Jenkins Servers in Korea With Exposed Vulnerabilities (CVE-2024-23897, CVE-2024-43044)
Vulnerabilities

Jenkins Servers in Korea With Exposed Vulnerabilities (CVE-2024-23897, CVE-2024-43044)

Multiple vulnerabilities were announced for Jenkins, a widely used development tool, and some of them are being exploited in actual attacks. It was also found that most Jenkins servers in Korea were exposed to these vulnerabilities. The CVE-2024-23897 vulnerability disclosed earlier this year allows unauthenticated users to read arbitrary files

  • Sep 03 2024
Android Malware & Security Issue 5st Week of August, 2024
Mobile

Android Malware & Security Issue 5st Week of August, 2024

ASEC Blog publishes “Android Malware & Security Issue 5st Week of August, 2024”

  • Aug 30 2024
Ransom & Dark Web Issues Week 2, July 2024
Darkweb

Ransom & Dark Web Issues Week 2, July 2024

ASEC Notes publishes Ransom & Dark Web Issues Week 2, July 2024     

  • Jul 11 2024
Ransom & Dark Web Issues Week 1, July 2024
Darkweb

Ransom & Dark Web Issues Week 1, July 2024

ASEC Notes publishes Ransom & Dark Web Issues Week 1, July 2024      

  • Jul 04 2024
Ransom & Dark Web Issues Week 4, Jun 2024
Darkweb

Ransom & Dark Web Issues Week 4, Jun 2024

ASEC Notes publishes Ransom & Dark Web Issues Week 4, Jun 2024      

  • Jun 27 2024
Ransom & Dark Web Issues Week 3, Jun 2024
Darkweb

Ransom & Dark Web Issues Week 3, Jun 2024

ASEC Notes publishes Ransom & Dark Web Issues Week 3, Jun 2024        

  • Jun 20 2024
Ransom & Dark Web Issues Week 2, Jun 2024
Darkweb

Ransom & Dark Web Issues Week 2, Jun 2024

ASEC Notes publishes Ransom & Dark Web Issues Week 2, Jun 2024      

  • Jun 13 2024
Ransom & Dark Web Issues Week 1, Jun 2024
Darkweb

Ransom & Dark Web Issues Week 1, Jun 2024

ASEC Notes publishes Ransom & Dark Web Issues Week 1, Jun 2024      

  • Jun 05 2024
Microsoft Office Outlook Vulnerability (CVE-2023-23397) Appearance and Manual Measure Guide
Vulnerabilities

Microsoft Office Outlook Vulnerability (CVE-2023-23397) Appearance and Manual Measure Guide

AhnLab Security Emergency response Center (ASEC) recently published a notice about a Microsoft Office Outlook vulnerability. Warning for Microsoft Office Outlook Privilege Escalation Vulnerability (CVE-2023-23397)   CVE-2023-23397 is a vulnerability that leaks a user’s account credentials upon receiving an email and triggering a notification. The stolen information includes the ‘NTLM’

  • Mar 23 2023
PlugX Malware Being Distributed via Vulnerability Exploitation
Malware Vulnerabilities

PlugX Malware Being Distributed via Vulnerability Exploitation

ASEC (AhnLab Security Emergency response Center) has recently discovered the installation of the PlugX malware through the Chinese remote control programs Sunlogin and Awesun’s remote code execution vulnerability. Sunlogin’s remote code execution vulnerability (CNVD-2022-10270 / CNVD-2022-03672) is still being used for attacks even now ever since its exploit code was

  • Mar 03 2023