ClamAV ClamD Service
SonicWall Capture Labs Threat Research Team became aware of the ClamAV VirusEvent command injection vulnerability (CVE-2024-20328), assessed its impact, and developed mitigation measures for the vulnerability. ClamAV is a notable, open-source anti-virus engine, widely recognized […]
New LockXX Ransomware Targets Users Who Speak Standard Chinese, English
Overview This week, the SonicWall Capture Labs threat research team analyzed a ransomware targeting users who speak English and Standard Chinese. Its behavior is typical of ransomware – it encrypts the user’s files and provides […]
Microsoft Security Bulletin Coverage for February 2024
Overview Microsoft’s February 2024 Patch Tuesday has 72 vulnerabilities – 30 of which are Remote Code Execution. The vulnerabilities can be classified into the following categories: 30 Remote Code Execution Vulnerabilities 17 Elevation of Privilege […]
Wessy Ransomware Bears Striking Similarities to Uransomware
The SonicWall Capture Labs threat research team has been tracking ransomware that encrypts files and claims to charge only $100 for file retrieval. It is written in .NET and obfuscated using Ezirizs .NET Reactor. However, […]
Ivanti Server-Side Request Forgery to Auth-Bypass
Overview Ivanti disclosed a couple more vulnerabilities — server-side request forgery (CVE-2024-21893) and a privilege escalation (CVE-2024-21888) vulnerability. This disclosure comes only a few weeks after confirming an exploit chain impacting Ivanti Connect Secure and […]
Atlassian’s Confluence Server Unauthenticated Remote Code...April 19, 2024 - 2:24 pm
SonicWall DPI-SSL: Encryption Has Met Its MatchApril 10, 2024 - 3:48 pm- Microsoft Security Bulletin Coverage for April 2024April 9, 2024 - 1:18 pm
Patch Tuesday: Which Vulnerabilities Really Need Priori...April 8, 2024 - 11:36 am
This post is also available in: Portuguese (Brazil) French German Japanese Korean Spanish