#ExploitsAndVulnerabilities

Protecting Against RCE Attacks Abusing WhatsUp Gold Vulnerabilities

September 12, 2024 by Xynik

September 12, 2024 at 05:49AM Trend Micro researchers discovered remote code execution attacks on WhatsUp Gold leveraging the Active Monitor PowerShell Script since August 30. Exploiting vulnerabilities CVE-2024-6670 and CVE-2024-6671, the attacks persisted despite available patches, emphasizing the need for prompt patch application and proactive monitoring to prevent similar incidents. Mitigation steps include access control, … Read more

Cryptojacking via CVE-2023-22527: Dissecting a Full-Scale Cryptomining Ecosystem

August 28, 2024 by Xynik

August 28, 2024 at 01:04AM Malicious actors are exploiting the critical vulnerability CVE-2023-22527 to conduct cryptojacking attacks, leveraging methods such as shell scripts, XMRig miners, and targeting SSH endpoints. Atlassian has released a security advisory, recommending organizations to update their Confluence instances and implement security tools for defense. Regular patch management, network segmentation, security audits, … Read more