Microsoft Security Bulletin Coverage for February 2024

Overview Microsoft’s February 2024 Patch Tuesday has 72 vulnerabilities – 30 of which are Remote Code Execution. The vulnerabilities can be classified into the following categories: 30 Remote Code Execution Vulnerabilities 17 Elevation of Privilege […]

Wessy Ransomware Bears Striking Similarities to Uransomware

The SonicWall Capture Labs threat research team has been tracking ransomware that encrypts files and claims to charge only $100 for file retrieval.  It is written in .NET and obfuscated using Ezirizs .NET Reactor.  However, […]

Ivanti Server-Side Request Forgery to Auth-Bypass

Overview Ivanti disclosed a couple more vulnerabilities — server-side request forgery (CVE-2024-21893) and a privilege escalation (CVE-2024-21888) vulnerability. This disclosure comes only a few weeks after confirming an exploit chain impacting Ivanti Connect Secure and […]

Jenkins CLI Data Leak Vulnerability

Overview The SonicWall Capture Labs threat research team became aware of the Jenkins CLI (command-line-interface) arbitrary file read vulnerability, assessed its impact and developed mitigation measures for the vulnerability. Jenkins is a Java-based automation tool […]

Blackwood APT Group Has a New DLL Loader

Overview This week, the SonicWall Capture Labs threat research team analyzed a sample tied to the Blackwood APT group. This is a DLL that, when loaded onto a victim’s computer, will escalate privileges and attempt […]

This post is also available in: Portuguese (Brazil) French German Japanese Korean Spanish