-2023-50358 and CVE-2023-47218, are command injection flaws in the QTS firmware, with potential for remote code execution, impacting a large number of devices globally.
A threat actor named “xc7d2f4” is allegedly selling remote command injection vulnerability for Cisco ASA. The threat actor has claimed that this vulnerability exists on all 55XX series of the Cisco Adaptive Security Appliance (ASA). The Cyber Express has reached out to Cisco to confirm the details of the alleged vulnerability exposure, but an official […]
Around 1,450 instances of pfSense, an open-source firewall and router software, are vulnerable to command injection and cross-site scripting flaws. These flaws, if exploited together, could allow attackers to execute remote code on the system.
The proxy trojan connects to a command and control server via DNS-over-HTTPS and supports creating TCP or UDP connections, indicating a sophisticated and wide-ranging campaign targeting multiple systems.
The botnet uses a domain generation algorithm (DGA) to connect with its command and control server and can be instructed to establish backconnect server connections, allowing infected devices to be used as proxy servers.
- 1
- 2