Security Advisory – Kudelski Security Research

3CX Supply Chain Attack ‘SmoothOperator’

March 30, 2023 KS Threat Research

Written by Anton Jörgensson, Eric Dodge & Yann Lehmann of the Kudelski Security Threat Detection & Research Team Updated on April 5th. We may update

CVE-2023-23397 – Microsoft Outlook Privilege Elevation Critical Vulnerability

March 15, 2023 KS Threat Research

Written by Lina Jiménez Becerra, Anton Jörgensson and Mark Stueck of the Kudelski Security Threat Detection & Research Team CVE-2023-23397: Ability to exploit an Elevation

Ransomware as a Service – Nevada Ransomware campaign targeting VMWare ESXi servers

February 9, 2023 KS Threat Research

Written by Michal Nowakowski of the Kudelski Security Threat Detection & Research Team UPDATE – February 14th 2023 After the first wave of ESXiArgs ransomware

Linux Kernel ksmbd Remote Code Execution Vulnerability

December 22, 2022 Francisco Donoso

Note: This bulletin was written by Eric Dodge of the Kudelski Security Threat Detection & Research Team Summary The Zero Day Initiative (ZDI) recently disclosed

Active exploitation of Citrix ADC and Gateway Critical Remote Code Execution Vulnerability by Suspected Chinese APT5 (CVE-2022-27518)

December 15, 2022 KS Threat Research

Written by Harish Segar of the Kudelski Security Threat Detection & Research Team Summary On December 13, 2022, The U.S. National Security Agency (NSA) release

SPNEGO NEGOEX: Critical Pre-Authentication RCE Vulnerability in Modern Microsoft Windows Operating Systems (CVE-2022-37958)

December 14, 2022 KS Threat Research

Written by Mark Stueck of the Kudelski Security Threat Detection & Research Team Summary On Tuesday, December 13th, Microsoft reclassified a previously acknowledged information disclosure

1 2 3 »