Severity High Analysis Summary APT-C-35 (also known as “Donot APT Group”) is a cyber espionage group that has been active since at least 2013. The group […]

Severity High Analysis Summary AsyncRAT is an open-source tool designed for remote monitoring via encrypted connections. However, it could be utilized by threat actors as it […]

Severity Medium Analysis Summary CVE-2023-24890 CVSS:6.5 Microsoft OneDrive for iOS could allow a remote authenticated attacker to bypass security restrictions. An attacker could exploit this vulnerability […]

Severity High Analysis Summary CVE-2023-23389 Microsoft Defender could allow a local authenticated attacker to gain elevated privileges on the system. By winning a race condition, an […]

Severity Medium Analysis Summary CVE-2023-24921 CVSS:4.1 Microsoft Dynamics 365 (on-premises) is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote authenticated attacker […]

Severity Low Analysis Summary CVE-2023-23395 Microsoft SharePoint could allow a remote attacker to conduct phishing attacks, caused by an open redirect vulnerability. An attacker could exploit […]

Severity Medium Analysis Summary CVE-2023-23397 Microsoft Outlook could allow a remote attacker to conduct spoofing attacks. Impact Indicators Of Compromise CVE Affected Vendors Microsoft Affected Products […]

Severity High Analysis Summary CVE-2023-24859 CVSS:7.5 Microsoft Excel is vulnerable to a denial of service, caused by a flaw in the Internet Key Exchange (IKE) Extension. […]

Severity High Analysis Summary CVE-2023-23384 Microsoft SQL Server could allow a remote attacker to execute arbitrary code on the system. By sending a specially-crafted request, an […]