BlackCat Incorporates ‘Munchkin’ into Its Arsenal
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary The BlackCat ransomware group has introduced a new tool called ‘Munchkin’ in its operations. This tool employs virtual machines (VMs) to stealthily deploy encryptors on network devices. Munchkin allows the BlackCat …
Revealing DarkGate’s Incursion Across Continents
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary A potential threat actor has been using compromised Skype and Microsoft Teams accounts to distribute DarkGate, a problematic loader campaign primarily targeting the Americas region. To receive real-time threat advisories, please …
ShellBot Malware Evades Detection Using Hexadecimal IP Addresses
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary ShellBot malware, targeting poorly managed Linux SSH servers, now employs hexadecimal IP addresses in its download URLs to evade detection. This change highlights the need for strong security measures and regular …
In-Depth Analysis of AvosLocker Ransomware
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary AvosLocker also known as Avos, is a ransomware-as-a-service that targets critical infrastructure organizations, primarily in the US, and has expanded to target both Windows and Linux systems. Its affiliates use legitimate …
Balada Injector A Large-Scale Malware Campaign Targeting WordPress
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary In September 2023, over 17,000 WordPress websites fell victim to a malware called Balada Injector. The substantial surge in attacks is linked to the exploitation of a recently disclosed security vulnerability …
Unraveling the Intricate Arsenal of Stayin’ Alive Campaign
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary In the October Patch Tuesday release, Microsoft addressed 103 flaws, including three actively exploited zero-day vulnerabilities. These patches cover critical and important vulnerabilities, a Chromium fix, and emphasize the end of …
Microsoft’s October 2023 Patch Tuesday Addresses Three Zero-day Vulnerabilities
Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary In the October Patch Tuesday release, Microsoft addressed 103 flaws, including three actively exploited zero-day vulnerabilities. These patches cover critical and important vulnerabilities, a Chromium fix, and emphasize the end of …
HTTP/2 Zero-Day Exploited for the Most Explosive DDoS Attacks
Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary A zero-day vulnerability in HTTP/2 has been actively exploited in August, introducing a novel DDoS technique referred as “Rapid Reset”. The attack, utilizing CVE-2023-44487, exploits a vulnerability within the HTTP/2 protocol …
Grayling APT Emerges as a Silent Threat Targeting Taiwan
Threat Level Actor Report For a detailed threat advisory, download the pdf file here Summary The Grayling APT group orchestrated a meticulously planned targeting campaign with a primary emphasis on espionage. Grayling set its sights on a government entity in the Asia-Pacific region, along with institutions situated …
GNOME Linux Systems Exposed to 1-Click RCE Attacks
Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary A new security vulnerability, known as CVE-2023-43641, has been identified in the libcue library. This library is utilized by Tracker Miners and is shipped along with the GNOME desktop environment. This …