Written by Anton Jörgensson, Eric Dodge & Yann Lehmann of the Kudelski Security Threat Detection & Research Team Updated on April 5th. We may update
Author: KS Threat Research
CVE-2023-23397 – Microsoft Outlook Privilege Elevation Critical Vulnerability
Written by Lina Jiménez Becerra, Anton Jörgensson and Mark Stueck of the Kudelski Security Threat Detection & Research Team CVE-2023-23397: Ability to exploit an Elevation
CVE-2023-27532 – Veeam Backup & Replication Vulnerability Exposes Stored Credentials, No Auth Necessary
Written by Mark Stueck and Scott Emerson of the Kudelski Security Threat Detection & Research Team CVE-2023-27532: Unauthenticated Access to Cleartext Credentials Possible Through Veeam Backup
Ransomware as a Service – Nevada Ransomware campaign targeting VMWare ESXi servers
Written by Michal Nowakowski of the Kudelski Security Threat Detection & Research Team UPDATE – February 14th 2023 After the first wave of ESXiArgs ransomware
Active exploitation of Citrix ADC and Gateway Critical Remote Code Execution Vulnerability by Suspected Chinese APT5 (CVE-2022-27518)
Written by Harish Segar of the Kudelski Security Threat Detection & Research Team Summary On December 13, 2022, The U.S. National Security Agency (NSA) release
SPNEGO NEGOEX: Critical Pre-Authentication RCE Vulnerability in Modern Microsoft Windows Operating Systems (CVE-2022-37958)
Written by Mark Stueck of the Kudelski Security Threat Detection & Research Team Summary On Tuesday, December 13th, Microsoft reclassified a previously acknowledged information disclosure
Kudelski Security Research 