Found 2 bookmarks
Newest
CVE-2024-4978: Backdoored Justice AV Solutions Viewer Software Used in Apparent Supply Chain Attack | Rapid7 Blog
CVE-2024-4978: Backdoored Justice AV Solutions Viewer Software Used in Apparent Supply Chain Attack | Rapid7 Blog
Justice AV Solutions (JAVS) is a U.S.-based company specializing in digital audio-visual recording solutions for courtroom environments. According to the vendor’s website, JAVS technologies are used in courtrooms, chambers and jury rooms, jail and prison facilities, and council, hearing, and lecture rooms. Their company website cites over 10,000 installations of their technologies worldwide.
#rapid7#EN#2024#Backdoored#JusticeAV#US#CVE-2024-4978
·rapid7.com·
CVE-2024-4978: Backdoored Justice AV Solutions Viewer Software Used in Apparent Supply Chain Attack | Rapid7 Blog
Approximately 2000 Citrix NetScalers backdoored in mass-exploitation campaign
Approximately 2000 Citrix NetScalers backdoored in mass-exploitation campaign
Fox-IT (part of NCC Group) has uncovered a large-scale exploitation campaign of Citrix NetScalers in a joint effort with the Dutch Institute of Vulnerability Disclosure (DIVD). An adversary appears to have exploited CVE-2023-3519 in an automated fashion, placing webshells on vulnerable NetScalers to gain persistent access. The adversary can execute arbitrary commands with this webshell, even when a NetScaler is patched and/or rebooted. At the time of writing, more than 1900 NetScalers remain backdoored. Using the data supplied by Fox-IT, the Dutch Institute of Vulnerability Disclosure has notified victims.
#fox-it#EN#2023#CVE-2023-3519#citrix#NetScalers#backdoored
·blog.fox-it.com·
Approximately 2000 Citrix NetScalers backdoored in mass-exploitation campaign