Threat & Research Team Blog
Unveiling GrimResource: The Latest Microsoft Management Console Exploit for Initial Access and Evasion
Discover how the GrimResource technique exploits Microsoft Management Console (MMC) files, enabling attackers to execute arbitrary code with minimal detection.
Ransomware Exploits VMware ESXi Vulnerabilities
Ransomware attacks targeting VMware ESXi infrastructure have exhibited a predictable yet alarming pattern, highlighting the vulnerabilities and misconfigurations inherent in virtualization platforms. Despite the varied nature of the ransomware deployed, the sequence of attacks remains consistent, making ESXi a lucrative target for cybercriminals.
Recent Exploits Target Citrix and VMware Vulnerabilities
Critical ownCloud Vulnerability Exposes Admin Passwords – Actively Exploited by Hackers
OwnCloud, a popular open-source file-sharing application, is grappling with a critical security crisis, as revealed in three security bulletins. The most severe flaw, CVE-2023-49103, scored a maximum CVSS v3 rating of 10, potentially exposing sensitive information, including admin passwords, mail server credentials, and license keys.
![Active Exploitation of Critical Security Flaws in F5's BIG-IP Software [ CVE-2023-46747]](https://images.squarespace-cdn.com/content/v1/6059ef5d59f1411908292205/1701065713843-PT3CBV8I7KWPRVLSNOH6/Copy+of+Add+a+heading%281%29.png)
Active Exploitation of Critical Security Flaws in F5's BIG-IP Software [ CVE-2023-46747]
This vulnerability may allow an unauthenticated attacker with network access to the BIG-IP system through the management port and/or self IP addresses to execute arbitrary system commands. There is no data plane exposure; this is a control plane issue only.
Threat to Traders: WinRAR Zero-Day Vulnerability Exploited (CVE-2023-38831)
Hackers are exploiting a previously unknown flaw in WinRAR, a trusted software commonly used for file storage on Windows-based systems. This vulnerability allows them to target traders and steal their digital funds.
MOVEit Transfer Critical Vulnerability Discovered – Patch Now
A critical vulnerability has been found in Progress MOVEit Transfer, posing a significant risk of unauthorized access and elevated privileges through SQL injection. The impact of this vulnerability has been felt across various sectors, including government, finance, media, aviation, and healthcare. The severity of the situation is highlighted by reports of data theft and exfiltration from prominent organizations within these industries.
