The attacks evolved from simple vulnerability scans to intense exploitation attempts, with peaks of new payload types observed on specific dates (“July 7” and “July 29”). attempts emerged and target sensitive files like “unattended.xml” and “sysprep.xml,” which may contain credentials in plaintext. This flaw allowed attackers to read arbitrary files by manipulating the “InternalDir” and “InternalFile” parameters in ‘HTTP’ requests. Moreover, helpful insights into the lifecycle and exploitation patterns of a “high-profile vulnerability” in a widely-used “enterprise software product” are provided by this real-world data. In June 2024, SolarWinds’ “Serv-U” file transfer product was found to have a “critical path-traversal” vulnerability. The analysis also noted “broken” requests with typos or incorrect paths and creative guesses like “password.txt” on the administrator’s desktop. Besides this, the “Linux” systems were initially probed, and “Windows” became the primary target, according to the GreyNoise report. With years of experience under his belt in Cyber Security, he is covering Cyber Security News, technology and other news. Cyber Security News Is a Dedicated News Channel For Hackers And Security Professionals. The company gained fame following a significant supply chain attack in 2020, where hackers inserted malicious code into Orion updates, compromising the networks of over 30,000 clients. Get Latest Hacker News & Cyber Security Newsletters update Daily.
This Cyber News was published on cybersecuritynews.com. Publication date: Tue, 01 Oct 2024 11:40:19 +0000