0day Archives

Memory Forensics

Detecting Compromise of CVE-2024-3400 on Palo Alto Networks GlobalProtect Devices

May 15, 2024

Volexity Threat Research

Last month, Volexity reported on its discovery of zero-day, in-the-wild exploitation of CVE-2024-3400 in the GlobalProtect feature of Palo Alto Networks PAN-OS by a threat actor Volexity tracks as UTA0218. Palo […]

Threat Intelligence

Zero-Day Exploitation of Unauthenticated Remote Code Execution Vulnerability in GlobalProtect (CVE-2024-3400)

April 12, 2024

Volexity Threat Research

Volexity would like to thank Palo Alto Networks for their partnership, cooperation, and rapid response to this critical issue. Their research can be found here. On April 10, 2024, Volexity […]

Threat Intelligence

Mass Exploitation of (Un)authenticated Zimbra RCE: CVE-2022-27925

August 10, 2022

Volexity Threat Research

[Note: Volexity has reported all findings in this post to Zimbra. Where an existing contact was known, Volexity has notified local CERTs of compromised Zimbra instances in their constituency. The […]

Threat Intelligence

Zero-Day Exploitation of Atlassian Confluence

June 2, 2022

Andrew Case, Sean Koessel, Steven Adair, Tom Lancaster, and Volexity Threat Research

UPDATE: On June 3, 2022, Atlassian updated its security advisory with new information regarding a fix for Confluence Server and Data Center to address CVE-2022-26134. Users are encouraged to update immediately to […]

Threat Intelligence

Operation EmailThief: Active Exploitation of Zero-day XSS Vulnerability in Zimbra

February 3, 2022

Steven Adair and Tom Lancaster

[UPDATE] On February 4, 2022, Zimbra provided an update regarding this zero-day exploit vulnerability and reported that a hotfix for 8.8.15 P30 would be available on February 5, 2022. This vulnerability […]