CVE-2023-36553: Command Injection Vulnerability in FortiSIEM
Fortinet, a major cybersecurity company, recently published an advisory regarding a critical vulnerability affecting its FortiSIEM Report Server. Background: The […]
DarkCasino: A New Emerging APT Threat Exploiting a WinRAR Flaw
NSFOCUS researchers examined the DarkCasino attack pattern, which exploited the WinRAR zero-day vulnerability identified as CVE-2023-38831. The financially motivated APT […]
Critical Vulnerability Patched in SAP Business One Product
SAP, a well-known commercial software provider, has disclosed three new vulnerabilities in its Security Patch Day release for November 2023. […]
Exploitation of Apache ActiveMQ Vulnerability CVE-2023-46604
Rapid7 Managed Detection and Response (MDR) found potential exploitation of Apache ActiveMQ CVE-2023-46604 in two distinct customer scenarios on Friday, […]
CVE-2023-4966 (Citrix Bleed) Active Exploitation
Citrix published a security bulletin on October 10, 2023, regarding a vulnerability (CVE-2023-4966) that affects the NetScaler ADC and NetScaler […]
CVE-2023-46747: Critical Authentication Bypass Vulnerability in F5 BIG-IP
BIG-IP, a comprehensive portfolio of hardware platforms and software solutions from F5 Networks, focuses on security, dependability, and performance. These […]
Leveraging DETT&CT Framework
Building detection is a difficult task, particularly with an increasing number of data sources. It might be challenging for detection […]