All / Spotlight / Malware / Ransomware / Intrusions By DateAlphabetical VMware vCenter DCERPC Dealloc Pointer Manipulati ... December 7, 2023 Overview SonicWall Capture Labs Threat Research Team became aware of the threat CVE-2023-34048 (a vCenter Server out-of-bounds write vulnerability), assessed its impact, and d … Splunk Remote Code Execution December 7, 2023 Overview The SonicWall Capture Labs Threat Research team has observed attackers targeting a critical vulnerability affecting Splunk Enterprise. Splunk Enterprise does not safe … ownCloud GraphAPI Sensitive Data Exposure November 30, 2023 Overview This week, the SonicWall Capture Labs Threat Research Team became aware of a disclosure of sensitive information vulnerability in ownCloud’s GraphAPI application, ass … The Unseen Layers: Exploring the Tactics of Mult ... November 27, 2023 OVERVIEW Recently, the SonicWall Capture Labs Threat Research team has identified a new .NET Packer that is currently being widely used by the various stealers such as Lokibot … SysAid Path Traversal Vulnerability November 21, 2023 Overview SonicWall Capture Labs Threat Research Team became aware of the SysAid path traversal vulnerability, assessed its impact and developed mitigation measures for the vul … Malicious LNK Files Use PowerShell to Deliver Pa ... November 18, 2023 Overview This week, the Sonicwall Capture Labs Research team has observed an increase in shortcut-based (LNK) malware. These seemingly legitimate LNK files execute PowerShell … Microsoft Security Bulletin Coverage for Novembe ... November 15, 2023 SonicWall Capture Labs threat research team has analyzed and addressed Microsoft’s security advisories for the month of November 2023. AgentTesla Updates Its Infection Chain November 9, 2023 The SonicWall Capture Labs Threat Research team has observed AgentTesla infostealer being deployed using image(.jpg) files for last few months. We have observed multiple ZIP f … Apache ActiveMQ Remote Code Execution November 9, 2023 Overview The SonicWall Capture Labs Threat Research team has observed attackers targeting a critical vulnerability affecting Apache ActiveMQ allowing a remote attacker with ne … Payola ransomware operator demands remote access ... November 3, 2023 The Sonicwall threat research team have recently been tracking a new ransomware family called Payola. This family of ransomware appeared in late August 2023. It is written in … Sunhillo SureLine Command Injection Vulnerabilit ... November 3, 2023 Sunhillo SureLine versions before 8.7.0.1.1 contain an unauthenticated OS command injection vulnerability through the ipAddr or dnsAddr parameters within the networkDiag.cgi s … Citrix Bleed: Leaking Session Tokens Vulnerabili ... October 26, 2023 Overview SonicWall Capture Labs Threat Research Team became aware of the threat Citrix Bleed, assessed its impact and developed mitigation measures for the vulnerability. Citr …