SANS Stormcast Tuesday Mar 11th: Shellcode as UUIDs; Moxe Switch Vuln Updates; Opentext Vuln; Livewire Volt Vuln;
04:59 Share

Shellcode Encoded in UUIDs Attackers are using UUIDs to encode Shellcode. The 128 Bit (or 16 Bytes) encoded in each UUID are converted to shell code to implement a cobalt strike beacon https://isc.sans.edu/diary/Shellcode%20Encoded%20in%20UUIDs/31752) Moxa CVE-2024-12297 Expanded to PT Switches Moxa in January first releast an update to address a fronted authorizaation logic disclosure vulnerability. It now updated the advisory and included the PT series switches as vulenrable. https://www.moxa.com/en/support/product-support/security-advisory/mpsa-241408-cve-2024-12297-frontend-authorization-logic-disclosure-vulnerability-identified-in-pt-switches) Opentext Insufficently Protected Credentials https://portal.microfocus.com/s/article/KM000037455?language=en_US) Livewire Volt API vulnerability https://github.com/livewire/volt/security/advisories/GHSA-v69f-5jxm-hwvv)