Rewterz

Rewterz Threat Alert – Mirai Botnet – Active IOCs

August 19, 2022
Rewterz

Rewterz Threat Advisory – CVE-2022-28757 – Zoom Client for Meetings for macOS Vulnerability

August 19, 2022

Rewterz Threat Advisory – CVE-2022-35278 – Apache ActiveMQ Artemis Vulnerability

Severity

Medium

Analysis Summary

CVE-2022-35278

Apache ActiveMQ Artemis is vulnerable to HTML injection. A remote attacker could inject malicious HTML code in the name of an address or queue in the web console, which when viewed, would be executed in the victim’s Web browser within the security context of the hosting site to show malicious content and/or redirect users to a malicious URL.

Impact

  • Data Manipulation

Indicators Of Compromise

CVE

  • CVE-2022-35278

Affected Vendors

Apache

Affected Products

Apache ActiveMQ Artemis 2.23.0

Remediation

Upgrade to the latest version of Apache ActiveMQ Artemis, available from the Apache Website.

Apache Website

Reading this advisory was a good start.

Make it a habit.

Rewterz publishes threat advisories ahead of mainstream cybersecurity media, informed by an AI-Native Autonomous SOC that sees regional threat actor activity in real time. Subscribe to receive each new advisory as it publishes, plus a monthly Middle East threat landscape brief drawn from our own SOC telemetry. For teams evaluating their detection coverage, a 30-minute consultation with a senior analyst is also available, at your pace, when you're ready.