CVE-2024-41773

FBI: Androxgh0st malware botnet steals AWS, Microsoft credentials - CISA and the FBI warned today that threat actors using Androxgh0st malware are building a botnet focused on cloud credential theft and using the stolen information to deliver additional malicious payloads. First spotted by Lacework Labs in 2022, the ...
1 year ago Bleepingcomputer.com CVE-2017-9841 CVE-2021-41773 CVE-2018-15133

FBI: Beware of cloud-credential thieves building botnets The Register - Crooks are exploiting years-old vulnerabilities to deploy Androxgh0st malware and build a cloud-credential stealing botnet, according to the FBI and the Cybersecurity and Infrastructure Security Agency. In a joint warning issued on Tuesday, the US ...
1 year ago Go.theregister.com CVE-2017-9841 CVE-2018-15133 CVE-2021-41773

CISA: AWS, Microsoft 365 Accounts Under Active 'Androxgh0st' Attack - The FBI and the US Cybersecurity and Infrastructure Security Agency have issued an alert about a malware campaign targeting Apache webservers and websites using the popular Laravel Web application framework, leveraging known bugs for initial ...
1 year ago Darkreading.com CVE-2017-9841 CVE-2021-41773

AWS LetsEncrypt Lambda: Custom TLS Provider - DZone - Trying to renew ... INFO[0000] Checking certificate for domain 'hackernoon.referrs.me' with arn 'arn:aws:acm:us-east-2:004867756392:certificate/72f872fd-e577-43f4-ae38-6833962630af' INFO[0000] Certificate status is 'ISSUED' INFO[0000] Certificate in ...
6 months ago Feeds.dzone.com

Vulnerability Summary for the Week of March 11, 2024 - Published 2024-03-15 CVSS Score not yet calculated Source & Patch Info CVE-2021-47111416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67 PrimaryVendor - Product linux - linux Description In the ...
1 year ago Cisa.gov

Imperva Uncovers New IoCs for AndroxGh0st Botnet - On January 16, a joint alert from FBI and CISA warned about a concerning development: the emergence of a botnet driven by AndroxGh0st malware targeting vulnerable applications and web servers. RoxGh0st is a Python-based malware, first seen in late ...
1 year ago Imperva.com CVE-2021-41773 CVE-2018-15133 CVE-2019-6340

CVE-2024-41773 - IBM Global Configuration Management 7.0.2 and 7.0.3 could allow an authenticated user to archive a global baseline due to improper access controls. ...
8 months ago

US Gov Issues Warning for Androxgh0st Malware Attacks - The US cybersecurity agency CISA and the FBI have issued a joint advisory warning about the Androxgh0st malware creating a botnet to identify and target vulnerable networks. Written in Python, the agencies said the malware primarily targets. Env ...
1 year ago Securityweek.com CVE-2017-9841 CVE-2018-15133 CVE-2021-41773

Hackers Building AndroxGh0st Botnet to Target AWS, O365, Feds Warn - The bad actors behind the Androxgh0st malware are building a botnet they can use to identify victims and exploit vulnerable networks to steal confidential information from such high-profile cloud applications as Amazon Web Services, Microsoft Office ...
1 year ago Securityboulevard.com CVE-2017-9841 CVE-2018-15133 CVE-2021-41773

CVE-2021-42013 - It was found that the fix for CVE-2021-41773 in Apache HTTP Server 2.4.50 was insufficient. An attacker could use a path traversal attack to map URLs to files outside the directories configured by Alias-like directives. If files outside of these ...
1 year ago

CVE-2021-41773 - A flaw was found in a change made to path normalization in Apache HTTP Server 2.4.49. An attacker could use a path traversal attack to map URLs to files outside the directories configured by Alias-like directives. If files outside of these ...
2 months ago

CVE-2022-41773 - The affected product DIAEnergie (versions prior to v1.9.01.002) is vulnerable to a SQL injection that exists in CheckDIACloud. A low-privileged authenticated attacker could exploit this issue to inject arbitrary SQL queries. ...
2 years ago

CVE-2023-41773 - Layer 2 Tunneling Protocol Remote Code Execution Vulnerability ...
1 year ago

Vulnerability Summary for the Week of March 4, 2024 - Published 2024-03-06 CVSS Score not yet calculated Source & Patch Info CVE-2023-52584416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67 PrimaryVendor - ...
1 year ago Cisa.gov

CVE-2024-37051 - GitHub access token could be exposed to third-party sites in JetBrains IDEs after version 2023.1 and less than: IntelliJ IDEA 2023.1.7, 2023.2.7, 2023.3.7, 2024.1.3, 2024.2 EAP3; Aqua 2024.1.2; CLion 2023.1.7, 2023.2.4, 2023.3.5, 2024.1.3, 2024.2 ...
10 months ago Tenable.com

The Top 24 Security Predictions for 2024 - Welcome to the second installment of this comprehensive annual look at global cybersecurity industry predictions from the top security industry vendors, technology magazines, expert thought leaders and many more. Last week, in part one of The Top 24 ...
1 year ago Securityboulevard.com

CVE-2024-9256 - Addressed potential issues where the application could be exposed to a Use-After-Free vulnerability and crash when handling certain checkbox field objects, Doc objects, Annotation objects, or AcroForms, which attackers could exploit to execute remote ...
6 months ago Tenable.com

CVE-2024-9255 - Addressed potential issues where the application could be exposed to a Use-After-Free vulnerability and crash when handling certain checkbox field objects, Doc objects, Annotation objects, or AcroForms, which attackers could exploit to execute remote ...
6 months ago Tenable.com

CVE-2024-9254 - Addressed potential issues where the application could be exposed to a Use-After-Free vulnerability and crash when handling certain checkbox field objects, Doc objects, Annotation objects, or AcroForms, which attackers could exploit to execute remote ...
6 months ago Tenable.com

CVE-2024-9253 - Addressed potential issues where the application could be exposed to a Use-After-Free vulnerability and crash when handling certain checkbox field objects, Doc objects, Annotation objects, or AcroForms, which attackers could exploit to execute remote ...
6 months ago Tenable.com

CVE-2024-9252 - Addressed potential issues where the application could be exposed to a Use-After-Free vulnerability and crash when handling certain checkbox field objects, Doc objects, Annotation objects, or AcroForms, which attackers could exploit to execute remote ...
6 months ago Tenable.com

CVE-2024-9251 - Addressed potential issues where the application could be exposed to a Use-After-Free vulnerability and crash when handling certain checkbox field objects, Doc objects, Annotation objects, or AcroForms, which attackers could exploit to execute remote ...
6 months ago Tenable.com

CVE-2024-9250 - Addressed potential issues where the application could be exposed to a Use-After-Free vulnerability and crash when handling certain checkbox field objects, Doc objects, Annotation objects, or AcroForms, which attackers could exploit to execute remote ...
6 months ago Tenable.com

CVE-2024-9246 - Addressed potential issues where the application could be exposed to a Use-After-Free vulnerability and crash when handling certain checkbox field objects, Doc objects, Annotation objects, or AcroForms, which attackers could exploit to execute remote ...
6 months ago Tenable.com

CVE-2024-9243 - Addressed potential issues where the application could be exposed to a Use-After-Free vulnerability and crash when handling certain checkbox field objects, Doc objects, Annotation objects, or AcroForms, which attackers could exploit to execute remote ...
6 months ago Tenable.com