Pager 13 - Senthorus Blog

Ivanti VPN Zero-Day Exploits: CVE-2023-46805 & CVE-2024-21887

Two Ivanti VPN zero-days enable remote code execution; Volexity links the attacks to UTA0178 and urges urgent patching and forensic investigation.

By Natacha Bakir

The Log4Shell Vulnerability

Log4Shell (CVE-2021-44228) is a critical flaw in Log4j 2 allowing remote code execution, affecting millions of systems worldwide.

By Rayan Annabi

CVE-2023-22518 and how it is used in recent Ransomware Attacks

CVE-2023-22518 allows remote attackers to reset Confluence servers and deploy ransomware; patching and backups are critical for defense.

By Leo Duntze

CVE-2020-1472 - Zerologon

Zerologon (CVE-2020-1472) is a critical flaw allowing attackers to gain domain admin access via Netlogon by exploiting weak AES encryption.

By Leo Duntze

Malware Analysis Report

Cloud Snooper Threat Report

Read the full "Cloud Snooper Threat Report" PDF to learn more about this threat.

By Natacha Bakir