Vendor

Apple

3 briefs RSS

CUPS Vulnerability Allows Local Privilege Escalation

A local attacker can exploit a vulnerability in CUPS to execute arbitrary program code with administrator privileges on Linux and macOS systems.

CUPS privilege-escalation linux macos

2r 1t 4d ago

medium advisory

RMM Domain DNS Queries from Non-Browser Processes

2 rules 75 IOCs

Detects DNS queries to commonly abused remote monitoring and management (RMM) or remote access software domains from non-browser processes, potentially indicating unauthorized remote access or command and control activity.

Elastic Defend +9 command-and-control rmm dns

2r 75i Jan 3, 2024

medium advisory

LSASS Loading Suspicious DLL

2 rules 2 TTPs 9 IOCs

Detection of LSASS loading an unsigned or untrusted DLL, which can indicate credential access attempts by malicious actors targeting sensitive information stored in the LSASS process.

Windows credential-access lsass dll-injection

2r 2t 9i Jan 3, 2024