The new DSLog backdoor allows threat actors to execute commands on compromised Ivanti servers remotely, and Orange Cyberdefense has confirmed its successful exploitation.
RustDoor has various commands to control compromised systems, exfiltrate data, and establish persistence, and it has been distributed under multiple names while remaining undetected for at least three months.
The vulnerability, found in the software’s web-based management interface, allows attackers to execute commands on the underlying operating system by uploading arbitrary files.
Attackers can exploit these vulnerabilities to execute commands on vulnerable NameServer components of RocketMQ, highlighting the importance of upgrading to version 5.1.2/4.9.7 or above to mitigate the risk.
The leadership of U.S. Cyber Command’s key digital warfighting force will officially change hands on Friday, Recorded Future News has learned. Marine Corps Maj. Gen. Lorna Mahlock will assume command of the Cyber National Mission Force (CNMF) during a change of command ceremony at Fort Meade, Maryland. She will succeed Army Maj. Gen. William Hartman, […]
The first vulnerability, tracked as CVE-2023-23368, allows remote attackers to execute commands via a network. The second vulnerability, identified as CVE-2023-23369, can also be exploited by remote attackers.
The flaw, known as CVE-2023-46604, allows attackers to execute arbitrary shell commands by exploiting the serialized class types in the OpenWire protocol. The issue affects several versions of Apache ActiveMQ, but patches have been released.
The vulnerability, which affects CER version 12.5(1)SU4, could be exploited to execute arbitrary commands as the root user. Admins are urged to update their vulnerable installations promptly, as there are no temporary workarounds available.
Today, CISA, Federal Bureau of Investigation (FBI), and U.S. Cyber Command’s Cyber National Mission Force (CNMF) published a joint Cybersecurity Advisory (CSA), Multiple Nation-State Threat Actors Exploit CVE-2022-47966 and CVE-2022-42475. This CSA provides information on an incident at an Aeronautical Sector organization, with malicious activity occurring as early as January 2023. CISA, FBI, and CNMF […]