Novel Malicious code evasion method for AI/ML based detection
The SonicWall Capture Labs Threat Research team has observed Remcos RAT (Remote Access Trojan) being distributed by adding malicious code in existing open-source software. This appears to be an attempt to evade Security products which […]
Microsoft Security Bulletin Coverage for December 2023
SonicWall Capture Labs threat research team has analyzed and addressed Microsoft’s security advisories for the month of December 2023.
VMware vCenter DCERPC Dealloc Pointer Manipulation
Overview SonicWall Capture Labs Threat Research Team became aware of the threat CVE-2023-34048 (a vCenter Server out-of-bounds write vulnerability), assessed its impact, and developed mitigation measures for the vulnerability. VMware vCenter Server is a centralized […]
Splunk Remote Code Execution
Overview The SonicWall Capture Labs Threat Research team has observed attackers targeting a critical vulnerability affecting Splunk Enterprise. Splunk Enterprise does not safely sanitize extensible stylesheet language transformations (XSLT) that users supply. This means that […]
ownCloud GraphAPI Sensitive Data Exposure
Overview This week, the SonicWall Capture Labs Threat Research Team became aware of a disclosure of sensitive information vulnerability in ownCloud’s GraphAPI application, assessed its impact and developed mitigation measures for the vulnerability. ownCloud, an […]
MICROSOFT SECURITY BULLETIN COVERAGE FOR MAY 2024May 14, 2024 - 11:52 pm
RSAC 2024: Don’t Call It a Comeback, We’ve Been Here...May 14, 2024 - 2:15 pm
Experience Seamless Onboarding with SonicExpress 2.4.0May 14, 2024 - 12:04 pm- Remcos Is Pairing with PrivateLoader to Extend Its Capa...May 14, 2024 - 11:06 am
This post is also available in: Portuguese (Brazil) French German Japanese Korean Spanish