Novel Msupedge backdoor deployed via patched PHP RCE exploit

21 August 2024

Infiltration of vulnerable systems via the security issue, which was addressed by PHP maintainers in early June, was followed by the deployment of Msupedge as a pair of dynamic link libraries, an analysis from Symantec’s Threat Hunter Team showed. With command-and-control communications facilitated by DNS traffic, Msupedge could enable the execution of several commands, including those involving file downloads, process creation, and temporary file management, researchers found.

Source: SC Magazine

Date:

21 August 2024

Categorie(s):

NEWS

Tag(s):

Novel, PHP, Programming, Programming Languages, Vulnerability Management

Will passkeys ever replace passwords? Can they?17 November 2024
How Ransomware Jeopardizes Healthcare Organizations17 November 2024
Are Identity Theft Protection Services Worth the Money? It’s Complicated17 November 2024
Week in review: Microsoft patches actively exploited 0-days, Amazon and HSBC employee data leaked17 November 2024
Google’s Gemini AI Chatbot Keeps Telling Users to Die16 November 2024