Vendor
critical
advisory
ConnectWise ScreenConnect Path Traversal Vulnerability (CVE-2024-1708)
2 rules 1 TTP 1 CVECVE-2024-1708 is a path traversal vulnerability in ConnectWise ScreenConnect that could allow an attacker to execute remote code or directly impact confidential data and critical systems.
ScreenConnect
path-traversal
remote-code-execution
cve-2024-1708
connectwise
2r
1t
1c
medium
advisory
Suspicious DNS Queries to RMM Domains from Non-Browser Processes
2 rulesDetection of DNS queries to remote monitoring and management (RMM) domains from non-browser processes indicating potential misuse of legitimate remote access tools for command and control.
Elastic Endpoint +1
command-and-control
remote-access
windows
2r