North Korean-Backed Group’s Sparks X_Trader Supply Chain Attack

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary The XTrader software supply chain attack affected at least a number of critical infrastructure entities in the United States and Europe. To receive real-time threat advisories, please follow HiveForce La...

Lazarus X_TRADER Hack Impacts Critical Infrastructure Beyond 3CX Breach

Lazarus, the prolific North Korean hacking group behind the cascading supply chain attack targeting 3CX, also breached two critical infrastructure organizations in the power and energy sector and two other businesses involved in financial trading using the trojanized XTRADER application. The new...

Trading Technologies X_TRADER unblock_proxy_site Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trading Technologies XTRADER. Authentication is not required to exploit this vulnerability. The specific flaw exists within the messaging daemon. The issue results from the lack of proper validation ...

Trading Technologies X_TRADER block_proxy_site Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trading Technologies XTRADER. Authentication is not required to exploit this vulnerability. The specific flaw exists within the messaging daemon. The issue results from the lack of proper validation ...

Trading Technologies X_TRADER remove_park Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trading Technologies XTRADER. Authentication is not required to exploit this vulnerability. The specific flaw exists within the messaging daemon. The issue results from the lack of proper validation ...