Unveiling Apache ActiveMQ Vulnerability: Understanding CVE-2023-46604 and Securing Your Environment
Introduction Apache ActiveMQ prior to versions 5.15.16, 5.16.7, 5.17.6 and 5.18.3 are vulnerable to Remote Code Execution (RCE) in the Java OpenWire protocol marshaller (CVE-2023-46604). [3] This vulnerability may allow a remote attacker with network access to either a Java-based OpenWire broker or client to run arbitrary shell commands by manipulating serialized class types in […]
Securing Networks: Real-Time Base64 Keyword Detection with Fidelis Elevate
Summary Exfiltrated sensitive data can be difficult to discover by analyzing network traffic in real-time if it is first base64 encoded by attackers. It is typically not possible to attempt to identify and decode all possible base64 sequences from network traffic unless the encoding is specified in the protocol context. This hampers direct detection mechanisms […]