Unveiling the Past and Present of APT-K-47 Weapon: Asyncshell
#APT_K_47 #Asyncshell #CVE_2023–38831
https://medium.com/@knownsec404team/unveiling-the-past-and-present-of-apt-k-47-weapon-asyncshell-5a98f75c2d68

Infrastructure Analysis: LockBit 3.0 Ransomware Affiliates Exploit CVE 2023–4966 Citrix Bleed Vulnerability
#CVE_2023–4966 #LockBit #ShadowSyndicate
https://osintteam.blog/infrastructure-analysis-lockbit-3-0-799a4ff1ca59

As @iagox86 has pointed out for weeks now, the #Juniper RCE headlines on #CVE_2023-36844 and #CVE_2023_36845 consistently miss a pretty important point: All the known exploits land you in a restrictive BSD jail with no meaningful OS access. Rapid7 details one method for breakout in our analysis from early September, but oddly, nobody else seems to be acknowledging the caveat to exploitation (at least with known PoCs): https://attackerkb.com/topics/1PKX0CCXkX/cve-2023-36844/rapid7-analysis

Pew pew, full #Adobe #ColdFusion #RCE exploit chain and analysis for #CVE_2023-26359 and #CVE-2023-26360 via @stephenfewer https://attackerkb.com/topics/1iRdvtUgtW/cve-2023-26359/rapid7-analysis