Threat Actor Exploits Flaws and Uses Elastic Cloud SIEM to Manage Stolen Data
Huntress researchers uncover campaign exploiting vulnerabilities to steal data using Elastic Cloud as a data hub
Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.
Search across headline titles and summaries.
Weekly headline count for the current query.
Huntress researchers uncover campaign exploiting vulnerabilities to steal data using Elastic Cloud as a data hub
Technical details and a public exploit have been published for a critical vulnerability affecting Fortinet's Security Information and Event Management (SIEM) solution that could be leveraged by a remote, unauthenticated attacker to execute commands or code. [...]
Modular Mirai Malware Code Strikes AgainNo fewer than two separate Mirai botnets are on the hunt for unpatched servers hosting open source SIEM solution Wazuh, an unusual variation of hackers' typical focus on Internet of Things devices for stringing together infected computers. Akamai dates the first campaign to March, the other to May.
Corporate admins should patch the max-severity CVE-2024-23108 immediately, which allows unauthenticated command injection.
Security researchers have released a proof-of-concept (PoC) exploit for a maximum-severity vulnerability in Fortinet's security information and event management (SIEM) solution, which was patched in February. [...]