Adobe Commerce Unauthorized XXE Vulnerability
Overview The SonicWall Capture Labs threat research team became aware of an XML External Entity Reference vulnerability affecting Adobe Commerce and Magento Open Source. It is identified as CVE-2024-34102 and given a critical CVSSv3 score […]
The Hidden Danger of PDF Files with Embedded QR Codes
The SonicWall Capture Labs threat research team has been observing PDF files with QR codes being abused by malware authors to deceive users for a long time. QR codes are increasingly popular due to their […]
High-Risk Path Traversal in SolarWinds Serv-U
Overview The SonicWall Capture Labs threat research team became aware of a path traversal vulnerability in SolarWinds Serv-U, assessed its impact and developed mitigation measures. Serv-U server is a solution that provides a secure file […]
New Orcinius Trojan Uses VBA Stomping to Mask Infection
Overview This week, the SonicWall Capture Labs threat research team investigated a sample of Orcinius malware. This is a multi-stage trojan that is using Dropbox and Google Docs to download second-stage payloads and stay updated. […]
A Deep Dive Into DarkME Rat Malware
DarkMe RAT steals information from victims’ machines and responds to various commands received from its Command and Control (C&C) server. A spike in distributing DarkMe RAT was observed in February 2024, exploiting the zero-day (CVE-2024-21412) […]
SonicWall 2024 Mid-Year Cyber Threat Report: IoT Madness,...July 23, 2024 - 11:14 am
Something Phishy This Way Comes: How the SonicWall SOC Proactively...July 23, 2024 - 8:54 am
SonicWall Elevates MSP Platform with Cloud Secure Edge ...July 18, 2024 - 8:05 am
Critical Splunk Vulnerability CVE-2024-36991: Patch Now...July 17, 2024 - 1:36 pm
This post is also available in: Portuguese (Brazil) French German Japanese Korean Spanish