Mirai Botnet aka Katana – Active IOCs

January 2, 2025

Multiple SolarWinds Products Vulnerabilities

January 2, 2025

CVE-2024-56512 – Apache NiFi Vulnerability

January 2, 2025

Severity

Low

Analysis Summary

CVE-2024-56512

Apache NiFi 1.10.0 to 2.0.0 lacked authorization checks for Parameter Contexts, Controller Services, and Parameter Providers during Process Group creation, allowing unauthorized access to components. This issue, affecting deployments with component-based policies, is resolved in version 2.1.0 by enforcing proper authorization checks.

Impact

Gain Access

Indicators of Compromise

CVE

CVE-2024-56512

Affected Vendors

Apache

Affected Products

Apache NiFi 1.10.0 to 2.0.0

Remediation

Refer to Apache Website for patch, upgrade, or suggested workaround information.

Apache Website

Rewterz Annual Threat Intelligence Report 2024 - Download Now

Rewterz Annual Threat Intelligence Report 2024 - Download Now

Platform

Managed Security Services

Managed Penetration Testing

Assess

Transform

Train

Respond

Resources

Local Privilege Escalation to Root via Sudo chroot in Linux

CoinMiner Malware – Active IOCs

Google Warns of Active Exploits Targeting Chrome V8 Vulnerability

Threat Insights

About Us

Our Leadership

CSR

Connect with Us

Mirai Botnet aka Katana – Active IOCs

Multiple SolarWinds Products Vulnerabilities

Severity

Low

Analysis Summary

Indicators of Compromise

CVE

Affected Vendors

Affected Products

Remediation