z0Miner Exploits Korean Web Servers to Attack WebLogic Server
AhnLab SEcurity intelligence Center (ASEC) has found numerous cases of threat actors attacking vulnerable Korean servers. This post introduces one of the recent case in which the threat actor ‘z0Miner’ attacked Korean WebLogic servers. z0Miner was first introduced by Tencent Security, a Chinese Internet service provider. https://s.tencent.com/research/report/1170.html (This link is
Apache ActiveMQ Vulnerability (CVE-2023-46604) Continuously Being Exploited in Attacks
In November 2023, AhnLab Security Emergency response Center (ASEC) published a blog post titled “Circumstances of the Andariel Group Exploiting an Apache ActiveMQ Vulnerability (CVE-2023-46604)” [1] which covered cases of the Andariel threat group exploiting the CVE-2023-46604 vulnerability to install malware. This post not only covered attack cases of the
Netcat Attack Cases Targeting MS-SQL Servers (LOLBins)
ASEC (AhnLab Security Emergency response Center) has recently discovered the distribution of the Netcat malware targeting poorly managed MS-SQL servers. Netcat is a utility that allows users to send and receive data from specific destinations on a network connected by the TCP/UDP protocol. Due to its various features and ability
