Jenkins CLI Data Leak Vulnerability
Overview The SonicWall Capture Labs threat research team became aware of the Jenkins CLI (command-line-interface) arbitrary file read vulnerability, assessed its impact and developed mitigation measures for the vulnerability. Jenkins is a Java-based automation tool […]
Blackwood APT Group Has a New DLL Loader
Overview This week, the SonicWall Capture Labs threat research team analyzed a sample tied to the Blackwood APT group. This is a DLL that, when loaded onto a victim’s computer, will escalate privileges and attempt […]
Ivanti Authentication Bypass Vulnerability
Overview The SonicWall Capture Labs threat research team became aware of the Ivanti Connect Secure and Policy Secure Gateway authentication bypass vulnerability, assessed its impact and developed mitigation measures for the vulnerability. Ivanti Connect Secure, […]
GitLab Account Takeover
Overview The SonicWall Capture Labs threat research team became aware of an account takeover via password reset vulnerability in GitLab, assessed its impact and developed mitigation measures for the vulnerability. GitLab, an open-source code-sharing platform, […]
Dangerous New Diavol Ransomware
Overview The SonicWall Capture Labs threat research team has recently observed a new variant of Diavol ransomware. The ransomware executes its malicious activities by utilizing bitmap objects containing binary code and paired JPEG objects containing […]
Atlassian’s Confluence Server Unauthenticated Remote Code...April 19, 2024 - 2:24 pm
SonicWall DPI-SSL: Encryption Has Met Its MatchApril 10, 2024 - 3:48 pm- Microsoft Security Bulletin Coverage for April 2024April 9, 2024 - 1:18 pm
Patch Tuesday: Which Vulnerabilities Really Need Priori...April 8, 2024 - 11:36 am
This post is also available in: Portuguese (Brazil) French German Japanese Korean Spanish