GitLab XSS Via Autocomplete Results
Overview The SonicWall Capture Labs threat research team became aware of a cross-site scripting vulnerability in GitLab, assessed its impact and developed mitigation measures. GitLab, an open-source code-sharing platform, published an advisory on this vulnerability […]
SonicWall at RSAC 2024: The Art of the Platform
The RSA Conference is the epicenter where the industry’s brightest minds gather, foster enlightening discussions, and unveil groundbreaking solutions to elevate your organization. During this year’s conference, which runs from May 6-9, we’ll be at […]
Analysis of Native Process CLR Hosting Used by AgentTesla
Overview SonicWall Capture Labs threat research team has observed fileless .Net managed code injection in a native 64-bit process. Native code or unmanaged code refers to low-level compiled code such as C/C++. Managed code refers […]
HydraCrypt Ransomware Targets Brazil and Charges $5,000 for Decryption
Overview The SonicWall Capture Labs threat research team has recently been tracking ransomware known as HydraCrypt. HydraCrypt originates from the CryptBoss ransomware family and was first seen in early 2016. The sample that we analyzed […]
Atlassian’s Confluence Server Unauthenticated Remote Code Execution
Overview The SonicWall Capture Labs threat research team became aware of a noteworthy vulnerability—an Unauthenticated Template Injection —in Atlassian Confluence platforms, assessed its impact and developed mitigation measures for it. Atlassian’s Confluence Server and Data […]
This post is also available in: Portuguese (Brazil) French German Japanese Korean Spanish Chinese (Simplified)