Bitter APT – Active IOCs

November 20, 2024

An Emerging Ducktail Infostealer – Active IOCs

November 20, 2024

CVE-2024-51503 – Trend Micro Deep Security Agent Zero-Day Vulnerabilitiy

November 20, 2024

Severity

High

Analysis Summary

CVE-2024-51503

A security agent manual scan command injection vulnerability in the Trend Micro Deep Security 20 Agent could allow an attacker to escalate privileges and execute arbitrary code on an affected machine. In certain circumstances, attackers that have legitimate access to the domain may be able to remotely inject commands to other machines in the same domain.

Impact

Privilege Escalation
Code Execution

Indicators of Compromise

CVE

CVE-2024-51503

Affected Vendors

Trend Micro

Affected Products

Trend Micro Deep Security Agent 20.0

Remediation

Refer to Trend Micro Security Advisory for patch, upgrade, or suggested workaround information.

Trend Micro Security Advisory

Rewterz Annual Threat Intelligence Report 2024 - Download Now

Rewterz Annual Threat Intelligence Report 2024 - Download Now

Platform

Managed Security Services

Managed Penetration Testing

Assess

Transform

Train

Respond

Resources

Local Privilege Escalation to Root via Sudo chroot in Linux

CoinMiner Malware – Active IOCs

Google Warns of Active Exploits Targeting Chrome V8 Vulnerability

Threat Insights

About Us

Our Leadership

CSR

Connect with Us

Bitter APT – Active IOCs

An Emerging Ducktail Infostealer – Active IOCs

Severity

High

Analysis Summary

Indicators of Compromise

CVE

Affected Vendors

Affected Products

Remediation